@robelest/convex-auth 0.0.1

package/dist/server/implementation/index.js

@@ -0,0 +1,521 @@
+import { actionGeneric, httpActionGeneric, internalMutationGeneric, } from "convex/server";
+import { ConvexError, v } from "convex/values";
+import { parse as parseCookies, serialize as serializeCookie } from "cookie";
+import { redirectToParamCookie, useRedirectToParam } from "../cookies.js";
+import { configDefaults, listAvailableProviders, materializeProvider, } from "../provider_utils.js";
+import { requireEnv } from "../utils.js";
+export { authTables } from "./types.js";
+import { LOG_LEVELS, TOKEN_SUB_CLAIM_DIVIDER, logError, logWithLevel, } from "./utils.js";
+import { callCreateAccountFromCredentials, callInvalidateSessions, callModifyAccount, callRetreiveAccountWithCredentials, callSignOut, callUserOAuth, callVerifierSignature, storeArgs, storeImpl, } from "./mutations/index.js";
+import { signInImpl } from "./signIn.js";
+import { redirectAbsoluteUrl, setURLSearchParam } from "./redirects.js";
+import { getAuthorizationUrl } from "../oauth/authorizationUrl.js";
+import { defaultCookiesOptions, oAuthConfigToInternalProvider, } from "../oauth/convexAuth.js";
+import { handleOAuth } from "../oauth/callback.js";
+export { getAuthSessionId } from "./sessions.js";
+/**
+ * Configure the Convex Auth library. Returns an object with
+ * functions and `auth` helper. You must export the functions
+ * from `convex/auth.ts` to make them callable:
+ *
+ * ```ts filename="convex/auth.ts"
+ * import { Auth } from "@robelest/convex-auth/component";
+ *
+ * export const { auth, signIn, signOut, store } = Auth({
+ *   providers: [],
+ * });
+ * ```
+ *
+ * @returns An object with fields you should reexport from your
+ *          `convex/auth.ts` file.
+ */
+export function Auth(config_) {
+    const config = configDefaults(config_);
+    const hasOAuth = config.providers.some((provider) => provider.type === "oauth" || provider.type === "oidc");
+    const getProvider = (id, allowExtraProviders = false) => {
+        return (config.providers.find((provider) => provider.id === id) ??
+            (allowExtraProviders
+                ? config.extraProviders.find((provider) => provider.id === id)
+                : undefined));
+    };
+    const getProviderOrThrow = (id, allowExtraProviders = false) => {
+        const provider = getProvider(id, allowExtraProviders);
+        if (provider === undefined) {
+            const message = `Provider \`${id}\` is not configured, ` +
+                `available providers are ${listAvailableProviders(config, allowExtraProviders)}.`;
+            logWithLevel(LOG_LEVELS.ERROR, message);
+            throw new Error(message);
+        }
+        return provider;
+    };
+    const enrichCtx = (ctx) => ({ ...ctx, auth: { ...ctx.auth, config } });
+    const requireComponent = () => {
+        if (config.component === undefined) {
+            throw new Error("Auth component is not configured. Pass `component: components.auth` in Auth config.");
+        }
+        return config.component;
+    };
+    const auth = {
+        user: {
+            current: async (ctx) => {
+                const identity = await ctx.auth.getUserIdentity();
+                if (identity === null) {
+                    return null;
+                }
+                const [userId] = identity.subject.split(TOKEN_SUB_CLAIM_DIVIDER);
+                return userId;
+            },
+            require: async (ctx) => {
+                const identity = await ctx.auth.getUserIdentity();
+                if (identity === null) {
+                    throw new Error("Not signed in");
+                }
+                const [userId] = identity.subject.split(TOKEN_SUB_CLAIM_DIVIDER);
+                return userId;
+            },
+            get: async (ctx, userId) => {
+                const component = requireComponent();
+                return await ctx.runQuery(component.public.userGetById, { userId });
+            },
+            viewer: async (ctx) => {
+                const userId = await auth.user.current(ctx);
+                if (userId === null) {
+                    return null;
+                }
+                const component = requireComponent();
+                return await ctx.runQuery(component.public.userGetById, { userId });
+            },
+        },
+        organization: {
+            create: async (ctx, data) => {
+                const component = requireComponent();
+                return (await ctx.runMutation(component.public.organizationCreate, {
+                    data,
+                }));
+            },
+            get: async (ctx, organizationId) => {
+                const component = requireComponent();
+                return await ctx.runQuery(component.public.organizationGet, {
+                    organizationId,
+                });
+            },
+            list: async (ctx, ownerUserId) => {
+                const component = requireComponent();
+                return await ctx.runQuery(component.public.organizationList, {
+                    ownerUserId,
+                });
+            },
+            update: async (ctx, organizationId, data) => {
+                const component = requireComponent();
+                await ctx.runMutation(component.public.organizationUpdate, {
+                    organizationId,
+                    data,
+                });
+            },
+            delete: async (ctx, organizationId) => {
+                const component = requireComponent();
+                await ctx.runMutation(component.public.organizationDelete, {
+                    organizationId,
+                });
+            },
+            member: {
+                add: async (ctx, data) => {
+                    const component = requireComponent();
+                    return (await ctx.runMutation(component.public.memberAdd, {
+                        data,
+                    }));
+                },
+                remove: async (ctx, memberId) => {
+                    const component = requireComponent();
+                    await ctx.runMutation(component.public.memberRemove, { memberId });
+                },
+                list: async (ctx, args) => {
+                    const component = requireComponent();
+                    return await ctx.runQuery(component.public.memberList, args);
+                },
+                role: {
+                    set: async (ctx, memberId, role) => {
+                        const component = requireComponent();
+                        await ctx.runMutation(component.public.memberRoleSet, {
+                            memberId,
+                            role,
+                        });
+                    },
+                    get: async (ctx, memberId) => {
+                        const component = requireComponent();
+                        return await ctx.runQuery(component.public.memberRoleGet, {
+                            memberId,
+                        });
+                    },
+                },
+            },
+        },
+        invite: {
+            create: async (ctx, data) => {
+                const component = requireComponent();
+                return (await ctx.runMutation(component.public.inviteCreate, {
+                    data,
+                }));
+            },
+            get: async (ctx, inviteId) => {
+                const component = requireComponent();
+                return await ctx.runQuery(component.public.inviteGet, { inviteId });
+            },
+            list: async (ctx, args) => {
+                const component = requireComponent();
+                return await ctx.runQuery(component.public.inviteList, args);
+            },
+            accept: async (ctx, inviteId) => {
+                const component = requireComponent();
+                await ctx.runMutation(component.public.inviteAccept, { inviteId });
+            },
+            revoke: async (ctx, inviteId) => {
+                const component = requireComponent();
+                await ctx.runMutation(component.public.inviteRevoke, { inviteId });
+            },
+        },
+        /**
+         * Add HTTP actions for JWT verification and OAuth sign-in.
+         *
+         * ```ts
+         * import { httpRouter } from "convex/server";
+         * import { auth } from "./auth.js";
+         *
+         * const http = httpRouter();
+         *
+         * auth.addHttpRoutes(http);
+         *
+         * export default http;
+         * ```
+         *
+         * The following routes are handled always:
+         *
+         * - `/.well-known/openid-configuration`
+         * - `/.well-known/jwks.json`
+         *
+         * The following routes are handled if OAuth is configured:
+         *
+         * - `/api/auth/signin/*`
+         * - `/api/auth/callback/*`
+         *
+         * @param http your HTTP router
+         */
+        addHttpRoutes: (http) => {
+            http.route({
+                path: "/.well-known/openid-configuration",
+                method: "GET",
+                handler: httpActionGeneric(async () => {
+                    return new Response(JSON.stringify({
+                        issuer: requireEnv("CONVEX_SITE_URL"),
+                        jwks_uri: requireEnv("CONVEX_SITE_URL") + "/.well-known/jwks.json",
+                        authorization_endpoint: requireEnv("CONVEX_SITE_URL") + "/oauth/authorize",
+                    }), {
+                        status: 200,
+                        headers: {
+                            "Content-Type": "application/json",
+                            "Cache-Control": "public, max-age=15, stale-while-revalidate=15, stale-if-error=86400",
+                        },
+                    });
+                }),
+            });
+            http.route({
+                path: "/.well-known/jwks.json",
+                method: "GET",
+                handler: httpActionGeneric(async () => {
+                    return new Response(requireEnv("JWKS"), {
+                        status: 200,
+                        headers: {
+                            "Content-Type": "application/json",
+                            "Cache-Control": "public, max-age=15, stale-while-revalidate=15, stale-if-error=86400",
+                        },
+                    });
+                }),
+            });
+            if (hasOAuth) {
+                http.route({
+                    pathPrefix: "/api/auth/signin/",
+                    method: "GET",
+                    handler: httpActionGeneric(convertErrorsToResponse(400, async (ctx, request) => {
+                        const url = new URL(request.url);
+                        const pathParts = url.pathname.split("/");
+                        const providerId = pathParts.at(-1);
+                        if (providerId === null) {
+                            throw new Error("Missing provider id");
+                        }
+                        const verifier = url.searchParams.get("code");
+                        if (verifier === null) {
+                            throw new Error("Missing sign-in verifier");
+                        }
+                        const provider = getProviderOrThrow(providerId);
+                        const { redirect, cookies, signature } = await getAuthorizationUrl({
+                            provider: await oAuthConfigToInternalProvider(provider),
+                            cookies: defaultCookiesOptions(providerId),
+                        });
+                        await callVerifierSignature(ctx, {
+                            verifier,
+                            signature,
+                        });
+                        const redirectTo = url.searchParams.get("redirectTo");
+                        if (redirectTo !== null) {
+                            cookies.push(redirectToParamCookie(providerId, redirectTo));
+                        }
+                        const headers = new Headers({ Location: redirect });
+                        for (const { name, value, options } of cookies) {
+                            headers.append("Set-Cookie", serializeCookie(name, value, options));
+                        }
+                        return new Response(null, { status: 302, headers });
+                    })),
+                });
+                const callbackAction = httpActionGeneric(async (genericCtx, request) => {
+                    const ctx = genericCtx;
+                    const url = new URL(request.url);
+                    const pathParts = url.pathname.split("/");
+                    const providerId = pathParts.at(-1);
+                    logWithLevel(LOG_LEVELS.DEBUG, "Handling OAuth callback for provider:", providerId);
+                    const provider = getProviderOrThrow(providerId);
+                    const cookies = getCookies(request);
+                    const maybeRedirectTo = useRedirectToParam(provider.id, cookies);
+                    const destinationUrl = await redirectAbsoluteUrl(config, {
+                        redirectTo: maybeRedirectTo?.redirectTo,
+                    });
+                    const params = url.searchParams;
+                    // Handle OAuth providers that use formData (such as Apple)
+                    if (request.headers.get("Content-Type") ===
+                        "application/x-www-form-urlencoded") {
+                        const formData = await request.formData();
+                        for (const [key, value] of formData.entries()) {
+                            if (typeof value === "string") {
+                                params.append(key, value);
+                            }
+                        }
+                    }
+                    try {
+                        const { profile, tokens, signature } = await handleOAuth(Object.fromEntries(params.entries()), cookies, {
+                            provider: await oAuthConfigToInternalProvider(provider),
+                            cookies: defaultCookiesOptions(provider.id),
+                        });
+                        const { id, ...profileFromCallback } = await provider.profile(profile, tokens);
+                        if (typeof id !== "string") {
+                            throw new Error(`The profile method of the ${providerId} config must return a string ID`);
+                        }
+                        const verificationCode = await callUserOAuth(ctx, {
+                            provider: providerId,
+                            providerAccountId: id,
+                            profile: profileFromCallback,
+                            signature,
+                        });
+                        return new Response(null, {
+                            status: 302,
+                            headers: {
+                                Location: setURLSearchParam(destinationUrl, "code", verificationCode),
+                                "Cache-Control": "must-revalidate",
+                            },
+                        });
+                    }
+                    catch (error) {
+                        logError(error);
+                        return Response.redirect(destinationUrl);
+                    }
+                });
+                http.route({
+                    pathPrefix: "/api/auth/callback/",
+                    method: "GET",
+                    handler: callbackAction,
+                });
+                http.route({
+                    pathPrefix: "/api/auth/callback/",
+                    method: "POST",
+                    handler: callbackAction,
+                });
+            }
+        },
+    };
+    return {
+        /**
+         * Helper for configuring HTTP actions.
+         */
+        auth,
+        /**
+         * Action called by the client to sign the user in.
+         *
+         * Also used for refreshing the session.
+         */
+        signIn: actionGeneric({
+            args: {
+                provider: v.optional(v.string()),
+                params: v.optional(v.any()),
+                verifier: v.optional(v.string()),
+                refreshToken: v.optional(v.string()),
+                calledBy: v.optional(v.string()),
+            },
+            handler: async (ctx, args) => {
+                if (args.calledBy !== undefined) {
+                    logWithLevel("INFO", `\`auth:signIn\` called by ${args.calledBy}`);
+                }
+                const provider = args.provider !== undefined
+                    ? getProviderOrThrow(args.provider)
+                    : null;
+                const result = await signInImpl(enrichCtx(ctx), provider, args, {
+                    generateTokens: true,
+                    allowExtraProviders: false,
+                });
+                switch (result.kind) {
+                    case "redirect":
+                        return { redirect: result.redirect, verifier: result.verifier };
+                    case "signedIn":
+                    case "refreshTokens":
+                        return { tokens: result.signedIn?.tokens ?? null };
+                    case "started":
+                        return { started: true };
+                    default: {
+                        const _typecheck = result;
+                        throw new Error(`Unexpected result from signIn, ${result}`);
+                    }
+                }
+            },
+        }),
+        /**
+         * Action called by the client to invalidate the current session.
+         */
+        signOut: actionGeneric({
+            args: {},
+            handler: async (ctx) => {
+                await callSignOut(ctx);
+            },
+        }),
+        /**
+         * Internal mutation used by the library to read and write
+         * to the database during signin and signout.
+         */
+        store: internalMutationGeneric({
+            args: storeArgs,
+            handler: async (ctx, args) => {
+                return storeImpl(ctx, args, getProviderOrThrow, config);
+            },
+        }),
+    };
+}
+/**
+ * Return the currently signed-in user's ID.
+ *
+ * ```ts filename="convex/myFunctions.tsx"
+ * import { mutation } from "./_generated/server";
+ * import { getAuthUserId } from "@robelest/convex-auth/component";
+ *
+ * export const doSomething = mutation({
+ *   args: {/* ... *\/},
+ *   handler: async (ctx, args) => {
+ *     const userId = await getAuthUserId(ctx);
+ *     if (userId === null) {
+ *       throw new Error("Client is not authenticated!")
+ *     }
+ *     const user = await ctx.db.get(userId);
+ *     // ...
+ *   },
+ * });
+ * ```
+ *
+ * @param ctx query, mutation or action `ctx`
+ * @returns the user ID or `null` if the client isn't authenticated
+ */
+export async function getAuthUserId(ctx) {
+    const identity = await ctx.auth.getUserIdentity();
+    if (identity === null) {
+        return null;
+    }
+    const [userId] = identity.subject.split(TOKEN_SUB_CLAIM_DIVIDER);
+    return userId;
+}
+/**
+ * Use this function from a
+ * [`ConvexCredentials`](https://labs.convex.dev/auth/api_reference/providers/ConvexCredentials)
+ * provider to create an account and a user with a unique account "id" (OAuth
+ * provider ID, email address, phone number, username etc.).
+ *
+ * @returns user ID if it successfully creates the account
+ * or throws an error.
+ */
+export async function createAccount(ctx, args) {
+    const actionCtx = ctx;
+    return (await callCreateAccountFromCredentials(actionCtx, args));
+}
+/**
+ * Use this function from a
+ * [`ConvexCredentials`](https://labs.convex.dev/auth/api_reference/providers/ConvexCredentials)
+ * provider to retrieve a user given the account provider ID and
+ * the provider-specific account ID.
+ *
+ * @returns the retrieved user document, or `null` if there is no account
+ * for given account ID or throws if the provided
+ * secret does not match.
+ */
+export async function retrieveAccount(ctx, args) {
+    const actionCtx = ctx;
+    const result = await callRetreiveAccountWithCredentials(actionCtx, args);
+    if (typeof result === "string") {
+        throw new Error(result);
+    }
+    return result;
+}
+/**
+ * Use this function to modify the account credentials
+ * from a [`ConvexCredentials`](https://labs.convex.dev/auth/api_reference/providers/ConvexCredentials)
+ * provider.
+ */
+export async function modifyAccountCredentials(ctx, args) {
+    const actionCtx = ctx;
+    return await callModifyAccount(actionCtx, args);
+}
+/**
+ * Use this function to invalidate existing sessions.
+ */
+export async function invalidateSessions(ctx, args) {
+    const actionCtx = ctx;
+    return await callInvalidateSessions(actionCtx, args);
+}
+/**
+ * Use this function from a
+ * [`ConvexCredentials`](https://labs.convex.dev/auth/api_reference/providers/ConvexCredentials)
+ * provider to sign in the user via another provider (usually
+ * for email verification on sign up or password reset).
+ *
+ * Returns the user ID if the sign can proceed,
+ * or `null`.
+ */
+export async function signInViaProvider(ctx, provider, args) {
+    const result = await signInImpl(ctx, materializeProvider(provider), args, {
+        generateTokens: false,
+        allowExtraProviders: true,
+    });
+    return result.kind === "signedIn"
+        ? result.signedIn !== null
+            ? { userId: result.signedIn.userId, sessionId: result.signedIn.sessionId }
+            : null
+        : null;
+}
+function convertErrorsToResponse(errorStatusCode, action) {
+    return async (ctx, request) => {
+        try {
+            return await action(ctx, request);
+        }
+        catch (error) {
+            if (error instanceof ConvexError) {
+                return new Response(null, {
+                    status: errorStatusCode,
+                    statusText: error.data,
+                });
+            }
+            else {
+                logError(error);
+                return new Response(null, {
+                    status: 500,
+                    statusText: "Internal Server Error",
+                });
+            }
+        }
+    };
+}
+function getCookies(request) {
+    return parseCookies(request.headers.get("Cookie") ?? "");
+}
+//# sourceMappingURL=index.js.map

package/dist/server/implementation/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/server/implementation/index.ts"],"names":[],"mappings":"AACA,OAAO,EAOL,aAAa,EACb,iBAAiB,EACjB,uBAAuB,GACxB,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,WAAW,EAAoB,CAAC,EAAE,MAAM,eAAe,CAAC;AACjE,OAAO,EAAE,KAAK,IAAI,YAAY,EAAE,SAAS,IAAI,eAAe,EAAE,MAAM,QAAQ,CAAC;AAC7E,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAE1E,OAAO,EACL,cAAc,EACd,sBAAsB,EACtB,mBAAmB,GACpB,MAAM,sBAAsB,CAAC;AAM9B,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,UAAU,EAAe,MAAM,YAAY,CAAC;AACrD,OAAO,EACL,UAAU,EACV,uBAAuB,EACvB,QAAQ,EACR,YAAY,GACb,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,gCAAgC,EAChC,sBAAsB,EACtB,iBAAiB,EACjB,kCAAkC,EAClC,WAAW,EACX,aAAa,EACb,qBAAqB,EACrB,SAAS,EACT,SAAS,GACV,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACxE,OAAO,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AACnE,OAAO,EACL,qBAAqB,EACrB,6BAA6B,GAC9B,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAoBjD;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,IAAI,CAAC,OAAyB;IAC5C,MAAM,MAAM,GAAG,cAAc,CAAC,OAAc,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC,IAAI,CACpC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,KAAK,OAAO,IAAI,QAAQ,CAAC,IAAI,KAAK,MAAM,CACpE,CAAC;IACF,MAAM,WAAW,GAAG,CAAC,EAAU,EAAE,sBAA+B,KAAK,EAAE,EAAE;QACvE,OAAO,CACL,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,KAAK,EAAE,CAAC;YACvD,CAAC,mBAAmB;gBAClB,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,KAAK,EAAE,CAAC;gBAC9D,CAAC,CAAC,SAAS,CAAC,CACf,CAAC;IACJ,CAAC,CAAC;IACF,MAAM,kBAAkB,GAA2B,CACjD,EAAU,EACV,sBAA+B,KAAK,EACpC,EAAE;QACF,MAAM,QAAQ,GAAG,WAAW,CAAC,EAAE,EAAE,mBAAmB,CAAC,CAAC;QACtD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,MAAM,OAAO,GACX,cAAc,EAAE,wBAAwB;gBACxC,2BAA2B,sBAAsB,CAAC,MAAM,EAAE,mBAAmB,CAAC,GAAG,CAAC;YACpF,YAAY,CAAC,UAAU,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC,CAAC;IACF,MAAM,SAAS,GAAG,CAChB,GAAgC,EAChC,EAAE,CAAC,CAAC,EAAE,GAAG,GAAG,EAAE,IAAI,EAAE,EAAE,GAAG,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;IACjD,MAAM,gBAAgB,GAAG,GAAG,EAAE;QAC5B,IAAI,MAAM,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb,qFAAqF,CACtF,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC,SAAS,CAAC;IAC1B,CAAC,CAAC;IAQF,MAAM,IAAI,GAAG;QACX,IAAI,EAAE;YACJ,OAAO,EAAE,KAAK,EAAE,GAAmB,EAAE,EAAE;gBACrC,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;gBAClD,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;oBACtB,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,MAAM,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;gBACjE,OAAO,MAA2B,CAAC;YACrC,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,GAAmB,EAAE,EAAE;gBACrC,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;gBAClD,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;oBACtB,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;gBACnC,CAAC;gBACD,MAAM,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;gBACjE,OAAO,MAA2B,CAAC;YACrC,CAAC;YACD,GAAG,EAAE,KAAK,EAAE,GAAqB,EAAE,MAAc,EAAE,EAAE;gBACnD,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;YACtE,CAAC;YACD,MAAM,EAAE,KAAK,EAAE,GAAyB,EAAE,EAAE;gBAC1C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBAC5C,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;oBACpB,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;YACtE,CAAC;SACF;QACD,YAAY,EAAE;YACZ,MAAM,EAAE,KAAK,EACX,GAAiB,EACjB,IAA6B,EACZ,EAAE;gBACnB,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,OAAO,CAAC,MAAM,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,kBAAmB,EAAE;oBAClE,IAAI;iBACL,CAAC,CAAW,CAAC;YAChB,CAAC;YACD,GAAG,EAAE,KAAK,EAAE,GAAiB,EAAE,cAAsB,EAAE,EAAE;gBACvD,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,eAAgB,EAAE;oBAC3D,cAAc;iBACf,CAAC,CAAC;YACL,CAAC;YACD,IAAI,EAAE,KAAK,EACT,GAAiB,EACjB,WAAoB,EACpB,EAAE;gBACF,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,gBAAiB,EAAE;oBAC5D,WAAW;iBACZ,CAAC,CAAC;YACL,CAAC;YACD,MAAM,EAAE,KAAK,EACX,GAAiB,EACjB,cAAsB,EACtB,IAA6B,EAC7B,EAAE;gBACF,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,MAAM,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,kBAAmB,EAAE;oBAC1D,cAAc;oBACd,IAAI;iBACL,CAAC,CAAC;YACL,CAAC;YACD,MAAM,EAAE,KAAK,EAAE,GAAiB,EAAE,cAAsB,EAAE,EAAE;gBAC1D,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,MAAM,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,kBAAmB,EAAE;oBAC1D,cAAc;iBACf,CAAC,CAAC;YACL,CAAC;YACD,MAAM,EAAE;gBACN,GAAG,EAAE,KAAK,EACR,GAAiB,EACjB,IAA6B,EACZ,EAAE;oBACnB,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;oBACrC,OAAO,CAAC,MAAM,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,SAAU,EAAE;wBACzD,IAAI;qBACL,CAAC,CAAW,CAAC;gBAChB,CAAC;gBACD,MAAM,EAAE,KAAK,EAAE,GAAiB,EAAE,QAAgB,EAAE,EAAE;oBACpD,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;oBACrC,MAAM,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,YAAa,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;gBACtE,CAAC;gBACD,IAAI,EAAE,KAAK,EACT,GAAiB,EACjB,IAAiD,EACjD,EAAE;oBACF,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;oBACrC,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,UAAW,EAAE,IAAI,CAAC,CAAC;gBAChE,CAAC;gBACD,IAAI,EAAE;oBACJ,GAAG,EAAE,KAAK,EAAE,GAAiB,EAAE,QAAgB,EAAE,IAAY,EAAE,EAAE;wBAC/D,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;wBACrC,MAAM,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,aAAc,EAAE;4BACrD,QAAQ;4BACR,IAAI;yBACL,CAAC,CAAC;oBACL,CAAC;oBACD,GAAG,EAAE,KAAK,EAAE,GAAiB,EAAE,QAAgB,EAAE,EAAE;wBACjD,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;wBACrC,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,aAAc,EAAE;4BACzD,QAAQ;yBACT,CAAC,CAAC;oBACL,CAAC;iBACF;aACF;SACF;QACD,MAAM,EAAE;YACN,MAAM,EAAE,KAAK,EACX,GAAiB,EACjB,IAA6B,EACZ,EAAE;gBACnB,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,OAAO,CAAC,MAAM,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,YAAa,EAAE;oBAC5D,IAAI;iBACL,CAAC,CAAW,CAAC;YAChB,CAAC;YACD,GAAG,EAAE,KAAK,EAAE,GAAiB,EAAE,QAAgB,EAAE,EAAE;gBACjD,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,SAAU,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,IAAI,EAAE,KAAK,EACT,GAAiB,EACjB,IAAkD,EAClD,EAAE;gBACF,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,UAAW,EAAE,IAAI,CAAC,CAAC;YAChE,CAAC;YACD,MAAM,EAAE,KAAK,EAAE,GAAiB,EAAE,QAAgB,EAAE,EAAE;gBACpD,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,MAAM,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,YAAa,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;YACtE,CAAC;YACD,MAAM,EAAE,KAAK,EAAE,GAAiB,EAAE,QAAgB,EAAE,EAAE;gBACpD,MAAM,SAAS,GAAG,gBAAgB,EAAE,CAAC;gBACrC,MAAM,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,YAAa,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;YACtE,CAAC;SACF;QACD;;;;;;;;;;;;;;;;;;;;;;;;;WAyBG;QACH,aAAa,EAAE,CAAC,IAAgB,EAAE,EAAE;YAClC,IAAI,CAAC,KAAK,CAAC;gBACT,IAAI,EAAE,mCAAmC;gBACzC,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,iBAAiB,CAAC,KAAK,IAAI,EAAE;oBACpC,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;wBACb,MAAM,EAAE,UAAU,CAAC,iBAAiB,CAAC;wBACrC,QAAQ,EACN,UAAU,CAAC,iBAAiB,CAAC,GAAG,wBAAwB;wBAC1D,sBAAsB,EACpB,UAAU,CAAC,iBAAiB,CAAC,GAAG,kBAAkB;qBACrD,CAAC,EACF;wBACE,MAAM,EAAE,GAAG;wBACX,OAAO,EAAE;4BACP,cAAc,EAAE,kBAAkB;4BAClC,eAAe,EACb,qEAAqE;yBACxE;qBACF,CACF,CAAC;gBACJ,CAAC,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,CAAC,KAAK,CAAC;gBACT,IAAI,EAAE,wBAAwB;gBAC9B,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,iBAAiB,CAAC,KAAK,IAAI,EAAE;oBACpC,OAAO,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE;wBACtC,MAAM,EAAE,GAAG;wBACX,OAAO,EAAE;4BACP,cAAc,EAAE,kBAAkB;4BAClC,eAAe,EACb,qEAAqE;yBACxE;qBACF,CAAC,CAAC;gBACL,CAAC,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAI,CAAC,KAAK,CAAC;oBACT,UAAU,EAAE,mBAAmB;oBAC/B,MAAM,EAAE,KAAK;oBACb,OAAO,EAAE,iBAAiB,CACxB,uBAAuB,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE;wBAClD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;wBACjC,MAAM,SAAS,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;wBAC1C,MAAM,UAAU,GAAG,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAC;wBACrC,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;4BACxB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;wBACzC,CAAC;wBACD,MAAM,QAAQ,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;wBAC9C,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;4BACtB,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;wBAC9C,CAAC;wBACD,MAAM,QAAQ,GAAG,kBAAkB,CACjC,UAAU,CACS,CAAC;wBACtB,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,GACpC,MAAM,mBAAmB,CAAC;4BACxB,QAAQ,EAAE,MAAM,6BAA6B,CAAC,QAAQ,CAAC;4BACvD,OAAO,EAAE,qBAAqB,CAAC,UAAU,CAAC;yBAC3C,CAAC,CAAC;wBAEL,MAAM,qBAAqB,CAAC,GAAG,EAAE;4BAC/B,QAAQ;4BACR,SAAS;yBACV,CAAC,CAAC;wBAEH,MAAM,UAAU,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;wBAEtD,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;4BACxB,OAAO,CAAC,IAAI,CAAC,qBAAqB,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC;wBAC9D,CAAC;wBAED,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;wBACpD,KAAK,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,OAAO,EAAE,CAAC;4BAC/C,OAAO,CAAC,MAAM,CACZ,YAAY,EACZ,eAAe,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CACtC,CAAC;wBACJ,CAAC;wBAED,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC;oBACtD,CAAC,CAAC,CACH;iBACF,CAAC,CAAC;gBAEH,MAAM,cAAc,GAAG,iBAAiB,CACtC,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,EAAE;oBAC5B,MAAM,GAAG,GAAG,UAAkC,CAAC;oBAC/C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;oBACjC,MAAM,SAAS,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;oBAC1C,MAAM,UAAU,GAAG,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAC;oBACrC,YAAY,CACV,UAAU,CAAC,KAAK,EAChB,uCAAuC,EACvC,UAAU,CACX,CAAC;oBACF,MAAM,QAAQ,GAAG,kBAAkB,CACjC,UAAU,CACU,CAAC;oBAEvB,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;oBAEpC,MAAM,eAAe,GAAG,kBAAkB,CAAC,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;oBAEjE,MAAM,cAAc,GAAG,MAAM,mBAAmB,CAAC,MAAM,EAAE;wBACvD,UAAU,EAAE,eAAe,EAAE,UAAU;qBACxC,CAAC,CAAC;oBAEH,MAAM,MAAM,GAAG,GAAG,CAAC,YAAY,CAAC;oBAEhC,2DAA2D;oBAC3D,IACE,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;wBACnC,mCAAmC,EACnC,CAAC;wBACD,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,QAAQ,EAAE,CAAC;wBAC1C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC;4BAC9C,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gCAC9B,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;4BAC5B,CAAC;wBACH,CAAC;oBACH,CAAC;oBAED,IAAI,CAAC;wBACH,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,WAAW,CACtD,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,EACpC,OAAO,EACP;4BACE,QAAQ,EAAE,MAAM,6BAA6B,CAAC,QAAQ,CAAC;4BACvD,OAAO,EAAE,qBAAqB,CAAC,QAAQ,CAAC,EAAE,CAAC;yBAC5C,CACF,CAAC;wBAEF,MAAM,EAAE,EAAE,EAAE,GAAG,mBAAmB,EAAE,GAAG,MAAM,QAAQ,CAAC,OAAQ,CAC5D,OAAO,EACP,MAAM,CACP,CAAC;wBAEF,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE,CAAC;4BAC3B,MAAM,IAAI,KAAK,CACb,6BAA6B,UAAU,iCAAiC,CACzE,CAAC;wBACJ,CAAC;wBAED,MAAM,gBAAgB,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE;4BAChD,QAAQ,EAAE,UAAU;4BACpB,iBAAiB,EAAE,EAAE;4BACrB,OAAO,EAAE,mBAAmB;4BAC5B,SAAS;yBACV,CAAC,CAAC;wBAEH,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;4BACxB,MAAM,EAAE,GAAG;4BACX,OAAO,EAAE;gCACP,QAAQ,EAAE,iBAAiB,CACzB,cAAc,EACd,MAAM,EACN,gBAAgB,CACjB;gCACD,eAAe,EAAE,iBAAiB;6BACnC;yBACF,CAAC,CAAC;oBACL,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,QAAQ,CAAC,KAAK,CAAC,CAAC;wBAChB,OAAO,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;oBAC3C,CAAC;gBACH,CAAC,CACF,CAAC;gBAEF,IAAI,CAAC,KAAK,CAAC;oBACT,UAAU,EAAE,qBAAqB;oBACjC,MAAM,EAAE,KAAK;oBACb,OAAO,EAAE,cAAc;iBACxB,CAAC,CAAC;gBAEH,IAAI,CAAC,KAAK,CAAC;oBACT,UAAU,EAAE,qBAAqB;oBACjC,MAAM,EAAE,MAAM;oBACd,OAAO,EAAE,cAAc;iBACxB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;KACF,CAAC;IACF,OAAO;QACL;;WAEG;QACH,IAAI;QACJ;;;;WAIG;QACH,MAAM,EAAE,aAAa,CAAC;YACpB,IAAI,EAAE;gBACJ,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;gBAChC,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;gBAC3B,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;gBAChC,YAAY,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;gBACpC,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;aACjC;YACD,OAAO,EAAE,KAAK,EACZ,GAAG,EACH,IAAI,EAMH,EAAE;gBACH,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAChC,YAAY,CAAC,MAAM,EAAE,6BAA6B,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;gBACrE,CAAC;gBACD,MAAM,QAAQ,GACZ,IAAI,CAAC,QAAQ,KAAK,SAAS;oBACzB,CAAC,CAAC,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC;oBACnC,CAAC,CAAC,IAAI,CAAC;gBACX,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE;oBAC9D,cAAc,EAAE,IAAI;oBACpB,mBAAmB,EAAE,KAAK;iBAC3B,CAAC,CAAC;gBACH,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;oBACpB,KAAK,UAAU;wBACb,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC;oBAClE,KAAK,UAAU,CAAC;oBAChB,KAAK,eAAe;wBAClB,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,IAAI,IAAI,EAAE,CAAC;oBACrD,KAAK,SAAS;wBACZ,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;oBAC3B,OAAO,CAAC,CAAC,CAAC;wBACR,MAAM,UAAU,GAAU,MAAM,CAAC;wBACjC,MAAM,IAAI,KAAK,CAAC,kCAAkC,MAAa,EAAE,CAAC,CAAC;oBACrE,CAAC;gBACH,CAAC;YACH,CAAC;SACF,CAAC;QACF;;WAEG;QACH,OAAO,EAAE,aAAa,CAAC;YACrB,IAAI,EAAE,EAAE;YACR,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBACrB,MAAM,WAAW,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;SACF,CAAC;QAEF;;;WAGG;QACH,KAAK,EAAE,uBAAuB,CAAC;YAC7B,IAAI,EAAE,SAAS;YACf,OAAO,EAAE,KAAK,EAAE,GAAgB,EAAE,IAAI,EAAE,EAAE;gBACxC,OAAO,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,kBAAkB,EAAE,MAAM,CAAC,CAAC;YAC1D,CAAC;SACF,CAAC;KAEH,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,GAAmB;IACrD,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;IAClD,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QACtB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;IACjE,OAAO,MAA2B,CAAC;AACrC,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAGjC,GAAgC,EAChC,IAqCC;IAKD,MAAM,SAAS,GAAG,GAA2B,CAAC;IAC9C,OAAO,CAAC,MAAM,gCAAgC,CAC5C,SAAS,EACT,IAAW,CACZ,CAAQ,CAAC;AACZ,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAGnC,GAAgC,EAChC,IAkBC;IAKD,MAAM,SAAS,GAAG,GAA2B,CAAC;IAC9C,MAAM,MAAM,GAAG,MAAM,kCAAkC,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACzE,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,MAAa,CAAC;AACvB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAG5C,GAAgC,EAChC,IAiBC;IAED,MAAM,SAAS,GAAG,GAA2B,CAAC;IAC9C,OAAO,MAAM,iBAAiB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAGtC,GAAgC,EAChC,IAGC;IAED,MAAM,SAAS,GAAG,GAA2B,CAAC;IAC9C,OAAO,MAAM,sBAAsB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;AACvD,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAGrC,GAA8C,EAC9C,QAA4B,EAC5B,IAGC;IAED,MAAM,MAAM,GAAG,MAAM,UAAU,CAC7B,GAAG,EACH,mBAAmB,CAAC,QAAQ,CAAC,EAC7B,IAAW,EACX;QACA,cAAc,EAAE,KAAK;QACrB,mBAAmB,EAAE,IAAI;KACxB,CACF,CAAC;IACF,OAAO,MAAM,CAAC,IAAI,KAAK,UAAU;QAC/B,CAAC,CAAC,MAAM,CAAC,QAAQ,KAAK,IAAI;YACxB,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,SAAS,EAAE;YAC1E,CAAC,CAAC,IAAI;QACR,CAAC,CAAC,IAAI,CAAC;AACX,CAAC;AAED,SAAS,uBAAuB,CAC9B,eAAuB,EACvB,MAA2E;IAE3E,OAAO,KAAK,EAAE,GAA0B,EAAE,OAAgB,EAAE,EAAE;QAC5D,IAAI,CAAC;YACH,OAAO,MAAM,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,WAAW,EAAE,CAAC;gBACjC,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;oBACxB,MAAM,EAAE,eAAe;oBACvB,UAAU,EAAE,KAAK,CAAC,IAAI;iBACvB,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,KAAK,CAAC,CAAC;gBAChB,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;oBACxB,MAAM,EAAE,GAAG;oBACX,UAAU,EAAE,uBAAuB;iBACpC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AACD,SAAS,UAAU,CAAC,OAAgB;IAClC,OAAO,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;AAC3D,CAAC"}

package/dist/server/implementation/mutations/createAccountFromCredentials.d.ts

@@ -0,0 +1,33 @@
+import { Infer } from "convex/values";
+import { ActionCtx, Doc, MutationCtx } from "../types.js";
+import * as Provider from "../provider.js";
+export declare const createAccountFromCredentialsArgs: import("convex/values").VObject<{
+    shouldLinkViaEmail?: boolean | undefined;
+    shouldLinkViaPhone?: boolean | undefined;
+    profile: any;
+    account: {
+        secret?: string | undefined;
+        id: string;
+    };
+    provider: string;
+}, {
+    provider: import("convex/values").VString<string, "required">;
+    account: import("convex/values").VObject<{
+        secret?: string | undefined;
+        id: string;
+    }, {
+        id: import("convex/values").VString<string, "required">;
+        secret: import("convex/values").VString<string | undefined, "optional">;
+    }, "required", "id" | "secret">;
+    profile: import("convex/values").VAny<any, "required", string>;
+    shouldLinkViaEmail: import("convex/values").VBoolean<boolean | undefined, "optional">;
+    shouldLinkViaPhone: import("convex/values").VBoolean<boolean | undefined, "optional">;
+}, "required", "profile" | "account" | "provider" | `profile.${string}` | "shouldLinkViaEmail" | "shouldLinkViaPhone" | "account.id" | "account.secret">;
+type ReturnType = {
+    account: Doc<"account">;
+    user: Doc<"user">;
+};
+export declare function createAccountFromCredentialsImpl(ctx: MutationCtx, args: Infer<typeof createAccountFromCredentialsArgs>, getProviderOrThrow: Provider.GetProviderOrThrowFunc, config: Provider.Config): Promise<ReturnType>;
+export declare const callCreateAccountFromCredentials: (ctx: ActionCtx, args: Infer<typeof createAccountFromCredentialsArgs>) => Promise<ReturnType>;
+export {};
+//# sourceMappingURL=createAccountFromCredentials.d.ts.map

package/dist/server/implementation/mutations/createAccountFromCredentials.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"createAccountFromCredentials.d.ts","sourceRoot":"","sources":["../../../../src/server/implementation/mutations/createAccountFromCredentials.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAK,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,GAAG,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1D,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAO3C,eAAO,MAAM,gCAAgC;;;;;;;;;;;;;;;;;;;;;wJAM3C,CAAC;AAEH,KAAK,UAAU,GAAG;IAAE,OAAO,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;IAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,CAAA;CAAE,CAAC;AAEjE,wBAAsB,gCAAgC,CACpD,GAAG,EAAE,WAAW,EAChB,IAAI,EAAE,KAAK,CAAC,OAAO,gCAAgC,CAAC,EACpD,kBAAkB,EAAE,QAAQ,CAAC,sBAAsB,EACnD,MAAM,EAAE,QAAQ,CAAC,MAAM,GACtB,OAAO,CAAC,UAAU,CAAC,CA4ErB;AAED,eAAO,MAAM,gCAAgC,GAC3C,KAAK,SAAS,EACd,MAAM,KAAK,CAAC,OAAO,gCAAgC,CAAC,KACnD,OAAO,CAAC,UAAU,CAOpB,CAAC"}

package/dist/server/implementation/mutations/createAccountFromCredentials.js

@@ -0,0 +1,71 @@
+import { v } from "convex/values";
+import * as Provider from "../provider.js";
+import { upsertUserAndAccount } from "../users.js";
+import { getAuthSessionId } from "../sessions.js";
+import { LOG_LEVELS, logWithLevel, maybeRedact } from "../utils.js";
+import { createAuthDb } from "../db.js";
+export const createAccountFromCredentialsArgs = v.object({
+    provider: v.string(),
+    account: v.object({ id: v.string(), secret: v.optional(v.string()) }),
+    profile: v.any(),
+    shouldLinkViaEmail: v.optional(v.boolean()),
+    shouldLinkViaPhone: v.optional(v.boolean()),
+});
+export async function createAccountFromCredentialsImpl(ctx, args, getProviderOrThrow, config) {
+    logWithLevel(LOG_LEVELS.DEBUG, "createAccountFromCredentialsImpl args:", {
+        provider: args.provider,
+        account: {
+            id: args.account.id,
+            secret: maybeRedact(args.account.secret ?? ""),
+        },
+    });
+    const { provider: providerId, account, profile, shouldLinkViaEmail, shouldLinkViaPhone, } = args;
+    const authDb = config.component !== undefined ? createAuthDb(ctx, config.component) : null;
+    const provider = getProviderOrThrow(providerId);
+    const existingAccount = authDb !== null
+        ? (await authDb.accounts.get(provider.id, account.id))
+        : await ctx.db
+            .query("account")
+            .withIndex("providerAndAccountId", (q) => q.eq("provider", provider.id).eq("providerAccountId", account.id))
+            .unique();
+    if (existingAccount !== null) {
+        if (account.secret !== undefined &&
+            !(await Provider.verify(provider, account.secret, existingAccount.secret ?? ""))) {
+            throw new Error(`Account ${account.id} already exists`);
+        }
+        return {
+            account: existingAccount,
+            // TODO: Ian removed this,
+            user: authDb !== null
+                ? (await authDb.users.getById(existingAccount.userId))
+                : (await ctx.db.get(existingAccount.userId)),
+        };
+    }
+    const secret = account.secret !== undefined
+        ? await Provider.hash(provider, account.secret)
+        : undefined;
+    const { userId, accountId } = await upsertUserAndAccount(ctx, await getAuthSessionId(ctx), { providerAccountId: account.id, secret }, {
+        type: "credentials",
+        provider,
+        profile,
+        shouldLinkViaEmail,
+        shouldLinkViaPhone,
+    }, config);
+    return {
+        account: authDb !== null
+            ? (await authDb.accounts.getById(accountId))
+            : (await ctx.db.get(accountId)),
+        user: authDb !== null
+            ? (await authDb.users.getById(userId))
+            : (await ctx.db.get(userId)),
+    };
+}
+export const callCreateAccountFromCredentials = async (ctx, args) => {
+    return ctx.runMutation("auth:store", {
+        args: {
+            type: "createAccountFromCredentials",
+            ...args,
+        },
+    });
+};
+//# sourceMappingURL=createAccountFromCredentials.js.map

package/dist/server/implementation/mutations/createAccountFromCredentials.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"createAccountFromCredentials.js","sourceRoot":"","sources":["../../../../src/server/implementation/mutations/createAccountFromCredentials.ts"],"names":[],"mappings":"AAAA,OAAO,EAAS,CAAC,EAAE,MAAM,eAAe,CAAC;AAEzC,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAE3C,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACpE,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,MAAM,CAAC,MAAM,gCAAgC,GAAG,CAAC,CAAC,MAAM,CAAC;IACvD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;IACpB,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,CAAC;IACrE,OAAO,EAAE,CAAC,CAAC,GAAG,EAAE;IAChB,kBAAkB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;IAC3C,kBAAkB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;CAC5C,CAAC,CAAC;AAIH,MAAM,CAAC,KAAK,UAAU,gCAAgC,CACpD,GAAgB,EAChB,IAAoD,EACpD,kBAAmD,EACnD,MAAuB;IAEvB,YAAY,CAAC,UAAU,CAAC,KAAK,EAAE,wCAAwC,EAAE;QACvE,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,OAAO,EAAE;YACP,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE;YACnB,MAAM,EAAE,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;SAC/C;KACF,CAAC,CAAC;IACH,MAAM,EACJ,QAAQ,EAAE,UAAU,EACpB,OAAO,EACP,OAAO,EACP,kBAAkB,EAClB,kBAAkB,GACnB,GAAG,IAAI,CAAC;IACT,MAAM,MAAM,GACV,MAAM,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC9E,MAAM,QAAQ,GAAG,kBAAkB,CAAC,UAAU,CAA4B,CAAC;IAC3E,MAAM,eAAe,GACnB,MAAM,KAAK,IAAI;QACb,CAAC,CAAE,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC,EAAE,CAAC,CAA2B;QACjF,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE;aACT,KAAK,CAAC,SAAS,CAAC;aAChB,SAAS,CAAC,sBAAsB,EAAE,CAAC,CAAC,EAAE,EAAE,CACvC,CAAC,CAAC,EAAE,CAAC,UAAU,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,mBAAmB,EAAE,OAAO,CAAC,EAAE,CAAC,CAClE;aACA,MAAM,EAAE,CAAC;IAClB,IAAI,eAAe,KAAK,IAAI,EAAE,CAAC;QAC7B,IACE,OAAO,CAAC,MAAM,KAAK,SAAS;YAC5B,CAAC,CAAC,MAAM,QAAQ,CAAC,MAAM,CACrB,QAAQ,EACR,OAAO,CAAC,MAAM,EACd,eAAe,CAAC,MAAM,IAAI,EAAE,CAC7B,CAAC,EACF,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,WAAW,OAAO,CAAC,EAAE,iBAAiB,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO;YACL,OAAO,EAAE,eAAe;YACxB,0BAA0B;YAC1B,IAAI,EACF,MAAM,KAAK,IAAI;gBACb,CAAC,CAAE,CAAC,MAAM,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,MAAM,CAAC,CAA4B;gBAClF,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,eAAe,CAAC,MAAM,CAAC,CAAE;SAClD,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GACV,OAAO,CAAC,MAAM,KAAK,SAAS;QAC1B,CAAC,CAAC,MAAM,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC;QAC/C,CAAC,CAAC,SAAS,CAAC;IAChB,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,oBAAoB,CACtD,GAAG,EACH,MAAM,gBAAgB,CAAC,GAAG,CAAC,EAC3B,EAAE,iBAAiB,EAAE,OAAO,CAAC,EAAE,EAAE,MAAM,EAAE,EACzC;QACE,IAAI,EAAE,aAAa;QACnB,QAAQ;QACR,OAAO;QACP,kBAAkB;QAClB,kBAAkB;KACnB,EACD,MAAM,CACP,CAAC;IAEF,OAAO;QACL,OAAO,EACL,MAAM,KAAK,IAAI;YACb,CAAC,CAAE,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,CAAC,CAAoB;YAChE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,SAAS,CAAC,CAAE;QACpC,IAAI,EACF,MAAM,KAAK,IAAI;YACb,CAAC,CAAE,CAAC,MAAM,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAA4B;YAClE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAE;KAClC,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,gCAAgC,GAAG,KAAK,EACnD,GAAc,EACd,IAAoD,EAC/B,EAAE;IACvB,OAAO,GAAG,CAAC,WAAW,CAAC,YAAmB,EAAE;QAC1C,IAAI,EAAE;YACJ,IAAI,EAAE,8BAA8B;YACpC,GAAG,IAAI;SACR;KACF,CAAC,CAAC;AACL,CAAC,CAAC"}