@nuria-tech/auth-sdk 1.0.0 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/LICENSE +21 -21
  2. package/README.md +273 -270
  3. package/dist/index.cjs +52 -37
  4. package/dist/index.cjs.map +1 -1
  5. package/dist/index.d.cts +1 -0
  6. package/dist/index.d.ts +1 -0
  7. package/dist/index.js +52 -37
  8. package/dist/index.js.map +1 -1
  9. package/package.json +12 -12
package/dist/index.cjs CHANGED
@@ -70,20 +70,21 @@ var STORAGE_KEYS = {
70
70
  codeVerifier: "nuria:oauth:code_verifier"
71
71
  };
72
72
  function normalizeTokenSet(raw, now) {
73
- const accessToken = raw.access_token ?? raw.accessToken;
73
+ var _a, _b, _c, _d, _e, _f;
74
+ const accessToken = (_a = raw.access_token) != null ? _a : raw.accessToken;
74
75
  if (!accessToken || typeof accessToken !== "string") {
75
76
  throw new AuthError(
76
77
  "TOKEN_EXCHANGE_FAILED" /* TOKEN_EXCHANGE_FAILED */,
77
78
  "Missing access token in token response"
78
79
  );
79
80
  }
80
- const expiresIn = Number(raw.expires_in ?? raw.expiresIn ?? 0) || void 0;
81
+ const expiresIn = Number((_c = (_b = raw.expires_in) != null ? _b : raw.expiresIn) != null ? _c : 0) || void 0;
81
82
  return {
82
83
  accessToken,
83
- tokenType: raw.token_type ?? raw.tokenType,
84
+ tokenType: (_d = raw.token_type) != null ? _d : raw.tokenType,
84
85
  expiresIn,
85
- refreshToken: raw.refresh_token ?? raw.refreshToken,
86
- idToken: raw.id_token ?? raw.idToken,
86
+ refreshToken: (_e = raw.refresh_token) != null ? _e : raw.refreshToken,
87
+ idToken: (_f = raw.id_token) != null ? _f : raw.idToken,
87
88
  scope: raw.scope,
88
89
  expiresAt: expiresIn ? now() + expiresIn * 1e3 : void 0
89
90
  };
@@ -132,7 +133,7 @@ function timingSafeEqual(a, b) {
132
133
  function parseUrl(url) {
133
134
  try {
134
135
  return new URL(url);
135
- } catch {
136
+ } catch (e) {
136
137
  throw new AuthError("CALLBACK_ERROR" /* CALLBACK_ERROR */, "Invalid callback URL");
137
138
  }
138
139
  }
@@ -143,7 +144,8 @@ var MemoryStorageAdapter = class {
143
144
  this.store = /* @__PURE__ */ new Map();
144
145
  }
145
146
  get(key) {
146
- return this.store.get(key) ?? null;
147
+ var _a;
148
+ return (_a = this.store.get(key)) != null ? _a : null;
147
149
  }
148
150
  set(key, value) {
149
151
  this.store.set(key, value);
@@ -157,29 +159,32 @@ var MemoryStorageAdapter = class {
157
159
  var RETRYABLE_STATUS = /* @__PURE__ */ new Set([408, 425, 429, 500, 502, 503, 504]);
158
160
  var FetchAuthTransport = class {
159
161
  constructor(options = {}) {
160
- this.fetchFn = options.fetchFn ?? fetch;
162
+ var _a, _b, _c;
163
+ this.fetchFn = (_a = options.fetchFn) != null ? _a : fetch;
161
164
  this.timeoutMs = options.timeoutMs;
162
- this.retries = options.retries ?? 0;
163
- this.interceptors = options.interceptors ?? [];
165
+ this.retries = (_b = options.retries) != null ? _b : 0;
166
+ this.interceptors = (_c = options.interceptors) != null ? _c : [];
164
167
  }
165
168
  async request(url, req = {}) {
169
+ var _a, _b, _c, _d;
166
170
  let request = req;
167
171
  for (const i of this.interceptors) {
168
172
  if (i.onRequest) request = await i.onRequest(url, request);
169
173
  }
170
- const retries = request.retries ?? this.retries;
174
+ const retries = (_a = request.retries) != null ? _a : this.retries;
171
175
  let attempt = 0;
172
176
  while (true) {
173
177
  const controller = new AbortController();
174
- const timeout = request.timeoutMs ?? this.timeoutMs;
178
+ const timeout = (_b = request.timeoutMs) != null ? _b : this.timeoutMs;
175
179
  const timer = timeout ? setTimeout(() => controller.abort(), timeout) : void 0;
176
180
  try {
177
181
  const defaultContentType = typeof request.body === "string" ? "application/x-www-form-urlencoded" : "application/json";
178
182
  const res = await this.fetchFn(this.withQuery(url, request.query), {
179
- method: request.method ?? "GET",
183
+ method: (_c = request.method) != null ? _c : "GET",
184
+ credentials: request.credentials,
180
185
  headers: {
181
186
  "Content-Type": defaultContentType,
182
- ...request.headers ?? {}
187
+ ...(_d = request.headers) != null ? _d : {}
183
188
  },
184
189
  body: request.body !== void 0 ? typeof request.body === "string" ? request.body : JSON.stringify(request.body) : void 0,
185
190
  signal: controller.signal
@@ -226,7 +231,8 @@ var FetchAuthTransport = class {
226
231
  return parsed.toString();
227
232
  }
228
233
  async parseBody(res) {
229
- const contentType = res.headers.get("content-type") ?? "";
234
+ var _a;
235
+ const contentType = (_a = res.headers.get("content-type")) != null ? _a : "";
230
236
  if (contentType.includes("application/json")) {
231
237
  return await res.json();
232
238
  }
@@ -241,11 +247,13 @@ var DefaultAuthClient = class {
241
247
  this.session = null;
242
248
  this.refreshPromise = null;
243
249
  this.listeners = /* @__PURE__ */ new Set();
244
- this.storage = config.storage ?? new MemoryStorageAdapter();
245
- this.transport = config.transport ?? new FetchAuthTransport();
246
- this.now = config.now ?? (() => Date.now());
250
+ var _a, _b, _c;
251
+ this.storage = (_a = config.storage) != null ? _a : new MemoryStorageAdapter();
252
+ this.transport = (_b = config.transport) != null ? _b : new FetchAuthTransport();
253
+ this.now = (_c = config.now) != null ? _c : (() => Date.now());
247
254
  }
248
255
  async startLogin(options = {}) {
256
+ var _a, _b;
249
257
  const state = randomString(32);
250
258
  const codeVerifier = randomString(96);
251
259
  const codeChallenge = await createCodeChallenge(codeVerifier);
@@ -259,7 +267,7 @@ var DefaultAuthClient = class {
259
267
  code_challenge: codeChallenge,
260
268
  code_challenge_method: "S256"
261
269
  };
262
- const scope = options.scopes?.join(" ") ?? this.config.scope;
270
+ const scope = (_b = (_a = options.scopes) == null ? void 0 : _a.join(" ")) != null ? _b : this.config.scope;
263
271
  if (scope) params.scope = scope;
264
272
  if (options.loginHint) params.login_hint = options.loginHint;
265
273
  if (options.extraParams) {
@@ -292,7 +300,7 @@ var DefaultAuthClient = class {
292
300
  );
293
301
  }
294
302
  async handleRedirectCallback(callbackUrl) {
295
- const input = callbackUrl ?? (typeof window !== "undefined" ? window.location.href : "");
303
+ const input = callbackUrl != null ? callbackUrl : typeof window !== "undefined" ? window.location.href : "";
296
304
  if (!input) {
297
305
  throw new AuthError(
298
306
  "CALLBACK_ERROR" /* CALLBACK_ERROR */,
@@ -336,6 +344,7 @@ var DefaultAuthClient = class {
336
344
  return this.session;
337
345
  }
338
346
  async getAccessToken() {
347
+ var _a, _b;
339
348
  if (!this.session) {
340
349
  await this.hydrateSession();
341
350
  }
@@ -349,10 +358,10 @@ var DefaultAuthClient = class {
349
358
  }
350
359
  await this.refreshPromise;
351
360
  }
352
- return this.session?.tokens.accessToken ?? null;
361
+ return (_b = (_a = this.session) == null ? void 0 : _a.tokens.accessToken) != null ? _b : null;
353
362
  }
354
363
  async logout(options) {
355
- if (options?.returnTo) {
364
+ if (options == null ? void 0 : options.returnTo) {
356
365
  const returnTo = options.returnTo;
357
366
  if (returnTo.startsWith("//") || !/^https?:\/\//.test(returnTo)) {
358
367
  throw new AuthError(
@@ -368,7 +377,7 @@ var DefaultAuthClient = class {
368
377
  this.notify();
369
378
  if (this.config.logoutEndpoint) {
370
379
  const url = new URL(this.config.logoutEndpoint);
371
- if (options?.returnTo) {
380
+ if (options == null ? void 0 : options.returnTo) {
372
381
  url.searchParams.set("returnTo", options.returnTo);
373
382
  }
374
383
  const logoutUrl = url.toString();
@@ -380,7 +389,8 @@ var DefaultAuthClient = class {
380
389
  }
381
390
  }
382
391
  isAuthenticated() {
383
- return Boolean(this.session?.tokens.accessToken);
392
+ var _a;
393
+ return Boolean((_a = this.session) == null ? void 0 : _a.tokens.accessToken);
384
394
  }
385
395
  onAuthStateChanged(handler) {
386
396
  this.listeners.add(handler);
@@ -425,6 +435,7 @@ var DefaultAuthClient = class {
425
435
  this.config.tokenEndpoint,
426
436
  {
427
437
  method: "POST",
438
+ credentials: "include",
428
439
  body: body.toString()
429
440
  }
430
441
  );
@@ -433,22 +444,18 @@ var DefaultAuthClient = class {
433
444
  return this.createSession(tokens);
434
445
  }
435
446
  async doRefresh() {
436
- const refreshToken = this.session?.tokens.refreshToken;
437
- if (!refreshToken) {
438
- throw new AuthError(
439
- "REFRESH_FAILED" /* REFRESH_FAILED */,
440
- "No refresh token available"
441
- );
442
- }
447
+ var _a;
448
+ const refreshToken = (_a = this.session) == null ? void 0 : _a.tokens.refreshToken;
443
449
  const body = new URLSearchParams({
444
450
  grant_type: "refresh_token",
445
- refresh_token: refreshToken,
446
451
  client_id: this.config.clientId
447
452
  });
453
+ if (refreshToken) body.set("refresh_token", refreshToken);
448
454
  const response = await this.transport.request(
449
455
  this.config.tokenEndpoint,
450
456
  {
451
457
  method: "POST",
458
+ credentials: "include",
452
459
  body: body.toString()
453
460
  }
454
461
  );
@@ -456,8 +463,14 @@ var DefaultAuthClient = class {
456
463
  return this.createSession(tokens);
457
464
  }
458
465
  async createSession(tokens) {
466
+ var _a, _b;
467
+ const previousRefreshToken = (_a = this.session) == null ? void 0 : _a.tokens.refreshToken;
468
+ const mergedTokens = {
469
+ ...tokens,
470
+ refreshToken: (_b = tokens.refreshToken) != null ? _b : previousRefreshToken
471
+ };
459
472
  this.session = {
460
- tokens,
473
+ tokens: mergedTokens,
461
474
  createdAt: this.now()
462
475
  };
463
476
  await safeSet(
@@ -472,16 +485,17 @@ var DefaultAuthClient = class {
472
485
  this.listeners.forEach((handler) => handler(this.session));
473
486
  }
474
487
  async hydrateSession() {
488
+ var _a;
475
489
  const raw = await safeGet(this.storage, STORAGE_KEYS.session);
476
490
  if (!raw) return;
477
491
  try {
478
492
  const parsed = JSON.parse(raw);
479
- if (typeof parsed?.tokens?.accessToken !== "string") {
493
+ if (typeof ((_a = parsed == null ? void 0 : parsed.tokens) == null ? void 0 : _a.accessToken) !== "string") {
480
494
  await safeRemove(this.storage, STORAGE_KEYS.session);
481
495
  return;
482
496
  }
483
497
  this.session = parsed;
484
- } catch {
498
+ } catch (e) {
485
499
  await safeRemove(this.storage, STORAGE_KEYS.session);
486
500
  this.session = null;
487
501
  }
@@ -490,7 +504,7 @@ var DefaultAuthClient = class {
490
504
 
491
505
  // src/client/create-client.ts
492
506
  function createAuthClient(config) {
493
- if (!config?.clientId) {
507
+ if (!(config == null ? void 0 : config.clientId)) {
494
508
  throw new AuthError(
495
509
  "INVALID_CONFIG" /* INVALID_CONFIG */,
496
510
  "config.clientId is required"
@@ -551,9 +565,10 @@ var CookieStorageAdapter = class {
551
565
 
552
566
  // src/storage/browser-cookie-storage.ts
553
567
  var getCookieValue = (name) => {
568
+ var _a;
554
569
  if (typeof document === "undefined") return null;
555
570
  const result = document.cookie.match(`(^|;)\\s*${name}\\s*=\\s*([^;]+)`);
556
- return result ? result.pop() ?? null : null;
571
+ return result ? (_a = result.pop()) != null ? _a : null : null;
557
572
  };
558
573
  function createBrowserCookieStorage(options = {}) {
559
574
  const { domain, path = "/", sameSite = "strict", secure = true } = options;
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/errors/auth-error.ts","../src/core/pkce.ts","../src/core/utils.ts","../src/storage/memory-storage-adapter.ts","../src/transport/fetch-transport.ts","../src/client/nuria-auth-client.ts","../src/client/create-client.ts","../src/storage/web-storage-adapter.ts","../src/storage/cookie-storage-adapter.ts","../src/storage/browser-cookie-storage.ts"],"names":["AuthErrorCode"],"mappings":";;;AAAO,IAAK,aAAA,qBAAAA,cAAAA,KAAL;AACL,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,uBAAA,CAAA,GAAwB,uBAAA;AACxB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,cAAA,CAAA,GAAe,cAAA;AACf,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,YAAA,CAAA,GAAa,YAAA;AAVH,EAAA,OAAAA,cAAAA;AAAA,CAAA,EAAA,aAAA,IAAA,EAAA;AAaL,IAAM,SAAA,GAAN,cAAwB,KAAA,CAAM;AAAA,EACnC,WAAA,CACkB,IAAA,EAChB,OAAA,EACgB,KAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJG,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAEA,IAAA,IAAA,CAAA,KAAA,GAAA,KAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,WAAA;AAAA,EACd;AACF;;;ACtBA,IAAM,QAAA,GACJ,oEAAA;AAEF,SAAS,aAAA,GAAwB;AAC/B,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAe,UAAA,CAAW,MAAA,EAAQ;AAC1D,IAAA,OAAO,UAAA,CAAW,MAAA;AAAA,EACpB;AACA,EAAA,MAAM,IAAI,MAAM,4BAA4B,CAAA;AAC9C;AAEO,SAAS,YAAA,CAAa,SAAS,EAAA,EAAY;AAChD,EAAA,MAAM,SAAS,aAAA,EAAc;AAG7B,EAAA,MAAM,SAAA,GAAY,GAAA,GAAO,GAAA,GAAM,QAAA,CAAS,MAAA;AACxC,EAAA,MAAM,SAAmB,EAAC;AAC1B,EAAA,OAAO,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC7B,IAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,IAAA,CAAK,MAAM,MAAA,GAAS,MAAA,CAAO,MAAA,IAAU,GAAG,CAAC,CAAA;AACtE,IAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,IAAA,KAAA,MAAW,KAAK,KAAA,EAAO;AACrB,MAAA,IAAI,MAAA,CAAO,UAAU,MAAA,EAAQ;AAC7B,MAAA,IAAI,CAAA,GAAI,WAAW,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,GAAI,QAAA,CAAS,MAAM,CAAE,CAAA;AAAA,IAC/D;AAAA,EACF;AACA,EAAA,OAAO,MAAA,CAAO,KAAK,EAAE,CAAA;AACvB;AAEA,SAAS,YAAY,KAAA,EAAwC;AAC3D,EAAA,MAAM,MAAA,GAAS,KAAA,CAAM,IAAA,CAAK,KAAA,EAAO,CAAC,CAAA,KAAM,MAAA,CAAO,YAAA,CAAa,CAAC,CAAC,CAAA,CAAE,IAAA,CAAK,EAAE,CAAA;AACvE,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,EAAE,CAAA;AAC9E;AAEA,SAAS,gBAAgB,QAAA,EAA2C;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,QAAA,CAAS,MAAM,CAAA;AAC5C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,QAAA,CAAS,QAAQ,CAAA,EAAA,EAAK;AACxC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,QAAA,CAAS,UAAA,CAAW,CAAC,CAAA;AAAA,EAClC;AACA,EAAA,OAAO,KAAA;AACT;AAEA,eAAsB,oBAAoB,QAAA,EAAmC;AAC3E,EAAA,MAAM,SAAS,aAAA,EAAc;AAC7B,EAAA,MAAM,MAAA,GAAS,gBAAgB,QAAQ,CAAA;AACvC,EAAA,MAAM,SAAS,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,MAAM,CAAA;AAC3D,EAAA,OAAO,WAAA,CAAY,IAAI,UAAA,CAAW,MAAM,CAAC,CAAA;AAC3C;;;AC1CO,IAAM,YAAA,GAAe;AAAA,EAC1B,OAAA,EAAS,eAAA;AAAA,EACT,KAAA,EAAO,mBAAA;AAAA,EACP,YAAA,EAAc;AAChB,CAAA;AAEO,SAAS,iBAAA,CACd,KACA,GAAA,EACU;AACV,EAAA,MAAM,WAAA,GAAe,GAAA,CAAI,YAAA,IAAgB,GAAA,CAAI,WAAA;AAC7C,EAAA,IAAI,CAAC,WAAA,IAAe,OAAO,WAAA,KAAgB,QAAA,EAAU;AACnD,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,uBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,MAAM,YAAY,MAAA,CAAO,GAAA,CAAI,cAAc,GAAA,CAAI,SAAA,IAAa,CAAC,CAAA,IAAK,MAAA;AAClE,EAAA,OAAO;AAAA,IACL,WAAA;AAAA,IACA,SAAA,EAAY,GAAA,CAAI,UAAA,IAAc,GAAA,CAAI,SAAA;AAAA,IAClC,SAAA;AAAA,IACA,YAAA,EAAe,GAAA,CAAI,aAAA,IAAiB,GAAA,CAAI,YAAA;AAAA,IACxC,OAAA,EAAU,GAAA,CAAI,QAAA,IAAY,GAAA,CAAI,OAAA;AAAA,IAC9B,OAAO,GAAA,CAAI,KAAA;AAAA,IACX,SAAA,EAAW,SAAA,GAAY,GAAA,EAAI,GAAI,YAAY,GAAA,GAAO;AAAA,GACpD;AACF;AAEA,eAAsB,OAAA,CACpB,SACA,GAAA,EACwB;AACxB,EAAA,IAAI;AACF,IAAA,OAAO,MAAM,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAAA,EAC9B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,uBAAuB,GAAG,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,EACF;AACF;AAEA,eAAsB,OAAA,CACpB,OAAA,EACA,GAAA,EACA,KAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC9B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,uBAAuB,GAAG,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,EACF;AACF;AAEA,eAAsB,UAAA,CACpB,SACA,GAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,EAC1B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,wBAAwB,GAAG,CAAA,CAAA;AAAA,MAC3B;AAAA,KACF;AAAA,EACF;AACF;AAEO,SAAS,eAAA,CAAgB,GAAW,CAAA,EAAoB;AAC7D,EAAA,IAAI,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,EAAQ,OAAO,KAAA;AAClC,EAAA,IAAI,IAAA,GAAO,CAAA;AACX,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,CAAE,QAAQ,CAAA,EAAA,EAAK;AACjC,IAAA,IAAA,IAAQ,EAAE,UAAA,CAAW,CAAC,CAAA,GAAI,CAAA,CAAE,WAAW,CAAC,CAAA;AAAA,EAC1C;AACA,EAAA,OAAO,IAAA,KAAS,CAAA;AAClB;AAEO,SAAS,SAAS,GAAA,EAAkB;AACzC,EAAA,IAAI;AACF,IAAA,OAAO,IAAI,IAAI,GAAG,CAAA;AAAA,EACpB,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,iDAAwC,sBAAsB,CAAA;AAAA,EAC1E;AACF;;;AC3FO,IAAM,uBAAN,MAAqD;AAAA,EAArD,WAAA,GAAA;AACL,IAAA,IAAA,CAAQ,KAAA,uBAAY,GAAA,EAAoB;AAAA,EAAA;AAAA,EAExC,IAAI,GAAA,EAA4B;AAC9B,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,EAChC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC3B;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAA,CAAK,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,EACvB;AACF;;;ACDA,IAAM,gBAAA,mBAAmB,IAAI,GAAA,CAAI,CAAC,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAG,CAAC,CAAA;AAE7D,IAAM,qBAAN,MAAkD;AAAA,EAMvD,WAAA,CAAY,OAAA,GAAiC,EAAC,EAAG;AAC/C,IAAA,IAAA,CAAK,OAAA,GAAU,QAAQ,OAAA,IAAW,KAAA;AAClC,IAAA,IAAA,CAAK,YAAY,OAAA,CAAQ,SAAA;AACzB,IAAA,IAAA,CAAK,OAAA,GAAU,QAAQ,OAAA,IAAW,CAAA;AAClC,IAAA,IAAA,CAAK,YAAA,GAAe,OAAA,CAAQ,YAAA,IAAgB,EAAC;AAAA,EAC/C;AAAA,EAEA,MAAM,OAAA,CACJ,GAAA,EACA,GAAA,GAA4B,EAAC,EACM;AACnC,IAAA,IAAI,OAAA,GAAU,GAAA;AACd,IAAA,KAAA,MAAW,CAAA,IAAK,KAAK,YAAA,EAAc;AACjC,MAAA,IAAI,EAAE,SAAA,EAAW,OAAA,GAAU,MAAM,CAAA,CAAE,SAAA,CAAU,KAAK,OAAO,CAAA;AAAA,IAC3D;AAEA,IAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,OAAA,IAAW,IAAA,CAAK,OAAA;AACxC,IAAA,IAAI,OAAA,GAAU,CAAA;AACd,IAAA,OAAO,IAAA,EAAM;AACX,MAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,MAAA,MAAM,OAAA,GAAU,OAAA,CAAQ,SAAA,IAAa,IAAA,CAAK,SAAA;AAC1C,MAAA,MAAM,KAAA,GAAQ,UACV,UAAA,CAAW,MAAM,WAAW,KAAA,EAAM,EAAG,OAAO,CAAA,GAC5C,MAAA;AACJ,MAAA,IAAI;AACF,QAAA,MAAM,kBAAA,GACJ,OAAO,OAAA,CAAQ,IAAA,KAAS,WACpB,mCAAA,GACA,kBAAA;AACN,QAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,OAAA,CAAQ,KAAK,SAAA,CAAU,GAAA,EAAK,OAAA,CAAQ,KAAK,CAAA,EAAG;AAAA,UACjE,MAAA,EAAQ,QAAQ,MAAA,IAAU,KAAA;AAAA,UAC1B,OAAA,EAAS;AAAA,YACP,cAAA,EAAgB,kBAAA;AAAA,YAChB,GAAI,OAAA,CAAQ,OAAA,IAAW;AAAC,WAC1B;AAAA,UACA,IAAA,EACE,OAAA,CAAQ,IAAA,KAAS,KAAA,CAAA,GACb,OAAO,OAAA,CAAQ,IAAA,KAAS,QAAA,GACtB,OAAA,CAAQ,IAAA,GACR,IAAA,CAAK,SAAA,CAAU,OAAA,CAAQ,IAAI,CAAA,GAC7B,KAAA,CAAA;AAAA,UACN,QAAQ,UAAA,CAAW;AAAA,SACpB,CAAA;AACD,QAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAa,GAAG,CAAA;AACxC,QAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,UAAA,IAAI,UAAU,OAAA,IAAW,gBAAA,CAAiB,GAAA,CAAI,GAAA,CAAI,MAAM,CAAA,EAAG;AACzD,YAAA,OAAA,IAAW,CAAA;AACX,YAAA;AAAA,UACF;AACA,UAAA,MAAM,IAAI,SAAA,CAAA,YAAA,mBAAoC,CAAA,KAAA,EAAQ,GAAA,CAAI,MAAM,CAAA,CAAE,CAAA;AAAA,QACpE;AACA,QAAA,IAAI,GAAA,GAAgC;AAAA,UAClC,QAAQ,GAAA,CAAI,MAAA;AAAA,UACZ,IAAA;AAAA,UACA,SAAS,GAAA,CAAI;AAAA,SACf;AACA,QAAA,KAAA,MAAW,CAAA,IAAK,KAAK,YAAA,EAAc;AACjC,UAAA,IAAI,EAAE,UAAA,EAAY,GAAA,GAAM,MAAM,CAAA,CAAE,WAAW,GAAG,CAAA;AAAA,QAChD;AACA,QAAA,OAAO,GAAA;AAAA,MACT,SAAS,KAAA,EAAO;AACd,QAAA,IAAI,KAAA,YAAiB,WAAW,MAAM,KAAA;AACtC,QAAA,IAAI,UAAU,OAAA,EAAS;AACrB,UAAA,OAAA,IAAW,CAAA;AACX,UAAA;AAAA,QACF;AACA,QAAA,MAAM,IAAI,SAAA;AAAA,UAAA,eAAA;AAAA,UAER,wBAAA;AAAA,UACA;AAAA,SACF;AAAA,MACF,CAAA,SAAE;AACA,QAAA,IAAI,KAAA,eAAoB,KAAK,CAAA;AAAA,MAC/B;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,SAAA,CACN,KACA,KAAA,EACQ;AACR,IAAA,IAAI,CAAC,OAAO,OAAO,GAAA;AACnB,IAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,MAAA,CAAO,OAAA,CAAQ,KAAK,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM;AACxC,MAAA,IAAI,MAAM,MAAA,EAAW,MAAA,CAAO,YAAA,CAAa,GAAA,CAAI,GAAG,CAAC,CAAA;AAAA,IACnD,CAAC,CAAA;AACD,IAAA,OAAO,OAAO,QAAA,EAAS;AAAA,EACzB;AAAA,EAEA,MAAc,UAAa,GAAA,EAA2B;AACpD,IAAA,MAAM,WAAA,GAAc,GAAA,CAAI,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA,IAAK,EAAA;AACvD,IAAA,IAAI,WAAA,CAAY,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAC5C,MAAA,OAAQ,MAAM,IAAI,IAAA,EAAK;AAAA,IACzB;AACA,IAAA,OAAQ,MAAM,IAAI,IAAA,EAAK;AAAA,EACzB;AACF;;;ACjGO,IAAM,oBAAN,MAA8C;AAAA,EAQnD,YAA6B,MAAA,EAAoB;AAApB,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAP7B,IAAA,IAAA,CAAQ,OAAA,GAA0B,IAAA;AAClC,IAAA,IAAA,CAAQ,cAAA,GAA0C,IAAA;AAClD,IAAA,IAAA,CAAiB,SAAA,uBAAgB,GAAA,EAAuC;AAMtE,IAAA,IAAA,CAAK,OAAA,GAAU,MAAA,CAAO,OAAA,IAAW,IAAI,oBAAA,EAAqB;AAC1D,IAAA,IAAA,CAAK,SAAA,GAAY,MAAA,CAAO,SAAA,IAAa,IAAI,kBAAA,EAAmB;AAC5D,IAAA,IAAA,CAAK,GAAA,GAAM,MAAA,CAAO,GAAA,KAAQ,MAAM,KAAK,GAAA,EAAI,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,UAAA,CAAW,OAAA,GAA6B,EAAC,EAAkB;AAC/D,IAAA,MAAM,KAAA,GAAQ,aAAa,EAAE,CAAA;AAC7B,IAAA,MAAM,YAAA,GAAe,aAAa,EAAE,CAAA;AACpC,IAAA,MAAM,aAAA,GAAgB,MAAM,mBAAA,CAAoB,YAAY,CAAA;AAE5D,IAAA,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,KAAK,CAAA;AACrD,IAAA,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,cAAc,YAAY,CAAA;AAEnE,IAAA,MAAM,MAAA,GAAiC;AAAA,MACrC,aAAA,EAAe,MAAA;AAAA,MACf,SAAA,EAAW,KAAK,MAAA,CAAO,QAAA;AAAA,MACvB,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,MAC1B,KAAA;AAAA,MACA,cAAA,EAAgB,aAAA;AAAA,MAChB,qBAAA,EAAuB;AAAA,KACzB;AAEA,IAAA,MAAM,QAAQ,OAAA,CAAQ,MAAA,EAAQ,KAAK,GAAG,CAAA,IAAK,KAAK,MAAA,CAAO,KAAA;AACvD,IAAA,IAAI,KAAA,SAAc,KAAA,GAAQ,KAAA;AAC1B,IAAA,IAAI,OAAA,CAAQ,SAAA,EAAW,MAAA,CAAO,UAAA,GAAa,OAAA,CAAQ,SAAA;AACnD,IAAA,IAAI,QAAQ,WAAA,EAAa;AACvB,MAAA,MAAM,QAAA,uBAAe,GAAA,CAAI;AAAA,QACvB,eAAA;AAAA,QACA,WAAA;AAAA,QACA,cAAA;AAAA,QACA,OAAA;AAAA,QACA,gBAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,KAAA,MAAW,CAAC,GAAG,CAAC,CAAA,IAAK,OAAO,OAAA,CAAQ,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxD,QAAA,IAAI,CAAC,QAAA,CAAS,GAAA,CAAI,CAAC,CAAA,EAAG,MAAA,CAAO,CAAC,CAAA,GAAI,CAAA;AAAA,MACpC;AAAA,IACF;AAEA,IAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,IAAA,CAAK,OAAO,qBAAqB,CAAA;AACrD,IAAA,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,CAAA,EAAG,CAAC,CAAC,CAAA;AACrE,IAAA,MAAM,WAAA,GAAc,IAAI,QAAA,EAAS;AAEjC,IAAA,IAAI,IAAA,CAAK,OAAO,UAAA,EAAY;AAC1B,MAAA,MAAM,IAAA,CAAK,MAAA,CAAO,UAAA,CAAW,WAAW,CAAA;AACxC,MAAA;AAAA,IACF;AACA,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,MAAA,MAAA,CAAO,QAAA,CAAS,OAAO,WAAW,CAAA;AAClC,MAAA;AAAA,IACF;AACA,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AAAA,EAEA,MAAM,uBAAuB,WAAA,EAAwC;AACnE,IAAA,MAAM,QACJ,WAAA,KACC,OAAO,WAAW,WAAA,GAAc,MAAA,CAAO,SAAS,IAAA,GAAO,EAAA,CAAA;AAC1D,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,GAAA,GAAM,SAAS,KAAK,CAAA;AAC1B,IAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAO,CAAA;AAC1C,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,IAAA,GAAO,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,mBAAmB,CAAA;AACrD,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER,OACI,CAAA,qBAAA,EAAwB,KAAK,WAAM,IAAI,CAAA,CAAA,GACvC,wBAAwB,KAAK,CAAA;AAAA,OACnC;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,MAAM,CAAA;AACxC,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,cAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAO,CAAA;AAC1C,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,eAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,cAAc,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,KAAK,CAAA;AAClE,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,eAAA,CAAgB,WAAA,EAAa,KAAK,CAAA,EAAG;AACxD,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,KAAK,CAAA;AACjD,IAAA,OAAO,IAAA,CAAK,aAAa,IAAI,CAAA;AAAA,EAC/B;AAAA,EAEA,UAAA,GAA6B;AAC3B,IAAA,OAAO,IAAA,CAAK,OAAA;AAAA,EACd;AAAA,EAEA,MAAM,cAAA,GAAyC;AAC7C,IAAA,IAAI,CAAC,KAAK,OAAA,EAAS;AACjB,MAAA,MAAM,KAAK,cAAA,EAAe;AAAA,IAC5B;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,OAAA,EAAS,OAAO,IAAA;AAC1B,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,SAAA;AAChC,IAAA,IAAI,OAAO,GAAA,IAAO,IAAA,CAAK,KAAI,IAAK,IAAA,CAAK,OAAO,kBAAA,EAAoB;AAC9D,MAAA,IAAI,CAAC,KAAK,cAAA,EAAgB;AACxB,QAAA,IAAA,CAAK,cAAA,GAAiB,IAAA,CAAK,SAAA,EAAU,CAAE,QAAQ,MAAM;AACnD,UAAA,IAAA,CAAK,cAAA,GAAiB,IAAA;AAAA,QACxB,CAAC,CAAA;AAAA,MACH;AACA,MAAA,MAAM,IAAA,CAAK,cAAA;AAAA,IACb;AACA,IAAA,OAAO,IAAA,CAAK,OAAA,EAAS,MAAA,CAAO,WAAA,IAAe,IAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,OAAO,OAAA,EAAgD;AAC3D,IAAA,IAAI,SAAS,QAAA,EAAU;AACrB,MAAA,MAAM,WAAW,OAAA,CAAQ,QAAA;AACzB,MAAA,IAAI,QAAA,CAAS,WAAW,IAAI,CAAA,IAAK,CAAC,cAAA,CAAe,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC/D,QAAA,MAAM,IAAI,SAAA;AAAA,UAAA,gBAAA;AAAA,UAER;AAAA,SACF;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,OAAA,GAAU,IAAA;AACf,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,KAAK,CAAA;AACjD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,YAAY,CAAA;AACxD,IAAA,IAAA,CAAK,MAAA,EAAO;AAEZ,IAAA,IAAI,IAAA,CAAK,OAAO,cAAA,EAAgB;AAC9B,MAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,IAAA,CAAK,OAAO,cAAc,CAAA;AAC9C,MAAA,IAAI,SAAS,QAAA,EAAU;AACrB,QAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,UAAA,EAAY,OAAA,CAAQ,QAAQ,CAAA;AAAA,MACnD;AACA,MAAA,MAAM,SAAA,GAAY,IAAI,QAAA,EAAS;AAC/B,MAAA,IAAI,IAAA,CAAK,OAAO,UAAA,EAAY;AAC1B,QAAA,MAAM,IAAA,CAAK,MAAA,CAAO,UAAA,CAAW,SAAS,CAAA;AAAA,MACxC,CAAA,MAAA,IAAW,OAAO,MAAA,KAAW,WAAA,EAAa;AACxC,QAAA,MAAA,CAAO,QAAA,CAAS,OAAO,SAAS,CAAA;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,eAAA,GAA2B;AACzB,IAAA,OAAO,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,MAAA,CAAO,WAAW,CAAA;AAAA,EACjD;AAAA,EAEA,mBAAmB,OAAA,EAAwD;AACzE,IAAA,IAAA,CAAK,SAAA,CAAU,IAAI,OAAO,CAAA;AAC1B,IAAA,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO,OAAO,CAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,WAAA,GAAgD;AACpD,IAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,EAAe;AAC9C,IAAA,IAAI,CAAC,WAAA,EAAa;AAChB,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,gBAAA,EAAkB;AACjC,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AACA,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,gBAAA;AAAA,MACZ,EAAE,OAAA,EAAS,EAAE,eAAe,CAAA,OAAA,EAAU,WAAW,IAAG;AAAE,KACxD;AACA,IAAA,OAAO,QAAA,CAAS,IAAA;AAAA,EAClB;AAAA,EAEA,MAAc,aAAa,IAAA,EAAgC;AACzD,IAAA,MAAM,WAAW,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,YAAY,CAAA;AACtE,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,uBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,oBAAA;AAAA,MACZ,IAAA;AAAA,MACA,aAAA,EAAe,QAAA;AAAA,MACf,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,MAC1B,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,KACxB,CAAA;AAED,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,aAAA;AAAA,MACZ;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,KAAK,QAAA;AAAS;AACtB,KACF;AACA,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,QAAA,CAAS,IAAA,EAAM,KAAK,GAAG,CAAA;AACxD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,YAAY,CAAA;AACxD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEA,MAAc,SAAA,GAA8B;AAC1C,IAAA,MAAM,YAAA,GAAe,IAAA,CAAK,OAAA,EAAS,MAAA,CAAO,YAAA;AAC1C,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,eAAA;AAAA,MACZ,aAAA,EAAe,YAAA;AAAA,MACf,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,KACxB,CAAA;AAED,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,aAAA;AAAA,MACZ;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,KAAK,QAAA;AAAS;AACtB,KACF;AACA,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,QAAA,CAAS,IAAA,EAAM,KAAK,GAAG,CAAA;AACxD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEA,MAAc,cAAc,MAAA,EAAoC;AAC9D,IAAA,IAAA,CAAK,OAAA,GAAU;AAAA,MACb,MAAA;AAAA,MACA,SAAA,EAAW,KAAK,GAAA;AAAI,KACtB;AACA,IAAA,MAAM,OAAA;AAAA,MACJ,IAAA,CAAK,OAAA;AAAA,MACL,YAAA,CAAa,OAAA;AAAA,MACb,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,OAAO;AAAA,KAC7B;AACA,IAAA,IAAA,CAAK,MAAA,EAAO;AACZ,IAAA,OAAO,IAAA,CAAK,OAAA;AAAA,EACd;AAAA,EAEQ,MAAA,GAAe;AACrB,IAAA,IAAA,CAAK,UAAU,OAAA,CAAQ,CAAC,YAAY,OAAA,CAAQ,IAAA,CAAK,OAAO,CAAC,CAAA;AAAA,EAC3D;AAAA,EAEA,MAAc,cAAA,GAAgC;AAC5C,IAAA,MAAM,MAAM,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,OAAO,CAAA;AAC5D,IAAA,IAAI,CAAC,GAAA,EAAK;AACV,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAC7B,MAAA,IAAI,OAAO,MAAA,EAAQ,MAAA,EAAQ,WAAA,KAAgB,QAAA,EAAU;AACnD,QAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,QAAA;AAAA,MACF;AACA,MAAA,IAAA,CAAK,OAAA,GAAU,MAAA;AAAA,IACjB,CAAA,CAAA,MAAQ;AACN,MAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,MAAA,IAAA,CAAK,OAAA,GAAU,IAAA;AAAA,IACjB;AAAA,EACF;AACF,CAAA;;;ACjTO,SAAS,iBAAiB,MAAA,EAAgC;AAC/D,EAAA,IAAI,CAAC,QAAQ,QAAA,EAAU;AACrB,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,CAAC,OAAO,qBAAA,EAAuB;AACjC,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,CAAC,OAAO,aAAA,EAAe;AACzB,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,CAAC,OAAO,WAAA,EAAa;AACvB,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,OAAO,IAAI,kBAAkB,MAAM,CAAA;AACrC;;;AC5BO,IAAM,oBAAN,MAAkD;AAAA,EACvD,YACmB,OAAA,EAIjB;AAJiB,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAAA,EAIhB;AAAA,EAEH,IAAI,GAAA,EAA4B;AAC9B,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAAA,EACjC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,EACjC;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAA,CAAK,OAAA,CAAQ,WAAW,GAAG,CAAA;AAAA,EAC7B;AACF;;;ACbO,IAAM,uBAAN,MAAqD;AAAA,EAC1D,YAA6B,SAAA,EAAmC;AAAnC,IAAA,IAAA,CAAA,SAAA,GAAA,SAAA;AAAA,EAAoC;AAAA,EAEjE,MAAM,IAAI,GAAA,EAAqC;AAC7C,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,SAAA,CAAU,GAAG,CAAA;AAAA,EACrC;AAAA,EAEA,MAAM,GAAA,CAAI,GAAA,EAAa,KAAA,EAA8B;AACnD,IAAA,MAAM,IAAA,CAAK,SAAA,CAAU,SAAA,CAAU,GAAA,EAAK,KAAK,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,OAAO,GAAA,EAA4B;AACvC,IAAA,MAAM,IAAA,CAAK,SAAA,CAAU,YAAA,CAAa,GAAG,CAAA;AAAA,EACvC;AACF;;;ACbA,IAAM,cAAA,GAAiB,CAAC,IAAA,KAAgC;AACtD,EAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAC5C,EAAA,MAAM,SAAS,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,CAAA,SAAA,EAAY,IAAI,CAAA,gBAAA,CAAkB,CAAA;AACvE,EAAA,OAAO,MAAA,GAAU,MAAA,CAAO,GAAA,EAAI,IAAK,IAAA,GAAQ,IAAA;AAC3C,CAAA;AAEO,SAAS,0BAAA,CACd,OAAA,GAAuC,EAAC,EACxB;AAChB,EAAA,MAAM,EAAE,QAAQ,IAAA,GAAO,GAAA,EAAK,WAAW,QAAA,EAAU,MAAA,GAAS,MAAK,GAAI,OAAA;AAEnE,EAAA,MAAM,GAAA,GAAM,CAAC,GAAA,KAA+B;AAC1C,IAAA,OAAO,eAAe,GAAG,CAAA;AAAA,EAC3B,CAAA;AAEA,EAAA,MAAM,GAAA,GAAM,CAAC,GAAA,EAAa,KAAA,KAAwB;AAChD,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,IAAI,MAAA,GAAS,CAAA,EAAG,GAAG,CAAA,CAAA,EAAI,KAAK,CAAA,CAAA;AAC5B,IAAA,IAAI,IAAA,EAAM,MAAA,IAAU,CAAA,OAAA,EAAU,IAAI,CAAA,CAAA;AAClC,IAAA,IAAI,MAAA,EAAQ,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AACxC,IAAA,IAAI,QAAA,EAAU,MAAA,IAAU,CAAA,WAAA,EAAc,QAAQ,CAAA,CAAA;AAC9C,IAAA,IAAI,QAAQ,MAAA,IAAU,CAAA,QAAA,CAAA;AACtB,IAAA,QAAA,CAAS,MAAA,GAAS,MAAA;AAAA,EACpB,CAAA;AAEA,EAAA,MAAM,MAAA,GAAS,CAAC,GAAA,KAAsB;AACpC,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,IAAI,MAAA,GAAS,GAAG,GAAG,CAAA,wCAAA,CAAA;AACnB,IAAA,IAAI,IAAA,EAAM,MAAA,IAAU,CAAA,OAAA,EAAU,IAAI,CAAA,CAAA;AAClC,IAAA,IAAI,MAAA,EAAQ,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AACxC,IAAA,QAAA,CAAS,MAAA,GAAS,MAAA;AAAA,EACpB,CAAA;AAEA,EAAA,OAAO,EAAE,GAAA,EAAK,GAAA,EAAK,MAAA,EAAO;AAC5B","file":"index.cjs","sourcesContent":["export enum AuthErrorCode {\n INVALID_CONFIG = 'INVALID_CONFIG',\n STATE_MISMATCH = 'STATE_MISMATCH',\n CALLBACK_ERROR = 'CALLBACK_ERROR',\n TOKEN_EXCHANGE_FAILED = 'TOKEN_EXCHANGE_FAILED',\n REFRESH_FAILED = 'REFRESH_FAILED',\n STORAGE_ERROR = 'STORAGE_ERROR',\n MISSING_CODE = 'MISSING_CODE',\n MISSING_STATE = 'MISSING_STATE',\n NETWORK_ERROR = 'NETWORK_ERROR',\n HTTP_ERROR = 'HTTP_ERROR',\n}\n\nexport class AuthError extends Error {\n constructor(\n public readonly code: AuthErrorCode,\n message: string,\n public readonly cause?: unknown,\n ) {\n super(message);\n this.name = 'AuthError';\n }\n}\n","const ALPHABET =\n 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~';\n\nfunction getCryptoImpl(): Crypto {\n if (typeof globalThis !== 'undefined' && globalThis.crypto) {\n return globalThis.crypto;\n }\n throw new Error('Web Crypto API unavailable');\n}\n\nexport function randomString(length = 64): string {\n const crypto = getCryptoImpl();\n // Rejection sampling: discard bytes >= threshold to eliminate modulo bias.\n // ALPHABET.length = 66; threshold = 256 - (256 % 66) = 204\n const THRESHOLD = 256 - (256 % ALPHABET.length);\n const result: string[] = [];\n while (result.length < length) {\n const bytes = new Uint8Array(Math.ceil((length - result.length) * 1.4));\n crypto.getRandomValues(bytes);\n for (const b of bytes) {\n if (result.length >= length) break;\n if (b < THRESHOLD) result.push(ALPHABET[b % ALPHABET.length]!);\n }\n }\n return result.join('');\n}\n\nfunction toBase64Url(bytes: Uint8Array<ArrayBuffer>): string {\n const binary = Array.from(bytes, (b) => String.fromCharCode(b)).join('');\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=/g, '');\n}\n\nfunction verifierToBytes(verifier: string): Uint8Array<ArrayBuffer> {\n const bytes = new Uint8Array(verifier.length);\n for (let i = 0; i < verifier.length; i++) {\n bytes[i] = verifier.charCodeAt(i);\n }\n return bytes;\n}\n\nexport async function createCodeChallenge(verifier: string): Promise<string> {\n const crypto = getCryptoImpl();\n const buffer = verifierToBytes(verifier);\n const digest = await crypto.subtle.digest('SHA-256', buffer);\n return toBase64Url(new Uint8Array(digest));\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type { StorageAdapter, TokenSet } from './types';\n\nexport const STORAGE_KEYS = {\n session: 'nuria:session',\n state: 'nuria:oauth:state',\n codeVerifier: 'nuria:oauth:code_verifier',\n};\n\nexport function normalizeTokenSet(\n raw: Record<string, unknown>,\n now: () => number,\n): TokenSet {\n const accessToken = (raw.access_token ?? raw.accessToken) as string;\n if (!accessToken || typeof accessToken !== 'string') {\n throw new AuthError(\n AuthErrorCode.TOKEN_EXCHANGE_FAILED,\n 'Missing access token in token response',\n );\n }\n const expiresIn = Number(raw.expires_in ?? raw.expiresIn ?? 0) || undefined;\n return {\n accessToken,\n tokenType: (raw.token_type ?? raw.tokenType) as string | undefined,\n expiresIn,\n refreshToken: (raw.refresh_token ?? raw.refreshToken) as string | undefined,\n idToken: (raw.id_token ?? raw.idToken) as string | undefined,\n scope: raw.scope as string | undefined,\n expiresAt: expiresIn ? now() + expiresIn * 1000 : undefined,\n };\n}\n\nexport async function safeGet(\n storage: StorageAdapter,\n key: string,\n): Promise<string | null> {\n try {\n return await storage.get(key);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed reading key: ${key}`,\n cause,\n );\n }\n}\n\nexport async function safeSet(\n storage: StorageAdapter,\n key: string,\n value: string,\n): Promise<void> {\n try {\n await storage.set(key, value);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed writing key: ${key}`,\n cause,\n );\n }\n}\n\nexport async function safeRemove(\n storage: StorageAdapter,\n key: string,\n): Promise<void> {\n try {\n await storage.remove(key);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed removing key: ${key}`,\n cause,\n );\n }\n}\n\nexport function timingSafeEqual(a: string, b: string): boolean {\n if (a.length !== b.length) return false;\n let diff = 0;\n for (let i = 0; i < a.length; i++) {\n diff |= a.charCodeAt(i) ^ b.charCodeAt(i);\n }\n return diff === 0;\n}\n\nexport function parseUrl(url: string): URL {\n try {\n return new URL(url);\n } catch {\n throw new AuthError(AuthErrorCode.CALLBACK_ERROR, 'Invalid callback URL');\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport class MemoryStorageAdapter implements StorageAdapter {\n private store = new Map<string, string>();\n\n get(key: string): string | null {\n return this.store.get(key) ?? null;\n }\n\n set(key: string, value: string): void {\n this.store.set(key, value);\n }\n\n remove(key: string): void {\n this.store.delete(key);\n }\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type {\n AuthTransport,\n AuthTransportRequest,\n AuthTransportResponse,\n TransportInterceptor,\n} from '../core/types';\n\nexport interface FetchTransportOptions {\n fetchFn?: typeof fetch;\n timeoutMs?: number;\n retries?: number;\n interceptors?: TransportInterceptor[];\n}\n\nconst RETRYABLE_STATUS = new Set([408, 425, 429, 500, 502, 503, 504]);\n\nexport class FetchAuthTransport implements AuthTransport {\n private readonly fetchFn: typeof fetch;\n private readonly timeoutMs?: number;\n private readonly retries: number;\n private readonly interceptors: TransportInterceptor[];\n\n constructor(options: FetchTransportOptions = {}) {\n this.fetchFn = options.fetchFn ?? fetch;\n this.timeoutMs = options.timeoutMs;\n this.retries = options.retries ?? 0;\n this.interceptors = options.interceptors ?? [];\n }\n\n async request<T = unknown>(\n url: string,\n req: AuthTransportRequest = {},\n ): Promise<AuthTransportResponse<T>> {\n let request = req;\n for (const i of this.interceptors) {\n if (i.onRequest) request = await i.onRequest(url, request);\n }\n\n const retries = request.retries ?? this.retries;\n let attempt = 0;\n while (true) {\n const controller = new AbortController();\n const timeout = request.timeoutMs ?? this.timeoutMs;\n const timer = timeout\n ? setTimeout(() => controller.abort(), timeout)\n : undefined;\n try {\n const defaultContentType =\n typeof request.body === 'string'\n ? 'application/x-www-form-urlencoded'\n : 'application/json';\n const res = await this.fetchFn(this.withQuery(url, request.query), {\n method: request.method ?? 'GET',\n headers: {\n 'Content-Type': defaultContentType,\n ...(request.headers ?? {}),\n },\n body:\n request.body !== undefined\n ? typeof request.body === 'string'\n ? request.body\n : JSON.stringify(request.body)\n : undefined,\n signal: controller.signal,\n });\n const data = await this.parseBody<T>(res);\n if (!res.ok) {\n if (attempt < retries && RETRYABLE_STATUS.has(res.status)) {\n attempt += 1;\n continue;\n }\n throw new AuthError(AuthErrorCode.HTTP_ERROR, `HTTP ${res.status}`);\n }\n let out: AuthTransportResponse<T> = {\n status: res.status,\n data,\n headers: res.headers,\n };\n for (const i of this.interceptors) {\n if (i.onResponse) out = await i.onResponse(out);\n }\n return out;\n } catch (cause) {\n if (cause instanceof AuthError) throw cause;\n if (attempt < retries) {\n attempt += 1;\n continue;\n }\n throw new AuthError(\n AuthErrorCode.NETWORK_ERROR,\n 'Network request failed',\n cause,\n );\n } finally {\n if (timer) clearTimeout(timer);\n }\n }\n }\n\n private withQuery(\n url: string,\n query?: Record<string, string | undefined>,\n ): string {\n if (!query) return url;\n const parsed = new URL(url);\n Object.entries(query).forEach(([k, v]) => {\n if (v !== undefined) parsed.searchParams.set(k, v);\n });\n return parsed.toString();\n }\n\n private async parseBody<T>(res: Response): Promise<T> {\n const contentType = res.headers.get('content-type') ?? '';\n if (contentType.includes('application/json')) {\n return (await res.json()) as T;\n }\n return (await res.text()) as unknown as T;\n }\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport { createCodeChallenge, randomString } from '../core/pkce';\nimport {\n normalizeTokenSet,\n parseUrl,\n safeGet,\n safeRemove,\n safeSet,\n timingSafeEqual,\n STORAGE_KEYS,\n} from '../core/utils';\nimport type {\n AuthClient,\n AuthConfig,\n Session,\n StartLoginOptions,\n TokenSet,\n AuthTransport,\n} from '../core/types';\nimport { MemoryStorageAdapter } from '../storage/memory-storage-adapter';\nimport { FetchAuthTransport } from '../transport/fetch-transport';\n\nexport class DefaultAuthClient implements AuthClient {\n private session: Session | null = null;\n private refreshPromise: Promise<Session> | null = null;\n private readonly listeners = new Set<(session: Session | null) => void>();\n private readonly storage;\n private readonly transport: AuthTransport;\n private readonly now: () => number;\n\n constructor(private readonly config: AuthConfig) {\n this.storage = config.storage ?? new MemoryStorageAdapter();\n this.transport = config.transport ?? new FetchAuthTransport();\n this.now = config.now ?? (() => Date.now());\n }\n\n async startLogin(options: StartLoginOptions = {}): Promise<void> {\n const state = randomString(32);\n const codeVerifier = randomString(96);\n const codeChallenge = await createCodeChallenge(codeVerifier);\n\n await safeSet(this.storage, STORAGE_KEYS.state, state);\n await safeSet(this.storage, STORAGE_KEYS.codeVerifier, codeVerifier);\n\n const params: Record<string, string> = {\n response_type: 'code',\n client_id: this.config.clientId,\n redirect_uri: this.config.redirectUri,\n state,\n code_challenge: codeChallenge,\n code_challenge_method: 'S256',\n };\n\n const scope = options.scopes?.join(' ') ?? this.config.scope;\n if (scope) params.scope = scope;\n if (options.loginHint) params.login_hint = options.loginHint;\n if (options.extraParams) {\n const RESERVED = new Set([\n 'response_type',\n 'client_id',\n 'redirect_uri',\n 'state',\n 'code_challenge',\n 'code_challenge_method',\n ]);\n for (const [k, v] of Object.entries(options.extraParams)) {\n if (!RESERVED.has(k)) params[k] = v;\n }\n }\n\n const url = new URL(this.config.authorizationEndpoint);\n Object.entries(params).forEach(([k, v]) => url.searchParams.set(k, v));\n const redirectUrl = url.toString();\n\n if (this.config.onRedirect) {\n await this.config.onRedirect(redirectUrl);\n return;\n }\n if (typeof window !== 'undefined') {\n window.location.assign(redirectUrl);\n return;\n }\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'Missing onRedirect callback for non-browser runtime',\n );\n }\n\n async handleRedirectCallback(callbackUrl?: string): Promise<Session> {\n const input =\n callbackUrl ??\n (typeof window !== 'undefined' ? window.location.href : '');\n if (!input) {\n throw new AuthError(\n AuthErrorCode.CALLBACK_ERROR,\n 'callbackUrl required in non-browser runtime',\n );\n }\n\n const url = parseUrl(input);\n const error = url.searchParams.get('error');\n if (error) {\n const desc = url.searchParams.get('error_description');\n throw new AuthError(\n AuthErrorCode.CALLBACK_ERROR,\n desc\n ? `Authorization error: ${error} — ${desc}`\n : `Authorization error: ${error}`,\n );\n }\n\n const code = url.searchParams.get('code');\n if (!code) {\n throw new AuthError(\n AuthErrorCode.MISSING_CODE,\n 'Missing code in callback',\n );\n }\n\n const state = url.searchParams.get('state');\n if (!state) {\n throw new AuthError(\n AuthErrorCode.MISSING_STATE,\n 'Missing state in callback',\n );\n }\n\n const storedState = await safeGet(this.storage, STORAGE_KEYS.state);\n if (!storedState || !timingSafeEqual(storedState, state)) {\n throw new AuthError(\n AuthErrorCode.STATE_MISMATCH,\n 'State validation failed',\n );\n }\n\n await safeRemove(this.storage, STORAGE_KEYS.state);\n return this.exchangeCode(code);\n }\n\n getSession(): Session | null {\n return this.session;\n }\n\n async getAccessToken(): Promise<string | null> {\n if (!this.session) {\n await this.hydrateSession();\n }\n if (!this.session) return null;\n const exp = this.session.tokens.expiresAt;\n if (exp && exp <= this.now() && this.config.enableRefreshToken) {\n if (!this.refreshPromise) {\n this.refreshPromise = this.doRefresh().finally(() => {\n this.refreshPromise = null;\n });\n }\n await this.refreshPromise;\n }\n return this.session?.tokens.accessToken ?? null;\n }\n\n async logout(options?: { returnTo?: string }): Promise<void> {\n if (options?.returnTo) {\n const returnTo = options.returnTo;\n if (returnTo.startsWith('//') || !/^https?:\\/\\//.test(returnTo)) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'returnTo must be an absolute https:// or http:// URL',\n );\n }\n }\n\n this.session = null;\n await safeRemove(this.storage, STORAGE_KEYS.session);\n await safeRemove(this.storage, STORAGE_KEYS.state);\n await safeRemove(this.storage, STORAGE_KEYS.codeVerifier);\n this.notify();\n\n if (this.config.logoutEndpoint) {\n const url = new URL(this.config.logoutEndpoint);\n if (options?.returnTo) {\n url.searchParams.set('returnTo', options.returnTo);\n }\n const logoutUrl = url.toString();\n if (this.config.onRedirect) {\n await this.config.onRedirect(logoutUrl);\n } else if (typeof window !== 'undefined') {\n window.location.assign(logoutUrl);\n }\n }\n }\n\n isAuthenticated(): boolean {\n return Boolean(this.session?.tokens.accessToken);\n }\n\n onAuthStateChanged(handler: (session: Session | null) => void): () => void {\n this.listeners.add(handler);\n return () => this.listeners.delete(handler);\n }\n\n async getUserinfo(): Promise<Record<string, unknown>> {\n const accessToken = await this.getAccessToken();\n if (!accessToken) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'Not authenticated — call handleRedirectCallback first',\n );\n }\n if (!this.config.userinfoEndpoint) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.userinfoEndpoint is required for getUserinfo',\n );\n }\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.userinfoEndpoint,\n { headers: { Authorization: `Bearer ${accessToken}` } },\n );\n return response.data;\n }\n\n private async exchangeCode(code: string): Promise<Session> {\n const verifier = await safeGet(this.storage, STORAGE_KEYS.codeVerifier);\n if (!verifier) {\n throw new AuthError(\n AuthErrorCode.TOKEN_EXCHANGE_FAILED,\n 'Missing PKCE code_verifier in storage',\n );\n }\n\n const body = new URLSearchParams({\n grant_type: 'authorization_code',\n code,\n code_verifier: verifier,\n redirect_uri: this.config.redirectUri,\n client_id: this.config.clientId,\n });\n\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.tokenEndpoint,\n {\n method: 'POST',\n body: body.toString(),\n },\n );\n const tokens = normalizeTokenSet(response.data, this.now);\n await safeRemove(this.storage, STORAGE_KEYS.codeVerifier);\n return this.createSession(tokens);\n }\n\n private async doRefresh(): Promise<Session> {\n const refreshToken = this.session?.tokens.refreshToken;\n if (!refreshToken) {\n throw new AuthError(\n AuthErrorCode.REFRESH_FAILED,\n 'No refresh token available',\n );\n }\n\n const body = new URLSearchParams({\n grant_type: 'refresh_token',\n refresh_token: refreshToken,\n client_id: this.config.clientId,\n });\n\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.tokenEndpoint,\n {\n method: 'POST',\n body: body.toString(),\n },\n );\n const tokens = normalizeTokenSet(response.data, this.now);\n return this.createSession(tokens);\n }\n\n private async createSession(tokens: TokenSet): Promise<Session> {\n this.session = {\n tokens,\n createdAt: this.now(),\n };\n await safeSet(\n this.storage,\n STORAGE_KEYS.session,\n JSON.stringify(this.session),\n );\n this.notify();\n return this.session;\n }\n\n private notify(): void {\n this.listeners.forEach((handler) => handler(this.session));\n }\n\n private async hydrateSession(): Promise<void> {\n const raw = await safeGet(this.storage, STORAGE_KEYS.session);\n if (!raw) return;\n try {\n const parsed = JSON.parse(raw) as Session;\n if (typeof parsed?.tokens?.accessToken !== 'string') {\n await safeRemove(this.storage, STORAGE_KEYS.session);\n return;\n }\n this.session = parsed;\n } catch {\n await safeRemove(this.storage, STORAGE_KEYS.session);\n this.session = null;\n }\n }\n}\n","import { DefaultAuthClient } from './nuria-auth-client';\nimport { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type { AuthClient, AuthConfig } from '../core/types';\n\nexport function createAuthClient(config: AuthConfig): AuthClient {\n if (!config?.clientId) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.clientId is required',\n );\n }\n if (!config.authorizationEndpoint) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.authorizationEndpoint is required',\n );\n }\n if (!config.tokenEndpoint) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.tokenEndpoint is required',\n );\n }\n if (!config.redirectUri) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.redirectUri is required',\n );\n }\n return new DefaultAuthClient(config);\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport class WebStorageAdapter implements StorageAdapter {\n constructor(\n private readonly storage: Pick<\n Storage,\n 'getItem' | 'setItem' | 'removeItem'\n >,\n ) {}\n\n get(key: string): string | null {\n return this.storage.getItem(key);\n }\n\n set(key: string, value: string): void {\n this.storage.setItem(key, value);\n }\n\n remove(key: string): void {\n this.storage.removeItem(key);\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport interface CookieStorageCallbacks {\n getCookie(name: string): string | null | Promise<string | null>;\n setCookie(name: string, value: string): void | Promise<void>;\n removeCookie(name: string): void | Promise<void>;\n}\n\nexport class CookieStorageAdapter implements StorageAdapter {\n constructor(private readonly callbacks: CookieStorageCallbacks) {}\n\n async get(key: string): Promise<string | null> {\n return this.callbacks.getCookie(key);\n }\n\n async set(key: string, value: string): Promise<void> {\n await this.callbacks.setCookie(key, value);\n }\n\n async remove(key: string): Promise<void> {\n await this.callbacks.removeCookie(key);\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport interface BrowserCookieStorageOptions {\n domain?: string;\n path?: string;\n sameSite?: 'strict' | 'lax' | 'none';\n secure?: boolean;\n}\n\nconst getCookieValue = (name: string): string | null => {\n if (typeof document === 'undefined') return null;\n const result = document.cookie.match(`(^|;)\\\\s*${name}\\\\s*=\\\\s*([^;]+)`);\n return result ? (result.pop() ?? null) : null;\n};\n\nexport function createBrowserCookieStorage(\n options: BrowserCookieStorageOptions = {},\n): StorageAdapter {\n const { domain, path = '/', sameSite = 'strict', secure = true } = options;\n\n const get = (key: string): string | null => {\n return getCookieValue(key);\n };\n\n const set = (key: string, value: string): void => {\n if (typeof document === 'undefined') return;\n let cookie = `${key}=${value}`;\n if (path) cookie += `; path=${path}`;\n if (domain) cookie += `; domain=${domain}`;\n if (sameSite) cookie += `; samesite=${sameSite}`;\n if (secure) cookie += `; secure`;\n document.cookie = cookie;\n };\n\n const remove = (key: string): void => {\n if (typeof document === 'undefined') return;\n let cookie = `${key}=; expires=Thu, 01 Jan 1970 00:00:00 GMT`;\n if (path) cookie += `; path=${path}`;\n if (domain) cookie += `; domain=${domain}`;\n document.cookie = cookie;\n };\n\n return { get, set, remove };\n}\n"]}
1
+ {"version":3,"sources":["../src/errors/auth-error.ts","../src/core/pkce.ts","../src/core/utils.ts","../src/storage/memory-storage-adapter.ts","../src/transport/fetch-transport.ts","../src/client/nuria-auth-client.ts","../src/client/create-client.ts","../src/storage/web-storage-adapter.ts","../src/storage/cookie-storage-adapter.ts","../src/storage/browser-cookie-storage.ts"],"names":["AuthErrorCode"],"mappings":";;;AAAO,IAAK,aAAA,qBAAAA,cAAAA,KAAL;AACL,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,uBAAA,CAAA,GAAwB,uBAAA;AACxB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,cAAA,CAAA,GAAe,cAAA;AACf,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,YAAA,CAAA,GAAa,YAAA;AAVH,EAAA,OAAAA,cAAAA;AAAA,CAAA,EAAA,aAAA,IAAA,EAAA;AAaL,IAAM,SAAA,GAAN,cAAwB,KAAA,CAAM;AAAA,EACnC,WAAA,CACkB,IAAA,EAChB,OAAA,EACgB,KAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJG,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAEA,IAAA,IAAA,CAAA,KAAA,GAAA,KAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,WAAA;AAAA,EACd;AACF;;;ACtBA,IAAM,QAAA,GACJ,oEAAA;AAEF,SAAS,aAAA,GAAwB;AAC/B,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAe,UAAA,CAAW,MAAA,EAAQ;AAC1D,IAAA,OAAO,UAAA,CAAW,MAAA;AAAA,EACpB;AACA,EAAA,MAAM,IAAI,MAAM,4BAA4B,CAAA;AAC9C;AAEO,SAAS,YAAA,CAAa,SAAS,EAAA,EAAY;AAChD,EAAA,MAAM,SAAS,aAAA,EAAc;AAG7B,EAAA,MAAM,SAAA,GAAY,GAAA,GAAO,GAAA,GAAM,QAAA,CAAS,MAAA;AACxC,EAAA,MAAM,SAAmB,EAAC;AAC1B,EAAA,OAAO,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC7B,IAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,IAAA,CAAK,MAAM,MAAA,GAAS,MAAA,CAAO,MAAA,IAAU,GAAG,CAAC,CAAA;AACtE,IAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,IAAA,KAAA,MAAW,KAAK,KAAA,EAAO;AACrB,MAAA,IAAI,MAAA,CAAO,UAAU,MAAA,EAAQ;AAC7B,MAAA,IAAI,CAAA,GAAI,WAAW,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,GAAI,QAAA,CAAS,MAAM,CAAE,CAAA;AAAA,IAC/D;AAAA,EACF;AACA,EAAA,OAAO,MAAA,CAAO,KAAK,EAAE,CAAA;AACvB;AAEA,SAAS,YAAY,KAAA,EAAwC;AAC3D,EAAA,MAAM,MAAA,GAAS,KAAA,CAAM,IAAA,CAAK,KAAA,EAAO,CAAC,CAAA,KAAM,MAAA,CAAO,YAAA,CAAa,CAAC,CAAC,CAAA,CAAE,IAAA,CAAK,EAAE,CAAA;AACvE,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,EAAE,CAAA;AAC9E;AAEA,SAAS,gBAAgB,QAAA,EAA2C;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,QAAA,CAAS,MAAM,CAAA;AAC5C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,QAAA,CAAS,QAAQ,CAAA,EAAA,EAAK;AACxC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,QAAA,CAAS,UAAA,CAAW,CAAC,CAAA;AAAA,EAClC;AACA,EAAA,OAAO,KAAA;AACT;AAEA,eAAsB,oBAAoB,QAAA,EAAmC;AAC3E,EAAA,MAAM,SAAS,aAAA,EAAc;AAC7B,EAAA,MAAM,MAAA,GAAS,gBAAgB,QAAQ,CAAA;AACvC,EAAA,MAAM,SAAS,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,MAAM,CAAA;AAC3D,EAAA,OAAO,WAAA,CAAY,IAAI,UAAA,CAAW,MAAM,CAAC,CAAA;AAC3C;;;AC1CO,IAAM,YAAA,GAAe;AAAA,EAC1B,OAAA,EAAS,eAAA;AAAA,EACT,KAAA,EAAO,mBAAA;AAAA,EACP,YAAA,EAAc;AAChB,CAAA;AAEO,SAAS,iBAAA,CACd,KACA,GAAA,EACU;AAZZ,EAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AAaE,EAAA,MAAM,WAAA,GAAA,CAAe,EAAA,GAAA,GAAA,CAAI,YAAA,KAAJ,IAAA,GAAA,EAAA,GAAoB,GAAA,CAAI,WAAA;AAC7C,EAAA,IAAI,CAAC,WAAA,IAAe,OAAO,WAAA,KAAgB,QAAA,EAAU;AACnD,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,uBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,MAAM,SAAA,GAAY,QAAO,EAAA,GAAA,CAAA,EAAA,GAAA,GAAA,CAAI,UAAA,KAAJ,YAAkB,GAAA,CAAI,SAAA,KAAtB,IAAA,GAAA,EAAA,GAAmC,CAAC,CAAA,IAAK,MAAA;AAClE,EAAA,OAAO;AAAA,IACL,WAAA;AAAA,IACA,SAAA,EAAA,CAAY,EAAA,GAAA,GAAA,CAAI,UAAA,KAAJ,IAAA,GAAA,EAAA,GAAkB,GAAA,CAAI,SAAA;AAAA,IAClC,SAAA;AAAA,IACA,YAAA,EAAA,CAAe,EAAA,GAAA,GAAA,CAAI,aAAA,KAAJ,IAAA,GAAA,EAAA,GAAqB,GAAA,CAAI,YAAA;AAAA,IACxC,OAAA,EAAA,CAAU,EAAA,GAAA,GAAA,CAAI,QAAA,KAAJ,IAAA,GAAA,EAAA,GAAgB,GAAA,CAAI,OAAA;AAAA,IAC9B,OAAO,GAAA,CAAI,KAAA;AAAA,IACX,SAAA,EAAW,SAAA,GAAY,GAAA,EAAI,GAAI,YAAY,GAAA,GAAO;AAAA,GACpD;AACF;AAEA,eAAsB,OAAA,CACpB,SACA,GAAA,EACwB;AACxB,EAAA,IAAI;AACF,IAAA,OAAO,MAAM,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAAA,EAC9B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,uBAAuB,GAAG,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,EACF;AACF;AAEA,eAAsB,OAAA,CACpB,OAAA,EACA,GAAA,EACA,KAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC9B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,uBAAuB,GAAG,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,EACF;AACF;AAEA,eAAsB,UAAA,CACpB,SACA,GAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,EAC1B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,wBAAwB,GAAG,CAAA,CAAA;AAAA,MAC3B;AAAA,KACF;AAAA,EACF;AACF;AAEO,SAAS,eAAA,CAAgB,GAAW,CAAA,EAAoB;AAC7D,EAAA,IAAI,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,EAAQ,OAAO,KAAA;AAClC,EAAA,IAAI,IAAA,GAAO,CAAA;AACX,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,CAAE,QAAQ,CAAA,EAAA,EAAK;AACjC,IAAA,IAAA,IAAQ,EAAE,UAAA,CAAW,CAAC,CAAA,GAAI,CAAA,CAAE,WAAW,CAAC,CAAA;AAAA,EAC1C;AACA,EAAA,OAAO,IAAA,KAAS,CAAA;AAClB;AAEO,SAAS,SAAS,GAAA,EAAkB;AACzC,EAAA,IAAI;AACF,IAAA,OAAO,IAAI,IAAI,GAAG,CAAA;AAAA,EACpB,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,IAAA,MAAM,IAAI,iDAAwC,sBAAsB,CAAA;AAAA,EAC1E;AACF;;;AC3FO,IAAM,uBAAN,MAAqD;AAAA,EAArD,WAAA,GAAA;AACL,IAAA,IAAA,CAAQ,KAAA,uBAAY,GAAA,EAAoB;AAAA,EAAA;AAAA,EAExC,IAAI,GAAA,EAA4B;AALlC,IAAA,IAAA,EAAA;AAMI,IAAA,OAAA,CAAO,EAAA,GAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAG,MAAlB,IAAA,GAAA,EAAA,GAAuB,IAAA;AAAA,EAChC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC3B;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAA,CAAK,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,EACvB;AACF;;;ACDA,IAAM,gBAAA,mBAAmB,IAAI,GAAA,CAAI,CAAC,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAG,CAAC,CAAA;AAE7D,IAAM,qBAAN,MAAkD;AAAA,EAMvD,WAAA,CAAY,OAAA,GAAiC,EAAC,EAAG;AAvBnD,IAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AAwBI,IAAA,IAAA,CAAK,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB,KAAA;AAClC,IAAA,IAAA,CAAK,YAAY,OAAA,CAAQ,SAAA;AACzB,IAAA,IAAA,CAAK,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB,CAAA;AAClC,IAAA,IAAA,CAAK,YAAA,GAAA,CAAe,EAAA,GAAA,OAAA,CAAQ,YAAA,KAAR,IAAA,GAAA,EAAA,GAAwB,EAAC;AAAA,EAC/C;AAAA,EAEA,MAAM,OAAA,CACJ,GAAA,EACA,GAAA,GAA4B,EAAC,EACM;AAjCvC,IAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AAkCI,IAAA,IAAI,OAAA,GAAU,GAAA;AACd,IAAA,KAAA,MAAW,CAAA,IAAK,KAAK,YAAA,EAAc;AACjC,MAAA,IAAI,EAAE,SAAA,EAAW,OAAA,GAAU,MAAM,CAAA,CAAE,SAAA,CAAU,KAAK,OAAO,CAAA;AAAA,IAC3D;AAEA,IAAA,MAAM,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB,IAAA,CAAK,OAAA;AACxC,IAAA,IAAI,OAAA,GAAU,CAAA;AACd,IAAA,OAAO,IAAA,EAAM;AACX,MAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,MAAA,MAAM,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,SAAA,KAAR,IAAA,GAAA,EAAA,GAAqB,IAAA,CAAK,SAAA;AAC1C,MAAA,MAAM,KAAA,GAAQ,UACV,UAAA,CAAW,MAAM,WAAW,KAAA,EAAM,EAAG,OAAO,CAAA,GAC5C,MAAA;AACJ,MAAA,IAAI;AACF,QAAA,MAAM,kBAAA,GACJ,OAAO,OAAA,CAAQ,IAAA,KAAS,WACpB,mCAAA,GACA,kBAAA;AACN,QAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,OAAA,CAAQ,KAAK,SAAA,CAAU,GAAA,EAAK,OAAA,CAAQ,KAAK,CAAA,EAAG;AAAA,UACjE,MAAA,EAAA,CAAQ,EAAA,GAAA,OAAA,CAAQ,MAAA,KAAR,IAAA,GAAA,EAAA,GAAkB,KAAA;AAAA,UAC1B,aAAa,OAAA,CAAQ,WAAA;AAAA,UACrB,OAAA,EAAS;AAAA,YACP,cAAA,EAAgB,kBAAA;AAAA,YAChB,GAAA,CAAI,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB;AAAC,WAC1B;AAAA,UACA,IAAA,EACE,OAAA,CAAQ,IAAA,KAAS,KAAA,CAAA,GACb,OAAO,OAAA,CAAQ,IAAA,KAAS,QAAA,GACtB,OAAA,CAAQ,IAAA,GACR,IAAA,CAAK,SAAA,CAAU,OAAA,CAAQ,IAAI,CAAA,GAC7B,KAAA,CAAA;AAAA,UACN,QAAQ,UAAA,CAAW;AAAA,SACpB,CAAA;AACD,QAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAa,GAAG,CAAA;AACxC,QAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,UAAA,IAAI,UAAU,OAAA,IAAW,gBAAA,CAAiB,GAAA,CAAI,GAAA,CAAI,MAAM,CAAA,EAAG;AACzD,YAAA,OAAA,IAAW,CAAA;AACX,YAAA;AAAA,UACF;AACA,UAAA,MAAM,IAAI,SAAA,CAAA,YAAA,mBAAoC,CAAA,KAAA,EAAQ,GAAA,CAAI,MAAM,CAAA,CAAE,CAAA;AAAA,QACpE;AACA,QAAA,IAAI,GAAA,GAAgC;AAAA,UAClC,QAAQ,GAAA,CAAI,MAAA;AAAA,UACZ,IAAA;AAAA,UACA,SAAS,GAAA,CAAI;AAAA,SACf;AACA,QAAA,KAAA,MAAW,CAAA,IAAK,KAAK,YAAA,EAAc;AACjC,UAAA,IAAI,EAAE,UAAA,EAAY,GAAA,GAAM,MAAM,CAAA,CAAE,WAAW,GAAG,CAAA;AAAA,QAChD;AACA,QAAA,OAAO,GAAA;AAAA,MACT,SAAS,KAAA,EAAO;AACd,QAAA,IAAI,KAAA,YAAiB,WAAW,MAAM,KAAA;AACtC,QAAA,IAAI,UAAU,OAAA,EAAS;AACrB,UAAA,OAAA,IAAW,CAAA;AACX,UAAA;AAAA,QACF;AACA,QAAA,MAAM,IAAI,SAAA;AAAA,UAAA,eAAA;AAAA,UAER,wBAAA;AAAA,UACA;AAAA,SACF;AAAA,MACF,CAAA,SAAE;AACA,QAAA,IAAI,KAAA,eAAoB,KAAK,CAAA;AAAA,MAC/B;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,SAAA,CACN,KACA,KAAA,EACQ;AACR,IAAA,IAAI,CAAC,OAAO,OAAO,GAAA;AACnB,IAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,MAAA,CAAO,OAAA,CAAQ,KAAK,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM;AACxC,MAAA,IAAI,MAAM,MAAA,EAAW,MAAA,CAAO,YAAA,CAAa,GAAA,CAAI,GAAG,CAAC,CAAA;AAAA,IACnD,CAAC,CAAA;AACD,IAAA,OAAO,OAAO,QAAA,EAAS;AAAA,EACzB;AAAA,EAEA,MAAc,UAAa,GAAA,EAA2B;AAjHxD,IAAA,IAAA,EAAA;AAkHI,IAAA,MAAM,eAAc,EAAA,GAAA,GAAA,CAAI,OAAA,CAAQ,GAAA,CAAI,cAAc,MAA9B,IAAA,GAAA,EAAA,GAAmC,EAAA;AACvD,IAAA,IAAI,WAAA,CAAY,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAC5C,MAAA,OAAQ,MAAM,IAAI,IAAA,EAAK;AAAA,IACzB;AACA,IAAA,OAAQ,MAAM,IAAI,IAAA,EAAK;AAAA,EACzB;AACF;;;AClGO,IAAM,oBAAN,MAA8C;AAAA,EAQnD,YAA6B,MAAA,EAAoB;AAApB,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAP7B,IAAA,IAAA,CAAQ,OAAA,GAA0B,IAAA;AAClC,IAAA,IAAA,CAAQ,cAAA,GAA0C,IAAA;AAClD,IAAA,IAAA,CAAiB,SAAA,uBAAgB,GAAA,EAAuC;AAzB1E,IAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AA+BI,IAAA,IAAA,CAAK,OAAA,GAAA,CAAU,EAAA,GAAA,MAAA,CAAO,OAAA,KAAP,IAAA,GAAA,EAAA,GAAkB,IAAI,oBAAA,EAAqB;AAC1D,IAAA,IAAA,CAAK,SAAA,GAAA,CAAY,EAAA,GAAA,MAAA,CAAO,SAAA,KAAP,IAAA,GAAA,EAAA,GAAoB,IAAI,kBAAA,EAAmB;AAC5D,IAAA,IAAA,CAAK,OAAM,EAAA,GAAA,MAAA,CAAO,GAAA,KAAP,IAAA,GAAA,EAAA,IAAe,MAAM,KAAK,GAAA,EAAI,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,UAAA,CAAW,OAAA,GAA6B,EAAC,EAAkB;AApCnE,IAAA,IAAA,EAAA,EAAA,EAAA;AAqCI,IAAA,MAAM,KAAA,GAAQ,aAAa,EAAE,CAAA;AAC7B,IAAA,MAAM,YAAA,GAAe,aAAa,EAAE,CAAA;AACpC,IAAA,MAAM,aAAA,GAAgB,MAAM,mBAAA,CAAoB,YAAY,CAAA;AAE5D,IAAA,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,KAAK,CAAA;AACrD,IAAA,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,cAAc,YAAY,CAAA;AAEnE,IAAA,MAAM,MAAA,GAAiC;AAAA,MACrC,aAAA,EAAe,MAAA;AAAA,MACf,SAAA,EAAW,KAAK,MAAA,CAAO,QAAA;AAAA,MACvB,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,MAC1B,KAAA;AAAA,MACA,cAAA,EAAgB,aAAA;AAAA,MAChB,qBAAA,EAAuB;AAAA,KACzB;AAEA,IAAA,MAAM,KAAA,GAAA,CAAQ,mBAAQ,MAAA,KAAR,IAAA,GAAA,MAAA,GAAA,EAAA,CAAgB,KAAK,GAAA,CAAA,KAArB,IAAA,GAAA,EAAA,GAA6B,KAAK,MAAA,CAAO,KAAA;AACvD,IAAA,IAAI,KAAA,SAAc,KAAA,GAAQ,KAAA;AAC1B,IAAA,IAAI,OAAA,CAAQ,SAAA,EAAW,MAAA,CAAO,UAAA,GAAa,OAAA,CAAQ,SAAA;AACnD,IAAA,IAAI,QAAQ,WAAA,EAAa;AACvB,MAAA,MAAM,QAAA,uBAAe,GAAA,CAAI;AAAA,QACvB,eAAA;AAAA,QACA,WAAA;AAAA,QACA,cAAA;AAAA,QACA,OAAA;AAAA,QACA,gBAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,KAAA,MAAW,CAAC,GAAG,CAAC,CAAA,IAAK,OAAO,OAAA,CAAQ,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxD,QAAA,IAAI,CAAC,QAAA,CAAS,GAAA,CAAI,CAAC,CAAA,EAAG,MAAA,CAAO,CAAC,CAAA,GAAI,CAAA;AAAA,MACpC;AAAA,IACF;AAEA,IAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,IAAA,CAAK,OAAO,qBAAqB,CAAA;AACrD,IAAA,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,CAAA,EAAG,CAAC,CAAC,CAAA;AACrE,IAAA,MAAM,WAAA,GAAc,IAAI,QAAA,EAAS;AAEjC,IAAA,IAAI,IAAA,CAAK,OAAO,UAAA,EAAY;AAC1B,MAAA,MAAM,IAAA,CAAK,MAAA,CAAO,UAAA,CAAW,WAAW,CAAA;AACxC,MAAA;AAAA,IACF;AACA,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,MAAA,MAAA,CAAO,QAAA,CAAS,OAAO,WAAW,CAAA;AAClC,MAAA;AAAA,IACF;AACA,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AAAA,EAEA,MAAM,uBAAuB,WAAA,EAAwC;AACnE,IAAA,MAAM,QACJ,WAAA,IAAA,IAAA,GAAA,WAAA,GACC,OAAO,WAAW,WAAA,GAAc,MAAA,CAAO,SAAS,IAAA,GAAO,EAAA;AAC1D,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,GAAA,GAAM,SAAS,KAAK,CAAA;AAC1B,IAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAO,CAAA;AAC1C,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,IAAA,GAAO,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,mBAAmB,CAAA;AACrD,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER,OACI,CAAA,qBAAA,EAAwB,KAAK,WAAM,IAAI,CAAA,CAAA,GACvC,wBAAwB,KAAK,CAAA;AAAA,OACnC;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,MAAM,CAAA;AACxC,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,cAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAO,CAAA;AAC1C,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,eAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,cAAc,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,KAAK,CAAA;AAClE,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,eAAA,CAAgB,WAAA,EAAa,KAAK,CAAA,EAAG;AACxD,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,KAAK,CAAA;AACjD,IAAA,OAAO,IAAA,CAAK,aAAa,IAAI,CAAA;AAAA,EAC/B;AAAA,EAEA,UAAA,GAA6B;AAC3B,IAAA,OAAO,IAAA,CAAK,OAAA;AAAA,EACd;AAAA,EAEA,MAAM,cAAA,GAAyC;AA/IjD,IAAA,IAAA,EAAA,EAAA,EAAA;AAgJI,IAAA,IAAI,CAAC,KAAK,OAAA,EAAS;AACjB,MAAA,MAAM,KAAK,cAAA,EAAe;AAAA,IAC5B;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,OAAA,EAAS,OAAO,IAAA;AAC1B,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,SAAA;AAChC,IAAA,IAAI,OAAO,GAAA,IAAO,IAAA,CAAK,KAAI,IAAK,IAAA,CAAK,OAAO,kBAAA,EAAoB;AAC9D,MAAA,IAAI,CAAC,KAAK,cAAA,EAAgB;AACxB,QAAA,IAAA,CAAK,cAAA,GAAiB,IAAA,CAAK,SAAA,EAAU,CAAE,QAAQ,MAAM;AACnD,UAAA,IAAA,CAAK,cAAA,GAAiB,IAAA;AAAA,QACxB,CAAC,CAAA;AAAA,MACH;AACA,MAAA,MAAM,IAAA,CAAK,cAAA;AAAA,IACb;AACA,IAAA,OAAA,CAAO,EAAA,GAAA,CAAA,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,MAAA,CAAO,gBAArB,IAAA,GAAA,EAAA,GAAoC,IAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,OAAO,OAAA,EAAgD;AAC3D,IAAA,IAAI,mCAAS,QAAA,EAAU;AACrB,MAAA,MAAM,WAAW,OAAA,CAAQ,QAAA;AACzB,MAAA,IAAI,QAAA,CAAS,WAAW,IAAI,CAAA,IAAK,CAAC,cAAA,CAAe,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC/D,QAAA,MAAM,IAAI,SAAA;AAAA,UAAA,gBAAA;AAAA,UAER;AAAA,SACF;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,OAAA,GAAU,IAAA;AACf,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,KAAK,CAAA;AACjD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,YAAY,CAAA;AACxD,IAAA,IAAA,CAAK,MAAA,EAAO;AAEZ,IAAA,IAAI,IAAA,CAAK,OAAO,cAAA,EAAgB;AAC9B,MAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,IAAA,CAAK,OAAO,cAAc,CAAA;AAC9C,MAAA,IAAI,mCAAS,QAAA,EAAU;AACrB,QAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,UAAA,EAAY,OAAA,CAAQ,QAAQ,CAAA;AAAA,MACnD;AACA,MAAA,MAAM,SAAA,GAAY,IAAI,QAAA,EAAS;AAC/B,MAAA,IAAI,IAAA,CAAK,OAAO,UAAA,EAAY;AAC1B,QAAA,MAAM,IAAA,CAAK,MAAA,CAAO,UAAA,CAAW,SAAS,CAAA;AAAA,MACxC,CAAA,MAAA,IAAW,OAAO,MAAA,KAAW,WAAA,EAAa;AACxC,QAAA,MAAA,CAAO,QAAA,CAAS,OAAO,SAAS,CAAA;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,eAAA,GAA2B;AA/L7B,IAAA,IAAA,EAAA;AAgMI,IAAA,OAAO,OAAA,CAAA,CAAQ,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,OAAO,WAAW,CAAA;AAAA,EACjD;AAAA,EAEA,mBAAmB,OAAA,EAAwD;AACzE,IAAA,IAAA,CAAK,SAAA,CAAU,IAAI,OAAO,CAAA;AAC1B,IAAA,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO,OAAO,CAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,WAAA,GAAgD;AACpD,IAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,EAAe;AAC9C,IAAA,IAAI,CAAC,WAAA,EAAa;AAChB,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,gBAAA,EAAkB;AACjC,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AACA,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,gBAAA;AAAA,MACZ,EAAE,OAAA,EAAS,EAAE,eAAe,CAAA,OAAA,EAAU,WAAW,IAAG;AAAE,KACxD;AACA,IAAA,OAAO,QAAA,CAAS,IAAA;AAAA,EAClB;AAAA,EAEA,MAAc,aAAa,IAAA,EAAgC;AACzD,IAAA,MAAM,WAAW,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,YAAY,CAAA;AACtE,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,uBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,oBAAA;AAAA,MACZ,IAAA;AAAA,MACA,aAAA,EAAe,QAAA;AAAA,MACf,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,MAC1B,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,KACxB,CAAA;AAED,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,aAAA;AAAA,MACZ;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,WAAA,EAAa,SAAA;AAAA,QACb,IAAA,EAAM,KAAK,QAAA;AAAS;AACtB,KACF;AACA,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,QAAA,CAAS,IAAA,EAAM,KAAK,GAAG,CAAA;AACxD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,YAAY,CAAA;AACxD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEA,MAAc,SAAA,GAA8B;AA3P9C,IAAA,IAAA,EAAA;AA4PI,IAAA,MAAM,YAAA,GAAA,CAAe,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,MAAA,CAAO,YAAA;AAC1C,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,eAAA;AAAA,MACZ,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,KACxB,CAAA;AACD,IAAA,IAAI,YAAA,EAAc,IAAA,CAAK,GAAA,CAAI,eAAA,EAAiB,YAAY,CAAA;AAExD,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,aAAA;AAAA,MACZ;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,WAAA,EAAa,SAAA;AAAA,QACb,IAAA,EAAM,KAAK,QAAA;AAAS;AACtB,KACF;AACA,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,QAAA,CAAS,IAAA,EAAM,KAAK,GAAG,CAAA;AACxD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEA,MAAc,cAAc,MAAA,EAAoC;AA/QlE,IAAA,IAAA,EAAA,EAAA,EAAA;AAgRI,IAAA,MAAM,oBAAA,GAAA,CAAuB,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,MAAA,CAAO,YAAA;AAClD,IAAA,MAAM,YAAA,GAAyB;AAAA,MAC7B,GAAG,MAAA;AAAA,MACH,YAAA,EAAA,CAAc,EAAA,GAAA,MAAA,CAAO,YAAA,KAAP,IAAA,GAAA,EAAA,GAAuB;AAAA,KACvC;AAEA,IAAA,IAAA,CAAK,OAAA,GAAU;AAAA,MACb,MAAA,EAAQ,YAAA;AAAA,MACR,SAAA,EAAW,KAAK,GAAA;AAAI,KACtB;AACA,IAAA,MAAM,OAAA;AAAA,MACJ,IAAA,CAAK,OAAA;AAAA,MACL,YAAA,CAAa,OAAA;AAAA,MACb,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,OAAO;AAAA,KAC7B;AACA,IAAA,IAAA,CAAK,MAAA,EAAO;AACZ,IAAA,OAAO,IAAA,CAAK,OAAA;AAAA,EACd;AAAA,EAEQ,MAAA,GAAe;AACrB,IAAA,IAAA,CAAK,UAAU,OAAA,CAAQ,CAAC,YAAY,OAAA,CAAQ,IAAA,CAAK,OAAO,CAAC,CAAA;AAAA,EAC3D;AAAA,EAEA,MAAc,cAAA,GAAgC;AAvShD,IAAA,IAAA,EAAA;AAwSI,IAAA,MAAM,MAAM,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,OAAO,CAAA;AAC5D,IAAA,IAAI,CAAC,GAAA,EAAK;AACV,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAC7B,MAAA,IAAI,QAAA,CAAO,EAAA,GAAA,MAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAA,MAAA,CAAQ,MAAA,KAAR,IAAA,GAAA,KAAA,CAAA,GAAA,EAAA,CAAgB,iBAAgB,QAAA,EAAU;AACnD,QAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,QAAA;AAAA,MACF;AACA,MAAA,IAAA,CAAK,OAAA,GAAU,MAAA;AAAA,IACjB,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,MAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,MAAA,IAAA,CAAK,OAAA,GAAU,IAAA;AAAA,IACjB;AAAA,EACF;AACF,CAAA;;;AClTO,SAAS,iBAAiB,MAAA,EAAgC;AAC/D,EAAA,IAAI,EAAC,iCAAQ,QAAA,CAAA,EAAU;AACrB,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,CAAC,OAAO,qBAAA,EAAuB;AACjC,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,CAAC,OAAO,aAAA,EAAe;AACzB,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,CAAC,OAAO,WAAA,EAAa;AACvB,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,OAAO,IAAI,kBAAkB,MAAM,CAAA;AACrC;;;AC5BO,IAAM,oBAAN,MAAkD;AAAA,EACvD,YACmB,OAAA,EAIjB;AAJiB,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAAA,EAIhB;AAAA,EAEH,IAAI,GAAA,EAA4B;AAC9B,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAAA,EACjC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,EACjC;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAA,CAAK,OAAA,CAAQ,WAAW,GAAG,CAAA;AAAA,EAC7B;AACF;;;ACbO,IAAM,uBAAN,MAAqD;AAAA,EAC1D,YAA6B,SAAA,EAAmC;AAAnC,IAAA,IAAA,CAAA,SAAA,GAAA,SAAA;AAAA,EAAoC;AAAA,EAEjE,MAAM,IAAI,GAAA,EAAqC;AAC7C,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,SAAA,CAAU,GAAG,CAAA;AAAA,EACrC;AAAA,EAEA,MAAM,GAAA,CAAI,GAAA,EAAa,KAAA,EAA8B;AACnD,IAAA,MAAM,IAAA,CAAK,SAAA,CAAU,SAAA,CAAU,GAAA,EAAK,KAAK,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,OAAO,GAAA,EAA4B;AACvC,IAAA,MAAM,IAAA,CAAK,SAAA,CAAU,YAAA,CAAa,GAAG,CAAA;AAAA,EACvC;AACF;;;ACbA,IAAM,cAAA,GAAiB,CAAC,IAAA,KAAgC;AATxD,EAAA,IAAA,EAAA;AAUE,EAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAC5C,EAAA,MAAM,SAAS,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,CAAA,SAAA,EAAY,IAAI,CAAA,gBAAA,CAAkB,CAAA;AACvE,EAAA,OAAO,MAAA,GAAA,CAAU,EAAA,GAAA,MAAA,CAAO,GAAA,EAAI,KAAX,YAAgB,IAAA,GAAQ,IAAA;AAC3C,CAAA;AAEO,SAAS,0BAAA,CACd,OAAA,GAAuC,EAAC,EACxB;AAChB,EAAA,MAAM,EAAE,QAAQ,IAAA,GAAO,GAAA,EAAK,WAAW,QAAA,EAAU,MAAA,GAAS,MAAK,GAAI,OAAA;AAEnE,EAAA,MAAM,GAAA,GAAM,CAAC,GAAA,KAA+B;AAC1C,IAAA,OAAO,eAAe,GAAG,CAAA;AAAA,EAC3B,CAAA;AAEA,EAAA,MAAM,GAAA,GAAM,CAAC,GAAA,EAAa,KAAA,KAAwB;AAChD,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,IAAI,MAAA,GAAS,CAAA,EAAG,GAAG,CAAA,CAAA,EAAI,KAAK,CAAA,CAAA;AAC5B,IAAA,IAAI,IAAA,EAAM,MAAA,IAAU,CAAA,OAAA,EAAU,IAAI,CAAA,CAAA;AAClC,IAAA,IAAI,MAAA,EAAQ,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AACxC,IAAA,IAAI,QAAA,EAAU,MAAA,IAAU,CAAA,WAAA,EAAc,QAAQ,CAAA,CAAA;AAC9C,IAAA,IAAI,QAAQ,MAAA,IAAU,CAAA,QAAA,CAAA;AACtB,IAAA,QAAA,CAAS,MAAA,GAAS,MAAA;AAAA,EACpB,CAAA;AAEA,EAAA,MAAM,MAAA,GAAS,CAAC,GAAA,KAAsB;AACpC,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,IAAI,MAAA,GAAS,GAAG,GAAG,CAAA,wCAAA,CAAA;AACnB,IAAA,IAAI,IAAA,EAAM,MAAA,IAAU,CAAA,OAAA,EAAU,IAAI,CAAA,CAAA;AAClC,IAAA,IAAI,MAAA,EAAQ,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AACxC,IAAA,QAAA,CAAS,MAAA,GAAS,MAAA;AAAA,EACpB,CAAA;AAEA,EAAA,OAAO,EAAE,GAAA,EAAK,GAAA,EAAK,MAAA,EAAO;AAC5B","file":"index.cjs","sourcesContent":["export enum AuthErrorCode {\n INVALID_CONFIG = 'INVALID_CONFIG',\n STATE_MISMATCH = 'STATE_MISMATCH',\n CALLBACK_ERROR = 'CALLBACK_ERROR',\n TOKEN_EXCHANGE_FAILED = 'TOKEN_EXCHANGE_FAILED',\n REFRESH_FAILED = 'REFRESH_FAILED',\n STORAGE_ERROR = 'STORAGE_ERROR',\n MISSING_CODE = 'MISSING_CODE',\n MISSING_STATE = 'MISSING_STATE',\n NETWORK_ERROR = 'NETWORK_ERROR',\n HTTP_ERROR = 'HTTP_ERROR',\n}\n\nexport class AuthError extends Error {\n constructor(\n public readonly code: AuthErrorCode,\n message: string,\n public readonly cause?: unknown,\n ) {\n super(message);\n this.name = 'AuthError';\n }\n}\n","const ALPHABET =\n 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~';\n\nfunction getCryptoImpl(): Crypto {\n if (typeof globalThis !== 'undefined' && globalThis.crypto) {\n return globalThis.crypto;\n }\n throw new Error('Web Crypto API unavailable');\n}\n\nexport function randomString(length = 64): string {\n const crypto = getCryptoImpl();\n // Rejection sampling: discard bytes >= threshold to eliminate modulo bias.\n // ALPHABET.length = 66; threshold = 256 - (256 % 66) = 204\n const THRESHOLD = 256 - (256 % ALPHABET.length);\n const result: string[] = [];\n while (result.length < length) {\n const bytes = new Uint8Array(Math.ceil((length - result.length) * 1.4));\n crypto.getRandomValues(bytes);\n for (const b of bytes) {\n if (result.length >= length) break;\n if (b < THRESHOLD) result.push(ALPHABET[b % ALPHABET.length]!);\n }\n }\n return result.join('');\n}\n\nfunction toBase64Url(bytes: Uint8Array<ArrayBuffer>): string {\n const binary = Array.from(bytes, (b) => String.fromCharCode(b)).join('');\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=/g, '');\n}\n\nfunction verifierToBytes(verifier: string): Uint8Array<ArrayBuffer> {\n const bytes = new Uint8Array(verifier.length);\n for (let i = 0; i < verifier.length; i++) {\n bytes[i] = verifier.charCodeAt(i);\n }\n return bytes;\n}\n\nexport async function createCodeChallenge(verifier: string): Promise<string> {\n const crypto = getCryptoImpl();\n const buffer = verifierToBytes(verifier);\n const digest = await crypto.subtle.digest('SHA-256', buffer);\n return toBase64Url(new Uint8Array(digest));\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type { StorageAdapter, TokenSet } from './types';\n\nexport const STORAGE_KEYS = {\n session: 'nuria:session',\n state: 'nuria:oauth:state',\n codeVerifier: 'nuria:oauth:code_verifier',\n};\n\nexport function normalizeTokenSet(\n raw: Record<string, unknown>,\n now: () => number,\n): TokenSet {\n const accessToken = (raw.access_token ?? raw.accessToken) as string;\n if (!accessToken || typeof accessToken !== 'string') {\n throw new AuthError(\n AuthErrorCode.TOKEN_EXCHANGE_FAILED,\n 'Missing access token in token response',\n );\n }\n const expiresIn = Number(raw.expires_in ?? raw.expiresIn ?? 0) || undefined;\n return {\n accessToken,\n tokenType: (raw.token_type ?? raw.tokenType) as string | undefined,\n expiresIn,\n refreshToken: (raw.refresh_token ?? raw.refreshToken) as string | undefined,\n idToken: (raw.id_token ?? raw.idToken) as string | undefined,\n scope: raw.scope as string | undefined,\n expiresAt: expiresIn ? now() + expiresIn * 1000 : undefined,\n };\n}\n\nexport async function safeGet(\n storage: StorageAdapter,\n key: string,\n): Promise<string | null> {\n try {\n return await storage.get(key);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed reading key: ${key}`,\n cause,\n );\n }\n}\n\nexport async function safeSet(\n storage: StorageAdapter,\n key: string,\n value: string,\n): Promise<void> {\n try {\n await storage.set(key, value);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed writing key: ${key}`,\n cause,\n );\n }\n}\n\nexport async function safeRemove(\n storage: StorageAdapter,\n key: string,\n): Promise<void> {\n try {\n await storage.remove(key);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed removing key: ${key}`,\n cause,\n );\n }\n}\n\nexport function timingSafeEqual(a: string, b: string): boolean {\n if (a.length !== b.length) return false;\n let diff = 0;\n for (let i = 0; i < a.length; i++) {\n diff |= a.charCodeAt(i) ^ b.charCodeAt(i);\n }\n return diff === 0;\n}\n\nexport function parseUrl(url: string): URL {\n try {\n return new URL(url);\n } catch {\n throw new AuthError(AuthErrorCode.CALLBACK_ERROR, 'Invalid callback URL');\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport class MemoryStorageAdapter implements StorageAdapter {\n private store = new Map<string, string>();\n\n get(key: string): string | null {\n return this.store.get(key) ?? null;\n }\n\n set(key: string, value: string): void {\n this.store.set(key, value);\n }\n\n remove(key: string): void {\n this.store.delete(key);\n }\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type {\n AuthTransport,\n AuthTransportRequest,\n AuthTransportResponse,\n TransportInterceptor,\n} from '../core/types';\n\nexport interface FetchTransportOptions {\n fetchFn?: typeof fetch;\n timeoutMs?: number;\n retries?: number;\n interceptors?: TransportInterceptor[];\n}\n\nconst RETRYABLE_STATUS = new Set([408, 425, 429, 500, 502, 503, 504]);\n\nexport class FetchAuthTransport implements AuthTransport {\n private readonly fetchFn: typeof fetch;\n private readonly timeoutMs?: number;\n private readonly retries: number;\n private readonly interceptors: TransportInterceptor[];\n\n constructor(options: FetchTransportOptions = {}) {\n this.fetchFn = options.fetchFn ?? fetch;\n this.timeoutMs = options.timeoutMs;\n this.retries = options.retries ?? 0;\n this.interceptors = options.interceptors ?? [];\n }\n\n async request<T = unknown>(\n url: string,\n req: AuthTransportRequest = {},\n ): Promise<AuthTransportResponse<T>> {\n let request = req;\n for (const i of this.interceptors) {\n if (i.onRequest) request = await i.onRequest(url, request);\n }\n\n const retries = request.retries ?? this.retries;\n let attempt = 0;\n while (true) {\n const controller = new AbortController();\n const timeout = request.timeoutMs ?? this.timeoutMs;\n const timer = timeout\n ? setTimeout(() => controller.abort(), timeout)\n : undefined;\n try {\n const defaultContentType =\n typeof request.body === 'string'\n ? 'application/x-www-form-urlencoded'\n : 'application/json';\n const res = await this.fetchFn(this.withQuery(url, request.query), {\n method: request.method ?? 'GET',\n credentials: request.credentials,\n headers: {\n 'Content-Type': defaultContentType,\n ...(request.headers ?? {}),\n },\n body:\n request.body !== undefined\n ? typeof request.body === 'string'\n ? request.body\n : JSON.stringify(request.body)\n : undefined,\n signal: controller.signal,\n });\n const data = await this.parseBody<T>(res);\n if (!res.ok) {\n if (attempt < retries && RETRYABLE_STATUS.has(res.status)) {\n attempt += 1;\n continue;\n }\n throw new AuthError(AuthErrorCode.HTTP_ERROR, `HTTP ${res.status}`);\n }\n let out: AuthTransportResponse<T> = {\n status: res.status,\n data,\n headers: res.headers,\n };\n for (const i of this.interceptors) {\n if (i.onResponse) out = await i.onResponse(out);\n }\n return out;\n } catch (cause) {\n if (cause instanceof AuthError) throw cause;\n if (attempt < retries) {\n attempt += 1;\n continue;\n }\n throw new AuthError(\n AuthErrorCode.NETWORK_ERROR,\n 'Network request failed',\n cause,\n );\n } finally {\n if (timer) clearTimeout(timer);\n }\n }\n }\n\n private withQuery(\n url: string,\n query?: Record<string, string | undefined>,\n ): string {\n if (!query) return url;\n const parsed = new URL(url);\n Object.entries(query).forEach(([k, v]) => {\n if (v !== undefined) parsed.searchParams.set(k, v);\n });\n return parsed.toString();\n }\n\n private async parseBody<T>(res: Response): Promise<T> {\n const contentType = res.headers.get('content-type') ?? '';\n if (contentType.includes('application/json')) {\n return (await res.json()) as T;\n }\n return (await res.text()) as unknown as T;\n }\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport { createCodeChallenge, randomString } from '../core/pkce';\nimport {\n normalizeTokenSet,\n parseUrl,\n safeGet,\n safeRemove,\n safeSet,\n timingSafeEqual,\n STORAGE_KEYS,\n} from '../core/utils';\nimport type {\n AuthClient,\n AuthConfig,\n Session,\n StartLoginOptions,\n TokenSet,\n AuthTransport,\n} from '../core/types';\nimport { MemoryStorageAdapter } from '../storage/memory-storage-adapter';\nimport { FetchAuthTransport } from '../transport/fetch-transport';\n\nexport class DefaultAuthClient implements AuthClient {\n private session: Session | null = null;\n private refreshPromise: Promise<Session> | null = null;\n private readonly listeners = new Set<(session: Session | null) => void>();\n private readonly storage;\n private readonly transport: AuthTransport;\n private readonly now: () => number;\n\n constructor(private readonly config: AuthConfig) {\n this.storage = config.storage ?? new MemoryStorageAdapter();\n this.transport = config.transport ?? new FetchAuthTransport();\n this.now = config.now ?? (() => Date.now());\n }\n\n async startLogin(options: StartLoginOptions = {}): Promise<void> {\n const state = randomString(32);\n const codeVerifier = randomString(96);\n const codeChallenge = await createCodeChallenge(codeVerifier);\n\n await safeSet(this.storage, STORAGE_KEYS.state, state);\n await safeSet(this.storage, STORAGE_KEYS.codeVerifier, codeVerifier);\n\n const params: Record<string, string> = {\n response_type: 'code',\n client_id: this.config.clientId,\n redirect_uri: this.config.redirectUri,\n state,\n code_challenge: codeChallenge,\n code_challenge_method: 'S256',\n };\n\n const scope = options.scopes?.join(' ') ?? this.config.scope;\n if (scope) params.scope = scope;\n if (options.loginHint) params.login_hint = options.loginHint;\n if (options.extraParams) {\n const RESERVED = new Set([\n 'response_type',\n 'client_id',\n 'redirect_uri',\n 'state',\n 'code_challenge',\n 'code_challenge_method',\n ]);\n for (const [k, v] of Object.entries(options.extraParams)) {\n if (!RESERVED.has(k)) params[k] = v;\n }\n }\n\n const url = new URL(this.config.authorizationEndpoint);\n Object.entries(params).forEach(([k, v]) => url.searchParams.set(k, v));\n const redirectUrl = url.toString();\n\n if (this.config.onRedirect) {\n await this.config.onRedirect(redirectUrl);\n return;\n }\n if (typeof window !== 'undefined') {\n window.location.assign(redirectUrl);\n return;\n }\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'Missing onRedirect callback for non-browser runtime',\n );\n }\n\n async handleRedirectCallback(callbackUrl?: string): Promise<Session> {\n const input =\n callbackUrl ??\n (typeof window !== 'undefined' ? window.location.href : '');\n if (!input) {\n throw new AuthError(\n AuthErrorCode.CALLBACK_ERROR,\n 'callbackUrl required in non-browser runtime',\n );\n }\n\n const url = parseUrl(input);\n const error = url.searchParams.get('error');\n if (error) {\n const desc = url.searchParams.get('error_description');\n throw new AuthError(\n AuthErrorCode.CALLBACK_ERROR,\n desc\n ? `Authorization error: ${error} — ${desc}`\n : `Authorization error: ${error}`,\n );\n }\n\n const code = url.searchParams.get('code');\n if (!code) {\n throw new AuthError(\n AuthErrorCode.MISSING_CODE,\n 'Missing code in callback',\n );\n }\n\n const state = url.searchParams.get('state');\n if (!state) {\n throw new AuthError(\n AuthErrorCode.MISSING_STATE,\n 'Missing state in callback',\n );\n }\n\n const storedState = await safeGet(this.storage, STORAGE_KEYS.state);\n if (!storedState || !timingSafeEqual(storedState, state)) {\n throw new AuthError(\n AuthErrorCode.STATE_MISMATCH,\n 'State validation failed',\n );\n }\n\n await safeRemove(this.storage, STORAGE_KEYS.state);\n return this.exchangeCode(code);\n }\n\n getSession(): Session | null {\n return this.session;\n }\n\n async getAccessToken(): Promise<string | null> {\n if (!this.session) {\n await this.hydrateSession();\n }\n if (!this.session) return null;\n const exp = this.session.tokens.expiresAt;\n if (exp && exp <= this.now() && this.config.enableRefreshToken) {\n if (!this.refreshPromise) {\n this.refreshPromise = this.doRefresh().finally(() => {\n this.refreshPromise = null;\n });\n }\n await this.refreshPromise;\n }\n return this.session?.tokens.accessToken ?? null;\n }\n\n async logout(options?: { returnTo?: string }): Promise<void> {\n if (options?.returnTo) {\n const returnTo = options.returnTo;\n if (returnTo.startsWith('//') || !/^https?:\\/\\//.test(returnTo)) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'returnTo must be an absolute https:// or http:// URL',\n );\n }\n }\n\n this.session = null;\n await safeRemove(this.storage, STORAGE_KEYS.session);\n await safeRemove(this.storage, STORAGE_KEYS.state);\n await safeRemove(this.storage, STORAGE_KEYS.codeVerifier);\n this.notify();\n\n if (this.config.logoutEndpoint) {\n const url = new URL(this.config.logoutEndpoint);\n if (options?.returnTo) {\n url.searchParams.set('returnTo', options.returnTo);\n }\n const logoutUrl = url.toString();\n if (this.config.onRedirect) {\n await this.config.onRedirect(logoutUrl);\n } else if (typeof window !== 'undefined') {\n window.location.assign(logoutUrl);\n }\n }\n }\n\n isAuthenticated(): boolean {\n return Boolean(this.session?.tokens.accessToken);\n }\n\n onAuthStateChanged(handler: (session: Session | null) => void): () => void {\n this.listeners.add(handler);\n return () => this.listeners.delete(handler);\n }\n\n async getUserinfo(): Promise<Record<string, unknown>> {\n const accessToken = await this.getAccessToken();\n if (!accessToken) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'Not authenticated — call handleRedirectCallback first',\n );\n }\n if (!this.config.userinfoEndpoint) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.userinfoEndpoint is required for getUserinfo',\n );\n }\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.userinfoEndpoint,\n { headers: { Authorization: `Bearer ${accessToken}` } },\n );\n return response.data;\n }\n\n private async exchangeCode(code: string): Promise<Session> {\n const verifier = await safeGet(this.storage, STORAGE_KEYS.codeVerifier);\n if (!verifier) {\n throw new AuthError(\n AuthErrorCode.TOKEN_EXCHANGE_FAILED,\n 'Missing PKCE code_verifier in storage',\n );\n }\n\n const body = new URLSearchParams({\n grant_type: 'authorization_code',\n code,\n code_verifier: verifier,\n redirect_uri: this.config.redirectUri,\n client_id: this.config.clientId,\n });\n\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.tokenEndpoint,\n {\n method: 'POST',\n credentials: 'include',\n body: body.toString(),\n },\n );\n const tokens = normalizeTokenSet(response.data, this.now);\n await safeRemove(this.storage, STORAGE_KEYS.codeVerifier);\n return this.createSession(tokens);\n }\n\n private async doRefresh(): Promise<Session> {\n const refreshToken = this.session?.tokens.refreshToken;\n const body = new URLSearchParams({\n grant_type: 'refresh_token',\n client_id: this.config.clientId,\n });\n if (refreshToken) body.set('refresh_token', refreshToken);\n\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.tokenEndpoint,\n {\n method: 'POST',\n credentials: 'include',\n body: body.toString(),\n },\n );\n const tokens = normalizeTokenSet(response.data, this.now);\n return this.createSession(tokens);\n }\n\n private async createSession(tokens: TokenSet): Promise<Session> {\n const previousRefreshToken = this.session?.tokens.refreshToken;\n const mergedTokens: TokenSet = {\n ...tokens,\n refreshToken: tokens.refreshToken ?? previousRefreshToken,\n };\n\n this.session = {\n tokens: mergedTokens,\n createdAt: this.now(),\n };\n await safeSet(\n this.storage,\n STORAGE_KEYS.session,\n JSON.stringify(this.session),\n );\n this.notify();\n return this.session;\n }\n\n private notify(): void {\n this.listeners.forEach((handler) => handler(this.session));\n }\n\n private async hydrateSession(): Promise<void> {\n const raw = await safeGet(this.storage, STORAGE_KEYS.session);\n if (!raw) return;\n try {\n const parsed = JSON.parse(raw) as Session;\n if (typeof parsed?.tokens?.accessToken !== 'string') {\n await safeRemove(this.storage, STORAGE_KEYS.session);\n return;\n }\n this.session = parsed;\n } catch {\n await safeRemove(this.storage, STORAGE_KEYS.session);\n this.session = null;\n }\n }\n}\n","import { DefaultAuthClient } from './nuria-auth-client';\nimport { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type { AuthClient, AuthConfig } from '../core/types';\n\nexport function createAuthClient(config: AuthConfig): AuthClient {\n if (!config?.clientId) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.clientId is required',\n );\n }\n if (!config.authorizationEndpoint) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.authorizationEndpoint is required',\n );\n }\n if (!config.tokenEndpoint) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.tokenEndpoint is required',\n );\n }\n if (!config.redirectUri) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.redirectUri is required',\n );\n }\n return new DefaultAuthClient(config);\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport class WebStorageAdapter implements StorageAdapter {\n constructor(\n private readonly storage: Pick<\n Storage,\n 'getItem' | 'setItem' | 'removeItem'\n >,\n ) {}\n\n get(key: string): string | null {\n return this.storage.getItem(key);\n }\n\n set(key: string, value: string): void {\n this.storage.setItem(key, value);\n }\n\n remove(key: string): void {\n this.storage.removeItem(key);\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport interface CookieStorageCallbacks {\n getCookie(name: string): string | null | Promise<string | null>;\n setCookie(name: string, value: string): void | Promise<void>;\n removeCookie(name: string): void | Promise<void>;\n}\n\nexport class CookieStorageAdapter implements StorageAdapter {\n constructor(private readonly callbacks: CookieStorageCallbacks) {}\n\n async get(key: string): Promise<string | null> {\n return this.callbacks.getCookie(key);\n }\n\n async set(key: string, value: string): Promise<void> {\n await this.callbacks.setCookie(key, value);\n }\n\n async remove(key: string): Promise<void> {\n await this.callbacks.removeCookie(key);\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport interface BrowserCookieStorageOptions {\n domain?: string;\n path?: string;\n sameSite?: 'strict' | 'lax' | 'none';\n secure?: boolean;\n}\n\nconst getCookieValue = (name: string): string | null => {\n if (typeof document === 'undefined') return null;\n const result = document.cookie.match(`(^|;)\\\\s*${name}\\\\s*=\\\\s*([^;]+)`);\n return result ? (result.pop() ?? null) : null;\n};\n\nexport function createBrowserCookieStorage(\n options: BrowserCookieStorageOptions = {},\n): StorageAdapter {\n const { domain, path = '/', sameSite = 'strict', secure = true } = options;\n\n const get = (key: string): string | null => {\n return getCookieValue(key);\n };\n\n const set = (key: string, value: string): void => {\n if (typeof document === 'undefined') return;\n let cookie = `${key}=${value}`;\n if (path) cookie += `; path=${path}`;\n if (domain) cookie += `; domain=${domain}`;\n if (sameSite) cookie += `; samesite=${sameSite}`;\n if (secure) cookie += `; secure`;\n document.cookie = cookie;\n };\n\n const remove = (key: string): void => {\n if (typeof document === 'undefined') return;\n let cookie = `${key}=; expires=Thu, 01 Jan 1970 00:00:00 GMT`;\n if (path) cookie += `; path=${path}`;\n if (domain) cookie += `; domain=${domain}`;\n document.cookie = cookie;\n };\n\n return { get, set, remove };\n}\n"]}
package/dist/index.d.cts CHANGED
@@ -24,6 +24,7 @@ interface StorageAdapter {
24
24
  interface AuthTransportRequest {
25
25
  method?: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
26
26
  headers?: Record<string, string>;
27
+ credentials?: RequestCredentials;
27
28
  query?: Record<string, string | undefined>;
28
29
  body?: unknown;
29
30
  timeoutMs?: number;
package/dist/index.d.ts CHANGED
@@ -24,6 +24,7 @@ interface StorageAdapter {
24
24
  interface AuthTransportRequest {
25
25
  method?: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
26
26
  headers?: Record<string, string>;
27
+ credentials?: RequestCredentials;
27
28
  query?: Record<string, string | undefined>;
28
29
  body?: unknown;
29
30
  timeoutMs?: number;