@obul.ai/sdk 0.1.0

package/dist/core/crypto.js

@@ -0,0 +1,68 @@
+function bytesToBase64(bytes) {
+    if (typeof Buffer !== "undefined") {
+        return Buffer.from(bytes).toString("base64");
+    }
+    let binary = "";
+    for (const byte of bytes) {
+        binary += String.fromCharCode(byte);
+    }
+    if (typeof btoa === "function") {
+        return btoa(binary);
+    }
+    throw new Error("No base64 encoder available");
+}
+function base64ToBytes(base64) {
+    if (typeof Buffer !== "undefined") {
+        return new Uint8Array(Buffer.from(base64, "base64"));
+    }
+    if (typeof atob === "function") {
+        const binary = atob(base64);
+        const bytes = new Uint8Array(binary.length);
+        for (let i = 0; i < binary.length; i += 1) {
+            bytes[i] = binary.charCodeAt(i);
+        }
+        return bytes;
+    }
+    throw new Error("No base64 decoder available");
+}
+export function base64UrlEncode(input) {
+    return bytesToBase64(input)
+        .replace(/=/g, "")
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_");
+}
+export function base64UrlDecode(input) {
+    const normalized = input.replace(/-/g, "+").replace(/_/g, "/");
+    const padding = (4 - (normalized.length % 4)) % 4;
+    const padded = normalized + "=".repeat(padding);
+    return base64ToBytes(padded);
+}
+export function createDefaultCrypto() {
+    const cryptoObj = globalThis.crypto;
+    if (!cryptoObj?.getRandomValues || !cryptoObj?.subtle) {
+        throw new Error("Web Crypto is required; provide config.crypto in non-web runtimes");
+    }
+    return {
+        randomBytes: (length) => {
+            const bytes = new Uint8Array(length);
+            cryptoObj.getRandomValues(bytes);
+            return bytes;
+        },
+        sha256: async (input) => {
+            const copy = new Uint8Array(input.byteLength);
+            copy.set(input);
+            const digest = await cryptoObj.subtle.digest("SHA-256", copy.buffer);
+            return new Uint8Array(digest);
+        }
+    };
+}
+export async function generatePkcePair(crypto) {
+    const codeVerifier = base64UrlEncode(crypto.randomBytes(32));
+    const digest = await crypto.sha256(new TextEncoder().encode(codeVerifier));
+    const codeChallenge = base64UrlEncode(digest);
+    return { codeVerifier, codeChallenge };
+}
+export function randomId(crypto, bytes = 32) {
+    return base64UrlEncode(crypto.randomBytes(bytes));
+}
+//# sourceMappingURL=crypto.js.map

package/dist/core/crypto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../src/core/crypto.ts"],"names":[],"mappings":"AAEA,SAAS,aAAa,CAAC,KAAiB;IACtC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;IAC9C,CAAC;IACD,IAAI,MAAM,GAAG,EAAE,CAAA;IACf,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAA;IACrC,CAAC;IACD,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC,MAAM,CAAC,CAAA;IACrB,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;AAChD,CAAC;AAED,SAAS,aAAa,CAAC,MAAc;IACnC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAA;IACtD,CAAC;IACD,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAA;QAC3B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QAC3C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1C,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;QACjC,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;AAChD,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,KAAiB;IAC/C,OAAO,aAAa,CAAC,KAAK,CAAC;SACxB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;SACjB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;AACxB,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,KAAa;IAC3C,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IAC9D,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IACjD,MAAM,MAAM,GAAG,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAC/C,OAAO,aAAa,CAAC,MAAM,CAAC,CAAA;AAC9B,CAAC;AAED,MAAM,UAAU,mBAAmB;IACjC,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAA;IACnC,IAAI,CAAC,SAAS,EAAE,eAAe,IAAI,CAAC,SAAS,EAAE,MAAM,EAAE,CAAC;QACtD,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAA;IACtF,CAAC;IAED,OAAO;QACL,WAAW,EAAE,CAAC,MAAc,EAAE,EAAE;YAC9B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAA;YACpC,SAAS,CAAC,eAAe,CAAC,KAAK,CAAC,CAAA;YAChC,OAAO,KAAK,CAAA;QACd,CAAC;QACD,MAAM,EAAE,KAAK,EAAE,KAAiB,EAAE,EAAE;YAClC,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;YAC7C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;YACf,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;YACpE,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,CAAA;QAC/B,CAAC;KACF,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,MAAkB;IACvD,MAAM,YAAY,GAAG,eAAe,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAA;IAC5D,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAA;IAC1E,MAAM,aAAa,GAAG,eAAe,CAAC,MAAM,CAAC,CAAA;IAC7C,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,CAAA;AACxC,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,MAAkB,EAAE,KAAK,GAAG,EAAE;IACrD,OAAO,eAAe,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAA;AACnD,CAAC"}

package/dist/core/index.d.ts

@@ -0,0 +1,7 @@
+export type { Clock, CookieOptions, CryptoLike, FetchLike, Logger, ObulServerConfig, ObulSession, SessionRecord, SessionStore, StateRecord, TokenRecord, TokenStore } from "./types";
+export { MemorySessionStore, MemoryTokenStore } from "./stores";
+export { createDefaultCrypto, generatePkcePair, randomId } from "./crypto";
+export { decodeJwtPayload } from "./jwt";
+export { parseCookies, serializeCookie } from "./cookies";
+export { createObulOAuthClient } from "./oauth";
+//# sourceMappingURL=index.d.ts.map

package/dist/core/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAAA,YAAY,EACV,KAAK,EACL,aAAa,EACb,UAAU,EACV,SAAS,EACT,MAAM,EACN,gBAAgB,EAChB,WAAW,EACX,aAAa,EACb,YAAY,EACZ,WAAW,EACX,WAAW,EACX,UAAU,EACX,MAAM,SAAS,CAAA;AAChB,OAAO,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAA;AAC/D,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAA;AAC1E,OAAO,EAAE,gBAAgB,EAAE,MAAM,OAAO,CAAA;AACxC,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AACzD,OAAO,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAA"}

package/dist/core/index.js

@@ -0,0 +1,6 @@
+export { MemorySessionStore, MemoryTokenStore } from "./stores";
+export { createDefaultCrypto, generatePkcePair, randomId } from "./crypto";
+export { decodeJwtPayload } from "./jwt";
+export { parseCookies, serializeCookie } from "./cookies";
+export { createObulOAuthClient } from "./oauth";
+//# sourceMappingURL=index.js.map

package/dist/core/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAA;AAC/D,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAA;AAC1E,OAAO,EAAE,gBAAgB,EAAE,MAAM,OAAO,CAAA;AACxC,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,WAAW,CAAA;AACzD,OAAO,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAA"}

package/dist/core/jwt.d.ts

@@ -0,0 +1,8 @@
+export type JwtClaims = {
+    exp?: number;
+    allowed_hosts?: string[];
+    max_price_per_request?: number;
+    [key: string]: unknown;
+};
+export declare function decodeJwtPayload(token: string): JwtClaims | null;
+//# sourceMappingURL=jwt.d.ts.map

package/dist/core/jwt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../src/core/jwt.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,SAAS,GAAG;IACtB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IACxB,qBAAqB,CAAC,EAAE,MAAM,CAAA;IAC9B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;CACvB,CAAA;AAED,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,CAUhE"}

package/dist/core/jwt.js

@@ -0,0 +1,15 @@
+import { base64UrlDecode } from "./crypto";
+export function decodeJwtPayload(token) {
+    const parts = token.split(".");
+    if (parts.length < 2)
+        return null;
+    try {
+        const payloadBytes = base64UrlDecode(parts[1]);
+        const json = new TextDecoder().decode(payloadBytes);
+        return JSON.parse(json);
+    }
+    catch {
+        return null;
+    }
+}
+//# sourceMappingURL=jwt.js.map

package/dist/core/jwt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../../src/core/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAA;AAS1C,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC9B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,CAAA;IACjC,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAC9C,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAA;QACnD,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAc,CAAA;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC"}

package/dist/core/oauth.d.ts

@@ -0,0 +1,39 @@
+import type { FetchLike, Logger } from "./types";
+export type ObulOAuthClientConfig = {
+    issuerUrl: string;
+    authEndpoint: string;
+    tokenEndpoint: string;
+    revocationEndpoint?: string;
+    clientId: string;
+    clientSecret?: string;
+    redirectUri: string;
+    scopes: string[];
+};
+export type TokenResponse = {
+    access_token: string;
+    refresh_token?: string;
+    expires_in?: number;
+    token_type?: string;
+    scope?: string;
+};
+export declare function createObulOAuthClient(config: ObulOAuthClientConfig, options: {
+    fetch: FetchLike;
+    logger?: Logger;
+}): {
+    getAuthUrl: (params: {
+        state: string;
+        codeChallenge: string;
+    }) => string;
+    exchangeCode: (params: {
+        code: string;
+        codeVerifier: string;
+    }) => Promise<TokenResponse>;
+    refresh: (params: {
+        refreshToken: string;
+    }) => Promise<TokenResponse>;
+    revoke: (params: {
+        token: string;
+        tokenTypeHint?: "access_token" | "refresh_token";
+    }) => Promise<void>;
+};
+//# sourceMappingURL=oauth.d.ts.map

package/dist/core/oauth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../src/core/oauth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,SAAS,CAAA;AAEhD,MAAM,MAAM,qBAAqB,GAAG;IAClC,SAAS,EAAE,MAAM,CAAA;IACjB,YAAY,EAAE,MAAM,CAAA;IACpB,aAAa,EAAE,MAAM,CAAA;IACrB,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;IACnB,MAAM,EAAE,MAAM,EAAE,CAAA;CACjB,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,YAAY,EAAE,MAAM,CAAA;IACpB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf,CAAA;AAED,wBAAgB,qBAAqB,CACnC,MAAM,EAAE,qBAAqB,EAC7B,OAAO,EAAE;IAAE,KAAK,EAAE,SAAS,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE;yBAKlB;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE;2BAYhC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,CAAA;KAAE;sBA2B3C;QAAE,YAAY,EAAE,MAAM,CAAA;KAAE;qBAyBzB;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,aAAa,CAAC,EAAE,cAAc,GAAG,eAAe,CAAA;KAAE;EAwBlG"}

package/dist/core/oauth.js

@@ -0,0 +1,86 @@
+export function createObulOAuthClient(config, options) {
+    const fetcher = options.fetch;
+    const logger = options.logger;
+    const getAuthUrl = (params) => {
+        const url = new URL(config.authEndpoint, config.issuerUrl);
+        url.searchParams.set("client_id", config.clientId);
+        url.searchParams.set("redirect_uri", config.redirectUri);
+        url.searchParams.set("response_type", "code");
+        url.searchParams.set("scope", config.scopes.join(" "));
+        url.searchParams.set("code_challenge", params.codeChallenge);
+        url.searchParams.set("code_challenge_method", "S256");
+        url.searchParams.set("state", params.state);
+        return url.toString();
+    };
+    const exchangeCode = async (params) => {
+        const body = new URLSearchParams();
+        body.set("grant_type", "authorization_code");
+        body.set("code", params.code);
+        body.set("redirect_uri", config.redirectUri);
+        body.set("client_id", config.clientId);
+        body.set("code_verifier", params.codeVerifier);
+        if (config.clientSecret)
+            body.set("client_secret", config.clientSecret);
+        const res = await fetcher(new URL(config.tokenEndpoint, config.issuerUrl), {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/x-www-form-urlencoded",
+                Accept: "application/json"
+            },
+            body
+        });
+        if (!res.ok) {
+            const text = await res.text();
+            logger?.warn?.("Token exchange failed", { status: res.status, text });
+            throw new Error(`Token exchange failed (${res.status})`);
+        }
+        return (await res.json());
+    };
+    const refresh = async (params) => {
+        const body = new URLSearchParams();
+        body.set("grant_type", "refresh_token");
+        body.set("refresh_token", params.refreshToken);
+        body.set("client_id", config.clientId);
+        if (config.clientSecret)
+            body.set("client_secret", config.clientSecret);
+        const res = await fetcher(new URL(config.tokenEndpoint, config.issuerUrl), {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/x-www-form-urlencoded",
+                Accept: "application/json"
+            },
+            body
+        });
+        if (!res.ok) {
+            const text = await res.text();
+            logger?.warn?.("Token refresh failed", { status: res.status, text });
+            throw new Error(`Token refresh failed (${res.status})`);
+        }
+        return (await res.json());
+    };
+    const revoke = async (params) => {
+        if (!config.revocationEndpoint)
+            return;
+        const body = new URLSearchParams();
+        body.set("token", params.token);
+        if (params.tokenTypeHint)
+            body.set("token_type_hint", params.tokenTypeHint);
+        body.set("client_id", config.clientId);
+        if (config.clientSecret)
+            body.set("client_secret", config.clientSecret);
+        const res = await fetcher(new URL(config.revocationEndpoint, config.issuerUrl), {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/x-www-form-urlencoded",
+                Accept: "application/json"
+            },
+            body
+        });
+        if (!res.ok) {
+            const text = await res.text();
+            logger?.warn?.("Token revocation failed", { status: res.status, text });
+        }
+    };
+    return { getAuthUrl, exchangeCode, refresh, revoke };
+}
+//# sourceMappingURL=oauth.js.map

package/dist/core/oauth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../src/core/oauth.ts"],"names":[],"mappings":"AAqBA,MAAM,UAAU,qBAAqB,CACnC,MAA6B,EAC7B,OAA8C;IAE9C,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAA;IAC7B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;IAE7B,MAAM,UAAU,GAAG,CAAC,MAAgD,EAAE,EAAE;QACtE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,SAAS,CAAC,CAAA;QAC1D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAA;QAClD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,WAAW,CAAC,CAAA;QACxD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAA;QAC7C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;QACtD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,EAAE,MAAM,CAAC,aAAa,CAAC,CAAA;QAC5D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAA;QACrD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAA;QAC3C,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAA;IACvB,CAAC,CAAA;IAED,MAAM,YAAY,GAAG,KAAK,EAAE,MAA8C,EAAE,EAAE;QAC5E,MAAM,IAAI,GAAG,IAAI,eAAe,EAAE,CAAA;QAClC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,oBAAoB,CAAC,CAAA;QAC5C,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAA;QAC7B,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,WAAW,CAAC,CAAA;QAC5C,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAA;QACtC,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,YAAY,CAAC,CAAA;QAC9C,IAAI,MAAM,CAAC,YAAY;YAAE,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,YAAY,CAAC,CAAA;QAEvE,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,EAAE,MAAM,CAAC,SAAS,CAAC,EAAE;YACzE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,mCAAmC;gBACnD,MAAM,EAAE,kBAAkB;aAC3B;YACD,IAAI;SACL,CAAC,CAAA;QAEF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAA;YAC7B,MAAM,EAAE,IAAI,EAAE,CAAC,uBAAuB,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;YACrE,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,CAAC,MAAM,GAAG,CAAC,CAAA;QAC1D,CAAC;QAED,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAkB,CAAA;IAC5C,CAAC,CAAA;IAED,MAAM,OAAO,GAAG,KAAK,EAAE,MAAgC,EAAE,EAAE;QACzD,MAAM,IAAI,GAAG,IAAI,eAAe,EAAE,CAAA;QAClC,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,eAAe,CAAC,CAAA;QACvC,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,YAAY,CAAC,CAAA;QAC9C,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAA;QACtC,IAAI,MAAM,CAAC,YAAY;YAAE,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,YAAY,CAAC,CAAA;QAEvE,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,EAAE,MAAM,CAAC,SAAS,CAAC,EAAE;YACzE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,mCAAmC;gBACnD,MAAM,EAAE,kBAAkB;aAC3B;YACD,IAAI;SACL,CAAC,CAAA;QAEF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAA;YAC7B,MAAM,EAAE,IAAI,EAAE,CAAC,sBAAsB,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;YACpE,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,CAAC,MAAM,GAAG,CAAC,CAAA;QACzD,CAAC;QAED,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAkB,CAAA;IAC5C,CAAC,CAAA;IAED,MAAM,MAAM,GAAG,KAAK,EAAE,MAA2E,EAAE,EAAE;QACnG,IAAI,CAAC,MAAM,CAAC,kBAAkB;YAAE,OAAM;QACtC,MAAM,IAAI,GAAG,IAAI,eAAe,EAAE,CAAA;QAClC,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,CAAA;QAC/B,IAAI,MAAM,CAAC,aAAa;YAAE,IAAI,CAAC,GAAG,CAAC,iBAAiB,EAAE,MAAM,CAAC,aAAa,CAAC,CAAA;QAC3E,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAA;QACtC,IAAI,MAAM,CAAC,YAAY;YAAE,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,YAAY,CAAC,CAAA;QAEvE,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,EAAE;YAC9E,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,mCAAmC;gBACnD,MAAM,EAAE,kBAAkB;aAC3B;YACD,IAAI;SACL,CAAC,CAAA;QAEF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAA;YAC7B,MAAM,EAAE,IAAI,EAAE,CAAC,yBAAyB,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;QACzE,CAAC;IACH,CAAC,CAAA;IAED,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,EAAE,CAAA;AACtD,CAAC"}

package/dist/core/stores.d.ts

@@ -0,0 +1,18 @@
+import type { SessionRecord, SessionStore, StateRecord, TokenRecord, TokenStore } from "./types";
+export declare class MemoryTokenStore implements TokenStore {
+    private store;
+    get(id: string): Promise<TokenRecord | undefined>;
+    set(id: string, record: TokenRecord): Promise<void>;
+    delete(id: string): Promise<void>;
+}
+export declare class MemorySessionStore implements SessionStore {
+    private sessions;
+    private states;
+    getSession(id: string): Promise<SessionRecord | undefined>;
+    setSession(id: string, record: SessionRecord): Promise<void>;
+    deleteSession(id: string): Promise<void>;
+    getState(id: string): Promise<StateRecord | undefined>;
+    setState(id: string, record: StateRecord): Promise<void>;
+    deleteState(id: string): Promise<void>;
+}
+//# sourceMappingURL=stores.d.ts.map

package/dist/core/stores.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"stores.d.ts","sourceRoot":"","sources":["../../src/core/stores.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,SAAS,CAAA;AAEhG,qBAAa,gBAAiB,YAAW,UAAU;IACjD,OAAO,CAAC,KAAK,CAAiC;IAExC,GAAG,CAAC,EAAE,EAAE,MAAM;IAId,GAAG,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW;IAInC,MAAM,CAAC,EAAE,EAAE,MAAM;CAGxB;AAED,qBAAa,kBAAmB,YAAW,YAAY;IACrD,OAAO,CAAC,QAAQ,CAAmC;IACnD,OAAO,CAAC,MAAM,CAAiC;IAEzC,UAAU,CAAC,EAAE,EAAE,MAAM;IAIrB,UAAU,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa;IAI5C,aAAa,CAAC,EAAE,EAAE,MAAM;IAIxB,QAAQ,CAAC,EAAE,EAAE,MAAM;IAInB,QAAQ,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW;IAIxC,WAAW,CAAC,EAAE,EAAE,MAAM;CAG7B"}

package/dist/core/stores.js

@@ -0,0 +1,39 @@
+export class MemoryTokenStore {
+    constructor() {
+        this.store = new Map();
+    }
+    async get(id) {
+        return this.store.get(id);
+    }
+    async set(id, record) {
+        this.store.set(id, record);
+    }
+    async delete(id) {
+        this.store.delete(id);
+    }
+}
+export class MemorySessionStore {
+    constructor() {
+        this.sessions = new Map();
+        this.states = new Map();
+    }
+    async getSession(id) {
+        return this.sessions.get(id);
+    }
+    async setSession(id, record) {
+        this.sessions.set(id, record);
+    }
+    async deleteSession(id) {
+        this.sessions.delete(id);
+    }
+    async getState(id) {
+        return this.states.get(id);
+    }
+    async setState(id, record) {
+        this.states.set(id, record);
+    }
+    async deleteState(id) {
+        this.states.delete(id);
+    }
+}
+//# sourceMappingURL=stores.js.map

package/dist/core/stores.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"stores.js","sourceRoot":"","sources":["../../src/core/stores.ts"],"names":[],"mappings":"AAEA,MAAM,OAAO,gBAAgB;IAA7B;QACU,UAAK,GAAG,IAAI,GAAG,EAAuB,CAAA;IAahD,CAAC;IAXC,KAAK,CAAC,GAAG,CAAC,EAAU;QAClB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IAC3B,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,EAAU,EAAE,MAAmB;QACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAA;IAC5B,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,EAAU;QACrB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IACvB,CAAC;CACF;AAED,MAAM,OAAO,kBAAkB;IAA/B;QACU,aAAQ,GAAG,IAAI,GAAG,EAAyB,CAAA;QAC3C,WAAM,GAAG,IAAI,GAAG,EAAuB,CAAA;IAyBjD,CAAC;IAvBC,KAAK,CAAC,UAAU,CAAC,EAAU;QACzB,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IAC9B,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,EAAU,EAAE,MAAqB;QAChD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAA;IAC/B,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAAU;QAC5B,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IAC1B,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,EAAU;QACvB,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IAC5B,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,EAAU,EAAE,MAAmB;QAC5C,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAA;IAC7B,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,EAAU;QAC1B,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;IACxB,CAAC;CACF"}

package/dist/core/types.d.ts

@@ -0,0 +1,84 @@
+export type ObulSession = {
+    authenticated: boolean;
+    expiresAt?: number;
+    limits?: {
+        allowed_hosts: string[];
+        max_price_per_request: number;
+    };
+};
+export type TokenRecord = {
+    accessToken: string;
+    refreshToken?: string;
+    expiresAt: number;
+};
+export type SessionRecord = {
+    id: string;
+    tokenId: string;
+    csrfToken: string;
+    expiresAt: number;
+};
+export type StateRecord = {
+    codeVerifier: string;
+    returnTo?: string;
+    createdAt: number;
+};
+export interface TokenStore {
+    get: (id: string) => Promise<TokenRecord | undefined>;
+    set: (id: string, record: TokenRecord) => Promise<void>;
+    delete: (id: string) => Promise<void>;
+}
+export interface SessionStore {
+    getSession: (id: string) => Promise<SessionRecord | undefined>;
+    setSession: (id: string, record: SessionRecord) => Promise<void>;
+    deleteSession: (id: string) => Promise<void>;
+    getState: (id: string) => Promise<StateRecord | undefined>;
+    setState: (id: string, record: StateRecord) => Promise<void>;
+    deleteState: (id: string) => Promise<void>;
+}
+export type Logger = {
+    debug?: (message: string, meta?: unknown) => void;
+    info?: (message: string, meta?: unknown) => void;
+    warn?: (message: string, meta?: unknown) => void;
+    error?: (message: string, meta?: unknown) => void;
+};
+export type CookieOptions = {
+    httpOnly?: boolean;
+    secure?: boolean;
+    sameSite?: "lax" | "strict" | "none";
+    path?: string;
+    domain?: string;
+    maxAge?: number;
+};
+export type ObulServerConfig = {
+    issuerUrl: string;
+    authEndpoint: string;
+    tokenEndpoint: string;
+    revocationEndpoint?: string;
+    apiBaseUrl?: string;
+    clientId: string;
+    clientSecret?: string;
+    redirectUri: string;
+    scopes: string[];
+    cookieName?: string;
+    cookieOptions?: CookieOptions;
+    stateTtlSeconds?: number;
+    sessionTtlSeconds?: number;
+    tokenStore?: TokenStore;
+    sessionStore?: SessionStore;
+    logger?: Logger;
+    postLoginRedirect?: string;
+    postLogoutRedirect?: string;
+    basePath?: string;
+    fetch?: FetchLike;
+    crypto?: CryptoLike;
+    clock?: Clock;
+};
+export type FetchLike = (input: RequestInfo | URL, init?: RequestInit) => Promise<Response>;
+export type CryptoLike = {
+    randomBytes: (length: number) => Uint8Array;
+    sha256: (input: Uint8Array) => Promise<Uint8Array>;
+};
+export type Clock = {
+    now: () => number;
+};
+//# sourceMappingURL=types.d.ts.map

package/dist/core/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/core/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,WAAW,GAAG;IACxB,aAAa,EAAE,OAAO,CAAA;IACtB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE;QACP,aAAa,EAAE,MAAM,EAAE,CAAA;QACvB,qBAAqB,EAAE,MAAM,CAAA;KAC9B,CAAA;CACF,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,WAAW,EAAE,MAAM,CAAA;IACnB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,SAAS,EAAE,MAAM,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,EAAE,EAAE,MAAM,CAAA;IACV,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;CAClB,CAAA;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,YAAY,EAAE,MAAM,CAAA;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;CAClB,CAAA;AAED,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC,CAAA;IACrD,GAAG,EAAE,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IACvD,MAAM,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;CACtC;AAED,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,aAAa,GAAG,SAAS,CAAC,CAAA;IAC9D,UAAU,EAAE,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAChE,aAAa,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAC5C,QAAQ,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC,CAAA;IAC1D,QAAQ,EAAE,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IAC5D,WAAW,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;CAC3C;AAED,MAAM,MAAM,MAAM,GAAG;IACnB,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,IAAI,CAAA;IACjD,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,IAAI,CAAA;IAChD,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,IAAI,CAAA;IAChD,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,KAAK,IAAI,CAAA;CAClD,CAAA;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,MAAM,CAAC,EAAE,OAAO,CAAA;IAChB,QAAQ,CAAC,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAA;IACpC,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,YAAY,EAAE,MAAM,CAAA;IACpB,aAAa,EAAE,MAAM,CAAA;IACrB,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,QAAQ,EAAE,MAAM,CAAA;IAChB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,WAAW,EAAE,MAAM,CAAA;IACnB,MAAM,EAAE,MAAM,EAAE,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,aAAa,CAAC,EAAE,aAAa,CAAA;IAC7B,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,UAAU,CAAC,EAAE,UAAU,CAAA;IACvB,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,kBAAkB,CAAC,EAAE,MAAM,CAAA;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,KAAK,CAAC,EAAE,SAAS,CAAA;IACjB,MAAM,CAAC,EAAE,UAAU,CAAA;IACnB,KAAK,CAAC,EAAE,KAAK,CAAA;CACd,CAAA;AAED,MAAM,MAAM,SAAS,GAAG,CAAC,KAAK,EAAE,WAAW,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAA;AAE3F,MAAM,MAAM,UAAU,GAAG;IACvB,WAAW,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,UAAU,CAAA;IAC3C,MAAM,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,OAAO,CAAC,UAAU,CAAC,CAAA;CACnD,CAAA;AAED,MAAM,MAAM,KAAK,GAAG;IAClB,GAAG,EAAE,MAAM,MAAM,CAAA;CAClB,CAAA"}

package/dist/core/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/core/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/core/types.ts"],"names":[],"mappings":""}

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+export * from "./core";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAA"}

package/dist/index.js

@@ -0,0 +1,2 @@
+export * from "./core";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAA"}

package/dist/server/index.d.ts

@@ -0,0 +1,31 @@
+import type { ObulServerConfig, ObulSession } from "../core/types";
+export type HandleCallbackResult = {
+    ok: boolean;
+    redirectTo?: string;
+    session?: ObulSession;
+    error?: {
+        code: string;
+        message: string;
+    };
+};
+export declare function createObulServer(config: ObulServerConfig): {
+    handle: (request: Request) => Promise<Response>;
+    obulClient: {
+        getAuthUrl: (params: {
+            state: string;
+            codeChallenge: string;
+        }) => string;
+        exchangeCode: (params: {
+            code: string;
+            codeVerifier: string;
+        }) => Promise<import("../core/oauth").TokenResponse>;
+        refresh: (params: {
+            refreshToken: string;
+        }) => Promise<import("../core/oauth").TokenResponse>;
+        revoke: (params: {
+            token: string;
+            tokenTypeHint?: "access_token" | "refresh_token";
+        }) => Promise<void>;
+    };
+};
+//# sourceMappingURL=index.d.ts.map

package/dist/server/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAGV,gBAAgB,EAChB,WAAW,EAMZ,MAAM,eAAe,CAAA;AAQtB,MAAM,MAAM,oBAAoB,GAAG;IACjC,EAAE,EAAE,OAAO,CAAA;IACX,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,OAAO,CAAC,EAAE,WAAW,CAAA;IACrB,KAAK,CAAC,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAA;CAC1C,CAAA;AAED,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,gBAAgB;sBAoXxB,OAAO,KAAG,OAAO,CAAC,QAAQ,CAAC;;;;;;;;;;;;;;;yBA9S5C,CAAC;;;EAkUhB"}