@privy-io/node 0.1.0-alpha.2

package/internal/utils/values.mjs

@@ -0,0 +1,94 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+import { PrivyAPIError } from "../../core/error.mjs";
+// https://url.spec.whatwg.org/#url-scheme-string
+const startsWithSchemeRegexp = /^[a-z][a-z0-9+.-]*:/i;
+export const isAbsoluteURL = (url) => {
+    return startsWithSchemeRegexp.test(url);
+};
+export let isArray = (val) => ((isArray = Array.isArray), isArray(val));
+export let isReadonlyArray = isArray;
+/** Returns an object if the given value isn't an object, otherwise returns as-is */
+export function maybeObj(x) {
+    if (typeof x !== 'object') {
+        return {};
+    }
+    return x ?? {};
+}
+// https://stackoverflow.com/a/34491287
+export function isEmptyObj(obj) {
+    if (!obj)
+        return true;
+    for (const _k in obj)
+        return false;
+    return true;
+}
+// https://eslint.org/docs/latest/rules/no-prototype-builtins
+export function hasOwn(obj, key) {
+    return Object.prototype.hasOwnProperty.call(obj, key);
+}
+export function isObj(obj) {
+    return obj != null && typeof obj === 'object' && !Array.isArray(obj);
+}
+export const ensurePresent = (value) => {
+    if (value == null) {
+        throw new PrivyAPIError(`Expected a value to be given but received ${value} instead.`);
+    }
+    return value;
+};
+export const validatePositiveInteger = (name, n) => {
+    if (typeof n !== 'number' || !Number.isInteger(n)) {
+        throw new PrivyAPIError(`${name} must be an integer`);
+    }
+    if (n < 0) {
+        throw new PrivyAPIError(`${name} must be a positive integer`);
+    }
+    return n;
+};
+export const coerceInteger = (value) => {
+    if (typeof value === 'number')
+        return Math.round(value);
+    if (typeof value === 'string')
+        return parseInt(value, 10);
+    throw new PrivyAPIError(`Could not coerce ${value} (type: ${typeof value}) into a number`);
+};
+export const coerceFloat = (value) => {
+    if (typeof value === 'number')
+        return value;
+    if (typeof value === 'string')
+        return parseFloat(value);
+    throw new PrivyAPIError(`Could not coerce ${value} (type: ${typeof value}) into a number`);
+};
+export const coerceBoolean = (value) => {
+    if (typeof value === 'boolean')
+        return value;
+    if (typeof value === 'string')
+        return value === 'true';
+    return Boolean(value);
+};
+export const maybeCoerceInteger = (value) => {
+    if (value === undefined) {
+        return undefined;
+    }
+    return coerceInteger(value);
+};
+export const maybeCoerceFloat = (value) => {
+    if (value === undefined) {
+        return undefined;
+    }
+    return coerceFloat(value);
+};
+export const maybeCoerceBoolean = (value) => {
+    if (value === undefined) {
+        return undefined;
+    }
+    return coerceBoolean(value);
+};
+export const safeJSON = (text) => {
+    try {
+        return JSON.parse(text);
+    }
+    catch (err) {
+        return undefined;
+    }
+};
+//# sourceMappingURL=values.mjs.map

package/internal/utils/values.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"values.mjs","sourceRoot":"","sources":["../../src/internal/utils/values.ts"],"names":[],"mappings":"AAAA,sFAAsF;OAE/E,EAAE,aAAa,EAAE;AAExB,iDAAiD;AACjD,MAAM,sBAAsB,GAAG,sBAAsB,CAAC;AAEtD,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,GAAW,EAAW,EAAE;IACpD,OAAO,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC1C,CAAC,CAAC;AAEF,MAAM,CAAC,IAAI,OAAO,GAAG,CAAC,GAAY,EAAoB,EAAE,CAAC,CAAC,CAAC,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;AACnG,MAAM,CAAC,IAAI,eAAe,GAAG,OAAsD,CAAC;AAEpF,oFAAoF;AACpF,MAAM,UAAU,QAAQ,CAAC,CAAU;IACjC,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,OAAO,CAAC,IAAI,EAAE,CAAC;AACjB,CAAC;AAED,uCAAuC;AACvC,MAAM,UAAU,UAAU,CAAC,GAA8B;IACvD,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IACtB,KAAK,MAAM,EAAE,IAAI,GAAG;QAAE,OAAO,KAAK,CAAC;IACnC,OAAO,IAAI,CAAC;AACd,CAAC;AAED,6DAA6D;AAC7D,MAAM,UAAU,MAAM,CAA4B,GAAM,EAAE,GAAgB;IACxE,OAAO,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;AACxD,CAAC;AAED,MAAM,UAAU,KAAK,CAAC,GAAY;IAChC,OAAO,GAAG,IAAI,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AACvE,CAAC;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,CAAI,KAA2B,EAAK,EAAE;IACjE,IAAI,KAAK,IAAI,IAAI,EAAE,CAAC;QAClB,MAAM,IAAI,aAAa,CAAC,6CAA6C,KAAK,WAAW,CAAC,CAAC;IACzF,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,IAAY,EAAE,CAAU,EAAU,EAAE;IAC1E,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC;QAClD,MAAM,IAAI,aAAa,CAAC,GAAG,IAAI,qBAAqB,CAAC,CAAC;IACxD,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACV,MAAM,IAAI,aAAa,CAAC,GAAG,IAAI,6BAA6B,CAAC,CAAC;IAChE,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,KAAc,EAAU,EAAE;IACtD,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IACxD,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAE1D,MAAM,IAAI,aAAa,CAAC,oBAAoB,KAAK,WAAW,OAAO,KAAK,iBAAiB,CAAC,CAAC;AAC7F,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,KAAc,EAAU,EAAE;IACpD,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC;IAExD,MAAM,IAAI,aAAa,CAAC,oBAAoB,KAAK,WAAW,OAAO,KAAK,iBAAiB,CAAC,CAAC;AAC7F,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,KAAc,EAAW,EAAE;IACvD,IAAI,OAAO,KAAK,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IAC7C,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,KAAK,MAAM,CAAC;IACvD,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC;AACxB,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,KAAc,EAAsB,EAAE;IACvE,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACxB,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC;AAC9B,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,KAAc,EAAsB,EAAE;IACrE,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACxB,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;AAC5B,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,KAAc,EAAuB,EAAE;IACxE,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACxB,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC;AAC9B,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,IAAY,EAAE,EAAE;IACvC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC,CAAC"}

package/internal/utils.d.mts

@@ -0,0 +1,7 @@
+export * from "./utils/values.mjs";
+export * from "./utils/base64.mjs";
+export * from "./utils/env.mjs";
+export * from "./utils/log.mjs";
+export * from "./utils/uuid.mjs";
+export * from "./utils/sleep.mjs";
+//# sourceMappingURL=utils.d.mts.map

package/internal/utils.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.mts","sourceRoot":"","sources":["../src/internal/utils.ts"],"names":[],"mappings":""}

package/internal/utils.d.ts

@@ -0,0 +1,7 @@
+export * from "./utils/values.js";
+export * from "./utils/base64.js";
+export * from "./utils/env.js";
+export * from "./utils/log.js";
+export * from "./utils/uuid.js";
+export * from "./utils/sleep.js";
+//# sourceMappingURL=utils.d.ts.map

package/internal/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../src/internal/utils.ts"],"names":[],"mappings":""}

package/internal/utils.js

@@ -0,0 +1,11 @@
+"use strict";
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("./tslib.js");
+tslib_1.__exportStar(require("./utils/values.js"), exports);
+tslib_1.__exportStar(require("./utils/base64.js"), exports);
+tslib_1.__exportStar(require("./utils/env.js"), exports);
+tslib_1.__exportStar(require("./utils/log.js"), exports);
+tslib_1.__exportStar(require("./utils/uuid.js"), exports);
+tslib_1.__exportStar(require("./utils/sleep.js"), exports);
+//# sourceMappingURL=utils.js.map

package/internal/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/internal/utils.ts"],"names":[],"mappings":";AAAA,sFAAsF;;;AAEtF,4DAA+B;AAC/B,4DAA+B;AAC/B,yDAA4B;AAC5B,yDAA4B;AAC5B,0DAA6B;AAC7B,2DAA8B"}

package/internal/utils.mjs

@@ -0,0 +1,8 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+export * from "./utils/values.mjs";
+export * from "./utils/base64.mjs";
+export * from "./utils/env.mjs";
+export * from "./utils/log.mjs";
+export * from "./utils/uuid.mjs";
+export * from "./utils/sleep.mjs";
+//# sourceMappingURL=utils.mjs.map

package/internal/utils.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.mjs","sourceRoot":"","sources":["../src/internal/utils.ts"],"names":[],"mappings":"AAAA,sFAAsF"}

package/lib/authorization.d.mts

@@ -0,0 +1,87 @@
+import { PrivyClient } from "../public-api/PrivyClient.mjs";
+/**
+ * The authorization context should contain:
+ * - Any authorization private keys that must sign the request
+ * - The JWTs for any users that must sign the request
+ * - Any additional signatures you have computed for the request
+ *
+ * The Privy client will accept the authorization context, sign the request given the parameters,
+ * and include all signatures in the privy-authorization-signature header to the API.
+ */
+export interface AuthorizationContext {
+    /**
+     * The private keys to use for authorization.
+     * These should be base64-encoded PKCS8-formatted private keys, with no PEM headers.
+     */
+    authorization_private_keys?: string[];
+    /**
+     * The JWTs for the users that should sign the request authorization.
+     * These should be valid JWTs for the user.
+     */
+    user_jwts?: string[];
+    /**
+     * The signatures that should be used for authorization.
+     * These should be base64-encoded signatures.
+     */
+    signatures?: string[];
+    /**
+     * Sign functions can be used to sign requests directly, by managing the private keys and signing
+     * logic externally.
+     *
+     * Sign functions should perform an ECDSA P-256 signature on the payload received, and return the
+     * base64-encoded signature.
+     */
+    sign_fns?: AuthorizationContext.SignFn[];
+}
+export declare namespace AuthorizationContext {
+    type SignFn = (payload: Uint8Array) => Promise<string>;
+}
+export type WalletApiRequestSignatureInput = {
+    /** Signature version. 1 is currently the only valid version. */
+    version: 1;
+    /** Request method. Signatures are not required on 'GET' requests. */
+    method: 'POST' | 'PUT' | 'PATCH' | 'DELETE';
+    /** URL for the request. Should not contain a trailing slash. */
+    url: string;
+    /** Request body. */
+    body: any;
+    /** Privy-specific headers. */
+    headers: {
+        'privy-app-id': string;
+        'privy-idempotency-key'?: string;
+    };
+};
+/**
+ * Formats the request payload into the expected authorization payload, canconicalizes it,
+ * and encodes the JSON string into bytes.
+ *
+ * @param request The request to be formatted.
+ * @return The raw bytes representing the authorization payload.
+ */
+export declare function formatRequestForAuthorizationSignature(input: WalletApiRequestSignatureInput): Uint8Array;
+/**
+ * Generates authorization signatures from the given authorization context and signable request.
+ * This method handles JWT exchange and private key signing.
+ *
+ * Manual signing of requests is intended for advanced use cases.
+ *
+ * @param authorizationContext The authorization context containing JWTs, private keys, and signatures.
+ * @param input The request payload to sign.
+ * @returns An array of authorization signatures.
+ */
+export declare function generateAuthorizationSignatures(client: PrivyClient, { authorizationContext, input, }: {
+    authorizationContext: AuthorizationContext;
+    input: WalletApiRequestSignatureInput;
+}): Promise<string[]>;
+/**
+ * Signs the given request with the provided private key.
+ *
+ * @param authorizationPrivateKey The base64-encoded PKCS8-formatted private key, with no PEM headers.
+ * @param input The request payload to sign, or one serialized using {@link formatRequestForAuthorizationSignature}.
+ * @return The authorization signature.
+ */
+export declare function generateAuthorizationSignature({ authorizationPrivateKey, input, }: {
+    authorizationPrivateKey: string;
+    input: WalletApiRequestSignatureInput | Uint8Array;
+}): string;
+//# sourceMappingURL=authorization.d.mts.map

package/lib/authorization.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorization.d.mts","sourceRoot":"","sources":["../src/lib/authorization.ts"],"names":[],"mappings":"OAKO,EAAE,WAAW,EAAE;AAEtB;;;;;;;;GAQG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,0BAA0B,CAAC,EAAE,MAAM,EAAE,CAAC;IACtC;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB;;;;;;OAMG;IACH,QAAQ,CAAC,EAAE,oBAAoB,CAAC,MAAM,EAAE,CAAC;CAC1C;AAED,yBAAiB,oBAAoB,CAAC;IACpC,KAAY,MAAM,GAAG,CAAC,OAAO,EAAE,UAAU,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;CAC/D;AAED,MAAM,MAAM,8BAA8B,GAAG;IAC3C,gEAAgE;IAChE,OAAO,EAAE,CAAC,CAAC;IACX,qEAAqE;IACrE,MAAM,EAAE,MAAM,GAAG,KAAK,GAAG,OAAO,GAAG,QAAQ,CAAC;IAC5C,gEAAgE;IAChE,GAAG,EAAE,MAAM,CAAC;IACZ,oBAAoB;IACpB,IAAI,EAAE,GAAG,CAAC;IACV,8BAA8B;IAC9B,OAAO,EAAE;QACP,cAAc,EAAE,MAAM,CAAC;QACvB,uBAAuB,CAAC,EAAE,MAAM,CAAC;KAClC,CAAC;CACH,CAAC;AAEF;;;;;;GAMG;AACH,wBAAgB,sCAAsC,CAAC,KAAK,EAAE,8BAA8B,GAAG,UAAU,CAYxG;AAED;;;;;;;;;GASG;AACH,wBAAsB,+BAA+B,CACnD,MAAM,EAAE,WAAW,EACnB,EACE,oBAAoB,EACpB,KAAK,GACN,EAAE;IACD,oBAAoB,EAAE,oBAAoB,CAAC;IAC3C,KAAK,EAAE,8BAA8B,CAAC;CACvC,GACA,OAAO,CAAC,MAAM,EAAE,CAAC,CA4BnB;AAED;;;;;;GAMG;AACH,wBAAgB,8BAA8B,CAAC,EAC7C,uBAAuB,EACvB,KAAK,GACN,EAAE;IACD,uBAAuB,EAAE,MAAM,CAAC;IAChC,KAAK,EAAE,8BAA8B,GAAG,UAAU,CAAC;CACpD,GAAG,MAAM,CAOT"}

package/lib/authorization.d.ts

@@ -0,0 +1,87 @@
+import { PrivyClient } from "../public-api/PrivyClient.js";
+/**
+ * The authorization context should contain:
+ * - Any authorization private keys that must sign the request
+ * - The JWTs for any users that must sign the request
+ * - Any additional signatures you have computed for the request
+ *
+ * The Privy client will accept the authorization context, sign the request given the parameters,
+ * and include all signatures in the privy-authorization-signature header to the API.
+ */
+export interface AuthorizationContext {
+    /**
+     * The private keys to use for authorization.
+     * These should be base64-encoded PKCS8-formatted private keys, with no PEM headers.
+     */
+    authorization_private_keys?: string[];
+    /**
+     * The JWTs for the users that should sign the request authorization.
+     * These should be valid JWTs for the user.
+     */
+    user_jwts?: string[];
+    /**
+     * The signatures that should be used for authorization.
+     * These should be base64-encoded signatures.
+     */
+    signatures?: string[];
+    /**
+     * Sign functions can be used to sign requests directly, by managing the private keys and signing
+     * logic externally.
+     *
+     * Sign functions should perform an ECDSA P-256 signature on the payload received, and return the
+     * base64-encoded signature.
+     */
+    sign_fns?: AuthorizationContext.SignFn[];
+}
+export declare namespace AuthorizationContext {
+    type SignFn = (payload: Uint8Array) => Promise<string>;
+}
+export type WalletApiRequestSignatureInput = {
+    /** Signature version. 1 is currently the only valid version. */
+    version: 1;
+    /** Request method. Signatures are not required on 'GET' requests. */
+    method: 'POST' | 'PUT' | 'PATCH' | 'DELETE';
+    /** URL for the request. Should not contain a trailing slash. */
+    url: string;
+    /** Request body. */
+    body: any;
+    /** Privy-specific headers. */
+    headers: {
+        'privy-app-id': string;
+        'privy-idempotency-key'?: string;
+    };
+};
+/**
+ * Formats the request payload into the expected authorization payload, canconicalizes it,
+ * and encodes the JSON string into bytes.
+ *
+ * @param request The request to be formatted.
+ * @return The raw bytes representing the authorization payload.
+ */
+export declare function formatRequestForAuthorizationSignature(input: WalletApiRequestSignatureInput): Uint8Array;
+/**
+ * Generates authorization signatures from the given authorization context and signable request.
+ * This method handles JWT exchange and private key signing.
+ *
+ * Manual signing of requests is intended for advanced use cases.
+ *
+ * @param authorizationContext The authorization context containing JWTs, private keys, and signatures.
+ * @param input The request payload to sign.
+ * @returns An array of authorization signatures.
+ */
+export declare function generateAuthorizationSignatures(client: PrivyClient, { authorizationContext, input, }: {
+    authorizationContext: AuthorizationContext;
+    input: WalletApiRequestSignatureInput;
+}): Promise<string[]>;
+/**
+ * Signs the given request with the provided private key.
+ *
+ * @param authorizationPrivateKey The base64-encoded PKCS8-formatted private key, with no PEM headers.
+ * @param input The request payload to sign, or one serialized using {@link formatRequestForAuthorizationSignature}.
+ * @return The authorization signature.
+ */
+export declare function generateAuthorizationSignature({ authorizationPrivateKey, input, }: {
+    authorizationPrivateKey: string;
+    input: WalletApiRequestSignatureInput | Uint8Array;
+}): string;
+//# sourceMappingURL=authorization.d.ts.map

package/lib/authorization.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorization.d.ts","sourceRoot":"","sources":["../src/lib/authorization.ts"],"names":[],"mappings":"OAKO,EAAE,WAAW,EAAE;AAEtB;;;;;;;;GAQG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,0BAA0B,CAAC,EAAE,MAAM,EAAE,CAAC;IACtC;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB;;;;;;OAMG;IACH,QAAQ,CAAC,EAAE,oBAAoB,CAAC,MAAM,EAAE,CAAC;CAC1C;AAED,yBAAiB,oBAAoB,CAAC;IACpC,KAAY,MAAM,GAAG,CAAC,OAAO,EAAE,UAAU,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;CAC/D;AAED,MAAM,MAAM,8BAA8B,GAAG;IAC3C,gEAAgE;IAChE,OAAO,EAAE,CAAC,CAAC;IACX,qEAAqE;IACrE,MAAM,EAAE,MAAM,GAAG,KAAK,GAAG,OAAO,GAAG,QAAQ,CAAC;IAC5C,gEAAgE;IAChE,GAAG,EAAE,MAAM,CAAC;IACZ,oBAAoB;IACpB,IAAI,EAAE,GAAG,CAAC;IACV,8BAA8B;IAC9B,OAAO,EAAE;QACP,cAAc,EAAE,MAAM,CAAC;QACvB,uBAAuB,CAAC,EAAE,MAAM,CAAC;KAClC,CAAC;CACH,CAAC;AAEF;;;;;;GAMG;AACH,wBAAgB,sCAAsC,CAAC,KAAK,EAAE,8BAA8B,GAAG,UAAU,CAYxG;AAED;;;;;;;;;GASG;AACH,wBAAsB,+BAA+B,CACnD,MAAM,EAAE,WAAW,EACnB,EACE,oBAAoB,EACpB,KAAK,GACN,EAAE;IACD,oBAAoB,EAAE,oBAAoB,CAAC;IAC3C,KAAK,EAAE,8BAA8B,CAAC;CACvC,GACA,OAAO,CAAC,MAAM,EAAE,CAAC,CA4BnB;AAED;;;;;;GAMG;AACH,wBAAgB,8BAA8B,CAAC,EAC7C,uBAAuB,EACvB,KAAK,GACN,EAAE;IACD,uBAAuB,EAAE,MAAM,CAAC;IAChC,KAAK,EAAE,8BAA8B,GAAG,UAAU,CAAC;CACpD,GAAG,MAAM,CAOT"}

package/lib/authorization.js

@@ -0,0 +1,73 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.formatRequestForAuthorizationSignature = formatRequestForAuthorizationSignature;
+exports.generateAuthorizationSignatures = generateAuthorizationSignatures;
+exports.generateAuthorizationSignature = generateAuthorizationSignature;
+const tslib_1 = require("../internal/tslib.js");
+const nist_1 = require("@noble/curves/nist");
+const sha2_1 = require("@noble/hashes/sha2");
+const canonicalize_1 = tslib_1.__importDefault(require("canonicalize"));
+const error_1 = require("../core/error.js");
+const cryptography_1 = require("./cryptography.js");
+/**
+ * Formats the request payload into the expected authorization payload, canconicalizes it,
+ * and encodes the JSON string into bytes.
+ *
+ * @param request The request to be formatted.
+ * @return The raw bytes representing the authorization payload.
+ */
+function formatRequestForAuthorizationSignature(input) {
+    const body = input.body;
+    if (typeof body === 'object' && body !== null && Object.keys(body).length === 0) {
+        // This is a special case, where if the body is empty, we want to serialize it
+        // as an empty string.
+        input.body = '';
+    }
+    const serializedInput = (0, canonicalize_1.default)(input);
+    if (!serializedInput) {
+        throw new error_1.PrivyAPIError('Failed to serialize request for authorization signature');
+    }
+    return new TextEncoder().encode(serializedInput);
+}
+/**
+ * Generates authorization signatures from the given authorization context and signable request.
+ * This method handles JWT exchange and private key signing.
+ *
+ * Manual signing of requests is intended for advanced use cases.
+ *
+ * @param authorizationContext The authorization context containing JWTs, private keys, and signatures.
+ * @param input The request payload to sign.
+ * @returns An array of authorization signatures.
+ */
+async function generateAuthorizationSignatures(client, { authorizationContext, input, }) {
+    const payload = formatRequestForAuthorizationSignature(input);
+    const userJwts = authorizationContext.user_jwts ?? [];
+    let userKeys = [];
+    if (userJwts.length > 0) {
+        userKeys = await Promise.all(userJwts.map((jwt) => client._jwtExchange().exchangeJwtForAuthorizationKey(jwt)));
+    }
+    /** These are the private keys provided by the caller, either directly or via JWT exchange */
+    const privateKeys = [...(authorizationContext.authorization_private_keys ?? []), ...userKeys];
+    /** These are the signatures calculated from the private keys */
+    const calculatedSignatures = privateKeys.map((sk) => generateAuthorizationSignature({ authorizationPrivateKey: sk, input: payload }));
+    /** These are the signatures calculated externally from the given sign functions */
+    const signFnSignatures = await Promise.all((authorizationContext.sign_fns ?? []).map((signFn) => signFn(payload)));
+    /** These are the signatures provided directly by the caller */
+    const providedRawSignatures = authorizationContext.signatures ?? [];
+    return [...providedRawSignatures, ...calculatedSignatures, ...signFnSignatures];
+}
+/**
+ * Signs the given request with the provided private key.
+ *
+ * @param authorizationPrivateKey The base64-encoded PKCS8-formatted private key, with no PEM headers.
+ * @param input The request payload to sign, or one serialized using {@link formatRequestForAuthorizationSignature}.
+ * @return The authorization signature.
+ */
+function generateAuthorizationSignature({ authorizationPrivateKey, input, }) {
+    const payload = input instanceof Uint8Array ? input : formatRequestForAuthorizationSignature(input);
+    const privateKey = (0, cryptography_1.importPKCS8PrivateKey)(authorizationPrivateKey);
+    const signature = nist_1.p256.sign((0, sha2_1.sha256)(payload), privateKey).toBytes('der');
+    // We fall back to `Buffer` here as Uint8Array.toBase64 is not widely supported yet
+    return Buffer.from(signature).toString('base64');
+}
+//# sourceMappingURL=authorization.js.map

package/lib/authorization.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorization.js","sourceRoot":"","sources":["../src/lib/authorization.ts"],"names":[],"mappings":";;AAqEA,wFAYC;AAYD,0EAqCC;AASD,wEAaC;;AAxJD,6CAA0C;AAC1C,6CAA4C;AAC5C,wEAAwC;AACxC,4CAA8C;AAC9C,oDAAuD;AA0DvD;;;;;;GAMG;AACH,SAAgB,sCAAsC,CAAC,KAAqC;IAC1F,MAAM,IAAI,GAAY,KAAK,CAAC,IAAI,CAAC;IACjC,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChF,8EAA8E;QAC9E,sBAAsB;QACtB,KAAK,CAAC,IAAI,GAAG,EAAE,CAAC;IAClB,CAAC;IACD,MAAM,eAAe,GAAG,IAAA,sBAAY,EAAC,KAAK,CAAC,CAAC;IAC5C,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,IAAI,qBAAa,CAAC,yDAAyD,CAAC,CAAC;IACrF,CAAC;IACD,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;AACnD,CAAC;AAED;;;;;;;;;GASG;AACI,KAAK,UAAU,+BAA+B,CACnD,MAAmB,EACnB,EACE,oBAAoB,EACpB,KAAK,GAIN;IAED,MAAM,OAAO,GAAG,sCAAsC,CAAC,KAAK,CAAC,CAAC;IAE9D,MAAM,QAAQ,GAAG,oBAAoB,CAAC,SAAS,IAAI,EAAE,CAAC;IACtD,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAC1B,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,8BAA8B,CAAC,GAAG,CAAC,CAAC,CACjF,CAAC;IACJ,CAAC;IAED,6FAA6F;IAC7F,MAAM,WAAW,GAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,0BAA0B,IAAI,EAAE,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC;IAE9F,gEAAgE;IAChE,MAAM,oBAAoB,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAClD,8BAA8B,CAAC,EAAE,uBAAuB,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAChF,CAAC;IAEF,mFAAmF;IACnF,MAAM,gBAAgB,GAAG,MAAM,OAAO,CAAC,GAAG,CACxC,CAAC,oBAAoB,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CACvE,CAAC;IAEF,+DAA+D;IAC/D,MAAM,qBAAqB,GAAG,oBAAoB,CAAC,UAAU,IAAI,EAAE,CAAC;IAEpE,OAAO,CAAC,GAAG,qBAAqB,EAAE,GAAG,oBAAoB,EAAE,GAAG,gBAAgB,CAAC,CAAC;AAClF,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,8BAA8B,CAAC,EAC7C,uBAAuB,EACvB,KAAK,GAIN;IACC,MAAM,OAAO,GAAG,KAAK,YAAY,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,sCAAsC,CAAC,KAAK,CAAC,CAAC;IACpG,MAAM,UAAU,GAAG,IAAA,oCAAqB,EAAC,uBAAuB,CAAC,CAAC;IAElE,MAAM,SAAS,GAAG,WAAI,CAAC,IAAI,CAAC,IAAA,aAAM,EAAC,OAAO,CAAC,EAAE,UAAU,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACxE,mFAAmF;IACnF,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACnD,CAAC"}

package/lib/authorization.mjs

@@ -0,0 +1,67 @@
+import { p256 } from '@noble/curves/nist';
+import { sha256 } from '@noble/hashes/sha2';
+import canonicalize from 'canonicalize';
+import { PrivyAPIError } from "../core/error.mjs";
+import { importPKCS8PrivateKey } from "./cryptography.mjs";
+/**
+ * Formats the request payload into the expected authorization payload, canconicalizes it,
+ * and encodes the JSON string into bytes.
+ *
+ * @param request The request to be formatted.
+ * @return The raw bytes representing the authorization payload.
+ */
+export function formatRequestForAuthorizationSignature(input) {
+    const body = input.body;
+    if (typeof body === 'object' && body !== null && Object.keys(body).length === 0) {
+        // This is a special case, where if the body is empty, we want to serialize it
+        // as an empty string.
+        input.body = '';
+    }
+    const serializedInput = canonicalize(input);
+    if (!serializedInput) {
+        throw new PrivyAPIError('Failed to serialize request for authorization signature');
+    }
+    return new TextEncoder().encode(serializedInput);
+}
+/**
+ * Generates authorization signatures from the given authorization context and signable request.
+ * This method handles JWT exchange and private key signing.
+ *
+ * Manual signing of requests is intended for advanced use cases.
+ *
+ * @param authorizationContext The authorization context containing JWTs, private keys, and signatures.
+ * @param input The request payload to sign.
+ * @returns An array of authorization signatures.
+ */
+export async function generateAuthorizationSignatures(client, { authorizationContext, input, }) {
+    const payload = formatRequestForAuthorizationSignature(input);
+    const userJwts = authorizationContext.user_jwts ?? [];
+    let userKeys = [];
+    if (userJwts.length > 0) {
+        userKeys = await Promise.all(userJwts.map((jwt) => client._jwtExchange().exchangeJwtForAuthorizationKey(jwt)));
+    }
+    /** These are the private keys provided by the caller, either directly or via JWT exchange */
+    const privateKeys = [...(authorizationContext.authorization_private_keys ?? []), ...userKeys];
+    /** These are the signatures calculated from the private keys */
+    const calculatedSignatures = privateKeys.map((sk) => generateAuthorizationSignature({ authorizationPrivateKey: sk, input: payload }));
+    /** These are the signatures calculated externally from the given sign functions */
+    const signFnSignatures = await Promise.all((authorizationContext.sign_fns ?? []).map((signFn) => signFn(payload)));
+    /** These are the signatures provided directly by the caller */
+    const providedRawSignatures = authorizationContext.signatures ?? [];
+    return [...providedRawSignatures, ...calculatedSignatures, ...signFnSignatures];
+}
+/**
+ * Signs the given request with the provided private key.
+ *
+ * @param authorizationPrivateKey The base64-encoded PKCS8-formatted private key, with no PEM headers.
+ * @param input The request payload to sign, or one serialized using {@link formatRequestForAuthorizationSignature}.
+ * @return The authorization signature.
+ */
+export function generateAuthorizationSignature({ authorizationPrivateKey, input, }) {
+    const payload = input instanceof Uint8Array ? input : formatRequestForAuthorizationSignature(input);
+    const privateKey = importPKCS8PrivateKey(authorizationPrivateKey);
+    const signature = p256.sign(sha256(payload), privateKey).toBytes('der');
+    // We fall back to `Buffer` here as Uint8Array.toBase64 is not widely supported yet
+    return Buffer.from(signature).toString('base64');
+}
+//# sourceMappingURL=authorization.mjs.map

package/lib/authorization.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorization.mjs","sourceRoot":"","sources":["../src/lib/authorization.ts"],"names":[],"mappings":"OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB;OAClC,EAAE,MAAM,EAAE,MAAM,oBAAoB;OACpC,YAAY,MAAM,cAAc;OAChC,EAAE,aAAa,EAAE;OACjB,EAAE,qBAAqB,EAAE;AA0DhC;;;;;;GAMG;AACH,MAAM,UAAU,sCAAsC,CAAC,KAAqC;IAC1F,MAAM,IAAI,GAAY,KAAK,CAAC,IAAI,CAAC;IACjC,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChF,8EAA8E;QAC9E,sBAAsB;QACtB,KAAK,CAAC,IAAI,GAAG,EAAE,CAAC;IAClB,CAAC;IACD,MAAM,eAAe,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IAC5C,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,IAAI,aAAa,CAAC,yDAAyD,CAAC,CAAC;IACrF,CAAC;IACD,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;AACnD,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,+BAA+B,CACnD,MAAmB,EACnB,EACE,oBAAoB,EACpB,KAAK,GAIN;IAED,MAAM,OAAO,GAAG,sCAAsC,CAAC,KAAK,CAAC,CAAC;IAE9D,MAAM,QAAQ,GAAG,oBAAoB,CAAC,SAAS,IAAI,EAAE,CAAC;IACtD,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAC1B,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,8BAA8B,CAAC,GAAG,CAAC,CAAC,CACjF,CAAC;IACJ,CAAC;IAED,6FAA6F;IAC7F,MAAM,WAAW,GAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,0BAA0B,IAAI,EAAE,CAAC,EAAE,GAAG,QAAQ,CAAC,CAAC;IAE9F,gEAAgE;IAChE,MAAM,oBAAoB,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAClD,8BAA8B,CAAC,EAAE,uBAAuB,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAChF,CAAC;IAEF,mFAAmF;IACnF,MAAM,gBAAgB,GAAG,MAAM,OAAO,CAAC,GAAG,CACxC,CAAC,oBAAoB,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CACvE,CAAC;IAEF,+DAA+D;IAC/D,MAAM,qBAAqB,GAAG,oBAAoB,CAAC,UAAU,IAAI,EAAE,CAAC;IAEpE,OAAO,CAAC,GAAG,qBAAqB,EAAE,GAAG,oBAAoB,EAAE,GAAG,gBAAgB,CAAC,CAAC;AAClF,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,8BAA8B,CAAC,EAC7C,uBAAuB,EACvB,KAAK,GAIN;IACC,MAAM,OAAO,GAAG,KAAK,YAAY,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,sCAAsC,CAAC,KAAK,CAAC,CAAC;IACpG,MAAM,UAAU,GAAG,qBAAqB,CAAC,uBAAuB,CAAC,CAAC;IAElE,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,UAAU,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACxE,mFAAmF;IACnF,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACnD,CAAC"}

package/lib/cryptography.d.mts

@@ -0,0 +1,8 @@
+export declare namespace HPKESender {
+    interface EncryptPayloadOutput {
+        ciphertext: Uint8Array;
+        encapsulatedKey: Uint8Array;
+    }
+}
+export declare function setupHPKESender(): Promise<HPKESender>;
+//# sourceMappingURL=cryptography.d.mts.map

package/lib/cryptography.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cryptography.d.mts","sourceRoot":"","sources":["../src/lib/cryptography.ts"],"names":[],"mappings":"AA+EA,yBAAiB,UAAU,CAAC;IAC1B,UAAiB,oBAAoB;QACnC,UAAU,EAAE,UAAU,CAAC;QACvB,eAAe,EAAE,UAAU,CAAC;KAC7B;CACF;AAED,wBAAsB,eAAe,IAAI,OAAO,CAAC,UAAU,CAAC,CAsB3D"}

package/lib/cryptography.d.ts

@@ -0,0 +1,8 @@
+export declare namespace HPKESender {
+    interface EncryptPayloadOutput {
+        ciphertext: Uint8Array;
+        encapsulatedKey: Uint8Array;
+    }
+}
+export declare function setupHPKESender(): Promise<HPKESender>;
+//# sourceMappingURL=cryptography.d.ts.map

package/lib/cryptography.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cryptography.d.ts","sourceRoot":"","sources":["../src/lib/cryptography.ts"],"names":[],"mappings":"AA+EA,yBAAiB,UAAU,CAAC;IAC1B,UAAiB,oBAAoB;QACnC,UAAU,EAAE,UAAU,CAAC;QACvB,eAAe,EAAE,UAAU,CAAC;KAC7B;CACF;AAED,wBAAsB,eAAe,IAAI,OAAO,CAAC,UAAU,CAAC,CAsB3D"}

package/lib/cryptography.js

@@ -0,0 +1,72 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.importPKCS8PrivateKey = importPKCS8PrivateKey;
+exports.setupHPKERecipient = setupHPKERecipient;
+exports.setupHPKESender = setupHPKESender;
+const chacha20poly1305_1 = require("@hpke/chacha20poly1305");
+const core_1 = require("@hpke/core");
+const nist_1 = require("@noble/curves/nist");
+/**
+ * Imports a P-256 private key for use with the `@noble/curves` library.
+ *
+ * @param privateKey - A base64-encoded PKCS8-formatted private key, with no PEM headers.
+ * @returns A private key object for the P-256 curve.
+ * @internal
+ */
+function importPKCS8PrivateKey(privateKey) {
+    // We fall back to `Buffer` here as Uint8Array.fromBase64 is not widely supported yet
+    const pkcs8Bytes = Buffer.from(privateKey, 'base64');
+    const privateKeyStart = pkcs8Bytes.indexOf(Buffer.from([0x04, 0x20]));
+    if (privateKeyStart === -1) {
+        throw new Error('Invalid wallet authorization private key');
+    }
+    const privateKeyBytes = pkcs8Bytes.subarray(privateKeyStart + 2, privateKeyStart + 34);
+    return nist_1.p256.Point.Fn.fromBytes(privateKeyBytes);
+}
+/**
+ * Sets up HPKE for securely requesting a payload (as the recipient)
+ * from a sender (e.g. the Privy API).
+ * @returns The HPKE receiver object.
+ * @internal
+ */
+async function setupHPKERecipient() {
+    const suite = new core_1.CipherSuite({
+        kem: new core_1.DhkemP256HkdfSha256(),
+        kdf: new core_1.HkdfSha256(),
+        aead: new chacha20poly1305_1.Chacha20Poly1305(),
+    });
+    const keypair = await suite.kem.generateKeyPair();
+    const publicKeySpki = await crypto.subtle.exportKey('spki', keypair.publicKey);
+    return {
+        publicKeySpki: new Uint8Array(publicKeySpki),
+        decryptPayload: async (encapsulatedKey, ciphertext) => {
+            const recipient = await suite.createRecipientContext({
+                recipientKey: keypair.privateKey,
+                enc: encapsulatedKey,
+            });
+            const decodedBytes = await recipient.open(ciphertext);
+            return new Uint8Array(decodedBytes);
+        },
+    };
+}
+async function setupHPKESender() {
+    const suite = new core_1.CipherSuite({
+        kem: new core_1.DhkemP256HkdfSha256(),
+        kdf: new core_1.HkdfSha256(),
+        aead: new chacha20poly1305_1.Chacha20Poly1305(),
+    });
+    return {
+        encryptPayload: async (publicKey, payload) => {
+            const recipientPublicKey = await suite.kem.deserializePublicKey(publicKey);
+            const sender = await suite.createSenderContext({
+                recipientPublicKey,
+            });
+            const ciphertext = await sender.seal(payload);
+            return {
+                ciphertext: new Uint8Array(ciphertext),
+                encapsulatedKey: new Uint8Array(sender.enc),
+            };
+        },
+    };
+}
+//# sourceMappingURL=cryptography.js.map

package/lib/cryptography.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cryptography.js","sourceRoot":"","sources":["../src/lib/cryptography.ts"],"names":[],"mappings":";;AAYA,sDAUC;AAqBD,gDAuBC;AAoBD,0CAsBC;AA5GD,6DAA0D;AAC1D,qCAA0E;AAC1E,6CAA0C;AAG1C;;;;;;GAMG;AACH,SAAgB,qBAAqB,CAAC,UAAkB;IACtD,qFAAqF;IACrF,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IACrD,MAAM,eAAe,GAAG,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;IAEtE,IAAI,eAAe,KAAK,CAAC,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IACD,MAAM,eAAe,GAAG,UAAU,CAAC,QAAQ,CAAC,eAAe,GAAG,CAAC,EAAE,eAAe,GAAG,EAAE,CAAC,CAAC;IACvF,OAAO,WAAI,CAAC,KAAK,CAAC,EAAE,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;AAClD,CAAC;AAeD;;;;;GAKG;AACI,KAAK,UAAU,kBAAkB;IACtC,MAAM,KAAK,GAAG,IAAI,kBAAW,CAAC;QAC5B,GAAG,EAAE,IAAI,0BAAmB,EAAE;QAC9B,GAAG,EAAE,IAAI,iBAAU,EAAE;QACrB,IAAI,EAAE,IAAI,mCAAgB,EAAE;KAC7B,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC;IAClD,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAE/E,OAAO;QACL,aAAa,EAAE,IAAI,UAAU,CAAC,aAAa,CAAC;QAC5C,cAAc,EAAE,KAAK,EAAE,eAA2B,EAAE,UAAsB,EAAE,EAAE;YAC5E,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,sBAAsB,CAAC;gBACnD,YAAY,EAAE,OAAO,CAAC,UAAU;gBAChC,GAAG,EAAE,eAAe;aACrB,CAAC,CAAC;YAEH,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAEtD,OAAO,IAAI,UAAU,CAAC,YAAY,CAAC,CAAC;QACtC,CAAC;KACF,CAAC;AACJ,CAAC;AAoBM,KAAK,UAAU,eAAe;IACnC,MAAM,KAAK,GAAG,IAAI,kBAAW,CAAC;QAC5B,GAAG,EAAE,IAAI,0BAAmB,EAAE;QAC9B,GAAG,EAAE,IAAI,iBAAU,EAAE;QACrB,IAAI,EAAE,IAAI,mCAAgB,EAAE;KAC7B,CAAC,CAAC;IAEH,OAAO;QACL,cAAc,EAAE,KAAK,EAAE,SAAqB,EAAE,OAAmB,EAAE,EAAE;YACnE,MAAM,kBAAkB,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC;YAC3E,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,mBAAmB,CAAC;gBAC7C,kBAAkB;aACnB,CAAC,CAAC;YAEH,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAE9C,OAAO;gBACL,UAAU,EAAE,IAAI,UAAU,CAAC,UAAU,CAAC;gBACtC,eAAe,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC;aAC5C,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC"}