@restorecommerce/acs-client 0.6.12 → 0.6.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/lib/acs/authz.js +188 -183
- package/lib/acs/authz.js.map +1 -1
- package/lib/acs/cache.js +43 -48
- package/lib/acs/cache.js.map +1 -1
- package/lib/acs/middleware.js +3 -12
- package/lib/acs/middleware.js.map +1 -1
- package/lib/acs/resolver.js +42 -29
- package/lib/acs/resolver.js.map +1 -1
- package/lib/utils.js +41 -30
- package/lib/utils.js.map +1 -1
- package/package.json +2 -2
- package/tsconfig.json +10 -2
package/lib/acs/cache.js
CHANGED
|
@@ -1,27 +1,33 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
|
|
5
|
+
}) : (function(o, m, k, k2) {
|
|
6
|
+
if (k2 === undefined) k2 = k;
|
|
7
|
+
o[k2] = m[k];
|
|
8
|
+
}));
|
|
9
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
10
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
11
|
+
}) : function(o, v) {
|
|
12
|
+
o["default"] = v;
|
|
13
|
+
});
|
|
14
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
15
|
+
if (mod && mod.__esModule) return mod;
|
|
16
|
+
var result = {};
|
|
17
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
18
|
+
__setModuleDefault(result, mod);
|
|
19
|
+
return result;
|
|
10
20
|
};
|
|
11
|
-
var
|
|
12
|
-
|
|
13
|
-
var m = o[Symbol.asyncIterator], i;
|
|
14
|
-
return m ? m.call(o) : (o = typeof __values === "function" ? __values(o) : o[Symbol.iterator](), i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i);
|
|
15
|
-
function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; }
|
|
16
|
-
function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }
|
|
21
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
22
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
17
23
|
};
|
|
18
24
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
19
25
|
exports.setCacheStatus = exports.flushCache = exports.get = exports.getOrFill = exports.initializeCache = void 0;
|
|
20
26
|
const config_1 = require("../config");
|
|
21
|
-
const logger_1 = require("../logger");
|
|
22
|
-
const crypto = require("crypto");
|
|
27
|
+
const logger_1 = __importDefault(require("../logger"));
|
|
28
|
+
const crypto = __importStar(require("crypto"));
|
|
23
29
|
const redis_1 = require("redis");
|
|
24
|
-
const _ = require("lodash");
|
|
30
|
+
const _ = __importStar(require("lodash"));
|
|
25
31
|
let attempted = false;
|
|
26
32
|
let redisInstance;
|
|
27
33
|
let ttl;
|
|
@@ -30,14 +36,14 @@ let redisSubjectInstance;
|
|
|
30
36
|
/**
|
|
31
37
|
* Initialize ACS Cache
|
|
32
38
|
*/
|
|
33
|
-
const initializeCache = () =>
|
|
39
|
+
const initializeCache = async () => {
|
|
34
40
|
if (attempted || !cacheEnabled) {
|
|
35
41
|
return;
|
|
36
42
|
}
|
|
37
43
|
attempted = true;
|
|
38
44
|
let redis;
|
|
39
45
|
try {
|
|
40
|
-
redis =
|
|
46
|
+
redis = await Promise.resolve().then(() => __importStar(require('redis')));
|
|
41
47
|
}
|
|
42
48
|
catch (e) {
|
|
43
49
|
}
|
|
@@ -48,7 +54,7 @@ const initializeCache = () => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
48
54
|
redisConfig.database = config_1.cfg.get('authorization:cache:db-index');
|
|
49
55
|
redisInstance = (0, redis_1.createClient)(redisConfig);
|
|
50
56
|
redisInstance.on('error', (err) => logger_1.default.error('Redis Client Error in ACS cache', err));
|
|
51
|
-
|
|
57
|
+
await redisInstance.connect();
|
|
52
58
|
ttl = config_1.cfg.get('authorization:cache:ttl');
|
|
53
59
|
}
|
|
54
60
|
if (redisSubConfig) {
|
|
@@ -56,10 +62,10 @@ const initializeCache = () => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
56
62
|
redisSubConfig.database = redisSubConfig['db-indexes']['db-subject'];
|
|
57
63
|
redisSubjectInstance = (0, redis_1.createClient)(redisSubConfig);
|
|
58
64
|
redisSubjectInstance.on('error', (err) => logger_1.default.error('Redis Client Error in ACS cache', err));
|
|
59
|
-
|
|
65
|
+
await redisSubjectInstance.connect();
|
|
60
66
|
}
|
|
61
67
|
}
|
|
62
|
-
}
|
|
68
|
+
};
|
|
63
69
|
exports.initializeCache = initializeCache;
|
|
64
70
|
/**
|
|
65
71
|
* Find the object in cache. If not found, compute it using the filler function
|
|
@@ -68,7 +74,7 @@ exports.initializeCache = initializeCache;
|
|
|
68
74
|
* @param filler The function to execute if key is not found in cache
|
|
69
75
|
* @param prefix The prefix to apply to the object key in the cache
|
|
70
76
|
*/
|
|
71
|
-
const getOrFill = (keyData, filler, useCache, prefix) =>
|
|
77
|
+
const getOrFill = async (keyData, filler, useCache, prefix) => {
|
|
72
78
|
if (!redisInstance || !cacheEnabled) {
|
|
73
79
|
return filler(keyData);
|
|
74
80
|
}
|
|
@@ -77,7 +83,7 @@ const getOrFill = (keyData, filler, useCache, prefix) => __awaiter(void 0, void
|
|
|
77
83
|
if (prefix) {
|
|
78
84
|
redisKey = `${prefix}:` + redisKey;
|
|
79
85
|
}
|
|
80
|
-
let redisKeyResponse =
|
|
86
|
+
let redisKeyResponse = await redisInstance.get(redisKey);
|
|
81
87
|
if (redisKeyResponse && useCache) {
|
|
82
88
|
const response = JSON.parse(redisKeyResponse);
|
|
83
89
|
let evaluation_cacheable = response.evaluation_cacheable;
|
|
@@ -104,20 +110,20 @@ const getOrFill = (keyData, filler, useCache, prefix) => __awaiter(void 0, void
|
|
|
104
110
|
}
|
|
105
111
|
if (!useCache) {
|
|
106
112
|
// when useCache is false, dont store in cache
|
|
107
|
-
return
|
|
113
|
+
return await filler(keyData);
|
|
108
114
|
}
|
|
109
115
|
logger_1.default.debug('Filling cache key: ' + redisKey);
|
|
110
|
-
const acsResponse =
|
|
116
|
+
const acsResponse = await filler(keyData);
|
|
111
117
|
if (acsResponse) {
|
|
112
118
|
if (ttl) {
|
|
113
|
-
|
|
119
|
+
await redisInstance.setEx(redisKey, ttl, JSON.stringify(acsResponse));
|
|
114
120
|
}
|
|
115
121
|
else {
|
|
116
|
-
|
|
122
|
+
await redisInstance.set(redisKey, JSON.stringify(acsResponse));
|
|
117
123
|
}
|
|
118
124
|
}
|
|
119
125
|
return acsResponse;
|
|
120
|
-
}
|
|
126
|
+
};
|
|
121
127
|
exports.getOrFill = getOrFill;
|
|
122
128
|
/**
|
|
123
129
|
* Find the object in cache.
|
|
@@ -126,11 +132,11 @@ exports.getOrFill = getOrFill;
|
|
|
126
132
|
* @param filler The function to execute if key is not found in cache
|
|
127
133
|
* @param prefix The prefix to apply to the object key in the cache
|
|
128
134
|
*/
|
|
129
|
-
const get = (key) =>
|
|
135
|
+
const get = async (key) => {
|
|
130
136
|
if (!redisSubjectInstance) {
|
|
131
137
|
return;
|
|
132
138
|
}
|
|
133
|
-
const redisResponse =
|
|
139
|
+
const redisResponse = await redisSubjectInstance.get(key);
|
|
134
140
|
if (!redisResponse) {
|
|
135
141
|
logger_1.default.info('Key does not exist', { key });
|
|
136
142
|
return;
|
|
@@ -139,15 +145,14 @@ const get = (key) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
139
145
|
logger_1.default.debug('Found key in cache: ' + key);
|
|
140
146
|
return JSON.parse(redisResponse);
|
|
141
147
|
}
|
|
142
|
-
}
|
|
148
|
+
};
|
|
143
149
|
exports.get = get;
|
|
144
150
|
/**
|
|
145
151
|
* Flush the ACS cache
|
|
146
152
|
*
|
|
147
153
|
* @param prefix An optional prefix to flush instead of entire cache
|
|
148
154
|
*/
|
|
149
|
-
const flushCache = (prefix) =>
|
|
150
|
-
var e_1, _a;
|
|
155
|
+
const flushCache = async (prefix) => {
|
|
151
156
|
if (!redisInstance || !cacheEnabled) {
|
|
152
157
|
logger_1.default.info('Redis client not initialized in acs-client');
|
|
153
158
|
return;
|
|
@@ -158,18 +163,8 @@ const flushCache = (prefix) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
158
163
|
let scanIterator;
|
|
159
164
|
try {
|
|
160
165
|
scanIterator = redisInstance.scanIterator({ MATCH: flushPattern, COUNT: 100 });
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
const key = scanIterator_1_1.value;
|
|
164
|
-
yield redisInstance.del(key);
|
|
165
|
-
}
|
|
166
|
-
}
|
|
167
|
-
catch (e_1_1) { e_1 = { error: e_1_1 }; }
|
|
168
|
-
finally {
|
|
169
|
-
try {
|
|
170
|
-
if (scanIterator_1_1 && !scanIterator_1_1.done && (_a = scanIterator_1.return)) yield _a.call(scanIterator_1);
|
|
171
|
-
}
|
|
172
|
-
finally { if (e_1) throw e_1.error; }
|
|
166
|
+
for await (const key of scanIterator) {
|
|
167
|
+
await redisInstance.del(key);
|
|
173
168
|
}
|
|
174
169
|
logger_1.default.debug(`Successfully flushed cache pattern ${flushPattern}`);
|
|
175
170
|
return;
|
|
@@ -180,11 +175,11 @@ const flushCache = (prefix) => __awaiter(void 0, void 0, void 0, function* () {
|
|
|
180
175
|
}
|
|
181
176
|
}
|
|
182
177
|
logger_1.default.debug('Flushing ACS cache');
|
|
183
|
-
const reply =
|
|
178
|
+
const reply = await redisInstance.flushDb();
|
|
184
179
|
if (reply) {
|
|
185
180
|
logger_1.default.debug('Flushed ACS cache');
|
|
186
181
|
}
|
|
187
|
-
}
|
|
182
|
+
};
|
|
188
183
|
exports.flushCache = flushCache;
|
|
189
184
|
/**
|
|
190
185
|
* Enable / Disable ACS Caching
|
package/lib/acs/cache.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cache.js","sourceRoot":"","sources":["../../src/acs/cache.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"cache.js","sourceRoot":"","sources":["../../src/acs/cache.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,sCAAgC;AAChC,uDAA+B;AAC/B,+CAAiC;AACjC,iCAAsD;AACtD,0CAA4B;AAE5B,IAAI,SAAS,GAAG,KAAK,CAAC;AACtB,IAAI,aAAwC,CAAC;AAC7C,IAAI,GAAuB,CAAC;AAC5B,IAAI,YAAY,GAAG,IAAI,CAAC;AACxB,IAAI,oBAA+C,CAAC;AAEpD;;GAEG;AACI,MAAM,eAAe,GAAG,KAAK,IAAI,EAAE;IACxC,IAAI,SAAS,IAAI,CAAC,YAAY,EAAE;QAC9B,OAAO;KACR;IAED,SAAS,GAAG,IAAI,CAAC;IAEjB,IAAI,KAAK,CAAC;IAEV,IAAI;QACF,KAAK,GAAG,wDAAa,OAAO,GAAC,CAAC;KAC/B;IAAC,OAAO,CAAC,EAAE;KACX;IAED,IAAI,KAAK,EAAE;QACT,MAAM,WAAW,GAAG,YAAG,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QACnD,MAAM,cAAc,GAAG,YAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACxC,IAAI,WAAW,EAAE;YACf,WAAW,CAAC,QAAQ,GAAG,YAAG,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;YAC/D,aAAa,GAAG,IAAA,oBAAY,EAAC,WAAW,CAAC,CAAC;YAC1C,aAAa,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,gBAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE,GAAG,CAAC,CAAC,CAAC;YACzF,MAAM,aAAa,CAAC,OAAO,EAAE,CAAC;YAC9B,GAAG,GAAG,YAAG,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;SAC1C;QACD,IAAI,cAAc,EAAE;YAClB,8BAA8B;YAC9B,cAAc,CAAC,QAAQ,GAAG,cAAc,CAAC,YAAY,CAAC,CAAC,YAAY,CAAC,CAAC;YACrE,oBAAoB,GAAG,IAAA,oBAAY,EAAC,cAAc,CAAC,CAAC;YACpD,oBAAoB,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,gBAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE,GAAG,CAAC,CAAC,CAAC;YAChG,MAAM,oBAAoB,CAAC,OAAO,EAAE,CAAC;SACtC;KACF;AACH,CAAC,CAAC;AAhCW,QAAA,eAAe,mBAgC1B;AAEF;;;;;;GAMG;AACI,MAAM,SAAS,GAAG,KAAK,EAAQ,OAAU,EAAE,MAA+B,EAC/E,QAAiB,EAAE,MAAe,EAA0B,EAAE;IAC9D,IAAI,CAAC,aAAa,IAAI,CAAC,YAAY,EAAE;QACnC,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC;KACxB;IAED,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACvG,IAAI,QAAQ,GAAG,GAAG,SAAS,EAAE,CAAC;IAE9B,IAAI,MAAM,EAAE;QACV,QAAQ,GAAG,GAAG,MAAM,GAAG,GAAG,QAAQ,CAAC;KACpC;IACD,IAAI,gBAAgB,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACzD,IAAI,gBAAgB,IAAI,QAAQ,EAAE;QAChC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;QAC9C,IAAI,oBAAoB,GAAG,QAAQ,CAAC,oBAAoB,CAAC;QACzD,IAAI,QAAQ,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE;YAChD,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;YAClD,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;gBACnC,KAAK,IAAI,MAAM,IAAI,QAAQ,EAAE;oBAC3B,KAAK,IAAI,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE;wBAC7B,IAAI,CAAC,IAAI,CAAC,oBAAoB,IAAI,CAAC,IAAI,CAAC,oBAAoB,KAAK,KAAK,CAAC,EAAE;4BACvE,oBAAoB,GAAG,IAAI,CAAC,oBAAoB,CAAC;4BACjD,MAAM;yBACP;6BAAM,IAAI,IAAI,CAAC,oBAAoB,EAAE;4BACpC,oBAAoB,GAAG,IAAI,CAAC,oBAAoB,CAAC;yBAClD;qBACF;iBACF;aACF;SACF;QACD,IAAI,oBAAoB,EAAE;YACxB,gBAAM,CAAC,KAAK,CAAC,sBAAsB,GAAG,QAAQ,CAAC,CAAC;YAChD,OAAO,QAAQ,CAAC;SACjB;KACF;IAED,IAAI,CAAC,QAAQ,EAAE;QACb,8CAA8C;QAC9C,OAAO,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;KAC9B;IAED,gBAAM,CAAC,KAAK,CAAC,qBAAqB,GAAG,QAAQ,CAAC,CAAC;IAC/C,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;IAC1C,IAAI,WAAW,EAAE;QACf,IAAI,GAAG,EAAE;YACP,MAAM,aAAa,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC;SACvE;aAAM;YACL,MAAM,aAAa,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC;SAChE;KACF;IACD,OAAO,WAAW,CAAC;AACrB,CAAC,CAAC;AApDW,QAAA,SAAS,aAoDpB;AAEF;;;;;;GAMG;AACI,MAAM,GAAG,GAAG,KAAK,EAAE,GAAW,EAAgB,EAAE;IACrD,IAAI,CAAC,oBAAoB,EAAE;QACzB,OAAO;KACR;IACD,MAAM,aAAa,GAAG,MAAM,oBAAoB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC1D,IAAI,CAAC,aAAa,EAAE;QAClB,gBAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC;QAC3C,OAAO;KACR;IACD,IAAI,aAAa,EAAE;QACjB,gBAAM,CAAC,KAAK,CAAC,sBAAsB,GAAG,GAAG,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;KAClC;AACH,CAAC,CAAC;AAbW,QAAA,GAAG,OAad;AAEF;;;;GAIG;AACI,MAAM,UAAU,GAAG,KAAK,EAAE,MAAe,EAAE,EAAE;IAClD,IAAI,CAAC,aAAa,IAAI,CAAC,YAAY,EAAE;QACnC,gBAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC1D,OAAO;KACR;IAED,IAAI,MAAM,IAAI,SAAS,EAAE;QACvB,IAAI,YAAY,GAAG,OAAO,MAAM,IAAI,CAAC;QACrC,gBAAM,CAAC,KAAK,CAAC,+BAA+B,YAAY,EAAE,CAAC,CAAC;QAC5D,IAAI,YAAY,CAAC;QACjB,IAAI;YACF,YAAY,GAAG,aAAa,CAAC,YAAY,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/E,IAAI,KAAK,EAAE,MAAM,GAAG,IAAI,YAAY,EAAE;gBACpC,MAAM,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;aAC9B;YACD,gBAAM,CAAC,KAAK,CAAC,sCAAsC,YAAY,EAAE,CAAC,CAAC;YACnE,OAAO;SACR;QAAC,OAAO,GAAG,EAAE;YACZ,gBAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YACnE,OAAO;SACR;KACF;IACD,gBAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACnC,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE,CAAC;IAC5C,IAAI,KAAK,EAAE;QACT,gBAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;KACnC;AACH,CAAC,CAAC;AA3BW,QAAA,UAAU,cA2BrB;AAEF;;;;GAIG;AACI,MAAM,cAAc,GAAG,CAAC,OAAgB,EAAE,EAAE;IACjD,YAAY,GAAG,OAAO,CAAC;IAEvB,IAAI,OAAO,EAAE;QACX,gBAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;QAClC,IAAA,uBAAe,GAAE,CAAC;KACnB;SAAM;QACL,gBAAM,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;KACpC;AACH,CAAC,CAAC;AATW,QAAA,cAAc,kBASzB"}
|
package/lib/acs/middleware.js
CHANGED
|
@@ -1,13 +1,4 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
-
});
|
|
10
|
-
};
|
|
11
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
3
|
exports.acsClientMiddleware = void 0;
|
|
13
4
|
const authz_1 = require("./authz");
|
|
@@ -16,10 +7,10 @@ const authz_1 = require("./authz");
|
|
|
16
7
|
*/
|
|
17
8
|
const acsClientMiddleware = (config) => {
|
|
18
9
|
(0, authz_1.initAuthZ)(config);
|
|
19
|
-
return (ctx, next) =>
|
|
10
|
+
return async (ctx, next) => {
|
|
20
11
|
ctx.authZ = authz_1.authZ;
|
|
21
|
-
|
|
22
|
-
}
|
|
12
|
+
await next();
|
|
13
|
+
};
|
|
23
14
|
};
|
|
24
15
|
exports.acsClientMiddleware = acsClientMiddleware;
|
|
25
16
|
//# sourceMappingURL=middleware.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/acs/middleware.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/acs/middleware.ts"],"names":[],"mappings":";;;AAAA,mCAA2C;AAE3C;;GAEG;AACI,MAAM,mBAAmB,GAAG,CAAC,MAAY,EAAE,EAAE;IAClD,IAAA,iBAAS,EAAC,MAAM,CAAC,CAAC;IAElB,OAAO,KAAK,EAAE,GAAQ,EAAE,IAAI,EAAE,EAAE;QAC9B,GAAG,CAAC,KAAK,GAAG,aAAK,CAAC;QAClB,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC;AACJ,CAAC,CAAC;AAPW,QAAA,mBAAmB,uBAO9B"}
|
package/lib/acs/resolver.js
CHANGED
|
@@ -1,18 +1,31 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
|
|
5
|
+
}) : (function(o, m, k, k2) {
|
|
6
|
+
if (k2 === undefined) k2 = k;
|
|
7
|
+
o[k2] = m[k];
|
|
8
|
+
}));
|
|
9
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
10
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
11
|
+
}) : function(o, v) {
|
|
12
|
+
o["default"] = v;
|
|
13
|
+
});
|
|
14
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
15
|
+
if (mod && mod.__esModule) return mod;
|
|
16
|
+
var result = {};
|
|
17
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
18
|
+
__setModuleDefault(result, mod);
|
|
19
|
+
return result;
|
|
20
|
+
};
|
|
21
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
22
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
10
23
|
};
|
|
11
24
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
25
|
exports.whatIsAllowed = exports.isAllowed = exports.accessRequest = exports.isAllowedRequest = void 0;
|
|
13
|
-
const _ = require("lodash");
|
|
26
|
+
const _ = __importStar(require("lodash"));
|
|
14
27
|
const interfaces_1 = require("./interfaces");
|
|
15
|
-
const logger_1 = require("../logger");
|
|
28
|
+
const logger_1 = __importDefault(require("../logger"));
|
|
16
29
|
const config_1 = require("../config");
|
|
17
30
|
const utils_1 = require("../utils");
|
|
18
31
|
const grpc_client_1 = require("@restorecommerce/grpc-client");
|
|
@@ -21,12 +34,12 @@ const subjectIsUnauthenticated = (subject) => {
|
|
|
21
34
|
return !!subject
|
|
22
35
|
&& 'unauthenticated' in subject && subject['unauthenticated'];
|
|
23
36
|
};
|
|
24
|
-
const whatIsAllowedRequest = (subject, resource, action, ctx, useCache) =>
|
|
37
|
+
const whatIsAllowedRequest = async (subject, resource, action, ctx, useCache) => {
|
|
25
38
|
if (subjectIsUnauthenticated(subject)) {
|
|
26
39
|
const grpcConfig = config_1.cfg.get('client:acs-srv');
|
|
27
40
|
const acsClient = new grpc_client_1.GrpcClient(grpcConfig, logger_1.default);
|
|
28
41
|
const acs = acsClient['acs-srv'];
|
|
29
|
-
return
|
|
42
|
+
return await new authz_1.UnAuthZ(acs).whatIsAllowed({
|
|
30
43
|
target: {
|
|
31
44
|
subject: subject, resource, action
|
|
32
45
|
},
|
|
@@ -36,7 +49,7 @@ const whatIsAllowedRequest = (subject, resource, action, ctx, useCache) => __awa
|
|
|
36
49
|
}, ctx, useCache);
|
|
37
50
|
}
|
|
38
51
|
else {
|
|
39
|
-
return
|
|
52
|
+
return await authz_1.authZ.whatIsAllowed({
|
|
40
53
|
context: {
|
|
41
54
|
security: {}
|
|
42
55
|
},
|
|
@@ -47,13 +60,13 @@ const whatIsAllowedRequest = (subject, resource, action, ctx, useCache) => __awa
|
|
|
47
60
|
}
|
|
48
61
|
}, ctx, useCache);
|
|
49
62
|
}
|
|
50
|
-
}
|
|
51
|
-
const isAllowedRequest = (subject, resource, action, ctx, useCache) =>
|
|
63
|
+
};
|
|
64
|
+
const isAllowedRequest = async (subject, resource, action, ctx, useCache) => {
|
|
52
65
|
if (subjectIsUnauthenticated(subject)) {
|
|
53
66
|
const grpcConfig = config_1.cfg.get('client:acs-srv');
|
|
54
67
|
const acsClient = new grpc_client_1.GrpcClient(grpcConfig, logger_1.default);
|
|
55
68
|
const acs = acsClient['acs-srv'];
|
|
56
|
-
return
|
|
69
|
+
return await new authz_1.UnAuthZ(acs).isAllowed({
|
|
57
70
|
target: {
|
|
58
71
|
subject: subject, resource, action
|
|
59
72
|
},
|
|
@@ -63,7 +76,7 @@ const isAllowedRequest = (subject, resource, action, ctx, useCache) => __awaiter
|
|
|
63
76
|
}, ctx, useCache);
|
|
64
77
|
}
|
|
65
78
|
else {
|
|
66
|
-
return
|
|
79
|
+
return await authz_1.authZ.isAllowed({
|
|
67
80
|
context: {
|
|
68
81
|
security: {}
|
|
69
82
|
},
|
|
@@ -74,7 +87,7 @@ const isAllowedRequest = (subject, resource, action, ctx, useCache) => __awaiter
|
|
|
74
87
|
}
|
|
75
88
|
}, ctx, useCache);
|
|
76
89
|
}
|
|
77
|
-
}
|
|
90
|
+
};
|
|
78
91
|
exports.isAllowedRequest = isAllowedRequest;
|
|
79
92
|
/**
|
|
80
93
|
* It turns an API request as can be found in typical Web frameworks like express, koa etc.
|
|
@@ -94,7 +107,7 @@ exports.isAllowedRequest = isAllowedRequest;
|
|
|
94
107
|
* is not used and ACS request is made to `access-control-srv`
|
|
95
108
|
* @returns {DecisionResponse | PolicySetRQResponse}
|
|
96
109
|
*/
|
|
97
|
-
const accessRequest = (subject, resource, action, ctx, operation, database, useCache = true) =>
|
|
110
|
+
const accessRequest = async (subject, resource, action, ctx, operation, database, useCache = true) => {
|
|
98
111
|
// when subject is not passed (if auth header is not set)
|
|
99
112
|
if (_.isEmpty(subject)) {
|
|
100
113
|
subject = { unauthenticated: true };
|
|
@@ -164,7 +177,7 @@ const accessRequest = (subject, resource, action, ctx, operation, database, useC
|
|
|
164
177
|
try {
|
|
165
178
|
// retrieving set of applicable policies/rules from ACS
|
|
166
179
|
// Note: it is assumed that there is only one policy set
|
|
167
|
-
policySetResponse =
|
|
180
|
+
policySetResponse = await whatIsAllowedRequest(subClone, resource, action, ctx, useCache);
|
|
168
181
|
}
|
|
169
182
|
catch (err) {
|
|
170
183
|
logger_1.default.error('Error calling whatIsAllowed operation', { message: err.message });
|
|
@@ -187,7 +200,7 @@ const accessRequest = (subject, resource, action, ctx, operation, database, useC
|
|
|
187
200
|
`config is disabled overriding the ACS result`);
|
|
188
201
|
}
|
|
189
202
|
// create filters to enforce applicable policies and custom query / args if applicable
|
|
190
|
-
const resourceFilters =
|
|
203
|
+
const resourceFilters = await (0, utils_1.createResourceFilterMap)(resource, policySetResponse, ctx.resources, action, subClone, subjectID, authzEnforced, targetScope, database);
|
|
191
204
|
if (resourceFilters.decision) {
|
|
192
205
|
return resourceFilters;
|
|
193
206
|
}
|
|
@@ -214,7 +227,7 @@ const accessRequest = (subject, resource, action, ctx, operation, database, useC
|
|
|
214
227
|
if (operation === interfaces_1.Operation.isAllowed) {
|
|
215
228
|
// authorization
|
|
216
229
|
try {
|
|
217
|
-
decisionResponse =
|
|
230
|
+
decisionResponse = await (0, exports.isAllowedRequest)(subClone, resource, action, ctx, useCache);
|
|
218
231
|
}
|
|
219
232
|
catch (err) {
|
|
220
233
|
logger_1.default.error('Error calling isAllowed operation', { message: err.message });
|
|
@@ -250,7 +263,7 @@ const accessRequest = (subject, resource, action, ctx, operation, database, useC
|
|
|
250
263
|
decisionResponse.decision = interfaces_1.Decision.PERMIT;
|
|
251
264
|
}
|
|
252
265
|
return decisionResponse;
|
|
253
|
-
}
|
|
266
|
+
};
|
|
254
267
|
exports.accessRequest = accessRequest;
|
|
255
268
|
/**
|
|
256
269
|
* Exposes the isAllowed() api of `access-control-srv` and retruns the response
|
|
@@ -259,10 +272,10 @@ exports.accessRequest = accessRequest;
|
|
|
259
272
|
* @param {ACSContext} ctx Context Object containing requester's subject information
|
|
260
273
|
* @return {Decision} PERMIT or DENY or INDETERMINATE
|
|
261
274
|
*/
|
|
262
|
-
const isAllowed = (request, authZ) =>
|
|
275
|
+
const isAllowed = async (request, authZ) => {
|
|
263
276
|
let isAllowedResponse;
|
|
264
277
|
try {
|
|
265
|
-
isAllowedResponse =
|
|
278
|
+
isAllowedResponse = await authZ.acs.isAllowed(request);
|
|
266
279
|
if (isAllowedResponse && isAllowedResponse.obligation && isAllowedResponse.obligation.length > 0) {
|
|
267
280
|
isAllowedResponse.obligation = (0, utils_1.mapResourceURNObligationProperties)(isAllowedResponse.obligation);
|
|
268
281
|
}
|
|
@@ -273,7 +286,7 @@ const isAllowed = (request, authZ) => __awaiter(void 0, void 0, void 0, function
|
|
|
273
286
|
return { decision: interfaces_1.Decision.DENY, operation_status: (0, utils_1.generateOperationStatus)(err.code, err.message) };
|
|
274
287
|
}
|
|
275
288
|
return isAllowedResponse;
|
|
276
|
-
}
|
|
289
|
+
};
|
|
277
290
|
exports.isAllowed = isAllowed;
|
|
278
291
|
/**
|
|
279
292
|
* Exposes the whatIsAllowed() api of `access-control-srv` and retruns the response
|
|
@@ -282,10 +295,10 @@ exports.isAllowed = isAllowed;
|
|
|
282
295
|
* @param {ACSContext} ctx Context Object containing requester's subject information
|
|
283
296
|
* @return {PolicySetRQ} set of applicalbe policies and rules for the input request
|
|
284
297
|
*/
|
|
285
|
-
const whatIsAllowed = (request, authZ) =>
|
|
298
|
+
const whatIsAllowed = async (request, authZ) => {
|
|
286
299
|
let whatIsAllowedResponse;
|
|
287
300
|
try {
|
|
288
|
-
whatIsAllowedResponse =
|
|
301
|
+
whatIsAllowedResponse = await authZ.acs.whatIsAllowed(request);
|
|
289
302
|
if (whatIsAllowedResponse && whatIsAllowedResponse.obligation && whatIsAllowedResponse.obligation.length > 0) {
|
|
290
303
|
whatIsAllowedResponse.obligation = (0, utils_1.mapResourceURNObligationProperties)(whatIsAllowedResponse.obligation);
|
|
291
304
|
}
|
|
@@ -296,6 +309,6 @@ const whatIsAllowed = (request, authZ) => __awaiter(void 0, void 0, void 0, func
|
|
|
296
309
|
return { decision: interfaces_1.Decision.DENY, policy_sets: [], operation_status: (0, utils_1.generateOperationStatus)(err.code, err.message) };
|
|
297
310
|
}
|
|
298
311
|
return whatIsAllowedResponse;
|
|
299
|
-
}
|
|
312
|
+
};
|
|
300
313
|
exports.whatIsAllowed = whatIsAllowed;
|
|
301
314
|
//# sourceMappingURL=resolver.js.map
|
package/lib/acs/resolver.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"resolver.js","sourceRoot":"","sources":["../../src/acs/resolver.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"resolver.js","sourceRoot":"","sources":["../../src/acs/resolver.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,0CAA4B;AAC5B,6CAGsB;AAEtB,uDAA+B;AAC/B,sCAAwC;AACxC,oCAAmI;AACnI,8DAA0D;AAC1D,mCAAmD;AAGnD,MAAM,wBAAwB,GAAG,CAAC,OAAY,EAAqC,EAAE;IACnF,OAAO,CAAC,CAAC,OAAO;WACX,iBAAiB,IAAI,OAAO,IAAI,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAClE,CAAC,CAAC;AAEF,MAAM,oBAAoB,GAAG,KAAK,EAAE,OAAgB,EAAE,QAAoB,EACxE,MAAmB,EAAE,GAAqB,EAAE,QAAiB,EAAE,EAAE;IACjE,IAAI,wBAAwB,CAAC,OAAO,CAAC,EAAE;QACrC,MAAM,UAAU,GAAG,YAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAC7C,MAAM,SAAS,GAAG,IAAI,wBAAU,CAAC,UAAU,EAAE,gBAAM,CAAC,CAAC;QACrD,MAAM,GAAG,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC;QACjC,OAAO,MAAM,IAAI,eAAO,CAAC,GAAG,CAAC,CAAC,aAAa,CAAC;YAC1C,MAAM,EAAE;gBACN,OAAO,EAAG,OAA+B,EAAE,QAAQ,EAAE,MAAM;aAC5D;YACD,OAAO,EAAE;gBACP,QAAQ,EAAE,EAAE;aACb;SACF,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;KACnB;SAAM;QACL,OAAO,MAAM,aAAK,CAAC,aAAa,CAAC;YAC/B,OAAO,EAAE;gBACP,QAAQ,EAAE,EAAE;aACb;YACD,MAAM,EAAE;gBACN,OAAO;gBACP,QAAQ;gBACR,MAAM;aACP;SACF,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;KACnB;AACH,CAAC,CAAC;AAEK,MAAM,gBAAgB,GAAG,KAAK,EAAE,OAAgB,EACrD,QAAoB,EAAE,MAAmB,EAAE,GAAqB,EAAE,QAAiB,EAA6B,EAAE;IAClH,IAAI,wBAAwB,CAAC,OAAO,CAAC,EAAE;QACrC,MAAM,UAAU,GAAG,YAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAC7C,MAAM,SAAS,GAAG,IAAI,wBAAU,CAAC,UAAU,EAAE,gBAAM,CAAC,CAAC;QACrD,MAAM,GAAG,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC;QACjC,OAAO,MAAM,IAAI,eAAO,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC;YACtC,MAAM,EAAE;gBACN,OAAO,EAAG,OAA+B,EAAE,QAAQ,EAAE,MAAM;aAC5D;YACD,OAAO,EAAE;gBACP,QAAQ,EAAE,EAAE;aACb;SACF,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;KACnB;SAAM;QACL,OAAO,MAAM,aAAK,CAAC,SAAS,CAAC;YAC3B,OAAO,EAAE;gBACP,QAAQ,EAAE,EAAE;aACb;YACD,MAAM,EAAE;gBACN,OAAO;gBACP,QAAQ;gBACR,MAAM;aACP;SACF,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;KACnB;AACH,CAAC,CAAC;AA1BW,QAAA,gBAAgB,oBA0B3B;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACI,MAAM,aAAa,GAAG,KAAK,EAAE,OAAgB,EAAE,QAAoB,EACxE,MAAmB,EAAE,GAAqB,EAAE,SAAqB,EACjE,QAAkC,EAAE,QAAQ,GAAG,IAAI,EAAmD,EAAE;IACxG,yDAAyD;IACzD,IAAI,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;QACtB,OAAO,GAAG,EAAE,eAAe,EAAE,IAAI,EAAE,CAAC;KACrC;IACD,IAAI,QAAQ,GAAG,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IACpC,IAAI,KAAK,CAAC;IACV,IAAI,OAAO,IAAI,OAAO,CAAC,KAAK,EAAE;QAC5B,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;KACvB;IACD,4BAA4B;IAC5B,IAAI,KAAK,EAAE;QACT,MAAM,gBAAgB,GAAG,YAAG,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QAC1D,IAAI,gBAAgB,KAAK,KAAK,EAAE;YAC9B,OAAO,EAAE,QAAQ,EAAE,qBAAQ,CAAC,MAAM,EAAE,gBAAgB,EAAE,IAAA,+BAAuB,EAAC,GAAG,EAAE,SAAS,CAAC,EAAE,CAAC;SACjG;KACF;IACD,IAAI,YAAY,GAAG,YAAG,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IACpD,IAAI,aAAa,GAAG,YAAG,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IACrD,iFAAiF;IACjF,8BAA8B;IAC9B,IAAI,YAAY,KAAK,SAAS,EAAE;QAC9B,YAAY,GAAG,IAAI,CAAC;KACrB;IACD,IAAI,aAAa,KAAK,SAAS,EAAE;QAC/B,aAAa,GAAG,IAAI,CAAC;KACtB;IACD,+BAA+B;IAC/B,IAAI,CAAC,YAAY,EAAE;QACjB,OAAO,EAAE,QAAQ,EAAE,qBAAQ,CAAC,MAAM,EAAE,gBAAgB,EAAE,IAAA,+BAAuB,EAAC,GAAG,EAAE,SAAS,CAAC,EAAE,CAAC;KACjG;IAED,IAAI,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;QACtB,OAAO,EAAE,QAAQ,EAAE,qBAAQ,CAAC,IAAI,EAAE,gBAAgB,EAAE,IAAA,+BAAuB,EAAC,eAAM,CAAC,kBAAkB,CAAC,IAAI,EAAE,eAAM,CAAC,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;KAClJ;IAED,IAAI,SAAS,CAAC;IACd,IAAI,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC;IAChC,0BAA0B;IAC1B,IAAI,OAAO,IAAI,OAAO,CAAC,EAAE,EAAE;QACzB,SAAS,GAAG,OAAO,CAAC,EAAE,CAAC;KACxB;IAED,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;QACxB,QAAQ,GAAG,CAAC,QAAQ,CAAC,CAAC;KACvB;IAED,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;QACvB,MAAM,GAAG,GAAG,+CAA+C,SAAS,IAAI;YACtE,YAAY,QAAQ,YAAY,MAAM,kBAAkB,WAAW,kCAAkC,CAAC;QACxG,MAAM,OAAO,GAAG,gBAAgB,CAAC;QACjC,gBAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACpB,gBAAM,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;QACxC,OAAO,EAAE,QAAQ,EAAE,qBAAQ,CAAC,IAAI,EAAE,gBAAgB,EAAE,IAAA,+BAAuB,EAAC,MAAM,CAAC,eAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;KAC5H;IAED,qCAAqC;IACrC,IAAI,CAAC,SAAS,EAAE;QACd,SAAS,GAAG,sBAAS,CAAC,SAAS,CAAC;KACjC;IAED,+BAA+B;IAC/B,IAAI,CAAC,QAAQ,EAAE;QACb,QAAQ,GAAG,UAAU,CAAC;KACvB;IAED,gBAAgB;IAChB,IAAI,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE;QAC9C,GAAG,CAAC,SAAS,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;KACjC;IAED,0BAA0B;IAC1B,IAAI,SAAS,KAAK,sBAAS,CAAC,aAAa,EAAE;QACzC,uCAAuC;QACvC,IAAI,iBAAsC,CAAC;QAC3C,IAAI;YACF,uDAAuD;YACvD,wDAAwD;YACxD,iBAAiB,GAAG,MAAM,oBAAoB,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;SAC3F;QAAC,OAAO,GAAG,EAAE;YACZ,gBAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YAChF,gBAAM,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YACvC,OAAO,EAAE,QAAQ,EAAE,qBAAQ,CAAC,IAAI,EAAE,gBAAgB,EAAE,IAAA,+BAAuB,EAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;SACtG;QAED,oCAAoC;QACpC,IAAI,CAAC,CAAC,iBAAiB,IAAI,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC,IAAI,aAAa,EAAE;YACrF,MAAM,GAAG,GAAG,+CAA+C,SAAS,IAAI;gBACtE,YAAY,QAAQ,YAAY,MAAM,kBAAkB,WAAW,kCAAkC,CAAC;YACxG,MAAM,OAAO,GAAG,wCAAwC,CAAC;YACzD,gBAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACpB,gBAAM,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;YACxC,OAAO,EAAE,QAAQ,EAAE,qBAAQ,CAAC,IAAI,EAAE,gBAAgB,EAAE,IAAA,+BAAuB,EAAC,MAAM,CAAC,eAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;SAC5H;QAED,IAAI,CAAC,CAAC,iBAAiB,IAAI,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,aAAa,EAAE;YACtF,gBAAM,CAAC,OAAO,CAAC,kEAAkE;gBAC/E,GAAG,SAAS,cAAc,QAAQ,YAAY,MAAM,kBAAkB,WAAW,GAAG;gBACpF,uEAAuE;gBACvE,8CAA8C,CAAC,CAAC;SACnD;QAED,sFAAsF;QACtF,MAAM,eAAe,GAAG,MAAM,IAAA,+BAAuB,EAAC,QAAQ,EAAE,iBAAiB,EAC/E,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,aAAa,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;QAEpF,IAAK,eAAoC,CAAC,QAAQ,EAAE;YAClD,OAAO,eAAmC,CAAC;SAC5C;QAED,iBAAiB,CAAC,OAAO,GAAI,eAAqC,CAAC,iBAAiB,CAAC;QACrF,iBAAiB,CAAC,iBAAiB,GAAI,eAAqC,CAAC,eAAe,CAAC;QAC7F,iBAAiB,CAAC,QAAQ,GAAG,qBAAQ,CAAC,MAAM,CAAC,CAAC,oEAAoE;QAClH,iBAAiB,CAAC,gBAAgB,GAAG,IAAA,+BAAuB,EAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAC7E,OAAO,iBAAiB,CAAC;KAC1B;IAED,IAAI,YAAY,GAAG,EAAE,CAAC;IACtB,QAAQ,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;QAC/B,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IACH,IAAI,cAAc,CAAC;IACnB,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE;QAC7B,cAAc,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;KAClC;SAAM;QACL,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;KAC/C;IACD,eAAe;IACf,IAAI,gBAAgB,GAAqB,EAAE,QAAQ,EAAE,qBAAQ,CAAC,IAAI,EAAE,gBAAgB,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC;IACjH,sBAAsB;IACtB,IAAI,SAAS,KAAK,sBAAS,CAAC,SAAS,EAAE;QACrC,gBAAgB;QAChB,IAAI;YACF,gBAAgB,GAAG,MAAM,IAAA,wBAAgB,EAAC,QAAmB,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;SACjG;QAAC,OAAO,GAAG,EAAE;YACZ,gBAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YAC5E,gBAAM,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;YACvC,OAAO,EAAE,QAAQ,EAAE,qBAAQ,CAAC,IAAI,EAAE,gBAAgB,EAAE,IAAA,+BAAuB,EAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;SACtG;QAED,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,IAAI,qBAAQ,CAAC,MAAM,IAAI,aAAa,EAAE;YACrF,IAAI,OAAO,GAAG,EAAE,CAAC;YACjB,IAAI,gBAAgB,CAAC,QAAQ,KAAK,qBAAQ,CAAC,aAAa,EAAE;gBACxD,OAAO,GAAG,qCAAqC,CAAC;aACjD;iBAAM,IAAI,gBAAgB,CAAC,QAAQ,KAAK,qBAAQ,CAAC,IAAI,EAAE;gBACtD,OAAO,GAAG,WAAW,SAAS,mDAAmD,WAAW,EAAE,CAAC;aAChG;YACD,MAAM,GAAG,GAAG,+CAA+C,SAAS,IAAI;gBACtE,YAAY,cAAc,YAAY,MAAM,kBAAkB,WAAW,sBAAsB,gBAAgB,CAAC,QAAQ,EAAE,CAAC;YAC7H,gBAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACpB,gBAAM,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;YACxC,OAAO,EAAE,QAAQ,EAAE,qBAAQ,CAAC,IAAI,EAAE,gBAAgB,EAAE,IAAA,+BAAuB,EAAC,MAAM,CAAC,eAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;SAC5H;KACF;IACD,IAAI,CAAC,aAAa,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,QAAQ,IAAI,qBAAQ,CAAC,MAAM,EAAE;QACtF,IAAI,OAAO,GAAG,EAAE,CAAC;QACjB,IAAI,gBAAgB,CAAC,QAAQ,KAAK,qBAAQ,CAAC,aAAa,EAAE;YACxD,OAAO,GAAG,qCAAqC,CAAC;SACjD;aAAM,IAAI,gBAAgB,CAAC,QAAQ,KAAK,qBAAQ,CAAC,IAAI,EAAE;YACtD,OAAO,GAAG,WAAW,SAAS,mDAAmD,WAAW,EAAE,CAAC;SAChG;QACD,gBAAM,CAAC,OAAO,CAAC,+CAA+C,SAAS,IAAI;YACzE,YAAY,cAAc,YAAY,MAAM,kBAAkB,WAAW,sBAAsB,gBAAgB,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC9H,gBAAM,CAAC,OAAO,CAAC,GAAG,OAAO,+DAA+D,CAAC,CAAC;QAC1F,gBAAgB,CAAC,QAAQ,GAAG,qBAAQ,CAAC,MAAM,CAAC;KAC7C;IACD,OAAO,gBAAgB,CAAC;AAC1B,CAAC,CAAC;AAzKW,QAAA,aAAa,iBAyKxB;AAEF;;;;;;GAMG;AACI,MAAM,SAAS,GAAG,KAAK,EAAE,OAAmB,EACjD,KAAe,EAA6B,EAAE;IAC9C,IAAI,iBAAmC,CAAC;IACxC,IAAI;QACF,iBAAiB,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACvD,IAAG,iBAAiB,IAAI,iBAAiB,CAAC,UAAU,IAAI,iBAAiB,CAAC,UAAU,CAAC,MAAM,GAAE,CAAC,EAAE;YAC9F,iBAAiB,CAAC,UAAU,GAAG,IAAA,0CAAkC,EAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;SACjG;KACF;IAAC,OAAO,GAAG,EAAE;QACZ,gBAAM,CAAC,KAAK,CAAC,yCAAyC,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;QACrE,gBAAM,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;QACvC,OAAO,EAAE,QAAQ,EAAE,qBAAQ,CAAC,IAAI,EAAE,gBAAgB,EAAE,IAAA,+BAAuB,EAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;KACtG;IAED,OAAO,iBAAiB,CAAC;AAC3B,CAAC,CAAC;AAfW,QAAA,SAAS,aAepB;AAEF;;;;;;GAMG;AACI,MAAM,aAAa,GAAG,KAAK,EAAE,OAAmB,EACrD,KAAe,EAAgC,EAAE;IACjD,IAAI,qBAA0C,CAAC;IAC/C,IAAI;QACF,qBAAqB,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAC/D,IAAG,qBAAqB,IAAI,qBAAqB,CAAC,UAAU,IAAI,qBAAqB,CAAC,UAAU,CAAC,MAAM,GAAE,CAAC,EAAE;YAC1G,qBAAqB,CAAC,UAAU,GAAG,IAAA,0CAAkC,EAAC,qBAAqB,CAAC,UAAU,CAAC,CAAC;SACzG;KACF;IAAC,OAAO,GAAG,EAAE;QACZ,gBAAM,CAAC,KAAK,CAAC,6CAA6C,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;QACzE,gBAAM,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,CAAC,KAAK,CAAC,CAAC;QACvC,OAAO,EAAE,QAAQ,EAAE,qBAAQ,CAAC,IAAI,EAAE,WAAW,EAAE,EAAE,EAAE,gBAAgB,EAAE,IAAA,+BAAuB,EAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;KACvH;IAED,OAAO,qBAAqB,CAAC;AAC/B,CAAC,CAAC;AAfW,QAAA,aAAa,iBAexB"}
|