@nsshunt/stsoauth2plugin 1.0.4 → 1.0.6

package/dist/stsoauth2worker.js

@@ -1,611 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.STSOAuth2Worker = void 0;
-const debug_1 = __importDefault(require("debug"));
-require("colors");
-const detect_node_1 = __importDefault(require("detect-node"));
-//import 'colors'
-const axios_1 = __importDefault(require("axios"));
-const stsutils_1 = require("@nsshunt/stsutils");
-const CryptoUtils_1 = __importDefault(require("./Utils/CryptoUtils"));
-const QueryParams_1 = __importDefault(require("./Utils/QueryParams"));
-const jwt_decode_1 = __importDefault(require("jwt-decode"));
-//import { IStsStorage, ClientStorageType, ClientStorageFactory } from './stsStorage'
-const stsvueutils_1 = require("@nsshunt/stsvueutils");
-const http_status_codes_1 = require("http-status-codes");
-const stsoauth2types_1 = require("./stsoauth2types");
-const stsinstrumentation_1 = require("@nsshunt/stsinstrumentation");
-const https_1 = __importDefault(require("https"));
-let debug = null;
-if (detect_node_1.default) {
-    debug = (0, debug_1.default)(`proc:${process.pid}:stsoauth2worker.ts`);
-}
-else {
-    debug = (0, debug_1.default)(`proc:0:stsoauth2worker.ts`);
-}
-// STS Client SDK for SPAs
-class STSOAuth2Worker {
-    //#storageManager = null;
-    #clientSessionStore = null; // In memory tokens while the client is logged in
-    #cUtils = new CryptoUtils_1.default();
-    #qParams = new QueryParams_1.default();
-    #STORAGE_SESSION_KEY = 'session.stsmda.com.au';
-    #aic = null;
-    #oauthWorkerPort = null;
-    #options = null;
-    #httpsAgent = null;
-    constructor(workerPort, options) {
-        debug_1.default.enable('proc:*'); //@@
-        this.#options = options;
-        debug(`STSOAuth2Worker:constructor:#options: [${JSON.stringify(this.#options)}]`);
-        // In memory storage for OAuth2 tokens for our valid session
-        this.#clientSessionStore = new stsvueutils_1.ClientStorageFactory({ clientStorageType: stsvueutils_1.ClientStorageType.MEMORY_STORAGE, usePrefix: false }).GetStorage();
-        //@@ needs to be sent the instrument manager controller port
-        //@@this.#aic = app.config.globalProperties.$sts.aic.PrimaryPublishInstrumentController;
-        //this.#handleAuthenticateEvent = handleAuthenticateEvent;
-        this.#oauthWorkerPort = workerPort;
-        debug(`STSOAuth2Worker:constructor:#oauthWorkerPort: [${JSON.stringify(this.#oauthWorkerPort)}]`);
-        if (detect_node_1.default) {
-            this.#httpsAgent = new https_1.default.Agent({
-                keepAlive: this.#options.agentOptions.keepAlive,
-                maxSockets: this.#options.agentOptions.maxSockets,
-                maxTotalSockets: this.#options.agentOptions.maxTotalSockets,
-                maxFreeSockets: this.#options.agentOptions.maxFreeSockets,
-                timeout: this.#options.timeout,
-                rejectUnauthorized: this.#options.agentOptions.rejectUnauthorized // Allows self-signed certificates if non-production
-            });
-        }
-        this.SetupListener();
-        this.#UpdateInstrument(stsinstrumentation_1.Gauge.LOGGER, {
-            LogMessage: `STSOauth2 Plugin - Successfully Loaded`
-        });
-        /*
-        setInterval(() => { // Used for testing purposes only.
-            this.#UpdateInstrument(Gauge.LOGGER, {
-                LogMessage: `--> [${Date.now().toString()}] <--`
-            } as InstrumentLogTelemetry);
-        }, 1000);
-        */
-    }
-    // Attempt to restore a previous session using the STSBroker
-    /*
-    { parameterType: OAuth2ParameterType.CLIENT_ID, errorType: authErrorType.CLIENT_ID_MISMATCH },
-    { parameterType: OAuth2ParameterType.SCOPE, errorType: authErrorType.SCOPE_MISMATCH }
-    { parameterType: OAuth2ParameterType.REDIRECT_URI, errorType: authErrorType.REDIRECT_URI_MISMATCH },
-    { parameterType: OAuth2ParameterType.AUDIENCE, errorType: authErrorType.SCOPE_MISMATCH }
-
-    Successful Response
-    {
-        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
-        "token_type": "Bearer",
-        "expires_in": 3599,
-        "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
-        "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
-        "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
-    }
-
-    Error Response
-    {
-        "error": "invalid_scope",
-        "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
-        "error_codes": [
-            70011
-        ],
-        "timestamp": "2016-01-09 02:02:12Z",
-    }
-  
-    */
-    #HandleAuthenticateEvent = (id_token) => {
-        const message = {
-            messageId: -1,
-            command: stsoauth2types_1.IOauth2ListenerCommand.AUTHENTICATE_EVENT
-        };
-        this.#ProcessCommand(message, id_token);
-    };
-    // eslint-disable-next-line  @typescript-eslint/no-explicit-any
-    #HandleErrorEvent = (error) => {
-        const message = {
-            messageId: -1,
-            command: stsoauth2types_1.IOauth2ListenerCommand.ERROR
-        };
-        this.#ProcessCommand(message, error);
-    };
-    #LogMessage = (messageToSend) => {
-        const message = {
-            messageId: -1,
-            command: stsoauth2types_1.IOauth2ListenerCommand.LOG
-        };
-        this.#ProcessCommand(message, messageToSend);
-    };
-    #GetAccessToken = () => {
-        const sessionData = this.#clientSessionStore.get(this.#STORAGE_SESSION_KEY);
-        if (sessionData) {
-            const tokens = sessionData.tokenResponse;
-            return tokens.access_token;
-        }
-        else {
-            return null;
-        }
-    };
-    // eslint-disable-next-line  @typescript-eslint/no-explicit-any
-    #GetCookies = () => {
-        if (detect_node_1.default) {
-            const sessionData = this.#clientSessionStore.get(this.#STORAGE_SESSION_KEY);
-            if (sessionData) {
-                return sessionData.brokerCookie;
-            }
-            else {
-                return null;
-            }
-        }
-        else {
-            return null;
-        }
-    };
-    #UpdateInstrument = (instrumentName, telemetry) => {
-        const message = {
-            messageId: -1,
-            command: stsoauth2types_1.IOauth2ListenerCommand.UPDATE_INSTRUMENT
-        };
-        this.#ProcessCommand(message, {
-            instrumentName,
-            telemetry
-        });
-    };
-    SetupListener = () => {
-        this.#oauthWorkerPort.onmessage = async (data) => {
-            const auth2ListenerMessage = data.data;
-            debug(`STSOAuth2Worker:SetupListener:onmessage: [${auth2ListenerMessage.command}]`);
-            switch (auth2ListenerMessage.command) {
-                case stsoauth2types_1.IOauth2ListenerCommand.RESTORE_SESSION:
-                    this.#ProcessCommand(auth2ListenerMessage, await this.#RestoreSession());
-                    break;
-                case stsoauth2types_1.IOauth2ListenerCommand.AUTHORIZE:
-                    this.#ProcessCommand(auth2ListenerMessage, await this.#Authorize());
-                    break;
-                case stsoauth2types_1.IOauth2ListenerCommand.HANDLE_REDIRECT:
-                    this.#ProcessCommand(auth2ListenerMessage, await this.#HandleRedirect(auth2ListenerMessage.payload));
-                    break;
-                case stsoauth2types_1.IOauth2ListenerCommand.LOGOUT:
-                    this.#ProcessCommand(auth2ListenerMessage, await this.#Logout());
-                    break;
-                //@@ Need a way of keeping this out of the main thread - should always stay within the worker
-                case stsoauth2types_1.IOauth2ListenerCommand.ACCESS_TOKEN:
-                    this.#ProcessCommand(auth2ListenerMessage, await this.#GetAccessToken());
-                    break;
-                case stsoauth2types_1.IOauth2ListenerCommand.EXECUTE_REFRESH_TOKEN:
-                    this.#ProcessCommand(auth2ListenerMessage, await this.#RefreshToken());
-                    break;
-                case stsoauth2types_1.IOauth2ListenerCommand.COOKIES:
-                    this.#ProcessCommand(auth2ListenerMessage, await this.#GetCookies());
-                    break;
-                default:
-                    throw new Error(`Command: [${auth2ListenerMessage.command}'] not found.`);
-            }
-        };
-    };
-    /*
-    #GetIDToken = async(): Promise<string> => {
-        return '-- ID Token --';
-    }
-    */
-    // eslint-disable-next-line  @typescript-eslint/no-explicit-any
-    #ProcessCommand = async (auth2ListenerMessage, response) => {
-        const messageResponse = {
-            messageId: auth2ListenerMessage.messageId,
-            command: auth2ListenerMessage.command,
-            payload: response
-        };
-        this.#oauthWorkerPort.postMessage(messageResponse);
-    };
-    #RestoreSession = async () => {
-        //@@ attempt to get from client storage first
-        let restoredSessionData = null;
-        const sessionData = this.#clientSessionStore.get(this.#STORAGE_SESSION_KEY);
-        if (sessionData) {
-            restoredSessionData = sessionData.tokenResponse;
-            console.log('Session restored from client storage.');
-            if (this.#aic) {
-                this.#aic.UpdateInstrument('m', { LogMessage: 'Session restored from client storage.' });
-            }
-            this.#LogMessage('Session restored from client storage.');
-        }
-        else {
-            const url = `${this.#options.brokerendpoint}:${this.#options.brokerport}${this.#options.brokerapiroot}/session`;
-            console.log('RestoreSession');
-            console.log(url);
-            if (this.#aic) {
-                this.#aic.UpdateInstrument('m', { LogMessage: 'RestoreSession' });
-                this.#aic.UpdateInstrument('m', { LogMessage: url });
-            }
-            this.#LogMessage('RestoreSession.');
-            this.#LogMessage(url);
-            try {
-                const rConfig = {
-                    method: "post",
-                    url: url,
-                    data: {
-                        [stsutils_1.OAuth2ParameterType.CLIENT_ID]: this.#options.client_id,
-                        [stsutils_1.OAuth2ParameterType.SCOPE]: this.#options.scope,
-                        [stsutils_1.OAuth2ParameterType.REDIRECT_URI]: this.#options.redirect_uri,
-                        [stsutils_1.OAuth2ParameterType.AUDIENCE]: this.#options.audience
-                    },
-                    withCredentials: true,
-                    timeout: this.#options.timeout
-                };
-                debug(`#RestoreSession:session request detail: [${JSON.stringify(rConfig)}]`.magenta);
-                if (detect_node_1.default) {
-                    rConfig.httpsAgent = this.#httpsAgent;
-                }
-                const retVal = await (0, axios_1.default)(rConfig);
-                if (retVal.data.status === http_status_codes_1.StatusCodes.OK) {
-                    restoredSessionData = retVal.data.detail;
-                    const newSessionData = {
-                        tokenResponse: restoredSessionData
-                    };
-                    if (detect_node_1.default) {
-                        newSessionData.brokerCookie = retVal.headers['set-cookie'];
-                    }
-                    this.#clientSessionStore.set(this.#STORAGE_SESSION_KEY, newSessionData);
-                    console.log('Session restored from server side cookie.');
-                }
-                else {
-                    //@@ handle error better
-                    console.log('Could not restore previous session:-');
-                    console.log(JSON.stringify(retVal.data));
-                }
-            }
-            catch (error) {
-                //@@ handle error better
-                console.log('Could not restore previous session (error state):-');
-                console.log(error);
-                console.log(JSON.stringify(error));
-            }
-        }
-        //@@ must only use in-memory for this ...
-        if (restoredSessionData !== null) {
-            this.#HandleAuthenticateEvent(restoredSessionData.id_token);
-            console.log('Refreshing tokens ...');
-            return await this.#RefreshToken();
-        }
-        else {
-            this.#HandleAuthenticateEvent(null);
-            return false;
-        }
-    };
-    #Authorize = async () => {
-        console.log('Authorize ...');
-        /* MS Example
-        --------------
-        https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
-        client_id=6731de76-14a6-49ae-97bc-6eba6914391e
-        &response_type=code
-        &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
-        &response_mode=query
-        &scope=offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fuser.read%20api%3A%2F%2F
-        &state=12345
-        &code_challenge=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl
-        &code_challenge_method=S256
-
-        Successful Response
-
-        GET http://localhost?
-        code=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...
-        &state=12345
-
-        Error Response
-        GET http://localhost?
-        error=access_denied
-        &error_description=the+user+canceled+the+authentication
-
-        << Hybrid Flow >>
-
-        https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
-        client_id=6731de76-14a6-49ae-97bc-6eba6914391e
-        &response_type=code%20id_token
-        &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
-        &response_mode=fragment
-        &scope=openid%20offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fuser.read
-        &state=12345
-        &nonce=abcde
-        &code_challenge=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl
-        &code_challenge_method=S256
-
-        Successful Response
-
-        GET https://login.microsoftonline.com/common/oauth2/nativeclient#
-        code=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...
-        &id_token=eYj...
-        &state=12345
-
-        Notes:
-        The nonce is included as a claim inside the returned id_token
-        Ref: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
-        */
-        const client_id = this.#options.client_id;
-        const nonce = this.#cUtils.CreateRandomString();
-        const response_type = [stsoauth2types_1.AuthorizeOptionsResponseType.CODE];
-        const redirect_uri = this.#options.redirect_uri;
-        const response_mode = stsoauth2types_1.AuthorizeOptionsResponseMode.QUERY;
-        const scope = this.#options.scope;
-        const state = this.#cUtils.CreateRandomString();
-        const code_verifier = this.#cUtils.CreateRandomString();
-        const code_challenge = await this.#cUtils.DigestMessage(code_verifier);
-        const code_challenge_method = 'S256';
-        //let audience = this.#options.AUDIENCE;
-        const authorizeOptions = {
-            client_id,
-            nonce,
-            response_type,
-            redirect_uri,
-            response_mode,
-            scope,
-            state,
-            code_challenge,
-            code_challenge_method
-        };
-        const authorizeOptionsClientCopy = { ...authorizeOptions };
-        const url = `${this.#options.authorizeendpoint}:${this.#options.authorizeport}${this.#options.authorizeapiroot}${this.#options.authorizeapi}?${this.#qParams.CreateQueryParams(authorizeOptions)}`;
-        console.log(url);
-        // Now add the code_verifier to the transaction data
-        authorizeOptions.code_verifier = code_verifier; //@@ Is this is the only thing required across the transaction ?
-        console.log(`Authorize:authorizeOptions: [${JSON.stringify(authorizeOptions)}]`);
-        return {
-            url,
-            authorizeOptions,
-            authorizeOptionsClientCopy
-        };
-        //window.location.assign(url);
-        //@@ this may need to be a message back to the plugin to re-direct
-        //window.location.replace(url);
-    };
-    // eslint-disable-next-line  @typescript-eslint/no-explicit-any
-    #HandleRedirect = async (payload) => {
-        const queryVars = payload.queryVars;
-        const authorizeOptions = payload.authorizeOptions;
-        debug(`#HandleRedirect: HandleRedirect`.magenta);
-        // We have been re-direct back here from the /authorize end-point
-        debug(`#HandleRedirect: HandleRedirect:Query Vars: [${JSON.stringify(queryVars)}]`.magenta);
-        if (queryVars[stsutils_1.OAuth2ParameterType.CODE]) {
-            const response = queryVars;
-            console.log(`authorizeOptions from transaction state: [${JSON.stringify(authorizeOptions)}]`);
-            const redirectState = response.state;
-            const authorizeOptionsState = authorizeOptions.state;
-            if (authorizeOptionsState.localeCompare(redirectState) === 0) {
-                console.log('redirected state (from queryVars) matched previously saved transaction authorizeOptions state'); // green
-                return await this.#GetToken(authorizeOptions, response);
-            }
-            else {
-                console.log('redirected state (from queryVars) did NOT match previously saved transaction authorizeOptions state'); // red
-                console.log(`authorizeOptionsState: [${authorizeOptionsState}]`); // red
-                console.log(`redirectState: [${redirectState}]`); // red
-                this.#HandleErrorEvent({ message: 'State un-matched' });
-                return false;
-            }
-        }
-        else if (queryVars[stsutils_1.OAuth2ParameterType.ERROR]) {
-            //const response: IAuthorizeErrorResponse = queryVars as IAuthorizeErrorResponse;
-            //@@ pass error back to parent thread (to the plugin) as a message
-            //const error = response.error;
-            //const errorDescription = response.error_description;
-            this.#HandleErrorEvent({ message: 'State un-matched' });
-            return false;
-        }
-        else {
-            // Invalid redirect query params
-            //const error = 'Invalid redirect query params'; //@@ fix
-            //const errorDescription = 'Invalid redirect query params description'; //@@ fix
-            this.#HandleErrorEvent({ message: 'State un-matched' });
-            return false;
-        }
-    };
-    /*
-    client_id=6731de76-14a6-49ae-97bc-6eba6914391e
-    &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
-    &code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...
-    &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
-    &grant_type=authorization_code
-    &code_verifier=ThisIsntRandomButItNeedsToBe43CharactersLong
-    &client_secret=JqQX2PNo9bpM0uEihUPzyrh    // NOTE: Only required for web apps. This secret needs to be URL-Encoded.
-
-    Successful Response
-    {
-        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
-        "token_type": "Bearer",
-        "expires_in": 3599,
-        "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
-        "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
-        "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
-    }
-    */
-    // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
-    #GetTokenFromBroker = async (authorizationCodeFlowParameters) => {
-        debug(`#GetTokenFromBroker`.magenta);
-        this.#clientSessionStore.remove(this.#STORAGE_SESSION_KEY);
-        const url = `${this.#options.brokerendpoint}:${this.#options.brokerport}${this.#options.brokerapiroot}/token`;
-        try {
-            const rConfig = {
-                method: "post",
-                url: url,
-                data: authorizationCodeFlowParameters,
-                withCredentials: true,
-                timeout: this.#options.timeout
-            };
-            debug(`#GetTokenFromBroker: request config: [${JSON.stringify(rConfig)}]`.magenta);
-            if (detect_node_1.default) {
-                rConfig.httpsAgent = this.#httpsAgent;
-            }
-            debug(`#GetTokenFromBroker: axios API call`.magenta);
-            const retVal = await (0, axios_1.default)(rConfig);
-            debug(`#GetTokenFromBroker: axios API call result: [${retVal.status}]`.magenta);
-            if (retVal.status === http_status_codes_1.StatusCodes.OK) {
-                debug(`#GetTokenFromBroker: storing tokens`.magenta);
-                const tokenResponse = retVal.data;
-                this.#HandleAuthenticateEvent(tokenResponse.id_token);
-                const newSessionData = {
-                    tokenResponse: tokenResponse
-                };
-                if (detect_node_1.default) {
-                    newSessionData.brokerCookie = retVal.headers['set-cookie'];
-                }
-                this.#clientSessionStore.set(this.#STORAGE_SESSION_KEY, newSessionData);
-                return true;
-            }
-            else if (retVal.status === http_status_codes_1.StatusCodes.UNAUTHORIZED) {
-                debug(`#GetTokenFromBroker: NOT storing tokens, status: [${retVal.status}]`.magenta);
-                this.#HandleAuthenticateEvent(null);
-                //const response: ITokenErrorResponse = retVal.data as ITokenErrorResponse;
-                //@@ store response in state
-                //@@ go to error page ??
-                return false;
-            }
-            else {
-                // General error
-                debug(`#GetTokenFromBroker: NOT storing tokens (general error 1), status: [${retVal.status}]`.magenta);
-                this.#HandleAuthenticateEvent(null);
-                console.log('Could not obtain access_token from token end-point:-');
-                console.log(JSON.stringify(retVal.data));
-                //@@ store error in state to show in error page
-                return false;
-            }
-        }
-        catch (error) {
-            debug(`#GetTokenFromBroker: NOT storing tokens (general error 2), status: [${error}]`.red);
-            this.#HandleAuthenticateEvent(null);
-            //@@ store error in state to show in error page
-            return false;
-        }
-    };
-    // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
-    #GetToken = async (authorizeOptions, authorizeResponse) => {
-        console.log("#GetToken");
-        console.log(authorizeResponse);
-        this.#clientSessionStore.set(this.#STORAGE_SESSION_KEY, null);
-        const authorizationCodeFlowParameters = {
-            client_id: this.#options.client_id,
-            scope: this.#options.scope,
-            code: authorizeResponse.code,
-            redirect_uri: this.#options.redirect_uri,
-            grant_type: stsoauth2types_1.OAuthGrantTypes.AUTHORIZATION_CODE,
-            code_verifier: authorizeOptions.code_verifier
-        };
-        return await this.#GetTokenFromBroker(authorizationCodeFlowParameters);
-    };
-    /*
-    // Line breaks for legibility only
-
-POST /{tenant}/oauth2/v2.0/token HTTP/1.1
-Host: https://login.microsoftonline.com
-Content-Type: application/x-www-form-urlencoded
-
-client_id=535fb089-9ff3-47b6-9bfb-4f1264799865
-&scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
-&refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq...
-&grant_type=refresh_token
-&client_secret=sampleCredentia1s    // NOTE: Only required for web apps. This secret needs to be URL-Encoded
-
-Error Response
-{
-    "error": "invalid_scope",
-    "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
-    "error_codes": [
-      70011
-    ],
-    "timestamp": "2016-01-09 02:02:12Z",
-    "trace_id": "255d1aef-8c98-452f-ac51-23d051240864",
-    "correlation_id": "fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7"
-  }
-*/
-    #RefreshToken = async () => {
-        // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
-        debug(`STSOAuth2Worker:#RefreshToken:start`.cyan);
-        const sessionData = this.#clientSessionStore.get(this.#STORAGE_SESSION_KEY);
-        if (sessionData) {
-            debug(`STSOAuth2Worker:#RefreshToken:sessionData: [${JSON.stringify(sessionData)}]`.cyan);
-            const currentSessionData = sessionData.tokenResponse;
-            const refreshFlowParameters = {
-                client_id: this.#options.client_id,
-                scope: this.#options.scope,
-                refresh_token: currentSessionData.refresh_token,
-                grant_type: stsoauth2types_1.OAuthGrantTypes.REFRESH_TOKEN
-            };
-            return await this.#GetTokenFromBroker(refreshFlowParameters);
-        }
-        else {
-            debug(`STSOAuth2Worker:#RefreshToken:sessionData not found within clientSessionStore`.red);
-            // show error
-            //@@ no valid session exists for refresh
-            return false;
-        }
-    };
-    // call broker to logout
-    // broker to logout of server
-    // delete cookie
-    // clear session storage
-    // clear all state from $store
-    #Logout = async () => {
-        console.log('Logout');
-        const url = `${this.#options.brokerendpoint}:${this.#options.brokerport}${this.#options.brokerapiroot}/logout`;
-        console.log(url);
-        const sessionData = this.#clientSessionStore.get(this.#STORAGE_SESSION_KEY);
-        if (sessionData) {
-            const currentSessionData = sessionData.tokenResponse;
-            const refresh_token = currentSessionData.refresh_token;
-            console.log(refresh_token);
-            const decodedRefreshToken = (0, jwt_decode_1.default)(refresh_token);
-            console.log(decodedRefreshToken);
-            const sessionId = decodedRefreshToken.sts_session;
-            console.log(sessionId);
-            this.#clientSessionStore.remove(this.#STORAGE_SESSION_KEY);
-            this.#HandleAuthenticateEvent(null);
-            try {
-                const rConfig = {
-                    method: "post",
-                    url: url,
-                    data: {
-                        sessionId
-                    },
-                    withCredentials: true,
-                    timeout: this.#options.timeout,
-                };
-                debug(`#Logout: request config: [${rConfig}]`.magenta);
-                if (detect_node_1.default) {
-                    rConfig.httpsAgent = this.#httpsAgent;
-                }
-                const retVal = await (0, axios_1.default)(rConfig);
-                if (retVal.data.status === http_status_codes_1.StatusCodes.OK) {
-                    return true;
-                }
-                else {
-                    console.log('Error during logout (1: server side)');
-                    console.log(JSON.stringify(retVal.data));
-                    return false;
-                }
-            }
-            catch (error) {
-                console.log('Error during logout (2: server side)');
-                console.log(error);
-                console.log(JSON.stringify(error));
-                return false;
-            }
-        }
-        else {
-            console.log('Error during logout. Could not restore session from session storage.');
-            return false;
-        }
-    };
-}
-exports.STSOAuth2Worker = STSOAuth2Worker;
-/*
-let oAuth2Worker: STSOAuth2Worker = null;
-
-onmessage = async function(data: MessageEvent)
-{
-    const workerPort = data.data as MessagePort;
-    oAuth2Worker = new STSOAuth2Worker(workerPort);
-}
-*/
-//# sourceMappingURL=stsoauth2worker.js.map

package/dist/stsoauth2worker.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"stsoauth2worker.js","sourceRoot":"","sources":["../src/stsoauth2worker.ts"],"names":[],"mappings":";;;;;;AAAA,kDAA0B;AAE1B,kBAAe;AAEf,8DAAgC;AAEhC,iBAAiB;AAEjB,kDAAkD;AAElD,gDAAoE;AAEpE,sEAA6C;AAC7C,sEAA6C;AAE7C,4DAAmC;AAEnC,qFAAqF;AACrF,sDAA2F;AAE3F,yDAA+C;AAE/C,qDAEmJ;AAEnJ,oEAAoG;AAEpG,kDAAyB;AAEzB,IAAI,KAAK,GAAG,IAAI,CAAC;AACjB,IAAI,qBAAM,EAAE;IACR,KAAK,GAAG,IAAA,eAAK,EAAC,QAAQ,OAAO,CAAC,GAAG,qBAAqB,CAAC,CAAC;CAC3D;KAAM;IACH,KAAK,GAAG,IAAA,eAAK,EAAC,2BAA2B,CAAC,CAAC;CAC9C;AAED,0BAA0B;AAC1B,MAAa,eAAe;IACxB,yBAAyB;IACzB,mBAAmB,GAA8B,IAAI,CAAC,CAAC,iDAAiD;IACxG,OAAO,GAAG,IAAI,qBAAW,EAAE,CAAC;IAC5B,QAAQ,GAAG,IAAI,qBAAW,EAAE,CAAC;IAC7B,oBAAoB,GAAG,uBAAuB,CAAC;IAC/C,IAAI,GAAG,IAAI,CAAC;IACZ,gBAAgB,GAAgB,IAAI,CAAC;IACrC,QAAQ,GAA4B,IAAI,CAAC;IACzC,WAAW,GAAgB,IAAI,CAAC;IAEhC,YAAY,UAAuB,EAAE,OAAgC;QAEjE,eAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI;QAE5B,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;QAExB,KAAK,CAAC,0CAA0C,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QAElF,4DAA4D;QAC5D,IAAI,CAAC,mBAAmB,GAAG,IAAI,kCAAoB,CAAe,EAAC,iBAAiB,EAAE,+BAAiB,CAAC,cAAc,EAAE,SAAS,EAAE,KAAK,EAAC,CAAC,CAAC,UAAU,EAAE,CAAC;QAExJ,4DAA4D;QAC5D,wFAAwF;QAExF,0DAA0D;QAE1D,IAAI,CAAC,gBAAgB,GAAG,UAAU,CAAC;QAEnC,KAAK,CAAC,kDAAkD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;QAElG,IAAI,qBAAM,EAAE;YACR,IAAI,CAAC,WAAW,GAAG,IAAI,eAAK,CAAC,KAAK,CAAC;gBAC/B,SAAS,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,SAAS;gBAC/C,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,UAAU;gBACjD,eAAe,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,eAAe;gBAC3D,cAAc,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,cAAc;gBACzD,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,OAAO;gBAC9B,kBAAkB,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,kBAAkB,CAAC,oDAAoD;aACzH,CAAC,CAAC;SACN;QAED,IAAI,CAAC,aAAa,EAAE,CAAC;QAErB,IAAI,CAAC,iBAAiB,CAAC,0BAAK,CAAC,MAAM,EAAE;YACjC,UAAU,EAAE,wCAAwC;SAC7B,CAAC,CAAC;QAE7B;;;;;;UAMJ;IACA,CAAC;IAED,4DAA4D;IAC5D;;;;;;;;;;;;;;;;;;;;;;;;;;MA0BE;IAEF,wBAAwB,GAAG,CAAC,QAAgB,EAAE,EAAE;QAC5C,MAAM,OAAO,GAA2B;YACpC,SAAS,EAAE,CAAC,CAAC;YACb,OAAO,EAAE,uCAAsB,CAAC,kBAAkB;SACrD,CAAA;QACD,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC5C,CAAC,CAAA;IAED,+DAA+D;IAC/D,iBAAiB,GAAG,CAAC,KAAU,EAAE,EAAE;QAC/B,MAAM,OAAO,GAA2B;YACpC,SAAS,EAAE,CAAC,CAAC;YACb,OAAO,EAAE,uCAAsB,CAAC,KAAK;SACxC,CAAA;QACD,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACzC,CAAC,CAAA;IAED,WAAW,GAAG,CAAC,aAAqB,EAAE,EAAE;QACpC,MAAM,OAAO,GAA2B;YACpC,SAAS,EAAE,CAAC,CAAC;YACb,OAAO,EAAE,uCAAsB,CAAC,GAAG;SACtC,CAAA;QACD,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IACjD,CAAC,CAAA;IAED,eAAe,GAAG,GAAW,EAAE;QAC3B,MAAM,WAAW,GAAiB,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QAC1F,IAAI,WAAW,EAAE;YACb,MAAM,MAAM,GAAmB,WAAW,CAAC,aAAa,CAAC;YACzD,OAAO,MAAM,CAAC,YAAY,CAAC;SAC9B;aAAM;YACH,OAAO,IAAI,CAAC;SACf;IACL,CAAC,CAAA;IAED,+DAA+D;IAC/D,WAAW,GAAG,GAAQ,EAAE;QACpB,IAAI,qBAAM,EAAE;YACR,MAAM,WAAW,GAAiB,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YAC1F,IAAI,WAAW,EAAE;gBACb,OAAO,WAAW,CAAC,YAAY,CAAC;aACnC;iBAAM;gBACH,OAAO,IAAI,CAAC;aACf;SACJ;aAAM;YACH,OAAO,IAAI,CAAC;SACf;IACL,CAAC,CAAA;IAED,iBAAiB,GAAG,CAAC,cAAqB,EAAE,SAAkC,EAAQ,EAAE;QACpF,MAAM,OAAO,GAA2B;YACpC,SAAS,EAAE,CAAC,CAAC;YACb,OAAO,EAAE,uCAAsB,CAAC,iBAAiB;SACpD,CAAA;QACD,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE;YAC1B,cAAc;YACd,SAAS;SACZ,CAAC,CAAC;IACP,CAAC,CAAA;IAED,aAAa,GAAG,GAAG,EAAE;QACjB,IAAI,CAAC,gBAAgB,CAAC,SAAS,GAAG,KAAK,EAAE,IAAkB,EAAE,EAAE;YAC3D,MAAM,oBAAoB,GAA2B,IAAI,CAAC,IAA8B,CAAC;YACzF,KAAK,CAAC,6CAA6C,oBAAoB,CAAC,OAAO,GAAG,CAAC,CAAC;YACpF,QAAQ,oBAAoB,CAAC,OAAO,EAAE;gBACtC,KAAK,uCAAsB,CAAC,eAAe;oBACvC,IAAI,CAAC,eAAe,CAAC,oBAAoB,EAAE,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;oBACzE,MAAM;gBACV,KAAK,uCAAsB,CAAC,SAAS;oBACjC,IAAI,CAAC,eAAe,CAAC,oBAAoB,EAAE,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;oBACpE,MAAM;gBACV,KAAK,uCAAsB,CAAC,eAAe;oBACvC,IAAI,CAAC,eAAe,CAAC,oBAAoB,EAAE,MAAM,IAAI,CAAC,eAAe,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC;oBACrG,MAAM;gBACV,KAAK,uCAAsB,CAAC,MAAM;oBAC9B,IAAI,CAAC,eAAe,CAAC,oBAAoB,EAAE,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;oBACjE,MAAM;gBACN,6FAA6F;gBACjG,KAAK,uCAAsB,CAAC,YAAY;oBACpC,IAAI,CAAC,eAAe,CAAC,oBAAoB,EAAE,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;oBACzE,MAAM;gBACV,KAAK,uCAAsB,CAAC,qBAAqB;oBAC7C,IAAI,CAAC,eAAe,CAAC,oBAAoB,EAAE,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;oBACvE,MAAM;gBACV,KAAK,uCAAsB,CAAC,OAAO;oBAC/B,IAAI,CAAC,eAAe,CAAC,oBAAoB,EAAE,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;oBACrE,MAAM;gBACV;oBACI,MAAM,IAAI,KAAK,CAAC,aAAa,oBAAoB,CAAC,OAAO,eAAe,CAAC,CAAC;aAC7E;QACL,CAAC,CAAA;IACL,CAAC,CAAA;IAED;;;;MAID;IAEC,+DAA+D;IAC/D,eAAe,GAAG,KAAK,EAAE,oBAA4C,EAAE,QAAa,EAAE,EAAE;QACpF,MAAM,eAAe,GAAmC;YACpD,SAAS,EAAE,oBAAoB,CAAC,SAAS;YACzC,OAAO,EAAE,oBAAoB,CAAC,OAAO;YACrC,OAAO,EAAE,QAAQ;SACpB,CAAA;QAED,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;IACvD,CAAC,CAAA;IAED,eAAe,GAAG,KAAK,IAAsB,EAAE;QAC3C,6CAA6C;QAE7C,IAAI,mBAAmB,GAAmB,IAAI,CAAC;QAC/C,MAAM,WAAW,GAAiB,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QAC1F,IAAI,WAAW,EAAE;YACb,mBAAmB,GAAG,WAAW,CAAC,aAAa,CAAC;YAChD,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;YACrD,IAAI,IAAI,CAAC,IAAI,EAAE;gBACX,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,uCAAuC,EAAE,CAAC,CAAC;aAC5F;YACD,IAAI,CAAC,WAAW,CAAC,uCAAuC,CAAC,CAAA;SAC5D;aAAM;YACH,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,cAAc,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,UAAU,CAAC;YAChH,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACjB,IAAI,IAAI,CAAC,IAAI,EAAE;gBACX,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,gBAAgB,EAAE,CAAC,CAAC;gBAClE,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;aACxD;YACD,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC;YACpC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YACtB,IAAI;gBACA,MAAM,OAAO,GAAuB;oBAChC,MAAM,EAAE,MAAM;oBACd,GAAG,EAAE,GAAG;oBACR,IAAI,EAAE;wBACF,CAAC,8BAAmB,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,SAAS;wBACxD,CAAC,8BAAmB,CAAC,KAAK,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK;wBAChD,CAAC,8BAAmB,CAAC,YAAY,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY;wBAC9D,CAAC,8BAAmB,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ;qBACzD;oBACD,eAAe,EAAE,IAAI;oBACrB,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,OAAO;iBACjC,CAAA;gBACD,KAAK,CAAC,4CAA4C,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBACtF,IAAI,qBAAM,EAAE;oBACR,OAAO,CAAC,UAAU,GAAE,IAAI,CAAC,WAAW,CAAA;iBACvC;gBACD,MAAM,MAAM,GAAG,MAAM,IAAA,eAAK,EAAC,OAAO,CAAC,CAAC;gBACpC,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,+BAAW,CAAC,EAAE,EAAE;oBACvC,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC;oBACzC,MAAM,cAAc,GAAiB;wBACjC,aAAa,EAAE,mBAAmB;qBACrC,CAAA;oBAED,IAAI,qBAAM,EAAE;wBACR,cAAc,CAAC,YAAY,GAAG,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;qBAC9D;oBAED,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,cAAc,CAAC,CAAC;oBACxE,OAAO,CAAC,GAAG,CAAC,2CAA2C,CAAC,CAAC;iBAC5D;qBAAM;oBACH,wBAAwB;oBACxB,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;oBACpD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;iBAC5C;aACJ;YAAC,OAAO,KAAK,EAAE;gBACZ,wBAAwB;gBACxB,OAAO,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;gBAClE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;aACtC;SACJ;QAED,yCAAyC;QACzC,IAAI,mBAAmB,KAAK,IAAI,EAAE;YAC9B,IAAI,CAAC,wBAAwB,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAC5D,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;YACrC,OAAO,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;SACrC;aAAM;YACH,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;YACpC,OAAO,KAAK,CAAC;SAChB;IACL,CAAC,CAAA;IAED,UAAU,GAAG,KAAK,IAAyB,EAAE;QACzC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAE7B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;UA8CE;QAEF,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE,CAAC;QAChD,MAAM,aAAa,GAAG,CAAE,6CAA4B,CAAC,IAAI,CAAE,CAAA;QAC3D,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC;QAChD,MAAM,aAAa,GAAG,6CAA4B,CAAC,KAAK,CAAA;QACxD,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAA;QACjC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE,CAAC;QAChD,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE,CAAC;QACxD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;QACvE,MAAM,qBAAqB,GAAG,MAAM,CAAC;QACrC,wCAAwC;QAExC,MAAM,gBAAgB,GAAsB;YACxC,SAAS;YACT,KAAK;YACL,aAAa;YACb,YAAY;YACZ,aAAa;YACb,KAAK;YACL,KAAK;YACL,cAAc;YACd,qBAAqB;SACxB,CAAA;QAED,MAAM,0BAA0B,GAAG,EAAE,GAAG,gBAAgB,EAAE,CAAC;QAE3D,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,iBAAiB,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,gBAAgB,GAAG,IAAI,CAAC,QAAQ,CAAC,YAAY,IAAI,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAEnM,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEjB,oDAAoD;QACpD,gBAAgB,CAAC,aAAa,GAAG,aAAa,CAAC,CAAC,gEAAgE;QAEhH,OAAO,CAAC,GAAG,CAAC,gCAAgC,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;QAEjF,OAAO;YACH,GAAG;YACH,gBAAgB;YAChB,0BAA0B;SAC7B,CAAA;QACD,8BAA8B;QAC9B,kEAAkE;QAClE,+BAA+B;IACnC,CAAC,CAAA;IAED,+DAA+D;IAC/D,eAAe,GAAG,KAAK,EAAE,OAAY,EAAoB,EAAE;QACvD,MAAM,SAAS,GAAiD,OAAO,CAAC,SAAS,CAAC;QAClF,MAAM,gBAAgB,GAAsB,OAAO,CAAC,gBAAgB,CAAA;QAEpE,KAAK,CAAC,iCAAiC,CAAC,OAAO,CAAC,CAAC;QACjD,iEAAiE;QACjE,KAAK,CAAC,gDAAgD,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE5F,IAAI,SAAS,CAAC,8BAAmB,CAAC,IAAI,CAAC,EAAE;YACrC,MAAM,QAAQ,GAAuB,SAA+B,CAAC;YAErE,OAAO,CAAC,GAAG,CAAC,6CAA6C,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;YAE9F,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC;YACrC,MAAM,qBAAqB,GAAG,gBAAgB,CAAC,KAAK,CAAC;YAErD,IAAI,qBAAqB,CAAC,aAAa,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE;gBAC1D,OAAO,CAAC,GAAG,CAAC,+FAA+F,CAAC,CAAC,CAAC,QAAQ;gBAEtH,OAAO,MAAM,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAC;aAC3D;iBAAM;gBACH,OAAO,CAAC,GAAG,CAAC,qGAAqG,CAAC,CAAC,CAAC,MAAM;gBAC1H,OAAO,CAAC,GAAG,CAAC,2BAA2B,qBAAqB,GAAG,CAAC,CAAC,CAAC,MAAM;gBACxE,OAAO,CAAC,GAAG,CAAC,mBAAmB,aAAa,GAAG,CAAC,CAAC,CAAC,MAAM;gBACxD,IAAI,CAAC,iBAAiB,CAAC,EAAC,OAAO,EAAE,kBAAkB,EAAC,CAAC,CAAC;gBACtD,OAAO,KAAK,CAAC;aAChB;SACJ;aAAM,IAAI,SAAS,CAAC,8BAAmB,CAAC,KAAK,CAAC,EAAE;YAC7C,iFAAiF;YACjF,kEAAkE;YAClE,+BAA+B;YAC/B,sDAAsD;YACtD,IAAI,CAAC,iBAAiB,CAAC,EAAC,OAAO,EAAE,kBAAkB,EAAC,CAAC,CAAC;YACtD,OAAO,KAAK,CAAC;SAChB;aAAM;YACH,gCAAgC;YAChC,yDAAyD;YACzD,gFAAgF;YAChF,IAAI,CAAC,iBAAiB,CAAC,EAAC,OAAO,EAAE,kBAAkB,EAAC,CAAC,CAAC;YACtD,OAAO,KAAK,CAAC;SAChB;IACL,CAAC,CAAA;IAED;;;;;;;;;;;;;;;;;;MAkBE;IAEF,oFAAoF;IACpF,mBAAmB,GAAG,KAAK,EAAE,+BAA0F,EAAoB,EAAE;QACzI,KAAK,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QAErC,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QAC3D,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,cAAc,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,QAAQ,CAAC;QAE9G,IAAI;YACA,MAAM,OAAO,GAAuB;gBAChC,MAAM,EAAE,MAAM;gBACd,GAAG,EAAE,GAAG;gBACR,IAAI,EAAE,+BAA+B;gBACrC,eAAe,EAAE,IAAI;gBACrB,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,OAAO;aACjC,CAAA;YACD,KAAK,CAAC,yCAAyC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACnF,IAAI,qBAAM,EAAE;gBACR,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC;aACzC;YACD,KAAK,CAAC,qCAAqC,CAAC,OAAO,CAAC,CAAC;YACrD,MAAM,MAAM,GAAG,MAAM,IAAA,eAAK,EAAC,OAAO,CAAC,CAAC;YACpC,KAAK,CAAC,gDAAgD,MAAM,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,CAAC;YAEhF,IAAI,MAAM,CAAC,MAAM,KAAK,+BAAW,CAAC,EAAE,EAAE;gBAClC,KAAK,CAAC,qCAAqC,CAAC,OAAO,CAAC,CAAC;gBACrD,MAAM,aAAa,GAAmB,MAAM,CAAC,IAAsB,CAAC;gBACpE,IAAI,CAAC,wBAAwB,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;gBACtD,MAAM,cAAc,GAAiB;oBACjC,aAAa,EAAE,aAAa;iBAC/B,CAAA;gBAED,IAAI,qBAAM,EAAE;oBACR,cAAc,CAAC,YAAY,GAAG,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;iBAC9D;gBAED,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,cAAc,CAAC,CAAC;gBACxE,OAAO,IAAI,CAAC;aACf;iBAAM,IAAI,MAAM,CAAC,MAAM,KAAK,+BAAW,CAAC,YAAY,EAAE;gBACnD,KAAK,CAAC,qDAAqD,MAAM,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,CAAC;gBAErF,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;gBAEpC,2EAA2E;gBAE3E,4BAA4B;gBAC5B,wBAAwB;gBACxB,OAAO,KAAK,CAAC;aAEhB;iBAAM;gBACH,gBAAgB;gBAChB,KAAK,CAAC,uEAAuE,MAAM,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,CAAC;gBACvG,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;gBACpC,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;gBACzC,+CAA+C;gBAC/C,OAAO,KAAK,CAAC;aAChB;SACJ;QAAC,OAAO,KAAK,EAAE;YACZ,KAAK,CAAC,uEAAuE,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC;YAC3F,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;YACpC,+CAA+C;YAC/C,OAAO,KAAK,CAAC;SAChB;IACL,CAAC,CAAA;IAED,oFAAoF;IACpF,SAAS,GAAG,KAAK,EAAE,gBAAmC,EAAE,iBAAqC,EAAoB,EAAE;QAC/G,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAE/B,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,IAAI,CAAC,CAAC;QAE9D,MAAM,+BAA+B,GAAqC;YACtE,SAAS,EAAE,IAAI,CAAC,QAAQ,CAAC,SAAS;YAClC,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK;YAC1B,IAAI,EAAE,iBAAiB,CAAC,IAAI;YAC5B,YAAY,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY;YACxC,UAAU,EAAE,gCAAe,CAAC,kBAAkB;YAC9C,aAAa,EAAE,gBAAgB,CAAC,aAAa;SAChD,CAAA;QAED,OAAO,MAAM,IAAI,CAAC,mBAAmB,CAAC,+BAA+B,CAAC,CAAC;IAC3E,CAAC,CAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;EAwBF;IAEE,aAAa,GAAG,KAAK,IAAsB,EAAE;QACzC,oFAAoF;QACpF,KAAK,CAAC,qCAAqC,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,WAAW,GAAiB,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QAC1F,IAAI,WAAW,EAAE;YACb,KAAK,CAAC,+CAA+C,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC1F,MAAM,kBAAkB,GAAG,WAAW,CAAC,aAAa,CAAC;YACrD,MAAM,qBAAqB,GAA2B;gBAClD,SAAS,EAAE,IAAI,CAAC,QAAQ,CAAC,SAAS;gBAClC,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK;gBAC1B,aAAa,EAAE,kBAAkB,CAAC,aAAa;gBAC/C,UAAU,EAAE,gCAAe,CAAC,aAAa;aAC5C,CAAA;YACD,OAAO,MAAM,IAAI,CAAC,mBAAmB,CAAC,qBAAqB,CAAC,CAAC;SAChE;aAAM;YACH,KAAK,CAAC,+EAA+E,CAAC,GAAG,CAAC,CAAC;YAC3F,aAAa;YACb,wCAAwC;YACxC,OAAO,KAAK,CAAC;SAChB;IACL,CAAC,CAAA;IAED,wBAAwB;IACxB,6BAA6B;IAC7B,gBAAgB;IAChB,wBAAwB;IACxB,8BAA8B;IAC9B,OAAO,GAAG,KAAK,IAAsB,EAAE;QACnC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACtB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,cAAc,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,SAAS,CAAC;QAC/G,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEjB,MAAM,WAAW,GAAiB,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QAC1F,IAAI,WAAW,EAAE;YACb,MAAM,kBAAkB,GAAmB,WAAW,CAAC,aAAa,CAAC;YACrE,MAAM,aAAa,GAAG,kBAAkB,CAAC,aAAa,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAE3B,MAAM,mBAAmB,GAAe,IAAA,oBAAU,EAAa,aAAa,CAAC,CAAC;YAC9E,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;YACjC,MAAM,SAAS,GAAG,mBAAmB,CAAC,WAAW,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAEvB,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YAC3D,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;YAEpC,IAAI;gBACA,MAAM,OAAO,GAAuB;oBAChC,MAAM,EAAE,MAAM;oBACd,GAAG,EAAE,GAAG;oBACR,IAAI,EAAE;wBACF,SAAS;qBACZ;oBACD,eAAe,EAAE,IAAI;oBACrB,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,OAAO;iBACjC,CAAA;gBACD,KAAK,CAAC,6BAA6B,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC;gBACvD,IAAI,qBAAM,EAAE;oBACR,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC;iBACzC;gBACD,MAAM,MAAM,GAAG,MAAM,IAAA,eAAK,EAAC,OAAO,CAAC,CAAC;gBACpC,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,+BAAW,CAAC,EAAE,EAAE;oBACvC,OAAO,IAAI,CAAC;iBACf;qBAAM;oBACH,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;oBACpD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;oBACzC,OAAO,KAAK,CAAC;iBAChB;aACJ;YAAC,OAAO,KAAK,EAAE;gBACZ,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;gBACpD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;gBACnC,OAAO,KAAK,CAAC;aAChB;SACJ;aAAM;YACH,OAAO,CAAC,GAAG,CAAC,sEAAsE,CAAC,CAAC;YACpF,OAAO,KAAK,CAAC;SAChB;IACL,CAAC,CAAA;CACJ;AA7mBD,0CA6mBC;AACD;;;;;;;;EAQE"}