@point3/logto-module 1.1.1 → 1.1.2

package/dist/stateless/guard.js

@@ -1,69 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-var __param = (this && this.__param) || function (paramIndex, decorator) {
-    return function (target, key) { decorator(target, key, paramIndex); }
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.LogtoTokenGuard = exports.LogtoTokenGuardToken = void 0;
-const common_1 = require("@nestjs/common");
-const core_1 = require("@nestjs/core");
-const jose_1 = require("jose");
-const point3_common_tool_1 = require("point3-common-tool");
-const token_1 = require("../token");
-exports.LogtoTokenGuardToken = Symbol('LogtoTokenGuard');
-let LogtoTokenGuard = class LogtoTokenGuard {
-    constructor(tokenVerifier) {
-        this.tokenVerifier = tokenVerifier;
-        this.reflector = new core_1.Reflector();
-    }
-    async canActivate(context) {
-        const requiredScopes = this.reflector.get('requiredScopes', context.getHandler());
-        const requiredRoles = this.reflector.get('requiredRoles', context.getHandler());
-        const request = context.switchToHttp().getRequest();
-        try {
-            const bearerToken = this.extractBearerTokenFrom(request.headers);
-            const result = await this.tokenVerifier.verifyToken(bearerToken, requiredScopes, requiredRoles);
-            request.user = {
-                userId: result.sub,
-                managerId: point3_common_tool_1.p3Values.Guid.parse(result.managerId),
-                clientId: result.clientId ? point3_common_tool_1.p3Values.Guid.parse(result.clientId) : undefined,
-            };
-            return true;
-        }
-        catch (error) {
-            if (error instanceof common_1.UnauthorizedException)
-                throw error;
-            if (error instanceof jose_1.errors.JOSEError)
-                throw new common_1.UnauthorizedException(error);
-            if (error instanceof Error)
-                throw new common_1.InternalServerErrorException("요청을 처리하지 못하였습니다.", `${common_1.HttpStatus.INTERNAL_SERVER_ERROR}`);
-            throw new common_1.UnauthorizedException("접근이 허용되지 않습니다.");
-        }
-    }
-    extractBearerTokenFrom(headers) {
-        const bearerTokenIdentifier = 'Bearer';
-        if (!headers.authorization) {
-            throw new common_1.UnauthorizedException('Authorization header is missing');
-        }
-        if (!headers.authorization.startsWith(bearerTokenIdentifier)) {
-            throw new common_1.UnauthorizedException('Authorization token type not supported');
-        }
-        return headers.authorization.slice(bearerTokenIdentifier.length + 1);
-    }
-    ;
-};
-exports.LogtoTokenGuard = LogtoTokenGuard;
-exports.LogtoTokenGuard = LogtoTokenGuard = __decorate([
-    (0, common_1.Injectable)(),
-    __param(0, (0, common_1.Inject)(token_1.LogtoTokenVerifierToken)),
-    __metadata("design:paramtypes", [token_1.LogtoTokenVerifier])
-], LogtoTokenGuard);
-//# sourceMappingURL=guard.js.map

package/dist/stateless/guard.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"guard.js","sourceRoot":"","sources":["../../stateless/guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAQwB;AACxB,uCAAyC;AAGzC,+BAA8B;AAE9B,2DAA8C;AAC9C,oCAAuE;AAE1D,QAAA,oBAAoB,GAAG,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAGvD,IAAM,eAAe,GAArB,MAAM,eAAe;IAE1B,YAKE,aAAyC;QAAjC,kBAAa,GAAb,aAAa,CAAoB;QANnC,cAAS,GAAc,IAAI,gBAAS,EAAE,CAAC;IAO3C,CAAC;IAEL,KAAK,CAAC,WAAW,CAAC,OAAyB;QAEzC,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAW,gBAAgB,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;QAC5F,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAW,eAAe,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;QAE1F,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAGpD,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YACjE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,WAAW,EAAE,cAAc,EAAE,aAAa,CAAC,CAAC;YAGhG,OAAO,CAAC,IAAI,GAAG;gBACb,MAAM,EAAE,MAAM,CAAC,GAAG;gBAClB,SAAS,EAAE,6BAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC;gBAChD,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,6BAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;aAC7E,CAAA;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,8BAAqB;gBAAE,MAAM,KAAK,CAAC;YACxD,IAAI,KAAK,YAAY,aAAM,CAAC,SAAS;gBAAE,MAAM,IAAI,8BAAqB,CAAC,KAAK,CAAC,CAAC;YAC9E,IAAI,KAAK,YAAY,KAAK;gBAAE,MAAM,IAAI,qCAA4B,CAAC,kBAAkB,EAAE,GAAG,mBAAU,CAAC,qBAAqB,EAAE,CAAC,CAAC;YAE9H,MAAM,IAAI,8BAAqB,CAAC,gBAAgB,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IAQO,sBAAsB,CAAC,OAA4B;QACzD,MAAM,qBAAqB,GAAG,QAAQ,CAAC;QAEvC,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;YAC3B,MAAM,IAAI,8BAAqB,CAAC,iCAAiC,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,UAAU,CAAC,qBAAqB,CAAC,EAAE,CAAC;YAC7D,MAAM,IAAI,8BAAqB,CAAC,wCAAwC,CAAC,CAAC;QAC5E,CAAC;QAED,OAAO,OAAO,CAAC,aAAa,CAAC,KAAK,CAAC,qBAAqB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACvE,CAAC;IAAA,CAAC;CACH,CAAA;AAzDY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;IAOR,WAAA,IAAA,eAAM,EAAC,+BAAuB,CAAC,CAAA;qCACT,0BAAkB;GAPhC,eAAe,CAyD3B"}

package/dist/stateless/guard.spec.d.ts

@@ -1 +0,0 @@
-export {};

package/dist/stateless/guard.spec.js

@@ -1,210 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const testing_1 = require("@nestjs/testing");
-const common_1 = require("@nestjs/common");
-const core_1 = require("@nestjs/core");
-const guard_1 = require("./guard");
-const token_1 = require("../token");
-const point3_common_tool_1 = require("point3-common-tool");
-const client_1 = require("client");
-describe('LogtoTokenGuard 테스트', () => {
-    let guard;
-    let tokenUtil;
-    let reflector;
-    let logger;
-    const testToken = 'eyJhbGciOiJFUzM4NCIsInR5cCI6ImF0K2p3dCIsImtpZCI6ImxKUjU3SkFqVmV1dHk4eWljVzUtdFFySDM2WFl6NUlzWFhXSDVzeXV0dEEifQ.eyJ1c2VyUm9sZXMiOlsicDMtQ0lTTy0wIl0sIm1hbmFnZXJJZCI6Im1hbmFnZXItMDE5NjQ0NWMtOGVjNy03MDc4LWExNDItNGU3ZGI5YTRhYWVhIiwiY2xpZW50SWQiOiJwb2ludDMtMDE5NjNjODUtNDQ2ZS03NGM5LWFmNzktNDhlMjU0NjVjMzI3IiwianRpIjoiV0RYTmxoTWkwT0tHQ1pTRzFKZnBrIiwic3ViIjoieXVsaXVmdHNvMWQwIiwiaWF0IjoxNzQ5MDI0NzIzLCJleHAiOjE3NDkwMjgzMjMsInNjb3BlIjoiIiwiY2xpZW50X2lkIjoiNXFydmk5eW0wajJ0YTJ6YXBnbHU0IiwiaXNzIjoiaHR0cHM6Ly9sb2d0by5wb2ludDMuaW8vb2lkYyIsImF1ZCI6Imh0dHBzOi8vZGVmYXVsdC5sb2d0by5hcHAvYXBpIn0.nZdzvdxQ74m2oFEklVTfQlcqYBkRrRxtHQEgz1L6DjST9_9Wa7H7J1gKJVEjm8NnjFCQXljYM_hTVx1ABTmUgDrEKVjtHFVKUyPoSzxQitXexwmBZY5l8WdyqJDqAy8d';
-    const mockPayload = {
-        userRoles: ['p3-CISO-0'],
-        managerId: 'manager-0196445c-8ec7-7078-a142-4e7db9a4aaea',
-        clientId: 'point3-019663c85-446e-74c9-af79-48e25465c327',
-        jti: 'WDXNlhMi0OKGCZSG1Jfpk',
-        sub: 'yuliuftso1d0',
-        iat: 1749024723,
-        exp: 1749028323,
-        scope: '',
-        client_id: '5qrvi9ym0j2ta2zapglu4',
-        iss: 'https://logto.point3.io/oidc',
-        aud: 'https://default.logto.app/api'
-    };
-    beforeEach(async () => {
-        const mockTokenUtil = {
-            verifyToken: jest.fn(),
-        };
-        const mockReflector = {
-            get: jest.fn(),
-        };
-        const mockLogger = {
-            warn: jest.fn(),
-            error: jest.fn(),
-            log: jest.fn(),
-        };
-        const module = await testing_1.Test.createTestingModule({
-            providers: [
-                guard_1.LogtoTokenGuard,
-                {
-                    provide: token_1.LogtoTokenVerifierToken,
-                    useValue: mockTokenUtil,
-                },
-                {
-                    provide: core_1.Reflector,
-                    useValue: mockReflector,
-                },
-                {
-                    provide: client_1.LogtoLoggerServiceToken,
-                    useValue: mockLogger,
-                },
-            ],
-        }).compile();
-        guard = module.get(guard_1.LogtoTokenGuard);
-        tokenUtil = module.get(token_1.LogtoTokenVerifierToken);
-        reflector = module.get(core_1.Reflector);
-        logger = module.get(client_1.LogtoLoggerServiceToken);
-        jest.clearAllMocks();
-    });
-    const createMockExecutionContext = (headers = {}, route = { path: '/test' }) => {
-        const mockRequest = {
-            headers,
-            route,
-            user: undefined
-        };
-        return {
-            switchToHttp: () => ({
-                getRequest: () => mockRequest,
-                getResponse: jest.fn(),
-                getNext: jest.fn(),
-            }),
-            getHandler: jest.fn(),
-            getClass: jest.fn(),
-            getArgs: jest.fn(),
-            getArgByIndex: jest.fn(),
-            switchToRpc: jest.fn(),
-            switchToWs: jest.fn(),
-            getType: jest.fn(),
-        };
-    };
-    describe('🔐 성공적인 인증 테스트', () => {
-        it('유효한 토큰이 제공되었을 때 인증하고 사용자 데이터를 설정해야 함', async () => {
-            const context = createMockExecutionContext({
-                authorization: `Bearer ${testToken}`,
-            });
-            reflector.get
-                .mockReturnValueOnce(undefined)
-                .mockReturnValueOnce(['p3-CISO-0']);
-            tokenUtil.verifyToken.mockResolvedValueOnce(mockPayload);
-            const result = await guard.canActivate(context);
-            const request = context.switchToHttp().getRequest();
-            expect(result).toBe(true);
-            expect(tokenUtil.verifyToken).toHaveBeenCalledWith(testToken, undefined, ['p3-CISO-0']);
-            expect(request.user).toEqual({
-                userId: 'yuliuftso1d0',
-                managerId: expect.objectContaining({
-                    toString: expect.any(Function)
-                }),
-                clientId: expect.objectContaining({
-                    toString: expect.any(Function)
-                }),
-            });
-            expect(request.user.managerId.toString()).toContain('manager');
-            expect(request.user.managerId.toString()).toContain('0196445c-8ec7-7078-a142-4e7db9a4aaea');
-            expect(request.user.clientId.toString()).toContain('point3');
-            expect(request.user.clientId.toString()).toContain('019663c85-446e-74c9-af79-48e25465c327');
-        });
-        it('필수 스코프나 역할이 없을 때도 동작해야 함', async () => {
-            const context = createMockExecutionContext({
-                authorization: `Bearer ${testToken}`,
-            });
-            reflector.get
-                .mockReturnValueOnce(undefined)
-                .mockReturnValueOnce(undefined);
-            tokenUtil.verifyToken.mockResolvedValueOnce(mockPayload);
-            const result = await guard.canActivate(context);
-            expect(result).toBe(true);
-            expect(tokenUtil.verifyToken).toHaveBeenCalledWith(testToken, undefined, undefined);
-        });
-    });
-    describe('🚫 토큰 추출 실패 테스트', () => {
-        it('Authorization 헤더가 없을 때 UnauthorizedException을 던져야 함', async () => {
-            const context = createMockExecutionContext({});
-            reflector.get
-                .mockReturnValueOnce(undefined)
-                .mockReturnValueOnce(['p3-CISO-0']);
-            await expect(guard.canActivate(context)).rejects.toThrow(common_1.UnauthorizedException);
-            await expect(guard.canActivate(context)).rejects.toThrow('Authorization header is missing');
-        });
-        it('Authorization 헤더가 Bearer가 아닐 때 UnauthorizedException을 던져야 함', async () => {
-            const context = createMockExecutionContext({
-                authorization: 'Basic sometoken',
-            });
-            reflector.get
-                .mockReturnValueOnce(undefined)
-                .mockReturnValueOnce(['p3-CISO-0']);
-            await expect(guard.canActivate(context)).rejects.toThrow(common_1.UnauthorizedException);
-            await expect(guard.canActivate(context)).rejects.toThrow('Authorization token type not supported');
-        });
-        it('Bearer 헤더에서 토큰을 올바르게 추출해야 함', async () => {
-            const context = createMockExecutionContext({
-                authorization: `Bearer ${testToken}`,
-            });
-            reflector.get
-                .mockReturnValueOnce(undefined)
-                .mockReturnValueOnce(['p3-CISO-0']);
-            tokenUtil.verifyToken.mockResolvedValueOnce(mockPayload);
-            await guard.canActivate(context);
-            expect(tokenUtil.verifyToken).toHaveBeenCalledWith(testToken, undefined, ['p3-CISO-0']);
-        });
-    });
-    describe('❌ 토큰 검증 실패 테스트', () => {
-        it('토큰 검증에서 UnauthorizedException이 발생하면 다시 던져야 함', async () => {
-            const context = createMockExecutionContext({
-                authorization: `Bearer ${testToken}`,
-            });
-            reflector.get
-                .mockReturnValueOnce(undefined)
-                .mockReturnValueOnce(['p3-CISO-0']);
-            const authError = new common_1.UnauthorizedException('Invalid token');
-            tokenUtil.verifyToken.mockRejectedValueOnce(authError);
-            await expect(guard.canActivate(context)).rejects.toThrow(common_1.UnauthorizedException);
-        });
-        it('다른 에러가 발생하면 일반적인 에러 메시지를 던져야 함', async () => {
-            const context = createMockExecutionContext({
-                authorization: `Bearer ${testToken}`,
-            });
-            reflector.get
-                .mockReturnValueOnce(undefined)
-                .mockReturnValueOnce(['p3-CISO-0']);
-            tokenUtil.verifyToken.mockRejectedValueOnce(new Error('Some other error'));
-            await expect(guard.canActivate(context)).rejects.toThrow('요청을 처리하지 못하였습니다.');
-        });
-    });
-    describe('🔍 실제 JWT 토큰 분석', () => {
-        it('제공된 JWT 토큰의 페이로드를 올바르게 디코딩해야 함', () => {
-            const [header, payload, signature] = testToken.split('.');
-            const decodedPayload = JSON.parse(Buffer.from(payload, 'base64url').toString());
-            console.log('🔍 디코딩된 토큰 페이로드:');
-            console.log(JSON.stringify(decodedPayload, null, 2));
-            expect(decodedPayload.userRoles).toEqual(['p3-CISO-0']);
-            expect(decodedPayload.managerId).toBe('manager-0196445c-8ec7-7078-a142-4e7db9a4aaea');
-            expect(decodedPayload.clientId).toBe('point3-01963c85-446e-74c9-af79-48e25465c327');
-            expect(decodedPayload.sub).toBe('yuliuftso1d0');
-            expect(decodedPayload.iss).toBe('https://logto.point3.io/oidc');
-            const expirationDate = new Date(decodedPayload.exp * 1000);
-            const issuedDate = new Date(decodedPayload.iat * 1000);
-            console.log(`📅 토큰 발급 시간: ${issuedDate.toISOString()}`);
-            console.log(`⏰ 토큰 만료 시간: ${expirationDate.toISOString()}`);
-            console.log(`🏢 발급자: ${decodedPayload.iss}`);
-            console.log(`👤 사용자 역할: ${decodedPayload.userRoles.join(', ')}`);
-        });
-        it('토큰에서 추출된 GUID 값들이 올바른 형식인지 확인해야 함', () => {
-            const [header, payload, signature] = testToken.split('.');
-            const decodedPayload = JSON.parse(Buffer.from(payload, 'base64url').toString());
-            const managerId = point3_common_tool_1.p3Values.Guid.parse(decodedPayload.managerId);
-            expect(managerId.Prefix == 'manager');
-            const clientId = point3_common_tool_1.p3Values.Guid.parse(decodedPayload.clientId);
-            expect(clientId.Prefix == 'point3');
-            console.log('✅ GUID 형식 검증 완료:');
-            console.log(`   Manager ID: ${managerId.toString()}`);
-            console.log(`   Client ID: ${clientId.toString()}`);
-        });
-    });
-});
-//# sourceMappingURL=guard.spec.js.map

package/dist/stateless/guard.spec.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"guard.spec.js","sourceRoot":"","sources":["../../stateless/guard.spec.ts"],"names":[],"mappings":";;AAAA,6CAAsD;AACtD,2CAAwF;AACxF,uCAAyC;AAEzC,mCAA0C;AAC1C,oCAGkB;AAElB,2DAA8C;AAC9C,mCAAiD;AAEjD,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,IAAI,KAAsB,CAAC;IAC3B,IAAI,SAA0C,CAAC;IAC/C,IAAI,SAAiC,CAAC;IACtC,IAAI,MAAkC,CAAC;IAGvC,MAAM,SAAS,GAAG,qsBAAqsB,CAAC;IAGxtB,MAAM,WAAW,GAAuB;QACtC,SAAS,EAAE,CAAC,WAAW,CAAC;QACxB,SAAS,EAAE,8CAA8C;QACzD,QAAQ,EAAE,8CAA8C;QACxD,GAAG,EAAE,uBAAuB;QAC5B,GAAG,EAAE,cAAc;QACnB,GAAG,EAAE,UAAU;QACf,GAAG,EAAE,UAAU;QACf,KAAK,EAAE,EAAE;QACT,SAAS,EAAE,uBAAuB;QAClC,GAAG,EAAE,8BAA8B;QACnC,GAAG,EAAE,+BAA+B;KACrC,CAAC;IAEF,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,MAAM,aAAa,GAAG;YACpB,WAAW,EAAE,IAAI,CAAC,EAAE,EAAE;SACvB,CAAC;QAEF,MAAM,aAAa,GAAG;YACpB,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE;SACf,CAAC;QAEF,MAAM,UAAU,GAAG;YACjB,IAAI,EAAE,IAAI,CAAC,EAAE,EAAE;YACf,KAAK,EAAE,IAAI,CAAC,EAAE,EAAE;YAChB,GAAG,EAAE,IAAI,CAAC,EAAE,EAAE;SACf,CAAC;QAEF,MAAM,MAAM,GAAkB,MAAM,cAAI,CAAC,mBAAmB,CAAC;YAC3D,SAAS,EAAE;gBACT,uBAAe;gBACf;oBACE,OAAO,EAAE,+BAAuB;oBAChC,QAAQ,EAAE,aAAa;iBACxB;gBACD;oBACE,OAAO,EAAE,gBAAS;oBAClB,QAAQ,EAAE,aAAa;iBACxB;gBACD;oBACE,OAAO,EAAE,gCAAuB;oBAChC,QAAQ,EAAE,UAAU;iBACrB;aACF;SACF,CAAC,CAAC,OAAO,EAAE,CAAC;QAEb,KAAK,GAAG,MAAM,CAAC,GAAG,CAAkB,uBAAe,CAAC,CAAC;QACrD,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,+BAAuB,CAAC,CAAC;QAChD,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,gBAAS,CAAC,CAAC;QAClC,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,gCAAuB,CAAC,CAAC;QAG7C,IAAI,CAAC,aAAa,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,MAAM,0BAA0B,GAAG,CAAC,UAAe,EAAE,EAAE,QAAa,EAAE,IAAI,EAAE,OAAO,EAAE,EAAoB,EAAE;QACzG,MAAM,WAAW,GAAG;YAClB,OAAO;YACP,KAAK;YACL,IAAI,EAAE,SAAS;SAChB,CAAC;QAEF,OAAO;YACL,YAAY,EAAE,GAAG,EAAE,CAAC,CAAC;gBACnB,UAAU,EAAE,GAAG,EAAE,CAAC,WAAW;gBAC7B,WAAW,EAAE,IAAI,CAAC,EAAE,EAAE;gBACtB,OAAO,EAAE,IAAI,CAAC,EAAE,EAAE;aACnB,CAAC;YACF,UAAU,EAAE,IAAI,CAAC,EAAE,EAAE;YACrB,QAAQ,EAAE,IAAI,CAAC,EAAE,EAAE;YACnB,OAAO,EAAE,IAAI,CAAC,EAAE,EAAE;YAClB,aAAa,EAAE,IAAI,CAAC,EAAE,EAAE;YACxB,WAAW,EAAE,IAAI,CAAC,EAAE,EAAE;YACtB,UAAU,EAAE,IAAI,CAAC,EAAE,EAAE;YACrB,OAAO,EAAE,IAAI,CAAC,EAAE,EAAE;SACC,CAAC;IACxB,CAAC,CAAC;IAEF,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;YAEpD,MAAM,OAAO,GAAG,0BAA0B,CAAC;gBACzC,aAAa,EAAE,UAAU,SAAS,EAAE;aACrC,CAAC,CAAC;YAGH,SAAS,CAAC,GAAG;iBACV,mBAAmB,CAAC,SAAS,CAAC;iBAC9B,mBAAmB,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;YAGtC,SAAS,CAAC,WAAW,CAAC,qBAAqB,CAAC,WAAW,CAAC,CAAC;YAGzD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YAChD,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;YAGpD,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1B,MAAM,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,oBAAoB,CAChD,SAAS,EACT,SAAS,EACT,CAAC,WAAW,CAAC,CACd,CAAC;YAGF,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC;gBAC3B,MAAM,EAAE,cAAc;gBACtB,SAAS,EAAE,MAAM,CAAC,gBAAgB,CAAC;oBACjC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;iBAC/B,CAAC;gBACF,QAAQ,EAAE,MAAM,CAAC,gBAAgB,CAAC;oBAChC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;iBAC/B,CAAC;aACH,CAAC,CAAC;YAGH,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;YAC/D,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC,SAAS,CAAC,sCAAsC,CAAC,CAAC;YAC5F,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAC7D,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC,SAAS,CAAC,uCAAuC,CAAC,CAAC;QAC9F,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0BAA0B,EAAE,KAAK,IAAI,EAAE;YAExC,MAAM,OAAO,GAAG,0BAA0B,CAAC;gBACzC,aAAa,EAAE,UAAU,SAAS,EAAE;aACrC,CAAC,CAAC;YAGH,SAAS,CAAC,GAAG;iBACV,mBAAmB,CAAC,SAAS,CAAC;iBAC9B,mBAAmB,CAAC,SAAS,CAAC,CAAC;YAGlC,SAAS,CAAC,WAAW,CAAC,qBAAqB,CAAC,WAAW,CAAC,CAAC;YAGzD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YAGhD,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1B,MAAM,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,oBAAoB,CAChD,SAAS,EACT,SAAS,EACT,SAAS,CACV,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;YAEnE,MAAM,OAAO,GAAG,0BAA0B,CAAC,EAAE,CAAC,CAAC;YAE/C,SAAS,CAAC,GAAG;iBACV,mBAAmB,CAAC,SAAS,CAAC;iBAC9B,mBAAmB,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;YAGtC,MAAM,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,8BAAqB,CAAC,CAAC;YAChF,MAAM,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,iCAAiC,CAAC,CAAC;QAC9F,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6DAA6D,EAAE,KAAK,IAAI,EAAE;YAE3E,MAAM,OAAO,GAAG,0BAA0B,CAAC;gBACzC,aAAa,EAAE,iBAAiB;aACjC,CAAC,CAAC;YAEH,SAAS,CAAC,GAAG;iBACV,mBAAmB,CAAC,SAAS,CAAC;iBAC9B,mBAAmB,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;YAGtC,MAAM,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,8BAAqB,CAAC,CAAC;YAChF,MAAM,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,wCAAwC,CAAC,CAAC;QACrG,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6BAA6B,EAAE,KAAK,IAAI,EAAE;YAE3C,MAAM,OAAO,GAAG,0BAA0B,CAAC;gBACzC,aAAa,EAAE,UAAU,SAAS,EAAE;aACrC,CAAC,CAAC;YAEH,SAAS,CAAC,GAAG;iBACV,mBAAmB,CAAC,SAAS,CAAC;iBAC9B,mBAAmB,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;YACtC,SAAS,CAAC,WAAW,CAAC,qBAAqB,CAAC,WAAW,CAAC,CAAC;YAGzD,MAAM,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YAGjC,MAAM,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,oBAAoB,CAChD,SAAS,EACT,SAAS,EACT,CAAC,WAAW,CAAC,CACd,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;YAE5D,MAAM,OAAO,GAAG,0BAA0B,CAAC;gBACzC,aAAa,EAAE,UAAU,SAAS,EAAE;aACrC,CAAC,CAAC;YAEH,SAAS,CAAC,GAAG;iBACV,mBAAmB,CAAC,SAAS,CAAC;iBAC9B,mBAAmB,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;YAEtC,MAAM,SAAS,GAAG,IAAI,8BAAqB,CAAC,eAAe,CAAC,CAAC;YAC7D,SAAS,CAAC,WAAW,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAC;YAGvD,MAAM,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,8BAAqB,CAAC,CAAC;QAClF,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;YAE9C,MAAM,OAAO,GAAG,0BAA0B,CAAC;gBACzC,aAAa,EAAE,UAAU,SAAS,EAAE;aACrC,CAAC,CAAC;YAEH,SAAS,CAAC,GAAG;iBACV,mBAAmB,CAAC,SAAS,CAAC;iBAC9B,mBAAmB,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;YAEtC,SAAS,CAAC,WAAW,CAAC,qBAAqB,CAAC,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC;YAG3E,MAAM,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAC/E,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YAExC,MAAM,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC1D,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;YAEhF,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YAChC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAGrD,MAAM,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;YACxD,MAAM,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;YACtF,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;YACpF,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAChD,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;YAGhE,MAAM,cAAc,GAAG,IAAI,IAAI,CAAC,cAAc,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;YAC3D,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,cAAc,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;YAEvD,OAAO,CAAC,GAAG,CAAC,gBAAgB,UAAU,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,eAAe,cAAc,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,WAAW,cAAc,CAAC,GAAG,EAAE,CAAC,CAAC;YAC7C,OAAO,CAAC,GAAG,CAAC,cAAc,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACnE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC1D,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;YAGhF,MAAM,SAAS,GAAG,6BAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;YAChE,MAAM,CAAC,SAAS,CAAC,MAAM,IAAI,SAAS,CAAC,CAAC;YAGtC,MAAM,QAAQ,GAAG,6BAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAC9D,MAAM,CAAC,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,CAAC;YAEpC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YAChC,OAAO,CAAC,GAAG,CAAC,kBAAkB,SAAS,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YACtD,OAAO,CAAC,GAAG,CAAC,iBAAiB,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/stateless/index.d.ts

@@ -1,2 +0,0 @@
-export * from "./guard";
-export * from "./decorator";

package/dist/stateless/index.js

@@ -1,19 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./guard"), exports);
-__exportStar(require("./decorator"), exports);
-//# sourceMappingURL=index.js.map

package/dist/stateless/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../stateless/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0CAAwB;AACxB,8CAA4B"}

package/dist/token/access-token.d.ts

@@ -1,31 +0,0 @@
-export declare class AccessToken {
-    static THRESHOLD_TIME: number;
-    accountId: string;
-    token: string;
-    expiresAt: Date;
-    constructor(accountId: string, token: string, expireInSeconds: number);
-    isExpired(): boolean;
-    toString(): string;
-}
-export type AccessTokenPayload = {
-    jti: string;
-    sub: string;
-    iat: number;
-    exp: number;
-    scope: string;
-    client_id: string;
-    iss: string;
-    aud: string;
-    userRoles: string[];
-    clientId: string;
-    managerId: string;
-    userScopes?: string[];
-};
-export type IdTokenPayload = {
-    sub: string;
-    email: string;
-    email_verified: boolean;
-    name: string;
-    phone_number: string;
-    username: string;
-};

package/dist/token/access-token.js

@@ -1,19 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AccessToken = void 0;
-class AccessToken {
-    constructor(accountId, token, expireInSeconds) {
-        this.accountId = accountId;
-        this.token = token;
-        this.expiresAt = new Date(Date.now() + expireInSeconds * 1000 - AccessToken.THRESHOLD_TIME);
-    }
-    isExpired() {
-        return this.expiresAt < new Date();
-    }
-    toString() {
-        return `AccessToken{accountId: ${this.accountId}, expiresAt: ${this.expiresAt}}`;
-    }
-}
-exports.AccessToken = AccessToken;
-AccessToken.THRESHOLD_TIME = 1000 * 60 * 10;
-//# sourceMappingURL=access-token.js.map

package/dist/token/access-token.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"access-token.js","sourceRoot":"","sources":["../../token/access-token.ts"],"names":[],"mappings":";;;AACA,MAAa,WAAW;IAOpB,YAAY,SAAiB,EAAE,KAAa,EAAE,eAAuB;QACjE,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,CACrB,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,GAAG,IAAI,GAAG,WAAW,CAAC,cAAc,CACnE,CAAC;IACN,CAAC;IAEM,SAAS;QACZ,OAAO,IAAI,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IACvC,CAAC;IAEM,QAAQ;QACX,OAAO,0BAA0B,IAAI,CAAC,SAAS,gBAAgB,IAAI,CAAC,SAAS,GAAG,CAAC;IACrF,CAAC;;AArBL,kCAsBC;AArBU,0BAAc,GAAG,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC"}

package/dist/token/index.d.ts

@@ -1,2 +0,0 @@
-export * from "./access-token";
-export * from "./verifier";

package/dist/token/index.js

@@ -1,19 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./access-token"), exports);
-__exportStar(require("./verifier"), exports);
-//# sourceMappingURL=index.js.map

package/dist/token/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../token/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA+B;AAC/B,6CAA2B"}

package/dist/token/verifier.d.ts

@@ -1,13 +0,0 @@
-import { LogtoVerifierConfig } from "../client/config";
-import * as token from "./access-token";
-export declare const LogtoTokenVerifierToken: unique symbol;
-export declare class LogtoTokenVerifier {
-    private readonly config;
-    constructor(config: LogtoVerifierConfig);
-    verifyToken(token: string): Promise<token.AccessTokenPayload>;
-    verifyToken(token: string, requiredScopes: string[], requiredRoles: string[]): Promise<token.AccessTokenPayload>;
-    verifyIdToken(token: string): Promise<token.IdTokenPayload>;
-    private shouldContainRequiredPrivileges;
-    private hasInsufficientScopes;
-    private hasInsufficientRoles;
-}

package/dist/token/verifier.js

@@ -1,56 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.LogtoTokenVerifier = exports.LogtoTokenVerifierToken = void 0;
-const common_1 = require("@nestjs/common");
-const jose_1 = require("jose");
-exports.LogtoTokenVerifierToken = Symbol.for("LogtoTokenVerifier");
-let LogtoTokenVerifier = class LogtoTokenVerifier {
-    constructor(config) {
-        this.config = config;
-    }
-    async verifyToken(token, requiredScopes, requiredRoles) {
-        if (!token)
-            throw new common_1.UnauthorizedException('엑세스 토큰이 존재하지 않습니다.');
-        const { payload } = await (0, jose_1.jwtVerify)(token, (0, jose_1.createRemoteJWKSet)(new URL(this.config.jwksUri)), { issuer: this.config.issuer });
-        const tokenPayload = payload;
-        if (requiredScopes || requiredRoles) {
-            this.shouldContainRequiredPrivileges(tokenPayload, requiredScopes, requiredRoles);
-        }
-        return tokenPayload;
-    }
-    async verifyIdToken(token) {
-        const { payload } = await (0, jose_1.jwtVerify)(token, (0, jose_1.createRemoteJWKSet)(new URL(this.config.jwksUri)), { issuer: this.config.issuer });
-        return payload;
-    }
-    shouldContainRequiredPrivileges(payload, requiredScopes, requiredRoles) {
-        const { userScopes, userRoles } = payload;
-        const scopes = userScopes?.flat() ?? [];
-        if (this.hasInsufficientScopes(requiredScopes, scopes)) {
-            throw new common_1.UnauthorizedException({ code: 'auth.insufficient_scope', status: 403 }, { cause: requiredScopes });
-        }
-        if (this.hasInsufficientRoles(requiredRoles, userRoles)) {
-            throw new common_1.UnauthorizedException({ code: 'auth.role_mismatch', status: 403 }, { cause: requiredRoles });
-        }
-    }
-    hasInsufficientScopes(requiredScopes, userScopes) {
-        return !!(requiredScopes && requiredScopes.length > 0 && !requiredScopes.every(scope => userScopes.includes(scope)));
-    }
-    hasInsufficientRoles(requiredRoles, userRoles) {
-        return !!(requiredRoles && requiredRoles.length > 0 && !requiredRoles.some(role => userRoles.includes(role)));
-    }
-};
-exports.LogtoTokenVerifier = LogtoTokenVerifier;
-exports.LogtoTokenVerifier = LogtoTokenVerifier = __decorate([
-    (0, common_1.Injectable)(),
-    __metadata("design:paramtypes", [Object])
-], LogtoTokenVerifier);
-//# sourceMappingURL=verifier.js.map

package/dist/token/verifier.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"verifier.js","sourceRoot":"","sources":["../../token/verifier.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAmE;AACnE,+BAAqD;AAKxC,QAAA,uBAAuB,GAAG,MAAM,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;AAGjE,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAC3B,YAA6B,MAA2B;QAA3B,WAAM,GAAN,MAAM,CAAqB;IAAI,CAAC;IAYtD,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,cAAyB,EAAE,aAAwB;QACvF,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,8BAAqB,CAAC,oBAAoB,CAAC,CAAC;QAElE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,gBAAS,EAC/B,KAAK,EAAE,IAAA,yBAAkB,EAAC,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EACvD,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CACjC,CAAC;QAEF,MAAM,YAAY,GAAG,OAAmC,CAAC;QAEzD,IAAI,cAAc,IAAI,aAAa,EAAE,CAAC;YAClC,IAAI,CAAC,+BAA+B,CAChC,YAAY,EAAE,cAAc,EAAE,aAAa,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,YAAY,CAAC;IACxB,CAAC;IAOM,KAAK,CAAC,aAAa,CAAC,KAAa;QACpC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,gBAAS,EAC/B,KAAK,EACL,IAAA,yBAAkB,EAAC,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EAChD,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CACjC,CAAC;QACF,OAAO,OAA+B,CAAC;IAC3C,CAAC;IAQO,+BAA+B,CACnC,OAAiC,EACjC,cAAyB,EACzB,aAAwB;QAExB,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;QAC1C,MAAM,MAAM,GAAG,UAAU,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QAExC,IAAI,IAAI,CAAC,qBAAqB,CAAC,cAAc,EAAE,MAAM,CAAC,EAAE,CAAC;YACrD,MAAM,IAAI,8BAAqB,CAC3B,EAAE,IAAI,EAAE,yBAAyB,EAAE,MAAM,EAAE,GAAG,EAAE,EAChD,EAAE,KAAK,EAAE,cAAc,EAAE,CAC5B,CAAC;QACN,CAAC;QAED,IAAI,IAAI,CAAC,oBAAoB,CAAC,aAAa,EAAE,SAAS,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,8BAAqB,CAC3B,EAAE,IAAI,EAAE,oBAAoB,EAAE,MAAM,EAAE,GAAG,EAAE,EAC3C,EAAE,KAAK,EAAE,aAAa,EAAE,CAC3B,CAAC;QACN,CAAC;IACL,CAAC;IAEO,qBAAqB,CAAC,cAAoC,EAAE,UAAoB;QACpF,OAAO,CAAC,CAAC,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACzH,CAAC;IAEO,oBAAoB,CAAC,aAAmC,EAAE,SAAmB;QACjF,OAAO,CAAC,CAAC,CAAC,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClH,CAAC;CACJ,CAAA;AAjFY,gDAAkB;6BAAlB,kBAAkB;IAD9B,IAAA,mBAAU,GAAE;;GACA,kBAAkB,CAiF9B"}