@nuria-tech/auth-sdk 1.0.3 → 1.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +204 -222
- package/dist/angular.cjs +49 -0
- package/dist/angular.cjs.map +1 -0
- package/dist/angular.d.cts +22 -0
- package/dist/angular.d.ts +22 -0
- package/dist/angular.js +47 -0
- package/dist/angular.js.map +1 -0
- package/dist/cookie-storage-adapter-EJeGX8Tl.d.ts +16 -0
- package/dist/cookie-storage-adapter-FKYkZ--Y.d.cts +16 -0
- package/dist/index.cjs +145 -16
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +4 -85
- package/dist/index.d.ts +4 -85
- package/dist/index.js +145 -16
- package/dist/index.js.map +1 -1
- package/dist/next.cjs +719 -0
- package/dist/next.cjs.map +1 -0
- package/dist/next.d.cts +12 -0
- package/dist/next.d.ts +12 -0
- package/dist/next.js +716 -0
- package/dist/next.js.map +1 -0
- package/dist/nuxt.cjs +719 -0
- package/dist/nuxt.cjs.map +1 -0
- package/dist/nuxt.d.cts +12 -0
- package/dist/nuxt.d.ts +12 -0
- package/dist/nuxt.js +716 -0
- package/dist/nuxt.js.map +1 -0
- package/dist/react.cjs +89 -0
- package/dist/react.cjs.map +1 -0
- package/dist/react.d.cts +27 -0
- package/dist/react.d.ts +27 -0
- package/dist/react.js +85 -0
- package/dist/react.js.map +1 -0
- package/dist/types-2k4ZYpF4.d.cts +103 -0
- package/dist/types-2k4ZYpF4.d.ts +103 -0
- package/dist/vue.cjs +57 -0
- package/dist/vue.cjs.map +1 -0
- package/dist/vue.d.cts +13 -0
- package/dist/vue.d.ts +13 -0
- package/dist/vue.js +55 -0
- package/dist/vue.js.map +1 -0
- package/package.json +51 -2
package/dist/angular.js
ADDED
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
import { BehaviorSubject } from 'rxjs';
|
|
2
|
+
|
|
3
|
+
// src/angular/index.ts
|
|
4
|
+
function toState(session, isLoading, error) {
|
|
5
|
+
return {
|
|
6
|
+
session,
|
|
7
|
+
isAuthenticated: session !== null,
|
|
8
|
+
isLoading,
|
|
9
|
+
error
|
|
10
|
+
};
|
|
11
|
+
}
|
|
12
|
+
function createAngularAuthFacade(auth) {
|
|
13
|
+
const subject = new BehaviorSubject(
|
|
14
|
+
toState(auth.getSession(), auth.getSession() === null, null)
|
|
15
|
+
);
|
|
16
|
+
const unsubscribe = auth.onAuthStateChanged((nextSession) => {
|
|
17
|
+
subject.next(toState(nextSession, false, null));
|
|
18
|
+
});
|
|
19
|
+
const refresh = async () => {
|
|
20
|
+
subject.next(toState(subject.value.session, true, null));
|
|
21
|
+
try {
|
|
22
|
+
await auth.getAccessToken();
|
|
23
|
+
const session = auth.getSession();
|
|
24
|
+
subject.next(toState(session, false, null));
|
|
25
|
+
return session;
|
|
26
|
+
} catch (error) {
|
|
27
|
+
subject.next(toState(auth.getSession(), false, error));
|
|
28
|
+
return null;
|
|
29
|
+
}
|
|
30
|
+
};
|
|
31
|
+
void refresh();
|
|
32
|
+
return {
|
|
33
|
+
state$: subject.asObservable(),
|
|
34
|
+
snapshot: () => subject.value,
|
|
35
|
+
refresh,
|
|
36
|
+
login: () => auth.startLogin(),
|
|
37
|
+
logout: (options) => auth.logout(options),
|
|
38
|
+
destroy: () => {
|
|
39
|
+
unsubscribe();
|
|
40
|
+
subject.complete();
|
|
41
|
+
}
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
export { createAngularAuthFacade };
|
|
46
|
+
//# sourceMappingURL=angular.js.map
|
|
47
|
+
//# sourceMappingURL=angular.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/angular/index.ts"],"names":[],"mappings":";;;AAmBA,SAAS,OAAA,CACP,OAAA,EACA,SAAA,EACA,KAAA,EACkB;AAClB,EAAA,OAAO;AAAA,IACL,OAAA;AAAA,IACA,iBAAiB,OAAA,KAAY,IAAA;AAAA,IAC7B,SAAA;AAAA,IACA;AAAA,GACF;AACF;AAEO,SAAS,wBAAwB,IAAA,EAAqC;AAC3E,EAAA,MAAM,UAAU,IAAI,eAAA;AAAA,IAClB,OAAA,CAAQ,KAAK,UAAA,EAAW,EAAG,KAAK,UAAA,EAAW,KAAM,MAAM,IAAI;AAAA,GAC7D;AAEA,EAAA,MAAM,WAAA,GAAc,IAAA,CAAK,kBAAA,CAAmB,CAAC,WAAA,KAAgB;AAC3D,IAAA,OAAA,CAAQ,IAAA,CAAK,OAAA,CAAQ,WAAA,EAAa,KAAA,EAAO,IAAI,CAAC,CAAA;AAAA,EAChD,CAAC,CAAA;AAED,EAAA,MAAM,UAAU,YAAqC;AACnD,IAAA,OAAA,CAAQ,KAAK,OAAA,CAAQ,OAAA,CAAQ,MAAM,OAAA,EAAS,IAAA,EAAM,IAAI,CAAC,CAAA;AACvD,IAAA,IAAI;AACF,MAAA,MAAM,KAAK,cAAA,EAAe;AAC1B,MAAA,MAAM,OAAA,GAAU,KAAK,UAAA,EAAW;AAChC,MAAA,OAAA,CAAQ,IAAA,CAAK,OAAA,CAAQ,OAAA,EAAS,KAAA,EAAO,IAAI,CAAC,CAAA;AAC1C,MAAA,OAAO,OAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAK,OAAA,CAAQ,IAAA,CAAK,YAAW,EAAG,KAAA,EAAO,KAAK,CAAC,CAAA;AACrD,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF,CAAA;AAEA,EAAA,KAAK,OAAA,EAAQ;AAEb,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,QAAQ,YAAA,EAAa;AAAA,IAC7B,QAAA,EAAU,MAAM,OAAA,CAAQ,KAAA;AAAA,IACxB,OAAA;AAAA,IACA,KAAA,EAAO,MAAM,IAAA,CAAK,UAAA,EAAW;AAAA,IAC7B,MAAA,EAAQ,CAAC,OAAA,KAAY,IAAA,CAAK,OAAO,OAAO,CAAA;AAAA,IACxC,SAAS,MAAM;AACb,MAAA,WAAA,EAAY;AACZ,MAAA,OAAA,CAAQ,QAAA,EAAS;AAAA,IACnB;AAAA,GACF;AACF","file":"angular.js","sourcesContent":["import { BehaviorSubject, type Observable } from 'rxjs';\nimport type { AuthClient, Session } from '../core/types';\n\nexport interface AngularAuthState {\n session: Session | null;\n isAuthenticated: boolean;\n isLoading: boolean;\n error: unknown;\n}\n\nexport interface AngularAuthFacade {\n state$: Observable<AngularAuthState>;\n snapshot: () => AngularAuthState;\n refresh: () => Promise<Session | null>;\n login: () => Promise<void>;\n logout: (options?: { returnTo?: string }) => Promise<void>;\n destroy: () => void;\n}\n\nfunction toState(\n session: Session | null,\n isLoading: boolean,\n error: unknown,\n): AngularAuthState {\n return {\n session,\n isAuthenticated: session !== null,\n isLoading,\n error,\n };\n}\n\nexport function createAngularAuthFacade(auth: AuthClient): AngularAuthFacade {\n const subject = new BehaviorSubject<AngularAuthState>(\n toState(auth.getSession(), auth.getSession() === null, null),\n );\n\n const unsubscribe = auth.onAuthStateChanged((nextSession) => {\n subject.next(toState(nextSession, false, null));\n });\n\n const refresh = async (): Promise<Session | null> => {\n subject.next(toState(subject.value.session, true, null));\n try {\n await auth.getAccessToken();\n const session = auth.getSession();\n subject.next(toState(session, false, null));\n return session;\n } catch (error) {\n subject.next(toState(auth.getSession(), false, error));\n return null;\n }\n };\n\n void refresh();\n\n return {\n state$: subject.asObservable(),\n snapshot: () => subject.value,\n refresh,\n login: () => auth.startLogin(),\n logout: (options) => auth.logout(options),\n destroy: () => {\n unsubscribe();\n subject.complete();\n },\n };\n}\n"]}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import { S as StorageAdapter } from './types-2k4ZYpF4.js';
|
|
2
|
+
|
|
3
|
+
interface CookieStorageCallbacks {
|
|
4
|
+
getCookie(name: string): string | null | Promise<string | null>;
|
|
5
|
+
setCookie(name: string, value: string): void | Promise<void>;
|
|
6
|
+
removeCookie(name: string): void | Promise<void>;
|
|
7
|
+
}
|
|
8
|
+
declare class CookieStorageAdapter implements StorageAdapter {
|
|
9
|
+
private readonly callbacks;
|
|
10
|
+
constructor(callbacks: CookieStorageCallbacks);
|
|
11
|
+
get(key: string): Promise<string | null>;
|
|
12
|
+
set(key: string, value: string): Promise<void>;
|
|
13
|
+
remove(key: string): Promise<void>;
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
export { CookieStorageAdapter as C };
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import { S as StorageAdapter } from './types-2k4ZYpF4.cjs';
|
|
2
|
+
|
|
3
|
+
interface CookieStorageCallbacks {
|
|
4
|
+
getCookie(name: string): string | null | Promise<string | null>;
|
|
5
|
+
setCookie(name: string, value: string): void | Promise<void>;
|
|
6
|
+
removeCookie(name: string): void | Promise<void>;
|
|
7
|
+
}
|
|
8
|
+
declare class CookieStorageAdapter implements StorageAdapter {
|
|
9
|
+
private readonly callbacks;
|
|
10
|
+
constructor(callbacks: CookieStorageCallbacks);
|
|
11
|
+
get(key: string): Promise<string | null>;
|
|
12
|
+
set(key: string, value: string): Promise<void>;
|
|
13
|
+
remove(key: string): Promise<void>;
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
export { CookieStorageAdapter as C };
|
package/dist/index.cjs
CHANGED
|
@@ -70,23 +70,25 @@ var STORAGE_KEYS = {
|
|
|
70
70
|
codeVerifier: "nuria:oauth:code_verifier"
|
|
71
71
|
};
|
|
72
72
|
function normalizeTokenSet(raw, now) {
|
|
73
|
-
var _a, _b, _c, _d, _e, _f;
|
|
74
|
-
const accessToken = (_a = raw.access_token) != null ? _a : raw.accessToken;
|
|
73
|
+
var _a, _b, _c, _d, _e, _f, _g, _h, _i, _j;
|
|
74
|
+
const accessToken = (_b = (_a = raw.access_token) != null ? _a : raw.accessToken) != null ? _b : raw.Token;
|
|
75
75
|
if (!accessToken || typeof accessToken !== "string") {
|
|
76
76
|
throw new AuthError(
|
|
77
77
|
"TOKEN_EXCHANGE_FAILED" /* TOKEN_EXCHANGE_FAILED */,
|
|
78
78
|
"Missing access token in token response"
|
|
79
79
|
);
|
|
80
80
|
}
|
|
81
|
-
const expiresIn = Number((
|
|
81
|
+
const expiresIn = Number((_d = (_c = raw.expires_in) != null ? _c : raw.expiresIn) != null ? _d : 0) || void 0;
|
|
82
|
+
const expiresAtFromResponse = Number((_e = raw.ExpiresAt) != null ? _e : 0) || void 0;
|
|
83
|
+
const computedExpiresAt = expiresIn != null ? now() + expiresIn * 1e3 : expiresAtFromResponse ? expiresAtFromResponse : void 0;
|
|
82
84
|
return {
|
|
83
85
|
accessToken,
|
|
84
|
-
tokenType: (
|
|
86
|
+
tokenType: (_g = (_f = raw.token_type) != null ? _f : raw.tokenType) != null ? _g : raw.TokenType,
|
|
85
87
|
expiresIn,
|
|
86
|
-
refreshToken: (
|
|
87
|
-
idToken: (
|
|
88
|
+
refreshToken: (_i = (_h = raw.refresh_token) != null ? _h : raw.refreshToken) != null ? _i : raw.RefreshToken,
|
|
89
|
+
idToken: (_j = raw.id_token) != null ? _j : raw.idToken,
|
|
88
90
|
scope: raw.scope,
|
|
89
|
-
expiresAt:
|
|
91
|
+
expiresAt: computedExpiresAt
|
|
90
92
|
};
|
|
91
93
|
}
|
|
92
94
|
async function safeGet(storage, key) {
|
|
@@ -337,7 +339,6 @@ var DefaultAuthClient = class {
|
|
|
337
339
|
"State validation failed"
|
|
338
340
|
);
|
|
339
341
|
}
|
|
340
|
-
await safeRemove(this.storage, STORAGE_KEYS.state);
|
|
341
342
|
return this.exchangeCode(code);
|
|
342
343
|
}
|
|
343
344
|
getSession() {
|
|
@@ -362,11 +363,27 @@ var DefaultAuthClient = class {
|
|
|
362
363
|
}
|
|
363
364
|
async logout(options) {
|
|
364
365
|
if (options == null ? void 0 : options.returnTo) {
|
|
365
|
-
|
|
366
|
-
|
|
366
|
+
let returnToUrl;
|
|
367
|
+
try {
|
|
368
|
+
returnToUrl = new URL(options.returnTo);
|
|
369
|
+
} catch (e) {
|
|
370
|
+
throw new AuthError(
|
|
371
|
+
"INVALID_CONFIG" /* INVALID_CONFIG */,
|
|
372
|
+
"returnTo must be a valid absolute URL"
|
|
373
|
+
);
|
|
374
|
+
}
|
|
375
|
+
const isHttps = returnToUrl.protocol === "https:";
|
|
376
|
+
const isLocalHttp = returnToUrl.protocol === "http:" && (returnToUrl.hostname === "localhost" || returnToUrl.hostname === "127.0.0.1" || returnToUrl.hostname === "[::1]");
|
|
377
|
+
if (!isHttps && !isLocalHttp) {
|
|
378
|
+
throw new AuthError(
|
|
379
|
+
"INVALID_CONFIG" /* INVALID_CONFIG */,
|
|
380
|
+
"returnTo must use https:// (or http:// only for localhost)"
|
|
381
|
+
);
|
|
382
|
+
}
|
|
383
|
+
if (returnToUrl.username || returnToUrl.password) {
|
|
367
384
|
throw new AuthError(
|
|
368
385
|
"INVALID_CONFIG" /* INVALID_CONFIG */,
|
|
369
|
-
"returnTo must
|
|
386
|
+
"returnTo must not include URL credentials"
|
|
370
387
|
);
|
|
371
388
|
}
|
|
372
389
|
}
|
|
@@ -389,8 +406,12 @@ var DefaultAuthClient = class {
|
|
|
389
406
|
}
|
|
390
407
|
}
|
|
391
408
|
isAuthenticated() {
|
|
392
|
-
var _a;
|
|
393
|
-
|
|
409
|
+
var _a, _b;
|
|
410
|
+
const accessToken = (_a = this.session) == null ? void 0 : _a.tokens.accessToken;
|
|
411
|
+
if (!accessToken) return false;
|
|
412
|
+
const exp = (_b = this.session) == null ? void 0 : _b.tokens.expiresAt;
|
|
413
|
+
if (exp && exp <= this.now()) return false;
|
|
414
|
+
return true;
|
|
394
415
|
}
|
|
395
416
|
onAuthStateChanged(handler) {
|
|
396
417
|
this.listeners.add(handler);
|
|
@@ -416,6 +437,103 @@ var DefaultAuthClient = class {
|
|
|
416
437
|
);
|
|
417
438
|
return response.data;
|
|
418
439
|
}
|
|
440
|
+
async startLoginCodeChallenge(options) {
|
|
441
|
+
var _a, _b, _c, _d, _e, _f, _g;
|
|
442
|
+
if (!(options == null ? void 0 : options.email)) {
|
|
443
|
+
throw new AuthError(
|
|
444
|
+
"INVALID_CONFIG" /* INVALID_CONFIG */,
|
|
445
|
+
"email is required for startLoginCodeChallenge"
|
|
446
|
+
);
|
|
447
|
+
}
|
|
448
|
+
const response = await this.transport.request(
|
|
449
|
+
`${this.config.baseUrl}/v2/login-code/challenge`,
|
|
450
|
+
{
|
|
451
|
+
method: "POST",
|
|
452
|
+
credentials: "include",
|
|
453
|
+
body: {
|
|
454
|
+
email: options.email,
|
|
455
|
+
channel: (_a = options.channel) != null ? _a : "email",
|
|
456
|
+
destination: options.destination,
|
|
457
|
+
purpose: (_b = options.purpose) != null ? _b : "login"
|
|
458
|
+
}
|
|
459
|
+
}
|
|
460
|
+
);
|
|
461
|
+
return {
|
|
462
|
+
challengeId: String((_c = response.data.challengeId) != null ? _c : ""),
|
|
463
|
+
channel: String((_d = response.data.channel) != null ? _d : ""),
|
|
464
|
+
destinationMasked: String((_e = response.data.destinationMasked) != null ? _e : ""),
|
|
465
|
+
expiresAt: Number((_f = response.data.expiresAt) != null ? _f : 0),
|
|
466
|
+
purpose: String((_g = response.data.purpose) != null ? _g : "login")
|
|
467
|
+
};
|
|
468
|
+
}
|
|
469
|
+
async verifyLoginCode(options) {
|
|
470
|
+
if (!(options == null ? void 0 : options.challengeId) || !(options == null ? void 0 : options.code)) {
|
|
471
|
+
throw new AuthError(
|
|
472
|
+
"INVALID_CONFIG" /* INVALID_CONFIG */,
|
|
473
|
+
"challengeId and code are required for verifyLoginCode"
|
|
474
|
+
);
|
|
475
|
+
}
|
|
476
|
+
const response = await this.transport.request(
|
|
477
|
+
`${this.config.baseUrl}/v2/2fa/verify-login`,
|
|
478
|
+
{
|
|
479
|
+
method: "POST",
|
|
480
|
+
credentials: "include",
|
|
481
|
+
body: {
|
|
482
|
+
challengeId: options.challengeId,
|
|
483
|
+
code: options.code
|
|
484
|
+
}
|
|
485
|
+
}
|
|
486
|
+
);
|
|
487
|
+
const tokens = normalizeTokenSet(response.data, this.now);
|
|
488
|
+
return this.createSession(tokens);
|
|
489
|
+
}
|
|
490
|
+
async loginWithCodeSent(options) {
|
|
491
|
+
return this.startLoginCodeChallenge(options);
|
|
492
|
+
}
|
|
493
|
+
async completeLoginWithCode(options) {
|
|
494
|
+
return this.verifyLoginCode(options);
|
|
495
|
+
}
|
|
496
|
+
async loginWithGoogle(options) {
|
|
497
|
+
if (!(options == null ? void 0 : options.idToken)) {
|
|
498
|
+
throw new AuthError(
|
|
499
|
+
"INVALID_CONFIG" /* INVALID_CONFIG */,
|
|
500
|
+
"idToken is required for loginWithGoogle"
|
|
501
|
+
);
|
|
502
|
+
}
|
|
503
|
+
const response = await this.transport.request(
|
|
504
|
+
`${this.config.baseUrl}/v2/google`,
|
|
505
|
+
{
|
|
506
|
+
method: "POST",
|
|
507
|
+
credentials: "include",
|
|
508
|
+
body: {
|
|
509
|
+
idToken: options.idToken
|
|
510
|
+
}
|
|
511
|
+
}
|
|
512
|
+
);
|
|
513
|
+
const tokens = normalizeTokenSet(response.data, this.now);
|
|
514
|
+
return this.createSession(tokens);
|
|
515
|
+
}
|
|
516
|
+
async loginWithPassword(options) {
|
|
517
|
+
if (!(options == null ? void 0 : options.email) || !(options == null ? void 0 : options.password)) {
|
|
518
|
+
throw new AuthError(
|
|
519
|
+
"INVALID_CONFIG" /* INVALID_CONFIG */,
|
|
520
|
+
"email and password are required for loginWithPassword"
|
|
521
|
+
);
|
|
522
|
+
}
|
|
523
|
+
const response = await this.transport.request(
|
|
524
|
+
`${this.config.baseUrl}/v2/login`,
|
|
525
|
+
{
|
|
526
|
+
method: "POST",
|
|
527
|
+
credentials: "include",
|
|
528
|
+
body: {
|
|
529
|
+
email: options.email,
|
|
530
|
+
password: options.password
|
|
531
|
+
}
|
|
532
|
+
}
|
|
533
|
+
);
|
|
534
|
+
const tokens = normalizeTokenSet(response.data, this.now);
|
|
535
|
+
return this.createSession(tokens);
|
|
536
|
+
}
|
|
419
537
|
async exchangeCode(code) {
|
|
420
538
|
const verifier = await safeGet(this.storage, STORAGE_KEYS.codeVerifier);
|
|
421
539
|
if (!verifier) {
|
|
@@ -440,6 +558,7 @@ var DefaultAuthClient = class {
|
|
|
440
558
|
}
|
|
441
559
|
);
|
|
442
560
|
const tokens = normalizeTokenSet(response.data, this.now);
|
|
561
|
+
await safeRemove(this.storage, STORAGE_KEYS.state);
|
|
443
562
|
await safeRemove(this.storage, STORAGE_KEYS.codeVerifier);
|
|
444
563
|
return this.createSession(tokens);
|
|
445
564
|
}
|
|
@@ -609,8 +728,18 @@ var CookieStorageAdapter = class {
|
|
|
609
728
|
var getCookieValue = (name) => {
|
|
610
729
|
var _a;
|
|
611
730
|
if (typeof document === "undefined") return null;
|
|
612
|
-
const
|
|
613
|
-
|
|
731
|
+
const escapedName = name.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
|
|
732
|
+
const result = document.cookie.match(
|
|
733
|
+
`(^|;)\\s*${escapedName}\\s*=\\s*([^;]+)`
|
|
734
|
+
);
|
|
735
|
+
if (!result) return null;
|
|
736
|
+
const raw = (_a = result.pop()) != null ? _a : null;
|
|
737
|
+
if (raw == null) return null;
|
|
738
|
+
try {
|
|
739
|
+
return decodeURIComponent(raw);
|
|
740
|
+
} catch (e) {
|
|
741
|
+
return raw;
|
|
742
|
+
}
|
|
614
743
|
};
|
|
615
744
|
function createBrowserCookieStorage(options = {}) {
|
|
616
745
|
const { domain, path = "/", sameSite = "strict", secure = true } = options;
|
|
@@ -619,7 +748,7 @@ function createBrowserCookieStorage(options = {}) {
|
|
|
619
748
|
};
|
|
620
749
|
const set = (key, value) => {
|
|
621
750
|
if (typeof document === "undefined") return;
|
|
622
|
-
let cookie = `${key}=${value}`;
|
|
751
|
+
let cookie = `${key}=${encodeURIComponent(value)}`;
|
|
623
752
|
if (path) cookie += `; path=${path}`;
|
|
624
753
|
if (domain) cookie += `; domain=${domain}`;
|
|
625
754
|
if (sameSite) cookie += `; samesite=${sameSite}`;
|
package/dist/index.cjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/errors/auth-error.ts","../src/core/pkce.ts","../src/core/utils.ts","../src/storage/memory-storage-adapter.ts","../src/transport/fetch-transport.ts","../src/client/nuria-auth-client.ts","../src/client/create-client.ts","../src/storage/web-storage-adapter.ts","../src/storage/cookie-storage-adapter.ts","../src/storage/browser-cookie-storage.ts"],"names":["AuthErrorCode"],"mappings":";;;AAAO,IAAK,aAAA,qBAAAA,cAAAA,KAAL;AACL,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,uBAAA,CAAA,GAAwB,uBAAA;AACxB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,cAAA,CAAA,GAAe,cAAA;AACf,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,YAAA,CAAA,GAAa,YAAA;AAVH,EAAA,OAAAA,cAAAA;AAAA,CAAA,EAAA,aAAA,IAAA,EAAA;AAaL,IAAM,SAAA,GAAN,cAAwB,KAAA,CAAM;AAAA,EACnC,WAAA,CACkB,IAAA,EAChB,OAAA,EACgB,KAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJG,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAEA,IAAA,IAAA,CAAA,KAAA,GAAA,KAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,WAAA;AAAA,EACd;AACF;;;ACtBA,IAAM,QAAA,GACJ,oEAAA;AAEF,SAAS,aAAA,GAAwB;AAC/B,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAe,UAAA,CAAW,MAAA,EAAQ;AAC1D,IAAA,OAAO,UAAA,CAAW,MAAA;AAAA,EACpB;AACA,EAAA,MAAM,IAAI,MAAM,4BAA4B,CAAA;AAC9C;AAEO,SAAS,YAAA,CAAa,SAAS,EAAA,EAAY;AAChD,EAAA,MAAM,SAAS,aAAA,EAAc;AAG7B,EAAA,MAAM,SAAA,GAAY,GAAA,GAAO,GAAA,GAAM,QAAA,CAAS,MAAA;AACxC,EAAA,MAAM,SAAmB,EAAC;AAC1B,EAAA,OAAO,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC7B,IAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,IAAA,CAAK,MAAM,MAAA,GAAS,MAAA,CAAO,MAAA,IAAU,GAAG,CAAC,CAAA;AACtE,IAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,IAAA,KAAA,MAAW,KAAK,KAAA,EAAO;AACrB,MAAA,IAAI,MAAA,CAAO,UAAU,MAAA,EAAQ;AAC7B,MAAA,IAAI,CAAA,GAAI,WAAW,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,GAAI,QAAA,CAAS,MAAM,CAAE,CAAA;AAAA,IAC/D;AAAA,EACF;AACA,EAAA,OAAO,MAAA,CAAO,KAAK,EAAE,CAAA;AACvB;AAEA,SAAS,YAAY,KAAA,EAAwC;AAC3D,EAAA,MAAM,MAAA,GAAS,KAAA,CAAM,IAAA,CAAK,KAAA,EAAO,CAAC,CAAA,KAAM,MAAA,CAAO,YAAA,CAAa,CAAC,CAAC,CAAA,CAAE,IAAA,CAAK,EAAE,CAAA;AACvE,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,EAAE,CAAA;AAC9E;AAEA,SAAS,gBAAgB,QAAA,EAA2C;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,QAAA,CAAS,MAAM,CAAA;AAC5C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,QAAA,CAAS,QAAQ,CAAA,EAAA,EAAK;AACxC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,QAAA,CAAS,UAAA,CAAW,CAAC,CAAA;AAAA,EAClC;AACA,EAAA,OAAO,KAAA;AACT;AAEA,eAAsB,oBAAoB,QAAA,EAAmC;AAC3E,EAAA,MAAM,SAAS,aAAA,EAAc;AAC7B,EAAA,MAAM,MAAA,GAAS,gBAAgB,QAAQ,CAAA;AACvC,EAAA,MAAM,SAAS,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,MAAM,CAAA;AAC3D,EAAA,OAAO,WAAA,CAAY,IAAI,UAAA,CAAW,MAAM,CAAC,CAAA;AAC3C;;;AC1CO,IAAM,YAAA,GAAe;AAAA,EAC1B,OAAA,EAAS,eAAA;AAAA,EACT,KAAA,EAAO,mBAAA;AAAA,EACP,YAAA,EAAc;AAChB,CAAA;AAEO,SAAS,iBAAA,CACd,KACA,GAAA,EACU;AAZZ,EAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AAaE,EAAA,MAAM,WAAA,GAAA,CAAe,EAAA,GAAA,GAAA,CAAI,YAAA,KAAJ,IAAA,GAAA,EAAA,GAAoB,GAAA,CAAI,WAAA;AAC7C,EAAA,IAAI,CAAC,WAAA,IAAe,OAAO,WAAA,KAAgB,QAAA,EAAU;AACnD,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,uBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,MAAM,SAAA,GAAY,QAAO,EAAA,GAAA,CAAA,EAAA,GAAA,GAAA,CAAI,UAAA,KAAJ,YAAkB,GAAA,CAAI,SAAA,KAAtB,IAAA,GAAA,EAAA,GAAmC,CAAC,CAAA,IAAK,MAAA;AAClE,EAAA,OAAO;AAAA,IACL,WAAA;AAAA,IACA,SAAA,EAAA,CAAY,EAAA,GAAA,GAAA,CAAI,UAAA,KAAJ,IAAA,GAAA,EAAA,GAAkB,GAAA,CAAI,SAAA;AAAA,IAClC,SAAA;AAAA,IACA,YAAA,EAAA,CAAe,EAAA,GAAA,GAAA,CAAI,aAAA,KAAJ,IAAA,GAAA,EAAA,GAAqB,GAAA,CAAI,YAAA;AAAA,IACxC,OAAA,EAAA,CAAU,EAAA,GAAA,GAAA,CAAI,QAAA,KAAJ,IAAA,GAAA,EAAA,GAAgB,GAAA,CAAI,OAAA;AAAA,IAC9B,OAAO,GAAA,CAAI,KAAA;AAAA,IACX,SAAA,EAAW,SAAA,GAAY,GAAA,EAAI,GAAI,YAAY,GAAA,GAAO;AAAA,GACpD;AACF;AAEA,eAAsB,OAAA,CACpB,SACA,GAAA,EACwB;AACxB,EAAA,IAAI;AACF,IAAA,OAAO,MAAM,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAAA,EAC9B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,uBAAuB,GAAG,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,EACF;AACF;AAEA,eAAsB,OAAA,CACpB,OAAA,EACA,GAAA,EACA,KAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC9B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,uBAAuB,GAAG,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,EACF;AACF;AAEA,eAAsB,UAAA,CACpB,SACA,GAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,EAC1B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,wBAAwB,GAAG,CAAA,CAAA;AAAA,MAC3B;AAAA,KACF;AAAA,EACF;AACF;AAEO,SAAS,eAAA,CAAgB,GAAW,CAAA,EAAoB;AAC7D,EAAA,IAAI,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,EAAQ,OAAO,KAAA;AAClC,EAAA,IAAI,IAAA,GAAO,CAAA;AACX,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,CAAE,QAAQ,CAAA,EAAA,EAAK;AACjC,IAAA,IAAA,IAAQ,EAAE,UAAA,CAAW,CAAC,CAAA,GAAI,CAAA,CAAE,WAAW,CAAC,CAAA;AAAA,EAC1C;AACA,EAAA,OAAO,IAAA,KAAS,CAAA;AAClB;AAEO,SAAS,SAAS,GAAA,EAAkB;AACzC,EAAA,IAAI;AACF,IAAA,OAAO,IAAI,IAAI,GAAG,CAAA;AAAA,EACpB,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,IAAA,MAAM,IAAI,iDAAwC,sBAAsB,CAAA;AAAA,EAC1E;AACF;;;AC3FO,IAAM,uBAAN,MAAqD;AAAA,EAArD,WAAA,GAAA;AACL,IAAA,IAAA,CAAQ,KAAA,uBAAY,GAAA,EAAoB;AAAA,EAAA;AAAA,EAExC,IAAI,GAAA,EAA4B;AALlC,IAAA,IAAA,EAAA;AAMI,IAAA,OAAA,CAAO,EAAA,GAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAG,MAAlB,IAAA,GAAA,EAAA,GAAuB,IAAA;AAAA,EAChC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC3B;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAA,CAAK,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,EACvB;AACF;;;ACDA,IAAM,gBAAA,mBAAmB,IAAI,GAAA,CAAI,CAAC,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAG,CAAC,CAAA;AAE7D,IAAM,qBAAN,MAAkD;AAAA,EAMvD,WAAA,CAAY,OAAA,GAAiC,EAAC,EAAG;AAvBnD,IAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AAwBI,IAAA,IAAA,CAAK,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB,KAAA;AAClC,IAAA,IAAA,CAAK,YAAY,OAAA,CAAQ,SAAA;AACzB,IAAA,IAAA,CAAK,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB,CAAA;AAClC,IAAA,IAAA,CAAK,YAAA,GAAA,CAAe,EAAA,GAAA,OAAA,CAAQ,YAAA,KAAR,IAAA,GAAA,EAAA,GAAwB,EAAC;AAAA,EAC/C;AAAA,EAEA,MAAM,OAAA,CACJ,GAAA,EACA,GAAA,GAA4B,EAAC,EACM;AAjCvC,IAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AAkCI,IAAA,IAAI,OAAA,GAAU,GAAA;AACd,IAAA,KAAA,MAAW,CAAA,IAAK,KAAK,YAAA,EAAc;AACjC,MAAA,IAAI,EAAE,SAAA,EAAW,OAAA,GAAU,MAAM,CAAA,CAAE,SAAA,CAAU,KAAK,OAAO,CAAA;AAAA,IAC3D;AAEA,IAAA,MAAM,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB,IAAA,CAAK,OAAA;AACxC,IAAA,IAAI,OAAA,GAAU,CAAA;AACd,IAAA,OAAO,IAAA,EAAM;AACX,MAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,MAAA,MAAM,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,SAAA,KAAR,IAAA,GAAA,EAAA,GAAqB,IAAA,CAAK,SAAA;AAC1C,MAAA,MAAM,KAAA,GAAQ,UACV,UAAA,CAAW,MAAM,WAAW,KAAA,EAAM,EAAG,OAAO,CAAA,GAC5C,MAAA;AACJ,MAAA,IAAI;AACF,QAAA,MAAM,kBAAA,GACJ,OAAO,OAAA,CAAQ,IAAA,KAAS,WACpB,mCAAA,GACA,kBAAA;AACN,QAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,OAAA,CAAQ,KAAK,SAAA,CAAU,GAAA,EAAK,OAAA,CAAQ,KAAK,CAAA,EAAG;AAAA,UACjE,MAAA,EAAA,CAAQ,EAAA,GAAA,OAAA,CAAQ,MAAA,KAAR,IAAA,GAAA,EAAA,GAAkB,KAAA;AAAA,UAC1B,aAAa,OAAA,CAAQ,WAAA;AAAA,UACrB,OAAA,EAAS;AAAA,YACP,cAAA,EAAgB,kBAAA;AAAA,YAChB,GAAA,CAAI,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB;AAAC,WAC1B;AAAA,UACA,IAAA,EACE,OAAA,CAAQ,IAAA,KAAS,KAAA,CAAA,GACb,OAAO,OAAA,CAAQ,IAAA,KAAS,QAAA,GACtB,OAAA,CAAQ,IAAA,GACR,IAAA,CAAK,SAAA,CAAU,OAAA,CAAQ,IAAI,CAAA,GAC7B,KAAA,CAAA;AAAA,UACN,QAAQ,UAAA,CAAW;AAAA,SACpB,CAAA;AACD,QAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAa,GAAG,CAAA;AACxC,QAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,UAAA,IAAI,UAAU,OAAA,IAAW,gBAAA,CAAiB,GAAA,CAAI,GAAA,CAAI,MAAM,CAAA,EAAG;AACzD,YAAA,OAAA,IAAW,CAAA;AACX,YAAA;AAAA,UACF;AACA,UAAA,MAAM,IAAI,SAAA,CAAA,YAAA,mBAAoC,CAAA,KAAA,EAAQ,GAAA,CAAI,MAAM,CAAA,CAAE,CAAA;AAAA,QACpE;AACA,QAAA,IAAI,GAAA,GAAgC;AAAA,UAClC,QAAQ,GAAA,CAAI,MAAA;AAAA,UACZ,IAAA;AAAA,UACA,SAAS,GAAA,CAAI;AAAA,SACf;AACA,QAAA,KAAA,MAAW,CAAA,IAAK,KAAK,YAAA,EAAc;AACjC,UAAA,IAAI,EAAE,UAAA,EAAY,GAAA,GAAM,MAAM,CAAA,CAAE,WAAW,GAAG,CAAA;AAAA,QAChD;AACA,QAAA,OAAO,GAAA;AAAA,MACT,SAAS,KAAA,EAAO;AACd,QAAA,IAAI,KAAA,YAAiB,WAAW,MAAM,KAAA;AACtC,QAAA,IAAI,UAAU,OAAA,EAAS;AACrB,UAAA,OAAA,IAAW,CAAA;AACX,UAAA;AAAA,QACF;AACA,QAAA,MAAM,IAAI,SAAA;AAAA,UAAA,eAAA;AAAA,UAER,wBAAA;AAAA,UACA;AAAA,SACF;AAAA,MACF,CAAA,SAAE;AACA,QAAA,IAAI,KAAA,eAAoB,KAAK,CAAA;AAAA,MAC/B;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,SAAA,CACN,KACA,KAAA,EACQ;AACR,IAAA,IAAI,CAAC,OAAO,OAAO,GAAA;AACnB,IAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,MAAA,CAAO,OAAA,CAAQ,KAAK,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM;AACxC,MAAA,IAAI,MAAM,MAAA,EAAW,MAAA,CAAO,YAAA,CAAa,GAAA,CAAI,GAAG,CAAC,CAAA;AAAA,IACnD,CAAC,CAAA;AACD,IAAA,OAAO,OAAO,QAAA,EAAS;AAAA,EACzB;AAAA,EAEA,MAAc,UAAa,GAAA,EAA2B;AAjHxD,IAAA,IAAA,EAAA;AAkHI,IAAA,MAAM,eAAc,EAAA,GAAA,GAAA,CAAI,OAAA,CAAQ,GAAA,CAAI,cAAc,MAA9B,IAAA,GAAA,EAAA,GAAmC,EAAA;AACvD,IAAA,IAAI,WAAA,CAAY,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAC5C,MAAA,OAAQ,MAAM,IAAI,IAAA,EAAK;AAAA,IACzB;AACA,IAAA,OAAQ,MAAM,IAAI,IAAA,EAAK;AAAA,EACzB;AACF;;;AClGO,IAAM,oBAAN,MAA8C;AAAA,EAQnD,YAA6B,MAAA,EAA4B;AAA5B,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAP7B,IAAA,IAAA,CAAQ,OAAA,GAA0B,IAAA;AAClC,IAAA,IAAA,CAAQ,cAAA,GAA0C,IAAA;AAClD,IAAA,IAAA,CAAiB,SAAA,uBAAgB,GAAA,EAAuC;AAzB1E,IAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AA+BI,IAAA,IAAA,CAAK,OAAA,GAAA,CAAU,EAAA,GAAA,MAAA,CAAO,OAAA,KAAP,IAAA,GAAA,EAAA,GAAkB,IAAI,oBAAA,EAAqB;AAC1D,IAAA,IAAA,CAAK,SAAA,GAAA,CAAY,EAAA,GAAA,MAAA,CAAO,SAAA,KAAP,IAAA,GAAA,EAAA,GAAoB,IAAI,kBAAA,EAAmB;AAC5D,IAAA,IAAA,CAAK,OAAM,EAAA,GAAA,MAAA,CAAO,GAAA,KAAP,IAAA,GAAA,EAAA,IAAe,MAAM,KAAK,GAAA,EAAI,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,UAAA,CAAW,OAAA,GAA6B,EAAC,EAAkB;AApCnE,IAAA,IAAA,EAAA,EAAA,EAAA;AAqCI,IAAA,MAAM,KAAA,GAAQ,aAAa,EAAE,CAAA;AAC7B,IAAA,MAAM,YAAA,GAAe,aAAa,EAAE,CAAA;AACpC,IAAA,MAAM,aAAA,GAAgB,MAAM,mBAAA,CAAoB,YAAY,CAAA;AAE5D,IAAA,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,KAAK,CAAA;AACrD,IAAA,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,cAAc,YAAY,CAAA;AAEnE,IAAA,MAAM,MAAA,GAAiC;AAAA,MACrC,aAAA,EAAe,MAAA;AAAA,MACf,SAAA,EAAW,KAAK,MAAA,CAAO,QAAA;AAAA,MACvB,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,MAC1B,KAAA;AAAA,MACA,cAAA,EAAgB,aAAA;AAAA,MAChB,qBAAA,EAAuB;AAAA,KACzB;AAEA,IAAA,MAAM,KAAA,GAAA,CAAQ,mBAAQ,MAAA,KAAR,IAAA,GAAA,MAAA,GAAA,EAAA,CAAgB,KAAK,GAAA,CAAA,KAArB,IAAA,GAAA,EAAA,GAA6B,KAAK,MAAA,CAAO,KAAA;AACvD,IAAA,IAAI,KAAA,SAAc,KAAA,GAAQ,KAAA;AAC1B,IAAA,IAAI,OAAA,CAAQ,SAAA,EAAW,MAAA,CAAO,UAAA,GAAa,OAAA,CAAQ,SAAA;AACnD,IAAA,IAAI,QAAQ,WAAA,EAAa;AACvB,MAAA,MAAM,QAAA,uBAAe,GAAA,CAAI;AAAA,QACvB,eAAA;AAAA,QACA,WAAA;AAAA,QACA,cAAA;AAAA,QACA,OAAA;AAAA,QACA,gBAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,KAAA,MAAW,CAAC,GAAG,CAAC,CAAA,IAAK,OAAO,OAAA,CAAQ,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxD,QAAA,IAAI,CAAC,QAAA,CAAS,GAAA,CAAI,CAAC,CAAA,EAAG,MAAA,CAAO,CAAC,CAAA,GAAI,CAAA;AAAA,MACpC;AAAA,IACF;AAEA,IAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,IAAA,CAAK,OAAO,qBAAqB,CAAA;AACrD,IAAA,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,CAAA,EAAG,CAAC,CAAC,CAAA;AACrE,IAAA,MAAM,WAAA,GAAc,IAAI,QAAA,EAAS;AAEjC,IAAA,IAAI,IAAA,CAAK,OAAO,UAAA,EAAY;AAC1B,MAAA,MAAM,IAAA,CAAK,MAAA,CAAO,UAAA,CAAW,WAAW,CAAA;AACxC,MAAA;AAAA,IACF;AACA,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,MAAA,MAAA,CAAO,QAAA,CAAS,OAAO,WAAW,CAAA;AAClC,MAAA;AAAA,IACF;AACA,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AAAA,EAEA,MAAM,uBAAuB,WAAA,EAAwC;AACnE,IAAA,MAAM,QACJ,WAAA,IAAA,IAAA,GAAA,WAAA,GACC,OAAO,WAAW,WAAA,GAAc,MAAA,CAAO,SAAS,IAAA,GAAO,EAAA;AAC1D,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,GAAA,GAAM,SAAS,KAAK,CAAA;AAC1B,IAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAO,CAAA;AAC1C,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,IAAA,GAAO,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,mBAAmB,CAAA;AACrD,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER,OACI,CAAA,qBAAA,EAAwB,KAAK,WAAM,IAAI,CAAA,CAAA,GACvC,wBAAwB,KAAK,CAAA;AAAA,OACnC;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,MAAM,CAAA;AACxC,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,cAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAO,CAAA;AAC1C,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,eAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,cAAc,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,KAAK,CAAA;AAClE,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,eAAA,CAAgB,WAAA,EAAa,KAAK,CAAA,EAAG;AACxD,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,KAAK,CAAA;AACjD,IAAA,OAAO,IAAA,CAAK,aAAa,IAAI,CAAA;AAAA,EAC/B;AAAA,EAEA,UAAA,GAA6B;AAC3B,IAAA,OAAO,IAAA,CAAK,OAAA;AAAA,EACd;AAAA,EAEA,MAAM,cAAA,GAAyC;AA/IjD,IAAA,IAAA,EAAA,EAAA,EAAA;AAgJI,IAAA,IAAI,CAAC,KAAK,OAAA,EAAS;AACjB,MAAA,MAAM,KAAK,cAAA,EAAe;AAAA,IAC5B;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,OAAA,EAAS,OAAO,IAAA;AAC1B,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,SAAA;AAChC,IAAA,IAAI,OAAO,GAAA,IAAO,IAAA,CAAK,KAAI,IAAK,IAAA,CAAK,OAAO,kBAAA,EAAoB;AAC9D,MAAA,IAAI,CAAC,KAAK,cAAA,EAAgB;AACxB,QAAA,IAAA,CAAK,cAAA,GAAiB,IAAA,CAAK,SAAA,EAAU,CAAE,QAAQ,MAAM;AACnD,UAAA,IAAA,CAAK,cAAA,GAAiB,IAAA;AAAA,QACxB,CAAC,CAAA;AAAA,MACH;AACA,MAAA,MAAM,IAAA,CAAK,cAAA;AAAA,IACb;AACA,IAAA,OAAA,CAAO,EAAA,GAAA,CAAA,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,MAAA,CAAO,gBAArB,IAAA,GAAA,EAAA,GAAoC,IAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,OAAO,OAAA,EAAgD;AAC3D,IAAA,IAAI,mCAAS,QAAA,EAAU;AACrB,MAAA,MAAM,WAAW,OAAA,CAAQ,QAAA;AACzB,MAAA,IAAI,QAAA,CAAS,WAAW,IAAI,CAAA,IAAK,CAAC,cAAA,CAAe,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC/D,QAAA,MAAM,IAAI,SAAA;AAAA,UAAA,gBAAA;AAAA,UAER;AAAA,SACF;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,OAAA,GAAU,IAAA;AACf,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,KAAK,CAAA;AACjD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,YAAY,CAAA;AACxD,IAAA,IAAA,CAAK,MAAA,EAAO;AAEZ,IAAA,IAAI,IAAA,CAAK,OAAO,cAAA,EAAgB;AAC9B,MAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,IAAA,CAAK,OAAO,cAAc,CAAA;AAC9C,MAAA,IAAI,mCAAS,QAAA,EAAU;AACrB,QAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,UAAA,EAAY,OAAA,CAAQ,QAAQ,CAAA;AAAA,MACnD;AACA,MAAA,MAAM,SAAA,GAAY,IAAI,QAAA,EAAS;AAC/B,MAAA,IAAI,IAAA,CAAK,OAAO,UAAA,EAAY;AAC1B,QAAA,MAAM,IAAA,CAAK,MAAA,CAAO,UAAA,CAAW,SAAS,CAAA;AAAA,MACxC,CAAA,MAAA,IAAW,OAAO,MAAA,KAAW,WAAA,EAAa;AACxC,QAAA,MAAA,CAAO,QAAA,CAAS,OAAO,SAAS,CAAA;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,eAAA,GAA2B;AA/L7B,IAAA,IAAA,EAAA;AAgMI,IAAA,OAAO,OAAA,CAAA,CAAQ,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,OAAO,WAAW,CAAA;AAAA,EACjD;AAAA,EAEA,mBAAmB,OAAA,EAAwD;AACzE,IAAA,IAAA,CAAK,SAAA,CAAU,IAAI,OAAO,CAAA;AAC1B,IAAA,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO,OAAO,CAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,WAAA,GAAgD;AACpD,IAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,EAAe;AAC9C,IAAA,IAAI,CAAC,WAAA,EAAa;AAChB,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,gBAAA,EAAkB;AACjC,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AACA,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,gBAAA;AAAA,MACZ,EAAE,OAAA,EAAS,EAAE,eAAe,CAAA,OAAA,EAAU,WAAW,IAAG;AAAE,KACxD;AACA,IAAA,OAAO,QAAA,CAAS,IAAA;AAAA,EAClB;AAAA,EAEA,MAAc,aAAa,IAAA,EAAgC;AACzD,IAAA,MAAM,WAAW,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,YAAY,CAAA;AACtE,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,uBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,oBAAA;AAAA,MACZ,IAAA;AAAA,MACA,aAAA,EAAe,QAAA;AAAA,MACf,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,MAC1B,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,KACxB,CAAA;AAED,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,aAAA;AAAA,MACZ;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,WAAA,EAAa,SAAA;AAAA,QACb,IAAA,EAAM,KAAK,QAAA;AAAS;AACtB,KACF;AACA,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,QAAA,CAAS,IAAA,EAAM,KAAK,GAAG,CAAA;AACxD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,YAAY,CAAA;AACxD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEA,MAAc,SAAA,GAA8B;AA3P9C,IAAA,IAAA,EAAA;AA4PI,IAAA,MAAM,YAAA,GAAA,CAAe,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,MAAA,CAAO,YAAA;AAC1C,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,eAAA;AAAA,MACZ,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,KACxB,CAAA;AACD,IAAA,IAAI,YAAA,EAAc,IAAA,CAAK,GAAA,CAAI,eAAA,EAAiB,YAAY,CAAA;AAExD,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,aAAA;AAAA,MACZ;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,WAAA,EAAa,SAAA;AAAA,QACb,IAAA,EAAM,KAAK,QAAA;AAAS;AACtB,KACF;AACA,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,QAAA,CAAS,IAAA,EAAM,KAAK,GAAG,CAAA;AACxD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEA,MAAc,cAAc,MAAA,EAAoC;AA/QlE,IAAA,IAAA,EAAA,EAAA,EAAA;AAgRI,IAAA,MAAM,oBAAA,GAAA,CAAuB,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,MAAA,CAAO,YAAA;AAClD,IAAA,MAAM,YAAA,GAAyB;AAAA,MAC7B,GAAG,MAAA;AAAA,MACH,YAAA,EAAA,CAAc,EAAA,GAAA,MAAA,CAAO,YAAA,KAAP,IAAA,GAAA,EAAA,GAAuB;AAAA,KACvC;AAEA,IAAA,IAAA,CAAK,OAAA,GAAU;AAAA,MACb,MAAA,EAAQ,YAAA;AAAA,MACR,SAAA,EAAW,KAAK,GAAA;AAAI,KACtB;AACA,IAAA,MAAM,OAAA;AAAA,MACJ,IAAA,CAAK,OAAA;AAAA,MACL,YAAA,CAAa,OAAA;AAAA,MACb,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,OAAO;AAAA,KAC7B;AACA,IAAA,IAAA,CAAK,MAAA,EAAO;AACZ,IAAA,OAAO,IAAA,CAAK,OAAA;AAAA,EACd;AAAA,EAEQ,MAAA,GAAe;AACrB,IAAA,IAAA,CAAK,UAAU,OAAA,CAAQ,CAAC,YAAY,OAAA,CAAQ,IAAA,CAAK,OAAO,CAAC,CAAA;AAAA,EAC3D;AAAA,EAEA,MAAc,cAAA,GAAgC;AAvShD,IAAA,IAAA,EAAA;AAwSI,IAAA,MAAM,MAAM,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,OAAO,CAAA;AAC5D,IAAA,IAAI,CAAC,GAAA,EAAK;AACV,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAC7B,MAAA,IAAI,QAAA,CAAO,EAAA,GAAA,MAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAA,MAAA,CAAQ,MAAA,KAAR,IAAA,GAAA,KAAA,CAAA,GAAA,EAAA,CAAgB,iBAAgB,QAAA,EAAU;AACnD,QAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,QAAA;AAAA,MACF;AACA,MAAA,IAAA,CAAK,OAAA,GAAU,MAAA;AAAA,IACjB,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,MAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,MAAA,IAAA,CAAK,OAAA,GAAU,IAAA;AAAA,IACjB;AAAA,EACF;AACF,CAAA;;;AClTA,IAAM,qBAAA,GAAwB,iCAAA;AAC9B,IAAM,0BAAA,GAA6B,qBAAA;AACnC,IAAM,kBAAA,GAAqB,iBAAA;AAC3B,IAAM,aAAA,GAAgB,sBAAA;AAEtB,SAAS,iBAAiB,KAAA,EAAwB;AAChD,EAAA,MAAM,GAAA,GAAM,MAAA,CAAO,KAAA,IAAA,IAAA,GAAA,KAAA,GAAS,qBAAqB,EAAE,IAAA,EAAK;AACxD,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AAEA,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,IAAI,IAAI,GAAG,CAAA;AAAA,EACtB,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AAEA,EAAA,OAAO,MAAA,CAAO,QAAA,EAAS,CAAE,OAAA,CAAQ,QAAQ,EAAE,CAAA;AAC7C;AAEA,SAAS,eAAA,CACP,OAAA,EACA,QAAA,EACA,YAAA,EACQ;AACR,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,IAAI;AACF,MAAA,OAAO,IAAI,GAAA,CAAI,QAAQ,CAAA,CAAE,QAAA,EAAS;AAAA,IACpC,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,IAAI,GAAA,CAAI,YAAA,EAAc,GAAG,OAAO,CAAA,CAAA,CAAG,EAAE,QAAA,EAAS;AACvD;AAEO,SAAS,iBAAiB,MAAA,EAAgC;AAlDjE,EAAA,IAAA,EAAA,EAAA,EAAA;AAmDE,EAAA,IAAI,EAAC,iCAAQ,QAAA,CAAA,EAAU;AACrB,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,CAAC,OAAO,WAAA,EAAa;AACvB,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,gBAAA,CAAiB,MAAA,CAAO,OAAO,CAAA;AAC/C,EAAA,MAAM,cAAA,GAAqC;AAAA,IACzC,GAAG,MAAA;AAAA,IACH,OAAA;AAAA,IACA,KAAA,EAAO,QAAO,EAAA,GAAA,MAAA,CAAO,KAAA,KAAP,YAAgB,EAAE,CAAA,CAAE,MAAK,IAAK,aAAA;AAAA,IAC5C,kBAAA,EAAA,CAAoB,EAAA,GAAA,MAAA,CAAO,kBAAA,KAAP,IAAA,GAAA,EAAA,GAA6B,IAAA;AAAA,IACjD,qBAAA,EAAuB,eAAA;AAAA,MACrB,OAAA;AAAA,MACA,MAAA,CAAO,qBAAA;AAAA,MACP;AAAA,KACF;AAAA,IACA,aAAA,EAAe,eAAA;AAAA,MACb,OAAA;AAAA,MACA,MAAA,CAAO,aAAA;AAAA,MACP;AAAA;AACF,GACF;AAEA,EAAA,OAAO,IAAI,kBAAkB,cAAc,CAAA;AAC7C;;;ACjFO,IAAM,oBAAN,MAAkD;AAAA,EACvD,YACmB,OAAA,EAIjB;AAJiB,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAAA,EAIhB;AAAA,EAEH,IAAI,GAAA,EAA4B;AAC9B,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAAA,EACjC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,EACjC;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAA,CAAK,OAAA,CAAQ,WAAW,GAAG,CAAA;AAAA,EAC7B;AACF;;;ACbO,IAAM,uBAAN,MAAqD;AAAA,EAC1D,YAA6B,SAAA,EAAmC;AAAnC,IAAA,IAAA,CAAA,SAAA,GAAA,SAAA;AAAA,EAAoC;AAAA,EAEjE,MAAM,IAAI,GAAA,EAAqC;AAC7C,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,SAAA,CAAU,GAAG,CAAA;AAAA,EACrC;AAAA,EAEA,MAAM,GAAA,CAAI,GAAA,EAAa,KAAA,EAA8B;AACnD,IAAA,MAAM,IAAA,CAAK,SAAA,CAAU,SAAA,CAAU,GAAA,EAAK,KAAK,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,OAAO,GAAA,EAA4B;AACvC,IAAA,MAAM,IAAA,CAAK,SAAA,CAAU,YAAA,CAAa,GAAG,CAAA;AAAA,EACvC;AACF;;;ACbA,IAAM,cAAA,GAAiB,CAAC,IAAA,KAAgC;AATxD,EAAA,IAAA,EAAA;AAUE,EAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAC5C,EAAA,MAAM,SAAS,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,CAAA,SAAA,EAAY,IAAI,CAAA,gBAAA,CAAkB,CAAA;AACvE,EAAA,OAAO,MAAA,GAAA,CAAU,EAAA,GAAA,MAAA,CAAO,GAAA,EAAI,KAAX,YAAgB,IAAA,GAAQ,IAAA;AAC3C,CAAA;AAEO,SAAS,0BAAA,CACd,OAAA,GAAuC,EAAC,EACxB;AAChB,EAAA,MAAM,EAAE,QAAQ,IAAA,GAAO,GAAA,EAAK,WAAW,QAAA,EAAU,MAAA,GAAS,MAAK,GAAI,OAAA;AAEnE,EAAA,MAAM,GAAA,GAAM,CAAC,GAAA,KAA+B;AAC1C,IAAA,OAAO,eAAe,GAAG,CAAA;AAAA,EAC3B,CAAA;AAEA,EAAA,MAAM,GAAA,GAAM,CAAC,GAAA,EAAa,KAAA,KAAwB;AAChD,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,IAAI,MAAA,GAAS,CAAA,EAAG,GAAG,CAAA,CAAA,EAAI,KAAK,CAAA,CAAA;AAC5B,IAAA,IAAI,IAAA,EAAM,MAAA,IAAU,CAAA,OAAA,EAAU,IAAI,CAAA,CAAA;AAClC,IAAA,IAAI,MAAA,EAAQ,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AACxC,IAAA,IAAI,QAAA,EAAU,MAAA,IAAU,CAAA,WAAA,EAAc,QAAQ,CAAA,CAAA;AAC9C,IAAA,IAAI,QAAQ,MAAA,IAAU,CAAA,QAAA,CAAA;AACtB,IAAA,QAAA,CAAS,MAAA,GAAS,MAAA;AAAA,EACpB,CAAA;AAEA,EAAA,MAAM,MAAA,GAAS,CAAC,GAAA,KAAsB;AACpC,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,IAAI,MAAA,GAAS,GAAG,GAAG,CAAA,wCAAA,CAAA;AACnB,IAAA,IAAI,IAAA,EAAM,MAAA,IAAU,CAAA,OAAA,EAAU,IAAI,CAAA,CAAA;AAClC,IAAA,IAAI,MAAA,EAAQ,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AACxC,IAAA,QAAA,CAAS,MAAA,GAAS,MAAA;AAAA,EACpB,CAAA;AAEA,EAAA,OAAO,EAAE,GAAA,EAAK,GAAA,EAAK,MAAA,EAAO;AAC5B","file":"index.cjs","sourcesContent":["export enum AuthErrorCode {\n INVALID_CONFIG = 'INVALID_CONFIG',\n STATE_MISMATCH = 'STATE_MISMATCH',\n CALLBACK_ERROR = 'CALLBACK_ERROR',\n TOKEN_EXCHANGE_FAILED = 'TOKEN_EXCHANGE_FAILED',\n REFRESH_FAILED = 'REFRESH_FAILED',\n STORAGE_ERROR = 'STORAGE_ERROR',\n MISSING_CODE = 'MISSING_CODE',\n MISSING_STATE = 'MISSING_STATE',\n NETWORK_ERROR = 'NETWORK_ERROR',\n HTTP_ERROR = 'HTTP_ERROR',\n}\n\nexport class AuthError extends Error {\n constructor(\n public readonly code: AuthErrorCode,\n message: string,\n public readonly cause?: unknown,\n ) {\n super(message);\n this.name = 'AuthError';\n }\n}\n","const ALPHABET =\n 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~';\n\nfunction getCryptoImpl(): Crypto {\n if (typeof globalThis !== 'undefined' && globalThis.crypto) {\n return globalThis.crypto;\n }\n throw new Error('Web Crypto API unavailable');\n}\n\nexport function randomString(length = 64): string {\n const crypto = getCryptoImpl();\n // Rejection sampling: discard bytes >= threshold to eliminate modulo bias.\n // ALPHABET.length = 66; threshold = 256 - (256 % 66) = 204\n const THRESHOLD = 256 - (256 % ALPHABET.length);\n const result: string[] = [];\n while (result.length < length) {\n const bytes = new Uint8Array(Math.ceil((length - result.length) * 1.4));\n crypto.getRandomValues(bytes);\n for (const b of bytes) {\n if (result.length >= length) break;\n if (b < THRESHOLD) result.push(ALPHABET[b % ALPHABET.length]!);\n }\n }\n return result.join('');\n}\n\nfunction toBase64Url(bytes: Uint8Array<ArrayBuffer>): string {\n const binary = Array.from(bytes, (b) => String.fromCharCode(b)).join('');\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=/g, '');\n}\n\nfunction verifierToBytes(verifier: string): Uint8Array<ArrayBuffer> {\n const bytes = new Uint8Array(verifier.length);\n for (let i = 0; i < verifier.length; i++) {\n bytes[i] = verifier.charCodeAt(i);\n }\n return bytes;\n}\n\nexport async function createCodeChallenge(verifier: string): Promise<string> {\n const crypto = getCryptoImpl();\n const buffer = verifierToBytes(verifier);\n const digest = await crypto.subtle.digest('SHA-256', buffer);\n return toBase64Url(new Uint8Array(digest));\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type { StorageAdapter, TokenSet } from './types';\n\nexport const STORAGE_KEYS = {\n session: 'nuria:session',\n state: 'nuria:oauth:state',\n codeVerifier: 'nuria:oauth:code_verifier',\n};\n\nexport function normalizeTokenSet(\n raw: Record<string, unknown>,\n now: () => number,\n): TokenSet {\n const accessToken = (raw.access_token ?? raw.accessToken) as string;\n if (!accessToken || typeof accessToken !== 'string') {\n throw new AuthError(\n AuthErrorCode.TOKEN_EXCHANGE_FAILED,\n 'Missing access token in token response',\n );\n }\n const expiresIn = Number(raw.expires_in ?? raw.expiresIn ?? 0) || undefined;\n return {\n accessToken,\n tokenType: (raw.token_type ?? raw.tokenType) as string | undefined,\n expiresIn,\n refreshToken: (raw.refresh_token ?? raw.refreshToken) as string | undefined,\n idToken: (raw.id_token ?? raw.idToken) as string | undefined,\n scope: raw.scope as string | undefined,\n expiresAt: expiresIn ? now() + expiresIn * 1000 : undefined,\n };\n}\n\nexport async function safeGet(\n storage: StorageAdapter,\n key: string,\n): Promise<string | null> {\n try {\n return await storage.get(key);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed reading key: ${key}`,\n cause,\n );\n }\n}\n\nexport async function safeSet(\n storage: StorageAdapter,\n key: string,\n value: string,\n): Promise<void> {\n try {\n await storage.set(key, value);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed writing key: ${key}`,\n cause,\n );\n }\n}\n\nexport async function safeRemove(\n storage: StorageAdapter,\n key: string,\n): Promise<void> {\n try {\n await storage.remove(key);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed removing key: ${key}`,\n cause,\n );\n }\n}\n\nexport function timingSafeEqual(a: string, b: string): boolean {\n if (a.length !== b.length) return false;\n let diff = 0;\n for (let i = 0; i < a.length; i++) {\n diff |= a.charCodeAt(i) ^ b.charCodeAt(i);\n }\n return diff === 0;\n}\n\nexport function parseUrl(url: string): URL {\n try {\n return new URL(url);\n } catch {\n throw new AuthError(AuthErrorCode.CALLBACK_ERROR, 'Invalid callback URL');\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport class MemoryStorageAdapter implements StorageAdapter {\n private store = new Map<string, string>();\n\n get(key: string): string | null {\n return this.store.get(key) ?? null;\n }\n\n set(key: string, value: string): void {\n this.store.set(key, value);\n }\n\n remove(key: string): void {\n this.store.delete(key);\n }\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type {\n AuthTransport,\n AuthTransportRequest,\n AuthTransportResponse,\n TransportInterceptor,\n} from '../core/types';\n\nexport interface FetchTransportOptions {\n fetchFn?: typeof fetch;\n timeoutMs?: number;\n retries?: number;\n interceptors?: TransportInterceptor[];\n}\n\nconst RETRYABLE_STATUS = new Set([408, 425, 429, 500, 502, 503, 504]);\n\nexport class FetchAuthTransport implements AuthTransport {\n private readonly fetchFn: typeof fetch;\n private readonly timeoutMs?: number;\n private readonly retries: number;\n private readonly interceptors: TransportInterceptor[];\n\n constructor(options: FetchTransportOptions = {}) {\n this.fetchFn = options.fetchFn ?? fetch;\n this.timeoutMs = options.timeoutMs;\n this.retries = options.retries ?? 0;\n this.interceptors = options.interceptors ?? [];\n }\n\n async request<T = unknown>(\n url: string,\n req: AuthTransportRequest = {},\n ): Promise<AuthTransportResponse<T>> {\n let request = req;\n for (const i of this.interceptors) {\n if (i.onRequest) request = await i.onRequest(url, request);\n }\n\n const retries = request.retries ?? this.retries;\n let attempt = 0;\n while (true) {\n const controller = new AbortController();\n const timeout = request.timeoutMs ?? this.timeoutMs;\n const timer = timeout\n ? setTimeout(() => controller.abort(), timeout)\n : undefined;\n try {\n const defaultContentType =\n typeof request.body === 'string'\n ? 'application/x-www-form-urlencoded'\n : 'application/json';\n const res = await this.fetchFn(this.withQuery(url, request.query), {\n method: request.method ?? 'GET',\n credentials: request.credentials,\n headers: {\n 'Content-Type': defaultContentType,\n ...(request.headers ?? {}),\n },\n body:\n request.body !== undefined\n ? typeof request.body === 'string'\n ? request.body\n : JSON.stringify(request.body)\n : undefined,\n signal: controller.signal,\n });\n const data = await this.parseBody<T>(res);\n if (!res.ok) {\n if (attempt < retries && RETRYABLE_STATUS.has(res.status)) {\n attempt += 1;\n continue;\n }\n throw new AuthError(AuthErrorCode.HTTP_ERROR, `HTTP ${res.status}`);\n }\n let out: AuthTransportResponse<T> = {\n status: res.status,\n data,\n headers: res.headers,\n };\n for (const i of this.interceptors) {\n if (i.onResponse) out = await i.onResponse(out);\n }\n return out;\n } catch (cause) {\n if (cause instanceof AuthError) throw cause;\n if (attempt < retries) {\n attempt += 1;\n continue;\n }\n throw new AuthError(\n AuthErrorCode.NETWORK_ERROR,\n 'Network request failed',\n cause,\n );\n } finally {\n if (timer) clearTimeout(timer);\n }\n }\n }\n\n private withQuery(\n url: string,\n query?: Record<string, string | undefined>,\n ): string {\n if (!query) return url;\n const parsed = new URL(url);\n Object.entries(query).forEach(([k, v]) => {\n if (v !== undefined) parsed.searchParams.set(k, v);\n });\n return parsed.toString();\n }\n\n private async parseBody<T>(res: Response): Promise<T> {\n const contentType = res.headers.get('content-type') ?? '';\n if (contentType.includes('application/json')) {\n return (await res.json()) as T;\n }\n return (await res.text()) as unknown as T;\n }\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport { createCodeChallenge, randomString } from '../core/pkce';\nimport {\n normalizeTokenSet,\n parseUrl,\n safeGet,\n safeRemove,\n safeSet,\n timingSafeEqual,\n STORAGE_KEYS,\n} from '../core/utils';\nimport type {\n AuthClient,\n ResolvedAuthConfig,\n Session,\n StartLoginOptions,\n TokenSet,\n AuthTransport,\n} from '../core/types';\nimport { MemoryStorageAdapter } from '../storage/memory-storage-adapter';\nimport { FetchAuthTransport } from '../transport/fetch-transport';\n\nexport class DefaultAuthClient implements AuthClient {\n private session: Session | null = null;\n private refreshPromise: Promise<Session> | null = null;\n private readonly listeners = new Set<(session: Session | null) => void>();\n private readonly storage;\n private readonly transport: AuthTransport;\n private readonly now: () => number;\n\n constructor(private readonly config: ResolvedAuthConfig) {\n this.storage = config.storage ?? new MemoryStorageAdapter();\n this.transport = config.transport ?? new FetchAuthTransport();\n this.now = config.now ?? (() => Date.now());\n }\n\n async startLogin(options: StartLoginOptions = {}): Promise<void> {\n const state = randomString(32);\n const codeVerifier = randomString(96);\n const codeChallenge = await createCodeChallenge(codeVerifier);\n\n await safeSet(this.storage, STORAGE_KEYS.state, state);\n await safeSet(this.storage, STORAGE_KEYS.codeVerifier, codeVerifier);\n\n const params: Record<string, string> = {\n response_type: 'code',\n client_id: this.config.clientId,\n redirect_uri: this.config.redirectUri,\n state,\n code_challenge: codeChallenge,\n code_challenge_method: 'S256',\n };\n\n const scope = options.scopes?.join(' ') ?? this.config.scope;\n if (scope) params.scope = scope;\n if (options.loginHint) params.login_hint = options.loginHint;\n if (options.extraParams) {\n const RESERVED = new Set([\n 'response_type',\n 'client_id',\n 'redirect_uri',\n 'state',\n 'code_challenge',\n 'code_challenge_method',\n ]);\n for (const [k, v] of Object.entries(options.extraParams)) {\n if (!RESERVED.has(k)) params[k] = v;\n }\n }\n\n const url = new URL(this.config.authorizationEndpoint);\n Object.entries(params).forEach(([k, v]) => url.searchParams.set(k, v));\n const redirectUrl = url.toString();\n\n if (this.config.onRedirect) {\n await this.config.onRedirect(redirectUrl);\n return;\n }\n if (typeof window !== 'undefined') {\n window.location.assign(redirectUrl);\n return;\n }\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'Missing onRedirect callback for non-browser runtime',\n );\n }\n\n async handleRedirectCallback(callbackUrl?: string): Promise<Session> {\n const input =\n callbackUrl ??\n (typeof window !== 'undefined' ? window.location.href : '');\n if (!input) {\n throw new AuthError(\n AuthErrorCode.CALLBACK_ERROR,\n 'callbackUrl required in non-browser runtime',\n );\n }\n\n const url = parseUrl(input);\n const error = url.searchParams.get('error');\n if (error) {\n const desc = url.searchParams.get('error_description');\n throw new AuthError(\n AuthErrorCode.CALLBACK_ERROR,\n desc\n ? `Authorization error: ${error} — ${desc}`\n : `Authorization error: ${error}`,\n );\n }\n\n const code = url.searchParams.get('code');\n if (!code) {\n throw new AuthError(\n AuthErrorCode.MISSING_CODE,\n 'Missing code in callback',\n );\n }\n\n const state = url.searchParams.get('state');\n if (!state) {\n throw new AuthError(\n AuthErrorCode.MISSING_STATE,\n 'Missing state in callback',\n );\n }\n\n const storedState = await safeGet(this.storage, STORAGE_KEYS.state);\n if (!storedState || !timingSafeEqual(storedState, state)) {\n throw new AuthError(\n AuthErrorCode.STATE_MISMATCH,\n 'State validation failed',\n );\n }\n\n await safeRemove(this.storage, STORAGE_KEYS.state);\n return this.exchangeCode(code);\n }\n\n getSession(): Session | null {\n return this.session;\n }\n\n async getAccessToken(): Promise<string | null> {\n if (!this.session) {\n await this.hydrateSession();\n }\n if (!this.session) return null;\n const exp = this.session.tokens.expiresAt;\n if (exp && exp <= this.now() && this.config.enableRefreshToken) {\n if (!this.refreshPromise) {\n this.refreshPromise = this.doRefresh().finally(() => {\n this.refreshPromise = null;\n });\n }\n await this.refreshPromise;\n }\n return this.session?.tokens.accessToken ?? null;\n }\n\n async logout(options?: { returnTo?: string }): Promise<void> {\n if (options?.returnTo) {\n const returnTo = options.returnTo;\n if (returnTo.startsWith('//') || !/^https?:\\/\\//.test(returnTo)) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'returnTo must be an absolute https:// or http:// URL',\n );\n }\n }\n\n this.session = null;\n await safeRemove(this.storage, STORAGE_KEYS.session);\n await safeRemove(this.storage, STORAGE_KEYS.state);\n await safeRemove(this.storage, STORAGE_KEYS.codeVerifier);\n this.notify();\n\n if (this.config.logoutEndpoint) {\n const url = new URL(this.config.logoutEndpoint);\n if (options?.returnTo) {\n url.searchParams.set('returnTo', options.returnTo);\n }\n const logoutUrl = url.toString();\n if (this.config.onRedirect) {\n await this.config.onRedirect(logoutUrl);\n } else if (typeof window !== 'undefined') {\n window.location.assign(logoutUrl);\n }\n }\n }\n\n isAuthenticated(): boolean {\n return Boolean(this.session?.tokens.accessToken);\n }\n\n onAuthStateChanged(handler: (session: Session | null) => void): () => void {\n this.listeners.add(handler);\n return () => this.listeners.delete(handler);\n }\n\n async getUserinfo(): Promise<Record<string, unknown>> {\n const accessToken = await this.getAccessToken();\n if (!accessToken) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'Not authenticated — call handleRedirectCallback first',\n );\n }\n if (!this.config.userinfoEndpoint) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.userinfoEndpoint is required for getUserinfo',\n );\n }\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.userinfoEndpoint,\n { headers: { Authorization: `Bearer ${accessToken}` } },\n );\n return response.data;\n }\n\n private async exchangeCode(code: string): Promise<Session> {\n const verifier = await safeGet(this.storage, STORAGE_KEYS.codeVerifier);\n if (!verifier) {\n throw new AuthError(\n AuthErrorCode.TOKEN_EXCHANGE_FAILED,\n 'Missing PKCE code_verifier in storage',\n );\n }\n\n const body = new URLSearchParams({\n grant_type: 'authorization_code',\n code,\n code_verifier: verifier,\n redirect_uri: this.config.redirectUri,\n client_id: this.config.clientId,\n });\n\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.tokenEndpoint,\n {\n method: 'POST',\n credentials: 'include',\n body: body.toString(),\n },\n );\n const tokens = normalizeTokenSet(response.data, this.now);\n await safeRemove(this.storage, STORAGE_KEYS.codeVerifier);\n return this.createSession(tokens);\n }\n\n private async doRefresh(): Promise<Session> {\n const refreshToken = this.session?.tokens.refreshToken;\n const body = new URLSearchParams({\n grant_type: 'refresh_token',\n client_id: this.config.clientId,\n });\n if (refreshToken) body.set('refresh_token', refreshToken);\n\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.tokenEndpoint,\n {\n method: 'POST',\n credentials: 'include',\n body: body.toString(),\n },\n );\n const tokens = normalizeTokenSet(response.data, this.now);\n return this.createSession(tokens);\n }\n\n private async createSession(tokens: TokenSet): Promise<Session> {\n const previousRefreshToken = this.session?.tokens.refreshToken;\n const mergedTokens: TokenSet = {\n ...tokens,\n refreshToken: tokens.refreshToken ?? previousRefreshToken,\n };\n\n this.session = {\n tokens: mergedTokens,\n createdAt: this.now(),\n };\n await safeSet(\n this.storage,\n STORAGE_KEYS.session,\n JSON.stringify(this.session),\n );\n this.notify();\n return this.session;\n }\n\n private notify(): void {\n this.listeners.forEach((handler) => handler(this.session));\n }\n\n private async hydrateSession(): Promise<void> {\n const raw = await safeGet(this.storage, STORAGE_KEYS.session);\n if (!raw) return;\n try {\n const parsed = JSON.parse(raw) as Session;\n if (typeof parsed?.tokens?.accessToken !== 'string') {\n await safeRemove(this.storage, STORAGE_KEYS.session);\n return;\n }\n this.session = parsed;\n } catch {\n await safeRemove(this.storage, STORAGE_KEYS.session);\n this.session = null;\n }\n }\n}\n","import { DefaultAuthClient } from './nuria-auth-client';\nimport { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type { AuthClient, AuthConfig, ResolvedAuthConfig } from '../core/types';\n\nconst DEFAULT_AUTH_BASE_URL = 'https://ms-auth-v2.nuria.com.br';\nconst DEFAULT_AUTHORIZATION_PATH = '/v2/oauth/authorize';\nconst DEFAULT_TOKEN_PATH = '/v2/oauth/token';\nconst DEFAULT_SCOPE = 'openid profile email';\n\nfunction normalizeBaseUrl(value?: string): string {\n const raw = String(value ?? DEFAULT_AUTH_BASE_URL).trim();\n if (!raw) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.baseUrl must be a valid absolute URL',\n );\n }\n\n let parsed: URL;\n try {\n parsed = new URL(raw);\n } catch {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.baseUrl must be a valid absolute URL',\n );\n }\n\n return parsed.toString().replace(/\\/+$/, '');\n}\n\nfunction resolveEndpoint(\n baseUrl: string,\n explicit: string | undefined,\n fallbackPath: string,\n): string {\n if (explicit) {\n try {\n return new URL(explicit).toString();\n } catch {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'OAuth endpoints must be valid absolute URLs',\n );\n }\n }\n\n return new URL(fallbackPath, `${baseUrl}/`).toString();\n}\n\nexport function createAuthClient(config: AuthConfig): AuthClient {\n if (!config?.clientId) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.clientId is required',\n );\n }\n if (!config.redirectUri) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.redirectUri is required',\n );\n }\n\n const baseUrl = normalizeBaseUrl(config.baseUrl);\n const resolvedConfig: ResolvedAuthConfig = {\n ...config,\n baseUrl,\n scope: String(config.scope ?? '').trim() || DEFAULT_SCOPE,\n enableRefreshToken: config.enableRefreshToken ?? true,\n authorizationEndpoint: resolveEndpoint(\n baseUrl,\n config.authorizationEndpoint,\n DEFAULT_AUTHORIZATION_PATH,\n ),\n tokenEndpoint: resolveEndpoint(\n baseUrl,\n config.tokenEndpoint,\n DEFAULT_TOKEN_PATH,\n ),\n };\n\n return new DefaultAuthClient(resolvedConfig);\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport class WebStorageAdapter implements StorageAdapter {\n constructor(\n private readonly storage: Pick<\n Storage,\n 'getItem' | 'setItem' | 'removeItem'\n >,\n ) {}\n\n get(key: string): string | null {\n return this.storage.getItem(key);\n }\n\n set(key: string, value: string): void {\n this.storage.setItem(key, value);\n }\n\n remove(key: string): void {\n this.storage.removeItem(key);\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport interface CookieStorageCallbacks {\n getCookie(name: string): string | null | Promise<string | null>;\n setCookie(name: string, value: string): void | Promise<void>;\n removeCookie(name: string): void | Promise<void>;\n}\n\nexport class CookieStorageAdapter implements StorageAdapter {\n constructor(private readonly callbacks: CookieStorageCallbacks) {}\n\n async get(key: string): Promise<string | null> {\n return this.callbacks.getCookie(key);\n }\n\n async set(key: string, value: string): Promise<void> {\n await this.callbacks.setCookie(key, value);\n }\n\n async remove(key: string): Promise<void> {\n await this.callbacks.removeCookie(key);\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport interface BrowserCookieStorageOptions {\n domain?: string;\n path?: string;\n sameSite?: 'strict' | 'lax' | 'none';\n secure?: boolean;\n}\n\nconst getCookieValue = (name: string): string | null => {\n if (typeof document === 'undefined') return null;\n const result = document.cookie.match(`(^|;)\\\\s*${name}\\\\s*=\\\\s*([^;]+)`);\n return result ? (result.pop() ?? null) : null;\n};\n\nexport function createBrowserCookieStorage(\n options: BrowserCookieStorageOptions = {},\n): StorageAdapter {\n const { domain, path = '/', sameSite = 'strict', secure = true } = options;\n\n const get = (key: string): string | null => {\n return getCookieValue(key);\n };\n\n const set = (key: string, value: string): void => {\n if (typeof document === 'undefined') return;\n let cookie = `${key}=${value}`;\n if (path) cookie += `; path=${path}`;\n if (domain) cookie += `; domain=${domain}`;\n if (sameSite) cookie += `; samesite=${sameSite}`;\n if (secure) cookie += `; secure`;\n document.cookie = cookie;\n };\n\n const remove = (key: string): void => {\n if (typeof document === 'undefined') return;\n let cookie = `${key}=; expires=Thu, 01 Jan 1970 00:00:00 GMT`;\n if (path) cookie += `; path=${path}`;\n if (domain) cookie += `; domain=${domain}`;\n document.cookie = cookie;\n };\n\n return { get, set, remove };\n}\n"]}
|
|
1
|
+
{"version":3,"sources":["../src/errors/auth-error.ts","../src/core/pkce.ts","../src/core/utils.ts","../src/storage/memory-storage-adapter.ts","../src/transport/fetch-transport.ts","../src/client/nuria-auth-client.ts","../src/client/create-client.ts","../src/storage/web-storage-adapter.ts","../src/storage/cookie-storage-adapter.ts","../src/storage/browser-cookie-storage.ts"],"names":["AuthErrorCode"],"mappings":";;;AAAO,IAAK,aAAA,qBAAAA,cAAAA,KAAL;AACL,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,uBAAA,CAAA,GAAwB,uBAAA;AACxB,EAAAA,eAAA,gBAAA,CAAA,GAAiB,gBAAA;AACjB,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,cAAA,CAAA,GAAe,cAAA;AACf,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,eAAA,CAAA,GAAgB,eAAA;AAChB,EAAAA,eAAA,YAAA,CAAA,GAAa,YAAA;AAVH,EAAA,OAAAA,cAAAA;AAAA,CAAA,EAAA,aAAA,IAAA,EAAA;AAaL,IAAM,SAAA,GAAN,cAAwB,KAAA,CAAM;AAAA,EACnC,WAAA,CACkB,IAAA,EAChB,OAAA,EACgB,KAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJG,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAEA,IAAA,IAAA,CAAA,KAAA,GAAA,KAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,WAAA;AAAA,EACd;AACF;;;ACtBA,IAAM,QAAA,GACJ,oEAAA;AAEF,SAAS,aAAA,GAAwB;AAC/B,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAe,UAAA,CAAW,MAAA,EAAQ;AAC1D,IAAA,OAAO,UAAA,CAAW,MAAA;AAAA,EACpB;AACA,EAAA,MAAM,IAAI,MAAM,4BAA4B,CAAA;AAC9C;AAEO,SAAS,YAAA,CAAa,SAAS,EAAA,EAAY;AAChD,EAAA,MAAM,SAAS,aAAA,EAAc;AAG7B,EAAA,MAAM,SAAA,GAAY,GAAA,GAAO,GAAA,GAAM,QAAA,CAAS,MAAA;AACxC,EAAA,MAAM,SAAmB,EAAC;AAC1B,EAAA,OAAO,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC7B,IAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,IAAA,CAAK,MAAM,MAAA,GAAS,MAAA,CAAO,MAAA,IAAU,GAAG,CAAC,CAAA;AACtE,IAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,IAAA,KAAA,MAAW,KAAK,KAAA,EAAO;AACrB,MAAA,IAAI,MAAA,CAAO,UAAU,MAAA,EAAQ;AAC7B,MAAA,IAAI,CAAA,GAAI,WAAW,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,GAAI,QAAA,CAAS,MAAM,CAAE,CAAA;AAAA,IAC/D;AAAA,EACF;AACA,EAAA,OAAO,MAAA,CAAO,KAAK,EAAE,CAAA;AACvB;AAEA,SAAS,YAAY,KAAA,EAAwC;AAC3D,EAAA,MAAM,MAAA,GAAS,KAAA,CAAM,IAAA,CAAK,KAAA,EAAO,CAAC,CAAA,KAAM,MAAA,CAAO,YAAA,CAAa,CAAC,CAAC,CAAA,CAAE,IAAA,CAAK,EAAE,CAAA;AACvE,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,EAAE,CAAA;AAC9E;AAEA,SAAS,gBAAgB,QAAA,EAA2C;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,QAAA,CAAS,MAAM,CAAA;AAC5C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,QAAA,CAAS,QAAQ,CAAA,EAAA,EAAK;AACxC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,QAAA,CAAS,UAAA,CAAW,CAAC,CAAA;AAAA,EAClC;AACA,EAAA,OAAO,KAAA;AACT;AAEA,eAAsB,oBAAoB,QAAA,EAAmC;AAC3E,EAAA,MAAM,SAAS,aAAA,EAAc;AAC7B,EAAA,MAAM,MAAA,GAAS,gBAAgB,QAAQ,CAAA;AACvC,EAAA,MAAM,SAAS,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,MAAM,CAAA;AAC3D,EAAA,OAAO,WAAA,CAAY,IAAI,UAAA,CAAW,MAAM,CAAC,CAAA;AAC3C;;;AC1CO,IAAM,YAAA,GAAe;AAAA,EAC1B,OAAA,EAAS,eAAA;AAAA,EACT,KAAA,EAAO,mBAAA;AAAA,EACP,YAAA,EAAc;AAChB,CAAA;AAEO,SAAS,iBAAA,CACd,KACA,GAAA,EACU;AAZZ,EAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AAaE,EAAA,MAAM,eAAe,EAAA,GAAA,CAAA,EAAA,GAAA,GAAA,CAAI,YAAA,KAAJ,YACnB,GAAA,CAAI,WAAA,KADe,YAEnB,GAAA,CAAI,KAAA;AACN,EAAA,IAAI,CAAC,WAAA,IAAe,OAAO,WAAA,KAAgB,QAAA,EAAU;AACnD,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,uBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,MAAM,SAAA,GAAY,QAAO,EAAA,GAAA,CAAA,EAAA,GAAA,GAAA,CAAI,UAAA,KAAJ,YAAkB,GAAA,CAAI,SAAA,KAAtB,IAAA,GAAA,EAAA,GAAmC,CAAC,CAAA,IAAK,MAAA;AAClE,EAAA,MAAM,wBAAwB,MAAA,CAAA,CAAO,EAAA,GAAA,GAAA,CAAI,SAAA,KAAJ,IAAA,GAAA,EAAA,GAAiB,CAAC,CAAA,IAAK,MAAA;AAC5D,EAAA,MAAM,iBAAA,GACJ,aAAa,IAAA,GACT,GAAA,KAAQ,SAAA,GAAY,GAAA,GACpB,wBACE,qBAAA,GACA,MAAA;AACR,EAAA,OAAO;AAAA,IACL,WAAA;AAAA,IACA,YAAY,EAAA,GAAA,CAAA,EAAA,GAAA,GAAA,CAAI,UAAA,KAAJ,YAAkB,GAAA,CAAI,SAAA,KAAtB,YAAmC,GAAA,CAAI,SAAA;AAAA,IAGnD,SAAA;AAAA,IACA,eAAe,EAAA,GAAA,CAAA,EAAA,GAAA,GAAA,CAAI,aAAA,KAAJ,YACb,GAAA,CAAI,YAAA,KADS,YAEb,GAAA,CAAI,YAAA;AAAA,IACN,OAAA,EAAA,CAAU,EAAA,GAAA,GAAA,CAAI,QAAA,KAAJ,IAAA,GAAA,EAAA,GAAgB,GAAA,CAAI,OAAA;AAAA,IAC9B,OAAO,GAAA,CAAI,KAAA;AAAA,IACX,SAAA,EAAW;AAAA,GACb;AACF;AAEA,eAAsB,OAAA,CACpB,SACA,GAAA,EACwB;AACxB,EAAA,IAAI;AACF,IAAA,OAAO,MAAM,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAAA,EAC9B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,uBAAuB,GAAG,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,EACF;AACF;AAEA,eAAsB,OAAA,CACpB,OAAA,EACA,GAAA,EACA,KAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC9B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,uBAAuB,GAAG,CAAA,CAAA;AAAA,MAC1B;AAAA,KACF;AAAA,EACF;AACF;AAEA,eAAsB,UAAA,CACpB,SACA,GAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,EAC1B,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,eAAA;AAAA,MAER,wBAAwB,GAAG,CAAA,CAAA;AAAA,MAC3B;AAAA,KACF;AAAA,EACF;AACF;AAEO,SAAS,eAAA,CAAgB,GAAW,CAAA,EAAoB;AAC7D,EAAA,IAAI,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,EAAQ,OAAO,KAAA;AAClC,EAAA,IAAI,IAAA,GAAO,CAAA;AACX,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,CAAA,CAAE,QAAQ,CAAA,EAAA,EAAK;AACjC,IAAA,IAAA,IAAQ,EAAE,UAAA,CAAW,CAAC,CAAA,GAAI,CAAA,CAAE,WAAW,CAAC,CAAA;AAAA,EAC1C;AACA,EAAA,OAAO,IAAA,KAAS,CAAA;AAClB;AAEO,SAAS,SAAS,GAAA,EAAkB;AACzC,EAAA,IAAI;AACF,IAAA,OAAO,IAAI,IAAI,GAAG,CAAA;AAAA,EACpB,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,IAAA,MAAM,IAAI,iDAAwC,sBAAsB,CAAA;AAAA,EAC1E;AACF;;;ACxGO,IAAM,uBAAN,MAAqD;AAAA,EAArD,WAAA,GAAA;AACL,IAAA,IAAA,CAAQ,KAAA,uBAAY,GAAA,EAAoB;AAAA,EAAA;AAAA,EAExC,IAAI,GAAA,EAA4B;AALlC,IAAA,IAAA,EAAA;AAMI,IAAA,OAAA,CAAO,EAAA,GAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAG,MAAlB,IAAA,GAAA,EAAA,GAAuB,IAAA;AAAA,EAChC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC3B;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAA,CAAK,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,EACvB;AACF;;;ACDA,IAAM,gBAAA,mBAAmB,IAAI,GAAA,CAAI,CAAC,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAG,CAAC,CAAA;AAE7D,IAAM,qBAAN,MAAkD;AAAA,EAMvD,WAAA,CAAY,OAAA,GAAiC,EAAC,EAAG;AAvBnD,IAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AAwBI,IAAA,IAAA,CAAK,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB,KAAA;AAClC,IAAA,IAAA,CAAK,YAAY,OAAA,CAAQ,SAAA;AACzB,IAAA,IAAA,CAAK,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB,CAAA;AAClC,IAAA,IAAA,CAAK,YAAA,GAAA,CAAe,EAAA,GAAA,OAAA,CAAQ,YAAA,KAAR,IAAA,GAAA,EAAA,GAAwB,EAAC;AAAA,EAC/C;AAAA,EAEA,MAAM,OAAA,CACJ,GAAA,EACA,GAAA,GAA4B,EAAC,EACM;AAjCvC,IAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AAkCI,IAAA,IAAI,OAAA,GAAU,GAAA;AACd,IAAA,KAAA,MAAW,CAAA,IAAK,KAAK,YAAA,EAAc;AACjC,MAAA,IAAI,EAAE,SAAA,EAAW,OAAA,GAAU,MAAM,CAAA,CAAE,SAAA,CAAU,KAAK,OAAO,CAAA;AAAA,IAC3D;AAEA,IAAA,MAAM,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB,IAAA,CAAK,OAAA;AACxC,IAAA,IAAI,OAAA,GAAU,CAAA;AACd,IAAA,OAAO,IAAA,EAAM;AACX,MAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,MAAA,MAAM,OAAA,GAAA,CAAU,EAAA,GAAA,OAAA,CAAQ,SAAA,KAAR,IAAA,GAAA,EAAA,GAAqB,IAAA,CAAK,SAAA;AAC1C,MAAA,MAAM,KAAA,GAAQ,UACV,UAAA,CAAW,MAAM,WAAW,KAAA,EAAM,EAAG,OAAO,CAAA,GAC5C,MAAA;AACJ,MAAA,IAAI;AACF,QAAA,MAAM,kBAAA,GACJ,OAAO,OAAA,CAAQ,IAAA,KAAS,WACpB,mCAAA,GACA,kBAAA;AACN,QAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,OAAA,CAAQ,KAAK,SAAA,CAAU,GAAA,EAAK,OAAA,CAAQ,KAAK,CAAA,EAAG;AAAA,UACjE,MAAA,EAAA,CAAQ,EAAA,GAAA,OAAA,CAAQ,MAAA,KAAR,IAAA,GAAA,EAAA,GAAkB,KAAA;AAAA,UAC1B,aAAa,OAAA,CAAQ,WAAA;AAAA,UACrB,OAAA,EAAS;AAAA,YACP,cAAA,EAAgB,kBAAA;AAAA,YAChB,GAAA,CAAI,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB;AAAC,WAC1B;AAAA,UACA,IAAA,EACE,OAAA,CAAQ,IAAA,KAAS,KAAA,CAAA,GACb,OAAO,OAAA,CAAQ,IAAA,KAAS,QAAA,GACtB,OAAA,CAAQ,IAAA,GACR,IAAA,CAAK,SAAA,CAAU,OAAA,CAAQ,IAAI,CAAA,GAC7B,KAAA,CAAA;AAAA,UACN,QAAQ,UAAA,CAAW;AAAA,SACpB,CAAA;AACD,QAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAa,GAAG,CAAA;AACxC,QAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,UAAA,IAAI,UAAU,OAAA,IAAW,gBAAA,CAAiB,GAAA,CAAI,GAAA,CAAI,MAAM,CAAA,EAAG;AACzD,YAAA,OAAA,IAAW,CAAA;AACX,YAAA;AAAA,UACF;AACA,UAAA,MAAM,IAAI,SAAA,CAAA,YAAA,mBAAoC,CAAA,KAAA,EAAQ,GAAA,CAAI,MAAM,CAAA,CAAE,CAAA;AAAA,QACpE;AACA,QAAA,IAAI,GAAA,GAAgC;AAAA,UAClC,QAAQ,GAAA,CAAI,MAAA;AAAA,UACZ,IAAA;AAAA,UACA,SAAS,GAAA,CAAI;AAAA,SACf;AACA,QAAA,KAAA,MAAW,CAAA,IAAK,KAAK,YAAA,EAAc;AACjC,UAAA,IAAI,EAAE,UAAA,EAAY,GAAA,GAAM,MAAM,CAAA,CAAE,WAAW,GAAG,CAAA;AAAA,QAChD;AACA,QAAA,OAAO,GAAA;AAAA,MACT,SAAS,KAAA,EAAO;AACd,QAAA,IAAI,KAAA,YAAiB,WAAW,MAAM,KAAA;AACtC,QAAA,IAAI,UAAU,OAAA,EAAS;AACrB,UAAA,OAAA,IAAW,CAAA;AACX,UAAA;AAAA,QACF;AACA,QAAA,MAAM,IAAI,SAAA;AAAA,UAAA,eAAA;AAAA,UAER,wBAAA;AAAA,UACA;AAAA,SACF;AAAA,MACF,CAAA,SAAE;AACA,QAAA,IAAI,KAAA,eAAoB,KAAK,CAAA;AAAA,MAC/B;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,SAAA,CACN,KACA,KAAA,EACQ;AACR,IAAA,IAAI,CAAC,OAAO,OAAO,GAAA;AACnB,IAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,GAAG,CAAA;AAC1B,IAAA,MAAA,CAAO,OAAA,CAAQ,KAAK,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM;AACxC,MAAA,IAAI,MAAM,MAAA,EAAW,MAAA,CAAO,YAAA,CAAa,GAAA,CAAI,GAAG,CAAC,CAAA;AAAA,IACnD,CAAC,CAAA;AACD,IAAA,OAAO,OAAO,QAAA,EAAS;AAAA,EACzB;AAAA,EAEA,MAAc,UAAa,GAAA,EAA2B;AAjHxD,IAAA,IAAA,EAAA;AAkHI,IAAA,MAAM,eAAc,EAAA,GAAA,GAAA,CAAI,OAAA,CAAQ,GAAA,CAAI,cAAc,MAA9B,IAAA,GAAA,EAAA,GAAmC,EAAA;AACvD,IAAA,IAAI,WAAA,CAAY,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAC5C,MAAA,OAAQ,MAAM,IAAI,IAAA,EAAK;AAAA,IACzB;AACA,IAAA,OAAQ,MAAM,IAAI,IAAA,EAAK;AAAA,EACzB;AACF;;;AC7FO,IAAM,oBAAN,MAA8C;AAAA,EAQnD,YAA6B,MAAA,EAA4B;AAA5B,IAAA,IAAA,CAAA,MAAA,GAAA,MAAA;AAP7B,IAAA,IAAA,CAAQ,OAAA,GAA0B,IAAA;AAClC,IAAA,IAAA,CAAQ,cAAA,GAA0C,IAAA;AAClD,IAAA,IAAA,CAAiB,SAAA,uBAAgB,GAAA,EAAuC;AA9B1E,IAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AAoCI,IAAA,IAAA,CAAK,OAAA,GAAA,CAAU,EAAA,GAAA,MAAA,CAAO,OAAA,KAAP,IAAA,GAAA,EAAA,GAAkB,IAAI,oBAAA,EAAqB;AAC1D,IAAA,IAAA,CAAK,SAAA,GAAA,CAAY,EAAA,GAAA,MAAA,CAAO,SAAA,KAAP,IAAA,GAAA,EAAA,GAAoB,IAAI,kBAAA,EAAmB;AAC5D,IAAA,IAAA,CAAK,OAAM,EAAA,GAAA,MAAA,CAAO,GAAA,KAAP,IAAA,GAAA,EAAA,IAAe,MAAM,KAAK,GAAA,EAAI,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,UAAA,CAAW,OAAA,GAA6B,EAAC,EAAkB;AAzCnE,IAAA,IAAA,EAAA,EAAA,EAAA;AA0CI,IAAA,MAAM,KAAA,GAAQ,aAAa,EAAE,CAAA;AAC7B,IAAA,MAAM,YAAA,GAAe,aAAa,EAAE,CAAA;AACpC,IAAA,MAAM,aAAA,GAAgB,MAAM,mBAAA,CAAoB,YAAY,CAAA;AAE5D,IAAA,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,KAAK,CAAA;AACrD,IAAA,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,cAAc,YAAY,CAAA;AAEnE,IAAA,MAAM,MAAA,GAAiC;AAAA,MACrC,aAAA,EAAe,MAAA;AAAA,MACf,SAAA,EAAW,KAAK,MAAA,CAAO,QAAA;AAAA,MACvB,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,MAC1B,KAAA;AAAA,MACA,cAAA,EAAgB,aAAA;AAAA,MAChB,qBAAA,EAAuB;AAAA,KACzB;AAEA,IAAA,MAAM,KAAA,GAAA,CAAQ,mBAAQ,MAAA,KAAR,IAAA,GAAA,MAAA,GAAA,EAAA,CAAgB,KAAK,GAAA,CAAA,KAArB,IAAA,GAAA,EAAA,GAA6B,KAAK,MAAA,CAAO,KAAA;AACvD,IAAA,IAAI,KAAA,SAAc,KAAA,GAAQ,KAAA;AAC1B,IAAA,IAAI,OAAA,CAAQ,SAAA,EAAW,MAAA,CAAO,UAAA,GAAa,OAAA,CAAQ,SAAA;AACnD,IAAA,IAAI,QAAQ,WAAA,EAAa;AACvB,MAAA,MAAM,QAAA,uBAAe,GAAA,CAAI;AAAA,QACvB,eAAA;AAAA,QACA,WAAA;AAAA,QACA,cAAA;AAAA,QACA,OAAA;AAAA,QACA,gBAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,KAAA,MAAW,CAAC,GAAG,CAAC,CAAA,IAAK,OAAO,OAAA,CAAQ,OAAA,CAAQ,WAAW,CAAA,EAAG;AACxD,QAAA,IAAI,CAAC,QAAA,CAAS,GAAA,CAAI,CAAC,CAAA,EAAG,MAAA,CAAO,CAAC,CAAA,GAAI,CAAA;AAAA,MACpC;AAAA,IACF;AAEA,IAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,IAAA,CAAK,OAAO,qBAAqB,CAAA;AACrD,IAAA,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,CAAA,EAAG,CAAC,CAAC,CAAA;AACrE,IAAA,MAAM,WAAA,GAAc,IAAI,QAAA,EAAS;AAEjC,IAAA,IAAI,IAAA,CAAK,OAAO,UAAA,EAAY;AAC1B,MAAA,MAAM,IAAA,CAAK,MAAA,CAAO,UAAA,CAAW,WAAW,CAAA;AACxC,MAAA;AAAA,IACF;AACA,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,MAAA,MAAA,CAAO,QAAA,CAAS,OAAO,WAAW,CAAA;AAClC,MAAA;AAAA,IACF;AACA,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AAAA,EAEA,MAAM,uBAAuB,WAAA,EAAwC;AACnE,IAAA,MAAM,QACJ,WAAA,IAAA,IAAA,GAAA,WAAA,GACC,OAAO,WAAW,WAAA,GAAc,MAAA,CAAO,SAAS,IAAA,GAAO,EAAA;AAC1D,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,GAAA,GAAM,SAAS,KAAK,CAAA;AAC1B,IAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAO,CAAA;AAC1C,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,IAAA,GAAO,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,mBAAmB,CAAA;AACrD,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER,OACI,CAAA,qBAAA,EAAwB,KAAK,WAAM,IAAI,CAAA,CAAA,GACvC,wBAAwB,KAAK,CAAA;AAAA,OACnC;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,MAAM,CAAA;AACxC,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,cAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,OAAO,CAAA;AAC1C,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,eAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,cAAc,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,KAAK,CAAA;AAClE,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,eAAA,CAAgB,WAAA,EAAa,KAAK,CAAA,EAAG;AACxD,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,OAAO,IAAA,CAAK,aAAa,IAAI,CAAA;AAAA,EAC/B;AAAA,EAEA,UAAA,GAA6B;AAC3B,IAAA,OAAO,IAAA,CAAK,OAAA;AAAA,EACd;AAAA,EAEA,MAAM,cAAA,GAAyC;AAnJjD,IAAA,IAAA,EAAA,EAAA,EAAA;AAoJI,IAAA,IAAI,CAAC,KAAK,OAAA,EAAS;AACjB,MAAA,MAAM,KAAK,cAAA,EAAe;AAAA,IAC5B;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,OAAA,EAAS,OAAO,IAAA;AAC1B,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,SAAA;AAChC,IAAA,IAAI,OAAO,GAAA,IAAO,IAAA,CAAK,KAAI,IAAK,IAAA,CAAK,OAAO,kBAAA,EAAoB;AAC9D,MAAA,IAAI,CAAC,KAAK,cAAA,EAAgB;AACxB,QAAA,IAAA,CAAK,cAAA,GAAiB,IAAA,CAAK,SAAA,EAAU,CAAE,QAAQ,MAAM;AACnD,UAAA,IAAA,CAAK,cAAA,GAAiB,IAAA;AAAA,QACxB,CAAC,CAAA;AAAA,MACH;AACA,MAAA,MAAM,IAAA,CAAK,cAAA;AAAA,IACb;AACA,IAAA,OAAA,CAAO,EAAA,GAAA,CAAA,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,MAAA,CAAO,gBAArB,IAAA,GAAA,EAAA,GAAoC,IAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,OAAO,OAAA,EAAgD;AAC3D,IAAA,IAAI,mCAAS,QAAA,EAAU;AACrB,MAAA,IAAI,WAAA;AACJ,MAAA,IAAI;AACF,QAAA,WAAA,GAAc,IAAI,GAAA,CAAI,OAAA,CAAQ,QAAQ,CAAA;AAAA,MACxC,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,QAAA,MAAM,IAAI,SAAA;AAAA,UAAA,gBAAA;AAAA,UAER;AAAA,SACF;AAAA,MACF;AAEA,MAAA,MAAM,OAAA,GAAU,YAAY,QAAA,KAAa,QAAA;AACzC,MAAA,MAAM,WAAA,GACJ,WAAA,CAAY,QAAA,KAAa,OAAA,KACxB,WAAA,CAAY,QAAA,KAAa,WAAA,IACxB,WAAA,CAAY,QAAA,KAAa,WAAA,IACzB,WAAA,CAAY,QAAA,KAAa,OAAA,CAAA;AAC7B,MAAA,IAAI,CAAC,OAAA,IAAW,CAAC,WAAA,EAAa;AAC5B,QAAA,MAAM,IAAI,SAAA;AAAA,UAAA,gBAAA;AAAA,UAER;AAAA,SACF;AAAA,MACF;AACA,MAAA,IAAI,WAAA,CAAY,QAAA,IAAY,WAAA,CAAY,QAAA,EAAU;AAChD,QAAA,MAAM,IAAI,SAAA;AAAA,UAAA,gBAAA;AAAA,UAER;AAAA,SACF;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,OAAA,GAAU,IAAA;AACf,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,KAAK,CAAA;AACjD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,YAAY,CAAA;AACxD,IAAA,IAAA,CAAK,MAAA,EAAO;AAEZ,IAAA,IAAI,IAAA,CAAK,OAAO,cAAA,EAAgB;AAC9B,MAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,IAAA,CAAK,OAAO,cAAc,CAAA;AAC9C,MAAA,IAAI,mCAAS,QAAA,EAAU;AACrB,QAAA,GAAA,CAAI,YAAA,CAAa,GAAA,CAAI,UAAA,EAAY,OAAA,CAAQ,QAAQ,CAAA;AAAA,MACnD;AACA,MAAA,MAAM,SAAA,GAAY,IAAI,QAAA,EAAS;AAC/B,MAAA,IAAI,IAAA,CAAK,OAAO,UAAA,EAAY;AAC1B,QAAA,MAAM,IAAA,CAAK,MAAA,CAAO,UAAA,CAAW,SAAS,CAAA;AAAA,MACxC,CAAA,MAAA,IAAW,OAAO,MAAA,KAAW,WAAA,EAAa;AACxC,QAAA,MAAA,CAAO,QAAA,CAAS,OAAO,SAAS,CAAA;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,eAAA,GAA2B;AAxN7B,IAAA,IAAA,EAAA,EAAA,EAAA;AAyNI,IAAA,MAAM,WAAA,GAAA,CAAc,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,MAAA,CAAO,WAAA;AACzC,IAAA,IAAI,CAAC,aAAa,OAAO,KAAA;AACzB,IAAA,MAAM,GAAA,GAAA,CAAM,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,MAAA,CAAO,SAAA;AACjC,IAAA,IAAI,GAAA,IAAO,GAAA,IAAO,IAAA,CAAK,GAAA,IAAO,OAAO,KAAA;AACrC,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,mBAAmB,OAAA,EAAwD;AACzE,IAAA,IAAA,CAAK,SAAA,CAAU,IAAI,OAAO,CAAA;AAC1B,IAAA,OAAO,MAAM,IAAA,CAAK,SAAA,CAAU,MAAA,CAAO,OAAO,CAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,WAAA,GAAgD;AACpD,IAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,EAAe;AAC9C,IAAA,IAAI,CAAC,WAAA,EAAa;AAChB,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AACA,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,gBAAA,EAAkB;AACjC,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AACA,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,gBAAA;AAAA,MACZ,EAAE,OAAA,EAAS,EAAE,eAAe,CAAA,OAAA,EAAU,WAAW,IAAG;AAAE,KACxD;AACA,IAAA,OAAO,QAAA,CAAS,IAAA;AAAA,EAClB;AAAA,EAEA,MAAM,wBACJ,OAAA,EAC6B;AA5PjC,IAAA,IAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA,EAAA;AA6PI,IAAA,IAAI,EAAC,mCAAS,KAAA,CAAA,EAAO;AACnB,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,CAAA,EAAG,IAAA,CAAK,MAAA,CAAO,OAAO,CAAA,wBAAA,CAAA;AAAA,MACtB;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,WAAA,EAAa,SAAA;AAAA,QACb,IAAA,EAAM;AAAA,UACJ,OAAO,OAAA,CAAQ,KAAA;AAAA,UACf,OAAA,EAAA,CAAS,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB,OAAA;AAAA,UAC5B,aAAa,OAAA,CAAQ,WAAA;AAAA,UACrB,OAAA,EAAA,CAAS,EAAA,GAAA,OAAA,CAAQ,OAAA,KAAR,IAAA,GAAA,EAAA,GAAmB;AAAA;AAC9B;AACF,KACF;AAEA,IAAA,OAAO;AAAA,MACL,aAAa,MAAA,CAAA,CAAO,EAAA,GAAA,QAAA,CAAS,IAAA,CAAK,WAAA,KAAd,YAA6B,EAAE,CAAA;AAAA,MACnD,SAAS,MAAA,CAAA,CAAO,EAAA,GAAA,QAAA,CAAS,IAAA,CAAK,OAAA,KAAd,YAAyB,EAAE,CAAA;AAAA,MAC3C,mBAAmB,MAAA,CAAA,CAAO,EAAA,GAAA,QAAA,CAAS,IAAA,CAAK,iBAAA,KAAd,YAAmC,EAAE,CAAA;AAAA,MAC/D,WAAW,MAAA,CAAA,CAAO,EAAA,GAAA,QAAA,CAAS,IAAA,CAAK,SAAA,KAAd,YAA2B,CAAC,CAAA;AAAA,MAC9C,SAAS,MAAA,CAAA,CAAO,EAAA,GAAA,QAAA,CAAS,IAAA,CAAK,OAAA,KAAd,YAAyB,OAAO;AAAA,KAClD;AAAA,EACF;AAAA,EAEA,MAAM,gBAAgB,OAAA,EAAmD;AACvE,IAAA,IAAI,EAAC,OAAA,IAAA,IAAA,GAAA,MAAA,GAAA,OAAA,CAAS,WAAA,CAAA,IAAe,EAAC,mCAAS,IAAA,CAAA,EAAM;AAC3C,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,CAAA,EAAG,IAAA,CAAK,MAAA,CAAO,OAAO,CAAA,oBAAA,CAAA;AAAA,MACtB;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,WAAA,EAAa,SAAA;AAAA,QACb,IAAA,EAAM;AAAA,UACJ,aAAa,OAAA,CAAQ,WAAA;AAAA,UACrB,MAAM,OAAA,CAAQ;AAAA;AAChB;AACF,KACF;AACA,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,QAAA,CAAS,IAAA,EAAM,KAAK,GAAG,CAAA;AACxD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEA,MAAM,kBACJ,OAAA,EAC6B;AAC7B,IAAA,OAAO,IAAA,CAAK,wBAAwB,OAAO,CAAA;AAAA,EAC7C;AAAA,EAEA,MAAM,sBACJ,OAAA,EACkB;AAClB,IAAA,OAAO,IAAA,CAAK,gBAAgB,OAAO,CAAA;AAAA,EACrC;AAAA,EAEA,MAAM,gBAAgB,OAAA,EAA+C;AACnE,IAAA,IAAI,EAAC,mCAAS,OAAA,CAAA,EAAS;AACrB,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,CAAA,EAAG,IAAA,CAAK,MAAA,CAAO,OAAO,CAAA,UAAA,CAAA;AAAA,MACtB;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,WAAA,EAAa,SAAA;AAAA,QACb,IAAA,EAAM;AAAA,UACJ,SAAS,OAAA,CAAQ;AAAA;AACnB;AACF,KACF;AACA,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,QAAA,CAAS,IAAA,EAAM,KAAK,GAAG,CAAA;AACxD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEA,MAAM,kBAAkB,OAAA,EAAiD;AACvE,IAAA,IAAI,EAAC,OAAA,IAAA,IAAA,GAAA,MAAA,GAAA,OAAA,CAAS,KAAA,CAAA,IAAS,EAAC,mCAAS,QAAA,CAAA,EAAU;AACzC,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,CAAA,EAAG,IAAA,CAAK,MAAA,CAAO,OAAO,CAAA,SAAA,CAAA;AAAA,MACtB;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,WAAA,EAAa,SAAA;AAAA,QACb,IAAA,EAAM;AAAA,UACJ,OAAO,OAAA,CAAQ,KAAA;AAAA,UACf,UAAU,OAAA,CAAQ;AAAA;AACpB;AACF,KACF;AACA,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,QAAA,CAAS,IAAA,EAAM,KAAK,GAAG,CAAA;AACxD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEA,MAAc,aAAa,IAAA,EAAgC;AACzD,IAAA,MAAM,WAAW,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,YAAY,CAAA;AACtE,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,uBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,oBAAA;AAAA,MACZ,IAAA;AAAA,MACA,aAAA,EAAe,QAAA;AAAA,MACf,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,MAC1B,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,KACxB,CAAA;AAED,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,aAAA;AAAA,MACZ;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,WAAA,EAAa,SAAA;AAAA,QACb,IAAA,EAAM,KAAK,QAAA;AAAS;AACtB,KACF;AACA,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,QAAA,CAAS,IAAA,EAAM,KAAK,GAAG,CAAA;AACxD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,KAAK,CAAA;AACjD,IAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,YAAY,CAAA;AACxD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEA,MAAc,SAAA,GAA8B;AA1Y9C,IAAA,IAAA,EAAA;AA2YI,IAAA,MAAM,YAAA,GAAA,CAAe,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,MAAA,CAAO,YAAA;AAC1C,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,eAAA;AAAA,MACZ,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,KACxB,CAAA;AACD,IAAA,IAAI,YAAA,EAAc,IAAA,CAAK,GAAA,CAAI,eAAA,EAAiB,YAAY,CAAA;AAExD,IAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,SAAA,CAAU,OAAA;AAAA,MACpC,KAAK,MAAA,CAAO,aAAA;AAAA,MACZ;AAAA,QACE,MAAA,EAAQ,MAAA;AAAA,QACR,WAAA,EAAa,SAAA;AAAA,QACb,IAAA,EAAM,KAAK,QAAA;AAAS;AACtB,KACF;AACA,IAAA,MAAM,MAAA,GAAS,iBAAA,CAAkB,QAAA,CAAS,IAAA,EAAM,KAAK,GAAG,CAAA;AACxD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEA,MAAc,cAAc,MAAA,EAAoC;AA9ZlE,IAAA,IAAA,EAAA,EAAA,EAAA;AA+ZI,IAAA,MAAM,oBAAA,GAAA,CAAuB,EAAA,GAAA,IAAA,CAAK,OAAA,KAAL,IAAA,GAAA,MAAA,GAAA,EAAA,CAAc,MAAA,CAAO,YAAA;AAClD,IAAA,MAAM,YAAA,GAAyB;AAAA,MAC7B,GAAG,MAAA;AAAA,MACH,YAAA,EAAA,CAAc,EAAA,GAAA,MAAA,CAAO,YAAA,KAAP,IAAA,GAAA,EAAA,GAAuB;AAAA,KACvC;AAEA,IAAA,IAAA,CAAK,OAAA,GAAU;AAAA,MACb,MAAA,EAAQ,YAAA;AAAA,MACR,SAAA,EAAW,KAAK,GAAA;AAAI,KACtB;AACA,IAAA,MAAM,OAAA;AAAA,MACJ,IAAA,CAAK,OAAA;AAAA,MACL,YAAA,CAAa,OAAA;AAAA,MACb,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,OAAO;AAAA,KAC7B;AACA,IAAA,IAAA,CAAK,MAAA,EAAO;AACZ,IAAA,OAAO,IAAA,CAAK,OAAA;AAAA,EACd;AAAA,EAEQ,MAAA,GAAe;AACrB,IAAA,IAAA,CAAK,UAAU,OAAA,CAAQ,CAAC,YAAY,OAAA,CAAQ,IAAA,CAAK,OAAO,CAAC,CAAA;AAAA,EAC3D;AAAA,EAEA,MAAc,cAAA,GAAgC;AAtbhD,IAAA,IAAA,EAAA;AAubI,IAAA,MAAM,MAAM,MAAM,OAAA,CAAQ,IAAA,CAAK,OAAA,EAAS,aAAa,OAAO,CAAA;AAC5D,IAAA,IAAI,CAAC,GAAA,EAAK;AACV,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAC7B,MAAA,IAAI,QAAA,CAAO,EAAA,GAAA,MAAA,IAAA,IAAA,GAAA,KAAA,CAAA,GAAA,MAAA,CAAQ,MAAA,KAAR,IAAA,GAAA,KAAA,CAAA,GAAA,EAAA,CAAgB,iBAAgB,QAAA,EAAU;AACnD,QAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,QAAA;AAAA,MACF;AACA,MAAA,IAAA,CAAK,OAAA,GAAU,MAAA;AAAA,IACjB,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,MAAA,MAAM,UAAA,CAAW,IAAA,CAAK,OAAA,EAAS,YAAA,CAAa,OAAO,CAAA;AACnD,MAAA,IAAA,CAAK,OAAA,GAAU,IAAA;AAAA,IACjB;AAAA,EACF;AACF,CAAA;;;ACjcA,IAAM,qBAAA,GAAwB,iCAAA;AAC9B,IAAM,0BAAA,GAA6B,qBAAA;AACnC,IAAM,kBAAA,GAAqB,iBAAA;AAC3B,IAAM,aAAA,GAAgB,sBAAA;AAEtB,SAAS,iBAAiB,KAAA,EAAwB;AAChD,EAAA,MAAM,GAAA,GAAM,MAAA,CAAO,KAAA,IAAA,IAAA,GAAA,KAAA,GAAS,qBAAqB,EAAE,IAAA,EAAK;AACxD,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AAEA,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAAS,IAAI,IAAI,GAAG,CAAA;AAAA,EACtB,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AAEA,EAAA,OAAO,MAAA,CAAO,QAAA,EAAS,CAAE,OAAA,CAAQ,QAAQ,EAAE,CAAA;AAC7C;AAEA,SAAS,eAAA,CACP,OAAA,EACA,QAAA,EACA,YAAA,EACQ;AACR,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,IAAI;AACF,MAAA,OAAO,IAAI,GAAA,CAAI,QAAQ,CAAA,CAAE,QAAA,EAAS;AAAA,IACpC,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,MAAA,MAAM,IAAI,SAAA;AAAA,QAAA,gBAAA;AAAA,QAER;AAAA,OACF;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,IAAI,GAAA,CAAI,YAAA,EAAc,GAAG,OAAO,CAAA,CAAA,CAAG,EAAE,QAAA,EAAS;AACvD;AAEO,SAAS,iBAAiB,MAAA,EAAgC;AAlDjE,EAAA,IAAA,EAAA,EAAA,EAAA;AAmDE,EAAA,IAAI,EAAC,iCAAQ,QAAA,CAAA,EAAU;AACrB,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,CAAC,OAAO,WAAA,EAAa;AACvB,IAAA,MAAM,IAAI,SAAA;AAAA,MAAA,gBAAA;AAAA,MAER;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,gBAAA,CAAiB,MAAA,CAAO,OAAO,CAAA;AAC/C,EAAA,MAAM,cAAA,GAAqC;AAAA,IACzC,GAAG,MAAA;AAAA,IACH,OAAA;AAAA,IACA,KAAA,EAAO,QAAO,EAAA,GAAA,MAAA,CAAO,KAAA,KAAP,YAAgB,EAAE,CAAA,CAAE,MAAK,IAAK,aAAA;AAAA,IAC5C,kBAAA,EAAA,CAAoB,EAAA,GAAA,MAAA,CAAO,kBAAA,KAAP,IAAA,GAAA,EAAA,GAA6B,IAAA;AAAA,IACjD,qBAAA,EAAuB,eAAA;AAAA,MACrB,OAAA;AAAA,MACA,MAAA,CAAO,qBAAA;AAAA,MACP;AAAA,KACF;AAAA,IACA,aAAA,EAAe,eAAA;AAAA,MACb,OAAA;AAAA,MACA,MAAA,CAAO,aAAA;AAAA,MACP;AAAA;AACF,GACF;AAEA,EAAA,OAAO,IAAI,kBAAkB,cAAc,CAAA;AAC7C;;;ACjFO,IAAM,oBAAN,MAAkD;AAAA,EACvD,YACmB,OAAA,EAIjB;AAJiB,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAAA,EAIhB;AAAA,EAEH,IAAI,GAAA,EAA4B;AAC9B,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAAA,EACjC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,EACjC;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAA,CAAK,OAAA,CAAQ,WAAW,GAAG,CAAA;AAAA,EAC7B;AACF;;;ACbO,IAAM,uBAAN,MAAqD;AAAA,EAC1D,YAA6B,SAAA,EAAmC;AAAnC,IAAA,IAAA,CAAA,SAAA,GAAA,SAAA;AAAA,EAAoC;AAAA,EAEjE,MAAM,IAAI,GAAA,EAAqC;AAC7C,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,SAAA,CAAU,GAAG,CAAA;AAAA,EACrC;AAAA,EAEA,MAAM,GAAA,CAAI,GAAA,EAAa,KAAA,EAA8B;AACnD,IAAA,MAAM,IAAA,CAAK,SAAA,CAAU,SAAA,CAAU,GAAA,EAAK,KAAK,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,OAAO,GAAA,EAA4B;AACvC,IAAA,MAAM,IAAA,CAAK,SAAA,CAAU,YAAA,CAAa,GAAG,CAAA;AAAA,EACvC;AACF;;;ACbA,IAAM,cAAA,GAAiB,CAAC,IAAA,KAAgC;AATxD,EAAA,IAAA,EAAA;AAUE,EAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAC5C,EAAA,MAAM,WAAA,GAAc,IAAA,CAAK,OAAA,CAAQ,qBAAA,EAAuB,MAAM,CAAA;AAC9D,EAAA,MAAM,MAAA,GAAS,SAAS,MAAA,CAAO,KAAA;AAAA,IAC7B,YAAY,WAAW,CAAA,gBAAA;AAAA,GACzB;AACA,EAAA,IAAI,CAAC,QAAQ,OAAO,IAAA;AACpB,EAAA,MAAM,GAAA,GAAA,CAAM,EAAA,GAAA,MAAA,CAAO,GAAA,EAAI,KAAX,IAAA,GAAA,EAAA,GAAgB,IAAA;AAC5B,EAAA,IAAI,GAAA,IAAO,MAAM,OAAO,IAAA;AACxB,EAAA,IAAI;AACF,IAAA,OAAO,mBAAmB,GAAG,CAAA;AAAA,EAC/B,CAAA,CAAA,OAAQ,CAAA,EAAA;AACN,IAAA,OAAO,GAAA;AAAA,EACT;AACF,CAAA;AAEO,SAAS,0BAAA,CACd,OAAA,GAAuC,EAAC,EACxB;AAChB,EAAA,MAAM,EAAE,QAAQ,IAAA,GAAO,GAAA,EAAK,WAAW,QAAA,EAAU,MAAA,GAAS,MAAK,GAAI,OAAA;AAEnE,EAAA,MAAM,GAAA,GAAM,CAAC,GAAA,KAA+B;AAC1C,IAAA,OAAO,eAAe,GAAG,CAAA;AAAA,EAC3B,CAAA;AAEA,EAAA,MAAM,GAAA,GAAM,CAAC,GAAA,EAAa,KAAA,KAAwB;AAChD,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,IAAI,SAAS,CAAA,EAAG,GAAG,CAAA,CAAA,EAAI,kBAAA,CAAmB,KAAK,CAAC,CAAA,CAAA;AAChD,IAAA,IAAI,IAAA,EAAM,MAAA,IAAU,CAAA,OAAA,EAAU,IAAI,CAAA,CAAA;AAClC,IAAA,IAAI,MAAA,EAAQ,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AACxC,IAAA,IAAI,QAAA,EAAU,MAAA,IAAU,CAAA,WAAA,EAAc,QAAQ,CAAA,CAAA;AAC9C,IAAA,IAAI,QAAQ,MAAA,IAAU,CAAA,QAAA,CAAA;AACtB,IAAA,QAAA,CAAS,MAAA,GAAS,MAAA;AAAA,EACpB,CAAA;AAEA,EAAA,MAAM,MAAA,GAAS,CAAC,GAAA,KAAsB;AACpC,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,IAAI,MAAA,GAAS,GAAG,GAAG,CAAA,wCAAA,CAAA;AACnB,IAAA,IAAI,IAAA,EAAM,MAAA,IAAU,CAAA,OAAA,EAAU,IAAI,CAAA,CAAA;AAClC,IAAA,IAAI,MAAA,EAAQ,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AACxC,IAAA,QAAA,CAAS,MAAA,GAAS,MAAA;AAAA,EACpB,CAAA;AAEA,EAAA,OAAO,EAAE,GAAA,EAAK,GAAA,EAAK,MAAA,EAAO;AAC5B","file":"index.cjs","sourcesContent":["export enum AuthErrorCode {\n INVALID_CONFIG = 'INVALID_CONFIG',\n STATE_MISMATCH = 'STATE_MISMATCH',\n CALLBACK_ERROR = 'CALLBACK_ERROR',\n TOKEN_EXCHANGE_FAILED = 'TOKEN_EXCHANGE_FAILED',\n REFRESH_FAILED = 'REFRESH_FAILED',\n STORAGE_ERROR = 'STORAGE_ERROR',\n MISSING_CODE = 'MISSING_CODE',\n MISSING_STATE = 'MISSING_STATE',\n NETWORK_ERROR = 'NETWORK_ERROR',\n HTTP_ERROR = 'HTTP_ERROR',\n}\n\nexport class AuthError extends Error {\n constructor(\n public readonly code: AuthErrorCode,\n message: string,\n public readonly cause?: unknown,\n ) {\n super(message);\n this.name = 'AuthError';\n }\n}\n","const ALPHABET =\n 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~';\n\nfunction getCryptoImpl(): Crypto {\n if (typeof globalThis !== 'undefined' && globalThis.crypto) {\n return globalThis.crypto;\n }\n throw new Error('Web Crypto API unavailable');\n}\n\nexport function randomString(length = 64): string {\n const crypto = getCryptoImpl();\n // Rejection sampling: discard bytes >= threshold to eliminate modulo bias.\n // ALPHABET.length = 66; threshold = 256 - (256 % 66) = 204\n const THRESHOLD = 256 - (256 % ALPHABET.length);\n const result: string[] = [];\n while (result.length < length) {\n const bytes = new Uint8Array(Math.ceil((length - result.length) * 1.4));\n crypto.getRandomValues(bytes);\n for (const b of bytes) {\n if (result.length >= length) break;\n if (b < THRESHOLD) result.push(ALPHABET[b % ALPHABET.length]!);\n }\n }\n return result.join('');\n}\n\nfunction toBase64Url(bytes: Uint8Array<ArrayBuffer>): string {\n const binary = Array.from(bytes, (b) => String.fromCharCode(b)).join('');\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=/g, '');\n}\n\nfunction verifierToBytes(verifier: string): Uint8Array<ArrayBuffer> {\n const bytes = new Uint8Array(verifier.length);\n for (let i = 0; i < verifier.length; i++) {\n bytes[i] = verifier.charCodeAt(i);\n }\n return bytes;\n}\n\nexport async function createCodeChallenge(verifier: string): Promise<string> {\n const crypto = getCryptoImpl();\n const buffer = verifierToBytes(verifier);\n const digest = await crypto.subtle.digest('SHA-256', buffer);\n return toBase64Url(new Uint8Array(digest));\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type { StorageAdapter, TokenSet } from './types';\n\nexport const STORAGE_KEYS = {\n session: 'nuria:session',\n state: 'nuria:oauth:state',\n codeVerifier: 'nuria:oauth:code_verifier',\n};\n\nexport function normalizeTokenSet(\n raw: Record<string, unknown>,\n now: () => number,\n): TokenSet {\n const accessToken = (raw.access_token ??\n raw.accessToken ??\n raw.Token) as string;\n if (!accessToken || typeof accessToken !== 'string') {\n throw new AuthError(\n AuthErrorCode.TOKEN_EXCHANGE_FAILED,\n 'Missing access token in token response',\n );\n }\n const expiresIn = Number(raw.expires_in ?? raw.expiresIn ?? 0) || undefined;\n const expiresAtFromResponse = Number(raw.ExpiresAt ?? 0) || undefined;\n const computedExpiresAt =\n expiresIn != null\n ? now() + expiresIn * 1000\n : expiresAtFromResponse\n ? expiresAtFromResponse\n : undefined;\n return {\n accessToken,\n tokenType: (raw.token_type ?? raw.tokenType ?? raw.TokenType) as\n | string\n | undefined,\n expiresIn,\n refreshToken: (raw.refresh_token ??\n raw.refreshToken ??\n raw.RefreshToken) as string | undefined,\n idToken: (raw.id_token ?? raw.idToken) as string | undefined,\n scope: raw.scope as string | undefined,\n expiresAt: computedExpiresAt,\n };\n}\n\nexport async function safeGet(\n storage: StorageAdapter,\n key: string,\n): Promise<string | null> {\n try {\n return await storage.get(key);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed reading key: ${key}`,\n cause,\n );\n }\n}\n\nexport async function safeSet(\n storage: StorageAdapter,\n key: string,\n value: string,\n): Promise<void> {\n try {\n await storage.set(key, value);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed writing key: ${key}`,\n cause,\n );\n }\n}\n\nexport async function safeRemove(\n storage: StorageAdapter,\n key: string,\n): Promise<void> {\n try {\n await storage.remove(key);\n } catch (cause) {\n throw new AuthError(\n AuthErrorCode.STORAGE_ERROR,\n `Failed removing key: ${key}`,\n cause,\n );\n }\n}\n\nexport function timingSafeEqual(a: string, b: string): boolean {\n if (a.length !== b.length) return false;\n let diff = 0;\n for (let i = 0; i < a.length; i++) {\n diff |= a.charCodeAt(i) ^ b.charCodeAt(i);\n }\n return diff === 0;\n}\n\nexport function parseUrl(url: string): URL {\n try {\n return new URL(url);\n } catch {\n throw new AuthError(AuthErrorCode.CALLBACK_ERROR, 'Invalid callback URL');\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport class MemoryStorageAdapter implements StorageAdapter {\n private store = new Map<string, string>();\n\n get(key: string): string | null {\n return this.store.get(key) ?? null;\n }\n\n set(key: string, value: string): void {\n this.store.set(key, value);\n }\n\n remove(key: string): void {\n this.store.delete(key);\n }\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type {\n AuthTransport,\n AuthTransportRequest,\n AuthTransportResponse,\n TransportInterceptor,\n} from '../core/types';\n\nexport interface FetchTransportOptions {\n fetchFn?: typeof fetch;\n timeoutMs?: number;\n retries?: number;\n interceptors?: TransportInterceptor[];\n}\n\nconst RETRYABLE_STATUS = new Set([408, 425, 429, 500, 502, 503, 504]);\n\nexport class FetchAuthTransport implements AuthTransport {\n private readonly fetchFn: typeof fetch;\n private readonly timeoutMs?: number;\n private readonly retries: number;\n private readonly interceptors: TransportInterceptor[];\n\n constructor(options: FetchTransportOptions = {}) {\n this.fetchFn = options.fetchFn ?? fetch;\n this.timeoutMs = options.timeoutMs;\n this.retries = options.retries ?? 0;\n this.interceptors = options.interceptors ?? [];\n }\n\n async request<T = unknown>(\n url: string,\n req: AuthTransportRequest = {},\n ): Promise<AuthTransportResponse<T>> {\n let request = req;\n for (const i of this.interceptors) {\n if (i.onRequest) request = await i.onRequest(url, request);\n }\n\n const retries = request.retries ?? this.retries;\n let attempt = 0;\n while (true) {\n const controller = new AbortController();\n const timeout = request.timeoutMs ?? this.timeoutMs;\n const timer = timeout\n ? setTimeout(() => controller.abort(), timeout)\n : undefined;\n try {\n const defaultContentType =\n typeof request.body === 'string'\n ? 'application/x-www-form-urlencoded'\n : 'application/json';\n const res = await this.fetchFn(this.withQuery(url, request.query), {\n method: request.method ?? 'GET',\n credentials: request.credentials,\n headers: {\n 'Content-Type': defaultContentType,\n ...(request.headers ?? {}),\n },\n body:\n request.body !== undefined\n ? typeof request.body === 'string'\n ? request.body\n : JSON.stringify(request.body)\n : undefined,\n signal: controller.signal,\n });\n const data = await this.parseBody<T>(res);\n if (!res.ok) {\n if (attempt < retries && RETRYABLE_STATUS.has(res.status)) {\n attempt += 1;\n continue;\n }\n throw new AuthError(AuthErrorCode.HTTP_ERROR, `HTTP ${res.status}`);\n }\n let out: AuthTransportResponse<T> = {\n status: res.status,\n data,\n headers: res.headers,\n };\n for (const i of this.interceptors) {\n if (i.onResponse) out = await i.onResponse(out);\n }\n return out;\n } catch (cause) {\n if (cause instanceof AuthError) throw cause;\n if (attempt < retries) {\n attempt += 1;\n continue;\n }\n throw new AuthError(\n AuthErrorCode.NETWORK_ERROR,\n 'Network request failed',\n cause,\n );\n } finally {\n if (timer) clearTimeout(timer);\n }\n }\n }\n\n private withQuery(\n url: string,\n query?: Record<string, string | undefined>,\n ): string {\n if (!query) return url;\n const parsed = new URL(url);\n Object.entries(query).forEach(([k, v]) => {\n if (v !== undefined) parsed.searchParams.set(k, v);\n });\n return parsed.toString();\n }\n\n private async parseBody<T>(res: Response): Promise<T> {\n const contentType = res.headers.get('content-type') ?? '';\n if (contentType.includes('application/json')) {\n return (await res.json()) as T;\n }\n return (await res.text()) as unknown as T;\n }\n}\n","import { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport { createCodeChallenge, randomString } from '../core/pkce';\nimport {\n normalizeTokenSet,\n parseUrl,\n safeGet,\n safeRemove,\n safeSet,\n timingSafeEqual,\n STORAGE_KEYS,\n} from '../core/utils';\nimport type {\n AuthClient,\n ResolvedAuthConfig,\n Session,\n StartLoginOptions,\n LoginCodeChallengeOptions,\n GoogleLoginOptions,\n PasswordLoginOptions,\n VerifyLoginCodeOptions,\n TwoFactorChallenge,\n TokenSet,\n AuthTransport,\n} from '../core/types';\nimport { MemoryStorageAdapter } from '../storage/memory-storage-adapter';\nimport { FetchAuthTransport } from '../transport/fetch-transport';\n\nexport class DefaultAuthClient implements AuthClient {\n private session: Session | null = null;\n private refreshPromise: Promise<Session> | null = null;\n private readonly listeners = new Set<(session: Session | null) => void>();\n private readonly storage;\n private readonly transport: AuthTransport;\n private readonly now: () => number;\n\n constructor(private readonly config: ResolvedAuthConfig) {\n this.storage = config.storage ?? new MemoryStorageAdapter();\n this.transport = config.transport ?? new FetchAuthTransport();\n this.now = config.now ?? (() => Date.now());\n }\n\n async startLogin(options: StartLoginOptions = {}): Promise<void> {\n const state = randomString(32);\n const codeVerifier = randomString(96);\n const codeChallenge = await createCodeChallenge(codeVerifier);\n\n await safeSet(this.storage, STORAGE_KEYS.state, state);\n await safeSet(this.storage, STORAGE_KEYS.codeVerifier, codeVerifier);\n\n const params: Record<string, string> = {\n response_type: 'code',\n client_id: this.config.clientId,\n redirect_uri: this.config.redirectUri,\n state,\n code_challenge: codeChallenge,\n code_challenge_method: 'S256',\n };\n\n const scope = options.scopes?.join(' ') ?? this.config.scope;\n if (scope) params.scope = scope;\n if (options.loginHint) params.login_hint = options.loginHint;\n if (options.extraParams) {\n const RESERVED = new Set([\n 'response_type',\n 'client_id',\n 'redirect_uri',\n 'state',\n 'code_challenge',\n 'code_challenge_method',\n ]);\n for (const [k, v] of Object.entries(options.extraParams)) {\n if (!RESERVED.has(k)) params[k] = v;\n }\n }\n\n const url = new URL(this.config.authorizationEndpoint);\n Object.entries(params).forEach(([k, v]) => url.searchParams.set(k, v));\n const redirectUrl = url.toString();\n\n if (this.config.onRedirect) {\n await this.config.onRedirect(redirectUrl);\n return;\n }\n if (typeof window !== 'undefined') {\n window.location.assign(redirectUrl);\n return;\n }\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'Missing onRedirect callback for non-browser runtime',\n );\n }\n\n async handleRedirectCallback(callbackUrl?: string): Promise<Session> {\n const input =\n callbackUrl ??\n (typeof window !== 'undefined' ? window.location.href : '');\n if (!input) {\n throw new AuthError(\n AuthErrorCode.CALLBACK_ERROR,\n 'callbackUrl required in non-browser runtime',\n );\n }\n\n const url = parseUrl(input);\n const error = url.searchParams.get('error');\n if (error) {\n const desc = url.searchParams.get('error_description');\n throw new AuthError(\n AuthErrorCode.CALLBACK_ERROR,\n desc\n ? `Authorization error: ${error} — ${desc}`\n : `Authorization error: ${error}`,\n );\n }\n\n const code = url.searchParams.get('code');\n if (!code) {\n throw new AuthError(\n AuthErrorCode.MISSING_CODE,\n 'Missing code in callback',\n );\n }\n\n const state = url.searchParams.get('state');\n if (!state) {\n throw new AuthError(\n AuthErrorCode.MISSING_STATE,\n 'Missing state in callback',\n );\n }\n\n const storedState = await safeGet(this.storage, STORAGE_KEYS.state);\n if (!storedState || !timingSafeEqual(storedState, state)) {\n throw new AuthError(\n AuthErrorCode.STATE_MISMATCH,\n 'State validation failed',\n );\n }\n\n return this.exchangeCode(code);\n }\n\n getSession(): Session | null {\n return this.session;\n }\n\n async getAccessToken(): Promise<string | null> {\n if (!this.session) {\n await this.hydrateSession();\n }\n if (!this.session) return null;\n const exp = this.session.tokens.expiresAt;\n if (exp && exp <= this.now() && this.config.enableRefreshToken) {\n if (!this.refreshPromise) {\n this.refreshPromise = this.doRefresh().finally(() => {\n this.refreshPromise = null;\n });\n }\n await this.refreshPromise;\n }\n return this.session?.tokens.accessToken ?? null;\n }\n\n async logout(options?: { returnTo?: string }): Promise<void> {\n if (options?.returnTo) {\n let returnToUrl: URL;\n try {\n returnToUrl = new URL(options.returnTo);\n } catch {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'returnTo must be a valid absolute URL',\n );\n }\n\n const isHttps = returnToUrl.protocol === 'https:';\n const isLocalHttp =\n returnToUrl.protocol === 'http:' &&\n (returnToUrl.hostname === 'localhost' ||\n returnToUrl.hostname === '127.0.0.1' ||\n returnToUrl.hostname === '[::1]');\n if (!isHttps && !isLocalHttp) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'returnTo must use https:// (or http:// only for localhost)',\n );\n }\n if (returnToUrl.username || returnToUrl.password) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'returnTo must not include URL credentials',\n );\n }\n }\n\n this.session = null;\n await safeRemove(this.storage, STORAGE_KEYS.session);\n await safeRemove(this.storage, STORAGE_KEYS.state);\n await safeRemove(this.storage, STORAGE_KEYS.codeVerifier);\n this.notify();\n\n if (this.config.logoutEndpoint) {\n const url = new URL(this.config.logoutEndpoint);\n if (options?.returnTo) {\n url.searchParams.set('returnTo', options.returnTo);\n }\n const logoutUrl = url.toString();\n if (this.config.onRedirect) {\n await this.config.onRedirect(logoutUrl);\n } else if (typeof window !== 'undefined') {\n window.location.assign(logoutUrl);\n }\n }\n }\n\n isAuthenticated(): boolean {\n const accessToken = this.session?.tokens.accessToken;\n if (!accessToken) return false;\n const exp = this.session?.tokens.expiresAt;\n if (exp && exp <= this.now()) return false;\n return true;\n }\n\n onAuthStateChanged(handler: (session: Session | null) => void): () => void {\n this.listeners.add(handler);\n return () => this.listeners.delete(handler);\n }\n\n async getUserinfo(): Promise<Record<string, unknown>> {\n const accessToken = await this.getAccessToken();\n if (!accessToken) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'Not authenticated — call handleRedirectCallback first',\n );\n }\n if (!this.config.userinfoEndpoint) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.userinfoEndpoint is required for getUserinfo',\n );\n }\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.userinfoEndpoint,\n { headers: { Authorization: `Bearer ${accessToken}` } },\n );\n return response.data;\n }\n\n async startLoginCodeChallenge(\n options: LoginCodeChallengeOptions,\n ): Promise<TwoFactorChallenge> {\n if (!options?.email) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'email is required for startLoginCodeChallenge',\n );\n }\n\n const response = await this.transport.request<Record<string, unknown>>(\n `${this.config.baseUrl}/v2/login-code/challenge`,\n {\n method: 'POST',\n credentials: 'include',\n body: {\n email: options.email,\n channel: options.channel ?? 'email',\n destination: options.destination,\n purpose: options.purpose ?? 'login',\n },\n },\n );\n\n return {\n challengeId: String(response.data.challengeId ?? ''),\n channel: String(response.data.channel ?? ''),\n destinationMasked: String(response.data.destinationMasked ?? ''),\n expiresAt: Number(response.data.expiresAt ?? 0),\n purpose: String(response.data.purpose ?? 'login'),\n };\n }\n\n async verifyLoginCode(options: VerifyLoginCodeOptions): Promise<Session> {\n if (!options?.challengeId || !options?.code) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'challengeId and code are required for verifyLoginCode',\n );\n }\n\n const response = await this.transport.request<Record<string, unknown>>(\n `${this.config.baseUrl}/v2/2fa/verify-login`,\n {\n method: 'POST',\n credentials: 'include',\n body: {\n challengeId: options.challengeId,\n code: options.code,\n },\n },\n );\n const tokens = normalizeTokenSet(response.data, this.now);\n return this.createSession(tokens);\n }\n\n async loginWithCodeSent(\n options: LoginCodeChallengeOptions,\n ): Promise<TwoFactorChallenge> {\n return this.startLoginCodeChallenge(options);\n }\n\n async completeLoginWithCode(\n options: VerifyLoginCodeOptions,\n ): Promise<Session> {\n return this.verifyLoginCode(options);\n }\n\n async loginWithGoogle(options: GoogleLoginOptions): Promise<Session> {\n if (!options?.idToken) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'idToken is required for loginWithGoogle',\n );\n }\n\n const response = await this.transport.request<Record<string, unknown>>(\n `${this.config.baseUrl}/v2/google`,\n {\n method: 'POST',\n credentials: 'include',\n body: {\n idToken: options.idToken,\n },\n },\n );\n const tokens = normalizeTokenSet(response.data, this.now);\n return this.createSession(tokens);\n }\n\n async loginWithPassword(options: PasswordLoginOptions): Promise<Session> {\n if (!options?.email || !options?.password) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'email and password are required for loginWithPassword',\n );\n }\n\n const response = await this.transport.request<Record<string, unknown>>(\n `${this.config.baseUrl}/v2/login`,\n {\n method: 'POST',\n credentials: 'include',\n body: {\n email: options.email,\n password: options.password,\n },\n },\n );\n const tokens = normalizeTokenSet(response.data, this.now);\n return this.createSession(tokens);\n }\n\n private async exchangeCode(code: string): Promise<Session> {\n const verifier = await safeGet(this.storage, STORAGE_KEYS.codeVerifier);\n if (!verifier) {\n throw new AuthError(\n AuthErrorCode.TOKEN_EXCHANGE_FAILED,\n 'Missing PKCE code_verifier in storage',\n );\n }\n\n const body = new URLSearchParams({\n grant_type: 'authorization_code',\n code,\n code_verifier: verifier,\n redirect_uri: this.config.redirectUri,\n client_id: this.config.clientId,\n });\n\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.tokenEndpoint,\n {\n method: 'POST',\n credentials: 'include',\n body: body.toString(),\n },\n );\n const tokens = normalizeTokenSet(response.data, this.now);\n await safeRemove(this.storage, STORAGE_KEYS.state);\n await safeRemove(this.storage, STORAGE_KEYS.codeVerifier);\n return this.createSession(tokens);\n }\n\n private async doRefresh(): Promise<Session> {\n const refreshToken = this.session?.tokens.refreshToken;\n const body = new URLSearchParams({\n grant_type: 'refresh_token',\n client_id: this.config.clientId,\n });\n if (refreshToken) body.set('refresh_token', refreshToken);\n\n const response = await this.transport.request<Record<string, unknown>>(\n this.config.tokenEndpoint,\n {\n method: 'POST',\n credentials: 'include',\n body: body.toString(),\n },\n );\n const tokens = normalizeTokenSet(response.data, this.now);\n return this.createSession(tokens);\n }\n\n private async createSession(tokens: TokenSet): Promise<Session> {\n const previousRefreshToken = this.session?.tokens.refreshToken;\n const mergedTokens: TokenSet = {\n ...tokens,\n refreshToken: tokens.refreshToken ?? previousRefreshToken,\n };\n\n this.session = {\n tokens: mergedTokens,\n createdAt: this.now(),\n };\n await safeSet(\n this.storage,\n STORAGE_KEYS.session,\n JSON.stringify(this.session),\n );\n this.notify();\n return this.session;\n }\n\n private notify(): void {\n this.listeners.forEach((handler) => handler(this.session));\n }\n\n private async hydrateSession(): Promise<void> {\n const raw = await safeGet(this.storage, STORAGE_KEYS.session);\n if (!raw) return;\n try {\n const parsed = JSON.parse(raw) as Session;\n if (typeof parsed?.tokens?.accessToken !== 'string') {\n await safeRemove(this.storage, STORAGE_KEYS.session);\n return;\n }\n this.session = parsed;\n } catch {\n await safeRemove(this.storage, STORAGE_KEYS.session);\n this.session = null;\n }\n }\n}\n","import { DefaultAuthClient } from './nuria-auth-client';\nimport { AuthError, AuthErrorCode } from '../errors/auth-error';\nimport type { AuthClient, AuthConfig, ResolvedAuthConfig } from '../core/types';\n\nconst DEFAULT_AUTH_BASE_URL = 'https://ms-auth-v2.nuria.com.br';\nconst DEFAULT_AUTHORIZATION_PATH = '/v2/oauth/authorize';\nconst DEFAULT_TOKEN_PATH = '/v2/oauth/token';\nconst DEFAULT_SCOPE = 'openid profile email';\n\nfunction normalizeBaseUrl(value?: string): string {\n const raw = String(value ?? DEFAULT_AUTH_BASE_URL).trim();\n if (!raw) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.baseUrl must be a valid absolute URL',\n );\n }\n\n let parsed: URL;\n try {\n parsed = new URL(raw);\n } catch {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.baseUrl must be a valid absolute URL',\n );\n }\n\n return parsed.toString().replace(/\\/+$/, '');\n}\n\nfunction resolveEndpoint(\n baseUrl: string,\n explicit: string | undefined,\n fallbackPath: string,\n): string {\n if (explicit) {\n try {\n return new URL(explicit).toString();\n } catch {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'OAuth endpoints must be valid absolute URLs',\n );\n }\n }\n\n return new URL(fallbackPath, `${baseUrl}/`).toString();\n}\n\nexport function createAuthClient(config: AuthConfig): AuthClient {\n if (!config?.clientId) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.clientId is required',\n );\n }\n if (!config.redirectUri) {\n throw new AuthError(\n AuthErrorCode.INVALID_CONFIG,\n 'config.redirectUri is required',\n );\n }\n\n const baseUrl = normalizeBaseUrl(config.baseUrl);\n const resolvedConfig: ResolvedAuthConfig = {\n ...config,\n baseUrl,\n scope: String(config.scope ?? '').trim() || DEFAULT_SCOPE,\n enableRefreshToken: config.enableRefreshToken ?? true,\n authorizationEndpoint: resolveEndpoint(\n baseUrl,\n config.authorizationEndpoint,\n DEFAULT_AUTHORIZATION_PATH,\n ),\n tokenEndpoint: resolveEndpoint(\n baseUrl,\n config.tokenEndpoint,\n DEFAULT_TOKEN_PATH,\n ),\n };\n\n return new DefaultAuthClient(resolvedConfig);\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport class WebStorageAdapter implements StorageAdapter {\n constructor(\n private readonly storage: Pick<\n Storage,\n 'getItem' | 'setItem' | 'removeItem'\n >,\n ) {}\n\n get(key: string): string | null {\n return this.storage.getItem(key);\n }\n\n set(key: string, value: string): void {\n this.storage.setItem(key, value);\n }\n\n remove(key: string): void {\n this.storage.removeItem(key);\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport interface CookieStorageCallbacks {\n getCookie(name: string): string | null | Promise<string | null>;\n setCookie(name: string, value: string): void | Promise<void>;\n removeCookie(name: string): void | Promise<void>;\n}\n\nexport class CookieStorageAdapter implements StorageAdapter {\n constructor(private readonly callbacks: CookieStorageCallbacks) {}\n\n async get(key: string): Promise<string | null> {\n return this.callbacks.getCookie(key);\n }\n\n async set(key: string, value: string): Promise<void> {\n await this.callbacks.setCookie(key, value);\n }\n\n async remove(key: string): Promise<void> {\n await this.callbacks.removeCookie(key);\n }\n}\n","import type { StorageAdapter } from '../core/types';\n\nexport interface BrowserCookieStorageOptions {\n domain?: string;\n path?: string;\n sameSite?: 'strict' | 'lax' | 'none';\n secure?: boolean;\n}\n\nconst getCookieValue = (name: string): string | null => {\n if (typeof document === 'undefined') return null;\n const escapedName = name.replace(/[.*+?^${}()|[\\]\\\\]/g, '\\\\$&');\n const result = document.cookie.match(\n `(^|;)\\\\s*${escapedName}\\\\s*=\\\\s*([^;]+)`,\n );\n if (!result) return null;\n const raw = result.pop() ?? null;\n if (raw == null) return null;\n try {\n return decodeURIComponent(raw);\n } catch {\n return raw;\n }\n};\n\nexport function createBrowserCookieStorage(\n options: BrowserCookieStorageOptions = {},\n): StorageAdapter {\n const { domain, path = '/', sameSite = 'strict', secure = true } = options;\n\n const get = (key: string): string | null => {\n return getCookieValue(key);\n };\n\n const set = (key: string, value: string): void => {\n if (typeof document === 'undefined') return;\n let cookie = `${key}=${encodeURIComponent(value)}`;\n if (path) cookie += `; path=${path}`;\n if (domain) cookie += `; domain=${domain}`;\n if (sameSite) cookie += `; samesite=${sameSite}`;\n if (secure) cookie += `; secure`;\n document.cookie = cookie;\n };\n\n const remove = (key: string): void => {\n if (typeof document === 'undefined') return;\n let cookie = `${key}=; expires=Thu, 01 Jan 1970 00:00:00 GMT`;\n if (path) cookie += `; path=${path}`;\n if (domain) cookie += `; domain=${domain}`;\n document.cookie = cookie;\n };\n\n return { get, set, remove };\n}\n"]}
|