@office-ai/aioncli-core 0.30.0 → 0.30.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/docs/assets/theme-ansi-dark.png +0 -0
- package/dist/docs/assets/theme-atom-one-dark.png +0 -0
- package/dist/docs/assets/theme-ayu-dark.png +0 -0
- package/dist/docs/assets/theme-default-dark.png +0 -0
- package/dist/docs/assets/theme-dracula-dark.png +0 -0
- package/dist/docs/assets/theme-github-dark.png +0 -0
- package/dist/docs/assets/theme-holiday-dark.png +0 -0
- package/dist/docs/assets/theme-shades-of-purple-dark.png +0 -0
- package/dist/docs/assets/theme-solarized-dark.png +0 -0
- package/dist/docs/assets/theme-solarized-light.png +0 -0
- package/dist/docs/cli/notifications.md +58 -0
- package/dist/docs/redirects.json +20 -0
- package/dist/docs/reference/commands.md +563 -0
- package/dist/docs/reference/configuration.md +1804 -0
- package/dist/docs/reference/keyboard-shortcuts.md +168 -0
- package/dist/docs/reference/memport.md +246 -0
- package/dist/docs/reference/policy-engine.md +386 -0
- package/dist/docs/reference/tools.md +106 -0
- package/dist/docs/resources/faq.md +175 -0
- package/dist/docs/resources/quota-and-pricing.md +199 -0
- package/dist/docs/resources/tos-privacy.md +102 -0
- package/dist/docs/resources/troubleshooting.md +176 -0
- package/dist/docs/resources/uninstall.md +56 -0
- package/dist/src/agents/a2a-errors.d.ts +65 -0
- package/dist/src/agents/a2a-errors.js +164 -0
- package/dist/src/agents/a2a-errors.js.map +1 -0
- package/dist/src/agents/a2a-errors.test.d.ts +6 -0
- package/dist/src/agents/a2a-errors.test.js +183 -0
- package/dist/src/agents/a2a-errors.test.js.map +1 -0
- package/dist/src/agents/auth-provider/api-key-provider.d.ts +30 -0
- package/dist/src/agents/auth-provider/api-key-provider.js +66 -0
- package/dist/src/agents/auth-provider/api-key-provider.js.map +1 -0
- package/dist/src/agents/auth-provider/api-key-provider.test.d.ts +6 -0
- package/dist/src/agents/auth-provider/api-key-provider.test.js +130 -0
- package/dist/src/agents/auth-provider/api-key-provider.test.js.map +1 -0
- package/dist/src/agents/auth-provider/http-provider.d.ts +28 -0
- package/dist/src/agents/auth-provider/http-provider.js +73 -0
- package/dist/src/agents/auth-provider/http-provider.js.map +1 -0
- package/dist/src/agents/auth-provider/http-provider.test.d.ts +6 -0
- package/dist/src/agents/auth-provider/http-provider.test.js +112 -0
- package/dist/src/agents/auth-provider/http-provider.test.js.map +1 -0
- package/dist/src/agents/auth-provider/oauth2-provider.d.ts +65 -0
- package/dist/src/agents/auth-provider/oauth2-provider.js +233 -0
- package/dist/src/agents/auth-provider/oauth2-provider.js.map +1 -0
- package/dist/src/agents/auth-provider/oauth2-provider.test.d.ts +6 -0
- package/dist/src/agents/auth-provider/oauth2-provider.test.js +490 -0
- package/dist/src/agents/auth-provider/oauth2-provider.test.js.map +1 -0
- package/dist/src/agents/browser/analyzeScreenshot.d.ts +35 -0
- package/dist/src/agents/browser/analyzeScreenshot.js +183 -0
- package/dist/src/agents/browser/analyzeScreenshot.js.map +1 -0
- package/dist/src/agents/browser/analyzeScreenshot.test.d.ts +6 -0
- package/dist/src/agents/browser/analyzeScreenshot.test.js +161 -0
- package/dist/src/agents/browser/analyzeScreenshot.test.js.map +1 -0
- package/dist/src/agents/browser/automationOverlay.d.ts +26 -0
- package/dist/src/agents/browser/automationOverlay.js +100 -0
- package/dist/src/agents/browser/automationOverlay.js.map +1 -0
- package/dist/src/agents/browser/browserAgentDefinition.d.ts +50 -0
- package/dist/src/agents/browser/browserAgentDefinition.js +141 -0
- package/dist/src/agents/browser/browserAgentDefinition.js.map +1 -0
- package/dist/src/agents/browser/browserAgentFactory.d.ts +42 -0
- package/dist/src/agents/browser/browserAgentFactory.js +116 -0
- package/dist/src/agents/browser/browserAgentFactory.js.map +1 -0
- package/dist/src/agents/browser/browserAgentFactory.test.d.ts +6 -0
- package/dist/src/agents/browser/browserAgentFactory.test.js +240 -0
- package/dist/src/agents/browser/browserAgentFactory.test.js.map +1 -0
- package/dist/src/agents/browser/browserAgentInvocation.d.ts +34 -0
- package/dist/src/agents/browser/browserAgentInvocation.js +386 -0
- package/dist/src/agents/browser/browserAgentInvocation.js.map +1 -0
- package/dist/src/agents/browser/browserAgentInvocation.test.d.ts +6 -0
- package/dist/src/agents/browser/browserAgentInvocation.test.js +382 -0
- package/dist/src/agents/browser/browserAgentInvocation.test.js.map +1 -0
- package/dist/src/agents/browser/browserManager.d.ts +115 -0
- package/dist/src/agents/browser/browserManager.js +370 -0
- package/dist/src/agents/browser/browserManager.js.map +1 -0
- package/dist/src/agents/browser/browserManager.test.d.ts +6 -0
- package/dist/src/agents/browser/browserManager.test.js +382 -0
- package/dist/src/agents/browser/browserManager.test.js.map +1 -0
- package/dist/src/agents/browser/mcpToolWrapper.d.ts +45 -0
- package/dist/src/agents/browser/mcpToolWrapper.js +358 -0
- package/dist/src/agents/browser/mcpToolWrapper.js.map +1 -0
- package/dist/src/agents/browser/mcpToolWrapper.test.d.ts +6 -0
- package/dist/src/agents/browser/mcpToolWrapper.test.js +126 -0
- package/dist/src/agents/browser/mcpToolWrapper.test.js.map +1 -0
- package/dist/src/agents/browser/mcpToolWrapperConfirmation.test.d.ts +6 -0
- package/dist/src/agents/browser/mcpToolWrapperConfirmation.test.js +59 -0
- package/dist/src/agents/browser/mcpToolWrapperConfirmation.test.js.map +1 -0
- package/dist/src/agents/browser/modelAvailability.d.ts +23 -0
- package/dist/src/agents/browser/modelAvailability.js +23 -0
- package/dist/src/agents/browser/modelAvailability.js.map +1 -0
- package/dist/src/agents/cli-help-agent.d.ts +2 -2
- package/dist/src/billing/billing.d.ts +80 -0
- package/dist/src/billing/billing.js +128 -0
- package/dist/src/billing/billing.js.map +1 -0
- package/dist/src/billing/billing.test.d.ts +6 -0
- package/dist/src/billing/billing.test.js +182 -0
- package/dist/src/billing/billing.test.js.map +1 -0
- package/dist/src/billing/index.d.ts +6 -0
- package/dist/src/billing/index.js +7 -0
- package/dist/src/billing/index.js.map +1 -0
- package/dist/src/code_assist/oauth2.d.ts +1 -1
- package/dist/src/code_assist/types.d.ts +26 -26
- package/dist/src/config/agent-loop-context.d.ts +22 -0
- package/dist/src/config/agent-loop-context.js +7 -0
- package/dist/src/config/agent-loop-context.js.map +1 -0
- package/dist/src/config/trackerFeatureFlag.test.d.ts +6 -0
- package/dist/src/config/trackerFeatureFlag.test.js +43 -0
- package/dist/src/config/trackerFeatureFlag.test.js.map +1 -0
- package/dist/src/config/userHintService.d.ts +46 -0
- package/dist/src/config/userHintService.js +81 -0
- package/dist/src/config/userHintService.js.map +1 -0
- package/dist/src/config/userHintService.test.d.ts +6 -0
- package/dist/src/config/userHintService.test.js +62 -0
- package/dist/src/config/userHintService.test.js.map +1 -0
- package/dist/src/core/localLiteRtLmClient.d.ts +24 -0
- package/dist/src/core/localLiteRtLmClient.js +77 -0
- package/dist/src/core/localLiteRtLmClient.js.map +1 -0
- package/dist/src/core/localLiteRtLmClient.test.d.ts +6 -0
- package/dist/src/core/localLiteRtLmClient.test.js +87 -0
- package/dist/src/core/localLiteRtLmClient.test.js.map +1 -0
- package/dist/src/core/openaiContentGenerator.d.ts +1 -0
- package/dist/src/core/openaiContentGenerator.js +13 -13
- package/dist/src/core/openaiContentGenerator.js.map +1 -1
- package/dist/src/hooks/runtimeHooks.test.d.ts +6 -0
- package/dist/src/hooks/runtimeHooks.test.js +100 -0
- package/dist/src/hooks/runtimeHooks.test.js.map +1 -0
- package/dist/src/ide/types.d.ts +6 -6
- package/dist/src/mcp/mcp-oauth-provider.d.ts +43 -0
- package/dist/src/mcp/mcp-oauth-provider.js +67 -0
- package/dist/src/mcp/mcp-oauth-provider.js.map +1 -0
- package/dist/src/mcp/mcp-oauth-provider.test.d.ts +6 -0
- package/dist/src/mcp/mcp-oauth-provider.test.js +63 -0
- package/dist/src/mcp/mcp-oauth-provider.test.js.map +1 -0
- package/dist/src/policy/integrity.d.ts +45 -0
- package/dist/src/policy/integrity.js +121 -0
- package/dist/src/policy/integrity.js.map +1 -0
- package/dist/src/policy/integrity.test.d.ts +6 -0
- package/dist/src/policy/integrity.test.js +132 -0
- package/dist/src/policy/integrity.test.js.map +1 -0
- package/dist/src/policy/policies/conseca.toml +6 -0
- package/dist/src/policy/workspace-policy.test.js +231 -0
- package/dist/src/policy/workspace-policy.test.js.map +1 -0
- package/dist/src/routing/strategies/approvalModeStrategy.d.ts +18 -0
- package/dist/src/routing/strategies/approvalModeStrategy.js +59 -0
- package/dist/src/routing/strategies/approvalModeStrategy.js.map +1 -0
- package/dist/src/routing/strategies/approvalModeStrategy.test.d.ts +6 -0
- package/dist/src/routing/strategies/approvalModeStrategy.test.js +140 -0
- package/dist/src/routing/strategies/approvalModeStrategy.test.js.map +1 -0
- package/dist/src/routing/strategies/gemmaClassifierStrategy.d.ts +14 -0
- package/dist/src/routing/strategies/gemmaClassifierStrategy.js +182 -0
- package/dist/src/routing/strategies/gemmaClassifierStrategy.js.map +1 -0
- package/dist/src/routing/strategies/gemmaClassifierStrategy.test.d.ts +6 -0
- package/dist/src/routing/strategies/gemmaClassifierStrategy.test.js +218 -0
- package/dist/src/routing/strategies/gemmaClassifierStrategy.test.js.map +1 -0
- package/dist/src/safety/conseca/conseca.d.ts +31 -0
- package/dist/src/safety/conseca/conseca.js +105 -0
- package/dist/src/safety/conseca/conseca.js.map +1 -0
- package/dist/src/safety/conseca/conseca.test.js +226 -0
- package/dist/src/safety/conseca/conseca.test.js.map +1 -0
- package/dist/src/safety/conseca/integration.test.js +19 -0
- package/dist/src/safety/conseca/integration.test.js.map +1 -0
- package/dist/src/safety/conseca/policy-enforcer.d.ts +13 -0
- package/dist/src/safety/conseca/policy-enforcer.js +135 -0
- package/dist/src/safety/conseca/policy-enforcer.js.map +1 -0
- package/dist/src/safety/conseca/policy-enforcer.test.js +141 -0
- package/dist/src/safety/conseca/policy-enforcer.test.js.map +1 -0
- package/dist/src/safety/conseca/policy-generator.d.ts +15 -0
- package/dist/src/safety/conseca/policy-generator.js +144 -0
- package/dist/src/safety/conseca/policy-generator.js.map +1 -0
- package/dist/src/safety/conseca/policy-generator.test.d.ts +6 -0
- package/dist/src/safety/conseca/policy-generator.test.js +84 -0
- package/dist/src/safety/conseca/policy-generator.test.js.map +1 -0
- package/dist/src/safety/conseca/types.d.ts +15 -0
- package/dist/src/safety/conseca/types.js +7 -0
- package/dist/src/safety/conseca/types.js.map +1 -0
- package/dist/src/scheduler/scheduler_parallel.test.d.ts +6 -0
- package/dist/src/scheduler/scheduler_parallel.test.js +401 -0
- package/dist/src/scheduler/scheduler_parallel.test.js.map +1 -0
- package/dist/src/services/FolderTrustDiscoveryService.d.ts +32 -0
- package/dist/src/services/FolderTrustDiscoveryService.js +169 -0
- package/dist/src/services/FolderTrustDiscoveryService.js.map +1 -0
- package/dist/src/services/FolderTrustDiscoveryService.test.d.ts +6 -0
- package/dist/src/services/FolderTrustDiscoveryService.test.js +118 -0
- package/dist/src/services/FolderTrustDiscoveryService.test.js.map +1 -0
- package/dist/src/services/fileKeychain.d.ts +24 -0
- package/dist/src/services/fileKeychain.js +123 -0
- package/dist/src/services/fileKeychain.js.map +1 -0
- package/dist/src/services/keychainService.d.ts +51 -0
- package/dist/src/services/keychainService.js +133 -0
- package/dist/src/services/keychainService.js.map +1 -0
- package/dist/src/services/keychainService.test.d.ts +6 -0
- package/dist/src/services/keychainService.test.js +150 -0
- package/dist/src/services/keychainService.test.js.map +1 -0
- package/dist/src/services/keychainTypes.d.ts +41 -0
- package/dist/src/services/keychainTypes.js +18 -0
- package/dist/src/services/keychainTypes.js.map +1 -0
- package/dist/src/services/trackerService.d.ts +49 -0
- package/dist/src/services/trackerService.js +193 -0
- package/dist/src/services/trackerService.js.map +1 -0
- package/dist/src/services/trackerService.test.d.ts +6 -0
- package/dist/src/services/trackerService.test.js +117 -0
- package/dist/src/services/trackerService.test.js.map +1 -0
- package/dist/src/services/trackerTypes.d.ts +51 -0
- package/dist/src/services/trackerTypes.js +33 -0
- package/dist/src/services/trackerTypes.js.map +1 -0
- package/dist/src/telemetry/billingEvents.d.ts +75 -0
- package/dist/src/telemetry/billingEvents.js +181 -0
- package/dist/src/telemetry/billingEvents.js.map +1 -0
- package/dist/src/telemetry/billingEvents.test.d.ts +6 -0
- package/dist/src/telemetry/billingEvents.test.js +139 -0
- package/dist/src/telemetry/billingEvents.test.js.map +1 -0
- package/dist/src/telemetry/conseca-logger.d.ts +9 -0
- package/dist/src/telemetry/conseca-logger.js +91 -0
- package/dist/src/telemetry/conseca-logger.js.map +1 -0
- package/dist/src/telemetry/conseca-logger.test.d.ts +6 -0
- package/dist/src/telemetry/conseca-logger.test.js +90 -0
- package/dist/src/telemetry/conseca-logger.test.js.map +1 -0
- package/dist/src/telemetry/trace.test.d.ts +6 -0
- package/dist/src/telemetry/trace.test.js +116 -0
- package/dist/src/telemetry/trace.test.js.map +1 -0
- package/dist/src/tools/definitions/trackerTools.d.ts +12 -0
- package/dist/src/tools/definitions/trackerTools.js +146 -0
- package/dist/src/tools/definitions/trackerTools.js.map +1 -0
- package/dist/src/tools/diff-utils.d.ts +9 -0
- package/dist/src/tools/diff-utils.js +66 -0
- package/dist/src/tools/diff-utils.js.map +1 -0
- package/dist/src/tools/diff-utils.test.d.ts +6 -0
- package/dist/src/tools/diff-utils.test.js +53 -0
- package/dist/src/tools/diff-utils.test.js.map +1 -0
- package/dist/src/tools/grep-utils.d.ts +49 -0
- package/dist/src/tools/grep-utils.js +147 -0
- package/dist/src/tools/grep-utils.js.map +1 -0
- package/dist/src/tools/omissionPlaceholderDetector.d.ts +15 -0
- package/dist/src/tools/omissionPlaceholderDetector.js +90 -0
- package/dist/src/tools/omissionPlaceholderDetector.js.map +1 -0
- package/dist/src/tools/omissionPlaceholderDetector.test.d.ts +6 -0
- package/dist/src/tools/omissionPlaceholderDetector.test.js +49 -0
- package/dist/src/tools/omissionPlaceholderDetector.test.js.map +1 -0
- package/dist/src/tools/trackerTools.d.ts +122 -0
- package/dist/src/tools/trackerTools.js +365 -0
- package/dist/src/tools/trackerTools.js.map +1 -0
- package/dist/src/tools/trackerTools.test.d.ts +6 -0
- package/dist/src/tools/trackerTools.test.js +97 -0
- package/dist/src/tools/trackerTools.test.js.map +1 -0
- package/dist/src/utils/approvalModeUtils.d.ts +14 -0
- package/dist/src/utils/approvalModeUtils.js +35 -0
- package/dist/src/utils/approvalModeUtils.js.map +1 -0
- package/dist/src/utils/approvalModeUtils.test.d.ts +6 -0
- package/dist/src/utils/approvalModeUtils.test.js +36 -0
- package/dist/src/utils/approvalModeUtils.test.js.map +1 -0
- package/dist/src/utils/cache.d.ts +63 -0
- package/dist/src/utils/cache.js +103 -0
- package/dist/src/utils/cache.js.map +1 -0
- package/dist/src/utils/cache.test.d.ts +6 -0
- package/dist/src/utils/cache.test.js +158 -0
- package/dist/src/utils/cache.test.js.map +1 -0
- package/dist/src/utils/checkpointUtils.d.ts +2 -2
- package/dist/src/utils/compatibility.d.ts +41 -0
- package/dist/src/utils/compatibility.js +112 -0
- package/dist/src/utils/compatibility.js.map +1 -0
- package/dist/src/utils/compatibility.test.d.ts +6 -0
- package/dist/src/utils/compatibility.test.js +233 -0
- package/dist/src/utils/compatibility.test.js.map +1 -0
- package/dist/src/utils/envExpansion.d.ts +18 -0
- package/dist/src/utils/envExpansion.js +46 -0
- package/dist/src/utils/envExpansion.js.map +1 -0
- package/dist/src/utils/envExpansion.test.d.ts +6 -0
- package/dist/src/utils/envExpansion.test.js +110 -0
- package/dist/src/utils/envExpansion.test.js.map +1 -0
- package/dist/src/utils/errors_timeout.test.d.ts +6 -0
- package/dist/src/utils/errors_timeout.test.js +40 -0
- package/dist/src/utils/errors_timeout.test.js.map +1 -0
- package/dist/src/utils/fetch.test.d.ts +6 -0
- package/dist/src/utils/fetch.test.js +206 -0
- package/dist/src/utils/fetch.test.js.map +1 -0
- package/dist/src/utils/markdownUtils.d.ts +22 -0
- package/dist/src/utils/markdownUtils.js +126 -0
- package/dist/src/utils/markdownUtils.js.map +1 -0
- package/dist/src/utils/markdownUtils.test.d.ts +6 -0
- package/dist/src/utils/markdownUtils.test.js +107 -0
- package/dist/src/utils/markdownUtils.test.js.map +1 -0
- package/dist/src/utils/oauth-flow.d.ts +105 -0
- package/dist/src/utils/oauth-flow.js +370 -0
- package/dist/src/utils/oauth-flow.js.map +1 -0
- package/dist/src/utils/oauth-flow.test.d.ts +6 -0
- package/dist/src/utils/oauth-flow.test.js +360 -0
- package/dist/src/utils/oauth-flow.test.js.map +1 -0
- package/dist/src/utils/sessionUtils.d.ts +14 -0
- package/dist/src/utils/sessionUtils.js +122 -0
- package/dist/src/utils/sessionUtils.js.map +1 -0
- package/dist/src/utils/sessionUtils.test.d.ts +1 -0
- package/dist/src/utils/sessionUtils.test.js +171 -0
- package/dist/src/utils/sessionUtils.test.js.map +1 -0
- package/dist/src/voice/responseFormatter.d.ts +38 -0
- package/dist/src/voice/responseFormatter.js +130 -0
- package/dist/src/voice/responseFormatter.js.map +1 -0
- package/dist/src/voice/responseFormatter.test.d.ts +6 -0
- package/dist/src/voice/responseFormatter.test.js +214 -0
- package/dist/src/voice/responseFormatter.test.js.map +1 -0
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/package.json +1 -1
- package/dist/docs/CONTRIBUTING.md +0 -555
- package/dist/src/agents/executor.d.ts +0 -114
- package/dist/src/agents/executor.js +0 -779
- package/dist/src/agents/executor.js.map +0 -1
- package/dist/src/agents/executor.test.js +0 -1362
- package/dist/src/agents/executor.test.js.map +0 -1
- package/dist/src/agents/invocation.d.ts +0 -46
- package/dist/src/agents/invocation.js +0 -102
- package/dist/src/agents/invocation.js.map +0 -1
- package/dist/src/agents/invocation.test.js +0 -215
- package/dist/src/agents/invocation.test.js.map +0 -1
- package/dist/src/core/subagent.d.ts +0 -236
- package/dist/src/core/subagent.js +0 -482
- package/dist/src/core/subagent.js.map +0 -1
- package/dist/src/core/subagent.test.js +0 -530
- package/dist/src/core/subagent.test.js.map +0 -1
- package/dist/src/tools/smart-edit.d.ts +0 -78
- package/dist/src/tools/smart-edit.js +0 -717
- package/dist/src/tools/smart-edit.js.map +0 -1
- package/dist/src/tools/smart-edit.test.js +0 -592
- package/dist/src/tools/smart-edit.test.js.map +0 -1
- /package/dist/src/{agents/executor.test.d.ts → policy/workspace-policy.test.d.ts} +0 -0
- /package/dist/src/{agents/invocation.test.d.ts → safety/conseca/conseca.test.d.ts} +0 -0
- /package/dist/src/{core/subagent.test.d.ts → safety/conseca/integration.test.d.ts} +0 -0
- /package/dist/src/{tools/smart-edit.test.d.ts → safety/conseca/policy-enforcer.test.d.ts} +0 -0
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2026 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import type { HttpHeaders } from '@a2a-js/sdk/client';
|
|
7
|
+
import { BaseA2AAuthProvider } from './base-provider.js';
|
|
8
|
+
import type { HttpAuthConfig } from './types.js';
|
|
9
|
+
/**
|
|
10
|
+
* Authentication provider for HTTP authentication schemes.
|
|
11
|
+
* Supports Bearer, Basic, and any IANA-registered scheme via raw value.
|
|
12
|
+
*/
|
|
13
|
+
export declare class HttpAuthProvider extends BaseA2AAuthProvider {
|
|
14
|
+
private readonly config;
|
|
15
|
+
readonly type: "http";
|
|
16
|
+
private resolvedToken?;
|
|
17
|
+
private resolvedUsername?;
|
|
18
|
+
private resolvedPassword?;
|
|
19
|
+
private resolvedValue?;
|
|
20
|
+
constructor(config: HttpAuthConfig);
|
|
21
|
+
initialize(): Promise<void>;
|
|
22
|
+
headers(): Promise<HttpHeaders>;
|
|
23
|
+
/**
|
|
24
|
+
* Re-resolves credentials on auth failure (e.g. rotated tokens via $ENV or !command).
|
|
25
|
+
* Respects MAX_AUTH_RETRIES from the base class to prevent infinite loops.
|
|
26
|
+
*/
|
|
27
|
+
shouldRetryWithHeaders(req: RequestInit, res: Response): Promise<HttpHeaders | undefined>;
|
|
28
|
+
}
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2026 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import { BaseA2AAuthProvider } from './base-provider.js';
|
|
7
|
+
import { resolveAuthValue } from './value-resolver.js';
|
|
8
|
+
import { debugLogger } from '../../utils/debugLogger.js';
|
|
9
|
+
/**
|
|
10
|
+
* Authentication provider for HTTP authentication schemes.
|
|
11
|
+
* Supports Bearer, Basic, and any IANA-registered scheme via raw value.
|
|
12
|
+
*/
|
|
13
|
+
export class HttpAuthProvider extends BaseA2AAuthProvider {
|
|
14
|
+
config;
|
|
15
|
+
type = 'http';
|
|
16
|
+
resolvedToken;
|
|
17
|
+
resolvedUsername;
|
|
18
|
+
resolvedPassword;
|
|
19
|
+
resolvedValue;
|
|
20
|
+
constructor(config) {
|
|
21
|
+
super();
|
|
22
|
+
this.config = config;
|
|
23
|
+
}
|
|
24
|
+
async initialize() {
|
|
25
|
+
const config = this.config;
|
|
26
|
+
if ('token' in config) {
|
|
27
|
+
this.resolvedToken = await resolveAuthValue(config.token);
|
|
28
|
+
}
|
|
29
|
+
else if ('username' in config) {
|
|
30
|
+
this.resolvedUsername = await resolveAuthValue(config.username);
|
|
31
|
+
this.resolvedPassword = await resolveAuthValue(config.password);
|
|
32
|
+
}
|
|
33
|
+
else {
|
|
34
|
+
// Generic raw value for any other IANA-registered scheme
|
|
35
|
+
this.resolvedValue = await resolveAuthValue(config.value);
|
|
36
|
+
}
|
|
37
|
+
debugLogger.debug(`[HttpAuthProvider] Initialized with scheme: ${this.config.scheme}`);
|
|
38
|
+
}
|
|
39
|
+
async headers() {
|
|
40
|
+
const config = this.config;
|
|
41
|
+
if ('token' in config) {
|
|
42
|
+
if (!this.resolvedToken)
|
|
43
|
+
throw new Error('HttpAuthProvider not initialized');
|
|
44
|
+
return { Authorization: `Bearer ${this.resolvedToken}` };
|
|
45
|
+
}
|
|
46
|
+
if ('username' in config) {
|
|
47
|
+
if (!this.resolvedUsername || !this.resolvedPassword) {
|
|
48
|
+
throw new Error('HttpAuthProvider not initialized');
|
|
49
|
+
}
|
|
50
|
+
const credentials = Buffer.from(`${this.resolvedUsername}:${this.resolvedPassword}`).toString('base64');
|
|
51
|
+
return { Authorization: `Basic ${credentials}` };
|
|
52
|
+
}
|
|
53
|
+
// Generic raw value for any other IANA-registered scheme
|
|
54
|
+
if (!this.resolvedValue)
|
|
55
|
+
throw new Error('HttpAuthProvider not initialized');
|
|
56
|
+
return { Authorization: `${config.scheme} ${this.resolvedValue}` };
|
|
57
|
+
}
|
|
58
|
+
/**
|
|
59
|
+
* Re-resolves credentials on auth failure (e.g. rotated tokens via $ENV or !command).
|
|
60
|
+
* Respects MAX_AUTH_RETRIES from the base class to prevent infinite loops.
|
|
61
|
+
*/
|
|
62
|
+
async shouldRetryWithHeaders(req, res) {
|
|
63
|
+
if (res.status === 401 || res.status === 403) {
|
|
64
|
+
if (this.authRetryCount >= BaseA2AAuthProvider.MAX_AUTH_RETRIES) {
|
|
65
|
+
return undefined;
|
|
66
|
+
}
|
|
67
|
+
debugLogger.debug('[HttpAuthProvider] Re-resolving values after auth failure');
|
|
68
|
+
await this.initialize();
|
|
69
|
+
}
|
|
70
|
+
return super.shouldRetryWithHeaders(req, res);
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
//# sourceMappingURL=http-provider.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"http-provider.js","sourceRoot":"","sources":["../../../../src/agents/auth-provider/http-provider.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAEzD;;;GAGG;AACH,MAAM,OAAO,gBAAiB,SAAQ,mBAAmB;IAQ1B;IAPpB,IAAI,GAAG,MAAe,CAAC;IAExB,aAAa,CAAU;IACvB,gBAAgB,CAAU;IAC1B,gBAAgB,CAAU;IAC1B,aAAa,CAAU;IAE/B,YAA6B,MAAsB;QACjD,KAAK,EAAE,CAAC;QADmB,WAAM,GAAN,MAAM,CAAgB;IAEnD,CAAC;IAEQ,KAAK,CAAC,UAAU;QACvB,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QAC3B,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;YACtB,IAAI,CAAC,aAAa,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC5D,CAAC;aAAM,IAAI,UAAU,IAAI,MAAM,EAAE,CAAC;YAChC,IAAI,CAAC,gBAAgB,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAChE,IAAI,CAAC,gBAAgB,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAClE,CAAC;aAAM,CAAC;YACN,yDAAyD;YACzD,IAAI,CAAC,aAAa,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC5D,CAAC;QACD,WAAW,CAAC,KAAK,CACf,+CAA+C,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CACpE,CAAC;IACJ,CAAC;IAEQ,KAAK,CAAC,OAAO;QACpB,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QAC3B,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;YACtB,IAAI,CAAC,IAAI,CAAC,aAAa;gBACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;YACtD,OAAO,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;QAC3D,CAAC;QAED,IAAI,UAAU,IAAI,MAAM,EAAE,CAAC;YACzB,IAAI,CAAC,IAAI,CAAC,gBAAgB,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACrD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;YACtD,CAAC;YACD,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAC7B,GAAG,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,gBAAgB,EAAE,CACpD,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACrB,OAAO,EAAE,aAAa,EAAE,SAAS,WAAW,EAAE,EAAE,CAAC;QACnD,CAAC;QAED,yDAAyD;QACzD,IAAI,CAAC,IAAI,CAAC,aAAa;YACrB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QACtD,OAAO,EAAE,aAAa,EAAE,GAAG,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;IACrE,CAAC;IAED;;;OAGG;IACM,KAAK,CAAC,sBAAsB,CACnC,GAAgB,EAChB,GAAa;QAEb,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC7C,IAAI,IAAI,CAAC,cAAc,IAAI,mBAAmB,CAAC,gBAAgB,EAAE,CAAC;gBAChE,OAAO,SAAS,CAAC;YACnB,CAAC;YACD,WAAW,CAAC,KAAK,CACf,2DAA2D,CAC5D,CAAC;YACF,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAC1B,CAAC;QACD,OAAO,KAAK,CAAC,sBAAsB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAChD,CAAC;CACF"}
|
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2026 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import { describe, it, expect, vi, beforeEach } from 'vitest';
|
|
7
|
+
import { HttpAuthProvider } from './http-provider.js';
|
|
8
|
+
describe('HttpAuthProvider', () => {
|
|
9
|
+
beforeEach(() => {
|
|
10
|
+
vi.clearAllMocks();
|
|
11
|
+
});
|
|
12
|
+
describe('Bearer Authentication', () => {
|
|
13
|
+
it('should provide Bearer token header', async () => {
|
|
14
|
+
const config = {
|
|
15
|
+
type: 'http',
|
|
16
|
+
scheme: 'Bearer',
|
|
17
|
+
token: 'test-token',
|
|
18
|
+
};
|
|
19
|
+
const provider = new HttpAuthProvider(config);
|
|
20
|
+
await provider.initialize();
|
|
21
|
+
const headers = await provider.headers();
|
|
22
|
+
expect(headers).toEqual({ Authorization: 'Bearer test-token' });
|
|
23
|
+
});
|
|
24
|
+
it('should resolve token from environment variable', async () => {
|
|
25
|
+
process.env['TEST_TOKEN'] = 'env-token';
|
|
26
|
+
const config = {
|
|
27
|
+
type: 'http',
|
|
28
|
+
scheme: 'Bearer',
|
|
29
|
+
token: '$TEST_TOKEN',
|
|
30
|
+
};
|
|
31
|
+
const provider = new HttpAuthProvider(config);
|
|
32
|
+
await provider.initialize();
|
|
33
|
+
const headers = await provider.headers();
|
|
34
|
+
expect(headers).toEqual({ Authorization: 'Bearer env-token' });
|
|
35
|
+
delete process.env['TEST_TOKEN'];
|
|
36
|
+
});
|
|
37
|
+
});
|
|
38
|
+
describe('Basic Authentication', () => {
|
|
39
|
+
it('should provide Basic auth header', async () => {
|
|
40
|
+
const config = {
|
|
41
|
+
type: 'http',
|
|
42
|
+
scheme: 'Basic',
|
|
43
|
+
username: 'user',
|
|
44
|
+
password: 'password',
|
|
45
|
+
};
|
|
46
|
+
const provider = new HttpAuthProvider(config);
|
|
47
|
+
await provider.initialize();
|
|
48
|
+
const headers = await provider.headers();
|
|
49
|
+
const expected = Buffer.from('user:password').toString('base64');
|
|
50
|
+
expect(headers).toEqual({ Authorization: `Basic ${expected}` });
|
|
51
|
+
});
|
|
52
|
+
});
|
|
53
|
+
describe('Generic/Raw Authentication', () => {
|
|
54
|
+
it('should provide custom scheme with raw value', async () => {
|
|
55
|
+
const config = {
|
|
56
|
+
type: 'http',
|
|
57
|
+
scheme: 'CustomScheme',
|
|
58
|
+
value: 'raw-value-here',
|
|
59
|
+
};
|
|
60
|
+
const provider = new HttpAuthProvider(config);
|
|
61
|
+
await provider.initialize();
|
|
62
|
+
const headers = await provider.headers();
|
|
63
|
+
expect(headers).toEqual({ Authorization: 'CustomScheme raw-value-here' });
|
|
64
|
+
});
|
|
65
|
+
it('should support Digest via raw value', async () => {
|
|
66
|
+
const config = {
|
|
67
|
+
type: 'http',
|
|
68
|
+
scheme: 'Digest',
|
|
69
|
+
value: 'username="foo", response="bar"',
|
|
70
|
+
};
|
|
71
|
+
const provider = new HttpAuthProvider(config);
|
|
72
|
+
await provider.initialize();
|
|
73
|
+
const headers = await provider.headers();
|
|
74
|
+
expect(headers).toEqual({
|
|
75
|
+
Authorization: 'Digest username="foo", response="bar"',
|
|
76
|
+
});
|
|
77
|
+
});
|
|
78
|
+
});
|
|
79
|
+
describe('Retry logic', () => {
|
|
80
|
+
it('should re-initialize on 401 for Bearer', async () => {
|
|
81
|
+
const config = {
|
|
82
|
+
type: 'http',
|
|
83
|
+
scheme: 'Bearer',
|
|
84
|
+
token: '$DYNAMIC_TOKEN',
|
|
85
|
+
};
|
|
86
|
+
process.env['DYNAMIC_TOKEN'] = 'first';
|
|
87
|
+
const provider = new HttpAuthProvider(config);
|
|
88
|
+
await provider.initialize();
|
|
89
|
+
process.env['DYNAMIC_TOKEN'] = 'second';
|
|
90
|
+
const mockResponse = { status: 401 };
|
|
91
|
+
const retryHeaders = await provider.shouldRetryWithHeaders({}, mockResponse);
|
|
92
|
+
expect(retryHeaders).toEqual({ Authorization: 'Bearer second' });
|
|
93
|
+
delete process.env['DYNAMIC_TOKEN'];
|
|
94
|
+
});
|
|
95
|
+
it('should stop after max retries', async () => {
|
|
96
|
+
const config = {
|
|
97
|
+
type: 'http',
|
|
98
|
+
scheme: 'Bearer',
|
|
99
|
+
token: 'token',
|
|
100
|
+
};
|
|
101
|
+
const provider = new HttpAuthProvider(config);
|
|
102
|
+
await provider.initialize();
|
|
103
|
+
const mockResponse = { status: 401 };
|
|
104
|
+
// MAX_AUTH_RETRIES is 2
|
|
105
|
+
await provider.shouldRetryWithHeaders({}, mockResponse);
|
|
106
|
+
await provider.shouldRetryWithHeaders({}, mockResponse);
|
|
107
|
+
const third = await provider.shouldRetryWithHeaders({}, mockResponse);
|
|
108
|
+
expect(third).toBeUndefined();
|
|
109
|
+
});
|
|
110
|
+
});
|
|
111
|
+
});
|
|
112
|
+
//# sourceMappingURL=http-provider.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"http-provider.test.js","sourceRoot":"","sources":["../../../../src/agents/auth-provider/http-provider.test.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAEtD,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;IAChC,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC,EAAE,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;YAClD,MAAM,MAAM,GAAG;gBACb,IAAI,EAAE,MAAe;gBACrB,MAAM,EAAE,QAAiB;gBACzB,KAAK,EAAE,YAAY;aACpB,CAAC;YACF,MAAM,QAAQ,GAAG,IAAI,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAC9C,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;YAE5B,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;YACzC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,mBAAmB,EAAE,CAAC,CAAC;QAClE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gDAAgD,EAAE,KAAK,IAAI,EAAE;YAC9D,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,WAAW,CAAC;YACxC,MAAM,MAAM,GAAG;gBACb,IAAI,EAAE,MAAe;gBACrB,MAAM,EAAE,QAAiB;gBACzB,KAAK,EAAE,aAAa;aACrB,CAAC;YACF,MAAM,QAAQ,GAAG,IAAI,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAC9C,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;YAE5B,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;YACzC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,kBAAkB,EAAE,CAAC,CAAC;YAC/D,OAAO,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACnC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;QACpC,EAAE,CAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;YAChD,MAAM,MAAM,GAAG;gBACb,IAAI,EAAE,MAAe;gBACrB,MAAM,EAAE,OAAgB;gBACxB,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,UAAU;aACrB,CAAC;YACF,MAAM,QAAQ,GAAG,IAAI,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAC9C,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;YAE5B,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACjE,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,SAAS,QAAQ,EAAE,EAAE,CAAC,CAAC;QAClE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,4BAA4B,EAAE,GAAG,EAAE;QAC1C,EAAE,CAAC,6CAA6C,EAAE,KAAK,IAAI,EAAE;YAC3D,MAAM,MAAM,GAAG;gBACb,IAAI,EAAE,MAAe;gBACrB,MAAM,EAAE,cAAc;gBACtB,KAAK,EAAE,gBAAgB;aACxB,CAAC;YACF,MAAM,QAAQ,GAAG,IAAI,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAC9C,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;YAE5B,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;YACzC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,6BAA6B,EAAE,CAAC,CAAC;QAC5E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;YACnD,MAAM,MAAM,GAAG;gBACb,IAAI,EAAE,MAAe;gBACrB,MAAM,EAAE,QAAQ;gBAChB,KAAK,EAAE,gCAAgC;aACxC,CAAC;YACF,MAAM,QAAQ,GAAG,IAAI,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAC9C,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;YAE5B,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;YACzC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC;gBACtB,aAAa,EAAE,uCAAuC;aACvD,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,EAAE,CAAC,wCAAwC,EAAE,KAAK,IAAI,EAAE;YACtD,MAAM,MAAM,GAAG;gBACb,IAAI,EAAE,MAAe;gBACrB,MAAM,EAAE,QAAiB;gBACzB,KAAK,EAAE,gBAAgB;aACxB,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,OAAO,CAAC;YACvC,MAAM,QAAQ,GAAG,IAAI,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAC9C,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;YAE5B,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,QAAQ,CAAC;YACxC,MAAM,YAAY,GAAG,EAAE,MAAM,EAAE,GAAG,EAAc,CAAC;YACjD,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,sBAAsB,CACxD,EAAE,EACF,YAAY,CACb,CAAC;YAEF,MAAM,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,EAAE,aAAa,EAAE,eAAe,EAAE,CAAC,CAAC;YACjE,OAAO,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+BAA+B,EAAE,KAAK,IAAI,EAAE;YAC7C,MAAM,MAAM,GAAG;gBACb,IAAI,EAAE,MAAe;gBACrB,MAAM,EAAE,QAAiB;gBACzB,KAAK,EAAE,OAAO;aACf,CAAC;YACF,MAAM,QAAQ,GAAG,IAAI,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAC9C,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;YAE5B,MAAM,YAAY,GAAG,EAAE,MAAM,EAAE,GAAG,EAAc,CAAC;YAEjD,wBAAwB;YACxB,MAAM,QAAQ,CAAC,sBAAsB,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;YACxD,MAAM,QAAQ,CAAC,sBAAsB,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;YACxD,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,sBAAsB,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;YAEtE,MAAM,CAAC,KAAK,CAAC,CAAC,aAAa,EAAE,CAAC;QAChC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2026 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import { type HttpHeaders } from '@a2a-js/sdk/client';
|
|
7
|
+
import type { AgentCard } from '@a2a-js/sdk';
|
|
8
|
+
import { BaseA2AAuthProvider } from './base-provider.js';
|
|
9
|
+
import type { OAuth2AuthConfig } from './types.js';
|
|
10
|
+
/**
|
|
11
|
+
* Authentication provider for OAuth 2.0 Authorization Code flow with PKCE.
|
|
12
|
+
*
|
|
13
|
+
* Used by A2A remote agents whose security scheme is `oauth2`.
|
|
14
|
+
* Reuses the shared OAuth flow primitives from `utils/oauth-flow.ts`
|
|
15
|
+
* and persists tokens via `MCPOAuthTokenStorage`.
|
|
16
|
+
*/
|
|
17
|
+
export declare class OAuth2AuthProvider extends BaseA2AAuthProvider {
|
|
18
|
+
private readonly config;
|
|
19
|
+
private readonly agentName;
|
|
20
|
+
private readonly agentCardUrl?;
|
|
21
|
+
readonly type: "oauth2";
|
|
22
|
+
private readonly tokenStorage;
|
|
23
|
+
private cachedToken;
|
|
24
|
+
/** Resolved OAuth URLs — may come from config or agent card. */
|
|
25
|
+
private authorizationUrl;
|
|
26
|
+
private tokenUrl;
|
|
27
|
+
private scopes;
|
|
28
|
+
constructor(config: OAuth2AuthConfig, agentName: string, agentCard?: AgentCard, agentCardUrl?: string | undefined);
|
|
29
|
+
/**
|
|
30
|
+
* Initialize the provider by loading any persisted token from storage.
|
|
31
|
+
* Also discovers OAuth URLs from the agent card if not yet resolved.
|
|
32
|
+
*/
|
|
33
|
+
initialize(): Promise<void>;
|
|
34
|
+
/**
|
|
35
|
+
* Return an Authorization header with a valid Bearer token.
|
|
36
|
+
* Refreshes or triggers interactive auth as needed.
|
|
37
|
+
*/
|
|
38
|
+
headers(): Promise<HttpHeaders>;
|
|
39
|
+
/**
|
|
40
|
+
* On 401/403, clear the cached token and re-authenticate (up to MAX_AUTH_RETRIES).
|
|
41
|
+
*/
|
|
42
|
+
shouldRetryWithHeaders(_req: RequestInit, res: Response): Promise<HttpHeaders | undefined>;
|
|
43
|
+
/**
|
|
44
|
+
* Merge authorization_url, token_url, and scopes from the agent card's
|
|
45
|
+
* `securitySchemes` when not already provided via user config.
|
|
46
|
+
*/
|
|
47
|
+
private mergeAgentCardDefaults;
|
|
48
|
+
/**
|
|
49
|
+
* Fetch the agent card from `agentCardUrl` using `DefaultAgentCardResolver`
|
|
50
|
+
* (which normalizes proto-format cards) and extract OAuth2 URLs.
|
|
51
|
+
*/
|
|
52
|
+
private fetchAgentCardDefaults;
|
|
53
|
+
/**
|
|
54
|
+
* Run a full OAuth 2.0 Authorization Code + PKCE flow through the browser.
|
|
55
|
+
*/
|
|
56
|
+
private authenticateInteractively;
|
|
57
|
+
/**
|
|
58
|
+
* Convert an `OAuthTokenResponse` into the internal `OAuthToken` format.
|
|
59
|
+
*/
|
|
60
|
+
private toOAuthToken;
|
|
61
|
+
/**
|
|
62
|
+
* Persist the current cached token to disk.
|
|
63
|
+
*/
|
|
64
|
+
private persistToken;
|
|
65
|
+
}
|
|
@@ -0,0 +1,233 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @license
|
|
3
|
+
* Copyright 2026 Google LLC
|
|
4
|
+
* SPDX-License-Identifier: Apache-2.0
|
|
5
|
+
*/
|
|
6
|
+
import { DefaultAgentCardResolver } from '@a2a-js/sdk/client';
|
|
7
|
+
import { BaseA2AAuthProvider } from './base-provider.js';
|
|
8
|
+
import { MCPOAuthTokenStorage } from '../../mcp/oauth-token-storage.js';
|
|
9
|
+
import { generatePKCEParams, startCallbackServer, getPortFromUrl, buildAuthorizationUrl, exchangeCodeForToken, refreshAccessToken, } from '../../utils/oauth-flow.js';
|
|
10
|
+
import { openBrowserSecurely } from '../../utils/secure-browser-launcher.js';
|
|
11
|
+
import { getConsentForOauth } from '../../utils/authConsent.js';
|
|
12
|
+
import { FatalCancellationError, getErrorMessage } from '../../utils/errors.js';
|
|
13
|
+
import { coreEvents } from '../../utils/events.js';
|
|
14
|
+
import { debugLogger } from '../../utils/debugLogger.js';
|
|
15
|
+
import { Storage } from '../../config/storage.js';
|
|
16
|
+
/**
|
|
17
|
+
* Authentication provider for OAuth 2.0 Authorization Code flow with PKCE.
|
|
18
|
+
*
|
|
19
|
+
* Used by A2A remote agents whose security scheme is `oauth2`.
|
|
20
|
+
* Reuses the shared OAuth flow primitives from `utils/oauth-flow.ts`
|
|
21
|
+
* and persists tokens via `MCPOAuthTokenStorage`.
|
|
22
|
+
*/
|
|
23
|
+
export class OAuth2AuthProvider extends BaseA2AAuthProvider {
|
|
24
|
+
config;
|
|
25
|
+
agentName;
|
|
26
|
+
agentCardUrl;
|
|
27
|
+
type = 'oauth2';
|
|
28
|
+
tokenStorage;
|
|
29
|
+
cachedToken = null;
|
|
30
|
+
/** Resolved OAuth URLs — may come from config or agent card. */
|
|
31
|
+
authorizationUrl;
|
|
32
|
+
tokenUrl;
|
|
33
|
+
scopes;
|
|
34
|
+
constructor(config, agentName, agentCard, agentCardUrl) {
|
|
35
|
+
super();
|
|
36
|
+
this.config = config;
|
|
37
|
+
this.agentName = agentName;
|
|
38
|
+
this.agentCardUrl = agentCardUrl;
|
|
39
|
+
this.tokenStorage = new MCPOAuthTokenStorage(Storage.getA2AOAuthTokensPath(), 'gemini-cli-a2a');
|
|
40
|
+
// Seed from user config.
|
|
41
|
+
this.authorizationUrl = config.authorization_url;
|
|
42
|
+
this.tokenUrl = config.token_url;
|
|
43
|
+
this.scopes = config.scopes;
|
|
44
|
+
// Fall back to agent card's OAuth2 security scheme if user config is incomplete.
|
|
45
|
+
this.mergeAgentCardDefaults(agentCard);
|
|
46
|
+
}
|
|
47
|
+
/**
|
|
48
|
+
* Initialize the provider by loading any persisted token from storage.
|
|
49
|
+
* Also discovers OAuth URLs from the agent card if not yet resolved.
|
|
50
|
+
*/
|
|
51
|
+
async initialize() {
|
|
52
|
+
// If OAuth URLs are still missing, fetch the agent card to discover them.
|
|
53
|
+
if ((!this.authorizationUrl || !this.tokenUrl) && this.agentCardUrl) {
|
|
54
|
+
await this.fetchAgentCardDefaults();
|
|
55
|
+
}
|
|
56
|
+
const credentials = await this.tokenStorage.getCredentials(this.agentName);
|
|
57
|
+
if (credentials && !this.tokenStorage.isTokenExpired(credentials.token)) {
|
|
58
|
+
this.cachedToken = credentials.token;
|
|
59
|
+
debugLogger.debug(`[OAuth2AuthProvider] Loaded valid cached token for "${this.agentName}"`);
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
/**
|
|
63
|
+
* Return an Authorization header with a valid Bearer token.
|
|
64
|
+
* Refreshes or triggers interactive auth as needed.
|
|
65
|
+
*/
|
|
66
|
+
async headers() {
|
|
67
|
+
// 1. Valid cached token → return immediately.
|
|
68
|
+
if (this.cachedToken &&
|
|
69
|
+
!this.tokenStorage.isTokenExpired(this.cachedToken)) {
|
|
70
|
+
return { Authorization: `Bearer ${this.cachedToken.accessToken}` };
|
|
71
|
+
}
|
|
72
|
+
// 2. Expired but has refresh token → attempt silent refresh.
|
|
73
|
+
if (this.cachedToken?.refreshToken &&
|
|
74
|
+
this.tokenUrl &&
|
|
75
|
+
this.config.client_id) {
|
|
76
|
+
try {
|
|
77
|
+
const refreshed = await refreshAccessToken({
|
|
78
|
+
clientId: this.config.client_id,
|
|
79
|
+
clientSecret: this.config.client_secret,
|
|
80
|
+
scopes: this.scopes,
|
|
81
|
+
}, this.cachedToken.refreshToken, this.tokenUrl);
|
|
82
|
+
this.cachedToken = this.toOAuthToken(refreshed, this.cachedToken.refreshToken);
|
|
83
|
+
await this.persistToken();
|
|
84
|
+
return { Authorization: `Bearer ${this.cachedToken.accessToken}` };
|
|
85
|
+
}
|
|
86
|
+
catch (error) {
|
|
87
|
+
debugLogger.debug(`[OAuth2AuthProvider] Refresh failed, falling back to interactive flow: ${getErrorMessage(error)}`);
|
|
88
|
+
// Clear stale credentials and fall through to interactive flow.
|
|
89
|
+
await this.tokenStorage.deleteCredentials(this.agentName);
|
|
90
|
+
}
|
|
91
|
+
}
|
|
92
|
+
// 3. No valid token → interactive browser-based auth.
|
|
93
|
+
this.cachedToken = await this.authenticateInteractively();
|
|
94
|
+
return { Authorization: `Bearer ${this.cachedToken.accessToken}` };
|
|
95
|
+
}
|
|
96
|
+
/**
|
|
97
|
+
* On 401/403, clear the cached token and re-authenticate (up to MAX_AUTH_RETRIES).
|
|
98
|
+
*/
|
|
99
|
+
async shouldRetryWithHeaders(_req, res) {
|
|
100
|
+
if (res.status !== 401 && res.status !== 403) {
|
|
101
|
+
this.authRetryCount = 0;
|
|
102
|
+
return undefined;
|
|
103
|
+
}
|
|
104
|
+
if (this.authRetryCount >= BaseA2AAuthProvider.MAX_AUTH_RETRIES) {
|
|
105
|
+
return undefined;
|
|
106
|
+
}
|
|
107
|
+
this.authRetryCount++;
|
|
108
|
+
debugLogger.debug('[OAuth2AuthProvider] Auth failure, clearing token and re-authenticating');
|
|
109
|
+
this.cachedToken = null;
|
|
110
|
+
await this.tokenStorage.deleteCredentials(this.agentName);
|
|
111
|
+
return this.headers();
|
|
112
|
+
}
|
|
113
|
+
// ---------------------------------------------------------------------------
|
|
114
|
+
// Private helpers
|
|
115
|
+
// ---------------------------------------------------------------------------
|
|
116
|
+
/**
|
|
117
|
+
* Merge authorization_url, token_url, and scopes from the agent card's
|
|
118
|
+
* `securitySchemes` when not already provided via user config.
|
|
119
|
+
*/
|
|
120
|
+
mergeAgentCardDefaults(agentCard) {
|
|
121
|
+
if (!agentCard?.securitySchemes)
|
|
122
|
+
return;
|
|
123
|
+
for (const scheme of Object.values(agentCard.securitySchemes)) {
|
|
124
|
+
if (scheme.type === 'oauth2' && scheme.flows.authorizationCode) {
|
|
125
|
+
const flow = scheme.flows.authorizationCode;
|
|
126
|
+
this.authorizationUrl ??= flow.authorizationUrl;
|
|
127
|
+
this.tokenUrl ??= flow.tokenUrl;
|
|
128
|
+
this.scopes ??= Object.keys(flow.scopes);
|
|
129
|
+
break; // Use the first matching scheme.
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
}
|
|
133
|
+
/**
|
|
134
|
+
* Fetch the agent card from `agentCardUrl` using `DefaultAgentCardResolver`
|
|
135
|
+
* (which normalizes proto-format cards) and extract OAuth2 URLs.
|
|
136
|
+
*/
|
|
137
|
+
async fetchAgentCardDefaults() {
|
|
138
|
+
if (!this.agentCardUrl)
|
|
139
|
+
return;
|
|
140
|
+
try {
|
|
141
|
+
debugLogger.debug(`[OAuth2AuthProvider] Fetching agent card from ${this.agentCardUrl}`);
|
|
142
|
+
const resolver = new DefaultAgentCardResolver();
|
|
143
|
+
const card = await resolver.resolve(this.agentCardUrl, '');
|
|
144
|
+
this.mergeAgentCardDefaults(card);
|
|
145
|
+
}
|
|
146
|
+
catch (error) {
|
|
147
|
+
debugLogger.warn(`[OAuth2AuthProvider] Could not fetch agent card for OAuth URL discovery: ${getErrorMessage(error)}`);
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
/**
|
|
151
|
+
* Run a full OAuth 2.0 Authorization Code + PKCE flow through the browser.
|
|
152
|
+
*/
|
|
153
|
+
async authenticateInteractively() {
|
|
154
|
+
if (!this.config.client_id) {
|
|
155
|
+
throw new Error(`OAuth2 authentication for agent "${this.agentName}" requires a client_id. ` +
|
|
156
|
+
'Add client_id to the auth config in your agent definition.');
|
|
157
|
+
}
|
|
158
|
+
if (!this.authorizationUrl || !this.tokenUrl) {
|
|
159
|
+
throw new Error(`OAuth2 authentication for agent "${this.agentName}" requires authorization_url and token_url. ` +
|
|
160
|
+
'Provide them in the auth config or ensure the agent card exposes an oauth2 security scheme.');
|
|
161
|
+
}
|
|
162
|
+
const flowConfig = {
|
|
163
|
+
clientId: this.config.client_id,
|
|
164
|
+
clientSecret: this.config.client_secret,
|
|
165
|
+
authorizationUrl: this.authorizationUrl,
|
|
166
|
+
tokenUrl: this.tokenUrl,
|
|
167
|
+
scopes: this.scopes,
|
|
168
|
+
};
|
|
169
|
+
const pkceParams = generatePKCEParams();
|
|
170
|
+
const preferredPort = getPortFromUrl(flowConfig.redirectUri);
|
|
171
|
+
const callbackServer = startCallbackServer(pkceParams.state, preferredPort);
|
|
172
|
+
const redirectPort = await callbackServer.port;
|
|
173
|
+
const authUrl = buildAuthorizationUrl(flowConfig, pkceParams, redirectPort,
|
|
174
|
+
/* resource= */ undefined);
|
|
175
|
+
const consent = await getConsentForOauth(`Authentication required for A2A agent: '${this.agentName}'.`);
|
|
176
|
+
if (!consent) {
|
|
177
|
+
throw new FatalCancellationError('Authentication cancelled by user.');
|
|
178
|
+
}
|
|
179
|
+
coreEvents.emitFeedback('info', `→ Opening your browser for OAuth sign-in...
|
|
180
|
+
|
|
181
|
+
` +
|
|
182
|
+
`If the browser does not open, copy and paste this URL into your browser:
|
|
183
|
+
` +
|
|
184
|
+
`${authUrl}
|
|
185
|
+
|
|
186
|
+
` +
|
|
187
|
+
`💡 TIP: Triple-click to select the entire URL, then copy and paste it into your browser.
|
|
188
|
+
` +
|
|
189
|
+
`⚠️ Make sure to copy the COMPLETE URL - it may wrap across multiple lines.`);
|
|
190
|
+
try {
|
|
191
|
+
await openBrowserSecurely(authUrl);
|
|
192
|
+
}
|
|
193
|
+
catch (error) {
|
|
194
|
+
debugLogger.warn('Failed to open browser automatically:', getErrorMessage(error));
|
|
195
|
+
}
|
|
196
|
+
const { code } = await callbackServer.response;
|
|
197
|
+
debugLogger.debug('✓ Authorization code received, exchanging for tokens...');
|
|
198
|
+
const tokenResponse = await exchangeCodeForToken(flowConfig, code, pkceParams.codeVerifier, redirectPort,
|
|
199
|
+
/* resource= */ undefined);
|
|
200
|
+
if (!tokenResponse.access_token) {
|
|
201
|
+
throw new Error('No access token received from token endpoint');
|
|
202
|
+
}
|
|
203
|
+
const token = this.toOAuthToken(tokenResponse);
|
|
204
|
+
this.cachedToken = token;
|
|
205
|
+
await this.persistToken();
|
|
206
|
+
debugLogger.debug('✓ OAuth2 authentication successful! Token saved.');
|
|
207
|
+
return token;
|
|
208
|
+
}
|
|
209
|
+
/**
|
|
210
|
+
* Convert an `OAuthTokenResponse` into the internal `OAuthToken` format.
|
|
211
|
+
*/
|
|
212
|
+
toOAuthToken(response, fallbackRefreshToken) {
|
|
213
|
+
const token = {
|
|
214
|
+
accessToken: response.access_token,
|
|
215
|
+
tokenType: response.token_type || 'Bearer',
|
|
216
|
+
refreshToken: response.refresh_token || fallbackRefreshToken,
|
|
217
|
+
scope: response.scope,
|
|
218
|
+
};
|
|
219
|
+
if (response.expires_in) {
|
|
220
|
+
token.expiresAt = Date.now() + response.expires_in * 1000;
|
|
221
|
+
}
|
|
222
|
+
return token;
|
|
223
|
+
}
|
|
224
|
+
/**
|
|
225
|
+
* Persist the current cached token to disk.
|
|
226
|
+
*/
|
|
227
|
+
async persistToken() {
|
|
228
|
+
if (!this.cachedToken)
|
|
229
|
+
return;
|
|
230
|
+
await this.tokenStorage.saveToken(this.agentName, this.cachedToken, this.config.client_id, this.tokenUrl);
|
|
231
|
+
}
|
|
232
|
+
}
|
|
233
|
+
//# sourceMappingURL=oauth2-provider.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oauth2-provider.js","sourceRoot":"","sources":["../../../../src/agents/auth-provider/oauth2-provider.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAoB,wBAAwB,EAAE,MAAM,oBAAoB,CAAC;AAEhF,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AAExE,OAAO,EACL,kBAAkB,EAClB,mBAAmB,EACnB,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,kBAAkB,GAEnB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,mBAAmB,EAAE,MAAM,wCAAwC,CAAC;AAC7E,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,sBAAsB,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAChF,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,MAAM,yBAAyB,CAAC;AAElD;;;;;;GAMG;AACH,MAAM,OAAO,kBAAmB,SAAQ,mBAAmB;IAYtC;IACA;IAEA;IAdV,IAAI,GAAG,QAAiB,CAAC;IAEjB,YAAY,CAAuB;IAC5C,WAAW,GAAsB,IAAI,CAAC;IAE9C,gEAAgE;IACxD,gBAAgB,CAAqB;IACrC,QAAQ,CAAqB;IAC7B,MAAM,CAAuB;IAErC,YACmB,MAAwB,EACxB,SAAiB,EAClC,SAAqB,EACJ,YAAqB;QAEtC,KAAK,EAAE,CAAC;QALS,WAAM,GAAN,MAAM,CAAkB;QACxB,cAAS,GAAT,SAAS,CAAQ;QAEjB,iBAAY,GAAZ,YAAY,CAAS;QAGtC,IAAI,CAAC,YAAY,GAAG,IAAI,oBAAoB,CAC1C,OAAO,CAAC,qBAAqB,EAAE,EAC/B,gBAAgB,CACjB,CAAC;QAEF,yBAAyB;QACzB,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAC,iBAAiB,CAAC;QACjD,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAE5B,iFAAiF;QACjF,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,CAAC;IACzC,CAAC;IAED;;;OAGG;IACM,KAAK,CAAC,UAAU;QACvB,0EAA0E;QAC1E,IAAI,CAAC,CAAC,IAAI,CAAC,gBAAgB,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACpE,MAAM,IAAI,CAAC,sBAAsB,EAAE,CAAC;QACtC,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC3E,IAAI,WAAW,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YACxE,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC;YACrC,WAAW,CAAC,KAAK,CACf,uDAAuD,IAAI,CAAC,SAAS,GAAG,CACzE,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACM,KAAK,CAAC,OAAO;QACpB,8CAA8C;QAC9C,IACE,IAAI,CAAC,WAAW;YAChB,CAAC,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,EACnD,CAAC;YACD,OAAO,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,EAAE,CAAC;QACrE,CAAC;QAED,6DAA6D;QAC7D,IACE,IAAI,CAAC,WAAW,EAAE,YAAY;YAC9B,IAAI,CAAC,QAAQ;YACb,IAAI,CAAC,MAAM,CAAC,SAAS,EACrB,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,MAAM,kBAAkB,CACxC;oBACE,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;oBAC/B,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;oBACvC,MAAM,EAAE,IAAI,CAAC,MAAM;iBACpB,EACD,IAAI,CAAC,WAAW,CAAC,YAAY,EAC7B,IAAI,CAAC,QAAQ,CACd,CAAC;gBAEF,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,YAAY,CAClC,SAAS,EACT,IAAI,CAAC,WAAW,CAAC,YAAY,CAC9B,CAAC;gBACF,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;gBAC1B,OAAO,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,EAAE,CAAC;YACrE,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,WAAW,CAAC,KAAK,CACf,0EAA0E,eAAe,CAAC,KAAK,CAAC,EAAE,CACnG,CAAC;gBACF,gEAAgE;gBAChE,MAAM,IAAI,CAAC,YAAY,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;QAED,sDAAsD;QACtD,IAAI,CAAC,WAAW,GAAG,MAAM,IAAI,CAAC,yBAAyB,EAAE,CAAC;QAC1D,OAAO,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,EAAE,CAAC;IACrE,CAAC;IAED;;OAEG;IACM,KAAK,CAAC,sBAAsB,CACnC,IAAiB,EACjB,GAAa;QAEb,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC7C,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC;YACxB,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,IAAI,CAAC,cAAc,IAAI,mBAAmB,CAAC,gBAAgB,EAAE,CAAC;YAChE,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,IAAI,CAAC,cAAc,EAAE,CAAC;QAEtB,WAAW,CAAC,KAAK,CACf,yEAAyE,CAC1E,CAAC;QACF,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QACxB,MAAM,IAAI,CAAC,YAAY,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAE1D,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;IACxB,CAAC;IAED,8EAA8E;IAC9E,kBAAkB;IAClB,8EAA8E;IAE9E;;;OAGG;IACK,sBAAsB,CAC5B,SAAqD;QAErD,IAAI,CAAC,SAAS,EAAE,eAAe;YAAE,OAAO;QAExC,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,eAAe,CAAC,EAAE,CAAC;YAC9D,IAAI,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,KAAK,CAAC,iBAAiB,EAAE,CAAC;gBAC/D,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC;gBAC5C,IAAI,CAAC,gBAAgB,KAAK,IAAI,CAAC,gBAAgB,CAAC;gBAChD,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,QAAQ,CAAC;gBAChC,IAAI,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACzC,MAAM,CAAC,iCAAiC;YAC1C,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,sBAAsB;QAClC,IAAI,CAAC,IAAI,CAAC,YAAY;YAAE,OAAO;QAE/B,IAAI,CAAC;YACH,WAAW,CAAC,KAAK,CACf,iDAAiD,IAAI,CAAC,YAAY,EAAE,CACrE,CAAC;YACF,MAAM,QAAQ,GAAG,IAAI,wBAAwB,EAAE,CAAC;YAChD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;YAC3D,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,WAAW,CAAC,IAAI,CACd,4EAA4E,eAAe,CAAC,KAAK,CAAC,EAAE,CACrG,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,yBAAyB;QACrC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,oCAAoC,IAAI,CAAC,SAAS,0BAA0B;gBAC1E,4DAA4D,CAC/D,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,gBAAgB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CACb,oCAAoC,IAAI,CAAC,SAAS,8CAA8C;gBAC9F,6FAA6F,CAChG,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAoB;YAClC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;YAC/B,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;YACvC,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;YACvC,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,CAAC;QAEF,MAAM,UAAU,GAAG,kBAAkB,EAAE,CAAC;QACxC,MAAM,aAAa,GAAG,cAAc,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QAC7D,MAAM,cAAc,GAAG,mBAAmB,CAAC,UAAU,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;QAC5E,MAAM,YAAY,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC;QAE/C,MAAM,OAAO,GAAG,qBAAqB,CACnC,UAAU,EACV,UAAU,EACV,YAAY;QACZ,eAAe,CAAC,SAAS,CAC1B,CAAC;QAEF,MAAM,OAAO,GAAG,MAAM,kBAAkB,CACtC,2CAA2C,IAAI,CAAC,SAAS,IAAI,CAC9D,CAAC;QACF,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,sBAAsB,CAAC,mCAAmC,CAAC,CAAC;QACxE,CAAC;QAED,UAAU,CAAC,YAAY,CACrB,MAAM,EACN;;CAEL;YACO;CACP;YACO,GAAG,OAAO;;CAEjB;YACO;CACP;YACO,6EAA6E,CAChF,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,mBAAmB,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,WAAW,CAAC,IAAI,CACd,uCAAuC,EACvC,eAAe,CAAC,KAAK,CAAC,CACvB,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,cAAc,CAAC,QAAQ,CAAC;QAC/C,WAAW,CAAC,KAAK,CACf,yDAAyD,CAC1D,CAAC;QAEF,MAAM,aAAa,GAAG,MAAM,oBAAoB,CAC9C,UAAU,EACV,IAAI,EACJ,UAAU,CAAC,YAAY,EACvB,YAAY;QACZ,eAAe,CAAC,SAAS,CAC1B,CAAC;QAEF,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;QAC/C,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;QACzB,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAE1B,WAAW,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,YAAY,CAClB,QAMC,EACD,oBAA6B;QAE7B,MAAM,KAAK,GAAe;YACxB,WAAW,EAAE,QAAQ,CAAC,YAAY;YAClC,SAAS,EAAE,QAAQ,CAAC,UAAU,IAAI,QAAQ;YAC1C,YAAY,EAAE,QAAQ,CAAC,aAAa,IAAI,oBAAoB;YAC5D,KAAK,EAAE,QAAQ,CAAC,KAAK;SACtB,CAAC;QAEF,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;YACxB,KAAK,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,UAAU,GAAG,IAAI,CAAC;QAC5D,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,YAAY;QACxB,IAAI,CAAC,IAAI,CAAC,WAAW;YAAE,OAAO;QAC9B,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC/B,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,MAAM,CAAC,SAAS,EACrB,IAAI,CAAC,QAAQ,CACd,CAAC;IACJ,CAAC;CACF"}
|