npm - @prosopo/provider - Versions diffs - 3.3.0 → 3.12.14 - Mend

@prosopo/provider 3.3.0 → 3.12.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (377) hide show

package/dist/api/blacklistRequestInspector.js CHANGED Viewed

@@ -1,5 +1,5 @@
 import { ApiPrefix } from "@prosopo/types";
-import { userScopeInputSchema, ScopeMatch, AccessPolicyType } from "@prosopo/user-access-policy";
+import { userScopeInput, FilterScopeMatch, AccessPolicyType } from "@prosopo/user-access-policy";
 import { uniqueSubsets } from "@prosopo/util";
 const getRequestUserScope = (requestHeaders, ja4, ip, user) => {
   const userAgent = requestHeaders["user-agent"] ? requestHeaders["user-agent"].toString() : void 0;
@@ -8,13 +8,12 @@ const getRequestUserScope = (requestHeaders, ja4, ip, user) => {
     ...ja4 && { ja4Hash: ja4 },
     ...userAgent && { userAgent },
     ...ip && { ip }
+    // TODO more things with headers
   };
 };
-const getPrioritisedAccessRule = async (userAccessRulesStorage, userScope, clientId) => {
-  const userScopeKeys = Object.keys(userScope).filter(
-    (key) => userScope[key] !== void 0
-  );
-  const prioritisedUserScopes = uniqueSubsets(userScopeKeys).map(
+const getPrioritisedUserScopes = (userScope) => {
+  const userScopeKeys = Object.keys(userScope);
+  return uniqueSubsets(userScopeKeys).map(
     (subset) => subset.reduce(
       (acc, key) => {
         acc[key] = userScope[key];
@@ -22,26 +21,29 @@ const getPrioritisedAccessRule = async (userAccessRulesStorage, userScope, clien
       },
       {}
     )
-  ).filter((us) => Object.keys(us).length > 0).filter((us) => Object.values(us).some((value) => value !== void 0));
+  );
+};
+const getPrioritisedAccessRule = async (userAccessRulesStorage, userScope, clientId) => {
+  const prioritisedUserScopes = getPrioritisedUserScopes(userScope);
   const policyPromises = [];
   const clientLoop = clientId ? [clientId, void 0] : [void 0];
   for (const clientOrUndefined of clientLoop) {
     for (const scope of prioritisedUserScopes) {
-      const parsedUserScope = userScopeInputSchema.parse(scope);
-      if (Object.values(parsedUserScope).every((value) => value === void 0)) {
+      if (Object.values(scope).every((value) => value === void 0)) {
         continue;
       }
+      const parsedUserScope = userScopeInput.parse(scope);
       const filter = {
         ...clientOrUndefined && {
           policyScope: {
             clientId: clientOrUndefined
           }
         },
-        policyScopeMatch: ScopeMatch.Exact,
+        policyScopeMatch: FilterScopeMatch.Exact,
         userScope: parsedUserScope,
-        userScopeMatch: ScopeMatch.Exact
+        userScopeMatch: FilterScopeMatch.Exact
       };
-      policyPromises.push(userAccessRulesStorage.findRules(filter));
+      policyPromises.push(userAccessRulesStorage.findRules(filter, true, true));
     }
   }
   return (await Promise.all(policyPromises)).flat();

package/dist/api/blacklistRequestInspector.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"blacklistRequestInspector.js","sourceRoot":"","sources":["../../src/api/blacklistRequestInspector.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EACN,gBAAgB,EAEhB,gBAAgB,EAGhB,cAAc,GACd,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAG9C,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAClC,cAAuC,EACvC,GAAY,EACZ,EAAW,EACX,IAAa,EACsD,EAAE;IACrE,MAAM,SAAS,GAAG,cAAc,CAAC,YAAY,CAAC;QAC7C,CAAC,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC,QAAQ,EAAE;QACzC,CAAC,CAAC,SAAS,CAAC;IAEb,OAAO;QACN,GAAG,CAAC,IAAI,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;QAC7B,GAAG,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC;QAC5B,GAAG,CAAC,SAAS,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;QAC1C,GAAG,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;KAEjB,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,wBAAwB,GAAG,CAAC,SAEjC,EAAiD,EAAE;IACnD,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC7C,OAAO,aAAa,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,MAAgB,EAAE,EAAE,CAC5D,MAAM,CAAC,MAAM,CACZ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACZ,GAAG,CAAC,GAAG,CAAC,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC;QAC1B,OAAO,GAAG,CAAC;IACZ,CAAC,EACD,EAAiD,CACjD,CACD,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,wBAAwB,GAAG,KAAK,EAC5C,sBAA0C,EAC1C,SAAsC,EACtC,QAAiB,EAChB,EAAE;IACH,MAAM,qBAAqB,GAAG,wBAAwB,CAAC,SAAS,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,EAAE,CAAC;IAE1B,MAAM,UAAU,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAClE,KAAK,MAAM,iBAAiB,IAAI,UAAU,EAAE,CAAC;QAC5C,KAAK,MAAM,KAAK,IAAI,qBAAqB,EAAE,CAAC;YAC3C,IAAI,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,KAAK,SAAS,CAAC,EAAE,CAAC;gBAChE,SAAS;YACV,CAAC;YAED,MAAM,eAAe,GAAG,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAEpD,MAAM,MAAM,GAAG;gBACd,GAAG,CAAC,iBAAiB,IAAI;oBACxB,WAAW,EAAE;wBACZ,QAAQ,EAAE,iBAAiB;qBAC3B;iBACD,CAAC;gBACF,gBAAgB,EAAE,gBAAgB,CAAC,KAAK;gBAExC,SAAS,EAAE,eAAe;gBAE1B,cAAc,EAAE,gBAAgB,CAAC,KAAK;aACtC,CAAC;YAEF,cAAc,CAAC,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;QAC3E,CAAC;IACF,CAAC;IACD,OAAO,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;AACnD,CAAC,CAAC;AAEF,MAAM,OAAO,yBAAyB;IACrC,YACkB,sBAA0C,EAC1C,0BAA+C;QAD/C,2BAAsB,GAAtB,sBAAsB,CAAoB;QAC1C,+BAA0B,GAA1B,0BAA0B,CAAqB;IAC9D,CAAC;IAEG,KAAK,CAAC,2BAA2B,CACvC,OAAgB,EAChB,GAAa,EACb,IAAkB;QAElB,MAAM,KAAK,GAAG,OAAO,CAAC,EAAE,IAAI,EAAE,CAAC;QAE/B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;YAC3B,IAAI,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE;SAC1B,CAAC,CAAC,CAAC;QAEJ,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,kBAAkB,CACvD,OAAO,CAAC,GAAG,EACX,KAAK,EACL,OAAO,CAAC,GAAG,EACX,OAAO,CAAC,OAAO,EACf,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,MAAM,CACd,CAAC;QAEF,IAAI,kBAAkB,EAAE,CAAC;YACxB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;YAChD,OAAO;QACR,CAAC;QAED,IAAI,EAAE,CAAC;IACR,CAAC;IAEM,KAAK,CAAC,kBAAkB,CAC9B,cAAsB,EACtB,KAAa,EACb,GAAW,EACX,cAAuC,EACvC,WAAoC,EACpC,MAAc;QAGd,IAAI,IAAI,CAAC,mBAAmB,CAAC,cAAc,CAAC,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAC;QACd,CAAC;QAGD,IAAI,CAAC,KAAK,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBAClB,IAAI,EAAE;oBACL,cAAc,EAAE,cAAc;oBAC9B,cAAc,EAAE,cAAc;oBAC9B,WAAW,EAAE,WAAW;iBACxB;gBACD,GAAG,EAAE,oBAAoB;aACzB,CAAC,CAAC,CAAC;YAEJ,OAAO,IAAI,CAAC;QACb,CAAC;QAED,MAAM,IAAI,CAAC,0BAA0B,EAAE,CAAC;QAExC,IAAI,CAAC;YACJ,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,qBAAqB,CACtD,cAAc,EACd,WAAW,CACX,CAAC;YAEF,MAAM,cAAc,GAAG,MAAM,wBAAwB,CACpD,IAAI,CAAC,sBAAsB,EAC3B,mBAAmB,CAAC,cAAc,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,CAAC,EACvD,QAAQ,CACR,CAAC;YACF,IACC,CAAC,cAAc;gBACf,cAAc,CAAC,MAAM,KAAK,CAAC;gBAC3B,CAAC,cAAc,CAAC,CAAC,CAAC,EACjB,CAAC;gBACF,OAAO,KAAK,CAAC;YACd,CAAC;YACD,MAAM,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,CAAC;YAEvC,OAAO,gBAAgB,CAAC,KAAK,KAAK,YAAY,CAAC,IAAI,CAAC;QACrD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACnB,GAAG;gBACH,GAAG,EAAE,wBAAwB;aAC7B,CAAC,CAAC,CAAC;YAEJ,OAAO,IAAI,CAAC;QACb,CAAC;IACF,CAAC;IAES,mBAAmB,CAAC,GAAW;QACxC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IACjC,CAAC;IAES,qBAAqB,CAC9B,cAAuC,EACvC,WAAoC;QAKpC,MAAM,MAAM,GACX,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,cAAc,CAAC;YACnD,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAC1C,MAAM,QAAQ,GACb,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,kBAAkB,CAAC;YACvD,IAAI,CAAC,cAAc,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAE1C,OAAO;YACN,MAAM,EAAE,QAAQ,KAAK,OAAO,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;YACvD,QAAQ,EAAE,QAAQ,KAAK,OAAO,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;SAC7D,CAAC;IACH,CAAC;IAES,cAAc,CACvB,MAA+B,EAC/B,GAAW;QAEX,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;IACpB,CAAC;CACD"}

package/dist/api/block.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { ProviderEnvironment } from "@prosopo/types-env";
+export declare const blockMiddleware: (providerEnvironment: ProviderEnvironment) => (request: import("express").Request, res: import("express").Response, next: import("express").NextFunction) => Promise<void>;
+//# sourceMappingURL=block.d.ts.map

package/dist/api/block.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"block.d.ts","sourceRoot":"","sources":["../../src/api/block.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAG9D,eAAO,MAAM,eAAe,wBAAyB,mBAAmB,iIAgBvE,CAAC"}

package/dist/api/block.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"block.js","sourceRoot":"","sources":["../../src/api/block.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAE3E,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,mBAAwC,EAAE,EAAE;IAC3E,MAAM,sBAAsB,GAAG,mBAAmB;SAChD,KAAK,EAAE;SACP,yBAAyB,EAAE,CAAC;IAE9B,MAAM,0BAA0B,GAC/B,mBAAmB,CAAC,OAAO,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAEvD,MAAM,yBAAyB,GAAG,IAAI,yBAAyB,CAC9D,sBAAsB,EACtB,0BAA0B,CAC1B,CAAC;IAEF,OAAO,yBAAyB,CAAC,2BAA2B,CAAC,IAAI,CAChE,yBAAyB,CACzB,CAAC;AACH,CAAC,CAAC"}

package/dist/api/captcha.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { ProviderEnvironment } from "@prosopo/types-env";
+import { type Router } from "express";
+export declare function prosopoRouter(env: ProviderEnvironment): Router;
+//# sourceMappingURL=captcha.d.ts.map

package/dist/api/captcha.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"captcha.d.ts","sourceRoot":"","sources":["../../src/api/captcha.ts"],"names":[],"mappings":"AAuCA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAE9D,OAAgB,EAAE,KAAK,MAAM,EAAE,MAAM,SAAS,CAAC;AAkB/C,wBAAgB,aAAa,CAAC,GAAG,EAAE,mBAAmB,GAAG,MAAM,CAs1B9D"}

package/dist/api/captcha.js CHANGED Viewed

@@ -4,8 +4,12 @@ import { parseCaptchaAssets } from "@prosopo/datasets";
 import { ClientApiPaths, CaptchaRequestBody, CaptchaType, ApiParams, CaptchaSolutionBody, GetPowCaptchaChallengeRequestBody, SubmitPowCaptchaSolutionBody, GetFrictionlessCaptchaChallengeRequestBody } from "@prosopo/types";
 import { getIPAddress, flatten } from "@prosopo/util";
 import express from "express";
+import { getCompositeIpAddress } from "../compositeIpAddress.js";
 import { FrictionlessManager } from "../tasks/frictionless/frictionlessTasks.js";
+import { timestampDecayFunction } from "../tasks/frictionless/frictionlessTasksUtils.js";
 import { Tasks } from "../tasks/tasks.js";
+import { hashUserAgent } from "../utils/hashUserAgent.js";
+import { getMaintenanceMode } from "./admin/apiToggleMaintenanceModeEndpoint.js";
 import { getRequestUserScope } from "./blacklistRequestInspector.js";
 import { validateSiteKey, validateAddr } from "./validateAddress.js";
 const DEFAULT_FRICTIONLESS_THRESHOLD = 0.5;
@@ -63,11 +67,18 @@ function prosopoRouter(env) {
           dapp,
           userScope
         ))[0];
-        const { valid, reason, frictionlessTokenId } = await tasks.imgCaptchaManager.isValidRequest(
+        const {
+          valid,
+          reason,
+          sessionId: validSessionId,
+          solvedImagesCount
+        } = await tasks.imgCaptchaManager.isValidRequest(
           clientRecord,
           CaptchaType.image,
+          env,
           sessionId,
-          userAccessPolicy
+          userAccessPolicy,
+          req.ip
         );
         if (!valid) {
           return next(
@@ -84,7 +95,7 @@ function prosopoRouter(env) {
         }
         const captchaConfig = {
           solved: {
-            count: userAccessPolicy?.solvedImagesCount || env.config.captchas.solved.count
+            count: solvedImagesCount || userAccessPolicy?.solvedImagesCount || env.config.captchas.solved.count
           },
           unsolved: {
             count: userAccessPolicy?.unsolvedImagesCount || env.config.captchas.unsolved.count
@@ -96,7 +107,7 @@ function prosopoRouter(env) {
           ipAddress,
           captchaConfig,
           clientRecord.settings.imageThreshold ?? 0.8,
-          frictionlessTokenId
+          validSessionId
         );
         const captchaResponse = {
           [ApiParams.status]: "ok",
@@ -115,12 +126,23 @@ function prosopoRouter(env) {
             }
           }
         };
+        req.logger.info(() => ({
+          msg: "Image captcha challenge issued",
+          data: {
+            captchaType: CaptchaType.image,
+            requestHash: taskData.requestHash,
+            solvedImagesCount: captchaConfig.solved.count,
+            user,
+            dapp,
+            sessionId
+          }
+        }));
         return res.json(captchaResponse);
       } catch (err) {
         req.logger.error(() => ({
           err,
           data: req.params,
-          msg: "Error in PoW captcha solution submission"
+          msg: "Error in image captcha challenge request"
         }));
         return next(
           new ProsopoApiError("API.BAD_REQUEST", {
@@ -141,6 +163,17 @@ function prosopoRouter(env) {
     ClientApiPaths.SubmitImageCaptchaSolution,
     async (req, res, next) => {
       const tasks = new Tasks(env, req.logger);
+      if (getMaintenanceMode()) {
+        req.logger.info(() => ({
+          msg: "Maintenance mode active - returning verified for image captcha"
+        }));
+        const result = {
+          status: "ok",
+          captchas: [],
+          verified: true
+        };
+        return res.json(result);
+      }
       let parsed;
       try {
         parsed = CaptchaSolutionBody.parse(req.body);
@@ -175,7 +208,7 @@ function prosopoRouter(env) {
           parsed[ApiParams.signature].user.timestamp,
           Number.parseInt(parsed[ApiParams.timestamp]),
           parsed[ApiParams.signature].provider.requestHash,
-          getIPAddress(req.ip || "").bigInt(),
+          getIPAddress(req.ip || ""),
           flatten(req.headers),
           req.ja4
         );
@@ -190,7 +223,7 @@ function prosopoRouter(env) {
         req.logger.error(() => ({
           err,
           body: req.body,
-          msg: "Error in PoW captcha solution submission"
+          msg: "Error in image captcha solution submission"
         }));
         return next(
           new ProsopoApiError("API.BAD_REQUEST", {
@@ -246,11 +279,18 @@ function prosopoRouter(env) {
         dapp,
         userScope
       ))[0];
-      const { valid, reason, frictionlessTokenId } = await tasks.powCaptchaManager.isValidRequest(
+      const {
+        valid,
+        reason,
+        sessionId: validSessionId,
+        powDifficulty
+      } = await tasks.powCaptchaManager.isValidRequest(
         clientSettings,
         CaptchaType.pow,
+        env,
         sessionId,
-        userAccessPolicy
+        userAccessPolicy,
+        req.ip
       );
       if (!valid) {
         return next(
@@ -280,11 +320,12 @@ function prosopoRouter(env) {
           })
         );
       }
+      const difficulty = powDifficulty || userAccessPolicy?.powDifficulty || clientSettings?.settings?.powDifficulty;
       const challenge = await tasks.powCaptchaManager.getPowCaptchaChallenge(
         user,
         dapp,
         origin,
-        userAccessPolicy?.powDifficulty || clientSettings?.settings?.powDifficulty
+        difficulty
       );
       await tasks.db.storePowCaptchaRecord(
         challenge.challenge,
@@ -295,10 +336,10 @@ function prosopoRouter(env) {
         },
         challenge.difficulty,
         challenge.providerSignature,
-        getIPAddress(req.ip || "").bigInt(),
+        getCompositeIpAddress(req.ip || ""),
         flatten(req.headers),
         req.ja4,
-        frictionlessTokenId
+        validSessionId
       );
       const getPowCaptchaResponse = {
         [ApiParams.status]: "ok",
@@ -311,12 +352,23 @@ function prosopoRouter(env) {
           }
         }
       };
+      req.logger.info(() => ({
+        msg: "PoW captcha challenge issued",
+        data: {
+          captchaType: CaptchaType.pow,
+          challenge: challenge.challenge,
+          difficulty: challenge.difficulty,
+          user,
+          dapp,
+          session: sessionId
+        }
+      }));
       return res.json(getPowCaptchaResponse);
     } catch (err) {
       req.logger.error(() => ({
         err,
         body: req.body,
-        msg: "Error in PoW captcha solution submission"
+        msg: "Error in PoW captcha challenge request"
       }));
       return next(
         new ProsopoApiError("API.BAD_REQUEST", {
@@ -337,6 +389,16 @@ function prosopoRouter(env) {
     async (req, res, next) => {
       let parsed;
       const tasks = new Tasks(env, req.logger);
+      if (getMaintenanceMode()) {
+        req.logger.info(() => ({
+          msg: "Maintenance mode active - returning verified"
+        }));
+        const response = {
+          status: "ok",
+          verified: true
+        };
+        return res.json(response);
+      }
       try {
         parsed = SubmitPowCaptchaSolutionBody.parse(req.body);
       } catch (err) {
@@ -348,15 +410,7 @@ function prosopoRouter(env) {
           })
         );
       }
-      const {
-        challenge,
-        difficulty,
-        signature,
-        nonce,
-        verifiedTimeout,
-        dapp,
-        user
-      } = parsed;
+      const { challenge, signature, nonce, verifiedTimeout, dapp, user } = parsed;
       validateSiteKey(dapp);
       validateAddr(user);
       try {
@@ -372,7 +426,6 @@ function prosopoRouter(env) {
         }
         const verified = await tasks.powCaptchaManager.verifyPowCaptchaSolution(
           challenge,
-          difficulty,
           signature.provider.challenge,
           nonce,
           verifiedTimeout,
@@ -407,24 +460,72 @@ function prosopoRouter(env) {
     async (req, res, next) => {
       try {
         const tasks = new Tasks(env, req.logger);
-        const { token, dapp, user } = GetFrictionlessCaptchaChallengeRequestBody.parse(req.body);
-        const existingToken = await tasks.db.getFrictionlessTokenRecordByToken(token);
+        const { token, headHash, dapp, user } = GetFrictionlessCaptchaChallengeRequestBody.parse(req.body);
+        if (getMaintenanceMode()) {
+          req.logger.info(() => ({
+            msg: "Maintenance mode active - storing dummy token and sending PoW captcha",
+            data: { dapp, user }
+          }));
+          return res.json(
+            await tasks.frictionlessManager.sendPowCaptcha({
+              token,
+              score: 0,
+              threshold: 0.5,
+              scoreComponents: {
+                baseScore: 0
+              },
+              providerSelectEntropy: 0,
+              ipAddress: getCompositeIpAddress(req.ip || ""),
+              powDifficulty: void 0,
+              webView: false,
+              iFrame: false,
+              decryptedHeadHash: ""
+            })
+          );
+        }
+        const existingToken = await tasks.db.getSessionRecordByToken(token);
         if (existingToken) {
           req.logger.info(() => ({
             token: existingToken,
             msg: "Token has already been used"
           }));
-          return res.json(
-            await tasks.frictionlessManager.sendImageCaptcha(
-              existingToken._id
-            )
+          return next(
+            new ProsopoApiError("API.BAD_REQUEST", {
+              context: {
+                code: 400,
+                siteKey: dapp,
+                user
+              },
+              i18n: req.i18n,
+              logger: req.logger
+            })
           );
         }
         const lScore = tasks.frictionlessManager.checkLangRules(
           req.headers["accept-language"] || ""
         );
-        const { baseBotScore, timestamp } = await tasks.frictionlessManager.decryptPayload(token);
-        const botScore = baseBotScore + lScore;
+        const {
+          baseBotScore,
+          timestamp,
+          providerSelectEntropy,
+          userId,
+          userAgent,
+          webView,
+          iFrame,
+          decryptedHeadHash
+        } = await tasks.frictionlessManager.decryptPayload(token, headHash);
+        req.logger.debug(() => ({
+          msg: "Decrypted payload",
+          data: {
+            baseBotScore,
+            timestamp,
+            providerSelectEntropy,
+            userId,
+            userAgent,
+            webView
+          }
+        }));
+        let botScore = baseBotScore + lScore;
         const clientRecord = await tasks.db.getClientRecord(dapp);
         if (!clientRecord) {
           return next(
@@ -437,7 +538,8 @@ function prosopoRouter(env) {
         }
         const { valid, reason } = await tasks.frictionlessManager.isValidRequest(
           clientRecord,
-          CaptchaType.frictionless
+          CaptchaType.frictionless,
+          env
         );
         if (!valid) {
           return next(
@@ -453,14 +555,21 @@ function prosopoRouter(env) {
           );
         }
         const botThreshold = clientRecord.settings?.frictionlessThreshold || DEFAULT_FRICTIONLESS_THRESHOLD;
-        const tokenId = await tasks.db.storeFrictionlessTokenRecord({
+        let scoreComponents = {
+          baseScore: baseBotScore,
+          ...lScore && { lScore }
+        };
+        const ipAddress = getCompositeIpAddress(req.ip || "");
+        tasks.frictionlessManager.setSessionParams({
           token,
           score: botScore,
           threshold: botThreshold,
-          scoreComponents: {
-            baseScore: baseBotScore,
-            ...lScore && { lScore }
-          }
+          scoreComponents,
+          providerSelectEntropy,
+          ipAddress,
+          webView,
+          iFrame,
+          decryptedHeadHash
         });
         const userScope = getRequestUserScope(
           flatten(req.headers),
@@ -473,50 +582,119 @@ function prosopoRouter(env) {
           dapp,
           userScope
         ))[0];
+        const headersUserAgent = req.headers["user-agent"];
+        const hashedHeadersUserAgent = headersUserAgent ? hashUserAgent(headersUserAgent) : "";
+        const headersProsopoUser = req.headers["prosopo-user"];
+        if (hashedHeadersUserAgent !== userAgent || headersProsopoUser !== userId) {
+          req.logger.info(() => ({
+            msg: "User agent or user id does not match",
+            data: {
+              headersUserAgent,
+              hashedHeadersUserAgent,
+              userAgent,
+              // This is the hashed user agent from the token
+              headersProsopoUser,
+              userId
+            }
+          }));
+          return res.json(
+            await tasks.frictionlessManager.sendImageCaptcha({
+              solvedImagesCount: timestampDecayFunction(timestamp)
+            })
+          );
+        }
         if (userAccessPolicy) {
-          await tasks.frictionlessManager.scoreIncreaseAccessPolicy(
+          const scoreUpdate = tasks.frictionlessManager.scoreIncreaseAccessPolicy(
             userAccessPolicy,
             baseBotScore,
             botScore,
-            tokenId
+            scoreComponents
           );
+          botScore = scoreUpdate.score;
+          scoreComponents = scoreUpdate.scoreComponents;
+          tasks.frictionlessManager.updateScore(botScore, scoreComponents);
           if (userAccessPolicy.captchaType === CaptchaType.image) {
             return res.json(
-              await tasks.frictionlessManager.sendImageCaptcha(tokenId)
+              await tasks.frictionlessManager.sendImageCaptcha({
+                solvedImagesCount: userAccessPolicy.solvedImagesCount
+              })
             );
           }
           if (userAccessPolicy.captchaType === CaptchaType.pow) {
             return res.json(
-              await tasks.frictionlessManager.sendPowCaptcha(tokenId)
+              await tasks.frictionlessManager.sendPowCaptcha({
+                powDifficulty: void 0
+              })
             );
           }
         }
+        if (clientRecord.settings.disallowWebView && webView) {
+          tasks.logger.info(() => ({
+            msg: "WebView detected"
+          }));
+          const scoreUpdate = tasks.frictionlessManager.scoreIncreaseWebView(
+            baseBotScore,
+            botScore,
+            scoreComponents
+          );
+          botScore = scoreUpdate.score;
+          scoreComponents = scoreUpdate.scoreComponents;
+          tasks.frictionlessManager.updateScore(botScore, scoreComponents);
+          return res.json(
+            await tasks.frictionlessManager.sendImageCaptcha({
+              solvedImagesCount: env.config.captchas.solved.count * 2
+            })
+          );
+        }
         if (FrictionlessManager.timestampTooOld(timestamp)) {
-          await tasks.frictionlessManager.scoreIncreaseTimestamp(
+          const scoreUpdate = tasks.frictionlessManager.scoreIncreaseTimestamp(
             timestamp,
             baseBotScore,
             botScore,
-            tokenId
+            scoreComponents
           );
+          botScore = scoreUpdate.score;
+          scoreComponents = scoreUpdate.scoreComponents;
+          tasks.frictionlessManager.updateScore(botScore, scoreComponents);
           return res.json(
-            await tasks.frictionlessManager.sendImageCaptcha(tokenId)
+            await tasks.frictionlessManager.sendImageCaptcha({
+              solvedImagesCount: timestampDecayFunction(timestamp)
+            })
+          );
+        }
+        const hostVerified = await tasks.frictionlessManager.hostVerified(
+          providerSelectEntropy
+        );
+        if (!hostVerified.verified) {
+          const scoreUpdate = tasks.frictionlessManager.scoreIncreaseUnverifiedHost(
+            hostVerified.domain,
+            baseBotScore,
+            botScore,
+            scoreComponents
           );
+          botScore = scoreUpdate.score;
+          scoreComponents = scoreUpdate.scoreComponents;
+          tasks.frictionlessManager.updateScore(botScore, scoreComponents);
         }
         if (Number(botScore) > botThreshold) {
           req.logger.info(() => ({
-            message: "Bot score is greater than threshold",
+            msg: "Bot score is greater than threshold",
             data: {
               botScore,
               botThreshold,
-              tokenId
+              token
             }
           }));
           return res.json(
-            await tasks.frictionlessManager.sendImageCaptcha(tokenId)
+            await tasks.frictionlessManager.sendImageCaptcha({
+              solvedImagesCount: env.config.captchas.solved.count
+            })
           );
         }
         return res.json(
-          await tasks.frictionlessManager.sendPowCaptcha(tokenId)
+          await tasks.frictionlessManager.sendPowCaptcha({
+            powDifficulty: void 0
+          })
         );
       } catch (err) {
         req.logger.error(() => ({

package/dist/api/captcha.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"captcha.js","sourceRoot":"","sources":["../../src/api/captcha.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EACN,SAAS,EAET,kBAAkB,EAGlB,mBAAmB,EAGnB,WAAW,EACX,cAAc,EAEd,0CAA0C,EAC1C,iCAAiC,EAKjC,4BAA4B,GAE5B,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,OAAwB,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,mBAAmB,EAAE,MAAM,4CAA4C,CAAC;AACjF,OAAO,EAAE,sBAAsB,EAAE,MAAM,iDAAiD,CAAC;AACzF,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,6CAA6C,CAAC;AACjF,OAAO,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AACrE,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAErE,MAAM,8BAA8B,GAAG,GAAG,CAAC;AAQ3C,MAAM,UAAU,aAAa,CAAC,GAAwB;IACrD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAEhC,MAAM,sBAAsB,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC,yBAAyB,EAAE,CAAC;IAQvE,MAAM,CAAC,IAAI,CACV,cAAc,CAAC,wBAAwB,EACvC,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACxB,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QACzC,IAAI,MAAoC,CAAC;QAEzC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACb,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,iBAAiB,EAAE;gBACtC,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,sBAAsB,EAAE;gBACrD,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;QAED,MAAM,SAAS,GAAG,YAAY,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QAE7C,IAAI,CAAC;YACJ,MAAM,GAAG,kBAAkB,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC7C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,qBAAqB,EAAE;gBAC1C,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE;gBAClC,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;QAED,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;QAEpD,eAAe,CAAC,IAAI,CAAC,CAAC;QACtB,YAAY,CAAC,IAAI,CAAC,CAAC;QAEnB,IAAI,CAAC;YACJ,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAE1D,IAAI,CAAC,YAAY,EAAE,CAAC;gBACnB,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,6BAA6B,EAAE;oBAClD,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE;oBACrC,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,MAAM,SAAS,GAAG,mBAAmB,CACpC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EACpB,GAAG,CAAC,GAAG,EACP,GAAG,CAAC,EAAE,EACN,IAAI,CACJ,CAAC;YACF,MAAM,gBAAgB,GAAG,CACxB,MAAM,KAAK,CAAC,iBAAiB,CAAC,4BAA4B,CACzD,sBAAsB,EACtB,IAAI,EACJ,SAAS,CACT,CACD,CAAC,CAAC,CAAC,CAAC;YAEL,MAAM,EACL,KAAK,EACL,MAAM,EACN,SAAS,EAAE,cAAc,EACzB,iBAAiB,GACjB,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC,cAAc,CAC/C,YAAY,EACZ,WAAW,CAAC,KAAK,EACjB,GAAG,EACH,SAAS,EACT,gBAAgB,EAChB,GAAG,CAAC,EAAE,CACN,CAAC;YAEF,IAAI,CAAC,KAAK,EAAE,CAAC;gBACZ,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,MAAM,IAAI,iBAAiB,EAAE;oBAChD,OAAO,EAAE;wBACR,IAAI,EAAE,GAAG;wBACT,OAAO,EAAE,IAAI;wBACb,IAAI;qBACJ;oBACD,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,MAAM,aAAa,GAA0C;gBAC5D,MAAM,EAAE;oBACP,KAAK,EACJ,iBAAiB;wBACjB,gBAAgB,EAAE,iBAAiB;wBACnC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK;iBACjC;gBACD,QAAQ,EAAE;oBACT,KAAK,EACJ,gBAAgB,EAAE,mBAAmB;wBACrC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK;iBACnC;aACD,CAAC;YAEF,MAAM,QAAQ,GACb,MAAM,KAAK,CAAC,iBAAiB,CAAC,+BAA+B,CAC5D,SAAS,EACT,IAAI,EACJ,SAAS,EACT,aAAa,EACb,YAAY,CAAC,QAAQ,CAAC,cAAc,IAAI,GAAG,EAC3C,cAAc,CACd,CAAC;YACH,MAAM,eAAe,GAAwB;gBAC5C,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,IAAI;gBACxB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAgB,EAAE,EAAE,CAAC,CAAC;oBAClE,GAAG,OAAO;oBACV,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,UAAU,OAAO,CAAC,MAAM,EAAE,CAAC;oBACzC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CACjC,kBAAkB,CAAC,IAAI,EAAE,GAAG,CAAC,cAAc,CAAC,CAC5C;iBACD,CAAC,CAAC;gBACH,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,QAAQ,CAAC,WAAW;gBAC7C,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC,SAAS,CAAC,QAAQ,EAAE;gBACpD,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE;oBACtB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE;wBACrB,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,QAAQ,CAAC,iBAAiB;qBACnD;iBACD;aACD,CAAC;YACF,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACtB,GAAG,EAAE,gCAAgC;gBACrC,IAAI,EAAE;oBACL,WAAW,EAAE,WAAW,CAAC,KAAK;oBAC9B,WAAW,EAAE,QAAQ,CAAC,WAAW;oBACjC,iBAAiB,EAAE,aAAa,CAAC,MAAM,CAAC,KAAK;oBAC7C,IAAI;oBACJ,IAAI;oBACJ,SAAS;iBACT;aACD,CAAC,CAAC,CAAC;YACJ,OAAO,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAClC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG;gBACH,IAAI,EAAE,GAAG,CAAC,MAAM;gBAChB,GAAG,EAAE,0CAA0C;aAC/C,CAAC,CAAC,CAAC;YACJ,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,iBAAiB,EAAE;gBACtC,OAAO,EAAE;oBACR,KAAK,EAAE,GAAG;oBAEV,IAAI,EAAE,GAAG;oBACT,MAAM,EAAE,GAAG,CAAC,MAAM;oBAClB,OAAO,EAAE,GAAG;iBACZ;gBACD,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;IACF,CAAC,CACD,CAAC;IAUF,MAAM,CAAC,IAAI,CACV,cAAc,CAAC,0BAA0B,EACzC,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACxB,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAGzC,IAAI,kBAAkB,EAAE,EAAE,CAAC;YAC1B,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACtB,GAAG,EAAE,gEAAgE;aACrE,CAAC,CAAC,CAAC;YACJ,MAAM,MAAM,GAA4B;gBACvC,MAAM,EAAE,IAAI;gBACZ,QAAQ,EAAE,EAAE;gBACZ,QAAQ,EAAE,IAAI;aACd,CAAC;YACF,OAAO,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzB,CAAC;QAED,IAAI,MAA+B,CAAC;QACpC,IAAI,CAAC;YACJ,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC9C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,qBAAqB,EAAE;gBAC1C,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE;gBAClD,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;QAE9B,eAAe,CAAC,IAAI,CAAC,CAAC;QACtB,YAAY,CAAC,IAAI,CAAC,CAAC;QAEnB,IAAI,CAAC;YACJ,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAEjE,IAAI,CAAC,YAAY,EAAE,CAAC;gBACnB,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,6BAA6B,EAAE;oBAClD,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE;oBACrC,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,MAAM,MAAM,GACX,MAAM,KAAK,CAAC,iBAAiB,CAAC,gBAAgB,CAC7C,IAAI,EACJ,IAAI,EACJ,MAAM,CAAC,SAAS,CAAC,WAAW,CAAC,EAC7B,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,EAC1B,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,SAAS,EAC1C,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,EAC5C,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,WAAW,EAChD,YAAY,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,EAC1B,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EACpB,GAAG,CAAC,GAAG,CACP,CAAC;YAEH,MAAM,WAAW,GAA4B;gBAC5C,MAAM,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,CACjB,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,oBAAoB,CAC7D;gBACD,GAAG,MAAM;aACT,CAAC;YACF,OAAO,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC9B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG;gBACH,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,GAAG,EAAE,4CAA4C;aACjD,CAAC,CAAC,CAAC;YACJ,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,iBAAiB,EAAE;gBACtC,OAAO,EAAE;oBACR,IAAI,EAAE,GAAG;oBACT,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI;oBACtB,KAAK,EAAE,GAAG;iBACV;gBACD,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;IACF,CAAC,CACD,CAAC;IAQF,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,sBAAsB,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3E,IAAI,MAAmD,CAAC;QACxD,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7B,KAAK,CAAC,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAE5B,IAAI,CAAC;YACJ,MAAM,GAAG,iCAAiC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC5D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,qBAAqB,EAAE;gBAC1C,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE;gBAClC,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;QAEzC,eAAe,CAAC,IAAI,CAAC,CAAC;QACtB,YAAY,CAAC,IAAI,CAAC,CAAC;QAEnB,IAAI,CAAC;YACJ,MAAM,cAAc,GAAG,MAAM,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAE5D,IAAI,CAAC,cAAc,EAAE,CAAC;gBACrB,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,6BAA6B,EAAE;oBAClD,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE;oBACrC,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,MAAM,SAAS,GAAG,mBAAmB,CACpC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EACpB,GAAG,CAAC,GAAG,EACP,GAAG,CAAC,EAAE,EACN,IAAI,CACJ,CAAC;YACF,MAAM,gBAAgB,GAAG,CACxB,MAAM,KAAK,CAAC,iBAAiB,CAAC,4BAA4B,CACzD,sBAAsB,EACtB,IAAI,EACJ,SAAS,CACT,CACD,CAAC,CAAC,CAAC,CAAC;YAEL,MAAM,EACL,KAAK,EACL,MAAM,EACN,SAAS,EAAE,cAAc,EACzB,aAAa,GACb,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC,cAAc,CAC/C,cAAc,EACd,WAAW,CAAC,GAAG,EACf,GAAG,EACH,SAAS,EACT,gBAAgB,EAChB,GAAG,CAAC,EAAE,CACN,CAAC;YAEF,IAAI,CAAC,KAAK,EAAE,CAAC;gBACZ,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,MAAM,IAAI,iBAAiB,EAAE;oBAChD,OAAO,EAAE;wBACR,IAAI,EAAE,GAAG;wBACT,OAAO,EAAE,IAAI;wBACb,IAAI;qBACJ;oBACD,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC;YAElC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACb,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,iBAAiB,EAAE;oBACtC,OAAO,EAAE;wBACR,KAAK,EAAE,yBAAyB;wBAChC,IAAI,EAAE,GAAG;wBACT,OAAO,EAAE,IAAI;wBACb,IAAI;qBACJ;oBACD,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,MAAM,UAAU,GACf,aAAa;gBACb,gBAAgB,EAAE,aAAa;gBAC/B,cAAc,EAAE,QAAQ,EAAE,aAAa,CAAC;YACzC,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC,sBAAsB,CACrE,IAAI,EACJ,IAAI,EACJ,MAAM,EACN,UAAU,CACV,CAAC;YAEF,MAAM,KAAK,CAAC,EAAE,CAAC,qBAAqB,CACnC,SAAS,CAAC,SAAS,EACnB;gBACC,oBAAoB,EAAE,SAAS,CAAC,oBAAoB;gBACpD,WAAW,EAAE,IAAI;gBACjB,WAAW,EAAE,IAAI;aACjB,EACD,SAAS,CAAC,UAAU,EACpB,SAAS,CAAC,iBAAiB,EAC3B,qBAAqB,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,EACnC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EACpB,GAAG,CAAC,GAAG,EACP,cAAc,CACd,CAAC;YAEF,MAAM,qBAAqB,GAA0B;gBACpD,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,IAAI;gBACxB,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC,SAAS;gBAC1C,CAAC,SAAS,CAAC,UAAU,CAAC,EAAE,SAAS,CAAC,UAAU;gBAC5C,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC,oBAAoB,CAAC,QAAQ,EAAE;gBAChE,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE;oBACtB,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE;wBACrB,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,SAAS,CAAC,iBAAiB;qBAClD;iBACD;aACD,CAAC;YAEF,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACtB,GAAG,EAAE,8BAA8B;gBACnC,IAAI,EAAE;oBACL,WAAW,EAAE,WAAW,CAAC,GAAG;oBAC5B,SAAS,EAAE,SAAS,CAAC,SAAS;oBAC9B,UAAU,EAAE,SAAS,CAAC,UAAU;oBAChC,IAAI;oBACJ,IAAI;oBACJ,OAAO,EAAE,SAAS;iBAClB;aACD,CAAC,CAAC,CAAC;YACJ,OAAO,GAAG,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QACxC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG;gBACH,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,GAAG,EAAE,wCAAwC;aAC7C,CAAC,CAAC,CAAC;YACJ,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,iBAAiB,EAAE;gBACtC,OAAO,EAAE;oBACR,IAAI,EAAE,GAAG;oBACT,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI;oBACtB,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI;oBACnB,KAAK,EAAE,GAAG;iBACV;gBACD,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;IACF,CAAC,CAAC,CAAC;IAWH,MAAM,CAAC,IAAI,CACV,cAAc,CAAC,wBAAwB,EACvC,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACxB,IAAI,MAA8C,CAAC;QACnD,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAGzC,IAAI,kBAAkB,EAAE,EAAE,CAAC;YAC1B,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACtB,GAAG,EAAE,8CAA8C;aACnD,CAAC,CAAC,CAAC;YACJ,MAAM,QAAQ,GAA+B;gBAC5C,MAAM,EAAE,IAAI;gBACZ,QAAQ,EAAE,IAAI;aACd,CAAC;YACF,OAAO,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC3B,CAAC;QAED,IAAI,CAAC;YACJ,MAAM,GAAG,4BAA4B,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACvD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,qBAAqB,EAAE;gBAC1C,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE;gBAClD,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;QAED,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,IAAI,EAAE,GACjE,MAAM,CAAC;QAER,eAAe,CAAC,IAAI,CAAC,CAAC;QACtB,YAAY,CAAC,IAAI,CAAC,CAAC;QAEnB,IAAI,CAAC;YACJ,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAE1D,IAAI,CAAC,YAAY,EAAE,CAAC;gBACnB,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,6BAA6B,EAAE;oBAClD,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE;oBACrC,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,iBAAiB,CAAC,wBAAwB,CACtE,SAAS,EACT,SAAS,CAAC,QAAQ,CAAC,SAAS,EAC5B,KAAK,EACL,eAAe,EACf,SAAS,CAAC,IAAI,CAAC,SAAS,EACxB,YAAY,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,EAC1B,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CACpB,CAAC;YACF,MAAM,QAAQ,GAA+B,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;YACxE,OAAO,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC3B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG;gBACH,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,GAAG,EAAE,0CAA0C;aAC/C,CAAC,CAAC,CAAC;YACJ,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,iBAAiB,EAAE;gBACtC,OAAO,EAAE;oBACR,IAAI,EAAE,GAAG;oBACT,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI;oBACtB,KAAK,EAAE,GAAG;iBACV;gBACD,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;IACF,CAAC,CACD,CAAC;IAKF,MAAM,CAAC,IAAI,CACV,cAAc,CAAC,+BAA+B,EAC9C,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACxB,IAAI,CAAC;YACJ,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,GACpC,0CAA0C,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAG5D,IAAI,kBAAkB,EAAE,EAAE,CAAC;gBAC1B,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;oBACtB,GAAG,EAAE,uEAAuE;oBAC5E,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;iBACpB,CAAC,CAAC,CAAC;gBAGJ,OAAO,GAAG,CAAC,IAAI,CACd,MAAM,KAAK,CAAC,mBAAmB,CAAC,cAAc,CAAC;oBAC9C,KAAK;oBACL,KAAK,EAAE,CAAC;oBACR,SAAS,EAAE,GAAG;oBACd,eAAe,EAAE;wBAChB,SAAS,EAAE,CAAC;qBACZ;oBACD,qBAAqB,EAAE,CAAC;oBACxB,SAAS,EAAE,qBAAqB,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC;oBAC9C,aAAa,EAAE,SAAS;oBACxB,OAAO,EAAE,KAAK;oBACd,MAAM,EAAE,KAAK;oBACb,iBAAiB,EAAE,EAAE;iBACrB,CAAC,CACF,CAAC;YACH,CAAC;YAGD,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,EAAE,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;YAEpE,IAAI,aAAa,EAAE,CAAC;gBACnB,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;oBACtB,KAAK,EAAE,aAAa;oBACpB,GAAG,EAAE,6BAA6B;iBAClC,CAAC,CAAC,CAAC;gBACJ,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,iBAAiB,EAAE;oBACtC,OAAO,EAAE;wBACR,IAAI,EAAE,GAAG;wBACT,OAAO,EAAE,IAAI;wBACb,IAAI;qBACJ;oBACD,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,MAAM,MAAM,GAAG,KAAK,CAAC,mBAAmB,CAAC,cAAc,CACtD,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,IAAI,EAAE,CACpC,CAAC;YAEF,MAAM,EACL,YAAY,EACZ,SAAS,EACT,qBAAqB,EACrB,MAAM,EACN,SAAS,EACT,OAAO,EACP,MAAM,EACN,iBAAiB,GACjB,GAAG,MAAM,KAAK,CAAC,mBAAmB,CAAC,cAAc,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAEpE,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG,EAAE,mBAAmB;gBACxB,IAAI,EAAE;oBACL,YAAY;oBACZ,SAAS;oBACT,qBAAqB;oBACrB,MAAM;oBACN,SAAS;oBACT,OAAO;iBACP;aACD,CAAC,CAAC,CAAC;YAEJ,IAAI,QAAQ,GAAG,YAAY,GAAG,MAAM,CAAC;YAErC,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAE1D,IAAI,CAAC,YAAY,EAAE,CAAC;gBACnB,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,6BAA6B,EAAE;oBAClD,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE;oBACrC,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GACtB,MAAM,KAAK,CAAC,mBAAmB,CAAC,cAAc,CAC7C,YAAY,EACZ,WAAW,CAAC,YAAY,EACxB,GAAG,CACH,CAAC;YAEH,IAAI,CAAC,KAAK,EAAE,CAAC;gBACZ,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,MAAM,IAAI,iBAAiB,EAAE;oBAChD,OAAO,EAAE;wBACR,IAAI,EAAE,GAAG;wBACT,OAAO,EAAE,IAAI;wBACb,IAAI;qBACJ;oBACD,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,GAAG,CAAC,MAAM;iBAClB,CAAC,CACF,CAAC;YACH,CAAC;YAED,MAAM,YAAY,GACjB,YAAY,CAAC,QAAQ,EAAE,qBAAqB;gBAC5C,8BAA8B,CAAC;YAGhC,IAAI,eAAe,GAAoB;gBACtC,SAAS,EAAE,YAAY;gBACvB,GAAG,CAAC,MAAM,IAAI,EAAE,MAAM,EAAE,CAAC;aACzB,CAAC;YAEF,MAAM,SAAS,GAAG,qBAAqB,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;YAGtD,KAAK,CAAC,mBAAmB,CAAC,gBAAgB,CAAC;gBAC1C,KAAK;gBACL,KAAK,EAAE,QAAQ;gBACf,SAAS,EAAE,YAAY;gBACvB,eAAe;gBACf,qBAAqB;gBACrB,SAAS;gBACT,OAAO;gBACP,MAAM;gBACN,iBAAiB;aACjB,CAAC,CAAC;YAGH,MAAM,SAAS,GAAG,mBAAmB,CACpC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EACpB,GAAG,CAAC,GAAG,EACP,GAAG,CAAC,EAAE,EACN,IAAI,CACJ,CAAC;YACF,MAAM,gBAAgB,GAAG,CACxB,MAAM,KAAK,CAAC,mBAAmB,CAAC,4BAA4B,CAC3D,sBAAsB,EACtB,IAAI,EACJ,SAAS,CACT,CACD,CAAC,CAAC,CAAC,CAAC;YAIL,MAAM,gBAAgB,GAAG,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;YACnD,MAAM,sBAAsB,GAAG,gBAAgB;gBAC9C,CAAC,CAAC,aAAa,CAAC,gBAAgB,CAAC;gBACjC,CAAC,CAAC,EAAE,CAAC;YACN,MAAM,kBAAkB,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;YACvD,IACC,sBAAsB,KAAK,SAAS;gBACpC,kBAAkB,KAAK,MAAM,EAC5B,CAAC;gBACF,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;oBACtB,GAAG,EAAE,sCAAsC;oBAC3C,IAAI,EAAE;wBACL,gBAAgB;wBAChB,sBAAsB;wBACtB,SAAS,EAAE,SAAS;wBACpB,kBAAkB;wBAClB,MAAM;qBACN;iBACD,CAAC,CAAC,CAAC;gBACJ,OAAO,GAAG,CAAC,IAAI,CACd,MAAM,KAAK,CAAC,mBAAmB,CAAC,gBAAgB,CAAC;oBAChD,iBAAiB,EAAE,sBAAsB,CAAC,SAAS,CAAC;iBACpD,CAAC,CACF,CAAC;YACH,CAAC;YAGD,IAAI,gBAAgB,EAAE,CAAC;gBACtB,MAAM,WAAW,GAChB,KAAK,CAAC,mBAAmB,CAAC,yBAAyB,CAClD,gBAAgB,EAChB,YAAY,EACZ,QAAQ,EACR,eAAe,CACf,CAAC;gBACH,QAAQ,GAAG,WAAW,CAAC,KAAK,CAAC;gBAC7B,eAAe,GAAG,WAAW,CAAC,eAAe,CAAC;gBAC9C,KAAK,CAAC,mBAAmB,CAAC,WAAW,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;gBAEjE,IAAI,gBAAgB,CAAC,WAAW,KAAK,WAAW,CAAC,KAAK,EAAE,CAAC;oBACxD,OAAO,GAAG,CAAC,IAAI,CACd,MAAM,KAAK,CAAC,mBAAmB,CAAC,gBAAgB,CAAC;wBAChD,iBAAiB,EAAE,gBAAgB,CAAC,iBAAiB;qBACrD,CAAC,CACF,CAAC;gBACH,CAAC;gBACD,IAAI,gBAAgB,CAAC,WAAW,KAAK,WAAW,CAAC,GAAG,EAAE,CAAC;oBACtD,OAAO,GAAG,CAAC,IAAI,CACd,MAAM,KAAK,CAAC,mBAAmB,CAAC,cAAc,CAAC;wBAC9C,aAAa,EAAE,SAAS;qBACxB,CAAC,CACF,CAAC;gBACH,CAAC;YACF,CAAC;YAED,IAAI,YAAY,CAAC,QAAQ,CAAC,eAAe,IAAI,OAAO,EAAE,CAAC;gBACtD,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;oBACxB,GAAG,EAAE,kBAAkB;iBACvB,CAAC,CAAC,CAAC;gBACJ,MAAM,WAAW,GAAG,KAAK,CAAC,mBAAmB,CAAC,oBAAoB,CACjE,YAAY,EACZ,QAAQ,EACR,eAAe,CACf,CAAC;gBACF,QAAQ,GAAG,WAAW,CAAC,KAAK,CAAC;gBAC7B,eAAe,GAAG,WAAW,CAAC,eAAe,CAAC;gBAC9C,KAAK,CAAC,mBAAmB,CAAC,WAAW,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;gBAEjE,OAAO,GAAG,CAAC,IAAI,CACd,MAAM,KAAK,CAAC,mBAAmB,CAAC,gBAAgB,CAAC;oBAChD,iBAAiB,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC;iBACvD,CAAC,CACF,CAAC;YACH,CAAC;YAGD,IAAI,mBAAmB,CAAC,eAAe,CAAC,SAAS,CAAC,EAAE,CAAC;gBACpD,MAAM,WAAW,GAAG,KAAK,CAAC,mBAAmB,CAAC,sBAAsB,CACnE,SAAS,EACT,YAAY,EACZ,QAAQ,EACR,eAAe,CACf,CAAC;gBACF,QAAQ,GAAG,WAAW,CAAC,KAAK,CAAC;gBAC7B,eAAe,GAAG,WAAW,CAAC,eAAe,CAAC;gBAC9C,KAAK,CAAC,mBAAmB,CAAC,WAAW,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;gBAEjE,OAAO,GAAG,CAAC,IAAI,CACd,MAAM,KAAK,CAAC,mBAAmB,CAAC,gBAAgB,CAAC;oBAChD,iBAAiB,EAAE,sBAAsB,CAAC,SAAS,CAAC;iBACpD,CAAC,CACF,CAAC;YACH,CAAC;YAGD,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,mBAAmB,CAAC,YAAY,CAChE,qBAAqB,CACrB,CAAC;YACF,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC;gBAC5B,MAAM,WAAW,GAChB,KAAK,CAAC,mBAAmB,CAAC,2BAA2B,CACpD,YAAY,CAAC,MAAM,EACnB,YAAY,EACZ,QAAQ,EACR,eAAe,CACf,CAAC;gBACH,QAAQ,GAAG,WAAW,CAAC,KAAK,CAAC;gBAC7B,eAAe,GAAG,WAAW,CAAC,eAAe,CAAC;gBAC9C,KAAK,CAAC,mBAAmB,CAAC,WAAW,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;YAClE,CAAC;YAGD,IAAI,MAAM,CAAC,QAAQ,CAAC,GAAG,YAAY,EAAE,CAAC;gBACrC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;oBACtB,GAAG,EAAE,qCAAqC;oBAC1C,IAAI,EAAE;wBACL,QAAQ;wBACR,YAAY;wBACZ,KAAK;qBACL;iBACD,CAAC,CAAC,CAAC;gBACJ,OAAO,GAAG,CAAC,IAAI,CACd,MAAM,KAAK,CAAC,mBAAmB,CAAC,gBAAgB,CAAC;oBAChD,iBAAiB,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK;iBACnD,CAAC,CACF,CAAC;YACH,CAAC;YAGD,OAAO,GAAG,CAAC,IAAI,CACd,MAAM,KAAK,CAAC,mBAAmB,CAAC,cAAc,CAAC;gBAC9C,aAAa,EAAE,SAAS;aACxB,CAAC,CACF,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG;gBACH,GAAG,EAAE,yCAAyC;aAC9C,CAAC,CAAC,CAAC;YACJ,OAAO,IAAI,CACV,IAAI,eAAe,CAAC,iBAAiB,EAAE;gBACtC,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE;gBAClC,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;aAClB,CAAC,CACF,CAAC;QACH,CAAC;IACF,CAAC,CACD,CAAC;IAKF,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAEzB,OAAO,MAAM,CAAC;AACf,CAAC"}

package/dist/api/domainMiddleware.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { ProviderEnvironment } from "@prosopo/types-env";
+import type { NextFunction, Request, Response } from "express";
+export declare const domainMiddleware: (env: ProviderEnvironment) => (req: Request, res: Response, next: NextFunction) => Promise<void>;
+//# sourceMappingURL=domainMiddleware.d.ts.map

package/dist/api/domainMiddleware.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"domainMiddleware.d.ts","sourceRoot":"","sources":["../../src/api/domainMiddleware.ts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAE9D,OAAO,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAK/D,eAAO,MAAM,gBAAgB,QAAS,mBAAmB,WAGrC,OAAO,OAAO,QAAQ,QAAQ,YAAY,kBAsD7D,CAAC"}

package/dist/api/domainMiddleware.js CHANGED Viewed

@@ -8,26 +8,26 @@ const domainMiddleware = (env) => {
   const tasks = new Tasks(env);
   return async (req, res, next) => {
     try {
-      const dapp = req.headers["prosopo-site-key"];
-      if (!dapp)
+      const siteKey = req.headers["prosopo-site-key"];
+      if (!siteKey)
         throw siteKeyNotRegisteredError(
           req.i18n,
           "No sitekey provided",
           req.logger
         );
       try {
-        validateAddress(dapp, false, 42);
+        validateAddress(siteKey, false, 42);
       } catch (err) {
-        throw invalidSiteKeyError(req.i18n, dapp, req.logger);
+        throw invalidSiteKeyError(req.i18n, siteKey, req.logger);
       }
-      const clientSettings = await tasks.db.getClientRecord(dapp);
+      const clientSettings = await tasks.db.getClientRecord(siteKey);
       if (!clientSettings)
-        throw siteKeyNotRegisteredError(req.i18n, dapp, req.logger);
+        throw siteKeyNotRegisteredError(req.i18n, siteKey, req.logger);
       const allowedDomains = clientSettings.settings?.domains;
       if (!allowedDomains)
         throw siteKeyInvalidDomainError(
           req.i18n,
-          dapp,
+          siteKey,
           req.hostname,
           req.logger
         );
@@ -35,7 +35,7 @@ const domainMiddleware = (env) => {
       if (!origin)
         throw unauthorizedOriginError(req.i18n, void 0, req.logger);
       for (const domain of allowedDomains) {
-        if (tasks.clientTaskManager.isSubdomainOrExactMatch(origin, domain)) {
+        if (tasks.clientTaskManager.domainPatternMatcher(origin, domain)) {
           next();
           return;
         }