@odx/auth 19.0.0 → 19.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +18 -0
- package/README.md +8 -8
- package/fesm2022/odx-auth-plugins-service-connect.mjs +3 -3
- package/fesm2022/odx-auth.mjs +78 -36
- package/fesm2022/odx-auth.mjs.map +1 -1
- package/index.d.ts +16 -1
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,23 @@
|
|
|
1
1
|
# @odx/auth
|
|
2
2
|
|
|
3
|
+
## 19.1.1
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- 30bf97e: Patch for memory storage
|
|
8
|
+
|
|
9
|
+
## 19.1.0
|
|
10
|
+
|
|
11
|
+
### Minor Changes
|
|
12
|
+
|
|
13
|
+
- e1c2170: Fixed issue with memory storage losing state and sometimes making infinite redirects
|
|
14
|
+
|
|
15
|
+
## 19.0.1
|
|
16
|
+
|
|
17
|
+
### Patch Changes
|
|
18
|
+
|
|
19
|
+
- 48bd858: Deps minor + patch updates
|
|
20
|
+
|
|
3
21
|
## 19.0.0
|
|
4
22
|
|
|
5
23
|
### Major Changes
|
package/README.md
CHANGED
|
@@ -36,21 +36,21 @@ provideAuth({
|
|
|
36
36
|
});
|
|
37
37
|
```
|
|
38
38
|
|
|
39
|
-
By default, access tokens are stored in memory only.
|
|
39
|
+
By default, access tokens are stored in memory only. To opt into persistent browser storage, use a factory to provide `localStorage` or `sessionStorage`:
|
|
40
40
|
|
|
41
41
|
```ts
|
|
42
|
-
import { WindowRef } from '@odx/angular';
|
|
43
|
-
|
|
44
42
|
provideAuth({
|
|
45
|
-
useFactory: (
|
|
46
|
-
environment:
|
|
47
|
-
clientId:
|
|
48
|
-
storage:
|
|
43
|
+
useFactory: (env: ApplicationEnvironment) => ({
|
|
44
|
+
environment: env.environment,
|
|
45
|
+
clientId: env.auth.clientId,
|
|
46
|
+
storage: localStorage, // or sessionStorage
|
|
49
47
|
}),
|
|
50
|
-
deps: [
|
|
48
|
+
deps: [APPLICATION_ENVIRONMENT],
|
|
51
49
|
});
|
|
52
50
|
```
|
|
53
51
|
|
|
52
|
+
For custom storage implementations, see the [angular-oauth2-oidc documentation](https://manfredsteyer.github.io/angular-oauth2-oidc/docs/additional-documentation/configure-custom-oauthstorage.html).
|
|
53
|
+
|
|
54
54
|
The configuration object has the following interface:
|
|
55
55
|
|
|
56
56
|
```ts
|
|
@@ -97,10 +97,10 @@ class ServiceConnectRightsDirective {
|
|
|
97
97
|
set rolesOrRights(value) {
|
|
98
98
|
this.authDirective.authorizationHandler = hasRolesOrRightsHandler(value ?? []);
|
|
99
99
|
}
|
|
100
|
-
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.
|
|
101
|
-
static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.3.
|
|
100
|
+
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: ServiceConnectRightsDirective, deps: [], target: i0.ɵɵFactoryTarget.Directive }); }
|
|
101
|
+
static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.3.18", type: ServiceConnectRightsDirective, isStandalone: true, selector: "ng-template[odxAuthServiceConnectRights]", inputs: { rolesOrRights: ["odxAuthServiceConnectRights", "rolesOrRights"] }, hostDirectives: [{ directive: i1.AuthDirective, inputs: ["odxAuthElse", "odxAuthServiceConnectRightsElse"] }], ngImport: i0 }); }
|
|
102
102
|
}
|
|
103
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.
|
|
103
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: ServiceConnectRightsDirective, decorators: [{
|
|
104
104
|
type: Directive,
|
|
105
105
|
args: [{
|
|
106
106
|
standalone: true,
|
package/fesm2022/odx-auth.mjs
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import * as i1$2 from '@angular/common';
|
|
2
2
|
import { CommonModule, AsyncPipe, NgIf } from '@angular/common';
|
|
3
3
|
import * as i0 from '@angular/core';
|
|
4
|
-
import { inject, EnvironmentInjector, runInInjectionContext, Directive, EventEmitter, HostListener, Output, Input, ViewEncapsulation, ChangeDetectionStrategy, Component, DestroyRef, InjectionToken, provideEnvironmentInitializer, makeEnvironmentProviders, provideAppInitializer, Injectable, input, NgModule } from '@angular/core';
|
|
4
|
+
import { inject, EnvironmentInjector, runInInjectionContext, Directive, EventEmitter, HostListener, Output, Input, ViewEncapsulation, ChangeDetectionStrategy, Component, DestroyRef, InjectionToken, provideEnvironmentInitializer, isDevMode, makeEnvironmentProviders, provideAppInitializer, Injectable, input, NgModule } from '@angular/core';
|
|
5
5
|
import * as i2$1 from '@odx/angular/components/area-header';
|
|
6
6
|
import { AreaHeaderModule } from '@odx/angular/components/area-header';
|
|
7
7
|
import * as i7 from '@odx/angular/components/dropdown';
|
|
@@ -251,10 +251,10 @@ class AuthActionDirective {
|
|
|
251
251
|
this.loadingSpinnerDirective.isLoading = isRedirecting;
|
|
252
252
|
});
|
|
253
253
|
}
|
|
254
|
-
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.
|
|
255
|
-
static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.3.
|
|
254
|
+
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthActionDirective, deps: [], target: i0.ɵɵFactoryTarget.Directive }); }
|
|
255
|
+
static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.3.18", type: AuthActionDirective, isStandalone: true, ngImport: i0 }); }
|
|
256
256
|
}
|
|
257
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.
|
|
257
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthActionDirective, decorators: [{
|
|
258
258
|
type: Directive
|
|
259
259
|
}] });
|
|
260
260
|
|
|
@@ -287,10 +287,10 @@ class SignInDirective extends AuthActionDirective {
|
|
|
287
287
|
this.authService.signIn();
|
|
288
288
|
this.afterSignIn.next();
|
|
289
289
|
}
|
|
290
|
-
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.
|
|
291
|
-
static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.3.
|
|
290
|
+
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: SignInDirective, deps: null, target: i0.ɵɵFactoryTarget.Directive }); }
|
|
291
|
+
static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.3.18", type: SignInDirective, isStandalone: true, selector: "[odxButton][odxAuthSignIn]", outputs: { afterSignIn: "odxAuthSignIn" }, host: { listeners: { "click": "handleClick()" } }, usesInheritance: true, hostDirectives: [{ directive: i1.LoadingSpinnerDirective }], ngImport: i0 }); }
|
|
292
292
|
}
|
|
293
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.
|
|
293
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: SignInDirective, decorators: [{
|
|
294
294
|
type: Directive,
|
|
295
295
|
args: [{
|
|
296
296
|
standalone: true,
|
|
@@ -332,10 +332,10 @@ class SignOutDirective extends AuthActionDirective {
|
|
|
332
332
|
this.authService.signOut();
|
|
333
333
|
this.afterSignOut.next();
|
|
334
334
|
}
|
|
335
|
-
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.
|
|
336
|
-
static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.3.
|
|
335
|
+
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: SignOutDirective, deps: null, target: i0.ɵɵFactoryTarget.Directive }); }
|
|
336
|
+
static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.3.18", type: SignOutDirective, isStandalone: true, selector: "[odxAuthSignOut]", outputs: { afterSignOut: "odxAuthSignOut" }, host: { listeners: { "click": "handleClick()" } }, usesInheritance: true, hostDirectives: [{ directive: i1.LoadingSpinnerDirective }], ngImport: i0 }); }
|
|
337
337
|
}
|
|
338
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.
|
|
338
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: SignOutDirective, decorators: [{
|
|
339
339
|
type: Directive,
|
|
340
340
|
args: [{
|
|
341
341
|
standalone: true,
|
|
@@ -364,13 +364,13 @@ let AuthActionsComponent = class AuthActionsComponent {
|
|
|
364
364
|
*/
|
|
365
365
|
this.claims = null;
|
|
366
366
|
}
|
|
367
|
-
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.
|
|
368
|
-
static { this.ɵcmp = i0.ɵɵngDeclareComponent({ minVersion: "17.0.0", version: "20.3.
|
|
367
|
+
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthActionsComponent, deps: [], target: i0.ɵɵFactoryTarget.Component }); }
|
|
368
|
+
static { this.ɵcmp = i0.ɵɵngDeclareComponent({ minVersion: "17.0.0", version: "20.3.18", type: AuthActionsComponent, isStandalone: true, selector: "odx-auth-actions", inputs: { claims: "claims" }, ngImport: i0, template: "<odx-list>\n @if (claims?.userProfileUrl; as url) {\n <a odxListItem data-testid=\"odx-auth-user-profile-link\" [href]=\"url\" rel=\"noopener\" target=\"_blank\">\n <odx-icon name=\"core::user-administration\" odxListItemPrefix />\n {{ 'userProfileLink' | odxTranslate | async }}\n </a>\n }\n <button odxListItem odxAuthSignOut data-testid=\"odx-auth-sign-out-button\" style=\"width: 100%\">\n <odx-icon name=\"core::logout\" odxListItemPrefix />\n {{ 'signOutButtonText' | odxTranslate | async }}\n </button>\n</odx-list>\n", dependencies: [{ kind: "ngmodule", type: CoreModule }, { kind: "ngmodule", type: ListModule }, { kind: "component", type: i1$1.ListComponent, selector: "odx-list" }, { kind: "component", type: i1$1.ListItemComponent, selector: "odx-list-item, [odxListItem]", inputs: ["variant", "muted", "selected"] }, { kind: "component", type: i2.IconComponent, selector: "odx-icon", inputs: ["size", "name", "set", "identifier"] }, { kind: "directive", type: SignOutDirective, selector: "[odxAuthSignOut]", outputs: ["odxAuthSignOut"] }, { kind: "pipe", type: i1$2.AsyncPipe, name: "async" }, { kind: "pipe", type: TranslatePipe, name: "odxTranslate" }], changeDetection: i0.ChangeDetectionStrategy.OnPush, encapsulation: i0.ViewEncapsulation.None }); }
|
|
369
369
|
};
|
|
370
370
|
AuthActionsComponent = __decorate([
|
|
371
371
|
CSSComponent('auth-actions')
|
|
372
372
|
], AuthActionsComponent);
|
|
373
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.
|
|
373
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthActionsComponent, decorators: [{
|
|
374
374
|
type: Component,
|
|
375
375
|
args: [{ standalone: true, selector: 'odx-auth-actions', imports: [CoreModule, ListModule, TranslatePipe, SignOutDirective], changeDetection: ChangeDetectionStrategy.OnPush, encapsulation: ViewEncapsulation.None, template: "<odx-list>\n @if (claims?.userProfileUrl; as url) {\n <a odxListItem data-testid=\"odx-auth-user-profile-link\" [href]=\"url\" rel=\"noopener\" target=\"_blank\">\n <odx-icon name=\"core::user-administration\" odxListItemPrefix />\n {{ 'userProfileLink' | odxTranslate | async }}\n </a>\n }\n <button odxListItem odxAuthSignOut data-testid=\"odx-auth-sign-out-button\" style=\"width: 100%\">\n <odx-icon name=\"core::logout\" odxListItemPrefix />\n {{ 'signOutButtonText' | odxTranslate | async }}\n </button>\n</odx-list>\n" }]
|
|
376
376
|
}], propDecorators: { claims: [{
|
|
@@ -407,16 +407,50 @@ class AuthLoadingScreenComponent {
|
|
|
407
407
|
}
|
|
408
408
|
});
|
|
409
409
|
}
|
|
410
|
-
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.
|
|
411
|
-
static { this.ɵcmp = i0.ɵɵngDeclareComponent({ minVersion: "17.0.0", version: "20.3.
|
|
410
|
+
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthLoadingScreenComponent, deps: [], target: i0.ɵɵFactoryTarget.Component }); }
|
|
411
|
+
static { this.ɵcmp = i0.ɵɵngDeclareComponent({ minVersion: "17.0.0", version: "20.3.18", type: AuthLoadingScreenComponent, isStandalone: true, selector: "div.odx-auth-loading-screen", host: { properties: { "@hostAnimation": "true" } }, ngImport: i0, template: "<div class=\"odx-auth-loading-screen__content\" odxLayout=\"grid 12 horizontal-center vertical-center gap-small\">\n <odx-logo size=\"large\" />\n <odx-circular-progress class=\"odx-auth-loading-screen__spinner\" value=\"-1\" size=\"medium\" stroke=\"3\">\n <odx-icon [name]=\"icon$ | async\" />\n </odx-circular-progress>\n @if (authConfig.loadingScreenMessage; as content) {\n <p class=\"odx-auth-loading-screen__message\">\n <ng-template [odxDynamicView]=\"content\" />\n </p>\n }\n</div>\n", styles: ["@keyframes odx-auth-loading-screen-animation{0%{opacity:0;transform:translate(-50%,-50%) scale(.9)}to{opacity:1;transform:translate(-50%,-50%)}}.odx-auth-loading-screen{--odx-c-highlight: var(--odx-c-primary);background-color:var(--odx-c-background-content);inset:0;position:fixed;z-index:var(--odx-z-level-topmost)}.odx-auth-loading-screen__content{animation:odx-auth-loading-screen-animation .75s ease;left:50%;position:absolute;top:50%;transform:translate(-50%,-50%)}.odx-auth-loading-screen__message{text-align:center}.odx-auth-loading-screen__spinner{position:relative}.odx-auth-loading-screen__spinner .odx-icon{left:50%;position:absolute;top:50%;transform:translate(-50%,-50%)}\n"], dependencies: [{ kind: "ngmodule", type: CommonModule }, { kind: "component", type: IconComponent, selector: "odx-icon", inputs: ["size", "name", "set", "identifier"] }, { kind: "directive", type: LogoDirective, selector: "odx-logo", inputs: ["size", "variant"] }, { kind: "component", type: CircularProgressComponent, selector: "odx-circular-progress", inputs: ["stroke", "size", "value"] }, { kind: "directive", type: DynamicViewDirective, selector: "ng-template[odxDynamicView]", inputs: ["odxDynamicView", "odxDynamicViewInjector", "odxDynamicViewContext"] }, { kind: "pipe", type: i1$2.AsyncPipe, name: "async" }], animations: [trigger('hostAnimation', [transition(':leave', useAnimation(fadeOut()))])], changeDetection: i0.ChangeDetectionStrategy.OnPush, encapsulation: i0.ViewEncapsulation.None }); }
|
|
412
412
|
}
|
|
413
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.
|
|
413
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthLoadingScreenComponent, decorators: [{
|
|
414
414
|
type: Component,
|
|
415
415
|
args: [{ standalone: true, selector: 'div.odx-auth-loading-screen', imports: [CommonModule, IconComponent, LogoDirective, CircularProgressComponent, DynamicViewDirective], changeDetection: ChangeDetectionStrategy.OnPush, encapsulation: ViewEncapsulation.None, host: {
|
|
416
416
|
'[@hostAnimation]': 'true',
|
|
417
417
|
}, animations: [trigger('hostAnimation', [transition(':leave', useAnimation(fadeOut()))])], template: "<div class=\"odx-auth-loading-screen__content\" odxLayout=\"grid 12 horizontal-center vertical-center gap-small\">\n <odx-logo size=\"large\" />\n <odx-circular-progress class=\"odx-auth-loading-screen__spinner\" value=\"-1\" size=\"medium\" stroke=\"3\">\n <odx-icon [name]=\"icon$ | async\" />\n </odx-circular-progress>\n @if (authConfig.loadingScreenMessage; as content) {\n <p class=\"odx-auth-loading-screen__message\">\n <ng-template [odxDynamicView]=\"content\" />\n </p>\n }\n</div>\n", styles: ["@keyframes odx-auth-loading-screen-animation{0%{opacity:0;transform:translate(-50%,-50%) scale(.9)}to{opacity:1;transform:translate(-50%,-50%)}}.odx-auth-loading-screen{--odx-c-highlight: var(--odx-c-primary);background-color:var(--odx-c-background-content);inset:0;position:fixed;z-index:var(--odx-z-level-topmost)}.odx-auth-loading-screen__content{animation:odx-auth-loading-screen-animation .75s ease;left:50%;position:absolute;top:50%;transform:translate(-50%,-50%)}.odx-auth-loading-screen__message{text-align:center}.odx-auth-loading-screen__spinner{position:relative}.odx-auth-loading-screen__spinner .odx-icon{left:50%;position:absolute;top:50%;transform:translate(-50%,-50%)}\n"] }]
|
|
418
418
|
}] });
|
|
419
419
|
|
|
420
|
+
/**
|
|
421
|
+
* A hybrid storage implementation that keeps tokens in memory (cleared on page refresh)
|
|
422
|
+
* but persists only the OAuth flow keys (state, nonce, code_verifier) to sessionStorage
|
|
423
|
+
* so they survive the auth server redirect.
|
|
424
|
+
* Actual tokens remain memory only and are cleared on page refresh.
|
|
425
|
+
*/
|
|
426
|
+
class HybridMemoryStorage {
|
|
427
|
+
constructor() {
|
|
428
|
+
this.memoryStorage = new MemoryStorage();
|
|
429
|
+
this.persistKeys = ['state', 'nonce', 'PKCE_verifier'];
|
|
430
|
+
}
|
|
431
|
+
getItem(key) {
|
|
432
|
+
if (this.persistKeys.includes(key)) {
|
|
433
|
+
return sessionStorage.getItem(key) ?? this.memoryStorage.getItem(key);
|
|
434
|
+
}
|
|
435
|
+
return this.memoryStorage.getItem(key);
|
|
436
|
+
}
|
|
437
|
+
setItem(key, value) {
|
|
438
|
+
this.memoryStorage.setItem(key, value);
|
|
439
|
+
if (this.persistKeys.includes(key)) {
|
|
440
|
+
sessionStorage.setItem(key, value);
|
|
441
|
+
}
|
|
442
|
+
}
|
|
443
|
+
removeItem(key) {
|
|
444
|
+
this.memoryStorage.removeItem(key);
|
|
445
|
+
sessionStorage.removeItem(key);
|
|
446
|
+
}
|
|
447
|
+
clear() {
|
|
448
|
+
this.persistKeys.forEach((key) => {
|
|
449
|
+
sessionStorage.removeItem(key);
|
|
450
|
+
});
|
|
451
|
+
}
|
|
452
|
+
}
|
|
453
|
+
|
|
420
454
|
/**
|
|
421
455
|
* A factory function that creates a core debug plugin for the authentication service.
|
|
422
456
|
* This plugin logs detailed information about the user's identity claims and tokens.
|
|
@@ -557,7 +591,13 @@ function initializeAuthConfig() {
|
|
|
557
591
|
* Creates the OAuth storage instance for the authentication module.
|
|
558
592
|
*/
|
|
559
593
|
function createAuthStorage() {
|
|
560
|
-
|
|
594
|
+
const { storage } = injectAuthConfig();
|
|
595
|
+
if (!storage && isDevMode()) {
|
|
596
|
+
console.warn(`[@odx/auth] OAuthStorage is using the default in-memory strategy.\n` +
|
|
597
|
+
`Users will be logged out on page refresh — this is the expected behavior for this storage type.\n` +
|
|
598
|
+
`To persist sessions across refreshes, provide your preferred storage via the 'storage' option in provideAuth({ storage: ... }).`);
|
|
599
|
+
}
|
|
600
|
+
return storage ?? new HybridMemoryStorage();
|
|
561
601
|
}
|
|
562
602
|
/**
|
|
563
603
|
* Provides the authentication configuration and dependencies.
|
|
@@ -628,10 +668,10 @@ class AuthPluginManager {
|
|
|
628
668
|
runPlugin(authService, plugin) {
|
|
629
669
|
return plugin(authService).pipe(isNumber(this.authConfig.pluginTimeout) ? timeout(Math.max(0, this.authConfig.pluginTimeout)) : tap(), catchError((error) => this.handlePluginError(error)));
|
|
630
670
|
}
|
|
631
|
-
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.
|
|
632
|
-
static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.3.
|
|
671
|
+
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthPluginManager, deps: [], target: i0.ɵɵFactoryTarget.Injectable }); }
|
|
672
|
+
static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthPluginManager, providedIn: 'root' }); }
|
|
633
673
|
}
|
|
634
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.
|
|
674
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthPluginManager, decorators: [{
|
|
635
675
|
type: Injectable,
|
|
636
676
|
args: [{ providedIn: 'root' }]
|
|
637
677
|
}] });
|
|
@@ -759,6 +799,7 @@ class AuthService {
|
|
|
759
799
|
this.assertAudience(config.clientId);
|
|
760
800
|
this.oauthService.configure({ ...config, openUri: this.redirectToLogin.bind(this) });
|
|
761
801
|
this.isAuthServerUnavailable$$.next(false);
|
|
802
|
+
let redirectTriggeredDuringInit = false;
|
|
762
803
|
try {
|
|
763
804
|
await this.oauthService.loadDiscoveryDocument(this.authConfig.discoveryUrl);
|
|
764
805
|
await this.oauthService.tryLogin();
|
|
@@ -775,10 +816,11 @@ class AuthService {
|
|
|
775
816
|
(error.type === 'token_refresh_error' || (error instanceof HttpErrorResponse && (error.status === 401 || error.status === 400)))) {
|
|
776
817
|
this.signOut(true);
|
|
777
818
|
this.autoSignIn(this.windowRef.location.pathname);
|
|
819
|
+
redirectTriggeredDuringInit = true;
|
|
778
820
|
}
|
|
779
821
|
}
|
|
780
822
|
this.isInitialized$$.next(true);
|
|
781
|
-
if (this.authConfig.requireSignIn && !this.isAuthenticated()) {
|
|
823
|
+
if (!redirectTriggeredDuringInit && this.authConfig.requireSignIn && !this.isAuthenticated()) {
|
|
782
824
|
this.autoSignIn(this.windowRef.location.pathname);
|
|
783
825
|
}
|
|
784
826
|
await this.tryLoadUserProfile();
|
|
@@ -971,7 +1013,7 @@ class AuthService {
|
|
|
971
1013
|
}
|
|
972
1014
|
}
|
|
973
1015
|
shouldSkipAutoSignIn() {
|
|
974
|
-
return this.isAuthServerUnavailable$$.value || !this.windowRef.isOnline();
|
|
1016
|
+
return this.isAuthServerUnavailable$$.value || !this.windowRef.isOnline() || this.isRedirecting$$.value;
|
|
975
1017
|
}
|
|
976
1018
|
setAuthServerUnavailable(error) {
|
|
977
1019
|
const status = this.resolveAuthErrorStatus(error);
|
|
@@ -993,10 +1035,10 @@ class AuthService {
|
|
|
993
1035
|
}
|
|
994
1036
|
return undefined;
|
|
995
1037
|
}
|
|
996
|
-
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.
|
|
997
|
-
static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.3.
|
|
1038
|
+
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthService, deps: [], target: i0.ɵɵFactoryTarget.Injectable }); }
|
|
1039
|
+
static { this.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthService, providedIn: 'root' }); }
|
|
998
1040
|
}
|
|
999
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.
|
|
1041
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthService, decorators: [{
|
|
1000
1042
|
type: Injectable,
|
|
1001
1043
|
args: [{ providedIn: 'root' }]
|
|
1002
1044
|
}], ctorParameters: () => [] });
|
|
@@ -1116,10 +1158,10 @@ class AuthComponent {
|
|
|
1116
1158
|
*/
|
|
1117
1159
|
this.hideInstitution = input(false, ...(ngDevMode ? [{ debugName: "hideInstitution" }] : []));
|
|
1118
1160
|
}
|
|
1119
|
-
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.
|
|
1120
|
-
static { this.ɵcmp = i0.ɵɵngDeclareComponent({ minVersion: "17.0.0", version: "20.3.
|
|
1161
|
+
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthComponent, deps: [], target: i0.ɵɵFactoryTarget.Component }); }
|
|
1162
|
+
static { this.ɵcmp = i0.ɵɵngDeclareComponent({ minVersion: "17.0.0", version: "20.3.18", type: AuthComponent, isStandalone: true, selector: "odx-auth", inputs: { hideInstitution: { classPropertyName: "hideInstitution", publicName: "hideInstitution", isSignal: true, isRequired: false, transformFunction: null } }, providers: [provideTranslations(translations)], ngImport: i0, template: "<odx-action-group>\n @if (vm$ | async; as vm) {\n <ng-container ngProjectAs=\"[odxButton]\">\n @if (vm.isAuthenticated) {\n <button odxButton [odxDropdown]=\"userProfileMenu\" [odxDropdownOptions]=\"dropdownOptions\" data-testid=\"odx-auth-user-profile-button\">\n <ng-template [ngTemplateOutlet]=\"userAvatar\" />\n </button>\n } @else {\n <button class=\"odx-auth-sign-in\" odxButton odxAuthSignIn variant=\"secondary\" data-testid=\"odx-auth-sign-in-button\">\n <odx-icon name=\"core::user\" alignLeft />\n {{ 'signInButtonText' | odxTranslate | async }}\n </button>\n }\n <ng-template #userProfileMenu>\n @if (!hideInstitution() && vm.idClaims?.institutionName; as institutionName) {\n <p class=\"odx-padding-x-8\" data-testid=\"odx-auth-institution-name\">{{ institutionName }}</p>\n }\n <odx-area-header class=\"odx-padding-x-8 odx-margin-y-12\" size=\"small\">\n <ng-template [ngTemplateOutlet]=\"userAvatar\" ngProjectAs=\"odx-avatar\" />\n {{ vm.idClaims?.username }}\n <odx-area-header-subtitle>\n {{ vm.idClaims?.email }}\n </odx-area-header-subtitle>\n </odx-area-header>\n <ng-content />\n <odx-auth-actions [claims]=\"vm.idClaims\" />\n </ng-template>\n <ng-template #userAvatar>\n <odx-avatar class=\"odx-auth-user-avatar\">\n {{ vm.idClaims?.initials ?? '' }}\n </odx-avatar>\n </ng-template>\n </ng-container>\n }\n</odx-action-group>\n", styles: [".odx-auth-user-profile .odx-dropdown__inner{border-block-width:var(--odx-control-border-width);max-width:max(400px,25vw);min-width:320px}\n"], dependencies: [{ kind: "ngmodule", type: AreaHeaderModule }, { kind: "directive", type: i1$2.NgTemplateOutlet, selector: "[ngTemplateOutlet]", inputs: ["ngTemplateOutletContext", "ngTemplateOutlet", "ngTemplateOutletInjector"] }, { kind: "component", type: i2$1.AreaHeaderComponent, selector: "odx-area-header", inputs: ["size"] }, { kind: "directive", type: i2$1.AreaHeaderSubtitleDirective, selector: "odx-area-header-subtitle" }, { kind: "component", type: i3.AvatarComponent, selector: "odx-avatar", inputs: ["size", "variant"] }, { kind: "component", type: i4.ActionGroupComponent, selector: "odx-action-group", inputs: ["reverse"] }, { kind: "component", type: i5.ButtonComponent, selector: "button[odxButton], a[odxButton]", inputs: ["variant", "size"] }, { kind: "component", type: i2.IconComponent, selector: "odx-icon", inputs: ["size", "name", "set", "identifier"] }, { kind: "ngmodule", type: DropdownModule }, { kind: "directive", type: i7.DropdownDirective, selector: "[odxDropdown]", inputs: ["odxDropdown", "odxDropdownDisabled", "odxDropdownShowLoader", "odxDropdownClickOutsideActive", "odxDropdownOptions", "odxDropdownReferenceElement", "odxDropdownTriggerElement", "odxDropdownHost", "odxDropdownOpenTrigger", "odxDropdownCloseTrigger"], outputs: ["odxDropdownBeforeOpen", "odxDropdownAfterOpen", "odxDropdownBeforeClose", "odxDropdownAfterClose"], exportAs: ["odxDropdown"] }, { kind: "ngmodule", type: HeaderModule }, { kind: "directive", type: SignInDirective, selector: "[odxButton][odxAuthSignIn]", outputs: ["odxAuthSignIn"] }, { kind: "ngmodule", type: LoadingSpinnerModule }, { kind: "component", type: AuthActionsComponent, selector: "odx-auth-actions", inputs: ["claims"] }, { kind: "pipe", type: i1$2.AsyncPipe, name: "async" }, { kind: "pipe", type: TranslatePipe, name: "odxTranslate" }], changeDetection: i0.ChangeDetectionStrategy.OnPush, encapsulation: i0.ViewEncapsulation.None }); }
|
|
1121
1163
|
}
|
|
1122
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.
|
|
1164
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthComponent, decorators: [{
|
|
1123
1165
|
type: Component,
|
|
1124
1166
|
args: [{ standalone: true, selector: 'odx-auth', imports: [AreaHeaderModule, DropdownModule, HeaderModule, SignInDirective, LoadingSpinnerModule, AuthActionsComponent, TranslatePipe, AsyncPipe], changeDetection: ChangeDetectionStrategy.OnPush, encapsulation: ViewEncapsulation.None, providers: [provideTranslations(translations)], template: "<odx-action-group>\n @if (vm$ | async; as vm) {\n <ng-container ngProjectAs=\"[odxButton]\">\n @if (vm.isAuthenticated) {\n <button odxButton [odxDropdown]=\"userProfileMenu\" [odxDropdownOptions]=\"dropdownOptions\" data-testid=\"odx-auth-user-profile-button\">\n <ng-template [ngTemplateOutlet]=\"userAvatar\" />\n </button>\n } @else {\n <button class=\"odx-auth-sign-in\" odxButton odxAuthSignIn variant=\"secondary\" data-testid=\"odx-auth-sign-in-button\">\n <odx-icon name=\"core::user\" alignLeft />\n {{ 'signInButtonText' | odxTranslate | async }}\n </button>\n }\n <ng-template #userProfileMenu>\n @if (!hideInstitution() && vm.idClaims?.institutionName; as institutionName) {\n <p class=\"odx-padding-x-8\" data-testid=\"odx-auth-institution-name\">{{ institutionName }}</p>\n }\n <odx-area-header class=\"odx-padding-x-8 odx-margin-y-12\" size=\"small\">\n <ng-template [ngTemplateOutlet]=\"userAvatar\" ngProjectAs=\"odx-avatar\" />\n {{ vm.idClaims?.username }}\n <odx-area-header-subtitle>\n {{ vm.idClaims?.email }}\n </odx-area-header-subtitle>\n </odx-area-header>\n <ng-content />\n <odx-auth-actions [claims]=\"vm.idClaims\" />\n </ng-template>\n <ng-template #userAvatar>\n <odx-avatar class=\"odx-auth-user-avatar\">\n {{ vm.idClaims?.initials ?? '' }}\n </odx-avatar>\n </ng-template>\n </ng-container>\n }\n</odx-action-group>\n", styles: [".odx-auth-user-profile .odx-dropdown__inner{border-block-width:var(--odx-control-border-width);max-width:max(400px,25vw);min-width:320px}\n"] }]
|
|
1125
1167
|
}], propDecorators: { hideInstitution: [{ type: i0.Input, args: [{ isSignal: true, alias: "hideInstitution", required: false }] }] } });
|
|
@@ -1151,10 +1193,10 @@ class AuthDirective {
|
|
|
1151
1193
|
this.ngIfDirective.ngIf = this.authService.isAuthorized(handler);
|
|
1152
1194
|
});
|
|
1153
1195
|
}
|
|
1154
|
-
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.
|
|
1155
|
-
static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.3.
|
|
1196
|
+
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthDirective, deps: [], target: i0.ɵɵFactoryTarget.Directive }); }
|
|
1197
|
+
static { this.ɵdir = i0.ɵɵngDeclareDirective({ minVersion: "14.0.0", version: "20.3.18", type: AuthDirective, isStandalone: true, selector: "ng-template[odxAuth]", inputs: { authorizationHandler: ["odxAuth", "authorizationHandler"], elseTemplate: ["odxAuthElse", "elseTemplate"] }, hostDirectives: [{ directive: i1$2.NgIf }], ngImport: i0 }); }
|
|
1156
1198
|
}
|
|
1157
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.
|
|
1199
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthDirective, decorators: [{
|
|
1158
1200
|
type: Directive,
|
|
1159
1201
|
args: [{
|
|
1160
1202
|
standalone: true,
|
|
@@ -1209,11 +1251,11 @@ function authGuard(authorizedHandler, redirectTo, isExternal = false) {
|
|
|
1209
1251
|
|
|
1210
1252
|
const modules = [AuthComponent, AuthDirective, SignInDirective, SignOutDirective];
|
|
1211
1253
|
class AuthModule {
|
|
1212
|
-
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.
|
|
1213
|
-
static { this.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "20.3.
|
|
1214
|
-
static { this.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "20.3.
|
|
1254
|
+
static { this.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthModule, deps: [], target: i0.ɵɵFactoryTarget.NgModule }); }
|
|
1255
|
+
static { this.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "20.3.18", ngImport: i0, type: AuthModule, imports: [AuthComponent, AuthDirective, SignInDirective, SignOutDirective], exports: [AuthComponent, AuthDirective, SignInDirective, SignOutDirective] }); }
|
|
1256
|
+
static { this.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthModule, imports: [AuthComponent] }); }
|
|
1215
1257
|
}
|
|
1216
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.
|
|
1258
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "20.3.18", ngImport: i0, type: AuthModule, decorators: [{
|
|
1217
1259
|
type: NgModule,
|
|
1218
1260
|
args: [{
|
|
1219
1261
|
imports: [...modules],
|
|
@@ -1257,5 +1299,5 @@ function unauthGuard(authorizedHandler, redirectTo, isExternal = false) {
|
|
|
1257
1299
|
* Generated bundle index. Do not edit.
|
|
1258
1300
|
*/
|
|
1259
1301
|
|
|
1260
|
-
export { AUTH_HTTP_HEADER, AuthActionDirective, AuthActionsComponent, AuthComponent, AuthConfig, AuthDefaultConfig, AuthDirective, AuthEnvironment, AuthLoadingScreenComponent, AuthModule, AuthPluginManager, AuthService, ODX_AUTH_CORE_PLUGINS, ODX_AUTH_DEFAULT_SCOPES, ODX_AUTH_ERROR_HANDLERS, ODX_AUTH_HOSTS, ODX_AUTH_PLUGINS, ODX_AUTH_PLUGINS_ERROR_HANDLER, ODX_AUTH_USER_PROFILE_HOSTS, SignInDirective, SignOutDirective, authGuard, authInterceptor, coreDebugPlugin, coreIdentityPlugin, createAuthHostUrl, createAuthStorage, createInitials, handleAuthError, handleOAuthEvent, initializeAuthConfig, initializeAuthErrorHandlers, injectAuthConfig, offlineAuthErrorHandler, provideAuth, provideAuthConfig, provideAuthLogger, requireAuthentication, resolveEmail, resolveUsername, setHttpAuthHeader, unauthGuard, userLanguageLoader, userProfileUrlPlugin };
|
|
1302
|
+
export { AUTH_HTTP_HEADER, AuthActionDirective, AuthActionsComponent, AuthComponent, AuthConfig, AuthDefaultConfig, AuthDirective, AuthEnvironment, AuthLoadingScreenComponent, AuthModule, AuthPluginManager, AuthService, HybridMemoryStorage, ODX_AUTH_CORE_PLUGINS, ODX_AUTH_DEFAULT_SCOPES, ODX_AUTH_ERROR_HANDLERS, ODX_AUTH_HOSTS, ODX_AUTH_PLUGINS, ODX_AUTH_PLUGINS_ERROR_HANDLER, ODX_AUTH_USER_PROFILE_HOSTS, SignInDirective, SignOutDirective, authGuard, authInterceptor, coreDebugPlugin, coreIdentityPlugin, createAuthHostUrl, createAuthStorage, createInitials, handleAuthError, handleOAuthEvent, initializeAuthConfig, initializeAuthErrorHandlers, injectAuthConfig, offlineAuthErrorHandler, provideAuth, provideAuthConfig, provideAuthLogger, requireAuthentication, resolveEmail, resolveUsername, setHttpAuthHeader, unauthGuard, userLanguageLoader, userProfileUrlPlugin };
|
|
1261
1303
|
//# sourceMappingURL=odx-auth.mjs.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"odx-auth.mjs","sources":["../../../../libs/auth/src/lib/helpers/create-auth-host-url.ts","../../../../libs/auth/src/lib/helpers/create-inititals.ts","../../../../libs/auth/src/lib/helpers/handle-auth-error.ts","../../../../libs/auth/src/lib/helpers/handle-oauth-event.ts","../../../../libs/auth/src/lib/helpers/resolve-email.ts","../../../../libs/auth/src/lib/helpers/resolve-username.ts","../../../../libs/auth/src/lib/helpers/set-http-auth-header.ts","../../../../libs/auth/src/lib/models/auth-environment.ts","../../../../libs/auth/src/lib/auth.interceptor.ts","../../../../libs/auth/src/lib/auth.logger.ts","../../../../libs/auth/src/lib/directives/auth-action.directive.ts","../../../../libs/auth/src/lib/directives/sign-in.directive.ts","../../../../libs/auth/src/lib/directives/sign-out.directive.ts","../../../../libs/auth/src/lib/components/auth-actions/auth-actions.component.ts","../../../../libs/auth/src/lib/components/auth-actions/auth-actions.component.html","../../../../libs/auth/src/lib/components/auth-loading-screen/auth-loading-screen.component.ts","../../../../libs/auth/src/lib/components/auth-loading-screen/auth-loading-screen.component.html","../../../../libs/auth/src/lib/plugins/core-debug.plugin.ts","../../../../libs/auth/src/lib/plugins/core-identity.plugin.ts","../../../../libs/auth/src/lib/plugins/user-profile-link.plugin.ts","../../../../libs/auth/src/lib/auth.providers.ts","../../../../libs/auth/src/lib/models/auth-plugin-manager.ts","../../../../libs/auth/src/lib/models/offline-auth-error-handler.ts","../../../../libs/auth/src/lib/auth.service.ts","../../../../libs/auth/src/lib/helpers/user-language-loader.ts","../../../../libs/auth/src/lib/auth.config.ts","../../../../libs/auth/src/lib/auth.i18n.ts","../../../../libs/auth/src/lib/auth.component.ts","../../../../libs/auth/src/lib/auth.component.html","../../../../libs/auth/src/lib/auth.directive.ts","../../../../libs/auth/src/lib/auth.guard.ts","../../../../libs/auth/src/lib/auth.module.ts","../../../../libs/auth/src/lib/unauth.guard.ts","../../../../libs/auth/src/odx-auth.ts"],"sourcesContent":["import { buildUrl } from '@odx/angular/utils';\nimport { ODX_AUTH_HOSTS } from '../auth.config';\nimport { AuthEnvironment } from '../models';\n\n/**\n * Creates an authentication host URL based on the provided environment and URL segments.\n *\n * @param {AuthEnvironment} environment - The authentication environment (e.g., 'development', 'production').\n * @param {string[]} segments - Additional URL segments to append to the base URL.\n * @returns {string} The constructed authentication host URL.\n *\n * @example\n * ```ts\n * createAuthHostUrl('dev', 'api', 'v1', 'users'); // returns 'https://dev-auth.odx.com/api/v1/users'\n * ```\n */\nexport function createAuthHostUrl(environment: AuthEnvironment, ...segments: string[]): string {\n return buildUrl(ODX_AUTH_HOSTS[environment], ...segments);\n}\n","/**\n * Creates initials from a given string.\n *\n * This function takes a string input, removes any text within parentheses,\n * trims any leading or trailing whitespace, and then splits the string into\n * parts based on spaces. It then constructs initials using the first letter\n * of the first and last parts of the string, converting them to uppercase.\n *\n * @param {string | null} value - The input string from which to create initials. It can be\n * undefined or null, in which case an empty string is returned.\n * @returns {string} - A string containing the initials derived from the input string.\n *\n * @example\n * ```ts\n * createInitials('John Smith'); // returns 'JS'\n * ```\n */\nexport function createInitials(value?: string | null): string {\n if (!value) return '';\n const parts = value\n .replace(/\\([^()]*\\)/, '')\n .trim()\n .split(' ');\n\n return parts.reduce((initials, curr, index) => {\n if (index === 0 || index === parts.length - 1) {\n initials += curr[0].toUpperCase();\n }\n return initials;\n }, '');\n}\n","import { EnvironmentInjector, inject, runInInjectionContext } from '@angular/core';\nimport { OAuthErrorEvent } from 'angular-oauth2-oidc';\nimport { AuthErrorHandlerFn } from '../auth.config';\n\n/**\n * Handles authentication errors by executing a series of error handler functions.\n *\n * @param {AuthErrorHandlerFn[]} handlers - An array of functions that handle authentication errors.\n * Each function is expected to take an `OAuthErrorEvent` as an argument.\n *\n * @returns A function that takes an `OAuthErrorEvent` and processes it using the provided handlers.\n * The function will stop processing once a handler successfully handles the error without throwing.\n * If a handler throws an error that is not an instance of `OAuthErrorEvent`, the original error is re-thrown.\n */\nexport function handleAuthError(handlers: AuthErrorHandlerFn[]): (error: OAuthErrorEvent) => void {\n const injector = inject(EnvironmentInjector);\n\n return (error) => {\n runInInjectionContext(injector, () => {\n for (const handler of handlers) {\n try {\n handler(error);\n break;\n } catch (unhandledError) {\n if (!(unhandledError instanceof OAuthErrorEvent)) throw error;\n continue;\n }\n }\n });\n };\n}\n","import { OAuthEvent } from 'angular-oauth2-oidc';\nimport { filter, Observable, OperatorFunction, switchMap } from 'rxjs';\n\n/**\n * Handles OAuth events of a specific type by applying a provided handler function.\n *\n * @template {T} - The type of OAuth event.\n * @param {T['type']} type - The type of the OAuth event to handle.\n * @param {(event: T) => Promise<void>} handler - A function that takes an event of type T and returns a Promise that resolves to void.\n * @returns {OperatorFunction<T, void>} - An OperatorFunction that filters events of the specified type and applies the handler function.\n */\nexport function handleOAuthEvent<T extends OAuthEvent>(type: T['type'], handler: (event: T) => Promise<void>): OperatorFunction<T, void> {\n return (source$: Observable<T>) =>\n source$.pipe(\n filter((event) => event.type === type),\n switchMap((event) => handler(event)),\n );\n}\n","import { isString } from '@odx/angular/utils';\n\n/**\n * Resolves the email address from the given identity claims.\n *\n * This function attempts to extract an email address from the provided\n * `OdxAuth.RawIdentityClaims` object by checking the following properties\n * in order:\n * 1. `email` - if it is a string, it is returned.\n * 2. `email_address` - if it is a string, it is returned.\n * 3. `emails` - if it is an array and the first element is a string, the first element is returned.\n *\n * If none of these properties contain a valid string email address, an empty string is returned.\n *\n * @param {OdxAuth.RawIdentityClaims} claims - The identity claims object from which to resolve the email address.\n * @returns {string} - The resolved email address as a string, or an empty string if no valid email address is found.\n *\n * @example\n * ```ts\n * resolveEmail({ email_address: 'email.address@mdn.com' }) // returns 'email.address@mdn.com';\n * ```\n */\nexport function resolveEmail(claims: OdxAuth.RawIdentityClaims): string {\n if (isString(claims['email'])) {\n return claims['email'];\n }\n if (isString(claims['email_address'])) {\n return claims['email_address'];\n }\n if (Array.isArray(claims['emails']) && isString(claims['emails'][0])) {\n return claims['emails'][0];\n }\n return '';\n}\n","import { isString } from '@odx/angular/utils';\n\n/**\n * Resolves the username from the provided identity claims.\n *\n * The function attempts to construct a username from the claims in the following order:\n * 1. If both 'firstname' and 'lastname' are strings, it returns them concatenated with a space.\n * 2. If both 'given_name' and 'family_name' are strings, it returns them concatenated with a space.\n * 3. If 'name' is a string, it returns the 'name'.\n * 4. If 'displayname' is a string, it returns the 'displayname'.\n * 5. If none of the above conditions are met, it returns an empty string.\n *\n * @param {OdxAuth.RawIdentityClaims} claims - The raw identity claims from which to resolve the username.\n * @returns {string} - The resolved username as a string.\n *\n * @example\n * ```ts\n * resolveUsername({ firstname: 'John', lastname: 'Doe' }) // returns 'John Doe';\n * resolveUsername({ given_name: 'John', family_name: 'Doe' }) // returns 'John Doe';\n * resolveUsername({ name: 'John Doe' }) // returns 'John Doe';\n * resolveUsername({ displayname: 'John Doe' }) // returns 'John Doe';\n * ```\n */\nexport function resolveUsername(claims: OdxAuth.RawIdentityClaims): string {\n if (isString(claims['firstname']) && isString(claims['lastname'])) {\n return `${claims['firstname']} ${claims['lastname']}`;\n }\n if (isString(claims['given_name']) && isString(claims['family_name'])) {\n return `${claims['given_name']} ${claims['family_name']}`;\n }\n if (isString(claims['name'])) {\n return claims['name'];\n }\n if (isString(claims['displayname'])) {\n return claims['displayname'];\n }\n\n return '';\n}\n","import { HttpRequest } from '@angular/common/http';\nimport { AUTH_HTTP_HEADER } from '../auth.config';\n\n/**\n * Sets the HTTP Authorization header for a given request.\n *\n * @template R - The type of the request, which extends HttpRequest<T> or Request.\n * @template T - The type of the request body.\n * @param {R} req - The HTTP request to which the Authorization header will be added.\n * @param {string | null} [token] - The token to be used in the Authorization header. If no token is provided, the request is returned unchanged.\n * @returns {R} - The modified HTTP request with the Authorization header set, or the original request if no token is provided.\n */\nexport function setHttpAuthHeader<R extends HttpRequest<T> | Request, T>(req: R, token?: string | null): R {\n if (!token) return req;\n const header = `Bearer ${token}`;\n if (req instanceof HttpRequest) {\n return req.clone({ headers: req.headers.set(AUTH_HTTP_HEADER, header) }) as R;\n }\n req.headers.set(AUTH_HTTP_HEADER, header);\n\n return req;\n}\n","import { Environment } from '@odx/angular';\n\nexport type AuthEnvironment = (typeof AuthEnvironment)[keyof typeof AuthEnvironment];\nexport const AuthEnvironment = Environment;\n","import { HttpContextToken, HttpInterceptorFn } from '@angular/common/http';\nimport { inject } from '@angular/core';\nimport { matchUrl } from '@odx/angular/utils';\nimport { mergeMap } from 'rxjs';\nimport { injectAuthConfig } from './auth.config';\nimport { AuthService } from './auth.service';\n\nexport const requireAuthentication = new HttpContextToken<boolean>(() => false);\n\n/**\n * Interceptor to handle authentication for HTTP requests.\n *\n * This interceptor checks if the request URL is allowed or if the request requires authentication.\n * If the URL is not allowed and the request does not require authentication, it simply forwards the request.\n * Otherwise, it prepares the authentication request using the AuthService.\n */\nexport const authInterceptor: HttpInterceptorFn = (req, next) => {\n const { allowedUrls, requireSignInForRequests } = injectAuthConfig();\n const isUrlAllowed = allowedUrls.some((allowedUrl) => matchUrl(req.url, allowedUrl));\n if (!isUrlAllowed && !req.context.get(requireAuthentication)) {\n return next(req);\n }\n\n return inject(AuthService).prepareAuthRequest$(req, requireSignInForRequests).pipe(mergeMap(next));\n};\n","import { Logger } from '@odx/angular/internal';\n\nexport default new Logger('@odx/auth');\n","import { AfterViewInit, Directive, inject } from '@angular/core';\nimport { LoadingSpinnerDirective } from '@odx/angular/components/loading-spinner';\nimport { untilDestroyed } from '@odx/angular/utils';\nimport { AuthService } from '../auth.service';\n\n/**\n * An abstract directive that integrates with the `LoadingSpinnerDirective` and `AuthService` to manage loading states based on authentication redirection.\n *\n * This directive automatically sets the `autoColor` property of the `LoadingSpinnerDirective` to `true` and subscribes to the `isRedirecting$` observable from the `AuthService`.\n * When `isRedirecting$` emits a value, it updates the `isLoading` property of the `LoadingSpinnerDirective`.\n */\n@Directive()\nexport abstract class AuthActionDirective implements AfterViewInit {\n private readonly takeUntilDestroyed = untilDestroyed();\n private readonly loadingSpinnerDirective = inject(LoadingSpinnerDirective, { self: true });\n protected readonly authService = inject(AuthService);\n\n public ngAfterViewInit(): void {\n this.loadingSpinnerDirective.autoColor = true;\n this.authService.isRedirecting$.pipe(this.takeUntilDestroyed()).subscribe((isRedirecting) => {\n this.loadingSpinnerDirective.isLoading = isRedirecting;\n });\n }\n\n protected abstract handleClick(): void;\n}\n","/**\n * A directive that handles the sign-in action for a button element.\n *\n * This directive extends the `AuthActionDirective` and uses the `LoadingSpinnerDirective`\n * to show a loading spinner during the sign-in process.\n *\n * @see {AuthActionDirective}\n * @see {LoadingSpinnerDirective}\n *\n * @example\n * ```html\n * <button odxButton odxAuthSignIn (odxAuthSignIn)=\"onSignIn()\">Sign In</button>\n * ```\n */\nimport { Directive, EventEmitter, HostListener, Output } from '@angular/core';\nimport { LoadingSpinnerDirective } from '@odx/angular/components/loading-spinner';\nimport { AuthActionDirective } from './auth-action.directive';\n\n@Directive({\n standalone: true,\n selector: '[odxButton][odxAuthSignIn]',\n hostDirectives: [LoadingSpinnerDirective],\n})\nexport class SignInDirective extends AuthActionDirective {\n /**\n * Emits an event after the sign-in action is completed.\n *\n * @type {EventEmitter<void>}\n */\n // eslint-disable-next-line @angular-eslint/no-output-rename\n @Output('odxAuthSignIn')\n public afterSignIn = new EventEmitter<void>();\n\n @HostListener('click')\n protected override handleClick(): void {\n this.authService.signIn();\n this.afterSignIn.next();\n }\n}\n","import { Directive, EventEmitter, HostListener, Output } from '@angular/core';\nimport { LoadingSpinnerDirective } from '@odx/angular/components/loading-spinner';\nimport { AuthActionDirective } from './auth-action.directive';\n\n/**\n * A directive that handles the sign-out action for a button element.\n *\n * This directive extends the `AuthActionDirective` and uses the `LoadingSpinnerDirective`\n * to show a loading spinner during the sign-out process.\n *\n * @see {AuthActionDirective}\n * @see {LoadingSpinnerDirective}\n *\n * @example\n * ```html\n * <button odxButton odxAuthSignOut (odxAuthSignOut)=\"onSignOut()\">Sign Out</button>\n * ```\n */\n@Directive({\n standalone: true,\n selector: '[odxAuthSignOut]',\n hostDirectives: [LoadingSpinnerDirective],\n})\nexport class SignOutDirective extends AuthActionDirective {\n /**\n * Emits an event after the sign-out action is completed.\n *\n */\n @Output('odxAuthSignOut')\n public afterSignOut = new EventEmitter<void>();\n\n @HostListener('click')\n protected override handleClick(): void {\n this.authService.signOut();\n this.afterSignOut.next();\n }\n}\n","import { ChangeDetectionStrategy, Component, Input, ViewEncapsulation } from '@angular/core';\nimport { CoreModule } from '@odx/angular';\nimport { ListModule } from '@odx/angular/components/list';\nimport { CSSComponent } from '@odx/angular/internal';\nimport { TranslatePipe } from '@odx/angular/internal/translate';\nimport { injectElement } from '@odx/angular/utils';\nimport { SignOutDirective } from '../../directives';\n\n/**\n * Displays authentication actions.\n */\n@CSSComponent('auth-actions')\n@Component({\n standalone: true,\n selector: 'odx-auth-actions',\n imports: [CoreModule, ListModule, TranslatePipe, SignOutDirective],\n templateUrl: './auth-actions.component.html',\n changeDetection: ChangeDetectionStrategy.OnPush,\n encapsulation: ViewEncapsulation.None,\n})\nexport class AuthActionsComponent {\n public readonly element = injectElement();\n\n /**\n * The identity claims.\n *\n * @type {OdxAuth.IdentityClaims | null}\n * @default null\n */\n @Input()\n public claims: OdxAuth.IdentityClaims | null = null;\n}\n","<odx-list>\n @if (claims?.userProfileUrl; as url) {\n <a odxListItem data-testid=\"odx-auth-user-profile-link\" [href]=\"url\" rel=\"noopener\" target=\"_blank\">\n <odx-icon name=\"core::user-administration\" odxListItemPrefix />\n {{ 'userProfileLink' | odxTranslate | async }}\n </a>\n }\n <button odxListItem odxAuthSignOut data-testid=\"odx-auth-sign-out-button\" style=\"width: 100%\">\n <odx-icon name=\"core::logout\" odxListItemPrefix />\n {{ 'signOutButtonText' | odxTranslate | async }}\n </button>\n</odx-list>\n","import { transition, trigger, useAnimation } from '@angular/animations';\nimport { CommonModule } from '@angular/common';\nimport { ChangeDetectionStrategy, Component, ViewEncapsulation, inject } from '@angular/core';\nimport { fadeOut } from '@odx/angular/animations';\nimport { DynamicViewDirective, DynamicViewRef, DynamicViewService } from '@odx/angular/cdk/dynamic-view';\nimport { CircularProgressComponent } from '@odx/angular/components/circular-progress';\nimport { IconComponent } from '@odx/angular/components/icon';\nimport { LogoDirective } from '@odx/angular/components/logo';\nimport { map } from 'rxjs';\nimport { injectAuthConfig } from '../../auth.config';\nimport { AuthService } from '../../auth.service';\n\n/**\n * Authentication loading screen.\n *\n * This component displays a loading screen with animations and dynamic content\n * based on the authentication state.\n */\n@Component({\n standalone: true,\n // eslint-disable-next-line @angular-eslint/component-selector\n selector: 'div.odx-auth-loading-screen',\n imports: [CommonModule, IconComponent, LogoDirective, CircularProgressComponent, DynamicViewDirective],\n templateUrl: './auth-loading-screen.component.html',\n styleUrls: ['./auth-loading-screen.component.scss'],\n changeDetection: ChangeDetectionStrategy.OnPush,\n encapsulation: ViewEncapsulation.None,\n host: {\n '[@hostAnimation]': 'true',\n },\n animations: [trigger('hostAnimation', [transition(':leave', useAnimation(fadeOut()))])],\n})\nexport class AuthLoadingScreenComponent {\n private static instance: DynamicViewRef<typeof AuthLoadingScreenComponent> | null = null;\n\n protected readonly authConfig = injectAuthConfig();\n protected readonly icon$ = inject(AuthService).isRedirecting$.pipe(map((isRedirecting) => (isRedirecting ? 'core::link-external' : 'core::user')));\n\n /**\n * Initializes the authentication loading screen.\n *\n * @param {AuthService} authService - The authentication service.\n * @param {DynamicViewService} dynamicViewService - The dynamic view service used to create the loading screen.\n * @static\n */\n public static initialize(authService: AuthService, dynamicViewService: DynamicViewService): void {\n authService.isLoading$.subscribe((isLoading) => {\n if (isLoading) {\n AuthLoadingScreenComponent.instance ??= dynamicViewService.createView(AuthLoadingScreenComponent);\n } else {\n AuthLoadingScreenComponent.instance?.destroy();\n AuthLoadingScreenComponent.instance = null;\n }\n });\n }\n}\n","<div class=\"odx-auth-loading-screen__content\" odxLayout=\"grid 12 horizontal-center vertical-center gap-small\">\n <odx-logo size=\"large\" />\n <odx-circular-progress class=\"odx-auth-loading-screen__spinner\" value=\"-1\" size=\"medium\" stroke=\"3\">\n <odx-icon [name]=\"icon$ | async\" />\n </odx-circular-progress>\n @if (authConfig.loadingScreenMessage; as content) {\n <p class=\"odx-auth-loading-screen__message\">\n <ng-template [odxDynamicView]=\"content\" />\n </p>\n }\n</div>\n","import { DestroyRef, inject } from '@angular/core';\nimport { takeUntilDestroyed } from '@angular/core/rxjs-interop';\nimport { Subscription, of } from 'rxjs';\nimport logger from '../auth.logger';\nimport { AuthPluginFactory } from '../models';\n\n/**\n * A factory function that creates a core debug plugin for the authentication service.\n * This plugin logs detailed information about the user's identity claims and tokens.\n *\n * @remarks\n * This plugin is intended for debugging purposes only and should not be used in production environments.\n *\n * @returns {AuthPluginFactory} A function that takes an authentication service and sets up logging for identity claims and tokens.\n */\nexport const coreDebugPlugin: AuthPluginFactory = () => {\n logger.warn('DEBUG MODE ENABLED - DO NOT USE IN PRODUCTION!');\n const destroyRef = inject(DestroyRef);\n let instance: Subscription | null = null;\n\n return (authService) => {\n instance ??= authService.identityClaims$.pipe(takeUntilDestroyed(destroyRef)).subscribe((claims) => {\n logger.info(`User: ${claims?.username} (${claims?.email})`);\n logger.group('Identity claims', (log) => log(claims), false);\n logger.group('Access token', (log) => log(authService.getAccessToken()));\n logger.group('Refresh token', (log) => log(authService.getRefreshToken()));\n logger.group('ID token', (log) => log(authService.getIdToken()));\n });\n\n return of({});\n };\n};\n","import { of } from 'rxjs';\nimport { injectAuthConfig } from '../auth.config';\nimport { AuthPluginFactory } from '../models';\n\n/**\n * Core identity plugin for authentication.\n *\n * This plugin extracts and processes identity claims from the authentication service.\n *\n * @returns {AuthPluginFactory} A factory function that returns an observable with the processed identity claims.\n */\nexport const coreIdentityPlugin: AuthPluginFactory = () => {\n const { resolveEmail, resolveUsername, createInitials } = injectAuthConfig();\n\n return (authService) => {\n const claims = authService.getRawIdentityClaims();\n if (!claims) return of({});\n const username = resolveUsername(claims);\n\n return of({ email: resolveEmail(claims), username, initials: createInitials(username) });\n };\n};\n","import { of } from 'rxjs';\nimport { ODX_AUTH_USER_PROFILE_HOSTS, injectAuthConfig } from '../auth.config';\nimport { AuthPluginFactory } from '../models';\n\n/**\n * A plugin factory that generates a user profile URL plugin.\n *\n * This plugin retrieves the user profile URL from the authentication configuration.\n * If the user profile URL is not specified in the configuration, it falls back to\n * using the default URL for the current environment from `ODX_AUTH_USER_PROFILE_HOSTS`.\n *\n * @returns A function that returns an observable emitting an object containing the user profile URL.\n */\nexport const userProfileUrlPlugin: AuthPluginFactory = () => {\n const { environment, userProfileUrl } = injectAuthConfig();\n return () => {\n return of({ userProfileUrl: userProfileUrl ?? ODX_AUTH_USER_PROFILE_HOSTS[environment] });\n };\n};\n","import { provideHttpClient, withInterceptors } from '@angular/common/http';\nimport { EnvironmentProviders, InjectionToken, inject, makeEnvironmentProviders, provideAppInitializer, provideEnvironmentInitializer } from '@angular/core';\nimport { WindowRef } from '@odx/angular';\nimport { DynamicViewService } from '@odx/angular/cdk/dynamic-view';\nimport { ConfigDependencies, ConfigProvider, buildUrl } from '@odx/angular/utils';\nimport { MemoryStorage, OAuthStorage, provideOAuthClient } from 'angular-oauth2-oidc';\nimport { tap } from 'rxjs';\nimport { AuthConfig, AuthErrorHandlerFn, ODX_AUTH_DEFAULT_SCOPES, injectAuthConfig, provideAuthConfig } from './auth.config';\nimport { authInterceptor } from './auth.interceptor';\nimport logger from './auth.logger';\nimport { AuthService } from './auth.service';\nimport { AuthLoadingScreenComponent } from './components';\nimport { createAuthHostUrl, handleAuthError } from './helpers';\nimport { AuthPlugin, AuthPluginErrorHandler, AuthPluginFactory, offlineAuthErrorHandler } from './models';\nimport { coreDebugPlugin, coreIdentityPlugin, userProfileUrlPlugin } from './plugins';\n\nexport const ODX_AUTH_ERROR_HANDLERS = new InjectionToken<AuthErrorHandlerFn[]>('@odx/auth::ErrorHandlers', {\n providedIn: 'root',\n factory: () => {\n const { errorHandler } = injectAuthConfig();\n\n return [offlineAuthErrorHandler, errorHandler];\n },\n});\n\nexport const ODX_AUTH_PLUGINS_ERROR_HANDLER = new InjectionToken<AuthPluginErrorHandler | null>('@odx/auth::PluginsErrorHandler', {\n providedIn: 'root',\n factory: () => injectAuthConfig().pluginsErrorHandler ?? null,\n});\n\nexport const ODX_AUTH_CORE_PLUGINS = new InjectionToken<AuthPluginFactory[]>('@odx/auth::CorePlugins', {\n providedIn: 'root',\n factory: () => {\n const { showDebugInformation } = injectAuthConfig();\n const plugins = [coreIdentityPlugin, userProfileUrlPlugin];\n if (showDebugInformation) {\n plugins.push(coreDebugPlugin);\n }\n\n return plugins;\n },\n});\n\nexport const ODX_AUTH_PLUGINS = new InjectionToken<AuthPlugin[]>('@odx/auth::Plugins', {\n providedIn: 'root',\n factory: () => {\n const { plugins } = injectAuthConfig();\n const corePlugins = inject(ODX_AUTH_CORE_PLUGINS);\n\n return [...corePlugins, ...plugins].map((pluginFactory) => pluginFactory());\n },\n});\n\n/**\n * Provides a logger for the authentication module.\n *\n * @returns {EnvironmentProviders} - The provider for the logger.\n */\nexport function provideAuthLogger(): EnvironmentProviders {\n return provideEnvironmentInitializer(() => {\n const { showDebugInformation } = injectAuthConfig();\n if (!showDebugInformation) logger.disable();\n });\n}\n\n/**\n * Initializes the authentication error handlers.\n */\nexport function initializeAuthErrorHandlers(): void {\n const authService = inject(AuthService);\n const handler = handleAuthError(inject(ODX_AUTH_ERROR_HANDLERS));\n\n authService.errors$.pipe(tap((error) => handler(error))).subscribe();\n}\n\n/**\n * Initializes the authentication configuration.\n *\n * @returns {() => Promise<void>} - A function that returns a promise resolving when the configuration is initialized.\n */\nexport function initializeAuthConfig(): () => Promise<void> {\n const { clientId, scopes, redirectPath, environment, postLogoutRedirectUrl, issuer, timeoutFactor, discoveryUrl, enableLoadingScreen } = injectAuthConfig();\n const authService = inject(AuthService);\n const redirectUri = buildUrl(inject(WindowRef).getOrigin(), redirectPath);\n const scope = Array.from(new Set(ODX_AUTH_DEFAULT_SCOPES.concat(scopes ?? []))).join(' ');\n if (enableLoadingScreen) {\n AuthLoadingScreenComponent.initialize(authService, inject(DynamicViewService));\n }\n return () =>\n authService.initialize({\n clientId,\n issuer: issuer ?? createAuthHostUrl(environment, 'oauth2/default'),\n scope,\n redirectUri,\n postLogoutRedirectUri: postLogoutRedirectUrl,\n preserveRequestedRoute: true,\n strictDiscoveryDocumentValidation: !discoveryUrl,\n responseType: 'code',\n showDebugInformation: false,\n timeoutFactor,\n waitForTokenInMsec: 1000,\n });\n}\n\n/**\n * Creates the OAuth storage instance for the authentication module.\n */\nexport function createAuthStorage(): OAuthStorage {\n return injectAuthConfig().storage ?? new MemoryStorage();\n}\n\n/**\n * Provides the authentication configuration and dependencies.\n *\n * @param {ConfigProvider<Partial<AuthConfig>, D>} config - The configuration provider.\n * @returns {EnvironmentProviders} The environment providers for authentication.\n * @template D - Dependency types used by the config factory.\n *\n * @example Provide the authentication configuration and dependencies\n * ```ts\n * providers: [\n * provideAuth({\n * useFactory: ({ environment, auth: { clientId, loadUserProfile } }: ApplicationEnvironment) => ({\n * environment,\n * clientId,\n * loadUserProfile,\n * }),\n * deps: [APPLICATION_ENVIRONMENT],\n * }),\n * ],\n * ```\n */\nexport function provideAuth<D extends ConfigDependencies>(config: ConfigProvider<Partial<AuthConfig>, D>): EnvironmentProviders {\n return makeEnvironmentProviders([\n provideAuthConfig(config),\n provideAuthLogger(),\n provideOAuthClient({ resourceServer: { sendAccessToken: false, allowedUrls: [] } }),\n provideHttpClient(withInterceptors([authInterceptor])),\n provideAppInitializer(() => initializeAuthConfig()()),\n {\n provide: OAuthStorage,\n useFactory: () => createAuthStorage(),\n },\n ]);\n}\n","import { inject, Injectable } from '@angular/core';\nimport { isNumber } from '@odx/angular/utils';\nimport { deepmerge } from 'deepmerge-ts';\nimport { BehaviorSubject, catchError, combineLatest, distinctUntilChanged, filter, map, Observable, of, share, switchMap, take, tap, timeout } from 'rxjs';\nimport { injectAuthConfig } from '../auth.config';\nimport { ODX_AUTH_PLUGINS, ODX_AUTH_PLUGINS_ERROR_HANDLER } from '../auth.providers';\nimport { AuthService } from '../auth.service';\n\nexport type AuthPlugin = (authService: AuthService) => Observable<Partial<OdxAuth.AuthPluginResult>>;\nexport type AuthPluginFactory = () => AuthPlugin;\nexport type AuthPluginError = unknown;\nexport type AuthPluginErrorHandler = (error: AuthPluginError) => void;\n\n@Injectable({ providedIn: 'root' })\nexport class AuthPluginManager {\n private readonly authConfig = injectAuthConfig();\n private readonly pluginsErrorHandler = inject(ODX_AUTH_PLUGINS_ERROR_HANDLER, { optional: true });\n private readonly plugins = inject(ODX_AUTH_PLUGINS);\n private readonly result$$ = new BehaviorSubject<OdxAuth.AuthPluginResult | null>(null);\n\n public readonly pluginsReady$ = this.result$$.pipe(filter(Boolean), map(Boolean), distinctUntilChanged(), share());\n public readonly pluginsLoading$ = this.result$$.pipe(\n map((result) => !result),\n distinctUntilChanged(),\n share(),\n );\n\n public runPlugins(authService: AuthService): Observable<OdxAuth.AuthPluginResult> {\n if (this.plugins.length < 1) {\n return of({} as OdxAuth.AuthPluginResult);\n }\n return authService.waitForAccessToken$(false).pipe(\n switchMap((token) => {\n if (!token) return of([{}]);\n return combineLatest(this.plugins.map((plugin) => this.runPlugin(authService, plugin)));\n }),\n map((results) => deepmerge(...results) as OdxAuth.AuthPluginResult),\n tap((result) => this.result$$.next(result)),\n take(1),\n );\n }\n\n public getResult(): OdxAuth.AuthPluginResult {\n return this.result$$.getValue() ?? ({} as OdxAuth.AuthPluginResult);\n }\n\n private handlePluginError(error?: unknown): Observable<OdxAuth.AuthPluginResult> {\n try {\n this.pluginsErrorHandler?.(error);\n } catch {\n //\n }\n\n return of({} as OdxAuth.AuthPluginResult);\n }\n\n private runPlugin(authService: AuthService, plugin: AuthPlugin): ReturnType<AuthPlugin> {\n return plugin(authService).pipe(\n isNumber(this.authConfig.pluginTimeout) ? timeout(Math.max(0, this.authConfig.pluginTimeout)) : tap(),\n catchError((error) => this.handlePluginError(error)),\n );\n }\n}\n","import { HttpErrorResponse } from '@angular/common/http';\nimport { AuthErrorHandlerFn } from '../auth.config';\n\nexport const offlineAuthErrorHandler: AuthErrorHandlerFn = (error) => {\n if (error.type === 'discovery_document_load_error' && (error.reason as HttpErrorResponse)?.status === 504) {\n return;\n }\n throw error;\n};\n","import { HttpErrorResponse, HttpRequest } from '@angular/common/http';\nimport { Injectable, inject } from '@angular/core';\nimport { Router } from '@angular/router';\nimport { WindowRef } from '@odx/angular';\nimport { AuthConfig, OAuthErrorEvent, OAuthService, TokenResponse } from 'angular-oauth2-oidc';\nimport { deepmerge } from 'deepmerge-ts';\nimport {\n BehaviorSubject,\n Observable,\n catchError,\n combineLatest,\n distinctUntilChanged,\n filter,\n fromEvent,\n map,\n merge,\n of,\n share,\n shareReplay,\n startWith,\n switchMap,\n take,\n tap,\n timeout,\n} from 'rxjs';\nimport { injectAuthConfig } from './auth.config';\nimport { setHttpAuthHeader } from './helpers';\nimport { AuthPluginManager, AuthorizedHandler } from './models';\n\n/**\n * The `AuthService` class provides authentication functionality for an Angular application.\n * It handles OAuth2/OIDC authentication, token management, and user identity claims.\n *\n * Key responsibilities include:\n * - Initializing authentication with a provided configuration.\n * - Managing tokens (access, refresh, and ID tokens).\n * - Checking and emitting authentication and authorization states.\n * - Handling user login and logout flows.\n * - Supporting silent refresh and offline authentication scenarios.\n * - Integrating authentication plugins via `AuthPluginManager`.\n *\n * @example\n * ```typescript\n * // Injecting the AuthService\n * constructor(private authService: AuthService) {}\n *\n * // Using the AuthService to initialize authentication\n * async ngOnInit() {\n * const config: AuthConfig = { clientId: 'your-client-id', discoveryUrl: 'https://example.com/.well-known/openid-configuration' };\n * await this.authService.initialize(config);\n * }\n * ```\n */\n@Injectable({ providedIn: 'root' })\nexport class AuthService {\n private readonly authConfig = injectAuthConfig();\n private readonly authPluginManager = inject(AuthPluginManager);\n private readonly oauthService = inject(OAuthService);\n private readonly router = inject(Router);\n private readonly windowRef = inject(WindowRef);\n\n private readonly isInitialized$$ = new BehaviorSubject(false);\n private readonly isRedirecting$$ = new BehaviorSubject(false);\n private readonly isAuthServerUnavailable$$ = new BehaviorSubject(false);\n private readonly onAccessTokenUpdate$ = fromEvent<StorageEvent>(this.windowRef.nativeWindow, 'storage').pipe(\n filter(({ key }) => key === 'access_token' || key === null),\n startWith(null),\n share(),\n );\n private readonly silentRefreshHandler$ = this.isInitialized$$.pipe(\n filter(Boolean),\n switchMap(() => this.windowRef.isOnline$),\n tap((isOnline) => this.updateSilentRefresh(isOnline)),\n );\n private readonly onAuthStateChange$ = combineLatest([this.oauthService.events.pipe(startWith(null)), this.windowRef.isOnline$, this.onAccessTokenUpdate$]);\n\n /**\n * Emits `true` when the service has completed initialization.\n * Emits `false` until the initialization is complete.\n *\n * @type {Observable<boolean>}\n */\n public readonly isInitialized$ = this.isInitialized$$.pipe(filter(Boolean), distinctUntilChanged());\n\n /**\n * Emits `true` when the user is being redirected to the login page.\n * Emits `false` when there is no redirection in progress.\n *\n * @type {Observable<boolean>}\n */\n public readonly isRedirecting$ = this.isRedirecting$$.pipe(distinctUntilChanged(), shareReplay({ bufferSize: 1, refCount: true }));\n\n /**\n * Emits `true` when the auth server is unavailable.\n * Emits `false` when the auth server is reachable again.\n *\n * @type {Observable<boolean>}\n */\n public readonly isAuthServerUnavailable$ = this.isAuthServerUnavailable$$.pipe(distinctUntilChanged(), shareReplay({ bufferSize: 1, refCount: true }));\n\n /**\n * Emits `true` when the application is in a loading state (e.g., during redirection or plugin initialization).\n * Emits `false` when there is no ongoing loading activity.\n *\n * @type {Observable<boolean>}\n */\n public readonly isLoading$ = merge(this.isRedirecting$, this.authPluginManager.pluginsLoading$).pipe(distinctUntilChanged());\n\n /**\n * Emits `true` when the user is authenticated.\n * Emits `false` when the user is not authenticated.\n *\n * @type {Observable<boolean>}\n */\n public readonly isAuthenticated$ = this.isInitialized$.pipe(\n switchMap(() => this.authPluginManager.pluginsReady$),\n switchMap(() => this.onAuthStateChange$),\n map(() => this.isAuthenticated()),\n distinctUntilChanged(),\n shareReplay({ bufferSize: 1, refCount: true }),\n );\n\n /**\n * Emits the identity claims of the authenticated user.\n * If the user is not authenticated, emits `null`.\n *\n * @type {Observable<OdxAuth.IdentityClaims | null>}\n */\n public readonly identityClaims$ = this.isAuthenticated$.pipe(\n map(() => this.getIdentityClaims()),\n shareReplay({ bufferSize: 1, refCount: true }),\n );\n\n /**\n * Emits OAuth error events.\n *\n * @type {Observable<OAuthErrorEvent>}\n */\n public readonly errors$ = this.oauthService.events.pipe(\n filter((event): event is OAuthErrorEvent => event instanceof OAuthErrorEvent),\n share(),\n );\n\n /**\n * Emits events when an OAuth token is successfully received.\n *\n * @type {Observable<Event>}\n */\n public readonly onTokenReceived$ = this.oauthService.events.pipe(\n filter((event) => event.type === 'token_received'),\n share(),\n );\n\n /**\n * Emits whenever the `access_token` storage entry is updated or cleared.\n * Important note - This relies on browser storage events (e.g., localStorage) when available.\n * By default the library uses in-memory storage, which does not emit storage events.\n * To enable this functionality, configure the library to use a browser storage mechanism that supports events.\n *\n * @type {Observable<StorageEvent | null>}\n */\n public get accessTokenUpdate$(): Observable<StorageEvent | null> {\n return this.onAccessTokenUpdate$;\n }\n\n constructor() {\n this.runPlugins();\n this.silentRefreshHandler$.subscribe();\n this.onTokenReceived$.subscribe(() => this.isAuthServerUnavailable$$.next(false));\n }\n\n /**\n * Initializes the authentication service with the provided configuration.\n *\n * @param {AuthConfig} config - The authentication configuration object.\n * @returns {Promise<void>} Resolves when initialization is complete.\n */\n public async initialize(config: AuthConfig): Promise<void> {\n this.assertAudience(config.clientId);\n this.oauthService.configure({ ...config, openUri: this.redirectToLogin.bind(this) });\n this.isAuthServerUnavailable$$.next(false);\n try {\n await this.oauthService.loadDiscoveryDocument(this.authConfig.discoveryUrl);\n await this.oauthService.tryLogin();\n if (this.authConfig.refreshTokenOnInit) {\n await this.tryRefreshToken();\n }\n } catch (error) {\n const isServerUnavailable = this.setAuthServerUnavailable(error);\n if (!(error instanceof HttpErrorResponse || error instanceof OAuthErrorEvent)) {\n throw error;\n }\n if (\n !isServerUnavailable &&\n (error.type === 'token_refresh_error' || (error instanceof HttpErrorResponse && (error.status === 401 || error.status === 400)))\n ) {\n this.signOut(true);\n this.autoSignIn(this.windowRef.location.pathname);\n }\n }\n this.isInitialized$$.next(true);\n if (this.authConfig.requireSignIn && !this.isAuthenticated()) {\n this.autoSignIn(this.windowRef.location.pathname);\n }\n await this.tryLoadUserProfile();\n await this.routeToRequestedUrl();\n }\n\n /**\n * Runs all authentication plugins registered in the `AuthPluginManager`.\n */\n public runPlugins(): void {\n this.authPluginManager.runPlugins(this).subscribe();\n }\n\n /**\n * Returns the issuer URL for the OAuth server.\n *\n * @returns {URL} The issuer URL.\n */\n public getIssuer(): URL {\n return new URL(this.oauthService.issuer!);\n }\n\n /**\n * Initiates the login flow for the user. Redirects to the login page.\n *\n * @param {string} [url] - The URL to redirect back to after login.\n */\n public signIn(url?: string): void {\n this.oauthService.initLoginFlow(url);\n }\n\n /**\n * Attempts to sign in automatically when the auth server is available.\n * Skips auto sign-in when the auth server is unreachable to avoid login loops.\n */\n public autoSignIn(url?: string): void {\n if (this.shouldSkipAutoSignIn()) return;\n this.signIn(url);\n }\n\n /**\n * Logs the user out and clears their tokens.\n *\n * @param {boolean} [noRedirect] - If `true`, no redirection occurs after logout.\n */\n public signOut(noRedirect?: boolean): void {\n this.oauthService.revokeTokenAndLogout(noRedirect || !this.getAccessToken());\n }\n\n /**\n * Attempts to refresh the user's tokens.\n *\n * @returns {Promise<TokenResponse>} Resolves with the new token response.\n */\n public async refreshTokens(): Promise<TokenResponse> {\n return this.oauthService.refreshToken();\n }\n\n /**\n * Retrieves the current access token, if available.\n *\n * @returns {string | null} The access token, or `null` if not available.\n */\n public getAccessToken(): string | null {\n return this.oauthService.getAccessToken() ?? null;\n }\n\n /**\n * Retrieves the current refresh token, if available.\n *\n * @returns {string | null} The refresh token, or `null` if not available.\n */\n public getRefreshToken(): string | null {\n return this.oauthService.getRefreshToken() ?? null;\n }\n\n /**\n * Retrieves the current ID token, if available.\n *\n * @returns {string | null} The ID token, or `null` if not available.\n */\n public getIdToken(): string | null {\n return this.oauthService.getIdToken() ?? null;\n }\n\n /**\n * Retrieves the identity claims of the authenticated user.\n *\n * @returns {OdxAuth.IdentityClaims | null} The identity claims, or `null` if not available.\n */\n public getIdentityClaims(): OdxAuth.IdentityClaims | null {\n if (!this.getIdToken()) return null;\n return deepmerge(this.oauthService.getIdentityClaims(), this.authPluginManager.getResult()) as OdxAuth.IdentityClaims;\n }\n\n /**\n * Retrieves the raw identity claims of the authenticated user.\n *\n * @returns {OdxAuth.RawIdentityClaims | null} The raw identity claims, or `null` if not available.\n */\n public getRawIdentityClaims(): OdxAuth.RawIdentityClaims | null {\n if (!this.getIdToken()) return null;\n return this.oauthService.getIdentityClaims();\n }\n\n /**\n * Checks if the user is currently authenticated.\n *\n * @returns {boolean} `true` if authenticated, otherwise `false`.\n */\n public isAuthenticated(): boolean {\n if (this.windowRef.isOnline()) {\n return this.oauthService.hasValidAccessToken() && this.oauthService.hasValidIdToken();\n }\n return this.hasValidOfflineToken();\n }\n\n /**\n * Checks if the user is authorized based on the provided handler.\n *\n * @param {AuthorizedHandler | null} [authorizedHandler] - A handler to determine authorization.\n * @returns {boolean} `true` if authorized, otherwise `false`.\n */\n public isAuthorized(authorizedHandler?: AuthorizedHandler | null): boolean {\n const handler = authorizedHandler ?? this.authConfig.defaultAuthorizedHandler;\n\n return this.isAuthenticated() && (handler?.(this.getIdentityClaims(), this, this.router) ?? true);\n }\n\n /**\n * Emits whether the user is authorized based on the provided handler.\n *\n * @param {AuthorizedHandler | null} [authorizedHandler] - A handler to determine authorization.\n * @returns {Observable<boolean>} An observable emitting the authorization status.\n */\n public isAuthorized$(authorizedHandler?: AuthorizedHandler | null): Observable<boolean> {\n return this.isAuthenticated$.pipe(map(() => this.isAuthorized(authorizedHandler)));\n }\n\n /**\n * Prepares an HTTP request by adding the access token to its headers.\n *\n * @param {HttpRequest<T> | Request} req - The HTTP request to prepare.\n * @param {boolean} requireSignIn - Whether to require the user to sign in if no token is available.\n * @returns {Observable<R>} An observable emitting the prepared request.\n * @template R, T\n */\n public prepareAuthRequest$<R extends HttpRequest<T> | Request, T>(req: R, requireSignIn = false): Observable<R> {\n return this.waitForAccessToken$(requireSignIn).pipe(map((token) => setHttpAuthHeader(req, token)));\n }\n\n /**\n * Waits for a valid access token to become available.\n *\n * @param {boolean} requireSignIn - Whether to require the user to sign in if no token is available.\n * @returns {Observable<string | null>} An observable emitting the access token.\n */\n public waitForAccessToken$(requireSignIn: boolean): Observable<string | null> {\n const accessToken$ = of(this.getAccessToken()).pipe(filter((token) => !!token && this.isAuthenticated()));\n const waitForAccessToken$ = this.onTokenReceived$.pipe(\n timeout(this.authConfig.waitForTokenInMs ?? 0),\n catchError(async () => this.tryRefreshToken().catch(() => null)),\n );\n\n return this.isInitialized$.pipe(\n switchMap(() => merge(accessToken$, waitForAccessToken$)),\n take(1),\n map(() => this.getAccessToken()),\n tap((token) => !token && requireSignIn && this.autoSignIn(this.windowRef.location.pathname)),\n );\n }\n\n private async routeToRequestedUrl(): Promise<void> {\n if (!this.oauthService.state || !this.oauthService.hasValidAccessToken()) return;\n await this.router.navigateByUrl(decodeURIComponent(this.oauthService.state));\n }\n\n private hasValidOfflineToken(): boolean {\n const issuedAt = this.getIdentityClaims()?.iat ?? 0;\n\n return Date.now() - issuedAt * 1000 <= this.authConfig.maxOfflineTime * 1000;\n }\n\n private redirectToLogin(uri: string): void {\n this.windowRef.location.assign(uri);\n this.isRedirecting$$.next(true);\n }\n\n private async tryLoadUserProfile(): Promise<void> {\n if (!this.authConfig.loadUserProfile || !this.isAuthenticated()) return;\n await this.oauthService.loadUserProfile().catch(() => null);\n }\n\n private async tryRefreshToken(): Promise<void> {\n if (!this.getRefreshToken()) return;\n try {\n await this.oauthService.refreshToken();\n } catch (error) {\n this.setAuthServerUnavailable(error);\n throw error;\n }\n }\n\n private assertAudience(clientId?: string | null): void {\n const tokenClientId = this.getIdentityClaims()?.aud;\n if (!clientId || !tokenClientId || clientId === tokenClientId) return;\n this.signOut(true);\n }\n\n private updateSilentRefresh(enabled: boolean) {\n if (enabled) {\n this.oauthService.setupAutomaticSilentRefresh();\n } else {\n this.oauthService.stopAutomaticRefresh();\n }\n }\n\n private shouldSkipAutoSignIn(): boolean {\n return this.isAuthServerUnavailable$$.value || !this.windowRef.isOnline();\n }\n\n private setAuthServerUnavailable(error: unknown): boolean {\n const status = this.resolveAuthErrorStatus(error);\n if (status === undefined) return false;\n const isUnavailable = status === 0 || status === 503 || status === 504;\n if (isUnavailable) {\n this.isAuthServerUnavailable$$.next(true);\n }\n return isUnavailable;\n }\n\n private resolveAuthErrorStatus(error: HttpErrorResponse | OAuthErrorEvent | unknown): number | undefined {\n if (error instanceof HttpErrorResponse) {\n return error.status;\n }\n if (error instanceof OAuthErrorEvent) {\n const reason = error.reason as Partial<HttpErrorResponse> | undefined;\n return reason?.status;\n }\n return undefined;\n }\n}\n","import { inject } from '@angular/core';\nimport { LanguageLoaderFn } from '@odx/angular/localization';\nimport { isNonEmptyString } from '@odx/angular/utils';\nimport { map } from 'rxjs';\nimport { AuthService } from '../auth.service';\n\ntype LanguageSelector = (claims?: OdxAuth.IdentityClaims | null) => string | null | undefined;\n\n/**\n * A function that creates a language loader function for user authentication.\n *\n * @param {LanguageSelector} languageSelector - A function that takes optional identity claims and returns a language string, null, or undefined.\n * Defaults to a function that returns the preferred language from the claims.\n * @returns {LanguageLoaderFn} - A function that retrieves the user's preferred language from the identity claims.\n */\nexport function userLanguageLoader(languageSelector: LanguageSelector = (claims) => claims?.preferredLanguage): LanguageLoaderFn {\n return () => {\n return inject(AuthService).identityClaims$.pipe(\n map(languageSelector),\n map((value) => (isNonEmptyString(value) ? value : undefined)),\n );\n };\n}\n","import { DynamicTextContent } from '@odx/angular/cdk/dynamic-view';\nimport { createConfigTokens } from '@odx/angular/utils';\nimport { OAuthErrorEvent, OAuthStorage } from 'angular-oauth2-oidc';\nimport { createInitials, resolveEmail, resolveUsername } from './helpers';\n\nimport { AuthEnvironment, AuthorizedHandler, AuthPluginFactory } from './models';\n\nexport const AUTH_HTTP_HEADER = 'Authorization';\nexport const ODX_AUTH_DEFAULT_SCOPES = ['openid', 'profile', 'email', 'offline_access'];\nexport const ODX_AUTH_HOSTS: Record<AuthEnvironment, string> = {\n dev: 'https://dev.login.draeger.com',\n stage: 'https://test.login.draeger.com',\n prod: 'https://login.draeger.com',\n};\nexport const ODX_AUTH_USER_PROFILE_HOSTS: Record<AuthEnvironment, string> = {\n dev: 'https://lemon-ocean-04a922703.3.azurestaticapps.net',\n stage: 'https://purple-cliff-0e61c5703.3.azurestaticapps.net',\n prod: 'https://id.draeger.com',\n};\n\nexport type AuthErrorHandlerFn = (error: OAuthErrorEvent) => void;\nexport type ResolveUsernameFn = (rawClaims: OdxAuth.RawIdentityClaims) => string;\nexport type ResolveEmailFn = (rawClaims: OdxAuth.RawIdentityClaims) => string;\nexport type CreateInitialsFn = (value: string) => string;\n\n/**\n * Configuration options for the authentication module.\n *\n * @interface AuthConfig\n */\nexport interface AuthConfig {\n environment: AuthEnvironment;\n clientId?: string;\n issuer?: string;\n redirectPath: string;\n allowedUrls: Array<string | RegExp>;\n timeoutFactor: number;\n maxOfflineTime: number;\n loadUserProfile: boolean;\n postLogoutRedirectUrl?: string;\n scopes?: string[];\n discoveryUrl?: string;\n errorHandler: AuthErrorHandlerFn;\n createInitials: CreateInitialsFn;\n resolveEmail: ResolveEmailFn;\n resolveUsername: ResolveUsernameFn;\n storage?: OAuthStorage;\n plugins: AuthPluginFactory[];\n pluginsErrorHandler?: (error: unknown) => void;\n defaultAuthorizedHandler?: AuthorizedHandler | null;\n enableLoadingScreen: boolean;\n refreshTokenOnInit?: boolean;\n loadingScreenMessage?: DynamicTextContent | null;\n userProfileUrl?: string;\n requireSignIn?: boolean;\n requireSignInForRequests?: boolean;\n waitForTokenInMs?: number;\n showDebugInformation?: boolean;\n pluginTimeout?: number;\n}\n\n/**\n * Tools for injecting and providing the auth configuration with default configuration for the authentication.\n *\n * @example\n * // Providing custom authentication configuration.\n * ```ts\n * import { createInitials, resolveEmail, resolveUsername } from './helpers';\n *\n * providers: [provideAuthConfig({\n * environment: 'dev',\n * redirectPath: 'login/callback',\n * allowedUrls: [],\n * timeoutFactor: 0.75,\n * maxOfflineTime: 60 * 60, // 1 hour\n * loadUserProfile: false,\n * errorHandler: (error) => {\n * throw error;\n * },\n * createInitials,\n * resolveEmail,\n * resolveUsername,\n * plugins: [],\n * defaultAuthorizedHandler: null,\n * enableLoadingScreen: true,\n * loadingScreenMessage: 'Loading...',\n * waitForTokenInMs: 500,\n *\n * })],\n *\n * // Injecting the datepicker configuration.\n * ```ts\n * @Component({})\n * export class MyComponent {\n * constructor(@Inject(injectAuthConfig()) private readonly authConfig: AuthConfig) {}\n * }\n * ```\n */\nexport const { AuthDefaultConfig, AuthConfig, injectAuthConfig, provideAuthConfig } = createConfigTokens('Auth', '@odx/auth', {\n environment: 'prod',\n redirectPath: 'login/callback',\n allowedUrls: [],\n timeoutFactor: 0.75,\n maxOfflineTime: 24 * 60 * 60, // 1 day\n loadUserProfile: false,\n errorHandler: (error) => {\n throw error;\n },\n createInitials,\n resolveEmail,\n resolveUsername,\n plugins: [],\n defaultAuthorizedHandler: null,\n enableLoadingScreen: true,\n loadingScreenMessage: null,\n waitForTokenInMs: 1000,\n} as AuthConfig);\n","import { TranslationObject } from '@odx/angular/internal/translate';\n\nexport default {\n en: {\n userProfileLink: 'My profile',\n signInButtonText: 'Sign in',\n signOutButtonText: 'Sign out',\n },\n de: {\n userProfileLink: 'Mein Profil',\n signInButtonText: 'Einloggen',\n signOutButtonText: 'Ausloggen',\n },\n} as TranslationObject;\n","import { AsyncPipe } from '@angular/common';\nimport { ChangeDetectionStrategy, Component, inject, input, ViewEncapsulation } from '@angular/core';\nimport { AreaHeaderModule } from '@odx/angular/components/area-header';\nimport { DropdownModule, DropdownOptions } from '@odx/angular/components/dropdown';\nimport { HeaderModule } from '@odx/angular/components/header';\nimport { LoadingSpinnerModule } from '@odx/angular/components/loading-spinner';\nimport { provideTranslations, TranslatePipe } from '@odx/angular/internal/translate';\nimport { Position } from '@odx/angular/utils';\nimport { combineLatest } from 'rxjs';\nimport { injectAuthConfig } from './auth.config';\nimport translations from './auth.i18n';\nimport { AuthService } from './auth.service';\nimport { AuthActionsComponent } from './components';\nimport { SignInDirective } from './directives';\n\n@Component({\n standalone: true,\n selector: 'odx-auth',\n imports: [AreaHeaderModule, DropdownModule, HeaderModule, SignInDirective, LoadingSpinnerModule, AuthActionsComponent, TranslatePipe, AsyncPipe],\n templateUrl: './auth.component.html',\n styleUrls: ['./auth.component.scss'],\n changeDetection: ChangeDetectionStrategy.OnPush,\n encapsulation: ViewEncapsulation.None,\n providers: [provideTranslations(translations)],\n})\nexport class AuthComponent {\n protected readonly authConfig = injectAuthConfig();\n protected readonly authService = inject(AuthService);\n protected readonly dropdownOptions = {\n position: Position.BOTTOM_END,\n enableFallback: false,\n containerClass: 'odx-auth-user-profile',\n } as Partial<DropdownOptions>;\n protected readonly vm$ = combineLatest({\n idClaims: this.authService.identityClaims$,\n isAuthenticated: this.authService.isAuthenticated$,\n });\n\n /**\n * Whether to hide the institution information.\n *\n * @type {InputSignal<boolean>}\n */\n public readonly hideInstitution = input(false);\n}\n","<odx-action-group>\n @if (vm$ | async; as vm) {\n <ng-container ngProjectAs=\"[odxButton]\">\n @if (vm.isAuthenticated) {\n <button odxButton [odxDropdown]=\"userProfileMenu\" [odxDropdownOptions]=\"dropdownOptions\" data-testid=\"odx-auth-user-profile-button\">\n <ng-template [ngTemplateOutlet]=\"userAvatar\" />\n </button>\n } @else {\n <button class=\"odx-auth-sign-in\" odxButton odxAuthSignIn variant=\"secondary\" data-testid=\"odx-auth-sign-in-button\">\n <odx-icon name=\"core::user\" alignLeft />\n {{ 'signInButtonText' | odxTranslate | async }}\n </button>\n }\n <ng-template #userProfileMenu>\n @if (!hideInstitution() && vm.idClaims?.institutionName; as institutionName) {\n <p class=\"odx-padding-x-8\" data-testid=\"odx-auth-institution-name\">{{ institutionName }}</p>\n }\n <odx-area-header class=\"odx-padding-x-8 odx-margin-y-12\" size=\"small\">\n <ng-template [ngTemplateOutlet]=\"userAvatar\" ngProjectAs=\"odx-avatar\" />\n {{ vm.idClaims?.username }}\n <odx-area-header-subtitle>\n {{ vm.idClaims?.email }}\n </odx-area-header-subtitle>\n </odx-area-header>\n <ng-content />\n <odx-auth-actions [claims]=\"vm.idClaims\" />\n </ng-template>\n <ng-template #userAvatar>\n <odx-avatar class=\"odx-auth-user-avatar\">\n {{ vm.idClaims?.initials ?? '' }}\n </odx-avatar>\n </ng-template>\n </ng-container>\n }\n</odx-action-group>\n","import { NgIf, NgIfContext } from '@angular/common';\nimport { AfterViewInit, Directive, inject, Input, TemplateRef } from '@angular/core';\nimport { isString, untilDestroyed } from '@odx/angular/utils';\nimport { AuthService } from './auth.service';\nimport { AuthorizedHandler } from './models';\n\n@Directive({\n standalone: true,\n selector: 'ng-template[odxAuth]',\n hostDirectives: [NgIf],\n})\nexport class AuthDirective implements AfterViewInit {\n private readonly authService = inject(AuthService);\n private readonly ngIfDirective = inject(NgIf, { host: true });\n private readonly takeUntilDestroyed = untilDestroyed();\n\n /**\n * The authorization handler or a string representing the handler.\n *\n * @type {AuthorizedHandler | null | string}\n */\n @Input('odxAuth')\n public authorizationHandler?: AuthorizedHandler | null | string = null;\n\n /**\n * Sets the template to be displayed when the authorization check fails.\n *\n * @param {TemplateRef<NgIfContext<unknown>>} value - The template reference.\n */\n // eslint-disable-next-line @angular-eslint/no-input-rename\n @Input('odxAuthElse')\n public set elseTemplate(value: TemplateRef<NgIfContext<unknown>>) {\n this.ngIfDirective.ngIfElse = value;\n }\n\n public ngAfterViewInit(): void {\n this.authService.identityClaims$.pipe(this.takeUntilDestroyed()).subscribe(() => {\n const handler = isString(this.authorizationHandler) ? null : this.authorizationHandler;\n this.ngIfDirective.ngIf = this.authService.isAuthorized(handler);\n });\n }\n}\n","import { inject } from '@angular/core';\nimport { CanActivateFn, Router } from '@angular/router';\nimport { WindowRef } from '@odx/angular';\nimport { isString } from '@odx/angular/utils';\nimport { EMPTY, of, switchMap, take, tap } from 'rxjs';\nimport { AuthService } from './auth.service';\nimport { AuthorizedHandler } from './models';\n\n/**\n * Guard function to protect routes from unauthorized access.\n *\n * @param {AuthorizedHandler} [authorizedHandler] - Optional handler to check if the user is authorized.\n * @param {string | any[]} [redirectTo] - Optional URL or route to redirect unauthorized users to. Can be a string or an array of strings.\n * @param {boolean} [isExternal=false] - Optional flag to indicate if the redirection should be external. Defaults to false.\n * @returns {CanActivateFn} A function that implements the CanActivateFn interface.\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport function authGuard(authorizedHandler?: AuthorizedHandler, redirectTo?: any[] | string, isExternal = false): CanActivateFn {\n return (_, state) => {\n const authService = inject(AuthService);\n const windowRef = inject(WindowRef);\n const router = inject(Router, { optional: true });\n\n return authService.isAuthenticated$.pipe(\n switchMap((isAuthenticated) => {\n if (!isAuthenticated) {\n authService.autoSignIn(state.url);\n\n return EMPTY;\n }\n return of(authService.isAuthorized(authorizedHandler));\n }),\n tap((isAuthorized) => {\n if (isAuthorized || !router) return;\n if (isString(redirectTo)) {\n if (isExternal) {\n windowRef.location.assign(redirectTo);\n } else {\n router.navigateByUrl(redirectTo);\n }\n } else if (Array.isArray(redirectTo)) {\n router.navigate(redirectTo);\n }\n }),\n take(1),\n );\n };\n}\n","import { NgModule } from '@angular/core';\nimport { AuthComponent } from './auth.component';\nimport { AuthDirective } from './auth.directive';\nimport { SignInDirective, SignOutDirective } from './directives';\n\nconst modules = [AuthComponent, AuthDirective, SignInDirective, SignOutDirective];\n\n@NgModule({\n imports: [...modules],\n exports: [...modules],\n})\nexport class AuthModule {}\n","import { inject } from '@angular/core';\nimport { CanActivateFn, Router } from '@angular/router';\nimport { WindowRef } from '@odx/angular';\nimport { isString } from '@odx/angular/utils';\nimport { map, take, tap } from 'rxjs';\nimport { AuthService } from './auth.service';\nimport { AuthorizedHandler } from './models';\n\n/**\n * Guard function to prevent unauthorized access to routes.\n *\n * @param {AuthorizedHandler} authorizedHandler - Optional handler to check if the user is authorized.\n * @param {any[] | string} redirectTo - Optional URL or route to redirect unauthorized users to. Can be a string or an array of strings.\n * @param {boolean} isExternal - Optional flag to indicate if the redirection should be external. Defaults to false.\n * @returns {CanActivateFn} - A function that implements the CanActivateFn interface.\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport function unauthGuard(authorizedHandler?: AuthorizedHandler, redirectTo?: any[] | string, isExternal = false): CanActivateFn {\n return (_) => {\n const authService = inject(AuthService);\n const router = inject(Router, { optional: true });\n const windowRef = inject(WindowRef);\n\n return authService.isAuthenticated$.pipe(\n map(() => !authService.isAuthorized(authorizedHandler)),\n tap((isUnauthorized) => {\n if (isUnauthorized || !router) return;\n if (isString(redirectTo)) {\n if (isExternal) {\n windowRef.location.assign(redirectTo);\n } else {\n router.navigateByUrl(redirectTo);\n }\n } else if (Array.isArray(redirectTo)) {\n router.navigate(redirectTo);\n }\n }),\n take(1),\n );\n };\n}\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './index';\n"],"names":["i1","i3"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAIA;;;;;;;;;;;AAWG;SACa,iBAAiB,CAAC,WAA4B,EAAE,GAAG,QAAkB,EAAA;IACnF,OAAO,QAAQ,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,GAAG,QAAQ,CAAC;AAC3D;;AClBA;;;;;;;;;;;;;;;;AAgBG;AACG,SAAU,cAAc,CAAC,KAAqB,EAAA;AAClD,IAAA,IAAI,CAAC,KAAK;AAAE,QAAA,OAAO,EAAE;IACrB,MAAM,KAAK,GAAG;AACX,SAAA,OAAO,CAAC,YAAY,EAAE,EAAE;AACxB,SAAA,IAAI;SACJ,KAAK,CAAC,GAAG,CAAC;IAEb,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK,KAAI;AAC5C,QAAA,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;YAC7C,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE;QACnC;AACA,QAAA,OAAO,QAAQ;IACjB,CAAC,EAAE,EAAE,CAAC;AACR;;AC1BA;;;;;;;;;AASG;AACG,SAAU,eAAe,CAAC,QAA8B,EAAA;AAC5D,IAAA,MAAM,QAAQ,GAAG,MAAM,CAAC,mBAAmB,CAAC;IAE5C,OAAO,CAAC,KAAK,KAAI;AACf,QAAA,qBAAqB,CAAC,QAAQ,EAAE,MAAK;AACnC,YAAA,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE;AAC9B,gBAAA,IAAI;oBACF,OAAO,CAAC,KAAK,CAAC;oBACd;gBACF;gBAAE,OAAO,cAAc,EAAE;AACvB,oBAAA,IAAI,EAAE,cAAc,YAAY,eAAe,CAAC;AAAE,wBAAA,MAAM,KAAK;oBAC7D;gBACF;YACF;AACF,QAAA,CAAC,CAAC;AACJ,IAAA,CAAC;AACH;;AC3BA;;;;;;;AAOG;AACG,SAAU,gBAAgB,CAAuB,IAAe,EAAE,OAAoC,EAAA;AAC1G,IAAA,OAAO,CAAC,OAAsB,KAC5B,OAAO,CAAC,IAAI,CACV,MAAM,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC,EACtC,SAAS,CAAC,CAAC,KAAK,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC,CACrC;AACL;;ACfA;;;;;;;;;;;;;;;;;;;AAmBG;AACG,SAAU,YAAY,CAAC,MAAiC,EAAA;IAC5D,IAAI,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE;AAC7B,QAAA,OAAO,MAAM,CAAC,OAAO,CAAC;IACxB;IACA,IAAI,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,EAAE;AACrC,QAAA,OAAO,MAAM,CAAC,eAAe,CAAC;IAChC;IACA,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE;AACpE,QAAA,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC5B;AACA,IAAA,OAAO,EAAE;AACX;;AC/BA;;;;;;;;;;;;;;;;;;;;AAoBG;AACG,SAAU,eAAe,CAAC,MAAiC,EAAA;AAC/D,IAAA,IAAI,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,EAAE;QACjE,OAAO,CAAA,EAAG,MAAM,CAAC,WAAW,CAAC,CAAA,CAAA,EAAI,MAAM,CAAC,UAAU,CAAC,CAAA,CAAE;IACvD;AACA,IAAA,IAAI,QAAQ,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,EAAE;QACrE,OAAO,CAAA,EAAG,MAAM,CAAC,YAAY,CAAC,CAAA,CAAA,EAAI,MAAM,CAAC,aAAa,CAAC,CAAA,CAAE;IAC3D;IACA,IAAI,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE;AAC5B,QAAA,OAAO,MAAM,CAAC,MAAM,CAAC;IACvB;IACA,IAAI,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,EAAE;AACnC,QAAA,OAAO,MAAM,CAAC,aAAa,CAAC;IAC9B;AAEA,IAAA,OAAO,EAAE;AACX;;ACnCA;;;;;;;;AAQG;AACG,SAAU,iBAAiB,CAAwC,GAAM,EAAE,KAAqB,EAAA;AACpG,IAAA,IAAI,CAAC,KAAK;AAAE,QAAA,OAAO,GAAG;AACtB,IAAA,MAAM,MAAM,GAAG,CAAA,OAAA,EAAU,KAAK,EAAE;AAChC,IAAA,IAAI,GAAG,YAAY,WAAW,EAAE;AAC9B,QAAA,OAAO,GAAG,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,MAAM,CAAC,EAAE,CAAM;IAC/E;IACA,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,MAAM,CAAC;AAEzC,IAAA,OAAO,GAAG;AACZ;;AClBO,MAAM,eAAe,GAAG;;ACIxB,MAAM,qBAAqB,GAAG,IAAI,gBAAgB,CAAU,MAAM,KAAK;AAE9E;;;;;;AAMG;MACU,eAAe,GAAsB,CAAC,GAAG,EAAE,IAAI,KAAI;IAC9D,MAAM,EAAE,WAAW,EAAE,wBAAwB,EAAE,GAAG,gBAAgB,EAAE;IACpE,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,UAAU,KAAK,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;AACpF,IAAA,IAAI,CAAC,YAAY,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,EAAE;AAC5D,QAAA,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB;AAEA,IAAA,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,mBAAmB,CAAC,GAAG,EAAE,wBAAwB,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;AACpG;;ACtBA,aAAe,IAAI,MAAM,CAAC,WAAW,CAAC;;ACGtC;;;;;AAKG;MAEmB,mBAAmB,CAAA;AADzC,IAAA,WAAA,GAAA;QAEmB,IAAA,CAAA,kBAAkB,GAAG,cAAc,EAAE;QACrC,IAAA,CAAA,uBAAuB,GAAG,MAAM,CAAC,uBAAuB,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACvE,QAAA,IAAA,CAAA,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;AAUrD,IAAA;IARQ,eAAe,GAAA;AACpB,QAAA,IAAI,CAAC,uBAAuB,CAAC,SAAS,GAAG,IAAI;AAC7C,QAAA,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,aAAa,KAAI;AAC1F,YAAA,IAAI,CAAC,uBAAuB,CAAC,SAAS,GAAG,aAAa;AACxD,QAAA,CAAC,CAAC;IACJ;+GAVoB,mBAAmB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAAnB,mBAAmB,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,EAAA,EAAA,CAAA,CAAA;;4FAAnB,mBAAmB,EAAA,UAAA,EAAA,CAAA;kBADxC;;;ACXD;;;;;;;;;;;;;AAaG;AAUG,MAAO,eAAgB,SAAQ,mBAAmB,CAAA;AALxD,IAAA,WAAA,GAAA;;AAME;;;;AAIG;;AAGI,QAAA,IAAA,CAAA,WAAW,GAAG,IAAI,YAAY,EAAQ;AAO9C,IAAA;IAJoB,WAAW,GAAA;AAC5B,QAAA,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE;AACzB,QAAA,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE;IACzB;+GAdW,eAAe,EAAA,IAAA,EAAA,IAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAAf,eAAe,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,4BAAA,EAAA,OAAA,EAAA,EAAA,WAAA,EAAA,eAAA,EAAA,EAAA,IAAA,EAAA,EAAA,SAAA,EAAA,EAAA,OAAA,EAAA,eAAA,EAAA,EAAA,EAAA,eAAA,EAAA,IAAA,EAAA,cAAA,EAAA,CAAA,EAAA,SAAA,EAAA,EAAA,CAAA,uBAAA,EAAA,CAAA,EAAA,QAAA,EAAA,EAAA,EAAA,CAAA,CAAA;;4FAAf,eAAe,EAAA,UAAA,EAAA,CAAA;kBAL3B,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,4BAA4B;oBACtC,cAAc,EAAE,CAAC,uBAAuB,CAAC;AAC1C,iBAAA;;sBAQE,MAAM;uBAAC,eAAe;;sBAGtB,YAAY;uBAAC,OAAO;;;AC7BvB;;;;;;;;;;;;;AAaG;AAMG,MAAO,gBAAiB,SAAQ,mBAAmB,CAAA;AALzD,IAAA,WAAA,GAAA;;AAME;;;AAGG;AAEI,QAAA,IAAA,CAAA,YAAY,GAAG,IAAI,YAAY,EAAQ;AAO/C,IAAA;IAJoB,WAAW,GAAA;AAC5B,QAAA,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE;AAC1B,QAAA,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE;IAC1B;+GAZW,gBAAgB,EAAA,IAAA,EAAA,IAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAAhB,gBAAgB,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,kBAAA,EAAA,OAAA,EAAA,EAAA,YAAA,EAAA,gBAAA,EAAA,EAAA,IAAA,EAAA,EAAA,SAAA,EAAA,EAAA,OAAA,EAAA,eAAA,EAAA,EAAA,EAAA,eAAA,EAAA,IAAA,EAAA,cAAA,EAAA,CAAA,EAAA,SAAA,EAAA,EAAA,CAAA,uBAAA,EAAA,CAAA,EAAA,QAAA,EAAA,EAAA,EAAA,CAAA,CAAA;;4FAAhB,gBAAgB,EAAA,UAAA,EAAA,CAAA;kBAL5B,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,kBAAkB;oBAC5B,cAAc,EAAE,CAAC,uBAAuB,CAAC;AAC1C,iBAAA;;sBAME,MAAM;uBAAC,gBAAgB;;sBAGvB,YAAY;uBAAC,OAAO;;;ACvBvB;;AAEG;AAUI,IAAM,oBAAoB,GAA1B,MAAM,oBAAoB,CAAA;AAA1B,IAAA,WAAA,GAAA;QACW,IAAA,CAAA,OAAO,GAAG,aAAa,EAAE;AAEzC;;;;;AAKG;QAEI,IAAA,CAAA,MAAM,GAAkC,IAAI;AACpD,IAAA;+GAXY,oBAAoB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAApB,oBAAoB,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,kBAAA,EAAA,MAAA,EAAA,EAAA,MAAA,EAAA,QAAA,EAAA,EAAA,QAAA,EAAA,EAAA,EAAA,QAAA,ECpBjC,wiBAYA,EAAA,YAAA,EAAA,CAAA,EAAA,IAAA,EAAA,UAAA,EAAA,IAAA,EDGY,UAAU,8BAAE,UAAU,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAAA,IAAA,CAAA,aAAA,EAAA,QAAA,EAAA,UAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAAA,IAAA,CAAA,iBAAA,EAAA,QAAA,EAAA,8BAAA,EAAA,MAAA,EAAA,CAAA,SAAA,EAAA,OAAA,EAAA,UAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAA,EAAA,CAAA,aAAA,EAAA,QAAA,EAAA,UAAA,EAAA,MAAA,EAAA,CAAA,MAAA,EAAA,MAAA,EAAA,KAAA,EAAA,YAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAiB,gBAAgB,EAAA,QAAA,EAAA,kBAAA,EAAA,OAAA,EAAA,CAAA,gBAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,MAAA,EAAA,IAAA,EAAAC,IAAA,CAAA,SAAA,EAAA,IAAA,EAAA,OAAA,EAAA,EAAA,EAAA,IAAA,EAAA,MAAA,EAAA,IAAA,EAA/B,aAAa,EAAA,IAAA,EAAA,cAAA,EAAA,CAAA,EAAA,eAAA,EAAA,EAAA,CAAA,uBAAA,CAAA,MAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA,CAAA;;AAKpC,oBAAoB,GAAA,UAAA,CAAA;IAThC,YAAY,CAAC,cAAc;AASf,CAAA,EAAA,oBAAoB,CAWhC;4FAXY,oBAAoB,EAAA,UAAA,EAAA,CAAA;kBARhC,SAAS;AACI,YAAA,IAAA,EAAA,CAAA,EAAA,UAAA,EAAA,IAAI,YACN,kBAAkB,EAAA,OAAA,EACnB,CAAC,UAAU,EAAE,UAAU,EAAE,aAAa,EAAE,gBAAgB,CAAC,mBAEjD,uBAAuB,CAAC,MAAM,EAAA,aAAA,EAChC,iBAAiB,CAAC,IAAI,EAAA,QAAA,EAAA,wiBAAA,EAAA;;sBAWpC;;;AEjBH;;;;;AAKG;MAeU,0BAA0B,CAAA;AAdvC,IAAA,WAAA,GAAA;QAiBqB,IAAA,CAAA,UAAU,GAAG,gBAAgB,EAAE;AAC/B,QAAA,IAAA,CAAA,KAAK,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,aAAa,MAAM,aAAa,GAAG,qBAAqB,GAAG,YAAY,CAAC,CAAC,CAAC;AAmBnJ,IAAA;aAtBgB,IAAA,CAAA,QAAQ,GAA6D,IAA7D,CAAkE;AAKzF;;;;;;AAMG;AACI,IAAA,OAAO,UAAU,CAAC,WAAwB,EAAE,kBAAsC,EAAA;QACvF,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,SAAS,KAAI;YAC7C,IAAI,SAAS,EAAE;gBACb,0BAA0B,CAAC,QAAQ,KAAK,kBAAkB,CAAC,UAAU,CAAC,0BAA0B,CAAC;YACnG;iBAAO;AACL,gBAAA,0BAA0B,CAAC,QAAQ,EAAE,OAAO,EAAE;AAC9C,gBAAA,0BAA0B,CAAC,QAAQ,GAAG,IAAI;YAC5C;AACF,QAAA,CAAC,CAAC;IACJ;+GAtBW,0BAA0B,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;AAA1B,IAAA,SAAA,IAAA,CAAA,IAAA,GAAA,EAAA,CAAA,oBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,SAAA,EAAA,IAAA,EAAA,0BAA0B,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,6BAAA,EAAA,IAAA,EAAA,EAAA,UAAA,EAAA,EAAA,gBAAA,EAAA,MAAA,EAAA,EAAA,EAAA,QAAA,EAAA,EAAA,EAAA,QAAA,EChCvC,kgBAWA,EAAA,MAAA,EAAA,CAAA,grBAAA,CAAA,EAAA,YAAA,EAAA,CAAA,EAAA,IAAA,EAAA,UAAA,EAAA,IAAA,EDWY,YAAY,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,aAAa,EAAA,QAAA,EAAA,UAAA,EAAA,MAAA,EAAA,CAAA,MAAA,EAAA,MAAA,EAAA,KAAA,EAAA,YAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,aAAa,EAAA,QAAA,EAAA,UAAA,EAAA,MAAA,EAAA,CAAA,MAAA,EAAA,SAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,yBAAyB,EAAA,QAAA,EAAA,uBAAA,EAAA,MAAA,EAAA,CAAA,QAAA,EAAA,MAAA,EAAA,OAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,oBAAoB,gMAQzF,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAA,eAAA,EAAA,EAAA,CAAA,uBAAA,CAAA,MAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA,CAAA;;4FAE5E,0BAA0B,EAAA,UAAA,EAAA,CAAA;kBAdtC,SAAS;iCACI,IAAI,EAAA,QAAA,EAEN,6BAA6B,EAAA,OAAA,EAC9B,CAAC,YAAY,EAAE,aAAa,EAAE,aAAa,EAAE,yBAAyB,EAAE,oBAAoB,CAAC,mBAGrF,uBAAuB,CAAC,MAAM,EAAA,aAAA,EAChC,iBAAiB,CAAC,IAAI,EAAA,IAAA,EAC/B;AACJ,wBAAA,kBAAkB,EAAE,MAAM;AAC3B,qBAAA,EAAA,UAAA,EACW,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAA,QAAA,EAAA,kgBAAA,EAAA,MAAA,EAAA,CAAA,grBAAA,CAAA,EAAA;;;AExBzF;;;;;;;;AAQG;AACI,MAAM,eAAe,GAAsB,MAAK;AACrD,IAAA,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC;AAC7D,IAAA,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;IACrC,IAAI,QAAQ,GAAwB,IAAI;IAExC,OAAO,CAAC,WAAW,KAAI;AACrB,QAAA,QAAQ,KAAK,WAAW,CAAC,eAAe,CAAC,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,MAAM,KAAI;AACjG,YAAA,MAAM,CAAC,IAAI,CAAC,CAAA,MAAA,EAAS,MAAM,EAAE,QAAQ,CAAA,EAAA,EAAK,MAAM,EAAE,KAAK,CAAA,CAAA,CAAG,CAAC;AAC3D,YAAA,MAAM,CAAC,KAAK,CAAC,iBAAiB,EAAE,CAAC,GAAG,KAAK,GAAG,CAAC,MAAM,CAAC,EAAE,KAAK,CAAC;AAC5D,YAAA,MAAM,CAAC,KAAK,CAAC,cAAc,EAAE,CAAC,GAAG,KAAK,GAAG,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC,CAAC;AACxE,YAAA,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC,GAAG,KAAK,GAAG,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC,CAAC;AAC1E,YAAA,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,GAAG,KAAK,GAAG,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC;AAClE,QAAA,CAAC,CAAC;AAEF,QAAA,OAAO,EAAE,CAAC,EAAE,CAAC;AACf,IAAA,CAAC;AACH;;AC3BA;;;;;;AAMG;AACI,MAAM,kBAAkB,GAAsB,MAAK;IACxD,MAAM,EAAE,YAAY,EAAE,eAAe,EAAE,cAAc,EAAE,GAAG,gBAAgB,EAAE;IAE5E,OAAO,CAAC,WAAW,KAAI;AACrB,QAAA,MAAM,MAAM,GAAG,WAAW,CAAC,oBAAoB,EAAE;AACjD,QAAA,IAAI,CAAC,MAAM;AAAE,YAAA,OAAO,EAAE,CAAC,EAAE,CAAC;AAC1B,QAAA,MAAM,QAAQ,GAAG,eAAe,CAAC,MAAM,CAAC;QAExC,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,MAAM,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;AAC1F,IAAA,CAAC;AACH;;ACjBA;;;;;;;;AAQG;AACI,MAAM,oBAAoB,GAAsB,MAAK;IAC1D,MAAM,EAAE,WAAW,EAAE,cAAc,EAAE,GAAG,gBAAgB,EAAE;AAC1D,IAAA,OAAO,MAAK;AACV,QAAA,OAAO,EAAE,CAAC,EAAE,cAAc,EAAE,cAAc,IAAI,2BAA2B,CAAC,WAAW,CAAC,EAAE,CAAC;AAC3F,IAAA,CAAC;AACH;;MCFa,uBAAuB,GAAG,IAAI,cAAc,CAAuB,0BAA0B,EAAE;AAC1G,IAAA,UAAU,EAAE,MAAM;IAClB,OAAO,EAAE,MAAK;AACZ,QAAA,MAAM,EAAE,YAAY,EAAE,GAAG,gBAAgB,EAAE;AAE3C,QAAA,OAAO,CAAC,uBAAuB,EAAE,YAAY,CAAC;IAChD,CAAC;AACF,CAAA;MAEY,8BAA8B,GAAG,IAAI,cAAc,CAAgC,gCAAgC,EAAE;AAChI,IAAA,UAAU,EAAE,MAAM;IAClB,OAAO,EAAE,MAAM,gBAAgB,EAAE,CAAC,mBAAmB,IAAI,IAAI;AAC9D,CAAA;MAEY,qBAAqB,GAAG,IAAI,cAAc,CAAsB,wBAAwB,EAAE;AACrG,IAAA,UAAU,EAAE,MAAM;IAClB,OAAO,EAAE,MAAK;AACZ,QAAA,MAAM,EAAE,oBAAoB,EAAE,GAAG,gBAAgB,EAAE;AACnD,QAAA,MAAM,OAAO,GAAG,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;QAC1D,IAAI,oBAAoB,EAAE;AACxB,YAAA,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC;QAC/B;AAEA,QAAA,OAAO,OAAO;IAChB,CAAC;AACF,CAAA;MAEY,gBAAgB,GAAG,IAAI,cAAc,CAAe,oBAAoB,EAAE;AACrF,IAAA,UAAU,EAAE,MAAM;IAClB,OAAO,EAAE,MAAK;AACZ,QAAA,MAAM,EAAE,OAAO,EAAE,GAAG,gBAAgB,EAAE;AACtC,QAAA,MAAM,WAAW,GAAG,MAAM,CAAC,qBAAqB,CAAC;AAEjD,QAAA,OAAO,CAAC,GAAG,WAAW,EAAE,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,aAAa,KAAK,aAAa,EAAE,CAAC;IAC7E,CAAC;AACF,CAAA;AAED;;;;AAIG;SACa,iBAAiB,GAAA;IAC/B,OAAO,6BAA6B,CAAC,MAAK;AACxC,QAAA,MAAM,EAAE,oBAAoB,EAAE,GAAG,gBAAgB,EAAE;AACnD,QAAA,IAAI,CAAC,oBAAoB;YAAE,MAAM,CAAC,OAAO,EAAE;AAC7C,IAAA,CAAC,CAAC;AACJ;AAEA;;AAEG;SACa,2BAA2B,GAAA;AACzC,IAAA,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACvC,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,uBAAuB,CAAC,CAAC;IAEhE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE;AACtE;AAEA;;;;AAIG;SACa,oBAAoB,GAAA;IAClC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,EAAE,aAAa,EAAE,YAAY,EAAE,mBAAmB,EAAE,GAAG,gBAAgB,EAAE;AAC3J,IAAA,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;AACvC,IAAA,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,EAAE,EAAE,YAAY,CAAC;IACzE,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,uBAAuB,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;IACzF,IAAI,mBAAmB,EAAE;QACvB,0BAA0B,CAAC,UAAU,CAAC,WAAW,EAAE,MAAM,CAAC,kBAAkB,CAAC,CAAC;IAChF;AACA,IAAA,OAAO,MACL,WAAW,CAAC,UAAU,CAAC;QACrB,QAAQ;QACR,MAAM,EAAE,MAAM,IAAI,iBAAiB,CAAC,WAAW,EAAE,gBAAgB,CAAC;QAClE,KAAK;QACL,WAAW;AACX,QAAA,qBAAqB,EAAE,qBAAqB;AAC5C,QAAA,sBAAsB,EAAE,IAAI;QAC5B,iCAAiC,EAAE,CAAC,YAAY;AAChD,QAAA,YAAY,EAAE,MAAM;AACpB,QAAA,oBAAoB,EAAE,KAAK;QAC3B,aAAa;AACb,QAAA,kBAAkB,EAAE,IAAI;AACzB,KAAA,CAAC;AACN;AAEA;;AAEG;SACa,iBAAiB,GAAA;IAC/B,OAAO,gBAAgB,EAAE,CAAC,OAAO,IAAI,IAAI,aAAa,EAAE;AAC1D;AAEA;;;;;;;;;;;;;;;;;;;;AAoBG;AACG,SAAU,WAAW,CAA+B,MAA8C,EAAA;AACtG,IAAA,OAAO,wBAAwB,CAAC;QAC9B,iBAAiB,CAAC,MAAM,CAAC;AACzB,QAAA,iBAAiB,EAAE;AACnB,QAAA,kBAAkB,CAAC,EAAE,cAAc,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE,EAAE,EAAE,CAAC;AACnF,QAAA,iBAAiB,CAAC,gBAAgB,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC;AACtD,QAAA,qBAAqB,CAAC,MAAM,oBAAoB,EAAE,EAAE,CAAC;AACrD,QAAA;AACE,YAAA,OAAO,EAAE,YAAY;AACrB,YAAA,UAAU,EAAE,MAAM,iBAAiB,EAAE;AACtC,SAAA;AACF,KAAA,CAAC;AACJ;;MClIa,iBAAiB,CAAA;AAD9B,IAAA,WAAA,GAAA;QAEmB,IAAA,CAAA,UAAU,GAAG,gBAAgB,EAAE;QAC/B,IAAA,CAAA,mBAAmB,GAAG,MAAM,CAAC,8BAA8B,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;AAChF,QAAA,IAAA,CAAA,OAAO,GAAG,MAAM,CAAC,gBAAgB,CAAC;AAClC,QAAA,IAAA,CAAA,QAAQ,GAAG,IAAI,eAAe,CAAkC,IAAI,CAAC;QAEtE,IAAA,CAAA,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,oBAAoB,EAAE,EAAE,KAAK,EAAE,CAAC;QAClG,IAAA,CAAA,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAClD,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,MAAM,CAAC,EACxB,oBAAoB,EAAE,EACtB,KAAK,EAAE,CACR;AAqCF,IAAA;AAnCQ,IAAA,UAAU,CAAC,WAAwB,EAAA;QACxC,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE;AAC3B,YAAA,OAAO,EAAE,CAAC,EAA8B,CAAC;QAC3C;AACA,QAAA,OAAO,WAAW,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,IAAI,CAChD,SAAS,CAAC,CAAC,KAAK,KAAI;AAClB,YAAA,IAAI,CAAC,KAAK;AAAE,gBAAA,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;YAC3B,OAAO,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC;AACzF,QAAA,CAAC,CAAC,EACF,GAAG,CAAC,CAAC,OAAO,KAAK,SAAS,CAAC,GAAG,OAAO,CAA6B,CAAC,EACnE,GAAG,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAC3C,IAAI,CAAC,CAAC,CAAC,CACR;IACH;IAEO,SAAS,GAAA;QACd,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,IAAK,EAA+B;IACrE;AAEQ,IAAA,iBAAiB,CAAC,KAAe,EAAA;AACvC,QAAA,IAAI;AACF,YAAA,IAAI,CAAC,mBAAmB,GAAG,KAAK,CAAC;QACnC;AAAE,QAAA,MAAM;;QAER;AAEA,QAAA,OAAO,EAAE,CAAC,EAA8B,CAAC;IAC3C;IAEQ,SAAS,CAAC,WAAwB,EAAE,MAAkB,EAAA;QAC5D,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAC7B,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,GAAG,GAAG,EAAE,EACrG,UAAU,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CACrD;IACH;+GA/CW,iBAAiB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA,CAAA;AAAjB,IAAA,SAAA,IAAA,CAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,SAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,iBAAiB,cADJ,MAAM,EAAA,CAAA,CAAA;;4FACnB,iBAAiB,EAAA,UAAA,EAAA,CAAA;kBAD7B,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;;ACV3B,MAAM,uBAAuB,GAAuB,CAAC,KAAK,KAAI;AACnE,IAAA,IAAI,KAAK,CAAC,IAAI,KAAK,+BAA+B,IAAK,KAAK,CAAC,MAA4B,EAAE,MAAM,KAAK,GAAG,EAAE;QACzG;IACF;AACA,IAAA,MAAM,KAAK;AACb;;ACqBA;;;;;;;;;;;;;;;;;;;;;;;AAuBG;MAEU,WAAW,CAAA;AAmGtB;;;;;;;AAOG;AACH,IAAA,IAAW,kBAAkB,GAAA;QAC3B,OAAO,IAAI,CAAC,oBAAoB;IAClC;AAEA,IAAA,WAAA,GAAA;QA9GiB,IAAA,CAAA,UAAU,GAAG,gBAAgB,EAAE;AAC/B,QAAA,IAAA,CAAA,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAC;AAC7C,QAAA,IAAA,CAAA,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;AACnC,QAAA,IAAA,CAAA,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;AACvB,QAAA,IAAA,CAAA,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;AAE7B,QAAA,IAAA,CAAA,eAAe,GAAG,IAAI,eAAe,CAAC,KAAK,CAAC;AAC5C,QAAA,IAAA,CAAA,eAAe,GAAG,IAAI,eAAe,CAAC,KAAK,CAAC;AAC5C,QAAA,IAAA,CAAA,yBAAyB,GAAG,IAAI,eAAe,CAAC,KAAK,CAAC;AACtD,QAAA,IAAA,CAAA,oBAAoB,GAAG,SAAS,CAAe,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC,IAAI,CAC1G,MAAM,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,GAAG,KAAK,cAAc,IAAI,GAAG,KAAK,IAAI,CAAC,EAC3D,SAAS,CAAC,IAAI,CAAC,EACf,KAAK,EAAE,CACR;AACgB,QAAA,IAAA,CAAA,qBAAqB,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAChE,MAAM,CAAC,OAAO,CAAC,EACf,SAAS,CAAC,MAAM,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EACzC,GAAG,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,CACtD;AACgB,QAAA,IAAA,CAAA,kBAAkB,GAAG,aAAa,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,CAAC,oBAAoB,CAAC,CAAC;AAE1J;;;;;AAKG;AACa,QAAA,IAAA,CAAA,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,oBAAoB,EAAE,CAAC;AAEnG;;;;;AAKG;QACa,IAAA,CAAA,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;AAElI;;;;;AAKG;QACa,IAAA,CAAA,wBAAwB,GAAG,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;AAEtJ;;;;;AAKG;AACa,QAAA,IAAA,CAAA,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,iBAAiB,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;AAE5H;;;;;AAKG;QACa,IAAA,CAAA,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CACzD,SAAS,CAAC,MAAM,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,EACrD,SAAS,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,EACxC,GAAG,CAAC,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC,EACjC,oBAAoB,EAAE,EACtB,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAC/C;AAED;;;;;AAKG;AACa,QAAA,IAAA,CAAA,eAAe,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAC1D,GAAG,CAAC,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC,EACnC,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAC/C;AAED;;;;AAIG;QACa,IAAA,CAAA,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CACrD,MAAM,CAAC,CAAC,KAAK,KAA+B,KAAK,YAAY,eAAe,CAAC,EAC7E,KAAK,EAAE,CACR;AAED;;;;AAIG;QACa,IAAA,CAAA,gBAAgB,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAC9D,MAAM,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,IAAI,KAAK,gBAAgB,CAAC,EAClD,KAAK,EAAE,CACR;QAeC,IAAI,CAAC,UAAU,EAAE;AACjB,QAAA,IAAI,CAAC,qBAAqB,CAAC,SAAS,EAAE;AACtC,QAAA,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,MAAM,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACnF;AAEA;;;;;AAKG;IACI,MAAM,UAAU,CAAC,MAAkB,EAAA;AACxC,QAAA,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,QAAQ,CAAC;QACpC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,EAAE,GAAG,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;AACpF,QAAA,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC;AAC1C,QAAA,IAAI;AACF,YAAA,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC;AAC3E,YAAA,MAAM,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE;AAClC,YAAA,IAAI,IAAI,CAAC,UAAU,CAAC,kBAAkB,EAAE;AACtC,gBAAA,MAAM,IAAI,CAAC,eAAe,EAAE;YAC9B;QACF;QAAE,OAAO,KAAK,EAAE;YACd,MAAM,mBAAmB,GAAG,IAAI,CAAC,wBAAwB,CAAC,KAAK,CAAC;YAChE,IAAI,EAAE,KAAK,YAAY,iBAAiB,IAAI,KAAK,YAAY,eAAe,CAAC,EAAE;AAC7E,gBAAA,MAAM,KAAK;YACb;AACA,YAAA,IACE,CAAC,mBAAmB;iBACnB,KAAK,CAAC,IAAI,KAAK,qBAAqB,KAAK,KAAK,YAAY,iBAAiB,KAAK,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,EAChI;AACA,gBAAA,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;gBAClB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC;YACnD;QACF;AACA,QAAA,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC;AAC/B,QAAA,IAAI,IAAI,CAAC,UAAU,CAAC,aAAa,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE;YAC5D,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACnD;AACA,QAAA,MAAM,IAAI,CAAC,kBAAkB,EAAE;AAC/B,QAAA,MAAM,IAAI,CAAC,mBAAmB,EAAE;IAClC;AAEA;;AAEG;IACI,UAAU,GAAA;QACf,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE;IACrD;AAEA;;;;AAIG;IACI,SAAS,GAAA;QACd,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,MAAO,CAAC;IAC3C;AAEA;;;;AAIG;AACI,IAAA,MAAM,CAAC,GAAY,EAAA;AACxB,QAAA,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,GAAG,CAAC;IACtC;AAEA;;;AAGG;AACI,IAAA,UAAU,CAAC,GAAY,EAAA;QAC5B,IAAI,IAAI,CAAC,oBAAoB,EAAE;YAAE;AACjC,QAAA,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;IAClB;AAEA;;;;AAIG;AACI,IAAA,OAAO,CAAC,UAAoB,EAAA;AACjC,QAAA,IAAI,CAAC,YAAY,CAAC,oBAAoB,CAAC,UAAU,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;IAC9E;AAEA;;;;AAIG;AACI,IAAA,MAAM,aAAa,GAAA;AACxB,QAAA,OAAO,IAAI,CAAC,YAAY,CAAC,YAAY,EAAE;IACzC;AAEA;;;;AAIG;IACI,cAAc,GAAA;QACnB,OAAO,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,IAAI,IAAI;IACnD;AAEA;;;;AAIG;IACI,eAAe,GAAA;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,IAAI,IAAI;IACpD;AAEA;;;;AAIG;IACI,UAAU,GAAA;QACf,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,IAAI,IAAI;IAC/C;AAEA;;;;AAIG;IACI,iBAAiB,GAAA;AACtB,QAAA,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;AAAE,YAAA,OAAO,IAAI;AACnC,QAAA,OAAO,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,iBAAiB,EAAE,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,CAA2B;IACvH;AAEA;;;;AAIG;IACI,oBAAoB,GAAA;AACzB,QAAA,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;AAAE,YAAA,OAAO,IAAI;AACnC,QAAA,OAAO,IAAI,CAAC,YAAY,CAAC,iBAAiB,EAAE;IAC9C;AAEA;;;;AAIG;IACI,eAAe,GAAA;AACpB,QAAA,IAAI,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE;AAC7B,YAAA,OAAO,IAAI,CAAC,YAAY,CAAC,mBAAmB,EAAE,IAAI,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE;QACvF;AACA,QAAA,OAAO,IAAI,CAAC,oBAAoB,EAAE;IACpC;AAEA;;;;;AAKG;AACI,IAAA,YAAY,CAAC,iBAA4C,EAAA;QAC9D,MAAM,OAAO,GAAG,iBAAiB,IAAI,IAAI,CAAC,UAAU,CAAC,wBAAwB;QAE7E,OAAO,IAAI,CAAC,eAAe,EAAE,KAAK,OAAO,GAAG,IAAI,CAAC,iBAAiB,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC;IACnG;AAEA;;;;;AAKG;AACI,IAAA,aAAa,CAAC,iBAA4C,EAAA;AAC/D,QAAA,OAAO,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,iBAAiB,CAAC,CAAC,CAAC;IACpF;AAEA;;;;;;;AAOG;AACI,IAAA,mBAAmB,CAAwC,GAAM,EAAE,aAAa,GAAG,KAAK,EAAA;QAC7F,OAAO,IAAI,CAAC,mBAAmB,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,KAAK,iBAAiB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;IACpG;AAEA;;;;;AAKG;AACI,IAAA,mBAAmB,CAAC,aAAsB,EAAA;AAC/C,QAAA,MAAM,YAAY,GAAG,EAAE,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;AACzG,QAAA,MAAM,mBAAmB,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CACpD,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,gBAAgB,IAAI,CAAC,CAAC,EAC9C,UAAU,CAAC,YAAY,IAAI,CAAC,eAAe,EAAE,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC,CACjE;AAED,QAAA,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAC7B,SAAS,CAAC,MAAM,KAAK,CAAC,YAAY,EAAE,mBAAmB,CAAC,CAAC,EACzD,IAAI,CAAC,CAAC,CAAC,EACP,GAAG,CAAC,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC,EAChC,GAAG,CAAC,CAAC,KAAK,KAAK,CAAC,KAAK,IAAI,aAAa,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAC7F;IACH;AAEQ,IAAA,MAAM,mBAAmB,GAAA;AAC/B,QAAA,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,mBAAmB,EAAE;YAAE;AAC1E,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,kBAAkB,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;IAC9E;IAEQ,oBAAoB,GAAA;QAC1B,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,EAAE,EAAE,GAAG,IAAI,CAAC;AAEnD,QAAA,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,GAAG,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,GAAG,IAAI;IAC9E;AAEQ,IAAA,eAAe,CAAC,GAAW,EAAA;QACjC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC;AACnC,QAAA,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC;IACjC;AAEQ,IAAA,MAAM,kBAAkB,GAAA;QAC9B,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,eAAe,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YAAE;AACjE,QAAA,MAAM,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC;IAC7D;AAEQ,IAAA,MAAM,eAAe,GAAA;AAC3B,QAAA,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YAAE;AAC7B,QAAA,IAAI;AACF,YAAA,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,EAAE;QACxC;QAAE,OAAO,KAAK,EAAE;AACd,YAAA,IAAI,CAAC,wBAAwB,CAAC,KAAK,CAAC;AACpC,YAAA,MAAM,KAAK;QACb;IACF;AAEQ,IAAA,cAAc,CAAC,QAAwB,EAAA;QAC7C,MAAM,aAAa,GAAG,IAAI,CAAC,iBAAiB,EAAE,EAAE,GAAG;QACnD,IAAI,CAAC,QAAQ,IAAI,CAAC,aAAa,IAAI,QAAQ,KAAK,aAAa;YAAE;AAC/D,QAAA,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IACpB;AAEQ,IAAA,mBAAmB,CAAC,OAAgB,EAAA;QAC1C,IAAI,OAAO,EAAE;AACX,YAAA,IAAI,CAAC,YAAY,CAAC,2BAA2B,EAAE;QACjD;aAAO;AACL,YAAA,IAAI,CAAC,YAAY,CAAC,oBAAoB,EAAE;QAC1C;IACF;IAEQ,oBAAoB,GAAA;AAC1B,QAAA,OAAO,IAAI,CAAC,yBAAyB,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE;IAC3E;AAEQ,IAAA,wBAAwB,CAAC,KAAc,EAAA;QAC7C,MAAM,MAAM,GAAG,IAAI,CAAC,sBAAsB,CAAC,KAAK,CAAC;QACjD,IAAI,MAAM,KAAK,SAAS;AAAE,YAAA,OAAO,KAAK;AACtC,QAAA,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG;QACtE,IAAI,aAAa,EAAE;AACjB,YAAA,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC;QAC3C;AACA,QAAA,OAAO,aAAa;IACtB;AAEQ,IAAA,sBAAsB,CAAC,KAAoD,EAAA;AACjF,QAAA,IAAI,KAAK,YAAY,iBAAiB,EAAE;YACtC,OAAO,KAAK,CAAC,MAAM;QACrB;AACA,QAAA,IAAI,KAAK,YAAY,eAAe,EAAE;AACpC,YAAA,MAAM,MAAM,GAAG,KAAK,CAAC,MAAgD;YACrE,OAAO,MAAM,EAAE,MAAM;QACvB;AACA,QAAA,OAAO,SAAS;IAClB;+GApYW,WAAW,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA,CAAA;AAAX,IAAA,SAAA,IAAA,CAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,SAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAW,cADE,MAAM,EAAA,CAAA,CAAA;;4FACnB,WAAW,EAAA,UAAA,EAAA,CAAA;kBADvB,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;;AC7ClC;;;;;;AAMG;AACG,SAAU,kBAAkB,CAAC,gBAAA,GAAqC,CAAC,MAAM,KAAK,MAAM,EAAE,iBAAiB,EAAA;AAC3G,IAAA,OAAO,MAAK;AACV,QAAA,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,eAAe,CAAC,IAAI,CAC7C,GAAG,CAAC,gBAAgB,CAAC,EACrB,GAAG,CAAC,CAAC,KAAK,MAAM,gBAAgB,CAAC,KAAK,CAAC,GAAG,KAAK,GAAG,SAAS,CAAC,CAAC,CAC9D;AACH,IAAA,CAAC;AACH;;ACfO,MAAM,gBAAgB,GAAG;AACzB,MAAM,uBAAuB,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,gBAAgB;AAC/E,MAAM,cAAc,GAAoC;AAC7D,IAAA,GAAG,EAAE,+BAA+B;AACpC,IAAA,KAAK,EAAE,gCAAgC;AACvC,IAAA,IAAI,EAAE,2BAA2B;;AAE5B,MAAM,2BAA2B,GAAoC;AAC1E,IAAA,GAAG,EAAE,qDAAqD;AAC1D,IAAA,KAAK,EAAE,sDAAsD;AAC7D,IAAA,IAAI,EAAE,wBAAwB;;AA4ChC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoCG;AACI,MAAM,EAAE,iBAAiB,EAAE,UAAU,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,GAAG,kBAAkB,CAAC,MAAM,EAAE,WAAW,EAAE;AAC5H,IAAA,WAAW,EAAE,MAAM;AACnB,IAAA,YAAY,EAAE,gBAAgB;AAC9B,IAAA,WAAW,EAAE,EAAE;AACf,IAAA,aAAa,EAAE,IAAI;AACnB,IAAA,cAAc,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE;AAC5B,IAAA,eAAe,EAAE,KAAK;AACtB,IAAA,YAAY,EAAE,CAAC,KAAK,KAAI;AACtB,QAAA,MAAM,KAAK;IACb,CAAC;IACD,cAAc;IACd,YAAY;IACZ,eAAe;AACf,IAAA,OAAO,EAAE,EAAE;AACX,IAAA,wBAAwB,EAAE,IAAI;AAC9B,IAAA,mBAAmB,EAAE,IAAI;AACzB,IAAA,oBAAoB,EAAE,IAAI;AAC1B,IAAA,gBAAgB,EAAE,IAAI;AACT,CAAA;;AClHf,mBAAe;AACb,IAAA,EAAE,EAAE;AACF,QAAA,eAAe,EAAE,YAAY;AAC7B,QAAA,gBAAgB,EAAE,SAAS;AAC3B,QAAA,iBAAiB,EAAE,UAAU;AAC9B,KAAA;AACD,IAAA,EAAE,EAAE;AACF,QAAA,eAAe,EAAE,aAAa;AAC9B,QAAA,gBAAgB,EAAE,WAAW;AAC7B,QAAA,iBAAiB,EAAE,WAAW;AAC/B,KAAA;CACmB;;MCYT,aAAa,CAAA;AAV1B,IAAA,WAAA,GAAA;QAWqB,IAAA,CAAA,UAAU,GAAG,gBAAgB,EAAE;AAC/B,QAAA,IAAA,CAAA,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;AACjC,QAAA,IAAA,CAAA,eAAe,GAAG;YACnC,QAAQ,EAAE,QAAQ,CAAC,UAAU;AAC7B,YAAA,cAAc,EAAE,KAAK;AACrB,YAAA,cAAc,EAAE,uBAAuB;SACZ;QACV,IAAA,CAAA,GAAG,GAAG,aAAa,CAAC;AACrC,YAAA,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,eAAe;AAC1C,YAAA,eAAe,EAAE,IAAI,CAAC,WAAW,CAAC,gBAAgB;AACnD,SAAA,CAAC;AAEF;;;;AAIG;AACa,QAAA,IAAA,CAAA,eAAe,GAAG,KAAK,CAAC,KAAK,2DAAC;AAC/C,IAAA;+GAnBY,aAAa,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAAb,aAAa,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,UAAA,EAAA,MAAA,EAAA,EAAA,eAAA,EAAA,EAAA,iBAAA,EAAA,iBAAA,EAAA,UAAA,EAAA,iBAAA,EAAA,QAAA,EAAA,IAAA,EAAA,UAAA,EAAA,KAAA,EAAA,iBAAA,EAAA,IAAA,EAAA,EAAA,EAAA,SAAA,EAFb,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC,EAAA,QAAA,EAAA,EAAA,EAAA,QAAA,ECvBhD,siDAmCA,EAAA,MAAA,EAAA,CAAA,6IAAA,CAAA,EAAA,YAAA,EAAA,CAAA,EAAA,IAAA,EAAA,UAAA,EAAA,IAAA,EDjBY,gBAAgB,g1BAAE,cAAc,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAA,EAAA,CAAA,iBAAA,EAAA,QAAA,EAAA,eAAA,EAAA,MAAA,EAAA,CAAA,aAAA,EAAA,qBAAA,EAAA,uBAAA,EAAA,+BAAA,EAAA,oBAAA,EAAA,6BAAA,EAAA,2BAAA,EAAA,iBAAA,EAAA,wBAAA,EAAA,yBAAA,CAAA,EAAA,OAAA,EAAA,CAAA,uBAAA,EAAA,sBAAA,EAAA,wBAAA,EAAA,uBAAA,CAAA,EAAA,QAAA,EAAA,CAAA,aAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,UAAA,EAAA,IAAA,EAAE,YAAY,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,eAAe,kGAAE,oBAAoB,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,oBAAoB,EAAA,QAAA,EAAA,kBAAA,EAAA,MAAA,EAAA,CAAA,QAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,MAAA,EAAA,IAAA,EAAAD,IAAA,CAAA,SAAA,EAAA,IAAA,EAAA,OAAA,EAAA,EAAA,EAAA,IAAA,EAAA,MAAA,EAAA,IAAA,EAAE,aAAa,EAAA,IAAA,EAAA,cAAA,EAAA,CAAA,EAAA,eAAA,EAAA,EAAA,CAAA,uBAAA,CAAA,MAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA,CAAA;;4FAOzH,aAAa,EAAA,UAAA,EAAA,CAAA;kBAVzB,SAAS;AACI,YAAA,IAAA,EAAA,CAAA,EAAA,UAAA,EAAA,IAAI,EAAA,QAAA,EACN,UAAU,EAAA,OAAA,EACX,CAAC,gBAAgB,EAAE,cAAc,EAAE,YAAY,EAAE,eAAe,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,aAAa,EAAE,SAAS,CAAC,EAAA,eAAA,EAG/H,uBAAuB,CAAC,MAAM,EAAA,aAAA,EAChC,iBAAiB,CAAC,IAAI,aAC1B,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC,EAAA,QAAA,EAAA,siDAAA,EAAA,MAAA,EAAA,CAAA,6IAAA,CAAA,EAAA;;;MEZnC,aAAa,CAAA;AAL1B,IAAA,WAAA,GAAA;AAMmB,QAAA,IAAA,CAAA,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QACjC,IAAA,CAAA,aAAa,GAAG,MAAM,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QAC5C,IAAA,CAAA,kBAAkB,GAAG,cAAc,EAAE;AAEtD;;;;AAIG;QAEI,IAAA,CAAA,oBAAoB,GAAuC,IAAI;AAmBvE,IAAA;AAjBC;;;;AAIG;;IAEH,IACW,YAAY,CAAC,KAAwC,EAAA;AAC9D,QAAA,IAAI,CAAC,aAAa,CAAC,QAAQ,GAAG,KAAK;IACrC;IAEO,eAAe,GAAA;AACpB,QAAA,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC,SAAS,CAAC,MAAK;AAC9E,YAAA,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,oBAAoB;AACtF,YAAA,IAAI,CAAC,aAAa,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC;AAClE,QAAA,CAAC,CAAC;IACJ;+GA7BW,aAAa,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAAb,aAAa,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,sBAAA,EAAA,MAAA,EAAA,EAAA,oBAAA,EAAA,CAAA,SAAA,EAAA,sBAAA,CAAA,EAAA,YAAA,EAAA,CAAA,aAAA,EAAA,cAAA,CAAA,EAAA,EAAA,cAAA,EAAA,CAAA,EAAA,SAAA,EAAAA,IAAA,CAAA,IAAA,EAAA,CAAA,EAAA,QAAA,EAAA,EAAA,EAAA,CAAA,CAAA;;4FAAb,aAAa,EAAA,UAAA,EAAA,CAAA;kBALzB,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,sBAAsB;oBAChC,cAAc,EAAE,CAAC,IAAI,CAAC;AACvB,iBAAA;;sBAWE,KAAK;uBAAC,SAAS;;sBASf,KAAK;uBAAC,aAAa;;;ACtBtB;;;;;;;AAOG;AACH;AACM,SAAU,SAAS,CAAC,iBAAqC,EAAE,UAA2B,EAAE,UAAU,GAAG,KAAK,EAAA;AAC9G,IAAA,OAAO,CAAC,CAAC,EAAE,KAAK,KAAI;AAClB,QAAA,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;AACvC,QAAA,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;AACnC,QAAA,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;QAEjD,OAAO,WAAW,CAAC,gBAAgB,CAAC,IAAI,CACtC,SAAS,CAAC,CAAC,eAAe,KAAI;YAC5B,IAAI,CAAC,eAAe,EAAE;AACpB,gBAAA,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC;AAEjC,gBAAA,OAAO,KAAK;YACd;YACA,OAAO,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,iBAAiB,CAAC,CAAC;AACxD,QAAA,CAAC,CAAC,EACF,GAAG,CAAC,CAAC,YAAY,KAAI;YACnB,IAAI,YAAY,IAAI,CAAC,MAAM;gBAAE;AAC7B,YAAA,IAAI,QAAQ,CAAC,UAAU,CAAC,EAAE;gBACxB,IAAI,UAAU,EAAE;AACd,oBAAA,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC;gBACvC;qBAAO;AACL,oBAAA,MAAM,CAAC,aAAa,CAAC,UAAU,CAAC;gBAClC;YACF;AAAO,iBAAA,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;AACpC,gBAAA,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC;YAC7B;AACF,QAAA,CAAC,CAAC,EACF,IAAI,CAAC,CAAC,CAAC,CACR;AACH,IAAA,CAAC;AACH;;AC1CA,MAAM,OAAO,GAAG,CAAC,aAAa,EAAE,aAAa,EAAE,eAAe,EAAE,gBAAgB,CAAC;MAMpE,UAAU,CAAA;+GAAV,UAAU,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,QAAA,EAAA,CAAA,CAAA;AAAV,IAAA,SAAA,IAAA,CAAA,IAAA,GAAA,EAAA,CAAA,mBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,SAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,UAAU,EAAA,OAAA,EAAA,CANN,aAAa,EAAE,aAAa,EAAE,eAAe,EAAE,gBAAgB,CAAA,EAAA,OAAA,EAAA,CAA/D,aAAa,EAAE,aAAa,EAAE,eAAe,EAAE,gBAAgB,CAAA,EAAA,CAAA,CAAA;AAMnE,IAAA,SAAA,IAAA,CAAA,IAAA,GAAA,EAAA,CAAA,mBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,SAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,UAAU,YANN,aAAa,CAAA,EAAA,CAAA,CAAA;;4FAMjB,UAAU,EAAA,UAAA,EAAA,CAAA;kBAJtB,QAAQ;AAAC,YAAA,IAAA,EAAA,CAAA;AACR,oBAAA,OAAO,EAAE,CAAC,GAAG,OAAO,CAAC;AACrB,oBAAA,OAAO,EAAE,CAAC,GAAG,OAAO,CAAC;AACtB,iBAAA;;;ACFD;;;;;;;AAOG;AACH;AACM,SAAU,WAAW,CAAC,iBAAqC,EAAE,UAA2B,EAAE,UAAU,GAAG,KAAK,EAAA;IAChH,OAAO,CAAC,CAAC,KAAI;AACX,QAAA,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;AACvC,QAAA,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;AACjD,QAAA,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAEnC,OAAO,WAAW,CAAC,gBAAgB,CAAC,IAAI,CACtC,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,iBAAiB,CAAC,CAAC,EACvD,GAAG,CAAC,CAAC,cAAc,KAAI;YACrB,IAAI,cAAc,IAAI,CAAC,MAAM;gBAAE;AAC/B,YAAA,IAAI,QAAQ,CAAC,UAAU,CAAC,EAAE;gBACxB,IAAI,UAAU,EAAE;AACd,oBAAA,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC;gBACvC;qBAAO;AACL,oBAAA,MAAM,CAAC,aAAa,CAAC,UAAU,CAAC;gBAClC;YACF;AAAO,iBAAA,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;AACpC,gBAAA,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC;YAC7B;AACF,QAAA,CAAC,CAAC,EACF,IAAI,CAAC,CAAC,CAAC,CACR;AACH,IAAA,CAAC;AACH;;ACxCA;;AAEG;;;;"}
|
|
1
|
+
{"version":3,"file":"odx-auth.mjs","sources":["../../../../libs/auth/src/lib/helpers/create-auth-host-url.ts","../../../../libs/auth/src/lib/helpers/create-inititals.ts","../../../../libs/auth/src/lib/helpers/handle-auth-error.ts","../../../../libs/auth/src/lib/helpers/handle-oauth-event.ts","../../../../libs/auth/src/lib/helpers/resolve-email.ts","../../../../libs/auth/src/lib/helpers/resolve-username.ts","../../../../libs/auth/src/lib/helpers/set-http-auth-header.ts","../../../../libs/auth/src/lib/models/auth-environment.ts","../../../../libs/auth/src/lib/auth.interceptor.ts","../../../../libs/auth/src/lib/auth.logger.ts","../../../../libs/auth/src/lib/directives/auth-action.directive.ts","../../../../libs/auth/src/lib/directives/sign-in.directive.ts","../../../../libs/auth/src/lib/directives/sign-out.directive.ts","../../../../libs/auth/src/lib/components/auth-actions/auth-actions.component.ts","../../../../libs/auth/src/lib/components/auth-actions/auth-actions.component.html","../../../../libs/auth/src/lib/components/auth-loading-screen/auth-loading-screen.component.ts","../../../../libs/auth/src/lib/components/auth-loading-screen/auth-loading-screen.component.html","../../../../libs/auth/src/lib/hybrid-memory-storage.ts","../../../../libs/auth/src/lib/plugins/core-debug.plugin.ts","../../../../libs/auth/src/lib/plugins/core-identity.plugin.ts","../../../../libs/auth/src/lib/plugins/user-profile-link.plugin.ts","../../../../libs/auth/src/lib/auth.providers.ts","../../../../libs/auth/src/lib/models/auth-plugin-manager.ts","../../../../libs/auth/src/lib/models/offline-auth-error-handler.ts","../../../../libs/auth/src/lib/auth.service.ts","../../../../libs/auth/src/lib/helpers/user-language-loader.ts","../../../../libs/auth/src/lib/auth.config.ts","../../../../libs/auth/src/lib/auth.i18n.ts","../../../../libs/auth/src/lib/auth.component.ts","../../../../libs/auth/src/lib/auth.component.html","../../../../libs/auth/src/lib/auth.directive.ts","../../../../libs/auth/src/lib/auth.guard.ts","../../../../libs/auth/src/lib/auth.module.ts","../../../../libs/auth/src/lib/unauth.guard.ts","../../../../libs/auth/src/odx-auth.ts"],"sourcesContent":["import { buildUrl } from '@odx/angular/utils';\nimport { ODX_AUTH_HOSTS } from '../auth.config';\nimport { AuthEnvironment } from '../models';\n\n/**\n * Creates an authentication host URL based on the provided environment and URL segments.\n *\n * @param {AuthEnvironment} environment - The authentication environment (e.g., 'development', 'production').\n * @param {string[]} segments - Additional URL segments to append to the base URL.\n * @returns {string} The constructed authentication host URL.\n *\n * @example\n * ```ts\n * createAuthHostUrl('dev', 'api', 'v1', 'users'); // returns 'https://dev-auth.odx.com/api/v1/users'\n * ```\n */\nexport function createAuthHostUrl(environment: AuthEnvironment, ...segments: string[]): string {\n return buildUrl(ODX_AUTH_HOSTS[environment], ...segments);\n}\n","/**\n * Creates initials from a given string.\n *\n * This function takes a string input, removes any text within parentheses,\n * trims any leading or trailing whitespace, and then splits the string into\n * parts based on spaces. It then constructs initials using the first letter\n * of the first and last parts of the string, converting them to uppercase.\n *\n * @param {string | null} value - The input string from which to create initials. It can be\n * undefined or null, in which case an empty string is returned.\n * @returns {string} - A string containing the initials derived from the input string.\n *\n * @example\n * ```ts\n * createInitials('John Smith'); // returns 'JS'\n * ```\n */\nexport function createInitials(value?: string | null): string {\n if (!value) return '';\n const parts = value\n .replace(/\\([^()]*\\)/, '')\n .trim()\n .split(' ');\n\n return parts.reduce((initials, curr, index) => {\n if (index === 0 || index === parts.length - 1) {\n initials += curr[0].toUpperCase();\n }\n return initials;\n }, '');\n}\n","import { EnvironmentInjector, inject, runInInjectionContext } from '@angular/core';\nimport { OAuthErrorEvent } from 'angular-oauth2-oidc';\nimport { AuthErrorHandlerFn } from '../auth.config';\n\n/**\n * Handles authentication errors by executing a series of error handler functions.\n *\n * @param {AuthErrorHandlerFn[]} handlers - An array of functions that handle authentication errors.\n * Each function is expected to take an `OAuthErrorEvent` as an argument.\n *\n * @returns A function that takes an `OAuthErrorEvent` and processes it using the provided handlers.\n * The function will stop processing once a handler successfully handles the error without throwing.\n * If a handler throws an error that is not an instance of `OAuthErrorEvent`, the original error is re-thrown.\n */\nexport function handleAuthError(handlers: AuthErrorHandlerFn[]): (error: OAuthErrorEvent) => void {\n const injector = inject(EnvironmentInjector);\n\n return (error) => {\n runInInjectionContext(injector, () => {\n for (const handler of handlers) {\n try {\n handler(error);\n break;\n } catch (unhandledError) {\n if (!(unhandledError instanceof OAuthErrorEvent)) throw error;\n continue;\n }\n }\n });\n };\n}\n","import { OAuthEvent } from 'angular-oauth2-oidc';\nimport { filter, Observable, OperatorFunction, switchMap } from 'rxjs';\n\n/**\n * Handles OAuth events of a specific type by applying a provided handler function.\n *\n * @template {T} - The type of OAuth event.\n * @param {T['type']} type - The type of the OAuth event to handle.\n * @param {(event: T) => Promise<void>} handler - A function that takes an event of type T and returns a Promise that resolves to void.\n * @returns {OperatorFunction<T, void>} - An OperatorFunction that filters events of the specified type and applies the handler function.\n */\nexport function handleOAuthEvent<T extends OAuthEvent>(type: T['type'], handler: (event: T) => Promise<void>): OperatorFunction<T, void> {\n return (source$: Observable<T>) =>\n source$.pipe(\n filter((event) => event.type === type),\n switchMap((event) => handler(event)),\n );\n}\n","import { isString } from '@odx/angular/utils';\n\n/**\n * Resolves the email address from the given identity claims.\n *\n * This function attempts to extract an email address from the provided\n * `OdxAuth.RawIdentityClaims` object by checking the following properties\n * in order:\n * 1. `email` - if it is a string, it is returned.\n * 2. `email_address` - if it is a string, it is returned.\n * 3. `emails` - if it is an array and the first element is a string, the first element is returned.\n *\n * If none of these properties contain a valid string email address, an empty string is returned.\n *\n * @param {OdxAuth.RawIdentityClaims} claims - The identity claims object from which to resolve the email address.\n * @returns {string} - The resolved email address as a string, or an empty string if no valid email address is found.\n *\n * @example\n * ```ts\n * resolveEmail({ email_address: 'email.address@mdn.com' }) // returns 'email.address@mdn.com';\n * ```\n */\nexport function resolveEmail(claims: OdxAuth.RawIdentityClaims): string {\n if (isString(claims['email'])) {\n return claims['email'];\n }\n if (isString(claims['email_address'])) {\n return claims['email_address'];\n }\n if (Array.isArray(claims['emails']) && isString(claims['emails'][0])) {\n return claims['emails'][0];\n }\n return '';\n}\n","import { isString } from '@odx/angular/utils';\n\n/**\n * Resolves the username from the provided identity claims.\n *\n * The function attempts to construct a username from the claims in the following order:\n * 1. If both 'firstname' and 'lastname' are strings, it returns them concatenated with a space.\n * 2. If both 'given_name' and 'family_name' are strings, it returns them concatenated with a space.\n * 3. If 'name' is a string, it returns the 'name'.\n * 4. If 'displayname' is a string, it returns the 'displayname'.\n * 5. If none of the above conditions are met, it returns an empty string.\n *\n * @param {OdxAuth.RawIdentityClaims} claims - The raw identity claims from which to resolve the username.\n * @returns {string} - The resolved username as a string.\n *\n * @example\n * ```ts\n * resolveUsername({ firstname: 'John', lastname: 'Doe' }) // returns 'John Doe';\n * resolveUsername({ given_name: 'John', family_name: 'Doe' }) // returns 'John Doe';\n * resolveUsername({ name: 'John Doe' }) // returns 'John Doe';\n * resolveUsername({ displayname: 'John Doe' }) // returns 'John Doe';\n * ```\n */\nexport function resolveUsername(claims: OdxAuth.RawIdentityClaims): string {\n if (isString(claims['firstname']) && isString(claims['lastname'])) {\n return `${claims['firstname']} ${claims['lastname']}`;\n }\n if (isString(claims['given_name']) && isString(claims['family_name'])) {\n return `${claims['given_name']} ${claims['family_name']}`;\n }\n if (isString(claims['name'])) {\n return claims['name'];\n }\n if (isString(claims['displayname'])) {\n return claims['displayname'];\n }\n\n return '';\n}\n","import { HttpRequest } from '@angular/common/http';\nimport { AUTH_HTTP_HEADER } from '../auth.config';\n\n/**\n * Sets the HTTP Authorization header for a given request.\n *\n * @template R - The type of the request, which extends HttpRequest<T> or Request.\n * @template T - The type of the request body.\n * @param {R} req - The HTTP request to which the Authorization header will be added.\n * @param {string | null} [token] - The token to be used in the Authorization header. If no token is provided, the request is returned unchanged.\n * @returns {R} - The modified HTTP request with the Authorization header set, or the original request if no token is provided.\n */\nexport function setHttpAuthHeader<R extends HttpRequest<T> | Request, T>(req: R, token?: string | null): R {\n if (!token) return req;\n const header = `Bearer ${token}`;\n if (req instanceof HttpRequest) {\n return req.clone({ headers: req.headers.set(AUTH_HTTP_HEADER, header) }) as R;\n }\n req.headers.set(AUTH_HTTP_HEADER, header);\n\n return req;\n}\n","import { Environment } from '@odx/angular';\n\nexport type AuthEnvironment = (typeof AuthEnvironment)[keyof typeof AuthEnvironment];\nexport const AuthEnvironment = Environment;\n","import { HttpContextToken, HttpInterceptorFn } from '@angular/common/http';\nimport { inject } from '@angular/core';\nimport { matchUrl } from '@odx/angular/utils';\nimport { mergeMap } from 'rxjs';\nimport { injectAuthConfig } from './auth.config';\nimport { AuthService } from './auth.service';\n\nexport const requireAuthentication = new HttpContextToken<boolean>(() => false);\n\n/**\n * Interceptor to handle authentication for HTTP requests.\n *\n * This interceptor checks if the request URL is allowed or if the request requires authentication.\n * If the URL is not allowed and the request does not require authentication, it simply forwards the request.\n * Otherwise, it prepares the authentication request using the AuthService.\n */\nexport const authInterceptor: HttpInterceptorFn = (req, next) => {\n const { allowedUrls, requireSignInForRequests } = injectAuthConfig();\n const isUrlAllowed = allowedUrls.some((allowedUrl) => matchUrl(req.url, allowedUrl));\n if (!isUrlAllowed && !req.context.get(requireAuthentication)) {\n return next(req);\n }\n\n return inject(AuthService).prepareAuthRequest$(req, requireSignInForRequests).pipe(mergeMap(next));\n};\n","import { Logger } from '@odx/angular/internal';\n\nexport default new Logger('@odx/auth');\n","import { AfterViewInit, Directive, inject } from '@angular/core';\nimport { LoadingSpinnerDirective } from '@odx/angular/components/loading-spinner';\nimport { untilDestroyed } from '@odx/angular/utils';\nimport { AuthService } from '../auth.service';\n\n/**\n * An abstract directive that integrates with the `LoadingSpinnerDirective` and `AuthService` to manage loading states based on authentication redirection.\n *\n * This directive automatically sets the `autoColor` property of the `LoadingSpinnerDirective` to `true` and subscribes to the `isRedirecting$` observable from the `AuthService`.\n * When `isRedirecting$` emits a value, it updates the `isLoading` property of the `LoadingSpinnerDirective`.\n */\n@Directive()\nexport abstract class AuthActionDirective implements AfterViewInit {\n private readonly takeUntilDestroyed = untilDestroyed();\n private readonly loadingSpinnerDirective = inject(LoadingSpinnerDirective, { self: true });\n protected readonly authService = inject(AuthService);\n\n public ngAfterViewInit(): void {\n this.loadingSpinnerDirective.autoColor = true;\n this.authService.isRedirecting$.pipe(this.takeUntilDestroyed()).subscribe((isRedirecting) => {\n this.loadingSpinnerDirective.isLoading = isRedirecting;\n });\n }\n\n protected abstract handleClick(): void;\n}\n","/**\n * A directive that handles the sign-in action for a button element.\n *\n * This directive extends the `AuthActionDirective` and uses the `LoadingSpinnerDirective`\n * to show a loading spinner during the sign-in process.\n *\n * @see {AuthActionDirective}\n * @see {LoadingSpinnerDirective}\n *\n * @example\n * ```html\n * <button odxButton odxAuthSignIn (odxAuthSignIn)=\"onSignIn()\">Sign In</button>\n * ```\n */\nimport { Directive, EventEmitter, HostListener, Output } from '@angular/core';\nimport { LoadingSpinnerDirective } from '@odx/angular/components/loading-spinner';\nimport { AuthActionDirective } from './auth-action.directive';\n\n@Directive({\n standalone: true,\n selector: '[odxButton][odxAuthSignIn]',\n hostDirectives: [LoadingSpinnerDirective],\n})\nexport class SignInDirective extends AuthActionDirective {\n /**\n * Emits an event after the sign-in action is completed.\n *\n * @type {EventEmitter<void>}\n */\n // eslint-disable-next-line @angular-eslint/no-output-rename\n @Output('odxAuthSignIn')\n public afterSignIn = new EventEmitter<void>();\n\n @HostListener('click')\n protected override handleClick(): void {\n this.authService.signIn();\n this.afterSignIn.next();\n }\n}\n","import { Directive, EventEmitter, HostListener, Output } from '@angular/core';\nimport { LoadingSpinnerDirective } from '@odx/angular/components/loading-spinner';\nimport { AuthActionDirective } from './auth-action.directive';\n\n/**\n * A directive that handles the sign-out action for a button element.\n *\n * This directive extends the `AuthActionDirective` and uses the `LoadingSpinnerDirective`\n * to show a loading spinner during the sign-out process.\n *\n * @see {AuthActionDirective}\n * @see {LoadingSpinnerDirective}\n *\n * @example\n * ```html\n * <button odxButton odxAuthSignOut (odxAuthSignOut)=\"onSignOut()\">Sign Out</button>\n * ```\n */\n@Directive({\n standalone: true,\n selector: '[odxAuthSignOut]',\n hostDirectives: [LoadingSpinnerDirective],\n})\nexport class SignOutDirective extends AuthActionDirective {\n /**\n * Emits an event after the sign-out action is completed.\n *\n */\n @Output('odxAuthSignOut')\n public afterSignOut = new EventEmitter<void>();\n\n @HostListener('click')\n protected override handleClick(): void {\n this.authService.signOut();\n this.afterSignOut.next();\n }\n}\n","import { ChangeDetectionStrategy, Component, Input, ViewEncapsulation } from '@angular/core';\nimport { CoreModule } from '@odx/angular';\nimport { ListModule } from '@odx/angular/components/list';\nimport { CSSComponent } from '@odx/angular/internal';\nimport { TranslatePipe } from '@odx/angular/internal/translate';\nimport { injectElement } from '@odx/angular/utils';\nimport { SignOutDirective } from '../../directives';\n\n/**\n * Displays authentication actions.\n */\n@CSSComponent('auth-actions')\n@Component({\n standalone: true,\n selector: 'odx-auth-actions',\n imports: [CoreModule, ListModule, TranslatePipe, SignOutDirective],\n templateUrl: './auth-actions.component.html',\n changeDetection: ChangeDetectionStrategy.OnPush,\n encapsulation: ViewEncapsulation.None,\n})\nexport class AuthActionsComponent {\n public readonly element = injectElement();\n\n /**\n * The identity claims.\n *\n * @type {OdxAuth.IdentityClaims | null}\n * @default null\n */\n @Input()\n public claims: OdxAuth.IdentityClaims | null = null;\n}\n","<odx-list>\n @if (claims?.userProfileUrl; as url) {\n <a odxListItem data-testid=\"odx-auth-user-profile-link\" [href]=\"url\" rel=\"noopener\" target=\"_blank\">\n <odx-icon name=\"core::user-administration\" odxListItemPrefix />\n {{ 'userProfileLink' | odxTranslate | async }}\n </a>\n }\n <button odxListItem odxAuthSignOut data-testid=\"odx-auth-sign-out-button\" style=\"width: 100%\">\n <odx-icon name=\"core::logout\" odxListItemPrefix />\n {{ 'signOutButtonText' | odxTranslate | async }}\n </button>\n</odx-list>\n","import { transition, trigger, useAnimation } from '@angular/animations';\nimport { CommonModule } from '@angular/common';\nimport { ChangeDetectionStrategy, Component, ViewEncapsulation, inject } from '@angular/core';\nimport { fadeOut } from '@odx/angular/animations';\nimport { DynamicViewDirective, DynamicViewRef, DynamicViewService } from '@odx/angular/cdk/dynamic-view';\nimport { CircularProgressComponent } from '@odx/angular/components/circular-progress';\nimport { IconComponent } from '@odx/angular/components/icon';\nimport { LogoDirective } from '@odx/angular/components/logo';\nimport { map } from 'rxjs';\nimport { injectAuthConfig } from '../../auth.config';\nimport { AuthService } from '../../auth.service';\n\n/**\n * Authentication loading screen.\n *\n * This component displays a loading screen with animations and dynamic content\n * based on the authentication state.\n */\n@Component({\n standalone: true,\n // eslint-disable-next-line @angular-eslint/component-selector\n selector: 'div.odx-auth-loading-screen',\n imports: [CommonModule, IconComponent, LogoDirective, CircularProgressComponent, DynamicViewDirective],\n templateUrl: './auth-loading-screen.component.html',\n styleUrls: ['./auth-loading-screen.component.scss'],\n changeDetection: ChangeDetectionStrategy.OnPush,\n encapsulation: ViewEncapsulation.None,\n host: {\n '[@hostAnimation]': 'true',\n },\n animations: [trigger('hostAnimation', [transition(':leave', useAnimation(fadeOut()))])],\n})\nexport class AuthLoadingScreenComponent {\n private static instance: DynamicViewRef<typeof AuthLoadingScreenComponent> | null = null;\n\n protected readonly authConfig = injectAuthConfig();\n protected readonly icon$ = inject(AuthService).isRedirecting$.pipe(map((isRedirecting) => (isRedirecting ? 'core::link-external' : 'core::user')));\n\n /**\n * Initializes the authentication loading screen.\n *\n * @param {AuthService} authService - The authentication service.\n * @param {DynamicViewService} dynamicViewService - The dynamic view service used to create the loading screen.\n * @static\n */\n public static initialize(authService: AuthService, dynamicViewService: DynamicViewService): void {\n authService.isLoading$.subscribe((isLoading) => {\n if (isLoading) {\n AuthLoadingScreenComponent.instance ??= dynamicViewService.createView(AuthLoadingScreenComponent);\n } else {\n AuthLoadingScreenComponent.instance?.destroy();\n AuthLoadingScreenComponent.instance = null;\n }\n });\n }\n}\n","<div class=\"odx-auth-loading-screen__content\" odxLayout=\"grid 12 horizontal-center vertical-center gap-small\">\n <odx-logo size=\"large\" />\n <odx-circular-progress class=\"odx-auth-loading-screen__spinner\" value=\"-1\" size=\"medium\" stroke=\"3\">\n <odx-icon [name]=\"icon$ | async\" />\n </odx-circular-progress>\n @if (authConfig.loadingScreenMessage; as content) {\n <p class=\"odx-auth-loading-screen__message\">\n <ng-template [odxDynamicView]=\"content\" />\n </p>\n }\n</div>\n","import { MemoryStorage, OAuthStorage } from 'angular-oauth2-oidc';\n\n/**\n * A hybrid storage implementation that keeps tokens in memory (cleared on page refresh)\n * but persists only the OAuth flow keys (state, nonce, code_verifier) to sessionStorage\n * so they survive the auth server redirect.\n * Actual tokens remain memory only and are cleared on page refresh.\n */\nexport class HybridMemoryStorage implements OAuthStorage {\n private readonly memoryStorage = new MemoryStorage();\n private readonly persistKeys = ['state', 'nonce', 'PKCE_verifier'];\n\n public getItem(key: string): string | null {\n if (this.persistKeys.includes(key)) {\n return sessionStorage.getItem(key) ?? this.memoryStorage.getItem(key);\n }\n return this.memoryStorage.getItem(key);\n }\n\n public setItem(key: string, value: string): void {\n this.memoryStorage.setItem(key, value);\n if (this.persistKeys.includes(key)) {\n sessionStorage.setItem(key, value);\n }\n }\n\n public removeItem(key: string): void {\n this.memoryStorage.removeItem(key);\n sessionStorage.removeItem(key);\n }\n\n public clear(): void {\n this.persistKeys.forEach((key) => {\n sessionStorage.removeItem(key);\n });\n }\n}\n","import { DestroyRef, inject } from '@angular/core';\nimport { takeUntilDestroyed } from '@angular/core/rxjs-interop';\nimport { Subscription, of } from 'rxjs';\nimport logger from '../auth.logger';\nimport { AuthPluginFactory } from '../models';\n\n/**\n * A factory function that creates a core debug plugin for the authentication service.\n * This plugin logs detailed information about the user's identity claims and tokens.\n *\n * @remarks\n * This plugin is intended for debugging purposes only and should not be used in production environments.\n *\n * @returns {AuthPluginFactory} A function that takes an authentication service and sets up logging for identity claims and tokens.\n */\nexport const coreDebugPlugin: AuthPluginFactory = () => {\n logger.warn('DEBUG MODE ENABLED - DO NOT USE IN PRODUCTION!');\n const destroyRef = inject(DestroyRef);\n let instance: Subscription | null = null;\n\n return (authService) => {\n instance ??= authService.identityClaims$.pipe(takeUntilDestroyed(destroyRef)).subscribe((claims) => {\n logger.info(`User: ${claims?.username} (${claims?.email})`);\n logger.group('Identity claims', (log) => log(claims), false);\n logger.group('Access token', (log) => log(authService.getAccessToken()));\n logger.group('Refresh token', (log) => log(authService.getRefreshToken()));\n logger.group('ID token', (log) => log(authService.getIdToken()));\n });\n\n return of({});\n };\n};\n","import { of } from 'rxjs';\nimport { injectAuthConfig } from '../auth.config';\nimport { AuthPluginFactory } from '../models';\n\n/**\n * Core identity plugin for authentication.\n *\n * This plugin extracts and processes identity claims from the authentication service.\n *\n * @returns {AuthPluginFactory} A factory function that returns an observable with the processed identity claims.\n */\nexport const coreIdentityPlugin: AuthPluginFactory = () => {\n const { resolveEmail, resolveUsername, createInitials } = injectAuthConfig();\n\n return (authService) => {\n const claims = authService.getRawIdentityClaims();\n if (!claims) return of({});\n const username = resolveUsername(claims);\n\n return of({ email: resolveEmail(claims), username, initials: createInitials(username) });\n };\n};\n","import { of } from 'rxjs';\nimport { ODX_AUTH_USER_PROFILE_HOSTS, injectAuthConfig } from '../auth.config';\nimport { AuthPluginFactory } from '../models';\n\n/**\n * A plugin factory that generates a user profile URL plugin.\n *\n * This plugin retrieves the user profile URL from the authentication configuration.\n * If the user profile URL is not specified in the configuration, it falls back to\n * using the default URL for the current environment from `ODX_AUTH_USER_PROFILE_HOSTS`.\n *\n * @returns A function that returns an observable emitting an object containing the user profile URL.\n */\nexport const userProfileUrlPlugin: AuthPluginFactory = () => {\n const { environment, userProfileUrl } = injectAuthConfig();\n return () => {\n return of({ userProfileUrl: userProfileUrl ?? ODX_AUTH_USER_PROFILE_HOSTS[environment] });\n };\n};\n","import { provideHttpClient, withInterceptors } from '@angular/common/http';\nimport {\n EnvironmentProviders,\n InjectionToken,\n inject,\n isDevMode,\n makeEnvironmentProviders,\n provideAppInitializer,\n provideEnvironmentInitializer,\n} from '@angular/core';\nimport { WindowRef } from '@odx/angular';\nimport { DynamicViewService } from '@odx/angular/cdk/dynamic-view';\nimport { ConfigDependencies, ConfigProvider, buildUrl } from '@odx/angular/utils';\nimport { OAuthStorage, provideOAuthClient } from 'angular-oauth2-oidc';\nimport { tap } from 'rxjs';\nimport { AuthConfig, AuthErrorHandlerFn, ODX_AUTH_DEFAULT_SCOPES, injectAuthConfig, provideAuthConfig } from './auth.config';\nimport { authInterceptor } from './auth.interceptor';\nimport logger from './auth.logger';\nimport { AuthService } from './auth.service';\nimport { AuthLoadingScreenComponent } from './components';\nimport { createAuthHostUrl, handleAuthError } from './helpers';\nimport { HybridMemoryStorage } from './hybrid-memory-storage';\nimport { AuthPlugin, AuthPluginErrorHandler, AuthPluginFactory, offlineAuthErrorHandler } from './models';\nimport { coreDebugPlugin, coreIdentityPlugin, userProfileUrlPlugin } from './plugins';\n\nexport const ODX_AUTH_ERROR_HANDLERS = new InjectionToken<AuthErrorHandlerFn[]>('@odx/auth::ErrorHandlers', {\n providedIn: 'root',\n factory: () => {\n const { errorHandler } = injectAuthConfig();\n\n return [offlineAuthErrorHandler, errorHandler];\n },\n});\n\nexport const ODX_AUTH_PLUGINS_ERROR_HANDLER = new InjectionToken<AuthPluginErrorHandler | null>('@odx/auth::PluginsErrorHandler', {\n providedIn: 'root',\n factory: () => injectAuthConfig().pluginsErrorHandler ?? null,\n});\n\nexport const ODX_AUTH_CORE_PLUGINS = new InjectionToken<AuthPluginFactory[]>('@odx/auth::CorePlugins', {\n providedIn: 'root',\n factory: () => {\n const { showDebugInformation } = injectAuthConfig();\n const plugins = [coreIdentityPlugin, userProfileUrlPlugin];\n if (showDebugInformation) {\n plugins.push(coreDebugPlugin);\n }\n\n return plugins;\n },\n});\n\nexport const ODX_AUTH_PLUGINS = new InjectionToken<AuthPlugin[]>('@odx/auth::Plugins', {\n providedIn: 'root',\n factory: () => {\n const { plugins } = injectAuthConfig();\n const corePlugins = inject(ODX_AUTH_CORE_PLUGINS);\n\n return [...corePlugins, ...plugins].map((pluginFactory) => pluginFactory());\n },\n});\n\n/**\n * Provides a logger for the authentication module.\n *\n * @returns {EnvironmentProviders} - The provider for the logger.\n */\nexport function provideAuthLogger(): EnvironmentProviders {\n return provideEnvironmentInitializer(() => {\n const { showDebugInformation } = injectAuthConfig();\n if (!showDebugInformation) logger.disable();\n });\n}\n\n/**\n * Initializes the authentication error handlers.\n */\nexport function initializeAuthErrorHandlers(): void {\n const authService = inject(AuthService);\n const handler = handleAuthError(inject(ODX_AUTH_ERROR_HANDLERS));\n\n authService.errors$.pipe(tap((error) => handler(error))).subscribe();\n}\n\n/**\n * Initializes the authentication configuration.\n *\n * @returns {() => Promise<void>} - A function that returns a promise resolving when the configuration is initialized.\n */\nexport function initializeAuthConfig(): () => Promise<void> {\n const { clientId, scopes, redirectPath, environment, postLogoutRedirectUrl, issuer, timeoutFactor, discoveryUrl, enableLoadingScreen } = injectAuthConfig();\n const authService = inject(AuthService);\n const redirectUri = buildUrl(inject(WindowRef).getOrigin(), redirectPath);\n const scope = Array.from(new Set(ODX_AUTH_DEFAULT_SCOPES.concat(scopes ?? []))).join(' ');\n if (enableLoadingScreen) {\n AuthLoadingScreenComponent.initialize(authService, inject(DynamicViewService));\n }\n return () =>\n authService.initialize({\n clientId,\n issuer: issuer ?? createAuthHostUrl(environment, 'oauth2/default'),\n scope,\n redirectUri,\n postLogoutRedirectUri: postLogoutRedirectUrl,\n preserveRequestedRoute: true,\n strictDiscoveryDocumentValidation: !discoveryUrl,\n responseType: 'code',\n showDebugInformation: false,\n timeoutFactor,\n waitForTokenInMsec: 1000,\n });\n}\n\n/**\n * Creates the OAuth storage instance for the authentication module.\n */\nexport function createAuthStorage(): OAuthStorage {\n const { storage } = injectAuthConfig();\n if (!storage && isDevMode()) {\n console.warn(\n `[@odx/auth] OAuthStorage is using the default in-memory strategy.\\n` +\n `Users will be logged out on page refresh — this is the expected behavior for this storage type.\\n` +\n `To persist sessions across refreshes, provide your preferred storage via the 'storage' option in provideAuth({ storage: ... }).`,\n );\n }\n return storage ?? new HybridMemoryStorage();\n}\n\n/**\n * Provides the authentication configuration and dependencies.\n *\n * @param {ConfigProvider<Partial<AuthConfig>, D>} config - The configuration provider.\n * @returns {EnvironmentProviders} The environment providers for authentication.\n * @template D - Dependency types used by the config factory.\n *\n * @example Provide the authentication configuration and dependencies\n * ```ts\n * providers: [\n * provideAuth({\n * useFactory: ({ environment, auth: { clientId, loadUserProfile } }: ApplicationEnvironment) => ({\n * environment,\n * clientId,\n * loadUserProfile,\n * }),\n * deps: [APPLICATION_ENVIRONMENT],\n * }),\n * ],\n * ```\n */\nexport function provideAuth<D extends ConfigDependencies>(config: ConfigProvider<Partial<AuthConfig>, D>): EnvironmentProviders {\n return makeEnvironmentProviders([\n provideAuthConfig(config),\n provideAuthLogger(),\n provideOAuthClient({ resourceServer: { sendAccessToken: false, allowedUrls: [] } }),\n provideHttpClient(withInterceptors([authInterceptor])),\n provideAppInitializer(() => initializeAuthConfig()()),\n {\n provide: OAuthStorage,\n useFactory: () => createAuthStorage(),\n },\n ]);\n}\n","import { inject, Injectable } from '@angular/core';\nimport { isNumber } from '@odx/angular/utils';\nimport { deepmerge } from 'deepmerge-ts';\nimport { BehaviorSubject, catchError, combineLatest, distinctUntilChanged, filter, map, Observable, of, share, switchMap, take, tap, timeout } from 'rxjs';\nimport { injectAuthConfig } from '../auth.config';\nimport { ODX_AUTH_PLUGINS, ODX_AUTH_PLUGINS_ERROR_HANDLER } from '../auth.providers';\nimport { AuthService } from '../auth.service';\n\nexport type AuthPlugin = (authService: AuthService) => Observable<Partial<OdxAuth.AuthPluginResult>>;\nexport type AuthPluginFactory = () => AuthPlugin;\nexport type AuthPluginError = unknown;\nexport type AuthPluginErrorHandler = (error: AuthPluginError) => void;\n\n@Injectable({ providedIn: 'root' })\nexport class AuthPluginManager {\n private readonly authConfig = injectAuthConfig();\n private readonly pluginsErrorHandler = inject(ODX_AUTH_PLUGINS_ERROR_HANDLER, { optional: true });\n private readonly plugins = inject(ODX_AUTH_PLUGINS);\n private readonly result$$ = new BehaviorSubject<OdxAuth.AuthPluginResult | null>(null);\n\n public readonly pluginsReady$ = this.result$$.pipe(filter(Boolean), map(Boolean), distinctUntilChanged(), share());\n public readonly pluginsLoading$ = this.result$$.pipe(\n map((result) => !result),\n distinctUntilChanged(),\n share(),\n );\n\n public runPlugins(authService: AuthService): Observable<OdxAuth.AuthPluginResult> {\n if (this.plugins.length < 1) {\n return of({} as OdxAuth.AuthPluginResult);\n }\n return authService.waitForAccessToken$(false).pipe(\n switchMap((token) => {\n if (!token) return of([{}]);\n return combineLatest(this.plugins.map((plugin) => this.runPlugin(authService, plugin)));\n }),\n map((results) => deepmerge(...results) as OdxAuth.AuthPluginResult),\n tap((result) => this.result$$.next(result)),\n take(1),\n );\n }\n\n public getResult(): OdxAuth.AuthPluginResult {\n return this.result$$.getValue() ?? ({} as OdxAuth.AuthPluginResult);\n }\n\n private handlePluginError(error?: unknown): Observable<OdxAuth.AuthPluginResult> {\n try {\n this.pluginsErrorHandler?.(error);\n } catch {\n //\n }\n\n return of({} as OdxAuth.AuthPluginResult);\n }\n\n private runPlugin(authService: AuthService, plugin: AuthPlugin): ReturnType<AuthPlugin> {\n return plugin(authService).pipe(\n isNumber(this.authConfig.pluginTimeout) ? timeout(Math.max(0, this.authConfig.pluginTimeout)) : tap(),\n catchError((error) => this.handlePluginError(error)),\n );\n }\n}\n","import { HttpErrorResponse } from '@angular/common/http';\nimport { AuthErrorHandlerFn } from '../auth.config';\n\nexport const offlineAuthErrorHandler: AuthErrorHandlerFn = (error) => {\n if (error.type === 'discovery_document_load_error' && (error.reason as HttpErrorResponse)?.status === 504) {\n return;\n }\n throw error;\n};\n","import { HttpErrorResponse, HttpRequest } from '@angular/common/http';\nimport { Injectable, inject } from '@angular/core';\nimport { Router } from '@angular/router';\nimport { WindowRef } from '@odx/angular';\nimport { AuthConfig, OAuthErrorEvent, OAuthService, TokenResponse } from 'angular-oauth2-oidc';\nimport { deepmerge } from 'deepmerge-ts';\nimport {\n BehaviorSubject,\n Observable,\n catchError,\n combineLatest,\n distinctUntilChanged,\n filter,\n fromEvent,\n map,\n merge,\n of,\n share,\n shareReplay,\n startWith,\n switchMap,\n take,\n tap,\n timeout,\n} from 'rxjs';\nimport { injectAuthConfig } from './auth.config';\nimport { setHttpAuthHeader } from './helpers';\nimport { AuthPluginManager, AuthorizedHandler } from './models';\n\n/**\n * The `AuthService` class provides authentication functionality for an Angular application.\n * It handles OAuth2/OIDC authentication, token management, and user identity claims.\n *\n * Key responsibilities include:\n * - Initializing authentication with a provided configuration.\n * - Managing tokens (access, refresh, and ID tokens).\n * - Checking and emitting authentication and authorization states.\n * - Handling user login and logout flows.\n * - Supporting silent refresh and offline authentication scenarios.\n * - Integrating authentication plugins via `AuthPluginManager`.\n *\n * @example\n * ```typescript\n * // Injecting the AuthService\n * constructor(private authService: AuthService) {}\n *\n * // Using the AuthService to initialize authentication\n * async ngOnInit() {\n * const config: AuthConfig = { clientId: 'your-client-id', discoveryUrl: 'https://example.com/.well-known/openid-configuration' };\n * await this.authService.initialize(config);\n * }\n * ```\n */\n@Injectable({ providedIn: 'root' })\nexport class AuthService {\n private readonly authConfig = injectAuthConfig();\n private readonly authPluginManager = inject(AuthPluginManager);\n private readonly oauthService = inject(OAuthService);\n private readonly router = inject(Router);\n private readonly windowRef = inject(WindowRef);\n\n private readonly isInitialized$$ = new BehaviorSubject(false);\n private readonly isRedirecting$$ = new BehaviorSubject(false);\n private readonly isAuthServerUnavailable$$ = new BehaviorSubject(false);\n private readonly onAccessTokenUpdate$ = fromEvent<StorageEvent>(this.windowRef.nativeWindow, 'storage').pipe(\n filter(({ key }) => key === 'access_token' || key === null),\n startWith(null),\n share(),\n );\n private readonly silentRefreshHandler$ = this.isInitialized$$.pipe(\n filter(Boolean),\n switchMap(() => this.windowRef.isOnline$),\n tap((isOnline) => this.updateSilentRefresh(isOnline)),\n );\n private readonly onAuthStateChange$ = combineLatest([this.oauthService.events.pipe(startWith(null)), this.windowRef.isOnline$, this.onAccessTokenUpdate$]);\n\n /**\n * Emits `true` when the service has completed initialization.\n * Emits `false` until the initialization is complete.\n *\n * @type {Observable<boolean>}\n */\n public readonly isInitialized$ = this.isInitialized$$.pipe(filter(Boolean), distinctUntilChanged());\n\n /**\n * Emits `true` when the user is being redirected to the login page.\n * Emits `false` when there is no redirection in progress.\n *\n * @type {Observable<boolean>}\n */\n public readonly isRedirecting$ = this.isRedirecting$$.pipe(distinctUntilChanged(), shareReplay({ bufferSize: 1, refCount: true }));\n\n /**\n * Emits `true` when the auth server is unavailable.\n * Emits `false` when the auth server is reachable again.\n *\n * @type {Observable<boolean>}\n */\n public readonly isAuthServerUnavailable$ = this.isAuthServerUnavailable$$.pipe(distinctUntilChanged(), shareReplay({ bufferSize: 1, refCount: true }));\n\n /**\n * Emits `true` when the application is in a loading state (e.g., during redirection or plugin initialization).\n * Emits `false` when there is no ongoing loading activity.\n *\n * @type {Observable<boolean>}\n */\n public readonly isLoading$ = merge(this.isRedirecting$, this.authPluginManager.pluginsLoading$).pipe(distinctUntilChanged());\n\n /**\n * Emits `true` when the user is authenticated.\n * Emits `false` when the user is not authenticated.\n *\n * @type {Observable<boolean>}\n */\n public readonly isAuthenticated$ = this.isInitialized$.pipe(\n switchMap(() => this.authPluginManager.pluginsReady$),\n switchMap(() => this.onAuthStateChange$),\n map(() => this.isAuthenticated()),\n distinctUntilChanged(),\n shareReplay({ bufferSize: 1, refCount: true }),\n );\n\n /**\n * Emits the identity claims of the authenticated user.\n * If the user is not authenticated, emits `null`.\n *\n * @type {Observable<OdxAuth.IdentityClaims | null>}\n */\n public readonly identityClaims$ = this.isAuthenticated$.pipe(\n map(() => this.getIdentityClaims()),\n shareReplay({ bufferSize: 1, refCount: true }),\n );\n\n /**\n * Emits OAuth error events.\n *\n * @type {Observable<OAuthErrorEvent>}\n */\n public readonly errors$ = this.oauthService.events.pipe(\n filter((event): event is OAuthErrorEvent => event instanceof OAuthErrorEvent),\n share(),\n );\n\n /**\n * Emits events when an OAuth token is successfully received.\n *\n * @type {Observable<Event>}\n */\n public readonly onTokenReceived$ = this.oauthService.events.pipe(\n filter((event) => event.type === 'token_received'),\n share(),\n );\n\n /**\n * Emits whenever the `access_token` storage entry is updated or cleared.\n * Important note - This relies on browser storage events (e.g., localStorage) when available.\n * By default the library uses in-memory storage, which does not emit storage events.\n * To enable this functionality, configure the library to use a browser storage mechanism that supports events.\n *\n * @type {Observable<StorageEvent | null>}\n */\n public get accessTokenUpdate$(): Observable<StorageEvent | null> {\n return this.onAccessTokenUpdate$;\n }\n\n constructor() {\n this.runPlugins();\n this.silentRefreshHandler$.subscribe();\n this.onTokenReceived$.subscribe(() => this.isAuthServerUnavailable$$.next(false));\n }\n\n /**\n * Initializes the authentication service with the provided configuration.\n *\n * @param {AuthConfig} config - The authentication configuration object.\n * @returns {Promise<void>} Resolves when initialization is complete.\n */\n public async initialize(config: AuthConfig): Promise<void> {\n this.assertAudience(config.clientId);\n this.oauthService.configure({ ...config, openUri: this.redirectToLogin.bind(this) });\n this.isAuthServerUnavailable$$.next(false);\n let redirectTriggeredDuringInit = false;\n\n try {\n await this.oauthService.loadDiscoveryDocument(this.authConfig.discoveryUrl);\n await this.oauthService.tryLogin();\n if (this.authConfig.refreshTokenOnInit) {\n await this.tryRefreshToken();\n }\n } catch (error) {\n const isServerUnavailable = this.setAuthServerUnavailable(error);\n if (!(error instanceof HttpErrorResponse || error instanceof OAuthErrorEvent)) {\n throw error;\n }\n if (\n !isServerUnavailable &&\n (error.type === 'token_refresh_error' || (error instanceof HttpErrorResponse && (error.status === 401 || error.status === 400)))\n ) {\n this.signOut(true);\n this.autoSignIn(this.windowRef.location.pathname);\n redirectTriggeredDuringInit = true;\n }\n }\n this.isInitialized$$.next(true);\n if (!redirectTriggeredDuringInit && this.authConfig.requireSignIn && !this.isAuthenticated()) {\n this.autoSignIn(this.windowRef.location.pathname);\n }\n await this.tryLoadUserProfile();\n await this.routeToRequestedUrl();\n }\n\n /**\n * Runs all authentication plugins registered in the `AuthPluginManager`.\n */\n public runPlugins(): void {\n this.authPluginManager.runPlugins(this).subscribe();\n }\n\n /**\n * Returns the issuer URL for the OAuth server.\n *\n * @returns {URL} The issuer URL.\n */\n public getIssuer(): URL {\n return new URL(this.oauthService.issuer!);\n }\n\n /**\n * Initiates the login flow for the user. Redirects to the login page.\n *\n * @param {string} [url] - The URL to redirect back to after login.\n */\n public signIn(url?: string): void {\n this.oauthService.initLoginFlow(url);\n }\n\n /**\n * Attempts to sign in automatically when the auth server is available.\n * Skips auto sign-in when the auth server is unreachable to avoid login loops.\n */\n public autoSignIn(url?: string): void {\n if (this.shouldSkipAutoSignIn()) return;\n this.signIn(url);\n }\n\n /**\n * Logs the user out and clears their tokens.\n *\n * @param {boolean} [noRedirect] - If `true`, no redirection occurs after logout.\n */\n public signOut(noRedirect?: boolean): void {\n this.oauthService.revokeTokenAndLogout(noRedirect || !this.getAccessToken());\n }\n\n /**\n * Attempts to refresh the user's tokens.\n *\n * @returns {Promise<TokenResponse>} Resolves with the new token response.\n */\n public async refreshTokens(): Promise<TokenResponse> {\n return this.oauthService.refreshToken();\n }\n\n /**\n * Retrieves the current access token, if available.\n *\n * @returns {string | null} The access token, or `null` if not available.\n */\n public getAccessToken(): string | null {\n return this.oauthService.getAccessToken() ?? null;\n }\n\n /**\n * Retrieves the current refresh token, if available.\n *\n * @returns {string | null} The refresh token, or `null` if not available.\n */\n public getRefreshToken(): string | null {\n return this.oauthService.getRefreshToken() ?? null;\n }\n\n /**\n * Retrieves the current ID token, if available.\n *\n * @returns {string | null} The ID token, or `null` if not available.\n */\n public getIdToken(): string | null {\n return this.oauthService.getIdToken() ?? null;\n }\n\n /**\n * Retrieves the identity claims of the authenticated user.\n *\n * @returns {OdxAuth.IdentityClaims | null} The identity claims, or `null` if not available.\n */\n public getIdentityClaims(): OdxAuth.IdentityClaims | null {\n if (!this.getIdToken()) return null;\n return deepmerge(this.oauthService.getIdentityClaims(), this.authPluginManager.getResult()) as OdxAuth.IdentityClaims;\n }\n\n /**\n * Retrieves the raw identity claims of the authenticated user.\n *\n * @returns {OdxAuth.RawIdentityClaims | null} The raw identity claims, or `null` if not available.\n */\n public getRawIdentityClaims(): OdxAuth.RawIdentityClaims | null {\n if (!this.getIdToken()) return null;\n return this.oauthService.getIdentityClaims();\n }\n\n /**\n * Checks if the user is currently authenticated.\n *\n * @returns {boolean} `true` if authenticated, otherwise `false`.\n */\n public isAuthenticated(): boolean {\n if (this.windowRef.isOnline()) {\n return this.oauthService.hasValidAccessToken() && this.oauthService.hasValidIdToken();\n }\n return this.hasValidOfflineToken();\n }\n\n /**\n * Checks if the user is authorized based on the provided handler.\n *\n * @param {AuthorizedHandler | null} [authorizedHandler] - A handler to determine authorization.\n * @returns {boolean} `true` if authorized, otherwise `false`.\n */\n public isAuthorized(authorizedHandler?: AuthorizedHandler | null): boolean {\n const handler = authorizedHandler ?? this.authConfig.defaultAuthorizedHandler;\n\n return this.isAuthenticated() && (handler?.(this.getIdentityClaims(), this, this.router) ?? true);\n }\n\n /**\n * Emits whether the user is authorized based on the provided handler.\n *\n * @param {AuthorizedHandler | null} [authorizedHandler] - A handler to determine authorization.\n * @returns {Observable<boolean>} An observable emitting the authorization status.\n */\n public isAuthorized$(authorizedHandler?: AuthorizedHandler | null): Observable<boolean> {\n return this.isAuthenticated$.pipe(map(() => this.isAuthorized(authorizedHandler)));\n }\n\n /**\n * Prepares an HTTP request by adding the access token to its headers.\n *\n * @param {HttpRequest<T> | Request} req - The HTTP request to prepare.\n * @param {boolean} requireSignIn - Whether to require the user to sign in if no token is available.\n * @returns {Observable<R>} An observable emitting the prepared request.\n * @template R, T\n */\n public prepareAuthRequest$<R extends HttpRequest<T> | Request, T>(req: R, requireSignIn = false): Observable<R> {\n return this.waitForAccessToken$(requireSignIn).pipe(map((token) => setHttpAuthHeader(req, token)));\n }\n\n /**\n * Waits for a valid access token to become available.\n *\n * @param {boolean} requireSignIn - Whether to require the user to sign in if no token is available.\n * @returns {Observable<string | null>} An observable emitting the access token.\n */\n public waitForAccessToken$(requireSignIn: boolean): Observable<string | null> {\n const accessToken$ = of(this.getAccessToken()).pipe(filter((token) => !!token && this.isAuthenticated()));\n const waitForAccessToken$ = this.onTokenReceived$.pipe(\n timeout(this.authConfig.waitForTokenInMs ?? 0),\n catchError(async () => this.tryRefreshToken().catch(() => null)),\n );\n\n return this.isInitialized$.pipe(\n switchMap(() => merge(accessToken$, waitForAccessToken$)),\n take(1),\n map(() => this.getAccessToken()),\n tap((token) => !token && requireSignIn && this.autoSignIn(this.windowRef.location.pathname)),\n );\n }\n\n private async routeToRequestedUrl(): Promise<void> {\n if (!this.oauthService.state || !this.oauthService.hasValidAccessToken()) return;\n await this.router.navigateByUrl(decodeURIComponent(this.oauthService.state));\n }\n\n private hasValidOfflineToken(): boolean {\n const issuedAt = this.getIdentityClaims()?.iat ?? 0;\n\n return Date.now() - issuedAt * 1000 <= this.authConfig.maxOfflineTime * 1000;\n }\n\n private redirectToLogin(uri: string): void {\n this.windowRef.location.assign(uri);\n this.isRedirecting$$.next(true);\n }\n\n private async tryLoadUserProfile(): Promise<void> {\n if (!this.authConfig.loadUserProfile || !this.isAuthenticated()) return;\n await this.oauthService.loadUserProfile().catch(() => null);\n }\n\n private async tryRefreshToken(): Promise<void> {\n if (!this.getRefreshToken()) return;\n try {\n await this.oauthService.refreshToken();\n } catch (error) {\n this.setAuthServerUnavailable(error);\n throw error;\n }\n }\n\n private assertAudience(clientId?: string | null): void {\n const tokenClientId = this.getIdentityClaims()?.aud;\n if (!clientId || !tokenClientId || clientId === tokenClientId) return;\n this.signOut(true);\n }\n\n private updateSilentRefresh(enabled: boolean) {\n if (enabled) {\n this.oauthService.setupAutomaticSilentRefresh();\n } else {\n this.oauthService.stopAutomaticRefresh();\n }\n }\n\n private shouldSkipAutoSignIn(): boolean {\n return this.isAuthServerUnavailable$$.value || !this.windowRef.isOnline() || this.isRedirecting$$.value;\n }\n\n private setAuthServerUnavailable(error: unknown): boolean {\n const status = this.resolveAuthErrorStatus(error);\n if (status === undefined) return false;\n const isUnavailable = status === 0 || status === 503 || status === 504;\n if (isUnavailable) {\n this.isAuthServerUnavailable$$.next(true);\n }\n return isUnavailable;\n }\n\n private resolveAuthErrorStatus(error: HttpErrorResponse | OAuthErrorEvent | unknown): number | undefined {\n if (error instanceof HttpErrorResponse) {\n return error.status;\n }\n if (error instanceof OAuthErrorEvent) {\n const reason = error.reason as Partial<HttpErrorResponse> | undefined;\n return reason?.status;\n }\n return undefined;\n }\n}\n","import { inject } from '@angular/core';\nimport { LanguageLoaderFn } from '@odx/angular/localization';\nimport { isNonEmptyString } from '@odx/angular/utils';\nimport { map } from 'rxjs';\nimport { AuthService } from '../auth.service';\n\ntype LanguageSelector = (claims?: OdxAuth.IdentityClaims | null) => string | null | undefined;\n\n/**\n * A function that creates a language loader function for user authentication.\n *\n * @param {LanguageSelector} languageSelector - A function that takes optional identity claims and returns a language string, null, or undefined.\n * Defaults to a function that returns the preferred language from the claims.\n * @returns {LanguageLoaderFn} - A function that retrieves the user's preferred language from the identity claims.\n */\nexport function userLanguageLoader(languageSelector: LanguageSelector = (claims) => claims?.preferredLanguage): LanguageLoaderFn {\n return () => {\n return inject(AuthService).identityClaims$.pipe(\n map(languageSelector),\n map((value) => (isNonEmptyString(value) ? value : undefined)),\n );\n };\n}\n","import { DynamicTextContent } from '@odx/angular/cdk/dynamic-view';\nimport { createConfigTokens } from '@odx/angular/utils';\nimport { OAuthErrorEvent, OAuthStorage } from 'angular-oauth2-oidc';\nimport { createInitials, resolveEmail, resolveUsername } from './helpers';\n\nimport { AuthEnvironment, AuthorizedHandler, AuthPluginFactory } from './models';\n\nexport const AUTH_HTTP_HEADER = 'Authorization';\nexport const ODX_AUTH_DEFAULT_SCOPES = ['openid', 'profile', 'email', 'offline_access'];\nexport const ODX_AUTH_HOSTS: Record<AuthEnvironment, string> = {\n dev: 'https://dev.login.draeger.com',\n stage: 'https://test.login.draeger.com',\n prod: 'https://login.draeger.com',\n};\nexport const ODX_AUTH_USER_PROFILE_HOSTS: Record<AuthEnvironment, string> = {\n dev: 'https://lemon-ocean-04a922703.3.azurestaticapps.net',\n stage: 'https://purple-cliff-0e61c5703.3.azurestaticapps.net',\n prod: 'https://id.draeger.com',\n};\n\nexport type AuthErrorHandlerFn = (error: OAuthErrorEvent) => void;\nexport type ResolveUsernameFn = (rawClaims: OdxAuth.RawIdentityClaims) => string;\nexport type ResolveEmailFn = (rawClaims: OdxAuth.RawIdentityClaims) => string;\nexport type CreateInitialsFn = (value: string) => string;\n\n/**\n * Configuration options for the authentication module.\n *\n * @interface AuthConfig\n */\nexport interface AuthConfig {\n environment: AuthEnvironment;\n clientId?: string;\n issuer?: string;\n redirectPath: string;\n allowedUrls: Array<string | RegExp>;\n timeoutFactor: number;\n maxOfflineTime: number;\n loadUserProfile: boolean;\n postLogoutRedirectUrl?: string;\n scopes?: string[];\n discoveryUrl?: string;\n errorHandler: AuthErrorHandlerFn;\n createInitials: CreateInitialsFn;\n resolveEmail: ResolveEmailFn;\n resolveUsername: ResolveUsernameFn;\n storage?: OAuthStorage;\n plugins: AuthPluginFactory[];\n pluginsErrorHandler?: (error: unknown) => void;\n defaultAuthorizedHandler?: AuthorizedHandler | null;\n enableLoadingScreen: boolean;\n refreshTokenOnInit?: boolean;\n loadingScreenMessage?: DynamicTextContent | null;\n userProfileUrl?: string;\n requireSignIn?: boolean;\n requireSignInForRequests?: boolean;\n waitForTokenInMs?: number;\n showDebugInformation?: boolean;\n pluginTimeout?: number;\n}\n\n/**\n * Tools for injecting and providing the auth configuration with default configuration for the authentication.\n *\n * @example\n * // Providing custom authentication configuration.\n * ```ts\n * import { createInitials, resolveEmail, resolveUsername } from './helpers';\n *\n * providers: [provideAuthConfig({\n * environment: 'dev',\n * redirectPath: 'login/callback',\n * allowedUrls: [],\n * timeoutFactor: 0.75,\n * maxOfflineTime: 60 * 60, // 1 hour\n * loadUserProfile: false,\n * errorHandler: (error) => {\n * throw error;\n * },\n * createInitials,\n * resolveEmail,\n * resolveUsername,\n * plugins: [],\n * defaultAuthorizedHandler: null,\n * enableLoadingScreen: true,\n * loadingScreenMessage: 'Loading...',\n * waitForTokenInMs: 500,\n *\n * })],\n *\n * // Injecting the datepicker configuration.\n * ```ts\n * @Component({})\n * export class MyComponent {\n * constructor(@Inject(injectAuthConfig()) private readonly authConfig: AuthConfig) {}\n * }\n * ```\n */\nexport const { AuthDefaultConfig, AuthConfig, injectAuthConfig, provideAuthConfig } = createConfigTokens('Auth', '@odx/auth', {\n environment: 'prod',\n redirectPath: 'login/callback',\n allowedUrls: [],\n timeoutFactor: 0.75,\n maxOfflineTime: 24 * 60 * 60, // 1 day\n loadUserProfile: false,\n errorHandler: (error) => {\n throw error;\n },\n createInitials,\n resolveEmail,\n resolveUsername,\n plugins: [],\n defaultAuthorizedHandler: null,\n enableLoadingScreen: true,\n loadingScreenMessage: null,\n waitForTokenInMs: 1000,\n} as AuthConfig);\n","import { TranslationObject } from '@odx/angular/internal/translate';\n\nexport default {\n en: {\n userProfileLink: 'My profile',\n signInButtonText: 'Sign in',\n signOutButtonText: 'Sign out',\n },\n de: {\n userProfileLink: 'Mein Profil',\n signInButtonText: 'Einloggen',\n signOutButtonText: 'Ausloggen',\n },\n} as TranslationObject;\n","import { AsyncPipe } from '@angular/common';\nimport { ChangeDetectionStrategy, Component, inject, input, ViewEncapsulation } from '@angular/core';\nimport { AreaHeaderModule } from '@odx/angular/components/area-header';\nimport { DropdownModule, DropdownOptions } from '@odx/angular/components/dropdown';\nimport { HeaderModule } from '@odx/angular/components/header';\nimport { LoadingSpinnerModule } from '@odx/angular/components/loading-spinner';\nimport { provideTranslations, TranslatePipe } from '@odx/angular/internal/translate';\nimport { Position } from '@odx/angular/utils';\nimport { combineLatest } from 'rxjs';\nimport { injectAuthConfig } from './auth.config';\nimport translations from './auth.i18n';\nimport { AuthService } from './auth.service';\nimport { AuthActionsComponent } from './components';\nimport { SignInDirective } from './directives';\n\n@Component({\n standalone: true,\n selector: 'odx-auth',\n imports: [AreaHeaderModule, DropdownModule, HeaderModule, SignInDirective, LoadingSpinnerModule, AuthActionsComponent, TranslatePipe, AsyncPipe],\n templateUrl: './auth.component.html',\n styleUrls: ['./auth.component.scss'],\n changeDetection: ChangeDetectionStrategy.OnPush,\n encapsulation: ViewEncapsulation.None,\n providers: [provideTranslations(translations)],\n})\nexport class AuthComponent {\n protected readonly authConfig = injectAuthConfig();\n protected readonly authService = inject(AuthService);\n protected readonly dropdownOptions = {\n position: Position.BOTTOM_END,\n enableFallback: false,\n containerClass: 'odx-auth-user-profile',\n } as Partial<DropdownOptions>;\n protected readonly vm$ = combineLatest({\n idClaims: this.authService.identityClaims$,\n isAuthenticated: this.authService.isAuthenticated$,\n });\n\n /**\n * Whether to hide the institution information.\n *\n * @type {InputSignal<boolean>}\n */\n public readonly hideInstitution = input(false);\n}\n","<odx-action-group>\n @if (vm$ | async; as vm) {\n <ng-container ngProjectAs=\"[odxButton]\">\n @if (vm.isAuthenticated) {\n <button odxButton [odxDropdown]=\"userProfileMenu\" [odxDropdownOptions]=\"dropdownOptions\" data-testid=\"odx-auth-user-profile-button\">\n <ng-template [ngTemplateOutlet]=\"userAvatar\" />\n </button>\n } @else {\n <button class=\"odx-auth-sign-in\" odxButton odxAuthSignIn variant=\"secondary\" data-testid=\"odx-auth-sign-in-button\">\n <odx-icon name=\"core::user\" alignLeft />\n {{ 'signInButtonText' | odxTranslate | async }}\n </button>\n }\n <ng-template #userProfileMenu>\n @if (!hideInstitution() && vm.idClaims?.institutionName; as institutionName) {\n <p class=\"odx-padding-x-8\" data-testid=\"odx-auth-institution-name\">{{ institutionName }}</p>\n }\n <odx-area-header class=\"odx-padding-x-8 odx-margin-y-12\" size=\"small\">\n <ng-template [ngTemplateOutlet]=\"userAvatar\" ngProjectAs=\"odx-avatar\" />\n {{ vm.idClaims?.username }}\n <odx-area-header-subtitle>\n {{ vm.idClaims?.email }}\n </odx-area-header-subtitle>\n </odx-area-header>\n <ng-content />\n <odx-auth-actions [claims]=\"vm.idClaims\" />\n </ng-template>\n <ng-template #userAvatar>\n <odx-avatar class=\"odx-auth-user-avatar\">\n {{ vm.idClaims?.initials ?? '' }}\n </odx-avatar>\n </ng-template>\n </ng-container>\n }\n</odx-action-group>\n","import { NgIf, NgIfContext } from '@angular/common';\nimport { AfterViewInit, Directive, inject, Input, TemplateRef } from '@angular/core';\nimport { isString, untilDestroyed } from '@odx/angular/utils';\nimport { AuthService } from './auth.service';\nimport { AuthorizedHandler } from './models';\n\n@Directive({\n standalone: true,\n selector: 'ng-template[odxAuth]',\n hostDirectives: [NgIf],\n})\nexport class AuthDirective implements AfterViewInit {\n private readonly authService = inject(AuthService);\n private readonly ngIfDirective = inject(NgIf, { host: true });\n private readonly takeUntilDestroyed = untilDestroyed();\n\n /**\n * The authorization handler or a string representing the handler.\n *\n * @type {AuthorizedHandler | null | string}\n */\n @Input('odxAuth')\n public authorizationHandler?: AuthorizedHandler | null | string = null;\n\n /**\n * Sets the template to be displayed when the authorization check fails.\n *\n * @param {TemplateRef<NgIfContext<unknown>>} value - The template reference.\n */\n // eslint-disable-next-line @angular-eslint/no-input-rename\n @Input('odxAuthElse')\n public set elseTemplate(value: TemplateRef<NgIfContext<unknown>>) {\n this.ngIfDirective.ngIfElse = value;\n }\n\n public ngAfterViewInit(): void {\n this.authService.identityClaims$.pipe(this.takeUntilDestroyed()).subscribe(() => {\n const handler = isString(this.authorizationHandler) ? null : this.authorizationHandler;\n this.ngIfDirective.ngIf = this.authService.isAuthorized(handler);\n });\n }\n}\n","import { inject } from '@angular/core';\nimport { CanActivateFn, Router } from '@angular/router';\nimport { WindowRef } from '@odx/angular';\nimport { isString } from '@odx/angular/utils';\nimport { EMPTY, of, switchMap, take, tap } from 'rxjs';\nimport { AuthService } from './auth.service';\nimport { AuthorizedHandler } from './models';\n\n/**\n * Guard function to protect routes from unauthorized access.\n *\n * @param {AuthorizedHandler} [authorizedHandler] - Optional handler to check if the user is authorized.\n * @param {string | any[]} [redirectTo] - Optional URL or route to redirect unauthorized users to. Can be a string or an array of strings.\n * @param {boolean} [isExternal=false] - Optional flag to indicate if the redirection should be external. Defaults to false.\n * @returns {CanActivateFn} A function that implements the CanActivateFn interface.\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport function authGuard(authorizedHandler?: AuthorizedHandler, redirectTo?: any[] | string, isExternal = false): CanActivateFn {\n return (_, state) => {\n const authService = inject(AuthService);\n const windowRef = inject(WindowRef);\n const router = inject(Router, { optional: true });\n\n return authService.isAuthenticated$.pipe(\n switchMap((isAuthenticated) => {\n if (!isAuthenticated) {\n authService.autoSignIn(state.url);\n\n return EMPTY;\n }\n return of(authService.isAuthorized(authorizedHandler));\n }),\n tap((isAuthorized) => {\n if (isAuthorized || !router) return;\n if (isString(redirectTo)) {\n if (isExternal) {\n windowRef.location.assign(redirectTo);\n } else {\n router.navigateByUrl(redirectTo);\n }\n } else if (Array.isArray(redirectTo)) {\n router.navigate(redirectTo);\n }\n }),\n take(1),\n );\n };\n}\n","import { NgModule } from '@angular/core';\nimport { AuthComponent } from './auth.component';\nimport { AuthDirective } from './auth.directive';\nimport { SignInDirective, SignOutDirective } from './directives';\n\nconst modules = [AuthComponent, AuthDirective, SignInDirective, SignOutDirective];\n\n@NgModule({\n imports: [...modules],\n exports: [...modules],\n})\nexport class AuthModule {}\n","import { inject } from '@angular/core';\nimport { CanActivateFn, Router } from '@angular/router';\nimport { WindowRef } from '@odx/angular';\nimport { isString } from '@odx/angular/utils';\nimport { map, take, tap } from 'rxjs';\nimport { AuthService } from './auth.service';\nimport { AuthorizedHandler } from './models';\n\n/**\n * Guard function to prevent unauthorized access to routes.\n *\n * @param {AuthorizedHandler} authorizedHandler - Optional handler to check if the user is authorized.\n * @param {any[] | string} redirectTo - Optional URL or route to redirect unauthorized users to. Can be a string or an array of strings.\n * @param {boolean} isExternal - Optional flag to indicate if the redirection should be external. Defaults to false.\n * @returns {CanActivateFn} - A function that implements the CanActivateFn interface.\n */\n// eslint-disable-next-line @typescript-eslint/no-explicit-any\nexport function unauthGuard(authorizedHandler?: AuthorizedHandler, redirectTo?: any[] | string, isExternal = false): CanActivateFn {\n return (_) => {\n const authService = inject(AuthService);\n const router = inject(Router, { optional: true });\n const windowRef = inject(WindowRef);\n\n return authService.isAuthenticated$.pipe(\n map(() => !authService.isAuthorized(authorizedHandler)),\n tap((isUnauthorized) => {\n if (isUnauthorized || !router) return;\n if (isString(redirectTo)) {\n if (isExternal) {\n windowRef.location.assign(redirectTo);\n } else {\n router.navigateByUrl(redirectTo);\n }\n } else if (Array.isArray(redirectTo)) {\n router.navigate(redirectTo);\n }\n }),\n take(1),\n );\n };\n}\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './index';\n"],"names":["i1","i3"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAIA;;;;;;;;;;;AAWG;SACa,iBAAiB,CAAC,WAA4B,EAAE,GAAG,QAAkB,EAAA;IACnF,OAAO,QAAQ,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,GAAG,QAAQ,CAAC;AAC3D;;AClBA;;;;;;;;;;;;;;;;AAgBG;AACG,SAAU,cAAc,CAAC,KAAqB,EAAA;AAClD,IAAA,IAAI,CAAC,KAAK;AAAE,QAAA,OAAO,EAAE;IACrB,MAAM,KAAK,GAAG;AACX,SAAA,OAAO,CAAC,YAAY,EAAE,EAAE;AACxB,SAAA,IAAI;SACJ,KAAK,CAAC,GAAG,CAAC;IAEb,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK,KAAI;AAC5C,QAAA,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE;YAC7C,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE;QACnC;AACA,QAAA,OAAO,QAAQ;IACjB,CAAC,EAAE,EAAE,CAAC;AACR;;AC1BA;;;;;;;;;AASG;AACG,SAAU,eAAe,CAAC,QAA8B,EAAA;AAC5D,IAAA,MAAM,QAAQ,GAAG,MAAM,CAAC,mBAAmB,CAAC;IAE5C,OAAO,CAAC,KAAK,KAAI;AACf,QAAA,qBAAqB,CAAC,QAAQ,EAAE,MAAK;AACnC,YAAA,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE;AAC9B,gBAAA,IAAI;oBACF,OAAO,CAAC,KAAK,CAAC;oBACd;gBACF;gBAAE,OAAO,cAAc,EAAE;AACvB,oBAAA,IAAI,EAAE,cAAc,YAAY,eAAe,CAAC;AAAE,wBAAA,MAAM,KAAK;oBAC7D;gBACF;YACF;AACF,QAAA,CAAC,CAAC;AACJ,IAAA,CAAC;AACH;;AC3BA;;;;;;;AAOG;AACG,SAAU,gBAAgB,CAAuB,IAAe,EAAE,OAAoC,EAAA;AAC1G,IAAA,OAAO,CAAC,OAAsB,KAC5B,OAAO,CAAC,IAAI,CACV,MAAM,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC,EACtC,SAAS,CAAC,CAAC,KAAK,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC,CACrC;AACL;;ACfA;;;;;;;;;;;;;;;;;;;AAmBG;AACG,SAAU,YAAY,CAAC,MAAiC,EAAA;IAC5D,IAAI,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE;AAC7B,QAAA,OAAO,MAAM,CAAC,OAAO,CAAC;IACxB;IACA,IAAI,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,EAAE;AACrC,QAAA,OAAO,MAAM,CAAC,eAAe,CAAC;IAChC;IACA,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE;AACpE,QAAA,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC5B;AACA,IAAA,OAAO,EAAE;AACX;;AC/BA;;;;;;;;;;;;;;;;;;;;AAoBG;AACG,SAAU,eAAe,CAAC,MAAiC,EAAA;AAC/D,IAAA,IAAI,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,EAAE;QACjE,OAAO,CAAA,EAAG,MAAM,CAAC,WAAW,CAAC,CAAA,CAAA,EAAI,MAAM,CAAC,UAAU,CAAC,CAAA,CAAE;IACvD;AACA,IAAA,IAAI,QAAQ,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,EAAE;QACrE,OAAO,CAAA,EAAG,MAAM,CAAC,YAAY,CAAC,CAAA,CAAA,EAAI,MAAM,CAAC,aAAa,CAAC,CAAA,CAAE;IAC3D;IACA,IAAI,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE;AAC5B,QAAA,OAAO,MAAM,CAAC,MAAM,CAAC;IACvB;IACA,IAAI,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,EAAE;AACnC,QAAA,OAAO,MAAM,CAAC,aAAa,CAAC;IAC9B;AAEA,IAAA,OAAO,EAAE;AACX;;ACnCA;;;;;;;;AAQG;AACG,SAAU,iBAAiB,CAAwC,GAAM,EAAE,KAAqB,EAAA;AACpG,IAAA,IAAI,CAAC,KAAK;AAAE,QAAA,OAAO,GAAG;AACtB,IAAA,MAAM,MAAM,GAAG,CAAA,OAAA,EAAU,KAAK,EAAE;AAChC,IAAA,IAAI,GAAG,YAAY,WAAW,EAAE;AAC9B,QAAA,OAAO,GAAG,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,MAAM,CAAC,EAAE,CAAM;IAC/E;IACA,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,MAAM,CAAC;AAEzC,IAAA,OAAO,GAAG;AACZ;;AClBO,MAAM,eAAe,GAAG;;ACIxB,MAAM,qBAAqB,GAAG,IAAI,gBAAgB,CAAU,MAAM,KAAK;AAE9E;;;;;;AAMG;MACU,eAAe,GAAsB,CAAC,GAAG,EAAE,IAAI,KAAI;IAC9D,MAAM,EAAE,WAAW,EAAE,wBAAwB,EAAE,GAAG,gBAAgB,EAAE;IACpE,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,UAAU,KAAK,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;AACpF,IAAA,IAAI,CAAC,YAAY,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,EAAE;AAC5D,QAAA,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB;AAEA,IAAA,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,mBAAmB,CAAC,GAAG,EAAE,wBAAwB,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;AACpG;;ACtBA,aAAe,IAAI,MAAM,CAAC,WAAW,CAAC;;ACGtC;;;;;AAKG;MAEmB,mBAAmB,CAAA;AADzC,IAAA,WAAA,GAAA;QAEmB,IAAA,CAAA,kBAAkB,GAAG,cAAc,EAAE;QACrC,IAAA,CAAA,uBAAuB,GAAG,MAAM,CAAC,uBAAuB,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACvE,QAAA,IAAA,CAAA,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;AAUrD,IAAA;IARQ,eAAe,GAAA;AACpB,QAAA,IAAI,CAAC,uBAAuB,CAAC,SAAS,GAAG,IAAI;AAC7C,QAAA,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,aAAa,KAAI;AAC1F,YAAA,IAAI,CAAC,uBAAuB,CAAC,SAAS,GAAG,aAAa;AACxD,QAAA,CAAC,CAAC;IACJ;+GAVoB,mBAAmB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAAnB,mBAAmB,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,EAAA,EAAA,CAAA,CAAA;;4FAAnB,mBAAmB,EAAA,UAAA,EAAA,CAAA;kBADxC;;;ACXD;;;;;;;;;;;;;AAaG;AAUG,MAAO,eAAgB,SAAQ,mBAAmB,CAAA;AALxD,IAAA,WAAA,GAAA;;AAME;;;;AAIG;;AAGI,QAAA,IAAA,CAAA,WAAW,GAAG,IAAI,YAAY,EAAQ;AAO9C,IAAA;IAJoB,WAAW,GAAA;AAC5B,QAAA,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE;AACzB,QAAA,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE;IACzB;+GAdW,eAAe,EAAA,IAAA,EAAA,IAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAAf,eAAe,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,4BAAA,EAAA,OAAA,EAAA,EAAA,WAAA,EAAA,eAAA,EAAA,EAAA,IAAA,EAAA,EAAA,SAAA,EAAA,EAAA,OAAA,EAAA,eAAA,EAAA,EAAA,EAAA,eAAA,EAAA,IAAA,EAAA,cAAA,EAAA,CAAA,EAAA,SAAA,EAAA,EAAA,CAAA,uBAAA,EAAA,CAAA,EAAA,QAAA,EAAA,EAAA,EAAA,CAAA,CAAA;;4FAAf,eAAe,EAAA,UAAA,EAAA,CAAA;kBAL3B,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,4BAA4B;oBACtC,cAAc,EAAE,CAAC,uBAAuB,CAAC;AAC1C,iBAAA;;sBAQE,MAAM;uBAAC,eAAe;;sBAGtB,YAAY;uBAAC,OAAO;;;AC7BvB;;;;;;;;;;;;;AAaG;AAMG,MAAO,gBAAiB,SAAQ,mBAAmB,CAAA;AALzD,IAAA,WAAA,GAAA;;AAME;;;AAGG;AAEI,QAAA,IAAA,CAAA,YAAY,GAAG,IAAI,YAAY,EAAQ;AAO/C,IAAA;IAJoB,WAAW,GAAA;AAC5B,QAAA,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE;AAC1B,QAAA,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE;IAC1B;+GAZW,gBAAgB,EAAA,IAAA,EAAA,IAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAAhB,gBAAgB,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,kBAAA,EAAA,OAAA,EAAA,EAAA,YAAA,EAAA,gBAAA,EAAA,EAAA,IAAA,EAAA,EAAA,SAAA,EAAA,EAAA,OAAA,EAAA,eAAA,EAAA,EAAA,EAAA,eAAA,EAAA,IAAA,EAAA,cAAA,EAAA,CAAA,EAAA,SAAA,EAAA,EAAA,CAAA,uBAAA,EAAA,CAAA,EAAA,QAAA,EAAA,EAAA,EAAA,CAAA,CAAA;;4FAAhB,gBAAgB,EAAA,UAAA,EAAA,CAAA;kBAL5B,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,kBAAkB;oBAC5B,cAAc,EAAE,CAAC,uBAAuB,CAAC;AAC1C,iBAAA;;sBAME,MAAM;uBAAC,gBAAgB;;sBAGvB,YAAY;uBAAC,OAAO;;;ACvBvB;;AAEG;AAUI,IAAM,oBAAoB,GAA1B,MAAM,oBAAoB,CAAA;AAA1B,IAAA,WAAA,GAAA;QACW,IAAA,CAAA,OAAO,GAAG,aAAa,EAAE;AAEzC;;;;;AAKG;QAEI,IAAA,CAAA,MAAM,GAAkC,IAAI;AACpD,IAAA;+GAXY,oBAAoB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAApB,oBAAoB,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,kBAAA,EAAA,MAAA,EAAA,EAAA,MAAA,EAAA,QAAA,EAAA,EAAA,QAAA,EAAA,EAAA,EAAA,QAAA,ECpBjC,wiBAYA,EAAA,YAAA,EAAA,CAAA,EAAA,IAAA,EAAA,UAAA,EAAA,IAAA,EDGY,UAAU,8BAAE,UAAU,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAAA,IAAA,CAAA,aAAA,EAAA,QAAA,EAAA,UAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAAA,IAAA,CAAA,iBAAA,EAAA,QAAA,EAAA,8BAAA,EAAA,MAAA,EAAA,CAAA,SAAA,EAAA,OAAA,EAAA,UAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAA,EAAA,CAAA,aAAA,EAAA,QAAA,EAAA,UAAA,EAAA,MAAA,EAAA,CAAA,MAAA,EAAA,MAAA,EAAA,KAAA,EAAA,YAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAiB,gBAAgB,EAAA,QAAA,EAAA,kBAAA,EAAA,OAAA,EAAA,CAAA,gBAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,MAAA,EAAA,IAAA,EAAAC,IAAA,CAAA,SAAA,EAAA,IAAA,EAAA,OAAA,EAAA,EAAA,EAAA,IAAA,EAAA,MAAA,EAAA,IAAA,EAA/B,aAAa,EAAA,IAAA,EAAA,cAAA,EAAA,CAAA,EAAA,eAAA,EAAA,EAAA,CAAA,uBAAA,CAAA,MAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA,CAAA;;AAKpC,oBAAoB,GAAA,UAAA,CAAA;IAThC,YAAY,CAAC,cAAc;AASf,CAAA,EAAA,oBAAoB,CAWhC;4FAXY,oBAAoB,EAAA,UAAA,EAAA,CAAA;kBARhC,SAAS;AACI,YAAA,IAAA,EAAA,CAAA,EAAA,UAAA,EAAA,IAAI,YACN,kBAAkB,EAAA,OAAA,EACnB,CAAC,UAAU,EAAE,UAAU,EAAE,aAAa,EAAE,gBAAgB,CAAC,mBAEjD,uBAAuB,CAAC,MAAM,EAAA,aAAA,EAChC,iBAAiB,CAAC,IAAI,EAAA,QAAA,EAAA,wiBAAA,EAAA;;sBAWpC;;;AEjBH;;;;;AAKG;MAeU,0BAA0B,CAAA;AAdvC,IAAA,WAAA,GAAA;QAiBqB,IAAA,CAAA,UAAU,GAAG,gBAAgB,EAAE;AAC/B,QAAA,IAAA,CAAA,KAAK,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,aAAa,MAAM,aAAa,GAAG,qBAAqB,GAAG,YAAY,CAAC,CAAC,CAAC;AAmBnJ,IAAA;aAtBgB,IAAA,CAAA,QAAQ,GAA6D,IAA7D,CAAkE;AAKzF;;;;;;AAMG;AACI,IAAA,OAAO,UAAU,CAAC,WAAwB,EAAE,kBAAsC,EAAA;QACvF,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,SAAS,KAAI;YAC7C,IAAI,SAAS,EAAE;gBACb,0BAA0B,CAAC,QAAQ,KAAK,kBAAkB,CAAC,UAAU,CAAC,0BAA0B,CAAC;YACnG;iBAAO;AACL,gBAAA,0BAA0B,CAAC,QAAQ,EAAE,OAAO,EAAE;AAC9C,gBAAA,0BAA0B,CAAC,QAAQ,GAAG,IAAI;YAC5C;AACF,QAAA,CAAC,CAAC;IACJ;+GAtBW,0BAA0B,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;AAA1B,IAAA,SAAA,IAAA,CAAA,IAAA,GAAA,EAAA,CAAA,oBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,SAAA,EAAA,IAAA,EAAA,0BAA0B,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,6BAAA,EAAA,IAAA,EAAA,EAAA,UAAA,EAAA,EAAA,gBAAA,EAAA,MAAA,EAAA,EAAA,EAAA,QAAA,EAAA,EAAA,EAAA,QAAA,EChCvC,kgBAWA,EAAA,MAAA,EAAA,CAAA,grBAAA,CAAA,EAAA,YAAA,EAAA,CAAA,EAAA,IAAA,EAAA,UAAA,EAAA,IAAA,EDWY,YAAY,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,aAAa,EAAA,QAAA,EAAA,UAAA,EAAA,MAAA,EAAA,CAAA,MAAA,EAAA,MAAA,EAAA,KAAA,EAAA,YAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,aAAa,EAAA,QAAA,EAAA,UAAA,EAAA,MAAA,EAAA,CAAA,MAAA,EAAA,SAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,yBAAyB,EAAA,QAAA,EAAA,uBAAA,EAAA,MAAA,EAAA,CAAA,QAAA,EAAA,MAAA,EAAA,OAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,oBAAoB,gMAQzF,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAA,eAAA,EAAA,EAAA,CAAA,uBAAA,CAAA,MAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA,CAAA;;4FAE5E,0BAA0B,EAAA,UAAA,EAAA,CAAA;kBAdtC,SAAS;iCACI,IAAI,EAAA,QAAA,EAEN,6BAA6B,EAAA,OAAA,EAC9B,CAAC,YAAY,EAAE,aAAa,EAAE,aAAa,EAAE,yBAAyB,EAAE,oBAAoB,CAAC,mBAGrF,uBAAuB,CAAC,MAAM,EAAA,aAAA,EAChC,iBAAiB,CAAC,IAAI,EAAA,IAAA,EAC/B;AACJ,wBAAA,kBAAkB,EAAE,MAAM;AAC3B,qBAAA,EAAA,UAAA,EACW,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAA,QAAA,EAAA,kgBAAA,EAAA,MAAA,EAAA,CAAA,grBAAA,CAAA,EAAA;;;AE5BzF;;;;;AAKG;MACU,mBAAmB,CAAA;AAAhC,IAAA,WAAA,GAAA;AACmB,QAAA,IAAA,CAAA,aAAa,GAAG,IAAI,aAAa,EAAE;QACnC,IAAA,CAAA,WAAW,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,eAAe,CAAC;IA0BpE;AAxBS,IAAA,OAAO,CAAC,GAAW,EAAA;QACxB,IAAI,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;AAClC,YAAA,OAAO,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC;QACvE;QACA,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC;IACxC;IAEO,OAAO,CAAC,GAAW,EAAE,KAAa,EAAA;QACvC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC;QACtC,IAAI,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;AAClC,YAAA,cAAc,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC;QACpC;IACF;AAEO,IAAA,UAAU,CAAC,GAAW,EAAA;AAC3B,QAAA,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,GAAG,CAAC;AAClC,QAAA,cAAc,CAAC,UAAU,CAAC,GAAG,CAAC;IAChC;IAEO,KAAK,GAAA;QACV,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,GAAG,KAAI;AAC/B,YAAA,cAAc,CAAC,UAAU,CAAC,GAAG,CAAC;AAChC,QAAA,CAAC,CAAC;IACJ;AACD;;AC9BD;;;;;;;;AAQG;AACI,MAAM,eAAe,GAAsB,MAAK;AACrD,IAAA,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC;AAC7D,IAAA,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;IACrC,IAAI,QAAQ,GAAwB,IAAI;IAExC,OAAO,CAAC,WAAW,KAAI;AACrB,QAAA,QAAQ,KAAK,WAAW,CAAC,eAAe,CAAC,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,MAAM,KAAI;AACjG,YAAA,MAAM,CAAC,IAAI,CAAC,CAAA,MAAA,EAAS,MAAM,EAAE,QAAQ,CAAA,EAAA,EAAK,MAAM,EAAE,KAAK,CAAA,CAAA,CAAG,CAAC;AAC3D,YAAA,MAAM,CAAC,KAAK,CAAC,iBAAiB,EAAE,CAAC,GAAG,KAAK,GAAG,CAAC,MAAM,CAAC,EAAE,KAAK,CAAC;AAC5D,YAAA,MAAM,CAAC,KAAK,CAAC,cAAc,EAAE,CAAC,GAAG,KAAK,GAAG,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC,CAAC;AACxE,YAAA,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC,GAAG,KAAK,GAAG,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC,CAAC;AAC1E,YAAA,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,GAAG,KAAK,GAAG,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC;AAClE,QAAA,CAAC,CAAC;AAEF,QAAA,OAAO,EAAE,CAAC,EAAE,CAAC;AACf,IAAA,CAAC;AACH;;AC3BA;;;;;;AAMG;AACI,MAAM,kBAAkB,GAAsB,MAAK;IACxD,MAAM,EAAE,YAAY,EAAE,eAAe,EAAE,cAAc,EAAE,GAAG,gBAAgB,EAAE;IAE5E,OAAO,CAAC,WAAW,KAAI;AACrB,QAAA,MAAM,MAAM,GAAG,WAAW,CAAC,oBAAoB,EAAE;AACjD,QAAA,IAAI,CAAC,MAAM;AAAE,YAAA,OAAO,EAAE,CAAC,EAAE,CAAC;AAC1B,QAAA,MAAM,QAAQ,GAAG,eAAe,CAAC,MAAM,CAAC;QAExC,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,MAAM,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;AAC1F,IAAA,CAAC;AACH;;ACjBA;;;;;;;;AAQG;AACI,MAAM,oBAAoB,GAAsB,MAAK;IAC1D,MAAM,EAAE,WAAW,EAAE,cAAc,EAAE,GAAG,gBAAgB,EAAE;AAC1D,IAAA,OAAO,MAAK;AACV,QAAA,OAAO,EAAE,CAAC,EAAE,cAAc,EAAE,cAAc,IAAI,2BAA2B,CAAC,WAAW,CAAC,EAAE,CAAC;AAC3F,IAAA,CAAC;AACH;;MCOa,uBAAuB,GAAG,IAAI,cAAc,CAAuB,0BAA0B,EAAE;AAC1G,IAAA,UAAU,EAAE,MAAM;IAClB,OAAO,EAAE,MAAK;AACZ,QAAA,MAAM,EAAE,YAAY,EAAE,GAAG,gBAAgB,EAAE;AAE3C,QAAA,OAAO,CAAC,uBAAuB,EAAE,YAAY,CAAC;IAChD,CAAC;AACF,CAAA;MAEY,8BAA8B,GAAG,IAAI,cAAc,CAAgC,gCAAgC,EAAE;AAChI,IAAA,UAAU,EAAE,MAAM;IAClB,OAAO,EAAE,MAAM,gBAAgB,EAAE,CAAC,mBAAmB,IAAI,IAAI;AAC9D,CAAA;MAEY,qBAAqB,GAAG,IAAI,cAAc,CAAsB,wBAAwB,EAAE;AACrG,IAAA,UAAU,EAAE,MAAM;IAClB,OAAO,EAAE,MAAK;AACZ,QAAA,MAAM,EAAE,oBAAoB,EAAE,GAAG,gBAAgB,EAAE;AACnD,QAAA,MAAM,OAAO,GAAG,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;QAC1D,IAAI,oBAAoB,EAAE;AACxB,YAAA,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC;QAC/B;AAEA,QAAA,OAAO,OAAO;IAChB,CAAC;AACF,CAAA;MAEY,gBAAgB,GAAG,IAAI,cAAc,CAAe,oBAAoB,EAAE;AACrF,IAAA,UAAU,EAAE,MAAM;IAClB,OAAO,EAAE,MAAK;AACZ,QAAA,MAAM,EAAE,OAAO,EAAE,GAAG,gBAAgB,EAAE;AACtC,QAAA,MAAM,WAAW,GAAG,MAAM,CAAC,qBAAqB,CAAC;AAEjD,QAAA,OAAO,CAAC,GAAG,WAAW,EAAE,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,aAAa,KAAK,aAAa,EAAE,CAAC;IAC7E,CAAC;AACF,CAAA;AAED;;;;AAIG;SACa,iBAAiB,GAAA;IAC/B,OAAO,6BAA6B,CAAC,MAAK;AACxC,QAAA,MAAM,EAAE,oBAAoB,EAAE,GAAG,gBAAgB,EAAE;AACnD,QAAA,IAAI,CAAC,oBAAoB;YAAE,MAAM,CAAC,OAAO,EAAE;AAC7C,IAAA,CAAC,CAAC;AACJ;AAEA;;AAEG;SACa,2BAA2B,GAAA;AACzC,IAAA,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;IACvC,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,uBAAuB,CAAC,CAAC;IAEhE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE;AACtE;AAEA;;;;AAIG;SACa,oBAAoB,GAAA;IAClC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,EAAE,aAAa,EAAE,YAAY,EAAE,mBAAmB,EAAE,GAAG,gBAAgB,EAAE;AAC3J,IAAA,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;AACvC,IAAA,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,EAAE,EAAE,YAAY,CAAC;IACzE,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,uBAAuB,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;IACzF,IAAI,mBAAmB,EAAE;QACvB,0BAA0B,CAAC,UAAU,CAAC,WAAW,EAAE,MAAM,CAAC,kBAAkB,CAAC,CAAC;IAChF;AACA,IAAA,OAAO,MACL,WAAW,CAAC,UAAU,CAAC;QACrB,QAAQ;QACR,MAAM,EAAE,MAAM,IAAI,iBAAiB,CAAC,WAAW,EAAE,gBAAgB,CAAC;QAClE,KAAK;QACL,WAAW;AACX,QAAA,qBAAqB,EAAE,qBAAqB;AAC5C,QAAA,sBAAsB,EAAE,IAAI;QAC5B,iCAAiC,EAAE,CAAC,YAAY;AAChD,QAAA,YAAY,EAAE,MAAM;AACpB,QAAA,oBAAoB,EAAE,KAAK;QAC3B,aAAa;AACb,QAAA,kBAAkB,EAAE,IAAI;AACzB,KAAA,CAAC;AACN;AAEA;;AAEG;SACa,iBAAiB,GAAA;AAC/B,IAAA,MAAM,EAAE,OAAO,EAAE,GAAG,gBAAgB,EAAE;AACtC,IAAA,IAAI,CAAC,OAAO,IAAI,SAAS,EAAE,EAAE;QAC3B,OAAO,CAAC,IAAI,CACV,CAAA,mEAAA,CAAqE;YACnE,CAAA,iGAAA,CAAmG;AACnG,YAAA,CAAA,+HAAA,CAAiI,CACpI;IACH;AACA,IAAA,OAAO,OAAO,IAAI,IAAI,mBAAmB,EAAE;AAC7C;AAEA;;;;;;;;;;;;;;;;;;;;AAoBG;AACG,SAAU,WAAW,CAA+B,MAA8C,EAAA;AACtG,IAAA,OAAO,wBAAwB,CAAC;QAC9B,iBAAiB,CAAC,MAAM,CAAC;AACzB,QAAA,iBAAiB,EAAE;AACnB,QAAA,kBAAkB,CAAC,EAAE,cAAc,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE,EAAE,EAAE,CAAC;AACnF,QAAA,iBAAiB,CAAC,gBAAgB,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC;AACtD,QAAA,qBAAqB,CAAC,MAAM,oBAAoB,EAAE,EAAE,CAAC;AACrD,QAAA;AACE,YAAA,OAAO,EAAE,YAAY;AACrB,YAAA,UAAU,EAAE,MAAM,iBAAiB,EAAE;AACtC,SAAA;AACF,KAAA,CAAC;AACJ;;MCnJa,iBAAiB,CAAA;AAD9B,IAAA,WAAA,GAAA;QAEmB,IAAA,CAAA,UAAU,GAAG,gBAAgB,EAAE;QAC/B,IAAA,CAAA,mBAAmB,GAAG,MAAM,CAAC,8BAA8B,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;AAChF,QAAA,IAAA,CAAA,OAAO,GAAG,MAAM,CAAC,gBAAgB,CAAC;AAClC,QAAA,IAAA,CAAA,QAAQ,GAAG,IAAI,eAAe,CAAkC,IAAI,CAAC;QAEtE,IAAA,CAAA,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,oBAAoB,EAAE,EAAE,KAAK,EAAE,CAAC;QAClG,IAAA,CAAA,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAClD,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,MAAM,CAAC,EACxB,oBAAoB,EAAE,EACtB,KAAK,EAAE,CACR;AAqCF,IAAA;AAnCQ,IAAA,UAAU,CAAC,WAAwB,EAAA;QACxC,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE;AAC3B,YAAA,OAAO,EAAE,CAAC,EAA8B,CAAC;QAC3C;AACA,QAAA,OAAO,WAAW,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,IAAI,CAChD,SAAS,CAAC,CAAC,KAAK,KAAI;AAClB,YAAA,IAAI,CAAC,KAAK;AAAE,gBAAA,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;YAC3B,OAAO,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC;AACzF,QAAA,CAAC,CAAC,EACF,GAAG,CAAC,CAAC,OAAO,KAAK,SAAS,CAAC,GAAG,OAAO,CAA6B,CAAC,EACnE,GAAG,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAC3C,IAAI,CAAC,CAAC,CAAC,CACR;IACH;IAEO,SAAS,GAAA;QACd,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,IAAK,EAA+B;IACrE;AAEQ,IAAA,iBAAiB,CAAC,KAAe,EAAA;AACvC,QAAA,IAAI;AACF,YAAA,IAAI,CAAC,mBAAmB,GAAG,KAAK,CAAC;QACnC;AAAE,QAAA,MAAM;;QAER;AAEA,QAAA,OAAO,EAAE,CAAC,EAA8B,CAAC;IAC3C;IAEQ,SAAS,CAAC,WAAwB,EAAE,MAAkB,EAAA;QAC5D,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAC7B,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,GAAG,GAAG,EAAE,EACrG,UAAU,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CACrD;IACH;+GA/CW,iBAAiB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA,CAAA;AAAjB,IAAA,SAAA,IAAA,CAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,SAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,iBAAiB,cADJ,MAAM,EAAA,CAAA,CAAA;;4FACnB,iBAAiB,EAAA,UAAA,EAAA,CAAA;kBAD7B,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;;ACV3B,MAAM,uBAAuB,GAAuB,CAAC,KAAK,KAAI;AACnE,IAAA,IAAI,KAAK,CAAC,IAAI,KAAK,+BAA+B,IAAK,KAAK,CAAC,MAA4B,EAAE,MAAM,KAAK,GAAG,EAAE;QACzG;IACF;AACA,IAAA,MAAM,KAAK;AACb;;ACqBA;;;;;;;;;;;;;;;;;;;;;;;AAuBG;MAEU,WAAW,CAAA;AAmGtB;;;;;;;AAOG;AACH,IAAA,IAAW,kBAAkB,GAAA;QAC3B,OAAO,IAAI,CAAC,oBAAoB;IAClC;AAEA,IAAA,WAAA,GAAA;QA9GiB,IAAA,CAAA,UAAU,GAAG,gBAAgB,EAAE;AAC/B,QAAA,IAAA,CAAA,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAC;AAC7C,QAAA,IAAA,CAAA,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;AACnC,QAAA,IAAA,CAAA,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;AACvB,QAAA,IAAA,CAAA,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;AAE7B,QAAA,IAAA,CAAA,eAAe,GAAG,IAAI,eAAe,CAAC,KAAK,CAAC;AAC5C,QAAA,IAAA,CAAA,eAAe,GAAG,IAAI,eAAe,CAAC,KAAK,CAAC;AAC5C,QAAA,IAAA,CAAA,yBAAyB,GAAG,IAAI,eAAe,CAAC,KAAK,CAAC;AACtD,QAAA,IAAA,CAAA,oBAAoB,GAAG,SAAS,CAAe,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC,IAAI,CAC1G,MAAM,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,GAAG,KAAK,cAAc,IAAI,GAAG,KAAK,IAAI,CAAC,EAC3D,SAAS,CAAC,IAAI,CAAC,EACf,KAAK,EAAE,CACR;AACgB,QAAA,IAAA,CAAA,qBAAqB,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAChE,MAAM,CAAC,OAAO,CAAC,EACf,SAAS,CAAC,MAAM,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EACzC,GAAG,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,CACtD;AACgB,QAAA,IAAA,CAAA,kBAAkB,GAAG,aAAa,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,CAAC,oBAAoB,CAAC,CAAC;AAE1J;;;;;AAKG;AACa,QAAA,IAAA,CAAA,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,oBAAoB,EAAE,CAAC;AAEnG;;;;;AAKG;QACa,IAAA,CAAA,cAAc,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;AAElI;;;;;AAKG;QACa,IAAA,CAAA,wBAAwB,GAAG,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;AAEtJ;;;;;AAKG;AACa,QAAA,IAAA,CAAA,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,iBAAiB,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;AAE5H;;;;;AAKG;QACa,IAAA,CAAA,gBAAgB,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CACzD,SAAS,CAAC,MAAM,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,EACrD,SAAS,CAAC,MAAM,IAAI,CAAC,kBAAkB,CAAC,EACxC,GAAG,CAAC,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC,EACjC,oBAAoB,EAAE,EACtB,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAC/C;AAED;;;;;AAKG;AACa,QAAA,IAAA,CAAA,eAAe,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAC1D,GAAG,CAAC,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC,EACnC,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAC/C;AAED;;;;AAIG;QACa,IAAA,CAAA,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CACrD,MAAM,CAAC,CAAC,KAAK,KAA+B,KAAK,YAAY,eAAe,CAAC,EAC7E,KAAK,EAAE,CACR;AAED;;;;AAIG;QACa,IAAA,CAAA,gBAAgB,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAC9D,MAAM,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,IAAI,KAAK,gBAAgB,CAAC,EAClD,KAAK,EAAE,CACR;QAeC,IAAI,CAAC,UAAU,EAAE;AACjB,QAAA,IAAI,CAAC,qBAAqB,CAAC,SAAS,EAAE;AACtC,QAAA,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,MAAM,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACnF;AAEA;;;;;AAKG;IACI,MAAM,UAAU,CAAC,MAAkB,EAAA;AACxC,QAAA,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,QAAQ,CAAC;QACpC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,EAAE,GAAG,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;AACpF,QAAA,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC;QAC1C,IAAI,2BAA2B,GAAG,KAAK;AAEvC,QAAA,IAAI;AACF,YAAA,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC;AAC3E,YAAA,MAAM,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE;AAClC,YAAA,IAAI,IAAI,CAAC,UAAU,CAAC,kBAAkB,EAAE;AACtC,gBAAA,MAAM,IAAI,CAAC,eAAe,EAAE;YAC9B;QACF;QAAE,OAAO,KAAK,EAAE;YACd,MAAM,mBAAmB,GAAG,IAAI,CAAC,wBAAwB,CAAC,KAAK,CAAC;YAChE,IAAI,EAAE,KAAK,YAAY,iBAAiB,IAAI,KAAK,YAAY,eAAe,CAAC,EAAE;AAC7E,gBAAA,MAAM,KAAK;YACb;AACA,YAAA,IACE,CAAC,mBAAmB;iBACnB,KAAK,CAAC,IAAI,KAAK,qBAAqB,KAAK,KAAK,YAAY,iBAAiB,KAAK,KAAK,CAAC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,EAChI;AACA,gBAAA,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;gBAClB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACjD,2BAA2B,GAAG,IAAI;YACpC;QACF;AACA,QAAA,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC;AAC/B,QAAA,IAAI,CAAC,2BAA2B,IAAI,IAAI,CAAC,UAAU,CAAC,aAAa,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE;YAC5F,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACnD;AACA,QAAA,MAAM,IAAI,CAAC,kBAAkB,EAAE;AAC/B,QAAA,MAAM,IAAI,CAAC,mBAAmB,EAAE;IAClC;AAEA;;AAEG;IACI,UAAU,GAAA;QACf,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE;IACrD;AAEA;;;;AAIG;IACI,SAAS,GAAA;QACd,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,MAAO,CAAC;IAC3C;AAEA;;;;AAIG;AACI,IAAA,MAAM,CAAC,GAAY,EAAA;AACxB,QAAA,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,GAAG,CAAC;IACtC;AAEA;;;AAGG;AACI,IAAA,UAAU,CAAC,GAAY,EAAA;QAC5B,IAAI,IAAI,CAAC,oBAAoB,EAAE;YAAE;AACjC,QAAA,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;IAClB;AAEA;;;;AAIG;AACI,IAAA,OAAO,CAAC,UAAoB,EAAA;AACjC,QAAA,IAAI,CAAC,YAAY,CAAC,oBAAoB,CAAC,UAAU,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;IAC9E;AAEA;;;;AAIG;AACI,IAAA,MAAM,aAAa,GAAA;AACxB,QAAA,OAAO,IAAI,CAAC,YAAY,CAAC,YAAY,EAAE;IACzC;AAEA;;;;AAIG;IACI,cAAc,GAAA;QACnB,OAAO,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,IAAI,IAAI;IACnD;AAEA;;;;AAIG;IACI,eAAe,GAAA;QACpB,OAAO,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,IAAI,IAAI;IACpD;AAEA;;;;AAIG;IACI,UAAU,GAAA;QACf,OAAO,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,IAAI,IAAI;IAC/C;AAEA;;;;AAIG;IACI,iBAAiB,GAAA;AACtB,QAAA,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;AAAE,YAAA,OAAO,IAAI;AACnC,QAAA,OAAO,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,iBAAiB,EAAE,EAAE,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,CAA2B;IACvH;AAEA;;;;AAIG;IACI,oBAAoB,GAAA;AACzB,QAAA,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;AAAE,YAAA,OAAO,IAAI;AACnC,QAAA,OAAO,IAAI,CAAC,YAAY,CAAC,iBAAiB,EAAE;IAC9C;AAEA;;;;AAIG;IACI,eAAe,GAAA;AACpB,QAAA,IAAI,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE;AAC7B,YAAA,OAAO,IAAI,CAAC,YAAY,CAAC,mBAAmB,EAAE,IAAI,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE;QACvF;AACA,QAAA,OAAO,IAAI,CAAC,oBAAoB,EAAE;IACpC;AAEA;;;;;AAKG;AACI,IAAA,YAAY,CAAC,iBAA4C,EAAA;QAC9D,MAAM,OAAO,GAAG,iBAAiB,IAAI,IAAI,CAAC,UAAU,CAAC,wBAAwB;QAE7E,OAAO,IAAI,CAAC,eAAe,EAAE,KAAK,OAAO,GAAG,IAAI,CAAC,iBAAiB,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC;IACnG;AAEA;;;;;AAKG;AACI,IAAA,aAAa,CAAC,iBAA4C,EAAA;AAC/D,QAAA,OAAO,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,iBAAiB,CAAC,CAAC,CAAC;IACpF;AAEA;;;;;;;AAOG;AACI,IAAA,mBAAmB,CAAwC,GAAM,EAAE,aAAa,GAAG,KAAK,EAAA;QAC7F,OAAO,IAAI,CAAC,mBAAmB,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,KAAK,iBAAiB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;IACpG;AAEA;;;;;AAKG;AACI,IAAA,mBAAmB,CAAC,aAAsB,EAAA;AAC/C,QAAA,MAAM,YAAY,GAAG,EAAE,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;AACzG,QAAA,MAAM,mBAAmB,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CACpD,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,gBAAgB,IAAI,CAAC,CAAC,EAC9C,UAAU,CAAC,YAAY,IAAI,CAAC,eAAe,EAAE,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC,CACjE;AAED,QAAA,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAC7B,SAAS,CAAC,MAAM,KAAK,CAAC,YAAY,EAAE,mBAAmB,CAAC,CAAC,EACzD,IAAI,CAAC,CAAC,CAAC,EACP,GAAG,CAAC,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC,EAChC,GAAG,CAAC,CAAC,KAAK,KAAK,CAAC,KAAK,IAAI,aAAa,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAC7F;IACH;AAEQ,IAAA,MAAM,mBAAmB,GAAA;AAC/B,QAAA,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,mBAAmB,EAAE;YAAE;AAC1E,QAAA,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,kBAAkB,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;IAC9E;IAEQ,oBAAoB,GAAA;QAC1B,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,EAAE,EAAE,GAAG,IAAI,CAAC;AAEnD,QAAA,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,GAAG,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,GAAG,IAAI;IAC9E;AAEQ,IAAA,eAAe,CAAC,GAAW,EAAA;QACjC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC;AACnC,QAAA,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC;IACjC;AAEQ,IAAA,MAAM,kBAAkB,GAAA;QAC9B,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,eAAe,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YAAE;AACjE,QAAA,MAAM,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC;IAC7D;AAEQ,IAAA,MAAM,eAAe,GAAA;AAC3B,QAAA,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YAAE;AAC7B,QAAA,IAAI;AACF,YAAA,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,EAAE;QACxC;QAAE,OAAO,KAAK,EAAE;AACd,YAAA,IAAI,CAAC,wBAAwB,CAAC,KAAK,CAAC;AACpC,YAAA,MAAM,KAAK;QACb;IACF;AAEQ,IAAA,cAAc,CAAC,QAAwB,EAAA;QAC7C,MAAM,aAAa,GAAG,IAAI,CAAC,iBAAiB,EAAE,EAAE,GAAG;QACnD,IAAI,CAAC,QAAQ,IAAI,CAAC,aAAa,IAAI,QAAQ,KAAK,aAAa;YAAE;AAC/D,QAAA,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IACpB;AAEQ,IAAA,mBAAmB,CAAC,OAAgB,EAAA;QAC1C,IAAI,OAAO,EAAE;AACX,YAAA,IAAI,CAAC,YAAY,CAAC,2BAA2B,EAAE;QACjD;aAAO;AACL,YAAA,IAAI,CAAC,YAAY,CAAC,oBAAoB,EAAE;QAC1C;IACF;IAEQ,oBAAoB,GAAA;AAC1B,QAAA,OAAO,IAAI,CAAC,yBAAyB,CAAC,KAAK,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,IAAI,CAAC,eAAe,CAAC,KAAK;IACzG;AAEQ,IAAA,wBAAwB,CAAC,KAAc,EAAA;QAC7C,MAAM,MAAM,GAAG,IAAI,CAAC,sBAAsB,CAAC,KAAK,CAAC;QACjD,IAAI,MAAM,KAAK,SAAS;AAAE,YAAA,OAAO,KAAK;AACtC,QAAA,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG;QACtE,IAAI,aAAa,EAAE;AACjB,YAAA,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC;QAC3C;AACA,QAAA,OAAO,aAAa;IACtB;AAEQ,IAAA,sBAAsB,CAAC,KAAoD,EAAA;AACjF,QAAA,IAAI,KAAK,YAAY,iBAAiB,EAAE;YACtC,OAAO,KAAK,CAAC,MAAM;QACrB;AACA,QAAA,IAAI,KAAK,YAAY,eAAe,EAAE;AACpC,YAAA,MAAM,MAAM,GAAG,KAAK,CAAC,MAAgD;YACrE,OAAO,MAAM,EAAE,MAAM;QACvB;AACA,QAAA,OAAO,SAAS;IAClB;+GAvYW,WAAW,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA,CAAA;AAAX,IAAA,SAAA,IAAA,CAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,SAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAW,cADE,MAAM,EAAA,CAAA,CAAA;;4FACnB,WAAW,EAAA,UAAA,EAAA,CAAA;kBADvB,UAAU;mBAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;;AC7ClC;;;;;;AAMG;AACG,SAAU,kBAAkB,CAAC,gBAAA,GAAqC,CAAC,MAAM,KAAK,MAAM,EAAE,iBAAiB,EAAA;AAC3G,IAAA,OAAO,MAAK;AACV,QAAA,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,eAAe,CAAC,IAAI,CAC7C,GAAG,CAAC,gBAAgB,CAAC,EACrB,GAAG,CAAC,CAAC,KAAK,MAAM,gBAAgB,CAAC,KAAK,CAAC,GAAG,KAAK,GAAG,SAAS,CAAC,CAAC,CAC9D;AACH,IAAA,CAAC;AACH;;ACfO,MAAM,gBAAgB,GAAG;AACzB,MAAM,uBAAuB,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,gBAAgB;AAC/E,MAAM,cAAc,GAAoC;AAC7D,IAAA,GAAG,EAAE,+BAA+B;AACpC,IAAA,KAAK,EAAE,gCAAgC;AACvC,IAAA,IAAI,EAAE,2BAA2B;;AAE5B,MAAM,2BAA2B,GAAoC;AAC1E,IAAA,GAAG,EAAE,qDAAqD;AAC1D,IAAA,KAAK,EAAE,sDAAsD;AAC7D,IAAA,IAAI,EAAE,wBAAwB;;AA4ChC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoCG;AACI,MAAM,EAAE,iBAAiB,EAAE,UAAU,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,GAAG,kBAAkB,CAAC,MAAM,EAAE,WAAW,EAAE;AAC5H,IAAA,WAAW,EAAE,MAAM;AACnB,IAAA,YAAY,EAAE,gBAAgB;AAC9B,IAAA,WAAW,EAAE,EAAE;AACf,IAAA,aAAa,EAAE,IAAI;AACnB,IAAA,cAAc,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE;AAC5B,IAAA,eAAe,EAAE,KAAK;AACtB,IAAA,YAAY,EAAE,CAAC,KAAK,KAAI;AACtB,QAAA,MAAM,KAAK;IACb,CAAC;IACD,cAAc;IACd,YAAY;IACZ,eAAe;AACf,IAAA,OAAO,EAAE,EAAE;AACX,IAAA,wBAAwB,EAAE,IAAI;AAC9B,IAAA,mBAAmB,EAAE,IAAI;AACzB,IAAA,oBAAoB,EAAE,IAAI;AAC1B,IAAA,gBAAgB,EAAE,IAAI;AACT,CAAA;;AClHf,mBAAe;AACb,IAAA,EAAE,EAAE;AACF,QAAA,eAAe,EAAE,YAAY;AAC7B,QAAA,gBAAgB,EAAE,SAAS;AAC3B,QAAA,iBAAiB,EAAE,UAAU;AAC9B,KAAA;AACD,IAAA,EAAE,EAAE;AACF,QAAA,eAAe,EAAE,aAAa;AAC9B,QAAA,gBAAgB,EAAE,WAAW;AAC7B,QAAA,iBAAiB,EAAE,WAAW;AAC/B,KAAA;CACmB;;MCYT,aAAa,CAAA;AAV1B,IAAA,WAAA,GAAA;QAWqB,IAAA,CAAA,UAAU,GAAG,gBAAgB,EAAE;AAC/B,QAAA,IAAA,CAAA,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;AACjC,QAAA,IAAA,CAAA,eAAe,GAAG;YACnC,QAAQ,EAAE,QAAQ,CAAC,UAAU;AAC7B,YAAA,cAAc,EAAE,KAAK;AACrB,YAAA,cAAc,EAAE,uBAAuB;SACZ;QACV,IAAA,CAAA,GAAG,GAAG,aAAa,CAAC;AACrC,YAAA,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,eAAe;AAC1C,YAAA,eAAe,EAAE,IAAI,CAAC,WAAW,CAAC,gBAAgB;AACnD,SAAA,CAAC;AAEF;;;;AAIG;AACa,QAAA,IAAA,CAAA,eAAe,GAAG,KAAK,CAAC,KAAK,2DAAC;AAC/C,IAAA;+GAnBY,aAAa,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAAb,aAAa,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,UAAA,EAAA,MAAA,EAAA,EAAA,eAAA,EAAA,EAAA,iBAAA,EAAA,iBAAA,EAAA,UAAA,EAAA,iBAAA,EAAA,QAAA,EAAA,IAAA,EAAA,UAAA,EAAA,KAAA,EAAA,iBAAA,EAAA,IAAA,EAAA,EAAA,EAAA,SAAA,EAFb,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC,EAAA,QAAA,EAAA,EAAA,EAAA,QAAA,ECvBhD,siDAmCA,EAAA,MAAA,EAAA,CAAA,6IAAA,CAAA,EAAA,YAAA,EAAA,CAAA,EAAA,IAAA,EAAA,UAAA,EAAA,IAAA,EDjBY,gBAAgB,g1BAAE,cAAc,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAA,EAAA,CAAA,iBAAA,EAAA,QAAA,EAAA,eAAA,EAAA,MAAA,EAAA,CAAA,aAAA,EAAA,qBAAA,EAAA,uBAAA,EAAA,+BAAA,EAAA,oBAAA,EAAA,6BAAA,EAAA,2BAAA,EAAA,iBAAA,EAAA,wBAAA,EAAA,yBAAA,CAAA,EAAA,OAAA,EAAA,CAAA,uBAAA,EAAA,sBAAA,EAAA,wBAAA,EAAA,uBAAA,CAAA,EAAA,QAAA,EAAA,CAAA,aAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,UAAA,EAAA,IAAA,EAAE,YAAY,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,eAAe,kGAAE,oBAAoB,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,oBAAoB,EAAA,QAAA,EAAA,kBAAA,EAAA,MAAA,EAAA,CAAA,QAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,MAAA,EAAA,IAAA,EAAAD,IAAA,CAAA,SAAA,EAAA,IAAA,EAAA,OAAA,EAAA,EAAA,EAAA,IAAA,EAAA,MAAA,EAAA,IAAA,EAAE,aAAa,EAAA,IAAA,EAAA,cAAA,EAAA,CAAA,EAAA,eAAA,EAAA,EAAA,CAAA,uBAAA,CAAA,MAAA,EAAA,aAAA,EAAA,EAAA,CAAA,iBAAA,CAAA,IAAA,EAAA,CAAA,CAAA;;4FAOzH,aAAa,EAAA,UAAA,EAAA,CAAA;kBAVzB,SAAS;AACI,YAAA,IAAA,EAAA,CAAA,EAAA,UAAA,EAAA,IAAI,EAAA,QAAA,EACN,UAAU,EAAA,OAAA,EACX,CAAC,gBAAgB,EAAE,cAAc,EAAE,YAAY,EAAE,eAAe,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,aAAa,EAAE,SAAS,CAAC,EAAA,eAAA,EAG/H,uBAAuB,CAAC,MAAM,EAAA,aAAA,EAChC,iBAAiB,CAAC,IAAI,aAC1B,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC,EAAA,QAAA,EAAA,siDAAA,EAAA,MAAA,EAAA,CAAA,6IAAA,CAAA,EAAA;;;MEZnC,aAAa,CAAA;AAL1B,IAAA,WAAA,GAAA;AAMmB,QAAA,IAAA,CAAA,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QACjC,IAAA,CAAA,aAAa,GAAG,MAAM,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QAC5C,IAAA,CAAA,kBAAkB,GAAG,cAAc,EAAE;AAEtD;;;;AAIG;QAEI,IAAA,CAAA,oBAAoB,GAAuC,IAAI;AAmBvE,IAAA;AAjBC;;;;AAIG;;IAEH,IACW,YAAY,CAAC,KAAwC,EAAA;AAC9D,QAAA,IAAI,CAAC,aAAa,CAAC,QAAQ,GAAG,KAAK;IACrC;IAEO,eAAe,GAAA;AACpB,QAAA,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC,SAAS,CAAC,MAAK;AAC9E,YAAA,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,oBAAoB;AACtF,YAAA,IAAI,CAAC,aAAa,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC;AAClE,QAAA,CAAC,CAAC;IACJ;+GA7BW,aAAa,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA,CAAA;mGAAb,aAAa,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,sBAAA,EAAA,MAAA,EAAA,EAAA,oBAAA,EAAA,CAAA,SAAA,EAAA,sBAAA,CAAA,EAAA,YAAA,EAAA,CAAA,aAAA,EAAA,cAAA,CAAA,EAAA,EAAA,cAAA,EAAA,CAAA,EAAA,SAAA,EAAAA,IAAA,CAAA,IAAA,EAAA,CAAA,EAAA,QAAA,EAAA,EAAA,EAAA,CAAA,CAAA;;4FAAb,aAAa,EAAA,UAAA,EAAA,CAAA;kBALzB,SAAS;AAAC,YAAA,IAAA,EAAA,CAAA;AACT,oBAAA,UAAU,EAAE,IAAI;AAChB,oBAAA,QAAQ,EAAE,sBAAsB;oBAChC,cAAc,EAAE,CAAC,IAAI,CAAC;AACvB,iBAAA;;sBAWE,KAAK;uBAAC,SAAS;;sBASf,KAAK;uBAAC,aAAa;;;ACtBtB;;;;;;;AAOG;AACH;AACM,SAAU,SAAS,CAAC,iBAAqC,EAAE,UAA2B,EAAE,UAAU,GAAG,KAAK,EAAA;AAC9G,IAAA,OAAO,CAAC,CAAC,EAAE,KAAK,KAAI;AAClB,QAAA,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;AACvC,QAAA,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;AACnC,QAAA,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;QAEjD,OAAO,WAAW,CAAC,gBAAgB,CAAC,IAAI,CACtC,SAAS,CAAC,CAAC,eAAe,KAAI;YAC5B,IAAI,CAAC,eAAe,EAAE;AACpB,gBAAA,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC;AAEjC,gBAAA,OAAO,KAAK;YACd;YACA,OAAO,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,iBAAiB,CAAC,CAAC;AACxD,QAAA,CAAC,CAAC,EACF,GAAG,CAAC,CAAC,YAAY,KAAI;YACnB,IAAI,YAAY,IAAI,CAAC,MAAM;gBAAE;AAC7B,YAAA,IAAI,QAAQ,CAAC,UAAU,CAAC,EAAE;gBACxB,IAAI,UAAU,EAAE;AACd,oBAAA,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC;gBACvC;qBAAO;AACL,oBAAA,MAAM,CAAC,aAAa,CAAC,UAAU,CAAC;gBAClC;YACF;AAAO,iBAAA,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;AACpC,gBAAA,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC;YAC7B;AACF,QAAA,CAAC,CAAC,EACF,IAAI,CAAC,CAAC,CAAC,CACR;AACH,IAAA,CAAC;AACH;;AC1CA,MAAM,OAAO,GAAG,CAAC,aAAa,EAAE,aAAa,EAAE,eAAe,EAAE,gBAAgB,CAAC;MAMpE,UAAU,CAAA;+GAAV,UAAU,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,QAAA,EAAA,CAAA,CAAA;AAAV,IAAA,SAAA,IAAA,CAAA,IAAA,GAAA,EAAA,CAAA,mBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,SAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,UAAU,EAAA,OAAA,EAAA,CANN,aAAa,EAAE,aAAa,EAAE,eAAe,EAAE,gBAAgB,CAAA,EAAA,OAAA,EAAA,CAA/D,aAAa,EAAE,aAAa,EAAE,eAAe,EAAE,gBAAgB,CAAA,EAAA,CAAA,CAAA;AAMnE,IAAA,SAAA,IAAA,CAAA,IAAA,GAAA,EAAA,CAAA,mBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,SAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,UAAU,YANN,aAAa,CAAA,EAAA,CAAA,CAAA;;4FAMjB,UAAU,EAAA,UAAA,EAAA,CAAA;kBAJtB,QAAQ;AAAC,YAAA,IAAA,EAAA,CAAA;AACR,oBAAA,OAAO,EAAE,CAAC,GAAG,OAAO,CAAC;AACrB,oBAAA,OAAO,EAAE,CAAC,GAAG,OAAO,CAAC;AACtB,iBAAA;;;ACFD;;;;;;;AAOG;AACH;AACM,SAAU,WAAW,CAAC,iBAAqC,EAAE,UAA2B,EAAE,UAAU,GAAG,KAAK,EAAA;IAChH,OAAO,CAAC,CAAC,KAAI;AACX,QAAA,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;AACvC,QAAA,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;AACjD,QAAA,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAEnC,OAAO,WAAW,CAAC,gBAAgB,CAAC,IAAI,CACtC,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,iBAAiB,CAAC,CAAC,EACvD,GAAG,CAAC,CAAC,cAAc,KAAI;YACrB,IAAI,cAAc,IAAI,CAAC,MAAM;gBAAE;AAC/B,YAAA,IAAI,QAAQ,CAAC,UAAU,CAAC,EAAE;gBACxB,IAAI,UAAU,EAAE;AACd,oBAAA,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,CAAC;gBACvC;qBAAO;AACL,oBAAA,MAAM,CAAC,aAAa,CAAC,UAAU,CAAC;gBAClC;YACF;AAAO,iBAAA,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;AACpC,gBAAA,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC;YAC7B;AACF,QAAA,CAAC,CAAC,EACF,IAAI,CAAC,CAAC,CAAC,CACR;AACH,IAAA,CAAC;AACH;;ACxCA;;AAEG;;;;"}
|
package/index.d.ts
CHANGED
|
@@ -721,6 +721,21 @@ type LanguageSelector = (claims?: OdxAuth.IdentityClaims | null) => string | nul
|
|
|
721
721
|
*/
|
|
722
722
|
declare function userLanguageLoader(languageSelector?: LanguageSelector): LanguageLoaderFn;
|
|
723
723
|
|
|
724
|
+
/**
|
|
725
|
+
* A hybrid storage implementation that keeps tokens in memory (cleared on page refresh)
|
|
726
|
+
* but persists only the OAuth flow keys (state, nonce, code_verifier) to sessionStorage
|
|
727
|
+
* so they survive the auth server redirect.
|
|
728
|
+
* Actual tokens remain memory only and are cleared on page refresh.
|
|
729
|
+
*/
|
|
730
|
+
declare class HybridMemoryStorage implements OAuthStorage {
|
|
731
|
+
private readonly memoryStorage;
|
|
732
|
+
private readonly persistKeys;
|
|
733
|
+
getItem(key: string): string | null;
|
|
734
|
+
setItem(key: string, value: string): void;
|
|
735
|
+
removeItem(key: string): void;
|
|
736
|
+
clear(): void;
|
|
737
|
+
}
|
|
738
|
+
|
|
724
739
|
/**
|
|
725
740
|
* A factory function that creates a core debug plugin for the authentication service.
|
|
726
741
|
* This plugin logs detailed information about the user's identity claims and tokens.
|
|
@@ -762,5 +777,5 @@ declare const userProfileUrlPlugin: AuthPluginFactory;
|
|
|
762
777
|
*/
|
|
763
778
|
declare function unauthGuard(authorizedHandler?: AuthorizedHandler, redirectTo?: any[] | string, isExternal?: boolean): CanActivateFn;
|
|
764
779
|
|
|
765
|
-
export { AUTH_HTTP_HEADER, AuthActionDirective, AuthActionsComponent, AuthComponent, AuthConfig, AuthDefaultConfig, AuthDirective, AuthEnvironment, AuthLoadingScreenComponent, AuthModule, AuthPluginManager, AuthService, ODX_AUTH_CORE_PLUGINS, ODX_AUTH_DEFAULT_SCOPES, ODX_AUTH_ERROR_HANDLERS, ODX_AUTH_HOSTS, ODX_AUTH_PLUGINS, ODX_AUTH_PLUGINS_ERROR_HANDLER, ODX_AUTH_USER_PROFILE_HOSTS, SignInDirective, SignOutDirective, authGuard, authInterceptor, coreDebugPlugin, coreIdentityPlugin, createAuthHostUrl, createAuthStorage, createInitials, handleAuthError, handleOAuthEvent, initializeAuthConfig, initializeAuthErrorHandlers, injectAuthConfig, offlineAuthErrorHandler, provideAuth, provideAuthConfig, provideAuthLogger, requireAuthentication, resolveEmail, resolveUsername, setHttpAuthHeader, unauthGuard, userLanguageLoader, userProfileUrlPlugin };
|
|
780
|
+
export { AUTH_HTTP_HEADER, AuthActionDirective, AuthActionsComponent, AuthComponent, AuthConfig, AuthDefaultConfig, AuthDirective, AuthEnvironment, AuthLoadingScreenComponent, AuthModule, AuthPluginManager, AuthService, HybridMemoryStorage, ODX_AUTH_CORE_PLUGINS, ODX_AUTH_DEFAULT_SCOPES, ODX_AUTH_ERROR_HANDLERS, ODX_AUTH_HOSTS, ODX_AUTH_PLUGINS, ODX_AUTH_PLUGINS_ERROR_HANDLER, ODX_AUTH_USER_PROFILE_HOSTS, SignInDirective, SignOutDirective, authGuard, authInterceptor, coreDebugPlugin, coreIdentityPlugin, createAuthHostUrl, createAuthStorage, createInitials, handleAuthError, handleOAuthEvent, initializeAuthConfig, initializeAuthErrorHandlers, injectAuthConfig, offlineAuthErrorHandler, provideAuth, provideAuthConfig, provideAuthLogger, requireAuthentication, resolveEmail, resolveUsername, setHttpAuthHeader, unauthGuard, userLanguageLoader, userProfileUrlPlugin };
|
|
766
781
|
export type { AuthErrorHandlerFn, AuthPlugin, AuthPluginError, AuthPluginErrorHandler, AuthPluginFactory, AuthorizedHandler, CreateInitialsFn, ResolveEmailFn, ResolveUsernameFn };
|