@onkernel/sdk 0.30.0 → 0.32.0

package/resources/auth/connections.d.mts

@@ -0,0 +1,688 @@
+import { APIResource } from "../../core/resource.mjs";
+import * as Shared from "../shared.mjs";
+import * as AuthAPI from "../agents/auth/auth.mjs";
+import { APIPromise } from "../../core/api-promise.mjs";
+import { OffsetPagination, type OffsetPaginationParams, PagePromise } from "../../core/pagination.mjs";
+import { Stream } from "../../core/streaming.mjs";
+import { RequestOptions } from "../../internal/request-options.mjs";
+export declare class Connections extends APIResource {
+    /**
+     * Creates managed authentication for a profile and domain combination. Returns 409
+     * Conflict if managed auth already exists for the given profile and domain.
+     *
+     * @example
+     * ```ts
+     * const managedAuth = await client.auth.connections.create({
+     *   domain: 'netflix.com',
+     *   profile_name: 'user-123',
+     * });
+     * ```
+     */
+    create(body: ConnectionCreateParams, options?: RequestOptions): APIPromise<ManagedAuth>;
+    /**
+     * Retrieve managed auth by its ID. Includes current flow state if a login is in
+     * progress.
+     *
+     * @example
+     * ```ts
+     * const managedAuth = await client.auth.connections.retrieve(
+     *   'id',
+     * );
+     * ```
+     */
+    retrieve(id: string, options?: RequestOptions): APIPromise<ManagedAuth>;
+    /**
+     * List managed auths with optional filters for profile_name and domain.
+     *
+     * @example
+     * ```ts
+     * // Automatically fetches more pages as needed.
+     * for await (const managedAuth of client.auth.connections.list()) {
+     *   // ...
+     * }
+     * ```
+     */
+    list(query?: ConnectionListParams | null | undefined, options?: RequestOptions): PagePromise<ManagedAuthsOffsetPagination, ManagedAuth>;
+    /**
+     * Deletes managed auth and terminates its workflow. This will:
+     *
+     * - Delete the managed auth record
+     * - Terminate the Temporal workflow
+     * - Cancel any in-progress login flows
+     *
+     * @example
+     * ```ts
+     * await client.auth.connections.delete('id');
+     * ```
+     */
+    delete(id: string, options?: RequestOptions): APIPromise<void>;
+    /**
+     * Establishes a Server-Sent Events (SSE) stream that delivers real-time login flow
+     * state updates. The stream terminates automatically once the flow reaches a
+     * terminal state (SUCCESS, FAILED, EXPIRED, CANCELED).
+     *
+     * @example
+     * ```ts
+     * const response = await client.auth.connections.follow('id');
+     * ```
+     */
+    follow(id: string, options?: RequestOptions): APIPromise<Stream<ConnectionFollowResponse>>;
+    /**
+     * Starts a login flow for the managed auth. Returns immediately with a hosted URL
+     * for the user to complete authentication, or triggers automatic re-auth if
+     * credentials are stored.
+     *
+     * @example
+     * ```ts
+     * const loginResponse = await client.auth.connections.login(
+     *   'id',
+     * );
+     * ```
+     */
+    login(id: string, body?: ConnectionLoginParams | null | undefined, options?: RequestOptions): APIPromise<LoginResponse>;
+    /**
+     * Submits field values for the login form. Poll the managed auth to track progress
+     * and get results.
+     *
+     * @example
+     * ```ts
+     * const submitFieldsResponse =
+     *   await client.auth.connections.submit('id', {
+     *     fields: {
+     *       email: 'user@example.com',
+     *       password: 'secret',
+     *     },
+     *   });
+     * ```
+     */
+    submit(id: string, body: ConnectionSubmitParams, options?: RequestOptions): APIPromise<SubmitFieldsResponse>;
+}
+export type ManagedAuthsOffsetPagination = OffsetPagination<ManagedAuth>;
+/**
+ * Request to start a login flow
+ */
+export interface LoginRequest {
+    /**
+     * If provided, saves credentials under this name upon successful login
+     */
+    save_credential_as?: string;
+}
+/**
+ * Response from starting a login flow
+ */
+export interface LoginResponse {
+    /**
+     * Managed auth ID
+     */
+    id: string;
+    /**
+     * When the login flow expires
+     */
+    flow_expires_at: string;
+    /**
+     * Type of login flow started
+     */
+    flow_type: 'LOGIN' | 'REAUTH';
+    /**
+     * URL to redirect user to for login
+     */
+    hosted_url: string;
+    /**
+     * One-time code for handoff (internal use)
+     */
+    handoff_code?: string;
+    /**
+     * Browser live view URL for watching the login flow
+     */
+    live_view_url?: string;
+}
+/**
+ * Managed authentication that keeps a profile logged into a specific domain. Flow
+ * fields (flow_status, flow_step, discovered_fields, mfa_options) reflect the most
+ * recent login flow and are null when no flow has been initiated.
+ */
+export interface ManagedAuth {
+    /**
+     * Unique identifier for the managed auth
+     */
+    id: string;
+    /**
+     * Target domain for authentication
+     */
+    domain: string;
+    /**
+     * Name of the profile associated with this managed auth
+     */
+    profile_name: string;
+    /**
+     * Current authentication status of the managed profile
+     */
+    status: 'AUTHENTICATED' | 'NEEDS_AUTH';
+    /**
+     * Additional domains that are valid for this auth flow (besides the primary
+     * domain). Useful when login pages redirect to different domains.
+     *
+     * The following SSO/OAuth provider domains are automatically allowed by default
+     * and do not need to be specified:
+     *
+     * - Google: accounts.google.com
+     * - Microsoft/Azure AD: login.microsoftonline.com, login.live.com
+     * - Okta: _.okta.com, _.oktapreview.com
+     * - Auth0: _.auth0.com, _.us.auth0.com, _.eu.auth0.com, _.au.auth0.com
+     * - Apple: appleid.apple.com
+     * - GitHub: github.com
+     * - Facebook/Meta: www.facebook.com
+     * - LinkedIn: www.linkedin.com
+     * - Amazon Cognito: \*.amazoncognito.com
+     * - OneLogin: \*.onelogin.com
+     * - Ping Identity: _.pingone.com, _.pingidentity.com
+     */
+    allowed_domains?: Array<string>;
+    /**
+     * Whether automatic re-authentication is possible (has credential, selectors, and
+     * login_url)
+     */
+    can_reauth?: boolean;
+    /**
+     * Reason why automatic re-authentication is or is not possible
+     */
+    can_reauth_reason?: string;
+    /**
+     * Reference to credentials for managed auth. Use one of:
+     *
+     * - { name } for Kernel credentials
+     * - { provider, path } for external provider item
+     * - { provider, auto: true } for external provider domain lookup
+     */
+    credential?: ManagedAuth.Credential;
+    /**
+     * Fields awaiting input (present when flow_step=awaiting_input)
+     */
+    discovered_fields?: Array<AuthAPI.DiscoveredField> | null;
+    /**
+     * Error message (present when flow_status=failed)
+     */
+    error_message?: string | null;
+    /**
+     * Instructions for external action (present when
+     * flow_step=awaiting_external_action)
+     */
+    external_action_message?: string | null;
+    /**
+     * When the current flow expires (null when no flow in progress)
+     */
+    flow_expires_at?: string | null;
+    /**
+     * Current flow status (null when no flow in progress)
+     */
+    flow_status?: 'IN_PROGRESS' | 'SUCCESS' | 'FAILED' | 'EXPIRED' | 'CANCELED' | null;
+    /**
+     * Current step in the flow (null when no flow in progress)
+     */
+    flow_step?: 'DISCOVERING' | 'AWAITING_INPUT' | 'AWAITING_EXTERNAL_ACTION' | 'SUBMITTING' | 'COMPLETED' | null;
+    /**
+     * Type of the current flow (null when no flow in progress)
+     */
+    flow_type?: 'LOGIN' | 'REAUTH' | null;
+    /**
+     * Interval in seconds between automatic health checks. When set, the system
+     * periodically verifies the authentication status and triggers re-authentication
+     * if needed. Must be between 300 (5 minutes) and 86400 (24 hours). Default is 3600
+     * (1 hour).
+     */
+    health_check_interval?: number | null;
+    /**
+     * URL to redirect user to for hosted login (present when flow in progress)
+     */
+    hosted_url?: string | null;
+    /**
+     * When the profile was last successfully authenticated
+     */
+    last_auth_at?: string;
+    /**
+     * Browser live view URL for debugging (present when flow in progress)
+     */
+    live_view_url?: string | null;
+    /**
+     * MFA method options (present when flow_step=awaiting_input and MFA selection
+     * required)
+     */
+    mfa_options?: Array<ManagedAuth.MfaOption> | null;
+    /**
+     * SSO buttons available (present when flow_step=awaiting_input)
+     */
+    pending_sso_buttons?: Array<ManagedAuth.PendingSSOButton> | null;
+    /**
+     * URL where the browser landed after successful login
+     */
+    post_login_url?: string;
+    /**
+     * SSO provider being used (e.g., google, github, microsoft)
+     */
+    sso_provider?: string | null;
+    /**
+     * Visible error message from the website (e.g., 'Incorrect password'). Present
+     * when the website displays an error during login.
+     */
+    website_error?: string | null;
+}
+export declare namespace ManagedAuth {
+    /**
+     * Reference to credentials for managed auth. Use one of:
+     *
+     * - { name } for Kernel credentials
+     * - { provider, path } for external provider item
+     * - { provider, auto: true } for external provider domain lookup
+     */
+    interface Credential {
+        /**
+         * If true, lookup by domain from the specified provider
+         */
+        auto?: boolean;
+        /**
+         * Kernel credential name
+         */
+        name?: string;
+        /**
+         * Provider-specific path (e.g., "VaultName/ItemName" for 1Password)
+         */
+        path?: string;
+        /**
+         * External provider name (e.g., "my-1p")
+         */
+        provider?: string;
+    }
+    /**
+     * An MFA method option for verification
+     */
+    interface MfaOption {
+        /**
+         * The visible option text
+         */
+        label: string;
+        /**
+         * The MFA delivery method type (includes password for auth method selection pages)
+         */
+        type: 'sms' | 'call' | 'email' | 'totp' | 'push' | 'password';
+        /**
+         * Additional instructions from the site
+         */
+        description?: string | null;
+        /**
+         * The masked destination (phone/email) if shown
+         */
+        target?: string | null;
+    }
+    /**
+     * An SSO button for signing in with an external identity provider
+     */
+    interface PendingSSOButton {
+        /**
+         * Visible button text
+         */
+        label: string;
+        /**
+         * Identity provider name
+         */
+        provider: string;
+        /**
+         * XPath selector for the button
+         */
+        selector: string;
+    }
+}
+/**
+ * Request to create managed auth for a profile and domain
+ */
+export interface ManagedAuthCreateRequest {
+    /**
+     * Domain for authentication
+     */
+    domain: string;
+    /**
+     * Name of the profile to manage authentication for
+     */
+    profile_name: string;
+    /**
+     * Additional domains valid for this auth flow (besides the primary domain). Useful
+     * when login pages redirect to different domains.
+     *
+     * The following SSO/OAuth provider domains are automatically allowed by default
+     * and do not need to be specified:
+     *
+     * - Google: accounts.google.com
+     * - Microsoft/Azure AD: login.microsoftonline.com, login.live.com
+     * - Okta: _.okta.com, _.oktapreview.com
+     * - Auth0: _.auth0.com, _.us.auth0.com, _.eu.auth0.com, _.au.auth0.com
+     * - Apple: appleid.apple.com
+     * - GitHub: github.com
+     * - Facebook/Meta: www.facebook.com
+     * - LinkedIn: www.linkedin.com
+     * - Amazon Cognito: \*.amazoncognito.com
+     * - OneLogin: \*.onelogin.com
+     * - Ping Identity: _.pingone.com, _.pingidentity.com
+     */
+    allowed_domains?: Array<string>;
+    /**
+     * Reference to credentials for managed auth. Use one of:
+     *
+     * - { name } for Kernel credentials
+     * - { provider, path } for external provider item
+     * - { provider, auto: true } for external provider domain lookup
+     */
+    credential?: ManagedAuthCreateRequest.Credential;
+    /**
+     * Interval in seconds between automatic health checks. When set, the system
+     * periodically verifies the authentication status and triggers re-authentication
+     * if needed. Must be between 300 (5 minutes) and 86400 (24 hours). Default is 3600
+     * (1 hour).
+     */
+    health_check_interval?: number;
+    /**
+     * Optional login page URL to skip discovery
+     */
+    login_url?: string;
+    /**
+     * Optional proxy configuration
+     */
+    proxy?: ManagedAuthCreateRequest.Proxy;
+}
+export declare namespace ManagedAuthCreateRequest {
+    /**
+     * Reference to credentials for managed auth. Use one of:
+     *
+     * - { name } for Kernel credentials
+     * - { provider, path } for external provider item
+     * - { provider, auto: true } for external provider domain lookup
+     */
+    interface Credential {
+        /**
+         * If true, lookup by domain from the specified provider
+         */
+        auto?: boolean;
+        /**
+         * Kernel credential name
+         */
+        name?: string;
+        /**
+         * Provider-specific path (e.g., "VaultName/ItemName" for 1Password)
+         */
+        path?: string;
+        /**
+         * External provider name (e.g., "my-1p")
+         */
+        provider?: string;
+    }
+    /**
+     * Optional proxy configuration
+     */
+    interface Proxy {
+        /**
+         * ID of the proxy to use
+         */
+        proxy_id?: string;
+    }
+}
+/**
+ * Request to submit field values for login
+ */
+export interface SubmitFieldsRequest {
+    /**
+     * Map of field name to value
+     */
+    fields: {
+        [key: string]: string;
+    };
+    /**
+     * Optional MFA option ID if user selected an MFA method
+     */
+    mfa_option_id?: string;
+    /**
+     * Optional XPath selector if user chose to click an SSO button instead
+     */
+    sso_button_selector?: string;
+}
+/**
+ * Response from submitting field values
+ */
+export interface SubmitFieldsResponse {
+    /**
+     * Whether the submission was accepted for processing
+     */
+    accepted: boolean;
+}
+/**
+ * Union type representing any managed auth event.
+ */
+export type ConnectionFollowResponse = ConnectionFollowResponse.ManagedAuthStateEvent | Shared.ErrorEvent | Shared.HeartbeatEvent;
+export declare namespace ConnectionFollowResponse {
+    /**
+     * An event representing the current state of a managed auth flow.
+     */
+    interface ManagedAuthStateEvent {
+        /**
+         * Event type identifier (always "managed_auth_state").
+         */
+        event: 'managed_auth_state';
+        /**
+         * Current flow status.
+         */
+        flow_status: 'IN_PROGRESS' | 'SUCCESS' | 'FAILED' | 'EXPIRED' | 'CANCELED';
+        /**
+         * Current step in the flow.
+         */
+        flow_step: 'DISCOVERING' | 'AWAITING_INPUT' | 'AWAITING_EXTERNAL_ACTION' | 'SUBMITTING' | 'COMPLETED';
+        /**
+         * Time the state was reported.
+         */
+        timestamp: string;
+        /**
+         * Fields awaiting input (present when flow_step=AWAITING_INPUT).
+         */
+        discovered_fields?: Array<AuthAPI.DiscoveredField>;
+        /**
+         * Error message (present when flow_status=FAILED).
+         */
+        error_message?: string;
+        /**
+         * Instructions for external action (present when
+         * flow_step=AWAITING_EXTERNAL_ACTION).
+         */
+        external_action_message?: string;
+        /**
+         * Type of the current flow.
+         */
+        flow_type?: 'LOGIN' | 'REAUTH';
+        /**
+         * URL to redirect user to for hosted login.
+         */
+        hosted_url?: string;
+        /**
+         * Browser live view URL for debugging.
+         */
+        live_view_url?: string;
+        /**
+         * MFA method options (present when flow_step=AWAITING_INPUT and MFA selection
+         * required).
+         */
+        mfa_options?: Array<ManagedAuthStateEvent.MfaOption>;
+        /**
+         * SSO buttons available (present when flow_step=AWAITING_INPUT).
+         */
+        pending_sso_buttons?: Array<ManagedAuthStateEvent.PendingSSOButton>;
+        /**
+         * URL where the browser landed after successful login.
+         */
+        post_login_url?: string;
+        /**
+         * Visible error message from the website (e.g., 'Incorrect password'). Present
+         * when the website displays an error during login.
+         */
+        website_error?: string;
+    }
+    namespace ManagedAuthStateEvent {
+        /**
+         * An MFA method option for verification
+         */
+        interface MfaOption {
+            /**
+             * The visible option text
+             */
+            label: string;
+            /**
+             * The MFA delivery method type (includes password for auth method selection pages)
+             */
+            type: 'sms' | 'call' | 'email' | 'totp' | 'push' | 'password';
+            /**
+             * Additional instructions from the site
+             */
+            description?: string | null;
+            /**
+             * The masked destination (phone/email) if shown
+             */
+            target?: string | null;
+        }
+        /**
+         * An SSO button for signing in with an external identity provider
+         */
+        interface PendingSSOButton {
+            /**
+             * Visible button text
+             */
+            label: string;
+            /**
+             * Identity provider name
+             */
+            provider: string;
+            /**
+             * XPath selector for the button
+             */
+            selector: string;
+        }
+    }
+}
+export interface ConnectionCreateParams {
+    /**
+     * Domain for authentication
+     */
+    domain: string;
+    /**
+     * Name of the profile to manage authentication for
+     */
+    profile_name: string;
+    /**
+     * Additional domains valid for this auth flow (besides the primary domain). Useful
+     * when login pages redirect to different domains.
+     *
+     * The following SSO/OAuth provider domains are automatically allowed by default
+     * and do not need to be specified:
+     *
+     * - Google: accounts.google.com
+     * - Microsoft/Azure AD: login.microsoftonline.com, login.live.com
+     * - Okta: _.okta.com, _.oktapreview.com
+     * - Auth0: _.auth0.com, _.us.auth0.com, _.eu.auth0.com, _.au.auth0.com
+     * - Apple: appleid.apple.com
+     * - GitHub: github.com
+     * - Facebook/Meta: www.facebook.com
+     * - LinkedIn: www.linkedin.com
+     * - Amazon Cognito: \*.amazoncognito.com
+     * - OneLogin: \*.onelogin.com
+     * - Ping Identity: _.pingone.com, _.pingidentity.com
+     */
+    allowed_domains?: Array<string>;
+    /**
+     * Reference to credentials for managed auth. Use one of:
+     *
+     * - { name } for Kernel credentials
+     * - { provider, path } for external provider item
+     * - { provider, auto: true } for external provider domain lookup
+     */
+    credential?: ConnectionCreateParams.Credential;
+    /**
+     * Interval in seconds between automatic health checks. When set, the system
+     * periodically verifies the authentication status and triggers re-authentication
+     * if needed. Must be between 300 (5 minutes) and 86400 (24 hours). Default is 3600
+     * (1 hour).
+     */
+    health_check_interval?: number;
+    /**
+     * Optional login page URL to skip discovery
+     */
+    login_url?: string;
+    /**
+     * Optional proxy configuration
+     */
+    proxy?: ConnectionCreateParams.Proxy;
+}
+export declare namespace ConnectionCreateParams {
+    /**
+     * Reference to credentials for managed auth. Use one of:
+     *
+     * - { name } for Kernel credentials
+     * - { provider, path } for external provider item
+     * - { provider, auto: true } for external provider domain lookup
+     */
+    interface Credential {
+        /**
+         * If true, lookup by domain from the specified provider
+         */
+        auto?: boolean;
+        /**
+         * Kernel credential name
+         */
+        name?: string;
+        /**
+         * Provider-specific path (e.g., "VaultName/ItemName" for 1Password)
+         */
+        path?: string;
+        /**
+         * External provider name (e.g., "my-1p")
+         */
+        provider?: string;
+    }
+    /**
+     * Optional proxy configuration
+     */
+    interface Proxy {
+        /**
+         * ID of the proxy to use
+         */
+        proxy_id?: string;
+    }
+}
+export interface ConnectionListParams extends OffsetPaginationParams {
+    /**
+     * Filter by domain
+     */
+    domain?: string;
+    /**
+     * Filter by profile name
+     */
+    profile_name?: string;
+}
+export interface ConnectionLoginParams {
+    /**
+     * If provided, saves credentials under this name upon successful login
+     */
+    save_credential_as?: string;
+}
+export interface ConnectionSubmitParams {
+    /**
+     * Map of field name to value
+     */
+    fields: {
+        [key: string]: string;
+    };
+    /**
+     * Optional MFA option ID if user selected an MFA method
+     */
+    mfa_option_id?: string;
+    /**
+     * Optional XPath selector if user chose to click an SSO button instead
+     */
+    sso_button_selector?: string;
+}
+export declare namespace Connections {
+    export { type LoginRequest as LoginRequest, type LoginResponse as LoginResponse, type ManagedAuth as ManagedAuth, type ManagedAuthCreateRequest as ManagedAuthCreateRequest, type SubmitFieldsRequest as SubmitFieldsRequest, type SubmitFieldsResponse as SubmitFieldsResponse, type ConnectionFollowResponse as ConnectionFollowResponse, type ManagedAuthsOffsetPagination as ManagedAuthsOffsetPagination, type ConnectionCreateParams as ConnectionCreateParams, type ConnectionListParams as ConnectionListParams, type ConnectionLoginParams as ConnectionLoginParams, type ConnectionSubmitParams as ConnectionSubmitParams, };
+}
+//# sourceMappingURL=connections.d.mts.map

package/resources/auth/connections.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"connections.d.mts","sourceRoot":"","sources":["../../src/resources/auth/connections.ts"],"names":[],"mappings":"OAEO,EAAE,WAAW,EAAE;OACf,KAAK,MAAM;OACX,KAAK,OAAO;OACZ,EAAE,UAAU,EAAE;OACd,EAAE,gBAAgB,EAAE,KAAK,sBAAsB,EAAE,WAAW,EAAE;OAC9D,EAAE,MAAM,EAAE;OAEV,EAAE,cAAc,EAAE;AAGzB,qBAAa,WAAY,SAAQ,WAAW;IAC1C;;;;;;;;;;;OAWG;IACH,MAAM,CAAC,IAAI,EAAE,sBAAsB,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,UAAU,CAAC,WAAW,CAAC;IAIvF;;;;;;;;;;OAUG;IACH,QAAQ,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,UAAU,CAAC,WAAW,CAAC;IAIvE;;;;;;;;;;OAUG;IACH,IAAI,CACF,KAAK,GAAE,oBAAoB,GAAG,IAAI,GAAG,SAAc,EACnD,OAAO,CAAC,EAAE,cAAc,GACvB,WAAW,CAAC,4BAA4B,EAAE,WAAW,CAAC;IAIzD;;;;;;;;;;;OAWG;IACH,MAAM,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,UAAU,CAAC,IAAI,CAAC;IAO9D;;;;;;;;;OASG;IACH,MAAM,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,UAAU,CAAC,MAAM,CAAC,wBAAwB,CAAC,CAAC;IAQ1F;;;;;;;;;;;OAWG;IACH,KAAK,CACH,EAAE,EAAE,MAAM,EACV,IAAI,GAAE,qBAAqB,GAAG,IAAI,GAAG,SAAc,EACnD,OAAO,CAAC,EAAE,cAAc,GACvB,UAAU,CAAC,aAAa,CAAC;IAI5B;;;;;;;;;;;;;;OAcG;IACH,MAAM,CACJ,EAAE,EAAE,MAAM,EACV,IAAI,EAAE,sBAAsB,EAC5B,OAAO,CAAC,EAAE,cAAc,GACvB,UAAU,CAAC,oBAAoB,CAAC;CAGpC;AAED,MAAM,MAAM,4BAA4B,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;AAEzE;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,EAAE,EAAE,MAAM,CAAC;IAEX;;OAEG;IACH,eAAe,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,SAAS,EAAE,OAAO,GAAG,QAAQ,CAAC;IAE9B;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;;;GAIG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,EAAE,EAAE,MAAM,CAAC;IAEX;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,MAAM,EAAE,eAAe,GAAG,YAAY,CAAC;IAEvC;;;;;;;;;;;;;;;;;;OAkBG;IACH,eAAe,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAEhC;;;OAGG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB;;OAEG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B;;;;;;OAMG;IACH,UAAU,CAAC,EAAE,WAAW,CAAC,UAAU,CAAC;IAEpC;;OAEG;IACH,iBAAiB,CAAC,EAAE,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC;IAE1D;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE9B;;;OAGG;IACH,uBAAuB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAExC;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEhC;;OAEG;IACH,WAAW,CAAC,EAAE,aAAa,GAAG,SAAS,GAAG,QAAQ,GAAG,SAAS,GAAG,UAAU,GAAG,IAAI,CAAC;IAEnF;;OAEG;IACH,SAAS,CAAC,EACN,aAAa,GACb,gBAAgB,GAChB,0BAA0B,GAC1B,YAAY,GACZ,WAAW,GACX,IAAI,CAAC;IAET;;OAEG;IACH,SAAS,CAAC,EAAE,OAAO,GAAG,QAAQ,GAAG,IAAI,CAAC;IAEtC;;;;;OAKG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEtC;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE3B;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE9B;;;OAGG;IACH,WAAW,CAAC,EAAE,KAAK,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC;IAElD;;OAEG;IACH,mBAAmB,CAAC,EAAE,KAAK,CAAC,WAAW,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;IAEjE;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE7B;;;OAGG;IACH,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED,yBAAiB,WAAW,CAAC;IAC3B;;;;;;OAMG;IACH,UAAiB,UAAU;QACzB;;WAEG;QACH,IAAI,CAAC,EAAE,OAAO,CAAC;QAEf;;WAEG;QACH,IAAI,CAAC,EAAE,MAAM,CAAC;QAEd;;WAEG;QACH,IAAI,CAAC,EAAE,MAAM,CAAC;QAEd;;WAEG;QACH,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB;IAED;;OAEG;IACH,UAAiB,SAAS;QACxB;;WAEG;QACH,KAAK,EAAE,MAAM,CAAC;QAEd;;WAEG;QACH,IAAI,EAAE,KAAK,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;QAE9D;;WAEG;QACH,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAE5B;;WAEG;QACH,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;KACxB;IAED;;OAEG;IACH,UAAiB,gBAAgB;QAC/B;;WAEG;QACH,KAAK,EAAE,MAAM,CAAC;QAEd;;WAEG;QACH,QAAQ,EAAE,MAAM,CAAC;QAEjB;;WAEG;QACH,QAAQ,EAAE,MAAM,CAAC;KAClB;CACF;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;;;;;;;;;;;;;;;;;OAkBG;IACH,eAAe,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAEhC;;;;;;OAMG;IACH,UAAU,CAAC,EAAE,wBAAwB,CAAC,UAAU,CAAC;IAEjD;;;;;OAKG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,KAAK,CAAC,EAAE,wBAAwB,CAAC,KAAK,CAAC;CACxC;AAED,yBAAiB,wBAAwB,CAAC;IACxC;;;;;;OAMG;IACH,UAAiB,UAAU;QACzB;;WAEG;QACH,IAAI,CAAC,EAAE,OAAO,CAAC;QAEf;;WAEG;QACH,IAAI,CAAC,EAAE,MAAM,CAAC;QAEd;;WAEG;QACH,IAAI,CAAC,EAAE,MAAM,CAAC;QAEd;;WAEG;QACH,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB;IAED;;OAEG;IACH,UAAiB,KAAK;QACpB;;WAEG;QACH,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB;CACF;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC;;OAEG;IACH,MAAM,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,CAAC;IAElC;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,MAAM,wBAAwB,GAChC,wBAAwB,CAAC,qBAAqB,GAC9C,MAAM,CAAC,UAAU,GACjB,MAAM,CAAC,cAAc,CAAC;AAE1B,yBAAiB,wBAAwB,CAAC;IACxC;;OAEG;IACH,UAAiB,qBAAqB;QACpC;;WAEG;QACH,KAAK,EAAE,oBAAoB,CAAC;QAE5B;;WAEG;QACH,WAAW,EAAE,aAAa,GAAG,SAAS,GAAG,QAAQ,GAAG,SAAS,GAAG,UAAU,CAAC;QAE3E;;WAEG;QACH,SAAS,EAAE,aAAa,GAAG,gBAAgB,GAAG,0BAA0B,GAAG,YAAY,GAAG,WAAW,CAAC;QAEtG;;WAEG;QACH,SAAS,EAAE,MAAM,CAAC;QAElB;;WAEG;QACH,iBAAiB,CAAC,EAAE,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAEnD;;WAEG;QACH,aAAa,CAAC,EAAE,MAAM,CAAC;QAEvB;;;WAGG;QACH,uBAAuB,CAAC,EAAE,MAAM,CAAC;QAEjC;;WAEG;QACH,SAAS,CAAC,EAAE,OAAO,GAAG,QAAQ,CAAC;QAE/B;;WAEG;QACH,UAAU,CAAC,EAAE,MAAM,CAAC;QAEpB;;WAEG;QACH,aAAa,CAAC,EAAE,MAAM,CAAC;QAEvB;;;WAGG;QACH,WAAW,CAAC,EAAE,KAAK,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAC;QAErD;;WAEG;QACH,mBAAmB,CAAC,EAAE,KAAK,CAAC,qBAAqB,CAAC,gBAAgB,CAAC,CAAC;QAEpE;;WAEG;QACH,cAAc,CAAC,EAAE,MAAM,CAAC;QAExB;;;WAGG;QACH,aAAa,CAAC,EAAE,MAAM,CAAC;KACxB;IAED,UAAiB,qBAAqB,CAAC;QACrC;;WAEG;QACH,UAAiB,SAAS;YACxB;;eAEG;YACH,KAAK,EAAE,MAAM,CAAC;YAEd;;eAEG;YACH,IAAI,EAAE,KAAK,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;YAE9D;;eAEG;YACH,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;YAE5B;;eAEG;YACH,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;SACxB;QAED;;WAEG;QACH,UAAiB,gBAAgB;YAC/B;;eAEG;YACH,KAAK,EAAE,MAAM,CAAC;YAEd;;eAEG;YACH,QAAQ,EAAE,MAAM,CAAC;YAEjB;;eAEG;YACH,QAAQ,EAAE,MAAM,CAAC;SAClB;KACF;CACF;AAED,MAAM,WAAW,sBAAsB;IACrC;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;;;;;;;;;;;;;;;;;OAkBG;IACH,eAAe,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAEhC;;;;;;OAMG;IACH,UAAU,CAAC,EAAE,sBAAsB,CAAC,UAAU,CAAC;IAE/C;;;;;OAKG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAE/B;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,KAAK,CAAC,EAAE,sBAAsB,CAAC,KAAK,CAAC;CACtC;AAED,yBAAiB,sBAAsB,CAAC;IACtC;;;;;;OAMG;IACH,UAAiB,UAAU;QACzB;;WAEG;QACH,IAAI,CAAC,EAAE,OAAO,CAAC;QAEf;;WAEG;QACH,IAAI,CAAC,EAAE,MAAM,CAAC;QAEd;;WAEG;QACH,IAAI,CAAC,EAAE,MAAM,CAAC;QAEd;;WAEG;QACH,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB;IAED;;OAEG;IACH,UAAiB,KAAK;QACpB;;WAEG;QACH,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB;CACF;AAED,MAAM,WAAW,oBAAqB,SAAQ,sBAAsB;IAClE;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,sBAAsB;IACrC;;OAEG;IACH,MAAM,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,CAAC;IAElC;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED,MAAM,CAAC,OAAO,WAAW,WAAW,CAAC;IACnC,OAAO,EACL,KAAK,YAAY,IAAI,YAAY,EACjC,KAAK,aAAa,IAAI,aAAa,EACnC,KAAK,WAAW,IAAI,WAAW,EAC/B,KAAK,wBAAwB,IAAI,wBAAwB,EACzD,KAAK,mBAAmB,IAAI,mBAAmB,EAC/C,KAAK,oBAAoB,IAAI,oBAAoB,EACjD,KAAK,wBAAwB,IAAI,wBAAwB,EACzD,KAAK,4BAA4B,IAAI,4BAA4B,EACjE,KAAK,sBAAsB,IAAI,sBAAsB,EACrD,KAAK,oBAAoB,IAAI,oBAAoB,EACjD,KAAK,qBAAqB,IAAI,qBAAqB,EACnD,KAAK,sBAAsB,IAAI,sBAAsB,GACtD,CAAC;CACH"}