npm - @nhost/nhost-js - Versions diffs - 4.1.0 → 4.2.0 - Mend

@nhost/nhost-js 4.1.0 → 4.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/nhost-js/auth.cjs.js.map +1 -1
package/dist/nhost-js/auth.es.js.map +1 -1
package/dist/nhost-js/storage.cjs.js +1 -1
package/dist/nhost-js/storage.cjs.js.map +1 -1
package/dist/nhost-js/storage.es.js +30 -12
package/dist/nhost-js/storage.es.js.map +1 -1
package/dist/nhost-js.umd.js +1 -1
package/dist/nhost-js.umd.js.map +1 -1
package/dist/src/auth/client.d.ts +1 -1
package/dist/src/auth/client.d.ts.map +1 -1
package/dist/src/auth/client.js.map +1 -1
package/dist/src/storage/client.d.ts +5 -5
package/dist/src/storage/client.d.ts.map +1 -1
package/dist/src/storage/client.js +26 -4
package/dist/src/storage/client.js.map +1 -1
package/dist/tsconfig.tsbuildinfo +1 -1
package/package.json +1 -1

package/dist/nhost-js.umd.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"nhost-js.umd.js","sources":["../src/fetch/fetch.ts","../src/fetch/middlewareAttachAccessToken.ts","../src/session/refreshSession.ts","../src/fetch/middlewareSessionRefresh.ts","../src/fetch/middlewareUpdateSessionFromResponse.ts","../src/session/session.ts","../src/session/storageBackend.ts","../src/session/storage.ts","../src/nhost.ts","../src/auth/client.ts","../src/storage/client.ts","../src/graphql/client.ts","../src/functions/client.ts","../src/index.ts","../src/fetch/middlewareWithAdminSession.ts"],"sourcesContent":["/*\n Type definition for a fetch-like function.\n * Takes the same parameters as fetch and returns the same type.\n * This allows middleware to intercept and modify requests and responses.\n /\nexport type FetchFunction = (\n url: string,\n options?: RequestInit,\n) => Promise<Response>;\n\n/\n Type definition for a chain function (middleware).\n * Takes a fetch-like function and returns another fetch-like function.\n \n Chain functions can be used to implement:\n * - Authentication token handling\n * - Error handling and retry logic\n * - Request and response transformations\n * - Logging and metrics\n /\nexport type ChainFunction = (next: FetchFunction) => FetchFunction;\n\n/\n Creates an enhanced fetch function using a chain of middleware functions.\n \n The fetch chain executes in the order of the array, with each middleware\n * wrapping the next one in the chain. This allows each middleware to\n * intercept both the request (before calling next) and the response\n * (after calling next).\n \n @example\n * ```typescript\n * // Simple logging middleware\n * const loggingMiddleware: ChainFunction = (next) => {\n * return async (url, options) => {\n * console.log(`Request to ${url}`);\n * const response = await next(url, options);\n * console.log(`Response from ${url}: ${response.status}`);\n * return response;\n * };\n * };\n \n const enhancedFetch = createEnhancedFetch([loggingMiddleware]);\n * const response = await enhancedFetch('https://api.example.com/data');\n * ```\n \n @param chainFunctions - Array of chain functions to apply in order\n * @returns Enhanced fetch function with all middleware applied\n /\nexport function createEnhancedFetch(\n chainFunctions: ChainFunction[] = [],\n): FetchFunction {\n // Build the chain starting with vanilla fetch, but apply functions in reverse\n // to achieve the desired execution order\n return chainFunctions.reduceRight(\n (nextInChain, chainFunction) => chainFunction(nextInChain),\n fetch as FetchFunction,\n );\n}\n\n/\n Interface representing a structured API response.\n \n This interface provides a consistent structure for responses across the SDK,\n * offering access to the parsed response body along with status and headers.\n \n @template T - The type of the response body\n /\nexport interface FetchResponse<T> {\n /* The parsed response body /\n body: T;\n /* HTTP status code of the response /\n status: number;\n /* Response headers /\n headers: Headers;\n}\n\nfunction extractMessage(body: unknown): string {\n if (body && typeof body === \"string\") {\n return body;\n }\n\n if (body && typeof body === \"object\") {\n const typedBody = body as Record<string, unknown>;\n\n if (\"message\" in typedBody && typeof typedBody[\"message\"] === \"string\") {\n return typedBody[\"message\"];\n }\n\n if (\"error\" in typedBody && typeof typedBody[\"error\"] === \"string\") {\n return typedBody[\"error\"];\n }\n\n if (\n \"error\" in typedBody &&\n typedBody[\"error\"] &&\n typeof typedBody[\"error\"] === \"object\"\n ) {\n const error = typedBody[\"error\"] as Record<string, unknown>;\n if (\"message\" in error && typeof error[\"message\"] === \"string\") {\n return error[\"message\"];\n }\n }\n\n if (\"errors\" in typedBody && Array.isArray(typedBody[\"errors\"])) {\n const messages = (typedBody[\"errors\"] as unknown[])\n .filter(\n (error): error is { message: string } =>\n typeof error === \"object\" &&\n error !== null &&\n \"message\" in error &&\n typeof (error as { message: unknown })[\"message\"] === \"string\",\n )\n .map((error) => error[\"message\"]);\n\n if (messages.length > 0) {\n return messages.join(\", \");\n }\n }\n }\n\n return \"An unexpected error occurred\";\n}\n\n/\n Error class for representing fetch operation failures.\n \n This class extends the standard Error to include additional\n * information about failed requests, including the response body,\n * status code, and headers. The error message is automatically\n * extracted from common error response formats.\n \n @template T - The type of the response body\n /\nexport class FetchError<T = unknown> extends Error {\n /* The original response body /\n body: T;\n /* HTTP status code of the failed response /\n status: number;\n /* Response headers /\n headers: Headers;\n\n /\n Creates a new FetchError instance\n \n @param body - The response body from the failed request\n * @param status - The HTTP status code\n * @param headers - The response headers\n /\n constructor(body: T, status: number, headers: Headers) {\n super(extractMessage(body));\n this.body = body;\n this.status = status;\n this.headers = headers;\n }\n}\n","/\n Authorization token attachment middleware for the Nhost SDK.\n \n This module provides middleware functionality to automatically attach\n * authorization tokens to outgoing API requests, ensuring the client\n * is properly authenticated.\n /\n\nimport type { Session } from \"../auth\";\nimport type { SessionStorage } from \"../session/storage\";\nimport type { ChainFunction, FetchFunction } from \"./fetch\";\n\n/\n Creates a fetch middleware that adds the Authorization header with the current access token.\n \n This middleware:\n * 1. Gets the current session from storage\n * 2. Adds the authorization header with the access token to outgoing requests\n \n This middleware should be used after the refresh middleware in the chain to\n * ensure the most recent token is used.\n \n @param storage - Storage implementation for retrieving session data\n * @returns A middleware function that adds Authorization headers\n /\nexport const attachAccessTokenMiddleware =\n (storage: SessionStorage): ChainFunction =>\n (next: FetchFunction): FetchFunction =>\n async (url: string, options: RequestInit = {}): Promise<Response> => {\n const headers = new Headers(options.headers \|\| {});\n\n // Skip if Authorization header is already set\n if (headers.has(\"Authorization\")) {\n return next(url, options);\n }\n\n // Get current session from storage\n const session = storage.get();\n\n if (session?.accessToken) {\n // Add authorization header\n const newOptions = {\n ...options,\n headers: addAuthorizationHeader(headers, session),\n };\n\n // Continue with the fetch chain\n return next(url, newOptions);\n }\n\n // No session or no access token, continue without authorization\n return next(url, options);\n };\n\n/\n Adds the Authorization header with the access token to the request headers\n \n @param headers - Original request headers\n * @param session - Current session containing the access token\n * @returns Modified headers with Authorization header\n /\nfunction addAuthorizationHeader(headers: Headers, session: Session): Headers {\n if (session.accessToken) {\n headers.set(\"Authorization\", `Bearer ${session.accessToken}`);\n }\n return headers;\n}\n","import type { Client as AuthClient, ErrorResponse } from \"../auth\";\nimport type { FetchResponse } from \"../fetch\";\nimport type { Session } from \"./session\";\nimport type { SessionStorage } from \"./storage\";\n\nclass DummyLock implements Lock {\n async request(\n _name: string,\n _options: { mode: \"exclusive\" \| \"shared\" },\n // biome-ignore lint/suspicious/noExplicitAny: any\n callback: () => Promise<any>,\n ) {\n return callback();\n }\n}\n\ninterface Lock {\n request: (\n name: string,\n options: { mode: \"exclusive\" \| \"shared\" },\n // biome-ignore lint/suspicious/noExplicitAny: blah\n callback: () => Promise<any>,\n // biome-ignore lint/suspicious/noExplicitAny: blah\n ) => Promise<any>;\n}\n\nconst lock: Lock =\n // biome-ignore lint/complexity/useOptionalChain: this check breaks non-browser environments\n typeof navigator !== \"undefined\" && navigator.locks\n ? navigator.locks\n : new DummyLock();\n\n/\n Refreshes the authentication session if needed\n \n This function checks if the current session needs to be refreshed based on\n * the access token expiration time. If a refresh is needed, it will attempt to\n * refresh the token using the provided auth client.\n \n @param auth - The authentication client to use for token refresh\n * @param storage - The session storage implementation\n * @param marginSeconds - The number of seconds before the token expiration to refresh the session. If the token is still valid for this duration, it will not be refreshed. Set to 0 to force the refresh.\n * @returns A promise that resolves to the current session (refreshed if needed) or null if no session exists\n /\nexport const refreshSession = async (\n auth: AuthClient,\n storage: SessionStorage,\n marginSeconds = 60,\n): Promise<Session \| null> => {\n try {\n return await _refreshSession(auth, storage, marginSeconds);\n } catch (error) {\n try {\n // we retry the refresh token in case of transient error\n // or race conditions\n console.warn(\"error refreshing session, retrying:\", error);\n return await _refreshSession(auth, storage, marginSeconds);\n } catch (error) {\n const errResponse = error as FetchResponse<ErrorResponse>;\n if (errResponse?.status === 401) {\n // this probably means the refresh token is invalid\n console.error(\"session probably expired\");\n storage.remove();\n }\n return null;\n }\n }\n};\n\n/\n Internal implementation of the refresh session logic\n \n @param auth - The authentication client to use for token refresh\n * @param storage - The session storage implementation\n * @param marginSeconds - How many seconds before expiration to trigger a refresh\n * @returns A promise that resolves to the current session (refreshed if needed) or null if no session exists\n * @private\n /\nconst _refreshSession = async (\n auth: AuthClient,\n storage: SessionStorage,\n marginSeconds = 60,\n): Promise<Session \| null> => {\n const {\n session,\n needsRefresh,\n }: { session: Session \| null; needsRefresh: boolean } = await lock.request(\n \"nhostSessionLock\",\n { mode: \"shared\" },\n async () => {\n return _needsRefresh(storage, marginSeconds);\n },\n );\n\n if (!session) {\n return null; // No session found\n }\n\n if (!needsRefresh) {\n return session; // No need to refresh\n }\n\n const refreshedSession: Session \| null = await lock.request(\n \"nhostSessionLock\",\n { mode: \"exclusive\" },\n async () => {\n const { session, needsRefresh, sessionExpired } = _needsRefresh(\n storage,\n marginSeconds,\n );\n\n if (!session) {\n return null; // No session found\n }\n\n if (!needsRefresh) {\n return session; // No need to refresh\n }\n\n try {\n const response = await auth.refreshToken({\n refreshToken: session.refreshToken,\n });\n storage.set(response.body);\n\n return response.body;\n } catch (error) {\n if (!sessionExpired) {\n return session;\n }\n\n throw error;\n }\n },\n );\n\n return refreshedSession;\n};\n\n/\n Checks if the current session needs to be refreshed based on token expiration\n \n @param storage - The session storage implementation\n * @param marginSeconds - How many seconds before expiration to trigger a refresh\n * @returns An object containing the session, whether it needs refreshing, and whether it has expired\n * @private\n /\nconst _needsRefresh = (storage: SessionStorage, marginSeconds = 60) => {\n const session = storage.get();\n if (!session) {\n return { session: null, needsRefresh: false, sessionExpired: false };\n }\n\n if (!session.decodedToken \|\| !session.decodedToken.exp) {\n // if the session does not have a valid decoded token, treat it as expired\n // as we can't determine its validity\n return { session, needsRefresh: true, sessionExpired: true };\n }\n\n // Force refresh if marginSeconds is 0\n if (marginSeconds === 0) {\n return { session, needsRefresh: true, sessionExpired: false };\n }\n\n const currentTime = Date.now();\n if (session.decodedToken.exp - currentTime > marginSeconds 1000) {\n return { session, needsRefresh: false, sessionExpired: false };\n }\n\n return {\n session,\n needsRefresh: true,\n sessionExpired: session.decodedToken.exp < currentTime,\n };\n};\n","/*\n Auth token refresh middleware for the Nhost SDK.\n \n This module provides middleware functionality to automatically refresh\n * authentication tokens before they expire, ensuring seamless API access\n * without requiring manual token refresh by the application.\n /\n\nimport type { Client } from \"../auth\";\nimport { refreshSession } from \"../session/refreshSession\";\nimport type { SessionStorage } from \"../session/storage\";\nimport type { ChainFunction, FetchFunction } from \"./fetch\";\n\n/\n Creates a fetch middleware that automatically refreshes authentication tokens.\n \n This middleware:\n * 1. Checks if the current token is about to expire\n * 2. If so, uses the refresh token to obtain a new access token\n \n The middleware handles token refresh transparently, so the application\n * doesn't need to manually refresh tokens.\n \n @param auth - Auth API client for token refresh operations\n * @param storage - Storage implementation for persisting session data\n * @param options - Configuration options for token refresh behavior\n * @param options.marginSeconds - Number of seconds before token expiration to trigger a refresh, default is 60 seconds\n * @returns A middleware function that can be used in the fetch chain\n /\nexport const sessionRefreshMiddleware = (\n auth: Client,\n storage: SessionStorage,\n options?: {\n marginSeconds?: number;\n },\n): ChainFunction => {\n const { marginSeconds = 60 } = options \|\| {};\n\n // Create and return the chain function\n return (next: FetchFunction): FetchFunction =>\n async (url: string, options: RequestInit = {}): Promise<Response> => {\n // Skip token handling for certain requests\n if (shouldSkipTokenHandling(url, options)) {\n return next(url, options);\n }\n\n try {\n await refreshSession(auth, storage, marginSeconds);\n } catch {\n // do nothing, we still want to call the next function\n }\n return next(url, options);\n };\n};\n\n/\n Determines if token handling should be skipped for this request\n \n @param url - Request URL\n * @param options - Request options\n * @returns True if token handling should be skipped, false otherwise\n /\nfunction shouldSkipTokenHandling(url: string, options: RequestInit): boolean {\n const headers = new Headers(options.headers \|\| {});\n\n // If Authorization header is explicitly set, skip token handling\n if (headers.has(\"Authorization\")) {\n return true;\n }\n\n // If calling the token endpoint, skip to avoid infinite loops\n if (url.endsWith(\"/v1/token\")) {\n return true;\n }\n\n return false;\n}\n","/\n Session response middleware for the Nhost SDK.\n \n This module provides middleware functionality to automatically extract\n * and persist session information from authentication responses, ensuring\n * that new sessions are properly stored after sign-in operations.\n /\n\nimport type { Session, SessionPayload } from \"../auth\";\nimport type { SessionStorage } from \"../session/storage\";\nimport type { ChainFunction } from \"./fetch\";\n\n/\n Creates a fetch middleware that automatically extracts and stores session data from API responses.\n \n This middleware:\n * 1. Monitors responses from authentication-related endpoints\n * 2. Extracts session information when present\n * 3. Stores the session in the provided storage implementation\n * 4. Handles session removal on sign-out\n \n This ensures that session data is always up-to-date in storage after operations\n * that create or invalidate sessions.\n \n @param storage - Storage implementation for persisting session data\n * @returns A middleware function that can be used in the fetch chain\n /\nexport const updateSessionFromResponseMiddleware = (\n storage: SessionStorage,\n): ChainFunction => {\n /\n Helper function to extract session data from various response formats\n \n @param body - Response data to extract session from\n * @returns Session object if found, null otherwise\n /\n const sessionExtractor = (\n body: Session \| SessionPayload \| string,\n ): Session \| null => {\n if (typeof body === \"string\") {\n return null;\n }\n\n if (\"session\" in body) {\n // SessionPayload\n return body.session \|\| null;\n }\n\n if (\"accessToken\" in body && \"refreshToken\" in body && \"user\" in body) {\n // Session\n return body;\n }\n\n return null;\n };\n\n return (next: (url: string, options?: RequestInit) => Promise<Response>) =>\n async (url: string, options?: RequestInit) => {\n // Call the next middleware in the chain\n const response = await next(url, options);\n\n try {\n // Check if this is a logout request\n if (url.endsWith(\"/signout\")) {\n // Remove session on sign-out\n storage.remove();\n return response;\n }\n\n // Check if this is an auth-related endpoint that might return session data\n if (\n url.endsWith(\"/token\") \|\|\n url.includes(\"/signin/\") \|\|\n url.includes(\"/signup/\")\n ) {\n // Clone the response to avoid consuming it\n const clonedResponse = response.clone();\n\n // Parse the JSON data\n const body = (await clonedResponse.json().catch(() => null)) as\n \| Session\n \| SessionPayload;\n\n if (body) {\n // Extract session data from response using provided extractor\n const session = sessionExtractor(body);\n\n // If session data is found, store it\n if (session?.accessToken && session.refreshToken) {\n storage.set(session);\n }\n }\n }\n } catch (error) {\n console.warn(\"Error in session response middleware:\", error);\n }\n\n // Return the original response\n return response;\n };\n};\n","import type { Session as AuthSession } from \"../auth\";\n\n/\n Decoded JWT token payload with processed timestamps and Hasura claims\n /\nexport interface DecodedToken {\n /* Token expiration time as Date object /\n exp?: number;\n /* Token issued at time as Date object /\n iat?: number;\n /* Token issuer /\n iss?: string;\n /* Token subject (user ID) /\n sub?: string;\n /* Hasura JWT claims with PostgreSQL arrays converted to JavaScript arrays /\n \"https://hasura.io/jwt/claims\"?: Record<string, unknown>;\n /* Any other JWT claims /\n [key: string]: unknown;\n}\n\nexport interface Session extends AuthSession {\n /* Decoded JWT token payload with processed timestamps and Hasura claims /\n decodedToken: DecodedToken;\n}\n\nexport const decodeUserSession = (accessToken: string): DecodedToken => {\n const s = accessToken.split(\".\");\n if (s.length !== 3 \|\| !s[1]) {\n throw new Error(\"Invalid access token format\");\n }\n\n const decodedToken = JSON.parse(\n typeof atob !== \"undefined\"\n ? atob(s[1])\n : Buffer.from(s[1], \"base64\").toString(\"utf-8\"),\n ) as Record<string, unknown>;\n\n // Convert iat and exp to Date objects\n const iat =\n typeof decodedToken[\"iat\"] === \"number\"\n ? decodedToken[\"iat\"] 1000 // Convert seconds to milliseconds\n : undefined;\n const exp =\n typeof decodedToken[\"exp\"] === \"number\"\n ? decodedToken[\"exp\"] * 1000 // Convert seconds to milliseconds\n : undefined;\n\n // Process Hasura claims - dynamically convert PostgreSQL array notation to arrays\n const hasuraClaims = decodedToken[\"https://hasura.io/jwt/claims\"] as\n \| Record<string, unknown>\n \| undefined;\n const processedClaims = hasuraClaims\n ? Object.entries(hasuraClaims).reduce(\n (acc, [key, value]) => {\n if (typeof value === \"string\" && isPostgresArray(value)) {\n acc[key] = parsePostgresArray(value);\n } else {\n acc[key] = value;\n }\n return acc;\n },\n {} as Record<string, unknown>,\n )\n : undefined;\n\n return {\n ...decodedToken,\n iat,\n exp,\n \"https://hasura.io/jwt/claims\": processedClaims,\n };\n};\n\nconst isPostgresArray = (value: string): boolean => {\n return value.startsWith(\"{\") && value.endsWith(\"}\");\n};\n\nconst parsePostgresArray = (value: string): string[] => {\n if (!value \|\| value === \"{}\") return [];\n // Remove curly braces and split by comma, handling quoted values\n return value\n .slice(1, -1)\n .split(\",\")\n .map((item) => item.trim().replace(/^\"(.)\"$/, \"$1\"));\n};\n","/\n Storage implementations for session persistence in different environments.\n \n This module provides different storage adapters for persisting authentication sessions\n * across page reloads and browser sessions.\n /\n\nimport type { Session } from \"./session\";\n\n/\n Session storage interface for session persistence.\n * This interface can be implemented to provide custom storage solutions.\n /\nexport interface SessionStorageBackend {\n /\n Get the current session from storage\n * @returns The stored session or null if not found\n /\n get(): Session \| null;\n\n /\n Set the session in storage\n * @param value - The session to store\n /\n set(value: Session): void;\n\n /\n Remove the session from storage\n /\n remove(): void;\n}\n\n/\n Default storage key used for storing the Nhost session\n /\nexport const DEFAULT_SESSION_KEY = \"nhostSession\";\n\n/\n Browser localStorage implementation of StorageInterface.\n * Persists the session across page reloads and browser restarts.\n /\nexport class LocalStorage implements SessionStorageBackend {\n private readonly storageKey: string;\n\n /\n Creates a new LocalStorage instance\n * @param options - Configuration options\n * @param options.storageKey - The key to use in localStorage (defaults to \"nhostSession\")\n /\n constructor(options?: { storageKey?: string }) {\n this.storageKey = options?.storageKey \|\| DEFAULT_SESSION_KEY;\n }\n\n /\n Gets the session from localStorage\n * @returns The stored session or null if not found\n /\n get(): Session \| null {\n try {\n const value = window.localStorage.getItem(this.storageKey);\n return value ? (JSON.parse(value) as Session) : null;\n } catch {\n this.remove();\n return null;\n }\n }\n\n /\n Sets the session in localStorage\n * @param value - The session to store\n /\n set(value: Session): void {\n window.localStorage.setItem(this.storageKey, JSON.stringify(value));\n }\n\n /\n Removes the session from localStorage\n /\n remove(): void {\n window.localStorage.removeItem(this.storageKey);\n }\n}\n\n/\n In-memory storage implementation for non-browser environments or when\n * persistent storage is not available or desirable.\n /\nexport class MemoryStorage implements SessionStorageBackend {\n private session: Session \| null = null;\n\n /\n Gets the session from memory\n * @returns The stored session or null if not set\n /\n get(): Session \| null {\n return this.session;\n }\n\n /\n Sets the session in memory\n * @param value - The session to store\n /\n set(value: Session): void {\n this.session = value;\n }\n\n /\n Clears the session from memory\n /\n remove(): void {\n this.session = null;\n }\n}\n\n/\n Cookie-based storage implementation.\n * This storage uses web browser cookies to store the session so it's not\n * available in server-side environments. It is useful though for synchronizing\n * sessions between client and server environments.\n /\nexport class CookieStorage implements SessionStorageBackend {\n private readonly cookieName: string;\n private readonly expirationDays: number;\n private readonly secure: boolean;\n private readonly sameSite: \"strict\" \| \"lax\" \| \"none\";\n\n /\n Creates a new CookieStorage instance\n * @param options - Configuration options\n * @param options.cookieName - Name of the cookie to use (defaults to \"nhostSession\")\n * @param options.expirationDays - Number of days until the cookie expires (defaults to 30)\n * @param options.secure - Whether to set the Secure flag on the cookie (defaults to true)\n * @param options.sameSite - SameSite policy for the cookie (defaults to \"lax\")\n /\n constructor(options?: {\n cookieName?: string;\n expirationDays?: number;\n secure?: boolean;\n sameSite?: \"strict\" \| \"lax\" \| \"none\";\n }) {\n this.cookieName = options?.cookieName \|\| DEFAULT_SESSION_KEY;\n this.expirationDays = options?.expirationDays ?? 30;\n this.secure = options?.secure ?? true;\n this.sameSite = options?.sameSite \|\| \"lax\";\n }\n\n /\n Gets the session from cookies\n * @returns The stored session or null if not found\n /\n get(): Session \| null {\n const cookies = document.cookie.split(\";\");\n for (const cookie of cookies) {\n const [name, value] = cookie.trim().split(\"=\");\n if (name === this.cookieName) {\n try {\n return JSON.parse(decodeURIComponent(value \|\| \"\")) as Session;\n } catch {\n this.remove();\n return null;\n }\n }\n }\n return null;\n }\n\n /\n Sets the session in a cookie\n * @param value - The session to store\n /\n set(value: Session): void {\n const expires = new Date();\n expires.setTime(\n expires.getTime() + this.expirationDays 24 * 60 * 60 * 1000,\n );\n\n const cookieValue = encodeURIComponent(JSON.stringify(value));\n const cookieString = `${this.cookieName}=${cookieValue}; expires=${expires.toUTCString()}; path=/; ${this.secure ? \"secure; \" : \"\"}SameSite=${this.sameSite}`;\n\n // biome-ignore lint/suspicious/noDocumentCookie: this is unnecessary\n document.cookie = cookieString;\n }\n\n /*\n Removes the session cookie\n /\n remove(): void {\n // biome-ignore lint/suspicious/noDocumentCookie: this is unnecessary\n document.cookie = `${this.cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/; ${this.secure ? \"secure; \" : \"\"}SameSite=${this.sameSite}`;\n }\n}\n","/\n Storage implementations for session persistence in different environments.\n \n This module provides different storage adapters for persisting authentication sessions\n * across page reloads and browser sessions.\n /\n\nimport type { Session as AuthSession } from \"../auth\";\nimport { decodeUserSession, type Session } from \"./session\";\nimport {\n LocalStorage,\n MemoryStorage,\n type SessionStorageBackend,\n} from \"./storageBackend\";\n\n/\n Callback function type for session change subscriptions\n /\nexport type SessionChangeCallback = (session: Session \| null) => void;\n\n/\n A wrapper around any SessionStorageInterface implementation that adds\n * the ability to subscribe to session changes.\n /\nexport class SessionStorage {\n private readonly storage: SessionStorageBackend;\n private subscribers = new Set<SessionChangeCallback>();\n\n /\n Creates a new SessionStorage instance\n * @param storage - The underlying storage implementation to use\n /\n constructor(storage: SessionStorageBackend) {\n this.storage = storage;\n }\n\n /\n Gets the session from the underlying storage\n * @returns The stored session or null if not found\n /\n get(): Session \| null {\n return this.storage.get();\n }\n\n /\n Sets the session in the underlying storage and notifies subscribers\n * @param value - The session to store\n /\n set(value: AuthSession): void {\n const decodedToken = decodeUserSession(value.accessToken);\n const decodedSession = {\n ...value,\n decodedToken: decodedToken,\n };\n\n this.storage.set(decodedSession);\n this.notifySubscribers(decodedSession);\n }\n\n /\n Removes the session from the underlying storage and notifies subscribers\n /\n remove(): void {\n this.storage.remove();\n this.notifySubscribers(null);\n }\n\n /\n Subscribe to session changes\n * @param callback - Function that will be called when the session changes\n * @returns An unsubscribe function to remove this subscription\n /\n onChange(callback: SessionChangeCallback) {\n this.subscribers.add(callback);\n\n return () => {\n this.subscribers.delete(callback);\n };\n }\n\n /\n Notify all subscribers of a session change\n * @param session - The new session value or null if removed\n /\n private notifySubscribers(session: Session \| null): void {\n for (const subscriber of this.subscribers) {\n try {\n subscriber(session);\n } catch (error) {\n console.error(\"Error notifying subscriber:\", error);\n }\n }\n }\n}\n\n/\n Detects the best available storage implementation for the current environment.\n \n The detection process follows this order:\n * 1. Try to use localStorage if we're in a browser environment\n * 2. Fall back to in-memory storage if localStorage isn't available\n \n @returns The best available storage implementation as a SessionStorageBackend\n /\nexport const detectStorage = (): SessionStorageBackend => {\n if (typeof window !== \"undefined\") {\n return new LocalStorage();\n }\n return new MemoryStorage();\n};\n","import { generateServiceUrl } from \"./\";\nimport {\n type Client as AuthClient,\n createAPIClient as createAuthClient,\n} from \"./auth\";\nimport {\n type AdminSessionOptions,\n attachAccessTokenMiddleware,\n type ChainFunction,\n sessionRefreshMiddleware,\n updateSessionFromResponseMiddleware,\n withAdminSessionMiddleware,\n} from \"./fetch\";\nimport {\n createAPIClient as createFunctionsClient,\n type Client as FunctionsClient,\n} from \"./functions\";\nimport {\n createAPIClient as createGraphQLClient,\n type Client as GraphQLClient,\n} from \"./graphql\";\nimport {\n detectStorage,\n refreshSession,\n type Session,\n SessionStorage,\n type SessionStorageBackend,\n} from \"./session/\";\nimport {\n createAPIClient as createStorageClient,\n type Client as StorageClient,\n} from \"./storage\";\n\n/\n Configuration function that receives all clients and can configure them\n * (e.g., by attaching middleware, setting up interceptors, etc.)\n /\nexport type ClientConfigurationFn = (clients: {\n auth: AuthClient;\n storage: StorageClient;\n graphql: GraphQLClient;\n functions: FunctionsClient;\n sessionStorage: SessionStorage;\n}) => void;\n\n/\n Built-in configuration for client-side applications.\n * Includes automatic session refresh, token attachment, and session updates.\n /\nexport const withClientSideSessionMiddleware: ClientConfigurationFn = ({\n auth,\n storage,\n graphql,\n functions,\n sessionStorage,\n}) => {\n const mwChain: ChainFunction[] = [\n sessionRefreshMiddleware(auth, sessionStorage),\n updateSessionFromResponseMiddleware(sessionStorage),\n attachAccessTokenMiddleware(sessionStorage),\n ];\n\n for (const mw of mwChain) {\n auth.pushChainFunction(mw);\n storage.pushChainFunction(mw);\n graphql.pushChainFunction(mw);\n functions.pushChainFunction(mw);\n }\n};\n\n/\n Built-in configuration for server-side applications.\n * Includes token attachment and session updates, but NOT automatic session refresh\n * to prevent race conditions in server contexts.\n /\nexport const withServerSideSessionMiddleware: ClientConfigurationFn = ({\n auth,\n storage,\n graphql,\n functions,\n sessionStorage,\n}) => {\n const mwChain: ChainFunction[] = [\n updateSessionFromResponseMiddleware(sessionStorage),\n attachAccessTokenMiddleware(sessionStorage),\n ];\n\n for (const mw of mwChain) {\n auth.pushChainFunction(mw);\n storage.pushChainFunction(mw);\n graphql.pushChainFunction(mw);\n functions.pushChainFunction(mw);\n }\n};\n\n/\n Configuration for admin clients with elevated privileges.\n * Applies admin session middleware to storage, graphql, and functions clients only.\n \n Security Warning: Never use this in client-side code. Admin secrets grant\n * unrestricted access to your entire database.\n \n @param adminSession - Admin session options including admin secret, role, and session variables\n * @returns Configuration function that sets up admin middleware\n /\nexport function withAdminSession(\n adminSession: AdminSessionOptions,\n): ClientConfigurationFn {\n return ({ storage, graphql, functions }) => {\n const adminMiddleware = withAdminSessionMiddleware(adminSession);\n\n storage.pushChainFunction(adminMiddleware);\n graphql.pushChainFunction(adminMiddleware);\n functions.pushChainFunction(adminMiddleware);\n };\n}\n\n/\n Configuration for adding custom chain functions to all clients.\n * Useful for adding custom middleware like logging, caching, or custom headers.\n \n @param chainFunctions - Array of chain functions to apply to all clients\n * @returns Configuration function that sets up custom middleware\n /\nexport function withChainFunctions(\n chainFunctions: ChainFunction[],\n): ClientConfigurationFn {\n return ({ auth, storage, graphql, functions }) => {\n for (const mw of chainFunctions) {\n auth.pushChainFunction(mw);\n storage.pushChainFunction(mw);\n graphql.pushChainFunction(mw);\n functions.pushChainFunction(mw);\n }\n };\n}\n\n/\n Main client class that provides unified access to all Nhost services.\n * This class serves as the central interface for interacting with Nhost's\n * authentication, storage, GraphQL, and serverless functions capabilities.\n /\nexport class NhostClient {\n /\n Authentication client providing methods for user sign-in, sign-up, and session management.\n * Use this client to handle all authentication-related operations.\n /\n auth: AuthClient;\n\n /\n Storage client providing methods for file operations (upload, download, delete).\n * Use this client to manage files in your Nhost storage.\n /\n storage: StorageClient;\n\n /\n GraphQL client providing methods for executing GraphQL operations against your Hasura backend.\n * Use this client to query and mutate data in your database through GraphQL.\n /\n graphql: GraphQLClient;\n\n /\n Functions client providing methods for invoking serverless functions.\n * Use this client to call your custom serverless functions deployed to Nhost.\n /\n functions: FunctionsClient;\n\n /\n Storage implementation used for persisting session information.\n * This handles saving, retrieving, and managing authentication sessions across requests.\n /\n sessionStorage: SessionStorage;\n\n /\n Create a new Nhost client. This constructor is reserved for advanced use cases.\n * For typical usage, use [createClient](#createclient) or [createServerClient](#createserverclient) instead.\n \n @param auth - Authentication client instance\n * @param storage - Storage client instance\n * @param graphql - GraphQL client instance\n * @param functions - Functions client instance\n * @param sessionStorage - Storage implementation for session persistence\n /\n constructor(\n auth: AuthClient,\n storage: StorageClient,\n graphql: GraphQLClient,\n functions: FunctionsClient,\n sessionStorage: SessionStorage,\n ) {\n this.auth = auth;\n this.storage = storage;\n this.graphql = graphql;\n this.functions = functions;\n this.sessionStorage = sessionStorage;\n }\n\n /\n Get the current session from storage.\n * This method retrieves the authenticated user's session information if one exists.\n \n @returns The current session or null if no session exists\n \n @example\n * ```ts\n * const session = nhost.getUserSession();\n * if (session) {\n * console.log('User is authenticated:', session.user.id);\n * } else {\n * console.log('No active session');\n * }\n * ```\n /\n getUserSession(): Session \| null {\n return this.sessionStorage.get();\n }\n\n /\n Refresh the session using the current refresh token\n * in the storage and update the storage with the new session.\n \n This method can be used to proactively refresh tokens before they expire\n * or to force a refresh when needed.\n \n @param marginSeconds - The number of seconds before the token expiration to refresh the session. If the token is still valid for this duration, it will not be refreshed. Set to 0 to force the refresh.\n \n @returns The new session or null if there is currently no session or if refresh fails\n \n @example\n * ```ts\n * // Refresh token if it's about to expire in the next 5 minutes\n * const refreshedSession = await nhost.refreshSession(300);\n \n // Force refresh regardless of current token expiration\n * const forcedRefresh = await nhost.refreshSession(0);\n * ```\n /\n async refreshSession(marginSeconds = 60): Promise<Session \| null> {\n return refreshSession(this.auth, this.sessionStorage, marginSeconds);\n }\n\n /\n Clear the session from storage.\n \n This method removes the current authentication session, effectively logging out the user.\n * Note that this is a client-side operation and doesn't invalidate the refresh token on\n * the server, which can be done with `nhost.auth.signOut({refreshToken: session.refreshTokenId})`.\n * If the middle `updateSessionFromResponseMiddleware` is used, the session will be removed\n * from the storage automatically and calling this method is not necessary.\n \n @example\n * ```ts\n * // Log out the user\n * nhost.clearSession();\n * ```\n /\n clearSession(): void {\n this.sessionStorage.remove();\n }\n}\n\n/\n Configuration options for creating an Nhost client\n /\nexport interface NhostClientOptions {\n /\n Nhost project subdomain (e.g., 'abcdefgh'). Used to construct the base URL for services for the Nhost cloud.\n /\n subdomain?: string;\n\n /\n Nhost region (e.g., 'eu-central-1'). Used to construct the base URL for services for the Nhost cloud.\n /\n region?: string;\n\n /\n Complete base URL for the auth service (overrides subdomain/region)\n /\n authUrl?: string;\n\n /\n Complete base URL for the storage service (overrides subdomain/region)\n /\n storageUrl?: string;\n\n /\n Complete base URL for the GraphQL service (overrides subdomain/region)\n /\n graphqlUrl?: string;\n\n /\n Complete base URL for the functions service (overrides subdomain/region)\n /\n functionsUrl?: string;\n\n /\n Storage backend to use for session persistence. If not provided, the SDK will\n * default to localStorage in the browser or memory in other environments.\n /\n storage?: SessionStorageBackend;\n\n /\n Configuration functions to be applied to the client after initialization.\n * These functions receive all clients and can attach middleware or perform other setup.\n /\n configure?: ClientConfigurationFn[];\n}\n\n/\n Creates and configures a new Nhost client instance with custom configuration.\n \n This is the main factory function for creating Nhost clients. It instantiates\n * all service clients (auth, storage, graphql, functions) and applies the provided\n * configuration functions to set up middleware and other customizations.\n \n @param options - Configuration options for the client\n * @returns A configured Nhost client\n \n @example\n * ```ts\n * // Create a basic client with no middleware\n * const nhost = createNhostClient({\n * subdomain: 'abcdefgh',\n * region: 'eu-central-1',\n * configure: []\n * });\n \n // Create a client with custom configuration\n * const nhost = createNhostClient({\n * subdomain: 'abcdefgh',\n * region: 'eu-central-1',\n * configure: [\n * withClientSideSessionMiddleware,\n * withChainFunctions([customLoggingMiddleware])\n * ]\n * });\n \n // Create an admin client\n * const nhost = createNhostClient({\n * subdomain,\n * region,\n * configure: [\n * withAdminSession({\n * adminSecret: \"nhost-admin-secret\",\n * role: \"user\",\n * sessionVariables: {\n * \"user-id\": \"54058C42-51F7-4B37-8B69-C89A841D2221\",\n * },\n * }),\n * ],\n * });\n\n * ```\n /\nexport function createNhostClient(\n options: NhostClientOptions = {},\n): NhostClient {\n const {\n subdomain,\n region,\n authUrl,\n storageUrl,\n graphqlUrl,\n functionsUrl,\n storage = detectStorage(),\n configure = [],\n } = options;\n\n const sessionStorage = new SessionStorage(storage);\n\n // Determine base URLs for each service\n const authBaseUrl = generateServiceUrl(\"auth\", subdomain, region, authUrl);\n const storageBaseUrl = generateServiceUrl(\n \"storage\",\n subdomain,\n region,\n storageUrl,\n );\n const graphqlBaseUrl = generateServiceUrl(\n \"graphql\",\n subdomain,\n region,\n graphqlUrl,\n );\n const functionsBaseUrl = generateServiceUrl(\n \"functions\",\n subdomain,\n region,\n functionsUrl,\n );\n\n // Create all clients\n const auth = createAuthClient(authBaseUrl);\n const storageClient = createStorageClient(storageBaseUrl, []);\n const graphqlClient = createGraphQLClient(graphqlBaseUrl, []);\n const functionsClient = createFunctionsClient(functionsBaseUrl, []);\n\n // Apply configuration functions\n for (const configFn of configure) {\n configFn({\n auth,\n storage: storageClient,\n graphql: graphqlClient,\n functions: functionsClient,\n sessionStorage,\n });\n }\n\n // Return an initialized NhostClient\n return new NhostClient(\n auth,\n storageClient,\n graphqlClient,\n functionsClient,\n sessionStorage,\n );\n}\n\n/\n Creates and configures a new Nhost client instance optimized for client-side usage.\n \n This helper method instantiates a fully configured Nhost client by:\n * - Instantiating the various service clients (auth, storage, functions and graphql)\n * - Auto-detecting and configuring an appropriate session storage (localStorage in browsers, memory otherwise)\n * - Setting up a sophisticated middleware chain for seamless authentication management:\n * - Automatically refreshing tokens before they expire\n * - Attaching authorization tokens to all service requests\n * - Updating the session storage when new tokens are received\n \n This method includes automatic session refresh middleware, making it ideal for\n * client-side applications where long-lived sessions are expected.\n \n @param options - Configuration options for the client\n * @returns A configured Nhost client\n \n @example\n * ```ts\n * // Create client using Nhost cloud default URLs\n * const nhost = createClient({\n * subdomain: 'abcdefgh',\n * region: 'eu-central-1'\n * });\n \n // Create client with custom service URLs\n * const customNhost = createClient({\n * authUrl: 'https://auth.example.com',\n * storageUrl: 'https://storage.example.com',\n * graphqlUrl: 'https://graphql.example.com',\n * functionsUrl: 'https://functions.example.com'\n * });\n \n // Create client using cookies for storing the session\n * import { CookieStorage } from \"@nhost/nhost-js/session\";\n \n const nhost = createClient({\n * subdomain: 'abcdefgh',\n * region: 'eu-central-1',\n * storage: new CookieStorage({\n * secure: import.meta.env.ENVIRONMENT === 'production',\n * })\n * });\n \n // Create client with additional custom middleware\n * const nhost = createClient({\n * subdomain: 'abcdefgh',\n * region: 'eu-central-1',\n * configure: [customLoggingMiddleware]\n * });\n * ```\n /\nexport function createClient(options: NhostClientOptions = {}): NhostClient {\n const storage = options.storage ?? detectStorage();\n\n return createNhostClient({\n ...options,\n storage,\n configure: [withClientSideSessionMiddleware, ...(options.configure ?? [])],\n });\n}\n\nexport interface NhostServerClientOptions extends NhostClientOptions {\n /\n Storage backend to use for session persistence in server environments.\n * Unlike the base options, this field is required for server-side usage\n * as the SDK cannot auto-detect an appropriate storage mechanism.\n /\n storage: SessionStorageBackend;\n}\n\n/\n Creates and configures a new Nhost client instance optimized for server-side usage.\n \n This helper method instantiates a fully configured Nhost client specifically designed for:\n * - Server components (in frameworks like Next.js or Remix)\n * - API routes and middleware\n * - Backend services and server-side rendering contexts\n \n Key differences from the standard client:\n * - Requires explicit storage implementation (must be provided)\n * - Disables automatic session refresh middleware (to prevent race conditions in server contexts)\n * - Still attaches authorization tokens and updates session storage from responses\n \n The server client is ideal for short-lived request contexts where session tokens\n * are passed in (like cookie-based authentication flows) and automatic refresh\n * mechanisms could cause issues with concurrent requests.\n \n @param options - Configuration options for the server client (requires storage implementation)\n * @returns A configured Nhost client optimized for server-side usage\n \n @example\n * ```ts\n * // Example with cookie storage for Next.js API route or server component\n * import { cookies } from 'next/headers';\n \n const nhost = createServerClient({\n * region: process.env[\"NHOST_REGION\"] \|\| \"local\",\n * subdomain: process.env[\"NHOST_SUBDOMAIN\"] \|\| \"local\",\n * storage: {\n * // storage compatible with Next.js server components\n * get: (): Session \| null => {\n * const s = cookieStore.get(key)?.value \|\| null;\n * if (!s) {\n * return null;\n * }\n * const session = JSON.parse(s) as Session;\n * return session;\n * },\n * set: (value: Session) => {\n * cookieStore.set(key, JSON.stringify(value));\n * },\n * remove: () => {\n * cookieStore.delete(key);\n * },\n * },\n * });\n \n // Example with cookie storage for Next.js middleware\n * const nhost = createServerClient({\n * region: process.env[\"NHOST_REGION\"] \|\| \"local\",\n * subdomain: process.env[\"NHOST_SUBDOMAIN\"] \|\| \"local\",\n * storage: {\n * // storage compatible with Next.js middleware\n * get: (): Session \| null => {\n * const raw = request.cookies.get(key)?.value \|\| null;\n * if (!raw) {\n * return null;\n * }\n * const session = JSON.parse(raw) as Session;\n * return session;\n * },\n * set: (value: Session) => {\n * response.cookies.set({\n * name: key,\n * value: JSON.stringify(value),\n * path: \"/\",\n * httpOnly: false, //if set to true we can't access it in the client\n * secure: process.env.NODE_ENV === \"production\",\n * sameSite: \"lax\",\n * maxAge: 60 * 60 * 24 * 30, // 30 days in seconds\n * });\n * },\n * remove: () => {\n * response.cookies.delete(key);\n * },\n * },\n * });\n \n // Example for express reading session from a cookie\n \n import express, { Request, Response } from \"express\";\n * import cookieParser from \"cookie-parser\";\n \n app.use(cookieParser());\n \n const nhostClientFromCookies = (req: Request) => {\n * return createServerClient({\n * subdomain: \"local\",\n * region: \"local\",\n * storage: {\n * get: (): Session \| null => {\n * const s = req.cookies.nhostSession \|\| null;\n * if (!s) {\n * return null;\n * }\n * const session = JSON.parse(s) as Session;\n * return session;\n * },\n * set: (_value: Session) => {\n * throw new Error(\"It is easier to handle the session in the client\");\n * },\n * remove: () => {\n * throw new Error(\"It is easier to handle the session in the client\");\n * },\n * },\n * });\n * };\n \n // Example with additional custom middleware\n * const nhost = createServerClient({\n * region: process.env[\"NHOST_REGION\"] \|\| \"local\",\n * subdomain: process.env[\"NHOST_SUBDOMAIN\"] \|\| \"local\",\n * storage: myStorage,\n * configure: [customLoggingMiddleware]\n * });\n * ```\n /\nexport function createServerClient(\n options: NhostServerClientOptions,\n): NhostClient {\n return createNhostClient({\n ...options,\n configure: [withServerSideSessionMiddleware, ...(options.configure ?? [])],\n });\n}\n","/\n This file is auto-generated. Do not edit manually.\n /\n\nimport type { ChainFunction, FetchResponse } from \"../fetch\";\nimport { createEnhancedFetch, FetchError } from \"../fetch\";\n\n/\n The attestation statement format\n /\nexport type AttestationFormat =\n \| \"packed\"\n \| \"tpm\"\n \| \"android-key\"\n \| \"android-safetynet\"\n \| \"fido-u2f\"\n \| \"apple\"\n \| \"none\";\n\n/\n Map of extension outputs from the client\n @property appid? (`boolean`) - Application identifier extension output\n @property credProps? (`CredentialPropertiesOutput`) - Credential properties extension output\n @property hmacCreateSecret? (`boolean`) - HMAC secret extension output/\nexport interface AuthenticationExtensionsClientOutputs {\n /\n Application identifier extension output\n /\n appid?: boolean;\n /\n Credential properties extension output\n /\n credProps?: CredentialPropertiesOutput;\n /\n HMAC secret extension output\n /\n hmacCreateSecret?: boolean;\n}\n\n/\n \n @property clientDataJSON (`string`) - Base64url encoded client data JSON\n @property authenticatorData (`string`) - Base64url encoded authenticator data\n @property signature (`string`) - Base64url encoded assertion signature\n @property userHandle? (`string`) - Base64url encoded user handle/\nexport interface AuthenticatorAssertionResponse {\n /\n Base64url encoded client data JSON\n /\n clientDataJSON: string;\n /\n Base64url encoded authenticator data\n /\n authenticatorData: string;\n /\n Base64url encoded assertion signature\n /\n signature: string;\n /\n Base64url encoded user handle\n /\n userHandle?: string;\n}\n\n/\n The authenticator attachment modality\n /\nexport type AuthenticatorAttachment = \"platform\" \| \"cross-platform\";\n\n/\n \n @property clientDataJSON (`string`) - Base64url-encoded binary data\n * Format - byte\n @property transports? (`string[]`) - The authenticator transports\n @property authenticatorData? (`string`) - Base64url-encoded binary data\n * Format - byte\n @property publicKey? (`string`) - Base64url-encoded binary data\n * Format - byte\n @property publicKeyAlgorithm? (`number`) - The public key algorithm identifier\n * Format - int64\n @property attestationObject (`string`) - Base64url-encoded binary data\n * Format - byte/\nexport interface AuthenticatorAttestationResponse {\n /\n Base64url-encoded binary data\n * Format - byte\n /\n clientDataJSON: string;\n /\n The authenticator transports\n /\n transports?: string[];\n /\n Base64url-encoded binary data\n * Format - byte\n /\n authenticatorData?: string;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n publicKey?: string;\n /\n The public key algorithm identifier\n * Format - int64\n /\n publicKeyAlgorithm?: number;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n attestationObject: string;\n}\n\n/\n \n @property authenticatorAttachment? (`AuthenticatorAttachment`) - The authenticator attachment modality\n @property requireResidentKey? (`boolean`) - Whether the authenticator must create a client-side-resident public key credential source\n @property residentKey? (`ResidentKeyRequirement`) - The resident key requirement\n @property userVerification? (`UserVerificationRequirement`) - A requirement for user verification for the operation/\nexport interface AuthenticatorSelection {\n /\n The authenticator attachment modality\n /\n authenticatorAttachment?: AuthenticatorAttachment;\n /\n Whether the authenticator must create a client-side-resident public key credential source\n /\n requireResidentKey?: boolean;\n /\n The resident key requirement\n /\n residentKey?: ResidentKeyRequirement;\n /\n A requirement for user verification for the operation\n /\n userVerification?: UserVerificationRequirement;\n}\n\n/\n The authenticator transports that can be used\n /\nexport type AuthenticatorTransport =\n \| \"usb\"\n \| \"nfc\"\n \| \"ble\"\n \| \"smart-card\"\n \| \"hybrid\"\n \| \"internal\";\n\n/\n The attestation conveyance preference\n /\nexport type ConveyancePreference =\n \| \"none\"\n \| \"indirect\"\n \| \"direct\"\n \| \"enterprise\";\n\n/\n \n @property expiresAt (`string`) - Expiration date of the PAT\n * Format - date-time\n @property metadata? (`Record<string, unknown>`) - \n * Example - `{\"name\":\"my-pat\",\"used-by\":\"my-app-cli\"}`/\nexport interface CreatePATRequest {\n /\n Expiration date of the PAT\n * Format - date-time\n /\n expiresAt: string;\n /\n \n * Example - `{\"name\":\"my-pat\",\"used-by\":\"my-app-cli\"}`\n /\n metadata?: Record<string, unknown>;\n}\n\n/\n \n @property id (`string`) - ID of the PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n @property personalAccessToken (`string`) - PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b/\nexport interface CreatePATResponse {\n /\n ID of the PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n id: string;\n /\n PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n personalAccessToken: string;\n}\n\n/\n \n @property id (`string`) - The credential's identifier\n @property type (`string`) - The credential type represented by this object\n @property rawId (`string`) - Base64url-encoded binary data\n * Format - byte\n @property clientExtensionResults? (`AuthenticationExtensionsClientOutputs`) - Map of extension outputs from the client\n @property authenticatorAttachment? (`string`) - The authenticator attachment\n @property response (`AuthenticatorAssertionResponse`) - /\nexport interface CredentialAssertionResponse {\n /\n The credential's identifier\n /\n id: string;\n /\n The credential type represented by this object\n /\n type: string;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n rawId: string;\n /\n Map of extension outputs from the client\n /\n clientExtensionResults?: AuthenticationExtensionsClientOutputs;\n /\n The authenticator attachment\n /\n authenticatorAttachment?: string;\n /\n \n /\n response: AuthenticatorAssertionResponse;\n}\n\n/\n \n @property id (`string`) - The credential's identifier\n @property type (`string`) - The credential type represented by this object\n @property rawId (`string`) - Base64url-encoded binary data\n * Format - byte\n @property clientExtensionResults? (`AuthenticationExtensionsClientOutputs`) - Map of extension outputs from the client\n @property authenticatorAttachment? (`string`) - The authenticator attachment\n @property response (`AuthenticatorAttestationResponse`) - /\nexport interface CredentialCreationResponse {\n /\n The credential's identifier\n /\n id: string;\n /\n The credential type represented by this object\n /\n type: string;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n rawId: string;\n /\n Map of extension outputs from the client\n /\n clientExtensionResults?: AuthenticationExtensionsClientOutputs;\n /\n The authenticator attachment\n /\n authenticatorAttachment?: string;\n /\n \n /\n response: AuthenticatorAttestationResponse;\n}\n\n/\n \n @property type (`CredentialType`) - The valid credential types\n @property alg (`number`) - The cryptographic algorithm identifier/\nexport interface CredentialParameter {\n /\n The valid credential types\n /\n type: CredentialType;\n /\n The cryptographic algorithm identifier\n /\n alg: number;\n}\n\n/\n Credential properties extension output\n @property rk? (`boolean`) - Indicates if the credential is a resident key/\nexport interface CredentialPropertiesOutput {\n /\n Indicates if the credential is a resident key\n /\n rk?: boolean;\n}\n\n/\n The valid credential types\n /\nexport type CredentialType = \"public-key\";\n\n/\n Error code identifying the specific application error\n /\nexport type ErrorResponseError =\n \| \"default-role-must-be-in-allowed-roles\"\n \| \"disabled-endpoint\"\n \| \"disabled-user\"\n \| \"email-already-in-use\"\n \| \"email-already-verified\"\n \| \"forbidden-anonymous\"\n \| \"internal-server-error\"\n \| \"invalid-email-password\"\n \| \"invalid-request\"\n \| \"locale-not-allowed\"\n \| \"password-too-short\"\n \| \"password-in-hibp-database\"\n \| \"redirectTo-not-allowed\"\n \| \"role-not-allowed\"\n \| \"signup-disabled\"\n \| \"unverified-user\"\n \| \"user-not-anonymous\"\n \| \"invalid-pat\"\n \| \"invalid-refresh-token\"\n \| \"invalid-ticket\"\n \| \"disabled-mfa-totp\"\n \| \"no-totp-secret\"\n \| \"invalid-totp\"\n \| \"mfa-type-not-found\"\n \| \"totp-already-active\"\n \| \"invalid-state\"\n \| \"oauth-token-echange-failed\"\n \| \"oauth-profile-fetch-failed\"\n \| \"oauth-provider-error\"\n \| \"invalid-otp\"\n \| \"cannot-send-sms\";\n\n/\n Standardized error response\n @property status (`number`) - HTTP status error code\n * Example - `400`\n @property message (`string`) - Human-friendly error message\n * Example - `\"Invalid email format\"`\n @property error (`ErrorResponseError`) - Error code identifying the specific application error/\nexport interface ErrorResponse {\n /\n HTTP status error code\n * Example - `400`\n /\n status: number;\n /\n Human-friendly error message\n * Example - `\"Invalid email format\"`\n /\n message: string;\n /\n Error code identifying the specific application error\n /\n error: ErrorResponseError;\n}\n\n/\n \n /\nexport type IdTokenProvider = \"apple\" \| \"google\";\n\n/\n JSON Web Key for JWT verification\n @property alg (`string`) - Algorithm used with this key\n * Example - `\"RS256\"`\n @property e (`string`) - RSA public exponent\n * Example - `\"AQAB\"`\n @property kid (`string`) - Key ID\n * Example - `\"key-id-1\"`\n @property kty (`string`) - Key type\n * Example - `\"RSA\"`\n @property n (`string`) - RSA modulus\n * Example - `\"abcd1234...\"`\n @property use (`string`) - Key usage\n * Example - `\"sig\"`/\nexport interface JWK {\n /\n Algorithm used with this key\n * Example - `\"RS256\"`\n /\n alg: string;\n /\n RSA public exponent\n * Example - `\"AQAB\"`\n /\n e: string;\n /\n Key ID\n * Example - `\"key-id-1\"`\n /\n kid: string;\n /\n Key type\n * Example - `\"RSA\"`\n /\n kty: string;\n /\n RSA modulus\n * Example - `\"abcd1234...\"`\n /\n n: string;\n /\n Key usage\n * Example - `\"sig\"`\n /\n use: string;\n}\n\n/\n JSON Web Key Set for verifying JWT signatures\n @property keys (`JWK[]`) - Array of public keys/\nexport interface JWKSet {\n /\n Array of public keys\n /\n keys: JWK[];\n}\n\n/\n \n @property provider (`IdTokenProvider`) - \n @property idToken (`string`) - Apple ID token\n @property nonce? (`string`) - Nonce used during sign in process/\nexport interface LinkIdTokenRequest {\n /\n \n /\n provider: IdTokenProvider;\n /\n Apple ID token\n /\n idToken: string;\n /\n Nonce used during sign in process\n /\n nonce?: string;\n}\n\n/\n Challenge payload for multi-factor authentication\n @property ticket (`string`) - Ticket to use when completing the MFA challenge\n * Example - `\"mfaTotp:abc123def456\"`/\nexport interface MFAChallengePayload {\n /\n Ticket to use when completing the MFA challenge\n * Example - `\"mfaTotp:abc123def456\"`\n /\n ticket: string;\n}\n\n/\n \n /\nexport type OKResponse = \"OK\";\n\n/\n \n @property redirectTo? (`string`) - \n * Example - `\"https://my-app.com/catch-redirection\"`\n * Format - uri/\nexport interface OptionsRedirectTo {\n /\n \n * Example - `\"https://my-app.com/catch-redirection\"`\n * Format - uri\n /\n redirectTo?: string;\n}\n\n/\n \n @property rp (`RelyingPartyEntity`) - \n @property user (`UserEntity`) - \n @property challenge (`string`) - Base64url-encoded binary data\n * Format - byte\n @property pubKeyCredParams (`CredentialParameter[]`) - The desired credential types and their respective cryptographic parameters\n @property timeout? (`number`) - A time, in milliseconds, that the caller is willing to wait for the call to complete\n @property excludeCredentials? (`PublicKeyCredentialDescriptor[]`) - A list of PublicKeyCredentialDescriptor objects representing public key credentials that are not acceptable to the caller\n @property authenticatorSelection? (`AuthenticatorSelection`) - \n @property hints? (`PublicKeyCredentialHints[]`) - Hints to help guide the user through the experience\n @property attestation? (`ConveyancePreference`) - The attestation conveyance preference\n @property attestationFormats? (`AttestationFormat[]`) - The preferred attestation statement formats\n @property extensions? (`Record<string, unknown>`) - Additional parameters requesting additional processing by the client and authenticator/\nexport interface PublicKeyCredentialCreationOptions {\n /\n \n /\n rp: RelyingPartyEntity;\n /\n \n /\n user: UserEntity;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n challenge: string;\n /\n The desired credential types and their respective cryptographic parameters\n /\n pubKeyCredParams: CredentialParameter[];\n /\n A time, in milliseconds, that the caller is willing to wait for the call to complete\n /\n timeout?: number;\n /\n A list of PublicKeyCredentialDescriptor objects representing public key credentials that are not acceptable to the caller\n /\n excludeCredentials?: PublicKeyCredentialDescriptor[];\n /\n \n /\n authenticatorSelection?: AuthenticatorSelection;\n /\n Hints to help guide the user through the experience\n /\n hints?: PublicKeyCredentialHints[];\n /\n The attestation conveyance preference\n /\n attestation?: ConveyancePreference;\n /\n The preferred attestation statement formats\n /\n attestationFormats?: AttestationFormat[];\n /\n Additional parameters requesting additional processing by the client and authenticator\n /\n extensions?: Record<string, unknown>;\n}\n\n/\n \n @property type (`CredentialType`) - The valid credential types\n @property id (`string`) - Base64url-encoded binary data\n * Format - byte\n @property transports? (`AuthenticatorTransport[]`) - The authenticator transports that can be used/\nexport interface PublicKeyCredentialDescriptor {\n /\n The valid credential types\n /\n type: CredentialType;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n id: string;\n /\n The authenticator transports that can be used\n /\n transports?: AuthenticatorTransport[];\n}\n\n/\n Hints to help guide the user through the experience\n /\nexport type PublicKeyCredentialHints =\n \| \"security-key\"\n \| \"client-device\"\n \| \"hybrid\";\n\n/\n \n @property challenge (`string`) - Base64url-encoded binary data\n * Format - byte\n @property timeout? (`number`) - A time, in milliseconds, that the caller is willing to wait for the call to complete\n @property rpId? (`string`) - The RP ID the credential should be scoped to\n @property allowCredentials? (`PublicKeyCredentialDescriptor[]`) - A list of CredentialDescriptor objects representing public key credentials acceptable to the caller\n @property userVerification? (`UserVerificationRequirement`) - A requirement for user verification for the operation\n @property hints? (`PublicKeyCredentialHints[]`) - Hints to help guide the user through the experience\n @property extensions? (`Record<string, unknown>`) - Additional parameters requesting additional processing by the client and authenticator/\nexport interface PublicKeyCredentialRequestOptions {\n /\n Base64url-encoded binary data\n * Format - byte\n /\n challenge: string;\n /\n A time, in milliseconds, that the caller is willing to wait for the call to complete\n /\n timeout?: number;\n /\n The RP ID the credential should be scoped to\n /\n rpId?: string;\n /\n A list of CredentialDescriptor objects representing public key credentials acceptable to the caller\n /\n allowCredentials?: PublicKeyCredentialDescriptor[];\n /\n A requirement for user verification for the operation\n /\n userVerification?: UserVerificationRequirement;\n /\n Hints to help guide the user through the experience\n /\n hints?: PublicKeyCredentialHints[];\n /\n Additional parameters requesting additional processing by the client and authenticator\n /\n extensions?: Record<string, unknown>;\n}\n\n/\n OAuth2 provider session containing access and refresh tokens\n @property accessToken (`string`) - OAuth2 provider access token for API calls\n * Example - `\"ya29.a0AfH6SMBx...\"`\n @property expiresIn (`number`) - Number of seconds until the access token expires\n * Example - `3599`\n @property expiresAt (`string`) - Timestamp when the access token expires\n * Example - `\"2024-12-31T23:59:59Z\"`\n * Format - date-time\n @property refreshToken? (`string`) - OAuth2 provider refresh token for obtaining new access tokens (if provided by the provider)\n * Example - `\"1//0gK8...\"`/\nexport interface ProviderSession {\n /\n OAuth2 provider access token for API calls\n * Example - `\"ya29.a0AfH6SMBx...\"`\n /\n accessToken: string;\n /\n Number of seconds until the access token expires\n * Example - `3599`\n /\n expiresIn: number;\n /\n Timestamp when the access token expires\n * Example - `\"2024-12-31T23:59:59Z\"`\n * Format - date-time\n /\n expiresAt: string;\n /\n OAuth2 provider refresh token for obtaining new access tokens (if provided by the provider)\n * Example - `\"1//0gK8...\"`\n /\n refreshToken?: string;\n}\n\n/\n Request to refresh OAuth2 provider tokens\n @property refreshToken (`string`) - OAuth2 provider refresh token obtained from previous authentication\n * Example - `\"1//0gK8...\"`/\nexport interface RefreshProviderTokenRequest {\n /\n OAuth2 provider refresh token obtained from previous authentication\n * Example - `\"1//0gK8...\"`\n /\n refreshToken: string;\n}\n\n/\n Request to refresh an access token\n @property refreshToken (`string`) - Refresh token used to generate a new access token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b/\nexport interface RefreshTokenRequest {\n /\n Refresh token used to generate a new access token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n refreshToken: string;\n}\n\n/\n \n @property name (`string`) - A human-palatable name for the entity\n @property id (`string`) - A unique identifier for the Relying Party entity, which sets the RP ID/\nexport interface RelyingPartyEntity {\n /\n A human-palatable name for the entity\n /\n name: string;\n /\n A unique identifier for the Relying Party entity, which sets the RP ID\n /\n id: string;\n}\n\n/\n The resident key requirement\n /\nexport type ResidentKeyRequirement = \"discouraged\" \| \"preferred\" \| \"required\";\n\n/\n User authentication session containing tokens and user information\n @property accessToken (`string`) - JWT token for authenticating API requests\n * Example - `\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...\"`\n @property accessTokenExpiresIn (`number`) - Expiration time of the access token in seconds\n * Example - `900`\n * Format - int64\n @property refreshTokenId (`string`) - Identifier for the refresh token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n @property refreshToken (`string`) - Token used to refresh the access token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n @property user? (`User`) - User profile and account information/\nexport interface Session {\n /\n JWT token for authenticating API requests\n * Example - `\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...\"`\n /\n accessToken: string;\n /\n Expiration time of the access token in seconds\n * Example - `900`\n * Format - int64\n /\n accessTokenExpiresIn: number;\n /\n Identifier for the refresh token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n refreshTokenId: string;\n /\n Token used to refresh the access token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n refreshToken: string;\n /\n User profile and account information\n /\n user?: User;\n}\n\n/\n Container for session information\n @property session? (`Session`) - User authentication session containing tokens and user information/\nexport interface SessionPayload {\n /\n User authentication session containing tokens and user information\n /\n session?: Session;\n}\n\n/\n \n @property displayName? (`string`) - \n * Example - `\"John Smith\"`\n @property locale? (`string`) - A two-characters locale\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n @property metadata? (`Record<string, unknown>`) - \n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`/\nexport interface SignInAnonymousRequest {\n /\n \n * Example - `\"John Smith\"`\n /\n displayName?: string;\n /\n A two-characters locale\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n /\n locale?: string;\n /\n \n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`\n /\n metadata?: Record<string, unknown>;\n}\n\n/\n Request to authenticate using email and password\n @property email (`string`) - User's email address\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property password (`string`) - User's password\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50/\nexport interface SignInEmailPasswordRequest {\n /\n User's email address\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n User's password\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n /\n password: string;\n}\n\n/\n Response for email-password authentication that may include a session or MFA challenge\n @property session? (`Session`) - User authentication session containing tokens and user information\n @property mfa? (`MFAChallengePayload`) - Challenge payload for multi-factor authentication/\nexport interface SignInEmailPasswordResponse {\n /\n User authentication session containing tokens and user information\n /\n session?: Session;\n /\n Challenge payload for multi-factor authentication\n /\n mfa?: MFAChallengePayload;\n}\n\n/\n \n @property provider (`IdTokenProvider`) - \n @property idToken (`string`) - Apple ID token\n @property nonce? (`string`) - Nonce used during sign in process\n @property options? (`SignUpOptions`) - /\nexport interface SignInIdTokenRequest {\n /\n \n /\n provider: IdTokenProvider;\n /\n Apple ID token\n /\n idToken: string;\n /\n Nonce used during sign in process\n /\n nonce?: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property ticket (`string`) - Ticket\n * Pattern - ^mfaTotp:.$\n @property otp (`string`) - One time password/\nexport interface SignInMfaTotpRequest {\n /*\n Ticket\n * Pattern - ^mfaTotp:.$\n /\n ticket: string;\n /*\n One time password\n /\n otp: string;\n}\n\n/\n \n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`SignUpOptions`) - /\nexport interface SignInOTPEmailRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property otp (`string`) - One time password\n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email/\nexport interface SignInOTPEmailVerifyRequest {\n /\n One time password\n /\n otp: string;\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n}\n\n/\n \n @property session? (`Session`) - User authentication session containing tokens and user information/\nexport interface SignInOTPEmailVerifyResponse {\n /\n User authentication session containing tokens and user information\n /\n session?: Session;\n}\n\n/\n \n @property personalAccessToken (`string`) - PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b/\nexport interface SignInPATRequest {\n /\n PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n personalAccessToken: string;\n}\n\n/\n \n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`SignUpOptions`) - /\nexport interface SignInPasswordlessEmailRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property phoneNumber (`string`) - Phone number of the user\n * Example - `\"+123456789\"`\n @property otp (`string`) - One-time password received by SMS/\nexport interface SignInPasswordlessSmsOtpRequest {\n /\n Phone number of the user\n * Example - `\"+123456789\"`\n /\n phoneNumber: string;\n /\n One-time password received by SMS\n /\n otp: string;\n}\n\n/\n \n @property session? (`Session`) - User authentication session containing tokens and user information\n @property mfa? (`MFAChallengePayload`) - Challenge payload for multi-factor authentication/\nexport interface SignInPasswordlessSmsOtpResponse {\n /\n User authentication session containing tokens and user information\n /\n session?: Session;\n /\n Challenge payload for multi-factor authentication\n /\n mfa?: MFAChallengePayload;\n}\n\n/\n \n @property phoneNumber (`string`) - Phone number of the user\n * Example - `\"+123456789\"`\n @property options? (`SignUpOptions`) - /\nexport interface SignInPasswordlessSmsRequest {\n /\n Phone number of the user\n * Example - `\"+123456789\"`\n /\n phoneNumber: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property email? (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email/\nexport interface SignInWebauthnRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email?: string;\n}\n\n/\n \n @property email? (`string`) - A valid email. Deprecated, no longer used\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property credential (`CredentialAssertionResponse`) - /\nexport interface SignInWebauthnVerifyRequest {\n /\n A valid email. Deprecated, no longer used\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email?: string;\n /\n \n /\n credential: CredentialAssertionResponse;\n}\n\n/\n \n @property refreshToken? (`string`) - Refresh token for the current session\n @property all? (`boolean`) - Sign out from all connected devices/\nexport interface SignOutRequest {\n /\n Refresh token for the current session\n /\n refreshToken?: string;\n /\n Sign out from all connected devices\n /\n all?: boolean;\n}\n\n/\n Request to register a new user with email and password\n @property email (`string`) - Email address for the new user account\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property password (`string`) - Password for the new user account\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n @property options? (`SignUpOptions`) - /\nexport interface SignUpEmailPasswordRequest {\n /\n Email address for the new user account\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n Password for the new user account\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n /\n password: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property allowedRoles? (`string[]`) - \n * Example - `[\"me\",\"user\"]`\n @property defaultRole? (`string`) - \n * Example - `\"user\"`\n @property displayName? (`string`) - \n * Example - `\"John Smith\"`\n * Pattern - ^[\\p{L}\\p{N}\\p{S} ,.'-]+$\n * MaxLength - 32\n @property locale? (`string`) - A two-characters locale\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n @property metadata? (`Record<string, unknown>`) - \n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`\n @property redirectTo? (`string`) - \n * Example - `\"https://my-app.com/catch-redirection\"`\n * Format - uri/\nexport interface SignUpOptions {\n /\n \n * Example - `[\"me\",\"user\"]`\n /\n allowedRoles?: string[];\n /\n \n * Example - `\"user\"`\n /\n defaultRole?: string;\n /\n \n * Example - `\"John Smith\"`\n * Pattern - ^[\\p{L}\\p{N}\\p{S} ,.'-]+$\n * MaxLength - 32\n /\n displayName?: string;\n /\n A two-characters locale\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n /\n locale?: string;\n /\n \n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`\n /\n metadata?: Record<string, unknown>;\n /\n \n * Example - `\"https://my-app.com/catch-redirection\"`\n * Format - uri\n /\n redirectTo?: string;\n}\n\n/\n \n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`SignUpOptions`) - /\nexport interface SignUpWebauthnRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property credential (`CredentialCreationResponse`) - \n @property options? (`SignUpOptions`) - \n @property nickname? (`string`) - Nickname for the security key/\nexport interface SignUpWebauthnVerifyRequest {\n /\n \n /\n credential: CredentialCreationResponse;\n /\n \n /\n options?: SignUpOptions;\n /\n Nickname for the security key\n /\n nickname?: string;\n}\n\n/\n Response containing TOTP setup information for MFA\n @property imageUrl (`string`) - URL to QR code image for scanning with an authenticator app\n * Example - `\"data:image/png;base64,iVBORw0KGg...\"`\n @property totpSecret (`string`) - TOTP secret key for manual setup with an authenticator app\n * Example - `\"ABCDEFGHIJK23456\"`/\nexport interface TotpGenerateResponse {\n /\n URL to QR code image for scanning with an authenticator app\n * Example - `\"data:image/png;base64,iVBORw0KGg...\"`\n /\n imageUrl: string;\n /\n TOTP secret key for manual setup with an authenticator app\n * Example - `\"ABCDEFGHIJK23456\"`\n /\n totpSecret: string;\n}\n\n/\n Base64url-encoded binary data\n /\nexport type URLEncodedBase64 = string;\n\n/\n User profile and account information\n @property avatarUrl (`string`) - URL to the user's profile picture\n * Example - `\"https://myapp.com/avatars/user123.jpg\"`\n @property createdAt (`string`) - Timestamp when the user account was created\n * Example - `\"2023-01-15T12:34:56Z\"`\n * Format - date-time\n @property defaultRole (`string`) - Default authorization role for the user\n * Example - `\"user\"`\n @property displayName (`string`) - User's display name\n * Example - `\"John Smith\"`\n @property email? (`string`) - User's email address\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property emailVerified (`boolean`) - Whether the user's email has been verified\n * Example - `true`\n @property id (`string`) - Unique identifier for the user\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n @property isAnonymous (`boolean`) - Whether this is an anonymous user account\n * Example - `false`\n @property locale (`string`) - User's preferred locale (language code)\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n @property metadata (`Record<string, unknown>`) - Custom metadata associated with the user\n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`\n @property phoneNumber? (`string`) - User's phone number\n * Example - `\"+12025550123\"`\n @property phoneNumberVerified (`boolean`) - Whether the user's phone number has been verified\n * Example - `false`\n @property roles (`string[]`) - List of roles assigned to the user\n * Example - `[\"user\",\"customer\"]`\n @property activeMfaType? (`string`) - Active MFA type for the user/\nexport interface User {\n /\n URL to the user's profile picture\n * Example - `\"https://myapp.com/avatars/user123.jpg\"`\n /\n avatarUrl: string;\n /\n Timestamp when the user account was created\n * Example - `\"2023-01-15T12:34:56Z\"`\n * Format - date-time\n /\n createdAt: string;\n /\n Default authorization role for the user\n * Example - `\"user\"`\n /\n defaultRole: string;\n /\n User's display name\n * Example - `\"John Smith\"`\n /\n displayName: string;\n /\n User's email address\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email?: string;\n /\n Whether the user's email has been verified\n * Example - `true`\n /\n emailVerified: boolean;\n /\n Unique identifier for the user\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n id: string;\n /\n Whether this is an anonymous user account\n * Example - `false`\n /\n isAnonymous: boolean;\n /\n User's preferred locale (language code)\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n /\n locale: string;\n /\n Custom metadata associated with the user\n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`\n /\n metadata: Record<string, unknown>;\n /\n User's phone number\n * Example - `\"+12025550123\"`\n /\n phoneNumber?: string;\n /\n Whether the user's phone number has been verified\n * Example - `false`\n /\n phoneNumberVerified: boolean;\n /\n List of roles assigned to the user\n * Example - `[\"user\",\"customer\"]`\n /\n roles: string[];\n /\n Active MFA type for the user\n /\n activeMfaType?: string;\n}\n\n/\n Which sign-in method to use\n /\nexport type UserDeanonymizeRequestSignInMethod =\n \| \"email-password\"\n \| \"passwordless\";\n\n/\n \n @property signInMethod (`UserDeanonymizeRequestSignInMethod`) - Which sign-in method to use\n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property password? (`string`) - A password of minimum 3 characters\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n @property connection? (`string`) - Deprecated, will be ignored\n @property options? (`SignUpOptions`) - /\nexport interface UserDeanonymizeRequest {\n /\n Which sign-in method to use\n /\n signInMethod: UserDeanonymizeRequestSignInMethod;\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n A password of minimum 3 characters\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n /\n password?: string;\n /\n Deprecated, will be ignored\n /\n connection?: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property newEmail (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`OptionsRedirectTo`) - /\nexport interface UserEmailChangeRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n newEmail: string;\n /\n \n /\n options?: OptionsRedirectTo;\n}\n\n/\n \n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`OptionsRedirectTo`) - /\nexport interface UserEmailSendVerificationEmailRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n \n /\n options?: OptionsRedirectTo;\n}\n\n/\n \n @property name (`string`) - A human-palatable name for the entity\n @property displayName (`string`) - A human-palatable name for the user account, intended only for display\n @property id (`string`) - The user handle of the user account entity/\nexport interface UserEntity {\n /\n A human-palatable name for the entity\n /\n name: string;\n /\n A human-palatable name for the user account, intended only for display\n /\n displayName: string;\n /\n The user handle of the user account entity\n /\n id: string;\n}\n\n/\n Type of MFA to activate. Use empty string to disable MFA.\n /\nexport type UserMfaRequestActiveMfaType = \"totp\" \| \"\";\n\n/\n Request to activate or deactivate multi-factor authentication\n @property code (`string`) - Verification code from the authenticator app when activating MFA\n * Example - `\"123456\"`\n @property activeMfaType? (`UserMfaRequestActiveMfaType`) - Type of MFA to activate. Use empty string to disable MFA.\n * Example - `\"totp\"`/\nexport interface UserMfaRequest {\n /\n Verification code from the authenticator app when activating MFA\n * Example - `\"123456\"`\n /\n code: string;\n /\n Type of MFA to activate. Use empty string to disable MFA.\n * Example - `\"totp\"`\n /\n activeMfaType?: UserMfaRequestActiveMfaType;\n}\n\n/\n \n @property newPassword (`string`) - A password of minimum 3 characters\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n @property ticket? (`string`) - Ticket to reset the password, required if the user is not authenticated\n * Pattern - ^passwordReset\\:.$/\nexport interface UserPasswordRequest {\n /*\n A password of minimum 3 characters\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n /\n newPassword: string;\n /\n Ticket to reset the password, required if the user is not authenticated\n * Pattern - ^passwordReset\\:.$\n /\n ticket?: string;\n}\n\n/*\n \n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`OptionsRedirectTo`) - /\nexport interface UserPasswordResetRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n \n /\n options?: OptionsRedirectTo;\n}\n\n/\n A requirement for user verification for the operation\n /\nexport type UserVerificationRequirement =\n \| \"required\"\n \| \"preferred\"\n \| \"discouraged\";\n\n/\n \n @property credential (`CredentialCreationResponse`) - \n @property nickname? (`string`) - Optional nickname for the security key/\nexport interface VerifyAddSecurityKeyRequest {\n /\n \n /\n credential: CredentialCreationResponse;\n /\n Optional nickname for the security key\n /\n nickname?: string;\n}\n\n/\n \n @property id (`string`) - The ID of the newly added security key\n * Example - `\"123e4567-e89b-12d3-a456-426614174000\"`\n @property nickname? (`string`) - The nickname of the security key if provided/\nexport interface VerifyAddSecurityKeyResponse {\n /\n The ID of the newly added security key\n * Example - `\"123e4567-e89b-12d3-a456-426614174000\"`\n /\n id: string;\n /\n The nickname of the security key if provided\n /\n nickname?: string;\n}\n\n/\n \n @property token? (`string`) - JWT token to verify/\nexport interface VerifyTokenRequest {\n /\n JWT token to verify\n /\n token?: string;\n}\n\n/\n Target URL for the redirect\n /\nexport type RedirectToQuery = string;\n\n/\n \n /\nexport type SignInProvider =\n \| \"apple\"\n \| \"github\"\n \| \"google\"\n \| \"linkedin\"\n \| \"discord\"\n \| \"spotify\"\n \| \"twitch\"\n \| \"gitlab\"\n \| \"bitbucket\"\n \| \"workos\"\n \| \"azuread\"\n \| \"entraid\"\n \| \"strava\"\n \| \"facebook\"\n \| \"windowslive\"\n \| \"twitter\";\n\n/\n Ticket\n /\nexport type TicketQuery = string;\n\n/\n Type of the ticket\n /\nexport type TicketTypeQuery =\n \| \"emailVerify\"\n \| \"emailConfirmChange\"\n \| \"signinPasswordless\"\n \| \"passwordReset\";\n\n/\n \n @property version (`string`) - The version of the authentication service\n * Example - `\"1.2.3\"`/\nexport interface GetVersionResponse200 {\n /\n The version of the authentication service\n * Example - `\"1.2.3\"`\n /\n version: string;\n}\n\n/\n Parameters for the signInProvider method.\n @property allowedRoles? (string[]) - Array of allowed roles for the user\n \n @property defaultRole? (string) - Default role for the user\n \n @property displayName? (string) - Display name for the user\n \n @property locale? (string) - A two-characters locale\n \n @property metadata? (Record<string, unknown>) - Additional metadata for the user (JSON encoded string)\n \n @property redirectTo? (string) - URI to redirect to\n \n @property connect? (string) - If set, this means that the user is already authenticated and wants to link their account. This needs to be a valid JWT access token.\n \n @property state? (string) - Opaque state value to be returned by the provider\n /\nexport interface SignInProviderParams {\n /\n Array of allowed roles for the user\n \n /\n allowedRoles?: string[];\n /\n Default role for the user\n \n /\n defaultRole?: string;\n /\n Display name for the user\n \n /\n displayName?: string;\n /\n A two-characters locale\n \n /\n locale?: string;\n /\n Additional metadata for the user (JSON encoded string)\n \n /\n metadata?: Record<string, unknown>;\n /\n URI to redirect to\n \n /\n redirectTo?: string;\n /\n If set, this means that the user is already authenticated and wants to link their account. This needs to be a valid JWT access token.\n \n /\n connect?: string;\n /\n Opaque state value to be returned by the provider\n \n /\n state?: string;\n}\n/\n Parameters for the verifyTicket method.\n @property ticket (TicketQuery) - Ticket\n \n * Ticket\n @property type? (TicketTypeQuery) - Type of the ticket. Deprecated, no longer used\n \n * Type of the ticket\n @property redirectTo (RedirectToQuery) - Target URL for the redirect\n \n * Target URL for the redirect/\nexport interface VerifyTicketParams {\n /\n Ticket\n \n * Ticket\n /\n ticket: TicketQuery;\n /\n Type of the ticket. Deprecated, no longer used\n \n * Type of the ticket\n /\n type?: TicketTypeQuery;\n /\n Target URL for the redirect\n \n * Target URL for the redirect\n /\n redirectTo: RedirectToQuery;\n}\n\nexport interface Client {\n baseURL: string;\n\n /* Add a middleware function to the fetch chain\n * @param chainFunction - The middleware function to add\n /\n pushChainFunction(chainFunction: ChainFunction): void;\n /\n Summary: Get public keys for JWT verification in JWK Set format\n Retrieve the JSON Web Key Set (JWKS) containing public keys used to verify JWT signatures. This endpoint is used by clients to validate access tokens.\n\n This method may return different T based on the response code:\n - 200: JWKSet\n /\n getJWKs(options?: RequestInit): Promise<FetchResponse<JWKSet>>;\n\n /*\n Summary: Elevate access for an already signed in user using FIDO2 Webauthn\n Generate a Webauthn challenge for elevating user permissions\n\n This method may return different T based on the response code:\n - 200: PublicKeyCredentialRequestOptions\n /\n elevateWebauthn(\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialRequestOptions>>;\n\n /*\n Summary: Verify FIDO2 Webauthn authentication using public-key cryptography for elevation\n Complete Webauthn elevation by verifying the authentication response\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n verifyElevateWebauthn(\n body: SignInWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Health check (GET)\n Verify if the authentication service is operational using GET method\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n healthCheckGet(options?: RequestInit): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Health check (HEAD)\n Verify if the authentication service is operational using HEAD method\n\n This method may return different T based on the response code:\n - 200: void\n /\n healthCheckHead(options?: RequestInit): Promise<FetchResponse<void>>;\n\n /*\n Summary: Link a user account with the provider's account using an id token\n Link the authenticated user's account with an external OAuth provider account using an ID token. Requires elevated permissions.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n linkIdToken(\n body: LinkIdTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Generate TOTP secret\n Generate a Time-based One-Time Password (TOTP) secret for setting up multi-factor authentication\n\n This method may return different T based on the response code:\n - 200: TotpGenerateResponse\n /\n changeUserMfa(\n options?: RequestInit,\n ): Promise<FetchResponse<TotpGenerateResponse>>;\n\n /*\n Summary: Create a Personal Access Token (PAT)\n Generate a new Personal Access Token for programmatic API access. PATs are long-lived tokens that can be used instead of regular authentication for automated systems. Requires elevated permissions.\n\n This method may return different T based on the response code:\n - 200: CreatePATResponse\n /\n createPAT(\n body: CreatePATRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<CreatePATResponse>>;\n\n /*\n Summary: Sign in anonymously\n Create an anonymous user session without providing credentials. Anonymous users can be converted to regular users later via the deanonymize endpoint.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n signInAnonymous(\n body?: SignInAnonymousRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Sign in with email and password\n Authenticate a user with their email and password. Returns a session object or MFA challenge if two-factor authentication is enabled.\n\n This method may return different T based on the response code:\n - 200: SignInEmailPasswordResponse\n /\n signInEmailPassword(\n body: SignInEmailPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInEmailPasswordResponse>>;\n\n /*\n Summary: Sign in with an ID token\n Authenticate using an ID token from a supported OAuth provider (Apple or Google). Creates a new user account if one doesn't exist.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n signInIdToken(\n body: SignInIdTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Verify TOTP for MFA\n Complete the multi-factor authentication by verifying a Time-based One-Time Password (TOTP). Returns a session if validation is successful.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n verifySignInMfaTotp(\n body: SignInMfaTotpRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Sign in with email OTP\n Initiate email-based one-time password authentication. Sends an OTP to the specified email address. If the user doesn't exist, a new account will be created with the provided options.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n signInOTPEmail(\n body: SignInOTPEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Verify email OTP\n Complete email OTP authentication by verifying the one-time password. Returns a session if validation is successful.\n\n This method may return different T based on the response code:\n - 200: SignInOTPEmailVerifyResponse\n /\n verifySignInOTPEmail(\n body: SignInOTPEmailVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInOTPEmailVerifyResponse>>;\n\n /*\n Summary: Sign in with magic link email\n Initiate passwordless authentication by sending a magic link to the user's email. If the user doesn't exist, a new account will be created with the provided options.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n signInPasswordlessEmail(\n body: SignInPasswordlessEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Sign in with SMS OTP\n Initiate passwordless authentication by sending a one-time password to the user's phone number. If the user doesn't exist, a new account will be created with the provided options.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n signInPasswordlessSms(\n body: SignInPasswordlessSmsRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Verify SMS OTP\n Complete passwordless SMS authentication by verifying the one-time password. Returns a session if validation is successful.\n\n This method may return different T based on the response code:\n - 200: SignInPasswordlessSmsOtpResponse\n /\n verifySignInPasswordlessSms(\n body: SignInPasswordlessSmsOtpRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInPasswordlessSmsOtpResponse>>;\n\n /*\n Summary: Sign in with Personal Access Token (PAT)\n Authenticate using a Personal Access Token. PATs are long-lived tokens that can be used for programmatic access to the API.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n signInPAT(\n body: SignInPATRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Sign in with an OAuth2 provider\n Initiate OAuth2 authentication flow with a social provider. Redirects the user to the provider's authorization page.\n\n As this method is a redirect, it returns a URL string instead of a Promise\n /\n signInProviderURL(\n provider: SignInProvider,\n params?: SignInProviderParams,\n options?: RequestInit,\n ): string;\n\n /*\n Summary: Retrieve OAuth2 provider tokens from callback\n After successful OAuth2 authentication, retrieve the provider session containing access token, refresh token, and expiration information for the specified provider. To ensure the data isn't stale this endpoint must be called immediately after the OAuth callback to obtain the tokens. The session is cleared from the database during this call, so subsequent calls will fail without going through the sign-in flow again. It is the user's responsibility to store the session safely (e.g., in browser local storage).\n\n This method may return different T based on the response code:\n - 200: ProviderSession\n /\n getProviderTokens(\n provider: SignInProvider,\n options?: RequestInit,\n ): Promise<FetchResponse<ProviderSession>>;\n\n /*\n Summary: Sign in with Webauthn\n Initiate a Webauthn sign-in process by sending a challenge to the user's device. The user must have previously registered a Webauthn credential.\n\n This method may return different T based on the response code:\n - 200: PublicKeyCredentialRequestOptions\n /\n signInWebauthn(\n body?: SignInWebauthnRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialRequestOptions>>;\n\n /*\n Summary: Verify Webauthn sign-in\n Complete the Webauthn sign-in process by verifying the response from the user's device. Returns a session if validation is successful.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n verifySignInWebauthn(\n body: SignInWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Sign out\n End the current user session by invalidating refresh tokens. Optionally sign out from all devices.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n signOut(\n body: SignOutRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Sign up with email and password\n Register a new user account with email and password. Returns a session if email verification is not required, otherwise returns null session.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n signUpEmailPassword(\n body: SignUpEmailPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Sign up with Webauthn\n Initiate a Webauthn sign-up process by sending a challenge to the user's device. The user must not have an existing account.\n\n This method may return different T based on the response code:\n - 200: PublicKeyCredentialCreationOptions\n /\n signUpWebauthn(\n body: SignUpWebauthnRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialCreationOptions>>;\n\n /*\n Summary: Verify Webauthn sign-up\n Complete the Webauthn sign-up process by verifying the response from the user's device. Returns a session if validation is successful.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n verifySignUpWebauthn(\n body: SignUpWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Refresh access token\n Generate a new JWT access token using a valid refresh token. The refresh token used will be revoked and a new one will be issued.\n\n This method may return different T based on the response code:\n - 200: Session\n /\n refreshToken(\n body: RefreshTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<Session>>;\n\n /*\n Summary: Refresh OAuth2 provider tokens\n Refresh the OAuth2 provider access token using a valid refresh token. Returns a new provider session with updated access token, refresh token (if rotated by provider), and expiration information. This endpoint allows maintaining long-lived access to provider APIs without requiring the user to re-authenticate.\n\n This method may return different T based on the response code:\n - 200: ProviderSession\n /\n refreshProviderToken(\n provider: SignInProvider,\n body: RefreshProviderTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<ProviderSession>>;\n\n /*\n Summary: Verify JWT token\n Verify the validity of a JWT access token. If no request body is provided, the Authorization header will be used for verification.\n\n This method may return different T based on the response code:\n - 200: string\n /\n verifyToken(\n body?: VerifyTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<string>>;\n\n /*\n Summary: Get user information\n Retrieve the authenticated user's profile information including roles, metadata, and account status.\n\n This method may return different T based on the response code:\n - 200: User\n /\n getUser(options?: RequestInit): Promise<FetchResponse<User>>;\n\n /*\n Summary: Deanonymize an anonymous user\n Convert an anonymous user to a regular user by adding email and optionally password credentials. A confirmation email will be sent if the server is configured to do so.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n deanonymizeUser(\n body: UserDeanonymizeRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Change user email\n Request to change the authenticated user's email address. A verification email will be sent to the new address to confirm the change. Requires elevated permissions.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n changeUserEmail(\n body: UserEmailChangeRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Send verification email\n Send an email verification link to the specified email address. Used to verify email addresses for new accounts or email changes.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n sendVerificationEmail(\n body: UserEmailSendVerificationEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Manage multi-factor authentication\n Activate or deactivate multi-factor authentication for the authenticated user\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n verifyChangeUserMfa(\n body: UserMfaRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Change user password\n Change the user's password. The user must be authenticated with elevated permissions or provide a valid password reset ticket.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n changeUserPassword(\n body: UserPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Request password reset\n Request a password reset for a user account. An email with a verification link will be sent to the user's email address to complete the password reset process.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n sendPasswordResetEmail(\n body: UserPasswordResetRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Initialize adding of a new webauthn security key\n Start the process of adding a new WebAuthn security key to the user's account. Returns a challenge that must be completed by the user's authenticator device. Requires elevated permissions.\n\n This method may return different T based on the response code:\n - 200: PublicKeyCredentialCreationOptions\n /\n addSecurityKey(\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialCreationOptions>>;\n\n /*\n Summary: Verify adding of a new webauthn security key\n Complete the process of adding a new WebAuthn security key by verifying the authenticator response. Requires elevated permissions.\n\n This method may return different T based on the response code:\n - 200: VerifyAddSecurityKeyResponse\n /\n verifyAddSecurityKey(\n body: VerifyAddSecurityKeyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<VerifyAddSecurityKeyResponse>>;\n\n /*\n Summary: Verify email and authentication tickets\n Verify tickets created by email verification, magic link authentication, or password reset processes. Redirects the user to the appropriate destination upon successful verification.\n\n As this method is a redirect, it returns a URL string instead of a Promise\n /\n verifyTicketURL(params?: VerifyTicketParams, options?: RequestInit): string;\n\n /*\n Summary: Get service version\n Retrieve version information about the authentication service\n\n This method may return different T based on the response code:\n - 200: GetVersionResponse200\n /\n getVersion(\n options?: RequestInit,\n ): Promise<FetchResponse<GetVersionResponse200>>;\n}\n\nexport const createAPIClient = (\n baseURL: string,\n chainFunctions: ChainFunction[] = [],\n): Client => {\n let fetch = createEnhancedFetch(chainFunctions);\n\n const pushChainFunction = (chainFunction: ChainFunction) => {\n chainFunctions.push(chainFunction);\n fetch = createEnhancedFetch(chainFunctions);\n };\n const getJWKs = async (\n options?: RequestInit,\n ): Promise<FetchResponse<JWKSet>> => {\n const url = `${baseURL}/.well-known/jwks.json`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: JWKSet = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<JWKSet>;\n };\n\n const elevateWebauthn = async (\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialRequestOptions>> => {\n const url = `${baseURL}/elevate/webauthn`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: PublicKeyCredentialRequestOptions = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<PublicKeyCredentialRequestOptions>;\n };\n\n const verifyElevateWebauthn = async (\n body: SignInWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/elevate/webauthn/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const healthCheckGet = async (\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/healthz`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const healthCheckHead = async (\n options?: RequestInit,\n ): Promise<FetchResponse<void>> => {\n const url = `${baseURL}/healthz`;\n const res = await fetch(url, {\n ...options,\n method: \"HEAD\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const payload: undefined = undefined;\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<void>;\n };\n\n const linkIdToken = async (\n body: LinkIdTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/link/idtoken`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const changeUserMfa = async (\n options?: RequestInit,\n ): Promise<FetchResponse<TotpGenerateResponse>> => {\n const url = `${baseURL}/mfa/totp/generate`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: TotpGenerateResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<TotpGenerateResponse>;\n };\n\n const createPAT = async (\n body: CreatePATRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<CreatePATResponse>> => {\n const url = `${baseURL}/pat`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: CreatePATResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<CreatePATResponse>;\n };\n\n const signInAnonymous = async (\n body?: SignInAnonymousRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signin/anonymous`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const signInEmailPassword = async (\n body: SignInEmailPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInEmailPasswordResponse>> => {\n const url = `${baseURL}/signin/email-password`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SignInEmailPasswordResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SignInEmailPasswordResponse>;\n };\n\n const signInIdToken = async (\n body: SignInIdTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signin/idtoken`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const verifySignInMfaTotp = async (\n body: SignInMfaTotpRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signin/mfa/totp`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const signInOTPEmail = async (\n body: SignInOTPEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/signin/otp/email`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const verifySignInOTPEmail = async (\n body: SignInOTPEmailVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInOTPEmailVerifyResponse>> => {\n const url = `${baseURL}/signin/otp/email/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SignInOTPEmailVerifyResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SignInOTPEmailVerifyResponse>;\n };\n\n const signInPasswordlessEmail = async (\n body: SignInPasswordlessEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/signin/passwordless/email`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const signInPasswordlessSms = async (\n body: SignInPasswordlessSmsRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/signin/passwordless/sms`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const verifySignInPasswordlessSms = async (\n body: SignInPasswordlessSmsOtpRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInPasswordlessSmsOtpResponse>> => {\n const url = `${baseURL}/signin/passwordless/sms/otp`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SignInPasswordlessSmsOtpResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SignInPasswordlessSmsOtpResponse>;\n };\n\n const signInPAT = async (\n body: SignInPATRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signin/pat`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const signInProviderURL = (\n provider: SignInProvider,\n params?: SignInProviderParams,\n ): string => {\n const encodedParameters =\n params &&\n Object.entries(params)\n .map(([key, value]) => {\n const stringValue = Array.isArray(value)\n ? value.join(\",\")\n : typeof value === \"object\"\n ? JSON.stringify(value)\n : (value as string);\n return `${key}=${encodeURIComponent(stringValue)}`;\n })\n .join(\"&\");\n\n const url = encodedParameters\n ? `${baseURL}/signin/provider/${provider}?${encodedParameters}`\n : `${baseURL}/signin/provider/${provider}`;\n return url;\n };\n\n const getProviderTokens = async (\n provider: SignInProvider,\n options?: RequestInit,\n ): Promise<FetchResponse<ProviderSession>> => {\n const url = `${baseURL}/signin/provider/${provider}/callback/tokens`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: ProviderSession = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<ProviderSession>;\n };\n\n const signInWebauthn = async (\n body?: SignInWebauthnRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialRequestOptions>> => {\n const url = `${baseURL}/signin/webauthn`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: PublicKeyCredentialRequestOptions = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<PublicKeyCredentialRequestOptions>;\n };\n\n const verifySignInWebauthn = async (\n body: SignInWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signin/webauthn/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const signOut = async (\n body: SignOutRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/signout`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const signUpEmailPassword = async (\n body: SignUpEmailPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signup/email-password`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const signUpWebauthn = async (\n body: SignUpWebauthnRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialCreationOptions>> => {\n const url = `${baseURL}/signup/webauthn`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: PublicKeyCredentialCreationOptions = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<PublicKeyCredentialCreationOptions>;\n };\n\n const verifySignUpWebauthn = async (\n body: SignUpWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signup/webauthn/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const refreshToken = async (\n body: RefreshTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<Session>> => {\n const url = `${baseURL}/token`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: Session = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<Session>;\n };\n\n const refreshProviderToken = async (\n provider: SignInProvider,\n body: RefreshProviderTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<ProviderSession>> => {\n const url = `${baseURL}/token/provider/${provider}`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: ProviderSession = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<ProviderSession>;\n };\n\n const verifyToken = async (\n body?: VerifyTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<string>> => {\n const url = `${baseURL}/token/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: string = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<string>;\n };\n\n const getUser = async (\n options?: RequestInit,\n ): Promise<FetchResponse<User>> => {\n const url = `${baseURL}/user`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: User = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<User>;\n };\n\n const deanonymizeUser = async (\n body: UserDeanonymizeRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/deanonymize`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const changeUserEmail = async (\n body: UserEmailChangeRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/email/change`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const sendVerificationEmail = async (\n body: UserEmailSendVerificationEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/email/send-verification-email`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const verifyChangeUserMfa = async (\n body: UserMfaRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/mfa`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const changeUserPassword = async (\n body: UserPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/password`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const sendPasswordResetEmail = async (\n body: UserPasswordResetRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/password/reset`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const addSecurityKey = async (\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialCreationOptions>> => {\n const url = `${baseURL}/user/webauthn/add`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: PublicKeyCredentialCreationOptions = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<PublicKeyCredentialCreationOptions>;\n };\n\n const verifyAddSecurityKey = async (\n body: VerifyAddSecurityKeyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<VerifyAddSecurityKeyResponse>> => {\n const url = `${baseURL}/user/webauthn/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: VerifyAddSecurityKeyResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<VerifyAddSecurityKeyResponse>;\n };\n\n const verifyTicketURL = (params?: VerifyTicketParams): string => {\n const encodedParameters =\n params &&\n Object.entries(params)\n .map(([key, value]) => {\n const stringValue = Array.isArray(value)\n ? value.join(\",\")\n : typeof value === \"object\"\n ? JSON.stringify(value)\n : (value as string);\n return `${key}=${encodeURIComponent(stringValue)}`;\n })\n .join(\"&\");\n\n const url = encodedParameters\n ? `${baseURL}/verify?${encodedParameters}`\n : `${baseURL}/verify`;\n return url;\n };\n\n const getVersion = async (\n options?: RequestInit,\n ): Promise<FetchResponse<GetVersionResponse200>> => {\n const url = `${baseURL}/version`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: GetVersionResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<GetVersionResponse200>;\n };\n\n return {\n baseURL,\n pushChainFunction,\n getJWKs,\n elevateWebauthn,\n verifyElevateWebauthn,\n healthCheckGet,\n healthCheckHead,\n linkIdToken,\n changeUserMfa,\n createPAT,\n signInAnonymous,\n signInEmailPassword,\n signInIdToken,\n verifySignInMfaTotp,\n signInOTPEmail,\n verifySignInOTPEmail,\n signInPasswordlessEmail,\n signInPasswordlessSms,\n verifySignInPasswordlessSms,\n signInPAT,\n signInProviderURL,\n getProviderTokens,\n signInWebauthn,\n verifySignInWebauthn,\n signOut,\n signUpEmailPassword,\n signUpWebauthn,\n verifySignUpWebauthn,\n refreshToken,\n refreshProviderToken,\n verifyToken,\n getUser,\n deanonymizeUser,\n changeUserEmail,\n sendVerificationEmail,\n verifyChangeUserMfa,\n changeUserPassword,\n sendPasswordResetEmail,\n addSecurityKey,\n verifyAddSecurityKey,\n verifyTicketURL,\n getVersion,\n };\n};\n","/*\n This file is auto-generated. Do not edit manually.\n /\n\nimport type { ChainFunction, FetchResponse } from \"../fetch\";\nimport { createEnhancedFetch, FetchError } from \"../fetch\";\n\n/\n Date in RFC 2822 format\n /\nexport type RFC2822Date = string;\n\n/\n Error details.\n @property message (`string`) - Human-readable error message.\n * Example - `\"File not found\"`\n @property data? (`Record<string, unknown>`) - Additional data related to the error, if any./\nexport interface ErrorResponseError {\n /\n Human-readable error message.\n * Example - `\"File not found\"`\n /\n message: string;\n /\n Additional data related to the error, if any.\n /\n data?: Record<string, unknown>;\n}\n\n/\n Error information returned by the API.\n @property error? (`ErrorResponseError`) - Error details./\nexport interface ErrorResponse {\n /\n Error details.\n /\n error?: ErrorResponseError;\n}\n\n/\n Error details.\n @property message (`string`) - Human-readable error message.\n * Example - `\"File not found\"`\n @property data? (`Record<string, unknown>`) - Additional data related to the error, if any./\nexport interface ErrorResponseWithProcessedFilesError {\n /\n Human-readable error message.\n * Example - `\"File not found\"`\n /\n message: string;\n /\n Additional data related to the error, if any.\n /\n data?: Record<string, unknown>;\n}\n\n/\n Error information returned by the API.\n @property processedFiles? (`FileMetadata[]`) - List of files that were successfully processed before the error occurred.\n @property error? (`ErrorResponseWithProcessedFilesError`) - Error details./\nexport interface ErrorResponseWithProcessedFiles {\n /\n List of files that were successfully processed before the error occurred.\n /\n processedFiles?: FileMetadata[];\n /\n Error details.\n /\n error?: ErrorResponseWithProcessedFilesError;\n}\n\n/\n Comprehensive metadata information about a file in storage.\n @property id (`string`) - Unique identifier for the file.\n * Example - `\"d5e76ceb-77a2-4153-b7da-1f7c115b2ff2\"`\n @property name (`string`) - Name of the file including extension.\n * Example - `\"profile-picture.jpg\"`\n @property size (`number`) - Size of the file in bytes.\n * Example - `245678`\n * Format - int64\n @property bucketId (`string`) - ID of the bucket containing the file.\n * Example - `\"users-bucket\"`\n @property etag (`string`) - Entity tag for cache validation.\n * Example - `\"\\\"a1b2c3d4e5f6\\\"\"`\n @property createdAt (`string`) - Timestamp when the file was created.\n * Example - `\"2023-01-15T12:34:56Z\"`\n * Format - date-time\n @property updatedAt (`string`) - Timestamp when the file was last updated.\n * Example - `\"2023-01-16T09:45:32Z\"`\n * Format - date-time\n @property isUploaded (`boolean`) - Whether the file has been successfully uploaded.\n * Example - `true`\n @property mimeType (`string`) - MIME type of the file.\n * Example - `\"image/jpeg\"`\n @property uploadedByUserId? (`string`) - ID of the user who uploaded the file.\n * Example - `\"abc123def456\"`\n @property metadata? (`Record<string, unknown>`) - Custom metadata associated with the file.\n * Example - `{\"alt\":\"Profile picture\",\"category\":\"avatar\"}`/\nexport interface FileMetadata {\n /\n Unique identifier for the file.\n * Example - `\"d5e76ceb-77a2-4153-b7da-1f7c115b2ff2\"`\n /\n id: string;\n /\n Name of the file including extension.\n * Example - `\"profile-picture.jpg\"`\n /\n name: string;\n /\n Size of the file in bytes.\n * Example - `245678`\n * Format - int64\n /\n size: number;\n /\n ID of the bucket containing the file.\n * Example - `\"users-bucket\"`\n /\n bucketId: string;\n /\n Entity tag for cache validation.\n * Example - `\"\\\"a1b2c3d4e5f6\\\"\"`\n /\n etag: string;\n /\n Timestamp when the file was created.\n * Example - `\"2023-01-15T12:34:56Z\"`\n * Format - date-time\n /\n createdAt: string;\n /\n Timestamp when the file was last updated.\n * Example - `\"2023-01-16T09:45:32Z\"`\n * Format - date-time\n /\n updatedAt: string;\n /\n Whether the file has been successfully uploaded.\n * Example - `true`\n /\n isUploaded: boolean;\n /\n MIME type of the file.\n * Example - `\"image/jpeg\"`\n /\n mimeType: string;\n /\n ID of the user who uploaded the file.\n * Example - `\"abc123def456\"`\n /\n uploadedByUserId?: string;\n /\n Custom metadata associated with the file.\n * Example - `{\"alt\":\"Profile picture\",\"category\":\"avatar\"}`\n /\n metadata?: Record<string, unknown>;\n}\n\n/\n Basic information about a file in storage.\n @property id (`string`) - Unique identifier for the file.\n * Example - `\"d5e76ceb-77a2-4153-b7da-1f7c115b2ff2\"`\n @property name (`string`) - Name of the file including extension.\n * Example - `\"profile-picture.jpg\"`\n @property bucketId (`string`) - ID of the bucket containing the file.\n * Example - `\"users-bucket\"`\n @property isUploaded (`boolean`) - Whether the file has been successfully uploaded.\n * Example - `true`/\nexport interface FileSummary {\n /\n Unique identifier for the file.\n * Example - `\"d5e76ceb-77a2-4153-b7da-1f7c115b2ff2\"`\n /\n id: string;\n /\n Name of the file including extension.\n * Example - `\"profile-picture.jpg\"`\n /\n name: string;\n /\n ID of the bucket containing the file.\n * Example - `\"users-bucket\"`\n /\n bucketId: string;\n /\n Whether the file has been successfully uploaded.\n * Example - `true`\n /\n isUploaded: boolean;\n}\n\n/\n Contains a presigned URL for direct file operations.\n @property url (`string`) - The presigned URL for file operations.\n * Example - `\"https://storage.example.com/files/abc123?signature=xyz\"`\n @property expiration (`number`) - The time in seconds until the URL expires.\n * Example - `3600`/\nexport interface PresignedURLResponse {\n /\n The presigned URL for file operations.\n * Example - `\"https://storage.example.com/files/abc123?signature=xyz\"`\n /\n url: string;\n /\n The time in seconds until the URL expires.\n * Example - `3600`\n /\n expiration: number;\n}\n\n/\n Metadata that can be updated for an existing file.\n @property name? (`string`) - New name to assign to the file.\n * Example - `\"renamed-file.jpg\"`\n @property metadata? (`Record<string, unknown>`) - Updated custom metadata to associate with the file.\n * Example - `{\"alt\":\"Updated image description\",\"category\":\"profile\"}`/\nexport interface UpdateFileMetadata {\n /\n New name to assign to the file.\n * Example - `\"renamed-file.jpg\"`\n /\n name?: string;\n /\n Updated custom metadata to associate with the file.\n * Example - `{\"alt\":\"Updated image description\",\"category\":\"profile\"}`\n /\n metadata?: Record<string, unknown>;\n}\n\n/\n Metadata provided when uploading a new file.\n @property id? (`string`) - Optional custom ID for the file. If not provided, a UUID will be generated.\n * Example - `\"custom-id-123\"`\n @property name? (`string`) - Name to assign to the file. If not provided, the original filename will be used.\n * Example - `\"custom-filename.png\"`\n @property metadata? (`Record<string, unknown>`) - Custom metadata to associate with the file.\n * Example - `{\"alt\":\"Custom image\",\"category\":\"document\"}`/\nexport interface UploadFileMetadata {\n /\n Optional custom ID for the file. If not provided, a UUID will be generated.\n * Example - `\"custom-id-123\"`\n /\n id?: string;\n /\n Name to assign to the file. If not provided, the original filename will be used.\n * Example - `\"custom-filename.png\"`\n /\n name?: string;\n /\n Custom metadata to associate with the file.\n * Example - `{\"alt\":\"Custom image\",\"category\":\"document\"}`\n /\n metadata?: Record<string, unknown>;\n}\n\n/\n Contains version information about the storage service.\n @property buildVersion (`string`) - The version number of the storage service build.\n * Example - `\"1.2.3\"`/\nexport interface VersionInformation {\n /\n The version number of the storage service build.\n * Example - `\"1.2.3\"`\n /\n buildVersion: string;\n}\n\n/\n Output format for image files. Use 'auto' for content negotiation based on Accept header\n /\nexport type OutputImageFormat =\n \| \"auto\"\n \| \"same\"\n \| \"jpeg\"\n \| \"webp\"\n \| \"png\"\n \| \"avif\";\n\n/\n \n @property bucket-id? (`string`) - Target bucket identifier where files will be stored.\n * Example - `\"user-uploads\"`\n @property metadata[]? (`UploadFileMetadata[]`) - Optional custom metadata for each uploaded file. Must match the order of the file[] array.\n @property file[] (`Blob[]`) - Array of files to upload./\nexport interface UploadFilesBody {\n /\n Target bucket identifier where files will be stored.\n * Example - `\"user-uploads\"`\n /\n \"bucket-id\"?: string;\n /\n Optional custom metadata for each uploaded file. Must match the order of the file[] array.\n /\n \"metadata[]\"?: UploadFileMetadata[];\n /\n Array of files to upload.\n /\n \"file[]\": Blob[];\n}\n\n/\n \n @property processedFiles (`FileMetadata[]`) - List of successfully processed files with their metadata./\nexport interface UploadFilesResponse201 {\n /\n List of successfully processed files with their metadata.\n /\n processedFiles: FileMetadata[];\n}\n\n/\n \n @property metadata? (`UpdateFileMetadata`) - Metadata that can be updated for an existing file.\n @property file? (`Blob`) - New file content to replace the existing file\n * Format - binary/\nexport interface ReplaceFileBody {\n /\n Metadata that can be updated for an existing file.\n /\n metadata?: UpdateFileMetadata;\n /\n New file content to replace the existing file\n * Format - binary\n /\n file?: Blob;\n}\n\n/\n \n @property metadata? (`FileSummary[]`) - /\nexport interface DeleteBrokenMetadataResponse200 {\n /\n \n /\n metadata?: FileSummary[];\n}\n\n/\n \n @property files? (`string[]`) - /\nexport interface DeleteOrphanedFilesResponse200 {\n /\n \n /\n files?: string[];\n}\n\n/\n \n @property metadata? (`FileSummary[]`) - /\nexport interface ListBrokenMetadataResponse200 {\n /\n \n /\n metadata?: FileSummary[];\n}\n\n/\n \n @property metadata? (`FileSummary[]`) - /\nexport interface ListFilesNotUploadedResponse200 {\n /\n \n /\n metadata?: FileSummary[];\n}\n\n/\n \n @property files? (`string[]`) - /\nexport interface ListOrphanedFilesResponse200 {\n /\n \n /\n files?: string[];\n}\n\n/\n Parameters for the getFile method.\n @property q? (number) - Image quality (1-100). Only applies to JPEG, WebP and PNG files\n \n @property h? (number) - Maximum height to resize image to while maintaining aspect ratio. Only applies to image files\n \n @property w? (number) - Maximum width to resize image to while maintaining aspect ratio. Only applies to image files\n \n @property b? (number) - Blur the image using this sigma value. Only applies to image files\n \n @property f? (OutputImageFormat) - Output format for image files. Use 'auto' for content negotiation based on Accept header\n \n * Output format for image files. Use 'auto' for content negotiation based on Accept header/\nexport interface GetFileParams {\n /\n Image quality (1-100). Only applies to JPEG, WebP and PNG files\n \n /\n q?: number;\n /\n Maximum height to resize image to while maintaining aspect ratio. Only applies to image files\n \n /\n h?: number;\n /\n Maximum width to resize image to while maintaining aspect ratio. Only applies to image files\n \n /\n w?: number;\n /\n Blur the image using this sigma value. Only applies to image files\n \n /\n b?: number;\n /\n Output format for image files. Use 'auto' for content negotiation based on Accept header\n \n * Output format for image files. Use 'auto' for content negotiation based on Accept header\n /\n f?: OutputImageFormat;\n}\n/\n Parameters for the getFileMetadataHeaders method.\n @property q? (number) - Image quality (1-100). Only applies to JPEG, WebP and PNG files\n \n @property h? (number) - Maximum height to resize image to while maintaining aspect ratio. Only applies to image files\n \n @property w? (number) - Maximum width to resize image to while maintaining aspect ratio. Only applies to image files\n \n @property b? (number) - Blur the image using this sigma value. Only applies to image files\n \n @property f? (OutputImageFormat) - Output format for image files. Use 'auto' for content negotiation based on Accept header\n \n * Output format for image files. Use 'auto' for content negotiation based on Accept header/\nexport interface GetFileMetadataHeadersParams {\n /\n Image quality (1-100). Only applies to JPEG, WebP and PNG files\n \n /\n q?: number;\n /\n Maximum height to resize image to while maintaining aspect ratio. Only applies to image files\n \n /\n h?: number;\n /\n Maximum width to resize image to while maintaining aspect ratio. Only applies to image files\n \n /\n w?: number;\n /\n Blur the image using this sigma value. Only applies to image files\n \n /\n b?: number;\n /\n Output format for image files. Use 'auto' for content negotiation based on Accept header\n \n * Output format for image files. Use 'auto' for content negotiation based on Accept header\n /\n f?: OutputImageFormat;\n}\n\nexport interface Client {\n baseURL: string;\n\n /* Add a middleware function to the fetch chain\n * @param chainFunction - The middleware function to add\n /\n pushChainFunction(chainFunction: ChainFunction): void;\n /\n Summary: Upload files\n Upload one or more files to a specified bucket. Supports batch uploading with optional custom metadata for each file. If uploading multiple files, either provide metadata for all files or none.\n\n This method may return different T based on the response code:\n - 201: UploadFilesResponse201\n /\n uploadFiles(\n body: UploadFilesBody,\n options?: RequestInit,\n ): Promise<FetchResponse<UploadFilesResponse201>>;\n\n /*\n Summary: Delete file\n Permanently delete a file from storage. This removes both the file content and its associated metadata.\n\n This method may return different T based on the response code:\n - 204: void\n /\n deleteFile(id: string, options?: RequestInit): Promise<FetchResponse<void>>;\n\n /*\n Summary: Download file\n Retrieve and download the complete file content. Supports conditional requests, image transformations, and range requests for partial downloads.\n\n This method may return different T based on the response code:\n - 200: void\n - 206: void\n - 304: void\n - 412: void\n /\n getFile(\n id: string,\n params?: GetFileParams,\n options?: RequestInit,\n ): Promise<FetchResponse<Blob>>;\n\n /*\n Summary: Check file information\n Retrieve file metadata headers without downloading the file content. Supports conditional requests and provides caching information.\n\n This method may return different T based on the response code:\n - 200: void\n - 304: void\n - 412: void\n /\n getFileMetadataHeaders(\n id: string,\n params?: GetFileMetadataHeadersParams,\n options?: RequestInit,\n ): Promise<FetchResponse<void>>;\n\n /*\n Summary: Replace file\n Replace an existing file with new content while preserving the file ID. The operation follows these steps:\n1. The isUploaded flag is set to false to mark the file as being updated\n2. The file content is replaced in the storage backend\n3. File metadata is updated (size, mime-type, isUploaded, etc.)\n\nEach step is atomic, but if a step fails, previous steps will not be automatically rolled back.\n\n\n This method may return different T based on the response code:\n - 200: FileMetadata\n /\n replaceFile(\n id: string,\n body: ReplaceFileBody,\n options?: RequestInit,\n ): Promise<FetchResponse<FileMetadata>>;\n\n /*\n Summary: Retrieve presigned URL to retrieve the file\n Retrieve presigned URL to retrieve the file. Expiration of the URL is\ndetermined by bucket configuration\n\n\n This method may return different T based on the response code:\n - 200: PresignedURLResponse\n /\n getFilePresignedURL(\n id: string,\n options?: RequestInit,\n ): Promise<FetchResponse<PresignedURLResponse>>;\n\n /*\n Summary: Delete broken metadata\n Broken metadata is defined as metadata that has isUploaded = true but there is no file in the storage matching it. This is an admin operation that requires the Hasura admin secret.\n\n This method may return different T based on the response code:\n - 200: DeleteBrokenMetadataResponse200\n /\n deleteBrokenMetadata(\n options?: RequestInit,\n ): Promise<FetchResponse<DeleteBrokenMetadataResponse200>>;\n\n /*\n Summary: Deletes orphaned files\n Orphaned files are files that are present in the storage but have no associated metadata. This is an admin operation that requires the Hasura admin secret.\n\n This method may return different T based on the response code:\n - 200: DeleteOrphanedFilesResponse200\n /\n deleteOrphanedFiles(\n options?: RequestInit,\n ): Promise<FetchResponse<DeleteOrphanedFilesResponse200>>;\n\n /*\n Summary: Lists broken metadata\n Broken metadata is defined as metadata that has isUploaded = true but there is no file in the storage matching it. This is an admin operation that requires the Hasura admin secret.\n\n This method may return different T based on the response code:\n - 200: ListBrokenMetadataResponse200\n /\n listBrokenMetadata(\n options?: RequestInit,\n ): Promise<FetchResponse<ListBrokenMetadataResponse200>>;\n\n /*\n Summary: Lists files that haven't been uploaded\n That is, metadata that has isUploaded = false. This is an admin operation that requires the Hasura admin secret.\n\n This method may return different T based on the response code:\n - 200: ListFilesNotUploadedResponse200\n /\n listFilesNotUploaded(\n options?: RequestInit,\n ): Promise<FetchResponse<ListFilesNotUploadedResponse200>>;\n\n /*\n Summary: Lists orphaned files\n Orphaned files are files that are present in the storage but have no associated metadata. This is an admin operation that requires the Hasura admin secret.\n\n This method may return different T based on the response code:\n - 200: ListOrphanedFilesResponse200\n /\n listOrphanedFiles(\n options?: RequestInit,\n ): Promise<FetchResponse<ListOrphanedFilesResponse200>>;\n\n /*\n Summary: Get service version information\n Retrieves build and version information about the storage service. Useful for monitoring and debugging.\n\n This method may return different T based on the response code:\n - 200: VersionInformation\n /\n getVersion(options?: RequestInit): Promise<FetchResponse<VersionInformation>>;\n}\n\nexport const createAPIClient = (\n baseURL: string,\n chainFunctions: ChainFunction[] = [],\n): Client => {\n let fetch = createEnhancedFetch(chainFunctions);\n\n const pushChainFunction = (chainFunction: ChainFunction) => {\n chainFunctions.push(chainFunction);\n fetch = createEnhancedFetch(chainFunctions);\n };\n const uploadFiles = async (\n body: UploadFilesBody,\n options?: RequestInit,\n ): Promise<FetchResponse<UploadFilesResponse201>> => {\n const url = `${baseURL}/files`;\n const formData = new FormData();\n if (body[\"bucket-id\"] !== undefined) {\n formData.append(\"bucket-id\", body[\"bucket-id\"]);\n }\n if (body[\"metadata[]\"] !== undefined) {\n body[\"metadata[]\"].forEach((value) => {\n formData.append(\n \"metadata[]\",\n new Blob([JSON.stringify(value)], { type: \"application/json\" }),\n \"\",\n );\n });\n }\n if (body[\"file[]\"] !== undefined) {\n body[\"file[]\"].forEach((value) => {\n formData.append(\"file[]\", value);\n });\n }\n\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n body: formData,\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: UploadFilesResponse201 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<UploadFilesResponse201>;\n };\n\n const deleteFile = async (\n id: string,\n options?: RequestInit,\n ): Promise<FetchResponse<void>> => {\n const url = `${baseURL}/files/${id}`;\n const res = await fetch(url, {\n ...options,\n method: \"DELETE\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const payload: undefined = undefined;\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<void>;\n };\n\n const getFile = async (\n id: string,\n params?: GetFileParams,\n options?: RequestInit,\n ): Promise<FetchResponse<Blob>> => {\n const encodedParameters =\n params &&\n Object.entries(params)\n .map(([key, value]) => {\n const stringValue = Array.isArray(value)\n ? value.join(\",\")\n : typeof value === \"object\"\n ? JSON.stringify(value)\n : (value as string);\n return `${key}=${encodeURIComponent(stringValue)}`;\n })\n .join(\"&\");\n\n const url = encodedParameters\n ? `${baseURL}/files/${id}?${encodedParameters}`\n : `${baseURL}/files/${id}`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const payload: Blob = await res.blob();\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<Blob>;\n };\n\n const getFileMetadataHeaders = async (\n id: string,\n params?: GetFileMetadataHeadersParams,\n options?: RequestInit,\n ): Promise<FetchResponse<void>> => {\n const encodedParameters =\n params &&\n Object.entries(params)\n .map(([key, value]) => {\n const stringValue = Array.isArray(value)\n ? value.join(\",\")\n : typeof value === \"object\"\n ? JSON.stringify(value)\n : (value as string);\n return `${key}=${encodeURIComponent(stringValue)}`;\n })\n .join(\"&\");\n\n const url = encodedParameters\n ? `${baseURL}/files/${id}?${encodedParameters}`\n : `${baseURL}/files/${id}`;\n const res = await fetch(url, {\n ...options,\n method: \"HEAD\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const payload: undefined = undefined;\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<void>;\n };\n\n const replaceFile = async (\n id: string,\n body: ReplaceFileBody,\n options?: RequestInit,\n ): Promise<FetchResponse<FileMetadata>> => {\n const url = `${baseURL}/files/${id}`;\n const formData = new FormData();\n if (body[\"metadata\"] !== undefined) {\n formData.append(\n \"metadata\",\n new Blob([JSON.stringify(body[\"metadata\"])], {\n type: \"application/json\",\n }),\n \"\",\n );\n }\n if (body[\"file\"] !== undefined) {\n formData.append(\"file\", body[\"file\"]);\n }\n\n const res = await fetch(url, {\n ...options,\n method: \"PUT\",\n body: formData,\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: FileMetadata = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<FileMetadata>;\n };\n\n const getFilePresignedURL = async (\n id: string,\n options?: RequestInit,\n ): Promise<FetchResponse<PresignedURLResponse>> => {\n const url = `${baseURL}/files/${id}/presignedurl`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: PresignedURLResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<PresignedURLResponse>;\n };\n\n const deleteBrokenMetadata = async (\n options?: RequestInit,\n ): Promise<FetchResponse<DeleteBrokenMetadataResponse200>> => {\n const url = `${baseURL}/ops/delete-broken-metadata`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: DeleteBrokenMetadataResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<DeleteBrokenMetadataResponse200>;\n };\n\n const deleteOrphanedFiles = async (\n options?: RequestInit,\n ): Promise<FetchResponse<DeleteOrphanedFilesResponse200>> => {\n const url = `${baseURL}/ops/delete-orphans`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: DeleteOrphanedFilesResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<DeleteOrphanedFilesResponse200>;\n };\n\n const listBrokenMetadata = async (\n options?: RequestInit,\n ): Promise<FetchResponse<ListBrokenMetadataResponse200>> => {\n const url = `${baseURL}/ops/list-broken-metadata`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: ListBrokenMetadataResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<ListBrokenMetadataResponse200>;\n };\n\n const listFilesNotUploaded = async (\n options?: RequestInit,\n ): Promise<FetchResponse<ListFilesNotUploadedResponse200>> => {\n const url = `${baseURL}/ops/list-not-uploaded`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: ListFilesNotUploadedResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<ListFilesNotUploadedResponse200>;\n };\n\n const listOrphanedFiles = async (\n options?: RequestInit,\n ): Promise<FetchResponse<ListOrphanedFilesResponse200>> => {\n const url = `${baseURL}/ops/list-orphans`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: ListOrphanedFilesResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<ListOrphanedFilesResponse200>;\n };\n\n const getVersion = async (\n options?: RequestInit,\n ): Promise<FetchResponse<VersionInformation>> => {\n const url = `${baseURL}/version`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: VersionInformation = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<VersionInformation>;\n };\n\n return {\n baseURL,\n pushChainFunction,\n uploadFiles,\n deleteFile,\n getFile,\n getFileMetadataHeaders,\n replaceFile,\n getFilePresignedURL,\n deleteBrokenMetadata,\n deleteOrphanedFiles,\n listBrokenMetadata,\n listFilesNotUploaded,\n listOrphanedFiles,\n getVersion,\n };\n};\n","/*\n GraphQL client for the Nhost JavaScript SDK.\n \n This module provides functionality for executing GraphQL operations against\n * a Hasura GraphQL API.\n /\n\nimport type { TypedDocumentNode } from \"@graphql-typed-document-node/core\";\nimport {\n type ChainFunction,\n createEnhancedFetch,\n FetchError,\n type FetchResponse,\n} from \"../fetch\";\n\n/\n Variables object for GraphQL operations.\n * Key-value pairs of variable names and their values.\n /\nexport type GraphQLVariables = Record<string, unknown>;\n\n/\n GraphQL request object used for queries and mutations.\n /\nexport interface GraphQLRequest<TVariables = GraphQLVariables> {\n /* The GraphQL query or mutation string /\n query: string;\n /* Optional variables for parameterized queries /\n variables?: TVariables;\n /* Optional name of the operation to execute /\n operationName?: string;\n}\n\n/\n Represents a GraphQL error returned from the server.\n /\nexport interface GraphQLError {\n /* Error message /\n message: string;\n /* Source locations in the GraphQL document where the error occurred /\n locations?: { line: number; column: number }[];\n /* Path in the query where the error occurred /\n path?: string[];\n /* Additional error information specific to the GraphQL implementation /\n extensions?: { path: string; code: string };\n}\n\n/\n Standard GraphQL response format as defined by the GraphQL specification.\n /\nexport interface GraphQLResponse<TResponseData = unknown> {\n /* The data returned from successful execution /\n data?: TResponseData;\n /* Array of errors if execution was unsuccessful or partially successful /\n errors?: GraphQLError[];\n}\n\n/\n GraphQL client interface providing methods for executing queries and mutations\n /\nexport interface Client {\n /\n Execute a GraphQL query operation\n \n Queries are used to fetch data and should not modify any data on the server.\n \n @param request - GraphQL request object containing query and optional variables\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the GraphQL response and metadata\n /\n request<TResponseData = unknown, TVariables = GraphQLVariables>(\n request: GraphQLRequest<TVariables>,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n\n /\n Execute a GraphQL query operation using a typed document node\n \n @param document - TypedDocumentNode containing the query and type information\n * @param variables - Variables for the GraphQL operation\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the GraphQL response and metadata\n /\n request<TResponseData, TVariables = GraphQLVariables>(\n document: TypedDocumentNode<TResponseData, TVariables>,\n variables?: TVariables,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n\n /\n URL for the GraphQL endpoint.\n /\n url: string;\n\n /* Add a middleware function to the fetch chain\n * @param chainFunction - The middleware function to add\n /\n pushChainFunction(chainFunction: ChainFunction): void;\n}\n\n/\n Creates a GraphQL API client for interacting with a GraphQL endpoint.\n \n This client provides methods for executing queries and mutations against\n * a GraphQL API, with support for middleware functions to handle authentication,\n * error handling, and other cross-cutting concerns.\n \n @param url - Base URL for the GraphQL endpoint\n * @param chainFunctions - Array of middleware functions for the fetch chain\n * @returns GraphQL client with query and mutation methods\n /\nexport const createAPIClient = (\n url: string,\n chainFunctions: ChainFunction[] = [],\n): Client => {\n let enhancedFetch = createEnhancedFetch(chainFunctions);\n\n const pushChainFunction = (chainFunction: ChainFunction) => {\n chainFunctions.push(chainFunction);\n enhancedFetch = createEnhancedFetch(chainFunctions);\n };\n\n const executeOperation = async <\n TResponseData = unknown,\n TVariables = GraphQLVariables,\n >(\n request: GraphQLRequest<TVariables>,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>> => {\n const response = await enhancedFetch(`${url}`, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n body: JSON.stringify(request),\n ...options,\n });\n\n const body = await response.text();\n const data: GraphQLResponse<TResponseData> = (\n body ? JSON.parse(body) : {}\n ) as GraphQLResponse<TResponseData>;\n\n const resp = {\n body: data,\n status: response.status,\n headers: response.headers,\n };\n\n if (data.errors) {\n throw new FetchError(data, response.status, response.headers);\n }\n\n return resp;\n };\n\n function request<TResponseData = unknown, TVariables = GraphQLVariables>(\n request: GraphQLRequest<TVariables>,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n function request<TResponseData, TVariables = GraphQLVariables>(\n document: TypedDocumentNode<TResponseData, TVariables>,\n variables?: TVariables,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n function request<TResponseData, TVariables = GraphQLVariables>(\n requestOrDocument:\n \| GraphQLRequest<TVariables>\n \| TypedDocumentNode<TResponseData, TVariables>,\n variablesOrOptions?: TVariables \| RequestInit,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>> {\n if (typeof requestOrDocument === \"object\" && \"kind\" in requestOrDocument) {\n const definition = requestOrDocument.definitions[0];\n\n const request: GraphQLRequest<TVariables> = {\n query: requestOrDocument.loc?.source.body \|\| \"\",\n variables: variablesOrOptions as TVariables,\n operationName:\n definition && \"name\" in definition\n ? definition.name?.value\n : undefined,\n };\n return executeOperation(request, options);\n } else {\n // Handle GraphQLRequest\n const request = requestOrDocument;\n const requestOptions = variablesOrOptions as RequestInit;\n return executeOperation(request, requestOptions);\n }\n }\n\n return {\n request,\n url,\n pushChainFunction,\n } as Client;\n};\n","/\n Functions client for the Nhost JavaScript SDK.\n \n This module provides functionality for executing serverless function calls\n * against Nhost serverless functions.\n /\n\nimport {\n type ChainFunction,\n createEnhancedFetch,\n FetchError,\n type FetchResponse,\n} from \"../fetch\";\n\n/\n Functions client interface providing methods for executing serverless function calls\n /\nexport interface Client {\n baseURL: string;\n\n /* Add a middleware function to the fetch chain\n * @param chainFunction - The middleware function to add\n /\n pushChainFunction(chainFunction: ChainFunction): void;\n\n /\n Execute a request to a serverless function\n * The response body will be automatically parsed based on the content type into the following types:\n * - Object if the response is application/json\n * - string text string if the response is text/\n - Blob if the response is any other type\n \n @param path - The path to the serverless function\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the function response and metadata.\n /\n fetch<T = unknown>(\n path: string,\n options?: RequestInit,\n ): Promise<FetchResponse<T>>;\n\n /\n Executes a POST request to a serverless function with a JSON body\n \n This is a convenience method assuming the request is a POST with JSON body\n * setting the `Content-Type` and 'Accept' headers to `application/json` and\n * automatically stringifying the body.\n \n For a more generic request, use the `fetch` method instead.\n \n @param path - The path to the serverless function\n * @param body - The JSON body to send in the request\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the function response and metadata\n /\n post<T = unknown>(\n path: string,\n body?: unknown,\n options?: RequestInit,\n ): Promise<FetchResponse<T>>;\n}\n\n/\n Creates a Functions API client for interacting with serverless functions.\n \n This client provides methods for executing requests against serverless functions,\n * with support for middleware functions to handle authentication, error handling,\n * and other cross-cutting concerns.\n \n @param baseURL - Base URL for the functions endpoint\n * @param chainFunctions - Array of middleware functions for the fetch chain\n * @returns Functions client with fetch method\n /\nexport const createAPIClient = (\n baseURL: string,\n chainFunctions: ChainFunction[] = [],\n): Client => {\n let enhancedFetch = createEnhancedFetch(chainFunctions);\n\n const pushChainFunction = (chainFunction: ChainFunction) => {\n chainFunctions.push(chainFunction);\n enhancedFetch = createEnhancedFetch(chainFunctions);\n };\n\n /\n Executes a request to a serverless function and processes the response\n \n @param path - The path to the serverless function\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the function response and metadata. Body will be either\n * - JSON object if the response is application/json\n - text string if the response is text/\n - Blob if the response is any other type\n /\n const fetch = async <T = unknown>(\n path: string,\n options?: RequestInit,\n ): Promise<FetchResponse<T \| string \| Blob>> => {\n const resp = await enhancedFetch(`${baseURL}${path}`, options);\n\n let body: T \| string \| Blob;\n // Process response based on content type\n if (resp.headers.get(\"content-type\")?.includes(\"application/json\")) {\n body = (await resp.json()) as T;\n } else if (resp.headers.get(\"content-type\")?.startsWith(\"text/\")) {\n body = await resp.text();\n } else {\n body = await resp.blob();\n }\n\n // Throw error for non-OK responses\n if (!resp.ok) {\n throw new FetchError(body, resp.status, resp.headers);\n }\n\n return {\n status: resp.status,\n body,\n headers: resp.headers,\n };\n };\n\n /*\n Executes a POST request to a serverless function with a JSON body\n \n This is a convenience method assuming the request is a POST with JSON body\n * setting the `Content-Type` and 'Accept' headers to `application/json` and\n * automatically stringifying the body.\n \n For a more generic request, use the `fetch` method instead.\n \n @param path - The path to the serverless function\n * @param body - The JSON body to send in the request\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the function response and metadata\n /\n const post = async <T = unknown>(\n path: string,\n body?: unknown,\n options: RequestInit = {},\n ): Promise<FetchResponse<T \| string \| Blob>> => {\n // Ensure the method is POST and set the body\n const requestOptions: RequestInit = {\n ...options,\n method: \"POST\",\n headers: {\n Accept: \"application/json\",\n \"Content-Type\": \"application/json\",\n ...options.headers,\n },\n body: body ? JSON.stringify(body) : undefined,\n };\n\n return fetch<T>(path, requestOptions);\n };\n\n // Return client object with the fetch method\n return {\n baseURL,\n fetch,\n post,\n pushChainFunction,\n } as Client;\n};\n","/\n Main entry point for the Nhost JavaScript SDK.\n \n This package provides a unified client for interacting with Nhost services:\n * - Authentication\n * - Storage\n * - GraphQL\n * - Functions\n \n ## Import\n \n ```ts\n * import { createClient } from \"@nhost/nhost-js\";\n * ```\n \n ## Usage\n \n Create a client instance to interact with Nhost services:\n \n {@includeCode ./__tests__/docstrings.test.ts:15-119}\n \n ### Creating an admin client\n \n You can also create an admin client if needed. This client will have admin access to the database\n * and will bypass permissions. Additionally, it can impersonate users and set any role or session\n * variable.\n \n IMPORTANT!!! Keep your admin secret safe and never expose it in client-side code.\n \n {@includeCode ./__tests__/docstrings.test.ts:142-201}\n \n @packageDocumentation\n /\n\nexport {\n type ClientConfigurationFn,\n createClient,\n createNhostClient,\n createServerClient,\n type NhostClient,\n type NhostClientOptions,\n type NhostServerClientOptions,\n withAdminSession,\n withClientSideSessionMiddleware,\n withServerSideSessionMiddleware,\n} from \"./nhost\";\n\n/\n Generates a base URL for a Nhost service based on configuration\n \n @param serviceType - Type of service (auth, storage, graphql, functions)\n * @param subdomain - Nhost project subdomain\n * @param region - Nhost region\n * @param customUrl - Custom URL override if provided\n * @returns The base URL for the service\n /\nexport const generateServiceUrl = (\n serviceType: \"auth\" \| \"storage\" \| \"graphql\" \| \"functions\",\n subdomain?: string,\n region?: string,\n customUrl?: string,\n): string => {\n if (customUrl) {\n return customUrl;\n } else if (subdomain && region) {\n return `https://${subdomain}.${serviceType}.${region}.nhost.run/v1`;\n } else {\n return `https://local.${serviceType}.local.nhost.run/v1`;\n }\n};\n","/\n Admin session middleware for the Nhost SDK.\n \n This module provides middleware functionality to automatically attach\n * Hasura admin secret for admin permissions in requests.\n /\n\nimport type { ChainFunction, FetchFunction } from \"./fetch\";\n\n/\n Configuration options for admin session middleware\n /\nexport interface AdminSessionOptions {\n /\n Hasura admin secret for elevated permissions (sets x-hasura-admin-secret header)\n /\n adminSecret: string;\n\n /\n Hasura role to use for the request (sets x-hasura-role header)\n /\n role?: string;\n\n /\n Additional Hasura session variables to attach to requests.\n * Keys will be automatically prefixed with 'x-hasura-' if not already present.\n \n @example\n * ```ts\n * {\n * 'user-id': '123',\n * 'org-id': '456'\n * }\n * // Results in headers:\n * // x-hasura-user-id: 123\n * // x-hasura-org-id: 456\n * ```\n /\n sessionVariables?: Record<string, string>;\n}\n\n/\n Creates a fetch middleware that attaches the Hasura admin secret and optional session variables to requests.\n \n This middleware:\n * 1. Sets the x-hasura-admin-secret header, which grants full admin access to Hasura\n * 2. Optionally sets the x-hasura-role header if a role is provided\n * 3. Optionally sets additional x-hasura-* headers for custom session variables\n \n Security Warning: Never use this middleware in client-side code or expose\n * the admin secret to end users. Admin secrets grant unrestricted access to your\n * entire database. This should only be used in trusted server-side environments.\n \n The middleware preserves request-specific headers when they conflict with the\n * admin session configuration.\n \n @param options - Admin session options including admin secret, role, and session variables\n * @returns A middleware function that can be used in the fetch chain\n \n @example\n * ```ts\n * // Create middleware with admin secret only\n * const adminMiddleware = withAdminSessionMiddleware({\n * adminSecret: process.env.NHOST_ADMIN_SECRET\n * });\n \n // Create middleware with admin secret and role\n * const adminUserMiddleware = withAdminSessionMiddleware({\n * adminSecret: process.env.NHOST_ADMIN_SECRET,\n * role: 'user'\n * });\n \n // Create middleware with admin secret, role, and custom session variables\n * const fullMiddleware = withAdminSessionMiddleware({\n * adminSecret: process.env.NHOST_ADMIN_SECRET,\n * role: 'user',\n * sessionVariables: {\n * 'user-id': '123',\n * 'org-id': '456'\n * }\n * });\n \n // Use with createCustomClient for an admin client\n * const adminClient = createCustomClient({\n * subdomain: 'myproject',\n * region: 'eu-central-1',\n * chainFunctions: [adminMiddleware]\n * });\n * ```\n */\nexport const withAdminSessionMiddleware =\n (options: AdminSessionOptions): ChainFunction =>\n (next: FetchFunction): FetchFunction =>\n async (url: string, requestOptions: RequestInit = {}): Promise<Response> => {\n const headers = new Headers(requestOptions.headers \|\| {});\n\n // Set x-hasura-admin-secret if not already present\n if (!headers.has(\"x-hasura-admin-secret\")) {\n headers.set(\"x-hasura-admin-secret\", options.adminSecret);\n }\n\n // Set x-hasura-role if provided and not already present\n if (options.role && !headers.has(\"x-hasura-role\")) {\n headers.set(\"x-hasura-role\", options.role);\n }\n\n // Set custom session variables\n if (options.sessionVariables) {\n for (const [key, value] of Object.entries(options.sessionVariables)) {\n // Ensure the key has the x-hasura- prefix\n const headerKey = key.startsWith(\"x-hasura-\") ? key : `x-hasura-${key}`;\n\n // Only set if not already present in the request\n if (!headers.has(headerKey)) {\n headers.set(headerKey, value);\n }\n }\n }\n\n return next(url, { ...requestOptions, headers });\n };\n"],"names":["createEnhancedFetch","chainFunctions","reduceRight","nextInChain","chainFunction","fetch","FetchError","Error","body","status","headers","constructor","super","typedBody","error","Array","isArray","messages","filter","map","length","join","extractMessage","this","attachAccessTokenMiddleware","storage","next","async","url","options","Headers","has","session","get","accessToken","newOptions","addAuthorizationHeader","set","lock","navigator","locks","request","_name","_options","callback","refreshSession","auth","marginSeconds","_refreshSession","console","warn","errResponse","remove","needsRefresh","mode","_needsRefresh","sessionExpired","response","refreshToken","decodedToken","exp","currentTime","Date","now","sessionRefreshMiddleware","endsWith","shouldSkipTokenHandling","updateSessionFromResponseMiddleware","includes","clonedResponse","clone","json","catch","sessionExtractor","isPostgresArray","value","startsWith","parsePostgresArray","slice","split","item","trim","replace","LocalStorage","storageKey","window","localStorage","getItem","JSON","parse","setItem","stringify","removeItem","MemoryStorage","SessionStorage","subscribers","Set","s","atob","Buffer","from","toString","iat","hasuraClaims","processedClaims","Object","entries","reduce","acc","key","decodeUserSession","decodedSession","notifySubscribers","onChange","add","delete","subscriber","detectStorage","withClientSideSessionMiddleware","graphql","functions","sessionStorage","mwChain","mw","pushChainFunction","withServerSideSessionMiddleware","NhostClient","getUserSession","clearSession","createNhostClient","subdomain","region","authUrl","storageUrl","graphqlUrl","functionsUrl","configure","authBaseUrl","generateServiceUrl","storageBaseUrl","graphqlBaseUrl","functionsBaseUrl","baseURL","push","getJWKs","res","method","responseBody","text","payload","elevateWebauthn","verifyElevateWebauthn","healthCheckGet","healthCheckHead","linkIdToken","changeUserMfa","createPAT","signInAnonymous","signInEmailPassword","signInIdToken","verifySignInMfaTotp","signInOTPEmail","verifySignInOTPEmail","signInPasswordlessEmail","signInPasswordlessSms","verifySignInPasswordlessSms","signInPAT","signInProviderURL","provider","params","encodedParameters","stringValue","encodeURIComponent","getProviderTokens","signInWebauthn","verifySignInWebauthn","signOut","signUpEmailPassword","signUpWebauthn","verifySignUpWebauthn","refreshProviderToken","verifyToken","getUser","deanonymizeUser","changeUserEmail","sendVerificationEmail","verifyChangeUserMfa","changeUserPassword","sendPasswordResetEmail","addSecurityKey","verifyAddSecurityKey","verifyTicketURL","getVersion","createAuthClient","storageClient","uploadFiles","formData","FormData","append","forEach","Blob","type","deleteFile","id","getFile","blob","getFileMetadataHeaders","replaceFile","getFilePresignedURL","deleteBrokenMetadata","deleteOrphanedFiles","listBrokenMetadata","listFilesNotUploaded","listOrphanedFiles","createStorageClient","graphqlClient","enhancedFetch","executeOperation","data","resp","errors","requestOrDocument","variablesOrOptions","definition","definitions","query","loc","source","variables","operationName","name","createGraphQLClient","functionsClient","path","ok","post","requestOptions","Accept","createFunctionsClient","configFn","serviceType","customUrl","adminSession","adminMiddleware","adminSecret","role","sessionVariables","headerKey"],"mappings":"+OAiDO,SAASA,EACdC,EAAkC,IAIlC,OAAOA,EAAeC,aACpB,CAACC,EAAaC,IAAkBA,EAAcD,IAC9CE,MAEJ,CA4EO,MAAMC,UAAgCC,MAE3CC,KAEAC,OAEAC,QASA,WAAAC,CAAYH,EAASC,EAAgBC,GACnCE,MAzEJ,SAAwBJ,GACtB,GAAIA,GAAwB,iBAATA,EACjB,OAAOA,EAGT,GAAIA,GAAwB,iBAATA,EAAmB,CACpC,MAAMK,EAAYL,EAElB,GAAI,YAAaK,GAA6C,iBAAzBA,EAAmB,QACtD,OAAOA,EAAmB,QAG5B,GAAI,UAAWA,GAA2C,iBAAvBA,EAAiB,MAClD,OAAOA,EAAiB,MAG1B,GACE,UAAWA,GACXA,EAAiB,OACa,iBAAvBA,EAAiB,MACxB,CACA,MAAMC,EAAQD,EAAiB,MAC/B,GAAI,YAAaC,GAAqC,iBAArBA,EAAe,QAC9C,OAAOA,EAAe,OAE1B,CAEA,GAAI,WAAYD,GAAaE,MAAMC,QAAQH,EAAkB,QAAI,CAC/D,MAAMI,EAAYJ,EAAkB,OACjCK,QACEJ,GACkB,iBAAVA,GACG,OAAVA,GACA,YAAaA,GACyC,iBAA9CA,EAAwC,UAEnDK,KAAKL,GAAUA,EAAe,UAEjC,GAAIG,EAASG,OAAS,EACpB,OAAOH,EAASI,KAAK,KAEzB,CACF,CAEA,MAAO,8BACT,CA4BUC,CAAed,IACrBe,KAAKf,KAAOA,EACZe,KAAKd,OAASA,EACdc,KAAKb,QAAUA,CACjB,ECjIK,MAAMc,EACVC,GACAC,GACDC,MAAOC,EAAaC,EAAuB,MACzC,MAAMnB,EAAU,IAAIoB,QAAQD,EAAQnB,SAAW,CAAA,GAG/C,GAAIA,EAAQqB,IAAI,iBACd,OAAOL,EAAKE,EAAKC,GAInB,MAAMG,EAAUP,EAAQQ,MAExB,GAAID,GAASE,YAAa,CAExB,MAAMC,EAAa,IACdN,EACHnB,QAAS0B,EAAuB1B,EAASsB,IAI3C,OAAON,EAAKE,EAAKO,EACnB,CAGA,OAAOT,EAAKE,EAAKC,EAAO,EAU5B,SAASO,EAAuB1B,EAAkBsB,GAIhD,OAHIA,EAAQE,aACVxB,EAAQ2B,IAAI,gBAAiB,UAAUL,EAAQE,eAE1CxB,CACT,CCxCA,MAAM4B,EAEiB,oBAAdC,WAA6BA,UAAUC,MAC1CD,UAAUC,MACV,IAzBN,MACE,aAAMC,CACJC,EACAC,EAEAC,GAEA,OAAOA,GACT,GA+BWC,EAAiBlB,MAC5BmB,EACArB,EACAsB,EAAgB,MAEhB,IACE,aAAaC,EAAgBF,EAAMrB,EAASsB,EAC9C,OAASjC,GACP,IAIE,OADAmC,QAAQC,KAAK,sCAAuCpC,SACvCkC,EAAgBF,EAAMrB,EAASsB,EAC9C,OAASjC,GACP,MAAMqC,EAAcrC,EAMpB,OAL4B,MAAxBqC,GAAa1C,SAEfwC,QAAQnC,MAAM,4BACdW,EAAQ2B,UAEH,IACT,CACF,GAYIJ,EAAkBrB,MACtBmB,EACArB,EACAsB,EAAgB,MAEhB,MAAMf,QACJA,EAAAqB,aACAA,SAC4Df,EAAKG,QACjE,mBACA,CAAEa,KAAM,WACR3B,SACS4B,EAAc9B,EAASsB,KAIlC,IAAKf,EACH,OAAO,KAGT,IAAKqB,EACH,OAAOrB,EAqCT,aAlC+CM,EAAKG,QAClD,mBACA,CAAEa,KAAM,cACR3B,UACE,MAAQK,QAAAA,EAASqB,aAAAA,EAAAA,eAAcG,GAAmBD,EAChD9B,EACAsB,GAGF,IAAKf,EACH,OAAO,KAGT,IAAKqB,EACH,OAAOrB,EAGT,IACE,MAAMyB,QAAiBX,EAAKY,aAAa,CACvCA,aAAc1B,EAAQ0B,eAIxB,OAFAjC,EAAQY,IAAIoB,EAASjD,MAEdiD,EAASjD,IAClB,OAASM,GACP,IAAK0C,EACH,OAAOxB,EAGT,MAAMlB,CACR,IAIG,EAWHyC,EAAgB,CAAC9B,EAAyBsB,EAAgB,MAC9D,MAAMf,EAAUP,EAAQQ,MACxB,IAAKD,EACH,MAAO,CAAEA,QAAS,KAAMqB,cAAc,EAAOG,gBAAgB,GAG/D,IAAKxB,EAAQ2B,eAAiB3B,EAAQ2B,aAAaC,IAGjD,MAAO,CAAE5B,UAASqB,cAAc,EAAMG,gBAAgB,GAIxD,GAAsB,IAAlBT,EACF,MAAO,CAAEf,UAASqB,cAAc,EAAMG,gBAAgB,GAGxD,MAAMK,EAAcC,KAAKC,MACzB,OAAI/B,EAAQ2B,aAAaC,IAAMC,EAA8B,IAAhBd,EACpC,CAAEf,UAASqB,cAAc,EAAOG,gBAAgB,GAGlD,CACLxB,UACAqB,cAAc,EACdG,eAAgBxB,EAAQ2B,aAAaC,IAAMC,EAAA,EC/IlCG,EAA2B,CACtClB,EACArB,EACAI,KAIA,MAAMkB,cAAEA,EAAgB,IAAkB,CAAA,EAG1C,OAAQrB,GACNC,MAAOC,EAAaC,EAAuB,CAAA,KAEzC,GAoBN,SAAiCD,EAAaC,GAC5C,MAAMnB,EAAU,IAAIoB,QAAQD,EAAQnB,SAAW,CAAA,GAG/C,GAAIA,EAAQqB,IAAI,iBACd,OAAO,EAIT,GAAIH,EAAIqC,SAAS,aACf,OAAO,EAGT,OAAO,CACT,CAlCUC,CAAwBtC,EAAKC,GAC/B,OAAOH,EAAKE,EAAKC,GAGnB,UACQgB,EAAeC,EAAMrB,EAASsB,EACtC,CAAA,MAEA,CACA,OAAOrB,EAAKE,EAAKC,EAAO,CAC1B,ECzBG,MAAMsC,EACX1C,GA4BQC,GACNC,MAAOC,EAAaC,KAElB,MAAM4B,QAAiB/B,EAAKE,EAAKC,GAEjC,IAEE,GAAID,EAAIqC,SAAS,YAGf,OADAxC,EAAQ2B,SACDK,EAIT,GACE7B,EAAIqC,SAAS,WACbrC,EAAIwC,SAAS,aACbxC,EAAIwC,SAAS,YACb,CAEA,MAAMC,EAAiBZ,EAASa,QAG1B9D,QAAc6D,EAAeE,OAAOC,OAAM,IAAM,OAItD,GAAIhE,EAAM,CAER,MAAMwB,EAjDS,CACvBxB,GAEoB,iBAATA,EACF,KAGL,YAAaA,EAERA,EAAKwB,SAAW,KAGrB,gBAAiBxB,GAAQ,iBAAkBA,GAAQ,SAAUA,EAExDA,EAGF,KAgCiBiE,CAAiBjE,GAG7BwB,GAASE,aAAeF,EAAQ0B,cAClCjC,EAAQY,IAAIL,EAEhB,CACF,CACF,OAASlB,GACPmC,QAAQC,KAAK,wCAAyCpC,EACxD,CAGA,OAAO2C,CAAA,ECzBPiB,EAAmBC,GAChBA,EAAMC,WAAW,MAAQD,EAAMV,SAAS,KAG3CY,EAAsBF,GACrBA,GAAmB,OAAVA,EAEPA,EACJG,MAAM,GAAG,GACTC,MAAM,KACN5D,KAAK6D,GAASA,EAAKC,OAAOC,QAAQ,WAAY,QALZ,GCrChC,MAAMC,EACMC,WAOjB,WAAAzE,CAAYkB,GACVN,KAAK6D,WAAavD,GAASuD,YAfI,cAgBjC,CAMA,GAAAnD,GACE,IACE,MAAM0C,EAAQU,OAAOC,aAAaC,QAAQhE,KAAK6D,YAC/C,OAAOT,EAASa,KAAKC,MAAMd,GAAqB,IAClD,CAAA,MAEE,OADApD,KAAK6B,SACE,IACT,CACF,CAMA,GAAAf,CAAIsC,GACFU,OAAOC,aAAaI,QAAQnE,KAAK6D,WAAYI,KAAKG,UAAUhB,GAC9D,CAKA,MAAAvB,GACEiC,OAAOC,aAAaM,WAAWrE,KAAK6D,WACtC,EAOK,MAAMS,EACH7D,QAA0B,KAMlC,GAAAC,GACE,OAAOV,KAAKS,OACd,CAMA,GAAAK,CAAIsC,GACFpD,KAAKS,QAAU2C,CACjB,CAKA,MAAAvB,GACE7B,KAAKS,QAAU,IACjB,ECvFK,MAAM8D,EACMrE,QACTsE,gBAAkBC,IAM1B,WAAArF,CAAYc,GACVF,KAAKE,QAAUA,CACjB,CAMA,GAAAQ,GACE,OAAOV,KAAKE,QAAQQ,KACtB,CAMA,GAAAI,CAAIsC,GACF,MAAMhB,EFxBuB,CAACzB,IAChC,MAAM+D,EAAI/D,EAAY6C,MAAM,KAC5B,GAAiB,IAAbkB,EAAE7E,SAAiB6E,EAAE,GACvB,MAAM,IAAI1F,MAAM,+BAGlB,MAAMoD,EAAe6B,KAAKC,MACR,oBAATS,KACHA,KAAKD,EAAE,IACPE,OAAOC,KAAKH,EAAE,GAAI,UAAUI,SAAS,UAIrCC,EAC2B,iBAAxB3C,EAAkB,IACC,IAAtBA,EAAkB,SAClB,EACAC,EAC2B,iBAAxBD,EAAkB,IACC,IAAtBA,EAAkB,SAClB,EAGA4C,EAAe5C,EAAa,gCAG5B6C,EAAkBD,EACpBE,OAAOC,QAAQH,GAAcI,QAC3B,CAACC,GAAMC,EAAKlC,MACW,iBAAVA,GAAsBD,EAAgBC,GAC/CiC,EAAIC,GAAOhC,EAAmBF,GAE9BiC,EAAIC,GAAOlC,EAENiC,IAET,CAAA,QAEF,EAEJ,MAAO,IACFjD,EACH2C,MACA1C,MACA,+BAAgC4C,EAAA,EEpBXM,CAAkBnC,EAAMzC,aACvC6E,EAAiB,IAClBpC,EACHhB,gBAGFpC,KAAKE,QAAQY,IAAI0E,GACjBxF,KAAKyF,kBAAkBD,EACzB,CAKA,MAAA3D,GACE7B,KAAKE,QAAQ2B,SACb7B,KAAKyF,kBAAkB,KACzB,CAOA,QAAAC,CAASrE,GAGP,OAFArB,KAAKwE,YAAYmB,IAAItE,GAEd,KACLrB,KAAKwE,YAAYoB,OAAOvE,EAAQ,CAEpC,CAMQ,iBAAAoE,CAAkBhF,GACxB,IAAA,MAAWoF,KAAc7F,KAAKwE,YAC5B,IACEqB,EAAWpF,EACb,OAASlB,GACPmC,QAAQnC,MAAM,8BAA+BA,EAC/C,CAEJ,EAYK,MAAMuG,EAAgB,IACL,oBAAXhC,OACF,IAAIF,EAEN,IAAIU,EC3DAyB,EAAyD,EACpExE,OACArB,UACA8F,UACAC,YACAC,qBAEA,MAAMC,EAA2B,CAC/B1D,EAAyBlB,EAAM2E,GAC/BtD,EAAoCsD,GACpCjG,EAA4BiG,IAG9B,IAAA,MAAWE,KAAMD,EACf5E,EAAK8E,kBAAkBD,GACvBlG,EAAQmG,kBAAkBD,GAC1BJ,EAAQK,kBAAkBD,GAC1BH,EAAUI,kBAAkBD,EAC9B,EAQWE,EAAyD,EACpE/E,OACArB,UACA8F,UACAC,YACAC,qBAEA,MAAMC,EAA2B,CAC/BvD,EAAoCsD,GACpCjG,EAA4BiG,IAG9B,IAAA,MAAWE,KAAMD,EACf5E,EAAK8E,kBAAkBD,GACvBlG,EAAQmG,kBAAkBD,GAC1BJ,EAAQK,kBAAkBD,GAC1BH,EAAUI,kBAAkBD,EAC9B,EAkDK,MAAMG,EAKXhF,KAMArB,QAMA8F,QAMAC,UAMAC,eAYA,WAAA9G,CACEmC,EACArB,EACA8F,EACAC,EACAC,GAEAlG,KAAKuB,KAAOA,EACZvB,KAAKE,QAAUA,EACfF,KAAKgG,QAAUA,EACfhG,KAAKiG,UAAYA,EACjBjG,KAAKkG,eAAiBA,CACxB,CAkBA,cAAAM,GACE,OAAOxG,KAAKkG,eAAexF,KAC7B,CAsBA,oBAAMY,CAAeE,EAAgB,IACnC,OAAOF,EAAetB,KAAKuB,KAAMvB,KAAKkG,eAAgB1E,EACxD,CAiBA,YAAAiF,GACEzG,KAAKkG,eAAerE,QACtB,EAgGK,SAAS6E,EACdpG,EAA8B,IAE9B,MAAMqG,UACJA,EAAAC,OACAA,EAAAC,QACAA,EAAAC,WACAA,EAAAC,WACAA,EAAAC,aACAA,EAAA9G,QACAA,EAAU4F,IAAAmB,UACVA,EAAY,IACV3G,EAEE4F,EAAiB,IAAI3B,EAAerE,GAGpCgH,EAAcC,EAAmB,OAAQR,EAAWC,EAAQC,GAC5DO,EAAiBD,EACrB,UACAR,EACAC,EACAE,GAEIO,EAAiBF,EACrB,UACAR,EACAC,EACAG,GAEIO,EAAmBH,EACvB,YACAR,EACAC,EACAI,GAIIzF,EC4sDuB,EAC7BgG,EACA7I,EAAkC,MAElC,IAAII,EAAQL,EAAoBC,GAqyChC,MAAO,CACL6I,UACAlB,kBAryCyBxH,IACzBH,EAAe8I,KAAK3I,GACpBC,EAAQL,EAAoBC,EAAc,EAoyC1C+I,QAlyCcrH,MACdE,IAEA,MAAMD,EAAM,GAAGkH,0BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAHsB2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIhE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAywCf4I,gBArwCsB3H,MACtBE,IAEA,MAAMD,EAAM,GAAGkH,qBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALiD2I,EAC/C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA0uCf6I,sBAtuC4B5H,MAC5BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,4BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAwsCf8I,eApsCqB7H,MACrBE,IAEA,MAAMD,EAAM,GAAGkH,YACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA2qCf+I,gBAvqCsB9H,MACtBE,IAEA,MAAMD,EAAM,GAAGkH,YACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAIA,MAAO,CACLF,UAHyB,EAIzBC,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAipCfgJ,YA7oCkB/H,MAClBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,iBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAinCfiJ,cA7mCoBhI,MACpBE,IAEA,MAAMD,EAAM,GAAGkH,sBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALoC2I,EAClC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAklCfkJ,UA9kCgBjI,MAChBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,QACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALiC2I,EAC/B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAgjCfmJ,gBA5iCsBlI,MACtBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,qBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA8gCfoJ,oBA1gC0BnI,MAC1BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,0BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL2C2I,EACzC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA4+BfqJ,cAx+BoBpI,MACpBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,mBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA08BfsJ,oBAt8B0BrI,MAC1BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,oBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAw6BfuJ,eAp6BqBtI,MACrBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,qBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAw4BfwJ,qBAp4B2BvI,MAC3BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,4BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL4C2I,EAC1C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAs2BfyJ,wBAl2B8BxI,MAC9BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,8BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAs0Bf0J,sBAl0B4BzI,MAC5BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,4BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAsyBf2J,4BAlyBkC1I,MAClCnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,gCACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALgD2I,EAC9C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAowBf4J,UAhwBgB3I,MAChBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,eACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkuBf6J,kBA9tBwB,CACxBC,EACAC,KAEA,MAAMC,EACJD,GACAhE,OAAOC,QAAQ+D,GACZtJ,KAAI,EAAE0F,EAAKlC,MACV,MAAMgG,EAAc5J,MAAMC,QAAQ2D,GAC9BA,EAAMtD,KAAK,KACM,iBAAVsD,EACLa,KAAKG,UAAUhB,GACdA,EACP,MAAO,GAAGkC,KAAO+D,mBAAmBD,IAAY,IAEjDtJ,KAAK,KAKV,OAHYqJ,EACR,GAAG5B,qBAA2B0B,KAAYE,IAC1C,GAAG5B,qBAA2B0B,GAC3B,EA2sBPK,kBAxsBwBlJ,MACxB6I,EACA3I,KAEA,MAAMD,EAAM,GAAGkH,qBAA2B0B,oBACpCvB,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL+B2I,EAC7B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA4qBfoK,eAxqBqBnJ,MACrBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,oBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALiD2I,EAC/C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA0oBfqK,qBAtoB2BpJ,MAC3BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,2BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAwmBfsK,QApmBcrJ,MACdnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,YACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAwkBfuK,oBApkB0BtJ,MAC1BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,0BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAsiBfwK,eAliBqBvJ,MACrBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,oBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALkD2I,EAChD3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAogBfyK,qBAhgB2BxJ,MAC3BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,2BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkefgD,aA9dmB/B,MACnBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,UACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAHuB2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIjE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkcf0K,qBA9b2BzJ,MAC3B6I,EACAhK,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,oBAA0B0B,IACnCvB,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL+B2I,EAC7B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA+Zf2K,YA3ZkB1J,MAClBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,iBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAHsB2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIhE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA+Xf4K,QA3Xc3J,MACdE,IAEA,MAAMD,EAAM,GAAGkH,SACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAHoB2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAI9D1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkWf6K,gBA9VsB5J,MACtBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,qBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkUf8K,gBA9TsB7J,MACtBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,sBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkSf+K,sBA9R4B9J,MAC5BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,uCACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkQfgL,oBA9P0B/J,MAC1BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,aACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkOfiL,mBA9NyBhK,MACzBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,kBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkMfkL,uBA9L6BjK,MAC7BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,wBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkKfmL,eA9JqBlK,MACrBE,IAEA,MAAMD,EAAM,GAAGkH,sBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALkD2I,EAChD3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAmIfoL,qBA/H2BnK,MAC3BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,yBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL4C2I,EAC1C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAiGfqL,gBA7FuBtB,IACvB,MAAMC,EACJD,GACAhE,OAAOC,QAAQ+D,GACZtJ,KAAI,EAAE0F,EAAKlC,MACV,MAAMgG,EAAc5J,MAAMC,QAAQ2D,GAC9BA,EAAMtD,KAAK,KACM,iBAAVsD,EACLa,KAAKG,UAAUhB,GACdA,EACP,MAAO,GAAGkC,KAAO+D,mBAAmBD,IAAY,IAEjDtJ,KAAK,KAKV,OAHYqJ,EACR,GAAG5B,YAAkB4B,IACrB,GAAG5B,UACA,EA6EPkD,WA1EiBrK,MACjBE,IAEA,MAAMD,EAAM,GAAGkH,YACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALqC2I,EACnC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA8Cf,ED/hGWuL,CAAiBxD,GACxByD,EEiOuB,EAC7BpD,EACA7I,EAAkC,MAElC,IAAII,EAAQL,EAAoBC,GAybhC,MAAO,CACL6I,UACAlB,kBAzbyBxH,IACzBH,EAAe8I,KAAK3I,GACpBC,EAAQL,EAAoBC,EAAc,EAwb1CkM,YAtbkBxK,MAClBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,UACTsD,EAAW,IAAIC,cACK,IAAtB7L,EAAK,cACP4L,EAASE,OAAO,YAAa9L,EAAK,mBAET,IAAvBA,EAAK,eACPA,EAAK,cAAc+L,SAAS5H,IAC1ByH,EAASE,OACP,aACA,IAAIE,KAAK,CAAChH,KAAKG,UAAUhB,IAAS,CAAE8H,KAAM,qBAC1C,GAAA,SAIiB,IAAnBjM,EAAK,WACPA,EAAK,UAAU+L,SAAS5H,IACtByH,EAASE,OAAO,SAAU3H,EAAK,IAInC,MAAMsE,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACR1I,KAAM4L,IAGR,GAAInD,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALsC2I,EACpC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAyYfgM,WArYiB/K,MACjBgL,EACA9K,KAEA,MAAMD,EAAM,GAAGkH,WAAiB6D,IAC1B1D,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,SACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAIA,MAAO,CACLF,UAHyB,EAIzBC,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA8WfkM,QA1WcjL,MACdgL,EACAlC,EACA5I,KAEA,MAAM6I,EACJD,GACAhE,OAAOC,QAAQ+D,GACZtJ,KAAI,EAAE0F,EAAKlC,MACV,MAAMgG,EAAc5J,MAAMC,QAAQ2D,GAC9BA,EAAMtD,KAAK,KACM,iBAAVsD,EACLa,KAAKG,UAAUhB,GACdA,EACP,MAAO,GAAGkC,KAAO+D,mBAAmBD,IAAY,IAEjDtJ,KAAK,KAEJO,EAAM8I,EACR,GAAG5B,WAAiB6D,KAAMjC,IAC1B,GAAG5B,WAAiB6D,IAClB1D,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAIA,MAAO,CACLF,WAH0ByI,EAAI4D,OAI9BpM,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAmUfoM,uBA/T6BnL,MAC7BgL,EACAlC,EACA5I,KAEA,MAAM6I,EACJD,GACAhE,OAAOC,QAAQ+D,GACZtJ,KAAI,EAAE0F,EAAKlC,MACV,MAAMgG,EAAc5J,MAAMC,QAAQ2D,GAC9BA,EAAMtD,KAAK,KACM,iBAAVsD,EACLa,KAAKG,UAAUhB,GACdA,EACP,MAAO,GAAGkC,KAAO+D,mBAAmBD,IAAY,IAEjDtJ,KAAK,KAEJO,EAAM8I,EACR,GAAG5B,WAAiB6D,KAAMjC,IAC1B,GAAG5B,WAAiB6D,IAClB1D,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAIA,MAAO,CACLF,UAHyB,EAIzBC,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAwRfqM,YApRkBpL,MAClBgL,EACAnM,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,WAAiB6D,IAC1BP,EAAW,IAAIC,cACI,IAArB7L,EAAe,UACjB4L,EAASE,OACP,WACA,IAAIE,KAAK,CAAChH,KAAKG,UAAUnF,EAAe,WAAK,CAC3CiM,KAAM,qBAER,SAGiB,IAAjBjM,EAAW,MACb4L,EAASE,OAAO,OAAQ9L,EAAW,MAGrC,MAAMyI,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACR1I,KAAM4L,IAGR,GAAInD,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH4B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAItE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA6OfsM,oBAzO0BrL,MAC1BgL,EACA9K,KAEA,MAAMD,EAAM,GAAGkH,WAAiB6D,iBAC1B1D,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALoC2I,EAClC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA6MfuM,qBAzM2BtL,MAC3BE,IAEA,MAAMD,EAAM,GAAGkH,+BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL+C2I,EAC7C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA8KfwM,oBA1K0BvL,MAC1BE,IAEA,MAAMD,EAAM,GAAGkH,uBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8C2I,EAC5C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA+IfyM,mBA3IyBxL,MACzBE,IAEA,MAAMD,EAAM,GAAGkH,6BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL6C2I,EAC3C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAgHf0M,qBA5G2BzL,MAC3BE,IAEA,MAAMD,EAAM,GAAGkH,0BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL+C2I,EAC7C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAiFf2M,kBA7EwB1L,MACxBE,IAEA,MAAMD,EAAM,GAAGkH,qBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL4C2I,EAC1C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkDfsL,WA9CiBrK,MACjBE,IAEA,MAAMD,EAAM,GAAGkH,YACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALkC2I,EAChC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkBf,EF5qBoB4M,CAAoB3E,EAAgB,IACpD4E,EG3RuB,EAC7B3L,EACA3B,EAAkC,MAElC,IAAIuN,EAAgBxN,EAAoBC,GAExC,MAKMwN,EAAmB9L,MAIvBc,EACAZ,KAEA,MAAM4B,QAAiB+J,EAAc,GAAG5L,IAAO,CAC7CsH,OAAQ,OACRxI,QAAS,CACP,eAAgB,oBAElBF,KAAMgF,KAAKG,UAAUlD,MAClBZ,IAGCrB,QAAaiD,EAAS2F,OACtBsE,EACJlN,EAAOgF,KAAKC,MAAMjF,GAAQ,CAAA,EAGtBmN,EAAO,CACXnN,KAAMkN,EACNjN,OAAQgD,EAAShD,OACjBC,QAAS+C,EAAS/C,SAGpB,GAAIgN,EAAKE,OACP,MAAM,IAAItN,EAAWoN,EAAMjK,EAAShD,OAAQgD,EAAS/C,SAGvD,OAAOiN,CAAA,EAuCT,MAAO,CACLlL,QA5BF,SACEoL,EAGAC,EACAjM,GAEA,GAAiC,iBAAtBgM,GAAkC,SAAUA,EAAmB,CACxE,MAAME,EAAaF,EAAkBG,YAAY,GAE3CvL,EAAsC,CAC1CwL,MAAOJ,EAAkBK,KAAKC,OAAO3N,MAAQ,GAC7C4N,UAAWN,EACXO,cACEN,GAAc,SAAUA,EACpBA,EAAWO,MAAM3J,WACjB,GAER,OAAO8I,EAAiBhL,EAASZ,EACnC,CAIE,OAAO4L,EAFSI,EACOC,EAG3B,EAIElM,MACAgG,kBA9EyBxH,IACzBH,EAAe8I,KAAK3I,GACpBoN,EAAgBxN,EAAoBC,EAAc,EA4ElD,EHuMoBsO,CAAoB3F,EAAgB,IACpD4F,EIlUuB,EAC7B1F,EACA7I,EAAkC,MAElC,IAAIuN,EAAgBxN,EAAoBC,GAExC,MAeMI,EAAQsB,MACZ8M,EACA5M,KAEA,MAAM8L,QAAaH,EAAc,GAAG1E,IAAU2F,IAAQ5M,GAEtD,IAAIrB,EAWJ,GAREA,EADEmN,EAAKjN,QAAQuB,IAAI,iBAAiBmC,SAAS,0BAC/BuJ,EAAKpJ,OACVoJ,EAAKjN,QAAQuB,IAAI,iBAAiB2C,WAAW,eACzC+I,EAAKvE,aAELuE,EAAKd,QAIfc,EAAKe,GACR,MAAM,IAAIpO,EAAWE,EAAMmN,EAAKlN,OAAQkN,EAAKjN,SAG/C,MAAO,CACLD,OAAQkN,EAAKlN,OACbD,OACAE,QAASiN,EAAKjN,QAAA,EAuClB,MAAO,CACLoI,UACAzI,MAAAA,EACAsO,KAxBWhN,MACX8M,EACAjO,EACAqB,EAAuB,CAAA,KAGvB,MAAM+M,EAA8B,IAC/B/M,EACHqH,OAAQ,OACRxI,QAAS,CACPmO,OAAQ,mBACR,eAAgB,sBACbhN,EAAQnB,SAEbF,KAAMA,EAAOgF,KAAKG,UAAUnF,QAAQ,GAGtC,OAAOH,EAASoO,EAAMG,EAAc,EAQpChH,kBAlFyBxH,IACzBH,EAAe8I,KAAK3I,GACpBoN,EAAgBxN,EAAoBC,EAAc,EAgFlD,EJ0OsB6O,CAAsBjG,EAAkB,IAGhE,IAAA,MAAWkG,KAAYvG,EACrBuG,EAAS,CACPjM,OACArB,QAASyK,EACT3E,QAASgG,EACT/F,UAAWgH,EACX/G,mBAKJ,OAAO,IAAIK,EACThF,EACAoJ,EACAqB,EACAiB,EACA/G,EAEJ,CKxWO,MAAMiB,EAAqB,CAChCsG,EACA9G,EACAC,EACA8G,IAEIA,IAEO/G,GAAaC,EACf,WAAWD,KAAa8G,KAAe7G,iBAEvC,iBAAiB6G,uCLmZrB,SAAsBnN,EAA8B,IACzD,MAAMJ,EAAUI,EAAQJ,SAAW4F,IAEnC,OAAOY,EAAkB,IACpBpG,EACHJ,UACA+G,UAAW,CAAClB,KAAqCzF,EAAQ2G,WAAa,KAE1E,6CAgIO,SACL3G,GAEA,OAAOoG,EAAkB,IACpBpG,EACH2G,UAAW,CAACX,KAAqChG,EAAQ2G,WAAa,KAE1E,4CA5fO,SACL0G,GAEA,MAAO,EAAGzN,UAAS8F,UAASC,gBAC1B,MAAM2H,GMlBPtN,ENkBoDqN,EMjBpDxN,GACDC,MAAOC,EAAagN,EAA8B,MAChD,MAAMlO,EAAU,IAAIoB,QAAQ8M,EAAelO,SAAW,CAAA,GAatD,GAVKA,EAAQqB,IAAI,0BACfrB,EAAQ2B,IAAI,wBAAyBR,EAAQuN,aAI3CvN,EAAQwN,OAAS3O,EAAQqB,IAAI,kBAC/BrB,EAAQ2B,IAAI,gBAAiBR,EAAQwN,MAInCxN,EAAQyN,iBACV,IAAA,MAAYzI,EAAKlC,KAAU8B,OAAOC,QAAQ7E,EAAQyN,kBAAmB,CAEnE,MAAMC,EAAY1I,EAAIjC,WAAW,aAAeiC,EAAM,YAAYA,IAG7DnG,EAAQqB,IAAIwN,IACf7O,EAAQ2B,IAAIkN,EAAW5K,EAE3B,CAGF,OAAOjD,EAAKE,EAAK,IAAKgN,EAAgBlO,WAAS,GA5BjD,IAACmB,ENoBCJ,EAAQmG,kBAAkBuH,GAC1B5H,EAAQK,kBAAkBuH,GAC1B3H,EAAUI,kBAAkBuH,EAAe,CAE/C"}
1	+ {"version":3,"file":"nhost-js.umd.js","sources":["../src/fetch/fetch.ts","../src/fetch/middlewareAttachAccessToken.ts","../src/session/refreshSession.ts","../src/fetch/middlewareSessionRefresh.ts","../src/fetch/middlewareUpdateSessionFromResponse.ts","../src/session/session.ts","../src/session/storageBackend.ts","../src/session/storage.ts","../src/nhost.ts","../src/auth/client.ts","../src/storage/client.ts","../src/graphql/client.ts","../src/functions/client.ts","../src/index.ts","../src/fetch/middlewareWithAdminSession.ts"],"sourcesContent":["/*\n Type definition for a fetch-like function.\n * Takes the same parameters as fetch and returns the same type.\n * This allows middleware to intercept and modify requests and responses.\n /\nexport type FetchFunction = (\n url: string,\n options?: RequestInit,\n) => Promise<Response>;\n\n/\n Type definition for a chain function (middleware).\n * Takes a fetch-like function and returns another fetch-like function.\n \n Chain functions can be used to implement:\n * - Authentication token handling\n * - Error handling and retry logic\n * - Request and response transformations\n * - Logging and metrics\n /\nexport type ChainFunction = (next: FetchFunction) => FetchFunction;\n\n/\n Creates an enhanced fetch function using a chain of middleware functions.\n \n The fetch chain executes in the order of the array, with each middleware\n * wrapping the next one in the chain. This allows each middleware to\n * intercept both the request (before calling next) and the response\n * (after calling next).\n \n @example\n * ```typescript\n * // Simple logging middleware\n * const loggingMiddleware: ChainFunction = (next) => {\n * return async (url, options) => {\n * console.log(`Request to ${url}`);\n * const response = await next(url, options);\n * console.log(`Response from ${url}: ${response.status}`);\n * return response;\n * };\n * };\n \n const enhancedFetch = createEnhancedFetch([loggingMiddleware]);\n * const response = await enhancedFetch('https://api.example.com/data');\n * ```\n \n @param chainFunctions - Array of chain functions to apply in order\n * @returns Enhanced fetch function with all middleware applied\n /\nexport function createEnhancedFetch(\n chainFunctions: ChainFunction[] = [],\n): FetchFunction {\n // Build the chain starting with vanilla fetch, but apply functions in reverse\n // to achieve the desired execution order\n return chainFunctions.reduceRight(\n (nextInChain, chainFunction) => chainFunction(nextInChain),\n fetch as FetchFunction,\n );\n}\n\n/\n Interface representing a structured API response.\n \n This interface provides a consistent structure for responses across the SDK,\n * offering access to the parsed response body along with status and headers.\n \n @template T - The type of the response body\n /\nexport interface FetchResponse<T> {\n /* The parsed response body /\n body: T;\n /* HTTP status code of the response /\n status: number;\n /* Response headers /\n headers: Headers;\n}\n\nfunction extractMessage(body: unknown): string {\n if (body && typeof body === \"string\") {\n return body;\n }\n\n if (body && typeof body === \"object\") {\n const typedBody = body as Record<string, unknown>;\n\n if (\"message\" in typedBody && typeof typedBody[\"message\"] === \"string\") {\n return typedBody[\"message\"];\n }\n\n if (\"error\" in typedBody && typeof typedBody[\"error\"] === \"string\") {\n return typedBody[\"error\"];\n }\n\n if (\n \"error\" in typedBody &&\n typedBody[\"error\"] &&\n typeof typedBody[\"error\"] === \"object\"\n ) {\n const error = typedBody[\"error\"] as Record<string, unknown>;\n if (\"message\" in error && typeof error[\"message\"] === \"string\") {\n return error[\"message\"];\n }\n }\n\n if (\"errors\" in typedBody && Array.isArray(typedBody[\"errors\"])) {\n const messages = (typedBody[\"errors\"] as unknown[])\n .filter(\n (error): error is { message: string } =>\n typeof error === \"object\" &&\n error !== null &&\n \"message\" in error &&\n typeof (error as { message: unknown })[\"message\"] === \"string\",\n )\n .map((error) => error[\"message\"]);\n\n if (messages.length > 0) {\n return messages.join(\", \");\n }\n }\n }\n\n return \"An unexpected error occurred\";\n}\n\n/\n Error class for representing fetch operation failures.\n \n This class extends the standard Error to include additional\n * information about failed requests, including the response body,\n * status code, and headers. The error message is automatically\n * extracted from common error response formats.\n \n @template T - The type of the response body\n /\nexport class FetchError<T = unknown> extends Error {\n /* The original response body /\n body: T;\n /* HTTP status code of the failed response /\n status: number;\n /* Response headers /\n headers: Headers;\n\n /\n Creates a new FetchError instance\n \n @param body - The response body from the failed request\n * @param status - The HTTP status code\n * @param headers - The response headers\n /\n constructor(body: T, status: number, headers: Headers) {\n super(extractMessage(body));\n this.body = body;\n this.status = status;\n this.headers = headers;\n }\n}\n","/\n Authorization token attachment middleware for the Nhost SDK.\n \n This module provides middleware functionality to automatically attach\n * authorization tokens to outgoing API requests, ensuring the client\n * is properly authenticated.\n /\n\nimport type { Session } from \"../auth\";\nimport type { SessionStorage } from \"../session/storage\";\nimport type { ChainFunction, FetchFunction } from \"./fetch\";\n\n/\n Creates a fetch middleware that adds the Authorization header with the current access token.\n \n This middleware:\n * 1. Gets the current session from storage\n * 2. Adds the authorization header with the access token to outgoing requests\n \n This middleware should be used after the refresh middleware in the chain to\n * ensure the most recent token is used.\n \n @param storage - Storage implementation for retrieving session data\n * @returns A middleware function that adds Authorization headers\n /\nexport const attachAccessTokenMiddleware =\n (storage: SessionStorage): ChainFunction =>\n (next: FetchFunction): FetchFunction =>\n async (url: string, options: RequestInit = {}): Promise<Response> => {\n const headers = new Headers(options.headers \|\| {});\n\n // Skip if Authorization header is already set\n if (headers.has(\"Authorization\")) {\n return next(url, options);\n }\n\n // Get current session from storage\n const session = storage.get();\n\n if (session?.accessToken) {\n // Add authorization header\n const newOptions = {\n ...options,\n headers: addAuthorizationHeader(headers, session),\n };\n\n // Continue with the fetch chain\n return next(url, newOptions);\n }\n\n // No session or no access token, continue without authorization\n return next(url, options);\n };\n\n/\n Adds the Authorization header with the access token to the request headers\n \n @param headers - Original request headers\n * @param session - Current session containing the access token\n * @returns Modified headers with Authorization header\n /\nfunction addAuthorizationHeader(headers: Headers, session: Session): Headers {\n if (session.accessToken) {\n headers.set(\"Authorization\", `Bearer ${session.accessToken}`);\n }\n return headers;\n}\n","import type { Client as AuthClient, ErrorResponse } from \"../auth\";\nimport type { FetchResponse } from \"../fetch\";\nimport type { Session } from \"./session\";\nimport type { SessionStorage } from \"./storage\";\n\nclass DummyLock implements Lock {\n async request(\n _name: string,\n _options: { mode: \"exclusive\" \| \"shared\" },\n // biome-ignore lint/suspicious/noExplicitAny: any\n callback: () => Promise<any>,\n ) {\n return callback();\n }\n}\n\ninterface Lock {\n request: (\n name: string,\n options: { mode: \"exclusive\" \| \"shared\" },\n // biome-ignore lint/suspicious/noExplicitAny: blah\n callback: () => Promise<any>,\n // biome-ignore lint/suspicious/noExplicitAny: blah\n ) => Promise<any>;\n}\n\nconst lock: Lock =\n // biome-ignore lint/complexity/useOptionalChain: this check breaks non-browser environments\n typeof navigator !== \"undefined\" && navigator.locks\n ? navigator.locks\n : new DummyLock();\n\n/\n Refreshes the authentication session if needed\n \n This function checks if the current session needs to be refreshed based on\n * the access token expiration time. If a refresh is needed, it will attempt to\n * refresh the token using the provided auth client.\n \n @param auth - The authentication client to use for token refresh\n * @param storage - The session storage implementation\n * @param marginSeconds - The number of seconds before the token expiration to refresh the session. If the token is still valid for this duration, it will not be refreshed. Set to 0 to force the refresh.\n * @returns A promise that resolves to the current session (refreshed if needed) or null if no session exists\n /\nexport const refreshSession = async (\n auth: AuthClient,\n storage: SessionStorage,\n marginSeconds = 60,\n): Promise<Session \| null> => {\n try {\n return await _refreshSession(auth, storage, marginSeconds);\n } catch (error) {\n try {\n // we retry the refresh token in case of transient error\n // or race conditions\n console.warn(\"error refreshing session, retrying:\", error);\n return await _refreshSession(auth, storage, marginSeconds);\n } catch (error) {\n const errResponse = error as FetchResponse<ErrorResponse>;\n if (errResponse?.status === 401) {\n // this probably means the refresh token is invalid\n console.error(\"session probably expired\");\n storage.remove();\n }\n return null;\n }\n }\n};\n\n/\n Internal implementation of the refresh session logic\n \n @param auth - The authentication client to use for token refresh\n * @param storage - The session storage implementation\n * @param marginSeconds - How many seconds before expiration to trigger a refresh\n * @returns A promise that resolves to the current session (refreshed if needed) or null if no session exists\n * @private\n /\nconst _refreshSession = async (\n auth: AuthClient,\n storage: SessionStorage,\n marginSeconds = 60,\n): Promise<Session \| null> => {\n const {\n session,\n needsRefresh,\n }: { session: Session \| null; needsRefresh: boolean } = await lock.request(\n \"nhostSessionLock\",\n { mode: \"shared\" },\n async () => {\n return _needsRefresh(storage, marginSeconds);\n },\n );\n\n if (!session) {\n return null; // No session found\n }\n\n if (!needsRefresh) {\n return session; // No need to refresh\n }\n\n const refreshedSession: Session \| null = await lock.request(\n \"nhostSessionLock\",\n { mode: \"exclusive\" },\n async () => {\n const { session, needsRefresh, sessionExpired } = _needsRefresh(\n storage,\n marginSeconds,\n );\n\n if (!session) {\n return null; // No session found\n }\n\n if (!needsRefresh) {\n return session; // No need to refresh\n }\n\n try {\n const response = await auth.refreshToken({\n refreshToken: session.refreshToken,\n });\n storage.set(response.body);\n\n return response.body;\n } catch (error) {\n if (!sessionExpired) {\n return session;\n }\n\n throw error;\n }\n },\n );\n\n return refreshedSession;\n};\n\n/\n Checks if the current session needs to be refreshed based on token expiration\n \n @param storage - The session storage implementation\n * @param marginSeconds - How many seconds before expiration to trigger a refresh\n * @returns An object containing the session, whether it needs refreshing, and whether it has expired\n * @private\n /\nconst _needsRefresh = (storage: SessionStorage, marginSeconds = 60) => {\n const session = storage.get();\n if (!session) {\n return { session: null, needsRefresh: false, sessionExpired: false };\n }\n\n if (!session.decodedToken \|\| !session.decodedToken.exp) {\n // if the session does not have a valid decoded token, treat it as expired\n // as we can't determine its validity\n return { session, needsRefresh: true, sessionExpired: true };\n }\n\n // Force refresh if marginSeconds is 0\n if (marginSeconds === 0) {\n return { session, needsRefresh: true, sessionExpired: false };\n }\n\n const currentTime = Date.now();\n if (session.decodedToken.exp - currentTime > marginSeconds 1000) {\n return { session, needsRefresh: false, sessionExpired: false };\n }\n\n return {\n session,\n needsRefresh: true,\n sessionExpired: session.decodedToken.exp < currentTime,\n };\n};\n","/*\n Auth token refresh middleware for the Nhost SDK.\n \n This module provides middleware functionality to automatically refresh\n * authentication tokens before they expire, ensuring seamless API access\n * without requiring manual token refresh by the application.\n /\n\nimport type { Client } from \"../auth\";\nimport { refreshSession } from \"../session/refreshSession\";\nimport type { SessionStorage } from \"../session/storage\";\nimport type { ChainFunction, FetchFunction } from \"./fetch\";\n\n/\n Creates a fetch middleware that automatically refreshes authentication tokens.\n \n This middleware:\n * 1. Checks if the current token is about to expire\n * 2. If so, uses the refresh token to obtain a new access token\n \n The middleware handles token refresh transparently, so the application\n * doesn't need to manually refresh tokens.\n \n @param auth - Auth API client for token refresh operations\n * @param storage - Storage implementation for persisting session data\n * @param options - Configuration options for token refresh behavior\n * @param options.marginSeconds - Number of seconds before token expiration to trigger a refresh, default is 60 seconds\n * @returns A middleware function that can be used in the fetch chain\n /\nexport const sessionRefreshMiddleware = (\n auth: Client,\n storage: SessionStorage,\n options?: {\n marginSeconds?: number;\n },\n): ChainFunction => {\n const { marginSeconds = 60 } = options \|\| {};\n\n // Create and return the chain function\n return (next: FetchFunction): FetchFunction =>\n async (url: string, options: RequestInit = {}): Promise<Response> => {\n // Skip token handling for certain requests\n if (shouldSkipTokenHandling(url, options)) {\n return next(url, options);\n }\n\n try {\n await refreshSession(auth, storage, marginSeconds);\n } catch {\n // do nothing, we still want to call the next function\n }\n return next(url, options);\n };\n};\n\n/\n Determines if token handling should be skipped for this request\n \n @param url - Request URL\n * @param options - Request options\n * @returns True if token handling should be skipped, false otherwise\n /\nfunction shouldSkipTokenHandling(url: string, options: RequestInit): boolean {\n const headers = new Headers(options.headers \|\| {});\n\n // If Authorization header is explicitly set, skip token handling\n if (headers.has(\"Authorization\")) {\n return true;\n }\n\n // If calling the token endpoint, skip to avoid infinite loops\n if (url.endsWith(\"/v1/token\")) {\n return true;\n }\n\n return false;\n}\n","/\n Session response middleware for the Nhost SDK.\n \n This module provides middleware functionality to automatically extract\n * and persist session information from authentication responses, ensuring\n * that new sessions are properly stored after sign-in operations.\n /\n\nimport type { Session, SessionPayload } from \"../auth\";\nimport type { SessionStorage } from \"../session/storage\";\nimport type { ChainFunction } from \"./fetch\";\n\n/\n Creates a fetch middleware that automatically extracts and stores session data from API responses.\n \n This middleware:\n * 1. Monitors responses from authentication-related endpoints\n * 2. Extracts session information when present\n * 3. Stores the session in the provided storage implementation\n * 4. Handles session removal on sign-out\n \n This ensures that session data is always up-to-date in storage after operations\n * that create or invalidate sessions.\n \n @param storage - Storage implementation for persisting session data\n * @returns A middleware function that can be used in the fetch chain\n /\nexport const updateSessionFromResponseMiddleware = (\n storage: SessionStorage,\n): ChainFunction => {\n /\n Helper function to extract session data from various response formats\n \n @param body - Response data to extract session from\n * @returns Session object if found, null otherwise\n /\n const sessionExtractor = (\n body: Session \| SessionPayload \| string,\n ): Session \| null => {\n if (typeof body === \"string\") {\n return null;\n }\n\n if (\"session\" in body) {\n // SessionPayload\n return body.session \|\| null;\n }\n\n if (\"accessToken\" in body && \"refreshToken\" in body && \"user\" in body) {\n // Session\n return body;\n }\n\n return null;\n };\n\n return (next: (url: string, options?: RequestInit) => Promise<Response>) =>\n async (url: string, options?: RequestInit) => {\n // Call the next middleware in the chain\n const response = await next(url, options);\n\n try {\n // Check if this is a logout request\n if (url.endsWith(\"/signout\")) {\n // Remove session on sign-out\n storage.remove();\n return response;\n }\n\n // Check if this is an auth-related endpoint that might return session data\n if (\n url.endsWith(\"/token\") \|\|\n url.includes(\"/signin/\") \|\|\n url.includes(\"/signup/\")\n ) {\n // Clone the response to avoid consuming it\n const clonedResponse = response.clone();\n\n // Parse the JSON data\n const body = (await clonedResponse.json().catch(() => null)) as\n \| Session\n \| SessionPayload;\n\n if (body) {\n // Extract session data from response using provided extractor\n const session = sessionExtractor(body);\n\n // If session data is found, store it\n if (session?.accessToken && session.refreshToken) {\n storage.set(session);\n }\n }\n }\n } catch (error) {\n console.warn(\"Error in session response middleware:\", error);\n }\n\n // Return the original response\n return response;\n };\n};\n","import type { Session as AuthSession } from \"../auth\";\n\n/\n Decoded JWT token payload with processed timestamps and Hasura claims\n /\nexport interface DecodedToken {\n /* Token expiration time as Date object /\n exp?: number;\n /* Token issued at time as Date object /\n iat?: number;\n /* Token issuer /\n iss?: string;\n /* Token subject (user ID) /\n sub?: string;\n /* Hasura JWT claims with PostgreSQL arrays converted to JavaScript arrays /\n \"https://hasura.io/jwt/claims\"?: Record<string, unknown>;\n /* Any other JWT claims /\n [key: string]: unknown;\n}\n\nexport interface Session extends AuthSession {\n /* Decoded JWT token payload with processed timestamps and Hasura claims /\n decodedToken: DecodedToken;\n}\n\nexport const decodeUserSession = (accessToken: string): DecodedToken => {\n const s = accessToken.split(\".\");\n if (s.length !== 3 \|\| !s[1]) {\n throw new Error(\"Invalid access token format\");\n }\n\n const decodedToken = JSON.parse(\n typeof atob !== \"undefined\"\n ? atob(s[1])\n : Buffer.from(s[1], \"base64\").toString(\"utf-8\"),\n ) as Record<string, unknown>;\n\n // Convert iat and exp to Date objects\n const iat =\n typeof decodedToken[\"iat\"] === \"number\"\n ? decodedToken[\"iat\"] 1000 // Convert seconds to milliseconds\n : undefined;\n const exp =\n typeof decodedToken[\"exp\"] === \"number\"\n ? decodedToken[\"exp\"] * 1000 // Convert seconds to milliseconds\n : undefined;\n\n // Process Hasura claims - dynamically convert PostgreSQL array notation to arrays\n const hasuraClaims = decodedToken[\"https://hasura.io/jwt/claims\"] as\n \| Record<string, unknown>\n \| undefined;\n const processedClaims = hasuraClaims\n ? Object.entries(hasuraClaims).reduce(\n (acc, [key, value]) => {\n if (typeof value === \"string\" && isPostgresArray(value)) {\n acc[key] = parsePostgresArray(value);\n } else {\n acc[key] = value;\n }\n return acc;\n },\n {} as Record<string, unknown>,\n )\n : undefined;\n\n return {\n ...decodedToken,\n iat,\n exp,\n \"https://hasura.io/jwt/claims\": processedClaims,\n };\n};\n\nconst isPostgresArray = (value: string): boolean => {\n return value.startsWith(\"{\") && value.endsWith(\"}\");\n};\n\nconst parsePostgresArray = (value: string): string[] => {\n if (!value \|\| value === \"{}\") return [];\n // Remove curly braces and split by comma, handling quoted values\n return value\n .slice(1, -1)\n .split(\",\")\n .map((item) => item.trim().replace(/^\"(.)\"$/, \"$1\"));\n};\n","/\n Storage implementations for session persistence in different environments.\n \n This module provides different storage adapters for persisting authentication sessions\n * across page reloads and browser sessions.\n /\n\nimport type { Session } from \"./session\";\n\n/\n Session storage interface for session persistence.\n * This interface can be implemented to provide custom storage solutions.\n /\nexport interface SessionStorageBackend {\n /\n Get the current session from storage\n * @returns The stored session or null if not found\n /\n get(): Session \| null;\n\n /\n Set the session in storage\n * @param value - The session to store\n /\n set(value: Session): void;\n\n /\n Remove the session from storage\n /\n remove(): void;\n}\n\n/\n Default storage key used for storing the Nhost session\n /\nexport const DEFAULT_SESSION_KEY = \"nhostSession\";\n\n/\n Browser localStorage implementation of StorageInterface.\n * Persists the session across page reloads and browser restarts.\n /\nexport class LocalStorage implements SessionStorageBackend {\n private readonly storageKey: string;\n\n /\n Creates a new LocalStorage instance\n * @param options - Configuration options\n * @param options.storageKey - The key to use in localStorage (defaults to \"nhostSession\")\n /\n constructor(options?: { storageKey?: string }) {\n this.storageKey = options?.storageKey \|\| DEFAULT_SESSION_KEY;\n }\n\n /\n Gets the session from localStorage\n * @returns The stored session or null if not found\n /\n get(): Session \| null {\n try {\n const value = window.localStorage.getItem(this.storageKey);\n return value ? (JSON.parse(value) as Session) : null;\n } catch {\n this.remove();\n return null;\n }\n }\n\n /\n Sets the session in localStorage\n * @param value - The session to store\n /\n set(value: Session): void {\n window.localStorage.setItem(this.storageKey, JSON.stringify(value));\n }\n\n /\n Removes the session from localStorage\n /\n remove(): void {\n window.localStorage.removeItem(this.storageKey);\n }\n}\n\n/\n In-memory storage implementation for non-browser environments or when\n * persistent storage is not available or desirable.\n /\nexport class MemoryStorage implements SessionStorageBackend {\n private session: Session \| null = null;\n\n /\n Gets the session from memory\n * @returns The stored session or null if not set\n /\n get(): Session \| null {\n return this.session;\n }\n\n /\n Sets the session in memory\n * @param value - The session to store\n /\n set(value: Session): void {\n this.session = value;\n }\n\n /\n Clears the session from memory\n /\n remove(): void {\n this.session = null;\n }\n}\n\n/\n Cookie-based storage implementation.\n * This storage uses web browser cookies to store the session so it's not\n * available in server-side environments. It is useful though for synchronizing\n * sessions between client and server environments.\n /\nexport class CookieStorage implements SessionStorageBackend {\n private readonly cookieName: string;\n private readonly expirationDays: number;\n private readonly secure: boolean;\n private readonly sameSite: \"strict\" \| \"lax\" \| \"none\";\n\n /\n Creates a new CookieStorage instance\n * @param options - Configuration options\n * @param options.cookieName - Name of the cookie to use (defaults to \"nhostSession\")\n * @param options.expirationDays - Number of days until the cookie expires (defaults to 30)\n * @param options.secure - Whether to set the Secure flag on the cookie (defaults to true)\n * @param options.sameSite - SameSite policy for the cookie (defaults to \"lax\")\n /\n constructor(options?: {\n cookieName?: string;\n expirationDays?: number;\n secure?: boolean;\n sameSite?: \"strict\" \| \"lax\" \| \"none\";\n }) {\n this.cookieName = options?.cookieName \|\| DEFAULT_SESSION_KEY;\n this.expirationDays = options?.expirationDays ?? 30;\n this.secure = options?.secure ?? true;\n this.sameSite = options?.sameSite \|\| \"lax\";\n }\n\n /\n Gets the session from cookies\n * @returns The stored session or null if not found\n /\n get(): Session \| null {\n const cookies = document.cookie.split(\";\");\n for (const cookie of cookies) {\n const [name, value] = cookie.trim().split(\"=\");\n if (name === this.cookieName) {\n try {\n return JSON.parse(decodeURIComponent(value \|\| \"\")) as Session;\n } catch {\n this.remove();\n return null;\n }\n }\n }\n return null;\n }\n\n /\n Sets the session in a cookie\n * @param value - The session to store\n /\n set(value: Session): void {\n const expires = new Date();\n expires.setTime(\n expires.getTime() + this.expirationDays 24 * 60 * 60 * 1000,\n );\n\n const cookieValue = encodeURIComponent(JSON.stringify(value));\n const cookieString = `${this.cookieName}=${cookieValue}; expires=${expires.toUTCString()}; path=/; ${this.secure ? \"secure; \" : \"\"}SameSite=${this.sameSite}`;\n\n // biome-ignore lint/suspicious/noDocumentCookie: this is unnecessary\n document.cookie = cookieString;\n }\n\n /*\n Removes the session cookie\n /\n remove(): void {\n // biome-ignore lint/suspicious/noDocumentCookie: this is unnecessary\n document.cookie = `${this.cookieName}=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/; ${this.secure ? \"secure; \" : \"\"}SameSite=${this.sameSite}`;\n }\n}\n","/\n Storage implementations for session persistence in different environments.\n \n This module provides different storage adapters for persisting authentication sessions\n * across page reloads and browser sessions.\n /\n\nimport type { Session as AuthSession } from \"../auth\";\nimport { decodeUserSession, type Session } from \"./session\";\nimport {\n LocalStorage,\n MemoryStorage,\n type SessionStorageBackend,\n} from \"./storageBackend\";\n\n/\n Callback function type for session change subscriptions\n /\nexport type SessionChangeCallback = (session: Session \| null) => void;\n\n/\n A wrapper around any SessionStorageInterface implementation that adds\n * the ability to subscribe to session changes.\n /\nexport class SessionStorage {\n private readonly storage: SessionStorageBackend;\n private subscribers = new Set<SessionChangeCallback>();\n\n /\n Creates a new SessionStorage instance\n * @param storage - The underlying storage implementation to use\n /\n constructor(storage: SessionStorageBackend) {\n this.storage = storage;\n }\n\n /\n Gets the session from the underlying storage\n * @returns The stored session or null if not found\n /\n get(): Session \| null {\n return this.storage.get();\n }\n\n /\n Sets the session in the underlying storage and notifies subscribers\n * @param value - The session to store\n /\n set(value: AuthSession): void {\n const decodedToken = decodeUserSession(value.accessToken);\n const decodedSession = {\n ...value,\n decodedToken: decodedToken,\n };\n\n this.storage.set(decodedSession);\n this.notifySubscribers(decodedSession);\n }\n\n /\n Removes the session from the underlying storage and notifies subscribers\n /\n remove(): void {\n this.storage.remove();\n this.notifySubscribers(null);\n }\n\n /\n Subscribe to session changes\n * @param callback - Function that will be called when the session changes\n * @returns An unsubscribe function to remove this subscription\n /\n onChange(callback: SessionChangeCallback) {\n this.subscribers.add(callback);\n\n return () => {\n this.subscribers.delete(callback);\n };\n }\n\n /\n Notify all subscribers of a session change\n * @param session - The new session value or null if removed\n /\n private notifySubscribers(session: Session \| null): void {\n for (const subscriber of this.subscribers) {\n try {\n subscriber(session);\n } catch (error) {\n console.error(\"Error notifying subscriber:\", error);\n }\n }\n }\n}\n\n/\n Detects the best available storage implementation for the current environment.\n \n The detection process follows this order:\n * 1. Try to use localStorage if we're in a browser environment\n * 2. Fall back to in-memory storage if localStorage isn't available\n \n @returns The best available storage implementation as a SessionStorageBackend\n /\nexport const detectStorage = (): SessionStorageBackend => {\n if (typeof window !== \"undefined\") {\n return new LocalStorage();\n }\n return new MemoryStorage();\n};\n","import { generateServiceUrl } from \"./\";\nimport {\n type Client as AuthClient,\n createAPIClient as createAuthClient,\n} from \"./auth\";\nimport {\n type AdminSessionOptions,\n attachAccessTokenMiddleware,\n type ChainFunction,\n sessionRefreshMiddleware,\n updateSessionFromResponseMiddleware,\n withAdminSessionMiddleware,\n} from \"./fetch\";\nimport {\n createAPIClient as createFunctionsClient,\n type Client as FunctionsClient,\n} from \"./functions\";\nimport {\n createAPIClient as createGraphQLClient,\n type Client as GraphQLClient,\n} from \"./graphql\";\nimport {\n detectStorage,\n refreshSession,\n type Session,\n SessionStorage,\n type SessionStorageBackend,\n} from \"./session/\";\nimport {\n createAPIClient as createStorageClient,\n type Client as StorageClient,\n} from \"./storage\";\n\n/\n Configuration function that receives all clients and can configure them\n * (e.g., by attaching middleware, setting up interceptors, etc.)\n /\nexport type ClientConfigurationFn = (clients: {\n auth: AuthClient;\n storage: StorageClient;\n graphql: GraphQLClient;\n functions: FunctionsClient;\n sessionStorage: SessionStorage;\n}) => void;\n\n/\n Built-in configuration for client-side applications.\n * Includes automatic session refresh, token attachment, and session updates.\n /\nexport const withClientSideSessionMiddleware: ClientConfigurationFn = ({\n auth,\n storage,\n graphql,\n functions,\n sessionStorage,\n}) => {\n const mwChain: ChainFunction[] = [\n sessionRefreshMiddleware(auth, sessionStorage),\n updateSessionFromResponseMiddleware(sessionStorage),\n attachAccessTokenMiddleware(sessionStorage),\n ];\n\n for (const mw of mwChain) {\n auth.pushChainFunction(mw);\n storage.pushChainFunction(mw);\n graphql.pushChainFunction(mw);\n functions.pushChainFunction(mw);\n }\n};\n\n/\n Built-in configuration for server-side applications.\n * Includes token attachment and session updates, but NOT automatic session refresh\n * to prevent race conditions in server contexts.\n /\nexport const withServerSideSessionMiddleware: ClientConfigurationFn = ({\n auth,\n storage,\n graphql,\n functions,\n sessionStorage,\n}) => {\n const mwChain: ChainFunction[] = [\n updateSessionFromResponseMiddleware(sessionStorage),\n attachAccessTokenMiddleware(sessionStorage),\n ];\n\n for (const mw of mwChain) {\n auth.pushChainFunction(mw);\n storage.pushChainFunction(mw);\n graphql.pushChainFunction(mw);\n functions.pushChainFunction(mw);\n }\n};\n\n/\n Configuration for admin clients with elevated privileges.\n * Applies admin session middleware to storage, graphql, and functions clients only.\n \n Security Warning: Never use this in client-side code. Admin secrets grant\n * unrestricted access to your entire database.\n \n @param adminSession - Admin session options including admin secret, role, and session variables\n * @returns Configuration function that sets up admin middleware\n /\nexport function withAdminSession(\n adminSession: AdminSessionOptions,\n): ClientConfigurationFn {\n return ({ storage, graphql, functions }) => {\n const adminMiddleware = withAdminSessionMiddleware(adminSession);\n\n storage.pushChainFunction(adminMiddleware);\n graphql.pushChainFunction(adminMiddleware);\n functions.pushChainFunction(adminMiddleware);\n };\n}\n\n/\n Configuration for adding custom chain functions to all clients.\n * Useful for adding custom middleware like logging, caching, or custom headers.\n \n @param chainFunctions - Array of chain functions to apply to all clients\n * @returns Configuration function that sets up custom middleware\n /\nexport function withChainFunctions(\n chainFunctions: ChainFunction[],\n): ClientConfigurationFn {\n return ({ auth, storage, graphql, functions }) => {\n for (const mw of chainFunctions) {\n auth.pushChainFunction(mw);\n storage.pushChainFunction(mw);\n graphql.pushChainFunction(mw);\n functions.pushChainFunction(mw);\n }\n };\n}\n\n/\n Main client class that provides unified access to all Nhost services.\n * This class serves as the central interface for interacting with Nhost's\n * authentication, storage, GraphQL, and serverless functions capabilities.\n /\nexport class NhostClient {\n /\n Authentication client providing methods for user sign-in, sign-up, and session management.\n * Use this client to handle all authentication-related operations.\n /\n auth: AuthClient;\n\n /\n Storage client providing methods for file operations (upload, download, delete).\n * Use this client to manage files in your Nhost storage.\n /\n storage: StorageClient;\n\n /\n GraphQL client providing methods for executing GraphQL operations against your Hasura backend.\n * Use this client to query and mutate data in your database through GraphQL.\n /\n graphql: GraphQLClient;\n\n /\n Functions client providing methods for invoking serverless functions.\n * Use this client to call your custom serverless functions deployed to Nhost.\n /\n functions: FunctionsClient;\n\n /\n Storage implementation used for persisting session information.\n * This handles saving, retrieving, and managing authentication sessions across requests.\n /\n sessionStorage: SessionStorage;\n\n /\n Create a new Nhost client. This constructor is reserved for advanced use cases.\n * For typical usage, use [createClient](#createclient) or [createServerClient](#createserverclient) instead.\n \n @param auth - Authentication client instance\n * @param storage - Storage client instance\n * @param graphql - GraphQL client instance\n * @param functions - Functions client instance\n * @param sessionStorage - Storage implementation for session persistence\n /\n constructor(\n auth: AuthClient,\n storage: StorageClient,\n graphql: GraphQLClient,\n functions: FunctionsClient,\n sessionStorage: SessionStorage,\n ) {\n this.auth = auth;\n this.storage = storage;\n this.graphql = graphql;\n this.functions = functions;\n this.sessionStorage = sessionStorage;\n }\n\n /\n Get the current session from storage.\n * This method retrieves the authenticated user's session information if one exists.\n \n @returns The current session or null if no session exists\n \n @example\n * ```ts\n * const session = nhost.getUserSession();\n * if (session) {\n * console.log('User is authenticated:', session.user.id);\n * } else {\n * console.log('No active session');\n * }\n * ```\n /\n getUserSession(): Session \| null {\n return this.sessionStorage.get();\n }\n\n /\n Refresh the session using the current refresh token\n * in the storage and update the storage with the new session.\n \n This method can be used to proactively refresh tokens before they expire\n * or to force a refresh when needed.\n \n @param marginSeconds - The number of seconds before the token expiration to refresh the session. If the token is still valid for this duration, it will not be refreshed. Set to 0 to force the refresh.\n \n @returns The new session or null if there is currently no session or if refresh fails\n \n @example\n * ```ts\n * // Refresh token if it's about to expire in the next 5 minutes\n * const refreshedSession = await nhost.refreshSession(300);\n \n // Force refresh regardless of current token expiration\n * const forcedRefresh = await nhost.refreshSession(0);\n * ```\n /\n async refreshSession(marginSeconds = 60): Promise<Session \| null> {\n return refreshSession(this.auth, this.sessionStorage, marginSeconds);\n }\n\n /\n Clear the session from storage.\n \n This method removes the current authentication session, effectively logging out the user.\n * Note that this is a client-side operation and doesn't invalidate the refresh token on\n * the server, which can be done with `nhost.auth.signOut({refreshToken: session.refreshTokenId})`.\n * If the middle `updateSessionFromResponseMiddleware` is used, the session will be removed\n * from the storage automatically and calling this method is not necessary.\n \n @example\n * ```ts\n * // Log out the user\n * nhost.clearSession();\n * ```\n /\n clearSession(): void {\n this.sessionStorage.remove();\n }\n}\n\n/\n Configuration options for creating an Nhost client\n /\nexport interface NhostClientOptions {\n /\n Nhost project subdomain (e.g., 'abcdefgh'). Used to construct the base URL for services for the Nhost cloud.\n /\n subdomain?: string;\n\n /\n Nhost region (e.g., 'eu-central-1'). Used to construct the base URL for services for the Nhost cloud.\n /\n region?: string;\n\n /\n Complete base URL for the auth service (overrides subdomain/region)\n /\n authUrl?: string;\n\n /\n Complete base URL for the storage service (overrides subdomain/region)\n /\n storageUrl?: string;\n\n /\n Complete base URL for the GraphQL service (overrides subdomain/region)\n /\n graphqlUrl?: string;\n\n /\n Complete base URL for the functions service (overrides subdomain/region)\n /\n functionsUrl?: string;\n\n /\n Storage backend to use for session persistence. If not provided, the SDK will\n * default to localStorage in the browser or memory in other environments.\n /\n storage?: SessionStorageBackend;\n\n /\n Configuration functions to be applied to the client after initialization.\n * These functions receive all clients and can attach middleware or perform other setup.\n /\n configure?: ClientConfigurationFn[];\n}\n\n/\n Creates and configures a new Nhost client instance with custom configuration.\n \n This is the main factory function for creating Nhost clients. It instantiates\n * all service clients (auth, storage, graphql, functions) and applies the provided\n * configuration functions to set up middleware and other customizations.\n \n @param options - Configuration options for the client\n * @returns A configured Nhost client\n \n @example\n * ```ts\n * // Create a basic client with no middleware\n * const nhost = createNhostClient({\n * subdomain: 'abcdefgh',\n * region: 'eu-central-1',\n * configure: []\n * });\n \n // Create a client with custom configuration\n * const nhost = createNhostClient({\n * subdomain: 'abcdefgh',\n * region: 'eu-central-1',\n * configure: [\n * withClientSideSessionMiddleware,\n * withChainFunctions([customLoggingMiddleware])\n * ]\n * });\n \n // Create an admin client\n * const nhost = createNhostClient({\n * subdomain,\n * region,\n * configure: [\n * withAdminSession({\n * adminSecret: \"nhost-admin-secret\",\n * role: \"user\",\n * sessionVariables: {\n * \"user-id\": \"54058C42-51F7-4B37-8B69-C89A841D2221\",\n * },\n * }),\n * ],\n * });\n\n * ```\n /\nexport function createNhostClient(\n options: NhostClientOptions = {},\n): NhostClient {\n const {\n subdomain,\n region,\n authUrl,\n storageUrl,\n graphqlUrl,\n functionsUrl,\n storage = detectStorage(),\n configure = [],\n } = options;\n\n const sessionStorage = new SessionStorage(storage);\n\n // Determine base URLs for each service\n const authBaseUrl = generateServiceUrl(\"auth\", subdomain, region, authUrl);\n const storageBaseUrl = generateServiceUrl(\n \"storage\",\n subdomain,\n region,\n storageUrl,\n );\n const graphqlBaseUrl = generateServiceUrl(\n \"graphql\",\n subdomain,\n region,\n graphqlUrl,\n );\n const functionsBaseUrl = generateServiceUrl(\n \"functions\",\n subdomain,\n region,\n functionsUrl,\n );\n\n // Create all clients\n const auth = createAuthClient(authBaseUrl);\n const storageClient = createStorageClient(storageBaseUrl, []);\n const graphqlClient = createGraphQLClient(graphqlBaseUrl, []);\n const functionsClient = createFunctionsClient(functionsBaseUrl, []);\n\n // Apply configuration functions\n for (const configFn of configure) {\n configFn({\n auth,\n storage: storageClient,\n graphql: graphqlClient,\n functions: functionsClient,\n sessionStorage,\n });\n }\n\n // Return an initialized NhostClient\n return new NhostClient(\n auth,\n storageClient,\n graphqlClient,\n functionsClient,\n sessionStorage,\n );\n}\n\n/\n Creates and configures a new Nhost client instance optimized for client-side usage.\n \n This helper method instantiates a fully configured Nhost client by:\n * - Instantiating the various service clients (auth, storage, functions and graphql)\n * - Auto-detecting and configuring an appropriate session storage (localStorage in browsers, memory otherwise)\n * - Setting up a sophisticated middleware chain for seamless authentication management:\n * - Automatically refreshing tokens before they expire\n * - Attaching authorization tokens to all service requests\n * - Updating the session storage when new tokens are received\n \n This method includes automatic session refresh middleware, making it ideal for\n * client-side applications where long-lived sessions are expected.\n \n @param options - Configuration options for the client\n * @returns A configured Nhost client\n \n @example\n * ```ts\n * // Create client using Nhost cloud default URLs\n * const nhost = createClient({\n * subdomain: 'abcdefgh',\n * region: 'eu-central-1'\n * });\n \n // Create client with custom service URLs\n * const customNhost = createClient({\n * authUrl: 'https://auth.example.com',\n * storageUrl: 'https://storage.example.com',\n * graphqlUrl: 'https://graphql.example.com',\n * functionsUrl: 'https://functions.example.com'\n * });\n \n // Create client using cookies for storing the session\n * import { CookieStorage } from \"@nhost/nhost-js/session\";\n \n const nhost = createClient({\n * subdomain: 'abcdefgh',\n * region: 'eu-central-1',\n * storage: new CookieStorage({\n * secure: import.meta.env.ENVIRONMENT === 'production',\n * })\n * });\n \n // Create client with additional custom middleware\n * const nhost = createClient({\n * subdomain: 'abcdefgh',\n * region: 'eu-central-1',\n * configure: [customLoggingMiddleware]\n * });\n * ```\n /\nexport function createClient(options: NhostClientOptions = {}): NhostClient {\n const storage = options.storage ?? detectStorage();\n\n return createNhostClient({\n ...options,\n storage,\n configure: [withClientSideSessionMiddleware, ...(options.configure ?? [])],\n });\n}\n\nexport interface NhostServerClientOptions extends NhostClientOptions {\n /\n Storage backend to use for session persistence in server environments.\n * Unlike the base options, this field is required for server-side usage\n * as the SDK cannot auto-detect an appropriate storage mechanism.\n /\n storage: SessionStorageBackend;\n}\n\n/\n Creates and configures a new Nhost client instance optimized for server-side usage.\n \n This helper method instantiates a fully configured Nhost client specifically designed for:\n * - Server components (in frameworks like Next.js or Remix)\n * - API routes and middleware\n * - Backend services and server-side rendering contexts\n \n Key differences from the standard client:\n * - Requires explicit storage implementation (must be provided)\n * - Disables automatic session refresh middleware (to prevent race conditions in server contexts)\n * - Still attaches authorization tokens and updates session storage from responses\n \n The server client is ideal for short-lived request contexts where session tokens\n * are passed in (like cookie-based authentication flows) and automatic refresh\n * mechanisms could cause issues with concurrent requests.\n \n @param options - Configuration options for the server client (requires storage implementation)\n * @returns A configured Nhost client optimized for server-side usage\n \n @example\n * ```ts\n * // Example with cookie storage for Next.js API route or server component\n * import { cookies } from 'next/headers';\n \n const nhost = createServerClient({\n * region: process.env[\"NHOST_REGION\"] \|\| \"local\",\n * subdomain: process.env[\"NHOST_SUBDOMAIN\"] \|\| \"local\",\n * storage: {\n * // storage compatible with Next.js server components\n * get: (): Session \| null => {\n * const s = cookieStore.get(key)?.value \|\| null;\n * if (!s) {\n * return null;\n * }\n * const session = JSON.parse(s) as Session;\n * return session;\n * },\n * set: (value: Session) => {\n * cookieStore.set(key, JSON.stringify(value));\n * },\n * remove: () => {\n * cookieStore.delete(key);\n * },\n * },\n * });\n \n // Example with cookie storage for Next.js middleware\n * const nhost = createServerClient({\n * region: process.env[\"NHOST_REGION\"] \|\| \"local\",\n * subdomain: process.env[\"NHOST_SUBDOMAIN\"] \|\| \"local\",\n * storage: {\n * // storage compatible with Next.js middleware\n * get: (): Session \| null => {\n * const raw = request.cookies.get(key)?.value \|\| null;\n * if (!raw) {\n * return null;\n * }\n * const session = JSON.parse(raw) as Session;\n * return session;\n * },\n * set: (value: Session) => {\n * response.cookies.set({\n * name: key,\n * value: JSON.stringify(value),\n * path: \"/\",\n * httpOnly: false, //if set to true we can't access it in the client\n * secure: process.env.NODE_ENV === \"production\",\n * sameSite: \"lax\",\n * maxAge: 60 * 60 * 24 * 30, // 30 days in seconds\n * });\n * },\n * remove: () => {\n * response.cookies.delete(key);\n * },\n * },\n * });\n \n // Example for express reading session from a cookie\n \n import express, { Request, Response } from \"express\";\n * import cookieParser from \"cookie-parser\";\n \n app.use(cookieParser());\n \n const nhostClientFromCookies = (req: Request) => {\n * return createServerClient({\n * subdomain: \"local\",\n * region: \"local\",\n * storage: {\n * get: (): Session \| null => {\n * const s = req.cookies.nhostSession \|\| null;\n * if (!s) {\n * return null;\n * }\n * const session = JSON.parse(s) as Session;\n * return session;\n * },\n * set: (_value: Session) => {\n * throw new Error(\"It is easier to handle the session in the client\");\n * },\n * remove: () => {\n * throw new Error(\"It is easier to handle the session in the client\");\n * },\n * },\n * });\n * };\n \n // Example with additional custom middleware\n * const nhost = createServerClient({\n * region: process.env[\"NHOST_REGION\"] \|\| \"local\",\n * subdomain: process.env[\"NHOST_SUBDOMAIN\"] \|\| \"local\",\n * storage: myStorage,\n * configure: [customLoggingMiddleware]\n * });\n * ```\n /\nexport function createServerClient(\n options: NhostServerClientOptions,\n): NhostClient {\n return createNhostClient({\n ...options,\n configure: [withServerSideSessionMiddleware, ...(options.configure ?? [])],\n });\n}\n","/\n This file is auto-generated. Do not edit manually.\n /\n\nimport type { ChainFunction, FetchResponse } from \"../fetch\";\nimport { createEnhancedFetch, FetchError } from \"../fetch\";\n\n/\n The attestation statement format\n /\nexport type AttestationFormat =\n \| \"packed\"\n \| \"tpm\"\n \| \"android-key\"\n \| \"android-safetynet\"\n \| \"fido-u2f\"\n \| \"apple\"\n \| \"none\";\n\n/\n Map of extension outputs from the client\n @property appid? (`boolean`) - Application identifier extension output\n @property credProps? (`CredentialPropertiesOutput`) - Credential properties extension output\n @property hmacCreateSecret? (`boolean`) - HMAC secret extension output/\nexport interface AuthenticationExtensionsClientOutputs {\n /\n Application identifier extension output\n /\n appid?: boolean;\n /\n Credential properties extension output\n /\n credProps?: CredentialPropertiesOutput;\n /\n HMAC secret extension output\n /\n hmacCreateSecret?: boolean;\n}\n\n/\n \n @property clientDataJSON (`string`) - Base64url encoded client data JSON\n @property authenticatorData (`string`) - Base64url encoded authenticator data\n @property signature (`string`) - Base64url encoded assertion signature\n @property userHandle? (`string`) - Base64url encoded user handle/\nexport interface AuthenticatorAssertionResponse {\n /\n Base64url encoded client data JSON\n /\n clientDataJSON: string;\n /\n Base64url encoded authenticator data\n /\n authenticatorData: string;\n /\n Base64url encoded assertion signature\n /\n signature: string;\n /\n Base64url encoded user handle\n /\n userHandle?: string;\n}\n\n/\n The authenticator attachment modality\n /\nexport type AuthenticatorAttachment = \"platform\" \| \"cross-platform\";\n\n/\n \n @property clientDataJSON (`string`) - Base64url-encoded binary data\n * Format - byte\n @property transports? (`string[]`) - The authenticator transports\n @property authenticatorData? (`string`) - Base64url-encoded binary data\n * Format - byte\n @property publicKey? (`string`) - Base64url-encoded binary data\n * Format - byte\n @property publicKeyAlgorithm? (`number`) - The public key algorithm identifier\n * Format - int64\n @property attestationObject (`string`) - Base64url-encoded binary data\n * Format - byte/\nexport interface AuthenticatorAttestationResponse {\n /\n Base64url-encoded binary data\n * Format - byte\n /\n clientDataJSON: string;\n /\n The authenticator transports\n /\n transports?: string[];\n /\n Base64url-encoded binary data\n * Format - byte\n /\n authenticatorData?: string;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n publicKey?: string;\n /\n The public key algorithm identifier\n * Format - int64\n /\n publicKeyAlgorithm?: number;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n attestationObject: string;\n}\n\n/\n \n @property authenticatorAttachment? (`AuthenticatorAttachment`) - The authenticator attachment modality\n @property requireResidentKey? (`boolean`) - Whether the authenticator must create a client-side-resident public key credential source\n @property residentKey? (`ResidentKeyRequirement`) - The resident key requirement\n @property userVerification? (`UserVerificationRequirement`) - A requirement for user verification for the operation/\nexport interface AuthenticatorSelection {\n /\n The authenticator attachment modality\n /\n authenticatorAttachment?: AuthenticatorAttachment;\n /\n Whether the authenticator must create a client-side-resident public key credential source\n /\n requireResidentKey?: boolean;\n /\n The resident key requirement\n /\n residentKey?: ResidentKeyRequirement;\n /\n A requirement for user verification for the operation\n /\n userVerification?: UserVerificationRequirement;\n}\n\n/\n The authenticator transports that can be used\n /\nexport type AuthenticatorTransport =\n \| \"usb\"\n \| \"nfc\"\n \| \"ble\"\n \| \"smart-card\"\n \| \"hybrid\"\n \| \"internal\";\n\n/\n The attestation conveyance preference\n /\nexport type ConveyancePreference =\n \| \"none\"\n \| \"indirect\"\n \| \"direct\"\n \| \"enterprise\";\n\n/\n \n @property expiresAt (`string`) - Expiration date of the PAT\n * Format - date-time\n @property metadata? (`Record<string, unknown>`) - \n * Example - `{\"name\":\"my-pat\",\"used-by\":\"my-app-cli\"}`/\nexport interface CreatePATRequest {\n /\n Expiration date of the PAT\n * Format - date-time\n /\n expiresAt: string;\n /\n \n * Example - `{\"name\":\"my-pat\",\"used-by\":\"my-app-cli\"}`\n /\n metadata?: Record<string, unknown>;\n}\n\n/\n \n @property id (`string`) - ID of the PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n @property personalAccessToken (`string`) - PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b/\nexport interface CreatePATResponse {\n /\n ID of the PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n id: string;\n /\n PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n personalAccessToken: string;\n}\n\n/\n \n @property id (`string`) - The credential's identifier\n @property type (`string`) - The credential type represented by this object\n @property rawId (`string`) - Base64url-encoded binary data\n * Format - byte\n @property clientExtensionResults? (`AuthenticationExtensionsClientOutputs`) - Map of extension outputs from the client\n @property authenticatorAttachment? (`string`) - The authenticator attachment\n @property response (`AuthenticatorAssertionResponse`) - /\nexport interface CredentialAssertionResponse {\n /\n The credential's identifier\n /\n id: string;\n /\n The credential type represented by this object\n /\n type: string;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n rawId: string;\n /\n Map of extension outputs from the client\n /\n clientExtensionResults?: AuthenticationExtensionsClientOutputs;\n /\n The authenticator attachment\n /\n authenticatorAttachment?: string;\n /\n \n /\n response: AuthenticatorAssertionResponse;\n}\n\n/\n \n @property id (`string`) - The credential's identifier\n @property type (`string`) - The credential type represented by this object\n @property rawId (`string`) - Base64url-encoded binary data\n * Format - byte\n @property clientExtensionResults? (`AuthenticationExtensionsClientOutputs`) - Map of extension outputs from the client\n @property authenticatorAttachment? (`string`) - The authenticator attachment\n @property response (`AuthenticatorAttestationResponse`) - /\nexport interface CredentialCreationResponse {\n /\n The credential's identifier\n /\n id: string;\n /\n The credential type represented by this object\n /\n type: string;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n rawId: string;\n /\n Map of extension outputs from the client\n /\n clientExtensionResults?: AuthenticationExtensionsClientOutputs;\n /\n The authenticator attachment\n /\n authenticatorAttachment?: string;\n /\n \n /\n response: AuthenticatorAttestationResponse;\n}\n\n/\n \n @property type (`CredentialType`) - The valid credential types\n @property alg (`number`) - The cryptographic algorithm identifier/\nexport interface CredentialParameter {\n /\n The valid credential types\n /\n type: CredentialType;\n /\n The cryptographic algorithm identifier\n /\n alg: number;\n}\n\n/\n Credential properties extension output\n @property rk? (`boolean`) - Indicates if the credential is a resident key/\nexport interface CredentialPropertiesOutput {\n /\n Indicates if the credential is a resident key\n /\n rk?: boolean;\n}\n\n/\n The valid credential types\n /\nexport type CredentialType = \"public-key\";\n\n/\n Error code identifying the specific application error\n /\nexport type ErrorResponseError =\n \| \"default-role-must-be-in-allowed-roles\"\n \| \"disabled-endpoint\"\n \| \"disabled-user\"\n \| \"email-already-in-use\"\n \| \"email-already-verified\"\n \| \"forbidden-anonymous\"\n \| \"internal-server-error\"\n \| \"invalid-email-password\"\n \| \"invalid-request\"\n \| \"locale-not-allowed\"\n \| \"password-too-short\"\n \| \"password-in-hibp-database\"\n \| \"redirectTo-not-allowed\"\n \| \"role-not-allowed\"\n \| \"signup-disabled\"\n \| \"unverified-user\"\n \| \"user-not-anonymous\"\n \| \"invalid-pat\"\n \| \"invalid-refresh-token\"\n \| \"invalid-ticket\"\n \| \"disabled-mfa-totp\"\n \| \"no-totp-secret\"\n \| \"invalid-totp\"\n \| \"mfa-type-not-found\"\n \| \"totp-already-active\"\n \| \"invalid-state\"\n \| \"oauth-token-echange-failed\"\n \| \"oauth-profile-fetch-failed\"\n \| \"oauth-provider-error\"\n \| \"invalid-otp\"\n \| \"cannot-send-sms\"\n \| \"provider-account-already-linked\";\n\n/\n Standardized error response\n @property status (`number`) - HTTP status error code\n * Example - `400`\n @property message (`string`) - Human-friendly error message\n * Example - `\"Invalid email format\"`\n @property error (`ErrorResponseError`) - Error code identifying the specific application error/\nexport interface ErrorResponse {\n /\n HTTP status error code\n * Example - `400`\n /\n status: number;\n /\n Human-friendly error message\n * Example - `\"Invalid email format\"`\n /\n message: string;\n /\n Error code identifying the specific application error\n /\n error: ErrorResponseError;\n}\n\n/\n \n /\nexport type IdTokenProvider = \"apple\" \| \"google\";\n\n/\n JSON Web Key for JWT verification\n @property alg (`string`) - Algorithm used with this key\n * Example - `\"RS256\"`\n @property e (`string`) - RSA public exponent\n * Example - `\"AQAB\"`\n @property kid (`string`) - Key ID\n * Example - `\"key-id-1\"`\n @property kty (`string`) - Key type\n * Example - `\"RSA\"`\n @property n (`string`) - RSA modulus\n * Example - `\"abcd1234...\"`\n @property use (`string`) - Key usage\n * Example - `\"sig\"`/\nexport interface JWK {\n /\n Algorithm used with this key\n * Example - `\"RS256\"`\n /\n alg: string;\n /\n RSA public exponent\n * Example - `\"AQAB\"`\n /\n e: string;\n /\n Key ID\n * Example - `\"key-id-1\"`\n /\n kid: string;\n /\n Key type\n * Example - `\"RSA\"`\n /\n kty: string;\n /\n RSA modulus\n * Example - `\"abcd1234...\"`\n /\n n: string;\n /\n Key usage\n * Example - `\"sig\"`\n /\n use: string;\n}\n\n/\n JSON Web Key Set for verifying JWT signatures\n @property keys (`JWK[]`) - Array of public keys/\nexport interface JWKSet {\n /\n Array of public keys\n /\n keys: JWK[];\n}\n\n/\n \n @property provider (`IdTokenProvider`) - \n @property idToken (`string`) - Apple ID token\n @property nonce? (`string`) - Nonce used during sign in process/\nexport interface LinkIdTokenRequest {\n /\n \n /\n provider: IdTokenProvider;\n /\n Apple ID token\n /\n idToken: string;\n /\n Nonce used during sign in process\n /\n nonce?: string;\n}\n\n/\n Challenge payload for multi-factor authentication\n @property ticket (`string`) - Ticket to use when completing the MFA challenge\n * Example - `\"mfaTotp:abc123def456\"`/\nexport interface MFAChallengePayload {\n /\n Ticket to use when completing the MFA challenge\n * Example - `\"mfaTotp:abc123def456\"`\n /\n ticket: string;\n}\n\n/\n \n /\nexport type OKResponse = \"OK\";\n\n/\n \n @property redirectTo? (`string`) - \n * Example - `\"https://my-app.com/catch-redirection\"`\n * Format - uri/\nexport interface OptionsRedirectTo {\n /\n \n * Example - `\"https://my-app.com/catch-redirection\"`\n * Format - uri\n /\n redirectTo?: string;\n}\n\n/\n \n @property rp (`RelyingPartyEntity`) - \n @property user (`UserEntity`) - \n @property challenge (`string`) - Base64url-encoded binary data\n * Format - byte\n @property pubKeyCredParams (`CredentialParameter[]`) - The desired credential types and their respective cryptographic parameters\n @property timeout? (`number`) - A time, in milliseconds, that the caller is willing to wait for the call to complete\n @property excludeCredentials? (`PublicKeyCredentialDescriptor[]`) - A list of PublicKeyCredentialDescriptor objects representing public key credentials that are not acceptable to the caller\n @property authenticatorSelection? (`AuthenticatorSelection`) - \n @property hints? (`PublicKeyCredentialHints[]`) - Hints to help guide the user through the experience\n @property attestation? (`ConveyancePreference`) - The attestation conveyance preference\n @property attestationFormats? (`AttestationFormat[]`) - The preferred attestation statement formats\n @property extensions? (`Record<string, unknown>`) - Additional parameters requesting additional processing by the client and authenticator/\nexport interface PublicKeyCredentialCreationOptions {\n /\n \n /\n rp: RelyingPartyEntity;\n /\n \n /\n user: UserEntity;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n challenge: string;\n /\n The desired credential types and their respective cryptographic parameters\n /\n pubKeyCredParams: CredentialParameter[];\n /\n A time, in milliseconds, that the caller is willing to wait for the call to complete\n /\n timeout?: number;\n /\n A list of PublicKeyCredentialDescriptor objects representing public key credentials that are not acceptable to the caller\n /\n excludeCredentials?: PublicKeyCredentialDescriptor[];\n /\n \n /\n authenticatorSelection?: AuthenticatorSelection;\n /\n Hints to help guide the user through the experience\n /\n hints?: PublicKeyCredentialHints[];\n /\n The attestation conveyance preference\n /\n attestation?: ConveyancePreference;\n /\n The preferred attestation statement formats\n /\n attestationFormats?: AttestationFormat[];\n /\n Additional parameters requesting additional processing by the client and authenticator\n /\n extensions?: Record<string, unknown>;\n}\n\n/\n \n @property type (`CredentialType`) - The valid credential types\n @property id (`string`) - Base64url-encoded binary data\n * Format - byte\n @property transports? (`AuthenticatorTransport[]`) - The authenticator transports that can be used/\nexport interface PublicKeyCredentialDescriptor {\n /\n The valid credential types\n /\n type: CredentialType;\n /\n Base64url-encoded binary data\n * Format - byte\n /\n id: string;\n /\n The authenticator transports that can be used\n /\n transports?: AuthenticatorTransport[];\n}\n\n/\n Hints to help guide the user through the experience\n /\nexport type PublicKeyCredentialHints =\n \| \"security-key\"\n \| \"client-device\"\n \| \"hybrid\";\n\n/\n \n @property challenge (`string`) - Base64url-encoded binary data\n * Format - byte\n @property timeout? (`number`) - A time, in milliseconds, that the caller is willing to wait for the call to complete\n @property rpId? (`string`) - The RP ID the credential should be scoped to\n @property allowCredentials? (`PublicKeyCredentialDescriptor[]`) - A list of CredentialDescriptor objects representing public key credentials acceptable to the caller\n @property userVerification? (`UserVerificationRequirement`) - A requirement for user verification for the operation\n @property hints? (`PublicKeyCredentialHints[]`) - Hints to help guide the user through the experience\n @property extensions? (`Record<string, unknown>`) - Additional parameters requesting additional processing by the client and authenticator/\nexport interface PublicKeyCredentialRequestOptions {\n /\n Base64url-encoded binary data\n * Format - byte\n /\n challenge: string;\n /\n A time, in milliseconds, that the caller is willing to wait for the call to complete\n /\n timeout?: number;\n /\n The RP ID the credential should be scoped to\n /\n rpId?: string;\n /\n A list of CredentialDescriptor objects representing public key credentials acceptable to the caller\n /\n allowCredentials?: PublicKeyCredentialDescriptor[];\n /\n A requirement for user verification for the operation\n /\n userVerification?: UserVerificationRequirement;\n /\n Hints to help guide the user through the experience\n /\n hints?: PublicKeyCredentialHints[];\n /\n Additional parameters requesting additional processing by the client and authenticator\n /\n extensions?: Record<string, unknown>;\n}\n\n/\n OAuth2 provider session containing access and refresh tokens\n @property accessToken (`string`) - OAuth2 provider access token for API calls\n * Example - `\"ya29.a0AfH6SMBx...\"`\n @property expiresIn (`number`) - Number of seconds until the access token expires\n * Example - `3599`\n @property expiresAt (`string`) - Timestamp when the access token expires\n * Example - `\"2024-12-31T23:59:59Z\"`\n * Format - date-time\n @property refreshToken? (`string`) - OAuth2 provider refresh token for obtaining new access tokens (if provided by the provider)\n * Example - `\"1//0gK8...\"`/\nexport interface ProviderSession {\n /\n OAuth2 provider access token for API calls\n * Example - `\"ya29.a0AfH6SMBx...\"`\n /\n accessToken: string;\n /\n Number of seconds until the access token expires\n * Example - `3599`\n /\n expiresIn: number;\n /\n Timestamp when the access token expires\n * Example - `\"2024-12-31T23:59:59Z\"`\n * Format - date-time\n /\n expiresAt: string;\n /\n OAuth2 provider refresh token for obtaining new access tokens (if provided by the provider)\n * Example - `\"1//0gK8...\"`\n /\n refreshToken?: string;\n}\n\n/\n Request to refresh OAuth2 provider tokens\n @property refreshToken (`string`) - OAuth2 provider refresh token obtained from previous authentication\n * Example - `\"1//0gK8...\"`/\nexport interface RefreshProviderTokenRequest {\n /\n OAuth2 provider refresh token obtained from previous authentication\n * Example - `\"1//0gK8...\"`\n /\n refreshToken: string;\n}\n\n/\n Request to refresh an access token\n @property refreshToken (`string`) - Refresh token used to generate a new access token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b/\nexport interface RefreshTokenRequest {\n /\n Refresh token used to generate a new access token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n refreshToken: string;\n}\n\n/\n \n @property name (`string`) - A human-palatable name for the entity\n @property id (`string`) - A unique identifier for the Relying Party entity, which sets the RP ID/\nexport interface RelyingPartyEntity {\n /\n A human-palatable name for the entity\n /\n name: string;\n /\n A unique identifier for the Relying Party entity, which sets the RP ID\n /\n id: string;\n}\n\n/\n The resident key requirement\n /\nexport type ResidentKeyRequirement = \"discouraged\" \| \"preferred\" \| \"required\";\n\n/\n User authentication session containing tokens and user information\n @property accessToken (`string`) - JWT token for authenticating API requests\n * Example - `\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...\"`\n @property accessTokenExpiresIn (`number`) - Expiration time of the access token in seconds\n * Example - `900`\n * Format - int64\n @property refreshTokenId (`string`) - Identifier for the refresh token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n @property refreshToken (`string`) - Token used to refresh the access token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n @property user? (`User`) - User profile and account information/\nexport interface Session {\n /\n JWT token for authenticating API requests\n * Example - `\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...\"`\n /\n accessToken: string;\n /\n Expiration time of the access token in seconds\n * Example - `900`\n * Format - int64\n /\n accessTokenExpiresIn: number;\n /\n Identifier for the refresh token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n refreshTokenId: string;\n /\n Token used to refresh the access token\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n refreshToken: string;\n /\n User profile and account information\n /\n user?: User;\n}\n\n/\n Container for session information\n @property session? (`Session`) - User authentication session containing tokens and user information/\nexport interface SessionPayload {\n /\n User authentication session containing tokens and user information\n /\n session?: Session;\n}\n\n/\n \n @property displayName? (`string`) - \n * Example - `\"John Smith\"`\n @property locale? (`string`) - A two-characters locale\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n @property metadata? (`Record<string, unknown>`) - \n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`/\nexport interface SignInAnonymousRequest {\n /\n \n * Example - `\"John Smith\"`\n /\n displayName?: string;\n /\n A two-characters locale\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n /\n locale?: string;\n /\n \n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`\n /\n metadata?: Record<string, unknown>;\n}\n\n/\n Request to authenticate using email and password\n @property email (`string`) - User's email address\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property password (`string`) - User's password\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50/\nexport interface SignInEmailPasswordRequest {\n /\n User's email address\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n User's password\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n /\n password: string;\n}\n\n/\n Response for email-password authentication that may include a session or MFA challenge\n @property session? (`Session`) - User authentication session containing tokens and user information\n @property mfa? (`MFAChallengePayload`) - Challenge payload for multi-factor authentication/\nexport interface SignInEmailPasswordResponse {\n /\n User authentication session containing tokens and user information\n /\n session?: Session;\n /\n Challenge payload for multi-factor authentication\n /\n mfa?: MFAChallengePayload;\n}\n\n/\n \n @property provider (`IdTokenProvider`) - \n @property idToken (`string`) - Apple ID token\n @property nonce? (`string`) - Nonce used during sign in process\n @property options? (`SignUpOptions`) - /\nexport interface SignInIdTokenRequest {\n /\n \n /\n provider: IdTokenProvider;\n /\n Apple ID token\n /\n idToken: string;\n /\n Nonce used during sign in process\n /\n nonce?: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property ticket (`string`) - Ticket\n * Pattern - ^mfaTotp:.$\n @property otp (`string`) - One time password/\nexport interface SignInMfaTotpRequest {\n /*\n Ticket\n * Pattern - ^mfaTotp:.$\n /\n ticket: string;\n /*\n One time password\n /\n otp: string;\n}\n\n/\n \n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`SignUpOptions`) - /\nexport interface SignInOTPEmailRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property otp (`string`) - One time password\n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email/\nexport interface SignInOTPEmailVerifyRequest {\n /\n One time password\n /\n otp: string;\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n}\n\n/\n \n @property session? (`Session`) - User authentication session containing tokens and user information/\nexport interface SignInOTPEmailVerifyResponse {\n /\n User authentication session containing tokens and user information\n /\n session?: Session;\n}\n\n/\n \n @property personalAccessToken (`string`) - PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b/\nexport interface SignInPATRequest {\n /\n PAT\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n personalAccessToken: string;\n}\n\n/\n \n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`SignUpOptions`) - /\nexport interface SignInPasswordlessEmailRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property phoneNumber (`string`) - Phone number of the user\n * Example - `\"+123456789\"`\n @property otp (`string`) - One-time password received by SMS/\nexport interface SignInPasswordlessSmsOtpRequest {\n /\n Phone number of the user\n * Example - `\"+123456789\"`\n /\n phoneNumber: string;\n /\n One-time password received by SMS\n /\n otp: string;\n}\n\n/\n \n @property session? (`Session`) - User authentication session containing tokens and user information\n @property mfa? (`MFAChallengePayload`) - Challenge payload for multi-factor authentication/\nexport interface SignInPasswordlessSmsOtpResponse {\n /\n User authentication session containing tokens and user information\n /\n session?: Session;\n /\n Challenge payload for multi-factor authentication\n /\n mfa?: MFAChallengePayload;\n}\n\n/\n \n @property phoneNumber (`string`) - Phone number of the user\n * Example - `\"+123456789\"`\n @property options? (`SignUpOptions`) - /\nexport interface SignInPasswordlessSmsRequest {\n /\n Phone number of the user\n * Example - `\"+123456789\"`\n /\n phoneNumber: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property email? (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email/\nexport interface SignInWebauthnRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email?: string;\n}\n\n/\n \n @property email? (`string`) - A valid email. Deprecated, no longer used\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property credential (`CredentialAssertionResponse`) - /\nexport interface SignInWebauthnVerifyRequest {\n /\n A valid email. Deprecated, no longer used\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email?: string;\n /\n \n /\n credential: CredentialAssertionResponse;\n}\n\n/\n \n @property refreshToken? (`string`) - Refresh token for the current session\n @property all? (`boolean`) - Sign out from all connected devices/\nexport interface SignOutRequest {\n /\n Refresh token for the current session\n /\n refreshToken?: string;\n /\n Sign out from all connected devices\n /\n all?: boolean;\n}\n\n/\n Request to register a new user with email and password\n @property email (`string`) - Email address for the new user account\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property password (`string`) - Password for the new user account\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n @property options? (`SignUpOptions`) - /\nexport interface SignUpEmailPasswordRequest {\n /\n Email address for the new user account\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n Password for the new user account\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n /\n password: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property allowedRoles? (`string[]`) - \n * Example - `[\"me\",\"user\"]`\n @property defaultRole? (`string`) - \n * Example - `\"user\"`\n @property displayName? (`string`) - \n * Example - `\"John Smith\"`\n * Pattern - ^[\\p{L}\\p{N}\\p{S} ,.'-]+$\n * MaxLength - 32\n @property locale? (`string`) - A two-characters locale\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n @property metadata? (`Record<string, unknown>`) - \n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`\n @property redirectTo? (`string`) - \n * Example - `\"https://my-app.com/catch-redirection\"`\n * Format - uri/\nexport interface SignUpOptions {\n /\n \n * Example - `[\"me\",\"user\"]`\n /\n allowedRoles?: string[];\n /\n \n * Example - `\"user\"`\n /\n defaultRole?: string;\n /\n \n * Example - `\"John Smith\"`\n * Pattern - ^[\\p{L}\\p{N}\\p{S} ,.'-]+$\n * MaxLength - 32\n /\n displayName?: string;\n /\n A two-characters locale\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n /\n locale?: string;\n /\n \n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`\n /\n metadata?: Record<string, unknown>;\n /\n \n * Example - `\"https://my-app.com/catch-redirection\"`\n * Format - uri\n /\n redirectTo?: string;\n}\n\n/\n \n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`SignUpOptions`) - /\nexport interface SignUpWebauthnRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property credential (`CredentialCreationResponse`) - \n @property options? (`SignUpOptions`) - \n @property nickname? (`string`) - Nickname for the security key/\nexport interface SignUpWebauthnVerifyRequest {\n /\n \n /\n credential: CredentialCreationResponse;\n /\n \n /\n options?: SignUpOptions;\n /\n Nickname for the security key\n /\n nickname?: string;\n}\n\n/\n Response containing TOTP setup information for MFA\n @property imageUrl (`string`) - URL to QR code image for scanning with an authenticator app\n * Example - `\"data:image/png;base64,iVBORw0KGg...\"`\n @property totpSecret (`string`) - TOTP secret key for manual setup with an authenticator app\n * Example - `\"ABCDEFGHIJK23456\"`/\nexport interface TotpGenerateResponse {\n /\n URL to QR code image for scanning with an authenticator app\n * Example - `\"data:image/png;base64,iVBORw0KGg...\"`\n /\n imageUrl: string;\n /\n TOTP secret key for manual setup with an authenticator app\n * Example - `\"ABCDEFGHIJK23456\"`\n /\n totpSecret: string;\n}\n\n/\n Base64url-encoded binary data\n /\nexport type URLEncodedBase64 = string;\n\n/\n User profile and account information\n @property avatarUrl (`string`) - URL to the user's profile picture\n * Example - `\"https://myapp.com/avatars/user123.jpg\"`\n @property createdAt (`string`) - Timestamp when the user account was created\n * Example - `\"2023-01-15T12:34:56Z\"`\n * Format - date-time\n @property defaultRole (`string`) - Default authorization role for the user\n * Example - `\"user\"`\n @property displayName (`string`) - User's display name\n * Example - `\"John Smith\"`\n @property email? (`string`) - User's email address\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property emailVerified (`boolean`) - Whether the user's email has been verified\n * Example - `true`\n @property id (`string`) - Unique identifier for the user\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n @property isAnonymous (`boolean`) - Whether this is an anonymous user account\n * Example - `false`\n @property locale (`string`) - User's preferred locale (language code)\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n @property metadata (`Record<string, unknown>`) - Custom metadata associated with the user\n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`\n @property phoneNumber? (`string`) - User's phone number\n * Example - `\"+12025550123\"`\n @property phoneNumberVerified (`boolean`) - Whether the user's phone number has been verified\n * Example - `false`\n @property roles (`string[]`) - List of roles assigned to the user\n * Example - `[\"user\",\"customer\"]`\n @property activeMfaType? (`string`) - Active MFA type for the user/\nexport interface User {\n /\n URL to the user's profile picture\n * Example - `\"https://myapp.com/avatars/user123.jpg\"`\n /\n avatarUrl: string;\n /\n Timestamp when the user account was created\n * Example - `\"2023-01-15T12:34:56Z\"`\n * Format - date-time\n /\n createdAt: string;\n /\n Default authorization role for the user\n * Example - `\"user\"`\n /\n defaultRole: string;\n /\n User's display name\n * Example - `\"John Smith\"`\n /\n displayName: string;\n /\n User's email address\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email?: string;\n /\n Whether the user's email has been verified\n * Example - `true`\n /\n emailVerified: boolean;\n /\n Unique identifier for the user\n * Example - `\"2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24\"`\n * Pattern - \\b[0-9a-f]{8}\\b-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-\\b[0-9a-f]{12}\\b\n /\n id: string;\n /\n Whether this is an anonymous user account\n * Example - `false`\n /\n isAnonymous: boolean;\n /\n User's preferred locale (language code)\n * Example - `\"en\"`\n * MinLength - 2\n * MaxLength - 2\n /\n locale: string;\n /\n Custom metadata associated with the user\n * Example - `{\"firstName\":\"John\",\"lastName\":\"Smith\"}`\n /\n metadata: Record<string, unknown>;\n /\n User's phone number\n * Example - `\"+12025550123\"`\n /\n phoneNumber?: string;\n /\n Whether the user's phone number has been verified\n * Example - `false`\n /\n phoneNumberVerified: boolean;\n /\n List of roles assigned to the user\n * Example - `[\"user\",\"customer\"]`\n /\n roles: string[];\n /\n Active MFA type for the user\n /\n activeMfaType?: string;\n}\n\n/\n Which sign-in method to use\n /\nexport type UserDeanonymizeRequestSignInMethod =\n \| \"email-password\"\n \| \"passwordless\";\n\n/\n \n @property signInMethod (`UserDeanonymizeRequestSignInMethod`) - Which sign-in method to use\n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property password? (`string`) - A password of minimum 3 characters\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n @property connection? (`string`) - Deprecated, will be ignored\n @property options? (`SignUpOptions`) - /\nexport interface UserDeanonymizeRequest {\n /\n Which sign-in method to use\n /\n signInMethod: UserDeanonymizeRequestSignInMethod;\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n A password of minimum 3 characters\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n /\n password?: string;\n /\n Deprecated, will be ignored\n /\n connection?: string;\n /\n \n /\n options?: SignUpOptions;\n}\n\n/\n \n @property newEmail (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`OptionsRedirectTo`) - /\nexport interface UserEmailChangeRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n newEmail: string;\n /\n \n /\n options?: OptionsRedirectTo;\n}\n\n/\n \n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`OptionsRedirectTo`) - /\nexport interface UserEmailSendVerificationEmailRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n \n /\n options?: OptionsRedirectTo;\n}\n\n/\n \n @property name (`string`) - A human-palatable name for the entity\n @property displayName (`string`) - A human-palatable name for the user account, intended only for display\n @property id (`string`) - The user handle of the user account entity/\nexport interface UserEntity {\n /\n A human-palatable name for the entity\n /\n name: string;\n /\n A human-palatable name for the user account, intended only for display\n /\n displayName: string;\n /\n The user handle of the user account entity\n /\n id: string;\n}\n\n/\n Type of MFA to activate. Use empty string to disable MFA.\n /\nexport type UserMfaRequestActiveMfaType = \"totp\" \| \"\";\n\n/\n Request to activate or deactivate multi-factor authentication\n @property code (`string`) - Verification code from the authenticator app when activating MFA\n * Example - `\"123456\"`\n @property activeMfaType? (`UserMfaRequestActiveMfaType`) - Type of MFA to activate. Use empty string to disable MFA.\n * Example - `\"totp\"`/\nexport interface UserMfaRequest {\n /\n Verification code from the authenticator app when activating MFA\n * Example - `\"123456\"`\n /\n code: string;\n /\n Type of MFA to activate. Use empty string to disable MFA.\n * Example - `\"totp\"`\n /\n activeMfaType?: UserMfaRequestActiveMfaType;\n}\n\n/\n \n @property newPassword (`string`) - A password of minimum 3 characters\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n @property ticket? (`string`) - Ticket to reset the password, required if the user is not authenticated\n * Pattern - ^passwordReset\\:.$/\nexport interface UserPasswordRequest {\n /*\n A password of minimum 3 characters\n * Example - `\"Str0ngPassw#ord-94\|%\"`\n * MinLength - 3\n * MaxLength - 50\n /\n newPassword: string;\n /\n Ticket to reset the password, required if the user is not authenticated\n * Pattern - ^passwordReset\\:.$\n /\n ticket?: string;\n}\n\n/*\n \n @property email (`string`) - A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n @property options? (`OptionsRedirectTo`) - /\nexport interface UserPasswordResetRequest {\n /\n A valid email\n * Example - `\"john.smith@nhost.io\"`\n * Format - email\n /\n email: string;\n /\n \n /\n options?: OptionsRedirectTo;\n}\n\n/\n A requirement for user verification for the operation\n /\nexport type UserVerificationRequirement =\n \| \"required\"\n \| \"preferred\"\n \| \"discouraged\";\n\n/\n \n @property credential (`CredentialCreationResponse`) - \n @property nickname? (`string`) - Optional nickname for the security key/\nexport interface VerifyAddSecurityKeyRequest {\n /\n \n /\n credential: CredentialCreationResponse;\n /\n Optional nickname for the security key\n /\n nickname?: string;\n}\n\n/\n \n @property id (`string`) - The ID of the newly added security key\n * Example - `\"123e4567-e89b-12d3-a456-426614174000\"`\n @property nickname? (`string`) - The nickname of the security key if provided/\nexport interface VerifyAddSecurityKeyResponse {\n /\n The ID of the newly added security key\n * Example - `\"123e4567-e89b-12d3-a456-426614174000\"`\n /\n id: string;\n /\n The nickname of the security key if provided\n /\n nickname?: string;\n}\n\n/\n \n @property token? (`string`) - JWT token to verify/\nexport interface VerifyTokenRequest {\n /\n JWT token to verify\n /\n token?: string;\n}\n\n/\n Target URL for the redirect\n /\nexport type RedirectToQuery = string;\n\n/\n \n /\nexport type SignInProvider =\n \| \"apple\"\n \| \"github\"\n \| \"google\"\n \| \"linkedin\"\n \| \"discord\"\n \| \"spotify\"\n \| \"twitch\"\n \| \"gitlab\"\n \| \"bitbucket\"\n \| \"workos\"\n \| \"azuread\"\n \| \"entraid\"\n \| \"strava\"\n \| \"facebook\"\n \| \"windowslive\"\n \| \"twitter\";\n\n/\n Ticket\n /\nexport type TicketQuery = string;\n\n/\n Type of the ticket\n /\nexport type TicketTypeQuery =\n \| \"emailVerify\"\n \| \"emailConfirmChange\"\n \| \"signinPasswordless\"\n \| \"passwordReset\";\n\n/\n \n @property version (`string`) - The version of the authentication service\n * Example - `\"1.2.3\"`/\nexport interface GetVersionResponse200 {\n /\n The version of the authentication service\n * Example - `\"1.2.3\"`\n /\n version: string;\n}\n\n/\n Parameters for the signInProvider method.\n @property allowedRoles? (string[]) - Array of allowed roles for the user\n \n @property defaultRole? (string) - Default role for the user\n \n @property displayName? (string) - Display name for the user\n \n @property locale? (string) - A two-characters locale\n \n @property metadata? (Record<string, unknown>) - Additional metadata for the user (JSON encoded string)\n \n @property redirectTo? (string) - URI to redirect to\n \n @property connect? (string) - If set, this means that the user is already authenticated and wants to link their account. This needs to be a valid JWT access token.\n \n @property state? (string) - Opaque state value to be returned by the provider\n /\nexport interface SignInProviderParams {\n /\n Array of allowed roles for the user\n \n /\n allowedRoles?: string[];\n /\n Default role for the user\n \n /\n defaultRole?: string;\n /\n Display name for the user\n \n /\n displayName?: string;\n /\n A two-characters locale\n \n /\n locale?: string;\n /\n Additional metadata for the user (JSON encoded string)\n \n /\n metadata?: Record<string, unknown>;\n /\n URI to redirect to\n \n /\n redirectTo?: string;\n /\n If set, this means that the user is already authenticated and wants to link their account. This needs to be a valid JWT access token.\n \n /\n connect?: string;\n /\n Opaque state value to be returned by the provider\n \n /\n state?: string;\n}\n/\n Parameters for the verifyTicket method.\n @property ticket (TicketQuery) - Ticket\n \n * Ticket\n @property type? (TicketTypeQuery) - Type of the ticket. Deprecated, no longer used\n \n * Type of the ticket\n @property redirectTo (RedirectToQuery) - Target URL for the redirect\n \n * Target URL for the redirect/\nexport interface VerifyTicketParams {\n /\n Ticket\n \n * Ticket\n /\n ticket: TicketQuery;\n /\n Type of the ticket. Deprecated, no longer used\n \n * Type of the ticket\n /\n type?: TicketTypeQuery;\n /\n Target URL for the redirect\n \n * Target URL for the redirect\n /\n redirectTo: RedirectToQuery;\n}\n\nexport interface Client {\n baseURL: string;\n\n /* Add a middleware function to the fetch chain\n * @param chainFunction - The middleware function to add\n /\n pushChainFunction(chainFunction: ChainFunction): void;\n /\n Summary: Get public keys for JWT verification in JWK Set format\n Retrieve the JSON Web Key Set (JWKS) containing public keys used to verify JWT signatures. This endpoint is used by clients to validate access tokens.\n\n This method may return different T based on the response code:\n - 200: JWKSet\n /\n getJWKs(options?: RequestInit): Promise<FetchResponse<JWKSet>>;\n\n /*\n Summary: Elevate access for an already signed in user using FIDO2 Webauthn\n Generate a Webauthn challenge for elevating user permissions\n\n This method may return different T based on the response code:\n - 200: PublicKeyCredentialRequestOptions\n /\n elevateWebauthn(\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialRequestOptions>>;\n\n /*\n Summary: Verify FIDO2 Webauthn authentication using public-key cryptography for elevation\n Complete Webauthn elevation by verifying the authentication response\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n verifyElevateWebauthn(\n body: SignInWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Health check (GET)\n Verify if the authentication service is operational using GET method\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n healthCheckGet(options?: RequestInit): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Health check (HEAD)\n Verify if the authentication service is operational using HEAD method\n\n This method may return different T based on the response code:\n - 200: void\n /\n healthCheckHead(options?: RequestInit): Promise<FetchResponse<void>>;\n\n /*\n Summary: Link a user account with the provider's account using an id token\n Link the authenticated user's account with an external OAuth provider account using an ID token. Requires elevated permissions.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n linkIdToken(\n body: LinkIdTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Generate TOTP secret\n Generate a Time-based One-Time Password (TOTP) secret for setting up multi-factor authentication\n\n This method may return different T based on the response code:\n - 200: TotpGenerateResponse\n /\n changeUserMfa(\n options?: RequestInit,\n ): Promise<FetchResponse<TotpGenerateResponse>>;\n\n /*\n Summary: Create a Personal Access Token (PAT)\n Generate a new Personal Access Token for programmatic API access. PATs are long-lived tokens that can be used instead of regular authentication for automated systems. Requires elevated permissions.\n\n This method may return different T based on the response code:\n - 200: CreatePATResponse\n /\n createPAT(\n body: CreatePATRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<CreatePATResponse>>;\n\n /*\n Summary: Sign in anonymously\n Create an anonymous user session without providing credentials. Anonymous users can be converted to regular users later via the deanonymize endpoint.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n signInAnonymous(\n body?: SignInAnonymousRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Sign in with email and password\n Authenticate a user with their email and password. Returns a session object or MFA challenge if two-factor authentication is enabled.\n\n This method may return different T based on the response code:\n - 200: SignInEmailPasswordResponse\n /\n signInEmailPassword(\n body: SignInEmailPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInEmailPasswordResponse>>;\n\n /*\n Summary: Sign in with an ID token\n Authenticate using an ID token from a supported OAuth provider (Apple or Google). Creates a new user account if one doesn't exist.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n signInIdToken(\n body: SignInIdTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Verify TOTP for MFA\n Complete the multi-factor authentication by verifying a Time-based One-Time Password (TOTP). Returns a session if validation is successful.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n verifySignInMfaTotp(\n body: SignInMfaTotpRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Sign in with email OTP\n Initiate email-based one-time password authentication. Sends an OTP to the specified email address. If the user doesn't exist, a new account will be created with the provided options.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n signInOTPEmail(\n body: SignInOTPEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Verify email OTP\n Complete email OTP authentication by verifying the one-time password. Returns a session if validation is successful.\n\n This method may return different T based on the response code:\n - 200: SignInOTPEmailVerifyResponse\n /\n verifySignInOTPEmail(\n body: SignInOTPEmailVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInOTPEmailVerifyResponse>>;\n\n /*\n Summary: Sign in with magic link email\n Initiate passwordless authentication by sending a magic link to the user's email. If the user doesn't exist, a new account will be created with the provided options.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n signInPasswordlessEmail(\n body: SignInPasswordlessEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Sign in with SMS OTP\n Initiate passwordless authentication by sending a one-time password to the user's phone number. If the user doesn't exist, a new account will be created with the provided options.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n signInPasswordlessSms(\n body: SignInPasswordlessSmsRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Verify SMS OTP\n Complete passwordless SMS authentication by verifying the one-time password. Returns a session if validation is successful.\n\n This method may return different T based on the response code:\n - 200: SignInPasswordlessSmsOtpResponse\n /\n verifySignInPasswordlessSms(\n body: SignInPasswordlessSmsOtpRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInPasswordlessSmsOtpResponse>>;\n\n /*\n Summary: Sign in with Personal Access Token (PAT)\n Authenticate using a Personal Access Token. PATs are long-lived tokens that can be used for programmatic access to the API.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n signInPAT(\n body: SignInPATRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Sign in with an OAuth2 provider\n Initiate OAuth2 authentication flow with a social provider. Redirects the user to the provider's authorization page.\n\n As this method is a redirect, it returns a URL string instead of a Promise\n /\n signInProviderURL(\n provider: SignInProvider,\n params?: SignInProviderParams,\n options?: RequestInit,\n ): string;\n\n /*\n Summary: Retrieve OAuth2 provider tokens from callback\n After successful OAuth2 authentication, retrieve the provider session containing access token, refresh token, and expiration information for the specified provider. To ensure the data isn't stale this endpoint must be called immediately after the OAuth callback to obtain the tokens. The session is cleared from the database during this call, so subsequent calls will fail without going through the sign-in flow again. It is the user's responsibility to store the session safely (e.g., in browser local storage).\n\n This method may return different T based on the response code:\n - 200: ProviderSession\n /\n getProviderTokens(\n provider: SignInProvider,\n options?: RequestInit,\n ): Promise<FetchResponse<ProviderSession>>;\n\n /*\n Summary: Sign in with Webauthn\n Initiate a Webauthn sign-in process by sending a challenge to the user's device. The user must have previously registered a Webauthn credential.\n\n This method may return different T based on the response code:\n - 200: PublicKeyCredentialRequestOptions\n /\n signInWebauthn(\n body?: SignInWebauthnRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialRequestOptions>>;\n\n /*\n Summary: Verify Webauthn sign-in\n Complete the Webauthn sign-in process by verifying the response from the user's device. Returns a session if validation is successful.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n verifySignInWebauthn(\n body: SignInWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Sign out\n End the current user session by invalidating refresh tokens. Optionally sign out from all devices.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n signOut(\n body: SignOutRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Sign up with email and password\n Register a new user account with email and password. Returns a session if email verification is not required, otherwise returns null session.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n signUpEmailPassword(\n body: SignUpEmailPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Sign up with Webauthn\n Initiate a Webauthn sign-up process by sending a challenge to the user's device. The user must not have an existing account.\n\n This method may return different T based on the response code:\n - 200: PublicKeyCredentialCreationOptions\n /\n signUpWebauthn(\n body: SignUpWebauthnRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialCreationOptions>>;\n\n /*\n Summary: Verify Webauthn sign-up\n Complete the Webauthn sign-up process by verifying the response from the user's device. Returns a session if validation is successful.\n\n This method may return different T based on the response code:\n - 200: SessionPayload\n /\n verifySignUpWebauthn(\n body: SignUpWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>>;\n\n /*\n Summary: Refresh access token\n Generate a new JWT access token using a valid refresh token. The refresh token used will be revoked and a new one will be issued.\n\n This method may return different T based on the response code:\n - 200: Session\n /\n refreshToken(\n body: RefreshTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<Session>>;\n\n /*\n Summary: Refresh OAuth2 provider tokens\n Refresh the OAuth2 provider access token using a valid refresh token. Returns a new provider session with updated access token, refresh token (if rotated by provider), and expiration information. This endpoint allows maintaining long-lived access to provider APIs without requiring the user to re-authenticate.\n\n This method may return different T based on the response code:\n - 200: ProviderSession\n /\n refreshProviderToken(\n provider: SignInProvider,\n body: RefreshProviderTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<ProviderSession>>;\n\n /*\n Summary: Verify JWT token\n Verify the validity of a JWT access token. If no request body is provided, the Authorization header will be used for verification.\n\n This method may return different T based on the response code:\n - 200: string\n /\n verifyToken(\n body?: VerifyTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<string>>;\n\n /*\n Summary: Get user information\n Retrieve the authenticated user's profile information including roles, metadata, and account status.\n\n This method may return different T based on the response code:\n - 200: User\n /\n getUser(options?: RequestInit): Promise<FetchResponse<User>>;\n\n /*\n Summary: Deanonymize an anonymous user\n Convert an anonymous user to a regular user by adding email and optionally password credentials. A confirmation email will be sent if the server is configured to do so.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n deanonymizeUser(\n body: UserDeanonymizeRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Change user email\n Request to change the authenticated user's email address. A verification email will be sent to the new address to confirm the change. Requires elevated permissions.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n changeUserEmail(\n body: UserEmailChangeRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Send verification email\n Send an email verification link to the specified email address. Used to verify email addresses for new accounts or email changes.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n sendVerificationEmail(\n body: UserEmailSendVerificationEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Manage multi-factor authentication\n Activate or deactivate multi-factor authentication for the authenticated user\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n verifyChangeUserMfa(\n body: UserMfaRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Change user password\n Change the user's password. The user must be authenticated with elevated permissions or provide a valid password reset ticket.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n changeUserPassword(\n body: UserPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Request password reset\n Request a password reset for a user account. An email with a verification link will be sent to the user's email address to complete the password reset process.\n\n This method may return different T based on the response code:\n - 200: OKResponse\n /\n sendPasswordResetEmail(\n body: UserPasswordResetRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>>;\n\n /*\n Summary: Initialize adding of a new webauthn security key\n Start the process of adding a new WebAuthn security key to the user's account. Returns a challenge that must be completed by the user's authenticator device. Requires elevated permissions.\n\n This method may return different T based on the response code:\n - 200: PublicKeyCredentialCreationOptions\n /\n addSecurityKey(\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialCreationOptions>>;\n\n /*\n Summary: Verify adding of a new webauthn security key\n Complete the process of adding a new WebAuthn security key by verifying the authenticator response. Requires elevated permissions.\n\n This method may return different T based on the response code:\n - 200: VerifyAddSecurityKeyResponse\n /\n verifyAddSecurityKey(\n body: VerifyAddSecurityKeyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<VerifyAddSecurityKeyResponse>>;\n\n /*\n Summary: Verify email and authentication tickets\n Verify tickets created by email verification, magic link authentication, or password reset processes. Redirects the user to the appropriate destination upon successful verification.\n\n As this method is a redirect, it returns a URL string instead of a Promise\n /\n verifyTicketURL(params?: VerifyTicketParams, options?: RequestInit): string;\n\n /*\n Summary: Get service version\n Retrieve version information about the authentication service\n\n This method may return different T based on the response code:\n - 200: GetVersionResponse200\n /\n getVersion(\n options?: RequestInit,\n ): Promise<FetchResponse<GetVersionResponse200>>;\n}\n\nexport const createAPIClient = (\n baseURL: string,\n chainFunctions: ChainFunction[] = [],\n): Client => {\n let fetch = createEnhancedFetch(chainFunctions);\n\n const pushChainFunction = (chainFunction: ChainFunction) => {\n chainFunctions.push(chainFunction);\n fetch = createEnhancedFetch(chainFunctions);\n };\n const getJWKs = async (\n options?: RequestInit,\n ): Promise<FetchResponse<JWKSet>> => {\n const url = `${baseURL}/.well-known/jwks.json`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: JWKSet = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<JWKSet>;\n };\n\n const elevateWebauthn = async (\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialRequestOptions>> => {\n const url = `${baseURL}/elevate/webauthn`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: PublicKeyCredentialRequestOptions = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<PublicKeyCredentialRequestOptions>;\n };\n\n const verifyElevateWebauthn = async (\n body: SignInWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/elevate/webauthn/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const healthCheckGet = async (\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/healthz`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const healthCheckHead = async (\n options?: RequestInit,\n ): Promise<FetchResponse<void>> => {\n const url = `${baseURL}/healthz`;\n const res = await fetch(url, {\n ...options,\n method: \"HEAD\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const payload: undefined = undefined;\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<void>;\n };\n\n const linkIdToken = async (\n body: LinkIdTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/link/idtoken`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const changeUserMfa = async (\n options?: RequestInit,\n ): Promise<FetchResponse<TotpGenerateResponse>> => {\n const url = `${baseURL}/mfa/totp/generate`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: TotpGenerateResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<TotpGenerateResponse>;\n };\n\n const createPAT = async (\n body: CreatePATRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<CreatePATResponse>> => {\n const url = `${baseURL}/pat`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: CreatePATResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<CreatePATResponse>;\n };\n\n const signInAnonymous = async (\n body?: SignInAnonymousRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signin/anonymous`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const signInEmailPassword = async (\n body: SignInEmailPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInEmailPasswordResponse>> => {\n const url = `${baseURL}/signin/email-password`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SignInEmailPasswordResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SignInEmailPasswordResponse>;\n };\n\n const signInIdToken = async (\n body: SignInIdTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signin/idtoken`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const verifySignInMfaTotp = async (\n body: SignInMfaTotpRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signin/mfa/totp`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const signInOTPEmail = async (\n body: SignInOTPEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/signin/otp/email`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const verifySignInOTPEmail = async (\n body: SignInOTPEmailVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInOTPEmailVerifyResponse>> => {\n const url = `${baseURL}/signin/otp/email/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SignInOTPEmailVerifyResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SignInOTPEmailVerifyResponse>;\n };\n\n const signInPasswordlessEmail = async (\n body: SignInPasswordlessEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/signin/passwordless/email`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const signInPasswordlessSms = async (\n body: SignInPasswordlessSmsRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/signin/passwordless/sms`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const verifySignInPasswordlessSms = async (\n body: SignInPasswordlessSmsOtpRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SignInPasswordlessSmsOtpResponse>> => {\n const url = `${baseURL}/signin/passwordless/sms/otp`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SignInPasswordlessSmsOtpResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SignInPasswordlessSmsOtpResponse>;\n };\n\n const signInPAT = async (\n body: SignInPATRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signin/pat`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const signInProviderURL = (\n provider: SignInProvider,\n params?: SignInProviderParams,\n ): string => {\n const encodedParameters =\n params &&\n Object.entries(params)\n .map(([key, value]) => {\n const stringValue = Array.isArray(value)\n ? value.join(\",\")\n : typeof value === \"object\"\n ? JSON.stringify(value)\n : (value as string);\n return `${key}=${encodeURIComponent(stringValue)}`;\n })\n .join(\"&\");\n\n const url = encodedParameters\n ? `${baseURL}/signin/provider/${provider}?${encodedParameters}`\n : `${baseURL}/signin/provider/${provider}`;\n return url;\n };\n\n const getProviderTokens = async (\n provider: SignInProvider,\n options?: RequestInit,\n ): Promise<FetchResponse<ProviderSession>> => {\n const url = `${baseURL}/signin/provider/${provider}/callback/tokens`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: ProviderSession = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<ProviderSession>;\n };\n\n const signInWebauthn = async (\n body?: SignInWebauthnRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialRequestOptions>> => {\n const url = `${baseURL}/signin/webauthn`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: PublicKeyCredentialRequestOptions = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<PublicKeyCredentialRequestOptions>;\n };\n\n const verifySignInWebauthn = async (\n body: SignInWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signin/webauthn/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const signOut = async (\n body: SignOutRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/signout`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const signUpEmailPassword = async (\n body: SignUpEmailPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signup/email-password`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const signUpWebauthn = async (\n body: SignUpWebauthnRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialCreationOptions>> => {\n const url = `${baseURL}/signup/webauthn`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: PublicKeyCredentialCreationOptions = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<PublicKeyCredentialCreationOptions>;\n };\n\n const verifySignUpWebauthn = async (\n body: SignUpWebauthnVerifyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<SessionPayload>> => {\n const url = `${baseURL}/signup/webauthn/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: SessionPayload = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<SessionPayload>;\n };\n\n const refreshToken = async (\n body: RefreshTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<Session>> => {\n const url = `${baseURL}/token`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: Session = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<Session>;\n };\n\n const refreshProviderToken = async (\n provider: SignInProvider,\n body: RefreshProviderTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<ProviderSession>> => {\n const url = `${baseURL}/token/provider/${provider}`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: ProviderSession = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<ProviderSession>;\n };\n\n const verifyToken = async (\n body?: VerifyTokenRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<string>> => {\n const url = `${baseURL}/token/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: string = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<string>;\n };\n\n const getUser = async (\n options?: RequestInit,\n ): Promise<FetchResponse<User>> => {\n const url = `${baseURL}/user`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: User = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<User>;\n };\n\n const deanonymizeUser = async (\n body: UserDeanonymizeRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/deanonymize`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const changeUserEmail = async (\n body: UserEmailChangeRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/email/change`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const sendVerificationEmail = async (\n body: UserEmailSendVerificationEmailRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/email/send-verification-email`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const verifyChangeUserMfa = async (\n body: UserMfaRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/mfa`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const changeUserPassword = async (\n body: UserPasswordRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/password`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const sendPasswordResetEmail = async (\n body: UserPasswordResetRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<OKResponse>> => {\n const url = `${baseURL}/user/password/reset`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: OKResponse = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<OKResponse>;\n };\n\n const addSecurityKey = async (\n options?: RequestInit,\n ): Promise<FetchResponse<PublicKeyCredentialCreationOptions>> => {\n const url = `${baseURL}/user/webauthn/add`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: PublicKeyCredentialCreationOptions = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<PublicKeyCredentialCreationOptions>;\n };\n\n const verifyAddSecurityKey = async (\n body: VerifyAddSecurityKeyRequest,\n options?: RequestInit,\n ): Promise<FetchResponse<VerifyAddSecurityKeyResponse>> => {\n const url = `${baseURL}/user/webauthn/verify`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n ...options?.headers,\n },\n body: JSON.stringify(body),\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: VerifyAddSecurityKeyResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<VerifyAddSecurityKeyResponse>;\n };\n\n const verifyTicketURL = (params?: VerifyTicketParams): string => {\n const encodedParameters =\n params &&\n Object.entries(params)\n .map(([key, value]) => {\n const stringValue = Array.isArray(value)\n ? value.join(\",\")\n : typeof value === \"object\"\n ? JSON.stringify(value)\n : (value as string);\n return `${key}=${encodeURIComponent(stringValue)}`;\n })\n .join(\"&\");\n\n const url = encodedParameters\n ? `${baseURL}/verify?${encodedParameters}`\n : `${baseURL}/verify`;\n return url;\n };\n\n const getVersion = async (\n options?: RequestInit,\n ): Promise<FetchResponse<GetVersionResponse200>> => {\n const url = `${baseURL}/version`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: GetVersionResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<GetVersionResponse200>;\n };\n\n return {\n baseURL,\n pushChainFunction,\n getJWKs,\n elevateWebauthn,\n verifyElevateWebauthn,\n healthCheckGet,\n healthCheckHead,\n linkIdToken,\n changeUserMfa,\n createPAT,\n signInAnonymous,\n signInEmailPassword,\n signInIdToken,\n verifySignInMfaTotp,\n signInOTPEmail,\n verifySignInOTPEmail,\n signInPasswordlessEmail,\n signInPasswordlessSms,\n verifySignInPasswordlessSms,\n signInPAT,\n signInProviderURL,\n getProviderTokens,\n signInWebauthn,\n verifySignInWebauthn,\n signOut,\n signUpEmailPassword,\n signUpWebauthn,\n verifySignUpWebauthn,\n refreshToken,\n refreshProviderToken,\n verifyToken,\n getUser,\n deanonymizeUser,\n changeUserEmail,\n sendVerificationEmail,\n verifyChangeUserMfa,\n changeUserPassword,\n sendPasswordResetEmail,\n addSecurityKey,\n verifyAddSecurityKey,\n verifyTicketURL,\n getVersion,\n };\n};\n","/*\n This file is auto-generated. Do not edit manually.\n /\n\nimport type { ChainFunction, FetchResponse } from \"../fetch\";\nimport { createEnhancedFetch, FetchError } from \"../fetch\";\n\n/\n Date in RFC 2822 format\n /\nexport type RFC2822Date = string;\n\n/\n Error details.\n @property message (`string`) - Human-readable error message.\n * Example - `\"File not found\"`\n @property data? (`Record<string, unknown>`) - Additional data related to the error, if any./\nexport interface ErrorResponseError {\n /\n Human-readable error message.\n * Example - `\"File not found\"`\n /\n message: string;\n /\n Additional data related to the error, if any.\n /\n data?: Record<string, unknown>;\n}\n\n/\n Error information returned by the API.\n @property error? (`ErrorResponseError`) - Error details./\nexport interface ErrorResponse {\n /\n Error details.\n /\n error?: ErrorResponseError;\n}\n\n/\n Error details.\n @property message (`string`) - Human-readable error message.\n * Example - `\"File not found\"`\n @property data? (`Record<string, unknown>`) - Additional data related to the error, if any./\nexport interface ErrorResponseWithProcessedFilesError {\n /\n Human-readable error message.\n * Example - `\"File not found\"`\n /\n message: string;\n /\n Additional data related to the error, if any.\n /\n data?: Record<string, unknown>;\n}\n\n/\n Error information returned by the API.\n @property processedFiles? (`FileMetadata[]`) - List of files that were successfully processed before the error occurred.\n @property error? (`ErrorResponseWithProcessedFilesError`) - Error details./\nexport interface ErrorResponseWithProcessedFiles {\n /\n List of files that were successfully processed before the error occurred.\n /\n processedFiles?: FileMetadata[];\n /\n Error details.\n /\n error?: ErrorResponseWithProcessedFilesError;\n}\n\n/\n Comprehensive metadata information about a file in storage.\n @property id (`string`) - Unique identifier for the file.\n * Example - `\"d5e76ceb-77a2-4153-b7da-1f7c115b2ff2\"`\n @property name (`string`) - Name of the file including extension.\n * Example - `\"profile-picture.jpg\"`\n @property size (`number`) - Size of the file in bytes.\n * Example - `245678`\n * Format - int64\n @property bucketId (`string`) - ID of the bucket containing the file.\n * Example - `\"users-bucket\"`\n @property etag (`string`) - Entity tag for cache validation.\n * Example - `\"\\\"a1b2c3d4e5f6\\\"\"`\n @property createdAt (`string`) - Timestamp when the file was created.\n * Example - `\"2023-01-15T12:34:56Z\"`\n * Format - date-time\n @property updatedAt (`string`) - Timestamp when the file was last updated.\n * Example - `\"2023-01-16T09:45:32Z\"`\n * Format - date-time\n @property isUploaded (`boolean`) - Whether the file has been successfully uploaded.\n * Example - `true`\n @property mimeType (`string`) - MIME type of the file.\n * Example - `\"image/jpeg\"`\n @property uploadedByUserId? (`string`) - ID of the user who uploaded the file.\n * Example - `\"abc123def456\"`\n @property metadata? (`Record<string, unknown>`) - Custom metadata associated with the file.\n * Example - `{\"alt\":\"Profile picture\",\"category\":\"avatar\"}`/\nexport interface FileMetadata {\n /\n Unique identifier for the file.\n * Example - `\"d5e76ceb-77a2-4153-b7da-1f7c115b2ff2\"`\n /\n id: string;\n /\n Name of the file including extension.\n * Example - `\"profile-picture.jpg\"`\n /\n name: string;\n /\n Size of the file in bytes.\n * Example - `245678`\n * Format - int64\n /\n size: number;\n /\n ID of the bucket containing the file.\n * Example - `\"users-bucket\"`\n /\n bucketId: string;\n /\n Entity tag for cache validation.\n * Example - `\"\\\"a1b2c3d4e5f6\\\"\"`\n /\n etag: string;\n /\n Timestamp when the file was created.\n * Example - `\"2023-01-15T12:34:56Z\"`\n * Format - date-time\n /\n createdAt: string;\n /\n Timestamp when the file was last updated.\n * Example - `\"2023-01-16T09:45:32Z\"`\n * Format - date-time\n /\n updatedAt: string;\n /\n Whether the file has been successfully uploaded.\n * Example - `true`\n /\n isUploaded: boolean;\n /\n MIME type of the file.\n * Example - `\"image/jpeg\"`\n /\n mimeType: string;\n /\n ID of the user who uploaded the file.\n * Example - `\"abc123def456\"`\n /\n uploadedByUserId?: string;\n /\n Custom metadata associated with the file.\n * Example - `{\"alt\":\"Profile picture\",\"category\":\"avatar\"}`\n /\n metadata?: Record<string, unknown>;\n}\n\n/\n Basic information about a file in storage.\n @property id (`string`) - Unique identifier for the file.\n * Example - `\"d5e76ceb-77a2-4153-b7da-1f7c115b2ff2\"`\n @property name (`string`) - Name of the file including extension.\n * Example - `\"profile-picture.jpg\"`\n @property bucketId (`string`) - ID of the bucket containing the file.\n * Example - `\"users-bucket\"`\n @property isUploaded (`boolean`) - Whether the file has been successfully uploaded.\n * Example - `true`/\nexport interface FileSummary {\n /\n Unique identifier for the file.\n * Example - `\"d5e76ceb-77a2-4153-b7da-1f7c115b2ff2\"`\n /\n id: string;\n /\n Name of the file including extension.\n * Example - `\"profile-picture.jpg\"`\n /\n name: string;\n /\n ID of the bucket containing the file.\n * Example - `\"users-bucket\"`\n /\n bucketId: string;\n /\n Whether the file has been successfully uploaded.\n * Example - `true`\n /\n isUploaded: boolean;\n}\n\n/\n Contains a presigned URL for direct file operations.\n @property url (`string`) - The presigned URL for file operations.\n * Example - `\"https://storage.example.com/files/abc123?signature=xyz\"`\n @property expiration (`number`) - The time in seconds until the URL expires.\n * Example - `3600`/\nexport interface PresignedURLResponse {\n /\n The presigned URL for file operations.\n * Example - `\"https://storage.example.com/files/abc123?signature=xyz\"`\n /\n url: string;\n /\n The time in seconds until the URL expires.\n * Example - `3600`\n /\n expiration: number;\n}\n\n/\n Metadata that can be updated for an existing file.\n @property name? (`string`) - New name to assign to the file.\n * Example - `\"renamed-file.jpg\"`\n @property metadata? (`Record<string, unknown>`) - Updated custom metadata to associate with the file.\n * Example - `{\"alt\":\"Updated image description\",\"category\":\"profile\"}`/\nexport interface UpdateFileMetadata {\n /\n New name to assign to the file.\n * Example - `\"renamed-file.jpg\"`\n /\n name?: string;\n /\n Updated custom metadata to associate with the file.\n * Example - `{\"alt\":\"Updated image description\",\"category\":\"profile\"}`\n /\n metadata?: Record<string, unknown>;\n}\n\n/\n Metadata provided when uploading a new file.\n @property id? (`string`) - Optional custom ID for the file. If not provided, a UUID will be generated.\n * Example - `\"custom-id-123\"`\n @property name? (`string`) - Name to assign to the file. If not provided, the original filename will be used.\n * Example - `\"custom-filename.png\"`\n @property metadata? (`Record<string, unknown>`) - Custom metadata to associate with the file.\n * Example - `{\"alt\":\"Custom image\",\"category\":\"document\"}`/\nexport interface UploadFileMetadata {\n /\n Optional custom ID for the file. If not provided, a UUID will be generated.\n * Example - `\"custom-id-123\"`\n /\n id?: string;\n /\n Name to assign to the file. If not provided, the original filename will be used.\n * Example - `\"custom-filename.png\"`\n /\n name?: string;\n /\n Custom metadata to associate with the file.\n * Example - `{\"alt\":\"Custom image\",\"category\":\"document\"}`\n /\n metadata?: Record<string, unknown>;\n}\n\n/\n Contains version information about the storage service.\n @property buildVersion (`string`) - The version number of the storage service build.\n * Example - `\"1.2.3\"`/\nexport interface VersionInformation {\n /\n The version number of the storage service build.\n * Example - `\"1.2.3\"`\n /\n buildVersion: string;\n}\n\n/\n Output format for image files. Use 'auto' for content negotiation based on Accept header\n /\nexport type OutputImageFormat =\n \| \"auto\"\n \| \"same\"\n \| \"jpeg\"\n \| \"webp\"\n \| \"png\"\n \| \"avif\"\n \| \"heic\";\n\n/\n \n @property bucket-id? (`string`) - Target bucket identifier where files will be stored.\n * Example - `\"user-uploads\"`\n @property metadata[]? (`UploadFileMetadata[]`) - Optional custom metadata for each uploaded file. Must match the order of the file[] array.\n @property file[] (`Blob[]`) - Array of files to upload./\nexport interface UploadFilesBody {\n /\n Target bucket identifier where files will be stored.\n * Example - `\"user-uploads\"`\n /\n \"bucket-id\"?: string;\n /\n Optional custom metadata for each uploaded file. Must match the order of the file[] array.\n /\n \"metadata[]\"?: UploadFileMetadata[];\n /\n Array of files to upload.\n /\n \"file[]\": Blob[];\n}\n\n/\n \n @property processedFiles (`FileMetadata[]`) - List of successfully processed files with their metadata./\nexport interface UploadFilesResponse201 {\n /\n List of successfully processed files with their metadata.\n /\n processedFiles: FileMetadata[];\n}\n\n/\n \n @property metadata? (`UpdateFileMetadata`) - Metadata that can be updated for an existing file.\n @property file? (`Blob`) - New file content to replace the existing file\n * Format - binary/\nexport interface ReplaceFileBody {\n /\n Metadata that can be updated for an existing file.\n /\n metadata?: UpdateFileMetadata;\n /\n New file content to replace the existing file\n * Format - binary\n /\n file?: Blob;\n}\n\n/\n \n @property metadata? (`FileSummary[]`) - /\nexport interface DeleteBrokenMetadataResponse200 {\n /\n \n /\n metadata?: FileSummary[];\n}\n\n/\n \n @property files? (`string[]`) - /\nexport interface DeleteOrphanedFilesResponse200 {\n /\n \n /\n files?: string[];\n}\n\n/\n \n @property metadata? (`FileSummary[]`) - /\nexport interface ListBrokenMetadataResponse200 {\n /\n \n /\n metadata?: FileSummary[];\n}\n\n/\n \n @property metadata? (`FileSummary[]`) - /\nexport interface ListFilesNotUploadedResponse200 {\n /\n \n /\n metadata?: FileSummary[];\n}\n\n/\n \n @property files? (`string[]`) - /\nexport interface ListOrphanedFilesResponse200 {\n /\n \n /\n files?: string[];\n}\n\n/\n Parameters for the getFile method.\n @property q? (number) - Image quality (1-100). Only applies to JPEG, WebP, PNG and HEIC files\n \n @property h? (number) - Maximum height to resize image to while maintaining aspect ratio. Only applies to image files\n \n @property w? (number) - Maximum width to resize image to while maintaining aspect ratio. Only applies to image files\n \n @property b? (number) - Blur the image using this sigma value. Only applies to image files\n \n @property f? (OutputImageFormat) - Output format for image files. Use 'auto' for content negotiation based on Accept header\n \n * Output format for image files. Use 'auto' for content negotiation based on Accept header/\nexport interface GetFileParams {\n /\n Image quality (1-100). Only applies to JPEG, WebP, PNG and HEIC files\n \n /\n q?: number;\n /\n Maximum height to resize image to while maintaining aspect ratio. Only applies to image files\n \n /\n h?: number;\n /\n Maximum width to resize image to while maintaining aspect ratio. Only applies to image files\n \n /\n w?: number;\n /\n Blur the image using this sigma value. Only applies to image files\n \n /\n b?: number;\n /\n Output format for image files. Use 'auto' for content negotiation based on Accept header\n \n * Output format for image files. Use 'auto' for content negotiation based on Accept header\n /\n f?: OutputImageFormat;\n}\n/\n Parameters for the getFileMetadataHeaders method.\n @property q? (number) - Image quality (1-100). Only applies to JPEG, WebP, PNG and HEIC files\n \n @property h? (number) - Maximum height to resize image to while maintaining aspect ratio. Only applies to image files\n \n @property w? (number) - Maximum width to resize image to while maintaining aspect ratio. Only applies to image files\n \n @property b? (number) - Blur the image using this sigma value. Only applies to image files\n \n @property f? (OutputImageFormat) - Output format for image files. Use 'auto' for content negotiation based on Accept header\n \n * Output format for image files. Use 'auto' for content negotiation based on Accept header/\nexport interface GetFileMetadataHeadersParams {\n /\n Image quality (1-100). Only applies to JPEG, WebP, PNG and HEIC files\n \n /\n q?: number;\n /\n Maximum height to resize image to while maintaining aspect ratio. Only applies to image files\n \n /\n h?: number;\n /\n Maximum width to resize image to while maintaining aspect ratio. Only applies to image files\n \n /\n w?: number;\n /\n Blur the image using this sigma value. Only applies to image files\n \n /\n b?: number;\n /\n Output format for image files. Use 'auto' for content negotiation based on Accept header\n \n * Output format for image files. Use 'auto' for content negotiation based on Accept header\n /\n f?: OutputImageFormat;\n}\n\nexport interface Client {\n baseURL: string;\n\n /* Add a middleware function to the fetch chain\n * @param chainFunction - The middleware function to add\n /\n pushChainFunction(chainFunction: ChainFunction): void;\n /\n Summary: Upload files\n Upload one or more files to a specified bucket. Supports batch uploading with optional custom metadata for each file. If uploading multiple files, either provide metadata for all files or none.\n\n This method may return different T based on the response code:\n - 201: UploadFilesResponse201\n /\n uploadFiles(\n body: UploadFilesBody,\n options?: RequestInit,\n ): Promise<FetchResponse<UploadFilesResponse201>>;\n\n /*\n Summary: Delete file\n Permanently delete a file from storage. This removes both the file content and its associated metadata.\n\n This method may return different T based on the response code:\n - 204: void\n /\n deleteFile(id: string, options?: RequestInit): Promise<FetchResponse<void>>;\n\n /*\n Summary: Download file\n Retrieve and download the complete file content. Supports conditional requests, image transformations, and range requests for partial downloads.\n\n This method may return different T based on the response code:\n - 200: void\n - 206: void\n - 304: void\n - 412: void\n /\n getFile(\n id: string,\n params?: GetFileParams,\n options?: RequestInit,\n ): Promise<FetchResponse<Blob>>;\n\n /*\n Summary: Check file information\n Retrieve file metadata headers without downloading the file content. Supports conditional requests and provides caching information.\n\n This method may return different T based on the response code:\n - 200: void\n - 304: void\n - 412: void\n /\n getFileMetadataHeaders(\n id: string,\n params?: GetFileMetadataHeadersParams,\n options?: RequestInit,\n ): Promise<FetchResponse<void>>;\n\n /*\n Summary: Replace file\n Replace an existing file with new content while preserving the file ID. The operation follows these steps:\n1. The isUploaded flag is set to false to mark the file as being updated\n2. The file content is replaced in the storage backend\n3. File metadata is updated (size, mime-type, isUploaded, etc.)\n\nEach step is atomic, but if a step fails, previous steps will not be automatically rolled back.\n\n\n This method may return different T based on the response code:\n - 200: FileMetadata\n /\n replaceFile(\n id: string,\n body: ReplaceFileBody,\n options?: RequestInit,\n ): Promise<FetchResponse<FileMetadata>>;\n\n /*\n Summary: Retrieve presigned URL to retrieve the file\n Retrieve presigned URL to retrieve the file. Expiration of the URL is\ndetermined by bucket configuration\n\n\n This method may return different T based on the response code:\n - 200: PresignedURLResponse\n /\n getFilePresignedURL(\n id: string,\n options?: RequestInit,\n ): Promise<FetchResponse<PresignedURLResponse>>;\n\n /*\n Summary: Delete broken metadata\n Broken metadata is defined as metadata that has isUploaded = true but there is no file in the storage matching it. This is an admin operation that requires the Hasura admin secret.\n\n This method may return different T based on the response code:\n - 200: DeleteBrokenMetadataResponse200\n /\n deleteBrokenMetadata(\n options?: RequestInit,\n ): Promise<FetchResponse<DeleteBrokenMetadataResponse200>>;\n\n /*\n Summary: Deletes orphaned files\n Orphaned files are files that are present in the storage but have no associated metadata. This is an admin operation that requires the Hasura admin secret.\n\n This method may return different T based on the response code:\n - 200: DeleteOrphanedFilesResponse200\n /\n deleteOrphanedFiles(\n options?: RequestInit,\n ): Promise<FetchResponse<DeleteOrphanedFilesResponse200>>;\n\n /*\n Summary: Lists broken metadata\n Broken metadata is defined as metadata that has isUploaded = true but there is no file in the storage matching it. This is an admin operation that requires the Hasura admin secret.\n\n This method may return different T based on the response code:\n - 200: ListBrokenMetadataResponse200\n /\n listBrokenMetadata(\n options?: RequestInit,\n ): Promise<FetchResponse<ListBrokenMetadataResponse200>>;\n\n /*\n Summary: Lists files that haven't been uploaded\n That is, metadata that has isUploaded = false. This is an admin operation that requires the Hasura admin secret.\n\n This method may return different T based on the response code:\n - 200: ListFilesNotUploadedResponse200\n /\n listFilesNotUploaded(\n options?: RequestInit,\n ): Promise<FetchResponse<ListFilesNotUploadedResponse200>>;\n\n /*\n Summary: Lists orphaned files\n Orphaned files are files that are present in the storage but have no associated metadata. This is an admin operation that requires the Hasura admin secret.\n\n This method may return different T based on the response code:\n - 200: ListOrphanedFilesResponse200\n /\n listOrphanedFiles(\n options?: RequestInit,\n ): Promise<FetchResponse<ListOrphanedFilesResponse200>>;\n\n /*\n Summary: Get service version information\n Retrieves build and version information about the storage service. Useful for monitoring and debugging.\n\n This method may return different T based on the response code:\n - 200: VersionInformation\n /\n getVersion(options?: RequestInit): Promise<FetchResponse<VersionInformation>>;\n}\n\nexport const createAPIClient = (\n baseURL: string,\n chainFunctions: ChainFunction[] = [],\n): Client => {\n let fetch = createEnhancedFetch(chainFunctions);\n\n const pushChainFunction = (chainFunction: ChainFunction) => {\n chainFunctions.push(chainFunction);\n fetch = createEnhancedFetch(chainFunctions);\n };\n const uploadFiles = async (\n body: UploadFilesBody,\n options?: RequestInit,\n ): Promise<FetchResponse<UploadFilesResponse201>> => {\n const url = `${baseURL}/files`;\n const formData = new FormData();\n const isReactNative =\n typeof navigator !== \"undefined\" &&\n (navigator as { product?: string }).product === \"ReactNative\";\n if (body[\"bucket-id\"] !== undefined) {\n formData.append(\"bucket-id\", body[\"bucket-id\"]);\n }\n if (body[\"metadata[]\"] !== undefined) {\n body[\"metadata[]\"].forEach((value) => {\n if (isReactNative) {\n formData.append(\"metadata[]\", {\n string: JSON.stringify(value),\n type: \"application/json\",\n name: \"\",\n } as unknown as Blob);\n } else {\n formData.append(\n \"metadata[]\",\n new Blob([JSON.stringify(value)], { type: \"application/json\" }),\n \"\",\n );\n }\n });\n }\n if (body[\"file[]\"] !== undefined) {\n body[\"file[]\"].forEach((value) => {\n formData.append(\"file[]\", value);\n });\n }\n\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n body: formData,\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: UploadFilesResponse201 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<UploadFilesResponse201>;\n };\n\n const deleteFile = async (\n id: string,\n options?: RequestInit,\n ): Promise<FetchResponse<void>> => {\n const url = `${baseURL}/files/${id}`;\n const res = await fetch(url, {\n ...options,\n method: \"DELETE\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const payload: undefined = undefined;\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<void>;\n };\n\n const getFile = async (\n id: string,\n params?: GetFileParams,\n options?: RequestInit,\n ): Promise<FetchResponse<Blob>> => {\n const encodedParameters =\n params &&\n Object.entries(params)\n .map(([key, value]) => {\n const stringValue = Array.isArray(value)\n ? value.join(\",\")\n : typeof value === \"object\"\n ? JSON.stringify(value)\n : (value as string);\n return `${key}=${encodeURIComponent(stringValue)}`;\n })\n .join(\"&\");\n\n const url = encodedParameters\n ? `${baseURL}/files/${id}?${encodedParameters}`\n : `${baseURL}/files/${id}`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const payload: Blob = await res.blob();\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<Blob>;\n };\n\n const getFileMetadataHeaders = async (\n id: string,\n params?: GetFileMetadataHeadersParams,\n options?: RequestInit,\n ): Promise<FetchResponse<void>> => {\n const encodedParameters =\n params &&\n Object.entries(params)\n .map(([key, value]) => {\n const stringValue = Array.isArray(value)\n ? value.join(\",\")\n : typeof value === \"object\"\n ? JSON.stringify(value)\n : (value as string);\n return `${key}=${encodeURIComponent(stringValue)}`;\n })\n .join(\"&\");\n\n const url = encodedParameters\n ? `${baseURL}/files/${id}?${encodedParameters}`\n : `${baseURL}/files/${id}`;\n const res = await fetch(url, {\n ...options,\n method: \"HEAD\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const payload: undefined = undefined;\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<void>;\n };\n\n const replaceFile = async (\n id: string,\n body: ReplaceFileBody,\n options?: RequestInit,\n ): Promise<FetchResponse<FileMetadata>> => {\n const url = `${baseURL}/files/${id}`;\n const formData = new FormData();\n const isReactNative =\n typeof navigator !== \"undefined\" &&\n (navigator as { product?: string }).product === \"ReactNative\";\n if (body[\"metadata\"] !== undefined) {\n if (isReactNative) {\n formData.append(\"metadata\", {\n string: JSON.stringify(body[\"metadata\"]),\n type: \"application/json\",\n name: \"\",\n } as unknown as Blob);\n } else {\n formData.append(\n \"metadata\",\n new Blob([JSON.stringify(body[\"metadata\"])], {\n type: \"application/json\",\n }),\n \"\",\n );\n }\n }\n if (body[\"file\"] !== undefined) {\n formData.append(\"file\", body[\"file\"]);\n }\n\n const res = await fetch(url, {\n ...options,\n method: \"PUT\",\n body: formData,\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: FileMetadata = responseBody ? JSON.parse(responseBody) : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<FileMetadata>;\n };\n\n const getFilePresignedURL = async (\n id: string,\n options?: RequestInit,\n ): Promise<FetchResponse<PresignedURLResponse>> => {\n const url = `${baseURL}/files/${id}/presignedurl`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: PresignedURLResponse = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<PresignedURLResponse>;\n };\n\n const deleteBrokenMetadata = async (\n options?: RequestInit,\n ): Promise<FetchResponse<DeleteBrokenMetadataResponse200>> => {\n const url = `${baseURL}/ops/delete-broken-metadata`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: DeleteBrokenMetadataResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<DeleteBrokenMetadataResponse200>;\n };\n\n const deleteOrphanedFiles = async (\n options?: RequestInit,\n ): Promise<FetchResponse<DeleteOrphanedFilesResponse200>> => {\n const url = `${baseURL}/ops/delete-orphans`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: DeleteOrphanedFilesResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<DeleteOrphanedFilesResponse200>;\n };\n\n const listBrokenMetadata = async (\n options?: RequestInit,\n ): Promise<FetchResponse<ListBrokenMetadataResponse200>> => {\n const url = `${baseURL}/ops/list-broken-metadata`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: ListBrokenMetadataResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<ListBrokenMetadataResponse200>;\n };\n\n const listFilesNotUploaded = async (\n options?: RequestInit,\n ): Promise<FetchResponse<ListFilesNotUploadedResponse200>> => {\n const url = `${baseURL}/ops/list-not-uploaded`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: ListFilesNotUploadedResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<ListFilesNotUploadedResponse200>;\n };\n\n const listOrphanedFiles = async (\n options?: RequestInit,\n ): Promise<FetchResponse<ListOrphanedFilesResponse200>> => {\n const url = `${baseURL}/ops/list-orphans`;\n const res = await fetch(url, {\n ...options,\n method: \"POST\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: ListOrphanedFilesResponse200 = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<ListOrphanedFilesResponse200>;\n };\n\n const getVersion = async (\n options?: RequestInit,\n ): Promise<FetchResponse<VersionInformation>> => {\n const url = `${baseURL}/version`;\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: {\n ...options?.headers,\n },\n });\n\n if (res.status >= 300) {\n const responseBody = [412].includes(res.status) ? null : await res.text();\n const payload: unknown = responseBody ? JSON.parse(responseBody) : {};\n throw new FetchError(payload, res.status, res.headers);\n }\n\n const responseBody = [204, 205, 304].includes(res.status)\n ? null\n : await res.text();\n const payload: VersionInformation = responseBody\n ? JSON.parse(responseBody)\n : {};\n\n return {\n body: payload,\n status: res.status,\n headers: res.headers,\n } as FetchResponse<VersionInformation>;\n };\n\n return {\n baseURL,\n pushChainFunction,\n uploadFiles,\n deleteFile,\n getFile,\n getFileMetadataHeaders,\n replaceFile,\n getFilePresignedURL,\n deleteBrokenMetadata,\n deleteOrphanedFiles,\n listBrokenMetadata,\n listFilesNotUploaded,\n listOrphanedFiles,\n getVersion,\n };\n};\n","/*\n GraphQL client for the Nhost JavaScript SDK.\n \n This module provides functionality for executing GraphQL operations against\n * a Hasura GraphQL API.\n /\n\nimport type { TypedDocumentNode } from \"@graphql-typed-document-node/core\";\nimport {\n type ChainFunction,\n createEnhancedFetch,\n FetchError,\n type FetchResponse,\n} from \"../fetch\";\n\n/\n Variables object for GraphQL operations.\n * Key-value pairs of variable names and their values.\n /\nexport type GraphQLVariables = Record<string, unknown>;\n\n/\n GraphQL request object used for queries and mutations.\n /\nexport interface GraphQLRequest<TVariables = GraphQLVariables> {\n /* The GraphQL query or mutation string /\n query: string;\n /* Optional variables for parameterized queries /\n variables?: TVariables;\n /* Optional name of the operation to execute /\n operationName?: string;\n}\n\n/\n Represents a GraphQL error returned from the server.\n /\nexport interface GraphQLError {\n /* Error message /\n message: string;\n /* Source locations in the GraphQL document where the error occurred /\n locations?: { line: number; column: number }[];\n /* Path in the query where the error occurred /\n path?: string[];\n /* Additional error information specific to the GraphQL implementation /\n extensions?: { path: string; code: string };\n}\n\n/\n Standard GraphQL response format as defined by the GraphQL specification.\n /\nexport interface GraphQLResponse<TResponseData = unknown> {\n /* The data returned from successful execution /\n data?: TResponseData;\n /* Array of errors if execution was unsuccessful or partially successful /\n errors?: GraphQLError[];\n}\n\n/\n GraphQL client interface providing methods for executing queries and mutations\n /\nexport interface Client {\n /\n Execute a GraphQL query operation\n \n Queries are used to fetch data and should not modify any data on the server.\n \n @param request - GraphQL request object containing query and optional variables\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the GraphQL response and metadata\n /\n request<TResponseData = unknown, TVariables = GraphQLVariables>(\n request: GraphQLRequest<TVariables>,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n\n /\n Execute a GraphQL query operation using a typed document node\n \n @param document - TypedDocumentNode containing the query and type information\n * @param variables - Variables for the GraphQL operation\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the GraphQL response and metadata\n /\n request<TResponseData, TVariables = GraphQLVariables>(\n document: TypedDocumentNode<TResponseData, TVariables>,\n variables?: TVariables,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n\n /\n URL for the GraphQL endpoint.\n /\n url: string;\n\n /* Add a middleware function to the fetch chain\n * @param chainFunction - The middleware function to add\n /\n pushChainFunction(chainFunction: ChainFunction): void;\n}\n\n/\n Creates a GraphQL API client for interacting with a GraphQL endpoint.\n \n This client provides methods for executing queries and mutations against\n * a GraphQL API, with support for middleware functions to handle authentication,\n * error handling, and other cross-cutting concerns.\n \n @param url - Base URL for the GraphQL endpoint\n * @param chainFunctions - Array of middleware functions for the fetch chain\n * @returns GraphQL client with query and mutation methods\n /\nexport const createAPIClient = (\n url: string,\n chainFunctions: ChainFunction[] = [],\n): Client => {\n let enhancedFetch = createEnhancedFetch(chainFunctions);\n\n const pushChainFunction = (chainFunction: ChainFunction) => {\n chainFunctions.push(chainFunction);\n enhancedFetch = createEnhancedFetch(chainFunctions);\n };\n\n const executeOperation = async <\n TResponseData = unknown,\n TVariables = GraphQLVariables,\n >(\n request: GraphQLRequest<TVariables>,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>> => {\n const response = await enhancedFetch(`${url}`, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n body: JSON.stringify(request),\n ...options,\n });\n\n const body = await response.text();\n const data: GraphQLResponse<TResponseData> = (\n body ? JSON.parse(body) : {}\n ) as GraphQLResponse<TResponseData>;\n\n const resp = {\n body: data,\n status: response.status,\n headers: response.headers,\n };\n\n if (data.errors) {\n throw new FetchError(data, response.status, response.headers);\n }\n\n return resp;\n };\n\n function request<TResponseData = unknown, TVariables = GraphQLVariables>(\n request: GraphQLRequest<TVariables>,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n function request<TResponseData, TVariables = GraphQLVariables>(\n document: TypedDocumentNode<TResponseData, TVariables>,\n variables?: TVariables,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>>;\n function request<TResponseData, TVariables = GraphQLVariables>(\n requestOrDocument:\n \| GraphQLRequest<TVariables>\n \| TypedDocumentNode<TResponseData, TVariables>,\n variablesOrOptions?: TVariables \| RequestInit,\n options?: RequestInit,\n ): Promise<FetchResponse<GraphQLResponse<TResponseData>>> {\n if (typeof requestOrDocument === \"object\" && \"kind\" in requestOrDocument) {\n const definition = requestOrDocument.definitions[0];\n\n const request: GraphQLRequest<TVariables> = {\n query: requestOrDocument.loc?.source.body \|\| \"\",\n variables: variablesOrOptions as TVariables,\n operationName:\n definition && \"name\" in definition\n ? definition.name?.value\n : undefined,\n };\n return executeOperation(request, options);\n } else {\n // Handle GraphQLRequest\n const request = requestOrDocument;\n const requestOptions = variablesOrOptions as RequestInit;\n return executeOperation(request, requestOptions);\n }\n }\n\n return {\n request,\n url,\n pushChainFunction,\n } as Client;\n};\n","/\n Functions client for the Nhost JavaScript SDK.\n \n This module provides functionality for executing serverless function calls\n * against Nhost serverless functions.\n /\n\nimport {\n type ChainFunction,\n createEnhancedFetch,\n FetchError,\n type FetchResponse,\n} from \"../fetch\";\n\n/\n Functions client interface providing methods for executing serverless function calls\n /\nexport interface Client {\n baseURL: string;\n\n /* Add a middleware function to the fetch chain\n * @param chainFunction - The middleware function to add\n /\n pushChainFunction(chainFunction: ChainFunction): void;\n\n /\n Execute a request to a serverless function\n * The response body will be automatically parsed based on the content type into the following types:\n * - Object if the response is application/json\n * - string text string if the response is text/\n - Blob if the response is any other type\n \n @param path - The path to the serverless function\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the function response and metadata.\n /\n fetch<T = unknown>(\n path: string,\n options?: RequestInit,\n ): Promise<FetchResponse<T>>;\n\n /\n Executes a POST request to a serverless function with a JSON body\n \n This is a convenience method assuming the request is a POST with JSON body\n * setting the `Content-Type` and 'Accept' headers to `application/json` and\n * automatically stringifying the body.\n \n For a more generic request, use the `fetch` method instead.\n \n @param path - The path to the serverless function\n * @param body - The JSON body to send in the request\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the function response and metadata\n /\n post<T = unknown>(\n path: string,\n body?: unknown,\n options?: RequestInit,\n ): Promise<FetchResponse<T>>;\n}\n\n/\n Creates a Functions API client for interacting with serverless functions.\n \n This client provides methods for executing requests against serverless functions,\n * with support for middleware functions to handle authentication, error handling,\n * and other cross-cutting concerns.\n \n @param baseURL - Base URL for the functions endpoint\n * @param chainFunctions - Array of middleware functions for the fetch chain\n * @returns Functions client with fetch method\n /\nexport const createAPIClient = (\n baseURL: string,\n chainFunctions: ChainFunction[] = [],\n): Client => {\n let enhancedFetch = createEnhancedFetch(chainFunctions);\n\n const pushChainFunction = (chainFunction: ChainFunction) => {\n chainFunctions.push(chainFunction);\n enhancedFetch = createEnhancedFetch(chainFunctions);\n };\n\n /\n Executes a request to a serverless function and processes the response\n \n @param path - The path to the serverless function\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the function response and metadata. Body will be either\n * - JSON object if the response is application/json\n - text string if the response is text/\n - Blob if the response is any other type\n /\n const fetch = async <T = unknown>(\n path: string,\n options?: RequestInit,\n ): Promise<FetchResponse<T \| string \| Blob>> => {\n const resp = await enhancedFetch(`${baseURL}${path}`, options);\n\n let body: T \| string \| Blob;\n // Process response based on content type\n if (resp.headers.get(\"content-type\")?.includes(\"application/json\")) {\n body = (await resp.json()) as T;\n } else if (resp.headers.get(\"content-type\")?.startsWith(\"text/\")) {\n body = await resp.text();\n } else {\n body = await resp.blob();\n }\n\n // Throw error for non-OK responses\n if (!resp.ok) {\n throw new FetchError(body, resp.status, resp.headers);\n }\n\n return {\n status: resp.status,\n body,\n headers: resp.headers,\n };\n };\n\n /*\n Executes a POST request to a serverless function with a JSON body\n \n This is a convenience method assuming the request is a POST with JSON body\n * setting the `Content-Type` and 'Accept' headers to `application/json` and\n * automatically stringifying the body.\n \n For a more generic request, use the `fetch` method instead.\n \n @param path - The path to the serverless function\n * @param body - The JSON body to send in the request\n * @param options - Additional fetch options to apply to the request\n * @returns Promise with the function response and metadata\n /\n const post = async <T = unknown>(\n path: string,\n body?: unknown,\n options: RequestInit = {},\n ): Promise<FetchResponse<T \| string \| Blob>> => {\n // Ensure the method is POST and set the body\n const requestOptions: RequestInit = {\n ...options,\n method: \"POST\",\n headers: {\n Accept: \"application/json\",\n \"Content-Type\": \"application/json\",\n ...options.headers,\n },\n body: body ? JSON.stringify(body) : undefined,\n };\n\n return fetch<T>(path, requestOptions);\n };\n\n // Return client object with the fetch method\n return {\n baseURL,\n fetch,\n post,\n pushChainFunction,\n } as Client;\n};\n","/\n Main entry point for the Nhost JavaScript SDK.\n \n This package provides a unified client for interacting with Nhost services:\n * - Authentication\n * - Storage\n * - GraphQL\n * - Functions\n \n ## Import\n \n ```ts\n * import { createClient } from \"@nhost/nhost-js\";\n * ```\n \n ## Usage\n \n Create a client instance to interact with Nhost services:\n \n {@includeCode ./__tests__/docstrings.test.ts:15-119}\n \n ### Creating an admin client\n \n You can also create an admin client if needed. This client will have admin access to the database\n * and will bypass permissions. Additionally, it can impersonate users and set any role or session\n * variable.\n \n IMPORTANT!!! Keep your admin secret safe and never expose it in client-side code.\n \n {@includeCode ./__tests__/docstrings.test.ts:142-201}\n \n @packageDocumentation\n /\n\nexport {\n type ClientConfigurationFn,\n createClient,\n createNhostClient,\n createServerClient,\n type NhostClient,\n type NhostClientOptions,\n type NhostServerClientOptions,\n withAdminSession,\n withClientSideSessionMiddleware,\n withServerSideSessionMiddleware,\n} from \"./nhost\";\n\n/\n Generates a base URL for a Nhost service based on configuration\n \n @param serviceType - Type of service (auth, storage, graphql, functions)\n * @param subdomain - Nhost project subdomain\n * @param region - Nhost region\n * @param customUrl - Custom URL override if provided\n * @returns The base URL for the service\n /\nexport const generateServiceUrl = (\n serviceType: \"auth\" \| \"storage\" \| \"graphql\" \| \"functions\",\n subdomain?: string,\n region?: string,\n customUrl?: string,\n): string => {\n if (customUrl) {\n return customUrl;\n } else if (subdomain && region) {\n return `https://${subdomain}.${serviceType}.${region}.nhost.run/v1`;\n } else {\n return `https://local.${serviceType}.local.nhost.run/v1`;\n }\n};\n","/\n Admin session middleware for the Nhost SDK.\n \n This module provides middleware functionality to automatically attach\n * Hasura admin secret for admin permissions in requests.\n /\n\nimport type { ChainFunction, FetchFunction } from \"./fetch\";\n\n/\n Configuration options for admin session middleware\n /\nexport interface AdminSessionOptions {\n /\n Hasura admin secret for elevated permissions (sets x-hasura-admin-secret header)\n /\n adminSecret: string;\n\n /\n Hasura role to use for the request (sets x-hasura-role header)\n /\n role?: string;\n\n /\n Additional Hasura session variables to attach to requests.\n * Keys will be automatically prefixed with 'x-hasura-' if not already present.\n \n @example\n * ```ts\n * {\n * 'user-id': '123',\n * 'org-id': '456'\n * }\n * // Results in headers:\n * // x-hasura-user-id: 123\n * // x-hasura-org-id: 456\n * ```\n /\n sessionVariables?: Record<string, string>;\n}\n\n/\n Creates a fetch middleware that attaches the Hasura admin secret and optional session variables to requests.\n \n This middleware:\n * 1. Sets the x-hasura-admin-secret header, which grants full admin access to Hasura\n * 2. Optionally sets the x-hasura-role header if a role is provided\n * 3. Optionally sets additional x-hasura-* headers for custom session variables\n \n Security Warning: Never use this middleware in client-side code or expose\n * the admin secret to end users. Admin secrets grant unrestricted access to your\n * entire database. This should only be used in trusted server-side environments.\n \n The middleware preserves request-specific headers when they conflict with the\n * admin session configuration.\n \n @param options - Admin session options including admin secret, role, and session variables\n * @returns A middleware function that can be used in the fetch chain\n \n @example\n * ```ts\n * // Create middleware with admin secret only\n * const adminMiddleware = withAdminSessionMiddleware({\n * adminSecret: process.env.NHOST_ADMIN_SECRET\n * });\n \n // Create middleware with admin secret and role\n * const adminUserMiddleware = withAdminSessionMiddleware({\n * adminSecret: process.env.NHOST_ADMIN_SECRET,\n * role: 'user'\n * });\n \n // Create middleware with admin secret, role, and custom session variables\n * const fullMiddleware = withAdminSessionMiddleware({\n * adminSecret: process.env.NHOST_ADMIN_SECRET,\n * role: 'user',\n * sessionVariables: {\n * 'user-id': '123',\n * 'org-id': '456'\n * }\n * });\n \n // Use with createCustomClient for an admin client\n * const adminClient = createCustomClient({\n * subdomain: 'myproject',\n * region: 'eu-central-1',\n * chainFunctions: [adminMiddleware]\n * });\n * ```\n */\nexport const withAdminSessionMiddleware =\n (options: AdminSessionOptions): ChainFunction =>\n (next: FetchFunction): FetchFunction =>\n async (url: string, requestOptions: RequestInit = {}): Promise<Response> => {\n const headers = new Headers(requestOptions.headers \|\| {});\n\n // Set x-hasura-admin-secret if not already present\n if (!headers.has(\"x-hasura-admin-secret\")) {\n headers.set(\"x-hasura-admin-secret\", options.adminSecret);\n }\n\n // Set x-hasura-role if provided and not already present\n if (options.role && !headers.has(\"x-hasura-role\")) {\n headers.set(\"x-hasura-role\", options.role);\n }\n\n // Set custom session variables\n if (options.sessionVariables) {\n for (const [key, value] of Object.entries(options.sessionVariables)) {\n // Ensure the key has the x-hasura- prefix\n const headerKey = key.startsWith(\"x-hasura-\") ? key : `x-hasura-${key}`;\n\n // Only set if not already present in the request\n if (!headers.has(headerKey)) {\n headers.set(headerKey, value);\n }\n }\n }\n\n return next(url, { ...requestOptions, headers });\n };\n"],"names":["createEnhancedFetch","chainFunctions","reduceRight","nextInChain","chainFunction","fetch","FetchError","Error","body","status","headers","constructor","super","typedBody","error","Array","isArray","messages","filter","map","length","join","extractMessage","this","attachAccessTokenMiddleware","storage","next","async","url","options","Headers","has","session","get","accessToken","newOptions","addAuthorizationHeader","set","lock","navigator","locks","request","_name","_options","callback","refreshSession","auth","marginSeconds","_refreshSession","console","warn","errResponse","remove","needsRefresh","mode","_needsRefresh","sessionExpired","response","refreshToken","decodedToken","exp","currentTime","Date","now","sessionRefreshMiddleware","endsWith","shouldSkipTokenHandling","updateSessionFromResponseMiddleware","includes","clonedResponse","clone","json","catch","sessionExtractor","isPostgresArray","value","startsWith","parsePostgresArray","slice","split","item","trim","replace","LocalStorage","storageKey","window","localStorage","getItem","JSON","parse","setItem","stringify","removeItem","MemoryStorage","SessionStorage","subscribers","Set","s","atob","Buffer","from","toString","iat","hasuraClaims","processedClaims","Object","entries","reduce","acc","key","decodeUserSession","decodedSession","notifySubscribers","onChange","add","delete","subscriber","detectStorage","withClientSideSessionMiddleware","graphql","functions","sessionStorage","mwChain","mw","pushChainFunction","withServerSideSessionMiddleware","NhostClient","getUserSession","clearSession","createNhostClient","subdomain","region","authUrl","storageUrl","graphqlUrl","functionsUrl","configure","authBaseUrl","generateServiceUrl","storageBaseUrl","graphqlBaseUrl","functionsBaseUrl","baseURL","push","getJWKs","res","method","responseBody","text","payload","elevateWebauthn","verifyElevateWebauthn","healthCheckGet","healthCheckHead","linkIdToken","changeUserMfa","createPAT","signInAnonymous","signInEmailPassword","signInIdToken","verifySignInMfaTotp","signInOTPEmail","verifySignInOTPEmail","signInPasswordlessEmail","signInPasswordlessSms","verifySignInPasswordlessSms","signInPAT","signInProviderURL","provider","params","encodedParameters","stringValue","encodeURIComponent","getProviderTokens","signInWebauthn","verifySignInWebauthn","signOut","signUpEmailPassword","signUpWebauthn","verifySignUpWebauthn","refreshProviderToken","verifyToken","getUser","deanonymizeUser","changeUserEmail","sendVerificationEmail","verifyChangeUserMfa","changeUserPassword","sendPasswordResetEmail","addSecurityKey","verifyAddSecurityKey","verifyTicketURL","getVersion","createAuthClient","storageClient","uploadFiles","formData","FormData","isReactNative","product","append","forEach","string","type","name","Blob","deleteFile","id","getFile","blob","getFileMetadataHeaders","replaceFile","getFilePresignedURL","deleteBrokenMetadata","deleteOrphanedFiles","listBrokenMetadata","listFilesNotUploaded","listOrphanedFiles","createStorageClient","graphqlClient","enhancedFetch","executeOperation","data","resp","errors","requestOrDocument","variablesOrOptions","definition","definitions","query","loc","source","variables","operationName","createGraphQLClient","functionsClient","path","ok","post","requestOptions","Accept","createFunctionsClient","configFn","serviceType","customUrl","adminSession","adminMiddleware","adminSecret","role","sessionVariables","headerKey"],"mappings":"+OAiDO,SAASA,EACdC,EAAkC,IAIlC,OAAOA,EAAeC,aACpB,CAACC,EAAaC,IAAkBA,EAAcD,IAC9CE,MAEJ,CA4EO,MAAMC,UAAgCC,MAE3CC,KAEAC,OAEAC,QASA,WAAAC,CAAYH,EAASC,EAAgBC,GACnCE,MAzEJ,SAAwBJ,GACtB,GAAIA,GAAwB,iBAATA,EACjB,OAAOA,EAGT,GAAIA,GAAwB,iBAATA,EAAmB,CACpC,MAAMK,EAAYL,EAElB,GAAI,YAAaK,GAA6C,iBAAzBA,EAAmB,QACtD,OAAOA,EAAmB,QAG5B,GAAI,UAAWA,GAA2C,iBAAvBA,EAAiB,MAClD,OAAOA,EAAiB,MAG1B,GACE,UAAWA,GACXA,EAAiB,OACa,iBAAvBA,EAAiB,MACxB,CACA,MAAMC,EAAQD,EAAiB,MAC/B,GAAI,YAAaC,GAAqC,iBAArBA,EAAe,QAC9C,OAAOA,EAAe,OAE1B,CAEA,GAAI,WAAYD,GAAaE,MAAMC,QAAQH,EAAkB,QAAI,CAC/D,MAAMI,EAAYJ,EAAkB,OACjCK,QACEJ,GACkB,iBAAVA,GACG,OAAVA,GACA,YAAaA,GACyC,iBAA9CA,EAAwC,UAEnDK,KAAKL,GAAUA,EAAe,UAEjC,GAAIG,EAASG,OAAS,EACpB,OAAOH,EAASI,KAAK,KAEzB,CACF,CAEA,MAAO,8BACT,CA4BUC,CAAed,IACrBe,KAAKf,KAAOA,EACZe,KAAKd,OAASA,EACdc,KAAKb,QAAUA,CACjB,ECjIK,MAAMc,EACVC,GACAC,GACDC,MAAOC,EAAaC,EAAuB,MACzC,MAAMnB,EAAU,IAAIoB,QAAQD,EAAQnB,SAAW,CAAA,GAG/C,GAAIA,EAAQqB,IAAI,iBACd,OAAOL,EAAKE,EAAKC,GAInB,MAAMG,EAAUP,EAAQQ,MAExB,GAAID,GAASE,YAAa,CAExB,MAAMC,EAAa,IACdN,EACHnB,QAAS0B,EAAuB1B,EAASsB,IAI3C,OAAON,EAAKE,EAAKO,EACnB,CAGA,OAAOT,EAAKE,EAAKC,EAAO,EAU5B,SAASO,EAAuB1B,EAAkBsB,GAIhD,OAHIA,EAAQE,aACVxB,EAAQ2B,IAAI,gBAAiB,UAAUL,EAAQE,eAE1CxB,CACT,CCxCA,MAAM4B,EAEiB,oBAAdC,WAA6BA,UAAUC,MAC1CD,UAAUC,MACV,IAzBN,MACE,aAAMC,CACJC,EACAC,EAEAC,GAEA,OAAOA,GACT,GA+BWC,EAAiBlB,MAC5BmB,EACArB,EACAsB,EAAgB,MAEhB,IACE,aAAaC,EAAgBF,EAAMrB,EAASsB,EAC9C,OAASjC,GACP,IAIE,OADAmC,QAAQC,KAAK,sCAAuCpC,SACvCkC,EAAgBF,EAAMrB,EAASsB,EAC9C,OAASjC,GACP,MAAMqC,EAAcrC,EAMpB,OAL4B,MAAxBqC,GAAa1C,SAEfwC,QAAQnC,MAAM,4BACdW,EAAQ2B,UAEH,IACT,CACF,GAYIJ,EAAkBrB,MACtBmB,EACArB,EACAsB,EAAgB,MAEhB,MAAMf,QACJA,EAAAqB,aACAA,SAC4Df,EAAKG,QACjE,mBACA,CAAEa,KAAM,WACR3B,SACS4B,EAAc9B,EAASsB,KAIlC,IAAKf,EACH,OAAO,KAGT,IAAKqB,EACH,OAAOrB,EAqCT,aAlC+CM,EAAKG,QAClD,mBACA,CAAEa,KAAM,cACR3B,UACE,MAAQK,QAAAA,EAASqB,aAAAA,EAAAA,eAAcG,GAAmBD,EAChD9B,EACAsB,GAGF,IAAKf,EACH,OAAO,KAGT,IAAKqB,EACH,OAAOrB,EAGT,IACE,MAAMyB,QAAiBX,EAAKY,aAAa,CACvCA,aAAc1B,EAAQ0B,eAIxB,OAFAjC,EAAQY,IAAIoB,EAASjD,MAEdiD,EAASjD,IAClB,OAASM,GACP,IAAK0C,EACH,OAAOxB,EAGT,MAAMlB,CACR,IAIG,EAWHyC,EAAgB,CAAC9B,EAAyBsB,EAAgB,MAC9D,MAAMf,EAAUP,EAAQQ,MACxB,IAAKD,EACH,MAAO,CAAEA,QAAS,KAAMqB,cAAc,EAAOG,gBAAgB,GAG/D,IAAKxB,EAAQ2B,eAAiB3B,EAAQ2B,aAAaC,IAGjD,MAAO,CAAE5B,UAASqB,cAAc,EAAMG,gBAAgB,GAIxD,GAAsB,IAAlBT,EACF,MAAO,CAAEf,UAASqB,cAAc,EAAMG,gBAAgB,GAGxD,MAAMK,EAAcC,KAAKC,MACzB,OAAI/B,EAAQ2B,aAAaC,IAAMC,EAA8B,IAAhBd,EACpC,CAAEf,UAASqB,cAAc,EAAOG,gBAAgB,GAGlD,CACLxB,UACAqB,cAAc,EACdG,eAAgBxB,EAAQ2B,aAAaC,IAAMC,EAAA,EC/IlCG,EAA2B,CACtClB,EACArB,EACAI,KAIA,MAAMkB,cAAEA,EAAgB,IAAkB,CAAA,EAG1C,OAAQrB,GACNC,MAAOC,EAAaC,EAAuB,CAAA,KAEzC,GAoBN,SAAiCD,EAAaC,GAC5C,MAAMnB,EAAU,IAAIoB,QAAQD,EAAQnB,SAAW,CAAA,GAG/C,GAAIA,EAAQqB,IAAI,iBACd,OAAO,EAIT,GAAIH,EAAIqC,SAAS,aACf,OAAO,EAGT,OAAO,CACT,CAlCUC,CAAwBtC,EAAKC,GAC/B,OAAOH,EAAKE,EAAKC,GAGnB,UACQgB,EAAeC,EAAMrB,EAASsB,EACtC,CAAA,MAEA,CACA,OAAOrB,EAAKE,EAAKC,EAAO,CAC1B,ECzBG,MAAMsC,EACX1C,GA4BQC,GACNC,MAAOC,EAAaC,KAElB,MAAM4B,QAAiB/B,EAAKE,EAAKC,GAEjC,IAEE,GAAID,EAAIqC,SAAS,YAGf,OADAxC,EAAQ2B,SACDK,EAIT,GACE7B,EAAIqC,SAAS,WACbrC,EAAIwC,SAAS,aACbxC,EAAIwC,SAAS,YACb,CAEA,MAAMC,EAAiBZ,EAASa,QAG1B9D,QAAc6D,EAAeE,OAAOC,OAAM,IAAM,OAItD,GAAIhE,EAAM,CAER,MAAMwB,EAjDS,CACvBxB,GAEoB,iBAATA,EACF,KAGL,YAAaA,EAERA,EAAKwB,SAAW,KAGrB,gBAAiBxB,GAAQ,iBAAkBA,GAAQ,SAAUA,EAExDA,EAGF,KAgCiBiE,CAAiBjE,GAG7BwB,GAASE,aAAeF,EAAQ0B,cAClCjC,EAAQY,IAAIL,EAEhB,CACF,CACF,OAASlB,GACPmC,QAAQC,KAAK,wCAAyCpC,EACxD,CAGA,OAAO2C,CAAA,ECzBPiB,EAAmBC,GAChBA,EAAMC,WAAW,MAAQD,EAAMV,SAAS,KAG3CY,EAAsBF,GACrBA,GAAmB,OAAVA,EAEPA,EACJG,MAAM,GAAG,GACTC,MAAM,KACN5D,KAAK6D,GAASA,EAAKC,OAAOC,QAAQ,WAAY,QALZ,GCrChC,MAAMC,EACMC,WAOjB,WAAAzE,CAAYkB,GACVN,KAAK6D,WAAavD,GAASuD,YAfI,cAgBjC,CAMA,GAAAnD,GACE,IACE,MAAM0C,EAAQU,OAAOC,aAAaC,QAAQhE,KAAK6D,YAC/C,OAAOT,EAASa,KAAKC,MAAMd,GAAqB,IAClD,CAAA,MAEE,OADApD,KAAK6B,SACE,IACT,CACF,CAMA,GAAAf,CAAIsC,GACFU,OAAOC,aAAaI,QAAQnE,KAAK6D,WAAYI,KAAKG,UAAUhB,GAC9D,CAKA,MAAAvB,GACEiC,OAAOC,aAAaM,WAAWrE,KAAK6D,WACtC,EAOK,MAAMS,EACH7D,QAA0B,KAMlC,GAAAC,GACE,OAAOV,KAAKS,OACd,CAMA,GAAAK,CAAIsC,GACFpD,KAAKS,QAAU2C,CACjB,CAKA,MAAAvB,GACE7B,KAAKS,QAAU,IACjB,ECvFK,MAAM8D,EACMrE,QACTsE,gBAAkBC,IAM1B,WAAArF,CAAYc,GACVF,KAAKE,QAAUA,CACjB,CAMA,GAAAQ,GACE,OAAOV,KAAKE,QAAQQ,KACtB,CAMA,GAAAI,CAAIsC,GACF,MAAMhB,EFxBuB,CAACzB,IAChC,MAAM+D,EAAI/D,EAAY6C,MAAM,KAC5B,GAAiB,IAAbkB,EAAE7E,SAAiB6E,EAAE,GACvB,MAAM,IAAI1F,MAAM,+BAGlB,MAAMoD,EAAe6B,KAAKC,MACR,oBAATS,KACHA,KAAKD,EAAE,IACPE,OAAOC,KAAKH,EAAE,GAAI,UAAUI,SAAS,UAIrCC,EAC2B,iBAAxB3C,EAAkB,IACC,IAAtBA,EAAkB,SAClB,EACAC,EAC2B,iBAAxBD,EAAkB,IACC,IAAtBA,EAAkB,SAClB,EAGA4C,EAAe5C,EAAa,gCAG5B6C,EAAkBD,EACpBE,OAAOC,QAAQH,GAAcI,QAC3B,CAACC,GAAMC,EAAKlC,MACW,iBAAVA,GAAsBD,EAAgBC,GAC/CiC,EAAIC,GAAOhC,EAAmBF,GAE9BiC,EAAIC,GAAOlC,EAENiC,IAET,CAAA,QAEF,EAEJ,MAAO,IACFjD,EACH2C,MACA1C,MACA,+BAAgC4C,EAAA,EEpBXM,CAAkBnC,EAAMzC,aACvC6E,EAAiB,IAClBpC,EACHhB,gBAGFpC,KAAKE,QAAQY,IAAI0E,GACjBxF,KAAKyF,kBAAkBD,EACzB,CAKA,MAAA3D,GACE7B,KAAKE,QAAQ2B,SACb7B,KAAKyF,kBAAkB,KACzB,CAOA,QAAAC,CAASrE,GAGP,OAFArB,KAAKwE,YAAYmB,IAAItE,GAEd,KACLrB,KAAKwE,YAAYoB,OAAOvE,EAAQ,CAEpC,CAMQ,iBAAAoE,CAAkBhF,GACxB,IAAA,MAAWoF,KAAc7F,KAAKwE,YAC5B,IACEqB,EAAWpF,EACb,OAASlB,GACPmC,QAAQnC,MAAM,8BAA+BA,EAC/C,CAEJ,EAYK,MAAMuG,EAAgB,IACL,oBAAXhC,OACF,IAAIF,EAEN,IAAIU,EC3DAyB,EAAyD,EACpExE,OACArB,UACA8F,UACAC,YACAC,qBAEA,MAAMC,EAA2B,CAC/B1D,EAAyBlB,EAAM2E,GAC/BtD,EAAoCsD,GACpCjG,EAA4BiG,IAG9B,IAAA,MAAWE,KAAMD,EACf5E,EAAK8E,kBAAkBD,GACvBlG,EAAQmG,kBAAkBD,GAC1BJ,EAAQK,kBAAkBD,GAC1BH,EAAUI,kBAAkBD,EAC9B,EAQWE,EAAyD,EACpE/E,OACArB,UACA8F,UACAC,YACAC,qBAEA,MAAMC,EAA2B,CAC/BvD,EAAoCsD,GACpCjG,EAA4BiG,IAG9B,IAAA,MAAWE,KAAMD,EACf5E,EAAK8E,kBAAkBD,GACvBlG,EAAQmG,kBAAkBD,GAC1BJ,EAAQK,kBAAkBD,GAC1BH,EAAUI,kBAAkBD,EAC9B,EAkDK,MAAMG,EAKXhF,KAMArB,QAMA8F,QAMAC,UAMAC,eAYA,WAAA9G,CACEmC,EACArB,EACA8F,EACAC,EACAC,GAEAlG,KAAKuB,KAAOA,EACZvB,KAAKE,QAAUA,EACfF,KAAKgG,QAAUA,EACfhG,KAAKiG,UAAYA,EACjBjG,KAAKkG,eAAiBA,CACxB,CAkBA,cAAAM,GACE,OAAOxG,KAAKkG,eAAexF,KAC7B,CAsBA,oBAAMY,CAAeE,EAAgB,IACnC,OAAOF,EAAetB,KAAKuB,KAAMvB,KAAKkG,eAAgB1E,EACxD,CAiBA,YAAAiF,GACEzG,KAAKkG,eAAerE,QACtB,EAgGK,SAAS6E,EACdpG,EAA8B,IAE9B,MAAMqG,UACJA,EAAAC,OACAA,EAAAC,QACAA,EAAAC,WACAA,EAAAC,WACAA,EAAAC,aACAA,EAAA9G,QACAA,EAAU4F,IAAAmB,UACVA,EAAY,IACV3G,EAEE4F,EAAiB,IAAI3B,EAAerE,GAGpCgH,EAAcC,EAAmB,OAAQR,EAAWC,EAAQC,GAC5DO,EAAiBD,EACrB,UACAR,EACAC,EACAE,GAEIO,EAAiBF,EACrB,UACAR,EACAC,EACAG,GAEIO,EAAmBH,EACvB,YACAR,EACAC,EACAI,GAIIzF,EC6sDuB,EAC7BgG,EACA7I,EAAkC,MAElC,IAAII,EAAQL,EAAoBC,GAqyChC,MAAO,CACL6I,UACAlB,kBAryCyBxH,IACzBH,EAAe8I,KAAK3I,GACpBC,EAAQL,EAAoBC,EAAc,EAoyC1C+I,QAlyCcrH,MACdE,IAEA,MAAMD,EAAM,GAAGkH,0BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAHsB2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIhE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAywCf4I,gBArwCsB3H,MACtBE,IAEA,MAAMD,EAAM,GAAGkH,qBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALiD2I,EAC/C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA0uCf6I,sBAtuC4B5H,MAC5BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,4BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAwsCf8I,eApsCqB7H,MACrBE,IAEA,MAAMD,EAAM,GAAGkH,YACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA2qCf+I,gBAvqCsB9H,MACtBE,IAEA,MAAMD,EAAM,GAAGkH,YACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAIA,MAAO,CACLF,UAHyB,EAIzBC,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAipCfgJ,YA7oCkB/H,MAClBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,iBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAinCfiJ,cA7mCoBhI,MACpBE,IAEA,MAAMD,EAAM,GAAGkH,sBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALoC2I,EAClC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAklCfkJ,UA9kCgBjI,MAChBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,QACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALiC2I,EAC/B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAgjCfmJ,gBA5iCsBlI,MACtBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,qBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA8gCfoJ,oBA1gC0BnI,MAC1BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,0BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL2C2I,EACzC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA4+BfqJ,cAx+BoBpI,MACpBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,mBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA08BfsJ,oBAt8B0BrI,MAC1BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,oBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAw6BfuJ,eAp6BqBtI,MACrBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,qBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAw4BfwJ,qBAp4B2BvI,MAC3BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,4BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL4C2I,EAC1C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAs2BfyJ,wBAl2B8BxI,MAC9BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,8BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAs0Bf0J,sBAl0B4BzI,MAC5BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,4BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAsyBf2J,4BAlyBkC1I,MAClCnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,gCACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALgD2I,EAC9C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAowBf4J,UAhwBgB3I,MAChBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,eACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkuBf6J,kBA9tBwB,CACxBC,EACAC,KAEA,MAAMC,EACJD,GACAhE,OAAOC,QAAQ+D,GACZtJ,KAAI,EAAE0F,EAAKlC,MACV,MAAMgG,EAAc5J,MAAMC,QAAQ2D,GAC9BA,EAAMtD,KAAK,KACM,iBAAVsD,EACLa,KAAKG,UAAUhB,GACdA,EACP,MAAO,GAAGkC,KAAO+D,mBAAmBD,IAAY,IAEjDtJ,KAAK,KAKV,OAHYqJ,EACR,GAAG5B,qBAA2B0B,KAAYE,IAC1C,GAAG5B,qBAA2B0B,GAC3B,EA2sBPK,kBAxsBwBlJ,MACxB6I,EACA3I,KAEA,MAAMD,EAAM,GAAGkH,qBAA2B0B,oBACpCvB,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL+B2I,EAC7B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA4qBfoK,eAxqBqBnJ,MACrBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,oBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALiD2I,EAC/C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA0oBfqK,qBAtoB2BpJ,MAC3BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,2BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAwmBfsK,QApmBcrJ,MACdnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,YACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAwkBfuK,oBApkB0BtJ,MAC1BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,0BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAsiBfwK,eAliBqBvJ,MACrBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,oBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALkD2I,EAChD3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAogBfyK,qBAhgB2BxJ,MAC3BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,2BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8B2I,EAC5B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkefgD,aA9dmB/B,MACnBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,UACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAHuB2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIjE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkcf0K,qBA9b2BzJ,MAC3B6I,EACAhK,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,oBAA0B0B,IACnCvB,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL+B2I,EAC7B3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA+Zf2K,YA3ZkB1J,MAClBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,iBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAHsB2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIhE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA+Xf4K,QA3Xc3J,MACdE,IAEA,MAAMD,EAAM,GAAGkH,SACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAHoB2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAI9D1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkWf6K,gBA9VsB5J,MACtBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,qBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkUf8K,gBA9TsB7J,MACtBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,sBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkSf+K,sBA9R4B9J,MAC5BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,uCACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkQfgL,oBA9P0B/J,MAC1BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,aACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkOfiL,mBA9NyBhK,MACzBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,kBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkMfkL,uBA9L6BjK,MAC7BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,wBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH0B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAIpE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkKfmL,eA9JqBlK,MACrBE,IAEA,MAAMD,EAAM,GAAGkH,sBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALkD2I,EAChD3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAmIfoL,qBA/H2BnK,MAC3BnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,yBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,CACP,eAAgB,sBACbmB,GAASnB,SAEdF,KAAMgF,KAAKG,UAAUnF,KAGvB,GAAIyI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL4C2I,EAC1C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAiGfqL,gBA7FuBtB,IACvB,MAAMC,EACJD,GACAhE,OAAOC,QAAQ+D,GACZtJ,KAAI,EAAE0F,EAAKlC,MACV,MAAMgG,EAAc5J,MAAMC,QAAQ2D,GAC9BA,EAAMtD,KAAK,KACM,iBAAVsD,EACLa,KAAKG,UAAUhB,GACdA,EACP,MAAO,GAAGkC,KAAO+D,mBAAmBD,IAAY,IAEjDtJ,KAAK,KAKV,OAHYqJ,EACR,GAAG5B,YAAkB4B,IACrB,GAAG5B,UACA,EA6EPkD,WA1EiBrK,MACjBE,IAEA,MAAMD,EAAM,GAAGkH,YACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALqC2I,EACnC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA8Cf,EDhiGWuL,CAAiBxD,GACxByD,EEkOuB,EAC7BpD,EACA7I,EAAkC,MAElC,IAAII,EAAQL,EAAoBC,GA+chC,MAAO,CACL6I,UACAlB,kBA/cyBxH,IACzBH,EAAe8I,KAAK3I,GACpBC,EAAQL,EAAoBC,EAAc,EA8c1CkM,YA5ckBxK,MAClBnB,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,UACTsD,EAAW,IAAIC,SACfC,EACiB,oBAAd/J,WACyC,gBAA/CA,UAAmCgK,aACZ,IAAtB/L,EAAK,cACP4L,EAASI,OAAO,YAAahM,EAAK,mBAET,IAAvBA,EAAK,eACPA,EAAK,cAAciM,SAAS9H,IACtB2H,EACFF,EAASI,OAAO,aAAc,CAC5BE,OAAQlH,KAAKG,UAAUhB,GACvBgI,KAAM,mBACNC,KAAM,KAGRR,EAASI,OACP,aACA,IAAIK,KAAK,CAACrH,KAAKG,UAAUhB,IAAS,CAAEgI,KAAM,qBAC1C,GAEJ,SAGmB,IAAnBnM,EAAK,WACPA,EAAK,UAAUiM,SAAS9H,IACtByH,EAASI,OAAO,SAAU7H,EAAK,IAInC,MAAMsE,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACR1I,KAAM4L,IAGR,GAAInD,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALsC2I,EACpC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAoZfoM,WAhZiBnL,MACjBoL,EACAlL,KAEA,MAAMD,EAAM,GAAGkH,WAAiBiE,IAC1B9D,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,SACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAIA,MAAO,CACLF,UAHyB,EAIzBC,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAyXfsM,QArXcrL,MACdoL,EACAtC,EACA5I,KAEA,MAAM6I,EACJD,GACAhE,OAAOC,QAAQ+D,GACZtJ,KAAI,EAAE0F,EAAKlC,MACV,MAAMgG,EAAc5J,MAAMC,QAAQ2D,GAC9BA,EAAMtD,KAAK,KACM,iBAAVsD,EACLa,KAAKG,UAAUhB,GACdA,EACP,MAAO,GAAGkC,KAAO+D,mBAAmBD,IAAY,IAEjDtJ,KAAK,KAEJO,EAAM8I,EACR,GAAG5B,WAAiBiE,KAAMrC,IAC1B,GAAG5B,WAAiBiE,IAClB9D,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAIA,MAAO,CACLF,WAH0ByI,EAAIgE,OAI9BxM,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA8UfwM,uBA1U6BvL,MAC7BoL,EACAtC,EACA5I,KAEA,MAAM6I,EACJD,GACAhE,OAAOC,QAAQ+D,GACZtJ,KAAI,EAAE0F,EAAKlC,MACV,MAAMgG,EAAc5J,MAAMC,QAAQ2D,GAC9BA,EAAMtD,KAAK,KACM,iBAAVsD,EACLa,KAAKG,UAAUhB,GACdA,EACP,MAAO,GAAGkC,KAAO+D,mBAAmBD,IAAY,IAEjDtJ,KAAK,KAEJO,EAAM8I,EACR,GAAG5B,WAAiBiE,KAAMrC,IAC1B,GAAG5B,WAAiBiE,IAClB9D,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAIA,MAAO,CACLF,UAHyB,EAIzBC,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAmSfyM,YA/RkBxL,MAClBoL,EACAvM,EACAqB,KAEA,MAAMD,EAAM,GAAGkH,WAAiBiE,IAC1BX,EAAW,IAAIC,SACfC,EACiB,oBAAd/J,WACyC,gBAA/CA,UAAmCgK,aACb,IAArB/L,EAAe,WACb8L,EACFF,EAASI,OAAO,WAAY,CAC1BE,OAAQlH,KAAKG,UAAUnF,EAAe,UACtCmM,KAAM,mBACNC,KAAM,KAGRR,EAASI,OACP,WACA,IAAIK,KAAK,CAACrH,KAAKG,UAAUnF,EAAe,WAAK,CAC3CmM,KAAM,qBAER,UAIe,IAAjBnM,EAAW,MACb4L,EAASI,OAAO,OAAQhM,EAAW,MAGrC,MAAMyI,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACR1I,KAAM4L,IAGR,GAAInD,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAGd,MAAO,CACL5I,KAH4B2I,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EAItE1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA6Of0M,oBAzO0BzL,MAC1BoL,EACAlL,KAEA,MAAMD,EAAM,GAAGkH,WAAiBiE,iBAC1B9D,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALoC2I,EAClC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA6Mf2M,qBAzM2B1L,MAC3BE,IAEA,MAAMD,EAAM,GAAGkH,+BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL+C2I,EAC7C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA8Kf4M,oBA1K0B3L,MAC1BE,IAEA,MAAMD,EAAM,GAAGkH,uBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL8C2I,EAC5C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EA+If6M,mBA3IyB5L,MACzBE,IAEA,MAAMD,EAAM,GAAGkH,6BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL6C2I,EAC3C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAgHf8M,qBA5G2B7L,MAC3BE,IAEA,MAAMD,EAAM,GAAGkH,0BACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL+C2I,EAC7C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAiFf+M,kBA7EwB9L,MACxBE,IAEA,MAAMD,EAAM,GAAGkH,qBACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,OACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KAL4C2I,EAC1C3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkDfsL,WA9CiBrK,MACjBE,IAEA,MAAMD,EAAM,GAAGkH,YACTG,QAAY5I,EAAMuB,EAAK,IACxBC,EACHqH,OAAQ,MACRxI,QAAS,IACJmB,GAASnB,WAIhB,GAAIuI,EAAIxI,QAAU,IAAK,CACrB,MAAM0I,EAAe,CAAC,KAAK/E,SAAS6E,EAAIxI,QAAU,WAAawI,EAAIG,OAC7DC,EAAmBF,EAAe3D,KAAKC,MAAM0D,GAAgB,CAAA,EACnE,MAAM,IAAI7I,EAAW+I,EAASJ,EAAIxI,OAAQwI,EAAIvI,QAChD,CAEA,MAAMyI,EAAe,CAAC,IAAK,IAAK,KAAK/E,SAAS6E,EAAIxI,QAC9C,WACMwI,EAAIG,OAKd,MAAO,CACL5I,KALkC2I,EAChC3D,KAAKC,MAAM0D,GACX,CAAA,EAIF1I,OAAQwI,EAAIxI,OACZC,QAASuI,EAAIvI,QAAA,EAkBf,EFnsBoBgN,CAAoB/E,EAAgB,IACpDgF,EG3RuB,EAC7B/L,EACA3B,EAAkC,MAElC,IAAI2N,EAAgB5N,EAAoBC,GAExC,MAKM4N,EAAmBlM,MAIvBc,EACAZ,KAEA,MAAM4B,QAAiBmK,EAAc,GAAGhM,IAAO,CAC7CsH,OAAQ,OACRxI,QAAS,CACP,eAAgB,oBAElBF,KAAMgF,KAAKG,UAAUlD,MAClBZ,IAGCrB,QAAaiD,EAAS2F,OACtB0E,EACJtN,EAAOgF,KAAKC,MAAMjF,GAAQ,CAAA,EAGtBuN,EAAO,CACXvN,KAAMsN,EACNrN,OAAQgD,EAAShD,OACjBC,QAAS+C,EAAS/C,SAGpB,GAAIoN,EAAKE,OACP,MAAM,IAAI1N,EAAWwN,EAAMrK,EAAShD,OAAQgD,EAAS/C,SAGvD,OAAOqN,CAAA,EAuCT,MAAO,CACLtL,QA5BF,SACEwL,EAGAC,EACArM,GAEA,GAAiC,iBAAtBoM,GAAkC,SAAUA,EAAmB,CACxE,MAAME,EAAaF,EAAkBG,YAAY,GAE3C3L,EAAsC,CAC1C4L,MAAOJ,EAAkBK,KAAKC,OAAO/N,MAAQ,GAC7CgO,UAAWN,EACXO,cACEN,GAAc,SAAUA,EACpBA,EAAWvB,MAAMjI,WACjB,GAER,OAAOkJ,EAAiBpL,EAASZ,EACnC,CAIE,OAAOgM,EAFSI,EACOC,EAG3B,EAIEtM,MACAgG,kBA9EyBxH,IACzBH,EAAe8I,KAAK3I,GACpBwN,EAAgB5N,EAAoBC,EAAc,EA4ElD,EHuMoByO,CAAoB9F,EAAgB,IACpD+F,EIlUuB,EAC7B7F,EACA7I,EAAkC,MAElC,IAAI2N,EAAgB5N,EAAoBC,GAExC,MAeMI,EAAQsB,MACZiN,EACA/M,KAEA,MAAMkM,QAAaH,EAAc,GAAG9E,IAAU8F,IAAQ/M,GAEtD,IAAIrB,EAWJ,GAREA,EADEuN,EAAKrN,QAAQuB,IAAI,iBAAiBmC,SAAS,0BAC/B2J,EAAKxJ,OACVwJ,EAAKrN,QAAQuB,IAAI,iBAAiB2C,WAAW,eACzCmJ,EAAK3E,aAEL2E,EAAKd,QAIfc,EAAKc,GACR,MAAM,IAAIvO,EAAWE,EAAMuN,EAAKtN,OAAQsN,EAAKrN,SAG/C,MAAO,CACLD,OAAQsN,EAAKtN,OACbD,OACAE,QAASqN,EAAKrN,QAAA,EAuClB,MAAO,CACLoI,UACAzI,MAAAA,EACAyO,KAxBWnN,MACXiN,EACApO,EACAqB,EAAuB,CAAA,KAGvB,MAAMkN,EAA8B,IAC/BlN,EACHqH,OAAQ,OACRxI,QAAS,CACPsO,OAAQ,mBACR,eAAgB,sBACbnN,EAAQnB,SAEbF,KAAMA,EAAOgF,KAAKG,UAAUnF,QAAQ,GAGtC,OAAOH,EAASuO,EAAMG,EAAc,EAQpCnH,kBAlFyBxH,IACzBH,EAAe8I,KAAK3I,GACpBwN,EAAgB5N,EAAoBC,EAAc,EAgFlD,EJ0OsBgP,CAAsBpG,EAAkB,IAGhE,IAAA,MAAWqG,KAAY1G,EACrB0G,EAAS,CACPpM,OACArB,QAASyK,EACT3E,QAASoG,EACTnG,UAAWmH,EACXlH,mBAKJ,OAAO,IAAIK,EACThF,EACAoJ,EACAyB,EACAgB,EACAlH,EAEJ,CKxWO,MAAMiB,EAAqB,CAChCyG,EACAjH,EACAC,EACAiH,IAEIA,IAEOlH,GAAaC,EACf,WAAWD,KAAaiH,KAAehH,iBAEvC,iBAAiBgH,uCLmZrB,SAAsBtN,EAA8B,IACzD,MAAMJ,EAAUI,EAAQJ,SAAW4F,IAEnC,OAAOY,EAAkB,IACpBpG,EACHJ,UACA+G,UAAW,CAAClB,KAAqCzF,EAAQ2G,WAAa,KAE1E,6CAgIO,SACL3G,GAEA,OAAOoG,EAAkB,IACpBpG,EACH2G,UAAW,CAACX,KAAqChG,EAAQ2G,WAAa,KAE1E,4CA5fO,SACL6G,GAEA,MAAO,EAAG5N,UAAS8F,UAASC,gBAC1B,MAAM8H,GMlBPzN,ENkBoDwN,EMjBpD3N,GACDC,MAAOC,EAAamN,EAA8B,MAChD,MAAMrO,EAAU,IAAIoB,QAAQiN,EAAerO,SAAW,CAAA,GAatD,GAVKA,EAAQqB,IAAI,0BACfrB,EAAQ2B,IAAI,wBAAyBR,EAAQ0N,aAI3C1N,EAAQ2N,OAAS9O,EAAQqB,IAAI,kBAC/BrB,EAAQ2B,IAAI,gBAAiBR,EAAQ2N,MAInC3N,EAAQ4N,iBACV,IAAA,MAAY5I,EAAKlC,KAAU8B,OAAOC,QAAQ7E,EAAQ4N,kBAAmB,CAEnE,MAAMC,EAAY7I,EAAIjC,WAAW,aAAeiC,EAAM,YAAYA,IAG7DnG,EAAQqB,IAAI2N,IACfhP,EAAQ2B,IAAIqN,EAAW/K,EAE3B,CAGF,OAAOjD,EAAKE,EAAK,IAAKmN,EAAgBrO,WAAS,GA5BjD,IAACmB,ENoBCJ,EAAQmG,kBAAkB0H,GAC1B/H,EAAQK,kBAAkB0H,GAC1B9H,EAAUI,kBAAkB0H,EAAe,CAE/C"}