@nsshunt/stsoauth2plugin 0.0.5 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (26) hide show
  1. package/dist/311.index.js +5 -0
  2. package/dist/311.index.js.LICENSE.txt +1 -0
  3. package/dist/384.index.js +1 -0
  4. package/dist/index.js +5 -11
  5. package/dist/index.js.LICENSE.txt +1 -0
  6. package/package.json +14 -6
  7. package/src/stsoauth2manager.ts +8 -8
  8. package/src/stsoauth2worker.ts +3 -3
  9. package/types/stsoauth2worker.d.ts +1 -1
  10. package/types/stsoauth2worker.d.ts.map +1 -1
  11. package/webpack.config.js +48 -0
  12. package/dist/Utils/CryptoUtils.js +0 -32
  13. package/dist/Utils/CryptoUtils.js.map +0 -1
  14. package/dist/Utils/QueryParams.js +0 -49
  15. package/dist/Utils/QueryParams.js.map +0 -1
  16. package/dist/index.js.map +0 -1
  17. package/dist/index.test.js +0 -8
  18. package/dist/index.test.js.map +0 -1
  19. package/dist/stsStorage.js +0 -152
  20. package/dist/stsStorage.js.map +0 -1
  21. package/dist/stsoauth2manager.js +0 -320
  22. package/dist/stsoauth2manager.js.map +0 -1
  23. package/dist/stsoauth2types.js +0 -29
  24. package/dist/stsoauth2types.js.map +0 -1
  25. package/dist/stsoauth2worker.js +0 -553
  26. package/dist/stsoauth2worker.js.map +0 -1
package/dist/stsoauth2types.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"stsoauth2types.js","sourceRoot":"","sources":["../src/stsoauth2types.ts"],"names":[],"mappings":"AAEA,MAAM,CAAN,IAAY,4BAIX;AAJD,WAAY,4BAA4B;IACvC,6CAAa,CAAA;IACb,qDAAqB,CAAA;IACrB,+CAAe,CAAA;AAChB,CAAC,EAJW,4BAA4B,KAA5B,4BAA4B,QAIvC;AAED,MAAM,CAAN,IAAY,4BAIX;AAJD,WAAY,4BAA4B;IACvC,+CAAe,CAAA;IACf,qDAAqB,CAAA;IACrB,uDAAuB,CAAA;AACxB,CAAC,EAJW,4BAA4B,KAA5B,4BAA4B,QAIvC;AA0BD,MAAM,CAAN,IAAY,eAIX;AAJD,WAAY,eAAe;IAC1B,4DAAyC,CAAA;IACzC,4DAAyC,CAAA;IACzC,kDAA+B,CAAA;AAChC,CAAC,EAJW,eAAe,KAAf,eAAe,QAI1B;AAuCD,kBAAkB;AAElB,MAAM,CAAN,IAAY,sBAOX;AAPD,WAAY,sBAAsB;IACjC,4DAAkC,CAAA;IAClC,iDAAuB,CAAA;IACvB,4DAAkC,CAAA;IAClC,2CAAiB,CAAA;IACjB,kEAAwC,CAAA;IACxC,yCAAe,CAAA;AAChB,CAAC,EAPW,sBAAsB,KAAtB,sBAAsB,QAOjC"}
package/dist/stsoauth2worker.js DELETED
@@ -1,553 +0,0 @@
1
- var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
2
- if (kind === "m") throw new TypeError("Private method is not writable");
3
- if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
4
- if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
5
- return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
6
- };
7
- var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
8
- if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
9
- if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
10
- return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
11
- };
12
- var _STSOAuth2Worker_clientSessionStore, _STSOAuth2Worker_cUtils, _STSOAuth2Worker_qParams, _STSOAuth2Worker_STORAGE_AUTHORIZE_OPTIONS_KEY, _STSOAuth2Worker_STORAGE_SESSION_KEY, _STSOAuth2Worker_aic, _STSOAuth2Worker_errorCallback, _STSOAuth2Worker_handleAuthenticateEvent, _STSOAuth2Worker_oauthWorkerPort, _STSOAuth2Worker_currentMessageId, _STSOAuth2Worker_ProcessCommand, _STSOAuth2Worker_RestoreSession, _STSOAuth2Worker_Authorize, _STSOAuth2Worker_HandleRedirect, _STSOAuth2Worker_GetTokenFromBroker, _STSOAuth2Worker_GetToken, _STSOAuth2Worker_RefreshToken, _STSOAuth2Worker_Logout;
13
- import Debug from "debug";
14
- const debug = Debug(`proc:${process.pid}:stsoauth2worker.ts`);
15
- import 'colors';
16
- import axios from "axios";
17
- import { OAuth2ParameterType } from '@nsshunt/stsutils';
18
- import CryptoUtils from './Utils/CryptoUtils';
19
- import QueryParams from './Utils/QueryParams';
20
- import jwt_decode from "jwt-decode";
21
- import { ClientStorageType, ClientStorageFactory } from './stsStorage';
22
- import { StatusCodes } from 'http-status-codes';
23
- import { AuthorizeOptionsResponseType, AuthorizeOptionsResponseMode, OAuthGrantTypes, IOauth2ListenerCommand } from './stsoauth2types';
24
- const CreateRandomString = (size = 43) => {
25
- const randomValues = Array.from(self.crypto.getRandomValues(new Uint8Array(size)));
26
- const b64 = window.btoa(String.fromCharCode(...randomValues));
27
- return b64;
28
- //return randomValues.toString('base64');
29
- };
30
- // STS Client SDK for SPAs
31
- class STSOAuth2Worker {
32
- constructor(workerPort) {
33
- //this.#store = app.config.globalProperties.$store;
34
- //#storageManager = null;
35
- _STSOAuth2Worker_clientSessionStore.set(this, null); // In memory tokens while the client is logged in
36
- _STSOAuth2Worker_cUtils.set(this, new CryptoUtils());
37
- _STSOAuth2Worker_qParams.set(this, new QueryParams());
38
- _STSOAuth2Worker_STORAGE_AUTHORIZE_OPTIONS_KEY.set(this, 'authorize_options.stsmda.com.au');
39
- _STSOAuth2Worker_STORAGE_SESSION_KEY.set(this, 'session.stsmda.com.au');
40
- _STSOAuth2Worker_aic.set(this, null);
41
- _STSOAuth2Worker_errorCallback.set(this, null); //@@ will be replaced with a message back
42
- //#store = null;
43
- _STSOAuth2Worker_handleAuthenticateEvent.set(this, null);
44
- _STSOAuth2Worker_oauthWorkerPort.set(this, null);
45
- _STSOAuth2Worker_currentMessageId.set(this, 0);
46
- // Attempt to restore a previous session using the STSBroker
47
- /*
48
- { parameterType: OAuth2ParameterType.CLIENT_ID, errorType: authErrorType.CLIENT_ID_MISMATCH },
49
- { parameterType: OAuth2ParameterType.SCOPE, errorType: authErrorType.SCOPE_MISMATCH }
50
- { parameterType: OAuth2ParameterType.REDIRECT_URI, errorType: authErrorType.REDIRECT_URI_MISMATCH },
51
- { parameterType: OAuth2ParameterType.AUDIENCE, errorType: authErrorType.SCOPE_MISMATCH }
52
-
53
- Successful Response
54
- {
55
- "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
56
- "token_type": "Bearer",
57
- "expires_in": 3599,
58
- "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
59
- "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
60
- "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
61
- }
62
-
63
- Error Response
64
- {
65
- "error": "invalid_scope",
66
- "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
67
- "error_codes": [
68
- 70011
69
- ],
70
- "timestamp": "2016-01-09 02:02:12Z",
71
- }
72
-
73
-
74
- */
75
- this.SetupListener = () => {
76
- __classPrivateFieldGet(this, _STSOAuth2Worker_oauthWorkerPort, "f").onmessage = async (data) => {
77
- const auth2ListenerMessage = data.data;
78
- switch (auth2ListenerMessage.command) {
79
- case IOauth2ListenerCommand.RESTORE_SESSION:
80
- __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, auth2ListenerMessage, await __classPrivateFieldGet(this, _STSOAuth2Worker_RestoreSession, "f").call(this));
81
- break;
82
- case IOauth2ListenerCommand.AUTHORIZE:
83
- __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, auth2ListenerMessage, await __classPrivateFieldGet(this, _STSOAuth2Worker_Authorize, "f").call(this));
84
- break;
85
- case IOauth2ListenerCommand.HANDLE_REDIRECT:
86
- __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, auth2ListenerMessage, await __classPrivateFieldGet(this, _STSOAuth2Worker_HandleRedirect, "f").call(this, auth2ListenerMessage.payload));
87
- break;
88
- case IOauth2ListenerCommand.LOGOUT:
89
- __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, auth2ListenerMessage, await __classPrivateFieldGet(this, _STSOAuth2Worker_Logout, "f").call(this));
90
- break;
91
- default:
92
- throw new Error(`Command: [${auth2ListenerMessage.command}'] not found.`);
93
- }
94
- };
95
- };
96
- _STSOAuth2Worker_ProcessCommand.set(this, async (auth2ListenerMessage, response) => {
97
- const messageResponse = {
98
- messageId: auth2ListenerMessage.messageId,
99
- command: auth2ListenerMessage.command,
100
- payload: response
101
- };
102
- __classPrivateFieldGet(this, _STSOAuth2Worker_oauthWorkerPort, "f").postMessage(messageResponse);
103
- });
104
- _STSOAuth2Worker_RestoreSession.set(this, async () => {
105
- //@@ attempt to get from client storage first
106
- let restoredSessionData = null;
107
- restoredSessionData = __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").get(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"));
108
- if (restoredSessionData !== null) {
109
- console.log('Session restored from client storage.');
110
- if (__classPrivateFieldGet(this, _STSOAuth2Worker_aic, "f")) {
111
- __classPrivateFieldGet(this, _STSOAuth2Worker_aic, "f").UpdateInstrument('m', { LogMessage: 'Session restored from client storage.' });
112
- }
113
- }
114
- else {
115
- const url = `${process.env.BROKER_ENDPOINT}:${process.env.BROKER_PORT}${process.env.BROKER_API_ROOT}/session`;
116
- console.log('RestoreSession');
117
- console.log(url);
118
- if (__classPrivateFieldGet(this, _STSOAuth2Worker_aic, "f")) {
119
- __classPrivateFieldGet(this, _STSOAuth2Worker_aic, "f").UpdateInstrument('m', { LogMessage: 'RestoreSession' });
120
- __classPrivateFieldGet(this, _STSOAuth2Worker_aic, "f").UpdateInstrument('m', { LogMessage: url });
121
- }
122
- try {
123
- const retVal = await axios({
124
- method: "post",
125
- url: url,
126
- data: {
127
- [OAuth2ParameterType.CLIENT_ID]: process.env.CLIENT_ID,
128
- [OAuth2ParameterType.SCOPE]: process.env.SCOPE,
129
- [OAuth2ParameterType.REDIRECT_URI]: process.env.REDIRECT_URI,
130
- [OAuth2ParameterType.AUDIENCE]: process.env.AUDIENCE
131
- },
132
- withCredentials: true,
133
- timeout: parseInt(process.env.TIMEOUT),
134
- });
135
- if (retVal.data.status === StatusCodes.OK) {
136
- restoredSessionData = retVal.data.detail;
137
- __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").set(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"), restoredSessionData);
138
- console.log('Session restored from server side cookie.');
139
- //this.#store.commit('stsOAuth2SDK/SessionData', restoredSessionData);
140
- }
141
- else {
142
- //@@ handle error better
143
- //this.#store.commit('stsOAuth2SDK/SessionData', null);
144
- console.log('Could not restore previous session:-');
145
- console.log(JSON.stringify(retVal.data));
146
- }
147
- }
148
- catch (error) {
149
- //@@ handle error better
150
- //this.#store.commit('stsOAuth2SDK/SessionData', null);
151
- console.log('Could not restore previous session (error state):-');
152
- console.log(error);
153
- console.log(JSON.stringify(error));
154
- }
155
- }
156
- //@@ must only use in-memory for this ...
157
- //this.#store.commit('stsOAuth2SDK/SessionData', restoredSessionData);
158
- if (restoredSessionData !== null) {
159
- __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, restoredSessionData.id_token);
160
- console.log('Refreshing tokens ...');
161
- return __classPrivateFieldGet(this, _STSOAuth2Worker_RefreshToken, "f").call(this);
162
- }
163
- else {
164
- __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, null);
165
- return false;
166
- }
167
- });
168
- _STSOAuth2Worker_Authorize.set(this, async () => {
169
- console.log('Authorize ...');
170
- /* MS Example
171
- --------------
172
- https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
173
- client_id=6731de76-14a6-49ae-97bc-6eba6914391e
174
- &response_type=code
175
- &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
176
- &response_mode=query
177
- &scope=offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fuser.read%20api%3A%2F%2F
178
- &state=12345
179
- &code_challenge=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl
180
- &code_challenge_method=S256
181
-
182
- Successful Response
183
-
184
- GET http://localhost?
185
- code=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...
186
- &state=12345
187
-
188
- Error Response
189
- GET http://localhost?
190
- error=access_denied
191
- &error_description=the+user+canceled+the+authentication
192
-
193
- << Hybrid Flow >>
194
-
195
- https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
196
- client_id=6731de76-14a6-49ae-97bc-6eba6914391e
197
- &response_type=code%20id_token
198
- &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
199
- &response_mode=fragment
200
- &scope=openid%20offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fuser.read
201
- &state=12345
202
- &nonce=abcde
203
- &code_challenge=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl
204
- &code_challenge_method=S256
205
-
206
- Successful Response
207
-
208
- GET https://login.microsoftonline.com/common/oauth2/nativeclient#
209
- code=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...
210
- &id_token=eYj...
211
- &state=12345
212
-
213
- Notes:
214
- The nonce is included as a claim inside the returned id_token
215
- Ref: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
216
- */
217
- const client_id = process.env.CLIENT_ID;
218
- const nonce = __classPrivateFieldGet(this, _STSOAuth2Worker_cUtils, "f").CreateRandomString();
219
- const response_type = [AuthorizeOptionsResponseType.CODE];
220
- const redirect_uri = process.env.REDIRECT_URI;
221
- const response_mode = AuthorizeOptionsResponseMode.QUERY;
222
- const scope = process.env.SCOPE;
223
- const state = __classPrivateFieldGet(this, _STSOAuth2Worker_cUtils, "f").CreateRandomString();
224
- const code_verifier = __classPrivateFieldGet(this, _STSOAuth2Worker_cUtils, "f").CreateRandomString();
225
- const code_challenge = await __classPrivateFieldGet(this, _STSOAuth2Worker_cUtils, "f").DigestMessage(code_verifier);
226
- const code_challenge_method = 'S256';
227
- //let audience = process.env.AUDIENCE;
228
- const authorizeOptions = {
229
- client_id,
230
- nonce,
231
- response_type,
232
- redirect_uri,
233
- response_mode,
234
- scope,
235
- state,
236
- code_challenge,
237
- code_challenge_method
238
- };
239
- const url = `${process.env.AUTH_ENDPOINT}:${process.env.AUTH_PORT}${process.env.AUTH_APIROOT}?${__classPrivateFieldGet(this, _STSOAuth2Worker_qParams, "f").CreateQueryParams(authorizeOptions)}`;
240
- console.log(url);
241
- // Now add the code_verifier to the transaction data
242
- authorizeOptions.code_verifier = code_verifier; //@@ Is this is the only thing required across the transaction ?
243
- console.log(`Authorize:authorizeOptions: [${JSON.stringify(authorizeOptions)}]`);
244
- return {
245
- url,
246
- authorizeOptions
247
- };
248
- //window.location.assign(url);
249
- //@@ this may need to be a message back to the plugin to re-direct
250
- //window.location.replace(url);
251
- });
252
- _STSOAuth2Worker_HandleRedirect.set(this, async (payload) => {
253
- const queryVars = payload.queryVars;
254
- const authorizeOptions = payload.authorizeOptions;
255
- console.log('HandleRedirect');
256
- // We have been re-direct back here from the /authorize end-point
257
- console.log(`HandleRedirect:Query Vars: [${JSON.stringify(queryVars)}]`);
258
- if (queryVars[OAuth2ParameterType.CODE]) {
259
- const response = queryVars;
260
- console.log(`authorizeOptions from transaction state: [${JSON.stringify(authorizeOptions)}]`);
261
- const redirectState = response.state;
262
- const authorizeOptionsState = authorizeOptions.state;
263
- if (authorizeOptionsState.localeCompare(redirectState) === 0) {
264
- console.log('redirected state (from queryVars) matched previously saved transaction authorizeOptions state'.green);
265
- return await __classPrivateFieldGet(this, _STSOAuth2Worker_GetToken, "f").call(this, authorizeOptions, response);
266
- }
267
- else {
268
- console.log('redirected state (from queryVars) did NOT match previously saved transaction authorizeOptions state'.red);
269
- __classPrivateFieldGet(this, _STSOAuth2Worker_errorCallback, "f").call(this, { message: 'State un-matched' });
270
- return false;
271
- }
272
- }
273
- else if (queryVars[OAuth2ParameterType.ERROR]) {
274
- const response = queryVars;
275
- //@@ pass error back to parent thread (to the plugin) as a message
276
- const error = response.error;
277
- const errorDescription = response.error_description;
278
- __classPrivateFieldGet(this, _STSOAuth2Worker_errorCallback, "f").call(this, { message: 'State un-matched' });
279
- return false;
280
- }
281
- else {
282
- // Invalid redirect query params
283
- const error = 'Invalid redirect query params'; //@@ fix
284
- const errorDescription = 'Invalid redirect query params description'; //@@ fix
285
- __classPrivateFieldGet(this, _STSOAuth2Worker_errorCallback, "f").call(this, { message: 'State un-matched' });
286
- return false;
287
- }
288
- }
289
- /*
290
- client_id=6731de76-14a6-49ae-97bc-6eba6914391e
291
- &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
292
- &code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...
293
- &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
294
- &grant_type=authorization_code
295
- &code_verifier=ThisIsntRandomButItNeedsToBe43CharactersLong
296
- &client_secret=JqQX2PNo9bpM0uEihUPzyrh // NOTE: Only required for web apps. This secret needs to be URL-Encoded.
297
-
298
- Successful Response
299
- {
300
- "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
301
- "token_type": "Bearer",
302
- "expires_in": 3599,
303
- "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
304
- "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
305
- "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
306
- }
307
- */
308
- // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
309
- );
310
- /*
311
- client_id=6731de76-14a6-49ae-97bc-6eba6914391e
312
- &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
313
- &code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...
314
- &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
315
- &grant_type=authorization_code
316
- &code_verifier=ThisIsntRandomButItNeedsToBe43CharactersLong
317
- &client_secret=JqQX2PNo9bpM0uEihUPzyrh // NOTE: Only required for web apps. This secret needs to be URL-Encoded.
318
-
319
- Successful Response
320
- {
321
- "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
322
- "token_type": "Bearer",
323
- "expires_in": 3599,
324
- "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
325
- "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
326
- "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
327
- }
328
- */
329
- // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
330
- _STSOAuth2Worker_GetTokenFromBroker.set(this, async (authorizationCodeFlowParameters) => {
331
- console.log("#GetTokenFromBroker");
332
- __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").remove(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"));
333
- const url = `${process.env.BROKER_ENDPOINT}:${process.env.BROKER_PORT}${process.env.BROKER_API_ROOT}/token`;
334
- console.log(`#GetTokenFromBroker:url = [${url}]`);
335
- console.log(authorizationCodeFlowParameters);
336
- try {
337
- const retVal = await axios({
338
- method: "post",
339
- url: url,
340
- data: authorizationCodeFlowParameters,
341
- withCredentials: true,
342
- timeout: parseInt(process.env.TIMEOUT),
343
- });
344
- console.log(`retVal: ${JSON.stringify(retVal)}`);
345
- if (retVal.status === StatusCodes.OK) {
346
- console.log('Storing tokens...');
347
- const tokenResponse = retVal.data;
348
- //this.#store.commit('stsOAuth2SDK/SessionData', tokenResponse);
349
- __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, tokenResponse.id_token);
350
- __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").set(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"), tokenResponse);
351
- return true;
352
- }
353
- else if (retVal.status === StatusCodes.UNAUTHORIZED) {
354
- console.log('NOT Storing tokens...');
355
- console.log(retVal.status);
356
- //this.#store.commit('stsOAuth2SDK/SessionData', null);
357
- __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, null);
358
- const response = retVal.data;
359
- //@@ store response in state
360
- //@@ go to error page ??
361
- return false;
362
- }
363
- else {
364
- // General error
365
- console.log('NOT Storing tokens...');
366
- console.log(retVal.status);
367
- //this.#store.commit('stsOAuth2SDK/SessionData', null);
368
- __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, null);
369
- console.log('Could not obtain access_token from token end-point:-');
370
- console.log(JSON.stringify(retVal.data));
371
- //@@ store error in state to show in error page
372
- return false;
373
- }
374
- }
375
- catch (error) {
376
- //this.#store.commit('stsOAuth2SDK/SessionData', null);
377
- __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, null);
378
- //console.log('Could not restore previous session (error state):-');
379
- console.log(error);
380
- console.log(JSON.stringify(error));
381
- //@@ store error in state to show in error page
382
- return false;
383
- }
384
- }
385
- // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
386
- );
387
- // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
388
- _STSOAuth2Worker_GetToken.set(this, async (authorizeOptions, authorizeResponse) => {
389
- console.log("#GetToken");
390
- console.log(authorizeResponse);
391
- __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").set(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"), null);
392
- const authorizationCodeFlowParameters = {
393
- client_id: process.env.CLIENT_ID,
394
- scope: process.env.SCOPE,
395
- code: authorizeResponse.code,
396
- redirect_uri: process.env.REDIRECT_URI,
397
- grant_type: OAuthGrantTypes.AUTHORIZATION_CODE,
398
- code_verifier: authorizeOptions.code_verifier
399
- };
400
- return __classPrivateFieldGet(this, _STSOAuth2Worker_GetTokenFromBroker, "f").call(this, authorizationCodeFlowParameters);
401
- }
402
- /*
403
- // Line breaks for legibility only
404
-
405
- POST /{tenant}/oauth2/v2.0/token HTTP/1.1
406
- Host: https://login.microsoftonline.com
407
- Content-Type: application/x-www-form-urlencoded
408
-
409
- client_id=535fb089-9ff3-47b6-9bfb-4f1264799865
410
- &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
411
- &refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq...
412
- &grant_type=refresh_token
413
- &client_secret=sampleCredentia1s // NOTE: Only required for web apps. This secret needs to be URL-Encoded
414
-
415
- Error Response
416
- {
417
- "error": "invalid_scope",
418
- "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
419
- "error_codes": [
420
- 70011
421
- ],
422
- "timestamp": "2016-01-09 02:02:12Z",
423
- "trace_id": "255d1aef-8c98-452f-ac51-23d051240864",
424
- "correlation_id": "fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7"
425
- }
426
- */
427
- );
428
- /*
429
- // Line breaks for legibility only
430
-
431
- POST /{tenant}/oauth2/v2.0/token HTTP/1.1
432
- Host: https://login.microsoftonline.com
433
- Content-Type: application/x-www-form-urlencoded
434
-
435
- client_id=535fb089-9ff3-47b6-9bfb-4f1264799865
436
- &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
437
- &refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq...
438
- &grant_type=refresh_token
439
- &client_secret=sampleCredentia1s // NOTE: Only required for web apps. This secret needs to be URL-Encoded
440
-
441
- Error Response
442
- {
443
- "error": "invalid_scope",
444
- "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
445
- "error_codes": [
446
- 70011
447
- ],
448
- "timestamp": "2016-01-09 02:02:12Z",
449
- "trace_id": "255d1aef-8c98-452f-ac51-23d051240864",
450
- "correlation_id": "fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7"
451
- }
452
- */
453
- _STSOAuth2Worker_RefreshToken.set(this, async () => {
454
- // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
455
- console.log("RefreshToken");
456
- //let currentSessionData = this.#store.getters['stsOAuth2SDK/SessionData'];
457
- const currentSessionData = __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").get(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"));
458
- if (currentSessionData) {
459
- const refreshFlowParameters = {
460
- client_id: process.env.CLIENT_ID,
461
- scope: process.env.SCOPE,
462
- refresh_token: currentSessionData.refresh_token,
463
- grant_type: OAuthGrantTypes.REFRESH_TOKEN
464
- };
465
- return __classPrivateFieldGet(this, _STSOAuth2Worker_GetTokenFromBroker, "f").call(this, refreshFlowParameters);
466
- }
467
- else {
468
- // show error
469
- //@@ no valid session exists for refresh
470
- return false;
471
- }
472
- }
473
- // call broker to logout
474
- // broker to logout of server
475
- // delete cookie
476
- // clear session storage
477
- // clear all state from $store
478
- );
479
- // call broker to logout
480
- // broker to logout of server
481
- // delete cookie
482
- // clear session storage
483
- // clear all state from $store
484
- _STSOAuth2Worker_Logout.set(this, async () => {
485
- console.log('Logout');
486
- const url = `${process.env.BROKER_ENDPOINT}:${process.env.BROKER_PORT}${process.env.BROKER_API_ROOT}/logout`;
487
- console.log(url);
488
- const currentSessionData = __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").get(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"));
489
- const refresh_token = currentSessionData.refresh_token;
490
- console.log(refresh_token);
491
- const decodedRefreshToken = jwt_decode(refresh_token);
492
- console.log(decodedRefreshToken);
493
- const sessionId = decodedRefreshToken.sts_session;
494
- console.log(sessionId);
495
- __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").remove(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"));
496
- //this.#store.commit('stsOAuth2SDK/SessionData', null);
497
- __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, null);
498
- try {
499
- const retVal = await axios({
500
- method: "post",
501
- url: url,
502
- data: {
503
- sessionId
504
- },
505
- withCredentials: true,
506
- timeout: parseInt(process.env.TIMEOUT),
507
- });
508
- if (retVal.data.status === StatusCodes.OK) {
509
- return true;
510
- }
511
- else {
512
- console.log('Error during logout (server side)');
513
- console.log(JSON.stringify(retVal.data));
514
- return false;
515
- }
516
- }
517
- catch (error) {
518
- console.log('Error during logout (server side)');
519
- console.log(error);
520
- console.log(JSON.stringify(error));
521
- return false;
522
- }
523
- });
524
- // In memory storage for OAuth2 tokens for our valid session
525
- __classPrivateFieldSet(this, _STSOAuth2Worker_clientSessionStore, new ClientStorageFactory({ clientStorageType: ClientStorageType.MEMORY_STORAGE }).GetStorage(), "f");
526
- //@@ needs to be sent the instrument manager controller port
527
- //@@this.#aic = app.config.globalProperties.$sts.aic.PrimaryPublishInstrumentController;
528
- //this.#handleAuthenticateEvent = handleAuthenticateEvent;
529
- __classPrivateFieldSet(this, _STSOAuth2Worker_handleAuthenticateEvent, (id_token) => {
530
- const message = {
531
- messageId: -1,
532
- command: IOauth2ListenerCommand.AUTHENTICATE_EVENT
533
- };
534
- __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, message, id_token);
535
- }, "f");
536
- __classPrivateFieldSet(this, _STSOAuth2Worker_errorCallback, (error) => {
537
- const message = {
538
- messageId: -1,
539
- command: IOauth2ListenerCommand.ERROR
540
- };
541
- __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, message, error);
542
- }, "f");
543
- __classPrivateFieldSet(this, _STSOAuth2Worker_oauthWorkerPort, workerPort, "f");
544
- this.SetupListener();
545
- }
546
- }
547
- _STSOAuth2Worker_clientSessionStore = new WeakMap(), _STSOAuth2Worker_cUtils = new WeakMap(), _STSOAuth2Worker_qParams = new WeakMap(), _STSOAuth2Worker_STORAGE_AUTHORIZE_OPTIONS_KEY = new WeakMap(), _STSOAuth2Worker_STORAGE_SESSION_KEY = new WeakMap(), _STSOAuth2Worker_aic = new WeakMap(), _STSOAuth2Worker_errorCallback = new WeakMap(), _STSOAuth2Worker_handleAuthenticateEvent = new WeakMap(), _STSOAuth2Worker_oauthWorkerPort = new WeakMap(), _STSOAuth2Worker_currentMessageId = new WeakMap(), _STSOAuth2Worker_ProcessCommand = new WeakMap(), _STSOAuth2Worker_RestoreSession = new WeakMap(), _STSOAuth2Worker_Authorize = new WeakMap(), _STSOAuth2Worker_HandleRedirect = new WeakMap(), _STSOAuth2Worker_GetTokenFromBroker = new WeakMap(), _STSOAuth2Worker_GetToken = new WeakMap(), _STSOAuth2Worker_RefreshToken = new WeakMap(), _STSOAuth2Worker_Logout = new WeakMap();
548
- let oAuth2Worker = null;
549
- onmessage = async function (data) {
550
- const workerPort = data.data;
551
- oAuth2Worker = new STSOAuth2Worker(workerPort);
552
- };
553
- //# sourceMappingURL=stsoauth2worker.js.map
package/dist/stsoauth2worker.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"stsoauth2worker.js","sourceRoot":"","sources":["../src/stsoauth2worker.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,OAAO,CAAC,GAAG,qBAAqB,CAAC,CAAC;AAE9D,OAAO,QAAQ,CAAA;AAEf,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAc,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAEpE,OAAO,WAAW,MAAM,qBAAqB,CAAA;AAC7C,OAAO,WAAW,MAAM,qBAAqB,CAAA;AAE7C,OAAO,UAAU,MAAM,YAAY,CAAA;AAEnC,OAAO,EAAe,iBAAiB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAA;AAEnF,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAE/C,OAAO,EAAE,4BAA4B,EAAE,4BAA4B,EACmC,eAAe,EAC5F,sBAAsB,EAAkC,MAAM,kBAAkB,CAAA;AAEzG,MAAM,kBAAkB,GAAG,CAAC,IAAI,GAAG,EAAE,EAAE,EAAE;IACxC,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IAClF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,YAAY,CAAC,CAAC,CAAC;IAC9D,OAAO,GAAG,CAAC;IACX,yCAAyC;AAC1C,CAAC,CAAA;AAED,0BAA0B;AAC1B,MAAM,eAAe;IAcpB,YAAY,UAAuB;QAClC,mDAAmD;QAdpD,yBAAyB;QACzB,8CAAmD,IAAI,EAAC,CAAC,iDAAiD;QAC1G,kCAAU,IAAI,WAAW,EAAE,EAAC;QAC5B,mCAAW,IAAI,WAAW,EAAE,EAAC;QAC7B,yDAAiC,iCAAiC,EAAC;QACnE,+CAAuB,uBAAuB,EAAC;QAC/C,+BAAO,IAAI,EAAC;QACZ,yCAAiB,IAAI,EAAC,CAAC,yCAAyC;QAChE,gBAAgB;QAChB,mDAA8C,IAAI,EAAC;QACnD,2CAAgC,IAAI,EAAC;QACrC,4CAAoB,CAAC,EAAC;QAgCtB,4DAA4D;QAC5D;;;;;;;;;;;;;;;;;;;;;;;;;;;UA2BK;QAGL,kBAAa,GAAG,GAAG,EAAE;YACpB,uBAAA,IAAI,wCAAiB,CAAC,SAAS,GAAG,KAAK,EAAE,IAAkB,EAAE,EAAE;gBAC9D,MAAM,oBAAoB,GAA2B,IAAI,CAAC,IAA8B,CAAC;gBACzF,QAAQ,oBAAoB,CAAC,OAAO,EAAE;oBACtC,KAAK,sBAAsB,CAAC,eAAe;wBAC1C,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,oBAAoB,EAAE,MAAM,uBAAA,IAAI,uCAAgB,MAApB,IAAI,CAAkB,CAAC,CAAC;wBACzE,MAAM;oBACP,KAAK,sBAAsB,CAAC,SAAS;wBACpC,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,oBAAoB,EAAE,MAAM,uBAAA,IAAI,kCAAW,MAAf,IAAI,CAAa,CAAC,CAAC;wBACpE,MAAM;oBACP,KAAK,sBAAsB,CAAC,eAAe;wBAC1C,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,oBAAoB,EAAE,MAAM,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC;wBACrG,MAAM;oBACP,KAAK,sBAAsB,CAAC,MAAM;wBACjC,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,oBAAoB,EAAE,MAAM,uBAAA,IAAI,+BAAQ,MAAZ,IAAI,CAAU,CAAC,CAAC;wBACjE,MAAM;oBACP;wBACC,MAAM,IAAI,KAAK,CAAC,aAAa,oBAAoB,CAAC,OAAO,eAAe,CAAC,CAAC;iBAC1E;YACF,CAAC,CAAA;QACF,CAAC,CAAA;QAED,0CAAkB,KAAK,EAAE,oBAA4C,EAAE,QAAa,EAAE,EAAE;YACvF,MAAM,eAAe,GAAmC;gBACvD,SAAS,EAAE,oBAAoB,CAAC,SAAS;gBACzC,OAAO,EAAE,oBAAoB,CAAC,OAAO;gBACrC,OAAO,EAAE,QAAQ;aACjB,CAAA;YACD,uBAAA,IAAI,wCAAiB,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;QACpD,CAAC,EAAA;QAED,0CAAkB,KAAK,IAAsB,EAAE;YAC9C,6CAA6C;YAE7C,IAAI,mBAAmB,GAAmB,IAAI,CAAC;YAC/C,mBAAmB,GAAG,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,CAAC,CAAC;YAC9E,IAAI,mBAAmB,KAAK,IAAI,EAAE;gBACjC,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;gBACrD,IAAI,uBAAA,IAAI,4BAAK,EAAE;oBACd,uBAAA,IAAI,4BAAK,CAAC,gBAAgB,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,uCAAuC,EAAE,CAAC,CAAC;iBACzF;aACD;iBAAM;gBACN,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,UAAU,CAAC;gBAC9G,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;gBAC9B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACjB,IAAI,uBAAA,IAAI,4BAAK,EAAE;oBACd,uBAAA,IAAI,4BAAK,CAAC,gBAAgB,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,gBAAgB,EAAE,CAAC,CAAC;oBAClE,uBAAA,IAAI,4BAAK,CAAC,gBAAgB,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;iBACrD;gBACD,IAAI;oBACH,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC;wBAC1B,MAAM,EAAE,MAAM;wBACd,GAAG,EAAE,GAAG;wBACR,IAAI,EAAE;4BACL,CAAC,mBAAmB,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS;4BACtD,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK;4BAC9C,CAAC,mBAAmB,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY;4BAC5D,CAAC,mBAAmB,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ;yBACpD;wBACD,eAAe,EAAE,IAAI;wBACrB,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC;qBACtC,CAAC,CAAC;oBACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE;wBAC1C,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC;wBACzC,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,EAAE,mBAAmB,CAAC,CAAC;wBAC7E,OAAO,CAAC,GAAG,CAAC,2CAA2C,CAAC,CAAC;wBACzD,sEAAsE;qBACtE;yBAAM;wBACN,wBAAwB;wBACxB,uDAAuD;wBACvD,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;wBACpD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;qBACzC;iBACD;gBAAC,OAAO,KAAK,EAAE;oBACf,wBAAwB;oBACxB,uDAAuD;oBACvD,OAAO,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;oBAClE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;oBACnB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;iBACnC;aACD;YAED,yCAAyC;YACzC,sEAAsE;YACtE,IAAI,mBAAmB,KAAK,IAAI,EAAE;gBACjC,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,mBAAmB,CAAC,QAAQ,CAAC,CAAC;gBAC5D,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;gBACrC,OAAO,uBAAA,IAAI,qCAAc,MAAlB,IAAI,CAAgB,CAAC;aAC5B;iBAAM;gBACN,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,IAAI,CAAC,CAAC;gBACpC,OAAO,KAAK,CAAC;aACb;QACF,CAAC,EAAA;QAED,qCAAa,KAAK,IAAyB,EAAE;YAC5C,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAE7B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cA8CQ;YAER,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC;YACxC,MAAM,KAAK,GAAG,uBAAA,IAAI,+BAAQ,CAAC,kBAAkB,EAAE,CAAC;YAChD,MAAM,aAAa,GAAG,CAAE,4BAA4B,CAAC,IAAI,CAAE,CAAA;YAC3D,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC;YAC9C,MAAM,aAAa,GAAG,4BAA4B,CAAC,KAAK,CAAA;YACxD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC;YAChC,MAAM,KAAK,GAAG,uBAAA,IAAI,+BAAQ,CAAC,kBAAkB,EAAE,CAAC;YAChD,MAAM,aAAa,GAAG,uBAAA,IAAI,+BAAQ,CAAC,kBAAkB,EAAE,CAAC;YACxD,MAAM,cAAc,GAAG,MAAM,uBAAA,IAAI,+BAAQ,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;YACvE,MAAM,qBAAqB,GAAG,MAAM,CAAC;YACrC,sCAAsC;YAEtC,MAAM,gBAAgB,GAAsB;gBAC3C,SAAS;gBACT,KAAK;gBACL,aAAa;gBACb,YAAY;gBACZ,aAAa;gBACb,KAAK;gBACL,KAAK;gBACL,cAAc;gBACd,qBAAqB;aACrB,CAAA;YAED,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,uBAAA,IAAI,gCAAS,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,EAAE,CAAC;YAEpJ,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAEjB,oDAAoD;YACpD,gBAAgB,CAAC,aAAa,GAAG,aAAa,CAAC,CAAC,gEAAgE;YAEhH,OAAO,CAAC,GAAG,CAAC,gCAAgC,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;YAEjF,OAAO;gBACN,GAAG;gBACH,gBAAgB;aAChB,CAAA;YACD,8BAA8B;YAC9B,kEAAkE;YAClE,+BAA+B;QAChC,CAAC,EAAA;QAED,0CAAkB,KAAK,EAAE,OAAY,EAAoB,EAAE;YAC1D,MAAM,SAAS,GAAiD,OAAO,CAAC,SAAS,CAAC;YAClF,MAAM,gBAAgB,GAAsB,OAAO,CAAC,gBAAgB,CAAA;YAEpE,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;YAC9B,iEAAiE;YACjE,OAAO,CAAC,GAAG,CAAC,+BAA+B,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YAEzE,IAAI,SAAS,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE;gBACxC,MAAM,QAAQ,GAAuB,SAA+B,CAAC;gBAErE,OAAO,CAAC,GAAG,CAAC,6CAA6C,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;gBAE9F,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC;gBACrC,MAAM,qBAAqB,GAAG,gBAAgB,CAAC,KAAK,CAAC;gBAErD,IAAI,qBAAqB,CAAC,aAAa,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE;oBAC7D,OAAO,CAAC,GAAG,CAAC,+FAA+F,CAAC,KAAK,CAAC,CAAC;oBAEnH,OAAO,MAAM,uBAAA,IAAI,iCAAU,MAAd,IAAI,EAAW,gBAAgB,EAAE,QAAQ,CAAC,CAAC;iBACxD;qBAAM;oBACN,OAAO,CAAC,GAAG,CAAC,qGAAqG,CAAC,GAAG,CAAC,CAAC;oBACvH,uBAAA,IAAI,sCAAe,MAAnB,IAAI,EAAgB,EAAC,OAAO,EAAE,kBAAkB,EAAC,CAAC,CAAC;oBACnD,OAAO,KAAK,CAAC;iBACb;aACD;iBAAM,IAAI,SAAS,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE;gBAChD,MAAM,QAAQ,GAA4B,SAAoC,CAAC;gBAC/E,kEAAkE;gBAClE,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC;gBAC7B,MAAM,gBAAgB,GAAG,QAAQ,CAAC,iBAAiB,CAAC;gBACpD,uBAAA,IAAI,sCAAe,MAAnB,IAAI,EAAgB,EAAC,OAAO,EAAE,kBAAkB,EAAC,CAAC,CAAC;gBACnD,OAAO,KAAK,CAAC;aACb;iBAAM;gBACN,gCAAgC;gBAChC,MAAM,KAAK,GAAG,+BAA+B,CAAC,CAAC,QAAQ;gBACvD,MAAM,gBAAgB,GAAG,2CAA2C,CAAC,CAAC,QAAQ;gBAC9E,uBAAA,IAAI,sCAAe,MAAnB,IAAI,EAAgB,EAAC,OAAO,EAAE,kBAAkB,EAAC,CAAC,CAAC;gBACnD,OAAO,KAAK,CAAC;aACb;QACF,CAAC;QAED;;;;;;;;;;;;;;;;;;UAkBK;QAEL,oFAAoF;UAtBnF;QAED;;;;;;;;;;;;;;;;;;UAkBK;QAEL,oFAAoF;QACpF,8CAAsB,KAAK,EAAE,+BAA0F,EAAoB,EAAE;YAC5I,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;YAEnC,uBAAA,IAAI,2CAAoB,CAAC,MAAM,CAAC,uBAAA,IAAI,4CAAqB,CAAC,CAAC;YAE3D,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,QAAQ,CAAC;YAC5G,OAAO,CAAC,GAAG,CAAC,8BAA8B,GAAG,GAAG,CAAC,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;YAE7C,IAAI;gBACH,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC;oBAC1B,MAAM,EAAE,MAAM;oBACd,GAAG,EAAE,GAAG;oBACR,IAAI,EAAE,+BAA+B;oBACrC,eAAe,EAAE,IAAI;oBACrB,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC;iBACtC,CAAC,CAAC;gBACH,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBAEjD,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE;oBACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;oBACjC,MAAM,aAAa,GAAmB,MAAM,CAAC,IAAsB,CAAC;oBACpE,gEAAgE;oBAChE,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,aAAa,CAAC,QAAQ,CAAC,CAAC;oBACtD,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,EAAE,aAAa,CAAC,CAAC;oBACvE,OAAO,IAAI,CAAC;iBACZ;qBAAM,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,CAAC,YAAY,EAAE;oBACtD,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;oBACrC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;oBAE3B,uDAAuD;oBACvD,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,IAAI,CAAC,CAAC;oBAEpC,MAAM,QAAQ,GAAwB,MAAM,CAAC,IAA2B,CAAC;oBAEzE,4BAA4B;oBAC5B,wBAAwB;oBACxB,OAAO,KAAK,CAAC;iBAEb;qBAAM;oBACN,gBAAgB;oBAChB,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;oBACrC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;oBAE3B,uDAAuD;oBACvD,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,IAAI,CAAC,CAAC;oBAEpC,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;oBACpE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;oBACzC,+CAA+C;oBAC/C,OAAO,KAAK,CAAC;iBACb;aACD;YAAC,OAAO,KAAK,EAAE;gBACf,uDAAuD;gBACvD,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,IAAI,CAAC,CAAC;gBACpC,oEAAoE;gBACpE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;gBAEnC,+CAA+C;gBAE/C,OAAO,KAAK,CAAC;aACb;QACF,CAAC;QAED,oFAAoF;UAFnF;QAED,oFAAoF;QACpF,oCAAY,KAAK,EAAE,gBAAmC,EAAE,iBAAqC,EAAoB,EAAE;YAClH,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;YAE/B,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,EAAE,IAAI,CAAC,CAAC;YAE9D,MAAM,+BAA+B,GAAqC;gBACzE,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS;gBAChC,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK;gBACxB,IAAI,EAAE,iBAAiB,CAAC,IAAI;gBAC5B,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY;gBACtC,UAAU,EAAE,eAAe,CAAC,kBAAkB;gBAC9C,aAAa,EAAE,gBAAgB,CAAC,aAAa;aAC7C,CAAA;YAED,OAAO,uBAAA,IAAI,2CAAoB,MAAxB,IAAI,EAAqB,+BAA+B,CAAC,CAAC;QAClE,CAAC;QAED;;;;;;;;;;;;;;;;;;;;;;;;MAwBC;UA1BA;QAED;;;;;;;;;;;;;;;;;;;;;;;;MAwBC;QAED,wCAAgB,KAAK,IAAsB,EAAE;YAC5C,oFAAoF;YACpF,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAE5B,2EAA2E;YAC3E,MAAM,kBAAkB,GAAmB,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,CAAC,CAAC;YACnG,IAAI,kBAAkB,EAAE;gBACvB,MAAM,qBAAqB,GAA2B;oBACrD,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS;oBAChC,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK;oBACxB,aAAa,EAAE,kBAAkB,CAAC,aAAa;oBAC/C,UAAU,EAAE,eAAe,CAAC,aAAa;iBACzC,CAAA;gBAED,OAAO,uBAAA,IAAI,2CAAoB,MAAxB,IAAI,EAAqB,qBAAqB,CAAC,CAAC;aACvD;iBAAM;gBACN,aAAa;gBACb,wCAAwC;gBACxC,OAAO,KAAK,CAAC;aACb;QACF,CAAC;QAED,wBAAwB;QACxB,6BAA6B;QAC7B,gBAAgB;QAChB,wBAAwB;QACxB,8BAA8B;UAN7B;QAED,wBAAwB;QACxB,6BAA6B;QAC7B,gBAAgB;QAChB,wBAAwB;QACxB,8BAA8B;QAC9B,kCAAU,KAAK,IAAsB,EAAE;YACtC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,SAAS,CAAC;YAC7G,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAEjB,MAAM,kBAAkB,GAAmB,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,CAAC,CAAC;YACnG,MAAM,aAAa,GAAG,kBAAkB,CAAC,aAAa,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAE3B,MAAM,mBAAmB,GAAe,UAAU,CAAa,aAAa,CAAC,CAAC;YAC9E,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;YACjC,MAAM,SAAS,GAAG,mBAAmB,CAAC,WAAW,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAEvB,uBAAA,IAAI,2CAAoB,CAAC,MAAM,CAAC,uBAAA,IAAI,4CAAqB,CAAC,CAAC;YAC3D,uDAAuD;YACvD,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,IAAI,CAAC,CAAC;YAEpC,IAAI;gBACH,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC;oBAC1B,MAAM,EAAE,MAAM;oBACd,GAAG,EAAE,GAAG;oBACR,IAAI,EAAE;wBACL,SAAS;qBACT;oBACD,eAAe,EAAE,IAAI;oBACrB,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC;iBACtC,CAAC,CAAC;gBACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE;oBAC1C,OAAO,IAAI,CAAC;iBACZ;qBAAM;oBACN,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;oBACjD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;oBACzC,OAAO,KAAK,CAAC;iBACb;aACD;YAAC,OAAO,KAAK,EAAE;gBACf,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;gBACjD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;gBACnC,OAAO,KAAK,CAAC;aACb;QACF,CAAC,EAAA;QAreA,4DAA4D;QAC5D,uBAAA,IAAI,uCAAuB,IAAI,oBAAoB,CAAiB,EAAC,iBAAiB,EAAE,iBAAiB,CAAC,cAAc,EAAC,CAAC,CAAC,UAAU,EAAE,MAAA,CAAC;QAExI,4DAA4D;QAC5D,wFAAwF;QAExF,0DAA0D;QAC1D,uBAAA,IAAI,4CAA4B,CAAC,QAAgB,EAAE,EAAE;YACpD,MAAM,OAAO,GAA2B;gBACvC,SAAS,EAAE,CAAC,CAAC;gBACb,OAAO,EAAE,sBAAsB,CAAC,kBAAkB;aAClD,CAAA;YACD,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,OAAO,EAAE,QAAQ,CAAC,CAAC;QACzC,CAAC,MAAA,CAAA;QAED,uBAAA,IAAI,kCAAkB,CAAC,KAAU,EAAE,EAAE;YACpC,MAAM,OAAO,GAA2B;gBACvC,SAAS,EAAE,CAAC,CAAC;gBACb,OAAO,EAAE,sBAAsB,CAAC,KAAK;aACrC,CAAA;YACD,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,OAAO,EAAE,KAAK,CAAC,CAAC;QACtC,CAAC,MAAA,CAAA;QAED,uBAAA,IAAI,oCAAoB,UAAU,MAAA,CAAC;QACnC,IAAI,CAAC,aAAa,EAAE,CAAC;IACtB,CAAC;CA6cD;;AAED,IAAI,YAAY,GAAoB,IAAI,CAAC;AAEzC,SAAS,GAAG,KAAK,WAAU,IAAkB;IAE5C,MAAM,UAAU,GAAG,IAAI,CAAC,IAAmB,CAAC;IAC5C,YAAY,GAAG,IAAI,eAAe,CAAC,UAAU,CAAC,CAAC;AAChD,CAAC,CAAA"}