@renown/sdk 6.2.0-dev.5 → 6.2.0-dev.50
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser-key-storage-DSkDBAhU.d.ts +14 -0
- package/dist/browser-key-storage-DSkDBAhU.d.ts.map +1 -0
- package/dist/browser-key-storage-v4O-fjz0.js +68 -0
- package/dist/browser-key-storage-v4O-fjz0.js.map +1 -0
- package/dist/crypto.d.ts +3 -0
- package/dist/crypto.js +3 -0
- package/dist/index.d.ts +3 -11
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +3 -66
- package/dist/index.js.map +1 -1
- package/dist/node.d.ts +2 -1
- package/dist/node.d.ts.map +1 -1
- package/dist/node.js +2 -1
- package/dist/node.js.map +1 -1
- package/dist/renown-builder-CQIpzrA6.js +433 -0
- package/dist/renown-builder-CQIpzrA6.js.map +1 -0
- package/dist/{utils-CfiesQfZ.d.ts → signer-DYKGoYHB.d.ts} +27 -194
- package/dist/signer-DYKGoYHB.d.ts.map +1 -0
- package/dist/{renown-builder-BvFud66V.js → signer-XkA-D7Qt.js} +2 -417
- package/dist/signer-XkA-D7Qt.js.map +1 -0
- package/dist/utils-D8C7f9Qs.d.ts +182 -0
- package/dist/utils-D8C7f9Qs.d.ts.map +1 -0
- package/package.json +26 -4
- package/dist/renown-builder-BvFud66V.js.map +0 -1
- package/dist/utils-CfiesQfZ.d.ts.map +0 -1
|
@@ -0,0 +1,433 @@
|
|
|
1
|
+
import { m as verifyAuthBearerToken, p as parsePkhDid, s as RenownCryptoBuilder, t as RenownCryptoSigner } from "./signer-XkA-D7Qt.js";
|
|
2
|
+
import { recoverTypedDataAddress } from "viem";
|
|
3
|
+
//#region src/constants.ts
|
|
4
|
+
const DEFAULT_RENOWN_URL = "https://www.renown.id";
|
|
5
|
+
const DEFAULT_RENOWN_NETWORK_ID = "eip155";
|
|
6
|
+
const DEFAULT_RENOWN_CHAIN_ID = "1";
|
|
7
|
+
const DOMAIN_TYPE = [{
|
|
8
|
+
name: "version",
|
|
9
|
+
type: "string"
|
|
10
|
+
}, {
|
|
11
|
+
name: "chainId",
|
|
12
|
+
type: "uint256"
|
|
13
|
+
}];
|
|
14
|
+
const VERIFIABLE_CREDENTIAL_EIP712_TYPE = [
|
|
15
|
+
{
|
|
16
|
+
name: "@context",
|
|
17
|
+
type: "string[]"
|
|
18
|
+
},
|
|
19
|
+
{
|
|
20
|
+
name: "type",
|
|
21
|
+
type: "string[]"
|
|
22
|
+
},
|
|
23
|
+
{
|
|
24
|
+
name: "id",
|
|
25
|
+
type: "string"
|
|
26
|
+
},
|
|
27
|
+
{
|
|
28
|
+
name: "issuer",
|
|
29
|
+
type: "Issuer"
|
|
30
|
+
},
|
|
31
|
+
{
|
|
32
|
+
name: "credentialSubject",
|
|
33
|
+
type: "CredentialSubject"
|
|
34
|
+
},
|
|
35
|
+
{
|
|
36
|
+
name: "credentialSchema",
|
|
37
|
+
type: "CredentialSchema"
|
|
38
|
+
},
|
|
39
|
+
{
|
|
40
|
+
name: "issuanceDate",
|
|
41
|
+
type: "string"
|
|
42
|
+
},
|
|
43
|
+
{
|
|
44
|
+
name: "expirationDate",
|
|
45
|
+
type: "string"
|
|
46
|
+
}
|
|
47
|
+
];
|
|
48
|
+
const CREDENTIAL_SCHEMA_EIP712_TYPE = [{
|
|
49
|
+
name: "id",
|
|
50
|
+
type: "string"
|
|
51
|
+
}, {
|
|
52
|
+
name: "type",
|
|
53
|
+
type: "string"
|
|
54
|
+
}];
|
|
55
|
+
const CREDENTIAL_SUBJECT_TYPE = [{
|
|
56
|
+
name: "app",
|
|
57
|
+
type: "string"
|
|
58
|
+
}, {
|
|
59
|
+
name: "id",
|
|
60
|
+
type: "string"
|
|
61
|
+
}];
|
|
62
|
+
const ISSUER_TYPE = [{
|
|
63
|
+
name: "id",
|
|
64
|
+
type: "string"
|
|
65
|
+
}, {
|
|
66
|
+
name: "ethereumAddress",
|
|
67
|
+
type: "string"
|
|
68
|
+
}];
|
|
69
|
+
const CREDENTIAL_TYPES = {
|
|
70
|
+
EIP712Domain: DOMAIN_TYPE,
|
|
71
|
+
VerifiableCredential: VERIFIABLE_CREDENTIAL_EIP712_TYPE,
|
|
72
|
+
CredentialSchema: CREDENTIAL_SCHEMA_EIP712_TYPE,
|
|
73
|
+
CredentialSubject: CREDENTIAL_SUBJECT_TYPE,
|
|
74
|
+
Issuer: ISSUER_TYPE
|
|
75
|
+
};
|
|
76
|
+
//#endregion
|
|
77
|
+
//#region src/credential.ts
|
|
78
|
+
/** Assemble a Renown delegation VC and sign it with the provided signer. */
|
|
79
|
+
async function buildAndSignCredential(params) {
|
|
80
|
+
const { signTypedData, address, chainId, app, appId, expiresInDays = 7 } = params;
|
|
81
|
+
const issuerId = `did:pkh:${DEFAULT_RENOWN_NETWORK_ID}:${chainId}:${address.toLowerCase()}`;
|
|
82
|
+
const credentialId = `urn:uuid:${globalThis.crypto.randomUUID()}`;
|
|
83
|
+
const now = /* @__PURE__ */ new Date();
|
|
84
|
+
const expirationDate = new Date(now.getTime() + expiresInDays * 24 * 60 * 60 * 1e3);
|
|
85
|
+
const message = {
|
|
86
|
+
"@context": ["https://www.w3.org/2018/credentials/v1"],
|
|
87
|
+
type: ["VerifiableCredential", "RenownCredential"],
|
|
88
|
+
id: credentialId,
|
|
89
|
+
issuer: {
|
|
90
|
+
id: issuerId,
|
|
91
|
+
ethereumAddress: address
|
|
92
|
+
},
|
|
93
|
+
credentialSubject: {
|
|
94
|
+
id: appId,
|
|
95
|
+
app
|
|
96
|
+
},
|
|
97
|
+
credentialSchema: {
|
|
98
|
+
id: "https://renown.id/schemas/renown-credential/v1",
|
|
99
|
+
type: "JsonSchemaValidator2018"
|
|
100
|
+
},
|
|
101
|
+
issuanceDate: now.toISOString(),
|
|
102
|
+
expirationDate: expirationDate.toISOString()
|
|
103
|
+
};
|
|
104
|
+
const domain = {
|
|
105
|
+
version: "1",
|
|
106
|
+
chainId
|
|
107
|
+
};
|
|
108
|
+
const { EIP712Domain, ...signTypes } = CREDENTIAL_TYPES;
|
|
109
|
+
const signature = await signTypedData({
|
|
110
|
+
domain,
|
|
111
|
+
types: signTypes,
|
|
112
|
+
primaryType: "VerifiableCredential",
|
|
113
|
+
message
|
|
114
|
+
});
|
|
115
|
+
return {
|
|
116
|
+
...message,
|
|
117
|
+
proof: {
|
|
118
|
+
type: "EthereumEip712Signature2021",
|
|
119
|
+
created: message.issuanceDate,
|
|
120
|
+
verificationMethod: issuerId,
|
|
121
|
+
proofPurpose: "assertionMethod",
|
|
122
|
+
proofValue: signature,
|
|
123
|
+
ethereumAddress: address,
|
|
124
|
+
eip712: {
|
|
125
|
+
domain,
|
|
126
|
+
types: CREDENTIAL_TYPES,
|
|
127
|
+
primaryType: "VerifiableCredential"
|
|
128
|
+
}
|
|
129
|
+
}
|
|
130
|
+
};
|
|
131
|
+
}
|
|
132
|
+
/** Recover the address that signed a credential's EIP-712 proof. */
|
|
133
|
+
async function recoverCredentialSigner(credential) {
|
|
134
|
+
const { proof, ...message } = credential;
|
|
135
|
+
const { EIP712Domain, ...types } = CREDENTIAL_TYPES;
|
|
136
|
+
return recoverTypedDataAddress({
|
|
137
|
+
domain: proof.eip712.domain,
|
|
138
|
+
types,
|
|
139
|
+
primaryType: "VerifiableCredential",
|
|
140
|
+
message,
|
|
141
|
+
signature: proof.proofValue
|
|
142
|
+
});
|
|
143
|
+
}
|
|
144
|
+
/** True when the proof was signed by the credential's declared issuer address. */
|
|
145
|
+
async function verifyCredentialSignature(credential) {
|
|
146
|
+
try {
|
|
147
|
+
return (await recoverCredentialSigner(credential)).toLowerCase() === credential.issuer.ethereumAddress.toLowerCase();
|
|
148
|
+
} catch {
|
|
149
|
+
return false;
|
|
150
|
+
}
|
|
151
|
+
}
|
|
152
|
+
//#endregion
|
|
153
|
+
//#region src/storage/common.ts
|
|
154
|
+
var BaseStorage = class {};
|
|
155
|
+
var MemoryStorage = class extends BaseStorage {
|
|
156
|
+
data = /* @__PURE__ */ new Map();
|
|
157
|
+
get(key) {
|
|
158
|
+
return this.data.get(key);
|
|
159
|
+
}
|
|
160
|
+
set(key, value) {
|
|
161
|
+
if (value === void 0) this.data.delete(key);
|
|
162
|
+
else this.data.set(key, value);
|
|
163
|
+
}
|
|
164
|
+
delete(key) {
|
|
165
|
+
this.data.delete(key);
|
|
166
|
+
}
|
|
167
|
+
};
|
|
168
|
+
//#endregion
|
|
169
|
+
//#region src/common.ts
|
|
170
|
+
var RenownMemoryStorage = class extends MemoryStorage {};
|
|
171
|
+
var Renown = class {
|
|
172
|
+
#baseUrl;
|
|
173
|
+
#store;
|
|
174
|
+
#eventEmitter;
|
|
175
|
+
#appName;
|
|
176
|
+
#crypto;
|
|
177
|
+
#signer;
|
|
178
|
+
#profileFetcher;
|
|
179
|
+
#status = "initial";
|
|
180
|
+
constructor(store, eventEmitter, crypto, appName, baseUrl = DEFAULT_RENOWN_URL, profileFetcher) {
|
|
181
|
+
this.#store = store;
|
|
182
|
+
this.#eventEmitter = eventEmitter;
|
|
183
|
+
this.#baseUrl = baseUrl;
|
|
184
|
+
this.#crypto = crypto;
|
|
185
|
+
this.#appName = appName;
|
|
186
|
+
this.#profileFetcher = profileFetcher;
|
|
187
|
+
this.#signer = new RenownCryptoSigner(crypto, this.#appName, this.user);
|
|
188
|
+
this.on("user", (user) => {
|
|
189
|
+
this.#signer.user = user;
|
|
190
|
+
});
|
|
191
|
+
}
|
|
192
|
+
get baseUrl() {
|
|
193
|
+
return this.#baseUrl;
|
|
194
|
+
}
|
|
195
|
+
get user() {
|
|
196
|
+
return this.#store.get("user");
|
|
197
|
+
}
|
|
198
|
+
get status() {
|
|
199
|
+
return this.#status;
|
|
200
|
+
}
|
|
201
|
+
get signer() {
|
|
202
|
+
return this.#signer;
|
|
203
|
+
}
|
|
204
|
+
get crypto() {
|
|
205
|
+
return this.#crypto;
|
|
206
|
+
}
|
|
207
|
+
get did() {
|
|
208
|
+
return this.#crypto.did;
|
|
209
|
+
}
|
|
210
|
+
get profileFetcher() {
|
|
211
|
+
return this.#profileFetcher;
|
|
212
|
+
}
|
|
213
|
+
#updateStatus(status) {
|
|
214
|
+
this.#status = status;
|
|
215
|
+
this.#eventEmitter.emit("status", status);
|
|
216
|
+
}
|
|
217
|
+
#updateUser(user) {
|
|
218
|
+
if (user) this.#store.set("user", user);
|
|
219
|
+
else this.#store.delete("user");
|
|
220
|
+
this.#eventEmitter.emit("user", user);
|
|
221
|
+
}
|
|
222
|
+
async login(userDid) {
|
|
223
|
+
this.#updateStatus("checking");
|
|
224
|
+
try {
|
|
225
|
+
const result = parsePkhDid(userDid);
|
|
226
|
+
const credential = await this.#getCredential(result.address, result.chainId, this.#crypto.did);
|
|
227
|
+
if (!credential) {
|
|
228
|
+
this.#updateUser(void 0);
|
|
229
|
+
throw new Error("Credential not found");
|
|
230
|
+
}
|
|
231
|
+
if (!(credential.issuer.id === userDid && credential.credentialSubject.id === this.did)) throw new Error("Invalid credential");
|
|
232
|
+
const verifiableCredential = credential.proof.eip712?.domain ? credential : {
|
|
233
|
+
...credential,
|
|
234
|
+
proof: {
|
|
235
|
+
...credential.proof,
|
|
236
|
+
eip712: {
|
|
237
|
+
domain: {
|
|
238
|
+
version: "1",
|
|
239
|
+
chainId: result.chainId
|
|
240
|
+
},
|
|
241
|
+
types: CREDENTIAL_TYPES,
|
|
242
|
+
primaryType: "VerifiableCredential"
|
|
243
|
+
}
|
|
244
|
+
}
|
|
245
|
+
};
|
|
246
|
+
if (credential.issuer.ethereumAddress.toLowerCase() !== result.address.toLowerCase() || verifiableCredential.proof.eip712.domain.chainId !== result.chainId || !await verifyCredentialSignature(verifiableCredential)) throw new Error("Invalid credential signature");
|
|
247
|
+
const user = {
|
|
248
|
+
...result,
|
|
249
|
+
address: credential.issuer.ethereumAddress,
|
|
250
|
+
did: userDid,
|
|
251
|
+
credential: verifiableCredential
|
|
252
|
+
};
|
|
253
|
+
this.#updateUser(user);
|
|
254
|
+
this.#updateStatus("authorized");
|
|
255
|
+
if (this.#profileFetcher) this.#profileFetcher(user, this.#baseUrl).then((profile) => {
|
|
256
|
+
if (profile && this.user?.address === user.address && this.user.chainId === user.chainId) this.#updateUser({
|
|
257
|
+
...this.user,
|
|
258
|
+
profile,
|
|
259
|
+
ens: {
|
|
260
|
+
name: profile.username ?? void 0,
|
|
261
|
+
avatarUrl: profile.userImage ?? void 0
|
|
262
|
+
}
|
|
263
|
+
});
|
|
264
|
+
}).catch(console.error);
|
|
265
|
+
return user;
|
|
266
|
+
} catch (error) {
|
|
267
|
+
this.#updateUser(void 0);
|
|
268
|
+
this.#updateStatus("not-authorized");
|
|
269
|
+
throw error;
|
|
270
|
+
}
|
|
271
|
+
}
|
|
272
|
+
logout() {
|
|
273
|
+
this.#updateUser(void 0);
|
|
274
|
+
this.#updateStatus("initial");
|
|
275
|
+
return Promise.resolve();
|
|
276
|
+
}
|
|
277
|
+
on(event, listener) {
|
|
278
|
+
return this.#eventEmitter.on(event, listener);
|
|
279
|
+
}
|
|
280
|
+
async #getCredential(address, chainId, appDid) {
|
|
281
|
+
if (!this.#baseUrl) throw new Error("RENOWN_URL is not set");
|
|
282
|
+
const url = new URL(`/api/auth/credential?address=${encodeURIComponent(address)}&chainId=${encodeURIComponent(chainId)}&connectId=${encodeURIComponent(appDid)}&appId=${encodeURIComponent(appDid)}`, this.#baseUrl);
|
|
283
|
+
const response = await fetch(url, { method: "GET" });
|
|
284
|
+
if (response.ok) return (await response.json()).credential;
|
|
285
|
+
else throw new Error(`Failed to get credential: ${response.status}`);
|
|
286
|
+
}
|
|
287
|
+
async verifyBearerToken(token) {
|
|
288
|
+
return verifyAuthBearerToken(token);
|
|
289
|
+
}
|
|
290
|
+
async getBearerToken(options) {
|
|
291
|
+
if (!this.user) throw new Error("User not found");
|
|
292
|
+
return this.#crypto.getBearerToken(this.user.address, options);
|
|
293
|
+
}
|
|
294
|
+
};
|
|
295
|
+
//#endregion
|
|
296
|
+
//#region src/event/memory.ts
|
|
297
|
+
var MemoryEventEmitter = class {
|
|
298
|
+
#listeners = /* @__PURE__ */ new Map();
|
|
299
|
+
on(event, listener) {
|
|
300
|
+
if (!this.#listeners.has(event)) this.#listeners.set(event, /* @__PURE__ */ new Set());
|
|
301
|
+
this.#listeners.get(event).add(listener);
|
|
302
|
+
return () => {
|
|
303
|
+
this.#listeners.get(event)?.delete(listener);
|
|
304
|
+
};
|
|
305
|
+
}
|
|
306
|
+
emit(event, data) {
|
|
307
|
+
this.#listeners.get(event)?.forEach((listener) => listener(data));
|
|
308
|
+
}
|
|
309
|
+
};
|
|
310
|
+
//#endregion
|
|
311
|
+
//#region src/profile.ts
|
|
312
|
+
const fetchRenownProfile = async (user, baseUrl) => {
|
|
313
|
+
try {
|
|
314
|
+
const response = await fetch(`${baseUrl}/api/profile`, {
|
|
315
|
+
method: "POST",
|
|
316
|
+
headers: { "Content-Type": "application/json" },
|
|
317
|
+
body: JSON.stringify({ ethAddress: user.address })
|
|
318
|
+
});
|
|
319
|
+
if (!response.ok) return;
|
|
320
|
+
return (await response.json()).profile ?? void 0;
|
|
321
|
+
} catch {
|
|
322
|
+
return;
|
|
323
|
+
}
|
|
324
|
+
};
|
|
325
|
+
//#endregion
|
|
326
|
+
//#region src/renown-builder.ts
|
|
327
|
+
/**
|
|
328
|
+
* Base builder for creating Renown instances.
|
|
329
|
+
* Use platform-specific builders (RenownBuilder from init.browser.js or init.node.js)
|
|
330
|
+
* for pre-configured defaults.
|
|
331
|
+
*/
|
|
332
|
+
var BaseRenownBuilder = class BaseRenownBuilder {
|
|
333
|
+
#appName;
|
|
334
|
+
#storage;
|
|
335
|
+
#eventEmitter;
|
|
336
|
+
#crypto;
|
|
337
|
+
#keyPairStorage;
|
|
338
|
+
#baseUrl;
|
|
339
|
+
#profileFetcher;
|
|
340
|
+
/**
|
|
341
|
+
* @param appName - Application name used for signing context
|
|
342
|
+
*/
|
|
343
|
+
constructor(appName) {
|
|
344
|
+
this.#appName = appName;
|
|
345
|
+
}
|
|
346
|
+
/**
|
|
347
|
+
* Set custom storage for user data persistence.
|
|
348
|
+
* Defaults to in-memory storage if not set.
|
|
349
|
+
*/
|
|
350
|
+
withStorage(storage) {
|
|
351
|
+
this.#storage = storage;
|
|
352
|
+
return this;
|
|
353
|
+
}
|
|
354
|
+
/**
|
|
355
|
+
* Set custom event emitter for user state changes.
|
|
356
|
+
* Defaults to in-memory event emitter if not set.
|
|
357
|
+
*/
|
|
358
|
+
withEventEmitter(eventEmitter) {
|
|
359
|
+
this.#eventEmitter = eventEmitter;
|
|
360
|
+
return this;
|
|
361
|
+
}
|
|
362
|
+
/**
|
|
363
|
+
* Set a pre-built crypto instance.
|
|
364
|
+
* Either crypto or keyPairStorage must be provided.
|
|
365
|
+
*/
|
|
366
|
+
withCrypto(crypto) {
|
|
367
|
+
this.#crypto = crypto;
|
|
368
|
+
return this;
|
|
369
|
+
}
|
|
370
|
+
/**
|
|
371
|
+
* Set key pair storage for cryptographic keys.
|
|
372
|
+
* A crypto instance will be built from this storage.
|
|
373
|
+
* Either crypto or keyPairStorage must be provided.
|
|
374
|
+
*/
|
|
375
|
+
withKeyPairStorage(keyPairStorage) {
|
|
376
|
+
this.#keyPairStorage = keyPairStorage;
|
|
377
|
+
return this;
|
|
378
|
+
}
|
|
379
|
+
/**
|
|
380
|
+
* Set the Renown server URL for credential verification.
|
|
381
|
+
* Defaults to https://www.renown.id
|
|
382
|
+
*/
|
|
383
|
+
withBaseUrl(baseUrl) {
|
|
384
|
+
this.#baseUrl = baseUrl;
|
|
385
|
+
return this;
|
|
386
|
+
}
|
|
387
|
+
/**
|
|
388
|
+
* Set a profile fetcher strategy for enriching user data after login.
|
|
389
|
+
* The fetcher receives the authenticated user and the base URL,
|
|
390
|
+
* and returns a RenownProfile. Called in the background after each login.
|
|
391
|
+
* Defaults to fetchRenownProfile which calls the Renown API.
|
|
392
|
+
*/
|
|
393
|
+
withProfileFetcher(profileFetcher) {
|
|
394
|
+
this.#profileFetcher = profileFetcher;
|
|
395
|
+
return this;
|
|
396
|
+
}
|
|
397
|
+
/**
|
|
398
|
+
* Build and initialize the Renown instance.
|
|
399
|
+
* If a user is stored, attempts to re-authenticate them.
|
|
400
|
+
* @throws Error if neither crypto nor keyPairStorage is provided
|
|
401
|
+
*/
|
|
402
|
+
async build() {
|
|
403
|
+
if (!this.#crypto && !this.#keyPairStorage) throw new Error("Either crypto or keyPairStorage is required. Use withCrypto() or withKeyPairStorage() to set one.");
|
|
404
|
+
const crypto = this.#crypto ?? await new RenownCryptoBuilder().withKeyPairStorage(this.#keyPairStorage).build();
|
|
405
|
+
const storage = this.#storage ?? new RenownMemoryStorage();
|
|
406
|
+
const eventEmitter = this.#eventEmitter ?? new MemoryEventEmitter();
|
|
407
|
+
const baseUrl = this.#baseUrl ?? "https://www.renown.id";
|
|
408
|
+
const renown = new Renown(storage, eventEmitter, crypto, this.#appName, baseUrl, this.#profileFetcher ?? fetchRenownProfile);
|
|
409
|
+
if (renown.user) try {
|
|
410
|
+
await renown.login(renown.user.did);
|
|
411
|
+
} catch (error) {
|
|
412
|
+
console.error("Failed to re-authenticate user:", error);
|
|
413
|
+
}
|
|
414
|
+
return renown;
|
|
415
|
+
}
|
|
416
|
+
/**
|
|
417
|
+
* Create a BaseRenownBuilder from options object for a more concise API
|
|
418
|
+
*/
|
|
419
|
+
static from(options) {
|
|
420
|
+
const builder = new BaseRenownBuilder(options.appName);
|
|
421
|
+
if (options.storage) builder.withStorage(options.storage);
|
|
422
|
+
if (options.eventEmitter) builder.withEventEmitter(options.eventEmitter);
|
|
423
|
+
if (options.crypto) builder.withCrypto(options.crypto);
|
|
424
|
+
if (options.keyPairStorage) builder.withKeyPairStorage(options.keyPairStorage);
|
|
425
|
+
if (options.baseUrl) builder.withBaseUrl(options.baseUrl);
|
|
426
|
+
if (options.profileFetcher) builder.withProfileFetcher(options.profileFetcher);
|
|
427
|
+
return builder;
|
|
428
|
+
}
|
|
429
|
+
};
|
|
430
|
+
//#endregion
|
|
431
|
+
export { VERIFIABLE_CREDENTIAL_EIP712_TYPE as _, BaseStorage as a, verifyCredentialSignature as c, CREDENTIAL_TYPES as d, DEFAULT_RENOWN_CHAIN_ID as f, ISSUER_TYPE as g, DOMAIN_TYPE as h, RenownMemoryStorage as i, CREDENTIAL_SCHEMA_EIP712_TYPE as l, DEFAULT_RENOWN_URL as m, fetchRenownProfile as n, buildAndSignCredential as o, DEFAULT_RENOWN_NETWORK_ID as p, Renown as r, recoverCredentialSigner as s, BaseRenownBuilder as t, CREDENTIAL_SUBJECT_TYPE as u };
|
|
432
|
+
|
|
433
|
+
//# sourceMappingURL=renown-builder-CQIpzrA6.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"renown-builder-CQIpzrA6.js","names":["#store","#eventEmitter","#baseUrl","#crypto","#appName","#profileFetcher","#signer","#status","#updateStatus","#getCredential","#updateUser","#listeners","#appName","#storage","#eventEmitter","#crypto","#keyPairStorage","#baseUrl","#profileFetcher"],"sources":["../src/constants.ts","../src/credential.ts","../src/storage/common.ts","../src/common.ts","../src/event/memory.ts","../src/profile.ts","../src/renown-builder.ts"],"sourcesContent":["export const DEFAULT_RENOWN_URL = \"https://www.renown.id\";\nexport const DEFAULT_RENOWN_NETWORK_ID = \"eip155\";\nexport const DEFAULT_RENOWN_CHAIN_ID = \"1\";\n\nexport const DOMAIN_TYPE = [\n { name: \"version\", type: \"string\" },\n { name: \"chainId\", type: \"uint256\" },\n] as const;\n\nexport const VERIFIABLE_CREDENTIAL_EIP712_TYPE = [\n { name: \"@context\", type: \"string[]\" },\n { name: \"type\", type: \"string[]\" },\n { name: \"id\", type: \"string\" },\n { name: \"issuer\", type: \"Issuer\" },\n { name: \"credentialSubject\", type: \"CredentialSubject\" },\n { name: \"credentialSchema\", type: \"CredentialSchema\" },\n { name: \"issuanceDate\", type: \"string\" },\n { name: \"expirationDate\", type: \"string\" },\n] as const;\n\nexport const CREDENTIAL_SCHEMA_EIP712_TYPE = [\n { name: \"id\", type: \"string\" },\n { name: \"type\", type: \"string\" },\n] as const;\n\nexport const CREDENTIAL_SUBJECT_TYPE = [\n { name: \"app\", type: \"string\" },\n { name: \"id\", type: \"string\" },\n] as const;\n\nexport const ISSUER_TYPE = [\n { name: \"id\", type: \"string\" },\n { name: \"ethereumAddress\", type: \"string\" },\n] as const;\n\nexport const CREDENTIAL_TYPES = {\n EIP712Domain: DOMAIN_TYPE,\n VerifiableCredential: VERIFIABLE_CREDENTIAL_EIP712_TYPE,\n CredentialSchema: CREDENTIAL_SCHEMA_EIP712_TYPE,\n CredentialSubject: CREDENTIAL_SUBJECT_TYPE,\n Issuer: ISSUER_TYPE,\n} as const;\n","import { recoverTypedDataAddress } from \"viem\";\nimport { CREDENTIAL_TYPES, DEFAULT_RENOWN_NETWORK_ID } from \"./constants.js\";\nimport type { PowerhouseVerifiableCredential } from \"./types.js\";\n\n/* Local structural aliases (EIP-712 standard shapes) so renown's public .d.ts\n * never names viem — a viem type in the surface drags viem's whole closure in. */\ntype Hex = `0x${string}`;\ntype TypedDataDomain = {\n name?: string;\n version?: string;\n chainId?: number;\n verifyingContract?: Hex;\n salt?: Hex;\n};\ntype TypedDataParameter = { name: string; type: string };\n\n/** EIP-712 domain as signed by the credential issuer. */\nexport type CredentialDomain = {\n version: string;\n chainId: number;\n};\n\n/** The credential body that is EIP-712 signed (everything except `proof`). */\nexport type CredentialMessage = {\n \"@context\": string[];\n type: string[];\n id: string;\n issuer: { id: string; ethereumAddress: Hex };\n credentialSubject: { id: string; app: string };\n credentialSchema: { id: string; type: string };\n issuanceDate: string;\n expirationDate: string;\n};\n\n/** Typed-data signer; matches the loose shape used by wallet adapters. */\nexport type SignCredentialTypedData = (args: {\n domain: TypedDataDomain;\n types: Record<string, readonly TypedDataParameter[]>;\n primaryType: string;\n message: Record<string, unknown>;\n}) => Promise<Hex>;\n\nexport interface BuildCredentialParams {\n signTypedData: SignCredentialTypedData;\n address: Hex;\n chainId: number;\n app: string;\n /** Credential subject id: the app/client DID the credential delegates to. */\n appId: string;\n expiresInDays?: number;\n}\n\n/** Assemble a Renown delegation VC and sign it with the provided signer. */\nexport async function buildAndSignCredential(\n params: BuildCredentialParams,\n): Promise<PowerhouseVerifiableCredential> {\n const {\n signTypedData,\n address,\n chainId,\n app,\n appId,\n expiresInDays = 7,\n } = params;\n\n const issuerId = `did:pkh:${DEFAULT_RENOWN_NETWORK_ID}:${chainId}:${address.toLowerCase()}`;\n const credentialId = `urn:uuid:${globalThis.crypto.randomUUID()}`;\n const now = new Date();\n const expirationDate = new Date(\n now.getTime() + expiresInDays * 24 * 60 * 60 * 1000,\n );\n\n const message: CredentialMessage = {\n \"@context\": [\"https://www.w3.org/2018/credentials/v1\"],\n type: [\"VerifiableCredential\", \"RenownCredential\"],\n id: credentialId,\n issuer: { id: issuerId, ethereumAddress: address },\n credentialSubject: { id: appId, app },\n credentialSchema: {\n id: \"https://renown.id/schemas/renown-credential/v1\",\n type: \"JsonSchemaValidator2018\",\n },\n issuanceDate: now.toISOString(),\n expirationDate: expirationDate.toISOString(),\n };\n\n const domain: CredentialDomain = { version: \"1\", chainId };\n\n // viem and most wallet adapters reserve EIP712Domain and derive it from\n // `domain` — passing it explicitly makes them throw.\n const { EIP712Domain, ...signTypes } = CREDENTIAL_TYPES;\n void EIP712Domain;\n const signature = await signTypedData({\n domain,\n types: signTypes,\n primaryType: \"VerifiableCredential\",\n message,\n });\n\n return {\n ...message,\n proof: {\n type: \"EthereumEip712Signature2021\",\n created: message.issuanceDate,\n verificationMethod: issuerId,\n proofPurpose: \"assertionMethod\",\n proofValue: signature,\n ethereumAddress: address,\n eip712: {\n domain,\n types: CREDENTIAL_TYPES,\n primaryType: \"VerifiableCredential\",\n },\n },\n };\n}\n\n/** Recover the address that signed a credential's EIP-712 proof. */\nexport async function recoverCredentialSigner(\n credential: PowerhouseVerifiableCredential,\n): Promise<Hex> {\n const { proof, ...message } = credential;\n // Drop EIP712Domain so viem derives it from `domain`; viem ignores\n // message keys not present in the types, so the proof is excluded too.\n const { EIP712Domain, ...types } = CREDENTIAL_TYPES;\n void EIP712Domain;\n return recoverTypedDataAddress({\n domain: proof.eip712.domain,\n types,\n primaryType: \"VerifiableCredential\",\n message,\n signature: proof.proofValue as Hex,\n } as Parameters<typeof recoverTypedDataAddress>[0]);\n}\n\n/** True when the proof was signed by the credential's declared issuer address. */\nexport async function verifyCredentialSignature(\n credential: PowerhouseVerifiableCredential,\n): Promise<boolean> {\n try {\n const recovered = await recoverCredentialSigner(credential);\n return (\n recovered.toLowerCase() ===\n credential.issuer.ethereumAddress.toLowerCase()\n );\n } catch {\n // Malformed proof (bad hex, missing fields) is an invalid signature.\n return false;\n }\n}\n","export interface IStorage<\n T extends Record<string, unknown> = Record<string, unknown>,\n Key extends keyof T = keyof T,\n> {\n get(key: Key): T[Key] | undefined;\n set(key: Key, value?: T[Key]): void;\n delete(key: Key): void;\n}\n\nexport abstract class BaseStorage<\n T extends Record<string, unknown> = Record<string, unknown>,\n Key extends keyof T = keyof T,\n> implements IStorage<T> {\n abstract get(key: Key): T[Key] | undefined;\n abstract set(key: Key, value?: T[Key]): void;\n abstract delete(key: Key): void;\n}\n\nexport class MemoryStorage<\n T extends Record<string, unknown> = Record<string, unknown>,\n Key extends keyof T = keyof T,\n> extends BaseStorage<T> {\n private readonly data = new Map<Key, T[Key]>();\n\n get(key: Key) {\n return this.data.get(key);\n }\n\n set(key: Key, value?: T[Key]): void {\n if (value === undefined) {\n this.data.delete(key);\n } else {\n this.data.set(key, value);\n }\n }\n\n delete(key: Key): void {\n this.data.delete(key);\n }\n}\n","import { CREDENTIAL_TYPES, DEFAULT_RENOWN_URL } from \"./constants.js\";\nimport { verifyCredentialSignature } from \"./credential.js\";\nimport { RenownCryptoSigner, type IRenownCrypto } from \"./crypto/index.js\";\nimport { MemoryStorage } from \"./storage/common.js\";\nimport type {\n CreateBearerTokenOptions,\n IProof,\n IRenown,\n ISigner,\n LoginStatus,\n PowerhouseVerifiableCredential,\n ProfileFetcher,\n RenownEventEmitter,\n RenownEvents,\n RenownStorage,\n RenownStorageMap,\n User,\n} from \"./types.js\";\nimport { parsePkhDid, verifyAuthBearerToken } from \"./utils.js\";\nexport * from \"./constants.js\";\n\nexport class RenownMemoryStorage extends MemoryStorage<RenownStorageMap> {}\n\nexport class Renown implements IRenown {\n #baseUrl: string;\n #store: RenownStorage;\n #eventEmitter: RenownEventEmitter;\n #appName: string;\n #crypto: IRenownCrypto;\n #signer: ISigner;\n #profileFetcher?: ProfileFetcher;\n #status: LoginStatus = \"initial\";\n\n constructor(\n store: RenownStorage,\n eventEmitter: RenownEventEmitter,\n crypto: IRenownCrypto,\n appName: string,\n baseUrl = DEFAULT_RENOWN_URL,\n profileFetcher?: ProfileFetcher,\n ) {\n this.#store = store;\n this.#eventEmitter = eventEmitter;\n this.#baseUrl = baseUrl;\n this.#crypto = crypto;\n this.#appName = appName;\n this.#profileFetcher = profileFetcher;\n this.#signer = new RenownCryptoSigner(crypto, this.#appName, this.user);\n\n this.on(\"user\", (user) => {\n this.#signer.user = user;\n });\n }\n\n get baseUrl() {\n return this.#baseUrl;\n }\n\n get user() {\n return this.#store.get(\"user\");\n }\n\n get status() {\n return this.#status;\n }\n\n get signer() {\n return this.#signer;\n }\n\n get crypto() {\n return this.#crypto;\n }\n\n get did() {\n return this.#crypto.did;\n }\n\n get profileFetcher() {\n return this.#profileFetcher;\n }\n\n #updateStatus(status: LoginStatus) {\n this.#status = status;\n this.#eventEmitter.emit(\"status\", status);\n }\n\n #updateUser(user: User | undefined) {\n if (user) {\n this.#store.set(\"user\", user);\n } else {\n this.#store.delete(\"user\");\n }\n this.#eventEmitter.emit(\"user\", user);\n }\n\n async login(userDid: string): Promise<User> {\n this.#updateStatus(\"checking\");\n try {\n const result = parsePkhDid(userDid);\n const credential = await this.#getCredential(\n result.address,\n result.chainId,\n this.#crypto.did,\n );\n\n if (!credential) {\n this.#updateUser(undefined);\n throw new Error(\"Credential not found\");\n }\n\n if (\n !(\n credential.issuer.id === userDid &&\n credential.credentialSubject.id === this.did\n )\n ) {\n throw new Error(\"Invalid credential\");\n }\n\n // The deployed Renown credential API may return proof.eip712 without\n // domain/types, despite the declared type. The domain is canonical\n // (version \"1\", the DID's chainId), so reconstruct it — the signature\n // verification below still fails if the credential wasn't signed for\n // that domain.\n const eip712 = credential.proof.eip712 as\n | Partial<IProof[\"eip712\"]>\n | undefined;\n const verifiableCredential: PowerhouseVerifiableCredential =\n eip712?.domain\n ? credential\n : {\n ...credential,\n proof: {\n ...credential.proof,\n eip712: {\n domain: { version: \"1\", chainId: result.chainId },\n types: CREDENTIAL_TYPES,\n primaryType: \"VerifiableCredential\",\n },\n },\n };\n\n // Verify the EIP-712 proof was signed by the DID's address on its chain.\n if (\n credential.issuer.ethereumAddress.toLowerCase() !==\n result.address.toLowerCase() ||\n verifiableCredential.proof.eip712.domain.chainId !== result.chainId ||\n !(await verifyCredentialSignature(verifiableCredential))\n ) {\n throw new Error(\"Invalid credential signature\");\n }\n\n const user: User = {\n ...result,\n address: credential.issuer.ethereumAddress,\n did: userDid,\n credential: verifiableCredential,\n };\n\n this.#updateUser(user);\n this.#updateStatus(\"authorized\");\n\n // Fetch profile data in the background if a fetcher is configured\n if (this.#profileFetcher) {\n this.#profileFetcher(user, this.#baseUrl)\n .then((profile) => {\n if (\n profile &&\n this.user?.address === user.address &&\n this.user.chainId === user.chainId\n ) {\n this.#updateUser({\n ...this.user,\n profile,\n ens: {\n name: profile.username ?? undefined,\n avatarUrl: profile.userImage ?? undefined,\n },\n });\n }\n })\n .catch(console.error);\n }\n\n return user;\n } catch (error) {\n this.#updateUser(undefined);\n this.#updateStatus(\"not-authorized\");\n throw error;\n }\n }\n\n logout() {\n this.#updateUser(undefined);\n this.#updateStatus(\"initial\");\n return Promise.resolve();\n }\n\n on<K extends keyof RenownEvents>(\n event: K,\n listener: (data: RenownEvents[K]) => void,\n ): () => void {\n return this.#eventEmitter.on(event, listener);\n }\n\n async #getCredential(\n address: string,\n chainId: number,\n appDid: string,\n ): Promise<PowerhouseVerifiableCredential | undefined> {\n if (!this.#baseUrl) {\n throw new Error(\"RENOWN_URL is not set\");\n }\n const url = new URL(\n `/api/auth/credential?address=${encodeURIComponent(address)}&chainId=${encodeURIComponent(chainId)}&connectId=${encodeURIComponent(appDid)}&appId=${encodeURIComponent(appDid)}`,\n this.#baseUrl,\n );\n const response = await fetch(url, {\n method: \"GET\",\n });\n if (response.ok) {\n const result = (await response.json()) as {\n credential: PowerhouseVerifiableCredential;\n };\n return result.credential;\n } else {\n throw new Error(`Failed to get credential: ${response.status}`);\n }\n }\n\n async verifyBearerToken(token: string) {\n return verifyAuthBearerToken(token);\n }\n\n async getBearerToken(options: CreateBearerTokenOptions) {\n if (!this.user) {\n throw new Error(\"User not found\");\n }\n return this.#crypto.getBearerToken(this.user.address, options);\n }\n}\n","import type { RenownEvents } from \"../types.js\";\nimport type { IEventEmitter } from \"./types.js\";\n\nexport class MemoryEventEmitter implements IEventEmitter<RenownEvents> {\n #listeners = new Map<keyof RenownEvents, Set<(data: unknown) => void>>();\n\n on<K extends keyof RenownEvents>(\n event: K,\n listener: (data: RenownEvents[K]) => void,\n ): () => void {\n if (!this.#listeners.has(event)) {\n this.#listeners.set(event, new Set());\n }\n this.#listeners.get(event)!.add(listener as (data: unknown) => void);\n return () => {\n this.#listeners.get(event)?.delete(listener as (data: unknown) => void);\n };\n }\n\n emit<K extends keyof RenownEvents>(event: K, data: RenownEvents[K]): void {\n this.#listeners.get(event)?.forEach((listener) => listener(data));\n }\n}\n","import type { ProfileFetcher, RenownProfile } from \"./types.js\";\n\nexport const fetchRenownProfile: ProfileFetcher = async (user, baseUrl) => {\n try {\n const response = await fetch(`${baseUrl}/api/profile`, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n body: JSON.stringify({\n ethAddress: user.address,\n }),\n });\n\n if (!response.ok) {\n return undefined;\n }\n\n const result = (await response.json()) as {\n profile?: RenownProfile;\n };\n\n return result.profile ?? undefined;\n } catch {\n return undefined;\n }\n};\n","import { Renown, RenownMemoryStorage } from \"./common.js\";\nimport { DEFAULT_RENOWN_URL } from \"./constants.js\";\nimport { RenownCryptoBuilder } from \"./crypto/renown-crypto-builder.js\";\nimport type { IRenownCrypto, JsonWebKeyPairStorage } from \"./crypto/types.js\";\nimport { MemoryEventEmitter } from \"./event/memory.js\";\nimport { fetchRenownProfile } from \"./profile.js\";\nimport type {\n ProfileFetcher,\n RenownEventEmitter,\n RenownStorage,\n} from \"./types.js\";\n\nexport interface RenownBuilderOptions {\n appName: string;\n storage?: RenownStorage;\n eventEmitter?: RenownEventEmitter;\n crypto?: IRenownCrypto;\n keyPairStorage?: JsonWebKeyPairStorage;\n baseUrl?: string;\n profileFetcher?: ProfileFetcher;\n}\n\n/**\n * Base builder for creating Renown instances.\n * Use platform-specific builders (RenownBuilder from init.browser.js or init.node.js)\n * for pre-configured defaults.\n */\nexport class BaseRenownBuilder {\n #appName: string;\n #storage?: RenownStorage;\n #eventEmitter?: RenownEventEmitter;\n #crypto?: IRenownCrypto;\n #keyPairStorage?: JsonWebKeyPairStorage;\n #baseUrl?: string;\n #profileFetcher?: ProfileFetcher;\n\n /**\n * @param appName - Application name used for signing context\n */\n constructor(appName: string) {\n this.#appName = appName;\n }\n\n /**\n * Set custom storage for user data persistence.\n * Defaults to in-memory storage if not set.\n */\n withStorage(storage: RenownStorage): this {\n this.#storage = storage;\n return this;\n }\n\n /**\n * Set custom event emitter for user state changes.\n * Defaults to in-memory event emitter if not set.\n */\n withEventEmitter(eventEmitter: RenownEventEmitter): this {\n this.#eventEmitter = eventEmitter;\n return this;\n }\n\n /**\n * Set a pre-built crypto instance.\n * Either crypto or keyPairStorage must be provided.\n */\n withCrypto(crypto: IRenownCrypto): this {\n this.#crypto = crypto;\n return this;\n }\n\n /**\n * Set key pair storage for cryptographic keys.\n * A crypto instance will be built from this storage.\n * Either crypto or keyPairStorage must be provided.\n */\n withKeyPairStorage(keyPairStorage: JsonWebKeyPairStorage): this {\n this.#keyPairStorage = keyPairStorage;\n return this;\n }\n\n /**\n * Set the Renown server URL for credential verification.\n * Defaults to https://www.renown.id\n */\n withBaseUrl(baseUrl: string): this {\n this.#baseUrl = baseUrl;\n return this;\n }\n\n /**\n * Set a profile fetcher strategy for enriching user data after login.\n * The fetcher receives the authenticated user and the base URL,\n * and returns a RenownProfile. Called in the background after each login.\n * Defaults to fetchRenownProfile which calls the Renown API.\n */\n withProfileFetcher(profileFetcher: ProfileFetcher): this {\n this.#profileFetcher = profileFetcher;\n return this;\n }\n\n /**\n * Build and initialize the Renown instance.\n * If a user is stored, attempts to re-authenticate them.\n * @throws Error if neither crypto nor keyPairStorage is provided\n */\n async build(): Promise<Renown> {\n if (!this.#crypto && !this.#keyPairStorage) {\n throw new Error(\n \"Either crypto or keyPairStorage is required. Use withCrypto() or withKeyPairStorage() to set one.\",\n );\n }\n\n const crypto =\n this.#crypto ??\n (await new RenownCryptoBuilder()\n .withKeyPairStorage(this.#keyPairStorage!)\n .build());\n\n const storage = this.#storage ?? new RenownMemoryStorage();\n const eventEmitter = this.#eventEmitter ?? new MemoryEventEmitter();\n const baseUrl = this.#baseUrl ?? DEFAULT_RENOWN_URL;\n\n const renown = new Renown(\n storage,\n eventEmitter,\n crypto,\n this.#appName,\n baseUrl,\n this.#profileFetcher ?? fetchRenownProfile,\n );\n\n // Re-authenticate stored user if present\n if (renown.user) {\n try {\n await renown.login(renown.user.did);\n } catch (error) {\n console.error(\"Failed to re-authenticate user:\", error);\n }\n }\n\n return renown;\n }\n\n /**\n * Create a BaseRenownBuilder from options object for a more concise API\n */\n static from(options: RenownBuilderOptions): BaseRenownBuilder {\n const builder = new BaseRenownBuilder(options.appName);\n\n if (options.storage) {\n builder.withStorage(options.storage);\n }\n if (options.eventEmitter) {\n builder.withEventEmitter(options.eventEmitter);\n }\n if (options.crypto) {\n builder.withCrypto(options.crypto);\n }\n if (options.keyPairStorage) {\n builder.withKeyPairStorage(options.keyPairStorage);\n }\n if (options.baseUrl) {\n builder.withBaseUrl(options.baseUrl);\n }\n if (options.profileFetcher) {\n builder.withProfileFetcher(options.profileFetcher);\n }\n\n return builder;\n }\n}\n"],"mappings":";;;AAAA,MAAa,qBAAqB;AAClC,MAAa,4BAA4B;AACzC,MAAa,0BAA0B;AAEvC,MAAa,cAAc,CACzB;CAAE,MAAM;CAAW,MAAM;CAAU,EACnC;CAAE,MAAM;CAAW,MAAM;CAAW,CACrC;AAED,MAAa,oCAAoC;CAC/C;EAAE,MAAM;EAAY,MAAM;EAAY;CACtC;EAAE,MAAM;EAAQ,MAAM;EAAY;CAClC;EAAE,MAAM;EAAM,MAAM;EAAU;CAC9B;EAAE,MAAM;EAAU,MAAM;EAAU;CAClC;EAAE,MAAM;EAAqB,MAAM;EAAqB;CACxD;EAAE,MAAM;EAAoB,MAAM;EAAoB;CACtD;EAAE,MAAM;EAAgB,MAAM;EAAU;CACxC;EAAE,MAAM;EAAkB,MAAM;EAAU;CAC3C;AAED,MAAa,gCAAgC,CAC3C;CAAE,MAAM;CAAM,MAAM;CAAU,EAC9B;CAAE,MAAM;CAAQ,MAAM;CAAU,CACjC;AAED,MAAa,0BAA0B,CACrC;CAAE,MAAM;CAAO,MAAM;CAAU,EAC/B;CAAE,MAAM;CAAM,MAAM;CAAU,CAC/B;AAED,MAAa,cAAc,CACzB;CAAE,MAAM;CAAM,MAAM;CAAU,EAC9B;CAAE,MAAM;CAAmB,MAAM;CAAU,CAC5C;AAED,MAAa,mBAAmB;CAC9B,cAAc;CACd,sBAAsB;CACtB,kBAAkB;CAClB,mBAAmB;CACnB,QAAQ;CACT;;;;ACYD,eAAsB,uBACpB,QACyC;CACzC,MAAM,EACJ,eACA,SACA,SACA,KACA,OACA,gBAAgB,MACd;CAEJ,MAAM,WAAW,WAAW,0BAA0B,GAAG,QAAQ,GAAG,QAAQ,aAAa;CACzF,MAAM,eAAe,YAAY,WAAW,OAAO,YAAY;CAC/D,MAAM,sBAAM,IAAI,MAAM;CACtB,MAAM,iBAAiB,IAAI,KACzB,IAAI,SAAS,GAAG,gBAAgB,KAAK,KAAK,KAAK,IAChD;CAED,MAAM,UAA6B;EACjC,YAAY,CAAC,yCAAyC;EACtD,MAAM,CAAC,wBAAwB,mBAAmB;EAClD,IAAI;EACJ,QAAQ;GAAE,IAAI;GAAU,iBAAiB;GAAS;EAClD,mBAAmB;GAAE,IAAI;GAAO;GAAK;EACrC,kBAAkB;GAChB,IAAI;GACJ,MAAM;GACP;EACD,cAAc,IAAI,aAAa;EAC/B,gBAAgB,eAAe,aAAa;EAC7C;CAED,MAAM,SAA2B;EAAE,SAAS;EAAK;EAAS;CAI1D,MAAM,EAAE,cAAc,GAAG,cAAc;CAEvC,MAAM,YAAY,MAAM,cAAc;EACpC;EACA,OAAO;EACP,aAAa;EACb;EACD,CAAC;AAEF,QAAO;EACL,GAAG;EACH,OAAO;GACL,MAAM;GACN,SAAS,QAAQ;GACjB,oBAAoB;GACpB,cAAc;GACd,YAAY;GACZ,iBAAiB;GACjB,QAAQ;IACN;IACA,OAAO;IACP,aAAa;IACd;GACF;EACF;;;AAIH,eAAsB,wBACpB,YACc;CACd,MAAM,EAAE,OAAO,GAAG,YAAY;CAG9B,MAAM,EAAE,cAAc,GAAG,UAAU;AAEnC,QAAO,wBAAwB;EAC7B,QAAQ,MAAM,OAAO;EACrB;EACA,aAAa;EACb;EACA,WAAW,MAAM;EAClB,CAAkD;;;AAIrD,eAAsB,0BACpB,YACkB;AAClB,KAAI;AAEF,UADkB,MAAM,wBAAwB,WAAW,EAE/C,aAAa,KACvB,WAAW,OAAO,gBAAgB,aAAa;SAE3C;AAEN,SAAO;;;;;AC1IX,IAAsB,cAAtB,MAGyB;AAMzB,IAAa,gBAAb,cAGU,YAAe;CACvB,uBAAwB,IAAI,KAAkB;CAE9C,IAAI,KAAU;AACZ,SAAO,KAAK,KAAK,IAAI,IAAI;;CAG3B,IAAI,KAAU,OAAsB;AAClC,MAAI,UAAU,KAAA,EACZ,MAAK,KAAK,OAAO,IAAI;MAErB,MAAK,KAAK,IAAI,KAAK,MAAM;;CAI7B,OAAO,KAAgB;AACrB,OAAK,KAAK,OAAO,IAAI;;;;;AChBzB,IAAa,sBAAb,cAAyC,cAAgC;AAEzE,IAAa,SAAb,MAAuC;CACrC;CACA;CACA;CACA;CACA;CACA;CACA;CACA,UAAuB;CAEvB,YACE,OACA,cACA,QACA,SACA,UAAU,oBACV,gBACA;AACA,QAAA,QAAc;AACd,QAAA,eAAqB;AACrB,QAAA,UAAgB;AAChB,QAAA,SAAe;AACf,QAAA,UAAgB;AAChB,QAAA,iBAAuB;AACvB,QAAA,SAAe,IAAI,mBAAmB,QAAQ,MAAA,SAAe,KAAK,KAAK;AAEvE,OAAK,GAAG,SAAS,SAAS;AACxB,SAAA,OAAa,OAAO;IACpB;;CAGJ,IAAI,UAAU;AACZ,SAAO,MAAA;;CAGT,IAAI,OAAO;AACT,SAAO,MAAA,MAAY,IAAI,OAAO;;CAGhC,IAAI,SAAS;AACX,SAAO,MAAA;;CAGT,IAAI,SAAS;AACX,SAAO,MAAA;;CAGT,IAAI,SAAS;AACX,SAAO,MAAA;;CAGT,IAAI,MAAM;AACR,SAAO,MAAA,OAAa;;CAGtB,IAAI,iBAAiB;AACnB,SAAO,MAAA;;CAGT,cAAc,QAAqB;AACjC,QAAA,SAAe;AACf,QAAA,aAAmB,KAAK,UAAU,OAAO;;CAG3C,YAAY,MAAwB;AAClC,MAAI,KACF,OAAA,MAAY,IAAI,QAAQ,KAAK;MAE7B,OAAA,MAAY,OAAO,OAAO;AAE5B,QAAA,aAAmB,KAAK,QAAQ,KAAK;;CAGvC,MAAM,MAAM,SAAgC;AAC1C,QAAA,aAAmB,WAAW;AAC9B,MAAI;GACF,MAAM,SAAS,YAAY,QAAQ;GACnC,MAAM,aAAa,MAAM,MAAA,cACvB,OAAO,SACP,OAAO,SACP,MAAA,OAAa,IACd;AAED,OAAI,CAAC,YAAY;AACf,UAAA,WAAiB,KAAA,EAAU;AAC3B,UAAM,IAAI,MAAM,uBAAuB;;AAGzC,OACE,EACE,WAAW,OAAO,OAAO,WACzB,WAAW,kBAAkB,OAAO,KAAK,KAG3C,OAAM,IAAI,MAAM,qBAAqB;GAWvC,MAAM,uBAHS,WAAW,MAAM,QAItB,SACJ,aACA;IACE,GAAG;IACH,OAAO;KACL,GAAG,WAAW;KACd,QAAQ;MACN,QAAQ;OAAE,SAAS;OAAK,SAAS,OAAO;OAAS;MACjD,OAAO;MACP,aAAa;MACd;KACF;IACF;AAGP,OACE,WAAW,OAAO,gBAAgB,aAAa,KAC7C,OAAO,QAAQ,aAAa,IAC9B,qBAAqB,MAAM,OAAO,OAAO,YAAY,OAAO,WAC5D,CAAE,MAAM,0BAA0B,qBAAqB,CAEvD,OAAM,IAAI,MAAM,+BAA+B;GAGjD,MAAM,OAAa;IACjB,GAAG;IACH,SAAS,WAAW,OAAO;IAC3B,KAAK;IACL,YAAY;IACb;AAED,SAAA,WAAiB,KAAK;AACtB,SAAA,aAAmB,aAAa;AAGhC,OAAI,MAAA,eACF,OAAA,eAAqB,MAAM,MAAA,QAAc,CACtC,MAAM,YAAY;AACjB,QACE,WACA,KAAK,MAAM,YAAY,KAAK,WAC5B,KAAK,KAAK,YAAY,KAAK,QAE3B,OAAA,WAAiB;KACf,GAAG,KAAK;KACR;KACA,KAAK;MACH,MAAM,QAAQ,YAAY,KAAA;MAC1B,WAAW,QAAQ,aAAa,KAAA;MACjC;KACF,CAAC;KAEJ,CACD,MAAM,QAAQ,MAAM;AAGzB,UAAO;WACA,OAAO;AACd,SAAA,WAAiB,KAAA,EAAU;AAC3B,SAAA,aAAmB,iBAAiB;AACpC,SAAM;;;CAIV,SAAS;AACP,QAAA,WAAiB,KAAA,EAAU;AAC3B,QAAA,aAAmB,UAAU;AAC7B,SAAO,QAAQ,SAAS;;CAG1B,GACE,OACA,UACY;AACZ,SAAO,MAAA,aAAmB,GAAG,OAAO,SAAS;;CAG/C,OAAA,cACE,SACA,SACA,QACqD;AACrD,MAAI,CAAC,MAAA,QACH,OAAM,IAAI,MAAM,wBAAwB;EAE1C,MAAM,MAAM,IAAI,IACd,gCAAgC,mBAAmB,QAAQ,CAAC,WAAW,mBAAmB,QAAQ,CAAC,aAAa,mBAAmB,OAAO,CAAC,SAAS,mBAAmB,OAAO,IAC9K,MAAA,QACD;EACD,MAAM,WAAW,MAAM,MAAM,KAAK,EAChC,QAAQ,OACT,CAAC;AACF,MAAI,SAAS,GAIX,SAHgB,MAAM,SAAS,MAAM,EAGvB;MAEd,OAAM,IAAI,MAAM,6BAA6B,SAAS,SAAS;;CAInE,MAAM,kBAAkB,OAAe;AACrC,SAAO,sBAAsB,MAAM;;CAGrC,MAAM,eAAe,SAAmC;AACtD,MAAI,CAAC,KAAK,KACR,OAAM,IAAI,MAAM,iBAAiB;AAEnC,SAAO,MAAA,OAAa,eAAe,KAAK,KAAK,SAAS,QAAQ;;;;;AC5OlE,IAAa,qBAAb,MAAuE;CACrE,6BAAa,IAAI,KAAuD;CAExE,GACE,OACA,UACY;AACZ,MAAI,CAAC,MAAA,UAAgB,IAAI,MAAM,CAC7B,OAAA,UAAgB,IAAI,uBAAO,IAAI,KAAK,CAAC;AAEvC,QAAA,UAAgB,IAAI,MAAM,CAAE,IAAI,SAAoC;AACpE,eAAa;AACX,SAAA,UAAgB,IAAI,MAAM,EAAE,OAAO,SAAoC;;;CAI3E,KAAmC,OAAU,MAA6B;AACxE,QAAA,UAAgB,IAAI,MAAM,EAAE,SAAS,aAAa,SAAS,KAAK,CAAC;;;;;AClBrE,MAAa,qBAAqC,OAAO,MAAM,YAAY;AACzE,KAAI;EACF,MAAM,WAAW,MAAM,MAAM,GAAG,QAAQ,eAAe;GACrD,QAAQ;GACR,SAAS,EACP,gBAAgB,oBACjB;GACD,MAAM,KAAK,UAAU,EACnB,YAAY,KAAK,SAClB,CAAC;GACH,CAAC;AAEF,MAAI,CAAC,SAAS,GACZ;AAOF,UAJgB,MAAM,SAAS,MAAM,EAIvB,WAAW,KAAA;SACnB;AACN;;;;;;;;;;ACGJ,IAAa,oBAAb,MAAa,kBAAkB;CAC7B;CACA;CACA;CACA;CACA;CACA;CACA;;;;CAKA,YAAY,SAAiB;AAC3B,QAAA,UAAgB;;;;;;CAOlB,YAAY,SAA8B;AACxC,QAAA,UAAgB;AAChB,SAAO;;;;;;CAOT,iBAAiB,cAAwC;AACvD,QAAA,eAAqB;AACrB,SAAO;;;;;;CAOT,WAAW,QAA6B;AACtC,QAAA,SAAe;AACf,SAAO;;;;;;;CAQT,mBAAmB,gBAA6C;AAC9D,QAAA,iBAAuB;AACvB,SAAO;;;;;;CAOT,YAAY,SAAuB;AACjC,QAAA,UAAgB;AAChB,SAAO;;;;;;;;CAST,mBAAmB,gBAAsC;AACvD,QAAA,iBAAuB;AACvB,SAAO;;;;;;;CAQT,MAAM,QAAyB;AAC7B,MAAI,CAAC,MAAA,UAAgB,CAAC,MAAA,eACpB,OAAM,IAAI,MACR,oGACD;EAGH,MAAM,SACJ,MAAA,UACC,MAAM,IAAI,qBAAqB,CAC7B,mBAAmB,MAAA,eAAsB,CACzC,OAAO;EAEZ,MAAM,UAAU,MAAA,WAAiB,IAAI,qBAAqB;EAC1D,MAAM,eAAe,MAAA,gBAAsB,IAAI,oBAAoB;EACnE,MAAM,UAAU,MAAA,WAAKiB;EAErB,MAAM,SAAS,IAAI,OACjB,SACA,cACA,QACA,MAAA,SACA,SACA,MAAA,kBAAwB,mBACzB;AAGD,MAAI,OAAO,KACT,KAAI;AACF,SAAM,OAAO,MAAM,OAAO,KAAK,IAAI;WAC5B,OAAO;AACd,WAAQ,MAAM,mCAAmC,MAAM;;AAI3D,SAAO;;;;;CAMT,OAAO,KAAK,SAAkD;EAC5D,MAAM,UAAU,IAAI,kBAAkB,QAAQ,QAAQ;AAEtD,MAAI,QAAQ,QACV,SAAQ,YAAY,QAAQ,QAAQ;AAEtC,MAAI,QAAQ,aACV,SAAQ,iBAAiB,QAAQ,aAAa;AAEhD,MAAI,QAAQ,OACV,SAAQ,WAAW,QAAQ,OAAO;AAEpC,MAAI,QAAQ,eACV,SAAQ,mBAAmB,QAAQ,eAAe;AAEpD,MAAI,QAAQ,QACV,SAAQ,YAAY,QAAQ,QAAQ;AAEtC,MAAI,QAAQ,eACV,SAAQ,mBAAmB,QAAQ,eAAe;AAGpD,SAAO"}
|