@okta/okta-auth-js 7.13.2 → 7.14.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/CHANGELOG.md +10 -0
  2. package/README.md +9 -9
  3. package/cjs/http/OktaUserAgent.js +2 -2
  4. package/cjs/idx/types/idx-js.js.map +1 -1
  5. package/cjs/idx/webauthn.js +4 -1
  6. package/cjs/idx/webauthn.js.map +1 -1
  7. package/cjs/oidc/util/loginRedirect.js +4 -4
  8. package/cjs/oidc/util/loginRedirect.js.map +1 -1
  9. package/dist/okta-auth-js.authn.min.analyzer.html +2 -2
  10. package/dist/okta-auth-js.authn.min.js +1 -1
  11. package/dist/okta-auth-js.authn.min.js.map +1 -1
  12. package/dist/okta-auth-js.core.min.analyzer.html +2 -2
  13. package/dist/okta-auth-js.core.min.js +1 -1
  14. package/dist/okta-auth-js.core.min.js.map +1 -1
  15. package/dist/okta-auth-js.idx.min.analyzer.html +2 -2
  16. package/dist/okta-auth-js.idx.min.js +1 -1
  17. package/dist/okta-auth-js.idx.min.js.map +1 -1
  18. package/dist/okta-auth-js.min.analyzer.html +2 -2
  19. package/dist/okta-auth-js.min.js +1 -1
  20. package/dist/okta-auth-js.min.js.map +1 -1
  21. package/dist/okta-auth-js.myaccount.min.analyzer.html +2 -2
  22. package/dist/okta-auth-js.myaccount.min.js +1 -1
  23. package/dist/okta-auth-js.myaccount.min.js.map +1 -1
  24. package/esm/browser/http/OktaUserAgent.js +2 -2
  25. package/esm/browser/idx/types/idx-js.js.map +1 -1
  26. package/esm/browser/idx/webauthn.js +1 -5
  27. package/esm/browser/idx/webauthn.js.map +1 -1
  28. package/esm/browser/oidc/util/loginRedirect.js +4 -4
  29. package/esm/browser/oidc/util/loginRedirect.js.map +1 -1
  30. package/esm/browser/package.json +1 -1
  31. package/esm/node/http/OktaUserAgent.js +2 -2
  32. package/esm/node/idx/types/idx-js.js.map +1 -1
  33. package/esm/node/idx/webauthn.js +1 -5
  34. package/esm/node/idx/webauthn.js.map +1 -1
  35. package/esm/node/oidc/util/loginRedirect.js +4 -4
  36. package/esm/node/oidc/util/loginRedirect.js.map +1 -1
  37. package/esm/node/package.json +1 -1
  38. package/package.json +3 -3
  39. package/types/lib/idx/types/idx-js.d.ts +2 -0
  40. package/umd/authn.js +1 -1
  41. package/umd/authn.js.map +1 -1
  42. package/umd/core.js +1 -1
  43. package/umd/core.js.map +1 -1
  44. package/umd/default.js +1 -1
  45. package/umd/default.js.map +1 -1
  46. package/umd/idx.js +1 -1
  47. package/umd/idx.js.map +1 -1
  48. package/umd/myaccount.js +1 -1
  49. package/umd/myaccount.js.map +1 -1
package/umd/myaccount.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"myaccount.js","mappings":";CAAA,SAA2CA,EAAMC,GAC1B,iBAAZC,SAA0C,iBAAXC,OACxCA,OAAOD,QAAUD,IACQ,mBAAXG,QAAyBA,OAAOC,IAC9CD,OAAO,GAAIH,GACe,iBAAZC,QACdA,QAAkB,SAAID,IAEtBD,EAAe,SAAIC,GACpB,CATD,CASGK,MAAM,WACT,6KCYO,SAASC,EAKdC,GAEF,IACQC,GAAY,QAQhB,cAA4B,6GAC1B,IAAMC,EAAU,IAAIF,EAAmB,UAAKG,SAAS,0CAAgB,CAAC,GACtEC,KAAKF,SAAUG,EAAAA,EAAAA,IAAWH,GAC1BE,KAAKE,QAAU,IAAIC,KACnBH,KAAKI,SAAWA,CAClB,IAWF,OAXG,OAbGP,EAAY,WAKeO,IAAQ,OALnCP,EAAY,YAMGQ,GAWrBR,EAAaO,SAAWP,EAAaS,UAAUF,SAAWA,EAG1DG,OAAOC,OAAOX,EAAc,CAC1BQ,UAAAA,IAGKR,CACT,6NCzCO,SAASY,IAEd,OAAO,QAGL,WAAYC,IAAW,8CACrBV,KAAKW,UAAYD,EAAKC,OACxB,GAGJ,qCCtBA,SAAS,EAAQC,GACf,IAAK,IAAIC,EAAI,EAAGA,EAAIC,UAAUf,OAAQc,IAAK,CACzC,IAAIE,EAASD,UAAUD,GACvB,IAAK,IAAIG,KAAOD,EACdH,EAAOI,GAAOD,EAAOC,EAEzB,CACA,OAAOJ,CACT,iCAwHA,IAAIK,EAlGJ,SAASC,EAAMC,EAAWC,GACxB,SAASC,EAAKL,EAAKM,EAAOC,GACxB,GAAwB,oBAAbC,SAAX,CAMkC,iBAFlCD,EAAa,EAAO,CAAC,EAAGH,EAAmBG,IAErBE,UACpBF,EAAWE,QAAU,IAAIC,KAAKA,KAAKC,MAA6B,MAArBJ,EAAWE,UAEpDF,EAAWE,UACbF,EAAWE,QAAUF,EAAWE,QAAQG,eAG1CZ,EAAMa,mBAAmBb,GACtBc,QAAQ,uBAAwBC,oBAChCD,QAAQ,QAASE,QAEpB,IAAIC,EAAwB,GAC5B,IAAK,IAAIC,KAAiBX,EACnBA,EAAWW,KAIhBD,GAAyB,KAAOC,GAEE,IAA9BX,EAAWW,KAWfD,GAAyB,IAAMV,EAAWW,GAAeC,MAAM,KAAK,KAGtE,OAAQX,SAASY,OACfpB,EAAM,IAAMG,EAAUkB,MAAMf,EAAON,GAAOiB,CAtC5C,CAuCF,CA4BA,OAAO1B,OAAO+B,OACZ,CACEjB,IAAKA,EACLkB,IA7BJ,SAAcvB,GACZ,GAAwB,oBAAbQ,YAA6BV,UAAUf,QAAWiB,GAA7D,CAQA,IAFA,IAAIwB,EAAUhB,SAASY,OAASZ,SAASY,OAAOD,MAAM,MAAQ,GAC1DM,EAAM,CAAC,EACF5B,EAAI,EAAGA,EAAI2B,EAAQzC,OAAQc,IAAK,CACvC,IAAI6B,EAAQF,EAAQ3B,GAAGsB,MAAM,KACzBb,EAAQoB,EAAMC,MAAM,GAAGC,KAAK,KAEhC,IACE,IAAIC,EAAWd,mBAAmBW,EAAM,IAGxC,GAFAD,EAAII,GAAY1B,EAAU2B,KAAKxB,EAAOuB,GAElC7B,IAAQ6B,EACV,KAEJ,CAAE,MAAOE,GAAI,CACf,CAEA,OAAO/B,EAAMyB,EAAIzB,GAAOyB,CApBxB,CAqBF,EAMIO,OAAQ,SAAUhC,EAAKO,GACrBF,EACEL,EACA,GACA,EAAO,CAAC,EAAGO,EAAY,CACrBE,SAAU,IAGhB,EACAwB,eAAgB,SAAU1B,GACxB,OAAOL,EAAKlB,KAAKmB,UAAW,EAAO,CAAC,EAAGnB,KAAKuB,WAAYA,GAC1D,EACA2B,cAAe,SAAU/B,GACvB,OAAOD,EAAK,EAAO,CAAC,EAAGlB,KAAKmB,UAAWA,GAAYnB,KAAKuB,WAC1D,GAEF,CACEA,WAAY,CAAED,MAAOf,OAAO4C,OAAO/B,IACnCD,UAAW,CAAEG,MAAOf,OAAO4C,OAAOhC,KAGxC,CAEUD,CApHa,CACrB4B,KAAM,SAAUxB,GAId,MAHiB,MAAbA,EAAM,KACRA,EAAQA,EAAMqB,MAAM,GAAI,IAEnBrB,EAAMQ,QAAQ,mBAAoBC,mBAC3C,EACAM,MAAO,SAAUf,GACf,OAAOO,mBAAmBP,GAAOQ,QAC/B,2CACAC,mBAEJ,GAwG+B,CAAEqB,KAAM,MAGzC,gCCvFIC,EAAkC,CAIpCC,uBAAwB,WACtB,IACE,IAAIC,EAAUvD,KAAKwD,kBACnB,OAAOxD,KAAKyD,YAAYF,EAC1B,CAAE,MAAOR,GACP,OAAO,CACT,CACF,EAEAW,yBAA0B,WACxB,IACE,IAAIH,EAAUvD,KAAK2D,oBACnB,OAAO3D,KAAKyD,YAAYF,EAC1B,CAAE,MAAOR,GACP,OAAO,CACT,CACF,EAEAa,gBAAiB,SAASC,GACxB,IAAIC,GAAY,EAChB,OAAQD,GACN,IAAK,iBACHC,EAAY9D,KAAK0D,2BACjB,MACF,IAAK,eACHI,EAAY9D,KAAKsD,yBACjB,MACF,IAAK,SACL,IAAK,SACHQ,GAAY,EACZ,MACF,QACEA,GAAY,EAGhB,OAAOA,CACT,EAEAC,iBAAkB,SAASF,EAA0B/D,GACnD,IAAIkE,EACJ,OAAQH,GACN,IAAK,iBACHG,EAAkBhE,KAAK2D,oBACvB,MACF,IAAK,eACHK,EAAkBhE,KAAKwD,kBACvB,MACF,IAAK,SACHQ,EAAkBhE,KAAKiE,iBAAiBnE,GACxC,MACF,IAAK,SACHkE,EAAkBhE,KAAKkE,qBACvB,MACF,QACE,MAAM,IAAIC,EAAAA,EAAa,gCAAD,OAAiCN,IAG3D,OAAOG,CACT,EAEAI,gBAAiB,SAASC,GACxB,IAAIC,EACAC,EAKJ,OAFAD,GADAD,EAAQA,EAAM1B,SACE6B,SAChBD,EAAWF,EAAMtE,OAASsE,EAAM,GAAK,MAKjCrE,KAAK4D,gBAAgBU,GAChBA,IAITG,EAAAA,EAAAA,IAAK,gCAAD,OAAiCH,EAAO,0BAAkBC,EAAQ,MAG/DvE,KAAKoE,gBAAgBC,IAXnBC,CAYX,EAEAd,gBAAiB,WAMf,OAJIkB,EAAAA,EAAAA,kBAAmBC,OAAOC,YAC5BD,OAAOC,UAAY,WAAY,GAG1BC,YACT,EAEAlB,kBAAmB,WACjB,OAAOmB,cACT,EAGAb,iBAAkB,SAASnE,GAAwB,WAC3CiF,EAASjF,EAASiF,OAClBC,EAAWlF,EAASkF,SACpBC,EAAgBnF,EAASmF,cAC/B,QAAsB,IAAXF,QAA8C,IAAbC,EAC1C,MAAM,IAAIb,EAAAA,EAAa,sEAEzB,IAAMZ,EAAyB,CAC7B2B,QAASlF,KAAKuD,QAAQhB,IACtB4C,QAAS,SAACnE,EAAKM,GAAkD,IAA3C8D,EAAY,UAAH,6CAAG,2BAEhCA,EAAaH,EAAgB,KAAOG,EACpC,EAAK7B,QAAQlC,IAAIL,EAAKM,EAAO8D,EAAW,CACtCL,OAAQA,EACRC,SAAUA,GAEd,EACAK,WAAY,SAACrE,GACX,EAAKuC,QAAQ+B,OAAOtE,EACtB,GAGF,OAAKlB,EAASyF,mBAOP,CACLL,QAAS,SAASlE,GAChB,IAAIwE,EAAOjC,EAAQ2B,UACf5D,EAAQ,CAAC,EAMb,OALAf,OAAOkF,KAAKD,GAAME,SAAQ,SAAAC,GACA,IAApBA,EAAEC,QAAQ5E,KACZM,EAAMqE,EAAE7D,QAAQ,GAAD,OAAId,EAAG,KAAK,KAAO6E,KAAKC,MAAMN,EAAKG,IAEtD,IACOE,KAAKE,UAAUzE,EACxB,EACA6D,QAAS,SAASnE,EAAKM,GACrB,IAAI0E,EAAiBH,KAAKC,MAAM9F,KAAKkF,QAAQlE,IAC7CM,EAAQuE,KAAKC,MAAMxE,GAEnBf,OAAOkF,KAAKnE,GAAOoE,SAAQ,SAAAC,GACzB,IAAIM,EAAajF,EAAM,IAAM2E,EACzBO,EAAeL,KAAKE,UAAUzE,EAAMqE,IACxCpC,EAAQ4B,QAAQc,EAAYC,UACrBF,EAAeL,EACxB,IAEApF,OAAOkF,KAAKO,GAAgBN,SAAQ,SAAAC,GAClCpC,EAAQ8B,WAAWrE,EAAM,IAAM2E,EACjC,GACF,EACAN,WAAY,SAASrE,GACnB,IAAIgF,EAAiBH,KAAKC,MAAM9F,KAAKkF,QAAQlE,IAC7CT,OAAOkF,KAAKO,GAAgBN,SAAQ,SAAAC,GAClCpC,EAAQ8B,WAAWrE,EAAM,IAAM2E,EACjC,GACF,GArCOpC,CAuCX,EAGA4C,cAAe,CAAC,EAChBjC,mBAAoB,WAAW,WAC7B,MAAO,CACLgB,QAAS,SAAClE,GACR,OAAO,EAAKmF,cAAcnF,EAC5B,EACAmE,QAAS,SAACnE,EAAKM,GACb,EAAK6E,cAAcnF,GAAOM,CAC5B,EAEJ,EAEAmC,YAAa,SAASF,GACpB,IAAIvC,EAAM,oBACV,IAGE,OAFAuC,EAAQ4B,QAAQnE,EAAKA,GACrBuC,EAAQ8B,WAAWrE,IACZ,CACT,CAAE,MAAO+B,GACP,OAAO,CACT,CACF,EAEAQ,QAAS,CACPlC,IAAK,SAAS+E,EAAc9E,EAAe8D,EAAmBtF,GAC5D,IAAQkF,EAAqBlF,EAArBkF,SAAUD,EAAWjF,EAAXiF,OAClB,QAAsB,IAAXA,QAA8C,IAAbC,EAC1C,MAAM,IAAIb,EAAAA,EAAa,iEAEzB,IAAIkC,EAA+B,CACjCjD,KAAMtD,EAAQsD,MAAQ,IACtB2B,OAAAA,EACAC,SAAAA,GAaF,OATOtD,KAAKoE,MAAMV,KAKhBiB,EAAc5E,QAAU,IAAIC,KAAK0D,IAGnCkB,EAAAA,IAAYF,EAAM9E,EAAO+E,GAClBrG,KAAKuC,IAAI6D,EAClB,EAEA7D,IAAK,SAAS6D,GAEZ,OAAKtF,UAAUf,OAGRuG,EAAAA,IAAYF,GAFVE,EAAAA,KAGX,EAEAhB,OAAQ,SAASc,GACf,OAAOE,EAAAA,OAAeF,EAAM,CAAEhD,KAAM,KACtC,IAIJ,q6BCrQO,IAAMmD,EAAuB,iBACvBC,EAAwB,IACxBC,EAAsB,EACtBC,EAAyB,IACzBC,EAAyB,MACzBC,EAAqB,qBACrBC,EAAqB,qBACrBC,EAAoB,oBACpBC,EAA2B,2BAC3BC,EAAkC,kCAClCC,EAA4B,4BAC5BC,EAA4B,4BAC5BC,EAA2B,cAC3BC,EAAwB,UACxBC,EAA6B,eAC7BC,EAA4B,eAI5BC,EAAsB,GACtBC,EAAsB,IACtBC,EAAgC,OAEhCC,EAAkB,gyBCJxB,IAAMC,EAAqB,KAC5BC,EAAkB,CACtBC,uBAAwB,KACxBC,cAAe,GAEXC,EAA0B,kBAiBnBC,EAAgB,WAiB3B,WAAYC,GAAsC,WAChD,IADgD,8NAC3CA,EAAI/H,QACP,MAAM,IAAIiE,EAAAA,EAAa,yDAGzBnE,KAAKkI,KAAOD,EACZjI,KAAKmI,SAAW,EAAH,GAAQP,GACrB5H,KAAKoI,WAAaT,EAClB3H,KAAKqI,YAAc,CAAC,EACpBrI,KAAKsI,eAAiB,KACtBtI,KAAKuI,gBAAkB,IAAIC,EAAAA,EAAa,CACtCC,OAAO,IAMTR,EAAIS,aAAaC,GAAGC,EAAAA,IAAa,SAAC5H,EAAK6H,GACrC,EAAKC,eAAe,CAAEC,MAAOH,EAAAA,GAAa5H,IAAAA,EAAK6H,MAAAA,IAC/C,EAAKG,iBACP,IACAf,EAAIS,aAAaC,GAAGM,EAAAA,IAAe,SAACjI,EAAK6H,GACvC,EAAKC,eAAe,CAAEC,MAAOE,EAAAA,GAAejI,IAAAA,EAAK6H,MAAAA,IACjD,EAAKG,iBACP,GACF,CAYC,MAkHA,OA9HA,sCAED,SAAelJ,GACbE,KAAKqI,YAAcvI,CACrB,GAAC,0BAED,WACE,OAAOE,KAAKoI,UACd,GAAC,kCAED,WACE,OAAOpI,KAAKsI,cACd,GAAC,kDAED,uGAkCG,GAlCH,EAC0CtI,KAAKkI,KAAKpI,QAA1CoJ,EAAkB,EAAlBA,mBAAoBvI,EAAO,EAAPA,QAEtBwI,EAAM,SAACC,GACX,MAA8B,EAAKf,YAA3BU,EAAK,EAALA,MAAO/H,EAAG,EAAHA,IAAK6H,EAAK,EAALA,OACpBQ,EAAAA,EAAAA,MAAaC,MAAM,uCAAD,OAAwCP,EAAK,mBAAWK,KAC1EC,EAAAA,EAAAA,MAAaF,IAAInI,EAAK6H,IACtBQ,EAAAA,EAAAA,MAAaF,IAAI,oBAAqB,EAAKf,aAC3CiB,EAAAA,EAAAA,MAAaE,WAGb,EAAKlB,YAAc,CAAC,CACtB,EAEMmB,EAAsB,SAACC,GAnFT,IAACC,EAA6BC,IAoFXF,GApFlBC,EAoFC,EAAKtB,aA9EtBsB,EAAUE,kBAAoBD,EAAMC,iBACtC/D,KAAKE,UAAU2D,EAAUG,WAAahE,KAAKE,UAAU4D,EAAME,UAC3DhE,KAAKE,UAAU2D,EAAUI,eAAiBjE,KAAKE,UAAU4D,EAAMG,cAC/DJ,EAAUK,QAAUJ,EAAMI,MA4EzBpJ,GAAWwI,EAAI,cAGjB,EAAKb,eAAiB,EAAKF,WAC3B,EAAKA,WAAaqB,EAElB,EAAKvB,KAAKhI,QAAQ8J,KAAKjC,EAAyB,EAAF,GAAO0B,IACrD9I,GAAWwI,EAAI,WACjB,EAEMc,EAAe,SAAfA,EAAgBC,GACpB,OAAO,EAAK/B,SAASN,uBAAuBsC,MAAK,WAC/C,IAAMC,EAAa,EAAKjC,SAASN,uBACjC,OAAIuC,GAAcA,IAAeF,EACxBD,EAAaG,GAEf,EAAKC,cACd,GACF,GAEIrK,KAAKmI,SAASN,uBAAwB,CAAF,qBAClC7H,KAAKmI,SAASL,eA7GS,IA6GgC,iBAG5B,OAA7BnH,GAAWwI,EAAI,cAAc,kBACtBc,EAAajK,KAAKmI,SAASN,yBAAuB,QAEzD7H,KAAKmI,SAASN,uBAAuByC,SAAS,QA0DO,OArDnDC,EAAoB,IAAIC,IAAJ,EAAgB,SAACC,EAASC,EAAGC,GACrDA,EAASC,cAAe,EACxBD,GAAS,WACP,EAAKxC,SAASN,uBAAyB,KACvC,EAAKM,SAASL,cAAgB,EAAKK,SAASL,cAAgB,EAC5DnH,GAAWwI,EAAI,WACjB,IAEA,IAAM0B,EAAiB,SAACpB,GAClBc,EAAkBO,WACpBL,KAIFjB,EAAoBC,GACpBgB,IAGA,EAAKtC,SAAW,EAAH,GAAQP,GACvB,EAEA,EAAKM,KAAK0B,kBACPO,MAAK,WACJ,GAAII,EAAkBO,WACpBL,QADF,CAKA,MAA+C,EAAKvC,KAAKQ,aAAaqC,gBAA9DjB,EAAW,EAAXA,YAAaD,EAAO,EAAPA,QAASmB,EAAY,EAAZA,aACxBvB,EAAY,CAChBK,YAAAA,EACAD,QAAAA,EACAmB,aAAAA,EACApB,mBAAoBE,IAAeD,KAIDX,EAChC,EAAKX,gBAAgB0C,KAAK/B,EAAoB,KAAM,EAAKhB,KAAMuB,GAC/DyB,QAAQT,QAAQhB,IAGjBU,MAAK,SAAAV,GAAS,OAAIoB,EAAepB,EAAU,IAC3C0B,OAAM,SAAApB,GAAK,OAAIc,EAAe,CAC7Bf,YAAAA,EACAD,QAAAA,EACAmB,aAAAA,EACApB,iBAAiB,EACjBG,MAAAA,GACA,GAvBJ,CAwBF,GACJ,IAEA/J,KAAKmI,SAASN,uBAAyB0C,EAAkB,kBAElDN,EAAaM,IAAkB,iDACvC,oEAED,SAAUa,GACRpL,KAAKkI,KAAKhI,QAAQyI,GAAGZ,EAAyBqD,EAChD,GAAC,yBAED,SAAYA,GACVpL,KAAKkI,KAAKhI,QAAQmL,IAAItD,EAAyBqD,EACjD,KAAC,EAxK0B,yJC/COF,QAAQT,SAAQ,GAA7C,IACIa,EAAwBJ,QAAQT,SAAQ,GACxCc,EAAwBL,QAAQT,UACpC,SAASe,EAAMC,EAAMC,GAE1B,OADKD,IAAMA,EAAO,GACX,IAAIP,SAAQ,SAAUS,GAC3B,OAAOC,YAAW,WAChB,OAAOD,EAAID,EACb,GAAGD,EACL,GACF,CAQO,SAASI,IACd,OAAOC,KAAKC,SAASC,SAAS,IAAIC,UAAU,EAC9C,CACA,IAAIC,EAAS,EACTC,EAAa,EASV,SAASC,IACd,IAAIC,GAAK,IAAI3K,MAAO4K,UACpB,OAAID,IAAOH,EAEG,IAALG,KADPF,GAGAD,EAASG,EACTF,EAAa,EACD,IAALE,EAEX,CCFO,IAAIE,EAAe,CACxBjK,OA3CK,SAAgBkK,GACrB,IAAI7C,EAAQ,CACV8C,iBAAkB,KAClBC,GAAI,IAAIC,iBAAiBH,GACzBI,OAAQ,IAQV,OALAjD,EAAM+C,GAAGG,UAAY,SAAUC,GACzBnD,EAAM8C,kBACR9C,EAAM8C,iBAAiBK,EAAItH,KAE/B,EACOmE,CACT,EA+BEoD,MA9BK,SAAeC,GACpBA,EAAaN,GAAGK,QAChBC,EAAaJ,OAAS,EACxB,EA4BEK,UAnBK,SAAmBD,EAAcE,GACtCF,EAAaP,iBAAmBS,CAClC,EAkBEC,YA5BK,SAAqBH,EAAcI,GACxC,IAEE,OADAJ,EAAaN,GAAGS,YAAYC,GAAa,GAClC7B,CACT,CAAE,MAAO8B,GACP,OAAOnC,QAAQoC,OAAOD,EACxB,CACF,EAsBEE,UAlBK,WACL,GAAuB,oBAAX5I,QAA0C,oBAATjF,MAAqD,mBAArBiN,iBAM3E,OAAO,EALP,GAAIA,iBAAiBa,QACnB,MAAM,IAAIC,MAAM,uGAElB,OAAO,CAIX,EAUEC,KAjDgB,SAkDhBC,oBAVK,WACL,OAAO,GACT,EASEvB,aApDwB,GCK1B,aAQI,WACoBwB,GAAA,SAAAA,EARJ,SAAM,IAAIC,IAMnB,UAAe,CAGlB,CA2BR,OAzBIC,EAAAA,UAAAA,IAAA,SAAIxM,GACA,OAAO,KAAKyM,IAAIC,IAAI1M,EACxB,EAEAwM,EAAAA,UAAAA,IAAA,SAAIxM,GAAJ,WACI,KAAKyM,IAAI1M,IAAIC,EAAOK,KAQf,KAAKsM,MACN,KAAKA,KAAM,EACXrC,YAAW,WACPsC,EAAKD,KAAM,EAgBrB,SACFE,GASA,IAPA,IAAMC,EAAYzM,IAAQwM,EAAaP,IACjCS,EAAWF,EAAaJ,IAAIO,OAAOD,cAM5B,CAET,IAAME,EAAOF,EAASE,OAAOjN,MAE7B,IAAKiN,EACD,OAEJ,IAAMjN,EAAQiN,EAAK,GAEnB,KADaA,EAAK,GACPH,GAIP,OAHAD,EAAaJ,IAAIzI,OAAOhE,GAMpC,CAzCgBkN,CAAmBN,EACvB,GAAG,GAEX,EAEAJ,EAAAA,UAAAA,MAAA,WACI,KAAKC,IAAIU,OACb,EACJ,EArCA,GAwEM,SAAU9M,IACZ,OAAO,IAAID,MAAO4K,SACtB,CChFO,SAAS,IACd,IAAIoC,EAAkB5N,UAAUf,OAAS,QAAsB4O,IAAjB7N,UAAU,GAAmBA,UAAU,GAAK,CAAC,EACvFhB,EAAU+F,KAAKC,MAAMD,KAAKE,UAAU2I,IA6BxC,YA1BwC,IAA7B5O,EAAQ8O,mBAAkC9O,EAAQ8O,kBAAmB,GAG3E9O,EAAQ+O,MAAK/O,EAAQ+O,IAAM,CAAC,GAE5B/O,EAAQ+O,IAAIjB,MAAK9N,EAAQ+O,IAAIjB,IAAM,MACnC9N,EAAQ+O,IAAIC,mBAAkBhP,EAAQ+O,IAAIC,iBAAmB,KAE9DJ,EAAgBG,KAA8C,mBAAhCH,EAAgBG,IAAIE,UAAwBjP,EAAQ+O,IAAIE,QAAUL,EAAgBG,IAAIE,SAGnHjP,EAAQkP,eAAclP,EAAQkP,aAAe,CAAC,GAC9ClP,EAAQkP,aAAaC,gBAAenP,EAAQkP,aAAaC,cAAgB,KAG1EP,EAAgBQ,UAASpP,EAAQoP,QAAUR,EAAgBQ,SAG1DpP,EAAQqP,OAAMrP,EAAQqP,KAAO,CAAC,GAC9BrP,EAAQqP,KAAKvB,MAAK9N,EAAQqP,KAAKvB,IAAM,MAKrC9N,EAAQqP,KAAKC,oBAAmBtP,EAAQqP,KAAKC,kBAAoB,WAC9B,IAA7BtP,EAAQqP,KAAKE,cAA6BvP,EAAQqP,KAAKE,aAAc,GACzEvP,CACT,CCtBO,IAIHwP,EAAkB,WAMXC,EAAuB,CAChCC,WAAY,WAGP,SAASC,IACd,GAAyB,oBAAdC,UAA2B,OAAOA,UAC7C,GAAsB,oBAAX/K,OAAwB,CACjC,QAAmC,IAAxBA,OAAOgL,aAA8B,OAAOhL,OAAOgL,aAC9D,QAAsC,IAA3BhL,OAAOiL,gBAAiC,OAAOjL,OAAOiL,gBACjE,QAAkC,IAAvBjL,OAAOkL,YAA6B,OAAOlL,OAAOkL,WAC/D,CACA,OAAO,CACT,CAOO,SAASC,EAA2BC,GACrCA,EAAGC,QACLD,EAAGC,QAEP,CAuNA,SAASC,EAAUtG,GACbA,EAAMuG,QACVC,EAAgBxG,GAAOQ,MAAK,WAC1B,OAAOqB,EAAM7B,EAAM7J,QAAQ+O,IAAIC,iBACjC,IAAG3E,MAAK,WACN,OAAO8F,EAAUtG,EACnB,GACF,CAWA,SAASwG,EAAgBxG,GAEvB,OAAIA,EAAMuG,OAAe3E,EAGpB5B,EAAM8C,iBAtKN,SAA+B2D,EAAIC,GACxC,IAAIN,EAAKK,EAAGE,YAAYhB,EAAiB,WAAYC,GACjDgB,EAAcR,EAAGQ,YAAYjB,GAC7BkB,EAAM,GACNC,EAAgBC,YAAYC,MAAMN,EAAe,EAAGO,KAOxD,GAAIL,EAAYM,OAAQ,CACtB,IAAIC,EAAgBP,EAAYM,OAAOJ,GACvC,OAAO,IAAIvF,SAAQ,SAAUS,EAAKoF,GAChCD,EAAcE,QAAU,SAAU3D,GAChC,OAAO0D,EAAI1D,EACb,EACAyD,EAAcG,UAAY,SAAUlO,GAClC4I,EAAI5I,EAAEnC,OAAOsQ,OACf,CACF,GACF,CAYA,OAAO,IAAIhG,SAAQ,SAAUS,EAAKoF,GAChC,IAAII,EAZN,WAIE,IAEE,OADAV,EAAgBC,YAAYC,MAAMN,EAAe,EAAGO,KAC7CL,EAAYa,WAAWX,EAChC,CAAE,MAAO1N,GACP,OAAOwN,EAAYa,YACrB,CACF,CAE0BA,GACxBD,EAAkBH,QAAU,SAAU3D,GACpC,OAAO0D,EAAI1D,EACb,EACA8D,EAAkBF,UAAY,SAAUI,GACtC,IAAIC,EAASD,EAAGzQ,OAAOsQ,OACnBI,EACEA,EAAOhQ,MAAMiQ,GAAKlB,EAAe,EACnCiB,EAAiB,SAAEjB,EAAe,IAElCG,EAAIvF,KAAKqG,EAAOhQ,OAChBgQ,EAAiB,aAGnBxB,EAA2BC,GAC3BpE,EAAI6E,GAER,CACF,GACF,CAkHSgB,CAAsB7H,EAAMyG,GAAIzG,EAAM0G,cAAclG,MAAK,SAAUsH,GACxE,IAAIC,EAAcD,EAKdE,QAAO,SAAUC,GACnB,QAASA,CACX,IAAG7D,KAAI,SAAU6D,GAIf,OAHIA,EAAOL,GAAK5H,EAAM0G,eACpB1G,EAAM0G,aAAeuB,EAAOL,IAEvBK,CACT,IAAGD,QAAO,SAAUC,GAClB,OA9BN,SAAwBA,EAAQjI,GAC9B,QAAIiI,EAAOC,OAASlI,EAAMkI,MACtBlI,EAAMmI,KAAK9D,IAAI4D,EAAOL,KACtBK,EAAOpM,KAAKiG,KAAO9B,EAAMoI,qBAE/B,CAyBaC,CAAeJ,EAAQjI,EAChC,IAAGsI,MAAK,SAAUC,EAASC,GACzB,OAAOD,EAAQzG,KAAO0G,EAAQ1G,IAChC,IAOA,OANAiG,EAAYhM,SAAQ,SAAUkM,GACxBjI,EAAM8C,mBACR9C,EAAMmI,KAAKM,IAAIR,EAAOL,IACtB5H,EAAM8C,iBAAiBmF,EAAOpM,MAElC,IACO+F,CACT,IA1BoCA,CA2BtC,CA2BO,IAAI8G,EAAkB,CAC3B/P,OAxHK,SAAgBkK,EAAa1M,GAElC,OADAA,EAAU,EAAwBA,GA7K7B,SAAwB0M,GAC7B,IAGI8F,EAnCU,8BAmCW9F,EAOrB+F,EAVY9C,IAUY+C,KAAKF,GAQjC,OAPAC,EAAYE,gBAAkB,SAAUpB,GAC7BA,EAAGzQ,OAAOsQ,OAChBwB,kBAAkBpD,EAAiB,CACpCqD,QAAS,KACTC,eAAe,GAEnB,EACO,IAAI1H,SAAQ,SAAUS,EAAKoF,GAChCwB,EAAYvB,QAAU,SAAUK,GAC9B,OAAON,EAAIM,EACb,EACAkB,EAAYtB,UAAY,WACtBtF,EAAI4G,EAAYrB,OAClB,CACF,GACF,CAmJS2B,CAAerG,GAAarC,MAAK,SAAUiG,GAChD,IAAIzG,EAAQ,CACVuG,QAAQ,EACRG,aAAc,EACd7D,YAAaA,EACb1M,QAASA,EACT+R,KAAMhG,IAMNiG,KAAM,IAAIhE,EAA+B,EAAlBhO,EAAQ+O,IAAIjB,KAEnCkF,kBAAmBvH,EACnBkB,iBAAkB,KAClBsG,kBAAmB,GACnB3C,GAAIA,GAoBN,OAXAA,EAAGrB,QAAU,WACXpF,EAAMuG,QAAS,EACXpQ,EAAQ+O,IAAIE,SAASjP,EAAQ+O,IAAIE,SACvC,EAOAkB,EAAUtG,GACHA,CACT,GACF,EAgFEoD,MA5BK,SAAeC,GACpBA,EAAakD,QAAS,EACtBlD,EAAaoD,GAAGrD,OAClB,EA0BEE,UAdK,SAAmBD,EAAcE,EAAIzB,GAC1CuB,EAAa+E,qBAAuBtG,EACpCuB,EAAaP,iBAAmBS,EAChCiD,EAAgBnD,EAClB,EAWEG,YA1BK,SAAqBH,EAAcI,GASxC,OARAJ,EAAa8F,kBAAoB9F,EAAa8F,kBAAkB3I,MAAK,WACnE,OA9OG,SAAsBiG,EAAI4C,EAAY5F,GAC3C,IACI6F,EAAc,CAChBpB,KAAMmB,EACNvH,MAHS,IAAI/J,MAAO4K,UAIpB9G,KAAM4H,GAEJ2C,EAAKK,EAAGE,YAAY,CAAChB,GAAkB,YAAaC,GACxD,OAAO,IAAIrE,SAAQ,SAAUS,EAAKoF,GAChChB,EAAGmD,WAAa,WACd,OAAOvH,GACT,EACAoE,EAAGiB,QAAU,SAAUK,GACrB,OAAON,EAAIM,EACb,EACkBtB,EAAGQ,YAAYjB,GACrB8C,IAAIa,GAChBnD,EAA2BC,EAC7B,GACF,CA2NWoD,CAAanG,EAAaoD,GAAIpD,EAAa6E,KAAMzE,EAC1D,IAAGjD,MAAK,WACmB,KAAX,EAAG,GJ3SZ2B,KAAKsH,MAAsB,GAAhBtH,KAAKC,SI2SP,KA5GX,SAA0BiB,GAC/B,OA1B6BoD,EA0BPpD,EAAaoD,GA1BFxC,EA0BMZ,EAAalN,QAAQ+O,IAAIjB,IAzB5DQ,GAAY,IAAI1M,MAAO4K,UAAYsB,EACnCmC,EAAKK,EAAGE,YAAYhB,EAAiB,WAAYC,GACjDgB,EAAcR,EAAGQ,YAAYjB,GAC7BkB,EAAM,GACH,IAAItF,SAAQ,SAAUS,GAC3B4E,EAAYa,aAAaH,UAAY,SAAUI,GAC7C,IAAIC,EAASD,EAAGzQ,OAAOsQ,OACvB,GAAII,EAAQ,CACV,IAAI+B,EAAS/B,EAAOhQ,MAChB+R,EAAO5H,KAAO2C,GAChBoC,EAAIvF,KAAKoI,GAET/B,EAAiB,aAGjBxB,EAA2BC,GAC3BpE,EAAI6E,GAER,MACE7E,EAAI6E,EAER,CACF,KAGqErG,MAAK,SAAUmJ,GAClF,OA1CG,SAA4BtG,EAAcuG,GAC/C,GAAIvG,EAAakD,OACf,OAAOhF,QAAQT,QAAQ,IAEzB,IACI8F,EADKvD,EAAaoD,GAAGE,YAAYhB,EAAiB,YAAaC,GAC9CgB,YAAYjB,GACjC,OAAOpE,QAAQsI,IAAID,EAAIxF,KAAI,SAAUwD,GACnC,IAAIkC,EAAgBlD,EAAoB,OAAEgB,GAC1C,OAAO,IAAIrG,SAAQ,SAAUS,GAC3B8H,EAAcxC,UAAY,WACxB,OAAOtF,GACT,CACF,GACF,IACF,CA4BW+H,CAAmB1G,EAAcsG,EAAOvF,KAAI,SAAUjB,GAC3D,OAAOA,EAAIyE,EACb,IACF,IA9BK,IAAwBnB,EAAIxC,EAC7BQ,EACA2B,EACAQ,EACAC,CA2BN,CAwGMmD,CAAiB3G,EAErB,IACOA,EAAa8F,iBACtB,EAiBEvF,UAXK,WACL,QAASkC,GACX,EAUE/B,KA9TgB,MA+ThBC,oBAVK,SAA6B7N,GAClC,OAAsC,EAA/BA,EAAQ+O,IAAIC,gBACrB,EASE1C,aA7UwB,GCSnB,SAAS5I,IACd,IAAIqB,EACJ,GAAsB,oBAAXF,OAAwB,OAAO,KAC1C,IACEE,EAAeF,OAAOE,aACtBA,EAAeF,OAAO,8BAAgCA,OAAOE,YAC/D,CAAE,MAAO9B,GAIT,CACA,OAAO8B,CACT,CACO,SAASoB,EAAWuG,GACzB,MArBe,2BAqBKA,CACtB,CAmFO,SAAS,IACd,IAAIoH,EAAKpQ,IACT,IAAKoQ,EAAI,OAAO,EAChB,IACE,IAAI5S,EAAM,2BACV4S,EAAGzO,QAAQnE,EAAK,SAChB4S,EAAGvO,WAAWrE,EAChB,CAAE,MAAO+B,GAIP,OAAO,CACT,CACA,OAAO,CACT,CAUO,IAAI8Q,EAAqB,CAC9BvR,OA9DK,SAAgBkK,EAAa1M,GAElC,GADAA,EAAU,EAAwBA,IAC7B,IACH,MAAM,IAAI2N,MAAM,iDAElB,IAAIoE,EAAOhG,IAOPiG,EAAO,IAAIhE,EAAahO,EAAQkP,aAAaC,eAC7CtF,EAAQ,CACV6C,YAAaA,EACbqF,KAAMA,EACNC,KAAMA,GAYR,OATAnI,EAAMmK,SAhCD,SAAiCtH,EAAaU,GACnD,IAAIlM,EAAMiF,EAAWuG,GACjBsH,EAAW,SAAkBzC,GA8BqB,IAAUO,EA7B1DP,EAAGrQ,MAAQA,IA6B+C4Q,EA5BzD/L,KAAKC,MAAMuL,EAAG0C,UA6BdpK,EAAM8C,kBACPmF,EAAOC,OAASA,GACfD,EAAO/I,QAASiJ,EAAK9D,IAAI4D,EAAO/I,SACjC+I,EAAOpM,KAAKiG,MAAQmG,EAAOpM,KAAKiG,KAAO9B,EAAMoI,uBAEjDD,EAAKM,IAAIR,EAAO/I,OAChBc,EAAM8C,iBAAiBmF,EAAOpM,QAjChC,EAEA,OADAb,OAAOqP,iBAAiB,UAAWF,GAC5BA,CACT,CAuBmBG,CAAwBzH,GASlC7C,CACT,EAkCEoD,MAjCK,SAAeC,GAjCf,IAAoC8G,IAkCd9G,EAAa8G,SAjCxCnP,OAAOuP,oBAAoB,UAAWJ,EAkCxC,EAgCE7G,UA/BK,SAAmBD,EAAcE,EAAIzB,GAC1CuB,EAAa+E,qBAAuBtG,EACpCuB,EAAaP,iBAAmBS,CAClC,EA6BEC,YAzGK,SAAqBH,EAAcI,GACxC,OAAO,IAAIlC,SAAQ,SAAUS,GAC3BH,IAAQrB,MAAK,WACX,IAAInJ,EAAMiF,EAAW+G,EAAaR,aAC9B2H,EAAW,CACbtL,MAAOgD,IACPJ,MAAM,IAAI/J,MAAO4K,UACjB9G,KAAM4H,EACNyE,KAAM7E,EAAa6E,MAEjBvQ,EAAQuE,KAAKE,UAAUoO,GAC3B3Q,IAAkB2B,QAAQnE,EAAKM,GAO/B,IAAI+P,EAAK7P,SAAS4S,YAAY,SAC9B/C,EAAGgD,UAAU,WAAW,GAAM,GAC9BhD,EAAGrQ,IAAMA,EACTqQ,EAAG0C,SAAWzS,EACdqD,OAAO2P,cAAcjD,GACrB1F,GACF,GACF,GACF,EAgFE4B,UAAW,EACXG,KAtIgB,eAuIhBC,oBAhBK,WACL,IACI4G,EAAYC,UAAUD,UAAUE,cACpC,OAAIF,EAAUG,SAAS,YAAcH,EAAUG,SAAS,UAE/CC,IAJS,GAOpB,EASEvI,aA1IwB,GCVf,EAAe,EAEtBwI,EAAoB,IAAIC,IAsCjBC,EAAiB,CAC1BxS,OAtCK,SAAgBkK,GACrB,IAAI7C,EAAQ,CACVvD,KAAMoG,EACNC,iBAAkB,MAGpB,OADAmI,EAAkBxC,IAAIzI,GACfA,CACT,EAgCEoD,MA/BK,SAAeC,GACpB4H,EAA0B,OAAE5H,EAC9B,EA8BEC,UAZK,SAAmBD,EAAcE,GACtCF,EAAaP,iBAAmBS,CAClC,EAWEC,YA9BK,SAAqBH,EAAcI,GACxC,OAAO,IAAIlC,SAAQ,SAAUS,GAC3B,OAAOC,YAAW,WACGmJ,MAAMC,KAAKJ,GACjBjD,QAAO,SAAUsD,GAC5B,OAAOA,EAAQ7O,OAAS4G,EAAa5G,IACvC,IAAGuL,QAAO,SAAUsD,GAClB,OAAOA,IAAYjI,CACrB,IAAG2E,QAAO,SAAUsD,GAClB,QAASA,EAAQxI,gBACnB,IAAG/G,SAAQ,SAAUuP,GACnB,OAAOA,EAAQxI,iBAAiBW,EAClC,IACAzB,GACF,GAAG,EACL,GACF,EAeE4B,UAXK,WACL,OAAO,CACT,EAUEG,KA7CgB,WA8ChBC,oBAVK,WACL,OAAO,CACT,EASEvB,aAAc,GC1CZ8I,EAAU,CAAC3I,EAEf8F,EAAiBwB,GCDNsB,EAA0B,IAAIN,IACrCO,EAAS,EACF,EAAmB,SAA0BhP,EAAMtG,GA0L9D,IAAyBmV,EACnBI,ERlMoBC,EQSxBtV,KAAKuR,GAAK6D,IACVD,EAAwB/C,IAAIpS,MAC5BA,KAAKoG,KAAOA,EAIZpG,KAAKF,QAAU,EAAwBA,GACvCE,KAAKuV,ODTA,SAAsBzV,GAC3B,IAAI0V,EAAgB,GAAGC,OAAO3V,EAAQoP,QAASgG,GAASvD,OAAO+D,SAK/D,GAAI5V,EAAQ4N,KAAM,CAChB,GAAqB,aAAjB5N,EAAQ4N,KAEV,OAAOoH,EAET,IAAItE,EAAMgF,EAAcG,MAAK,SAAUC,GACrC,OAAOA,EAAElI,OAAS5N,EAAQ4N,IAC5B,IACA,GAAK8C,EAAwE,OAAOA,EAA1E,MAAM,IAAI/C,MAAM,eAAiB3N,EAAQ4N,KAAO,aAC5D,CAMK5N,EAAQ8O,mBACX4G,EAAgBA,EAAc7D,QAAO,SAAUiE,GAC7C,MAAkB,QAAXA,EAAElI,IACX,KAEF,IAAImI,EAAYL,EAAcG,MAAK,SAAUJ,GAC3C,OAAOA,EAAOhI,WAChB,IACA,GAAKsI,EAKH,OAAOA,EAJP,MAAM,IAAIpI,MAAM,6BAA+B5H,KAAKE,UAAUmP,EAAQnH,KAAI,SAAU6H,GAClF,OAAOA,EAAElI,IACX,KAIJ,CC3BgB,CAAa1N,KAAKF,SAGhCE,KAAK8V,KAAM,EAOX9V,KAAK+V,MAAQ,KAKb/V,KAAKgW,OAAS,CACZC,QAAS,GACTC,SAAU,IAQZlW,KAAKmW,KAAO,IAAItB,IAOhB7U,KAAKoW,MAAQ,GAKbpW,KAAKqW,OAAS,MRrDUf,EQkMpBD,GADmBJ,EA3IPjV,MA4IWuV,OAAOjT,OAAO2S,EAAQ7O,KAAM6O,EAAQnV,WRjM7B,mBAAbwV,EAAInL,MQmMvB8K,EAAQoB,OAAShB,EACjBA,EAAalL,MAAK,SAAUmM,GAK1BrB,EAAQsB,OAASD,CACnB,KAEArB,EAAQsB,OAASlB,CAtJrB,EAuHA,SAASmB,EAAMC,EAAkB/I,EAAMZ,GACrC,IACI8E,EAAS,CACXnG,KAFSgL,EAAiBlB,OAAOnJ,eAGjCsB,KAAMA,EACNlI,KAAMsH,GAGR,OADmB2J,EAAiBJ,OAASI,EAAiBJ,OAAS9K,GACnDpB,MAAK,WACvB,IAAIuM,EAAcD,EAAiBlB,OAAOpI,YAAYsJ,EAAiBF,OAAQ3E,GAO/E,OAJA6E,EAAiBN,KAAK/D,IAAIsE,GAC1BA,EAAmB,QAAIvM,MAAK,WAC1B,OAAOsM,EAAiBN,KAAa,OAAEO,EACzC,IACOA,CACT,GACF,CAgBA,SAASC,EAAqB1B,GAC5B,OAAIA,EAAQe,OAAOC,QAAQlW,OAAS,GAChCkV,EAAQe,OAAOE,SAASnW,OAAS,CAEvC,CACA,SAAS6W,EAAmB3B,EAASvH,EAAM4H,GACzCL,EAAQe,OAAOtI,GAAMzC,KAAKqK,GAS5B,SAAyBL,GACvB,IAAKA,EAAQa,KAAOa,EAAqB1B,GAAU,CAGjD,IAAI4B,EAAa,SAAoBjF,GACnCqD,EAAQe,OAAOpE,EAAOlE,MAAMhI,SAAQ,SAAUoR,GAU5C,IACIC,EAAiBD,EAAerL,KADb,IAEnBmG,EAAOnG,MAAQsL,GACjBD,EAAe5J,GAAG0E,EAAOpM,KAE7B,GACF,EACIiG,EAAOwJ,EAAQM,OAAOnJ,eACtB6I,EAAQoB,OACVpB,EAAQoB,OAAOlM,MAAK,WAClB8K,EAAQa,KAAM,EACdb,EAAQM,OAAOtI,UAAUgI,EAAQsB,OAAQM,EAAYpL,EACvD,KAEAwJ,EAAQa,KAAM,EACdb,EAAQM,OAAOtI,UAAUgI,EAAQsB,OAAQM,EAAYpL,GAEzD,CACF,CAzCEuL,CAAgB/B,EAClB,CACA,SAASgC,EAAsBhC,EAASvH,EAAM4H,GAC5CL,EAAQe,OAAOtI,GAAQuH,EAAQe,OAAOtI,GAAMiE,QAAO,SAAUuF,GAC3D,OAAOA,IAAM5B,CACf,IAqCF,SAAwBL,GACtB,GAAIA,EAAQa,MAAQa,EAAqB1B,GAAU,CAEjDA,EAAQa,KAAM,EACd,IAAIrK,EAAOwJ,EAAQM,OAAOnJ,eAC1B6I,EAAQM,OAAOtI,UAAUgI,EAAQsB,OAAQ,KAAM9K,EACjD,CACF,CA3CE0L,CAAelC,EACjB,CA9JA,EAAiBzH,SAAU,EA4B3B,EAAiBlN,UAAY,CAC3B6M,YAAa,SAAqBL,GAChC,GAAI9M,KAAKkQ,OACP,MAAM,IAAIzC,MAAM,gFAMhB5H,KAAKE,UAAU+G,IAEjB,OAAO0J,EAAMxW,KAAM,UAAW8M,EAChC,EACAsK,aAAc,SAAsBtK,GAClC,OAAO0J,EAAMxW,KAAM,WAAY8M,EACjC,EACID,cAAUK,GACZ,IACImK,EAAY,CACd5L,KAFSzL,KAAKuV,OAAOnJ,eAGrBc,GAAIA,GAEN+J,EAAsBjX,KAAM,UAAWA,KAAK+V,OACxC7I,GAAoB,mBAAPA,GACflN,KAAK+V,MAAQsB,EACbT,EAAmB5W,KAAM,UAAWqX,IAEpCrX,KAAK+V,MAAQ,IAEjB,EACA/B,iBAAkB,SAA0BtG,EAAMR,GAMhD0J,EAAmB5W,KAAM0N,EAJT,CACdjC,KAFSzL,KAAKuV,OAAOnJ,eAGrBc,GAAIA,GAGR,EACAgH,oBAAqB,SAA6BxG,EAAMR,GAItD+J,EAAsBjX,KAAM0N,EAHlB1N,KAAKgW,OAAOtI,GAAMiI,MAAK,SAAUL,GACzC,OAAOA,EAAIpI,KAAOA,CACpB,IAEF,EACAH,MAAO,WACL,IAAImB,EAAQlO,KACZ,IAAIA,KAAKkQ,OAAT,CAGAiF,EAAgC,OAAEnV,MAClCA,KAAKkQ,QAAS,EACd,IAAIoH,EAAetX,KAAKqW,OAASrW,KAAKqW,OAAS9K,EAG/C,OAFAvL,KAAK+V,MAAQ,KACb/V,KAAKgW,OAAOC,QAAU,GACfqB,EAENnN,MAAK,WACJ,OAAOe,QAAQsI,IAAIuB,MAAMC,KAAK9G,EAAMiI,MACtC,IAEChM,MAAK,WACJ,OAAOe,QAAQsI,IAAItF,EAAMkI,MAAMrI,KAAI,SAAUb,GAC3C,OAAOA,GACT,IACF,IAEC/C,MAAK,WACJ,OAAO+D,EAAMqH,OAAOxI,MAAMmB,EAAMqI,OAClC,GApBA,CAqBF,EACI7I,WACF,OAAO1N,KAAKuV,OAAO7H,IACrB,EACI6J,eACF,OAAOvX,KAAKkQ,MACd,GClKF,IACIsH,EAD0F,qBAAjFjX,OAAOD,UAAU0L,SAASyL,KAAwB,oBAAZC,QAA0BA,QAAU,GCRhF,SAAiBxK,GACtBwK,QAAQ/O,GAAG,QAAQ,WACjB,OAAOuE,GACT,IAQAwK,QAAQ/O,GAAG,cAAc,WACvB,OAAOuE,IAAK/C,MAAK,WACf,OAAOuN,QAAQC,MACjB,GACF,IAEAD,QAAQ/O,GAAG,UAAU,WACnB,OAAOuE,IAAK/C,MAAK,WACf,OAAOuN,QAAQC,MACjB,GACF,IAEAD,QAAQ/O,GAAG,qBAAqB,SAAU0E,GACxC,OAAOH,IAAK/C,MAAK,WACfyN,QAAQC,MAAMxK,GACdqK,QAAQC,KAAK,IACf,GACF,GACF,EC3BO,SAAoBzK,GACzB,GAAiC,mBAAtB4K,mBAAoCpY,gBAAgBoY,kBAAmB,CAOhF,IAAIC,EAAWrY,KAAKqN,MAAMiL,KAAKtY,MAC/BA,KAAKqN,MAAQ,WAEX,OADAG,IACO6K,GACT,CACF,KAAO,CAKL,GAAuC,mBAA5BpT,OAAOqP,iBAChB,OAMFrP,OAAOqP,iBAAiB,gBAAgB,WACtC9G,GACF,IAAG,GAMHvI,OAAOqP,iBAAiB,UAAU,WAChC9G,GACF,IAAG,EACL,CAMF,EFlCI+K,EAAY,IAAIpD,IAChBqD,GAAmB,EAyBhB,SAASC,IACd,IAAIC,EAAW,GAKf,OAJAH,EAAUvS,SAAQ,SAAUwH,GAC1BkL,EAASnN,KAAKiC,KACd+K,EAAkB,OAAE/K,EACtB,IACOhC,QAAQsI,IAAI4E,EACrB,CGtCO,SAASC,EAAkBC,EAAeC,GAC/C,IAAIC,EAAU,CACZC,QAAS,SACTF,OAAQA,EACR1P,MAAOyP,EAAczP,OAEvB,OAAOyP,EAAc7B,iBAAiBW,aAAaoB,EACrD,CACO,SAASE,EAASJ,GACvBA,EAAcK,UAAW,EACzBL,EAAcM,YAAa,EAC3B,IAAIC,EHGC,SAAa3L,GAElB,GARIgL,IAGJA,GAAmB,EACnBV,EAAWW,IAIO,mBAAPjL,EACT,MAAM,IAAIO,MAAM,2BAYlB,OAVAwK,EAAU7F,IAAIlF,GACE,CACdlK,OAAQ,WACN,OAAOiV,EAAkB,OAAE/K,EAC7B,EACA4L,IAAK,WAEH,OADAb,EAAkB,OAAE/K,GACbA,GACT,EAGJ,CGnBiB,EAAU,WACvB,OAAOoL,EAAcS,KACvB,IACAT,EAAcU,KAAK/N,KAAK4N,GACxB,IAAII,EAAmB,SAA0BnM,GAC3B,WAAhBA,EAAI2L,SAAuC,UAAf3L,EAAIyL,QAClCF,EAAkBC,EAAe,QAEf,WAAhBxL,EAAI2L,SAAuC,SAAf3L,EAAIyL,QAAsBD,EAAcY,QAStEZ,EAAcY,OAAQ,EACtBZ,EAAca,OACdd,EAAkBC,EAAe,QAErC,EAIA,OAFAA,EAAc7B,iBAAiBzC,iBAAiB,WAAYiF,GAC5DX,EAAcc,OAAOnO,KAAKgO,GACnBZ,EAAkBC,EAAe,OAC1C,CCnCO,IAAIe,EAAwB,SAA+B5C,EAAkB3W,GAClF,IAAIoO,EAAQlO,KACZA,KAAKyW,iBAAmBA,EACxBA,EAAiBL,MAAMnL,MAAK,WAC1B,OAAOiD,EAAM6K,KACf,IACA/Y,KAAKsZ,SAAWxZ,EAChBE,KAAK2Y,UAAW,EAChB3Y,KAAKuZ,QAAS,EACdvZ,KAAK6I,MAAQgD,IACb7L,KAAKoZ,OAAS,GACdpZ,KAAKgZ,KAAO,GACZhZ,KAAKmZ,KAAO,WAAa,EACzBnZ,KAAKkZ,OAAQ,EAEblZ,KAAKwZ,MAAQ,CAAC,EAGdxZ,KAAKyZ,GAAK,cAAgBhD,EAAiBlB,OAAO7H,KAAO,KAAO+I,EAAiBrQ,IACnF,EACAiT,EAAsB/Y,UAAY,CAChCoZ,UAAW,WACT,IAAIC,EAAS3Z,KACb,OAAOwU,UAAUoF,MAAMC,QAAQ1P,MAAK,SAAUyP,GAC5C,IAAIE,EAAgBF,EAAMG,KAAOH,EAAMG,KAAKpI,QAAO,SAAUqI,GAC3D,OAAOA,EAAK5T,OAASuT,EAAOF,EAC9B,IAAK,GACL,SAAIK,GAAiBA,EAAc/Z,OAAS,EAK9C,GACF,EACAka,gBAAiB,WACf,IAAIC,EAASla,KACb,IAAKA,KAAKma,MAAO,CACfna,KAAKwZ,MAAMY,EAAI,IAAIC,gBACnB,IAAIC,EAAgB,IAAIpP,SAAQ,SAAUS,EAAKoF,GAC7CmJ,EAAOV,MAAM7N,IAAMA,EACnBuO,EAAOV,MAAMzI,IAAMA,CACrB,IACA/Q,KAAKma,MAAQ,IAAIjP,SAAQ,SAAUS,GACjC6I,UAAUoF,MAAMW,QAAQL,EAAOT,GAAI,CACjCe,OAAQN,EAAOV,MAAMY,EAAEI,SACtB,WAKD,OAHAN,EAAOV,MAAMY,OAAIzL,EACjB+J,EAASwB,GACTvO,IACO2O,CACT,IAAU,OAAE,WAAa,GAC3B,GACF,CACA,OAAOta,KAAKma,KACd,EACIM,gBAAYC,GAEhB,EACA3B,IAAK,WACH,IAAI4B,EAAS3a,KAmBb,OAlBAA,KAAKoZ,OAAO1T,SAAQ,SAAUoO,GAC5B,OAAO6G,EAAOlE,iBAAiBvC,oBAAoB,WAAYJ,EACjE,IACA9T,KAAKoZ,OAAS,GACdpZ,KAAKgZ,KAAKtT,SAAQ,SAAUkV,GAC1B,OAAOA,EAAI5X,QACb,IACAhD,KAAKgZ,KAAO,GACRhZ,KAAK2Y,WACP3Y,KAAK2Y,UAAW,GAElB3Y,KAAKuZ,QAAS,EACVvZ,KAAKwZ,MAAM7N,KACb3L,KAAKwZ,MAAM7N,MAET3L,KAAKwZ,MAAMY,GACbpa,KAAKwZ,MAAMY,EAAES,MAAM,sCAEdxC,EAAkBrY,KAAM,QACjC,GCpFF,IAAI8a,EAAiB,SAAwBrE,EAAkB3W,GAC7D,IAAIoO,EAAQlO,KACZA,KAAKyW,iBAAmBA,EACxBzW,KAAKsZ,SAAWxZ,EAChBE,KAAK2Y,UAAW,EAChB3Y,KAAK4Y,YAAa,EAClB5Y,KAAKuZ,QAAS,EACdvZ,KAAK6I,MAAQgD,IAOb7L,KAAK+a,MAAQxP,EAEbvL,KAAKgb,OAAS,EAGdhb,KAAKgZ,KAAO,GACZhZ,KAAKoZ,OAAS,GACdpZ,KAAKmZ,KAAO,WAAa,EACzBnZ,KAAKkZ,OAAQ,EAOb,IAAI+B,EAAoB,SAA2BnO,GAC7B,WAAhBA,EAAI2L,UACa,UAAf3L,EAAIyL,SACNrK,EAAM0K,YAAa,GAEF,SAAf9L,EAAIyL,SACNrK,EAAM0K,YAAa,GAGzB,EACA5Y,KAAKyW,iBAAiBzC,iBAAiB,WAAYiH,GACnDjb,KAAKoZ,OAAOnO,KAAKgQ,EACnB,EAqOO,SAASC,EAAqBjG,EAASnV,GAC5C,GAAImV,EAAQkG,eACV,MAAM,IAAI1N,MAAM,iDAElB3N,EAfF,SAAiCA,EAASmV,GASxC,OARKnV,IAASA,EAAU,CAAC,IACzBA,EAAU+F,KAAKC,MAAMD,KAAKE,UAAUjG,KACvBgP,mBACXhP,EAAQgP,iBAAmB,KAExBhP,EAAQsb,eACXtb,EAAQsb,aAAenG,EAAQM,OAAO5H,oBAAoBsH,EAAQnV,UAE7DA,CACT,CAKY,CAAwBA,EAASmV,GAC3C,IAAIoG,EdhOqB,oBAAd7G,gBAAwD,IAApBA,UAAUoF,OAA4D,mBAA5BpF,UAAUoF,MAAMW,QcgOpE,IAAIlB,EAAsBpE,EAASnV,GAAW,IAAIgb,EAAe7F,EAASnV,GAK/G,OAJAmV,EAAQmB,MAAMnL,MAAK,WACjB,OAAOoQ,EAAQtC,KACjB,IACA9D,EAAQkG,eAAiBE,EAClBA,CACT,CA/OAP,EAAexa,UAAY,CACzBoZ,UAAW,WACT,OAAOxO,QAAQT,QAAQzK,KAAK4Y,WAC9B,EAMA0C,UAAW,SAEXC,GACE,IAAI5B,EAAS3Z,KACb,OAAIA,KAAK2Y,SACAnN,EAAM,GAAG,GAEdxL,KAAKuZ,OACA/N,EAAM,GAAG,GAOdxL,KAAKgb,OAAS,EACThb,KAAK+a,OAyFd/a,KAAKgb,OAAShb,KAAKgb,OAAS,EAC5Bhb,KAAK+a,MAAQ/a,KAAK+a,MAAM5Q,MAAK,WAC3B,OArFa,WAMb,GAAIwP,EAAOhB,SACT,OAAOrN,EAET,IACIkQ,EADAC,GAAe,EAQfC,EAAsB,IAAIxQ,SAAQ,SAAUS,GAC9C6P,EAA6B,WAC3BC,GAAe,EACf9P,GACF,CACF,IACIgQ,EAAgB,SAAuB7O,GACrB,WAAhBA,EAAI2L,SAAwB3L,EAAIjE,OAAS8Q,EAAO9Q,QAC/B,UAAfiE,EAAIyL,QAEFzL,EAAIjE,MAAQ8Q,EAAO9Q,OAKrB2S,IAGe,SAAf1O,EAAIyL,SAENiD,IACA7B,EAAOf,YAAa,GAG1B,EACAe,EAAOlD,iBAAiBzC,iBAAiB,WAAY2H,GAYrD,IAAIC,EAAoBL,EAAwD,EAA/B5B,EAAOL,SAAS8B,aAAmBzB,EAAOL,SAAS8B,aACpG,OAAO/C,EAAkBsB,EAAQ,SAChCxP,MAAK,WACJ,OAAOe,QAAQ2Q,KAAK,CAACrQ,EAAMoQ,GAAoBF,EAAoBvR,MAAK,WACtE,OAAOe,QAAQoC,OAAO,IAAIG,MAC5B,KACF,IAECtD,MAAK,WACJ,OAAOkO,EAAkBsB,EAAQ,QACnC,IAECxP,MAAK,WACJ,OAAOe,QAAQ2Q,KAAK,CAACrQ,EAAMoQ,GAAoBF,EAAoBvR,MAAK,WACtE,OAAOe,QAAQoC,OAAO,IAAIG,MAC5B,KACF,IAAU,OAAE,WAAa,IAAGtD,MAAK,WAE/B,OADAwP,EAAOlD,iBAAiBvC,oBAAoB,WAAYyH,IACnDF,GAEI/C,EAASiB,GAAQxP,MAAK,WAC3B,OAAO,CACT,GAKJ,GACF,CAGS2R,EACT,IAAG3R,MAAK,WACNwP,EAAOqB,OAASrB,EAAOqB,OAAS,CAClC,IACOhb,KAAK+a,MAAM5Q,MAAK,WACrB,OAAOwP,EAAOhB,QAChB,IACF,EACAsB,gBAAiB,WAKf,OAHCja,KAAK+b,OACJ/b,KAAK+b,MA6BmBzD,EA7BStY,MA8BnB2Y,SACTpN,EAEF,IAAIL,SAAQ,SAAUS,GAC3B,IAAIqQ,GAAW,EACf,SAASC,IACHD,IAGJA,GAAW,EACX1D,EAAc7B,iBAAiBvC,oBAAoB,WAAYgI,GAC/DvQ,GAAI,GACN,CAGA2M,EAAcgD,YAAYnR,MAAK,WACzBmO,EAAcK,UAChBsD,GAEJ,IAMoB,SAASE,IAC3B,OAAO3Q,EAAM8M,EAAcgB,SAASxK,kBAAkB3E,MAAK,WACzD,IAAImO,EAAciB,SAAUyC,EAG5B,OAAI1D,EAAcK,cAChBsD,IAEO3D,EAAcgD,WAAU,GAAMnR,MAAK,WACpCmO,EAAcK,SAChBsD,IAEAE,GAEJ,GAEJ,GACF,CACAA,GAGA,IAAID,EAAoB,SAA2BpP,GAC7B,WAAhBA,EAAI2L,SAAuC,UAAf3L,EAAIyL,SAClCD,EAAcM,YAAa,EAC3BN,EAAcgD,YAAYnR,MAAK,WACzBmO,EAAcK,UAChBsD,GAEJ,IAEJ,EACA3D,EAAc7B,iBAAiBzC,iBAAiB,WAAYkI,GAC5D5D,EAAcc,OAAOnO,KAAKiR,EAC5B,KAtFSlc,KAAK+b,KA2BhB,IAA8BzD,CA1B5B,EACImC,gBAAYvN,GACdlN,KAAKmZ,KAAOjM,CACd,EACA6L,IAAK,WACH,IAAImB,EAASla,KAcb,OAbAA,KAAKoZ,OAAO1T,SAAQ,SAAUoO,GAC5B,OAAOoG,EAAOzD,iBAAiBvC,oBAAoB,WAAYJ,EACjE,IACA9T,KAAKoZ,OAAS,GACdpZ,KAAKgZ,KAAKtT,SAAQ,SAAUkV,GAC1B,OAAOA,EAAI5X,QACb,IACAhD,KAAKgZ,KAAO,GACRhZ,KAAK2Y,WACP3Y,KAAK4Y,YAAa,EAClB5Y,KAAK2Y,UAAW,GAElB3Y,KAAKuZ,QAAS,EACPlB,EAAkBrY,KAAM,QACjC,gBCzKWoc,GAAqB,WAMhC,aAA0C,IAA9Btc,EAA0B,UAAH,6CAAG,CAAC,GAAC,oIAFtB,GAGhBE,KAAKF,QAAUA,EACfE,KAAKqc,kBAAoBrc,KAAKqc,kBAAkBrE,KAAKhY,MACrDA,KAAKsc,SAAWtc,KAAKsc,SAAStE,KAAKhY,KACrC,CA0BC,MAXA,EAZA,EAmDA,OAtDA,yCAED,WACA,GAAC,2CAED,sGAC6B,QAD7B,GACQ,EAAAA,KAAKF,SAAQwc,gBAAQ,aAArB,UAAyB,gDAChC,mEAED,WAAW,MACT,QAAqB,QAAb,EAACtc,KAAKqb,eAAO,QAAZ,EAAc1C,SACzB,GAAC,uBAED,WAAY,MACV,QAAqB,QAAb,EAAC3Y,KAAKqb,eAAO,QAAZ,EAAc3B,UACzB,GAAC,wCAED,oFACM1Z,KAAKuc,aACCC,EAAwBxc,KAAKF,QAA7B0c,oBACRxc,KAAKiV,QAAU,IAAItI,EAAiB6P,GACpCxc,KAAKqb,QAAUH,EAAqBlb,KAAKiV,SACzCjV,KAAKqb,QAAQZ,YAAcza,KAAKqc,kBAChCrc,KAAKqb,QAAQpB,kBAAkB9P,KAAKnK,KAAKsc,UACzCtc,KAAKyc,SAAU,GAChB,gDACF,oFAED,kFACMzc,KAAKyc,QAAS,CAAF,oBACVzc,KAAKqb,QAAS,CAAF,+BACRrb,KAAKqb,QAAQtC,MAAK,OACxB/Y,KAAKqb,aAAU1M,EAAU,WAEvB3O,KAAKiV,QAAS,CAAF,gBAE+C,OAA5DjV,KAAKiV,QAAgBmC,aAAe,kBAAMlM,QAAQT,SAAS,EAAC,SACvDzK,KAAKiV,QAAQlI,QAAO,OAC1B/M,KAAKiV,aAAUtG,EAAU,QAE3B3O,KAAKyc,SAAU,EAAM,iDAExB,6EAED,WACE,OAAO,CACT,GAAC,uBAED,WACE,OAAOzc,KAAKyc,OACd,GAAC,sBAED,WACE,OAAOC,EAAAA,EAAAA,eAAgB1c,KAAKyc,OAC9B,KAAC,EAhE+B,oCCRrBE,GAAgB,WAM3B,WAAYjU,GAA0E,IAArC5I,EAAiC,UAAH,6CAAG,CAAC,GAAC,gJAFlE,GAGhBE,KAAK0I,aAAeA,EACpB1I,KAAKF,QAAUA,EACfE,KAAK4c,eAAiB,GACtB5c,KAAK6c,sBAAwB7c,KAAK6c,sBAAsB7E,KAAKhY,KAC/D,CAyDC,MAZA,EAwBA,OArEA,2CAED,WACE,IAAI2L,GAAM,EAEV,GADA3L,KAAK4c,eAAe3R,KAAKvJ,KAAKC,OAC1B3B,KAAK4c,eAAe7c,QAAU,GAAI,CAEpC,IAAM+c,EAAY9c,KAAK4c,eAAepY,QAEtCmH,EADiB3L,KAAK4c,eAAe5c,KAAK4c,eAAe7c,OAAS,GAChD+c,EAAa,GACjC,CACA,OAAOnR,CACT,GAAC,gCAED,WAEE,QAAS3L,KAAKF,QAAQid,cAAeL,EAAAA,EAAAA,YACvC,GAAC,kCAED,WAA+B,WAEvBM,EADehd,KAAK0I,aAAauU,aACXA,aAC5B1c,OAAOkF,KAAKuX,GAAQtX,SAAQ,SAAA1E,GAC1B,IAAM6H,EAAQmU,EAAOhc,KAChBkc,EAAAA,GAAAA,IAAerU,IAAU,EAAKH,aAAayU,WAAWtU,IACzD,EAAKgU,sBAAsB7b,EAE/B,GACF,GAAC,mCAED,SAA8BA,GAC5B,GAAIhB,KAAKF,QAAQsd,UACf,GAAIpd,KAAKqd,sBAAuB,CAC9B,IAAMtT,EAAQ,IAAI5F,GAAAA,EAAa,iCAC/BnE,KAAK0I,aAAa4U,UAAUvT,EAC9B,MACE/J,KAAK0I,aAAa6U,MAAMvc,GAAKmK,OAAM,WAAO,SAEnCnL,KAAKF,QAAQ0d,YACtBxd,KAAK0I,aAAa1F,OAAOhC,EAE7B,GAAC,sBAED,WACE,SAAUhB,KAAKF,QAAQsd,YAAepd,KAAKF,QAAQ0d,YAAgBxd,KAAKyc,QAC1E,GAAC,wCAED,8EACMzc,KAAKuc,aACPvc,KAAK0I,aAAaC,GAAG8U,GAAAA,GAAezd,KAAK6c,uBACrC7c,KAAK0I,aAAagV,aAGpB1d,KAAK2d,uBAEP3d,KAAKyc,SAAU,GAChB,gDACF,oFAED,8EACMzc,KAAKyc,UACPzc,KAAK0I,aAAa2C,IAAIoS,GAAAA,GAAezd,KAAK6c,uBAC1C7c,KAAK4c,eAAiB,GACtB5c,KAAKyc,SAAU,GAChB,gDACF,oEAED,WACE,OAAOzc,KAAKyc,OACd,KAAC,EAhF0B,GCYhBmB,GAAkB,WAO7B,WAAYlV,GAA0E,IAArC5I,EAAiC,UAAH,6CAAG,CAAC,GAAC,yIAHlE,IAAK,iCACK,GAG1BE,KAAK0I,aAAeA,EACpB1I,KAAKF,QAAUA,EACfE,KAAK6d,oBAAsB7d,KAAK6d,oBAAoB7F,KAAKhY,MACzDA,KAAK8d,sBAAwB9d,KAAK8d,sBAAsB9F,KAAKhY,MAC7DA,KAAK+d,sBAAwB/d,KAAK+d,sBAAsB/F,KAAKhY,MAC7DA,KAAKge,oBAAsBhe,KAAKge,oBAAoBhG,KAAKhY,MACzDA,KAAKie,qBAAuBje,KAAKie,qBAAqBjG,KAAKhY,KAC7D,CAiCC,MArBA,EA2GA,OAvHA,0CAED,WACE,OAAO,CACT,GAAC,uBAED,WACE,OAAOA,KAAKyc,OACd,GAAC,sBAED,WACE,QAASzc,KAAKF,QAAQid,cAAeL,EAAAA,EAAAA,eAAgB1c,KAAKyc,OAC5D,GAAC,wCAED,uFACOzc,KAAKuc,WAAY,CAAF,gDAIZ2B,EAAoBle,KAAKF,QAAzBoe,gBAAe,SAGrBle,KAAKiV,QAAU,IAAItI,EAAiBuR,GAA2B,sDAEzD,IAAI/Z,GAAAA,EAAa,2DAA0D,QAGnFnE,KAAK0I,aAAaC,GAAGC,GAAAA,GAAa5I,KAAK6d,qBACvC7d,KAAK0I,aAAaC,GAAGM,GAAAA,GAAejJ,KAAK8d,uBACzC9d,KAAK0I,aAAaC,GAAGwV,GAAAA,EAAene,KAAK+d,uBACzC/d,KAAK0I,aAAaC,GAAGyV,GAAAA,GAAmBpe,KAAKge,qBAC7Che,KAAKiV,QAAQjB,iBAAiB,UAAWhU,KAAKie,sBAC9Cje,KAAKyc,SAAU,EAAK,yDACrB,oFAED,0FACMzc,KAAKyc,QAAS,CAAF,gBAK0D,OAJxEzc,KAAK0I,aAAa2C,IAAIzC,GAAAA,GAAa5I,KAAK6d,qBACxC7d,KAAK0I,aAAa2C,IAAIpC,GAAAA,GAAejJ,KAAK8d,uBAC1C9d,KAAK0I,aAAa2C,IAAI8S,GAAAA,EAAene,KAAK+d,uBAC1C/d,KAAK0I,aAAa2C,IAAI+S,GAAAA,GAAmBpe,KAAKge,qBAClC,QAAZ,EAAAhe,KAAKiV,eAAO,OAAZ,EAAcf,oBAAoB,UAAWlU,KAAKie,sBAAsB,SACtD,QADsD,EAClEje,KAAKiV,eAAO,aAAZ,EAAclI,QAAO,OAC3B/M,KAAKiV,aAAUtG,EACf3O,KAAKyc,SAAU,EAAM,iDAExB,8EAED,SAA4Bzb,EAAa6H,GAAc,MAChD7I,KAAKqe,oBAGE,QAAZ,EAAAre,KAAKiV,eAAO,OAAZ,EAAc9H,YAAY,CACxBO,KAAM9E,GAAAA,GACN5H,IAAAA,EACA6H,MAAAA,IAEJ,GAAC,mCAED,SAA8B7H,EAAa6H,GAAc,MAClD7I,KAAKqe,oBAGE,QAAZ,EAAAre,KAAKiV,eAAO,OAAZ,EAAc9H,YAAY,CACxBO,KAAMzE,GAAAA,GACNjI,IAAAA,EACA6H,MAAAA,IAEJ,GAAC,mCAED,SAA8B7H,EAAa6H,EAAcyV,GAAkB,MACpEte,KAAKqe,oBAGE,QAAZ,EAAAre,KAAKiV,eAAO,OAAZ,EAAc9H,YAAY,CACxBO,KAAMyQ,GAAAA,EACNnd,IAAAA,EACA6H,MAAAA,EACAyV,SAAAA,IAEJ,GAAC,iCAED,SAA4B/a,GAAiB,MAC/B,QAAZ,EAAAvD,KAAKiV,eAAO,OAAZ,EAAc9H,YAAY,CACxBO,KAAM0Q,GAAAA,GACN7a,QAAAA,GAEJ,GAAC,kCAGD,SAA6BuJ,GAU3B,OADA9M,KAAKqe,mBAAoB,EACjBvR,EAAIY,MACV,KAAK0Q,GAAAA,GACHpe,KAAK0I,aAAauU,aAAasB,WAAWzR,EAAIvJ,SAC9C,MACF,KAAKqF,GAAAA,GACH5I,KAAK0I,aAAa8V,UAAU1R,EAAI9L,IAAM8L,EAAIjE,OAC1C7I,KAAK0I,aAAa+V,sBAAsB3R,EAAI9L,IAAM8L,EAAIjE,OACtD,MACF,KAAKI,GAAAA,GACHjJ,KAAK0I,aAAagW,wBAAwB5R,EAAI9L,KAC9ChB,KAAK0I,aAAaiW,YAAY7R,EAAI9L,IAAM8L,EAAIjE,OAC5C,MACF,KAAKsV,GAAAA,EACHne,KAAK0I,aAAakW,YAAY9R,EAAI9L,IAAM8L,EAAIjE,MAAQiE,EAAIwR,UAK5Dte,KAAKqe,mBAAoB,CAC3B,KAAC,EAtI4B,GC1BzBQ,GAAS,WAAH,OAAS/S,KAAKsH,MAAM1R,KAAKC,MAAQ,IAAK,EAErCmd,GAA2B,WAOtC,WAAYpW,GAA0E,IAArC5I,EAAiC,UAAH,6CAAG,CAAC,GAAC,2EALlE,IAAK,yDAED,IAAC,4CAIrBE,KAAK0I,aAAeA,EACpB1I,KAAKF,QAAUA,EAEfE,KAAK+e,sBAAwB/e,KAAKgf,uBAAuBhH,KAAKhY,KAChE,CA6BC,MAPA,EA6BA,OAnDA,8CAID,WACE,GAAIwB,SAASyd,OACXjf,KAAKkf,WAAaL,UAGf,GAAI7e,KAAKkf,WAAa,GAAML,KAAW7e,KAAKkf,YAAclf,KAAKF,QAAQqf,sBAAyB,CACnG,MAAiCnf,KAAK0I,aAAaqC,gBAA3CjB,EAAW,EAAXA,YAAaD,EAAO,EAAPA,QACrB,GAAMC,GAAe9J,KAAK0I,aAAayU,WAAWrT,GAAc,CAC9D,IAAM9I,EAAMhB,KAAK0I,aAAa0W,oBAAoB,eAElDpf,KAAK0I,aAAa6U,MAAMvc,GAAKmK,OAAM,WAAO,GAC5C,MACK,GAAMtB,GAAW7J,KAAK0I,aAAayU,WAAWtT,GAAU,CAC3D,IAAM7I,EAAMhB,KAAK0I,aAAa0W,oBAAoB,WAElDpf,KAAK0I,aAAa6U,MAAMvc,GAAKmK,OAAM,WAAO,GAC5C,CACF,CACF,GAAC,wCAED,8EACMnL,KAAKuc,YAAgB/a,WACvBA,SAASwS,iBAAiB,mBAAoBhU,KAAK+e,uBACnD/e,KAAKyc,SAAU,GAChB,gDACF,oFAED,8EACMjb,WACFA,SAAS0S,oBAAoB,mBAAoBlU,KAAK+e,uBACtD/e,KAAKyc,SAAU,GAChB,gDACF,mEAED,WACE,OAAOC,EAAAA,EAAAA,gBACL1c,KAAKF,QAAQsd,aACbpd,KAAKF,QAAQuf,uBACdrf,KAAKyc,OACR,GAAC,gCAED,WACE,OAAO,CACT,GAAC,uBAED,WACE,OAAOzc,KAAKyc,OACd,KAAC,EA/DqC,kmDC0BxC,IAAM6C,GAAa,YACbC,GAAe,cACfC,GAAkB,iBAClBC,GAA0B,uBAEnBC,GAAc,WAuBzB,WAAYzX,GAA0E,WAArCnI,EAAiC,UAAH,6CAAG,CAAC,GAAC,wIAClFE,KAAKiI,IAAMA,EACXjI,KAAKsc,SAAWtc,KAAKsc,SAAStE,KAAKhY,MAGnC,MAA+CiI,EAAIS,aAAaiX,aAAxDvC,EAAS,EAATA,UAAWI,EAAU,EAAVA,WAAYT,EAAW,EAAXA,YAC/Bjd,EAAQ0c,oBAAsB1c,EAAQ0c,qBAAuB1c,EAAQ8f,qBACrE5f,KAAKF,QAAUS,OAAOC,OAAO,CAAC,EAC5Bkf,EAAeG,eACf,CAAEzC,UAAAA,EAAWI,WAAAA,EAAYT,YAAAA,GACzB,CACEP,oBAAqB,GAAF,OAAKvU,EAAInI,QAAQggB,SAAQ,aAC5C5B,gBAAiB,GAAF,OAAKjW,EAAInI,QAAQggB,SAAQ,WAE1C7f,EAAAA,GAAAA,IAAWH,IAGbE,KAAKyc,SAAU,EACfzc,KAAK+f,SAAW,IAAIlS,IAEpB6R,EAAeM,cAActa,SAAQ,SAAAU,GACnC,IAAM6Z,EAAM,EAAKC,cAAc9Z,GAC3B6Z,GACF,EAAKF,SAAS1e,IAAI+E,EAAM6Z,EAE5B,GACF,CAwCC,MARA,EATA,EARA,EAfA,EAiFA,OAjFA,qDAED,kFACMjgB,KAAKyc,QAAS,CAAF,+BAERzc,KAAKmgB,gBAAe,gDAE7B,mEAED,WAAW,MACT,OAAwC,QAAhC,EAAAngB,KAAKogB,WAAWZ,WAAgB,aAAjC,EAA6D7G,UACtE,GAAC,8BAED,WACE,OAAO,OAAI3Y,KAAK+f,SAASM,UAAUC,MAAK,SAAAC,GAAG,OAAIA,EAAIhE,YAAcgE,EAAIC,oBAAoB,GAC3F,GAAC,wCAED,kFACMxgB,KAAKyc,QAAS,CAAF,gEAGVzc,KAAKmgB,gBAAe,OAC1BngB,KAAKyc,SAAU,EAAK,gDACrB,oFAED,8FACQzc,KAAKygB,eAAc,OACzBzgB,KAAKyc,SAAU,EAAM,gDACtB,qEAED,SAAWrW,GACT,OAAOpG,KAAK+f,SAASxd,IAAI6D,EAC3B,GAAC,gDAED,iGAC4BpG,KAAK+f,SAASW,WAAS,yDAA5B,GAA4B,qBAArCta,EAAI,KAAEma,EAAG,MACfvgB,KAAK2gB,gBAAgBva,EAAMma,GAAM,CAAF,+BAC3BA,EAAIK,QAAO,sMAGtB,4FAED,6FACoB5gB,KAAK+f,SAASM,UAAQ,wDAA1B,OAAHE,EAAG,iBACNA,EAAIM,OAAM,qMAEnB,0EAGD,SAAwBza,EAAcma,GACpC,IAAIhE,EAAWgE,EAAIhE,aAAegE,EAAI7C,YAOtC,OALItX,IAASoZ,GACXjD,IAAAA,EAAavc,KAAK8gB,oBACTP,EAAIC,sBACbjE,IAAAA,EAAavc,KAAK2Y,YAEb4D,CACT,GAAC,2BAED,SAAsBnW,GACpB,IAEI2a,EAFErY,EAAe1I,KAAKiI,IAAIS,aAG9B,OAAQtC,GACN,KAAKoZ,GACHuB,EAAU,IAAI3E,GAAsB,GAAD,MAAKpc,KAAKF,SAAO,IAAEwc,SAAUtc,KAAKsc,YACrE,MACF,KAAKgD,GACHyB,EAAU,IAAIpE,GAAiBjU,EAAc,GAAF,GAAM1I,KAAKF,UACtD,MACF,KAAKyf,GACHwB,EAAU,IAAInD,GAAmBlV,EAAc,GAAF,GAAM1I,KAAKF,UACxD,MACF,KAAK2f,GACHsB,EAAU,IAAIjC,GAA4BpW,EAAc,GAAF,GAAM1I,KAAKF,UACjE,MACF,QACE,MAAM,IAAI2N,MAAM,mBAAD,OAAoBrH,IAEvC,OAAO2a,CACT,KAAC,EAlIwB,IAoI1B,OApIYrB,GAAc,gBAaM,CAACJ,GAAYC,GAAcC,GAAiBC,MAAwB,OAbxFC,GAAc,iBAe8B,CACrDtC,WAAW,EACXI,YAAY,EACZT,aAAa,EACbsC,sBAAsB,EACtBF,sBAAuB,4NCxCpB,SAAS6B,EAMdC,EACArhB,EACAshB,GAGA,IAAMC,GAAOxhB,EAAAA,EAAAA,GAAmBC,GAC1BwhB,GAAcC,EAAAA,EAAAA,GAAmBF,EAAMF,GACvCK,GAAWC,EAAAA,EAAAA,GAAgBH,GAC3BI,GAAcC,EAAAA,EAAAA,GAAmBH,GACjCI,GAAYC,EAAAA,EAAAA,GAAwBH,EAAaN,GAEvD,OADaU,EAAAA,EAAAA,GAAuBF,EAEtC,+1BCpBO,SAASE,EASfT,GAEC,OAAO,SAAP,oBAgCG,EAJA,EANA,EATA,MAbH,uaAKE,aAA4B,iDAAbzgB,EAAI,yBAAJA,EAAI,gBAO8D,OAN/E,+BAASA,KAAM,yFAGf,EAAKmhB,iBAAmB,IAAI7Z,EAAAA,GAAgB,WAG5C,EAAK8Z,eAAiB,IAAIpC,EAAAA,GAAc,UAAgB,EAAK5f,QAAQigB,UAAU,CACjF,CAsEC,OAtEA,kDAED,8FACQ/f,KAAK8hB,eAAelB,QAAO,OAEP,GAA1B5gB,KAAK0I,aAAakY,QACb5gB,KAAK6I,MAAMkZ,kBAAmB,CAAF,+BACzB/hB,KAAK6hB,iBAAiB7Y,kBAAiB,gDAEhD,oFAED,8EAE2B,OAAzBhJ,KAAK0I,aAAamY,OAAO,SACnB7gB,KAAK8hB,eAAejB,OAAM,gDACjC,8FAED,WAAqBmB,GAAoB,iFACjChiB,KAAKiiB,yBAAoBtT,EAAWqT,GAAY,gDACvD,oGAGD,WAA0BhF,EAAiBgF,GAAoB,2EAC/B,GAA1BrY,EAAQ3J,KAAKF,QAAQ6J,OAGrBqT,EAAQ,CAAF,eACRhd,KAAK0I,aAAawZ,UAAUlF,GAC5BgF,EAAcA,GAAehiB,KAAKmiB,eAAeniB,KAAKF,QAAQ6J,OAAO,2BAC5D3J,KAAK+hB,kBAAmB,CAAF,2CAGDK,EAAAA,EAAAA,IAA0BpiB,KAAM,CAAC,GAAE,QAEP,OAFlDqiB,EAAgB,EAAH,KACnB1Y,EAAQ0Y,EAAc1Y,MACtBqY,EAAcA,GAAehiB,KAAKmiB,eAAexY,GAAO,UAClD3J,KAAKsiB,0BAAyB,2EAG9BtiB,KAAK6hB,iBAAiB7Y,kBAAiB,sGAQ3ChJ,KAAK6hB,iBAAiB7Y,kBAAiB,QAMnB,GAH1BhJ,KAAKuiB,kBAAkB5Y,KAGf6Y,EAAuBxiB,KAAKF,QAA5B0iB,oBACgB,CAAF,iCACdA,EAAmBxiB,KAAMgiB,GAAY,gCAClCA,GACTrd,OAAO8d,SAAS3gB,QAAQkgB,GACzB,0DACF,oFAED,WAAoD,IAA5BU,EAAM,UAAH,6CAAG/d,OAAO8d,SAASE,KACtChX,GAAMyW,EAAAA,EAAAA,IAA0BpiB,KAAM,CAAE4iB,aAAc,QAASF,IAAAA,IACrE,IAAI/W,EAAIhC,MAMN,MAAM,IAAIxF,EAAAA,EAAa,oCALvB,IAAM8Q,EAAU,IAAItI,iBAAiB,kBAAD,OAAmBhB,EAAIhC,QAC3DsL,EAAQ9H,YAAYxB,GACpBsJ,EAAQlI,OAKZ,KAAC,EAnFI,CAA2BoU,EAqFpC,wJC/FO,SAAS0B,IAGd,OAAO,SAAP,+bAOE,WAAY/iB,GAAc,MAG6B,OAH7B,eACxB,cAAMA,IAAS,qFACf,EAAKigB,SAAWjgB,EAAQigB,SACxB,EAAK7W,mBAAqBpJ,EAAQoJ,mBAAmB,CACvD,CAAC,iBAXI,EADyB4Z,EAAAA,EAAAA,KAclC,mFC7BO,SAASC,IACd,OAAOC,EAAAA,EAAAA,IACT,saCWO,SAASC,EAAkBC,GAEhC,OAAOC,GADGC,EAAAA,EAAAA,IAAKF,GAEjB,CAGO,SAASC,EAAkBE,GAChC,OAAOA,EAAIvhB,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAAKA,QAAQ,MAAO,GACpE,CAGO,SAASwhB,EAAkBC,GAChC,OAAOA,EAAKzhB,QAAQ,KAAM,KAAKA,QAAQ,KAAM,IAC/C,CAEO,SAAS0hB,EAAkBD,GAChC,IAAIF,EAAMC,EAAkBC,GAC5B,OAAQF,EAAItjB,OAAS,GACnB,KAAK,EACH,MACF,KAAK,EACHsjB,GAAO,KACP,MACF,KAAK,EACHA,GAAO,IACP,MACF,QACE,MAAM,IAAIlf,EAAAA,EAAa,yBAE3B,IAAIsf,GAAOC,EAAAA,EAAAA,IAAKL,GAChB,IACE,OAAOthB,mBAAmBC,OAAOyhB,GACnC,CAAE,MAAO1gB,GACP,OAAO0gB,CACT,CACF,CAEO,SAASE,EAAeT,GAE7B,IADA,IAAIU,EAAS,IAAIC,WAAWX,EAAInjB,QACvBc,EAAI,EAAGA,EAAIqiB,EAAInjB,OAAQc,IAC9B+iB,EAAO/iB,GAAKqiB,EAAIY,WAAWjjB,GAE7B,OAAO+iB,CACT,CAEO,SAASG,EAAgBb,GAC9B,OAAOQ,EAAAA,EAAAA,IAAKJ,EAAkBJ,GAChC,CAGO,SAASc,EAAkBT,GAChC,OAAOM,WAAW7O,KAAK+O,EAAgBR,IAAO,SAACnJ,GAAS,OAAKA,EAAE0J,WAAW,EAAE,GAC9E,CAGO,SAASG,EAAkBC,GAChC,OAAOd,EAAAA,EAAAA,IAAK,IAAIS,WAAWK,GAAKC,QAAO,SAAC7N,EAAG8N,GAAI,OAAK9N,EAAI+N,OAAOC,aAAaF,EAAK,GAAE,IACrF,sHC3DA,IAAMG,EAAI,SAASrB,GAAO,OAAOQ,KAAKR,EAAM,EACtCsB,EAAI,SAAUtB,GAAO,OAAOE,KAAKF,EAAM,EACvC9I,EAAsB,oBAAXqK,OAAyB,KAAOA,m8BCA1C,SAASC,EAAYxB,GAC1B,IAAIU,GAAS,IAAIe,aAAcC,OAAO1B,GACtC,OAAO2B,EAAAA,GAAAA,OAAAA,OAAwB,UAAWjB,GAAQzZ,MAAK,SAAS2a,GAC9D,IACIC,EADY,IAAIlB,WAAWiB,GACLniB,MAAM,EAAG,IAC/BqiB,EAAOX,OAAOC,aAAaW,MAAM,KAAMF,GAE3C,OADW9B,EAAAA,EAAAA,IAAkB+B,EAE/B,GACF,yHCTO,SAASE,EAAYrb,EAAS7I,GACnCA,GAAMmkB,EAAAA,EAAAA,IAAMnkB,GAEZ,IACIokB,EAAO,CACThf,KAAM,oBACN4e,KAAM,CAAE5e,KAAM,YAYhB,cAJOpF,EAAIqkB,IAIJR,EAAAA,GAAAA,OAAAA,UAfM,MAiBX7jB,EACAokB,GAbgB,EACL,CAAC,WAgBbjb,MAAK,SAASmb,GACb,IAAIC,EAAM1b,EAAQ1H,MAAM,KACpBqjB,GAAU7B,EAAAA,EAAAA,IAAe4B,EAAI,GAAK,IAAMA,EAAI,IAC5CE,GAAe1B,EAAAA,EAAAA,IAAgBwB,EAAI,IACnCG,GAAY/B,EAAAA,EAAAA,IAAe8B,GAE/B,OAAOZ,EAAAA,GAAAA,OAAAA,OACLO,EACAE,EACAI,EACAF,EAEJ,GACF,sRC1CwC,IAInBG,EAAY,wcAS/B,WAAYtY,EAAeuY,EAAoBC,GAAwC,sBACrF,IAAM5P,EAAU5I,EAAIyY,aAgBnB,OAfD,cAAM7P,IAAS,wQAEf,EAAK7P,KAAO,eACZ,EAAK0f,aAAezY,EAAIyY,aACxB,EAAKC,UAAY1Y,EAAI0Y,UACrB,EAAKC,UAAY3Y,EAAI2Y,UACrB,EAAKC,QAAU5Y,EAAI4Y,QACnB,EAAKC,YAAc7Y,EAAI6Y,YAEnBN,IACF,EAAKA,IAAMA,GAGTC,IACF,EAAKA,KAAOA,GACb,CACH,CAAC,iBA3B8B,SAASM,2HCJF,IAEnBC,EAAiB,wcACpC,aACoD,OADtC,eACsC,YAAlC,kCAElB,CAAC,iBAJmC,SAASD,+ICFP,IAGnBhiB,EAAY,wcAQ/B,WAAY2I,EAAa8Y,GAAsB,MAU5C,OAV4C,eAC7C,cAAM9Y,IAAK,sOACX,EAAK1G,KAAO,eACZ,EAAK2f,UAAY,WACjB,EAAKD,aAAehZ,EACpB,EAAKkZ,UAAY,WACjB,EAAKC,QAAU,WACf,EAAKC,YAAc,GACfN,IACF,EAAKA,IAAMA,GACZ,CACH,CAAC,iBAnB8B,SAASO,+ICf1C,SAASE,IACP,IACE,IAAIC,GAAK5Q,QAAQpV,UAAUimB,QAAQ9O,KAAK+O,QAAQC,UAAU/Q,QAAS,IAAI,WAAa,IACtF,CAAE,MAAO4Q,GAAI,CACb,OAAQD,EAA4B,WAClC,QAASC,CACX,IACF,CCHA,SAASI,EAAiBJ,GACxB,IAAIK,EAAI,mBAAqB9Y,IAAM,IAAIA,SAAQ,EAC/C,OAAO6Y,EAAmB,SAA0BJ,GAClD,GAAI,OAASA,ICPjB,SAA2BA,GACzB,IACE,OAAQ,IAAMM,SAAS5a,SAASyL,KAAK6O,GAAG1gB,QAAQ,gBAClD,CAAE,MAAOihB,GACP,MAAO,mBAAqBP,CAC9B,CACF,CDCuB,CAAiBA,GAAI,OAAOA,EAC/C,GAAI,mBAAqBA,EAAG,MAAM,IAAIQ,UAAU,sDAChD,QAAI,IAAWH,EAAG,CAChB,GAAIA,EAAE3Y,IAAIsY,GAAI,OAAOK,EAAEpkB,IAAI+jB,GAC3BK,EAAEtlB,IAAIilB,EAAGS,EACX,CACA,SAASA,IACP,OEZN,SAAoBT,EAAGvjB,EAAG4jB,GACxB,GAAI,IAA4B,OAAOH,QAAQC,UAAUxB,MAAM,KAAMnkB,WACrE,IAAIoW,EAAI,CAAC,MACTA,EAAEjM,KAAKga,MAAM/N,EAAGnU,GAChB,IAAIikB,EAAI,IAAKV,EAAEtO,KAAKiN,MAAMqB,EAAGpP,IAC7B,OAAOyP,IAAK,EAAAM,EAAA,GAAeD,EAAGL,EAAErmB,WAAY0mB,CAC9C,CFMa,CAAUV,EAAGxlB,WAAW,EAAAomB,EAAA,GAAelnB,MAAMmnB,YACtD,CACA,OAAOJ,EAAQzmB,UAAYC,OAAO+B,OAAOgkB,EAAEhmB,UAAW,CACpD6mB,YAAa,CACX7lB,MAAOylB,EACPK,YAAY,EACZC,UAAU,EACVC,cAAc,MAEd,EAAAL,EAAA,GAAeF,EAAST,EAC9B,EAAGI,EAAiBJ,EACtB,KGbqBH,EAAW,wcAC9B,WAAYlQ,GAAiB,MAGuB,OAHvB,eAE3B,cAAMA,GACN1V,OAAO0mB,gBAAe,WAAM,2CAAW3mB,WAAW,CACpD,CAAC,iBAL6B,CAK7B,EALsCmN,oJCCD,IAGnB8Z,EAAU,wcAU7B,WAAYxB,EAAmByB,EAAiBC,GAAqB,MAelE,OAfkE,eACnE,cAAMD,IAAS,4LAHW,MAK1B,EAAKphB,KAAO,aACZ,EAAK2f,UAAYA,EACjB,EAAKD,aAAe0B,EAGpB,EAAKzd,MAAQgc,EACb,EAAK2B,kBAAoBF,EAIrBC,IACF,EAAKA,KAAOA,GACb,CACH,CAAC,iBA1B4B,SAAStB,mKCDH,IAKhBwB,EAAY,wcAS/B,WAAYC,EAAgBC,EAAoCJ,GAAqB,QASlF,OATkF,eAGnF,cAAsB,QAAtB,EAAMI,EAAW9d,aAAK,QAAI4d,EAAaG,gBAAe,qGAPjD,iBAAc,yBAEO,MAM1B,EAAKF,OAASA,EACd,EAAKC,WAAaA,EAEdJ,IACF,EAAKA,KAAOA,GACb,CACH,CA+CC,OA/CA,2BAGD,WAAuB,OAAOznB,KAAK6nB,WAAW9d,KAAO,GAAC,qBACtD,WAA2B,OAAO/J,KAAK+J,KAAO,GAAC,6BAE/C,WAAmC,OAAO/J,KAAK6nB,WAAWH,iBAAmB,GAAC,4BAE9E,WAAkC,OAAO1nB,KAAK0nB,iBAAmB,GAAC,wBAClE,WAA8B,OAAO1nB,KAAK+nB,gBAAkB,GAAC,iBAC7D,WAAuB,OAAO/nB,KAAK6nB,WAAWG,KAAO,IAAC,0BAGtD,SAAoBC,GAElB,IAAKA,EACH,OAAO,KAiBT,IAVA,IASIC,EATEC,EAAQ,qHACRC,EAAaH,EAAOriB,QAAQ,KAC5BgiB,EAASK,EAAOtlB,MAAM,EAAGylB,GACzBC,EAAYJ,EAAOtlB,MAAMylB,EAAa,GACtCE,EAAS,CAAC,EAM2B,QAAnCJ,EAAQC,EAAMI,KAAKF,KAAsB,OAC/CC,EAAOJ,EAAM,IAAe,QAAR,EAAAA,EAAM,UAAE,QAAIA,EAAM,EACxC,CAEA,OAAO,IAAIP,EAAaC,EAAQU,EAClC,GAAC,sCAID,WAA2E,MAA1CE,EAAuB,UAAH,6CAAG,CAAC,EACvD,OAAIC,EAAAA,EAAAA,IAAYD,aAAO,EAAPA,EAAqBjmB,KAC3BimB,EAAoBjmB,IAAI,oBAEA,QAAlC,EAAOimB,EAAQ,2BAAmB,QAAIA,EAAQ,mBAChD,KAAC,EAlE8B,CAASrC,EAAAA,IAAW,OAAhCwB,EAAY,gBACR,qoBCFzB,SAASe,EAAepT,GACtB,OAAQA,aAAeqQ,EAAAA,CACzB,CAEA,SAASgD,EAAarT,GACpB,OAAQA,aAAeiS,EAAAA,CACzB,CAEA,SAASqB,EAAetT,GACtB,OAAQA,aAAeqS,EAAAA,CACzB,qsMCZMkB,EAAiB,oCAEhB,SAASnM,IACd,MAA2B,oBAAblb,UAA8C,oBAAXmD,MACnD,CAEO,SAASD,IACd,IAAKgY,IACH,OAAO,EAET,IAAMoM,EAAgBtnB,SAAiBsnB,aACvC,QAASA,GAAgBA,GAAgB,EAC3C,CAEO,SAASC,IACd,OAAOvU,UAAUD,SACnB,CAEO,SAASyU,IACd,IAAMC,EAAQF,IACd,OAAOE,IAAUJ,EAAeK,KAAKD,EACvC,CAEO,SAASE,IACd,IAAKzM,IACH,OAAO,EAET,IAAMoM,EAAgBtnB,SAAiBsnB,aACnCM,EAAWN,GAAgBA,EAAe,GAC9C,YAAkC,IAAvBnkB,OAAOwI,cAAgCic,CAIpD,CAEA,SAASC,IACP,YAA4B,IAAdxE,EAAAA,IACK,OAAdA,EAAAA,SAC4B,IAArBA,EAAAA,GAAAA,QACe,oBAAfhB,UACd,CAEO,SAASyF,IACd,OAAOD,GACT,CAEO,SAASE,IACd,MAA8B,oBAAhB5E,WAChB,CAEO,SAAS6E,IACd,OAAOF,KAA4BC,GACrC,CAEO,SAASE,IACd,QAAK/M,KAG+B,WAA7B/X,OAAO8d,SAASiH,QACzB,CAEO,SAASC,IAEd,OAAOjN,KAA4C,cAA7B/X,OAAO8d,SAASmH,QACxC,CAGO,SAASC,IACd,OAAQnlB,UACsB,IAArBC,OAAO+K,WACd6Z,KACAF,GACJ,CAEO,SAASS,IAEd,OAAOpN,KAAoC,oBAAdlI,gBAA4D,IAAxBA,UAAUD,WAExE,mBAAmB2U,KAAK1U,UAAUD,aAAe5P,OAAOolB,QAC7D,+GChFaC,EAAa,WAGxB,cAAc,mDAEZhqB,KAAKiqB,aAAe,CAAC,gBAAD,OAAiBC,WACrClqB,KAAKmqB,yBACP,CAoBC,OApBA,sCAED,SAAeC,GACbpqB,KAAKiqB,aAAahf,KAAKmf,EACzB,GAAC,2BAED,WACE,MAAO,CAAE,6BAA8BpqB,KAAKiqB,aAAarnB,KAAK,KAChE,GAAC,wBAED,WACE,MAAOsnB,QACT,GAAC,qCAED,WACE,KAAIxN,EAAAA,EAAAA,cAAgBhF,SAAYA,QAAQ2S,SAAxC,CAGA,IAAcC,EAAY5S,QAAQ2S,SAA1Blb,KACRnP,KAAKiqB,aAAahf,KAAK,UAAD,OAAWqf,GAFjC,CAGF,KAAC,EA3BuB,sCCFnB,SAASC,EAAiBC,EAAmCC,EAAYC,GAC9EF,EAAW1qB,QAAQ0oB,QAAUgC,EAAW1qB,QAAQ0oB,SAAW,CAAC,EAC5DgC,EAAW1qB,QAAQ0oB,QAAQiC,GAAcC,CAC3C,8eCLO,SAASnJ,EAOfJ,GAEC,OAAO,SAAP,+bAKE,aAA4B,iDAAbzgB,EAAI,yBAAJA,EAAI,gBAQf,OAPF,+BAASA,KAAM,6EAEf,EAAKiqB,eAAiB,IAAIX,EAAAA,EAG1B,EAAKY,KAAO,CACVL,iBAAkBA,EAAAA,EAAAA,KAAsB,MAAM,YAC9C,CACJ,CAoBC,OApBA,kCAED,SAAW/B,GACTxoB,KAAKF,QAAQ0oB,QAAUjoB,OAAOC,OAAO,CAAC,EAAGR,KAAKF,QAAQ0oB,QAASA,EACjE,GAAC,6BAED,WAGE,OAAOxoB,KAAKF,QAAQ+qB,OAAQ1oB,MAAM,YAAY,EAChD,GAAC,uBAED,SAAU2oB,GACR,IAAIpI,EAAM,0BAA2BqI,EAAAA,EAAAA,IAAcD,GAMnD,OAAOvoB,EAAAA,EAAAA,IAAIvC,KAAM0iB,EALH,CACZ8F,QAAS,CACP,OAAU,yBAIhB,KAAC,EAlCI,CAA2BrH,EAoCpC,wSCzCA,IAAM6J,EAA0B,0BAoFhC,EA9CA,SAAsBzV,EAAgBmN,EAAahiB,GACjD,IAAIuqB,EAAOvqB,EAAK8E,KACZgjB,EAAU9nB,EAAK8nB,SAAW,CAAC,EAC3B0C,EAAe1C,EAAQ,iBAAmBA,EAAQ,iBAAmB,GAErEyC,GAAwB,iBAATA,IAEbD,EAAwB9B,KAAKgC,GAC/BD,EAAOplB,KAAKE,UAAUklB,GAEC,sCAAhBC,IACPD,EAAO1qB,OAAOmgB,QAAQuK,GACrBld,KAAK,+BAAEod,EAAK,KAAE7pB,EAAK,qBAAS6pB,EAAK,YAAItpB,mBAAmBP,GAAM,IAC9DsB,KAAK,OAIV,IACIwoB,GADQC,EAAAA,EAAOC,OAASC,KACH7I,EAAK,CAC5BnN,OAAQA,EACRiT,QAAS9nB,EAAK8nB,QACdyC,KAAMA,EACNO,YAAa9qB,EAAK+qB,gBAAkB,UAAY,SAOlD,OAJKL,EAAaM,UAChBN,EAAelgB,QAAQT,QAAQ2gB,IAG1BA,EAAajhB,MAAK,SAASwhB,GAChC,IAAI5hB,GAAS4hB,EAASC,GAClBxiB,EAASuiB,EAASviB,OACtB,OApEJ,SAAkBuiB,GAChB,OAAIA,EAASnD,QAAQjmB,IAAI,iBAEvBopB,EAASnD,QAAQjmB,IAAI,gBAAiBkS,cAAc7O,QAAQ,qBAAuB,EAC9E+lB,EAASE,OAEb1gB,OAAM,SAAApI,GACL,MAAO,CACLgH,MAAOhH,EACP+iB,aAAc,kCAElB,IAEO6F,EAASG,MAEpB,CAqDWC,CAASJ,GACbxhB,MAAK,SAAA3E,GACJ,OArDR,SAAsB4D,EAAgB5D,EAAuBmmB,GAC3D,IAEsD,EAFhDK,EAA2B,YAAhB,OAAOxmB,GAClBgjB,EAAU,CAAC,EAAE,85BACCmD,EAASnD,QAAgB9H,WAAS,IAAtD,IAAK,EAAL,qBAAwD,KAA7CuL,EAAI,QACbzD,EAAQyD,EAAK,IAAMA,EAAK,EAC1B,CAAC,+BACD,IAAM/a,EAAuB,CAC3Bgb,aAAcF,EAAWnmB,KAAKE,UAAUP,GAAQA,EAChD4D,OAAQA,EACRof,QAAAA,GAMF,OAJIwD,IACF9a,EAAOib,aAAe,OACtBjb,EAAOkb,aAAe5mB,GAEjB0L,CACT,CAqCemb,CAAajjB,EAAQ5D,EAAMmmB,EACpC,IACCxhB,MAAK,SAAA+G,GAAU,MACd,GAAInH,GAA4B,QAAvB,EAAImH,EAAOkb,oBAAY,OAAnB,EAAqBriB,MAEhC,MAAMmH,EAER,OAAOA,CACT,GACJ,GACF,EClFO,SAASob,IAEd,OAAO,SAAP,+bAQE,WAAY5rB,GAAW,MAOW,OAPX,eACrB,cAAMA,IAAM,kQACZ,EAAKmqB,OAASnqB,EAAKmqB,OACnB,EAAK0B,kBAAoB7rB,EAAK6rB,kBAC9B,EAAK/D,QAAU9nB,EAAK8nB,QACpB,EAAKgE,kBAAoB9rB,EAAK8rB,mBAAqBC,EACnD,EAAKC,wBAA0BhsB,EAAKgsB,wBACpC,EAAKC,UAAYjsB,EAAKisB,UAAU,CAClC,CAAC,iBAhBI,EAD2BC,EAAAA,EAAAA,KAmBpC,44BCHA,IACIC,EADAC,EAA4B,GAE5BpQ,EAAAA,EAAAA,eACFoQ,EAA4BprB,KAAKC,MACjCkrB,EAAiC,WAC1BrrB,SAASyd,SACZ6N,EAA4BprB,KAAKC,MAErC,EACAH,SAASwS,iBAAiB,mBAAoB6Y,IAGhD,IAAME,EAAc,SAAC9kB,EAA4B8B,GAA2D,YAC1G,GAAIA,aAAiB0D,MAGnB,OAAO,IAAIkY,EAAAA,EAAa,CACtBG,aAAc/b,EAAMkM,UAIxB,IACI5I,EADAoa,EAAqB1d,EAErBijB,EAAiC,CAAC,EACtC,GAAIvF,EAAKyE,eAAgBe,EAAAA,EAAAA,IAASxF,EAAKyE,cACrC,IACEc,EAAYnnB,KAAKC,MAAM2hB,EAAKyE,aAC9B,CAAE,MAAOnpB,GACPiqB,EAAY,CACVlH,aAAc,gBAElB,CAGE2B,EAAKre,QAAU,MACjB4jB,EAAUlH,aAAe,iBAGvB7d,EAAInI,QAAQysB,oBACd9E,EAAOxf,EAAInI,QAAQysB,mBAAkBpH,EAAAA,EAAAA,IAAMsC,KAI7C,IAAMyF,EAAoE,QAAvD,EAAGvF,EAAAA,EAAAA,yBAA0C,QAAL,EAACF,SAAI,aAAJ,EAAMe,gBAAQ,QAAI,GAQ9E,GALEnb,EADE2f,EAAUjjB,OAASijB,EAAUtF,kBACzB,IAAIH,EAAAA,EAAWyF,EAAUjjB,MAAOijB,EAAUtF,kBAAmBD,GAE7D,IAAI9B,EAAAA,EAAaqH,EAAuBvF,EAAM,CAAEyF,cAAAA,IAGpDA,IAAqB,QAAJ,EAAAzF,SAAI,aAAJ,EAAMre,SAAU,MAAW,QAAJ,EAAAqe,SAAI,aAAJ,EAAMre,QAAS,IAAK,CAC9D,IAAM+jB,EAAaxF,EAAAA,EAAAA,YAAyBuF,GAE5C,GAAoB,MAAhBzF,EAAKre,QAAwC,yCAAtB+jB,aAAU,EAAVA,EAAYpjB,OAAiD,CAEtF,MAAgCojB,EAAWtF,WAAnCuF,EAAO,EAAPA,QAASC,EAAU,EAAVA,WACjBhgB,EAAM,IAAIsY,EAAAA,EACR,CACEG,aAAcqH,EAAWpjB,MACzBmc,YAAa,CAAC,CAAEJ,aAAcqH,EAAWpF,oBAE3CN,EAAI,GAGF2F,SAAUA,GAENC,GAAc,CAAEA,WAAAA,IAG1B,KACgC,UAAvBF,aAAU,EAAVA,EAAYvF,UACnBva,EAAM8f,EAMV,CAEA,OAAO9f,CACT,EAGO,SAASigB,EAAYrlB,EAA4BnI,GAAuC,MAG7F,GAFAA,EAAUA,GAAW,CAAC,EAElBmI,EAAInI,QAAQ4sB,wBAAyB,KACsB,EADtB,85BACbzkB,EAAInI,QAAQ4sB,yBAAuB,IAA7D,IAAK,EAAL,sBACEa,EADoB,SACRztB,EACb,+BACH,CAEA,IAAI4iB,EAAM5iB,EAAQ4iB,IACdnN,EAASzV,EAAQyV,OACjB7U,EAAOZ,EAAQY,KACf8sB,EAAiB1tB,EAAQ0tB,eACzB1jB,EAAchK,EAAQgK,YACtB2hB,GAA8C,IAA5B3rB,EAAQ2rB,gBAE1BloB,EADc0E,EAAInI,QAAQuD,YACHE,QACvBkqB,EAAYxlB,EAAIylB,eAAeC,aAAa1lB,EAAInI,QAAQ0C,SACxDorB,EAAgB9tB,EAAQ8tB,cACxBjB,EAAiC,QAAxB,EAAG1kB,EAAInI,QAAQ6sB,iBAAS,QAAI,EAEzC,GAAI7sB,EAAQ+tB,cAAe,CACzB,IACIC,EADgBL,EAAUxQ,aACKyF,GACnC,GAAIoL,GAAkBpsB,KAAKC,MAAM,IAAOmsB,EAAe1oB,UACrD,OAAO8F,QAAQT,QAAQqjB,EAAenC,SAE1C,CAEA,IACInD,EAAuB,EAAH,CACtB,OAAU,mBACV,eAAgB,oBAHQvgB,EAAI0iB,eAAeoD,iBAM7CxtB,OAAOC,OAAOgoB,EAASvgB,EAAInI,QAAQ0oB,QAAS1oB,EAAQ0oB,SACpDA,GAAUvoB,EAAAA,EAAAA,IAAWuoB,GAEjB1e,IAAemjB,EAAAA,EAAAA,IAASnjB,KAC1B0e,EAAuB,cAAI,UAAY1e,GAGzC,IAMIuD,EAAK1B,EAAKqiB,EANVC,EAA4B,CAC9BzF,QAAAA,EACAhjB,KAAM9E,QAAQiO,EACd8c,gBAAAA,GAKF,GAAImC,IAAiBlR,EAAAA,EAAAA,cAAeiQ,EAAY,EAAG,CACjD,IAAIuB,EACAC,EACAC,EACAC,EAAa,EAKjBF,EAAwB,WACtB,IAAMG,EAA6B5sB,KAAKC,MAAQmrB,EAChD,OAAIwB,EAA6B3B,EACxB,IAAIzhB,SAAc,SAACT,GAAO,OAAKmB,YAAW,WAC1CpK,SAASyd,OAGZxU,EAAQyjB,KAFRzjB,GAIJ,GAAGkiB,EAAY2B,EAA2B,IAEnCpjB,QAAQT,SAEnB,EAGAyjB,EAAkC,WAE9B,IAAIK,EADN,OAAI/sB,SAASyd,OAEJ,IAAI/T,SAAc,SAACT,GACxB8jB,EAAwB,WACjB/sB,SAASyd,SACZzd,SAAS0S,oBAAoB,mBAAoBqa,GACjD9jB,EAAQ0jB,KAEZ,EACA3sB,SAASwS,iBAAiB,mBAAoBua,EAChD,IAEOJ,GAEX,EAKA,IAAMK,EAAiB,WACrB,OAAOvmB,EAAInI,QAAQ0sB,kBAAmBjX,EAASmN,EAAMuL,GAAa9iB,OAAM,SAACkC,GAEvE,GADwC,iBAAjBA,aAAG,EAAHA,EAAK4I,UACNoY,EAAa5nB,EAAAA,oBAEjC,OADA4nB,IACOD,IAET,MAAM/gB,CACR,GACF,EAQA2gB,GAJAI,EAAiB,WACf,OAAOF,IAAkC/jB,KAAKqkB,EAChD,IAGF,MACER,EAAU/lB,EAAInI,QAAQ0sB,kBAAmBjX,EAASmN,EAAMuL,GAG1D,OAAOD,EACJ7jB,MAAK,SAASsd,GAgCb,OA/BA9b,EAAM8b,EAAKyE,gBACAe,EAAAA,EAAAA,IAASthB,KAClBA,EAAM9F,KAAKC,MAAM6F,KACS,YAAf,OAAOA,KAAqBA,EAAI6c,UACrCzT,MAAM0Z,QAAQ9iB,GAChBA,EAAIjG,SAAQ,SAAAgpB,GACVA,EAAKlG,QAAUf,EAAKe,OACtB,IAEA7c,EAAI6c,QAAUf,EAAKe,SAKrBgF,IACG7hB,EAAIgjB,YACPprB,EAAQ+B,OAAOiB,EAAAA,uBAIfoF,GAAOA,EAAIgjB,YAAchjB,EAAIvG,WAC/B7B,EAAQlC,IAAIkF,EAAAA,qBAAsBoF,EAAIgjB,WAAYhjB,EAAIvG,UAAW6C,EAAInI,QAAQ0C,SAG3EmJ,GAAO7L,EAAQ+tB,eACjBJ,EAAUmB,cAAclM,EAAM,CAC5Btd,UAAW0G,KAAKsH,MAAM1R,KAAKC,MAAM,KAAQgF,EAAAA,uBACzCglB,SAAUhgB,IAIPA,CACT,IACCR,OAAM,SAASsc,GAOd,KAJsB,cAFtBpa,EAAM0f,EAAY9kB,EAAKwf,IAEf1B,WACNxiB,EAAQ+B,OAAOiB,EAAAA,sBAGX8G,CACR,GACJ,CAEO,SAAS9K,EAAI0F,EAA4Bya,EAAa5iB,GAE3D,IAAI6f,EAAa,CACf+C,IAFFA,GAAMmM,EAAAA,EAAAA,IAAcnM,GAAOA,EAAMza,EAAI6mB,kBAAoBpM,EAGvDnN,OAAQ,OAGV,OADAhV,OAAOC,OAAOmf,EAAY7f,GACnBwtB,EAAYrlB,EAAK0X,EAC1B,CAEO,SAASoP,EAAK9mB,EAA4Bya,EAAahiB,EAAoBZ,GAEhF,IAAIkvB,EAAc,CAChBtM,IAFFA,GAAMmM,EAAAA,EAAAA,IAAcnM,GAAOA,EAAMza,EAAI6mB,kBAAoBpM,EAGvDnN,OAAQ,OACR7U,KAAMA,EACN8sB,gBAAgB,GAGlB,OADAjtB,OAAOC,OAAOwuB,EAAalvB,GACpBwtB,EAAYrlB,EAAK+mB,EAC1B,m1BCnRqBC,GAAe,QAIlC,WAAYC,EAAiCpvB,GAA6B,0DACxE,IAAQ6L,EAAQ7L,EAAR6L,IACA6c,EAAqB7c,EAArB6c,QAAY2G,GAAI,OAAKxjB,EAAG,GAG5B6c,IACFxoB,KAAKwoB,QAAUA,GAIjBjoB,OAAOkF,KAAK0pB,GAAMzpB,SAAQ,SAAA1E,GACZ,WAARA,IAGJ,EAAKA,GAAOmuB,EAAKnuB,GACnB,GACF,6lBC5BK,SAAeouB,EAAW,oCAgEhC,wCAhEM,WAKLF,EACApvB,GAA2B,iHAUyC,GATpEuvB,EAAuC,EAAH,6BAAGJ,EAAe,EAIlDC,EAASxmB,aAAaqC,gBADXukB,EAAc,EAA3BxlB,YAGIylB,EAAUzvB,EAAQgK,aAAewlB,EACjCzE,EAASqE,EAASJ,kBAChBpM,EAAyB5iB,EAAzB4iB,IAAKnN,EAAoBzV,EAApByV,OAAQiQ,EAAY1lB,EAAZ0lB,QACfgK,EAAa9M,EAAI+M,WAAW5E,GAAWnI,EAAM,GAAH,OAAMmI,GAAM,OAAGnI,GAE1D6M,EAAS,CAAF,qBACJ,IAAIprB,EAAAA,EAAa,+DAA8D,OASrD,GAN9B2F,EAAoCylB,EAElCG,EAAkC,EAAH,CACnClH,QAAS,CAAE,OAAU,0BACrB9F,IAAK8M,EACLja,OAAAA,GACIiQ,GAAW,CAAE9kB,KAAM8kB,KAGrB0J,EAASpvB,QAAQ6vB,KAAM,CAAF,mBACI,iBAAhB7lB,EAAwB,uBAC3B,IAAI3F,EAAAA,EAAa,uDAAsD,yBAGzC+qB,EAASU,4BAA4B,CACzEra,OAAAA,EACAmN,IAAK8M,EACL1lB,YAAAA,IACA,iBAJM+lB,EAAa,EAAbA,cAAeC,EAAI,EAAJA,KAKvBJ,EAAYlH,QAASqH,cAAgBA,EACrCH,EAAYlH,QAASsH,KAAOA,EAAK,wBAGjChmB,EAAqC,iBAAhBA,EAA2BA,EAAcA,EAAYA,YAC1E4lB,EAAY5lB,YAAcA,EAAY,0BAGtBwjB,EAAAA,EAAAA,IAAY4B,EAAUQ,GAAY,QAanD,OAbK/jB,EAAM,EAAH,KAIP6E,EADEuE,MAAM0Z,QAAQ9iB,GACVA,EAAIoC,KAAI,SAAA2gB,GAAI,OAAI,IAAIW,EAAiBH,EAAU,CACnDvjB,IAAK+iB,EACL5kB,YAAAA,GACA,IAEI,IAAIulB,EAAiBH,EAAU,CACnCvjB,IAAAA,EACA7B,YAAAA,IAEH,kBACM0G,GAAG,4CACX,wBAYM,SAASuf,EAA0B,GASxC,IADwB,IANtBb,EAAQ,EAARA,SACAplB,EAAW,EAAXA,YACAkmB,EAAU,EAAVA,WACAC,EAAK,EAALA,MAEFZ,EAAuC,UAAH,6CAAGJ,EAAe,aAEjD,IAGD,EAHO1Z,EAAM,KACf,GAAIA,EAAOd,gBAAkBub,EAAY,CACvC,IAAME,EAAOD,EAAMvwB,KACnB,MAAO,CAAP,uBAAQ,WAAO8lB,GAAQ,0FAAK4J,EAAyBF,EAAU,CAC7DplB,YAAAA,EACA4Y,IAAKwN,EAAKvN,KACVpN,OAAAA,EACAiQ,QAAAA,GACC6J,IAAiB,wFACtB,CAAC,EATH,MAAqB,CAAC,MAAO,OAAQ,MAAO,UAAS,eAAE,8CAUvD,CAEA,IAKA,EALMa,EAAOD,EAAMD,GACnB,IAAKE,EACH,MAAM,IAAI/rB,EAAAA,EAAa,qCAAD,OAAsC6rB,IAG9D,2BAAQ,WAAOxK,GAAQ,0FAAK4J,EAAyBF,EAAU,CAC7DplB,YAAAA,EACA4Y,IAAKwN,EAAKvN,KACVpN,OAAQ2a,EAAKC,MAAOC,MAAO,GAC3B5K,QAAAA,GACC6J,IAAiB,sFACtB,4CC7HqC,IAEhBgB,EAAkB,wcAKrC,WAAYnB,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,mHAEzB,MAA2CA,EAAQ6L,IAA3C2kB,EAAS,EAATA,UAAWC,EAAU,EAAVA,WAAYC,EAAO,EAAPA,QAGR,OAFvB,EAAKF,UAAYA,EACjB,EAAKC,WAAaA,EAClB,EAAKC,QAAUA,EAAQ,CACzB,CAAC,iBAZoC,CAASvB,GCFX,ICUoB,EAYG,EAiBS,EDrChDwB,EAAwB,wcAG3C,WAAYvB,EAAUpvB,GAAS,MAGY,OAHZ,eAC7B,cAAMovB,EAAUpvB,IAAS,uCAEzB,EAAK4wB,WAAa5wB,EAAQ6L,IAAI+kB,WAAW,CAC3C,CAAC,iBAP0C,CAASzB,GCQzC0B,GAA4C,oBAAG,WAAOzB,EAAUpvB,GAAQ,uFACzDsvB,EAAYF,EAAU,CAC9CxM,IAAK,yBACLnN,OAAQ,MACRzL,YAAahK,aAAO,EAAPA,EAASgK,aACrBumB,GAAmB,OAJL,OAAX/f,EAAc,EAAH,uBAKVA,GAAW,2CACnB,SAPwD,sCAY5CsgB,GAA+C,oBAAG,WAC7D1B,EACApvB,GAAO,6EAEqB,OAApB0lB,GAFD,EAE0B1lB,GAAzB0lB,QAAS1b,EAAW,EAAXA,YAAW,SACFslB,EAAYF,EAAU,CAC9CxM,IAAK,yBACLnN,OAAQ,MACRiQ,QAAAA,EACA1b,YAAAA,GACCumB,GAAmB,OALL,OAAX/f,EAAc,EAAH,uBAMVA,GAAW,2CACnB,SAZ2D,sCAiB/CugB,GAAwD,oBAAG,WACtE3B,EACApvB,GAAQ,uFAEkBsvB,EAAYF,EAAU,CAC9CxM,IAAK,gCACLnN,OAAQ,MACRzL,YAAahK,aAAO,EAAPA,EAASgK,aACrB2mB,GAAyB,OAJX,OAAXngB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,SAVoE,sCCtChC,IAEhBwgB,EAAsB,wcAMzC,WAAY5B,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,+IAEzB,IAAQ6L,EAAQ7L,EAAR6L,IAEA4F,EAAmC5F,EAAnC4F,GAAIif,EAA+B7kB,EAA/B6kB,QAASprB,EAAsBuG,EAAtBvG,UAAWgE,EAAWuC,EAAXvC,OAIX,OAHrB,EAAKmI,GAAKA,EACV,EAAKnM,UAAYA,EACjB,EAAKorB,QAAUA,EACf,EAAKpnB,OAASA,EAAO,CACvB,CAAC,iBAhBwC,CAAS6lB,GCII,IAEnC8B,EAAyB,wcAU5C,WAAY7B,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,qNAEzB,IAAQgK,EAAqBhK,EAArBgK,YAAa6B,EAAQ7L,EAAR6L,IAEb4F,EAA2C5F,EAA3C4F,GAAInM,EAAuCuG,EAAvCvG,UAAWorB,EAA4B7kB,EAA5B6kB,QAASpnB,EAAmBuC,EAAnBvC,OAAQ4nB,EAAWrlB,EAAXqlB,OAwBtC,OAvBF,EAAKzf,GAAKA,EACV,EAAKnM,UAAYA,EACjB,EAAKorB,QAAUA,EACf,EAAKpnB,OAASA,EAGd,EAAK6nB,MAAO,qGAMgB,OALpB/jB,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,OACZC,MAAOe,GACNF,GAAuB,SACb5jB,IAAI,mFAEnB,EAAKgkB,OAAS,WAAH,wBAAG,WAAO1L,GAAO,uEAMG,OALvBtY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,GACND,GAA0B,SAChB7jB,EAAGsY,GAAQ,mFACzB,mDARa,GAQZ,CACJ,CAAC,iBAxC2C,CAASyJ,GCLC,ICuDD,EAgBiB,EAgBD,EAgBP,EDrG3CkC,EAAgB,wcAanC,WAAYjC,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,6TAEzB,IAgDa,EAhDLgK,EAAqBhK,EAArBgK,YAAa6B,EAAQ7L,EAAR6L,IAEb4F,EAAuC5F,EAAvC4F,GAAIif,EAAmC7kB,EAAnC6kB,QAASY,EAA0BzlB,EAA1BylB,MAAOhoB,EAAmBuC,EAAnBvC,OAAQ4nB,EAAWrlB,EAAXqlB,OAuDnC,OAtDD,EAAKzf,GAAKA,EACV,EAAKif,QAAUA,EACf,EAAKY,MAAQA,EACb,EAAKhoB,OAASA,EAGd,EAAK7G,KAAM,qGAMW,OALd2K,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,MACZC,MAAOe,GACNG,GAAiB,SACPjkB,IAAI,mFAEnB,EAAK5H,QAAS,qGAMV,OALI4H,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,IACP,SACW9jB,IAAI,mFAEnB,EAAKmkB,WAAY,qGAMc,OALvBnkB,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,YACZC,MAAOe,GACND,GAA0B,SAChB7jB,IAAI,mFAEf8jB,EAAOC,OACT,EAAKA,MAAO,qGAMgB,OALpB/jB,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,OACZC,MAAOe,GACNF,GAAuB,SACb5jB,IAAI,oFAGjB8jB,EAAOE,SACT,EAAKA,QAAM,oBAAG,WAAO1L,GAA4B,uEAM7C,OALItY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,IACP,SACW9jB,EAAGsY,GAAQ,mFACzB,8CACF,CACH,CAAC,iBA1EkC,CAASyJ,GCKjCqC,EAA8C,WAAH,wBAAG,WACzDpC,EACApvB,GAAQ,uFAEkBsvB,EAAwCF,EAAU,CAC1ExM,IAAK,wBACLnN,OAAQ,MACRzL,YAAahK,aAAO,EAAPA,EAASgK,aACrBqnB,GAAiB,OAJH,OAAX7gB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAVuD,qCAAG,GAe9CihB,EAA2C,WAAH,wBAAG,WACtDrC,EACApvB,GAAO,6EAEgB,OAAfyR,GAFD,EAEqBzR,GAApByR,GAAIzH,EAAW,EAAXA,YAAW,SACGslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,GAC9BgE,OAAQ,MACRzL,YAAAA,GACCqnB,GAAiB,OAJH,OAAX7gB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAXoD,qCAAG,GAgB3CkhB,EAA2C,WAAH,wBAAG,WACtDtC,EACApvB,GAAO,6EAEqB,OAApBgK,GAFD,EAE0BhK,GAAzBgK,YAAa0b,EAAO,EAAPA,QAAO,SACF4J,EAAYF,EAAU,CAC9CxM,IAAK,wBACLnN,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,GACCqnB,GAAiB,OALH,OAAX7gB,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZoD,qCAAG,GAiB3CmhB,GAA0C,oBAAG,WACxDvC,EACApvB,GAAO,6EAEgB,OAAfyR,GAFD,EAEqBzR,GAApByR,GAAIzH,EAAW,EAAXA,YAAW,SACGslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,GAC9BgE,OAAQ,SACRzL,YAAAA,IACA,OAJe,OAAXwG,EAAc,EAAH,uBAKVA,GAAW,2CACnB,SAXsD,sCAgB1CohB,GAA2D,oBAAG,WACzExC,EACApvB,GAAO,6EAEgB,OAAfyR,GAFD,EAEqBzR,GAApByR,GAAIzH,EAAW,EAAXA,YAAW,SACGslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,EAAE,cAChCgE,OAAQ,OACRzL,YAAAA,GACCinB,GAA0B,OAJZ,OAAXzgB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,SAXuE,sCAgB3DqhB,GAA0D,oBAAG,WACxEzC,EACApvB,GAAO,+EAEkC,OAAjC8xB,GAFD,EAEuC9xB,GAAtC8xB,QAASC,EAAW,EAAXA,YAAa/nB,EAAW,EAAXA,YAAW,SACfslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BkP,EAAO,sBAAcC,GACnDtc,OAAQ,OACRzL,YAAAA,GACCinB,GAA0B,OAJZ,OAAXzgB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,SAXsE,sCAgB1DwhB,GAAmD,oBAAG,WACjE5C,EACApvB,GAAO,iFAE2C,OAA1C8xB,GAFD,EAEgD9xB,GAA/C8xB,QAASC,EAAW,EAAXA,YAAarM,EAAO,EAAPA,QAAS1b,EAAW,EAAXA,YAAW,SACxBslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BkP,EAAO,sBAAcC,EAAW,WAC9Dtc,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,IACA,OALe,OAAXwG,EAAc,EAAH,uBAMVA,GAAW,2CACnB,SAZ+D,sCCzGR,IAEnCyhB,EAAgB,wcAWnC,WAAY7C,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,wPAEzB,IA0Bc,EA1BN6L,EAAqB7L,EAArB6L,IAAK7B,EAAgBhK,EAAhBgK,YAELyH,EAAgC5F,EAAhC4F,GAAIif,EAA4B7kB,EAA5B6kB,QAASpnB,EAAmBuC,EAAnBvC,OAAQ4nB,EAAWrlB,EAAXqlB,OA2C5B,OA1CD,EAAKzf,GAAKA,EACV,EAAKif,QAAUA,EACf,EAAKpnB,OAASA,EAGd,EAAK7G,KAAM,qGAMW,OALd2K,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,MACZC,MAAOe,GACNe,GAAiB,SACP7kB,IAAI,mFAEnB,EAAK5H,QAAS,qGAMV,OALI4H,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,IACP,SACW9jB,IAAI,mFAEnB,EAAKmkB,WAAS,oBAAG,WAAO7L,GAAO,uEAM3B,OALItY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,YACZC,MAAOe,IACP,SACW9jB,EAAGsY,GAAQ,mFACzB,6CACGwL,EAAOE,SACT,EAAKA,OAAS,WAAH,wBAAG,WAAO1L,GAAO,uEAMxB,OALItY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,IACP,SACW9jB,EAAGsY,GAAQ,mFACzB,mDARa,IASf,CACH,CAAC,iBA5DkC,CAASyJ,GCMjC+C,EAA8C,WAAH,wBAAG,WACzD9C,EACApvB,GAAQ,uFAEkBsvB,EAAwCF,EAAU,CAC1ExM,IAAK,wBACLnN,OAAQ,MACRzL,YAAahK,aAAO,EAAPA,EAASgK,aACrBioB,GAAiB,OAJH,OAAXzhB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAVuD,qCAAG,GAe9C2hB,EAA2C,WAAH,wBAAG,WACtD/C,EACApvB,GAAO,6EAEgB,OAAfgK,GAFD,EAEqBhK,GAApBgK,YAAayH,EAAE,EAAFA,GAAE,SACG6d,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,GAC9BgE,OAAQ,MACRzL,YAAAA,GACCioB,GAAiB,OAJH,OAAXzhB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAXoD,qCAAG,GAgB3C4hB,EAA2C,WAAH,wBAAG,WACtDhD,EACApvB,GAAO,6EAEqB,OAApBgK,GAFD,EAE0BhK,GAAzBgK,YAAa0b,EAAO,EAAPA,QAAO,SACF4J,EAAYF,EAAU,CAC9CxM,IAAK,wBACLnN,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,GACCioB,GAAiB,OALH,OAAXzhB,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZoD,qCAAG,GAiB3C6hB,EAA6C,WAAH,wBAAG,WACxDjD,EACApvB,GAAO,6EAEgB,OAAfyR,GAFD,EAEqBzR,GAApByR,GAAIzH,EAAW,EAAXA,YAAW,SACGslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,GAC9BgE,OAAQ,SACRzL,YAAAA,IACA,OAJe,OAAXwG,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAXsD,qCAAG,GAgB7C8hB,EAAoD,WAAH,wBAAG,WAC/DlD,EACApvB,GAAO,+EAEyB,OAAxBgK,GAFD,EAE8BhK,GAA7BgK,YAAayH,EAAE,EAAFA,GAAIiU,EAAO,EAAPA,QAAO,SACN4J,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,EAAE,cAChCgE,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,IACA,OALe,OAAXwG,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZ6D,qCAAG,GAiBpD+hB,EAAsD,WAAH,wBAAG,WACjEnD,EACApvB,GAAO,+EAEyB,OAAxByR,GAFD,EAE8BzR,GAA7ByR,GAAIiU,EAAO,EAAPA,QAAS1b,EAAW,EAAXA,YAAW,SACNslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,EAAE,WAChCgE,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,IACA,OALe,OAAXwG,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZ+D,qCAAG,aCzFX,IAEnCgiB,GAAmB,wcActC,WAAYpD,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,8RAEzB,IA+Ba,EA/BL6L,EAAqB7L,EAArB6L,IAAK7B,EAAgBhK,EAAhBgK,YAELyH,EAA6C5F,EAA7C4F,GAAInI,EAAyCuC,EAAzCvC,OAAQmpB,EAAiC5mB,EAAjC4mB,QAASC,EAAwB7mB,EAAxB6mB,YAAaxB,EAAWrlB,EAAXqlB,OAgDzC,OA/CD,EAAKzf,GAAKA,EACV,EAAKnI,OAASA,EACd,EAAKmpB,QAAUA,EACf,EAAKC,YAAcA,EAGf,EAAKppB,QAAUqpB,EAAAA,GAAAA,aACjB,EAAKC,OAAS,WAAH,wBAAG,WAAOlN,GAAO,uEAMH,OALjBtY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,GACNsB,GAAoB,SACVplB,EAAGsY,GAAQ,mFACzB,mDARa,IAWd,EAAKjjB,KAAM,qGAMc,OALjB2K,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,MACZC,MAAOe,GACNsB,GAAoB,SACVplB,IAAI,mFAGnB,EAAKylB,QAAM,oBAAG,WAAOnN,GAAO,uEAMH,OALjBtY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,MACZC,MAAOe,GACNsB,GAAoB,SACVplB,EAAGsY,GAAQ,mFACzB,6CAED,EAAKlgB,QAAS,qGAMV,OALI4H,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,IACP,SACW9jB,IAAI,oFAEpB,CACH,CAAC,iBApEqC,CAAS+hB,GCMpC2D,GAAiD,WAAH,wBAAG,WAC5D1D,EACApvB,GAAO,uFAEmBsvB,EAAYF,EAAU,CAC9CxM,IAAK,0BACLnN,OAAQ,MACRzL,YAAahK,aAAO,EAAPA,EAASgK,aACrBwoB,IAAoB,OAJN,OAAXhiB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAV0D,qCAAG,GAejDuiB,GAAoD,WAAH,wBAAG,WAC/D3D,EACApvB,GAAO,6EAEqB,OAApBgK,GAFD,EAE0BhK,GAAzBgK,YAAa0b,EAAO,EAAPA,QAAO,SACF4J,EAAYF,EAAU,CAC9CxM,IAAK,0BACLnN,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,GACCwoB,IAAoB,OALN,OAAXhiB,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZ6D,qCAAG,GAiBpDwiB,GAAoD,WAAH,wBAAG,WAC/D5D,EACApvB,GAAO,6EAEqB,OAApBgK,GAFD,EAE0BhK,GAAzBgK,YAAa0b,EAAO,EAAPA,QAAO,SACF4J,EAAYF,EAAU,CAC9CxM,IAAK,0BACLnN,OAAQ,MACRiQ,QAAAA,EACA1b,YAAAA,GACCwoB,IAAoB,OALN,OAAXhiB,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZ6D,qCAAG,GAiBpDyiB,GAAgD,WAAH,wBAAG,WAC3D7D,EACApvB,GAAQ,uFAEkBsvB,EAAYF,EAAU,CAC9CxM,IAAK,0BACLnN,OAAQ,SACRzL,YAAahK,aAAO,EAAPA,EAASgK,cACtB,OAJe,OAAXwG,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAVyD,qCAAG,8FC9CtD,SAAS0iB,EAQd/R,EACArhB,EACAqzB,GAIA,IAAMC,GAAOlS,EAAAA,EAAAA,GAA4BC,EAA2BrhB,EAAoBqzB,GAExF,OADsBE,EAAAA,EAAAA,GAAwBD,EAEhD,knCClBO,SAASC,EAQfhS,GAEC,OAAO,SAAP,+bAIE,aAA4B,iDAAbzgB,EAAI,yBAAJA,EAAI,gBAQR,OAPT,+BAASA,KAAM,sCAEf,EAAK0yB,UAAY7yB,OAAOmgB,QAAQ2S,GAC7B1hB,QAAO,YAAO,MAAgB,aAAvB,YAAO,EAAyB,IACvCwS,QAAO,SAACmP,EAAK,GAAe,mBAAdltB,EAAI,KAAE8G,EAAE,KAErB,OADAomB,EAAIltB,GAAS8G,EAAW8K,KAAK,MAAM,WAC5Bsb,CACT,GAAG,CAAC,GAAG,CACX,CAAC,iBAbI,CAAgCnS,EAezC,qCCjBO,IAAKoS,EAKAC,EAKAf,mFAPX,SAHWc,GAAAA,EAAS,kBAATA,EAAS,sBAGpB,CAHWA,IAAAA,EAAS,KAQpB,SAHWC,GAAAA,EAAM,oBAANA,EAAM,wBAGjB,CAHWA,IAAAA,EAAM,KAQjB,SAHWf,GAAAA,EAAc,4BAAdA,EAAc,gBAGzB,CAHWA,IAAAA,EAAc,wLClBLgB,EAAQ,WAG3B,WAAYC,IAAa,kDAEvB1zB,KAAK0zB,YAAcC,SAASD,GAAe,EAC7C,CAOC,OAPA,2BAUD,WAEE,OADWhyB,KAAKC,MAAQ3B,KAAK0zB,aAAe,GAE9C,IAAC,qBAVD,WAGE,OAAO,IAAID,EADO,EAEpB,KAAC,EAb0B,smBCoC7B,IAAMG,EAAkB,CAEtBxW,WAAW,EACXI,YAAY,EACZT,aAAa,EAEb8W,0BAA0B,EAC1BtwB,aAASoL,EACTmlB,mBAAoB,GACpB7tB,WAAYW,EAAAA,oBAcDmtB,EAAY,WAmCvB,WAAY9rB,GAAgE,IAAnCnI,EAA+B,UAAH,6CAAG,CAAC,EAGvE,IAHwE,iMACxEE,KAAKiI,IAAMA,EACXjI,KAAKE,QAAW+H,EAAY/H,SACvBF,KAAKE,QACR,MAAM,IAAIiE,EAAAA,EAAa,qDAGzBrE,EAAUS,OAAOC,OAAO,CAAC,EAAGozB,GAAiB3zB,EAAAA,EAAAA,IAAWH,KACnD6pB,EAAAA,EAAAA,iBACH7pB,EAAQg0B,mBAAqBF,EAAgBE,oBAG/C9zB,KAAKF,QAAUA,EAEf,IAAMk0B,GAAiC/zB,EAAAA,EAAAA,IAAW,CAChDgG,WAAYnG,EAAQmG,WACpBlB,OAAQjF,EAAQiF,SAEa,YAA3B,OAAOjF,EAAQyD,SAEjBywB,EAAehwB,gBAAkBlE,EAAQyD,QAChCzD,EAAQyD,UACjBywB,EAAenwB,YAAc/D,EAAQyD,SAGvCvD,KAAKuD,QAAU0E,EAAIylB,eAAeuG,gBAAgB,EAAD,KAAKD,GAAc,IAAEzuB,oBAAoB,KAC1FvF,KAAKk0B,MAAQT,EAASnxB,SACtBtC,KAAK2J,MAnEA,CACLwqB,eAAgB,CAAC,EACjBC,aAAc,KAkEhB,CA8QC,MAjIA,EApBA,EAiRA,OA1YA,0BAlDD,SAAGrrB,EAA6BqC,EAAsCqN,GAChEA,EACFzY,KAAKE,QAAQyI,GAAGI,EAAOqC,EAASqN,GAEhCzY,KAAKE,QAAQyI,GAAGI,EAAOqC,EAE3B,GAAC,iBAOD,SAAIrC,EAA6BqC,GAC3BA,EACFpL,KAAKE,QAAQmL,IAAItC,EAAOqC,GAExBpL,KAAKE,QAAQmL,IAAItC,EAErB,GAAC,mBAiCD,WACM/I,KAAKF,QAAQ+zB,0BACf7zB,KAAK6zB,2BAEP7zB,KAAKq0B,2BACLr0B,KAAK2J,MAAM8S,SAAU,CACvB,GAAC,kBAED,WACEzc,KAAKs0B,6BACLt0B,KAAK2J,MAAM8S,SAAU,CACvB,GAAC,uBAED,WACE,QAASzc,KAAK2J,MAAM8S,OACtB,GAAC,wBAED,WACE,OAAO0I,EAAAA,EAAAA,IAAMnlB,KAAKF,QACpB,GAAC,2BAED,SAAc+I,GACZ,IAAMirB,EAAqB9zB,KAAKF,QAAQg0B,oBAAsB,EAE9D,OADiBjrB,EAAMzD,UAAY0uB,CAErC,GAAC,wBAED,SAAWjrB,GAET,OADiB7I,KAAKu0B,cAAc1rB,IACf7I,KAAKk0B,MAAMvyB,KAClC,GAAC,yBAED,SAAYX,EAAK6H,GACf7I,KAAKE,QAAQ8J,KAAKyT,EAAAA,GAAezc,EAAK6H,EACxC,GAAC,yBAED,SAAY7H,EAAKwzB,EAAYlW,GAC3Bte,KAAKE,QAAQ8J,KAAKmU,EAAAA,EAAend,EAAKwzB,EAAYlW,EACpD,GAAC,uBAED,SAAUtd,EAAK6H,GACb7I,KAAKE,QAAQ8J,KAAKpB,EAAAA,GAAa5H,EAAK6H,EACtC,GAAC,yBAED,SAAY7H,EAAK6H,GACf7I,KAAKE,QAAQ8J,KAAKf,EAAAA,GAAejI,EAAK6H,EACxC,GAAC,uBAED,SAAUkB,GACR/J,KAAKE,QAAQ8J,KAAKyqB,EAAAA,GAAa1qB,EACjC,GAAC,qCAED,SAAwB/I,GACtB0zB,aAAa10B,KAAK2J,MAAMwqB,eAAenzB,WAChChB,KAAK2J,MAAMwqB,eAAenzB,GAGjChB,KAAK2J,MAAMyqB,aAAe,IAC5B,GAAC,wCAED,WACE,IAAID,EAAiBn0B,KAAK2J,MAAMwqB,eAChC,IAAK,IAAInzB,KAAOmzB,EACT5zB,OAAOD,UAAUq0B,eAAeld,KAAK0c,EAAgBnzB,IAG1DhB,KAAK0e,wBAAwB1d,EAEjC,GAAC,mCAED,SAAsBA,EAAK6H,GAAO,WAChC,KAAIqU,EAAAA,EAAAA,IAAerU,GAAnB,CAIA,IAAI+rB,EAAa50B,KAAKu0B,cAAc1rB,GAChCgsB,EAA+D,IAA7C/oB,KAAKgpB,IAAIF,EAAa50B,KAAKk0B,MAAMvyB,MAAO,GAG9D3B,KAAK0e,wBAAwB1d,GAE7B,IAAI+zB,EAAqBnpB,YAAW,WAClC,EAAKopB,YAAYh0B,EAAK6H,EACxB,GAAGgsB,GAGH70B,KAAK2J,MAAMwqB,eAAenzB,GAAO+zB,CAbjC,CAcF,GAAC,sCAED,WACE,IAAIE,EAAej1B,KAAKuD,QAAQ0Z,aAChC,IAAI,IAAIjc,KAAOi0B,EACb,GAAK10B,OAAOD,UAAUq0B,eAAeld,KAAKwd,EAAcj0B,GAAxD,CAGA,IAAI6H,EAAQosB,EAAaj0B,GACzBhB,KAAKye,sBAAsBzd,EAAK6H,EAFhC,CAIJ,GAAC,wCAGD,WACE7I,KAAKs0B,6BACLt0B,KAAKq0B,0BACP,GAAC,iBAED,SAAIrzB,EAAK6H,GACP,IAAIosB,EAAej1B,KAAKuD,QAAQ0Z,cAChCiY,EAAAA,EAAAA,GAAcrsB,GACdosB,EAAaj0B,GAAO6H,EACpB7I,KAAKuD,QAAQgb,WAAW0W,GACxBj1B,KAAKm1B,sBACLn1B,KAAKwe,UAAUxd,EAAK6H,GACpB7I,KAAKye,sBAAsBzd,EAAK6H,EAClC,GAAC,qBAED,SAAQ7H,GAEN,OADmBhB,KAAKuD,QAAQ0Z,aACZjc,EACtB,GAAC,sCAED,WAAUA,GAAG,0FACJhB,KAAKo1B,QAAQp0B,IAAI,gDACzB,yEAED,WACE,IAAMgc,EAAS,CAAC,EACViY,EAAej1B,KAAKuD,QAAQ0Z,aAWlC,OAVA1c,OAAOkF,KAAKwvB,GAAcvvB,SAAQ,SAAA1E,GAChC,IAAM6H,EAAQosB,EAAaj0B,IACvBq0B,EAAAA,EAAAA,IAAcxsB,GAChBmU,EAAOlT,YAAcjB,GACZysB,EAAAA,EAAAA,IAAUzsB,GACnBmU,EAAOnT,QAAUhB,GACRqU,EAAAA,EAAAA,IAAerU,KACxBmU,EAAOhS,aAAenC,EAE1B,IACOmU,CACT,GAAC,4CAED,uGACShd,KAAK+K,iBAAe,gDAC5B,8EAED,SAAoB2C,GAClB,IAAMunB,EAAej1B,KAAKuD,QAAQ0Z,aAOlC,OANY1c,OAAOkF,KAAKwvB,GAActjB,QAAO,SAAA3Q,GAC3C,IAAM6H,EAAQosB,EAAaj0B,GAC3B,OAAQq0B,EAAAA,EAAAA,IAAcxsB,IAAmB,gBAAT6E,IAC1B4nB,EAAAA,EAAAA,IAAUzsB,IAAmB,YAAT6E,IACpBwP,EAAAA,EAAAA,IAAerU,IAAmB,iBAAT6E,CACjC,IAAG,EAEL,GAAC,0BAED,SAAqB7E,GACnB,IAAIwsB,EAAAA,EAAAA,IAAcxsB,GAChB,MAAO,cAET,IAAIysB,EAAAA,EAAAA,IAAUzsB,GACZ,MAAO,UAET,IAAGqU,EAAAA,EAAAA,IAAerU,GAChB,MAAO,eAET,MAAM,IAAI1E,EAAAA,EAAa,qBACzB,GAAC,iCAGD,WACE,IAAIO,EAAAA,EAAAA,gBAAgB,CAClB,IAAMnB,EAAUvD,KAAKuD,QAAQ0Z,aAC7Bjd,KAAKE,QAAQ8J,KAAKoU,EAAAA,GAAmB7a,EACvC,CACF,GAAC,wBAGD,WACE,OAAOvD,KAAKuD,OACd,GAAC,uBAED,SACEyZ,EAEAuY,EACAC,EACAC,GACM,WACAC,EAAsB,SAAC10B,EAAK6H,GAChC,IAAM6E,EAAO,EAAKioB,aAAa9sB,GAClB,gBAAT6E,EACF6nB,GAAiBA,EAAcv0B,EAAK6H,GAClB,YAAT6E,EACT8nB,GAAaA,EAAUx0B,EAAK6H,GACV,iBAAT6E,GACT+nB,GAAkBA,EAAez0B,EAAK6H,EAE1C,EACM+sB,EAAc,SAAC50B,EAAK6H,GACxB,EAAK2V,UAAUxd,EAAK6H,GACpB,EAAK4V,sBAAsBzd,EAAK6H,GAChC6sB,EAAoB10B,EAAK6H,EAC3B,EAOMgtB,EAAgB,SAAC70B,EAAK6H,GAC1B,EAAK6V,wBAAwB1d,GAC7B,EAAK2d,YAAY3d,EAAK6H,GACtB6sB,EAAoB10B,EAAK6H,EAC3B,EAEMxE,EAAqB,CAAC,UAAW,cAAe,gBAChDyxB,EAAiB91B,KAAK+K,gBAG5B1G,EAAMqB,SAAQ,SAACgI,GACb,IAAM7E,EAAQmU,EAAOtP,GACjB7E,IACFqsB,EAAAA,EAAAA,GAAcrsB,EAAO6E,EAEzB,IAGA,IAAMnK,EAAUc,EAAM8f,QAAO,SAAC5gB,EAASmK,GACrC,IAAM7E,EAAQmU,EAAOtP,GAKrB,OAJI7E,IAEFtF,EADmB,EAAK6b,oBAAoB1R,IAASA,GAC/B7E,GAEjBtF,CACT,GAAG,CAAC,GACJvD,KAAKuD,QAAQgb,WAAWhb,GACxBvD,KAAKm1B,sBAGL9wB,EAAMqB,SAAQ,SAAAgI,GACZ,IArCqB1M,EAAK6H,EAAOyV,EAqC3ByX,EAAW/Y,EAAOtP,GAClBsoB,EAAgBF,EAAepoB,GAC/BzH,EAAa,EAAKmZ,oBAAoB1R,IAASA,EACjDqoB,GAAYC,GAEdH,EAAc5vB,EAAY+vB,GAC1BJ,EAAY3vB,EAAY8vB,GA3CL/0B,EA4CLiF,EA5CU4C,EA4CEktB,EA5CKzX,EA4CK0X,EA3CtC,EAAKpX,YAAY5d,EAAK6H,EAAOyV,GAC7B,EAAKI,wBAAwB1d,GAC7B,EAAKyd,sBAAsBzd,EAAK6H,GAChC6sB,EAAoB10B,EAAK6H,IAyCdktB,EACTH,EAAY3vB,EAAY8vB,GACfC,GACTH,EAAc5vB,EAAY+vB,EAE9B,GACF,GAAC,oBAED,SAAOh1B,GAELhB,KAAK0e,wBAAwB1d,GAE7B,IAAIi0B,EAAej1B,KAAKuD,QAAQ0Z,aAC5BgZ,EAAehB,EAAaj0B,UACzBi0B,EAAaj0B,GACpBhB,KAAKuD,QAAQgb,WAAW0W,GACxBj1B,KAAKm1B,sBAELn1B,KAAK2e,YAAY3d,EAAKi1B,EACxB,GAAC,6CAGD,WAAiBptB,GAAK,gGACC,QADD,EACb7I,KAAKiI,IAAIY,aAAK,aAAd,EAAgB0U,MAAM1U,IAAM,gDACpC,yEAED,SAAcA,GACZ,OAAOqsB,EAAAA,EAAAA,GAAcrsB,EACvB,GAAC,mBAGD,SAAM7H,GAAiC,WAErC,GAAIhB,KAAK2J,MAAMyqB,aACb,OAAOp0B,KAAK2J,MAAMyqB,aAGpB,IACE,IAAIvrB,EAAQ7I,KAAKo1B,QAAQp0B,GACrBk1B,OAAwBvnB,IAAV9F,EAElB,IAAKA,GAAiB,gBAAR7H,EAAuB,CAEnC,IAAMm1B,EAAan2B,KAAKof,oBAAoB,gBAE5C8W,OAA+BvnB,IADV3O,KAAKo1B,QAAQe,EAEpC,CAEA,IAAKD,EACH,MAAM,IAAI/xB,EAAAA,EAAa,8CAAgDnD,EAE3E,CACA,MAAOqM,GAEL,OADArN,KAAKsd,UAAUjQ,GACRnC,QAAQoC,OAAOD,EACxB,CAmCA,OAhCArN,KAAK0e,wBAAwB1d,GAIRhB,KAAK2J,MAAMyqB,aAAep0B,KAAKiI,IAAIY,MAAMutB,cAC3DjsB,MAAK,SAAA6S,GAKJ,GAJA,EAAKkF,UAAUlF,IAIVnU,GAAiB,gBAAR7H,EAAuB,CACnC,IAAM8I,EAAckT,EAAoB,YAExC,OADA,EAAK4B,YAAY5d,EAAK8I,EAAa,MAC5BA,CACT,CAIA,OAAOkT,EADW,EAAK2Y,aAAa9sB,GAEtC,IACCsC,OAAM,SAAAkC,GAKL,MAHA,EAAKrK,OAAOhC,GACZqM,EAAIgpB,SAAWr1B,EACf,EAAKsc,UAAUjQ,GACTA,CACR,IACCqe,SAAQ,WAEP,EAAK/hB,MAAMyqB,aAAe,IAC5B,GAGJ,GAAC,mBAED,WAAQ,WACApX,EAAShd,KAAK+K,gBACpB/K,KAAKs0B,6BACLt0B,KAAKuD,QAAQ+yB,eACbt2B,KAAKm1B,sBAEL50B,OAAOkF,KAAKuX,GAAQtX,SAAQ,SAAA1E,GAC1B,EAAK2d,YAAY3d,EAAKgc,EAAOhc,GAC/B,GACF,GAAC,sCAED,WAA2B,WACnBi0B,EAAej1B,KAAKuD,QAAQ0Z,aAC5BsZ,EAAgB,CAAC,EACvBh2B,OAAOkF,KAAKwvB,GAAcvvB,SAAQ,SAAA1E,GAC5Bi0B,EAAaj0B,GAAKw1B,gBACpBD,EAAcv1B,GAAOi0B,EAAaj0B,UAC3Bi0B,EAAaj0B,GAExB,IACAhB,KAAKuD,QAAQgb,WAAW0W,GACxBj1B,KAAKm1B,sBACL50B,OAAOkF,KAAK8wB,GAAe7wB,SAAQ,SAAA1E,GACjC,EAAK0d,wBAAwB1d,GAC7B,EAAK2d,YAAY3d,EAAKu1B,EAAcv1B,GACtC,GACF,GAAC,gCAED,SAAmB6H,GACjB,IAAM7H,EAAMhB,KAAKof,oBAAoB,iBAAmB/X,EAAAA,0BAGpD4tB,EAAej1B,KAAKuD,QAAQ0Z,cAChCiY,EAAAA,EAAAA,GAAcrsB,GACdosB,EAAaj0B,GAAO6H,EACpB7I,KAAKuD,QAAQgb,WAAW0W,GACxBj1B,KAAKm1B,qBACP,GAAC,gCAED,WACE,IAAMn0B,EAAMhB,KAAKof,oBAAoB,iBAAmB/X,EAAAA,0BACxDrH,KAAKgD,OAAOhC,EACd,GAAC,mCAED,WACE,IAAMgc,EAAShd,KAAK+K,gBACpBxK,OAAOkF,KAAKuX,GAAQtX,SAAQ,SAAA1E,GAC1Bgc,EAAOhc,GAAKw1B,eAAgB,CAC9B,IACAx2B,KAAKkiB,UAAUlF,EACjB,KAAC,EAzcsB,2HCrEnByZ,EAAqB,KC+BpB,SAASC,IAOd,OAAO,WAOL,WAAY52B,IAAoC,uKAE9CE,KAAK0tB,eAAiB5tB,EAAQ4tB,eAC9B1tB,KAAK22B,qBAAsD,IAAhC72B,EAAQ62B,oBACnC32B,KAAK42B,kBAAgD,IAA7B92B,EAAQ82B,iBAChC52B,KAAKF,QAAUA,CACjB,CA2EC,OA3EA,6BAGD,WAAiD,IAA3CA,EAAuC,UAAH,6CAAG,CAAC,EACtC+2B,EAAsC72B,KAAK0tB,eAAeoJ,wBAC1DjR,EAAOgR,EAAmB5Z,aAMhC,GAHA4Z,EAAmBP,eAGft2B,KAAK22B,sBAAsD,IAA/B72B,EAAQi3B,mBAA8B,CACpE,IAAMptB,EAAQ7J,EAAQ6J,QAASkc,aAAI,EAAJA,EAAMlc,OACjCA,GDxBL,SACL+jB,EAAiD/jB,GAEjD,IAAMqtB,EAAgBtJ,EAAeuJ,6BAC/BvW,EAAUsW,EAAc/Z,oBACvByD,EAAQ/W,GACfqtB,EAAczY,WAAWmC,EAC3B,CCkBUwW,CAAkCl3B,KAAK0tB,eAAgB/jB,EAE3D,CACF,GAAC,kBAGD,SAAKkc,GAA+C,IAAtC/lB,EAAkC,UAAH,6CAAG,CAAC,EAK3CyD,EAA2BvD,KAAK0tB,eAAeoJ,wBAC7CxhB,EAAM/R,EAAQ0Z,cAIhBka,EAAAA,EAAAA,IAAkB7hB,KAASxV,EAAQs3B,cAErC3yB,EAAAA,EAAAA,IAAK,2GAGPlB,EAAQgb,WAAWsH,GAGf7lB,KAAK22B,qBAAuB9Q,EAAKlc,OD1EpC,SACL+jB,EAAiD/jB,EAAekc,GAEhE,IAAMmR,EAAgBtJ,EAAeuJ,6BAC/BvW,EAAUsW,EAAc/Z,aAC9ByD,EAAQ/W,GAAS,CACf0tB,YAAa31B,KAAKC,MAClB2O,YAAauV,GAEfmR,EAAczY,WAAWmC,EAC3B,CCiEQ4W,CAA+Bt3B,KAAK0tB,eAAgB7H,EAAKlc,MAAOkc,EAEpE,GAAC,oBAED,WAAsD,IAA/C/lB,EAAkC,UAAH,6CAAG,CAAC,EACxC,IAEE,QADaE,KAAKu3B,KAAKz3B,EAEzB,CAAE,SACA,OAAO,CACT,CACF,GAAC,kBAID,WAAmE,IAE7D+lB,EDxGFmR,EACAtW,ECqGC5gB,EAAkC,UAAH,6CAAG,CAAC,EAKtC,OAAIE,KAAK22B,qBAAuB72B,EAAQ6J,QD3GtCqtB,EC4GmBh3B,KAAK0tB,eD5GOuJ,6BAC/BvW,EAAUsW,EAAc/Z,aAC9B1c,OAAOkF,KAAKib,GAAShb,SAAQ,SAAAiE,GAC3B,IAAM6tB,EAAQ9W,EAAQ/W,GACVjI,KAAKC,MAAQ61B,EAAMH,YACrBZ,UACD/V,EAAQ/W,EAEnB,IACAqtB,EAAczY,WAAWmC,GCoGnBmF,EDpFD,SACL6H,EAAiD/jB,GAEjD,IAEM6tB,EAFgB9J,EAAeuJ,6BACPha,aACRtT,GACtB,OAAI6tB,GAASA,EAAMlnB,cAAe6mB,EAAAA,EAAAA,IAAkBK,EAAMlnB,aACjDknB,EAAMlnB,YAER,IACT,CC0EemnB,CAAiCz3B,KAAK0tB,eAAgB5tB,EAAQ6J,QACjEwtB,EAAAA,EAAAA,IAAkBtR,IACbA,GAKXA,EAD+B7lB,KAAK0tB,eAAeoJ,wBACpC7Z,cACXka,EAAAA,EAAAA,IAAkBtR,GAEbA,EAGF,KACT,KAAC,EAxFI,EA2FT,6FCnHO,SAAS6R,EAAY7uB,GAC1B,IACI8uB,EADApS,EAAM1c,EAAM1G,MAAM,KAGtB,IACEw1B,EAAe,CACb1P,OAAQpiB,KAAKC,OAAM0d,EAAAA,EAAAA,IAAkB+B,EAAI,KACzCC,QAAS3f,KAAKC,OAAM0d,EAAAA,EAAAA,IAAkB+B,EAAI,KAC1CG,UAAWH,EAAI,GAEnB,CAAE,MAAOxiB,GACP,MAAM,IAAIoB,EAAAA,EAAa,kBACzB,CAEA,OAAOwzB,CACT,iUCIMC,EAAiB,aACjBC,EAAS,WAER,SAASC,EAAiBxiB,GAC/B,QACGqT,EAAAA,EAAAA,cAAarT,KAAQsT,EAAAA,EAAAA,gBAAetT,KACnB,mBAAlBA,EAAIyQ,SAER,CAIO,SAAegS,EAAU,EAAD,oCAO9B,wCAPM,WAAyB9P,EAAgB+P,EAAgBC,GAAqB,2EAE7B,OADhDC,GAAOjV,EAAAA,EAAAA,IAAkBpd,KAAKE,UAAUkiB,IACxCgD,GAAOhI,EAAAA,EAAAA,IAAkBpd,KAAKE,UAAUiyB,IAAQ,SAC9BnT,EAAAA,GAAAA,OAAAA,KACtB,CAAEze,KAAM6xB,EAAWE,UAAU/xB,MAAQ6xB,GAAYtU,EAAAA,EAAAA,IAAe,GAAD,OAAIuU,EAAI,YAAIjN,KAC5E,OAFc,OAATvF,EAAY,EAAH,iCAGLwS,EAAI,YAAIjN,EAAI,aAAI9H,EAAAA,EAAAA,KAAkBc,EAAAA,EAAAA,IAAkByB,MAAW,4CAC1E,sBAEM,SAAS0S,IAAiC,IAAdC,EAAU,UAAH,6CAAG,GAC3C,OAAO,OAAIxT,EAAAA,GAAAA,gBAA0B,IAAIhB,WAAWwU,KAAWtqB,KAAI,SAAAuqB,GAAC,OAAIA,EAAEtsB,SAAS,GAAG,IAAEpJ,KAAK,GAC/F,CAEO,SAAe21B,IAAe,+BAWpC,wCAXM,oFAMJ,OALKJ,EAAY,CAChB/xB,KAAM,oBACN4e,KAAM,UACNwT,cAAe,KACfC,eAAgB,IAAI5U,WAAW,CAAC,EAAM,EAAM,KAC7C,kBAIMgB,EAAAA,GAAAA,OAAAA,YAA6BsT,GAAW,EAAO,CAAC,OAAQ,YAAU,4CAC1E,+BAEcO,EAAe,+CAM7B,OAN6B,oBAA9B,WAAgC5uB,GAAmB,yEACG,OAA9C8Z,GAAS,IAAIe,aAAcC,OAAO9a,GAAY,SACjC+a,EAAAA,GAAAA,OAAAA,OAAwB,UAAWjB,GAAO,OAAnD,OAAJoB,EAAO,EAAH,wBAEH5B,EAAAA,EAAAA,IAAKiB,OAAOC,aAAaW,MAAM,KAAM,IAAIpB,WAAWmB,KACxDljB,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAAG,4CAC9D,sBA8CA,SAGc62B,EAAiB,+CAc/B,OAd+B,oBAAhC,WAAkCpjB,GAAmB,wGAAK7U,EAAI,iCAAJA,EAAI,0BAtCrD,IAAIwK,SAAQ,SAACT,EAAS6C,GAC3B,IACE,IACMsrB,EADYj0B,OAAO+K,UACH8C,KAAKolB,EAAgB,GAE3CgB,EAAI5nB,QAAU,WACZ1D,EAAOsrB,EAAI7uB,MACb,EAEA6uB,EAAInmB,gBAAkB,WACTmmB,EAAI1nB,OACZwB,kBAAkBmlB,EACvB,EAEAe,EAAI3nB,UAAY,WACd,IAAMb,EAAKwoB,EAAI1nB,OACTnB,EAAKK,EAAGE,YAAYunB,EAAQ,aAElC9nB,EAAGiB,QAAU,WACX1D,EAAOyC,EAAGhG,MACZ,EAEA,IAAM8uB,EAAQ9oB,EAAGQ,YAAYsnB,GAE7BptB,EAAQouB,GAER9oB,EAAGmD,WAAa,WACd9C,EAAGrD,OACL,CACF,CACF,CACA,MAAOM,GACLC,EAAOD,EACT,CACF,IAK8B,OAAnB,OAALwrB,EAAQ,EAAH,uBACJ,IAAI3tB,SAAQ,SAACT,EAAS6C,GAI3B,IAAMsrB,EAAMC,EAAMtjB,GAAO,MAAbsjB,EAAiBn4B,GAC7Bk4B,EAAI3nB,UAAY,WACdxG,EAAQmuB,EACV,EACAA,EAAI5nB,QAAU,WACZ1D,EAAOsrB,EAAI7uB,MACb,CACF,KAAE,2CACH,iCAEc+uB,EAAY,iDAG1B,OAH0B,oBAA3B,WAA6BC,EAAgBC,GAAsB,iFAC3DL,EAAkB,MAAOK,EAASD,GAAO,gCACxCC,GAAO,4CACf,sBAGM,SAAeC,EAAW,kCAUhC,wCAVM,WAA4BF,GAAe,2EAC5CA,EAAQ,CAAF,+BACUJ,EAAkB,MAAOI,GAAO,OAAzC,KAAHH,EAAM,EAAH,MACD1nB,OAAQ,CAAF,wCACL0nB,EAAI1nB,QAAM,aAKf,IAAI/M,EAAAA,EAAa,sDAAD,OAAuD40B,EAAS,KAAH,OAAQA,EAAM,KAAM,KAAK,4CAC7G,sBAEM,SAAeG,EAAgB,kCAErC,wCAFM,WAAiCH,GAAc,iFAC9CJ,EAAkB,SAAUI,GAAO,4CAC1C,sBAEM,SAAeI,IAAoB,+BAEzC,wCAFM,8FACCR,EAAkB,SAAQ,4CACjC,sBAGM,SAAeS,IAAiB,+BAKtC,wCALM,sFACiC,OAAhCC,EAAYjB,EAAkB,GAAE,SAChBG,IAAiB,OAA1B,OAAPS,EAAU,EAAH,cACPF,EAAaO,EAAWL,GAAQ,gCAC/B,CAAEA,QAAAA,EAASK,UAAAA,IAAW,4CAC9B,sBAIM,SAAeC,EAA2B,oCAmBhD,wCAnBM,WAA4CC,EAAoCvc,GAAc,+EAejC,GAd9Dwc,GAAc,EAEV1vB,EAA8BkT,EAA9BlT,YAAakB,EAAiBgS,EAAjBhS,aAGA,WAAjBuuB,GAA6BzvB,GAAyC,SAA1BA,EAAY2vB,YAAyBzuB,IACnFwuB,GAAc,GAIK,YAAjBD,GAA8BvuB,IAAiBlB,IACjD0vB,GAAc,GAGVT,EAAgC,QAA1B,EAAGjvB,aAAW,EAAXA,EAAa4vB,kBAAU,QAAI1uB,aAAY,EAAZA,EAAc0uB,YACpDF,IAAeT,EAAM,gCACjBG,EAAiBH,GAAO,4CAEjC,sBAIM,SAAeY,EAAiB,kCAyBtC,wCAzBM,+GAA4E,OAAxCX,EAAO,EAAPA,QAAStW,EAAG,EAAHA,IAAKnN,EAAM,EAANA,OAAQqkB,EAAK,EAALA,MAAO9vB,EAAW,EAAXA,YAAW,SAC1C+a,EAAAA,GAAAA,OAAAA,UAA2B,MAAOmU,EAAQa,WAAU,OAgB1F,GAhB0F,SAAnFC,EAAG,EAAHA,IAAKC,EAAG,EAAHA,IAAKh3B,EAAC,EAADA,EAAG8jB,EAAC,EAADA,EAAGmT,EAAC,EAADA,EAAGC,EAAC,EAADA,EACrBhS,EAAS,CACbiS,IAAK,QACLC,IAAK,WACLC,IAAK,CAAEN,IAAAA,EAAKC,IAAAA,EAAKh3B,EAAAA,EAAG8jB,EAAAA,EAAGmT,EAAAA,EAAGC,EAAAA,IAGtBjC,EAAqB,CACzBqC,IAAK9kB,EACL+kB,IAAK5X,EACL6X,IAAKzuB,KAAKsH,MAAM1R,KAAKC,MAAQ,KAC7B64B,IAAKpC,KAGHwB,IACF5B,EAAO4B,MAAQA,IAIb9vB,EAAa,CAAF,iCACM4uB,EAAgB5uB,GAAY,QAA/CkuB,EAAOyC,IAAM,EAAH,sCAGL1C,EAAU9P,EAAQ+P,EAAQgB,EAAQ0B,aAAW,6CACrD,sBAGM,SAAeC,EAA2B,kCAOhD,wCAPM,6FAIJ,OAJkD3B,EAAO,EAAPA,QAAStW,EAAG,EAAHA,IAAKnN,EAAM,EAANA,OAAQqkB,EAAK,EAALA,MACnEtR,EAA0B,CAAE0Q,QAAAA,EAAStW,IAAAA,EAAKnN,OAAAA,GAC5CqkB,IACFtR,EAAOsR,MAAQA,GAChB,kBAEMD,EAAkBrR,IAAO,4CACjC,4uBC5NM,SAASsS,EAAgCC,GAE9C,IAAKA,EAAY/a,SACf,MAAM,IAAI3b,EAAAA,EAAa,2EAGzB,IAAI8oB,EAAAA,EAAAA,IAAS4N,EAAY1O,gBAA4D,IAA3C0O,EAAY1O,aAAavmB,QAAQ,KACzE,MAAM,IAAIzB,EAAAA,EAAa,4DAIzB,IAAI22B,EAA2B,CAC7B,UAAaD,EAAY/a,SACzB,eAAkB+a,EAAYE,cAC9B,sBAAyBF,EAAYG,oBACrC,QAAWH,EAAYI,QACvB,IAAOJ,EAAYK,IACnB,UAAaL,EAAYM,SACzB,WAAcN,EAAYO,UAC1B,QAAWP,EAAYQ,OACvB,MAASR,EAAYjB,MACrB,OAAUiB,EAAYS,OACtB,aAAgBT,EAAYU,YAC5B,cAAiBV,EAAYjY,aAC7B,cAAiBiY,EAAY1O,aAC7B,aAAgB0O,EAAYW,aAC5B,MAASX,EAAYlxB,MACrB,WAAckxB,EAAYY,UAC1B,kBAAqBZ,EAAYa,iBAUnC,GARAZ,GAAc76B,EAAAA,EAAAA,IAAW66B,GAEzB,CAAC,YAAa,gBAAiB,qBAAqBp1B,SAAQ,SAAUi2B,GAChE5mB,MAAM0Z,QAAQqM,EAAYa,MAC5Bb,EAAYa,GAAcb,EAAYa,GAAY/4B,KAAK,KAE3D,KAEuD,IAAnDi4B,EAAY1O,aAAcvmB,QAAQ,cACO,IAA3Ci1B,EAAYe,OAAQh2B,QAAQ,UAC5B,MAAM,IAAIzB,EAAAA,EAAa,qFAKzB,OAJW02B,EAAYe,SACrBd,EAAYe,MAAQhB,EAAYe,OAAQh5B,KAAK,MAGxCk4B,CACT,CAEO,SAASgB,EAAqBjB,GACnC,IAAIkB,EAAmBnB,EAAgCC,GACvD,OAAO9P,EAAAA,EAAAA,IAAc,EAAD,KACfgR,GACClB,EAAYmB,aAAe,EAAJ,GAASnB,EAAYmB,cAEpD,0aC1CA,SAASC,EAAgBn8B,GAEvB,IAAKA,EAAQggB,SACX,MAAM,IAAI3b,EAAAA,EAAa,2EAGzB,IAAKrE,EAAQy7B,YACX,MAAM,IAAIp3B,EAAAA,EAAa,sEAGzB,IAAKrE,EAAQo8B,oBAAsBp8B,EAAQq8B,gBACzC,MAAM,IAAIh4B,EAAAA,EAAa,6EAGzB,IAAKrE,EAAQs8B,aACX,MAAM,IAAIj4B,EAAAA,EAAa,gFAE3B,CAEA,SAASk4B,EAAYp0B,EAAKnI,GAExB,IAAIwoB,GAAsBroB,EAAAA,EAAAA,IAAW,CACnC,UAAaH,EAAQggB,SACrB,aAAgBhgB,EAAQy7B,YACxB,WAAcz7B,EAAQq8B,gBAAkB,mBAAqB,qBAC7D,cAAiBr8B,EAAQs8B,eAGvBt8B,EAAQq8B,gBACV7T,EAAyB,iBAAIxoB,EAAQq8B,gBAC5Br8B,EAAQo8B,oBACjB5T,EAAOgU,KAAOx8B,EAAQo8B,mBAGxB,IAAQK,EAAiBt0B,EAAInI,QAArBy8B,aAMR,OALIA,IACFjU,EAAsB,cAAIiU,IAIrBxR,EAAAA,EAAAA,IAAczC,GAAQ3lB,MAAM,EACrC,CAAC,SAGc65B,EAAgB,iDAsC9B,OAtC8B,oBAA/B,WAAiCv0B,EAAK,GAAF,2FAIjC,GAJqCya,EAAG,EAAHA,IAAKld,EAAI,EAAJA,KAAMo0B,EAAK,EAALA,MAAO6C,EAAW,EAAXA,YAClDlnB,EAAS,OACTiT,EAAe,CACnB,eAAgB,sCAGdvgB,EAAInI,QAAQ6vB,KAAM,CAAF,mBACb8M,EAAa,CAAF,qBACR,IAAIt4B,EAAAA,EAAa,mDAAkD,wBAGvDw2B,EAAAA,EAAAA,IAA4B,CAAEjY,IAAAA,EAAKnN,OAAAA,EAAQqkB,MAAAA,EAAOZ,QAASyD,IAAc,OAAvFC,EAAQ,EAAH,KACXlU,EAAQmU,KAAOD,EAAM,oCAIFpP,EAAAA,EAAAA,IAAYrlB,EAAK,CAClCya,IAAAA,EACAnN,OAAAA,EACA7U,KAAM8E,EACNgjB,QAAAA,IACA,QALQ,OAAJf,EAAO,EAAH,uBAMHA,GAAI,wCAGPqQ,EAAAA,EAAAA,IAAiB,EAAD,KAAU8B,EAAK,iBACgB,GAA3CgD,EAAoB,QAAX,EAAG,KAAInV,YAAI,aAAR,EAAUe,QAAQ,cACpB,CAAF,sBAEN,IAAI7C,EAAAA,EACR,CAACG,aAAc,8CACP,QADoD,EAC5D,KAAI2B,YAAI,aAAI9Y,GACb,iCAEI6tB,EAAiBv0B,EAAK,CAAEya,IAAAA,EAAKld,KAAAA,EAAMi3B,YAAAA,EAAa7C,MAAOgD,KAAY,+EAI/E,sBAGM,SAAeC,EAAoB,EAAD,oCAWxC,wCAXM,WAAmC50B,EAAKnI,EAA8Bg9B,GAAgB,yEAQ1F,OAPDb,EAAgBn8B,GACZ0F,EAAO62B,EAAYp0B,EAAKnI,GAEtBwoB,EAA6B,CACjC5F,IAAKoa,EAAKC,SACVv3B,KAAAA,EACAi3B,YAAa38B,aAAO,EAAPA,EAAS28B,aACvB,kBAEMD,EAAiBv0B,EAAKqgB,IAAO,4CACrC,sBAEM,SAAe0U,EAAiB,EAAD,oCA2BrC,wCA3BM,WACL/0B,EACAnI,EACAkL,GAA0B,2EAqBzB,OAnBKxF,EAAOjF,OAAOmgB,QAAQ,CAC1Buc,UAAWn9B,EAAQggB,SACnBod,WAAY,gBACZrB,MAAO7wB,EAAa4wB,OAAOh5B,KAAK,KAChCu6B,cAAenyB,EAAaA,eAC3B+C,KAAI,SAAU,GAAe,mBAAd3H,EAAI,KAAE9E,EAAK,KAE3B,OAAO8E,EAAO,IAAMvE,mBAAmBP,EACzC,IAAGsB,KAAK,KAEJ8f,EAAM1X,EAAa+xB,SACnBj9B,EAAQk8B,aAAez7B,OAAOkF,KAAK3F,EAAQk8B,aAAaj8B,QAAU,IACpE2iB,IAAOqI,EAAAA,EAAAA,IAAcjrB,EAAQk8B,cAGzB1T,EAA6B,CACjC5F,IAAAA,EACAld,KAAAA,EACAi3B,YAAa38B,aAAO,EAAPA,EAAS28B,aACvB,kBAEMD,EAAiBv0B,EAAKqgB,IAAO,4CACrC,iJC1IM,SAAS8U,EAAan1B,EAA6B4iB,GACxD,IAAIwS,EAAiBxS,GAAU5iB,EAAInI,QAAQ+qB,OAC3C,OAAOtoB,EAAAA,EAAAA,IAAI0F,EAAKo1B,EAAgB,oCAAqC,CACnExP,eAAe,GAEnB,CAEO,SAASyP,EAAOr1B,EAA6B4iB,EAAgB0S,GAClE,IAAI9P,EAAYxlB,EAAIylB,eAAeC,aAAa1lB,EAAInI,QAAQ0C,SAE5D,OAAO46B,EAAan1B,EAAK4iB,GACxB1gB,MAAK,SAASqzB,GACb,IAAIC,EAAUD,EAAoB,SAI9B1P,EADgBL,EAAUxQ,aACKwgB,GACnC,GAAI3P,GAAkBpsB,KAAKC,MAAM,IAAOmsB,EAAe1oB,UAAW,CAChE,IAAIs4B,GAAY/nB,EAAAA,EAAAA,IAAKmY,EAAenC,SAASlmB,KAAM,CACjD83B,IAAKA,IAGP,GAAIG,EACF,OAAOA,CAEX,CAMA,OAHAjQ,EAAU6I,aAAamH,IAGhBl7B,EAAAA,EAAAA,IAAI0F,EAAKw1B,EAAS,CACvB5P,eAAe,IAEhB1jB,MAAK,SAASwB,GACb,IAAI3K,GAAM2U,EAAAA,EAAAA,IAAKhK,EAAIlG,KAAM,CACvB83B,IAAKA,IAGP,GAAIv8B,EACF,OAAOA,EAGT,MAAM,IAAImD,EAAAA,EAAa,eAAiBo5B,EAAM,uCAChD,GACF,GACF,kKCzCO,SAAeI,EAAsB,EAAD,oCA2E1C,wCA3EM,WAAqC11B,EAA6B4yB,EAA0BiC,GAAiB,iHA8CjH,GA7CDA,EAAOA,IAAQc,EAAAA,EAAAA,IAAa31B,EAAK4yB,GAEjCA,EAAct6B,OAAOC,OAAO,CAAC,GAAGq9B,EAAAA,EAAAA,GAAsB51B,IAAMkd,EAAAA,EAAAA,IAAM0V,IAGhEqB,GAH8E,EAe5ErB,GAZFqB,kBACAC,EAAe,EAAfA,gBACAC,EAAY,EAAZA,aACAtc,EAAQ,EAARA,SACAyb,EAAW,EAAXA,YACAK,EAAM,EAANA,OACAkC,EAAe,EAAfA,gBACAn0B,EAAK,EAALA,MACA8xB,EAAS,EAATA,UACA9L,EAAI,EAAJA,KACA+J,EAAU,EAAVA,WACAsC,EAAW,EAAXA,YAII+B,EAAuC,CAC3Cje,SAAAA,EACAyb,YAAAA,EACAW,kBAAAA,EACAC,gBAAAA,EACAC,aAAAA,EACAzM,KAAAA,GAMIxD,EAAoC,CAAC,UACR,IAA/ByP,EAAQh2B,QAAQ,WAClBumB,EAAalhB,KAAK,YAGd+yB,EAAqC,CACzCle,SAAAA,EACAyb,YAAAA,EACAK,OAAAA,EACAzP,aAAAA,EACA2R,gBAAAA,EACArC,UAAAA,EACAO,YAAAA,GACD,UAGKrM,EAAM,CAAF,oBAEF+J,EAAY,CAAF,kCACUT,EAAAA,EAAAA,IAAYS,GAAW,QAAvCV,EAAU,EAAH,KACb+E,EAAgBtB,YAAczD,EAC9BgF,EAAsBrO,KAAOA,EAC7BqO,EAAsBtE,WAAaA,EAAW,0CAGTN,EAAAA,EAAAA,MAAmB,iBAAhDJ,EAAO,EAAPA,QAASK,EAAS,EAATA,UACjB0E,EAAgBtB,YAAczD,EAC9BgF,EAAsBrO,KAAOA,EAC7BqO,EAAsBtE,WAAaL,EAAU,0BAINwD,EAAAA,EAAAA,GAAoB50B,EAAK81B,EAAiBjB,GAAK,QAAxD,OAA5BmB,EAA+B,EAAH,gBAESC,EAAAA,EAAAA,GAAoBj2B,EAAK+1B,EAAuBC,EAAenB,GAAM,QAEnF,OAFvBqB,EAA+B,EAAH,MACpB7B,KAAOJ,EACrBiC,EAAcx0B,MAAQA,EAAO,kBACtBw0B,GAAa,QAGW,OAHX,UAGpBl2B,EAAIm2B,mBAAmB3vB,QAAQ,4EAElC,4TC/EM,SAAS4vB,EACdp2B,EACAnI,GAEAA,GAAUqlB,EAAAA,EAAAA,IAAMrlB,IAAY,CAAC,EAE7B,IAAMwoB,GAASgW,EAAAA,EAAAA,GAAiCr2B,EAAKnI,GAC/C+lB,GAAO0Y,EAAAA,EAAAA,GAA8Bt2B,EAAKqgB,GAC1CkH,EAAa3J,EAAKiX,KAAK0B,cAAe1C,EAAAA,EAAAA,GAAqBxT,GACjErgB,EAAIm2B,mBAAmBK,KAAK5Y,GACxB5d,EAAInI,QAAQ4+B,YACdz2B,EAAInI,QAAQ4+B,YAAYlP,GAExB7qB,OAAO8d,SAASjiB,OAAOgvB,EAE3B,CCSO,SAASmP,EAAe12B,EAA6B22B,GAC1D,IAAMC,EAAW,SAACtpB,GAChB,OAAO/M,EAAAA,EAAAA,UAAAA,KAAAA,KAAiCo2B,EAAOrpB,EAAQ,KACzD,EAEMupB,EAAoBD,EAASE,EAAAA,EAAAA,KAAqB,KAAM92B,IAGxD+2B,EAAiBH,EAASI,EAAAA,GAAAA,KAAkB,KAAMh3B,IAClDi3B,EAAyC3+B,OAAOC,OAAOw+B,EAAgB,CAE3EG,YAAa,WACX,OAAOx6B,OAAOy6B,OAChB,EAGAC,aAAc,WACZ,OAAO16B,OAAO8d,QAChB,EAGA6c,aAAc,WACZ,OAAO36B,OAAOnD,QAChB,IAGIqH,EAAiB,CACrB02B,mBAAoBA,EAAAA,GAAAA,KAAwB,KAAMt3B,GAClD01B,sBAAuBA,EAAAA,EAAAA,KAA2B,KAAM11B,GACxDu3B,iBAAkBA,EAAAA,EAAAA,KAAsB,KAAMv3B,GAC9Cw3B,aAAcA,EAAAA,EAAAA,KAAkB,KAAMx3B,GACtCy3B,gBAAiBA,EAAAA,EAAAA,KAAqB,KAAMz3B,GAC5C82B,gBAAiBD,EACjBG,aAAcC,EACdS,OAAQjI,EAAAA,EACRkI,OAAQC,EAAAA,EAAAA,KAAiB,KAAM53B,GAC/BsV,MAAOuiB,EAAAA,EAAAA,KAAgB,KAAM73B,GAC7B83B,uBAAwBA,EAAAA,EAAAA,KAA4B,KAAM93B,GAC1DmuB,YAAaA,EAAAA,EAAAA,KAAiB,KAAMnuB,GACpC+3B,YAAa,SACXC,EACAC,GAEA,OAAOF,EAAAA,EAAAA,GAAY/3B,EAAKg4B,EAAmBC,EAC7C,EACAhP,OAAQhM,EAAAA,EAAAA,KAAiB,KAAMjd,GAC/B8Z,gBAAiBA,EAAAA,GAAAA,KAAqB,KAAM9Z,GAC5Ck4B,WAAYC,EAAAA,EAAAA,KAAoB,KAAMn4B,IAiBxC,MAZe,CACb,mBACA,eACA,SACA,QACA,yBACA,eAEKvC,SAAQ,SAAA1E,GACb6H,EAAM7H,GAAO69B,EAASh2B,EAAM7H,GAC9B,IAEO6H,CACT,CAEO,SAASw3B,EAAgBp4B,GAC9B,MAAO,CACLq4B,UAAW,CACTjC,oBAAqBA,EAAoBrmB,KAAK,KAAM/P,IAG1D,wLCjGO,SAASs4B,EAQdtf,EACArhB,EACAshB,GAGA,IAAMC,GAAOxhB,EAAAA,EAAAA,GAAmBC,GAC1BwhB,GAAcC,EAAAA,EAAAA,GAAmBF,EAAMF,GACvCK,GAAWC,EAAAA,EAAAA,GAAgBH,GAC3BI,GAAcC,EAAAA,EAAAA,GAAmBH,GAEvC,OADkBK,EAAAA,EAAAA,GAAwBH,EAAaN,EAEzD,qIC+CO,SAASsf,EAASv4B,EAA6BnI,GACpD,GAAIgB,UAAUf,OAAS,EACrB,OAAOmL,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,qEAOzC,IAAMs8B,GAJN3gC,EAAUA,GAAW,CAAC,GAIM2gC,YAG5B,OAFA3gC,EAAQ2gC,iBAAc9xB,GAEf4wB,EAAAA,EAAAA,IAAmBt3B,EAAKnI,GAC5BqK,MAAK,SAAU0wB,GAGd,IAiBIrL,EAEFsN,EAoBF,OA7BIh9B,EAAQ07B,aACVj7B,OAAOC,OAAOq6B,EAXY,CAC1BS,OAAQ,OACR1Y,aAAc,oBACdqY,QAAS,OASAn7B,EAAQo7B,KACjB36B,OAAOC,OAAOq6B,EAPG,CACjBI,QAAS,UAeX6B,GAAOc,EAAAA,EAAAA,IAAa31B,EAAK4yB,GAEzBrL,GADW1vB,EAAQs8B,aAAeU,EAAKC,SAAWD,EAAK0B,eAC/B1C,EAAAA,EAAAA,GAAqBjB,GAIzCA,EAAYW,cAAwC,OAAxBX,EAAYI,QAC/B,SAEoB,UAAxBJ,EAAYI,QACRn7B,EAAQ4gC,SAAW,YAAc,QAGjC,YAKX,IAAK,SACH,IAAIC,GAAgBC,EAAAA,EAAAA,IAAuB34B,EAAKnI,EAAQ+gC,QAAShG,EAAYlxB,OACzEm3B,GAAWC,EAAAA,EAAAA,IAAUvR,GACzB,OAAOmR,EACJx2B,MAAK,SAAUwB,GACd,OAAOuyB,EAAAA,EAAAA,GAAoBj2B,EAAK4yB,EAAalvB,EAAsBmxB,EACrE,IACCpR,SAAQ,WAC+B,MAAlClqB,SAASypB,KAAK+V,SAASF,KACH,QAAtB,EAAAA,EAASG,qBAAa,OAAtB,EAAwBC,YAAYJ,GAExC,IAEJ,IAAK,QACH,IAAIK,EAIJ,GAAiC,sBAA7BtG,EAAYjY,aAAsC,CACpD,IAAK3a,EAAI7H,SAAS+oB,8BAChB,MAAM,IAAIhlB,EAAAA,EAAa,sDAEzBg9B,GAAeP,EAAAA,EAAAA,IAAuB34B,EAAKnI,EAAQ+gC,QAAShG,EAAYlxB,MAC1E,CA6BA,OAzBI82B,GACFA,EAAYhe,SAASjiB,OAAOgvB,GAIX,IAAItkB,SAAQ,SAAUT,EAAS6C,GAChD,IAAI8zB,EAAcC,aAAY,WACvBZ,IAAeA,EAAYvwB,SAC9BoxB,cAAcF,GACd9zB,EAAO,IAAInJ,EAAAA,EAAa,wCAE5B,GAAG,KAGHg9B,EACGh3B,MAAK,SAAUwB,GACd21B,cAAcF,GACd32B,EAAQkB,EACV,IACCR,OAAM,SAAUkC,GACfi0B,cAAcF,GACd9zB,EAAOD,EACT,GACJ,IAGGlD,MAAK,SAAUwB,GACd,OAAOuyB,EAAAA,EAAAA,GAAoBj2B,EAAK4yB,EAAalvB,EAAsBmxB,EACrE,IACCpR,SAAQ,WACH+U,IAAgBA,EAAYvwB,QAC9BuwB,EAAY1zB,OAEhB,IAEJ,IAAK,YAEH,IAAIw0B,GAAaC,EAAAA,EAAAA,IAAoBv5B,EAAKnI,EAAQ+gC,QAAS/gC,EAAQmV,QAAU4lB,EAAYlxB,OAIzF,IAAI82B,EAIF,MAAM,IAAIt8B,EAAAA,EAAa,+BAGzB,OANEs8B,EAAYhe,SAASjiB,OAAOgvB,GAMvB+R,EACNp3B,MAAK,SAAUwB,GACd,OAAOuyB,EAAAA,EAAAA,GAAoBj2B,EAAK4yB,EAAalvB,EAAsBmxB,EACrE,IAEF,QACE,MAAM,IAAI34B,EAAAA,EAAa,gDAE7B,GACJ,ivBC/MO,SAAe67B,EAAW,sCA8DhC,wCA9DM,WACL/3B,EAAKg4B,EACLC,GAAsB,4EAGjBD,EAAmB,CAAF,+BACOh4B,EAAIS,aAAa+4B,YAAW,OAAvDxB,EAAoB,EAAH,KAAwCn2B,YAAW,UAEjEo2B,EAAe,CAAF,+BACOj4B,EAAIS,aAAa+4B,YAAW,OAAnDvB,EAAgB,EAAH,KAAwCr2B,QAAO,UAGzDo2B,IAAsB5K,EAAAA,EAAAA,IAAc4K,GAAkB,0CAClD/0B,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,iDAA+C,WAGnF+7B,IAAkB5K,EAAAA,EAAAA,IAAU4K,GAAc,0CACtCh1B,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,6CAA2C,QAOnF,GAJKrE,EAAe,CACnB4iB,IAAKud,EAAkByB,YACvBnsB,OAAQ,MACRzL,YAAam2B,EAAkBn2B,cAG7B7B,EAAInI,QAAQ6vB,KAAM,CAAF,iCACI1nB,EAAI2nB,4BAA4B,EAAD,KAAK9vB,GAAO,IAAEgK,YAAam2B,KAAoB,QAA9FzX,EAAU,EAAH,KACb1oB,EAAQ0oB,QAAUA,SACX1oB,EAAQgK,YAAY,kCAGtBwjB,EAAAA,EAAAA,IAAYrlB,EAAKnI,GACrBqK,MAAK,SAAAw3B,GAEJ,OAAIA,EAASC,MAAQ1B,EAAclI,OAAO4J,IACjCD,EAEFz2B,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,0DACzC,IACCgH,OAAM,SAAUkC,GAEf,GAAIA,aAAesa,EAAAA,IAAiB1f,EAAInI,QAAQ6vB,KAAM,CACpD,IAAQ5lB,EAA4BsD,EAA5BtD,MAAOge,EAAqB1a,EAArB0a,iBACf,MAAM,IAAIR,EAAAA,EAAWxd,EAAOge,EAC9B,CAGA,IAAK9f,EAAInI,QAAQ6vB,KAAM,OACjB5sB,EAAIsK,EAKR,GAJIA,aAAesY,EAAAA,GAAftY,MAA+BA,GAAS,QAAN,EAAHA,EAAKwY,YAAI,OAAT,EAAWqH,gBAC5CnqB,EAAI4kB,EAAAA,EAAAA,YAAyBta,EAAIwY,KAAKqH,gBAGpCnqB,aAAa4kB,EAAAA,EAAc,CAC7B,MAAoC5kB,EAA5BgH,EAAK,EAALA,MAAOge,EAAgB,EAAhBA,iBACf,MAAM,IAAIR,EAAAA,EAAWxd,EAAOge,EAC9B,CACF,CAEA,MAAM1a,CACR,KAAE,6CACL,mMC7DM,SAASoyB,EACdx3B,EACAnI,GAEA,GAAIgB,UAAUf,OAAS,EACrB,OAAOmL,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,yEAGzC,MAAmCrE,EAA3B+hC,EAAW,EAAXA,YAAgBvZ,GAAM,YAKxBmY,GAAcqB,EAAAA,EAAAA,IAAUD,QAAAA,EAAe,IAAKvZ,GAOlD,OANAxoB,GAAUqlB,EAAAA,EAAAA,IAAMmD,IAAW,CAAC,EAC5B/nB,OAAOC,OAAO8nB,EAAQ,CACpB2S,QAAS,QACTrY,aAAc,oBACd6d,YAAAA,KAEKD,EAAAA,EAAAA,GAASv4B,EAAKqgB,EACvB,CAEO,SAASoX,EACdz3B,EACAnI,GAED,IAEE,IAAK6M,iBACJ,MAAM,IAAIxI,EAAAA,EAAa,iFAGzB,IAAKrE,EAAQy7B,YACX,MAAM,IAAIp3B,EAAAA,EAAa,2DAGpBrE,EAAQ6J,QACX7J,EAAQ6J,OAAQo4B,EAAAA,EAAAA,OAMlB,IAaIC,EAbEvB,GAAcqB,EAAAA,EAAAA,IAAU,IAAKhiC,GAE7BmV,EAAU,IAAItI,iBAAiB,kBAAD,OAAmB7M,EAAQ6J,QAwB/D,OAtBA7J,GAAUqlB,EAAAA,EAAAA,IAAMrlB,IAAY,CAAC,EAC7BS,OAAOC,OAAOV,EAAS,CACrBm7B,QAAS,QACTrY,aAAc,QACd6d,YAAAA,EACAC,UAAU,EACVzrB,QAAAA,IAgBK,CACL+Y,QAbc,IAAI9iB,SAAuB,SAACT,EAAS6C,GAEnD,OADA00B,EAAgB10B,GACTkzB,EAAAA,EAAAA,GAASv4B,EAAKnI,GACpBqK,MAAK,SAACwB,GAAG,OAAKlB,EAAQkB,EAAI,IAC1BR,OAAM,SAAAkC,GAAG,OAAIC,EAAOD,EAAI,GAC3B,IASE/C,OAPa,WACb2K,EAAQlI,QACRi1B,EAAc,IAAI79B,EAAAA,EAAa,uBACjC,EAMD,CACA,MAAOkJ,GACN,MAAO,CACL2gB,QAAS9iB,QAAQoC,OAAOD,GACxB/C,OAAQ,WAAO,EAElB,CACD,wJChFO,SAAey0B,EAAgB,EAAD,kCAgBpC,wCAhBM,WAA+B92B,EAA6BnI,GAAqB,4FAClF,EAAUC,OAAS,GAAC,yCACfmL,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,6EAA2E,OAGrF,OAA/BrE,GAAUqlB,EAAAA,EAAAA,IAAMrlB,IAAY,CAAC,EAAE,UAELy/B,EAAAA,EAAAA,IAAmBt3B,EAAKnI,GAAQ,OAApD+6B,EAAc,EAAH,KACXhV,GAAOoc,EAAAA,EAAAA,GAAgBh6B,EAAK4yB,GAC5BrL,EAAa3J,EAAKiX,KAAK0B,cAAe1C,EAAAA,EAAAA,GAAqBjB,GACjE5yB,EAAIm2B,mBAAmBK,KAAK5Y,GACxB5d,EAAInI,QAAQ4+B,YACdz2B,EAAInI,QAAQ4+B,YAAYlP,GAExB7qB,OAAO8d,SAASjiB,OAAOgvB,GACxB,4CACF,8HClBM,SAASgQ,EAAiBv3B,EAA6BnI,GAC5D,OAAIgB,UAAUf,OAAS,EACdmL,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,8EAGzCrE,GAAUqlB,EAAAA,EAAAA,IAAMrlB,IAAY,CAAC,EAC7BS,OAAOC,OAAOV,EAAS,CACrBw7B,OAAQ,OACR1Y,aAAc,oBACdqY,QAAS,QAEJuF,EAAAA,EAAAA,GAASv4B,EAAKnI,GACvB,kKCIA,SAASoiC,EAAiBv2B,EAAoBmvB,GAC5C,GAAInvB,EAAW,OAAKA,EAAuB,kBACzC,MAAM,IAAI4b,EAAAA,EAAW5b,EAAW,MAAGA,EAAuB,mBAG5D,GAAIA,EAAIhC,QAAUmxB,EAAYnxB,MAC5B,MAAM,IAAIxF,EAAAA,EAAa,wDAE3B,CAEO,SAAe+5B,EAAoB,EAAD,sCAiJxC,wCAjJM,WACLj2B,EACA4yB,EACAlvB,EACAmxB,GAAiB,qGAEsB,IAAL,IAArB70B,EAAInI,QAAQqiC,OAIZx2B,EAAI2wB,OAAQ3wB,EAAIy2B,iBAAiB,yCACrCn6B,EAAIY,MAAM80B,sBAAsBp9B,OAAOC,OAAO,CAAC,EAAGq6B,EAAa,CACpEqB,kBAAmBvwB,EAAI2wB,KACvBH,gBAAiBxwB,EAAIy2B,mBACnBtF,IAAK,OAoBwB,GAjBnCjC,EAAcA,IAAegD,EAAAA,EAAAA,GAAsB51B,GACnD60B,EAAOA,IAAQc,EAAAA,EAAAA,IAAa31B,EAAK4yB,GAE7B1O,EAAe0O,EAAY1O,cAAgB,GAC1CpX,MAAM0Z,QAAQtC,IAAkC,SAAjBA,IAClCA,EAAe,CAACA,IAKhByP,EADEjwB,EAAIkwB,MACGlwB,EAAIkwB,MAAM15B,MAAM,MAEhBgjB,EAAAA,EAAAA,IAAM0V,EAAYe,QAEvB9b,EAAW+a,EAAY/a,UAAY7X,EAAInI,QAAQggB,SAGrDoiB,EAAiBv2B,EAAKkvB,IAElBA,EAAYlL,KAAM,CAAF,gBACO,IAA6B,QADpC,EACuB,QADvB,EACY1nB,EAAInI,eAAO,aAAX,EAAauiC,mBAAW,QAAI,CAAEC,mBAAmB,IAAvEA,mBAIqC,SAAnB32B,EAAI42B,WAAqB,uBAC3C,IAAIp+B,EAAAA,EAAa,0FAAyF,QAoDnH,GAhDKq+B,EAAY,CAAC,EACbC,EAAY92B,EAAI+2B,WAChBjJ,EAAY9tB,EAAI42B,WAChBz4B,EAAc6B,EAAIg3B,aAClB94B,EAAU8B,EAAIi3B,SACd53B,EAAeW,EAAIwxB,cACnBx7B,EAAMmK,KAAKsH,MAAM1R,KAAKC,MAAM,KAE9BmI,IACI+4B,EAAY56B,EAAIY,MAAM82B,OAAO71B,GACnC04B,EAAU14B,YAAc,CACtBA,YAAaA,EACbkuB,OAAQ6K,EAAUrd,QAClBpgB,UAAW09B,OAAOL,GAAa9gC,EAC/B83B,UAAWA,EACXmC,OAAQA,EACR4C,aAAc1B,EAAK0B,aACnBkD,YAAa5E,EAAK4E,aAGhB7G,EAAYnB,aACd8I,EAAU14B,YAAY4vB,WAAamB,EAAYnB,YAG7CmB,EAAYmB,cACdwG,EAAU14B,YAAYkyB,YAAcnB,EAAYmB,cAIhDhxB,IACFw3B,EAAUx3B,aAAe,CACvBA,aAAcA,EAGd5F,UAAW09B,OAAOL,GAAa9gC,EAC/Bi6B,OAAQA,EACRmB,SAAUD,EAAKC,SACfyB,aAAc1B,EAAK0B,aACnB3T,OAAQiS,EAAKjS,QAGXgQ,EAAYnB,aACd8I,EAAUx3B,aAAa0uB,WAAamB,EAAYnB,YAG9CmB,EAAYmB,cACdwG,EAAUx3B,aAAagxB,YAAcnB,EAAYmB,eAIjDnyB,EAAS,CAAF,gBA0BR,OAzBKk5B,EAAQ96B,EAAIY,MAAM82B,OAAO91B,GACzBm5B,EAAsB,CAC1Bn5B,QAASA,EACTmuB,OAAQ+K,EAAMvd,QACdpgB,UAAW29B,EAAMvd,QAAQyd,IAAOF,EAAMvd,QAAQ+U,IAAO54B,EACrDi6B,OAAQA,EACR4C,aAAc1B,EAAK0B,aACnB3T,OAAQiS,EAAKjS,OACb/K,SAAUA,GAGR+a,EAAYmB,cACdgH,EAAWhH,YAAcnB,EAAYmB,aAGjCkH,EAAsC,CAC1CpjB,SAAUA,EACV+K,OAAQiS,EAAKjS,OACb+O,MAAOiB,EAAYjB,MACnB9vB,YAAaA,EACb2xB,UAAWZ,EAAYY,gBAGW9sB,IAAhCksB,EAAYiD,kBACdoF,EAAiBpF,gBAAkBjD,EAAYiD,iBAChD,WAEK5Y,EAAAA,EAAAA,GAAYjd,EAAK+6B,EAAYE,GAAiB,QACpDV,EAAU34B,QAAUm5B,EAAW,YAIM,IAAnC7W,EAAavmB,QAAQ,UAAoB48B,EAAU14B,YAAW,uBAE1D,IAAI3F,EAAAA,EAAa,iHAAgH,YAE/F,IAAtCgoB,EAAavmB,QAAQ,aAAuB48B,EAAU34B,QAAO,uBAEzD,IAAI1F,EAAAA,EAAa,gHAA+G,iCAGjI,CACL6Y,OAAQwlB,EACR74B,MAAOgC,EAAIhC,MACX2yB,KAAM3wB,EAAI2wB,KACVnQ,aAAAA,IACD,6CAEF,q2HCxKKgX,EAAU,CACdr5B,YAAa,eACbD,QAAS,WACTmB,aAAc,iBAIT,SAAeo1B,EAAc,sCAyCnC,wCAzCM,WAA+Bn4B,EAAKm7B,EAAiBv6B,GAAa,yFAOtE,GALGiX,EAAmB7X,EAAInI,QAAQggB,SAC/Byc,EAAmCt0B,EAAInI,QAAQy8B,aAE9C1zB,IACHA,EAAQZ,EAAIS,aAAa+4B,YAAY2B,IAGlCv6B,EAAO,CAAF,qBACF,IAAI1E,EAAAA,EAAa,kBAAD,OAAmBi/B,EAAI,6BAA2B,OASpC,GAAtCvY,GALEA,EADEuY,IAASC,EAAAA,GAAAA,OACI,QAAL,EAAAx6B,SAAK,aAAN,EAAgBgiB,OAGV,QAAL,EAAAhiB,SAAK,OAAgB,QAAhB,EAAN,EAAgBmvB,cAAM,WAAhB,EAAN,EAAwBsL,MAEhBr7B,EAAInI,QAAQ+qB,OAE1B/K,EAAU,CAAF,qBACL,IAAI3b,EAAAA,EAAa,kFAAiF,UAErG0mB,EAAQ,CAAF,sBACH,IAAI1mB,EAAAA,EAAa,yBAAwB,0BAGQi5B,EAAAA,EAAAA,GAAan1B,EAAK4iB,GAAO,QAMvE,OANuE,SAAlD0Y,EAAa,EAArCC,uBACFC,EAAalH,GAAenZ,EAAAA,EAAAA,IAAK,GAAD,OAAItD,EAAQ,YAAIyc,KAAkBnZ,EAAAA,EAAAA,IAAKtD,GACvEpf,GAAOqqB,EAAAA,EAAAA,IAAc,CAEzB2Y,gBAAiBP,EAAQC,GACzBv6B,MAAOA,EAAMu6B,KACZzgC,MAAM,GAAE,mBACJosB,EAAAA,EAAAA,IAAK9mB,EAAKs7B,EAAe7iC,EAAM,CACpC8nB,QAAS,CACP,eAAgB,oCAChB,cAAiB,SAAWib,MAE9B,6CACH,0JCnED,SAASE,IACP,OAAOA,EAAO,oBAAsBnd,SAAWA,QAAQjkB,IAAMikB,QAAQjkB,IAAIyV,OAAS,SAAUjV,EAAGujB,EAAGK,GAChG,IAAIK,ECFR,SAAwBV,EAAGpP,GACzB,MAAQ,CAAC,EAAEyd,eAAeld,KAAK6O,EAAGpP,IAAM,QAAUoP,GAAI,EAAAY,EAAA,GAAeZ,MACrE,OAAOA,CACT,CDDY,CAAcvjB,EAAGujB,GACzB,GAAIU,EAAG,CACL,IAAIH,EAAItmB,OAAOqjC,yBAAyB5c,EAAGV,GAC3C,OAAOO,EAAEtkB,IAAMskB,EAAEtkB,IAAIkV,KAAK3W,UAAUf,OAAS,EAAIgD,EAAI4jB,GAAKE,EAAEvlB,KAC9D,CACF,EAAGqiC,EAAK1e,MAAM,KAAMnkB,UACtB,4xBEuCO,SAAS6gB,EAUdR,EACAD,GAEF,MACQ2iB,ECzCC,SAAP,keAAO,EAAP,sBAyCG,OAzCH,sCACE,SAAe7hB,EAAqBrY,GAEXm6B,EAAAA,EAAAA,oBACR3+B,QAAQmC,EAAAA,0BAA2B0a,IAGlDrY,EAAQA,GAAS3J,KAAKF,QAAQ6J,QAEN3J,KAAK0tB,eAAeqW,wBAC5B5+B,QAAQwE,EAAOqY,EAEjC,GAAC,4BAED,SAAerY,GAGb,GADAA,EAAQA,GAAS3J,KAAKF,QAAQ6J,MACnB,CACT,IACMqY,EADgBhiB,KAAK0tB,eAAeqW,wBACR7+B,QAAQyE,GAC1C,GAAIqY,EACF,OAAOA,CAEX,CAGA,IAAMze,EAAUugC,EAAAA,EAAAA,oBAChB,OAAOvgC,GAAUA,EAAQ2B,QAAQoC,EAAAA,iCAA0CqH,CAC7E,GAAC,+BAED,SAAkBhF,GAOhB,GALgBm6B,EAAAA,EAAAA,oBACRz+B,WAAWiC,EAAAA,2BAGnBqC,EAAQA,GAAS3J,KAAKF,QAAQ6J,MACnB,CACT,IAAMqtB,EAAgBh3B,KAAK0tB,eAAeqW,wBAC1C/M,EAAc3xB,YAAc2xB,EAAc3xB,WAAWsE,EACvD,CACF,KAAC,EAzCI,CDyCoCwX,GAC3C,OAAO,EAAP,6BA6VG,EAtBA,EA/EA,EAjDA,EAnBA,EATA,EA1BA,EAhBA,EApBA,EAxBA,EAzCA,MA5CH,uaAaE,aAA4B,iDAAbzgB,EAAI,yBAAJA,EAAI,gBAsBsB,OArBvC,+BAASA,KAAM,oRAEf,EAAK09B,mBAAqB,IAAIld,EAA8B3gB,OAAOC,OAAO,CACxEktB,eAAgB,EAAKA,gBACpB,EAAK5tB,QAAQs+B,qBAEhB,EAAK+D,KAAO,CACV16B,8BAA+Bu8B,EAAAA,EAAAA,8BAC/BC,iBAAkBD,EAAAA,EAAAA,iBAClBE,iBAAkBF,EAAAA,EAAAA,kBAGpB,EAAK77B,SAAW,CAAEg8B,aAAa,GAE/B,EAAKC,YAAc,IAAI57B,EAAAA,EAEvB,EAAKK,OAAQ81B,EAAAA,EAAAA,IAAe,UAAM,EAAKyF,aAGvC,EAAK17B,aAAe,IAAIqrB,EAAAA,GAAa,UAAM,EAAKj0B,QAAQ4I,cAExD,EAAK27B,WAAYhE,EAAAA,EAAAA,IAAgB,WAAM,CACzC,CAqVC,OArVA,oCAGD,WACE,uDAGArgC,KAAK0I,aAAa+F,OACpB,GAAC,kDAKD,kHAOmB,GAPG3O,EAAkC,EAAH,6BAAG,CAAC,EAAC,EAEtBE,KAAK0I,aAAaiX,aAA5CvC,EAAS,EAATA,UAAWI,EAAU,EAAVA,WAEb0Y,EAAcp2B,EAAQwkC,eAA4C,UAA3BxkC,EAAQwkC,eAA6BlnB,EAC5EmnB,EAAezkC,EAAQwkC,eAA4C,WAA3BxkC,EAAQwkC,eAA8B9mB,EAAU,EAExExd,KAAK0I,aAAaqC,kBAAlCjB,EAAW,EAAXA,eACa9J,KAAK0I,aAAayU,WAAWrT,GAAY,iBAClC,GAAxBA,OAAc6E,GACVunB,EAAa,CAAF,0CAESl2B,KAAK0I,aAAa6U,MAAM,eAAc,QAA1DzT,EAAc,EAAH,uFAIJy6B,GACTvkC,KAAK0I,aAAa1F,OAAO,eAC1B,QAGU,GAHV,EAGehD,KAAK0I,aAAaqC,kBAA9BlB,EAAO,EAAPA,WACS7J,KAAK0I,aAAayU,WAAWtT,GAAQ,iBAC9B,GAApBA,OAAU8E,GACNunB,EAAa,CAAF,2CAEKl2B,KAAK0I,aAAa6U,MAAM,WAAU,QAAlD1T,EAAU,EAAH,wFAIA06B,GACTvkC,KAAK0I,aAAa1F,OAAO,WAC1B,oCAGO8G,IAAeD,IAAQ,kEAClC,kGAGD,sGACmD,GAAzCmY,GADe8I,EAAkC,EAAH,6BAAG,CAAC,GAClD9I,YAAgBwiB,GAAgB,OAAK1Z,EAAI,IAC9C9qB,KAAKmI,SAASg8B,YAAa,CAAF,gDAcN,OATtBnkC,KAAKmI,SAASg8B,aAAc,EAAK,SAG3BniB,GACFhiB,KAAKykC,eAAeziB,GAEhBsG,EAAS/nB,OAAOC,OAAO,CAE3Bo7B,OAAQ57B,KAAKF,QAAQ87B,QAAU,CAAC,SAAU,QAAS,YAClD4I,GAAiB,UACdxkC,KAAK6I,MAAMk2B,gBAAgBzW,GAAO,QAEN,OAFM,UAExCtoB,KAAKmI,SAASg8B,aAAc,EAAM,2EAErC,uFAED,wFAC8B,OAD9B,EACmCnkC,KAAK0I,aAAaqC,gBAA3ClB,EAAO,EAAPA,QAASC,EAAW,EAAXA,YAAW,kBACrB9J,KAAK6I,MAAMm3B,YAAYl2B,EAAaD,IAAQ,gDACpD,qEAED,WACE,IAAQA,EAAY7J,KAAK0I,aAAaqC,gBAA9BlB,QACR,OAAOA,EAAUA,EAAQA,aAAU8E,CACrC,GAAC,4BAED,WACE,IAAQ7E,EAAgB9J,KAAK0I,aAAaqC,gBAAlCjB,YACR,OAAOA,EAAcA,EAAYA,iBAAc6E,CACjD,GAAC,6BAED,WACE,IAAQ3D,EAAiBhL,KAAK0I,aAAaqC,gBAAnCC,aACR,OAAOA,EAAeA,EAAaA,kBAAe2D,CACpD,GAAC,wDAED,4FACqB,GADrB,EAC0B3O,KAAK0I,aAAaqC,kBAAlCjB,EAAW,EAAXA,cACY9J,KAAK0I,aAAayU,WAAWrT,GAAY,yCACpDA,EAAYA,aAAW,OAGkC,OAHlC,SAGxB9I,EAAMhB,KAAK0I,aAAa0W,oBAAoB,eAAc,SAC5Cpf,KAAK0I,aAAa6U,MAAMvc,QAAAA,EAAO,eAAc,OAAtD,OAAL6H,EAAQ,EAAH,uBAC+B,QAD/B,EACHA,aAAK,EAALA,EAAuBiB,mBAAW,QAAI,MAAI,QAGlB,OAHkB,0BAGlD9J,KAAKE,QAAQ8J,KAAK,QAAS,EAAF,IAAO,kBACzB,MAAI,0DAEd,uGAKD,sGACyChK,KAAK6I,MAAMo2B,eAAc,gBAAxDjiB,EAAM,EAANA,OACa,SADO,EAAZmP,cAEdnsB,KAAK0I,aAAawZ,UAAUlF,GAC7B,gDACF,0EAED,WACE,OAAO+E,EAAAA,EAAAA,IAAgB/hB,KACzB,GAAC,oBAED,WACE,QAASA,KAAKF,QAAQqiC,IACxB,GAAC,6BAED,SAAgBhW,GACd,OAAOuY,EAAAA,EAAAA,IAAgBvY,EAAcnsB,KAAKF,QAC5C,GAAC,qCAED,WACE,OAAOE,KAAK0kC,gBAAgB,OAC9B,GAAC,kDAGD,WAAsB5kC,GAAuB,0EACtCA,EAAQgK,YAAa,CAAF,+BACK9J,KAAK0I,aAAa+4B,YAAW,OAAlD33B,EAAc,EAAH,KAAyCA,YAC1DhK,EAAQgK,YAAcA,aAAW,EAAXA,EAAaA,YAAY,iCAE1CwjB,EAAAA,EAAAA,IAAYttB,KAAMF,IAAQ,gDAClC,kGAGD,WAAwBgK,GAAyB,4EAC1CA,EAAa,CAAF,gCACO9J,KAAK0I,aAAa+4B,YAAW,OAGT,GAHnCzkB,EAAS,EAAH,KACZlT,EAAckT,EAAOlT,YACf66B,EAAiB3kC,KAAK0I,aAAa0W,oBAAoB,eAC7Dpf,KAAK0I,aAAa1F,OAAO2hC,IAErB3kC,KAAKF,QAAQ6vB,KAAM,CAAF,kCACb2J,EAAAA,EAAAA,IAA4B,SAAUtc,GAAO,WAIlDlT,EAAa,CAAF,yCACPoB,QAAQT,QAAQ,OAAK,iCAEvBzK,KAAK6I,MAAM+2B,OAAO91B,IAAY,iDACtC,mGAGD,WAAyBkB,GAA2B,4EAC7CA,EAAc,CAAF,gCACMhL,KAAK0I,aAAa+4B,YAAW,OAGR,GAHpCzkB,EAAS,EAAH,KACZhS,EAAegS,EAAOhS,aAChB45B,EAAkB5kC,KAAK0I,aAAa0W,oBAAoB,gBAC9Dpf,KAAK0I,aAAa1F,OAAO4hC,IAErB5kC,KAAKF,QAAQ6vB,KAAM,CAAF,kCACb2J,EAAAA,EAAAA,IAA4B,UAAWtc,GAAO,WAInDhS,EAAc,CAAF,yCACRE,QAAQT,QAAQ,OAAK,iCAEvBzK,KAAK6I,MAAM+2B,OAAO50B,IAAa,iDACvC,iFAED,WAA+D,IAAzClL,EAAqC,UAAH,6CAAG,CAAC,EAExD+J,EAGE/J,EAHF+J,QACAg7B,EAEE/kC,EAFF+kC,sBACAl7B,EACE7J,EADF6J,MAKF,GAHKE,IACHA,EAAU7J,KAAK0I,aAAaqC,gBAAgBlB,UAEzCA,EACH,MAAO,QAEqB8E,IAA1Bk2B,IACFA,EAAwB7kC,KAAKF,QAAQ+kC,uBAGvC,IAAMC,GAAYlH,EAAAA,EAAAA,IAAa59B,MAAM8kC,UAC/BC,EAAcl7B,EAAQA,QACxBm7B,EAAYF,EAAY,kBAAoBjjC,mBAAmBkjC,GASnE,OARIF,IACFG,GAAa,6BAA+BnjC,mBAAmBgjC,IAG7Dl7B,IACFq7B,GAAa,UAAYnjC,mBAAmB8H,IAGvCq7B,CACT,GAAC,0CAID,WAAcllC,GAAwB,qGAgCnC,GA/BDA,EAAUS,OAAOC,OAAO,CAAC,EAAGV,GAGtBmlC,EAAatgC,OAAO8d,SAASyiB,OAC7BC,EAAaxgC,OAAO8d,SAASE,KAK7BkiB,EAA0D,OAAlC/kC,EAAQ+kC,sBAAiC,KACpE/kC,EAAQ+kC,uBACN7kC,KAAKF,QAAQ+kC,uBACbI,EACCt7B,EAAe,QAAV,EAAG7J,SAAO,aAAP,EAAS6J,MAGnBG,EAAchK,EAAQgK,YACtBkB,EAAelL,EAAQkL,aACrBo6B,GAAkD,IAA9BtlC,EAAQslC,mBAC5BC,GAAoD,IAA/BvlC,EAAQulC,0BAEe,IAAjBr6B,IAC/BA,EAAehL,KAAK0I,aAAaqC,gBAAgBC,cAG/Co6B,QAA4C,IAAhBt7B,IAC9BA,EAAc9J,KAAK0I,aAAaqC,gBAAgBjB,aAG7ChK,EAAQ+J,UACX/J,EAAQ+J,QAAU7J,KAAK0I,aAAaqC,gBAAgBlB,UAGlDw7B,IAAsBr6B,EAAY,kCAC9BhL,KAAKqlC,mBAAmBr6B,GAAa,YAGzCo6B,IAAqBt7B,EAAW,kCAC5B9J,KAAKolC,kBAAkBt7B,GAAY,QAG2B,GAAhE4vB,EAAoC,QAA1B,EAAc,QAAd,EAAG5vB,SAAW,aAAX,EAAa4vB,kBAAU,QAAgB,QAAhB,EAAI1uB,SAAY,aAAZ,EAAc0uB,YACxD15B,KAAKF,QAAQ6vB,OAAQ+J,EAAU,mCAC3BR,EAAAA,EAAAA,IAAiBQ,GAAW,QAG+C,GAA7EsL,EAAYhlC,KAAKslC,sBAAsB,EAAD,KAAMxlC,GAAO,IAAE+kC,sBAAAA,KAG3C,CAAF,iCAEgB7kC,KAAKulC,eAAc,QAU9C,OAVKC,EAAgB,EAAH,KACbjK,EAAc,IAAIkK,IAAIZ,GAAyBI,GACjDt7B,GACF4xB,EAAYmK,aAAaC,OAAO,QAASh8B,GAEvCk7B,IAA0BM,EAE5BxgC,OAAO8d,SAASE,KAAO4Y,EAAY5Y,KAEnChe,OAAO8d,SAASjiB,OAAO+6B,EAAY5Y,MACpC,kBACM6iB,GAAa,QASc,OAP9B1lC,EAAQ8lC,0BAEV5lC,KAAK0I,aAAa+F,QAElBzO,KAAK0I,aAAam9B,wBAGpBlhC,OAAO8d,SAASjiB,OAAOwkC,GAAW,mBAC3B,GAAI,iDAEd,4GAED,WAAmC1c,GAAmB,gFAC/CtoB,KAAKF,QAAQ6vB,KAAM,CAAF,qBACd,IAAIxrB,EAAAA,EAAa,mDAAkD,OAM1E,IAHK2F,EAAgBwe,EAAhBxe,eAEJA,EAAe9J,KAAK0I,aAAaqC,gBAAiBjB,aAG/CA,EAAa,CAAF,qBACR,IAAI3F,EAAAA,EAAa,oDAAmD,wBAGtD80B,EAAAA,EAAAA,IAAuB,QAAZ,EAACnvB,SAAW,aAAX,EAAa4vB,YAAW,OAA7C,OAAPV,EAAU,EAAH,gBACOW,EAAAA,EAAAA,IAAkB,EAAD,KAAKrR,GAAM,IAAE0Q,QAAAA,EAASlvB,YAAaA,EAAYA,eAAa,QAAtF,OAAL4yB,EAAQ,EAAH,uBACJ,CACL7M,cAAe,QAAF,OAAU/lB,EAAYA,aACnCgmB,KAAM4M,IACP,iDACF,iGAED,sGAAsC,KAAN,iCAChB,CAAF,yCACHvD,EAAAA,EAAAA,OAAsB,uBAGVn5B,KAAK0I,aAAa+4B,YAAW,OAC+B,GAD3EzkB,EAAS,EAAH,OACNgc,GAA4B,QAAlB,EAAAhc,EAAOlT,mBAAW,aAAlB,EAAoB4vB,cAAiC,QAAvB,EAAI1c,EAAOhS,oBAAY,aAAnB,EAAqB0uB,aAE1D,CAAF,kCACHR,EAAAA,EAAAA,IAAiBF,GAAQ,iDAElC,iFAED,SAAwBxQ,GACtB,IAAMsd,EAAUne,EAAAA,EAAAA,yBAAsCa,GAChDud,EAASpe,EAAAA,EAAAA,YAAyBme,QAAAA,EAAW,IACnD,IAAIhO,EAAAA,EAAAA,IAAiBiO,GAAS,SACxBnM,EAAuB,KAK3B,OAJInR,EAAAA,EAAAA,IAAYD,aAAO,EAAPA,EAAqBjmB,OACnCq3B,EAASpR,EAAoBjmB,IAAI,eAEG,QAAjC,EAAQ,QAAR,EAAGq3B,SAAK,QAAIpR,EAAQ,qBAAa,QAAIA,EAAQ,aAEpD,CAEA,OAAO,IACT,KAAC,EAzXH,CAAmCqb,IAAe,kBAGrBpf,GAAM,CAyXrC,qLE3bakS,GAAsB,ilBCyD5B,SAAS7T,IAEd,OAAO,SAAP,+bA4CE,WAAYhjB,GAAc,MA0DvB,OA1DuB,eACxB,cAAMA,IAAS,2nCA3ErB,SAA2BY,GAGzB,IAAIk7B,GAFJl7B,EAAOA,GAAQ,CAAC,GAEEk7B,OAClB,GAAIA,IAAW7mB,MAAM0Z,QAAQmN,GAC3B,MAAM,IAAIz3B,EAAAA,EAAa,kGAKzB,IAAI0mB,EAASnqB,EAAKmqB,OAClB,IAAKA,EACH,MAAM,IAAI1mB,EAAAA,EAAa,iIAKzB,IADiB,IAAI6hC,OAAO,iBACZ9c,KAAK2B,GACnB,MAAM,IAAI1mB,EAAAA,EAAa,4HAIzB,IAAuC,IAAnC0mB,EAAOjlB,QAAQ,eACjB,MAAM,IAAIzB,EAAAA,EAAa,yIAG3B,CAmDM8hC,CAAkBnmC,GAElB,EAAK+qB,QAASqb,EAAAA,EAAAA,IAAoBpmC,EAAQ+qB,QAC1C,EAAKkS,UAAWmJ,EAAAA,EAAAA,IAAoBpmC,EAAQi9B,UAC5C,EAAKyB,cAAe0H,EAAAA,EAAAA,IAAoBpmC,EAAQ0+B,cAChD,EAAKkD,aAAcwE,EAAAA,EAAAA,IAAoBpmC,EAAQ4hC,aAC/C,EAAKyE,WAAYD,EAAAA,EAAAA,IAAoBpmC,EAAQqmC,WAC7C,EAAKrB,WAAYoB,EAAAA,EAAAA,IAAoBpmC,EAAQglC,WAE7C,EAAK3C,MAAwB,IAAjBriC,EAAQqiC,KACpB,EAAKriB,SAAWhgB,EAAQggB,SACxB,EAAKyb,YAAcz7B,EAAQy7B,aACvB7e,EAAAA,EAAAA,eACF,EAAK6e,aAAc6K,EAAAA,EAAAA,IAActmC,EAAQy7B,YAAa52B,OAAO8d,SAASyiB,SAExE,EAAK/Y,aAAersB,EAAQqsB,aAC5B,EAAKvJ,aAAe9iB,EAAQ8iB,aAC5B,EAAKjZ,MAAQ7J,EAAQ6J,MACrB,EAAKiyB,OAAS97B,EAAQ87B,OAEtB,EAAKkC,kBAAoBh+B,EAAQg+B,gBACjC,EAAK/C,cAAgBj7B,EAAQi7B,cAC7B,EAAKC,oBAAsBl7B,EAAQk7B,oBACnC,EAAKS,UAAY37B,EAAQ27B,UACzB,EAAKJ,OAASv7B,EAAQu7B,OACtB,EAAK1L,MAAwB,IAAjB7vB,EAAQ6vB,KACpB,EAAK0S,YAAc,EAAH,CACdC,mBAAmB,GAChBxiC,EAAQuiC,aAGb,EAAK35B,aAAe5I,EAAQ4I,aAC5B,EAAKm8B,sBAAwB/kC,EAAQ+kC,sBACrC,EAAKriB,mBAAqB1iB,EAAQ0iB,mBAClC,EAAK4b,mBAAqB,EAAH,CAAKzH,oBAAAA,GAAwB72B,EAAQs+B,oBAE5D,EAAK7B,aAAez8B,EAAQy8B,aAC5B,EAAKmC,YAAc5+B,EAAQ4+B,YAK3B,EAAK2H,iBAAmBvmC,EAAQumC,eAS3BvmC,EAAQwmC,cAAyC,IAAzBxmC,EAAQwmC,aAGnC,EAAKA,aAAexmC,EAAQwmC,aAF5B,EAAKA,aAAe5/B,EAAAA,uBAGrB,CAEH,CAAC,iBAxGI,EADwB4lB,EAAAA,EAAAA,KA2GjC,oQCtHO,SAASia,EAAgBt+B,GAE9B,IAAIu+B,EAAsBv+B,EAAInI,QAAQqiC,KAAO,QAAU,WAEvD,OADmBl6B,EAAInI,QAAQ8iB,cAAgB4jB,CAEjD,CAEO,SAASpkB,EAA0Bna,EAAKnI,GAC7CA,EAAUA,GAAW,CAAC,GAClBmtB,EAAAA,EAAAA,IAASntB,KACXA,EAAU,CAAE4iB,IAAK5iB,IAKnB,IAGI2mC,EAHA/jB,EAAM5iB,EAAQ4iB,IACdE,EAAe9iB,EAAQ8iB,cAAgB2jB,EAAgBt+B,GACvDy+B,EAAYz+B,EAAIY,MAAMo2B,aAAaI,eASvC,KALEoH,EADmB,UAAjB7jB,EACSF,EAAMA,EAAIzW,UAAUyW,EAAI9c,QAAQ,MAAQ8gC,EAAUC,OAElDjkB,EAAMA,EAAIzW,UAAUyW,EAAI9c,QAAQ,MAAQ8gC,EAAU1hB,MAI7D,MAAM,IAAI7gB,EAAAA,EAAa,wCAGzB,OAAOyiC,EAAAA,EAAAA,GAAkBH,EAC3B,CAEO,SAASI,EAA0B5+B,EAAKnI,GAG5B,WADIA,EAAQ8iB,cAAgB2jB,EAAgBt+B,IA9C/D,SAAsBA,GACpB,IAAI6+B,EAAgB7+B,EAAIY,MAAMo2B,aAAaE,cACvC4H,EAAY9+B,EAAIY,MAAMo2B,aAAaK,eACnCoH,EAAYz+B,EAAIY,MAAMo2B,aAAaI,eACnCyH,GAAiBA,EAAcE,aACjCF,EAAcE,aAAa,KAAMD,EAAUE,MAAOP,EAAUQ,SAAWR,EAAU1hB,MAEjF0hB,EAAUC,OAAS,EAEvB,CAsC6BQ,CAAal/B,GA1D1C,SAAoBA,GAClB,IAAI6+B,EAAgB7+B,EAAIY,MAAMo2B,aAAaE,cACvC4H,EAAY9+B,EAAIY,MAAMo2B,aAAaK,eACnCoH,EAAYz+B,EAAIY,MAAMo2B,aAAaI,eACnCyH,GAAiBA,EAAcE,aACjCF,EAAcE,aAAa,KAAMD,EAAUE,MAAOP,EAAUQ,SAAWR,EAAUC,QAEjFD,EAAU1hB,KAAO,EAErB,CAiDiDoiB,CAAWn/B,EAC5D,CAEO,SAAeg3B,EAAa,EAAD,kCA4CjC,wCA5CM,WAA4Bh3B,EAAKnI,GAAsC,6EAY1E,GAXFA,EAAUA,GAAW,CAAC,GAClBmtB,EAAAA,EAAAA,IAASntB,KACXA,EAAU,CAAE4iB,IAAK5iB,IAKb6L,EAAqByW,EAA0Bna,EAAKnI,GACpD6J,EAAQgC,EAAIhC,MACZmxB,EAA+B7yB,EAAIm2B,mBAAmB7G,KAAK,CAC/D5tB,MAAAA,IAEgB,CAAF,mBACV1B,EAAInI,QAAQqiC,KAAM,CAAF,qBAEZ,IAAIh+B,EAAAA,EAAa,+JAA2JwK,GAAU,aAExL,IAAIxK,EAAAA,EAAa,yDAAwD,OAQhF,OANK24B,EAAmBhC,EAAYgC,YAC9BhC,EAAYgC,KAEdh9B,EAAQ4iB,KAEXmkB,EAA0B5+B,EAAKnI,GAChC,mBAEMo+B,EAAAA,EAAAA,GAAoBj2B,EAAK6yB,EAAanvB,EAAKmxB,GAC/C3xB,OAAM,SAAAkC,GAML,MALKg6B,EAAAA,EAAAA,IAA2Bh6B,IAC9BpF,EAAIm2B,mBAAmB3vB,MAAM,CAC3B9E,MAAAA,IAGE0D,CACR,IACClD,MAAK,SAAAwB,GAIJ,OAHA1D,EAAIm2B,mBAAmB3vB,MAAM,CAC3B9E,MAAAA,IAEKgC,CACT,KAAE,6CAEL,kKCjHD,SAAS27B,IACP,MAAM,IAAInjC,EAAAA,EACR,qFAEJ,CAGA,SAASojC,EAAeC,EAAsBxqB,GAC5C,OAAIsY,EAAAA,EAAAA,IAAUkS,GACLxqB,EAAOnT,SAEZwrB,EAAAA,EAAAA,IAAcmS,GACTxqB,EAAOlT,iBAEhBw9B,GACF,CAGO,SAAexH,EAAW,EAAD,kCAmC/B,wCAnCM,WAA0B73B,EAA6BY,GAAY,uFAK3B,IAJxCysB,EAAAA,EAAAA,IAAUzsB,KAAWwsB,EAAAA,EAAAA,IAAcxsB,IACtCy+B,MAGEtqB,EAAS/U,EAAIS,aAAaqC,iBACnBC,aAAc,CAAF,gCACN+0B,EAAAA,EAAAA,GAAuB93B,EAAK,CACzC2zB,OAAQ/yB,EAAM+yB,QACb5e,EAAOhS,cAAa,OAFjB,OAANgS,EAAS,EAAH,uBAGCuqB,EAAe1+B,EAAOmU,IAAO,OAYoC,OAPxEmP,EADElkB,EAAInI,QAAQqiC,KACC,QACN9M,EAAAA,EAAAA,IAAcxsB,GACR,QAEA,WAGT+yB,GAFP,EAE8E/yB,GAAvE+yB,OAAQ4C,EAAY,EAAZA,aAAckD,EAAW,EAAXA,YAAa7W,EAAM,EAANA,OAAQ6O,EAAU,EAAVA,WAAYsC,EAAW,EAAXA,YAAW,mBACnEwD,EAAAA,EAAAA,GAAiBv3B,EAAK,CAC3BkkB,aAAAA,EACAyP,OAAAA,EACA4C,aAAAA,EACAkD,YAAAA,EACA7W,OAAAA,EACA6O,WAAAA,EACAsC,YAAAA,IAEC7xB,MAAK,SAAUwB,GACd,OAAO47B,EAAe1+B,EAAO8C,EAAIqR,OACnC,KAAE,6CACL,kKClDM,SAAeoZ,EAAY,EAAD,kCA6ChC,wCA7CM,WAA2BnuB,EAAKnI,GAA2B,+FACE,KAA5Dkd,EAAwB,QAAlB,EAAU,QAAV,EAAGld,SAAO,aAAP,EAASkd,cAAM,QAAI/U,EAAIS,aAAaqC,iBACxCC,aAAc,CAAF,yCACd+0B,EAAAA,EAAAA,GAAuB93B,EAAKnI,GAAW,CAAC,EAAGkd,EAAOhS,eAAa,UAGnEgS,EAAOlT,aAAgBkT,EAAOnT,QAAO,sBAClC,IAAI1F,EAAAA,EAAa,2DAA0D,OAKhC,GAF7C2F,EAAckT,EAAOlT,aAAe,CAAC,EACrCD,EAAUmT,EAAOnT,SAAW,CAAC,EAC7B+xB,EAAS9xB,EAAY8xB,QAAU/xB,EAAQ+xB,OAChC,CAAF,sBACH,IAAIz3B,EAAAA,EAAa,sDAAqD,QAET,GAA/Dq6B,EAAe10B,EAAY00B,cAAgB30B,EAAQ20B,aACtC,CAAF,sBACT,IAAIr6B,EAAAA,EAAa,4DAA2D,QAsBnF,OApBKu9B,EAAc53B,EAAY43B,aAAez5B,EAAInI,QAAQ4hC,YACrD7W,EAAShhB,EAAQghB,QAAU5iB,EAAInI,QAAQ+qB,OACvC6O,EAAa5vB,aAAW,EAAXA,EAAa4vB,WAC1BsC,GAAclyB,aAAW,EAAXA,EAAakyB,eAAenyB,aAAO,EAAPA,EAASmyB,aAGzDl8B,EAAUS,OAAOC,OAAO,CACtBo7B,OAAAA,EACA4C,aAAAA,EACAkD,YAAAA,EACA7W,OAAAA,EACA6O,WAAAA,EACAsC,YAAAA,GACCl8B,GAECmI,EAAInI,QAAQqiC,KACdriC,EAAQqsB,aAAe,QAClB,GACoB0R,EAAAA,EAAAA,GAAsB51B,GAAvCkkB,EAAY,EAAZA,aACRrsB,EAAQqsB,aAAeA,GACxB,mBAEMqT,EAAAA,EAAAA,GAAiBv3B,EAAKnI,GAC1BqK,MAAK,SAAAwB,GAAG,OAAIA,EAAIqR,MAAM,KAAC,6CAE3B,+wBC3CM,SAAe+iB,EAAuB,EAAD,oCA6C3C,wCA7CM,WACL93B,EACA4yB,EACA4M,GAAgC,2FAEV,GAFU,EAELx/B,EAAInI,QAAvBggB,EAAQ,EAARA,SAAU6P,EAAI,EAAJA,KACb7P,EAAU,CAAF,qBACL,IAAI3b,EAAAA,EAAa,4EAA2E,OAUlC,GAVkC,SAI5FujC,EAAgCnnC,OAAOC,OAAO,CAAC,EAAGq6B,EAAa,CAAE/a,SAAAA,IAEnE2nB,EAAmBzL,cACrB0L,EAAiB1L,YAAcyL,EAAmBzL,aAG9C2L,EAAsC,EAAH,GAAOD,IAE5C/X,EAAM,CAAF,kCACgBsJ,EAAAA,EAAAA,IAAYwO,aAAkB,EAAlBA,EAAoB/N,YAAW,QAA3DV,EAAU,EAAH,KACb2O,EAAelL,YAAczD,EAC7B0O,EAAiB/X,KAAOA,EACxB+X,EAAiBhO,WAAa+N,EAAmB/N,WAAW,0BAGlCsD,EAAAA,EAAAA,GAAiB/0B,EAAK0/B,EAAgBF,GAAmB,QAC1C,OADrCtJ,EAAgB,EAAH,KACbrB,GAAOc,EAAAA,EAAAA,IAAa31B,EAAK4yB,GAAY,WAClBqD,EAAAA,EAAAA,GAAoBj2B,EAAKy/B,EAAkBvJ,EAAerB,GAAK,QAMvF,OANuF,SAAhF9f,EAAM,EAANA,QAGAhS,EAAiBgS,EAAjBhS,iBACa48B,EAAAA,EAAAA,GAAmB58B,EAAcy8B,IACpDx/B,EAAIS,aAAam/B,mBAAmB78B,GACrC,kBAEMgS,GAAM,QAMZ,MANY,2BAGT8qB,EAAAA,EAAAA,IAA2B,EAAD,KAE5B7/B,EAAIS,aAAaq/B,qBAClB,gEAGJ,6KCtCM,SAAelI,EAAY,EAAD,kCA6BhC,wCA7BM,WAA2B53B,EAA6BY,GAAqB,mFAMjF,GALGiB,EAAc,GACdkB,EAAe,GACfnC,IACAiB,EAAejB,EAAsBiB,YACrCkB,EAAgBnC,EAAuBmC,cAEvClB,GAAgBkB,EAAY,sBACxB,IAAI7G,EAAAA,EAAa,sDAAqD,OAGnC,GADvC2b,EAAW7X,EAAInI,QAAQggB,SACvByc,EAAet0B,EAAInI,QAAQy8B,aAC1Bzc,EAAU,CAAF,qBACL,IAAI3b,EAAAA,EAAa,8EAA6E,OASvB,OAN3EgiC,GAAYvI,EAAAA,EAAAA,IAAa31B,GAAKk+B,UAC9BzlC,GAAOqqB,EAAAA,EAAAA,IAAc,CAEvB2Y,gBAAiB14B,EAAe,gBAAkB,eAClDnC,MAAOmC,GAAgBlB,IACtBnH,MAAM,GACLqlC,EAAQzL,GAAenZ,EAAAA,EAAAA,IAAK,GAAD,OAAItD,EAAQ,YAAIyc,KAAkBnZ,EAAAA,EAAAA,IAAKtD,GAAS,mBACxEiP,EAAAA,EAAAA,IAAK9mB,EAAKk+B,EAAWzlC,EAAM,CAChC8nB,QAAS,CACP,eAAgB,oCAChB,cAAiB,SAAWwf,MAE9B,6CACH,6KC9CM,SAAShlB,IAEd,OAAO,SAAP,+bAIE,WAAYilB,EAA8C5hC,EAA8BhD,GAA0B,kCAC1G4kC,EAAuB5hC,EAAehD,EAC9C,CAwBC,OAxBA,6CAED,SAAsBvD,GACpBA,EAAUE,KAAKkoC,qBAAqB,cAAepoC,IACnDqoC,EAAAA,EAAAA,GAAkCroC,GAClC,IAAMyD,EAAUvD,KAAKid,WAAWnd,GAC1BmG,EAAanG,EAAQmG,YAAcc,EAAAA,yBACzC,OAAO,IAAIqhC,EAAAA,EAAY7kC,EAAS0C,EAClC,GAAC,wCAED,SAA2BnG,GACzBA,EAAUE,KAAKkoC,qBAAqB,qBAAsBpoC,IAC1DqoC,EAAAA,EAAAA,GAAkCroC,GAClC,IAAMyD,EAAUvD,KAAKid,WAAWnd,GAC1BmG,EAAanG,EAAQmG,YAAce,EAAAA,gCACzC,OAAO,IAAIohC,EAAAA,EAAY7kC,EAAS0C,EAClC,GAAC,mCAED,SAAsBnG,GACpBA,EAAUE,KAAKkoC,qBAAqB,eAAgBpoC,IACpDqoC,EAAAA,EAAAA,GAAkCroC,GAClC,IAAMyD,EAAUvD,KAAKid,WAAWnd,GAC1BmG,EAAanG,EAAQmG,YAAcgB,EAAAA,0BACzC,OAAO,IAAImhC,EAAAA,EAAY7kC,EAAS0C,EAClC,KAAC,EA9BI,CACGoiC,EAAAA,EAgCZ,qCCCO,IAAKhF,EAML,SAASiF,EAAQhzB,GACtB,SAAIA,IACCA,EAAIxL,aAAewL,EAAIzL,SAAWyL,EAAItK,eACvC+J,MAAM0Z,QAAQnZ,EAAIsmB,QAIxB,CAEO,SAASvG,EAAc/f,GAC5B,OAAOA,GAAOA,EAAIxL,WACpB,CAEO,SAASwrB,EAAUhgB,GACxB,OAAOA,GAAOA,EAAIzL,OACpB,CAEO,SAASqT,EAAe5H,GAC7B,OAAOA,GAAOA,EAAItK,YACpB,kIArBC,SAJWq4B,GAAAA,EAAS,qBAATA,EAAS,aAATA,EAAS,uBAIpB,CAJWA,IAAAA,EAAS,gMC/Bd,IAAM5lB,EAAgB,UAChBU,EAAgB,UAChBvV,EAAc,QACdK,EAAgB,UAChBwrB,EAAc,QACdrW,EAAoB,gMCejC,SAASmqB,EAAuBjzB,GAC9B,SAAKA,GAAsB,YAAf,OAAOA,IAAkD,IAA9B/U,OAAO8f,OAAO/K,GAAKvV,OAI5D,CAEO,SAASyoC,EAAuBlzB,GACrC,SAAKizB,EAAuBjzB,KAGnBA,EAAIimB,cAAiBjmB,EAAI6W,aACpC,CAEO,SAASsc,EAAsBnzB,GACpC,QAAKkzB,EAAuBlzB,MAGlBA,EAAY8mB,YACxB,CAEO,SAASsM,EAAqBpzB,GACnC,QAAKmzB,EAAsBnzB,MAGjBA,EAAYqzB,iBACxB,CAEO,SAASC,EAA4BtzB,GAC1C,QAAKizB,EAAuBjzB,SAGkE3G,IAApEpO,OAAO8f,OAAO/K,GAAKK,MAAK,SAACrU,GAAK,MAAuB,iBAAVA,CAAkB,GAEzF,CAEO,SAAS61B,EAAkB7hB,GAChC,SAAIkzB,EAAuBlzB,KAAQszB,EAA4BtzB,GAIjE,+pDC7DA,IAAMuzB,EAAkB,KAEjB,SAASC,EAAYC,EAAa3iC,EAAM8G,GACzC67B,EAAY/0B,iBACd+0B,EAAY/0B,iBAAiB5N,EAAM8G,GAEnC67B,EAAYC,YAAY,KAAO5iC,EAAM8G,EAEzC,CAEO,SAAS+7B,EAAeF,EAAa3iC,EAAM8G,GAC5C67B,EAAY70B,oBACd60B,EAAY70B,oBAAoB9N,EAAM8G,GAEtC67B,EAAYG,YAAY,KAAO9iC,EAAM8G,EAEzC,CAEO,SAAS6zB,EAAUoI,GACxB,IAAIC,EAAS5nC,SAAS6nC,cAAc,UAIpC,OAHAD,EAAOE,MAAMrO,QAAU,OACvBmO,EAAOD,IAAMA,EAEN3nC,SAASypB,KAAKse,YAAYH,EACnC,CAEO,SAAStH,EAAUqH,EAAKrpC,GAC7B,IAAImnC,EAAQnnC,EAAQ0pC,YAAc,iDAGlC,OAAO7kC,OAAO6N,KAAK22B,EAAKlC,EAFP,sFAGnB,CAEO,SAASrG,EAAuB34B,EAA6B44B,EAASl3B,GAC3E,IAAI8/B,EACAC,EA0BJ,OAzB2B,IAAIx+B,SAAQ,SAAUT,EAAS6C,GAExDm8B,EAAkB,SAAyB1mC,GACzC,GAAKA,EAAEyC,MAAQzC,EAAEyC,KAAKmE,QAAUA,EAShC,OAAI5G,EAAEmiC,SAAWj9B,EAAI6mB,kBACZxhB,EAAO,IAAInJ,EAAAA,EAAa,yDAEjCsG,EAAQ1H,EAAEyC,KACZ,EAEAsjC,EAAYnkC,OAAQ,UAAW8kC,GAE/BC,EAAY99B,YAAW,WACrB0B,EAAO,IAAInJ,EAAAA,EAAa,wBAC1B,GAAG08B,GAAWgI,EAChB,IAGGnd,SAAQ,WACPgJ,aAAagV,GACbT,EAAetkC,OAAQ,UAAW8kC,EACpC,GACJ,CAEO,SAASjI,EACdv5B,EACA44B,EACA5rB,EACAtL,GAEA,IAAI+/B,EAEE1b,EAAU,IAAI9iB,SAAQ,SAACT,EAAS6C,GACpC2H,EAAQpI,UAAY,SAAC9D,GAEnB,GAAKA,EAAM4gC,WAAc5gC,EAAMvD,KAI/B,MAA0B,YAAtB,OAAOuD,EAAMvD,OAAqBmE,IAAUZ,EAAMvD,KAAKmE,MAClDc,uWAAQ,CAAD,GAAM1B,EAAMvD,YAG5B8H,EAAO,IAAInJ,EAAAA,EAAa,yCAC1B,EAEAulC,EAAY99B,YAAW,WACrB0B,EAAO,IAAInJ,EAAAA,EAAa,wBAC1B,GAAG08B,GAAWgI,EAChB,IAEA,OAAO7a,EACNtC,SAAQ,WACPgJ,aAAagV,GACbz0B,EAAQlI,OACV,GACF,sGClGO,SAAS68B,EAAoC3hC,GAClD,MAKIA,EAAInI,QAJNggB,EAAQ,EAARA,SACAyb,EAAW,EAAXA,YACA3Y,EAAY,EAAZA,aACAjZ,EAAK,EAALA,MAEIkgC,GAAqBntB,EAAAA,EAAAA,aAAc/X,OAAO8d,SAASE,UAAOhU,EAChE,OAAO1O,EAAAA,EAAAA,IAAW,CAChB6f,SAAAA,EACAyb,YAAaA,GAAesO,EAC5BjnB,aAAAA,EACAjZ,MAAOA,IAASo4B,EAAAA,EAAAA,MAChB5V,aAAc,OACdmP,OAAQ,wBAEZ,sGChBO,SAASuC,EAAsB51B,GACpC,MAYIA,EAAInI,QAXNqiC,EAAI,EAAJA,KACAriB,EAAQ,EAARA,SACAyb,EAAW,EAAXA,YACApP,EAAY,EAAZA,aACAvJ,EAAY,EAAZA,aACAgZ,EAAM,EAANA,OACAH,EAAS,EAATA,UACAJ,EAAM,EAANA,OACA1xB,EAAK,EAALA,MACAm0B,EAAe,EAAfA,gBACAnO,EAAI,EAAJA,KAEIka,GAAqBntB,EAAAA,EAAAA,aAAc/X,OAAO8d,SAASE,UAAOhU,EAChE,OAAO1O,EAAAA,EAAAA,IAAW,CAChBkiC,KAAAA,EACAriB,SAAAA,EACAyb,YAAaA,GAAesO,EAC5B1d,aAAcA,GAAgB,CAAC,QAAS,YACxCvJ,aAAAA,EACAjZ,MAAOA,IAASo4B,EAAAA,EAAAA,MAChBnI,OAAOkQ,EAAAA,EAAAA,MACPlO,OAAQA,GAAU,CAAC,SAAU,SAC7BH,UAAAA,EACAJ,OAAAA,EACAyC,gBAAAA,EACAnO,KAAAA,GAEJ,mFC5CO,SAAS4O,EACdt2B,EACAqgB,GAgBA,MAZwC,CACtCuC,OAHa5iB,EAAInI,QAAQ+qB,OAIzBiS,MAHWc,EAAAA,EAAAA,IAAa31B,EAAKqgB,GAI7BxI,SAAUwI,EAAOxI,SACjByb,YAAajT,EAAOiT,YACpBpP,aAAc7D,EAAO6D,aACrBvJ,aAAc0F,EAAO1F,aACrBjZ,MAAO2e,EAAO3e,MACd8xB,UAAWnT,EAAOmT,UAClBC,gBAAiBpT,EAAOoT,gBAI5B,oICPO,SAAS2L,EAA2Bt9B,GACzC,MAAmB,eAAfA,EAAM3D,MAIuB,yBADd2D,EACAgc,SACrB,CAEO,SAASgkB,EAAyB9hC,EAA6B8B,GACpE,GAAmB,iBAAfA,EAAM3D,KACR,OAAO,EAET,IAEM4jC,EAFejgC,EAEc6b,IAC7BwG,EAAe4d,aAAa,EAAbA,EAAe5d,aACpC,OAAOnkB,EAAInI,QAAQqiC,MAA2C,mBAAlC/V,aAAY,EAAZA,EAAcriB,MAC5C,CAEO,SAAS+9B,EAA2B/9B,GAEzC,OAAO4e,EAAAA,EAAAA,cAAa5e,IACE,kBAApBA,EAAMgc,WACiB,6CAAvBhc,EAAM+b,YACV,4vCCxBO,SAASmkB,EAAgBjlB,GAC9B,MAAO,wBAAwBkE,KAAKlE,EACtC,CAGO,SAASklB,EAAqBC,GACnC,MAAO,WAAWjhB,KAAKihB,EACzB,CAGO,SAASC,EAAmBD,GACjC,MAAO,uBAAuBjhB,KAAKihB,EACrC,CAEO,SAASE,EAAcF,GAC5B,MAAO,YAAYjhB,KAAKihB,IAAiB,uBAAuBjhB,KAAKihB,EACvE,CAEO,SAASG,EAAcC,EAAatiC,GACzC,IAAIuiC,EAAaviC,EAAInI,QACrB,SAAKyqC,IAAQC,EAAWjP,cAGuB,IAAxCgP,EAAI3kC,QAAQ4kC,EAAWjP,YAChC,CAEO,SAASkP,EAAW3qC,GACzB,OAAOA,EAAQqiC,MAAiC,SAAzBriC,EAAQqsB,cAAoD,UAAzBrsB,EAAQ8iB,YACpE,CAEO,SAAS8hB,EAAgBvY,EAAiCrsB,GAO/D,OALIiV,MAAM0Z,QAAQ3uB,EAAQqsB,eAAiBrsB,EAAQqsB,aAAapsB,OAC5CD,EAAQqsB,aAAavmB,QAAQumB,IAAiB,EAE9CrsB,EAAQqsB,eAAiBA,CAG/C,CAEO,SAASue,EAAgB5qC,GAG9B,OAFe2qC,EAAW3qC,IAC0B,aAAzBA,EAAQ8iB,aACjBje,OAAO8d,SAASkkB,OAAShiC,OAAO8d,SAASuC,IAC7D,CAMO,SAASjD,EAAiB9Z,GAE/B,IAAKqiC,EAAc3lC,OAAO8d,SAASE,KAAM1a,GACvC,OAAO,EAIT,IAAI0iC,EAAWF,EAAWxiC,EAAInI,SAC1BqqC,EAAeO,EAAgBziC,EAAInI,SAEvC,QAAIuqC,EAAcF,KAIdQ,EACaT,EAAqBC,IAAiBC,EAAmBD,GAKnEF,EAAgBtlC,OAAO8d,SAASuC,MACzC,CAMO,SAAS4lB,EAAuB3iC,EAA6BkiC,GAClE,IAAKA,EAAc,CAEjB,IAAKpoB,EAAgB9Z,GACnB,OAAO,EAGTkiC,EAAeO,EAAgBziC,EAAInI,QACrC,CACA,MAAO,gCAAgCopB,KAAKihB,EAC9C,gcCtFO,SAASpI,IACd,OAAO8I,EAAAA,EAAAA,IAAgB,GACzB,CAEO,SAASf,IACd,OAAOe,EAAAA,EAAAA,IAAgB,GACzB,CAEA,SAASC,EAAU7iC,GAAuD,IAA1BnI,EAAsB,UAAH,6CAAG,CAAC,EAErE,OADeomC,EAAAA,EAAAA,IAAoBpmC,EAAQ+qB,SAAW5iB,EAAInI,QAAQ+qB,MAEpE,CAEO,SAASkgB,EAAgB9iC,GAAuD,IAC/E4iB,EAASigB,EAAU7iC,EADwD,UAAH,6CAAG,CAAC,GAGlF,OADgB4iB,EAAOjlB,QAAQ,WAAa,EAAIilB,EAASA,EAAS,SAEpE,CAEO,SAASmgB,EAAe/iC,GAG7B,OAFe6iC,EAAU7iC,EADuD,UAAH,6CAAG,CAAC,GAE3D9F,MAAM,WAAW,EAEzC,CAEO,SAASy7B,EAAa31B,EAA6BnI,GACxD,GAAIgB,UAAUf,OAAS,EACrB,MAAM,IAAIoE,EAAAA,EAAa,wEAEzBrE,EAAUA,GAAW,CAAC,EAGtB,IAAI0+B,GAAe0H,EAAAA,EAAAA,IAAoBpmC,EAAQ0+B,eAAiBv2B,EAAInI,QAAQ0+B,aACxE3T,EAASigB,EAAU7iC,EAAKnI,GACxB4hC,GAAcwE,EAAAA,EAAAA,IAAoBpmC,EAAQ4hC,cAAgBz5B,EAAInI,QAAQ4hC,YACtE3E,GAAWmJ,EAAAA,EAAAA,IAAoBpmC,EAAQi9B,WAAa90B,EAAInI,QAAQi9B,SAChE+H,GAAYoB,EAAAA,EAAAA,IAAoBpmC,EAAQglC,YAAc78B,EAAInI,QAAQglC,UAClEqB,GAAYD,EAAAA,EAAAA,IAAoBpmC,EAAQqmC,YAAcl+B,EAAInI,QAAQqmC,UAElE8E,EAAUF,EAAgB9iC,EAAKnI,GAQnC,MAAO,CACL+qB,OAAQA,EACR2T,aARFA,EAAeA,GAAgByM,EAAU,gBASvCvJ,YARFA,EAAcA,GAAeuJ,EAAU,eASrClO,SARFA,EAAWA,GAAYkO,EAAU,YAS/B9E,UARFA,EAAYA,GAAa8E,EAAU,aASjCnG,UARFA,EAAYA,GAAamG,EAAU,aAUrC,kqBCpEO,SAAShJ,EACdh6B,EACA4yB,GAEA,IAEMqQ,EAAkC,CACtCrgB,OAHa5iB,EAAInI,QAAQ+qB,OAIzBiS,MAHWc,EAAAA,EAAAA,IAAa31B,EAAK4yB,GAI7B/a,SAAU+a,EAAY/a,SACtByb,YAAaV,EAAYU,YACzBpP,aAAc0O,EAAY1O,aAC1BvJ,aAAciY,EAAYjY,aAC1BgZ,OAAQf,EAAYe,OACpBjyB,MAAOkxB,EAAYlxB,MACnBiwB,MAAOiB,EAAYjB,MACnBkE,gBAAiBjD,EAAYiD,gBAC7BrC,UAAWZ,EAAYY,UACvBO,YAAanB,EAAYmB,aAG3B,OAAyB,IAArBnB,EAAYsH,KAEP+I,EAG6B,EAAH,KAC9BA,GAAS,IACZ9O,aAAcvB,EAAYuB,aAC1BpB,oBAAqBH,EAAYG,oBACjCD,cAAeF,EAAYE,eAI/B,uECrBA,SAASoQ,EAASC,GAChB,OAAQ,IAAMA,EAAIp/B,SAAS,KAAKq/B,QAAQ,EAC1C,CA0BA,KACE5jC,8BAAAA,EAAAA,8BACAw8B,iBAnBF,SAA0BqH,GACxB,IARuBvrC,EACnBwkB,EAOAgnB,EAAWD,GAAU,GAIzB,OAHIC,EAASxrC,OAASwH,EAAAA,sBACpBgkC,IAVqBxrC,EAUiBwH,EAAAA,oBAAsBgkC,EAASxrC,OATnEwkB,EAAI,IAAIV,WAAW/X,KAAK0/B,KAAKzrC,EAAS,IAC1C8kB,EAAAA,GAAAA,gBAA0BN,GAChBxP,MAAMC,KAAKuP,EAAG4mB,GAASvoC,KAAK,IAC3BD,MAAM,EAAG5C,KAQb8B,mBAAmB0pC,GAAU5oC,MAAM,EAAG6E,EAAAA,oBAC/C,EAcE08B,iBAZF,SAA0BhhB,GACxB,IAAIU,GAAS,IAAIe,aAAcC,OAAO1B,GACtC,OAAO2B,EAAAA,GAAAA,OAAAA,OAAwB,UAAWjB,GAAQzZ,MAAK,SAAS2a,GAC9D,IAAIE,EAAOX,OAAOC,aAAaW,MAAM,KAAM,IAAIpB,WAAWiB,IAE1D,OADW7B,EAAAA,EAAAA,IAAkB+B,EAE/B,GACF,6qBCEO,SAASsZ,EACdr2B,EACAnI,GAEA,OAhCF,SACEwoB,GAUA,KARAA,EAAS,EAAH,KACDA,GAAM,IAET6D,aAAc,OACdmP,OAAQ,uBACRD,OAAQ,KAGEK,gBACV,MAAM,IAAIv3B,EAAAA,EAAa,uCAEzB,IAAKmkB,EAAOmT,UAGV,MAAM,IAAIt3B,EAAAA,EAAa,gCAOzB,cAHOmkB,EAAOsT,cACPtT,EAAOsR,MAEPtR,CACT,CAOSmjB,CAAc,EAAD,MACf7B,EAAAA,EAAAA,GAAoC3hC,IACpCnI,GAEP,8yBChCO,SAAS4rC,EAAkBzjC,GAChC,IAAKA,EAAI7H,SAASopB,kBAAmB,CACnC,IAAImiB,EAAe,sFASnB,MARK1jC,EAAI7H,SAASqpB,YAEhBkiB,GAAgB,oGAEb1jC,EAAI7H,SAASmpB,mBAEhBoiB,GAAgB,0GAEZ,IAAIxnC,EAAAA,EAAawnC,EACzB,CACF,CAEO,SAAeC,EAA4B,EAAD,kCAWhD,wCAXM,WAA2C3jC,EAA6B+yB,GAA4B,iEAEK,OAA9GA,EAAsBA,GAAuB/yB,EAAInI,QAAQk7B,qBAAuBvzB,EAAAA,8BAA8B,UAG9E21B,EAAAA,EAAAA,GAAan1B,GAAI,OACwB,IAC3B,KAFpB,EAAH,KAC2C,kCAAK,IAC3DrC,QAAQo1B,GAA2B,sBACvC,IAAI72B,EAAAA,EAAa,iCAAgC,gCAElD62B,GAAmB,4CAC3B,sBAEM,SAAe6Q,EAAY,EAAD,kCA6BhC,wCA7BM,WACL5jC,EACA4yB,GAAwB,6EASmC,GANzDuB,GAHsB,EAMpBvB,GAHFuB,aACArB,EAAa,EAAbA,cACAC,EAAmB,EAAnBA,oBAIFD,EAAgBA,GAAiB9yB,EAAInI,QAAQi7B,cACzB,CAAF,eAEuC,OADvD2Q,EAAkBzjC,GAClBm0B,EAAeA,GAAgB4H,EAAAA,EAAAA,mBAAwB,SACjCA,EAAAA,EAAAA,iBAAsB5H,GAAa,OAAzDrB,EAAgB,EAAH,6BAEa6Q,EAA4B3jC,EAAK+yB,GAAoB,QAS/E,OATFA,EAAsB,EAAH,KAGnBH,EAAc,EAAH,KACNA,GAAW,IACd1O,aAAc,OACdiQ,aAAAA,EACArB,cAAAA,EACAC,oBAAAA,IACA,kBAEKH,GAAW,6CACnB,sBAGM,SAAe0E,EAAmB,GAAD,+BAkBvC,wCAlBM,WACLt3B,GAA2B,qFAKmB,GAJ9C4yB,EAA2B,EAAH,6BAAG,CAAC,EAGtBiR,GAAWjO,EAAAA,EAAAA,GAAsB51B,KACvC4yB,EAAc,EAAH,KAAQiR,GAAajR,IAEhBlL,MAAS1nB,EAAI7H,SAASypB,kBAAiB,sBAC/C,IAAI1lB,EAAAA,EAAa,6DAA4D,WAG5D,IAArB02B,EAAYsH,KAAc,yCAErBtH,GAAW,gCAGbgR,EAAY5jC,EAAK4yB,IAAY,2CACrC,iIChGM,SAAS+M,EAAmBrjB,EAAiBC,GAClD,OAAQD,EAAEvZ,eAAiBwZ,EAAExZ,YAC/B,CAEO,SAAS+gC,EAAoB1+B,GAClC,UAAKqb,EAAAA,EAAAA,gBAAerb,KAIfA,EAAIuY,MAAQvY,EAAIuY,IAAIwG,cAKE,kBADF/e,EAAIuY,IAArBwG,aACSriB,MAKnB,qCCRO,SAAS68B,EAAkBuD,GAEhC,IAAI6B,EAAa,MACbC,EAAa,qBACbC,EAAW/B,GAAgB,GAGJ,MAAvB+B,EAASC,OAAO,IAAqC,MAAvBD,EAASC,OAAO,KAChDD,EAAWA,EAASjgC,UAAU,IAIL,MAAvBigC,EAASC,OAAO,IAAqC,MAAvBD,EAASC,OAAO,KAChDD,EAAWA,EAASjgC,UAAU,IAQhC,IAJA,IAGIkf,EAHA7V,EAAM,CAAC,EAKT6V,EAAQ8gB,EAAW1jB,KAAK2jB,IADb,CAIX,IAAIlrC,EAAMmqB,EAAM,GACZ7pB,EAAQ6pB,EAAM,GAIhB7V,EAAItU,GADM,aAARA,GAA8B,iBAARA,GAAkC,SAARA,EACvCM,EAEAS,mBAAmBT,EAAMQ,QAAQkqC,EAAY,KAE5D,CACA,OAAO12B,CACT,kHChCO,SAAS82B,EAAenkC,EAA6B+vB,EAAoBkL,GAC9E,IAAMmJ,EAAMnJ,EAAiBpjB,SACvBwjB,EAAMJ,EAAiBrY,OACvB+O,EAAQsJ,EAAiBtJ,MACzB0S,EAAMpJ,EAAiBzH,UAE7B,IAAKzD,IAAWsL,IAAQ+I,EACtB,MAAM,IAAIloC,EAAAA,EAAa,oDAGzB,GAAIy1B,GAAS5B,EAAO4B,QAAUA,EAC5B,MAAM,IAAIz1B,EAAAA,EAAa,yDAGzB,IAAMxC,EAAMmK,KAAKsH,MAAM1R,KAAKC,MAAM,KAElC,GAAIq2B,EAAOsL,MAAQA,EACjB,MAAM,IAAIn/B,EAAAA,EAAa,eAAiB6zB,EAAOsL,IAAxB,qBACAA,EAAM,KAG/B,GAAKvuB,MAAM0Z,QAAQuJ,EAAOqU,MAAQrU,EAAOqU,IAAIzmC,QAAQymC,GAAO,IACxDt3B,MAAM0Z,QAAQuJ,EAAOqU,MAAQrU,EAAOqU,MAAQA,EAE9C,MAAM,IAAIloC,EAAAA,EAAa,iBAAmB6zB,EAAOqU,IAA1B,qBACAA,EAAM,KAG/B,GAAIC,GAAOtU,EAAOsU,MAAQA,EACxB,MAAM,IAAInoC,EAAAA,EAAa,YAAc6zB,EAAOsU,IAArB,gCACWA,EAAM,KAG1C,GAAItU,EAAOuC,IAAOvC,EAAOiL,IACvB,MAAM,IAAI9+B,EAAAA,EAAa,wCAGzB,IAAK8D,EAAInI,QAAQumC,eAAgB,CAC/B,GAAK1kC,EAAMsG,EAAInI,QAAQwmC,aAAiBtO,EAAOiL,IAC7C,MAAM,IAAI9+B,EAAAA,EAAa,0CAGzB,GAAI6zB,EAAOuC,IAAQ54B,EAAMsG,EAAInI,QAAQwmC,aACnC,MAAM,IAAIniC,EAAAA,EAAa,mCAE3B,CACF,6FC3DO,SAAS+wB,EAAcrsB,EAAc6E,GAC1C,KAAK4nB,EAAAA,EAAAA,IAAUzsB,MAAWwsB,EAAAA,EAAAA,IAAcxsB,MAAWqU,EAAAA,EAAAA,IAAerU,GAChE,MAAM,IAAI1E,EAAAA,EACR,iHAIJ,GAAa,gBAATuJ,KAA2B2nB,EAAAA,EAAAA,IAAcxsB,GAC3C,MAAM,IAAI1E,EAAAA,EAAa,uBAEzB,GAAa,YAATuJ,KAAuB4nB,EAAAA,EAAAA,IAAUzsB,GACnC,MAAM,IAAI1E,EAAAA,EAAa,mBAGzB,GAAa,iBAATuJ,KAA4BwP,EAAAA,EAAAA,IAAerU,GAC7C,MAAM,IAAI1E,EAAAA,EAAa,uBAE3B,gKCAO,SAAe+gB,EAAY,EAAD,oCA4ChC,wCA5CM,WAA2Bjd,EAA6BY,EAAgBq6B,GAAmC,oFAC3Gr6B,GAAUA,EAAMgB,QAAO,sBACpB,IAAI1F,EAAAA,EAAa,iCAAgC,OAQc,OAJjEohB,GAAMmS,EAAAA,EAAAA,GAAY7uB,EAAMgB,SAIxB0iC,GAAmBrJ,aAAgB,EAAhBA,EAAkBrY,SAAU5iB,EAAInI,QAAQ+qB,OAAM,UAC9CuS,EAAAA,EAAAA,GAAan1B,EAAKskC,GAAiB,OAYR,GAZQ,SAApD1hB,EAAM,EAANA,OAEF2hB,EAAuCjsC,OAAOC,OAAO,CAEzDsf,SAAU7X,EAAInI,QAAQggB,SACtBge,gBAAiB71B,EAAInI,QAAQg+B,iBAC5BoF,EAAkB,CAEnBrY,OAAAA,KAIFuhB,EAAAA,EAAAA,GAAenkC,EAAKsd,EAAIC,QAASgnB,GAIQ,GAArCA,EAAkB1O,iBAA4B71B,EAAI7H,SAASkpB,yBAAwB,0CAC9EzgB,GAAK,0BAIIy0B,EAAAA,EAAAA,GAAOr1B,EAAKY,EAAMgiB,OAAQtF,EAAI0C,OAAOsV,KAAK,QAAnD,OAAHv8B,EAAM,EAAH,eACWyrC,EAAAA,EAAsB5jC,EAAMgB,QAAS7I,GAAI,QAAlD,GAAG,EAAH,KACC,CAAF,sBACF,IAAImD,EAAAA,EAAa,oCAAmC,aAExD++B,GAAoBA,EAAiBp5B,aAAejB,EAAMmvB,OAAO0U,SAAO,kCACvDD,EAAAA,EAAsBvJ,EAAiBp5B,aAAY,QAA5D,GAAG,EAAH,OACGjB,EAAMmvB,OAAO0U,QAAO,uBACzB,IAAIvoC,EAAAA,EAAa,kCAAiC,iCAGrD0E,GAAK,6CACb,6NClDD,SAAS8jC,EAAc1kC,GACrB,OAAOA,EAAI2kC,QAAQrqC,MAChB4H,MAAK,SAASwB,GACb,MAAmB,WAAfA,EAAIvC,MAIV,IACC+B,OAAM,WACL,OAAO,CACT,GACJ,CAEA,SAAS0hC,EAAW5kC,GAClB,OAAO1F,EAAAA,EAAAA,IAAI0F,EAAK,sBAAuB,CAAEwjB,iBAAiB,IACzDthB,MAAK,SAASyiC,GACb,IAAIjhC,GAAMmhC,EAAAA,EAAAA,IAAKF,EAAS,UAUxB,OARAjhC,EAAIohC,QAAU,WACZ,OAAOhe,EAAAA,EAAAA,IAAK9mB,GAAK+kC,EAAAA,EAAAA,IAAQJ,EAAS,WAAWjqB,KAAM,CAAC,EAAG,CAAE8I,iBAAiB,GAC5E,EAEA9f,EAAIshC,KAAO,WACT,OAAO1qC,EAAAA,EAAAA,IAAI0F,GAAK+kC,EAAAA,EAAAA,IAAQJ,EAAS,QAAQjqB,KAAM,CAAE8I,iBAAiB,GACpE,EAEO9f,CACT,IACCR,OAAM,WAEL,MAAO,CAAC/B,OAAQ,WAClB,GACF,CAEA,SAASm8B,EAAat9B,GACpB,OAAOqlB,EAAAA,EAAAA,IAAYrlB,EAAK,CACtBya,IAAKza,EAAI6mB,kBAAoB,sBAC7BvZ,OAAQ,SACRkW,iBAAiB,GAErB,CAEA,SAASyhB,EAAejlC,GACtB,OAAO8mB,EAAAA,EAAAA,IAAK9mB,EAAK,wCAAyC,CAAC,EAAG,CAAEwjB,iBAAiB,GACnF,CAEA,SAAS0hB,EAAqBllC,EAAKuzB,EAAc4R,GAC/CA,EAAcA,GAAezoC,OAAO8d,SAASE,KAC7Che,OAAO8d,SAASjiB,OAAOyH,EAAI6mB,kBAAoB,gCAC7C/D,EAAAA,EAAAA,IAAc,CACZsiB,2BAA2B,EAC3BxkC,MAAO2yB,EACP4R,YAAaA,IAEnB,mFClEO,SAASE,EAAiBrlC,GAQ/B,MAPgB,CACd8E,MAAOw4B,EAAAA,GAAAA,KAAkB,KAAMt9B,GAC/BslC,OAAQZ,EAAAA,GAAAA,KAAmB,KAAM1kC,GACjC1F,IAAKsqC,EAAAA,GAAAA,KAAgB,KAAM5kC,GAC3B8kC,QAASG,EAAAA,GAAAA,KAAoB,KAAMjlC,GACnCklC,qBAAsBA,EAAAA,GAAAA,KAA0B,KAAMllC,GAG1D,8bCLO,SAASwZ,EAOfN,GAEC,OAAO,SAAP,+bAIE,aAA4B,iDAAbzgB,EAAI,yBAAJA,EAAI,gBAGqB,OAFtC,+BAASA,KAAM,oCAEf,EAAKksC,SAAUU,EAAAA,EAAAA,IAAiB,WAAM,CACxC,CAiBC,OAjBA,oCAGD,WAAiC,WAC/B,OAAOttC,KAAK4sC,QAAQ7/B,QACnB5C,MAAK,+FAEgB,OAApB,EAAKmsB,eAAe,mBACb,GAAI,4CAEZnrB,OAAM,SAASpI,GACd,GAAe,iBAAXA,EAAEqD,MAA2C,aAAhBrD,EAAEgjB,UAEjC,OAAO,EAET,MAAMhjB,CACR,GACF,KAAC,EAzBI,CAA8Boe,EA2BvC,oKCbO,SAASgnB,EAAkCroC,IAC3C4c,EAAAA,EAAAA,cAAgB5c,EAAQkE,iBAAoBlE,EAAQmG,aAEvDxB,EAAAA,EAAAA,IAAK,8KAET,CAGO,IAAM4jC,EAAkB,WAK7B,WAAYJ,EAA8C5hC,EAA8BhD,IAA0B,oIAChHrD,KAAKioC,sBAAwBA,EAC7BjoC,KAAKqG,cAAgBA,EACrBrG,KAAKqD,YAAcA,CACrB,CAuDC,OAvDA,4CAGD,SAAqBmqC,EAAqBC,GACxC,OAAOltC,OAAOC,OAAO,CAAC,EAAGR,KAAKioC,sBAAsBuF,GAAcC,EACpE,GAAC,wBAID,SAAW3tC,GAGT,IAFAA,EAAUS,OAAOC,OAAO,CAAC,EAAGR,KAAKqG,cAAevG,IAEpCkE,gBACV,OAAOlE,EAAQkE,gBAGjB,MAAoClE,EAA9B+D,EAAW,EAAXA,YAAa6pC,EAAY,EAAZA,aASnB,GAPmB,mBAAhB7pC,IACD/D,EAAQmF,eAAgB,GAMtBpB,GAAe6pC,EAAc,CAC/B,IAAMC,EAAMD,EAAa9nC,QAAQ/B,GAC7B8pC,GAAO,IACTD,EAAeA,EAAa/qC,MAAMgrC,GAClC9pC,OAAc8K,EAElB,CAMA,OAJK9K,IAEHA,EAAc7D,KAAKqD,YAAYe,gBAAgBspC,IAE1C1tC,KAAKqD,YAAYU,iBAAiBF,EAAa/D,EACxD,GAAC,6BAGD,SAAgBA,GAEdqoC,EADAroC,EAAUE,KAAKkoC,qBAAqB,QAASpoC,IAE7C,IAAMyD,EAAUvD,KAAKid,WAAWnd,GAC1BmG,EAAanG,EAAQmG,YAAcW,EAAAA,mBACzC,OAAO,IAAIwhC,EAAAA,EAAY7kC,EAAS0C,EAClC,GAAC,0BAGD,SAAanG,GACXA,EAAUE,KAAKkoC,qBAAqB,QAASpoC,GAC7C,IAAMyD,EAAUvD,KAAKid,WAAWnd,GAC1BmG,EAAanG,EAAQmG,YAAcY,EAAAA,mBACzC,OAAO,IAAIuhC,EAAAA,EAAY7kC,EAAS0C,EAClC,KAAC,EAhE4B,kHCtBlBmiC,EAAW,WAItB,WAAY7kC,EAAwBqqC,GAClC,IADuD,0FAClDrqC,EACH,MAAM,IAAIY,EAAAA,EAAa,yBAGzB,GAA2B,iBAAhBypC,IAA6BA,EAAY7tC,OAClD,MAAM,IAAIoE,EAAAA,EAAa,6BAGzBnE,KAAK4tC,YAAcA,EACnB5tC,KAAKgE,gBAAkBT,CACzB,CA6DC,OA7DA,+BAMD,SAAQvC,GACN,OAAOhB,KAAKid,aAAajc,EAC3B,GAAC,qBAED,SAAQA,EAAaM,GACnB,OAAOtB,KAAK4uB,cAAc5tB,EAAKM,EACjC,GAAC,wBAED,SAAWN,GACT,OAAOhB,KAAKs2B,aAAat1B,EAC3B,GAAC,wBAMD,WACE,IAAI6sC,EAAgB7tC,KAAKgE,gBAAgBkB,QAAQlF,KAAK4tC,aACtDC,EAAgBA,GAAiB,KACjC,IACE,OAAOhoC,KAAKC,MAAM+nC,EACpB,CAAE,MAAM9qC,GACN,MAAM,IAAIoB,EAAAA,EAAa,mCAAqCnE,KAAK4tC,YACnE,CACF,GAAC,wBAED,SAAWt4B,GACT,IACE,IAAIu4B,EAAgBv4B,EAAMzP,KAAKE,UAAUuP,GAAO,KAChDtV,KAAKgE,gBAAgBmB,QAAQnF,KAAK4tC,YAAaC,EACjD,CAAE,MAAM9qC,GACN,MAAM,IAAIoB,EAAAA,EAAa,0BAA4BnE,KAAK4tC,YAC1D,CACF,GAAC,0BAED,SAAa5sC,GACX,GAAKA,EAAL,CAUA,IAAIsU,EAAMtV,KAAKid,oBACR3H,EAAItU,GACXhB,KAAKue,WAAWjJ,EAJhB,MANMtV,KAAKgE,gBAAgBqB,WACvBrF,KAAKgE,gBAAgBqB,WAAWrF,KAAK4tC,aAErC5tC,KAAKue,YAQX,GAAC,2BAED,SAAcvd,EAAKM,GACjB,IAAIgU,EAAMtV,KAAKid,aACf3H,EAAItU,GAAOM,EACXtB,KAAKue,WAAWjJ,EAClB,KAAC,EA5EqB,uWCTjB,SAAS+L,EAOdF,EAAa2sB,GAGb,OAAO,SAAP,+bAGE,aAA4B,iDAAbptC,EAAI,yBAAJA,EAAI,gBACjB,+BAASA,KAAM,2CACf,MAAiD,EAAKZ,QAA9C4tB,EAAc,EAAdA,eAAgBlrB,EAAO,EAAPA,QAASa,EAAW,EAAXA,YACiD,OAAlF,EAAKqqB,eAAiB,IAAIogB,EAAepgB,EAAiBlrB,EAAUa,GAAc,CACpF,CAGC,OAHA,oCACD,WAEA,KAAC,EAVI,CAA8B8d,EAYvC,2KCLa4sB,EAAiD,CAC5DllC,MAAO,CACL6kC,aAAc,CACZ,eACA,iBACA,WAGJM,MAAO,CACLN,aAAc,CACZ,eACA,iBACA,WAGJp9B,YAAa,CACXo9B,aAAc,CACZ,iBACA,eACA,WAGJ,qBAAsB,CACpBA,aAAc,CACZ,iBAGJ,eAAgB,CACdA,aAAc,CACZ,gmBCrCC,SAAS9gB,IAGd,OAAO,SAAP,+bAKE,WAAYlsB,GAAW,MAIwD,OAJxD,eACrB,cAAMA,IAAM,yHACZ,EAAK8B,QDgCJ,WAAgF,IAAlBinB,EAAgB,uCAI/EwkB,GAJ2D,UAAH,6CAAG,CAAC,GAItCzrC,SAAW,CAAC,EAyBtC,YAxBqC,IAA1ByrC,EAAelpC,SACxBkpC,EAAelpC,OAAS0kB,QAEa,IAA5BwkB,EAAejpC,WACxBipC,EAAejpC,SAAWipC,EAAelpC,OAAS,OAAS,OAIzDkpC,EAAelpC,SAAW0kB,KAE5BhlB,EAAAA,EAAAA,IACE,2LAIFwpC,EAAelpC,QAAS,GAKM,SAA5BkpC,EAAejpC,UAAwBipC,EAAelpC,SACxDkpC,EAAejpC,SAAW,OAGrBipC,CACT,CC9DqBC,CAAkBxtC,GAAM+oB,EAAAA,EAAAA,YACvC,EAAKpmB,YAAc3C,EAAK2C,aDTR9C,OAAOC,OAAO,CAAC,EAAGsjC,EAAAA,EAAgB,CACpD39B,cAAe,CAAC,ICSd,EAAKunB,eAAiB,EAAH,KAAQqgB,GAA4BrtC,EAAKgtB,gBAAiB,CAC/E,CAAC,iBAVI,EADwBjtB,EAAAA,EAAAA,KAajC,0HCFa+H,EAAY,WAKvB,aAA6D,IAAjD1I,EAA+B,UAAH,6CAAG,CAAE2I,OAAO,IAAO,0GACzDzI,KAAK4+B,MAAQ,GACb5+B,KAAKmuC,SAAU,EACfnuC,KAAKF,QAAUA,CACjB,CAiDC,OAjDA,4BAKD,SAAKyV,EAA+B64B,GAAiC,kCAAb1tC,EAAI,iCAAJA,EAAI,kBAC1D,OAAO,IAAIwK,SAAQ,SAACT,EAAS6C,GACvB,EAAKsxB,MAAM7+B,OAAS,IAGK,IAAvB,EAAKD,QAAQ2I,QACfhE,EAAAA,EAAAA,IACE,iJAKN,EAAKm6B,MAAM3zB,KAAK,CACdsK,OAAAA,EACA64B,WAAAA,EACA1tC,KAAAA,EACA+J,QAAAA,EACA6C,OAAAA,IAEF,EAAKwL,KACP,GACF,GAAC,iBAED,WAAM,WACJ,IAAI9Y,KAAKmuC,SAGiB,IAAtBnuC,KAAK4+B,MAAM7+B,OAAf,CAGAC,KAAKmuC,SAAU,EAEf,IAAIE,EAAYruC,KAAK4+B,MAAMp6B,QACvBmH,EAAM0iC,EAAU94B,OAAO0P,MAAMopB,EAAUD,WAAYC,EAAU3tC,OAC7D4tC,EAAAA,EAAAA,IAAU3iC,GACXA,EAAyBxB,KAAKkkC,EAAU5jC,QAAS4jC,EAAU/gC,QAAQoe,SAAQ,WAC1E,EAAKyiB,SAAU,EACf,EAAKr1B,KACP,KAEAu1B,EAAU5jC,QAAQkB,GAClB3L,KAAKmuC,SAAU,EACfnuC,KAAK8Y,MAbP,CAeF,KAAC,EA1DsB,qCCjBlB,SAASy1B,IACd,MAAsB,oBAAX5pC,OACFA,OAAOiT,QACc,oBAAZA,QACTA,aAEP,CAEJ,CAEO,SAASvO,IACd,IAAImlC,EAAgBD,IAGpB,OAAIC,GAAiBA,EAAcrlC,IAC1BqlC,EAEF,CACLrlC,IAAK,WAAY,EACjB1E,KAAM,WAAY,EAClB6E,MAAO,WAAY,EACnBC,SAAU,WAAY,EAE1B,CAEO,SAAS9E,EAAKqnB,GAEnBziB,IAAa5E,KAAK,yBAA2BqnB,EAE/C,CAEO,SAAS2iB,EAAU3iB,GAExBziB,IAAa5E,KAAK,gCAAkCqnB,EAEtD,CAEO,SAAS4iB,EAAc5iB,EAAM5e,GAClC,OAAO,WAEL,OADAuhC,EAAU3iB,GACH5e,EAAG+X,MAAM,KAAMnkB,UACxB,CACF,u+BC3CO,SAAS6tC,EAAezrB,GAC7B,IAAIxgB,EAAQwgB,EAAIgF,MAAM,QAClB0mB,EAAUltC,KAAKmtC,IAAInsC,EAAM,GAAIA,EAAM,GAAK,EAAGA,EAAM,GAAIA,EAAM,GAAIA,EAAM,GAAIA,EAAM,IAGnF,OAFc,IAAIhB,KAAKktC,GAERhtC,aACjB,CAEO,SAASipC,EAAgB9qC,GAG9B,IAFA,IACIgM,EAAS,GACJqO,EAAI,EAA8BA,EAAIra,IAAUqa,EACvDrO,GAHkB,gEAGMD,KAAKsH,MADV07B,GACgBhjC,KAAKC,WAE1C,OAAOA,CACT,CAEO,SAASgjC,EAAM1iC,GACpB,OAAO,IAAInB,SAAQ,SAAST,GAC1BmB,WAAWnB,EAAS4B,EACtB,GACF,CAEO,SAAS2iC,EAAO9rB,EAAK+rB,GAC1B,IAAMvsC,EAAQwgB,EAAI/gB,MAAM8sC,GACxB,MAAO,CACLvsC,EAAM,GACNA,EAAMwsC,OAAO,EAAGxsC,EAAM3C,QAAQ6C,KAAKqsC,GAEvC,6IC7BO,SAASj3B,EAAK9K,EAAIiiC,GACvB,IAAIC,EAAiBr6B,MAAMzU,UAAUqC,MAAM8U,KAAK3W,UAAW,GAC3D,OAAO,WACL,IAAIJ,EAAOqU,MAAMzU,UAAUqC,MAAM8U,KAAK3W,WAEtC,OADAJ,EAAO0uC,EAAe35B,OAAO/U,GACtBwM,EAAG+X,MAAMkqB,EAAKzuC,EACvB,CACF,CAGO,SAAS2uC,IAEd,IAAIC,EAAOxuC,UAAU,GAWrB,MATe,GAAG6B,MAAM8U,KAAK3W,UAAW,GAC/B4E,SAAQ,SAAS4P,GACxB,IAAK,IAAIi6B,KAAQj6B,EAEX/U,OAAOD,UAAUq0B,eAAeld,KAAKnC,EAAKi6B,SAAuB5gC,IAAd2G,EAAIi6B,KACzDD,EAAKC,GAAQj6B,EAAIi6B,GAGvB,IACOD,CACT,CAEO,SAASrvC,EAAWqV,GACzB,IAAIk6B,EAAU,CAAC,EACf,IAAK,IAAID,KAAQj6B,EACf,GAAI/U,OAAOD,UAAUq0B,eAAeld,KAAKnC,EAAKi6B,GAAO,CACnD,IAAIjuC,EAAQgU,EAAIi6B,GACZjuC,UACFkuC,EAAQD,GAAQjuC,EAEpB,CAEF,OAAOkuC,CACT,CAEO,SAASrqB,EAAM7P,GACpB,GAAIA,EAAK,CACP,IAAI4N,EAAMrd,KAAKE,UAAUuP,GACzB,GAAI4N,EACF,OAAOrd,KAAKC,MAAMod,EAEtB,CACA,OAAO5N,CACT,CAGO,SAASw3B,EAAKx3B,GAEH,IAAhB,IAAIm6B,EAAS,CAAC,EAAE,mBAFWC,EAAK,iCAALA,EAAK,kBAGhC,IAAK,IAAI1oB,KAAK1R,EACR/U,OAAOD,UAAUq0B,eAAeld,KAAKnC,EAAK0R,KAA2B,GAArB0oB,EAAM9pC,QAAQohB,KAChEyoB,EAAOzoB,GAAK1R,EAAI0R,IAGpB,OAAO7B,EAAMsqB,EACf,CAEO,SAAS95B,EAAKg6B,EAAYjK,GAE/B,IADA,IAAItrB,EAAIu1B,EAAW5vC,OACZqa,KAAK,CACV,IAAIsU,EAAOihB,EAAWv1B,GAClBw1B,GAAQ,EACZ,IAAK,IAAIL,KAAQ7J,EACf,GAAKnlC,OAAOD,UAAUq0B,eAAeld,KAAKiuB,EAAc6J,IAGpD7gB,EAAK6gB,KAAU7J,EAAa6J,GAAO,CACrCK,GAAQ,EACR,KACF,CAEF,GAAIA,EACF,OAAOlhB,CAEX,CACF,CAEO,SAASse,EAAQ13B,EAAKu6B,EAAUC,GACrC,GAAKx6B,GAAQA,EAAI0b,OAAjB,CAIA,IAAId,EAAO/K,EAAM7P,EAAI0b,OAAO6e,IAG5B,OAAI3f,GAAQA,EAAK9pB,MAAQ0pC,EACnB5f,EAAK9pB,OAAS0pC,EACT5f,OADT,EAIOA,CAVT,CAYF,qNChGO,SAASjD,EAAS3X,GACvB,MAA+C,oBAAxC/U,OAAOD,UAAU0L,SAASyL,KAAKnC,EACxC,CAEO,SAAS0W,EAAS1W,GACvB,MAA+C,oBAAxC/U,OAAOD,UAAU0L,SAASyL,KAAKnC,EACxC,CAEO,SAASy6B,EAASz6B,GACvB,MAA+C,oBAAxC/U,OAAOD,UAAU0L,SAASyL,KAAKnC,EACxC,CAEO,SAASmT,EAAWvb,GACzB,QAASA,GAA+B,sBAAzB,CAAC,EAAElB,SAASyL,KAAKvK,EAClC,CAEO,SAASohC,EAAUh5B,GACxB,OAAOA,GAAOA,EAAIoW,SAAmC,mBAAhBpW,EAAIoW,OAC3C,qKClBO,SAASmD,EAAcnM,GAC5B,MAAO,uBAAuBwG,KAAKxG,EACrC,CAEO,SAAS0jB,IAAiC,IAAnB1jB,EAAM,UAAH,6CAAG,GAAIuoB,EAAO,uCAC7C,OAAIpc,EAAcnM,GACTA,GAETuoB,EAAU/E,EAAoB+E,GACZ,MAAXvoB,EAAI,GAAa,GAAH,OAAMuoB,GAAO,OAAGvoB,GAAG,UAAQuoB,EAAO,YAAIvoB,GAC7D,CAEO,SAASstB,IAAiC,IAAnBttB,EAAM,UAAH,6CAAG,GAAIuoB,EAAO,uCAK7C,OAJIpc,EAAcnM,KAChBA,EAAMA,EAAIzW,UAAUg/B,EAAQlrC,SAGZ,MAAX2iB,EAAI,GAAaA,EAAM,IAAH,OAAOA,EACpC,CAEO,SAASqI,EAAczV,GAC5B,IAAI4N,EAAM,GACV,GAAY,OAAR5N,EACF,IAAK,IAAItU,KAAOsU,EACV/U,OAAOD,UAAUq0B,eAAeld,KAAKnC,EAAKtU,SAC7B2N,IAAb2G,EAAItU,IACS,OAAbsU,EAAItU,IACNkiB,EAAIjY,KAAKjK,EAAM,IAAMa,mBAAmByT,EAAItU,KAIlD,OAAIkiB,EAAInjB,OACC,IAAMmjB,EAAItgB,KAAK,KAEf,EAEX,CAEO,SAASsjC,EAAoB9iC,GAClC,GAAKA,EAAL,CAIA,IAAI6sC,EAAU7sC,EAAKtB,QAAQ,cAAc,IAIzC,OAFUmuC,EAAQnuC,QAAQ,OAAQ,GAJlC,CAOF,qKC5Da,oKAEPouC,EAAW,uBAFJ,IAEI,GAFJ,EAEI,EAFJ,+YAGZ,WAAYC,GAAQ,MAEO,OAFP,WACnB,cAAMA,GAAU,yBACX/pC,KAAO,cAAc,CAC3B,CAIC,OAJA,2BAED,WACC,OAAO,CACR,KAAC,EARe,CAFJ,OAUX,CARwBqH,QAWpBjD,EAAW,WAWhB,WAAY4lC,GAAU,qBACrBpwC,KAAKqwC,gBAAkB,GACvBrwC,KAAKswC,YAAa,EAClBtwC,KAAKuwC,aAAc,EACnBvwC,KAAKwwC,iBAAkB,EAEvBxwC,KAAKywC,SAAW,IAAIvlC,SAAQ,SAACT,EAAS6C,GACrC,EAAKojC,QAAUpjC,EAEf,IAYM3C,EAAW,SAAAS,GAChB,IAAK,EAAKklC,WACT,MAAM,IAAI7iC,MAAM,kEAGjB,EAAK4iC,gBAAgBplC,KAAKG,EAC3B,EAWA,OATA7K,OAAOowC,iBAAiBhmC,EAAU,CACjCC,aAAc,CACbrI,IAAK,kBAAM,EAAKiuC,eAAe,EAC/BnvC,IAAK,SAAAuvC,GACJ,EAAKJ,gBAAkBI,CACxB,KAIKR,GA7BW,SAAA9uC,GACZ,EAAKivC,aAAgB5lC,EAASC,eAClC,EAAK0lC,YAAa,EAClB7lC,EAAQnJ,GAEV,IAEiB,SAAAyI,GAChB,EAAKumC,YAAa,EAClBhjC,EAAOvD,EACR,GAmBqCY,EACtC,GACD,CA1CC,OA0CA,uBAED,SAAKkmC,EAAaC,GAEjB,OAAO9wC,KAAKywC,SAAStmC,KAAK0mC,EAAaC,EACxC,GAAC,mBAED,SAAMA,GACL,OAAO9wC,KAAKywC,SAAStlC,MAAM2lC,EAC5B,GAAC,qBAED,SAAQC,GACP,OAAO/wC,KAAKywC,SAAS/kB,QAAQqlB,EAC9B,GAAC,oBAED,SAAOZ,GACN,GAAKnwC,KAAKswC,aAActwC,KAAKuwC,YAA7B,CAMA,GAFAvwC,KAAKuwC,aAAc,EAEfvwC,KAAKqwC,gBAAgBtwC,OAAS,EACjC,IAAI,IACuC,EADvC,EAvFM,25BAuFN,CACmBC,KAAKqwC,iBAAe,IAA1C,IAAK,EAAL,sBACCjlC,EADiB,UAEjB,+BACF,CAAE,MAAOrB,GAER,YADA/J,KAAK0wC,QAAQ3mC,EAEd,CAGG/J,KAAKwwC,iBACRxwC,KAAK0wC,QAAQ,IAAIR,EAAYC,GAhB9B,CAkBD,GAAC,sBAED,WACC,OAAOnwC,KAAKuwC,WACb,IAAC,iBA1FD,SAAUS,GACT,OAAO,WAAmB,2BAAfC,EAAU,yBAAVA,EAAU,gBACpB,OAAO,IAAIzmC,GAAY,SAACC,EAAS6C,EAAQ3C,GACxCsmC,EAAWhmC,KAAKN,GAEhBqmC,EAAM,aAAIC,GAAY9mC,KAAKM,EAAS6C,EACrC,GACD,CACD,KAAC,EATe,GA8FjB/M,OAAO0mB,eAAezc,EAAYlK,UAAW4K,QAAQ5K,WAErDf,EAAOD,QAAUkL,EACjBjL,EAAOD,QAAQ4wC,YAAcA,sBC9G7B,IAAI7kB,EAAyB,oBAAT3rB,KAAuBA,KAAOM,KAC9CkxC,EAAW,WACf,SAASC,IACTnxC,KAAKsrB,OAAQ,EACbtrB,KAAKoxC,aAAe/lB,EAAO+lB,YAC3B,CAEA,OADAD,EAAE7wC,UAAY+qB,EACP,IAAI8lB,CACV,CAPc,IAQf,SAAUzxC,IAEO,SAAWJ,GAE1B,IAAI+xC,EAAU,CACZ3L,aAAc,oBAAqBhmC,EACnC4xC,SAAU,WAAY5xC,GAAQ,aAAc4O,OAC5CijC,KACE,eAAgB7xC,GAChB,SAAUA,GACV,WACE,IAEE,OADA,IAAI8xC,MACG,CACT,CAAE,MAAOzuC,GACP,OAAO,CACT,CACD,CAPD,GAQF0uC,SAAU,aAAc/xC,EACxBolB,YAAa,gBAAiBplB,GAOhC,GAAI2xC,EAAQvsB,YACV,IAAI4sB,EAAc,CAChB,qBACA,sBACA,6BACA,sBACA,uBACA,sBACA,uBACA,wBACA,yBAGEC,EACFC,YAAYC,QACZ,SAASv8B,GACP,OAAOA,GAAOo8B,EAAY9rC,QAAQrF,OAAOD,UAAU0L,SAASyL,KAAKnC,KAAS,CAC5E,EAGJ,SAASw8B,EAAc1rC,GAIrB,GAHoB,iBAATA,IACTA,EAAOie,OAAOje,IAEZ,4BAA4B8iB,KAAK9iB,GACnC,MAAM,IAAI0gB,UAAU,0CAEtB,OAAO1gB,EAAKqO,aACd,CAEA,SAASs9B,EAAezwC,GAItB,MAHqB,iBAAVA,IACTA,EAAQ+iB,OAAO/iB,IAEVA,CACT,CAGA,SAAS0wC,EAAYC,GACnB,IAAI5jC,EAAW,CACbE,KAAM,WACJ,IAAIjN,EAAQ2wC,EAAMztC,QAClB,MAAO,CAAC0tC,UAAgBvjC,IAAVrN,EAAqBA,MAAOA,EAC5C,GASF,OANI+vC,EAAQC,WACVjjC,EAASC,OAAOD,UAAY,WAC1B,OAAOA,CACT,GAGKA,CACT,CAEA,SAAS8jC,EAAQ3pB,GACfxoB,KAAK+N,IAAM,CAAC,EAERya,aAAmB2pB,EACrB3pB,EAAQ9iB,SAAQ,SAASpE,EAAO8E,GAC9BpG,KAAK2lC,OAAOv/B,EAAM9E,EACpB,GAAGtB,MACM+U,MAAM0Z,QAAQjG,GACvBA,EAAQ9iB,SAAQ,SAASuiB,GACvBjoB,KAAK2lC,OAAO1d,EAAO,GAAIA,EAAO,GAChC,GAAGjoB,MACMwoB,GACTjoB,OAAO6xC,oBAAoB5pB,GAAS9iB,SAAQ,SAASU,GACnDpG,KAAK2lC,OAAOv/B,EAAMoiB,EAAQpiB,GAC5B,GAAGpG,KAEP,CA8DA,SAASqyC,EAASpnB,GAChB,GAAIA,EAAKqnB,SACP,OAAOpnC,QAAQoC,OAAO,IAAIwZ,UAAU,iBAEtCmE,EAAKqnB,UAAW,CAClB,CAEA,SAASC,EAAgBC,GACvB,OAAO,IAAItnC,SAAQ,SAAST,EAAS6C,GACnCklC,EAAOC,OAAS,WACdhoC,EAAQ+nC,EAAOthC,OACjB,EACAshC,EAAOxhC,QAAU,WACf1D,EAAOklC,EAAOzoC,MAChB,CACF,GACF,CAEA,SAAS2oC,EAAsBnB,GAC7B,IAAIiB,EAAS,IAAIG,WACb3kB,EAAUukB,EAAgBC,GAE9B,OADAA,EAAOI,kBAAkBrB,GAClBvjB,CACT,CAmBA,SAAS6kB,EAAYC,GACnB,GAAIA,EAAInwC,MACN,OAAOmwC,EAAInwC,MAAM,GAEjB,IAAIowC,EAAO,IAAIlvB,WAAWivB,EAAIE,YAE9B,OADAD,EAAK1xC,IAAI,IAAIwiB,WAAWivB,IACjBC,EAAKnvB,MAEhB,CAEA,SAASqvB,IA0FP,OAzFAjzC,KAAKsyC,UAAW,EAEhBtyC,KAAKkzC,UAAY,SAASjoB,GAhM5B,IAAoB3V,EAiMhBtV,KAAKmzC,UAAYloB,EACZA,EAEsB,iBAATA,EAChBjrB,KAAKozC,UAAYnoB,EACRomB,EAAQE,MAAQC,KAAKlxC,UAAU+yC,cAAcpoB,GACtDjrB,KAAKszC,UAAYroB,EACRomB,EAAQI,UAAY8B,SAASjzC,UAAU+yC,cAAcpoB,GAC9DjrB,KAAKwzC,cAAgBvoB,EACZomB,EAAQ3L,cAAgB+N,gBAAgBnzC,UAAU+yC,cAAcpoB,GACzEjrB,KAAKozC,UAAYnoB,EAAKjf,WACbqlC,EAAQvsB,aAAeusB,EAAQE,OA5M1Bj8B,EA4M6C2V,IA3MjDyoB,SAASpzC,UAAU+yC,cAAc/9B,IA4M3CtV,KAAK2zC,iBAAmBd,EAAY5nB,EAAKrH,QAEzC5jB,KAAKmzC,UAAY,IAAI3B,KAAK,CAACxxC,KAAK2zC,oBACvBtC,EAAQvsB,cAAgB8sB,YAAYtxC,UAAU+yC,cAAcpoB,IAAS0mB,EAAkB1mB,IAChGjrB,KAAK2zC,iBAAmBd,EAAY5nB,GAEpCjrB,KAAKozC,UAAYnoB,EAAO1qB,OAAOD,UAAU0L,SAASyL,KAAKwT,GAhBvDjrB,KAAKozC,UAAY,GAmBdpzC,KAAKwoB,QAAQjmB,IAAI,kBACA,iBAAT0oB,EACTjrB,KAAKwoB,QAAQnnB,IAAI,eAAgB,4BACxBrB,KAAKszC,WAAatzC,KAAKszC,UAAU5lC,KAC1C1N,KAAKwoB,QAAQnnB,IAAI,eAAgBrB,KAAKszC,UAAU5lC,MACvC2jC,EAAQ3L,cAAgB+N,gBAAgBnzC,UAAU+yC,cAAcpoB,IACzEjrB,KAAKwoB,QAAQnnB,IAAI,eAAgB,mDAGvC,EAEIgwC,EAAQE,OACVvxC,KAAKuxC,KAAO,WACV,IAAIqC,EAAWvB,EAASryC,MACxB,GAAI4zC,EACF,OAAOA,EAGT,GAAI5zC,KAAKszC,UACP,OAAOpoC,QAAQT,QAAQzK,KAAKszC,WACvB,GAAItzC,KAAK2zC,iBACd,OAAOzoC,QAAQT,QAAQ,IAAI+mC,KAAK,CAACxxC,KAAK2zC,oBACjC,GAAI3zC,KAAKwzC,cACd,MAAM,IAAI/lC,MAAM,wCAEhB,OAAOvC,QAAQT,QAAQ,IAAI+mC,KAAK,CAACxxC,KAAKozC,YAE1C,EAEApzC,KAAK8kB,YAAc,WACjB,OAAI9kB,KAAK2zC,iBACAtB,EAASryC,OAASkL,QAAQT,QAAQzK,KAAK2zC,kBAEvC3zC,KAAKuxC,OAAOpnC,KAAKuoC,EAE5B,GAGF1yC,KAAK8rB,KAAO,WACV,IA3FoBylB,EAClBiB,EACAxkB,EAyFE4lB,EAAWvB,EAASryC,MACxB,GAAI4zC,EACF,OAAOA,EAGT,GAAI5zC,KAAKszC,UACP,OAjGkB/B,EAiGIvxC,KAAKszC,UA/F3BtlB,EAAUukB,EADVC,EAAS,IAAIG,YAEjBH,EAAOqB,WAAWtC,GACXvjB,EA8FE,GAAIhuB,KAAK2zC,iBACd,OAAOzoC,QAAQT,QA5FrB,SAA+BqoC,GAI7B,IAHA,IAAIC,EAAO,IAAIlvB,WAAWivB,GACtBgB,EAAQ,IAAI/+B,MAAMg+B,EAAKhzC,QAElBc,EAAI,EAAGA,EAAIkyC,EAAKhzC,OAAQc,IAC/BizC,EAAMjzC,GAAKwjB,OAAOC,aAAayuB,EAAKlyC,IAEtC,OAAOizC,EAAMlxC,KAAK,GACpB,CAoF6BmxC,CAAsB/zC,KAAK2zC,mBAC7C,GAAI3zC,KAAKwzC,cACd,MAAM,IAAI/lC,MAAM,wCAEhB,OAAOvC,QAAQT,QAAQzK,KAAKozC,UAEhC,EAEI/B,EAAQI,WACVzxC,KAAKyxC,SAAW,WACd,OAAOzxC,KAAK8rB,OAAO3hB,KAAKw1B,EAC1B,GAGF3/B,KAAK6rB,KAAO,WACV,OAAO7rB,KAAK8rB,OAAO3hB,KAAKtE,KAAKC,MAC/B,EAEO9F,IACT,CA3MAmyC,EAAQ7xC,UAAUqlC,OAAS,SAASv/B,EAAM9E,GACxC8E,EAAO0rC,EAAc1rC,GACrB9E,EAAQywC,EAAezwC,GACvB,IAAI0yC,EAAWh0C,KAAK+N,IAAI3H,GACxBpG,KAAK+N,IAAI3H,GAAQ4tC,EAAWA,EAAW,KAAO1yC,EAAQA,CACxD,EAEA6wC,EAAQ7xC,UAAkB,OAAI,SAAS8F,UAC9BpG,KAAK+N,IAAI+jC,EAAc1rC,GAChC,EAEA+rC,EAAQ7xC,UAAUiC,IAAM,SAAS6D,GAE/B,OADAA,EAAO0rC,EAAc1rC,GACdpG,KAAKgO,IAAI5H,GAAQpG,KAAK+N,IAAI3H,GAAQ,IAC3C,EAEA+rC,EAAQ7xC,UAAU0N,IAAM,SAAS5H,GAC/B,OAAOpG,KAAK+N,IAAI4mB,eAAemd,EAAc1rC,GAC/C,EAEA+rC,EAAQ7xC,UAAUe,IAAM,SAAS+E,EAAM9E,GACrCtB,KAAK+N,IAAI+jC,EAAc1rC,IAAS2rC,EAAezwC,EACjD,EAEA6wC,EAAQ7xC,UAAUoF,QAAU,SAASuuC,EAAUC,GAC7C,IAAK,IAAI9tC,KAAQpG,KAAK+N,IAChB/N,KAAK+N,IAAI4mB,eAAevuB,IAC1B6tC,EAASx8B,KAAKy8B,EAASl0C,KAAK+N,IAAI3H,GAAOA,EAAMpG,KAGnD,EAEAmyC,EAAQ7xC,UAAUmF,KAAO,WACvB,IAAIwsC,EAAQ,GAIZ,OAHAjyC,KAAK0F,SAAQ,SAASpE,EAAO8E,GAC3B6rC,EAAMhnC,KAAK7E,EACb,IACO4rC,EAAYC,EACrB,EAEAE,EAAQ7xC,UAAU+f,OAAS,WACzB,IAAI4xB,EAAQ,GAIZ,OAHAjyC,KAAK0F,SAAQ,SAASpE,GACpB2wC,EAAMhnC,KAAK3J,EACb,IACO0wC,EAAYC,EACrB,EAEAE,EAAQ7xC,UAAUogB,QAAU,WAC1B,IAAIuxB,EAAQ,GAIZ,OAHAjyC,KAAK0F,SAAQ,SAASpE,EAAO8E,GAC3B6rC,EAAMhnC,KAAK,CAAC7E,EAAM9E,GACpB,IACO0wC,EAAYC,EACrB,EAEIZ,EAAQC,WACVa,EAAQ7xC,UAAUgO,OAAOD,UAAY8jC,EAAQ7xC,UAAUogB,SAqJzD,IAAIxR,EAAU,CAAC,SAAU,MAAO,OAAQ,UAAW,OAAQ,OAO3D,SAASilC,EAAQC,EAAOt0C,GAEtB,IAPuByV,EACnB8+B,EAMAppB,GADJnrB,EAAUA,GAAW,CAAC,GACHmrB,KAEnB,GAAImpB,aAAiBD,EAAS,CAC5B,GAAIC,EAAM9B,SACR,MAAM,IAAIxrB,UAAU,gBAEtB9mB,KAAK0iB,IAAM0xB,EAAM1xB,IACjB1iB,KAAKwrB,YAAc4oB,EAAM5oB,YACpB1rB,EAAQ0oB,UACXxoB,KAAKwoB,QAAU,IAAI2pB,EAAQiC,EAAM5rB,UAEnCxoB,KAAKuV,OAAS6+B,EAAM7+B,OACpBvV,KAAKs0C,KAAOF,EAAME,KAClBt0C,KAAKwa,OAAS45B,EAAM55B,OACfyQ,GAA2B,MAAnBmpB,EAAMjB,YACjBloB,EAAOmpB,EAAMjB,UACbiB,EAAM9B,UAAW,EAErB,MACEtyC,KAAK0iB,IAAM2B,OAAO+vB,GAYpB,GATAp0C,KAAKwrB,YAAc1rB,EAAQ0rB,aAAexrB,KAAKwrB,aAAe,eAC1D1rB,EAAQ0oB,SAAYxoB,KAAKwoB,UAC3BxoB,KAAKwoB,QAAU,IAAI2pB,EAAQryC,EAAQ0oB,UAErCxoB,KAAKuV,QAhCD8+B,GADmB9+B,EAiCOzV,EAAQyV,QAAUvV,KAAKuV,QAAU,OAhC1Cg/B,cACdrlC,EAAQtJ,QAAQyuC,IAAY,EAAIA,EAAU9+B,GAgCjDvV,KAAKs0C,KAAOx0C,EAAQw0C,MAAQt0C,KAAKs0C,MAAQ,KACzCt0C,KAAKwa,OAAS1a,EAAQ0a,QAAUxa,KAAKwa,OACrCxa,KAAKw0C,SAAW,MAEK,QAAhBx0C,KAAKuV,QAAoC,SAAhBvV,KAAKuV,SAAsB0V,EACvD,MAAM,IAAInE,UAAU,6CAEtB9mB,KAAKkzC,UAAUjoB,EACjB,CAMA,SAAS0U,EAAO1U,GACd,IAAIwpB,EAAO,IAAIlB,SAYf,OAXAtoB,EACGypB,OACAvyC,MAAM,KACNuD,SAAQ,SAASivC,GAChB,GAAIA,EAAO,CACT,IAAIxyC,EAAQwyC,EAAMxyC,MAAM,KACpBiE,EAAOjE,EAAMqC,QAAQ1C,QAAQ,MAAO,KACpCR,EAAQa,EAAMS,KAAK,KAAKd,QAAQ,MAAO,KAC3C2yC,EAAK9O,OAAO5jC,mBAAmBqE,GAAOrE,mBAAmBT,GAC3D,CACF,IACKmzC,CACT,CAoBA,SAASG,EAASC,EAAU/0C,GACrBA,IACHA,EAAU,CAAC,GAGbE,KAAK0N,KAAO,UACZ1N,KAAKoJ,YAA4BuF,IAAnB7O,EAAQsJ,OAAuB,IAAMtJ,EAAQsJ,OAC3DpJ,KAAK4rB,GAAK5rB,KAAKoJ,QAAU,KAAOpJ,KAAKoJ,OAAS,IAC9CpJ,KAAK80C,WAAa,eAAgBh1C,EAAUA,EAAQg1C,WAAa,KACjE90C,KAAKwoB,QAAU,IAAI2pB,EAAQryC,EAAQ0oB,SACnCxoB,KAAK0iB,IAAM5iB,EAAQ4iB,KAAO,GAC1B1iB,KAAKkzC,UAAU2B,EACjB,CAlDAV,EAAQ7zC,UAAU6kB,MAAQ,WACxB,OAAO,IAAIgvB,EAAQn0C,KAAM,CAACirB,KAAMjrB,KAAKmzC,WACvC,EAkCAF,EAAKx7B,KAAK08B,EAAQ7zC,WAgBlB2yC,EAAKx7B,KAAKm9B,EAASt0C,WAEnBs0C,EAASt0C,UAAU6kB,MAAQ,WACzB,OAAO,IAAIyvB,EAAS50C,KAAKmzC,UAAW,CAClC/pC,OAAQpJ,KAAKoJ,OACb0rC,WAAY90C,KAAK80C,WACjBtsB,QAAS,IAAI2pB,EAAQnyC,KAAKwoB,SAC1B9F,IAAK1iB,KAAK0iB,KAEd,EAEAkyB,EAAS7qC,MAAQ,WACf,IAAI4hB,EAAW,IAAIipB,EAAS,KAAM,CAACxrC,OAAQ,EAAG0rC,WAAY,KAE1D,OADAnpB,EAASje,KAAO,QACTie,CACT,EAEA,IAAIopB,EAAmB,CAAC,IAAK,IAAK,IAAK,IAAK,KAE5CH,EAASI,SAAW,SAAStyB,EAAKtZ,GAChC,IAA0C,IAAtC2rC,EAAiBnvC,QAAQwD,GAC3B,MAAM,IAAI6rC,WAAW,uBAGvB,OAAO,IAAIL,EAAS,KAAM,CAACxrC,OAAQA,EAAQof,QAAS,CAAC/F,SAAUC,IACjE,EAEApjB,EAAQ8xC,aAAe1xC,EAAK0xC,aAC5B,IACE,IAAI9xC,EAAQ8xC,YACd,CAAE,MAAO/jC,GACP/N,EAAQ8xC,aAAe,SAASn7B,EAAS7P,GACvCpG,KAAKiW,QAAUA,EACfjW,KAAKoG,KAAOA,EACZ,IAAI2D,EAAQ0D,MAAMwI,GAClBjW,KAAKk1C,MAAQnrC,EAAMmrC,KACrB,EACA51C,EAAQ8xC,aAAa9wC,UAAYC,OAAO+B,OAAOmL,MAAMnN,WACrDhB,EAAQ8xC,aAAa9wC,UAAU6mB,YAAc7nB,EAAQ8xC,YACvD,CAEA,SAAS9lB,EAAM8oB,EAAOlzC,GACpB,OAAO,IAAIgK,SAAQ,SAAST,EAAS6C,GACnC,IAAIiN,EAAU,IAAI45B,EAAQC,EAAOlzC,GAEjC,GAAIqZ,EAAQC,QAAUD,EAAQC,OAAO26B,QACnC,OAAO7nC,EAAO,IAAIhO,EAAQ8xC,aAAa,UAAW,eAGpD,IAAIxrB,EAAM,IAAIwvB,eAEd,SAASC,IACPzvB,EAAI/K,OACN,CAEA+K,EAAI6sB,OAAS,WACX,IAxFgB6C,EAChB9sB,EAuFI1oB,EAAU,CACZsJ,OAAQwc,EAAIxc,OACZ0rC,WAAYlvB,EAAIkvB,WAChBtsB,SA3Fc8sB,EA2FQ1vB,EAAI2vB,yBAA2B,GA1FvD/sB,EAAU,IAAI2pB,EAGQmD,EAAWxzC,QAAQ,eAAgB,KACzCK,MAAM,SAASuD,SAAQ,SAAS8vC,GAClD,IAAI9yC,EAAQ8yC,EAAKrzC,MAAM,KACnBnB,EAAM0B,EAAM8B,QAAQkwC,OACxB,GAAI1zC,EAAK,CACP,IAAIM,EAAQoB,EAAME,KAAK,KAAK8xC,OAC5BlsB,EAAQmd,OAAO3kC,EAAKM,EACtB,CACF,IACOknB,IAgFH1oB,EAAQ4iB,IAAM,gBAAiBkD,EAAMA,EAAI6vB,YAAc31C,EAAQ0oB,QAAQjmB,IAAI,iBAC3E,IAAI0oB,EAAO,aAAcrF,EAAMA,EAAI+F,SAAW/F,EAAIsG,aAClDzhB,EAAQ,IAAImqC,EAAS3pB,EAAMnrB,GAC7B,EAEA8lB,EAAI5U,QAAU,WACZ1D,EAAO,IAAIwZ,UAAU,0BACvB,EAEAlB,EAAI8vB,UAAY,WACdpoC,EAAO,IAAIwZ,UAAU,0BACvB,EAEAlB,EAAI+vB,QAAU,WACZroC,EAAO,IAAIhO,EAAQ8xC,aAAa,UAAW,cAC7C,EAEAxrB,EAAIpT,KAAK+H,EAAQhF,OAAQgF,EAAQmI,KAAK,GAEV,YAAxBnI,EAAQiR,YACV5F,EAAI6F,iBAAkB,EACW,SAAxBlR,EAAQiR,cACjB5F,EAAI6F,iBAAkB,GAGpB,iBAAkB7F,GAAOyrB,EAAQE,OACnC3rB,EAAIuG,aAAe,QAGrB5R,EAAQiO,QAAQ9iB,SAAQ,SAASpE,EAAO8E,GACtCwf,EAAI2E,iBAAiBnkB,EAAM9E,EAC7B,IAEIiZ,EAAQC,SACVD,EAAQC,OAAOxG,iBAAiB,QAASqhC,GAEzCzvB,EAAIgwB,mBAAqB,WAEA,IAAnBhwB,EAAIiwB,YACNt7B,EAAQC,OAAOtG,oBAAoB,QAASmhC,EAEhD,GAGFzvB,EAAIkwB,UAAkC,IAAtBv7B,EAAQ44B,UAA4B,KAAO54B,EAAQ44B,UACrE,GACF,CAEA7nB,EAAMyqB,UAAW,EAEZr2C,EAAK4rB,QACR5rB,EAAK4rB,MAAQA,EACb5rB,EAAKyyC,QAAUA,EACfzyC,EAAKy0C,QAAUA,EACfz0C,EAAKk1C,SAAWA,GAGlBt1C,EAAQ6yC,QAAUA,EAClB7yC,EAAQ60C,QAAUA,EAClB70C,EAAQs1C,SAAWA,EACnBt1C,EAAQgsB,MAAQA,EAEhB/qB,OAAOy1C,eAAe12C,EAAS,aAAc,CAAEgC,OAAO,GAIvD,CAhhBgB,CAghBd,CAAC,EACH,CAnhBD,CAmhBG4vC,GACHA,EAAS5lB,MAAM2qB,UAAW,SAEnB/E,EAAS5lB,MAAMyqB,SAGtB,IAAI5G,EAAM+B,GACV5xC,EAAU6vC,EAAI7jB,OACd,QAAkB6jB,EAAI7jB,MACtBhsB,EAAQgsB,MAAQ6jB,EAAI7jB,MACpBhsB,EAAQ6yC,QAAUhD,EAAIgD,QACtB7yC,EAAQ60C,QAAUhF,EAAIgF,QACtB70C,EAAQs1C,SAAWzF,EAAIyF,SACvBr1C,EAAOD,QAAUA,oBCziBjB,SAAS42C,IAGT,CAEAA,EAAE51C,UAAY,CACZqI,GAAI,SAAUvC,EAAM6tC,EAAU9E,GAC5B,IAAIpsC,EAAI/C,KAAK+C,IAAM/C,KAAK+C,EAAI,CAAC,GAO7B,OALCA,EAAEqD,KAAUrD,EAAEqD,GAAQ,KAAK6E,KAAK,CAC/BiC,GAAI+mC,EACJ9E,IAAKA,IAGAnvC,IACT,EAEAm2C,KAAM,SAAU/vC,EAAM6tC,EAAU9E,GAC9B,IAAIzvC,EAAOM,KACX,SAAS8T,IACPpU,EAAK2L,IAAIjF,EAAM0N,GACfmgC,EAAShvB,MAAMkqB,EAAKruC,UACtB,CAGA,OADAgT,EAASpJ,EAAIupC,EACNj0C,KAAK2I,GAAGvC,EAAM0N,EAAUq7B,EACjC,EAEAnlC,KAAM,SAAU5D,GAMd,IALA,IAAIZ,EAAO,GAAG7C,MAAM8U,KAAK3W,UAAW,GAChCs1C,IAAWp2C,KAAK+C,IAAM/C,KAAK+C,EAAI,CAAC,IAAIqD,IAAS,IAAIzD,QACjD9B,EAAI,EACJw1C,EAAMD,EAAOr2C,OAETc,EAAIw1C,EAAKx1C,IACfu1C,EAAOv1C,GAAGqM,GAAG+X,MAAMmxB,EAAOv1C,GAAGsuC,IAAK3pC,GAGpC,OAAOxF,IACT,EAEAqL,IAAK,SAAUjF,EAAM6tC,GACnB,IAAIlxC,EAAI/C,KAAK+C,IAAM/C,KAAK+C,EAAI,CAAC,GACzBuzC,EAAOvzC,EAAEqD,GACTmwC,EAAa,GAEjB,GAAID,GAAQrC,EACV,IAAK,IAAIpzC,EAAI,EAAGw1C,EAAMC,EAAKv2C,OAAQc,EAAIw1C,EAAKx1C,IACtCy1C,EAAKz1C,GAAGqM,KAAO+mC,GAAYqC,EAAKz1C,GAAGqM,GAAGxC,IAAMupC,GAC9CsC,EAAWtrC,KAAKqrC,EAAKz1C,IAY3B,OAJC01C,EAAiB,OACdxzC,EAAEqD,GAAQmwC,SACHxzC,EAAEqD,GAENpG,IACT,GAGFT,EAAOD,QAAU42C,oBC7DjB32C,EAAOD,QAJP,SAAgCyD,GAC9B,QAAI,IAAWA,EAAG,MAAM,IAAIyzC,eAAe,6DAC3C,OAAOzzC,CACT,EACyCxD,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BCD9GC,EAAOD,QAHP,SAAyBilB,EAAGsC,GAC1B,KAAMtC,aAAasC,GAAI,MAAM,IAAIC,UAAU,oCAC7C,EACkCvnB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCHvG,IAAIo3C,EAA2B,EAAQ,MACnCzvB,EAAiB,EAAQ,MAQ7B1nB,EAAOD,QAPP,SAAoBgnB,EAAGvjB,EAAG4jB,GACxB,GAAI+vB,IAA4B,OAAOlwB,QAAQC,UAAUxB,MAAM,KAAMnkB,WACrE,IAAIoW,EAAI,CAAC,MACTA,EAAEjM,KAAKga,MAAM/N,EAAGnU,GAChB,IAAIikB,EAAI,IAAKV,EAAEtO,KAAKiN,MAAMqB,EAAGpP,IAC7B,OAAOyP,GAAKM,EAAeD,EAAGL,EAAErmB,WAAY0mB,CAC9C,EAC6BznB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCTlG,IAAIq3C,EAAgB,EAAQ,MAC5B,SAASC,EAAkB7zC,EAAG4jB,GAC5B,IAAK,IAAIL,EAAI,EAAGA,EAAIK,EAAE5mB,OAAQumB,IAAK,CACjC,IAAIpP,EAAIyP,EAAEL,GACVpP,EAAEkQ,WAAalQ,EAAEkQ,aAAc,EAAIlQ,EAAEoQ,cAAe,EAAI,UAAWpQ,IAAMA,EAAEmQ,UAAW,GAAK9mB,OAAOy1C,eAAejzC,EAAG4zC,EAAcz/B,EAAElW,KAAMkW,EAC5I,CACF,CAMA3X,EAAOD,QALP,SAAsByD,EAAG4jB,EAAGL,GAC1B,OAAOK,GAAKiwB,EAAkB7zC,EAAEzC,UAAWqmB,GAAIL,GAAKswB,EAAkB7zC,EAAGujB,GAAI/lB,OAAOy1C,eAAejzC,EAAG,YAAa,CACjHskB,UAAU,IACRtkB,CACN,EAC+BxD,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BCZpG,SAASu3C,EAAgBvwB,GACvB,OAAO/mB,EAAOD,QAAUu3C,EAAkBt2C,OAAO0mB,eAAiB1mB,OAAO2mB,eAAelP,OAAS,SAAUsO,GACzG,OAAOA,EAAEwwB,WAAav2C,OAAO2mB,eAAeZ,EAC9C,EAAG/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,QAASu3C,EAAgBvwB,EACnG,CACA/mB,EAAOD,QAAUu3C,EAAiBt3C,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCLvG,IAAI2nB,EAAiB,EAAQ,MAa7B1nB,EAAOD,QAZP,SAAmBgnB,EAAGvjB,GACpB,GAAI,mBAAqBA,GAAK,OAASA,EAAG,MAAM,IAAI+jB,UAAU,sDAC9DR,EAAEhmB,UAAYC,OAAO+B,OAAOS,GAAKA,EAAEzC,UAAW,CAC5C6mB,YAAa,CACX7lB,MAAOglB,EACPe,UAAU,EACVC,cAAc,KAEd/mB,OAAOy1C,eAAe1vB,EAAG,YAAa,CACxCe,UAAU,IACRtkB,GAAKkkB,EAAeX,EAAGvjB,EAC7B,EAC4BxD,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BCNjGC,EAAOD,QAPP,SAA2BgnB,GACzB,IACE,OAAQ,IAAMM,SAAS5a,SAASyL,KAAK6O,GAAG1gB,QAAQ,gBAClD,CAAE,MAAOihB,GACP,MAAO,mBAAqBP,CAC9B,CACF,EACoC/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BCPzG,SAAS+mB,IACP,IACE,IAAIC,GAAK5Q,QAAQpV,UAAUimB,QAAQ9O,KAAK+O,QAAQC,UAAU/Q,QAAS,IAAI,WAAa,IACtF,CAAE,MAAO4Q,GAAI,CACb,OAAQ/mB,EAAOD,QAAU+mB,EAA4B,WACnD,QAASC,CACX,EAAG/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,UAC1E,CACAC,EAAOD,QAAU+mB,EAA2B9mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCRjH,IAAIy3C,EAAU,gBACVC,EAAwB,EAAQ,MAMpCz3C,EAAOD,QALP,SAAoCgnB,EAAGvjB,GACrC,GAAIA,IAAM,UAAYg0C,EAAQh0C,IAAM,mBAAqBA,GAAI,OAAOA,EACpE,QAAI,IAAWA,EAAG,MAAM,IAAI+jB,UAAU,4DACtC,OAAOkwB,EAAsB1wB,EAC/B,EAC6C/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCPlH,IAAIy3C,EAAU,gBACd,SAASE,IACP,aACA13C,EAAOD,QAAU23C,EAAsB,WACrC,OAAOl0C,CACT,EAAGxD,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,QACxE,IAAIgnB,EACFvjB,EAAI,CAAC,EACL4jB,EAAIpmB,OAAOD,UACXumB,EAAIF,EAAEgO,eACNzd,EAAI3W,OAAOy1C,gBAAkB,SAAU1vB,EAAGvjB,EAAG4jB,GAC3CL,EAAEvjB,GAAK4jB,EAAErlB,KACX,EACAT,EAAI,mBAAqByN,OAASA,OAAS,CAAC,EAC5CiW,EAAI1jB,EAAEwN,UAAY,aAClB+L,EAAIvZ,EAAEq2C,eAAiB,kBACvBC,EAAIt2C,EAAEu2C,aAAe,gBACvB,SAAS53C,EAAO8mB,EAAGvjB,EAAG4jB,GACpB,OAAOpmB,OAAOy1C,eAAe1vB,EAAGvjB,EAAG,CACjCzB,MAAOqlB,EACPS,YAAY,EACZE,cAAc,EACdD,UAAU,IACRf,EAAEvjB,EACR,CACA,IACEvD,EAAO,CAAC,EAAG,GACb,CAAE,MAAO8mB,GACP9mB,EAAS,SAAgB8mB,EAAGvjB,EAAG4jB,GAC7B,OAAOL,EAAEvjB,GAAK4jB,CAChB,CACF,CACA,SAAS0wB,EAAK/wB,EAAGvjB,EAAG4jB,EAAGE,GACrB,IAAIhmB,EAAIkC,GAAKA,EAAEzC,qBAAqBg3C,EAAYv0C,EAAIu0C,EAClD/yB,EAAIhkB,OAAO+B,OAAOzB,EAAEP,WACpB8Z,EAAI,IAAIm9B,EAAQ1wB,GAAK,IACvB,OAAO3P,EAAEqN,EAAG,UAAW,CACrBjjB,MAAOk2C,EAAiBlxB,EAAGK,EAAGvM,KAC5BmK,CACN,CACA,SAASkzB,EAASnxB,EAAGvjB,EAAG4jB,GACtB,IACE,MAAO,CACLjZ,KAAM,SACNgqC,IAAKpxB,EAAE7O,KAAK1U,EAAG4jB,GAEnB,CAAE,MAAOL,GACP,MAAO,CACL5Y,KAAM,QACNgqC,IAAKpxB,EAET,CACF,CACAvjB,EAAEs0C,KAAOA,EACT,IAAIM,EAAI,iBACNC,EAAI,iBACJC,EAAI,YACJvhC,EAAI,YACJ2jB,EAAI,CAAC,EACP,SAASqd,IAAa,CACtB,SAASQ,IAAqB,CAC9B,SAASC,IAA8B,CACvC,IAAI/wB,EAAI,CAAC,EACTxnB,EAAOwnB,EAAGzC,GAAG,WACX,OAAOvkB,IACT,IACA,IAAIg4C,EAAIz3C,OAAO2mB,eACboR,EAAI0f,GAAKA,EAAEA,EAAE33B,EAAO,MACtBiY,GAAKA,IAAM3R,GAAKE,EAAEpP,KAAK6gB,EAAG/T,KAAOyC,EAAIsR,GACrC,IAAI2f,EAAIF,EAA2Bz3C,UAAYg3C,EAAUh3C,UAAYC,OAAO+B,OAAO0kB,GACnF,SAASkxB,EAAsB5xB,GAC7B,CAAC,OAAQ,QAAS,UAAU5gB,SAAQ,SAAU3C,GAC5CvD,EAAO8mB,EAAGvjB,GAAG,SAAUujB,GACrB,OAAOtmB,KAAKm4C,QAAQp1C,EAAGujB,EACzB,GACF,GACF,CACA,SAAS8xB,EAAc9xB,EAAGvjB,GACxB,SAASs1C,EAAO1xB,EAAGzP,EAAGrW,EAAG0jB,GACvB,IAAInK,EAAIq9B,EAASnxB,EAAEK,GAAIL,EAAGpP,GAC1B,GAAI,UAAYkD,EAAE1M,KAAM,CACtB,IAAIypC,EAAI/8B,EAAEs9B,IACRC,EAAIR,EAAE71C,MACR,OAAOq2C,GAAK,UAAYZ,EAAQY,IAAM9wB,EAAEpP,KAAKkgC,EAAG,WAAa50C,EAAE0H,QAAQktC,EAAEW,SAASnuC,MAAK,SAAUmc,GAC/F+xB,EAAO,OAAQ/xB,EAAGzlB,EAAG0jB,EACvB,IAAG,SAAU+B,GACX+xB,EAAO,QAAS/xB,EAAGzlB,EAAG0jB,EACxB,IAAKxhB,EAAE0H,QAAQktC,GAAGxtC,MAAK,SAAUmc,GAC/B6wB,EAAE71C,MAAQglB,EAAGzlB,EAAEs2C,EACjB,IAAG,SAAU7wB,GACX,OAAO+xB,EAAO,QAAS/xB,EAAGzlB,EAAG0jB,EAC/B,GACF,CACAA,EAAEnK,EAAEs9B,IACN,CACA,IAAI/wB,EACJzP,EAAElX,KAAM,UAAW,CACjBsB,MAAO,SAAeglB,EAAGO,GACvB,SAAS0xB,IACP,OAAO,IAAIx1C,GAAE,SAAUA,EAAG4jB,GACxB0xB,EAAO/xB,EAAGO,EAAG9jB,EAAG4jB,EAClB,GACF,CACA,OAAOA,EAAIA,EAAIA,EAAExc,KAAKouC,EAA4BA,GAA8BA,GAClF,GAEJ,CACA,SAASf,EAAiBz0C,EAAG4jB,EAAGE,GAC9B,IAAI3P,EAAIygC,EACR,OAAO,SAAU92C,EAAG0jB,GAClB,GAAIrN,IAAM2gC,EAAG,MAAMpqC,MAAM,gCACzB,GAAIyJ,IAAMZ,EAAG,CACX,GAAI,UAAYzV,EAAG,MAAM0jB,EACzB,MAAO,CACLjjB,MAAOglB,EACP4rB,MAAM,EAEV,CACA,IAAKrrB,EAAEtR,OAAS1U,EAAGgmB,EAAE6wB,IAAMnzB,IAAK,CAC9B,IAAInK,EAAIyM,EAAE2xB,SACV,GAAIp+B,EAAG,CACL,IAAI+8B,EAAIsB,EAAoBr+B,EAAGyM,GAC/B,GAAIswB,EAAG,CACL,GAAIA,IAAMld,EAAG,SACb,OAAOkd,CACT,CACF,CACA,GAAI,SAAWtwB,EAAEtR,OAAQsR,EAAE6xB,KAAO7xB,EAAE8xB,MAAQ9xB,EAAE6wB,SAAS,GAAI,UAAY7wB,EAAEtR,OAAQ,CAC/E,GAAI2B,IAAMygC,EAAG,MAAMzgC,EAAIZ,EAAGuQ,EAAE6wB,IAC5B7wB,EAAE+xB,kBAAkB/xB,EAAE6wB,IACxB,KAAO,WAAa7wB,EAAEtR,QAAUsR,EAAEgyB,OAAO,SAAUhyB,EAAE6wB,KACrDxgC,EAAI2gC,EACJ,IAAI7wB,EAAIywB,EAAS10C,EAAG4jB,EAAGE,GACvB,GAAI,WAAaG,EAAEtZ,KAAM,CACvB,GAAIwJ,EAAI2P,EAAEqrB,KAAO57B,EAAIshC,EAAG5wB,EAAE0wB,MAAQzd,EAAG,SACrC,MAAO,CACL34B,MAAO0lB,EAAE0wB,IACTxF,KAAMrrB,EAAEqrB,KAEZ,CACA,UAAYlrB,EAAEtZ,OAASwJ,EAAIZ,EAAGuQ,EAAEtR,OAAS,QAASsR,EAAE6wB,IAAM1wB,EAAE0wB,IAC9D,CACF,CACF,CACA,SAASe,EAAoB11C,EAAG4jB,GAC9B,IAAIE,EAAIF,EAAEpR,OACR2B,EAAInU,EAAEsL,SAASwY,GACjB,GAAI3P,IAAMoP,EAAG,OAAOK,EAAE6xB,SAAW,KAAM,UAAY3xB,GAAK9jB,EAAEsL,SAAiB,SAAMsY,EAAEpR,OAAS,SAAUoR,EAAE+wB,IAAMpxB,EAAGmyB,EAAoB11C,EAAG4jB,GAAI,UAAYA,EAAEpR,SAAW,WAAasR,IAAMF,EAAEpR,OAAS,QAASoR,EAAE+wB,IAAM,IAAI5wB,UAAU,oCAAsCD,EAAI,aAAcoT,EAC1R,IAAIp5B,EAAI42C,EAASvgC,EAAGnU,EAAEsL,SAAUsY,EAAE+wB,KAClC,GAAI,UAAY72C,EAAE6M,KAAM,OAAOiZ,EAAEpR,OAAS,QAASoR,EAAE+wB,IAAM72C,EAAE62C,IAAK/wB,EAAE6xB,SAAW,KAAMve,EACrF,IAAI1V,EAAI1jB,EAAE62C,IACV,OAAOnzB,EAAIA,EAAE2tB,MAAQvrB,EAAE5jB,EAAE+1C,YAAcv0B,EAAEjjB,MAAOqlB,EAAEpY,KAAOxL,EAAEg2C,QAAS,WAAapyB,EAAEpR,SAAWoR,EAAEpR,OAAS,OAAQoR,EAAE+wB,IAAMpxB,GAAIK,EAAE6xB,SAAW,KAAMve,GAAK1V,GAAKoC,EAAEpR,OAAS,QAASoR,EAAE+wB,IAAM,IAAI5wB,UAAU,oCAAqCH,EAAE6xB,SAAW,KAAMve,EAC9P,CACA,SAAS+e,EAAa1yB,GACpB,IAAIvjB,EAAI,CACNk2C,OAAQ3yB,EAAE,IAEZ,KAAKA,IAAMvjB,EAAEm2C,SAAW5yB,EAAE,IAAK,KAAKA,IAAMvjB,EAAEo2C,WAAa7yB,EAAE,GAAIvjB,EAAEq2C,SAAW9yB,EAAE,IAAKtmB,KAAKq5C,WAAWpuC,KAAKlI,EAC1G,CACA,SAASu2C,EAAchzB,GACrB,IAAIvjB,EAAIujB,EAAEizB,YAAc,CAAC,EACzBx2C,EAAE2K,KAAO,gBAAiB3K,EAAE20C,IAAKpxB,EAAEizB,WAAax2C,CAClD,CACA,SAASw0C,EAAQjxB,GACftmB,KAAKq5C,WAAa,CAAC,CACjBJ,OAAQ,SACN3yB,EAAE5gB,QAAQszC,EAAch5C,MAAOA,KAAKw5C,OAAM,EAChD,CACA,SAASn5B,EAAOtd,GACd,GAAIA,GAAK,KAAOA,EAAG,CACjB,IAAI4jB,EAAI5jB,EAAEwhB,GACV,GAAIoC,EAAG,OAAOA,EAAElP,KAAK1U,GACrB,GAAI,mBAAqBA,EAAEwL,KAAM,OAAOxL,EACxC,IAAK02C,MAAM12C,EAAEhD,QAAS,CACpB,IAAImX,GAAK,EACPrW,EAAI,SAAS0N,IACX,OAAS2I,EAAInU,EAAEhD,QAAS,GAAI8mB,EAAEpP,KAAK1U,EAAGmU,GAAI,OAAO3I,EAAKjN,MAAQyB,EAAEmU,GAAI3I,EAAK2jC,MAAO,EAAI3jC,EACpF,OAAOA,EAAKjN,MAAQglB,EAAG/X,EAAK2jC,MAAO,EAAI3jC,CACzC,EACF,OAAO1N,EAAE0N,KAAO1N,CAClB,CACF,CACA,MAAM,IAAIimB,UAAUiwB,EAAQh0C,GAAK,mBACnC,CACA,OAAO+0C,EAAkBx3C,UAAYy3C,EAA4B7gC,EAAE+gC,EAAG,cAAe,CACnF32C,MAAOy2C,EACPzwB,cAAc,IACZpQ,EAAE6gC,EAA4B,cAAe,CAC/Cz2C,MAAOw2C,EACPxwB,cAAc,IACZwwB,EAAkB4B,YAAcl6C,EAAOu4C,EAA4BZ,EAAG,qBAAsBp0C,EAAE42C,oBAAsB,SAAUrzB,GAChI,IAAIvjB,EAAI,mBAAqBujB,GAAKA,EAAEa,YACpC,QAASpkB,IAAMA,IAAM+0C,GAAqB,uBAAyB/0C,EAAE22C,aAAe32C,EAAEqD,MACxF,EAAGrD,EAAE62C,KAAO,SAAUtzB,GACpB,OAAO/lB,OAAO0mB,eAAiB1mB,OAAO0mB,eAAeX,EAAGyxB,IAA+BzxB,EAAEwwB,UAAYiB,EAA4Bv4C,EAAO8mB,EAAG6wB,EAAG,sBAAuB7wB,EAAEhmB,UAAYC,OAAO+B,OAAO21C,GAAI3xB,CACvM,EAAGvjB,EAAE82C,MAAQ,SAAUvzB,GACrB,MAAO,CACLgyB,QAAShyB,EAEb,EAAG4xB,EAAsBE,EAAc93C,WAAYd,EAAO44C,EAAc93C,UAAW8Z,GAAG,WACpF,OAAOpa,IACT,IAAI+C,EAAEq1C,cAAgBA,EAAer1C,EAAE+2C,MAAQ,SAAUxzB,EAAGK,EAAGE,EAAG3P,EAAGrW,QACnE,IAAWA,IAAMA,EAAIqK,SACrB,IAAIqZ,EAAI,IAAI6zB,EAAcf,EAAK/wB,EAAGK,EAAGE,EAAG3P,GAAIrW,GAC5C,OAAOkC,EAAE42C,oBAAoBhzB,GAAKpC,EAAIA,EAAEhW,OAAOpE,MAAK,SAAUmc,GAC5D,OAAOA,EAAE4rB,KAAO5rB,EAAEhlB,MAAQijB,EAAEhW,MAC9B,GACF,EAAG2pC,EAAsBD,GAAIz4C,EAAOy4C,EAAGd,EAAG,aAAc33C,EAAOy4C,EAAG1zB,GAAG,WACnE,OAAOvkB,IACT,IAAIR,EAAOy4C,EAAG,YAAY,WACxB,MAAO,oBACT,IAAIl1C,EAAE0C,KAAO,SAAU6gB,GACrB,IAAIvjB,EAAIxC,OAAO+lB,GACbK,EAAI,GACN,IAAK,IAAIE,KAAK9jB,EAAG4jB,EAAE1b,KAAK4b,GACxB,OAAOF,EAAEozB,UAAW,SAASxrC,IAC3B,KAAOoY,EAAE5mB,QAAS,CAChB,IAAIumB,EAAIK,EAAEqzB,MACV,GAAI1zB,KAAKvjB,EAAG,OAAOwL,EAAKjN,MAAQglB,EAAG/X,EAAK2jC,MAAO,EAAI3jC,CACrD,CACA,OAAOA,EAAK2jC,MAAO,EAAI3jC,CACzB,CACF,EAAGxL,EAAEsd,OAASA,EAAQk3B,EAAQj3C,UAAY,CACxC6mB,YAAaowB,EACbiC,MAAO,SAAez2C,GACpB,GAAI/C,KAAKi6C,KAAO,EAAGj6C,KAAKuO,KAAO,EAAGvO,KAAK04C,KAAO14C,KAAK24C,MAAQryB,EAAGtmB,KAAKkyC,MAAO,EAAIlyC,KAAKw4C,SAAW,KAAMx4C,KAAKuV,OAAS,OAAQvV,KAAK03C,IAAMpxB,EAAGtmB,KAAKq5C,WAAW3zC,QAAQ4zC,IAAiBv2C,EAAG,IAAK,IAAI4jB,KAAK3mB,KAAM,MAAQ2mB,EAAEwlB,OAAO,IAAMtlB,EAAEpP,KAAKzX,KAAM2mB,KAAO8yB,OAAO9yB,EAAEhkB,MAAM,MAAQ3C,KAAK2mB,GAAKL,EACtR,EACAzF,KAAM,WACJ7gB,KAAKkyC,MAAO,EACZ,IAAI5rB,EAAItmB,KAAKq5C,WAAW,GAAGE,WAC3B,GAAI,UAAYjzB,EAAE5Y,KAAM,MAAM4Y,EAAEoxB,IAChC,OAAO13C,KAAKk6C,IACd,EACAtB,kBAAmB,SAA2B71C,GAC5C,GAAI/C,KAAKkyC,KAAM,MAAMnvC,EACrB,IAAI4jB,EAAI3mB,KACR,SAASm6C,EAAOtzB,EAAG3P,GACjB,OAAOqN,EAAE7W,KAAO,QAAS6W,EAAEmzB,IAAM30C,EAAG4jB,EAAEpY,KAAOsY,EAAG3P,IAAMyP,EAAEpR,OAAS,OAAQoR,EAAE+wB,IAAMpxB,KAAMpP,CACzF,CACA,IAAK,IAAIA,EAAIlX,KAAKq5C,WAAWt5C,OAAS,EAAGmX,GAAK,IAAKA,EAAG,CACpD,IAAIrW,EAAIb,KAAKq5C,WAAWniC,GACtBqN,EAAI1jB,EAAE04C,WACR,GAAI,SAAW14C,EAAEo4C,OAAQ,OAAOkB,EAAO,OACvC,GAAIt5C,EAAEo4C,QAAUj5C,KAAKi6C,KAAM,CACzB,IAAI7/B,EAAIyM,EAAEpP,KAAK5W,EAAG,YAChBs2C,EAAItwB,EAAEpP,KAAK5W,EAAG,cAChB,GAAIuZ,GAAK+8B,EAAG,CACV,GAAIn3C,KAAKi6C,KAAOp5C,EAAEq4C,SAAU,OAAOiB,EAAOt5C,EAAEq4C,UAAU,GACtD,GAAIl5C,KAAKi6C,KAAOp5C,EAAEs4C,WAAY,OAAOgB,EAAOt5C,EAAEs4C,WAChD,MAAO,GAAI/+B,GACT,GAAIpa,KAAKi6C,KAAOp5C,EAAEq4C,SAAU,OAAOiB,EAAOt5C,EAAEq4C,UAAU,OACjD,CACL,IAAK/B,EAAG,MAAM1pC,MAAM,0CACpB,GAAIzN,KAAKi6C,KAAOp5C,EAAEs4C,WAAY,OAAOgB,EAAOt5C,EAAEs4C,WAChD,CACF,CACF,CACF,EACAN,OAAQ,SAAgBvyB,EAAGvjB,GACzB,IAAK,IAAI4jB,EAAI3mB,KAAKq5C,WAAWt5C,OAAS,EAAG4mB,GAAK,IAAKA,EAAG,CACpD,IAAIzP,EAAIlX,KAAKq5C,WAAW1yB,GACxB,GAAIzP,EAAE+hC,QAAUj5C,KAAKi6C,MAAQpzB,EAAEpP,KAAKP,EAAG,eAAiBlX,KAAKi6C,KAAO/iC,EAAEiiC,WAAY,CAChF,IAAIt4C,EAAIqW,EACR,KACF,CACF,CACArW,IAAM,UAAYylB,GAAK,aAAeA,IAAMzlB,EAAEo4C,QAAUl2C,GAAKA,GAAKlC,EAAEs4C,aAAet4C,EAAI,MACvF,IAAI0jB,EAAI1jB,EAAIA,EAAE04C,WAAa,CAAC,EAC5B,OAAOh1B,EAAE7W,KAAO4Y,EAAG/B,EAAEmzB,IAAM30C,EAAGlC,GAAKb,KAAKuV,OAAS,OAAQvV,KAAKuO,KAAO1N,EAAEs4C,WAAYlf,GAAKj6B,KAAKo6C,SAAS71B,EACxG,EACA61B,SAAU,SAAkB9zB,EAAGvjB,GAC7B,GAAI,UAAYujB,EAAE5Y,KAAM,MAAM4Y,EAAEoxB,IAChC,MAAO,UAAYpxB,EAAE5Y,MAAQ,aAAe4Y,EAAE5Y,KAAO1N,KAAKuO,KAAO+X,EAAEoxB,IAAM,WAAapxB,EAAE5Y,MAAQ1N,KAAKk6C,KAAOl6C,KAAK03C,IAAMpxB,EAAEoxB,IAAK13C,KAAKuV,OAAS,SAAUvV,KAAKuO,KAAO,OAAS,WAAa+X,EAAE5Y,MAAQ3K,IAAM/C,KAAKuO,KAAOxL,GAAIk3B,CAC1N,EACAhe,OAAQ,SAAgBqK,GACtB,IAAK,IAAIvjB,EAAI/C,KAAKq5C,WAAWt5C,OAAS,EAAGgD,GAAK,IAAKA,EAAG,CACpD,IAAI4jB,EAAI3mB,KAAKq5C,WAAWt2C,GACxB,GAAI4jB,EAAEwyB,aAAe7yB,EAAG,OAAOtmB,KAAKo6C,SAASzzB,EAAE4yB,WAAY5yB,EAAEyyB,UAAWE,EAAc3yB,GAAIsT,CAC5F,CACF,EACA,MAAS,SAAgB3T,GACvB,IAAK,IAAIvjB,EAAI/C,KAAKq5C,WAAWt5C,OAAS,EAAGgD,GAAK,IAAKA,EAAG,CACpD,IAAI4jB,EAAI3mB,KAAKq5C,WAAWt2C,GACxB,GAAI4jB,EAAEsyB,SAAW3yB,EAAG,CAClB,IAAIO,EAAIF,EAAE4yB,WACV,GAAI,UAAY1yB,EAAEnZ,KAAM,CACtB,IAAIwJ,EAAI2P,EAAE6wB,IACV4B,EAAc3yB,EAChB,CACA,OAAOzP,CACT,CACF,CACA,MAAMzJ,MAAM,wBACd,EACA4sC,cAAe,SAAuBt3C,EAAG4jB,EAAGE,GAC1C,OAAO7mB,KAAKw4C,SAAW,CACrBnqC,SAAUgS,EAAOtd,GACjB+1C,WAAYnyB,EACZoyB,QAASlyB,GACR,SAAW7mB,KAAKuV,SAAWvV,KAAK03C,IAAMpxB,GAAI2T,CAC/C,GACCl3B,CACL,CACAxD,EAAOD,QAAU23C,EAAqB13C,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BC/S3G,SAASg7C,EAAgBh0B,EAAGvjB,GAC1B,OAAOxD,EAAOD,QAAUg7C,EAAkB/5C,OAAO0mB,eAAiB1mB,OAAO0mB,eAAejP,OAAS,SAAUsO,EAAGvjB,GAC5G,OAAOujB,EAAEwwB,UAAY/zC,EAAGujB,CAC1B,EAAG/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,QAASg7C,EAAgBh0B,EAAGvjB,EACtG,CACAxD,EAAOD,QAAUg7C,EAAiB/6C,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCLvG,IAAIy3C,EAAU,gBAWdx3C,EAAOD,QAVP,SAAqBgnB,EAAGK,GACtB,GAAI,UAAYowB,EAAQzwB,KAAOA,EAAG,OAAOA,EACzC,IAAIvjB,EAAIujB,EAAEhY,OAAOisC,aACjB,QAAI,IAAWx3C,EAAG,CAChB,IAAIlC,EAAIkC,EAAE0U,KAAK6O,EAAGK,GAAK,WACvB,GAAI,UAAYowB,EAAQl2C,GAAI,OAAOA,EACnC,MAAM,IAAIimB,UAAU,+CACtB,CACA,OAAQ,WAAaH,EAAItC,OAASye,QAAQxc,EAC5C,EAC8B/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCXnG,IAAIy3C,EAAU,gBACVwD,EAAc,EAAQ,MAK1Bh7C,EAAOD,QAJP,SAAuBgnB,GACrB,IAAIzlB,EAAI05C,EAAYj0B,EAAG,UACvB,MAAO,UAAYywB,EAAQl2C,GAAKA,EAAIA,EAAI,EAC1C,EACgCtB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BCNrG,SAASy3C,EAAQ7/B,GAGf,OAAO3X,EAAOD,QAAUy3C,EAAU,mBAAqBzoC,QAAU,iBAAmBA,OAAOD,SAAW,SAAU6I,GAC9G,cAAcA,CAChB,EAAI,SAAUA,GACZ,OAAOA,GAAK,mBAAqB5I,QAAU4I,EAAEiQ,cAAgB7Y,QAAU4I,IAAM5I,OAAOhO,UAAY,gBAAkB4W,CACpH,EAAG3X,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,QAASy3C,EAAQ7/B,EAC3F,CACA3X,EAAOD,QAAUy3C,EAASx3C,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCT/F,IAAI4nB,EAAiB,EAAQ,MACzBD,EAAiB,EAAQ,MACzBuzB,EAAmB,EAAQ,MAC3B/zB,EAAY,EAAQ,MACxB,SAASC,EAAiBJ,GACxB,IAAIK,EAAI,mBAAqB9Y,IAAM,IAAIA,SAAQ,EAC/C,OAAOtO,EAAOD,QAAUonB,EAAmB,SAA0BJ,GACnE,GAAI,OAASA,IAAMk0B,EAAiBl0B,GAAI,OAAOA,EAC/C,GAAI,mBAAqBA,EAAG,MAAM,IAAIQ,UAAU,sDAChD,QAAI,IAAWH,EAAG,CAChB,GAAIA,EAAE3Y,IAAIsY,GAAI,OAAOK,EAAEpkB,IAAI+jB,GAC3BK,EAAEtlB,IAAIilB,EAAGS,EACX,CACA,SAASA,IACP,OAAON,EAAUH,EAAGxlB,UAAWomB,EAAelnB,MAAMmnB,YACtD,CACA,OAAOJ,EAAQzmB,UAAYC,OAAO+B,OAAOgkB,EAAEhmB,UAAW,CACpD6mB,YAAa,CACX7lB,MAAOylB,EACPK,YAAY,EACZC,UAAU,EACVC,cAAc,KAEdL,EAAeF,EAAST,EAC9B,EAAG/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,QAASonB,EAAiBJ,EACpG,CACA/mB,EAAOD,QAAUonB,EAAkBnnB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCxBxG,IAAIm7C,EAAU,EAAQ,KAAR,GACdl7C,EAAOD,QAAUm7C,EAGjB,IACEC,mBAAqBD,CACvB,CAAE,MAAOE,GACmB,iBAAfC,WACTA,WAAWF,mBAAqBD,EAEhC7zB,SAAS,IAAK,yBAAdA,CAAwC6zB,EAE5C,oCCdA,SAASI,EAAkBl0B,EAAGpC,IAC3B,MAAQA,GAAKA,EAAIoC,EAAE5mB,UAAYwkB,EAAIoC,EAAE5mB,QACtC,IAAK,IAAIgD,EAAI,EAAG8jB,EAAI9R,MAAMwP,GAAIxhB,EAAIwhB,EAAGxhB,IAAK8jB,EAAE9jB,GAAK4jB,EAAE5jB,GACnD,OAAO8jB,CACT,oECJA,SAASi0B,EAAuB/3C,GAC9B,QAAI,IAAWA,EAAG,MAAM,IAAIyzC,eAAe,6DAC3C,OAAOzzC,CACT,oECHA,SAASg4C,EAAmBl0B,EAAGP,EAAGvjB,EAAG4jB,EAAGzP,EAAGqN,EAAGnK,GAC5C,IACE,IAAIvZ,EAAIgmB,EAAEtC,GAAGnK,GACX+8B,EAAIt2C,EAAES,KACV,CAAE,MAAOulB,GACP,YAAY9jB,EAAE8jB,EAChB,CACAhmB,EAAEqxC,KAAO5rB,EAAE6wB,GAAKjsC,QAAQT,QAAQ0sC,GAAGhtC,KAAKwc,EAAGzP,EAC7C,CACA,SAAS8jC,EAAkBn0B,GACzB,OAAO,WACL,IAAIP,EAAItmB,KACN+C,EAAIjC,UACN,OAAO,IAAIoK,SAAQ,SAAUyb,EAAGzP,GAC9B,IAAIqN,EAAIsC,EAAE5B,MAAMqB,EAAGvjB,GACnB,SAASk4C,EAAMp0B,GACbk0B,EAAmBx2B,EAAGoC,EAAGzP,EAAG+jC,EAAOC,EAAQ,OAAQr0B,EACrD,CACA,SAASq0B,EAAOr0B,GACdk0B,EAAmBx2B,EAAGoC,EAAGzP,EAAG+jC,EAAOC,EAAQ,QAASr0B,EACtD,CACAo0B,OAAM,EACR,GACF,CACF,oECxBA,SAASE,EAAgB52B,EAAGsC,GAC1B,KAAMtC,aAAasC,GAAI,MAAM,IAAIC,UAAU,oCAC7C,kHCDA,SAAS8vB,EAAkB7zC,EAAG4jB,GAC5B,IAAK,IAAIL,EAAI,EAAGA,EAAIK,EAAE5mB,OAAQumB,IAAK,CACjC,IAAIpP,EAAIyP,EAAEL,GACVpP,EAAEkQ,WAAalQ,EAAEkQ,aAAc,EAAIlQ,EAAEoQ,cAAe,EAAI,UAAWpQ,IAAMA,EAAEmQ,UAAW,GAAK9mB,OAAOy1C,eAAejzC,GAAG,OAAcmU,EAAElW,KAAMkW,EAC5I,CACF,CACA,SAASkkC,EAAar4C,EAAG4jB,EAAGL,GAC1B,OAAOK,GAAKiwB,EAAkB7zC,EAAEzC,UAAWqmB,GAAIL,GAAKswB,EAAkB7zC,EAAGujB,GAAI/lB,OAAOy1C,eAAejzC,EAAG,YAAa,CACjHskB,UAAU,IACRtkB,CACN,mFCVA,SAASs4C,EAAgBt4C,EAAG4jB,EAAGL,GAC7B,OAAQK,GAAI,OAAcA,MAAO5jB,EAAIxC,OAAOy1C,eAAejzC,EAAG4jB,EAAG,CAC/DrlB,MAAOglB,EACPc,YAAY,EACZE,cAAc,EACdD,UAAU,IACPtkB,EAAE4jB,GAAKL,EAAGvjB,CACjB,qCCRA,SAAS8zC,EAAgBvwB,GACvB,OAAOuwB,EAAkBt2C,OAAO0mB,eAAiB1mB,OAAO2mB,eAAelP,OAAS,SAAUsO,GACxF,OAAOA,EAAEwwB,WAAav2C,OAAO2mB,eAAeZ,EAC9C,EAAGuwB,EAAgBvwB,EACrB,iHCHA,SAASg1B,EAAUh1B,EAAGvjB,GACpB,GAAI,mBAAqBA,GAAK,OAASA,EAAG,MAAM,IAAI+jB,UAAU,sDAC9DR,EAAEhmB,UAAYC,OAAO+B,OAAOS,GAAKA,EAAEzC,UAAW,CAC5C6mB,YAAa,CACX7lB,MAAOglB,EACPe,UAAU,EACVC,cAAc,KAEd/mB,OAAOy1C,eAAe1vB,EAAG,YAAa,CACxCe,UAAU,IACRtkB,IAAK,OAAeujB,EAAGvjB,EAC7B,qCCXA,SAASw4C,EAAyBx4C,EAAGujB,GACnC,GAAI,MAAQvjB,EAAG,MAAO,CAAC,EACvB,IAAImU,EACFyP,EACA9lB,ECLJ,SAAuC8lB,EAAG5jB,GACxC,GAAI,MAAQ4jB,EAAG,MAAO,CAAC,EACvB,IAAIL,EAAI,CAAC,EACT,IAAK,IAAIO,KAAKF,EAAG,GAAI,CAAC,EAAEgO,eAAeld,KAAKkP,EAAGE,GAAI,CACjD,IAAK,IAAM9jB,EAAE6C,QAAQihB,GAAI,SACzBP,EAAEO,GAAKF,EAAEE,EACX,CACA,OAAOP,CACT,CDHQ,CAA6BvjB,EAAGujB,GACtC,GAAI/lB,OAAOi7C,sBAAuB,CAChC,IAAI30B,EAAItmB,OAAOi7C,sBAAsBz4C,GACrC,IAAK4jB,EAAI,EAAGA,EAAIE,EAAE9mB,OAAQ4mB,IAAKzP,EAAI2P,EAAEF,IAAK,IAAML,EAAE1gB,QAAQsR,IAAM,CAAC,EAAEukC,qBAAqBhkC,KAAK1U,EAAGmU,KAAOrW,EAAEqW,GAAKnU,EAAEmU,GAClH,CACA,OAAOrW,CACT,4HETA,SAAS66C,EAA2Bp1B,EAAGvjB,GACrC,GAAIA,IAAM,WAAY,OAAQA,IAAM,mBAAqBA,GAAI,OAAOA,EACpE,QAAI,IAAWA,EAAG,MAAM,IAAI+jB,UAAU,4DACtC,OAAO,OAAsBR,EAC/B,qCCNA,SAASg0B,EAAgBh0B,EAAGvjB,GAC1B,OAAOu3C,EAAkB/5C,OAAO0mB,eAAiB1mB,OAAO0mB,eAAejP,OAAS,SAAUsO,EAAGvjB,GAC3F,OAAOujB,EAAEwwB,UAAY/zC,EAAGujB,CAC1B,EAAGg0B,EAAgBh0B,EAAGvjB,EACxB,gHCAA,SAAS44C,EAAeh1B,EAAG5jB,GACzB,OCLF,SAAyB4jB,GACvB,GAAI5R,MAAM0Z,QAAQ9H,GAAI,OAAOA,CAC/B,CDGS,CAAeA,IELxB,SAA+BA,EAAGixB,GAChC,IAAItxB,EAAI,MAAQK,EAAI,KAAO,oBAAsBrY,QAAUqY,EAAErY,OAAOD,WAAasY,EAAE,cACnF,GAAI,MAAQL,EAAG,CACb,IAAIvjB,EACF8jB,EACAhmB,EACAs2C,EACA5yB,EAAI,GACJszB,GAAI,EACJ3gC,GAAI,EACN,IACE,GAAIrW,GAAKylB,EAAIA,EAAE7O,KAAKkP,IAAIpY,KAAM,IAAMqpC,EAAG,CACrC,GAAIr3C,OAAO+lB,KAAOA,EAAG,OACrBuxB,GAAI,CACN,MAAO,OAASA,GAAK90C,EAAIlC,EAAE4W,KAAK6O,IAAI4rB,QAAU3tB,EAAEtZ,KAAKlI,EAAEzB,OAAQijB,EAAExkB,SAAW63C,GAAIC,GAAI,GACtF,CAAE,MAAOlxB,GACPzP,GAAI,EAAI2P,EAAIF,CACd,CAAE,QACA,IACE,IAAKkxB,GAAK,MAAQvxB,EAAU,SAAM6wB,EAAI7wB,EAAU,SAAK/lB,OAAO42C,KAAOA,GAAI,MACzE,CAAE,QACA,GAAIjgC,EAAG,MAAM2P,CACf,CACF,CACA,OAAOtC,CACT,CACF,CFrB8B,CAAqBoC,EAAG5jB,KAAM,EAAA64C,EAAA,GAA2Bj1B,EAAG5jB,IGL1F,WACE,MAAM,IAAI+jB,UAAU,4IACtB,CHGgG,EAChG,2FIFA,SAAS+0B,EAAmBl1B,GAC1B,OCJF,SAA4BA,GAC1B,GAAI5R,MAAM0Z,QAAQ9H,GAAI,OAAO,EAAAm1B,EAAA,GAAiBn1B,EAChD,CDES,CAAkBA,IEL3B,SAA0BA,GACxB,GAAI,oBAAsBrY,QAAU,MAAQqY,EAAErY,OAAOD,WAAa,MAAQsY,EAAE,cAAe,OAAO5R,MAAMC,KAAK2R,EAC/G,CFGiC,CAAgBA,KAAM,EAAAi1B,EAAA,GAA2Bj1B,IGLlF,WACE,MAAM,IAAIG,UAAU,uIACtB,CHGwF,EACxF,mFIJA,SAAS6vB,EAAcrwB,GACrB,IAAIzlB,ECFN,SAAqBylB,EAAGK,GACtB,GAAI,WAAY,OAAQL,KAAOA,EAAG,OAAOA,EACzC,IAAIvjB,EAAIujB,EAAEhY,OAAOisC,aACjB,QAAI,IAAWx3C,EAAG,CAChB,IAAIlC,EAAIkC,EAAE0U,KAAK6O,EAAGK,UAClB,GAAI,WAAY,OAAQ9lB,GAAI,OAAOA,EACnC,MAAM,IAAIimB,UAAU,+CACtB,CACA,OAAyBzC,OAAiBiC,EAC5C,CDPUi0B,CAAYj0B,GACpB,MAAO,WAAY,OAAQzlB,GAAKA,EAAIA,EAAI,EAC1C,qCELA,SAASk2C,EAAQ7/B,GAGf,OAAO6/B,EAAU,mBAAqBzoC,QAAU,iBAAmBA,OAAOD,SAAW,SAAU6I,GAC7F,cAAcA,CAChB,EAAI,SAAUA,GACZ,OAAOA,GAAK,mBAAqB5I,QAAU4I,EAAEiQ,cAAgB7Y,QAAU4I,IAAM5I,OAAOhO,UAAY,gBAAkB4W,CACpH,EAAG6/B,EAAQ7/B,EACb,gHCPA,SAAS6kC,EAA4Bp1B,EAAGpC,GACtC,GAAIoC,EAAG,CACL,GAAI,iBAAmBA,EAAG,OAAO,OAAiBA,EAAGpC,GACrD,IAAI+B,EAAI,CAAC,EAAEta,SAASyL,KAAKkP,GAAGhkB,MAAM,GAAI,GACtC,MAAO,WAAa2jB,GAAKK,EAAEQ,cAAgBb,EAAIK,EAAEQ,YAAY/gB,MAAO,QAAUkgB,GAAK,QAAUA,EAAIvR,MAAMC,KAAK2R,GAAK,cAAgBL,GAAK,2CAA2C4C,KAAK5C,IAAK,OAAiBK,EAAGpC,QAAK,CACtN,CACF,ICNIy3B,EAA2B,CAAC,EAGhC,SAASC,EAAoBC,GAE5B,IAAIC,EAAeH,EAAyBE,GAC5C,QAAqBvtC,IAAjBwtC,EACH,OAAOA,EAAa78C,QAGrB,IAAIC,EAASy8C,EAAyBE,GAAY,CAGjD58C,QAAS,CAAC,GAOX,OAHA88C,EAAoBF,GAAUzkC,KAAKlY,EAAOD,QAASC,EAAQA,EAAOD,QAAS28C,GAGpE18C,EAAOD,OACf,CCrBA28C,EAAoBp1B,EAAI,SAAStnB,GAChC,IAAI88C,EAAS98C,GAAUA,EAAOk3C,WAC7B,WAAa,OAAOl3C,EAAgB,OAAG,EACvC,WAAa,OAAOA,CAAQ,EAE7B,OADA08C,EAAoBjE,EAAEqE,EAAQ,CAAE93B,EAAG83B,IAC5BA,CACR,ECNAJ,EAAoBjE,EAAI,SAAS14C,EAASg9C,GACzC,IAAI,IAAIt7C,KAAOs7C,EACXL,EAAoB/kC,EAAEolC,EAAYt7C,KAASi7C,EAAoB/kC,EAAE5X,EAAS0B,IAC5ET,OAAOy1C,eAAe12C,EAAS0B,EAAK,CAAEomB,YAAY,EAAM7kB,IAAK+5C,EAAWt7C,IAG3E,ECPAi7C,EAAoBhE,EAAI,WACvB,GAA0B,iBAAf2C,WAAyB,OAAOA,WAC3C,IACC,OAAO56C,MAAQ,IAAI4mB,SAAS,cAAb,EAChB,CAAE,MAAO7jB,GACR,GAAsB,iBAAX4B,OAAqB,OAAOA,MACxC,CACA,CAPuB,GCAxBs3C,EAAoB/kC,EAAI,SAAS5B,EAAKi6B,GAAQ,OAAOhvC,OAAOD,UAAUq0B,eAAeld,KAAKnC,EAAKi6B,EAAO,ECCtG0M,EAAoBt1B,EAAI,SAASrnB,GACX,oBAAXgP,QAA0BA,OAAO8oC,aAC1C72C,OAAOy1C,eAAe12C,EAASgP,OAAO8oC,YAAa,CAAE91C,MAAO,WAE7Df,OAAOy1C,eAAe12C,EAAS,aAAc,CAAEgC,OAAO,GACvD,4uCCgBA,IAAM1B,GAAkEijB,EAAAA,EAAAA,KAClEirB,GAAyE/qB,EAAAA,EAAAA,KACzEkQ,GAAoDyD,EAAAA,EAAAA,KAIpD6lB,EAAQ,wcACZ,WAAYz8C,GAA0B,kCAC9BA,EACR,CAAC,iBAHW,EAFYkzB,EAAAA,EAAAA,GAAwB8a,EAAgBluC,EAAoBqzB,IAQtF,iBvLxBA","sources":["webpack://OktaAuth/webpack/universalModuleDefinition","webpack://OktaAuth/./lib/base/factory.ts","webpack://OktaAuth/./lib/base/options.ts","webpack://OktaAuth/./node_modules/js-cookie/dist/js.cookie.mjs","webpack://OktaAuth/./lib/browser/browserStorage.ts","webpack://OktaAuth/./lib/constants.ts","webpack://OktaAuth/./lib/core/AuthStateManager.ts","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/util.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/methods/native.js","webpack://OktaAuth/../../src/index.ts","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/options.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/methods/indexed-db.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/methods/localstorage.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/methods/simulate.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/method-chooser.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/broadcast-channel.js","webpack://OktaAuth/./node_modules/unload/dist/es/index.js","webpack://OktaAuth/./node_modules/unload/dist/es/node.js","webpack://OktaAuth/./node_modules/unload/dist/es/browser.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/leader-election-util.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/leader-election-web-lock.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/leader-election.js","webpack://OktaAuth/./lib/services/LeaderElectionService.ts","webpack://OktaAuth/./lib/services/AutoRenewService.ts","webpack://OktaAuth/./lib/services/SyncStorageService.ts","webpack://OktaAuth/./lib/services/RenewOnTabActivationService.ts","webpack://OktaAuth/./lib/core/ServiceManager/browser.ts","webpack://OktaAuth/./lib/core/factory.ts","webpack://OktaAuth/./lib/core/mixin.ts","webpack://OktaAuth/./lib/core/options.ts","webpack://OktaAuth/./lib/core/storage.ts","webpack://OktaAuth/./lib/crypto/base64.ts","webpack://OktaAuth/./lib/crypto/browser.ts","webpack://OktaAuth/./lib/crypto/oidcHash.ts","webpack://OktaAuth/./lib/crypto/verifyToken.ts","webpack://OktaAuth/./lib/errors/AuthApiError.ts","webpack://OktaAuth/./lib/errors/AuthPollStopError.ts","webpack://OktaAuth/./lib/errors/AuthSdkError.ts","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/isNativeReflectConstruct.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/wrapNativeSuper.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/isNativeFunction.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/construct.js","webpack://OktaAuth/./lib/errors/CustomError.ts","webpack://OktaAuth/./lib/errors/OAuthError.ts","webpack://OktaAuth/./lib/errors/WWWAuthError.ts","webpack://OktaAuth/./lib/errors/index.ts","webpack://OktaAuth/./lib/features.ts","webpack://OktaAuth/./lib/http/OktaUserAgent.ts","webpack://OktaAuth/./lib/http/headers.ts","webpack://OktaAuth/./lib/http/mixin.ts","webpack://OktaAuth/./lib/fetch/fetchRequest.ts","webpack://OktaAuth/./lib/http/options.ts","webpack://OktaAuth/./lib/http/request.ts","webpack://OktaAuth/./lib/myaccount/transactions/Base.ts","webpack://OktaAuth/./lib/myaccount/request.ts","webpack://OktaAuth/./lib/myaccount/transactions/ProfileTransaction.ts","webpack://OktaAuth/./lib/myaccount/transactions/ProfileSchemaTransaction.ts","webpack://OktaAuth/./lib/myaccount/profileApi.ts","webpack://OktaAuth/./lib/myaccount/transactions/EmailStatusTransaction.ts","webpack://OktaAuth/./lib/myaccount/transactions/EmailChallengeTransaction.ts","webpack://OktaAuth/./lib/myaccount/transactions/EmailTransaction.ts","webpack://OktaAuth/./lib/myaccount/emailApi.ts","webpack://OktaAuth/./lib/myaccount/transactions/PhoneTransaction.ts","webpack://OktaAuth/./lib/myaccount/phoneApi.ts","webpack://OktaAuth/./lib/myaccount/transactions/PasswordTransaction.ts","webpack://OktaAuth/./lib/myaccount/passwordApi.ts","webpack://OktaAuth/./lib/myaccount/factory.ts","webpack://OktaAuth/./lib/myaccount/mixin.ts","webpack://OktaAuth/./lib/myaccount/types.ts","webpack://OktaAuth/./lib/clock.ts","webpack://OktaAuth/./lib/oidc/TokenManager.ts","webpack://OktaAuth/./lib/oidc/util/sharedStorage.ts","webpack://OktaAuth/./lib/oidc/TransactionManager.ts","webpack://OktaAuth/./lib/oidc/decodeToken.ts","webpack://OktaAuth/./lib/oidc/dpop.ts","webpack://OktaAuth/./lib/oidc/endpoints/authorize.ts","webpack://OktaAuth/./lib/oidc/endpoints/token.ts","webpack://OktaAuth/./lib/oidc/endpoints/well-known.ts","webpack://OktaAuth/./lib/oidc/exchangeCodeForTokens.ts","webpack://OktaAuth/./lib/oidc/enrollAuthenticator.ts","webpack://OktaAuth/./lib/oidc/factory/api.ts","webpack://OktaAuth/./lib/oidc/factory/OktaAuthOAuth.ts","webpack://OktaAuth/./lib/oidc/getToken.ts","webpack://OktaAuth/./lib/oidc/getUserInfo.ts","webpack://OktaAuth/./lib/oidc/getWithPopup.ts","webpack://OktaAuth/./lib/oidc/getWithRedirect.ts","webpack://OktaAuth/./lib/oidc/getWithoutPrompt.ts","webpack://OktaAuth/./lib/oidc/handleOAuthResponse.ts","webpack://OktaAuth/./lib/oidc/introspect.ts","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/get.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/superPropBase.js","webpack://OktaAuth/./lib/oidc/mixin/index.ts","webpack://OktaAuth/./lib/oidc/mixin/browser.ts","webpack://OktaAuth/./lib/oidc/options/browser.ts","webpack://OktaAuth/./lib/oidc/options/OAuthOptionsConstructor.ts","webpack://OktaAuth/./lib/oidc/parseFromUrl.ts","webpack://OktaAuth/./lib/oidc/renewToken.ts","webpack://OktaAuth/./lib/oidc/renewTokens.ts","webpack://OktaAuth/./lib/oidc/renewTokensWithRefresh.ts","webpack://OktaAuth/./lib/oidc/revokeToken.ts","webpack://OktaAuth/./lib/oidc/storage.ts","webpack://OktaAuth/./lib/oidc/types/Token.ts","webpack://OktaAuth/./lib/oidc/types/TokenManager.ts","webpack://OktaAuth/./lib/oidc/types/Transaction.ts","webpack://OktaAuth/./lib/oidc/util/browser.ts","webpack://OktaAuth/./lib/oidc/util/defaultEnrollAuthenticatorParams.ts","webpack://OktaAuth/./lib/oidc/util/defaultTokenParams.ts","webpack://OktaAuth/./lib/oidc/util/enrollAuthenticatorMeta.ts","webpack://OktaAuth/./lib/oidc/util/errors.ts","webpack://OktaAuth/./lib/oidc/util/loginRedirect.ts","webpack://OktaAuth/./lib/oidc/util/oauth.ts","webpack://OktaAuth/./lib/oidc/util/oauthMeta.ts","webpack://OktaAuth/./lib/oidc/util/pkce.ts","webpack://OktaAuth/./lib/oidc/util/prepareEnrollAuthenticatorParams.ts","webpack://OktaAuth/./lib/oidc/util/prepareTokenParams.ts","webpack://OktaAuth/./lib/oidc/util/refreshToken.ts","webpack://OktaAuth/./lib/oidc/util/urlParams.ts","webpack://OktaAuth/./lib/oidc/util/validateClaims.ts","webpack://OktaAuth/./lib/oidc/util/validateToken.ts","webpack://OktaAuth/./lib/oidc/verifyToken.ts","webpack://OktaAuth/./lib/session/api.ts","webpack://OktaAuth/./lib/session/factory.ts","webpack://OktaAuth/./lib/session/mixin.ts","webpack://OktaAuth/./lib/storage/BaseStorageManager.ts","webpack://OktaAuth/./lib/storage/SavedObject.ts","webpack://OktaAuth/./lib/storage/mixin.ts","webpack://OktaAuth/./lib/storage/options/browser.ts","webpack://OktaAuth/./lib/storage/options/StorageOptionsConstructor.ts","webpack://OktaAuth/./lib/util/PromiseQueue.ts","webpack://OktaAuth/./lib/util/console.ts","webpack://OktaAuth/./lib/util/misc.ts","webpack://OktaAuth/./lib/util/object.ts","webpack://OktaAuth/./lib/util/types.ts","webpack://OktaAuth/./lib/util/url.ts","webpack://OktaAuth/./node_modules/p-cancelable/index.js","webpack://OktaAuth/./node_modules/cross-fetch/dist/browser-ponyfill.js","webpack://OktaAuth/./node_modules/tiny-emitter/index.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/assertThisInitialized.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/classCallCheck.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/construct.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/createClass.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/getPrototypeOf.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/inherits.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/isNativeFunction.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/isNativeReflectConstruct.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/possibleConstructorReturn.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/regeneratorRuntime.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/setPrototypeOf.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/toPrimitive.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/toPropertyKey.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/typeof.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/wrapNativeSuper.js","webpack://OktaAuth/./node_modules/@babel/runtime/regenerator/index.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/arrayLikeToArray.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/assertThisInitialized.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/asyncToGenerator.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/classCallCheck.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/createClass.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/defineProperty.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/getPrototypeOf.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/inherits.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/objectWithoutProperties.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/objectWithoutPropertiesLoose.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/possibleConstructorReturn.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/setPrototypeOf.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/slicedToArray.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/arrayWithHoles.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/iterableToArrayLimit.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/nonIterableRest.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/toConsumableArray.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/arrayWithoutHoles.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/iterableToArray.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/nonIterableSpread.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/toPropertyKey.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/toPrimitive.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/typeof.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/unsupportedIterableToArray.js","webpack://OktaAuth/webpack/bootstrap","webpack://OktaAuth/webpack/runtime/compat get default export","webpack://OktaAuth/webpack/runtime/define property getters","webpack://OktaAuth/webpack/runtime/global","webpack://OktaAuth/webpack/runtime/hasOwnProperty shorthand","webpack://OktaAuth/webpack/runtime/make namespace object","webpack://OktaAuth/./lib/exports/myaccount.ts"],"sourcesContent":["(function webpackUniversalModuleDefinition(root, factory) {\n\tif(typeof exports === 'object' && typeof module === 'object')\n\t\tmodule.exports = factory();\n\telse if(typeof define === 'function' && define.amd)\n\t\tdefine([], factory);\n\telse if(typeof exports === 'object')\n\t\texports[\"OktaAuth\"] = factory();\n\telse\n\t\troot[\"OktaAuth\"] = factory();\n})(self, function() {\nreturn ","\n\n// Do not use this type in code, so it won't be emitted in the declaration output\nimport { removeNils } from '../util';\n\nimport * as features from '../features';\nimport * as constants from '../constants';\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport Emitter from 'tiny-emitter';\n\nimport {\n EventEmitter,\n OktaAuthConstructor,\n OktaAuthBaseInterface,\n OktaAuthBaseOptions,\n OktaAuthOptionsConstructor, \n FeaturesAPI,\n} from './types';\n\nexport function createOktaAuthBase\n<\n O extends OktaAuthBaseOptions = OktaAuthBaseOptions,\n>\n(\n OptionsConstructor: OktaAuthOptionsConstructor<O>\n): OktaAuthConstructor<OktaAuthBaseInterface<O>>\n{\n class OktaAuthBase implements OktaAuthBaseInterface<O>\n {\n options: O;\n emitter: EventEmitter;\n features: FeaturesAPI;\n static features: FeaturesAPI = features;\n static constants = constants;\n \n constructor(...args: any[]) {\n const options = new OptionsConstructor(args.length ? args[0] || {} : {});\n this.options = removeNils(options) as O; // clear out undefined values\n this.emitter = new Emitter();\n this.features = features;\n }\n }\n\n // Hoist feature detection functions to prototype & static type\n OktaAuthBase.features = OktaAuthBase.prototype.features = features;\n\n // Also hoist constants for CommonJS users\n Object.assign(OktaAuthBase, {\n constants\n });\n\n return OktaAuthBase;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthBaseOptions } from './types';\n\nexport function createBaseOptionsConstructor() {\n\n return class BaseOptionsConstructor implements Required<OktaAuthBaseOptions> {\n devMode: boolean;\n\n constructor(args: any) {\n this.devMode = !!args.devMode;\n }\n };\n\n}\n","/*! js-cookie v3.0.1 | MIT */\n/* eslint-disable no-var */\nfunction assign (target) {\n for (var i = 1; i < arguments.length; i++) {\n var source = arguments[i];\n for (var key in source) {\n target[key] = source[key];\n }\n }\n return target\n}\n/* eslint-enable no-var */\n\n/* eslint-disable no-var */\nvar defaultConverter = {\n read: function (value) {\n if (value[0] === '\"') {\n value = value.slice(1, -1);\n }\n return value.replace(/(%[\\dA-F]{2})+/gi, decodeURIComponent)\n },\n write: function (value) {\n return encodeURIComponent(value).replace(\n /%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,\n decodeURIComponent\n )\n }\n};\n/* eslint-enable no-var */\n\n/* eslint-disable no-var */\n\nfunction init (converter, defaultAttributes) {\n function set (key, value, attributes) {\n if (typeof document === 'undefined') {\n return\n }\n\n attributes = assign({}, defaultAttributes, attributes);\n\n if (typeof attributes.expires === 'number') {\n attributes.expires = new Date(Date.now() + attributes.expires * 864e5);\n }\n if (attributes.expires) {\n attributes.expires = attributes.expires.toUTCString();\n }\n\n key = encodeURIComponent(key)\n .replace(/%(2[346B]|5E|60|7C)/g, decodeURIComponent)\n .replace(/[()]/g, escape);\n\n var stringifiedAttributes = '';\n for (var attributeName in attributes) {\n if (!attributes[attributeName]) {\n continue\n }\n\n stringifiedAttributes += '; ' + attributeName;\n\n if (attributes[attributeName] === true) {\n continue\n }\n\n // Considers RFC 6265 section 5.2:\n // ...\n // 3. If the remaining unparsed-attributes contains a %x3B (\";\")\n // character:\n // Consume the characters of the unparsed-attributes up to,\n // not including, the first %x3B (\";\") character.\n // ...\n stringifiedAttributes += '=' + attributes[attributeName].split(';')[0];\n }\n\n return (document.cookie =\n key + '=' + converter.write(value, key) + stringifiedAttributes)\n }\n\n function get (key) {\n if (typeof document === 'undefined' || (arguments.length && !key)) {\n return\n }\n\n // To prevent the for loop in the first place assign an empty array\n // in case there are no cookies at all.\n var cookies = document.cookie ? document.cookie.split('; ') : [];\n var jar = {};\n for (var i = 0; i < cookies.length; i++) {\n var parts = cookies[i].split('=');\n var value = parts.slice(1).join('=');\n\n try {\n var foundKey = decodeURIComponent(parts[0]);\n jar[foundKey] = converter.read(value, foundKey);\n\n if (key === foundKey) {\n break\n }\n } catch (e) {}\n }\n\n return key ? jar[key] : jar\n }\n\n return Object.create(\n {\n set: set,\n get: get,\n remove: function (key, attributes) {\n set(\n key,\n '',\n assign({}, attributes, {\n expires: -1\n })\n );\n },\n withAttributes: function (attributes) {\n return init(this.converter, assign({}, this.attributes, attributes))\n },\n withConverter: function (converter) {\n return init(assign({}, this.converter, converter), this.attributes)\n }\n },\n {\n attributes: { value: Object.freeze(defaultAttributes) },\n converter: { value: Object.freeze(converter) }\n }\n )\n}\n\nvar api = init(defaultConverter, { path: '/' });\n/* eslint-enable no-var */\n\nexport default api;\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport Cookies from 'js-cookie';\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n StorageOptions,\n CookieOptions,\n SimpleStorage,\n StorageType,\n StorageUtil,\n} from '../storage/types';\nimport { warn } from '../util';\nimport { isIE11OrLess } from '../features';\n\nexport interface CookieStorage extends SimpleStorage {\n setItem(key: string, value: any, expiresAt?: string | null): void; // can customize expiresAt\n getItem(key?: string): any; // if no key is passed, all cookies are returned\n removeItem(key: string); // remove a cookie\n}\n\nexport interface BrowserStorageUtil extends StorageUtil {\n browserHasLocalStorage(): boolean;\n browserHasSessionStorage(): boolean;\n getStorageByType(storageType: StorageType, options: StorageOptions): SimpleStorage;\n getLocalStorage(): Storage;\n getSessionStorage(): Storage;\n getInMemoryStorage(): SimpleStorage;\n getCookieStorage(options?: StorageOptions): CookieStorage;\n testStorage(storage: any): boolean;\n storage: Cookies;\n inMemoryStore: Record<string, unknown>;\n}\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n // IE11 bug that Microsoft doesn't plan to fix\n // https://connect.microsoft.com/IE/Feedback/Details/1496040\n browserHasLocalStorage: function() {\n try {\n var storage = this.getLocalStorage();\n return this.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n browserHasSessionStorage: function() {\n try {\n var storage = this.getSessionStorage();\n return this.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n testStorageType: function(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'sessionStorage':\n supported = this.browserHasSessionStorage();\n break;\n case 'localStorage':\n supported = this.browserHasLocalStorage();\n break;\n case 'cookie':\n case 'memory':\n supported = true;\n break;\n default:\n supported = false;\n break;\n }\n return supported;\n },\n\n getStorageByType: function(storageType: StorageType, options?: StorageOptions): SimpleStorage {\n let storageProvider;\n switch (storageType) {\n case 'sessionStorage':\n storageProvider = this.getSessionStorage();\n break;\n case 'localStorage':\n storageProvider = this.getLocalStorage();\n break;\n case 'cookie':\n storageProvider = this.getCookieStorage(options);\n break;\n case 'memory':\n storageProvider = this.getInMemoryStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n },\n\n findStorageType: function(types: StorageType[]) {\n let curType;\n let nextType;\n \n types = types.slice(); // copy array\n curType = types.shift();\n nextType = types.length ? types[0] : null;\n if (!nextType) {\n return curType;\n }\n\n if (this.testStorageType(curType)) {\n return curType;\n }\n\n // preferred type was unsupported.\n warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n // fallback to the next type. this is a recursive call\n return this.findStorageType(types);\n },\n\n getLocalStorage: function() {\n // Workaound for synchronization issue of LocalStorage cross tabs in IE11\n if (isIE11OrLess() && !window.onstorage) {\n window.onstorage = function() {};\n }\n \n return localStorage;\n },\n\n getSessionStorage: function() {\n return sessionStorage;\n },\n\n // Provides webStorage-like interface for cookies\n getCookieStorage: function(options): CookieStorage {\n const secure = options!.secure;\n const sameSite = options!.sameSite;\n const sessionCookie = options!.sessionCookie;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n }\n const storage: CookieStorage = {\n getItem: this.storage.get,\n setItem: (key, value, expiresAt = '2200-01-01T00:00:00.000Z') => {\n // By defauilt, cookie shouldn't expire\n expiresAt = (sessionCookie ? null : expiresAt) as string;\n this.storage.set(key, value, expiresAt, {\n secure: secure, \n sameSite: sameSite,\n });\n },\n removeItem: (key) => {\n this.storage.delete(key);\n },\n };\n\n if (!options!.useSeparateCookies) {\n return storage;\n }\n\n // Tokens are stored separately because cookies have size limits.\n // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n // Each property of the object must also be an object.\n return {\n getItem: function(key) {\n var data = storage.getItem(); // read all cookies\n var value = {};\n Object.keys(data).forEach(k => {\n if (k.indexOf(key!) === 0) { // filter out unrelated cookies\n value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data\n }\n });\n return JSON.stringify(value);\n },\n setItem: function(key, value) {\n var existingValues = JSON.parse(this.getItem(key));\n value = JSON.parse(value);\n // Set key-value pairs from input to cookies\n Object.keys(value).forEach(k => {\n var storageKey = key + '_' + k;\n var valueToStore = JSON.stringify(value[k]);\n storage.setItem(storageKey, valueToStore);\n delete existingValues[k];\n });\n // Delete unmatched keys from existing cookies\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n removeItem: function(key) {\n var existingValues = JSON.parse(this.getItem(key));\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n };\n },\n\n // Provides an in-memory solution\n inMemoryStore: {}, // override this for a unique memory store per instance\n getInMemoryStorage: function() {\n return {\n getItem: (key) => {\n return this.inMemoryStore[key];\n },\n setItem: (key, value) => {\n this.inMemoryStore[key] = value;\n },\n };\n },\n\n testStorage: function(storage) {\n var key = 'okta-test-storage';\n try {\n storage.setItem(key, key);\n storage.removeItem(key);\n return true;\n } catch (e) {\n return false;\n }\n },\n\n storage: {\n set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n const { sameSite, secure } = options;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n }\n var cookieOptions: CookieOptions = {\n path: options.path || '/',\n secure,\n sameSite\n };\n\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Expires value can be converted to a Date object.\n //\n // If the 'expiresAt' value is not provided, or the value cannot be\n // parsed as a Date object, the cookie will set as a session cookie.\n cookieOptions.expires = new Date(expiresAt);\n }\n\n Cookies.set(name, value, cookieOptions);\n return this.get(name);\n },\n\n get: function(name?: string): string {\n // return all cookies when no args is provided\n if (!arguments.length) {\n return Cookies.get();\n }\n return Cookies.get(name);\n },\n\n delete: function(name: string): string {\n return Cookies.remove(name, { path: '/' });\n }\n }\n};\n\nexport default storageUtil;\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport const STATE_TOKEN_KEY_NAME = 'oktaStateToken';\nexport const DEFAULT_POLLING_DELAY = 500;\nexport const IOS_MAX_RETRY_COUNT = 3;\nexport const DEFAULT_MAX_CLOCK_SKEW = 300;\nexport const DEFAULT_CACHE_DURATION = 86400;\nexport const TOKEN_STORAGE_NAME = 'okta-token-storage';\nexport const CACHE_STORAGE_NAME = 'okta-cache-storage';\nexport const PKCE_STORAGE_NAME = 'okta-pkce-storage';\nexport const TRANSACTION_STORAGE_NAME = 'okta-transaction-storage';\nexport const SHARED_TRANSACTION_STORAGE_NAME = 'okta-shared-transaction-storage';\nexport const ORIGINAL_URI_STORAGE_NAME = 'okta-original-uri-storage';\nexport const IDX_RESPONSE_STORAGE_NAME = 'okta-idx-response-storage';\nexport const ACCESS_TOKEN_STORAGE_KEY = 'accessToken';\nexport const ID_TOKEN_STORAGE_KEY = 'idToken';\nexport const REFRESH_TOKEN_STORAGE_KEY = 'refreshToken';\nexport const REFERRER_PATH_STORAGE_KEY = 'referrerPath';\n\n// Code verifier: Random URL-safe string with a minimum length of 43 characters.\n// Code challenge: Base64 URL-encoded SHA-256 hash of the code verifier.\nexport const MIN_VERIFIER_LENGTH = 43;\nexport const MAX_VERIFIER_LENGTH = 128;\nexport const DEFAULT_CODE_CHALLENGE_METHOD = 'S256';\n\nexport const IDX_API_VERSION = '1.0.0';","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n \n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport PCancelable from 'p-cancelable';\nimport { AuthSdkError } from '../errors';\nimport {\n EVENT_ADDED,\n EVENT_REMOVED,\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface\n} from '../oidc';\nimport {\n AuthState,\n AuthStateLogOptions,\n OktaAuthCoreOptions,\n} from './types';\nimport { PromiseQueue, getConsole } from '../util';\n\nexport const INITIAL_AUTH_STATE = null;\nconst DEFAULT_PENDING = {\n updateAuthStatePromise: null,\n canceledTimes: 0\n};\nconst EVENT_AUTH_STATE_CHANGE = 'authStateChange';\nconst MAX_PROMISE_CANCEL_TIMES = 10;\n\n// only compare first level of authState\nconst isSameAuthState = (prevState: AuthState | null, state: AuthState) => {\n // initial state is null\n if (!prevState) {\n return false;\n }\n\n return prevState.isAuthenticated === state.isAuthenticated \n && JSON.stringify(prevState.idToken) === JSON.stringify(state.idToken)\n && JSON.stringify(prevState.accessToken) === JSON.stringify(state.accessToken)\n && prevState.error === state.error;\n};\n\n\nexport class AuthStateManager\n<\n M extends OAuthTransactionMeta,\n S extends OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions\n>\n{\n _sdk: OktaAuthOAuthInterface<M, S, O>;\n _pending: { \n updateAuthStatePromise: any;\n canceledTimes: number; \n };\n _authState: AuthState | null;\n _prevAuthState: AuthState | null;\n _logOptions: AuthStateLogOptions;\n _transformQueue: PromiseQueue;\n\n constructor(sdk: OktaAuthOAuthInterface<M, S, O>) {\n if (!sdk.emitter) {\n throw new AuthSdkError('Emitter should be initialized before AuthStateManager');\n }\n\n this._sdk = sdk;\n this._pending = { ...DEFAULT_PENDING };\n this._authState = INITIAL_AUTH_STATE;\n this._logOptions = {};\n this._prevAuthState = null;\n this._transformQueue = new PromiseQueue({\n quiet: true\n });\n\n // Listen on tokenManager events to start updateState process\n // \"added\" event is emitted in both add and renew process\n // Only listen on \"added\" event to update auth state\n sdk.tokenManager.on(EVENT_ADDED, (key, token) => {\n this._setLogOptions({ event: EVENT_ADDED, key, token });\n this.updateAuthState();\n });\n sdk.tokenManager.on(EVENT_REMOVED, (key, token) => {\n this._setLogOptions({ event: EVENT_REMOVED, key, token });\n this.updateAuthState();\n });\n }\n\n _setLogOptions(options) {\n this._logOptions = options;\n }\n\n getAuthState(): AuthState | null {\n return this._authState;\n }\n\n getPreviousAuthState(): AuthState | null {\n return this._prevAuthState;\n }\n\n async updateAuthState(): Promise<AuthState> {\n const { transformAuthState, devMode } = this._sdk.options;\n\n const log = (status) => {\n const { event, key, token } = this._logOptions;\n getConsole().group(`OKTA-AUTH-JS:updateAuthState: Event:${event} Status:${status}`);\n getConsole().log(key, token);\n getConsole().log('Current authState', this._authState);\n getConsole().groupEnd();\n \n // clear log options after logging\n this._logOptions = {};\n };\n\n const emitAuthStateChange = (authState) => {\n if (isSameAuthState(this._authState, authState)) {\n devMode && log('unchanged'); \n return;\n }\n this._prevAuthState = this._authState;\n this._authState = authState;\n // emit new authState object\n this._sdk.emitter.emit(EVENT_AUTH_STATE_CHANGE, { ...authState });\n devMode && log('emitted');\n };\n\n const finalPromise = (origPromise) => { \n return this._pending.updateAuthStatePromise.then(() => {\n const curPromise = this._pending.updateAuthStatePromise;\n if (curPromise && curPromise !== origPromise) {\n return finalPromise(curPromise);\n }\n return this.getAuthState();\n });\n };\n\n if (this._pending.updateAuthStatePromise) {\n if (this._pending.canceledTimes >= MAX_PROMISE_CANCEL_TIMES) {\n // stop canceling then starting a new promise\n // let existing promise finish to prevent running into loops\n devMode && log('terminated');\n return finalPromise(this._pending.updateAuthStatePromise);\n } else {\n this._pending.updateAuthStatePromise.cancel();\n }\n }\n\n /* eslint-disable complexity */\n const cancelablePromise = new PCancelable((resolve, _, onCancel) => {\n onCancel.shouldReject = false;\n onCancel(() => {\n this._pending.updateAuthStatePromise = null;\n this._pending.canceledTimes = this._pending.canceledTimes + 1;\n devMode && log('canceled');\n });\n\n const emitAndResolve = (authState) => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n // emit event and resolve promise \n emitAuthStateChange(authState);\n resolve();\n\n // clear pending states after resolve\n this._pending = { ...DEFAULT_PENDING };\n };\n\n this._sdk.isAuthenticated()\n .then(() => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n\n const { accessToken, idToken, refreshToken } = this._sdk.tokenManager.getTokensSync();\n const authState = {\n accessToken,\n idToken,\n refreshToken,\n isAuthenticated: !!(accessToken && idToken)\n };\n\n // Enqueue transformAuthState so that it does not run concurrently\n const promise: Promise<AuthState> = transformAuthState\n ? this._transformQueue.push(transformAuthState, null, this._sdk, authState) as Promise<AuthState>\n : Promise.resolve(authState);\n\n promise\n .then(authState => emitAndResolve(authState))\n .catch(error => emitAndResolve({\n accessToken, \n idToken, \n refreshToken,\n isAuthenticated: false, \n error\n }));\n });\n });\n /* eslint-enable complexity */\n this._pending.updateAuthStatePromise = cancelablePromise;\n\n return finalPromise(cancelablePromise);\n }\n\n subscribe(handler): void {\n this._sdk.emitter.on(EVENT_AUTH_STATE_CHANGE, handler);\n }\n\n unsubscribe(handler?): void {\n this._sdk.emitter.off(EVENT_AUTH_STATE_CHANGE, handler);\n }\n}\n","/**\n * returns true if the given object is a promise\n */\nexport function isPromise(obj) {\n return obj && typeof obj.then === 'function';\n}\nexport var PROMISE_RESOLVED_FALSE = Promise.resolve(false);\nexport var PROMISE_RESOLVED_TRUE = Promise.resolve(true);\nexport var PROMISE_RESOLVED_VOID = Promise.resolve();\nexport function sleep(time, resolveWith) {\n if (!time) time = 0;\n return new Promise(function (res) {\n return setTimeout(function () {\n return res(resolveWith);\n }, time);\n });\n}\nexport function randomInt(min, max) {\n return Math.floor(Math.random() * (max - min + 1) + min);\n}\n\n/**\n * https://stackoverflow.com/a/8084248\n */\nexport function randomToken() {\n return Math.random().toString(36).substring(2);\n}\nvar lastMs = 0;\nvar additional = 0;\n\n/**\n * returns the current time in micro-seconds,\n * WARNING: This is a pseudo-function\n * Performance.now is not reliable in webworkers, so we just make sure to never return the same time.\n * This is enough in browsers, and this function will not be used in nodejs.\n * The main reason for this hack is to ensure that BroadcastChannel behaves equal to production when it is used in fast-running unit tests.\n */\nexport function microSeconds() {\n var ms = new Date().getTime();\n if (ms === lastMs) {\n additional++;\n return ms * 1000 + additional;\n } else {\n lastMs = ms;\n additional = 0;\n return ms * 1000;\n }\n}\n\n/**\n * Check if WebLock API is supported.\n * @link https://developer.mozilla.org/en-US/docs/Web/API/Web_Locks_API\n */\nexport function supportsWebLockAPI() {\n if (typeof navigator !== 'undefined' && typeof navigator.locks !== 'undefined' && typeof navigator.locks.request === 'function') {\n return true;\n } else {\n return false;\n }\n}","import { microSeconds as micro, PROMISE_RESOLVED_VOID } from '../util.js';\nexport var microSeconds = micro;\nexport var type = 'native';\nexport function create(channelName) {\n var state = {\n messagesCallback: null,\n bc: new BroadcastChannel(channelName),\n subFns: [] // subscriberFunctions\n };\n\n state.bc.onmessage = function (msg) {\n if (state.messagesCallback) {\n state.messagesCallback(msg.data);\n }\n };\n return state;\n}\nexport function close(channelState) {\n channelState.bc.close();\n channelState.subFns = [];\n}\nexport function postMessage(channelState, messageJson) {\n try {\n channelState.bc.postMessage(messageJson, false);\n return PROMISE_RESOLVED_VOID;\n } catch (err) {\n return Promise.reject(err);\n }\n}\nexport function onMessage(channelState, fn) {\n channelState.messagesCallback = fn;\n}\nexport function canBeUsed() {\n if ((typeof window !== 'undefined' || typeof self !== 'undefined') && typeof BroadcastChannel === 'function') {\n if (BroadcastChannel._pubkey) {\n throw new Error('BroadcastChannel: Do not overwrite window.BroadcastChannel with this module, this is not a polyfill');\n }\n return true;\n } else {\n return false;\n }\n}\nexport function averageResponseTime() {\n return 150;\n}\nexport var NativeMethod = {\n create: create,\n close: close,\n onMessage: onMessage,\n postMessage: postMessage,\n canBeUsed: canBeUsed,\n type: type,\n averageResponseTime: averageResponseTime,\n microSeconds: microSeconds\n};",null,"export function fillOptionsWithDefaults() {\n var originalOptions = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};\n var options = JSON.parse(JSON.stringify(originalOptions));\n\n // main\n if (typeof options.webWorkerSupport === 'undefined') options.webWorkerSupport = true;\n\n // indexed-db\n if (!options.idb) options.idb = {};\n // after this time the messages get deleted\n if (!options.idb.ttl) options.idb.ttl = 1000 * 45;\n if (!options.idb.fallbackInterval) options.idb.fallbackInterval = 150;\n // handles abrupt db onclose events.\n if (originalOptions.idb && typeof originalOptions.idb.onclose === 'function') options.idb.onclose = originalOptions.idb.onclose;\n\n // localstorage\n if (!options.localstorage) options.localstorage = {};\n if (!options.localstorage.removeTimeout) options.localstorage.removeTimeout = 1000 * 60;\n\n // custom methods\n if (originalOptions.methods) options.methods = originalOptions.methods;\n\n // node\n if (!options.node) options.node = {};\n if (!options.node.ttl) options.node.ttl = 1000 * 60 * 2; // 2 minutes;\n /**\n * On linux use 'ulimit -Hn' to get the limit of open files.\n * On ubuntu this was 4096 for me, so we use half of that as maxParallelWrites default.\n */\n if (!options.node.maxParallelWrites) options.node.maxParallelWrites = 2048;\n if (typeof options.node.useFastPath === 'undefined') options.node.useFastPath = true;\n return options;\n}","/**\n * this method uses indexeddb to store the messages\n * There is currently no observerAPI for idb\n * @link https://github.com/w3c/IndexedDB/issues/51\n * \n * When working on this, ensure to use these performance optimizations:\n * @link https://rxdb.info/slow-indexeddb.html\n */\n\nimport { sleep, randomInt, randomToken, microSeconds as micro, PROMISE_RESOLVED_VOID } from '../util.js';\nexport var microSeconds = micro;\nimport { ObliviousSet } from 'oblivious-set';\nimport { fillOptionsWithDefaults } from '../options.js';\nvar DB_PREFIX = 'pubkey.broadcast-channel-0-';\nvar OBJECT_STORE_ID = 'messages';\n\n/**\n * Use relaxed durability for faster performance on all transactions.\n * @link https://nolanlawson.com/2021/08/22/speeding-up-indexeddb-reads-and-writes/\n */\nexport var TRANSACTION_SETTINGS = {\n durability: 'relaxed'\n};\nexport var type = 'idb';\nexport function getIdb() {\n if (typeof indexedDB !== 'undefined') return indexedDB;\n if (typeof window !== 'undefined') {\n if (typeof window.mozIndexedDB !== 'undefined') return window.mozIndexedDB;\n if (typeof window.webkitIndexedDB !== 'undefined') return window.webkitIndexedDB;\n if (typeof window.msIndexedDB !== 'undefined') return window.msIndexedDB;\n }\n return false;\n}\n\n/**\n * If possible, we should explicitly commit IndexedDB transactions\n * for better performance.\n * @link https://nolanlawson.com/2021/08/22/speeding-up-indexeddb-reads-and-writes/\n */\nexport function commitIndexedDBTransaction(tx) {\n if (tx.commit) {\n tx.commit();\n }\n}\nexport function createDatabase(channelName) {\n var IndexedDB = getIdb();\n\n // create table\n var dbName = DB_PREFIX + channelName;\n\n /**\n * All IndexedDB databases are opened without version\n * because it is a bit faster, especially on firefox\n * @link http://nparashuram.com/IndexedDB/perf/#Open%20Database%20with%20version\n */\n var openRequest = IndexedDB.open(dbName);\n openRequest.onupgradeneeded = function (ev) {\n var db = ev.target.result;\n db.createObjectStore(OBJECT_STORE_ID, {\n keyPath: 'id',\n autoIncrement: true\n });\n };\n return new Promise(function (res, rej) {\n openRequest.onerror = function (ev) {\n return rej(ev);\n };\n openRequest.onsuccess = function () {\n res(openRequest.result);\n };\n });\n}\n\n/**\n * writes the new message to the database\n * so other readers can find it\n */\nexport function writeMessage(db, readerUuid, messageJson) {\n var time = new Date().getTime();\n var writeObject = {\n uuid: readerUuid,\n time: time,\n data: messageJson\n };\n var tx = db.transaction([OBJECT_STORE_ID], 'readwrite', TRANSACTION_SETTINGS);\n return new Promise(function (res, rej) {\n tx.oncomplete = function () {\n return res();\n };\n tx.onerror = function (ev) {\n return rej(ev);\n };\n var objectStore = tx.objectStore(OBJECT_STORE_ID);\n objectStore.add(writeObject);\n commitIndexedDBTransaction(tx);\n });\n}\nexport function getAllMessages(db) {\n var tx = db.transaction(OBJECT_STORE_ID, 'readonly', TRANSACTION_SETTINGS);\n var objectStore = tx.objectStore(OBJECT_STORE_ID);\n var ret = [];\n return new Promise(function (res) {\n objectStore.openCursor().onsuccess = function (ev) {\n var cursor = ev.target.result;\n if (cursor) {\n ret.push(cursor.value);\n //alert(\"Name for SSN \" + cursor.key + \" is \" + cursor.value.name);\n cursor[\"continue\"]();\n } else {\n commitIndexedDBTransaction(tx);\n res(ret);\n }\n };\n });\n}\nexport function getMessagesHigherThan(db, lastCursorId) {\n var tx = db.transaction(OBJECT_STORE_ID, 'readonly', TRANSACTION_SETTINGS);\n var objectStore = tx.objectStore(OBJECT_STORE_ID);\n var ret = [];\n var keyRangeValue = IDBKeyRange.bound(lastCursorId + 1, Infinity);\n\n /**\n * Optimization shortcut,\n * if getAll() can be used, do not use a cursor.\n * @link https://rxdb.info/slow-indexeddb.html\n */\n if (objectStore.getAll) {\n var getAllRequest = objectStore.getAll(keyRangeValue);\n return new Promise(function (res, rej) {\n getAllRequest.onerror = function (err) {\n return rej(err);\n };\n getAllRequest.onsuccess = function (e) {\n res(e.target.result);\n };\n });\n }\n function openCursor() {\n // Occasionally Safari will fail on IDBKeyRange.bound, this\n // catches that error, having it open the cursor to the first\n // item. When it gets data it will advance to the desired key.\n try {\n keyRangeValue = IDBKeyRange.bound(lastCursorId + 1, Infinity);\n return objectStore.openCursor(keyRangeValue);\n } catch (e) {\n return objectStore.openCursor();\n }\n }\n return new Promise(function (res, rej) {\n var openCursorRequest = openCursor();\n openCursorRequest.onerror = function (err) {\n return rej(err);\n };\n openCursorRequest.onsuccess = function (ev) {\n var cursor = ev.target.result;\n if (cursor) {\n if (cursor.value.id < lastCursorId + 1) {\n cursor[\"continue\"](lastCursorId + 1);\n } else {\n ret.push(cursor.value);\n cursor[\"continue\"]();\n }\n } else {\n commitIndexedDBTransaction(tx);\n res(ret);\n }\n };\n });\n}\nexport function removeMessagesById(channelState, ids) {\n if (channelState.closed) {\n return Promise.resolve([]);\n }\n var tx = channelState.db.transaction(OBJECT_STORE_ID, 'readwrite', TRANSACTION_SETTINGS);\n var objectStore = tx.objectStore(OBJECT_STORE_ID);\n return Promise.all(ids.map(function (id) {\n var deleteRequest = objectStore[\"delete\"](id);\n return new Promise(function (res) {\n deleteRequest.onsuccess = function () {\n return res();\n };\n });\n }));\n}\nexport function getOldMessages(db, ttl) {\n var olderThen = new Date().getTime() - ttl;\n var tx = db.transaction(OBJECT_STORE_ID, 'readonly', TRANSACTION_SETTINGS);\n var objectStore = tx.objectStore(OBJECT_STORE_ID);\n var ret = [];\n return new Promise(function (res) {\n objectStore.openCursor().onsuccess = function (ev) {\n var cursor = ev.target.result;\n if (cursor) {\n var msgObk = cursor.value;\n if (msgObk.time < olderThen) {\n ret.push(msgObk);\n //alert(\"Name for SSN \" + cursor.key + \" is \" + cursor.value.name);\n cursor[\"continue\"]();\n } else {\n // no more old messages,\n commitIndexedDBTransaction(tx);\n res(ret);\n }\n } else {\n res(ret);\n }\n };\n });\n}\nexport function cleanOldMessages(channelState) {\n return getOldMessages(channelState.db, channelState.options.idb.ttl).then(function (tooOld) {\n return removeMessagesById(channelState, tooOld.map(function (msg) {\n return msg.id;\n }));\n });\n}\nexport function create(channelName, options) {\n options = fillOptionsWithDefaults(options);\n return createDatabase(channelName).then(function (db) {\n var state = {\n closed: false,\n lastCursorId: 0,\n channelName: channelName,\n options: options,\n uuid: randomToken(),\n /**\n * emittedMessagesIds\n * contains all messages that have been emitted before\n * @type {ObliviousSet}\n */\n eMIs: new ObliviousSet(options.idb.ttl * 2),\n // ensures we do not read messages in parallel\n writeBlockPromise: PROMISE_RESOLVED_VOID,\n messagesCallback: null,\n readQueuePromises: [],\n db: db\n };\n\n /**\n * Handle abrupt closes that do not originate from db.close().\n * This could happen, for example, if the underlying storage is\n * removed or if the user clears the database in the browser's\n * history preferences.\n */\n db.onclose = function () {\n state.closed = true;\n if (options.idb.onclose) options.idb.onclose();\n };\n\n /**\n * if service-workers are used,\n * we have no 'storage'-event if they post a message,\n * therefore we also have to set an interval\n */\n _readLoop(state);\n return state;\n });\n}\nfunction _readLoop(state) {\n if (state.closed) return;\n readNewMessages(state).then(function () {\n return sleep(state.options.idb.fallbackInterval);\n }).then(function () {\n return _readLoop(state);\n });\n}\nfunction _filterMessage(msgObj, state) {\n if (msgObj.uuid === state.uuid) return false; // send by own\n if (state.eMIs.has(msgObj.id)) return false; // already emitted\n if (msgObj.data.time < state.messagesCallbackTime) return false; // older then onMessageCallback\n return true;\n}\n\n/**\n * reads all new messages from the database and emits them\n */\nfunction readNewMessages(state) {\n // channel already closed\n if (state.closed) return PROMISE_RESOLVED_VOID;\n\n // if no one is listening, we do not need to scan for new messages\n if (!state.messagesCallback) return PROMISE_RESOLVED_VOID;\n return getMessagesHigherThan(state.db, state.lastCursorId).then(function (newerMessages) {\n var useMessages = newerMessages\n /**\n * there is a bug in iOS where the msgObj can be undefined sometimes\n * so we filter them out\n * @link https://github.com/pubkey/broadcast-channel/issues/19\n */.filter(function (msgObj) {\n return !!msgObj;\n }).map(function (msgObj) {\n if (msgObj.id > state.lastCursorId) {\n state.lastCursorId = msgObj.id;\n }\n return msgObj;\n }).filter(function (msgObj) {\n return _filterMessage(msgObj, state);\n }).sort(function (msgObjA, msgObjB) {\n return msgObjA.time - msgObjB.time;\n }); // sort by time\n useMessages.forEach(function (msgObj) {\n if (state.messagesCallback) {\n state.eMIs.add(msgObj.id);\n state.messagesCallback(msgObj.data);\n }\n });\n return PROMISE_RESOLVED_VOID;\n });\n}\nexport function close(channelState) {\n channelState.closed = true;\n channelState.db.close();\n}\nexport function postMessage(channelState, messageJson) {\n channelState.writeBlockPromise = channelState.writeBlockPromise.then(function () {\n return writeMessage(channelState.db, channelState.uuid, messageJson);\n }).then(function () {\n if (randomInt(0, 10) === 0) {\n /* await (do not await) */\n cleanOldMessages(channelState);\n }\n });\n return channelState.writeBlockPromise;\n}\nexport function onMessage(channelState, fn, time) {\n channelState.messagesCallbackTime = time;\n channelState.messagesCallback = fn;\n readNewMessages(channelState);\n}\nexport function canBeUsed() {\n return !!getIdb();\n}\nexport function averageResponseTime(options) {\n return options.idb.fallbackInterval * 2;\n}\nexport var IndexedDBMethod = {\n create: create,\n close: close,\n onMessage: onMessage,\n postMessage: postMessage,\n canBeUsed: canBeUsed,\n type: type,\n averageResponseTime: averageResponseTime,\n microSeconds: microSeconds\n};","/**\n * A localStorage-only method which uses localstorage and its 'storage'-event\n * This does not work inside webworkers because they have no access to localstorage\n * This is basically implemented to support IE9 or your grandmother's toaster.\n * @link https://caniuse.com/#feat=namevalue-storage\n * @link https://caniuse.com/#feat=indexeddb\n */\n\nimport { ObliviousSet } from 'oblivious-set';\nimport { fillOptionsWithDefaults } from '../options.js';\nimport { sleep, randomToken, microSeconds as micro } from '../util.js';\nexport var microSeconds = micro;\nvar KEY_PREFIX = 'pubkey.broadcastChannel-';\nexport var type = 'localstorage';\n\n/**\n * copied from crosstab\n * @link https://github.com/tejacques/crosstab/blob/master/src/crosstab.js#L32\n */\nexport function getLocalStorage() {\n var localStorage;\n if (typeof window === 'undefined') return null;\n try {\n localStorage = window.localStorage;\n localStorage = window['ie8-eventlistener/storage'] || window.localStorage;\n } catch (e) {\n // New versions of Firefox throw a Security exception\n // if cookies are disabled. See\n // https://bugzilla.mozilla.org/show_bug.cgi?id=1028153\n }\n return localStorage;\n}\nexport function storageKey(channelName) {\n return KEY_PREFIX + channelName;\n}\n\n/**\n* writes the new message to the storage\n* and fires the storage-event so other readers can find it\n*/\nexport function postMessage(channelState, messageJson) {\n return new Promise(function (res) {\n sleep().then(function () {\n var key = storageKey(channelState.channelName);\n var writeObj = {\n token: randomToken(),\n time: new Date().getTime(),\n data: messageJson,\n uuid: channelState.uuid\n };\n var value = JSON.stringify(writeObj);\n getLocalStorage().setItem(key, value);\n\n /**\n * StorageEvent does not fire the 'storage' event\n * in the window that changes the state of the local storage.\n * So we fire it manually\n */\n var ev = document.createEvent('Event');\n ev.initEvent('storage', true, true);\n ev.key = key;\n ev.newValue = value;\n window.dispatchEvent(ev);\n res();\n });\n });\n}\nexport function addStorageEventListener(channelName, fn) {\n var key = storageKey(channelName);\n var listener = function listener(ev) {\n if (ev.key === key) {\n fn(JSON.parse(ev.newValue));\n }\n };\n window.addEventListener('storage', listener);\n return listener;\n}\nexport function removeStorageEventListener(listener) {\n window.removeEventListener('storage', listener);\n}\nexport function create(channelName, options) {\n options = fillOptionsWithDefaults(options);\n if (!canBeUsed()) {\n throw new Error('BroadcastChannel: localstorage cannot be used');\n }\n var uuid = randomToken();\n\n /**\n * eMIs\n * contains all messages that have been emitted before\n * @type {ObliviousSet}\n */\n var eMIs = new ObliviousSet(options.localstorage.removeTimeout);\n var state = {\n channelName: channelName,\n uuid: uuid,\n eMIs: eMIs // emittedMessagesIds\n };\n\n state.listener = addStorageEventListener(channelName, function (msgObj) {\n if (!state.messagesCallback) return; // no listener\n if (msgObj.uuid === uuid) return; // own message\n if (!msgObj.token || eMIs.has(msgObj.token)) return; // already emitted\n if (msgObj.data.time && msgObj.data.time < state.messagesCallbackTime) return; // too old\n\n eMIs.add(msgObj.token);\n state.messagesCallback(msgObj.data);\n });\n return state;\n}\nexport function close(channelState) {\n removeStorageEventListener(channelState.listener);\n}\nexport function onMessage(channelState, fn, time) {\n channelState.messagesCallbackTime = time;\n channelState.messagesCallback = fn;\n}\nexport function canBeUsed() {\n var ls = getLocalStorage();\n if (!ls) return false;\n try {\n var key = '__broadcastchannel_check';\n ls.setItem(key, 'works');\n ls.removeItem(key);\n } catch (e) {\n // Safari 10 in private mode will not allow write access to local\n // storage and fail with a QuotaExceededError. See\n // https://developer.mozilla.org/en-US/docs/Web/API/Web_Storage_API#Private_Browsing_Incognito_modes\n return false;\n }\n return true;\n}\nexport function averageResponseTime() {\n var defaultTime = 120;\n var userAgent = navigator.userAgent.toLowerCase();\n if (userAgent.includes('safari') && !userAgent.includes('chrome')) {\n // safari is much slower so this time is higher\n return defaultTime * 2;\n }\n return defaultTime;\n}\nexport var LocalstorageMethod = {\n create: create,\n close: close,\n onMessage: onMessage,\n postMessage: postMessage,\n canBeUsed: canBeUsed,\n type: type,\n averageResponseTime: averageResponseTime,\n microSeconds: microSeconds\n};","import { microSeconds as micro } from '../util.js';\nexport var microSeconds = micro;\nexport var type = 'simulate';\nvar SIMULATE_CHANNELS = new Set();\nexport function create(channelName) {\n var state = {\n name: channelName,\n messagesCallback: null\n };\n SIMULATE_CHANNELS.add(state);\n return state;\n}\nexport function close(channelState) {\n SIMULATE_CHANNELS[\"delete\"](channelState);\n}\nexport function postMessage(channelState, messageJson) {\n return new Promise(function (res) {\n return setTimeout(function () {\n var channelArray = Array.from(SIMULATE_CHANNELS);\n channelArray.filter(function (channel) {\n return channel.name === channelState.name;\n }).filter(function (channel) {\n return channel !== channelState;\n }).filter(function (channel) {\n return !!channel.messagesCallback;\n }).forEach(function (channel) {\n return channel.messagesCallback(messageJson);\n });\n res();\n }, 5);\n });\n}\nexport function onMessage(channelState, fn) {\n channelState.messagesCallback = fn;\n}\nexport function canBeUsed() {\n return true;\n}\nexport function averageResponseTime() {\n return 5;\n}\nexport var SimulateMethod = {\n create: create,\n close: close,\n onMessage: onMessage,\n postMessage: postMessage,\n canBeUsed: canBeUsed,\n type: type,\n averageResponseTime: averageResponseTime,\n microSeconds: microSeconds\n};","import { NativeMethod } from './methods/native.js';\nimport { IndexedDBMethod } from './methods/indexed-db.js';\nimport { LocalstorageMethod } from './methods/localstorage.js';\nimport { SimulateMethod } from './methods/simulate.js';\n// the line below will be removed from es5/browser builds\n\n// order is important\nvar METHODS = [NativeMethod,\n// fastest\nIndexedDBMethod, LocalstorageMethod];\nexport function chooseMethod(options) {\n var chooseMethods = [].concat(options.methods, METHODS).filter(Boolean);\n\n // the line below will be removed from es5/browser builds\n\n // directly chosen\n if (options.type) {\n if (options.type === 'simulate') {\n // only use simulate-method if directly chosen\n return SimulateMethod;\n }\n var ret = chooseMethods.find(function (m) {\n return m.type === options.type;\n });\n if (!ret) throw new Error('method-type ' + options.type + ' not found');else return ret;\n }\n\n /**\n * if no webworker support is needed,\n * remove idb from the list so that localstorage will be chosen\n */\n if (!options.webWorkerSupport) {\n chooseMethods = chooseMethods.filter(function (m) {\n return m.type !== 'idb';\n });\n }\n var useMethod = chooseMethods.find(function (method) {\n return method.canBeUsed();\n });\n if (!useMethod) {\n throw new Error(\"No usable method found in \" + JSON.stringify(METHODS.map(function (m) {\n return m.type;\n })));\n } else {\n return useMethod;\n }\n}","import { isPromise, PROMISE_RESOLVED_FALSE, PROMISE_RESOLVED_VOID } from './util.js';\nimport { chooseMethod } from './method-chooser.js';\nimport { fillOptionsWithDefaults } from './options.js';\n\n/**\n * Contains all open channels,\n * used in tests to ensure everything is closed.\n */\nexport var OPEN_BROADCAST_CHANNELS = new Set();\nvar lastId = 0;\nexport var BroadcastChannel = function BroadcastChannel(name, options) {\n // identifier of the channel to debug stuff\n this.id = lastId++;\n OPEN_BROADCAST_CHANNELS.add(this);\n this.name = name;\n if (ENFORCED_OPTIONS) {\n options = ENFORCED_OPTIONS;\n }\n this.options = fillOptionsWithDefaults(options);\n this.method = chooseMethod(this.options);\n\n // isListening\n this._iL = false;\n\n /**\n * _onMessageListener\n * setting onmessage twice,\n * will overwrite the first listener\n */\n this._onML = null;\n\n /**\n * _addEventListeners\n */\n this._addEL = {\n message: [],\n internal: []\n };\n\n /**\n * Unsent message promises\n * where the sending is still in progress\n * @type {Set<Promise>}\n */\n this._uMP = new Set();\n\n /**\n * _beforeClose\n * array of promises that will be awaited\n * before the channel is closed\n */\n this._befC = [];\n\n /**\n * _preparePromise\n */\n this._prepP = null;\n _prepareChannel(this);\n};\n\n// STATICS\n\n/**\n * used to identify if someone overwrites\n * window.BroadcastChannel with this\n * See methods/native.js\n */\nBroadcastChannel._pubkey = true;\n\n/**\n * clears the tmp-folder if is node\n * @return {Promise<boolean>} true if has run, false if not node\n */\nexport function clearNodeFolder(options) {\n options = fillOptionsWithDefaults(options);\n var method = chooseMethod(options);\n if (method.type === 'node') {\n return method.clearNodeFolder().then(function () {\n return true;\n });\n } else {\n return PROMISE_RESOLVED_FALSE;\n }\n}\n\n/**\n * if set, this method is enforced,\n * no mather what the options are\n */\nvar ENFORCED_OPTIONS;\nexport function enforceOptions(options) {\n ENFORCED_OPTIONS = options;\n}\n\n// PROTOTYPE\nBroadcastChannel.prototype = {\n postMessage: function postMessage(msg) {\n if (this.closed) {\n throw new Error('BroadcastChannel.postMessage(): ' + 'Cannot post message after channel has closed ' +\n /**\n * In the past when this error appeared, it was really hard to debug.\n * So now we log the msg together with the error so it at least\n * gives some clue about where in your application this happens.\n */\n JSON.stringify(msg));\n }\n return _post(this, 'message', msg);\n },\n postInternal: function postInternal(msg) {\n return _post(this, 'internal', msg);\n },\n set onmessage(fn) {\n var time = this.method.microSeconds();\n var listenObj = {\n time: time,\n fn: fn\n };\n _removeListenerObject(this, 'message', this._onML);\n if (fn && typeof fn === 'function') {\n this._onML = listenObj;\n _addListenerObject(this, 'message', listenObj);\n } else {\n this._onML = null;\n }\n },\n addEventListener: function addEventListener(type, fn) {\n var time = this.method.microSeconds();\n var listenObj = {\n time: time,\n fn: fn\n };\n _addListenerObject(this, type, listenObj);\n },\n removeEventListener: function removeEventListener(type, fn) {\n var obj = this._addEL[type].find(function (obj) {\n return obj.fn === fn;\n });\n _removeListenerObject(this, type, obj);\n },\n close: function close() {\n var _this = this;\n if (this.closed) {\n return;\n }\n OPEN_BROADCAST_CHANNELS[\"delete\"](this);\n this.closed = true;\n var awaitPrepare = this._prepP ? this._prepP : PROMISE_RESOLVED_VOID;\n this._onML = null;\n this._addEL.message = [];\n return awaitPrepare\n // wait until all current sending are processed\n .then(function () {\n return Promise.all(Array.from(_this._uMP));\n })\n // run before-close hooks\n .then(function () {\n return Promise.all(_this._befC.map(function (fn) {\n return fn();\n }));\n })\n // close the channel\n .then(function () {\n return _this.method.close(_this._state);\n });\n },\n get type() {\n return this.method.type;\n },\n get isClosed() {\n return this.closed;\n }\n};\n\n/**\n * Post a message over the channel\n * @returns {Promise} that resolved when the message sending is done\n */\nfunction _post(broadcastChannel, type, msg) {\n var time = broadcastChannel.method.microSeconds();\n var msgObj = {\n time: time,\n type: type,\n data: msg\n };\n var awaitPrepare = broadcastChannel._prepP ? broadcastChannel._prepP : PROMISE_RESOLVED_VOID;\n return awaitPrepare.then(function () {\n var sendPromise = broadcastChannel.method.postMessage(broadcastChannel._state, msgObj);\n\n // add/remove to unsent messages list\n broadcastChannel._uMP.add(sendPromise);\n sendPromise[\"catch\"]().then(function () {\n return broadcastChannel._uMP[\"delete\"](sendPromise);\n });\n return sendPromise;\n });\n}\nfunction _prepareChannel(channel) {\n var maybePromise = channel.method.create(channel.name, channel.options);\n if (isPromise(maybePromise)) {\n channel._prepP = maybePromise;\n maybePromise.then(function (s) {\n // used in tests to simulate slow runtime\n /*if (channel.options.prepareDelay) {\n await new Promise(res => setTimeout(res, this.options.prepareDelay));\n }*/\n channel._state = s;\n });\n } else {\n channel._state = maybePromise;\n }\n}\nfunction _hasMessageListeners(channel) {\n if (channel._addEL.message.length > 0) return true;\n if (channel._addEL.internal.length > 0) return true;\n return false;\n}\nfunction _addListenerObject(channel, type, obj) {\n channel._addEL[type].push(obj);\n _startListening(channel);\n}\nfunction _removeListenerObject(channel, type, obj) {\n channel._addEL[type] = channel._addEL[type].filter(function (o) {\n return o !== obj;\n });\n _stopListening(channel);\n}\nfunction _startListening(channel) {\n if (!channel._iL && _hasMessageListeners(channel)) {\n // someone is listening, start subscribing\n\n var listenerFn = function listenerFn(msgObj) {\n channel._addEL[msgObj.type].forEach(function (listenerObject) {\n /**\n * Getting the current time in JavaScript has no good precision.\n * So instead of only listening to events that happened 'after' the listener\n * was added, we also listen to events that happened 100ms before it.\n * This ensures that when another process, like a WebWorker, sends events\n * we do not miss them out because their timestamp is a bit off compared to the main process.\n * Not doing this would make messages missing when we send data directly after subscribing and awaiting a response.\n * @link https://johnresig.com/blog/accuracy-of-javascript-time/\n */\n var hundredMsInMicro = 100 * 1000;\n var minMessageTime = listenerObject.time - hundredMsInMicro;\n if (msgObj.time >= minMessageTime) {\n listenerObject.fn(msgObj.data);\n }\n });\n };\n var time = channel.method.microSeconds();\n if (channel._prepP) {\n channel._prepP.then(function () {\n channel._iL = true;\n channel.method.onMessage(channel._state, listenerFn, time);\n });\n } else {\n channel._iL = true;\n channel.method.onMessage(channel._state, listenerFn, time);\n }\n }\n}\nfunction _stopListening(channel) {\n if (channel._iL && !_hasMessageListeners(channel)) {\n // no one is listening, stop subscribing\n channel._iL = false;\n var time = channel.method.microSeconds();\n channel.method.onMessage(channel._state, null, time);\n }\n}","import { addBrowser } from './browser.js';\nimport { addNode } from './node.js';\n\n/**\n * Use the code directly to prevent import problems\n * with the detect-node package.\n * @link https://github.com/iliakan/detect-node/blob/master/index.js\n */\nvar isNode = Object.prototype.toString.call(typeof process !== 'undefined' ? process : 0) === '[object process]';\nvar USE_METHOD = isNode ? addNode : addBrowser;\nvar LISTENERS = new Set();\nvar startedListening = false;\nfunction startListening() {\n if (startedListening) {\n return;\n }\n startedListening = true;\n USE_METHOD(runAll);\n}\nexport function add(fn) {\n startListening();\n if (typeof fn !== 'function') {\n throw new Error('Listener is no function');\n }\n LISTENERS.add(fn);\n var addReturn = {\n remove: function remove() {\n return LISTENERS[\"delete\"](fn);\n },\n run: function run() {\n LISTENERS[\"delete\"](fn);\n return fn();\n }\n };\n return addReturn;\n}\nexport function runAll() {\n var promises = [];\n LISTENERS.forEach(function (fn) {\n promises.push(fn());\n LISTENERS[\"delete\"](fn);\n });\n return Promise.all(promises);\n}\nexport function removeAll() {\n LISTENERS.clear();\n}\nexport function getSize() {\n return LISTENERS.size;\n}","export function addNode(fn) {\n process.on('exit', function () {\n return fn();\n });\n\n /**\n * on the following events,\n * the process will not end if there are\n * event-handlers attached,\n * therefore we have to call process.exit()\n */\n process.on('beforeExit', function () {\n return fn().then(function () {\n return process.exit();\n });\n });\n // catches ctrl+c event\n process.on('SIGINT', function () {\n return fn().then(function () {\n return process.exit();\n });\n });\n // catches uncaught exceptions\n process.on('uncaughtException', function (err) {\n return fn().then(function () {\n console.trace(err);\n process.exit(101);\n });\n });\n}","/* global WorkerGlobalScope */\n\nexport function addBrowser(fn) {\n if (typeof WorkerGlobalScope === 'function' && self instanceof WorkerGlobalScope) {\n /**\n * Because killing a worker does directly stop the excution\n * of the code, our only chance is to overwrite the close function\n * which could work some times.\n * @link https://stackoverflow.com/q/72903255/3443137\n */\n var oldClose = self.close.bind(self);\n self.close = function () {\n fn();\n return oldClose();\n };\n } else {\n /**\n * if we are on react-native, there is no window.addEventListener\n * @link https://github.com/pubkey/unload/issues/6\n */\n if (typeof window.addEventListener !== 'function') {\n return;\n }\n\n /**\n * for normal browser-windows, we use the beforeunload-event\n */\n window.addEventListener('beforeunload', function () {\n fn();\n }, true);\n\n /**\n * for iframes, we have to use the unload-event\n * @link https://stackoverflow.com/q/47533670/3443137\n */\n window.addEventListener('unload', function () {\n fn();\n }, true);\n }\n\n /**\n * TODO add fallback for safari-mobile\n * @link https://stackoverflow.com/a/26193516/3443137\n */\n}","import { add as unloadAdd } from 'unload';\n\n/**\n * sends and internal message over the broadcast-channel\n */\nexport function sendLeaderMessage(leaderElector, action) {\n var msgJson = {\n context: 'leader',\n action: action,\n token: leaderElector.token\n };\n return leaderElector.broadcastChannel.postInternal(msgJson);\n}\nexport function beLeader(leaderElector) {\n leaderElector.isLeader = true;\n leaderElector._hasLeader = true;\n var unloadFn = unloadAdd(function () {\n return leaderElector.die();\n });\n leaderElector._unl.push(unloadFn);\n var isLeaderListener = function isLeaderListener(msg) {\n if (msg.context === 'leader' && msg.action === 'apply') {\n sendLeaderMessage(leaderElector, 'tell');\n }\n if (msg.context === 'leader' && msg.action === 'tell' && !leaderElector._dpLC) {\n /**\n * another instance is also leader!\n * This can happen on rare events\n * like when the CPU is at 100% for long time\n * or the tabs are open very long and the browser throttles them.\n * @link https://github.com/pubkey/broadcast-channel/issues/414\n * @link https://github.com/pubkey/broadcast-channel/issues/385\n */\n leaderElector._dpLC = true;\n leaderElector._dpL(); // message the lib user so the app can handle the problem\n sendLeaderMessage(leaderElector, 'tell'); // ensure other leader also knows the problem\n }\n };\n\n leaderElector.broadcastChannel.addEventListener('internal', isLeaderListener);\n leaderElector._lstns.push(isLeaderListener);\n return sendLeaderMessage(leaderElector, 'tell');\n}","import { randomToken } from './util.js';\nimport { sendLeaderMessage, beLeader } from './leader-election-util.js';\n\n/**\n * A faster version of the leader elector that uses the WebLock API\n * @link https://developer.mozilla.org/en-US/docs/Web/API/Web_Locks_API\n */\nexport var LeaderElectionWebLock = function LeaderElectionWebLock(broadcastChannel, options) {\n var _this = this;\n this.broadcastChannel = broadcastChannel;\n broadcastChannel._befC.push(function () {\n return _this.die();\n });\n this._options = options;\n this.isLeader = false;\n this.isDead = false;\n this.token = randomToken();\n this._lstns = [];\n this._unl = [];\n this._dpL = function () {}; // onduplicate listener\n this._dpLC = false; // true when onduplicate called\n\n this._wKMC = {}; // stuff for cleanup\n\n // lock name\n this.lN = 'pubkey-bc||' + broadcastChannel.method.type + '||' + broadcastChannel.name;\n};\nLeaderElectionWebLock.prototype = {\n hasLeader: function hasLeader() {\n var _this2 = this;\n return navigator.locks.query().then(function (locks) {\n var relevantLocks = locks.held ? locks.held.filter(function (lock) {\n return lock.name === _this2.lN;\n }) : [];\n if (relevantLocks && relevantLocks.length > 0) {\n return true;\n } else {\n return false;\n }\n });\n },\n awaitLeadership: function awaitLeadership() {\n var _this3 = this;\n if (!this._wLMP) {\n this._wKMC.c = new AbortController();\n var returnPromise = new Promise(function (res, rej) {\n _this3._wKMC.res = res;\n _this3._wKMC.rej = rej;\n });\n this._wLMP = new Promise(function (res) {\n navigator.locks.request(_this3.lN, {\n signal: _this3._wKMC.c.signal\n }, function () {\n // if the lock resolved, we can drop the abort controller\n _this3._wKMC.c = undefined;\n beLeader(_this3);\n res();\n return returnPromise;\n })[\"catch\"](function () {});\n });\n }\n return this._wLMP;\n },\n set onduplicate(_fn) {\n // Do nothing because there are no duplicates in the WebLock version\n },\n die: function die() {\n var _this4 = this;\n this._lstns.forEach(function (listener) {\n return _this4.broadcastChannel.removeEventListener('internal', listener);\n });\n this._lstns = [];\n this._unl.forEach(function (uFn) {\n return uFn.remove();\n });\n this._unl = [];\n if (this.isLeader) {\n this.isLeader = false;\n }\n this.isDead = true;\n if (this._wKMC.res) {\n this._wKMC.res();\n }\n if (this._wKMC.c) {\n this._wKMC.c.abort('LeaderElectionWebLock.die() called');\n }\n return sendLeaderMessage(this, 'death');\n }\n};","import { sleep, randomToken, PROMISE_RESOLVED_VOID, PROMISE_RESOLVED_TRUE, supportsWebLockAPI } from './util.js';\nimport { sendLeaderMessage, beLeader } from './leader-election-util.js';\nimport { LeaderElectionWebLock } from './leader-election-web-lock.js';\nvar LeaderElection = function LeaderElection(broadcastChannel, options) {\n var _this = this;\n this.broadcastChannel = broadcastChannel;\n this._options = options;\n this.isLeader = false;\n this._hasLeader = false;\n this.isDead = false;\n this.token = randomToken();\n\n /**\n * Apply Queue,\n * used to ensure we do not run applyOnce()\n * in parallel.\n */\n this._aplQ = PROMISE_RESOLVED_VOID;\n // amount of unfinished applyOnce() calls\n this._aplQC = 0;\n\n // things to clean up\n this._unl = []; // _unloads\n this._lstns = []; // _listeners\n this._dpL = function () {}; // onduplicate listener\n this._dpLC = false; // true when onduplicate called\n\n /**\n * Even when the own instance is not applying,\n * we still listen to messages to ensure the hasLeader flag\n * is set correctly.\n */\n var hasLeaderListener = function hasLeaderListener(msg) {\n if (msg.context === 'leader') {\n if (msg.action === 'death') {\n _this._hasLeader = false;\n }\n if (msg.action === 'tell') {\n _this._hasLeader = true;\n }\n }\n };\n this.broadcastChannel.addEventListener('internal', hasLeaderListener);\n this._lstns.push(hasLeaderListener);\n};\nLeaderElection.prototype = {\n hasLeader: function hasLeader() {\n return Promise.resolve(this._hasLeader);\n },\n /**\n * Returns true if the instance is leader,\n * false if not.\n * @async\n */\n applyOnce: function applyOnce(\n // true if the applyOnce() call came from the fallbackInterval cycle\n isFromFallbackInterval) {\n var _this2 = this;\n if (this.isLeader) {\n return sleep(0, true);\n }\n if (this.isDead) {\n return sleep(0, false);\n }\n\n /**\n * Already applying more than once,\n * -> wait for the apply queue to be finished.\n */\n if (this._aplQC > 1) {\n return this._aplQ;\n }\n\n /**\n * Add a new apply-run\n */\n var applyRun = function applyRun() {\n /**\n * Optimization shortcuts.\n * Directly return if a previous run\n * has already elected a leader.\n */\n if (_this2.isLeader) {\n return PROMISE_RESOLVED_TRUE;\n }\n var stopCriteria = false;\n var stopCriteriaPromiseResolve;\n /**\n * Resolves when a stop criteria is reached.\n * Uses as a performance shortcut so we do not\n * have to await the responseTime when it is already clear\n * that the election failed.\n */\n var stopCriteriaPromise = new Promise(function (res) {\n stopCriteriaPromiseResolve = function stopCriteriaPromiseResolve() {\n stopCriteria = true;\n res();\n };\n });\n var handleMessage = function handleMessage(msg) {\n if (msg.context === 'leader' && msg.token != _this2.token) {\n if (msg.action === 'apply') {\n // other is applying\n if (msg.token > _this2.token) {\n /**\n * other has higher token\n * -> stop applying and let other become leader.\n */\n stopCriteriaPromiseResolve();\n }\n }\n if (msg.action === 'tell') {\n // other is already leader\n stopCriteriaPromiseResolve();\n _this2._hasLeader = true;\n }\n }\n };\n _this2.broadcastChannel.addEventListener('internal', handleMessage);\n\n /**\n * If the applyOnce() call came from the fallbackInterval,\n * we can assume that the election runs in the background and\n * not critical process is waiting for it.\n * When this is true, we give the other instances\n * more time to answer to messages in the election cycle.\n * This makes it less likely to elect duplicate leaders.\n * But also it takes longer which is not a problem because we anyway\n * run in the background.\n */\n var waitForAnswerTime = isFromFallbackInterval ? _this2._options.responseTime * 4 : _this2._options.responseTime;\n return sendLeaderMessage(_this2, 'apply') // send out that this one is applying\n .then(function () {\n return Promise.race([sleep(waitForAnswerTime), stopCriteriaPromise.then(function () {\n return Promise.reject(new Error());\n })]);\n })\n // send again in case another instance was just created\n .then(function () {\n return sendLeaderMessage(_this2, 'apply');\n })\n // let others time to respond\n .then(function () {\n return Promise.race([sleep(waitForAnswerTime), stopCriteriaPromise.then(function () {\n return Promise.reject(new Error());\n })]);\n })[\"catch\"](function () {}).then(function () {\n _this2.broadcastChannel.removeEventListener('internal', handleMessage);\n if (!stopCriteria) {\n // no stop criteria -> own is leader\n return beLeader(_this2).then(function () {\n return true;\n });\n } else {\n // other is leader\n return false;\n }\n });\n };\n this._aplQC = this._aplQC + 1;\n this._aplQ = this._aplQ.then(function () {\n return applyRun();\n }).then(function () {\n _this2._aplQC = _this2._aplQC - 1;\n });\n return this._aplQ.then(function () {\n return _this2.isLeader;\n });\n },\n awaitLeadership: function awaitLeadership() {\n if ( /* _awaitLeadershipPromise */\n !this._aLP) {\n this._aLP = _awaitLeadershipOnce(this);\n }\n return this._aLP;\n },\n set onduplicate(fn) {\n this._dpL = fn;\n },\n die: function die() {\n var _this3 = this;\n this._lstns.forEach(function (listener) {\n return _this3.broadcastChannel.removeEventListener('internal', listener);\n });\n this._lstns = [];\n this._unl.forEach(function (uFn) {\n return uFn.remove();\n });\n this._unl = [];\n if (this.isLeader) {\n this._hasLeader = false;\n this.isLeader = false;\n }\n this.isDead = true;\n return sendLeaderMessage(this, 'death');\n }\n};\n\n/**\n * @param leaderElector {LeaderElector}\n */\nfunction _awaitLeadershipOnce(leaderElector) {\n if (leaderElector.isLeader) {\n return PROMISE_RESOLVED_VOID;\n }\n return new Promise(function (res) {\n var resolved = false;\n function finish() {\n if (resolved) {\n return;\n }\n resolved = true;\n leaderElector.broadcastChannel.removeEventListener('internal', whenDeathListener);\n res(true);\n }\n\n // try once now\n leaderElector.applyOnce().then(function () {\n if (leaderElector.isLeader) {\n finish();\n }\n });\n\n /**\n * Try on fallbackInterval\n * @recursive\n */\n var tryOnFallBack = function tryOnFallBack() {\n return sleep(leaderElector._options.fallbackInterval).then(function () {\n if (leaderElector.isDead || resolved) {\n return;\n }\n if (leaderElector.isLeader) {\n finish();\n } else {\n return leaderElector.applyOnce(true).then(function () {\n if (leaderElector.isLeader) {\n finish();\n } else {\n tryOnFallBack();\n }\n });\n }\n });\n };\n tryOnFallBack();\n\n // try when other leader dies\n var whenDeathListener = function whenDeathListener(msg) {\n if (msg.context === 'leader' && msg.action === 'death') {\n leaderElector._hasLeader = false;\n leaderElector.applyOnce().then(function () {\n if (leaderElector.isLeader) {\n finish();\n }\n });\n }\n };\n leaderElector.broadcastChannel.addEventListener('internal', whenDeathListener);\n leaderElector._lstns.push(whenDeathListener);\n });\n}\nfunction fillOptionsWithDefaults(options, channel) {\n if (!options) options = {};\n options = JSON.parse(JSON.stringify(options));\n if (!options.fallbackInterval) {\n options.fallbackInterval = 3000;\n }\n if (!options.responseTime) {\n options.responseTime = channel.method.averageResponseTime(channel.options);\n }\n return options;\n}\nexport function createLeaderElection(channel, options) {\n if (channel._leaderElector) {\n throw new Error('BroadcastChannel already has a leader-elector');\n }\n options = fillOptionsWithDefaults(options, channel);\n var elector = supportsWebLockAPI() ? new LeaderElectionWebLock(channel, options) : new LeaderElection(channel, options);\n channel._befC.push(function () {\n return elector.die();\n });\n channel._leaderElector = elector;\n return elector;\n}","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport {\n BroadcastChannel,\n createLeaderElection,\n LeaderElector\n} from 'broadcast-channel';\nimport { isBrowser } from '../features';\n\ndeclare type OnLeaderHandler = (() => Promise<void>);\ndeclare type ServiceOptions = ServiceManagerOptions & {\n onLeader?: OnLeaderHandler;\n};\n\nexport class LeaderElectionService implements ServiceInterface {\n private options: ServiceOptions;\n private channel?: BroadcastChannel;\n private elector?: LeaderElector;\n private started = false;\n\n constructor(options: ServiceOptions = {}) {\n this.options = options;\n this.onLeaderDuplicate = this.onLeaderDuplicate.bind(this);\n this.onLeader = this.onLeader.bind(this);\n }\n\n private onLeaderDuplicate() {\n }\n\n private async onLeader() {\n await this.options.onLeader?.();\n }\n\n isLeader() {\n return !!this.elector?.isLeader;\n }\n\n hasLeader() {\n return !!this.elector?.hasLeader;\n }\n\n async start() {\n if (this.canStart()) {\n const { electionChannelName } = this.options;\n this.channel = new BroadcastChannel(electionChannelName as string);\n this.elector = createLeaderElection(this.channel);\n this.elector.onduplicate = this.onLeaderDuplicate;\n this.elector.awaitLeadership().then(this.onLeader);\n this.started = true;\n }\n }\n\n async stop() {\n if (this.started) {\n if (this.elector) {\n await this.elector.die();\n this.elector = undefined;\n }\n if (this.channel) {\n // Workaround to fix error `Failed to execute 'postMessage' on 'BroadcastChannel': Channel is closed`\n (this.channel as any).postInternal = () => Promise.resolve();\n await this.channel.close();\n this.channel = undefined;\n }\n this.started = false;\n }\n }\n\n requiresLeadership() {\n return false;\n }\n\n isStarted() {\n return this.started;\n }\n\n canStart() {\n return isBrowser() && !this.started;\n }\n\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../errors';\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport { EVENT_EXPIRED, TokenManagerInterface, isRefreshToken } from '../oidc/types';\nimport { isBrowser } from '../features';\n\nexport class AutoRenewService implements ServiceInterface {\n private tokenManager: TokenManagerInterface;\n private options: ServiceManagerOptions;\n private renewTimeQueue: Array<number>;\n private started = false;\n\n constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n this.renewTimeQueue = [];\n this.onTokenExpiredHandler = this.onTokenExpiredHandler.bind(this);\n }\n \n private shouldThrottleRenew(): boolean {\n let res = false;\n this.renewTimeQueue.push(Date.now());\n if (this.renewTimeQueue.length >= 10) {\n // get and remove first item from queue\n const firstTime = this.renewTimeQueue.shift() as number;\n const lastTime = this.renewTimeQueue[this.renewTimeQueue.length - 1];\n res = (lastTime - firstTime) < 30 * 1000;\n }\n return res;\n }\n\n requiresLeadership() {\n // If tokens sync storage is enabled, handle tokens expiration only in 1 leader tab\n return !!this.options.syncStorage && isBrowser();\n }\n\n private processExpiredTokens() {\n const tokenStorage = this.tokenManager.getStorage();\n const tokens = tokenStorage.getStorage();\n Object.keys(tokens).forEach(key => {\n const token = tokens[key];\n if (!isRefreshToken(token) && this.tokenManager.hasExpired(token)) {\n this.onTokenExpiredHandler(key);\n }\n });\n }\n\n private onTokenExpiredHandler(key: string) {\n if (this.options.autoRenew) {\n if (this.shouldThrottleRenew()) {\n const error = new AuthSdkError('Too many token renew requests');\n this.tokenManager.emitError(error);\n } else {\n this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an \"error\" event \n }\n } else if (this.options.autoRemove) {\n this.tokenManager.remove(key);\n }\n }\n\n canStart() {\n return (!!this.options.autoRenew || !!this.options.autoRemove) && !this.started;\n }\n\n async start() {\n if (this.canStart()) {\n this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);\n if (this.tokenManager.isStarted()) {\n // If token manager has been already started, we could miss token expire events,\n // so need to process expired tokens manually.\n this.processExpiredTokens();\n }\n this.started = true;\n }\n }\n\n async stop() {\n if (this.started) {\n this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);\n this.renewTimeQueue = [];\n this.started = false;\n }\n }\n\n isStarted() {\n return this.started;\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { BroadcastChannel } from 'broadcast-channel';\nimport { isBrowser } from '../features';\nimport {\n ServiceManagerOptions, ServiceInterface\n} from '../core/types';\nimport {\n Token, Tokens, \n EVENT_ADDED, EVENT_REMOVED, EVENT_RENEWED, EVENT_SET_STORAGE, TokenManagerInterface\n} from '../oidc/types';\nimport { AuthSdkError } from '../errors';\n\nexport type SyncMessage = {\n type: string;\n key?: string;\n token?: Token;\n oldToken?: Token;\n storage?: Tokens;\n};\nexport class SyncStorageService implements ServiceInterface {\n private tokenManager: TokenManagerInterface;\n private options: ServiceManagerOptions;\n private channel?: BroadcastChannel<SyncMessage>;\n private started = false;\n private enablePostMessage = true;\n\n constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n this.onTokenAddedHandler = this.onTokenAddedHandler.bind(this);\n this.onTokenRemovedHandler = this.onTokenRemovedHandler.bind(this);\n this.onTokenRenewedHandler = this.onTokenRenewedHandler.bind(this);\n this.onSetStorageHandler = this.onSetStorageHandler.bind(this);\n this.onSyncMessageHandler = this.onSyncMessageHandler.bind(this);\n }\n\n requiresLeadership() {\n return false;\n }\n\n isStarted() {\n return this.started;\n }\n\n canStart() {\n return !!this.options.syncStorage && isBrowser() && !this.started;\n }\n\n async start() {\n if (!this.canStart()) {\n return;\n }\n \n const { syncChannelName } = this.options;\n try {\n // BroadcastChannel throws if no supported method can be found\n this.channel = new BroadcastChannel(syncChannelName as string);\n } catch (err) {\n throw new AuthSdkError('SyncStorageService is not supported in current browser.');\n }\n\n this.tokenManager.on(EVENT_ADDED, this.onTokenAddedHandler);\n this.tokenManager.on(EVENT_REMOVED, this.onTokenRemovedHandler);\n this.tokenManager.on(EVENT_RENEWED, this.onTokenRenewedHandler);\n this.tokenManager.on(EVENT_SET_STORAGE, this.onSetStorageHandler);\n this.channel.addEventListener('message', this.onSyncMessageHandler);\n this.started = true;\n }\n\n async stop() {\n if (this.started) {\n this.tokenManager.off(EVENT_ADDED, this.onTokenAddedHandler);\n this.tokenManager.off(EVENT_REMOVED, this.onTokenRemovedHandler);\n this.tokenManager.off(EVENT_RENEWED, this.onTokenRenewedHandler);\n this.tokenManager.off(EVENT_SET_STORAGE, this.onSetStorageHandler);\n this.channel?.removeEventListener('message', this.onSyncMessageHandler);\n await this.channel?.close();\n this.channel = undefined;\n this.started = false;\n }\n }\n\n private onTokenAddedHandler(key: string, token: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_ADDED,\n key,\n token\n });\n }\n\n private onTokenRemovedHandler(key: string, token: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_REMOVED,\n key,\n token\n });\n }\n\n private onTokenRenewedHandler(key: string, token: Token, oldToken?: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_RENEWED,\n key,\n token,\n oldToken\n });\n }\n\n private onSetStorageHandler(storage: Tokens) {\n this.channel?.postMessage({\n type: EVENT_SET_STORAGE,\n storage\n });\n }\n\n /* eslint-disable complexity */\n private onSyncMessageHandler(msg: SyncMessage) {\n // Notes:\n // 1. Using `enablePostMessage` flag here to prevent sync message loop.\n // If this flag is on, tokenManager event handlers do not post sync message.\n // 2. IE11 has known issue with synchronization of LocalStorage cross tabs.\n // One workaround is to set empty event handler for `window.onstorage`.\n // But it's not 100% working, sometimes you still get old value from LocalStorage.\n // Better approch is to explicitly udpate LocalStorage with `setStorage`.\n\n this.enablePostMessage = false;\n switch (msg.type) {\n case EVENT_SET_STORAGE:\n this.tokenManager.getStorage().setStorage(msg.storage);\n break;\n case EVENT_ADDED:\n this.tokenManager.emitAdded(msg.key!, msg.token!);\n this.tokenManager.setExpireEventTimeout(msg.key!, msg.token!);\n break;\n case EVENT_REMOVED:\n this.tokenManager.clearExpireEventTimeout(msg.key!);\n this.tokenManager.emitRemoved(msg.key!, msg.token!);\n break;\n case EVENT_RENEWED:\n this.tokenManager.emitRenewed(msg.key!, msg.token!, msg.oldToken);\n break;\n default:\n break;\n }\n this.enablePostMessage = true;\n }\n} ","import { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport { TokenManagerInterface } from '../oidc/types';\nimport { isBrowser } from '../features';\n\nconst getNow = () => Math.floor(Date.now() / 1000);\n\nexport class RenewOnTabActivationService implements ServiceInterface {\n private tokenManager: TokenManagerInterface;\n private started = false;\n private options: ServiceManagerOptions;\n private lastHidden = -1;\n onPageVisbilityChange: () => void;\n\n constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n // store this context for event handler\n this.onPageVisbilityChange = this._onPageVisbilityChange.bind(this);\n }\n\n // do not use directly, use `onPageVisbilityChange` (with binded this context)\n /* eslint complexity: [0, 10] */\n private _onPageVisbilityChange () {\n if (document.hidden) {\n this.lastHidden = getNow();\n }\n // renew will only attempt if tab was inactive for duration\n else if (this.lastHidden > 0 && (getNow() - this.lastHidden >= this.options.tabInactivityDuration!)) {\n const { accessToken, idToken } = this.tokenManager.getTokensSync();\n if (!!accessToken && this.tokenManager.hasExpired(accessToken)) {\n const key = this.tokenManager.getStorageKeyByType('accessToken');\n // Renew errors will emit an \"error\" event\n this.tokenManager.renew(key).catch(() => {});\n }\n else if (!!idToken && this.tokenManager.hasExpired(idToken)) {\n const key = this.tokenManager.getStorageKeyByType('idToken');\n // Renew errors will emit an \"error\" event\n this.tokenManager.renew(key).catch(() => {});\n }\n }\n }\n\n async start () {\n if (this.canStart() && !!document) {\n document.addEventListener('visibilitychange', this.onPageVisbilityChange);\n this.started = true;\n }\n }\n\n async stop () {\n if (document) {\n document.removeEventListener('visibilitychange', this.onPageVisbilityChange);\n this.started = false;\n }\n }\n\n canStart(): boolean {\n return isBrowser() &&\n !!this.options.autoRenew &&\n !!this.options.renewOnTabActivation &&\n !this.started;\n }\n\n requiresLeadership(): boolean {\n return false;\n }\n\n isStarted(): boolean {\n return this.started;\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport {\n OAuthTransactionMeta,\n OAuthStorageManagerInterface,\n} from '../../oidc';\n\nimport {\n ServiceManagerInterface,\n ServiceInterface,\n ServiceManagerOptions,\n OktaAuthCoreInterface,\n OktaAuthCoreOptions\n} from '../types';\nimport { AutoRenewService,\n SyncStorageService,\n LeaderElectionService,\n RenewOnTabActivationService\n} from '../../services';\nimport { removeNils } from '../../util';\n\nconst AUTO_RENEW = 'autoRenew';\nconst SYNC_STORAGE = 'syncStorage';\nconst LEADER_ELECTION = 'leaderElection';\nconst RENEW_ON_TAB_ACTIVATION = 'renewOnTabActivation';\n\nexport class ServiceManager\n<\n M extends OAuthTransactionMeta,\n S extends OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions\n>\nimplements ServiceManagerInterface \n{\n private sdk: OktaAuthCoreInterface<M, S, O>;\n private options: ServiceManagerOptions;\n private services: Map<string, ServiceInterface>;\n private started: boolean;\n\n private static knownServices = [AUTO_RENEW, SYNC_STORAGE, LEADER_ELECTION, RENEW_ON_TAB_ACTIVATION];\n\n private static defaultOptions: ServiceManagerOptions = {\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n renewOnTabActivation: true,\n tabInactivityDuration: 1800, // 30 mins in seconds\n };\n\n constructor(sdk: OktaAuthCoreInterface<M, S, O>, options: ServiceManagerOptions = {}) {\n this.sdk = sdk;\n this.onLeader = this.onLeader.bind(this);\n\n // TODO: backwards compatibility, remove in next major version - OKTA-473815\n const { autoRenew, autoRemove, syncStorage } = sdk.tokenManager.getOptions();\n options.electionChannelName = options.electionChannelName || options.broadcastChannelName;\n this.options = Object.assign({}, \n ServiceManager.defaultOptions,\n { autoRenew, autoRemove, syncStorage }, \n {\n electionChannelName: `${sdk.options.clientId}-election`,\n syncChannelName: `${sdk.options.clientId}-sync`,\n },\n removeNils(options)\n );\n\n this.started = false;\n this.services = new Map();\n\n ServiceManager.knownServices.forEach(name => {\n const svc = this.createService(name);\n if (svc) {\n this.services.set(name, svc);\n }\n });\n }\n\n private async onLeader() {\n if (this.started) {\n // Start services that requires leadership\n await this.startServices();\n }\n }\n\n isLeader() {\n return (this.getService(LEADER_ELECTION) as LeaderElectionService)?.isLeader();\n }\n\n isLeaderRequired() {\n return [...this.services.values()].some(srv => srv.canStart() && srv.requiresLeadership());\n }\n\n async start() {\n if (this.started) {\n return; // noop if services have already started\n }\n await this.startServices();\n this.started = true;\n }\n \n async stop() {\n await this.stopServices();\n this.started = false;\n }\n\n getService(name: string): ServiceInterface | undefined {\n return this.services.get(name);\n }\n\n private async startServices() {\n for (const [name, srv] of this.services.entries()) {\n if (this.canStartService(name, srv)) {\n await srv.start();\n }\n }\n }\n\n private async stopServices() {\n for (const srv of this.services.values()) {\n await srv.stop();\n }\n }\n\n // eslint-disable-next-line complexity\n private canStartService(name: string, srv: ServiceInterface): boolean {\n let canStart = srv.canStart() && !srv.isStarted();\n // only start election if a leader is required\n if (name === LEADER_ELECTION) {\n canStart &&= this.isLeaderRequired();\n } else if (srv.requiresLeadership()) {\n canStart &&= this.isLeader();\n }\n return canStart;\n }\n\n private createService(name: string): ServiceInterface {\n const tokenManager = this.sdk.tokenManager;\n\n let service: ServiceInterface;\n switch (name) {\n case LEADER_ELECTION:\n service = new LeaderElectionService({...this.options, onLeader: this.onLeader});\n break;\n case AUTO_RENEW:\n service = new AutoRenewService(tokenManager, {...this.options});\n break;\n case SYNC_STORAGE:\n service = new SyncStorageService(tokenManager, {...this.options});\n break;\n case RENEW_ON_TAB_ACTIVATION:\n service = new RenewOnTabActivationService(tokenManager, {...this.options});\n break;\n default:\n throw new Error(`Unknown service ${name}`);\n }\n return service;\n }\n\n}\n","import { StorageManagerConstructor } from '../storage/types';\nimport { OktaAuthConstructor, OktaAuthOptionsConstructor } from '../base/types';\n\nimport { OktaAuthCoreInterface, OktaAuthCoreOptions } from './types';\nimport { createOktaAuthBase } from '../base';\nimport { mixinStorage } from '../storage/mixin';\nimport { mixinHttp } from '../http/mixin';\nimport { mixinOAuth } from '../oidc/mixin';\nimport {\n OAuthStorageManagerInterface,\n PKCETransactionMeta,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../oidc/types';\nimport { mixinCore } from './mixin';\nimport { mixinSession } from '../session/mixin';\n\nexport function createOktaAuthCore<\n M extends PKCETransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions = OktaAuthCoreOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n>(\n StorageManagerConstructor: StorageManagerConstructor<S>,\n OptionsConstructor: OktaAuthOptionsConstructor<O>,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>\n): OktaAuthConstructor<OktaAuthCoreInterface<M, S, O, TM>>\n{\n const Base = createOktaAuthBase(OptionsConstructor);\n const WithStorage = mixinStorage<S, O>(Base, StorageManagerConstructor);\n const WithHttp = mixinHttp<S, O>(WithStorage);\n const WithSession = mixinSession<S, O>(WithHttp);\n const WithOAuth = mixinOAuth<M, S, O, TM>(WithSession, TransactionManagerConstructor);\n const Core = mixinCore<M, S, O, TM>(WithOAuth);\n return Core;\n}\n","import { parseOAuthResponseFromUrl } from '../oidc/parseFromUrl';\nimport { OktaAuthConstructor } from '../base/types';\nimport {\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n PKCETransactionMeta,\n Tokens,\n TransactionManagerInterface,\n} from '../oidc/types';\nimport { AuthStateManager } from './AuthStateManager';\nimport { ServiceManager } from './ServiceManager';\nimport { OktaAuthCoreInterface, OktaAuthCoreOptions } from './types';\nimport { AuthSdkError } from '../errors';\n\nexport function mixinCore\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions = OktaAuthCoreOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n = OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthCoreInterface<M, S, O, TM>>\n{\n return class OktaAuthCore extends Base implements OktaAuthCoreInterface<M, S, O, TM>\n {\n authStateManager: AuthStateManager<M, S, O>;\n serviceManager: ServiceManager<M, S, O>;\n \n constructor(...args: any[]) {\n super(...args);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager<M, S, O>(this);\n\n // ServiceManager\n this.serviceManager = new ServiceManager<M, S, O>(this, this.options.services);\n }\n\n async start() {\n await this.serviceManager.start();\n // TODO: review tokenManager.start\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n await this.authStateManager.updateAuthState();\n }\n }\n \n async stop() {\n // TODO: review tokenManager.stop\n this.tokenManager.stop();\n await this.serviceManager.stop();\n }\n\n async handleRedirect(originalUri?: string): Promise<void> {\n await this.handleLoginRedirect(undefined, originalUri);\n }\n\n // eslint-disable-next-line complexity\n async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n let state = this.options.state;\n \n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n originalUri = originalUri || this.getOriginalUri(this.options.state);\n } else if (this.isLoginRedirect()) {\n try {\n // For redirect flow, get state from the URL and use it to retrieve the originalUri\n const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n state = oAuthResponse.state;\n originalUri = originalUri || this.getOriginalUri(state);\n await this.storeTokensFromRedirect();\n } catch(e) {\n // auth state should be updated\n await this.authStateManager.updateAuthState();\n throw e;\n }\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n \n // clear originalUri from storage\n this.removeOriginalUri(state);\n \n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else if (originalUri) {\n window.location.replace(originalUri);\n }\n }\n\n handleIDPPopupRedirect (url = window.location.href) {\n const res = parseOAuthResponseFromUrl(this, { responseMode: 'query', url });\n if (res.state) {\n const channel = new BroadcastChannel(`popup-callback:${res.state}`);\n channel.postMessage(res);\n channel.close();\n }\n else {\n throw new AuthSdkError('Unable to parse auth code params');\n }\n }\n };\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { createOAuthOptionsConstructor } from '../oidc';\nimport { AuthState, OktaAuthCoreInterface, OktaAuthCoreOptions, ServiceManagerOptions } from './types';\n\n\nexport function createCoreOptionsConstructor()\n{\n const OAuthOptionsConstructor = createOAuthOptionsConstructor();\n return class CoreOptionsConstructor\n extends OAuthOptionsConstructor\n implements Required<OktaAuthCoreOptions>\n {\n services: ServiceManagerOptions;\n transformAuthState: (oktaAuth: OktaAuthCoreInterface, authState: AuthState) => Promise<AuthState>;\n\n constructor(options: any) {\n super(options);\n this.services = options.services;\n this.transformAuthState = options.transformAuthState;\n }\n };\n}\n","import { createOAuthStorageManager } from '../oidc/storage';\nimport { PKCETransactionMeta } from '../oidc/types';\n\nexport function createCoreStorageManager<M extends PKCETransactionMeta = PKCETransactionMeta>() {\n return createOAuthStorageManager<M>();\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { AuthSdkError } from '../errors';\nimport { atob, btoa } from './webcrypto';\n\n// converts a string to base64 (url/filename safe variant)\nexport function stringToBase64Url(str) {\n var b64 = btoa(str);\n return base64ToBase64Url(b64);\n}\n\n// converts a standard base64-encoded string to a \"url/filename safe\" variant\nexport function base64ToBase64Url(b64) {\n return b64.replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n\n// converts a \"url/filename safe\" base64 string to a \"standard\" base64 string\nexport function base64UrlToBase64(b64u) {\n return b64u.replace(/-/g, '+').replace(/_/g, '/');\n}\n\nexport function base64UrlToString(b64u) {\n var b64 = base64UrlToBase64(b64u);\n switch (b64.length % 4) {\n case 0:\n break;\n case 2:\n b64 += '==';\n break;\n case 3:\n b64 += '=';\n break;\n default:\n throw new AuthSdkError('Not a valid Base64Url');\n }\n var utf8 = atob(b64);\n try {\n return decodeURIComponent(escape(utf8));\n } catch (e) {\n return utf8;\n }\n}\n\nexport function stringToBuffer(str) {\n var buffer = new Uint8Array(str.length);\n for (var i = 0; i < str.length; i++) {\n buffer[i] = str.charCodeAt(i);\n }\n return buffer;\n}\n\nexport function base64UrlDecode(str) {\n return atob(base64UrlToBase64(str));\n}\n\n// Converts base64 string to binary data view\nexport function base64UrlToBuffer(b64u) {\n return Uint8Array.from(base64UrlDecode(b64u), (c: string) => c.charCodeAt(0));\n}\n\n// Converts an ArrayBuffer object that contains binary data to base64 encoded string\nexport function bufferToBase64Url(bin) {\n return btoa(new Uint8Array(bin).reduce((s, byte) => s + String.fromCharCode(byte), ''));\n}\n\n\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* global atob, btoa, crypto */\nconst a = function(str) { return atob(str); };\nconst b = function (str) { return btoa(str); };\nconst c = typeof crypto === 'undefined' ? null : crypto;\n\nexport { a as atob, b as btoa, c as webcrypto };\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* global TextEncoder */\nimport { stringToBase64Url } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function getOidcHash(str) { \n var buffer = new TextEncoder().encode(str);\n return webcrypto.subtle.digest('SHA-256', buffer).then(function(arrayBuffer) {\n var intBuffer = new Uint8Array(arrayBuffer);\n var firstHalf = intBuffer.slice(0, 16);\n var hash = String.fromCharCode.apply(null, firstHalf as unknown as number[]);\n var b64u = stringToBase64Url(hash); // url-safe base64 variant\n return b64u;\n });\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { clone } from '../util';\nimport { stringToBuffer, base64UrlDecode } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function verifyToken(idToken, key) {\n key = clone(key);\n\n var format = 'jwk';\n var algo = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: { name: 'SHA-256' }\n };\n var extractable = true;\n var usages = ['verify'];\n\n // https://connect.microsoft.com/IE/feedback/details/2242108/webcryptoapi-importing-jwk-with-use-field-fails\n // This is a metadata tag that specifies the intent of how the key should be used.\n // It's not necessary to properly verify the jwt's signature.\n delete key.use;\n\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n return webcrypto.subtle.importKey(\n format,\n key,\n algo,\n extractable,\n usages\n )\n .then(function(cryptoKey) {\n var jwt = idToken.split('.');\n var payload = stringToBuffer(jwt[0] + '.' + jwt[1]);\n var b64Signature = base64UrlDecode(jwt[2]);\n var signature = stringToBuffer(b64Signature);\n\n return webcrypto.subtle.verify(\n algo,\n cryptoKey,\n signature,\n payload\n );\n });\n}\n\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\nimport { HttpResponse } from '../http/types';\nimport { APIError, FieldError } from './types';\n\nexport default class AuthApiError extends CustomError implements APIError {\n errorSummary: string;\n errorCode?: string;\n errorLink?: string;\n errorId?: string;\n errorCauses?: Array<FieldError>;\n xhr?: HttpResponse;\n meta?: Record<string, string | number>;\n\n constructor(err: APIError, xhr?: HttpResponse, meta?: Record<string, string | number>) {\n const message = err.errorSummary;\n super(message);\n\n this.name = 'AuthApiError';\n this.errorSummary = err.errorSummary;\n this.errorCode = err.errorCode;\n this.errorLink = err.errorLink;\n this.errorId = err.errorId;\n this.errorCauses = err.errorCauses;\n\n if (xhr) {\n this.xhr = xhr;\n }\n\n if (meta) {\n this.meta = meta;\n }\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\n\nexport default class AuthPollStopError extends CustomError {\n constructor() {\n const message = 'The poll was stopped by the sdk';\n super(message);\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\nimport { APIError, FieldError } from './types';\n\nexport default class AuthSdkError extends CustomError implements APIError {\n errorSummary: string;\n errorCode: string;\n errorLink: string;\n errorId: string;\n errorCauses: Array<FieldError>;\n xhr?: XMLHttpRequest;\n\n constructor(msg: string, xhr?: XMLHttpRequest) {\n super(msg);\n this.name = 'AuthSdkError';\n this.errorCode = 'INTERNAL';\n this.errorSummary = msg;\n this.errorLink = 'INTERNAL';\n this.errorId = 'INTERNAL';\n this.errorCauses = [];\n if (xhr) {\n this.xhr = xhr;\n }\n }\n}\n","function _isNativeReflectConstruct() {\n try {\n var t = !Boolean.prototype.valueOf.call(Reflect.construct(Boolean, [], function () {}));\n } catch (t) {}\n return (_isNativeReflectConstruct = function _isNativeReflectConstruct() {\n return !!t;\n })();\n}\nexport { _isNativeReflectConstruct as default };","import getPrototypeOf from \"./getPrototypeOf.js\";\nimport setPrototypeOf from \"./setPrototypeOf.js\";\nimport isNativeFunction from \"./isNativeFunction.js\";\nimport construct from \"./construct.js\";\nfunction _wrapNativeSuper(t) {\n var r = \"function\" == typeof Map ? new Map() : void 0;\n return _wrapNativeSuper = function _wrapNativeSuper(t) {\n if (null === t || !isNativeFunction(t)) return t;\n if (\"function\" != typeof t) throw new TypeError(\"Super expression must either be null or a function\");\n if (void 0 !== r) {\n if (r.has(t)) return r.get(t);\n r.set(t, Wrapper);\n }\n function Wrapper() {\n return construct(t, arguments, getPrototypeOf(this).constructor);\n }\n return Wrapper.prototype = Object.create(t.prototype, {\n constructor: {\n value: Wrapper,\n enumerable: !1,\n writable: !0,\n configurable: !0\n }\n }), setPrototypeOf(Wrapper, t);\n }, _wrapNativeSuper(t);\n}\nexport { _wrapNativeSuper as default };","function _isNativeFunction(t) {\n try {\n return -1 !== Function.toString.call(t).indexOf(\"[native code]\");\n } catch (n) {\n return \"function\" == typeof t;\n }\n}\nexport { _isNativeFunction as default };","import isNativeReflectConstruct from \"./isNativeReflectConstruct.js\";\nimport setPrototypeOf from \"./setPrototypeOf.js\";\nfunction _construct(t, e, r) {\n if (isNativeReflectConstruct()) return Reflect.construct.apply(null, arguments);\n var o = [null];\n o.push.apply(o, e);\n var p = new (t.bind.apply(t, o))();\n return r && setPrototypeOf(p, r.prototype), p;\n}\nexport { _construct as default };","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport default class CustomError extends Error {\n constructor(message: string) {\n // https://stackoverflow.com/questions/41102060/typescript-extending-error-class\n super(message); // 'Error' breaks prototype chain here\n Object.setPrototypeOf(this, new.target.prototype); // restore prototype chain\n }\n}\n","/* eslint-disable camelcase */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\nimport type { HttpResponse } from '../http';\n\nexport default class OAuthError extends CustomError {\n errorCode: string;\n errorSummary: string;\n\n // for widget / idx-js backward compatibility\n error: string;\n error_description: string;\n\n resp: HttpResponse | null = null;\n\n constructor(errorCode: string, summary: string, resp?: HttpResponse) {\n super(summary);\n\n this.name = 'OAuthError';\n this.errorCode = errorCode;\n this.errorSummary = summary;\n\n // for widget / idx-js backward compatibility\n this.error = errorCode;\n this.error_description = summary;\n\n // an OAuth error (should) always result from a network request\n // therefore include that in error for potential error handling\n if (resp) {\n this.resp = resp;\n }\n }\n}\n\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport type { HttpResponse } from '../http';\nimport CustomError from './CustomError';\nimport { isFunction } from '../util';\n\n// Error thrown after an unsuccessful network request which requires an Authorization header \n// and returns a 4XX error with a www-authenticate header. The header value is parsed to construct \n// an error instance, which contains key/value pairs parsed out\nexport default class WWWAuthError extends CustomError {\n static UNKNOWN_ERROR = 'UNKNOWN_WWW_AUTH_ERROR';\n\n scheme: string;\n parameters: Record<string, string>;\n name = 'WWWAuthError';\n\n resp: HttpResponse | null = null;\n\n constructor(scheme: string, parameters: Record<string, string>, resp?: HttpResponse) {\n // defaults to unknown error. `error` being returned in the www-authenticate header is expected\n // but cannot be guaranteed. Throwing an error within a error constructor seems awkward\n super(parameters.error ?? WWWAuthError.UNKNOWN_ERROR);\n this.scheme = scheme;\n this.parameters = parameters;\n\n if (resp) {\n this.resp = resp;\n }\n }\n\n // convenience references\n get error (): string { return this.parameters.error; }\n get errorCode (): string { return this.error; } // parity with other error props\n // eslint-disable-next-line camelcase\n get error_description (): string { return this.parameters.error_description; }\n // eslint-disable-next-line camelcase\n get errorDescription (): string { return this.error_description; }\n get errorSummary (): string { return this.errorDescription; } // parity with other error props\n get realm (): string { return this.parameters.realm; }\n\n // parses the www-authenticate header for releveant\n static parseHeader (header: string): WWWAuthError | null {\n // header cannot be empty string\n if (!header) {\n return null;\n }\n\n // example string: Bearer error=\"invalid_token\", error_description=\"The access token is invalid\"\n // regex will match on `error=\"invalid_token\", error_description=\"The access token is invalid\"`\n // see unit test for more examples of possible www-authenticate values\n // eslint-disable-next-line max-len\n const regex = /(?:,|, )?([a-zA-Z0-9!#$%&'*+\\-.^_`|~]+)=(?:\"([a-zA-Z0-9!#$%&'*+\\-.,^_`|~ /:]+)\"|([a-zA-Z0-9!#$%&'*+\\-.^_`|~/:]+))/g;\n const firstSpace = header.indexOf(' ');\n const scheme = header.slice(0, firstSpace);\n const remaining = header.slice(firstSpace + 1);\n const params = {};\n\n // Reference: foo=\"hello\", bar=\"bye\"\n // i=0, match=[foo=\"hello1\", foo, hello]\n // i=1, match=[bar=\"bye\", bar, bye]\n let match;\n while ((match = regex.exec(remaining)) !== null) {\n params[match[1]] = (match[2] ?? match[3]);\n }\n\n return new WWWAuthError(scheme, params);\n }\n\n // finds the value of the `www-authenticate` header. HeadersInit allows for a few different\n // representations of headers with different access patterns (.get vs [key])\n static getWWWAuthenticateHeader (headers: HeadersInit = {}): string | null {\n if (isFunction((headers as Headers)?.get)) {\n return (headers as Headers).get('WWW-Authenticate');\n }\n return headers['www-authenticate'] ?? headers['WWW-Authenticate'];\n }\n}\n","\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthApiError from './AuthApiError';\nimport AuthPollStopError from './AuthPollStopError';\nimport AuthSdkError from './AuthSdkError';\nimport OAuthError from './OAuthError';\nimport WWWAuthError from './WWWAuthError';\n\nfunction isAuthApiError(obj: any): obj is AuthApiError {\n return (obj instanceof AuthApiError);\n}\n\nfunction isOAuthError(obj: any): obj is OAuthError {\n return (obj instanceof OAuthError);\n}\n\nfunction isWWWAuthError(obj: any): obj is WWWAuthError {\n return (obj instanceof WWWAuthError);\n}\n\nexport {\n isAuthApiError,\n isOAuthError,\n isWWWAuthError,\n AuthApiError,\n AuthPollStopError,\n AuthSdkError,\n OAuthError,\n WWWAuthError\n};\n\nexport * from './types';\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable node/no-unsupported-features/node-builtins */\n/* global document, window, TextEncoder, navigator */\n\nimport { webcrypto } from './crypto';\n\nconst isWindowsPhone = /windows phone|iemobile|wpdesktop/i;\t\n\nexport function isBrowser() {\n return typeof document !== 'undefined' && typeof window !== 'undefined';\n}\n\nexport function isIE11OrLess() {\n if (!isBrowser()) {\n return false;\n }\n const documentMode = (document as any).documentMode;\n return !!documentMode && documentMode <= 11;\n}\n\nexport function getUserAgent() {\n return navigator.userAgent;\n}\n\nexport function isFingerprintSupported() {\n const agent = getUserAgent();\n return agent && !isWindowsPhone.test(agent);\t\n}\n\nexport function isPopupPostMessageSupported() {\n if (!isBrowser()) {\n return false;\n }\n const documentMode = (document as any).documentMode;\n var isIE8or9 = documentMode && documentMode < 10;\n if (typeof window.postMessage !== 'undefined' && !isIE8or9) {\n return true;\n }\n return false;\n}\n\nfunction isWebCryptoSubtleSupported () {\n return typeof webcrypto !== 'undefined'\n && webcrypto !== null\n && typeof webcrypto.subtle !== 'undefined'\n && typeof Uint8Array !== 'undefined';\n}\n\nexport function isTokenVerifySupported() {\n return isWebCryptoSubtleSupported();\n}\n\nexport function hasTextEncoder() {\n return typeof TextEncoder !== 'undefined';\n}\n\nexport function isPKCESupported() {\n return isTokenVerifySupported() && hasTextEncoder();\n}\n\nexport function isHTTPS() {\n if (!isBrowser()) {\n return false;\n }\n return window.location.protocol === 'https:';\n}\n\nexport function isLocalhost() {\n // eslint-disable-next-line compat/compat\n return isBrowser() && window.location.hostname === 'localhost';\n}\n\n// For now, DPoP is only supported on browsers\nexport function isDPoPSupported () {\n return !isIE11OrLess() &&\n typeof window.indexedDB !== 'undefined' &&\n hasTextEncoder() &&\n isWebCryptoSubtleSupported();\n}\n\nexport function isIOS () {\n // iOS detection from: http://stackoverflow.com/a/9039885/177710\n return isBrowser() && typeof navigator !== 'undefined' && typeof navigator.userAgent !== 'undefined' &&\n // @ts-expect-error - MSStream is not in `window` type, unsurprisingly\n (/iPad|iPhone|iPod/.test(navigator.userAgent) && !window.MSStream);\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* global SDK_VERSION */\n\nimport { isBrowser } from '../features';\nexport class OktaUserAgent {\n environments: string[];\n\n constructor() {\n // add base sdk env\n this.environments = [`okta-auth-js/${SDK_VERSION}`];\n this.maybeAddNodeEnvironment();\n }\n\n addEnvironment(env: string) {\n this.environments.push(env);\n }\n\n getHttpHeader() {\n return { 'X-Okta-User-Agent-Extended': this.environments.join(' ') };\n }\n\n getVersion() {\n return SDK_VERSION;\n }\n\n maybeAddNodeEnvironment() {\n if (isBrowser() || !process || !process.versions) {\n return;\n }\n const { node: version } = process.versions;\n this.environments.push(`nodejs/${version}`);\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { OktaAuthHttpInterface } from './types';\n\nexport function setRequestHeader(authClient: OktaAuthHttpInterface, headerName, headerValue) {\n authClient.options.headers = authClient.options.headers || {};\n authClient.options.headers[headerName] = headerValue;\n}","import { OktaAuthStorageInterface, StorageManagerInterface } from '../storage/types';\nimport { OktaAuthConstructor } from '../base/types';\nimport {\n HttpAPI,\n OktaAuthHttpInterface,\n OktaAuthHttpOptions,\n} from './types';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { setRequestHeader } from './headers';\nimport { toQueryString } from '../util';\nimport { get } from './request';\n\nexport function mixinHttp\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthHttpOptions = OktaAuthHttpOptions,\n TBase extends OktaAuthConstructor<OktaAuthStorageInterface<S, O>>\n = OktaAuthConstructor<OktaAuthStorageInterface<S, O>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n{\n return class OktaAuthHttp extends Base implements OktaAuthHttpInterface<S, O>\n {\n _oktaUserAgent: OktaUserAgent;\n http: HttpAPI;\n \n constructor(...args: any[]) {\n super(...args);\n\n this._oktaUserAgent = new OktaUserAgent();\n\n // HTTP\n this.http = {\n setRequestHeader: setRequestHeader.bind(null, this)\n };\n }\n\n setHeaders(headers) {\n this.options.headers = Object.assign({}, this.options.headers, headers);\n }\n \n getIssuerOrigin(): string {\n // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return this.options.issuer!.split('/oauth2/')[0];\n }\n \n webfinger(opts): Promise<object> {\n var url = '/.well-known/webfinger' + toQueryString(opts);\n var options = {\n headers: {\n 'Accept': 'application/jrd+json'\n }\n };\n return get(this, url, options);\n }\n };\n}\n","/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport crossFetch from 'cross-fetch';\nimport { FetchOptions, HttpResponse } from '../http/types';\n\n// content-type = application/json OR application/ion+json\nconst appJsonContentTypeRegex = /application\\/\\w*\\+?json/;\n\nfunction readData(response: Response): Promise<object | string> {\n if (response.headers.get('Content-Type') &&\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n response.headers.get('Content-Type')!.toLowerCase().indexOf('application/json') >= 0) {\n return response.json()\n // JSON parse can fail if response is not a valid object\n .catch(e => {\n return {\n error: e,\n errorSummary: 'Could not parse server response'\n };\n });\n } else {\n return response.text();\n }\n}\n\nfunction formatResult(status: number, data: object | string, response: Response) {\n const isObject = typeof data === 'object';\n const headers = {};\n for (const pair of (response.headers as any).entries()) {\n headers[pair[0]] = pair[1];\n }\n const result: HttpResponse = {\n responseText: isObject ? JSON.stringify(data) : data as string,\n status: status,\n headers\n };\n if (isObject) {\n result.responseType = 'json';\n result.responseJSON = data as object;\n }\n return result;\n}\n\n/* eslint-disable complexity */\nfunction fetchRequest(method: string, url: string, args: FetchOptions) {\n var body = args.data;\n var headers = args.headers || {};\n var contentType = (headers['Content-Type'] || headers['content-type'] || '');\n\n if (body && typeof body !== 'string') {\n // JSON encode body (if appropriate)\n if (appJsonContentTypeRegex.test(contentType)) {\n body = JSON.stringify(body);\n }\n else if (contentType === 'application/x-www-form-urlencoded') {\n body = Object.entries(body)\n .map( ([param, value]) => `${param}=${encodeURIComponent(value)}` )\n .join('&');\n }\n }\n\n var fetch = global.fetch || crossFetch;\n var fetchPromise = fetch(url, {\n method: method,\n headers: args.headers,\n body: body as string,\n credentials: args.withCredentials ? 'include' : 'omit'\n });\n\n if (!fetchPromise.finally) {\n fetchPromise = Promise.resolve(fetchPromise);\n }\n\n return fetchPromise.then(function(response) {\n var error = !response.ok;\n var status = response.status;\n return readData(response)\n .then(data => {\n return formatResult(status, data, response);\n })\n .then(result => {\n if (error || result.responseJSON?.error) {\n // Throwing result object since error handling is done in http.js\n throw result;\n }\n return result;\n });\n });\n}\n\nexport default fetchRequest;\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { createStorageOptionsConstructor } from '../storage';\nimport { HttpRequestClient, OktaAuthHttpOptions, RequestOptions } from './types';\nimport fetchRequest from '../fetch/fetchRequest';\n\nexport function createHttpOptionsConstructor() {\n const StorageOptionsConstructor = createStorageOptionsConstructor();\n return class HttpOptionsConstructor extends StorageOptionsConstructor implements Required<OktaAuthHttpOptions> {\n issuer: string;\n transformErrorXHR: (xhr: object) => any;\n headers: object;\n httpRequestClient: HttpRequestClient;\n httpRequestInterceptors: ((request: RequestOptions) => void)[];\n pollDelay: number;\n \n constructor(args: any) {\n super(args);\n this.issuer = args.issuer;\n this.transformErrorXHR = args.transformErrorXHR;\n this.headers = args.headers;\n this.httpRequestClient = args.httpRequestClient || fetchRequest;\n this.httpRequestInterceptors = args.httpRequestInterceptors;\n this.pollDelay = args.pollDelay;\n }\n };\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint-disable complexity */\nimport { isString, clone, isAbsoluteUrl, removeNils } from '../util';\nimport {\n STATE_TOKEN_KEY_NAME,\n DEFAULT_CACHE_DURATION,\n IOS_MAX_RETRY_COUNT,\n} from '../constants';\nimport {\n OktaAuthHttpInterface,\n RequestOptions,\n FetchOptions,\n RequestData,\n HttpResponse\n} from './types';\nimport { AuthApiError, OAuthError, APIError, WWWAuthError } from '../errors';\nimport { isBrowser } from '../features';\n\n\n// For iOS track last date when document became visible\nlet dateDocumentBecameVisible = 0;\nlet trackDateDocumentBecameVisible: () => void;\nif (isBrowser()) {\n dateDocumentBecameVisible = Date.now();\n trackDateDocumentBecameVisible = () => {\n if (!document.hidden) {\n dateDocumentBecameVisible = Date.now();\n }\n };\n document.addEventListener('visibilitychange', trackDateDocumentBecameVisible);\n}\n\nconst formatError = (sdk: OktaAuthHttpInterface, error: HttpResponse | Error): AuthApiError | OAuthError => {\n if (error instanceof Error) {\n // fetch() can throw exceptions\n // see https://developer.mozilla.org/en-US/docs/Web/API/fetch#exceptions\n return new AuthApiError({\n errorSummary: error.message,\n });\n }\n\n let resp: HttpResponse = error;\n let err: AuthApiError | OAuthError | WWWAuthError;\n let serverErr: Record<string, any> = {};\n if (resp.responseText && isString(resp.responseText)) {\n try {\n serverErr = JSON.parse(resp.responseText);\n } catch (e) {\n serverErr = {\n errorSummary: 'Unknown error'\n };\n }\n }\n\n if (resp.status >= 500) {\n serverErr.errorSummary = 'Unknown error';\n }\n\n if (sdk.options.transformErrorXHR) {\n resp = sdk.options.transformErrorXHR(clone(resp));\n }\n\n // \n const wwwAuthHeader = WWWAuthError.getWWWAuthenticateHeader(resp?.headers) ?? '';\n\n if (serverErr.error && serverErr.error_description) {\n err = new OAuthError(serverErr.error, serverErr.error_description, resp);\n } else {\n err = new AuthApiError(serverErr as APIError, resp, { wwwAuthHeader });\n }\n\n if (wwwAuthHeader && resp?.status >= 400 && resp?.status < 500) {\n const wwwAuthErr = WWWAuthError.parseHeader(wwwAuthHeader);\n // check for 403 to avoid breaking change\n if (resp.status === 403 && wwwAuthErr?.error === 'insufficient_authentication_context') {\n // eslint-disable-next-line camelcase\n const { max_age, acr_values } = wwwAuthErr.parameters;\n err = new AuthApiError(\n {\n errorSummary: wwwAuthErr.error,\n errorCauses: [{ errorSummary: wwwAuthErr.errorDescription }]\n },\n resp,\n {\n // eslint-disable-next-line camelcase\n max_age: +max_age,\n // eslint-disable-next-line camelcase\n ...(acr_values && { acr_values })\n }\n );\n }\n else if (wwwAuthErr?.scheme === 'DPoP') {\n err = wwwAuthErr;\n }\n // else {\n // // WWWAuthError.parseHeader may return null, only overwrite if !null\n // err = wwwAuthErr ?? err;\n // }\n }\n\n return err;\n};\n\n// eslint-disable-next-line max-statements\nexport function httpRequest(sdk: OktaAuthHttpInterface, options: RequestOptions): Promise<any> {\n options = options || {};\n\n if (sdk.options.httpRequestInterceptors) {\n for (const interceptor of sdk.options.httpRequestInterceptors) {\n interceptor(options);\n }\n }\n\n var url = options.url,\n method = options.method,\n args = options.args,\n saveAuthnState = options.saveAuthnState,\n accessToken = options.accessToken,\n withCredentials = options.withCredentials === true, // default value is false\n storageUtil = sdk.options.storageUtil,\n storage = storageUtil!.storage,\n httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies),\n pollingIntent = options.pollingIntent,\n pollDelay = sdk.options.pollDelay ?? 0;\n\n if (options.cacheResponse) {\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[url as string];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n return Promise.resolve(cachedResponse.response);\n }\n }\n\n var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();\n var headers: HeadersInit = {\n 'Accept': 'application/json',\n 'Content-Type': 'application/json',\n ...oktaUserAgentHeader\n };\n Object.assign(headers, sdk.options.headers, options.headers);\n headers = removeNils(headers) as HeadersInit;\n\n if (accessToken && isString(accessToken)) {\n headers['Authorization'] = 'Bearer ' + accessToken;\n }\n\n var ajaxOptions: FetchOptions = {\n headers,\n data: args || undefined,\n withCredentials\n };\n\n var err, res, promise;\n\n if (pollingIntent && isBrowser() && pollDelay > 0) {\n let waitForVisibleAndAwakenDocument: () => Promise<void>;\n let waitForAwakenDocument: () => Promise<void>;\n let recursiveFetch: () => Promise<HttpResponse>;\n let retryCount = 0;\n\n // Safari on iOS has a bug:\n // Performing `fetch` right after document became visible can fail with `Load failed` error.\n // Running fetch after short timeout fixes this issue.\n waitForAwakenDocument = () => {\n const timeSinceDocumentIsVisible = Date.now() - dateDocumentBecameVisible;\n if (timeSinceDocumentIsVisible < pollDelay) {\n return new Promise<void>((resolve) => setTimeout(() => {\n if (!document.hidden) {\n resolve();\n } else {\n resolve(waitForVisibleAndAwakenDocument());\n }\n }, pollDelay - timeSinceDocumentIsVisible));\n } else {\n return Promise.resolve();\n }\n };\n\n // Returns a promise that resolves when document is visible for 500 ms\n waitForVisibleAndAwakenDocument = () => {\n if (document.hidden) {\n let pageVisibilityHandler: () => void;\n return new Promise<void>((resolve) => {\n pageVisibilityHandler = () => {\n if (!document.hidden) {\n document.removeEventListener('visibilitychange', pageVisibilityHandler);\n resolve(waitForAwakenDocument());\n }\n };\n document.addEventListener('visibilitychange', pageVisibilityHandler);\n });\n } else {\n return waitForAwakenDocument();\n }\n };\n\n // Restarts fetch on 'Load failed' error\n // This error can occur when `fetch` does not respond\n // (due to CORS error, non-existing host, or network error)\n const retryableFetch = (): Promise<HttpResponse> => {\n return sdk.options.httpRequestClient!(method!, url!, ajaxOptions).catch((err) => {\n const isNetworkError = err?.message === 'Load failed';\n if (isNetworkError && retryCount < IOS_MAX_RETRY_COUNT) {\n retryCount++;\n return recursiveFetch();\n }\n throw err;\n });\n };\n\n // Final promise to fetch that wraps logic with waiting for visible document\n // and retrying fetch request on network error\n recursiveFetch = (): Promise<HttpResponse> => {\n return waitForVisibleAndAwakenDocument().then(retryableFetch);\n };\n\n promise = recursiveFetch();\n } else {\n promise = sdk.options.httpRequestClient!(method!, url!, ajaxOptions);\n }\n\n return promise\n .then(function(resp) {\n res = resp.responseText;\n if (res && isString(res)) {\n res = JSON.parse(res);\n if (res && typeof res === 'object' && !res.headers) {\n if (Array.isArray(res)) {\n res.forEach(item => {\n item.headers = resp.headers;\n });\n } else {\n res.headers = resp.headers;\n }\n }\n }\n\n if (saveAuthnState) {\n if (!res.stateToken) {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n }\n\n if (res && res.stateToken && res.expiresAt) {\n storage.set(STATE_TOKEN_KEY_NAME, res.stateToken, res.expiresAt, sdk.options.cookies!);\n }\n\n if (res && options.cacheResponse) {\n httpCache.updateStorage(url!, {\n expiresAt: Math.floor(Date.now()/1000) + DEFAULT_CACHE_DURATION,\n response: res\n });\n }\n \n return res;\n })\n .catch(function(resp) {\n err = formatError(sdk, resp);\n\n if (err.errorCode === 'E0000011') {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n\n throw err;\n });\n}\n\nexport function get(sdk: OktaAuthHttpInterface, url: string, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var getOptions = {\n url: url,\n method: 'GET'\n };\n Object.assign(getOptions, options);\n return httpRequest(sdk, getOptions);\n}\n\nexport function post(sdk: OktaAuthHttpInterface, url: string, args?: RequestData, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var postOptions = {\n url: url,\n method: 'POST',\n args: args,\n saveAuthnState: true\n };\n Object.assign(postOptions, options);\n return httpRequest(sdk, postOptions);\n}\n","import { OktaAuthHttpInterface } from '../../http/types';\nimport { AccessToken } from '../../oidc/types';\n\nexport type TransactionLink = {\n href: string;\n hints?: {\n allow?: string[];\n };\n}\n\nexport type TransactionLinks = {\n self: TransactionLink;\n [property: string]: TransactionLink;\n}\n\ntype TransactionOptions = {\n // TODO: move res type to http module\n res: {\n headers: Record<string, string>;\n _links?: Record<string, TransactionLink>;\n [property: string]: unknown;\n };\n accessToken: string | AccessToken;\n};\n\nexport default class BaseTransaction {\n // Deprecated\n headers?: Record<string, string>;\n\n constructor(oktaAuth: OktaAuthHttpInterface, options: TransactionOptions) {\n const { res } = options;\n const { headers, ...rest } = res;\n \n // assign required fields from res\n if (headers) {\n this.headers = headers;\n }\n\n // add all rest fields from res\n Object.keys(rest).forEach(key => {\n if (key === '_links') {\n return;\n }\n this[key] = rest[key];\n });\n }\n}\n\nexport interface TransactionType<T extends BaseTransaction = BaseTransaction> extends Function {\n new (oktaAuth: OktaAuthHttpInterface, options: TransactionOptions): T;\n prototype: T;\n}\n","import { \n default as BaseTransaction,\n TransactionType,\n TransactionLinks\n} from './transactions/Base';\nimport { httpRequest } from '../http';\nimport { AuthSdkError } from '../errors';\nimport { MyAccountRequestOptions as RequestOptions } from './types';\nimport { RequestOptions as HttpRequestOptions } from '../http/types';\nimport { AccessToken, OktaAuthOAuthInterface } from '../oidc/types';\n\ntype SendRequestOptions = RequestOptions & {\n url: string;\n method: string;\n}\n\n/* eslint-disable complexity */\nexport async function sendRequest<\n T extends BaseTransaction = BaseTransaction,\n N extends 'plural' | 'single' = 'single',\n NT = N extends 'plural' ? T[] : T\n> (\n oktaAuth: OktaAuthOAuthInterface, \n options: SendRequestOptions,\n TransactionClass: TransactionType<T> = BaseTransaction as TransactionType<T>,\n): Promise<NT> {\n const {\n accessToken: accessTokenObj\n } = oktaAuth.tokenManager.getTokensSync();\n\n const atToken = options.accessToken || accessTokenObj;\n const issuer = oktaAuth.getIssuerOrigin();\n const { url, method, payload } = options;\n const requestUrl = url.startsWith(issuer!) ? url : `${issuer}${url}`;\n\n if (!atToken) {\n throw new AuthSdkError('AccessToken is required to request MyAccount API endpoints.');\n }\n\n let accessToken: string | AccessToken = atToken;\n\n const httpOptions: HttpRequestOptions = {\n headers: { 'Accept': '*/*;okta-version=1.0.0' },\n url: requestUrl,\n method,\n ...(payload && { args: payload })\n };\n\n if (oktaAuth.options.dpop) {\n if (typeof accessToken === 'string') {\n throw new AuthSdkError('AccessToken object must be provided when using dpop');\n }\n\n const { Authorization, Dpop } = await oktaAuth.getDPoPAuthorizationHeaders({\n method,\n url: requestUrl,\n accessToken\n });\n httpOptions.headers!.Authorization = Authorization;\n httpOptions.headers!.Dpop = Dpop;\n }\n else {\n accessToken = typeof accessToken === 'string' ? accessToken : accessToken.accessToken;\n httpOptions.accessToken = accessToken;\n }\n\n const res = await httpRequest(oktaAuth, httpOptions);\n\n let ret: T | T[];\n if (Array.isArray(res)) {\n ret = res.map(item => new TransactionClass(oktaAuth, { \n res: item, \n accessToken\n }));\n } else {\n ret = new TransactionClass(oktaAuth, { \n res, \n accessToken\n });\n }\n return ret as NT;\n}\n/* eslint-enable complexity */\n\nexport type GenerateRequestFnFromLinksOptions = {\n oktaAuth: OktaAuthOAuthInterface;\n accessToken: string | AccessToken;\n methodName: string;\n links: TransactionLinks;\n}\n\ntype IRequestFnFromLinks<T extends BaseTransaction> = (payload?) => Promise<T>;\n\nexport function generateRequestFnFromLinks<T extends BaseTransaction>(\n {\n oktaAuth, \n accessToken,\n methodName,\n links,\n }: GenerateRequestFnFromLinksOptions,\n TransactionClass: TransactionType<T> = BaseTransaction as TransactionType<T>,\n): IRequestFnFromLinks<T> {\n for (const method of ['GET', 'POST', 'PUT', 'DELETE']) {\n if (method.toLowerCase() === methodName) {\n const link = links.self;\n return (async (payload?) => sendRequest<T, 'single'>(oktaAuth, {\n accessToken,\n url: link.href,\n method,\n payload,\n }, TransactionClass));\n }\n }\n \n const link = links[methodName];\n if (!link) {\n throw new AuthSdkError(`No link is found with methodName: ${methodName}`);\n }\n\n return (async (payload?) => sendRequest<T, 'single'>(oktaAuth, {\n accessToken,\n url: link.href,\n method: link.hints!.allow![0],\n payload,\n }, TransactionClass));\n}\n","import BaseTransaction from './Base';\n\nexport default class ProfileTransaction extends BaseTransaction {\n createdAt: string;\n modifiedAt: string;\n profile: Record<string, string>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { createdAt, modifiedAt, profile } = options.res;\n this.createdAt = createdAt;\n this.modifiedAt = modifiedAt;\n this.profile = profile;\n }\n}\n","import BaseTransaction from './Base';\n\nexport default class ProfileSchemaTransaction extends BaseTransaction {\n properties: Record<string, object>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n this.properties = options.res.properties;\n }\n}\n","import { sendRequest } from './request';\nimport { IAPIFunction } from './types';\nimport {\n ProfileTransaction,\n ProfileSchemaTransaction\n} from './transactions';\n\n/**\n * @scope: okta.myAccount.profile.read\n */\nexport const getProfile: IAPIFunction<ProfileTransaction> = async (oktaAuth, options?) => {\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/profile',\n method: 'GET',\n accessToken: options?.accessToken,\n }, ProfileTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.profile.manage\n */\nexport const updateProfile: IAPIFunction<ProfileTransaction> = async (\n oktaAuth, \n options\n) => {\n const { payload, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/profile',\n method: 'PUT',\n payload,\n accessToken,\n }, ProfileTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.profile.read\n */\nexport const getProfileSchema: IAPIFunction<ProfileSchemaTransaction> = async (\n oktaAuth, \n options?\n): Promise<ProfileSchemaTransaction> => {\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/profile/schema',\n method: 'GET',\n accessToken: options?.accessToken,\n }, ProfileSchemaTransaction);\n return transaction;\n};\n","import { EmailProfile, Status } from '../types';\nimport BaseTransaction from './Base';\n\nexport default class EmailStatusTransaction extends BaseTransaction {\n id: string;\n expiresAt: string;\n profile: EmailProfile;\n status: Status;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { res } = options;\n // assign required fields from res\n const { id, profile, expiresAt, status } = res;\n this.id = id;\n this.expiresAt = expiresAt;\n this.profile = profile;\n this.status = status;\n }\n}\n","import EmailStatusTransaction from './EmailStatusTransaction';\nimport { \n EmailProfile, \n Status,\n VerificationPayload, \n} from '../types';\nimport BaseTransaction from './Base';\nimport { generateRequestFnFromLinks } from '../request';\n\nexport default class EmailChallengeTransaction extends BaseTransaction {\n id: string;\n expiresAt: string;\n profile: EmailProfile;\n status: Status;\n\n poll: () => Promise<EmailStatusTransaction>;\n // eslint-disable-next-line no-use-before-define\n verify: (payload: VerificationPayload) => Promise<EmailChallengeTransaction>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { accessToken, res } = options;\n // assign required fields from res\n const { id, expiresAt, profile, status, _links } = res;\n this.id = id;\n this.expiresAt = expiresAt;\n this.profile = profile;\n this.status = status;\n\n // assign transformed fns to transaction\n this.poll = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'poll', \n links: _links,\n }, EmailStatusTransaction);\n return await fn();\n };\n this.verify = async (payload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'verify', \n links: _links,\n }, EmailChallengeTransaction);\n return await fn(payload);\n };\n }\n}\n","import EmailChallengeTransaction from './EmailChallengeTransaction';\nimport EmailStatusTransaction from './EmailStatusTransaction';\nimport { EmailProfile, EmailRole, Status, VerificationPayload } from '../types';\nimport BaseTransaction from './Base';\nimport { generateRequestFnFromLinks } from '../request';\n\nexport default class EmailTransaction extends BaseTransaction {\n id: string;\n profile: EmailProfile;\n roles: EmailRole[];\n status: Status;\n\n // eslint-disable-next-line no-use-before-define\n get: () => Promise<EmailTransaction>;\n delete: () => Promise<BaseTransaction>;\n challenge: () => Promise<EmailChallengeTransaction>;\n poll?: () => Promise<EmailStatusTransaction>;\n verify?: (payload: VerificationPayload) => Promise<BaseTransaction>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { accessToken, res } = options;\n // assign required fields from res\n const { id, profile, roles, status, _links } = res;\n this.id = id;\n this.profile = profile;\n this.roles = roles;\n this.status = status;\n\n // assign transformed fns to transaction\n this.get = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'get', \n links: _links,\n }, EmailTransaction);\n return await fn();\n };\n this.delete = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'delete', \n links: _links \n });\n return await fn();\n };\n this.challenge = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'challenge', \n links: _links,\n }, EmailChallengeTransaction);\n return await fn();\n };\n if (_links.poll) {\n this.poll = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'poll', \n links: _links,\n }, EmailStatusTransaction);\n return await fn();\n };\n }\n if (_links.verify) {\n this.verify = async (payload: VerificationPayload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'verify', \n links: _links,\n });\n return await fn(payload);\n };\n }\n }\n}\n","import { sendRequest } from './request';\nimport { IAPIFunction } from './types';\nimport {\n BaseTransaction, \n EmailTransaction, \n EmailChallengeTransaction \n} from './transactions';\n\n/**\n * @scope: okta.myAccount.email.read\n */\nexport const getEmails: IAPIFunction<EmailTransaction[]> = async (\n oktaAuth,\n options?\n) => {\n const transaction = await sendRequest<EmailTransaction, 'plural'>(oktaAuth, {\n url: '/idp/myaccount/emails',\n method: 'GET',\n accessToken: options?.accessToken\n }, EmailTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.read\n */\nexport const getEmail: IAPIFunction<EmailTransaction> = async (\n oktaAuth, \n options\n) => {\n const { id, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/emails/${id}`,\n method: 'GET',\n accessToken,\n }, EmailTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.manage\n */\nexport const addEmail: IAPIFunction<EmailTransaction> = async (\n oktaAuth, \n options\n): Promise<EmailTransaction> => {\n const { accessToken, payload } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/emails',\n method: 'POST',\n payload,\n accessToken,\n }, EmailTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.manage\n */\nexport const deleteEmail: IAPIFunction<BaseTransaction> = async (\n oktaAuth, \n options\n) => {\n const { id, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/emails/${id}`,\n method: 'DELETE',\n accessToken\n });\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.read\n */\nexport const sendEmailChallenge: IAPIFunction<EmailChallengeTransaction> = async (\n oktaAuth, \n options\n) => {\n const { id, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/emails/${id}/challenge`,\n method: 'POST',\n accessToken,\n }, EmailChallengeTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.read\n */\nexport const getEmailChallenge: IAPIFunction<EmailChallengeTransaction> = async (\n oktaAuth, \n options\n) => {\n const { emailId, challengeId, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/emails/${emailId}/challenge/${challengeId}`,\n method: 'POST',\n accessToken,\n }, EmailChallengeTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.manage\n */\nexport const verifyEmailChallenge: IAPIFunction<BaseTransaction> = async (\n oktaAuth,\n options\n) => {\n const { emailId, challengeId, payload, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/emails/${emailId}/challenge/${challengeId}/verify`,\n method: 'POST',\n payload,\n accessToken\n });\n return transaction;\n};\n","import { ChallengePhonePayload, PhoneProfile, Status, VerificationPayload } from '../types';\nimport BaseTransaction from './Base';\nimport { generateRequestFnFromLinks } from '../request';\n\nexport default class PhoneTransaction extends BaseTransaction {\n id: string;\n profile: PhoneProfile;\n status: Status;\n\n // eslint-disable-next-line no-use-before-define\n get: () => Promise<PhoneTransaction>;\n delete: () => Promise<BaseTransaction>;\n challenge: (payload: ChallengePhonePayload) => Promise<BaseTransaction>;\n verify?: (payload: VerificationPayload) => Promise<BaseTransaction>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { res, accessToken } = options;\n // assign required fields from res\n const { id, profile, status, _links } = res;\n this.id = id;\n this.profile = profile;\n this.status = status;\n\n // assign transformed fns to transaction\n this.get = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'get', \n links: _links,\n }, PhoneTransaction);\n return await fn();\n };\n this.delete = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'delete', \n links: _links \n });\n return await fn();\n };\n this.challenge = async (payload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'challenge', \n links: _links \n });\n return await fn(payload);\n };\n if (_links.verify) {\n this.verify = async (payload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'verify', \n links: _links \n });\n return await fn(payload);\n } ;\n }\n }\n}\n","import { sendRequest } from './request';\nimport { IAPIFunction } from './types';\nimport {\n BaseTransaction, \n PhoneTransaction\n} from './transactions';\n\n/**\n * @scope: okta.myAccount.phone.read\n */\nexport const getPhones: IAPIFunction<PhoneTransaction[]> = async (\n oktaAuth,\n options?\n) => {\n const transaction = await sendRequest<PhoneTransaction, 'plural'>(oktaAuth, {\n url: '/idp/myaccount/phones',\n method: 'GET',\n accessToken: options?.accessToken,\n }, PhoneTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.phone.read\n */\nexport const getPhone: IAPIFunction<PhoneTransaction> = async (\n oktaAuth,\n options\n) => {\n const { accessToken, id } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/phones/${id}`,\n method: 'GET',\n accessToken,\n }, PhoneTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.phone.manage\n */\nexport const addPhone: IAPIFunction<PhoneTransaction> = async (\n oktaAuth, \n options\n): Promise<PhoneTransaction> => {\n const { accessToken, payload } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/phones',\n method: 'POST',\n payload,\n accessToken,\n }, PhoneTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.phone.manage\n */\nexport const deletePhone: IAPIFunction<BaseTransaction> = async (\n oktaAuth, \n options\n) => {\n const { id, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/phones/${id}`,\n method: 'DELETE',\n accessToken,\n });\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.phone.manage\n */\nexport const sendPhoneChallenge: IAPIFunction<BaseTransaction> = async (\n oktaAuth, \n options\n) => {\n const { accessToken, id, payload } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/phones/${id}/challenge`,\n method: 'POST',\n payload,\n accessToken\n });\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.phone.manage\n */\nexport const verifyPhoneChallenge: IAPIFunction<BaseTransaction> = async (\n oktaAuth,\n options\n) => {\n const { id, payload, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/phones/${id}/verify`,\n method: 'POST',\n payload,\n accessToken\n });\n return transaction;\n};\n","import { EnrollPasswordPayload, UpdatePasswordPayload, PasswordStatus } from '../types';\nimport BaseTransaction from './Base';\nimport { generateRequestFnFromLinks } from '../request';\n\nexport default class PasswordTransaction extends BaseTransaction {\n id: string;\n created: string;\n lastUpdated: string;\n status: PasswordStatus;\n\n // eslint-disable-next-line no-use-before-define\n get?: () => Promise<PasswordTransaction>;\n // eslint-disable-next-line no-use-before-define\n enroll?: (payload: EnrollPasswordPayload) => Promise<PasswordTransaction>;\n // eslint-disable-next-line no-use-before-define\n update?: (payload: UpdatePasswordPayload) => Promise<PasswordTransaction>;\n delete?: () => Promise<BaseTransaction>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { res, accessToken } = options;\n // assign required fields from res\n const { id, status, created, lastUpdated, _links } = res;\n this.id = id;\n this.status = status;\n this.created = created;\n this.lastUpdated = lastUpdated;\n\n // assign transformed fns to transaction\n if (this.status == PasswordStatus.NOT_ENROLLED) {\n this.enroll = async (payload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'enroll',\n links: _links,\n }, PasswordTransaction);\n return await fn(payload);\n };\n }\n else {\n this.get = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'get',\n links: _links,\n }, PasswordTransaction);\n return await fn();\n };\n\n this.update = async (payload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'put', \n links: _links,\n }, PasswordTransaction);\n return await fn(payload);\n };\n \n this.delete = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'delete', \n links: _links \n });\n return await fn();\n };\n }\n }\n}\n","import { sendRequest } from './request';\nimport { IAPIFunction } from './types';\nimport {\n BaseTransaction, \n PasswordTransaction\n} from './transactions';\n\n/**\n * @scope: okta.myAccount.password.read\n */\nexport const getPassword: IAPIFunction<PasswordTransaction> = async (\n oktaAuth,\n options\n) => {\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/password`,\n method: 'GET',\n accessToken: options?.accessToken,\n }, PasswordTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.password.manage\n */\nexport const enrollPassword: IAPIFunction<PasswordTransaction> = async (\n oktaAuth, \n options\n): Promise<PasswordTransaction> => {\n const { accessToken, payload } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/password',\n method: 'POST',\n payload,\n accessToken,\n }, PasswordTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.password.manage\n */\nexport const updatePassword: IAPIFunction<PasswordTransaction> = async (\n oktaAuth, \n options\n): Promise<PasswordTransaction> => {\n const { accessToken, payload } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/password',\n method: 'PUT',\n payload,\n accessToken,\n }, PasswordTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.password.manage\n */\nexport const deletePassword: IAPIFunction<BaseTransaction> = async (\n oktaAuth, \n options?\n) => {\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/password`,\n method: 'DELETE',\n accessToken: options?.accessToken,\n });\n return transaction;\n};\n","import { StorageManagerConstructor } from '../storage/types';\nimport { OktaAuthConstructor, OktaAuthOptionsConstructor } from '../base/types';\nimport {\n OAuthStorageManagerInterface,\n PKCETransactionMeta,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../oidc/types';\nimport { createOktaAuthCore } from '../core/factory';\nimport { OktaAuthCoreOptions } from '../core/types';\nimport { mixinMyAccount } from './mixin';\nimport { OktaAuthMyAccountInterface } from './types';\n\nexport function createOktaAuthMyAccount\n<\n M extends PKCETransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions = OktaAuthCoreOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n>\n(\n StorageManagerConstructor: StorageManagerConstructor<S>,\n OptionsConstructor: OktaAuthOptionsConstructor<O>,\n TransactionManager: TransactionManagerConstructor<TM>\n)\n: OktaAuthConstructor<OktaAuthMyAccountInterface<M, S, O>>\n{\n const Core = createOktaAuthCore<M, S, O>(StorageManagerConstructor, OptionsConstructor, TransactionManager);\n const WithMyAccount = mixinMyAccount<M, S, O>(Core);\n return WithMyAccount;\n}\n","import { OktaAuthConstructor } from '../base/types';\nimport {\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PKCETransactionMeta,\n} from '../oidc/types';\nimport { OktaAuthMyAccountInterface } from './types';\n\nimport * as MyAccountMethods from './api';\n\nexport function mixinMyAccount\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TBase extends OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O>>\n = OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthMyAccountInterface<M, S, O>>\n{\n return class OktaAuthMyAccount extends Base implements OktaAuthMyAccountInterface<M, S, O>\n {\n myaccount: any;\n \n constructor(...args: any[]) {\n super(...args);\n\n this.myaccount = Object.entries(MyAccountMethods)\n .filter(([ name ]) => name !== 'default')\n .reduce((acc, [name, fn]) => {\n acc[name] = (fn as any).bind(null, this);\n return acc;\n }, {});\n }\n };\n}\n","import {\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PKCETransactionMeta,\n AccessToken\n} from '../oidc/types';\n\nexport type { \n EmailTransaction, \n EmailStatusTransaction,\n EmailChallengeTransaction,\n PhoneTransaction,\n ProfileTransaction,\n ProfileSchemaTransaction,\n PasswordTransaction,\n BaseTransaction\n} from './transactions';\n\nexport enum EmailRole {\n PRIMARY = 'PRIMARY',\n SECONDARY = 'SECONDARY'\n}\n\nexport enum Status {\n VERIFIED = 'VERIFIED',\n UNVERIFIED = 'UNVERIFIED'\n}\n\nexport enum PasswordStatus {\n NOT_ENROLLED = 'NOT_ENROLLED',\n ACTIVE = 'ACTIVE'\n}\n\nexport type EmailProfile = {\n email: string;\n}\n\nexport type AddEmailPayload = {\n profile: {\n email: string;\n };\n sendEmail: boolean;\n role: EmailRole;\n}\n\nexport type PhoneProfile = {\n profile: {\n phoneNumber: string;\n };\n}\n\nexport type AddPhonePayload = {\n profile: {\n phoneNumber: string;\n };\n sendCode: boolean;\n method: string;\n};\n\nexport type ChallengePhonePayload = {\n method: string;\n}\n\nexport type VerificationPayload = {\n verificationCode: string;\n};\n\nexport type EnrollPasswordPayload = {\n profile: {\n password: string;\n }\n}\n\nexport type UpdatePasswordPayload = {\n profile: {\n password: string;\n currentPassword?: string;\n }\n}\n\nexport type UpdateProfilePayload = {\n profile: {\n firstName?: string;\n lastName?: string;\n email?: string;\n login?: string;\n [property: string]: any;\n };\n};\n\nexport type MyAccountRequestOptions = {\n id?: string;\n emailId?: string;\n challengeId?: string;\n payload?: AddEmailPayload \n | AddPhonePayload \n | ChallengePhonePayload\n | VerificationPayload \n | UpdateProfilePayload\n | EnrollPasswordPayload\n | UpdatePasswordPayload;\n accessToken?: string | AccessToken;\n}\n\nexport type IAPIFunction<T> = (\n oktaAuth: OktaAuthOAuthInterface, \n options?: MyAccountRequestOptions\n) => Promise<T>;\n\nexport interface OktaAuthMyAccountInterface\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions\n> \n extends OktaAuthOAuthInterface<M, S, O>\n{\n myaccount;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport default class SdkClock {\n localOffset: number;\n\n constructor(localOffset) {\n // Calculated local clock offset from server time (in milliseconds). Can be positive or negative.\n this.localOffset = parseInt(localOffset || 0);\n }\n\n // factory method. Create an instance of a clock from current context.\n static create(/* sdk, options */): SdkClock {\n // TODO: calculate localOffset\n var localOffset = 0;\n return new SdkClock(localOffset);\n }\n\n // Return the current time (in seconds)\n now() {\n var now = (Date.now() + this.localOffset) / 1000;\n return now;\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from '../util';\nimport { AuthSdkError } from '../errors';\nimport { validateToken } from '../oidc/util';\nimport { isLocalhost, isIE11OrLess } from '../features';\nimport SdkClock from '../clock';\nimport {\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n TokenManagerErrorEventHandler,\n TokenManagerSetStorageEventHandler,\n TokenManagerRenewEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken,\n AccessTokenCallback,\n IDTokenCallback,\n RefreshTokenCallback,\n EVENT_RENEWED,\n EVENT_ADDED,\n EVENT_ERROR,\n EVENT_EXPIRED,\n EVENT_REMOVED,\n EVENT_SET_STORAGE,\n TokenManagerAnyEventHandler,\n TokenManagerAnyEvent,\n OktaAuthOAuthInterface\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from '../constants';\nimport { EventEmitter } from '../base/types';\nimport { StorageOptions, StorageProvider, StorageType } from '../storage/types';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME\n};\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n started?: boolean;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthOAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler: TokenManagerEventHandler, context?: object): void;\n on(event: TokenManagerAnyEvent, handler: TokenManagerAnyEventHandler, context?: object): void {\n if (context) {\n this.emitter.on(event, handler, context);\n } else {\n this.emitter.on(event, handler);\n }\n }\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler?: TokenManagerEventHandler): void;\n off(event: TokenManagerAnyEvent, handler?: TokenManagerAnyEventHandler): void {\n if (handler) {\n this.emitter.off(event, handler);\n } else {\n this.emitter.off(event);\n }\n }\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthOAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n this.state.started = true;\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n this.state.started = false;\n }\n\n isStarted() {\n return !!this.state.started;\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key): Token | undefined {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key): Promise<Token | undefined> {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n // for synchronization of LocalStorage cross tabs for IE11\n private emitSetStorageEvent() {\n if (isIE11OrLess()) {\n const storage = this.storage.getStorage();\n this.emitter.emit(EVENT_SET_STORAGE, storage);\n }\n }\n\n // used in `SyncStorageService` for synchronization of LocalStorage cross tabs for IE11\n public getStorage() {\n return this.storage;\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: AccessTokenCallback, \n idTokenCb?: IDTokenCallback,\n refreshTokenCb?: RefreshTokenCallback\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n this.emitSetStorageEvent();\n\n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n\n try {\n var token = this.getSync(key);\n let shouldRenew = token !== undefined;\n // explicitly check if key='accessToken' because token keys are not guaranteed (long story, features dragons)\n if (!token && key === 'accessToken') {\n // attempt token renewal if refresh token is present (improves consistency of autoRenew)\n const refreshKey = this.getStorageKeyByType('refreshToken');\n const refreshToken = this.getSync(refreshKey);\n shouldRenew = refreshToken !== undefined;\n }\n\n if (!shouldRenew) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n }\n catch (err) {\n this.emitError(err);\n return Promise.reject(err);\n }\n\n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n const renewPromise = this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // return accessToken in case where access token doesn't exist\n // but refresh token exists\n if (!token && key === 'accessToken') {\n const accessToken = tokens['accessToken'];\n this.emitRenewed(key, accessToken, null);\n return accessToken;\n }\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token!);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return renewPromise;\n }\n \n clear() {\n const tokens = this.getTokensSync();\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n this.emitSetStorageEvent();\n\n Object.keys(tokens).forEach(key => {\n this.emitRemoved(key, tokens[key]);\n });\n }\n\n clearPendingRemoveTokens() {\n const tokenStorage = this.storage.getStorage();\n const removedTokens = {};\n Object.keys(tokenStorage).forEach(key => {\n if (tokenStorage[key].pendingRemove) {\n removedTokens[key] = tokenStorage[key];\n delete tokenStorage[key];\n }\n });\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n Object.keys(removedTokens).forEach(key => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, removedTokens[key]);\n });\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n }\n\n removeRefreshToken () {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n this.remove(key);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n","import { OAuthStorageManagerInterface, OAuthTransactionMeta, isTransactionMeta } from '../types';\n\nconst MAX_ENTRY_LIFETIME = 30 * 60 * 1000; // 30 minutes\n\nexport function pruneSharedStorage<M extends OAuthTransactionMeta>(storageManager: OAuthStorageManagerInterface<M>) {\n const sharedStorage = storageManager.getSharedTansactionStorage();\n const entries = sharedStorage.getStorage();\n Object.keys(entries).forEach(state => {\n const entry = entries[state];\n const age = Date.now() - entry.dateCreated;\n if (age > MAX_ENTRY_LIFETIME) {\n delete entries[state];\n }\n });\n sharedStorage.setStorage(entries);\n}\n\nexport function saveTransactionToSharedStorage<M extends OAuthTransactionMeta>(\n storageManager: OAuthStorageManagerInterface<M>, state: string, meta: M\n) {\n const sharedStorage = storageManager.getSharedTansactionStorage();\n const entries = sharedStorage.getStorage();\n entries[state] = {\n dateCreated: Date.now(),\n transaction: meta\n };\n sharedStorage.setStorage(entries);\n}\n\n\nexport function loadTransactionFromSharedStorage<M extends OAuthTransactionMeta>(\n storageManager: OAuthStorageManagerInterface<M>, state: string\n) {\n const sharedStorage = storageManager.getSharedTansactionStorage();\n const entries = sharedStorage.getStorage();\n const entry = entries[state];\n if (entry && entry.transaction && isTransactionMeta(entry.transaction)) {\n return entry.transaction;\n }\n return null;\n}\n\nexport function clearTransactionFromSharedStorage<M extends OAuthTransactionMeta>(\n storageManager: OAuthStorageManagerInterface<M>, state: string\n) {\n const sharedStorage = storageManager.getSharedTansactionStorage();\n const entries = sharedStorage.getStorage();\n delete entries[state];\n sharedStorage.setStorage(entries);\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { StorageProvider } from '../storage/types';\nimport {\n TransactionMeta,\n isTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n OAuthTransactionMeta,\n OAuthStorageManagerInterface,\n ClearTransactionMetaOptions,\n TransactionManagerInterface,\n PKCETransactionMeta\n} from './types';\nimport { warn } from '../util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\n\nexport function createTransactionManager\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>\n>\n()\n{\n return class TransactionManager implements TransactionManagerInterface\n {\n options: TransactionManagerOptions;\n storageManager: S;\n enableSharedStorage: boolean;\n saveLastResponse: boolean;\n\n constructor(options: TransactionManagerOptions) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = options.storageManager! as S;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.saveLastResponse = options.saveLastResponse === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: M, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n return null;\n }\n\n };\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { JWTObject } from './types';\nimport { base64UrlToString } from '../crypto';\n\nexport function decodeToken(token: string): JWTObject {\n var jwt = token.split('.');\n var decodedToken: JWTObject;\n\n try {\n decodedToken = {\n header: JSON.parse(base64UrlToString(jwt[0])),\n payload: JSON.parse(base64UrlToString(jwt[1])),\n signature: jwt[2]\n };\n } catch (e) {\n throw new AuthSdkError('Malformed token');\n }\n\n return decodedToken;\n}\n","// References:\n// https://www.w3.org/TR/WebCryptoAPI/#concepts-key-storage\n// https://datatracker.ietf.org/doc/html/rfc9449\n\nimport {\n webcrypto,\n stringToBase64Url,\n stringToBuffer,\n bufferToBase64Url,\n base64ToBase64Url,\n btoa\n} from '../crypto';\nimport { AuthSdkError, OAuthError, WWWAuthError, isOAuthError, isWWWAuthError } from '../errors';\nimport { Tokens } from './types';\n\nexport interface DPoPClaims {\n htm: string;\n htu: string;\n iat: number;\n jti: string;\n nonce?: string;\n ath?: string;\n}\n\nexport interface DPoPProofParams {\n keyPair: CryptoKeyPair;\n url: string;\n method: string;\n nonce?: string;\n accessToken?: string;\n}\n\nexport type ResourceDPoPProofParams = Omit<DPoPProofParams, 'keyPair' | 'nonce'>;\ntype DPoPProofTokenRequestParams = Omit<DPoPProofParams, 'accessToken'>;\n\nconst INDEXEDDB_NAME = 'OktaAuthJs';\nconst DB_KEY = 'DPoPKeys';\n\nexport function isDPoPNonceError(obj: any): obj is OAuthError | WWWAuthError {\n return (\n (isOAuthError(obj) || isWWWAuthError(obj)) &&\n obj.errorCode === 'use_dpop_nonce'\n );\n}\n\n/////////// crypto ///////////\n\nexport async function createJwt(header: object, claims: object, signingKey: CryptoKey): Promise<string> {\n const head = stringToBase64Url(JSON.stringify(header));\n const body = stringToBase64Url(JSON.stringify(claims));\n const signature = await webcrypto.subtle.sign(\n { name: signingKey.algorithm.name }, signingKey, stringToBuffer(`${head}.${body}`)\n );\n return `${head}.${body}.${base64ToBase64Url(bufferToBase64Url(signature))}`;\n}\n\nexport function cryptoRandomValue (byteLen = 32) {\n return [...webcrypto.getRandomValues(new Uint8Array(byteLen))].map(v => v.toString(16)).join('');\n}\n\nexport async function generateKeyPair (): Promise<CryptoKeyPair> {\n const algorithm = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: 'SHA-256',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n };\n\n // The \"false\" here makes it non-exportable\n // https://caniuse.com/mdn-api_subtlecrypto_generatekey\n return webcrypto.subtle.generateKey(algorithm, false, ['sign', 'verify']);\n}\n\nasync function hashAccessToken (accessToken: string): Promise<string> {\n const buffer = new TextEncoder().encode(accessToken);\n const hash = await webcrypto.subtle.digest('SHA-256', buffer);\n\n return btoa(String.fromCharCode.apply(null, new Uint8Array(hash) as unknown as number[]))\n .replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n\n/////////// indexeddb / keystore ///////////\n\n\n// https://developer.mozilla.org/en-US/docs/Web/API/IDBObjectStore#instance_methods\n// add additional methods as needed\nexport type StoreMethod = 'get' | 'add' | 'delete' | 'clear';\n\n// convenience abstraction for exposing IDBObjectStore instance\nfunction keyStore (): Promise<IDBObjectStore> {\n return new Promise((resolve, reject) => {\n try {\n const indexedDB = window.indexedDB;\n const req = indexedDB.open(INDEXEDDB_NAME, 1);\n\n req.onerror = function () {\n reject(req.error!);\n };\n\n req.onupgradeneeded = function () {\n const db = req.result;\n db.createObjectStore(DB_KEY);\n };\n\n req.onsuccess = function () {\n const db = req.result;\n const tx = db.transaction(DB_KEY, 'readwrite');\n\n tx.onerror = function () {\n reject(tx.error!);\n };\n\n const store = tx.objectStore(DB_KEY);\n\n resolve(store);\n\n tx.oncomplete = function () {\n db.close();\n };\n };\n }\n catch (err) {\n reject(err);\n }\n });\n}\n\n// convenience abstraction for wrapping IDBObjectStore methods in promises\nasync function invokeStoreMethod (method: StoreMethod, ...args: any[]): Promise<IDBRequest> {\n const store = await keyStore();\n return new Promise((resolve, reject) => {\n // https://github.com/microsoft/TypeScript/issues/49700\n // https://github.com/microsoft/TypeScript/issues/49802\n // @ts-expect-error ts(2556)\n const req = store[method](...args);\n req.onsuccess = function () {\n resolve(req);\n };\n req.onerror = function () {\n reject(req.error);\n };\n });\n}\n\nasync function storeKeyPair (pairId: string, keyPair: CryptoKeyPair) {\n await invokeStoreMethod('add', keyPair, pairId);\n return keyPair;\n}\n\n// attempts to find keyPair stored at given key, otherwise throws\nexport async function findKeyPair (pairId?: string): Promise<CryptoKeyPair> {\n if (pairId) {\n const req = await invokeStoreMethod('get', pairId);\n if (req.result) {\n return req.result;\n }\n }\n\n // defaults to throwing unless keyPair is found\n throw new AuthSdkError(`Unable to locate dpop key pair required for refresh${pairId ? ` (${pairId})` : ''}`);\n}\n\nexport async function clearDPoPKeyPair (pairId: string): Promise<void> {\n await invokeStoreMethod('delete', pairId);\n}\n\nexport async function clearAllDPoPKeyPairs (): Promise<void> {\n await invokeStoreMethod('clear');\n}\n\n// generates a crypto (non-extractable) private key pair and writes it to indexeddb, returns key (id)\nexport async function createDPoPKeyPair (): Promise<{keyPair: CryptoKeyPair, keyPairId: string}> {\n const keyPairId = cryptoRandomValue(4);\n const keyPair = await generateKeyPair();\n await storeKeyPair(keyPairId, keyPair);\n return { keyPair, keyPairId };\n}\n\n// will clear PK from storage if certain token conditions are met\n/* eslint max-len: [2, 132], complexity: [2, 12] */\nexport async function clearDPoPKeyPairAfterRevoke (revokedToken: 'access' | 'refresh', tokens: Tokens): Promise<void> {\n let shouldClear = false;\n\n const { accessToken, refreshToken } = tokens;\n\n // revoking access token and refresh token doesn't exist\n if (revokedToken === 'access' && accessToken && accessToken.tokenType === 'DPoP' && !refreshToken) {\n shouldClear = true;\n }\n\n // revoking refresh token and access token doesn't exist\n if (revokedToken === 'refresh' && refreshToken && !accessToken) {\n shouldClear = true;\n }\n\n const pairId = accessToken?.dpopPairId ?? refreshToken?.dpopPairId;\n if (shouldClear && pairId) {\n await clearDPoPKeyPair(pairId);\n }\n}\n\n/////////// proof generation methods ///////////\n\nexport async function generateDPoPProof ({ keyPair, url, method, nonce, accessToken }: DPoPProofParams): Promise<string> {\n const { kty, crv, e, n, x, y } = await webcrypto.subtle.exportKey('jwk', keyPair.publicKey);\n const header = {\n alg: 'RS256',\n typ: 'dpop+jwt',\n jwk: { kty, crv, e, n, x, y }\n };\n\n const claims: DPoPClaims = {\n htm: method,\n htu: url,\n iat: Math.floor(Date.now() / 1000),\n jti: cryptoRandomValue(),\n };\n\n if (nonce) {\n claims.nonce = nonce;\n }\n\n // encode access token\n if (accessToken) {\n claims.ath = await hashAccessToken(accessToken);\n }\n\n return createJwt(header, claims, keyPair.privateKey);\n}\n\n/* eslint max-len: [2, 132] */\nexport async function generateDPoPForTokenRequest ({ keyPair, url, method, nonce }: DPoPProofTokenRequestParams): Promise<string> {\n const params: DPoPProofParams = { keyPair, url, method };\n if (nonce) {\n params.nonce = nonce;\n }\n\n return generateDPoPProof(params);\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { isString, removeNils, toQueryString } from '../../util';\nimport { AuthSdkError } from '../../errors';\nimport { OAuthParams, TokenParams } from '../types';\n\nexport function convertTokenParamsToOAuthParams(tokenParams: TokenParams) {\n // Quick validation\n if (!tokenParams.clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n }\n\n if (isString(tokenParams.responseType) && tokenParams.responseType.indexOf(' ') !== -1) {\n throw new AuthSdkError('Multiple OAuth responseTypes must be defined as an array');\n }\n\n // Convert our params to their actual OAuth equivalents\n var oauthParams: OAuthParams = {\n 'client_id': tokenParams.clientId,\n 'code_challenge': tokenParams.codeChallenge,\n 'code_challenge_method': tokenParams.codeChallengeMethod,\n 'display': tokenParams.display,\n 'idp': tokenParams.idp,\n 'idp_scope': tokenParams.idpScope,\n 'login_hint': tokenParams.loginHint,\n 'max_age': tokenParams.maxAge,\n 'nonce': tokenParams.nonce,\n 'prompt': tokenParams.prompt,\n 'redirect_uri': tokenParams.redirectUri,\n 'response_mode': tokenParams.responseMode,\n 'response_type': tokenParams.responseType,\n 'sessionToken': tokenParams.sessionToken,\n 'state': tokenParams.state,\n 'acr_values': tokenParams.acrValues,\n 'enroll_amr_values': tokenParams.enrollAmrValues,\n };\n oauthParams = removeNils(oauthParams) as OAuthParams;\n\n ['idp_scope', 'response_type', 'enroll_amr_values'].forEach(function (mayBeArray) {\n if (Array.isArray(oauthParams[mayBeArray])) {\n oauthParams[mayBeArray] = oauthParams[mayBeArray].join(' ');\n }\n });\n\n if (tokenParams.responseType!.indexOf('id_token') !== -1 &&\n tokenParams.scopes!.indexOf('openid') === -1) {\n throw new AuthSdkError('openid scope must be specified in the scopes argument when requesting an id_token');\n } else if (tokenParams.scopes) {\n oauthParams.scope = tokenParams.scopes!.join(' ');\n }\n\n return oauthParams;\n}\n\nexport function buildAuthorizeParams(tokenParams: TokenParams) {\n var oauthQueryParams = convertTokenParamsToOAuthParams(tokenParams);\n return toQueryString({ \n ...oauthQueryParams, \n ...(tokenParams.extraParams && { ...tokenParams.extraParams })\n });\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError, AuthApiError } from '../../errors';\nimport { CustomUrls, OAuthParams, OAuthResponse, RefreshToken, TokenParams } from '../types';\nimport { removeNils, toQueryString } from '../../util';\nimport { httpRequest, OktaAuthHttpInterface } from '../../http';\nimport { generateDPoPForTokenRequest, isDPoPNonceError } from '../dpop';\n\nexport interface TokenEndpointParams extends TokenParams {\n dpopKeyPair?: CryptoKeyPair;\n}\n\ninterface TokenRequestParams {\n url: string;\n data: any;\n dpopKeyPair?: CryptoKeyPair;\n nonce?: string;\n}\n\nfunction validateOptions(options: TokenEndpointParams) {\n // Quick validation\n if (!options.clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n }\n\n if (!options.redirectUri) {\n throw new AuthSdkError('The redirectUri passed to /authorize must also be passed to /token');\n }\n\n if (!options.authorizationCode && !options.interactionCode) {\n throw new AuthSdkError('An authorization code (returned from /authorize) must be passed to /token');\n }\n\n if (!options.codeVerifier) {\n throw new AuthSdkError('The \"codeVerifier\" (generated and saved by your app) must be passed to /token');\n }\n}\n\nfunction getPostData(sdk, options: TokenParams): string {\n // Convert Token params to OAuth params, sent to the /token endpoint\n var params: OAuthParams = removeNils({\n 'client_id': options.clientId,\n 'redirect_uri': options.redirectUri,\n 'grant_type': options.interactionCode ? 'interaction_code' : 'authorization_code',\n 'code_verifier': options.codeVerifier\n });\n\n if (options.interactionCode) {\n params['interaction_code'] = options.interactionCode;\n } else if (options.authorizationCode) {\n params.code = options.authorizationCode;\n }\n\n const { clientSecret } = sdk.options;\n if (clientSecret) {\n params['client_secret'] = clientSecret;\n }\n\n // Encode as URL string\n return toQueryString(params).slice(1);\n}\n\n/* eslint complexity: [2, 10] */\nasync function makeTokenRequest (sdk, { url, data, nonce, dpopKeyPair }: TokenRequestParams): Promise<OAuthResponse> {\n const method = 'POST';\n const headers: any = {\n 'Content-Type': 'application/x-www-form-urlencoded',\n };\n\n if (sdk.options.dpop) {\n if (!dpopKeyPair) {\n throw new AuthSdkError('DPoP is configured but no key pair was provided');\n }\n\n const proof = await generateDPoPForTokenRequest({ url, method, nonce, keyPair: dpopKeyPair });\n headers.DPoP = proof;\n }\n\n try {\n const resp = await httpRequest(sdk, {\n url,\n method,\n args: data,\n headers\n });\n return resp;\n }\n catch (err) {\n if (isDPoPNonceError(err) && !nonce) {\n const dpopNonce = err.resp?.headers['dpop-nonce'];\n if (!dpopNonce) {\n // throws error is dpop-nonce header cannot be found, prevents infinite loop\n throw new AuthApiError(\n {errorSummary: 'No `dpop-nonce` header found when required'},\n err.resp ?? undefined // yay ts\n );\n }\n return makeTokenRequest(sdk, { url, data, dpopKeyPair, nonce: dpopNonce });\n }\n throw err;\n }\n}\n\n// exchange authorization code for an access token\nexport async function postToTokenEndpoint(sdk, options: TokenEndpointParams, urls: CustomUrls): Promise<OAuthResponse> {\n validateOptions(options);\n var data = getPostData(sdk, options);\n\n const params: TokenRequestParams = {\n url: urls.tokenUrl!,\n data,\n dpopKeyPair: options?.dpopKeyPair\n };\n\n return makeTokenRequest(sdk, params);\n}\n\nexport async function postRefreshToken(\n sdk: OktaAuthHttpInterface,\n options: TokenEndpointParams,\n refreshToken: RefreshToken\n): Promise<OAuthResponse> {\n const data = Object.entries({\n client_id: options.clientId, // eslint-disable-line camelcase\n grant_type: 'refresh_token', // eslint-disable-line camelcase\n scope: refreshToken.scopes.join(' '),\n refresh_token: refreshToken.refreshToken, // eslint-disable-line camelcase\n }).map(function ([name, value]) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return name + '=' + encodeURIComponent(value!);\n }).join('&');\n\n let url = refreshToken.tokenUrl;\n if (options.extraParams && Object.keys(options.extraParams).length >= 1) {\n url += toQueryString(options.extraParams);\n }\n\n const params: TokenRequestParams = {\n url,\n data,\n dpopKeyPair: options?.dpopKeyPair\n };\n\n return makeTokenRequest(sdk, params);\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { get } from '../../http';\nimport { find } from '../../util';\nimport { OktaAuthOAuthInterface, WellKnownResponse } from '../types';\nimport AuthSdkError from '../../errors/AuthSdkError';\n\nexport function getWellKnown(sdk: OktaAuthOAuthInterface, issuer?: string): Promise<WellKnownResponse> {\n var authServerUri = (issuer || sdk.options.issuer);\n return get(sdk, authServerUri + '/.well-known/openid-configuration', {\n cacheResponse: true\n });\n}\n\nexport function getKey(sdk: OktaAuthOAuthInterface, issuer: string, kid: string): Promise<string> {\n var httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n return getWellKnown(sdk, issuer)\n .then(function(wellKnown) {\n var jwksUri = wellKnown['jwks_uri'];\n\n // Check our kid against the cached version (if it exists and isn't expired)\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[jwksUri];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n var cachedKey = find(cachedResponse.response.keys, {\n kid: kid\n });\n\n if (cachedKey) {\n return cachedKey;\n }\n }\n\n // Remove cache for the key\n httpCache.clearStorage(jwksUri);\n\n // Pull the latest keys if the key wasn't in the cache\n return get(sdk, jwksUri, {\n cacheResponse: true\n })\n .then(function(res) {\n var key = find(res.keys, {\n kid: kid\n });\n\n if (key) {\n return key;\n }\n\n throw new AuthSdkError('The key id, ' + kid + ', was not found in the server\\'s keys');\n });\n });\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/* eslint-disable max-len */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { CustomUrls, OAuthResponse, OAuthResponseType, OktaAuthOAuthInterface, TokenParams, TokenResponse } from './types';\nimport { getOAuthUrls, getDefaultTokenParams } from './util';\nimport { clone } from '../util';\nimport { postToTokenEndpoint, TokenEndpointParams } from './endpoints/token';\nimport { handleOAuthResponse } from './handleOAuthResponse';\nimport { createDPoPKeyPair, findKeyPair } from './dpop';\n\n// codeVerifier is required. May pass either an authorizationCode or interactionCode\nexport async function exchangeCodeForTokens(sdk: OktaAuthOAuthInterface, tokenParams: TokenParams, urls?: CustomUrls): Promise<TokenResponse> {\n urls = urls || getOAuthUrls(sdk, tokenParams);\n // build params using defaults + options\n tokenParams = Object.assign({}, getDefaultTokenParams(sdk), clone(tokenParams));\n\n const {\n authorizationCode,\n interactionCode,\n codeVerifier,\n clientId,\n redirectUri,\n scopes,\n ignoreSignature,\n state,\n acrValues,\n dpop,\n dpopPairId,\n extraParams\n } = tokenParams;\n\n // postToTokenEndpoint() params\n const getTokenOptions: TokenEndpointParams = {\n clientId,\n redirectUri,\n authorizationCode,\n interactionCode,\n codeVerifier,\n dpop,\n };\n\n // `handleOAuthResponse` hanadles responses from both `/authorize` and `/token` endpoints\n // Here we modify the response from `/token` so that it more closely matches a response from `/authorize`\n // `responseType` is used to validate that the expected tokens were returned\n const responseType: OAuthResponseType[] = ['token']; // an accessToken will always be returned\n if (scopes!.indexOf('openid') !== -1) {\n responseType.push('id_token'); // an idToken will be returned if \"openid\" is in the scopes\n }\n // handleOAuthResponse() params\n const handleResponseOptions: TokenParams = {\n clientId,\n redirectUri,\n scopes,\n responseType,\n ignoreSignature,\n acrValues,\n extraParams\n };\n\n try {\n if (dpop) {\n // token refresh, KP should already exist\n if (dpopPairId) {\n const keyPair = await findKeyPair(dpopPairId);\n getTokenOptions.dpopKeyPair = keyPair;\n handleResponseOptions.dpop = dpop;\n handleResponseOptions.dpopPairId = dpopPairId;\n }\n else {\n const { keyPair, keyPairId } = await createDPoPKeyPair();\n getTokenOptions.dpopKeyPair = keyPair;\n handleResponseOptions.dpop = dpop;\n handleResponseOptions.dpopPairId = keyPairId;\n }\n }\n\n const oauthResponse: OAuthResponse = await postToTokenEndpoint(sdk, getTokenOptions, urls);\n\n const tokenResponse: TokenResponse = await handleOAuthResponse(sdk, handleResponseOptions, oauthResponse, urls!);\n tokenResponse.code = authorizationCode;\n tokenResponse.state = state!;\n return tokenResponse;\n }\n finally {\n sdk.transactionManager.clear();\n }\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from './types';\nimport { clone } from '../util';\nimport { prepareEnrollAuthenticatorParams, createEnrollAuthenticatorMeta } from './util';\nimport { buildAuthorizeParams } from './endpoints/authorize';\n\nexport function enrollAuthenticator(\n sdk: OktaAuthOAuthInterface, \n options: EnrollAuthenticatorOptions\n): void {\n options = clone(options) || {};\n\n const params = prepareEnrollAuthenticatorParams(sdk, options);\n const meta = createEnrollAuthenticatorMeta(sdk, params);\n const requestUrl = meta.urls.authorizeUrl + buildAuthorizeParams(params);\n sdk.transactionManager.save(meta);\n if (sdk.options.setLocation) {\n sdk.options.setLocation(requestUrl);\n } else {\n window.location.assign(requestUrl);\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport { PromiseQueue } from '../../util';\nimport { decodeToken } from '../decodeToken';\nimport { exchangeCodeForTokens } from '../exchangeCodeForTokens';\nimport { getUserInfo } from '../getUserInfo';\nimport { getWithoutPrompt } from '../getWithoutPrompt';\nimport { getWithPopup, getWithIDPPopup } from '../getWithPopup';\nimport { getWithRedirect } from '../getWithRedirect';\nimport { parseFromUrl } from '../parseFromUrl';\nimport { renewToken } from '../renewToken';\nimport { renewTokens } from '../renewTokens';\nimport { renewTokensWithRefresh } from '../renewTokensWithRefresh';\nimport { revokeToken } from '../revokeToken';\nimport { oidcIntrospect } from '../introspect';\nimport {\n AccessToken,\n CustomUserClaims,\n GetWithRedirectFunction,\n IDToken,\n OktaAuthOAuthInterface,\n ParseFromUrlInterface,\n TokenAPI,\n UserClaims,\n Endpoints,\n} from '../types';\nimport { isLoginRedirect, prepareTokenParams } from '../util';\nimport { verifyToken } from '../verifyToken';\nimport { enrollAuthenticator } from '../enrollAuthenticator';\n\n// Factory\nexport function createTokenAPI(sdk: OktaAuthOAuthInterface, queue: PromiseQueue): TokenAPI {\n const useQueue = (method) => {\n return PromiseQueue.prototype.push.bind(queue, method, null);\n };\n\n const getWithRedirectFn = useQueue(getWithRedirect.bind(null, sdk)) as GetWithRedirectFunction;\n\n // eslint-disable-next-line max-len\n const parseFromUrlFn = useQueue(parseFromUrl.bind(null, sdk)) as ParseFromUrlInterface;\n const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n\n const token: TokenAPI ={\n prepareTokenParams: prepareTokenParams.bind(null, sdk),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, sdk),\n getWithoutPrompt: getWithoutPrompt.bind(null, sdk),\n getWithPopup: getWithPopup.bind(null, sdk),\n getWithIDPPopup: getWithIDPPopup.bind(null, sdk),\n getWithRedirect: getWithRedirectFn,\n parseFromUrl: parseFromUrlApi,\n decode: decodeToken,\n revoke: revokeToken.bind(null, sdk),\n renew: renewToken.bind(null, sdk),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, sdk),\n renewTokens: renewTokens.bind(null, sdk),\n getUserInfo: <C extends CustomUserClaims = CustomUserClaims>(\n accessTokenObject: AccessToken,\n idTokenObject: IDToken\n ): Promise<UserClaims<C>> => {\n return getUserInfo(sdk, accessTokenObject, idTokenObject);\n },\n verify: verifyToken.bind(null, sdk),\n isLoginRedirect: isLoginRedirect.bind(null, sdk),\n introspect: oidcIntrospect.bind(null, sdk),\n };\n\n // Wrap certain async token API methods using PromiseQueue to avoid issues with concurrency\n // 'getWithRedirect' and 'parseFromUrl' are already wrapped\n const toWrap = [\n 'getWithoutPrompt',\n 'getWithPopup',\n 'revoke',\n 'renew',\n 'renewTokensWithRefresh',\n 'renewTokens'\n ];\n toWrap.forEach(key => {\n token[key] = useQueue(token[key]);\n });\n\n return token;\n}\n\nexport function createEndpoints(sdk: OktaAuthOAuthInterface): Endpoints {\n return {\n authorize: {\n enrollAuthenticator: enrollAuthenticator.bind(null, sdk),\n }\n };\n}\n","import { StorageManagerConstructor } from '../../storage/types';\nimport { OktaAuthConstructor, OktaAuthOptionsConstructor } from '../../base/types';\n\nimport { createOktaAuthBase } from '../../base';\nimport { mixinStorage } from '../../storage/mixin';\nimport { mixinSession } from '../../session/mixin';\nimport { mixinHttp } from '../../http/mixin';\nimport { mixinOAuth } from '../mixin';\nimport {\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n OAuthStorageManagerInterface,\n PKCETransactionMeta,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../types';\n\nexport function createOktaAuthOAuth\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n>\n(\n StorageManagerConstructor: StorageManagerConstructor<S>,\n OptionsConstructor: OktaAuthOptionsConstructor<O>,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>\n): OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n{\n const Base = createOktaAuthBase(OptionsConstructor);\n const WithStorage = mixinStorage<S, O>(Base, StorageManagerConstructor);\n const WithHttp = mixinHttp<S, O>(WithStorage);\n const WithSession = mixinSession<S, O>(WithHttp);\n const WithOAuth = mixinOAuth<M, S, O, TM>(WithSession, TransactionManagerConstructor);\n return WithOAuth;\n}\n","\n/* global document */\n/* eslint-disable complexity, max-statements */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport {\n getOAuthUrls,\n loadFrame,\n addPostMessageListener,\n addIDPPopupLisenter\n} from './util';\n\nimport AuthSdkError from '../errors/AuthSdkError';\n\nimport {\n OktaAuthOAuthInterface,\n TokenParams,\n PopupParams,\n OAuthResponse,\n} from './types';\n\nimport { prepareTokenParams } from './util/prepareTokenParams';\nimport { buildAuthorizeParams } from './endpoints/authorize';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n/*\n * Retrieve an idToken from an Okta or a third party idp\n *\n * Two main flows:\n *\n * 1) Exchange a sessionToken for a token\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n * sessionToken: 'yourtoken'\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n *\n * Forced:\n * prompt: 'none'\n * responseMode: 'okta_post_message'\n * display: undefined\n *\n * 2) Get a token from an idp\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n * idp: defaults to Okta as an idp\n * prompt: no default. Pass 'none' to throw an error if user is not signed in\n *\n * Forced:\n * display: 'popup'\n *\n * Only common optional params shown. Any OAuth parameters not explicitly forced are available to override\n *\n * @param {Object} oauthOptions\n * @param {String} [oauthOptions.clientId] ID of this client\n * @param {String} [oauthOptions.redirectUri] URI that the iframe or popup will go to once authenticated\n * @param {String[]} [oauthOptions.scopes] OAuth 2.0 scopes to request (openid must be specified)\n * @param {String} [oauthOptions.idp] ID of an external IdP to use for user authentication\n * @param {String} [oauthOptions.sessionToken] Bootstrap Session Token returned by the Okta Authentication API\n * @param {String} [oauthOptions.prompt] Determines whether the Okta login will be displayed on failure.\n * Use 'none' to prevent this behavior\n *\n * @param {Object} options\n * @param {Integer} [options.timeout] Time in ms before the flow is automatically terminated. Defaults to 120000\n * @param {String} [options.popupTitle] Title dispayed in the popup.\n * Defaults to 'External Identity Provider User Authentication'\n */\nexport function getToken(sdk: OktaAuthOAuthInterface, options: TokenParams & PopupParams) {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getToken\" takes only a single set of options'));\n }\n\n options = options || {};\n\n // window object cannot be serialized, save for later use\n // TODO: move popup related params into a separate options object\n const popupWindow = options.popupWindow;\n options.popupWindow = undefined;\n\n return prepareTokenParams(sdk, options)\n .then(function (tokenParams: TokenParams) {\n\n // Start overriding any options that don't make sense\n var sessionTokenOverrides = {\n prompt: 'none',\n responseMode: 'okta_post_message',\n display: null\n };\n\n var idpOverrides = {\n display: 'popup'\n };\n\n if (options.sessionToken) {\n Object.assign(tokenParams, sessionTokenOverrides);\n } else if (options.idp) {\n Object.assign(tokenParams, idpOverrides);\n }\n\n // Use the query params to build the authorize url\n var requestUrl,\n endpoint,\n urls;\n\n // Get authorizeUrl and issuer\n urls = getOAuthUrls(sdk, tokenParams);\n endpoint = options.codeVerifier ? urls.tokenUrl : urls.authorizeUrl;\n requestUrl = endpoint + buildAuthorizeParams(tokenParams);\n\n // Determine the flow type\n var flowType: 'IFRAME' | 'POPUP' | 'IDP_POPUP' | 'IMPLICIT' = 'IMPLICIT';\n if (tokenParams.sessionToken || tokenParams.display === null) {\n flowType = 'IFRAME';\n }\n else if (tokenParams.display === 'popup') {\n flowType = options.idpPopup ? 'IDP_POPUP' : 'POPUP';\n }\n else {\n flowType = 'IMPLICIT';\n }\n\n // Execute the flow type\n switch (flowType) {\n case 'IFRAME':\n var iframePromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n var iframeEl = loadFrame(requestUrl);\n return iframePromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (document.body.contains(iframeEl)) {\n iframeEl.parentElement?.removeChild(iframeEl);\n }\n });\n\n case 'POPUP':\n var oauthPromise; // resolves with OAuth response\n\n // Add listener on postMessage before window creation, so\n // postMessage isn't triggered before we're listening\n if (tokenParams.responseMode === 'okta_post_message') {\n if (!sdk.features.isPopupPostMessageSupported()) {\n throw new AuthSdkError('This browser doesn\\'t have full postMessage support');\n }\n oauthPromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n }\n\n // Redirect for authorization\n // popupWindow can be null when popup is blocked\n if (popupWindow) {\n popupWindow.location.assign(requestUrl);\n }\n\n // The popup may be closed without receiving an OAuth response. Setup a poller to monitor the window.\n var popupPromise = new Promise(function (resolve, reject) {\n var closePoller = setInterval(function () {\n if (!popupWindow || popupWindow.closed) {\n clearInterval(closePoller);\n reject(new AuthSdkError('Unable to parse OAuth flow response'));\n }\n }, 100);\n\n // Proxy the OAuth promise results\n oauthPromise\n .then(function (res) {\n clearInterval(closePoller);\n resolve(res);\n })\n .catch(function (err) {\n clearInterval(closePoller);\n reject(err);\n });\n });\n\n return popupPromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (popupWindow && !popupWindow.closed) {\n popupWindow.close();\n }\n });\n\n case 'IDP_POPUP':\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var idpPromise = addIDPPopupLisenter(sdk, options.timeout, options.channel!, tokenParams.state!);\n\n // Redirect for authorization\n // popupWindow can be null when popup is blocked\n if (popupWindow) {\n popupWindow.location.assign(requestUrl);\n }\n else {\n throw new AuthSdkError('Unable to open popup window');\n }\n\n return idpPromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n });\n\n default:\n throw new AuthSdkError('The full page redirect flow is not supported');\n }\n });\n}","/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError, OAuthError, WWWAuthError, AuthApiError } from '../errors';\nimport { httpRequest } from '../http';\nimport { AccessToken, IDToken, UserClaims, isAccessToken, isIDToken, CustomUserClaims } from './types';\n\nexport async function getUserInfo<T extends CustomUserClaims = CustomUserClaims>(\n sdk, accessTokenObject: AccessToken,\n idTokenObject: IDToken\n): Promise<UserClaims<T>> {\n // If token objects were not passed, attempt to read from the TokenManager\n if (!accessTokenObject) {\n accessTokenObject = (await sdk.tokenManager.getTokens()).accessToken as AccessToken;\n }\n if (!idTokenObject) {\n idTokenObject = (await sdk.tokenManager.getTokens()).idToken as IDToken;\n }\n\n if (!accessTokenObject || !isAccessToken(accessTokenObject)) {\n return Promise.reject(new AuthSdkError('getUserInfo requires an access token object'));\n }\n\n if (!idTokenObject || !isIDToken(idTokenObject)) {\n return Promise.reject(new AuthSdkError('getUserInfo requires an ID token object'));\n }\n\n const options: any = {\n url: accessTokenObject.userinfoUrl,\n method: 'GET',\n accessToken: accessTokenObject.accessToken\n };\n\n if (sdk.options.dpop) {\n const headers = await sdk.getDPoPAuthorizationHeaders({...options, accessToken: accessTokenObject });\n options.headers = headers;\n delete options.accessToken; // unset to prevent overriding Auth header with Bearer Token\n }\n\n return httpRequest(sdk, options)\n .then(userInfo => {\n // Only return the userinfo response if subjects match to mitigate token substitution attacks\n if (userInfo.sub === idTokenObject.claims.sub) {\n return userInfo;\n }\n return Promise.reject(new AuthSdkError('getUserInfo request was rejected due to token mismatch'));\n })\n .catch(function (err) {\n // throw OAuthError to avoid breaking change (when dpop is not being used)\n if (err instanceof WWWAuthError && !sdk.options.dpop) {\n const { error, errorDescription } = err;\n throw new OAuthError(error, errorDescription);\n }\n\n // throw OAuthError to avoid breaking change (when dpop is not being used)\n if (!sdk.options.dpop) {\n let e = err;\n if (err instanceof AuthApiError && err?.meta?.wwwAuthHeader) {\n e = WWWAuthError.parseHeader(err.meta.wwwAuthHeader as string);\n }\n\n if (e instanceof WWWAuthError) {\n const { error, errorDescription } = e;\n throw new OAuthError(error, errorDescription);\n }\n }\n\n throw err;\n });\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuthOAuthInterface, TokenParams, TokenResponse } from './types';\nimport { clone } from '../util';\nimport { getToken } from './getToken';\nimport { loadPopup, generateState } from './util';\n\nexport function getWithPopup(\n sdk: OktaAuthOAuthInterface,\n options: TokenParams & { initialPath?: string }\n): Promise<TokenResponse> {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getWithPopup\" takes only a single set of options'));\n }\n\n const { initialPath, ...params } = options;\n\n // some browsers (safari, firefox) block popup if it's initialed from an async process\n // here we create the popup window immediately after user interaction\n // then redirect to the /authorize endpoint when the requestUrl is available\n const popupWindow = loadPopup(initialPath ?? '/', params);\n options = clone(params) || {};\n Object.assign(params, {\n display: 'popup',\n responseMode: 'okta_post_message',\n popupWindow\n });\n return getToken(sdk, params);\n}\n\nexport function getWithIDPPopup(\n sdk: OktaAuthOAuthInterface,\n options: Omit<TokenParams, 'redirectUri'> & { redirectUri: string }\n): { cancel: () => void, promise: Promise<TokenResponse> } {\n try {\n // eslint-disable-next-line compat/compat\n if (!BroadcastChannel) {\n throw new AuthSdkError('Modern browser with `BroadcastChannel` support is required to use this method');\n }\n\n if (!options.redirectUri) {\n throw new AuthSdkError('`redirectUri` is a required param for `getWithIDPPopup`');\n }\n\n if (!options.state) {\n options.state = generateState();\n }\n\n // some browsers (safari, firefox) block popup if it's initialed from an async process\n // here we create the popup window immediately after user interaction\n // then redirect to the /authorize endpoint when the requestUrl is available\n const popupWindow = loadPopup('/', options);\n // eslint-disable-next-line compat/compat\n const channel = new BroadcastChannel(`popup-callback:${options.state}`);\n\n options = clone(options) || {};\n Object.assign(options, {\n display: 'popup',\n responseMode: 'query',\n popupWindow,\n idpPopup: true,\n channel,\n });\n\n let cancelPromise;\n const promise = new Promise<TokenResponse>((resolve, reject) => {\n cancelPromise = reject;\n return getToken(sdk, options)\n .then((res) => resolve(res))\n .catch(err => reject(err));\n });\n\n const cancel = () => {\n channel.close();\n cancelPromise(new AuthSdkError('Popup flow canceled'));\n };\n\n return {\n promise,\n cancel\n };\n }\n catch (err) {\n return {\n promise: Promise.reject(err),\n cancel: () => {} // noop, no need to for method when error is thrown\n };\n }\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuthOAuthInterface, TokenParams } from './types';\nimport { clone } from '../util';\nimport { prepareTokenParams, createOAuthMeta } from './util';\nimport { buildAuthorizeParams } from './endpoints/authorize';\n\nexport async function getWithRedirect(sdk: OktaAuthOAuthInterface, options?: TokenParams): Promise<void> {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getWithRedirect\" takes only a single set of options'));\n }\n\n options = clone(options) || {};\n\n const tokenParams = await prepareTokenParams(sdk, options);\n const meta = createOAuthMeta(sdk, tokenParams);\n const requestUrl = meta.urls.authorizeUrl + buildAuthorizeParams(tokenParams);\n sdk.transactionManager.save(meta);\n if (sdk.options.setLocation) {\n sdk.options.setLocation(requestUrl);\n } else {\n window.location.assign(requestUrl);\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuthOAuthInterface, TokenParams, TokenResponse } from './types';\nimport { clone } from '../util';\nimport { getToken } from './getToken';\n\nexport function getWithoutPrompt(sdk: OktaAuthOAuthInterface, options: TokenParams): Promise<TokenResponse> {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getWithoutPrompt\" takes only a single set of options'));\n }\n \n options = clone(options) || {};\n Object.assign(options, {\n prompt: 'none',\n responseMode: 'okta_post_message',\n display: null\n });\n return getToken(sdk, options);\n}\n\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n\n/* eslint-disable complexity, max-statements */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { clone } from '../util';\nimport {\n getOAuthUrls,\n} from './util/oauth';\nimport { AuthSdkError, OAuthError } from '../errors';\nimport {\n OktaAuthOAuthInterface,\n TokenVerifyParams,\n IDToken,\n OAuthResponse,\n TokenParams,\n TokenResponse,\n CustomUrls,\n Tokens,\n} from './types';\nimport { verifyToken } from './verifyToken';\nimport { getDefaultTokenParams } from './util';\n\nfunction validateResponse(res: OAuthResponse, oauthParams: TokenParams) {\n if (res['error'] && res['error_description']) {\n throw new OAuthError(res['error'], res['error_description']);\n }\n\n if (res.state !== oauthParams.state) {\n throw new AuthSdkError('OAuth flow response state doesn\\'t match request state');\n }\n}\n\nexport async function handleOAuthResponse(\n sdk: OktaAuthOAuthInterface,\n tokenParams: TokenParams,\n res: OAuthResponse,\n urls?: CustomUrls\n): Promise<TokenResponse> {\n const pkce = sdk.options.pkce !== false;\n\n // The result contains an authorization_code and PKCE is enabled \n // `exchangeCodeForTokens` will call /token then call `handleOauthResponse` recursively with the result\n if (pkce && (res.code || res.interaction_code)) {\n return sdk.token.exchangeCodeForTokens(Object.assign({}, tokenParams, {\n authorizationCode: res.code,\n interactionCode: res.interaction_code\n }), urls);\n }\n\n tokenParams = tokenParams || getDefaultTokenParams(sdk);\n urls = urls || getOAuthUrls(sdk, tokenParams);\n\n let responseType = tokenParams.responseType || [];\n if (!Array.isArray(responseType) && responseType !== 'none') {\n responseType = [responseType];\n }\n\n let scopes;\n if (res.scope) {\n scopes = res.scope.split(' ');\n } else {\n scopes = clone(tokenParams.scopes);\n }\n const clientId = tokenParams.clientId || sdk.options.clientId;\n\n // Handling the result from implicit flow or PKCE token exchange\n validateResponse(res, tokenParams);\n\n if (tokenParams.dpop) {\n const { allowBearerTokens } = sdk.options?.dpopOptions ?? { allowBearerTokens: false };\n\n // https://datatracker.ietf.org/doc/html/rfc9449#token-response\n // \"A token_type of DPoP MUST be included in the access token response to signal to the client\"\n if (!allowBearerTokens && res.token_type !== 'DPoP') {\n throw new AuthSdkError('Unable to parse OAuth flow response: DPoP was configured but \"token_type\" was not DPoP');\n }\n }\n\n const tokenDict = {} as Tokens;\n const expiresIn = res.expires_in;\n const tokenType = res.token_type;\n const accessToken = res.access_token;\n const idToken = res.id_token;\n const refreshToken = res.refresh_token;\n const now = Math.floor(Date.now()/1000);\n\n if (accessToken) {\n const accessJwt = sdk.token.decode(accessToken);\n tokenDict.accessToken = {\n accessToken: accessToken,\n claims: accessJwt.payload,\n expiresAt: Number(expiresIn) + now,\n tokenType: tokenType!,\n scopes: scopes,\n authorizeUrl: urls.authorizeUrl!,\n userinfoUrl: urls.userinfoUrl!\n };\n\n if (tokenParams.dpopPairId) {\n tokenDict.accessToken.dpopPairId = tokenParams.dpopPairId;\n }\n\n if (tokenParams.extraParams) {\n tokenDict.accessToken.extraParams = tokenParams.extraParams;\n }\n }\n\n if (refreshToken) {\n tokenDict.refreshToken = {\n refreshToken: refreshToken,\n // should not be used, this is the accessToken expire time\n // TODO: remove \"expiresAt\" in the next major version OKTA-407224\n expiresAt: Number(expiresIn) + now, \n scopes: scopes,\n tokenUrl: urls.tokenUrl!,\n authorizeUrl: urls.authorizeUrl!,\n issuer: urls.issuer!,\n };\n\n if (tokenParams.dpopPairId) {\n tokenDict.refreshToken.dpopPairId = tokenParams.dpopPairId;\n }\n\n if (tokenParams.extraParams) {\n tokenDict.refreshToken.extraParams = tokenParams.extraParams;\n }\n }\n\n if (idToken) {\n const idJwt = sdk.token.decode(idToken);\n const idTokenObj: IDToken = {\n idToken: idToken,\n claims: idJwt.payload,\n expiresAt: idJwt.payload.exp! - idJwt.payload.iat! + now, // adjusting expiresAt to be in local time\n scopes: scopes,\n authorizeUrl: urls.authorizeUrl!,\n issuer: urls.issuer!,\n clientId: clientId!\n };\n\n if (tokenParams.extraParams) {\n idTokenObj.extraParams = tokenParams.extraParams;\n }\n\n const validationParams: TokenVerifyParams = {\n clientId: clientId!,\n issuer: urls.issuer!,\n nonce: tokenParams.nonce,\n accessToken: accessToken,\n acrValues: tokenParams.acrValues\n };\n\n if (tokenParams.ignoreSignature !== undefined) {\n validationParams.ignoreSignature = tokenParams.ignoreSignature;\n }\n\n await verifyToken(sdk, idTokenObj, validationParams);\n tokenDict.idToken = idTokenObj;\n }\n\n // Validate received tokens against requested response types \n if (responseType.indexOf('token') !== -1 && !tokenDict.accessToken) {\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Unable to parse OAuth flow response: response type \"token\" was requested but \"access_token\" was not returned.');\n }\n if (responseType.indexOf('id_token') !== -1 && !tokenDict.idToken) {\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Unable to parse OAuth flow response: response type \"id_token\" was requested but \"id_token\" was not returned.');\n }\n\n return {\n tokens: tokenDict,\n state: res.state!,\n code: res.code,\n responseType\n };\n \n}","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport { AuthSdkError } from '../errors';\nimport { getWellKnown } from './endpoints/well-known';\nimport { post } from '../http';\nimport { toQueryString } from '../util';\nimport { btoa } from '../crypto';\nimport { Token, TokenKind } from './types';\n\nconst hintMap = {\n accessToken: 'access_token',\n idToken: 'id_token',\n refreshToken: 'refresh_token'\n};\n\n/* eslint complexity: [2, 9] */\nexport async function oidcIntrospect (sdk, kind: TokenKind, token?: Token) {\n let issuer: string;\n let clientId: string = sdk.options.clientId;\n let clientSecret: string | undefined = sdk.options.clientSecret;\n\n if (!token) {\n token = sdk.tokenManager.getTokens()[kind];\n }\n\n if (!token) {\n throw new AuthSdkError(`unable to find ${kind} in storage or fn params`);\n }\n\n if (kind !== TokenKind.ACCESS) {\n issuer = (token as any)?.issuer;\n }\n else {\n issuer = (token as any)?.claims?.iss;\n }\n issuer = issuer || sdk.options.issuer;\n\n if (!clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to introspect a token');\n }\n if (!issuer) {\n throw new AuthSdkError('Unable to find issuer');\n }\n\n const { introspection_endpoint: introspectUrl } = await getWellKnown(sdk, issuer);\n const authHeader = clientSecret ? btoa(`${clientId}:${clientSecret}`) : btoa(clientId);\n const args = toQueryString({\n // eslint-disable-next-line camelcase\n token_type_hint: hintMap[kind],\n token: token[kind] // extract raw token string from token object\n }).slice(1);\n return post(sdk, introspectUrl, args, {\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n 'Authorization': 'Basic ' + authHeader\n }\n });\n}\n","import superPropBase from \"./superPropBase.js\";\nfunction _get() {\n return _get = \"undefined\" != typeof Reflect && Reflect.get ? Reflect.get.bind() : function (e, t, r) {\n var p = superPropBase(e, t);\n if (p) {\n var n = Object.getOwnPropertyDescriptor(p, t);\n return n.get ? n.get.call(arguments.length < 3 ? e : r) : n.value;\n }\n }, _get.apply(null, arguments);\n}\nexport { _get as default };","import getPrototypeOf from \"./getPrototypeOf.js\";\nfunction _superPropBase(t, o) {\n for (; !{}.hasOwnProperty.call(t, o) && null !== (t = getPrototypeOf(t)););\n return t;\n}\nexport { _superPropBase as default };","import { httpRequest, RequestOptions } from '../../http';\nimport { OktaAuthConstructor } from '../../base/types';\nimport { \n PromiseQueue,\n isFunction\n} from '../../util';\nimport { CryptoAPI } from '../../crypto/types';\nimport * as crypto from '../../crypto';\nimport {\n AccessToken,\n CustomUserClaims,\n IDToken,\n IsAuthenticatedOptions,\n OAuthResponseType,\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PkceAPI,\n PKCETransactionMeta,\n RefreshToken,\n SigninWithRedirectOptions,\n SignoutOptions,\n SignoutRedirectUrlOptions,\n TokenAPI,\n TransactionManagerInterface,\n TransactionManagerConstructor,\n UserClaims,\n Endpoints,\n DPoPRequest,\n DPoPHeaders\n} from '../types';\nimport PKCE from '../util/pkce';\nimport { createEndpoints, createTokenAPI } from '../factory/api';\nimport { TokenManager } from '../TokenManager';\nimport { getOAuthUrls, isLoginRedirect, hasResponseType } from '../util';\nimport { \n generateDPoPProof,\n clearDPoPKeyPair,\n clearAllDPoPKeyPairs,\n clearDPoPKeyPairAfterRevoke,\n findKeyPair,\n isDPoPNonceError\n} from '../dpop';\nimport { AuthSdkError, WWWAuthError } from '../../errors';\n\nimport { OktaAuthSessionInterface } from '../../session/types';\nimport { provideOriginalUri } from './node';\nexport function mixinOAuth\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n = OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n>\n(\n Base: TBase,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>,\n): TBase & OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n{\n const WithOriginalUri = provideOriginalUri(Base);\n return class OktaAuthOAuth extends WithOriginalUri\n implements OktaAuthOAuthInterface<M, S, O, TM>\n {\n static crypto: CryptoAPI = crypto;\n token: TokenAPI;\n tokenManager: TokenManager;\n transactionManager: TM;\n pkce: PkceAPI;\n endpoints: Endpoints;\n\n _pending: { handleLogin: boolean };\n _tokenQueue: PromiseQueue;\n \n constructor(...args: any[]) {\n super(...args);\n\n this.transactionManager = new TransactionManagerConstructor(Object.assign({\n storageManager: this.storageManager,\n }, this.options.transactionManager));\n \n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n \n this._pending = { handleLogin: false };\n\n this._tokenQueue = new PromiseQueue();\n\n this.token = createTokenAPI(this, this._tokenQueue);\n\n // TokenManager\n this.tokenManager = new TokenManager(this, this.options.tokenManager);\n\n this.endpoints = createEndpoints(this);\n }\n\n // inherited from subclass\n clearStorage(): void {\n super.clearStorage();\n \n // Clear all local tokens\n this.tokenManager.clear();\n }\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n // eslint-disable-next-line complexity\n async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n let { accessToken } = this.tokenManager.getTokensSync();\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = undefined;\n if (shouldRenew) {\n try {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n let { idToken } = this.tokenManager.getTokensSync();\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = undefined;\n if (shouldRenew) {\n try {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n\n async getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n \n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n \n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n \n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n\n async getOrRenewAccessToken(): Promise<string | null> {\n const { accessToken } = this.tokenManager.getTokensSync();\n if (accessToken && !this.tokenManager.hasExpired(accessToken)) {\n return accessToken.accessToken;\n }\n try {\n const key = this.tokenManager.getStorageKeyByType('accessToken');\n const token = await this.tokenManager.renew(key ?? 'accessToken');\n return (token as AccessToken)?.accessToken ?? null;\n }\n catch (err) {\n this.emitter.emit('error', err);\n return null;\n }\n }\n \n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens, responseType } = await this.token.parseFromUrl();\n if (responseType !== 'none') {\n this.tokenManager.setTokens(tokens);\n }\n }\n \n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n\n hasResponseType(responseType: OAuthResponseType): boolean {\n return hasResponseType(responseType, this.options);\n }\n \n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // Escape hatch method to make arbitrary OKTA API call\n async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n if (!options.accessToken) {\n const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n options.accessToken = accessToken?.accessToken;\n }\n return httpRequest(this, options);\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n if (!accessToken) {\n const tokens = await this.tokenManager.getTokens();\n accessToken = tokens.accessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n\n if (this.options.dpop) {\n await clearDPoPKeyPairAfterRevoke('access', tokens);\n }\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n if (!refreshToken) {\n const tokens = await this.tokenManager.getTokens();\n refreshToken = tokens.refreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n\n if (this.options.dpop) {\n await clearDPoPKeyPairAfterRevoke('refresh', tokens);\n }\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (postLogoutRedirectUri === undefined) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n // eslint-disable-next-line complexity, max-statements\n async signOut(options?: SignoutOptions): Promise<boolean> {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n const defaultUri = window.location.origin;\n const currentUri = window.location.href;\n // Fix for issue/1410 - allow for no postLogoutRedirectUri to be passed, resulting in /logout default behavior\n // \"If no Okta session exists, this endpoint has no effect and the browser is redirected immediately to the\n // Okta sign-in page or the post_logout_redirect_uri (if specified).\"\n // - https://developer.okta.com/docs/reference/api/oidc/#logout\n const postLogoutRedirectUri = options.postLogoutRedirectUri === null ? null :\n (options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri);\n const state = options?.state;\n \n \n let accessToken = options.accessToken;\n let refreshToken = options.refreshToken;\n const revokeAccessToken = options.revokeAccessToken !== false;\n const revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const dpopPairId = accessToken?.dpopPairId ?? refreshToken?.dpopPairId;\n if (this.options.dpop && dpopPairId) {\n await clearDPoPKeyPair(dpopPairId);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n // local tokens are cleared once session is closed\n const sessionClosed = await this.closeSession(); // can throw if the user cannot be signed out\n const redirectUri = new URL(postLogoutRedirectUri || defaultUri); // during fallback, redirectUri cannot be null\n if (state) {\n redirectUri.searchParams.append('state', state);\n }\n if (postLogoutRedirectUri === currentUri) {\n // window.location.reload(); // force a hard reload if URI is not changing\n window.location.href = redirectUri.href;\n } else {\n window.location.assign(redirectUri.href);\n }\n return sessionClosed;\n } else {\n if (options.clearTokensBeforeRedirect) {\n // Clear all local tokens\n this.tokenManager.clear();\n } else {\n this.tokenManager.addPendingRemoveFlags();\n }\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n return true;\n }\n }\n\n async getDPoPAuthorizationHeaders (params: DPoPRequest): Promise<DPoPHeaders> {\n if (!this.options.dpop) {\n throw new AuthSdkError('DPoP is not configured for this client instance');\n }\n\n let { accessToken } = params;\n if (!accessToken) {\n accessToken = (this.tokenManager.getTokensSync()).accessToken;\n }\n\n if (!accessToken) {\n throw new AuthSdkError('AccessToken is required to generate a DPoP Proof');\n }\n\n const keyPair = await findKeyPair(accessToken?.dpopPairId);\n const proof = await generateDPoPProof({...params, keyPair, accessToken: accessToken.accessToken});\n return {\n Authorization: `DPoP ${accessToken.accessToken}`,\n Dpop: proof\n };\n }\n\n async clearDPoPStorage (clearAll=false): Promise<void> {\n if (clearAll) {\n return clearAllDPoPKeyPairs();\n }\n\n const tokens = await this.tokenManager.getTokens();\n const keyPair = tokens.accessToken?.dpopPairId || tokens.refreshToken?.dpopPairId;\n\n if (keyPair) {\n await clearDPoPKeyPair(keyPair);\n }\n }\n\n parseUseDPoPNonceError (headers: HeadersInit): string | null {\n const wwwAuth = WWWAuthError.getWWWAuthenticateHeader(headers);\n const wwwErr = WWWAuthError.parseHeader(wwwAuth ?? '');\n if (isDPoPNonceError(wwwErr)) {\n let nonce: string | null = null;\n if (isFunction((headers as Headers)?.get)) {\n nonce = (headers as Headers).get('DPoP-Nonce');\n }\n nonce = nonce ?? headers['dpop-nonce'] ?? headers['DPoP-Nonce'];\n return nonce;\n }\n\n return null;\n }\n };\n\n}\n","import { REFERRER_PATH_STORAGE_KEY } from '../../constants';\nimport browserStorage from '../../browser/browserStorage';\nimport { OktaAuthStorageInterface } from '../../storage';\nimport { OktaAuthConstructor } from '../../base';\nimport {\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthOptions,\n OriginalUriApi,\n PKCETransactionMeta,\n} from '../types';\n\nexport function provideOriginalUri\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TBase extends OktaAuthConstructor<OktaAuthStorageInterface<S, O>>\n = OktaAuthConstructor<OktaAuthStorageInterface<S, O>> \n>\n(BaseClass: TBase) {\n return class WithOriginalUri extends BaseClass implements OriginalUriApi {\n setOriginalUri(originalUri: string, state?: string): void {\n // always store in session storage\n const sessionStorage = browserStorage.getSessionStorage();\n sessionStorage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n \n // to support multi-tab flows, set a state in constructor or pass as param\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.setItem(state, originalUri);\n }\n }\n \n getOriginalUri(state?: string): string | undefined {\n // Prefer shared storage (if state is available)\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n const originalUri = sharedStorage.getItem(state);\n if (originalUri) {\n return originalUri;\n }\n }\n \n // Try to load from session storage\n const storage = browserStorage.getSessionStorage();\n return storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) || undefined : undefined;\n }\n \n removeOriginalUri(state?: string): void {\n // Remove from sessionStorage\n const storage = browserStorage.getSessionStorage();\n storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n \n // Also remove from shared storage\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.removeItem && sharedStorage.removeItem(state);\n }\n }\n };\n}\n","export const enableSharedStorage = true;\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { DEFAULT_MAX_CLOCK_SKEW } from '../../constants';\nimport { removeTrailingSlash, toAbsoluteUrl } from '../../util/url';\nimport { isBrowser } from '../../features';\nimport { createHttpOptionsConstructor } from '../../http/options';\nimport {\n OAuthResponseMode,\n OAuthResponseType,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n SetLocationFunction,\n TokenManagerOptions,\n TransactionManagerOptions,\n DPoPOptions\n} from '../types';\nimport { enableSharedStorage } from './node';\nimport AuthSdkError from '../../errors/AuthSdkError';\n\nfunction assertValidConfig(args) {\n args = args || {};\n\n var scopes = args.scopes;\n if (scopes && !Array.isArray(scopes)) {\n throw new AuthSdkError('scopes must be a array of strings. ' +\n 'Required usage: new OktaAuth({scopes: [\"openid\", \"email\"]})');\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var issuer = args.issuer!;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.okta') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nexport function createOAuthOptionsConstructor() {\n const HttpOptionsConstructor = createHttpOptionsConstructor();\n return class OAuthOptionsConstructor\n extends HttpOptionsConstructor\n implements Required<OktaAuthOAuthOptions>\n {\n // CustomUrls\n issuer: string;\n authorizeUrl: string;\n userinfoUrl: string;\n tokenUrl: string;\n revokeUrl: string;\n logoutUrl: string;\n \n // TokenParams\n pkce: boolean;\n clientId: string;\n redirectUri: string;\n responseType: OAuthResponseType | OAuthResponseType[];\n responseMode: OAuthResponseMode;\n state: string;\n scopes: string[];\n ignoreSignature: boolean;\n codeChallenge: string;\n codeChallengeMethod: string;\n acrValues: string;\n maxAge: string | number;\n dpop: boolean;\n dpopOptions: DPoPOptions;\n\n // Additional options\n tokenManager: TokenManagerOptions;\n postLogoutRedirectUri: string;\n restoreOriginalUri: (oktaAuth: OktaAuthOAuthInterface, originalUri?: string) => Promise<void>;\n transactionManager: TransactionManagerOptions;\n\n // For server-side web applications ONLY!\n clientSecret: string;\n setLocation: SetLocationFunction;\n\n // Workaround for bad client time/clock\n ignoreLifetime: boolean;\n maxClockSkew: number;\n\n\n // eslint-disable-next-line max-statements\n constructor(options: any) {\n super(options);\n \n assertValidConfig(options);\n \n this.issuer = removeTrailingSlash(options.issuer);\n this.tokenUrl = removeTrailingSlash(options.tokenUrl);\n this.authorizeUrl = removeTrailingSlash(options.authorizeUrl);\n this.userinfoUrl = removeTrailingSlash(options.userinfoUrl);\n this.revokeUrl = removeTrailingSlash(options.revokeUrl);\n this.logoutUrl = removeTrailingSlash(options.logoutUrl);\n\n this.pkce = options.pkce === false ? false : true; // PKCE defaults to true\n this.clientId = options.clientId;\n this.redirectUri = options.redirectUri;\n if (isBrowser()) {\n this.redirectUri = toAbsoluteUrl(options.redirectUri, window.location.origin); // allow relative URIs\n }\n this.responseType = options.responseType;\n this.responseMode = options.responseMode;\n this.state = options.state;\n this.scopes = options.scopes;\n // Give the developer the ability to disable token signature validation.\n this.ignoreSignature = !!options.ignoreSignature;\n this.codeChallenge = options.codeChallenge;\n this.codeChallengeMethod = options.codeChallengeMethod;\n this.acrValues = options.acrValues;\n this.maxAge = options.maxAge;\n this.dpop = options.dpop === true; // dpop defaults to false\n this.dpopOptions = {\n allowBearerTokens: false,\n ...options.dpopOptions,\n };\n\n this.tokenManager = options.tokenManager;\n this.postLogoutRedirectUri = options.postLogoutRedirectUri;\n this.restoreOriginalUri = options.restoreOriginalUri;\n this.transactionManager = { enableSharedStorage, ...options.transactionManager };\n \n this.clientSecret = options.clientSecret;\n this.setLocation = options.setLocation;\n \n // As some end user's devices can have their date \n // and time incorrectly set, allow for the disabling\n // of the jwt liftetime validation\n this.ignoreLifetime = !!options.ignoreLifetime;\n\n // Digital clocks will drift over time, so the server\n // can misalign with the time reported by the browser.\n // The maxClockSkew allows relaxing the time-based\n // validation of tokens (in seconds, not milliseconds).\n // It currently defaults to 300, because 5 min is the\n // default maximum tolerance allowed by Kerberos.\n // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n if (!options.maxClockSkew && options.maxClockSkew !== 0) {\n this.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n } else {\n this.maxClockSkew = options.maxClockSkew;\n }\n\n }\n };\n}\n","/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { isInteractionRequiredError, urlParamsToObject } from './util';\nimport {\n ParseFromUrlOptions,\n TokenResponse,\n CustomUrls,\n TransactionMeta,\n OAuthResponse\n} from './types';\nimport { isString } from '../util';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n\nfunction removeHash(sdk) {\n var nativeHistory = sdk.token.parseFromUrl._getHistory();\n var nativeDoc = sdk.token.parseFromUrl._getDocument();\n var nativeLoc = sdk.token.parseFromUrl._getLocation();\n if (nativeHistory && nativeHistory.replaceState) {\n nativeHistory.replaceState(null, nativeDoc.title, nativeLoc.pathname + nativeLoc.search);\n } else {\n nativeLoc.hash = '';\n }\n}\n\nfunction removeSearch(sdk) {\n var nativeHistory = sdk.token.parseFromUrl._getHistory();\n var nativeDoc = sdk.token.parseFromUrl._getDocument();\n var nativeLoc = sdk.token.parseFromUrl._getLocation();\n if (nativeHistory && nativeHistory.replaceState) {\n nativeHistory.replaceState(null, nativeDoc.title, nativeLoc.pathname + nativeLoc.hash);\n } else {\n nativeLoc.search = '';\n }\n}\n\nexport function getResponseMode(sdk): 'query' | 'fragment' {\n // https://openid.net/specs/openid-connect-core-1_0.html#Authentication\n var defaultResponseMode = sdk.options.pkce ? 'query' : 'fragment';\n var responseMode = sdk.options.responseMode || defaultResponseMode;\n return responseMode;\n}\n\nexport function parseOAuthResponseFromUrl(sdk, options: string | ParseFromUrlOptions): OAuthResponse {\n options = options || {};\n if (isString(options)) {\n options = { url: options } as ParseFromUrlOptions;\n } else {\n options = options as ParseFromUrlOptions;\n }\n\n var url = options.url;\n var responseMode = options.responseMode || getResponseMode(sdk);\n var nativeLoc = sdk.token.parseFromUrl._getLocation();\n var paramStr;\n\n if (responseMode === 'query') {\n paramStr = url ? url.substring(url.indexOf('?')) : nativeLoc.search;\n } else {\n paramStr = url ? url.substring(url.indexOf('#')) : nativeLoc.hash;\n }\n\n if (!paramStr) {\n throw new AuthSdkError('Unable to parse a token from the url');\n }\n\n return urlParamsToObject(paramStr);\n}\n\nexport function cleanOAuthResponseFromUrl(sdk, options: ParseFromUrlOptions) {\n // Clean hash or search from the url\n const responseMode = options.responseMode || getResponseMode(sdk);\n responseMode === 'query' ? removeSearch(sdk) : removeHash(sdk);\n}\n\nexport async function parseFromUrl(sdk, options?: string | ParseFromUrlOptions): Promise<TokenResponse> {\n options = options || {};\n if (isString(options)) {\n options = { url: options } as ParseFromUrlOptions;\n } else {\n options = options as ParseFromUrlOptions;\n }\n\n const res: OAuthResponse = parseOAuthResponseFromUrl(sdk, options);\n const state = res.state;\n const oauthParams: TransactionMeta = sdk.transactionManager.load({\n state\n });\n if (!oauthParams) {\n if (sdk.options.pkce) {\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n }\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n }\n const urls: CustomUrls = oauthParams.urls as CustomUrls;\n delete oauthParams.urls;\n\n if (!options.url) {\n // Clean hash or search from the url\n cleanOAuthResponseFromUrl(sdk, options);\n }\n\n return handleOAuthResponse(sdk, oauthParams, res, urls)\n .catch(err => {\n if (!isInteractionRequiredError(err)) {\n sdk.transactionManager.clear({\n state\n });\n }\n throw err;\n })\n .then(res => {\n sdk.transactionManager.clear({\n state\n });\n return res;\n });\n\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuthOAuthInterface, Token, Tokens, isAccessToken, AccessToken, IDToken, isIDToken } from './types';\nimport { getWithoutPrompt } from './getWithoutPrompt';\nimport { renewTokensWithRefresh } from './renewTokensWithRefresh';\n\nfunction throwInvalidTokenError() {\n throw new AuthSdkError(\n 'Renew must be passed a token with an array of scopes and an accessToken or idToken'\n );\n}\n\n// Multiple tokens may have come back. Return only the token which was requested.\nfunction getSingleToken(originalToken: Token, tokens: Tokens) {\n if (isIDToken(originalToken)) {\n return tokens.idToken;\n }\n if (isAccessToken(originalToken)) {\n return tokens.accessToken;\n }\n throwInvalidTokenError();\n}\n\n// If we have a refresh token, renew using that, otherwise getWithoutPrompt\nexport async function renewToken(sdk: OktaAuthOAuthInterface, token: Token): Promise<Token | undefined> {\n if (!isIDToken(token) && !isAccessToken(token)) {\n throwInvalidTokenError();\n }\n\n let tokens = sdk.tokenManager.getTokensSync();\n if (tokens.refreshToken) {\n tokens = await renewTokensWithRefresh(sdk, {\n scopes: token.scopes,\n }, tokens.refreshToken);\n return getSingleToken(token, tokens);\n }\n\n var responseType;\n if (sdk.options.pkce) {\n responseType = 'code';\n } else if (isAccessToken(token)) {\n responseType = 'token';\n } else {\n responseType = 'id_token';\n }\n\n const { scopes, authorizeUrl, userinfoUrl, issuer, dpopPairId, extraParams } = token as (AccessToken & IDToken);\n return getWithoutPrompt(sdk, {\n responseType,\n scopes,\n authorizeUrl,\n userinfoUrl,\n issuer,\n dpopPairId,\n extraParams\n })\n .then(function (res) {\n return getSingleToken(token, res.tokens);\n });\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { RenewTokensParams, Tokens } from './types';\nimport { getWithoutPrompt } from './getWithoutPrompt';\nimport { renewTokensWithRefresh } from './renewTokensWithRefresh';\nimport { getDefaultTokenParams } from './util';\n\n// If we have a refresh token, renew using that, otherwise getWithoutPrompt\n// eslint-disable-next-line complexity\nexport async function renewTokens(sdk, options?: RenewTokensParams): Promise<Tokens> {\n const tokens = options?.tokens ?? sdk.tokenManager.getTokensSync();\n if (tokens.refreshToken) {\n return renewTokensWithRefresh(sdk, options || {}, tokens.refreshToken);\n }\n\n if (!tokens.accessToken && !tokens.idToken) {\n throw new AuthSdkError('renewTokens() was called but there is no existing token');\n }\n\n const accessToken = tokens.accessToken || {};\n const idToken = tokens.idToken || {};\n const scopes = accessToken.scopes || idToken.scopes;\n if (!scopes) {\n throw new AuthSdkError('renewTokens: invalid tokens: could not read scopes');\n }\n const authorizeUrl = accessToken.authorizeUrl || idToken.authorizeUrl;\n if (!authorizeUrl) {\n throw new AuthSdkError('renewTokens: invalid tokens: could not read authorizeUrl');\n }\n const userinfoUrl = accessToken.userinfoUrl || sdk.options.userinfoUrl;\n const issuer = idToken.issuer || sdk.options.issuer;\n const dpopPairId = accessToken?.dpopPairId;\n const extraParams = accessToken?.extraParams || idToken?.extraParams;\n\n // Get tokens using the SSO cookie\n options = Object.assign({\n scopes,\n authorizeUrl,\n userinfoUrl,\n issuer,\n dpopPairId,\n extraParams\n }, options);\n\n if (sdk.options.pkce) {\n options.responseType = 'code';\n } else {\n const { responseType } = getDefaultTokenParams(sdk);\n options.responseType = responseType;\n }\n\n return getWithoutPrompt(sdk, options)\n .then(res => res.tokens);\n \n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { getOAuthUrls } from './util/oauth';\nimport { isSameRefreshToken } from './util/refreshToken';\nimport { OktaAuthOAuthInterface, TokenParams, RefreshToken, Tokens } from './types';\nimport { handleOAuthResponse } from './handleOAuthResponse';\nimport { TokenEndpointParams, postRefreshToken } from './endpoints/token';\nimport { findKeyPair } from './dpop';\nimport { isRefreshTokenInvalidError } from './util/errors';\n\n/* eslint complexity:[0,8] */\nexport async function renewTokensWithRefresh(\n sdk: OktaAuthOAuthInterface,\n tokenParams: TokenParams,\n refreshTokenObject: RefreshToken\n): Promise<Tokens> {\n const { clientId, dpop } = sdk.options;\n if (!clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to renew tokens');\n }\n\n try {\n const renewTokenParams: TokenParams = Object.assign({}, tokenParams, { clientId });\n\n if (refreshTokenObject.extraParams) {\n renewTokenParams.extraParams = refreshTokenObject.extraParams;\n }\n\n const endpointParams: TokenEndpointParams = {...renewTokenParams};\n\n if (dpop) {\n const keyPair = await findKeyPair(refreshTokenObject?.dpopPairId); // will throw if KP cannot be found\n endpointParams.dpopKeyPair = keyPair;\n renewTokenParams.dpop = dpop;\n renewTokenParams.dpopPairId = refreshTokenObject.dpopPairId;\n }\n\n const tokenResponse = await postRefreshToken(sdk, endpointParams, refreshTokenObject);\n const urls = getOAuthUrls(sdk, tokenParams);\n const { tokens } = await handleOAuthResponse(sdk, renewTokenParams, tokenResponse, urls);\n\n // Support rotating refresh tokens\n const { refreshToken } = tokens;\n if (refreshToken && !isSameRefreshToken(refreshToken, refreshTokenObject)) {\n sdk.tokenManager.updateRefreshToken(refreshToken);\n }\n\n return tokens;\n }\n catch (err) {\n if (isRefreshTokenInvalidError(err)) {\n // if the refresh token is invalid, remove it from storage\n sdk.tokenManager.removeRefreshToken();\n }\n throw err;\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint complexity:[0,8] */\nimport { post } from '../http';\nimport { toQueryString } from '../util';\nimport {\n getOAuthUrls,\n} from './util/oauth';\nimport { btoa } from '../crypto';\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n OktaAuthOAuthInterface,\n RevocableToken,\n AccessToken,\n RefreshToken\n} from './types';\n\n// refresh tokens have precedence to be revoked if no token is specified\nexport async function revokeToken(sdk: OktaAuthOAuthInterface, token: RevocableToken): Promise<any> {\n let accessToken = '';\n let refreshToken = '';\n if (token) { \n accessToken = (token as AccessToken).accessToken;\n refreshToken = (token as RefreshToken).refreshToken; \n }\n if(!accessToken && !refreshToken) { \n throw new AuthSdkError('A valid access or refresh token object is required');\n }\n var clientId = sdk.options.clientId;\n var clientSecret = sdk.options.clientSecret;\n if (!clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to revoke a token');\n }\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var revokeUrl = getOAuthUrls(sdk).revokeUrl!;\n var args = toQueryString({\n // eslint-disable-next-line camelcase\n token_type_hint: refreshToken ? 'refresh_token' : 'access_token', \n token: refreshToken || accessToken,\n }).slice(1);\n var creds = clientSecret ? btoa(`${clientId}:${clientSecret}`) : btoa(clientId);\n return post(sdk, revokeUrl, args, {\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n 'Authorization': 'Basic ' + creds\n }\n });\n}\n","import {\n CookieOptions,\n StorageManagerOptions,\n StorageOptions,\n StorageUtil\n} from '../storage/types';\nimport { BaseStorageManager, logServerSideMemoryStorageWarning } from '../storage/BaseStorageManager';\nimport { TransactionStorage, OAuthTransactionMeta, OAuthStorageManagerInterface, PKCETransactionMeta } from './types';\nimport { SavedObject } from '../storage';\nimport { ORIGINAL_URI_STORAGE_NAME, SHARED_TRANSACTION_STORAGE_NAME, TRANSACTION_STORAGE_NAME } from '../constants';\n\n\nexport function createOAuthStorageManager<M extends OAuthTransactionMeta = PKCETransactionMeta>()\n{\n return class OAuthStorageManager\n extends BaseStorageManager\n implements OAuthStorageManagerInterface<M>\n {\n constructor(storageManagerOptions: StorageManagerOptions, cookieOptions: CookieOptions, storageUtil: StorageUtil) {\n super(storageManagerOptions, cookieOptions, storageUtil);\n }\n\n getTransactionStorage(options?: StorageOptions): TransactionStorage<M> {\n options = this.getOptionsForSection('transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getSharedTansactionStorage(options?: StorageOptions): TransactionStorage<M> {\n options = this.getOptionsForSection('shared-transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || SHARED_TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getOriginalUriStorage(options?: StorageOptions): TransactionStorage<M> {\n options = this.getOptionsForSection('original-uri', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || ORIGINAL_URI_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n };\n\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { UserClaims } from './UserClaims';\n\nexport interface AbstractToken {\n expiresAt: number;\n authorizeUrl: string;\n scopes: string[];\n pendingRemove?: boolean;\n extraParams?: Record<string, string>;\n}\n\nexport interface AccessToken extends AbstractToken {\n accessToken: string;\n claims: UserClaims;\n tokenType: string;\n userinfoUrl: string;\n dpopPairId?: string;\n}\n\nexport interface RefreshToken extends AbstractToken {\n refreshToken: string;\n tokenUrl: string;\n issuer: string;\n dpopPairId?: string;\n}\n\nexport interface IDToken extends AbstractToken {\n idToken: string;\n claims: UserClaims;\n issuer: string;\n clientId: string;\n}\n\nexport type Token = AccessToken | IDToken | RefreshToken;\nexport type RevocableToken = AccessToken | RefreshToken;\n\nexport type TokenType = 'accessToken' | 'idToken' | 'refreshToken';\nexport enum TokenKind {\n ACCESS = 'accessToken',\n ID = 'idToken',\n REFRESH = 'refreshToken',\n}\n\nexport function isToken(obj: any): obj is Token {\n if (obj &&\n (obj.accessToken || obj.idToken || obj.refreshToken) &&\n Array.isArray(obj.scopes)) {\n return true;\n }\n return false;\n}\n\nexport function isAccessToken(obj: any): obj is AccessToken {\n return obj && obj.accessToken;\n}\n\nexport function isIDToken(obj: any): obj is IDToken {\n return obj && obj.idToken;\n}\n\nexport function isRefreshToken(obj: any): obj is RefreshToken {\n return obj && obj.refreshToken;\n}\n\nexport interface Tokens {\n accessToken?: AccessToken;\n idToken?: IDToken;\n refreshToken?: RefreshToken;\n}\n","/* eslint-disable max-len */\nimport { StorageProvider } from '../../storage/types';\nimport { TokenManagerOptions } from './options';\nimport { AccessToken, IDToken, RefreshToken, Token, Tokens, TokenType } from './Token';\n\nexport interface TokenManagerError {\n errorSummary: string;\n errorCode: string;\n message: string;\n name: string;\n tokenKey: string;\n}\n\nexport declare type AccessTokenCallback = (key: string, token: AccessToken) => void;\nexport declare type IDTokenCallback = (key: string, token: IDToken) => void;\nexport declare type RefreshTokenCallback = (key: string, token: RefreshToken) => void;\n\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\nexport const EVENT_SET_STORAGE = 'set_storage';\n\nexport declare type TokenManagerErrorEventHandler = (error: TokenManagerError) => void;\nexport declare type TokenManagerEventHandler = (key: string, token: Token) => void;\nexport declare type TokenManagerRenewEventHandler = (key: string, token: Token, oldtoken: Token) => void;\nexport declare type TokenManagerSetStorageEventHandler = (storage: Tokens) => void;\n\nexport declare type TokenManagerAnyEventHandler = TokenManagerErrorEventHandler | TokenManagerRenewEventHandler | TokenManagerSetStorageEventHandler | TokenManagerEventHandler;\nexport declare type TokenManagerAnyEvent = typeof EVENT_RENEWED | typeof EVENT_ERROR | typeof EVENT_SET_STORAGE | typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED;\n\n// only add methods needed internally\nexport interface TokenManagerInterface {\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler: TokenManagerEventHandler, context?: object): void;\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler?: TokenManagerEventHandler): void;\n\n clear(): void;\n setExpireEventTimeout(key: string, token: Token): void;\n clearExpireEventTimeout(key: string): void;\n clearExpireEventTimeoutAll(): void;\n emitAdded(key: string, token: Token): void;\n emitError(error: Error): void;\n emitRemoved(key: string, token: Token): void;\n emitRenewed(key: string, token: Token, oldToken?: Token): void;\n renew(key: string): Promise<Token | undefined>;\n remove(key: string): void;\n hasExpired(token: Token): boolean;\n getExpireTime(token: Token): number;\n\n get(key): Promise<Token | undefined>;\n getSync(key): Token | undefined;\n getTokens(): Promise<Tokens>;\n getTokensSync(): Tokens;\n setTokens({ accessToken, idToken, refreshToken }: Tokens, accessTokenCb?: AccessTokenCallback, idTokenCb?: IDTokenCallback, refreshTokenCb?: RefreshTokenCallback): void;\n getStorageKeyByType(type: TokenType): string;\n add(key: any, token: Token): void;\n updateRefreshToken(token: RefreshToken);\n removeRefreshToken(): void;\n clearPendingRemoveTokens(): void;\n\n getOptions(): TokenManagerOptions;\n getStorage(): StorageProvider;\n\n start();\n stop();\n isStarted(): boolean;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { IdxTransactionMeta } from '../../idx/types/meta';\nimport { OAuthTransactionMeta, PKCETransactionMeta } from './meta';\nimport { OAuthStorageManagerInterface } from './storage';\n\nexport interface TransactionManagerOptions\n{\n storageManager?: OAuthStorageManagerInterface;\n enableSharedStorage?: boolean; // default true\n saveNonceCookie?: boolean; // default true\n saveStateCookie?: boolean; // default true\n saveParamsCookie?: boolean; // default true\n saveLastResponse?: boolean; // default true\n}\n\n\nexport type CustomAuthTransactionMeta = Record<string, string | undefined>;\n\nexport type TransactionMeta =\n IdxTransactionMeta |\n PKCETransactionMeta |\n OAuthTransactionMeta |\n CustomAuthTransactionMeta;\n\n\nfunction isObjectWithProperties(obj) {\n if (!obj || typeof obj !== 'object' || Object.values(obj).length === 0) {\n return false;\n }\n return true;\n}\n\nexport function isOAuthTransactionMeta(obj: any): obj is OAuthTransactionMeta {\n if (!isObjectWithProperties(obj)) {\n return false;\n }\n return !!obj.redirectUri || !!obj.responseType;\n}\n\nexport function isPKCETransactionMeta(obj: any): obj is PKCETransactionMeta {\n if (!isOAuthTransactionMeta(obj)) {\n return false;\n }\n return !!(obj as any).codeVerifier;\n}\n\nexport function isIdxTransactionMeta(obj: any): obj is IdxTransactionMeta {\n if (!isPKCETransactionMeta(obj)) {\n return false;\n }\n return !!(obj as any).interactionHandle;\n}\n\nexport function isCustomAuthTransactionMeta(obj: any): obj is CustomAuthTransactionMeta {\n if (!isObjectWithProperties(obj)) {\n return false;\n }\n const isAllStringValues = Object.values(obj).find((value) => (typeof value !== 'string')) === undefined;\n return isAllStringValues;\n}\n\nexport function isTransactionMeta(obj: any): obj is TransactionMeta {\n if (isOAuthTransactionMeta(obj) || isCustomAuthTransactionMeta(obj)) {\n return true;\n }\n return false;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window, document */\n/* eslint-disable complexity, max-statements */\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface } from '../types';\n\nconst DEFAULT_TIMEOUT = 120000;\n\nexport function addListener(eventTarget, name, fn) {\n if (eventTarget.addEventListener) {\n eventTarget.addEventListener(name, fn);\n } else {\n eventTarget.attachEvent('on' + name, fn);\n }\n}\n\nexport function removeListener(eventTarget, name, fn) {\n if (eventTarget.removeEventListener) {\n eventTarget.removeEventListener(name, fn);\n } else {\n eventTarget.detachEvent('on' + name, fn);\n }\n}\n\nexport function loadFrame(src) {\n var iframe = document.createElement('iframe');\n iframe.style.display = 'none';\n iframe.src = src;\n\n return document.body.appendChild(iframe);\n}\n\nexport function loadPopup(src, options) {\n var title = options.popupTitle || 'External Identity Provider User Authentication';\n var appearance = 'toolbar=no, scrollbars=yes, resizable=yes, ' +\n 'top=100, left=500, width=600, height=600';\n return window.open(src, title, appearance);\n}\n\nexport function addPostMessageListener(sdk: OktaAuthOAuthInterface, timeout, state) {\n var responseHandler;\n var timeoutId;\n var msgReceivedOrTimeout = new Promise(function (resolve, reject) {\n\n responseHandler = function responseHandler(e) {\n if (!e.data || e.data.state !== state) {\n // A message not meant for us\n return;\n }\n\n // Configuration mismatch between saved token and current app instance\n // This may happen if apps with different issuers are running on the same host url\n // If they share the same storage key, they may read and write tokens in the same location.\n // Common when developing against http://localhost\n if (e.origin !== sdk.getIssuerOrigin()) {\n return reject(new AuthSdkError('The request does not match client configuration'));\n }\n resolve(e.data);\n };\n\n addListener(window, 'message', responseHandler);\n\n timeoutId = setTimeout(function () {\n reject(new AuthSdkError('OAuth flow timed out'));\n }, timeout || DEFAULT_TIMEOUT);\n });\n\n return msgReceivedOrTimeout\n .finally(function () {\n clearTimeout(timeoutId);\n removeListener(window, 'message', responseHandler);\n });\n}\n\nexport function addIDPPopupLisenter (\n sdk: OktaAuthOAuthInterface,\n timeout: number | undefined,\n channel: BroadcastChannel,\n state: string\n) {\n let timeoutId;\n\n const promise = new Promise((resolve, reject) => {\n channel.onmessage = (event) => {\n // ignore invalid or untrusted events\n if (!event.isTrusted || !event.data) {\n return;\n }\n\n if (typeof event.data === 'object' && state === event.data.state) {\n return resolve({ ...event.data });\n }\n\n reject(new AuthSdkError('Unable to complete auth code exchange'));\n };\n\n timeoutId = setTimeout(function () {\n reject(new AuthSdkError('OAuth flow timed out'));\n }, timeout || DEFAULT_TIMEOUT);\n });\n\n return promise\n .finally(() => {\n clearTimeout(timeoutId);\n channel.close();\n });\n}\n","\n/* global window */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { generateState } from './oauth';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { isBrowser } from '../../features';\nimport { removeNils } from '../../util';\n\nexport function getDefaultEnrollAuthenticatorParams(sdk: OktaAuthOAuthInterface): TokenParams {\n const {\n clientId,\n redirectUri,\n responseMode,\n state,\n } = sdk.options;\n const defaultRedirectUri = isBrowser() ? window.location.href : undefined;\n return removeNils({\n clientId,\n redirectUri: redirectUri || defaultRedirectUri,\n responseMode,\n state: state || generateState(),\n responseType: 'none',\n prompt: 'enroll_authenticator',\n });\n}","\n/* global window */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { generateNonce, generateState } from './oauth';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { isBrowser } from '../../features';\nimport { removeNils } from '../../util';\n\nexport function getDefaultTokenParams(sdk: OktaAuthOAuthInterface): TokenParams {\n const {\n pkce,\n clientId,\n redirectUri,\n responseType,\n responseMode,\n scopes,\n acrValues,\n maxAge,\n state,\n ignoreSignature,\n dpop\n } = sdk.options;\n const defaultRedirectUri = isBrowser() ? window.location.href : undefined;\n return removeNils({\n pkce,\n clientId,\n redirectUri: redirectUri || defaultRedirectUri,\n responseType: responseType || ['token', 'id_token'],\n responseMode,\n state: state || generateState(),\n nonce: generateNonce(),\n scopes: scopes || ['openid', 'email'],\n acrValues,\n maxAge,\n ignoreSignature,\n dpop,\n });\n}","/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport { OAuthTransactionMeta, OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';\nimport { getOAuthUrls } from './oauth';\n\nexport function createEnrollAuthenticatorMeta(\n sdk: OktaAuthOAuthInterface, \n params: EnrollAuthenticatorOptions\n): OAuthTransactionMeta {\n const issuer = sdk.options.issuer!;\n const urls = getOAuthUrls(sdk, params);\n const oauthMeta: OAuthTransactionMeta = {\n issuer,\n urls,\n clientId: params.clientId!,\n redirectUri: params.redirectUri!,\n responseType: params.responseType!,\n responseMode: params.responseMode!,\n state: params.state!,\n acrValues: params.acrValues,\n enrollAmrValues: params.enrollAmrValues,\n };\n\n return oauthMeta;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { OktaAuthOAuthInterface } from '../types';\nimport { OAuthError, AuthApiError, isOAuthError } from '../../errors';\n\nexport function isInteractionRequiredError(error: Error) {\n if (error.name !== 'OAuthError') {\n return false;\n }\n const oauthError = error as OAuthError;\n return (oauthError.errorCode === 'interaction_required');\n}\n\nexport function isAuthorizationCodeError(sdk: OktaAuthOAuthInterface, error: Error) {\n if (error.name !== 'AuthApiError') {\n return false;\n }\n const authApiError = error as AuthApiError;\n // xhr property doesn't seem to match XMLHttpRequest type\n const errorResponse = authApiError.xhr as unknown as Record<string, unknown>;\n const responseJSON = errorResponse?.responseJSON as Record<string, unknown>;\n return sdk.options.pkce && (responseJSON?.error as string === 'invalid_grant');\n}\n\nexport function isRefreshTokenInvalidError(error: unknown): boolean {\n // error: {\"error\":\"invalid_grant\",\"error_description\":\"The refresh token is invalid or expired.\"}\n return isOAuthError(error) &&\n error.errorCode === 'invalid_grant' &&\n error.errorSummary === 'The refresh token is invalid or expired.';\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\n/* eslint-disable complexity, max-statements */\nimport { OktaAuthOAuthOptions, OktaAuthOAuthInterface, OAuthResponseType } from '../types';\n\nexport function hasTokensInHash(hash: string): boolean {\n return /((id|access)_token=)/i.test(hash);\n}\n\n// authorization_code\nexport function hasAuthorizationCode(hashOrSearch: string): boolean {\n return /(code=)/i.test(hashOrSearch);\n}\n\n// interaction_code\nexport function hasInteractionCode(hashOrSearch: string): boolean {\n return /(interaction_code=)/i.test(hashOrSearch);\n}\n\nexport function hasErrorInUrl(hashOrSearch: string): boolean {\n return /(error=)/i.test(hashOrSearch) || /(error_description)/i.test(hashOrSearch);\n}\n\nexport function isRedirectUri(uri: string, sdk: OktaAuthOAuthInterface): boolean {\n var authParams = sdk.options;\n if (!uri || !authParams.redirectUri) {\n return false;\n }\n return uri.indexOf(authParams.redirectUri) === 0;\n}\n\nexport function isCodeFlow(options: OktaAuthOAuthOptions) {\n return options.pkce || options.responseType === 'code' || options.responseMode === 'query';\n}\n\nexport function hasResponseType(responseType: OAuthResponseType, options: OktaAuthOAuthOptions): boolean {\n let hasResponseType = false;\n if (Array.isArray(options.responseType) && options.responseType.length) {\n hasResponseType = options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = options.responseType === responseType;\n }\n return hasResponseType;\n}\n\nexport function getHashOrSearch(options: OktaAuthOAuthOptions) {\n var codeFlow = isCodeFlow(options);\n var useQuery = codeFlow && options.responseMode !== 'fragment';\n return useQuery ? window.location.search : window.location.hash;\n}\n\n/**\n * Check if tokens or a code have been passed back into the url, which happens in\n * the OIDC (including social auth IDP) redirect flow.\n */\nexport function isLoginRedirect (sdk: OktaAuthOAuthInterface) {\n // First check, is this a redirect URI?\n if (!isRedirectUri(window.location.href, sdk)){\n return false;\n }\n\n // The location contains either a code, token, or an error + error_description\n var codeFlow = isCodeFlow(sdk.options);\n var hashOrSearch = getHashOrSearch(sdk.options);\n\n if (hasErrorInUrl(hashOrSearch)) {\n return true;\n }\n\n if (codeFlow) {\n var hasCode = hasAuthorizationCode(hashOrSearch) || hasInteractionCode(hashOrSearch);\n return hasCode;\n }\n\n // implicit flow, will always be hash fragment\n return hasTokensInHash(window.location.hash);\n}\n\n/**\n * Check if error=interaction_required has been passed back in the url, which happens in\n * the social auth IDP redirect flow.\n */\nexport function isInteractionRequired (sdk: OktaAuthOAuthInterface, hashOrSearch?: string) {\n if (!hashOrSearch) { // web only\n // First check, is this a redirect URI?\n if (!isLoginRedirect(sdk)){\n return false;\n }\n \n hashOrSearch = getHashOrSearch(sdk.options);\n }\n return /(error=interaction_required)/i.test(hashOrSearch);\n}","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* eslint-disable complexity, max-statements */\nimport { genRandomString, removeTrailingSlash } from '../../util';\nimport AuthSdkError from '../../errors/AuthSdkError';\nimport { OktaAuthOAuthInterface, CustomUrls } from '../types';\n\nexport function generateState() {\n return genRandomString(64);\n}\n\nexport function generateNonce() {\n return genRandomString(64);\n}\n\nfunction getIssuer(sdk: OktaAuthOAuthInterface, options: CustomUrls = {}) {\n const issuer = removeTrailingSlash(options.issuer) || sdk.options.issuer;\n return issuer;\n}\n\nexport function getOAuthBaseUrl(sdk: OktaAuthOAuthInterface, options: CustomUrls = {}) {\n const issuer = getIssuer(sdk, options);\n const baseUrl = issuer.indexOf('/oauth2') > 0 ? issuer : issuer + '/oauth2';\n return baseUrl;\n}\n\nexport function getOAuthDomain(sdk: OktaAuthOAuthInterface, options: CustomUrls = {}) {\n const issuer = getIssuer(sdk, options);\n const domain = issuer.split('/oauth2')[0];\n return domain;\n}\n\nexport function getOAuthUrls(sdk: OktaAuthOAuthInterface, options?: CustomUrls): CustomUrls {\n if (arguments.length > 2) {\n throw new AuthSdkError('As of version 3.0, \"getOAuthUrls\" takes only a single set of options');\n }\n options = options || {};\n\n // Get user-supplied arguments\n var authorizeUrl = removeTrailingSlash(options.authorizeUrl) || sdk.options.authorizeUrl;\n var issuer = getIssuer(sdk, options);\n var userinfoUrl = removeTrailingSlash(options.userinfoUrl) || sdk.options.userinfoUrl;\n var tokenUrl = removeTrailingSlash(options.tokenUrl) || sdk.options.tokenUrl;\n var logoutUrl = removeTrailingSlash(options.logoutUrl) || sdk.options.logoutUrl;\n var revokeUrl = removeTrailingSlash(options.revokeUrl) || sdk.options.revokeUrl;\n\n var baseUrl = getOAuthBaseUrl(sdk, options);\n\n authorizeUrl = authorizeUrl || baseUrl + '/v1/authorize';\n userinfoUrl = userinfoUrl || baseUrl + '/v1/userinfo';\n tokenUrl = tokenUrl || baseUrl + '/v1/token';\n revokeUrl = revokeUrl || baseUrl + '/v1/revoke';\n logoutUrl = logoutUrl || baseUrl + '/v1/logout';\n\n return {\n issuer: issuer,\n authorizeUrl: authorizeUrl,\n userinfoUrl: userinfoUrl,\n tokenUrl: tokenUrl,\n revokeUrl: revokeUrl,\n logoutUrl: logoutUrl\n };\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport { OAuthTransactionMeta, OktaAuthOAuthInterface, PKCETransactionMeta, TokenParams } from '../types';\nimport { getOAuthUrls } from './oauth';\n\nexport function createOAuthMeta(\n sdk: OktaAuthOAuthInterface, \n tokenParams: TokenParams\n): OAuthTransactionMeta | PKCETransactionMeta {\n const issuer = sdk.options.issuer!;\n const urls = getOAuthUrls(sdk, tokenParams);\n const oauthMeta: OAuthTransactionMeta = {\n issuer,\n urls,\n clientId: tokenParams.clientId!,\n redirectUri: tokenParams.redirectUri!,\n responseType: tokenParams.responseType!,\n responseMode: tokenParams.responseMode!,\n scopes: tokenParams.scopes!,\n state: tokenParams.state!,\n nonce: tokenParams.nonce!,\n ignoreSignature: tokenParams.ignoreSignature!,\n acrValues: tokenParams.acrValues,\n extraParams: tokenParams.extraParams\n };\n\n if (tokenParams.pkce === false) {\n // Implicit flow or authorization_code without PKCE\n return oauthMeta;\n }\n\n const pkceMeta: PKCETransactionMeta = {\n ...oauthMeta,\n codeVerifier: tokenParams.codeVerifier!,\n codeChallengeMethod: tokenParams.codeChallengeMethod!,\n codeChallenge: tokenParams.codeChallenge!,\n };\n\n return pkceMeta;\n}\n","/*!\n * Copyright (c) 2019-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n /* eslint-disable complexity, max-statements */\nimport { stringToBase64Url, webcrypto } from '../../crypto';\nimport { MIN_VERIFIER_LENGTH, MAX_VERIFIER_LENGTH, DEFAULT_CODE_CHALLENGE_METHOD } from '../../constants';\n\nfunction dec2hex (dec) {\n return ('0' + dec.toString(16)).substr(-2);\n}\n\nfunction getRandomString(length) {\n var a = new Uint8Array(Math.ceil(length / 2));\n webcrypto.getRandomValues(a);\n var str = Array.from(a, dec2hex).join('');\n return str.slice(0, length);\n}\n\nfunction generateVerifier(prefix?: string): string {\n var verifier = prefix || '';\n if (verifier.length < MIN_VERIFIER_LENGTH) {\n verifier = verifier + getRandomString(MIN_VERIFIER_LENGTH - verifier.length);\n }\n return encodeURIComponent(verifier).slice(0, MAX_VERIFIER_LENGTH);\n}\n\nfunction computeChallenge(str: string): PromiseLike<any> { \n var buffer = new TextEncoder().encode(str);\n return webcrypto.subtle.digest('SHA-256', buffer).then(function(arrayBuffer) {\n var hash = String.fromCharCode.apply(null, new Uint8Array(arrayBuffer) as unknown as number[]);\n var b64u = stringToBase64Url(hash); // url-safe base64 variant\n return b64u;\n });\n}\n\nexport default {\n DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier,\n computeChallenge\n};\n","/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';\nimport { getDefaultEnrollAuthenticatorParams } from './defaultEnrollAuthenticatorParams';\n\nfunction prepareParams(\n params: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n params = {\n ...params,\n // forced params:\n responseType: 'none',\n prompt: 'enroll_authenticator',\n maxAge: 0,\n };\n\n if (!params.enrollAmrValues) {\n throw new AuthSdkError('enroll_amr_values must be specified');\n }\n if (!params.acrValues) {\n // `acr_values` is required and should equal 'urn:okta:2fa:any:ifpossible'\n // But this can be changed in future\n throw new AuthSdkError('acr_values must be specified');\n }\n\n // `scope`, `nonce` must be omitted\n delete params.scopes;\n delete params.nonce;\n\n return params;\n}\n\n// Prepares params for a call to /authorize\nexport function prepareEnrollAuthenticatorParams(\n sdk: OktaAuthOAuthInterface,\n options: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n return prepareParams({\n ...getDefaultEnrollAuthenticatorParams(sdk),\n ...options\n });\n}\n","/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown } from '../endpoints/well-known';\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { getDefaultTokenParams } from './defaultTokenParams';\nimport { DEFAULT_CODE_CHALLENGE_METHOD } from '../../constants';\nimport PKCE from './pkce';\nimport { OktaAuthBaseInterface } from '../../base/types';\n\nexport function assertPKCESupport(sdk: OktaAuthBaseInterface) {\n if (!sdk.features.isPKCESupported()) {\n var errorMessage = 'PKCE requires a modern browser with encryption support running in a secure context.';\n if (!sdk.features.isHTTPS()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\nThe current page is not being served with HTTPS protocol. PKCE requires secure HTTPS protocol.';\n }\n if (!sdk.features.hasTextEncoder()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\n\"TextEncoder\" is not defined. To use PKCE, you may need to include a polyfill/shim for this browser.';\n }\n throw new AuthSdkError(errorMessage);\n }\n}\n\nexport async function validateCodeChallengeMethod(sdk: OktaAuthOAuthInterface, codeChallengeMethod?: string) {\n // set default code challenge method, if none provided\n codeChallengeMethod = codeChallengeMethod || sdk.options.codeChallengeMethod || DEFAULT_CODE_CHALLENGE_METHOD;\n\n // validate against .well-known/openid-configuration\n const wellKnownResponse = await getWellKnown(sdk);\n var methods = wellKnownResponse['code_challenge_methods_supported'] || [];\n if (methods.indexOf(codeChallengeMethod) === -1) {\n throw new AuthSdkError('Invalid code_challenge_method');\n }\n return codeChallengeMethod;\n}\n\nexport async function preparePKCE(\n sdk: OktaAuthOAuthInterface, \n tokenParams: TokenParams\n): Promise<TokenParams> {\n let {\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n } = tokenParams;\n\n // PKCE calculations can be avoided by passing a codeChallenge\n codeChallenge = codeChallenge || sdk.options.codeChallenge;\n if (!codeChallenge) {\n assertPKCESupport(sdk);\n codeVerifier = codeVerifier || PKCE.generateVerifier();\n codeChallenge = await PKCE.computeChallenge(codeVerifier);\n }\n codeChallengeMethod = await validateCodeChallengeMethod(sdk, codeChallengeMethod);\n\n // Clone/copy the params. Set PKCE values\n tokenParams = {\n ...tokenParams,\n responseType: 'code', // responseType is forced\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n };\n\n return tokenParams;\n}\n\n// Prepares params for a call to /authorize or /token\nexport async function prepareTokenParams(\n sdk: OktaAuthOAuthInterface,\n tokenParams: TokenParams = {}\n): Promise<TokenParams> {\n // build params using defaults + options\n const defaults = getDefaultTokenParams(sdk);\n tokenParams = { ...defaults, ...tokenParams };\n\n if (tokenParams.dpop && !sdk.features.isDPoPSupported()) {\n throw new AuthSdkError('DPoP has been configured, but is not supported by browser');\n }\n\n if (tokenParams.pkce === false) {\n // Implicit flow or authorization_code without PKCE\n return tokenParams;\n }\n\n return preparePKCE(sdk, tokenParams);\n}","import { RefreshToken } from '../types';\nimport { isAuthApiError } from '../../errors';\n\nexport function isSameRefreshToken(a: RefreshToken, b: RefreshToken) {\n return (a.refreshToken === b.refreshToken);\n}\n\nexport function isRefreshTokenError(err: Error) {\n if (!isAuthApiError(err)) {\n return false;\n }\n\n if (!err.xhr || !err.xhr.responseJSON) {\n return false;\n }\n\n const { responseJSON } = err.xhr;\n if (responseJSON.error === 'invalid_grant') {\n return true;\n }\n\n return false;\n}","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* eslint-disable complexity, max-statements */\n\nexport function urlParamsToObject(hashOrSearch: string) {\n // Predefine regexs for parsing hash\n var plus2space = /\\+/g;\n var paramSplit = /([^&=]+)=?([^&]*)/g;\n var fragment = hashOrSearch || '';\n\n // Some hash based routers will automatically add a / character after the hash\n if (fragment.charAt(0) === '#' && fragment.charAt(1) === '/') {\n fragment = fragment.substring(2);\n }\n\n // Remove the leading # or ?\n if (fragment.charAt(0) === '#' || fragment.charAt(0) === '?') {\n fragment = fragment.substring(1);\n }\n\n\n var obj = {};\n\n // Loop until we have no more params\n var param;\n while (true) { // eslint-disable-line no-constant-condition\n param = paramSplit.exec(fragment);\n if (!param) { break; }\n\n var key = param[1];\n var value = param[2];\n\n // id_token should remain base64url encoded\n if (key === 'id_token' || key === 'access_token' || key === 'code') {\n obj[key] = value;\n } else {\n obj[key] = decodeURIComponent(value.replace(plus2space, ' '));\n }\n }\n return obj;\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* eslint-disable complexity, max-statements */\n\nimport AuthSdkError from '../../errors/AuthSdkError';\nimport { OktaAuthOAuthInterface, TokenVerifyParams, UserClaims } from '../../oidc/types';\n\nexport function validateClaims(sdk: OktaAuthOAuthInterface, claims: UserClaims, validationParams: TokenVerifyParams) {\n const aud = validationParams.clientId;\n const iss = validationParams.issuer;\n const nonce = validationParams.nonce;\n const acr = validationParams.acrValues;\n\n if (!claims || !iss || !aud) {\n throw new AuthSdkError('The jwt, iss, and aud arguments are all required');\n }\n\n if (nonce && claims.nonce !== nonce) {\n throw new AuthSdkError('OAuth flow response nonce doesn\\'t match request nonce');\n }\n\n const now = Math.floor(Date.now()/1000);\n\n if (claims.iss !== iss) {\n throw new AuthSdkError('The issuer [' + claims.iss + '] ' +\n 'does not match [' + iss + ']');\n }\n\n if ((Array.isArray(claims.aud) && claims.aud.indexOf(aud) < 0) ||\n (!Array.isArray(claims.aud) && claims.aud !== aud))\n {\n throw new AuthSdkError('The audience [' + claims.aud + '] ' +\n 'does not match [' + aud + ']');\n }\n\n if (acr && claims.acr !== acr) {\n throw new AuthSdkError('The acr [' + claims.acr + '] ' +\n 'does not match acr_values [' + acr + ']');\n }\n\n if (claims.iat! > claims.exp!) {\n throw new AuthSdkError('The JWT expired before it was issued');\n }\n\n if (!sdk.options.ignoreLifetime) {\n if ((now - sdk.options.maxClockSkew!) > claims.exp!) {\n throw new AuthSdkError('The JWT expired and is no longer valid');\n }\n\n if (claims.iat! > (now + sdk.options.maxClockSkew!)) {\n throw new AuthSdkError('The JWT was issued in the future');\n }\n }\n}\n","/* eslint-disable complexity */\n\nimport { AuthSdkError } from '../../errors';\nimport { isAccessToken, isIDToken, isRefreshToken, Token, TokenType } from '../../oidc/types';\n\nexport function validateToken(token: Token, type?: TokenType) {\n if (!isIDToken(token) && !isAccessToken(token) && !isRefreshToken(token)) {\n throw new AuthSdkError(\n 'Token must be an Object with scopes, expiresAt, and one of: an idToken, accessToken, or refreshToken property'\n );\n }\n \n if (type === 'accessToken' && !isAccessToken(token)) {\n throw new AuthSdkError('invalid accessToken');\n } \n if (type === 'idToken' && !isIDToken(token)) {\n throw new AuthSdkError('invalid idToken');\n }\n\n if (type === 'refreshToken' && !isRefreshToken(token)) {\n throw new AuthSdkError('invalid refreshToken');\n }\n}","/* eslint-disable max-len */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown, getKey } from './endpoints/well-known';\nimport { validateClaims } from './util';\nimport { AuthSdkError } from '../errors';\nimport { IDToken, OktaAuthOAuthInterface, TokenVerifyParams } from '../oidc/types';\nimport { decodeToken } from './decodeToken';\nimport * as sdkCrypto from '../crypto';\n\n// Verify the id token\nexport async function verifyToken(sdk: OktaAuthOAuthInterface, token: IDToken, validationParams: TokenVerifyParams): Promise<IDToken> {\n if (!token || !token.idToken) {\n throw new AuthSdkError('Only idTokens may be verified');\n }\n\n // Decode the Jwt object (may throw)\n const jwt = decodeToken(token.idToken);\n\n // The configured issuer may point to a frontend proxy.\n // Get the \"real\" issuer from .well-known/openid-configuration\n const configuredIssuer = validationParams?.issuer || sdk.options.issuer;\n const { issuer } = await getWellKnown(sdk, configuredIssuer);\n\n const validationOptions: TokenVerifyParams = Object.assign({\n // base options, can be overridden by params\n clientId: sdk.options.clientId,\n ignoreSignature: sdk.options.ignoreSignature\n }, validationParams, {\n // final options, cannot be overridden\n issuer\n });\n\n // Standard claim validation (may throw)\n validateClaims(sdk, jwt.payload, validationOptions);\n\n // If the browser doesn't support native crypto or we choose not\n // to verify the signature, bail early\n if (validationOptions.ignoreSignature == true || !sdk.features.isTokenVerifySupported()) {\n return token;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const key = await getKey(sdk, token.issuer, jwt.header.kid!);\n const valid = await sdkCrypto.verifyToken(token.idToken, key);\n if (!valid) {\n throw new AuthSdkError('The token signature is not valid');\n }\n if (validationParams && validationParams.accessToken && token.claims.at_hash) {\n const hash = await sdkCrypto.getOidcHash(validationParams.accessToken);\n if (hash !== token.claims.at_hash) {\n throw new AuthSdkError('Token hash verification failed');\n }\n }\n return token;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\nimport { omit, getLink, toQueryString } from '../util';\nimport { get, post, httpRequest } from '../http';\n\nfunction sessionExists(sdk) {\n return sdk.session.get()\n .then(function(res) {\n if (res.status === 'ACTIVE') {\n return true;\n }\n return false;\n })\n .catch(function() {\n return false;\n });\n}\n\nfunction getSession(sdk) { \n return get(sdk, '/api/v1/sessions/me', { withCredentials: true })\n .then(function(session) {\n var res = omit(session, '_links');\n\n res.refresh = function() {\n return post(sdk, getLink(session, 'refresh').href, {}, { withCredentials: true });\n };\n\n res.user = function() {\n return get(sdk, getLink(session, 'user').href, { withCredentials: true });\n };\n\n return res;\n })\n .catch(function() {\n // Return INACTIVE status on failure\n return {status: 'INACTIVE'};\n });\n}\n\nfunction closeSession(sdk) {\n return httpRequest(sdk, {\n url: sdk.getIssuerOrigin() + '/api/v1/sessions/me',\n method: 'DELETE',\n withCredentials: true\n });\n}\n\nfunction refreshSession(sdk) {\n return post(sdk, '/api/v1/sessions/me/lifecycle/refresh', {}, { withCredentials: true });\n}\n\nfunction setCookieAndRedirect(sdk, sessionToken, redirectUrl) {\n redirectUrl = redirectUrl || window.location.href;\n window.location.assign(sdk.getIssuerOrigin() + '/login/sessionCookieRedirect' +\n toQueryString({\n checkAccountSetupComplete: true,\n token: sessionToken,\n redirectUrl: redirectUrl\n }));\n}\n\nexport {\n sessionExists,\n getSession,\n closeSession,\n refreshSession,\n setCookieAndRedirect\n};\n","import { SessionAPI } from './types';\nimport { closeSession, getSession, refreshSession, sessionExists, setCookieAndRedirect } from './api';\nimport { OktaAuthBaseInterface } from '../base/types';\n\nexport function createSessionApi(sdk: OktaAuthBaseInterface): SessionAPI {\n const session = {\n close: closeSession.bind(null, sdk),\n exists: sessionExists.bind(null, sdk),\n get: getSession.bind(null, sdk),\n refresh: refreshSession.bind(null, sdk),\n setCookieAndRedirect: setCookieAndRedirect.bind(null, sdk)\n };\n return session;\n}\n","import { OktaAuthHttpInterface, OktaAuthHttpOptions } from '../http/types';\nimport { OktaAuthConstructor } from '../base/types';\nimport { createSessionApi } from './factory';\nimport {\n OktaAuthSessionInterface, SessionAPI,\n} from './types';\nimport { StorageManagerInterface } from '../storage/types';\n\nexport function mixinSession\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthHttpOptions = OktaAuthHttpOptions,\n TBase extends OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n = OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n{\n return class OktaAuthSession extends Base implements OktaAuthSessionInterface<S, O>\n {\n session: SessionAPI;\n\n constructor(...args: any[]) {\n super(...args);\n\n this.session = createSessionApi(this);\n }\n\n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<boolean> {\n return this.session.close() // DELETE /api/v1/sessions/me\n .then(async () => {\n // Clear all local tokens\n this.clearStorage();\n return true;\n })\n .catch(function(e) {\n if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n // Session does not exist or has already been closed\n return false;\n }\n throw e;\n });\n }\n };\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n\nimport {\n TOKEN_STORAGE_NAME,\n CACHE_STORAGE_NAME,\n} from '../constants';\nimport {\n StorageUtil,\n StorageProvider,\n StorageOptions,\n CookieOptions,\n StorageManagerOptions,\n SimpleStorage,\n StorageManagerInterface\n} from './types';\nimport { SavedObject } from './SavedObject';\nimport { isBrowser } from '../features';\nimport { warn } from '../util';\n\nexport function logServerSideMemoryStorageWarning(options: StorageOptions) {\n if (!isBrowser() && !options.storageProvider && !options.storageKey) {\n // eslint-disable-next-line max-len\n warn('Memory storage can only support simple single user use case on server side, please provide custom storageProvider or storageKey if advanced scenarios need to be supported.');\n }\n}\n\n\nexport class BaseStorageManager implements StorageManagerInterface {\n storageManagerOptions: StorageManagerOptions;\n cookieOptions: CookieOptions;\n storageUtil: StorageUtil;\n\n constructor(storageManagerOptions: StorageManagerOptions, cookieOptions: CookieOptions, storageUtil: StorageUtil) {\n this.storageManagerOptions = storageManagerOptions;\n this.cookieOptions = cookieOptions;\n this.storageUtil = storageUtil;\n }\n\n // combines defaults in order\n getOptionsForSection(sectionName: string, overrideOptions?: StorageOptions) {\n return Object.assign({}, this.storageManagerOptions[sectionName], overrideOptions);\n }\n \n // generic method to get any available storage provider\n // eslint-disable-next-line complexity\n getStorage(options: StorageOptions): SimpleStorage {\n options = Object.assign({}, this.cookieOptions, options); // set defaults\n\n if (options.storageProvider) {\n return options.storageProvider;\n }\n\n let { storageType, storageTypes } = options;\n\n if(storageType === 'sessionStorage') {\n options.sessionCookie = true;\n }\n\n // If both storageType and storageTypes are specified, then storageType will be used first\n // If storageType cannot be used but it matches an entry in storageTypes, subsequent entries may be used as fallback\n // if storageType does not match an entry in storageTypes then storageType is used with no fallback.\n if (storageType && storageTypes) {\n const idx = storageTypes.indexOf(storageType);\n if (idx >= 0) {\n storageTypes = storageTypes.slice(idx);\n storageType = undefined;\n }\n }\n\n if (!storageType) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n storageType = this.storageUtil.findStorageType(storageTypes!);\n }\n return this.storageUtil.getStorageByType(storageType, options);\n }\n\n // access_token, id_token, refresh_token\n getTokenStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('token', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TOKEN_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // caches well-known response, among others\n getHttpCache(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('cache', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || CACHE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from '../errors/AuthSdkError';\nimport { StorageProvider, SimpleStorage } from './types';\n\n// formerly known as \"storageBuilder\". Represents an object saved under a key/name.\nexport class SavedObject implements StorageProvider {\n storageProvider: SimpleStorage;\n storageName: string;\n\n constructor(storage: SimpleStorage, storageName: string) {\n if (!storage) {\n throw new AuthSdkError('\"storage\" is required');\n }\n\n if (typeof storageName !== 'string' || !storageName.length) {\n throw new AuthSdkError('\"storageName\" is required');\n }\n\n this.storageName = storageName;\n this.storageProvider = storage;\n }\n\n //\n // SimpleStorage interface\n //\n\n getItem(key: string) {\n return this.getStorage()[key];\n }\n\n setItem(key: string, value: any) {\n return this.updateStorage(key, value);\n }\n\n removeItem(key: string) {\n return this.clearStorage(key);\n }\n\n //\n // StorageProvider interface\n //\n\n getStorage() {\n var storageString = this.storageProvider.getItem(this.storageName);\n storageString = storageString || '{}';\n try {\n return JSON.parse(storageString);\n } catch(e) {\n throw new AuthSdkError('Unable to parse storage string: ' + this.storageName);\n }\n }\n\n setStorage(obj?: any) {\n try {\n var storageString = obj ? JSON.stringify(obj) : '{}';\n this.storageProvider.setItem(this.storageName, storageString);\n } catch(e) {\n throw new AuthSdkError('Unable to set storage: ' + this.storageName);\n }\n }\n\n clearStorage(key?: string) {\n if (!key) {\n // clear all\n if (this.storageProvider.removeItem) {\n this.storageProvider.removeItem(this.storageName);\n } else {\n this.setStorage();\n }\n return;\n }\n\n var obj = this.getStorage();\n delete obj[key];\n this.setStorage(obj);\n }\n\n updateStorage(key, value) {\n var obj = this.getStorage();\n obj[key] = value;\n this.setStorage(obj);\n }\n}\n","import { OktaAuthBaseInterface, OktaAuthConstructor } from '../base/types';\nimport {\n OktaAuthStorageInterface,\n OktaAuthStorageOptions,\n StorageManagerConstructor,\n StorageManagerInterface,\n} from './types';\n\nexport function mixinStorage\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthStorageOptions = OktaAuthStorageOptions,\n TBase extends OktaAuthConstructor<OktaAuthBaseInterface<O>> = OktaAuthConstructor<OktaAuthBaseInterface<O>>\n>\n(\n Base: TBase, StorageManager: StorageManagerConstructor<S>\n): TBase & OktaAuthConstructor<OktaAuthStorageInterface<S, O>>\n{\n return class OktaAuthStorage extends Base implements OktaAuthStorageInterface<S, O>\n {\n storageManager: S;\n constructor(...args: any[]) {\n super(...args);\n const { storageManager, cookies, storageUtil } = this.options;\n this.storageManager = new StorageManager(storageManager!, cookies!, storageUtil!);\n }\n clearStorage(): void {\n // override in subclass\n }\n };\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable complexity */\nimport { StorageManagerOptions, StorageUtil, OktaAuthStorageOptions } from '../types';\nimport { warn } from '../../util';\n\nimport { default as browserStorage } from '../../browser/browserStorage';\n\nexport function getStorage(): StorageUtil {\n const storageUtil = Object.assign({}, browserStorage, {\n inMemoryStore: {} // create unique storage for this instance\n });\n return storageUtil;\n}\n\nexport const STORAGE_MANAGER_OPTIONS: StorageManagerOptions = {\n token: {\n storageTypes: [\n 'localStorage',\n 'sessionStorage',\n 'cookie'\n ]\n },\n cache: {\n storageTypes: [\n 'localStorage',\n 'sessionStorage',\n 'cookie'\n ]\n },\n transaction: {\n storageTypes: [\n 'sessionStorage',\n 'localStorage',\n 'cookie'\n ]\n },\n 'shared-transaction': {\n storageTypes: [\n 'localStorage'\n ]\n },\n 'original-uri': {\n storageTypes: [\n 'localStorage'\n ]\n }\n};\n\nexport function getCookieSettings(args: OktaAuthStorageOptions = {}, isHTTPS: boolean) {\n // Secure cookies will be automatically used on a HTTPS connection\n // Non-secure cookies will be automatically used on a HTTP connection\n // secure option can override the automatic behavior\n var cookieSettings = args.cookies || {};\n if (typeof cookieSettings.secure === 'undefined') {\n cookieSettings.secure = isHTTPS;\n }\n if (typeof cookieSettings.sameSite === 'undefined') {\n cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';\n }\n\n // If secure=true, but the connection is not HTTPS, set secure=false.\n if (cookieSettings.secure && !isHTTPS) {\n // eslint-disable-next-line no-console\n warn(\n 'The current page is not being served with the HTTPS protocol.\\n' +\n 'For security reasons, we strongly recommend using HTTPS.\\n' +\n 'If you cannot use HTTPS, set \"cookies.secure\" option to false.'\n );\n cookieSettings.secure = false;\n }\n\n // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure\n // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.\n if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {\n cookieSettings.sameSite = 'lax';\n }\n\n return cookieSettings;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { createBaseOptionsConstructor } from '../../base';\nimport { CookieOptions, OktaAuthStorageOptions, StorageManagerOptions, StorageUtil } from '../types';\nimport { getStorage, STORAGE_MANAGER_OPTIONS, getCookieSettings } from './node';\nimport { isHTTPS } from '../../features';\n\nexport function createStorageOptionsConstructor() {\n\n const BaseOptionsConstructor = createBaseOptionsConstructor();\n return class StorageOptionsConstructor extends BaseOptionsConstructor implements Required<OktaAuthStorageOptions> {\n cookies: CookieOptions;\n storageUtil: StorageUtil;\n storageManager: StorageManagerOptions;\n \n constructor(args: any) {\n super(args);\n this.cookies = getCookieSettings(args, isHTTPS())!;\n this.storageUtil = args.storageUtil || getStorage();\n this.storageManager = { ...STORAGE_MANAGER_OPTIONS, ...args.storageManager };\n }\n };\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n// Implements a queue for synchronous or asynchronous methods\n// Methods will be wrapped in a promise and execute sequentially\n// This can be used to prevent concurrent calls to a single method or a set of methods\n\nimport { isPromise } from './types';\nimport { warn } from './console';\n\ninterface QueueItem {\n method: () => void;\n thisObject: object;\n args: any[];\n resolve: (value?: unknown) => void;\n reject: (reason?: unknown) => void;\n}\n\ninterface PromiseQueueOptions {\n quiet?: boolean; // if false, concurrrency warnings will not be logged\n}\nexport class PromiseQueue {\n queue: QueueItem[];\n running: boolean;\n options: PromiseQueueOptions;\n\n constructor(options: PromiseQueueOptions = { quiet: false }) {\n this.queue = [];\n this.running = false;\n this.options = options;\n }\n\n // Returns a promise\n // If the method is synchronous, it will resolve when the method completes\n // If the method returns a promise, it will resolve (or reject) with the value from the method's promise\n push(method: (...args: any) => any, thisObject: any, ...args: any[]) {\n return new Promise((resolve, reject) => {\n if (this.queue.length > 0) {\n // There is at least one other pending call.\n // The PromiseQueue will prevent these methods from running concurrently.\n if (this.options.quiet !== false) {\n warn(\n 'Async method is being called but another async method is already running. ' +\n 'The new method will be delayed until the previous method completes.'\n );\n }\n }\n this.queue.push({\n method,\n thisObject,\n args,\n resolve,\n reject\n });\n this.run();\n });\n }\n\n run() {\n if (this.running) {\n return;\n }\n if (this.queue.length === 0) {\n return;\n }\n this.running = true;\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var queueItem = this.queue.shift()!;\n var res = queueItem.method.apply(queueItem.thisObject, queueItem.args as never) as unknown;\n if (isPromise(res)) {\n (res as Promise<unknown>).then(queueItem.resolve, queueItem.reject).finally(() => {\n this.running = false;\n this.run();\n });\n } else {\n queueItem.resolve(res);\n this.running = false;\n this.run();\n }\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* global window */\n\nexport function getNativeConsole() {\n if (typeof window !== 'undefined') {\n return window.console;\n } else if (typeof console !== 'undefined') {\n return console;\n } else {\n return undefined;\n }\n}\n\nexport function getConsole() {\n var nativeConsole = getNativeConsole();\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n if (nativeConsole && nativeConsole.log) {\n return nativeConsole;\n }\n return {\n log: function() {},\n warn: function() {},\n group: function() {},\n groupEnd: function() {}\n };\n}\n\nexport function warn(text) {\n /* eslint-disable no-console */\n getConsole().warn('[okta-auth-sdk] WARN: ' + text);\n /* eslint-enable */\n}\n\nexport function deprecate(text) {\n /* eslint-disable no-console */\n getConsole().warn('[okta-auth-sdk] DEPRECATION: ' + text);\n /* eslint-enable */\n}\n\nexport function deprecateWrap(text, fn) {\n return function() {\n deprecate(text);\n return fn.apply(null, arguments);\n };\n}\n\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport function isoToUTCString(str) {\n var parts = str.match(/\\d+/g),\n isoTime = Date.UTC(parts[0], parts[1] - 1, parts[2], parts[3], parts[4], parts[5]),\n isoDate = new Date(isoTime);\n\n return isoDate.toUTCString();\n}\n\nexport function genRandomString(length) {\n var randomCharset = 'abcdefghijklnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';\n var random = '';\n for (var c = 0, cl = randomCharset.length; c < length; ++c) {\n random += randomCharset[Math.floor(Math.random() * cl)];\n }\n return random;\n}\n\nexport function delay(ms) {\n return new Promise(function(resolve) {\n setTimeout(resolve, ms);\n });\n}\n\nexport function split2(str, delim) {\n const parts = str.split(delim);\n return [\n parts[0], \n parts.splice(1, parts.length).join(delim),\n ];\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport function bind(fn, ctx) {\n var additionalArgs = Array.prototype.slice.call(arguments, 2);\n return function() {\n var args = Array.prototype.slice.call(arguments);\n args = additionalArgs.concat(args);\n return fn.apply(ctx, args);\n };\n}\n\n// TODO: replace all references with `Object.assign` then remove this function\nexport function extend() {\n // First object will be modified!\n var obj1 = arguments[0];\n // Properties from other objects will be copied over\n var objArray = [].slice.call(arguments, 1);\n objArray.forEach(function(obj) {\n for (var prop in obj) {\n // copy over all properties with defined values\n if (Object.prototype.hasOwnProperty.call(obj, prop) && obj[prop] !== undefined) {\n obj1[prop] = obj[prop];\n }\n }\n });\n return obj1; // return the modified object\n}\n\nexport function removeNils(obj) {\n var cleaned = {};\n for (var prop in obj) {\n if (Object.prototype.hasOwnProperty.call(obj, prop)) {\n var value = obj[prop];\n if (value !== null && value !== undefined) {\n cleaned[prop] = value;\n }\n }\n }\n return cleaned;\n}\n\nexport function clone(obj) {\n if (obj) {\n var str = JSON.stringify(obj);\n if (str) {\n return JSON.parse(str);\n }\n }\n return obj;\n}\n\n// Analogous to _.omit\nexport function omit(obj, ...props: any[]) {\n // var props = Array.prototype.slice.call(arguments, 1);\n var newobj = {};\n for (var p in obj) {\n if (Object.prototype.hasOwnProperty.call(obj, p) && props.indexOf(p) == -1) {\n newobj[p] = obj[p];\n }\n }\n return clone(newobj);\n}\n\nexport function find(collection, searchParams) {\n var c = collection.length;\n while (c--) {\n var item = collection[c];\n var found = true;\n for (var prop in searchParams) {\n if (!Object.prototype.hasOwnProperty.call(searchParams, prop)) {\n continue;\n }\n if (item[prop] !== searchParams[prop]) {\n found = false;\n break;\n }\n }\n if (found) {\n return item;\n }\n }\n}\n\nexport function getLink(obj, linkName, altName?) {\n if (!obj || !obj._links) {\n return;\n }\n\n var link = clone(obj._links[linkName]);\n\n // If a link has a name and we have an altName, return if they match\n if (link && link.name && altName) {\n if (link.name === altName) {\n return link;\n }\n } else {\n return link;\n }\n}\n\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport function isString(obj: any): obj is string {\n return Object.prototype.toString.call(obj) === '[object String]';\n}\n\nexport function isObject(obj: any): obj is object {\n return Object.prototype.toString.call(obj) === '[object Object]';\n}\n\nexport function isNumber(obj: any): obj is number {\n return Object.prototype.toString.call(obj) === '[object Number]';\n}\n\nexport function isFunction(fn: any): fn is (...any: any[]) => any {\n return !!fn && {}.toString.call(fn) === '[object Function]';\n}\n\nexport function isPromise(obj) {\n return obj && obj.finally && (typeof obj.finally === 'function');\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport function isAbsoluteUrl(url) {\n return /^[a-z][a-z0-9+.-]*:/i.test(url);\n}\n\nexport function toAbsoluteUrl(url = '', baseUrl) {\n if (isAbsoluteUrl(url)) {\n return url;\n }\n baseUrl = removeTrailingSlash(baseUrl);\n return url[0] === '/' ? `${baseUrl}${url}` : `${baseUrl}/${url}`;\n}\n\nexport function toRelativeUrl(url = '', baseUrl) {\n if (isAbsoluteUrl(url)) {\n url = url.substring(baseUrl.length);\n }\n\n return url[0] === '/' ? url : `/${url}`;\n}\n\nexport function toQueryString(obj) {\n var str = [];\n if (obj !== null) {\n for (var key in obj) {\n if (Object.prototype.hasOwnProperty.call(obj, key) &&\n obj[key] !== undefined &&\n obj[key] !== null) {\n str.push(key + '=' + encodeURIComponent(obj[key]) as never);\n }\n }\n }\n if (str.length) {\n return '?' + str.join('&');\n } else {\n return '';\n }\n}\n\nexport function removeTrailingSlash(path) {\n if (!path) {\n return;\n }\n // Remove any whitespace before or after string\n var trimmed = path.replace(/^\\s+|\\s+$/gm,'');\n // Remove trailing slash(es)\n trimmed = trimmed.replace(/\\/+$/, '');\n\n return trimmed;\n}\n","'use strict';\n\nclass CancelError extends Error {\n\tconstructor(reason) {\n\t\tsuper(reason || 'Promise was canceled');\n\t\tthis.name = 'CancelError';\n\t}\n\n\tget isCanceled() {\n\t\treturn true;\n\t}\n}\n\nclass PCancelable {\n\tstatic fn(userFn) {\n\t\treturn (...arguments_) => {\n\t\t\treturn new PCancelable((resolve, reject, onCancel) => {\n\t\t\t\targuments_.push(onCancel);\n\t\t\t\t// eslint-disable-next-line promise/prefer-await-to-then\n\t\t\t\tuserFn(...arguments_).then(resolve, reject);\n\t\t\t});\n\t\t};\n\t}\n\n\tconstructor(executor) {\n\t\tthis._cancelHandlers = [];\n\t\tthis._isPending = true;\n\t\tthis._isCanceled = false;\n\t\tthis._rejectOnCancel = true;\n\n\t\tthis._promise = new Promise((resolve, reject) => {\n\t\t\tthis._reject = reject;\n\n\t\t\tconst onResolve = value => {\n\t\t\t\tif (!this._isCanceled || !onCancel.shouldReject) {\n\t\t\t\t\tthis._isPending = false;\n\t\t\t\t\tresolve(value);\n\t\t\t\t}\n\t\t\t};\n\n\t\t\tconst onReject = error => {\n\t\t\t\tthis._isPending = false;\n\t\t\t\treject(error);\n\t\t\t};\n\n\t\t\tconst onCancel = handler => {\n\t\t\t\tif (!this._isPending) {\n\t\t\t\t\tthrow new Error('The `onCancel` handler was attached after the promise settled.');\n\t\t\t\t}\n\n\t\t\t\tthis._cancelHandlers.push(handler);\n\t\t\t};\n\n\t\t\tObject.defineProperties(onCancel, {\n\t\t\t\tshouldReject: {\n\t\t\t\t\tget: () => this._rejectOnCancel,\n\t\t\t\t\tset: boolean => {\n\t\t\t\t\t\tthis._rejectOnCancel = boolean;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t});\n\n\t\t\treturn executor(onResolve, onReject, onCancel);\n\t\t});\n\t}\n\n\tthen(onFulfilled, onRejected) {\n\t\t// eslint-disable-next-line promise/prefer-await-to-then\n\t\treturn this._promise.then(onFulfilled, onRejected);\n\t}\n\n\tcatch(onRejected) {\n\t\treturn this._promise.catch(onRejected);\n\t}\n\n\tfinally(onFinally) {\n\t\treturn this._promise.finally(onFinally);\n\t}\n\n\tcancel(reason) {\n\t\tif (!this._isPending || this._isCanceled) {\n\t\t\treturn;\n\t\t}\n\n\t\tthis._isCanceled = true;\n\n\t\tif (this._cancelHandlers.length > 0) {\n\t\t\ttry {\n\t\t\t\tfor (const handler of this._cancelHandlers) {\n\t\t\t\t\thandler();\n\t\t\t\t}\n\t\t\t} catch (error) {\n\t\t\t\tthis._reject(error);\n\t\t\t\treturn;\n\t\t\t}\n\t\t}\n\n\t\tif (this._rejectOnCancel) {\n\t\t\tthis._reject(new CancelError(reason));\n\t\t}\n\t}\n\n\tget isCanceled() {\n\t\treturn this._isCanceled;\n\t}\n}\n\nObject.setPrototypeOf(PCancelable.prototype, Promise.prototype);\n\nmodule.exports = PCancelable;\nmodule.exports.CancelError = CancelError;\n","var global = typeof self !== 'undefined' ? self : this;\nvar __self__ = (function () {\nfunction F() {\nthis.fetch = false;\nthis.DOMException = global.DOMException\n}\nF.prototype = global;\nreturn new F();\n})();\n(function(self) {\n\nvar irrelevant = (function (exports) {\n\n var support = {\n searchParams: 'URLSearchParams' in self,\n iterable: 'Symbol' in self && 'iterator' in Symbol,\n blob:\n 'FileReader' in self &&\n 'Blob' in self &&\n (function() {\n try {\n new Blob();\n return true\n } catch (e) {\n return false\n }\n })(),\n formData: 'FormData' in self,\n arrayBuffer: 'ArrayBuffer' in self\n };\n\n function isDataView(obj) {\n return obj && DataView.prototype.isPrototypeOf(obj)\n }\n\n if (support.arrayBuffer) {\n var viewClasses = [\n '[object Int8Array]',\n '[object Uint8Array]',\n '[object Uint8ClampedArray]',\n '[object Int16Array]',\n '[object Uint16Array]',\n '[object Int32Array]',\n '[object Uint32Array]',\n '[object Float32Array]',\n '[object Float64Array]'\n ];\n\n var isArrayBufferView =\n ArrayBuffer.isView ||\n function(obj) {\n return obj && viewClasses.indexOf(Object.prototype.toString.call(obj)) > -1\n };\n }\n\n function normalizeName(name) {\n if (typeof name !== 'string') {\n name = String(name);\n }\n if (/[^a-z0-9\\-#$%&'*+.^_`|~]/i.test(name)) {\n throw new TypeError('Invalid character in header field name')\n }\n return name.toLowerCase()\n }\n\n function normalizeValue(value) {\n if (typeof value !== 'string') {\n value = String(value);\n }\n return value\n }\n\n // Build a destructive iterator for the value list\n function iteratorFor(items) {\n var iterator = {\n next: function() {\n var value = items.shift();\n return {done: value === undefined, value: value}\n }\n };\n\n if (support.iterable) {\n iterator[Symbol.iterator] = function() {\n return iterator\n };\n }\n\n return iterator\n }\n\n function Headers(headers) {\n this.map = {};\n\n if (headers instanceof Headers) {\n headers.forEach(function(value, name) {\n this.append(name, value);\n }, this);\n } else if (Array.isArray(headers)) {\n headers.forEach(function(header) {\n this.append(header[0], header[1]);\n }, this);\n } else if (headers) {\n Object.getOwnPropertyNames(headers).forEach(function(name) {\n this.append(name, headers[name]);\n }, this);\n }\n }\n\n Headers.prototype.append = function(name, value) {\n name = normalizeName(name);\n value = normalizeValue(value);\n var oldValue = this.map[name];\n this.map[name] = oldValue ? oldValue + ', ' + value : value;\n };\n\n Headers.prototype['delete'] = function(name) {\n delete this.map[normalizeName(name)];\n };\n\n Headers.prototype.get = function(name) {\n name = normalizeName(name);\n return this.has(name) ? this.map[name] : null\n };\n\n Headers.prototype.has = function(name) {\n return this.map.hasOwnProperty(normalizeName(name))\n };\n\n Headers.prototype.set = function(name, value) {\n this.map[normalizeName(name)] = normalizeValue(value);\n };\n\n Headers.prototype.forEach = function(callback, thisArg) {\n for (var name in this.map) {\n if (this.map.hasOwnProperty(name)) {\n callback.call(thisArg, this.map[name], name, this);\n }\n }\n };\n\n Headers.prototype.keys = function() {\n var items = [];\n this.forEach(function(value, name) {\n items.push(name);\n });\n return iteratorFor(items)\n };\n\n Headers.prototype.values = function() {\n var items = [];\n this.forEach(function(value) {\n items.push(value);\n });\n return iteratorFor(items)\n };\n\n Headers.prototype.entries = function() {\n var items = [];\n this.forEach(function(value, name) {\n items.push([name, value]);\n });\n return iteratorFor(items)\n };\n\n if (support.iterable) {\n Headers.prototype[Symbol.iterator] = Headers.prototype.entries;\n }\n\n function consumed(body) {\n if (body.bodyUsed) {\n return Promise.reject(new TypeError('Already read'))\n }\n body.bodyUsed = true;\n }\n\n function fileReaderReady(reader) {\n return new Promise(function(resolve, reject) {\n reader.onload = function() {\n resolve(reader.result);\n };\n reader.onerror = function() {\n reject(reader.error);\n };\n })\n }\n\n function readBlobAsArrayBuffer(blob) {\n var reader = new FileReader();\n var promise = fileReaderReady(reader);\n reader.readAsArrayBuffer(blob);\n return promise\n }\n\n function readBlobAsText(blob) {\n var reader = new FileReader();\n var promise = fileReaderReady(reader);\n reader.readAsText(blob);\n return promise\n }\n\n function readArrayBufferAsText(buf) {\n var view = new Uint8Array(buf);\n var chars = new Array(view.length);\n\n for (var i = 0; i < view.length; i++) {\n chars[i] = String.fromCharCode(view[i]);\n }\n return chars.join('')\n }\n\n function bufferClone(buf) {\n if (buf.slice) {\n return buf.slice(0)\n } else {\n var view = new Uint8Array(buf.byteLength);\n view.set(new Uint8Array(buf));\n return view.buffer\n }\n }\n\n function Body() {\n this.bodyUsed = false;\n\n this._initBody = function(body) {\n this._bodyInit = body;\n if (!body) {\n this._bodyText = '';\n } else if (typeof body === 'string') {\n this._bodyText = body;\n } else if (support.blob && Blob.prototype.isPrototypeOf(body)) {\n this._bodyBlob = body;\n } else if (support.formData && FormData.prototype.isPrototypeOf(body)) {\n this._bodyFormData = body;\n } else if (support.searchParams && URLSearchParams.prototype.isPrototypeOf(body)) {\n this._bodyText = body.toString();\n } else if (support.arrayBuffer && support.blob && isDataView(body)) {\n this._bodyArrayBuffer = bufferClone(body.buffer);\n // IE 10-11 can't handle a DataView body.\n this._bodyInit = new Blob([this._bodyArrayBuffer]);\n } else if (support.arrayBuffer && (ArrayBuffer.prototype.isPrototypeOf(body) || isArrayBufferView(body))) {\n this._bodyArrayBuffer = bufferClone(body);\n } else {\n this._bodyText = body = Object.prototype.toString.call(body);\n }\n\n if (!this.headers.get('content-type')) {\n if (typeof body === 'string') {\n this.headers.set('content-type', 'text/plain;charset=UTF-8');\n } else if (this._bodyBlob && this._bodyBlob.type) {\n this.headers.set('content-type', this._bodyBlob.type);\n } else if (support.searchParams && URLSearchParams.prototype.isPrototypeOf(body)) {\n this.headers.set('content-type', 'application/x-www-form-urlencoded;charset=UTF-8');\n }\n }\n };\n\n if (support.blob) {\n this.blob = function() {\n var rejected = consumed(this);\n if (rejected) {\n return rejected\n }\n\n if (this._bodyBlob) {\n return Promise.resolve(this._bodyBlob)\n } else if (this._bodyArrayBuffer) {\n return Promise.resolve(new Blob([this._bodyArrayBuffer]))\n } else if (this._bodyFormData) {\n throw new Error('could not read FormData body as blob')\n } else {\n return Promise.resolve(new Blob([this._bodyText]))\n }\n };\n\n this.arrayBuffer = function() {\n if (this._bodyArrayBuffer) {\n return consumed(this) || Promise.resolve(this._bodyArrayBuffer)\n } else {\n return this.blob().then(readBlobAsArrayBuffer)\n }\n };\n }\n\n this.text = function() {\n var rejected = consumed(this);\n if (rejected) {\n return rejected\n }\n\n if (this._bodyBlob) {\n return readBlobAsText(this._bodyBlob)\n } else if (this._bodyArrayBuffer) {\n return Promise.resolve(readArrayBufferAsText(this._bodyArrayBuffer))\n } else if (this._bodyFormData) {\n throw new Error('could not read FormData body as text')\n } else {\n return Promise.resolve(this._bodyText)\n }\n };\n\n if (support.formData) {\n this.formData = function() {\n return this.text().then(decode)\n };\n }\n\n this.json = function() {\n return this.text().then(JSON.parse)\n };\n\n return this\n }\n\n // HTTP methods whose capitalization should be normalized\n var methods = ['DELETE', 'GET', 'HEAD', 'OPTIONS', 'POST', 'PUT'];\n\n function normalizeMethod(method) {\n var upcased = method.toUpperCase();\n return methods.indexOf(upcased) > -1 ? upcased : method\n }\n\n function Request(input, options) {\n options = options || {};\n var body = options.body;\n\n if (input instanceof Request) {\n if (input.bodyUsed) {\n throw new TypeError('Already read')\n }\n this.url = input.url;\n this.credentials = input.credentials;\n if (!options.headers) {\n this.headers = new Headers(input.headers);\n }\n this.method = input.method;\n this.mode = input.mode;\n this.signal = input.signal;\n if (!body && input._bodyInit != null) {\n body = input._bodyInit;\n input.bodyUsed = true;\n }\n } else {\n this.url = String(input);\n }\n\n this.credentials = options.credentials || this.credentials || 'same-origin';\n if (options.headers || !this.headers) {\n this.headers = new Headers(options.headers);\n }\n this.method = normalizeMethod(options.method || this.method || 'GET');\n this.mode = options.mode || this.mode || null;\n this.signal = options.signal || this.signal;\n this.referrer = null;\n\n if ((this.method === 'GET' || this.method === 'HEAD') && body) {\n throw new TypeError('Body not allowed for GET or HEAD requests')\n }\n this._initBody(body);\n }\n\n Request.prototype.clone = function() {\n return new Request(this, {body: this._bodyInit})\n };\n\n function decode(body) {\n var form = new FormData();\n body\n .trim()\n .split('&')\n .forEach(function(bytes) {\n if (bytes) {\n var split = bytes.split('=');\n var name = split.shift().replace(/\\+/g, ' ');\n var value = split.join('=').replace(/\\+/g, ' ');\n form.append(decodeURIComponent(name), decodeURIComponent(value));\n }\n });\n return form\n }\n\n function parseHeaders(rawHeaders) {\n var headers = new Headers();\n // Replace instances of \\r\\n and \\n followed by at least one space or horizontal tab with a space\n // https://tools.ietf.org/html/rfc7230#section-3.2\n var preProcessedHeaders = rawHeaders.replace(/\\r?\\n[\\t ]+/g, ' ');\n preProcessedHeaders.split(/\\r?\\n/).forEach(function(line) {\n var parts = line.split(':');\n var key = parts.shift().trim();\n if (key) {\n var value = parts.join(':').trim();\n headers.append(key, value);\n }\n });\n return headers\n }\n\n Body.call(Request.prototype);\n\n function Response(bodyInit, options) {\n if (!options) {\n options = {};\n }\n\n this.type = 'default';\n this.status = options.status === undefined ? 200 : options.status;\n this.ok = this.status >= 200 && this.status < 300;\n this.statusText = 'statusText' in options ? options.statusText : 'OK';\n this.headers = new Headers(options.headers);\n this.url = options.url || '';\n this._initBody(bodyInit);\n }\n\n Body.call(Response.prototype);\n\n Response.prototype.clone = function() {\n return new Response(this._bodyInit, {\n status: this.status,\n statusText: this.statusText,\n headers: new Headers(this.headers),\n url: this.url\n })\n };\n\n Response.error = function() {\n var response = new Response(null, {status: 0, statusText: ''});\n response.type = 'error';\n return response\n };\n\n var redirectStatuses = [301, 302, 303, 307, 308];\n\n Response.redirect = function(url, status) {\n if (redirectStatuses.indexOf(status) === -1) {\n throw new RangeError('Invalid status code')\n }\n\n return new Response(null, {status: status, headers: {location: url}})\n };\n\n exports.DOMException = self.DOMException;\n try {\n new exports.DOMException();\n } catch (err) {\n exports.DOMException = function(message, name) {\n this.message = message;\n this.name = name;\n var error = Error(message);\n this.stack = error.stack;\n };\n exports.DOMException.prototype = Object.create(Error.prototype);\n exports.DOMException.prototype.constructor = exports.DOMException;\n }\n\n function fetch(input, init) {\n return new Promise(function(resolve, reject) {\n var request = new Request(input, init);\n\n if (request.signal && request.signal.aborted) {\n return reject(new exports.DOMException('Aborted', 'AbortError'))\n }\n\n var xhr = new XMLHttpRequest();\n\n function abortXhr() {\n xhr.abort();\n }\n\n xhr.onload = function() {\n var options = {\n status: xhr.status,\n statusText: xhr.statusText,\n headers: parseHeaders(xhr.getAllResponseHeaders() || '')\n };\n options.url = 'responseURL' in xhr ? xhr.responseURL : options.headers.get('X-Request-URL');\n var body = 'response' in xhr ? xhr.response : xhr.responseText;\n resolve(new Response(body, options));\n };\n\n xhr.onerror = function() {\n reject(new TypeError('Network request failed'));\n };\n\n xhr.ontimeout = function() {\n reject(new TypeError('Network request failed'));\n };\n\n xhr.onabort = function() {\n reject(new exports.DOMException('Aborted', 'AbortError'));\n };\n\n xhr.open(request.method, request.url, true);\n\n if (request.credentials === 'include') {\n xhr.withCredentials = true;\n } else if (request.credentials === 'omit') {\n xhr.withCredentials = false;\n }\n\n if ('responseType' in xhr && support.blob) {\n xhr.responseType = 'blob';\n }\n\n request.headers.forEach(function(value, name) {\n xhr.setRequestHeader(name, value);\n });\n\n if (request.signal) {\n request.signal.addEventListener('abort', abortXhr);\n\n xhr.onreadystatechange = function() {\n // DONE (success or failure)\n if (xhr.readyState === 4) {\n request.signal.removeEventListener('abort', abortXhr);\n }\n };\n }\n\n xhr.send(typeof request._bodyInit === 'undefined' ? null : request._bodyInit);\n })\n }\n\n fetch.polyfill = true;\n\n if (!self.fetch) {\n self.fetch = fetch;\n self.Headers = Headers;\n self.Request = Request;\n self.Response = Response;\n }\n\n exports.Headers = Headers;\n exports.Request = Request;\n exports.Response = Response;\n exports.fetch = fetch;\n\n Object.defineProperty(exports, '__esModule', { value: true });\n\n return exports;\n\n})({});\n})(__self__);\n__self__.fetch.ponyfill = true;\n// Remove \"polyfill\" property added by whatwg-fetch\ndelete __self__.fetch.polyfill;\n// Choose between native implementation (global) or custom implementation (__self__)\n// var ctx = global.fetch ? global : __self__;\nvar ctx = __self__; // this line disable service worker support temporarily\nexports = ctx.fetch // To enable: import fetch from 'cross-fetch'\nexports.default = ctx.fetch // For TypeScript consumers without esModuleInterop.\nexports.fetch = ctx.fetch // To enable: import {fetch} from 'cross-fetch'\nexports.Headers = ctx.Headers\nexports.Request = ctx.Request\nexports.Response = ctx.Response\nmodule.exports = exports\n","function E () {\n // Keep this empty so it's easier to inherit from\n // (via https://github.com/lipsmack from https://github.com/scottcorgan/tiny-emitter/issues/3)\n}\n\nE.prototype = {\n on: function (name, callback, ctx) {\n var e = this.e || (this.e = {});\n\n (e[name] || (e[name] = [])).push({\n fn: callback,\n ctx: ctx\n });\n\n return this;\n },\n\n once: function (name, callback, ctx) {\n var self = this;\n function listener () {\n self.off(name, listener);\n callback.apply(ctx, arguments);\n };\n\n listener._ = callback\n return this.on(name, listener, ctx);\n },\n\n emit: function (name) {\n var data = [].slice.call(arguments, 1);\n var evtArr = ((this.e || (this.e = {}))[name] || []).slice();\n var i = 0;\n var len = evtArr.length;\n\n for (i; i < len; i++) {\n evtArr[i].fn.apply(evtArr[i].ctx, data);\n }\n\n return this;\n },\n\n off: function (name, callback) {\n var e = this.e || (this.e = {});\n var evts = e[name];\n var liveEvents = [];\n\n if (evts && callback) {\n for (var i = 0, len = evts.length; i < len; i++) {\n if (evts[i].fn !== callback && evts[i].fn._ !== callback)\n liveEvents.push(evts[i]);\n }\n }\n\n // Remove event from queue to prevent memory leak\n // Suggested by https://github.com/lazd\n // Ref: https://github.com/scottcorgan/tiny-emitter/commit/c6ebfaa9bc973b33d110a84a307742b7cf94c953#commitcomment-5024910\n\n (liveEvents.length)\n ? e[name] = liveEvents\n : delete e[name];\n\n return this;\n }\n};\n\nmodule.exports = E;\n","function _assertThisInitialized(e) {\n if (void 0 === e) throw new ReferenceError(\"this hasn't been initialised - super() hasn't been called\");\n return e;\n}\nmodule.exports = _assertThisInitialized, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _classCallCheck(a, n) {\n if (!(a instanceof n)) throw new TypeError(\"Cannot call a class as a function\");\n}\nmodule.exports = _classCallCheck, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var isNativeReflectConstruct = require(\"./isNativeReflectConstruct.js\");\nvar setPrototypeOf = require(\"./setPrototypeOf.js\");\nfunction _construct(t, e, r) {\n if (isNativeReflectConstruct()) return Reflect.construct.apply(null, arguments);\n var o = [null];\n o.push.apply(o, e);\n var p = new (t.bind.apply(t, o))();\n return r && setPrototypeOf(p, r.prototype), p;\n}\nmodule.exports = _construct, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var toPropertyKey = require(\"./toPropertyKey.js\");\nfunction _defineProperties(e, r) {\n for (var t = 0; t < r.length; t++) {\n var o = r[t];\n o.enumerable = o.enumerable || !1, o.configurable = !0, \"value\" in o && (o.writable = !0), Object.defineProperty(e, toPropertyKey(o.key), o);\n }\n}\nfunction _createClass(e, r, t) {\n return r && _defineProperties(e.prototype, r), t && _defineProperties(e, t), Object.defineProperty(e, \"prototype\", {\n writable: !1\n }), e;\n}\nmodule.exports = _createClass, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _getPrototypeOf(t) {\n return module.exports = _getPrototypeOf = Object.setPrototypeOf ? Object.getPrototypeOf.bind() : function (t) {\n return t.__proto__ || Object.getPrototypeOf(t);\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports, _getPrototypeOf(t);\n}\nmodule.exports = _getPrototypeOf, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var setPrototypeOf = require(\"./setPrototypeOf.js\");\nfunction _inherits(t, e) {\n if (\"function\" != typeof e && null !== e) throw new TypeError(\"Super expression must either be null or a function\");\n t.prototype = Object.create(e && e.prototype, {\n constructor: {\n value: t,\n writable: !0,\n configurable: !0\n }\n }), Object.defineProperty(t, \"prototype\", {\n writable: !1\n }), e && setPrototypeOf(t, e);\n}\nmodule.exports = _inherits, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _isNativeFunction(t) {\n try {\n return -1 !== Function.toString.call(t).indexOf(\"[native code]\");\n } catch (n) {\n return \"function\" == typeof t;\n }\n}\nmodule.exports = _isNativeFunction, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _isNativeReflectConstruct() {\n try {\n var t = !Boolean.prototype.valueOf.call(Reflect.construct(Boolean, [], function () {}));\n } catch (t) {}\n return (module.exports = _isNativeReflectConstruct = function _isNativeReflectConstruct() {\n return !!t;\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports)();\n}\nmodule.exports = _isNativeReflectConstruct, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var _typeof = require(\"./typeof.js\")[\"default\"];\nvar assertThisInitialized = require(\"./assertThisInitialized.js\");\nfunction _possibleConstructorReturn(t, e) {\n if (e && (\"object\" == _typeof(e) || \"function\" == typeof e)) return e;\n if (void 0 !== e) throw new TypeError(\"Derived constructors may only return object or undefined\");\n return assertThisInitialized(t);\n}\nmodule.exports = _possibleConstructorReturn, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var _typeof = require(\"./typeof.js\")[\"default\"];\nfunction _regeneratorRuntime() {\n \"use strict\"; /*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/facebook/regenerator/blob/main/LICENSE */\n module.exports = _regeneratorRuntime = function _regeneratorRuntime() {\n return e;\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;\n var t,\n e = {},\n r = Object.prototype,\n n = r.hasOwnProperty,\n o = Object.defineProperty || function (t, e, r) {\n t[e] = r.value;\n },\n i = \"function\" == typeof Symbol ? Symbol : {},\n a = i.iterator || \"@@iterator\",\n c = i.asyncIterator || \"@@asyncIterator\",\n u = i.toStringTag || \"@@toStringTag\";\n function define(t, e, r) {\n return Object.defineProperty(t, e, {\n value: r,\n enumerable: !0,\n configurable: !0,\n writable: !0\n }), t[e];\n }\n try {\n define({}, \"\");\n } catch (t) {\n define = function define(t, e, r) {\n return t[e] = r;\n };\n }\n function wrap(t, e, r, n) {\n var i = e && e.prototype instanceof Generator ? e : Generator,\n a = Object.create(i.prototype),\n c = new Context(n || []);\n return o(a, \"_invoke\", {\n value: makeInvokeMethod(t, r, c)\n }), a;\n }\n function tryCatch(t, e, r) {\n try {\n return {\n type: \"normal\",\n arg: t.call(e, r)\n };\n } catch (t) {\n return {\n type: \"throw\",\n arg: t\n };\n }\n }\n e.wrap = wrap;\n var h = \"suspendedStart\",\n l = \"suspendedYield\",\n f = \"executing\",\n s = \"completed\",\n y = {};\n function Generator() {}\n function GeneratorFunction() {}\n function GeneratorFunctionPrototype() {}\n var p = {};\n define(p, a, function () {\n return this;\n });\n var d = Object.getPrototypeOf,\n v = d && d(d(values([])));\n v && v !== r && n.call(v, a) && (p = v);\n var g = GeneratorFunctionPrototype.prototype = Generator.prototype = Object.create(p);\n function defineIteratorMethods(t) {\n [\"next\", \"throw\", \"return\"].forEach(function (e) {\n define(t, e, function (t) {\n return this._invoke(e, t);\n });\n });\n }\n function AsyncIterator(t, e) {\n function invoke(r, o, i, a) {\n var c = tryCatch(t[r], t, o);\n if (\"throw\" !== c.type) {\n var u = c.arg,\n h = u.value;\n return h && \"object\" == _typeof(h) && n.call(h, \"__await\") ? e.resolve(h.__await).then(function (t) {\n invoke(\"next\", t, i, a);\n }, function (t) {\n invoke(\"throw\", t, i, a);\n }) : e.resolve(h).then(function (t) {\n u.value = t, i(u);\n }, function (t) {\n return invoke(\"throw\", t, i, a);\n });\n }\n a(c.arg);\n }\n var r;\n o(this, \"_invoke\", {\n value: function value(t, n) {\n function callInvokeWithMethodAndArg() {\n return new e(function (e, r) {\n invoke(t, n, e, r);\n });\n }\n return r = r ? r.then(callInvokeWithMethodAndArg, callInvokeWithMethodAndArg) : callInvokeWithMethodAndArg();\n }\n });\n }\n function makeInvokeMethod(e, r, n) {\n var o = h;\n return function (i, a) {\n if (o === f) throw Error(\"Generator is already running\");\n if (o === s) {\n if (\"throw\" === i) throw a;\n return {\n value: t,\n done: !0\n };\n }\n for (n.method = i, n.arg = a;;) {\n var c = n.delegate;\n if (c) {\n var u = maybeInvokeDelegate(c, n);\n if (u) {\n if (u === y) continue;\n return u;\n }\n }\n if (\"next\" === n.method) n.sent = n._sent = n.arg;else if (\"throw\" === n.method) {\n if (o === h) throw o = s, n.arg;\n n.dispatchException(n.arg);\n } else \"return\" === n.method && n.abrupt(\"return\", n.arg);\n o = f;\n var p = tryCatch(e, r, n);\n if (\"normal\" === p.type) {\n if (o = n.done ? s : l, p.arg === y) continue;\n return {\n value: p.arg,\n done: n.done\n };\n }\n \"throw\" === p.type && (o = s, n.method = \"throw\", n.arg = p.arg);\n }\n };\n }\n function maybeInvokeDelegate(e, r) {\n var n = r.method,\n o = e.iterator[n];\n if (o === t) return r.delegate = null, \"throw\" === n && e.iterator[\"return\"] && (r.method = \"return\", r.arg = t, maybeInvokeDelegate(e, r), \"throw\" === r.method) || \"return\" !== n && (r.method = \"throw\", r.arg = new TypeError(\"The iterator does not provide a '\" + n + \"' method\")), y;\n var i = tryCatch(o, e.iterator, r.arg);\n if (\"throw\" === i.type) return r.method = \"throw\", r.arg = i.arg, r.delegate = null, y;\n var a = i.arg;\n return a ? a.done ? (r[e.resultName] = a.value, r.next = e.nextLoc, \"return\" !== r.method && (r.method = \"next\", r.arg = t), r.delegate = null, y) : a : (r.method = \"throw\", r.arg = new TypeError(\"iterator result is not an object\"), r.delegate = null, y);\n }\n function pushTryEntry(t) {\n var e = {\n tryLoc: t[0]\n };\n 1 in t && (e.catchLoc = t[1]), 2 in t && (e.finallyLoc = t[2], e.afterLoc = t[3]), this.tryEntries.push(e);\n }\n function resetTryEntry(t) {\n var e = t.completion || {};\n e.type = \"normal\", delete e.arg, t.completion = e;\n }\n function Context(t) {\n this.tryEntries = [{\n tryLoc: \"root\"\n }], t.forEach(pushTryEntry, this), this.reset(!0);\n }\n function values(e) {\n if (e || \"\" === e) {\n var r = e[a];\n if (r) return r.call(e);\n if (\"function\" == typeof e.next) return e;\n if (!isNaN(e.length)) {\n var o = -1,\n i = function next() {\n for (; ++o < e.length;) if (n.call(e, o)) return next.value = e[o], next.done = !1, next;\n return next.value = t, next.done = !0, next;\n };\n return i.next = i;\n }\n }\n throw new TypeError(_typeof(e) + \" is not iterable\");\n }\n return GeneratorFunction.prototype = GeneratorFunctionPrototype, o(g, \"constructor\", {\n value: GeneratorFunctionPrototype,\n configurable: !0\n }), o(GeneratorFunctionPrototype, \"constructor\", {\n value: GeneratorFunction,\n configurable: !0\n }), GeneratorFunction.displayName = define(GeneratorFunctionPrototype, u, \"GeneratorFunction\"), e.isGeneratorFunction = function (t) {\n var e = \"function\" == typeof t && t.constructor;\n return !!e && (e === GeneratorFunction || \"GeneratorFunction\" === (e.displayName || e.name));\n }, e.mark = function (t) {\n return Object.setPrototypeOf ? Object.setPrototypeOf(t, GeneratorFunctionPrototype) : (t.__proto__ = GeneratorFunctionPrototype, define(t, u, \"GeneratorFunction\")), t.prototype = Object.create(g), t;\n }, e.awrap = function (t) {\n return {\n __await: t\n };\n }, defineIteratorMethods(AsyncIterator.prototype), define(AsyncIterator.prototype, c, function () {\n return this;\n }), e.AsyncIterator = AsyncIterator, e.async = function (t, r, n, o, i) {\n void 0 === i && (i = Promise);\n var a = new AsyncIterator(wrap(t, r, n, o), i);\n return e.isGeneratorFunction(r) ? a : a.next().then(function (t) {\n return t.done ? t.value : a.next();\n });\n }, defineIteratorMethods(g), define(g, u, \"Generator\"), define(g, a, function () {\n return this;\n }), define(g, \"toString\", function () {\n return \"[object Generator]\";\n }), e.keys = function (t) {\n var e = Object(t),\n r = [];\n for (var n in e) r.push(n);\n return r.reverse(), function next() {\n for (; r.length;) {\n var t = r.pop();\n if (t in e) return next.value = t, next.done = !1, next;\n }\n return next.done = !0, next;\n };\n }, e.values = values, Context.prototype = {\n constructor: Context,\n reset: function reset(e) {\n if (this.prev = 0, this.next = 0, this.sent = this._sent = t, this.done = !1, this.delegate = null, this.method = \"next\", this.arg = t, this.tryEntries.forEach(resetTryEntry), !e) for (var r in this) \"t\" === r.charAt(0) && n.call(this, r) && !isNaN(+r.slice(1)) && (this[r] = t);\n },\n stop: function stop() {\n this.done = !0;\n var t = this.tryEntries[0].completion;\n if (\"throw\" === t.type) throw t.arg;\n return this.rval;\n },\n dispatchException: function dispatchException(e) {\n if (this.done) throw e;\n var r = this;\n function handle(n, o) {\n return a.type = \"throw\", a.arg = e, r.next = n, o && (r.method = \"next\", r.arg = t), !!o;\n }\n for (var o = this.tryEntries.length - 1; o >= 0; --o) {\n var i = this.tryEntries[o],\n a = i.completion;\n if (\"root\" === i.tryLoc) return handle(\"end\");\n if (i.tryLoc <= this.prev) {\n var c = n.call(i, \"catchLoc\"),\n u = n.call(i, \"finallyLoc\");\n if (c && u) {\n if (this.prev < i.catchLoc) return handle(i.catchLoc, !0);\n if (this.prev < i.finallyLoc) return handle(i.finallyLoc);\n } else if (c) {\n if (this.prev < i.catchLoc) return handle(i.catchLoc, !0);\n } else {\n if (!u) throw Error(\"try statement without catch or finally\");\n if (this.prev < i.finallyLoc) return handle(i.finallyLoc);\n }\n }\n }\n },\n abrupt: function abrupt(t, e) {\n for (var r = this.tryEntries.length - 1; r >= 0; --r) {\n var o = this.tryEntries[r];\n if (o.tryLoc <= this.prev && n.call(o, \"finallyLoc\") && this.prev < o.finallyLoc) {\n var i = o;\n break;\n }\n }\n i && (\"break\" === t || \"continue\" === t) && i.tryLoc <= e && e <= i.finallyLoc && (i = null);\n var a = i ? i.completion : {};\n return a.type = t, a.arg = e, i ? (this.method = \"next\", this.next = i.finallyLoc, y) : this.complete(a);\n },\n complete: function complete(t, e) {\n if (\"throw\" === t.type) throw t.arg;\n return \"break\" === t.type || \"continue\" === t.type ? this.next = t.arg : \"return\" === t.type ? (this.rval = this.arg = t.arg, this.method = \"return\", this.next = \"end\") : \"normal\" === t.type && e && (this.next = e), y;\n },\n finish: function finish(t) {\n for (var e = this.tryEntries.length - 1; e >= 0; --e) {\n var r = this.tryEntries[e];\n if (r.finallyLoc === t) return this.complete(r.completion, r.afterLoc), resetTryEntry(r), y;\n }\n },\n \"catch\": function _catch(t) {\n for (var e = this.tryEntries.length - 1; e >= 0; --e) {\n var r = this.tryEntries[e];\n if (r.tryLoc === t) {\n var n = r.completion;\n if (\"throw\" === n.type) {\n var o = n.arg;\n resetTryEntry(r);\n }\n return o;\n }\n }\n throw Error(\"illegal catch attempt\");\n },\n delegateYield: function delegateYield(e, r, n) {\n return this.delegate = {\n iterator: values(e),\n resultName: r,\n nextLoc: n\n }, \"next\" === this.method && (this.arg = t), y;\n }\n }, e;\n}\nmodule.exports = _regeneratorRuntime, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _setPrototypeOf(t, e) {\n return module.exports = _setPrototypeOf = Object.setPrototypeOf ? Object.setPrototypeOf.bind() : function (t, e) {\n return t.__proto__ = e, t;\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports, _setPrototypeOf(t, e);\n}\nmodule.exports = _setPrototypeOf, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var _typeof = require(\"./typeof.js\")[\"default\"];\nfunction toPrimitive(t, r) {\n if (\"object\" != _typeof(t) || !t) return t;\n var e = t[Symbol.toPrimitive];\n if (void 0 !== e) {\n var i = e.call(t, r || \"default\");\n if (\"object\" != _typeof(i)) return i;\n throw new TypeError(\"@@toPrimitive must return a primitive value.\");\n }\n return (\"string\" === r ? String : Number)(t);\n}\nmodule.exports = toPrimitive, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var _typeof = require(\"./typeof.js\")[\"default\"];\nvar toPrimitive = require(\"./toPrimitive.js\");\nfunction toPropertyKey(t) {\n var i = toPrimitive(t, \"string\");\n return \"symbol\" == _typeof(i) ? i : i + \"\";\n}\nmodule.exports = toPropertyKey, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _typeof(o) {\n \"@babel/helpers - typeof\";\n\n return module.exports = _typeof = \"function\" == typeof Symbol && \"symbol\" == typeof Symbol.iterator ? function (o) {\n return typeof o;\n } : function (o) {\n return o && \"function\" == typeof Symbol && o.constructor === Symbol && o !== Symbol.prototype ? \"symbol\" : typeof o;\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports, _typeof(o);\n}\nmodule.exports = _typeof, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var getPrototypeOf = require(\"./getPrototypeOf.js\");\nvar setPrototypeOf = require(\"./setPrototypeOf.js\");\nvar isNativeFunction = require(\"./isNativeFunction.js\");\nvar construct = require(\"./construct.js\");\nfunction _wrapNativeSuper(t) {\n var r = \"function\" == typeof Map ? new Map() : void 0;\n return module.exports = _wrapNativeSuper = function _wrapNativeSuper(t) {\n if (null === t || !isNativeFunction(t)) return t;\n if (\"function\" != typeof t) throw new TypeError(\"Super expression must either be null or a function\");\n if (void 0 !== r) {\n if (r.has(t)) return r.get(t);\n r.set(t, Wrapper);\n }\n function Wrapper() {\n return construct(t, arguments, getPrototypeOf(this).constructor);\n }\n return Wrapper.prototype = Object.create(t.prototype, {\n constructor: {\n value: Wrapper,\n enumerable: !1,\n writable: !0,\n configurable: !0\n }\n }), setPrototypeOf(Wrapper, t);\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports, _wrapNativeSuper(t);\n}\nmodule.exports = _wrapNativeSuper, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","// TODO(Babel 8): Remove this file.\n\nvar runtime = require(\"../helpers/regeneratorRuntime\")();\nmodule.exports = runtime;\n\n// Copied from https://github.com/facebook/regenerator/blob/main/packages/runtime/runtime.js#L736=\ntry {\n regeneratorRuntime = runtime;\n} catch (accidentalStrictMode) {\n if (typeof globalThis === \"object\") {\n globalThis.regeneratorRuntime = runtime;\n } else {\n Function(\"r\", \"regeneratorRuntime = r\")(runtime);\n }\n}\n","function _arrayLikeToArray(r, a) {\n (null == a || a > r.length) && (a = r.length);\n for (var e = 0, n = Array(a); e < a; e++) n[e] = r[e];\n return n;\n}\nexport { _arrayLikeToArray as default };","function _assertThisInitialized(e) {\n if (void 0 === e) throw new ReferenceError(\"this hasn't been initialised - super() hasn't been called\");\n return e;\n}\nexport { _assertThisInitialized as default };","function asyncGeneratorStep(n, t, e, r, o, a, c) {\n try {\n var i = n[a](c),\n u = i.value;\n } catch (n) {\n return void e(n);\n }\n i.done ? t(u) : Promise.resolve(u).then(r, o);\n}\nfunction _asyncToGenerator(n) {\n return function () {\n var t = this,\n e = arguments;\n return new Promise(function (r, o) {\n var a = n.apply(t, e);\n function _next(n) {\n asyncGeneratorStep(a, r, o, _next, _throw, \"next\", n);\n }\n function _throw(n) {\n asyncGeneratorStep(a, r, o, _next, _throw, \"throw\", n);\n }\n _next(void 0);\n });\n };\n}\nexport { _asyncToGenerator as default };","function _classCallCheck(a, n) {\n if (!(a instanceof n)) throw new TypeError(\"Cannot call a class as a function\");\n}\nexport { _classCallCheck as default };","import toPropertyKey from \"./toPropertyKey.js\";\nfunction _defineProperties(e, r) {\n for (var t = 0; t < r.length; t++) {\n var o = r[t];\n o.enumerable = o.enumerable || !1, o.configurable = !0, \"value\" in o && (o.writable = !0), Object.defineProperty(e, toPropertyKey(o.key), o);\n }\n}\nfunction _createClass(e, r, t) {\n return r && _defineProperties(e.prototype, r), t && _defineProperties(e, t), Object.defineProperty(e, \"prototype\", {\n writable: !1\n }), e;\n}\nexport { _createClass as default };","import toPropertyKey from \"./toPropertyKey.js\";\nfunction _defineProperty(e, r, t) {\n return (r = toPropertyKey(r)) in e ? Object.defineProperty(e, r, {\n value: t,\n enumerable: !0,\n configurable: !0,\n writable: !0\n }) : e[r] = t, e;\n}\nexport { _defineProperty as default };","function _getPrototypeOf(t) {\n return _getPrototypeOf = Object.setPrototypeOf ? Object.getPrototypeOf.bind() : function (t) {\n return t.__proto__ || Object.getPrototypeOf(t);\n }, _getPrototypeOf(t);\n}\nexport { _getPrototypeOf as default };","import setPrototypeOf from \"./setPrototypeOf.js\";\nfunction _inherits(t, e) {\n if (\"function\" != typeof e && null !== e) throw new TypeError(\"Super expression must either be null or a function\");\n t.prototype = Object.create(e && e.prototype, {\n constructor: {\n value: t,\n writable: !0,\n configurable: !0\n }\n }), Object.defineProperty(t, \"prototype\", {\n writable: !1\n }), e && setPrototypeOf(t, e);\n}\nexport { _inherits as default };","import objectWithoutPropertiesLoose from \"./objectWithoutPropertiesLoose.js\";\nfunction _objectWithoutProperties(e, t) {\n if (null == e) return {};\n var o,\n r,\n i = objectWithoutPropertiesLoose(e, t);\n if (Object.getOwnPropertySymbols) {\n var n = Object.getOwnPropertySymbols(e);\n for (r = 0; r < n.length; r++) o = n[r], -1 === t.indexOf(o) && {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]);\n }\n return i;\n}\nexport { _objectWithoutProperties as default };","function _objectWithoutPropertiesLoose(r, e) {\n if (null == r) return {};\n var t = {};\n for (var n in r) if ({}.hasOwnProperty.call(r, n)) {\n if (-1 !== e.indexOf(n)) continue;\n t[n] = r[n];\n }\n return t;\n}\nexport { _objectWithoutPropertiesLoose as default };","import _typeof from \"./typeof.js\";\nimport assertThisInitialized from \"./assertThisInitialized.js\";\nfunction _possibleConstructorReturn(t, e) {\n if (e && (\"object\" == _typeof(e) || \"function\" == typeof e)) return e;\n if (void 0 !== e) throw new TypeError(\"Derived constructors may only return object or undefined\");\n return assertThisInitialized(t);\n}\nexport { _possibleConstructorReturn as default };","function _setPrototypeOf(t, e) {\n return _setPrototypeOf = Object.setPrototypeOf ? Object.setPrototypeOf.bind() : function (t, e) {\n return t.__proto__ = e, t;\n }, _setPrototypeOf(t, e);\n}\nexport { _setPrototypeOf as default };","import arrayWithHoles from \"./arrayWithHoles.js\";\nimport iterableToArrayLimit from \"./iterableToArrayLimit.js\";\nimport unsupportedIterableToArray from \"./unsupportedIterableToArray.js\";\nimport nonIterableRest from \"./nonIterableRest.js\";\nfunction _slicedToArray(r, e) {\n return arrayWithHoles(r) || iterableToArrayLimit(r, e) || unsupportedIterableToArray(r, e) || nonIterableRest();\n}\nexport { _slicedToArray as default };","function _arrayWithHoles(r) {\n if (Array.isArray(r)) return r;\n}\nexport { _arrayWithHoles as default };","function _iterableToArrayLimit(r, l) {\n var t = null == r ? null : \"undefined\" != typeof Symbol && r[Symbol.iterator] || r[\"@@iterator\"];\n if (null != t) {\n var e,\n n,\n i,\n u,\n a = [],\n f = !0,\n o = !1;\n try {\n if (i = (t = t.call(r)).next, 0 === l) {\n if (Object(t) !== t) return;\n f = !1;\n } else for (; !(f = (e = i.call(t)).done) && (a.push(e.value), a.length !== l); f = !0);\n } catch (r) {\n o = !0, n = r;\n } finally {\n try {\n if (!f && null != t[\"return\"] && (u = t[\"return\"](), Object(u) !== u)) return;\n } finally {\n if (o) throw n;\n }\n }\n return a;\n }\n}\nexport { _iterableToArrayLimit as default };","function _nonIterableRest() {\n throw new TypeError(\"Invalid attempt to destructure non-iterable instance.\\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.\");\n}\nexport { _nonIterableRest as default };","import arrayWithoutHoles from \"./arrayWithoutHoles.js\";\nimport iterableToArray from \"./iterableToArray.js\";\nimport unsupportedIterableToArray from \"./unsupportedIterableToArray.js\";\nimport nonIterableSpread from \"./nonIterableSpread.js\";\nfunction _toConsumableArray(r) {\n return arrayWithoutHoles(r) || iterableToArray(r) || unsupportedIterableToArray(r) || nonIterableSpread();\n}\nexport { _toConsumableArray as default };","import arrayLikeToArray from \"./arrayLikeToArray.js\";\nfunction _arrayWithoutHoles(r) {\n if (Array.isArray(r)) return arrayLikeToArray(r);\n}\nexport { _arrayWithoutHoles as default };","function _iterableToArray(r) {\n if (\"undefined\" != typeof Symbol && null != r[Symbol.iterator] || null != r[\"@@iterator\"]) return Array.from(r);\n}\nexport { _iterableToArray as default };","function _nonIterableSpread() {\n throw new TypeError(\"Invalid attempt to spread non-iterable instance.\\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.\");\n}\nexport { _nonIterableSpread as default };","import _typeof from \"./typeof.js\";\nimport toPrimitive from \"./toPrimitive.js\";\nfunction toPropertyKey(t) {\n var i = toPrimitive(t, \"string\");\n return \"symbol\" == _typeof(i) ? i : i + \"\";\n}\nexport { toPropertyKey as default };","import _typeof from \"./typeof.js\";\nfunction toPrimitive(t, r) {\n if (\"object\" != _typeof(t) || !t) return t;\n var e = t[Symbol.toPrimitive];\n if (void 0 !== e) {\n var i = e.call(t, r || \"default\");\n if (\"object\" != _typeof(i)) return i;\n throw new TypeError(\"@@toPrimitive must return a primitive value.\");\n }\n return (\"string\" === r ? String : Number)(t);\n}\nexport { toPrimitive as default };","function _typeof(o) {\n \"@babel/helpers - typeof\";\n\n return _typeof = \"function\" == typeof Symbol && \"symbol\" == typeof Symbol.iterator ? function (o) {\n return typeof o;\n } : function (o) {\n return o && \"function\" == typeof Symbol && o.constructor === Symbol && o !== Symbol.prototype ? \"symbol\" : typeof o;\n }, _typeof(o);\n}\nexport { _typeof as default };","import arrayLikeToArray from \"./arrayLikeToArray.js\";\nfunction _unsupportedIterableToArray(r, a) {\n if (r) {\n if (\"string\" == typeof r) return arrayLikeToArray(r, a);\n var t = {}.toString.call(r).slice(8, -1);\n return \"Object\" === t && r.constructor && (t = r.constructor.name), \"Map\" === t || \"Set\" === t ? Array.from(r) : \"Arguments\" === t || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(t) ? arrayLikeToArray(r, a) : void 0;\n }\n}\nexport { _unsupportedIterableToArray as default };","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\t__webpack_modules__[moduleId].call(module.exports, module, module.exports, __webpack_require__);\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","// getDefaultExport function for compatibility with non-harmony modules\n__webpack_require__.n = function(module) {\n\tvar getter = module && module.__esModule ?\n\t\tfunction() { return module['default']; } :\n\t\tfunction() { return module; };\n\t__webpack_require__.d(getter, { a: getter });\n\treturn getter;\n};","// define getter functions for harmony exports\n__webpack_require__.d = function(exports, definition) {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","__webpack_require__.g = (function() {\n\tif (typeof globalThis === 'object') return globalThis;\n\ttry {\n\t\treturn this || new Function('return this')();\n\t} catch (e) {\n\t\tif (typeof window === 'object') return window;\n\t}\n})();","__webpack_require__.o = function(obj, prop) { return Object.prototype.hasOwnProperty.call(obj, prop); }","// define __esModule on exports\n__webpack_require__.r = function(exports) {\n\tif(typeof Symbol !== 'undefined' && Symbol.toStringTag) {\n\t\tObject.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });\n\t}\n\tObject.defineProperty(exports, '__esModule', { value: true });\n};","import {\n OktaAuthOptionsConstructor,\n} from '../base';\nimport {\n StorageManagerConstructor,\n} from '../storage';\nimport {\n createTransactionManager,\n TransactionManagerConstructor\n} from '../oidc';\nimport {\n createCoreOptionsConstructor,\n createCoreStorageManager,\n CoreStorageManagerInterface,\n OktaAuthCoreOptions,\n} from '../core';\nimport { createOktaAuthMyAccount } from '../myaccount';\n\n\n// eslint-disable-next-line @typescript-eslint/no-empty-interface\nexport interface OktaAuthOptions extends OktaAuthCoreOptions {}\n\nconst OptionsConstructor: OktaAuthOptionsConstructor<OktaAuthOptions> = createCoreOptionsConstructor();\nconst StorageManager: StorageManagerConstructor<CoreStorageManagerInterface> = createCoreStorageManager();\nconst TransactionManager: TransactionManagerConstructor = createTransactionManager();\n\nconst OktaAuthMyAccount = createOktaAuthMyAccount(StorageManager, OptionsConstructor, TransactionManager);\n\nclass OktaAuth extends OktaAuthMyAccount {\n constructor(options: OktaAuthOptions) {\n super(options);\n }\n}\n\nexport default OktaAuth;\nexport { OktaAuth };\nexport * from './common';\nexport * from '../myaccount';\n\n"],"names":["root","factory","exports","module","define","amd","self","createOktaAuthBase","OptionsConstructor","OktaAuthBase","options","length","this","removeNils","emitter","Emitter","features","constants","prototype","Object","assign","createBaseOptionsConstructor","args","devMode","target","i","arguments","source","key","api","init","converter","defaultAttributes","set","value","attributes","document","expires","Date","now","toUTCString","encodeURIComponent","replace","decodeURIComponent","escape","stringifiedAttributes","attributeName","split","cookie","write","create","get","cookies","jar","parts","slice","join","foundKey","read","e","remove","withAttributes","withConverter","freeze","path","storageUtil","browserHasLocalStorage","storage","getLocalStorage","testStorage","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","storageProvider","getCookieStorage","getInMemoryStorage","AuthSdkError","findStorageType","types","curType","nextType","shift","warn","isIE11OrLess","window","onstorage","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","setItem","expiresAt","removeItem","delete","useSeparateCookies","data","keys","forEach","k","indexOf","JSON","parse","stringify","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","Cookies","STATE_TOKEN_KEY_NAME","DEFAULT_POLLING_DELAY","IOS_MAX_RETRY_COUNT","DEFAULT_MAX_CLOCK_SKEW","DEFAULT_CACHE_DURATION","TOKEN_STORAGE_NAME","CACHE_STORAGE_NAME","PKCE_STORAGE_NAME","TRANSACTION_STORAGE_NAME","SHARED_TRANSACTION_STORAGE_NAME","ORIGINAL_URI_STORAGE_NAME","IDX_RESPONSE_STORAGE_NAME","ACCESS_TOKEN_STORAGE_KEY","ID_TOKEN_STORAGE_KEY","REFRESH_TOKEN_STORAGE_KEY","REFERRER_PATH_STORAGE_KEY","MIN_VERIFIER_LENGTH","MAX_VERIFIER_LENGTH","DEFAULT_CODE_CHALLENGE_METHOD","IDX_API_VERSION","INITIAL_AUTH_STATE","DEFAULT_PENDING","updateAuthStatePromise","canceledTimes","EVENT_AUTH_STATE_CHANGE","AuthStateManager","sdk","_sdk","_pending","_authState","_logOptions","_prevAuthState","_transformQueue","PromiseQueue","quiet","tokenManager","on","EVENT_ADDED","token","_setLogOptions","event","updateAuthState","EVENT_REMOVED","transformAuthState","log","status","getConsole","group","groupEnd","emitAuthStateChange","authState","prevState","state","isAuthenticated","idToken","accessToken","error","emit","finalPromise","origPromise","then","curPromise","getAuthState","cancel","cancelablePromise","PCancelable","resolve","_","onCancel","shouldReject","emitAndResolve","isCanceled","getTokensSync","refreshToken","push","Promise","catch","handler","off","PROMISE_RESOLVED_TRUE","PROMISE_RESOLVED_VOID","sleep","time","resolveWith","res","setTimeout","randomToken","Math","random","toString","substring","lastMs","additional","microSeconds","ms","getTime","NativeMethod","channelName","messagesCallback","bc","BroadcastChannel","subFns","onmessage","msg","close","channelState","onMessage","fn","postMessage","messageJson","err","reject","canBeUsed","_pubkey","Error","type","averageResponseTime","ttl","Map","ObliviousSet","map","has","_to","_this","obliviousSet","olderThen","iterator","Symbol","next","removeTooOldValues","clear","originalOptions","undefined","webWorkerSupport","idb","fallbackInterval","onclose","localstorage","removeTimeout","methods","node","maxParallelWrites","useFastPath","OBJECT_STORE_ID","TRANSACTION_SETTINGS","durability","getIdb","indexedDB","mozIndexedDB","webkitIndexedDB","msIndexedDB","commitIndexedDBTransaction","tx","commit","_readLoop","closed","readNewMessages","db","lastCursorId","transaction","objectStore","ret","keyRangeValue","IDBKeyRange","bound","Infinity","getAll","getAllRequest","rej","onerror","onsuccess","result","openCursorRequest","openCursor","ev","cursor","id","getMessagesHigherThan","newerMessages","useMessages","filter","msgObj","uuid","eMIs","messagesCallbackTime","_filterMessage","sort","msgObjA","msgObjB","add","IndexedDBMethod","dbName","openRequest","open","onupgradeneeded","createObjectStore","keyPath","autoIncrement","createDatabase","writeBlockPromise","readQueuePromises","readerUuid","writeObject","oncomplete","writeMessage","floor","msgObk","tooOld","ids","all","deleteRequest","removeMessagesById","cleanOldMessages","ls","LocalstorageMethod","listener","newValue","addEventListener","addStorageEventListener","removeEventListener","writeObj","createEvent","initEvent","dispatchEvent","userAgent","navigator","toLowerCase","includes","defaultTime","SIMULATE_CHANNELS","Set","SimulateMethod","Array","from","channel","METHODS","OPEN_BROADCAST_CHANNELS","lastId","maybePromise","obj","method","chooseMethods","concat","Boolean","find","m","useMethod","_iL","_onML","_addEL","message","internal","_uMP","_befC","_prepP","s","_state","_post","broadcastChannel","sendPromise","_hasMessageListeners","_addListenerObject","listenerFn","listenerObject","minMessageTime","_startListening","_removeListenerObject","o","_stopListening","postInternal","listenObj","awaitPrepare","isClosed","USE_METHOD","call","process","exit","console","trace","WorkerGlobalScope","oldClose","bind","LISTENERS","startedListening","runAll","promises","sendLeaderMessage","leaderElector","action","msgJson","context","beLeader","isLeader","_hasLeader","unloadFn","run","die","_unl","isLeaderListener","_dpLC","_dpL","_lstns","LeaderElectionWebLock","_options","isDead","_wKMC","lN","hasLeader","_this2","locks","query","relevantLocks","held","lock","awaitLeadership","_this3","_wLMP","c","AbortController","returnPromise","request","signal","onduplicate","_fn","_this4","uFn","abort","LeaderElection","_aplQ","_aplQC","hasLeaderListener","createLeaderElection","_leaderElector","responseTime","elector","applyOnce","isFromFallbackInterval","stopCriteriaPromiseResolve","stopCriteria","stopCriteriaPromise","handleMessage","waitForAnswerTime","race","applyRun","_aLP","resolved","finish","whenDeathListener","tryOnFallBack","LeaderElectionService","onLeaderDuplicate","onLeader","canStart","electionChannelName","started","isBrowser","AutoRenewService","renewTimeQueue","onTokenExpiredHandler","firstTime","syncStorage","tokens","getStorage","isRefreshToken","hasExpired","autoRenew","shouldThrottleRenew","emitError","renew","autoRemove","EVENT_EXPIRED","isStarted","processExpiredTokens","SyncStorageService","onTokenAddedHandler","onTokenRemovedHandler","onTokenRenewedHandler","onSetStorageHandler","onSyncMessageHandler","syncChannelName","EVENT_RENEWED","EVENT_SET_STORAGE","enablePostMessage","oldToken","setStorage","emitAdded","setExpireEventTimeout","clearExpireEventTimeout","emitRemoved","emitRenewed","getNow","RenewOnTabActivationService","onPageVisbilityChange","_onPageVisbilityChange","hidden","lastHidden","tabInactivityDuration","getStorageKeyByType","renewOnTabActivation","AUTO_RENEW","SYNC_STORAGE","LEADER_ELECTION","RENEW_ON_TAB_ACTIVATION","ServiceManager","getOptions","broadcastChannelName","defaultOptions","clientId","services","knownServices","svc","createService","startServices","getService","values","some","srv","requiresLeadership","stopServices","entries","canStartService","start","stop","isLeaderRequired","service","createOktaAuthCore","StorageManagerConstructor","TransactionManagerConstructor","Base","WithStorage","mixinStorage","WithHttp","mixinHttp","WithSession","mixinSession","WithOAuth","mixinOAuth","mixinCore","authStateManager","serviceManager","isLoginRedirect","originalUri","handleLoginRedirect","setTokens","getOriginalUri","parseOAuthResponseFromUrl","oAuthResponse","storeTokensFromRedirect","removeOriginalUri","restoreOriginalUri","location","url","href","responseMode","createCoreOptionsConstructor","createOAuthOptionsConstructor","createCoreStorageManager","createOAuthStorageManager","stringToBase64Url","str","base64ToBase64Url","btoa","b64","base64UrlToBase64","b64u","base64UrlToString","utf8","atob","stringToBuffer","buffer","Uint8Array","charCodeAt","base64UrlDecode","base64UrlToBuffer","bufferToBase64Url","bin","reduce","byte","String","fromCharCode","a","b","crypto","getOidcHash","TextEncoder","encode","webcrypto","arrayBuffer","firstHalf","hash","apply","verifyToken","clone","algo","use","cryptoKey","jwt","payload","b64Signature","signature","AuthApiError","xhr","meta","errorSummary","errorCode","errorLink","errorId","errorCauses","CustomError","AuthPollStopError","_isNativeReflectConstruct","t","valueOf","Reflect","construct","_wrapNativeSuper","r","Function","n","TypeError","Wrapper","p","setPrototypeOf","getPrototypeOf","constructor","enumerable","writable","configurable","OAuthError","summary","resp","error_description","WWWAuthError","scheme","parameters","UNKNOWN_ERROR","errorDescription","realm","header","match","regex","firstSpace","remaining","params","exec","headers","isFunction","isAuthApiError","isOAuthError","isWWWAuthError","isWindowsPhone","documentMode","getUserAgent","isFingerprintSupported","agent","test","isPopupPostMessageSupported","isIE8or9","isWebCryptoSubtleSupported","isTokenVerifySupported","hasTextEncoder","isPKCESupported","isHTTPS","protocol","isLocalhost","hostname","isDPoPSupported","isIOS","MSStream","OktaUserAgent","environments","SDK_VERSION","maybeAddNodeEnvironment","env","versions","version","setRequestHeader","authClient","headerName","headerValue","_oktaUserAgent","http","issuer","opts","toQueryString","appJsonContentTypeRegex","body","contentType","param","fetchPromise","global","fetch","crossFetch","credentials","withCredentials","finally","response","ok","json","text","readData","isObject","pair","responseText","responseType","responseJSON","formatResult","createHttpOptionsConstructor","transformErrorXHR","httpRequestClient","fetchRequest","httpRequestInterceptors","pollDelay","createStorageOptionsConstructor","trackDateDocumentBecameVisible","dateDocumentBecameVisible","formatError","serverErr","isString","wwwAuthHeader","wwwAuthErr","max_age","acr_values","httpRequest","interceptor","saveAuthnState","httpCache","storageManager","getHttpCache","pollingIntent","cacheResponse","cachedResponse","getHttpHeader","promise","ajaxOptions","waitForVisibleAndAwakenDocument","waitForAwakenDocument","recursiveFetch","retryCount","timeSinceDocumentIsVisible","pageVisibilityHandler","retryableFetch","isArray","item","stateToken","updateStorage","isAbsoluteUrl","getIssuerOrigin","post","postOptions","BaseTransaction","oktaAuth","rest","sendRequest","TransactionClass","accessTokenObj","atToken","requestUrl","startsWith","httpOptions","dpop","getDPoPAuthorizationHeaders","Authorization","Dpop","generateRequestFnFromLinks","methodName","links","link","hints","allow","ProfileTransaction","createdAt","modifiedAt","profile","ProfileSchemaTransaction","properties","getProfile","updateProfile","getProfileSchema","EmailStatusTransaction","EmailChallengeTransaction","_links","poll","verify","EmailTransaction","roles","challenge","getEmails","getEmail","addEmail","deleteEmail","sendEmailChallenge","getEmailChallenge","emailId","challengeId","verifyEmailChallenge","PhoneTransaction","getPhones","getPhone","addPhone","deletePhone","sendPhoneChallenge","verifyPhoneChallenge","PasswordTransaction","created","lastUpdated","PasswordStatus","enroll","update","getPassword","enrollPassword","updatePassword","deletePassword","createOktaAuthMyAccount","TransactionManager","Core","mixinMyAccount","myaccount","MyAccountMethods","acc","EmailRole","Status","SdkClock","localOffset","parseInt","DEFAULT_OPTIONS","clearPendingRemoveTokens","expireEarlySeconds","TokenManager","storageOptions","getTokenStorage","clock","expireTimeouts","renewPromise","setExpireEventTimeoutAll","clearExpireEventTimeoutAll","getExpireTime","freshToken","EVENT_ERROR","clearTimeout","hasOwnProperty","expireTime","expireEventWait","max","expireEventTimeout","emitExpired","tokenStorage","validateToken","emitSetStorageEvent","getSync","isAccessToken","isIDToken","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","getTokenType","handleAdded","handleRemoved","existingTokens","newToken","existingToken","removedToken","shouldRenew","refreshKey","renewTokens","tokenKey","clearStorage","removedTokens","pendingRemove","MAX_ENTRY_LIFETIME","createTransactionManager","enableSharedStorage","saveLastResponse","transactionStorage","getTransactionStorage","clearSharedStorage","sharedStorage","getSharedTansactionStorage","clearTransactionFromSharedStorage","isTransactionMeta","muteWarning","dateCreated","saveTransactionToSharedStorage","load","entry","loadTransactionFromSharedStorage","decodeToken","decodedToken","INDEXEDDB_NAME","DB_KEY","isDPoPNonceError","createJwt","claims","signingKey","head","algorithm","cryptoRandomValue","byteLen","v","generateKeyPair","modulusLength","publicExponent","hashAccessToken","invokeStoreMethod","req","store","storeKeyPair","pairId","keyPair","findKeyPair","clearDPoPKeyPair","clearAllDPoPKeyPairs","createDPoPKeyPair","keyPairId","clearDPoPKeyPairAfterRevoke","revokedToken","shouldClear","tokenType","dpopPairId","generateDPoPProof","nonce","publicKey","kty","crv","x","y","alg","typ","jwk","htm","htu","iat","jti","ath","privateKey","generateDPoPForTokenRequest","convertTokenParamsToOAuthParams","tokenParams","oauthParams","codeChallenge","codeChallengeMethod","display","idp","idpScope","loginHint","maxAge","prompt","redirectUri","sessionToken","acrValues","enrollAmrValues","mayBeArray","scopes","scope","buildAuthorizeParams","oauthQueryParams","extraParams","validateOptions","authorizationCode","interactionCode","codeVerifier","getPostData","code","clientSecret","makeTokenRequest","dpopKeyPair","proof","DPoP","dpopNonce","postToTokenEndpoint","urls","tokenUrl","postRefreshToken","client_id","grant_type","refresh_token","getWellKnown","authServerUri","getKey","kid","wellKnown","jwksUri","cachedKey","exchangeCodeForTokens","getOAuthUrls","getDefaultTokenParams","ignoreSignature","getTokenOptions","handleResponseOptions","oauthResponse","handleOAuthResponse","tokenResponse","transactionManager","enrollAuthenticator","prepareEnrollAuthenticatorParams","createEnrollAuthenticatorMeta","authorizeUrl","save","setLocation","createTokenAPI","queue","useQueue","getWithRedirectFn","getWithRedirect","parseFromUrlFn","parseFromUrl","parseFromUrlApi","_getHistory","history","_getLocation","_getDocument","prepareTokenParams","getWithoutPrompt","getWithPopup","getWithIDPPopup","decode","revoke","revokeToken","renewToken","renewTokensWithRefresh","getUserInfo","accessTokenObject","idTokenObject","introspect","oidcIntrospect","createEndpoints","authorize","createOktaAuthOAuth","getToken","popupWindow","idpPopup","iframePromise","addPostMessageListener","timeout","iframeEl","loadFrame","contains","parentElement","removeChild","oauthPromise","closePoller","setInterval","clearInterval","idpPromise","addIDPPopupLisenter","getTokens","userinfoUrl","userInfo","sub","initialPath","loadPopup","generateState","cancelPromise","createOAuthMeta","validateResponse","pkce","interaction_code","dpopOptions","allowBearerTokens","token_type","tokenDict","expiresIn","expires_in","access_token","id_token","accessJwt","Number","idJwt","idTokenObj","exp","validationParams","hintMap","kind","TokenKind","iss","introspectUrl","introspection_endpoint","authHeader","token_type_hint","_get","getOwnPropertyDescriptor","WithOriginalUri","browserStorage","getOriginalUriStorage","PKCE","generateVerifier","computeChallenge","handleLogin","_tokenQueue","endpoints","onExpiredToken","shouldRemove","additionalParams","setOriginalUri","hasResponseType","accessTokenKey","refreshTokenKey","postLogoutRedirectUri","logoutUrl","idTokenHint","logoutUri","defaultUri","origin","currentUri","revokeAccessToken","revokeRefreshToken","getSignOutRedirectUrl","closeSession","sessionClosed","URL","searchParams","append","clearTokensBeforeRedirect","addPendingRemoveFlags","wwwAuth","wwwErr","RegExp","assertValidConfig","removeTrailingSlash","revokeUrl","toAbsoluteUrl","ignoreLifetime","maxClockSkew","getResponseMode","defaultResponseMode","paramStr","nativeLoc","search","urlParamsToObject","cleanOAuthResponseFromUrl","nativeHistory","nativeDoc","replaceState","title","pathname","removeSearch","removeHash","isInteractionRequiredError","throwInvalidTokenError","getSingleToken","originalToken","refreshTokenObject","renewTokenParams","endpointParams","isSameRefreshToken","updateRefreshToken","isRefreshTokenInvalidError","removeRefreshToken","creds","storageManagerOptions","getOptionsForSection","logServerSideMemoryStorageWarning","SavedObject","BaseStorageManager","isToken","isObjectWithProperties","isOAuthTransactionMeta","isPKCETransactionMeta","isIdxTransactionMeta","interactionHandle","isCustomAuthTransactionMeta","DEFAULT_TIMEOUT","addListener","eventTarget","attachEvent","removeListener","detachEvent","src","iframe","createElement","style","appendChild","popupTitle","responseHandler","timeoutId","isTrusted","getDefaultEnrollAuthenticatorParams","defaultRedirectUri","generateNonce","isAuthorizationCodeError","errorResponse","hasTokensInHash","hasAuthorizationCode","hashOrSearch","hasInteractionCode","hasErrorInUrl","isRedirectUri","uri","authParams","isCodeFlow","getHashOrSearch","codeFlow","isInteractionRequired","genRandomString","getIssuer","getOAuthBaseUrl","getOAuthDomain","baseUrl","oauthMeta","dec2hex","dec","substr","prefix","verifier","ceil","prepareParams","assertPKCESupport","errorMessage","validateCodeChallengeMethod","preparePKCE","defaults","isRefreshTokenError","plus2space","paramSplit","fragment","charAt","validateClaims","aud","acr","configuredIssuer","validationOptions","sdkCrypto","at_hash","sessionExists","session","getSession","omit","refresh","getLink","user","refreshSession","setCookieAndRedirect","redirectUrl","checkAccountSetupComplete","createSessionApi","exists","sectionName","overrideOptions","storageTypes","idx","storageName","storageString","StorageManager","STORAGE_MANAGER_OPTIONS","cache","cookieSettings","getCookieSettings","running","thisObject","queueItem","isPromise","getNativeConsole","nativeConsole","deprecate","deprecateWrap","isoToUTCString","isoTime","UTC","randomCharset","delay","split2","delim","splice","ctx","additionalArgs","extend","obj1","prop","cleaned","newobj","props","collection","found","linkName","altName","isNumber","toRelativeUrl","trimmed","CancelError","reason","executor","_cancelHandlers","_isPending","_isCanceled","_rejectOnCancel","_promise","_reject","defineProperties","boolean","onFulfilled","onRejected","onFinally","userFn","arguments_","__self__","F","DOMException","support","iterable","blob","Blob","formData","viewClasses","isArrayBufferView","ArrayBuffer","isView","normalizeName","normalizeValue","iteratorFor","items","done","Headers","getOwnPropertyNames","consumed","bodyUsed","fileReaderReady","reader","onload","readBlobAsArrayBuffer","FileReader","readAsArrayBuffer","bufferClone","buf","view","byteLength","Body","_initBody","_bodyInit","_bodyText","isPrototypeOf","_bodyBlob","FormData","_bodyFormData","URLSearchParams","DataView","_bodyArrayBuffer","rejected","readAsText","chars","readArrayBufferAsText","oldValue","callback","thisArg","Request","input","upcased","mode","toUpperCase","referrer","form","trim","bytes","Response","bodyInit","statusText","redirectStatuses","redirect","RangeError","stack","aborted","XMLHttpRequest","abortXhr","rawHeaders","getAllResponseHeaders","line","responseURL","ontimeout","onabort","onreadystatechange","readyState","send","polyfill","defineProperty","ponyfill","E","once","evtArr","len","evts","liveEvents","ReferenceError","__esModule","isNativeReflectConstruct","toPropertyKey","_defineProperties","_getPrototypeOf","__proto__","_typeof","assertThisInitialized","_regeneratorRuntime","asyncIterator","u","toStringTag","wrap","Generator","Context","makeInvokeMethod","tryCatch","arg","h","l","f","GeneratorFunction","GeneratorFunctionPrototype","d","g","defineIteratorMethods","_invoke","AsyncIterator","invoke","__await","callInvokeWithMethodAndArg","delegate","maybeInvokeDelegate","sent","_sent","dispatchException","abrupt","resultName","nextLoc","pushTryEntry","tryLoc","catchLoc","finallyLoc","afterLoc","tryEntries","resetTryEntry","completion","reset","isNaN","displayName","isGeneratorFunction","mark","awrap","async","reverse","pop","prev","rval","handle","complete","delegateYield","_setPrototypeOf","toPrimitive","isNativeFunction","runtime","regeneratorRuntime","accidentalStrictMode","globalThis","_arrayLikeToArray","_assertThisInitialized","asyncGeneratorStep","_asyncToGenerator","_next","_throw","_classCallCheck","_createClass","_defineProperty","_inherits","_objectWithoutProperties","getOwnPropertySymbols","propertyIsEnumerable","_possibleConstructorReturn","_slicedToArray","unsupportedIterableToArray","_toConsumableArray","arrayLikeToArray","_unsupportedIterableToArray","__webpack_module_cache__","__webpack_require__","moduleId","cachedModule","__webpack_modules__","getter","definition","OktaAuth"],"sourceRoot":""}
1
+ {"version":3,"file":"myaccount.js","mappings":";CAAA,SAA2CA,EAAMC,GAC1B,iBAAZC,SAA0C,iBAAXC,OACxCA,OAAOD,QAAUD,IACQ,mBAAXG,QAAyBA,OAAOC,IAC9CD,OAAO,GAAIH,GACe,iBAAZC,QACdA,QAAkB,SAAID,IAEtBD,EAAe,SAAIC,GACpB,CATD,CASGK,MAAM,WACT,6KCYO,SAASC,EAKdC,GAEF,IACQC,GAAY,QAQhB,cAA4B,6GAC1B,IAAMC,EAAU,IAAIF,EAAmB,UAAKG,SAAS,0CAAgB,CAAC,GACtEC,KAAKF,SAAUG,EAAAA,EAAAA,IAAWH,GAC1BE,KAAKE,QAAU,IAAIC,KACnBH,KAAKI,SAAWA,CAClB,IAWF,OAXG,OAbGP,EAAY,WAKeO,IAAQ,OALnCP,EAAY,YAMGQ,GAWrBR,EAAaO,SAAWP,EAAaS,UAAUF,SAAWA,EAG1DG,OAAOC,OAAOX,EAAc,CAC1BQ,UAAAA,IAGKR,CACT,6NCzCO,SAASY,IAEd,OAAO,QAGL,WAAYC,IAAW,8CACrBV,KAAKW,UAAYD,EAAKC,OACxB,GAGJ,qCCtBA,SAAS,EAAQC,GACf,IAAK,IAAIC,EAAI,EAAGA,EAAIC,UAAUf,OAAQc,IAAK,CACzC,IAAIE,EAASD,UAAUD,GACvB,IAAK,IAAIG,KAAOD,EACdH,EAAOI,GAAOD,EAAOC,EAEzB,CACA,OAAOJ,CACT,iCAwHA,IAAIK,EAlGJ,SAASC,EAAMC,EAAWC,GACxB,SAASC,EAAKL,EAAKM,EAAOC,GACxB,GAAwB,oBAAbC,SAAX,CAMkC,iBAFlCD,EAAa,EAAO,CAAC,EAAGH,EAAmBG,IAErBE,UACpBF,EAAWE,QAAU,IAAIC,KAAKA,KAAKC,MAA6B,MAArBJ,EAAWE,UAEpDF,EAAWE,UACbF,EAAWE,QAAUF,EAAWE,QAAQG,eAG1CZ,EAAMa,mBAAmBb,GACtBc,QAAQ,uBAAwBC,oBAChCD,QAAQ,QAASE,QAEpB,IAAIC,EAAwB,GAC5B,IAAK,IAAIC,KAAiBX,EACnBA,EAAWW,KAIhBD,GAAyB,KAAOC,GAEE,IAA9BX,EAAWW,KAWfD,GAAyB,IAAMV,EAAWW,GAAeC,MAAM,KAAK,KAGtE,OAAQX,SAASY,OACfpB,EAAM,IAAMG,EAAUkB,MAAMf,EAAON,GAAOiB,CAtC5C,CAuCF,CA4BA,OAAO1B,OAAO+B,OACZ,CACEjB,IAAKA,EACLkB,IA7BJ,SAAcvB,GACZ,GAAwB,oBAAbQ,YAA6BV,UAAUf,QAAWiB,GAA7D,CAQA,IAFA,IAAIwB,EAAUhB,SAASY,OAASZ,SAASY,OAAOD,MAAM,MAAQ,GAC1DM,EAAM,CAAC,EACF5B,EAAI,EAAGA,EAAI2B,EAAQzC,OAAQc,IAAK,CACvC,IAAI6B,EAAQF,EAAQ3B,GAAGsB,MAAM,KACzBb,EAAQoB,EAAMC,MAAM,GAAGC,KAAK,KAEhC,IACE,IAAIC,EAAWd,mBAAmBW,EAAM,IAGxC,GAFAD,EAAII,GAAY1B,EAAU2B,KAAKxB,EAAOuB,GAElC7B,IAAQ6B,EACV,KAEJ,CAAE,MAAOE,GAAI,CACf,CAEA,OAAO/B,EAAMyB,EAAIzB,GAAOyB,CApBxB,CAqBF,EAMIO,OAAQ,SAAUhC,EAAKO,GACrBF,EACEL,EACA,GACA,EAAO,CAAC,EAAGO,EAAY,CACrBE,SAAU,IAGhB,EACAwB,eAAgB,SAAU1B,GACxB,OAAOL,EAAKlB,KAAKmB,UAAW,EAAO,CAAC,EAAGnB,KAAKuB,WAAYA,GAC1D,EACA2B,cAAe,SAAU/B,GACvB,OAAOD,EAAK,EAAO,CAAC,EAAGlB,KAAKmB,UAAWA,GAAYnB,KAAKuB,WAC1D,GAEF,CACEA,WAAY,CAAED,MAAOf,OAAO4C,OAAO/B,IACnCD,UAAW,CAAEG,MAAOf,OAAO4C,OAAOhC,KAGxC,CAEUD,CApHa,CACrB4B,KAAM,SAAUxB,GAId,MAHiB,MAAbA,EAAM,KACRA,EAAQA,EAAMqB,MAAM,GAAI,IAEnBrB,EAAMQ,QAAQ,mBAAoBC,mBAC3C,EACAM,MAAO,SAAUf,GACf,OAAOO,mBAAmBP,GAAOQ,QAC/B,2CACAC,mBAEJ,GAwG+B,CAAEqB,KAAM,MAGzC,gCCvFIC,EAAkC,CAIpCC,uBAAwB,WACtB,IACE,IAAIC,EAAUvD,KAAKwD,kBACnB,OAAOxD,KAAKyD,YAAYF,EAC1B,CAAE,MAAOR,GACP,OAAO,CACT,CACF,EAEAW,yBAA0B,WACxB,IACE,IAAIH,EAAUvD,KAAK2D,oBACnB,OAAO3D,KAAKyD,YAAYF,EAC1B,CAAE,MAAOR,GACP,OAAO,CACT,CACF,EAEAa,gBAAiB,SAASC,GACxB,IAAIC,GAAY,EAChB,OAAQD,GACN,IAAK,iBACHC,EAAY9D,KAAK0D,2BACjB,MACF,IAAK,eACHI,EAAY9D,KAAKsD,yBACjB,MACF,IAAK,SACL,IAAK,SACHQ,GAAY,EACZ,MACF,QACEA,GAAY,EAGhB,OAAOA,CACT,EAEAC,iBAAkB,SAASF,EAA0B/D,GACnD,IAAIkE,EACJ,OAAQH,GACN,IAAK,iBACHG,EAAkBhE,KAAK2D,oBACvB,MACF,IAAK,eACHK,EAAkBhE,KAAKwD,kBACvB,MACF,IAAK,SACHQ,EAAkBhE,KAAKiE,iBAAiBnE,GACxC,MACF,IAAK,SACHkE,EAAkBhE,KAAKkE,qBACvB,MACF,QACE,MAAM,IAAIC,EAAAA,EAAa,gCAAD,OAAiCN,IAG3D,OAAOG,CACT,EAEAI,gBAAiB,SAASC,GACxB,IAAIC,EACAC,EAKJ,OAFAD,GADAD,EAAQA,EAAM1B,SACE6B,SAChBD,EAAWF,EAAMtE,OAASsE,EAAM,GAAK,MAKjCrE,KAAK4D,gBAAgBU,GAChBA,IAITG,EAAAA,EAAAA,IAAK,gCAAD,OAAiCH,EAAO,0BAAkBC,EAAQ,MAG/DvE,KAAKoE,gBAAgBC,IAXnBC,CAYX,EAEAd,gBAAiB,WAMf,OAJIkB,EAAAA,EAAAA,kBAAmBC,OAAOC,YAC5BD,OAAOC,UAAY,WAAY,GAG1BC,YACT,EAEAlB,kBAAmB,WACjB,OAAOmB,cACT,EAGAb,iBAAkB,SAASnE,GAAwB,WAC3CiF,EAASjF,EAASiF,OAClBC,EAAWlF,EAASkF,SACpBC,EAAgBnF,EAASmF,cAC/B,QAAsB,IAAXF,QAA8C,IAAbC,EAC1C,MAAM,IAAIb,EAAAA,EAAa,sEAEzB,IAAMZ,EAAyB,CAC7B2B,QAASlF,KAAKuD,QAAQhB,IACtB4C,QAAS,SAACnE,EAAKM,GAAkD,IAA3C8D,EAAY,UAAH,6CAAG,2BAEhCA,EAAaH,EAAgB,KAAOG,EACpC,EAAK7B,QAAQlC,IAAIL,EAAKM,EAAO8D,EAAW,CACtCL,OAAQA,EACRC,SAAUA,GAEd,EACAK,WAAY,SAACrE,GACX,EAAKuC,QAAQ+B,OAAOtE,EACtB,GAGF,OAAKlB,EAASyF,mBAOP,CACLL,QAAS,SAASlE,GAChB,IAAIwE,EAAOjC,EAAQ2B,UACf5D,EAAQ,CAAC,EAMb,OALAf,OAAOkF,KAAKD,GAAME,SAAQ,SAAAC,GACA,IAApBA,EAAEC,QAAQ5E,KACZM,EAAMqE,EAAE7D,QAAQ,GAAD,OAAId,EAAG,KAAK,KAAO6E,KAAKC,MAAMN,EAAKG,IAEtD,IACOE,KAAKE,UAAUzE,EACxB,EACA6D,QAAS,SAASnE,EAAKM,GACrB,IAAI0E,EAAiBH,KAAKC,MAAM9F,KAAKkF,QAAQlE,IAC7CM,EAAQuE,KAAKC,MAAMxE,GAEnBf,OAAOkF,KAAKnE,GAAOoE,SAAQ,SAAAC,GACzB,IAAIM,EAAajF,EAAM,IAAM2E,EACzBO,EAAeL,KAAKE,UAAUzE,EAAMqE,IACxCpC,EAAQ4B,QAAQc,EAAYC,UACrBF,EAAeL,EACxB,IAEApF,OAAOkF,KAAKO,GAAgBN,SAAQ,SAAAC,GAClCpC,EAAQ8B,WAAWrE,EAAM,IAAM2E,EACjC,GACF,EACAN,WAAY,SAASrE,GACnB,IAAIgF,EAAiBH,KAAKC,MAAM9F,KAAKkF,QAAQlE,IAC7CT,OAAOkF,KAAKO,GAAgBN,SAAQ,SAAAC,GAClCpC,EAAQ8B,WAAWrE,EAAM,IAAM2E,EACjC,GACF,GArCOpC,CAuCX,EAGA4C,cAAe,CAAC,EAChBjC,mBAAoB,WAAW,WAC7B,MAAO,CACLgB,QAAS,SAAClE,GACR,OAAO,EAAKmF,cAAcnF,EAC5B,EACAmE,QAAS,SAACnE,EAAKM,GACb,EAAK6E,cAAcnF,GAAOM,CAC5B,EAEJ,EAEAmC,YAAa,SAASF,GACpB,IAAIvC,EAAM,oBACV,IAGE,OAFAuC,EAAQ4B,QAAQnE,EAAKA,GACrBuC,EAAQ8B,WAAWrE,IACZ,CACT,CAAE,MAAO+B,GACP,OAAO,CACT,CACF,EAEAQ,QAAS,CACPlC,IAAK,SAAS+E,EAAc9E,EAAe8D,EAAmBtF,GAC5D,IAAQkF,EAAqBlF,EAArBkF,SAAUD,EAAWjF,EAAXiF,OAClB,QAAsB,IAAXA,QAA8C,IAAbC,EAC1C,MAAM,IAAIb,EAAAA,EAAa,iEAEzB,IAAIkC,EAA+B,CACjCjD,KAAMtD,EAAQsD,MAAQ,IACtB2B,OAAAA,EACAC,SAAAA,GAaF,OATOtD,KAAKoE,MAAMV,KAKhBiB,EAAc5E,QAAU,IAAIC,KAAK0D,IAGnCkB,EAAAA,IAAYF,EAAM9E,EAAO+E,GAClBrG,KAAKuC,IAAI6D,EAClB,EAEA7D,IAAK,SAAS6D,GAEZ,OAAKtF,UAAUf,OAGRuG,EAAAA,IAAYF,GAFVE,EAAAA,KAGX,EAEAhB,OAAQ,SAASc,GACf,OAAOE,EAAAA,OAAeF,EAAM,CAAEhD,KAAM,KACtC,IAIJ,q6BCrQO,IAAMmD,EAAuB,iBACvBC,EAAwB,IACxBC,EAAsB,EACtBC,EAAyB,IACzBC,EAAyB,MACzBC,EAAqB,qBACrBC,EAAqB,qBACrBC,EAAoB,oBACpBC,EAA2B,2BAC3BC,EAAkC,kCAClCC,EAA4B,4BAC5BC,EAA4B,4BAC5BC,EAA2B,cAC3BC,EAAwB,UACxBC,EAA6B,eAC7BC,EAA4B,eAI5BC,EAAsB,GACtBC,EAAsB,IACtBC,EAAgC,OAEhCC,EAAkB,gyBCJxB,IAAMC,EAAqB,KAC5BC,EAAkB,CACtBC,uBAAwB,KACxBC,cAAe,GAEXC,EAA0B,kBAiBnBC,EAAgB,WAiB3B,WAAYC,GAAsC,WAChD,IADgD,8NAC3CA,EAAI/H,QACP,MAAM,IAAIiE,EAAAA,EAAa,yDAGzBnE,KAAKkI,KAAOD,EACZjI,KAAKmI,SAAW,EAAH,GAAQP,GACrB5H,KAAKoI,WAAaT,EAClB3H,KAAKqI,YAAc,CAAC,EACpBrI,KAAKsI,eAAiB,KACtBtI,KAAKuI,gBAAkB,IAAIC,EAAAA,EAAa,CACtCC,OAAO,IAMTR,EAAIS,aAAaC,GAAGC,EAAAA,IAAa,SAAC5H,EAAK6H,GACrC,EAAKC,eAAe,CAAEC,MAAOH,EAAAA,GAAa5H,IAAAA,EAAK6H,MAAAA,IAC/C,EAAKG,iBACP,IACAf,EAAIS,aAAaC,GAAGM,EAAAA,IAAe,SAACjI,EAAK6H,GACvC,EAAKC,eAAe,CAAEC,MAAOE,EAAAA,GAAejI,IAAAA,EAAK6H,MAAAA,IACjD,EAAKG,iBACP,GACF,CAYC,MAkHA,OA9HA,sCAED,SAAelJ,GACbE,KAAKqI,YAAcvI,CACrB,GAAC,0BAED,WACE,OAAOE,KAAKoI,UACd,GAAC,kCAED,WACE,OAAOpI,KAAKsI,cACd,GAAC,kDAED,uGAkCG,GAlCH,EAC0CtI,KAAKkI,KAAKpI,QAA1CoJ,EAAkB,EAAlBA,mBAAoBvI,EAAO,EAAPA,QAEtBwI,EAAM,SAACC,GACX,MAA8B,EAAKf,YAA3BU,EAAK,EAALA,MAAO/H,EAAG,EAAHA,IAAK6H,EAAK,EAALA,OACpBQ,EAAAA,EAAAA,MAAaC,MAAM,uCAAD,OAAwCP,EAAK,mBAAWK,KAC1EC,EAAAA,EAAAA,MAAaF,IAAInI,EAAK6H,IACtBQ,EAAAA,EAAAA,MAAaF,IAAI,oBAAqB,EAAKf,aAC3CiB,EAAAA,EAAAA,MAAaE,WAGb,EAAKlB,YAAc,CAAC,CACtB,EAEMmB,EAAsB,SAACC,GAnFT,IAACC,EAA6BC,IAoFXF,GApFlBC,EAoFC,EAAKtB,aA9EtBsB,EAAUE,kBAAoBD,EAAMC,iBACtC/D,KAAKE,UAAU2D,EAAUG,WAAahE,KAAKE,UAAU4D,EAAME,UAC3DhE,KAAKE,UAAU2D,EAAUI,eAAiBjE,KAAKE,UAAU4D,EAAMG,cAC/DJ,EAAUK,QAAUJ,EAAMI,MA4EzBpJ,GAAWwI,EAAI,cAGjB,EAAKb,eAAiB,EAAKF,WAC3B,EAAKA,WAAaqB,EAElB,EAAKvB,KAAKhI,QAAQ8J,KAAKjC,EAAyB,EAAF,GAAO0B,IACrD9I,GAAWwI,EAAI,WACjB,EAEMc,EAAe,SAAfA,EAAgBC,GACpB,OAAO,EAAK/B,SAASN,uBAAuBsC,MAAK,WAC/C,IAAMC,EAAa,EAAKjC,SAASN,uBACjC,OAAIuC,GAAcA,IAAeF,EACxBD,EAAaG,GAEf,EAAKC,cACd,GACF,GAEIrK,KAAKmI,SAASN,uBAAwB,CAAF,qBAClC7H,KAAKmI,SAASL,eA7GS,IA6GgC,iBAG5B,OAA7BnH,GAAWwI,EAAI,cAAc,kBACtBc,EAAajK,KAAKmI,SAASN,yBAAuB,QAEzD7H,KAAKmI,SAASN,uBAAuByC,SAAS,QA0DO,OArDnDC,EAAoB,IAAIC,IAAJ,EAAgB,SAACC,EAASC,EAAGC,GACrDA,EAASC,cAAe,EACxBD,GAAS,WACP,EAAKxC,SAASN,uBAAyB,KACvC,EAAKM,SAASL,cAAgB,EAAKK,SAASL,cAAgB,EAC5DnH,GAAWwI,EAAI,WACjB,IAEA,IAAM0B,EAAiB,SAACpB,GAClBc,EAAkBO,WACpBL,KAIFjB,EAAoBC,GACpBgB,IAGA,EAAKtC,SAAW,EAAH,GAAQP,GACvB,EAEA,EAAKM,KAAK0B,kBACPO,MAAK,WACJ,GAAII,EAAkBO,WACpBL,QADF,CAKA,MAA+C,EAAKvC,KAAKQ,aAAaqC,gBAA9DjB,EAAW,EAAXA,YAAaD,EAAO,EAAPA,QAASmB,EAAY,EAAZA,aACxBvB,EAAY,CAChBK,YAAAA,EACAD,QAAAA,EACAmB,aAAAA,EACApB,mBAAoBE,IAAeD,KAIDX,EAChC,EAAKX,gBAAgB0C,KAAK/B,EAAoB,KAAM,EAAKhB,KAAMuB,GAC/DyB,QAAQT,QAAQhB,IAGjBU,MAAK,SAAAV,GAAS,OAAIoB,EAAepB,EAAU,IAC3C0B,OAAM,SAAApB,GAAK,OAAIc,EAAe,CAC7Bf,YAAAA,EACAD,QAAAA,EACAmB,aAAAA,EACApB,iBAAiB,EACjBG,MAAAA,GACA,GAvBJ,CAwBF,GACJ,IAEA/J,KAAKmI,SAASN,uBAAyB0C,EAAkB,kBAElDN,EAAaM,IAAkB,iDACvC,oEAED,SAAUa,GACRpL,KAAKkI,KAAKhI,QAAQyI,GAAGZ,EAAyBqD,EAChD,GAAC,yBAED,SAAYA,GACVpL,KAAKkI,KAAKhI,QAAQmL,IAAItD,EAAyBqD,EACjD,KAAC,EAxK0B,yJC/COF,QAAQT,SAAQ,GAA7C,IACIa,EAAwBJ,QAAQT,SAAQ,GACxCc,EAAwBL,QAAQT,UACpC,SAASe,EAAMC,EAAMC,GAE1B,OADKD,IAAMA,EAAO,GACX,IAAIP,SAAQ,SAAUS,GAC3B,OAAOC,YAAW,WAChB,OAAOD,EAAID,EACb,GAAGD,EACL,GACF,CAQO,SAASI,IACd,OAAOC,KAAKC,SAASC,SAAS,IAAIC,UAAU,EAC9C,CACA,IAAIC,EAAS,EACTC,EAAa,EASV,SAASC,IACd,IAAIC,GAAK,IAAI3K,MAAO4K,UACpB,OAAID,IAAOH,EAEG,IAALG,KADPF,GAGAD,EAASG,EACTF,EAAa,EACD,IAALE,EAEX,CCFO,IAAIE,EAAe,CACxBjK,OA3CK,SAAgBkK,GACrB,IAAI7C,EAAQ,CACV8C,iBAAkB,KAClBC,GAAI,IAAIC,iBAAiBH,GACzBI,OAAQ,IAQV,OALAjD,EAAM+C,GAAGG,UAAY,SAAUC,GACzBnD,EAAM8C,kBACR9C,EAAM8C,iBAAiBK,EAAItH,KAE/B,EACOmE,CACT,EA+BEoD,MA9BK,SAAeC,GACpBA,EAAaN,GAAGK,QAChBC,EAAaJ,OAAS,EACxB,EA4BEK,UAnBK,SAAmBD,EAAcE,GACtCF,EAAaP,iBAAmBS,CAClC,EAkBEC,YA5BK,SAAqBH,EAAcI,GACxC,IAEE,OADAJ,EAAaN,GAAGS,YAAYC,GAAa,GAClC7B,CACT,CAAE,MAAO8B,GACP,OAAOnC,QAAQoC,OAAOD,EACxB,CACF,EAsBEE,UAlBK,WACL,GAAuB,oBAAX5I,QAA0C,oBAATjF,MAAqD,mBAArBiN,iBAM3E,OAAO,EALP,GAAIA,iBAAiBa,QACnB,MAAM,IAAIC,MAAM,uGAElB,OAAO,CAIX,EAUEC,KAjDgB,SAkDhBC,oBAVK,WACL,OAAO,GACT,EASEvB,aApDwB,GCK1B,aAQI,WACoBwB,GAAA,SAAAA,EARJ,SAAM,IAAIC,IAMnB,UAAe,CAGlB,CA2BR,OAzBIC,EAAAA,UAAAA,IAAA,SAAIxM,GACA,OAAO,KAAKyM,IAAIC,IAAI1M,EACxB,EAEAwM,EAAAA,UAAAA,IAAA,SAAIxM,GAAJ,WACI,KAAKyM,IAAI1M,IAAIC,EAAOK,KAQf,KAAKsM,MACN,KAAKA,KAAM,EACXrC,YAAW,WACPsC,EAAKD,KAAM,EAgBrB,SACFE,GASA,IAPA,IAAMC,EAAYzM,IAAQwM,EAAaP,IACjCS,EAAWF,EAAaJ,IAAIO,OAAOD,cAM5B,CAET,IAAME,EAAOF,EAASE,OAAOjN,MAE7B,IAAKiN,EACD,OAEJ,IAAMjN,EAAQiN,EAAK,GAEnB,KADaA,EAAK,GACPH,GAIP,OAHAD,EAAaJ,IAAIzI,OAAOhE,GAMpC,CAzCgBkN,CAAmBN,EACvB,GAAG,GAEX,EAEAJ,EAAAA,UAAAA,MAAA,WACI,KAAKC,IAAIU,OACb,EACJ,EArCA,GAwEM,SAAU9M,IACZ,OAAO,IAAID,MAAO4K,SACtB,CChFO,SAAS,IACd,IAAIoC,EAAkB5N,UAAUf,OAAS,QAAsB4O,IAAjB7N,UAAU,GAAmBA,UAAU,GAAK,CAAC,EACvFhB,EAAU+F,KAAKC,MAAMD,KAAKE,UAAU2I,IA6BxC,YA1BwC,IAA7B5O,EAAQ8O,mBAAkC9O,EAAQ8O,kBAAmB,GAG3E9O,EAAQ+O,MAAK/O,EAAQ+O,IAAM,CAAC,GAE5B/O,EAAQ+O,IAAIjB,MAAK9N,EAAQ+O,IAAIjB,IAAM,MACnC9N,EAAQ+O,IAAIC,mBAAkBhP,EAAQ+O,IAAIC,iBAAmB,KAE9DJ,EAAgBG,KAA8C,mBAAhCH,EAAgBG,IAAIE,UAAwBjP,EAAQ+O,IAAIE,QAAUL,EAAgBG,IAAIE,SAGnHjP,EAAQkP,eAAclP,EAAQkP,aAAe,CAAC,GAC9ClP,EAAQkP,aAAaC,gBAAenP,EAAQkP,aAAaC,cAAgB,KAG1EP,EAAgBQ,UAASpP,EAAQoP,QAAUR,EAAgBQ,SAG1DpP,EAAQqP,OAAMrP,EAAQqP,KAAO,CAAC,GAC9BrP,EAAQqP,KAAKvB,MAAK9N,EAAQqP,KAAKvB,IAAM,MAKrC9N,EAAQqP,KAAKC,oBAAmBtP,EAAQqP,KAAKC,kBAAoB,WAC9B,IAA7BtP,EAAQqP,KAAKE,cAA6BvP,EAAQqP,KAAKE,aAAc,GACzEvP,CACT,CCtBO,IAIHwP,EAAkB,WAMXC,EAAuB,CAChCC,WAAY,WAGP,SAASC,IACd,GAAyB,oBAAdC,UAA2B,OAAOA,UAC7C,GAAsB,oBAAX/K,OAAwB,CACjC,QAAmC,IAAxBA,OAAOgL,aAA8B,OAAOhL,OAAOgL,aAC9D,QAAsC,IAA3BhL,OAAOiL,gBAAiC,OAAOjL,OAAOiL,gBACjE,QAAkC,IAAvBjL,OAAOkL,YAA6B,OAAOlL,OAAOkL,WAC/D,CACA,OAAO,CACT,CAOO,SAASC,EAA2BC,GACrCA,EAAGC,QACLD,EAAGC,QAEP,CAuNA,SAASC,EAAUtG,GACbA,EAAMuG,QACVC,EAAgBxG,GAAOQ,MAAK,WAC1B,OAAOqB,EAAM7B,EAAM7J,QAAQ+O,IAAIC,iBACjC,IAAG3E,MAAK,WACN,OAAO8F,EAAUtG,EACnB,GACF,CAWA,SAASwG,EAAgBxG,GAEvB,OAAIA,EAAMuG,OAAe3E,EAGpB5B,EAAM8C,iBAtKN,SAA+B2D,EAAIC,GACxC,IAAIN,EAAKK,EAAGE,YAAYhB,EAAiB,WAAYC,GACjDgB,EAAcR,EAAGQ,YAAYjB,GAC7BkB,EAAM,GACNC,EAAgBC,YAAYC,MAAMN,EAAe,EAAGO,KAOxD,GAAIL,EAAYM,OAAQ,CACtB,IAAIC,EAAgBP,EAAYM,OAAOJ,GACvC,OAAO,IAAIvF,SAAQ,SAAUS,EAAKoF,GAChCD,EAAcE,QAAU,SAAU3D,GAChC,OAAO0D,EAAI1D,EACb,EACAyD,EAAcG,UAAY,SAAUlO,GAClC4I,EAAI5I,EAAEnC,OAAOsQ,OACf,CACF,GACF,CAYA,OAAO,IAAIhG,SAAQ,SAAUS,EAAKoF,GAChC,IAAII,EAZN,WAIE,IAEE,OADAV,EAAgBC,YAAYC,MAAMN,EAAe,EAAGO,KAC7CL,EAAYa,WAAWX,EAChC,CAAE,MAAO1N,GACP,OAAOwN,EAAYa,YACrB,CACF,CAE0BA,GACxBD,EAAkBH,QAAU,SAAU3D,GACpC,OAAO0D,EAAI1D,EACb,EACA8D,EAAkBF,UAAY,SAAUI,GACtC,IAAIC,EAASD,EAAGzQ,OAAOsQ,OACnBI,EACEA,EAAOhQ,MAAMiQ,GAAKlB,EAAe,EACnCiB,EAAiB,SAAEjB,EAAe,IAElCG,EAAIvF,KAAKqG,EAAOhQ,OAChBgQ,EAAiB,aAGnBxB,EAA2BC,GAC3BpE,EAAI6E,GAER,CACF,GACF,CAkHSgB,CAAsB7H,EAAMyG,GAAIzG,EAAM0G,cAAclG,MAAK,SAAUsH,GACxE,IAAIC,EAAcD,EAKdE,QAAO,SAAUC,GACnB,QAASA,CACX,IAAG7D,KAAI,SAAU6D,GAIf,OAHIA,EAAOL,GAAK5H,EAAM0G,eACpB1G,EAAM0G,aAAeuB,EAAOL,IAEvBK,CACT,IAAGD,QAAO,SAAUC,GAClB,OA9BN,SAAwBA,EAAQjI,GAC9B,QAAIiI,EAAOC,OAASlI,EAAMkI,MACtBlI,EAAMmI,KAAK9D,IAAI4D,EAAOL,KACtBK,EAAOpM,KAAKiG,KAAO9B,EAAMoI,qBAE/B,CAyBaC,CAAeJ,EAAQjI,EAChC,IAAGsI,MAAK,SAAUC,EAASC,GACzB,OAAOD,EAAQzG,KAAO0G,EAAQ1G,IAChC,IAOA,OANAiG,EAAYhM,SAAQ,SAAUkM,GACxBjI,EAAM8C,mBACR9C,EAAMmI,KAAKM,IAAIR,EAAOL,IACtB5H,EAAM8C,iBAAiBmF,EAAOpM,MAElC,IACO+F,CACT,IA1BoCA,CA2BtC,CA2BO,IAAI8G,EAAkB,CAC3B/P,OAxHK,SAAgBkK,EAAa1M,GAElC,OADAA,EAAU,EAAwBA,GA7K7B,SAAwB0M,GAC7B,IAGI8F,EAnCU,8BAmCW9F,EAOrB+F,EAVY9C,IAUY+C,KAAKF,GAQjC,OAPAC,EAAYE,gBAAkB,SAAUpB,GAC7BA,EAAGzQ,OAAOsQ,OAChBwB,kBAAkBpD,EAAiB,CACpCqD,QAAS,KACTC,eAAe,GAEnB,EACO,IAAI1H,SAAQ,SAAUS,EAAKoF,GAChCwB,EAAYvB,QAAU,SAAUK,GAC9B,OAAON,EAAIM,EACb,EACAkB,EAAYtB,UAAY,WACtBtF,EAAI4G,EAAYrB,OAClB,CACF,GACF,CAmJS2B,CAAerG,GAAarC,MAAK,SAAUiG,GAChD,IAAIzG,EAAQ,CACVuG,QAAQ,EACRG,aAAc,EACd7D,YAAaA,EACb1M,QAASA,EACT+R,KAAMhG,IAMNiG,KAAM,IAAIhE,EAA+B,EAAlBhO,EAAQ+O,IAAIjB,KAEnCkF,kBAAmBvH,EACnBkB,iBAAkB,KAClBsG,kBAAmB,GACnB3C,GAAIA,GAoBN,OAXAA,EAAGrB,QAAU,WACXpF,EAAMuG,QAAS,EACXpQ,EAAQ+O,IAAIE,SAASjP,EAAQ+O,IAAIE,SACvC,EAOAkB,EAAUtG,GACHA,CACT,GACF,EAgFEoD,MA5BK,SAAeC,GACpBA,EAAakD,QAAS,EACtBlD,EAAaoD,GAAGrD,OAClB,EA0BEE,UAdK,SAAmBD,EAAcE,EAAIzB,GAC1CuB,EAAa+E,qBAAuBtG,EACpCuB,EAAaP,iBAAmBS,EAChCiD,EAAgBnD,EAClB,EAWEG,YA1BK,SAAqBH,EAAcI,GASxC,OARAJ,EAAa8F,kBAAoB9F,EAAa8F,kBAAkB3I,MAAK,WACnE,OA9OG,SAAsBiG,EAAI4C,EAAY5F,GAC3C,IACI6F,EAAc,CAChBpB,KAAMmB,EACNvH,MAHS,IAAI/J,MAAO4K,UAIpB9G,KAAM4H,GAEJ2C,EAAKK,EAAGE,YAAY,CAAChB,GAAkB,YAAaC,GACxD,OAAO,IAAIrE,SAAQ,SAAUS,EAAKoF,GAChChB,EAAGmD,WAAa,WACd,OAAOvH,GACT,EACAoE,EAAGiB,QAAU,SAAUK,GACrB,OAAON,EAAIM,EACb,EACkBtB,EAAGQ,YAAYjB,GACrB8C,IAAIa,GAChBnD,EAA2BC,EAC7B,GACF,CA2NWoD,CAAanG,EAAaoD,GAAIpD,EAAa6E,KAAMzE,EAC1D,IAAGjD,MAAK,WACmB,KAAX,EAAG,GJ3SZ2B,KAAKsH,MAAsB,GAAhBtH,KAAKC,SI2SP,KA5GX,SAA0BiB,GAC/B,OA1B6BoD,EA0BPpD,EAAaoD,GA1BFxC,EA0BMZ,EAAalN,QAAQ+O,IAAIjB,IAzB5DQ,GAAY,IAAI1M,MAAO4K,UAAYsB,EACnCmC,EAAKK,EAAGE,YAAYhB,EAAiB,WAAYC,GACjDgB,EAAcR,EAAGQ,YAAYjB,GAC7BkB,EAAM,GACH,IAAItF,SAAQ,SAAUS,GAC3B4E,EAAYa,aAAaH,UAAY,SAAUI,GAC7C,IAAIC,EAASD,EAAGzQ,OAAOsQ,OACvB,GAAII,EAAQ,CACV,IAAI+B,EAAS/B,EAAOhQ,MAChB+R,EAAO5H,KAAO2C,GAChBoC,EAAIvF,KAAKoI,GAET/B,EAAiB,aAGjBxB,EAA2BC,GAC3BpE,EAAI6E,GAER,MACE7E,EAAI6E,EAER,CACF,KAGqErG,MAAK,SAAUmJ,GAClF,OA1CG,SAA4BtG,EAAcuG,GAC/C,GAAIvG,EAAakD,OACf,OAAOhF,QAAQT,QAAQ,IAEzB,IACI8F,EADKvD,EAAaoD,GAAGE,YAAYhB,EAAiB,YAAaC,GAC9CgB,YAAYjB,GACjC,OAAOpE,QAAQsI,IAAID,EAAIxF,KAAI,SAAUwD,GACnC,IAAIkC,EAAgBlD,EAAoB,OAAEgB,GAC1C,OAAO,IAAIrG,SAAQ,SAAUS,GAC3B8H,EAAcxC,UAAY,WACxB,OAAOtF,GACT,CACF,GACF,IACF,CA4BW+H,CAAmB1G,EAAcsG,EAAOvF,KAAI,SAAUjB,GAC3D,OAAOA,EAAIyE,EACb,IACF,IA9BK,IAAwBnB,EAAIxC,EAC7BQ,EACA2B,EACAQ,EACAC,CA2BN,CAwGMmD,CAAiB3G,EAErB,IACOA,EAAa8F,iBACtB,EAiBEvF,UAXK,WACL,QAASkC,GACX,EAUE/B,KA9TgB,MA+ThBC,oBAVK,SAA6B7N,GAClC,OAAsC,EAA/BA,EAAQ+O,IAAIC,gBACrB,EASE1C,aA7UwB,GCSnB,SAAS5I,IACd,IAAIqB,EACJ,GAAsB,oBAAXF,OAAwB,OAAO,KAC1C,IACEE,EAAeF,OAAOE,aACtBA,EAAeF,OAAO,8BAAgCA,OAAOE,YAC/D,CAAE,MAAO9B,GAIT,CACA,OAAO8B,CACT,CACO,SAASoB,EAAWuG,GACzB,MArBe,2BAqBKA,CACtB,CAmFO,SAAS,IACd,IAAIoH,EAAKpQ,IACT,IAAKoQ,EAAI,OAAO,EAChB,IACE,IAAI5S,EAAM,2BACV4S,EAAGzO,QAAQnE,EAAK,SAChB4S,EAAGvO,WAAWrE,EAChB,CAAE,MAAO+B,GAIP,OAAO,CACT,CACA,OAAO,CACT,CAUO,IAAI8Q,EAAqB,CAC9BvR,OA9DK,SAAgBkK,EAAa1M,GAElC,GADAA,EAAU,EAAwBA,IAC7B,IACH,MAAM,IAAI2N,MAAM,iDAElB,IAAIoE,EAAOhG,IAOPiG,EAAO,IAAIhE,EAAahO,EAAQkP,aAAaC,eAC7CtF,EAAQ,CACV6C,YAAaA,EACbqF,KAAMA,EACNC,KAAMA,GAYR,OATAnI,EAAMmK,SAhCD,SAAiCtH,EAAaU,GACnD,IAAIlM,EAAMiF,EAAWuG,GACjBsH,EAAW,SAAkBzC,GA8BqB,IAAUO,EA7B1DP,EAAGrQ,MAAQA,IA6B+C4Q,EA5BzD/L,KAAKC,MAAMuL,EAAG0C,UA6BdpK,EAAM8C,kBACPmF,EAAOC,OAASA,GACfD,EAAO/I,QAASiJ,EAAK9D,IAAI4D,EAAO/I,SACjC+I,EAAOpM,KAAKiG,MAAQmG,EAAOpM,KAAKiG,KAAO9B,EAAMoI,uBAEjDD,EAAKM,IAAIR,EAAO/I,OAChBc,EAAM8C,iBAAiBmF,EAAOpM,QAjChC,EAEA,OADAb,OAAOqP,iBAAiB,UAAWF,GAC5BA,CACT,CAuBmBG,CAAwBzH,GASlC7C,CACT,EAkCEoD,MAjCK,SAAeC,GAjCf,IAAoC8G,IAkCd9G,EAAa8G,SAjCxCnP,OAAOuP,oBAAoB,UAAWJ,EAkCxC,EAgCE7G,UA/BK,SAAmBD,EAAcE,EAAIzB,GAC1CuB,EAAa+E,qBAAuBtG,EACpCuB,EAAaP,iBAAmBS,CAClC,EA6BEC,YAzGK,SAAqBH,EAAcI,GACxC,OAAO,IAAIlC,SAAQ,SAAUS,GAC3BH,IAAQrB,MAAK,WACX,IAAInJ,EAAMiF,EAAW+G,EAAaR,aAC9B2H,EAAW,CACbtL,MAAOgD,IACPJ,MAAM,IAAI/J,MAAO4K,UACjB9G,KAAM4H,EACNyE,KAAM7E,EAAa6E,MAEjBvQ,EAAQuE,KAAKE,UAAUoO,GAC3B3Q,IAAkB2B,QAAQnE,EAAKM,GAO/B,IAAI+P,EAAK7P,SAAS4S,YAAY,SAC9B/C,EAAGgD,UAAU,WAAW,GAAM,GAC9BhD,EAAGrQ,IAAMA,EACTqQ,EAAG0C,SAAWzS,EACdqD,OAAO2P,cAAcjD,GACrB1F,GACF,GACF,GACF,EAgFE4B,UAAW,EACXG,KAtIgB,eAuIhBC,oBAhBK,WACL,IACI4G,EAAYC,UAAUD,UAAUE,cACpC,OAAIF,EAAUG,SAAS,YAAcH,EAAUG,SAAS,UAE/CC,IAJS,GAOpB,EASEvI,aA1IwB,GCVf,EAAe,EAEtBwI,EAAoB,IAAIC,IAsCjBC,EAAiB,CAC1BxS,OAtCK,SAAgBkK,GACrB,IAAI7C,EAAQ,CACVvD,KAAMoG,EACNC,iBAAkB,MAGpB,OADAmI,EAAkBxC,IAAIzI,GACfA,CACT,EAgCEoD,MA/BK,SAAeC,GACpB4H,EAA0B,OAAE5H,EAC9B,EA8BEC,UAZK,SAAmBD,EAAcE,GACtCF,EAAaP,iBAAmBS,CAClC,EAWEC,YA9BK,SAAqBH,EAAcI,GACxC,OAAO,IAAIlC,SAAQ,SAAUS,GAC3B,OAAOC,YAAW,WACGmJ,MAAMC,KAAKJ,GACjBjD,QAAO,SAAUsD,GAC5B,OAAOA,EAAQ7O,OAAS4G,EAAa5G,IACvC,IAAGuL,QAAO,SAAUsD,GAClB,OAAOA,IAAYjI,CACrB,IAAG2E,QAAO,SAAUsD,GAClB,QAASA,EAAQxI,gBACnB,IAAG/G,SAAQ,SAAUuP,GACnB,OAAOA,EAAQxI,iBAAiBW,EAClC,IACAzB,GACF,GAAG,EACL,GACF,EAeE4B,UAXK,WACL,OAAO,CACT,EAUEG,KA7CgB,WA8ChBC,oBAVK,WACL,OAAO,CACT,EASEvB,aAAc,GC1CZ8I,EAAU,CAAC3I,EAEf8F,EAAiBwB,GCDNsB,EAA0B,IAAIN,IACrCO,EAAS,EACF,EAAmB,SAA0BhP,EAAMtG,GA0L9D,IAAyBmV,EACnBI,ERlMoBC,EQSxBtV,KAAKuR,GAAK6D,IACVD,EAAwB/C,IAAIpS,MAC5BA,KAAKoG,KAAOA,EAIZpG,KAAKF,QAAU,EAAwBA,GACvCE,KAAKuV,ODTA,SAAsBzV,GAC3B,IAAI0V,EAAgB,GAAGC,OAAO3V,EAAQoP,QAASgG,GAASvD,OAAO+D,SAK/D,GAAI5V,EAAQ4N,KAAM,CAChB,GAAqB,aAAjB5N,EAAQ4N,KAEV,OAAOoH,EAET,IAAItE,EAAMgF,EAAcG,MAAK,SAAUC,GACrC,OAAOA,EAAElI,OAAS5N,EAAQ4N,IAC5B,IACA,GAAK8C,EAAwE,OAAOA,EAA1E,MAAM,IAAI/C,MAAM,eAAiB3N,EAAQ4N,KAAO,aAC5D,CAMK5N,EAAQ8O,mBACX4G,EAAgBA,EAAc7D,QAAO,SAAUiE,GAC7C,MAAkB,QAAXA,EAAElI,IACX,KAEF,IAAImI,EAAYL,EAAcG,MAAK,SAAUJ,GAC3C,OAAOA,EAAOhI,WAChB,IACA,GAAKsI,EAKH,OAAOA,EAJP,MAAM,IAAIpI,MAAM,6BAA+B5H,KAAKE,UAAUmP,EAAQnH,KAAI,SAAU6H,GAClF,OAAOA,EAAElI,IACX,KAIJ,CC3BgB,CAAa1N,KAAKF,SAGhCE,KAAK8V,KAAM,EAOX9V,KAAK+V,MAAQ,KAKb/V,KAAKgW,OAAS,CACZC,QAAS,GACTC,SAAU,IAQZlW,KAAKmW,KAAO,IAAItB,IAOhB7U,KAAKoW,MAAQ,GAKbpW,KAAKqW,OAAS,MRrDUf,EQkMpBD,GADmBJ,EA3IPjV,MA4IWuV,OAAOjT,OAAO2S,EAAQ7O,KAAM6O,EAAQnV,WRjM7B,mBAAbwV,EAAInL,MQmMvB8K,EAAQoB,OAAShB,EACjBA,EAAalL,MAAK,SAAUmM,GAK1BrB,EAAQsB,OAASD,CACnB,KAEArB,EAAQsB,OAASlB,CAtJrB,EAuHA,SAASmB,EAAMC,EAAkB/I,EAAMZ,GACrC,IACI8E,EAAS,CACXnG,KAFSgL,EAAiBlB,OAAOnJ,eAGjCsB,KAAMA,EACNlI,KAAMsH,GAGR,OADmB2J,EAAiBJ,OAASI,EAAiBJ,OAAS9K,GACnDpB,MAAK,WACvB,IAAIuM,EAAcD,EAAiBlB,OAAOpI,YAAYsJ,EAAiBF,OAAQ3E,GAO/E,OAJA6E,EAAiBN,KAAK/D,IAAIsE,GAC1BA,EAAmB,QAAIvM,MAAK,WAC1B,OAAOsM,EAAiBN,KAAa,OAAEO,EACzC,IACOA,CACT,GACF,CAgBA,SAASC,EAAqB1B,GAC5B,OAAIA,EAAQe,OAAOC,QAAQlW,OAAS,GAChCkV,EAAQe,OAAOE,SAASnW,OAAS,CAEvC,CACA,SAAS6W,EAAmB3B,EAASvH,EAAM4H,GACzCL,EAAQe,OAAOtI,GAAMzC,KAAKqK,GAS5B,SAAyBL,GACvB,IAAKA,EAAQa,KAAOa,EAAqB1B,GAAU,CAGjD,IAAI4B,EAAa,SAAoBjF,GACnCqD,EAAQe,OAAOpE,EAAOlE,MAAMhI,SAAQ,SAAUoR,GAU5C,IACIC,EAAiBD,EAAerL,KADb,IAEnBmG,EAAOnG,MAAQsL,GACjBD,EAAe5J,GAAG0E,EAAOpM,KAE7B,GACF,EACIiG,EAAOwJ,EAAQM,OAAOnJ,eACtB6I,EAAQoB,OACVpB,EAAQoB,OAAOlM,MAAK,WAClB8K,EAAQa,KAAM,EACdb,EAAQM,OAAOtI,UAAUgI,EAAQsB,OAAQM,EAAYpL,EACvD,KAEAwJ,EAAQa,KAAM,EACdb,EAAQM,OAAOtI,UAAUgI,EAAQsB,OAAQM,EAAYpL,GAEzD,CACF,CAzCEuL,CAAgB/B,EAClB,CACA,SAASgC,EAAsBhC,EAASvH,EAAM4H,GAC5CL,EAAQe,OAAOtI,GAAQuH,EAAQe,OAAOtI,GAAMiE,QAAO,SAAUuF,GAC3D,OAAOA,IAAM5B,CACf,IAqCF,SAAwBL,GACtB,GAAIA,EAAQa,MAAQa,EAAqB1B,GAAU,CAEjDA,EAAQa,KAAM,EACd,IAAIrK,EAAOwJ,EAAQM,OAAOnJ,eAC1B6I,EAAQM,OAAOtI,UAAUgI,EAAQsB,OAAQ,KAAM9K,EACjD,CACF,CA3CE0L,CAAelC,EACjB,CA9JA,EAAiBzH,SAAU,EA4B3B,EAAiBlN,UAAY,CAC3B6M,YAAa,SAAqBL,GAChC,GAAI9M,KAAKkQ,OACP,MAAM,IAAIzC,MAAM,gFAMhB5H,KAAKE,UAAU+G,IAEjB,OAAO0J,EAAMxW,KAAM,UAAW8M,EAChC,EACAsK,aAAc,SAAsBtK,GAClC,OAAO0J,EAAMxW,KAAM,WAAY8M,EACjC,EACID,cAAUK,GACZ,IACImK,EAAY,CACd5L,KAFSzL,KAAKuV,OAAOnJ,eAGrBc,GAAIA,GAEN+J,EAAsBjX,KAAM,UAAWA,KAAK+V,OACxC7I,GAAoB,mBAAPA,GACflN,KAAK+V,MAAQsB,EACbT,EAAmB5W,KAAM,UAAWqX,IAEpCrX,KAAK+V,MAAQ,IAEjB,EACA/B,iBAAkB,SAA0BtG,EAAMR,GAMhD0J,EAAmB5W,KAAM0N,EAJT,CACdjC,KAFSzL,KAAKuV,OAAOnJ,eAGrBc,GAAIA,GAGR,EACAgH,oBAAqB,SAA6BxG,EAAMR,GAItD+J,EAAsBjX,KAAM0N,EAHlB1N,KAAKgW,OAAOtI,GAAMiI,MAAK,SAAUL,GACzC,OAAOA,EAAIpI,KAAOA,CACpB,IAEF,EACAH,MAAO,WACL,IAAImB,EAAQlO,KACZ,IAAIA,KAAKkQ,OAAT,CAGAiF,EAAgC,OAAEnV,MAClCA,KAAKkQ,QAAS,EACd,IAAIoH,EAAetX,KAAKqW,OAASrW,KAAKqW,OAAS9K,EAG/C,OAFAvL,KAAK+V,MAAQ,KACb/V,KAAKgW,OAAOC,QAAU,GACfqB,EAENnN,MAAK,WACJ,OAAOe,QAAQsI,IAAIuB,MAAMC,KAAK9G,EAAMiI,MACtC,IAEChM,MAAK,WACJ,OAAOe,QAAQsI,IAAItF,EAAMkI,MAAMrI,KAAI,SAAUb,GAC3C,OAAOA,GACT,IACF,IAEC/C,MAAK,WACJ,OAAO+D,EAAMqH,OAAOxI,MAAMmB,EAAMqI,OAClC,GApBA,CAqBF,EACI7I,WACF,OAAO1N,KAAKuV,OAAO7H,IACrB,EACI6J,eACF,OAAOvX,KAAKkQ,MACd,GClKF,IACIsH,EAD0F,qBAAjFjX,OAAOD,UAAU0L,SAASyL,KAAwB,oBAAZC,QAA0BA,QAAU,GCRhF,SAAiBxK,GACtBwK,QAAQ/O,GAAG,QAAQ,WACjB,OAAOuE,GACT,IAQAwK,QAAQ/O,GAAG,cAAc,WACvB,OAAOuE,IAAK/C,MAAK,WACf,OAAOuN,QAAQC,MACjB,GACF,IAEAD,QAAQ/O,GAAG,UAAU,WACnB,OAAOuE,IAAK/C,MAAK,WACf,OAAOuN,QAAQC,MACjB,GACF,IAEAD,QAAQ/O,GAAG,qBAAqB,SAAU0E,GACxC,OAAOH,IAAK/C,MAAK,WACfyN,QAAQC,MAAMxK,GACdqK,QAAQC,KAAK,IACf,GACF,GACF,EC3BO,SAAoBzK,GACzB,GAAiC,mBAAtB4K,mBAAoCpY,gBAAgBoY,kBAAmB,CAOhF,IAAIC,EAAWrY,KAAKqN,MAAMiL,KAAKtY,MAC/BA,KAAKqN,MAAQ,WAEX,OADAG,IACO6K,GACT,CACF,KAAO,CAKL,GAAuC,mBAA5BpT,OAAOqP,iBAChB,OAMFrP,OAAOqP,iBAAiB,gBAAgB,WACtC9G,GACF,IAAG,GAMHvI,OAAOqP,iBAAiB,UAAU,WAChC9G,GACF,IAAG,EACL,CAMF,EFlCI+K,EAAY,IAAIpD,IAChBqD,GAAmB,EAyBhB,SAASC,IACd,IAAIC,EAAW,GAKf,OAJAH,EAAUvS,SAAQ,SAAUwH,GAC1BkL,EAASnN,KAAKiC,KACd+K,EAAkB,OAAE/K,EACtB,IACOhC,QAAQsI,IAAI4E,EACrB,CGtCO,SAASC,EAAkBC,EAAeC,GAC/C,IAAIC,EAAU,CACZC,QAAS,SACTF,OAAQA,EACR1P,MAAOyP,EAAczP,OAEvB,OAAOyP,EAAc7B,iBAAiBW,aAAaoB,EACrD,CACO,SAASE,EAASJ,GACvBA,EAAcK,UAAW,EACzBL,EAAcM,YAAa,EAC3B,IAAIC,EHGC,SAAa3L,GAElB,GARIgL,IAGJA,GAAmB,EACnBV,EAAWW,IAIO,mBAAPjL,EACT,MAAM,IAAIO,MAAM,2BAYlB,OAVAwK,EAAU7F,IAAIlF,GACE,CACdlK,OAAQ,WACN,OAAOiV,EAAkB,OAAE/K,EAC7B,EACA4L,IAAK,WAEH,OADAb,EAAkB,OAAE/K,GACbA,GACT,EAGJ,CGnBiB,EAAU,WACvB,OAAOoL,EAAcS,KACvB,IACAT,EAAcU,KAAK/N,KAAK4N,GACxB,IAAII,EAAmB,SAA0BnM,GAC3B,WAAhBA,EAAI2L,SAAuC,UAAf3L,EAAIyL,QAClCF,EAAkBC,EAAe,QAEf,WAAhBxL,EAAI2L,SAAuC,SAAf3L,EAAIyL,QAAsBD,EAAcY,QAStEZ,EAAcY,OAAQ,EACtBZ,EAAca,OACdd,EAAkBC,EAAe,QAErC,EAIA,OAFAA,EAAc7B,iBAAiBzC,iBAAiB,WAAYiF,GAC5DX,EAAcc,OAAOnO,KAAKgO,GACnBZ,EAAkBC,EAAe,OAC1C,CCnCO,IAAIe,EAAwB,SAA+B5C,EAAkB3W,GAClF,IAAIoO,EAAQlO,KACZA,KAAKyW,iBAAmBA,EACxBA,EAAiBL,MAAMnL,MAAK,WAC1B,OAAOiD,EAAM6K,KACf,IACA/Y,KAAKsZ,SAAWxZ,EAChBE,KAAK2Y,UAAW,EAChB3Y,KAAKuZ,QAAS,EACdvZ,KAAK6I,MAAQgD,IACb7L,KAAKoZ,OAAS,GACdpZ,KAAKgZ,KAAO,GACZhZ,KAAKmZ,KAAO,WAAa,EACzBnZ,KAAKkZ,OAAQ,EAEblZ,KAAKwZ,MAAQ,CAAC,EAGdxZ,KAAKyZ,GAAK,cAAgBhD,EAAiBlB,OAAO7H,KAAO,KAAO+I,EAAiBrQ,IACnF,EACAiT,EAAsB/Y,UAAY,CAChCoZ,UAAW,WACT,IAAIC,EAAS3Z,KACb,OAAOwU,UAAUoF,MAAMC,QAAQ1P,MAAK,SAAUyP,GAC5C,IAAIE,EAAgBF,EAAMG,KAAOH,EAAMG,KAAKpI,QAAO,SAAUqI,GAC3D,OAAOA,EAAK5T,OAASuT,EAAOF,EAC9B,IAAK,GACL,SAAIK,GAAiBA,EAAc/Z,OAAS,EAK9C,GACF,EACAka,gBAAiB,WACf,IAAIC,EAASla,KACb,IAAKA,KAAKma,MAAO,CACfna,KAAKwZ,MAAMY,EAAI,IAAIC,gBACnB,IAAIC,EAAgB,IAAIpP,SAAQ,SAAUS,EAAKoF,GAC7CmJ,EAAOV,MAAM7N,IAAMA,EACnBuO,EAAOV,MAAMzI,IAAMA,CACrB,IACA/Q,KAAKma,MAAQ,IAAIjP,SAAQ,SAAUS,GACjC6I,UAAUoF,MAAMW,QAAQL,EAAOT,GAAI,CACjCe,OAAQN,EAAOV,MAAMY,EAAEI,SACtB,WAKD,OAHAN,EAAOV,MAAMY,OAAIzL,EACjB+J,EAASwB,GACTvO,IACO2O,CACT,IAAU,OAAE,WAAa,GAC3B,GACF,CACA,OAAOta,KAAKma,KACd,EACIM,gBAAYC,GAEhB,EACA3B,IAAK,WACH,IAAI4B,EAAS3a,KAmBb,OAlBAA,KAAKoZ,OAAO1T,SAAQ,SAAUoO,GAC5B,OAAO6G,EAAOlE,iBAAiBvC,oBAAoB,WAAYJ,EACjE,IACA9T,KAAKoZ,OAAS,GACdpZ,KAAKgZ,KAAKtT,SAAQ,SAAUkV,GAC1B,OAAOA,EAAI5X,QACb,IACAhD,KAAKgZ,KAAO,GACRhZ,KAAK2Y,WACP3Y,KAAK2Y,UAAW,GAElB3Y,KAAKuZ,QAAS,EACVvZ,KAAKwZ,MAAM7N,KACb3L,KAAKwZ,MAAM7N,MAET3L,KAAKwZ,MAAMY,GACbpa,KAAKwZ,MAAMY,EAAES,MAAM,sCAEdxC,EAAkBrY,KAAM,QACjC,GCpFF,IAAI8a,EAAiB,SAAwBrE,EAAkB3W,GAC7D,IAAIoO,EAAQlO,KACZA,KAAKyW,iBAAmBA,EACxBzW,KAAKsZ,SAAWxZ,EAChBE,KAAK2Y,UAAW,EAChB3Y,KAAK4Y,YAAa,EAClB5Y,KAAKuZ,QAAS,EACdvZ,KAAK6I,MAAQgD,IAOb7L,KAAK+a,MAAQxP,EAEbvL,KAAKgb,OAAS,EAGdhb,KAAKgZ,KAAO,GACZhZ,KAAKoZ,OAAS,GACdpZ,KAAKmZ,KAAO,WAAa,EACzBnZ,KAAKkZ,OAAQ,EAOb,IAAI+B,EAAoB,SAA2BnO,GAC7B,WAAhBA,EAAI2L,UACa,UAAf3L,EAAIyL,SACNrK,EAAM0K,YAAa,GAEF,SAAf9L,EAAIyL,SACNrK,EAAM0K,YAAa,GAGzB,EACA5Y,KAAKyW,iBAAiBzC,iBAAiB,WAAYiH,GACnDjb,KAAKoZ,OAAOnO,KAAKgQ,EACnB,EAqOO,SAASC,EAAqBjG,EAASnV,GAC5C,GAAImV,EAAQkG,eACV,MAAM,IAAI1N,MAAM,iDAElB3N,EAfF,SAAiCA,EAASmV,GASxC,OARKnV,IAASA,EAAU,CAAC,IACzBA,EAAU+F,KAAKC,MAAMD,KAAKE,UAAUjG,KACvBgP,mBACXhP,EAAQgP,iBAAmB,KAExBhP,EAAQsb,eACXtb,EAAQsb,aAAenG,EAAQM,OAAO5H,oBAAoBsH,EAAQnV,UAE7DA,CACT,CAKY,CAAwBA,EAASmV,GAC3C,IAAIoG,EdhOqB,oBAAd7G,gBAAwD,IAApBA,UAAUoF,OAA4D,mBAA5BpF,UAAUoF,MAAMW,QcgOpE,IAAIlB,EAAsBpE,EAASnV,GAAW,IAAIgb,EAAe7F,EAASnV,GAK/G,OAJAmV,EAAQmB,MAAMnL,MAAK,WACjB,OAAOoQ,EAAQtC,KACjB,IACA9D,EAAQkG,eAAiBE,EAClBA,CACT,CA/OAP,EAAexa,UAAY,CACzBoZ,UAAW,WACT,OAAOxO,QAAQT,QAAQzK,KAAK4Y,WAC9B,EAMA0C,UAAW,SAEXC,GACE,IAAI5B,EAAS3Z,KACb,OAAIA,KAAK2Y,SACAnN,EAAM,GAAG,GAEdxL,KAAKuZ,OACA/N,EAAM,GAAG,GAOdxL,KAAKgb,OAAS,EACThb,KAAK+a,OAyFd/a,KAAKgb,OAAShb,KAAKgb,OAAS,EAC5Bhb,KAAK+a,MAAQ/a,KAAK+a,MAAM5Q,MAAK,WAC3B,OArFa,WAMb,GAAIwP,EAAOhB,SACT,OAAOrN,EAET,IACIkQ,EADAC,GAAe,EAQfC,EAAsB,IAAIxQ,SAAQ,SAAUS,GAC9C6P,EAA6B,WAC3BC,GAAe,EACf9P,GACF,CACF,IACIgQ,EAAgB,SAAuB7O,GACrB,WAAhBA,EAAI2L,SAAwB3L,EAAIjE,OAAS8Q,EAAO9Q,QAC/B,UAAfiE,EAAIyL,QAEFzL,EAAIjE,MAAQ8Q,EAAO9Q,OAKrB2S,IAGe,SAAf1O,EAAIyL,SAENiD,IACA7B,EAAOf,YAAa,GAG1B,EACAe,EAAOlD,iBAAiBzC,iBAAiB,WAAY2H,GAYrD,IAAIC,EAAoBL,EAAwD,EAA/B5B,EAAOL,SAAS8B,aAAmBzB,EAAOL,SAAS8B,aACpG,OAAO/C,EAAkBsB,EAAQ,SAChCxP,MAAK,WACJ,OAAOe,QAAQ2Q,KAAK,CAACrQ,EAAMoQ,GAAoBF,EAAoBvR,MAAK,WACtE,OAAOe,QAAQoC,OAAO,IAAIG,MAC5B,KACF,IAECtD,MAAK,WACJ,OAAOkO,EAAkBsB,EAAQ,QACnC,IAECxP,MAAK,WACJ,OAAOe,QAAQ2Q,KAAK,CAACrQ,EAAMoQ,GAAoBF,EAAoBvR,MAAK,WACtE,OAAOe,QAAQoC,OAAO,IAAIG,MAC5B,KACF,IAAU,OAAE,WAAa,IAAGtD,MAAK,WAE/B,OADAwP,EAAOlD,iBAAiBvC,oBAAoB,WAAYyH,IACnDF,GAEI/C,EAASiB,GAAQxP,MAAK,WAC3B,OAAO,CACT,GAKJ,GACF,CAGS2R,EACT,IAAG3R,MAAK,WACNwP,EAAOqB,OAASrB,EAAOqB,OAAS,CAClC,IACOhb,KAAK+a,MAAM5Q,MAAK,WACrB,OAAOwP,EAAOhB,QAChB,IACF,EACAsB,gBAAiB,WAKf,OAHCja,KAAK+b,OACJ/b,KAAK+b,MA6BmBzD,EA7BStY,MA8BnB2Y,SACTpN,EAEF,IAAIL,SAAQ,SAAUS,GAC3B,IAAIqQ,GAAW,EACf,SAASC,IACHD,IAGJA,GAAW,EACX1D,EAAc7B,iBAAiBvC,oBAAoB,WAAYgI,GAC/DvQ,GAAI,GACN,CAGA2M,EAAcgD,YAAYnR,MAAK,WACzBmO,EAAcK,UAChBsD,GAEJ,IAMoB,SAASE,IAC3B,OAAO3Q,EAAM8M,EAAcgB,SAASxK,kBAAkB3E,MAAK,WACzD,IAAImO,EAAciB,SAAUyC,EAG5B,OAAI1D,EAAcK,cAChBsD,IAEO3D,EAAcgD,WAAU,GAAMnR,MAAK,WACpCmO,EAAcK,SAChBsD,IAEAE,GAEJ,GAEJ,GACF,CACAA,GAGA,IAAID,EAAoB,SAA2BpP,GAC7B,WAAhBA,EAAI2L,SAAuC,UAAf3L,EAAIyL,SAClCD,EAAcM,YAAa,EAC3BN,EAAcgD,YAAYnR,MAAK,WACzBmO,EAAcK,UAChBsD,GAEJ,IAEJ,EACA3D,EAAc7B,iBAAiBzC,iBAAiB,WAAYkI,GAC5D5D,EAAcc,OAAOnO,KAAKiR,EAC5B,KAtFSlc,KAAK+b,KA2BhB,IAA8BzD,CA1B5B,EACImC,gBAAYvN,GACdlN,KAAKmZ,KAAOjM,CACd,EACA6L,IAAK,WACH,IAAImB,EAASla,KAcb,OAbAA,KAAKoZ,OAAO1T,SAAQ,SAAUoO,GAC5B,OAAOoG,EAAOzD,iBAAiBvC,oBAAoB,WAAYJ,EACjE,IACA9T,KAAKoZ,OAAS,GACdpZ,KAAKgZ,KAAKtT,SAAQ,SAAUkV,GAC1B,OAAOA,EAAI5X,QACb,IACAhD,KAAKgZ,KAAO,GACRhZ,KAAK2Y,WACP3Y,KAAK4Y,YAAa,EAClB5Y,KAAK2Y,UAAW,GAElB3Y,KAAKuZ,QAAS,EACPlB,EAAkBrY,KAAM,QACjC,gBCzKWoc,GAAqB,WAMhC,aAA0C,IAA9Btc,EAA0B,UAAH,6CAAG,CAAC,GAAC,oIAFtB,GAGhBE,KAAKF,QAAUA,EACfE,KAAKqc,kBAAoBrc,KAAKqc,kBAAkBrE,KAAKhY,MACrDA,KAAKsc,SAAWtc,KAAKsc,SAAStE,KAAKhY,KACrC,CA0BC,MAXA,EAZA,EAmDA,OAtDA,yCAED,WACA,GAAC,2CAED,sGAC6B,QAD7B,GACQ,EAAAA,KAAKF,SAAQwc,gBAAQ,aAArB,UAAyB,gDAChC,mEAED,WAAW,MACT,QAAqB,QAAb,EAACtc,KAAKqb,eAAO,QAAZ,EAAc1C,SACzB,GAAC,uBAED,WAAY,MACV,QAAqB,QAAb,EAAC3Y,KAAKqb,eAAO,QAAZ,EAAc3B,UACzB,GAAC,wCAED,oFACM1Z,KAAKuc,aACCC,EAAwBxc,KAAKF,QAA7B0c,oBACRxc,KAAKiV,QAAU,IAAItI,EAAiB6P,GACpCxc,KAAKqb,QAAUH,EAAqBlb,KAAKiV,SACzCjV,KAAKqb,QAAQZ,YAAcza,KAAKqc,kBAChCrc,KAAKqb,QAAQpB,kBAAkB9P,KAAKnK,KAAKsc,UACzCtc,KAAKyc,SAAU,GAChB,gDACF,oFAED,kFACMzc,KAAKyc,QAAS,CAAF,oBACVzc,KAAKqb,QAAS,CAAF,+BACRrb,KAAKqb,QAAQtC,MAAK,OACxB/Y,KAAKqb,aAAU1M,EAAU,WAEvB3O,KAAKiV,QAAS,CAAF,gBAE+C,OAA5DjV,KAAKiV,QAAgBmC,aAAe,kBAAMlM,QAAQT,SAAS,EAAC,SACvDzK,KAAKiV,QAAQlI,QAAO,OAC1B/M,KAAKiV,aAAUtG,EAAU,QAE3B3O,KAAKyc,SAAU,EAAM,iDAExB,6EAED,WACE,OAAO,CACT,GAAC,uBAED,WACE,OAAOzc,KAAKyc,OACd,GAAC,sBAED,WACE,OAAOC,EAAAA,EAAAA,eAAgB1c,KAAKyc,OAC9B,KAAC,EAhE+B,oCCRrBE,GAAgB,WAM3B,WAAYjU,GAA0E,IAArC5I,EAAiC,UAAH,6CAAG,CAAC,GAAC,gJAFlE,GAGhBE,KAAK0I,aAAeA,EACpB1I,KAAKF,QAAUA,EACfE,KAAK4c,eAAiB,GACtB5c,KAAK6c,sBAAwB7c,KAAK6c,sBAAsB7E,KAAKhY,KAC/D,CAyDC,MAZA,EAwBA,OArEA,2CAED,WACE,IAAI2L,GAAM,EAEV,GADA3L,KAAK4c,eAAe3R,KAAKvJ,KAAKC,OAC1B3B,KAAK4c,eAAe7c,QAAU,GAAI,CAEpC,IAAM+c,EAAY9c,KAAK4c,eAAepY,QAEtCmH,EADiB3L,KAAK4c,eAAe5c,KAAK4c,eAAe7c,OAAS,GAChD+c,EAAa,GACjC,CACA,OAAOnR,CACT,GAAC,gCAED,WAEE,QAAS3L,KAAKF,QAAQid,cAAeL,EAAAA,EAAAA,YACvC,GAAC,kCAED,WAA+B,WAEvBM,EADehd,KAAK0I,aAAauU,aACXA,aAC5B1c,OAAOkF,KAAKuX,GAAQtX,SAAQ,SAAA1E,GAC1B,IAAM6H,EAAQmU,EAAOhc,KAChBkc,EAAAA,GAAAA,IAAerU,IAAU,EAAKH,aAAayU,WAAWtU,IACzD,EAAKgU,sBAAsB7b,EAE/B,GACF,GAAC,mCAED,SAA8BA,GAC5B,GAAIhB,KAAKF,QAAQsd,UACf,GAAIpd,KAAKqd,sBAAuB,CAC9B,IAAMtT,EAAQ,IAAI5F,GAAAA,EAAa,iCAC/BnE,KAAK0I,aAAa4U,UAAUvT,EAC9B,MACE/J,KAAK0I,aAAa6U,MAAMvc,GAAKmK,OAAM,WAAO,SAEnCnL,KAAKF,QAAQ0d,YACtBxd,KAAK0I,aAAa1F,OAAOhC,EAE7B,GAAC,sBAED,WACE,SAAUhB,KAAKF,QAAQsd,YAAepd,KAAKF,QAAQ0d,YAAgBxd,KAAKyc,QAC1E,GAAC,wCAED,8EACMzc,KAAKuc,aACPvc,KAAK0I,aAAaC,GAAG8U,GAAAA,GAAezd,KAAK6c,uBACrC7c,KAAK0I,aAAagV,aAGpB1d,KAAK2d,uBAEP3d,KAAKyc,SAAU,GAChB,gDACF,oFAED,8EACMzc,KAAKyc,UACPzc,KAAK0I,aAAa2C,IAAIoS,GAAAA,GAAezd,KAAK6c,uBAC1C7c,KAAK4c,eAAiB,GACtB5c,KAAKyc,SAAU,GAChB,gDACF,oEAED,WACE,OAAOzc,KAAKyc,OACd,KAAC,EAhF0B,GCYhBmB,GAAkB,WAO7B,WAAYlV,GAA0E,IAArC5I,EAAiC,UAAH,6CAAG,CAAC,GAAC,yIAHlE,IAAK,iCACK,GAG1BE,KAAK0I,aAAeA,EACpB1I,KAAKF,QAAUA,EACfE,KAAK6d,oBAAsB7d,KAAK6d,oBAAoB7F,KAAKhY,MACzDA,KAAK8d,sBAAwB9d,KAAK8d,sBAAsB9F,KAAKhY,MAC7DA,KAAK+d,sBAAwB/d,KAAK+d,sBAAsB/F,KAAKhY,MAC7DA,KAAKge,oBAAsBhe,KAAKge,oBAAoBhG,KAAKhY,MACzDA,KAAKie,qBAAuBje,KAAKie,qBAAqBjG,KAAKhY,KAC7D,CAiCC,MArBA,EA2GA,OAvHA,0CAED,WACE,OAAO,CACT,GAAC,uBAED,WACE,OAAOA,KAAKyc,OACd,GAAC,sBAED,WACE,QAASzc,KAAKF,QAAQid,cAAeL,EAAAA,EAAAA,eAAgB1c,KAAKyc,OAC5D,GAAC,wCAED,uFACOzc,KAAKuc,WAAY,CAAF,gDAIZ2B,EAAoBle,KAAKF,QAAzBoe,gBAAe,SAGrBle,KAAKiV,QAAU,IAAItI,EAAiBuR,GAA2B,sDAEzD,IAAI/Z,GAAAA,EAAa,2DAA0D,QAGnFnE,KAAK0I,aAAaC,GAAGC,GAAAA,GAAa5I,KAAK6d,qBACvC7d,KAAK0I,aAAaC,GAAGM,GAAAA,GAAejJ,KAAK8d,uBACzC9d,KAAK0I,aAAaC,GAAGwV,GAAAA,EAAene,KAAK+d,uBACzC/d,KAAK0I,aAAaC,GAAGyV,GAAAA,GAAmBpe,KAAKge,qBAC7Che,KAAKiV,QAAQjB,iBAAiB,UAAWhU,KAAKie,sBAC9Cje,KAAKyc,SAAU,EAAK,yDACrB,oFAED,0FACMzc,KAAKyc,QAAS,CAAF,gBAK0D,OAJxEzc,KAAK0I,aAAa2C,IAAIzC,GAAAA,GAAa5I,KAAK6d,qBACxC7d,KAAK0I,aAAa2C,IAAIpC,GAAAA,GAAejJ,KAAK8d,uBAC1C9d,KAAK0I,aAAa2C,IAAI8S,GAAAA,EAAene,KAAK+d,uBAC1C/d,KAAK0I,aAAa2C,IAAI+S,GAAAA,GAAmBpe,KAAKge,qBAClC,QAAZ,EAAAhe,KAAKiV,eAAO,OAAZ,EAAcf,oBAAoB,UAAWlU,KAAKie,sBAAsB,SACtD,QADsD,EAClEje,KAAKiV,eAAO,aAAZ,EAAclI,QAAO,OAC3B/M,KAAKiV,aAAUtG,EACf3O,KAAKyc,SAAU,EAAM,iDAExB,8EAED,SAA4Bzb,EAAa6H,GAAc,MAChD7I,KAAKqe,oBAGE,QAAZ,EAAAre,KAAKiV,eAAO,OAAZ,EAAc9H,YAAY,CACxBO,KAAM9E,GAAAA,GACN5H,IAAAA,EACA6H,MAAAA,IAEJ,GAAC,mCAED,SAA8B7H,EAAa6H,GAAc,MAClD7I,KAAKqe,oBAGE,QAAZ,EAAAre,KAAKiV,eAAO,OAAZ,EAAc9H,YAAY,CACxBO,KAAMzE,GAAAA,GACNjI,IAAAA,EACA6H,MAAAA,IAEJ,GAAC,mCAED,SAA8B7H,EAAa6H,EAAcyV,GAAkB,MACpEte,KAAKqe,oBAGE,QAAZ,EAAAre,KAAKiV,eAAO,OAAZ,EAAc9H,YAAY,CACxBO,KAAMyQ,GAAAA,EACNnd,IAAAA,EACA6H,MAAAA,EACAyV,SAAAA,IAEJ,GAAC,iCAED,SAA4B/a,GAAiB,MAC/B,QAAZ,EAAAvD,KAAKiV,eAAO,OAAZ,EAAc9H,YAAY,CACxBO,KAAM0Q,GAAAA,GACN7a,QAAAA,GAEJ,GAAC,kCAGD,SAA6BuJ,GAU3B,OADA9M,KAAKqe,mBAAoB,EACjBvR,EAAIY,MACV,KAAK0Q,GAAAA,GACHpe,KAAK0I,aAAauU,aAAasB,WAAWzR,EAAIvJ,SAC9C,MACF,KAAKqF,GAAAA,GACH5I,KAAK0I,aAAa8V,UAAU1R,EAAI9L,IAAM8L,EAAIjE,OAC1C7I,KAAK0I,aAAa+V,sBAAsB3R,EAAI9L,IAAM8L,EAAIjE,OACtD,MACF,KAAKI,GAAAA,GACHjJ,KAAK0I,aAAagW,wBAAwB5R,EAAI9L,KAC9ChB,KAAK0I,aAAaiW,YAAY7R,EAAI9L,IAAM8L,EAAIjE,OAC5C,MACF,KAAKsV,GAAAA,EACHne,KAAK0I,aAAakW,YAAY9R,EAAI9L,IAAM8L,EAAIjE,MAAQiE,EAAIwR,UAK5Dte,KAAKqe,mBAAoB,CAC3B,KAAC,EAtI4B,GC1BzBQ,GAAS,WAAH,OAAS/S,KAAKsH,MAAM1R,KAAKC,MAAQ,IAAK,EAErCmd,GAA2B,WAOtC,WAAYpW,GAA0E,IAArC5I,EAAiC,UAAH,6CAAG,CAAC,GAAC,2EALlE,IAAK,yDAED,IAAC,4CAIrBE,KAAK0I,aAAeA,EACpB1I,KAAKF,QAAUA,EAEfE,KAAK+e,sBAAwB/e,KAAKgf,uBAAuBhH,KAAKhY,KAChE,CA6BC,MAPA,EA6BA,OAnDA,8CAID,WACE,GAAIwB,SAASyd,OACXjf,KAAKkf,WAAaL,UAGf,GAAI7e,KAAKkf,WAAa,GAAML,KAAW7e,KAAKkf,YAAclf,KAAKF,QAAQqf,sBAAyB,CACnG,MAAiCnf,KAAK0I,aAAaqC,gBAA3CjB,EAAW,EAAXA,YAAaD,EAAO,EAAPA,QACrB,GAAMC,GAAe9J,KAAK0I,aAAayU,WAAWrT,GAAc,CAC9D,IAAM9I,EAAMhB,KAAK0I,aAAa0W,oBAAoB,eAElDpf,KAAK0I,aAAa6U,MAAMvc,GAAKmK,OAAM,WAAO,GAC5C,MACK,GAAMtB,GAAW7J,KAAK0I,aAAayU,WAAWtT,GAAU,CAC3D,IAAM7I,EAAMhB,KAAK0I,aAAa0W,oBAAoB,WAElDpf,KAAK0I,aAAa6U,MAAMvc,GAAKmK,OAAM,WAAO,GAC5C,CACF,CACF,GAAC,wCAED,8EACMnL,KAAKuc,YAAgB/a,WACvBA,SAASwS,iBAAiB,mBAAoBhU,KAAK+e,uBACnD/e,KAAKyc,SAAU,GAChB,gDACF,oFAED,8EACMjb,WACFA,SAAS0S,oBAAoB,mBAAoBlU,KAAK+e,uBACtD/e,KAAKyc,SAAU,GAChB,gDACF,mEAED,WACE,OAAOC,EAAAA,EAAAA,gBACL1c,KAAKF,QAAQsd,aACbpd,KAAKF,QAAQuf,uBACdrf,KAAKyc,OACR,GAAC,gCAED,WACE,OAAO,CACT,GAAC,uBAED,WACE,OAAOzc,KAAKyc,OACd,KAAC,EA/DqC,kmDC0BxC,IAAM6C,GAAa,YACbC,GAAe,cACfC,GAAkB,iBAClBC,GAA0B,uBAEnBC,GAAc,WAuBzB,WAAYzX,GAA0E,WAArCnI,EAAiC,UAAH,6CAAG,CAAC,GAAC,wIAClFE,KAAKiI,IAAMA,EACXjI,KAAKsc,SAAWtc,KAAKsc,SAAStE,KAAKhY,MAGnC,MAA+CiI,EAAIS,aAAaiX,aAAxDvC,EAAS,EAATA,UAAWI,EAAU,EAAVA,WAAYT,EAAW,EAAXA,YAC/Bjd,EAAQ0c,oBAAsB1c,EAAQ0c,qBAAuB1c,EAAQ8f,qBACrE5f,KAAKF,QAAUS,OAAOC,OAAO,CAAC,EAC5Bkf,EAAeG,eACf,CAAEzC,UAAAA,EAAWI,WAAAA,EAAYT,YAAAA,GACzB,CACEP,oBAAqB,GAAF,OAAKvU,EAAInI,QAAQggB,SAAQ,aAC5C5B,gBAAiB,GAAF,OAAKjW,EAAInI,QAAQggB,SAAQ,WAE1C7f,EAAAA,GAAAA,IAAWH,IAGbE,KAAKyc,SAAU,EACfzc,KAAK+f,SAAW,IAAIlS,IAEpB6R,EAAeM,cAActa,SAAQ,SAAAU,GACnC,IAAM6Z,EAAM,EAAKC,cAAc9Z,GAC3B6Z,GACF,EAAKF,SAAS1e,IAAI+E,EAAM6Z,EAE5B,GACF,CAwCC,MARA,EATA,EARA,EAfA,EAiFA,OAjFA,qDAED,kFACMjgB,KAAKyc,QAAS,CAAF,+BAERzc,KAAKmgB,gBAAe,gDAE7B,mEAED,WAAW,MACT,OAAwC,QAAhC,EAAAngB,KAAKogB,WAAWZ,WAAgB,aAAjC,EAA6D7G,UACtE,GAAC,8BAED,WACE,OAAO,OAAI3Y,KAAK+f,SAASM,UAAUC,MAAK,SAAAC,GAAG,OAAIA,EAAIhE,YAAcgE,EAAIC,oBAAoB,GAC3F,GAAC,wCAED,kFACMxgB,KAAKyc,QAAS,CAAF,gEAGVzc,KAAKmgB,gBAAe,OAC1BngB,KAAKyc,SAAU,EAAK,gDACrB,oFAED,8FACQzc,KAAKygB,eAAc,OACzBzgB,KAAKyc,SAAU,EAAM,gDACtB,qEAED,SAAWrW,GACT,OAAOpG,KAAK+f,SAASxd,IAAI6D,EAC3B,GAAC,gDAED,iGAC4BpG,KAAK+f,SAASW,WAAS,yDAA5B,GAA4B,qBAArCta,EAAI,KAAEma,EAAG,MACfvgB,KAAK2gB,gBAAgBva,EAAMma,GAAM,CAAF,+BAC3BA,EAAIK,QAAO,sMAGtB,4FAED,6FACoB5gB,KAAK+f,SAASM,UAAQ,wDAA1B,OAAHE,EAAG,iBACNA,EAAIM,OAAM,qMAEnB,0EAGD,SAAwBza,EAAcma,GACpC,IAAIhE,EAAWgE,EAAIhE,aAAegE,EAAI7C,YAOtC,OALItX,IAASoZ,GACXjD,IAAAA,EAAavc,KAAK8gB,oBACTP,EAAIC,sBACbjE,IAAAA,EAAavc,KAAK2Y,YAEb4D,CACT,GAAC,2BAED,SAAsBnW,GACpB,IAEI2a,EAFErY,EAAe1I,KAAKiI,IAAIS,aAG9B,OAAQtC,GACN,KAAKoZ,GACHuB,EAAU,IAAI3E,GAAsB,GAAD,MAAKpc,KAAKF,SAAO,IAAEwc,SAAUtc,KAAKsc,YACrE,MACF,KAAKgD,GACHyB,EAAU,IAAIpE,GAAiBjU,EAAc,GAAF,GAAM1I,KAAKF,UACtD,MACF,KAAKyf,GACHwB,EAAU,IAAInD,GAAmBlV,EAAc,GAAF,GAAM1I,KAAKF,UACxD,MACF,KAAK2f,GACHsB,EAAU,IAAIjC,GAA4BpW,EAAc,GAAF,GAAM1I,KAAKF,UACjE,MACF,QACE,MAAM,IAAI2N,MAAM,mBAAD,OAAoBrH,IAEvC,OAAO2a,CACT,KAAC,EAlIwB,IAoI1B,OApIYrB,GAAc,gBAaM,CAACJ,GAAYC,GAAcC,GAAiBC,MAAwB,OAbxFC,GAAc,iBAe8B,CACrDtC,WAAW,EACXI,YAAY,EACZT,aAAa,EACbsC,sBAAsB,EACtBF,sBAAuB,4NCxCpB,SAAS6B,EAMdC,EACArhB,EACAshB,GAGA,IAAMC,GAAOxhB,EAAAA,EAAAA,GAAmBC,GAC1BwhB,GAAcC,EAAAA,EAAAA,GAAmBF,EAAMF,GACvCK,GAAWC,EAAAA,EAAAA,GAAgBH,GAC3BI,GAAcC,EAAAA,EAAAA,GAAmBH,GACjCI,GAAYC,EAAAA,EAAAA,GAAwBH,EAAaN,GAEvD,OADaU,EAAAA,EAAAA,GAAuBF,EAEtC,+1BCpBO,SAASE,EASfT,GAEC,OAAO,SAAP,oBAgCG,EAJA,EANA,EATA,MAbH,uaAKE,aAA4B,iDAAbzgB,EAAI,yBAAJA,EAAI,gBAO8D,OAN/E,+BAASA,KAAM,yFAGf,EAAKmhB,iBAAmB,IAAI7Z,EAAAA,GAAgB,WAG5C,EAAK8Z,eAAiB,IAAIpC,EAAAA,GAAc,UAAgB,EAAK5f,QAAQigB,UAAU,CACjF,CAsEC,OAtEA,kDAED,8FACQ/f,KAAK8hB,eAAelB,QAAO,OAEP,GAA1B5gB,KAAK0I,aAAakY,QACb5gB,KAAK6I,MAAMkZ,kBAAmB,CAAF,+BACzB/hB,KAAK6hB,iBAAiB7Y,kBAAiB,gDAEhD,oFAED,8EAE2B,OAAzBhJ,KAAK0I,aAAamY,OAAO,SACnB7gB,KAAK8hB,eAAejB,OAAM,gDACjC,8FAED,WAAqBmB,GAAoB,iFACjChiB,KAAKiiB,yBAAoBtT,EAAWqT,GAAY,gDACvD,oGAGD,WAA0BhF,EAAiBgF,GAAoB,2EAC/B,GAA1BrY,EAAQ3J,KAAKF,QAAQ6J,OAGrBqT,EAAQ,CAAF,eACRhd,KAAK0I,aAAawZ,UAAUlF,GAC5BgF,EAAcA,GAAehiB,KAAKmiB,eAAeniB,KAAKF,QAAQ6J,OAAO,2BAC5D3J,KAAK+hB,kBAAmB,CAAF,2CAGDK,EAAAA,EAAAA,IAA0BpiB,KAAM,CAAC,GAAE,QAEP,OAFlDqiB,EAAgB,EAAH,KACnB1Y,EAAQ0Y,EAAc1Y,MACtBqY,EAAcA,GAAehiB,KAAKmiB,eAAexY,GAAO,UAClD3J,KAAKsiB,0BAAyB,2EAG9BtiB,KAAK6hB,iBAAiB7Y,kBAAiB,sGAQ3ChJ,KAAK6hB,iBAAiB7Y,kBAAiB,QAMnB,GAH1BhJ,KAAKuiB,kBAAkB5Y,KAGf6Y,EAAuBxiB,KAAKF,QAA5B0iB,oBACgB,CAAF,iCACdA,EAAmBxiB,KAAMgiB,GAAY,gCAClCA,GACTrd,OAAO8d,SAAS3gB,QAAQkgB,GACzB,0DACF,oFAED,WAAoD,IAA5BU,EAAM,UAAH,6CAAG/d,OAAO8d,SAASE,KACtChX,GAAMyW,EAAAA,EAAAA,IAA0BpiB,KAAM,CAAE4iB,aAAc,QAASF,IAAAA,IACrE,IAAI/W,EAAIhC,MAMN,MAAM,IAAIxF,EAAAA,EAAa,oCALvB,IAAM8Q,EAAU,IAAItI,iBAAiB,kBAAD,OAAmBhB,EAAIhC,QAC3DsL,EAAQ9H,YAAYxB,GACpBsJ,EAAQlI,OAKZ,KAAC,EAnFI,CAA2BoU,EAqFpC,wJC/FO,SAAS0B,IAGd,OAAO,SAAP,+bAOE,WAAY/iB,GAAc,MAG6B,OAH7B,eACxB,cAAMA,IAAS,qFACf,EAAKigB,SAAWjgB,EAAQigB,SACxB,EAAK7W,mBAAqBpJ,EAAQoJ,mBAAmB,CACvD,CAAC,iBAXI,EADyB4Z,EAAAA,EAAAA,KAclC,mFC7BO,SAASC,IACd,OAAOC,EAAAA,EAAAA,IACT,saCWO,SAASC,EAAkBC,GAEhC,OAAOC,GADGC,EAAAA,EAAAA,IAAKF,GAEjB,CAGO,SAASC,EAAkBE,GAChC,OAAOA,EAAIvhB,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAAKA,QAAQ,MAAO,GACpE,CAGO,SAASwhB,EAAkBC,GAChC,OAAOA,EAAKzhB,QAAQ,KAAM,KAAKA,QAAQ,KAAM,IAC/C,CAEO,SAAS0hB,EAAkBD,GAChC,IAAIF,EAAMC,EAAkBC,GAC5B,OAAQF,EAAItjB,OAAS,GACnB,KAAK,EACH,MACF,KAAK,EACHsjB,GAAO,KACP,MACF,KAAK,EACHA,GAAO,IACP,MACF,QACE,MAAM,IAAIlf,EAAAA,EAAa,yBAE3B,IAAIsf,GAAOC,EAAAA,EAAAA,IAAKL,GAChB,IACE,OAAOthB,mBAAmBC,OAAOyhB,GACnC,CAAE,MAAO1gB,GACP,OAAO0gB,CACT,CACF,CAEO,SAASE,EAAeT,GAE7B,IADA,IAAIU,EAAS,IAAIC,WAAWX,EAAInjB,QACvBc,EAAI,EAAGA,EAAIqiB,EAAInjB,OAAQc,IAC9B+iB,EAAO/iB,GAAKqiB,EAAIY,WAAWjjB,GAE7B,OAAO+iB,CACT,CAEO,SAASG,EAAgBb,GAC9B,OAAOQ,EAAAA,EAAAA,IAAKJ,EAAkBJ,GAChC,CAGO,SAASc,EAAkBT,GAChC,OAAOM,WAAW7O,KAAK+O,EAAgBR,IAAO,SAACnJ,GAAS,OAAKA,EAAE0J,WAAW,EAAE,GAC9E,CAGO,SAASG,EAAkBC,GAChC,OAAOd,EAAAA,EAAAA,IAAK,IAAIS,WAAWK,GAAKC,QAAO,SAAC7N,EAAG8N,GAAI,OAAK9N,EAAI+N,OAAOC,aAAaF,EAAK,GAAE,IACrF,sHC3DA,IAAMG,EAAI,SAASrB,GAAO,OAAOQ,KAAKR,EAAM,EACtCsB,EAAI,SAAUtB,GAAO,OAAOE,KAAKF,EAAM,EACvC9I,EAAsB,oBAAXqK,OAAyB,KAAOA,m8BCA1C,SAASC,EAAYxB,GAC1B,IAAIU,GAAS,IAAIe,aAAcC,OAAO1B,GACtC,OAAO2B,EAAAA,GAAAA,OAAAA,OAAwB,UAAWjB,GAAQzZ,MAAK,SAAS2a,GAC9D,IACIC,EADY,IAAIlB,WAAWiB,GACLniB,MAAM,EAAG,IAC/BqiB,EAAOX,OAAOC,aAAaW,MAAM,KAAMF,GAE3C,OADW9B,EAAAA,EAAAA,IAAkB+B,EAE/B,GACF,yHCTO,SAASE,EAAYrb,EAAS7I,GACnCA,GAAMmkB,EAAAA,EAAAA,IAAMnkB,GAEZ,IACIokB,EAAO,CACThf,KAAM,oBACN4e,KAAM,CAAE5e,KAAM,YAYhB,cAJOpF,EAAIqkB,IAIJR,EAAAA,GAAAA,OAAAA,UAfM,MAiBX7jB,EACAokB,GAbgB,EACL,CAAC,WAgBbjb,MAAK,SAASmb,GACb,IAAIC,EAAM1b,EAAQ1H,MAAM,KACpBqjB,GAAU7B,EAAAA,EAAAA,IAAe4B,EAAI,GAAK,IAAMA,EAAI,IAC5CE,GAAe1B,EAAAA,EAAAA,IAAgBwB,EAAI,IACnCG,GAAY/B,EAAAA,EAAAA,IAAe8B,GAE/B,OAAOZ,EAAAA,GAAAA,OAAAA,OACLO,EACAE,EACAI,EACAF,EAEJ,GACF,sRC1CwC,IAInBG,EAAY,wcAS/B,WAAYtY,EAAeuY,EAAoBC,GAAwC,sBACrF,IAAM5P,EAAU5I,EAAIyY,aAgBnB,OAfD,cAAM7P,IAAS,wQAEf,EAAK7P,KAAO,eACZ,EAAK0f,aAAezY,EAAIyY,aACxB,EAAKC,UAAY1Y,EAAI0Y,UACrB,EAAKC,UAAY3Y,EAAI2Y,UACrB,EAAKC,QAAU5Y,EAAI4Y,QACnB,EAAKC,YAAc7Y,EAAI6Y,YAEnBN,IACF,EAAKA,IAAMA,GAGTC,IACF,EAAKA,KAAOA,GACb,CACH,CAAC,iBA3B8B,SAASM,2HCJF,IAEnBC,EAAiB,wcACpC,aACoD,OADtC,eACsC,YAAlC,kCAElB,CAAC,iBAJmC,SAASD,+ICFP,IAGnBhiB,EAAY,wcAQ/B,WAAY2I,EAAa8Y,GAAsB,MAU5C,OAV4C,eAC7C,cAAM9Y,IAAK,sOACX,EAAK1G,KAAO,eACZ,EAAK2f,UAAY,WACjB,EAAKD,aAAehZ,EACpB,EAAKkZ,UAAY,WACjB,EAAKC,QAAU,WACf,EAAKC,YAAc,GACfN,IACF,EAAKA,IAAMA,GACZ,CACH,CAAC,iBAnB8B,SAASO,+ICf1C,SAASE,IACP,IACE,IAAIC,GAAK5Q,QAAQpV,UAAUimB,QAAQ9O,KAAK+O,QAAQC,UAAU/Q,QAAS,IAAI,WAAa,IACtF,CAAE,MAAO4Q,GAAI,CACb,OAAQD,EAA4B,WAClC,QAASC,CACX,IACF,CCHA,SAASI,EAAiBJ,GACxB,IAAIK,EAAI,mBAAqB9Y,IAAM,IAAIA,SAAQ,EAC/C,OAAO6Y,EAAmB,SAA0BJ,GAClD,GAAI,OAASA,ICPjB,SAA2BA,GACzB,IACE,OAAQ,IAAMM,SAAS5a,SAASyL,KAAK6O,GAAG1gB,QAAQ,gBAClD,CAAE,MAAOihB,GACP,MAAO,mBAAqBP,CAC9B,CACF,CDCuB,CAAiBA,GAAI,OAAOA,EAC/C,GAAI,mBAAqBA,EAAG,MAAM,IAAIQ,UAAU,sDAChD,QAAI,IAAWH,EAAG,CAChB,GAAIA,EAAE3Y,IAAIsY,GAAI,OAAOK,EAAEpkB,IAAI+jB,GAC3BK,EAAEtlB,IAAIilB,EAAGS,EACX,CACA,SAASA,IACP,OEZN,SAAoBT,EAAGvjB,EAAG4jB,GACxB,GAAI,IAA4B,OAAOH,QAAQC,UAAUxB,MAAM,KAAMnkB,WACrE,IAAIoW,EAAI,CAAC,MACTA,EAAEjM,KAAKga,MAAM/N,EAAGnU,GAChB,IAAIikB,EAAI,IAAKV,EAAEtO,KAAKiN,MAAMqB,EAAGpP,IAC7B,OAAOyP,IAAK,EAAAM,EAAA,GAAeD,EAAGL,EAAErmB,WAAY0mB,CAC9C,CFMa,CAAUV,EAAGxlB,WAAW,EAAAomB,EAAA,GAAelnB,MAAMmnB,YACtD,CACA,OAAOJ,EAAQzmB,UAAYC,OAAO+B,OAAOgkB,EAAEhmB,UAAW,CACpD6mB,YAAa,CACX7lB,MAAOylB,EACPK,YAAY,EACZC,UAAU,EACVC,cAAc,MAEd,EAAAL,EAAA,GAAeF,EAAST,EAC9B,EAAGI,EAAiBJ,EACtB,KGbqBH,EAAW,wcAC9B,WAAYlQ,GAAiB,MAGuB,OAHvB,eAE3B,cAAMA,GACN1V,OAAO0mB,gBAAe,WAAM,2CAAW3mB,WAAW,CACpD,CAAC,iBAL6B,CAK7B,EALsCmN,oJCCD,IAGnB8Z,EAAU,wcAU7B,WAAYxB,EAAmByB,EAAiBC,GAAqB,MAelE,OAfkE,eACnE,cAAMD,IAAS,4LAHW,MAK1B,EAAKphB,KAAO,aACZ,EAAK2f,UAAYA,EACjB,EAAKD,aAAe0B,EAGpB,EAAKzd,MAAQgc,EACb,EAAK2B,kBAAoBF,EAIrBC,IACF,EAAKA,KAAOA,GACb,CACH,CAAC,iBA1B4B,SAAStB,mKCDH,IAKhBwB,EAAY,wcAS/B,WAAYC,EAAgBC,EAAoCJ,GAAqB,QASlF,OATkF,eAGnF,cAAsB,QAAtB,EAAMI,EAAW9d,aAAK,QAAI4d,EAAaG,gBAAe,qGAPjD,iBAAc,yBAEO,MAM1B,EAAKF,OAASA,EACd,EAAKC,WAAaA,EAEdJ,IACF,EAAKA,KAAOA,GACb,CACH,CA+CC,OA/CA,2BAGD,WAAuB,OAAOznB,KAAK6nB,WAAW9d,KAAO,GAAC,qBACtD,WAA2B,OAAO/J,KAAK+J,KAAO,GAAC,6BAE/C,WAAmC,OAAO/J,KAAK6nB,WAAWH,iBAAmB,GAAC,4BAE9E,WAAkC,OAAO1nB,KAAK0nB,iBAAmB,GAAC,wBAClE,WAA8B,OAAO1nB,KAAK+nB,gBAAkB,GAAC,iBAC7D,WAAuB,OAAO/nB,KAAK6nB,WAAWG,KAAO,IAAC,0BAGtD,SAAoBC,GAElB,IAAKA,EACH,OAAO,KAiBT,IAVA,IASIC,EATEC,EAAQ,qHACRC,EAAaH,EAAOriB,QAAQ,KAC5BgiB,EAASK,EAAOtlB,MAAM,EAAGylB,GACzBC,EAAYJ,EAAOtlB,MAAMylB,EAAa,GACtCE,EAAS,CAAC,EAM2B,QAAnCJ,EAAQC,EAAMI,KAAKF,KAAsB,OAC/CC,EAAOJ,EAAM,IAAe,QAAR,EAAAA,EAAM,UAAE,QAAIA,EAAM,EACxC,CAEA,OAAO,IAAIP,EAAaC,EAAQU,EAClC,GAAC,sCAID,WAA2E,MAA1CE,EAAuB,UAAH,6CAAG,CAAC,EACvD,OAAIC,EAAAA,EAAAA,IAAYD,aAAO,EAAPA,EAAqBjmB,KAC3BimB,EAAoBjmB,IAAI,oBAEA,QAAlC,EAAOimB,EAAQ,2BAAmB,QAAIA,EAAQ,mBAChD,KAAC,EAlE8B,CAASrC,EAAAA,IAAW,OAAhCwB,EAAY,gBACR,qoBCFzB,SAASe,EAAepT,GACtB,OAAQA,aAAeqQ,EAAAA,CACzB,CAEA,SAASgD,EAAarT,GACpB,OAAQA,aAAeiS,EAAAA,CACzB,CAEA,SAASqB,EAAetT,GACtB,OAAQA,aAAeqS,EAAAA,CACzB,qsMCZMkB,EAAiB,oCAEhB,SAASnM,IACd,MAA2B,oBAAblb,UAA8C,oBAAXmD,MACnD,CAEO,SAASD,IACd,IAAKgY,IACH,OAAO,EAET,IAAMoM,EAAgBtnB,SAAiBsnB,aACvC,QAASA,GAAgBA,GAAgB,EAC3C,CAEO,SAASC,IACd,OAAOvU,UAAUD,SACnB,CAEO,SAASyU,IACd,IAAMC,EAAQF,IACd,OAAOE,IAAUJ,EAAeK,KAAKD,EACvC,CAEO,SAASE,IACd,IAAKzM,IACH,OAAO,EAET,IAAMoM,EAAgBtnB,SAAiBsnB,aACnCM,EAAWN,GAAgBA,EAAe,GAC9C,YAAkC,IAAvBnkB,OAAOwI,cAAgCic,CAIpD,CAEA,SAASC,IACP,YAA4B,IAAdxE,EAAAA,IACK,OAAdA,EAAAA,SAC4B,IAArBA,EAAAA,GAAAA,QACe,oBAAfhB,UACd,CAEO,SAASyF,IACd,OAAOD,GACT,CAEO,SAASE,IACd,MAA8B,oBAAhB5E,WAChB,CAEO,SAAS6E,IACd,OAAOF,KAA4BC,GACrC,CAEO,SAASE,IACd,QAAK/M,KAG+B,WAA7B/X,OAAO8d,SAASiH,QACzB,CAEO,SAASC,IAEd,OAAOjN,KAA4C,cAA7B/X,OAAO8d,SAASmH,QACxC,CAGO,SAASC,IACd,OAAQnlB,UACsB,IAArBC,OAAO+K,WACd6Z,KACAF,GACJ,CAEO,SAASS,IAEd,OAAOpN,KAAoC,oBAAdlI,gBAA4D,IAAxBA,UAAUD,WAExE,mBAAmB2U,KAAK1U,UAAUD,aAAe5P,OAAOolB,QAC7D,+GChFaC,EAAa,WAGxB,cAAc,mDAEZhqB,KAAKiqB,aAAe,CAAC,gBAAD,OAAiBC,WACrClqB,KAAKmqB,yBACP,CAoBC,OApBA,sCAED,SAAeC,GACbpqB,KAAKiqB,aAAahf,KAAKmf,EACzB,GAAC,2BAED,WACE,MAAO,CAAE,6BAA8BpqB,KAAKiqB,aAAarnB,KAAK,KAChE,GAAC,wBAED,WACE,MAAOsnB,QACT,GAAC,qCAED,WACE,KAAIxN,EAAAA,EAAAA,cAAgBhF,SAAYA,QAAQ2S,SAAxC,CAGA,IAAcC,EAAY5S,QAAQ2S,SAA1Blb,KACRnP,KAAKiqB,aAAahf,KAAK,UAAD,OAAWqf,GAFjC,CAGF,KAAC,EA3BuB,sCCFnB,SAASC,EAAiBC,EAAmCC,EAAYC,GAC9EF,EAAW1qB,QAAQ0oB,QAAUgC,EAAW1qB,QAAQ0oB,SAAW,CAAC,EAC5DgC,EAAW1qB,QAAQ0oB,QAAQiC,GAAcC,CAC3C,8eCLO,SAASnJ,EAOfJ,GAEC,OAAO,SAAP,+bAKE,aAA4B,iDAAbzgB,EAAI,yBAAJA,EAAI,gBAQf,OAPF,+BAASA,KAAM,6EAEf,EAAKiqB,eAAiB,IAAIX,EAAAA,EAG1B,EAAKY,KAAO,CACVL,iBAAkBA,EAAAA,EAAAA,KAAsB,MAAM,YAC9C,CACJ,CAoBC,OApBA,kCAED,SAAW/B,GACTxoB,KAAKF,QAAQ0oB,QAAUjoB,OAAOC,OAAO,CAAC,EAAGR,KAAKF,QAAQ0oB,QAASA,EACjE,GAAC,6BAED,WAGE,OAAOxoB,KAAKF,QAAQ+qB,OAAQ1oB,MAAM,YAAY,EAChD,GAAC,uBAED,SAAU2oB,GACR,IAAIpI,EAAM,0BAA2BqI,EAAAA,EAAAA,IAAcD,GAMnD,OAAOvoB,EAAAA,EAAAA,IAAIvC,KAAM0iB,EALH,CACZ8F,QAAS,CACP,OAAU,yBAIhB,KAAC,EAlCI,CAA2BrH,EAoCpC,wSCzCA,IAAM6J,EAA0B,0BAoFhC,EA9CA,SAAsBzV,EAAgBmN,EAAahiB,GACjD,IAAIuqB,EAAOvqB,EAAK8E,KACZgjB,EAAU9nB,EAAK8nB,SAAW,CAAC,EAC3B0C,EAAe1C,EAAQ,iBAAmBA,EAAQ,iBAAmB,GAErEyC,GAAwB,iBAATA,IAEbD,EAAwB9B,KAAKgC,GAC/BD,EAAOplB,KAAKE,UAAUklB,GAEC,sCAAhBC,IACPD,EAAO1qB,OAAOmgB,QAAQuK,GACrBld,KAAK,+BAAEod,EAAK,KAAE7pB,EAAK,qBAAS6pB,EAAK,YAAItpB,mBAAmBP,GAAM,IAC9DsB,KAAK,OAIV,IACIwoB,GADQC,EAAAA,EAAOC,OAASC,KACH7I,EAAK,CAC5BnN,OAAQA,EACRiT,QAAS9nB,EAAK8nB,QACdyC,KAAMA,EACNO,YAAa9qB,EAAK+qB,gBAAkB,UAAY,SAOlD,OAJKL,EAAaM,UAChBN,EAAelgB,QAAQT,QAAQ2gB,IAG1BA,EAAajhB,MAAK,SAASwhB,GAChC,IAAI5hB,GAAS4hB,EAASC,GAClBxiB,EAASuiB,EAASviB,OACtB,OApEJ,SAAkBuiB,GAChB,OAAIA,EAASnD,QAAQjmB,IAAI,iBAEvBopB,EAASnD,QAAQjmB,IAAI,gBAAiBkS,cAAc7O,QAAQ,qBAAuB,EAC9E+lB,EAASE,OAEb1gB,OAAM,SAAApI,GACL,MAAO,CACLgH,MAAOhH,EACP+iB,aAAc,kCAElB,IAEO6F,EAASG,MAEpB,CAqDWC,CAASJ,GACbxhB,MAAK,SAAA3E,GACJ,OArDR,SAAsB4D,EAAgB5D,EAAuBmmB,GAC3D,IAEsD,EAFhDK,EAA2B,YAAhB,OAAOxmB,GAClBgjB,EAAU,CAAC,EAAE,85BACCmD,EAASnD,QAAgB9H,WAAS,IAAtD,IAAK,EAAL,qBAAwD,KAA7CuL,EAAI,QACbzD,EAAQyD,EAAK,IAAMA,EAAK,EAC1B,CAAC,+BACD,IAAM/a,EAAuB,CAC3Bgb,aAAcF,EAAWnmB,KAAKE,UAAUP,GAAQA,EAChD4D,OAAQA,EACRof,QAAAA,GAMF,OAJIwD,IACF9a,EAAOib,aAAe,OACtBjb,EAAOkb,aAAe5mB,GAEjB0L,CACT,CAqCemb,CAAajjB,EAAQ5D,EAAMmmB,EACpC,IACCxhB,MAAK,SAAA+G,GAAU,MACd,GAAInH,GAA4B,QAAvB,EAAImH,EAAOkb,oBAAY,OAAnB,EAAqBriB,MAEhC,MAAMmH,EAER,OAAOA,CACT,GACJ,GACF,EClFO,SAASob,IAEd,OAAO,SAAP,+bAQE,WAAY5rB,GAAW,MAOW,OAPX,eACrB,cAAMA,IAAM,kQACZ,EAAKmqB,OAASnqB,EAAKmqB,OACnB,EAAK0B,kBAAoB7rB,EAAK6rB,kBAC9B,EAAK/D,QAAU9nB,EAAK8nB,QACpB,EAAKgE,kBAAoB9rB,EAAK8rB,mBAAqBC,EACnD,EAAKC,wBAA0BhsB,EAAKgsB,wBACpC,EAAKC,UAAYjsB,EAAKisB,UAAU,CAClC,CAAC,iBAhBI,EAD2BC,EAAAA,EAAAA,KAmBpC,44BCHA,IACIC,EADAC,EAA4B,GAE5BpQ,EAAAA,EAAAA,eACFoQ,EAA4BprB,KAAKC,MACjCkrB,EAAiC,WAC1BrrB,SAASyd,SACZ6N,EAA4BprB,KAAKC,MAErC,EACAH,SAASwS,iBAAiB,mBAAoB6Y,IAGhD,IAAME,EAAc,SAAC9kB,EAA4B8B,GAA2D,YAC1G,GAAIA,aAAiB0D,MAGnB,OAAO,IAAIkY,EAAAA,EAAa,CACtBG,aAAc/b,EAAMkM,UAIxB,IACI5I,EADAoa,EAAqB1d,EAErBijB,EAAiC,CAAC,EACtC,GAAIvF,EAAKyE,eAAgBe,EAAAA,EAAAA,IAASxF,EAAKyE,cACrC,IACEc,EAAYnnB,KAAKC,MAAM2hB,EAAKyE,aAC9B,CAAE,MAAOnpB,GACPiqB,EAAY,CACVlH,aAAc,gBAElB,CAGE2B,EAAKre,QAAU,MACjB4jB,EAAUlH,aAAe,iBAGvB7d,EAAInI,QAAQysB,oBACd9E,EAAOxf,EAAInI,QAAQysB,mBAAkBpH,EAAAA,EAAAA,IAAMsC,KAI7C,IAAMyF,EAAoE,QAAvD,EAAGvF,EAAAA,EAAAA,yBAA0C,QAAL,EAACF,SAAI,aAAJ,EAAMe,gBAAQ,QAAI,GAQ9E,GALEnb,EADE2f,EAAUjjB,OAASijB,EAAUtF,kBACzB,IAAIH,EAAAA,EAAWyF,EAAUjjB,MAAOijB,EAAUtF,kBAAmBD,GAE7D,IAAI9B,EAAAA,EAAaqH,EAAuBvF,EAAM,CAAEyF,cAAAA,IAGpDA,IAAqB,QAAJ,EAAAzF,SAAI,aAAJ,EAAMre,SAAU,MAAW,QAAJ,EAAAqe,SAAI,aAAJ,EAAMre,QAAS,IAAK,CAC9D,IAAM+jB,EAAaxF,EAAAA,EAAAA,YAAyBuF,GAE5C,GAAoB,MAAhBzF,EAAKre,QAAwC,yCAAtB+jB,aAAU,EAAVA,EAAYpjB,OAAiD,CAEtF,MAAgCojB,EAAWtF,WAAnCuF,EAAO,EAAPA,QAASC,EAAU,EAAVA,WACjBhgB,EAAM,IAAIsY,EAAAA,EACR,CACEG,aAAcqH,EAAWpjB,MACzBmc,YAAa,CAAC,CAAEJ,aAAcqH,EAAWpF,oBAE3CN,EAAI,GAGF2F,SAAUA,GAENC,GAAc,CAAEA,WAAAA,IAG1B,KACgC,UAAvBF,aAAU,EAAVA,EAAYvF,UACnBva,EAAM8f,EAMV,CAEA,OAAO9f,CACT,EAGO,SAASigB,EAAYrlB,EAA4BnI,GAAuC,MAG7F,GAFAA,EAAUA,GAAW,CAAC,EAElBmI,EAAInI,QAAQ4sB,wBAAyB,KACsB,EADtB,85BACbzkB,EAAInI,QAAQ4sB,yBAAuB,IAA7D,IAAK,EAAL,sBACEa,EADoB,SACRztB,EACb,+BACH,CAEA,IAAI4iB,EAAM5iB,EAAQ4iB,IACdnN,EAASzV,EAAQyV,OACjB7U,EAAOZ,EAAQY,KACf8sB,EAAiB1tB,EAAQ0tB,eACzB1jB,EAAchK,EAAQgK,YACtB2hB,GAA8C,IAA5B3rB,EAAQ2rB,gBAE1BloB,EADc0E,EAAInI,QAAQuD,YACHE,QACvBkqB,EAAYxlB,EAAIylB,eAAeC,aAAa1lB,EAAInI,QAAQ0C,SACxDorB,EAAgB9tB,EAAQ8tB,cACxBjB,EAAiC,QAAxB,EAAG1kB,EAAInI,QAAQ6sB,iBAAS,QAAI,EAEzC,GAAI7sB,EAAQ+tB,cAAe,CACzB,IACIC,EADgBL,EAAUxQ,aACKyF,GACnC,GAAIoL,GAAkBpsB,KAAKC,MAAM,IAAOmsB,EAAe1oB,UACrD,OAAO8F,QAAQT,QAAQqjB,EAAenC,SAE1C,CAEA,IACInD,EAAuB,EAAH,CACtB,OAAU,mBACV,eAAgB,oBAHQvgB,EAAI0iB,eAAeoD,iBAM7CxtB,OAAOC,OAAOgoB,EAASvgB,EAAInI,QAAQ0oB,QAAS1oB,EAAQ0oB,SACpDA,GAAUvoB,EAAAA,EAAAA,IAAWuoB,GAEjB1e,IAAemjB,EAAAA,EAAAA,IAASnjB,KAC1B0e,EAAuB,cAAI,UAAY1e,GAGzC,IAMIuD,EAAK1B,EAAKqiB,EANVC,EAA4B,CAC9BzF,QAAAA,EACAhjB,KAAM9E,QAAQiO,EACd8c,gBAAAA,GAKF,GAAImC,IAAiBlR,EAAAA,EAAAA,cAAeiQ,EAAY,EAAG,CACjD,IAAIuB,EACAC,EACAC,EACAC,EAAa,EAKjBF,EAAwB,WACtB,IAAMG,EAA6B5sB,KAAKC,MAAQmrB,EAChD,OAAIwB,EAA6B3B,EACxB,IAAIzhB,SAAc,SAACT,GAAO,OAAKmB,YAAW,WAC1CpK,SAASyd,OAGZxU,EAAQyjB,KAFRzjB,GAIJ,GAAGkiB,EAAY2B,EAA2B,IAEnCpjB,QAAQT,SAEnB,EAGAyjB,EAAkC,WAE9B,IAAIK,EADN,OAAI/sB,SAASyd,OAEJ,IAAI/T,SAAc,SAACT,GACxB8jB,EAAwB,WACjB/sB,SAASyd,SACZzd,SAAS0S,oBAAoB,mBAAoBqa,GACjD9jB,EAAQ0jB,KAEZ,EACA3sB,SAASwS,iBAAiB,mBAAoBua,EAChD,IAEOJ,GAEX,EAKA,IAAMK,EAAiB,WACrB,OAAOvmB,EAAInI,QAAQ0sB,kBAAmBjX,EAASmN,EAAMuL,GAAa9iB,OAAM,SAACkC,GAEvE,GADwC,iBAAjBA,aAAG,EAAHA,EAAK4I,UACNoY,EAAa5nB,EAAAA,oBAEjC,OADA4nB,IACOD,IAET,MAAM/gB,CACR,GACF,EAQA2gB,GAJAI,EAAiB,WACf,OAAOF,IAAkC/jB,KAAKqkB,EAChD,IAGF,MACER,EAAU/lB,EAAInI,QAAQ0sB,kBAAmBjX,EAASmN,EAAMuL,GAG1D,OAAOD,EACJ7jB,MAAK,SAASsd,GAgCb,OA/BA9b,EAAM8b,EAAKyE,gBACAe,EAAAA,EAAAA,IAASthB,KAClBA,EAAM9F,KAAKC,MAAM6F,KACS,YAAf,OAAOA,KAAqBA,EAAI6c,UACrCzT,MAAM0Z,QAAQ9iB,GAChBA,EAAIjG,SAAQ,SAAAgpB,GACVA,EAAKlG,QAAUf,EAAKe,OACtB,IAEA7c,EAAI6c,QAAUf,EAAKe,SAKrBgF,IACG7hB,EAAIgjB,YACPprB,EAAQ+B,OAAOiB,EAAAA,uBAIfoF,GAAOA,EAAIgjB,YAAchjB,EAAIvG,WAC/B7B,EAAQlC,IAAIkF,EAAAA,qBAAsBoF,EAAIgjB,WAAYhjB,EAAIvG,UAAW6C,EAAInI,QAAQ0C,SAG3EmJ,GAAO7L,EAAQ+tB,eACjBJ,EAAUmB,cAAclM,EAAM,CAC5Btd,UAAW0G,KAAKsH,MAAM1R,KAAKC,MAAM,KAAQgF,EAAAA,uBACzCglB,SAAUhgB,IAIPA,CACT,IACCR,OAAM,SAASsc,GAOd,KAJsB,cAFtBpa,EAAM0f,EAAY9kB,EAAKwf,IAEf1B,WACNxiB,EAAQ+B,OAAOiB,EAAAA,sBAGX8G,CACR,GACJ,CAEO,SAAS9K,EAAI0F,EAA4Bya,EAAa5iB,GAE3D,IAAI6f,EAAa,CACf+C,IAFFA,GAAMmM,EAAAA,EAAAA,IAAcnM,GAAOA,EAAMza,EAAI6mB,kBAAoBpM,EAGvDnN,OAAQ,OAGV,OADAhV,OAAOC,OAAOmf,EAAY7f,GACnBwtB,EAAYrlB,EAAK0X,EAC1B,CAEO,SAASoP,EAAK9mB,EAA4Bya,EAAahiB,EAAoBZ,GAEhF,IAAIkvB,EAAc,CAChBtM,IAFFA,GAAMmM,EAAAA,EAAAA,IAAcnM,GAAOA,EAAMza,EAAI6mB,kBAAoBpM,EAGvDnN,OAAQ,OACR7U,KAAMA,EACN8sB,gBAAgB,GAGlB,OADAjtB,OAAOC,OAAOwuB,EAAalvB,GACpBwtB,EAAYrlB,EAAK+mB,EAC1B,m1BCnRqBC,GAAe,QAIlC,WAAYC,EAAiCpvB,GAA6B,0DACxE,IAAQ6L,EAAQ7L,EAAR6L,IACA6c,EAAqB7c,EAArB6c,QAAY2G,GAAI,OAAKxjB,EAAG,GAG5B6c,IACFxoB,KAAKwoB,QAAUA,GAIjBjoB,OAAOkF,KAAK0pB,GAAMzpB,SAAQ,SAAA1E,GACZ,WAARA,IAGJ,EAAKA,GAAOmuB,EAAKnuB,GACnB,GACF,6lBC5BK,SAAeouB,EAAW,oCAgEhC,wCAhEM,WAKLF,EACApvB,GAA2B,iHAUyC,GATpEuvB,EAAuC,EAAH,6BAAGJ,EAAe,EAIlDC,EAASxmB,aAAaqC,gBADXukB,EAAc,EAA3BxlB,YAGIylB,EAAUzvB,EAAQgK,aAAewlB,EACjCzE,EAASqE,EAASJ,kBAChBpM,EAAyB5iB,EAAzB4iB,IAAKnN,EAAoBzV,EAApByV,OAAQiQ,EAAY1lB,EAAZ0lB,QACfgK,EAAa9M,EAAI+M,WAAW5E,GAAWnI,EAAM,GAAH,OAAMmI,GAAM,OAAGnI,GAE1D6M,EAAS,CAAF,qBACJ,IAAIprB,EAAAA,EAAa,+DAA8D,OASrD,GAN9B2F,EAAoCylB,EAElCG,EAAkC,EAAH,CACnClH,QAAS,CAAE,OAAU,0BACrB9F,IAAK8M,EACLja,OAAAA,GACIiQ,GAAW,CAAE9kB,KAAM8kB,KAGrB0J,EAASpvB,QAAQ6vB,KAAM,CAAF,mBACI,iBAAhB7lB,EAAwB,uBAC3B,IAAI3F,EAAAA,EAAa,uDAAsD,yBAGzC+qB,EAASU,4BAA4B,CACzEra,OAAAA,EACAmN,IAAK8M,EACL1lB,YAAAA,IACA,iBAJM+lB,EAAa,EAAbA,cAAeC,EAAI,EAAJA,KAKvBJ,EAAYlH,QAASqH,cAAgBA,EACrCH,EAAYlH,QAASsH,KAAOA,EAAK,wBAGjChmB,EAAqC,iBAAhBA,EAA2BA,EAAcA,EAAYA,YAC1E4lB,EAAY5lB,YAAcA,EAAY,0BAGtBwjB,EAAAA,EAAAA,IAAY4B,EAAUQ,GAAY,QAanD,OAbK/jB,EAAM,EAAH,KAIP6E,EADEuE,MAAM0Z,QAAQ9iB,GACVA,EAAIoC,KAAI,SAAA2gB,GAAI,OAAI,IAAIW,EAAiBH,EAAU,CACnDvjB,IAAK+iB,EACL5kB,YAAAA,GACA,IAEI,IAAIulB,EAAiBH,EAAU,CACnCvjB,IAAAA,EACA7B,YAAAA,IAEH,kBACM0G,GAAG,4CACX,wBAYM,SAASuf,EAA0B,GASxC,IADwB,IANtBb,EAAQ,EAARA,SACAplB,EAAW,EAAXA,YACAkmB,EAAU,EAAVA,WACAC,EAAK,EAALA,MAEFZ,EAAuC,UAAH,6CAAGJ,EAAe,aAEjD,IAGD,EAHO1Z,EAAM,KACf,GAAIA,EAAOd,gBAAkBub,EAAY,CACvC,IAAME,EAAOD,EAAMvwB,KACnB,MAAO,CAAP,uBAAQ,WAAO8lB,GAAQ,0FAAK4J,EAAyBF,EAAU,CAC7DplB,YAAAA,EACA4Y,IAAKwN,EAAKvN,KACVpN,OAAAA,EACAiQ,QAAAA,GACC6J,IAAiB,wFACtB,CAAC,EATH,MAAqB,CAAC,MAAO,OAAQ,MAAO,UAAS,eAAE,8CAUvD,CAEA,IAKA,EALMa,EAAOD,EAAMD,GACnB,IAAKE,EACH,MAAM,IAAI/rB,EAAAA,EAAa,qCAAD,OAAsC6rB,IAG9D,2BAAQ,WAAOxK,GAAQ,0FAAK4J,EAAyBF,EAAU,CAC7DplB,YAAAA,EACA4Y,IAAKwN,EAAKvN,KACVpN,OAAQ2a,EAAKC,MAAOC,MAAO,GAC3B5K,QAAAA,GACC6J,IAAiB,sFACtB,4CC7HqC,IAEhBgB,EAAkB,wcAKrC,WAAYnB,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,mHAEzB,MAA2CA,EAAQ6L,IAA3C2kB,EAAS,EAATA,UAAWC,EAAU,EAAVA,WAAYC,EAAO,EAAPA,QAGR,OAFvB,EAAKF,UAAYA,EACjB,EAAKC,WAAaA,EAClB,EAAKC,QAAUA,EAAQ,CACzB,CAAC,iBAZoC,CAASvB,GCFX,ICUoB,EAYG,EAiBS,EDrChDwB,EAAwB,wcAG3C,WAAYvB,EAAUpvB,GAAS,MAGY,OAHZ,eAC7B,cAAMovB,EAAUpvB,IAAS,uCAEzB,EAAK4wB,WAAa5wB,EAAQ6L,IAAI+kB,WAAW,CAC3C,CAAC,iBAP0C,CAASzB,GCQzC0B,GAA4C,oBAAG,WAAOzB,EAAUpvB,GAAQ,uFACzDsvB,EAAYF,EAAU,CAC9CxM,IAAK,yBACLnN,OAAQ,MACRzL,YAAahK,aAAO,EAAPA,EAASgK,aACrBumB,GAAmB,OAJL,OAAX/f,EAAc,EAAH,uBAKVA,GAAW,2CACnB,SAPwD,sCAY5CsgB,GAA+C,oBAAG,WAC7D1B,EACApvB,GAAO,6EAEqB,OAApB0lB,GAFD,EAE0B1lB,GAAzB0lB,QAAS1b,EAAW,EAAXA,YAAW,SACFslB,EAAYF,EAAU,CAC9CxM,IAAK,yBACLnN,OAAQ,MACRiQ,QAAAA,EACA1b,YAAAA,GACCumB,GAAmB,OALL,OAAX/f,EAAc,EAAH,uBAMVA,GAAW,2CACnB,SAZ2D,sCAiB/CugB,GAAwD,oBAAG,WACtE3B,EACApvB,GAAQ,uFAEkBsvB,EAAYF,EAAU,CAC9CxM,IAAK,gCACLnN,OAAQ,MACRzL,YAAahK,aAAO,EAAPA,EAASgK,aACrB2mB,GAAyB,OAJX,OAAXngB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,SAVoE,sCCtChC,IAEhBwgB,EAAsB,wcAMzC,WAAY5B,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,+IAEzB,IAAQ6L,EAAQ7L,EAAR6L,IAEA4F,EAAmC5F,EAAnC4F,GAAIif,EAA+B7kB,EAA/B6kB,QAASprB,EAAsBuG,EAAtBvG,UAAWgE,EAAWuC,EAAXvC,OAIX,OAHrB,EAAKmI,GAAKA,EACV,EAAKnM,UAAYA,EACjB,EAAKorB,QAAUA,EACf,EAAKpnB,OAASA,EAAO,CACvB,CAAC,iBAhBwC,CAAS6lB,GCII,IAEnC8B,EAAyB,wcAU5C,WAAY7B,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,qNAEzB,IAAQgK,EAAqBhK,EAArBgK,YAAa6B,EAAQ7L,EAAR6L,IAEb4F,EAA2C5F,EAA3C4F,GAAInM,EAAuCuG,EAAvCvG,UAAWorB,EAA4B7kB,EAA5B6kB,QAASpnB,EAAmBuC,EAAnBvC,OAAQ4nB,EAAWrlB,EAAXqlB,OAwBtC,OAvBF,EAAKzf,GAAKA,EACV,EAAKnM,UAAYA,EACjB,EAAKorB,QAAUA,EACf,EAAKpnB,OAASA,EAGd,EAAK6nB,MAAO,qGAMgB,OALpB/jB,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,OACZC,MAAOe,GACNF,GAAuB,SACb5jB,IAAI,mFAEnB,EAAKgkB,OAAS,WAAH,wBAAG,WAAO1L,GAAO,uEAMG,OALvBtY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,GACND,GAA0B,SAChB7jB,EAAGsY,GAAQ,mFACzB,mDARa,GAQZ,CACJ,CAAC,iBAxC2C,CAASyJ,GCLC,ICuDD,EAgBiB,EAgBD,EAgBP,EDrG3CkC,EAAgB,wcAanC,WAAYjC,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,6TAEzB,IAgDa,EAhDLgK,EAAqBhK,EAArBgK,YAAa6B,EAAQ7L,EAAR6L,IAEb4F,EAAuC5F,EAAvC4F,GAAIif,EAAmC7kB,EAAnC6kB,QAASY,EAA0BzlB,EAA1BylB,MAAOhoB,EAAmBuC,EAAnBvC,OAAQ4nB,EAAWrlB,EAAXqlB,OAuDnC,OAtDD,EAAKzf,GAAKA,EACV,EAAKif,QAAUA,EACf,EAAKY,MAAQA,EACb,EAAKhoB,OAASA,EAGd,EAAK7G,KAAM,qGAMW,OALd2K,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,MACZC,MAAOe,GACNG,GAAiB,SACPjkB,IAAI,mFAEnB,EAAK5H,QAAS,qGAMV,OALI4H,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,IACP,SACW9jB,IAAI,mFAEnB,EAAKmkB,WAAY,qGAMc,OALvBnkB,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,YACZC,MAAOe,GACND,GAA0B,SAChB7jB,IAAI,mFAEf8jB,EAAOC,OACT,EAAKA,MAAO,qGAMgB,OALpB/jB,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,OACZC,MAAOe,GACNF,GAAuB,SACb5jB,IAAI,oFAGjB8jB,EAAOE,SACT,EAAKA,QAAM,oBAAG,WAAO1L,GAA4B,uEAM7C,OALItY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,IACP,SACW9jB,EAAGsY,GAAQ,mFACzB,8CACF,CACH,CAAC,iBA1EkC,CAASyJ,GCKjCqC,EAA8C,WAAH,wBAAG,WACzDpC,EACApvB,GAAQ,uFAEkBsvB,EAAwCF,EAAU,CAC1ExM,IAAK,wBACLnN,OAAQ,MACRzL,YAAahK,aAAO,EAAPA,EAASgK,aACrBqnB,GAAiB,OAJH,OAAX7gB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAVuD,qCAAG,GAe9CihB,EAA2C,WAAH,wBAAG,WACtDrC,EACApvB,GAAO,6EAEgB,OAAfyR,GAFD,EAEqBzR,GAApByR,GAAIzH,EAAW,EAAXA,YAAW,SACGslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,GAC9BgE,OAAQ,MACRzL,YAAAA,GACCqnB,GAAiB,OAJH,OAAX7gB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAXoD,qCAAG,GAgB3CkhB,EAA2C,WAAH,wBAAG,WACtDtC,EACApvB,GAAO,6EAEqB,OAApBgK,GAFD,EAE0BhK,GAAzBgK,YAAa0b,EAAO,EAAPA,QAAO,SACF4J,EAAYF,EAAU,CAC9CxM,IAAK,wBACLnN,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,GACCqnB,GAAiB,OALH,OAAX7gB,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZoD,qCAAG,GAiB3CmhB,GAA0C,oBAAG,WACxDvC,EACApvB,GAAO,6EAEgB,OAAfyR,GAFD,EAEqBzR,GAApByR,GAAIzH,EAAW,EAAXA,YAAW,SACGslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,GAC9BgE,OAAQ,SACRzL,YAAAA,IACA,OAJe,OAAXwG,EAAc,EAAH,uBAKVA,GAAW,2CACnB,SAXsD,sCAgB1CohB,GAA2D,oBAAG,WACzExC,EACApvB,GAAO,6EAEgB,OAAfyR,GAFD,EAEqBzR,GAApByR,GAAIzH,EAAW,EAAXA,YAAW,SACGslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,EAAE,cAChCgE,OAAQ,OACRzL,YAAAA,GACCinB,GAA0B,OAJZ,OAAXzgB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,SAXuE,sCAgB3DqhB,GAA0D,oBAAG,WACxEzC,EACApvB,GAAO,+EAEkC,OAAjC8xB,GAFD,EAEuC9xB,GAAtC8xB,QAASC,EAAW,EAAXA,YAAa/nB,EAAW,EAAXA,YAAW,SACfslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BkP,EAAO,sBAAcC,GACnDtc,OAAQ,OACRzL,YAAAA,GACCinB,GAA0B,OAJZ,OAAXzgB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,SAXsE,sCAgB1DwhB,GAAmD,oBAAG,WACjE5C,EACApvB,GAAO,iFAE2C,OAA1C8xB,GAFD,EAEgD9xB,GAA/C8xB,QAASC,EAAW,EAAXA,YAAarM,EAAO,EAAPA,QAAS1b,EAAW,EAAXA,YAAW,SACxBslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BkP,EAAO,sBAAcC,EAAW,WAC9Dtc,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,IACA,OALe,OAAXwG,EAAc,EAAH,uBAMVA,GAAW,2CACnB,SAZ+D,sCCzGR,IAEnCyhB,EAAgB,wcAWnC,WAAY7C,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,wPAEzB,IA0Bc,EA1BN6L,EAAqB7L,EAArB6L,IAAK7B,EAAgBhK,EAAhBgK,YAELyH,EAAgC5F,EAAhC4F,GAAIif,EAA4B7kB,EAA5B6kB,QAASpnB,EAAmBuC,EAAnBvC,OAAQ4nB,EAAWrlB,EAAXqlB,OA2C5B,OA1CD,EAAKzf,GAAKA,EACV,EAAKif,QAAUA,EACf,EAAKpnB,OAASA,EAGd,EAAK7G,KAAM,qGAMW,OALd2K,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,MACZC,MAAOe,GACNe,GAAiB,SACP7kB,IAAI,mFAEnB,EAAK5H,QAAS,qGAMV,OALI4H,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,IACP,SACW9jB,IAAI,mFAEnB,EAAKmkB,WAAS,oBAAG,WAAO7L,GAAO,uEAM3B,OALItY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,YACZC,MAAOe,IACP,SACW9jB,EAAGsY,GAAQ,mFACzB,6CACGwL,EAAOE,SACT,EAAKA,OAAS,WAAH,wBAAG,WAAO1L,GAAO,uEAMxB,OALItY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,IACP,SACW9jB,EAAGsY,GAAQ,mFACzB,mDARa,IASf,CACH,CAAC,iBA5DkC,CAASyJ,GCMjC+C,EAA8C,WAAH,wBAAG,WACzD9C,EACApvB,GAAQ,uFAEkBsvB,EAAwCF,EAAU,CAC1ExM,IAAK,wBACLnN,OAAQ,MACRzL,YAAahK,aAAO,EAAPA,EAASgK,aACrBioB,GAAiB,OAJH,OAAXzhB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAVuD,qCAAG,GAe9C2hB,EAA2C,WAAH,wBAAG,WACtD/C,EACApvB,GAAO,6EAEgB,OAAfgK,GAFD,EAEqBhK,GAApBgK,YAAayH,EAAE,EAAFA,GAAE,SACG6d,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,GAC9BgE,OAAQ,MACRzL,YAAAA,GACCioB,GAAiB,OAJH,OAAXzhB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAXoD,qCAAG,GAgB3C4hB,EAA2C,WAAH,wBAAG,WACtDhD,EACApvB,GAAO,6EAEqB,OAApBgK,GAFD,EAE0BhK,GAAzBgK,YAAa0b,EAAO,EAAPA,QAAO,SACF4J,EAAYF,EAAU,CAC9CxM,IAAK,wBACLnN,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,GACCioB,GAAiB,OALH,OAAXzhB,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZoD,qCAAG,GAiB3C6hB,EAA6C,WAAH,wBAAG,WACxDjD,EACApvB,GAAO,6EAEgB,OAAfyR,GAFD,EAEqBzR,GAApByR,GAAIzH,EAAW,EAAXA,YAAW,SACGslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,GAC9BgE,OAAQ,SACRzL,YAAAA,IACA,OAJe,OAAXwG,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAXsD,qCAAG,GAgB7C8hB,EAAoD,WAAH,wBAAG,WAC/DlD,EACApvB,GAAO,+EAEyB,OAAxBgK,GAFD,EAE8BhK,GAA7BgK,YAAayH,EAAE,EAAFA,GAAIiU,EAAO,EAAPA,QAAO,SACN4J,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,EAAE,cAChCgE,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,IACA,OALe,OAAXwG,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZ6D,qCAAG,GAiBpD+hB,EAAsD,WAAH,wBAAG,WACjEnD,EACApvB,GAAO,+EAEyB,OAAxByR,GAFD,EAE8BzR,GAA7ByR,GAAIiU,EAAO,EAAPA,QAAS1b,EAAW,EAAXA,YAAW,SACNslB,EAAYF,EAAU,CAC9CxM,IAAK,yBAAF,OAA2BnR,EAAE,WAChCgE,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,IACA,OALe,OAAXwG,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZ+D,qCAAG,aCzFX,IAEnCgiB,GAAmB,wcActC,WAAYpD,EAAUpvB,GAAS,sBAC7B,cAAMovB,EAAUpvB,IAAS,8RAEzB,IA+Ba,EA/BL6L,EAAqB7L,EAArB6L,IAAK7B,EAAgBhK,EAAhBgK,YAELyH,EAA6C5F,EAA7C4F,GAAInI,EAAyCuC,EAAzCvC,OAAQmpB,EAAiC5mB,EAAjC4mB,QAASC,EAAwB7mB,EAAxB6mB,YAAaxB,EAAWrlB,EAAXqlB,OAgDzC,OA/CD,EAAKzf,GAAKA,EACV,EAAKnI,OAASA,EACd,EAAKmpB,QAAUA,EACf,EAAKC,YAAcA,EAGf,EAAKppB,QAAUqpB,EAAAA,GAAAA,aACjB,EAAKC,OAAS,WAAH,wBAAG,WAAOlN,GAAO,uEAMH,OALjBtY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,GACNsB,GAAoB,SACVplB,EAAGsY,GAAQ,mFACzB,mDARa,IAWd,EAAKjjB,KAAM,qGAMc,OALjB2K,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,MACZC,MAAOe,GACNsB,GAAoB,SACVplB,IAAI,mFAGnB,EAAKylB,QAAM,oBAAG,WAAOnN,GAAO,uEAMH,OALjBtY,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,MACZC,MAAOe,GACNsB,GAAoB,SACVplB,EAAGsY,GAAQ,mFACzB,6CAED,EAAKlgB,QAAS,qGAMV,OALI4H,EAAK6iB,EAA2B,CACpCb,SAAAA,EACAplB,YAAAA,EACAkmB,WAAY,SACZC,MAAOe,IACP,SACW9jB,IAAI,oFAEpB,CACH,CAAC,iBApEqC,CAAS+hB,GCMpC2D,GAAiD,WAAH,wBAAG,WAC5D1D,EACApvB,GAAO,uFAEmBsvB,EAAYF,EAAU,CAC9CxM,IAAK,0BACLnN,OAAQ,MACRzL,YAAahK,aAAO,EAAPA,EAASgK,aACrBwoB,IAAoB,OAJN,OAAXhiB,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAV0D,qCAAG,GAejDuiB,GAAoD,WAAH,wBAAG,WAC/D3D,EACApvB,GAAO,6EAEqB,OAApBgK,GAFD,EAE0BhK,GAAzBgK,YAAa0b,EAAO,EAAPA,QAAO,SACF4J,EAAYF,EAAU,CAC9CxM,IAAK,0BACLnN,OAAQ,OACRiQ,QAAAA,EACA1b,YAAAA,GACCwoB,IAAoB,OALN,OAAXhiB,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZ6D,qCAAG,GAiBpDwiB,GAAoD,WAAH,wBAAG,WAC/D5D,EACApvB,GAAO,6EAEqB,OAApBgK,GAFD,EAE0BhK,GAAzBgK,YAAa0b,EAAO,EAAPA,QAAO,SACF4J,EAAYF,EAAU,CAC9CxM,IAAK,0BACLnN,OAAQ,MACRiQ,QAAAA,EACA1b,YAAAA,GACCwoB,IAAoB,OALN,OAAXhiB,EAAc,EAAH,uBAMVA,GAAW,2CACnB,gBAZ6D,qCAAG,GAiBpDyiB,GAAgD,WAAH,wBAAG,WAC3D7D,EACApvB,GAAQ,uFAEkBsvB,EAAYF,EAAU,CAC9CxM,IAAK,0BACLnN,OAAQ,SACRzL,YAAahK,aAAO,EAAPA,EAASgK,cACtB,OAJe,OAAXwG,EAAc,EAAH,uBAKVA,GAAW,2CACnB,gBAVyD,qCAAG,8FC9CtD,SAAS0iB,EAQd/R,EACArhB,EACAqzB,GAIA,IAAMC,GAAOlS,EAAAA,EAAAA,GAA4BC,EAA2BrhB,EAAoBqzB,GAExF,OADsBE,EAAAA,EAAAA,GAAwBD,EAEhD,knCClBO,SAASC,EAQfhS,GAEC,OAAO,SAAP,+bAIE,aAA4B,iDAAbzgB,EAAI,yBAAJA,EAAI,gBAQR,OAPT,+BAASA,KAAM,sCAEf,EAAK0yB,UAAY7yB,OAAOmgB,QAAQ2S,GAC7B1hB,QAAO,YAAO,MAAgB,aAAvB,YAAO,EAAyB,IACvCwS,QAAO,SAACmP,EAAK,GAAe,mBAAdltB,EAAI,KAAE8G,EAAE,KAErB,OADAomB,EAAIltB,GAAS8G,EAAW8K,KAAK,MAAM,WAC5Bsb,CACT,GAAG,CAAC,GAAG,CACX,CAAC,iBAbI,CAAgCnS,EAezC,qCCjBO,IAAKoS,EAKAC,EAKAf,mFAPX,SAHWc,GAAAA,EAAS,kBAATA,EAAS,sBAGpB,CAHWA,IAAAA,EAAS,KAQpB,SAHWC,GAAAA,EAAM,oBAANA,EAAM,wBAGjB,CAHWA,IAAAA,EAAM,KAQjB,SAHWf,GAAAA,EAAc,4BAAdA,EAAc,gBAGzB,CAHWA,IAAAA,EAAc,wLClBLgB,EAAQ,WAG3B,WAAYC,IAAa,kDAEvB1zB,KAAK0zB,YAAcC,SAASD,GAAe,EAC7C,CAOC,OAPA,2BAUD,WAEE,OADWhyB,KAAKC,MAAQ3B,KAAK0zB,aAAe,GAE9C,IAAC,qBAVD,WAGE,OAAO,IAAID,EADO,EAEpB,KAAC,EAb0B,smBCoC7B,IAAMG,EAAkB,CAEtBxW,WAAW,EACXI,YAAY,EACZT,aAAa,EAEb8W,0BAA0B,EAC1BtwB,aAASoL,EACTmlB,mBAAoB,GACpB7tB,WAAYW,EAAAA,oBAcDmtB,EAAY,WAmCvB,WAAY9rB,GAAgE,IAAnCnI,EAA+B,UAAH,6CAAG,CAAC,EAGvE,IAHwE,iMACxEE,KAAKiI,IAAMA,EACXjI,KAAKE,QAAW+H,EAAY/H,SACvBF,KAAKE,QACR,MAAM,IAAIiE,EAAAA,EAAa,qDAGzBrE,EAAUS,OAAOC,OAAO,CAAC,EAAGozB,GAAiB3zB,EAAAA,EAAAA,IAAWH,KACnD6pB,EAAAA,EAAAA,iBACH7pB,EAAQg0B,mBAAqBF,EAAgBE,oBAG/C9zB,KAAKF,QAAUA,EAEf,IAAMk0B,GAAiC/zB,EAAAA,EAAAA,IAAW,CAChDgG,WAAYnG,EAAQmG,WACpBlB,OAAQjF,EAAQiF,SAEa,YAA3B,OAAOjF,EAAQyD,SAEjBywB,EAAehwB,gBAAkBlE,EAAQyD,QAChCzD,EAAQyD,UACjBywB,EAAenwB,YAAc/D,EAAQyD,SAGvCvD,KAAKuD,QAAU0E,EAAIylB,eAAeuG,gBAAgB,EAAD,KAAKD,GAAc,IAAEzuB,oBAAoB,KAC1FvF,KAAKk0B,MAAQT,EAASnxB,SACtBtC,KAAK2J,MAnEA,CACLwqB,eAAgB,CAAC,EACjBC,aAAc,KAkEhB,CA8QC,MAjIA,EApBA,EAiRA,OA1YA,0BAlDD,SAAGrrB,EAA6BqC,EAAsCqN,GAChEA,EACFzY,KAAKE,QAAQyI,GAAGI,EAAOqC,EAASqN,GAEhCzY,KAAKE,QAAQyI,GAAGI,EAAOqC,EAE3B,GAAC,iBAOD,SAAIrC,EAA6BqC,GAC3BA,EACFpL,KAAKE,QAAQmL,IAAItC,EAAOqC,GAExBpL,KAAKE,QAAQmL,IAAItC,EAErB,GAAC,mBAiCD,WACM/I,KAAKF,QAAQ+zB,0BACf7zB,KAAK6zB,2BAEP7zB,KAAKq0B,2BACLr0B,KAAK2J,MAAM8S,SAAU,CACvB,GAAC,kBAED,WACEzc,KAAKs0B,6BACLt0B,KAAK2J,MAAM8S,SAAU,CACvB,GAAC,uBAED,WACE,QAASzc,KAAK2J,MAAM8S,OACtB,GAAC,wBAED,WACE,OAAO0I,EAAAA,EAAAA,IAAMnlB,KAAKF,QACpB,GAAC,2BAED,SAAc+I,GACZ,IAAMirB,EAAqB9zB,KAAKF,QAAQg0B,oBAAsB,EAE9D,OADiBjrB,EAAMzD,UAAY0uB,CAErC,GAAC,wBAED,SAAWjrB,GAET,OADiB7I,KAAKu0B,cAAc1rB,IACf7I,KAAKk0B,MAAMvyB,KAClC,GAAC,yBAED,SAAYX,EAAK6H,GACf7I,KAAKE,QAAQ8J,KAAKyT,EAAAA,GAAezc,EAAK6H,EACxC,GAAC,yBAED,SAAY7H,EAAKwzB,EAAYlW,GAC3Bte,KAAKE,QAAQ8J,KAAKmU,EAAAA,EAAend,EAAKwzB,EAAYlW,EACpD,GAAC,uBAED,SAAUtd,EAAK6H,GACb7I,KAAKE,QAAQ8J,KAAKpB,EAAAA,GAAa5H,EAAK6H,EACtC,GAAC,yBAED,SAAY7H,EAAK6H,GACf7I,KAAKE,QAAQ8J,KAAKf,EAAAA,GAAejI,EAAK6H,EACxC,GAAC,uBAED,SAAUkB,GACR/J,KAAKE,QAAQ8J,KAAKyqB,EAAAA,GAAa1qB,EACjC,GAAC,qCAED,SAAwB/I,GACtB0zB,aAAa10B,KAAK2J,MAAMwqB,eAAenzB,WAChChB,KAAK2J,MAAMwqB,eAAenzB,GAGjChB,KAAK2J,MAAMyqB,aAAe,IAC5B,GAAC,wCAED,WACE,IAAID,EAAiBn0B,KAAK2J,MAAMwqB,eAChC,IAAK,IAAInzB,KAAOmzB,EACT5zB,OAAOD,UAAUq0B,eAAeld,KAAK0c,EAAgBnzB,IAG1DhB,KAAK0e,wBAAwB1d,EAEjC,GAAC,mCAED,SAAsBA,EAAK6H,GAAO,WAChC,KAAIqU,EAAAA,EAAAA,IAAerU,GAAnB,CAIA,IAAI+rB,EAAa50B,KAAKu0B,cAAc1rB,GAChCgsB,EAA+D,IAA7C/oB,KAAKgpB,IAAIF,EAAa50B,KAAKk0B,MAAMvyB,MAAO,GAG9D3B,KAAK0e,wBAAwB1d,GAE7B,IAAI+zB,EAAqBnpB,YAAW,WAClC,EAAKopB,YAAYh0B,EAAK6H,EACxB,GAAGgsB,GAGH70B,KAAK2J,MAAMwqB,eAAenzB,GAAO+zB,CAbjC,CAcF,GAAC,sCAED,WACE,IAAIE,EAAej1B,KAAKuD,QAAQ0Z,aAChC,IAAI,IAAIjc,KAAOi0B,EACb,GAAK10B,OAAOD,UAAUq0B,eAAeld,KAAKwd,EAAcj0B,GAAxD,CAGA,IAAI6H,EAAQosB,EAAaj0B,GACzBhB,KAAKye,sBAAsBzd,EAAK6H,EAFhC,CAIJ,GAAC,wCAGD,WACE7I,KAAKs0B,6BACLt0B,KAAKq0B,0BACP,GAAC,iBAED,SAAIrzB,EAAK6H,GACP,IAAIosB,EAAej1B,KAAKuD,QAAQ0Z,cAChCiY,EAAAA,EAAAA,GAAcrsB,GACdosB,EAAaj0B,GAAO6H,EACpB7I,KAAKuD,QAAQgb,WAAW0W,GACxBj1B,KAAKm1B,sBACLn1B,KAAKwe,UAAUxd,EAAK6H,GACpB7I,KAAKye,sBAAsBzd,EAAK6H,EAClC,GAAC,qBAED,SAAQ7H,GAEN,OADmBhB,KAAKuD,QAAQ0Z,aACZjc,EACtB,GAAC,sCAED,WAAUA,GAAG,0FACJhB,KAAKo1B,QAAQp0B,IAAI,gDACzB,yEAED,WACE,IAAMgc,EAAS,CAAC,EACViY,EAAej1B,KAAKuD,QAAQ0Z,aAWlC,OAVA1c,OAAOkF,KAAKwvB,GAAcvvB,SAAQ,SAAA1E,GAChC,IAAM6H,EAAQosB,EAAaj0B,IACvBq0B,EAAAA,EAAAA,IAAcxsB,GAChBmU,EAAOlT,YAAcjB,GACZysB,EAAAA,EAAAA,IAAUzsB,GACnBmU,EAAOnT,QAAUhB,GACRqU,EAAAA,EAAAA,IAAerU,KACxBmU,EAAOhS,aAAenC,EAE1B,IACOmU,CACT,GAAC,4CAED,uGACShd,KAAK+K,iBAAe,gDAC5B,8EAED,SAAoB2C,GAClB,IAAMunB,EAAej1B,KAAKuD,QAAQ0Z,aAOlC,OANY1c,OAAOkF,KAAKwvB,GAActjB,QAAO,SAAA3Q,GAC3C,IAAM6H,EAAQosB,EAAaj0B,GAC3B,OAAQq0B,EAAAA,EAAAA,IAAcxsB,IAAmB,gBAAT6E,IAC1B4nB,EAAAA,EAAAA,IAAUzsB,IAAmB,YAAT6E,IACpBwP,EAAAA,EAAAA,IAAerU,IAAmB,iBAAT6E,CACjC,IAAG,EAEL,GAAC,0BAED,SAAqB7E,GACnB,IAAIwsB,EAAAA,EAAAA,IAAcxsB,GAChB,MAAO,cAET,IAAIysB,EAAAA,EAAAA,IAAUzsB,GACZ,MAAO,UAET,IAAGqU,EAAAA,EAAAA,IAAerU,GAChB,MAAO,eAET,MAAM,IAAI1E,EAAAA,EAAa,qBACzB,GAAC,iCAGD,WACE,IAAIO,EAAAA,EAAAA,gBAAgB,CAClB,IAAMnB,EAAUvD,KAAKuD,QAAQ0Z,aAC7Bjd,KAAKE,QAAQ8J,KAAKoU,EAAAA,GAAmB7a,EACvC,CACF,GAAC,wBAGD,WACE,OAAOvD,KAAKuD,OACd,GAAC,uBAED,SACEyZ,EAEAuY,EACAC,EACAC,GACM,WACAC,EAAsB,SAAC10B,EAAK6H,GAChC,IAAM6E,EAAO,EAAKioB,aAAa9sB,GAClB,gBAAT6E,EACF6nB,GAAiBA,EAAcv0B,EAAK6H,GAClB,YAAT6E,EACT8nB,GAAaA,EAAUx0B,EAAK6H,GACV,iBAAT6E,GACT+nB,GAAkBA,EAAez0B,EAAK6H,EAE1C,EACM+sB,EAAc,SAAC50B,EAAK6H,GACxB,EAAK2V,UAAUxd,EAAK6H,GACpB,EAAK4V,sBAAsBzd,EAAK6H,GAChC6sB,EAAoB10B,EAAK6H,EAC3B,EAOMgtB,EAAgB,SAAC70B,EAAK6H,GAC1B,EAAK6V,wBAAwB1d,GAC7B,EAAK2d,YAAY3d,EAAK6H,GACtB6sB,EAAoB10B,EAAK6H,EAC3B,EAEMxE,EAAqB,CAAC,UAAW,cAAe,gBAChDyxB,EAAiB91B,KAAK+K,gBAG5B1G,EAAMqB,SAAQ,SAACgI,GACb,IAAM7E,EAAQmU,EAAOtP,GACjB7E,IACFqsB,EAAAA,EAAAA,GAAcrsB,EAAO6E,EAEzB,IAGA,IAAMnK,EAAUc,EAAM8f,QAAO,SAAC5gB,EAASmK,GACrC,IAAM7E,EAAQmU,EAAOtP,GAKrB,OAJI7E,IAEFtF,EADmB,EAAK6b,oBAAoB1R,IAASA,GAC/B7E,GAEjBtF,CACT,GAAG,CAAC,GACJvD,KAAKuD,QAAQgb,WAAWhb,GACxBvD,KAAKm1B,sBAGL9wB,EAAMqB,SAAQ,SAAAgI,GACZ,IArCqB1M,EAAK6H,EAAOyV,EAqC3ByX,EAAW/Y,EAAOtP,GAClBsoB,EAAgBF,EAAepoB,GAC/BzH,EAAa,EAAKmZ,oBAAoB1R,IAASA,EACjDqoB,GAAYC,GAEdH,EAAc5vB,EAAY+vB,GAC1BJ,EAAY3vB,EAAY8vB,GA3CL/0B,EA4CLiF,EA5CU4C,EA4CEktB,EA5CKzX,EA4CK0X,EA3CtC,EAAKpX,YAAY5d,EAAK6H,EAAOyV,GAC7B,EAAKI,wBAAwB1d,GAC7B,EAAKyd,sBAAsBzd,EAAK6H,GAChC6sB,EAAoB10B,EAAK6H,IAyCdktB,EACTH,EAAY3vB,EAAY8vB,GACfC,GACTH,EAAc5vB,EAAY+vB,EAE9B,GACF,GAAC,oBAED,SAAOh1B,GAELhB,KAAK0e,wBAAwB1d,GAE7B,IAAIi0B,EAAej1B,KAAKuD,QAAQ0Z,aAC5BgZ,EAAehB,EAAaj0B,UACzBi0B,EAAaj0B,GACpBhB,KAAKuD,QAAQgb,WAAW0W,GACxBj1B,KAAKm1B,sBAELn1B,KAAK2e,YAAY3d,EAAKi1B,EACxB,GAAC,6CAGD,WAAiBptB,GAAK,gGACC,QADD,EACb7I,KAAKiI,IAAIY,aAAK,aAAd,EAAgB0U,MAAM1U,IAAM,gDACpC,yEAED,SAAcA,GACZ,OAAOqsB,EAAAA,EAAAA,GAAcrsB,EACvB,GAAC,mBAGD,SAAM7H,GAAiC,WAErC,GAAIhB,KAAK2J,MAAMyqB,aACb,OAAOp0B,KAAK2J,MAAMyqB,aAGpB,IACE,IAAIvrB,EAAQ7I,KAAKo1B,QAAQp0B,GACrBk1B,OAAwBvnB,IAAV9F,EAElB,IAAKA,GAAiB,gBAAR7H,EAAuB,CAEnC,IAAMm1B,EAAan2B,KAAKof,oBAAoB,gBAE5C8W,OAA+BvnB,IADV3O,KAAKo1B,QAAQe,EAEpC,CAEA,IAAKD,EACH,MAAM,IAAI/xB,EAAAA,EAAa,8CAAgDnD,EAE3E,CACA,MAAOqM,GAEL,OADArN,KAAKsd,UAAUjQ,GACRnC,QAAQoC,OAAOD,EACxB,CAmCA,OAhCArN,KAAK0e,wBAAwB1d,GAIRhB,KAAK2J,MAAMyqB,aAAep0B,KAAKiI,IAAIY,MAAMutB,cAC3DjsB,MAAK,SAAA6S,GAKJ,GAJA,EAAKkF,UAAUlF,IAIVnU,GAAiB,gBAAR7H,EAAuB,CACnC,IAAM8I,EAAckT,EAAoB,YAExC,OADA,EAAK4B,YAAY5d,EAAK8I,EAAa,MAC5BA,CACT,CAIA,OAAOkT,EADW,EAAK2Y,aAAa9sB,GAEtC,IACCsC,OAAM,SAAAkC,GAKL,MAHA,EAAKrK,OAAOhC,GACZqM,EAAIgpB,SAAWr1B,EACf,EAAKsc,UAAUjQ,GACTA,CACR,IACCqe,SAAQ,WAEP,EAAK/hB,MAAMyqB,aAAe,IAC5B,GAGJ,GAAC,mBAED,WAAQ,WACApX,EAAShd,KAAK+K,gBACpB/K,KAAKs0B,6BACLt0B,KAAKuD,QAAQ+yB,eACbt2B,KAAKm1B,sBAEL50B,OAAOkF,KAAKuX,GAAQtX,SAAQ,SAAA1E,GAC1B,EAAK2d,YAAY3d,EAAKgc,EAAOhc,GAC/B,GACF,GAAC,sCAED,WAA2B,WACnBi0B,EAAej1B,KAAKuD,QAAQ0Z,aAC5BsZ,EAAgB,CAAC,EACvBh2B,OAAOkF,KAAKwvB,GAAcvvB,SAAQ,SAAA1E,GAC5Bi0B,EAAaj0B,GAAKw1B,gBACpBD,EAAcv1B,GAAOi0B,EAAaj0B,UAC3Bi0B,EAAaj0B,GAExB,IACAhB,KAAKuD,QAAQgb,WAAW0W,GACxBj1B,KAAKm1B,sBACL50B,OAAOkF,KAAK8wB,GAAe7wB,SAAQ,SAAA1E,GACjC,EAAK0d,wBAAwB1d,GAC7B,EAAK2d,YAAY3d,EAAKu1B,EAAcv1B,GACtC,GACF,GAAC,gCAED,SAAmB6H,GACjB,IAAM7H,EAAMhB,KAAKof,oBAAoB,iBAAmB/X,EAAAA,0BAGpD4tB,EAAej1B,KAAKuD,QAAQ0Z,cAChCiY,EAAAA,EAAAA,GAAcrsB,GACdosB,EAAaj0B,GAAO6H,EACpB7I,KAAKuD,QAAQgb,WAAW0W,GACxBj1B,KAAKm1B,qBACP,GAAC,gCAED,WACE,IAAMn0B,EAAMhB,KAAKof,oBAAoB,iBAAmB/X,EAAAA,0BACxDrH,KAAKgD,OAAOhC,EACd,GAAC,mCAED,WACE,IAAMgc,EAAShd,KAAK+K,gBACpBxK,OAAOkF,KAAKuX,GAAQtX,SAAQ,SAAA1E,GAC1Bgc,EAAOhc,GAAKw1B,eAAgB,CAC9B,IACAx2B,KAAKkiB,UAAUlF,EACjB,KAAC,EAzcsB,2HCrEnByZ,EAAqB,KC+BpB,SAASC,IAOd,OAAO,WAOL,WAAY52B,IAAoC,uKAE9CE,KAAK0tB,eAAiB5tB,EAAQ4tB,eAC9B1tB,KAAK22B,qBAAsD,IAAhC72B,EAAQ62B,oBACnC32B,KAAK42B,kBAAgD,IAA7B92B,EAAQ82B,iBAChC52B,KAAKF,QAAUA,CACjB,CA2EC,OA3EA,6BAGD,WAAiD,IAA3CA,EAAuC,UAAH,6CAAG,CAAC,EACtC+2B,EAAsC72B,KAAK0tB,eAAeoJ,wBAC1DjR,EAAOgR,EAAmB5Z,aAMhC,GAHA4Z,EAAmBP,eAGft2B,KAAK22B,sBAAsD,IAA/B72B,EAAQi3B,mBAA8B,CACpE,IAAMptB,EAAQ7J,EAAQ6J,QAASkc,aAAI,EAAJA,EAAMlc,OACjCA,GDxBL,SACL+jB,EAAiD/jB,GAEjD,IAAMqtB,EAAgBtJ,EAAeuJ,6BAC/BvW,EAAUsW,EAAc/Z,oBACvByD,EAAQ/W,GACfqtB,EAAczY,WAAWmC,EAC3B,CCkBUwW,CAAkCl3B,KAAK0tB,eAAgB/jB,EAE3D,CACF,GAAC,kBAGD,SAAKkc,GAA+C,IAAtC/lB,EAAkC,UAAH,6CAAG,CAAC,EAK3CyD,EAA2BvD,KAAK0tB,eAAeoJ,wBAC7CxhB,EAAM/R,EAAQ0Z,cAIhBka,EAAAA,EAAAA,IAAkB7hB,KAASxV,EAAQs3B,cAErC3yB,EAAAA,EAAAA,IAAK,2GAGPlB,EAAQgb,WAAWsH,GAGf7lB,KAAK22B,qBAAuB9Q,EAAKlc,OD1EpC,SACL+jB,EAAiD/jB,EAAekc,GAEhE,IAAMmR,EAAgBtJ,EAAeuJ,6BAC/BvW,EAAUsW,EAAc/Z,aAC9ByD,EAAQ/W,GAAS,CACf0tB,YAAa31B,KAAKC,MAClB2O,YAAauV,GAEfmR,EAAczY,WAAWmC,EAC3B,CCiEQ4W,CAA+Bt3B,KAAK0tB,eAAgB7H,EAAKlc,MAAOkc,EAEpE,GAAC,oBAED,WAAsD,IAA/C/lB,EAAkC,UAAH,6CAAG,CAAC,EACxC,IAEE,QADaE,KAAKu3B,KAAKz3B,EAEzB,CAAE,SACA,OAAO,CACT,CACF,GAAC,kBAID,WAAmE,IAE7D+lB,EDxGFmR,EACAtW,ECqGC5gB,EAAkC,UAAH,6CAAG,CAAC,EAKtC,OAAIE,KAAK22B,qBAAuB72B,EAAQ6J,QD3GtCqtB,EC4GmBh3B,KAAK0tB,eD5GOuJ,6BAC/BvW,EAAUsW,EAAc/Z,aAC9B1c,OAAOkF,KAAKib,GAAShb,SAAQ,SAAAiE,GAC3B,IAAM6tB,EAAQ9W,EAAQ/W,GACVjI,KAAKC,MAAQ61B,EAAMH,YACrBZ,UACD/V,EAAQ/W,EAEnB,IACAqtB,EAAczY,WAAWmC,GCoGnBmF,EDpFD,SACL6H,EAAiD/jB,GAEjD,IAEM6tB,EAFgB9J,EAAeuJ,6BACPha,aACRtT,GACtB,OAAI6tB,GAASA,EAAMlnB,cAAe6mB,EAAAA,EAAAA,IAAkBK,EAAMlnB,aACjDknB,EAAMlnB,YAER,IACT,CC0EemnB,CAAiCz3B,KAAK0tB,eAAgB5tB,EAAQ6J,QACjEwtB,EAAAA,EAAAA,IAAkBtR,IACbA,GAKXA,EAD+B7lB,KAAK0tB,eAAeoJ,wBACpC7Z,cACXka,EAAAA,EAAAA,IAAkBtR,GAEbA,EAGF,KACT,KAAC,EAxFI,EA2FT,6FCnHO,SAAS6R,EAAY7uB,GAC1B,IACI8uB,EADApS,EAAM1c,EAAM1G,MAAM,KAGtB,IACEw1B,EAAe,CACb1P,OAAQpiB,KAAKC,OAAM0d,EAAAA,EAAAA,IAAkB+B,EAAI,KACzCC,QAAS3f,KAAKC,OAAM0d,EAAAA,EAAAA,IAAkB+B,EAAI,KAC1CG,UAAWH,EAAI,GAEnB,CAAE,MAAOxiB,GACP,MAAM,IAAIoB,EAAAA,EAAa,kBACzB,CAEA,OAAOwzB,CACT,iUCIMC,EAAiB,aACjBC,EAAS,WAER,SAASC,EAAiBxiB,GAC/B,QACGqT,EAAAA,EAAAA,cAAarT,KAAQsT,EAAAA,EAAAA,gBAAetT,KACnB,mBAAlBA,EAAIyQ,SAER,CAIO,SAAegS,EAAU,EAAD,oCAO9B,wCAPM,WAAyB9P,EAAgB+P,EAAgBC,GAAqB,2EAE7B,OADhDC,GAAOjV,EAAAA,EAAAA,IAAkBpd,KAAKE,UAAUkiB,IACxCgD,GAAOhI,EAAAA,EAAAA,IAAkBpd,KAAKE,UAAUiyB,IAAQ,SAC9BnT,EAAAA,GAAAA,OAAAA,KACtB,CAAEze,KAAM6xB,EAAWE,UAAU/xB,MAAQ6xB,GAAYtU,EAAAA,EAAAA,IAAe,GAAD,OAAIuU,EAAI,YAAIjN,KAC5E,OAFc,OAATvF,EAAY,EAAH,iCAGLwS,EAAI,YAAIjN,EAAI,aAAI9H,EAAAA,EAAAA,KAAkBc,EAAAA,EAAAA,IAAkByB,MAAW,4CAC1E,sBAEM,SAAS0S,IAAiC,IAAdC,EAAU,UAAH,6CAAG,GAC3C,OAAO,OAAIxT,EAAAA,GAAAA,gBAA0B,IAAIhB,WAAWwU,KAAWtqB,KAAI,SAAAuqB,GAAC,OAAIA,EAAEtsB,SAAS,GAAG,IAAEpJ,KAAK,GAC/F,CAEO,SAAe21B,IAAe,+BAWpC,wCAXM,oFAMJ,OALKJ,EAAY,CAChB/xB,KAAM,oBACN4e,KAAM,UACNwT,cAAe,KACfC,eAAgB,IAAI5U,WAAW,CAAC,EAAM,EAAM,KAC7C,kBAIMgB,EAAAA,GAAAA,OAAAA,YAA6BsT,GAAW,EAAO,CAAC,OAAQ,YAAU,4CAC1E,+BAEcO,EAAe,+CAM7B,OAN6B,oBAA9B,WAAgC5uB,GAAmB,yEACG,OAA9C8Z,GAAS,IAAIe,aAAcC,OAAO9a,GAAY,SACjC+a,EAAAA,GAAAA,OAAAA,OAAwB,UAAWjB,GAAO,OAAnD,OAAJoB,EAAO,EAAH,wBAEH5B,EAAAA,EAAAA,IAAKiB,OAAOC,aAAaW,MAAM,KAAM,IAAIpB,WAAWmB,KACxDljB,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAAG,4CAC9D,sBA8CA,SAGc62B,EAAiB,+CAc/B,OAd+B,oBAAhC,WAAkCpjB,GAAmB,wGAAK7U,EAAI,iCAAJA,EAAI,0BAtCrD,IAAIwK,SAAQ,SAACT,EAAS6C,GAC3B,IACE,IACMsrB,EADYj0B,OAAO+K,UACH8C,KAAKolB,EAAgB,GAE3CgB,EAAI5nB,QAAU,WACZ1D,EAAOsrB,EAAI7uB,MACb,EAEA6uB,EAAInmB,gBAAkB,WACTmmB,EAAI1nB,OACZwB,kBAAkBmlB,EACvB,EAEAe,EAAI3nB,UAAY,WACd,IAAMb,EAAKwoB,EAAI1nB,OACTnB,EAAKK,EAAGE,YAAYunB,EAAQ,aAElC9nB,EAAGiB,QAAU,WACX1D,EAAOyC,EAAGhG,MACZ,EAEA,IAAM8uB,EAAQ9oB,EAAGQ,YAAYsnB,GAE7BptB,EAAQouB,GAER9oB,EAAGmD,WAAa,WACd9C,EAAGrD,OACL,CACF,CACF,CACA,MAAOM,GACLC,EAAOD,EACT,CACF,IAK8B,OAAnB,OAALwrB,EAAQ,EAAH,uBACJ,IAAI3tB,SAAQ,SAACT,EAAS6C,GAI3B,IAAMsrB,EAAMC,EAAMtjB,GAAO,MAAbsjB,EAAiBn4B,GAC7Bk4B,EAAI3nB,UAAY,WACdxG,EAAQmuB,EACV,EACAA,EAAI5nB,QAAU,WACZ1D,EAAOsrB,EAAI7uB,MACb,CACF,KAAE,2CACH,iCAEc+uB,EAAY,iDAG1B,OAH0B,oBAA3B,WAA6BC,EAAgBC,GAAsB,iFAC3DL,EAAkB,MAAOK,EAASD,GAAO,gCACxCC,GAAO,4CACf,sBAGM,SAAeC,EAAW,kCAUhC,wCAVM,WAA4BF,GAAe,2EAC5CA,EAAQ,CAAF,+BACUJ,EAAkB,MAAOI,GAAO,OAAzC,KAAHH,EAAM,EAAH,MACD1nB,OAAQ,CAAF,wCACL0nB,EAAI1nB,QAAM,aAKf,IAAI/M,EAAAA,EAAa,sDAAD,OAAuD40B,EAAS,KAAH,OAAQA,EAAM,KAAM,KAAK,4CAC7G,sBAEM,SAAeG,EAAgB,kCAErC,wCAFM,WAAiCH,GAAc,iFAC9CJ,EAAkB,SAAUI,GAAO,4CAC1C,sBAEM,SAAeI,IAAoB,+BAEzC,wCAFM,8FACCR,EAAkB,SAAQ,4CACjC,sBAGM,SAAeS,IAAiB,+BAKtC,wCALM,sFACiC,OAAhCC,EAAYjB,EAAkB,GAAE,SAChBG,IAAiB,OAA1B,OAAPS,EAAU,EAAH,cACPF,EAAaO,EAAWL,GAAQ,gCAC/B,CAAEA,QAAAA,EAASK,UAAAA,IAAW,4CAC9B,sBAIM,SAAeC,EAA2B,oCAmBhD,wCAnBM,WAA4CC,EAAoCvc,GAAc,+EAejC,GAd9Dwc,GAAc,EAEV1vB,EAA8BkT,EAA9BlT,YAAakB,EAAiBgS,EAAjBhS,aAGA,WAAjBuuB,GAA6BzvB,GAAyC,SAA1BA,EAAY2vB,YAAyBzuB,IACnFwuB,GAAc,GAIK,YAAjBD,GAA8BvuB,IAAiBlB,IACjD0vB,GAAc,GAGVT,EAAgC,QAA1B,EAAGjvB,aAAW,EAAXA,EAAa4vB,kBAAU,QAAI1uB,aAAY,EAAZA,EAAc0uB,YACpDF,IAAeT,EAAM,gCACjBG,EAAiBH,GAAO,4CAEjC,sBAIM,SAAeY,EAAiB,kCAyBtC,wCAzBM,+GAA4E,OAAxCX,EAAO,EAAPA,QAAStW,EAAG,EAAHA,IAAKnN,EAAM,EAANA,OAAQqkB,EAAK,EAALA,MAAO9vB,EAAW,EAAXA,YAAW,SAC1C+a,EAAAA,GAAAA,OAAAA,UAA2B,MAAOmU,EAAQa,WAAU,OAgB1F,GAhB0F,SAAnFC,EAAG,EAAHA,IAAKC,EAAG,EAAHA,IAAKh3B,EAAC,EAADA,EAAG8jB,EAAC,EAADA,EAAGmT,EAAC,EAADA,EAAGC,EAAC,EAADA,EACrBhS,EAAS,CACbiS,IAAK,QACLC,IAAK,WACLC,IAAK,CAAEN,IAAAA,EAAKC,IAAAA,EAAKh3B,EAAAA,EAAG8jB,EAAAA,EAAGmT,EAAAA,EAAGC,EAAAA,IAGtBjC,EAAqB,CACzBqC,IAAK9kB,EACL+kB,IAAK5X,EACL6X,IAAKzuB,KAAKsH,MAAM1R,KAAKC,MAAQ,KAC7B64B,IAAKpC,KAGHwB,IACF5B,EAAO4B,MAAQA,IAIb9vB,EAAa,CAAF,iCACM4uB,EAAgB5uB,GAAY,QAA/CkuB,EAAOyC,IAAM,EAAH,sCAGL1C,EAAU9P,EAAQ+P,EAAQgB,EAAQ0B,aAAW,6CACrD,sBAGM,SAAeC,EAA2B,kCAOhD,wCAPM,6FAIJ,OAJkD3B,EAAO,EAAPA,QAAStW,EAAG,EAAHA,IAAKnN,EAAM,EAANA,OAAQqkB,EAAK,EAALA,MACnEtR,EAA0B,CAAE0Q,QAAAA,EAAStW,IAAAA,EAAKnN,OAAAA,GAC5CqkB,IACFtR,EAAOsR,MAAQA,GAChB,kBAEMD,EAAkBrR,IAAO,4CACjC,4uBC5NM,SAASsS,EAAgCC,GAE9C,IAAKA,EAAY/a,SACf,MAAM,IAAI3b,EAAAA,EAAa,2EAGzB,IAAI8oB,EAAAA,EAAAA,IAAS4N,EAAY1O,gBAA4D,IAA3C0O,EAAY1O,aAAavmB,QAAQ,KACzE,MAAM,IAAIzB,EAAAA,EAAa,4DAIzB,IAAI22B,EAA2B,CAC7B,UAAaD,EAAY/a,SACzB,eAAkB+a,EAAYE,cAC9B,sBAAyBF,EAAYG,oBACrC,QAAWH,EAAYI,QACvB,IAAOJ,EAAYK,IACnB,UAAaL,EAAYM,SACzB,WAAcN,EAAYO,UAC1B,QAAWP,EAAYQ,OACvB,MAASR,EAAYjB,MACrB,OAAUiB,EAAYS,OACtB,aAAgBT,EAAYU,YAC5B,cAAiBV,EAAYjY,aAC7B,cAAiBiY,EAAY1O,aAC7B,aAAgB0O,EAAYW,aAC5B,MAASX,EAAYlxB,MACrB,WAAckxB,EAAYY,UAC1B,kBAAqBZ,EAAYa,iBAUnC,GARAZ,GAAc76B,EAAAA,EAAAA,IAAW66B,GAEzB,CAAC,YAAa,gBAAiB,qBAAqBp1B,SAAQ,SAAUi2B,GAChE5mB,MAAM0Z,QAAQqM,EAAYa,MAC5Bb,EAAYa,GAAcb,EAAYa,GAAY/4B,KAAK,KAE3D,KAEuD,IAAnDi4B,EAAY1O,aAAcvmB,QAAQ,cACO,IAA3Ci1B,EAAYe,OAAQh2B,QAAQ,UAC5B,MAAM,IAAIzB,EAAAA,EAAa,qFAKzB,OAJW02B,EAAYe,SACrBd,EAAYe,MAAQhB,EAAYe,OAAQh5B,KAAK,MAGxCk4B,CACT,CAEO,SAASgB,EAAqBjB,GACnC,IAAIkB,EAAmBnB,EAAgCC,GACvD,OAAO9P,EAAAA,EAAAA,IAAc,EAAD,KACfgR,GACClB,EAAYmB,aAAe,EAAJ,GAASnB,EAAYmB,cAEpD,0aC1CA,SAASC,EAAgBn8B,GAEvB,IAAKA,EAAQggB,SACX,MAAM,IAAI3b,EAAAA,EAAa,2EAGzB,IAAKrE,EAAQy7B,YACX,MAAM,IAAIp3B,EAAAA,EAAa,sEAGzB,IAAKrE,EAAQo8B,oBAAsBp8B,EAAQq8B,gBACzC,MAAM,IAAIh4B,EAAAA,EAAa,6EAGzB,IAAKrE,EAAQs8B,aACX,MAAM,IAAIj4B,EAAAA,EAAa,gFAE3B,CAEA,SAASk4B,EAAYp0B,EAAKnI,GAExB,IAAIwoB,GAAsBroB,EAAAA,EAAAA,IAAW,CACnC,UAAaH,EAAQggB,SACrB,aAAgBhgB,EAAQy7B,YACxB,WAAcz7B,EAAQq8B,gBAAkB,mBAAqB,qBAC7D,cAAiBr8B,EAAQs8B,eAGvBt8B,EAAQq8B,gBACV7T,EAAyB,iBAAIxoB,EAAQq8B,gBAC5Br8B,EAAQo8B,oBACjB5T,EAAOgU,KAAOx8B,EAAQo8B,mBAGxB,IAAQK,EAAiBt0B,EAAInI,QAArBy8B,aAMR,OALIA,IACFjU,EAAsB,cAAIiU,IAIrBxR,EAAAA,EAAAA,IAAczC,GAAQ3lB,MAAM,EACrC,CAAC,SAGc65B,EAAgB,iDAsC9B,OAtC8B,oBAA/B,WAAiCv0B,EAAK,GAAF,2FAIjC,GAJqCya,EAAG,EAAHA,IAAKld,EAAI,EAAJA,KAAMo0B,EAAK,EAALA,MAAO6C,EAAW,EAAXA,YAClDlnB,EAAS,OACTiT,EAAe,CACnB,eAAgB,sCAGdvgB,EAAInI,QAAQ6vB,KAAM,CAAF,mBACb8M,EAAa,CAAF,qBACR,IAAIt4B,EAAAA,EAAa,mDAAkD,wBAGvDw2B,EAAAA,EAAAA,IAA4B,CAAEjY,IAAAA,EAAKnN,OAAAA,EAAQqkB,MAAAA,EAAOZ,QAASyD,IAAc,OAAvFC,EAAQ,EAAH,KACXlU,EAAQmU,KAAOD,EAAM,oCAIFpP,EAAAA,EAAAA,IAAYrlB,EAAK,CAClCya,IAAAA,EACAnN,OAAAA,EACA7U,KAAM8E,EACNgjB,QAAAA,IACA,QALQ,OAAJf,EAAO,EAAH,uBAMHA,GAAI,wCAGPqQ,EAAAA,EAAAA,IAAiB,EAAD,KAAU8B,EAAK,iBACgB,GAA3CgD,EAAoB,QAAX,EAAG,KAAInV,YAAI,aAAR,EAAUe,QAAQ,cACpB,CAAF,sBAEN,IAAI7C,EAAAA,EACR,CAACG,aAAc,8CACP,QADoD,EAC5D,KAAI2B,YAAI,aAAI9Y,GACb,iCAEI6tB,EAAiBv0B,EAAK,CAAEya,IAAAA,EAAKld,KAAAA,EAAMi3B,YAAAA,EAAa7C,MAAOgD,KAAY,+EAI/E,sBAGM,SAAeC,EAAoB,EAAD,oCAWxC,wCAXM,WAAmC50B,EAAKnI,EAA8Bg9B,GAAgB,yEAQ1F,OAPDb,EAAgBn8B,GACZ0F,EAAO62B,EAAYp0B,EAAKnI,GAEtBwoB,EAA6B,CACjC5F,IAAKoa,EAAKC,SACVv3B,KAAAA,EACAi3B,YAAa38B,aAAO,EAAPA,EAAS28B,aACvB,kBAEMD,EAAiBv0B,EAAKqgB,IAAO,4CACrC,sBAEM,SAAe0U,EAAiB,EAAD,oCA2BrC,wCA3BM,WACL/0B,EACAnI,EACAkL,GAA0B,2EAqBzB,OAnBKxF,EAAOjF,OAAOmgB,QAAQ,CAC1Buc,UAAWn9B,EAAQggB,SACnBod,WAAY,gBACZrB,MAAO7wB,EAAa4wB,OAAOh5B,KAAK,KAChCu6B,cAAenyB,EAAaA,eAC3B+C,KAAI,SAAU,GAAe,mBAAd3H,EAAI,KAAE9E,EAAK,KAE3B,OAAO8E,EAAO,IAAMvE,mBAAmBP,EACzC,IAAGsB,KAAK,KAEJ8f,EAAM1X,EAAa+xB,SACnBj9B,EAAQk8B,aAAez7B,OAAOkF,KAAK3F,EAAQk8B,aAAaj8B,QAAU,IACpE2iB,IAAOqI,EAAAA,EAAAA,IAAcjrB,EAAQk8B,cAGzB1T,EAA6B,CACjC5F,IAAAA,EACAld,KAAAA,EACAi3B,YAAa38B,aAAO,EAAPA,EAAS28B,aACvB,kBAEMD,EAAiBv0B,EAAKqgB,IAAO,4CACrC,iJC1IM,SAAS8U,EAAan1B,EAA6B4iB,GACxD,IAAIwS,EAAiBxS,GAAU5iB,EAAInI,QAAQ+qB,OAC3C,OAAOtoB,EAAAA,EAAAA,IAAI0F,EAAKo1B,EAAgB,oCAAqC,CACnExP,eAAe,GAEnB,CAEO,SAASyP,EAAOr1B,EAA6B4iB,EAAgB0S,GAClE,IAAI9P,EAAYxlB,EAAIylB,eAAeC,aAAa1lB,EAAInI,QAAQ0C,SAE5D,OAAO46B,EAAan1B,EAAK4iB,GACxB1gB,MAAK,SAASqzB,GACb,IAAIC,EAAUD,EAAoB,SAI9B1P,EADgBL,EAAUxQ,aACKwgB,GACnC,GAAI3P,GAAkBpsB,KAAKC,MAAM,IAAOmsB,EAAe1oB,UAAW,CAChE,IAAIs4B,GAAY/nB,EAAAA,EAAAA,IAAKmY,EAAenC,SAASlmB,KAAM,CACjD83B,IAAKA,IAGP,GAAIG,EACF,OAAOA,CAEX,CAMA,OAHAjQ,EAAU6I,aAAamH,IAGhBl7B,EAAAA,EAAAA,IAAI0F,EAAKw1B,EAAS,CACvB5P,eAAe,IAEhB1jB,MAAK,SAASwB,GACb,IAAI3K,GAAM2U,EAAAA,EAAAA,IAAKhK,EAAIlG,KAAM,CACvB83B,IAAKA,IAGP,GAAIv8B,EACF,OAAOA,EAGT,MAAM,IAAImD,EAAAA,EAAa,eAAiBo5B,EAAM,uCAChD,GACF,GACF,kKCzCO,SAAeI,EAAsB,EAAD,oCA2E1C,wCA3EM,WAAqC11B,EAA6B4yB,EAA0BiC,GAAiB,iHA8CjH,GA7CDA,EAAOA,IAAQc,EAAAA,EAAAA,IAAa31B,EAAK4yB,GAEjCA,EAAct6B,OAAOC,OAAO,CAAC,GAAGq9B,EAAAA,EAAAA,GAAsB51B,IAAMkd,EAAAA,EAAAA,IAAM0V,IAGhEqB,GAH8E,EAe5ErB,GAZFqB,kBACAC,EAAe,EAAfA,gBACAC,EAAY,EAAZA,aACAtc,EAAQ,EAARA,SACAyb,EAAW,EAAXA,YACAK,EAAM,EAANA,OACAkC,EAAe,EAAfA,gBACAn0B,EAAK,EAALA,MACA8xB,EAAS,EAATA,UACA9L,EAAI,EAAJA,KACA+J,EAAU,EAAVA,WACAsC,EAAW,EAAXA,YAII+B,EAAuC,CAC3Cje,SAAAA,EACAyb,YAAAA,EACAW,kBAAAA,EACAC,gBAAAA,EACAC,aAAAA,EACAzM,KAAAA,GAMIxD,EAAoC,CAAC,UACR,IAA/ByP,EAAQh2B,QAAQ,WAClBumB,EAAalhB,KAAK,YAGd+yB,EAAqC,CACzCle,SAAAA,EACAyb,YAAAA,EACAK,OAAAA,EACAzP,aAAAA,EACA2R,gBAAAA,EACArC,UAAAA,EACAO,YAAAA,GACD,UAGKrM,EAAM,CAAF,oBAEF+J,EAAY,CAAF,kCACUT,EAAAA,EAAAA,IAAYS,GAAW,QAAvCV,EAAU,EAAH,KACb+E,EAAgBtB,YAAczD,EAC9BgF,EAAsBrO,KAAOA,EAC7BqO,EAAsBtE,WAAaA,EAAW,0CAGTN,EAAAA,EAAAA,MAAmB,iBAAhDJ,EAAO,EAAPA,QAASK,EAAS,EAATA,UACjB0E,EAAgBtB,YAAczD,EAC9BgF,EAAsBrO,KAAOA,EAC7BqO,EAAsBtE,WAAaL,EAAU,0BAINwD,EAAAA,EAAAA,GAAoB50B,EAAK81B,EAAiBjB,GAAK,QAAxD,OAA5BmB,EAA+B,EAAH,gBAESC,EAAAA,EAAAA,GAAoBj2B,EAAK+1B,EAAuBC,EAAenB,GAAM,QAEnF,OAFvBqB,EAA+B,EAAH,MACpB7B,KAAOJ,EACrBiC,EAAcx0B,MAAQA,EAAO,kBACtBw0B,GAAa,QAGW,OAHX,UAGpBl2B,EAAIm2B,mBAAmB3vB,QAAQ,4EAElC,4TC/EM,SAAS4vB,EACdp2B,EACAnI,GAEAA,GAAUqlB,EAAAA,EAAAA,IAAMrlB,IAAY,CAAC,EAE7B,IAAMwoB,GAASgW,EAAAA,EAAAA,GAAiCr2B,EAAKnI,GAC/C+lB,GAAO0Y,EAAAA,EAAAA,GAA8Bt2B,EAAKqgB,GAC1CkH,EAAa3J,EAAKiX,KAAK0B,cAAe1C,EAAAA,EAAAA,GAAqBxT,GACjErgB,EAAIm2B,mBAAmBK,KAAK5Y,GACxB5d,EAAInI,QAAQ4+B,YACdz2B,EAAInI,QAAQ4+B,YAAYlP,GAExB7qB,OAAO8d,SAASjiB,OAAOgvB,EAE3B,CCSO,SAASmP,EAAe12B,EAA6B22B,GAC1D,IAAMC,EAAW,SAACtpB,GAChB,OAAO/M,EAAAA,EAAAA,UAAAA,KAAAA,KAAiCo2B,EAAOrpB,EAAQ,KACzD,EAEMupB,EAAoBD,EAASE,EAAAA,EAAAA,KAAqB,KAAM92B,IAGxD+2B,EAAiBH,EAASI,EAAAA,GAAAA,KAAkB,KAAMh3B,IAClDi3B,EAAyC3+B,OAAOC,OAAOw+B,EAAgB,CAE3EG,YAAa,WACX,OAAOx6B,OAAOy6B,OAChB,EAGAC,aAAc,WACZ,OAAO16B,OAAO8d,QAChB,EAGA6c,aAAc,WACZ,OAAO36B,OAAOnD,QAChB,IAGIqH,EAAiB,CACrB02B,mBAAoBA,EAAAA,GAAAA,KAAwB,KAAMt3B,GAClD01B,sBAAuBA,EAAAA,EAAAA,KAA2B,KAAM11B,GACxDu3B,iBAAkBA,EAAAA,EAAAA,KAAsB,KAAMv3B,GAC9Cw3B,aAAcA,EAAAA,EAAAA,KAAkB,KAAMx3B,GACtCy3B,gBAAiBA,EAAAA,EAAAA,KAAqB,KAAMz3B,GAC5C82B,gBAAiBD,EACjBG,aAAcC,EACdS,OAAQjI,EAAAA,EACRkI,OAAQC,EAAAA,EAAAA,KAAiB,KAAM53B,GAC/BsV,MAAOuiB,EAAAA,EAAAA,KAAgB,KAAM73B,GAC7B83B,uBAAwBA,EAAAA,EAAAA,KAA4B,KAAM93B,GAC1DmuB,YAAaA,EAAAA,EAAAA,KAAiB,KAAMnuB,GACpC+3B,YAAa,SACXC,EACAC,GAEA,OAAOF,EAAAA,EAAAA,GAAY/3B,EAAKg4B,EAAmBC,EAC7C,EACAhP,OAAQhM,EAAAA,EAAAA,KAAiB,KAAMjd,GAC/B8Z,gBAAiBA,EAAAA,GAAAA,KAAqB,KAAM9Z,GAC5Ck4B,WAAYC,EAAAA,EAAAA,KAAoB,KAAMn4B,IAiBxC,MAZe,CACb,mBACA,eACA,SACA,QACA,yBACA,eAEKvC,SAAQ,SAAA1E,GACb6H,EAAM7H,GAAO69B,EAASh2B,EAAM7H,GAC9B,IAEO6H,CACT,CAEO,SAASw3B,EAAgBp4B,GAC9B,MAAO,CACLq4B,UAAW,CACTjC,oBAAqBA,EAAoBrmB,KAAK,KAAM/P,IAG1D,wLCjGO,SAASs4B,EAQdtf,EACArhB,EACAshB,GAGA,IAAMC,GAAOxhB,EAAAA,EAAAA,GAAmBC,GAC1BwhB,GAAcC,EAAAA,EAAAA,GAAmBF,EAAMF,GACvCK,GAAWC,EAAAA,EAAAA,GAAgBH,GAC3BI,GAAcC,EAAAA,EAAAA,GAAmBH,GAEvC,OADkBK,EAAAA,EAAAA,GAAwBH,EAAaN,EAEzD,qIC+CO,SAASsf,EAASv4B,EAA6BnI,GACpD,GAAIgB,UAAUf,OAAS,EACrB,OAAOmL,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,qEAOzC,IAAMs8B,GAJN3gC,EAAUA,GAAW,CAAC,GAIM2gC,YAG5B,OAFA3gC,EAAQ2gC,iBAAc9xB,GAEf4wB,EAAAA,EAAAA,IAAmBt3B,EAAKnI,GAC5BqK,MAAK,SAAU0wB,GAGd,IAiBIrL,EAEFsN,EAoBF,OA7BIh9B,EAAQ07B,aACVj7B,OAAOC,OAAOq6B,EAXY,CAC1BS,OAAQ,OACR1Y,aAAc,oBACdqY,QAAS,OASAn7B,EAAQo7B,KACjB36B,OAAOC,OAAOq6B,EAPG,CACjBI,QAAS,UAeX6B,GAAOc,EAAAA,EAAAA,IAAa31B,EAAK4yB,GAEzBrL,GADW1vB,EAAQs8B,aAAeU,EAAKC,SAAWD,EAAK0B,eAC/B1C,EAAAA,EAAAA,GAAqBjB,GAIzCA,EAAYW,cAAwC,OAAxBX,EAAYI,QAC/B,SAEoB,UAAxBJ,EAAYI,QACRn7B,EAAQ4gC,SAAW,YAAc,QAGjC,YAKX,IAAK,SACH,IAAIC,GAAgBC,EAAAA,EAAAA,IAAuB34B,EAAKnI,EAAQ+gC,QAAShG,EAAYlxB,OACzEm3B,GAAWC,EAAAA,EAAAA,IAAUvR,GACzB,OAAOmR,EACJx2B,MAAK,SAAUwB,GACd,OAAOuyB,EAAAA,EAAAA,GAAoBj2B,EAAK4yB,EAAalvB,EAAsBmxB,EACrE,IACCpR,SAAQ,WAC+B,MAAlClqB,SAASypB,KAAK+V,SAASF,KACH,QAAtB,EAAAA,EAASG,qBAAa,OAAtB,EAAwBC,YAAYJ,GAExC,IAEJ,IAAK,QACH,IAAIK,EAIJ,GAAiC,sBAA7BtG,EAAYjY,aAAsC,CACpD,IAAK3a,EAAI7H,SAAS+oB,8BAChB,MAAM,IAAIhlB,EAAAA,EAAa,sDAEzBg9B,GAAeP,EAAAA,EAAAA,IAAuB34B,EAAKnI,EAAQ+gC,QAAShG,EAAYlxB,MAC1E,CA6BA,OAzBI82B,GACFA,EAAYhe,SAASjiB,OAAOgvB,GAIX,IAAItkB,SAAQ,SAAUT,EAAS6C,GAChD,IAAI8zB,EAAcC,aAAY,WACvBZ,IAAeA,EAAYvwB,SAC9BoxB,cAAcF,GACd9zB,EAAO,IAAInJ,EAAAA,EAAa,wCAE5B,GAAG,KAGHg9B,EACGh3B,MAAK,SAAUwB,GACd21B,cAAcF,GACd32B,EAAQkB,EACV,IACCR,OAAM,SAAUkC,GACfi0B,cAAcF,GACd9zB,EAAOD,EACT,GACJ,IAGGlD,MAAK,SAAUwB,GACd,OAAOuyB,EAAAA,EAAAA,GAAoBj2B,EAAK4yB,EAAalvB,EAAsBmxB,EACrE,IACCpR,SAAQ,WACH+U,IAAgBA,EAAYvwB,QAC9BuwB,EAAY1zB,OAEhB,IAEJ,IAAK,YAEH,IAAIw0B,GAAaC,EAAAA,EAAAA,IAAoBv5B,EAAKnI,EAAQ+gC,QAAS/gC,EAAQmV,QAAU4lB,EAAYlxB,OAIzF,IAAI82B,EAIF,MAAM,IAAIt8B,EAAAA,EAAa,+BAGzB,OANEs8B,EAAYhe,SAASjiB,OAAOgvB,GAMvB+R,EACNp3B,MAAK,SAAUwB,GACd,OAAOuyB,EAAAA,EAAAA,GAAoBj2B,EAAK4yB,EAAalvB,EAAsBmxB,EACrE,IAEF,QACE,MAAM,IAAI34B,EAAAA,EAAa,gDAE7B,GACJ,ivBC/MO,SAAe67B,EAAW,sCA8DhC,wCA9DM,WACL/3B,EAAKg4B,EACLC,GAAsB,4EAGjBD,EAAmB,CAAF,+BACOh4B,EAAIS,aAAa+4B,YAAW,OAAvDxB,EAAoB,EAAH,KAAwCn2B,YAAW,UAEjEo2B,EAAe,CAAF,+BACOj4B,EAAIS,aAAa+4B,YAAW,OAAnDvB,EAAgB,EAAH,KAAwCr2B,QAAO,UAGzDo2B,IAAsB5K,EAAAA,EAAAA,IAAc4K,GAAkB,0CAClD/0B,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,iDAA+C,WAGnF+7B,IAAkB5K,EAAAA,EAAAA,IAAU4K,GAAc,0CACtCh1B,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,6CAA2C,QAOnF,GAJKrE,EAAe,CACnB4iB,IAAKud,EAAkByB,YACvBnsB,OAAQ,MACRzL,YAAam2B,EAAkBn2B,cAG7B7B,EAAInI,QAAQ6vB,KAAM,CAAF,iCACI1nB,EAAI2nB,4BAA4B,EAAD,KAAK9vB,GAAO,IAAEgK,YAAam2B,KAAoB,QAA9FzX,EAAU,EAAH,KACb1oB,EAAQ0oB,QAAUA,SACX1oB,EAAQgK,YAAY,kCAGtBwjB,EAAAA,EAAAA,IAAYrlB,EAAKnI,GACrBqK,MAAK,SAAAw3B,GAEJ,OAAIA,EAASC,MAAQ1B,EAAclI,OAAO4J,IACjCD,EAEFz2B,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,0DACzC,IACCgH,OAAM,SAAUkC,GAEf,GAAIA,aAAesa,EAAAA,IAAiB1f,EAAInI,QAAQ6vB,KAAM,CACpD,IAAQ5lB,EAA4BsD,EAA5BtD,MAAOge,EAAqB1a,EAArB0a,iBACf,MAAM,IAAIR,EAAAA,EAAWxd,EAAOge,EAC9B,CAGA,IAAK9f,EAAInI,QAAQ6vB,KAAM,OACjB5sB,EAAIsK,EAKR,GAJIA,aAAesY,EAAAA,GAAftY,MAA+BA,GAAS,QAAN,EAAHA,EAAKwY,YAAI,OAAT,EAAWqH,gBAC5CnqB,EAAI4kB,EAAAA,EAAAA,YAAyBta,EAAIwY,KAAKqH,gBAGpCnqB,aAAa4kB,EAAAA,EAAc,CAC7B,MAAoC5kB,EAA5BgH,EAAK,EAALA,MAAOge,EAAgB,EAAhBA,iBACf,MAAM,IAAIR,EAAAA,EAAWxd,EAAOge,EAC9B,CACF,CAEA,MAAM1a,CACR,KAAE,6CACL,mMC7DM,SAASoyB,EACdx3B,EACAnI,GAEA,GAAIgB,UAAUf,OAAS,EACrB,OAAOmL,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,yEAGzC,MAAmCrE,EAA3B+hC,EAAW,EAAXA,YAAgBvZ,GAAM,YAKxBmY,GAAcqB,EAAAA,EAAAA,IAAUD,QAAAA,EAAe,IAAKvZ,GAOlD,OANAxoB,GAAUqlB,EAAAA,EAAAA,IAAMmD,IAAW,CAAC,EAC5B/nB,OAAOC,OAAO8nB,EAAQ,CACpB2S,QAAS,QACTrY,aAAc,oBACd6d,YAAAA,KAEKD,EAAAA,EAAAA,GAASv4B,EAAKqgB,EACvB,CAEO,SAASoX,EACdz3B,EACAnI,GAED,IAEE,IAAK6M,iBACJ,MAAM,IAAIxI,EAAAA,EAAa,iFAGzB,IAAKrE,EAAQy7B,YACX,MAAM,IAAIp3B,EAAAA,EAAa,2DAGpBrE,EAAQ6J,QACX7J,EAAQ6J,OAAQo4B,EAAAA,EAAAA,OAMlB,IAaIC,EAbEvB,GAAcqB,EAAAA,EAAAA,IAAU,IAAKhiC,GAE7BmV,EAAU,IAAItI,iBAAiB,kBAAD,OAAmB7M,EAAQ6J,QAwB/D,OAtBA7J,GAAUqlB,EAAAA,EAAAA,IAAMrlB,IAAY,CAAC,EAC7BS,OAAOC,OAAOV,EAAS,CACrBm7B,QAAS,QACTrY,aAAc,QACd6d,YAAAA,EACAC,UAAU,EACVzrB,QAAAA,IAgBK,CACL+Y,QAbc,IAAI9iB,SAAuB,SAACT,EAAS6C,GAEnD,OADA00B,EAAgB10B,GACTkzB,EAAAA,EAAAA,GAASv4B,EAAKnI,GACpBqK,MAAK,SAACwB,GAAG,OAAKlB,EAAQkB,EAAI,IAC1BR,OAAM,SAAAkC,GAAG,OAAIC,EAAOD,EAAI,GAC3B,IASE/C,OAPa,WACb2K,EAAQlI,QACRi1B,EAAc,IAAI79B,EAAAA,EAAa,uBACjC,EAMD,CACA,MAAOkJ,GACN,MAAO,CACL2gB,QAAS9iB,QAAQoC,OAAOD,GACxB/C,OAAQ,WAAO,EAElB,CACD,wJChFO,SAAey0B,EAAgB,EAAD,kCAgBpC,wCAhBM,WAA+B92B,EAA6BnI,GAAqB,4FAClF,EAAUC,OAAS,GAAC,yCACfmL,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,6EAA2E,OAGrF,OAA/BrE,GAAUqlB,EAAAA,EAAAA,IAAMrlB,IAAY,CAAC,EAAE,UAELy/B,EAAAA,EAAAA,IAAmBt3B,EAAKnI,GAAQ,OAApD+6B,EAAc,EAAH,KACXhV,GAAOoc,EAAAA,EAAAA,GAAgBh6B,EAAK4yB,GAC5BrL,EAAa3J,EAAKiX,KAAK0B,cAAe1C,EAAAA,EAAAA,GAAqBjB,GACjE5yB,EAAIm2B,mBAAmBK,KAAK5Y,GACxB5d,EAAInI,QAAQ4+B,YACdz2B,EAAInI,QAAQ4+B,YAAYlP,GAExB7qB,OAAO8d,SAASjiB,OAAOgvB,GACxB,4CACF,8HClBM,SAASgQ,EAAiBv3B,EAA6BnI,GAC5D,OAAIgB,UAAUf,OAAS,EACdmL,QAAQoC,OAAO,IAAInJ,EAAAA,EAAa,8EAGzCrE,GAAUqlB,EAAAA,EAAAA,IAAMrlB,IAAY,CAAC,EAC7BS,OAAOC,OAAOV,EAAS,CACrBw7B,OAAQ,OACR1Y,aAAc,oBACdqY,QAAS,QAEJuF,EAAAA,EAAAA,GAASv4B,EAAKnI,GACvB,kKCIA,SAASoiC,EAAiBv2B,EAAoBmvB,GAC5C,GAAInvB,EAAW,OAAKA,EAAuB,kBACzC,MAAM,IAAI4b,EAAAA,EAAW5b,EAAW,MAAGA,EAAuB,mBAG5D,GAAIA,EAAIhC,QAAUmxB,EAAYnxB,MAC5B,MAAM,IAAIxF,EAAAA,EAAa,wDAE3B,CAEO,SAAe+5B,EAAoB,EAAD,sCAiJxC,wCAjJM,WACLj2B,EACA4yB,EACAlvB,EACAmxB,GAAiB,qGAEsB,IAAL,IAArB70B,EAAInI,QAAQqiC,OAIZx2B,EAAI2wB,OAAQ3wB,EAAIy2B,iBAAiB,yCACrCn6B,EAAIY,MAAM80B,sBAAsBp9B,OAAOC,OAAO,CAAC,EAAGq6B,EAAa,CACpEqB,kBAAmBvwB,EAAI2wB,KACvBH,gBAAiBxwB,EAAIy2B,mBACnBtF,IAAK,OAoBwB,GAjBnCjC,EAAcA,IAAegD,EAAAA,EAAAA,GAAsB51B,GACnD60B,EAAOA,IAAQc,EAAAA,EAAAA,IAAa31B,EAAK4yB,GAE7B1O,EAAe0O,EAAY1O,cAAgB,GAC1CpX,MAAM0Z,QAAQtC,IAAkC,SAAjBA,IAClCA,EAAe,CAACA,IAKhByP,EADEjwB,EAAIkwB,MACGlwB,EAAIkwB,MAAM15B,MAAM,MAEhBgjB,EAAAA,EAAAA,IAAM0V,EAAYe,QAEvB9b,EAAW+a,EAAY/a,UAAY7X,EAAInI,QAAQggB,SAGrDoiB,EAAiBv2B,EAAKkvB,IAElBA,EAAYlL,KAAM,CAAF,gBACO,IAA6B,QADpC,EACuB,QADvB,EACY1nB,EAAInI,eAAO,aAAX,EAAauiC,mBAAW,QAAI,CAAEC,mBAAmB,IAAvEA,mBAIqC,SAAnB32B,EAAI42B,WAAqB,uBAC3C,IAAIp+B,EAAAA,EAAa,0FAAyF,QAoDnH,GAhDKq+B,EAAY,CAAC,EACbC,EAAY92B,EAAI+2B,WAChBjJ,EAAY9tB,EAAI42B,WAChBz4B,EAAc6B,EAAIg3B,aAClB94B,EAAU8B,EAAIi3B,SACd53B,EAAeW,EAAIwxB,cACnBx7B,EAAMmK,KAAKsH,MAAM1R,KAAKC,MAAM,KAE9BmI,IACI+4B,EAAY56B,EAAIY,MAAM82B,OAAO71B,GACnC04B,EAAU14B,YAAc,CACtBA,YAAaA,EACbkuB,OAAQ6K,EAAUrd,QAClBpgB,UAAW09B,OAAOL,GAAa9gC,EAC/B83B,UAAWA,EACXmC,OAAQA,EACR4C,aAAc1B,EAAK0B,aACnBkD,YAAa5E,EAAK4E,aAGhB7G,EAAYnB,aACd8I,EAAU14B,YAAY4vB,WAAamB,EAAYnB,YAG7CmB,EAAYmB,cACdwG,EAAU14B,YAAYkyB,YAAcnB,EAAYmB,cAIhDhxB,IACFw3B,EAAUx3B,aAAe,CACvBA,aAAcA,EAGd5F,UAAW09B,OAAOL,GAAa9gC,EAC/Bi6B,OAAQA,EACRmB,SAAUD,EAAKC,SACfyB,aAAc1B,EAAK0B,aACnB3T,OAAQiS,EAAKjS,QAGXgQ,EAAYnB,aACd8I,EAAUx3B,aAAa0uB,WAAamB,EAAYnB,YAG9CmB,EAAYmB,cACdwG,EAAUx3B,aAAagxB,YAAcnB,EAAYmB,eAIjDnyB,EAAS,CAAF,gBA0BR,OAzBKk5B,EAAQ96B,EAAIY,MAAM82B,OAAO91B,GACzBm5B,EAAsB,CAC1Bn5B,QAASA,EACTmuB,OAAQ+K,EAAMvd,QACdpgB,UAAW29B,EAAMvd,QAAQyd,IAAOF,EAAMvd,QAAQ+U,IAAO54B,EACrDi6B,OAAQA,EACR4C,aAAc1B,EAAK0B,aACnB3T,OAAQiS,EAAKjS,OACb/K,SAAUA,GAGR+a,EAAYmB,cACdgH,EAAWhH,YAAcnB,EAAYmB,aAGjCkH,EAAsC,CAC1CpjB,SAAUA,EACV+K,OAAQiS,EAAKjS,OACb+O,MAAOiB,EAAYjB,MACnB9vB,YAAaA,EACb2xB,UAAWZ,EAAYY,gBAGW9sB,IAAhCksB,EAAYiD,kBACdoF,EAAiBpF,gBAAkBjD,EAAYiD,iBAChD,WAEK5Y,EAAAA,EAAAA,GAAYjd,EAAK+6B,EAAYE,GAAiB,QACpDV,EAAU34B,QAAUm5B,EAAW,YAIM,IAAnC7W,EAAavmB,QAAQ,UAAoB48B,EAAU14B,YAAW,uBAE1D,IAAI3F,EAAAA,EAAa,iHAAgH,YAE/F,IAAtCgoB,EAAavmB,QAAQ,aAAuB48B,EAAU34B,QAAO,uBAEzD,IAAI1F,EAAAA,EAAa,gHAA+G,iCAGjI,CACL6Y,OAAQwlB,EACR74B,MAAOgC,EAAIhC,MACX2yB,KAAM3wB,EAAI2wB,KACVnQ,aAAAA,IACD,6CAEF,q2HCxKKgX,EAAU,CACdr5B,YAAa,eACbD,QAAS,WACTmB,aAAc,iBAIT,SAAeo1B,EAAc,sCAyCnC,wCAzCM,WAA+Bn4B,EAAKm7B,EAAiBv6B,GAAa,yFAOtE,GALGiX,EAAmB7X,EAAInI,QAAQggB,SAC/Byc,EAAmCt0B,EAAInI,QAAQy8B,aAE9C1zB,IACHA,EAAQZ,EAAIS,aAAa+4B,YAAY2B,IAGlCv6B,EAAO,CAAF,qBACF,IAAI1E,EAAAA,EAAa,kBAAD,OAAmBi/B,EAAI,6BAA2B,OASpC,GAAtCvY,GALEA,EADEuY,IAASC,EAAAA,GAAAA,OACI,QAAL,EAAAx6B,SAAK,aAAN,EAAgBgiB,OAGV,QAAL,EAAAhiB,SAAK,OAAgB,QAAhB,EAAN,EAAgBmvB,cAAM,WAAhB,EAAN,EAAwBsL,MAEhBr7B,EAAInI,QAAQ+qB,OAE1B/K,EAAU,CAAF,qBACL,IAAI3b,EAAAA,EAAa,kFAAiF,UAErG0mB,EAAQ,CAAF,sBACH,IAAI1mB,EAAAA,EAAa,yBAAwB,0BAGQi5B,EAAAA,EAAAA,GAAan1B,EAAK4iB,GAAO,QAMvE,OANuE,SAAlD0Y,EAAa,EAArCC,uBACFC,EAAalH,GAAenZ,EAAAA,EAAAA,IAAK,GAAD,OAAItD,EAAQ,YAAIyc,KAAkBnZ,EAAAA,EAAAA,IAAKtD,GACvEpf,GAAOqqB,EAAAA,EAAAA,IAAc,CAEzB2Y,gBAAiBP,EAAQC,GACzBv6B,MAAOA,EAAMu6B,KACZzgC,MAAM,GAAE,mBACJosB,EAAAA,EAAAA,IAAK9mB,EAAKs7B,EAAe7iC,EAAM,CACpC8nB,QAAS,CACP,eAAgB,oCAChB,cAAiB,SAAWib,MAE9B,6CACH,0JCnED,SAASE,IACP,OAAOA,EAAO,oBAAsBnd,SAAWA,QAAQjkB,IAAMikB,QAAQjkB,IAAIyV,OAAS,SAAUjV,EAAGujB,EAAGK,GAChG,IAAIK,ECFR,SAAwBV,EAAGpP,GACzB,MAAQ,CAAC,EAAEyd,eAAeld,KAAK6O,EAAGpP,IAAM,QAAUoP,GAAI,EAAAY,EAAA,GAAeZ,MACrE,OAAOA,CACT,CDDY,CAAcvjB,EAAGujB,GACzB,GAAIU,EAAG,CACL,IAAIH,EAAItmB,OAAOqjC,yBAAyB5c,EAAGV,GAC3C,OAAOO,EAAEtkB,IAAMskB,EAAEtkB,IAAIkV,KAAK3W,UAAUf,OAAS,EAAIgD,EAAI4jB,GAAKE,EAAEvlB,KAC9D,CACF,EAAGqiC,EAAK1e,MAAM,KAAMnkB,UACtB,4xBEuCO,SAAS6gB,EAUdR,EACAD,GAEF,MACQ2iB,ECzCC,SAAP,keAAO,EAAP,sBAyCG,OAzCH,sCACE,SAAe7hB,EAAqBrY,GAEXm6B,EAAAA,EAAAA,oBACR3+B,QAAQmC,EAAAA,0BAA2B0a,IAGlDrY,EAAQA,GAAS3J,KAAKF,QAAQ6J,QAEN3J,KAAK0tB,eAAeqW,wBAC5B5+B,QAAQwE,EAAOqY,EAEjC,GAAC,4BAED,SAAerY,GAGb,GADAA,EAAQA,GAAS3J,KAAKF,QAAQ6J,MACnB,CACT,IACMqY,EADgBhiB,KAAK0tB,eAAeqW,wBACR7+B,QAAQyE,GAC1C,GAAIqY,EACF,OAAOA,CAEX,CAGA,IAAMze,EAAUugC,EAAAA,EAAAA,oBAChB,OAAOvgC,GAAUA,EAAQ2B,QAAQoC,EAAAA,iCAA0CqH,CAC7E,GAAC,+BAED,SAAkBhF,GAOhB,GALgBm6B,EAAAA,EAAAA,oBACRz+B,WAAWiC,EAAAA,2BAGnBqC,EAAQA,GAAS3J,KAAKF,QAAQ6J,MACnB,CACT,IAAMqtB,EAAgBh3B,KAAK0tB,eAAeqW,wBAC1C/M,EAAc3xB,YAAc2xB,EAAc3xB,WAAWsE,EACvD,CACF,KAAC,EAzCI,CDyCoCwX,GAC3C,OAAO,EAAP,6BA6VG,EAtBA,EA/EA,EAjDA,EAnBA,EATA,EA1BA,EAhBA,EApBA,EAxBA,EAzCA,MA5CH,uaAaE,aAA4B,iDAAbzgB,EAAI,yBAAJA,EAAI,gBAsBsB,OArBvC,+BAASA,KAAM,oRAEf,EAAK09B,mBAAqB,IAAIld,EAA8B3gB,OAAOC,OAAO,CACxEktB,eAAgB,EAAKA,gBACpB,EAAK5tB,QAAQs+B,qBAEhB,EAAK+D,KAAO,CACV16B,8BAA+Bu8B,EAAAA,EAAAA,8BAC/BC,iBAAkBD,EAAAA,EAAAA,iBAClBE,iBAAkBF,EAAAA,EAAAA,kBAGpB,EAAK77B,SAAW,CAAEg8B,aAAa,GAE/B,EAAKC,YAAc,IAAI57B,EAAAA,EAEvB,EAAKK,OAAQ81B,EAAAA,EAAAA,IAAe,UAAM,EAAKyF,aAGvC,EAAK17B,aAAe,IAAIqrB,EAAAA,GAAa,UAAM,EAAKj0B,QAAQ4I,cAExD,EAAK27B,WAAYhE,EAAAA,EAAAA,IAAgB,WAAM,CACzC,CAqVC,OArVA,oCAGD,WACE,uDAGArgC,KAAK0I,aAAa+F,OACpB,GAAC,kDAKD,kHAOmB,GAPG3O,EAAkC,EAAH,6BAAG,CAAC,EAAC,EAEtBE,KAAK0I,aAAaiX,aAA5CvC,EAAS,EAATA,UAAWI,EAAU,EAAVA,WAEb0Y,EAAcp2B,EAAQwkC,eAA4C,UAA3BxkC,EAAQwkC,eAA6BlnB,EAC5EmnB,EAAezkC,EAAQwkC,eAA4C,WAA3BxkC,EAAQwkC,eAA8B9mB,EAAU,EAExExd,KAAK0I,aAAaqC,kBAAlCjB,EAAW,EAAXA,eACa9J,KAAK0I,aAAayU,WAAWrT,GAAY,iBAClC,GAAxBA,OAAc6E,GACVunB,EAAa,CAAF,0CAESl2B,KAAK0I,aAAa6U,MAAM,eAAc,QAA1DzT,EAAc,EAAH,uFAIJy6B,GACTvkC,KAAK0I,aAAa1F,OAAO,eAC1B,QAGU,GAHV,EAGehD,KAAK0I,aAAaqC,kBAA9BlB,EAAO,EAAPA,WACS7J,KAAK0I,aAAayU,WAAWtT,GAAQ,iBAC9B,GAApBA,OAAU8E,GACNunB,EAAa,CAAF,2CAEKl2B,KAAK0I,aAAa6U,MAAM,WAAU,QAAlD1T,EAAU,EAAH,wFAIA06B,GACTvkC,KAAK0I,aAAa1F,OAAO,WAC1B,oCAGO8G,IAAeD,IAAQ,kEAClC,kGAGD,sGACmD,GAAzCmY,GADe8I,EAAkC,EAAH,6BAAG,CAAC,GAClD9I,YAAgBwiB,GAAgB,OAAK1Z,EAAI,IAC9C9qB,KAAKmI,SAASg8B,YAAa,CAAF,gDAcN,OATtBnkC,KAAKmI,SAASg8B,aAAc,EAAK,SAG3BniB,GACFhiB,KAAKykC,eAAeziB,GAEhBsG,EAAS/nB,OAAOC,OAAO,CAE3Bo7B,OAAQ57B,KAAKF,QAAQ87B,QAAU,CAAC,SAAU,QAAS,YAClD4I,GAAiB,UACdxkC,KAAK6I,MAAMk2B,gBAAgBzW,GAAO,QAEN,OAFM,UAExCtoB,KAAKmI,SAASg8B,aAAc,EAAM,2EAErC,uFAED,wFAC8B,OAD9B,EACmCnkC,KAAK0I,aAAaqC,gBAA3ClB,EAAO,EAAPA,QAASC,EAAW,EAAXA,YAAW,kBACrB9J,KAAK6I,MAAMm3B,YAAYl2B,EAAaD,IAAQ,gDACpD,qEAED,WACE,IAAQA,EAAY7J,KAAK0I,aAAaqC,gBAA9BlB,QACR,OAAOA,EAAUA,EAAQA,aAAU8E,CACrC,GAAC,4BAED,WACE,IAAQ7E,EAAgB9J,KAAK0I,aAAaqC,gBAAlCjB,YACR,OAAOA,EAAcA,EAAYA,iBAAc6E,CACjD,GAAC,6BAED,WACE,IAAQ3D,EAAiBhL,KAAK0I,aAAaqC,gBAAnCC,aACR,OAAOA,EAAeA,EAAaA,kBAAe2D,CACpD,GAAC,wDAED,4FACqB,GADrB,EAC0B3O,KAAK0I,aAAaqC,kBAAlCjB,EAAW,EAAXA,cACY9J,KAAK0I,aAAayU,WAAWrT,GAAY,yCACpDA,EAAYA,aAAW,OAGkC,OAHlC,SAGxB9I,EAAMhB,KAAK0I,aAAa0W,oBAAoB,eAAc,SAC5Cpf,KAAK0I,aAAa6U,MAAMvc,QAAAA,EAAO,eAAc,OAAtD,OAAL6H,EAAQ,EAAH,uBAC+B,QAD/B,EACHA,aAAK,EAALA,EAAuBiB,mBAAW,QAAI,MAAI,QAGlB,OAHkB,0BAGlD9J,KAAKE,QAAQ8J,KAAK,QAAS,EAAF,IAAO,kBACzB,MAAI,0DAEd,uGAKD,sGACyChK,KAAK6I,MAAMo2B,eAAc,gBAAxDjiB,EAAM,EAANA,OACa,SADO,EAAZmP,cAEdnsB,KAAK0I,aAAawZ,UAAUlF,GAC7B,gDACF,0EAED,WACE,OAAO+E,EAAAA,EAAAA,IAAgB/hB,KACzB,GAAC,oBAED,WACE,QAASA,KAAKF,QAAQqiC,IACxB,GAAC,6BAED,SAAgBhW,GACd,OAAOuY,EAAAA,EAAAA,IAAgBvY,EAAcnsB,KAAKF,QAC5C,GAAC,qCAED,WACE,OAAOE,KAAK0kC,gBAAgB,OAC9B,GAAC,kDAGD,WAAsB5kC,GAAuB,0EACtCA,EAAQgK,YAAa,CAAF,+BACK9J,KAAK0I,aAAa+4B,YAAW,OAAlD33B,EAAc,EAAH,KAAyCA,YAC1DhK,EAAQgK,YAAcA,aAAW,EAAXA,EAAaA,YAAY,iCAE1CwjB,EAAAA,EAAAA,IAAYttB,KAAMF,IAAQ,gDAClC,kGAGD,WAAwBgK,GAAyB,4EAC1CA,EAAa,CAAF,gCACO9J,KAAK0I,aAAa+4B,YAAW,OAGT,GAHnCzkB,EAAS,EAAH,KACZlT,EAAckT,EAAOlT,YACf66B,EAAiB3kC,KAAK0I,aAAa0W,oBAAoB,eAC7Dpf,KAAK0I,aAAa1F,OAAO2hC,IAErB3kC,KAAKF,QAAQ6vB,KAAM,CAAF,kCACb2J,EAAAA,EAAAA,IAA4B,SAAUtc,GAAO,WAIlDlT,EAAa,CAAF,yCACPoB,QAAQT,QAAQ,OAAK,iCAEvBzK,KAAK6I,MAAM+2B,OAAO91B,IAAY,iDACtC,mGAGD,WAAyBkB,GAA2B,4EAC7CA,EAAc,CAAF,gCACMhL,KAAK0I,aAAa+4B,YAAW,OAGR,GAHpCzkB,EAAS,EAAH,KACZhS,EAAegS,EAAOhS,aAChB45B,EAAkB5kC,KAAK0I,aAAa0W,oBAAoB,gBAC9Dpf,KAAK0I,aAAa1F,OAAO4hC,IAErB5kC,KAAKF,QAAQ6vB,KAAM,CAAF,kCACb2J,EAAAA,EAAAA,IAA4B,UAAWtc,GAAO,WAInDhS,EAAc,CAAF,yCACRE,QAAQT,QAAQ,OAAK,iCAEvBzK,KAAK6I,MAAM+2B,OAAO50B,IAAa,iDACvC,iFAED,WAA+D,IAAzClL,EAAqC,UAAH,6CAAG,CAAC,EAExD+J,EAGE/J,EAHF+J,QACAg7B,EAEE/kC,EAFF+kC,sBACAl7B,EACE7J,EADF6J,MAKF,GAHKE,IACHA,EAAU7J,KAAK0I,aAAaqC,gBAAgBlB,UAEzCA,EACH,MAAO,QAEqB8E,IAA1Bk2B,IACFA,EAAwB7kC,KAAKF,QAAQ+kC,uBAGvC,IAAMC,GAAYlH,EAAAA,EAAAA,IAAa59B,MAAM8kC,UAC/BC,EAAcl7B,EAAQA,QACxBm7B,EAAYF,EAAY,kBAAoBjjC,mBAAmBkjC,GASnE,OARIF,IACFG,GAAa,6BAA+BnjC,mBAAmBgjC,IAG7Dl7B,IACFq7B,GAAa,UAAYnjC,mBAAmB8H,IAGvCq7B,CACT,GAAC,0CAID,WAAcllC,GAAwB,qGAgCnC,GA/BDA,EAAUS,OAAOC,OAAO,CAAC,EAAGV,GAGtBmlC,EAAatgC,OAAO8d,SAASyiB,OAC7BC,EAAaxgC,OAAO8d,SAASE,KAK7BkiB,EAA0D,OAAlC/kC,EAAQ+kC,sBAAiC,KACpE/kC,EAAQ+kC,uBACN7kC,KAAKF,QAAQ+kC,uBACbI,EACCt7B,EAAe,QAAV,EAAG7J,SAAO,aAAP,EAAS6J,MAGnBG,EAAchK,EAAQgK,YACtBkB,EAAelL,EAAQkL,aACrBo6B,GAAkD,IAA9BtlC,EAAQslC,mBAC5BC,GAAoD,IAA/BvlC,EAAQulC,0BAEe,IAAjBr6B,IAC/BA,EAAehL,KAAK0I,aAAaqC,gBAAgBC,cAG/Co6B,QAA4C,IAAhBt7B,IAC9BA,EAAc9J,KAAK0I,aAAaqC,gBAAgBjB,aAG7ChK,EAAQ+J,UACX/J,EAAQ+J,QAAU7J,KAAK0I,aAAaqC,gBAAgBlB,UAGlDw7B,IAAsBr6B,EAAY,kCAC9BhL,KAAKqlC,mBAAmBr6B,GAAa,YAGzCo6B,IAAqBt7B,EAAW,kCAC5B9J,KAAKolC,kBAAkBt7B,GAAY,QAG2B,GAAhE4vB,EAAoC,QAA1B,EAAc,QAAd,EAAG5vB,SAAW,aAAX,EAAa4vB,kBAAU,QAAgB,QAAhB,EAAI1uB,SAAY,aAAZ,EAAc0uB,YACxD15B,KAAKF,QAAQ6vB,OAAQ+J,EAAU,mCAC3BR,EAAAA,EAAAA,IAAiBQ,GAAW,QAG+C,GAA7EsL,EAAYhlC,KAAKslC,sBAAsB,EAAD,KAAMxlC,GAAO,IAAE+kC,sBAAAA,KAG3C,CAAF,iCAEgB7kC,KAAKulC,eAAc,QAU9C,OAVKC,EAAgB,EAAH,KACbjK,EAAc,IAAIkK,IAAIZ,GAAyBI,GACjDt7B,GACF4xB,EAAYmK,aAAaC,OAAO,QAASh8B,GAEvCk7B,IAA0BM,EAE5BxgC,OAAO8d,SAASE,KAAO4Y,EAAY5Y,KAEnChe,OAAO8d,SAASjiB,OAAO+6B,EAAY5Y,MACpC,kBACM6iB,GAAa,QASc,OAP9B1lC,EAAQ8lC,0BAEV5lC,KAAK0I,aAAa+F,QAElBzO,KAAK0I,aAAam9B,wBAGpBlhC,OAAO8d,SAASjiB,OAAOwkC,GAAW,mBAC3B,GAAI,iDAEd,4GAED,WAAmC1c,GAAmB,gFAC/CtoB,KAAKF,QAAQ6vB,KAAM,CAAF,qBACd,IAAIxrB,EAAAA,EAAa,mDAAkD,OAM1E,IAHK2F,EAAgBwe,EAAhBxe,eAEJA,EAAe9J,KAAK0I,aAAaqC,gBAAiBjB,aAG/CA,EAAa,CAAF,qBACR,IAAI3F,EAAAA,EAAa,oDAAmD,wBAGtD80B,EAAAA,EAAAA,IAAuB,QAAZ,EAACnvB,SAAW,aAAX,EAAa4vB,YAAW,OAA7C,OAAPV,EAAU,EAAH,gBACOW,EAAAA,EAAAA,IAAkB,EAAD,KAAKrR,GAAM,IAAE0Q,QAAAA,EAASlvB,YAAaA,EAAYA,eAAa,QAAtF,OAAL4yB,EAAQ,EAAH,uBACJ,CACL7M,cAAe,QAAF,OAAU/lB,EAAYA,aACnCgmB,KAAM4M,IACP,iDACF,iGAED,sGAAsC,KAAN,iCAChB,CAAF,yCACHvD,EAAAA,EAAAA,OAAsB,uBAGVn5B,KAAK0I,aAAa+4B,YAAW,OAC+B,GAD3EzkB,EAAS,EAAH,OACNgc,GAA4B,QAAlB,EAAAhc,EAAOlT,mBAAW,aAAlB,EAAoB4vB,cAAiC,QAAvB,EAAI1c,EAAOhS,oBAAY,aAAnB,EAAqB0uB,aAE1D,CAAF,kCACHR,EAAAA,EAAAA,IAAiBF,GAAQ,iDAElC,iFAED,SAAwBxQ,GACtB,IAAMsd,EAAUne,EAAAA,EAAAA,yBAAsCa,GAChDud,EAASpe,EAAAA,EAAAA,YAAyBme,QAAAA,EAAW,IACnD,IAAIhO,EAAAA,EAAAA,IAAiBiO,GAAS,SACxBnM,EAAuB,KAK3B,OAJInR,EAAAA,EAAAA,IAAYD,aAAO,EAAPA,EAAqBjmB,OACnCq3B,EAASpR,EAAoBjmB,IAAI,eAEG,QAAjC,EAAQ,QAAR,EAAGq3B,SAAK,QAAIpR,EAAQ,qBAAa,QAAIA,EAAQ,aAEpD,CAEA,OAAO,IACT,KAAC,EAzXH,CAAmCqb,IAAe,kBAGrBpf,GAAM,CAyXrC,qLE3bakS,GAAsB,ilBCyD5B,SAAS7T,IAEd,OAAO,SAAP,+bA4CE,WAAYhjB,GAAc,MA0DvB,OA1DuB,eACxB,cAAMA,IAAS,2nCA3ErB,SAA2BY,GAGzB,IAAIk7B,GAFJl7B,EAAOA,GAAQ,CAAC,GAEEk7B,OAClB,GAAIA,IAAW7mB,MAAM0Z,QAAQmN,GAC3B,MAAM,IAAIz3B,EAAAA,EAAa,kGAKzB,IAAI0mB,EAASnqB,EAAKmqB,OAClB,IAAKA,EACH,MAAM,IAAI1mB,EAAAA,EAAa,iIAKzB,IADiB,IAAI6hC,OAAO,iBACZ9c,KAAK2B,GACnB,MAAM,IAAI1mB,EAAAA,EAAa,4HAIzB,IAAuC,IAAnC0mB,EAAOjlB,QAAQ,eACjB,MAAM,IAAIzB,EAAAA,EAAa,yIAG3B,CAmDM8hC,CAAkBnmC,GAElB,EAAK+qB,QAASqb,EAAAA,EAAAA,IAAoBpmC,EAAQ+qB,QAC1C,EAAKkS,UAAWmJ,EAAAA,EAAAA,IAAoBpmC,EAAQi9B,UAC5C,EAAKyB,cAAe0H,EAAAA,EAAAA,IAAoBpmC,EAAQ0+B,cAChD,EAAKkD,aAAcwE,EAAAA,EAAAA,IAAoBpmC,EAAQ4hC,aAC/C,EAAKyE,WAAYD,EAAAA,EAAAA,IAAoBpmC,EAAQqmC,WAC7C,EAAKrB,WAAYoB,EAAAA,EAAAA,IAAoBpmC,EAAQglC,WAE7C,EAAK3C,MAAwB,IAAjBriC,EAAQqiC,KACpB,EAAKriB,SAAWhgB,EAAQggB,SACxB,EAAKyb,YAAcz7B,EAAQy7B,aACvB7e,EAAAA,EAAAA,eACF,EAAK6e,aAAc6K,EAAAA,EAAAA,IAActmC,EAAQy7B,YAAa52B,OAAO8d,SAASyiB,SAExE,EAAK/Y,aAAersB,EAAQqsB,aAC5B,EAAKvJ,aAAe9iB,EAAQ8iB,aAC5B,EAAKjZ,MAAQ7J,EAAQ6J,MACrB,EAAKiyB,OAAS97B,EAAQ87B,OAEtB,EAAKkC,kBAAoBh+B,EAAQg+B,gBACjC,EAAK/C,cAAgBj7B,EAAQi7B,cAC7B,EAAKC,oBAAsBl7B,EAAQk7B,oBACnC,EAAKS,UAAY37B,EAAQ27B,UACzB,EAAKJ,OAASv7B,EAAQu7B,OACtB,EAAK1L,MAAwB,IAAjB7vB,EAAQ6vB,KACpB,EAAK0S,YAAc,EAAH,CACdC,mBAAmB,GAChBxiC,EAAQuiC,aAGb,EAAK35B,aAAe5I,EAAQ4I,aAC5B,EAAKm8B,sBAAwB/kC,EAAQ+kC,sBACrC,EAAKriB,mBAAqB1iB,EAAQ0iB,mBAClC,EAAK4b,mBAAqB,EAAH,CAAKzH,oBAAAA,GAAwB72B,EAAQs+B,oBAE5D,EAAK7B,aAAez8B,EAAQy8B,aAC5B,EAAKmC,YAAc5+B,EAAQ4+B,YAK3B,EAAK2H,iBAAmBvmC,EAAQumC,eAS3BvmC,EAAQwmC,cAAyC,IAAzBxmC,EAAQwmC,aAGnC,EAAKA,aAAexmC,EAAQwmC,aAF5B,EAAKA,aAAe5/B,EAAAA,uBAGrB,CAEH,CAAC,iBAxGI,EADwB4lB,EAAAA,EAAAA,KA2GjC,oQCtHO,SAASia,EAAgBt+B,GAE9B,IAAIu+B,EAAsBv+B,EAAInI,QAAQqiC,KAAO,QAAU,WAEvD,OADmBl6B,EAAInI,QAAQ8iB,cAAgB4jB,CAEjD,CAEO,SAASpkB,EAA0Bna,EAAKnI,GAC7CA,EAAUA,GAAW,CAAC,GAClBmtB,EAAAA,EAAAA,IAASntB,KACXA,EAAU,CAAE4iB,IAAK5iB,IAKnB,IAGI2mC,EAHA/jB,EAAM5iB,EAAQ4iB,IACdE,EAAe9iB,EAAQ8iB,cAAgB2jB,EAAgBt+B,GACvDy+B,EAAYz+B,EAAIY,MAAMo2B,aAAaI,eASvC,KALEoH,EADmB,UAAjB7jB,EACSF,EAAMA,EAAIzW,UAAUyW,EAAI9c,QAAQ,MAAQ8gC,EAAUC,OAElDjkB,EAAMA,EAAIzW,UAAUyW,EAAI9c,QAAQ,MAAQ8gC,EAAU1hB,MAI7D,MAAM,IAAI7gB,EAAAA,EAAa,wCAGzB,OAAOyiC,EAAAA,EAAAA,GAAkBH,EAC3B,CAEO,SAASI,EAA0B5+B,EAAKnI,GAG5B,WADIA,EAAQ8iB,cAAgB2jB,EAAgBt+B,IA9C/D,SAAsBA,GACpB,IAAI6+B,EAAgB7+B,EAAIY,MAAMo2B,aAAaE,cACvC4H,EAAY9+B,EAAIY,MAAMo2B,aAAaK,eACnCoH,EAAYz+B,EAAIY,MAAMo2B,aAAaI,eACnCyH,GAAiBA,EAAcE,aACjCF,EAAcE,aAAa,KAAMD,EAAUE,MAAOP,EAAUQ,SAAWR,EAAU1hB,MAEjF0hB,EAAUC,OAAS,EAEvB,CAsC6BQ,CAAal/B,GA1D1C,SAAoBA,GAClB,IAAI6+B,EAAgB7+B,EAAIY,MAAMo2B,aAAaE,cACvC4H,EAAY9+B,EAAIY,MAAMo2B,aAAaK,eACnCoH,EAAYz+B,EAAIY,MAAMo2B,aAAaI,eACnCyH,GAAiBA,EAAcE,aACjCF,EAAcE,aAAa,KAAMD,EAAUE,MAAOP,EAAUQ,SAAWR,EAAUC,QAEjFD,EAAU1hB,KAAO,EAErB,CAiDiDoiB,CAAWn/B,EAC5D,CAEO,SAAeg3B,EAAa,EAAD,kCA4CjC,wCA5CM,WAA4Bh3B,EAAKnI,GAAsC,6EAY1E,GAXFA,EAAUA,GAAW,CAAC,GAClBmtB,EAAAA,EAAAA,IAASntB,KACXA,EAAU,CAAE4iB,IAAK5iB,IAKb6L,EAAqByW,EAA0Bna,EAAKnI,GACpD6J,EAAQgC,EAAIhC,MACZmxB,EAA+B7yB,EAAIm2B,mBAAmB7G,KAAK,CAC/D5tB,MAAAA,IAEgB,CAAF,mBACV1B,EAAInI,QAAQqiC,KAAM,CAAF,qBAEZ,IAAIh+B,EAAAA,EAAa,+JAA2JwK,GAAU,aAExL,IAAIxK,EAAAA,EAAa,yDAAwD,OAQhF,OANK24B,EAAmBhC,EAAYgC,YAC9BhC,EAAYgC,KAEdh9B,EAAQ4iB,KAEXmkB,EAA0B5+B,EAAKnI,GAChC,mBAEMo+B,EAAAA,EAAAA,GAAoBj2B,EAAK6yB,EAAanvB,EAAKmxB,GAC/C3xB,OAAM,SAAAkC,GAML,MALKg6B,EAAAA,EAAAA,IAA2Bh6B,IAC9BpF,EAAIm2B,mBAAmB3vB,MAAM,CAC3B9E,MAAAA,IAGE0D,CACR,IACClD,MAAK,SAAAwB,GAIJ,OAHA1D,EAAIm2B,mBAAmB3vB,MAAM,CAC3B9E,MAAAA,IAEKgC,CACT,KAAE,6CAEL,kKCjHD,SAAS27B,IACP,MAAM,IAAInjC,EAAAA,EACR,qFAEJ,CAGA,SAASojC,EAAeC,EAAsBxqB,GAC5C,OAAIsY,EAAAA,EAAAA,IAAUkS,GACLxqB,EAAOnT,SAEZwrB,EAAAA,EAAAA,IAAcmS,GACTxqB,EAAOlT,iBAEhBw9B,GACF,CAGO,SAAexH,EAAW,EAAD,kCAmC/B,wCAnCM,WAA0B73B,EAA6BY,GAAY,uFAK3B,IAJxCysB,EAAAA,EAAAA,IAAUzsB,KAAWwsB,EAAAA,EAAAA,IAAcxsB,IACtCy+B,MAGEtqB,EAAS/U,EAAIS,aAAaqC,iBACnBC,aAAc,CAAF,gCACN+0B,EAAAA,EAAAA,GAAuB93B,EAAK,CACzC2zB,OAAQ/yB,EAAM+yB,QACb5e,EAAOhS,cAAa,OAFjB,OAANgS,EAAS,EAAH,uBAGCuqB,EAAe1+B,EAAOmU,IAAO,OAYoC,OAPxEmP,EADElkB,EAAInI,QAAQqiC,KACC,QACN9M,EAAAA,EAAAA,IAAcxsB,GACR,QAEA,WAGT+yB,GAFP,EAE8E/yB,GAAvE+yB,OAAQ4C,EAAY,EAAZA,aAAckD,EAAW,EAAXA,YAAa7W,EAAM,EAANA,OAAQ6O,EAAU,EAAVA,WAAYsC,EAAW,EAAXA,YAAW,mBACnEwD,EAAAA,EAAAA,GAAiBv3B,EAAK,CAC3BkkB,aAAAA,EACAyP,OAAAA,EACA4C,aAAAA,EACAkD,YAAAA,EACA7W,OAAAA,EACA6O,WAAAA,EACAsC,YAAAA,IAEC7xB,MAAK,SAAUwB,GACd,OAAO47B,EAAe1+B,EAAO8C,EAAIqR,OACnC,KAAE,6CACL,kKClDM,SAAeoZ,EAAY,EAAD,kCA6ChC,wCA7CM,WAA2BnuB,EAAKnI,GAA2B,+FACE,KAA5Dkd,EAAwB,QAAlB,EAAU,QAAV,EAAGld,SAAO,aAAP,EAASkd,cAAM,QAAI/U,EAAIS,aAAaqC,iBACxCC,aAAc,CAAF,yCACd+0B,EAAAA,EAAAA,GAAuB93B,EAAKnI,GAAW,CAAC,EAAGkd,EAAOhS,eAAa,UAGnEgS,EAAOlT,aAAgBkT,EAAOnT,QAAO,sBAClC,IAAI1F,EAAAA,EAAa,2DAA0D,OAKhC,GAF7C2F,EAAckT,EAAOlT,aAAe,CAAC,EACrCD,EAAUmT,EAAOnT,SAAW,CAAC,EAC7B+xB,EAAS9xB,EAAY8xB,QAAU/xB,EAAQ+xB,OAChC,CAAF,sBACH,IAAIz3B,EAAAA,EAAa,sDAAqD,QAET,GAA/Dq6B,EAAe10B,EAAY00B,cAAgB30B,EAAQ20B,aACtC,CAAF,sBACT,IAAIr6B,EAAAA,EAAa,4DAA2D,QAsBnF,OApBKu9B,EAAc53B,EAAY43B,aAAez5B,EAAInI,QAAQ4hC,YACrD7W,EAAShhB,EAAQghB,QAAU5iB,EAAInI,QAAQ+qB,OACvC6O,EAAa5vB,aAAW,EAAXA,EAAa4vB,WAC1BsC,GAAclyB,aAAW,EAAXA,EAAakyB,eAAenyB,aAAO,EAAPA,EAASmyB,aAGzDl8B,EAAUS,OAAOC,OAAO,CACtBo7B,OAAAA,EACA4C,aAAAA,EACAkD,YAAAA,EACA7W,OAAAA,EACA6O,WAAAA,EACAsC,YAAAA,GACCl8B,GAECmI,EAAInI,QAAQqiC,KACdriC,EAAQqsB,aAAe,QAClB,GACoB0R,EAAAA,EAAAA,GAAsB51B,GAAvCkkB,EAAY,EAAZA,aACRrsB,EAAQqsB,aAAeA,GACxB,mBAEMqT,EAAAA,EAAAA,GAAiBv3B,EAAKnI,GAC1BqK,MAAK,SAAAwB,GAAG,OAAIA,EAAIqR,MAAM,KAAC,6CAE3B,+wBC3CM,SAAe+iB,EAAuB,EAAD,oCA6C3C,wCA7CM,WACL93B,EACA4yB,EACA4M,GAAgC,2FAEV,GAFU,EAELx/B,EAAInI,QAAvBggB,EAAQ,EAARA,SAAU6P,EAAI,EAAJA,KACb7P,EAAU,CAAF,qBACL,IAAI3b,EAAAA,EAAa,4EAA2E,OAUlC,GAVkC,SAI5FujC,EAAgCnnC,OAAOC,OAAO,CAAC,EAAGq6B,EAAa,CAAE/a,SAAAA,IAEnE2nB,EAAmBzL,cACrB0L,EAAiB1L,YAAcyL,EAAmBzL,aAG9C2L,EAAsC,EAAH,GAAOD,IAE5C/X,EAAM,CAAF,kCACgBsJ,EAAAA,EAAAA,IAAYwO,aAAkB,EAAlBA,EAAoB/N,YAAW,QAA3DV,EAAU,EAAH,KACb2O,EAAelL,YAAczD,EAC7B0O,EAAiB/X,KAAOA,EACxB+X,EAAiBhO,WAAa+N,EAAmB/N,WAAW,0BAGlCsD,EAAAA,EAAAA,GAAiB/0B,EAAK0/B,EAAgBF,GAAmB,QAC1C,OADrCtJ,EAAgB,EAAH,KACbrB,GAAOc,EAAAA,EAAAA,IAAa31B,EAAK4yB,GAAY,WAClBqD,EAAAA,EAAAA,GAAoBj2B,EAAKy/B,EAAkBvJ,EAAerB,GAAK,QAMvF,OANuF,SAAhF9f,EAAM,EAANA,QAGAhS,EAAiBgS,EAAjBhS,iBACa48B,EAAAA,EAAAA,GAAmB58B,EAAcy8B,IACpDx/B,EAAIS,aAAam/B,mBAAmB78B,GACrC,kBAEMgS,GAAM,QAMZ,MANY,2BAGT8qB,EAAAA,EAAAA,IAA2B,EAAD,KAE5B7/B,EAAIS,aAAaq/B,qBAClB,gEAGJ,6KCtCM,SAAelI,EAAY,EAAD,kCA6BhC,wCA7BM,WAA2B53B,EAA6BY,GAAqB,mFAMjF,GALGiB,EAAc,GACdkB,EAAe,GACfnC,IACAiB,EAAejB,EAAsBiB,YACrCkB,EAAgBnC,EAAuBmC,cAEvClB,GAAgBkB,EAAY,sBACxB,IAAI7G,EAAAA,EAAa,sDAAqD,OAGnC,GADvC2b,EAAW7X,EAAInI,QAAQggB,SACvByc,EAAet0B,EAAInI,QAAQy8B,aAC1Bzc,EAAU,CAAF,qBACL,IAAI3b,EAAAA,EAAa,8EAA6E,OASvB,OAN3EgiC,GAAYvI,EAAAA,EAAAA,IAAa31B,GAAKk+B,UAC9BzlC,GAAOqqB,EAAAA,EAAAA,IAAc,CAEvB2Y,gBAAiB14B,EAAe,gBAAkB,eAClDnC,MAAOmC,GAAgBlB,IACtBnH,MAAM,GACLqlC,EAAQzL,GAAenZ,EAAAA,EAAAA,IAAK,GAAD,OAAItD,EAAQ,YAAIyc,KAAkBnZ,EAAAA,EAAAA,IAAKtD,GAAS,mBACxEiP,EAAAA,EAAAA,IAAK9mB,EAAKk+B,EAAWzlC,EAAM,CAChC8nB,QAAS,CACP,eAAgB,oCAChB,cAAiB,SAAWwf,MAE9B,6CACH,6KC9CM,SAAShlB,IAEd,OAAO,SAAP,+bAIE,WAAYilB,EAA8C5hC,EAA8BhD,GAA0B,kCAC1G4kC,EAAuB5hC,EAAehD,EAC9C,CAwBC,OAxBA,6CAED,SAAsBvD,GACpBA,EAAUE,KAAKkoC,qBAAqB,cAAepoC,IACnDqoC,EAAAA,EAAAA,GAAkCroC,GAClC,IAAMyD,EAAUvD,KAAKid,WAAWnd,GAC1BmG,EAAanG,EAAQmG,YAAcc,EAAAA,yBACzC,OAAO,IAAIqhC,EAAAA,EAAY7kC,EAAS0C,EAClC,GAAC,wCAED,SAA2BnG,GACzBA,EAAUE,KAAKkoC,qBAAqB,qBAAsBpoC,IAC1DqoC,EAAAA,EAAAA,GAAkCroC,GAClC,IAAMyD,EAAUvD,KAAKid,WAAWnd,GAC1BmG,EAAanG,EAAQmG,YAAce,EAAAA,gCACzC,OAAO,IAAIohC,EAAAA,EAAY7kC,EAAS0C,EAClC,GAAC,mCAED,SAAsBnG,GACpBA,EAAUE,KAAKkoC,qBAAqB,eAAgBpoC,IACpDqoC,EAAAA,EAAAA,GAAkCroC,GAClC,IAAMyD,EAAUvD,KAAKid,WAAWnd,GAC1BmG,EAAanG,EAAQmG,YAAcgB,EAAAA,0BACzC,OAAO,IAAImhC,EAAAA,EAAY7kC,EAAS0C,EAClC,KAAC,EA9BI,CACGoiC,EAAAA,EAgCZ,qCCCO,IAAKhF,EAML,SAASiF,EAAQhzB,GACtB,SAAIA,IACCA,EAAIxL,aAAewL,EAAIzL,SAAWyL,EAAItK,eACvC+J,MAAM0Z,QAAQnZ,EAAIsmB,QAIxB,CAEO,SAASvG,EAAc/f,GAC5B,OAAOA,GAAOA,EAAIxL,WACpB,CAEO,SAASwrB,EAAUhgB,GACxB,OAAOA,GAAOA,EAAIzL,OACpB,CAEO,SAASqT,EAAe5H,GAC7B,OAAOA,GAAOA,EAAItK,YACpB,kIArBC,SAJWq4B,GAAAA,EAAS,qBAATA,EAAS,aAATA,EAAS,uBAIpB,CAJWA,IAAAA,EAAS,gMC/Bd,IAAM5lB,EAAgB,UAChBU,EAAgB,UAChBvV,EAAc,QACdK,EAAgB,UAChBwrB,EAAc,QACdrW,EAAoB,gMCejC,SAASmqB,EAAuBjzB,GAC9B,SAAKA,GAAsB,YAAf,OAAOA,IAAkD,IAA9B/U,OAAO8f,OAAO/K,GAAKvV,OAI5D,CAEO,SAASyoC,EAAuBlzB,GACrC,SAAKizB,EAAuBjzB,KAGnBA,EAAIimB,cAAiBjmB,EAAI6W,aACpC,CAEO,SAASsc,EAAsBnzB,GACpC,QAAKkzB,EAAuBlzB,MAGlBA,EAAY8mB,YACxB,CAEO,SAASsM,EAAqBpzB,GACnC,QAAKmzB,EAAsBnzB,MAGjBA,EAAYqzB,iBACxB,CAEO,SAASC,EAA4BtzB,GAC1C,QAAKizB,EAAuBjzB,SAGkE3G,IAApEpO,OAAO8f,OAAO/K,GAAKK,MAAK,SAACrU,GAAK,MAAuB,iBAAVA,CAAkB,GAEzF,CAEO,SAAS61B,EAAkB7hB,GAChC,SAAIkzB,EAAuBlzB,KAAQszB,EAA4BtzB,GAIjE,+pDC7DA,IAAMuzB,EAAkB,KAEjB,SAASC,EAAYC,EAAa3iC,EAAM8G,GACzC67B,EAAY/0B,iBACd+0B,EAAY/0B,iBAAiB5N,EAAM8G,GAEnC67B,EAAYC,YAAY,KAAO5iC,EAAM8G,EAEzC,CAEO,SAAS+7B,EAAeF,EAAa3iC,EAAM8G,GAC5C67B,EAAY70B,oBACd60B,EAAY70B,oBAAoB9N,EAAM8G,GAEtC67B,EAAYG,YAAY,KAAO9iC,EAAM8G,EAEzC,CAEO,SAAS6zB,EAAUoI,GACxB,IAAIC,EAAS5nC,SAAS6nC,cAAc,UAIpC,OAHAD,EAAOE,MAAMrO,QAAU,OACvBmO,EAAOD,IAAMA,EAEN3nC,SAASypB,KAAKse,YAAYH,EACnC,CAEO,SAAStH,EAAUqH,EAAKrpC,GAC7B,IAAImnC,EAAQnnC,EAAQ0pC,YAAc,iDAGlC,OAAO7kC,OAAO6N,KAAK22B,EAAKlC,EAFP,sFAGnB,CAEO,SAASrG,EAAuB34B,EAA6B44B,EAASl3B,GAC3E,IAAI8/B,EACAC,EA0BJ,OAzB2B,IAAIx+B,SAAQ,SAAUT,EAAS6C,GAExDm8B,EAAkB,SAAyB1mC,GACzC,GAAKA,EAAEyC,MAAQzC,EAAEyC,KAAKmE,QAAUA,EAShC,OAAI5G,EAAEmiC,SAAWj9B,EAAI6mB,kBACZxhB,EAAO,IAAInJ,EAAAA,EAAa,yDAEjCsG,EAAQ1H,EAAEyC,KACZ,EAEAsjC,EAAYnkC,OAAQ,UAAW8kC,GAE/BC,EAAY99B,YAAW,WACrB0B,EAAO,IAAInJ,EAAAA,EAAa,wBAC1B,GAAG08B,GAAWgI,EAChB,IAGGnd,SAAQ,WACPgJ,aAAagV,GACbT,EAAetkC,OAAQ,UAAW8kC,EACpC,GACJ,CAEO,SAASjI,EACdv5B,EACA44B,EACA5rB,EACAtL,GAEA,IAAI+/B,EAEE1b,EAAU,IAAI9iB,SAAQ,SAACT,EAAS6C,GACpC2H,EAAQpI,UAAY,SAAC9D,GAEnB,GAAKA,EAAM4gC,WAAc5gC,EAAMvD,KAI/B,MAA0B,YAAtB,OAAOuD,EAAMvD,OAAqBmE,IAAUZ,EAAMvD,KAAKmE,MAClDc,uWAAQ,CAAD,GAAM1B,EAAMvD,YAG5B8H,EAAO,IAAInJ,EAAAA,EAAa,yCAC1B,EAEAulC,EAAY99B,YAAW,WACrB0B,EAAO,IAAInJ,EAAAA,EAAa,wBAC1B,GAAG08B,GAAWgI,EAChB,IAEA,OAAO7a,EACNtC,SAAQ,WACPgJ,aAAagV,GACbz0B,EAAQlI,OACV,GACF,sGClGO,SAAS68B,EAAoC3hC,GAClD,MAKIA,EAAInI,QAJNggB,EAAQ,EAARA,SACAyb,EAAW,EAAXA,YACA3Y,EAAY,EAAZA,aACAjZ,EAAK,EAALA,MAEIkgC,GAAqBntB,EAAAA,EAAAA,aAAc/X,OAAO8d,SAASE,UAAOhU,EAChE,OAAO1O,EAAAA,EAAAA,IAAW,CAChB6f,SAAAA,EACAyb,YAAaA,GAAesO,EAC5BjnB,aAAAA,EACAjZ,MAAOA,IAASo4B,EAAAA,EAAAA,MAChB5V,aAAc,OACdmP,OAAQ,wBAEZ,sGChBO,SAASuC,EAAsB51B,GACpC,MAYIA,EAAInI,QAXNqiC,EAAI,EAAJA,KACAriB,EAAQ,EAARA,SACAyb,EAAW,EAAXA,YACApP,EAAY,EAAZA,aACAvJ,EAAY,EAAZA,aACAgZ,EAAM,EAANA,OACAH,EAAS,EAATA,UACAJ,EAAM,EAANA,OACA1xB,EAAK,EAALA,MACAm0B,EAAe,EAAfA,gBACAnO,EAAI,EAAJA,KAEIka,GAAqBntB,EAAAA,EAAAA,aAAc/X,OAAO8d,SAASE,UAAOhU,EAChE,OAAO1O,EAAAA,EAAAA,IAAW,CAChBkiC,KAAAA,EACAriB,SAAAA,EACAyb,YAAaA,GAAesO,EAC5B1d,aAAcA,GAAgB,CAAC,QAAS,YACxCvJ,aAAAA,EACAjZ,MAAOA,IAASo4B,EAAAA,EAAAA,MAChBnI,OAAOkQ,EAAAA,EAAAA,MACPlO,OAAQA,GAAU,CAAC,SAAU,SAC7BH,UAAAA,EACAJ,OAAAA,EACAyC,gBAAAA,EACAnO,KAAAA,GAEJ,mFC5CO,SAAS4O,EACdt2B,EACAqgB,GAgBA,MAZwC,CACtCuC,OAHa5iB,EAAInI,QAAQ+qB,OAIzBiS,MAHWc,EAAAA,EAAAA,IAAa31B,EAAKqgB,GAI7BxI,SAAUwI,EAAOxI,SACjByb,YAAajT,EAAOiT,YACpBpP,aAAc7D,EAAO6D,aACrBvJ,aAAc0F,EAAO1F,aACrBjZ,MAAO2e,EAAO3e,MACd8xB,UAAWnT,EAAOmT,UAClBC,gBAAiBpT,EAAOoT,gBAI5B,oICPO,SAAS2L,EAA2Bt9B,GACzC,MAAmB,eAAfA,EAAM3D,MAIuB,yBADd2D,EACAgc,SACrB,CAEO,SAASgkB,EAAyB9hC,EAA6B8B,GACpE,GAAmB,iBAAfA,EAAM3D,KACR,OAAO,EAET,IAEM4jC,EAFejgC,EAEc6b,IAC7BwG,EAAe4d,aAAa,EAAbA,EAAe5d,aACpC,OAAOnkB,EAAInI,QAAQqiC,MAA2C,mBAAlC/V,aAAY,EAAZA,EAAcriB,MAC5C,CAEO,SAAS+9B,EAA2B/9B,GAEzC,OAAO4e,EAAAA,EAAAA,cAAa5e,IACE,kBAApBA,EAAMgc,WACiB,6CAAvBhc,EAAM+b,YACV,4vCCxBO,SAASmkB,EAAgBjlB,GAC9B,MAAO,0BAA0BkE,KAAKlE,EACxC,CAGO,SAASklB,EAAqBC,GACnC,MAAO,aAAajhB,KAAKihB,EAC3B,CAGO,SAASC,EAAmBD,GACjC,MAAO,yBAAyBjhB,KAAKihB,EACvC,CAEO,SAASE,EAAcF,GAC5B,MAAO,cAAcjhB,KAAKihB,IAAiB,yBAAyBjhB,KAAKihB,EAC3E,CAEO,SAASG,EAAcC,EAAatiC,GACzC,IAAIuiC,EAAaviC,EAAInI,QACrB,SAAKyqC,IAAQC,EAAWjP,cAGuB,IAAxCgP,EAAI3kC,QAAQ4kC,EAAWjP,YAChC,CAEO,SAASkP,EAAW3qC,GACzB,OAAOA,EAAQqiC,MAAiC,SAAzBriC,EAAQqsB,cAAoD,UAAzBrsB,EAAQ8iB,YACpE,CAEO,SAAS8hB,EAAgBvY,EAAiCrsB,GAO/D,OALIiV,MAAM0Z,QAAQ3uB,EAAQqsB,eAAiBrsB,EAAQqsB,aAAapsB,OAC5CD,EAAQqsB,aAAavmB,QAAQumB,IAAiB,EAE9CrsB,EAAQqsB,eAAiBA,CAG/C,CAEO,SAASue,EAAgB5qC,GAG9B,OAFe2qC,EAAW3qC,IAC0B,aAAzBA,EAAQ8iB,aACjBje,OAAO8d,SAASkkB,OAAShiC,OAAO8d,SAASuC,IAC7D,CAMO,SAASjD,EAAiB9Z,GAE/B,IAAKqiC,EAAc3lC,OAAO8d,SAASE,KAAM1a,GACvC,OAAO,EAIT,IAAI0iC,EAAWF,EAAWxiC,EAAInI,SAC1BqqC,EAAeO,EAAgBziC,EAAInI,SAEvC,QAAIuqC,EAAcF,KAIdQ,EACaT,EAAqBC,IAAiBC,EAAmBD,GAKnEF,EAAgBtlC,OAAO8d,SAASuC,MACzC,CAMO,SAAS4lB,EAAuB3iC,EAA6BkiC,GAClE,IAAKA,EAAc,CAEjB,IAAKpoB,EAAgB9Z,GACnB,OAAO,EAGTkiC,EAAeO,EAAgBziC,EAAInI,QACrC,CACA,MAAO,gCAAgCopB,KAAKihB,EAC9C,gcCtFO,SAASpI,IACd,OAAO8I,EAAAA,EAAAA,IAAgB,GACzB,CAEO,SAASf,IACd,OAAOe,EAAAA,EAAAA,IAAgB,GACzB,CAEA,SAASC,EAAU7iC,GAAuD,IAA1BnI,EAAsB,UAAH,6CAAG,CAAC,EAErE,OADeomC,EAAAA,EAAAA,IAAoBpmC,EAAQ+qB,SAAW5iB,EAAInI,QAAQ+qB,MAEpE,CAEO,SAASkgB,EAAgB9iC,GAAuD,IAC/E4iB,EAASigB,EAAU7iC,EADwD,UAAH,6CAAG,CAAC,GAGlF,OADgB4iB,EAAOjlB,QAAQ,WAAa,EAAIilB,EAASA,EAAS,SAEpE,CAEO,SAASmgB,EAAe/iC,GAG7B,OAFe6iC,EAAU7iC,EADuD,UAAH,6CAAG,CAAC,GAE3D9F,MAAM,WAAW,EAEzC,CAEO,SAASy7B,EAAa31B,EAA6BnI,GACxD,GAAIgB,UAAUf,OAAS,EACrB,MAAM,IAAIoE,EAAAA,EAAa,wEAEzBrE,EAAUA,GAAW,CAAC,EAGtB,IAAI0+B,GAAe0H,EAAAA,EAAAA,IAAoBpmC,EAAQ0+B,eAAiBv2B,EAAInI,QAAQ0+B,aACxE3T,EAASigB,EAAU7iC,EAAKnI,GACxB4hC,GAAcwE,EAAAA,EAAAA,IAAoBpmC,EAAQ4hC,cAAgBz5B,EAAInI,QAAQ4hC,YACtE3E,GAAWmJ,EAAAA,EAAAA,IAAoBpmC,EAAQi9B,WAAa90B,EAAInI,QAAQi9B,SAChE+H,GAAYoB,EAAAA,EAAAA,IAAoBpmC,EAAQglC,YAAc78B,EAAInI,QAAQglC,UAClEqB,GAAYD,EAAAA,EAAAA,IAAoBpmC,EAAQqmC,YAAcl+B,EAAInI,QAAQqmC,UAElE8E,EAAUF,EAAgB9iC,EAAKnI,GAQnC,MAAO,CACL+qB,OAAQA,EACR2T,aARFA,EAAeA,GAAgByM,EAAU,gBASvCvJ,YARFA,EAAcA,GAAeuJ,EAAU,eASrClO,SARFA,EAAWA,GAAYkO,EAAU,YAS/B9E,UARFA,EAAYA,GAAa8E,EAAU,aASjCnG,UARFA,EAAYA,GAAamG,EAAU,aAUrC,kqBCpEO,SAAShJ,EACdh6B,EACA4yB,GAEA,IAEMqQ,EAAkC,CACtCrgB,OAHa5iB,EAAInI,QAAQ+qB,OAIzBiS,MAHWc,EAAAA,EAAAA,IAAa31B,EAAK4yB,GAI7B/a,SAAU+a,EAAY/a,SACtByb,YAAaV,EAAYU,YACzBpP,aAAc0O,EAAY1O,aAC1BvJ,aAAciY,EAAYjY,aAC1BgZ,OAAQf,EAAYe,OACpBjyB,MAAOkxB,EAAYlxB,MACnBiwB,MAAOiB,EAAYjB,MACnBkE,gBAAiBjD,EAAYiD,gBAC7BrC,UAAWZ,EAAYY,UACvBO,YAAanB,EAAYmB,aAG3B,OAAyB,IAArBnB,EAAYsH,KAEP+I,EAG6B,EAAH,KAC9BA,GAAS,IACZ9O,aAAcvB,EAAYuB,aAC1BpB,oBAAqBH,EAAYG,oBACjCD,cAAeF,EAAYE,eAI/B,uECrBA,SAASoQ,EAASC,GAChB,OAAQ,IAAMA,EAAIp/B,SAAS,KAAKq/B,QAAQ,EAC1C,CA0BA,KACE5jC,8BAAAA,EAAAA,8BACAw8B,iBAnBF,SAA0BqH,GACxB,IARuBvrC,EACnBwkB,EAOAgnB,EAAWD,GAAU,GAIzB,OAHIC,EAASxrC,OAASwH,EAAAA,sBACpBgkC,IAVqBxrC,EAUiBwH,EAAAA,oBAAsBgkC,EAASxrC,OATnEwkB,EAAI,IAAIV,WAAW/X,KAAK0/B,KAAKzrC,EAAS,IAC1C8kB,EAAAA,GAAAA,gBAA0BN,GAChBxP,MAAMC,KAAKuP,EAAG4mB,GAASvoC,KAAK,IAC3BD,MAAM,EAAG5C,KAQb8B,mBAAmB0pC,GAAU5oC,MAAM,EAAG6E,EAAAA,oBAC/C,EAcE08B,iBAZF,SAA0BhhB,GACxB,IAAIU,GAAS,IAAIe,aAAcC,OAAO1B,GACtC,OAAO2B,EAAAA,GAAAA,OAAAA,OAAwB,UAAWjB,GAAQzZ,MAAK,SAAS2a,GAC9D,IAAIE,EAAOX,OAAOC,aAAaW,MAAM,KAAM,IAAIpB,WAAWiB,IAE1D,OADW7B,EAAAA,EAAAA,IAAkB+B,EAE/B,GACF,6qBCEO,SAASsZ,EACdr2B,EACAnI,GAEA,OAhCF,SACEwoB,GAUA,KARAA,EAAS,EAAH,KACDA,GAAM,IAET6D,aAAc,OACdmP,OAAQ,uBACRD,OAAQ,KAGEK,gBACV,MAAM,IAAIv3B,EAAAA,EAAa,uCAEzB,IAAKmkB,EAAOmT,UAGV,MAAM,IAAIt3B,EAAAA,EAAa,gCAOzB,cAHOmkB,EAAOsT,cACPtT,EAAOsR,MAEPtR,CACT,CAOSmjB,CAAc,EAAD,MACf7B,EAAAA,EAAAA,GAAoC3hC,IACpCnI,GAEP,8yBChCO,SAAS4rC,EAAkBzjC,GAChC,IAAKA,EAAI7H,SAASopB,kBAAmB,CACnC,IAAImiB,EAAe,sFASnB,MARK1jC,EAAI7H,SAASqpB,YAEhBkiB,GAAgB,oGAEb1jC,EAAI7H,SAASmpB,mBAEhBoiB,GAAgB,0GAEZ,IAAIxnC,EAAAA,EAAawnC,EACzB,CACF,CAEO,SAAeC,EAA4B,EAAD,kCAWhD,wCAXM,WAA2C3jC,EAA6B+yB,GAA4B,iEAEK,OAA9GA,EAAsBA,GAAuB/yB,EAAInI,QAAQk7B,qBAAuBvzB,EAAAA,8BAA8B,UAG9E21B,EAAAA,EAAAA,GAAan1B,GAAI,OACwB,IAC3B,KAFpB,EAAH,KAC2C,kCAAK,IAC3DrC,QAAQo1B,GAA2B,sBACvC,IAAI72B,EAAAA,EAAa,iCAAgC,gCAElD62B,GAAmB,4CAC3B,sBAEM,SAAe6Q,EAAY,EAAD,kCA6BhC,wCA7BM,WACL5jC,EACA4yB,GAAwB,6EASmC,GANzDuB,GAHsB,EAMpBvB,GAHFuB,aACArB,EAAa,EAAbA,cACAC,EAAmB,EAAnBA,oBAIFD,EAAgBA,GAAiB9yB,EAAInI,QAAQi7B,cACzB,CAAF,eAEuC,OADvD2Q,EAAkBzjC,GAClBm0B,EAAeA,GAAgB4H,EAAAA,EAAAA,mBAAwB,SACjCA,EAAAA,EAAAA,iBAAsB5H,GAAa,OAAzDrB,EAAgB,EAAH,6BAEa6Q,EAA4B3jC,EAAK+yB,GAAoB,QAS/E,OATFA,EAAsB,EAAH,KAGnBH,EAAc,EAAH,KACNA,GAAW,IACd1O,aAAc,OACdiQ,aAAAA,EACArB,cAAAA,EACAC,oBAAAA,IACA,kBAEKH,GAAW,6CACnB,sBAGM,SAAe0E,EAAmB,GAAD,+BAkBvC,wCAlBM,WACLt3B,GAA2B,qFAKmB,GAJ9C4yB,EAA2B,EAAH,6BAAG,CAAC,EAGtBiR,GAAWjO,EAAAA,EAAAA,GAAsB51B,KACvC4yB,EAAc,EAAH,KAAQiR,GAAajR,IAEhBlL,MAAS1nB,EAAI7H,SAASypB,kBAAiB,sBAC/C,IAAI1lB,EAAAA,EAAa,6DAA4D,WAG5D,IAArB02B,EAAYsH,KAAc,yCAErBtH,GAAW,gCAGbgR,EAAY5jC,EAAK4yB,IAAY,2CACrC,iIChGM,SAAS+M,EAAmBrjB,EAAiBC,GAClD,OAAQD,EAAEvZ,eAAiBwZ,EAAExZ,YAC/B,CAEO,SAAS+gC,EAAoB1+B,GAClC,UAAKqb,EAAAA,EAAAA,gBAAerb,KAIfA,EAAIuY,MAAQvY,EAAIuY,IAAIwG,cAKE,kBADF/e,EAAIuY,IAArBwG,aACSriB,MAKnB,qCCRO,SAAS68B,EAAkBuD,GAEhC,IAAI6B,EAAa,MACbC,EAAa,qBACbC,EAAW/B,GAAgB,GAGJ,MAAvB+B,EAASC,OAAO,IAAqC,MAAvBD,EAASC,OAAO,KAChDD,EAAWA,EAASjgC,UAAU,IAIL,MAAvBigC,EAASC,OAAO,IAAqC,MAAvBD,EAASC,OAAO,KAChDD,EAAWA,EAASjgC,UAAU,IAQhC,IAJA,IAGIkf,EAHA7V,EAAM,CAAC,EAKT6V,EAAQ8gB,EAAW1jB,KAAK2jB,IADb,CAIX,IAAIlrC,EAAMmqB,EAAM,GACZ7pB,EAAQ6pB,EAAM,GAIhB7V,EAAItU,GADM,aAARA,GAA8B,iBAARA,GAAkC,SAARA,EACvCM,EAEAS,mBAAmBT,EAAMQ,QAAQkqC,EAAY,KAE5D,CACA,OAAO12B,CACT,kHChCO,SAAS82B,EAAenkC,EAA6B+vB,EAAoBkL,GAC9E,IAAMmJ,EAAMnJ,EAAiBpjB,SACvBwjB,EAAMJ,EAAiBrY,OACvB+O,EAAQsJ,EAAiBtJ,MACzB0S,EAAMpJ,EAAiBzH,UAE7B,IAAKzD,IAAWsL,IAAQ+I,EACtB,MAAM,IAAIloC,EAAAA,EAAa,oDAGzB,GAAIy1B,GAAS5B,EAAO4B,QAAUA,EAC5B,MAAM,IAAIz1B,EAAAA,EAAa,yDAGzB,IAAMxC,EAAMmK,KAAKsH,MAAM1R,KAAKC,MAAM,KAElC,GAAIq2B,EAAOsL,MAAQA,EACjB,MAAM,IAAIn/B,EAAAA,EAAa,eAAiB6zB,EAAOsL,IAAxB,qBACAA,EAAM,KAG/B,GAAKvuB,MAAM0Z,QAAQuJ,EAAOqU,MAAQrU,EAAOqU,IAAIzmC,QAAQymC,GAAO,IACxDt3B,MAAM0Z,QAAQuJ,EAAOqU,MAAQrU,EAAOqU,MAAQA,EAE9C,MAAM,IAAIloC,EAAAA,EAAa,iBAAmB6zB,EAAOqU,IAA1B,qBACAA,EAAM,KAG/B,GAAIC,GAAOtU,EAAOsU,MAAQA,EACxB,MAAM,IAAInoC,EAAAA,EAAa,YAAc6zB,EAAOsU,IAArB,gCACWA,EAAM,KAG1C,GAAItU,EAAOuC,IAAOvC,EAAOiL,IACvB,MAAM,IAAI9+B,EAAAA,EAAa,wCAGzB,IAAK8D,EAAInI,QAAQumC,eAAgB,CAC/B,GAAK1kC,EAAMsG,EAAInI,QAAQwmC,aAAiBtO,EAAOiL,IAC7C,MAAM,IAAI9+B,EAAAA,EAAa,0CAGzB,GAAI6zB,EAAOuC,IAAQ54B,EAAMsG,EAAInI,QAAQwmC,aACnC,MAAM,IAAIniC,EAAAA,EAAa,mCAE3B,CACF,6FC3DO,SAAS+wB,EAAcrsB,EAAc6E,GAC1C,KAAK4nB,EAAAA,EAAAA,IAAUzsB,MAAWwsB,EAAAA,EAAAA,IAAcxsB,MAAWqU,EAAAA,EAAAA,IAAerU,GAChE,MAAM,IAAI1E,EAAAA,EACR,iHAIJ,GAAa,gBAATuJ,KAA2B2nB,EAAAA,EAAAA,IAAcxsB,GAC3C,MAAM,IAAI1E,EAAAA,EAAa,uBAEzB,GAAa,YAATuJ,KAAuB4nB,EAAAA,EAAAA,IAAUzsB,GACnC,MAAM,IAAI1E,EAAAA,EAAa,mBAGzB,GAAa,iBAATuJ,KAA4BwP,EAAAA,EAAAA,IAAerU,GAC7C,MAAM,IAAI1E,EAAAA,EAAa,uBAE3B,gKCAO,SAAe+gB,EAAY,EAAD,oCA4ChC,wCA5CM,WAA2Bjd,EAA6BY,EAAgBq6B,GAAmC,oFAC3Gr6B,GAAUA,EAAMgB,QAAO,sBACpB,IAAI1F,EAAAA,EAAa,iCAAgC,OAQc,OAJjEohB,GAAMmS,EAAAA,EAAAA,GAAY7uB,EAAMgB,SAIxB0iC,GAAmBrJ,aAAgB,EAAhBA,EAAkBrY,SAAU5iB,EAAInI,QAAQ+qB,OAAM,UAC9CuS,EAAAA,EAAAA,GAAan1B,EAAKskC,GAAiB,OAYR,GAZQ,SAApD1hB,EAAM,EAANA,OAEF2hB,EAAuCjsC,OAAOC,OAAO,CAEzDsf,SAAU7X,EAAInI,QAAQggB,SACtBge,gBAAiB71B,EAAInI,QAAQg+B,iBAC5BoF,EAAkB,CAEnBrY,OAAAA,KAIFuhB,EAAAA,EAAAA,GAAenkC,EAAKsd,EAAIC,QAASgnB,GAIQ,GAArCA,EAAkB1O,iBAA4B71B,EAAI7H,SAASkpB,yBAAwB,0CAC9EzgB,GAAK,0BAIIy0B,EAAAA,EAAAA,GAAOr1B,EAAKY,EAAMgiB,OAAQtF,EAAI0C,OAAOsV,KAAK,QAAnD,OAAHv8B,EAAM,EAAH,eACWyrC,EAAAA,EAAsB5jC,EAAMgB,QAAS7I,GAAI,QAAlD,GAAG,EAAH,KACC,CAAF,sBACF,IAAImD,EAAAA,EAAa,oCAAmC,aAExD++B,GAAoBA,EAAiBp5B,aAAejB,EAAMmvB,OAAO0U,SAAO,kCACvDD,EAAAA,EAAsBvJ,EAAiBp5B,aAAY,QAA5D,GAAG,EAAH,OACGjB,EAAMmvB,OAAO0U,QAAO,uBACzB,IAAIvoC,EAAAA,EAAa,kCAAiC,iCAGrD0E,GAAK,6CACb,6NClDD,SAAS8jC,EAAc1kC,GACrB,OAAOA,EAAI2kC,QAAQrqC,MAChB4H,MAAK,SAASwB,GACb,MAAmB,WAAfA,EAAIvC,MAIV,IACC+B,OAAM,WACL,OAAO,CACT,GACJ,CAEA,SAAS0hC,EAAW5kC,GAClB,OAAO1F,EAAAA,EAAAA,IAAI0F,EAAK,sBAAuB,CAAEwjB,iBAAiB,IACzDthB,MAAK,SAASyiC,GACb,IAAIjhC,GAAMmhC,EAAAA,EAAAA,IAAKF,EAAS,UAUxB,OARAjhC,EAAIohC,QAAU,WACZ,OAAOhe,EAAAA,EAAAA,IAAK9mB,GAAK+kC,EAAAA,EAAAA,IAAQJ,EAAS,WAAWjqB,KAAM,CAAC,EAAG,CAAE8I,iBAAiB,GAC5E,EAEA9f,EAAIshC,KAAO,WACT,OAAO1qC,EAAAA,EAAAA,IAAI0F,GAAK+kC,EAAAA,EAAAA,IAAQJ,EAAS,QAAQjqB,KAAM,CAAE8I,iBAAiB,GACpE,EAEO9f,CACT,IACCR,OAAM,WAEL,MAAO,CAAC/B,OAAQ,WAClB,GACF,CAEA,SAASm8B,EAAat9B,GACpB,OAAOqlB,EAAAA,EAAAA,IAAYrlB,EAAK,CACtBya,IAAKza,EAAI6mB,kBAAoB,sBAC7BvZ,OAAQ,SACRkW,iBAAiB,GAErB,CAEA,SAASyhB,EAAejlC,GACtB,OAAO8mB,EAAAA,EAAAA,IAAK9mB,EAAK,wCAAyC,CAAC,EAAG,CAAEwjB,iBAAiB,GACnF,CAEA,SAAS0hB,EAAqBllC,EAAKuzB,EAAc4R,GAC/CA,EAAcA,GAAezoC,OAAO8d,SAASE,KAC7Che,OAAO8d,SAASjiB,OAAOyH,EAAI6mB,kBAAoB,gCAC7C/D,EAAAA,EAAAA,IAAc,CACZsiB,2BAA2B,EAC3BxkC,MAAO2yB,EACP4R,YAAaA,IAEnB,mFClEO,SAASE,EAAiBrlC,GAQ/B,MAPgB,CACd8E,MAAOw4B,EAAAA,GAAAA,KAAkB,KAAMt9B,GAC/BslC,OAAQZ,EAAAA,GAAAA,KAAmB,KAAM1kC,GACjC1F,IAAKsqC,EAAAA,GAAAA,KAAgB,KAAM5kC,GAC3B8kC,QAASG,EAAAA,GAAAA,KAAoB,KAAMjlC,GACnCklC,qBAAsBA,EAAAA,GAAAA,KAA0B,KAAMllC,GAG1D,8bCLO,SAASwZ,EAOfN,GAEC,OAAO,SAAP,+bAIE,aAA4B,iDAAbzgB,EAAI,yBAAJA,EAAI,gBAGqB,OAFtC,+BAASA,KAAM,oCAEf,EAAKksC,SAAUU,EAAAA,EAAAA,IAAiB,WAAM,CACxC,CAiBC,OAjBA,oCAGD,WAAiC,WAC/B,OAAOttC,KAAK4sC,QAAQ7/B,QACnB5C,MAAK,+FAEgB,OAApB,EAAKmsB,eAAe,mBACb,GAAI,4CAEZnrB,OAAM,SAASpI,GACd,GAAe,iBAAXA,EAAEqD,MAA2C,aAAhBrD,EAAEgjB,UAEjC,OAAO,EAET,MAAMhjB,CACR,GACF,KAAC,EAzBI,CAA8Boe,EA2BvC,oKCbO,SAASgnB,EAAkCroC,IAC3C4c,EAAAA,EAAAA,cAAgB5c,EAAQkE,iBAAoBlE,EAAQmG,aAEvDxB,EAAAA,EAAAA,IAAK,8KAET,CAGO,IAAM4jC,EAAkB,WAK7B,WAAYJ,EAA8C5hC,EAA8BhD,IAA0B,oIAChHrD,KAAKioC,sBAAwBA,EAC7BjoC,KAAKqG,cAAgBA,EACrBrG,KAAKqD,YAAcA,CACrB,CAuDC,OAvDA,4CAGD,SAAqBmqC,EAAqBC,GACxC,OAAOltC,OAAOC,OAAO,CAAC,EAAGR,KAAKioC,sBAAsBuF,GAAcC,EACpE,GAAC,wBAID,SAAW3tC,GAGT,IAFAA,EAAUS,OAAOC,OAAO,CAAC,EAAGR,KAAKqG,cAAevG,IAEpCkE,gBACV,OAAOlE,EAAQkE,gBAGjB,MAAoClE,EAA9B+D,EAAW,EAAXA,YAAa6pC,EAAY,EAAZA,aASnB,GAPmB,mBAAhB7pC,IACD/D,EAAQmF,eAAgB,GAMtBpB,GAAe6pC,EAAc,CAC/B,IAAMC,EAAMD,EAAa9nC,QAAQ/B,GAC7B8pC,GAAO,IACTD,EAAeA,EAAa/qC,MAAMgrC,GAClC9pC,OAAc8K,EAElB,CAMA,OAJK9K,IAEHA,EAAc7D,KAAKqD,YAAYe,gBAAgBspC,IAE1C1tC,KAAKqD,YAAYU,iBAAiBF,EAAa/D,EACxD,GAAC,6BAGD,SAAgBA,GAEdqoC,EADAroC,EAAUE,KAAKkoC,qBAAqB,QAASpoC,IAE7C,IAAMyD,EAAUvD,KAAKid,WAAWnd,GAC1BmG,EAAanG,EAAQmG,YAAcW,EAAAA,mBACzC,OAAO,IAAIwhC,EAAAA,EAAY7kC,EAAS0C,EAClC,GAAC,0BAGD,SAAanG,GACXA,EAAUE,KAAKkoC,qBAAqB,QAASpoC,GAC7C,IAAMyD,EAAUvD,KAAKid,WAAWnd,GAC1BmG,EAAanG,EAAQmG,YAAcY,EAAAA,mBACzC,OAAO,IAAIuhC,EAAAA,EAAY7kC,EAAS0C,EAClC,KAAC,EAhE4B,kHCtBlBmiC,EAAW,WAItB,WAAY7kC,EAAwBqqC,GAClC,IADuD,0FAClDrqC,EACH,MAAM,IAAIY,EAAAA,EAAa,yBAGzB,GAA2B,iBAAhBypC,IAA6BA,EAAY7tC,OAClD,MAAM,IAAIoE,EAAAA,EAAa,6BAGzBnE,KAAK4tC,YAAcA,EACnB5tC,KAAKgE,gBAAkBT,CACzB,CA6DC,OA7DA,+BAMD,SAAQvC,GACN,OAAOhB,KAAKid,aAAajc,EAC3B,GAAC,qBAED,SAAQA,EAAaM,GACnB,OAAOtB,KAAK4uB,cAAc5tB,EAAKM,EACjC,GAAC,wBAED,SAAWN,GACT,OAAOhB,KAAKs2B,aAAat1B,EAC3B,GAAC,wBAMD,WACE,IAAI6sC,EAAgB7tC,KAAKgE,gBAAgBkB,QAAQlF,KAAK4tC,aACtDC,EAAgBA,GAAiB,KACjC,IACE,OAAOhoC,KAAKC,MAAM+nC,EACpB,CAAE,MAAM9qC,GACN,MAAM,IAAIoB,EAAAA,EAAa,mCAAqCnE,KAAK4tC,YACnE,CACF,GAAC,wBAED,SAAWt4B,GACT,IACE,IAAIu4B,EAAgBv4B,EAAMzP,KAAKE,UAAUuP,GAAO,KAChDtV,KAAKgE,gBAAgBmB,QAAQnF,KAAK4tC,YAAaC,EACjD,CAAE,MAAM9qC,GACN,MAAM,IAAIoB,EAAAA,EAAa,0BAA4BnE,KAAK4tC,YAC1D,CACF,GAAC,0BAED,SAAa5sC,GACX,GAAKA,EAAL,CAUA,IAAIsU,EAAMtV,KAAKid,oBACR3H,EAAItU,GACXhB,KAAKue,WAAWjJ,EAJhB,MANMtV,KAAKgE,gBAAgBqB,WACvBrF,KAAKgE,gBAAgBqB,WAAWrF,KAAK4tC,aAErC5tC,KAAKue,YAQX,GAAC,2BAED,SAAcvd,EAAKM,GACjB,IAAIgU,EAAMtV,KAAKid,aACf3H,EAAItU,GAAOM,EACXtB,KAAKue,WAAWjJ,EAClB,KAAC,EA5EqB,uWCTjB,SAAS+L,EAOdF,EAAa2sB,GAGb,OAAO,SAAP,+bAGE,aAA4B,iDAAbptC,EAAI,yBAAJA,EAAI,gBACjB,+BAASA,KAAM,2CACf,MAAiD,EAAKZ,QAA9C4tB,EAAc,EAAdA,eAAgBlrB,EAAO,EAAPA,QAASa,EAAW,EAAXA,YACiD,OAAlF,EAAKqqB,eAAiB,IAAIogB,EAAepgB,EAAiBlrB,EAAUa,GAAc,CACpF,CAGC,OAHA,oCACD,WAEA,KAAC,EAVI,CAA8B8d,EAYvC,2KCLa4sB,EAAiD,CAC5DllC,MAAO,CACL6kC,aAAc,CACZ,eACA,iBACA,WAGJM,MAAO,CACLN,aAAc,CACZ,eACA,iBACA,WAGJp9B,YAAa,CACXo9B,aAAc,CACZ,iBACA,eACA,WAGJ,qBAAsB,CACpBA,aAAc,CACZ,iBAGJ,eAAgB,CACdA,aAAc,CACZ,gmBCrCC,SAAS9gB,IAGd,OAAO,SAAP,+bAKE,WAAYlsB,GAAW,MAIwD,OAJxD,eACrB,cAAMA,IAAM,yHACZ,EAAK8B,QDgCJ,WAAgF,IAAlBinB,EAAgB,uCAI/EwkB,GAJ2D,UAAH,6CAAG,CAAC,GAItCzrC,SAAW,CAAC,EAyBtC,YAxBqC,IAA1ByrC,EAAelpC,SACxBkpC,EAAelpC,OAAS0kB,QAEa,IAA5BwkB,EAAejpC,WACxBipC,EAAejpC,SAAWipC,EAAelpC,OAAS,OAAS,OAIzDkpC,EAAelpC,SAAW0kB,KAE5BhlB,EAAAA,EAAAA,IACE,2LAIFwpC,EAAelpC,QAAS,GAKM,SAA5BkpC,EAAejpC,UAAwBipC,EAAelpC,SACxDkpC,EAAejpC,SAAW,OAGrBipC,CACT,CC9DqBC,CAAkBxtC,GAAM+oB,EAAAA,EAAAA,YACvC,EAAKpmB,YAAc3C,EAAK2C,aDTR9C,OAAOC,OAAO,CAAC,EAAGsjC,EAAAA,EAAgB,CACpD39B,cAAe,CAAC,ICSd,EAAKunB,eAAiB,EAAH,KAAQqgB,GAA4BrtC,EAAKgtB,gBAAiB,CAC/E,CAAC,iBAVI,EADwBjtB,EAAAA,EAAAA,KAajC,0HCFa+H,EAAY,WAKvB,aAA6D,IAAjD1I,EAA+B,UAAH,6CAAG,CAAE2I,OAAO,IAAO,0GACzDzI,KAAK4+B,MAAQ,GACb5+B,KAAKmuC,SAAU,EACfnuC,KAAKF,QAAUA,CACjB,CAiDC,OAjDA,4BAKD,SAAKyV,EAA+B64B,GAAiC,kCAAb1tC,EAAI,iCAAJA,EAAI,kBAC1D,OAAO,IAAIwK,SAAQ,SAACT,EAAS6C,GACvB,EAAKsxB,MAAM7+B,OAAS,IAGK,IAAvB,EAAKD,QAAQ2I,QACfhE,EAAAA,EAAAA,IACE,iJAKN,EAAKm6B,MAAM3zB,KAAK,CACdsK,OAAAA,EACA64B,WAAAA,EACA1tC,KAAAA,EACA+J,QAAAA,EACA6C,OAAAA,IAEF,EAAKwL,KACP,GACF,GAAC,iBAED,WAAM,WACJ,IAAI9Y,KAAKmuC,SAGiB,IAAtBnuC,KAAK4+B,MAAM7+B,OAAf,CAGAC,KAAKmuC,SAAU,EAEf,IAAIE,EAAYruC,KAAK4+B,MAAMp6B,QACvBmH,EAAM0iC,EAAU94B,OAAO0P,MAAMopB,EAAUD,WAAYC,EAAU3tC,OAC7D4tC,EAAAA,EAAAA,IAAU3iC,GACXA,EAAyBxB,KAAKkkC,EAAU5jC,QAAS4jC,EAAU/gC,QAAQoe,SAAQ,WAC1E,EAAKyiB,SAAU,EACf,EAAKr1B,KACP,KAEAu1B,EAAU5jC,QAAQkB,GAClB3L,KAAKmuC,SAAU,EACfnuC,KAAK8Y,MAbP,CAeF,KAAC,EA1DsB,qCCjBlB,SAASy1B,IACd,MAAsB,oBAAX5pC,OACFA,OAAOiT,QACc,oBAAZA,QACTA,aAEP,CAEJ,CAEO,SAASvO,IACd,IAAImlC,EAAgBD,IAGpB,OAAIC,GAAiBA,EAAcrlC,IAC1BqlC,EAEF,CACLrlC,IAAK,WAAY,EACjB1E,KAAM,WAAY,EAClB6E,MAAO,WAAY,EACnBC,SAAU,WAAY,EAE1B,CAEO,SAAS9E,EAAKqnB,GAEnBziB,IAAa5E,KAAK,yBAA2BqnB,EAE/C,CAEO,SAAS2iB,EAAU3iB,GAExBziB,IAAa5E,KAAK,gCAAkCqnB,EAEtD,CAEO,SAAS4iB,EAAc5iB,EAAM5e,GAClC,OAAO,WAEL,OADAuhC,EAAU3iB,GACH5e,EAAG+X,MAAM,KAAMnkB,UACxB,CACF,u+BC3CO,SAAS6tC,EAAezrB,GAC7B,IAAIxgB,EAAQwgB,EAAIgF,MAAM,QAClB0mB,EAAUltC,KAAKmtC,IAAInsC,EAAM,GAAIA,EAAM,GAAK,EAAGA,EAAM,GAAIA,EAAM,GAAIA,EAAM,GAAIA,EAAM,IAGnF,OAFc,IAAIhB,KAAKktC,GAERhtC,aACjB,CAEO,SAASipC,EAAgB9qC,GAG9B,IAFA,IACIgM,EAAS,GACJqO,EAAI,EAA8BA,EAAIra,IAAUqa,EACvDrO,GAHkB,gEAGMD,KAAKsH,MADV07B,GACgBhjC,KAAKC,WAE1C,OAAOA,CACT,CAEO,SAASgjC,EAAM1iC,GACpB,OAAO,IAAInB,SAAQ,SAAST,GAC1BmB,WAAWnB,EAAS4B,EACtB,GACF,CAEO,SAAS2iC,EAAO9rB,EAAK+rB,GAC1B,IAAMvsC,EAAQwgB,EAAI/gB,MAAM8sC,GACxB,MAAO,CACLvsC,EAAM,GACNA,EAAMwsC,OAAO,EAAGxsC,EAAM3C,QAAQ6C,KAAKqsC,GAEvC,6IC7BO,SAASj3B,EAAK9K,EAAIiiC,GACvB,IAAIC,EAAiBr6B,MAAMzU,UAAUqC,MAAM8U,KAAK3W,UAAW,GAC3D,OAAO,WACL,IAAIJ,EAAOqU,MAAMzU,UAAUqC,MAAM8U,KAAK3W,WAEtC,OADAJ,EAAO0uC,EAAe35B,OAAO/U,GACtBwM,EAAG+X,MAAMkqB,EAAKzuC,EACvB,CACF,CAGO,SAAS2uC,IAEd,IAAIC,EAAOxuC,UAAU,GAWrB,MATe,GAAG6B,MAAM8U,KAAK3W,UAAW,GAC/B4E,SAAQ,SAAS4P,GACxB,IAAK,IAAIi6B,KAAQj6B,EAEX/U,OAAOD,UAAUq0B,eAAeld,KAAKnC,EAAKi6B,SAAuB5gC,IAAd2G,EAAIi6B,KACzDD,EAAKC,GAAQj6B,EAAIi6B,GAGvB,IACOD,CACT,CAEO,SAASrvC,EAAWqV,GACzB,IAAIk6B,EAAU,CAAC,EACf,IAAK,IAAID,KAAQj6B,EACf,GAAI/U,OAAOD,UAAUq0B,eAAeld,KAAKnC,EAAKi6B,GAAO,CACnD,IAAIjuC,EAAQgU,EAAIi6B,GACZjuC,UACFkuC,EAAQD,GAAQjuC,EAEpB,CAEF,OAAOkuC,CACT,CAEO,SAASrqB,EAAM7P,GACpB,GAAIA,EAAK,CACP,IAAI4N,EAAMrd,KAAKE,UAAUuP,GACzB,GAAI4N,EACF,OAAOrd,KAAKC,MAAMod,EAEtB,CACA,OAAO5N,CACT,CAGO,SAASw3B,EAAKx3B,GAEH,IAAhB,IAAIm6B,EAAS,CAAC,EAAE,mBAFWC,EAAK,iCAALA,EAAK,kBAGhC,IAAK,IAAI1oB,KAAK1R,EACR/U,OAAOD,UAAUq0B,eAAeld,KAAKnC,EAAK0R,KAA2B,GAArB0oB,EAAM9pC,QAAQohB,KAChEyoB,EAAOzoB,GAAK1R,EAAI0R,IAGpB,OAAO7B,EAAMsqB,EACf,CAEO,SAAS95B,EAAKg6B,EAAYjK,GAE/B,IADA,IAAItrB,EAAIu1B,EAAW5vC,OACZqa,KAAK,CACV,IAAIsU,EAAOihB,EAAWv1B,GAClBw1B,GAAQ,EACZ,IAAK,IAAIL,KAAQ7J,EACf,GAAKnlC,OAAOD,UAAUq0B,eAAeld,KAAKiuB,EAAc6J,IAGpD7gB,EAAK6gB,KAAU7J,EAAa6J,GAAO,CACrCK,GAAQ,EACR,KACF,CAEF,GAAIA,EACF,OAAOlhB,CAEX,CACF,CAEO,SAASse,EAAQ13B,EAAKu6B,EAAUC,GACrC,GAAKx6B,GAAQA,EAAI0b,OAAjB,CAIA,IAAId,EAAO/K,EAAM7P,EAAI0b,OAAO6e,IAG5B,OAAI3f,GAAQA,EAAK9pB,MAAQ0pC,EACnB5f,EAAK9pB,OAAS0pC,EACT5f,OADT,EAIOA,CAVT,CAYF,qNChGO,SAASjD,EAAS3X,GACvB,MAA+C,oBAAxC/U,OAAOD,UAAU0L,SAASyL,KAAKnC,EACxC,CAEO,SAAS0W,EAAS1W,GACvB,MAA+C,oBAAxC/U,OAAOD,UAAU0L,SAASyL,KAAKnC,EACxC,CAEO,SAASy6B,EAASz6B,GACvB,MAA+C,oBAAxC/U,OAAOD,UAAU0L,SAASyL,KAAKnC,EACxC,CAEO,SAASmT,EAAWvb,GACzB,QAASA,GAA+B,sBAAzB,CAAC,EAAElB,SAASyL,KAAKvK,EAClC,CAEO,SAASohC,EAAUh5B,GACxB,OAAOA,GAAOA,EAAIoW,SAAmC,mBAAhBpW,EAAIoW,OAC3C,qKClBO,SAASmD,EAAcnM,GAC5B,MAAO,uBAAuBwG,KAAKxG,EACrC,CAEO,SAAS0jB,IAAiC,IAAnB1jB,EAAM,UAAH,6CAAG,GAAIuoB,EAAO,uCAC7C,OAAIpc,EAAcnM,GACTA,GAETuoB,EAAU/E,EAAoB+E,GACZ,MAAXvoB,EAAI,GAAa,GAAH,OAAMuoB,GAAO,OAAGvoB,GAAG,UAAQuoB,EAAO,YAAIvoB,GAC7D,CAEO,SAASstB,IAAiC,IAAnBttB,EAAM,UAAH,6CAAG,GAAIuoB,EAAO,uCAK7C,OAJIpc,EAAcnM,KAChBA,EAAMA,EAAIzW,UAAUg/B,EAAQlrC,SAGZ,MAAX2iB,EAAI,GAAaA,EAAM,IAAH,OAAOA,EACpC,CAEO,SAASqI,EAAczV,GAC5B,IAAI4N,EAAM,GACV,GAAY,OAAR5N,EACF,IAAK,IAAItU,KAAOsU,EACV/U,OAAOD,UAAUq0B,eAAeld,KAAKnC,EAAKtU,SAC7B2N,IAAb2G,EAAItU,IACS,OAAbsU,EAAItU,IACNkiB,EAAIjY,KAAKjK,EAAM,IAAMa,mBAAmByT,EAAItU,KAIlD,OAAIkiB,EAAInjB,OACC,IAAMmjB,EAAItgB,KAAK,KAEf,EAEX,CAEO,SAASsjC,EAAoB9iC,GAClC,GAAKA,EAAL,CAIA,IAAI6sC,EAAU7sC,EAAKtB,QAAQ,cAAc,IAIzC,OAFUmuC,EAAQnuC,QAAQ,OAAQ,GAJlC,CAOF,qKC5Da,oKAEPouC,EAAW,uBAFJ,IAEI,GAFJ,EAEI,EAFJ,+YAGZ,WAAYC,GAAQ,MAEO,OAFP,WACnB,cAAMA,GAAU,yBACX/pC,KAAO,cAAc,CAC3B,CAIC,OAJA,2BAED,WACC,OAAO,CACR,KAAC,EARe,CAFJ,OAUX,CARwBqH,QAWpBjD,EAAW,WAWhB,WAAY4lC,GAAU,qBACrBpwC,KAAKqwC,gBAAkB,GACvBrwC,KAAKswC,YAAa,EAClBtwC,KAAKuwC,aAAc,EACnBvwC,KAAKwwC,iBAAkB,EAEvBxwC,KAAKywC,SAAW,IAAIvlC,SAAQ,SAACT,EAAS6C,GACrC,EAAKojC,QAAUpjC,EAEf,IAYM3C,EAAW,SAAAS,GAChB,IAAK,EAAKklC,WACT,MAAM,IAAI7iC,MAAM,kEAGjB,EAAK4iC,gBAAgBplC,KAAKG,EAC3B,EAWA,OATA7K,OAAOowC,iBAAiBhmC,EAAU,CACjCC,aAAc,CACbrI,IAAK,kBAAM,EAAKiuC,eAAe,EAC/BnvC,IAAK,SAAAuvC,GACJ,EAAKJ,gBAAkBI,CACxB,KAIKR,GA7BW,SAAA9uC,GACZ,EAAKivC,aAAgB5lC,EAASC,eAClC,EAAK0lC,YAAa,EAClB7lC,EAAQnJ,GAEV,IAEiB,SAAAyI,GAChB,EAAKumC,YAAa,EAClBhjC,EAAOvD,EACR,GAmBqCY,EACtC,GACD,CA1CC,OA0CA,uBAED,SAAKkmC,EAAaC,GAEjB,OAAO9wC,KAAKywC,SAAStmC,KAAK0mC,EAAaC,EACxC,GAAC,mBAED,SAAMA,GACL,OAAO9wC,KAAKywC,SAAStlC,MAAM2lC,EAC5B,GAAC,qBAED,SAAQC,GACP,OAAO/wC,KAAKywC,SAAS/kB,QAAQqlB,EAC9B,GAAC,oBAED,SAAOZ,GACN,GAAKnwC,KAAKswC,aAActwC,KAAKuwC,YAA7B,CAMA,GAFAvwC,KAAKuwC,aAAc,EAEfvwC,KAAKqwC,gBAAgBtwC,OAAS,EACjC,IAAI,IACuC,EADvC,EAvFM,25BAuFN,CACmBC,KAAKqwC,iBAAe,IAA1C,IAAK,EAAL,sBACCjlC,EADiB,UAEjB,+BACF,CAAE,MAAOrB,GAER,YADA/J,KAAK0wC,QAAQ3mC,EAEd,CAGG/J,KAAKwwC,iBACRxwC,KAAK0wC,QAAQ,IAAIR,EAAYC,GAhB9B,CAkBD,GAAC,sBAED,WACC,OAAOnwC,KAAKuwC,WACb,IAAC,iBA1FD,SAAUS,GACT,OAAO,WAAmB,2BAAfC,EAAU,yBAAVA,EAAU,gBACpB,OAAO,IAAIzmC,GAAY,SAACC,EAAS6C,EAAQ3C,GACxCsmC,EAAWhmC,KAAKN,GAEhBqmC,EAAM,aAAIC,GAAY9mC,KAAKM,EAAS6C,EACrC,GACD,CACD,KAAC,EATe,GA8FjB/M,OAAO0mB,eAAezc,EAAYlK,UAAW4K,QAAQ5K,WAErDf,EAAOD,QAAUkL,EACjBjL,EAAOD,QAAQ4wC,YAAcA,sBC9G7B,IAAI7kB,EAAyB,oBAAT3rB,KAAuBA,KAAOM,KAC9CkxC,EAAW,WACf,SAASC,IACTnxC,KAAKsrB,OAAQ,EACbtrB,KAAKoxC,aAAe/lB,EAAO+lB,YAC3B,CAEA,OADAD,EAAE7wC,UAAY+qB,EACP,IAAI8lB,CACV,CAPc,IAQf,SAAUzxC,IAEO,SAAWJ,GAE1B,IAAI+xC,EAAU,CACZ3L,aAAc,oBAAqBhmC,EACnC4xC,SAAU,WAAY5xC,GAAQ,aAAc4O,OAC5CijC,KACE,eAAgB7xC,GAChB,SAAUA,GACV,WACE,IAEE,OADA,IAAI8xC,MACG,CACT,CAAE,MAAOzuC,GACP,OAAO,CACT,CACD,CAPD,GAQF0uC,SAAU,aAAc/xC,EACxBolB,YAAa,gBAAiBplB,GAOhC,GAAI2xC,EAAQvsB,YACV,IAAI4sB,EAAc,CAChB,qBACA,sBACA,6BACA,sBACA,uBACA,sBACA,uBACA,wBACA,yBAGEC,EACFC,YAAYC,QACZ,SAASv8B,GACP,OAAOA,GAAOo8B,EAAY9rC,QAAQrF,OAAOD,UAAU0L,SAASyL,KAAKnC,KAAS,CAC5E,EAGJ,SAASw8B,EAAc1rC,GAIrB,GAHoB,iBAATA,IACTA,EAAOie,OAAOje,IAEZ,4BAA4B8iB,KAAK9iB,GACnC,MAAM,IAAI0gB,UAAU,0CAEtB,OAAO1gB,EAAKqO,aACd,CAEA,SAASs9B,EAAezwC,GAItB,MAHqB,iBAAVA,IACTA,EAAQ+iB,OAAO/iB,IAEVA,CACT,CAGA,SAAS0wC,EAAYC,GACnB,IAAI5jC,EAAW,CACbE,KAAM,WACJ,IAAIjN,EAAQ2wC,EAAMztC,QAClB,MAAO,CAAC0tC,UAAgBvjC,IAAVrN,EAAqBA,MAAOA,EAC5C,GASF,OANI+vC,EAAQC,WACVjjC,EAASC,OAAOD,UAAY,WAC1B,OAAOA,CACT,GAGKA,CACT,CAEA,SAAS8jC,EAAQ3pB,GACfxoB,KAAK+N,IAAM,CAAC,EAERya,aAAmB2pB,EACrB3pB,EAAQ9iB,SAAQ,SAASpE,EAAO8E,GAC9BpG,KAAK2lC,OAAOv/B,EAAM9E,EACpB,GAAGtB,MACM+U,MAAM0Z,QAAQjG,GACvBA,EAAQ9iB,SAAQ,SAASuiB,GACvBjoB,KAAK2lC,OAAO1d,EAAO,GAAIA,EAAO,GAChC,GAAGjoB,MACMwoB,GACTjoB,OAAO6xC,oBAAoB5pB,GAAS9iB,SAAQ,SAASU,GACnDpG,KAAK2lC,OAAOv/B,EAAMoiB,EAAQpiB,GAC5B,GAAGpG,KAEP,CA8DA,SAASqyC,EAASpnB,GAChB,GAAIA,EAAKqnB,SACP,OAAOpnC,QAAQoC,OAAO,IAAIwZ,UAAU,iBAEtCmE,EAAKqnB,UAAW,CAClB,CAEA,SAASC,EAAgBC,GACvB,OAAO,IAAItnC,SAAQ,SAAST,EAAS6C,GACnCklC,EAAOC,OAAS,WACdhoC,EAAQ+nC,EAAOthC,OACjB,EACAshC,EAAOxhC,QAAU,WACf1D,EAAOklC,EAAOzoC,MAChB,CACF,GACF,CAEA,SAAS2oC,EAAsBnB,GAC7B,IAAIiB,EAAS,IAAIG,WACb3kB,EAAUukB,EAAgBC,GAE9B,OADAA,EAAOI,kBAAkBrB,GAClBvjB,CACT,CAmBA,SAAS6kB,EAAYC,GACnB,GAAIA,EAAInwC,MACN,OAAOmwC,EAAInwC,MAAM,GAEjB,IAAIowC,EAAO,IAAIlvB,WAAWivB,EAAIE,YAE9B,OADAD,EAAK1xC,IAAI,IAAIwiB,WAAWivB,IACjBC,EAAKnvB,MAEhB,CAEA,SAASqvB,IA0FP,OAzFAjzC,KAAKsyC,UAAW,EAEhBtyC,KAAKkzC,UAAY,SAASjoB,GAhM5B,IAAoB3V,EAiMhBtV,KAAKmzC,UAAYloB,EACZA,EAEsB,iBAATA,EAChBjrB,KAAKozC,UAAYnoB,EACRomB,EAAQE,MAAQC,KAAKlxC,UAAU+yC,cAAcpoB,GACtDjrB,KAAKszC,UAAYroB,EACRomB,EAAQI,UAAY8B,SAASjzC,UAAU+yC,cAAcpoB,GAC9DjrB,KAAKwzC,cAAgBvoB,EACZomB,EAAQ3L,cAAgB+N,gBAAgBnzC,UAAU+yC,cAAcpoB,GACzEjrB,KAAKozC,UAAYnoB,EAAKjf,WACbqlC,EAAQvsB,aAAeusB,EAAQE,OA5M1Bj8B,EA4M6C2V,IA3MjDyoB,SAASpzC,UAAU+yC,cAAc/9B,IA4M3CtV,KAAK2zC,iBAAmBd,EAAY5nB,EAAKrH,QAEzC5jB,KAAKmzC,UAAY,IAAI3B,KAAK,CAACxxC,KAAK2zC,oBACvBtC,EAAQvsB,cAAgB8sB,YAAYtxC,UAAU+yC,cAAcpoB,IAAS0mB,EAAkB1mB,IAChGjrB,KAAK2zC,iBAAmBd,EAAY5nB,GAEpCjrB,KAAKozC,UAAYnoB,EAAO1qB,OAAOD,UAAU0L,SAASyL,KAAKwT,GAhBvDjrB,KAAKozC,UAAY,GAmBdpzC,KAAKwoB,QAAQjmB,IAAI,kBACA,iBAAT0oB,EACTjrB,KAAKwoB,QAAQnnB,IAAI,eAAgB,4BACxBrB,KAAKszC,WAAatzC,KAAKszC,UAAU5lC,KAC1C1N,KAAKwoB,QAAQnnB,IAAI,eAAgBrB,KAAKszC,UAAU5lC,MACvC2jC,EAAQ3L,cAAgB+N,gBAAgBnzC,UAAU+yC,cAAcpoB,IACzEjrB,KAAKwoB,QAAQnnB,IAAI,eAAgB,mDAGvC,EAEIgwC,EAAQE,OACVvxC,KAAKuxC,KAAO,WACV,IAAIqC,EAAWvB,EAASryC,MACxB,GAAI4zC,EACF,OAAOA,EAGT,GAAI5zC,KAAKszC,UACP,OAAOpoC,QAAQT,QAAQzK,KAAKszC,WACvB,GAAItzC,KAAK2zC,iBACd,OAAOzoC,QAAQT,QAAQ,IAAI+mC,KAAK,CAACxxC,KAAK2zC,oBACjC,GAAI3zC,KAAKwzC,cACd,MAAM,IAAI/lC,MAAM,wCAEhB,OAAOvC,QAAQT,QAAQ,IAAI+mC,KAAK,CAACxxC,KAAKozC,YAE1C,EAEApzC,KAAK8kB,YAAc,WACjB,OAAI9kB,KAAK2zC,iBACAtB,EAASryC,OAASkL,QAAQT,QAAQzK,KAAK2zC,kBAEvC3zC,KAAKuxC,OAAOpnC,KAAKuoC,EAE5B,GAGF1yC,KAAK8rB,KAAO,WACV,IA3FoBylB,EAClBiB,EACAxkB,EAyFE4lB,EAAWvB,EAASryC,MACxB,GAAI4zC,EACF,OAAOA,EAGT,GAAI5zC,KAAKszC,UACP,OAjGkB/B,EAiGIvxC,KAAKszC,UA/F3BtlB,EAAUukB,EADVC,EAAS,IAAIG,YAEjBH,EAAOqB,WAAWtC,GACXvjB,EA8FE,GAAIhuB,KAAK2zC,iBACd,OAAOzoC,QAAQT,QA5FrB,SAA+BqoC,GAI7B,IAHA,IAAIC,EAAO,IAAIlvB,WAAWivB,GACtBgB,EAAQ,IAAI/+B,MAAMg+B,EAAKhzC,QAElBc,EAAI,EAAGA,EAAIkyC,EAAKhzC,OAAQc,IAC/BizC,EAAMjzC,GAAKwjB,OAAOC,aAAayuB,EAAKlyC,IAEtC,OAAOizC,EAAMlxC,KAAK,GACpB,CAoF6BmxC,CAAsB/zC,KAAK2zC,mBAC7C,GAAI3zC,KAAKwzC,cACd,MAAM,IAAI/lC,MAAM,wCAEhB,OAAOvC,QAAQT,QAAQzK,KAAKozC,UAEhC,EAEI/B,EAAQI,WACVzxC,KAAKyxC,SAAW,WACd,OAAOzxC,KAAK8rB,OAAO3hB,KAAKw1B,EAC1B,GAGF3/B,KAAK6rB,KAAO,WACV,OAAO7rB,KAAK8rB,OAAO3hB,KAAKtE,KAAKC,MAC/B,EAEO9F,IACT,CA3MAmyC,EAAQ7xC,UAAUqlC,OAAS,SAASv/B,EAAM9E,GACxC8E,EAAO0rC,EAAc1rC,GACrB9E,EAAQywC,EAAezwC,GACvB,IAAI0yC,EAAWh0C,KAAK+N,IAAI3H,GACxBpG,KAAK+N,IAAI3H,GAAQ4tC,EAAWA,EAAW,KAAO1yC,EAAQA,CACxD,EAEA6wC,EAAQ7xC,UAAkB,OAAI,SAAS8F,UAC9BpG,KAAK+N,IAAI+jC,EAAc1rC,GAChC,EAEA+rC,EAAQ7xC,UAAUiC,IAAM,SAAS6D,GAE/B,OADAA,EAAO0rC,EAAc1rC,GACdpG,KAAKgO,IAAI5H,GAAQpG,KAAK+N,IAAI3H,GAAQ,IAC3C,EAEA+rC,EAAQ7xC,UAAU0N,IAAM,SAAS5H,GAC/B,OAAOpG,KAAK+N,IAAI4mB,eAAemd,EAAc1rC,GAC/C,EAEA+rC,EAAQ7xC,UAAUe,IAAM,SAAS+E,EAAM9E,GACrCtB,KAAK+N,IAAI+jC,EAAc1rC,IAAS2rC,EAAezwC,EACjD,EAEA6wC,EAAQ7xC,UAAUoF,QAAU,SAASuuC,EAAUC,GAC7C,IAAK,IAAI9tC,KAAQpG,KAAK+N,IAChB/N,KAAK+N,IAAI4mB,eAAevuB,IAC1B6tC,EAASx8B,KAAKy8B,EAASl0C,KAAK+N,IAAI3H,GAAOA,EAAMpG,KAGnD,EAEAmyC,EAAQ7xC,UAAUmF,KAAO,WACvB,IAAIwsC,EAAQ,GAIZ,OAHAjyC,KAAK0F,SAAQ,SAASpE,EAAO8E,GAC3B6rC,EAAMhnC,KAAK7E,EACb,IACO4rC,EAAYC,EACrB,EAEAE,EAAQ7xC,UAAU+f,OAAS,WACzB,IAAI4xB,EAAQ,GAIZ,OAHAjyC,KAAK0F,SAAQ,SAASpE,GACpB2wC,EAAMhnC,KAAK3J,EACb,IACO0wC,EAAYC,EACrB,EAEAE,EAAQ7xC,UAAUogB,QAAU,WAC1B,IAAIuxB,EAAQ,GAIZ,OAHAjyC,KAAK0F,SAAQ,SAASpE,EAAO8E,GAC3B6rC,EAAMhnC,KAAK,CAAC7E,EAAM9E,GACpB,IACO0wC,EAAYC,EACrB,EAEIZ,EAAQC,WACVa,EAAQ7xC,UAAUgO,OAAOD,UAAY8jC,EAAQ7xC,UAAUogB,SAqJzD,IAAIxR,EAAU,CAAC,SAAU,MAAO,OAAQ,UAAW,OAAQ,OAO3D,SAASilC,EAAQC,EAAOt0C,GAEtB,IAPuByV,EACnB8+B,EAMAppB,GADJnrB,EAAUA,GAAW,CAAC,GACHmrB,KAEnB,GAAImpB,aAAiBD,EAAS,CAC5B,GAAIC,EAAM9B,SACR,MAAM,IAAIxrB,UAAU,gBAEtB9mB,KAAK0iB,IAAM0xB,EAAM1xB,IACjB1iB,KAAKwrB,YAAc4oB,EAAM5oB,YACpB1rB,EAAQ0oB,UACXxoB,KAAKwoB,QAAU,IAAI2pB,EAAQiC,EAAM5rB,UAEnCxoB,KAAKuV,OAAS6+B,EAAM7+B,OACpBvV,KAAKs0C,KAAOF,EAAME,KAClBt0C,KAAKwa,OAAS45B,EAAM55B,OACfyQ,GAA2B,MAAnBmpB,EAAMjB,YACjBloB,EAAOmpB,EAAMjB,UACbiB,EAAM9B,UAAW,EAErB,MACEtyC,KAAK0iB,IAAM2B,OAAO+vB,GAYpB,GATAp0C,KAAKwrB,YAAc1rB,EAAQ0rB,aAAexrB,KAAKwrB,aAAe,eAC1D1rB,EAAQ0oB,SAAYxoB,KAAKwoB,UAC3BxoB,KAAKwoB,QAAU,IAAI2pB,EAAQryC,EAAQ0oB,UAErCxoB,KAAKuV,QAhCD8+B,GADmB9+B,EAiCOzV,EAAQyV,QAAUvV,KAAKuV,QAAU,OAhC1Cg/B,cACdrlC,EAAQtJ,QAAQyuC,IAAY,EAAIA,EAAU9+B,GAgCjDvV,KAAKs0C,KAAOx0C,EAAQw0C,MAAQt0C,KAAKs0C,MAAQ,KACzCt0C,KAAKwa,OAAS1a,EAAQ0a,QAAUxa,KAAKwa,OACrCxa,KAAKw0C,SAAW,MAEK,QAAhBx0C,KAAKuV,QAAoC,SAAhBvV,KAAKuV,SAAsB0V,EACvD,MAAM,IAAInE,UAAU,6CAEtB9mB,KAAKkzC,UAAUjoB,EACjB,CAMA,SAAS0U,EAAO1U,GACd,IAAIwpB,EAAO,IAAIlB,SAYf,OAXAtoB,EACGypB,OACAvyC,MAAM,KACNuD,SAAQ,SAASivC,GAChB,GAAIA,EAAO,CACT,IAAIxyC,EAAQwyC,EAAMxyC,MAAM,KACpBiE,EAAOjE,EAAMqC,QAAQ1C,QAAQ,MAAO,KACpCR,EAAQa,EAAMS,KAAK,KAAKd,QAAQ,MAAO,KAC3C2yC,EAAK9O,OAAO5jC,mBAAmBqE,GAAOrE,mBAAmBT,GAC3D,CACF,IACKmzC,CACT,CAoBA,SAASG,EAASC,EAAU/0C,GACrBA,IACHA,EAAU,CAAC,GAGbE,KAAK0N,KAAO,UACZ1N,KAAKoJ,YAA4BuF,IAAnB7O,EAAQsJ,OAAuB,IAAMtJ,EAAQsJ,OAC3DpJ,KAAK4rB,GAAK5rB,KAAKoJ,QAAU,KAAOpJ,KAAKoJ,OAAS,IAC9CpJ,KAAK80C,WAAa,eAAgBh1C,EAAUA,EAAQg1C,WAAa,KACjE90C,KAAKwoB,QAAU,IAAI2pB,EAAQryC,EAAQ0oB,SACnCxoB,KAAK0iB,IAAM5iB,EAAQ4iB,KAAO,GAC1B1iB,KAAKkzC,UAAU2B,EACjB,CAlDAV,EAAQ7zC,UAAU6kB,MAAQ,WACxB,OAAO,IAAIgvB,EAAQn0C,KAAM,CAACirB,KAAMjrB,KAAKmzC,WACvC,EAkCAF,EAAKx7B,KAAK08B,EAAQ7zC,WAgBlB2yC,EAAKx7B,KAAKm9B,EAASt0C,WAEnBs0C,EAASt0C,UAAU6kB,MAAQ,WACzB,OAAO,IAAIyvB,EAAS50C,KAAKmzC,UAAW,CAClC/pC,OAAQpJ,KAAKoJ,OACb0rC,WAAY90C,KAAK80C,WACjBtsB,QAAS,IAAI2pB,EAAQnyC,KAAKwoB,SAC1B9F,IAAK1iB,KAAK0iB,KAEd,EAEAkyB,EAAS7qC,MAAQ,WACf,IAAI4hB,EAAW,IAAIipB,EAAS,KAAM,CAACxrC,OAAQ,EAAG0rC,WAAY,KAE1D,OADAnpB,EAASje,KAAO,QACTie,CACT,EAEA,IAAIopB,EAAmB,CAAC,IAAK,IAAK,IAAK,IAAK,KAE5CH,EAASI,SAAW,SAAStyB,EAAKtZ,GAChC,IAA0C,IAAtC2rC,EAAiBnvC,QAAQwD,GAC3B,MAAM,IAAI6rC,WAAW,uBAGvB,OAAO,IAAIL,EAAS,KAAM,CAACxrC,OAAQA,EAAQof,QAAS,CAAC/F,SAAUC,IACjE,EAEApjB,EAAQ8xC,aAAe1xC,EAAK0xC,aAC5B,IACE,IAAI9xC,EAAQ8xC,YACd,CAAE,MAAO/jC,GACP/N,EAAQ8xC,aAAe,SAASn7B,EAAS7P,GACvCpG,KAAKiW,QAAUA,EACfjW,KAAKoG,KAAOA,EACZ,IAAI2D,EAAQ0D,MAAMwI,GAClBjW,KAAKk1C,MAAQnrC,EAAMmrC,KACrB,EACA51C,EAAQ8xC,aAAa9wC,UAAYC,OAAO+B,OAAOmL,MAAMnN,WACrDhB,EAAQ8xC,aAAa9wC,UAAU6mB,YAAc7nB,EAAQ8xC,YACvD,CAEA,SAAS9lB,EAAM8oB,EAAOlzC,GACpB,OAAO,IAAIgK,SAAQ,SAAST,EAAS6C,GACnC,IAAIiN,EAAU,IAAI45B,EAAQC,EAAOlzC,GAEjC,GAAIqZ,EAAQC,QAAUD,EAAQC,OAAO26B,QACnC,OAAO7nC,EAAO,IAAIhO,EAAQ8xC,aAAa,UAAW,eAGpD,IAAIxrB,EAAM,IAAIwvB,eAEd,SAASC,IACPzvB,EAAI/K,OACN,CAEA+K,EAAI6sB,OAAS,WACX,IAxFgB6C,EAChB9sB,EAuFI1oB,EAAU,CACZsJ,OAAQwc,EAAIxc,OACZ0rC,WAAYlvB,EAAIkvB,WAChBtsB,SA3Fc8sB,EA2FQ1vB,EAAI2vB,yBAA2B,GA1FvD/sB,EAAU,IAAI2pB,EAGQmD,EAAWxzC,QAAQ,eAAgB,KACzCK,MAAM,SAASuD,SAAQ,SAAS8vC,GAClD,IAAI9yC,EAAQ8yC,EAAKrzC,MAAM,KACnBnB,EAAM0B,EAAM8B,QAAQkwC,OACxB,GAAI1zC,EAAK,CACP,IAAIM,EAAQoB,EAAME,KAAK,KAAK8xC,OAC5BlsB,EAAQmd,OAAO3kC,EAAKM,EACtB,CACF,IACOknB,IAgFH1oB,EAAQ4iB,IAAM,gBAAiBkD,EAAMA,EAAI6vB,YAAc31C,EAAQ0oB,QAAQjmB,IAAI,iBAC3E,IAAI0oB,EAAO,aAAcrF,EAAMA,EAAI+F,SAAW/F,EAAIsG,aAClDzhB,EAAQ,IAAImqC,EAAS3pB,EAAMnrB,GAC7B,EAEA8lB,EAAI5U,QAAU,WACZ1D,EAAO,IAAIwZ,UAAU,0BACvB,EAEAlB,EAAI8vB,UAAY,WACdpoC,EAAO,IAAIwZ,UAAU,0BACvB,EAEAlB,EAAI+vB,QAAU,WACZroC,EAAO,IAAIhO,EAAQ8xC,aAAa,UAAW,cAC7C,EAEAxrB,EAAIpT,KAAK+H,EAAQhF,OAAQgF,EAAQmI,KAAK,GAEV,YAAxBnI,EAAQiR,YACV5F,EAAI6F,iBAAkB,EACW,SAAxBlR,EAAQiR,cACjB5F,EAAI6F,iBAAkB,GAGpB,iBAAkB7F,GAAOyrB,EAAQE,OACnC3rB,EAAIuG,aAAe,QAGrB5R,EAAQiO,QAAQ9iB,SAAQ,SAASpE,EAAO8E,GACtCwf,EAAI2E,iBAAiBnkB,EAAM9E,EAC7B,IAEIiZ,EAAQC,SACVD,EAAQC,OAAOxG,iBAAiB,QAASqhC,GAEzCzvB,EAAIgwB,mBAAqB,WAEA,IAAnBhwB,EAAIiwB,YACNt7B,EAAQC,OAAOtG,oBAAoB,QAASmhC,EAEhD,GAGFzvB,EAAIkwB,UAAkC,IAAtBv7B,EAAQ44B,UAA4B,KAAO54B,EAAQ44B,UACrE,GACF,CAEA7nB,EAAMyqB,UAAW,EAEZr2C,EAAK4rB,QACR5rB,EAAK4rB,MAAQA,EACb5rB,EAAKyyC,QAAUA,EACfzyC,EAAKy0C,QAAUA,EACfz0C,EAAKk1C,SAAWA,GAGlBt1C,EAAQ6yC,QAAUA,EAClB7yC,EAAQ60C,QAAUA,EAClB70C,EAAQs1C,SAAWA,EACnBt1C,EAAQgsB,MAAQA,EAEhB/qB,OAAOy1C,eAAe12C,EAAS,aAAc,CAAEgC,OAAO,GAIvD,CAhhBgB,CAghBd,CAAC,EACH,CAnhBD,CAmhBG4vC,GACHA,EAAS5lB,MAAM2qB,UAAW,SAEnB/E,EAAS5lB,MAAMyqB,SAGtB,IAAI5G,EAAM+B,GACV5xC,EAAU6vC,EAAI7jB,OACd,QAAkB6jB,EAAI7jB,MACtBhsB,EAAQgsB,MAAQ6jB,EAAI7jB,MACpBhsB,EAAQ6yC,QAAUhD,EAAIgD,QACtB7yC,EAAQ60C,QAAUhF,EAAIgF,QACtB70C,EAAQs1C,SAAWzF,EAAIyF,SACvBr1C,EAAOD,QAAUA,oBCziBjB,SAAS42C,IAGT,CAEAA,EAAE51C,UAAY,CACZqI,GAAI,SAAUvC,EAAM6tC,EAAU9E,GAC5B,IAAIpsC,EAAI/C,KAAK+C,IAAM/C,KAAK+C,EAAI,CAAC,GAO7B,OALCA,EAAEqD,KAAUrD,EAAEqD,GAAQ,KAAK6E,KAAK,CAC/BiC,GAAI+mC,EACJ9E,IAAKA,IAGAnvC,IACT,EAEAm2C,KAAM,SAAU/vC,EAAM6tC,EAAU9E,GAC9B,IAAIzvC,EAAOM,KACX,SAAS8T,IACPpU,EAAK2L,IAAIjF,EAAM0N,GACfmgC,EAAShvB,MAAMkqB,EAAKruC,UACtB,CAGA,OADAgT,EAASpJ,EAAIupC,EACNj0C,KAAK2I,GAAGvC,EAAM0N,EAAUq7B,EACjC,EAEAnlC,KAAM,SAAU5D,GAMd,IALA,IAAIZ,EAAO,GAAG7C,MAAM8U,KAAK3W,UAAW,GAChCs1C,IAAWp2C,KAAK+C,IAAM/C,KAAK+C,EAAI,CAAC,IAAIqD,IAAS,IAAIzD,QACjD9B,EAAI,EACJw1C,EAAMD,EAAOr2C,OAETc,EAAIw1C,EAAKx1C,IACfu1C,EAAOv1C,GAAGqM,GAAG+X,MAAMmxB,EAAOv1C,GAAGsuC,IAAK3pC,GAGpC,OAAOxF,IACT,EAEAqL,IAAK,SAAUjF,EAAM6tC,GACnB,IAAIlxC,EAAI/C,KAAK+C,IAAM/C,KAAK+C,EAAI,CAAC,GACzBuzC,EAAOvzC,EAAEqD,GACTmwC,EAAa,GAEjB,GAAID,GAAQrC,EACV,IAAK,IAAIpzC,EAAI,EAAGw1C,EAAMC,EAAKv2C,OAAQc,EAAIw1C,EAAKx1C,IACtCy1C,EAAKz1C,GAAGqM,KAAO+mC,GAAYqC,EAAKz1C,GAAGqM,GAAGxC,IAAMupC,GAC9CsC,EAAWtrC,KAAKqrC,EAAKz1C,IAY3B,OAJC01C,EAAiB,OACdxzC,EAAEqD,GAAQmwC,SACHxzC,EAAEqD,GAENpG,IACT,GAGFT,EAAOD,QAAU42C,oBC7DjB32C,EAAOD,QAJP,SAAgCyD,GAC9B,QAAI,IAAWA,EAAG,MAAM,IAAIyzC,eAAe,6DAC3C,OAAOzzC,CACT,EACyCxD,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BCD9GC,EAAOD,QAHP,SAAyBilB,EAAGsC,GAC1B,KAAMtC,aAAasC,GAAI,MAAM,IAAIC,UAAU,oCAC7C,EACkCvnB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCHvG,IAAIo3C,EAA2B,EAAQ,MACnCzvB,EAAiB,EAAQ,MAQ7B1nB,EAAOD,QAPP,SAAoBgnB,EAAGvjB,EAAG4jB,GACxB,GAAI+vB,IAA4B,OAAOlwB,QAAQC,UAAUxB,MAAM,KAAMnkB,WACrE,IAAIoW,EAAI,CAAC,MACTA,EAAEjM,KAAKga,MAAM/N,EAAGnU,GAChB,IAAIikB,EAAI,IAAKV,EAAEtO,KAAKiN,MAAMqB,EAAGpP,IAC7B,OAAOyP,GAAKM,EAAeD,EAAGL,EAAErmB,WAAY0mB,CAC9C,EAC6BznB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCTlG,IAAIq3C,EAAgB,EAAQ,MAC5B,SAASC,EAAkB7zC,EAAG4jB,GAC5B,IAAK,IAAIL,EAAI,EAAGA,EAAIK,EAAE5mB,OAAQumB,IAAK,CACjC,IAAIpP,EAAIyP,EAAEL,GACVpP,EAAEkQ,WAAalQ,EAAEkQ,aAAc,EAAIlQ,EAAEoQ,cAAe,EAAI,UAAWpQ,IAAMA,EAAEmQ,UAAW,GAAK9mB,OAAOy1C,eAAejzC,EAAG4zC,EAAcz/B,EAAElW,KAAMkW,EAC5I,CACF,CAMA3X,EAAOD,QALP,SAAsByD,EAAG4jB,EAAGL,GAC1B,OAAOK,GAAKiwB,EAAkB7zC,EAAEzC,UAAWqmB,GAAIL,GAAKswB,EAAkB7zC,EAAGujB,GAAI/lB,OAAOy1C,eAAejzC,EAAG,YAAa,CACjHskB,UAAU,IACRtkB,CACN,EAC+BxD,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BCZpG,SAASu3C,EAAgBvwB,GACvB,OAAO/mB,EAAOD,QAAUu3C,EAAkBt2C,OAAO0mB,eAAiB1mB,OAAO2mB,eAAelP,OAAS,SAAUsO,GACzG,OAAOA,EAAEwwB,WAAav2C,OAAO2mB,eAAeZ,EAC9C,EAAG/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,QAASu3C,EAAgBvwB,EACnG,CACA/mB,EAAOD,QAAUu3C,EAAiBt3C,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCLvG,IAAI2nB,EAAiB,EAAQ,MAa7B1nB,EAAOD,QAZP,SAAmBgnB,EAAGvjB,GACpB,GAAI,mBAAqBA,GAAK,OAASA,EAAG,MAAM,IAAI+jB,UAAU,sDAC9DR,EAAEhmB,UAAYC,OAAO+B,OAAOS,GAAKA,EAAEzC,UAAW,CAC5C6mB,YAAa,CACX7lB,MAAOglB,EACPe,UAAU,EACVC,cAAc,KAEd/mB,OAAOy1C,eAAe1vB,EAAG,YAAa,CACxCe,UAAU,IACRtkB,GAAKkkB,EAAeX,EAAGvjB,EAC7B,EAC4BxD,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BCNjGC,EAAOD,QAPP,SAA2BgnB,GACzB,IACE,OAAQ,IAAMM,SAAS5a,SAASyL,KAAK6O,GAAG1gB,QAAQ,gBAClD,CAAE,MAAOihB,GACP,MAAO,mBAAqBP,CAC9B,CACF,EACoC/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BCPzG,SAAS+mB,IACP,IACE,IAAIC,GAAK5Q,QAAQpV,UAAUimB,QAAQ9O,KAAK+O,QAAQC,UAAU/Q,QAAS,IAAI,WAAa,IACtF,CAAE,MAAO4Q,GAAI,CACb,OAAQ/mB,EAAOD,QAAU+mB,EAA4B,WACnD,QAASC,CACX,EAAG/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,UAC1E,CACAC,EAAOD,QAAU+mB,EAA2B9mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCRjH,IAAIy3C,EAAU,gBACVC,EAAwB,EAAQ,MAMpCz3C,EAAOD,QALP,SAAoCgnB,EAAGvjB,GACrC,GAAIA,IAAM,UAAYg0C,EAAQh0C,IAAM,mBAAqBA,GAAI,OAAOA,EACpE,QAAI,IAAWA,EAAG,MAAM,IAAI+jB,UAAU,4DACtC,OAAOkwB,EAAsB1wB,EAC/B,EAC6C/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCPlH,IAAIy3C,EAAU,gBACd,SAASE,IACP,aACA13C,EAAOD,QAAU23C,EAAsB,WACrC,OAAOl0C,CACT,EAAGxD,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,QACxE,IAAIgnB,EACFvjB,EAAI,CAAC,EACL4jB,EAAIpmB,OAAOD,UACXumB,EAAIF,EAAEgO,eACNzd,EAAI3W,OAAOy1C,gBAAkB,SAAU1vB,EAAGvjB,EAAG4jB,GAC3CL,EAAEvjB,GAAK4jB,EAAErlB,KACX,EACAT,EAAI,mBAAqByN,OAASA,OAAS,CAAC,EAC5CiW,EAAI1jB,EAAEwN,UAAY,aAClB+L,EAAIvZ,EAAEq2C,eAAiB,kBACvBC,EAAIt2C,EAAEu2C,aAAe,gBACvB,SAAS53C,EAAO8mB,EAAGvjB,EAAG4jB,GACpB,OAAOpmB,OAAOy1C,eAAe1vB,EAAGvjB,EAAG,CACjCzB,MAAOqlB,EACPS,YAAY,EACZE,cAAc,EACdD,UAAU,IACRf,EAAEvjB,EACR,CACA,IACEvD,EAAO,CAAC,EAAG,GACb,CAAE,MAAO8mB,GACP9mB,EAAS,SAAgB8mB,EAAGvjB,EAAG4jB,GAC7B,OAAOL,EAAEvjB,GAAK4jB,CAChB,CACF,CACA,SAAS0wB,EAAK/wB,EAAGvjB,EAAG4jB,EAAGE,GACrB,IAAIhmB,EAAIkC,GAAKA,EAAEzC,qBAAqBg3C,EAAYv0C,EAAIu0C,EAClD/yB,EAAIhkB,OAAO+B,OAAOzB,EAAEP,WACpB8Z,EAAI,IAAIm9B,EAAQ1wB,GAAK,IACvB,OAAO3P,EAAEqN,EAAG,UAAW,CACrBjjB,MAAOk2C,EAAiBlxB,EAAGK,EAAGvM,KAC5BmK,CACN,CACA,SAASkzB,EAASnxB,EAAGvjB,EAAG4jB,GACtB,IACE,MAAO,CACLjZ,KAAM,SACNgqC,IAAKpxB,EAAE7O,KAAK1U,EAAG4jB,GAEnB,CAAE,MAAOL,GACP,MAAO,CACL5Y,KAAM,QACNgqC,IAAKpxB,EAET,CACF,CACAvjB,EAAEs0C,KAAOA,EACT,IAAIM,EAAI,iBACNC,EAAI,iBACJC,EAAI,YACJvhC,EAAI,YACJ2jB,EAAI,CAAC,EACP,SAASqd,IAAa,CACtB,SAASQ,IAAqB,CAC9B,SAASC,IAA8B,CACvC,IAAI/wB,EAAI,CAAC,EACTxnB,EAAOwnB,EAAGzC,GAAG,WACX,OAAOvkB,IACT,IACA,IAAIg4C,EAAIz3C,OAAO2mB,eACboR,EAAI0f,GAAKA,EAAEA,EAAE33B,EAAO,MACtBiY,GAAKA,IAAM3R,GAAKE,EAAEpP,KAAK6gB,EAAG/T,KAAOyC,EAAIsR,GACrC,IAAI2f,EAAIF,EAA2Bz3C,UAAYg3C,EAAUh3C,UAAYC,OAAO+B,OAAO0kB,GACnF,SAASkxB,EAAsB5xB,GAC7B,CAAC,OAAQ,QAAS,UAAU5gB,SAAQ,SAAU3C,GAC5CvD,EAAO8mB,EAAGvjB,GAAG,SAAUujB,GACrB,OAAOtmB,KAAKm4C,QAAQp1C,EAAGujB,EACzB,GACF,GACF,CACA,SAAS8xB,EAAc9xB,EAAGvjB,GACxB,SAASs1C,EAAO1xB,EAAGzP,EAAGrW,EAAG0jB,GACvB,IAAInK,EAAIq9B,EAASnxB,EAAEK,GAAIL,EAAGpP,GAC1B,GAAI,UAAYkD,EAAE1M,KAAM,CACtB,IAAIypC,EAAI/8B,EAAEs9B,IACRC,EAAIR,EAAE71C,MACR,OAAOq2C,GAAK,UAAYZ,EAAQY,IAAM9wB,EAAEpP,KAAKkgC,EAAG,WAAa50C,EAAE0H,QAAQktC,EAAEW,SAASnuC,MAAK,SAAUmc,GAC/F+xB,EAAO,OAAQ/xB,EAAGzlB,EAAG0jB,EACvB,IAAG,SAAU+B,GACX+xB,EAAO,QAAS/xB,EAAGzlB,EAAG0jB,EACxB,IAAKxhB,EAAE0H,QAAQktC,GAAGxtC,MAAK,SAAUmc,GAC/B6wB,EAAE71C,MAAQglB,EAAGzlB,EAAEs2C,EACjB,IAAG,SAAU7wB,GACX,OAAO+xB,EAAO,QAAS/xB,EAAGzlB,EAAG0jB,EAC/B,GACF,CACAA,EAAEnK,EAAEs9B,IACN,CACA,IAAI/wB,EACJzP,EAAElX,KAAM,UAAW,CACjBsB,MAAO,SAAeglB,EAAGO,GACvB,SAAS0xB,IACP,OAAO,IAAIx1C,GAAE,SAAUA,EAAG4jB,GACxB0xB,EAAO/xB,EAAGO,EAAG9jB,EAAG4jB,EAClB,GACF,CACA,OAAOA,EAAIA,EAAIA,EAAExc,KAAKouC,EAA4BA,GAA8BA,GAClF,GAEJ,CACA,SAASf,EAAiBz0C,EAAG4jB,EAAGE,GAC9B,IAAI3P,EAAIygC,EACR,OAAO,SAAU92C,EAAG0jB,GAClB,GAAIrN,IAAM2gC,EAAG,MAAMpqC,MAAM,gCACzB,GAAIyJ,IAAMZ,EAAG,CACX,GAAI,UAAYzV,EAAG,MAAM0jB,EACzB,MAAO,CACLjjB,MAAOglB,EACP4rB,MAAM,EAEV,CACA,IAAKrrB,EAAEtR,OAAS1U,EAAGgmB,EAAE6wB,IAAMnzB,IAAK,CAC9B,IAAInK,EAAIyM,EAAE2xB,SACV,GAAIp+B,EAAG,CACL,IAAI+8B,EAAIsB,EAAoBr+B,EAAGyM,GAC/B,GAAIswB,EAAG,CACL,GAAIA,IAAMld,EAAG,SACb,OAAOkd,CACT,CACF,CACA,GAAI,SAAWtwB,EAAEtR,OAAQsR,EAAE6xB,KAAO7xB,EAAE8xB,MAAQ9xB,EAAE6wB,SAAS,GAAI,UAAY7wB,EAAEtR,OAAQ,CAC/E,GAAI2B,IAAMygC,EAAG,MAAMzgC,EAAIZ,EAAGuQ,EAAE6wB,IAC5B7wB,EAAE+xB,kBAAkB/xB,EAAE6wB,IACxB,KAAO,WAAa7wB,EAAEtR,QAAUsR,EAAEgyB,OAAO,SAAUhyB,EAAE6wB,KACrDxgC,EAAI2gC,EACJ,IAAI7wB,EAAIywB,EAAS10C,EAAG4jB,EAAGE,GACvB,GAAI,WAAaG,EAAEtZ,KAAM,CACvB,GAAIwJ,EAAI2P,EAAEqrB,KAAO57B,EAAIshC,EAAG5wB,EAAE0wB,MAAQzd,EAAG,SACrC,MAAO,CACL34B,MAAO0lB,EAAE0wB,IACTxF,KAAMrrB,EAAEqrB,KAEZ,CACA,UAAYlrB,EAAEtZ,OAASwJ,EAAIZ,EAAGuQ,EAAEtR,OAAS,QAASsR,EAAE6wB,IAAM1wB,EAAE0wB,IAC9D,CACF,CACF,CACA,SAASe,EAAoB11C,EAAG4jB,GAC9B,IAAIE,EAAIF,EAAEpR,OACR2B,EAAInU,EAAEsL,SAASwY,GACjB,GAAI3P,IAAMoP,EAAG,OAAOK,EAAE6xB,SAAW,KAAM,UAAY3xB,GAAK9jB,EAAEsL,SAAiB,SAAMsY,EAAEpR,OAAS,SAAUoR,EAAE+wB,IAAMpxB,EAAGmyB,EAAoB11C,EAAG4jB,GAAI,UAAYA,EAAEpR,SAAW,WAAasR,IAAMF,EAAEpR,OAAS,QAASoR,EAAE+wB,IAAM,IAAI5wB,UAAU,oCAAsCD,EAAI,aAAcoT,EAC1R,IAAIp5B,EAAI42C,EAASvgC,EAAGnU,EAAEsL,SAAUsY,EAAE+wB,KAClC,GAAI,UAAY72C,EAAE6M,KAAM,OAAOiZ,EAAEpR,OAAS,QAASoR,EAAE+wB,IAAM72C,EAAE62C,IAAK/wB,EAAE6xB,SAAW,KAAMve,EACrF,IAAI1V,EAAI1jB,EAAE62C,IACV,OAAOnzB,EAAIA,EAAE2tB,MAAQvrB,EAAE5jB,EAAE+1C,YAAcv0B,EAAEjjB,MAAOqlB,EAAEpY,KAAOxL,EAAEg2C,QAAS,WAAapyB,EAAEpR,SAAWoR,EAAEpR,OAAS,OAAQoR,EAAE+wB,IAAMpxB,GAAIK,EAAE6xB,SAAW,KAAMve,GAAK1V,GAAKoC,EAAEpR,OAAS,QAASoR,EAAE+wB,IAAM,IAAI5wB,UAAU,oCAAqCH,EAAE6xB,SAAW,KAAMve,EAC9P,CACA,SAAS+e,EAAa1yB,GACpB,IAAIvjB,EAAI,CACNk2C,OAAQ3yB,EAAE,IAEZ,KAAKA,IAAMvjB,EAAEm2C,SAAW5yB,EAAE,IAAK,KAAKA,IAAMvjB,EAAEo2C,WAAa7yB,EAAE,GAAIvjB,EAAEq2C,SAAW9yB,EAAE,IAAKtmB,KAAKq5C,WAAWpuC,KAAKlI,EAC1G,CACA,SAASu2C,EAAchzB,GACrB,IAAIvjB,EAAIujB,EAAEizB,YAAc,CAAC,EACzBx2C,EAAE2K,KAAO,gBAAiB3K,EAAE20C,IAAKpxB,EAAEizB,WAAax2C,CAClD,CACA,SAASw0C,EAAQjxB,GACftmB,KAAKq5C,WAAa,CAAC,CACjBJ,OAAQ,SACN3yB,EAAE5gB,QAAQszC,EAAch5C,MAAOA,KAAKw5C,OAAM,EAChD,CACA,SAASn5B,EAAOtd,GACd,GAAIA,GAAK,KAAOA,EAAG,CACjB,IAAI4jB,EAAI5jB,EAAEwhB,GACV,GAAIoC,EAAG,OAAOA,EAAElP,KAAK1U,GACrB,GAAI,mBAAqBA,EAAEwL,KAAM,OAAOxL,EACxC,IAAK02C,MAAM12C,EAAEhD,QAAS,CACpB,IAAImX,GAAK,EACPrW,EAAI,SAAS0N,IACX,OAAS2I,EAAInU,EAAEhD,QAAS,GAAI8mB,EAAEpP,KAAK1U,EAAGmU,GAAI,OAAO3I,EAAKjN,MAAQyB,EAAEmU,GAAI3I,EAAK2jC,MAAO,EAAI3jC,EACpF,OAAOA,EAAKjN,MAAQglB,EAAG/X,EAAK2jC,MAAO,EAAI3jC,CACzC,EACF,OAAO1N,EAAE0N,KAAO1N,CAClB,CACF,CACA,MAAM,IAAIimB,UAAUiwB,EAAQh0C,GAAK,mBACnC,CACA,OAAO+0C,EAAkBx3C,UAAYy3C,EAA4B7gC,EAAE+gC,EAAG,cAAe,CACnF32C,MAAOy2C,EACPzwB,cAAc,IACZpQ,EAAE6gC,EAA4B,cAAe,CAC/Cz2C,MAAOw2C,EACPxwB,cAAc,IACZwwB,EAAkB4B,YAAcl6C,EAAOu4C,EAA4BZ,EAAG,qBAAsBp0C,EAAE42C,oBAAsB,SAAUrzB,GAChI,IAAIvjB,EAAI,mBAAqBujB,GAAKA,EAAEa,YACpC,QAASpkB,IAAMA,IAAM+0C,GAAqB,uBAAyB/0C,EAAE22C,aAAe32C,EAAEqD,MACxF,EAAGrD,EAAE62C,KAAO,SAAUtzB,GACpB,OAAO/lB,OAAO0mB,eAAiB1mB,OAAO0mB,eAAeX,EAAGyxB,IAA+BzxB,EAAEwwB,UAAYiB,EAA4Bv4C,EAAO8mB,EAAG6wB,EAAG,sBAAuB7wB,EAAEhmB,UAAYC,OAAO+B,OAAO21C,GAAI3xB,CACvM,EAAGvjB,EAAE82C,MAAQ,SAAUvzB,GACrB,MAAO,CACLgyB,QAAShyB,EAEb,EAAG4xB,EAAsBE,EAAc93C,WAAYd,EAAO44C,EAAc93C,UAAW8Z,GAAG,WACpF,OAAOpa,IACT,IAAI+C,EAAEq1C,cAAgBA,EAAer1C,EAAE+2C,MAAQ,SAAUxzB,EAAGK,EAAGE,EAAG3P,EAAGrW,QACnE,IAAWA,IAAMA,EAAIqK,SACrB,IAAIqZ,EAAI,IAAI6zB,EAAcf,EAAK/wB,EAAGK,EAAGE,EAAG3P,GAAIrW,GAC5C,OAAOkC,EAAE42C,oBAAoBhzB,GAAKpC,EAAIA,EAAEhW,OAAOpE,MAAK,SAAUmc,GAC5D,OAAOA,EAAE4rB,KAAO5rB,EAAEhlB,MAAQijB,EAAEhW,MAC9B,GACF,EAAG2pC,EAAsBD,GAAIz4C,EAAOy4C,EAAGd,EAAG,aAAc33C,EAAOy4C,EAAG1zB,GAAG,WACnE,OAAOvkB,IACT,IAAIR,EAAOy4C,EAAG,YAAY,WACxB,MAAO,oBACT,IAAIl1C,EAAE0C,KAAO,SAAU6gB,GACrB,IAAIvjB,EAAIxC,OAAO+lB,GACbK,EAAI,GACN,IAAK,IAAIE,KAAK9jB,EAAG4jB,EAAE1b,KAAK4b,GACxB,OAAOF,EAAEozB,UAAW,SAASxrC,IAC3B,KAAOoY,EAAE5mB,QAAS,CAChB,IAAIumB,EAAIK,EAAEqzB,MACV,GAAI1zB,KAAKvjB,EAAG,OAAOwL,EAAKjN,MAAQglB,EAAG/X,EAAK2jC,MAAO,EAAI3jC,CACrD,CACA,OAAOA,EAAK2jC,MAAO,EAAI3jC,CACzB,CACF,EAAGxL,EAAEsd,OAASA,EAAQk3B,EAAQj3C,UAAY,CACxC6mB,YAAaowB,EACbiC,MAAO,SAAez2C,GACpB,GAAI/C,KAAKi6C,KAAO,EAAGj6C,KAAKuO,KAAO,EAAGvO,KAAK04C,KAAO14C,KAAK24C,MAAQryB,EAAGtmB,KAAKkyC,MAAO,EAAIlyC,KAAKw4C,SAAW,KAAMx4C,KAAKuV,OAAS,OAAQvV,KAAK03C,IAAMpxB,EAAGtmB,KAAKq5C,WAAW3zC,QAAQ4zC,IAAiBv2C,EAAG,IAAK,IAAI4jB,KAAK3mB,KAAM,MAAQ2mB,EAAEwlB,OAAO,IAAMtlB,EAAEpP,KAAKzX,KAAM2mB,KAAO8yB,OAAO9yB,EAAEhkB,MAAM,MAAQ3C,KAAK2mB,GAAKL,EACtR,EACAzF,KAAM,WACJ7gB,KAAKkyC,MAAO,EACZ,IAAI5rB,EAAItmB,KAAKq5C,WAAW,GAAGE,WAC3B,GAAI,UAAYjzB,EAAE5Y,KAAM,MAAM4Y,EAAEoxB,IAChC,OAAO13C,KAAKk6C,IACd,EACAtB,kBAAmB,SAA2B71C,GAC5C,GAAI/C,KAAKkyC,KAAM,MAAMnvC,EACrB,IAAI4jB,EAAI3mB,KACR,SAASm6C,EAAOtzB,EAAG3P,GACjB,OAAOqN,EAAE7W,KAAO,QAAS6W,EAAEmzB,IAAM30C,EAAG4jB,EAAEpY,KAAOsY,EAAG3P,IAAMyP,EAAEpR,OAAS,OAAQoR,EAAE+wB,IAAMpxB,KAAMpP,CACzF,CACA,IAAK,IAAIA,EAAIlX,KAAKq5C,WAAWt5C,OAAS,EAAGmX,GAAK,IAAKA,EAAG,CACpD,IAAIrW,EAAIb,KAAKq5C,WAAWniC,GACtBqN,EAAI1jB,EAAE04C,WACR,GAAI,SAAW14C,EAAEo4C,OAAQ,OAAOkB,EAAO,OACvC,GAAIt5C,EAAEo4C,QAAUj5C,KAAKi6C,KAAM,CACzB,IAAI7/B,EAAIyM,EAAEpP,KAAK5W,EAAG,YAChBs2C,EAAItwB,EAAEpP,KAAK5W,EAAG,cAChB,GAAIuZ,GAAK+8B,EAAG,CACV,GAAIn3C,KAAKi6C,KAAOp5C,EAAEq4C,SAAU,OAAOiB,EAAOt5C,EAAEq4C,UAAU,GACtD,GAAIl5C,KAAKi6C,KAAOp5C,EAAEs4C,WAAY,OAAOgB,EAAOt5C,EAAEs4C,WAChD,MAAO,GAAI/+B,GACT,GAAIpa,KAAKi6C,KAAOp5C,EAAEq4C,SAAU,OAAOiB,EAAOt5C,EAAEq4C,UAAU,OACjD,CACL,IAAK/B,EAAG,MAAM1pC,MAAM,0CACpB,GAAIzN,KAAKi6C,KAAOp5C,EAAEs4C,WAAY,OAAOgB,EAAOt5C,EAAEs4C,WAChD,CACF,CACF,CACF,EACAN,OAAQ,SAAgBvyB,EAAGvjB,GACzB,IAAK,IAAI4jB,EAAI3mB,KAAKq5C,WAAWt5C,OAAS,EAAG4mB,GAAK,IAAKA,EAAG,CACpD,IAAIzP,EAAIlX,KAAKq5C,WAAW1yB,GACxB,GAAIzP,EAAE+hC,QAAUj5C,KAAKi6C,MAAQpzB,EAAEpP,KAAKP,EAAG,eAAiBlX,KAAKi6C,KAAO/iC,EAAEiiC,WAAY,CAChF,IAAIt4C,EAAIqW,EACR,KACF,CACF,CACArW,IAAM,UAAYylB,GAAK,aAAeA,IAAMzlB,EAAEo4C,QAAUl2C,GAAKA,GAAKlC,EAAEs4C,aAAet4C,EAAI,MACvF,IAAI0jB,EAAI1jB,EAAIA,EAAE04C,WAAa,CAAC,EAC5B,OAAOh1B,EAAE7W,KAAO4Y,EAAG/B,EAAEmzB,IAAM30C,EAAGlC,GAAKb,KAAKuV,OAAS,OAAQvV,KAAKuO,KAAO1N,EAAEs4C,WAAYlf,GAAKj6B,KAAKo6C,SAAS71B,EACxG,EACA61B,SAAU,SAAkB9zB,EAAGvjB,GAC7B,GAAI,UAAYujB,EAAE5Y,KAAM,MAAM4Y,EAAEoxB,IAChC,MAAO,UAAYpxB,EAAE5Y,MAAQ,aAAe4Y,EAAE5Y,KAAO1N,KAAKuO,KAAO+X,EAAEoxB,IAAM,WAAapxB,EAAE5Y,MAAQ1N,KAAKk6C,KAAOl6C,KAAK03C,IAAMpxB,EAAEoxB,IAAK13C,KAAKuV,OAAS,SAAUvV,KAAKuO,KAAO,OAAS,WAAa+X,EAAE5Y,MAAQ3K,IAAM/C,KAAKuO,KAAOxL,GAAIk3B,CAC1N,EACAhe,OAAQ,SAAgBqK,GACtB,IAAK,IAAIvjB,EAAI/C,KAAKq5C,WAAWt5C,OAAS,EAAGgD,GAAK,IAAKA,EAAG,CACpD,IAAI4jB,EAAI3mB,KAAKq5C,WAAWt2C,GACxB,GAAI4jB,EAAEwyB,aAAe7yB,EAAG,OAAOtmB,KAAKo6C,SAASzzB,EAAE4yB,WAAY5yB,EAAEyyB,UAAWE,EAAc3yB,GAAIsT,CAC5F,CACF,EACA,MAAS,SAAgB3T,GACvB,IAAK,IAAIvjB,EAAI/C,KAAKq5C,WAAWt5C,OAAS,EAAGgD,GAAK,IAAKA,EAAG,CACpD,IAAI4jB,EAAI3mB,KAAKq5C,WAAWt2C,GACxB,GAAI4jB,EAAEsyB,SAAW3yB,EAAG,CAClB,IAAIO,EAAIF,EAAE4yB,WACV,GAAI,UAAY1yB,EAAEnZ,KAAM,CACtB,IAAIwJ,EAAI2P,EAAE6wB,IACV4B,EAAc3yB,EAChB,CACA,OAAOzP,CACT,CACF,CACA,MAAMzJ,MAAM,wBACd,EACA4sC,cAAe,SAAuBt3C,EAAG4jB,EAAGE,GAC1C,OAAO7mB,KAAKw4C,SAAW,CACrBnqC,SAAUgS,EAAOtd,GACjB+1C,WAAYnyB,EACZoyB,QAASlyB,GACR,SAAW7mB,KAAKuV,SAAWvV,KAAK03C,IAAMpxB,GAAI2T,CAC/C,GACCl3B,CACL,CACAxD,EAAOD,QAAU23C,EAAqB13C,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BC/S3G,SAASg7C,EAAgBh0B,EAAGvjB,GAC1B,OAAOxD,EAAOD,QAAUg7C,EAAkB/5C,OAAO0mB,eAAiB1mB,OAAO0mB,eAAejP,OAAS,SAAUsO,EAAGvjB,GAC5G,OAAOujB,EAAEwwB,UAAY/zC,EAAGujB,CAC1B,EAAG/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,QAASg7C,EAAgBh0B,EAAGvjB,EACtG,CACAxD,EAAOD,QAAUg7C,EAAiB/6C,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCLvG,IAAIy3C,EAAU,gBAWdx3C,EAAOD,QAVP,SAAqBgnB,EAAGK,GACtB,GAAI,UAAYowB,EAAQzwB,KAAOA,EAAG,OAAOA,EACzC,IAAIvjB,EAAIujB,EAAEhY,OAAOisC,aACjB,QAAI,IAAWx3C,EAAG,CAChB,IAAIlC,EAAIkC,EAAE0U,KAAK6O,EAAGK,GAAK,WACvB,GAAI,UAAYowB,EAAQl2C,GAAI,OAAOA,EACnC,MAAM,IAAIimB,UAAU,+CACtB,CACA,OAAQ,WAAaH,EAAItC,OAASye,QAAQxc,EAC5C,EAC8B/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCXnG,IAAIy3C,EAAU,gBACVwD,EAAc,EAAQ,MAK1Bh7C,EAAOD,QAJP,SAAuBgnB,GACrB,IAAIzlB,EAAI05C,EAAYj0B,EAAG,UACvB,MAAO,UAAYywB,EAAQl2C,GAAKA,EAAIA,EAAI,EAC1C,EACgCtB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,0BCNrG,SAASy3C,EAAQ7/B,GAGf,OAAO3X,EAAOD,QAAUy3C,EAAU,mBAAqBzoC,QAAU,iBAAmBA,OAAOD,SAAW,SAAU6I,GAC9G,cAAcA,CAChB,EAAI,SAAUA,GACZ,OAAOA,GAAK,mBAAqB5I,QAAU4I,EAAEiQ,cAAgB7Y,QAAU4I,IAAM5I,OAAOhO,UAAY,gBAAkB4W,CACpH,EAAG3X,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,QAASy3C,EAAQ7/B,EAC3F,CACA3X,EAAOD,QAAUy3C,EAASx3C,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCT/F,IAAI4nB,EAAiB,EAAQ,MACzBD,EAAiB,EAAQ,MACzBuzB,EAAmB,EAAQ,MAC3B/zB,EAAY,EAAQ,MACxB,SAASC,EAAiBJ,GACxB,IAAIK,EAAI,mBAAqB9Y,IAAM,IAAIA,SAAQ,EAC/C,OAAOtO,EAAOD,QAAUonB,EAAmB,SAA0BJ,GACnE,GAAI,OAASA,IAAMk0B,EAAiBl0B,GAAI,OAAOA,EAC/C,GAAI,mBAAqBA,EAAG,MAAM,IAAIQ,UAAU,sDAChD,QAAI,IAAWH,EAAG,CAChB,GAAIA,EAAE3Y,IAAIsY,GAAI,OAAOK,EAAEpkB,IAAI+jB,GAC3BK,EAAEtlB,IAAIilB,EAAGS,EACX,CACA,SAASA,IACP,OAAON,EAAUH,EAAGxlB,UAAWomB,EAAelnB,MAAMmnB,YACtD,CACA,OAAOJ,EAAQzmB,UAAYC,OAAO+B,OAAOgkB,EAAEhmB,UAAW,CACpD6mB,YAAa,CACX7lB,MAAOylB,EACPK,YAAY,EACZC,UAAU,EACVC,cAAc,KAEdL,EAAeF,EAAST,EAC9B,EAAG/mB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,QAASonB,EAAiBJ,EACpG,CACA/mB,EAAOD,QAAUonB,EAAkBnnB,EAAOD,QAAQm3C,YAAa,EAAMl3C,EAAOD,QAAiB,QAAIC,EAAOD,8BCxBxG,IAAIm7C,EAAU,EAAQ,KAAR,GACdl7C,EAAOD,QAAUm7C,EAGjB,IACEC,mBAAqBD,CACvB,CAAE,MAAOE,GACmB,iBAAfC,WACTA,WAAWF,mBAAqBD,EAEhC7zB,SAAS,IAAK,yBAAdA,CAAwC6zB,EAE5C,oCCdA,SAASI,EAAkBl0B,EAAGpC,IAC3B,MAAQA,GAAKA,EAAIoC,EAAE5mB,UAAYwkB,EAAIoC,EAAE5mB,QACtC,IAAK,IAAIgD,EAAI,EAAG8jB,EAAI9R,MAAMwP,GAAIxhB,EAAIwhB,EAAGxhB,IAAK8jB,EAAE9jB,GAAK4jB,EAAE5jB,GACnD,OAAO8jB,CACT,oECJA,SAASi0B,EAAuB/3C,GAC9B,QAAI,IAAWA,EAAG,MAAM,IAAIyzC,eAAe,6DAC3C,OAAOzzC,CACT,oECHA,SAASg4C,EAAmBl0B,EAAGP,EAAGvjB,EAAG4jB,EAAGzP,EAAGqN,EAAGnK,GAC5C,IACE,IAAIvZ,EAAIgmB,EAAEtC,GAAGnK,GACX+8B,EAAIt2C,EAAES,KACV,CAAE,MAAOulB,GACP,YAAY9jB,EAAE8jB,EAChB,CACAhmB,EAAEqxC,KAAO5rB,EAAE6wB,GAAKjsC,QAAQT,QAAQ0sC,GAAGhtC,KAAKwc,EAAGzP,EAC7C,CACA,SAAS8jC,EAAkBn0B,GACzB,OAAO,WACL,IAAIP,EAAItmB,KACN+C,EAAIjC,UACN,OAAO,IAAIoK,SAAQ,SAAUyb,EAAGzP,GAC9B,IAAIqN,EAAIsC,EAAE5B,MAAMqB,EAAGvjB,GACnB,SAASk4C,EAAMp0B,GACbk0B,EAAmBx2B,EAAGoC,EAAGzP,EAAG+jC,EAAOC,EAAQ,OAAQr0B,EACrD,CACA,SAASq0B,EAAOr0B,GACdk0B,EAAmBx2B,EAAGoC,EAAGzP,EAAG+jC,EAAOC,EAAQ,QAASr0B,EACtD,CACAo0B,OAAM,EACR,GACF,CACF,oECxBA,SAASE,EAAgB52B,EAAGsC,GAC1B,KAAMtC,aAAasC,GAAI,MAAM,IAAIC,UAAU,oCAC7C,kHCDA,SAAS8vB,EAAkB7zC,EAAG4jB,GAC5B,IAAK,IAAIL,EAAI,EAAGA,EAAIK,EAAE5mB,OAAQumB,IAAK,CACjC,IAAIpP,EAAIyP,EAAEL,GACVpP,EAAEkQ,WAAalQ,EAAEkQ,aAAc,EAAIlQ,EAAEoQ,cAAe,EAAI,UAAWpQ,IAAMA,EAAEmQ,UAAW,GAAK9mB,OAAOy1C,eAAejzC,GAAG,OAAcmU,EAAElW,KAAMkW,EAC5I,CACF,CACA,SAASkkC,EAAar4C,EAAG4jB,EAAGL,GAC1B,OAAOK,GAAKiwB,EAAkB7zC,EAAEzC,UAAWqmB,GAAIL,GAAKswB,EAAkB7zC,EAAGujB,GAAI/lB,OAAOy1C,eAAejzC,EAAG,YAAa,CACjHskB,UAAU,IACRtkB,CACN,mFCVA,SAASs4C,EAAgBt4C,EAAG4jB,EAAGL,GAC7B,OAAQK,GAAI,OAAcA,MAAO5jB,EAAIxC,OAAOy1C,eAAejzC,EAAG4jB,EAAG,CAC/DrlB,MAAOglB,EACPc,YAAY,EACZE,cAAc,EACdD,UAAU,IACPtkB,EAAE4jB,GAAKL,EAAGvjB,CACjB,qCCRA,SAAS8zC,EAAgBvwB,GACvB,OAAOuwB,EAAkBt2C,OAAO0mB,eAAiB1mB,OAAO2mB,eAAelP,OAAS,SAAUsO,GACxF,OAAOA,EAAEwwB,WAAav2C,OAAO2mB,eAAeZ,EAC9C,EAAGuwB,EAAgBvwB,EACrB,iHCHA,SAASg1B,EAAUh1B,EAAGvjB,GACpB,GAAI,mBAAqBA,GAAK,OAASA,EAAG,MAAM,IAAI+jB,UAAU,sDAC9DR,EAAEhmB,UAAYC,OAAO+B,OAAOS,GAAKA,EAAEzC,UAAW,CAC5C6mB,YAAa,CACX7lB,MAAOglB,EACPe,UAAU,EACVC,cAAc,KAEd/mB,OAAOy1C,eAAe1vB,EAAG,YAAa,CACxCe,UAAU,IACRtkB,IAAK,OAAeujB,EAAGvjB,EAC7B,qCCXA,SAASw4C,EAAyBx4C,EAAGujB,GACnC,GAAI,MAAQvjB,EAAG,MAAO,CAAC,EACvB,IAAImU,EACFyP,EACA9lB,ECLJ,SAAuC8lB,EAAG5jB,GACxC,GAAI,MAAQ4jB,EAAG,MAAO,CAAC,EACvB,IAAIL,EAAI,CAAC,EACT,IAAK,IAAIO,KAAKF,EAAG,GAAI,CAAC,EAAEgO,eAAeld,KAAKkP,EAAGE,GAAI,CACjD,IAAK,IAAM9jB,EAAE6C,QAAQihB,GAAI,SACzBP,EAAEO,GAAKF,EAAEE,EACX,CACA,OAAOP,CACT,CDHQ,CAA6BvjB,EAAGujB,GACtC,GAAI/lB,OAAOi7C,sBAAuB,CAChC,IAAI30B,EAAItmB,OAAOi7C,sBAAsBz4C,GACrC,IAAK4jB,EAAI,EAAGA,EAAIE,EAAE9mB,OAAQ4mB,IAAKzP,EAAI2P,EAAEF,IAAK,IAAML,EAAE1gB,QAAQsR,IAAM,CAAC,EAAEukC,qBAAqBhkC,KAAK1U,EAAGmU,KAAOrW,EAAEqW,GAAKnU,EAAEmU,GAClH,CACA,OAAOrW,CACT,4HETA,SAAS66C,EAA2Bp1B,EAAGvjB,GACrC,GAAIA,IAAM,WAAY,OAAQA,IAAM,mBAAqBA,GAAI,OAAOA,EACpE,QAAI,IAAWA,EAAG,MAAM,IAAI+jB,UAAU,4DACtC,OAAO,OAAsBR,EAC/B,qCCNA,SAASg0B,EAAgBh0B,EAAGvjB,GAC1B,OAAOu3C,EAAkB/5C,OAAO0mB,eAAiB1mB,OAAO0mB,eAAejP,OAAS,SAAUsO,EAAGvjB,GAC3F,OAAOujB,EAAEwwB,UAAY/zC,EAAGujB,CAC1B,EAAGg0B,EAAgBh0B,EAAGvjB,EACxB,gHCAA,SAAS44C,EAAeh1B,EAAG5jB,GACzB,OCLF,SAAyB4jB,GACvB,GAAI5R,MAAM0Z,QAAQ9H,GAAI,OAAOA,CAC/B,CDGS,CAAeA,IELxB,SAA+BA,EAAGixB,GAChC,IAAItxB,EAAI,MAAQK,EAAI,KAAO,oBAAsBrY,QAAUqY,EAAErY,OAAOD,WAAasY,EAAE,cACnF,GAAI,MAAQL,EAAG,CACb,IAAIvjB,EACF8jB,EACAhmB,EACAs2C,EACA5yB,EAAI,GACJszB,GAAI,EACJ3gC,GAAI,EACN,IACE,GAAIrW,GAAKylB,EAAIA,EAAE7O,KAAKkP,IAAIpY,KAAM,IAAMqpC,EAAG,CACrC,GAAIr3C,OAAO+lB,KAAOA,EAAG,OACrBuxB,GAAI,CACN,MAAO,OAASA,GAAK90C,EAAIlC,EAAE4W,KAAK6O,IAAI4rB,QAAU3tB,EAAEtZ,KAAKlI,EAAEzB,OAAQijB,EAAExkB,SAAW63C,GAAIC,GAAI,GACtF,CAAE,MAAOlxB,GACPzP,GAAI,EAAI2P,EAAIF,CACd,CAAE,QACA,IACE,IAAKkxB,GAAK,MAAQvxB,EAAU,SAAM6wB,EAAI7wB,EAAU,SAAK/lB,OAAO42C,KAAOA,GAAI,MACzE,CAAE,QACA,GAAIjgC,EAAG,MAAM2P,CACf,CACF,CACA,OAAOtC,CACT,CACF,CFrB8B,CAAqBoC,EAAG5jB,KAAM,EAAA64C,EAAA,GAA2Bj1B,EAAG5jB,IGL1F,WACE,MAAM,IAAI+jB,UAAU,4IACtB,CHGgG,EAChG,2FIFA,SAAS+0B,EAAmBl1B,GAC1B,OCJF,SAA4BA,GAC1B,GAAI5R,MAAM0Z,QAAQ9H,GAAI,OAAO,EAAAm1B,EAAA,GAAiBn1B,EAChD,CDES,CAAkBA,IEL3B,SAA0BA,GACxB,GAAI,oBAAsBrY,QAAU,MAAQqY,EAAErY,OAAOD,WAAa,MAAQsY,EAAE,cAAe,OAAO5R,MAAMC,KAAK2R,EAC/G,CFGiC,CAAgBA,KAAM,EAAAi1B,EAAA,GAA2Bj1B,IGLlF,WACE,MAAM,IAAIG,UAAU,uIACtB,CHGwF,EACxF,mFIJA,SAAS6vB,EAAcrwB,GACrB,IAAIzlB,ECFN,SAAqBylB,EAAGK,GACtB,GAAI,WAAY,OAAQL,KAAOA,EAAG,OAAOA,EACzC,IAAIvjB,EAAIujB,EAAEhY,OAAOisC,aACjB,QAAI,IAAWx3C,EAAG,CAChB,IAAIlC,EAAIkC,EAAE0U,KAAK6O,EAAGK,UAClB,GAAI,WAAY,OAAQ9lB,GAAI,OAAOA,EACnC,MAAM,IAAIimB,UAAU,+CACtB,CACA,OAAyBzC,OAAiBiC,EAC5C,CDPUi0B,CAAYj0B,GACpB,MAAO,WAAY,OAAQzlB,GAAKA,EAAIA,EAAI,EAC1C,qCELA,SAASk2C,EAAQ7/B,GAGf,OAAO6/B,EAAU,mBAAqBzoC,QAAU,iBAAmBA,OAAOD,SAAW,SAAU6I,GAC7F,cAAcA,CAChB,EAAI,SAAUA,GACZ,OAAOA,GAAK,mBAAqB5I,QAAU4I,EAAEiQ,cAAgB7Y,QAAU4I,IAAM5I,OAAOhO,UAAY,gBAAkB4W,CACpH,EAAG6/B,EAAQ7/B,EACb,gHCPA,SAAS6kC,EAA4Bp1B,EAAGpC,GACtC,GAAIoC,EAAG,CACL,GAAI,iBAAmBA,EAAG,OAAO,OAAiBA,EAAGpC,GACrD,IAAI+B,EAAI,CAAC,EAAEta,SAASyL,KAAKkP,GAAGhkB,MAAM,GAAI,GACtC,MAAO,WAAa2jB,GAAKK,EAAEQ,cAAgBb,EAAIK,EAAEQ,YAAY/gB,MAAO,QAAUkgB,GAAK,QAAUA,EAAIvR,MAAMC,KAAK2R,GAAK,cAAgBL,GAAK,2CAA2C4C,KAAK5C,IAAK,OAAiBK,EAAGpC,QAAK,CACtN,CACF,ICNIy3B,EAA2B,CAAC,EAGhC,SAASC,EAAoBC,GAE5B,IAAIC,EAAeH,EAAyBE,GAC5C,QAAqBvtC,IAAjBwtC,EACH,OAAOA,EAAa78C,QAGrB,IAAIC,EAASy8C,EAAyBE,GAAY,CAGjD58C,QAAS,CAAC,GAOX,OAHA88C,EAAoBF,GAAUzkC,KAAKlY,EAAOD,QAASC,EAAQA,EAAOD,QAAS28C,GAGpE18C,EAAOD,OACf,CCrBA28C,EAAoBp1B,EAAI,SAAStnB,GAChC,IAAI88C,EAAS98C,GAAUA,EAAOk3C,WAC7B,WAAa,OAAOl3C,EAAgB,OAAG,EACvC,WAAa,OAAOA,CAAQ,EAE7B,OADA08C,EAAoBjE,EAAEqE,EAAQ,CAAE93B,EAAG83B,IAC5BA,CACR,ECNAJ,EAAoBjE,EAAI,SAAS14C,EAASg9C,GACzC,IAAI,IAAIt7C,KAAOs7C,EACXL,EAAoB/kC,EAAEolC,EAAYt7C,KAASi7C,EAAoB/kC,EAAE5X,EAAS0B,IAC5ET,OAAOy1C,eAAe12C,EAAS0B,EAAK,CAAEomB,YAAY,EAAM7kB,IAAK+5C,EAAWt7C,IAG3E,ECPAi7C,EAAoBhE,EAAI,WACvB,GAA0B,iBAAf2C,WAAyB,OAAOA,WAC3C,IACC,OAAO56C,MAAQ,IAAI4mB,SAAS,cAAb,EAChB,CAAE,MAAO7jB,GACR,GAAsB,iBAAX4B,OAAqB,OAAOA,MACxC,CACA,CAPuB,GCAxBs3C,EAAoB/kC,EAAI,SAAS5B,EAAKi6B,GAAQ,OAAOhvC,OAAOD,UAAUq0B,eAAeld,KAAKnC,EAAKi6B,EAAO,ECCtG0M,EAAoBt1B,EAAI,SAASrnB,GACX,oBAAXgP,QAA0BA,OAAO8oC,aAC1C72C,OAAOy1C,eAAe12C,EAASgP,OAAO8oC,YAAa,CAAE91C,MAAO,WAE7Df,OAAOy1C,eAAe12C,EAAS,aAAc,CAAEgC,OAAO,GACvD,4uCCgBA,IAAM1B,GAAkEijB,EAAAA,EAAAA,KAClEirB,GAAyE/qB,EAAAA,EAAAA,KACzEkQ,GAAoDyD,EAAAA,EAAAA,KAIpD6lB,EAAQ,wcACZ,WAAYz8C,GAA0B,kCAC9BA,EACR,CAAC,iBAHW,EAFYkzB,EAAAA,EAAAA,GAAwB8a,EAAgBluC,EAAoBqzB,IAQtF,iBvLxBA","sources":["webpack://OktaAuth/webpack/universalModuleDefinition","webpack://OktaAuth/./lib/base/factory.ts","webpack://OktaAuth/./lib/base/options.ts","webpack://OktaAuth/./node_modules/js-cookie/dist/js.cookie.mjs","webpack://OktaAuth/./lib/browser/browserStorage.ts","webpack://OktaAuth/./lib/constants.ts","webpack://OktaAuth/./lib/core/AuthStateManager.ts","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/util.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/methods/native.js","webpack://OktaAuth/../../src/index.ts","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/options.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/methods/indexed-db.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/methods/localstorage.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/methods/simulate.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/method-chooser.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/broadcast-channel.js","webpack://OktaAuth/./node_modules/unload/dist/es/index.js","webpack://OktaAuth/./node_modules/unload/dist/es/node.js","webpack://OktaAuth/./node_modules/unload/dist/es/browser.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/leader-election-util.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/leader-election-web-lock.js","webpack://OktaAuth/./node_modules/broadcast-channel/dist/esbrowser/leader-election.js","webpack://OktaAuth/./lib/services/LeaderElectionService.ts","webpack://OktaAuth/./lib/services/AutoRenewService.ts","webpack://OktaAuth/./lib/services/SyncStorageService.ts","webpack://OktaAuth/./lib/services/RenewOnTabActivationService.ts","webpack://OktaAuth/./lib/core/ServiceManager/browser.ts","webpack://OktaAuth/./lib/core/factory.ts","webpack://OktaAuth/./lib/core/mixin.ts","webpack://OktaAuth/./lib/core/options.ts","webpack://OktaAuth/./lib/core/storage.ts","webpack://OktaAuth/./lib/crypto/base64.ts","webpack://OktaAuth/./lib/crypto/browser.ts","webpack://OktaAuth/./lib/crypto/oidcHash.ts","webpack://OktaAuth/./lib/crypto/verifyToken.ts","webpack://OktaAuth/./lib/errors/AuthApiError.ts","webpack://OktaAuth/./lib/errors/AuthPollStopError.ts","webpack://OktaAuth/./lib/errors/AuthSdkError.ts","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/isNativeReflectConstruct.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/wrapNativeSuper.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/isNativeFunction.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/construct.js","webpack://OktaAuth/./lib/errors/CustomError.ts","webpack://OktaAuth/./lib/errors/OAuthError.ts","webpack://OktaAuth/./lib/errors/WWWAuthError.ts","webpack://OktaAuth/./lib/errors/index.ts","webpack://OktaAuth/./lib/features.ts","webpack://OktaAuth/./lib/http/OktaUserAgent.ts","webpack://OktaAuth/./lib/http/headers.ts","webpack://OktaAuth/./lib/http/mixin.ts","webpack://OktaAuth/./lib/fetch/fetchRequest.ts","webpack://OktaAuth/./lib/http/options.ts","webpack://OktaAuth/./lib/http/request.ts","webpack://OktaAuth/./lib/myaccount/transactions/Base.ts","webpack://OktaAuth/./lib/myaccount/request.ts","webpack://OktaAuth/./lib/myaccount/transactions/ProfileTransaction.ts","webpack://OktaAuth/./lib/myaccount/transactions/ProfileSchemaTransaction.ts","webpack://OktaAuth/./lib/myaccount/profileApi.ts","webpack://OktaAuth/./lib/myaccount/transactions/EmailStatusTransaction.ts","webpack://OktaAuth/./lib/myaccount/transactions/EmailChallengeTransaction.ts","webpack://OktaAuth/./lib/myaccount/transactions/EmailTransaction.ts","webpack://OktaAuth/./lib/myaccount/emailApi.ts","webpack://OktaAuth/./lib/myaccount/transactions/PhoneTransaction.ts","webpack://OktaAuth/./lib/myaccount/phoneApi.ts","webpack://OktaAuth/./lib/myaccount/transactions/PasswordTransaction.ts","webpack://OktaAuth/./lib/myaccount/passwordApi.ts","webpack://OktaAuth/./lib/myaccount/factory.ts","webpack://OktaAuth/./lib/myaccount/mixin.ts","webpack://OktaAuth/./lib/myaccount/types.ts","webpack://OktaAuth/./lib/clock.ts","webpack://OktaAuth/./lib/oidc/TokenManager.ts","webpack://OktaAuth/./lib/oidc/util/sharedStorage.ts","webpack://OktaAuth/./lib/oidc/TransactionManager.ts","webpack://OktaAuth/./lib/oidc/decodeToken.ts","webpack://OktaAuth/./lib/oidc/dpop.ts","webpack://OktaAuth/./lib/oidc/endpoints/authorize.ts","webpack://OktaAuth/./lib/oidc/endpoints/token.ts","webpack://OktaAuth/./lib/oidc/endpoints/well-known.ts","webpack://OktaAuth/./lib/oidc/exchangeCodeForTokens.ts","webpack://OktaAuth/./lib/oidc/enrollAuthenticator.ts","webpack://OktaAuth/./lib/oidc/factory/api.ts","webpack://OktaAuth/./lib/oidc/factory/OktaAuthOAuth.ts","webpack://OktaAuth/./lib/oidc/getToken.ts","webpack://OktaAuth/./lib/oidc/getUserInfo.ts","webpack://OktaAuth/./lib/oidc/getWithPopup.ts","webpack://OktaAuth/./lib/oidc/getWithRedirect.ts","webpack://OktaAuth/./lib/oidc/getWithoutPrompt.ts","webpack://OktaAuth/./lib/oidc/handleOAuthResponse.ts","webpack://OktaAuth/./lib/oidc/introspect.ts","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/get.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/superPropBase.js","webpack://OktaAuth/./lib/oidc/mixin/index.ts","webpack://OktaAuth/./lib/oidc/mixin/browser.ts","webpack://OktaAuth/./lib/oidc/options/browser.ts","webpack://OktaAuth/./lib/oidc/options/OAuthOptionsConstructor.ts","webpack://OktaAuth/./lib/oidc/parseFromUrl.ts","webpack://OktaAuth/./lib/oidc/renewToken.ts","webpack://OktaAuth/./lib/oidc/renewTokens.ts","webpack://OktaAuth/./lib/oidc/renewTokensWithRefresh.ts","webpack://OktaAuth/./lib/oidc/revokeToken.ts","webpack://OktaAuth/./lib/oidc/storage.ts","webpack://OktaAuth/./lib/oidc/types/Token.ts","webpack://OktaAuth/./lib/oidc/types/TokenManager.ts","webpack://OktaAuth/./lib/oidc/types/Transaction.ts","webpack://OktaAuth/./lib/oidc/util/browser.ts","webpack://OktaAuth/./lib/oidc/util/defaultEnrollAuthenticatorParams.ts","webpack://OktaAuth/./lib/oidc/util/defaultTokenParams.ts","webpack://OktaAuth/./lib/oidc/util/enrollAuthenticatorMeta.ts","webpack://OktaAuth/./lib/oidc/util/errors.ts","webpack://OktaAuth/./lib/oidc/util/loginRedirect.ts","webpack://OktaAuth/./lib/oidc/util/oauth.ts","webpack://OktaAuth/./lib/oidc/util/oauthMeta.ts","webpack://OktaAuth/./lib/oidc/util/pkce.ts","webpack://OktaAuth/./lib/oidc/util/prepareEnrollAuthenticatorParams.ts","webpack://OktaAuth/./lib/oidc/util/prepareTokenParams.ts","webpack://OktaAuth/./lib/oidc/util/refreshToken.ts","webpack://OktaAuth/./lib/oidc/util/urlParams.ts","webpack://OktaAuth/./lib/oidc/util/validateClaims.ts","webpack://OktaAuth/./lib/oidc/util/validateToken.ts","webpack://OktaAuth/./lib/oidc/verifyToken.ts","webpack://OktaAuth/./lib/session/api.ts","webpack://OktaAuth/./lib/session/factory.ts","webpack://OktaAuth/./lib/session/mixin.ts","webpack://OktaAuth/./lib/storage/BaseStorageManager.ts","webpack://OktaAuth/./lib/storage/SavedObject.ts","webpack://OktaAuth/./lib/storage/mixin.ts","webpack://OktaAuth/./lib/storage/options/browser.ts","webpack://OktaAuth/./lib/storage/options/StorageOptionsConstructor.ts","webpack://OktaAuth/./lib/util/PromiseQueue.ts","webpack://OktaAuth/./lib/util/console.ts","webpack://OktaAuth/./lib/util/misc.ts","webpack://OktaAuth/./lib/util/object.ts","webpack://OktaAuth/./lib/util/types.ts","webpack://OktaAuth/./lib/util/url.ts","webpack://OktaAuth/./node_modules/p-cancelable/index.js","webpack://OktaAuth/./node_modules/cross-fetch/dist/browser-ponyfill.js","webpack://OktaAuth/./node_modules/tiny-emitter/index.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/assertThisInitialized.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/classCallCheck.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/construct.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/createClass.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/getPrototypeOf.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/inherits.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/isNativeFunction.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/isNativeReflectConstruct.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/possibleConstructorReturn.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/regeneratorRuntime.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/setPrototypeOf.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/toPrimitive.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/toPropertyKey.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/typeof.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/wrapNativeSuper.js","webpack://OktaAuth/./node_modules/@babel/runtime/regenerator/index.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/arrayLikeToArray.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/assertThisInitialized.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/asyncToGenerator.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/classCallCheck.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/createClass.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/defineProperty.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/getPrototypeOf.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/inherits.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/objectWithoutProperties.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/objectWithoutPropertiesLoose.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/possibleConstructorReturn.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/setPrototypeOf.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/slicedToArray.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/arrayWithHoles.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/iterableToArrayLimit.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/nonIterableRest.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/toConsumableArray.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/arrayWithoutHoles.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/iterableToArray.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/nonIterableSpread.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/toPropertyKey.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/toPrimitive.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/typeof.js","webpack://OktaAuth/./node_modules/@babel/runtime/helpers/esm/unsupportedIterableToArray.js","webpack://OktaAuth/webpack/bootstrap","webpack://OktaAuth/webpack/runtime/compat get default export","webpack://OktaAuth/webpack/runtime/define property getters","webpack://OktaAuth/webpack/runtime/global","webpack://OktaAuth/webpack/runtime/hasOwnProperty shorthand","webpack://OktaAuth/webpack/runtime/make namespace object","webpack://OktaAuth/./lib/exports/myaccount.ts"],"sourcesContent":["(function webpackUniversalModuleDefinition(root, factory) {\n\tif(typeof exports === 'object' && typeof module === 'object')\n\t\tmodule.exports = factory();\n\telse if(typeof define === 'function' && define.amd)\n\t\tdefine([], factory);\n\telse if(typeof exports === 'object')\n\t\texports[\"OktaAuth\"] = factory();\n\telse\n\t\troot[\"OktaAuth\"] = factory();\n})(self, function() {\nreturn ","\n\n// Do not use this type in code, so it won't be emitted in the declaration output\nimport { removeNils } from '../util';\n\nimport * as features from '../features';\nimport * as constants from '../constants';\n\n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport Emitter from 'tiny-emitter';\n\nimport {\n EventEmitter,\n OktaAuthConstructor,\n OktaAuthBaseInterface,\n OktaAuthBaseOptions,\n OktaAuthOptionsConstructor, \n FeaturesAPI,\n} from './types';\n\nexport function createOktaAuthBase\n<\n O extends OktaAuthBaseOptions = OktaAuthBaseOptions,\n>\n(\n OptionsConstructor: OktaAuthOptionsConstructor<O>\n): OktaAuthConstructor<OktaAuthBaseInterface<O>>\n{\n class OktaAuthBase implements OktaAuthBaseInterface<O>\n {\n options: O;\n emitter: EventEmitter;\n features: FeaturesAPI;\n static features: FeaturesAPI = features;\n static constants = constants;\n \n constructor(...args: any[]) {\n const options = new OptionsConstructor(args.length ? args[0] || {} : {});\n this.options = removeNils(options) as O; // clear out undefined values\n this.emitter = new Emitter();\n this.features = features;\n }\n }\n\n // Hoist feature detection functions to prototype & static type\n OktaAuthBase.features = OktaAuthBase.prototype.features = features;\n\n // Also hoist constants for CommonJS users\n Object.assign(OktaAuthBase, {\n constants\n });\n\n return OktaAuthBase;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { OktaAuthBaseOptions } from './types';\n\nexport function createBaseOptionsConstructor() {\n\n return class BaseOptionsConstructor implements Required<OktaAuthBaseOptions> {\n devMode: boolean;\n\n constructor(args: any) {\n this.devMode = !!args.devMode;\n }\n };\n\n}\n","/*! js-cookie v3.0.1 | MIT */\n/* eslint-disable no-var */\nfunction assign (target) {\n for (var i = 1; i < arguments.length; i++) {\n var source = arguments[i];\n for (var key in source) {\n target[key] = source[key];\n }\n }\n return target\n}\n/* eslint-enable no-var */\n\n/* eslint-disable no-var */\nvar defaultConverter = {\n read: function (value) {\n if (value[0] === '\"') {\n value = value.slice(1, -1);\n }\n return value.replace(/(%[\\dA-F]{2})+/gi, decodeURIComponent)\n },\n write: function (value) {\n return encodeURIComponent(value).replace(\n /%(2[346BF]|3[AC-F]|40|5[BDE]|60|7[BCD])/g,\n decodeURIComponent\n )\n }\n};\n/* eslint-enable no-var */\n\n/* eslint-disable no-var */\n\nfunction init (converter, defaultAttributes) {\n function set (key, value, attributes) {\n if (typeof document === 'undefined') {\n return\n }\n\n attributes = assign({}, defaultAttributes, attributes);\n\n if (typeof attributes.expires === 'number') {\n attributes.expires = new Date(Date.now() + attributes.expires * 864e5);\n }\n if (attributes.expires) {\n attributes.expires = attributes.expires.toUTCString();\n }\n\n key = encodeURIComponent(key)\n .replace(/%(2[346B]|5E|60|7C)/g, decodeURIComponent)\n .replace(/[()]/g, escape);\n\n var stringifiedAttributes = '';\n for (var attributeName in attributes) {\n if (!attributes[attributeName]) {\n continue\n }\n\n stringifiedAttributes += '; ' + attributeName;\n\n if (attributes[attributeName] === true) {\n continue\n }\n\n // Considers RFC 6265 section 5.2:\n // ...\n // 3. If the remaining unparsed-attributes contains a %x3B (\";\")\n // character:\n // Consume the characters of the unparsed-attributes up to,\n // not including, the first %x3B (\";\") character.\n // ...\n stringifiedAttributes += '=' + attributes[attributeName].split(';')[0];\n }\n\n return (document.cookie =\n key + '=' + converter.write(value, key) + stringifiedAttributes)\n }\n\n function get (key) {\n if (typeof document === 'undefined' || (arguments.length && !key)) {\n return\n }\n\n // To prevent the for loop in the first place assign an empty array\n // in case there are no cookies at all.\n var cookies = document.cookie ? document.cookie.split('; ') : [];\n var jar = {};\n for (var i = 0; i < cookies.length; i++) {\n var parts = cookies[i].split('=');\n var value = parts.slice(1).join('=');\n\n try {\n var foundKey = decodeURIComponent(parts[0]);\n jar[foundKey] = converter.read(value, foundKey);\n\n if (key === foundKey) {\n break\n }\n } catch (e) {}\n }\n\n return key ? jar[key] : jar\n }\n\n return Object.create(\n {\n set: set,\n get: get,\n remove: function (key, attributes) {\n set(\n key,\n '',\n assign({}, attributes, {\n expires: -1\n })\n );\n },\n withAttributes: function (attributes) {\n return init(this.converter, assign({}, this.attributes, attributes))\n },\n withConverter: function (converter) {\n return init(assign({}, this.converter, converter), this.attributes)\n }\n },\n {\n attributes: { value: Object.freeze(defaultAttributes) },\n converter: { value: Object.freeze(converter) }\n }\n )\n}\n\nvar api = init(defaultConverter, { path: '/' });\n/* eslint-enable no-var */\n\nexport default api;\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport Cookies from 'js-cookie';\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n StorageOptions,\n CookieOptions,\n SimpleStorage,\n StorageType,\n StorageUtil,\n} from '../storage/types';\nimport { warn } from '../util';\nimport { isIE11OrLess } from '../features';\n\nexport interface CookieStorage extends SimpleStorage {\n setItem(key: string, value: any, expiresAt?: string | null): void; // can customize expiresAt\n getItem(key?: string): any; // if no key is passed, all cookies are returned\n removeItem(key: string); // remove a cookie\n}\n\nexport interface BrowserStorageUtil extends StorageUtil {\n browserHasLocalStorage(): boolean;\n browserHasSessionStorage(): boolean;\n getStorageByType(storageType: StorageType, options: StorageOptions): SimpleStorage;\n getLocalStorage(): Storage;\n getSessionStorage(): Storage;\n getInMemoryStorage(): SimpleStorage;\n getCookieStorage(options?: StorageOptions): CookieStorage;\n testStorage(storage: any): boolean;\n storage: Cookies;\n inMemoryStore: Record<string, unknown>;\n}\n\n// Building this as an object allows us to mock the functions in our tests\nvar storageUtil: BrowserStorageUtil = {\n\n // IE11 bug that Microsoft doesn't plan to fix\n // https://connect.microsoft.com/IE/Feedback/Details/1496040\n browserHasLocalStorage: function() {\n try {\n var storage = this.getLocalStorage();\n return this.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n browserHasSessionStorage: function() {\n try {\n var storage = this.getSessionStorage();\n return this.testStorage(storage);\n } catch (e) {\n return false;\n }\n },\n\n testStorageType: function(storageType: StorageType): boolean {\n var supported = false;\n switch (storageType) {\n case 'sessionStorage':\n supported = this.browserHasSessionStorage();\n break;\n case 'localStorage':\n supported = this.browserHasLocalStorage();\n break;\n case 'cookie':\n case 'memory':\n supported = true;\n break;\n default:\n supported = false;\n break;\n }\n return supported;\n },\n\n getStorageByType: function(storageType: StorageType, options?: StorageOptions): SimpleStorage {\n let storageProvider;\n switch (storageType) {\n case 'sessionStorage':\n storageProvider = this.getSessionStorage();\n break;\n case 'localStorage':\n storageProvider = this.getLocalStorage();\n break;\n case 'cookie':\n storageProvider = this.getCookieStorage(options);\n break;\n case 'memory':\n storageProvider = this.getInMemoryStorage();\n break;\n default:\n throw new AuthSdkError(`Unrecognized storage option: ${storageType}`);\n break;\n }\n return storageProvider;\n },\n\n findStorageType: function(types: StorageType[]) {\n let curType;\n let nextType;\n \n types = types.slice(); // copy array\n curType = types.shift();\n nextType = types.length ? types[0] : null;\n if (!nextType) {\n return curType;\n }\n\n if (this.testStorageType(curType)) {\n return curType;\n }\n\n // preferred type was unsupported.\n warn(`This browser doesn't support ${curType}. Switching to ${nextType}.`);\n\n // fallback to the next type. this is a recursive call\n return this.findStorageType(types);\n },\n\n getLocalStorage: function() {\n // Workaound for synchronization issue of LocalStorage cross tabs in IE11\n if (isIE11OrLess() && !window.onstorage) {\n window.onstorage = function() {};\n }\n \n return localStorage;\n },\n\n getSessionStorage: function() {\n return sessionStorage;\n },\n\n // Provides webStorage-like interface for cookies\n getCookieStorage: function(options): CookieStorage {\n const secure = options!.secure;\n const sameSite = options!.sameSite;\n const sessionCookie = options!.sessionCookie;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('getCookieStorage: \"secure\" and \"sameSite\" options must be provided');\n }\n const storage: CookieStorage = {\n getItem: this.storage.get,\n setItem: (key, value, expiresAt = '2200-01-01T00:00:00.000Z') => {\n // By defauilt, cookie shouldn't expire\n expiresAt = (sessionCookie ? null : expiresAt) as string;\n this.storage.set(key, value, expiresAt, {\n secure: secure, \n sameSite: sameSite,\n });\n },\n removeItem: (key) => {\n this.storage.delete(key);\n },\n };\n\n if (!options!.useSeparateCookies) {\n return storage;\n }\n\n // Tokens are stored separately because cookies have size limits.\n // Can only be used when storing an object value. Object properties will be saved to separate cookies.\n // Each property of the object must also be an object.\n return {\n getItem: function(key) {\n var data = storage.getItem(); // read all cookies\n var value = {};\n Object.keys(data).forEach(k => {\n if (k.indexOf(key!) === 0) { // filter out unrelated cookies\n value[k.replace(`${key}_`, '')] = JSON.parse(data[k]); // populate with cookie data\n }\n });\n return JSON.stringify(value);\n },\n setItem: function(key, value) {\n var existingValues = JSON.parse(this.getItem(key));\n value = JSON.parse(value);\n // Set key-value pairs from input to cookies\n Object.keys(value).forEach(k => {\n var storageKey = key + '_' + k;\n var valueToStore = JSON.stringify(value[k]);\n storage.setItem(storageKey, valueToStore);\n delete existingValues[k];\n });\n // Delete unmatched keys from existing cookies\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n removeItem: function(key) {\n var existingValues = JSON.parse(this.getItem(key));\n Object.keys(existingValues).forEach(k => {\n storage.removeItem(key + '_' + k);\n });\n },\n };\n },\n\n // Provides an in-memory solution\n inMemoryStore: {}, // override this for a unique memory store per instance\n getInMemoryStorage: function() {\n return {\n getItem: (key) => {\n return this.inMemoryStore[key];\n },\n setItem: (key, value) => {\n this.inMemoryStore[key] = value;\n },\n };\n },\n\n testStorage: function(storage) {\n var key = 'okta-test-storage';\n try {\n storage.setItem(key, key);\n storage.removeItem(key);\n return true;\n } catch (e) {\n return false;\n }\n },\n\n storage: {\n set: function(name: string, value: string, expiresAt: string, options: CookieOptions): string {\n const { sameSite, secure } = options;\n if (typeof secure === 'undefined' || typeof sameSite === 'undefined') {\n throw new AuthSdkError('storage.set: \"secure\" and \"sameSite\" options must be provided');\n }\n var cookieOptions: CookieOptions = {\n path: options.path || '/',\n secure,\n sameSite\n };\n\n // eslint-disable-next-line no-extra-boolean-cast\n if (!!(Date.parse(expiresAt))) {\n // Expires value can be converted to a Date object.\n //\n // If the 'expiresAt' value is not provided, or the value cannot be\n // parsed as a Date object, the cookie will set as a session cookie.\n cookieOptions.expires = new Date(expiresAt);\n }\n\n Cookies.set(name, value, cookieOptions);\n return this.get(name);\n },\n\n get: function(name?: string): string {\n // return all cookies when no args is provided\n if (!arguments.length) {\n return Cookies.get();\n }\n return Cookies.get(name);\n },\n\n delete: function(name: string): string {\n return Cookies.remove(name, { path: '/' });\n }\n }\n};\n\nexport default storageUtil;\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport const STATE_TOKEN_KEY_NAME = 'oktaStateToken';\nexport const DEFAULT_POLLING_DELAY = 500;\nexport const IOS_MAX_RETRY_COUNT = 3;\nexport const DEFAULT_MAX_CLOCK_SKEW = 300;\nexport const DEFAULT_CACHE_DURATION = 86400;\nexport const TOKEN_STORAGE_NAME = 'okta-token-storage';\nexport const CACHE_STORAGE_NAME = 'okta-cache-storage';\nexport const PKCE_STORAGE_NAME = 'okta-pkce-storage';\nexport const TRANSACTION_STORAGE_NAME = 'okta-transaction-storage';\nexport const SHARED_TRANSACTION_STORAGE_NAME = 'okta-shared-transaction-storage';\nexport const ORIGINAL_URI_STORAGE_NAME = 'okta-original-uri-storage';\nexport const IDX_RESPONSE_STORAGE_NAME = 'okta-idx-response-storage';\nexport const ACCESS_TOKEN_STORAGE_KEY = 'accessToken';\nexport const ID_TOKEN_STORAGE_KEY = 'idToken';\nexport const REFRESH_TOKEN_STORAGE_KEY = 'refreshToken';\nexport const REFERRER_PATH_STORAGE_KEY = 'referrerPath';\n\n// Code verifier: Random URL-safe string with a minimum length of 43 characters.\n// Code challenge: Base64 URL-encoded SHA-256 hash of the code verifier.\nexport const MIN_VERIFIER_LENGTH = 43;\nexport const MAX_VERIFIER_LENGTH = 128;\nexport const DEFAULT_CODE_CHALLENGE_METHOD = 'S256';\n\nexport const IDX_API_VERSION = '1.0.0';","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n \n// eslint-disable-next-line @typescript-eslint/ban-ts-comment\n// @ts-ignore \n// Do not use this type in code, so it won't be emitted in the declaration output\nimport PCancelable from 'p-cancelable';\nimport { AuthSdkError } from '../errors';\nimport {\n EVENT_ADDED,\n EVENT_REMOVED,\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface\n} from '../oidc';\nimport {\n AuthState,\n AuthStateLogOptions,\n OktaAuthCoreOptions,\n} from './types';\nimport { PromiseQueue, getConsole } from '../util';\n\nexport const INITIAL_AUTH_STATE = null;\nconst DEFAULT_PENDING = {\n updateAuthStatePromise: null,\n canceledTimes: 0\n};\nconst EVENT_AUTH_STATE_CHANGE = 'authStateChange';\nconst MAX_PROMISE_CANCEL_TIMES = 10;\n\n// only compare first level of authState\nconst isSameAuthState = (prevState: AuthState | null, state: AuthState) => {\n // initial state is null\n if (!prevState) {\n return false;\n }\n\n return prevState.isAuthenticated === state.isAuthenticated \n && JSON.stringify(prevState.idToken) === JSON.stringify(state.idToken)\n && JSON.stringify(prevState.accessToken) === JSON.stringify(state.accessToken)\n && prevState.error === state.error;\n};\n\n\nexport class AuthStateManager\n<\n M extends OAuthTransactionMeta,\n S extends OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions\n>\n{\n _sdk: OktaAuthOAuthInterface<M, S, O>;\n _pending: { \n updateAuthStatePromise: any;\n canceledTimes: number; \n };\n _authState: AuthState | null;\n _prevAuthState: AuthState | null;\n _logOptions: AuthStateLogOptions;\n _transformQueue: PromiseQueue;\n\n constructor(sdk: OktaAuthOAuthInterface<M, S, O>) {\n if (!sdk.emitter) {\n throw new AuthSdkError('Emitter should be initialized before AuthStateManager');\n }\n\n this._sdk = sdk;\n this._pending = { ...DEFAULT_PENDING };\n this._authState = INITIAL_AUTH_STATE;\n this._logOptions = {};\n this._prevAuthState = null;\n this._transformQueue = new PromiseQueue({\n quiet: true\n });\n\n // Listen on tokenManager events to start updateState process\n // \"added\" event is emitted in both add and renew process\n // Only listen on \"added\" event to update auth state\n sdk.tokenManager.on(EVENT_ADDED, (key, token) => {\n this._setLogOptions({ event: EVENT_ADDED, key, token });\n this.updateAuthState();\n });\n sdk.tokenManager.on(EVENT_REMOVED, (key, token) => {\n this._setLogOptions({ event: EVENT_REMOVED, key, token });\n this.updateAuthState();\n });\n }\n\n _setLogOptions(options) {\n this._logOptions = options;\n }\n\n getAuthState(): AuthState | null {\n return this._authState;\n }\n\n getPreviousAuthState(): AuthState | null {\n return this._prevAuthState;\n }\n\n async updateAuthState(): Promise<AuthState> {\n const { transformAuthState, devMode } = this._sdk.options;\n\n const log = (status) => {\n const { event, key, token } = this._logOptions;\n getConsole().group(`OKTA-AUTH-JS:updateAuthState: Event:${event} Status:${status}`);\n getConsole().log(key, token);\n getConsole().log('Current authState', this._authState);\n getConsole().groupEnd();\n \n // clear log options after logging\n this._logOptions = {};\n };\n\n const emitAuthStateChange = (authState) => {\n if (isSameAuthState(this._authState, authState)) {\n devMode && log('unchanged'); \n return;\n }\n this._prevAuthState = this._authState;\n this._authState = authState;\n // emit new authState object\n this._sdk.emitter.emit(EVENT_AUTH_STATE_CHANGE, { ...authState });\n devMode && log('emitted');\n };\n\n const finalPromise = (origPromise) => { \n return this._pending.updateAuthStatePromise.then(() => {\n const curPromise = this._pending.updateAuthStatePromise;\n if (curPromise && curPromise !== origPromise) {\n return finalPromise(curPromise);\n }\n return this.getAuthState();\n });\n };\n\n if (this._pending.updateAuthStatePromise) {\n if (this._pending.canceledTimes >= MAX_PROMISE_CANCEL_TIMES) {\n // stop canceling then starting a new promise\n // let existing promise finish to prevent running into loops\n devMode && log('terminated');\n return finalPromise(this._pending.updateAuthStatePromise);\n } else {\n this._pending.updateAuthStatePromise.cancel();\n }\n }\n\n /* eslint-disable complexity */\n const cancelablePromise = new PCancelable((resolve, _, onCancel) => {\n onCancel.shouldReject = false;\n onCancel(() => {\n this._pending.updateAuthStatePromise = null;\n this._pending.canceledTimes = this._pending.canceledTimes + 1;\n devMode && log('canceled');\n });\n\n const emitAndResolve = (authState) => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n // emit event and resolve promise \n emitAuthStateChange(authState);\n resolve();\n\n // clear pending states after resolve\n this._pending = { ...DEFAULT_PENDING };\n };\n\n this._sdk.isAuthenticated()\n .then(() => {\n if (cancelablePromise.isCanceled) {\n resolve();\n return;\n }\n\n const { accessToken, idToken, refreshToken } = this._sdk.tokenManager.getTokensSync();\n const authState = {\n accessToken,\n idToken,\n refreshToken,\n isAuthenticated: !!(accessToken && idToken)\n };\n\n // Enqueue transformAuthState so that it does not run concurrently\n const promise: Promise<AuthState> = transformAuthState\n ? this._transformQueue.push(transformAuthState, null, this._sdk, authState) as Promise<AuthState>\n : Promise.resolve(authState);\n\n promise\n .then(authState => emitAndResolve(authState))\n .catch(error => emitAndResolve({\n accessToken, \n idToken, \n refreshToken,\n isAuthenticated: false, \n error\n }));\n });\n });\n /* eslint-enable complexity */\n this._pending.updateAuthStatePromise = cancelablePromise;\n\n return finalPromise(cancelablePromise);\n }\n\n subscribe(handler): void {\n this._sdk.emitter.on(EVENT_AUTH_STATE_CHANGE, handler);\n }\n\n unsubscribe(handler?): void {\n this._sdk.emitter.off(EVENT_AUTH_STATE_CHANGE, handler);\n }\n}\n","/**\n * returns true if the given object is a promise\n */\nexport function isPromise(obj) {\n return obj && typeof obj.then === 'function';\n}\nexport var PROMISE_RESOLVED_FALSE = Promise.resolve(false);\nexport var PROMISE_RESOLVED_TRUE = Promise.resolve(true);\nexport var PROMISE_RESOLVED_VOID = Promise.resolve();\nexport function sleep(time, resolveWith) {\n if (!time) time = 0;\n return new Promise(function (res) {\n return setTimeout(function () {\n return res(resolveWith);\n }, time);\n });\n}\nexport function randomInt(min, max) {\n return Math.floor(Math.random() * (max - min + 1) + min);\n}\n\n/**\n * https://stackoverflow.com/a/8084248\n */\nexport function randomToken() {\n return Math.random().toString(36).substring(2);\n}\nvar lastMs = 0;\nvar additional = 0;\n\n/**\n * returns the current time in micro-seconds,\n * WARNING: This is a pseudo-function\n * Performance.now is not reliable in webworkers, so we just make sure to never return the same time.\n * This is enough in browsers, and this function will not be used in nodejs.\n * The main reason for this hack is to ensure that BroadcastChannel behaves equal to production when it is used in fast-running unit tests.\n */\nexport function microSeconds() {\n var ms = new Date().getTime();\n if (ms === lastMs) {\n additional++;\n return ms * 1000 + additional;\n } else {\n lastMs = ms;\n additional = 0;\n return ms * 1000;\n }\n}\n\n/**\n * Check if WebLock API is supported.\n * @link https://developer.mozilla.org/en-US/docs/Web/API/Web_Locks_API\n */\nexport function supportsWebLockAPI() {\n if (typeof navigator !== 'undefined' && typeof navigator.locks !== 'undefined' && typeof navigator.locks.request === 'function') {\n return true;\n } else {\n return false;\n }\n}","import { microSeconds as micro, PROMISE_RESOLVED_VOID } from '../util.js';\nexport var microSeconds = micro;\nexport var type = 'native';\nexport function create(channelName) {\n var state = {\n messagesCallback: null,\n bc: new BroadcastChannel(channelName),\n subFns: [] // subscriberFunctions\n };\n\n state.bc.onmessage = function (msg) {\n if (state.messagesCallback) {\n state.messagesCallback(msg.data);\n }\n };\n return state;\n}\nexport function close(channelState) {\n channelState.bc.close();\n channelState.subFns = [];\n}\nexport function postMessage(channelState, messageJson) {\n try {\n channelState.bc.postMessage(messageJson, false);\n return PROMISE_RESOLVED_VOID;\n } catch (err) {\n return Promise.reject(err);\n }\n}\nexport function onMessage(channelState, fn) {\n channelState.messagesCallback = fn;\n}\nexport function canBeUsed() {\n if ((typeof window !== 'undefined' || typeof self !== 'undefined') && typeof BroadcastChannel === 'function') {\n if (BroadcastChannel._pubkey) {\n throw new Error('BroadcastChannel: Do not overwrite window.BroadcastChannel with this module, this is not a polyfill');\n }\n return true;\n } else {\n return false;\n }\n}\nexport function averageResponseTime() {\n return 150;\n}\nexport var NativeMethod = {\n create: create,\n close: close,\n onMessage: onMessage,\n postMessage: postMessage,\n canBeUsed: canBeUsed,\n type: type,\n averageResponseTime: averageResponseTime,\n microSeconds: microSeconds\n};",null,"export function fillOptionsWithDefaults() {\n var originalOptions = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};\n var options = JSON.parse(JSON.stringify(originalOptions));\n\n // main\n if (typeof options.webWorkerSupport === 'undefined') options.webWorkerSupport = true;\n\n // indexed-db\n if (!options.idb) options.idb = {};\n // after this time the messages get deleted\n if (!options.idb.ttl) options.idb.ttl = 1000 * 45;\n if (!options.idb.fallbackInterval) options.idb.fallbackInterval = 150;\n // handles abrupt db onclose events.\n if (originalOptions.idb && typeof originalOptions.idb.onclose === 'function') options.idb.onclose = originalOptions.idb.onclose;\n\n // localstorage\n if (!options.localstorage) options.localstorage = {};\n if (!options.localstorage.removeTimeout) options.localstorage.removeTimeout = 1000 * 60;\n\n // custom methods\n if (originalOptions.methods) options.methods = originalOptions.methods;\n\n // node\n if (!options.node) options.node = {};\n if (!options.node.ttl) options.node.ttl = 1000 * 60 * 2; // 2 minutes;\n /**\n * On linux use 'ulimit -Hn' to get the limit of open files.\n * On ubuntu this was 4096 for me, so we use half of that as maxParallelWrites default.\n */\n if (!options.node.maxParallelWrites) options.node.maxParallelWrites = 2048;\n if (typeof options.node.useFastPath === 'undefined') options.node.useFastPath = true;\n return options;\n}","/**\n * this method uses indexeddb to store the messages\n * There is currently no observerAPI for idb\n * @link https://github.com/w3c/IndexedDB/issues/51\n * \n * When working on this, ensure to use these performance optimizations:\n * @link https://rxdb.info/slow-indexeddb.html\n */\n\nimport { sleep, randomInt, randomToken, microSeconds as micro, PROMISE_RESOLVED_VOID } from '../util.js';\nexport var microSeconds = micro;\nimport { ObliviousSet } from 'oblivious-set';\nimport { fillOptionsWithDefaults } from '../options.js';\nvar DB_PREFIX = 'pubkey.broadcast-channel-0-';\nvar OBJECT_STORE_ID = 'messages';\n\n/**\n * Use relaxed durability for faster performance on all transactions.\n * @link https://nolanlawson.com/2021/08/22/speeding-up-indexeddb-reads-and-writes/\n */\nexport var TRANSACTION_SETTINGS = {\n durability: 'relaxed'\n};\nexport var type = 'idb';\nexport function getIdb() {\n if (typeof indexedDB !== 'undefined') return indexedDB;\n if (typeof window !== 'undefined') {\n if (typeof window.mozIndexedDB !== 'undefined') return window.mozIndexedDB;\n if (typeof window.webkitIndexedDB !== 'undefined') return window.webkitIndexedDB;\n if (typeof window.msIndexedDB !== 'undefined') return window.msIndexedDB;\n }\n return false;\n}\n\n/**\n * If possible, we should explicitly commit IndexedDB transactions\n * for better performance.\n * @link https://nolanlawson.com/2021/08/22/speeding-up-indexeddb-reads-and-writes/\n */\nexport function commitIndexedDBTransaction(tx) {\n if (tx.commit) {\n tx.commit();\n }\n}\nexport function createDatabase(channelName) {\n var IndexedDB = getIdb();\n\n // create table\n var dbName = DB_PREFIX + channelName;\n\n /**\n * All IndexedDB databases are opened without version\n * because it is a bit faster, especially on firefox\n * @link http://nparashuram.com/IndexedDB/perf/#Open%20Database%20with%20version\n */\n var openRequest = IndexedDB.open(dbName);\n openRequest.onupgradeneeded = function (ev) {\n var db = ev.target.result;\n db.createObjectStore(OBJECT_STORE_ID, {\n keyPath: 'id',\n autoIncrement: true\n });\n };\n return new Promise(function (res, rej) {\n openRequest.onerror = function (ev) {\n return rej(ev);\n };\n openRequest.onsuccess = function () {\n res(openRequest.result);\n };\n });\n}\n\n/**\n * writes the new message to the database\n * so other readers can find it\n */\nexport function writeMessage(db, readerUuid, messageJson) {\n var time = new Date().getTime();\n var writeObject = {\n uuid: readerUuid,\n time: time,\n data: messageJson\n };\n var tx = db.transaction([OBJECT_STORE_ID], 'readwrite', TRANSACTION_SETTINGS);\n return new Promise(function (res, rej) {\n tx.oncomplete = function () {\n return res();\n };\n tx.onerror = function (ev) {\n return rej(ev);\n };\n var objectStore = tx.objectStore(OBJECT_STORE_ID);\n objectStore.add(writeObject);\n commitIndexedDBTransaction(tx);\n });\n}\nexport function getAllMessages(db) {\n var tx = db.transaction(OBJECT_STORE_ID, 'readonly', TRANSACTION_SETTINGS);\n var objectStore = tx.objectStore(OBJECT_STORE_ID);\n var ret = [];\n return new Promise(function (res) {\n objectStore.openCursor().onsuccess = function (ev) {\n var cursor = ev.target.result;\n if (cursor) {\n ret.push(cursor.value);\n //alert(\"Name for SSN \" + cursor.key + \" is \" + cursor.value.name);\n cursor[\"continue\"]();\n } else {\n commitIndexedDBTransaction(tx);\n res(ret);\n }\n };\n });\n}\nexport function getMessagesHigherThan(db, lastCursorId) {\n var tx = db.transaction(OBJECT_STORE_ID, 'readonly', TRANSACTION_SETTINGS);\n var objectStore = tx.objectStore(OBJECT_STORE_ID);\n var ret = [];\n var keyRangeValue = IDBKeyRange.bound(lastCursorId + 1, Infinity);\n\n /**\n * Optimization shortcut,\n * if getAll() can be used, do not use a cursor.\n * @link https://rxdb.info/slow-indexeddb.html\n */\n if (objectStore.getAll) {\n var getAllRequest = objectStore.getAll(keyRangeValue);\n return new Promise(function (res, rej) {\n getAllRequest.onerror = function (err) {\n return rej(err);\n };\n getAllRequest.onsuccess = function (e) {\n res(e.target.result);\n };\n });\n }\n function openCursor() {\n // Occasionally Safari will fail on IDBKeyRange.bound, this\n // catches that error, having it open the cursor to the first\n // item. When it gets data it will advance to the desired key.\n try {\n keyRangeValue = IDBKeyRange.bound(lastCursorId + 1, Infinity);\n return objectStore.openCursor(keyRangeValue);\n } catch (e) {\n return objectStore.openCursor();\n }\n }\n return new Promise(function (res, rej) {\n var openCursorRequest = openCursor();\n openCursorRequest.onerror = function (err) {\n return rej(err);\n };\n openCursorRequest.onsuccess = function (ev) {\n var cursor = ev.target.result;\n if (cursor) {\n if (cursor.value.id < lastCursorId + 1) {\n cursor[\"continue\"](lastCursorId + 1);\n } else {\n ret.push(cursor.value);\n cursor[\"continue\"]();\n }\n } else {\n commitIndexedDBTransaction(tx);\n res(ret);\n }\n };\n });\n}\nexport function removeMessagesById(channelState, ids) {\n if (channelState.closed) {\n return Promise.resolve([]);\n }\n var tx = channelState.db.transaction(OBJECT_STORE_ID, 'readwrite', TRANSACTION_SETTINGS);\n var objectStore = tx.objectStore(OBJECT_STORE_ID);\n return Promise.all(ids.map(function (id) {\n var deleteRequest = objectStore[\"delete\"](id);\n return new Promise(function (res) {\n deleteRequest.onsuccess = function () {\n return res();\n };\n });\n }));\n}\nexport function getOldMessages(db, ttl) {\n var olderThen = new Date().getTime() - ttl;\n var tx = db.transaction(OBJECT_STORE_ID, 'readonly', TRANSACTION_SETTINGS);\n var objectStore = tx.objectStore(OBJECT_STORE_ID);\n var ret = [];\n return new Promise(function (res) {\n objectStore.openCursor().onsuccess = function (ev) {\n var cursor = ev.target.result;\n if (cursor) {\n var msgObk = cursor.value;\n if (msgObk.time < olderThen) {\n ret.push(msgObk);\n //alert(\"Name for SSN \" + cursor.key + \" is \" + cursor.value.name);\n cursor[\"continue\"]();\n } else {\n // no more old messages,\n commitIndexedDBTransaction(tx);\n res(ret);\n }\n } else {\n res(ret);\n }\n };\n });\n}\nexport function cleanOldMessages(channelState) {\n return getOldMessages(channelState.db, channelState.options.idb.ttl).then(function (tooOld) {\n return removeMessagesById(channelState, tooOld.map(function (msg) {\n return msg.id;\n }));\n });\n}\nexport function create(channelName, options) {\n options = fillOptionsWithDefaults(options);\n return createDatabase(channelName).then(function (db) {\n var state = {\n closed: false,\n lastCursorId: 0,\n channelName: channelName,\n options: options,\n uuid: randomToken(),\n /**\n * emittedMessagesIds\n * contains all messages that have been emitted before\n * @type {ObliviousSet}\n */\n eMIs: new ObliviousSet(options.idb.ttl * 2),\n // ensures we do not read messages in parallel\n writeBlockPromise: PROMISE_RESOLVED_VOID,\n messagesCallback: null,\n readQueuePromises: [],\n db: db\n };\n\n /**\n * Handle abrupt closes that do not originate from db.close().\n * This could happen, for example, if the underlying storage is\n * removed or if the user clears the database in the browser's\n * history preferences.\n */\n db.onclose = function () {\n state.closed = true;\n if (options.idb.onclose) options.idb.onclose();\n };\n\n /**\n * if service-workers are used,\n * we have no 'storage'-event if they post a message,\n * therefore we also have to set an interval\n */\n _readLoop(state);\n return state;\n });\n}\nfunction _readLoop(state) {\n if (state.closed) return;\n readNewMessages(state).then(function () {\n return sleep(state.options.idb.fallbackInterval);\n }).then(function () {\n return _readLoop(state);\n });\n}\nfunction _filterMessage(msgObj, state) {\n if (msgObj.uuid === state.uuid) return false; // send by own\n if (state.eMIs.has(msgObj.id)) return false; // already emitted\n if (msgObj.data.time < state.messagesCallbackTime) return false; // older then onMessageCallback\n return true;\n}\n\n/**\n * reads all new messages from the database and emits them\n */\nfunction readNewMessages(state) {\n // channel already closed\n if (state.closed) return PROMISE_RESOLVED_VOID;\n\n // if no one is listening, we do not need to scan for new messages\n if (!state.messagesCallback) return PROMISE_RESOLVED_VOID;\n return getMessagesHigherThan(state.db, state.lastCursorId).then(function (newerMessages) {\n var useMessages = newerMessages\n /**\n * there is a bug in iOS where the msgObj can be undefined sometimes\n * so we filter them out\n * @link https://github.com/pubkey/broadcast-channel/issues/19\n */.filter(function (msgObj) {\n return !!msgObj;\n }).map(function (msgObj) {\n if (msgObj.id > state.lastCursorId) {\n state.lastCursorId = msgObj.id;\n }\n return msgObj;\n }).filter(function (msgObj) {\n return _filterMessage(msgObj, state);\n }).sort(function (msgObjA, msgObjB) {\n return msgObjA.time - msgObjB.time;\n }); // sort by time\n useMessages.forEach(function (msgObj) {\n if (state.messagesCallback) {\n state.eMIs.add(msgObj.id);\n state.messagesCallback(msgObj.data);\n }\n });\n return PROMISE_RESOLVED_VOID;\n });\n}\nexport function close(channelState) {\n channelState.closed = true;\n channelState.db.close();\n}\nexport function postMessage(channelState, messageJson) {\n channelState.writeBlockPromise = channelState.writeBlockPromise.then(function () {\n return writeMessage(channelState.db, channelState.uuid, messageJson);\n }).then(function () {\n if (randomInt(0, 10) === 0) {\n /* await (do not await) */\n cleanOldMessages(channelState);\n }\n });\n return channelState.writeBlockPromise;\n}\nexport function onMessage(channelState, fn, time) {\n channelState.messagesCallbackTime = time;\n channelState.messagesCallback = fn;\n readNewMessages(channelState);\n}\nexport function canBeUsed() {\n return !!getIdb();\n}\nexport function averageResponseTime(options) {\n return options.idb.fallbackInterval * 2;\n}\nexport var IndexedDBMethod = {\n create: create,\n close: close,\n onMessage: onMessage,\n postMessage: postMessage,\n canBeUsed: canBeUsed,\n type: type,\n averageResponseTime: averageResponseTime,\n microSeconds: microSeconds\n};","/**\n * A localStorage-only method which uses localstorage and its 'storage'-event\n * This does not work inside webworkers because they have no access to localstorage\n * This is basically implemented to support IE9 or your grandmother's toaster.\n * @link https://caniuse.com/#feat=namevalue-storage\n * @link https://caniuse.com/#feat=indexeddb\n */\n\nimport { ObliviousSet } from 'oblivious-set';\nimport { fillOptionsWithDefaults } from '../options.js';\nimport { sleep, randomToken, microSeconds as micro } from '../util.js';\nexport var microSeconds = micro;\nvar KEY_PREFIX = 'pubkey.broadcastChannel-';\nexport var type = 'localstorage';\n\n/**\n * copied from crosstab\n * @link https://github.com/tejacques/crosstab/blob/master/src/crosstab.js#L32\n */\nexport function getLocalStorage() {\n var localStorage;\n if (typeof window === 'undefined') return null;\n try {\n localStorage = window.localStorage;\n localStorage = window['ie8-eventlistener/storage'] || window.localStorage;\n } catch (e) {\n // New versions of Firefox throw a Security exception\n // if cookies are disabled. See\n // https://bugzilla.mozilla.org/show_bug.cgi?id=1028153\n }\n return localStorage;\n}\nexport function storageKey(channelName) {\n return KEY_PREFIX + channelName;\n}\n\n/**\n* writes the new message to the storage\n* and fires the storage-event so other readers can find it\n*/\nexport function postMessage(channelState, messageJson) {\n return new Promise(function (res) {\n sleep().then(function () {\n var key = storageKey(channelState.channelName);\n var writeObj = {\n token: randomToken(),\n time: new Date().getTime(),\n data: messageJson,\n uuid: channelState.uuid\n };\n var value = JSON.stringify(writeObj);\n getLocalStorage().setItem(key, value);\n\n /**\n * StorageEvent does not fire the 'storage' event\n * in the window that changes the state of the local storage.\n * So we fire it manually\n */\n var ev = document.createEvent('Event');\n ev.initEvent('storage', true, true);\n ev.key = key;\n ev.newValue = value;\n window.dispatchEvent(ev);\n res();\n });\n });\n}\nexport function addStorageEventListener(channelName, fn) {\n var key = storageKey(channelName);\n var listener = function listener(ev) {\n if (ev.key === key) {\n fn(JSON.parse(ev.newValue));\n }\n };\n window.addEventListener('storage', listener);\n return listener;\n}\nexport function removeStorageEventListener(listener) {\n window.removeEventListener('storage', listener);\n}\nexport function create(channelName, options) {\n options = fillOptionsWithDefaults(options);\n if (!canBeUsed()) {\n throw new Error('BroadcastChannel: localstorage cannot be used');\n }\n var uuid = randomToken();\n\n /**\n * eMIs\n * contains all messages that have been emitted before\n * @type {ObliviousSet}\n */\n var eMIs = new ObliviousSet(options.localstorage.removeTimeout);\n var state = {\n channelName: channelName,\n uuid: uuid,\n eMIs: eMIs // emittedMessagesIds\n };\n\n state.listener = addStorageEventListener(channelName, function (msgObj) {\n if (!state.messagesCallback) return; // no listener\n if (msgObj.uuid === uuid) return; // own message\n if (!msgObj.token || eMIs.has(msgObj.token)) return; // already emitted\n if (msgObj.data.time && msgObj.data.time < state.messagesCallbackTime) return; // too old\n\n eMIs.add(msgObj.token);\n state.messagesCallback(msgObj.data);\n });\n return state;\n}\nexport function close(channelState) {\n removeStorageEventListener(channelState.listener);\n}\nexport function onMessage(channelState, fn, time) {\n channelState.messagesCallbackTime = time;\n channelState.messagesCallback = fn;\n}\nexport function canBeUsed() {\n var ls = getLocalStorage();\n if (!ls) return false;\n try {\n var key = '__broadcastchannel_check';\n ls.setItem(key, 'works');\n ls.removeItem(key);\n } catch (e) {\n // Safari 10 in private mode will not allow write access to local\n // storage and fail with a QuotaExceededError. See\n // https://developer.mozilla.org/en-US/docs/Web/API/Web_Storage_API#Private_Browsing_Incognito_modes\n return false;\n }\n return true;\n}\nexport function averageResponseTime() {\n var defaultTime = 120;\n var userAgent = navigator.userAgent.toLowerCase();\n if (userAgent.includes('safari') && !userAgent.includes('chrome')) {\n // safari is much slower so this time is higher\n return defaultTime * 2;\n }\n return defaultTime;\n}\nexport var LocalstorageMethod = {\n create: create,\n close: close,\n onMessage: onMessage,\n postMessage: postMessage,\n canBeUsed: canBeUsed,\n type: type,\n averageResponseTime: averageResponseTime,\n microSeconds: microSeconds\n};","import { microSeconds as micro } from '../util.js';\nexport var microSeconds = micro;\nexport var type = 'simulate';\nvar SIMULATE_CHANNELS = new Set();\nexport function create(channelName) {\n var state = {\n name: channelName,\n messagesCallback: null\n };\n SIMULATE_CHANNELS.add(state);\n return state;\n}\nexport function close(channelState) {\n SIMULATE_CHANNELS[\"delete\"](channelState);\n}\nexport function postMessage(channelState, messageJson) {\n return new Promise(function (res) {\n return setTimeout(function () {\n var channelArray = Array.from(SIMULATE_CHANNELS);\n channelArray.filter(function (channel) {\n return channel.name === channelState.name;\n }).filter(function (channel) {\n return channel !== channelState;\n }).filter(function (channel) {\n return !!channel.messagesCallback;\n }).forEach(function (channel) {\n return channel.messagesCallback(messageJson);\n });\n res();\n }, 5);\n });\n}\nexport function onMessage(channelState, fn) {\n channelState.messagesCallback = fn;\n}\nexport function canBeUsed() {\n return true;\n}\nexport function averageResponseTime() {\n return 5;\n}\nexport var SimulateMethod = {\n create: create,\n close: close,\n onMessage: onMessage,\n postMessage: postMessage,\n canBeUsed: canBeUsed,\n type: type,\n averageResponseTime: averageResponseTime,\n microSeconds: microSeconds\n};","import { NativeMethod } from './methods/native.js';\nimport { IndexedDBMethod } from './methods/indexed-db.js';\nimport { LocalstorageMethod } from './methods/localstorage.js';\nimport { SimulateMethod } from './methods/simulate.js';\n// the line below will be removed from es5/browser builds\n\n// order is important\nvar METHODS = [NativeMethod,\n// fastest\nIndexedDBMethod, LocalstorageMethod];\nexport function chooseMethod(options) {\n var chooseMethods = [].concat(options.methods, METHODS).filter(Boolean);\n\n // the line below will be removed from es5/browser builds\n\n // directly chosen\n if (options.type) {\n if (options.type === 'simulate') {\n // only use simulate-method if directly chosen\n return SimulateMethod;\n }\n var ret = chooseMethods.find(function (m) {\n return m.type === options.type;\n });\n if (!ret) throw new Error('method-type ' + options.type + ' not found');else return ret;\n }\n\n /**\n * if no webworker support is needed,\n * remove idb from the list so that localstorage will be chosen\n */\n if (!options.webWorkerSupport) {\n chooseMethods = chooseMethods.filter(function (m) {\n return m.type !== 'idb';\n });\n }\n var useMethod = chooseMethods.find(function (method) {\n return method.canBeUsed();\n });\n if (!useMethod) {\n throw new Error(\"No usable method found in \" + JSON.stringify(METHODS.map(function (m) {\n return m.type;\n })));\n } else {\n return useMethod;\n }\n}","import { isPromise, PROMISE_RESOLVED_FALSE, PROMISE_RESOLVED_VOID } from './util.js';\nimport { chooseMethod } from './method-chooser.js';\nimport { fillOptionsWithDefaults } from './options.js';\n\n/**\n * Contains all open channels,\n * used in tests to ensure everything is closed.\n */\nexport var OPEN_BROADCAST_CHANNELS = new Set();\nvar lastId = 0;\nexport var BroadcastChannel = function BroadcastChannel(name, options) {\n // identifier of the channel to debug stuff\n this.id = lastId++;\n OPEN_BROADCAST_CHANNELS.add(this);\n this.name = name;\n if (ENFORCED_OPTIONS) {\n options = ENFORCED_OPTIONS;\n }\n this.options = fillOptionsWithDefaults(options);\n this.method = chooseMethod(this.options);\n\n // isListening\n this._iL = false;\n\n /**\n * _onMessageListener\n * setting onmessage twice,\n * will overwrite the first listener\n */\n this._onML = null;\n\n /**\n * _addEventListeners\n */\n this._addEL = {\n message: [],\n internal: []\n };\n\n /**\n * Unsent message promises\n * where the sending is still in progress\n * @type {Set<Promise>}\n */\n this._uMP = new Set();\n\n /**\n * _beforeClose\n * array of promises that will be awaited\n * before the channel is closed\n */\n this._befC = [];\n\n /**\n * _preparePromise\n */\n this._prepP = null;\n _prepareChannel(this);\n};\n\n// STATICS\n\n/**\n * used to identify if someone overwrites\n * window.BroadcastChannel with this\n * See methods/native.js\n */\nBroadcastChannel._pubkey = true;\n\n/**\n * clears the tmp-folder if is node\n * @return {Promise<boolean>} true if has run, false if not node\n */\nexport function clearNodeFolder(options) {\n options = fillOptionsWithDefaults(options);\n var method = chooseMethod(options);\n if (method.type === 'node') {\n return method.clearNodeFolder().then(function () {\n return true;\n });\n } else {\n return PROMISE_RESOLVED_FALSE;\n }\n}\n\n/**\n * if set, this method is enforced,\n * no mather what the options are\n */\nvar ENFORCED_OPTIONS;\nexport function enforceOptions(options) {\n ENFORCED_OPTIONS = options;\n}\n\n// PROTOTYPE\nBroadcastChannel.prototype = {\n postMessage: function postMessage(msg) {\n if (this.closed) {\n throw new Error('BroadcastChannel.postMessage(): ' + 'Cannot post message after channel has closed ' +\n /**\n * In the past when this error appeared, it was really hard to debug.\n * So now we log the msg together with the error so it at least\n * gives some clue about where in your application this happens.\n */\n JSON.stringify(msg));\n }\n return _post(this, 'message', msg);\n },\n postInternal: function postInternal(msg) {\n return _post(this, 'internal', msg);\n },\n set onmessage(fn) {\n var time = this.method.microSeconds();\n var listenObj = {\n time: time,\n fn: fn\n };\n _removeListenerObject(this, 'message', this._onML);\n if (fn && typeof fn === 'function') {\n this._onML = listenObj;\n _addListenerObject(this, 'message', listenObj);\n } else {\n this._onML = null;\n }\n },\n addEventListener: function addEventListener(type, fn) {\n var time = this.method.microSeconds();\n var listenObj = {\n time: time,\n fn: fn\n };\n _addListenerObject(this, type, listenObj);\n },\n removeEventListener: function removeEventListener(type, fn) {\n var obj = this._addEL[type].find(function (obj) {\n return obj.fn === fn;\n });\n _removeListenerObject(this, type, obj);\n },\n close: function close() {\n var _this = this;\n if (this.closed) {\n return;\n }\n OPEN_BROADCAST_CHANNELS[\"delete\"](this);\n this.closed = true;\n var awaitPrepare = this._prepP ? this._prepP : PROMISE_RESOLVED_VOID;\n this._onML = null;\n this._addEL.message = [];\n return awaitPrepare\n // wait until all current sending are processed\n .then(function () {\n return Promise.all(Array.from(_this._uMP));\n })\n // run before-close hooks\n .then(function () {\n return Promise.all(_this._befC.map(function (fn) {\n return fn();\n }));\n })\n // close the channel\n .then(function () {\n return _this.method.close(_this._state);\n });\n },\n get type() {\n return this.method.type;\n },\n get isClosed() {\n return this.closed;\n }\n};\n\n/**\n * Post a message over the channel\n * @returns {Promise} that resolved when the message sending is done\n */\nfunction _post(broadcastChannel, type, msg) {\n var time = broadcastChannel.method.microSeconds();\n var msgObj = {\n time: time,\n type: type,\n data: msg\n };\n var awaitPrepare = broadcastChannel._prepP ? broadcastChannel._prepP : PROMISE_RESOLVED_VOID;\n return awaitPrepare.then(function () {\n var sendPromise = broadcastChannel.method.postMessage(broadcastChannel._state, msgObj);\n\n // add/remove to unsent messages list\n broadcastChannel._uMP.add(sendPromise);\n sendPromise[\"catch\"]().then(function () {\n return broadcastChannel._uMP[\"delete\"](sendPromise);\n });\n return sendPromise;\n });\n}\nfunction _prepareChannel(channel) {\n var maybePromise = channel.method.create(channel.name, channel.options);\n if (isPromise(maybePromise)) {\n channel._prepP = maybePromise;\n maybePromise.then(function (s) {\n // used in tests to simulate slow runtime\n /*if (channel.options.prepareDelay) {\n await new Promise(res => setTimeout(res, this.options.prepareDelay));\n }*/\n channel._state = s;\n });\n } else {\n channel._state = maybePromise;\n }\n}\nfunction _hasMessageListeners(channel) {\n if (channel._addEL.message.length > 0) return true;\n if (channel._addEL.internal.length > 0) return true;\n return false;\n}\nfunction _addListenerObject(channel, type, obj) {\n channel._addEL[type].push(obj);\n _startListening(channel);\n}\nfunction _removeListenerObject(channel, type, obj) {\n channel._addEL[type] = channel._addEL[type].filter(function (o) {\n return o !== obj;\n });\n _stopListening(channel);\n}\nfunction _startListening(channel) {\n if (!channel._iL && _hasMessageListeners(channel)) {\n // someone is listening, start subscribing\n\n var listenerFn = function listenerFn(msgObj) {\n channel._addEL[msgObj.type].forEach(function (listenerObject) {\n /**\n * Getting the current time in JavaScript has no good precision.\n * So instead of only listening to events that happened 'after' the listener\n * was added, we also listen to events that happened 100ms before it.\n * This ensures that when another process, like a WebWorker, sends events\n * we do not miss them out because their timestamp is a bit off compared to the main process.\n * Not doing this would make messages missing when we send data directly after subscribing and awaiting a response.\n * @link https://johnresig.com/blog/accuracy-of-javascript-time/\n */\n var hundredMsInMicro = 100 * 1000;\n var minMessageTime = listenerObject.time - hundredMsInMicro;\n if (msgObj.time >= minMessageTime) {\n listenerObject.fn(msgObj.data);\n }\n });\n };\n var time = channel.method.microSeconds();\n if (channel._prepP) {\n channel._prepP.then(function () {\n channel._iL = true;\n channel.method.onMessage(channel._state, listenerFn, time);\n });\n } else {\n channel._iL = true;\n channel.method.onMessage(channel._state, listenerFn, time);\n }\n }\n}\nfunction _stopListening(channel) {\n if (channel._iL && !_hasMessageListeners(channel)) {\n // no one is listening, stop subscribing\n channel._iL = false;\n var time = channel.method.microSeconds();\n channel.method.onMessage(channel._state, null, time);\n }\n}","import { addBrowser } from './browser.js';\nimport { addNode } from './node.js';\n\n/**\n * Use the code directly to prevent import problems\n * with the detect-node package.\n * @link https://github.com/iliakan/detect-node/blob/master/index.js\n */\nvar isNode = Object.prototype.toString.call(typeof process !== 'undefined' ? process : 0) === '[object process]';\nvar USE_METHOD = isNode ? addNode : addBrowser;\nvar LISTENERS = new Set();\nvar startedListening = false;\nfunction startListening() {\n if (startedListening) {\n return;\n }\n startedListening = true;\n USE_METHOD(runAll);\n}\nexport function add(fn) {\n startListening();\n if (typeof fn !== 'function') {\n throw new Error('Listener is no function');\n }\n LISTENERS.add(fn);\n var addReturn = {\n remove: function remove() {\n return LISTENERS[\"delete\"](fn);\n },\n run: function run() {\n LISTENERS[\"delete\"](fn);\n return fn();\n }\n };\n return addReturn;\n}\nexport function runAll() {\n var promises = [];\n LISTENERS.forEach(function (fn) {\n promises.push(fn());\n LISTENERS[\"delete\"](fn);\n });\n return Promise.all(promises);\n}\nexport function removeAll() {\n LISTENERS.clear();\n}\nexport function getSize() {\n return LISTENERS.size;\n}","export function addNode(fn) {\n process.on('exit', function () {\n return fn();\n });\n\n /**\n * on the following events,\n * the process will not end if there are\n * event-handlers attached,\n * therefore we have to call process.exit()\n */\n process.on('beforeExit', function () {\n return fn().then(function () {\n return process.exit();\n });\n });\n // catches ctrl+c event\n process.on('SIGINT', function () {\n return fn().then(function () {\n return process.exit();\n });\n });\n // catches uncaught exceptions\n process.on('uncaughtException', function (err) {\n return fn().then(function () {\n console.trace(err);\n process.exit(101);\n });\n });\n}","/* global WorkerGlobalScope */\n\nexport function addBrowser(fn) {\n if (typeof WorkerGlobalScope === 'function' && self instanceof WorkerGlobalScope) {\n /**\n * Because killing a worker does directly stop the excution\n * of the code, our only chance is to overwrite the close function\n * which could work some times.\n * @link https://stackoverflow.com/q/72903255/3443137\n */\n var oldClose = self.close.bind(self);\n self.close = function () {\n fn();\n return oldClose();\n };\n } else {\n /**\n * if we are on react-native, there is no window.addEventListener\n * @link https://github.com/pubkey/unload/issues/6\n */\n if (typeof window.addEventListener !== 'function') {\n return;\n }\n\n /**\n * for normal browser-windows, we use the beforeunload-event\n */\n window.addEventListener('beforeunload', function () {\n fn();\n }, true);\n\n /**\n * for iframes, we have to use the unload-event\n * @link https://stackoverflow.com/q/47533670/3443137\n */\n window.addEventListener('unload', function () {\n fn();\n }, true);\n }\n\n /**\n * TODO add fallback for safari-mobile\n * @link https://stackoverflow.com/a/26193516/3443137\n */\n}","import { add as unloadAdd } from 'unload';\n\n/**\n * sends and internal message over the broadcast-channel\n */\nexport function sendLeaderMessage(leaderElector, action) {\n var msgJson = {\n context: 'leader',\n action: action,\n token: leaderElector.token\n };\n return leaderElector.broadcastChannel.postInternal(msgJson);\n}\nexport function beLeader(leaderElector) {\n leaderElector.isLeader = true;\n leaderElector._hasLeader = true;\n var unloadFn = unloadAdd(function () {\n return leaderElector.die();\n });\n leaderElector._unl.push(unloadFn);\n var isLeaderListener = function isLeaderListener(msg) {\n if (msg.context === 'leader' && msg.action === 'apply') {\n sendLeaderMessage(leaderElector, 'tell');\n }\n if (msg.context === 'leader' && msg.action === 'tell' && !leaderElector._dpLC) {\n /**\n * another instance is also leader!\n * This can happen on rare events\n * like when the CPU is at 100% for long time\n * or the tabs are open very long and the browser throttles them.\n * @link https://github.com/pubkey/broadcast-channel/issues/414\n * @link https://github.com/pubkey/broadcast-channel/issues/385\n */\n leaderElector._dpLC = true;\n leaderElector._dpL(); // message the lib user so the app can handle the problem\n sendLeaderMessage(leaderElector, 'tell'); // ensure other leader also knows the problem\n }\n };\n\n leaderElector.broadcastChannel.addEventListener('internal', isLeaderListener);\n leaderElector._lstns.push(isLeaderListener);\n return sendLeaderMessage(leaderElector, 'tell');\n}","import { randomToken } from './util.js';\nimport { sendLeaderMessage, beLeader } from './leader-election-util.js';\n\n/**\n * A faster version of the leader elector that uses the WebLock API\n * @link https://developer.mozilla.org/en-US/docs/Web/API/Web_Locks_API\n */\nexport var LeaderElectionWebLock = function LeaderElectionWebLock(broadcastChannel, options) {\n var _this = this;\n this.broadcastChannel = broadcastChannel;\n broadcastChannel._befC.push(function () {\n return _this.die();\n });\n this._options = options;\n this.isLeader = false;\n this.isDead = false;\n this.token = randomToken();\n this._lstns = [];\n this._unl = [];\n this._dpL = function () {}; // onduplicate listener\n this._dpLC = false; // true when onduplicate called\n\n this._wKMC = {}; // stuff for cleanup\n\n // lock name\n this.lN = 'pubkey-bc||' + broadcastChannel.method.type + '||' + broadcastChannel.name;\n};\nLeaderElectionWebLock.prototype = {\n hasLeader: function hasLeader() {\n var _this2 = this;\n return navigator.locks.query().then(function (locks) {\n var relevantLocks = locks.held ? locks.held.filter(function (lock) {\n return lock.name === _this2.lN;\n }) : [];\n if (relevantLocks && relevantLocks.length > 0) {\n return true;\n } else {\n return false;\n }\n });\n },\n awaitLeadership: function awaitLeadership() {\n var _this3 = this;\n if (!this._wLMP) {\n this._wKMC.c = new AbortController();\n var returnPromise = new Promise(function (res, rej) {\n _this3._wKMC.res = res;\n _this3._wKMC.rej = rej;\n });\n this._wLMP = new Promise(function (res) {\n navigator.locks.request(_this3.lN, {\n signal: _this3._wKMC.c.signal\n }, function () {\n // if the lock resolved, we can drop the abort controller\n _this3._wKMC.c = undefined;\n beLeader(_this3);\n res();\n return returnPromise;\n })[\"catch\"](function () {});\n });\n }\n return this._wLMP;\n },\n set onduplicate(_fn) {\n // Do nothing because there are no duplicates in the WebLock version\n },\n die: function die() {\n var _this4 = this;\n this._lstns.forEach(function (listener) {\n return _this4.broadcastChannel.removeEventListener('internal', listener);\n });\n this._lstns = [];\n this._unl.forEach(function (uFn) {\n return uFn.remove();\n });\n this._unl = [];\n if (this.isLeader) {\n this.isLeader = false;\n }\n this.isDead = true;\n if (this._wKMC.res) {\n this._wKMC.res();\n }\n if (this._wKMC.c) {\n this._wKMC.c.abort('LeaderElectionWebLock.die() called');\n }\n return sendLeaderMessage(this, 'death');\n }\n};","import { sleep, randomToken, PROMISE_RESOLVED_VOID, PROMISE_RESOLVED_TRUE, supportsWebLockAPI } from './util.js';\nimport { sendLeaderMessage, beLeader } from './leader-election-util.js';\nimport { LeaderElectionWebLock } from './leader-election-web-lock.js';\nvar LeaderElection = function LeaderElection(broadcastChannel, options) {\n var _this = this;\n this.broadcastChannel = broadcastChannel;\n this._options = options;\n this.isLeader = false;\n this._hasLeader = false;\n this.isDead = false;\n this.token = randomToken();\n\n /**\n * Apply Queue,\n * used to ensure we do not run applyOnce()\n * in parallel.\n */\n this._aplQ = PROMISE_RESOLVED_VOID;\n // amount of unfinished applyOnce() calls\n this._aplQC = 0;\n\n // things to clean up\n this._unl = []; // _unloads\n this._lstns = []; // _listeners\n this._dpL = function () {}; // onduplicate listener\n this._dpLC = false; // true when onduplicate called\n\n /**\n * Even when the own instance is not applying,\n * we still listen to messages to ensure the hasLeader flag\n * is set correctly.\n */\n var hasLeaderListener = function hasLeaderListener(msg) {\n if (msg.context === 'leader') {\n if (msg.action === 'death') {\n _this._hasLeader = false;\n }\n if (msg.action === 'tell') {\n _this._hasLeader = true;\n }\n }\n };\n this.broadcastChannel.addEventListener('internal', hasLeaderListener);\n this._lstns.push(hasLeaderListener);\n};\nLeaderElection.prototype = {\n hasLeader: function hasLeader() {\n return Promise.resolve(this._hasLeader);\n },\n /**\n * Returns true if the instance is leader,\n * false if not.\n * @async\n */\n applyOnce: function applyOnce(\n // true if the applyOnce() call came from the fallbackInterval cycle\n isFromFallbackInterval) {\n var _this2 = this;\n if (this.isLeader) {\n return sleep(0, true);\n }\n if (this.isDead) {\n return sleep(0, false);\n }\n\n /**\n * Already applying more than once,\n * -> wait for the apply queue to be finished.\n */\n if (this._aplQC > 1) {\n return this._aplQ;\n }\n\n /**\n * Add a new apply-run\n */\n var applyRun = function applyRun() {\n /**\n * Optimization shortcuts.\n * Directly return if a previous run\n * has already elected a leader.\n */\n if (_this2.isLeader) {\n return PROMISE_RESOLVED_TRUE;\n }\n var stopCriteria = false;\n var stopCriteriaPromiseResolve;\n /**\n * Resolves when a stop criteria is reached.\n * Uses as a performance shortcut so we do not\n * have to await the responseTime when it is already clear\n * that the election failed.\n */\n var stopCriteriaPromise = new Promise(function (res) {\n stopCriteriaPromiseResolve = function stopCriteriaPromiseResolve() {\n stopCriteria = true;\n res();\n };\n });\n var handleMessage = function handleMessage(msg) {\n if (msg.context === 'leader' && msg.token != _this2.token) {\n if (msg.action === 'apply') {\n // other is applying\n if (msg.token > _this2.token) {\n /**\n * other has higher token\n * -> stop applying and let other become leader.\n */\n stopCriteriaPromiseResolve();\n }\n }\n if (msg.action === 'tell') {\n // other is already leader\n stopCriteriaPromiseResolve();\n _this2._hasLeader = true;\n }\n }\n };\n _this2.broadcastChannel.addEventListener('internal', handleMessage);\n\n /**\n * If the applyOnce() call came from the fallbackInterval,\n * we can assume that the election runs in the background and\n * not critical process is waiting for it.\n * When this is true, we give the other instances\n * more time to answer to messages in the election cycle.\n * This makes it less likely to elect duplicate leaders.\n * But also it takes longer which is not a problem because we anyway\n * run in the background.\n */\n var waitForAnswerTime = isFromFallbackInterval ? _this2._options.responseTime * 4 : _this2._options.responseTime;\n return sendLeaderMessage(_this2, 'apply') // send out that this one is applying\n .then(function () {\n return Promise.race([sleep(waitForAnswerTime), stopCriteriaPromise.then(function () {\n return Promise.reject(new Error());\n })]);\n })\n // send again in case another instance was just created\n .then(function () {\n return sendLeaderMessage(_this2, 'apply');\n })\n // let others time to respond\n .then(function () {\n return Promise.race([sleep(waitForAnswerTime), stopCriteriaPromise.then(function () {\n return Promise.reject(new Error());\n })]);\n })[\"catch\"](function () {}).then(function () {\n _this2.broadcastChannel.removeEventListener('internal', handleMessage);\n if (!stopCriteria) {\n // no stop criteria -> own is leader\n return beLeader(_this2).then(function () {\n return true;\n });\n } else {\n // other is leader\n return false;\n }\n });\n };\n this._aplQC = this._aplQC + 1;\n this._aplQ = this._aplQ.then(function () {\n return applyRun();\n }).then(function () {\n _this2._aplQC = _this2._aplQC - 1;\n });\n return this._aplQ.then(function () {\n return _this2.isLeader;\n });\n },\n awaitLeadership: function awaitLeadership() {\n if ( /* _awaitLeadershipPromise */\n !this._aLP) {\n this._aLP = _awaitLeadershipOnce(this);\n }\n return this._aLP;\n },\n set onduplicate(fn) {\n this._dpL = fn;\n },\n die: function die() {\n var _this3 = this;\n this._lstns.forEach(function (listener) {\n return _this3.broadcastChannel.removeEventListener('internal', listener);\n });\n this._lstns = [];\n this._unl.forEach(function (uFn) {\n return uFn.remove();\n });\n this._unl = [];\n if (this.isLeader) {\n this._hasLeader = false;\n this.isLeader = false;\n }\n this.isDead = true;\n return sendLeaderMessage(this, 'death');\n }\n};\n\n/**\n * @param leaderElector {LeaderElector}\n */\nfunction _awaitLeadershipOnce(leaderElector) {\n if (leaderElector.isLeader) {\n return PROMISE_RESOLVED_VOID;\n }\n return new Promise(function (res) {\n var resolved = false;\n function finish() {\n if (resolved) {\n return;\n }\n resolved = true;\n leaderElector.broadcastChannel.removeEventListener('internal', whenDeathListener);\n res(true);\n }\n\n // try once now\n leaderElector.applyOnce().then(function () {\n if (leaderElector.isLeader) {\n finish();\n }\n });\n\n /**\n * Try on fallbackInterval\n * @recursive\n */\n var tryOnFallBack = function tryOnFallBack() {\n return sleep(leaderElector._options.fallbackInterval).then(function () {\n if (leaderElector.isDead || resolved) {\n return;\n }\n if (leaderElector.isLeader) {\n finish();\n } else {\n return leaderElector.applyOnce(true).then(function () {\n if (leaderElector.isLeader) {\n finish();\n } else {\n tryOnFallBack();\n }\n });\n }\n });\n };\n tryOnFallBack();\n\n // try when other leader dies\n var whenDeathListener = function whenDeathListener(msg) {\n if (msg.context === 'leader' && msg.action === 'death') {\n leaderElector._hasLeader = false;\n leaderElector.applyOnce().then(function () {\n if (leaderElector.isLeader) {\n finish();\n }\n });\n }\n };\n leaderElector.broadcastChannel.addEventListener('internal', whenDeathListener);\n leaderElector._lstns.push(whenDeathListener);\n });\n}\nfunction fillOptionsWithDefaults(options, channel) {\n if (!options) options = {};\n options = JSON.parse(JSON.stringify(options));\n if (!options.fallbackInterval) {\n options.fallbackInterval = 3000;\n }\n if (!options.responseTime) {\n options.responseTime = channel.method.averageResponseTime(channel.options);\n }\n return options;\n}\nexport function createLeaderElection(channel, options) {\n if (channel._leaderElector) {\n throw new Error('BroadcastChannel already has a leader-elector');\n }\n options = fillOptionsWithDefaults(options, channel);\n var elector = supportsWebLockAPI() ? new LeaderElectionWebLock(channel, options) : new LeaderElection(channel, options);\n channel._befC.push(function () {\n return elector.die();\n });\n channel._leaderElector = elector;\n return elector;\n}","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport {\n BroadcastChannel,\n createLeaderElection,\n LeaderElector\n} from 'broadcast-channel';\nimport { isBrowser } from '../features';\n\ndeclare type OnLeaderHandler = (() => Promise<void>);\ndeclare type ServiceOptions = ServiceManagerOptions & {\n onLeader?: OnLeaderHandler;\n};\n\nexport class LeaderElectionService implements ServiceInterface {\n private options: ServiceOptions;\n private channel?: BroadcastChannel;\n private elector?: LeaderElector;\n private started = false;\n\n constructor(options: ServiceOptions = {}) {\n this.options = options;\n this.onLeaderDuplicate = this.onLeaderDuplicate.bind(this);\n this.onLeader = this.onLeader.bind(this);\n }\n\n private onLeaderDuplicate() {\n }\n\n private async onLeader() {\n await this.options.onLeader?.();\n }\n\n isLeader() {\n return !!this.elector?.isLeader;\n }\n\n hasLeader() {\n return !!this.elector?.hasLeader;\n }\n\n async start() {\n if (this.canStart()) {\n const { electionChannelName } = this.options;\n this.channel = new BroadcastChannel(electionChannelName as string);\n this.elector = createLeaderElection(this.channel);\n this.elector.onduplicate = this.onLeaderDuplicate;\n this.elector.awaitLeadership().then(this.onLeader);\n this.started = true;\n }\n }\n\n async stop() {\n if (this.started) {\n if (this.elector) {\n await this.elector.die();\n this.elector = undefined;\n }\n if (this.channel) {\n // Workaround to fix error `Failed to execute 'postMessage' on 'BroadcastChannel': Channel is closed`\n (this.channel as any).postInternal = () => Promise.resolve();\n await this.channel.close();\n this.channel = undefined;\n }\n this.started = false;\n }\n }\n\n requiresLeadership() {\n return false;\n }\n\n isStarted() {\n return this.started;\n }\n\n canStart() {\n return isBrowser() && !this.started;\n }\n\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError } from '../errors';\nimport { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport { EVENT_EXPIRED, TokenManagerInterface, isRefreshToken } from '../oidc/types';\nimport { isBrowser } from '../features';\n\nexport class AutoRenewService implements ServiceInterface {\n private tokenManager: TokenManagerInterface;\n private options: ServiceManagerOptions;\n private renewTimeQueue: Array<number>;\n private started = false;\n\n constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n this.renewTimeQueue = [];\n this.onTokenExpiredHandler = this.onTokenExpiredHandler.bind(this);\n }\n \n private shouldThrottleRenew(): boolean {\n let res = false;\n this.renewTimeQueue.push(Date.now());\n if (this.renewTimeQueue.length >= 10) {\n // get and remove first item from queue\n const firstTime = this.renewTimeQueue.shift() as number;\n const lastTime = this.renewTimeQueue[this.renewTimeQueue.length - 1];\n res = (lastTime - firstTime) < 30 * 1000;\n }\n return res;\n }\n\n requiresLeadership() {\n // If tokens sync storage is enabled, handle tokens expiration only in 1 leader tab\n return !!this.options.syncStorage && isBrowser();\n }\n\n private processExpiredTokens() {\n const tokenStorage = this.tokenManager.getStorage();\n const tokens = tokenStorage.getStorage();\n Object.keys(tokens).forEach(key => {\n const token = tokens[key];\n if (!isRefreshToken(token) && this.tokenManager.hasExpired(token)) {\n this.onTokenExpiredHandler(key);\n }\n });\n }\n\n private onTokenExpiredHandler(key: string) {\n if (this.options.autoRenew) {\n if (this.shouldThrottleRenew()) {\n const error = new AuthSdkError('Too many token renew requests');\n this.tokenManager.emitError(error);\n } else {\n this.tokenManager.renew(key).catch(() => {}); // Renew errors will emit an \"error\" event \n }\n } else if (this.options.autoRemove) {\n this.tokenManager.remove(key);\n }\n }\n\n canStart() {\n return (!!this.options.autoRenew || !!this.options.autoRemove) && !this.started;\n }\n\n async start() {\n if (this.canStart()) {\n this.tokenManager.on(EVENT_EXPIRED, this.onTokenExpiredHandler);\n if (this.tokenManager.isStarted()) {\n // If token manager has been already started, we could miss token expire events,\n // so need to process expired tokens manually.\n this.processExpiredTokens();\n }\n this.started = true;\n }\n }\n\n async stop() {\n if (this.started) {\n this.tokenManager.off(EVENT_EXPIRED, this.onTokenExpiredHandler);\n this.renewTimeQueue = [];\n this.started = false;\n }\n }\n\n isStarted() {\n return this.started;\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { BroadcastChannel } from 'broadcast-channel';\nimport { isBrowser } from '../features';\nimport {\n ServiceManagerOptions, ServiceInterface\n} from '../core/types';\nimport {\n Token, Tokens, \n EVENT_ADDED, EVENT_REMOVED, EVENT_RENEWED, EVENT_SET_STORAGE, TokenManagerInterface\n} from '../oidc/types';\nimport { AuthSdkError } from '../errors';\n\nexport type SyncMessage = {\n type: string;\n key?: string;\n token?: Token;\n oldToken?: Token;\n storage?: Tokens;\n};\nexport class SyncStorageService implements ServiceInterface {\n private tokenManager: TokenManagerInterface;\n private options: ServiceManagerOptions;\n private channel?: BroadcastChannel<SyncMessage>;\n private started = false;\n private enablePostMessage = true;\n\n constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n this.onTokenAddedHandler = this.onTokenAddedHandler.bind(this);\n this.onTokenRemovedHandler = this.onTokenRemovedHandler.bind(this);\n this.onTokenRenewedHandler = this.onTokenRenewedHandler.bind(this);\n this.onSetStorageHandler = this.onSetStorageHandler.bind(this);\n this.onSyncMessageHandler = this.onSyncMessageHandler.bind(this);\n }\n\n requiresLeadership() {\n return false;\n }\n\n isStarted() {\n return this.started;\n }\n\n canStart() {\n return !!this.options.syncStorage && isBrowser() && !this.started;\n }\n\n async start() {\n if (!this.canStart()) {\n return;\n }\n \n const { syncChannelName } = this.options;\n try {\n // BroadcastChannel throws if no supported method can be found\n this.channel = new BroadcastChannel(syncChannelName as string);\n } catch (err) {\n throw new AuthSdkError('SyncStorageService is not supported in current browser.');\n }\n\n this.tokenManager.on(EVENT_ADDED, this.onTokenAddedHandler);\n this.tokenManager.on(EVENT_REMOVED, this.onTokenRemovedHandler);\n this.tokenManager.on(EVENT_RENEWED, this.onTokenRenewedHandler);\n this.tokenManager.on(EVENT_SET_STORAGE, this.onSetStorageHandler);\n this.channel.addEventListener('message', this.onSyncMessageHandler);\n this.started = true;\n }\n\n async stop() {\n if (this.started) {\n this.tokenManager.off(EVENT_ADDED, this.onTokenAddedHandler);\n this.tokenManager.off(EVENT_REMOVED, this.onTokenRemovedHandler);\n this.tokenManager.off(EVENT_RENEWED, this.onTokenRenewedHandler);\n this.tokenManager.off(EVENT_SET_STORAGE, this.onSetStorageHandler);\n this.channel?.removeEventListener('message', this.onSyncMessageHandler);\n await this.channel?.close();\n this.channel = undefined;\n this.started = false;\n }\n }\n\n private onTokenAddedHandler(key: string, token: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_ADDED,\n key,\n token\n });\n }\n\n private onTokenRemovedHandler(key: string, token: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_REMOVED,\n key,\n token\n });\n }\n\n private onTokenRenewedHandler(key: string, token: Token, oldToken?: Token) {\n if (!this.enablePostMessage) {\n return;\n }\n this.channel?.postMessage({\n type: EVENT_RENEWED,\n key,\n token,\n oldToken\n });\n }\n\n private onSetStorageHandler(storage: Tokens) {\n this.channel?.postMessage({\n type: EVENT_SET_STORAGE,\n storage\n });\n }\n\n /* eslint-disable complexity */\n private onSyncMessageHandler(msg: SyncMessage) {\n // Notes:\n // 1. Using `enablePostMessage` flag here to prevent sync message loop.\n // If this flag is on, tokenManager event handlers do not post sync message.\n // 2. IE11 has known issue with synchronization of LocalStorage cross tabs.\n // One workaround is to set empty event handler for `window.onstorage`.\n // But it's not 100% working, sometimes you still get old value from LocalStorage.\n // Better approch is to explicitly udpate LocalStorage with `setStorage`.\n\n this.enablePostMessage = false;\n switch (msg.type) {\n case EVENT_SET_STORAGE:\n this.tokenManager.getStorage().setStorage(msg.storage);\n break;\n case EVENT_ADDED:\n this.tokenManager.emitAdded(msg.key!, msg.token!);\n this.tokenManager.setExpireEventTimeout(msg.key!, msg.token!);\n break;\n case EVENT_REMOVED:\n this.tokenManager.clearExpireEventTimeout(msg.key!);\n this.tokenManager.emitRemoved(msg.key!, msg.token!);\n break;\n case EVENT_RENEWED:\n this.tokenManager.emitRenewed(msg.key!, msg.token!, msg.oldToken);\n break;\n default:\n break;\n }\n this.enablePostMessage = true;\n }\n} ","import { ServiceInterface, ServiceManagerOptions } from '../core/types';\nimport { TokenManagerInterface } from '../oidc/types';\nimport { isBrowser } from '../features';\n\nconst getNow = () => Math.floor(Date.now() / 1000);\n\nexport class RenewOnTabActivationService implements ServiceInterface {\n private tokenManager: TokenManagerInterface;\n private started = false;\n private options: ServiceManagerOptions;\n private lastHidden = -1;\n onPageVisbilityChange: () => void;\n\n constructor(tokenManager: TokenManagerInterface, options: ServiceManagerOptions = {}) {\n this.tokenManager = tokenManager;\n this.options = options;\n // store this context for event handler\n this.onPageVisbilityChange = this._onPageVisbilityChange.bind(this);\n }\n\n // do not use directly, use `onPageVisbilityChange` (with binded this context)\n /* eslint complexity: [0, 10] */\n private _onPageVisbilityChange () {\n if (document.hidden) {\n this.lastHidden = getNow();\n }\n // renew will only attempt if tab was inactive for duration\n else if (this.lastHidden > 0 && (getNow() - this.lastHidden >= this.options.tabInactivityDuration!)) {\n const { accessToken, idToken } = this.tokenManager.getTokensSync();\n if (!!accessToken && this.tokenManager.hasExpired(accessToken)) {\n const key = this.tokenManager.getStorageKeyByType('accessToken');\n // Renew errors will emit an \"error\" event\n this.tokenManager.renew(key).catch(() => {});\n }\n else if (!!idToken && this.tokenManager.hasExpired(idToken)) {\n const key = this.tokenManager.getStorageKeyByType('idToken');\n // Renew errors will emit an \"error\" event\n this.tokenManager.renew(key).catch(() => {});\n }\n }\n }\n\n async start () {\n if (this.canStart() && !!document) {\n document.addEventListener('visibilitychange', this.onPageVisbilityChange);\n this.started = true;\n }\n }\n\n async stop () {\n if (document) {\n document.removeEventListener('visibilitychange', this.onPageVisbilityChange);\n this.started = false;\n }\n }\n\n canStart(): boolean {\n return isBrowser() &&\n !!this.options.autoRenew &&\n !!this.options.renewOnTabActivation &&\n !this.started;\n }\n\n requiresLeadership(): boolean {\n return false;\n }\n\n isStarted(): boolean {\n return this.started;\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport {\n OAuthTransactionMeta,\n OAuthStorageManagerInterface,\n} from '../../oidc';\n\nimport {\n ServiceManagerInterface,\n ServiceInterface,\n ServiceManagerOptions,\n OktaAuthCoreInterface,\n OktaAuthCoreOptions\n} from '../types';\nimport { AutoRenewService,\n SyncStorageService,\n LeaderElectionService,\n RenewOnTabActivationService\n} from '../../services';\nimport { removeNils } from '../../util';\n\nconst AUTO_RENEW = 'autoRenew';\nconst SYNC_STORAGE = 'syncStorage';\nconst LEADER_ELECTION = 'leaderElection';\nconst RENEW_ON_TAB_ACTIVATION = 'renewOnTabActivation';\n\nexport class ServiceManager\n<\n M extends OAuthTransactionMeta,\n S extends OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions\n>\nimplements ServiceManagerInterface \n{\n private sdk: OktaAuthCoreInterface<M, S, O>;\n private options: ServiceManagerOptions;\n private services: Map<string, ServiceInterface>;\n private started: boolean;\n\n private static knownServices = [AUTO_RENEW, SYNC_STORAGE, LEADER_ELECTION, RENEW_ON_TAB_ACTIVATION];\n\n private static defaultOptions: ServiceManagerOptions = {\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n renewOnTabActivation: true,\n tabInactivityDuration: 1800, // 30 mins in seconds\n };\n\n constructor(sdk: OktaAuthCoreInterface<M, S, O>, options: ServiceManagerOptions = {}) {\n this.sdk = sdk;\n this.onLeader = this.onLeader.bind(this);\n\n // TODO: backwards compatibility, remove in next major version - OKTA-473815\n const { autoRenew, autoRemove, syncStorage } = sdk.tokenManager.getOptions();\n options.electionChannelName = options.electionChannelName || options.broadcastChannelName;\n this.options = Object.assign({}, \n ServiceManager.defaultOptions,\n { autoRenew, autoRemove, syncStorage }, \n {\n electionChannelName: `${sdk.options.clientId}-election`,\n syncChannelName: `${sdk.options.clientId}-sync`,\n },\n removeNils(options)\n );\n\n this.started = false;\n this.services = new Map();\n\n ServiceManager.knownServices.forEach(name => {\n const svc = this.createService(name);\n if (svc) {\n this.services.set(name, svc);\n }\n });\n }\n\n private async onLeader() {\n if (this.started) {\n // Start services that requires leadership\n await this.startServices();\n }\n }\n\n isLeader() {\n return (this.getService(LEADER_ELECTION) as LeaderElectionService)?.isLeader();\n }\n\n isLeaderRequired() {\n return [...this.services.values()].some(srv => srv.canStart() && srv.requiresLeadership());\n }\n\n async start() {\n if (this.started) {\n return; // noop if services have already started\n }\n await this.startServices();\n this.started = true;\n }\n \n async stop() {\n await this.stopServices();\n this.started = false;\n }\n\n getService(name: string): ServiceInterface | undefined {\n return this.services.get(name);\n }\n\n private async startServices() {\n for (const [name, srv] of this.services.entries()) {\n if (this.canStartService(name, srv)) {\n await srv.start();\n }\n }\n }\n\n private async stopServices() {\n for (const srv of this.services.values()) {\n await srv.stop();\n }\n }\n\n // eslint-disable-next-line complexity\n private canStartService(name: string, srv: ServiceInterface): boolean {\n let canStart = srv.canStart() && !srv.isStarted();\n // only start election if a leader is required\n if (name === LEADER_ELECTION) {\n canStart &&= this.isLeaderRequired();\n } else if (srv.requiresLeadership()) {\n canStart &&= this.isLeader();\n }\n return canStart;\n }\n\n private createService(name: string): ServiceInterface {\n const tokenManager = this.sdk.tokenManager;\n\n let service: ServiceInterface;\n switch (name) {\n case LEADER_ELECTION:\n service = new LeaderElectionService({...this.options, onLeader: this.onLeader});\n break;\n case AUTO_RENEW:\n service = new AutoRenewService(tokenManager, {...this.options});\n break;\n case SYNC_STORAGE:\n service = new SyncStorageService(tokenManager, {...this.options});\n break;\n case RENEW_ON_TAB_ACTIVATION:\n service = new RenewOnTabActivationService(tokenManager, {...this.options});\n break;\n default:\n throw new Error(`Unknown service ${name}`);\n }\n return service;\n }\n\n}\n","import { StorageManagerConstructor } from '../storage/types';\nimport { OktaAuthConstructor, OktaAuthOptionsConstructor } from '../base/types';\n\nimport { OktaAuthCoreInterface, OktaAuthCoreOptions } from './types';\nimport { createOktaAuthBase } from '../base';\nimport { mixinStorage } from '../storage/mixin';\nimport { mixinHttp } from '../http/mixin';\nimport { mixinOAuth } from '../oidc/mixin';\nimport {\n OAuthStorageManagerInterface,\n PKCETransactionMeta,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../oidc/types';\nimport { mixinCore } from './mixin';\nimport { mixinSession } from '../session/mixin';\n\nexport function createOktaAuthCore<\n M extends PKCETransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions = OktaAuthCoreOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n>(\n StorageManagerConstructor: StorageManagerConstructor<S>,\n OptionsConstructor: OktaAuthOptionsConstructor<O>,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>\n): OktaAuthConstructor<OktaAuthCoreInterface<M, S, O, TM>>\n{\n const Base = createOktaAuthBase(OptionsConstructor);\n const WithStorage = mixinStorage<S, O>(Base, StorageManagerConstructor);\n const WithHttp = mixinHttp<S, O>(WithStorage);\n const WithSession = mixinSession<S, O>(WithHttp);\n const WithOAuth = mixinOAuth<M, S, O, TM>(WithSession, TransactionManagerConstructor);\n const Core = mixinCore<M, S, O, TM>(WithOAuth);\n return Core;\n}\n","import { parseOAuthResponseFromUrl } from '../oidc/parseFromUrl';\nimport { OktaAuthConstructor } from '../base/types';\nimport {\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n PKCETransactionMeta,\n Tokens,\n TransactionManagerInterface,\n} from '../oidc/types';\nimport { AuthStateManager } from './AuthStateManager';\nimport { ServiceManager } from './ServiceManager';\nimport { OktaAuthCoreInterface, OktaAuthCoreOptions } from './types';\nimport { AuthSdkError } from '../errors';\n\nexport function mixinCore\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions = OktaAuthCoreOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n = OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthCoreInterface<M, S, O, TM>>\n{\n return class OktaAuthCore extends Base implements OktaAuthCoreInterface<M, S, O, TM>\n {\n authStateManager: AuthStateManager<M, S, O>;\n serviceManager: ServiceManager<M, S, O>;\n \n constructor(...args: any[]) {\n super(...args);\n\n // AuthStateManager\n this.authStateManager = new AuthStateManager<M, S, O>(this);\n\n // ServiceManager\n this.serviceManager = new ServiceManager<M, S, O>(this, this.options.services);\n }\n\n async start() {\n await this.serviceManager.start();\n // TODO: review tokenManager.start\n this.tokenManager.start();\n if (!this.token.isLoginRedirect()) {\n await this.authStateManager.updateAuthState();\n }\n }\n \n async stop() {\n // TODO: review tokenManager.stop\n this.tokenManager.stop();\n await this.serviceManager.stop();\n }\n\n async handleRedirect(originalUri?: string): Promise<void> {\n await this.handleLoginRedirect(undefined, originalUri);\n }\n\n // eslint-disable-next-line complexity\n async handleLoginRedirect(tokens?: Tokens, originalUri?: string): Promise<void> {\n let state = this.options.state;\n \n // Store tokens and update AuthState by the emitted events\n if (tokens) {\n this.tokenManager.setTokens(tokens);\n originalUri = originalUri || this.getOriginalUri(this.options.state);\n } else if (this.isLoginRedirect()) {\n try {\n // For redirect flow, get state from the URL and use it to retrieve the originalUri\n const oAuthResponse = await parseOAuthResponseFromUrl(this, {});\n state = oAuthResponse.state;\n originalUri = originalUri || this.getOriginalUri(state);\n await this.storeTokensFromRedirect();\n } catch(e) {\n // auth state should be updated\n await this.authStateManager.updateAuthState();\n throw e;\n }\n } else {\n return; // nothing to do\n }\n \n // ensure auth state has been updated\n await this.authStateManager.updateAuthState();\n \n // clear originalUri from storage\n this.removeOriginalUri(state);\n \n // Redirect to originalUri\n const { restoreOriginalUri } = this.options;\n if (restoreOriginalUri) {\n await restoreOriginalUri(this, originalUri);\n } else if (originalUri) {\n window.location.replace(originalUri);\n }\n }\n\n handleIDPPopupRedirect (url = window.location.href) {\n const res = parseOAuthResponseFromUrl(this, { responseMode: 'query', url });\n if (res.state) {\n const channel = new BroadcastChannel(`popup-callback:${res.state}`);\n channel.postMessage(res);\n channel.close();\n }\n else {\n throw new AuthSdkError('Unable to parse auth code params');\n }\n }\n };\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { createOAuthOptionsConstructor } from '../oidc';\nimport { AuthState, OktaAuthCoreInterface, OktaAuthCoreOptions, ServiceManagerOptions } from './types';\n\n\nexport function createCoreOptionsConstructor()\n{\n const OAuthOptionsConstructor = createOAuthOptionsConstructor();\n return class CoreOptionsConstructor\n extends OAuthOptionsConstructor\n implements Required<OktaAuthCoreOptions>\n {\n services: ServiceManagerOptions;\n transformAuthState: (oktaAuth: OktaAuthCoreInterface, authState: AuthState) => Promise<AuthState>;\n\n constructor(options: any) {\n super(options);\n this.services = options.services;\n this.transformAuthState = options.transformAuthState;\n }\n };\n}\n","import { createOAuthStorageManager } from '../oidc/storage';\nimport { PKCETransactionMeta } from '../oidc/types';\n\nexport function createCoreStorageManager<M extends PKCETransactionMeta = PKCETransactionMeta>() {\n return createOAuthStorageManager<M>();\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { AuthSdkError } from '../errors';\nimport { atob, btoa } from './webcrypto';\n\n// converts a string to base64 (url/filename safe variant)\nexport function stringToBase64Url(str) {\n var b64 = btoa(str);\n return base64ToBase64Url(b64);\n}\n\n// converts a standard base64-encoded string to a \"url/filename safe\" variant\nexport function base64ToBase64Url(b64) {\n return b64.replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n\n// converts a \"url/filename safe\" base64 string to a \"standard\" base64 string\nexport function base64UrlToBase64(b64u) {\n return b64u.replace(/-/g, '+').replace(/_/g, '/');\n}\n\nexport function base64UrlToString(b64u) {\n var b64 = base64UrlToBase64(b64u);\n switch (b64.length % 4) {\n case 0:\n break;\n case 2:\n b64 += '==';\n break;\n case 3:\n b64 += '=';\n break;\n default:\n throw new AuthSdkError('Not a valid Base64Url');\n }\n var utf8 = atob(b64);\n try {\n return decodeURIComponent(escape(utf8));\n } catch (e) {\n return utf8;\n }\n}\n\nexport function stringToBuffer(str) {\n var buffer = new Uint8Array(str.length);\n for (var i = 0; i < str.length; i++) {\n buffer[i] = str.charCodeAt(i);\n }\n return buffer;\n}\n\nexport function base64UrlDecode(str) {\n return atob(base64UrlToBase64(str));\n}\n\n// Converts base64 string to binary data view\nexport function base64UrlToBuffer(b64u) {\n return Uint8Array.from(base64UrlDecode(b64u), (c: string) => c.charCodeAt(0));\n}\n\n// Converts an ArrayBuffer object that contains binary data to base64 encoded string\nexport function bufferToBase64Url(bin) {\n return btoa(new Uint8Array(bin).reduce((s, byte) => s + String.fromCharCode(byte), ''));\n}\n\n\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n/* global atob, btoa, crypto */\nconst a = function(str) { return atob(str); };\nconst b = function (str) { return btoa(str); };\nconst c = typeof crypto === 'undefined' ? null : crypto;\n\nexport { a as atob, b as btoa, c as webcrypto };\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* global TextEncoder */\nimport { stringToBase64Url } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function getOidcHash(str) { \n var buffer = new TextEncoder().encode(str);\n return webcrypto.subtle.digest('SHA-256', buffer).then(function(arrayBuffer) {\n var intBuffer = new Uint8Array(arrayBuffer);\n var firstHalf = intBuffer.slice(0, 16);\n var hash = String.fromCharCode.apply(null, firstHalf as unknown as number[]);\n var b64u = stringToBase64Url(hash); // url-safe base64 variant\n return b64u;\n });\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { clone } from '../util';\nimport { stringToBuffer, base64UrlDecode } from './base64';\nimport { webcrypto } from './webcrypto';\n\nexport function verifyToken(idToken, key) {\n key = clone(key);\n\n var format = 'jwk';\n var algo = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: { name: 'SHA-256' }\n };\n var extractable = true;\n var usages = ['verify'];\n\n // https://connect.microsoft.com/IE/feedback/details/2242108/webcryptoapi-importing-jwk-with-use-field-fails\n // This is a metadata tag that specifies the intent of how the key should be used.\n // It's not necessary to properly verify the jwt's signature.\n delete key.use;\n\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n return webcrypto.subtle.importKey(\n format,\n key,\n algo,\n extractable,\n usages\n )\n .then(function(cryptoKey) {\n var jwt = idToken.split('.');\n var payload = stringToBuffer(jwt[0] + '.' + jwt[1]);\n var b64Signature = base64UrlDecode(jwt[2]);\n var signature = stringToBuffer(b64Signature);\n\n return webcrypto.subtle.verify(\n algo,\n cryptoKey,\n signature,\n payload\n );\n });\n}\n\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\nimport { HttpResponse } from '../http/types';\nimport { APIError, FieldError } from './types';\n\nexport default class AuthApiError extends CustomError implements APIError {\n errorSummary: string;\n errorCode?: string;\n errorLink?: string;\n errorId?: string;\n errorCauses?: Array<FieldError>;\n xhr?: HttpResponse;\n meta?: Record<string, string | number>;\n\n constructor(err: APIError, xhr?: HttpResponse, meta?: Record<string, string | number>) {\n const message = err.errorSummary;\n super(message);\n\n this.name = 'AuthApiError';\n this.errorSummary = err.errorSummary;\n this.errorCode = err.errorCode;\n this.errorLink = err.errorLink;\n this.errorId = err.errorId;\n this.errorCauses = err.errorCauses;\n\n if (xhr) {\n this.xhr = xhr;\n }\n\n if (meta) {\n this.meta = meta;\n }\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\n\nexport default class AuthPollStopError extends CustomError {\n constructor() {\n const message = 'The poll was stopped by the sdk';\n super(message);\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\nimport { APIError, FieldError } from './types';\n\nexport default class AuthSdkError extends CustomError implements APIError {\n errorSummary: string;\n errorCode: string;\n errorLink: string;\n errorId: string;\n errorCauses: Array<FieldError>;\n xhr?: XMLHttpRequest;\n\n constructor(msg: string, xhr?: XMLHttpRequest) {\n super(msg);\n this.name = 'AuthSdkError';\n this.errorCode = 'INTERNAL';\n this.errorSummary = msg;\n this.errorLink = 'INTERNAL';\n this.errorId = 'INTERNAL';\n this.errorCauses = [];\n if (xhr) {\n this.xhr = xhr;\n }\n }\n}\n","function _isNativeReflectConstruct() {\n try {\n var t = !Boolean.prototype.valueOf.call(Reflect.construct(Boolean, [], function () {}));\n } catch (t) {}\n return (_isNativeReflectConstruct = function _isNativeReflectConstruct() {\n return !!t;\n })();\n}\nexport { _isNativeReflectConstruct as default };","import getPrototypeOf from \"./getPrototypeOf.js\";\nimport setPrototypeOf from \"./setPrototypeOf.js\";\nimport isNativeFunction from \"./isNativeFunction.js\";\nimport construct from \"./construct.js\";\nfunction _wrapNativeSuper(t) {\n var r = \"function\" == typeof Map ? new Map() : void 0;\n return _wrapNativeSuper = function _wrapNativeSuper(t) {\n if (null === t || !isNativeFunction(t)) return t;\n if (\"function\" != typeof t) throw new TypeError(\"Super expression must either be null or a function\");\n if (void 0 !== r) {\n if (r.has(t)) return r.get(t);\n r.set(t, Wrapper);\n }\n function Wrapper() {\n return construct(t, arguments, getPrototypeOf(this).constructor);\n }\n return Wrapper.prototype = Object.create(t.prototype, {\n constructor: {\n value: Wrapper,\n enumerable: !1,\n writable: !0,\n configurable: !0\n }\n }), setPrototypeOf(Wrapper, t);\n }, _wrapNativeSuper(t);\n}\nexport { _wrapNativeSuper as default };","function _isNativeFunction(t) {\n try {\n return -1 !== Function.toString.call(t).indexOf(\"[native code]\");\n } catch (n) {\n return \"function\" == typeof t;\n }\n}\nexport { _isNativeFunction as default };","import isNativeReflectConstruct from \"./isNativeReflectConstruct.js\";\nimport setPrototypeOf from \"./setPrototypeOf.js\";\nfunction _construct(t, e, r) {\n if (isNativeReflectConstruct()) return Reflect.construct.apply(null, arguments);\n var o = [null];\n o.push.apply(o, e);\n var p = new (t.bind.apply(t, o))();\n return r && setPrototypeOf(p, r.prototype), p;\n}\nexport { _construct as default };","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport default class CustomError extends Error {\n constructor(message: string) {\n // https://stackoverflow.com/questions/41102060/typescript-extending-error-class\n super(message); // 'Error' breaks prototype chain here\n Object.setPrototypeOf(this, new.target.prototype); // restore prototype chain\n }\n}\n","/* eslint-disable camelcase */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport CustomError from './CustomError';\nimport type { HttpResponse } from '../http';\n\nexport default class OAuthError extends CustomError {\n errorCode: string;\n errorSummary: string;\n\n // for widget / idx-js backward compatibility\n error: string;\n error_description: string;\n\n resp: HttpResponse | null = null;\n\n constructor(errorCode: string, summary: string, resp?: HttpResponse) {\n super(summary);\n\n this.name = 'OAuthError';\n this.errorCode = errorCode;\n this.errorSummary = summary;\n\n // for widget / idx-js backward compatibility\n this.error = errorCode;\n this.error_description = summary;\n\n // an OAuth error (should) always result from a network request\n // therefore include that in error for potential error handling\n if (resp) {\n this.resp = resp;\n }\n }\n}\n\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport type { HttpResponse } from '../http';\nimport CustomError from './CustomError';\nimport { isFunction } from '../util';\n\n// Error thrown after an unsuccessful network request which requires an Authorization header \n// and returns a 4XX error with a www-authenticate header. The header value is parsed to construct \n// an error instance, which contains key/value pairs parsed out\nexport default class WWWAuthError extends CustomError {\n static UNKNOWN_ERROR = 'UNKNOWN_WWW_AUTH_ERROR';\n\n scheme: string;\n parameters: Record<string, string>;\n name = 'WWWAuthError';\n\n resp: HttpResponse | null = null;\n\n constructor(scheme: string, parameters: Record<string, string>, resp?: HttpResponse) {\n // defaults to unknown error. `error` being returned in the www-authenticate header is expected\n // but cannot be guaranteed. Throwing an error within a error constructor seems awkward\n super(parameters.error ?? WWWAuthError.UNKNOWN_ERROR);\n this.scheme = scheme;\n this.parameters = parameters;\n\n if (resp) {\n this.resp = resp;\n }\n }\n\n // convenience references\n get error (): string { return this.parameters.error; }\n get errorCode (): string { return this.error; } // parity with other error props\n // eslint-disable-next-line camelcase\n get error_description (): string { return this.parameters.error_description; }\n // eslint-disable-next-line camelcase\n get errorDescription (): string { return this.error_description; }\n get errorSummary (): string { return this.errorDescription; } // parity with other error props\n get realm (): string { return this.parameters.realm; }\n\n // parses the www-authenticate header for releveant\n static parseHeader (header: string): WWWAuthError | null {\n // header cannot be empty string\n if (!header) {\n return null;\n }\n\n // example string: Bearer error=\"invalid_token\", error_description=\"The access token is invalid\"\n // regex will match on `error=\"invalid_token\", error_description=\"The access token is invalid\"`\n // see unit test for more examples of possible www-authenticate values\n // eslint-disable-next-line max-len\n const regex = /(?:,|, )?([a-zA-Z0-9!#$%&'*+\\-.^_`|~]+)=(?:\"([a-zA-Z0-9!#$%&'*+\\-.,^_`|~ /:]+)\"|([a-zA-Z0-9!#$%&'*+\\-.^_`|~/:]+))/g;\n const firstSpace = header.indexOf(' ');\n const scheme = header.slice(0, firstSpace);\n const remaining = header.slice(firstSpace + 1);\n const params = {};\n\n // Reference: foo=\"hello\", bar=\"bye\"\n // i=0, match=[foo=\"hello1\", foo, hello]\n // i=1, match=[bar=\"bye\", bar, bye]\n let match;\n while ((match = regex.exec(remaining)) !== null) {\n params[match[1]] = (match[2] ?? match[3]);\n }\n\n return new WWWAuthError(scheme, params);\n }\n\n // finds the value of the `www-authenticate` header. HeadersInit allows for a few different\n // representations of headers with different access patterns (.get vs [key])\n static getWWWAuthenticateHeader (headers: HeadersInit = {}): string | null {\n if (isFunction((headers as Headers)?.get)) {\n return (headers as Headers).get('WWW-Authenticate');\n }\n return headers['www-authenticate'] ?? headers['WWW-Authenticate'];\n }\n}\n","\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport AuthApiError from './AuthApiError';\nimport AuthPollStopError from './AuthPollStopError';\nimport AuthSdkError from './AuthSdkError';\nimport OAuthError from './OAuthError';\nimport WWWAuthError from './WWWAuthError';\n\nfunction isAuthApiError(obj: any): obj is AuthApiError {\n return (obj instanceof AuthApiError);\n}\n\nfunction isOAuthError(obj: any): obj is OAuthError {\n return (obj instanceof OAuthError);\n}\n\nfunction isWWWAuthError(obj: any): obj is WWWAuthError {\n return (obj instanceof WWWAuthError);\n}\n\nexport {\n isAuthApiError,\n isOAuthError,\n isWWWAuthError,\n AuthApiError,\n AuthPollStopError,\n AuthSdkError,\n OAuthError,\n WWWAuthError\n};\n\nexport * from './types';\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable node/no-unsupported-features/node-builtins */\n/* global document, window, TextEncoder, navigator */\n\nimport { webcrypto } from './crypto';\n\nconst isWindowsPhone = /windows phone|iemobile|wpdesktop/i;\t\n\nexport function isBrowser() {\n return typeof document !== 'undefined' && typeof window !== 'undefined';\n}\n\nexport function isIE11OrLess() {\n if (!isBrowser()) {\n return false;\n }\n const documentMode = (document as any).documentMode;\n return !!documentMode && documentMode <= 11;\n}\n\nexport function getUserAgent() {\n return navigator.userAgent;\n}\n\nexport function isFingerprintSupported() {\n const agent = getUserAgent();\n return agent && !isWindowsPhone.test(agent);\t\n}\n\nexport function isPopupPostMessageSupported() {\n if (!isBrowser()) {\n return false;\n }\n const documentMode = (document as any).documentMode;\n var isIE8or9 = documentMode && documentMode < 10;\n if (typeof window.postMessage !== 'undefined' && !isIE8or9) {\n return true;\n }\n return false;\n}\n\nfunction isWebCryptoSubtleSupported () {\n return typeof webcrypto !== 'undefined'\n && webcrypto !== null\n && typeof webcrypto.subtle !== 'undefined'\n && typeof Uint8Array !== 'undefined';\n}\n\nexport function isTokenVerifySupported() {\n return isWebCryptoSubtleSupported();\n}\n\nexport function hasTextEncoder() {\n return typeof TextEncoder !== 'undefined';\n}\n\nexport function isPKCESupported() {\n return isTokenVerifySupported() && hasTextEncoder();\n}\n\nexport function isHTTPS() {\n if (!isBrowser()) {\n return false;\n }\n return window.location.protocol === 'https:';\n}\n\nexport function isLocalhost() {\n // eslint-disable-next-line compat/compat\n return isBrowser() && window.location.hostname === 'localhost';\n}\n\n// For now, DPoP is only supported on browsers\nexport function isDPoPSupported () {\n return !isIE11OrLess() &&\n typeof window.indexedDB !== 'undefined' &&\n hasTextEncoder() &&\n isWebCryptoSubtleSupported();\n}\n\nexport function isIOS () {\n // iOS detection from: http://stackoverflow.com/a/9039885/177710\n return isBrowser() && typeof navigator !== 'undefined' && typeof navigator.userAgent !== 'undefined' &&\n // @ts-expect-error - MSStream is not in `window` type, unsurprisingly\n (/iPad|iPhone|iPod/.test(navigator.userAgent) && !window.MSStream);\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* global SDK_VERSION */\n\nimport { isBrowser } from '../features';\nexport class OktaUserAgent {\n environments: string[];\n\n constructor() {\n // add base sdk env\n this.environments = [`okta-auth-js/${SDK_VERSION}`];\n this.maybeAddNodeEnvironment();\n }\n\n addEnvironment(env: string) {\n this.environments.push(env);\n }\n\n getHttpHeader() {\n return { 'X-Okta-User-Agent-Extended': this.environments.join(' ') };\n }\n\n getVersion() {\n return SDK_VERSION;\n }\n\n maybeAddNodeEnvironment() {\n if (isBrowser() || !process || !process.versions) {\n return;\n }\n const { node: version } = process.versions;\n this.environments.push(`nodejs/${version}`);\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { OktaAuthHttpInterface } from './types';\n\nexport function setRequestHeader(authClient: OktaAuthHttpInterface, headerName, headerValue) {\n authClient.options.headers = authClient.options.headers || {};\n authClient.options.headers[headerName] = headerValue;\n}","import { OktaAuthStorageInterface, StorageManagerInterface } from '../storage/types';\nimport { OktaAuthConstructor } from '../base/types';\nimport {\n HttpAPI,\n OktaAuthHttpInterface,\n OktaAuthHttpOptions,\n} from './types';\nimport { OktaUserAgent } from './OktaUserAgent';\nimport { setRequestHeader } from './headers';\nimport { toQueryString } from '../util';\nimport { get } from './request';\n\nexport function mixinHttp\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthHttpOptions = OktaAuthHttpOptions,\n TBase extends OktaAuthConstructor<OktaAuthStorageInterface<S, O>>\n = OktaAuthConstructor<OktaAuthStorageInterface<S, O>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n{\n return class OktaAuthHttp extends Base implements OktaAuthHttpInterface<S, O>\n {\n _oktaUserAgent: OktaUserAgent;\n http: HttpAPI;\n \n constructor(...args: any[]) {\n super(...args);\n\n this._oktaUserAgent = new OktaUserAgent();\n\n // HTTP\n this.http = {\n setRequestHeader: setRequestHeader.bind(null, this)\n };\n }\n\n setHeaders(headers) {\n this.options.headers = Object.assign({}, this.options.headers, headers);\n }\n \n getIssuerOrigin(): string {\n // Infer the URL from the issuer URL, omitting the /oauth2/{authServerId}\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return this.options.issuer!.split('/oauth2/')[0];\n }\n \n webfinger(opts): Promise<object> {\n var url = '/.well-known/webfinger' + toQueryString(opts);\n var options = {\n headers: {\n 'Accept': 'application/jrd+json'\n }\n };\n return get(this, url, options);\n }\n };\n}\n","/*!\n * Copyright (c) 2018-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport crossFetch from 'cross-fetch';\nimport { FetchOptions, HttpResponse } from '../http/types';\n\n// content-type = application/json OR application/ion+json\nconst appJsonContentTypeRegex = /application\\/\\w*\\+?json/;\n\nfunction readData(response: Response): Promise<object | string> {\n if (response.headers.get('Content-Type') &&\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n response.headers.get('Content-Type')!.toLowerCase().indexOf('application/json') >= 0) {\n return response.json()\n // JSON parse can fail if response is not a valid object\n .catch(e => {\n return {\n error: e,\n errorSummary: 'Could not parse server response'\n };\n });\n } else {\n return response.text();\n }\n}\n\nfunction formatResult(status: number, data: object | string, response: Response) {\n const isObject = typeof data === 'object';\n const headers = {};\n for (const pair of (response.headers as any).entries()) {\n headers[pair[0]] = pair[1];\n }\n const result: HttpResponse = {\n responseText: isObject ? JSON.stringify(data) : data as string,\n status: status,\n headers\n };\n if (isObject) {\n result.responseType = 'json';\n result.responseJSON = data as object;\n }\n return result;\n}\n\n/* eslint-disable complexity */\nfunction fetchRequest(method: string, url: string, args: FetchOptions) {\n var body = args.data;\n var headers = args.headers || {};\n var contentType = (headers['Content-Type'] || headers['content-type'] || '');\n\n if (body && typeof body !== 'string') {\n // JSON encode body (if appropriate)\n if (appJsonContentTypeRegex.test(contentType)) {\n body = JSON.stringify(body);\n }\n else if (contentType === 'application/x-www-form-urlencoded') {\n body = Object.entries(body)\n .map( ([param, value]) => `${param}=${encodeURIComponent(value)}` )\n .join('&');\n }\n }\n\n var fetch = global.fetch || crossFetch;\n var fetchPromise = fetch(url, {\n method: method,\n headers: args.headers,\n body: body as string,\n credentials: args.withCredentials ? 'include' : 'omit'\n });\n\n if (!fetchPromise.finally) {\n fetchPromise = Promise.resolve(fetchPromise);\n }\n\n return fetchPromise.then(function(response) {\n var error = !response.ok;\n var status = response.status;\n return readData(response)\n .then(data => {\n return formatResult(status, data, response);\n })\n .then(result => {\n if (error || result.responseJSON?.error) {\n // Throwing result object since error handling is done in http.js\n throw result;\n }\n return result;\n });\n });\n}\n\nexport default fetchRequest;\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { createStorageOptionsConstructor } from '../storage';\nimport { HttpRequestClient, OktaAuthHttpOptions, RequestOptions } from './types';\nimport fetchRequest from '../fetch/fetchRequest';\n\nexport function createHttpOptionsConstructor() {\n const StorageOptionsConstructor = createStorageOptionsConstructor();\n return class HttpOptionsConstructor extends StorageOptionsConstructor implements Required<OktaAuthHttpOptions> {\n issuer: string;\n transformErrorXHR: (xhr: object) => any;\n headers: object;\n httpRequestClient: HttpRequestClient;\n httpRequestInterceptors: ((request: RequestOptions) => void)[];\n pollDelay: number;\n \n constructor(args: any) {\n super(args);\n this.issuer = args.issuer;\n this.transformErrorXHR = args.transformErrorXHR;\n this.headers = args.headers;\n this.httpRequestClient = args.httpRequestClient || fetchRequest;\n this.httpRequestInterceptors = args.httpRequestInterceptors;\n this.pollDelay = args.pollDelay;\n }\n };\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint-disable complexity */\nimport { isString, clone, isAbsoluteUrl, removeNils } from '../util';\nimport {\n STATE_TOKEN_KEY_NAME,\n DEFAULT_CACHE_DURATION,\n IOS_MAX_RETRY_COUNT,\n} from '../constants';\nimport {\n OktaAuthHttpInterface,\n RequestOptions,\n FetchOptions,\n RequestData,\n HttpResponse\n} from './types';\nimport { AuthApiError, OAuthError, APIError, WWWAuthError } from '../errors';\nimport { isBrowser } from '../features';\n\n\n// For iOS track last date when document became visible\nlet dateDocumentBecameVisible = 0;\nlet trackDateDocumentBecameVisible: () => void;\nif (isBrowser()) {\n dateDocumentBecameVisible = Date.now();\n trackDateDocumentBecameVisible = () => {\n if (!document.hidden) {\n dateDocumentBecameVisible = Date.now();\n }\n };\n document.addEventListener('visibilitychange', trackDateDocumentBecameVisible);\n}\n\nconst formatError = (sdk: OktaAuthHttpInterface, error: HttpResponse | Error): AuthApiError | OAuthError => {\n if (error instanceof Error) {\n // fetch() can throw exceptions\n // see https://developer.mozilla.org/en-US/docs/Web/API/fetch#exceptions\n return new AuthApiError({\n errorSummary: error.message,\n });\n }\n\n let resp: HttpResponse = error;\n let err: AuthApiError | OAuthError | WWWAuthError;\n let serverErr: Record<string, any> = {};\n if (resp.responseText && isString(resp.responseText)) {\n try {\n serverErr = JSON.parse(resp.responseText);\n } catch (e) {\n serverErr = {\n errorSummary: 'Unknown error'\n };\n }\n }\n\n if (resp.status >= 500) {\n serverErr.errorSummary = 'Unknown error';\n }\n\n if (sdk.options.transformErrorXHR) {\n resp = sdk.options.transformErrorXHR(clone(resp));\n }\n\n // \n const wwwAuthHeader = WWWAuthError.getWWWAuthenticateHeader(resp?.headers) ?? '';\n\n if (serverErr.error && serverErr.error_description) {\n err = new OAuthError(serverErr.error, serverErr.error_description, resp);\n } else {\n err = new AuthApiError(serverErr as APIError, resp, { wwwAuthHeader });\n }\n\n if (wwwAuthHeader && resp?.status >= 400 && resp?.status < 500) {\n const wwwAuthErr = WWWAuthError.parseHeader(wwwAuthHeader);\n // check for 403 to avoid breaking change\n if (resp.status === 403 && wwwAuthErr?.error === 'insufficient_authentication_context') {\n // eslint-disable-next-line camelcase\n const { max_age, acr_values } = wwwAuthErr.parameters;\n err = new AuthApiError(\n {\n errorSummary: wwwAuthErr.error,\n errorCauses: [{ errorSummary: wwwAuthErr.errorDescription }]\n },\n resp,\n {\n // eslint-disable-next-line camelcase\n max_age: +max_age,\n // eslint-disable-next-line camelcase\n ...(acr_values && { acr_values })\n }\n );\n }\n else if (wwwAuthErr?.scheme === 'DPoP') {\n err = wwwAuthErr;\n }\n // else {\n // // WWWAuthError.parseHeader may return null, only overwrite if !null\n // err = wwwAuthErr ?? err;\n // }\n }\n\n return err;\n};\n\n// eslint-disable-next-line max-statements\nexport function httpRequest(sdk: OktaAuthHttpInterface, options: RequestOptions): Promise<any> {\n options = options || {};\n\n if (sdk.options.httpRequestInterceptors) {\n for (const interceptor of sdk.options.httpRequestInterceptors) {\n interceptor(options);\n }\n }\n\n var url = options.url,\n method = options.method,\n args = options.args,\n saveAuthnState = options.saveAuthnState,\n accessToken = options.accessToken,\n withCredentials = options.withCredentials === true, // default value is false\n storageUtil = sdk.options.storageUtil,\n storage = storageUtil!.storage,\n httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies),\n pollingIntent = options.pollingIntent,\n pollDelay = sdk.options.pollDelay ?? 0;\n\n if (options.cacheResponse) {\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[url as string];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n return Promise.resolve(cachedResponse.response);\n }\n }\n\n var oktaUserAgentHeader = sdk._oktaUserAgent.getHttpHeader();\n var headers: HeadersInit = {\n 'Accept': 'application/json',\n 'Content-Type': 'application/json',\n ...oktaUserAgentHeader\n };\n Object.assign(headers, sdk.options.headers, options.headers);\n headers = removeNils(headers) as HeadersInit;\n\n if (accessToken && isString(accessToken)) {\n headers['Authorization'] = 'Bearer ' + accessToken;\n }\n\n var ajaxOptions: FetchOptions = {\n headers,\n data: args || undefined,\n withCredentials\n };\n\n var err, res, promise;\n\n if (pollingIntent && isBrowser() && pollDelay > 0) {\n let waitForVisibleAndAwakenDocument: () => Promise<void>;\n let waitForAwakenDocument: () => Promise<void>;\n let recursiveFetch: () => Promise<HttpResponse>;\n let retryCount = 0;\n\n // Safari on iOS has a bug:\n // Performing `fetch` right after document became visible can fail with `Load failed` error.\n // Running fetch after short timeout fixes this issue.\n waitForAwakenDocument = () => {\n const timeSinceDocumentIsVisible = Date.now() - dateDocumentBecameVisible;\n if (timeSinceDocumentIsVisible < pollDelay) {\n return new Promise<void>((resolve) => setTimeout(() => {\n if (!document.hidden) {\n resolve();\n } else {\n resolve(waitForVisibleAndAwakenDocument());\n }\n }, pollDelay - timeSinceDocumentIsVisible));\n } else {\n return Promise.resolve();\n }\n };\n\n // Returns a promise that resolves when document is visible for 500 ms\n waitForVisibleAndAwakenDocument = () => {\n if (document.hidden) {\n let pageVisibilityHandler: () => void;\n return new Promise<void>((resolve) => {\n pageVisibilityHandler = () => {\n if (!document.hidden) {\n document.removeEventListener('visibilitychange', pageVisibilityHandler);\n resolve(waitForAwakenDocument());\n }\n };\n document.addEventListener('visibilitychange', pageVisibilityHandler);\n });\n } else {\n return waitForAwakenDocument();\n }\n };\n\n // Restarts fetch on 'Load failed' error\n // This error can occur when `fetch` does not respond\n // (due to CORS error, non-existing host, or network error)\n const retryableFetch = (): Promise<HttpResponse> => {\n return sdk.options.httpRequestClient!(method!, url!, ajaxOptions).catch((err) => {\n const isNetworkError = err?.message === 'Load failed';\n if (isNetworkError && retryCount < IOS_MAX_RETRY_COUNT) {\n retryCount++;\n return recursiveFetch();\n }\n throw err;\n });\n };\n\n // Final promise to fetch that wraps logic with waiting for visible document\n // and retrying fetch request on network error\n recursiveFetch = (): Promise<HttpResponse> => {\n return waitForVisibleAndAwakenDocument().then(retryableFetch);\n };\n\n promise = recursiveFetch();\n } else {\n promise = sdk.options.httpRequestClient!(method!, url!, ajaxOptions);\n }\n\n return promise\n .then(function(resp) {\n res = resp.responseText;\n if (res && isString(res)) {\n res = JSON.parse(res);\n if (res && typeof res === 'object' && !res.headers) {\n if (Array.isArray(res)) {\n res.forEach(item => {\n item.headers = resp.headers;\n });\n } else {\n res.headers = resp.headers;\n }\n }\n }\n\n if (saveAuthnState) {\n if (!res.stateToken) {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n }\n\n if (res && res.stateToken && res.expiresAt) {\n storage.set(STATE_TOKEN_KEY_NAME, res.stateToken, res.expiresAt, sdk.options.cookies!);\n }\n\n if (res && options.cacheResponse) {\n httpCache.updateStorage(url!, {\n expiresAt: Math.floor(Date.now()/1000) + DEFAULT_CACHE_DURATION,\n response: res\n });\n }\n \n return res;\n })\n .catch(function(resp) {\n err = formatError(sdk, resp);\n\n if (err.errorCode === 'E0000011') {\n storage.delete(STATE_TOKEN_KEY_NAME);\n }\n\n throw err;\n });\n}\n\nexport function get(sdk: OktaAuthHttpInterface, url: string, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var getOptions = {\n url: url,\n method: 'GET'\n };\n Object.assign(getOptions, options);\n return httpRequest(sdk, getOptions);\n}\n\nexport function post(sdk: OktaAuthHttpInterface, url: string, args?: RequestData, options?: RequestOptions) {\n url = isAbsoluteUrl(url) ? url : sdk.getIssuerOrigin() + url;\n var postOptions = {\n url: url,\n method: 'POST',\n args: args,\n saveAuthnState: true\n };\n Object.assign(postOptions, options);\n return httpRequest(sdk, postOptions);\n}\n","import { OktaAuthHttpInterface } from '../../http/types';\nimport { AccessToken } from '../../oidc/types';\n\nexport type TransactionLink = {\n href: string;\n hints?: {\n allow?: string[];\n };\n}\n\nexport type TransactionLinks = {\n self: TransactionLink;\n [property: string]: TransactionLink;\n}\n\ntype TransactionOptions = {\n // TODO: move res type to http module\n res: {\n headers: Record<string, string>;\n _links?: Record<string, TransactionLink>;\n [property: string]: unknown;\n };\n accessToken: string | AccessToken;\n};\n\nexport default class BaseTransaction {\n // Deprecated\n headers?: Record<string, string>;\n\n constructor(oktaAuth: OktaAuthHttpInterface, options: TransactionOptions) {\n const { res } = options;\n const { headers, ...rest } = res;\n \n // assign required fields from res\n if (headers) {\n this.headers = headers;\n }\n\n // add all rest fields from res\n Object.keys(rest).forEach(key => {\n if (key === '_links') {\n return;\n }\n this[key] = rest[key];\n });\n }\n}\n\nexport interface TransactionType<T extends BaseTransaction = BaseTransaction> extends Function {\n new (oktaAuth: OktaAuthHttpInterface, options: TransactionOptions): T;\n prototype: T;\n}\n","import { \n default as BaseTransaction,\n TransactionType,\n TransactionLinks\n} from './transactions/Base';\nimport { httpRequest } from '../http';\nimport { AuthSdkError } from '../errors';\nimport { MyAccountRequestOptions as RequestOptions } from './types';\nimport { RequestOptions as HttpRequestOptions } from '../http/types';\nimport { AccessToken, OktaAuthOAuthInterface } from '../oidc/types';\n\ntype SendRequestOptions = RequestOptions & {\n url: string;\n method: string;\n}\n\n/* eslint-disable complexity */\nexport async function sendRequest<\n T extends BaseTransaction = BaseTransaction,\n N extends 'plural' | 'single' = 'single',\n NT = N extends 'plural' ? T[] : T\n> (\n oktaAuth: OktaAuthOAuthInterface, \n options: SendRequestOptions,\n TransactionClass: TransactionType<T> = BaseTransaction as TransactionType<T>,\n): Promise<NT> {\n const {\n accessToken: accessTokenObj\n } = oktaAuth.tokenManager.getTokensSync();\n\n const atToken = options.accessToken || accessTokenObj;\n const issuer = oktaAuth.getIssuerOrigin();\n const { url, method, payload } = options;\n const requestUrl = url.startsWith(issuer!) ? url : `${issuer}${url}`;\n\n if (!atToken) {\n throw new AuthSdkError('AccessToken is required to request MyAccount API endpoints.');\n }\n\n let accessToken: string | AccessToken = atToken;\n\n const httpOptions: HttpRequestOptions = {\n headers: { 'Accept': '*/*;okta-version=1.0.0' },\n url: requestUrl,\n method,\n ...(payload && { args: payload })\n };\n\n if (oktaAuth.options.dpop) {\n if (typeof accessToken === 'string') {\n throw new AuthSdkError('AccessToken object must be provided when using dpop');\n }\n\n const { Authorization, Dpop } = await oktaAuth.getDPoPAuthorizationHeaders({\n method,\n url: requestUrl,\n accessToken\n });\n httpOptions.headers!.Authorization = Authorization;\n httpOptions.headers!.Dpop = Dpop;\n }\n else {\n accessToken = typeof accessToken === 'string' ? accessToken : accessToken.accessToken;\n httpOptions.accessToken = accessToken;\n }\n\n const res = await httpRequest(oktaAuth, httpOptions);\n\n let ret: T | T[];\n if (Array.isArray(res)) {\n ret = res.map(item => new TransactionClass(oktaAuth, { \n res: item, \n accessToken\n }));\n } else {\n ret = new TransactionClass(oktaAuth, { \n res, \n accessToken\n });\n }\n return ret as NT;\n}\n/* eslint-enable complexity */\n\nexport type GenerateRequestFnFromLinksOptions = {\n oktaAuth: OktaAuthOAuthInterface;\n accessToken: string | AccessToken;\n methodName: string;\n links: TransactionLinks;\n}\n\ntype IRequestFnFromLinks<T extends BaseTransaction> = (payload?) => Promise<T>;\n\nexport function generateRequestFnFromLinks<T extends BaseTransaction>(\n {\n oktaAuth, \n accessToken,\n methodName,\n links,\n }: GenerateRequestFnFromLinksOptions,\n TransactionClass: TransactionType<T> = BaseTransaction as TransactionType<T>,\n): IRequestFnFromLinks<T> {\n for (const method of ['GET', 'POST', 'PUT', 'DELETE']) {\n if (method.toLowerCase() === methodName) {\n const link = links.self;\n return (async (payload?) => sendRequest<T, 'single'>(oktaAuth, {\n accessToken,\n url: link.href,\n method,\n payload,\n }, TransactionClass));\n }\n }\n \n const link = links[methodName];\n if (!link) {\n throw new AuthSdkError(`No link is found with methodName: ${methodName}`);\n }\n\n return (async (payload?) => sendRequest<T, 'single'>(oktaAuth, {\n accessToken,\n url: link.href,\n method: link.hints!.allow![0],\n payload,\n }, TransactionClass));\n}\n","import BaseTransaction from './Base';\n\nexport default class ProfileTransaction extends BaseTransaction {\n createdAt: string;\n modifiedAt: string;\n profile: Record<string, string>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { createdAt, modifiedAt, profile } = options.res;\n this.createdAt = createdAt;\n this.modifiedAt = modifiedAt;\n this.profile = profile;\n }\n}\n","import BaseTransaction from './Base';\n\nexport default class ProfileSchemaTransaction extends BaseTransaction {\n properties: Record<string, object>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n this.properties = options.res.properties;\n }\n}\n","import { sendRequest } from './request';\nimport { IAPIFunction } from './types';\nimport {\n ProfileTransaction,\n ProfileSchemaTransaction\n} from './transactions';\n\n/**\n * @scope: okta.myAccount.profile.read\n */\nexport const getProfile: IAPIFunction<ProfileTransaction> = async (oktaAuth, options?) => {\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/profile',\n method: 'GET',\n accessToken: options?.accessToken,\n }, ProfileTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.profile.manage\n */\nexport const updateProfile: IAPIFunction<ProfileTransaction> = async (\n oktaAuth, \n options\n) => {\n const { payload, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/profile',\n method: 'PUT',\n payload,\n accessToken,\n }, ProfileTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.profile.read\n */\nexport const getProfileSchema: IAPIFunction<ProfileSchemaTransaction> = async (\n oktaAuth, \n options?\n): Promise<ProfileSchemaTransaction> => {\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/profile/schema',\n method: 'GET',\n accessToken: options?.accessToken,\n }, ProfileSchemaTransaction);\n return transaction;\n};\n","import { EmailProfile, Status } from '../types';\nimport BaseTransaction from './Base';\n\nexport default class EmailStatusTransaction extends BaseTransaction {\n id: string;\n expiresAt: string;\n profile: EmailProfile;\n status: Status;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { res } = options;\n // assign required fields from res\n const { id, profile, expiresAt, status } = res;\n this.id = id;\n this.expiresAt = expiresAt;\n this.profile = profile;\n this.status = status;\n }\n}\n","import EmailStatusTransaction from './EmailStatusTransaction';\nimport { \n EmailProfile, \n Status,\n VerificationPayload, \n} from '../types';\nimport BaseTransaction from './Base';\nimport { generateRequestFnFromLinks } from '../request';\n\nexport default class EmailChallengeTransaction extends BaseTransaction {\n id: string;\n expiresAt: string;\n profile: EmailProfile;\n status: Status;\n\n poll: () => Promise<EmailStatusTransaction>;\n // eslint-disable-next-line no-use-before-define\n verify: (payload: VerificationPayload) => Promise<EmailChallengeTransaction>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { accessToken, res } = options;\n // assign required fields from res\n const { id, expiresAt, profile, status, _links } = res;\n this.id = id;\n this.expiresAt = expiresAt;\n this.profile = profile;\n this.status = status;\n\n // assign transformed fns to transaction\n this.poll = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'poll', \n links: _links,\n }, EmailStatusTransaction);\n return await fn();\n };\n this.verify = async (payload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'verify', \n links: _links,\n }, EmailChallengeTransaction);\n return await fn(payload);\n };\n }\n}\n","import EmailChallengeTransaction from './EmailChallengeTransaction';\nimport EmailStatusTransaction from './EmailStatusTransaction';\nimport { EmailProfile, EmailRole, Status, VerificationPayload } from '../types';\nimport BaseTransaction from './Base';\nimport { generateRequestFnFromLinks } from '../request';\n\nexport default class EmailTransaction extends BaseTransaction {\n id: string;\n profile: EmailProfile;\n roles: EmailRole[];\n status: Status;\n\n // eslint-disable-next-line no-use-before-define\n get: () => Promise<EmailTransaction>;\n delete: () => Promise<BaseTransaction>;\n challenge: () => Promise<EmailChallengeTransaction>;\n poll?: () => Promise<EmailStatusTransaction>;\n verify?: (payload: VerificationPayload) => Promise<BaseTransaction>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { accessToken, res } = options;\n // assign required fields from res\n const { id, profile, roles, status, _links } = res;\n this.id = id;\n this.profile = profile;\n this.roles = roles;\n this.status = status;\n\n // assign transformed fns to transaction\n this.get = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'get', \n links: _links,\n }, EmailTransaction);\n return await fn();\n };\n this.delete = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'delete', \n links: _links \n });\n return await fn();\n };\n this.challenge = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'challenge', \n links: _links,\n }, EmailChallengeTransaction);\n return await fn();\n };\n if (_links.poll) {\n this.poll = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'poll', \n links: _links,\n }, EmailStatusTransaction);\n return await fn();\n };\n }\n if (_links.verify) {\n this.verify = async (payload: VerificationPayload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'verify', \n links: _links,\n });\n return await fn(payload);\n };\n }\n }\n}\n","import { sendRequest } from './request';\nimport { IAPIFunction } from './types';\nimport {\n BaseTransaction, \n EmailTransaction, \n EmailChallengeTransaction \n} from './transactions';\n\n/**\n * @scope: okta.myAccount.email.read\n */\nexport const getEmails: IAPIFunction<EmailTransaction[]> = async (\n oktaAuth,\n options?\n) => {\n const transaction = await sendRequest<EmailTransaction, 'plural'>(oktaAuth, {\n url: '/idp/myaccount/emails',\n method: 'GET',\n accessToken: options?.accessToken\n }, EmailTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.read\n */\nexport const getEmail: IAPIFunction<EmailTransaction> = async (\n oktaAuth, \n options\n) => {\n const { id, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/emails/${id}`,\n method: 'GET',\n accessToken,\n }, EmailTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.manage\n */\nexport const addEmail: IAPIFunction<EmailTransaction> = async (\n oktaAuth, \n options\n): Promise<EmailTransaction> => {\n const { accessToken, payload } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/emails',\n method: 'POST',\n payload,\n accessToken,\n }, EmailTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.manage\n */\nexport const deleteEmail: IAPIFunction<BaseTransaction> = async (\n oktaAuth, \n options\n) => {\n const { id, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/emails/${id}`,\n method: 'DELETE',\n accessToken\n });\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.read\n */\nexport const sendEmailChallenge: IAPIFunction<EmailChallengeTransaction> = async (\n oktaAuth, \n options\n) => {\n const { id, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/emails/${id}/challenge`,\n method: 'POST',\n accessToken,\n }, EmailChallengeTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.read\n */\nexport const getEmailChallenge: IAPIFunction<EmailChallengeTransaction> = async (\n oktaAuth, \n options\n) => {\n const { emailId, challengeId, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/emails/${emailId}/challenge/${challengeId}`,\n method: 'POST',\n accessToken,\n }, EmailChallengeTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.email.manage\n */\nexport const verifyEmailChallenge: IAPIFunction<BaseTransaction> = async (\n oktaAuth,\n options\n) => {\n const { emailId, challengeId, payload, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/emails/${emailId}/challenge/${challengeId}/verify`,\n method: 'POST',\n payload,\n accessToken\n });\n return transaction;\n};\n","import { ChallengePhonePayload, PhoneProfile, Status, VerificationPayload } from '../types';\nimport BaseTransaction from './Base';\nimport { generateRequestFnFromLinks } from '../request';\n\nexport default class PhoneTransaction extends BaseTransaction {\n id: string;\n profile: PhoneProfile;\n status: Status;\n\n // eslint-disable-next-line no-use-before-define\n get: () => Promise<PhoneTransaction>;\n delete: () => Promise<BaseTransaction>;\n challenge: (payload: ChallengePhonePayload) => Promise<BaseTransaction>;\n verify?: (payload: VerificationPayload) => Promise<BaseTransaction>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { res, accessToken } = options;\n // assign required fields from res\n const { id, profile, status, _links } = res;\n this.id = id;\n this.profile = profile;\n this.status = status;\n\n // assign transformed fns to transaction\n this.get = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'get', \n links: _links,\n }, PhoneTransaction);\n return await fn();\n };\n this.delete = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'delete', \n links: _links \n });\n return await fn();\n };\n this.challenge = async (payload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'challenge', \n links: _links \n });\n return await fn(payload);\n };\n if (_links.verify) {\n this.verify = async (payload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'verify', \n links: _links \n });\n return await fn(payload);\n } ;\n }\n }\n}\n","import { sendRequest } from './request';\nimport { IAPIFunction } from './types';\nimport {\n BaseTransaction, \n PhoneTransaction\n} from './transactions';\n\n/**\n * @scope: okta.myAccount.phone.read\n */\nexport const getPhones: IAPIFunction<PhoneTransaction[]> = async (\n oktaAuth,\n options?\n) => {\n const transaction = await sendRequest<PhoneTransaction, 'plural'>(oktaAuth, {\n url: '/idp/myaccount/phones',\n method: 'GET',\n accessToken: options?.accessToken,\n }, PhoneTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.phone.read\n */\nexport const getPhone: IAPIFunction<PhoneTransaction> = async (\n oktaAuth,\n options\n) => {\n const { accessToken, id } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/phones/${id}`,\n method: 'GET',\n accessToken,\n }, PhoneTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.phone.manage\n */\nexport const addPhone: IAPIFunction<PhoneTransaction> = async (\n oktaAuth, \n options\n): Promise<PhoneTransaction> => {\n const { accessToken, payload } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/phones',\n method: 'POST',\n payload,\n accessToken,\n }, PhoneTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.phone.manage\n */\nexport const deletePhone: IAPIFunction<BaseTransaction> = async (\n oktaAuth, \n options\n) => {\n const { id, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/phones/${id}`,\n method: 'DELETE',\n accessToken,\n });\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.phone.manage\n */\nexport const sendPhoneChallenge: IAPIFunction<BaseTransaction> = async (\n oktaAuth, \n options\n) => {\n const { accessToken, id, payload } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/phones/${id}/challenge`,\n method: 'POST',\n payload,\n accessToken\n });\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.phone.manage\n */\nexport const verifyPhoneChallenge: IAPIFunction<BaseTransaction> = async (\n oktaAuth,\n options\n) => {\n const { id, payload, accessToken } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/phones/${id}/verify`,\n method: 'POST',\n payload,\n accessToken\n });\n return transaction;\n};\n","import { EnrollPasswordPayload, UpdatePasswordPayload, PasswordStatus } from '../types';\nimport BaseTransaction from './Base';\nimport { generateRequestFnFromLinks } from '../request';\n\nexport default class PasswordTransaction extends BaseTransaction {\n id: string;\n created: string;\n lastUpdated: string;\n status: PasswordStatus;\n\n // eslint-disable-next-line no-use-before-define\n get?: () => Promise<PasswordTransaction>;\n // eslint-disable-next-line no-use-before-define\n enroll?: (payload: EnrollPasswordPayload) => Promise<PasswordTransaction>;\n // eslint-disable-next-line no-use-before-define\n update?: (payload: UpdatePasswordPayload) => Promise<PasswordTransaction>;\n delete?: () => Promise<BaseTransaction>;\n\n constructor(oktaAuth, options) {\n super(oktaAuth, options);\n\n const { res, accessToken } = options;\n // assign required fields from res\n const { id, status, created, lastUpdated, _links } = res;\n this.id = id;\n this.status = status;\n this.created = created;\n this.lastUpdated = lastUpdated;\n\n // assign transformed fns to transaction\n if (this.status == PasswordStatus.NOT_ENROLLED) {\n this.enroll = async (payload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'enroll',\n links: _links,\n }, PasswordTransaction);\n return await fn(payload);\n };\n }\n else {\n this.get = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'get',\n links: _links,\n }, PasswordTransaction);\n return await fn();\n };\n\n this.update = async (payload) => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'put', \n links: _links,\n }, PasswordTransaction);\n return await fn(payload);\n };\n \n this.delete = async () => {\n const fn = generateRequestFnFromLinks({ \n oktaAuth, \n accessToken, \n methodName: 'delete', \n links: _links \n });\n return await fn();\n };\n }\n }\n}\n","import { sendRequest } from './request';\nimport { IAPIFunction } from './types';\nimport {\n BaseTransaction, \n PasswordTransaction\n} from './transactions';\n\n/**\n * @scope: okta.myAccount.password.read\n */\nexport const getPassword: IAPIFunction<PasswordTransaction> = async (\n oktaAuth,\n options\n) => {\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/password`,\n method: 'GET',\n accessToken: options?.accessToken,\n }, PasswordTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.password.manage\n */\nexport const enrollPassword: IAPIFunction<PasswordTransaction> = async (\n oktaAuth, \n options\n): Promise<PasswordTransaction> => {\n const { accessToken, payload } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/password',\n method: 'POST',\n payload,\n accessToken,\n }, PasswordTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.password.manage\n */\nexport const updatePassword: IAPIFunction<PasswordTransaction> = async (\n oktaAuth, \n options\n): Promise<PasswordTransaction> => {\n const { accessToken, payload } = options!;\n const transaction = await sendRequest(oktaAuth, {\n url: '/idp/myaccount/password',\n method: 'PUT',\n payload,\n accessToken,\n }, PasswordTransaction);\n return transaction;\n};\n\n/**\n * @scope: okta.myAccount.password.manage\n */\nexport const deletePassword: IAPIFunction<BaseTransaction> = async (\n oktaAuth, \n options?\n) => {\n const transaction = await sendRequest(oktaAuth, {\n url: `/idp/myaccount/password`,\n method: 'DELETE',\n accessToken: options?.accessToken,\n });\n return transaction;\n};\n","import { StorageManagerConstructor } from '../storage/types';\nimport { OktaAuthConstructor, OktaAuthOptionsConstructor } from '../base/types';\nimport {\n OAuthStorageManagerInterface,\n PKCETransactionMeta,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../oidc/types';\nimport { createOktaAuthCore } from '../core/factory';\nimport { OktaAuthCoreOptions } from '../core/types';\nimport { mixinMyAccount } from './mixin';\nimport { OktaAuthMyAccountInterface } from './types';\n\nexport function createOktaAuthMyAccount\n<\n M extends PKCETransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthCoreOptions = OktaAuthCoreOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n>\n(\n StorageManagerConstructor: StorageManagerConstructor<S>,\n OptionsConstructor: OktaAuthOptionsConstructor<O>,\n TransactionManager: TransactionManagerConstructor<TM>\n)\n: OktaAuthConstructor<OktaAuthMyAccountInterface<M, S, O>>\n{\n const Core = createOktaAuthCore<M, S, O>(StorageManagerConstructor, OptionsConstructor, TransactionManager);\n const WithMyAccount = mixinMyAccount<M, S, O>(Core);\n return WithMyAccount;\n}\n","import { OktaAuthConstructor } from '../base/types';\nimport {\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PKCETransactionMeta,\n} from '../oidc/types';\nimport { OktaAuthMyAccountInterface } from './types';\n\nimport * as MyAccountMethods from './api';\n\nexport function mixinMyAccount\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TBase extends OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O>>\n = OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthMyAccountInterface<M, S, O>>\n{\n return class OktaAuthMyAccount extends Base implements OktaAuthMyAccountInterface<M, S, O>\n {\n myaccount: any;\n \n constructor(...args: any[]) {\n super(...args);\n\n this.myaccount = Object.entries(MyAccountMethods)\n .filter(([ name ]) => name !== 'default')\n .reduce((acc, [name, fn]) => {\n acc[name] = (fn as any).bind(null, this);\n return acc;\n }, {});\n }\n };\n}\n","import {\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PKCETransactionMeta,\n AccessToken\n} from '../oidc/types';\n\nexport type { \n EmailTransaction, \n EmailStatusTransaction,\n EmailChallengeTransaction,\n PhoneTransaction,\n ProfileTransaction,\n ProfileSchemaTransaction,\n PasswordTransaction,\n BaseTransaction\n} from './transactions';\n\nexport enum EmailRole {\n PRIMARY = 'PRIMARY',\n SECONDARY = 'SECONDARY'\n}\n\nexport enum Status {\n VERIFIED = 'VERIFIED',\n UNVERIFIED = 'UNVERIFIED'\n}\n\nexport enum PasswordStatus {\n NOT_ENROLLED = 'NOT_ENROLLED',\n ACTIVE = 'ACTIVE'\n}\n\nexport type EmailProfile = {\n email: string;\n}\n\nexport type AddEmailPayload = {\n profile: {\n email: string;\n };\n sendEmail: boolean;\n role: EmailRole;\n}\n\nexport type PhoneProfile = {\n profile: {\n phoneNumber: string;\n };\n}\n\nexport type AddPhonePayload = {\n profile: {\n phoneNumber: string;\n };\n sendCode: boolean;\n method: string;\n};\n\nexport type ChallengePhonePayload = {\n method: string;\n}\n\nexport type VerificationPayload = {\n verificationCode: string;\n};\n\nexport type EnrollPasswordPayload = {\n profile: {\n password: string;\n }\n}\n\nexport type UpdatePasswordPayload = {\n profile: {\n password: string;\n currentPassword?: string;\n }\n}\n\nexport type UpdateProfilePayload = {\n profile: {\n firstName?: string;\n lastName?: string;\n email?: string;\n login?: string;\n [property: string]: any;\n };\n};\n\nexport type MyAccountRequestOptions = {\n id?: string;\n emailId?: string;\n challengeId?: string;\n payload?: AddEmailPayload \n | AddPhonePayload \n | ChallengePhonePayload\n | VerificationPayload \n | UpdateProfilePayload\n | EnrollPasswordPayload\n | UpdatePasswordPayload;\n accessToken?: string | AccessToken;\n}\n\nexport type IAPIFunction<T> = (\n oktaAuth: OktaAuthOAuthInterface, \n options?: MyAccountRequestOptions\n) => Promise<T>;\n\nexport interface OktaAuthMyAccountInterface\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions\n> \n extends OktaAuthOAuthInterface<M, S, O>\n{\n myaccount;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport default class SdkClock {\n localOffset: number;\n\n constructor(localOffset) {\n // Calculated local clock offset from server time (in milliseconds). Can be positive or negative.\n this.localOffset = parseInt(localOffset || 0);\n }\n\n // factory method. Create an instance of a clock from current context.\n static create(/* sdk, options */): SdkClock {\n // TODO: calculate localOffset\n var localOffset = 0;\n return new SdkClock(localOffset);\n }\n\n // Return the current time (in seconds)\n now() {\n var now = (Date.now() + this.localOffset) / 1000;\n return now;\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { removeNils, clone } from '../util';\nimport { AuthSdkError } from '../errors';\nimport { validateToken } from '../oidc/util';\nimport { isLocalhost, isIE11OrLess } from '../features';\nimport SdkClock from '../clock';\nimport {\n Token, \n Tokens, \n TokenType, \n TokenManagerOptions, \n isIDToken, \n isAccessToken,\n isRefreshToken,\n TokenManagerErrorEventHandler,\n TokenManagerSetStorageEventHandler,\n TokenManagerRenewEventHandler,\n TokenManagerEventHandler,\n TokenManagerInterface,\n RefreshToken,\n AccessTokenCallback,\n IDTokenCallback,\n RefreshTokenCallback,\n EVENT_RENEWED,\n EVENT_ADDED,\n EVENT_ERROR,\n EVENT_EXPIRED,\n EVENT_REMOVED,\n EVENT_SET_STORAGE,\n TokenManagerAnyEventHandler,\n TokenManagerAnyEvent,\n OktaAuthOAuthInterface\n} from './types';\nimport { REFRESH_TOKEN_STORAGE_KEY, TOKEN_STORAGE_NAME } from '../constants';\nimport { EventEmitter } from '../base/types';\nimport { StorageOptions, StorageProvider, StorageType } from '../storage/types';\n\nconst DEFAULT_OPTIONS = {\n // TODO: remove in next major version - OKTA-473815\n autoRenew: true,\n autoRemove: true,\n syncStorage: true,\n // --- //\n clearPendingRemoveTokens: true,\n storage: undefined, // will use value from storageManager config\n expireEarlySeconds: 30,\n storageKey: TOKEN_STORAGE_NAME\n};\n\ninterface TokenManagerState {\n expireTimeouts: Record<string, unknown>;\n renewPromise: Promise<Token | undefined> | null;\n started?: boolean;\n}\nfunction defaultState(): TokenManagerState {\n return {\n expireTimeouts: {},\n renewPromise: null\n };\n}\nexport class TokenManager implements TokenManagerInterface {\n private sdk: OktaAuthOAuthInterface;\n private clock: SdkClock;\n private emitter: EventEmitter;\n private storage: StorageProvider;\n private state: TokenManagerState;\n private options: TokenManagerOptions;\n\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler: TokenManagerEventHandler, context?: object): void;\n on(event: TokenManagerAnyEvent, handler: TokenManagerAnyEventHandler, context?: object): void {\n if (context) {\n this.emitter.on(event, handler, context);\n } else {\n this.emitter.on(event, handler);\n }\n }\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, \n handler?: TokenManagerEventHandler): void;\n off(event: TokenManagerAnyEvent, handler?: TokenManagerAnyEventHandler): void {\n if (handler) {\n this.emitter.off(event, handler);\n } else {\n this.emitter.off(event);\n }\n }\n\n // eslint-disable-next-line complexity\n constructor(sdk: OktaAuthOAuthInterface, options: TokenManagerOptions = {}) {\n this.sdk = sdk;\n this.emitter = (sdk as any).emitter;\n if (!this.emitter) {\n throw new AuthSdkError('Emitter should be initialized before TokenManager');\n }\n \n options = Object.assign({}, DEFAULT_OPTIONS, removeNils(options));\n if (!isLocalhost()) {\n options.expireEarlySeconds = DEFAULT_OPTIONS.expireEarlySeconds;\n }\n\n this.options = options;\n\n const storageOptions: StorageOptions = removeNils({\n storageKey: options.storageKey,\n secure: options.secure,\n });\n if (typeof options.storage === 'object') {\n // A custom storage provider must implement getItem(key) and setItem(key, val)\n storageOptions.storageProvider = options.storage;\n } else if (options.storage) {\n storageOptions.storageType = options.storage as StorageType;\n }\n\n this.storage = sdk.storageManager.getTokenStorage({...storageOptions, useSeparateCookies: true});\n this.clock = SdkClock.create(/* sdk, options */);\n this.state = defaultState();\n }\n\n start() {\n if (this.options.clearPendingRemoveTokens) {\n this.clearPendingRemoveTokens();\n }\n this.setExpireEventTimeoutAll();\n this.state.started = true;\n }\n \n stop() {\n this.clearExpireEventTimeoutAll();\n this.state.started = false;\n }\n\n isStarted() {\n return !!this.state.started;\n }\n\n getOptions(): TokenManagerOptions {\n return clone(this.options);\n }\n \n getExpireTime(token) {\n const expireEarlySeconds = this.options.expireEarlySeconds || 0;\n var expireTime = token.expiresAt - expireEarlySeconds;\n return expireTime;\n }\n \n hasExpired(token) {\n var expireTime = this.getExpireTime(token);\n return expireTime <= this.clock.now();\n }\n \n emitExpired(key, token) {\n this.emitter.emit(EVENT_EXPIRED, key, token);\n }\n \n emitRenewed(key, freshToken, oldToken) {\n this.emitter.emit(EVENT_RENEWED, key, freshToken, oldToken);\n }\n \n emitAdded(key, token) {\n this.emitter.emit(EVENT_ADDED, key, token);\n }\n \n emitRemoved(key, token?) {\n this.emitter.emit(EVENT_REMOVED, key, token);\n }\n \n emitError(error) {\n this.emitter.emit(EVENT_ERROR, error);\n }\n \n clearExpireEventTimeout(key) {\n clearTimeout(this.state.expireTimeouts[key] as any);\n delete this.state.expireTimeouts[key];\n \n // Remove the renew promise (if it exists)\n this.state.renewPromise = null;\n }\n \n clearExpireEventTimeoutAll() {\n var expireTimeouts = this.state.expireTimeouts;\n for (var key in expireTimeouts) {\n if (!Object.prototype.hasOwnProperty.call(expireTimeouts, key)) {\n continue;\n }\n this.clearExpireEventTimeout(key);\n }\n }\n \n setExpireEventTimeout(key, token) {\n if (isRefreshToken(token)) {\n return;\n }\n\n var expireTime = this.getExpireTime(token);\n var expireEventWait = Math.max(expireTime - this.clock.now(), 0) * 1000;\n \n // Clear any existing timeout\n this.clearExpireEventTimeout(key);\n \n var expireEventTimeout = setTimeout(() => {\n this.emitExpired(key, token);\n }, expireEventWait);\n \n // Add a new timeout\n this.state.expireTimeouts[key] = expireEventTimeout;\n }\n \n setExpireEventTimeoutAll() {\n var tokenStorage = this.storage.getStorage();\n for(var key in tokenStorage) {\n if (!Object.prototype.hasOwnProperty.call(tokenStorage, key)) {\n continue;\n }\n var token = tokenStorage[key];\n this.setExpireEventTimeout(key, token);\n }\n }\n \n // reset timeouts to setup autoRenew for tokens from other document context (tabs)\n resetExpireEventTimeoutAll() {\n this.clearExpireEventTimeoutAll();\n this.setExpireEventTimeoutAll();\n }\n \n add(key, token: Token) {\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n }\n \n getSync(key): Token | undefined {\n var tokenStorage = this.storage.getStorage();\n return tokenStorage[key];\n }\n \n async get(key): Promise<Token | undefined> {\n return this.getSync(key);\n }\n \n getTokensSync(): Tokens {\n const tokens = {} as Tokens;\n const tokenStorage = this.storage.getStorage();\n Object.keys(tokenStorage).forEach(key => {\n const token = tokenStorage[key];\n if (isAccessToken(token)) {\n tokens.accessToken = token;\n } else if (isIDToken(token)) {\n tokens.idToken = token;\n } else if (isRefreshToken(token)) { \n tokens.refreshToken = token;\n }\n });\n return tokens;\n }\n \n async getTokens(): Promise<Tokens> {\n return this.getTokensSync();\n }\n\n getStorageKeyByType(type: TokenType): string {\n const tokenStorage = this.storage.getStorage();\n const key = Object.keys(tokenStorage).filter(key => {\n const token = tokenStorage[key];\n return (isAccessToken(token) && type === 'accessToken') \n || (isIDToken(token) && type === 'idToken')\n || (isRefreshToken(token) && type === 'refreshToken');\n })[0];\n return key;\n }\n\n private getTokenType(token: Token): TokenType {\n if (isAccessToken(token)) {\n return 'accessToken';\n }\n if (isIDToken(token)) {\n return 'idToken';\n }\n if(isRefreshToken(token)) {\n return 'refreshToken';\n }\n throw new AuthSdkError('Unknown token type');\n }\n\n // for synchronization of LocalStorage cross tabs for IE11\n private emitSetStorageEvent() {\n if (isIE11OrLess()) {\n const storage = this.storage.getStorage();\n this.emitter.emit(EVENT_SET_STORAGE, storage);\n }\n }\n\n // used in `SyncStorageService` for synchronization of LocalStorage cross tabs for IE11\n public getStorage() {\n return this.storage;\n }\n\n setTokens(\n tokens: Tokens,\n // TODO: callbacks can be removed in the next major version OKTA-407224\n accessTokenCb?: AccessTokenCallback, \n idTokenCb?: IDTokenCallback,\n refreshTokenCb?: RefreshTokenCallback\n ): void {\n const handleTokenCallback = (key, token) => {\n const type = this.getTokenType(token);\n if (type === 'accessToken') {\n accessTokenCb && accessTokenCb(key, token);\n } else if (type === 'idToken') {\n idTokenCb && idTokenCb(key, token);\n } else if (type === 'refreshToken') {\n refreshTokenCb && refreshTokenCb(key, token);\n }\n };\n const handleAdded = (key, token) => {\n this.emitAdded(key, token);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRenewed = (key, token, oldToken) => {\n this.emitRenewed(key, token, oldToken);\n this.clearExpireEventTimeout(key);\n this.setExpireEventTimeout(key, token);\n handleTokenCallback(key, token);\n };\n const handleRemoved = (key, token) => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, token);\n handleTokenCallback(key, token);\n };\n \n const types: TokenType[] = ['idToken', 'accessToken', 'refreshToken'];\n const existingTokens = this.getTokensSync();\n\n // valid tokens\n types.forEach((type) => {\n const token = tokens[type];\n if (token) {\n validateToken(token, type);\n }\n });\n \n // add token to storage\n const storage = types.reduce((storage, type) => {\n const token = tokens[type];\n if (token) {\n const storageKey = this.getStorageKeyByType(type) || type;\n storage[storageKey] = token;\n }\n return storage;\n }, {});\n this.storage.setStorage(storage);\n this.emitSetStorageEvent();\n\n // emit event and start expiration timer\n types.forEach(type => {\n const newToken = tokens[type];\n const existingToken = existingTokens[type];\n const storageKey = this.getStorageKeyByType(type) || type;\n if (newToken && existingToken) { // renew\n // call handleRemoved first, since it clears timers\n handleRemoved(storageKey, existingToken);\n handleAdded(storageKey, newToken);\n handleRenewed(storageKey, newToken, existingToken);\n } else if (newToken) { // add\n handleAdded(storageKey, newToken);\n } else if (existingToken) { //remove\n handleRemoved(storageKey, existingToken);\n }\n });\n }\n \n remove(key) {\n // Clear any listener for this token\n this.clearExpireEventTimeout(key);\n \n var tokenStorage = this.storage.getStorage();\n var removedToken = tokenStorage[key];\n delete tokenStorage[key];\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n \n this.emitRemoved(key, removedToken);\n }\n \n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n async renewToken(token) {\n return this.sdk.token?.renew(token);\n }\n // TODO: this methods is redundant and can be removed in the next major version OKTA-407224\n validateToken(token: Token) {\n return validateToken(token);\n }\n\n // TODO: renew method should take no param, change in the next major version OKTA-407224\n renew(key): Promise<Token | undefined> {\n // Multiple callers may receive the same promise. They will all resolve or reject from the same request.\n if (this.state.renewPromise) {\n return this.state.renewPromise;\n }\n\n try {\n var token = this.getSync(key);\n let shouldRenew = token !== undefined;\n // explicitly check if key='accessToken' because token keys are not guaranteed (long story, features dragons)\n if (!token && key === 'accessToken') {\n // attempt token renewal if refresh token is present (improves consistency of autoRenew)\n const refreshKey = this.getStorageKeyByType('refreshToken');\n const refreshToken = this.getSync(refreshKey);\n shouldRenew = refreshToken !== undefined;\n }\n\n if (!shouldRenew) {\n throw new AuthSdkError('The tokenManager has no token for the key: ' + key);\n }\n }\n catch (err) {\n this.emitError(err);\n return Promise.reject(err);\n }\n\n // Remove existing autoRenew timeout\n this.clearExpireEventTimeout(key);\n \n // A refresh token means a replace instead of renewal\n // Store the renew promise state, to avoid renewing again\n const renewPromise = this.state.renewPromise = this.sdk.token.renewTokens()\n .then(tokens => {\n this.setTokens(tokens);\n\n // return accessToken in case where access token doesn't exist\n // but refresh token exists\n if (!token && key === 'accessToken') {\n const accessToken = tokens['accessToken'];\n this.emitRenewed(key, accessToken, null);\n return accessToken;\n }\n\n // resolve token based on the key\n const tokenType = this.getTokenType(token!);\n return tokens[tokenType];\n })\n .catch(err => {\n // If renew fails, remove token from storage and emit error\n this.remove(key);\n err.tokenKey = key;\n this.emitError(err);\n throw err;\n })\n .finally(() => {\n // Remove existing promise key\n this.state.renewPromise = null;\n });\n \n return renewPromise;\n }\n \n clear() {\n const tokens = this.getTokensSync();\n this.clearExpireEventTimeoutAll();\n this.storage.clearStorage();\n this.emitSetStorageEvent();\n\n Object.keys(tokens).forEach(key => {\n this.emitRemoved(key, tokens[key]);\n });\n }\n\n clearPendingRemoveTokens() {\n const tokenStorage = this.storage.getStorage();\n const removedTokens = {};\n Object.keys(tokenStorage).forEach(key => {\n if (tokenStorage[key].pendingRemove) {\n removedTokens[key] = tokenStorage[key];\n delete tokenStorage[key];\n }\n });\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n Object.keys(removedTokens).forEach(key => {\n this.clearExpireEventTimeout(key);\n this.emitRemoved(key, removedTokens[key]);\n });\n }\n\n updateRefreshToken(token: RefreshToken) {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n\n // do not emit any event\n var tokenStorage = this.storage.getStorage();\n validateToken(token);\n tokenStorage[key] = token;\n this.storage.setStorage(tokenStorage);\n this.emitSetStorageEvent();\n }\n\n removeRefreshToken () {\n const key = this.getStorageKeyByType('refreshToken') || REFRESH_TOKEN_STORAGE_KEY;\n this.remove(key);\n }\n\n addPendingRemoveFlags() {\n const tokens = this.getTokensSync();\n Object.keys(tokens).forEach(key => {\n tokens[key].pendingRemove = true;\n });\n this.setTokens(tokens);\n }\n \n}\n","import { OAuthStorageManagerInterface, OAuthTransactionMeta, isTransactionMeta } from '../types';\n\nconst MAX_ENTRY_LIFETIME = 30 * 60 * 1000; // 30 minutes\n\nexport function pruneSharedStorage<M extends OAuthTransactionMeta>(storageManager: OAuthStorageManagerInterface<M>) {\n const sharedStorage = storageManager.getSharedTansactionStorage();\n const entries = sharedStorage.getStorage();\n Object.keys(entries).forEach(state => {\n const entry = entries[state];\n const age = Date.now() - entry.dateCreated;\n if (age > MAX_ENTRY_LIFETIME) {\n delete entries[state];\n }\n });\n sharedStorage.setStorage(entries);\n}\n\nexport function saveTransactionToSharedStorage<M extends OAuthTransactionMeta>(\n storageManager: OAuthStorageManagerInterface<M>, state: string, meta: M\n) {\n const sharedStorage = storageManager.getSharedTansactionStorage();\n const entries = sharedStorage.getStorage();\n entries[state] = {\n dateCreated: Date.now(),\n transaction: meta\n };\n sharedStorage.setStorage(entries);\n}\n\n\nexport function loadTransactionFromSharedStorage<M extends OAuthTransactionMeta>(\n storageManager: OAuthStorageManagerInterface<M>, state: string\n) {\n const sharedStorage = storageManager.getSharedTansactionStorage();\n const entries = sharedStorage.getStorage();\n const entry = entries[state];\n if (entry && entry.transaction && isTransactionMeta(entry.transaction)) {\n return entry.transaction;\n }\n return null;\n}\n\nexport function clearTransactionFromSharedStorage<M extends OAuthTransactionMeta>(\n storageManager: OAuthStorageManagerInterface<M>, state: string\n) {\n const sharedStorage = storageManager.getSharedTansactionStorage();\n const entries = sharedStorage.getStorage();\n delete entries[state];\n sharedStorage.setStorage(entries);\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { StorageProvider } from '../storage/types';\nimport {\n TransactionMeta,\n isTransactionMeta,\n TransactionMetaOptions,\n TransactionManagerOptions,\n OAuthTransactionMeta,\n OAuthStorageManagerInterface,\n ClearTransactionMetaOptions,\n TransactionManagerInterface,\n PKCETransactionMeta\n} from './types';\nimport { warn } from '../util';\nimport {\n clearTransactionFromSharedStorage,\n loadTransactionFromSharedStorage,\n pruneSharedStorage,\n saveTransactionToSharedStorage\n} from './util/sharedStorage';\n\n\nexport function createTransactionManager\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>\n>\n()\n{\n return class TransactionManager implements TransactionManagerInterface\n {\n options: TransactionManagerOptions;\n storageManager: S;\n enableSharedStorage: boolean;\n saveLastResponse: boolean;\n\n constructor(options: TransactionManagerOptions) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.storageManager = options.storageManager! as S;\n this.enableSharedStorage = options.enableSharedStorage === false ? false : true;\n this.saveLastResponse = options.saveLastResponse === false ? false : true;\n this.options = options;\n }\n\n // eslint-disable-next-line complexity\n clear(options: ClearTransactionMetaOptions = {}) {\n const transactionStorage: StorageProvider = this.storageManager.getTransactionStorage();\n const meta = transactionStorage.getStorage();\n\n // Clear primary storage (by default, sessionStorage on browser)\n transactionStorage.clearStorage();\n\n // Usually we want to also clear shared storage unless another tab may need it to continue/complete a flow\n if (this.enableSharedStorage && options.clearSharedStorage !== false) {\n const state = options.state || meta?.state;\n if (state) {\n clearTransactionFromSharedStorage(this.storageManager, state);\n }\n }\n }\n\n // eslint-disable-next-line complexity\n save(meta: M, options: TransactionMetaOptions = {}) {\n // There must be only one transaction executing at a time.\n // Before saving, check to see if a transaction is already stored.\n // An existing transaction indicates a concurrency/race/overlap condition\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n const obj = storage.getStorage();\n // oie process may need to update transaction in the middle of process for tracking purpose\n // false alarm might be caused \n // TODO: revisit for a better solution, https://oktainc.atlassian.net/browse/OKTA-430919\n if (isTransactionMeta(obj) && !options.muteWarning) {\n // eslint-disable-next-line max-len\n warn('a saved auth transaction exists in storage. This may indicate another auth flow is already in progress.');\n }\n\n storage.setStorage(meta);\n\n // Shared storage allows continuation of transaction in another tab\n if (this.enableSharedStorage && meta.state) {\n saveTransactionToSharedStorage(this.storageManager, meta.state, meta);\n }\n }\n\n exists(options: TransactionMetaOptions = {}): boolean {\n try {\n const meta = this.load(options);\n return !!meta;\n } catch {\n return false;\n }\n }\n\n // load transaction meta from storage\n // eslint-disable-next-line complexity,max-statements\n load(options: TransactionMetaOptions = {}): TransactionMeta | null {\n\n let meta: TransactionMeta;\n\n // If state was passed, try loading transaction data from shared storage\n if (this.enableSharedStorage && options.state) {\n pruneSharedStorage(this.storageManager); // prune before load\n meta = loadTransactionFromSharedStorage(this.storageManager, options.state);\n if (isTransactionMeta(meta)) {\n return meta;\n }\n }\n\n let storage: StorageProvider = this.storageManager.getTransactionStorage();\n meta = storage.getStorage();\n if (isTransactionMeta(meta)) {\n // if we have meta in the new location, there is no need to go further\n return meta;\n }\n\n return null;\n }\n\n };\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { JWTObject } from './types';\nimport { base64UrlToString } from '../crypto';\n\nexport function decodeToken(token: string): JWTObject {\n var jwt = token.split('.');\n var decodedToken: JWTObject;\n\n try {\n decodedToken = {\n header: JSON.parse(base64UrlToString(jwt[0])),\n payload: JSON.parse(base64UrlToString(jwt[1])),\n signature: jwt[2]\n };\n } catch (e) {\n throw new AuthSdkError('Malformed token');\n }\n\n return decodedToken;\n}\n","// References:\n// https://www.w3.org/TR/WebCryptoAPI/#concepts-key-storage\n// https://datatracker.ietf.org/doc/html/rfc9449\n\nimport {\n webcrypto,\n stringToBase64Url,\n stringToBuffer,\n bufferToBase64Url,\n base64ToBase64Url,\n btoa\n} from '../crypto';\nimport { AuthSdkError, OAuthError, WWWAuthError, isOAuthError, isWWWAuthError } from '../errors';\nimport { Tokens } from './types';\n\nexport interface DPoPClaims {\n htm: string;\n htu: string;\n iat: number;\n jti: string;\n nonce?: string;\n ath?: string;\n}\n\nexport interface DPoPProofParams {\n keyPair: CryptoKeyPair;\n url: string;\n method: string;\n nonce?: string;\n accessToken?: string;\n}\n\nexport type ResourceDPoPProofParams = Omit<DPoPProofParams, 'keyPair' | 'nonce'>;\ntype DPoPProofTokenRequestParams = Omit<DPoPProofParams, 'accessToken'>;\n\nconst INDEXEDDB_NAME = 'OktaAuthJs';\nconst DB_KEY = 'DPoPKeys';\n\nexport function isDPoPNonceError(obj: any): obj is OAuthError | WWWAuthError {\n return (\n (isOAuthError(obj) || isWWWAuthError(obj)) &&\n obj.errorCode === 'use_dpop_nonce'\n );\n}\n\n/////////// crypto ///////////\n\nexport async function createJwt(header: object, claims: object, signingKey: CryptoKey): Promise<string> {\n const head = stringToBase64Url(JSON.stringify(header));\n const body = stringToBase64Url(JSON.stringify(claims));\n const signature = await webcrypto.subtle.sign(\n { name: signingKey.algorithm.name }, signingKey, stringToBuffer(`${head}.${body}`)\n );\n return `${head}.${body}.${base64ToBase64Url(bufferToBase64Url(signature))}`;\n}\n\nexport function cryptoRandomValue (byteLen = 32) {\n return [...webcrypto.getRandomValues(new Uint8Array(byteLen))].map(v => v.toString(16)).join('');\n}\n\nexport async function generateKeyPair (): Promise<CryptoKeyPair> {\n const algorithm = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: 'SHA-256',\n modulusLength: 2048,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n };\n\n // The \"false\" here makes it non-exportable\n // https://caniuse.com/mdn-api_subtlecrypto_generatekey\n return webcrypto.subtle.generateKey(algorithm, false, ['sign', 'verify']);\n}\n\nasync function hashAccessToken (accessToken: string): Promise<string> {\n const buffer = new TextEncoder().encode(accessToken);\n const hash = await webcrypto.subtle.digest('SHA-256', buffer);\n\n return btoa(String.fromCharCode.apply(null, new Uint8Array(hash) as unknown as number[]))\n .replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '');\n}\n\n/////////// indexeddb / keystore ///////////\n\n\n// https://developer.mozilla.org/en-US/docs/Web/API/IDBObjectStore#instance_methods\n// add additional methods as needed\nexport type StoreMethod = 'get' | 'add' | 'delete' | 'clear';\n\n// convenience abstraction for exposing IDBObjectStore instance\nfunction keyStore (): Promise<IDBObjectStore> {\n return new Promise((resolve, reject) => {\n try {\n const indexedDB = window.indexedDB;\n const req = indexedDB.open(INDEXEDDB_NAME, 1);\n\n req.onerror = function () {\n reject(req.error!);\n };\n\n req.onupgradeneeded = function () {\n const db = req.result;\n db.createObjectStore(DB_KEY);\n };\n\n req.onsuccess = function () {\n const db = req.result;\n const tx = db.transaction(DB_KEY, 'readwrite');\n\n tx.onerror = function () {\n reject(tx.error!);\n };\n\n const store = tx.objectStore(DB_KEY);\n\n resolve(store);\n\n tx.oncomplete = function () {\n db.close();\n };\n };\n }\n catch (err) {\n reject(err);\n }\n });\n}\n\n// convenience abstraction for wrapping IDBObjectStore methods in promises\nasync function invokeStoreMethod (method: StoreMethod, ...args: any[]): Promise<IDBRequest> {\n const store = await keyStore();\n return new Promise((resolve, reject) => {\n // https://github.com/microsoft/TypeScript/issues/49700\n // https://github.com/microsoft/TypeScript/issues/49802\n // @ts-expect-error ts(2556)\n const req = store[method](...args);\n req.onsuccess = function () {\n resolve(req);\n };\n req.onerror = function () {\n reject(req.error);\n };\n });\n}\n\nasync function storeKeyPair (pairId: string, keyPair: CryptoKeyPair) {\n await invokeStoreMethod('add', keyPair, pairId);\n return keyPair;\n}\n\n// attempts to find keyPair stored at given key, otherwise throws\nexport async function findKeyPair (pairId?: string): Promise<CryptoKeyPair> {\n if (pairId) {\n const req = await invokeStoreMethod('get', pairId);\n if (req.result) {\n return req.result;\n }\n }\n\n // defaults to throwing unless keyPair is found\n throw new AuthSdkError(`Unable to locate dpop key pair required for refresh${pairId ? ` (${pairId})` : ''}`);\n}\n\nexport async function clearDPoPKeyPair (pairId: string): Promise<void> {\n await invokeStoreMethod('delete', pairId);\n}\n\nexport async function clearAllDPoPKeyPairs (): Promise<void> {\n await invokeStoreMethod('clear');\n}\n\n// generates a crypto (non-extractable) private key pair and writes it to indexeddb, returns key (id)\nexport async function createDPoPKeyPair (): Promise<{keyPair: CryptoKeyPair, keyPairId: string}> {\n const keyPairId = cryptoRandomValue(4);\n const keyPair = await generateKeyPair();\n await storeKeyPair(keyPairId, keyPair);\n return { keyPair, keyPairId };\n}\n\n// will clear PK from storage if certain token conditions are met\n/* eslint max-len: [2, 132], complexity: [2, 12] */\nexport async function clearDPoPKeyPairAfterRevoke (revokedToken: 'access' | 'refresh', tokens: Tokens): Promise<void> {\n let shouldClear = false;\n\n const { accessToken, refreshToken } = tokens;\n\n // revoking access token and refresh token doesn't exist\n if (revokedToken === 'access' && accessToken && accessToken.tokenType === 'DPoP' && !refreshToken) {\n shouldClear = true;\n }\n\n // revoking refresh token and access token doesn't exist\n if (revokedToken === 'refresh' && refreshToken && !accessToken) {\n shouldClear = true;\n }\n\n const pairId = accessToken?.dpopPairId ?? refreshToken?.dpopPairId;\n if (shouldClear && pairId) {\n await clearDPoPKeyPair(pairId);\n }\n}\n\n/////////// proof generation methods ///////////\n\nexport async function generateDPoPProof ({ keyPair, url, method, nonce, accessToken }: DPoPProofParams): Promise<string> {\n const { kty, crv, e, n, x, y } = await webcrypto.subtle.exportKey('jwk', keyPair.publicKey);\n const header = {\n alg: 'RS256',\n typ: 'dpop+jwt',\n jwk: { kty, crv, e, n, x, y }\n };\n\n const claims: DPoPClaims = {\n htm: method,\n htu: url,\n iat: Math.floor(Date.now() / 1000),\n jti: cryptoRandomValue(),\n };\n\n if (nonce) {\n claims.nonce = nonce;\n }\n\n // encode access token\n if (accessToken) {\n claims.ath = await hashAccessToken(accessToken);\n }\n\n return createJwt(header, claims, keyPair.privateKey);\n}\n\n/* eslint max-len: [2, 132] */\nexport async function generateDPoPForTokenRequest ({ keyPair, url, method, nonce }: DPoPProofTokenRequestParams): Promise<string> {\n const params: DPoPProofParams = { keyPair, url, method };\n if (nonce) {\n params.nonce = nonce;\n }\n\n return generateDPoPProof(params);\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { isString, removeNils, toQueryString } from '../../util';\nimport { AuthSdkError } from '../../errors';\nimport { OAuthParams, TokenParams } from '../types';\n\nexport function convertTokenParamsToOAuthParams(tokenParams: TokenParams) {\n // Quick validation\n if (!tokenParams.clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n }\n\n if (isString(tokenParams.responseType) && tokenParams.responseType.indexOf(' ') !== -1) {\n throw new AuthSdkError('Multiple OAuth responseTypes must be defined as an array');\n }\n\n // Convert our params to their actual OAuth equivalents\n var oauthParams: OAuthParams = {\n 'client_id': tokenParams.clientId,\n 'code_challenge': tokenParams.codeChallenge,\n 'code_challenge_method': tokenParams.codeChallengeMethod,\n 'display': tokenParams.display,\n 'idp': tokenParams.idp,\n 'idp_scope': tokenParams.idpScope,\n 'login_hint': tokenParams.loginHint,\n 'max_age': tokenParams.maxAge,\n 'nonce': tokenParams.nonce,\n 'prompt': tokenParams.prompt,\n 'redirect_uri': tokenParams.redirectUri,\n 'response_mode': tokenParams.responseMode,\n 'response_type': tokenParams.responseType,\n 'sessionToken': tokenParams.sessionToken,\n 'state': tokenParams.state,\n 'acr_values': tokenParams.acrValues,\n 'enroll_amr_values': tokenParams.enrollAmrValues,\n };\n oauthParams = removeNils(oauthParams) as OAuthParams;\n\n ['idp_scope', 'response_type', 'enroll_amr_values'].forEach(function (mayBeArray) {\n if (Array.isArray(oauthParams[mayBeArray])) {\n oauthParams[mayBeArray] = oauthParams[mayBeArray].join(' ');\n }\n });\n\n if (tokenParams.responseType!.indexOf('id_token') !== -1 &&\n tokenParams.scopes!.indexOf('openid') === -1) {\n throw new AuthSdkError('openid scope must be specified in the scopes argument when requesting an id_token');\n } else if (tokenParams.scopes) {\n oauthParams.scope = tokenParams.scopes!.join(' ');\n }\n\n return oauthParams;\n}\n\nexport function buildAuthorizeParams(tokenParams: TokenParams) {\n var oauthQueryParams = convertTokenParamsToOAuthParams(tokenParams);\n return toQueryString({ \n ...oauthQueryParams, \n ...(tokenParams.extraParams && { ...tokenParams.extraParams })\n });\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { AuthSdkError, AuthApiError } from '../../errors';\nimport { CustomUrls, OAuthParams, OAuthResponse, RefreshToken, TokenParams } from '../types';\nimport { removeNils, toQueryString } from '../../util';\nimport { httpRequest, OktaAuthHttpInterface } from '../../http';\nimport { generateDPoPForTokenRequest, isDPoPNonceError } from '../dpop';\n\nexport interface TokenEndpointParams extends TokenParams {\n dpopKeyPair?: CryptoKeyPair;\n}\n\ninterface TokenRequestParams {\n url: string;\n data: any;\n dpopKeyPair?: CryptoKeyPair;\n nonce?: string;\n}\n\nfunction validateOptions(options: TokenEndpointParams) {\n // Quick validation\n if (!options.clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to get a token');\n }\n\n if (!options.redirectUri) {\n throw new AuthSdkError('The redirectUri passed to /authorize must also be passed to /token');\n }\n\n if (!options.authorizationCode && !options.interactionCode) {\n throw new AuthSdkError('An authorization code (returned from /authorize) must be passed to /token');\n }\n\n if (!options.codeVerifier) {\n throw new AuthSdkError('The \"codeVerifier\" (generated and saved by your app) must be passed to /token');\n }\n}\n\nfunction getPostData(sdk, options: TokenParams): string {\n // Convert Token params to OAuth params, sent to the /token endpoint\n var params: OAuthParams = removeNils({\n 'client_id': options.clientId,\n 'redirect_uri': options.redirectUri,\n 'grant_type': options.interactionCode ? 'interaction_code' : 'authorization_code',\n 'code_verifier': options.codeVerifier\n });\n\n if (options.interactionCode) {\n params['interaction_code'] = options.interactionCode;\n } else if (options.authorizationCode) {\n params.code = options.authorizationCode;\n }\n\n const { clientSecret } = sdk.options;\n if (clientSecret) {\n params['client_secret'] = clientSecret;\n }\n\n // Encode as URL string\n return toQueryString(params).slice(1);\n}\n\n/* eslint complexity: [2, 10] */\nasync function makeTokenRequest (sdk, { url, data, nonce, dpopKeyPair }: TokenRequestParams): Promise<OAuthResponse> {\n const method = 'POST';\n const headers: any = {\n 'Content-Type': 'application/x-www-form-urlencoded',\n };\n\n if (sdk.options.dpop) {\n if (!dpopKeyPair) {\n throw new AuthSdkError('DPoP is configured but no key pair was provided');\n }\n\n const proof = await generateDPoPForTokenRequest({ url, method, nonce, keyPair: dpopKeyPair });\n headers.DPoP = proof;\n }\n\n try {\n const resp = await httpRequest(sdk, {\n url,\n method,\n args: data,\n headers\n });\n return resp;\n }\n catch (err) {\n if (isDPoPNonceError(err) && !nonce) {\n const dpopNonce = err.resp?.headers['dpop-nonce'];\n if (!dpopNonce) {\n // throws error is dpop-nonce header cannot be found, prevents infinite loop\n throw new AuthApiError(\n {errorSummary: 'No `dpop-nonce` header found when required'},\n err.resp ?? undefined // yay ts\n );\n }\n return makeTokenRequest(sdk, { url, data, dpopKeyPair, nonce: dpopNonce });\n }\n throw err;\n }\n}\n\n// exchange authorization code for an access token\nexport async function postToTokenEndpoint(sdk, options: TokenEndpointParams, urls: CustomUrls): Promise<OAuthResponse> {\n validateOptions(options);\n var data = getPostData(sdk, options);\n\n const params: TokenRequestParams = {\n url: urls.tokenUrl!,\n data,\n dpopKeyPair: options?.dpopKeyPair\n };\n\n return makeTokenRequest(sdk, params);\n}\n\nexport async function postRefreshToken(\n sdk: OktaAuthHttpInterface,\n options: TokenEndpointParams,\n refreshToken: RefreshToken\n): Promise<OAuthResponse> {\n const data = Object.entries({\n client_id: options.clientId, // eslint-disable-line camelcase\n grant_type: 'refresh_token', // eslint-disable-line camelcase\n scope: refreshToken.scopes.join(' '),\n refresh_token: refreshToken.refreshToken, // eslint-disable-line camelcase\n }).map(function ([name, value]) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n return name + '=' + encodeURIComponent(value!);\n }).join('&');\n\n let url = refreshToken.tokenUrl;\n if (options.extraParams && Object.keys(options.extraParams).length >= 1) {\n url += toQueryString(options.extraParams);\n }\n\n const params: TokenRequestParams = {\n url,\n data,\n dpopKeyPair: options?.dpopKeyPair\n };\n\n return makeTokenRequest(sdk, params);\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { get } from '../../http';\nimport { find } from '../../util';\nimport { OktaAuthOAuthInterface, WellKnownResponse } from '../types';\nimport AuthSdkError from '../../errors/AuthSdkError';\n\nexport function getWellKnown(sdk: OktaAuthOAuthInterface, issuer?: string): Promise<WellKnownResponse> {\n var authServerUri = (issuer || sdk.options.issuer);\n return get(sdk, authServerUri + '/.well-known/openid-configuration', {\n cacheResponse: true\n });\n}\n\nexport function getKey(sdk: OktaAuthOAuthInterface, issuer: string, kid: string): Promise<string> {\n var httpCache = sdk.storageManager.getHttpCache(sdk.options.cookies);\n\n return getWellKnown(sdk, issuer)\n .then(function(wellKnown) {\n var jwksUri = wellKnown['jwks_uri'];\n\n // Check our kid against the cached version (if it exists and isn't expired)\n var cacheContents = httpCache.getStorage();\n var cachedResponse = cacheContents[jwksUri];\n if (cachedResponse && Date.now()/1000 < cachedResponse.expiresAt) {\n var cachedKey = find(cachedResponse.response.keys, {\n kid: kid\n });\n\n if (cachedKey) {\n return cachedKey;\n }\n }\n\n // Remove cache for the key\n httpCache.clearStorage(jwksUri);\n\n // Pull the latest keys if the key wasn't in the cache\n return get(sdk, jwksUri, {\n cacheResponse: true\n })\n .then(function(res) {\n var key = find(res.keys, {\n kid: kid\n });\n\n if (key) {\n return key;\n }\n\n throw new AuthSdkError('The key id, ' + kid + ', was not found in the server\\'s keys');\n });\n });\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/* eslint-disable max-len */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { CustomUrls, OAuthResponse, OAuthResponseType, OktaAuthOAuthInterface, TokenParams, TokenResponse } from './types';\nimport { getOAuthUrls, getDefaultTokenParams } from './util';\nimport { clone } from '../util';\nimport { postToTokenEndpoint, TokenEndpointParams } from './endpoints/token';\nimport { handleOAuthResponse } from './handleOAuthResponse';\nimport { createDPoPKeyPair, findKeyPair } from './dpop';\n\n// codeVerifier is required. May pass either an authorizationCode or interactionCode\nexport async function exchangeCodeForTokens(sdk: OktaAuthOAuthInterface, tokenParams: TokenParams, urls?: CustomUrls): Promise<TokenResponse> {\n urls = urls || getOAuthUrls(sdk, tokenParams);\n // build params using defaults + options\n tokenParams = Object.assign({}, getDefaultTokenParams(sdk), clone(tokenParams));\n\n const {\n authorizationCode,\n interactionCode,\n codeVerifier,\n clientId,\n redirectUri,\n scopes,\n ignoreSignature,\n state,\n acrValues,\n dpop,\n dpopPairId,\n extraParams\n } = tokenParams;\n\n // postToTokenEndpoint() params\n const getTokenOptions: TokenEndpointParams = {\n clientId,\n redirectUri,\n authorizationCode,\n interactionCode,\n codeVerifier,\n dpop,\n };\n\n // `handleOAuthResponse` hanadles responses from both `/authorize` and `/token` endpoints\n // Here we modify the response from `/token` so that it more closely matches a response from `/authorize`\n // `responseType` is used to validate that the expected tokens were returned\n const responseType: OAuthResponseType[] = ['token']; // an accessToken will always be returned\n if (scopes!.indexOf('openid') !== -1) {\n responseType.push('id_token'); // an idToken will be returned if \"openid\" is in the scopes\n }\n // handleOAuthResponse() params\n const handleResponseOptions: TokenParams = {\n clientId,\n redirectUri,\n scopes,\n responseType,\n ignoreSignature,\n acrValues,\n extraParams\n };\n\n try {\n if (dpop) {\n // token refresh, KP should already exist\n if (dpopPairId) {\n const keyPair = await findKeyPair(dpopPairId);\n getTokenOptions.dpopKeyPair = keyPair;\n handleResponseOptions.dpop = dpop;\n handleResponseOptions.dpopPairId = dpopPairId;\n }\n else {\n const { keyPair, keyPairId } = await createDPoPKeyPair();\n getTokenOptions.dpopKeyPair = keyPair;\n handleResponseOptions.dpop = dpop;\n handleResponseOptions.dpopPairId = keyPairId;\n }\n }\n\n const oauthResponse: OAuthResponse = await postToTokenEndpoint(sdk, getTokenOptions, urls);\n\n const tokenResponse: TokenResponse = await handleOAuthResponse(sdk, handleResponseOptions, oauthResponse, urls!);\n tokenResponse.code = authorizationCode;\n tokenResponse.state = state!;\n return tokenResponse;\n }\n finally {\n sdk.transactionManager.clear();\n }\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from './types';\nimport { clone } from '../util';\nimport { prepareEnrollAuthenticatorParams, createEnrollAuthenticatorMeta } from './util';\nimport { buildAuthorizeParams } from './endpoints/authorize';\n\nexport function enrollAuthenticator(\n sdk: OktaAuthOAuthInterface, \n options: EnrollAuthenticatorOptions\n): void {\n options = clone(options) || {};\n\n const params = prepareEnrollAuthenticatorParams(sdk, options);\n const meta = createEnrollAuthenticatorMeta(sdk, params);\n const requestUrl = meta.urls.authorizeUrl + buildAuthorizeParams(params);\n sdk.transactionManager.save(meta);\n if (sdk.options.setLocation) {\n sdk.options.setLocation(requestUrl);\n } else {\n window.location.assign(requestUrl);\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport { PromiseQueue } from '../../util';\nimport { decodeToken } from '../decodeToken';\nimport { exchangeCodeForTokens } from '../exchangeCodeForTokens';\nimport { getUserInfo } from '../getUserInfo';\nimport { getWithoutPrompt } from '../getWithoutPrompt';\nimport { getWithPopup, getWithIDPPopup } from '../getWithPopup';\nimport { getWithRedirect } from '../getWithRedirect';\nimport { parseFromUrl } from '../parseFromUrl';\nimport { renewToken } from '../renewToken';\nimport { renewTokens } from '../renewTokens';\nimport { renewTokensWithRefresh } from '../renewTokensWithRefresh';\nimport { revokeToken } from '../revokeToken';\nimport { oidcIntrospect } from '../introspect';\nimport {\n AccessToken,\n CustomUserClaims,\n GetWithRedirectFunction,\n IDToken,\n OktaAuthOAuthInterface,\n ParseFromUrlInterface,\n TokenAPI,\n UserClaims,\n Endpoints,\n} from '../types';\nimport { isLoginRedirect, prepareTokenParams } from '../util';\nimport { verifyToken } from '../verifyToken';\nimport { enrollAuthenticator } from '../enrollAuthenticator';\n\n// Factory\nexport function createTokenAPI(sdk: OktaAuthOAuthInterface, queue: PromiseQueue): TokenAPI {\n const useQueue = (method) => {\n return PromiseQueue.prototype.push.bind(queue, method, null);\n };\n\n const getWithRedirectFn = useQueue(getWithRedirect.bind(null, sdk)) as GetWithRedirectFunction;\n\n // eslint-disable-next-line max-len\n const parseFromUrlFn = useQueue(parseFromUrl.bind(null, sdk)) as ParseFromUrlInterface;\n const parseFromUrlApi: ParseFromUrlInterface = Object.assign(parseFromUrlFn, {\n // This is exposed so we can mock getting window.history in our tests\n _getHistory: function() {\n return window.history;\n },\n\n // This is exposed so we can mock getting window.location in our tests\n _getLocation: function() {\n return window.location;\n },\n\n // This is exposed so we can mock getting window.document in our tests\n _getDocument: function() {\n return window.document;\n }\n });\n\n const token: TokenAPI ={\n prepareTokenParams: prepareTokenParams.bind(null, sdk),\n exchangeCodeForTokens: exchangeCodeForTokens.bind(null, sdk),\n getWithoutPrompt: getWithoutPrompt.bind(null, sdk),\n getWithPopup: getWithPopup.bind(null, sdk),\n getWithIDPPopup: getWithIDPPopup.bind(null, sdk),\n getWithRedirect: getWithRedirectFn,\n parseFromUrl: parseFromUrlApi,\n decode: decodeToken,\n revoke: revokeToken.bind(null, sdk),\n renew: renewToken.bind(null, sdk),\n renewTokensWithRefresh: renewTokensWithRefresh.bind(null, sdk),\n renewTokens: renewTokens.bind(null, sdk),\n getUserInfo: <C extends CustomUserClaims = CustomUserClaims>(\n accessTokenObject: AccessToken,\n idTokenObject: IDToken\n ): Promise<UserClaims<C>> => {\n return getUserInfo(sdk, accessTokenObject, idTokenObject);\n },\n verify: verifyToken.bind(null, sdk),\n isLoginRedirect: isLoginRedirect.bind(null, sdk),\n introspect: oidcIntrospect.bind(null, sdk),\n };\n\n // Wrap certain async token API methods using PromiseQueue to avoid issues with concurrency\n // 'getWithRedirect' and 'parseFromUrl' are already wrapped\n const toWrap = [\n 'getWithoutPrompt',\n 'getWithPopup',\n 'revoke',\n 'renew',\n 'renewTokensWithRefresh',\n 'renewTokens'\n ];\n toWrap.forEach(key => {\n token[key] = useQueue(token[key]);\n });\n\n return token;\n}\n\nexport function createEndpoints(sdk: OktaAuthOAuthInterface): Endpoints {\n return {\n authorize: {\n enrollAuthenticator: enrollAuthenticator.bind(null, sdk),\n }\n };\n}\n","import { StorageManagerConstructor } from '../../storage/types';\nimport { OktaAuthConstructor, OktaAuthOptionsConstructor } from '../../base/types';\n\nimport { createOktaAuthBase } from '../../base';\nimport { mixinStorage } from '../../storage/mixin';\nimport { mixinSession } from '../../session/mixin';\nimport { mixinHttp } from '../../http/mixin';\nimport { mixinOAuth } from '../mixin';\nimport {\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n OAuthStorageManagerInterface,\n PKCETransactionMeta,\n TransactionManagerConstructor,\n TransactionManagerInterface\n} from '../types';\n\nexport function createOktaAuthOAuth\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface\n>\n(\n StorageManagerConstructor: StorageManagerConstructor<S>,\n OptionsConstructor: OktaAuthOptionsConstructor<O>,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>\n): OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n{\n const Base = createOktaAuthBase(OptionsConstructor);\n const WithStorage = mixinStorage<S, O>(Base, StorageManagerConstructor);\n const WithHttp = mixinHttp<S, O>(WithStorage);\n const WithSession = mixinSession<S, O>(WithHttp);\n const WithOAuth = mixinOAuth<M, S, O, TM>(WithSession, TransactionManagerConstructor);\n return WithOAuth;\n}\n","\n/* global document */\n/* eslint-disable complexity, max-statements */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport {\n getOAuthUrls,\n loadFrame,\n addPostMessageListener,\n addIDPPopupLisenter\n} from './util';\n\nimport AuthSdkError from '../errors/AuthSdkError';\n\nimport {\n OktaAuthOAuthInterface,\n TokenParams,\n PopupParams,\n OAuthResponse,\n} from './types';\n\nimport { prepareTokenParams } from './util/prepareTokenParams';\nimport { buildAuthorizeParams } from './endpoints/authorize';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n/*\n * Retrieve an idToken from an Okta or a third party idp\n *\n * Two main flows:\n *\n * 1) Exchange a sessionToken for a token\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n * sessionToken: 'yourtoken'\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n *\n * Forced:\n * prompt: 'none'\n * responseMode: 'okta_post_message'\n * display: undefined\n *\n * 2) Get a token from an idp\n *\n * Required:\n * clientId: passed via the OktaAuth constructor or into getToken\n *\n * Optional:\n * redirectUri: defaults to window.location.href\n * scopes: defaults to ['openid', 'email']\n * idp: defaults to Okta as an idp\n * prompt: no default. Pass 'none' to throw an error if user is not signed in\n *\n * Forced:\n * display: 'popup'\n *\n * Only common optional params shown. Any OAuth parameters not explicitly forced are available to override\n *\n * @param {Object} oauthOptions\n * @param {String} [oauthOptions.clientId] ID of this client\n * @param {String} [oauthOptions.redirectUri] URI that the iframe or popup will go to once authenticated\n * @param {String[]} [oauthOptions.scopes] OAuth 2.0 scopes to request (openid must be specified)\n * @param {String} [oauthOptions.idp] ID of an external IdP to use for user authentication\n * @param {String} [oauthOptions.sessionToken] Bootstrap Session Token returned by the Okta Authentication API\n * @param {String} [oauthOptions.prompt] Determines whether the Okta login will be displayed on failure.\n * Use 'none' to prevent this behavior\n *\n * @param {Object} options\n * @param {Integer} [options.timeout] Time in ms before the flow is automatically terminated. Defaults to 120000\n * @param {String} [options.popupTitle] Title dispayed in the popup.\n * Defaults to 'External Identity Provider User Authentication'\n */\nexport function getToken(sdk: OktaAuthOAuthInterface, options: TokenParams & PopupParams) {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getToken\" takes only a single set of options'));\n }\n\n options = options || {};\n\n // window object cannot be serialized, save for later use\n // TODO: move popup related params into a separate options object\n const popupWindow = options.popupWindow;\n options.popupWindow = undefined;\n\n return prepareTokenParams(sdk, options)\n .then(function (tokenParams: TokenParams) {\n\n // Start overriding any options that don't make sense\n var sessionTokenOverrides = {\n prompt: 'none',\n responseMode: 'okta_post_message',\n display: null\n };\n\n var idpOverrides = {\n display: 'popup'\n };\n\n if (options.sessionToken) {\n Object.assign(tokenParams, sessionTokenOverrides);\n } else if (options.idp) {\n Object.assign(tokenParams, idpOverrides);\n }\n\n // Use the query params to build the authorize url\n var requestUrl,\n endpoint,\n urls;\n\n // Get authorizeUrl and issuer\n urls = getOAuthUrls(sdk, tokenParams);\n endpoint = options.codeVerifier ? urls.tokenUrl : urls.authorizeUrl;\n requestUrl = endpoint + buildAuthorizeParams(tokenParams);\n\n // Determine the flow type\n var flowType: 'IFRAME' | 'POPUP' | 'IDP_POPUP' | 'IMPLICIT' = 'IMPLICIT';\n if (tokenParams.sessionToken || tokenParams.display === null) {\n flowType = 'IFRAME';\n }\n else if (tokenParams.display === 'popup') {\n flowType = options.idpPopup ? 'IDP_POPUP' : 'POPUP';\n }\n else {\n flowType = 'IMPLICIT';\n }\n\n // Execute the flow type\n switch (flowType) {\n case 'IFRAME':\n var iframePromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n var iframeEl = loadFrame(requestUrl);\n return iframePromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (document.body.contains(iframeEl)) {\n iframeEl.parentElement?.removeChild(iframeEl);\n }\n });\n\n case 'POPUP':\n var oauthPromise; // resolves with OAuth response\n\n // Add listener on postMessage before window creation, so\n // postMessage isn't triggered before we're listening\n if (tokenParams.responseMode === 'okta_post_message') {\n if (!sdk.features.isPopupPostMessageSupported()) {\n throw new AuthSdkError('This browser doesn\\'t have full postMessage support');\n }\n oauthPromise = addPostMessageListener(sdk, options.timeout, tokenParams.state);\n }\n\n // Redirect for authorization\n // popupWindow can be null when popup is blocked\n if (popupWindow) {\n popupWindow.location.assign(requestUrl);\n }\n\n // The popup may be closed without receiving an OAuth response. Setup a poller to monitor the window.\n var popupPromise = new Promise(function (resolve, reject) {\n var closePoller = setInterval(function () {\n if (!popupWindow || popupWindow.closed) {\n clearInterval(closePoller);\n reject(new AuthSdkError('Unable to parse OAuth flow response'));\n }\n }, 100);\n\n // Proxy the OAuth promise results\n oauthPromise\n .then(function (res) {\n clearInterval(closePoller);\n resolve(res);\n })\n .catch(function (err) {\n clearInterval(closePoller);\n reject(err);\n });\n });\n\n return popupPromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n })\n .finally(function () {\n if (popupWindow && !popupWindow.closed) {\n popupWindow.close();\n }\n });\n\n case 'IDP_POPUP':\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var idpPromise = addIDPPopupLisenter(sdk, options.timeout, options.channel!, tokenParams.state!);\n\n // Redirect for authorization\n // popupWindow can be null when popup is blocked\n if (popupWindow) {\n popupWindow.location.assign(requestUrl);\n }\n else {\n throw new AuthSdkError('Unable to open popup window');\n }\n\n return idpPromise\n .then(function (res) {\n return handleOAuthResponse(sdk, tokenParams, res as OAuthResponse, urls);\n });\n\n default:\n throw new AuthSdkError('The full page redirect flow is not supported');\n }\n });\n}","/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError, OAuthError, WWWAuthError, AuthApiError } from '../errors';\nimport { httpRequest } from '../http';\nimport { AccessToken, IDToken, UserClaims, isAccessToken, isIDToken, CustomUserClaims } from './types';\n\nexport async function getUserInfo<T extends CustomUserClaims = CustomUserClaims>(\n sdk, accessTokenObject: AccessToken,\n idTokenObject: IDToken\n): Promise<UserClaims<T>> {\n // If token objects were not passed, attempt to read from the TokenManager\n if (!accessTokenObject) {\n accessTokenObject = (await sdk.tokenManager.getTokens()).accessToken as AccessToken;\n }\n if (!idTokenObject) {\n idTokenObject = (await sdk.tokenManager.getTokens()).idToken as IDToken;\n }\n\n if (!accessTokenObject || !isAccessToken(accessTokenObject)) {\n return Promise.reject(new AuthSdkError('getUserInfo requires an access token object'));\n }\n\n if (!idTokenObject || !isIDToken(idTokenObject)) {\n return Promise.reject(new AuthSdkError('getUserInfo requires an ID token object'));\n }\n\n const options: any = {\n url: accessTokenObject.userinfoUrl,\n method: 'GET',\n accessToken: accessTokenObject.accessToken\n };\n\n if (sdk.options.dpop) {\n const headers = await sdk.getDPoPAuthorizationHeaders({...options, accessToken: accessTokenObject });\n options.headers = headers;\n delete options.accessToken; // unset to prevent overriding Auth header with Bearer Token\n }\n\n return httpRequest(sdk, options)\n .then(userInfo => {\n // Only return the userinfo response if subjects match to mitigate token substitution attacks\n if (userInfo.sub === idTokenObject.claims.sub) {\n return userInfo;\n }\n return Promise.reject(new AuthSdkError('getUserInfo request was rejected due to token mismatch'));\n })\n .catch(function (err) {\n // throw OAuthError to avoid breaking change (when dpop is not being used)\n if (err instanceof WWWAuthError && !sdk.options.dpop) {\n const { error, errorDescription } = err;\n throw new OAuthError(error, errorDescription);\n }\n\n // throw OAuthError to avoid breaking change (when dpop is not being used)\n if (!sdk.options.dpop) {\n let e = err;\n if (err instanceof AuthApiError && err?.meta?.wwwAuthHeader) {\n e = WWWAuthError.parseHeader(err.meta.wwwAuthHeader as string);\n }\n\n if (e instanceof WWWAuthError) {\n const { error, errorDescription } = e;\n throw new OAuthError(error, errorDescription);\n }\n }\n\n throw err;\n });\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuthOAuthInterface, TokenParams, TokenResponse } from './types';\nimport { clone } from '../util';\nimport { getToken } from './getToken';\nimport { loadPopup, generateState } from './util';\n\nexport function getWithPopup(\n sdk: OktaAuthOAuthInterface,\n options: TokenParams & { initialPath?: string }\n): Promise<TokenResponse> {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getWithPopup\" takes only a single set of options'));\n }\n\n const { initialPath, ...params } = options;\n\n // some browsers (safari, firefox) block popup if it's initialed from an async process\n // here we create the popup window immediately after user interaction\n // then redirect to the /authorize endpoint when the requestUrl is available\n const popupWindow = loadPopup(initialPath ?? '/', params);\n options = clone(params) || {};\n Object.assign(params, {\n display: 'popup',\n responseMode: 'okta_post_message',\n popupWindow\n });\n return getToken(sdk, params);\n}\n\nexport function getWithIDPPopup(\n sdk: OktaAuthOAuthInterface,\n options: Omit<TokenParams, 'redirectUri'> & { redirectUri: string }\n): { cancel: () => void, promise: Promise<TokenResponse> } {\n try {\n // eslint-disable-next-line compat/compat\n if (!BroadcastChannel) {\n throw new AuthSdkError('Modern browser with `BroadcastChannel` support is required to use this method');\n }\n\n if (!options.redirectUri) {\n throw new AuthSdkError('`redirectUri` is a required param for `getWithIDPPopup`');\n }\n\n if (!options.state) {\n options.state = generateState();\n }\n\n // some browsers (safari, firefox) block popup if it's initialed from an async process\n // here we create the popup window immediately after user interaction\n // then redirect to the /authorize endpoint when the requestUrl is available\n const popupWindow = loadPopup('/', options);\n // eslint-disable-next-line compat/compat\n const channel = new BroadcastChannel(`popup-callback:${options.state}`);\n\n options = clone(options) || {};\n Object.assign(options, {\n display: 'popup',\n responseMode: 'query',\n popupWindow,\n idpPopup: true,\n channel,\n });\n\n let cancelPromise;\n const promise = new Promise<TokenResponse>((resolve, reject) => {\n cancelPromise = reject;\n return getToken(sdk, options)\n .then((res) => resolve(res))\n .catch(err => reject(err));\n });\n\n const cancel = () => {\n channel.close();\n cancelPromise(new AuthSdkError('Popup flow canceled'));\n };\n\n return {\n promise,\n cancel\n };\n }\n catch (err) {\n return {\n promise: Promise.reject(err),\n cancel: () => {} // noop, no need to for method when error is thrown\n };\n }\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuthOAuthInterface, TokenParams } from './types';\nimport { clone } from '../util';\nimport { prepareTokenParams, createOAuthMeta } from './util';\nimport { buildAuthorizeParams } from './endpoints/authorize';\n\nexport async function getWithRedirect(sdk: OktaAuthOAuthInterface, options?: TokenParams): Promise<void> {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getWithRedirect\" takes only a single set of options'));\n }\n\n options = clone(options) || {};\n\n const tokenParams = await prepareTokenParams(sdk, options);\n const meta = createOAuthMeta(sdk, tokenParams);\n const requestUrl = meta.urls.authorizeUrl + buildAuthorizeParams(tokenParams);\n sdk.transactionManager.save(meta);\n if (sdk.options.setLocation) {\n sdk.options.setLocation(requestUrl);\n } else {\n window.location.assign(requestUrl);\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuthOAuthInterface, TokenParams, TokenResponse } from './types';\nimport { clone } from '../util';\nimport { getToken } from './getToken';\n\nexport function getWithoutPrompt(sdk: OktaAuthOAuthInterface, options: TokenParams): Promise<TokenResponse> {\n if (arguments.length > 2) {\n return Promise.reject(new AuthSdkError('As of version 3.0, \"getWithoutPrompt\" takes only a single set of options'));\n }\n \n options = clone(options) || {};\n Object.assign(options, {\n prompt: 'none',\n responseMode: 'okta_post_message',\n display: null\n });\n return getToken(sdk, options);\n}\n\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n\n/* eslint-disable complexity, max-statements */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { clone } from '../util';\nimport {\n getOAuthUrls,\n} from './util/oauth';\nimport { AuthSdkError, OAuthError } from '../errors';\nimport {\n OktaAuthOAuthInterface,\n TokenVerifyParams,\n IDToken,\n OAuthResponse,\n TokenParams,\n TokenResponse,\n CustomUrls,\n Tokens,\n} from './types';\nimport { verifyToken } from './verifyToken';\nimport { getDefaultTokenParams } from './util';\n\nfunction validateResponse(res: OAuthResponse, oauthParams: TokenParams) {\n if (res['error'] && res['error_description']) {\n throw new OAuthError(res['error'], res['error_description']);\n }\n\n if (res.state !== oauthParams.state) {\n throw new AuthSdkError('OAuth flow response state doesn\\'t match request state');\n }\n}\n\nexport async function handleOAuthResponse(\n sdk: OktaAuthOAuthInterface,\n tokenParams: TokenParams,\n res: OAuthResponse,\n urls?: CustomUrls\n): Promise<TokenResponse> {\n const pkce = sdk.options.pkce !== false;\n\n // The result contains an authorization_code and PKCE is enabled \n // `exchangeCodeForTokens` will call /token then call `handleOauthResponse` recursively with the result\n if (pkce && (res.code || res.interaction_code)) {\n return sdk.token.exchangeCodeForTokens(Object.assign({}, tokenParams, {\n authorizationCode: res.code,\n interactionCode: res.interaction_code\n }), urls);\n }\n\n tokenParams = tokenParams || getDefaultTokenParams(sdk);\n urls = urls || getOAuthUrls(sdk, tokenParams);\n\n let responseType = tokenParams.responseType || [];\n if (!Array.isArray(responseType) && responseType !== 'none') {\n responseType = [responseType];\n }\n\n let scopes;\n if (res.scope) {\n scopes = res.scope.split(' ');\n } else {\n scopes = clone(tokenParams.scopes);\n }\n const clientId = tokenParams.clientId || sdk.options.clientId;\n\n // Handling the result from implicit flow or PKCE token exchange\n validateResponse(res, tokenParams);\n\n if (tokenParams.dpop) {\n const { allowBearerTokens } = sdk.options?.dpopOptions ?? { allowBearerTokens: false };\n\n // https://datatracker.ietf.org/doc/html/rfc9449#token-response\n // \"A token_type of DPoP MUST be included in the access token response to signal to the client\"\n if (!allowBearerTokens && res.token_type !== 'DPoP') {\n throw new AuthSdkError('Unable to parse OAuth flow response: DPoP was configured but \"token_type\" was not DPoP');\n }\n }\n\n const tokenDict = {} as Tokens;\n const expiresIn = res.expires_in;\n const tokenType = res.token_type;\n const accessToken = res.access_token;\n const idToken = res.id_token;\n const refreshToken = res.refresh_token;\n const now = Math.floor(Date.now()/1000);\n\n if (accessToken) {\n const accessJwt = sdk.token.decode(accessToken);\n tokenDict.accessToken = {\n accessToken: accessToken,\n claims: accessJwt.payload,\n expiresAt: Number(expiresIn) + now,\n tokenType: tokenType!,\n scopes: scopes,\n authorizeUrl: urls.authorizeUrl!,\n userinfoUrl: urls.userinfoUrl!\n };\n\n if (tokenParams.dpopPairId) {\n tokenDict.accessToken.dpopPairId = tokenParams.dpopPairId;\n }\n\n if (tokenParams.extraParams) {\n tokenDict.accessToken.extraParams = tokenParams.extraParams;\n }\n }\n\n if (refreshToken) {\n tokenDict.refreshToken = {\n refreshToken: refreshToken,\n // should not be used, this is the accessToken expire time\n // TODO: remove \"expiresAt\" in the next major version OKTA-407224\n expiresAt: Number(expiresIn) + now, \n scopes: scopes,\n tokenUrl: urls.tokenUrl!,\n authorizeUrl: urls.authorizeUrl!,\n issuer: urls.issuer!,\n };\n\n if (tokenParams.dpopPairId) {\n tokenDict.refreshToken.dpopPairId = tokenParams.dpopPairId;\n }\n\n if (tokenParams.extraParams) {\n tokenDict.refreshToken.extraParams = tokenParams.extraParams;\n }\n }\n\n if (idToken) {\n const idJwt = sdk.token.decode(idToken);\n const idTokenObj: IDToken = {\n idToken: idToken,\n claims: idJwt.payload,\n expiresAt: idJwt.payload.exp! - idJwt.payload.iat! + now, // adjusting expiresAt to be in local time\n scopes: scopes,\n authorizeUrl: urls.authorizeUrl!,\n issuer: urls.issuer!,\n clientId: clientId!\n };\n\n if (tokenParams.extraParams) {\n idTokenObj.extraParams = tokenParams.extraParams;\n }\n\n const validationParams: TokenVerifyParams = {\n clientId: clientId!,\n issuer: urls.issuer!,\n nonce: tokenParams.nonce,\n accessToken: accessToken,\n acrValues: tokenParams.acrValues\n };\n\n if (tokenParams.ignoreSignature !== undefined) {\n validationParams.ignoreSignature = tokenParams.ignoreSignature;\n }\n\n await verifyToken(sdk, idTokenObj, validationParams);\n tokenDict.idToken = idTokenObj;\n }\n\n // Validate received tokens against requested response types \n if (responseType.indexOf('token') !== -1 && !tokenDict.accessToken) {\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Unable to parse OAuth flow response: response type \"token\" was requested but \"access_token\" was not returned.');\n }\n if (responseType.indexOf('id_token') !== -1 && !tokenDict.idToken) {\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Unable to parse OAuth flow response: response type \"id_token\" was requested but \"id_token\" was not returned.');\n }\n\n return {\n tokens: tokenDict,\n state: res.state!,\n code: res.code,\n responseType\n };\n \n}","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport { AuthSdkError } from '../errors';\nimport { getWellKnown } from './endpoints/well-known';\nimport { post } from '../http';\nimport { toQueryString } from '../util';\nimport { btoa } from '../crypto';\nimport { Token, TokenKind } from './types';\n\nconst hintMap = {\n accessToken: 'access_token',\n idToken: 'id_token',\n refreshToken: 'refresh_token'\n};\n\n/* eslint complexity: [2, 9] */\nexport async function oidcIntrospect (sdk, kind: TokenKind, token?: Token) {\n let issuer: string;\n let clientId: string = sdk.options.clientId;\n let clientSecret: string | undefined = sdk.options.clientSecret;\n\n if (!token) {\n token = sdk.tokenManager.getTokens()[kind];\n }\n\n if (!token) {\n throw new AuthSdkError(`unable to find ${kind} in storage or fn params`);\n }\n\n if (kind !== TokenKind.ACCESS) {\n issuer = (token as any)?.issuer;\n }\n else {\n issuer = (token as any)?.claims?.iss;\n }\n issuer = issuer || sdk.options.issuer;\n\n if (!clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to introspect a token');\n }\n if (!issuer) {\n throw new AuthSdkError('Unable to find issuer');\n }\n\n const { introspection_endpoint: introspectUrl } = await getWellKnown(sdk, issuer);\n const authHeader = clientSecret ? btoa(`${clientId}:${clientSecret}`) : btoa(clientId);\n const args = toQueryString({\n // eslint-disable-next-line camelcase\n token_type_hint: hintMap[kind],\n token: token[kind] // extract raw token string from token object\n }).slice(1);\n return post(sdk, introspectUrl, args, {\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n 'Authorization': 'Basic ' + authHeader\n }\n });\n}\n","import superPropBase from \"./superPropBase.js\";\nfunction _get() {\n return _get = \"undefined\" != typeof Reflect && Reflect.get ? Reflect.get.bind() : function (e, t, r) {\n var p = superPropBase(e, t);\n if (p) {\n var n = Object.getOwnPropertyDescriptor(p, t);\n return n.get ? n.get.call(arguments.length < 3 ? e : r) : n.value;\n }\n }, _get.apply(null, arguments);\n}\nexport { _get as default };","import getPrototypeOf from \"./getPrototypeOf.js\";\nfunction _superPropBase(t, o) {\n for (; !{}.hasOwnProperty.call(t, o) && null !== (t = getPrototypeOf(t)););\n return t;\n}\nexport { _superPropBase as default };","import { httpRequest, RequestOptions } from '../../http';\nimport { OktaAuthConstructor } from '../../base/types';\nimport { \n PromiseQueue,\n isFunction\n} from '../../util';\nimport { CryptoAPI } from '../../crypto/types';\nimport * as crypto from '../../crypto';\nimport {\n AccessToken,\n CustomUserClaims,\n IDToken,\n IsAuthenticatedOptions,\n OAuthResponseType,\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n PkceAPI,\n PKCETransactionMeta,\n RefreshToken,\n SigninWithRedirectOptions,\n SignoutOptions,\n SignoutRedirectUrlOptions,\n TokenAPI,\n TransactionManagerInterface,\n TransactionManagerConstructor,\n UserClaims,\n Endpoints,\n DPoPRequest,\n DPoPHeaders\n} from '../types';\nimport PKCE from '../util/pkce';\nimport { createEndpoints, createTokenAPI } from '../factory/api';\nimport { TokenManager } from '../TokenManager';\nimport { getOAuthUrls, isLoginRedirect, hasResponseType } from '../util';\nimport { \n generateDPoPProof,\n clearDPoPKeyPair,\n clearAllDPoPKeyPairs,\n clearDPoPKeyPairAfterRevoke,\n findKeyPair,\n isDPoPNonceError\n} from '../dpop';\nimport { AuthSdkError, WWWAuthError } from '../../errors';\n\nimport { OktaAuthSessionInterface } from '../../session/types';\nimport { provideOriginalUri } from './node';\nexport function mixinOAuth\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TM extends TransactionManagerInterface = TransactionManagerInterface,\n TBase extends OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n = OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n>\n(\n Base: TBase,\n TransactionManagerConstructor: TransactionManagerConstructor<TM>,\n): TBase & OktaAuthConstructor<OktaAuthOAuthInterface<M, S, O, TM>>\n{\n const WithOriginalUri = provideOriginalUri(Base);\n return class OktaAuthOAuth extends WithOriginalUri\n implements OktaAuthOAuthInterface<M, S, O, TM>\n {\n static crypto: CryptoAPI = crypto;\n token: TokenAPI;\n tokenManager: TokenManager;\n transactionManager: TM;\n pkce: PkceAPI;\n endpoints: Endpoints;\n\n _pending: { handleLogin: boolean };\n _tokenQueue: PromiseQueue;\n \n constructor(...args: any[]) {\n super(...args);\n\n this.transactionManager = new TransactionManagerConstructor(Object.assign({\n storageManager: this.storageManager,\n }, this.options.transactionManager));\n \n this.pkce = {\n DEFAULT_CODE_CHALLENGE_METHOD: PKCE.DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier: PKCE.generateVerifier,\n computeChallenge: PKCE.computeChallenge\n };\n \n this._pending = { handleLogin: false };\n\n this._tokenQueue = new PromiseQueue();\n\n this.token = createTokenAPI(this, this._tokenQueue);\n\n // TokenManager\n this.tokenManager = new TokenManager(this, this.options.tokenManager);\n\n this.endpoints = createEndpoints(this);\n }\n\n // inherited from subclass\n clearStorage(): void {\n super.clearStorage();\n \n // Clear all local tokens\n this.tokenManager.clear();\n }\n\n // Returns true if both accessToken and idToken are not expired\n // If `autoRenew` option is set, will attempt to renew expired tokens before returning.\n // eslint-disable-next-line complexity\n async isAuthenticated(options: IsAuthenticatedOptions = {}): Promise<boolean> {\n // TODO: remove dependency on tokenManager options in next major version - OKTA-473815\n const { autoRenew, autoRemove } = this.tokenManager.getOptions();\n\n const shouldRenew = options.onExpiredToken ? options.onExpiredToken === 'renew' : autoRenew;\n const shouldRemove = options.onExpiredToken ? options.onExpiredToken === 'remove' : autoRemove;\n\n let { accessToken } = this.tokenManager.getTokensSync();\n if (accessToken && this.tokenManager.hasExpired(accessToken)) {\n accessToken = undefined;\n if (shouldRenew) {\n try {\n accessToken = await this.tokenManager.renew('accessToken') as AccessToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('accessToken');\n }\n }\n\n let { idToken } = this.tokenManager.getTokensSync();\n if (idToken && this.tokenManager.hasExpired(idToken)) {\n idToken = undefined;\n if (shouldRenew) {\n try {\n idToken = await this.tokenManager.renew('idToken') as IDToken;\n } catch {\n // Renew errors will emit an \"error\" event \n }\n } else if (shouldRemove) {\n this.tokenManager.remove('idToken');\n }\n }\n\n return !!(accessToken && idToken);\n }\n\n\n async signInWithRedirect(opts: SigninWithRedirectOptions = {}) {\n const { originalUri, ...additionalParams } = opts;\n if(this._pending.handleLogin) { \n // Don't trigger second round\n return;\n }\n\n this._pending.handleLogin = true;\n try {\n // Trigger default signIn redirect flow\n if (originalUri) {\n this.setOriginalUri(originalUri);\n }\n const params = Object.assign({\n // TODO: remove this line when default scopes are changed OKTA-343294\n scopes: this.options.scopes || ['openid', 'email', 'profile']\n }, additionalParams);\n await this.token.getWithRedirect(params);\n } finally {\n this._pending.handleLogin = false;\n }\n }\n\n async getUser<T extends CustomUserClaims = CustomUserClaims>(): Promise<UserClaims<T>> {\n const { idToken, accessToken } = this.tokenManager.getTokensSync();\n return this.token.getUserInfo(accessToken, idToken);\n }\n \n getIdToken(): string | undefined {\n const { idToken } = this.tokenManager.getTokensSync();\n return idToken ? idToken.idToken : undefined;\n }\n \n getAccessToken(): string | undefined {\n const { accessToken } = this.tokenManager.getTokensSync();\n return accessToken ? accessToken.accessToken : undefined;\n }\n \n getRefreshToken(): string | undefined {\n const { refreshToken } = this.tokenManager.getTokensSync();\n return refreshToken ? refreshToken.refreshToken : undefined;\n }\n\n async getOrRenewAccessToken(): Promise<string | null> {\n const { accessToken } = this.tokenManager.getTokensSync();\n if (accessToken && !this.tokenManager.hasExpired(accessToken)) {\n return accessToken.accessToken;\n }\n try {\n const key = this.tokenManager.getStorageKeyByType('accessToken');\n const token = await this.tokenManager.renew(key ?? 'accessToken');\n return (token as AccessToken)?.accessToken ?? null;\n }\n catch (err) {\n this.emitter.emit('error', err);\n return null;\n }\n }\n \n /**\n * Store parsed tokens from redirect url\n */\n async storeTokensFromRedirect(): Promise<void> {\n const { tokens, responseType } = await this.token.parseFromUrl();\n if (responseType !== 'none') {\n this.tokenManager.setTokens(tokens);\n }\n }\n \n isLoginRedirect(): boolean {\n return isLoginRedirect(this);\n }\n\n isPKCE(): boolean {\n return !!this.options.pkce;\n }\n\n hasResponseType(responseType: OAuthResponseType): boolean {\n return hasResponseType(responseType, this.options);\n }\n \n isAuthorizationCodeFlow(): boolean {\n return this.hasResponseType('code');\n }\n\n // Escape hatch method to make arbitrary OKTA API call\n async invokeApiMethod(options: RequestOptions): Promise<unknown> {\n if (!options.accessToken) {\n const accessToken = (await this.tokenManager.getTokens()).accessToken as AccessToken;\n options.accessToken = accessToken?.accessToken;\n }\n return httpRequest(this, options);\n }\n \n // Revokes the access token for the application session\n async revokeAccessToken(accessToken?: AccessToken): Promise<unknown> {\n if (!accessToken) {\n const tokens = await this.tokenManager.getTokens();\n accessToken = tokens.accessToken;\n const accessTokenKey = this.tokenManager.getStorageKeyByType('accessToken');\n this.tokenManager.remove(accessTokenKey);\n\n if (this.options.dpop) {\n await clearDPoPKeyPairAfterRevoke('access', tokens);\n }\n }\n // Access token may have been removed. In this case, we will silently succeed.\n if (!accessToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(accessToken);\n }\n\n // Revokes the refresh token for the application session\n async revokeRefreshToken(refreshToken?: RefreshToken): Promise<unknown> {\n if (!refreshToken) {\n const tokens = await this.tokenManager.getTokens();\n refreshToken = tokens.refreshToken;\n const refreshTokenKey = this.tokenManager.getStorageKeyByType('refreshToken');\n this.tokenManager.remove(refreshTokenKey);\n\n if (this.options.dpop) {\n await clearDPoPKeyPairAfterRevoke('refresh', tokens);\n }\n }\n // Refresh token may have been removed. In this case, we will silently succeed.\n if (!refreshToken) {\n return Promise.resolve(null);\n }\n return this.token.revoke(refreshToken);\n }\n\n getSignOutRedirectUrl(options: SignoutRedirectUrlOptions = {}) {\n let {\n idToken,\n postLogoutRedirectUri,\n state,\n } = options;\n if (!idToken) {\n idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n if (!idToken) {\n return '';\n }\n if (postLogoutRedirectUri === undefined) {\n postLogoutRedirectUri = this.options.postLogoutRedirectUri;\n }\n\n const logoutUrl = getOAuthUrls(this).logoutUrl;\n const idTokenHint = idToken.idToken; // a string\n let logoutUri = logoutUrl + '?id_token_hint=' + encodeURIComponent(idTokenHint);\n if (postLogoutRedirectUri) {\n logoutUri += '&post_logout_redirect_uri=' + encodeURIComponent(postLogoutRedirectUri);\n } \n // State allows option parameters to be passed to logout redirect uri\n if (state) {\n logoutUri += '&state=' + encodeURIComponent(state);\n }\n\n return logoutUri;\n }\n\n // Revokes refreshToken or accessToken, clears all local tokens, then redirects to Okta to end the SSO session.\n // eslint-disable-next-line complexity, max-statements\n async signOut(options?: SignoutOptions): Promise<boolean> {\n options = Object.assign({}, options);\n \n // postLogoutRedirectUri must be whitelisted in Okta Admin UI\n const defaultUri = window.location.origin;\n const currentUri = window.location.href;\n // Fix for issue/1410 - allow for no postLogoutRedirectUri to be passed, resulting in /logout default behavior\n // \"If no Okta session exists, this endpoint has no effect and the browser is redirected immediately to the\n // Okta sign-in page or the post_logout_redirect_uri (if specified).\"\n // - https://developer.okta.com/docs/reference/api/oidc/#logout\n const postLogoutRedirectUri = options.postLogoutRedirectUri === null ? null :\n (options.postLogoutRedirectUri\n || this.options.postLogoutRedirectUri\n || defaultUri);\n const state = options?.state;\n \n \n let accessToken = options.accessToken;\n let refreshToken = options.refreshToken;\n const revokeAccessToken = options.revokeAccessToken !== false;\n const revokeRefreshToken = options.revokeRefreshToken !== false;\n \n if (revokeRefreshToken && typeof refreshToken === 'undefined') {\n refreshToken = this.tokenManager.getTokensSync().refreshToken as RefreshToken;\n }\n\n if (revokeAccessToken && typeof accessToken === 'undefined') {\n accessToken = this.tokenManager.getTokensSync().accessToken as AccessToken;\n }\n \n if (!options.idToken) {\n options.idToken = this.tokenManager.getTokensSync().idToken as IDToken;\n }\n\n if (revokeRefreshToken && refreshToken) {\n await this.revokeRefreshToken(refreshToken);\n }\n\n if (revokeAccessToken && accessToken) {\n await this.revokeAccessToken(accessToken);\n }\n\n const dpopPairId = accessToken?.dpopPairId ?? refreshToken?.dpopPairId;\n if (this.options.dpop && dpopPairId) {\n await clearDPoPKeyPair(dpopPairId);\n }\n\n const logoutUri = this.getSignOutRedirectUrl({ ...options, postLogoutRedirectUri });\n // No logoutUri? This can happen if the storage was cleared.\n // Fallback to XHR signOut, then simulate a redirect to the post logout uri\n if (!logoutUri) {\n // local tokens are cleared once session is closed\n const sessionClosed = await this.closeSession(); // can throw if the user cannot be signed out\n const redirectUri = new URL(postLogoutRedirectUri || defaultUri); // during fallback, redirectUri cannot be null\n if (state) {\n redirectUri.searchParams.append('state', state);\n }\n if (postLogoutRedirectUri === currentUri) {\n // window.location.reload(); // force a hard reload if URI is not changing\n window.location.href = redirectUri.href;\n } else {\n window.location.assign(redirectUri.href);\n }\n return sessionClosed;\n } else {\n if (options.clearTokensBeforeRedirect) {\n // Clear all local tokens\n this.tokenManager.clear();\n } else {\n this.tokenManager.addPendingRemoveFlags();\n }\n // Flow ends with logout redirect\n window.location.assign(logoutUri);\n return true;\n }\n }\n\n async getDPoPAuthorizationHeaders (params: DPoPRequest): Promise<DPoPHeaders> {\n if (!this.options.dpop) {\n throw new AuthSdkError('DPoP is not configured for this client instance');\n }\n\n let { accessToken } = params;\n if (!accessToken) {\n accessToken = (this.tokenManager.getTokensSync()).accessToken;\n }\n\n if (!accessToken) {\n throw new AuthSdkError('AccessToken is required to generate a DPoP Proof');\n }\n\n const keyPair = await findKeyPair(accessToken?.dpopPairId);\n const proof = await generateDPoPProof({...params, keyPair, accessToken: accessToken.accessToken});\n return {\n Authorization: `DPoP ${accessToken.accessToken}`,\n Dpop: proof\n };\n }\n\n async clearDPoPStorage (clearAll=false): Promise<void> {\n if (clearAll) {\n return clearAllDPoPKeyPairs();\n }\n\n const tokens = await this.tokenManager.getTokens();\n const keyPair = tokens.accessToken?.dpopPairId || tokens.refreshToken?.dpopPairId;\n\n if (keyPair) {\n await clearDPoPKeyPair(keyPair);\n }\n }\n\n parseUseDPoPNonceError (headers: HeadersInit): string | null {\n const wwwAuth = WWWAuthError.getWWWAuthenticateHeader(headers);\n const wwwErr = WWWAuthError.parseHeader(wwwAuth ?? '');\n if (isDPoPNonceError(wwwErr)) {\n let nonce: string | null = null;\n if (isFunction((headers as Headers)?.get)) {\n nonce = (headers as Headers).get('DPoP-Nonce');\n }\n nonce = nonce ?? headers['dpop-nonce'] ?? headers['DPoP-Nonce'];\n return nonce;\n }\n\n return null;\n }\n };\n\n}\n","import { REFERRER_PATH_STORAGE_KEY } from '../../constants';\nimport browserStorage from '../../browser/browserStorage';\nimport { OktaAuthStorageInterface } from '../../storage';\nimport { OktaAuthConstructor } from '../../base';\nimport {\n OAuthStorageManagerInterface,\n OAuthTransactionMeta,\n OktaAuthOAuthOptions,\n OriginalUriApi,\n PKCETransactionMeta,\n} from '../types';\n\nexport function provideOriginalUri\n<\n M extends OAuthTransactionMeta = PKCETransactionMeta,\n S extends OAuthStorageManagerInterface<M> = OAuthStorageManagerInterface<M>,\n O extends OktaAuthOAuthOptions = OktaAuthOAuthOptions,\n TBase extends OktaAuthConstructor<OktaAuthStorageInterface<S, O>>\n = OktaAuthConstructor<OktaAuthStorageInterface<S, O>> \n>\n(BaseClass: TBase) {\n return class WithOriginalUri extends BaseClass implements OriginalUriApi {\n setOriginalUri(originalUri: string, state?: string): void {\n // always store in session storage\n const sessionStorage = browserStorage.getSessionStorage();\n sessionStorage.setItem(REFERRER_PATH_STORAGE_KEY, originalUri);\n \n // to support multi-tab flows, set a state in constructor or pass as param\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.setItem(state, originalUri);\n }\n }\n \n getOriginalUri(state?: string): string | undefined {\n // Prefer shared storage (if state is available)\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n const originalUri = sharedStorage.getItem(state);\n if (originalUri) {\n return originalUri;\n }\n }\n \n // Try to load from session storage\n const storage = browserStorage.getSessionStorage();\n return storage ? storage.getItem(REFERRER_PATH_STORAGE_KEY) || undefined : undefined;\n }\n \n removeOriginalUri(state?: string): void {\n // Remove from sessionStorage\n const storage = browserStorage.getSessionStorage();\n storage.removeItem(REFERRER_PATH_STORAGE_KEY);\n \n // Also remove from shared storage\n state = state || this.options.state;\n if (state) {\n const sharedStorage = this.storageManager.getOriginalUriStorage();\n sharedStorage.removeItem && sharedStorage.removeItem(state);\n }\n }\n };\n}\n","export const enableSharedStorage = true;\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { DEFAULT_MAX_CLOCK_SKEW } from '../../constants';\nimport { removeTrailingSlash, toAbsoluteUrl } from '../../util/url';\nimport { isBrowser } from '../../features';\nimport { createHttpOptionsConstructor } from '../../http/options';\nimport {\n OAuthResponseMode,\n OAuthResponseType,\n OktaAuthOAuthInterface,\n OktaAuthOAuthOptions,\n SetLocationFunction,\n TokenManagerOptions,\n TransactionManagerOptions,\n DPoPOptions\n} from '../types';\nimport { enableSharedStorage } from './node';\nimport AuthSdkError from '../../errors/AuthSdkError';\n\nfunction assertValidConfig(args) {\n args = args || {};\n\n var scopes = args.scopes;\n if (scopes && !Array.isArray(scopes)) {\n throw new AuthSdkError('scopes must be a array of strings. ' +\n 'Required usage: new OktaAuth({scopes: [\"openid\", \"email\"]})');\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var issuer = args.issuer!;\n if (!issuer) {\n throw new AuthSdkError('No issuer passed to constructor. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n var isUrlRegex = new RegExp('^http?s?://.+');\n if (!isUrlRegex.test(issuer)) {\n throw new AuthSdkError('Issuer must be a valid URL. ' + \n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com/oauth2/{authServerId}\"})');\n }\n\n if (issuer.indexOf('-admin.okta') !== -1) {\n throw new AuthSdkError('Issuer URL passed to constructor contains \"-admin\" in subdomain. ' +\n 'Required usage: new OktaAuth({issuer: \"https://{yourOktaDomain}.com})');\n }\n}\n\nexport function createOAuthOptionsConstructor() {\n const HttpOptionsConstructor = createHttpOptionsConstructor();\n return class OAuthOptionsConstructor\n extends HttpOptionsConstructor\n implements Required<OktaAuthOAuthOptions>\n {\n // CustomUrls\n issuer: string;\n authorizeUrl: string;\n userinfoUrl: string;\n tokenUrl: string;\n revokeUrl: string;\n logoutUrl: string;\n \n // TokenParams\n pkce: boolean;\n clientId: string;\n redirectUri: string;\n responseType: OAuthResponseType | OAuthResponseType[];\n responseMode: OAuthResponseMode;\n state: string;\n scopes: string[];\n ignoreSignature: boolean;\n codeChallenge: string;\n codeChallengeMethod: string;\n acrValues: string;\n maxAge: string | number;\n dpop: boolean;\n dpopOptions: DPoPOptions;\n\n // Additional options\n tokenManager: TokenManagerOptions;\n postLogoutRedirectUri: string;\n restoreOriginalUri: (oktaAuth: OktaAuthOAuthInterface, originalUri?: string) => Promise<void>;\n transactionManager: TransactionManagerOptions;\n\n // For server-side web applications ONLY!\n clientSecret: string;\n setLocation: SetLocationFunction;\n\n // Workaround for bad client time/clock\n ignoreLifetime: boolean;\n maxClockSkew: number;\n\n\n // eslint-disable-next-line max-statements\n constructor(options: any) {\n super(options);\n \n assertValidConfig(options);\n \n this.issuer = removeTrailingSlash(options.issuer);\n this.tokenUrl = removeTrailingSlash(options.tokenUrl);\n this.authorizeUrl = removeTrailingSlash(options.authorizeUrl);\n this.userinfoUrl = removeTrailingSlash(options.userinfoUrl);\n this.revokeUrl = removeTrailingSlash(options.revokeUrl);\n this.logoutUrl = removeTrailingSlash(options.logoutUrl);\n\n this.pkce = options.pkce === false ? false : true; // PKCE defaults to true\n this.clientId = options.clientId;\n this.redirectUri = options.redirectUri;\n if (isBrowser()) {\n this.redirectUri = toAbsoluteUrl(options.redirectUri, window.location.origin); // allow relative URIs\n }\n this.responseType = options.responseType;\n this.responseMode = options.responseMode;\n this.state = options.state;\n this.scopes = options.scopes;\n // Give the developer the ability to disable token signature validation.\n this.ignoreSignature = !!options.ignoreSignature;\n this.codeChallenge = options.codeChallenge;\n this.codeChallengeMethod = options.codeChallengeMethod;\n this.acrValues = options.acrValues;\n this.maxAge = options.maxAge;\n this.dpop = options.dpop === true; // dpop defaults to false\n this.dpopOptions = {\n allowBearerTokens: false,\n ...options.dpopOptions,\n };\n\n this.tokenManager = options.tokenManager;\n this.postLogoutRedirectUri = options.postLogoutRedirectUri;\n this.restoreOriginalUri = options.restoreOriginalUri;\n this.transactionManager = { enableSharedStorage, ...options.transactionManager };\n \n this.clientSecret = options.clientSecret;\n this.setLocation = options.setLocation;\n \n // As some end user's devices can have their date \n // and time incorrectly set, allow for the disabling\n // of the jwt liftetime validation\n this.ignoreLifetime = !!options.ignoreLifetime;\n\n // Digital clocks will drift over time, so the server\n // can misalign with the time reported by the browser.\n // The maxClockSkew allows relaxing the time-based\n // validation of tokens (in seconds, not milliseconds).\n // It currently defaults to 300, because 5 min is the\n // default maximum tolerance allowed by Kerberos.\n // (https://technet.microsoft.com/en-us/library/cc976357.aspx)\n if (!options.maxClockSkew && options.maxClockSkew !== 0) {\n this.maxClockSkew = DEFAULT_MAX_CLOCK_SKEW;\n } else {\n this.maxClockSkew = options.maxClockSkew;\n }\n\n }\n };\n}\n","/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { isInteractionRequiredError, urlParamsToObject } from './util';\nimport {\n ParseFromUrlOptions,\n TokenResponse,\n CustomUrls,\n TransactionMeta,\n OAuthResponse\n} from './types';\nimport { isString } from '../util';\nimport { handleOAuthResponse } from './handleOAuthResponse';\n\nfunction removeHash(sdk) {\n var nativeHistory = sdk.token.parseFromUrl._getHistory();\n var nativeDoc = sdk.token.parseFromUrl._getDocument();\n var nativeLoc = sdk.token.parseFromUrl._getLocation();\n if (nativeHistory && nativeHistory.replaceState) {\n nativeHistory.replaceState(null, nativeDoc.title, nativeLoc.pathname + nativeLoc.search);\n } else {\n nativeLoc.hash = '';\n }\n}\n\nfunction removeSearch(sdk) {\n var nativeHistory = sdk.token.parseFromUrl._getHistory();\n var nativeDoc = sdk.token.parseFromUrl._getDocument();\n var nativeLoc = sdk.token.parseFromUrl._getLocation();\n if (nativeHistory && nativeHistory.replaceState) {\n nativeHistory.replaceState(null, nativeDoc.title, nativeLoc.pathname + nativeLoc.hash);\n } else {\n nativeLoc.search = '';\n }\n}\n\nexport function getResponseMode(sdk): 'query' | 'fragment' {\n // https://openid.net/specs/openid-connect-core-1_0.html#Authentication\n var defaultResponseMode = sdk.options.pkce ? 'query' : 'fragment';\n var responseMode = sdk.options.responseMode || defaultResponseMode;\n return responseMode;\n}\n\nexport function parseOAuthResponseFromUrl(sdk, options: string | ParseFromUrlOptions): OAuthResponse {\n options = options || {};\n if (isString(options)) {\n options = { url: options } as ParseFromUrlOptions;\n } else {\n options = options as ParseFromUrlOptions;\n }\n\n var url = options.url;\n var responseMode = options.responseMode || getResponseMode(sdk);\n var nativeLoc = sdk.token.parseFromUrl._getLocation();\n var paramStr;\n\n if (responseMode === 'query') {\n paramStr = url ? url.substring(url.indexOf('?')) : nativeLoc.search;\n } else {\n paramStr = url ? url.substring(url.indexOf('#')) : nativeLoc.hash;\n }\n\n if (!paramStr) {\n throw new AuthSdkError('Unable to parse a token from the url');\n }\n\n return urlParamsToObject(paramStr);\n}\n\nexport function cleanOAuthResponseFromUrl(sdk, options: ParseFromUrlOptions) {\n // Clean hash or search from the url\n const responseMode = options.responseMode || getResponseMode(sdk);\n responseMode === 'query' ? removeSearch(sdk) : removeHash(sdk);\n}\n\nexport async function parseFromUrl(sdk, options?: string | ParseFromUrlOptions): Promise<TokenResponse> {\n options = options || {};\n if (isString(options)) {\n options = { url: options } as ParseFromUrlOptions;\n } else {\n options = options as ParseFromUrlOptions;\n }\n\n const res: OAuthResponse = parseOAuthResponseFromUrl(sdk, options);\n const state = res.state;\n const oauthParams: TransactionMeta = sdk.transactionManager.load({\n state\n });\n if (!oauthParams) {\n if (sdk.options.pkce) {\n // eslint-disable-next-line max-len\n throw new AuthSdkError('Could not load PKCE codeVerifier from storage. This may indicate the auth flow has already completed or multiple auth flows are executing concurrently.', undefined);\n }\n throw new AuthSdkError('Unable to retrieve OAuth redirect params from storage');\n }\n const urls: CustomUrls = oauthParams.urls as CustomUrls;\n delete oauthParams.urls;\n\n if (!options.url) {\n // Clean hash or search from the url\n cleanOAuthResponseFromUrl(sdk, options);\n }\n\n return handleOAuthResponse(sdk, oauthParams, res, urls)\n .catch(err => {\n if (!isInteractionRequiredError(err)) {\n sdk.transactionManager.clear({\n state\n });\n }\n throw err;\n })\n .then(res => {\n sdk.transactionManager.clear({\n state\n });\n return res;\n });\n\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { OktaAuthOAuthInterface, Token, Tokens, isAccessToken, AccessToken, IDToken, isIDToken } from './types';\nimport { getWithoutPrompt } from './getWithoutPrompt';\nimport { renewTokensWithRefresh } from './renewTokensWithRefresh';\n\nfunction throwInvalidTokenError() {\n throw new AuthSdkError(\n 'Renew must be passed a token with an array of scopes and an accessToken or idToken'\n );\n}\n\n// Multiple tokens may have come back. Return only the token which was requested.\nfunction getSingleToken(originalToken: Token, tokens: Tokens) {\n if (isIDToken(originalToken)) {\n return tokens.idToken;\n }\n if (isAccessToken(originalToken)) {\n return tokens.accessToken;\n }\n throwInvalidTokenError();\n}\n\n// If we have a refresh token, renew using that, otherwise getWithoutPrompt\nexport async function renewToken(sdk: OktaAuthOAuthInterface, token: Token): Promise<Token | undefined> {\n if (!isIDToken(token) && !isAccessToken(token)) {\n throwInvalidTokenError();\n }\n\n let tokens = sdk.tokenManager.getTokensSync();\n if (tokens.refreshToken) {\n tokens = await renewTokensWithRefresh(sdk, {\n scopes: token.scopes,\n }, tokens.refreshToken);\n return getSingleToken(token, tokens);\n }\n\n var responseType;\n if (sdk.options.pkce) {\n responseType = 'code';\n } else if (isAccessToken(token)) {\n responseType = 'token';\n } else {\n responseType = 'id_token';\n }\n\n const { scopes, authorizeUrl, userinfoUrl, issuer, dpopPairId, extraParams } = token as (AccessToken & IDToken);\n return getWithoutPrompt(sdk, {\n responseType,\n scopes,\n authorizeUrl,\n userinfoUrl,\n issuer,\n dpopPairId,\n extraParams\n })\n .then(function (res) {\n return getSingleToken(token, res.tokens);\n });\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { RenewTokensParams, Tokens } from './types';\nimport { getWithoutPrompt } from './getWithoutPrompt';\nimport { renewTokensWithRefresh } from './renewTokensWithRefresh';\nimport { getDefaultTokenParams } from './util';\n\n// If we have a refresh token, renew using that, otherwise getWithoutPrompt\n// eslint-disable-next-line complexity\nexport async function renewTokens(sdk, options?: RenewTokensParams): Promise<Tokens> {\n const tokens = options?.tokens ?? sdk.tokenManager.getTokensSync();\n if (tokens.refreshToken) {\n return renewTokensWithRefresh(sdk, options || {}, tokens.refreshToken);\n }\n\n if (!tokens.accessToken && !tokens.idToken) {\n throw new AuthSdkError('renewTokens() was called but there is no existing token');\n }\n\n const accessToken = tokens.accessToken || {};\n const idToken = tokens.idToken || {};\n const scopes = accessToken.scopes || idToken.scopes;\n if (!scopes) {\n throw new AuthSdkError('renewTokens: invalid tokens: could not read scopes');\n }\n const authorizeUrl = accessToken.authorizeUrl || idToken.authorizeUrl;\n if (!authorizeUrl) {\n throw new AuthSdkError('renewTokens: invalid tokens: could not read authorizeUrl');\n }\n const userinfoUrl = accessToken.userinfoUrl || sdk.options.userinfoUrl;\n const issuer = idToken.issuer || sdk.options.issuer;\n const dpopPairId = accessToken?.dpopPairId;\n const extraParams = accessToken?.extraParams || idToken?.extraParams;\n\n // Get tokens using the SSO cookie\n options = Object.assign({\n scopes,\n authorizeUrl,\n userinfoUrl,\n issuer,\n dpopPairId,\n extraParams\n }, options);\n\n if (sdk.options.pkce) {\n options.responseType = 'code';\n } else {\n const { responseType } = getDefaultTokenParams(sdk);\n options.responseType = responseType;\n }\n\n return getWithoutPrompt(sdk, options)\n .then(res => res.tokens);\n \n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../errors';\nimport { getOAuthUrls } from './util/oauth';\nimport { isSameRefreshToken } from './util/refreshToken';\nimport { OktaAuthOAuthInterface, TokenParams, RefreshToken, Tokens } from './types';\nimport { handleOAuthResponse } from './handleOAuthResponse';\nimport { TokenEndpointParams, postRefreshToken } from './endpoints/token';\nimport { findKeyPair } from './dpop';\nimport { isRefreshTokenInvalidError } from './util/errors';\n\n/* eslint complexity:[0,8] */\nexport async function renewTokensWithRefresh(\n sdk: OktaAuthOAuthInterface,\n tokenParams: TokenParams,\n refreshTokenObject: RefreshToken\n): Promise<Tokens> {\n const { clientId, dpop } = sdk.options;\n if (!clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to renew tokens');\n }\n\n try {\n const renewTokenParams: TokenParams = Object.assign({}, tokenParams, { clientId });\n\n if (refreshTokenObject.extraParams) {\n renewTokenParams.extraParams = refreshTokenObject.extraParams;\n }\n\n const endpointParams: TokenEndpointParams = {...renewTokenParams};\n\n if (dpop) {\n const keyPair = await findKeyPair(refreshTokenObject?.dpopPairId); // will throw if KP cannot be found\n endpointParams.dpopKeyPair = keyPair;\n renewTokenParams.dpop = dpop;\n renewTokenParams.dpopPairId = refreshTokenObject.dpopPairId;\n }\n\n const tokenResponse = await postRefreshToken(sdk, endpointParams, refreshTokenObject);\n const urls = getOAuthUrls(sdk, tokenParams);\n const { tokens } = await handleOAuthResponse(sdk, renewTokenParams, tokenResponse, urls);\n\n // Support rotating refresh tokens\n const { refreshToken } = tokens;\n if (refreshToken && !isSameRefreshToken(refreshToken, refreshTokenObject)) {\n sdk.tokenManager.updateRefreshToken(refreshToken);\n }\n\n return tokens;\n }\n catch (err) {\n if (isRefreshTokenInvalidError(err)) {\n // if the refresh token is invalid, remove it from storage\n sdk.tokenManager.removeRefreshToken();\n }\n throw err;\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n/* eslint complexity:[0,8] */\nimport { post } from '../http';\nimport { toQueryString } from '../util';\nimport {\n getOAuthUrls,\n} from './util/oauth';\nimport { btoa } from '../crypto';\nimport AuthSdkError from '../errors/AuthSdkError';\nimport {\n OktaAuthOAuthInterface,\n RevocableToken,\n AccessToken,\n RefreshToken\n} from './types';\n\n// refresh tokens have precedence to be revoked if no token is specified\nexport async function revokeToken(sdk: OktaAuthOAuthInterface, token: RevocableToken): Promise<any> {\n let accessToken = '';\n let refreshToken = '';\n if (token) { \n accessToken = (token as AccessToken).accessToken;\n refreshToken = (token as RefreshToken).refreshToken; \n }\n if(!accessToken && !refreshToken) { \n throw new AuthSdkError('A valid access or refresh token object is required');\n }\n var clientId = sdk.options.clientId;\n var clientSecret = sdk.options.clientSecret;\n if (!clientId) {\n throw new AuthSdkError('A clientId must be specified in the OktaAuth constructor to revoke a token');\n }\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var revokeUrl = getOAuthUrls(sdk).revokeUrl!;\n var args = toQueryString({\n // eslint-disable-next-line camelcase\n token_type_hint: refreshToken ? 'refresh_token' : 'access_token', \n token: refreshToken || accessToken,\n }).slice(1);\n var creds = clientSecret ? btoa(`${clientId}:${clientSecret}`) : btoa(clientId);\n return post(sdk, revokeUrl, args, {\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n 'Authorization': 'Basic ' + creds\n }\n });\n}\n","import {\n CookieOptions,\n StorageManagerOptions,\n StorageOptions,\n StorageUtil\n} from '../storage/types';\nimport { BaseStorageManager, logServerSideMemoryStorageWarning } from '../storage/BaseStorageManager';\nimport { TransactionStorage, OAuthTransactionMeta, OAuthStorageManagerInterface, PKCETransactionMeta } from './types';\nimport { SavedObject } from '../storage';\nimport { ORIGINAL_URI_STORAGE_NAME, SHARED_TRANSACTION_STORAGE_NAME, TRANSACTION_STORAGE_NAME } from '../constants';\n\n\nexport function createOAuthStorageManager<M extends OAuthTransactionMeta = PKCETransactionMeta>()\n{\n return class OAuthStorageManager\n extends BaseStorageManager\n implements OAuthStorageManagerInterface<M>\n {\n constructor(storageManagerOptions: StorageManagerOptions, cookieOptions: CookieOptions, storageUtil: StorageUtil) {\n super(storageManagerOptions, cookieOptions, storageUtil);\n }\n\n getTransactionStorage(options?: StorageOptions): TransactionStorage<M> {\n options = this.getOptionsForSection('transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getSharedTansactionStorage(options?: StorageOptions): TransactionStorage<M> {\n options = this.getOptionsForSection('shared-transaction', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || SHARED_TRANSACTION_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n getOriginalUriStorage(options?: StorageOptions): TransactionStorage<M> {\n options = this.getOptionsForSection('original-uri', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || ORIGINAL_URI_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n };\n\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { UserClaims } from './UserClaims';\n\nexport interface AbstractToken {\n expiresAt: number;\n authorizeUrl: string;\n scopes: string[];\n pendingRemove?: boolean;\n extraParams?: Record<string, string>;\n}\n\nexport interface AccessToken extends AbstractToken {\n accessToken: string;\n claims: UserClaims;\n tokenType: string;\n userinfoUrl: string;\n dpopPairId?: string;\n}\n\nexport interface RefreshToken extends AbstractToken {\n refreshToken: string;\n tokenUrl: string;\n issuer: string;\n dpopPairId?: string;\n}\n\nexport interface IDToken extends AbstractToken {\n idToken: string;\n claims: UserClaims;\n issuer: string;\n clientId: string;\n}\n\nexport type Token = AccessToken | IDToken | RefreshToken;\nexport type RevocableToken = AccessToken | RefreshToken;\n\nexport type TokenType = 'accessToken' | 'idToken' | 'refreshToken';\nexport enum TokenKind {\n ACCESS = 'accessToken',\n ID = 'idToken',\n REFRESH = 'refreshToken',\n}\n\nexport function isToken(obj: any): obj is Token {\n if (obj &&\n (obj.accessToken || obj.idToken || obj.refreshToken) &&\n Array.isArray(obj.scopes)) {\n return true;\n }\n return false;\n}\n\nexport function isAccessToken(obj: any): obj is AccessToken {\n return obj && obj.accessToken;\n}\n\nexport function isIDToken(obj: any): obj is IDToken {\n return obj && obj.idToken;\n}\n\nexport function isRefreshToken(obj: any): obj is RefreshToken {\n return obj && obj.refreshToken;\n}\n\nexport interface Tokens {\n accessToken?: AccessToken;\n idToken?: IDToken;\n refreshToken?: RefreshToken;\n}\n","/* eslint-disable max-len */\nimport { StorageProvider } from '../../storage/types';\nimport { TokenManagerOptions } from './options';\nimport { AccessToken, IDToken, RefreshToken, Token, Tokens, TokenType } from './Token';\n\nexport interface TokenManagerError {\n errorSummary: string;\n errorCode: string;\n message: string;\n name: string;\n tokenKey: string;\n}\n\nexport declare type AccessTokenCallback = (key: string, token: AccessToken) => void;\nexport declare type IDTokenCallback = (key: string, token: IDToken) => void;\nexport declare type RefreshTokenCallback = (key: string, token: RefreshToken) => void;\n\nexport const EVENT_EXPIRED = 'expired';\nexport const EVENT_RENEWED = 'renewed';\nexport const EVENT_ADDED = 'added';\nexport const EVENT_REMOVED = 'removed';\nexport const EVENT_ERROR = 'error';\nexport const EVENT_SET_STORAGE = 'set_storage';\n\nexport declare type TokenManagerErrorEventHandler = (error: TokenManagerError) => void;\nexport declare type TokenManagerEventHandler = (key: string, token: Token) => void;\nexport declare type TokenManagerRenewEventHandler = (key: string, token: Token, oldtoken: Token) => void;\nexport declare type TokenManagerSetStorageEventHandler = (storage: Tokens) => void;\n\nexport declare type TokenManagerAnyEventHandler = TokenManagerErrorEventHandler | TokenManagerRenewEventHandler | TokenManagerSetStorageEventHandler | TokenManagerEventHandler;\nexport declare type TokenManagerAnyEvent = typeof EVENT_RENEWED | typeof EVENT_ERROR | typeof EVENT_SET_STORAGE | typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED;\n\n// only add methods needed internally\nexport interface TokenManagerInterface {\n on(event: typeof EVENT_RENEWED, handler: TokenManagerRenewEventHandler, context?: object): void;\n on(event: typeof EVENT_ERROR, handler: TokenManagerErrorEventHandler, context?: object): void;\n on(event: typeof EVENT_SET_STORAGE, handler: TokenManagerSetStorageEventHandler, context?: object): void;\n on(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler: TokenManagerEventHandler, context?: object): void;\n\n off(event: typeof EVENT_RENEWED, handler?: TokenManagerRenewEventHandler): void;\n off(event: typeof EVENT_ERROR, handler?: TokenManagerErrorEventHandler): void;\n off(event: typeof EVENT_SET_STORAGE, handler?: TokenManagerSetStorageEventHandler): void;\n off(event: typeof EVENT_EXPIRED | typeof EVENT_ADDED | typeof EVENT_REMOVED, handler?: TokenManagerEventHandler): void;\n\n clear(): void;\n setExpireEventTimeout(key: string, token: Token): void;\n clearExpireEventTimeout(key: string): void;\n clearExpireEventTimeoutAll(): void;\n emitAdded(key: string, token: Token): void;\n emitError(error: Error): void;\n emitRemoved(key: string, token: Token): void;\n emitRenewed(key: string, token: Token, oldToken?: Token): void;\n renew(key: string): Promise<Token | undefined>;\n remove(key: string): void;\n hasExpired(token: Token): boolean;\n getExpireTime(token: Token): number;\n\n get(key): Promise<Token | undefined>;\n getSync(key): Token | undefined;\n getTokens(): Promise<Tokens>;\n getTokensSync(): Tokens;\n setTokens({ accessToken, idToken, refreshToken }: Tokens, accessTokenCb?: AccessTokenCallback, idTokenCb?: IDTokenCallback, refreshTokenCb?: RefreshTokenCallback): void;\n getStorageKeyByType(type: TokenType): string;\n add(key: any, token: Token): void;\n updateRefreshToken(token: RefreshToken);\n removeRefreshToken(): void;\n clearPendingRemoveTokens(): void;\n\n getOptions(): TokenManagerOptions;\n getStorage(): StorageProvider;\n\n start();\n stop();\n isStarted(): boolean;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { IdxTransactionMeta } from '../../idx/types/meta';\nimport { OAuthTransactionMeta, PKCETransactionMeta } from './meta';\nimport { OAuthStorageManagerInterface } from './storage';\n\nexport interface TransactionManagerOptions\n{\n storageManager?: OAuthStorageManagerInterface;\n enableSharedStorage?: boolean; // default true\n saveNonceCookie?: boolean; // default true\n saveStateCookie?: boolean; // default true\n saveParamsCookie?: boolean; // default true\n saveLastResponse?: boolean; // default true\n}\n\n\nexport type CustomAuthTransactionMeta = Record<string, string | undefined>;\n\nexport type TransactionMeta =\n IdxTransactionMeta |\n PKCETransactionMeta |\n OAuthTransactionMeta |\n CustomAuthTransactionMeta;\n\n\nfunction isObjectWithProperties(obj) {\n if (!obj || typeof obj !== 'object' || Object.values(obj).length === 0) {\n return false;\n }\n return true;\n}\n\nexport function isOAuthTransactionMeta(obj: any): obj is OAuthTransactionMeta {\n if (!isObjectWithProperties(obj)) {\n return false;\n }\n return !!obj.redirectUri || !!obj.responseType;\n}\n\nexport function isPKCETransactionMeta(obj: any): obj is PKCETransactionMeta {\n if (!isOAuthTransactionMeta(obj)) {\n return false;\n }\n return !!(obj as any).codeVerifier;\n}\n\nexport function isIdxTransactionMeta(obj: any): obj is IdxTransactionMeta {\n if (!isPKCETransactionMeta(obj)) {\n return false;\n }\n return !!(obj as any).interactionHandle;\n}\n\nexport function isCustomAuthTransactionMeta(obj: any): obj is CustomAuthTransactionMeta {\n if (!isObjectWithProperties(obj)) {\n return false;\n }\n const isAllStringValues = Object.values(obj).find((value) => (typeof value !== 'string')) === undefined;\n return isAllStringValues;\n}\n\nexport function isTransactionMeta(obj: any): obj is TransactionMeta {\n if (isOAuthTransactionMeta(obj) || isCustomAuthTransactionMeta(obj)) {\n return true;\n }\n return false;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window, document */\n/* eslint-disable complexity, max-statements */\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface } from '../types';\n\nconst DEFAULT_TIMEOUT = 120000;\n\nexport function addListener(eventTarget, name, fn) {\n if (eventTarget.addEventListener) {\n eventTarget.addEventListener(name, fn);\n } else {\n eventTarget.attachEvent('on' + name, fn);\n }\n}\n\nexport function removeListener(eventTarget, name, fn) {\n if (eventTarget.removeEventListener) {\n eventTarget.removeEventListener(name, fn);\n } else {\n eventTarget.detachEvent('on' + name, fn);\n }\n}\n\nexport function loadFrame(src) {\n var iframe = document.createElement('iframe');\n iframe.style.display = 'none';\n iframe.src = src;\n\n return document.body.appendChild(iframe);\n}\n\nexport function loadPopup(src, options) {\n var title = options.popupTitle || 'External Identity Provider User Authentication';\n var appearance = 'toolbar=no, scrollbars=yes, resizable=yes, ' +\n 'top=100, left=500, width=600, height=600';\n return window.open(src, title, appearance);\n}\n\nexport function addPostMessageListener(sdk: OktaAuthOAuthInterface, timeout, state) {\n var responseHandler;\n var timeoutId;\n var msgReceivedOrTimeout = new Promise(function (resolve, reject) {\n\n responseHandler = function responseHandler(e) {\n if (!e.data || e.data.state !== state) {\n // A message not meant for us\n return;\n }\n\n // Configuration mismatch between saved token and current app instance\n // This may happen if apps with different issuers are running on the same host url\n // If they share the same storage key, they may read and write tokens in the same location.\n // Common when developing against http://localhost\n if (e.origin !== sdk.getIssuerOrigin()) {\n return reject(new AuthSdkError('The request does not match client configuration'));\n }\n resolve(e.data);\n };\n\n addListener(window, 'message', responseHandler);\n\n timeoutId = setTimeout(function () {\n reject(new AuthSdkError('OAuth flow timed out'));\n }, timeout || DEFAULT_TIMEOUT);\n });\n\n return msgReceivedOrTimeout\n .finally(function () {\n clearTimeout(timeoutId);\n removeListener(window, 'message', responseHandler);\n });\n}\n\nexport function addIDPPopupLisenter (\n sdk: OktaAuthOAuthInterface,\n timeout: number | undefined,\n channel: BroadcastChannel,\n state: string\n) {\n let timeoutId;\n\n const promise = new Promise((resolve, reject) => {\n channel.onmessage = (event) => {\n // ignore invalid or untrusted events\n if (!event.isTrusted || !event.data) {\n return;\n }\n\n if (typeof event.data === 'object' && state === event.data.state) {\n return resolve({ ...event.data });\n }\n\n reject(new AuthSdkError('Unable to complete auth code exchange'));\n };\n\n timeoutId = setTimeout(function () {\n reject(new AuthSdkError('OAuth flow timed out'));\n }, timeout || DEFAULT_TIMEOUT);\n });\n\n return promise\n .finally(() => {\n clearTimeout(timeoutId);\n channel.close();\n });\n}\n","\n/* global window */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { generateState } from './oauth';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { isBrowser } from '../../features';\nimport { removeNils } from '../../util';\n\nexport function getDefaultEnrollAuthenticatorParams(sdk: OktaAuthOAuthInterface): TokenParams {\n const {\n clientId,\n redirectUri,\n responseMode,\n state,\n } = sdk.options;\n const defaultRedirectUri = isBrowser() ? window.location.href : undefined;\n return removeNils({\n clientId,\n redirectUri: redirectUri || defaultRedirectUri,\n responseMode,\n state: state || generateState(),\n responseType: 'none',\n prompt: 'enroll_authenticator',\n });\n}","\n/* global window */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { generateNonce, generateState } from './oauth';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { isBrowser } from '../../features';\nimport { removeNils } from '../../util';\n\nexport function getDefaultTokenParams(sdk: OktaAuthOAuthInterface): TokenParams {\n const {\n pkce,\n clientId,\n redirectUri,\n responseType,\n responseMode,\n scopes,\n acrValues,\n maxAge,\n state,\n ignoreSignature,\n dpop\n } = sdk.options;\n const defaultRedirectUri = isBrowser() ? window.location.href : undefined;\n return removeNils({\n pkce,\n clientId,\n redirectUri: redirectUri || defaultRedirectUri,\n responseType: responseType || ['token', 'id_token'],\n responseMode,\n state: state || generateState(),\n nonce: generateNonce(),\n scopes: scopes || ['openid', 'email'],\n acrValues,\n maxAge,\n ignoreSignature,\n dpop,\n });\n}","/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport { OAuthTransactionMeta, OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';\nimport { getOAuthUrls } from './oauth';\n\nexport function createEnrollAuthenticatorMeta(\n sdk: OktaAuthOAuthInterface, \n params: EnrollAuthenticatorOptions\n): OAuthTransactionMeta {\n const issuer = sdk.options.issuer!;\n const urls = getOAuthUrls(sdk, params);\n const oauthMeta: OAuthTransactionMeta = {\n issuer,\n urls,\n clientId: params.clientId!,\n redirectUri: params.redirectUri!,\n responseType: params.responseType!,\n responseMode: params.responseMode!,\n state: params.state!,\n acrValues: params.acrValues,\n enrollAmrValues: params.enrollAmrValues,\n };\n\n return oauthMeta;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\nimport { OktaAuthOAuthInterface } from '../types';\nimport { OAuthError, AuthApiError, isOAuthError } from '../../errors';\n\nexport function isInteractionRequiredError(error: Error) {\n if (error.name !== 'OAuthError') {\n return false;\n }\n const oauthError = error as OAuthError;\n return (oauthError.errorCode === 'interaction_required');\n}\n\nexport function isAuthorizationCodeError(sdk: OktaAuthOAuthInterface, error: Error) {\n if (error.name !== 'AuthApiError') {\n return false;\n }\n const authApiError = error as AuthApiError;\n // xhr property doesn't seem to match XMLHttpRequest type\n const errorResponse = authApiError.xhr as unknown as Record<string, unknown>;\n const responseJSON = errorResponse?.responseJSON as Record<string, unknown>;\n return sdk.options.pkce && (responseJSON?.error as string === 'invalid_grant');\n}\n\nexport function isRefreshTokenInvalidError(error: unknown): boolean {\n // error: {\"error\":\"invalid_grant\",\"error_description\":\"The refresh token is invalid or expired.\"}\n return isOAuthError(error) &&\n error.errorCode === 'invalid_grant' &&\n error.errorSummary === 'The refresh token is invalid or expired.';\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\n/* eslint-disable complexity, max-statements */\nimport { OktaAuthOAuthOptions, OktaAuthOAuthInterface, OAuthResponseType } from '../types';\n\nexport function hasTokensInHash(hash: string): boolean {\n return /[?&#](id|access)_token=/.test(hash);\n}\n\n// authorization_code\nexport function hasAuthorizationCode(hashOrSearch: string): boolean {\n return /[?&#]code=/.test(hashOrSearch);\n}\n\n// interaction_code\nexport function hasInteractionCode(hashOrSearch: string): boolean {\n return /[?&#]interaction_code=/.test(hashOrSearch);\n}\n\nexport function hasErrorInUrl(hashOrSearch: string): boolean {\n return /[?&#]error=/.test(hashOrSearch) || /[?&#]error_description/.test(hashOrSearch);\n}\n\nexport function isRedirectUri(uri: string, sdk: OktaAuthOAuthInterface): boolean {\n var authParams = sdk.options;\n if (!uri || !authParams.redirectUri) {\n return false;\n }\n return uri.indexOf(authParams.redirectUri) === 0;\n}\n\nexport function isCodeFlow(options: OktaAuthOAuthOptions) {\n return options.pkce || options.responseType === 'code' || options.responseMode === 'query';\n}\n\nexport function hasResponseType(responseType: OAuthResponseType, options: OktaAuthOAuthOptions): boolean {\n let hasResponseType = false;\n if (Array.isArray(options.responseType) && options.responseType.length) {\n hasResponseType = options.responseType.indexOf(responseType) >= 0;\n } else {\n hasResponseType = options.responseType === responseType;\n }\n return hasResponseType;\n}\n\nexport function getHashOrSearch(options: OktaAuthOAuthOptions) {\n var codeFlow = isCodeFlow(options);\n var useQuery = codeFlow && options.responseMode !== 'fragment';\n return useQuery ? window.location.search : window.location.hash;\n}\n\n/**\n * Check if tokens or a code have been passed back into the url, which happens in\n * the OIDC (including social auth IDP) redirect flow.\n */\nexport function isLoginRedirect (sdk: OktaAuthOAuthInterface) {\n // First check, is this a redirect URI?\n if (!isRedirectUri(window.location.href, sdk)){\n return false;\n }\n\n // The location contains either a code, token, or an error + error_description\n var codeFlow = isCodeFlow(sdk.options);\n var hashOrSearch = getHashOrSearch(sdk.options);\n\n if (hasErrorInUrl(hashOrSearch)) {\n return true;\n }\n\n if (codeFlow) {\n var hasCode = hasAuthorizationCode(hashOrSearch) || hasInteractionCode(hashOrSearch);\n return hasCode;\n }\n\n // implicit flow, will always be hash fragment\n return hasTokensInHash(window.location.hash);\n}\n\n/**\n * Check if error=interaction_required has been passed back in the url, which happens in\n * the social auth IDP redirect flow.\n */\nexport function isInteractionRequired (sdk: OktaAuthOAuthInterface, hashOrSearch?: string) {\n if (!hashOrSearch) { // web only\n // First check, is this a redirect URI?\n if (!isLoginRedirect(sdk)){\n return false;\n }\n \n hashOrSearch = getHashOrSearch(sdk.options);\n }\n return /(error=interaction_required)/i.test(hashOrSearch);\n}","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* eslint-disable complexity, max-statements */\nimport { genRandomString, removeTrailingSlash } from '../../util';\nimport AuthSdkError from '../../errors/AuthSdkError';\nimport { OktaAuthOAuthInterface, CustomUrls } from '../types';\n\nexport function generateState() {\n return genRandomString(64);\n}\n\nexport function generateNonce() {\n return genRandomString(64);\n}\n\nfunction getIssuer(sdk: OktaAuthOAuthInterface, options: CustomUrls = {}) {\n const issuer = removeTrailingSlash(options.issuer) || sdk.options.issuer;\n return issuer;\n}\n\nexport function getOAuthBaseUrl(sdk: OktaAuthOAuthInterface, options: CustomUrls = {}) {\n const issuer = getIssuer(sdk, options);\n const baseUrl = issuer.indexOf('/oauth2') > 0 ? issuer : issuer + '/oauth2';\n return baseUrl;\n}\n\nexport function getOAuthDomain(sdk: OktaAuthOAuthInterface, options: CustomUrls = {}) {\n const issuer = getIssuer(sdk, options);\n const domain = issuer.split('/oauth2')[0];\n return domain;\n}\n\nexport function getOAuthUrls(sdk: OktaAuthOAuthInterface, options?: CustomUrls): CustomUrls {\n if (arguments.length > 2) {\n throw new AuthSdkError('As of version 3.0, \"getOAuthUrls\" takes only a single set of options');\n }\n options = options || {};\n\n // Get user-supplied arguments\n var authorizeUrl = removeTrailingSlash(options.authorizeUrl) || sdk.options.authorizeUrl;\n var issuer = getIssuer(sdk, options);\n var userinfoUrl = removeTrailingSlash(options.userinfoUrl) || sdk.options.userinfoUrl;\n var tokenUrl = removeTrailingSlash(options.tokenUrl) || sdk.options.tokenUrl;\n var logoutUrl = removeTrailingSlash(options.logoutUrl) || sdk.options.logoutUrl;\n var revokeUrl = removeTrailingSlash(options.revokeUrl) || sdk.options.revokeUrl;\n\n var baseUrl = getOAuthBaseUrl(sdk, options);\n\n authorizeUrl = authorizeUrl || baseUrl + '/v1/authorize';\n userinfoUrl = userinfoUrl || baseUrl + '/v1/userinfo';\n tokenUrl = tokenUrl || baseUrl + '/v1/token';\n revokeUrl = revokeUrl || baseUrl + '/v1/revoke';\n logoutUrl = logoutUrl || baseUrl + '/v1/logout';\n\n return {\n issuer: issuer,\n authorizeUrl: authorizeUrl,\n userinfoUrl: userinfoUrl,\n tokenUrl: tokenUrl,\n revokeUrl: revokeUrl,\n logoutUrl: logoutUrl\n };\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport { OAuthTransactionMeta, OktaAuthOAuthInterface, PKCETransactionMeta, TokenParams } from '../types';\nimport { getOAuthUrls } from './oauth';\n\nexport function createOAuthMeta(\n sdk: OktaAuthOAuthInterface, \n tokenParams: TokenParams\n): OAuthTransactionMeta | PKCETransactionMeta {\n const issuer = sdk.options.issuer!;\n const urls = getOAuthUrls(sdk, tokenParams);\n const oauthMeta: OAuthTransactionMeta = {\n issuer,\n urls,\n clientId: tokenParams.clientId!,\n redirectUri: tokenParams.redirectUri!,\n responseType: tokenParams.responseType!,\n responseMode: tokenParams.responseMode!,\n scopes: tokenParams.scopes!,\n state: tokenParams.state!,\n nonce: tokenParams.nonce!,\n ignoreSignature: tokenParams.ignoreSignature!,\n acrValues: tokenParams.acrValues,\n extraParams: tokenParams.extraParams\n };\n\n if (tokenParams.pkce === false) {\n // Implicit flow or authorization_code without PKCE\n return oauthMeta;\n }\n\n const pkceMeta: PKCETransactionMeta = {\n ...oauthMeta,\n codeVerifier: tokenParams.codeVerifier!,\n codeChallengeMethod: tokenParams.codeChallengeMethod!,\n codeChallenge: tokenParams.codeChallenge!,\n };\n\n return pkceMeta;\n}\n","/*!\n * Copyright (c) 2019-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\n /* eslint-disable complexity, max-statements */\nimport { stringToBase64Url, webcrypto } from '../../crypto';\nimport { MIN_VERIFIER_LENGTH, MAX_VERIFIER_LENGTH, DEFAULT_CODE_CHALLENGE_METHOD } from '../../constants';\n\nfunction dec2hex (dec) {\n return ('0' + dec.toString(16)).substr(-2);\n}\n\nfunction getRandomString(length) {\n var a = new Uint8Array(Math.ceil(length / 2));\n webcrypto.getRandomValues(a);\n var str = Array.from(a, dec2hex).join('');\n return str.slice(0, length);\n}\n\nfunction generateVerifier(prefix?: string): string {\n var verifier = prefix || '';\n if (verifier.length < MIN_VERIFIER_LENGTH) {\n verifier = verifier + getRandomString(MIN_VERIFIER_LENGTH - verifier.length);\n }\n return encodeURIComponent(verifier).slice(0, MAX_VERIFIER_LENGTH);\n}\n\nfunction computeChallenge(str: string): PromiseLike<any> { \n var buffer = new TextEncoder().encode(str);\n return webcrypto.subtle.digest('SHA-256', buffer).then(function(arrayBuffer) {\n var hash = String.fromCharCode.apply(null, new Uint8Array(arrayBuffer) as unknown as number[]);\n var b64u = stringToBase64Url(hash); // url-safe base64 variant\n return b64u;\n });\n}\n\nexport default {\n DEFAULT_CODE_CHALLENGE_METHOD,\n generateVerifier,\n computeChallenge\n};\n","/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, EnrollAuthenticatorOptions } from '../types';\nimport { getDefaultEnrollAuthenticatorParams } from './defaultEnrollAuthenticatorParams';\n\nfunction prepareParams(\n params: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n params = {\n ...params,\n // forced params:\n responseType: 'none',\n prompt: 'enroll_authenticator',\n maxAge: 0,\n };\n\n if (!params.enrollAmrValues) {\n throw new AuthSdkError('enroll_amr_values must be specified');\n }\n if (!params.acrValues) {\n // `acr_values` is required and should equal 'urn:okta:2fa:any:ifpossible'\n // But this can be changed in future\n throw new AuthSdkError('acr_values must be specified');\n }\n\n // `scope`, `nonce` must be omitted\n delete params.scopes;\n delete params.nonce;\n\n return params;\n}\n\n// Prepares params for a call to /authorize\nexport function prepareEnrollAuthenticatorParams(\n sdk: OktaAuthOAuthInterface,\n options: EnrollAuthenticatorOptions\n): EnrollAuthenticatorOptions {\n return prepareParams({\n ...getDefaultEnrollAuthenticatorParams(sdk),\n ...options\n });\n}\n","/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown } from '../endpoints/well-known';\nimport { AuthSdkError } from '../../errors';\nimport { OktaAuthOAuthInterface, TokenParams } from '../types';\nimport { getDefaultTokenParams } from './defaultTokenParams';\nimport { DEFAULT_CODE_CHALLENGE_METHOD } from '../../constants';\nimport PKCE from './pkce';\nimport { OktaAuthBaseInterface } from '../../base/types';\n\nexport function assertPKCESupport(sdk: OktaAuthBaseInterface) {\n if (!sdk.features.isPKCESupported()) {\n var errorMessage = 'PKCE requires a modern browser with encryption support running in a secure context.';\n if (!sdk.features.isHTTPS()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\nThe current page is not being served with HTTPS protocol. PKCE requires secure HTTPS protocol.';\n }\n if (!sdk.features.hasTextEncoder()) {\n // eslint-disable-next-line max-len\n errorMessage += '\\n\"TextEncoder\" is not defined. To use PKCE, you may need to include a polyfill/shim for this browser.';\n }\n throw new AuthSdkError(errorMessage);\n }\n}\n\nexport async function validateCodeChallengeMethod(sdk: OktaAuthOAuthInterface, codeChallengeMethod?: string) {\n // set default code challenge method, if none provided\n codeChallengeMethod = codeChallengeMethod || sdk.options.codeChallengeMethod || DEFAULT_CODE_CHALLENGE_METHOD;\n\n // validate against .well-known/openid-configuration\n const wellKnownResponse = await getWellKnown(sdk);\n var methods = wellKnownResponse['code_challenge_methods_supported'] || [];\n if (methods.indexOf(codeChallengeMethod) === -1) {\n throw new AuthSdkError('Invalid code_challenge_method');\n }\n return codeChallengeMethod;\n}\n\nexport async function preparePKCE(\n sdk: OktaAuthOAuthInterface, \n tokenParams: TokenParams\n): Promise<TokenParams> {\n let {\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n } = tokenParams;\n\n // PKCE calculations can be avoided by passing a codeChallenge\n codeChallenge = codeChallenge || sdk.options.codeChallenge;\n if (!codeChallenge) {\n assertPKCESupport(sdk);\n codeVerifier = codeVerifier || PKCE.generateVerifier();\n codeChallenge = await PKCE.computeChallenge(codeVerifier);\n }\n codeChallengeMethod = await validateCodeChallengeMethod(sdk, codeChallengeMethod);\n\n // Clone/copy the params. Set PKCE values\n tokenParams = {\n ...tokenParams,\n responseType: 'code', // responseType is forced\n codeVerifier,\n codeChallenge,\n codeChallengeMethod\n };\n\n return tokenParams;\n}\n\n// Prepares params for a call to /authorize or /token\nexport async function prepareTokenParams(\n sdk: OktaAuthOAuthInterface,\n tokenParams: TokenParams = {}\n): Promise<TokenParams> {\n // build params using defaults + options\n const defaults = getDefaultTokenParams(sdk);\n tokenParams = { ...defaults, ...tokenParams };\n\n if (tokenParams.dpop && !sdk.features.isDPoPSupported()) {\n throw new AuthSdkError('DPoP has been configured, but is not supported by browser');\n }\n\n if (tokenParams.pkce === false) {\n // Implicit flow or authorization_code without PKCE\n return tokenParams;\n }\n\n return preparePKCE(sdk, tokenParams);\n}","import { RefreshToken } from '../types';\nimport { isAuthApiError } from '../../errors';\n\nexport function isSameRefreshToken(a: RefreshToken, b: RefreshToken) {\n return (a.refreshToken === b.refreshToken);\n}\n\nexport function isRefreshTokenError(err: Error) {\n if (!isAuthApiError(err)) {\n return false;\n }\n\n if (!err.xhr || !err.xhr.responseJSON) {\n return false;\n }\n\n const { responseJSON } = err.xhr;\n if (responseJSON.error === 'invalid_grant') {\n return true;\n }\n\n return false;\n}","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* eslint-disable complexity, max-statements */\n\nexport function urlParamsToObject(hashOrSearch: string) {\n // Predefine regexs for parsing hash\n var plus2space = /\\+/g;\n var paramSplit = /([^&=]+)=?([^&]*)/g;\n var fragment = hashOrSearch || '';\n\n // Some hash based routers will automatically add a / character after the hash\n if (fragment.charAt(0) === '#' && fragment.charAt(1) === '/') {\n fragment = fragment.substring(2);\n }\n\n // Remove the leading # or ?\n if (fragment.charAt(0) === '#' || fragment.charAt(0) === '?') {\n fragment = fragment.substring(1);\n }\n\n\n var obj = {};\n\n // Loop until we have no more params\n var param;\n while (true) { // eslint-disable-line no-constant-condition\n param = paramSplit.exec(fragment);\n if (!param) { break; }\n\n var key = param[1];\n var value = param[2];\n\n // id_token should remain base64url encoded\n if (key === 'id_token' || key === 'access_token' || key === 'code') {\n obj[key] = value;\n } else {\n obj[key] = decodeURIComponent(value.replace(plus2space, ' '));\n }\n }\n return obj;\n}\n","/* eslint-disable @typescript-eslint/no-non-null-assertion */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* eslint-disable complexity, max-statements */\n\nimport AuthSdkError from '../../errors/AuthSdkError';\nimport { OktaAuthOAuthInterface, TokenVerifyParams, UserClaims } from '../../oidc/types';\n\nexport function validateClaims(sdk: OktaAuthOAuthInterface, claims: UserClaims, validationParams: TokenVerifyParams) {\n const aud = validationParams.clientId;\n const iss = validationParams.issuer;\n const nonce = validationParams.nonce;\n const acr = validationParams.acrValues;\n\n if (!claims || !iss || !aud) {\n throw new AuthSdkError('The jwt, iss, and aud arguments are all required');\n }\n\n if (nonce && claims.nonce !== nonce) {\n throw new AuthSdkError('OAuth flow response nonce doesn\\'t match request nonce');\n }\n\n const now = Math.floor(Date.now()/1000);\n\n if (claims.iss !== iss) {\n throw new AuthSdkError('The issuer [' + claims.iss + '] ' +\n 'does not match [' + iss + ']');\n }\n\n if ((Array.isArray(claims.aud) && claims.aud.indexOf(aud) < 0) ||\n (!Array.isArray(claims.aud) && claims.aud !== aud))\n {\n throw new AuthSdkError('The audience [' + claims.aud + '] ' +\n 'does not match [' + aud + ']');\n }\n\n if (acr && claims.acr !== acr) {\n throw new AuthSdkError('The acr [' + claims.acr + '] ' +\n 'does not match acr_values [' + acr + ']');\n }\n\n if (claims.iat! > claims.exp!) {\n throw new AuthSdkError('The JWT expired before it was issued');\n }\n\n if (!sdk.options.ignoreLifetime) {\n if ((now - sdk.options.maxClockSkew!) > claims.exp!) {\n throw new AuthSdkError('The JWT expired and is no longer valid');\n }\n\n if (claims.iat! > (now + sdk.options.maxClockSkew!)) {\n throw new AuthSdkError('The JWT was issued in the future');\n }\n }\n}\n","/* eslint-disable complexity */\n\nimport { AuthSdkError } from '../../errors';\nimport { isAccessToken, isIDToken, isRefreshToken, Token, TokenType } from '../../oidc/types';\n\nexport function validateToken(token: Token, type?: TokenType) {\n if (!isIDToken(token) && !isAccessToken(token) && !isRefreshToken(token)) {\n throw new AuthSdkError(\n 'Token must be an Object with scopes, expiresAt, and one of: an idToken, accessToken, or refreshToken property'\n );\n }\n \n if (type === 'accessToken' && !isAccessToken(token)) {\n throw new AuthSdkError('invalid accessToken');\n } \n if (type === 'idToken' && !isIDToken(token)) {\n throw new AuthSdkError('invalid idToken');\n }\n\n if (type === 'refreshToken' && !isRefreshToken(token)) {\n throw new AuthSdkError('invalid refreshToken');\n }\n}","/* eslint-disable max-len */\n/* eslint-disable complexity */\n/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\nimport { getWellKnown, getKey } from './endpoints/well-known';\nimport { validateClaims } from './util';\nimport { AuthSdkError } from '../errors';\nimport { IDToken, OktaAuthOAuthInterface, TokenVerifyParams } from '../oidc/types';\nimport { decodeToken } from './decodeToken';\nimport * as sdkCrypto from '../crypto';\n\n// Verify the id token\nexport async function verifyToken(sdk: OktaAuthOAuthInterface, token: IDToken, validationParams: TokenVerifyParams): Promise<IDToken> {\n if (!token || !token.idToken) {\n throw new AuthSdkError('Only idTokens may be verified');\n }\n\n // Decode the Jwt object (may throw)\n const jwt = decodeToken(token.idToken);\n\n // The configured issuer may point to a frontend proxy.\n // Get the \"real\" issuer from .well-known/openid-configuration\n const configuredIssuer = validationParams?.issuer || sdk.options.issuer;\n const { issuer } = await getWellKnown(sdk, configuredIssuer);\n\n const validationOptions: TokenVerifyParams = Object.assign({\n // base options, can be overridden by params\n clientId: sdk.options.clientId,\n ignoreSignature: sdk.options.ignoreSignature\n }, validationParams, {\n // final options, cannot be overridden\n issuer\n });\n\n // Standard claim validation (may throw)\n validateClaims(sdk, jwt.payload, validationOptions);\n\n // If the browser doesn't support native crypto or we choose not\n // to verify the signature, bail early\n if (validationOptions.ignoreSignature == true || !sdk.features.isTokenVerifySupported()) {\n return token;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n const key = await getKey(sdk, token.issuer, jwt.header.kid!);\n const valid = await sdkCrypto.verifyToken(token.idToken, key);\n if (!valid) {\n throw new AuthSdkError('The token signature is not valid');\n }\n if (validationParams && validationParams.accessToken && token.claims.at_hash) {\n const hash = await sdkCrypto.getOidcHash(validationParams.accessToken);\n if (hash !== token.claims.at_hash) {\n throw new AuthSdkError('Token hash verification failed');\n }\n }\n return token;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n/* global window */\nimport { omit, getLink, toQueryString } from '../util';\nimport { get, post, httpRequest } from '../http';\n\nfunction sessionExists(sdk) {\n return sdk.session.get()\n .then(function(res) {\n if (res.status === 'ACTIVE') {\n return true;\n }\n return false;\n })\n .catch(function() {\n return false;\n });\n}\n\nfunction getSession(sdk) { \n return get(sdk, '/api/v1/sessions/me', { withCredentials: true })\n .then(function(session) {\n var res = omit(session, '_links');\n\n res.refresh = function() {\n return post(sdk, getLink(session, 'refresh').href, {}, { withCredentials: true });\n };\n\n res.user = function() {\n return get(sdk, getLink(session, 'user').href, { withCredentials: true });\n };\n\n return res;\n })\n .catch(function() {\n // Return INACTIVE status on failure\n return {status: 'INACTIVE'};\n });\n}\n\nfunction closeSession(sdk) {\n return httpRequest(sdk, {\n url: sdk.getIssuerOrigin() + '/api/v1/sessions/me',\n method: 'DELETE',\n withCredentials: true\n });\n}\n\nfunction refreshSession(sdk) {\n return post(sdk, '/api/v1/sessions/me/lifecycle/refresh', {}, { withCredentials: true });\n}\n\nfunction setCookieAndRedirect(sdk, sessionToken, redirectUrl) {\n redirectUrl = redirectUrl || window.location.href;\n window.location.assign(sdk.getIssuerOrigin() + '/login/sessionCookieRedirect' +\n toQueryString({\n checkAccountSetupComplete: true,\n token: sessionToken,\n redirectUrl: redirectUrl\n }));\n}\n\nexport {\n sessionExists,\n getSession,\n closeSession,\n refreshSession,\n setCookieAndRedirect\n};\n","import { SessionAPI } from './types';\nimport { closeSession, getSession, refreshSession, sessionExists, setCookieAndRedirect } from './api';\nimport { OktaAuthBaseInterface } from '../base/types';\n\nexport function createSessionApi(sdk: OktaAuthBaseInterface): SessionAPI {\n const session = {\n close: closeSession.bind(null, sdk),\n exists: sessionExists.bind(null, sdk),\n get: getSession.bind(null, sdk),\n refresh: refreshSession.bind(null, sdk),\n setCookieAndRedirect: setCookieAndRedirect.bind(null, sdk)\n };\n return session;\n}\n","import { OktaAuthHttpInterface, OktaAuthHttpOptions } from '../http/types';\nimport { OktaAuthConstructor } from '../base/types';\nimport { createSessionApi } from './factory';\nimport {\n OktaAuthSessionInterface, SessionAPI,\n} from './types';\nimport { StorageManagerInterface } from '../storage/types';\n\nexport function mixinSession\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthHttpOptions = OktaAuthHttpOptions,\n TBase extends OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n = OktaAuthConstructor<OktaAuthHttpInterface<S, O>>\n>\n(Base: TBase): TBase & OktaAuthConstructor<OktaAuthSessionInterface<S, O>>\n{\n return class OktaAuthSession extends Base implements OktaAuthSessionInterface<S, O>\n {\n session: SessionAPI;\n\n constructor(...args: any[]) {\n super(...args);\n\n this.session = createSessionApi(this);\n }\n\n // Ends the current Okta SSO session without redirecting to Okta.\n closeSession(): Promise<boolean> {\n return this.session.close() // DELETE /api/v1/sessions/me\n .then(async () => {\n // Clear all local tokens\n this.clearStorage();\n return true;\n })\n .catch(function(e) {\n if (e.name === 'AuthApiError' && e.errorCode === 'E0000007') {\n // Session does not exist or has already been closed\n return false;\n }\n throw e;\n });\n }\n };\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n\n\nimport {\n TOKEN_STORAGE_NAME,\n CACHE_STORAGE_NAME,\n} from '../constants';\nimport {\n StorageUtil,\n StorageProvider,\n StorageOptions,\n CookieOptions,\n StorageManagerOptions,\n SimpleStorage,\n StorageManagerInterface\n} from './types';\nimport { SavedObject } from './SavedObject';\nimport { isBrowser } from '../features';\nimport { warn } from '../util';\n\nexport function logServerSideMemoryStorageWarning(options: StorageOptions) {\n if (!isBrowser() && !options.storageProvider && !options.storageKey) {\n // eslint-disable-next-line max-len\n warn('Memory storage can only support simple single user use case on server side, please provide custom storageProvider or storageKey if advanced scenarios need to be supported.');\n }\n}\n\n\nexport class BaseStorageManager implements StorageManagerInterface {\n storageManagerOptions: StorageManagerOptions;\n cookieOptions: CookieOptions;\n storageUtil: StorageUtil;\n\n constructor(storageManagerOptions: StorageManagerOptions, cookieOptions: CookieOptions, storageUtil: StorageUtil) {\n this.storageManagerOptions = storageManagerOptions;\n this.cookieOptions = cookieOptions;\n this.storageUtil = storageUtil;\n }\n\n // combines defaults in order\n getOptionsForSection(sectionName: string, overrideOptions?: StorageOptions) {\n return Object.assign({}, this.storageManagerOptions[sectionName], overrideOptions);\n }\n \n // generic method to get any available storage provider\n // eslint-disable-next-line complexity\n getStorage(options: StorageOptions): SimpleStorage {\n options = Object.assign({}, this.cookieOptions, options); // set defaults\n\n if (options.storageProvider) {\n return options.storageProvider;\n }\n\n let { storageType, storageTypes } = options;\n\n if(storageType === 'sessionStorage') {\n options.sessionCookie = true;\n }\n\n // If both storageType and storageTypes are specified, then storageType will be used first\n // If storageType cannot be used but it matches an entry in storageTypes, subsequent entries may be used as fallback\n // if storageType does not match an entry in storageTypes then storageType is used with no fallback.\n if (storageType && storageTypes) {\n const idx = storageTypes.indexOf(storageType);\n if (idx >= 0) {\n storageTypes = storageTypes.slice(idx);\n storageType = undefined;\n }\n }\n\n if (!storageType) {\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n storageType = this.storageUtil.findStorageType(storageTypes!);\n }\n return this.storageUtil.getStorageByType(storageType, options);\n }\n\n // access_token, id_token, refresh_token\n getTokenStorage(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('token', options);\n logServerSideMemoryStorageWarning(options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || TOKEN_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n // caches well-known response, among others\n getHttpCache(options?: StorageOptions): StorageProvider {\n options = this.getOptionsForSection('cache', options);\n const storage = this.getStorage(options);\n const storageKey = options.storageKey || CACHE_STORAGE_NAME;\n return new SavedObject(storage, storageKey);\n }\n\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n *\n */\n\nimport AuthSdkError from '../errors/AuthSdkError';\nimport { StorageProvider, SimpleStorage } from './types';\n\n// formerly known as \"storageBuilder\". Represents an object saved under a key/name.\nexport class SavedObject implements StorageProvider {\n storageProvider: SimpleStorage;\n storageName: string;\n\n constructor(storage: SimpleStorage, storageName: string) {\n if (!storage) {\n throw new AuthSdkError('\"storage\" is required');\n }\n\n if (typeof storageName !== 'string' || !storageName.length) {\n throw new AuthSdkError('\"storageName\" is required');\n }\n\n this.storageName = storageName;\n this.storageProvider = storage;\n }\n\n //\n // SimpleStorage interface\n //\n\n getItem(key: string) {\n return this.getStorage()[key];\n }\n\n setItem(key: string, value: any) {\n return this.updateStorage(key, value);\n }\n\n removeItem(key: string) {\n return this.clearStorage(key);\n }\n\n //\n // StorageProvider interface\n //\n\n getStorage() {\n var storageString = this.storageProvider.getItem(this.storageName);\n storageString = storageString || '{}';\n try {\n return JSON.parse(storageString);\n } catch(e) {\n throw new AuthSdkError('Unable to parse storage string: ' + this.storageName);\n }\n }\n\n setStorage(obj?: any) {\n try {\n var storageString = obj ? JSON.stringify(obj) : '{}';\n this.storageProvider.setItem(this.storageName, storageString);\n } catch(e) {\n throw new AuthSdkError('Unable to set storage: ' + this.storageName);\n }\n }\n\n clearStorage(key?: string) {\n if (!key) {\n // clear all\n if (this.storageProvider.removeItem) {\n this.storageProvider.removeItem(this.storageName);\n } else {\n this.setStorage();\n }\n return;\n }\n\n var obj = this.getStorage();\n delete obj[key];\n this.setStorage(obj);\n }\n\n updateStorage(key, value) {\n var obj = this.getStorage();\n obj[key] = value;\n this.setStorage(obj);\n }\n}\n","import { OktaAuthBaseInterface, OktaAuthConstructor } from '../base/types';\nimport {\n OktaAuthStorageInterface,\n OktaAuthStorageOptions,\n StorageManagerConstructor,\n StorageManagerInterface,\n} from './types';\n\nexport function mixinStorage\n<\n S extends StorageManagerInterface = StorageManagerInterface,\n O extends OktaAuthStorageOptions = OktaAuthStorageOptions,\n TBase extends OktaAuthConstructor<OktaAuthBaseInterface<O>> = OktaAuthConstructor<OktaAuthBaseInterface<O>>\n>\n(\n Base: TBase, StorageManager: StorageManagerConstructor<S>\n): TBase & OktaAuthConstructor<OktaAuthStorageInterface<S, O>>\n{\n return class OktaAuthStorage extends Base implements OktaAuthStorageInterface<S, O>\n {\n storageManager: S;\n constructor(...args: any[]) {\n super(...args);\n const { storageManager, cookies, storageUtil } = this.options;\n this.storageManager = new StorageManager(storageManager!, cookies!, storageUtil!);\n }\n clearStorage(): void {\n // override in subclass\n }\n };\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n/* eslint-disable complexity */\nimport { StorageManagerOptions, StorageUtil, OktaAuthStorageOptions } from '../types';\nimport { warn } from '../../util';\n\nimport { default as browserStorage } from '../../browser/browserStorage';\n\nexport function getStorage(): StorageUtil {\n const storageUtil = Object.assign({}, browserStorage, {\n inMemoryStore: {} // create unique storage for this instance\n });\n return storageUtil;\n}\n\nexport const STORAGE_MANAGER_OPTIONS: StorageManagerOptions = {\n token: {\n storageTypes: [\n 'localStorage',\n 'sessionStorage',\n 'cookie'\n ]\n },\n cache: {\n storageTypes: [\n 'localStorage',\n 'sessionStorage',\n 'cookie'\n ]\n },\n transaction: {\n storageTypes: [\n 'sessionStorage',\n 'localStorage',\n 'cookie'\n ]\n },\n 'shared-transaction': {\n storageTypes: [\n 'localStorage'\n ]\n },\n 'original-uri': {\n storageTypes: [\n 'localStorage'\n ]\n }\n};\n\nexport function getCookieSettings(args: OktaAuthStorageOptions = {}, isHTTPS: boolean) {\n // Secure cookies will be automatically used on a HTTPS connection\n // Non-secure cookies will be automatically used on a HTTP connection\n // secure option can override the automatic behavior\n var cookieSettings = args.cookies || {};\n if (typeof cookieSettings.secure === 'undefined') {\n cookieSettings.secure = isHTTPS;\n }\n if (typeof cookieSettings.sameSite === 'undefined') {\n cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';\n }\n\n // If secure=true, but the connection is not HTTPS, set secure=false.\n if (cookieSettings.secure && !isHTTPS) {\n // eslint-disable-next-line no-console\n warn(\n 'The current page is not being served with the HTTPS protocol.\\n' +\n 'For security reasons, we strongly recommend using HTTPS.\\n' +\n 'If you cannot use HTTPS, set \"cookies.secure\" option to false.'\n );\n cookieSettings.secure = false;\n }\n\n // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure\n // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.\n if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {\n cookieSettings.sameSite = 'lax';\n }\n\n return cookieSettings;\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * \n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nimport { createBaseOptionsConstructor } from '../../base';\nimport { CookieOptions, OktaAuthStorageOptions, StorageManagerOptions, StorageUtil } from '../types';\nimport { getStorage, STORAGE_MANAGER_OPTIONS, getCookieSettings } from './node';\nimport { isHTTPS } from '../../features';\n\nexport function createStorageOptionsConstructor() {\n\n const BaseOptionsConstructor = createBaseOptionsConstructor();\n return class StorageOptionsConstructor extends BaseOptionsConstructor implements Required<OktaAuthStorageOptions> {\n cookies: CookieOptions;\n storageUtil: StorageUtil;\n storageManager: StorageManagerOptions;\n \n constructor(args: any) {\n super(args);\n this.cookies = getCookieSettings(args, isHTTPS())!;\n this.storageUtil = args.storageUtil || getStorage();\n this.storageManager = { ...STORAGE_MANAGER_OPTIONS, ...args.storageManager };\n }\n };\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\n// Implements a queue for synchronous or asynchronous methods\n// Methods will be wrapped in a promise and execute sequentially\n// This can be used to prevent concurrent calls to a single method or a set of methods\n\nimport { isPromise } from './types';\nimport { warn } from './console';\n\ninterface QueueItem {\n method: () => void;\n thisObject: object;\n args: any[];\n resolve: (value?: unknown) => void;\n reject: (reason?: unknown) => void;\n}\n\ninterface PromiseQueueOptions {\n quiet?: boolean; // if false, concurrrency warnings will not be logged\n}\nexport class PromiseQueue {\n queue: QueueItem[];\n running: boolean;\n options: PromiseQueueOptions;\n\n constructor(options: PromiseQueueOptions = { quiet: false }) {\n this.queue = [];\n this.running = false;\n this.options = options;\n }\n\n // Returns a promise\n // If the method is synchronous, it will resolve when the method completes\n // If the method returns a promise, it will resolve (or reject) with the value from the method's promise\n push(method: (...args: any) => any, thisObject: any, ...args: any[]) {\n return new Promise((resolve, reject) => {\n if (this.queue.length > 0) {\n // There is at least one other pending call.\n // The PromiseQueue will prevent these methods from running concurrently.\n if (this.options.quiet !== false) {\n warn(\n 'Async method is being called but another async method is already running. ' +\n 'The new method will be delayed until the previous method completes.'\n );\n }\n }\n this.queue.push({\n method,\n thisObject,\n args,\n resolve,\n reject\n });\n this.run();\n });\n }\n\n run() {\n if (this.running) {\n return;\n }\n if (this.queue.length === 0) {\n return;\n }\n this.running = true;\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n var queueItem = this.queue.shift()!;\n var res = queueItem.method.apply(queueItem.thisObject, queueItem.args as never) as unknown;\n if (isPromise(res)) {\n (res as Promise<unknown>).then(queueItem.resolve, queueItem.reject).finally(() => {\n this.running = false;\n this.run();\n });\n } else {\n queueItem.resolve(res);\n this.running = false;\n this.run();\n }\n }\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n/* global window */\n\nexport function getNativeConsole() {\n if (typeof window !== 'undefined') {\n return window.console;\n } else if (typeof console !== 'undefined') {\n return console;\n } else {\n return undefined;\n }\n}\n\nexport function getConsole() {\n var nativeConsole = getNativeConsole();\n // eslint-disable-next-line @typescript-eslint/ban-ts-comment\n // @ts-ignore\n if (nativeConsole && nativeConsole.log) {\n return nativeConsole;\n }\n return {\n log: function() {},\n warn: function() {},\n group: function() {},\n groupEnd: function() {}\n };\n}\n\nexport function warn(text) {\n /* eslint-disable no-console */\n getConsole().warn('[okta-auth-sdk] WARN: ' + text);\n /* eslint-enable */\n}\n\nexport function deprecate(text) {\n /* eslint-disable no-console */\n getConsole().warn('[okta-auth-sdk] DEPRECATION: ' + text);\n /* eslint-enable */\n}\n\nexport function deprecateWrap(text, fn) {\n return function() {\n deprecate(text);\n return fn.apply(null, arguments);\n };\n}\n\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport function isoToUTCString(str) {\n var parts = str.match(/\\d+/g),\n isoTime = Date.UTC(parts[0], parts[1] - 1, parts[2], parts[3], parts[4], parts[5]),\n isoDate = new Date(isoTime);\n\n return isoDate.toUTCString();\n}\n\nexport function genRandomString(length) {\n var randomCharset = 'abcdefghijklnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';\n var random = '';\n for (var c = 0, cl = randomCharset.length; c < length; ++c) {\n random += randomCharset[Math.floor(Math.random() * cl)];\n }\n return random;\n}\n\nexport function delay(ms) {\n return new Promise(function(resolve) {\n setTimeout(resolve, ms);\n });\n}\n\nexport function split2(str, delim) {\n const parts = str.split(delim);\n return [\n parts[0], \n parts.splice(1, parts.length).join(delim),\n ];\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport function bind(fn, ctx) {\n var additionalArgs = Array.prototype.slice.call(arguments, 2);\n return function() {\n var args = Array.prototype.slice.call(arguments);\n args = additionalArgs.concat(args);\n return fn.apply(ctx, args);\n };\n}\n\n// TODO: replace all references with `Object.assign` then remove this function\nexport function extend() {\n // First object will be modified!\n var obj1 = arguments[0];\n // Properties from other objects will be copied over\n var objArray = [].slice.call(arguments, 1);\n objArray.forEach(function(obj) {\n for (var prop in obj) {\n // copy over all properties with defined values\n if (Object.prototype.hasOwnProperty.call(obj, prop) && obj[prop] !== undefined) {\n obj1[prop] = obj[prop];\n }\n }\n });\n return obj1; // return the modified object\n}\n\nexport function removeNils(obj) {\n var cleaned = {};\n for (var prop in obj) {\n if (Object.prototype.hasOwnProperty.call(obj, prop)) {\n var value = obj[prop];\n if (value !== null && value !== undefined) {\n cleaned[prop] = value;\n }\n }\n }\n return cleaned;\n}\n\nexport function clone(obj) {\n if (obj) {\n var str = JSON.stringify(obj);\n if (str) {\n return JSON.parse(str);\n }\n }\n return obj;\n}\n\n// Analogous to _.omit\nexport function omit(obj, ...props: any[]) {\n // var props = Array.prototype.slice.call(arguments, 1);\n var newobj = {};\n for (var p in obj) {\n if (Object.prototype.hasOwnProperty.call(obj, p) && props.indexOf(p) == -1) {\n newobj[p] = obj[p];\n }\n }\n return clone(newobj);\n}\n\nexport function find(collection, searchParams) {\n var c = collection.length;\n while (c--) {\n var item = collection[c];\n var found = true;\n for (var prop in searchParams) {\n if (!Object.prototype.hasOwnProperty.call(searchParams, prop)) {\n continue;\n }\n if (item[prop] !== searchParams[prop]) {\n found = false;\n break;\n }\n }\n if (found) {\n return item;\n }\n }\n}\n\nexport function getLink(obj, linkName, altName?) {\n if (!obj || !obj._links) {\n return;\n }\n\n var link = clone(obj._links[linkName]);\n\n // If a link has a name and we have an altName, return if they match\n if (link && link.name && altName) {\n if (link.name === altName) {\n return link;\n }\n } else {\n return link;\n }\n}\n\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport function isString(obj: any): obj is string {\n return Object.prototype.toString.call(obj) === '[object String]';\n}\n\nexport function isObject(obj: any): obj is object {\n return Object.prototype.toString.call(obj) === '[object Object]';\n}\n\nexport function isNumber(obj: any): obj is number {\n return Object.prototype.toString.call(obj) === '[object Number]';\n}\n\nexport function isFunction(fn: any): fn is (...any: any[]) => any {\n return !!fn && {}.toString.call(fn) === '[object Function]';\n}\n\nexport function isPromise(obj) {\n return obj && obj.finally && (typeof obj.finally === 'function');\n}\n","/*!\n * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.\n * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the \"License.\")\n *\n * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS, WITHOUT\n * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n *\n * See the License for the specific language governing permissions and limitations under the License.\n */\n\nexport function isAbsoluteUrl(url) {\n return /^[a-z][a-z0-9+.-]*:/i.test(url);\n}\n\nexport function toAbsoluteUrl(url = '', baseUrl) {\n if (isAbsoluteUrl(url)) {\n return url;\n }\n baseUrl = removeTrailingSlash(baseUrl);\n return url[0] === '/' ? `${baseUrl}${url}` : `${baseUrl}/${url}`;\n}\n\nexport function toRelativeUrl(url = '', baseUrl) {\n if (isAbsoluteUrl(url)) {\n url = url.substring(baseUrl.length);\n }\n\n return url[0] === '/' ? url : `/${url}`;\n}\n\nexport function toQueryString(obj) {\n var str = [];\n if (obj !== null) {\n for (var key in obj) {\n if (Object.prototype.hasOwnProperty.call(obj, key) &&\n obj[key] !== undefined &&\n obj[key] !== null) {\n str.push(key + '=' + encodeURIComponent(obj[key]) as never);\n }\n }\n }\n if (str.length) {\n return '?' + str.join('&');\n } else {\n return '';\n }\n}\n\nexport function removeTrailingSlash(path) {\n if (!path) {\n return;\n }\n // Remove any whitespace before or after string\n var trimmed = path.replace(/^\\s+|\\s+$/gm,'');\n // Remove trailing slash(es)\n trimmed = trimmed.replace(/\\/+$/, '');\n\n return trimmed;\n}\n","'use strict';\n\nclass CancelError extends Error {\n\tconstructor(reason) {\n\t\tsuper(reason || 'Promise was canceled');\n\t\tthis.name = 'CancelError';\n\t}\n\n\tget isCanceled() {\n\t\treturn true;\n\t}\n}\n\nclass PCancelable {\n\tstatic fn(userFn) {\n\t\treturn (...arguments_) => {\n\t\t\treturn new PCancelable((resolve, reject, onCancel) => {\n\t\t\t\targuments_.push(onCancel);\n\t\t\t\t// eslint-disable-next-line promise/prefer-await-to-then\n\t\t\t\tuserFn(...arguments_).then(resolve, reject);\n\t\t\t});\n\t\t};\n\t}\n\n\tconstructor(executor) {\n\t\tthis._cancelHandlers = [];\n\t\tthis._isPending = true;\n\t\tthis._isCanceled = false;\n\t\tthis._rejectOnCancel = true;\n\n\t\tthis._promise = new Promise((resolve, reject) => {\n\t\t\tthis._reject = reject;\n\n\t\t\tconst onResolve = value => {\n\t\t\t\tif (!this._isCanceled || !onCancel.shouldReject) {\n\t\t\t\t\tthis._isPending = false;\n\t\t\t\t\tresolve(value);\n\t\t\t\t}\n\t\t\t};\n\n\t\t\tconst onReject = error => {\n\t\t\t\tthis._isPending = false;\n\t\t\t\treject(error);\n\t\t\t};\n\n\t\t\tconst onCancel = handler => {\n\t\t\t\tif (!this._isPending) {\n\t\t\t\t\tthrow new Error('The `onCancel` handler was attached after the promise settled.');\n\t\t\t\t}\n\n\t\t\t\tthis._cancelHandlers.push(handler);\n\t\t\t};\n\n\t\t\tObject.defineProperties(onCancel, {\n\t\t\t\tshouldReject: {\n\t\t\t\t\tget: () => this._rejectOnCancel,\n\t\t\t\t\tset: boolean => {\n\t\t\t\t\t\tthis._rejectOnCancel = boolean;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t});\n\n\t\t\treturn executor(onResolve, onReject, onCancel);\n\t\t});\n\t}\n\n\tthen(onFulfilled, onRejected) {\n\t\t// eslint-disable-next-line promise/prefer-await-to-then\n\t\treturn this._promise.then(onFulfilled, onRejected);\n\t}\n\n\tcatch(onRejected) {\n\t\treturn this._promise.catch(onRejected);\n\t}\n\n\tfinally(onFinally) {\n\t\treturn this._promise.finally(onFinally);\n\t}\n\n\tcancel(reason) {\n\t\tif (!this._isPending || this._isCanceled) {\n\t\t\treturn;\n\t\t}\n\n\t\tthis._isCanceled = true;\n\n\t\tif (this._cancelHandlers.length > 0) {\n\t\t\ttry {\n\t\t\t\tfor (const handler of this._cancelHandlers) {\n\t\t\t\t\thandler();\n\t\t\t\t}\n\t\t\t} catch (error) {\n\t\t\t\tthis._reject(error);\n\t\t\t\treturn;\n\t\t\t}\n\t\t}\n\n\t\tif (this._rejectOnCancel) {\n\t\t\tthis._reject(new CancelError(reason));\n\t\t}\n\t}\n\n\tget isCanceled() {\n\t\treturn this._isCanceled;\n\t}\n}\n\nObject.setPrototypeOf(PCancelable.prototype, Promise.prototype);\n\nmodule.exports = PCancelable;\nmodule.exports.CancelError = CancelError;\n","var global = typeof self !== 'undefined' ? self : this;\nvar __self__ = (function () {\nfunction F() {\nthis.fetch = false;\nthis.DOMException = global.DOMException\n}\nF.prototype = global;\nreturn new F();\n})();\n(function(self) {\n\nvar irrelevant = (function (exports) {\n\n var support = {\n searchParams: 'URLSearchParams' in self,\n iterable: 'Symbol' in self && 'iterator' in Symbol,\n blob:\n 'FileReader' in self &&\n 'Blob' in self &&\n (function() {\n try {\n new Blob();\n return true\n } catch (e) {\n return false\n }\n })(),\n formData: 'FormData' in self,\n arrayBuffer: 'ArrayBuffer' in self\n };\n\n function isDataView(obj) {\n return obj && DataView.prototype.isPrototypeOf(obj)\n }\n\n if (support.arrayBuffer) {\n var viewClasses = [\n '[object Int8Array]',\n '[object Uint8Array]',\n '[object Uint8ClampedArray]',\n '[object Int16Array]',\n '[object Uint16Array]',\n '[object Int32Array]',\n '[object Uint32Array]',\n '[object Float32Array]',\n '[object Float64Array]'\n ];\n\n var isArrayBufferView =\n ArrayBuffer.isView ||\n function(obj) {\n return obj && viewClasses.indexOf(Object.prototype.toString.call(obj)) > -1\n };\n }\n\n function normalizeName(name) {\n if (typeof name !== 'string') {\n name = String(name);\n }\n if (/[^a-z0-9\\-#$%&'*+.^_`|~]/i.test(name)) {\n throw new TypeError('Invalid character in header field name')\n }\n return name.toLowerCase()\n }\n\n function normalizeValue(value) {\n if (typeof value !== 'string') {\n value = String(value);\n }\n return value\n }\n\n // Build a destructive iterator for the value list\n function iteratorFor(items) {\n var iterator = {\n next: function() {\n var value = items.shift();\n return {done: value === undefined, value: value}\n }\n };\n\n if (support.iterable) {\n iterator[Symbol.iterator] = function() {\n return iterator\n };\n }\n\n return iterator\n }\n\n function Headers(headers) {\n this.map = {};\n\n if (headers instanceof Headers) {\n headers.forEach(function(value, name) {\n this.append(name, value);\n }, this);\n } else if (Array.isArray(headers)) {\n headers.forEach(function(header) {\n this.append(header[0], header[1]);\n }, this);\n } else if (headers) {\n Object.getOwnPropertyNames(headers).forEach(function(name) {\n this.append(name, headers[name]);\n }, this);\n }\n }\n\n Headers.prototype.append = function(name, value) {\n name = normalizeName(name);\n value = normalizeValue(value);\n var oldValue = this.map[name];\n this.map[name] = oldValue ? oldValue + ', ' + value : value;\n };\n\n Headers.prototype['delete'] = function(name) {\n delete this.map[normalizeName(name)];\n };\n\n Headers.prototype.get = function(name) {\n name = normalizeName(name);\n return this.has(name) ? this.map[name] : null\n };\n\n Headers.prototype.has = function(name) {\n return this.map.hasOwnProperty(normalizeName(name))\n };\n\n Headers.prototype.set = function(name, value) {\n this.map[normalizeName(name)] = normalizeValue(value);\n };\n\n Headers.prototype.forEach = function(callback, thisArg) {\n for (var name in this.map) {\n if (this.map.hasOwnProperty(name)) {\n callback.call(thisArg, this.map[name], name, this);\n }\n }\n };\n\n Headers.prototype.keys = function() {\n var items = [];\n this.forEach(function(value, name) {\n items.push(name);\n });\n return iteratorFor(items)\n };\n\n Headers.prototype.values = function() {\n var items = [];\n this.forEach(function(value) {\n items.push(value);\n });\n return iteratorFor(items)\n };\n\n Headers.prototype.entries = function() {\n var items = [];\n this.forEach(function(value, name) {\n items.push([name, value]);\n });\n return iteratorFor(items)\n };\n\n if (support.iterable) {\n Headers.prototype[Symbol.iterator] = Headers.prototype.entries;\n }\n\n function consumed(body) {\n if (body.bodyUsed) {\n return Promise.reject(new TypeError('Already read'))\n }\n body.bodyUsed = true;\n }\n\n function fileReaderReady(reader) {\n return new Promise(function(resolve, reject) {\n reader.onload = function() {\n resolve(reader.result);\n };\n reader.onerror = function() {\n reject(reader.error);\n };\n })\n }\n\n function readBlobAsArrayBuffer(blob) {\n var reader = new FileReader();\n var promise = fileReaderReady(reader);\n reader.readAsArrayBuffer(blob);\n return promise\n }\n\n function readBlobAsText(blob) {\n var reader = new FileReader();\n var promise = fileReaderReady(reader);\n reader.readAsText(blob);\n return promise\n }\n\n function readArrayBufferAsText(buf) {\n var view = new Uint8Array(buf);\n var chars = new Array(view.length);\n\n for (var i = 0; i < view.length; i++) {\n chars[i] = String.fromCharCode(view[i]);\n }\n return chars.join('')\n }\n\n function bufferClone(buf) {\n if (buf.slice) {\n return buf.slice(0)\n } else {\n var view = new Uint8Array(buf.byteLength);\n view.set(new Uint8Array(buf));\n return view.buffer\n }\n }\n\n function Body() {\n this.bodyUsed = false;\n\n this._initBody = function(body) {\n this._bodyInit = body;\n if (!body) {\n this._bodyText = '';\n } else if (typeof body === 'string') {\n this._bodyText = body;\n } else if (support.blob && Blob.prototype.isPrototypeOf(body)) {\n this._bodyBlob = body;\n } else if (support.formData && FormData.prototype.isPrototypeOf(body)) {\n this._bodyFormData = body;\n } else if (support.searchParams && URLSearchParams.prototype.isPrototypeOf(body)) {\n this._bodyText = body.toString();\n } else if (support.arrayBuffer && support.blob && isDataView(body)) {\n this._bodyArrayBuffer = bufferClone(body.buffer);\n // IE 10-11 can't handle a DataView body.\n this._bodyInit = new Blob([this._bodyArrayBuffer]);\n } else if (support.arrayBuffer && (ArrayBuffer.prototype.isPrototypeOf(body) || isArrayBufferView(body))) {\n this._bodyArrayBuffer = bufferClone(body);\n } else {\n this._bodyText = body = Object.prototype.toString.call(body);\n }\n\n if (!this.headers.get('content-type')) {\n if (typeof body === 'string') {\n this.headers.set('content-type', 'text/plain;charset=UTF-8');\n } else if (this._bodyBlob && this._bodyBlob.type) {\n this.headers.set('content-type', this._bodyBlob.type);\n } else if (support.searchParams && URLSearchParams.prototype.isPrototypeOf(body)) {\n this.headers.set('content-type', 'application/x-www-form-urlencoded;charset=UTF-8');\n }\n }\n };\n\n if (support.blob) {\n this.blob = function() {\n var rejected = consumed(this);\n if (rejected) {\n return rejected\n }\n\n if (this._bodyBlob) {\n return Promise.resolve(this._bodyBlob)\n } else if (this._bodyArrayBuffer) {\n return Promise.resolve(new Blob([this._bodyArrayBuffer]))\n } else if (this._bodyFormData) {\n throw new Error('could not read FormData body as blob')\n } else {\n return Promise.resolve(new Blob([this._bodyText]))\n }\n };\n\n this.arrayBuffer = function() {\n if (this._bodyArrayBuffer) {\n return consumed(this) || Promise.resolve(this._bodyArrayBuffer)\n } else {\n return this.blob().then(readBlobAsArrayBuffer)\n }\n };\n }\n\n this.text = function() {\n var rejected = consumed(this);\n if (rejected) {\n return rejected\n }\n\n if (this._bodyBlob) {\n return readBlobAsText(this._bodyBlob)\n } else if (this._bodyArrayBuffer) {\n return Promise.resolve(readArrayBufferAsText(this._bodyArrayBuffer))\n } else if (this._bodyFormData) {\n throw new Error('could not read FormData body as text')\n } else {\n return Promise.resolve(this._bodyText)\n }\n };\n\n if (support.formData) {\n this.formData = function() {\n return this.text().then(decode)\n };\n }\n\n this.json = function() {\n return this.text().then(JSON.parse)\n };\n\n return this\n }\n\n // HTTP methods whose capitalization should be normalized\n var methods = ['DELETE', 'GET', 'HEAD', 'OPTIONS', 'POST', 'PUT'];\n\n function normalizeMethod(method) {\n var upcased = method.toUpperCase();\n return methods.indexOf(upcased) > -1 ? upcased : method\n }\n\n function Request(input, options) {\n options = options || {};\n var body = options.body;\n\n if (input instanceof Request) {\n if (input.bodyUsed) {\n throw new TypeError('Already read')\n }\n this.url = input.url;\n this.credentials = input.credentials;\n if (!options.headers) {\n this.headers = new Headers(input.headers);\n }\n this.method = input.method;\n this.mode = input.mode;\n this.signal = input.signal;\n if (!body && input._bodyInit != null) {\n body = input._bodyInit;\n input.bodyUsed = true;\n }\n } else {\n this.url = String(input);\n }\n\n this.credentials = options.credentials || this.credentials || 'same-origin';\n if (options.headers || !this.headers) {\n this.headers = new Headers(options.headers);\n }\n this.method = normalizeMethod(options.method || this.method || 'GET');\n this.mode = options.mode || this.mode || null;\n this.signal = options.signal || this.signal;\n this.referrer = null;\n\n if ((this.method === 'GET' || this.method === 'HEAD') && body) {\n throw new TypeError('Body not allowed for GET or HEAD requests')\n }\n this._initBody(body);\n }\n\n Request.prototype.clone = function() {\n return new Request(this, {body: this._bodyInit})\n };\n\n function decode(body) {\n var form = new FormData();\n body\n .trim()\n .split('&')\n .forEach(function(bytes) {\n if (bytes) {\n var split = bytes.split('=');\n var name = split.shift().replace(/\\+/g, ' ');\n var value = split.join('=').replace(/\\+/g, ' ');\n form.append(decodeURIComponent(name), decodeURIComponent(value));\n }\n });\n return form\n }\n\n function parseHeaders(rawHeaders) {\n var headers = new Headers();\n // Replace instances of \\r\\n and \\n followed by at least one space or horizontal tab with a space\n // https://tools.ietf.org/html/rfc7230#section-3.2\n var preProcessedHeaders = rawHeaders.replace(/\\r?\\n[\\t ]+/g, ' ');\n preProcessedHeaders.split(/\\r?\\n/).forEach(function(line) {\n var parts = line.split(':');\n var key = parts.shift().trim();\n if (key) {\n var value = parts.join(':').trim();\n headers.append(key, value);\n }\n });\n return headers\n }\n\n Body.call(Request.prototype);\n\n function Response(bodyInit, options) {\n if (!options) {\n options = {};\n }\n\n this.type = 'default';\n this.status = options.status === undefined ? 200 : options.status;\n this.ok = this.status >= 200 && this.status < 300;\n this.statusText = 'statusText' in options ? options.statusText : 'OK';\n this.headers = new Headers(options.headers);\n this.url = options.url || '';\n this._initBody(bodyInit);\n }\n\n Body.call(Response.prototype);\n\n Response.prototype.clone = function() {\n return new Response(this._bodyInit, {\n status: this.status,\n statusText: this.statusText,\n headers: new Headers(this.headers),\n url: this.url\n })\n };\n\n Response.error = function() {\n var response = new Response(null, {status: 0, statusText: ''});\n response.type = 'error';\n return response\n };\n\n var redirectStatuses = [301, 302, 303, 307, 308];\n\n Response.redirect = function(url, status) {\n if (redirectStatuses.indexOf(status) === -1) {\n throw new RangeError('Invalid status code')\n }\n\n return new Response(null, {status: status, headers: {location: url}})\n };\n\n exports.DOMException = self.DOMException;\n try {\n new exports.DOMException();\n } catch (err) {\n exports.DOMException = function(message, name) {\n this.message = message;\n this.name = name;\n var error = Error(message);\n this.stack = error.stack;\n };\n exports.DOMException.prototype = Object.create(Error.prototype);\n exports.DOMException.prototype.constructor = exports.DOMException;\n }\n\n function fetch(input, init) {\n return new Promise(function(resolve, reject) {\n var request = new Request(input, init);\n\n if (request.signal && request.signal.aborted) {\n return reject(new exports.DOMException('Aborted', 'AbortError'))\n }\n\n var xhr = new XMLHttpRequest();\n\n function abortXhr() {\n xhr.abort();\n }\n\n xhr.onload = function() {\n var options = {\n status: xhr.status,\n statusText: xhr.statusText,\n headers: parseHeaders(xhr.getAllResponseHeaders() || '')\n };\n options.url = 'responseURL' in xhr ? xhr.responseURL : options.headers.get('X-Request-URL');\n var body = 'response' in xhr ? xhr.response : xhr.responseText;\n resolve(new Response(body, options));\n };\n\n xhr.onerror = function() {\n reject(new TypeError('Network request failed'));\n };\n\n xhr.ontimeout = function() {\n reject(new TypeError('Network request failed'));\n };\n\n xhr.onabort = function() {\n reject(new exports.DOMException('Aborted', 'AbortError'));\n };\n\n xhr.open(request.method, request.url, true);\n\n if (request.credentials === 'include') {\n xhr.withCredentials = true;\n } else if (request.credentials === 'omit') {\n xhr.withCredentials = false;\n }\n\n if ('responseType' in xhr && support.blob) {\n xhr.responseType = 'blob';\n }\n\n request.headers.forEach(function(value, name) {\n xhr.setRequestHeader(name, value);\n });\n\n if (request.signal) {\n request.signal.addEventListener('abort', abortXhr);\n\n xhr.onreadystatechange = function() {\n // DONE (success or failure)\n if (xhr.readyState === 4) {\n request.signal.removeEventListener('abort', abortXhr);\n }\n };\n }\n\n xhr.send(typeof request._bodyInit === 'undefined' ? null : request._bodyInit);\n })\n }\n\n fetch.polyfill = true;\n\n if (!self.fetch) {\n self.fetch = fetch;\n self.Headers = Headers;\n self.Request = Request;\n self.Response = Response;\n }\n\n exports.Headers = Headers;\n exports.Request = Request;\n exports.Response = Response;\n exports.fetch = fetch;\n\n Object.defineProperty(exports, '__esModule', { value: true });\n\n return exports;\n\n})({});\n})(__self__);\n__self__.fetch.ponyfill = true;\n// Remove \"polyfill\" property added by whatwg-fetch\ndelete __self__.fetch.polyfill;\n// Choose between native implementation (global) or custom implementation (__self__)\n// var ctx = global.fetch ? global : __self__;\nvar ctx = __self__; // this line disable service worker support temporarily\nexports = ctx.fetch // To enable: import fetch from 'cross-fetch'\nexports.default = ctx.fetch // For TypeScript consumers without esModuleInterop.\nexports.fetch = ctx.fetch // To enable: import {fetch} from 'cross-fetch'\nexports.Headers = ctx.Headers\nexports.Request = ctx.Request\nexports.Response = ctx.Response\nmodule.exports = exports\n","function E () {\n // Keep this empty so it's easier to inherit from\n // (via https://github.com/lipsmack from https://github.com/scottcorgan/tiny-emitter/issues/3)\n}\n\nE.prototype = {\n on: function (name, callback, ctx) {\n var e = this.e || (this.e = {});\n\n (e[name] || (e[name] = [])).push({\n fn: callback,\n ctx: ctx\n });\n\n return this;\n },\n\n once: function (name, callback, ctx) {\n var self = this;\n function listener () {\n self.off(name, listener);\n callback.apply(ctx, arguments);\n };\n\n listener._ = callback\n return this.on(name, listener, ctx);\n },\n\n emit: function (name) {\n var data = [].slice.call(arguments, 1);\n var evtArr = ((this.e || (this.e = {}))[name] || []).slice();\n var i = 0;\n var len = evtArr.length;\n\n for (i; i < len; i++) {\n evtArr[i].fn.apply(evtArr[i].ctx, data);\n }\n\n return this;\n },\n\n off: function (name, callback) {\n var e = this.e || (this.e = {});\n var evts = e[name];\n var liveEvents = [];\n\n if (evts && callback) {\n for (var i = 0, len = evts.length; i < len; i++) {\n if (evts[i].fn !== callback && evts[i].fn._ !== callback)\n liveEvents.push(evts[i]);\n }\n }\n\n // Remove event from queue to prevent memory leak\n // Suggested by https://github.com/lazd\n // Ref: https://github.com/scottcorgan/tiny-emitter/commit/c6ebfaa9bc973b33d110a84a307742b7cf94c953#commitcomment-5024910\n\n (liveEvents.length)\n ? e[name] = liveEvents\n : delete e[name];\n\n return this;\n }\n};\n\nmodule.exports = E;\n","function _assertThisInitialized(e) {\n if (void 0 === e) throw new ReferenceError(\"this hasn't been initialised - super() hasn't been called\");\n return e;\n}\nmodule.exports = _assertThisInitialized, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _classCallCheck(a, n) {\n if (!(a instanceof n)) throw new TypeError(\"Cannot call a class as a function\");\n}\nmodule.exports = _classCallCheck, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var isNativeReflectConstruct = require(\"./isNativeReflectConstruct.js\");\nvar setPrototypeOf = require(\"./setPrototypeOf.js\");\nfunction _construct(t, e, r) {\n if (isNativeReflectConstruct()) return Reflect.construct.apply(null, arguments);\n var o = [null];\n o.push.apply(o, e);\n var p = new (t.bind.apply(t, o))();\n return r && setPrototypeOf(p, r.prototype), p;\n}\nmodule.exports = _construct, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var toPropertyKey = require(\"./toPropertyKey.js\");\nfunction _defineProperties(e, r) {\n for (var t = 0; t < r.length; t++) {\n var o = r[t];\n o.enumerable = o.enumerable || !1, o.configurable = !0, \"value\" in o && (o.writable = !0), Object.defineProperty(e, toPropertyKey(o.key), o);\n }\n}\nfunction _createClass(e, r, t) {\n return r && _defineProperties(e.prototype, r), t && _defineProperties(e, t), Object.defineProperty(e, \"prototype\", {\n writable: !1\n }), e;\n}\nmodule.exports = _createClass, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _getPrototypeOf(t) {\n return module.exports = _getPrototypeOf = Object.setPrototypeOf ? Object.getPrototypeOf.bind() : function (t) {\n return t.__proto__ || Object.getPrototypeOf(t);\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports, _getPrototypeOf(t);\n}\nmodule.exports = _getPrototypeOf, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var setPrototypeOf = require(\"./setPrototypeOf.js\");\nfunction _inherits(t, e) {\n if (\"function\" != typeof e && null !== e) throw new TypeError(\"Super expression must either be null or a function\");\n t.prototype = Object.create(e && e.prototype, {\n constructor: {\n value: t,\n writable: !0,\n configurable: !0\n }\n }), Object.defineProperty(t, \"prototype\", {\n writable: !1\n }), e && setPrototypeOf(t, e);\n}\nmodule.exports = _inherits, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _isNativeFunction(t) {\n try {\n return -1 !== Function.toString.call(t).indexOf(\"[native code]\");\n } catch (n) {\n return \"function\" == typeof t;\n }\n}\nmodule.exports = _isNativeFunction, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _isNativeReflectConstruct() {\n try {\n var t = !Boolean.prototype.valueOf.call(Reflect.construct(Boolean, [], function () {}));\n } catch (t) {}\n return (module.exports = _isNativeReflectConstruct = function _isNativeReflectConstruct() {\n return !!t;\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports)();\n}\nmodule.exports = _isNativeReflectConstruct, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var _typeof = require(\"./typeof.js\")[\"default\"];\nvar assertThisInitialized = require(\"./assertThisInitialized.js\");\nfunction _possibleConstructorReturn(t, e) {\n if (e && (\"object\" == _typeof(e) || \"function\" == typeof e)) return e;\n if (void 0 !== e) throw new TypeError(\"Derived constructors may only return object or undefined\");\n return assertThisInitialized(t);\n}\nmodule.exports = _possibleConstructorReturn, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var _typeof = require(\"./typeof.js\")[\"default\"];\nfunction _regeneratorRuntime() {\n \"use strict\"; /*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/facebook/regenerator/blob/main/LICENSE */\n module.exports = _regeneratorRuntime = function _regeneratorRuntime() {\n return e;\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;\n var t,\n e = {},\n r = Object.prototype,\n n = r.hasOwnProperty,\n o = Object.defineProperty || function (t, e, r) {\n t[e] = r.value;\n },\n i = \"function\" == typeof Symbol ? Symbol : {},\n a = i.iterator || \"@@iterator\",\n c = i.asyncIterator || \"@@asyncIterator\",\n u = i.toStringTag || \"@@toStringTag\";\n function define(t, e, r) {\n return Object.defineProperty(t, e, {\n value: r,\n enumerable: !0,\n configurable: !0,\n writable: !0\n }), t[e];\n }\n try {\n define({}, \"\");\n } catch (t) {\n define = function define(t, e, r) {\n return t[e] = r;\n };\n }\n function wrap(t, e, r, n) {\n var i = e && e.prototype instanceof Generator ? e : Generator,\n a = Object.create(i.prototype),\n c = new Context(n || []);\n return o(a, \"_invoke\", {\n value: makeInvokeMethod(t, r, c)\n }), a;\n }\n function tryCatch(t, e, r) {\n try {\n return {\n type: \"normal\",\n arg: t.call(e, r)\n };\n } catch (t) {\n return {\n type: \"throw\",\n arg: t\n };\n }\n }\n e.wrap = wrap;\n var h = \"suspendedStart\",\n l = \"suspendedYield\",\n f = \"executing\",\n s = \"completed\",\n y = {};\n function Generator() {}\n function GeneratorFunction() {}\n function GeneratorFunctionPrototype() {}\n var p = {};\n define(p, a, function () {\n return this;\n });\n var d = Object.getPrototypeOf,\n v = d && d(d(values([])));\n v && v !== r && n.call(v, a) && (p = v);\n var g = GeneratorFunctionPrototype.prototype = Generator.prototype = Object.create(p);\n function defineIteratorMethods(t) {\n [\"next\", \"throw\", \"return\"].forEach(function (e) {\n define(t, e, function (t) {\n return this._invoke(e, t);\n });\n });\n }\n function AsyncIterator(t, e) {\n function invoke(r, o, i, a) {\n var c = tryCatch(t[r], t, o);\n if (\"throw\" !== c.type) {\n var u = c.arg,\n h = u.value;\n return h && \"object\" == _typeof(h) && n.call(h, \"__await\") ? e.resolve(h.__await).then(function (t) {\n invoke(\"next\", t, i, a);\n }, function (t) {\n invoke(\"throw\", t, i, a);\n }) : e.resolve(h).then(function (t) {\n u.value = t, i(u);\n }, function (t) {\n return invoke(\"throw\", t, i, a);\n });\n }\n a(c.arg);\n }\n var r;\n o(this, \"_invoke\", {\n value: function value(t, n) {\n function callInvokeWithMethodAndArg() {\n return new e(function (e, r) {\n invoke(t, n, e, r);\n });\n }\n return r = r ? r.then(callInvokeWithMethodAndArg, callInvokeWithMethodAndArg) : callInvokeWithMethodAndArg();\n }\n });\n }\n function makeInvokeMethod(e, r, n) {\n var o = h;\n return function (i, a) {\n if (o === f) throw Error(\"Generator is already running\");\n if (o === s) {\n if (\"throw\" === i) throw a;\n return {\n value: t,\n done: !0\n };\n }\n for (n.method = i, n.arg = a;;) {\n var c = n.delegate;\n if (c) {\n var u = maybeInvokeDelegate(c, n);\n if (u) {\n if (u === y) continue;\n return u;\n }\n }\n if (\"next\" === n.method) n.sent = n._sent = n.arg;else if (\"throw\" === n.method) {\n if (o === h) throw o = s, n.arg;\n n.dispatchException(n.arg);\n } else \"return\" === n.method && n.abrupt(\"return\", n.arg);\n o = f;\n var p = tryCatch(e, r, n);\n if (\"normal\" === p.type) {\n if (o = n.done ? s : l, p.arg === y) continue;\n return {\n value: p.arg,\n done: n.done\n };\n }\n \"throw\" === p.type && (o = s, n.method = \"throw\", n.arg = p.arg);\n }\n };\n }\n function maybeInvokeDelegate(e, r) {\n var n = r.method,\n o = e.iterator[n];\n if (o === t) return r.delegate = null, \"throw\" === n && e.iterator[\"return\"] && (r.method = \"return\", r.arg = t, maybeInvokeDelegate(e, r), \"throw\" === r.method) || \"return\" !== n && (r.method = \"throw\", r.arg = new TypeError(\"The iterator does not provide a '\" + n + \"' method\")), y;\n var i = tryCatch(o, e.iterator, r.arg);\n if (\"throw\" === i.type) return r.method = \"throw\", r.arg = i.arg, r.delegate = null, y;\n var a = i.arg;\n return a ? a.done ? (r[e.resultName] = a.value, r.next = e.nextLoc, \"return\" !== r.method && (r.method = \"next\", r.arg = t), r.delegate = null, y) : a : (r.method = \"throw\", r.arg = new TypeError(\"iterator result is not an object\"), r.delegate = null, y);\n }\n function pushTryEntry(t) {\n var e = {\n tryLoc: t[0]\n };\n 1 in t && (e.catchLoc = t[1]), 2 in t && (e.finallyLoc = t[2], e.afterLoc = t[3]), this.tryEntries.push(e);\n }\n function resetTryEntry(t) {\n var e = t.completion || {};\n e.type = \"normal\", delete e.arg, t.completion = e;\n }\n function Context(t) {\n this.tryEntries = [{\n tryLoc: \"root\"\n }], t.forEach(pushTryEntry, this), this.reset(!0);\n }\n function values(e) {\n if (e || \"\" === e) {\n var r = e[a];\n if (r) return r.call(e);\n if (\"function\" == typeof e.next) return e;\n if (!isNaN(e.length)) {\n var o = -1,\n i = function next() {\n for (; ++o < e.length;) if (n.call(e, o)) return next.value = e[o], next.done = !1, next;\n return next.value = t, next.done = !0, next;\n };\n return i.next = i;\n }\n }\n throw new TypeError(_typeof(e) + \" is not iterable\");\n }\n return GeneratorFunction.prototype = GeneratorFunctionPrototype, o(g, \"constructor\", {\n value: GeneratorFunctionPrototype,\n configurable: !0\n }), o(GeneratorFunctionPrototype, \"constructor\", {\n value: GeneratorFunction,\n configurable: !0\n }), GeneratorFunction.displayName = define(GeneratorFunctionPrototype, u, \"GeneratorFunction\"), e.isGeneratorFunction = function (t) {\n var e = \"function\" == typeof t && t.constructor;\n return !!e && (e === GeneratorFunction || \"GeneratorFunction\" === (e.displayName || e.name));\n }, e.mark = function (t) {\n return Object.setPrototypeOf ? Object.setPrototypeOf(t, GeneratorFunctionPrototype) : (t.__proto__ = GeneratorFunctionPrototype, define(t, u, \"GeneratorFunction\")), t.prototype = Object.create(g), t;\n }, e.awrap = function (t) {\n return {\n __await: t\n };\n }, defineIteratorMethods(AsyncIterator.prototype), define(AsyncIterator.prototype, c, function () {\n return this;\n }), e.AsyncIterator = AsyncIterator, e.async = function (t, r, n, o, i) {\n void 0 === i && (i = Promise);\n var a = new AsyncIterator(wrap(t, r, n, o), i);\n return e.isGeneratorFunction(r) ? a : a.next().then(function (t) {\n return t.done ? t.value : a.next();\n });\n }, defineIteratorMethods(g), define(g, u, \"Generator\"), define(g, a, function () {\n return this;\n }), define(g, \"toString\", function () {\n return \"[object Generator]\";\n }), e.keys = function (t) {\n var e = Object(t),\n r = [];\n for (var n in e) r.push(n);\n return r.reverse(), function next() {\n for (; r.length;) {\n var t = r.pop();\n if (t in e) return next.value = t, next.done = !1, next;\n }\n return next.done = !0, next;\n };\n }, e.values = values, Context.prototype = {\n constructor: Context,\n reset: function reset(e) {\n if (this.prev = 0, this.next = 0, this.sent = this._sent = t, this.done = !1, this.delegate = null, this.method = \"next\", this.arg = t, this.tryEntries.forEach(resetTryEntry), !e) for (var r in this) \"t\" === r.charAt(0) && n.call(this, r) && !isNaN(+r.slice(1)) && (this[r] = t);\n },\n stop: function stop() {\n this.done = !0;\n var t = this.tryEntries[0].completion;\n if (\"throw\" === t.type) throw t.arg;\n return this.rval;\n },\n dispatchException: function dispatchException(e) {\n if (this.done) throw e;\n var r = this;\n function handle(n, o) {\n return a.type = \"throw\", a.arg = e, r.next = n, o && (r.method = \"next\", r.arg = t), !!o;\n }\n for (var o = this.tryEntries.length - 1; o >= 0; --o) {\n var i = this.tryEntries[o],\n a = i.completion;\n if (\"root\" === i.tryLoc) return handle(\"end\");\n if (i.tryLoc <= this.prev) {\n var c = n.call(i, \"catchLoc\"),\n u = n.call(i, \"finallyLoc\");\n if (c && u) {\n if (this.prev < i.catchLoc) return handle(i.catchLoc, !0);\n if (this.prev < i.finallyLoc) return handle(i.finallyLoc);\n } else if (c) {\n if (this.prev < i.catchLoc) return handle(i.catchLoc, !0);\n } else {\n if (!u) throw Error(\"try statement without catch or finally\");\n if (this.prev < i.finallyLoc) return handle(i.finallyLoc);\n }\n }\n }\n },\n abrupt: function abrupt(t, e) {\n for (var r = this.tryEntries.length - 1; r >= 0; --r) {\n var o = this.tryEntries[r];\n if (o.tryLoc <= this.prev && n.call(o, \"finallyLoc\") && this.prev < o.finallyLoc) {\n var i = o;\n break;\n }\n }\n i && (\"break\" === t || \"continue\" === t) && i.tryLoc <= e && e <= i.finallyLoc && (i = null);\n var a = i ? i.completion : {};\n return a.type = t, a.arg = e, i ? (this.method = \"next\", this.next = i.finallyLoc, y) : this.complete(a);\n },\n complete: function complete(t, e) {\n if (\"throw\" === t.type) throw t.arg;\n return \"break\" === t.type || \"continue\" === t.type ? this.next = t.arg : \"return\" === t.type ? (this.rval = this.arg = t.arg, this.method = \"return\", this.next = \"end\") : \"normal\" === t.type && e && (this.next = e), y;\n },\n finish: function finish(t) {\n for (var e = this.tryEntries.length - 1; e >= 0; --e) {\n var r = this.tryEntries[e];\n if (r.finallyLoc === t) return this.complete(r.completion, r.afterLoc), resetTryEntry(r), y;\n }\n },\n \"catch\": function _catch(t) {\n for (var e = this.tryEntries.length - 1; e >= 0; --e) {\n var r = this.tryEntries[e];\n if (r.tryLoc === t) {\n var n = r.completion;\n if (\"throw\" === n.type) {\n var o = n.arg;\n resetTryEntry(r);\n }\n return o;\n }\n }\n throw Error(\"illegal catch attempt\");\n },\n delegateYield: function delegateYield(e, r, n) {\n return this.delegate = {\n iterator: values(e),\n resultName: r,\n nextLoc: n\n }, \"next\" === this.method && (this.arg = t), y;\n }\n }, e;\n}\nmodule.exports = _regeneratorRuntime, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _setPrototypeOf(t, e) {\n return module.exports = _setPrototypeOf = Object.setPrototypeOf ? Object.setPrototypeOf.bind() : function (t, e) {\n return t.__proto__ = e, t;\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports, _setPrototypeOf(t, e);\n}\nmodule.exports = _setPrototypeOf, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var _typeof = require(\"./typeof.js\")[\"default\"];\nfunction toPrimitive(t, r) {\n if (\"object\" != _typeof(t) || !t) return t;\n var e = t[Symbol.toPrimitive];\n if (void 0 !== e) {\n var i = e.call(t, r || \"default\");\n if (\"object\" != _typeof(i)) return i;\n throw new TypeError(\"@@toPrimitive must return a primitive value.\");\n }\n return (\"string\" === r ? String : Number)(t);\n}\nmodule.exports = toPrimitive, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var _typeof = require(\"./typeof.js\")[\"default\"];\nvar toPrimitive = require(\"./toPrimitive.js\");\nfunction toPropertyKey(t) {\n var i = toPrimitive(t, \"string\");\n return \"symbol\" == _typeof(i) ? i : i + \"\";\n}\nmodule.exports = toPropertyKey, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","function _typeof(o) {\n \"@babel/helpers - typeof\";\n\n return module.exports = _typeof = \"function\" == typeof Symbol && \"symbol\" == typeof Symbol.iterator ? function (o) {\n return typeof o;\n } : function (o) {\n return o && \"function\" == typeof Symbol && o.constructor === Symbol && o !== Symbol.prototype ? \"symbol\" : typeof o;\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports, _typeof(o);\n}\nmodule.exports = _typeof, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","var getPrototypeOf = require(\"./getPrototypeOf.js\");\nvar setPrototypeOf = require(\"./setPrototypeOf.js\");\nvar isNativeFunction = require(\"./isNativeFunction.js\");\nvar construct = require(\"./construct.js\");\nfunction _wrapNativeSuper(t) {\n var r = \"function\" == typeof Map ? new Map() : void 0;\n return module.exports = _wrapNativeSuper = function _wrapNativeSuper(t) {\n if (null === t || !isNativeFunction(t)) return t;\n if (\"function\" != typeof t) throw new TypeError(\"Super expression must either be null or a function\");\n if (void 0 !== r) {\n if (r.has(t)) return r.get(t);\n r.set(t, Wrapper);\n }\n function Wrapper() {\n return construct(t, arguments, getPrototypeOf(this).constructor);\n }\n return Wrapper.prototype = Object.create(t.prototype, {\n constructor: {\n value: Wrapper,\n enumerable: !1,\n writable: !0,\n configurable: !0\n }\n }), setPrototypeOf(Wrapper, t);\n }, module.exports.__esModule = true, module.exports[\"default\"] = module.exports, _wrapNativeSuper(t);\n}\nmodule.exports = _wrapNativeSuper, module.exports.__esModule = true, module.exports[\"default\"] = module.exports;","// TODO(Babel 8): Remove this file.\n\nvar runtime = require(\"../helpers/regeneratorRuntime\")();\nmodule.exports = runtime;\n\n// Copied from https://github.com/facebook/regenerator/blob/main/packages/runtime/runtime.js#L736=\ntry {\n regeneratorRuntime = runtime;\n} catch (accidentalStrictMode) {\n if (typeof globalThis === \"object\") {\n globalThis.regeneratorRuntime = runtime;\n } else {\n Function(\"r\", \"regeneratorRuntime = r\")(runtime);\n }\n}\n","function _arrayLikeToArray(r, a) {\n (null == a || a > r.length) && (a = r.length);\n for (var e = 0, n = Array(a); e < a; e++) n[e] = r[e];\n return n;\n}\nexport { _arrayLikeToArray as default };","function _assertThisInitialized(e) {\n if (void 0 === e) throw new ReferenceError(\"this hasn't been initialised - super() hasn't been called\");\n return e;\n}\nexport { _assertThisInitialized as default };","function asyncGeneratorStep(n, t, e, r, o, a, c) {\n try {\n var i = n[a](c),\n u = i.value;\n } catch (n) {\n return void e(n);\n }\n i.done ? t(u) : Promise.resolve(u).then(r, o);\n}\nfunction _asyncToGenerator(n) {\n return function () {\n var t = this,\n e = arguments;\n return new Promise(function (r, o) {\n var a = n.apply(t, e);\n function _next(n) {\n asyncGeneratorStep(a, r, o, _next, _throw, \"next\", n);\n }\n function _throw(n) {\n asyncGeneratorStep(a, r, o, _next, _throw, \"throw\", n);\n }\n _next(void 0);\n });\n };\n}\nexport { _asyncToGenerator as default };","function _classCallCheck(a, n) {\n if (!(a instanceof n)) throw new TypeError(\"Cannot call a class as a function\");\n}\nexport { _classCallCheck as default };","import toPropertyKey from \"./toPropertyKey.js\";\nfunction _defineProperties(e, r) {\n for (var t = 0; t < r.length; t++) {\n var o = r[t];\n o.enumerable = o.enumerable || !1, o.configurable = !0, \"value\" in o && (o.writable = !0), Object.defineProperty(e, toPropertyKey(o.key), o);\n }\n}\nfunction _createClass(e, r, t) {\n return r && _defineProperties(e.prototype, r), t && _defineProperties(e, t), Object.defineProperty(e, \"prototype\", {\n writable: !1\n }), e;\n}\nexport { _createClass as default };","import toPropertyKey from \"./toPropertyKey.js\";\nfunction _defineProperty(e, r, t) {\n return (r = toPropertyKey(r)) in e ? Object.defineProperty(e, r, {\n value: t,\n enumerable: !0,\n configurable: !0,\n writable: !0\n }) : e[r] = t, e;\n}\nexport { _defineProperty as default };","function _getPrototypeOf(t) {\n return _getPrototypeOf = Object.setPrototypeOf ? Object.getPrototypeOf.bind() : function (t) {\n return t.__proto__ || Object.getPrototypeOf(t);\n }, _getPrototypeOf(t);\n}\nexport { _getPrototypeOf as default };","import setPrototypeOf from \"./setPrototypeOf.js\";\nfunction _inherits(t, e) {\n if (\"function\" != typeof e && null !== e) throw new TypeError(\"Super expression must either be null or a function\");\n t.prototype = Object.create(e && e.prototype, {\n constructor: {\n value: t,\n writable: !0,\n configurable: !0\n }\n }), Object.defineProperty(t, \"prototype\", {\n writable: !1\n }), e && setPrototypeOf(t, e);\n}\nexport { _inherits as default };","import objectWithoutPropertiesLoose from \"./objectWithoutPropertiesLoose.js\";\nfunction _objectWithoutProperties(e, t) {\n if (null == e) return {};\n var o,\n r,\n i = objectWithoutPropertiesLoose(e, t);\n if (Object.getOwnPropertySymbols) {\n var n = Object.getOwnPropertySymbols(e);\n for (r = 0; r < n.length; r++) o = n[r], -1 === t.indexOf(o) && {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]);\n }\n return i;\n}\nexport { _objectWithoutProperties as default };","function _objectWithoutPropertiesLoose(r, e) {\n if (null == r) return {};\n var t = {};\n for (var n in r) if ({}.hasOwnProperty.call(r, n)) {\n if (-1 !== e.indexOf(n)) continue;\n t[n] = r[n];\n }\n return t;\n}\nexport { _objectWithoutPropertiesLoose as default };","import _typeof from \"./typeof.js\";\nimport assertThisInitialized from \"./assertThisInitialized.js\";\nfunction _possibleConstructorReturn(t, e) {\n if (e && (\"object\" == _typeof(e) || \"function\" == typeof e)) return e;\n if (void 0 !== e) throw new TypeError(\"Derived constructors may only return object or undefined\");\n return assertThisInitialized(t);\n}\nexport { _possibleConstructorReturn as default };","function _setPrototypeOf(t, e) {\n return _setPrototypeOf = Object.setPrototypeOf ? Object.setPrototypeOf.bind() : function (t, e) {\n return t.__proto__ = e, t;\n }, _setPrototypeOf(t, e);\n}\nexport { _setPrototypeOf as default };","import arrayWithHoles from \"./arrayWithHoles.js\";\nimport iterableToArrayLimit from \"./iterableToArrayLimit.js\";\nimport unsupportedIterableToArray from \"./unsupportedIterableToArray.js\";\nimport nonIterableRest from \"./nonIterableRest.js\";\nfunction _slicedToArray(r, e) {\n return arrayWithHoles(r) || iterableToArrayLimit(r, e) || unsupportedIterableToArray(r, e) || nonIterableRest();\n}\nexport { _slicedToArray as default };","function _arrayWithHoles(r) {\n if (Array.isArray(r)) return r;\n}\nexport { _arrayWithHoles as default };","function _iterableToArrayLimit(r, l) {\n var t = null == r ? null : \"undefined\" != typeof Symbol && r[Symbol.iterator] || r[\"@@iterator\"];\n if (null != t) {\n var e,\n n,\n i,\n u,\n a = [],\n f = !0,\n o = !1;\n try {\n if (i = (t = t.call(r)).next, 0 === l) {\n if (Object(t) !== t) return;\n f = !1;\n } else for (; !(f = (e = i.call(t)).done) && (a.push(e.value), a.length !== l); f = !0);\n } catch (r) {\n o = !0, n = r;\n } finally {\n try {\n if (!f && null != t[\"return\"] && (u = t[\"return\"](), Object(u) !== u)) return;\n } finally {\n if (o) throw n;\n }\n }\n return a;\n }\n}\nexport { _iterableToArrayLimit as default };","function _nonIterableRest() {\n throw new TypeError(\"Invalid attempt to destructure non-iterable instance.\\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.\");\n}\nexport { _nonIterableRest as default };","import arrayWithoutHoles from \"./arrayWithoutHoles.js\";\nimport iterableToArray from \"./iterableToArray.js\";\nimport unsupportedIterableToArray from \"./unsupportedIterableToArray.js\";\nimport nonIterableSpread from \"./nonIterableSpread.js\";\nfunction _toConsumableArray(r) {\n return arrayWithoutHoles(r) || iterableToArray(r) || unsupportedIterableToArray(r) || nonIterableSpread();\n}\nexport { _toConsumableArray as default };","import arrayLikeToArray from \"./arrayLikeToArray.js\";\nfunction _arrayWithoutHoles(r) {\n if (Array.isArray(r)) return arrayLikeToArray(r);\n}\nexport { _arrayWithoutHoles as default };","function _iterableToArray(r) {\n if (\"undefined\" != typeof Symbol && null != r[Symbol.iterator] || null != r[\"@@iterator\"]) return Array.from(r);\n}\nexport { _iterableToArray as default };","function _nonIterableSpread() {\n throw new TypeError(\"Invalid attempt to spread non-iterable instance.\\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.\");\n}\nexport { _nonIterableSpread as default };","import _typeof from \"./typeof.js\";\nimport toPrimitive from \"./toPrimitive.js\";\nfunction toPropertyKey(t) {\n var i = toPrimitive(t, \"string\");\n return \"symbol\" == _typeof(i) ? i : i + \"\";\n}\nexport { toPropertyKey as default };","import _typeof from \"./typeof.js\";\nfunction toPrimitive(t, r) {\n if (\"object\" != _typeof(t) || !t) return t;\n var e = t[Symbol.toPrimitive];\n if (void 0 !== e) {\n var i = e.call(t, r || \"default\");\n if (\"object\" != _typeof(i)) return i;\n throw new TypeError(\"@@toPrimitive must return a primitive value.\");\n }\n return (\"string\" === r ? String : Number)(t);\n}\nexport { toPrimitive as default };","function _typeof(o) {\n \"@babel/helpers - typeof\";\n\n return _typeof = \"function\" == typeof Symbol && \"symbol\" == typeof Symbol.iterator ? function (o) {\n return typeof o;\n } : function (o) {\n return o && \"function\" == typeof Symbol && o.constructor === Symbol && o !== Symbol.prototype ? \"symbol\" : typeof o;\n }, _typeof(o);\n}\nexport { _typeof as default };","import arrayLikeToArray from \"./arrayLikeToArray.js\";\nfunction _unsupportedIterableToArray(r, a) {\n if (r) {\n if (\"string\" == typeof r) return arrayLikeToArray(r, a);\n var t = {}.toString.call(r).slice(8, -1);\n return \"Object\" === t && r.constructor && (t = r.constructor.name), \"Map\" === t || \"Set\" === t ? Array.from(r) : \"Arguments\" === t || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(t) ? arrayLikeToArray(r, a) : void 0;\n }\n}\nexport { _unsupportedIterableToArray as default };","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\t__webpack_modules__[moduleId].call(module.exports, module, module.exports, __webpack_require__);\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","// getDefaultExport function for compatibility with non-harmony modules\n__webpack_require__.n = function(module) {\n\tvar getter = module && module.__esModule ?\n\t\tfunction() { return module['default']; } :\n\t\tfunction() { return module; };\n\t__webpack_require__.d(getter, { a: getter });\n\treturn getter;\n};","// define getter functions for harmony exports\n__webpack_require__.d = function(exports, definition) {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","__webpack_require__.g = (function() {\n\tif (typeof globalThis === 'object') return globalThis;\n\ttry {\n\t\treturn this || new Function('return this')();\n\t} catch (e) {\n\t\tif (typeof window === 'object') return window;\n\t}\n})();","__webpack_require__.o = function(obj, prop) { return Object.prototype.hasOwnProperty.call(obj, prop); }","// define __esModule on exports\n__webpack_require__.r = function(exports) {\n\tif(typeof Symbol !== 'undefined' && Symbol.toStringTag) {\n\t\tObject.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });\n\t}\n\tObject.defineProperty(exports, '__esModule', { value: true });\n};","import {\n OktaAuthOptionsConstructor,\n} from '../base';\nimport {\n StorageManagerConstructor,\n} from '../storage';\nimport {\n createTransactionManager,\n TransactionManagerConstructor\n} from '../oidc';\nimport {\n createCoreOptionsConstructor,\n createCoreStorageManager,\n CoreStorageManagerInterface,\n OktaAuthCoreOptions,\n} from '../core';\nimport { createOktaAuthMyAccount } from '../myaccount';\n\n\n// eslint-disable-next-line @typescript-eslint/no-empty-interface\nexport interface OktaAuthOptions extends OktaAuthCoreOptions {}\n\nconst OptionsConstructor: OktaAuthOptionsConstructor<OktaAuthOptions> = createCoreOptionsConstructor();\nconst StorageManager: StorageManagerConstructor<CoreStorageManagerInterface> = createCoreStorageManager();\nconst TransactionManager: TransactionManagerConstructor = createTransactionManager();\n\nconst OktaAuthMyAccount = createOktaAuthMyAccount(StorageManager, OptionsConstructor, TransactionManager);\n\nclass OktaAuth extends OktaAuthMyAccount {\n constructor(options: OktaAuthOptions) {\n super(options);\n }\n}\n\nexport default OktaAuth;\nexport { OktaAuth };\nexport * from './common';\nexport * from '../myaccount';\n\n"],"names":["root","factory","exports","module","define","amd","self","createOktaAuthBase","OptionsConstructor","OktaAuthBase","options","length","this","removeNils","emitter","Emitter","features","constants","prototype","Object","assign","createBaseOptionsConstructor","args","devMode","target","i","arguments","source","key","api","init","converter","defaultAttributes","set","value","attributes","document","expires","Date","now","toUTCString","encodeURIComponent","replace","decodeURIComponent","escape","stringifiedAttributes","attributeName","split","cookie","write","create","get","cookies","jar","parts","slice","join","foundKey","read","e","remove","withAttributes","withConverter","freeze","path","storageUtil","browserHasLocalStorage","storage","getLocalStorage","testStorage","browserHasSessionStorage","getSessionStorage","testStorageType","storageType","supported","getStorageByType","storageProvider","getCookieStorage","getInMemoryStorage","AuthSdkError","findStorageType","types","curType","nextType","shift","warn","isIE11OrLess","window","onstorage","localStorage","sessionStorage","secure","sameSite","sessionCookie","getItem","setItem","expiresAt","removeItem","delete","useSeparateCookies","data","keys","forEach","k","indexOf","JSON","parse","stringify","existingValues","storageKey","valueToStore","inMemoryStore","name","cookieOptions","Cookies","STATE_TOKEN_KEY_NAME","DEFAULT_POLLING_DELAY","IOS_MAX_RETRY_COUNT","DEFAULT_MAX_CLOCK_SKEW","DEFAULT_CACHE_DURATION","TOKEN_STORAGE_NAME","CACHE_STORAGE_NAME","PKCE_STORAGE_NAME","TRANSACTION_STORAGE_NAME","SHARED_TRANSACTION_STORAGE_NAME","ORIGINAL_URI_STORAGE_NAME","IDX_RESPONSE_STORAGE_NAME","ACCESS_TOKEN_STORAGE_KEY","ID_TOKEN_STORAGE_KEY","REFRESH_TOKEN_STORAGE_KEY","REFERRER_PATH_STORAGE_KEY","MIN_VERIFIER_LENGTH","MAX_VERIFIER_LENGTH","DEFAULT_CODE_CHALLENGE_METHOD","IDX_API_VERSION","INITIAL_AUTH_STATE","DEFAULT_PENDING","updateAuthStatePromise","canceledTimes","EVENT_AUTH_STATE_CHANGE","AuthStateManager","sdk","_sdk","_pending","_authState","_logOptions","_prevAuthState","_transformQueue","PromiseQueue","quiet","tokenManager","on","EVENT_ADDED","token","_setLogOptions","event","updateAuthState","EVENT_REMOVED","transformAuthState","log","status","getConsole","group","groupEnd","emitAuthStateChange","authState","prevState","state","isAuthenticated","idToken","accessToken","error","emit","finalPromise","origPromise","then","curPromise","getAuthState","cancel","cancelablePromise","PCancelable","resolve","_","onCancel","shouldReject","emitAndResolve","isCanceled","getTokensSync","refreshToken","push","Promise","catch","handler","off","PROMISE_RESOLVED_TRUE","PROMISE_RESOLVED_VOID","sleep","time","resolveWith","res","setTimeout","randomToken","Math","random","toString","substring","lastMs","additional","microSeconds","ms","getTime","NativeMethod","channelName","messagesCallback","bc","BroadcastChannel","subFns","onmessage","msg","close","channelState","onMessage","fn","postMessage","messageJson","err","reject","canBeUsed","_pubkey","Error","type","averageResponseTime","ttl","Map","ObliviousSet","map","has","_to","_this","obliviousSet","olderThen","iterator","Symbol","next","removeTooOldValues","clear","originalOptions","undefined","webWorkerSupport","idb","fallbackInterval","onclose","localstorage","removeTimeout","methods","node","maxParallelWrites","useFastPath","OBJECT_STORE_ID","TRANSACTION_SETTINGS","durability","getIdb","indexedDB","mozIndexedDB","webkitIndexedDB","msIndexedDB","commitIndexedDBTransaction","tx","commit","_readLoop","closed","readNewMessages","db","lastCursorId","transaction","objectStore","ret","keyRangeValue","IDBKeyRange","bound","Infinity","getAll","getAllRequest","rej","onerror","onsuccess","result","openCursorRequest","openCursor","ev","cursor","id","getMessagesHigherThan","newerMessages","useMessages","filter","msgObj","uuid","eMIs","messagesCallbackTime","_filterMessage","sort","msgObjA","msgObjB","add","IndexedDBMethod","dbName","openRequest","open","onupgradeneeded","createObjectStore","keyPath","autoIncrement","createDatabase","writeBlockPromise","readQueuePromises","readerUuid","writeObject","oncomplete","writeMessage","floor","msgObk","tooOld","ids","all","deleteRequest","removeMessagesById","cleanOldMessages","ls","LocalstorageMethod","listener","newValue","addEventListener","addStorageEventListener","removeEventListener","writeObj","createEvent","initEvent","dispatchEvent","userAgent","navigator","toLowerCase","includes","defaultTime","SIMULATE_CHANNELS","Set","SimulateMethod","Array","from","channel","METHODS","OPEN_BROADCAST_CHANNELS","lastId","maybePromise","obj","method","chooseMethods","concat","Boolean","find","m","useMethod","_iL","_onML","_addEL","message","internal","_uMP","_befC","_prepP","s","_state","_post","broadcastChannel","sendPromise","_hasMessageListeners","_addListenerObject","listenerFn","listenerObject","minMessageTime","_startListening","_removeListenerObject","o","_stopListening","postInternal","listenObj","awaitPrepare","isClosed","USE_METHOD","call","process","exit","console","trace","WorkerGlobalScope","oldClose","bind","LISTENERS","startedListening","runAll","promises","sendLeaderMessage","leaderElector","action","msgJson","context","beLeader","isLeader","_hasLeader","unloadFn","run","die","_unl","isLeaderListener","_dpLC","_dpL","_lstns","LeaderElectionWebLock","_options","isDead","_wKMC","lN","hasLeader","_this2","locks","query","relevantLocks","held","lock","awaitLeadership","_this3","_wLMP","c","AbortController","returnPromise","request","signal","onduplicate","_fn","_this4","uFn","abort","LeaderElection","_aplQ","_aplQC","hasLeaderListener","createLeaderElection","_leaderElector","responseTime","elector","applyOnce","isFromFallbackInterval","stopCriteriaPromiseResolve","stopCriteria","stopCriteriaPromise","handleMessage","waitForAnswerTime","race","applyRun","_aLP","resolved","finish","whenDeathListener","tryOnFallBack","LeaderElectionService","onLeaderDuplicate","onLeader","canStart","electionChannelName","started","isBrowser","AutoRenewService","renewTimeQueue","onTokenExpiredHandler","firstTime","syncStorage","tokens","getStorage","isRefreshToken","hasExpired","autoRenew","shouldThrottleRenew","emitError","renew","autoRemove","EVENT_EXPIRED","isStarted","processExpiredTokens","SyncStorageService","onTokenAddedHandler","onTokenRemovedHandler","onTokenRenewedHandler","onSetStorageHandler","onSyncMessageHandler","syncChannelName","EVENT_RENEWED","EVENT_SET_STORAGE","enablePostMessage","oldToken","setStorage","emitAdded","setExpireEventTimeout","clearExpireEventTimeout","emitRemoved","emitRenewed","getNow","RenewOnTabActivationService","onPageVisbilityChange","_onPageVisbilityChange","hidden","lastHidden","tabInactivityDuration","getStorageKeyByType","renewOnTabActivation","AUTO_RENEW","SYNC_STORAGE","LEADER_ELECTION","RENEW_ON_TAB_ACTIVATION","ServiceManager","getOptions","broadcastChannelName","defaultOptions","clientId","services","knownServices","svc","createService","startServices","getService","values","some","srv","requiresLeadership","stopServices","entries","canStartService","start","stop","isLeaderRequired","service","createOktaAuthCore","StorageManagerConstructor","TransactionManagerConstructor","Base","WithStorage","mixinStorage","WithHttp","mixinHttp","WithSession","mixinSession","WithOAuth","mixinOAuth","mixinCore","authStateManager","serviceManager","isLoginRedirect","originalUri","handleLoginRedirect","setTokens","getOriginalUri","parseOAuthResponseFromUrl","oAuthResponse","storeTokensFromRedirect","removeOriginalUri","restoreOriginalUri","location","url","href","responseMode","createCoreOptionsConstructor","createOAuthOptionsConstructor","createCoreStorageManager","createOAuthStorageManager","stringToBase64Url","str","base64ToBase64Url","btoa","b64","base64UrlToBase64","b64u","base64UrlToString","utf8","atob","stringToBuffer","buffer","Uint8Array","charCodeAt","base64UrlDecode","base64UrlToBuffer","bufferToBase64Url","bin","reduce","byte","String","fromCharCode","a","b","crypto","getOidcHash","TextEncoder","encode","webcrypto","arrayBuffer","firstHalf","hash","apply","verifyToken","clone","algo","use","cryptoKey","jwt","payload","b64Signature","signature","AuthApiError","xhr","meta","errorSummary","errorCode","errorLink","errorId","errorCauses","CustomError","AuthPollStopError","_isNativeReflectConstruct","t","valueOf","Reflect","construct","_wrapNativeSuper","r","Function","n","TypeError","Wrapper","p","setPrototypeOf","getPrototypeOf","constructor","enumerable","writable","configurable","OAuthError","summary","resp","error_description","WWWAuthError","scheme","parameters","UNKNOWN_ERROR","errorDescription","realm","header","match","regex","firstSpace","remaining","params","exec","headers","isFunction","isAuthApiError","isOAuthError","isWWWAuthError","isWindowsPhone","documentMode","getUserAgent","isFingerprintSupported","agent","test","isPopupPostMessageSupported","isIE8or9","isWebCryptoSubtleSupported","isTokenVerifySupported","hasTextEncoder","isPKCESupported","isHTTPS","protocol","isLocalhost","hostname","isDPoPSupported","isIOS","MSStream","OktaUserAgent","environments","SDK_VERSION","maybeAddNodeEnvironment","env","versions","version","setRequestHeader","authClient","headerName","headerValue","_oktaUserAgent","http","issuer","opts","toQueryString","appJsonContentTypeRegex","body","contentType","param","fetchPromise","global","fetch","crossFetch","credentials","withCredentials","finally","response","ok","json","text","readData","isObject","pair","responseText","responseType","responseJSON","formatResult","createHttpOptionsConstructor","transformErrorXHR","httpRequestClient","fetchRequest","httpRequestInterceptors","pollDelay","createStorageOptionsConstructor","trackDateDocumentBecameVisible","dateDocumentBecameVisible","formatError","serverErr","isString","wwwAuthHeader","wwwAuthErr","max_age","acr_values","httpRequest","interceptor","saveAuthnState","httpCache","storageManager","getHttpCache","pollingIntent","cacheResponse","cachedResponse","getHttpHeader","promise","ajaxOptions","waitForVisibleAndAwakenDocument","waitForAwakenDocument","recursiveFetch","retryCount","timeSinceDocumentIsVisible","pageVisibilityHandler","retryableFetch","isArray","item","stateToken","updateStorage","isAbsoluteUrl","getIssuerOrigin","post","postOptions","BaseTransaction","oktaAuth","rest","sendRequest","TransactionClass","accessTokenObj","atToken","requestUrl","startsWith","httpOptions","dpop","getDPoPAuthorizationHeaders","Authorization","Dpop","generateRequestFnFromLinks","methodName","links","link","hints","allow","ProfileTransaction","createdAt","modifiedAt","profile","ProfileSchemaTransaction","properties","getProfile","updateProfile","getProfileSchema","EmailStatusTransaction","EmailChallengeTransaction","_links","poll","verify","EmailTransaction","roles","challenge","getEmails","getEmail","addEmail","deleteEmail","sendEmailChallenge","getEmailChallenge","emailId","challengeId","verifyEmailChallenge","PhoneTransaction","getPhones","getPhone","addPhone","deletePhone","sendPhoneChallenge","verifyPhoneChallenge","PasswordTransaction","created","lastUpdated","PasswordStatus","enroll","update","getPassword","enrollPassword","updatePassword","deletePassword","createOktaAuthMyAccount","TransactionManager","Core","mixinMyAccount","myaccount","MyAccountMethods","acc","EmailRole","Status","SdkClock","localOffset","parseInt","DEFAULT_OPTIONS","clearPendingRemoveTokens","expireEarlySeconds","TokenManager","storageOptions","getTokenStorage","clock","expireTimeouts","renewPromise","setExpireEventTimeoutAll","clearExpireEventTimeoutAll","getExpireTime","freshToken","EVENT_ERROR","clearTimeout","hasOwnProperty","expireTime","expireEventWait","max","expireEventTimeout","emitExpired","tokenStorage","validateToken","emitSetStorageEvent","getSync","isAccessToken","isIDToken","accessTokenCb","idTokenCb","refreshTokenCb","handleTokenCallback","getTokenType","handleAdded","handleRemoved","existingTokens","newToken","existingToken","removedToken","shouldRenew","refreshKey","renewTokens","tokenKey","clearStorage","removedTokens","pendingRemove","MAX_ENTRY_LIFETIME","createTransactionManager","enableSharedStorage","saveLastResponse","transactionStorage","getTransactionStorage","clearSharedStorage","sharedStorage","getSharedTansactionStorage","clearTransactionFromSharedStorage","isTransactionMeta","muteWarning","dateCreated","saveTransactionToSharedStorage","load","entry","loadTransactionFromSharedStorage","decodeToken","decodedToken","INDEXEDDB_NAME","DB_KEY","isDPoPNonceError","createJwt","claims","signingKey","head","algorithm","cryptoRandomValue","byteLen","v","generateKeyPair","modulusLength","publicExponent","hashAccessToken","invokeStoreMethod","req","store","storeKeyPair","pairId","keyPair","findKeyPair","clearDPoPKeyPair","clearAllDPoPKeyPairs","createDPoPKeyPair","keyPairId","clearDPoPKeyPairAfterRevoke","revokedToken","shouldClear","tokenType","dpopPairId","generateDPoPProof","nonce","publicKey","kty","crv","x","y","alg","typ","jwk","htm","htu","iat","jti","ath","privateKey","generateDPoPForTokenRequest","convertTokenParamsToOAuthParams","tokenParams","oauthParams","codeChallenge","codeChallengeMethod","display","idp","idpScope","loginHint","maxAge","prompt","redirectUri","sessionToken","acrValues","enrollAmrValues","mayBeArray","scopes","scope","buildAuthorizeParams","oauthQueryParams","extraParams","validateOptions","authorizationCode","interactionCode","codeVerifier","getPostData","code","clientSecret","makeTokenRequest","dpopKeyPair","proof","DPoP","dpopNonce","postToTokenEndpoint","urls","tokenUrl","postRefreshToken","client_id","grant_type","refresh_token","getWellKnown","authServerUri","getKey","kid","wellKnown","jwksUri","cachedKey","exchangeCodeForTokens","getOAuthUrls","getDefaultTokenParams","ignoreSignature","getTokenOptions","handleResponseOptions","oauthResponse","handleOAuthResponse","tokenResponse","transactionManager","enrollAuthenticator","prepareEnrollAuthenticatorParams","createEnrollAuthenticatorMeta","authorizeUrl","save","setLocation","createTokenAPI","queue","useQueue","getWithRedirectFn","getWithRedirect","parseFromUrlFn","parseFromUrl","parseFromUrlApi","_getHistory","history","_getLocation","_getDocument","prepareTokenParams","getWithoutPrompt","getWithPopup","getWithIDPPopup","decode","revoke","revokeToken","renewToken","renewTokensWithRefresh","getUserInfo","accessTokenObject","idTokenObject","introspect","oidcIntrospect","createEndpoints","authorize","createOktaAuthOAuth","getToken","popupWindow","idpPopup","iframePromise","addPostMessageListener","timeout","iframeEl","loadFrame","contains","parentElement","removeChild","oauthPromise","closePoller","setInterval","clearInterval","idpPromise","addIDPPopupLisenter","getTokens","userinfoUrl","userInfo","sub","initialPath","loadPopup","generateState","cancelPromise","createOAuthMeta","validateResponse","pkce","interaction_code","dpopOptions","allowBearerTokens","token_type","tokenDict","expiresIn","expires_in","access_token","id_token","accessJwt","Number","idJwt","idTokenObj","exp","validationParams","hintMap","kind","TokenKind","iss","introspectUrl","introspection_endpoint","authHeader","token_type_hint","_get","getOwnPropertyDescriptor","WithOriginalUri","browserStorage","getOriginalUriStorage","PKCE","generateVerifier","computeChallenge","handleLogin","_tokenQueue","endpoints","onExpiredToken","shouldRemove","additionalParams","setOriginalUri","hasResponseType","accessTokenKey","refreshTokenKey","postLogoutRedirectUri","logoutUrl","idTokenHint","logoutUri","defaultUri","origin","currentUri","revokeAccessToken","revokeRefreshToken","getSignOutRedirectUrl","closeSession","sessionClosed","URL","searchParams","append","clearTokensBeforeRedirect","addPendingRemoveFlags","wwwAuth","wwwErr","RegExp","assertValidConfig","removeTrailingSlash","revokeUrl","toAbsoluteUrl","ignoreLifetime","maxClockSkew","getResponseMode","defaultResponseMode","paramStr","nativeLoc","search","urlParamsToObject","cleanOAuthResponseFromUrl","nativeHistory","nativeDoc","replaceState","title","pathname","removeSearch","removeHash","isInteractionRequiredError","throwInvalidTokenError","getSingleToken","originalToken","refreshTokenObject","renewTokenParams","endpointParams","isSameRefreshToken","updateRefreshToken","isRefreshTokenInvalidError","removeRefreshToken","creds","storageManagerOptions","getOptionsForSection","logServerSideMemoryStorageWarning","SavedObject","BaseStorageManager","isToken","isObjectWithProperties","isOAuthTransactionMeta","isPKCETransactionMeta","isIdxTransactionMeta","interactionHandle","isCustomAuthTransactionMeta","DEFAULT_TIMEOUT","addListener","eventTarget","attachEvent","removeListener","detachEvent","src","iframe","createElement","style","appendChild","popupTitle","responseHandler","timeoutId","isTrusted","getDefaultEnrollAuthenticatorParams","defaultRedirectUri","generateNonce","isAuthorizationCodeError","errorResponse","hasTokensInHash","hasAuthorizationCode","hashOrSearch","hasInteractionCode","hasErrorInUrl","isRedirectUri","uri","authParams","isCodeFlow","getHashOrSearch","codeFlow","isInteractionRequired","genRandomString","getIssuer","getOAuthBaseUrl","getOAuthDomain","baseUrl","oauthMeta","dec2hex","dec","substr","prefix","verifier","ceil","prepareParams","assertPKCESupport","errorMessage","validateCodeChallengeMethod","preparePKCE","defaults","isRefreshTokenError","plus2space","paramSplit","fragment","charAt","validateClaims","aud","acr","configuredIssuer","validationOptions","sdkCrypto","at_hash","sessionExists","session","getSession","omit","refresh","getLink","user","refreshSession","setCookieAndRedirect","redirectUrl","checkAccountSetupComplete","createSessionApi","exists","sectionName","overrideOptions","storageTypes","idx","storageName","storageString","StorageManager","STORAGE_MANAGER_OPTIONS","cache","cookieSettings","getCookieSettings","running","thisObject","queueItem","isPromise","getNativeConsole","nativeConsole","deprecate","deprecateWrap","isoToUTCString","isoTime","UTC","randomCharset","delay","split2","delim","splice","ctx","additionalArgs","extend","obj1","prop","cleaned","newobj","props","collection","found","linkName","altName","isNumber","toRelativeUrl","trimmed","CancelError","reason","executor","_cancelHandlers","_isPending","_isCanceled","_rejectOnCancel","_promise","_reject","defineProperties","boolean","onFulfilled","onRejected","onFinally","userFn","arguments_","__self__","F","DOMException","support","iterable","blob","Blob","formData","viewClasses","isArrayBufferView","ArrayBuffer","isView","normalizeName","normalizeValue","iteratorFor","items","done","Headers","getOwnPropertyNames","consumed","bodyUsed","fileReaderReady","reader","onload","readBlobAsArrayBuffer","FileReader","readAsArrayBuffer","bufferClone","buf","view","byteLength","Body","_initBody","_bodyInit","_bodyText","isPrototypeOf","_bodyBlob","FormData","_bodyFormData","URLSearchParams","DataView","_bodyArrayBuffer","rejected","readAsText","chars","readArrayBufferAsText","oldValue","callback","thisArg","Request","input","upcased","mode","toUpperCase","referrer","form","trim","bytes","Response","bodyInit","statusText","redirectStatuses","redirect","RangeError","stack","aborted","XMLHttpRequest","abortXhr","rawHeaders","getAllResponseHeaders","line","responseURL","ontimeout","onabort","onreadystatechange","readyState","send","polyfill","defineProperty","ponyfill","E","once","evtArr","len","evts","liveEvents","ReferenceError","__esModule","isNativeReflectConstruct","toPropertyKey","_defineProperties","_getPrototypeOf","__proto__","_typeof","assertThisInitialized","_regeneratorRuntime","asyncIterator","u","toStringTag","wrap","Generator","Context","makeInvokeMethod","tryCatch","arg","h","l","f","GeneratorFunction","GeneratorFunctionPrototype","d","g","defineIteratorMethods","_invoke","AsyncIterator","invoke","__await","callInvokeWithMethodAndArg","delegate","maybeInvokeDelegate","sent","_sent","dispatchException","abrupt","resultName","nextLoc","pushTryEntry","tryLoc","catchLoc","finallyLoc","afterLoc","tryEntries","resetTryEntry","completion","reset","isNaN","displayName","isGeneratorFunction","mark","awrap","async","reverse","pop","prev","rval","handle","complete","delegateYield","_setPrototypeOf","toPrimitive","isNativeFunction","runtime","regeneratorRuntime","accidentalStrictMode","globalThis","_arrayLikeToArray","_assertThisInitialized","asyncGeneratorStep","_asyncToGenerator","_next","_throw","_classCallCheck","_createClass","_defineProperty","_inherits","_objectWithoutProperties","getOwnPropertySymbols","propertyIsEnumerable","_possibleConstructorReturn","_slicedToArray","unsupportedIterableToArray","_toConsumableArray","arrayLikeToArray","_unsupportedIterableToArray","__webpack_module_cache__","__webpack_require__","moduleId","cachedModule","__webpack_modules__","getter","definition","OktaAuth"],"sourceRoot":""}