@rockcarver/frodo-lib 0.12.0 → 0.12.2-0

package/cjs/ops/AuthenticateOps.js.map

@@ -1 +1 @@
-{"version":3,"file":"AuthenticateOps.js","names":["url","createHash","randomBytes","readlineSync","encodeBase64Url","storage","global","printMessage","getServerInfo","getServerVersionInfo","step","accessToken","authorize","getConnectionProfile","saveConnectionProfile","adminClientPassword","redirectUrlTemplate","idmAdminScope","adminClientId","getCookieName","data","cookieName","error","checkAndHandle2FA","payload","element","callbacks","type","input","value","includes","need2fa","output","code","question","determineDefaultRealm","deploymentType","session","getRealm","DEFAULT_REALM_KEY","setRealm","DEPLOYMENT_TYPE_REALM_MAP","determineDeploymentType","fidcClientId","forgeopsClientId","verifier","challenge","update","digest","challengeMethod","redirectURL","resolve","getTenant","config","maxRedirects","bodyFormData","getCookieValue","CLASSIC_DEPLOYMENT_TYPE_KEY","e","response","status","CLOUD_DEPLOYMENT_TYPE_KEY","ex","FORGEOPS_DEPLOYMENT_TYPE_KEY","getSemanticVersion","versionInfo","versionString","version","rx","match","Error","authenticate","setCookieName","headers","getUsername","getPassword","response1","skip2FA","response2","setCookieValue","getDeploymentType","setDeploymentType","fullVersion","setAmVersion","message","getAuthCode","codeChallenge","codeChallengeMethod","redirectLocationURL","request","res","responseUrl","queryObject","parse","query","getAccessToken","authCode","auth","username","password","setBearerToken","access_token","getTokens","save","credsFromParameters","conn","setTenant","tenant","setUsername","setPassword","getBearerToken"],"sources":["ops/AuthenticateOps.ts"],"sourcesContent":["import url from 'url';\nimport { createHash, randomBytes } from 'crypto';\nimport readlineSync from 'readline-sync';\nimport { encodeBase64Url } from '../api/utils/Base64';\nimport storage from '../storage/SessionStorage';\nimport * as global from '../storage/StaticStorage';\nimport { printMessage } from './utils/Console';\nimport { getServerInfo, getServerVersionInfo } from '../api/ServerInfoApi';\nimport { step } from '../api/AuthenticateApi';\nimport { accessToken, authorize } from '../api/OAuth2OIDCApi';\nimport {\n  getConnectionProfile,\n  saveConnectionProfile,\n} from './ConnectionProfileOps';\n\nconst adminClientPassword = 'doesnotmatter';\nconst redirectUrlTemplate = '/platform/appAuthHelperRedirect.html';\n\nconst idmAdminScope = 'fr:idm:* openid';\n\nlet adminClientId = 'idmAdminClient';\n\n/**\n * Helper function to get cookie name\n * @returns {String} cookie name\n */\nasync function getCookieName() {\n  try {\n    return (await getServerInfo()).data.cookieName;\n  } catch (error) {\n    printMessage(`Error getting cookie name: ${error}`, 'error');\n    return null;\n  }\n}\n\n/**\n * Helper function to determine if this is a setup mfa prompt in the ID Cloud tenant admin login journey\n * @param {Object} payload response from the previous authentication journey step\n * @returns {Object} an object indicating if 2fa is required and the original payload\n */\nfunction checkAndHandle2FA(payload) {\n  // let skippable = false;\n  if ('callbacks' in payload) {\n    for (const element of payload.callbacks) {\n      if (element.type === 'HiddenValueCallback') {\n        if (element.input[0].value.includes('skip')) {\n          // skippable = true;\n          element.input[0].value = 'Skip';\n          return {\n            need2fa: true,\n            payload,\n          };\n        }\n      }\n      if (element.type === 'NameCallback') {\n        if (element.output[0].value.includes('code')) {\n          // skippable = false;\n          printMessage('2FA is enabled and required for this user...');\n          const code = readlineSync.question(`${element.output[0].value}: `);\n          element.input[0].value = code;\n          return {\n            need2fa: true,\n            payload,\n          };\n        }\n      }\n    }\n    // console.info(\"NO2FA\");\n    return {\n      need2fa: false,\n      payload,\n    };\n  }\n  // console.info(\"NO2FA\");\n  return {\n    need2fa: false,\n    payload,\n  };\n}\n\n/**\n * Helper function to set the default realm by deployment type\n * @param {String} deploymentType deployment type\n */\nfunction determineDefaultRealm(deploymentType) {\n  if (storage.session.getRealm() === global.DEFAULT_REALM_KEY) {\n    storage.session.setRealm(global.DEPLOYMENT_TYPE_REALM_MAP[deploymentType]);\n  }\n}\n\n/**\n * Helper function to determine the deployment type\n * @returns {String} deployment type\n */\nasync function determineDeploymentType() {\n  const fidcClientId = 'idmAdminClient';\n  const forgeopsClientId = 'idm-admin-ui';\n\n  const verifier = encodeBase64Url(randomBytes(32));\n  const challenge = encodeBase64Url(\n    createHash('sha256').update(verifier).digest()\n  );\n  const challengeMethod = 'S256';\n  const redirectURL = url.resolve(\n    storage.session.getTenant(),\n    redirectUrlTemplate\n  );\n\n  const config = {\n    maxRedirects: 0,\n  };\n  let bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScope}&response_type=code&client_id=${fidcClientId}&csrf=${storage.session.getCookieValue()}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n\n  let deploymentType = global.CLASSIC_DEPLOYMENT_TYPE_KEY;\n  try {\n    await authorize(bodyFormData, config);\n  } catch (e) {\n    if (e.response && e.response.status === 302) {\n      printMessage('ForgeRock Identity Cloud ', 'info', false);\n      deploymentType = global.CLOUD_DEPLOYMENT_TYPE_KEY;\n    } else {\n      try {\n        bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScope}&response_type=code&client_id=${forgeopsClientId}&csrf=${storage.session.getCookieValue()}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n        await authorize(bodyFormData, config);\n      } catch (ex) {\n        if (ex.response.status === 302) {\n          adminClientId = forgeopsClientId;\n          printMessage('ForgeOps deployment ', 'info', false);\n          deploymentType = global.FORGEOPS_DEPLOYMENT_TYPE_KEY;\n        } else {\n          printMessage('Classic deployment ', 'info', false);\n        }\n      }\n    }\n    printMessage('detected.');\n  }\n  determineDefaultRealm(deploymentType);\n  return deploymentType;\n}\n\n/**\n * Helper function to extract the semantic version string from a version info object\n * @param {Object} versionInfo version info object\n * @returns {String} semantic version\n */\nasync function getSemanticVersion(versionInfo) {\n  if ('version' in versionInfo) {\n    const versionString = versionInfo.version;\n    const rx = /([\\d]\\.[\\d]\\.[\\d](\\.[\\d])*)/g;\n    const version = versionString.match(rx);\n    return version[0];\n  }\n  throw new Error('Cannot extract semantic version from version info object.');\n}\n\n/**\n * Helper function to authenticate and obtain and store session cookie\n * @returns {String} empty string or null\n */\nasync function authenticate() {\n  storage.session.setCookieName(await getCookieName());\n  try {\n    const config = {\n      headers: {\n        'X-OpenAM-Username': storage.session.getUsername(),\n        'X-OpenAM-Password': storage.session.getPassword(),\n      },\n    };\n    const response1 = (await step({}, config)).data;\n    const skip2FA = checkAndHandle2FA(response1);\n    let response2 = {};\n    if (skip2FA.need2fa) {\n      response2 = (await step(skip2FA.payload)).data;\n    } else {\n      response2 = skip2FA.payload;\n    }\n    if ('tokenId' in response2) {\n      storage.session.setCookieValue(response2['tokenId']);\n      if (!storage.session.getDeploymentType()) {\n        storage.session.setDeploymentType(await determineDeploymentType());\n      } else {\n        determineDefaultRealm(storage.session.getDeploymentType());\n      }\n      const versionInfo = (await getServerVersionInfo()).data;\n      printMessage(`Connected to ${versionInfo.fullVersion}`);\n      const version = getSemanticVersion(versionInfo);\n      storage.session.setAmVersion(version);\n      return '';\n    }\n    printMessage(`error authenticating`, 'error');\n    printMessage('+++ likely cause, bad credentials!!! +++', 'error');\n    return null;\n  } catch (e) {\n    if (e.response && e.response.status === 401) {\n      printMessage(`error authenticating - ${e.message}`, 'error');\n      printMessage('+++ likely cause, bad credentials +++', 'error');\n    }\n    if (e.message && e.message === 'self signed certificate') {\n      printMessage(`error authenticating - ${e.message}`, 'error');\n      printMessage('+++ use -k, --insecure option to allow +++', 'error');\n    } else {\n      printMessage(`error authenticating - ${e.message}`, 'error');\n    }\n    return null;\n  }\n}\n\n/**\n * Helper function to obtain an oauth2 authorization code\n * @param {String} redirectURL oauth2 redirect uri\n * @param {String} codeChallenge PKCE code challenge\n * @param {String} codeChallengeMethod PKCE code challenge method\n * @returns {String} oauth2 authorization code or null\n */\nasync function getAuthCode(redirectURL, codeChallenge, codeChallengeMethod) {\n  try {\n    const bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScope}&response_type=code&client_id=${adminClientId}&csrf=${storage.session.getCookieValue()}&decision=allow&code_challenge=${codeChallenge}&code_challenge_method=${codeChallengeMethod}`;\n    const config = {\n      headers: {\n        'Content-Type': 'application/x-www-form-urlencoded',\n      },\n    };\n    const response = await authorize(bodyFormData, config);\n    if (response.status < 200 || response.status > 399) {\n      printMessage('error getting auth code', 'error');\n      printMessage(\n        'likely cause: mismatched parameters with OAuth client config',\n        'error'\n      );\n      return null;\n    }\n    const redirectLocationURL = response.request.res.responseUrl;\n    const queryObject = url.parse(redirectLocationURL, true).query;\n    if ('code' in queryObject) {\n      return queryObject.code;\n    }\n    printMessage('auth code not found', 'error');\n    return null;\n  } catch (error) {\n    printMessage(`error getting auth code - ${error.message}`, 'error');\n    printMessage(error.response.data, 'error');\n    return null;\n  }\n}\n\n/**\n * Helper function to obtain oauth2 access token\n * @returns {String} empty string or null\n */\nasync function getAccessToken() {\n  try {\n    const verifier = encodeBase64Url(randomBytes(32));\n    const challenge = encodeBase64Url(\n      createHash('sha256').update(verifier).digest()\n    );\n    const challengeMethod = 'S256';\n    const redirectURL = url.resolve(\n      storage.session.getTenant(),\n      redirectUrlTemplate\n    );\n    const authCode = await getAuthCode(redirectURL, challenge, challengeMethod);\n    if (authCode == null) {\n      printMessage('error getting auth code', 'error');\n      return null;\n    }\n    let response = null;\n    if (\n      storage.session.getDeploymentType() === global.CLOUD_DEPLOYMENT_TYPE_KEY\n    ) {\n      const config = {\n        auth: {\n          username: adminClientId,\n          password: adminClientPassword,\n        },\n      };\n      const bodyFormData = `redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n      response = await accessToken(bodyFormData, config);\n    } else {\n      const bodyFormData = `client_id=${adminClientId}&redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n      response = await accessToken(bodyFormData);\n    }\n    if (response.status < 200 || response.status > 399) {\n      printMessage(`access token call returned ${response.status}`, 'error');\n      return null;\n    }\n    if ('access_token' in response.data) {\n      storage.session.setBearerToken(response.data.access_token);\n      return '';\n    }\n    printMessage(\"can't get access token\", 'error');\n    return null;\n  } catch (e) {\n    printMessage('error getting access token - ', 'error');\n    return null;\n  }\n}\n\n/**\n * Get tokens\n * @param {boolean} save true to save a connection profile upon successful authentication, false otherwise\n * @returns {boolean} true if tokens were successfully obtained, false otherwise\n */\nexport async function getTokens(save = false) {\n  let credsFromParameters = true;\n  // if username/password on cli are empty, try to read from connections.json\n  if (\n    storage.session.getUsername() == null &&\n    storage.session.getPassword() == null\n  ) {\n    credsFromParameters = false;\n    const conn = await getConnectionProfile();\n    if (conn) {\n      storage.session.setTenant(conn.tenant);\n      storage.session.setUsername(conn.username);\n      storage.session.setPassword(conn.password);\n    } else {\n      return false;\n    }\n  }\n  await authenticate();\n  if (\n    storage.session.getCookieValue() &&\n    !storage.session.getBearerToken() &&\n    (storage.session.getDeploymentType() === global.CLOUD_DEPLOYMENT_TYPE_KEY ||\n      storage.session.getDeploymentType() ===\n        global.FORGEOPS_DEPLOYMENT_TYPE_KEY)\n  ) {\n    await getAccessToken();\n  }\n  if (save && storage.session.getCookieValue() && credsFromParameters) {\n    // valid cookie, which means valid username/password combo. Save it in connections.json\n    saveConnectionProfile();\n    return true;\n  }\n  if (!storage.session.getCookieValue()) {\n    return false;\n  }\n  return true;\n}\n"],"mappings":"AAAA,OAAOA,GAAP,MAAgB,KAAhB;AACA,SAASC,UAAT,EAAqBC,WAArB,QAAwC,QAAxC;AACA,OAAOC,YAAP,MAAyB,eAAzB;AACA,SAASC,eAAT,QAAgC,qBAAhC;AACA,OAAOC,OAAP,MAAoB,2BAApB;AACA,OAAO,KAAKC,MAAZ,MAAwB,0BAAxB;AACA,SAASC,YAAT,QAA6B,iBAA7B;AACA,SAASC,aAAT,EAAwBC,oBAAxB,QAAoD,sBAApD;AACA,SAASC,IAAT,QAAqB,wBAArB;AACA,SAASC,WAAT,EAAsBC,SAAtB,QAAuC,sBAAvC;AACA,SACEC,oBADF,EAEEC,qBAFF,QAGO,wBAHP;AAKA,MAAMC,mBAAmB,GAAG,eAA5B;AACA,MAAMC,mBAAmB,GAAG,sCAA5B;AAEA,MAAMC,aAAa,GAAG,iBAAtB;AAEA,IAAIC,aAAa,GAAG,gBAApB;AAEA;AACA;AACA;AACA;;AACA,eAAeC,aAAf,GAA+B;EAC7B,IAAI;IACF,OAAO,CAAC,MAAMX,aAAa,EAApB,EAAwBY,IAAxB,CAA6BC,UAApC;EACD,CAFD,CAEE,OAAOC,KAAP,EAAc;IACdf,YAAY,CAAE,8BAA6Be,KAAM,EAArC,EAAwC,OAAxC,CAAZ;IACA,OAAO,IAAP;EACD;AACF;AAED;AACA;AACA;AACA;AACA;;;AACA,SAASC,iBAAT,CAA2BC,OAA3B,EAAoC;EAClC;EACA,IAAI,eAAeA,OAAnB,EAA4B;IAC1B,KAAK,MAAMC,OAAX,IAAsBD,OAAO,CAACE,SAA9B,EAAyC;MACvC,IAAID,OAAO,CAACE,IAAR,KAAiB,qBAArB,EAA4C;QAC1C,IAAIF,OAAO,CAACG,KAAR,CAAc,CAAd,EAAiBC,KAAjB,CAAuBC,QAAvB,CAAgC,MAAhC,CAAJ,EAA6C;UAC3C;UACAL,OAAO,CAACG,KAAR,CAAc,CAAd,EAAiBC,KAAjB,GAAyB,MAAzB;UACA,OAAO;YACLE,OAAO,EAAE,IADJ;YAELP;UAFK,CAAP;QAID;MACF;;MACD,IAAIC,OAAO,CAACE,IAAR,KAAiB,cAArB,EAAqC;QACnC,IAAIF,OAAO,CAACO,MAAR,CAAe,CAAf,EAAkBH,KAAlB,CAAwBC,QAAxB,CAAiC,MAAjC,CAAJ,EAA8C;UAC5C;UACAvB,YAAY,CAAC,8CAAD,CAAZ;UACA,MAAM0B,IAAI,GAAG9B,YAAY,CAAC+B,QAAb,CAAuB,GAAET,OAAO,CAACO,MAAR,CAAe,CAAf,EAAkBH,KAAM,IAAjD,CAAb;UACAJ,OAAO,CAACG,KAAR,CAAc,CAAd,EAAiBC,KAAjB,GAAyBI,IAAzB;UACA,OAAO;YACLF,OAAO,EAAE,IADJ;YAELP;UAFK,CAAP;QAID;MACF;IACF,CAxByB,CAyB1B;;;IACA,OAAO;MACLO,OAAO,EAAE,KADJ;MAELP;IAFK,CAAP;EAID,CAhCiC,CAiClC;;;EACA,OAAO;IACLO,OAAO,EAAE,KADJ;IAELP;EAFK,CAAP;AAID;AAED;AACA;AACA;AACA;;;AACA,SAASW,qBAAT,CAA+BC,cAA/B,EAA+C;EAC7C,IAAI/B,OAAO,CAACgC,OAAR,CAAgBC,QAAhB,OAA+BhC,MAAM,CAACiC,iBAA1C,EAA6D;IAC3DlC,OAAO,CAACgC,OAAR,CAAgBG,QAAhB,CAAyBlC,MAAM,CAACmC,yBAAP,CAAiCL,cAAjC,CAAzB;EACD;AACF;AAED;AACA;AACA;AACA;;;AACA,eAAeM,uBAAf,GAAyC;EACvC,MAAMC,YAAY,GAAG,gBAArB;EACA,MAAMC,gBAAgB,GAAG,cAAzB;EAEA,MAAMC,QAAQ,GAAGzC,eAAe,CAACF,WAAW,CAAC,EAAD,CAAZ,CAAhC;EACA,MAAM4C,SAAS,GAAG1C,eAAe,CAC/BH,UAAU,CAAC,QAAD,CAAV,CAAqB8C,MAArB,CAA4BF,QAA5B,EAAsCG,MAAtC,EAD+B,CAAjC;EAGA,MAAMC,eAAe,GAAG,MAAxB;EACA,MAAMC,WAAW,GAAGlD,GAAG,CAACmD,OAAJ,CAClB9C,OAAO,CAACgC,OAAR,CAAgBe,SAAhB,EADkB,EAElBpC,mBAFkB,CAApB;EAKA,MAAMqC,MAAM,GAAG;IACbC,YAAY,EAAE;EADD,CAAf;EAGA,IAAIC,YAAY,GAAI,gBAAeL,WAAY,UAASjC,aAAc,iCAAgC0B,YAAa,SAAQtC,OAAO,CAACgC,OAAR,CAAgBmB,cAAhB,EAAiC,kCAAiCV,SAAU,0BAAyBG,eAAgB,EAAhP;EAEA,IAAIb,cAAc,GAAG9B,MAAM,CAACmD,2BAA5B;;EACA,IAAI;IACF,MAAM7C,SAAS,CAAC2C,YAAD,EAAeF,MAAf,CAAf;EACD,CAFD,CAEE,OAAOK,CAAP,EAAU;IACV,IAAIA,CAAC,CAACC,QAAF,IAAcD,CAAC,CAACC,QAAF,CAAWC,MAAX,KAAsB,GAAxC,EAA6C;MAC3CrD,YAAY,CAAC,2BAAD,EAA8B,MAA9B,EAAsC,KAAtC,CAAZ;MACA6B,cAAc,GAAG9B,MAAM,CAACuD,yBAAxB;IACD,CAHD,MAGO;MACL,IAAI;QACFN,YAAY,GAAI,gBAAeL,WAAY,UAASjC,aAAc,iCAAgC2B,gBAAiB,SAAQvC,OAAO,CAACgC,OAAR,CAAgBmB,cAAhB,EAAiC,kCAAiCV,SAAU,0BAAyBG,eAAgB,EAAhP;QACA,MAAMrC,SAAS,CAAC2C,YAAD,EAAeF,MAAf,CAAf;MACD,CAHD,CAGE,OAAOS,EAAP,EAAW;QACX,IAAIA,EAAE,CAACH,QAAH,CAAYC,MAAZ,KAAuB,GAA3B,EAAgC;UAC9B1C,aAAa,GAAG0B,gBAAhB;UACArC,YAAY,CAAC,sBAAD,EAAyB,MAAzB,EAAiC,KAAjC,CAAZ;UACA6B,cAAc,GAAG9B,MAAM,CAACyD,4BAAxB;QACD,CAJD,MAIO;UACLxD,YAAY,CAAC,qBAAD,EAAwB,MAAxB,EAAgC,KAAhC,CAAZ;QACD;MACF;IACF;;IACDA,YAAY,CAAC,WAAD,CAAZ;EACD;;EACD4B,qBAAqB,CAACC,cAAD,CAArB;EACA,OAAOA,cAAP;AACD;AAED;AACA;AACA;AACA;AACA;;;AACA,eAAe4B,kBAAf,CAAkCC,WAAlC,EAA+C;EAC7C,IAAI,aAAaA,WAAjB,EAA8B;IAC5B,MAAMC,aAAa,GAAGD,WAAW,CAACE,OAAlC;IACA,MAAMC,EAAE,GAAG,8BAAX;IACA,MAAMD,OAAO,GAAGD,aAAa,CAACG,KAAd,CAAoBD,EAApB,CAAhB;IACA,OAAOD,OAAO,CAAC,CAAD,CAAd;EACD;;EACD,MAAM,IAAIG,KAAJ,CAAU,2DAAV,CAAN;AACD;AAED;AACA;AACA;AACA;;;AACA,eAAeC,YAAf,GAA8B;EAC5BlE,OAAO,CAACgC,OAAR,CAAgBmC,aAAhB,CAA8B,MAAMrD,aAAa,EAAjD;;EACA,IAAI;IACF,MAAMkC,MAAM,GAAG;MACboB,OAAO,EAAE;QACP,qBAAqBpE,OAAO,CAACgC,OAAR,CAAgBqC,WAAhB,EADd;QAEP,qBAAqBrE,OAAO,CAACgC,OAAR,CAAgBsC,WAAhB;MAFd;IADI,CAAf;IAMA,MAAMC,SAAS,GAAG,CAAC,MAAMlE,IAAI,CAAC,EAAD,EAAK2C,MAAL,CAAX,EAAyBjC,IAA3C;IACA,MAAMyD,OAAO,GAAGtD,iBAAiB,CAACqD,SAAD,CAAjC;IACA,IAAIE,SAAS,GAAG,EAAhB;;IACA,IAAID,OAAO,CAAC9C,OAAZ,EAAqB;MACnB+C,SAAS,GAAG,CAAC,MAAMpE,IAAI,CAACmE,OAAO,CAACrD,OAAT,CAAX,EAA8BJ,IAA1C;IACD,CAFD,MAEO;MACL0D,SAAS,GAAGD,OAAO,CAACrD,OAApB;IACD;;IACD,IAAI,aAAasD,SAAjB,EAA4B;MAC1BzE,OAAO,CAACgC,OAAR,CAAgB0C,cAAhB,CAA+BD,SAAS,CAAC,SAAD,CAAxC;;MACA,IAAI,CAACzE,OAAO,CAACgC,OAAR,CAAgB2C,iBAAhB,EAAL,EAA0C;QACxC3E,OAAO,CAACgC,OAAR,CAAgB4C,iBAAhB,CAAkC,MAAMvC,uBAAuB,EAA/D;MACD,CAFD,MAEO;QACLP,qBAAqB,CAAC9B,OAAO,CAACgC,OAAR,CAAgB2C,iBAAhB,EAAD,CAArB;MACD;;MACD,MAAMf,WAAW,GAAG,CAAC,MAAMxD,oBAAoB,EAA3B,EAA+BW,IAAnD;MACAb,YAAY,CAAE,gBAAe0D,WAAW,CAACiB,WAAY,EAAzC,CAAZ;MACA,MAAMf,OAAO,GAAGH,kBAAkB,CAACC,WAAD,CAAlC;MACA5D,OAAO,CAACgC,OAAR,CAAgB8C,YAAhB,CAA6BhB,OAA7B;MACA,OAAO,EAAP;IACD;;IACD5D,YAAY,CAAE,sBAAF,EAAyB,OAAzB,CAAZ;IACAA,YAAY,CAAC,0CAAD,EAA6C,OAA7C,CAAZ;IACA,OAAO,IAAP;EACD,CA/BD,CA+BE,OAAOmD,CAAP,EAAU;IACV,IAAIA,CAAC,CAACC,QAAF,IAAcD,CAAC,CAACC,QAAF,CAAWC,MAAX,KAAsB,GAAxC,EAA6C;MAC3CrD,YAAY,CAAE,0BAAyBmD,CAAC,CAAC0B,OAAQ,EAArC,EAAwC,OAAxC,CAAZ;MACA7E,YAAY,CAAC,uCAAD,EAA0C,OAA1C,CAAZ;IACD;;IACD,IAAImD,CAAC,CAAC0B,OAAF,IAAa1B,CAAC,CAAC0B,OAAF,KAAc,yBAA/B,EAA0D;MACxD7E,YAAY,CAAE,0BAAyBmD,CAAC,CAAC0B,OAAQ,EAArC,EAAwC,OAAxC,CAAZ;MACA7E,YAAY,CAAC,4CAAD,EAA+C,OAA/C,CAAZ;IACD,CAHD,MAGO;MACLA,YAAY,CAAE,0BAAyBmD,CAAC,CAAC0B,OAAQ,EAArC,EAAwC,OAAxC,CAAZ;IACD;;IACD,OAAO,IAAP;EACD;AACF;AAED;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA,eAAeC,WAAf,CAA2BnC,WAA3B,EAAwCoC,aAAxC,EAAuDC,mBAAvD,EAA4E;EAC1E,IAAI;IACF,MAAMhC,YAAY,GAAI,gBAAeL,WAAY,UAASjC,aAAc,iCAAgCC,aAAc,SAAQb,OAAO,CAACgC,OAAR,CAAgBmB,cAAhB,EAAiC,kCAAiC8B,aAAc,0BAAyBC,mBAAoB,EAA3P;IACA,MAAMlC,MAAM,GAAG;MACboB,OAAO,EAAE;QACP,gBAAgB;MADT;IADI,CAAf;IAKA,MAAMd,QAAQ,GAAG,MAAM/C,SAAS,CAAC2C,YAAD,EAAeF,MAAf,CAAhC;;IACA,IAAIM,QAAQ,CAACC,MAAT,GAAkB,GAAlB,IAAyBD,QAAQ,CAACC,MAAT,GAAkB,GAA/C,EAAoD;MAClDrD,YAAY,CAAC,yBAAD,EAA4B,OAA5B,CAAZ;MACAA,YAAY,CACV,8DADU,EAEV,OAFU,CAAZ;MAIA,OAAO,IAAP;IACD;;IACD,MAAMiF,mBAAmB,GAAG7B,QAAQ,CAAC8B,OAAT,CAAiBC,GAAjB,CAAqBC,WAAjD;IACA,MAAMC,WAAW,GAAG5F,GAAG,CAAC6F,KAAJ,CAAUL,mBAAV,EAA+B,IAA/B,EAAqCM,KAAzD;;IACA,IAAI,UAAUF,WAAd,EAA2B;MACzB,OAAOA,WAAW,CAAC3D,IAAnB;IACD;;IACD1B,YAAY,CAAC,qBAAD,EAAwB,OAAxB,CAAZ;IACA,OAAO,IAAP;EACD,CAvBD,CAuBE,OAAOe,KAAP,EAAc;IACdf,YAAY,CAAE,6BAA4Be,KAAK,CAAC8D,OAAQ,EAA5C,EAA+C,OAA/C,CAAZ;IACA7E,YAAY,CAACe,KAAK,CAACqC,QAAN,CAAevC,IAAhB,EAAsB,OAAtB,CAAZ;IACA,OAAO,IAAP;EACD;AACF;AAED;AACA;AACA;AACA;;;AACA,eAAe2E,cAAf,GAAgC;EAC9B,IAAI;IACF,MAAMlD,QAAQ,GAAGzC,eAAe,CAACF,WAAW,CAAC,EAAD,CAAZ,CAAhC;IACA,MAAM4C,SAAS,GAAG1C,eAAe,CAC/BH,UAAU,CAAC,QAAD,CAAV,CAAqB8C,MAArB,CAA4BF,QAA5B,EAAsCG,MAAtC,EAD+B,CAAjC;IAGA,MAAMC,eAAe,GAAG,MAAxB;IACA,MAAMC,WAAW,GAAGlD,GAAG,CAACmD,OAAJ,CAClB9C,OAAO,CAACgC,OAAR,CAAgBe,SAAhB,EADkB,EAElBpC,mBAFkB,CAApB;IAIA,MAAMgF,QAAQ,GAAG,MAAMX,WAAW,CAACnC,WAAD,EAAcJ,SAAd,EAAyBG,eAAzB,CAAlC;;IACA,IAAI+C,QAAQ,IAAI,IAAhB,EAAsB;MACpBzF,YAAY,CAAC,yBAAD,EAA4B,OAA5B,CAAZ;MACA,OAAO,IAAP;IACD;;IACD,IAAIoD,QAAQ,GAAG,IAAf;;IACA,IACEtD,OAAO,CAACgC,OAAR,CAAgB2C,iBAAhB,OAAwC1E,MAAM,CAACuD,yBADjD,EAEE;MACA,MAAMR,MAAM,GAAG;QACb4C,IAAI,EAAE;UACJC,QAAQ,EAAEhF,aADN;UAEJiF,QAAQ,EAAEpF;QAFN;MADO,CAAf;MAMA,MAAMwC,YAAY,GAAI,gBAAeL,WAAY,uCAAsC8C,QAAS,kBAAiBnD,QAAS,EAA1H;MACAc,QAAQ,GAAG,MAAMhD,WAAW,CAAC4C,YAAD,EAAeF,MAAf,CAA5B;IACD,CAXD,MAWO;MACL,MAAME,YAAY,GAAI,aAAYrC,aAAc,iBAAgBgC,WAAY,uCAAsC8C,QAAS,kBAAiBnD,QAAS,EAArJ;MACAc,QAAQ,GAAG,MAAMhD,WAAW,CAAC4C,YAAD,CAA5B;IACD;;IACD,IAAII,QAAQ,CAACC,MAAT,GAAkB,GAAlB,IAAyBD,QAAQ,CAACC,MAAT,GAAkB,GAA/C,EAAoD;MAClDrD,YAAY,CAAE,8BAA6BoD,QAAQ,CAACC,MAAO,EAA/C,EAAkD,OAAlD,CAAZ;MACA,OAAO,IAAP;IACD;;IACD,IAAI,kBAAkBD,QAAQ,CAACvC,IAA/B,EAAqC;MACnCf,OAAO,CAACgC,OAAR,CAAgB+D,cAAhB,CAA+BzC,QAAQ,CAACvC,IAAT,CAAciF,YAA7C;MACA,OAAO,EAAP;IACD;;IACD9F,YAAY,CAAC,wBAAD,EAA2B,OAA3B,CAAZ;IACA,OAAO,IAAP;EACD,CAzCD,CAyCE,OAAOmD,CAAP,EAAU;IACVnD,YAAY,CAAC,+BAAD,EAAkC,OAAlC,CAAZ;IACA,OAAO,IAAP;EACD;AACF;AAED;AACA;AACA;AACA;AACA;;;AACA,OAAO,eAAe+F,SAAf,CAAyBC,IAAI,GAAG,KAAhC,EAAuC;EAC5C,IAAIC,mBAAmB,GAAG,IAA1B,CAD4C,CAE5C;;EACA,IACEnG,OAAO,CAACgC,OAAR,CAAgBqC,WAAhB,MAAiC,IAAjC,IACArE,OAAO,CAACgC,OAAR,CAAgBsC,WAAhB,MAAiC,IAFnC,EAGE;IACA6B,mBAAmB,GAAG,KAAtB;IACA,MAAMC,IAAI,GAAG,MAAM5F,oBAAoB,EAAvC;;IACA,IAAI4F,IAAJ,EAAU;MACRpG,OAAO,CAACgC,OAAR,CAAgBqE,SAAhB,CAA0BD,IAAI,CAACE,MAA/B;MACAtG,OAAO,CAACgC,OAAR,CAAgBuE,WAAhB,CAA4BH,IAAI,CAACP,QAAjC;MACA7F,OAAO,CAACgC,OAAR,CAAgBwE,WAAhB,CAA4BJ,IAAI,CAACN,QAAjC;IACD,CAJD,MAIO;MACL,OAAO,KAAP;IACD;EACF;;EACD,MAAM5B,YAAY,EAAlB;;EACA,IACElE,OAAO,CAACgC,OAAR,CAAgBmB,cAAhB,MACA,CAACnD,OAAO,CAACgC,OAAR,CAAgByE,cAAhB,EADD,KAECzG,OAAO,CAACgC,OAAR,CAAgB2C,iBAAhB,OAAwC1E,MAAM,CAACuD,yBAA/C,IACCxD,OAAO,CAACgC,OAAR,CAAgB2C,iBAAhB,OACE1E,MAAM,CAACyD,4BAJX,CADF,EAME;IACA,MAAMgC,cAAc,EAApB;EACD;;EACD,IAAIQ,IAAI,IAAIlG,OAAO,CAACgC,OAAR,CAAgBmB,cAAhB,EAAR,IAA4CgD,mBAAhD,EAAqE;IACnE;IACA1F,qBAAqB;IACrB,OAAO,IAAP;EACD;;EACD,IAAI,CAACT,OAAO,CAACgC,OAAR,CAAgBmB,cAAhB,EAAL,EAAuC;IACrC,OAAO,KAAP;EACD;;EACD,OAAO,IAAP;AACD"}
+{"version":3,"file":"AuthenticateOps.js","names":["adminClientPassword","redirectUrlTemplate","idmAdminScope","adminClientId","getCookieName","getServerInfo","data","cookieName","error","printMessage","checkAndHandle2FA","payload","element","callbacks","type","input","value","includes","need2fa","output","code","readlineSync","question","determineDefaultRealm","deploymentType","storage","session","getRealm","global","DEFAULT_REALM_KEY","setRealm","DEPLOYMENT_TYPE_REALM_MAP","determineDeploymentType","fidcClientId","forgeopsClientId","verifier","encodeBase64Url","randomBytes","challenge","createHash","update","digest","challengeMethod","redirectURL","url","resolve","getTenant","config","maxRedirects","bodyFormData","getCookieValue","CLASSIC_DEPLOYMENT_TYPE_KEY","authorize","e","response","status","CLOUD_DEPLOYMENT_TYPE_KEY","ex","FORGEOPS_DEPLOYMENT_TYPE_KEY","getSemanticVersion","versionInfo","versionString","version","rx","match","Error","authenticate","setCookieName","headers","getUsername","getPassword","response1","step","skip2FA","response2","setCookieValue","getDeploymentType","setDeploymentType","getServerVersionInfo","fullVersion","setAmVersion","message","getAuthCode","codeChallenge","codeChallengeMethod","redirectLocationURL","request","res","responseUrl","queryObject","parse","query","getAccessToken","authCode","auth","username","password","accessToken","setBearerToken","access_token","getTokens","save","credsFromParameters","conn","getConnectionProfile","setTenant","tenant","setUsername","setPassword","getBearerToken","saveConnectionProfile"],"sources":["ops/AuthenticateOps.ts"],"sourcesContent":["import url from 'url';\nimport { createHash, randomBytes } from 'crypto';\nimport readlineSync from 'readline-sync';\nimport { encodeBase64Url } from '../api/utils/Base64';\nimport storage from '../storage/SessionStorage';\nimport * as global from '../storage/StaticStorage';\nimport { printMessage } from './utils/Console';\nimport { getServerInfo, getServerVersionInfo } from '../api/ServerInfoApi';\nimport { step } from '../api/AuthenticateApi';\nimport { accessToken, authorize } from '../api/OAuth2OIDCApi';\nimport {\n  getConnectionProfile,\n  saveConnectionProfile,\n} from './ConnectionProfileOps';\n\nconst adminClientPassword = 'doesnotmatter';\nconst redirectUrlTemplate = '/platform/appAuthHelperRedirect.html';\n\nconst idmAdminScope = 'fr:idm:* openid';\n\nlet adminClientId = 'idmAdminClient';\n\n/**\n * Helper function to get cookie name\n * @returns {String} cookie name\n */\nasync function getCookieName() {\n  try {\n    return (await getServerInfo()).data.cookieName;\n  } catch (error) {\n    printMessage(`Error getting cookie name: ${error}`, 'error');\n    return null;\n  }\n}\n\n/**\n * Helper function to determine if this is a setup mfa prompt in the ID Cloud tenant admin login journey\n * @param {Object} payload response from the previous authentication journey step\n * @returns {Object} an object indicating if 2fa is required and the original payload\n */\nfunction checkAndHandle2FA(payload) {\n  // let skippable = false;\n  if ('callbacks' in payload) {\n    for (const element of payload.callbacks) {\n      if (element.type === 'HiddenValueCallback') {\n        if (element.input[0].value.includes('skip')) {\n          // skippable = true;\n          element.input[0].value = 'Skip';\n          return {\n            need2fa: true,\n            payload,\n          };\n        }\n      }\n      if (element.type === 'NameCallback') {\n        if (element.output[0].value.includes('code')) {\n          // skippable = false;\n          printMessage('2FA is enabled and required for this user...');\n          const code = readlineSync.question(`${element.output[0].value}: `);\n          element.input[0].value = code;\n          return {\n            need2fa: true,\n            payload,\n          };\n        }\n      }\n    }\n    // console.info(\"NO2FA\");\n    return {\n      need2fa: false,\n      payload,\n    };\n  }\n  // console.info(\"NO2FA\");\n  return {\n    need2fa: false,\n    payload,\n  };\n}\n\n/**\n * Helper function to set the default realm by deployment type\n * @param {String} deploymentType deployment type\n */\nfunction determineDefaultRealm(deploymentType) {\n  if (storage.session.getRealm() === global.DEFAULT_REALM_KEY) {\n    storage.session.setRealm(global.DEPLOYMENT_TYPE_REALM_MAP[deploymentType]);\n  }\n}\n\n/**\n * Helper function to determine the deployment type\n * @returns {String} deployment type\n */\nasync function determineDeploymentType() {\n  const fidcClientId = 'idmAdminClient';\n  const forgeopsClientId = 'idm-admin-ui';\n\n  const verifier = encodeBase64Url(randomBytes(32));\n  const challenge = encodeBase64Url(\n    createHash('sha256').update(verifier).digest()\n  );\n  const challengeMethod = 'S256';\n  const redirectURL = url.resolve(\n    storage.session.getTenant(),\n    redirectUrlTemplate\n  );\n\n  const config = {\n    maxRedirects: 0,\n  };\n  let bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScope}&response_type=code&client_id=${fidcClientId}&csrf=${storage.session.getCookieValue()}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n\n  let deploymentType = global.CLASSIC_DEPLOYMENT_TYPE_KEY;\n  try {\n    await authorize(bodyFormData, config);\n  } catch (e) {\n    if (e.response && e.response.status === 302) {\n      printMessage('ForgeRock Identity Cloud ', 'info', false);\n      deploymentType = global.CLOUD_DEPLOYMENT_TYPE_KEY;\n    } else {\n      try {\n        bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScope}&response_type=code&client_id=${forgeopsClientId}&csrf=${storage.session.getCookieValue()}&decision=allow&code_challenge=${challenge}&code_challenge_method=${challengeMethod}`;\n        await authorize(bodyFormData, config);\n      } catch (ex) {\n        if (ex.response.status === 302) {\n          adminClientId = forgeopsClientId;\n          printMessage('ForgeOps deployment ', 'info', false);\n          deploymentType = global.FORGEOPS_DEPLOYMENT_TYPE_KEY;\n        } else {\n          printMessage('Classic deployment ', 'info', false);\n        }\n      }\n    }\n    printMessage('detected.');\n  }\n  determineDefaultRealm(deploymentType);\n  return deploymentType;\n}\n\n/**\n * Helper function to extract the semantic version string from a version info object\n * @param {Object} versionInfo version info object\n * @returns {String} semantic version\n */\nasync function getSemanticVersion(versionInfo) {\n  if ('version' in versionInfo) {\n    const versionString = versionInfo.version;\n    const rx = /([\\d]\\.[\\d]\\.[\\d](\\.[\\d])*)/g;\n    const version = versionString.match(rx);\n    return version[0];\n  }\n  throw new Error('Cannot extract semantic version from version info object.');\n}\n\n/**\n * Helper function to authenticate and obtain and store session cookie\n * @returns {String} empty string or null\n */\nasync function authenticate() {\n  storage.session.setCookieName(await getCookieName());\n  try {\n    const config = {\n      headers: {\n        'X-OpenAM-Username': storage.session.getUsername(),\n        'X-OpenAM-Password': storage.session.getPassword(),\n      },\n    };\n    const response1 = (await step({}, config)).data;\n    const skip2FA = checkAndHandle2FA(response1);\n    let response2 = {};\n    if (skip2FA.need2fa) {\n      response2 = (await step(skip2FA.payload)).data;\n    } else {\n      response2 = skip2FA.payload;\n    }\n    if ('tokenId' in response2) {\n      storage.session.setCookieValue(response2['tokenId']);\n      if (!storage.session.getDeploymentType()) {\n        storage.session.setDeploymentType(await determineDeploymentType());\n      } else {\n        determineDefaultRealm(storage.session.getDeploymentType());\n      }\n      const versionInfo = (await getServerVersionInfo()).data;\n      printMessage(`Connected to ${versionInfo.fullVersion}`);\n      const version = getSemanticVersion(versionInfo);\n      storage.session.setAmVersion(version);\n      return '';\n    }\n    printMessage(`error authenticating`, 'error');\n    printMessage('+++ likely cause, bad credentials!!! +++', 'error');\n    return null;\n  } catch (e) {\n    if (e.response && e.response.status === 401) {\n      printMessage(`error authenticating - ${e.message}`, 'error');\n      printMessage('+++ likely cause, bad credentials +++', 'error');\n    }\n    if (e.message && e.message === 'self signed certificate') {\n      printMessage(`error authenticating - ${e.message}`, 'error');\n      printMessage('+++ use -k, --insecure option to allow +++', 'error');\n    } else {\n      printMessage(`error authenticating - ${e.message}`, 'error');\n    }\n    return null;\n  }\n}\n\n/**\n * Helper function to obtain an oauth2 authorization code\n * @param {String} redirectURL oauth2 redirect uri\n * @param {String} codeChallenge PKCE code challenge\n * @param {String} codeChallengeMethod PKCE code challenge method\n * @returns {String} oauth2 authorization code or null\n */\nasync function getAuthCode(redirectURL, codeChallenge, codeChallengeMethod) {\n  try {\n    const bodyFormData = `redirect_uri=${redirectURL}&scope=${idmAdminScope}&response_type=code&client_id=${adminClientId}&csrf=${storage.session.getCookieValue()}&decision=allow&code_challenge=${codeChallenge}&code_challenge_method=${codeChallengeMethod}`;\n    const config = {\n      headers: {\n        'Content-Type': 'application/x-www-form-urlencoded',\n      },\n    };\n    const response = await authorize(bodyFormData, config);\n    if (response.status < 200 || response.status > 399) {\n      printMessage('error getting auth code', 'error');\n      printMessage(\n        'likely cause: mismatched parameters with OAuth client config',\n        'error'\n      );\n      return null;\n    }\n    const redirectLocationURL = response.request.res.responseUrl;\n    const queryObject = url.parse(redirectLocationURL, true).query;\n    if ('code' in queryObject) {\n      return queryObject.code;\n    }\n    printMessage('auth code not found', 'error');\n    return null;\n  } catch (error) {\n    printMessage(`error getting auth code - ${error.message}`, 'error');\n    printMessage(error.response.data, 'error');\n    return null;\n  }\n}\n\n/**\n * Helper function to obtain oauth2 access token\n * @returns {String} empty string or null\n */\nasync function getAccessToken() {\n  try {\n    const verifier = encodeBase64Url(randomBytes(32));\n    const challenge = encodeBase64Url(\n      createHash('sha256').update(verifier).digest()\n    );\n    const challengeMethod = 'S256';\n    const redirectURL = url.resolve(\n      storage.session.getTenant(),\n      redirectUrlTemplate\n    );\n    const authCode = await getAuthCode(redirectURL, challenge, challengeMethod);\n    if (authCode == null) {\n      printMessage('error getting auth code', 'error');\n      return null;\n    }\n    let response = null;\n    if (\n      storage.session.getDeploymentType() === global.CLOUD_DEPLOYMENT_TYPE_KEY\n    ) {\n      const config = {\n        auth: {\n          username: adminClientId,\n          password: adminClientPassword,\n        },\n      };\n      const bodyFormData = `redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n      response = await accessToken(bodyFormData, config);\n    } else {\n      const bodyFormData = `client_id=${adminClientId}&redirect_uri=${redirectURL}&grant_type=authorization_code&code=${authCode}&code_verifier=${verifier}`;\n      response = await accessToken(bodyFormData);\n    }\n    if (response.status < 200 || response.status > 399) {\n      printMessage(`access token call returned ${response.status}`, 'error');\n      return null;\n    }\n    if ('access_token' in response.data) {\n      storage.session.setBearerToken(response.data.access_token);\n      return '';\n    }\n    printMessage(\"can't get access token\", 'error');\n    return null;\n  } catch (e) {\n    printMessage('error getting access token - ', 'error');\n    return null;\n  }\n}\n\n/**\n * Get tokens\n * @param {boolean} save true to save a connection profile upon successful authentication, false otherwise\n * @returns {boolean} true if tokens were successfully obtained, false otherwise\n */\nexport async function getTokens(save = false) {\n  let credsFromParameters = true;\n  // if username/password on cli are empty, try to read from connections.json\n  if (\n    storage.session.getUsername() == null &&\n    storage.session.getPassword() == null\n  ) {\n    credsFromParameters = false;\n    const conn = await getConnectionProfile();\n    if (conn) {\n      storage.session.setTenant(conn.tenant);\n      storage.session.setUsername(conn.username);\n      storage.session.setPassword(conn.password);\n    } else {\n      return false;\n    }\n  }\n  await authenticate();\n  if (\n    storage.session.getCookieValue() &&\n    !storage.session.getBearerToken() &&\n    (storage.session.getDeploymentType() === global.CLOUD_DEPLOYMENT_TYPE_KEY ||\n      storage.session.getDeploymentType() ===\n        global.FORGEOPS_DEPLOYMENT_TYPE_KEY)\n  ) {\n    await getAccessToken();\n  }\n  if (save && storage.session.getCookieValue() && credsFromParameters) {\n    // valid cookie, which means valid username/password combo. Save it in connections.json\n    saveConnectionProfile();\n    return true;\n  }\n  if (!storage.session.getCookieValue()) {\n    return false;\n  }\n  return true;\n}\n"],"mappings":";;;;;;;AAAA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;;;;;;;;;;;AAKA,IAAMA,mBAAmB,GAAG,eAA5B;AACA,IAAMC,mBAAmB,GAAG,sCAA5B;AAEA,IAAMC,aAAa,GAAG,iBAAtB;AAEA,IAAIC,aAAa,GAAG,gBAApB;AAEA;AACA;AACA;AACA;;SACeC,a;;;AASf;AACA;AACA;AACA;AACA;;;;qCAbA,aAA+B;IAC7B,IAAI;MACF,OAAO,OAAO,IAAAC,4BAAA,GAAP,EAAwBC,IAAxB,CAA6BC,UAApC;IACD,CAFD,CAEE,OAAOC,KAAP,EAAc;MACd,IAAAC,qBAAA,uCAA2CD,KAA3C,GAAoD,OAApD;MACA,OAAO,IAAP;IACD;EACF,C;;;;AAOD,SAASE,iBAAT,CAA2BC,OAA3B,EAAoC;EAClC;EACA,IAAI,eAAeA,OAAnB,EAA4B;IAC1B,KAAK,IAAMC,OAAX,IAAsBD,OAAO,CAACE,SAA9B,EAAyC;MACvC,IAAID,OAAO,CAACE,IAAR,KAAiB,qBAArB,EAA4C;QAC1C,IAAIF,OAAO,CAACG,KAAR,CAAc,CAAd,EAAiBC,KAAjB,CAAuBC,QAAvB,CAAgC,MAAhC,CAAJ,EAA6C;UAC3C;UACAL,OAAO,CAACG,KAAR,CAAc,CAAd,EAAiBC,KAAjB,GAAyB,MAAzB;UACA,OAAO;YACLE,OAAO,EAAE,IADJ;YAELP;UAFK,CAAP;QAID;MACF;;MACD,IAAIC,OAAO,CAACE,IAAR,KAAiB,cAArB,EAAqC;QACnC,IAAIF,OAAO,CAACO,MAAR,CAAe,CAAf,EAAkBH,KAAlB,CAAwBC,QAAxB,CAAiC,MAAjC,CAAJ,EAA8C;UAC5C;UACA,IAAAR,qBAAA,EAAa,8CAAb;;UACA,IAAMW,IAAI,GAAGC,qBAAA,CAAaC,QAAb,WAAyBV,OAAO,CAACO,MAAR,CAAe,CAAf,EAAkBH,KAA3C,QAAb;;UACAJ,OAAO,CAACG,KAAR,CAAc,CAAd,EAAiBC,KAAjB,GAAyBI,IAAzB;UACA,OAAO;YACLF,OAAO,EAAE,IADJ;YAELP;UAFK,CAAP;QAID;MACF;IACF,CAxByB,CAyB1B;;;IACA,OAAO;MACLO,OAAO,EAAE,KADJ;MAELP;IAFK,CAAP;EAID,CAhCiC,CAiClC;;;EACA,OAAO;IACLO,OAAO,EAAE,KADJ;IAELP;EAFK,CAAP;AAID;AAED;AACA;AACA;AACA;;;AACA,SAASY,qBAAT,CAA+BC,cAA/B,EAA+C;EAC7C,IAAIC,uBAAA,CAAQC,OAAR,CAAgBC,QAAhB,OAA+BC,MAAM,CAACC,iBAA1C,EAA6D;IAC3DJ,uBAAA,CAAQC,OAAR,CAAgBI,QAAhB,CAAyBF,MAAM,CAACG,yBAAP,CAAiCP,cAAjC,CAAzB;EACD;AACF;AAED;AACA;AACA;AACA;;;SACeQ,uB;;;AA8Cf;AACA;AACA;AACA;AACA;;;;+CAlDA,aAAyC;IACvC,IAAMC,YAAY,GAAG,gBAArB;IACA,IAAMC,gBAAgB,GAAG,cAAzB;IAEA,IAAMC,QAAQ,GAAG,IAAAC,qBAAA,EAAgB,IAAAC,mBAAA,EAAY,EAAZ,CAAhB,CAAjB;IACA,IAAMC,SAAS,GAAG,IAAAF,qBAAA,EAChB,IAAAG,kBAAA,EAAW,QAAX,EAAqBC,MAArB,CAA4BL,QAA5B,EAAsCM,MAAtC,EADgB,CAAlB;IAGA,IAAMC,eAAe,GAAG,MAAxB;;IACA,IAAMC,WAAW,GAAGC,YAAA,CAAIC,OAAJ,CAClBpB,uBAAA,CAAQC,OAAR,CAAgBoB,SAAhB,EADkB,EAElB7C,mBAFkB,CAApB;;IAKA,IAAM8C,MAAM,GAAG;MACbC,YAAY,EAAE;IADD,CAAf;IAGA,IAAIC,YAAY,0BAAmBN,WAAnB,oBAAwCzC,aAAxC,2CAAsF+B,YAAtF,mBAA2GR,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,EAA3G,4CAA6KZ,SAA7K,oCAAgNI,eAAhN,CAAhB;IAEA,IAAIlB,cAAc,GAAGI,MAAM,CAACuB,2BAA5B;;IACA,IAAI;MACF,MAAM,IAAAC,wBAAA,EAAUH,YAAV,EAAwBF,MAAxB,CAAN;IACD,CAFD,CAEE,OAAOM,CAAP,EAAU;MACV,IAAIA,CAAC,CAACC,QAAF,IAAcD,CAAC,CAACC,QAAF,CAAWC,MAAX,KAAsB,GAAxC,EAA6C;QAC3C,IAAA9C,qBAAA,EAAa,2BAAb,EAA0C,MAA1C,EAAkD,KAAlD;QACAe,cAAc,GAAGI,MAAM,CAAC4B,yBAAxB;MACD,CAHD,MAGO;QACL,IAAI;UACFP,YAAY,0BAAmBN,WAAnB,oBAAwCzC,aAAxC,2CAAsFgC,gBAAtF,mBAA+GT,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,EAA/G,4CAAiLZ,SAAjL,oCAAoNI,eAApN,CAAZ;UACA,MAAM,IAAAU,wBAAA,EAAUH,YAAV,EAAwBF,MAAxB,CAAN;QACD,CAHD,CAGE,OAAOU,EAAP,EAAW;UACX,IAAIA,EAAE,CAACH,QAAH,CAAYC,MAAZ,KAAuB,GAA3B,EAAgC;YAC9BpD,aAAa,GAAG+B,gBAAhB;YACA,IAAAzB,qBAAA,EAAa,sBAAb,EAAqC,MAArC,EAA6C,KAA7C;YACAe,cAAc,GAAGI,MAAM,CAAC8B,4BAAxB;UACD,CAJD,MAIO;YACL,IAAAjD,qBAAA,EAAa,qBAAb,EAAoC,MAApC,EAA4C,KAA5C;UACD;QACF;MACF;;MACD,IAAAA,qBAAA,EAAa,WAAb;IACD;;IACDc,qBAAqB,CAACC,cAAD,CAArB;IACA,OAAOA,cAAP;EACD,C;;;;SAOcmC,kB;;;AAUf;AACA;AACA;AACA;;;;0CAbA,WAAkCC,WAAlC,EAA+C;IAC7C,IAAI,aAAaA,WAAjB,EAA8B;MAC5B,IAAMC,aAAa,GAAGD,WAAW,CAACE,OAAlC;MACA,IAAMC,EAAE,GAAG,8BAAX;MACA,IAAMD,OAAO,GAAGD,aAAa,CAACG,KAAd,CAAoBD,EAApB,CAAhB;MACA,OAAOD,OAAO,CAAC,CAAD,CAAd;IACD;;IACD,MAAM,IAAIG,KAAJ,CAAU,2DAAV,CAAN;EACD,C;;;;SAMcC,Y;;;AAgDf;AACA;AACA;AACA;AACA;AACA;AACA;;;;oCAtDA,aAA8B;IAC5BzC,uBAAA,CAAQC,OAAR,CAAgByC,aAAhB,OAAoC/D,aAAa,EAAjD;;IACA,IAAI;MACF,IAAM2C,MAAM,GAAG;QACbqB,OAAO,EAAE;UACP,qBAAqB3C,uBAAA,CAAQC,OAAR,CAAgB2C,WAAhB,EADd;UAEP,qBAAqB5C,uBAAA,CAAQC,OAAR,CAAgB4C,WAAhB;QAFd;MADI,CAAf;MAMA,IAAMC,SAAS,GAAG,OAAO,IAAAC,qBAAA,EAAK,EAAL,EAASzB,MAAT,CAAP,EAAyBzC,IAA3C;MACA,IAAMmE,OAAO,GAAG/D,iBAAiB,CAAC6D,SAAD,CAAjC;MACA,IAAIG,SAAS,GAAG,EAAhB;;MACA,IAAID,OAAO,CAACvD,OAAZ,EAAqB;QACnBwD,SAAS,GAAG,OAAO,IAAAF,qBAAA,EAAKC,OAAO,CAAC9D,OAAb,CAAP,EAA8BL,IAA1C;MACD,CAFD,MAEO;QACLoE,SAAS,GAAGD,OAAO,CAAC9D,OAApB;MACD;;MACD,IAAI,aAAa+D,SAAjB,EAA4B;QAC1BjD,uBAAA,CAAQC,OAAR,CAAgBiD,cAAhB,CAA+BD,SAAS,CAAC,SAAD,CAAxC;;QACA,IAAI,CAACjD,uBAAA,CAAQC,OAAR,CAAgBkD,iBAAhB,EAAL,EAA0C;UACxCnD,uBAAA,CAAQC,OAAR,CAAgBmD,iBAAhB,OAAwC7C,uBAAuB,EAA/D;QACD,CAFD,MAEO;UACLT,qBAAqB,CAACE,uBAAA,CAAQC,OAAR,CAAgBkD,iBAAhB,EAAD,CAArB;QACD;;QACD,IAAMhB,WAAW,GAAG,OAAO,IAAAkB,mCAAA,GAAP,EAA+BxE,IAAnD;QACA,IAAAG,qBAAA,yBAA6BmD,WAAW,CAACmB,WAAzC;QACA,IAAMjB,OAAO,GAAGH,kBAAkB,CAACC,WAAD,CAAlC;;QACAnC,uBAAA,CAAQC,OAAR,CAAgBsD,YAAhB,CAA6BlB,OAA7B;;QACA,OAAO,EAAP;MACD;;MACD,IAAArD,qBAAA,0BAAqC,OAArC;MACA,IAAAA,qBAAA,EAAa,0CAAb,EAAyD,OAAzD;MACA,OAAO,IAAP;IACD,CA/BD,CA+BE,OAAO4C,CAAP,EAAU;MACV,IAAIA,CAAC,CAACC,QAAF,IAAcD,CAAC,CAACC,QAAF,CAAWC,MAAX,KAAsB,GAAxC,EAA6C;QAC3C,IAAA9C,qBAAA,mCAAuC4C,CAAC,CAAC4B,OAAzC,GAAoD,OAApD;QACA,IAAAxE,qBAAA,EAAa,uCAAb,EAAsD,OAAtD;MACD;;MACD,IAAI4C,CAAC,CAAC4B,OAAF,IAAa5B,CAAC,CAAC4B,OAAF,KAAc,yBAA/B,EAA0D;QACxD,IAAAxE,qBAAA,mCAAuC4C,CAAC,CAAC4B,OAAzC,GAAoD,OAApD;QACA,IAAAxE,qBAAA,EAAa,4CAAb,EAA2D,OAA3D;MACD,CAHD,MAGO;QACL,IAAAA,qBAAA,mCAAuC4C,CAAC,CAAC4B,OAAzC,GAAoD,OAApD;MACD;;MACD,OAAO,IAAP;IACD;EACF,C;;;;SAScC,W;;;AA+Bf;AACA;AACA;AACA;;;;mCAlCA,WAA2BvC,WAA3B,EAAwCwC,aAAxC,EAAuDC,mBAAvD,EAA4E;IAC1E,IAAI;MACF,IAAMnC,YAAY,0BAAmBN,WAAnB,oBAAwCzC,aAAxC,2CAAsFC,aAAtF,mBAA4GsB,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,EAA5G,4CAA8KiC,aAA9K,oCAAqNC,mBAArN,CAAlB;MACA,IAAMrC,MAAM,GAAG;QACbqB,OAAO,EAAE;UACP,gBAAgB;QADT;MADI,CAAf;MAKA,IAAMd,QAAQ,SAAS,IAAAF,wBAAA,EAAUH,YAAV,EAAwBF,MAAxB,CAAvB;;MACA,IAAIO,QAAQ,CAACC,MAAT,GAAkB,GAAlB,IAAyBD,QAAQ,CAACC,MAAT,GAAkB,GAA/C,EAAoD;QAClD,IAAA9C,qBAAA,EAAa,yBAAb,EAAwC,OAAxC;QACA,IAAAA,qBAAA,EACE,8DADF,EAEE,OAFF;QAIA,OAAO,IAAP;MACD;;MACD,IAAM4E,mBAAmB,GAAG/B,QAAQ,CAACgC,OAAT,CAAiBC,GAAjB,CAAqBC,WAAjD;;MACA,IAAMC,WAAW,GAAG7C,YAAA,CAAI8C,KAAJ,CAAUL,mBAAV,EAA+B,IAA/B,EAAqCM,KAAzD;;MACA,IAAI,UAAUF,WAAd,EAA2B;QACzB,OAAOA,WAAW,CAACrE,IAAnB;MACD;;MACD,IAAAX,qBAAA,EAAa,qBAAb,EAAoC,OAApC;MACA,OAAO,IAAP;IACD,CAvBD,CAuBE,OAAOD,KAAP,EAAc;MACd,IAAAC,qBAAA,sCAA0CD,KAAK,CAACyE,OAAhD,GAA2D,OAA3D;MACA,IAAAxE,qBAAA,EAAaD,KAAK,CAAC8C,QAAN,CAAehD,IAA5B,EAAkC,OAAlC;MACA,OAAO,IAAP;IACD;EACF,C;;;;SAMcsF,c;;;AAgDf;AACA;AACA;AACA;AACA;;;;sCApDA,aAAgC;IAC9B,IAAI;MACF,IAAMzD,QAAQ,GAAG,IAAAC,qBAAA,EAAgB,IAAAC,mBAAA,EAAY,EAAZ,CAAhB,CAAjB;MACA,IAAMC,SAAS,GAAG,IAAAF,qBAAA,EAChB,IAAAG,kBAAA,EAAW,QAAX,EAAqBC,MAArB,CAA4BL,QAA5B,EAAsCM,MAAtC,EADgB,CAAlB;MAGA,IAAMC,eAAe,GAAG,MAAxB;;MACA,IAAMC,WAAW,GAAGC,YAAA,CAAIC,OAAJ,CAClBpB,uBAAA,CAAQC,OAAR,CAAgBoB,SAAhB,EADkB,EAElB7C,mBAFkB,CAApB;;MAIA,IAAM4F,QAAQ,SAASX,WAAW,CAACvC,WAAD,EAAcL,SAAd,EAAyBI,eAAzB,CAAlC;;MACA,IAAImD,QAAQ,IAAI,IAAhB,EAAsB;QACpB,IAAApF,qBAAA,EAAa,yBAAb,EAAwC,OAAxC;QACA,OAAO,IAAP;MACD;;MACD,IAAI6C,QAAQ,GAAG,IAAf;;MACA,IACE7B,uBAAA,CAAQC,OAAR,CAAgBkD,iBAAhB,OAAwChD,MAAM,CAAC4B,yBADjD,EAEE;QACA,IAAMT,MAAM,GAAG;UACb+C,IAAI,EAAE;YACJC,QAAQ,EAAE5F,aADN;YAEJ6F,QAAQ,EAAEhG;UAFN;QADO,CAAf;QAMA,IAAMiD,YAAY,0BAAmBN,WAAnB,iDAAqEkD,QAArE,4BAA+F1D,QAA/F,CAAlB;QACAmB,QAAQ,SAAS,IAAA2C,0BAAA,EAAYhD,YAAZ,EAA0BF,MAA1B,CAAjB;MACD,CAXD,MAWO;QACL,IAAME,aAAY,uBAAgB9C,aAAhB,2BAA8CwC,WAA9C,iDAAgGkD,QAAhG,4BAA0H1D,QAA1H,CAAlB;;QACAmB,QAAQ,SAAS,IAAA2C,0BAAA,EAAYhD,aAAZ,CAAjB;MACD;;MACD,IAAIK,QAAQ,CAACC,MAAT,GAAkB,GAAlB,IAAyBD,QAAQ,CAACC,MAAT,GAAkB,GAA/C,EAAoD;QAClD,IAAA9C,qBAAA,uCAA2C6C,QAAQ,CAACC,MAApD,GAA8D,OAA9D;QACA,OAAO,IAAP;MACD;;MACD,IAAI,kBAAkBD,QAAQ,CAAChD,IAA/B,EAAqC;QACnCmB,uBAAA,CAAQC,OAAR,CAAgBwE,cAAhB,CAA+B5C,QAAQ,CAAChD,IAAT,CAAc6F,YAA7C;;QACA,OAAO,EAAP;MACD;;MACD,IAAA1F,qBAAA,EAAa,wBAAb,EAAuC,OAAvC;MACA,OAAO,IAAP;IACD,CAzCD,CAyCE,OAAO4C,CAAP,EAAU;MACV,IAAA5C,qBAAA,EAAa,+BAAb,EAA8C,OAA9C;MACA,OAAO,IAAP;IACD;EACF,C;;;;SAOqB2F,S;;;;;iCAAf,aAAuC;IAAA,IAAdC,IAAc,uEAAP,KAAO;IAC5C,IAAIC,mBAAmB,GAAG,IAA1B,CAD4C,CAE5C;;IACA,IACE7E,uBAAA,CAAQC,OAAR,CAAgB2C,WAAhB,MAAiC,IAAjC,IACA5C,uBAAA,CAAQC,OAAR,CAAgB4C,WAAhB,MAAiC,IAFnC,EAGE;MACAgC,mBAAmB,GAAG,KAAtB;MACA,IAAMC,IAAI,SAAS,IAAAC,0CAAA,GAAnB;;MACA,IAAID,IAAJ,EAAU;QACR9E,uBAAA,CAAQC,OAAR,CAAgB+E,SAAhB,CAA0BF,IAAI,CAACG,MAA/B;;QACAjF,uBAAA,CAAQC,OAAR,CAAgBiF,WAAhB,CAA4BJ,IAAI,CAACR,QAAjC;;QACAtE,uBAAA,CAAQC,OAAR,CAAgBkF,WAAhB,CAA4BL,IAAI,CAACP,QAAjC;MACD,CAJD,MAIO;QACL,OAAO,KAAP;MACD;IACF;;IACD,MAAM9B,YAAY,EAAlB;;IACA,IACEzC,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,MACA,CAACzB,uBAAA,CAAQC,OAAR,CAAgBmF,cAAhB,EADD,KAECpF,uBAAA,CAAQC,OAAR,CAAgBkD,iBAAhB,OAAwChD,MAAM,CAAC4B,yBAA/C,IACC/B,uBAAA,CAAQC,OAAR,CAAgBkD,iBAAhB,OACEhD,MAAM,CAAC8B,4BAJX,CADF,EAME;MACA,MAAMkC,cAAc,EAApB;IACD;;IACD,IAAIS,IAAI,IAAI5E,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,EAAR,IAA4CoD,mBAAhD,EAAqE;MACnE;MACA,IAAAQ,2CAAA;MACA,OAAO,IAAP;IACD;;IACD,IAAI,CAACrF,uBAAA,CAAQC,OAAR,CAAgBwB,cAAhB,EAAL,EAAuC;MACrC,OAAO,KAAP;IACD;;IACD,OAAO,IAAP;EACD,C"}

package/cjs/ops/AuthenticateOps.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"AuthenticateOps.test.js","names":["Authenticate","state","describe","test","default","session","setTenant","process","env","FRODO_HOST","setRealm","FRODO_USER","FRODO_PASSWORD","setUsername","setPassword","getTokens","expect","getCookieName","toBeTruthy","getCookieValue","getBearerToken"],"sources":["ops/AuthenticateOps.test.ts"],"sourcesContent":["import { Authenticate, state } from '../index';\n\ndescribe('AuthenticationOps', () => {\n  test('getTokens() 1: ', async () => {\n    state.default.session.setTenant(process.env.FRODO_HOST || 'frodo-dev');\n    state.default.session.setRealm('alpha');\n    if (\n      process.env.FRODO_HOST &&\n      process.env.FRODO_USER &&\n      process.env.FRODO_PASSWORD\n    ) {\n      state.default.session.setUsername(process.env.FRODO_USER);\n      state.default.session.setPassword(process.env.FRODO_PASSWORD);\n    }\n    await Authenticate.getTokens();\n    expect(state.default.session.getCookieName()).toBeTruthy();\n    expect(state.default.session.getCookieValue()).toBeTruthy();\n    expect(state.default.session.getBearerToken()).toBeTruthy();\n  });\n});\n"],"mappings":"AAAA,SAASA,YAAT,EAAuBC,KAAvB,QAAoC,UAApC;AAEAC,QAAQ,CAAC,mBAAD,EAAsB,MAAM;EAClCC,IAAI,CAAC,iBAAD,EAAoB,YAAY;IAClCF,KAAK,CAACG,OAAN,CAAcC,OAAd,CAAsBC,SAAtB,CAAgCC,OAAO,CAACC,GAAR,CAAYC,UAAZ,IAA0B,WAA1D;IACAR,KAAK,CAACG,OAAN,CAAcC,OAAd,CAAsBK,QAAtB,CAA+B,OAA/B;;IACA,IACEH,OAAO,CAACC,GAAR,CAAYC,UAAZ,IACAF,OAAO,CAACC,GAAR,CAAYG,UADZ,IAEAJ,OAAO,CAACC,GAAR,CAAYI,cAHd,EAIE;MACAX,KAAK,CAACG,OAAN,CAAcC,OAAd,CAAsBQ,WAAtB,CAAkCN,OAAO,CAACC,GAAR,CAAYG,UAA9C;MACAV,KAAK,CAACG,OAAN,CAAcC,OAAd,CAAsBS,WAAtB,CAAkCP,OAAO,CAACC,GAAR,CAAYI,cAA9C;IACD;;IACD,MAAMZ,YAAY,CAACe,SAAb,EAAN;IACAC,MAAM,CAACf,KAAK,CAACG,OAAN,CAAcC,OAAd,CAAsBY,aAAtB,EAAD,CAAN,CAA8CC,UAA9C;IACAF,MAAM,CAACf,KAAK,CAACG,OAAN,CAAcC,OAAd,CAAsBc,cAAtB,EAAD,CAAN,CAA+CD,UAA/C;IACAF,MAAM,CAACf,KAAK,CAACG,OAAN,CAAcC,OAAd,CAAsBe,cAAtB,EAAD,CAAN,CAA+CF,UAA/C;EACD,CAfG,CAAJ;AAgBD,CAjBO,CAAR"}
+{"version":3,"file":"AuthenticateOps.test.js","names":["describe","test","state","default","session","setTenant","process","env","FRODO_HOST","setRealm","FRODO_USER","FRODO_PASSWORD","setUsername","setPassword","Authenticate","getTokens","expect","getCookieName","toBeTruthy","getCookieValue","getBearerToken"],"sources":["ops/AuthenticateOps.test.ts"],"sourcesContent":["import { Authenticate, state } from '../index';\n\ndescribe('AuthenticationOps', () => {\n  test('getTokens() 1: ', async () => {\n    state.default.session.setTenant(process.env.FRODO_HOST || 'frodo-dev');\n    state.default.session.setRealm('alpha');\n    if (\n      process.env.FRODO_HOST &&\n      process.env.FRODO_USER &&\n      process.env.FRODO_PASSWORD\n    ) {\n      state.default.session.setUsername(process.env.FRODO_USER);\n      state.default.session.setPassword(process.env.FRODO_PASSWORD);\n    }\n    await Authenticate.getTokens();\n    expect(state.default.session.getCookieName()).toBeTruthy();\n    expect(state.default.session.getCookieValue()).toBeTruthy();\n    expect(state.default.session.getBearerToken()).toBeTruthy();\n  });\n});\n"],"mappings":";;AAAA;;;;;;AAEAA,QAAQ,CAAC,mBAAD,EAAsB,MAAM;EAClCC,IAAI,CAAC,iBAAD,iCAAoB,aAAY;IAClCC,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBC,SAAtB,CAAgCC,OAAO,CAACC,GAAR,CAAYC,UAAZ,IAA0B,WAA1D;;IACAN,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBK,QAAtB,CAA+B,OAA/B;;IACA,IACEH,OAAO,CAACC,GAAR,CAAYC,UAAZ,IACAF,OAAO,CAACC,GAAR,CAAYG,UADZ,IAEAJ,OAAO,CAACC,GAAR,CAAYI,cAHd,EAIE;MACAT,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBQ,WAAtB,CAAkCN,OAAO,CAACC,GAAR,CAAYG,UAA9C;;MACAR,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBS,WAAtB,CAAkCP,OAAO,CAACC,GAAR,CAAYI,cAA9C;IACD;;IACD,MAAMG,mBAAA,CAAaC,SAAb,EAAN;IACAC,MAAM,CAACd,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBa,aAAtB,EAAD,CAAN,CAA8CC,UAA9C;IACAF,MAAM,CAACd,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBe,cAAtB,EAAD,CAAN,CAA+CD,UAA/C;IACAF,MAAM,CAACd,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBgB,cAAtB,EAAD,CAAN,CAA+CF,UAA/C;EACD,CAfG,EAAJ;AAgBD,CAjBO,CAAR"}