@rockcarver/frodo-lib 1.0.0 → 2.0.0-2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (415) hide show
  1. package/CHANGELOG.md +6 -6
  2. package/cjs/api/AgentApi.js +91 -37
  3. package/cjs/api/AgentApi.js.map +1 -1
  4. package/cjs/api/AgentApi.test.js.map +1 -1
  5. package/cjs/api/ApiTypes.js.map +1 -1
  6. package/cjs/api/AuthenticateApi.js +18 -11
  7. package/cjs/api/AuthenticateApi.js.map +1 -1
  8. package/cjs/api/AuthenticateApi.test.js.map +1 -1
  9. package/cjs/api/BaseApi.js +50 -26
  10. package/cjs/api/BaseApi.js.map +1 -1
  11. package/cjs/api/CirclesOfTrustApi.js +47 -23
  12. package/cjs/api/CirclesOfTrustApi.js.map +1 -1
  13. package/cjs/api/IdmConfigApi.js +54 -21
  14. package/cjs/api/IdmConfigApi.js.map +1 -1
  15. package/cjs/api/IdmSystemApi.js +9 -6
  16. package/cjs/api/IdmSystemApi.js.map +1 -1
  17. package/cjs/api/ManagedObjectApi.js +49 -27
  18. package/cjs/api/ManagedObjectApi.js.map +1 -1
  19. package/cjs/api/NodeApi.js +71 -32
  20. package/cjs/api/NodeApi.js.map +1 -1
  21. package/cjs/api/NodeApi.test.js.map +1 -1
  22. package/cjs/api/OAuth2ClientApi.js +43 -20
  23. package/cjs/api/OAuth2ClientApi.js.map +1 -1
  24. package/cjs/api/OAuth2OIDCApi.js +74 -27
  25. package/cjs/api/OAuth2OIDCApi.js.map +1 -1
  26. package/cjs/api/OAuth2OIDCApi.test.js.map +1 -1
  27. package/cjs/api/OAuth2ProviderApi.js +10 -9
  28. package/cjs/api/OAuth2ProviderApi.js.map +1 -1
  29. package/cjs/api/PoliciesApi.js +54 -22
  30. package/cjs/api/PoliciesApi.js.map +1 -1
  31. package/cjs/api/PoliciesApi.test.js.map +1 -1
  32. package/cjs/api/PolicySetApi.js +54 -23
  33. package/cjs/api/PolicySetApi.js.map +1 -1
  34. package/cjs/api/PolicySetApi.test.js.map +1 -1
  35. package/cjs/api/RealmApi.js +73 -29
  36. package/cjs/api/RealmApi.js.map +1 -1
  37. package/cjs/api/ResourceTypesApi.js +67 -28
  38. package/cjs/api/ResourceTypesApi.js.map +1 -1
  39. package/cjs/api/ResourceTypesApi.test.js.map +1 -1
  40. package/cjs/api/Saml2Api.js +90 -122
  41. package/cjs/api/Saml2Api.js.map +1 -1
  42. package/cjs/api/ScriptApi.js +54 -23
  43. package/cjs/api/ScriptApi.js.map +1 -1
  44. package/cjs/api/ServerInfoApi.js +23 -10
  45. package/cjs/api/ServerInfoApi.js.map +1 -1
  46. package/cjs/api/ServiceApi.js +91 -42
  47. package/cjs/api/ServiceApi.js.map +1 -1
  48. package/cjs/api/SocialIdentityProvidersApi.js +70 -31
  49. package/cjs/api/SocialIdentityProvidersApi.js.map +1 -1
  50. package/cjs/api/TreeApi.js +43 -20
  51. package/cjs/api/TreeApi.js.map +1 -1
  52. package/cjs/api/TreeApi.test.js.map +1 -1
  53. package/cjs/api/cloud/EnvInfoApi.js +10 -6
  54. package/cjs/api/cloud/EnvInfoApi.js.map +1 -1
  55. package/cjs/api/cloud/FeatureApi.js +9 -6
  56. package/cjs/api/cloud/FeatureApi.js.map +1 -1
  57. package/cjs/api/cloud/LogApi.js +48 -18
  58. package/cjs/api/cloud/LogApi.js.map +1 -1
  59. package/cjs/api/cloud/SecretsApi.js +109 -35
  60. package/cjs/api/cloud/SecretsApi.js.map +1 -1
  61. package/cjs/api/cloud/SecretsApi.test.js.map +1 -1
  62. package/cjs/api/cloud/StartupApi.js +21 -10
  63. package/cjs/api/cloud/StartupApi.js.map +1 -1
  64. package/cjs/api/cloud/StartupApi.test.js.map +1 -1
  65. package/cjs/api/cloud/VariablesApi.js +52 -20
  66. package/cjs/api/cloud/VariablesApi.js.map +1 -1
  67. package/cjs/api/cloud/VariablesApi.test.js.map +1 -1
  68. package/cjs/api/utils/ApiUtils.js +2 -5
  69. package/cjs/api/utils/ApiUtils.js.map +1 -1
  70. package/cjs/api/utils/ApiUtils.test.js.map +1 -1
  71. package/cjs/index.js +13 -112
  72. package/cjs/index.js.map +1 -1
  73. package/cjs/lib/FrodoLib.js +142 -0
  74. package/cjs/lib/FrodoLib.js.map +1 -0
  75. package/cjs/ops/AdminOps.js +578 -90
  76. package/cjs/ops/AdminOps.js.map +1 -1
  77. package/cjs/ops/AgentOps.js +964 -118
  78. package/cjs/ops/AgentOps.js.map +1 -1
  79. package/cjs/ops/AgentOps.test.js.map +1 -1
  80. package/cjs/ops/AuthenticateOps.js +182 -87
  81. package/cjs/ops/AuthenticateOps.js.map +1 -1
  82. package/cjs/ops/AuthenticateOps.test.js.map +1 -1
  83. package/cjs/ops/CirclesOfTrustOps.js +360 -291
  84. package/cjs/ops/CirclesOfTrustOps.js.map +1 -1
  85. package/cjs/ops/ConnectionProfileOps.js +221 -139
  86. package/cjs/ops/ConnectionProfileOps.js.map +1 -1
  87. package/cjs/ops/ConnectionProfileOps.test.js.map +1 -1
  88. package/cjs/ops/EmailTemplateOps.js +84 -10
  89. package/cjs/ops/EmailTemplateOps.js.map +1 -1
  90. package/cjs/ops/EmailTemplateOps.test.js.map +1 -1
  91. package/cjs/ops/IdmOps.js +97 -81
  92. package/cjs/ops/IdmOps.js.map +1 -1
  93. package/cjs/ops/IdmOps.test.js.map +1 -1
  94. package/cjs/ops/IdpOps.js +275 -42
  95. package/cjs/ops/IdpOps.js.map +1 -1
  96. package/cjs/ops/IdpOps.test.js.map +1 -1
  97. package/cjs/ops/InfoOps.js +42 -27
  98. package/cjs/ops/InfoOps.js.map +1 -1
  99. package/cjs/ops/JoseOps.test.js.map +1 -1
  100. package/cjs/ops/JourneyOps.js +721 -126
  101. package/cjs/ops/JourneyOps.js.map +1 -1
  102. package/cjs/ops/JourneyOps.test.js.map +1 -1
  103. package/cjs/ops/ManagedObjectOps.js +79 -12
  104. package/cjs/ops/ManagedObjectOps.js.map +1 -1
  105. package/cjs/ops/NodeOps.js +127 -100
  106. package/cjs/ops/NodeOps.js.map +1 -1
  107. package/cjs/ops/OAuth2ClientOps.js +323 -65
  108. package/cjs/ops/OAuth2ClientOps.js.map +1 -1
  109. package/cjs/ops/OAuth2ClientOps.test.js.map +1 -1
  110. package/cjs/ops/OAuth2OidcOps.js +84 -0
  111. package/cjs/ops/OAuth2OidcOps.js.map +1 -0
  112. package/cjs/ops/OAuth2ProviderOps.js +20 -13
  113. package/cjs/ops/OAuth2ProviderOps.js.map +1 -1
  114. package/cjs/ops/OpsTypes.js.map +1 -1
  115. package/cjs/ops/OrganizationOps.js +67 -12
  116. package/cjs/ops/OrganizationOps.js.map +1 -1
  117. package/cjs/ops/PolicyOps.js +476 -136
  118. package/cjs/ops/PolicyOps.js.map +1 -1
  119. package/cjs/ops/PolicyOps.test.js.map +1 -1
  120. package/cjs/ops/PolicySetOps.js +402 -132
  121. package/cjs/ops/PolicySetOps.js.map +1 -1
  122. package/cjs/ops/PolicySetOps.test.js.map +1 -1
  123. package/cjs/ops/RealmOps.js +119 -84
  124. package/cjs/ops/RealmOps.js.map +1 -1
  125. package/cjs/ops/ResourceTypeOps.js +364 -95
  126. package/cjs/ops/ResourceTypeOps.js.map +1 -1
  127. package/cjs/ops/ResourceTypeOps.test.js.map +1 -1
  128. package/cjs/ops/Saml2Ops.js +407 -145
  129. package/cjs/ops/Saml2Ops.js.map +1 -1
  130. package/cjs/ops/Saml2Ops.test.js.map +1 -1
  131. package/cjs/ops/ScriptOps.js +256 -79
  132. package/cjs/ops/ScriptOps.js.map +1 -1
  133. package/cjs/ops/ScriptOps.test.js.map +1 -1
  134. package/cjs/ops/ServiceOps.js +331 -55
  135. package/cjs/ops/ServiceOps.js.map +1 -1
  136. package/cjs/ops/ThemeOps.js +363 -54
  137. package/cjs/ops/ThemeOps.js.map +1 -1
  138. package/cjs/ops/ThemeOps.test.js.map +1 -1
  139. package/cjs/ops/cloud/FeatureOps.js +57 -12
  140. package/cjs/ops/cloud/FeatureOps.js.map +1 -1
  141. package/cjs/ops/cloud/LogOps.js +126 -6
  142. package/cjs/ops/cloud/LogOps.js.map +1 -1
  143. package/cjs/ops/cloud/SecretsOps.js +230 -289
  144. package/cjs/ops/cloud/SecretsOps.js.map +1 -1
  145. package/cjs/ops/cloud/ServiceAccountOps.js +101 -18
  146. package/cjs/ops/cloud/ServiceAccountOps.js.map +1 -1
  147. package/cjs/ops/cloud/ServiceAccountOps.test.js.map +1 -1
  148. package/cjs/ops/cloud/StartupOps.js +64 -9
  149. package/cjs/ops/cloud/StartupOps.js.map +1 -1
  150. package/cjs/ops/cloud/VariablesOps.js +100 -175
  151. package/cjs/ops/cloud/VariablesOps.js.map +1 -1
  152. package/cjs/ops/utils/Console.js +9 -10
  153. package/cjs/ops/utils/Console.js.map +1 -1
  154. package/cjs/ops/utils/DataProtection.js +2 -2
  155. package/cjs/ops/utils/DataProtection.js.map +1 -1
  156. package/cjs/ops/utils/ExportImportUtils.js +144 -13
  157. package/cjs/ops/utils/ExportImportUtils.js.map +1 -1
  158. package/cjs/ops/utils/ExportImportUtils.test.js.map +1 -1
  159. package/cjs/ops/utils/OpsUtils.js +7 -5
  160. package/cjs/ops/utils/OpsUtils.js.map +1 -1
  161. package/cjs/ops/utils/OpsUtils.test.js.map +1 -1
  162. package/cjs/ops/utils/{ValidationUtils.js → ScriptValidationUtils.js} +1 -1
  163. package/cjs/ops/utils/ScriptValidationUtils.js.map +1 -0
  164. package/cjs/ops/utils/ScriptValidationUtils.test.js.map +1 -0
  165. package/cjs/ops/utils/Version.js +36 -6
  166. package/cjs/ops/utils/Version.js.map +1 -1
  167. package/cjs/ops/utils/Version.test.js.map +1 -1
  168. package/cjs/shared/State.js +453 -210
  169. package/cjs/shared/State.js.map +1 -1
  170. package/cjs/shared/State.test.js.map +1 -1
  171. package/cjs/utils/AutoSetupPolly.js +4 -1
  172. package/cjs/utils/AutoSetupPolly.js.map +1 -1
  173. package/esm/api/AgentApi.mjs +75 -27
  174. package/esm/api/AgentApi.test.mjs +319 -71
  175. package/esm/api/AuthenticateApi.mjs +15 -4
  176. package/esm/api/AuthenticateApi.test.mjs +27 -8
  177. package/esm/api/BaseApi.mjs +43 -19
  178. package/esm/api/CirclesOfTrustApi.mjs +39 -17
  179. package/esm/api/IdmConfigApi.mjs +44 -13
  180. package/esm/api/IdmSystemApi.mjs +7 -3
  181. package/esm/api/ManagedObjectApi.mjs +44 -20
  182. package/esm/api/NodeApi.mjs +59 -24
  183. package/esm/api/NodeApi.test.mjs +158 -40
  184. package/esm/api/OAuth2ClientApi.mjs +36 -15
  185. package/esm/api/OAuth2OIDCApi.mjs +69 -20
  186. package/esm/api/OAuth2OIDCApi.test.mjs +21 -3
  187. package/esm/api/OAuth2ProviderApi.mjs +8 -6
  188. package/esm/api/PoliciesApi.mjs +45 -16
  189. package/esm/api/PoliciesApi.test.mjs +63 -15
  190. package/esm/api/PolicySetApi.mjs +44 -16
  191. package/esm/api/PolicySetApi.test.mjs +48 -12
  192. package/esm/api/RealmApi.mjs +65 -24
  193. package/esm/api/ResourceTypesApi.mjs +56 -21
  194. package/esm/api/ResourceTypesApi.test.mjs +58 -14
  195. package/esm/api/Saml2Api.mjs +75 -89
  196. package/esm/api/ScriptApi.mjs +45 -17
  197. package/esm/api/ServerInfoApi.mjs +19 -6
  198. package/esm/api/ServiceApi.mjs +77 -26
  199. package/esm/api/SocialIdentityProvidersApi.mjs +58 -23
  200. package/esm/api/TreeApi.mjs +36 -15
  201. package/esm/api/TreeApi.test.mjs +129 -34
  202. package/esm/api/cloud/EnvInfoApi.mjs +8 -3
  203. package/esm/api/cloud/FeatureApi.mjs +7 -3
  204. package/esm/api/cloud/LogApi.mjs +38 -11
  205. package/esm/api/cloud/SecretsApi.mjs +89 -21
  206. package/esm/api/cloud/SecretsApi.test.mjs +193 -50
  207. package/esm/api/cloud/StartupApi.mjs +17 -6
  208. package/esm/api/cloud/StartupApi.test.mjs +28 -11
  209. package/esm/api/cloud/VariablesApi.mjs +43 -14
  210. package/esm/api/cloud/VariablesApi.test.mjs +124 -33
  211. package/esm/api/utils/ApiUtils.mjs +2 -4
  212. package/esm/api/utils/ApiUtils.test.mjs +14 -6
  213. package/esm/index.mjs +1 -60
  214. package/esm/lib/FrodoLib.mjs +128 -0
  215. package/esm/ops/AdminOps.mjs +500 -71
  216. package/esm/ops/AgentOps.mjs +781 -81
  217. package/esm/ops/AgentOps.test.mjs +296 -113
  218. package/esm/ops/AuthenticateOps.mjs +156 -64
  219. package/esm/ops/AuthenticateOps.test.mjs +7 -4
  220. package/esm/ops/CirclesOfTrustOps.mjs +294 -229
  221. package/esm/ops/ConnectionProfileOps.mjs +190 -123
  222. package/esm/ops/ConnectionProfileOps.test.mjs +25 -5
  223. package/esm/ops/EmailTemplateOps.mjs +66 -6
  224. package/esm/ops/EmailTemplateOps.test.mjs +32 -11
  225. package/esm/ops/IdmOps.mjs +60 -47
  226. package/esm/ops/IdmOps.test.mjs +54 -18
  227. package/esm/ops/IdpOps.mjs +227 -31
  228. package/esm/ops/IdpOps.test.mjs +57 -20
  229. package/esm/ops/InfoOps.mjs +36 -23
  230. package/esm/ops/JoseOps.test.mjs +8 -0
  231. package/esm/ops/JourneyOps.mjs +634 -96
  232. package/esm/ops/JourneyOps.test.mjs +73 -31
  233. package/esm/ops/ManagedObjectOps.mjs +66 -10
  234. package/esm/ops/NodeOps.mjs +108 -85
  235. package/esm/ops/OAuth2ClientOps.mjs +258 -42
  236. package/esm/ops/OAuth2ClientOps.test.mjs +80 -29
  237. package/esm/ops/OAuth2OidcOps.mjs +40 -0
  238. package/esm/ops/OAuth2ProviderOps.mjs +11 -8
  239. package/esm/ops/OrganizationOps.mjs +56 -8
  240. package/esm/ops/PolicyOps.mjs +379 -93
  241. package/esm/ops/PolicyOps.test.mjs +180 -65
  242. package/esm/ops/PolicySetOps.mjs +311 -88
  243. package/esm/ops/PolicySetOps.test.mjs +108 -39
  244. package/esm/ops/RealmOps.mjs +85 -65
  245. package/esm/ops/ResourceTypeOps.mjs +278 -61
  246. package/esm/ops/ResourceTypeOps.test.mjs +113 -27
  247. package/esm/ops/Saml2Ops.mjs +346 -106
  248. package/esm/ops/Saml2Ops.test.mjs +117 -81
  249. package/esm/ops/ScriptOps.mjs +202 -56
  250. package/esm/ops/ScriptOps.test.mjs +64 -23
  251. package/esm/ops/ServiceOps.mjs +261 -27
  252. package/esm/ops/ThemeOps.mjs +300 -33
  253. package/esm/ops/ThemeOps.test.mjs +197 -47
  254. package/esm/ops/cloud/FeatureOps.mjs +45 -10
  255. package/esm/ops/cloud/LogOps.mjs +107 -4
  256. package/esm/ops/cloud/SecretsOps.mjs +123 -204
  257. package/esm/ops/cloud/ServiceAccountOps.mjs +85 -15
  258. package/esm/ops/cloud/ServiceAccountOps.test.mjs +16 -6
  259. package/esm/ops/cloud/StartupOps.mjs +49 -6
  260. package/esm/ops/cloud/VariablesOps.mjs +58 -120
  261. package/esm/ops/utils/Console.mjs +2 -1
  262. package/esm/ops/utils/DataProtection.mjs +2 -3
  263. package/esm/ops/utils/ExportImportUtils.mjs +129 -8
  264. package/esm/ops/utils/ExportImportUtils.test.mjs +15 -2
  265. package/esm/ops/utils/OpsUtils.mjs +4 -3
  266. package/esm/ops/utils/OpsUtils.test.mjs +21 -5
  267. package/esm/ops/utils/{ValidationUtils.mjs → ScriptValidationUtils.mjs} +1 -1
  268. package/esm/ops/utils/{ValidationUtils.test.mjs → ScriptValidationUtils.test.mjs} +2 -2
  269. package/esm/ops/utils/Version.mjs +29 -6
  270. package/esm/ops/utils/Version.test.mjs +4 -1
  271. package/esm/shared/State.mjs +457 -145
  272. package/esm/shared/State.test.mjs +8 -0
  273. package/esm/utils/AutoSetupPolly.mjs +4 -1
  274. package/package.json +1 -1
  275. package/types/api/AgentApi.d.ts +37 -8
  276. package/types/api/AgentApi.d.ts.map +1 -1
  277. package/types/api/ApiTypes.d.ts +20 -8
  278. package/types/api/ApiTypes.d.ts.map +1 -1
  279. package/types/api/AuthenticateApi.d.ts +13 -3
  280. package/types/api/AuthenticateApi.d.ts.map +1 -1
  281. package/types/api/BaseApi.d.ts +36 -7
  282. package/types/api/BaseApi.d.ts.map +1 -1
  283. package/types/api/CirclesOfTrustApi.d.ts +21 -7
  284. package/types/api/CirclesOfTrustApi.d.ts.map +1 -1
  285. package/types/api/IdmConfigApi.d.ts +28 -13
  286. package/types/api/IdmConfigApi.d.ts.map +1 -1
  287. package/types/api/IdmSystemApi.d.ts +4 -1
  288. package/types/api/IdmSystemApi.d.ts.map +1 -1
  289. package/types/api/ManagedObjectApi.d.ts +25 -10
  290. package/types/api/ManagedObjectApi.d.ts.map +1 -1
  291. package/types/api/NodeApi.d.ts +31 -9
  292. package/types/api/NodeApi.d.ts.map +1 -1
  293. package/types/api/OAuth2ClientApi.d.ts +18 -5
  294. package/types/api/OAuth2ClientApi.d.ts.map +1 -1
  295. package/types/api/OAuth2OIDCApi.d.ts +45 -11
  296. package/types/api/OAuth2OIDCApi.d.ts.map +1 -1
  297. package/types/api/OAuth2ProviderApi.d.ts +4 -1
  298. package/types/api/OAuth2ProviderApi.d.ts.map +1 -1
  299. package/types/api/PoliciesApi.d.ts +21 -5
  300. package/types/api/PoliciesApi.d.ts.map +1 -1
  301. package/types/api/PolicySetApi.d.ts +20 -5
  302. package/types/api/PolicySetApi.d.ts.map +1 -1
  303. package/types/api/RealmApi.d.ts +26 -10
  304. package/types/api/RealmApi.d.ts.map +1 -1
  305. package/types/api/ResourceTypesApi.d.ts +27 -8
  306. package/types/api/ResourceTypesApi.d.ts.map +1 -1
  307. package/types/api/Saml2Api.d.ts +39 -32
  308. package/types/api/Saml2Api.d.ts.map +1 -1
  309. package/types/api/ScriptApi.d.ts +21 -5
  310. package/types/api/ScriptApi.d.ts.map +1 -1
  311. package/types/api/ServerInfoApi.d.ts +9 -2
  312. package/types/api/ServerInfoApi.d.ts.map +1 -1
  313. package/types/api/ServiceApi.d.ts +41 -7
  314. package/types/api/ServiceApi.d.ts.map +1 -1
  315. package/types/api/SocialIdentityProvidersApi.d.ts +30 -8
  316. package/types/api/SocialIdentityProvidersApi.d.ts.map +1 -1
  317. package/types/api/TreeApi.d.ts +18 -4
  318. package/types/api/TreeApi.d.ts.map +1 -1
  319. package/types/api/cloud/EnvInfoApi.d.ts +4 -1
  320. package/types/api/cloud/EnvInfoApi.d.ts.map +1 -1
  321. package/types/api/cloud/FeatureApi.d.ts +4 -1
  322. package/types/api/cloud/FeatureApi.d.ts.map +1 -1
  323. package/types/api/cloud/LogApi.d.ts +24 -6
  324. package/types/api/cloud/LogApi.d.ts.map +1 -1
  325. package/types/api/cloud/SecretsApi.d.ts +50 -10
  326. package/types/api/cloud/SecretsApi.d.ts.map +1 -1
  327. package/types/api/cloud/StartupApi.d.ts +7 -2
  328. package/types/api/cloud/StartupApi.d.ts.map +1 -1
  329. package/types/api/cloud/VariablesApi.d.ts +23 -5
  330. package/types/api/cloud/VariablesApi.d.ts.map +1 -1
  331. package/types/api/utils/ApiUtils.d.ts +3 -2
  332. package/types/api/utils/ApiUtils.d.ts.map +1 -1
  333. package/types/index.d.ts +1 -48
  334. package/types/index.d.ts.map +1 -1
  335. package/types/lib/FrodoLib.d.ts +99 -0
  336. package/types/lib/FrodoLib.d.ts.map +1 -0
  337. package/types/ops/AdminOps.d.ts +71 -12
  338. package/types/ops/AdminOps.d.ts.map +1 -1
  339. package/types/ops/AgentOps.d.ts +350 -36
  340. package/types/ops/AgentOps.d.ts.map +1 -1
  341. package/types/ops/AuthenticateOps.d.ts +27 -4
  342. package/types/ops/AuthenticateOps.d.ts.map +1 -1
  343. package/types/ops/CirclesOfTrustOps.d.ts +88 -24
  344. package/types/ops/CirclesOfTrustOps.d.ts.map +1 -1
  345. package/types/ops/ConnectionProfileOps.d.ts +78 -18
  346. package/types/ops/ConnectionProfileOps.d.ts.map +1 -1
  347. package/types/ops/EmailTemplateOps.d.ts +36 -3
  348. package/types/ops/EmailTemplateOps.d.ts.map +1 -1
  349. package/types/ops/IdmOps.d.ts +28 -40
  350. package/types/ops/IdmOps.d.ts.map +1 -1
  351. package/types/ops/IdpOps.d.ts +88 -10
  352. package/types/ops/IdpOps.d.ts.map +1 -1
  353. package/types/ops/InfoOps.d.ts +12 -1
  354. package/types/ops/InfoOps.d.ts.map +1 -1
  355. package/types/ops/JourneyOps.d.ts +237 -34
  356. package/types/ops/JourneyOps.d.ts.map +1 -1
  357. package/types/ops/ManagedObjectOps.d.ts +37 -8
  358. package/types/ops/ManagedObjectOps.d.ts.map +1 -1
  359. package/types/ops/NodeOps.d.ts +61 -6
  360. package/types/ops/NodeOps.d.ts.map +1 -1
  361. package/types/ops/OAuth2ClientOps.d.ts +104 -10
  362. package/types/ops/OAuth2ClientOps.d.ts.map +1 -1
  363. package/types/ops/OAuth2OidcOps.d.ts +11 -0
  364. package/types/ops/OAuth2OidcOps.d.ts.map +1 -0
  365. package/types/ops/OAuth2ProviderOps.d.ts +8 -5
  366. package/types/ops/OAuth2ProviderOps.d.ts.map +1 -1
  367. package/types/ops/OpsTypes.d.ts +12 -1
  368. package/types/ops/OpsTypes.d.ts.map +1 -1
  369. package/types/ops/OrganizationOps.d.ts +24 -3
  370. package/types/ops/OrganizationOps.d.ts.map +1 -1
  371. package/types/ops/PolicyOps.d.ts +103 -28
  372. package/types/ops/PolicyOps.d.ts.map +1 -1
  373. package/types/ops/PolicySetOps.d.ts +76 -30
  374. package/types/ops/PolicySetOps.d.ts.map +1 -1
  375. package/types/ops/RealmOps.d.ts +34 -14
  376. package/types/ops/RealmOps.d.ts.map +1 -1
  377. package/types/ops/ResourceTypeOps.d.ts +116 -29
  378. package/types/ops/ResourceTypeOps.d.ts.map +1 -1
  379. package/types/ops/Saml2Ops.d.ts +124 -41
  380. package/types/ops/Saml2Ops.d.ts.map +1 -1
  381. package/types/ops/ScriptOps.d.ts +88 -23
  382. package/types/ops/ScriptOps.d.ts.map +1 -1
  383. package/types/ops/ServiceOps.d.ts +95 -8
  384. package/types/ops/ServiceOps.d.ts.map +1 -1
  385. package/types/ops/ThemeOps.d.ts +113 -9
  386. package/types/ops/ThemeOps.d.ts.map +1 -1
  387. package/types/ops/cloud/FeatureOps.d.ts +23 -2
  388. package/types/ops/cloud/FeatureOps.d.ts.map +1 -1
  389. package/types/ops/cloud/LogOps.d.ts +61 -3
  390. package/types/ops/cloud/LogOps.d.ts.map +1 -1
  391. package/types/ops/cloud/SecretsOps.d.ts +77 -63
  392. package/types/ops/cloud/SecretsOps.d.ts.map +1 -1
  393. package/types/ops/cloud/ServiceAccountOps.d.ts +48 -3
  394. package/types/ops/cloud/ServiceAccountOps.d.ts.map +1 -1
  395. package/types/ops/cloud/StartupOps.d.ts +25 -2
  396. package/types/ops/cloud/StartupOps.d.ts.map +1 -1
  397. package/types/ops/cloud/VariablesOps.d.ts +39 -39
  398. package/types/ops/cloud/VariablesOps.d.ts.map +1 -1
  399. package/types/ops/utils/Console.d.ts.map +1 -1
  400. package/types/ops/utils/DataProtection.d.ts +1 -1
  401. package/types/ops/utils/DataProtection.d.ts.map +1 -1
  402. package/types/ops/utils/ExportImportUtils.d.ts +72 -11
  403. package/types/ops/utils/ExportImportUtils.d.ts.map +1 -1
  404. package/types/ops/utils/OpsUtils.d.ts +4 -1
  405. package/types/ops/utils/OpsUtils.d.ts.map +1 -1
  406. package/types/ops/utils/ScriptValidationUtils.d.ts.map +1 -0
  407. package/types/ops/utils/Version.d.ts +20 -2
  408. package/types/ops/utils/Version.d.ts.map +1 -1
  409. package/types/shared/State.d.ts +80 -177
  410. package/types/shared/State.d.ts.map +1 -1
  411. package/types/utils/AutoSetupPolly.d.ts.map +1 -1
  412. package/cjs/ops/utils/ValidationUtils.js.map +0 -1
  413. package/cjs/ops/utils/ValidationUtils.test.js.map +0 -1
  414. package/types/ops/utils/ValidationUtils.d.ts.map +0 -1
  415. /package/types/ops/utils/{ValidationUtils.d.ts → ScriptValidationUtils.d.ts} +0 -0
package/cjs/ops/OAuth2ClientOps.test.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"OAuth2ClientOps.test.js","names":["_index","require","_AutoSetupPolly","_OpsUtils","asyncGeneratorStep","gen","resolve","reject","_next","_throw","key","arg","info","value","error","done","Promise","then","_asyncToGenerator","fn","self","args","arguments","apply","err","undefined","autoSetupPolly","stageOAuth2Client","_x","_stageOAuth2Client","client","create","length","OAuth2Client","getOAuth2Client","id","deleteOAuth2Client","putOAuth2Client","data","applyOAuth2ClientImportTemplate","template","ids","configured","cloneDeep","Object","keys","application","clientData","console","log","concat","dir","describe","rawClientTemplate","overrideOAuth2ClientConfig","issueRefreshToken","validateScopePluginType","tokenEncryptionEnabled","evaluateScopePluginType","oidcMayActScript","oidcClaimsScript","scopesPolicySet","accessTokenModificationPluginType","authorizeEndpointDataProviderClass","oidcClaimsPluginType","providerOverridesEnabled","authorizeEndpointDataProviderScript","statelessTokensEnabled","authorizeEndpointDataProviderPluginType","remoteConsentServiceId","enableRemoteConsent","validateScopeClass","usePolicyEngineForScope","evaluateScopeClass","overrideableOIDCClaims","accessTokenMayActScript","evaluateScopeScript","clientsCanSkipConsent","accessTokenModificationScript","issueRefreshTokenOnRefreshedToken","validateScopeScript","advancedOAuth2ClientConfig","logoUri","inherited","subjectType","clientUri","tokenExchangeAuthLevel","responseTypes","mixUpMitigation","customProperties","javascriptOrigins","policyUri","softwareVersion","tosURI","sectorIdentifierUri","tokenEndpointAuthMethod","refreshTokenGracePeriod","isConsentImplied","softwareIdentity","grantTypes","require_pushed_authorization_requests","descriptions","requestUris","name","contacts","updateAccessToken","signEncOAuth2ClientConfig","tokenEndpointAuthSigningAlgorithm","idTokenEncryptionEnabled","tokenIntrospectionEncryptedResponseEncryptionAlgorithm","requestParameterSignedAlg","authorizationResponseSigningAlgorithm","clientJwtPublicKey","idTokenPublicEncryptionKey","mTLSSubjectDN","jwkStoreCacheMissCacheTime","jwkSet","idTokenEncryptionMethod","jwksUri","tokenIntrospectionEncryptedResponseAlg","authorizationResponseEncryptionMethod","userinfoResponseFormat","mTLSCertificateBoundAccessTokens","publicKeyLocation","tokenIntrospectionResponseFormat","requestParameterEncryptedEncryptionAlgorithm","userinfoSignedResponseAlg","idTokenEncryptionAlgorithm","requestParameterEncryptedAlg","authorizationResponseEncryptionAlgorithm","mTLSTrustedCert","jwksCacheTimeout","userinfoEncryptedResponseAlg","idTokenSignedResponseAlg","tokenIntrospectionSignedResponseAlg","userinfoEncryptedResponseEncryptionAlgorithm","coreOpenIDClientConfig","claims","backchannel_logout_uri","defaultAcrValues","jwtTokenLifetime","defaultMaxAgeEnabled","clientSessionUri","defaultMaxAge","postLogoutRedirectUri","backchannel_logout_session_required","coreOAuth2ClientConfig","status","clientName","clientType","loopbackInterfaceRedirection","defaultScopes","refreshTokenLifetime","scopes","accessTokenLifetime","redirectionUris","authorizationCodeLifetime","coreUmaClientConfig","claimsRedirectionUris","depsClientImportTemplate","meta","origin","originAmVersion","exportedBy","exportDate","exportTool","exportToolVersion","script","_id","description","default","language","context","createdBy","creationDate","lastModifiedBy","lastModifiedDate","FrodoTestOAuth2Client1","userpassword","_type","collection","_provider","_rev","advancedOIDCConfig","supportedRequestParameterEncryptionEnc","authorisedOpenIdConnectSSOClients","supportedUserInfoEncryptionAlgorithms","supportedAuthorizationResponseEncryptionEnc","supportedTokenIntrospectionResponseEncryptionAlgorithms","useForceAuthnForPromptLogin","alwaysAddClaimsToToken","supportedTokenIntrospectionResponseSigningAlgorithms","supportedTokenEndpointAuthenticationSigningAlgorithms","supportedRequestParameterSigningAlgorithms","includeAllKtyAlgCombinationsInJwksUri","amrMappings","loaMapping","authorisedIdmDelegationClients","idTokenInfoClientAuthenticationEnabled","storeOpsTokens","supportedUserInfoSigningAlgorithms","supportedAuthorizationResponseSigningAlgorithms","supportedUserInfoEncryptionEnc","claimsParameterSupported","supportedTokenIntrospectionResponseEncryptionEnc","supportedAuthorizationResponseEncryptionAlgorithms","supportedRequestParameterEncryptionAlgorithms","defaultACR","advancedOAuth2Config","passwordGrantAuthService","tokenCompressionEnabled","requirePushedAuthorizationRequests","tlsCertificateBoundAccessTokensEnabled","moduleMessageEnabledInPasswordGrant","supportedSubjectTypes","tlsClientCertificateHeaderFormat","hashSalt","macaroonTokenFormat","maxAgeOfRequestObjectNbfClaim","tlsCertificateRevocationCheckingEnabled","nbfClaimRequiredInRequestObject","requestObjectProcessing","maxDifferenceBetweenRequestObjectNbfAndExp","responseTypeClasses","expClaimRequiredInRequestObject","tokenValidatorClasses","tokenSigningAlgorithm","codeVerifierEnforced","displayNameAttribute","tokenExchangeClasses","parRequestUriLifetime","allowedAudienceValues","persistentClaims","supportedScopes","authenticationAttributes","clientDynamicRegistrationConfig","dynamicClientRegistrationScope","allowDynamicRegistration","requiredSoftwareStatementAttestedAttributes","dynamicClientRegistrationSoftwareStatementRequired","generateRegistrationAccessTokens","coreOIDCConfig","oidcDiscoveryEndpointEnabled","supportedIDTokenEncryptionMethods","supportedClaims","supportedIDTokenSigningAlgorithms","supportedIDTokenEncryptionAlgorithms","coreOAuth2Config","macaroonTokensEnabled","codeLifetime","consent","supportedRcsRequestSigningAlgorithms","supportedRcsResponseEncryptionAlgorithms","supportedRcsRequestEncryptionMethods","supportedRcsRequestEncryptionAlgorithms","supportedRcsResponseSigningAlgorithms","supportedRcsResponseEncryptionMethods","deviceCodeConfig","deviceUserCodeLength","deviceCodeLifetime","deviceUserCodeCharacterSet","devicePollInterval","pluginsConfig","accessTokenEnricherClass","userCodeGeneratorClass","oidcClaimsClass","accessTokenModifierClass","cibaConfig","cibaMinimumPollingInterval","supportedCibaSigningAlgorithms","cibaAuthReqIdLifetime","client1","client2","client3","client4","client5","client6","client7","client8","client9","client10","client11","client12","client13","import1","import2","importData1","importData2","importData3","importData4","beforeAll","process","env","FRODO_POLLY_MODE","afterAll","test","expect","exportOAuth2Client","toBeDefined","response","toMatchSnapshot","any","exportOAuth2Clients","getOAuth2Clients","importOAuth2Client","assertions","deps","importFirstOAuth2Client","outcome","importOAuth2Clients"],"sources":["ops/OAuth2ClientOps.test.ts"],"sourcesContent":["/**\n * To record and update snapshots, you must perform 3 steps in order:\n *\n * 1. Record API responses & update ESM snapshots\n *\n * To record and update ESM snapshots, you must call the test:record\n * script and override all the connection state variables required\n * to connect to the env to record from:\n *\n * FRODO_DEBUG=1 FRODO_HOST=frodo-dev npm run test:record OAuth2ClientOps\n *\n * The above command assumes that you have a connection profile for\n * 'frodo-dev' on your development machine.\n *\n * 2. Update CJS snapshots\n *\n * After recording, the ESM snapshots will already be updated as that happens\n * in one go, but you musty manually update the CJS snapshots by running:\n *\n * FRODO_DEBUG=1 npm run test:update OAuth2ClientOps\n *\n * 3. Test your changes\n *\n * If 1 and 2 didn't produce any errors, you are ready to run the tests in\n * replay mode and make sure they all succeed as well:\n *\n * npm run test:only OAuth2ClientOps\n *\n * Note: FRODO_DEBUG=1 is optional and enables debug logging for some output\n * in case things don't function as expected\n */\nimport { OAuth2Client } from '../index';\nimport { autoSetupPolly } from '../utils/AutoSetupPolly';\nimport { cloneDeep } from './utils/OpsUtils';\n\nautoSetupPolly();\n\nasync function stageOAuth2Client(\n client: { id: string; data: object },\n create = true\n) {\n // delete if exists, then create\n try {\n await OAuth2Client.getOAuth2Client(client.id);\n await OAuth2Client.deleteOAuth2Client(client.id);\n } catch (error) {\n // ignore\n } finally {\n if (create) {\n await OAuth2Client.putOAuth2Client(client.id, client.data);\n }\n }\n}\n\nfunction applyOAuth2ClientImportTemplate(template, ids: string[]) {\n const configured: OAuth2Client.OAuth2ClientExportInterface =\n cloneDeep(template);\n const key = cloneDeep(Object.keys(configured.application)[0]);\n const clientData = configured.application[key];\n for (const key of Object.keys(configured.application)) {\n delete configured.application[key];\n }\n for (const id of ids) {\n configured.application[id] = cloneDeep(clientData);\n }\n console.log(`apply template ${ids}`);\n console.dir(configured);\n return configured;\n}\n\ndescribe('OAuth2ClientOps', () => {\n const rawClientTemplate = {\n overrideOAuth2ClientConfig: {\n issueRefreshToken: true,\n validateScopePluginType: 'PROVIDER',\n tokenEncryptionEnabled: false,\n evaluateScopePluginType: 'PROVIDER',\n oidcMayActScript: '[Empty]',\n oidcClaimsScript: '[Empty]',\n scopesPolicySet: 'oauth2Scopes',\n accessTokenModificationPluginType: 'PROVIDER',\n authorizeEndpointDataProviderClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultEndpointDataProvider',\n oidcClaimsPluginType: 'PROVIDER',\n providerOverridesEnabled: false,\n authorizeEndpointDataProviderScript: '[Empty]',\n statelessTokensEnabled: false,\n authorizeEndpointDataProviderPluginType: 'PROVIDER',\n remoteConsentServiceId: null,\n enableRemoteConsent: false,\n validateScopeClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultScopeValidator',\n usePolicyEngineForScope: false,\n evaluateScopeClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultScopeEvaluator',\n overrideableOIDCClaims: [],\n accessTokenMayActScript: '[Empty]',\n evaluateScopeScript: '[Empty]',\n clientsCanSkipConsent: false,\n accessTokenModificationScript: '[Empty]',\n issueRefreshTokenOnRefreshedToken: true,\n validateScopeScript: '[Empty]',\n },\n advancedOAuth2ClientConfig: {\n logoUri: {\n inherited: false,\n value: [],\n },\n subjectType: {\n inherited: false,\n value: 'public',\n },\n clientUri: {\n inherited: false,\n value: [],\n },\n tokenExchangeAuthLevel: {\n inherited: false,\n value: 0,\n },\n responseTypes: {\n inherited: false,\n value: ['code', 'token', 'id_token'],\n },\n mixUpMitigation: {\n inherited: false,\n value: false,\n },\n customProperties: {\n inherited: false,\n value: [],\n },\n javascriptOrigins: {\n inherited: false,\n value: [],\n },\n policyUri: {\n inherited: false,\n value: [],\n },\n softwareVersion: {\n inherited: false,\n },\n tosURI: {\n inherited: false,\n value: [],\n },\n sectorIdentifierUri: {\n inherited: false,\n },\n tokenEndpointAuthMethod: {\n inherited: false,\n value: 'client_secret_basic',\n },\n refreshTokenGracePeriod: {\n inherited: false,\n value: 0,\n },\n isConsentImplied: {\n inherited: false,\n value: true,\n },\n softwareIdentity: {\n inherited: false,\n },\n grantTypes: {\n inherited: false,\n value: ['authorization_code', 'refresh_token'],\n },\n require_pushed_authorization_requests: {\n inherited: false,\n value: false,\n },\n descriptions: {\n inherited: false,\n value: [],\n },\n requestUris: {\n inherited: false,\n value: [],\n },\n name: {\n inherited: false,\n value: [],\n },\n contacts: {\n inherited: false,\n value: [],\n },\n updateAccessToken: {\n inherited: false,\n },\n },\n signEncOAuth2ClientConfig: {\n tokenEndpointAuthSigningAlgorithm: {\n inherited: false,\n value: 'RS256',\n },\n idTokenEncryptionEnabled: {\n inherited: false,\n value: false,\n },\n tokenIntrospectionEncryptedResponseEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n requestParameterSignedAlg: {\n inherited: false,\n },\n authorizationResponseSigningAlgorithm: {\n inherited: false,\n value: 'RS256',\n },\n clientJwtPublicKey: {\n inherited: false,\n },\n idTokenPublicEncryptionKey: {\n inherited: false,\n },\n mTLSSubjectDN: {\n inherited: false,\n },\n jwkStoreCacheMissCacheTime: {\n inherited: false,\n value: 60000,\n },\n jwkSet: {\n inherited: false,\n },\n idTokenEncryptionMethod: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n jwksUri: {\n inherited: false,\n },\n tokenIntrospectionEncryptedResponseAlg: {\n inherited: false,\n value: 'RSA-OAEP-256',\n },\n authorizationResponseEncryptionMethod: {\n inherited: false,\n },\n userinfoResponseFormat: {\n inherited: false,\n value: 'JSON',\n },\n mTLSCertificateBoundAccessTokens: {\n inherited: false,\n value: false,\n },\n publicKeyLocation: {\n inherited: false,\n value: 'jwks_uri',\n },\n tokenIntrospectionResponseFormat: {\n inherited: false,\n value: 'JSON',\n },\n requestParameterEncryptedEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n userinfoSignedResponseAlg: {\n inherited: false,\n },\n idTokenEncryptionAlgorithm: {\n inherited: false,\n value: 'RSA-OAEP-256',\n },\n requestParameterEncryptedAlg: {\n inherited: false,\n },\n authorizationResponseEncryptionAlgorithm: {\n inherited: false,\n },\n mTLSTrustedCert: {\n inherited: false,\n },\n jwksCacheTimeout: {\n inherited: false,\n value: 3600000,\n },\n userinfoEncryptedResponseAlg: {\n inherited: false,\n },\n idTokenSignedResponseAlg: {\n inherited: false,\n value: 'RS256',\n },\n tokenIntrospectionSignedResponseAlg: {\n inherited: false,\n value: 'RS256',\n },\n userinfoEncryptedResponseEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n },\n coreOpenIDClientConfig: {\n claims: {\n inherited: false,\n value: [],\n },\n backchannel_logout_uri: {\n inherited: false,\n },\n defaultAcrValues: {\n inherited: false,\n value: [],\n },\n jwtTokenLifetime: {\n inherited: false,\n value: 3600,\n },\n defaultMaxAgeEnabled: {\n inherited: false,\n value: false,\n },\n clientSessionUri: {\n inherited: false,\n },\n defaultMaxAge: {\n inherited: false,\n value: 600,\n },\n postLogoutRedirectUri: {\n inherited: false,\n value: [],\n },\n backchannel_logout_session_required: {\n inherited: false,\n value: false,\n },\n },\n coreOAuth2ClientConfig: {\n status: {\n inherited: false,\n value: 'Active',\n },\n clientName: {\n inherited: false,\n value: [],\n },\n clientType: {\n inherited: false,\n value: 'Public',\n },\n loopbackInterfaceRedirection: {\n inherited: false,\n value: false,\n },\n defaultScopes: {\n inherited: false,\n value: [],\n },\n refreshTokenLifetime: {\n inherited: false,\n value: 604800,\n },\n scopes: {\n inherited: false,\n value: ['openid'],\n },\n accessTokenLifetime: {\n inherited: false,\n value: 3600,\n },\n redirectionUris: {\n inherited: false,\n value: [],\n },\n authorizationCodeLifetime: {\n inherited: false,\n value: 120,\n },\n },\n coreUmaClientConfig: {\n claimsRedirectionUris: {\n inherited: false,\n value: [],\n },\n },\n // _type: {\n // _id: 'OAuth2Client',\n // name: 'OAuth2 Clients',\n // collection: true,\n // },\n // _provider: {\n // _id: '',\n // _rev: '745152125',\n // advancedOIDCConfig: {\n // supportedRequestParameterEncryptionEnc: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // authorisedOpenIdConnectSSOClients: [],\n // supportedUserInfoEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'RSA-OAEP',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // supportedAuthorizationResponseEncryptionEnc: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // supportedTokenIntrospectionResponseEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'RSA-OAEP',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // useForceAuthnForPromptLogin: false,\n // alwaysAddClaimsToToken: true,\n // supportedTokenIntrospectionResponseSigningAlgorithms: [\n // 'PS384',\n // 'RS384',\n // 'EdDSA',\n // 'ES384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedTokenEndpointAuthenticationSigningAlgorithms: [\n // 'PS384',\n // 'ES384',\n // 'RS384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedRequestParameterSigningAlgorithms: [\n // 'PS384',\n // 'ES384',\n // 'RS384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // includeAllKtyAlgCombinationsInJwksUri: false,\n // amrMappings: {},\n // loaMapping: {},\n // authorisedIdmDelegationClients: [],\n // idTokenInfoClientAuthenticationEnabled: true,\n // storeOpsTokens: true,\n // supportedUserInfoSigningAlgorithms: [\n // 'ES384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // ],\n // supportedAuthorizationResponseSigningAlgorithms: [\n // 'PS384',\n // 'RS384',\n // 'EdDSA',\n // 'ES384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedUserInfoEncryptionEnc: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // claimsParameterSupported: false,\n // supportedTokenIntrospectionResponseEncryptionEnc: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // supportedAuthorizationResponseEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'RSA-OAEP',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // supportedRequestParameterEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // defaultACR: [],\n // },\n // advancedOAuth2Config: {\n // passwordGrantAuthService: 'PasswordGrant',\n // tokenCompressionEnabled: false,\n // tokenEncryptionEnabled: false,\n // requirePushedAuthorizationRequests: false,\n // tlsCertificateBoundAccessTokensEnabled: true,\n // defaultScopes: ['address', 'phone', 'openid', 'profile', 'email'],\n // moduleMessageEnabledInPasswordGrant: false,\n // supportedSubjectTypes: ['public', 'pairwise'],\n // refreshTokenGracePeriod: 0,\n // tlsClientCertificateHeaderFormat: 'URLENCODED_PEM',\n // hashSalt: 'qAWV0MFSQpC/f1GPbZAZnMRksak=',\n // macaroonTokenFormat: 'V2',\n // maxAgeOfRequestObjectNbfClaim: 0,\n // tlsCertificateRevocationCheckingEnabled: false,\n // nbfClaimRequiredInRequestObject: false,\n // requestObjectProcessing: 'OIDC',\n // maxDifferenceBetweenRequestObjectNbfAndExp: 0,\n // responseTypeClasses: [\n // 'code|org.forgerock.oauth2.core.AuthorizationCodeResponseTypeHandler',\n // 'device_code|org.forgerock.oauth2.core.TokenResponseTypeHandler',\n // 'token|org.forgerock.oauth2.core.TokenResponseTypeHandler',\n // 'id_token|org.forgerock.openidconnect.IdTokenResponseTypeHandler',\n // ],\n // expClaimRequiredInRequestObject: false,\n // tokenValidatorClasses: [\n // 'urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.idtoken.OidcIdTokenValidator',\n // 'urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.OAuth2AccessTokenValidator',\n // ],\n // tokenSigningAlgorithm: 'HS256',\n // codeVerifierEnforced: 'false',\n // displayNameAttribute: 'cn',\n // tokenExchangeClasses: [\n // 'urn:ietf:params:oauth:token-type:access_token=>urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.AccessTokenToAccessTokenExchanger',\n // 'urn:ietf:params:oauth:token-type:id_token=>urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.idtoken.IdTokenToIdTokenExchanger',\n // 'urn:ietf:params:oauth:token-type:access_token=>urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.AccessTokenToIdTokenExchanger',\n // 'urn:ietf:params:oauth:token-type:id_token=>urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.idtoken.IdTokenToAccessTokenExchanger',\n // ],\n // parRequestUriLifetime: 90,\n // allowedAudienceValues: [],\n // persistentClaims: [],\n // supportedScopes: [\n // 'email|Your email address',\n // 'openid|',\n // 'address|Your postal address',\n // 'phone|Your telephone number(s)',\n // 'profile|Your personal information',\n // 'fr:idm:*',\n // 'am-introspect-all-tokens',\n // ],\n // authenticationAttributes: ['uid'],\n // grantTypes: [\n // 'implicit',\n // 'urn:ietf:params:oauth:grant-type:saml2-bearer',\n // 'refresh_token',\n // 'password',\n // 'client_credentials',\n // 'urn:ietf:params:oauth:grant-type:device_code',\n // 'authorization_code',\n // 'urn:openid:params:grant-type:ciba',\n // 'urn:ietf:params:oauth:grant-type:uma-ticket',\n // 'urn:ietf:params:oauth:grant-type:jwt-bearer',\n // ],\n // },\n // clientDynamicRegistrationConfig: {\n // dynamicClientRegistrationScope: 'dynamic_client_registration',\n // allowDynamicRegistration: false,\n // requiredSoftwareStatementAttestedAttributes: ['redirect_uris'],\n // dynamicClientRegistrationSoftwareStatementRequired: false,\n // generateRegistrationAccessTokens: true,\n // },\n // coreOIDCConfig: {\n // overrideableOIDCClaims: [],\n // oidcDiscoveryEndpointEnabled: true,\n // supportedIDTokenEncryptionMethods: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // supportedClaims: [],\n // supportedIDTokenSigningAlgorithms: [\n // 'PS384',\n // 'ES384',\n // 'RS384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedIDTokenEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'RSA-OAEP',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // jwtTokenLifetime: 3600,\n // },\n // coreOAuth2Config: {\n // refreshTokenLifetime: 604800,\n // scopesPolicySet: 'oauth2Scopes',\n // accessTokenMayActScript: '[Empty]',\n // accessTokenLifetime: 3600,\n // macaroonTokensEnabled: false,\n // codeLifetime: 120,\n // statelessTokensEnabled: true,\n // usePolicyEngineForScope: false,\n // issueRefreshToken: true,\n // oidcMayActScript: '[Empty]',\n // issueRefreshTokenOnRefreshedToken: true,\n // },\n // consent: {\n // supportedRcsRequestSigningAlgorithms: [\n // 'PS384',\n // 'ES384',\n // 'RS384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedRcsResponseEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // supportedRcsRequestEncryptionMethods: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // enableRemoteConsent: false,\n // supportedRcsRequestEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'RSA-OAEP',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // clientsCanSkipConsent: true,\n // supportedRcsResponseSigningAlgorithms: [\n // 'PS384',\n // 'ES384',\n // 'RS384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedRcsResponseEncryptionMethods: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // },\n // deviceCodeConfig: {\n // deviceUserCodeLength: 8,\n // deviceCodeLifetime: 300,\n // deviceUserCodeCharacterSet:\n // '234567ACDEFGHJKLMNPQRSTWXYZabcdefhijkmnopqrstwxyz',\n // devicePollInterval: 5,\n // },\n // pluginsConfig: {\n // evaluateScopeClass:\n // 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // validateScopeScript: '[Empty]',\n // accessTokenEnricherClass:\n // 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // oidcClaimsPluginType: 'SCRIPTED',\n // authorizeEndpointDataProviderClass:\n // 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // authorizeEndpointDataProviderPluginType: 'JAVA',\n // userCodeGeneratorClass:\n // 'org.forgerock.oauth2.core.plugins.registry.DefaultUserCodeGenerator',\n // evaluateScopeScript: '[Empty]',\n // oidcClaimsClass: 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // evaluateScopePluginType: 'JAVA',\n // authorizeEndpointDataProviderScript: '[Empty]',\n // accessTokenModifierClass:\n // 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // accessTokenModificationScript: '39c08084-1238-43e8-857f-2e11005eac49',\n // validateScopePluginType: 'JAVA',\n // accessTokenModificationPluginType: 'SCRIPTED',\n // oidcClaimsScript: 'cf3515f0-8278-4ee3-a530-1bad7424c416',\n // validateScopeClass:\n // 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // },\n // cibaConfig: {\n // cibaMinimumPollingInterval: 2,\n // supportedCibaSigningAlgorithms: ['ES256', 'PS256'],\n // cibaAuthReqIdLifetime: 600,\n // },\n // _type: {\n // _id: 'oauth-oidc',\n // name: 'OAuth2 Provider',\n // collection: false,\n // },\n // },\n };\n const depsClientImportTemplate = {\n meta: {\n origin: 'https://openam-frodo-dev.forgeblocks.com/am',\n originAmVersion: '7.3.0',\n exportedBy: 'volker.scheuber@forgerock.com',\n exportDate: '2023-04-17T15:29:35.013Z',\n exportTool: 'frodo',\n exportToolVersion: 'v0.18.9-1 [v19.4.0]',\n },\n script: {\n 'cf3515f0-8278-4ee3-a530-1bad7424c416': {\n _id: 'cf3515f0-8278-4ee3-a530-1bad7424c416',\n name: 'Alpha OIDC Claims Script',\n description: 'Default alpha realm script for OIDC claims',\n script: [\n '/*',\n ' * Copyright 2014-2021 ForgeRock AS. All Rights Reserved',\n ' *',\n ' * Use of this code requires a commercial software license with ForgeRock AS',\n ' * or with one of its affiliates. All use shall be exclusively subject',\n ' * to such license between the licensee and ForgeRock AS.',\n ' */',\n '',\n '/*',\n ' * This script computes claim values returned in ID tokens and/or at the UserInfo Endpoint.',\n ' * The claim values are computed for:',\n ' * the claims derived from the requested scopes,',\n ' * the claims provided by the authorization server,',\n ' * and the claims requested by the client via the claims parameter.',\n ' *',\n ' * In the CONFIGURATION AND CUSTOMIZATION section, you can',\n ' * define the scope-to-claims mapping, and',\n ' * assign to each claim a resolver function that will compute the claim value.',\n ' *',\n ' * Defined variables (class references are provided below):',\n ' * scopes - Set<String> (6).',\n ' * Always present, the requested scopes.',\n ' * claims - Map<String, Object> (5).',\n ' * Always present, default server provided claims.',\n ' * claimObjects - List<Claim> (7, 2).',\n ' * Always present, the default server provided claims.',\n ' * requestedClaims - Map<String, Set<String>> (5).',\n ' * Always present, not empty if the request contains the claims parameter and the server has enabled',\n ' * claims_parameter_supported. A map of the requested claims to possible values, otherwise empty;',\n ' * requested claims with no requested values will have a key but no value in the map. A key with',\n ' * a single value in its Set (6) indicates that this is the only value that should be returned.',\n ' * requestedTypedClaims - List<Claim> (7, 2).',\n ' * Always present, the requested claims.',\n ' * Requested claims with no requested values will have a claim with no values.',\n ' * A claim with a single value indicates this is the only value that should be returned.',\n ' * claimsLocales - List<String> (7).',\n \" * The values from the 'claims_locales' parameter.\",\n ' * See https://openid.net/specs/openid-connect-core-1_0.html#ClaimsLanguagesAndScripts for the OIDC specification details.',\n ' * requestProperties - Unmodifiable Map (5).',\n ' * Always present, contains a map of request properties:',\n ' * requestUri - The request URI.',\n ' * realm - The realm that the request relates to.',\n ' * requestParams - A map of the request params and/or posted data.',\n ' * Each value is a list of one or more properties.',\n ' * Please note that these should be handled in accordance with OWASP best practices:',\n ' * https://owasp.org/www-community/vulnerabilities/Unsafe_use_of_Reflection.',\n ' * clientProperties - Unmodifiable Map (5).',\n ' * Present if the client specified in the request was identified, contains a map of client properties:',\n \" * clientId - The client's URI for the request locale.\",\n ' * allowedGrantTypes - List of the allowed grant types (org.forgerock.oauth2.core.GrantType) for the client.',\n ' * allowedResponseTypes - List of the allowed response types for the client.',\n ' * allowedScopes - List of the allowed scopes for the client.',\n ' * customProperties - A map of the custom properties of the client.',\n ' * Lists or maps will be included as sub-maps; for example:',\n ' * customMap[Key1]=Value1 will be returned as customMap -> Key1 -> Value1.',\n ' * To add custom properties to a client, update the Custom Properties field',\n ' * in AM Console > Realm Name > Applications > OAuth 2.0 > Clients > Client ID > Advanced.',\n ' * identity - AMIdentity (3).',\n ' * Always present, the identity of the resource owner.',\n ' * session - SSOToken (4).',\n \" * Present if the request contains the session cookie, the user's session object.\",\n ' * scriptName - String (primitive).',\n ' * Always present, the display name of the script.',\n ' * logger - Always present, the \"OAuth2Provider\" debug logger instance:',\n ' * https://backstage.forgerock.com/docs/am/7/scripting-guide/scripting-api-global-logger.html#scripting-api-global-logger.',\n ' * Corresponding files will be prefixed with: scripts.OIDC_CLAIMS.',\n ' * httpClient - HTTP Client (8).',\n ' * Always present, the HTTP Client instance:',\n ' * https://backstage.forgerock.com/docs/am/7/scripting-guide/scripting-api-global-http-client.html#scripting-api-global-http-client.',\n ' * In order to use the client, you may need to add',\n ' * org.forgerock.http.Client,',\n ' * org.forgerock.http.protocol.*,',\n ' * and org.forgerock.util.promise.PromiseImpl',\n ' * to the allowed Java classes in the scripting engine configuration, as described in:',\n ' * https://backstage.forgerock.com/docs/am/7/scripting-guide/script-engine-security.html',\n ' *',\n ' * Return - a new UserInfoClaims(Map<String, Object> values, Map<String, List<String>> compositeScopes) (1) object.',\n ' * The result of the last statement in the script is returned to the server.',\n ' * Currently, the Immediately Invoked Function Expression (also known as Self-Executing Anonymous Function)',\n ' * is the last (and only) statement in this script, and its return value will become the script result.',\n ' * Do not use \"return variable\" statement outside of a function definition.',\n ' * See RESULTS section for additional details.',\n ' *',\n ' * Class reference:',\n ' * (1) UserInfoClaims - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/oauth2/core/UserInfoClaims.html.',\n ' * (2) Claim - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html).',\n ' * An instance of org.forgerock.openidconnect.Claim has methods to access',\n ' * the claim name, requested values, locale, and whether the claim is essential.',\n ' * (3) AMIdentity - https://backstage.forgerock.com/docs/am/7/apidocs/com/sun/identity/idm/AMIdentity.html.',\n ' * (4) SSOToken - https://backstage.forgerock.com/docs/am/7/apidocs/com/iplanet/sso/SSOToken.html.',\n ' * (5) Map - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/HashMap.html,',\n ' * or https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/LinkedHashMap.html.',\n ' * (6) Set - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/HashSet.html.',\n ' * (7) List - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/ArrayList.html.',\n ' * (8) Client - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/http/Client.html.',\n '*/',\n '',\n '(function () {',\n ' // SETUP',\n '',\n ' /**',\n ' * Claim processing utilities.',\n ' * An object that contains reusable functions for processing claims.',\n ' * @see CLAIM PROCESSING UTILITIES section for details.',\n ' */',\n ' var utils = getUtils();',\n '',\n ' // CONFIGURATION AND CUSTOMIZATION',\n '',\n ' /**',\n ' * OAuth 2.0 scope values (scopes) can be used by the Client to request OIDC claims.',\n ' *',\n ' * Call this configuration method, and pass in as the first argument',\n ' * an object that maps a scope value to an array of claim names',\n ' * to specify which claims need to be processed and returned for the requested scopes.',\n ' * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims}',\n ' * for the scope values that could be used to request claims as defined in the OIDC specification.',\n ' *',\n ' * Below, find a default configuration that is expected to work in the current environment.',\n ' *',\n ' * CUSTOMIZATION',\n ' * You can choose the claim names returned for a scope.',\n ' */',\n ' utils.setScopeClaimsMap({',\n ' profile: [',\n \" 'name',\",\n \" 'family_name',\",\n \" 'given_name',\",\n \" 'zoneinfo',\",\n \" 'locale'\",\n ' ],',\n \" email: ['email'],\",\n \" address: ['address'],\",\n \" phone: ['phone_number']\",\n ' });',\n '',\n ' /**',\n ' * In this script, each claim',\n ' * derived from the requested scopes,',\n ' * provided by the authorization server, and',\n ' * requested by the client via the claims parameter',\n ' * will be processed by a function associated with the claim name.',\n ' *',\n ' * Call this configuration method, and pass in as the first argument',\n ' * an object that maps a claim name to a resolver function,',\n ' * which will be automatically executed for each claim processed by the script.',\n ' *',\n ' * The claim resolver function will receive the requested claim information',\n ' * in an instance of org.forgerock.openidconnect.Claim as the first argument.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html}',\n ' * for details on the Claim class.',\n ' *',\n ' * If the claim resolver function returns a value,',\n ' * other than undefined or null,',\n \" * the claim will be included in the script's results.\",\n ' *',\n ' * The Claim instance provides methods to check',\n ' * what the name of the claim is,',\n ' * which values the claim request contains,',\n ' * whether the claim is essential, and',\n ' * which locale the claim is associated with.',\n ' * The resolver function can consider this information when computing and returning the claim value.',\n ' *',\n ' * Below, find a default configuration that is expected to work in the current environment.',\n ' * A reusable function, utils.getUserProfileClaimResolver(String attribute-name),',\n ' * is called to return a claim resolver function based on a user profile attribute.',\n ' * @see CLAIM RESOLVERS section for the implementation details and examples.',\n ' * For the address claim, an example of a claim resolver that uses another claim resolver is provided.',\n ' *',\n ' * CUSTOMIZATION',\n ' * You can reuse the predefined utils methods with your custom arguments.',\n ' * You can also specify a custom resolver function for a claim name,',\n ' * that will compute and return the claim value—as shown in the commented out example below.',\n ' */',\n ' utils.setClaimResolvers({',\n ' /*',\n ' // An example of a simple claim resolver function that is defined for a claim',\n ' // directly in the configuration object:',\n ' custom-claim-name: function (requestedClaim) {',\n ' // In this case, initially, the claim value comes straight from a user profile attribute value:',\n \" var claimValue = identity.getAttribute('custom-attribute-name').toArray()[0]\",\n '',\n ' // Optionally, provide additional logic for processing (filtering, formatting, etc.) the claim value.',\n ' // You can use:',\n ' // requestedClaim.getName()',\n ' // requestedClaim.getValues()',\n ' // requestedClaim.getLocale()',\n ' // requestedClaim.isEssential()',\n '',\n ' return claimValue',\n ' },',\n ' */',\n ' /**',\n ' * The use of utils.getUserProfileClaimResolver shows how',\n ' * an argument passed to a function that returns a claim resolver',\n ' * becomes available to the resolver function (via its lexical context).',\n ' */',\n \" name: utils.getUserProfileClaimResolver('cn'),\",\n \" family_name: utils.getUserProfileClaimResolver('sn'),\",\n \" given_name: utils.getUserProfileClaimResolver('givenname'),\",\n \" zoneinfo: utils.getUserProfileClaimResolver('preferredtimezone'),\",\n \" locale: utils.getUserProfileClaimResolver('preferredlocale'),\",\n \" email: utils.getUserProfileClaimResolver('mail'),\",\n ' address: utils.getAddressClaimResolver(',\n ' /**',\n ' * The passed in user profile claim resolver function',\n ' * can be used by the address claim resolver function',\n ' * to obtain the claim value to be formatted as per the OIDC specification:',\n ' * @see https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim.',\n ' */',\n \" utils.getUserProfileClaimResolver('postaladdress')\",\n ' ),',\n \" phone_number: utils.getUserProfileClaimResolver('telephonenumber')\",\n ' });',\n '',\n ' // CLAIM PROCESSING UTILITIES',\n '',\n ' /**',\n ' * @returns {object} An object that contains reusable claim processing utilities.',\n ' * @see PUBLIC METHODS section and the return statement for the list of exported functions.',\n ' */',\n ' function getUtils () {',\n ' // IMPORT JAVA',\n '',\n ' /**',\n ' * Provides Java scripting functionality.',\n ' * @see {@link https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Rhino/Scripting_Java#javaimporter_constructor}.',\n ' */',\n ' var frJava = JavaImporter(',\n ' org.forgerock.oauth2.core.exceptions.InvalidRequestException,',\n ' org.forgerock.oauth2.core.UserInfoClaims,',\n ' org.forgerock.openidconnect.Claim,',\n '',\n ' java.util.LinkedHashMap,',\n ' java.util.ArrayList',\n ' );',\n '',\n ' // SET UP CONFIGURATION',\n '',\n ' /**',\n ' * Placeholder for a configuration option that contains',\n ' * an object that maps the supported scope values (scopes)',\n ' * and the corresponding claim names for each scope value.',\n ' */',\n ' var scopeClaimsMap;',\n '',\n ' /**',\n ' * Placeholder for a configuration option that contains',\n ' * an object that maps the supported claim names',\n ' * and the resolver functions returning the claim value.',\n ' */',\n ' var claimResolvers;',\n '',\n ' /**',\n ' * A (public) method that accepts an object that maps the supported scopes and the corresponding claim names,',\n ' * and assigns it to a (private) variable that serves as a configuration option.',\n ' * @param {object} params - An object that maps each supported scope value to an array of claim names,',\n ' * in order to specify which claims need to be processed for the requested scopes.',\n ' * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims} for details.',\n ' * @param {string[]} [params.profile] - An array of claim names to be returned if the profile scope is requested.',\n ' * @param {string[]} [params.email] - An array of claim names to be returned if the email scope is requested.',\n ' * @param {string[]} [params.address] - An array of claim names to be returned if the address scope is requested.',\n ' * @param {string[]} [params.phone] - An array of claim names to be returned if the phone scope is requested.',\n ' * @returns {undefined}',\n ' */',\n ' function setScopeClaimsMap(params) {',\n ' scopeClaimsMap = params;',\n ' }',\n '',\n ' /**',\n ' * A (public) method that accepts an object that maps the supported claim names',\n ' * and the resolver functions returning the claim value,',\n ' * and assigns it to a (private) variable that serves as a configuration option.',\n ' * @param {object} params - An object that maps',\n ' * each supported claim name to a function that computes and returns the claim value.',\n ' */',\n ' function setClaimResolvers(params) {',\n ' claimResolvers = params;',\n ' }',\n '',\n ' // CLAIM RESOLVERS',\n '',\n ' /**',\n ' * Claim resolvers are functions that return a claim value.',\n ' * @param {*}',\n ' * @returns {*}',\n ' */',\n '',\n ' /**',\n ' * Defines a claim resolver based on a user profile attribute.',\n ' * @param {string} attributeName - Name of the user profile attribute.',\n ' * @returns {function} A function that will determine the claim value',\n ' * based on the user profile attribute and the (requested) claim properties.',\n ' */',\n ' function getUserProfileClaimResolver (attributeName) {',\n ' /**',\n ' * Resolves a claim with a user profile attribute value.',\n ' * Returns undefined if the identity attribute is not populated,',\n ' * OR if the claim has requested values that do not contain the identity attribute value.',\n ' * ATTENTION: the aforementioned comparison is case-sensitive.',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @returns {string|HashSet|undefined}',\n ' */',\n ' function resolveClaim(claim) {',\n ' var userProfileValue;',\n '',\n ' if (identity) {',\n ' userProfileValue = getClaimValueFromSet(claim, identity.getAttribute(attributeName));',\n '',\n ' if (userProfileValue && !userProfileValue.isEmpty()) {',\n ' if (!claim.getValues() || claim.getValues().isEmpty() || claim.getValues().contains(userProfileValue)) {',\n ' return userProfileValue;',\n ' }',\n ' }',\n ' }',\n ' }',\n '',\n ' return resolveClaim;',\n ' }',\n '',\n ' /**',\n ' * Returns an address claim resolver based on a claim value obtained with another claim resolver.',\n ' * @param {function} resolveClaim - A function that returns a claim value.',\n ' * @returns {function} A function that will accept a claim as an argument,',\n ' * run the claim resolver function for the claim and obtain the claim value,',\n ' * and apply additional formatting to the value before returning it.',\n ' */',\n ' function getAddressClaimResolver (resolveClaim) {',\n ' /**',\n ' * Creates an address claim object from a value returned by a claim resolver,',\n ' * and returns the address claim object as the claim value.',\n ' * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim}.',\n ' * The claim value is obtained with a claim resolving function available from the closure.',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @returns {java.util.LinkedHashMap|undefined} The address claim object created from a claim value.',\n ' */',\n ' function resolveAddressClaim(claim) {',\n ' var claimValue = resolveClaim(claim);',\n ' var addressObject;',\n '',\n ' if (isClaimValueValid(claimValue)) {',\n ' addressObject = new frJava.LinkedHashMap();',\n '',\n \" addressObject.put('formatted', claimValue);\",\n '',\n ' return addressObject;',\n ' }',\n ' }',\n '',\n ' return resolveAddressClaim;',\n ' }',\n '',\n ' /**',\n ' * Returns an essential claim resolver based on a claim value obtained with another claim resolver.',\n ' * @param {function} resolveClaim - A function that returns a claim value.',\n ' * @returns {function} A function that will accept a claim as an argument,',\n ' * run the claim resolver function for the claim and obtain the claim value,',\n ' * and apply additional logic for essential claims.',\n ' */',\n ' function getEssentialClaimResolver (resolveClaim) {',\n ' /**',\n ' * Returns a claim value or throws an error.',\n ' * The claim value is obtained with a claim resolving function available from the closure.',\n ' * Throws an exception if the claim is essential and no value is returned for the claim.',\n ' *',\n ' * Use of this resolver is optional.',\n ' * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#IndividualClaimsRequests} stating:',\n ' * \"Note that even if the Claims are not available because the End-User did not authorize their release or they are not present,',\n ' * the Authorization Server MUST NOT generate an error when Claims are not returned, whether they are Essential or Voluntary,',\n ' * unless otherwise specified in the description of the specific claim.\"',\n ' *',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @returns {*}',\n ' * @throws {org.forgerock.oauth2.core.exceptions.InvalidRequestException}',\n ' */',\n ' function resolveEssentialClaim(claim) {',\n ' var claimValue = resolveClaim(claim);',\n '',\n ' if (claim.isEssential() && !isClaimValueValid(claimValue)) {',\n \" throw new frJava.InvalidRequestException('Could not provide value for essential claim: ' + claim.getName());\",\n ' }',\n '',\n ' return claimValue;',\n ' }',\n '',\n ' return resolveEssentialClaim;',\n ' }',\n '',\n ' /**',\n ' * Provides default resolution for a claim.',\n ' * Use it if a claim-specific resolver is not defined in the configuration.',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @returns {*} A single value associated with this claim.',\n ' */',\n ' function resolveAnyClaim (claim) {',\n ' if (claim.getValues().size() === 1) {',\n ' return claim.getValues().toArray()[0];',\n ' }',\n ' }',\n '',\n ' // UTILITIES',\n '',\n ' /**',\n ' * Returns claim value from a set.',\n ' * If the set contains a single value, returns the value.',\n ' * If the set contains multiple values, returns the set.',\n ' * Otherwise, returns undefined.',\n ' *',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @param {java.util.HashSet} set The set—for example, a user profile attribute value.',\n ' * @returns {string|java.util.HashSet|undefined}',\n ' */',\n ' function getClaimValueFromSet (claim, set) {',\n ' if (set && set.size()) {',\n ' if (set.size() === 1) {',\n ' return set.toArray()[0];',\n ' } else {',\n ' return set;',\n ' }',\n ' } else if (logger.warningEnabled()) {',\n \" logger.warning('OIDC Claims script. Got an empty set for claim: ' + claim.getName());\",\n ' }',\n ' }',\n '',\n ' function isClaimValueValid (claimValue) {',\n \" if (typeof claimValue === 'undefined' || claimValue === null) {\",\n ' return false;',\n ' }',\n '',\n ' return true;',\n ' }',\n '',\n ' // CLAIM PROCESSING',\n '',\n ' /**',\n ' * Constructs and returns an object populated with the computed claim values',\n ' * and the requested scopes mapped to the claim names.',\n ' * @returns {org.forgerock.oauth2.core.UserInfoClaims} The object to be returned to the authorization server.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/oauth2/core/UserInfoClaims.html}.',\n ' * @see RESULTS section for the use of this function.',\n ' */',\n ' function getUserInfoClaims () {',\n ' return new frJava.UserInfoClaims(getComputedClaims(), getCompositeScopes());',\n ' }',\n '',\n ' /**',\n ' * Creates a map of (requested) claim names populated with the computed claim values.',\n ' * @returns {java.util.LinkedHashMap}',\n ' * A map of the requested claim names and the corresponding claim values.',\n ' */',\n ' function getComputedClaims () {',\n ' /**',\n ' * Creates a complete list of claim objects from:',\n ' * the claims derived from the scopes,',\n ' * the claims provided by the authorization server,',\n ' * and the claims requested by the client.',\n ' * @returns {java.util.ArrayList}',\n ' * Returns a complete list of org.forgerock.openidconnect.Claim objects available to the script.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for the claim object details.',\n ' */',\n ' function getClaims() {',\n ' /**',\n ' * Returns a list of claim objects for the requested scopes.',\n ' * Uses the scopeClaimsMap configuration option to derive the claim names;',\n ' * no other properties of a claim derived from a scope are populated.',\n ' * @returns {java.util.ArrayList}',\n ' * A list of org.forgerock.openidconnect.Claim objects derived from the requested scopes.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for the claim object details.',\n ' */',\n ' function convertScopeToClaims() {',\n ' var claims = new frJava.ArrayList();',\n '',\n ' scopes.toArray().forEach(function (scope) {',\n \" if (String(scope) !== 'openid' && scopeClaimsMap[scope]) {\",\n ' scopeClaimsMap[scope].forEach(function (claimName) {',\n ' claims.add(new frJava.Claim(claimName));',\n ' });',\n ' }',\n ' });',\n '',\n ' return claims;',\n ' }',\n '',\n ' var claims = new frJava.ArrayList();',\n '',\n ' claims.addAll(convertScopeToClaims());',\n ' claims.addAll(claimObjects);',\n ' claims.addAll(requestedTypedClaims);',\n '',\n ' return claims;',\n ' }',\n '',\n ' /**',\n ' * Computes and returns a claim value.',\n ' * To obtain the claim value, uses the resolver function specified for the claim in the claimResolvers configuration object.',\n ' * @see claimResolvers',\n ' * If no resolver function is found, uses the default claim resolver function.',\n ' *',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @returns {*} Claim value.',\n ' * @throws {org.forgerock.oauth2.core.exceptions.InvalidRequestException}',\n ' * Rethrows this exception if a claim resolver throws it.',\n ' * You can throw org.forgerock.oauth2.core.exceptions.InvalidRequestException from your custom claim resolver',\n ' * if you want to terminate the claim processing.',\n ' */',\n ' function computeClaim(claim) {',\n ' var resolveClaim;',\n ' var message;',\n '',\n ' try {',\n ' resolveClaim = claimResolvers[claim.getName()] || resolveAnyClaim;',\n '',\n ' return resolveClaim(claim);',\n ' } catch (e) {',\n \" message = 'OIDC Claims script exception. Unable to resolve OIDC Claim. ' + e;\",\n '',\n \" if (String(e).indexOf('org.forgerock.oauth2.core.exceptions.InvalidRequestException') !== -1) {\",\n ' throw e;',\n ' }',\n '',\n ' if (logger.warningEnabled()) {',\n ' logger.warning(message);',\n ' }',\n ' }',\n ' }',\n '',\n ' var computedClaims = new frJava.LinkedHashMap();',\n '',\n ' getClaims().toArray().forEach(function (claim) {',\n ' var claimValue = computeClaim(claim);',\n '',\n ' if (isClaimValueValid(claimValue)) {',\n ' computedClaims.put(claim.getName(), claimValue);',\n ' } else {',\n ' /**',\n ' * If a claim has been processed, but appears in the list again,',\n ' * and its value cannot be computed under the new conditions,',\n ' * the claim is removed from the final result.',\n ' *',\n ' * For example, a claim could be mapped to a scope and found in the user profile,',\n \" * but also requested by the client with required values that don't match the computed one.\",\n ' * @see {link https://openid.net/specs/openid-connect-core-1_0.html#IndividualClaimsRequests}.',\n ' * for the relevant OIDC specification details.',\n ' */',\n ' computedClaims.remove(claim.getName());',\n ' }',\n ' });',\n '',\n ' return computedClaims;',\n ' }',\n '',\n ' /**',\n ' * Creates a map of requested scopes and the corresponding claim names.',\n ' * @returns {java.util.LinkedHashMap}',\n ' */',\n ' function getCompositeScopes () {',\n ' var compositeScopes = new frJava.LinkedHashMap();',\n '',\n ' scopes.toArray().forEach(function (scope) {',\n ' var scopeClaims = new frJava.ArrayList();',\n '',\n ' if (scopeClaimsMap[scope]) {',\n ' scopeClaimsMap[scope].forEach(function (claimName) {',\n ' scopeClaims.add(claimName);',\n ' });',\n ' }',\n '',\n ' if (scopeClaims.size()) {',\n ' compositeScopes.put(scope, scopeClaims);',\n ' }',\n ' });',\n '',\n ' return compositeScopes;',\n ' }',\n '',\n ' // PUBLIC METHODS',\n '',\n ' return {',\n ' setScopeClaimsMap: setScopeClaimsMap,',\n ' setClaimResolvers: setClaimResolvers,',\n ' getUserProfileClaimResolver: getUserProfileClaimResolver,',\n ' getAddressClaimResolver: getAddressClaimResolver,',\n ' getEssentialClaimResolver: getEssentialClaimResolver,',\n ' getUserInfoClaims: getUserInfoClaims',\n ' };',\n ' }',\n '',\n ' // RESULTS',\n '',\n ' /**',\n ' * This script returns an instance of the org.forgerock.oauth2.core.UserInfoClaims class',\n ' * populated with the computed claim values and',\n ' * the requested scopes mapped to the claim names.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/oauth2/core/UserInfoClaims.html}.',\n ' *',\n ' * Assigning it to a variable gives you an opportunity',\n ' * to log the content of the returned value during development.',\n ' */',\n ' var userInfoClaims = utils.getUserInfoClaims();',\n '',\n ' /*',\n \" logger.error(scriptName + ' results:')\",\n \" logger.error('Values: ' + userInfoClaims.getValues())\",\n \" logger.error('Scopes: ' + userInfoClaims.getCompositeScopes())\",\n ' */',\n '',\n ' return userInfoClaims;',\n '}());',\n ],\n default: false,\n language: 'JAVASCRIPT',\n context: 'OIDC_CLAIMS',\n createdBy: 'null',\n creationDate: 0,\n lastModifiedBy: 'null',\n lastModifiedDate: 0,\n },\n '39c08084-1238-43e8-857f-2e11005eac49': {\n _id: '39c08084-1238-43e8-857f-2e11005eac49',\n name: 'Alpha OAuth2 Access Token Modification Script',\n description:\n 'Default alpha realm script for OAuth2 Access Token Modification',\n script: [\n '/*',\n ' * Copyright 2019-2021 ForgeRock AS. All Rights Reserved.',\n ' *',\n ' * Use of this code requires a commercial software license with ForgeRock AS',\n ' * or with one of its affiliates. All use shall be exclusively subject',\n ' * to such license between the licensee and ForgeRock AS.',\n ' */',\n '',\n '/*',\n ' * This script lets you modify information associated with an OAuth2 access token',\n ' * with methods provided by the AccessToken (1) interface.',\n ' * The changes made to OAuth2 access tokens will directly impact the size of the CTS tokens,',\n ' * and, similarly, the size of the JWTs if client-based OAuth2 tokens are utilized.',\n ' * When adding/updating fields make sure that the token size remains within client/user-agent limits.',\n ' *',\n ' * Defined variables:',\n ' * accessToken - AccessToken (1).',\n ' * The access token to be updated.',\n ' * Mutable object, all changes to the access token will be reflected.',\n ' * scopes - Set<String> (6).',\n ' * Always present, the requested scopes.',\n ' * requestProperties - Unmodifiable Map (5).',\n ' * Always present, contains a map of request properties:',\n ' * requestUri - The request URI.',\n ' * realm - The realm that the request relates to.',\n ' * requestParams - A map of the request params and/or posted data.',\n ' * Each value is a list of one or more properties.',\n ' * Please note that these should be handled in accordance with OWASP best practices:',\n ' * https://owasp.org/www-community/vulnerabilities/Unsafe_use_of_Reflection.',\n ' * clientProperties - Unmodifiable Map (5).',\n ' * Present if the client specified in the request was identified, contains a map of client properties:',\n \" * clientId - The client's URI for the request locale.\",\n ' * allowedGrantTypes - List of the allowed grant types (org.forgerock.oauth2.core.GrantType) for the client.',\n ' * allowedResponseTypes - List of the allowed response types for the client.',\n ' * allowedScopes - List of the allowed scopes for the client.',\n ' * customProperties - A map of the custom properties of the client.',\n ' * Lists or maps will be included as sub-maps; for example:',\n ' * customMap[Key1]=Value1 will be returned as customMap -> Key1 -> Value1.',\n ' * To add custom properties to a client, update the Custom Properties field',\n ' * in AM Console > Realm Name > Applications > OAuth 2.0 > Clients > Client ID > Advanced.',\n ' * identity - AMIdentity (3).',\n ' * Always present, the identity of the resource owner.',\n ' * session - SSOToken (4).',\n \" * Present if the request contains the session cookie, the user's session object.\",\n ' * scriptName - String (primitive).',\n ' * Always present, the display name of the script.',\n ' * logger - Always present, the \"OAuth2Provider\" debug logger instance:',\n ' * https://backstage.forgerock.com/docs/am/7/scripting-guide/scripting-api-global-logger.html#scripting-api-global-logger.',\n ' * Corresponding log files will be prefixed with: scripts.OAUTH2_ACCESS_TOKEN_MODIFICATION.',\n ' * httpClient - HTTP Client (8).',\n ' * Always present, the HTTP Client instance:',\n ' * https://backstage.forgerock.com/docs/am/7/scripting-guide/scripting-api-global-http-client.html#scripting-api-global-http-client.',\n ' *',\n ' * Return - no value is expected, changes shall be made to the accessToken parameter directly.',\n ' *',\n ' * Class reference:',\n ' * (1) AccessToken - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/oauth2/core/AccessToken.html.',\n ' * (3) AMIdentity - https://backstage.forgerock.com/docs/am/7/apidocs/com/sun/identity/idm/AMIdentity.html.',\n ' * (4) SSOToken - https://backstage.forgerock.com/docs/am/7/apidocs/com/iplanet/sso/SSOToken.html.',\n ' * (5) Map - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/HashMap.html,',\n ' * or https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/LinkedHashMap.html.',\n ' * (6) Set - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/HashSet.html.',\n ' * (8) Client - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/http/Client.html.',\n ' */',\n '',\n '/* EXAMPLE',\n '(function () {',\n ' var frJava = JavaImporter(',\n ' org.forgerock.http.protocol.Request,',\n ' org.forgerock.http.protocol.Response',\n ' );',\n '',\n ' // Always includes this field in the token.',\n \" accessToken.setField('key1', 'value1');\",\n '',\n ' // Receives and adds to the access token additional values by performing a REST call to an external service.',\n ' // WARNING: Below, you will find a reference to a third-party site, which is provided only as an example.',\n \" var uri = 'https://jsonplaceholder.typicode.com/posts';\",\n '',\n ' try {',\n ' var request = new frJava.Request();',\n '',\n ' // You can chain methods that return the request object.',\n ' request.setUri(uri)',\n \" .setMethod('POST')\",\n ' .setEntity(JSON.stringify({',\n ' updatedFields: {',\n \" key2: 'value2',\",\n \" key3: 'value3'\",\n ' }',\n ' }));',\n '',\n ' // You can call a method when chaining is not possible.',\n \" request.getHeaders().add('Content-Type', 'application/json; charset=UTF-8');\",\n '',\n ' // Sends the request and receives the response.',\n ' var response = httpClient.send(request).getOrThrow();',\n '',\n ' // Checks if the response status is as expected.',\n ' if (response.getStatus() === org.forgerock.http.protocol.Status.CREATED) {',\n ' var result = JSON.parse(response.getEntity().getString());',\n '',\n ' // Set multiple token fields at once.',\n ' accessToken.setFields(result.updatedFields);',\n ' } else {',\n \" logger.error('Unable to obtain access token modifications. Status: ' + response.getStatus() + '. Content: ' + response.getEntity().getString());\",\n ' }',\n ' } catch (e) {',\n \" logger.error('The request processing was interrupted. ' + e);\",\n '',\n ' // The access token request fails with the HTTP 500 error in this case.',\n \" throw ('Unable to obtain response from: ' + uri);\",\n ' }',\n '',\n ' // Adds new fields containing identity attribute values to the access token.',\n \" accessToken.setField('mail', identity.getAttribute('mail'));\",\n \" accessToken.setField('phone', identity.getAttribute('telephoneNumber').toArray()[0]);\",\n '',\n ' // Adds new fields containing the session property values.',\n ' // NOTE: session may not be available for non-interactive authorization grants.',\n ' if (session) {',\n ' try {',\n \" accessToken.setField('ipAddress', session.getProperty('Host'));\",\n ' } catch (e) {',\n \" logger.error('Unable to retrieve session property value. ' + e);\",\n ' }',\n ' }',\n '',\n ' // Removes a native field from the token entry, that was set by AM.',\n ' // WARNING: removing native fields from the token may result in loss of functionality.',\n ' // accessToken.removeTokenName()',\n '',\n ' // No return value is expected. Let it be undefined.',\n '}());',\n '*/',\n ],\n default: false,\n language: 'JAVASCRIPT',\n context: 'OAUTH2_ACCESS_TOKEN_MODIFICATION',\n createdBy: 'null',\n creationDate: 0,\n lastModifiedBy: 'null',\n lastModifiedDate: 0,\n },\n },\n application: {\n FrodoTestOAuth2Client1: {\n overrideOAuth2ClientConfig: {\n issueRefreshToken: true,\n validateScopePluginType: 'PROVIDER',\n tokenEncryptionEnabled: false,\n evaluateScopePluginType: 'PROVIDER',\n oidcMayActScript: '[Empty]',\n oidcClaimsScript: 'cf3515f0-8278-4ee3-a530-1bad7424c416',\n scopesPolicySet: 'oauth2Scopes',\n accessTokenModificationPluginType: 'SCRIPTED',\n authorizeEndpointDataProviderClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultEndpointDataProvider',\n oidcClaimsPluginType: 'SCRIPTED',\n providerOverridesEnabled: true,\n authorizeEndpointDataProviderScript: '[Empty]',\n statelessTokensEnabled: false,\n authorizeEndpointDataProviderPluginType: 'PROVIDER',\n remoteConsentServiceId: '[Empty]',\n enableRemoteConsent: false,\n validateScopeClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultScopeValidator',\n usePolicyEngineForScope: false,\n evaluateScopeClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultScopeEvaluator',\n overrideableOIDCClaims: [],\n accessTokenMayActScript: '[Empty]',\n evaluateScopeScript: '[Empty]',\n clientsCanSkipConsent: false,\n accessTokenModificationScript: '39c08084-1238-43e8-857f-2e11005eac49',\n issueRefreshTokenOnRefreshedToken: true,\n validateScopeScript: '[Empty]',\n },\n advancedOAuth2ClientConfig: {\n logoUri: {\n inherited: false,\n value: [],\n },\n subjectType: {\n inherited: false,\n value: 'public',\n },\n clientUri: {\n inherited: false,\n value: [],\n },\n tokenExchangeAuthLevel: {\n inherited: false,\n value: 0,\n },\n responseTypes: {\n inherited: false,\n value: ['code', 'token', 'id_token'],\n },\n mixUpMitigation: {\n inherited: false,\n value: false,\n },\n customProperties: {\n inherited: false,\n value: [],\n },\n javascriptOrigins: {\n inherited: false,\n value: [\n 'https://my.application.com',\n 'https://my.application.com:443',\n ],\n },\n policyUri: {\n inherited: false,\n value: [],\n },\n softwareVersion: {\n inherited: false,\n },\n tosURI: {\n inherited: false,\n value: [],\n },\n sectorIdentifierUri: {\n inherited: false,\n },\n tokenEndpointAuthMethod: {\n inherited: false,\n value: 'client_secret_basic',\n },\n refreshTokenGracePeriod: {\n inherited: false,\n value: 0,\n },\n isConsentImplied: {\n inherited: false,\n value: true,\n },\n softwareIdentity: {\n inherited: false,\n },\n grantTypes: {\n inherited: false,\n value: [\n 'authorization_code',\n 'client_credentials',\n 'refresh_token',\n ],\n },\n require_pushed_authorization_requests: {\n inherited: false,\n value: false,\n },\n descriptions: {\n inherited: false,\n value: [],\n },\n requestUris: {\n inherited: false,\n value: [],\n },\n name: {\n inherited: false,\n value: [],\n },\n contacts: {\n inherited: false,\n value: [],\n },\n updateAccessToken: {\n inherited: false,\n },\n },\n signEncOAuth2ClientConfig: {\n tokenEndpointAuthSigningAlgorithm: {\n inherited: false,\n value: 'RS256',\n },\n idTokenEncryptionEnabled: {\n inherited: false,\n value: false,\n },\n tokenIntrospectionEncryptedResponseEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n requestParameterSignedAlg: {\n inherited: false,\n },\n authorizationResponseSigningAlgorithm: {\n inherited: false,\n value: 'RS256',\n },\n clientJwtPublicKey: {\n inherited: false,\n },\n idTokenPublicEncryptionKey: {\n inherited: false,\n },\n mTLSSubjectDN: {\n inherited: false,\n },\n jwkStoreCacheMissCacheTime: {\n inherited: false,\n value: 60000,\n },\n jwkSet: {\n inherited: false,\n },\n idTokenEncryptionMethod: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n jwksUri: {\n inherited: false,\n },\n tokenIntrospectionEncryptedResponseAlg: {\n inherited: false,\n value: 'RSA-OAEP-256',\n },\n authorizationResponseEncryptionMethod: {\n inherited: false,\n },\n userinfoResponseFormat: {\n inherited: false,\n value: 'JSON',\n },\n mTLSCertificateBoundAccessTokens: {\n inherited: false,\n value: false,\n },\n publicKeyLocation: {\n inherited: false,\n value: 'jwks_uri',\n },\n tokenIntrospectionResponseFormat: {\n inherited: false,\n value: 'JSON',\n },\n requestParameterEncryptedEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n userinfoSignedResponseAlg: {\n inherited: false,\n },\n idTokenEncryptionAlgorithm: {\n inherited: false,\n value: 'RSA-OAEP-256',\n },\n requestParameterEncryptedAlg: {\n inherited: false,\n },\n authorizationResponseEncryptionAlgorithm: {\n inherited: false,\n },\n mTLSTrustedCert: {\n inherited: false,\n },\n jwksCacheTimeout: {\n inherited: false,\n value: 3600000,\n },\n userinfoEncryptedResponseAlg: {\n inherited: false,\n },\n idTokenSignedResponseAlg: {\n inherited: false,\n value: 'RS256',\n },\n tokenIntrospectionSignedResponseAlg: {\n inherited: false,\n value: 'RS256',\n },\n userinfoEncryptedResponseEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n },\n coreOpenIDClientConfig: {\n claims: {\n inherited: false,\n value: [],\n },\n backchannel_logout_uri: {\n inherited: false,\n },\n defaultAcrValues: {\n inherited: false,\n value: [],\n },\n jwtTokenLifetime: {\n inherited: false,\n value: 3600,\n },\n defaultMaxAgeEnabled: {\n inherited: false,\n value: false,\n },\n clientSessionUri: {\n inherited: false,\n },\n defaultMaxAge: {\n inherited: false,\n value: 600,\n },\n postLogoutRedirectUri: {\n inherited: false,\n value: [],\n },\n backchannel_logout_session_required: {\n inherited: false,\n value: false,\n },\n },\n coreOAuth2ClientConfig: {\n userpassword: null,\n status: {\n inherited: false,\n value: 'Active',\n },\n clientName: {\n inherited: false,\n value: [],\n },\n clientType: {\n inherited: false,\n value: 'Confidential',\n },\n loopbackInterfaceRedirection: {\n inherited: false,\n value: false,\n },\n defaultScopes: {\n inherited: false,\n value: [],\n },\n refreshTokenLifetime: {\n inherited: false,\n value: 604800,\n },\n scopes: {\n inherited: false,\n value: ['openid', 'profile', 'email'],\n },\n accessTokenLifetime: {\n inherited: false,\n value: 3600,\n },\n redirectionUris: {\n inherited: false,\n value: ['https://my.application.com/callback'],\n },\n authorizationCodeLifetime: {\n inherited: false,\n value: 120,\n },\n },\n coreUmaClientConfig: {\n claimsRedirectionUris: {\n inherited: false,\n value: [],\n },\n },\n _type: {\n _id: 'OAuth2Client',\n name: 'OAuth2 Clients',\n collection: true,\n },\n _provider: {\n _id: '',\n _rev: '745152125',\n advancedOIDCConfig: {\n supportedRequestParameterEncryptionEnc: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n authorisedOpenIdConnectSSOClients: [],\n supportedUserInfoEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'RSA-OAEP',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n supportedAuthorizationResponseEncryptionEnc: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n supportedTokenIntrospectionResponseEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'RSA-OAEP',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n useForceAuthnForPromptLogin: false,\n alwaysAddClaimsToToken: true,\n supportedTokenIntrospectionResponseSigningAlgorithms: [\n 'PS384',\n 'RS384',\n 'EdDSA',\n 'ES384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedTokenEndpointAuthenticationSigningAlgorithms: [\n 'PS384',\n 'ES384',\n 'RS384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedRequestParameterSigningAlgorithms: [\n 'PS384',\n 'ES384',\n 'RS384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n includeAllKtyAlgCombinationsInJwksUri: false,\n amrMappings: {},\n loaMapping: {},\n authorisedIdmDelegationClients: [],\n idTokenInfoClientAuthenticationEnabled: true,\n storeOpsTokens: true,\n supportedUserInfoSigningAlgorithms: [\n 'ES384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n ],\n supportedAuthorizationResponseSigningAlgorithms: [\n 'PS384',\n 'RS384',\n 'EdDSA',\n 'ES384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedUserInfoEncryptionEnc: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n claimsParameterSupported: false,\n supportedTokenIntrospectionResponseEncryptionEnc: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n supportedAuthorizationResponseEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'RSA-OAEP',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n supportedRequestParameterEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n defaultACR: [],\n },\n advancedOAuth2Config: {\n passwordGrantAuthService: 'PasswordGrant',\n tokenCompressionEnabled: false,\n tokenEncryptionEnabled: false,\n requirePushedAuthorizationRequests: false,\n tlsCertificateBoundAccessTokensEnabled: true,\n defaultScopes: ['address', 'phone', 'openid', 'profile', 'email'],\n moduleMessageEnabledInPasswordGrant: false,\n supportedSubjectTypes: ['public', 'pairwise'],\n refreshTokenGracePeriod: 0,\n tlsClientCertificateHeaderFormat: 'URLENCODED_PEM',\n hashSalt: 'qAWV0MFSQpC/f1GPbZAZnMRksak=',\n macaroonTokenFormat: 'V2',\n maxAgeOfRequestObjectNbfClaim: 0,\n tlsCertificateRevocationCheckingEnabled: false,\n nbfClaimRequiredInRequestObject: false,\n requestObjectProcessing: 'OIDC',\n maxDifferenceBetweenRequestObjectNbfAndExp: 0,\n responseTypeClasses: [\n 'code|org.forgerock.oauth2.core.AuthorizationCodeResponseTypeHandler',\n 'device_code|org.forgerock.oauth2.core.TokenResponseTypeHandler',\n 'token|org.forgerock.oauth2.core.TokenResponseTypeHandler',\n 'id_token|org.forgerock.openidconnect.IdTokenResponseTypeHandler',\n ],\n expClaimRequiredInRequestObject: false,\n tokenValidatorClasses: [\n 'urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.idtoken.OidcIdTokenValidator',\n 'urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.OAuth2AccessTokenValidator',\n ],\n tokenSigningAlgorithm: 'HS256',\n codeVerifierEnforced: 'false',\n displayNameAttribute: 'cn',\n tokenExchangeClasses: [\n 'urn:ietf:params:oauth:token-type:access_token=>urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.AccessTokenToAccessTokenExchanger',\n 'urn:ietf:params:oauth:token-type:id_token=>urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.idtoken.IdTokenToIdTokenExchanger',\n 'urn:ietf:params:oauth:token-type:access_token=>urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.AccessTokenToIdTokenExchanger',\n 'urn:ietf:params:oauth:token-type:id_token=>urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.idtoken.IdTokenToAccessTokenExchanger',\n ],\n parRequestUriLifetime: 90,\n allowedAudienceValues: [],\n persistentClaims: [],\n supportedScopes: [\n 'email|Your email address',\n 'openid|',\n 'address|Your postal address',\n 'phone|Your telephone number(s)',\n 'profile|Your personal information',\n 'fr:idm:*',\n 'am-introspect-all-tokens',\n ],\n authenticationAttributes: ['uid'],\n grantTypes: [\n 'implicit',\n 'urn:ietf:params:oauth:grant-type:saml2-bearer',\n 'refresh_token',\n 'password',\n 'client_credentials',\n 'urn:ietf:params:oauth:grant-type:device_code',\n 'authorization_code',\n 'urn:openid:params:grant-type:ciba',\n 'urn:ietf:params:oauth:grant-type:uma-ticket',\n 'urn:ietf:params:oauth:grant-type:jwt-bearer',\n ],\n },\n clientDynamicRegistrationConfig: {\n dynamicClientRegistrationScope: 'dynamic_client_registration',\n allowDynamicRegistration: false,\n requiredSoftwareStatementAttestedAttributes: ['redirect_uris'],\n dynamicClientRegistrationSoftwareStatementRequired: false,\n generateRegistrationAccessTokens: true,\n },\n coreOIDCConfig: {\n overrideableOIDCClaims: [],\n oidcDiscoveryEndpointEnabled: true,\n supportedIDTokenEncryptionMethods: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n supportedClaims: [],\n supportedIDTokenSigningAlgorithms: [\n 'PS384',\n 'ES384',\n 'RS384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedIDTokenEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'RSA-OAEP',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n jwtTokenLifetime: 3600,\n },\n coreOAuth2Config: {\n refreshTokenLifetime: 604800,\n scopesPolicySet: 'oauth2Scopes',\n accessTokenMayActScript: '[Empty]',\n accessTokenLifetime: 3600,\n macaroonTokensEnabled: false,\n codeLifetime: 120,\n statelessTokensEnabled: true,\n usePolicyEngineForScope: false,\n issueRefreshToken: true,\n oidcMayActScript: '[Empty]',\n issueRefreshTokenOnRefreshedToken: true,\n },\n consent: {\n supportedRcsRequestSigningAlgorithms: [\n 'PS384',\n 'ES384',\n 'RS384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedRcsResponseEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n supportedRcsRequestEncryptionMethods: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n enableRemoteConsent: false,\n supportedRcsRequestEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'RSA-OAEP',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n clientsCanSkipConsent: true,\n supportedRcsResponseSigningAlgorithms: [\n 'PS384',\n 'ES384',\n 'RS384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedRcsResponseEncryptionMethods: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n },\n deviceCodeConfig: {\n deviceUserCodeLength: 8,\n deviceCodeLifetime: 300,\n deviceUserCodeCharacterSet:\n '234567ACDEFGHJKLMNPQRSTWXYZabcdefhijkmnopqrstwxyz',\n devicePollInterval: 5,\n },\n pluginsConfig: {\n evaluateScopeClass:\n 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n validateScopeScript: '[Empty]',\n accessTokenEnricherClass:\n 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n oidcClaimsPluginType: 'SCRIPTED',\n authorizeEndpointDataProviderClass:\n 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n authorizeEndpointDataProviderPluginType: 'JAVA',\n userCodeGeneratorClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultUserCodeGenerator',\n evaluateScopeScript: '[Empty]',\n oidcClaimsClass: 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n evaluateScopePluginType: 'JAVA',\n authorizeEndpointDataProviderScript: '[Empty]',\n accessTokenModifierClass:\n 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n accessTokenModificationScript:\n '39c08084-1238-43e8-857f-2e11005eac49',\n validateScopePluginType: 'JAVA',\n accessTokenModificationPluginType: 'SCRIPTED',\n oidcClaimsScript: 'cf3515f0-8278-4ee3-a530-1bad7424c416',\n validateScopeClass:\n 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n },\n cibaConfig: {\n cibaMinimumPollingInterval: 2,\n supportedCibaSigningAlgorithms: ['ES256', 'PS256'],\n cibaAuthReqIdLifetime: 600,\n },\n _type: {\n _id: 'oauth-oidc',\n name: 'OAuth2 Provider',\n collection: false,\n },\n },\n },\n },\n };\n const client1 = {\n id: 'FrodoTestOAuth2Client1',\n data: cloneDeep(rawClientTemplate),\n };\n const client2 = {\n id: 'FrodoTestOAuth2Client2',\n data: cloneDeep(rawClientTemplate),\n };\n const client3 = {\n id: 'FrodoTestOAuth2Client3',\n data: cloneDeep(rawClientTemplate),\n };\n const client4 = {\n id: 'FrodoTestOAuth2Client4',\n data: {},\n };\n const client5 = {\n id: 'FrodoTestOAuth2Client5',\n data: {},\n };\n const client6 = {\n id: 'FrodoTestOAuth2Client6',\n data: {},\n };\n const client7 = {\n id: 'FrodoTestOAuth2Client7',\n data: {},\n };\n const client8 = {\n id: 'FrodoTestOAuth2Client8',\n data: {},\n };\n const client9 = {\n id: 'FrodoTestOAuth2Client9',\n data: {},\n };\n const client10 = {\n id: 'FrodoTestOAuth2Client10',\n data: {},\n };\n const client11 = {\n id: 'FrodoTestOAuth2Client11',\n data: {},\n };\n const client12 = {\n id: 'FrodoTestOAuth2Client12',\n data: {},\n };\n const client13 = {\n id: 'FrodoTestOAuth2Client13',\n data: {},\n };\n const import1: {\n id: string;\n data: object;\n } = {\n id: 'FrodoTestOAuth2Client4',\n data: applyOAuth2ClientImportTemplate(depsClientImportTemplate, [\n 'FrodoTestOAuth2Client4',\n ]),\n };\n const import2: {\n id: string;\n data: object;\n } = {\n id: 'FrodoTestOAuth2Client5',\n data: applyOAuth2ClientImportTemplate(depsClientImportTemplate, [\n 'FrodoTestOAuth2Client5',\n ]),\n };\n const importData1 = applyOAuth2ClientImportTemplate(\n depsClientImportTemplate,\n ['FrodoTestOAuth2Client6', 'FrodoTestOAuth2Client7']\n );\n const importData2 = applyOAuth2ClientImportTemplate(\n depsClientImportTemplate,\n ['FrodoTestOAuth2Client8', 'FrodoTestOAuth2Client9']\n );\n const importData3 = applyOAuth2ClientImportTemplate(\n depsClientImportTemplate,\n ['FrodoTestOAuth2Client10', 'FrodoTestOAuth2Client11']\n );\n const importData4 = applyOAuth2ClientImportTemplate(\n depsClientImportTemplate,\n ['FrodoTestOAuth2Client12', 'FrodoTestOAuth2Client13']\n );\n // in recording mode, setup test data before recording\n beforeAll(async () => {\n if (process.env.FRODO_POLLY_MODE === 'record') {\n await stageOAuth2Client(client1);\n await stageOAuth2Client(client2);\n await stageOAuth2Client(client3, false);\n }\n });\n // in recording mode, remove test data after recording\n afterAll(async () => {\n if (process.env.FRODO_POLLY_MODE === 'record') {\n await stageOAuth2Client(client1, false);\n await stageOAuth2Client(client2, false);\n await stageOAuth2Client(client3, false);\n await stageOAuth2Client(client4, false);\n await stageOAuth2Client(client5, false);\n await stageOAuth2Client(client6, false);\n await stageOAuth2Client(client7, false);\n await stageOAuth2Client(client8, false);\n await stageOAuth2Client(client9, false);\n await stageOAuth2Client(client10, false);\n await stageOAuth2Client(client11, false);\n await stageOAuth2Client(client12, false);\n await stageOAuth2Client(client13, false);\n }\n });\n\n describe('exportOAuth2Client()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2Client.exportOAuth2Client).toBeDefined();\n });\n\n test(`1: Export oauth2 client ${client1.id}`, async () => {\n const response = await OAuth2Client.exportOAuth2Client(client1.id);\n expect(response).toMatchSnapshot({\n meta: expect.any(Object),\n });\n });\n });\n\n describe('exportOAuth2Clients()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2Client.exportOAuth2Clients).toBeDefined();\n });\n\n test('1: Export all oauth2 clients', async () => {\n const response = await OAuth2Client.exportOAuth2Clients();\n expect(response).toMatchSnapshot({\n meta: expect.any(Object),\n });\n });\n });\n\n describe('getOAuth2Clients()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2Client.getOAuth2Clients).toBeDefined();\n });\n\n test(`1: Get oauth2 clients`, async () => {\n const response = await OAuth2Client.getOAuth2Clients();\n expect(response).toMatchSnapshot();\n });\n });\n\n describe('getOAuth2Client()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2Client.getOAuth2Client).toBeDefined();\n });\n\n test(`1: Get oauth2 client ${client1.id}`, async () => {\n const response = await OAuth2Client.getOAuth2Client(client1.id);\n expect(response).toMatchSnapshot();\n });\n });\n\n describe('putOAuth2Client()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2Client.putOAuth2Client).toBeDefined();\n });\n\n test(`1: Put oauth2 client ${client3.id}`, async () => {\n const response = await OAuth2Client.putOAuth2Client(\n client3.id,\n client3.data\n );\n expect(response).toMatchSnapshot();\n });\n });\n\n describe('importOAuth2Client()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2Client.importOAuth2Client).toBeDefined();\n });\n\n test(`1: Import oauth2 client ${import1.id} w/ dependencies`, async () => {\n expect.assertions(1);\n const response = await OAuth2Client.importOAuth2Client(\n import1.id,\n import1.data as OAuth2Client.OAuth2ClientExportInterface,\n { deps: true }\n );\n expect(response).toMatchSnapshot();\n });\n\n test(`2: Import oauth2 client ${import2.id} w/o dependencies`, async () => {\n expect.assertions(1);\n const response = await OAuth2Client.importOAuth2Client(\n import2.id,\n import2.data as OAuth2Client.OAuth2ClientExportInterface,\n { deps: false }\n );\n expect(response).toMatchSnapshot();\n });\n });\n\n describe('importFirstOAuth2Client()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2Client.importFirstOAuth2Client).toBeDefined();\n });\n\n test(`1: Import first oauth2 client w/ dependencies`, async () => {\n expect.assertions(1);\n const outcome = await OAuth2Client.importFirstOAuth2Client(\n importData1 as OAuth2Client.OAuth2ClientExportInterface,\n { deps: true }\n );\n expect(outcome).toMatchSnapshot();\n });\n\n test(`2: Import first oauth2 client w/o dependencies`, async () => {\n expect.assertions(1);\n const outcome = await OAuth2Client.importFirstOAuth2Client(\n importData2 as OAuth2Client.OAuth2ClientExportInterface,\n { deps: false }\n );\n expect(outcome).toMatchSnapshot();\n });\n });\n\n describe('importOAuth2Clients()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2Client.importOAuth2Clients).toBeDefined();\n });\n });\n\n test(`1: Import all oauth2 clients w/ dependencies`, async () => {\n expect.assertions(1);\n const outcome = await OAuth2Client.importOAuth2Clients(\n importData3 as OAuth2Client.OAuth2ClientExportInterface,\n { deps: true }\n );\n expect(outcome).toMatchSnapshot();\n });\n\n test(`1: Import all oauth2 clients w/o dependencies`, async () => {\n expect.assertions(1);\n const outcome = await OAuth2Client.importOAuth2Clients(\n importData4 as OAuth2Client.OAuth2ClientExportInterface,\n { deps: false }\n );\n expect(outcome).toMatchSnapshot();\n });\n});\n"],"mappings":";;AA+BA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,eAAA,GAAAD,OAAA;AACA,IAAAE,SAAA,GAAAF,OAAA;AAA6C,SAAAG,mBAAAC,GAAA,EAAAC,OAAA,EAAAC,MAAA,EAAAC,KAAA,EAAAC,MAAA,EAAAC,GAAA,EAAAC,GAAA,cAAAC,IAAA,GAAAP,GAAA,CAAAK,GAAA,EAAAC,GAAA,OAAAE,KAAA,GAAAD,IAAA,CAAAC,KAAA,WAAAC,KAAA,IAAAP,MAAA,CAAAO,KAAA,iBAAAF,IAAA,CAAAG,IAAA,IAAAT,OAAA,CAAAO,KAAA,YAAAG,OAAA,CAAAV,OAAA,CAAAO,KAAA,EAAAI,IAAA,CAAAT,KAAA,EAAAC,MAAA;AAAA,SAAAS,kBAAAC,EAAA,6BAAAC,IAAA,SAAAC,IAAA,GAAAC,SAAA,aAAAN,OAAA,WAAAV,OAAA,EAAAC,MAAA,QAAAF,GAAA,GAAAc,EAAA,CAAAI,KAAA,CAAAH,IAAA,EAAAC,IAAA,YAAAb,MAAAK,KAAA,IAAAT,kBAAA,CAAAC,GAAA,EAAAC,OAAA,EAAAC,MAAA,EAAAC,KAAA,EAAAC,MAAA,UAAAI,KAAA,cAAAJ,OAAAe,GAAA,IAAApB,kBAAA,CAAAC,GAAA,EAAAC,OAAA,EAAAC,MAAA,EAAAC,KAAA,EAAAC,MAAA,WAAAe,GAAA,KAAAhB,KAAA,CAAAiB,SAAA,YAjC7C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAKA,IAAAC,8BAAc,EAAC,CAAC;AAAC,SAEFC,iBAAiBA,CAAAC,EAAA;EAAA,OAAAC,kBAAA,CAAAN,KAAA,OAAAD,SAAA;AAAA;AAAA,SAAAO,mBAAA;EAAAA,kBAAA,GAAAX,iBAAA,CAAhC,WACEY,MAAoC,EAEpC;IAAA,IADAC,MAAM,GAAAT,SAAA,CAAAU,MAAA,QAAAV,SAAA,QAAAG,SAAA,GAAAH,SAAA,MAAG,IAAI;IAEb;IACA,IAAI;MACF,MAAMW,mBAAY,CAACC,eAAe,CAACJ,MAAM,CAACK,EAAE,CAAC;MAC7C,MAAMF,mBAAY,CAACG,kBAAkB,CAACN,MAAM,CAACK,EAAE,CAAC;IAClD,CAAC,CAAC,OAAOrB,KAAK,EAAE;MACd;IAAA,CACD,SAAS;MACR,IAAIiB,MAAM,EAAE;QACV,MAAME,mBAAY,CAACI,eAAe,CAACP,MAAM,CAACK,EAAE,EAAEL,MAAM,CAACQ,IAAI,CAAC;MAC5D;IACF;EACF,CAAC;EAAA,OAAAT,kBAAA,CAAAN,KAAA,OAAAD,SAAA;AAAA;AAED,SAASiB,+BAA+BA,CAACC,QAAQ,EAAEC,GAAa,EAAE;EAChE,IAAMC,UAAoD,GACxD,IAAAC,mBAAS,EAACH,QAAQ,CAAC;EACrB,IAAM9B,GAAG,GAAG,IAAAiC,mBAAS,EAACC,MAAM,CAACC,IAAI,CAACH,UAAU,CAACI,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;EAC7D,IAAMC,UAAU,GAAGL,UAAU,CAACI,WAAW,CAACpC,GAAG,CAAC;EAC9C,KAAK,IAAMA,IAAG,IAAIkC,MAAM,CAACC,IAAI,CAACH,UAAU,CAACI,WAAW,CAAC,EAAE;IACrD,OAAOJ,UAAU,CAACI,WAAW,CAACpC,IAAG,CAAC;EACpC;EACA,KAAK,IAAMyB,EAAE,IAAIM,GAAG,EAAE;IACpBC,UAAU,CAACI,WAAW,CAACX,EAAE,CAAC,GAAG,IAAAQ,mBAAS,EAACI,UAAU,CAAC;EACpD;EACAC,OAAO,CAACC,GAAG,mBAAAC,MAAA,CAAmBT,GAAG,CAAE,CAAC;EACpCO,OAAO,CAACG,GAAG,CAACT,UAAU,CAAC;EACvB,OAAOA,UAAU;AACnB;AAEAU,QAAQ,CAAC,iBAAiB,EAAE,MAAM;EAChC,IAAMC,iBAAiB,GAAG;IACxBC,0BAA0B,EAAE;MAC1BC,iBAAiB,EAAE,IAAI;MACvBC,uBAAuB,EAAE,UAAU;MACnCC,sBAAsB,EAAE,KAAK;MAC7BC,uBAAuB,EAAE,UAAU;MACnCC,gBAAgB,EAAE,SAAS;MAC3BC,gBAAgB,EAAE,SAAS;MAC3BC,eAAe,EAAE,cAAc;MAC/BC,iCAAiC,EAAE,UAAU;MAC7CC,kCAAkC,EAChC,wEAAwE;MAC1EC,oBAAoB,EAAE,UAAU;MAChCC,wBAAwB,EAAE,KAAK;MAC/BC,mCAAmC,EAAE,SAAS;MAC9CC,sBAAsB,EAAE,KAAK;MAC7BC,uCAAuC,EAAE,UAAU;MACnDC,sBAAsB,EAAE,IAAI;MAC5BC,mBAAmB,EAAE,KAAK;MAC1BC,kBAAkB,EAChB,kEAAkE;MACpEC,uBAAuB,EAAE,KAAK;MAC9BC,kBAAkB,EAChB,kEAAkE;MACpEC,sBAAsB,EAAE,EAAE;MAC1BC,uBAAuB,EAAE,SAAS;MAClCC,mBAAmB,EAAE,SAAS;MAC9BC,qBAAqB,EAAE,KAAK;MAC5BC,6BAA6B,EAAE,SAAS;MACxCC,iCAAiC,EAAE,IAAI;MACvCC,mBAAmB,EAAE;IACvB,CAAC;IACDC,0BAA0B,EAAE;MAC1BC,OAAO,EAAE;QACPC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDuE,WAAW,EAAE;QACXD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDwE,SAAS,EAAE;QACTF,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDyE,sBAAsB,EAAE;QACtBH,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD0E,aAAa,EAAE;QACbJ,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,UAAU;MACrC,CAAC;MACD2E,eAAe,EAAE;QACfL,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD4E,gBAAgB,EAAE;QAChBN,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD6E,iBAAiB,EAAE;QACjBP,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD8E,SAAS,EAAE;QACTR,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD+E,eAAe,EAAE;QACfT,SAAS,EAAE;MACb,CAAC;MACDU,MAAM,EAAE;QACNV,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDiF,mBAAmB,EAAE;QACnBX,SAAS,EAAE;MACb,CAAC;MACDY,uBAAuB,EAAE;QACvBZ,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDmF,uBAAuB,EAAE;QACvBb,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDoF,gBAAgB,EAAE;QAChBd,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDqF,gBAAgB,EAAE;QAChBf,SAAS,EAAE;MACb,CAAC;MACDgB,UAAU,EAAE;QACVhB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE,CAAC,oBAAoB,EAAE,eAAe;MAC/C,CAAC;MACDuF,qCAAqC,EAAE;QACrCjB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDwF,YAAY,EAAE;QACZlB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDyF,WAAW,EAAE;QACXnB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD0F,IAAI,EAAE;QACJpB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD2F,QAAQ,EAAE;QACRrB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD4F,iBAAiB,EAAE;QACjBtB,SAAS,EAAE;MACb;IACF,CAAC;IACDuB,yBAAyB,EAAE;MACzBC,iCAAiC,EAAE;QACjCxB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD+F,wBAAwB,EAAE;QACxBzB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDgG,sDAAsD,EAAE;QACtD1B,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDiG,yBAAyB,EAAE;QACzB3B,SAAS,EAAE;MACb,CAAC;MACD4B,qCAAqC,EAAE;QACrC5B,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDmG,kBAAkB,EAAE;QAClB7B,SAAS,EAAE;MACb,CAAC;MACD8B,0BAA0B,EAAE;QAC1B9B,SAAS,EAAE;MACb,CAAC;MACD+B,aAAa,EAAE;QACb/B,SAAS,EAAE;MACb,CAAC;MACDgC,0BAA0B,EAAE;QAC1BhC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDuG,MAAM,EAAE;QACNjC,SAAS,EAAE;MACb,CAAC;MACDkC,uBAAuB,EAAE;QACvBlC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDyG,OAAO,EAAE;QACPnC,SAAS,EAAE;MACb,CAAC;MACDoC,sCAAsC,EAAE;QACtCpC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD2G,qCAAqC,EAAE;QACrCrC,SAAS,EAAE;MACb,CAAC;MACDsC,sBAAsB,EAAE;QACtBtC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD6G,gCAAgC,EAAE;QAChCvC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD8G,iBAAiB,EAAE;QACjBxC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD+G,gCAAgC,EAAE;QAChCzC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDgH,4CAA4C,EAAE;QAC5C1C,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDiH,yBAAyB,EAAE;QACzB3C,SAAS,EAAE;MACb,CAAC;MACD4C,0BAA0B,EAAE;QAC1B5C,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDmH,4BAA4B,EAAE;QAC5B7C,SAAS,EAAE;MACb,CAAC;MACD8C,wCAAwC,EAAE;QACxC9C,SAAS,EAAE;MACb,CAAC;MACD+C,eAAe,EAAE;QACf/C,SAAS,EAAE;MACb,CAAC;MACDgD,gBAAgB,EAAE;QAChBhD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDuH,4BAA4B,EAAE;QAC5BjD,SAAS,EAAE;MACb,CAAC;MACDkD,wBAAwB,EAAE;QACxBlD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDyH,mCAAmC,EAAE;QACnCnD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD0H,4CAA4C,EAAE;QAC5CpD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT;IACF,CAAC;IACD2H,sBAAsB,EAAE;MACtBC,MAAM,EAAE;QACNtD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD6H,sBAAsB,EAAE;QACtBvD,SAAS,EAAE;MACb,CAAC;MACDwD,gBAAgB,EAAE;QAChBxD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD+H,gBAAgB,EAAE;QAChBzD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDgI,oBAAoB,EAAE;QACpB1D,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDiI,gBAAgB,EAAE;QAChB3D,SAAS,EAAE;MACb,CAAC;MACD4D,aAAa,EAAE;QACb5D,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDmI,qBAAqB,EAAE;QACrB7D,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDoI,mCAAmC,EAAE;QACnC9D,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT;IACF,CAAC;IACDqI,sBAAsB,EAAE;MACtBC,MAAM,EAAE;QACNhE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDuI,UAAU,EAAE;QACVjE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDwI,UAAU,EAAE;QACVlE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDyI,4BAA4B,EAAE;QAC5BnE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD0I,aAAa,EAAE;QACbpE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD2I,oBAAoB,EAAE;QACpBrE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD4I,MAAM,EAAE;QACNtE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE,CAAC,QAAQ;MAClB,CAAC;MACD6I,mBAAmB,EAAE;QACnBvE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD8I,eAAe,EAAE;QACfxE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD+I,yBAAyB,EAAE;QACzBzE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT;IACF,CAAC;IACDgJ,mBAAmB,EAAE;MACnBC,qBAAqB,EAAE;QACrB3E,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT;IACF;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;EACF,CAAC;;EACD,IAAMkJ,wBAAwB,GAAG;IAC/BC,IAAI,EAAE;MACJC,MAAM,EAAE,6CAA6C;MACrDC,eAAe,EAAE,OAAO;MACxBC,UAAU,EAAE,+BAA+B;MAC3CC,UAAU,EAAE,0BAA0B;MACtCC,UAAU,EAAE,OAAO;MACnBC,iBAAiB,EAAE;IACrB,CAAC;IACDC,MAAM,EAAE;MACN,sCAAsC,EAAE;QACtCC,GAAG,EAAE,sCAAsC;QAC3CjE,IAAI,EAAE,0BAA0B;QAChCkE,WAAW,EAAE,4CAA4C;QACzDF,MAAM,EAAE,CACN,IAAI,EACJ,0DAA0D,EAC1D,IAAI,EACJ,8EAA8E,EAC9E,wEAAwE,EACxE,2DAA2D,EAC3D,KAAK,EACL,EAAE,EACF,IAAI,EACJ,6FAA6F,EAC7F,uCAAuC,EACvC,kDAAkD,EAClD,qDAAqD,EACrD,qEAAqE,EACrE,IAAI,EACJ,4DAA4D,EAC5D,4CAA4C,EAC5C,gFAAgF,EAChF,IAAI,EACJ,6DAA6D,EAC7D,8BAA8B,EAC9B,mDAAmD,EACnD,sCAAsC,EACtC,6DAA6D,EAC7D,uCAAuC,EACvC,uEAAuE,EACvE,oDAAoD,EACpD,wHAAwH,EACxH,qHAAqH,EACrH,oHAAoH,EACpH,mHAAmH,EACnH,+CAA+C,EAC/C,iEAAiE,EACjE,uGAAuG,EACvG,iHAAiH,EACjH,sCAAsC,EACtC,oEAAoE,EACpE,4IAA4I,EAC5I,8CAA8C,EAC9C,8EAA8E,EAC9E,sDAAsD,EACtD,uEAAuE,EACvE,wFAAwF,EACxF,wFAAwF,EACxF,0HAA0H,EAC1H,kHAAkH,EAClH,6CAA6C,EAC7C,2HAA2H,EAC3H,2EAA2E,EAC3E,iIAAiI,EACjI,iGAAiG,EACjG,kFAAkF,EAClF,wFAAwF,EACxF,mGAAmG,EACnG,kHAAkH,EAClH,mHAAmH,EACnH,kIAAkI,EAClI,+BAA+B,EAC/B,mEAAmE,EACnE,4BAA4B,EAC5B,6FAA6F,EAC7F,qCAAqC,EACrC,iEAAiE,EACjE,yEAAyE,EACzE,qIAAqI,EACrI,6EAA6E,EAC7E,kCAAkC,EAClC,2DAA2D,EAC3D,mJAAmJ,EACnJ,iEAAiE,EACjE,4CAA4C,EAC5C,gDAAgD,EAChD,4DAA4D,EAC5D,qGAAqG,EACrG,uGAAuG,EACvG,IAAI,EACJ,qHAAqH,EACrH,uFAAuF,EACvF,sHAAsH,EACtH,kHAAkH,EAClH,sFAAsF,EACtF,yDAAyD,EACzD,IAAI,EACJ,qBAAqB,EACrB,0HAA0H,EAC1H,2GAA2G,EAC3G,mFAAmF,EACnF,0FAA0F,EAC1F,6GAA6G,EAC7G,oGAAoG,EACpG,mGAAmG,EACnG,4GAA4G,EAC5G,mGAAmG,EACnG,sGAAsG,EACtG,mGAAmG,EACnG,IAAI,EACJ,EAAE,EACF,gBAAgB,EAChB,cAAc,EACd,EAAE,EACF,SAAS,EACT,oCAAoC,EACpC,0EAA0E,EAC1E,6DAA6D,EAC7D,SAAS,EACT,6BAA6B,EAC7B,EAAE,EACF,wCAAwC,EACxC,EAAE,EACF,SAAS,EACT,0FAA0F,EAC1F,QAAQ,EACR,0EAA0E,EAC1E,qEAAqE,EACrE,4FAA4F,EAC5F,uFAAuF,EACvF,wGAAwG,EACxG,QAAQ,EACR,iGAAiG,EACjG,QAAQ,EACR,sBAAsB,EACtB,6DAA6D,EAC7D,SAAS,EACT,+BAA+B,EAC/B,oBAAoB,EACpB,qBAAqB,EACrB,4BAA4B,EAC5B,2BAA2B,EAC3B,yBAAyB,EACzB,sBAAsB,EACtB,YAAY,EACZ,2BAA2B,EAC3B,+BAA+B,EAC/B,iCAAiC,EACjC,SAAS,EACT,EAAE,EACF,SAAS,EACT,mCAAmC,EACnC,2CAA2C,EAC3C,kDAAkD,EAClD,yDAAyD,EACzD,wEAAwE,EACxE,QAAQ,EACR,0EAA0E,EAC1E,iEAAiE,EACjE,qFAAqF,EACrF,QAAQ,EACR,iFAAiF,EACjF,mFAAmF,EACnF,8GAA8G,EAC9G,wCAAwC,EACxC,QAAQ,EACR,wDAAwD,EACxD,sCAAsC,EACtC,4DAA4D,EAC5D,QAAQ,EACR,qDAAqD,EACrD,uCAAuC,EACvC,iDAAiD,EACjD,4CAA4C,EAC5C,mDAAmD,EACnD,0GAA0G,EAC1G,QAAQ,EACR,iGAAiG,EACjG,uFAAuF,EACvF,yFAAyF,EACzF,kFAAkF,EAClF,4GAA4G,EAC5G,QAAQ,EACR,sBAAsB,EACtB,+EAA+E,EAC/E,0EAA0E,EAC1E,kGAAkG,EAClG,SAAS,EACT,+BAA+B,EAC/B,YAAY,EACZ,uFAAuF,EACvF,kDAAkD,EAClD,wDAAwD,EACxD,6GAA6G,EAC7G,0FAA0F,EAC1F,EAAE,EACF,mHAAmH,EACnH,6BAA6B,EAC7B,yCAAyC,EACzC,2CAA2C,EAC3C,2CAA2C,EAC3C,6CAA6C,EAC7C,EAAE,EACF,+BAA+B,EAC/B,YAAY,EACZ,YAAY,EACZ,aAAa,EACb,mEAAmE,EACnE,2EAA2E,EAC3E,kFAAkF,EAClF,aAAa,EACb,wDAAwD,EACxD,+DAA+D,EAC/D,qEAAqE,EACrE,2EAA2E,EAC3E,uEAAuE,EACvE,2DAA2D,EAC3D,iDAAiD,EACjD,iBAAiB,EACjB,mEAAmE,EACnE,mEAAmE,EACnE,yFAAyF,EACzF,yFAAyF,EACzF,iBAAiB,EACjB,gEAAgE,EAChE,YAAY,EACZ,4EAA4E,EAC5E,SAAS,EACT,EAAE,EACF,mCAAmC,EACnC,EAAE,EACF,SAAS,EACT,uFAAuF,EACvF,iGAAiG,EACjG,SAAS,EACT,4BAA4B,EAC5B,wBAAwB,EACxB,EAAE,EACF,aAAa,EACb,mDAAmD,EACnD,kIAAkI,EAClI,aAAa,EACb,oCAAoC,EACpC,2EAA2E,EAC3E,uDAAuD,EACvD,gDAAgD,EAChD,EAAE,EACF,sCAAsC,EACtC,iCAAiC,EACjC,YAAY,EACZ,EAAE,EACF,iCAAiC,EACjC,EAAE,EACF,aAAa,EACb,iEAAiE,EACjE,oEAAoE,EACpE,oEAAoE,EACpE,aAAa,EACb,6BAA6B,EAC7B,EAAE,EACF,aAAa,EACb,iEAAiE,EACjE,0DAA0D,EAC1D,kEAAkE,EAClE,aAAa,EACb,6BAA6B,EAC7B,EAAE,EACF,aAAa,EACb,uHAAuH,EACvH,0FAA0F,EAC1F,gHAAgH,EAChH,4FAA4F,EAC5F,wGAAwG,EACxG,2HAA2H,EAC3H,uHAAuH,EACvH,2HAA2H,EAC3H,uHAAuH,EACvH,iCAAiC,EACjC,aAAa,EACb,8CAA8C,EAC9C,sCAAsC,EACtC,WAAW,EACX,EAAE,EACF,aAAa,EACb,yFAAyF,EACzF,kEAAkE,EAClE,0FAA0F,EAC1F,yDAAyD,EACzD,+FAA+F,EAC/F,aAAa,EACb,8CAA8C,EAC9C,sCAAsC,EACtC,WAAW,EACX,EAAE,EACF,4BAA4B,EAC5B,EAAE,EACF,aAAa,EACb,qEAAqE,EACrE,uBAAuB,EACvB,yBAAyB,EACzB,aAAa,EACb,EAAE,EACF,aAAa,EACb,wEAAwE,EACxE,gFAAgF,EAChF,+EAA+E,EAC/E,sFAAsF,EACtF,aAAa,EACb,gEAAgE,EAChE,iBAAiB,EACjB,sEAAsE,EACtE,8EAA8E,EAC9E,uGAAuG,EACvG,4EAA4E,EAC5E,iEAAiE,EACjE,4GAA4G,EAC5G,mIAAmI,EACnI,oDAAoD,EACpD,iBAAiB,EACjB,4CAA4C,EAC5C,uCAAuC,EACvC,EAAE,EACF,iCAAiC,EACjC,2GAA2G,EAC3G,EAAE,EACF,4EAA4E,EAC5E,kIAAkI,EAClI,sDAAsD,EACtD,2BAA2B,EAC3B,uBAAuB,EACvB,mBAAmB,EACnB,eAAe,EACf,EAAE,EACF,kCAAkC,EAClC,WAAW,EACX,EAAE,EACF,aAAa,EACb,2GAA2G,EAC3G,oFAAoF,EACpF,oFAAoF,EACpF,sFAAsF,EACtF,8EAA8E,EAC9E,aAAa,EACb,2DAA2D,EAC3D,iBAAiB,EACjB,2FAA2F,EAC3F,yEAAyE,EACzE,iGAAiG,EACjG,wGAAwG,EACxG,iEAAiE,EACjE,4GAA4G,EAC5G,mIAAmI,EACnI,kHAAkH,EAClH,iBAAiB,EACjB,mDAAmD,EACnD,uDAAuD,EACvD,oCAAoC,EACpC,EAAE,EACF,sDAAsD,EACtD,iEAAiE,EACjE,EAAE,EACF,iEAAiE,EACjE,EAAE,EACF,2CAA2C,EAC3C,mBAAmB,EACnB,eAAe,EACf,EAAE,EACF,yCAAyC,EACzC,WAAW,EACX,EAAE,EACF,aAAa,EACb,6GAA6G,EAC7G,oFAAoF,EACpF,oFAAoF,EACpF,sFAAsF,EACtF,6DAA6D,EAC7D,aAAa,EACb,6DAA6D,EAC7D,iBAAiB,EACjB,0DAA0D,EAC1D,wGAAwG,EACxG,sGAAsG,EACtG,gBAAgB,EAChB,kDAAkD,EAClD,qHAAqH,EACrH,8IAA8I,EAC9I,2IAA2I,EAC3I,sFAAsF,EACtF,gBAAgB,EAChB,iEAAiE,EACjE,4GAA4G,EAC5G,mIAAmI,EACnI,6BAA6B,EAC7B,uFAAuF,EACvF,iBAAiB,EACjB,qDAAqD,EACrD,uDAAuD,EACvD,EAAE,EACF,8EAA8E,EAC9E,kIAAkI,EAClI,mBAAmB,EACnB,EAAE,EACF,oCAAoC,EACpC,eAAe,EACf,EAAE,EACF,2CAA2C,EAC3C,WAAW,EACX,EAAE,EACF,aAAa,EACb,qDAAqD,EACrD,qFAAqF,EACrF,6DAA6D,EAC7D,wGAAwG,EACxG,+HAA+H,EAC/H,oEAAoE,EACpE,aAAa,EACb,4CAA4C,EAC5C,mDAAmD,EACnD,wDAAwD,EACxD,eAAe,EACf,WAAW,EACX,EAAE,EACF,sBAAsB,EACtB,EAAE,EACF,aAAa,EACb,4CAA4C,EAC5C,mEAAmE,EACnE,kEAAkE,EAClE,0CAA0C,EAC1C,YAAY,EACZ,6DAA6D,EAC7D,wGAAwG,EACxG,+HAA+H,EAC/H,gGAAgG,EAChG,0DAA0D,EAC1D,aAAa,EACb,sDAAsD,EACtD,sCAAsC,EACtC,yCAAyC,EACzC,8CAA8C,EAC9C,0BAA0B,EAC1B,iCAAiC,EACjC,mBAAmB,EACnB,mDAAmD,EACnD,uGAAuG,EACvG,eAAe,EACf,WAAW,EACX,EAAE,EACF,mDAAmD,EACnD,6EAA6E,EAC7E,+BAA+B,EAC/B,eAAe,EACf,EAAE,EACF,0BAA0B,EAC1B,WAAW,EACX,EAAE,EACF,6BAA6B,EAC7B,EAAE,EACF,aAAa,EACb,sFAAsF,EACtF,gEAAgE,EAChE,uHAAuH,EACvH,0HAA0H,EAC1H,+DAA+D,EAC/D,aAAa,EACb,yCAAyC,EACzC,0FAA0F,EAC1F,WAAW,EACX,EAAE,EACF,aAAa,EACb,+FAA+F,EAC/F,+CAA+C,EAC/C,mFAAmF,EACnF,aAAa,EACb,yCAAyC,EACzC,iBAAiB,EACjB,+DAA+D,EAC/D,oDAAoD,EACpD,iEAAiE,EACjE,wDAAwD,EACxD,+CAA+C,EAC/C,8GAA8G,EAC9G,oJAAoJ,EACpJ,iBAAiB,EACjB,oCAAoC,EACpC,qBAAqB,EACrB,8EAA8E,EAC9E,4FAA4F,EAC5F,uFAAuF,EACvF,mDAAmD,EACnD,2GAA2G,EAC3G,wJAAwJ,EACxJ,qBAAqB,EACrB,mDAAmD,EACnD,0DAA0D,EAC1D,EAAE,EACF,iEAAiE,EACjE,oFAAoF,EACpF,kFAAkF,EAClF,0EAA0E,EAC1E,iCAAiC,EACjC,2BAA2B,EAC3B,yBAAyB,EACzB,EAAE,EACF,oCAAoC,EACpC,mBAAmB,EACnB,EAAE,EACF,sDAAsD,EACtD,EAAE,EACF,wDAAwD,EACxD,8CAA8C,EAC9C,sDAAsD,EACtD,EAAE,EACF,gCAAgC,EAChC,eAAe,EACf,EAAE,EACF,iBAAiB,EACjB,oDAAoD,EACpD,0IAA0I,EAC1I,oCAAoC,EACpC,4FAA4F,EAC5F,gBAAgB,EAChB,iEAAiE,EACjE,4GAA4G,EAC5G,mIAAmI,EACnI,0CAA0C,EAC1C,uFAAuF,EACvF,uEAAuE,EACvE,2HAA2H,EAC3H,+DAA+D,EAC/D,iBAAiB,EACjB,4CAA4C,EAC5C,mCAAmC,EACnC,8BAA8B,EAC9B,EAAE,EACF,uBAAuB,EACvB,wFAAwF,EACxF,EAAE,EACF,iDAAiD,EACjD,+BAA+B,EAC/B,mGAAmG,EACnG,EAAE,EACF,qHAAqH,EACrH,kCAAkC,EAClC,uBAAuB,EACvB,EAAE,EACF,oDAAoD,EACpD,kDAAkD,EAClD,uBAAuB,EACvB,mBAAmB,EACnB,eAAe,EACf,EAAE,EACF,8DAA8D,EAC9D,EAAE,EACF,8DAA8D,EAC9D,uDAAuD,EACvD,EAAE,EACF,sDAAsD,EACtD,sEAAsE,EACtE,0BAA0B,EAC1B,yBAAyB,EACzB,sFAAsF,EACtF,mFAAmF,EACnF,oEAAoE,EACpE,wBAAwB,EACxB,uGAAuG,EACvG,iHAAiH,EACjH,oHAAoH,EACpH,qEAAqE,EACrE,yBAAyB,EACzB,6DAA6D,EAC7D,mBAAmB,EACnB,iBAAiB,EACjB,EAAE,EACF,oCAAoC,EACpC,WAAW,EACX,EAAE,EACF,aAAa,EACb,iFAAiF,EACjF,+CAA+C,EAC/C,aAAa,EACb,0CAA0C,EAC1C,+DAA+D,EAC/D,EAAE,EACF,yDAAyD,EACzD,2DAA2D,EAC3D,EAAE,EACF,8CAA8C,EAC9C,0EAA0E,EAC1E,qDAAqD,EACrD,yBAAyB,EACzB,mBAAmB,EACnB,EAAE,EACF,2CAA2C,EAC3C,8DAA8D,EAC9D,mBAAmB,EACnB,iBAAiB,EACjB,EAAE,EACF,qCAAqC,EACrC,WAAW,EACX,EAAE,EACF,2BAA2B,EAC3B,EAAE,EACF,kBAAkB,EAClB,mDAAmD,EACnD,mDAAmD,EACnD,uEAAuE,EACvE,+DAA+D,EAC/D,mEAAmE,EACnE,kDAAkD,EAClD,YAAY,EACZ,OAAO,EACP,EAAE,EACF,gBAAgB,EAChB,EAAE,EACF,SAAS,EACT,8FAA8F,EAC9F,qDAAqD,EACrD,wDAAwD,EACxD,sHAAsH,EACtH,QAAQ,EACR,4DAA4D,EAC5D,qEAAqE,EACrE,SAAS,EACT,qDAAqD,EACrD,EAAE,EACF,QAAQ,EACR,4CAA4C,EAC5C,2DAA2D,EAC3D,oEAAoE,EACpE,QAAQ,EACR,EAAE,EACF,4BAA4B,EAC5B,OAAO,CACR;QACDG,OAAO,EAAE,KAAK;QACdC,QAAQ,EAAE,YAAY;QACtBC,OAAO,EAAE,aAAa;QACtBC,SAAS,EAAE,MAAM;QACjBC,YAAY,EAAE,CAAC;QACfC,cAAc,EAAE,MAAM;QACtBC,gBAAgB,EAAE;MACpB,CAAC;MACD,sCAAsC,EAAE;QACtCR,GAAG,EAAE,sCAAsC;QAC3CjE,IAAI,EAAE,+CAA+C;QACrDkE,WAAW,EACT,iEAAiE;QACnEF,MAAM,EAAE,CACN,IAAI,EACJ,2DAA2D,EAC3D,IAAI,EACJ,8EAA8E,EAC9E,wEAAwE,EACxE,2DAA2D,EAC3D,KAAK,EACL,EAAE,EACF,IAAI,EACJ,mFAAmF,EACnF,4DAA4D,EAC5D,8FAA8F,EAC9F,qFAAqF,EACrF,uGAAuG,EACvG,IAAI,EACJ,uBAAuB,EACvB,mCAAmC,EACnC,kDAAkD,EAClD,qFAAqF,EACrF,8BAA8B,EAC9B,mDAAmD,EACnD,8CAA8C,EAC9C,8EAA8E,EAC9E,sDAAsD,EACtD,uEAAuE,EACvE,wFAAwF,EACxF,wFAAwF,EACxF,0HAA0H,EAC1H,kHAAkH,EAClH,6CAA6C,EAC7C,2HAA2H,EAC3H,2EAA2E,EAC3E,iIAAiI,EACjI,iGAAiG,EACjG,kFAAkF,EAClF,wFAAwF,EACxF,mGAAmG,EACnG,kHAAkH,EAClH,mHAAmH,EACnH,kIAAkI,EAClI,+BAA+B,EAC/B,mEAAmE,EACnE,4BAA4B,EAC5B,6FAA6F,EAC7F,qCAAqC,EACrC,iEAAiE,EACjE,yEAAyE,EACzE,qIAAqI,EACrI,sGAAsG,EACtG,kCAAkC,EAClC,2DAA2D,EAC3D,mJAAmJ,EACnJ,IAAI,EACJ,gGAAgG,EAChG,IAAI,EACJ,qBAAqB,EACrB,oHAAoH,EACpH,6GAA6G,EAC7G,oGAAoG,EACpG,mGAAmG,EACnG,4GAA4G,EAC5G,mGAAmG,EACnG,mGAAmG,EACnG,KAAK,EACL,EAAE,EACF,YAAY,EACZ,gBAAgB,EAChB,gCAAgC,EAChC,8CAA8C,EAC9C,8CAA8C,EAC9C,QAAQ,EACR,EAAE,EACF,iDAAiD,EACjD,6CAA6C,EAC7C,EAAE,EACF,kHAAkH,EAClH,+GAA+G,EAC/G,6DAA6D,EAC7D,EAAE,EACF,WAAW,EACX,6CAA6C,EAC7C,EAAE,EACF,kEAAkE,EAClE,6BAA6B,EAC7B,gCAAgC,EAChC,yCAAyC,EACzC,kCAAkC,EAClC,qCAAqC,EACrC,oCAAoC,EACpC,mBAAmB,EACnB,kBAAkB,EAClB,EAAE,EACF,iEAAiE,EACjE,sFAAsF,EACtF,EAAE,EACF,yDAAyD,EACzD,+DAA+D,EAC/D,EAAE,EACF,0DAA0D,EAC1D,oFAAoF,EACpF,wEAAwE,EACxE,EAAE,EACF,mDAAmD,EACnD,0DAA0D,EAC1D,kBAAkB,EAClB,8JAA8J,EAC9J,WAAW,EACX,mBAAmB,EACnB,uEAAuE,EACvE,EAAE,EACF,iFAAiF,EACjF,2DAA2D,EAC3D,OAAO,EACP,EAAE,EACF,kFAAkF,EAClF,kEAAkE,EAClE,2FAA2F,EAC3F,EAAE,EACF,gEAAgE,EAChE,qFAAqF,EACrF,oBAAoB,EACpB,eAAe,EACf,6EAA6E,EAC7E,uBAAuB,EACvB,8EAA8E,EAC9E,WAAW,EACX,OAAO,EACP,EAAE,EACF,yEAAyE,EACzE,4FAA4F,EAC5F,sCAAsC,EACtC,EAAE,EACF,0DAA0D,EAC1D,OAAO,EACP,IAAI,CACL;QACDG,OAAO,EAAE,KAAK;QACdC,QAAQ,EAAE,YAAY;QACtBC,OAAO,EAAE,kCAAkC;QAC3CC,SAAS,EAAE,MAAM;QACjBC,YAAY,EAAE,CAAC;QACfC,cAAc,EAAE,MAAM;QACtBC,gBAAgB,EAAE;MACpB;IACF,CAAC;IACDlI,WAAW,EAAE;MACXmI,sBAAsB,EAAE;QACtB3H,0BAA0B,EAAE;UAC1BC,iBAAiB,EAAE,IAAI;UACvBC,uBAAuB,EAAE,UAAU;UACnCC,sBAAsB,EAAE,KAAK;UAC7BC,uBAAuB,EAAE,UAAU;UACnCC,gBAAgB,EAAE,SAAS;UAC3BC,gBAAgB,EAAE,sCAAsC;UACxDC,eAAe,EAAE,cAAc;UAC/BC,iCAAiC,EAAE,UAAU;UAC7CC,kCAAkC,EAChC,wEAAwE;UAC1EC,oBAAoB,EAAE,UAAU;UAChCC,wBAAwB,EAAE,IAAI;UAC9BC,mCAAmC,EAAE,SAAS;UAC9CC,sBAAsB,EAAE,KAAK;UAC7BC,uCAAuC,EAAE,UAAU;UACnDC,sBAAsB,EAAE,SAAS;UACjCC,mBAAmB,EAAE,KAAK;UAC1BC,kBAAkB,EAChB,kEAAkE;UACpEC,uBAAuB,EAAE,KAAK;UAC9BC,kBAAkB,EAChB,kEAAkE;UACpEC,sBAAsB,EAAE,EAAE;UAC1BC,uBAAuB,EAAE,SAAS;UAClCC,mBAAmB,EAAE,SAAS;UAC9BC,qBAAqB,EAAE,KAAK;UAC5BC,6BAA6B,EAAE,sCAAsC;UACrEC,iCAAiC,EAAE,IAAI;UACvCC,mBAAmB,EAAE;QACvB,CAAC;QACDC,0BAA0B,EAAE;UAC1BC,OAAO,EAAE;YACPC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDuE,WAAW,EAAE;YACXD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDwE,SAAS,EAAE;YACTF,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDyE,sBAAsB,EAAE;YACtBH,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD0E,aAAa,EAAE;YACbJ,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,UAAU;UACrC,CAAC;UACD2E,eAAe,EAAE;YACfL,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD4E,gBAAgB,EAAE;YAChBN,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD6E,iBAAiB,EAAE;YACjBP,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE,CACL,4BAA4B,EAC5B,gCAAgC;UAEpC,CAAC;UACD8E,SAAS,EAAE;YACTR,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD+E,eAAe,EAAE;YACfT,SAAS,EAAE;UACb,CAAC;UACDU,MAAM,EAAE;YACNV,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDiF,mBAAmB,EAAE;YACnBX,SAAS,EAAE;UACb,CAAC;UACDY,uBAAuB,EAAE;YACvBZ,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDmF,uBAAuB,EAAE;YACvBb,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDoF,gBAAgB,EAAE;YAChBd,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDqF,gBAAgB,EAAE;YAChBf,SAAS,EAAE;UACb,CAAC;UACDgB,UAAU,EAAE;YACVhB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE,CACL,oBAAoB,EACpB,oBAAoB,EACpB,eAAe;UAEnB,CAAC;UACDuF,qCAAqC,EAAE;YACrCjB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDwF,YAAY,EAAE;YACZlB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDyF,WAAW,EAAE;YACXnB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD0F,IAAI,EAAE;YACJpB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD2F,QAAQ,EAAE;YACRrB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD4F,iBAAiB,EAAE;YACjBtB,SAAS,EAAE;UACb;QACF,CAAC;QACDuB,yBAAyB,EAAE;UACzBC,iCAAiC,EAAE;YACjCxB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD+F,wBAAwB,EAAE;YACxBzB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDgG,sDAAsD,EAAE;YACtD1B,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDiG,yBAAyB,EAAE;YACzB3B,SAAS,EAAE;UACb,CAAC;UACD4B,qCAAqC,EAAE;YACrC5B,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDmG,kBAAkB,EAAE;YAClB7B,SAAS,EAAE;UACb,CAAC;UACD8B,0BAA0B,EAAE;YAC1B9B,SAAS,EAAE;UACb,CAAC;UACD+B,aAAa,EAAE;YACb/B,SAAS,EAAE;UACb,CAAC;UACDgC,0BAA0B,EAAE;YAC1BhC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDuG,MAAM,EAAE;YACNjC,SAAS,EAAE;UACb,CAAC;UACDkC,uBAAuB,EAAE;YACvBlC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDyG,OAAO,EAAE;YACPnC,SAAS,EAAE;UACb,CAAC;UACDoC,sCAAsC,EAAE;YACtCpC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD2G,qCAAqC,EAAE;YACrCrC,SAAS,EAAE;UACb,CAAC;UACDsC,sBAAsB,EAAE;YACtBtC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD6G,gCAAgC,EAAE;YAChCvC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD8G,iBAAiB,EAAE;YACjBxC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD+G,gCAAgC,EAAE;YAChCzC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDgH,4CAA4C,EAAE;YAC5C1C,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDiH,yBAAyB,EAAE;YACzB3C,SAAS,EAAE;UACb,CAAC;UACD4C,0BAA0B,EAAE;YAC1B5C,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDmH,4BAA4B,EAAE;YAC5B7C,SAAS,EAAE;UACb,CAAC;UACD8C,wCAAwC,EAAE;YACxC9C,SAAS,EAAE;UACb,CAAC;UACD+C,eAAe,EAAE;YACf/C,SAAS,EAAE;UACb,CAAC;UACDgD,gBAAgB,EAAE;YAChBhD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDuH,4BAA4B,EAAE;YAC5BjD,SAAS,EAAE;UACb,CAAC;UACDkD,wBAAwB,EAAE;YACxBlD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDyH,mCAAmC,EAAE;YACnCnD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD0H,4CAA4C,EAAE;YAC5CpD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT;QACF,CAAC;QACD2H,sBAAsB,EAAE;UACtBC,MAAM,EAAE;YACNtD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD6H,sBAAsB,EAAE;YACtBvD,SAAS,EAAE;UACb,CAAC;UACDwD,gBAAgB,EAAE;YAChBxD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD+H,gBAAgB,EAAE;YAChBzD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDgI,oBAAoB,EAAE;YACpB1D,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDiI,gBAAgB,EAAE;YAChB3D,SAAS,EAAE;UACb,CAAC;UACD4D,aAAa,EAAE;YACb5D,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDmI,qBAAqB,EAAE;YACrB7D,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDoI,mCAAmC,EAAE;YACnC9D,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT;QACF,CAAC;QACDqI,sBAAsB,EAAE;UACtBgC,YAAY,EAAE,IAAI;UAClB/B,MAAM,EAAE;YACNhE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDuI,UAAU,EAAE;YACVjE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDwI,UAAU,EAAE;YACVlE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDyI,4BAA4B,EAAE;YAC5BnE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD0I,aAAa,EAAE;YACbpE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD2I,oBAAoB,EAAE;YACpBrE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD4I,MAAM,EAAE;YACNtE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO;UACtC,CAAC;UACD6I,mBAAmB,EAAE;YACnBvE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD8I,eAAe,EAAE;YACfxE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE,CAAC,qCAAqC;UAC/C,CAAC;UACD+I,yBAAyB,EAAE;YACzBzE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT;QACF,CAAC;QACDgJ,mBAAmB,EAAE;UACnBC,qBAAqB,EAAE;YACrB3E,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT;QACF,CAAC;QACDsK,KAAK,EAAE;UACLX,GAAG,EAAE,cAAc;UACnBjE,IAAI,EAAE,gBAAgB;UACtB6E,UAAU,EAAE;QACd,CAAC;QACDC,SAAS,EAAE;UACTb,GAAG,EAAE,EAAE;UACPc,IAAI,EAAE,WAAW;UACjBC,kBAAkB,EAAE;YAClBC,sCAAsC,EAAE,CACtC,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDC,iCAAiC,EAAE,EAAE;YACrCC,qCAAqC,EAAE,CACrC,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDC,2CAA2C,EAAE,CAC3C,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDC,uDAAuD,EAAE,CACvD,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDC,2BAA2B,EAAE,KAAK;YAClCC,sBAAsB,EAAE,IAAI;YAC5BC,oDAAoD,EAAE,CACpD,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,qDAAqD,EAAE,CACrD,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,0CAA0C,EAAE,CAC1C,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,qCAAqC,EAAE,KAAK;YAC5CC,WAAW,EAAE,CAAC,CAAC;YACfC,UAAU,EAAE,CAAC,CAAC;YACdC,8BAA8B,EAAE,EAAE;YAClCC,sCAAsC,EAAE,IAAI;YAC5CC,cAAc,EAAE,IAAI;YACpBC,kCAAkC,EAAE,CAClC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,+CAA+C,EAAE,CAC/C,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,8BAA8B,EAAE,CAC9B,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDC,wBAAwB,EAAE,KAAK;YAC/BC,gDAAgD,EAAE,CAChD,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDC,kDAAkD,EAAE,CAClD,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDC,6CAA6C,EAAE,CAC7C,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDC,UAAU,EAAE;UACd,CAAC;UACDC,oBAAoB,EAAE;YACpBC,wBAAwB,EAAE,eAAe;YACzCC,uBAAuB,EAAE,KAAK;YAC9BzJ,sBAAsB,EAAE,KAAK;YAC7B0J,kCAAkC,EAAE,KAAK;YACzCC,sCAAsC,EAAE,IAAI;YAC5C7D,aAAa,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;YACjE8D,mCAAmC,EAAE,KAAK;YAC1CC,qBAAqB,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;YAC7CtH,uBAAuB,EAAE,CAAC;YAC1BuH,gCAAgC,EAAE,gBAAgB;YAClDC,QAAQ,EAAE,8BAA8B;YACxCC,mBAAmB,EAAE,IAAI;YACzBC,6BAA6B,EAAE,CAAC;YAChCC,uCAAuC,EAAE,KAAK;YAC9CC,+BAA+B,EAAE,KAAK;YACtCC,uBAAuB,EAAE,MAAM;YAC/BC,0CAA0C,EAAE,CAAC;YAC7CC,mBAAmB,EAAE,CACnB,qEAAqE,EACrE,gEAAgE,EAChE,0DAA0D,EAC1D,iEAAiE,CAClE;YACDC,+BAA+B,EAAE,KAAK;YACtCC,qBAAqB,EAAE,CACrB,gHAAgH,EAChH,8HAA8H,CAC/H;YACDC,qBAAqB,EAAE,OAAO;YAC9BC,oBAAoB,EAAE,OAAO;YAC7BC,oBAAoB,EAAE,IAAI;YAC1BC,oBAAoB,EAAE,CACpB,oLAAoL,EACpL,gKAAgK,EAChK,4KAA4K,EAC5K,wKAAwK,CACzK;YACDC,qBAAqB,EAAE,EAAE;YACzBC,qBAAqB,EAAE,EAAE;YACzBC,gBAAgB,EAAE,EAAE;YACpBC,eAAe,EAAE,CACf,0BAA0B,EAC1B,SAAS,EACT,6BAA6B,EAC7B,gCAAgC,EAChC,mCAAmC,EACnC,UAAU,EACV,0BAA0B,CAC3B;YACDC,wBAAwB,EAAE,CAAC,KAAK,CAAC;YACjCvI,UAAU,EAAE,CACV,UAAU,EACV,+CAA+C,EAC/C,eAAe,EACf,UAAU,EACV,oBAAoB,EACpB,8CAA8C,EAC9C,oBAAoB,EACpB,mCAAmC,EACnC,6CAA6C,EAC7C,6CAA6C;UAEjD,CAAC;UACDwI,+BAA+B,EAAE;YAC/BC,8BAA8B,EAAE,6BAA6B;YAC7DC,wBAAwB,EAAE,KAAK;YAC/BC,2CAA2C,EAAE,CAAC,eAAe,CAAC;YAC9DC,kDAAkD,EAAE,KAAK;YACzDC,gCAAgC,EAAE;UACpC,CAAC;UACDC,cAAc,EAAE;YACdvK,sBAAsB,EAAE,EAAE;YAC1BwK,4BAA4B,EAAE,IAAI;YAClCC,iCAAiC,EAAE,CACjC,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDC,eAAe,EAAE,EAAE;YACnBC,iCAAiC,EAAE,CACjC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,oCAAoC,EAAE,CACpC,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACD1G,gBAAgB,EAAE;UACpB,CAAC;UACD2G,gBAAgB,EAAE;YAChB/F,oBAAoB,EAAE,MAAM;YAC5B3F,eAAe,EAAE,cAAc;YAC/Bc,uBAAuB,EAAE,SAAS;YAClC+E,mBAAmB,EAAE,IAAI;YACzB8F,qBAAqB,EAAE,KAAK;YAC5BC,YAAY,EAAE,GAAG;YACjBtL,sBAAsB,EAAE,IAAI;YAC5BK,uBAAuB,EAAE,KAAK;YAC9BjB,iBAAiB,EAAE,IAAI;YACvBI,gBAAgB,EAAE,SAAS;YAC3BoB,iCAAiC,EAAE;UACrC,CAAC;UACD2K,OAAO,EAAE;YACPC,oCAAoC,EAAE,CACpC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,wCAAwC,EAAE,CACxC,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDC,oCAAoC,EAAE,CACpC,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDvL,mBAAmB,EAAE,KAAK;YAC1BwL,uCAAuC,EAAE,CACvC,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDjL,qBAAqB,EAAE,IAAI;YAC3BkL,qCAAqC,EAAE,CACrC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,qCAAqC,EAAE,CACrC,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe;UAEnB,CAAC;UACDC,gBAAgB,EAAE;YAChBC,oBAAoB,EAAE,CAAC;YACvBC,kBAAkB,EAAE,GAAG;YACvBC,0BAA0B,EACxB,mDAAmD;YACrDC,kBAAkB,EAAE;UACtB,CAAC;UACDC,aAAa,EAAE;YACb7L,kBAAkB,EAChB,kDAAkD;YACpDO,mBAAmB,EAAE,SAAS;YAC9BuL,wBAAwB,EACtB,kDAAkD;YACpDvM,oBAAoB,EAAE,UAAU;YAChCD,kCAAkC,EAChC,kDAAkD;YACpDK,uCAAuC,EAAE,MAAM;YAC/CoM,sBAAsB,EACpB,qEAAqE;YACvE5L,mBAAmB,EAAE,SAAS;YAC9B6L,eAAe,EAAE,kDAAkD;YACnE/M,uBAAuB,EAAE,MAAM;YAC/BQ,mCAAmC,EAAE,SAAS;YAC9CwM,wBAAwB,EACtB,kDAAkD;YACpD5L,6BAA6B,EAC3B,sCAAsC;YACxCtB,uBAAuB,EAAE,MAAM;YAC/BM,iCAAiC,EAAE,UAAU;YAC7CF,gBAAgB,EAAE,sCAAsC;YACxDW,kBAAkB,EAChB;UACJ,CAAC;UACDoM,UAAU,EAAE;YACVC,0BAA0B,EAAE,CAAC;YAC7BC,8BAA8B,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;YAClDC,qBAAqB,EAAE;UACzB,CAAC;UACD3F,KAAK,EAAE;YACLX,GAAG,EAAE,YAAY;YACjBjE,IAAI,EAAE,iBAAiB;YACvB6E,UAAU,EAAE;UACd;QACF;MACF;IACF;EACF,CAAC;EACD,IAAM2F,OAAO,GAAG;IACd5O,EAAE,EAAE,wBAAwB;IAC5BG,IAAI,EAAE,IAAAK,mBAAS,EAACU,iBAAiB;EACnC,CAAC;EACD,IAAM2N,OAAO,GAAG;IACd7O,EAAE,EAAE,wBAAwB;IAC5BG,IAAI,EAAE,IAAAK,mBAAS,EAACU,iBAAiB;EACnC,CAAC;EACD,IAAM4N,OAAO,GAAG;IACd9O,EAAE,EAAE,wBAAwB;IAC5BG,IAAI,EAAE,IAAAK,mBAAS,EAACU,iBAAiB;EACnC,CAAC;EACD,IAAM6N,OAAO,GAAG;IACd/O,EAAE,EAAE,wBAAwB;IAC5BG,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAM6O,OAAO,GAAG;IACdhP,EAAE,EAAE,wBAAwB;IAC5BG,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAM8O,OAAO,GAAG;IACdjP,EAAE,EAAE,wBAAwB;IAC5BG,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAM+O,OAAO,GAAG;IACdlP,EAAE,EAAE,wBAAwB;IAC5BG,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAMgP,OAAO,GAAG;IACdnP,EAAE,EAAE,wBAAwB;IAC5BG,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAMiP,OAAO,GAAG;IACdpP,EAAE,EAAE,wBAAwB;IAC5BG,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAMkP,QAAQ,GAAG;IACfrP,EAAE,EAAE,yBAAyB;IAC7BG,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAMmP,QAAQ,GAAG;IACftP,EAAE,EAAE,yBAAyB;IAC7BG,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAMoP,QAAQ,GAAG;IACfvP,EAAE,EAAE,yBAAyB;IAC7BG,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAMqP,QAAQ,GAAG;IACfxP,EAAE,EAAE,yBAAyB;IAC7BG,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAMsP,OAGL,GAAG;IACFzP,EAAE,EAAE,wBAAwB;IAC5BG,IAAI,EAAEC,+BAA+B,CAACwH,wBAAwB,EAAE,CAC9D,wBAAwB,CACzB;EACH,CAAC;EACD,IAAM8H,OAGL,GAAG;IACF1P,EAAE,EAAE,wBAAwB;IAC5BG,IAAI,EAAEC,+BAA+B,CAACwH,wBAAwB,EAAE,CAC9D,wBAAwB,CACzB;EACH,CAAC;EACD,IAAM+H,WAAW,GAAGvP,+BAA+B,CACjDwH,wBAAwB,EACxB,CAAC,wBAAwB,EAAE,wBAAwB,CACrD,CAAC;EACD,IAAMgI,WAAW,GAAGxP,+BAA+B,CACjDwH,wBAAwB,EACxB,CAAC,wBAAwB,EAAE,wBAAwB,CACrD,CAAC;EACD,IAAMiI,WAAW,GAAGzP,+BAA+B,CACjDwH,wBAAwB,EACxB,CAAC,yBAAyB,EAAE,yBAAyB,CACvD,CAAC;EACD,IAAMkI,WAAW,GAAG1P,+BAA+B,CACjDwH,wBAAwB,EACxB,CAAC,yBAAyB,EAAE,yBAAyB,CACvD,CAAC;EACD;EACAmI,SAAS,eAAAhR,iBAAA,CAAC,aAAY;IACpB,IAAIiR,OAAO,CAACC,GAAG,CAACC,gBAAgB,KAAK,QAAQ,EAAE;MAC7C,MAAM1Q,iBAAiB,CAACoP,OAAO,CAAC;MAChC,MAAMpP,iBAAiB,CAACqP,OAAO,CAAC;MAChC,MAAMrP,iBAAiB,CAACsP,OAAO,EAAE,KAAK,CAAC;IACzC;EACF,CAAC,EAAC;EACF;EACAqB,QAAQ,eAAApR,iBAAA,CAAC,aAAY;IACnB,IAAIiR,OAAO,CAACC,GAAG,CAACC,gBAAgB,KAAK,QAAQ,EAAE;MAC7C,MAAM1Q,iBAAiB,CAACoP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMpP,iBAAiB,CAACqP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMrP,iBAAiB,CAACsP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMtP,iBAAiB,CAACuP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMvP,iBAAiB,CAACwP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMxP,iBAAiB,CAACyP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMzP,iBAAiB,CAAC0P,OAAO,EAAE,KAAK,CAAC;MACvC,MAAM1P,iBAAiB,CAAC2P,OAAO,EAAE,KAAK,CAAC;MACvC,MAAM3P,iBAAiB,CAAC4P,OAAO,EAAE,KAAK,CAAC;MACvC,MAAM5P,iBAAiB,CAAC6P,QAAQ,EAAE,KAAK,CAAC;MACxC,MAAM7P,iBAAiB,CAAC8P,QAAQ,EAAE,KAAK,CAAC;MACxC,MAAM9P,iBAAiB,CAAC+P,QAAQ,EAAE,KAAK,CAAC;MACxC,MAAM/P,iBAAiB,CAACgQ,QAAQ,EAAE,KAAK,CAAC;IAC1C;EACF,CAAC,EAAC;EAEFvO,QAAQ,CAAC,sBAAsB,EAAE,MAAM;IACrCmP,IAAI,CAAC,0BAA0B,eAAArR,iBAAA,CAAE,aAAY;MAC3CsR,MAAM,CAACvQ,mBAAY,CAACwQ,kBAAkB,CAAC,CAACC,WAAW,CAAC,CAAC;IACvD,CAAC,EAAC;IAEFH,IAAI,4BAAArP,MAAA,CAA4B6N,OAAO,CAAC5O,EAAE,gBAAAjB,iBAAA,CAAI,aAAY;MACxD,IAAMyR,QAAQ,SAAS1Q,mBAAY,CAACwQ,kBAAkB,CAAC1B,OAAO,CAAC5O,EAAE,CAAC;MAClEqQ,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC;QAC/B5I,IAAI,EAAEwI,MAAM,CAACK,GAAG,CAACjQ,MAAM;MACzB,CAAC,CAAC;IACJ,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFQ,QAAQ,CAAC,uBAAuB,EAAE,MAAM;IACtCmP,IAAI,CAAC,0BAA0B,eAAArR,iBAAA,CAAE,aAAY;MAC3CsR,MAAM,CAACvQ,mBAAY,CAAC6Q,mBAAmB,CAAC,CAACJ,WAAW,CAAC,CAAC;IACxD,CAAC,EAAC;IAEFH,IAAI,CAAC,8BAA8B,eAAArR,iBAAA,CAAE,aAAY;MAC/C,IAAMyR,QAAQ,SAAS1Q,mBAAY,CAAC6Q,mBAAmB,CAAC,CAAC;MACzDN,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC;QAC/B5I,IAAI,EAAEwI,MAAM,CAACK,GAAG,CAACjQ,MAAM;MACzB,CAAC,CAAC;IACJ,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFQ,QAAQ,CAAC,oBAAoB,EAAE,MAAM;IACnCmP,IAAI,CAAC,0BAA0B,eAAArR,iBAAA,CAAE,aAAY;MAC3CsR,MAAM,CAACvQ,mBAAY,CAAC8Q,gBAAgB,CAAC,CAACL,WAAW,CAAC,CAAC;IACrD,CAAC,EAAC;IAEFH,IAAI,uCAAArR,iBAAA,CAA0B,aAAY;MACxC,IAAMyR,QAAQ,SAAS1Q,mBAAY,CAAC8Q,gBAAgB,CAAC,CAAC;MACtDP,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC,CAAC;IACpC,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFxP,QAAQ,CAAC,mBAAmB,EAAE,MAAM;IAClCmP,IAAI,CAAC,0BAA0B,eAAArR,iBAAA,CAAE,aAAY;MAC3CsR,MAAM,CAACvQ,mBAAY,CAACC,eAAe,CAAC,CAACwQ,WAAW,CAAC,CAAC;IACpD,CAAC,EAAC;IAEFH,IAAI,yBAAArP,MAAA,CAAyB6N,OAAO,CAAC5O,EAAE,gBAAAjB,iBAAA,CAAI,aAAY;MACrD,IAAMyR,QAAQ,SAAS1Q,mBAAY,CAACC,eAAe,CAAC6O,OAAO,CAAC5O,EAAE,CAAC;MAC/DqQ,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC,CAAC;IACpC,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFxP,QAAQ,CAAC,mBAAmB,EAAE,MAAM;IAClCmP,IAAI,CAAC,0BAA0B,eAAArR,iBAAA,CAAE,aAAY;MAC3CsR,MAAM,CAACvQ,mBAAY,CAACI,eAAe,CAAC,CAACqQ,WAAW,CAAC,CAAC;IACpD,CAAC,EAAC;IAEFH,IAAI,yBAAArP,MAAA,CAAyB+N,OAAO,CAAC9O,EAAE,gBAAAjB,iBAAA,CAAI,aAAY;MACrD,IAAMyR,QAAQ,SAAS1Q,mBAAY,CAACI,eAAe,CACjD4O,OAAO,CAAC9O,EAAE,EACV8O,OAAO,CAAC3O,IACV,CAAC;MACDkQ,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC,CAAC;IACpC,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFxP,QAAQ,CAAC,sBAAsB,EAAE,MAAM;IACrCmP,IAAI,CAAC,0BAA0B,eAAArR,iBAAA,CAAE,aAAY;MAC3CsR,MAAM,CAACvQ,mBAAY,CAAC+Q,kBAAkB,CAAC,CAACN,WAAW,CAAC,CAAC;IACvD,CAAC,EAAC;IAEFH,IAAI,4BAAArP,MAAA,CAA4B0O,OAAO,CAACzP,EAAE,oCAAAjB,iBAAA,CAAoB,aAAY;MACxEsR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;MACpB,IAAMN,QAAQ,SAAS1Q,mBAAY,CAAC+Q,kBAAkB,CACpDpB,OAAO,CAACzP,EAAE,EACVyP,OAAO,CAACtP,IAAI,EACZ;QAAE4Q,IAAI,EAAE;MAAK,CACf,CAAC;MACDV,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC,CAAC;IACpC,CAAC,EAAC;IAEFL,IAAI,4BAAArP,MAAA,CAA4B2O,OAAO,CAAC1P,EAAE,qCAAAjB,iBAAA,CAAqB,aAAY;MACzEsR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;MACpB,IAAMN,QAAQ,SAAS1Q,mBAAY,CAAC+Q,kBAAkB,CACpDnB,OAAO,CAAC1P,EAAE,EACV0P,OAAO,CAACvP,IAAI,EACZ;QAAE4Q,IAAI,EAAE;MAAM,CAChB,CAAC;MACDV,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC,CAAC;IACpC,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFxP,QAAQ,CAAC,2BAA2B,EAAE,MAAM;IAC1CmP,IAAI,CAAC,0BAA0B,eAAArR,iBAAA,CAAE,aAAY;MAC3CsR,MAAM,CAACvQ,mBAAY,CAACkR,uBAAuB,CAAC,CAACT,WAAW,CAAC,CAAC;IAC5D,CAAC,EAAC;IAEFH,IAAI,+DAAArR,iBAAA,CAAkD,aAAY;MAChEsR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;MACpB,IAAMG,OAAO,SAASnR,mBAAY,CAACkR,uBAAuB,CACxDrB,WAAW,EACX;QAAEoB,IAAI,EAAE;MAAK,CACf,CAAC;MACDV,MAAM,CAACY,OAAO,CAAC,CAACR,eAAe,CAAC,CAAC;IACnC,CAAC,EAAC;IAEFL,IAAI,gEAAArR,iBAAA,CAAmD,aAAY;MACjEsR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;MACpB,IAAMG,OAAO,SAASnR,mBAAY,CAACkR,uBAAuB,CACxDpB,WAAW,EACX;QAAEmB,IAAI,EAAE;MAAM,CAChB,CAAC;MACDV,MAAM,CAACY,OAAO,CAAC,CAACR,eAAe,CAAC,CAAC;IACnC,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFxP,QAAQ,CAAC,uBAAuB,EAAE,MAAM;IACtCmP,IAAI,CAAC,0BAA0B,eAAArR,iBAAA,CAAE,aAAY;MAC3CsR,MAAM,CAACvQ,mBAAY,CAACoR,mBAAmB,CAAC,CAACX,WAAW,CAAC,CAAC;IACxD,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFH,IAAI,8DAAArR,iBAAA,CAAiD,aAAY;IAC/DsR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;IACpB,IAAMG,OAAO,SAASnR,mBAAY,CAACoR,mBAAmB,CACpDrB,WAAW,EACX;MAAEkB,IAAI,EAAE;IAAK,CACf,CAAC;IACDV,MAAM,CAACY,OAAO,CAAC,CAACR,eAAe,CAAC,CAAC;EACnC,CAAC,EAAC;EAEFL,IAAI,+DAAArR,iBAAA,CAAkD,aAAY;IAChEsR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;IACpB,IAAMG,OAAO,SAASnR,mBAAY,CAACoR,mBAAmB,CACpDpB,WAAW,EACX;MAAEiB,IAAI,EAAE;IAAM,CAChB,CAAC;IACDV,MAAM,CAACY,OAAO,CAAC,CAACR,eAAe,CAAC,CAAC;EACnC,CAAC,EAAC;AACJ,CAAC,CAAC"}
1
+ {"version":3,"file":"OAuth2ClientOps.test.js","names":["_index","require","OAuth2ClientOps","_interopRequireWildcard","_AutoSetupPolly","_OpsUtils","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","asyncGeneratorStep","gen","resolve","reject","_next","_throw","arg","info","value","error","done","Promise","then","_asyncToGenerator","fn","self","args","arguments","apply","err","undefined","autoSetupPolly","stageOAuth2Client","_x","_stageOAuth2Client","client","create","length","getOAuth2Client","clientId","id","state","deleteOAuth2Client","putOAuth2Client","clientData","data","applyOAuth2ClientImportTemplate","template","ids","configured","cloneDeep","keys","application","console","log","concat","dir","describe","rawClientTemplate","overrideOAuth2ClientConfig","issueRefreshToken","validateScopePluginType","tokenEncryptionEnabled","evaluateScopePluginType","oidcMayActScript","oidcClaimsScript","scopesPolicySet","accessTokenModificationPluginType","authorizeEndpointDataProviderClass","oidcClaimsPluginType","providerOverridesEnabled","authorizeEndpointDataProviderScript","statelessTokensEnabled","authorizeEndpointDataProviderPluginType","remoteConsentServiceId","enableRemoteConsent","validateScopeClass","usePolicyEngineForScope","evaluateScopeClass","overrideableOIDCClaims","accessTokenMayActScript","evaluateScopeScript","clientsCanSkipConsent","accessTokenModificationScript","issueRefreshTokenOnRefreshedToken","validateScopeScript","advancedOAuth2ClientConfig","logoUri","inherited","subjectType","clientUri","tokenExchangeAuthLevel","responseTypes","mixUpMitigation","customProperties","javascriptOrigins","policyUri","softwareVersion","tosURI","sectorIdentifierUri","tokenEndpointAuthMethod","refreshTokenGracePeriod","isConsentImplied","softwareIdentity","grantTypes","require_pushed_authorization_requests","descriptions","requestUris","name","contacts","updateAccessToken","signEncOAuth2ClientConfig","tokenEndpointAuthSigningAlgorithm","idTokenEncryptionEnabled","tokenIntrospectionEncryptedResponseEncryptionAlgorithm","requestParameterSignedAlg","authorizationResponseSigningAlgorithm","clientJwtPublicKey","idTokenPublicEncryptionKey","mTLSSubjectDN","jwkStoreCacheMissCacheTime","jwkSet","idTokenEncryptionMethod","jwksUri","tokenIntrospectionEncryptedResponseAlg","authorizationResponseEncryptionMethod","userinfoResponseFormat","mTLSCertificateBoundAccessTokens","publicKeyLocation","tokenIntrospectionResponseFormat","requestParameterEncryptedEncryptionAlgorithm","userinfoSignedResponseAlg","idTokenEncryptionAlgorithm","requestParameterEncryptedAlg","authorizationResponseEncryptionAlgorithm","mTLSTrustedCert","jwksCacheTimeout","userinfoEncryptedResponseAlg","idTokenSignedResponseAlg","tokenIntrospectionSignedResponseAlg","userinfoEncryptedResponseEncryptionAlgorithm","coreOpenIDClientConfig","claims","backchannel_logout_uri","defaultAcrValues","jwtTokenLifetime","defaultMaxAgeEnabled","clientSessionUri","defaultMaxAge","postLogoutRedirectUri","backchannel_logout_session_required","coreOAuth2ClientConfig","status","clientName","clientType","loopbackInterfaceRedirection","defaultScopes","refreshTokenLifetime","scopes","accessTokenLifetime","redirectionUris","authorizationCodeLifetime","coreUmaClientConfig","claimsRedirectionUris","depsClientImportTemplate","meta","origin","originAmVersion","exportedBy","exportDate","exportTool","exportToolVersion","script","_id","description","language","context","createdBy","creationDate","lastModifiedBy","lastModifiedDate","FrodoTestOAuth2Client1","userpassword","_type","collection","_provider","_rev","advancedOIDCConfig","supportedRequestParameterEncryptionEnc","authorisedOpenIdConnectSSOClients","supportedUserInfoEncryptionAlgorithms","supportedAuthorizationResponseEncryptionEnc","supportedTokenIntrospectionResponseEncryptionAlgorithms","useForceAuthnForPromptLogin","alwaysAddClaimsToToken","supportedTokenIntrospectionResponseSigningAlgorithms","supportedTokenEndpointAuthenticationSigningAlgorithms","supportedRequestParameterSigningAlgorithms","includeAllKtyAlgCombinationsInJwksUri","amrMappings","loaMapping","authorisedIdmDelegationClients","idTokenInfoClientAuthenticationEnabled","storeOpsTokens","supportedUserInfoSigningAlgorithms","supportedAuthorizationResponseSigningAlgorithms","supportedUserInfoEncryptionEnc","claimsParameterSupported","supportedTokenIntrospectionResponseEncryptionEnc","supportedAuthorizationResponseEncryptionAlgorithms","supportedRequestParameterEncryptionAlgorithms","defaultACR","advancedOAuth2Config","passwordGrantAuthService","tokenCompressionEnabled","requirePushedAuthorizationRequests","tlsCertificateBoundAccessTokensEnabled","moduleMessageEnabledInPasswordGrant","supportedSubjectTypes","tlsClientCertificateHeaderFormat","hashSalt","macaroonTokenFormat","maxAgeOfRequestObjectNbfClaim","tlsCertificateRevocationCheckingEnabled","nbfClaimRequiredInRequestObject","requestObjectProcessing","maxDifferenceBetweenRequestObjectNbfAndExp","responseTypeClasses","expClaimRequiredInRequestObject","tokenValidatorClasses","tokenSigningAlgorithm","codeVerifierEnforced","displayNameAttribute","tokenExchangeClasses","parRequestUriLifetime","allowedAudienceValues","persistentClaims","supportedScopes","authenticationAttributes","clientDynamicRegistrationConfig","dynamicClientRegistrationScope","allowDynamicRegistration","requiredSoftwareStatementAttestedAttributes","dynamicClientRegistrationSoftwareStatementRequired","generateRegistrationAccessTokens","coreOIDCConfig","oidcDiscoveryEndpointEnabled","supportedIDTokenEncryptionMethods","supportedClaims","supportedIDTokenSigningAlgorithms","supportedIDTokenEncryptionAlgorithms","coreOAuth2Config","macaroonTokensEnabled","codeLifetime","consent","supportedRcsRequestSigningAlgorithms","supportedRcsResponseEncryptionAlgorithms","supportedRcsRequestEncryptionMethods","supportedRcsRequestEncryptionAlgorithms","supportedRcsResponseSigningAlgorithms","supportedRcsResponseEncryptionMethods","deviceCodeConfig","deviceUserCodeLength","deviceCodeLifetime","deviceUserCodeCharacterSet","devicePollInterval","pluginsConfig","accessTokenEnricherClass","userCodeGeneratorClass","oidcClaimsClass","accessTokenModifierClass","cibaConfig","cibaMinimumPollingInterval","supportedCibaSigningAlgorithms","cibaAuthReqIdLifetime","client1","client2","client3","client4","client5","client6","client7","client8","client9","client10","client11","client12","client13","import1","import2","importData1","importData2","importData3","importData4","beforeAll","process","env","FRODO_POLLY_MODE","afterAll","test","expect","exportOAuth2Client","toBeDefined","response","toMatchSnapshot","any","exportOAuth2Clients","getOAuth2Clients","importOAuth2Client","assertions","importData","options","deps","importFirstOAuth2Client","outcome","importOAuth2Clients"],"sources":["ops/OAuth2ClientOps.test.ts"],"sourcesContent":["/**\n * To record and update snapshots, you must perform 3 steps in order:\n *\n * 1. Record API responses & update ESM snapshots\n *\n * To record and update ESM snapshots, you must call the test:record\n * script and override all the connection state variables required\n * to connect to the env to record from:\n *\n * FRODO_DEBUG=1 FRODO_HOST=frodo-dev npm run test:record OAuth2ClientOps\n *\n * The above command assumes that you have a connection profile for\n * 'frodo-dev' on your development machine.\n *\n * 2. Update CJS snapshots\n *\n * After recording, the ESM snapshots will already be updated as that happens\n * in one go, but you musty manually update the CJS snapshots by running:\n *\n * FRODO_DEBUG=1 npm run test:update OAuth2ClientOps\n *\n * 3. Test your changes\n *\n * If 1 and 2 didn't produce any errors, you are ready to run the tests in\n * replay mode and make sure they all succeed as well:\n *\n * npm run test:only OAuth2ClientOps\n *\n * Note: FRODO_DEBUG=1 is optional and enables debug logging for some output\n * in case things don't function as expected\n */\nimport { state } from '../index';\nimport * as OAuth2ClientOps from './OAuth2ClientOps';\nimport { autoSetupPolly } from '../utils/AutoSetupPolly';\nimport { cloneDeep } from './utils/OpsUtils';\nimport {\n NoIdObjectSkeletonInterface,\n OAuth2ClientSkeleton,\n} from '../api/ApiTypes';\n\nautoSetupPolly();\n\nasync function stageOAuth2Client(\n client: {\n id: string;\n data: OAuth2ClientSkeleton | NoIdObjectSkeletonInterface;\n },\n create = true\n) {\n // delete if exists, then create\n try {\n await OAuth2ClientOps.getOAuth2Client({ clientId: client.id, state });\n await OAuth2ClientOps.deleteOAuth2Client({ clientId: client.id, state });\n } catch (error) {\n // ignore\n } finally {\n if (create) {\n await OAuth2ClientOps.putOAuth2Client({\n clientId: client.id,\n clientData: client.data,\n state,\n });\n }\n }\n}\n\nfunction applyOAuth2ClientImportTemplate(template, ids: string[]) {\n const configured: OAuth2ClientOps.OAuth2ClientExportInterface =\n cloneDeep(template);\n const key = cloneDeep(Object.keys(configured.application)[0]);\n const clientData = configured.application[key];\n for (const key of Object.keys(configured.application)) {\n delete configured.application[key];\n }\n for (const id of ids) {\n configured.application[id] = cloneDeep(clientData);\n }\n console.log(`apply template ${ids}`);\n console.dir(configured);\n return configured;\n}\n\ndescribe('OAuth2ClientOps', () => {\n const rawClientTemplate = {\n overrideOAuth2ClientConfig: {\n issueRefreshToken: true,\n validateScopePluginType: 'PROVIDER',\n tokenEncryptionEnabled: false,\n evaluateScopePluginType: 'PROVIDER',\n oidcMayActScript: '[Empty]',\n oidcClaimsScript: '[Empty]',\n scopesPolicySet: 'oauth2Scopes',\n accessTokenModificationPluginType: 'PROVIDER',\n authorizeEndpointDataProviderClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultEndpointDataProvider',\n oidcClaimsPluginType: 'PROVIDER',\n providerOverridesEnabled: false,\n authorizeEndpointDataProviderScript: '[Empty]',\n statelessTokensEnabled: false,\n authorizeEndpointDataProviderPluginType: 'PROVIDER',\n remoteConsentServiceId: null,\n enableRemoteConsent: false,\n validateScopeClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultScopeValidator',\n usePolicyEngineForScope: false,\n evaluateScopeClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultScopeEvaluator',\n overrideableOIDCClaims: [],\n accessTokenMayActScript: '[Empty]',\n evaluateScopeScript: '[Empty]',\n clientsCanSkipConsent: false,\n accessTokenModificationScript: '[Empty]',\n issueRefreshTokenOnRefreshedToken: true,\n validateScopeScript: '[Empty]',\n },\n advancedOAuth2ClientConfig: {\n logoUri: {\n inherited: false,\n value: [],\n },\n subjectType: {\n inherited: false,\n value: 'public',\n },\n clientUri: {\n inherited: false,\n value: [],\n },\n tokenExchangeAuthLevel: {\n inherited: false,\n value: 0,\n },\n responseTypes: {\n inherited: false,\n value: ['code', 'token', 'id_token'],\n },\n mixUpMitigation: {\n inherited: false,\n value: false,\n },\n customProperties: {\n inherited: false,\n value: [],\n },\n javascriptOrigins: {\n inherited: false,\n value: [],\n },\n policyUri: {\n inherited: false,\n value: [],\n },\n softwareVersion: {\n inherited: false,\n },\n tosURI: {\n inherited: false,\n value: [],\n },\n sectorIdentifierUri: {\n inherited: false,\n },\n tokenEndpointAuthMethod: {\n inherited: false,\n value: 'client_secret_basic',\n },\n refreshTokenGracePeriod: {\n inherited: false,\n value: 0,\n },\n isConsentImplied: {\n inherited: false,\n value: true,\n },\n softwareIdentity: {\n inherited: false,\n },\n grantTypes: {\n inherited: false,\n value: ['authorization_code', 'refresh_token'],\n },\n require_pushed_authorization_requests: {\n inherited: false,\n value: false,\n },\n descriptions: {\n inherited: false,\n value: [],\n },\n requestUris: {\n inherited: false,\n value: [],\n },\n name: {\n inherited: false,\n value: [],\n },\n contacts: {\n inherited: false,\n value: [],\n },\n updateAccessToken: {\n inherited: false,\n },\n },\n signEncOAuth2ClientConfig: {\n tokenEndpointAuthSigningAlgorithm: {\n inherited: false,\n value: 'RS256',\n },\n idTokenEncryptionEnabled: {\n inherited: false,\n value: false,\n },\n tokenIntrospectionEncryptedResponseEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n requestParameterSignedAlg: {\n inherited: false,\n },\n authorizationResponseSigningAlgorithm: {\n inherited: false,\n value: 'RS256',\n },\n clientJwtPublicKey: {\n inherited: false,\n },\n idTokenPublicEncryptionKey: {\n inherited: false,\n },\n mTLSSubjectDN: {\n inherited: false,\n },\n jwkStoreCacheMissCacheTime: {\n inherited: false,\n value: 60000,\n },\n jwkSet: {\n inherited: false,\n },\n idTokenEncryptionMethod: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n jwksUri: {\n inherited: false,\n },\n tokenIntrospectionEncryptedResponseAlg: {\n inherited: false,\n value: 'RSA-OAEP-256',\n },\n authorizationResponseEncryptionMethod: {\n inherited: false,\n },\n userinfoResponseFormat: {\n inherited: false,\n value: 'JSON',\n },\n mTLSCertificateBoundAccessTokens: {\n inherited: false,\n value: false,\n },\n publicKeyLocation: {\n inherited: false,\n value: 'jwks_uri',\n },\n tokenIntrospectionResponseFormat: {\n inherited: false,\n value: 'JSON',\n },\n requestParameterEncryptedEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n userinfoSignedResponseAlg: {\n inherited: false,\n },\n idTokenEncryptionAlgorithm: {\n inherited: false,\n value: 'RSA-OAEP-256',\n },\n requestParameterEncryptedAlg: {\n inherited: false,\n },\n authorizationResponseEncryptionAlgorithm: {\n inherited: false,\n },\n mTLSTrustedCert: {\n inherited: false,\n },\n jwksCacheTimeout: {\n inherited: false,\n value: 3600000,\n },\n userinfoEncryptedResponseAlg: {\n inherited: false,\n },\n idTokenSignedResponseAlg: {\n inherited: false,\n value: 'RS256',\n },\n tokenIntrospectionSignedResponseAlg: {\n inherited: false,\n value: 'RS256',\n },\n userinfoEncryptedResponseEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n },\n coreOpenIDClientConfig: {\n claims: {\n inherited: false,\n value: [],\n },\n backchannel_logout_uri: {\n inherited: false,\n },\n defaultAcrValues: {\n inherited: false,\n value: [],\n },\n jwtTokenLifetime: {\n inherited: false,\n value: 3600,\n },\n defaultMaxAgeEnabled: {\n inherited: false,\n value: false,\n },\n clientSessionUri: {\n inherited: false,\n },\n defaultMaxAge: {\n inherited: false,\n value: 600,\n },\n postLogoutRedirectUri: {\n inherited: false,\n value: [],\n },\n backchannel_logout_session_required: {\n inherited: false,\n value: false,\n },\n },\n coreOAuth2ClientConfig: {\n status: {\n inherited: false,\n value: 'Active',\n },\n clientName: {\n inherited: false,\n value: [],\n },\n clientType: {\n inherited: false,\n value: 'Public',\n },\n loopbackInterfaceRedirection: {\n inherited: false,\n value: false,\n },\n defaultScopes: {\n inherited: false,\n value: [],\n },\n refreshTokenLifetime: {\n inherited: false,\n value: 604800,\n },\n scopes: {\n inherited: false,\n value: ['openid'],\n },\n accessTokenLifetime: {\n inherited: false,\n value: 3600,\n },\n redirectionUris: {\n inherited: false,\n value: [],\n },\n authorizationCodeLifetime: {\n inherited: false,\n value: 120,\n },\n },\n coreUmaClientConfig: {\n claimsRedirectionUris: {\n inherited: false,\n value: [],\n },\n },\n // _type: {\n // _id: 'OAuth2Client',\n // name: 'OAuth2 Clients',\n // collection: true,\n // },\n // _provider: {\n // _id: '',\n // _rev: '745152125',\n // advancedOIDCConfig: {\n // supportedRequestParameterEncryptionEnc: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // authorisedOpenIdConnectSSOClients: [],\n // supportedUserInfoEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'RSA-OAEP',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // supportedAuthorizationResponseEncryptionEnc: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // supportedTokenIntrospectionResponseEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'RSA-OAEP',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // useForceAuthnForPromptLogin: false,\n // alwaysAddClaimsToToken: true,\n // supportedTokenIntrospectionResponseSigningAlgorithms: [\n // 'PS384',\n // 'RS384',\n // 'EdDSA',\n // 'ES384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedTokenEndpointAuthenticationSigningAlgorithms: [\n // 'PS384',\n // 'ES384',\n // 'RS384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedRequestParameterSigningAlgorithms: [\n // 'PS384',\n // 'ES384',\n // 'RS384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // includeAllKtyAlgCombinationsInJwksUri: false,\n // amrMappings: {},\n // loaMapping: {},\n // authorisedIdmDelegationClients: [],\n // idTokenInfoClientAuthenticationEnabled: true,\n // storeOpsTokens: true,\n // supportedUserInfoSigningAlgorithms: [\n // 'ES384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // ],\n // supportedAuthorizationResponseSigningAlgorithms: [\n // 'PS384',\n // 'RS384',\n // 'EdDSA',\n // 'ES384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedUserInfoEncryptionEnc: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // claimsParameterSupported: false,\n // supportedTokenIntrospectionResponseEncryptionEnc: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // supportedAuthorizationResponseEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'RSA-OAEP',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // supportedRequestParameterEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // defaultACR: [],\n // },\n // advancedOAuth2Config: {\n // passwordGrantAuthService: 'PasswordGrant',\n // tokenCompressionEnabled: false,\n // tokenEncryptionEnabled: false,\n // requirePushedAuthorizationRequests: false,\n // tlsCertificateBoundAccessTokensEnabled: true,\n // defaultScopes: ['address', 'phone', 'openid', 'profile', 'email'],\n // moduleMessageEnabledInPasswordGrant: false,\n // supportedSubjectTypes: ['public', 'pairwise'],\n // refreshTokenGracePeriod: 0,\n // tlsClientCertificateHeaderFormat: 'URLENCODED_PEM',\n // hashSalt: 'qAWV0MFSQpC/f1GPbZAZnMRksak=',\n // macaroonTokenFormat: 'V2',\n // maxAgeOfRequestObjectNbfClaim: 0,\n // tlsCertificateRevocationCheckingEnabled: false,\n // nbfClaimRequiredInRequestObject: false,\n // requestObjectProcessing: 'OIDC',\n // maxDifferenceBetweenRequestObjectNbfAndExp: 0,\n // responseTypeClasses: [\n // 'code|org.forgerock.oauth2.core.AuthorizationCodeResponseTypeHandler',\n // 'device_code|org.forgerock.oauth2.core.TokenResponseTypeHandler',\n // 'token|org.forgerock.oauth2.core.TokenResponseTypeHandler',\n // 'id_token|org.forgerock.openidconnect.IdTokenResponseTypeHandler',\n // ],\n // expClaimRequiredInRequestObject: false,\n // tokenValidatorClasses: [\n // 'urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.idtoken.OidcIdTokenValidator',\n // 'urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.OAuth2AccessTokenValidator',\n // ],\n // tokenSigningAlgorithm: 'HS256',\n // codeVerifierEnforced: 'false',\n // displayNameAttribute: 'cn',\n // tokenExchangeClasses: [\n // 'urn:ietf:params:oauth:token-type:access_token=>urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.AccessTokenToAccessTokenExchanger',\n // 'urn:ietf:params:oauth:token-type:id_token=>urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.idtoken.IdTokenToIdTokenExchanger',\n // 'urn:ietf:params:oauth:token-type:access_token=>urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.AccessTokenToIdTokenExchanger',\n // 'urn:ietf:params:oauth:token-type:id_token=>urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.idtoken.IdTokenToAccessTokenExchanger',\n // ],\n // parRequestUriLifetime: 90,\n // allowedAudienceValues: [],\n // persistentClaims: [],\n // supportedScopes: [\n // 'email|Your email address',\n // 'openid|',\n // 'address|Your postal address',\n // 'phone|Your telephone number(s)',\n // 'profile|Your personal information',\n // 'fr:idm:*',\n // 'am-introspect-all-tokens',\n // ],\n // authenticationAttributes: ['uid'],\n // grantTypes: [\n // 'implicit',\n // 'urn:ietf:params:oauth:grant-type:saml2-bearer',\n // 'refresh_token',\n // 'password',\n // 'client_credentials',\n // 'urn:ietf:params:oauth:grant-type:device_code',\n // 'authorization_code',\n // 'urn:openid:params:grant-type:ciba',\n // 'urn:ietf:params:oauth:grant-type:uma-ticket',\n // 'urn:ietf:params:oauth:grant-type:jwt-bearer',\n // ],\n // },\n // clientDynamicRegistrationConfig: {\n // dynamicClientRegistrationScope: 'dynamic_client_registration',\n // allowDynamicRegistration: false,\n // requiredSoftwareStatementAttestedAttributes: ['redirect_uris'],\n // dynamicClientRegistrationSoftwareStatementRequired: false,\n // generateRegistrationAccessTokens: true,\n // },\n // coreOIDCConfig: {\n // overrideableOIDCClaims: [],\n // oidcDiscoveryEndpointEnabled: true,\n // supportedIDTokenEncryptionMethods: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // supportedClaims: [],\n // supportedIDTokenSigningAlgorithms: [\n // 'PS384',\n // 'ES384',\n // 'RS384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedIDTokenEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'RSA-OAEP',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // jwtTokenLifetime: 3600,\n // },\n // coreOAuth2Config: {\n // refreshTokenLifetime: 604800,\n // scopesPolicySet: 'oauth2Scopes',\n // accessTokenMayActScript: '[Empty]',\n // accessTokenLifetime: 3600,\n // macaroonTokensEnabled: false,\n // codeLifetime: 120,\n // statelessTokensEnabled: true,\n // usePolicyEngineForScope: false,\n // issueRefreshToken: true,\n // oidcMayActScript: '[Empty]',\n // issueRefreshTokenOnRefreshedToken: true,\n // },\n // consent: {\n // supportedRcsRequestSigningAlgorithms: [\n // 'PS384',\n // 'ES384',\n // 'RS384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedRcsResponseEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // supportedRcsRequestEncryptionMethods: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // enableRemoteConsent: false,\n // supportedRcsRequestEncryptionAlgorithms: [\n // 'ECDH-ES+A256KW',\n // 'ECDH-ES+A192KW',\n // 'RSA-OAEP',\n // 'ECDH-ES+A128KW',\n // 'RSA-OAEP-256',\n // 'A128KW',\n // 'A256KW',\n // 'ECDH-ES',\n // 'dir',\n // 'A192KW',\n // ],\n // clientsCanSkipConsent: true,\n // supportedRcsResponseSigningAlgorithms: [\n // 'PS384',\n // 'ES384',\n // 'RS384',\n // 'HS256',\n // 'HS512',\n // 'ES256',\n // 'RS256',\n // 'HS384',\n // 'ES512',\n // 'PS256',\n // 'PS512',\n // 'RS512',\n // ],\n // supportedRcsResponseEncryptionMethods: [\n // 'A256GCM',\n // 'A192GCM',\n // 'A128GCM',\n // 'A128CBC-HS256',\n // 'A192CBC-HS384',\n // 'A256CBC-HS512',\n // ],\n // },\n // deviceCodeConfig: {\n // deviceUserCodeLength: 8,\n // deviceCodeLifetime: 300,\n // deviceUserCodeCharacterSet:\n // '234567ACDEFGHJKLMNPQRSTWXYZabcdefhijkmnopqrstwxyz',\n // devicePollInterval: 5,\n // },\n // pluginsConfig: {\n // evaluateScopeClass:\n // 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // validateScopeScript: '[Empty]',\n // accessTokenEnricherClass:\n // 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // oidcClaimsPluginType: 'SCRIPTED',\n // authorizeEndpointDataProviderClass:\n // 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // authorizeEndpointDataProviderPluginType: 'JAVA',\n // userCodeGeneratorClass:\n // 'org.forgerock.oauth2.core.plugins.registry.DefaultUserCodeGenerator',\n // evaluateScopeScript: '[Empty]',\n // oidcClaimsClass: 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // evaluateScopePluginType: 'JAVA',\n // authorizeEndpointDataProviderScript: '[Empty]',\n // accessTokenModifierClass:\n // 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // accessTokenModificationScript: '39c08084-1238-43e8-857f-2e11005eac49',\n // validateScopePluginType: 'JAVA',\n // accessTokenModificationPluginType: 'SCRIPTED',\n // oidcClaimsScript: 'cf3515f0-8278-4ee3-a530-1bad7424c416',\n // validateScopeClass:\n // 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n // },\n // cibaConfig: {\n // cibaMinimumPollingInterval: 2,\n // supportedCibaSigningAlgorithms: ['ES256', 'PS256'],\n // cibaAuthReqIdLifetime: 600,\n // },\n // _type: {\n // _id: 'oauth-oidc',\n // name: 'OAuth2 Provider',\n // collection: false,\n // },\n // },\n };\n const depsClientImportTemplate = {\n meta: {\n origin: 'https://openam-frodo-dev.forgeblocks.com/am',\n originAmVersion: '7.3.0',\n exportedBy: 'volker.scheuber@forgerock.com',\n exportDate: '2023-04-17T15:29:35.013Z',\n exportTool: 'frodo',\n exportToolVersion: 'v0.18.9-1 [v19.4.0]',\n },\n script: {\n 'cf3515f0-8278-4ee3-a530-1bad7424c416': {\n _id: 'cf3515f0-8278-4ee3-a530-1bad7424c416',\n name: 'Alpha OIDC Claims Script',\n description: 'Default alpha realm script for OIDC claims',\n script: [\n '/*',\n ' * Copyright 2014-2021 ForgeRock AS. All Rights Reserved',\n ' *',\n ' * Use of this code requires a commercial software license with ForgeRock AS',\n ' * or with one of its affiliates. All use shall be exclusively subject',\n ' * to such license between the licensee and ForgeRock AS.',\n ' */',\n '',\n '/*',\n ' * This script computes claim values returned in ID tokens and/or at the UserInfo Endpoint.',\n ' * The claim values are computed for:',\n ' * the claims derived from the requested scopes,',\n ' * the claims provided by the authorization server,',\n ' * and the claims requested by the client via the claims parameter.',\n ' *',\n ' * In the CONFIGURATION AND CUSTOMIZATION section, you can',\n ' * define the scope-to-claims mapping, and',\n ' * assign to each claim a resolver function that will compute the claim value.',\n ' *',\n ' * Defined variables (class references are provided below):',\n ' * scopes - Set<String> (6).',\n ' * Always present, the requested scopes.',\n ' * claims - Map<String, Object> (5).',\n ' * Always present, default server provided claims.',\n ' * claimObjects - List<Claim> (7, 2).',\n ' * Always present, the default server provided claims.',\n ' * requestedClaims - Map<String, Set<String>> (5).',\n ' * Always present, not empty if the request contains the claims parameter and the server has enabled',\n ' * claims_parameter_supported. A map of the requested claims to possible values, otherwise empty;',\n ' * requested claims with no requested values will have a key but no value in the map. A key with',\n ' * a single value in its Set (6) indicates that this is the only value that should be returned.',\n ' * requestedTypedClaims - List<Claim> (7, 2).',\n ' * Always present, the requested claims.',\n ' * Requested claims with no requested values will have a claim with no values.',\n ' * A claim with a single value indicates this is the only value that should be returned.',\n ' * claimsLocales - List<String> (7).',\n \" * The values from the 'claims_locales' parameter.\",\n ' * See https://openid.net/specs/openid-connect-core-1_0.html#ClaimsLanguagesAndScripts for the OIDC specification details.',\n ' * requestProperties - Unmodifiable Map (5).',\n ' * Always present, contains a map of request properties:',\n ' * requestUri - The request URI.',\n ' * realm - The realm that the request relates to.',\n ' * requestParams - A map of the request params and/or posted data.',\n ' * Each value is a list of one or more properties.',\n ' * Please note that these should be handled in accordance with OWASP best practices:',\n ' * https://owasp.org/www-community/vulnerabilities/Unsafe_use_of_Reflection.',\n ' * clientProperties - Unmodifiable Map (5).',\n ' * Present if the client specified in the request was identified, contains a map of client properties:',\n \" * clientId - The client's URI for the request locale.\",\n ' * allowedGrantTypes - List of the allowed grant types (org.forgerock.oauth2.core.GrantType) for the client.',\n ' * allowedResponseTypes - List of the allowed response types for the client.',\n ' * allowedScopes - List of the allowed scopes for the client.',\n ' * customProperties - A map of the custom properties of the client.',\n ' * Lists or maps will be included as sub-maps; for example:',\n ' * customMap[Key1]=Value1 will be returned as customMap -> Key1 -> Value1.',\n ' * To add custom properties to a client, update the Custom Properties field',\n ' * in AM Console > Realm Name > Applications > OAuth 2.0 > Clients > Client ID > Advanced.',\n ' * identity - AMIdentity (3).',\n ' * Always present, the identity of the resource owner.',\n ' * session - SSOToken (4).',\n \" * Present if the request contains the session cookie, the user's session object.\",\n ' * scriptName - String (primitive).',\n ' * Always present, the display name of the script.',\n ' * logger - Always present, the \"OAuth2Provider\" debug logger instance:',\n ' * https://backstage.forgerock.com/docs/am/7/scripting-guide/scripting-api-global-logger.html#scripting-api-global-logger.',\n ' * Corresponding files will be prefixed with: scripts.OIDC_CLAIMS.',\n ' * httpClient - HTTP Client (8).',\n ' * Always present, the HTTP Client instance:',\n ' * https://backstage.forgerock.com/docs/am/7/scripting-guide/scripting-api-global-http-client.html#scripting-api-global-http-client.',\n ' * In order to use the client, you may need to add',\n ' * org.forgerock.http.Client,',\n ' * org.forgerock.http.protocol.*,',\n ' * and org.forgerock.util.promise.PromiseImpl',\n ' * to the allowed Java classes in the scripting engine configuration, as described in:',\n ' * https://backstage.forgerock.com/docs/am/7/scripting-guide/script-engine-security.html',\n ' *',\n ' * Return - a new UserInfoClaims(Map<String, Object> values, Map<String, List<String>> compositeScopes) (1) object.',\n ' * The result of the last statement in the script is returned to the server.',\n ' * Currently, the Immediately Invoked Function Expression (also known as Self-Executing Anonymous Function)',\n ' * is the last (and only) statement in this script, and its return value will become the script result.',\n ' * Do not use \"return variable\" statement outside of a function definition.',\n ' * See RESULTS section for additional details.',\n ' *',\n ' * Class reference:',\n ' * (1) UserInfoClaims - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/oauth2/core/UserInfoClaims.html.',\n ' * (2) Claim - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html).',\n ' * An instance of org.forgerock.openidconnect.Claim has methods to access',\n ' * the claim name, requested values, locale, and whether the claim is essential.',\n ' * (3) AMIdentity - https://backstage.forgerock.com/docs/am/7/apidocs/com/sun/identity/idm/AMIdentity.html.',\n ' * (4) SSOToken - https://backstage.forgerock.com/docs/am/7/apidocs/com/iplanet/sso/SSOToken.html.',\n ' * (5) Map - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/HashMap.html,',\n ' * or https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/LinkedHashMap.html.',\n ' * (6) Set - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/HashSet.html.',\n ' * (7) List - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/ArrayList.html.',\n ' * (8) Client - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/http/Client.html.',\n '*/',\n '',\n '(function () {',\n ' // SETUP',\n '',\n ' /**',\n ' * Claim processing utilities.',\n ' * An object that contains reusable functions for processing claims.',\n ' * @see CLAIM PROCESSING UTILITIES section for details.',\n ' */',\n ' var utils = getUtils();',\n '',\n ' // CONFIGURATION AND CUSTOMIZATION',\n '',\n ' /**',\n ' * OAuth 2.0 scope values (scopes) can be used by the Client to request OIDC claims.',\n ' *',\n ' * Call this configuration method, and pass in as the first argument',\n ' * an object that maps a scope value to an array of claim names',\n ' * to specify which claims need to be processed and returned for the requested scopes.',\n ' * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims}',\n ' * for the scope values that could be used to request claims as defined in the OIDC specification.',\n ' *',\n ' * Below, find a default configuration that is expected to work in the current environment.',\n ' *',\n ' * CUSTOMIZATION',\n ' * You can choose the claim names returned for a scope.',\n ' */',\n ' utils.setScopeClaimsMap({',\n ' profile: [',\n \" 'name',\",\n \" 'family_name',\",\n \" 'given_name',\",\n \" 'zoneinfo',\",\n \" 'locale'\",\n ' ],',\n \" email: ['email'],\",\n \" address: ['address'],\",\n \" phone: ['phone_number']\",\n ' });',\n '',\n ' /**',\n ' * In this script, each claim',\n ' * derived from the requested scopes,',\n ' * provided by the authorization server, and',\n ' * requested by the client via the claims parameter',\n ' * will be processed by a function associated with the claim name.',\n ' *',\n ' * Call this configuration method, and pass in as the first argument',\n ' * an object that maps a claim name to a resolver function,',\n ' * which will be automatically executed for each claim processed by the script.',\n ' *',\n ' * The claim resolver function will receive the requested claim information',\n ' * in an instance of org.forgerock.openidconnect.Claim as the first argument.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html}',\n ' * for details on the Claim class.',\n ' *',\n ' * If the claim resolver function returns a value,',\n ' * other than undefined or null,',\n \" * the claim will be included in the script's results.\",\n ' *',\n ' * The Claim instance provides methods to check',\n ' * what the name of the claim is,',\n ' * which values the claim request contains,',\n ' * whether the claim is essential, and',\n ' * which locale the claim is associated with.',\n ' * The resolver function can consider this information when computing and returning the claim value.',\n ' *',\n ' * Below, find a default configuration that is expected to work in the current environment.',\n ' * A reusable function, utils.getUserProfileClaimResolver(String attribute-name),',\n ' * is called to return a claim resolver function based on a user profile attribute.',\n ' * @see CLAIM RESOLVERS section for the implementation details and examples.',\n ' * For the address claim, an example of a claim resolver that uses another claim resolver is provided.',\n ' *',\n ' * CUSTOMIZATION',\n ' * You can reuse the predefined utils methods with your custom arguments.',\n ' * You can also specify a custom resolver function for a claim name,',\n ' * that will compute and return the claim value—as shown in the commented out example below.',\n ' */',\n ' utils.setClaimResolvers({',\n ' /*',\n ' // An example of a simple claim resolver function that is defined for a claim',\n ' // directly in the configuration object:',\n ' custom-claim-name: function (requestedClaim) {',\n ' // In this case, initially, the claim value comes straight from a user profile attribute value:',\n \" var claimValue = identity.getAttribute('custom-attribute-name').toArray()[0]\",\n '',\n ' // Optionally, provide additional logic for processing (filtering, formatting, etc.) the claim value.',\n ' // You can use:',\n ' // requestedClaim.getName()',\n ' // requestedClaim.getValues()',\n ' // requestedClaim.getLocale()',\n ' // requestedClaim.isEssential()',\n '',\n ' return claimValue',\n ' },',\n ' */',\n ' /**',\n ' * The use of utils.getUserProfileClaimResolver shows how',\n ' * an argument passed to a function that returns a claim resolver',\n ' * becomes available to the resolver function (via its lexical context).',\n ' */',\n \" name: utils.getUserProfileClaimResolver('cn'),\",\n \" family_name: utils.getUserProfileClaimResolver('sn'),\",\n \" given_name: utils.getUserProfileClaimResolver('givenname'),\",\n \" zoneinfo: utils.getUserProfileClaimResolver('preferredtimezone'),\",\n \" locale: utils.getUserProfileClaimResolver('preferredlocale'),\",\n \" email: utils.getUserProfileClaimResolver('mail'),\",\n ' address: utils.getAddressClaimResolver(',\n ' /**',\n ' * The passed in user profile claim resolver function',\n ' * can be used by the address claim resolver function',\n ' * to obtain the claim value to be formatted as per the OIDC specification:',\n ' * @see https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim.',\n ' */',\n \" utils.getUserProfileClaimResolver('postaladdress')\",\n ' ),',\n \" phone_number: utils.getUserProfileClaimResolver('telephonenumber')\",\n ' });',\n '',\n ' // CLAIM PROCESSING UTILITIES',\n '',\n ' /**',\n ' * @returns {object} An object that contains reusable claim processing utilities.',\n ' * @see PUBLIC METHODS section and the return statement for the list of exported functions.',\n ' */',\n ' function getUtils () {',\n ' // IMPORT JAVA',\n '',\n ' /**',\n ' * Provides Java scripting functionality.',\n ' * @see {@link https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Rhino/Scripting_Java#javaimporter_constructor}.',\n ' */',\n ' var frJava = JavaImporter(',\n ' org.forgerock.oauth2.core.exceptions.InvalidRequestException,',\n ' org.forgerock.oauth2.core.UserInfoClaims,',\n ' org.forgerock.openidconnect.Claim,',\n '',\n ' java.util.LinkedHashMap,',\n ' java.util.ArrayList',\n ' );',\n '',\n ' // SET UP CONFIGURATION',\n '',\n ' /**',\n ' * Placeholder for a configuration option that contains',\n ' * an object that maps the supported scope values (scopes)',\n ' * and the corresponding claim names for each scope value.',\n ' */',\n ' var scopeClaimsMap;',\n '',\n ' /**',\n ' * Placeholder for a configuration option that contains',\n ' * an object that maps the supported claim names',\n ' * and the resolver functions returning the claim value.',\n ' */',\n ' var claimResolvers;',\n '',\n ' /**',\n ' * A (public) method that accepts an object that maps the supported scopes and the corresponding claim names,',\n ' * and assigns it to a (private) variable that serves as a configuration option.',\n ' * @param {object} params - An object that maps each supported scope value to an array of claim names,',\n ' * in order to specify which claims need to be processed for the requested scopes.',\n ' * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims} for details.',\n ' * @param {string[]} [params.profile] - An array of claim names to be returned if the profile scope is requested.',\n ' * @param {string[]} [params.email] - An array of claim names to be returned if the email scope is requested.',\n ' * @param {string[]} [params.address] - An array of claim names to be returned if the address scope is requested.',\n ' * @param {string[]} [params.phone] - An array of claim names to be returned if the phone scope is requested.',\n ' * @returns {undefined}',\n ' */',\n ' function setScopeClaimsMap(params) {',\n ' scopeClaimsMap = params;',\n ' }',\n '',\n ' /**',\n ' * A (public) method that accepts an object that maps the supported claim names',\n ' * and the resolver functions returning the claim value,',\n ' * and assigns it to a (private) variable that serves as a configuration option.',\n ' * @param {object} params - An object that maps',\n ' * each supported claim name to a function that computes and returns the claim value.',\n ' */',\n ' function setClaimResolvers(params) {',\n ' claimResolvers = params;',\n ' }',\n '',\n ' // CLAIM RESOLVERS',\n '',\n ' /**',\n ' * Claim resolvers are functions that return a claim value.',\n ' * @param {*}',\n ' * @returns {*}',\n ' */',\n '',\n ' /**',\n ' * Defines a claim resolver based on a user profile attribute.',\n ' * @param {string} attributeName - Name of the user profile attribute.',\n ' * @returns {function} A function that will determine the claim value',\n ' * based on the user profile attribute and the (requested) claim properties.',\n ' */',\n ' function getUserProfileClaimResolver (attributeName) {',\n ' /**',\n ' * Resolves a claim with a user profile attribute value.',\n ' * Returns undefined if the identity attribute is not populated,',\n ' * OR if the claim has requested values that do not contain the identity attribute value.',\n ' * ATTENTION: the aforementioned comparison is case-sensitive.',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @returns {string|HashSet|undefined}',\n ' */',\n ' function resolveClaim(claim) {',\n ' var userProfileValue;',\n '',\n ' if (identity) {',\n ' userProfileValue = getClaimValueFromSet(claim, identity.getAttribute(attributeName));',\n '',\n ' if (userProfileValue && !userProfileValue.isEmpty()) {',\n ' if (!claim.getValues() || claim.getValues().isEmpty() || claim.getValues().contains(userProfileValue)) {',\n ' return userProfileValue;',\n ' }',\n ' }',\n ' }',\n ' }',\n '',\n ' return resolveClaim;',\n ' }',\n '',\n ' /**',\n ' * Returns an address claim resolver based on a claim value obtained with another claim resolver.',\n ' * @param {function} resolveClaim - A function that returns a claim value.',\n ' * @returns {function} A function that will accept a claim as an argument,',\n ' * run the claim resolver function for the claim and obtain the claim value,',\n ' * and apply additional formatting to the value before returning it.',\n ' */',\n ' function getAddressClaimResolver (resolveClaim) {',\n ' /**',\n ' * Creates an address claim object from a value returned by a claim resolver,',\n ' * and returns the address claim object as the claim value.',\n ' * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim}.',\n ' * The claim value is obtained with a claim resolving function available from the closure.',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @returns {java.util.LinkedHashMap|undefined} The address claim object created from a claim value.',\n ' */',\n ' function resolveAddressClaim(claim) {',\n ' var claimValue = resolveClaim(claim);',\n ' var addressObject;',\n '',\n ' if (isClaimValueValid(claimValue)) {',\n ' addressObject = new frJava.LinkedHashMap();',\n '',\n \" addressObject.put('formatted', claimValue);\",\n '',\n ' return addressObject;',\n ' }',\n ' }',\n '',\n ' return resolveAddressClaim;',\n ' }',\n '',\n ' /**',\n ' * Returns an essential claim resolver based on a claim value obtained with another claim resolver.',\n ' * @param {function} resolveClaim - A function that returns a claim value.',\n ' * @returns {function} A function that will accept a claim as an argument,',\n ' * run the claim resolver function for the claim and obtain the claim value,',\n ' * and apply additional logic for essential claims.',\n ' */',\n ' function getEssentialClaimResolver (resolveClaim) {',\n ' /**',\n ' * Returns a claim value or throws an error.',\n ' * The claim value is obtained with a claim resolving function available from the closure.',\n ' * Throws an exception if the claim is essential and no value is returned for the claim.',\n ' *',\n ' * Use of this resolver is optional.',\n ' * @see {@link https://openid.net/specs/openid-connect-core-1_0.html#IndividualClaimsRequests} stating:',\n ' * \"Note that even if the Claims are not available because the End-User did not authorize their release or they are not present,',\n ' * the Authorization Server MUST NOT generate an error when Claims are not returned, whether they are Essential or Voluntary,',\n ' * unless otherwise specified in the description of the specific claim.\"',\n ' *',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @returns {*}',\n ' * @throws {org.forgerock.oauth2.core.exceptions.InvalidRequestException}',\n ' */',\n ' function resolveEssentialClaim(claim) {',\n ' var claimValue = resolveClaim(claim);',\n '',\n ' if (claim.isEssential() && !isClaimValueValid(claimValue)) {',\n \" throw new frJava.InvalidRequestException('Could not provide value for essential claim: ' + claim.getName());\",\n ' }',\n '',\n ' return claimValue;',\n ' }',\n '',\n ' return resolveEssentialClaim;',\n ' }',\n '',\n ' /**',\n ' * Provides default resolution for a claim.',\n ' * Use it if a claim-specific resolver is not defined in the configuration.',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @returns {*} A single value associated with this claim.',\n ' */',\n ' function resolveAnyClaim (claim) {',\n ' if (claim.getValues().size() === 1) {',\n ' return claim.getValues().toArray()[0];',\n ' }',\n ' }',\n '',\n ' // UTILITIES',\n '',\n ' /**',\n ' * Returns claim value from a set.',\n ' * If the set contains a single value, returns the value.',\n ' * If the set contains multiple values, returns the set.',\n ' * Otherwise, returns undefined.',\n ' *',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @param {java.util.HashSet} set The set—for example, a user profile attribute value.',\n ' * @returns {string|java.util.HashSet|undefined}',\n ' */',\n ' function getClaimValueFromSet (claim, set) {',\n ' if (set && set.size()) {',\n ' if (set.size() === 1) {',\n ' return set.toArray()[0];',\n ' } else {',\n ' return set;',\n ' }',\n ' } else if (logger.warningEnabled()) {',\n \" logger.warning('OIDC Claims script. Got an empty set for claim: ' + claim.getName());\",\n ' }',\n ' }',\n '',\n ' function isClaimValueValid (claimValue) {',\n \" if (typeof claimValue === 'undefined' || claimValue === null) {\",\n ' return false;',\n ' }',\n '',\n ' return true;',\n ' }',\n '',\n ' // CLAIM PROCESSING',\n '',\n ' /**',\n ' * Constructs and returns an object populated with the computed claim values',\n ' * and the requested scopes mapped to the claim names.',\n ' * @returns {org.forgerock.oauth2.core.UserInfoClaims} The object to be returned to the authorization server.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/oauth2/core/UserInfoClaims.html}.',\n ' * @see RESULTS section for the use of this function.',\n ' */',\n ' function getUserInfoClaims () {',\n ' return new frJava.UserInfoClaims(getComputedClaims(), getCompositeScopes());',\n ' }',\n '',\n ' /**',\n ' * Creates a map of (requested) claim names populated with the computed claim values.',\n ' * @returns {java.util.LinkedHashMap}',\n ' * A map of the requested claim names and the corresponding claim values.',\n ' */',\n ' function getComputedClaims () {',\n ' /**',\n ' * Creates a complete list of claim objects from:',\n ' * the claims derived from the scopes,',\n ' * the claims provided by the authorization server,',\n ' * and the claims requested by the client.',\n ' * @returns {java.util.ArrayList}',\n ' * Returns a complete list of org.forgerock.openidconnect.Claim objects available to the script.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for the claim object details.',\n ' */',\n ' function getClaims() {',\n ' /**',\n ' * Returns a list of claim objects for the requested scopes.',\n ' * Uses the scopeClaimsMap configuration option to derive the claim names;',\n ' * no other properties of a claim derived from a scope are populated.',\n ' * @returns {java.util.ArrayList}',\n ' * A list of org.forgerock.openidconnect.Claim objects derived from the requested scopes.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for the claim object details.',\n ' */',\n ' function convertScopeToClaims() {',\n ' var claims = new frJava.ArrayList();',\n '',\n ' scopes.toArray().forEach(function (scope) {',\n \" if (String(scope) !== 'openid' && scopeClaimsMap[scope]) {\",\n ' scopeClaimsMap[scope].forEach(function (claimName) {',\n ' claims.add(new frJava.Claim(claimName));',\n ' });',\n ' }',\n ' });',\n '',\n ' return claims;',\n ' }',\n '',\n ' var claims = new frJava.ArrayList();',\n '',\n ' claims.addAll(convertScopeToClaims());',\n ' claims.addAll(claimObjects);',\n ' claims.addAll(requestedTypedClaims);',\n '',\n ' return claims;',\n ' }',\n '',\n ' /**',\n ' * Computes and returns a claim value.',\n ' * To obtain the claim value, uses the resolver function specified for the claim in the claimResolvers configuration object.',\n ' * @see claimResolvers',\n ' * If no resolver function is found, uses the default claim resolver function.',\n ' *',\n ' * @param {org.forgerock.openidconnect.Claim} claim',\n ' * An object that provides methods to obtain information/requirements associated with a claim.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/openidconnect/Claim.html} for details.',\n ' * @returns {*} Claim value.',\n ' * @throws {org.forgerock.oauth2.core.exceptions.InvalidRequestException}',\n ' * Rethrows this exception if a claim resolver throws it.',\n ' * You can throw org.forgerock.oauth2.core.exceptions.InvalidRequestException from your custom claim resolver',\n ' * if you want to terminate the claim processing.',\n ' */',\n ' function computeClaim(claim) {',\n ' var resolveClaim;',\n ' var message;',\n '',\n ' try {',\n ' resolveClaim = claimResolvers[claim.getName()] || resolveAnyClaim;',\n '',\n ' return resolveClaim(claim);',\n ' } catch (e) {',\n \" message = 'OIDC Claims script exception. Unable to resolve OIDC Claim. ' + e;\",\n '',\n \" if (String(e).indexOf('org.forgerock.oauth2.core.exceptions.InvalidRequestException') !== -1) {\",\n ' throw e;',\n ' }',\n '',\n ' if (logger.warningEnabled()) {',\n ' logger.warning(message);',\n ' }',\n ' }',\n ' }',\n '',\n ' var computedClaims = new frJava.LinkedHashMap();',\n '',\n ' getClaims().toArray().forEach(function (claim) {',\n ' var claimValue = computeClaim(claim);',\n '',\n ' if (isClaimValueValid(claimValue)) {',\n ' computedClaims.put(claim.getName(), claimValue);',\n ' } else {',\n ' /**',\n ' * If a claim has been processed, but appears in the list again,',\n ' * and its value cannot be computed under the new conditions,',\n ' * the claim is removed from the final result.',\n ' *',\n ' * For example, a claim could be mapped to a scope and found in the user profile,',\n \" * but also requested by the client with required values that don't match the computed one.\",\n ' * @see {link https://openid.net/specs/openid-connect-core-1_0.html#IndividualClaimsRequests}.',\n ' * for the relevant OIDC specification details.',\n ' */',\n ' computedClaims.remove(claim.getName());',\n ' }',\n ' });',\n '',\n ' return computedClaims;',\n ' }',\n '',\n ' /**',\n ' * Creates a map of requested scopes and the corresponding claim names.',\n ' * @returns {java.util.LinkedHashMap}',\n ' */',\n ' function getCompositeScopes () {',\n ' var compositeScopes = new frJava.LinkedHashMap();',\n '',\n ' scopes.toArray().forEach(function (scope) {',\n ' var scopeClaims = new frJava.ArrayList();',\n '',\n ' if (scopeClaimsMap[scope]) {',\n ' scopeClaimsMap[scope].forEach(function (claimName) {',\n ' scopeClaims.add(claimName);',\n ' });',\n ' }',\n '',\n ' if (scopeClaims.size()) {',\n ' compositeScopes.put(scope, scopeClaims);',\n ' }',\n ' });',\n '',\n ' return compositeScopes;',\n ' }',\n '',\n ' // PUBLIC METHODS',\n '',\n ' return {',\n ' setScopeClaimsMap: setScopeClaimsMap,',\n ' setClaimResolvers: setClaimResolvers,',\n ' getUserProfileClaimResolver: getUserProfileClaimResolver,',\n ' getAddressClaimResolver: getAddressClaimResolver,',\n ' getEssentialClaimResolver: getEssentialClaimResolver,',\n ' getUserInfoClaims: getUserInfoClaims',\n ' };',\n ' }',\n '',\n ' // RESULTS',\n '',\n ' /**',\n ' * This script returns an instance of the org.forgerock.oauth2.core.UserInfoClaims class',\n ' * populated with the computed claim values and',\n ' * the requested scopes mapped to the claim names.',\n ' * @see {@link https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/oauth2/core/UserInfoClaims.html}.',\n ' *',\n ' * Assigning it to a variable gives you an opportunity',\n ' * to log the content of the returned value during development.',\n ' */',\n ' var userInfoClaims = utils.getUserInfoClaims();',\n '',\n ' /*',\n \" logger.error(scriptName + ' results:')\",\n \" logger.error('Values: ' + userInfoClaims.getValues())\",\n \" logger.error('Scopes: ' + userInfoClaims.getCompositeScopes())\",\n ' */',\n '',\n ' return userInfoClaims;',\n '}());',\n ],\n default: false,\n language: 'JAVASCRIPT',\n context: 'OIDC_CLAIMS',\n createdBy: 'null',\n creationDate: 0,\n lastModifiedBy: 'null',\n lastModifiedDate: 0,\n },\n '39c08084-1238-43e8-857f-2e11005eac49': {\n _id: '39c08084-1238-43e8-857f-2e11005eac49',\n name: 'Alpha OAuth2 Access Token Modification Script',\n description:\n 'Default alpha realm script for OAuth2 Access Token Modification',\n script: [\n '/*',\n ' * Copyright 2019-2021 ForgeRock AS. All Rights Reserved.',\n ' *',\n ' * Use of this code requires a commercial software license with ForgeRock AS',\n ' * or with one of its affiliates. All use shall be exclusively subject',\n ' * to such license between the licensee and ForgeRock AS.',\n ' */',\n '',\n '/*',\n ' * This script lets you modify information associated with an OAuth2 access token',\n ' * with methods provided by the AccessToken (1) interface.',\n ' * The changes made to OAuth2 access tokens will directly impact the size of the CTS tokens,',\n ' * and, similarly, the size of the JWTs if client-based OAuth2 tokens are utilized.',\n ' * When adding/updating fields make sure that the token size remains within client/user-agent limits.',\n ' *',\n ' * Defined variables:',\n ' * accessToken - AccessToken (1).',\n ' * The access token to be updated.',\n ' * Mutable object, all changes to the access token will be reflected.',\n ' * scopes - Set<String> (6).',\n ' * Always present, the requested scopes.',\n ' * requestProperties - Unmodifiable Map (5).',\n ' * Always present, contains a map of request properties:',\n ' * requestUri - The request URI.',\n ' * realm - The realm that the request relates to.',\n ' * requestParams - A map of the request params and/or posted data.',\n ' * Each value is a list of one or more properties.',\n ' * Please note that these should be handled in accordance with OWASP best practices:',\n ' * https://owasp.org/www-community/vulnerabilities/Unsafe_use_of_Reflection.',\n ' * clientProperties - Unmodifiable Map (5).',\n ' * Present if the client specified in the request was identified, contains a map of client properties:',\n \" * clientId - The client's URI for the request locale.\",\n ' * allowedGrantTypes - List of the allowed grant types (org.forgerock.oauth2.core.GrantType) for the client.',\n ' * allowedResponseTypes - List of the allowed response types for the client.',\n ' * allowedScopes - List of the allowed scopes for the client.',\n ' * customProperties - A map of the custom properties of the client.',\n ' * Lists or maps will be included as sub-maps; for example:',\n ' * customMap[Key1]=Value1 will be returned as customMap -> Key1 -> Value1.',\n ' * To add custom properties to a client, update the Custom Properties field',\n ' * in AM Console > Realm Name > Applications > OAuth 2.0 > Clients > Client ID > Advanced.',\n ' * identity - AMIdentity (3).',\n ' * Always present, the identity of the resource owner.',\n ' * session - SSOToken (4).',\n \" * Present if the request contains the session cookie, the user's session object.\",\n ' * scriptName - String (primitive).',\n ' * Always present, the display name of the script.',\n ' * logger - Always present, the \"OAuth2Provider\" debug logger instance:',\n ' * https://backstage.forgerock.com/docs/am/7/scripting-guide/scripting-api-global-logger.html#scripting-api-global-logger.',\n ' * Corresponding log files will be prefixed with: scripts.OAUTH2_ACCESS_TOKEN_MODIFICATION.',\n ' * httpClient - HTTP Client (8).',\n ' * Always present, the HTTP Client instance:',\n ' * https://backstage.forgerock.com/docs/am/7/scripting-guide/scripting-api-global-http-client.html#scripting-api-global-http-client.',\n ' *',\n ' * Return - no value is expected, changes shall be made to the accessToken parameter directly.',\n ' *',\n ' * Class reference:',\n ' * (1) AccessToken - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/oauth2/core/AccessToken.html.',\n ' * (3) AMIdentity - https://backstage.forgerock.com/docs/am/7/apidocs/com/sun/identity/idm/AMIdentity.html.',\n ' * (4) SSOToken - https://backstage.forgerock.com/docs/am/7/apidocs/com/iplanet/sso/SSOToken.html.',\n ' * (5) Map - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/HashMap.html,',\n ' * or https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/LinkedHashMap.html.',\n ' * (6) Set - https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/HashSet.html.',\n ' * (8) Client - https://backstage.forgerock.com/docs/am/7/apidocs/org/forgerock/http/Client.html.',\n ' */',\n '',\n '/* EXAMPLE',\n '(function () {',\n ' var frJava = JavaImporter(',\n ' org.forgerock.http.protocol.Request,',\n ' org.forgerock.http.protocol.Response',\n ' );',\n '',\n ' // Always includes this field in the token.',\n \" accessToken.setField('key1', 'value1');\",\n '',\n ' // Receives and adds to the access token additional values by performing a REST call to an external service.',\n ' // WARNING: Below, you will find a reference to a third-party site, which is provided only as an example.',\n \" var uri = 'https://jsonplaceholder.typicode.com/posts';\",\n '',\n ' try {',\n ' var request = new frJava.Request();',\n '',\n ' // You can chain methods that return the request object.',\n ' request.setUri(uri)',\n \" .setMethod('POST')\",\n ' .setEntity(JSON.stringify({',\n ' updatedFields: {',\n \" key2: 'value2',\",\n \" key3: 'value3'\",\n ' }',\n ' }));',\n '',\n ' // You can call a method when chaining is not possible.',\n \" request.getHeaders().add('Content-Type', 'application/json; charset=UTF-8');\",\n '',\n ' // Sends the request and receives the response.',\n ' var response = httpClient.send(request).getOrThrow();',\n '',\n ' // Checks if the response status is as expected.',\n ' if (response.getStatus() === org.forgerock.http.protocol.Status.CREATED) {',\n ' var result = JSON.parse(response.getEntity().getString());',\n '',\n ' // Set multiple token fields at once.',\n ' accessToken.setFields(result.updatedFields);',\n ' } else {',\n \" logger.error('Unable to obtain access token modifications. Status: ' + response.getStatus() + '. Content: ' + response.getEntity().getString());\",\n ' }',\n ' } catch (e) {',\n \" logger.error('The request processing was interrupted. ' + e);\",\n '',\n ' // The access token request fails with the HTTP 500 error in this case.',\n \" throw ('Unable to obtain response from: ' + uri);\",\n ' }',\n '',\n ' // Adds new fields containing identity attribute values to the access token.',\n \" accessToken.setField('mail', identity.getAttribute('mail'));\",\n \" accessToken.setField('phone', identity.getAttribute('telephoneNumber').toArray()[0]);\",\n '',\n ' // Adds new fields containing the session property values.',\n ' // NOTE: session may not be available for non-interactive authorization grants.',\n ' if (session) {',\n ' try {',\n \" accessToken.setField('ipAddress', session.getProperty('Host'));\",\n ' } catch (e) {',\n \" logger.error('Unable to retrieve session property value. ' + e);\",\n ' }',\n ' }',\n '',\n ' // Removes a native field from the token entry, that was set by AM.',\n ' // WARNING: removing native fields from the token may result in loss of functionality.',\n ' // accessToken.removeTokenName()',\n '',\n ' // No return value is expected. Let it be undefined.',\n '}());',\n '*/',\n ],\n default: false,\n language: 'JAVASCRIPT',\n context: 'OAUTH2_ACCESS_TOKEN_MODIFICATION',\n createdBy: 'null',\n creationDate: 0,\n lastModifiedBy: 'null',\n lastModifiedDate: 0,\n },\n },\n application: {\n FrodoTestOAuth2Client1: {\n overrideOAuth2ClientConfig: {\n issueRefreshToken: true,\n validateScopePluginType: 'PROVIDER',\n tokenEncryptionEnabled: false,\n evaluateScopePluginType: 'PROVIDER',\n oidcMayActScript: '[Empty]',\n oidcClaimsScript: 'cf3515f0-8278-4ee3-a530-1bad7424c416',\n scopesPolicySet: 'oauth2Scopes',\n accessTokenModificationPluginType: 'SCRIPTED',\n authorizeEndpointDataProviderClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultEndpointDataProvider',\n oidcClaimsPluginType: 'SCRIPTED',\n providerOverridesEnabled: true,\n authorizeEndpointDataProviderScript: '[Empty]',\n statelessTokensEnabled: false,\n authorizeEndpointDataProviderPluginType: 'PROVIDER',\n remoteConsentServiceId: '[Empty]',\n enableRemoteConsent: false,\n validateScopeClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultScopeValidator',\n usePolicyEngineForScope: false,\n evaluateScopeClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultScopeEvaluator',\n overrideableOIDCClaims: [],\n accessTokenMayActScript: '[Empty]',\n evaluateScopeScript: '[Empty]',\n clientsCanSkipConsent: false,\n accessTokenModificationScript: '39c08084-1238-43e8-857f-2e11005eac49',\n issueRefreshTokenOnRefreshedToken: true,\n validateScopeScript: '[Empty]',\n },\n advancedOAuth2ClientConfig: {\n logoUri: {\n inherited: false,\n value: [],\n },\n subjectType: {\n inherited: false,\n value: 'public',\n },\n clientUri: {\n inherited: false,\n value: [],\n },\n tokenExchangeAuthLevel: {\n inherited: false,\n value: 0,\n },\n responseTypes: {\n inherited: false,\n value: ['code', 'token', 'id_token'],\n },\n mixUpMitigation: {\n inherited: false,\n value: false,\n },\n customProperties: {\n inherited: false,\n value: [],\n },\n javascriptOrigins: {\n inherited: false,\n value: [\n 'https://my.application.com',\n 'https://my.application.com:443',\n ],\n },\n policyUri: {\n inherited: false,\n value: [],\n },\n softwareVersion: {\n inherited: false,\n },\n tosURI: {\n inherited: false,\n value: [],\n },\n sectorIdentifierUri: {\n inherited: false,\n },\n tokenEndpointAuthMethod: {\n inherited: false,\n value: 'client_secret_basic',\n },\n refreshTokenGracePeriod: {\n inherited: false,\n value: 0,\n },\n isConsentImplied: {\n inherited: false,\n value: true,\n },\n softwareIdentity: {\n inherited: false,\n },\n grantTypes: {\n inherited: false,\n value: [\n 'authorization_code',\n 'client_credentials',\n 'refresh_token',\n ],\n },\n require_pushed_authorization_requests: {\n inherited: false,\n value: false,\n },\n descriptions: {\n inherited: false,\n value: [],\n },\n requestUris: {\n inherited: false,\n value: [],\n },\n name: {\n inherited: false,\n value: [],\n },\n contacts: {\n inherited: false,\n value: [],\n },\n updateAccessToken: {\n inherited: false,\n },\n },\n signEncOAuth2ClientConfig: {\n tokenEndpointAuthSigningAlgorithm: {\n inherited: false,\n value: 'RS256',\n },\n idTokenEncryptionEnabled: {\n inherited: false,\n value: false,\n },\n tokenIntrospectionEncryptedResponseEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n requestParameterSignedAlg: {\n inherited: false,\n },\n authorizationResponseSigningAlgorithm: {\n inherited: false,\n value: 'RS256',\n },\n clientJwtPublicKey: {\n inherited: false,\n },\n idTokenPublicEncryptionKey: {\n inherited: false,\n },\n mTLSSubjectDN: {\n inherited: false,\n },\n jwkStoreCacheMissCacheTime: {\n inherited: false,\n value: 60000,\n },\n jwkSet: {\n inherited: false,\n },\n idTokenEncryptionMethod: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n jwksUri: {\n inherited: false,\n },\n tokenIntrospectionEncryptedResponseAlg: {\n inherited: false,\n value: 'RSA-OAEP-256',\n },\n authorizationResponseEncryptionMethod: {\n inherited: false,\n },\n userinfoResponseFormat: {\n inherited: false,\n value: 'JSON',\n },\n mTLSCertificateBoundAccessTokens: {\n inherited: false,\n value: false,\n },\n publicKeyLocation: {\n inherited: false,\n value: 'jwks_uri',\n },\n tokenIntrospectionResponseFormat: {\n inherited: false,\n value: 'JSON',\n },\n requestParameterEncryptedEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n userinfoSignedResponseAlg: {\n inherited: false,\n },\n idTokenEncryptionAlgorithm: {\n inherited: false,\n value: 'RSA-OAEP-256',\n },\n requestParameterEncryptedAlg: {\n inherited: false,\n },\n authorizationResponseEncryptionAlgorithm: {\n inherited: false,\n },\n mTLSTrustedCert: {\n inherited: false,\n },\n jwksCacheTimeout: {\n inherited: false,\n value: 3600000,\n },\n userinfoEncryptedResponseAlg: {\n inherited: false,\n },\n idTokenSignedResponseAlg: {\n inherited: false,\n value: 'RS256',\n },\n tokenIntrospectionSignedResponseAlg: {\n inherited: false,\n value: 'RS256',\n },\n userinfoEncryptedResponseEncryptionAlgorithm: {\n inherited: false,\n value: 'A128CBC-HS256',\n },\n },\n coreOpenIDClientConfig: {\n claims: {\n inherited: false,\n value: [],\n },\n backchannel_logout_uri: {\n inherited: false,\n },\n defaultAcrValues: {\n inherited: false,\n value: [],\n },\n jwtTokenLifetime: {\n inherited: false,\n value: 3600,\n },\n defaultMaxAgeEnabled: {\n inherited: false,\n value: false,\n },\n clientSessionUri: {\n inherited: false,\n },\n defaultMaxAge: {\n inherited: false,\n value: 600,\n },\n postLogoutRedirectUri: {\n inherited: false,\n value: [],\n },\n backchannel_logout_session_required: {\n inherited: false,\n value: false,\n },\n },\n coreOAuth2ClientConfig: {\n userpassword: null,\n status: {\n inherited: false,\n value: 'Active',\n },\n clientName: {\n inherited: false,\n value: [],\n },\n clientType: {\n inherited: false,\n value: 'Confidential',\n },\n loopbackInterfaceRedirection: {\n inherited: false,\n value: false,\n },\n defaultScopes: {\n inherited: false,\n value: [],\n },\n refreshTokenLifetime: {\n inherited: false,\n value: 604800,\n },\n scopes: {\n inherited: false,\n value: ['openid', 'profile', 'email'],\n },\n accessTokenLifetime: {\n inherited: false,\n value: 3600,\n },\n redirectionUris: {\n inherited: false,\n value: ['https://my.application.com/callback'],\n },\n authorizationCodeLifetime: {\n inherited: false,\n value: 120,\n },\n },\n coreUmaClientConfig: {\n claimsRedirectionUris: {\n inherited: false,\n value: [],\n },\n },\n _type: {\n _id: 'OAuth2Client',\n name: 'OAuth2 Clients',\n collection: true,\n },\n _provider: {\n _id: '',\n _rev: '745152125',\n advancedOIDCConfig: {\n supportedRequestParameterEncryptionEnc: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n authorisedOpenIdConnectSSOClients: [],\n supportedUserInfoEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'RSA-OAEP',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n supportedAuthorizationResponseEncryptionEnc: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n supportedTokenIntrospectionResponseEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'RSA-OAEP',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n useForceAuthnForPromptLogin: false,\n alwaysAddClaimsToToken: true,\n supportedTokenIntrospectionResponseSigningAlgorithms: [\n 'PS384',\n 'RS384',\n 'EdDSA',\n 'ES384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedTokenEndpointAuthenticationSigningAlgorithms: [\n 'PS384',\n 'ES384',\n 'RS384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedRequestParameterSigningAlgorithms: [\n 'PS384',\n 'ES384',\n 'RS384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n includeAllKtyAlgCombinationsInJwksUri: false,\n amrMappings: {},\n loaMapping: {},\n authorisedIdmDelegationClients: [],\n idTokenInfoClientAuthenticationEnabled: true,\n storeOpsTokens: true,\n supportedUserInfoSigningAlgorithms: [\n 'ES384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n ],\n supportedAuthorizationResponseSigningAlgorithms: [\n 'PS384',\n 'RS384',\n 'EdDSA',\n 'ES384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedUserInfoEncryptionEnc: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n claimsParameterSupported: false,\n supportedTokenIntrospectionResponseEncryptionEnc: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n supportedAuthorizationResponseEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'RSA-OAEP',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n supportedRequestParameterEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n defaultACR: [],\n },\n advancedOAuth2Config: {\n passwordGrantAuthService: 'PasswordGrant',\n tokenCompressionEnabled: false,\n tokenEncryptionEnabled: false,\n requirePushedAuthorizationRequests: false,\n tlsCertificateBoundAccessTokensEnabled: true,\n defaultScopes: ['address', 'phone', 'openid', 'profile', 'email'],\n moduleMessageEnabledInPasswordGrant: false,\n supportedSubjectTypes: ['public', 'pairwise'],\n refreshTokenGracePeriod: 0,\n tlsClientCertificateHeaderFormat: 'URLENCODED_PEM',\n hashSalt: 'qAWV0MFSQpC/f1GPbZAZnMRksak=',\n macaroonTokenFormat: 'V2',\n maxAgeOfRequestObjectNbfClaim: 0,\n tlsCertificateRevocationCheckingEnabled: false,\n nbfClaimRequiredInRequestObject: false,\n requestObjectProcessing: 'OIDC',\n maxDifferenceBetweenRequestObjectNbfAndExp: 0,\n responseTypeClasses: [\n 'code|org.forgerock.oauth2.core.AuthorizationCodeResponseTypeHandler',\n 'device_code|org.forgerock.oauth2.core.TokenResponseTypeHandler',\n 'token|org.forgerock.oauth2.core.TokenResponseTypeHandler',\n 'id_token|org.forgerock.openidconnect.IdTokenResponseTypeHandler',\n ],\n expClaimRequiredInRequestObject: false,\n tokenValidatorClasses: [\n 'urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.idtoken.OidcIdTokenValidator',\n 'urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.OAuth2AccessTokenValidator',\n ],\n tokenSigningAlgorithm: 'HS256',\n codeVerifierEnforced: 'false',\n displayNameAttribute: 'cn',\n tokenExchangeClasses: [\n 'urn:ietf:params:oauth:token-type:access_token=>urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.AccessTokenToAccessTokenExchanger',\n 'urn:ietf:params:oauth:token-type:id_token=>urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.idtoken.IdTokenToIdTokenExchanger',\n 'urn:ietf:params:oauth:token-type:access_token=>urn:ietf:params:oauth:token-type:id_token|org.forgerock.oauth2.core.tokenexchange.accesstoken.AccessTokenToIdTokenExchanger',\n 'urn:ietf:params:oauth:token-type:id_token=>urn:ietf:params:oauth:token-type:access_token|org.forgerock.oauth2.core.tokenexchange.idtoken.IdTokenToAccessTokenExchanger',\n ],\n parRequestUriLifetime: 90,\n allowedAudienceValues: [],\n persistentClaims: [],\n supportedScopes: [\n 'email|Your email address',\n 'openid|',\n 'address|Your postal address',\n 'phone|Your telephone number(s)',\n 'profile|Your personal information',\n 'fr:idm:*',\n 'am-introspect-all-tokens',\n ],\n authenticationAttributes: ['uid'],\n grantTypes: [\n 'implicit',\n 'urn:ietf:params:oauth:grant-type:saml2-bearer',\n 'refresh_token',\n 'password',\n 'client_credentials',\n 'urn:ietf:params:oauth:grant-type:device_code',\n 'authorization_code',\n 'urn:openid:params:grant-type:ciba',\n 'urn:ietf:params:oauth:grant-type:uma-ticket',\n 'urn:ietf:params:oauth:grant-type:jwt-bearer',\n ],\n },\n clientDynamicRegistrationConfig: {\n dynamicClientRegistrationScope: 'dynamic_client_registration',\n allowDynamicRegistration: false,\n requiredSoftwareStatementAttestedAttributes: ['redirect_uris'],\n dynamicClientRegistrationSoftwareStatementRequired: false,\n generateRegistrationAccessTokens: true,\n },\n coreOIDCConfig: {\n overrideableOIDCClaims: [],\n oidcDiscoveryEndpointEnabled: true,\n supportedIDTokenEncryptionMethods: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n supportedClaims: [],\n supportedIDTokenSigningAlgorithms: [\n 'PS384',\n 'ES384',\n 'RS384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedIDTokenEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'RSA-OAEP',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n jwtTokenLifetime: 3600,\n },\n coreOAuth2Config: {\n refreshTokenLifetime: 604800,\n scopesPolicySet: 'oauth2Scopes',\n accessTokenMayActScript: '[Empty]',\n accessTokenLifetime: 3600,\n macaroonTokensEnabled: false,\n codeLifetime: 120,\n statelessTokensEnabled: true,\n usePolicyEngineForScope: false,\n issueRefreshToken: true,\n oidcMayActScript: '[Empty]',\n issueRefreshTokenOnRefreshedToken: true,\n },\n consent: {\n supportedRcsRequestSigningAlgorithms: [\n 'PS384',\n 'ES384',\n 'RS384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedRcsResponseEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n supportedRcsRequestEncryptionMethods: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n enableRemoteConsent: false,\n supportedRcsRequestEncryptionAlgorithms: [\n 'ECDH-ES+A256KW',\n 'ECDH-ES+A192KW',\n 'RSA-OAEP',\n 'ECDH-ES+A128KW',\n 'RSA-OAEP-256',\n 'A128KW',\n 'A256KW',\n 'ECDH-ES',\n 'dir',\n 'A192KW',\n ],\n clientsCanSkipConsent: true,\n supportedRcsResponseSigningAlgorithms: [\n 'PS384',\n 'ES384',\n 'RS384',\n 'HS256',\n 'HS512',\n 'ES256',\n 'RS256',\n 'HS384',\n 'ES512',\n 'PS256',\n 'PS512',\n 'RS512',\n ],\n supportedRcsResponseEncryptionMethods: [\n 'A256GCM',\n 'A192GCM',\n 'A128GCM',\n 'A128CBC-HS256',\n 'A192CBC-HS384',\n 'A256CBC-HS512',\n ],\n },\n deviceCodeConfig: {\n deviceUserCodeLength: 8,\n deviceCodeLifetime: 300,\n deviceUserCodeCharacterSet:\n '234567ACDEFGHJKLMNPQRSTWXYZabcdefhijkmnopqrstwxyz',\n devicePollInterval: 5,\n },\n pluginsConfig: {\n evaluateScopeClass:\n 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n validateScopeScript: '[Empty]',\n accessTokenEnricherClass:\n 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n oidcClaimsPluginType: 'SCRIPTED',\n authorizeEndpointDataProviderClass:\n 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n authorizeEndpointDataProviderPluginType: 'JAVA',\n userCodeGeneratorClass:\n 'org.forgerock.oauth2.core.plugins.registry.DefaultUserCodeGenerator',\n evaluateScopeScript: '[Empty]',\n oidcClaimsClass: 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n evaluateScopePluginType: 'JAVA',\n authorizeEndpointDataProviderScript: '[Empty]',\n accessTokenModifierClass:\n 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n accessTokenModificationScript:\n '39c08084-1238-43e8-857f-2e11005eac49',\n validateScopePluginType: 'JAVA',\n accessTokenModificationPluginType: 'SCRIPTED',\n oidcClaimsScript: 'cf3515f0-8278-4ee3-a530-1bad7424c416',\n validateScopeClass:\n 'org.forgerock.openam.oauth2.OpenAMScopeValidator',\n },\n cibaConfig: {\n cibaMinimumPollingInterval: 2,\n supportedCibaSigningAlgorithms: ['ES256', 'PS256'],\n cibaAuthReqIdLifetime: 600,\n },\n _type: {\n _id: 'oauth-oidc',\n name: 'OAuth2 Provider',\n collection: false,\n },\n },\n },\n },\n };\n const client1 = {\n id: 'FrodoTestOAuth2Client1',\n data: cloneDeep(rawClientTemplate),\n };\n const client2 = {\n id: 'FrodoTestOAuth2Client2',\n data: cloneDeep(rawClientTemplate),\n };\n const client3 = {\n id: 'FrodoTestOAuth2Client3',\n data: cloneDeep(rawClientTemplate),\n };\n const client4 = {\n id: 'FrodoTestOAuth2Client4',\n data: {},\n };\n const client5 = {\n id: 'FrodoTestOAuth2Client5',\n data: {},\n };\n const client6 = {\n id: 'FrodoTestOAuth2Client6',\n data: {},\n };\n const client7 = {\n id: 'FrodoTestOAuth2Client7',\n data: {},\n };\n const client8 = {\n id: 'FrodoTestOAuth2Client8',\n data: {},\n };\n const client9 = {\n id: 'FrodoTestOAuth2Client9',\n data: {},\n };\n const client10 = {\n id: 'FrodoTestOAuth2Client10',\n data: {},\n };\n const client11 = {\n id: 'FrodoTestOAuth2Client11',\n data: {},\n };\n const client12 = {\n id: 'FrodoTestOAuth2Client12',\n data: {},\n };\n const client13 = {\n id: 'FrodoTestOAuth2Client13',\n data: {},\n };\n const import1: {\n id: string;\n data: object;\n } = {\n id: 'FrodoTestOAuth2Client4',\n data: applyOAuth2ClientImportTemplate(depsClientImportTemplate, [\n 'FrodoTestOAuth2Client4',\n ]),\n };\n const import2: {\n id: string;\n data: object;\n } = {\n id: 'FrodoTestOAuth2Client5',\n data: applyOAuth2ClientImportTemplate(depsClientImportTemplate, [\n 'FrodoTestOAuth2Client5',\n ]),\n };\n const importData1 = applyOAuth2ClientImportTemplate(\n depsClientImportTemplate,\n ['FrodoTestOAuth2Client6', 'FrodoTestOAuth2Client7']\n );\n const importData2 = applyOAuth2ClientImportTemplate(\n depsClientImportTemplate,\n ['FrodoTestOAuth2Client8', 'FrodoTestOAuth2Client9']\n );\n const importData3 = applyOAuth2ClientImportTemplate(\n depsClientImportTemplate,\n ['FrodoTestOAuth2Client10', 'FrodoTestOAuth2Client11']\n );\n const importData4 = applyOAuth2ClientImportTemplate(\n depsClientImportTemplate,\n ['FrodoTestOAuth2Client12', 'FrodoTestOAuth2Client13']\n );\n // in recording mode, setup test data before recording\n beforeAll(async () => {\n if (process.env.FRODO_POLLY_MODE === 'record') {\n await stageOAuth2Client(client1);\n await stageOAuth2Client(client2);\n await stageOAuth2Client(client3, false);\n }\n });\n // in recording mode, remove test data after recording\n afterAll(async () => {\n if (process.env.FRODO_POLLY_MODE === 'record') {\n await stageOAuth2Client(client1, false);\n await stageOAuth2Client(client2, false);\n await stageOAuth2Client(client3, false);\n await stageOAuth2Client(client4, false);\n await stageOAuth2Client(client5, false);\n await stageOAuth2Client(client6, false);\n await stageOAuth2Client(client7, false);\n await stageOAuth2Client(client8, false);\n await stageOAuth2Client(client9, false);\n await stageOAuth2Client(client10, false);\n await stageOAuth2Client(client11, false);\n await stageOAuth2Client(client12, false);\n await stageOAuth2Client(client13, false);\n }\n });\n\n describe('exportOAuth2Client()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2ClientOps.exportOAuth2Client).toBeDefined();\n });\n\n test(`1: Export oauth2 client ${client1.id}`, async () => {\n const response = await OAuth2ClientOps.exportOAuth2Client({\n clientId: client1.id,\n state,\n });\n expect(response).toMatchSnapshot({\n meta: expect.any(Object),\n });\n });\n });\n\n describe('exportOAuth2Clients()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2ClientOps.exportOAuth2Clients).toBeDefined();\n });\n\n test('1: Export all oauth2 clients', async () => {\n const response = await OAuth2ClientOps.exportOAuth2Clients({ state });\n expect(response).toMatchSnapshot({\n meta: expect.any(Object),\n });\n });\n });\n\n describe('getOAuth2Clients()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2ClientOps.getOAuth2Clients).toBeDefined();\n });\n\n test(`1: Get oauth2 clients`, async () => {\n const response = await OAuth2ClientOps.getOAuth2Clients({ state });\n expect(response).toMatchSnapshot();\n });\n });\n\n describe('getOAuth2Client()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2ClientOps.getOAuth2Client).toBeDefined();\n });\n\n test(`1: Get oauth2 client ${client1.id}`, async () => {\n const response = await OAuth2ClientOps.getOAuth2Client({\n clientId: client1.id,\n state,\n });\n expect(response).toMatchSnapshot();\n });\n });\n\n describe('putOAuth2Client()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2ClientOps.putOAuth2Client).toBeDefined();\n });\n\n test(`1: Put oauth2 client ${client3.id}`, async () => {\n const response = await OAuth2ClientOps.putOAuth2Client({\n clientId: client3.id,\n clientData: client3.data,\n state,\n });\n expect(response).toMatchSnapshot();\n });\n });\n\n describe('importOAuth2Client()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2ClientOps.importOAuth2Client).toBeDefined();\n });\n\n test(`1: Import oauth2 client ${import1.id} w/ dependencies`, async () => {\n expect.assertions(1);\n const response = await OAuth2ClientOps.importOAuth2Client({\n clientId: import1.id,\n importData: import1.data as OAuth2ClientOps.OAuth2ClientExportInterface,\n options: { deps: true },\n state,\n });\n expect(response).toMatchSnapshot();\n });\n\n test(`2: Import oauth2 client ${import2.id} w/o dependencies`, async () => {\n expect.assertions(1);\n const response = await OAuth2ClientOps.importOAuth2Client({\n clientId: import2.id,\n importData: import2.data as OAuth2ClientOps.OAuth2ClientExportInterface,\n options: { deps: false },\n state,\n });\n expect(response).toMatchSnapshot();\n });\n });\n\n describe('importFirstOAuth2Client()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2ClientOps.importFirstOAuth2Client).toBeDefined();\n });\n\n test(`1: Import first oauth2 client w/ dependencies`, async () => {\n expect.assertions(1);\n const outcome = await OAuth2ClientOps.importFirstOAuth2Client({\n importData: importData1 as OAuth2ClientOps.OAuth2ClientExportInterface,\n options: { deps: true },\n state,\n });\n expect(outcome).toMatchSnapshot();\n });\n\n test(`2: Import first oauth2 client w/o dependencies`, async () => {\n expect.assertions(1);\n const outcome = await OAuth2ClientOps.importFirstOAuth2Client({\n importData: importData2 as OAuth2ClientOps.OAuth2ClientExportInterface,\n options: { deps: false },\n state,\n });\n expect(outcome).toMatchSnapshot();\n });\n });\n\n describe('importOAuth2Clients()', () => {\n test('0: Method is implemented', async () => {\n expect(OAuth2ClientOps.importOAuth2Clients).toBeDefined();\n });\n });\n\n test(`1: Import all oauth2 clients w/ dependencies`, async () => {\n expect.assertions(1);\n const outcome = await OAuth2ClientOps.importOAuth2Clients({\n importData: importData3 as OAuth2ClientOps.OAuth2ClientExportInterface,\n options: { deps: true },\n state,\n });\n expect(outcome).toMatchSnapshot();\n });\n\n test(`1: Import all oauth2 clients w/o dependencies`, async () => {\n expect.assertions(1);\n const outcome = await OAuth2ClientOps.importOAuth2Clients({\n importData: importData4 as OAuth2ClientOps.OAuth2ClientExportInterface,\n options: { deps: false },\n state,\n });\n expect(outcome).toMatchSnapshot();\n });\n});\n"],"mappings":";;AA+BA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,eAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,eAAA,GAAAH,OAAA;AACA,IAAAI,SAAA,GAAAJ,OAAA;AAA6C,SAAAK,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,yBAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAW,mBAAAC,GAAA,EAAAC,OAAA,EAAAC,MAAA,EAAAC,KAAA,EAAAC,MAAA,EAAAX,GAAA,EAAAY,GAAA,cAAAC,IAAA,GAAAN,GAAA,CAAAP,GAAA,EAAAY,GAAA,OAAAE,KAAA,GAAAD,IAAA,CAAAC,KAAA,WAAAC,KAAA,IAAAN,MAAA,CAAAM,KAAA,iBAAAF,IAAA,CAAAG,IAAA,IAAAR,OAAA,CAAAM,KAAA,YAAAG,OAAA,CAAAT,OAAA,CAAAM,KAAA,EAAAI,IAAA,CAAAR,KAAA,EAAAC,MAAA;AAAA,SAAAQ,kBAAAC,EAAA,6BAAAC,IAAA,SAAAC,IAAA,GAAAC,SAAA,aAAAN,OAAA,WAAAT,OAAA,EAAAC,MAAA,QAAAF,GAAA,GAAAa,EAAA,CAAAI,KAAA,CAAAH,IAAA,EAAAC,IAAA,YAAAZ,MAAAI,KAAA,IAAAR,kBAAA,CAAAC,GAAA,EAAAC,OAAA,EAAAC,MAAA,EAAAC,KAAA,EAAAC,MAAA,UAAAG,KAAA,cAAAH,OAAAc,GAAA,IAAAnB,kBAAA,CAAAC,GAAA,EAAAC,OAAA,EAAAC,MAAA,EAAAC,KAAA,EAAAC,MAAA,WAAAc,GAAA,KAAAf,KAAA,CAAAgB,SAAA,YAlC7C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAUA,IAAAC,8BAAc,EAAC,CAAC;AAAC,SAEFC,iBAAiBA,CAAAC,EAAA;EAAA,OAAAC,kBAAA,CAAAN,KAAA,OAAAD,SAAA;AAAA;AAAA,SAAAO,mBAAA;EAAAA,kBAAA,GAAAX,iBAAA,CAAhC,WACEY,MAGC,EAED;IAAA,IADAC,MAAM,GAAAT,SAAA,CAAAU,MAAA,QAAAV,SAAA,QAAAG,SAAA,GAAAH,SAAA,MAAG,IAAI;IAEb;IACA,IAAI;MACF,MAAM3C,eAAe,CAACsD,eAAe,CAAC;QAAEC,QAAQ,EAAEJ,MAAM,CAACK,EAAE;QAAEC,KAAK,EAALA;MAAM,CAAC,CAAC;MACrE,MAAMzD,eAAe,CAAC0D,kBAAkB,CAAC;QAAEH,QAAQ,EAAEJ,MAAM,CAACK,EAAE;QAAEC,KAAK,EAALA;MAAM,CAAC,CAAC;IAC1E,CAAC,CAAC,OAAOtB,KAAK,EAAE;MACd;IAAA,CACD,SAAS;MACR,IAAIiB,MAAM,EAAE;QACV,MAAMpD,eAAe,CAAC2D,eAAe,CAAC;UACpCJ,QAAQ,EAAEJ,MAAM,CAACK,EAAE;UACnBI,UAAU,EAAET,MAAM,CAACU,IAAI;UACvBJ,KAAK,EAALA;QACF,CAAC,CAAC;MACJ;IACF;EACF,CAAC;EAAA,OAAAP,kBAAA,CAAAN,KAAA,OAAAD,SAAA;AAAA;AAED,SAASmB,+BAA+BA,CAACC,QAAQ,EAAEC,GAAa,EAAE;EAChE,IAAMC,UAAuD,GAC3D,IAAAC,mBAAS,EAACH,QAAQ,CAAC;EACrB,IAAM3C,GAAG,GAAG,IAAA8C,mBAAS,EAACjD,MAAM,CAACkD,IAAI,CAACF,UAAU,CAACG,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;EAC7D,IAAMR,UAAU,GAAGK,UAAU,CAACG,WAAW,CAAChD,GAAG,CAAC;EAC9C,KAAK,IAAMA,IAAG,IAAIH,MAAM,CAACkD,IAAI,CAACF,UAAU,CAACG,WAAW,CAAC,EAAE;IACrD,OAAOH,UAAU,CAACG,WAAW,CAAChD,IAAG,CAAC;EACpC;EACA,KAAK,IAAMoC,EAAE,IAAIQ,GAAG,EAAE;IACpBC,UAAU,CAACG,WAAW,CAACZ,EAAE,CAAC,GAAG,IAAAU,mBAAS,EAACN,UAAU,CAAC;EACpD;EACAS,OAAO,CAACC,GAAG,mBAAAC,MAAA,CAAmBP,GAAG,CAAE,CAAC;EACpCK,OAAO,CAACG,GAAG,CAACP,UAAU,CAAC;EACvB,OAAOA,UAAU;AACnB;AAEAQ,QAAQ,CAAC,iBAAiB,EAAE,MAAM;EAChC,IAAMC,iBAAiB,GAAG;IACxBC,0BAA0B,EAAE;MAC1BC,iBAAiB,EAAE,IAAI;MACvBC,uBAAuB,EAAE,UAAU;MACnCC,sBAAsB,EAAE,KAAK;MAC7BC,uBAAuB,EAAE,UAAU;MACnCC,gBAAgB,EAAE,SAAS;MAC3BC,gBAAgB,EAAE,SAAS;MAC3BC,eAAe,EAAE,cAAc;MAC/BC,iCAAiC,EAAE,UAAU;MAC7CC,kCAAkC,EAChC,wEAAwE;MAC1EC,oBAAoB,EAAE,UAAU;MAChCC,wBAAwB,EAAE,KAAK;MAC/BC,mCAAmC,EAAE,SAAS;MAC9CC,sBAAsB,EAAE,KAAK;MAC7BC,uCAAuC,EAAE,UAAU;MACnDC,sBAAsB,EAAE,IAAI;MAC5BC,mBAAmB,EAAE,KAAK;MAC1BC,kBAAkB,EAChB,kEAAkE;MACpEC,uBAAuB,EAAE,KAAK;MAC9BC,kBAAkB,EAChB,kEAAkE;MACpEC,sBAAsB,EAAE,EAAE;MAC1BC,uBAAuB,EAAE,SAAS;MAClCC,mBAAmB,EAAE,SAAS;MAC9BC,qBAAqB,EAAE,KAAK;MAC5BC,6BAA6B,EAAE,SAAS;MACxCC,iCAAiC,EAAE,IAAI;MACvCC,mBAAmB,EAAE;IACvB,CAAC;IACDC,0BAA0B,EAAE;MAC1BC,OAAO,EAAE;QACPC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDuE,WAAW,EAAE;QACXD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDwE,SAAS,EAAE;QACTF,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDyE,sBAAsB,EAAE;QACtBH,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD0E,aAAa,EAAE;QACbJ,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,UAAU;MACrC,CAAC;MACD2E,eAAe,EAAE;QACfL,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD4E,gBAAgB,EAAE;QAChBN,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD6E,iBAAiB,EAAE;QACjBP,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD8E,SAAS,EAAE;QACTR,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD+E,eAAe,EAAE;QACfT,SAAS,EAAE;MACb,CAAC;MACDU,MAAM,EAAE;QACNV,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDiF,mBAAmB,EAAE;QACnBX,SAAS,EAAE;MACb,CAAC;MACDY,uBAAuB,EAAE;QACvBZ,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDmF,uBAAuB,EAAE;QACvBb,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDoF,gBAAgB,EAAE;QAChBd,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDqF,gBAAgB,EAAE;QAChBf,SAAS,EAAE;MACb,CAAC;MACDgB,UAAU,EAAE;QACVhB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE,CAAC,oBAAoB,EAAE,eAAe;MAC/C,CAAC;MACDuF,qCAAqC,EAAE;QACrCjB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDwF,YAAY,EAAE;QACZlB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDyF,WAAW,EAAE;QACXnB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD0F,IAAI,EAAE;QACJpB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD2F,QAAQ,EAAE;QACRrB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD4F,iBAAiB,EAAE;QACjBtB,SAAS,EAAE;MACb;IACF,CAAC;IACDuB,yBAAyB,EAAE;MACzBC,iCAAiC,EAAE;QACjCxB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD+F,wBAAwB,EAAE;QACxBzB,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDgG,sDAAsD,EAAE;QACtD1B,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDiG,yBAAyB,EAAE;QACzB3B,SAAS,EAAE;MACb,CAAC;MACD4B,qCAAqC,EAAE;QACrC5B,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDmG,kBAAkB,EAAE;QAClB7B,SAAS,EAAE;MACb,CAAC;MACD8B,0BAA0B,EAAE;QAC1B9B,SAAS,EAAE;MACb,CAAC;MACD+B,aAAa,EAAE;QACb/B,SAAS,EAAE;MACb,CAAC;MACDgC,0BAA0B,EAAE;QAC1BhC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDuG,MAAM,EAAE;QACNjC,SAAS,EAAE;MACb,CAAC;MACDkC,uBAAuB,EAAE;QACvBlC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDyG,OAAO,EAAE;QACPnC,SAAS,EAAE;MACb,CAAC;MACDoC,sCAAsC,EAAE;QACtCpC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD2G,qCAAqC,EAAE;QACrCrC,SAAS,EAAE;MACb,CAAC;MACDsC,sBAAsB,EAAE;QACtBtC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD6G,gCAAgC,EAAE;QAChCvC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD8G,iBAAiB,EAAE;QACjBxC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD+G,gCAAgC,EAAE;QAChCzC,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDgH,4CAA4C,EAAE;QAC5C1C,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDiH,yBAAyB,EAAE;QACzB3C,SAAS,EAAE;MACb,CAAC;MACD4C,0BAA0B,EAAE;QAC1B5C,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDmH,4BAA4B,EAAE;QAC5B7C,SAAS,EAAE;MACb,CAAC;MACD8C,wCAAwC,EAAE;QACxC9C,SAAS,EAAE;MACb,CAAC;MACD+C,eAAe,EAAE;QACf/C,SAAS,EAAE;MACb,CAAC;MACDgD,gBAAgB,EAAE;QAChBhD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDuH,4BAA4B,EAAE;QAC5BjD,SAAS,EAAE;MACb,CAAC;MACDkD,wBAAwB,EAAE;QACxBlD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDyH,mCAAmC,EAAE;QACnCnD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD0H,4CAA4C,EAAE;QAC5CpD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT;IACF,CAAC;IACD2H,sBAAsB,EAAE;MACtBC,MAAM,EAAE;QACNtD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD6H,sBAAsB,EAAE;QACtBvD,SAAS,EAAE;MACb,CAAC;MACDwD,gBAAgB,EAAE;QAChBxD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD+H,gBAAgB,EAAE;QAChBzD,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDgI,oBAAoB,EAAE;QACpB1D,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDiI,gBAAgB,EAAE;QAChB3D,SAAS,EAAE;MACb,CAAC;MACD4D,aAAa,EAAE;QACb5D,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDmI,qBAAqB,EAAE;QACrB7D,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDoI,mCAAmC,EAAE;QACnC9D,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT;IACF,CAAC;IACDqI,sBAAsB,EAAE;MACtBC,MAAM,EAAE;QACNhE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDuI,UAAU,EAAE;QACVjE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDwI,UAAU,EAAE;QACVlE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACDyI,4BAA4B,EAAE;QAC5BnE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD0I,aAAa,EAAE;QACbpE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD2I,oBAAoB,EAAE;QACpBrE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD4I,MAAM,EAAE;QACNtE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE,CAAC,QAAQ;MAClB,CAAC;MACD6I,mBAAmB,EAAE;QACnBvE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD8I,eAAe,EAAE;QACfxE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT,CAAC;MACD+I,yBAAyB,EAAE;QACzBzE,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT;IACF,CAAC;IACDgJ,mBAAmB,EAAE;MACnBC,qBAAqB,EAAE;QACrB3E,SAAS,EAAE,KAAK;QAChBtE,KAAK,EAAE;MACT;IACF;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;EACF,CAAC;;EACD,IAAMkJ,wBAAwB,GAAG;IAC/BC,IAAI,EAAE;MACJC,MAAM,EAAE,6CAA6C;MACrDC,eAAe,EAAE,OAAO;MACxBC,UAAU,EAAE,+BAA+B;MAC3CC,UAAU,EAAE,0BAA0B;MACtCC,UAAU,EAAE,OAAO;MACnBC,iBAAiB,EAAE;IACrB,CAAC;IACDC,MAAM,EAAE;MACN,sCAAsC,EAAE;QACtCC,GAAG,EAAE,sCAAsC;QAC3CjE,IAAI,EAAE,0BAA0B;QAChCkE,WAAW,EAAE,4CAA4C;QACzDF,MAAM,EAAE,CACN,IAAI,EACJ,0DAA0D,EAC1D,IAAI,EACJ,8EAA8E,EAC9E,wEAAwE,EACxE,2DAA2D,EAC3D,KAAK,EACL,EAAE,EACF,IAAI,EACJ,6FAA6F,EAC7F,uCAAuC,EACvC,kDAAkD,EAClD,qDAAqD,EACrD,qEAAqE,EACrE,IAAI,EACJ,4DAA4D,EAC5D,4CAA4C,EAC5C,gFAAgF,EAChF,IAAI,EACJ,6DAA6D,EAC7D,8BAA8B,EAC9B,mDAAmD,EACnD,sCAAsC,EACtC,6DAA6D,EAC7D,uCAAuC,EACvC,uEAAuE,EACvE,oDAAoD,EACpD,wHAAwH,EACxH,qHAAqH,EACrH,oHAAoH,EACpH,mHAAmH,EACnH,+CAA+C,EAC/C,iEAAiE,EACjE,uGAAuG,EACvG,iHAAiH,EACjH,sCAAsC,EACtC,oEAAoE,EACpE,4IAA4I,EAC5I,8CAA8C,EAC9C,8EAA8E,EAC9E,sDAAsD,EACtD,uEAAuE,EACvE,wFAAwF,EACxF,wFAAwF,EACxF,0HAA0H,EAC1H,kHAAkH,EAClH,6CAA6C,EAC7C,2HAA2H,EAC3H,2EAA2E,EAC3E,iIAAiI,EACjI,iGAAiG,EACjG,kFAAkF,EAClF,wFAAwF,EACxF,mGAAmG,EACnG,kHAAkH,EAClH,mHAAmH,EACnH,kIAAkI,EAClI,+BAA+B,EAC/B,mEAAmE,EACnE,4BAA4B,EAC5B,6FAA6F,EAC7F,qCAAqC,EACrC,iEAAiE,EACjE,yEAAyE,EACzE,qIAAqI,EACrI,6EAA6E,EAC7E,kCAAkC,EAClC,2DAA2D,EAC3D,mJAAmJ,EACnJ,iEAAiE,EACjE,4CAA4C,EAC5C,gDAAgD,EAChD,4DAA4D,EAC5D,qGAAqG,EACrG,uGAAuG,EACvG,IAAI,EACJ,qHAAqH,EACrH,uFAAuF,EACvF,sHAAsH,EACtH,kHAAkH,EAClH,sFAAsF,EACtF,yDAAyD,EACzD,IAAI,EACJ,qBAAqB,EACrB,0HAA0H,EAC1H,2GAA2G,EAC3G,mFAAmF,EACnF,0FAA0F,EAC1F,6GAA6G,EAC7G,oGAAoG,EACpG,mGAAmG,EACnG,4GAA4G,EAC5G,mGAAmG,EACnG,sGAAsG,EACtG,mGAAmG,EACnG,IAAI,EACJ,EAAE,EACF,gBAAgB,EAChB,cAAc,EACd,EAAE,EACF,SAAS,EACT,oCAAoC,EACpC,0EAA0E,EAC1E,6DAA6D,EAC7D,SAAS,EACT,6BAA6B,EAC7B,EAAE,EACF,wCAAwC,EACxC,EAAE,EACF,SAAS,EACT,0FAA0F,EAC1F,QAAQ,EACR,0EAA0E,EAC1E,qEAAqE,EACrE,4FAA4F,EAC5F,uFAAuF,EACvF,wGAAwG,EACxG,QAAQ,EACR,iGAAiG,EACjG,QAAQ,EACR,sBAAsB,EACtB,6DAA6D,EAC7D,SAAS,EACT,+BAA+B,EAC/B,oBAAoB,EACpB,qBAAqB,EACrB,4BAA4B,EAC5B,2BAA2B,EAC3B,yBAAyB,EACzB,sBAAsB,EACtB,YAAY,EACZ,2BAA2B,EAC3B,+BAA+B,EAC/B,iCAAiC,EACjC,SAAS,EACT,EAAE,EACF,SAAS,EACT,mCAAmC,EACnC,2CAA2C,EAC3C,kDAAkD,EAClD,yDAAyD,EACzD,wEAAwE,EACxE,QAAQ,EACR,0EAA0E,EAC1E,iEAAiE,EACjE,qFAAqF,EACrF,QAAQ,EACR,iFAAiF,EACjF,mFAAmF,EACnF,8GAA8G,EAC9G,wCAAwC,EACxC,QAAQ,EACR,wDAAwD,EACxD,sCAAsC,EACtC,4DAA4D,EAC5D,QAAQ,EACR,qDAAqD,EACrD,uCAAuC,EACvC,iDAAiD,EACjD,4CAA4C,EAC5C,mDAAmD,EACnD,0GAA0G,EAC1G,QAAQ,EACR,iGAAiG,EACjG,uFAAuF,EACvF,yFAAyF,EACzF,kFAAkF,EAClF,4GAA4G,EAC5G,QAAQ,EACR,sBAAsB,EACtB,+EAA+E,EAC/E,0EAA0E,EAC1E,kGAAkG,EAClG,SAAS,EACT,+BAA+B,EAC/B,YAAY,EACZ,uFAAuF,EACvF,kDAAkD,EAClD,wDAAwD,EACxD,6GAA6G,EAC7G,0FAA0F,EAC1F,EAAE,EACF,mHAAmH,EACnH,6BAA6B,EAC7B,yCAAyC,EACzC,2CAA2C,EAC3C,2CAA2C,EAC3C,6CAA6C,EAC7C,EAAE,EACF,+BAA+B,EAC/B,YAAY,EACZ,YAAY,EACZ,aAAa,EACb,mEAAmE,EACnE,2EAA2E,EAC3E,kFAAkF,EAClF,aAAa,EACb,wDAAwD,EACxD,+DAA+D,EAC/D,qEAAqE,EACrE,2EAA2E,EAC3E,uEAAuE,EACvE,2DAA2D,EAC3D,iDAAiD,EACjD,iBAAiB,EACjB,mEAAmE,EACnE,mEAAmE,EACnE,yFAAyF,EACzF,yFAAyF,EACzF,iBAAiB,EACjB,gEAAgE,EAChE,YAAY,EACZ,4EAA4E,EAC5E,SAAS,EACT,EAAE,EACF,mCAAmC,EACnC,EAAE,EACF,SAAS,EACT,uFAAuF,EACvF,iGAAiG,EACjG,SAAS,EACT,4BAA4B,EAC5B,wBAAwB,EACxB,EAAE,EACF,aAAa,EACb,mDAAmD,EACnD,kIAAkI,EAClI,aAAa,EACb,oCAAoC,EACpC,2EAA2E,EAC3E,uDAAuD,EACvD,gDAAgD,EAChD,EAAE,EACF,sCAAsC,EACtC,iCAAiC,EACjC,YAAY,EACZ,EAAE,EACF,iCAAiC,EACjC,EAAE,EACF,aAAa,EACb,iEAAiE,EACjE,oEAAoE,EACpE,oEAAoE,EACpE,aAAa,EACb,6BAA6B,EAC7B,EAAE,EACF,aAAa,EACb,iEAAiE,EACjE,0DAA0D,EAC1D,kEAAkE,EAClE,aAAa,EACb,6BAA6B,EAC7B,EAAE,EACF,aAAa,EACb,uHAAuH,EACvH,0FAA0F,EAC1F,gHAAgH,EAChH,4FAA4F,EAC5F,wGAAwG,EACxG,2HAA2H,EAC3H,uHAAuH,EACvH,2HAA2H,EAC3H,uHAAuH,EACvH,iCAAiC,EACjC,aAAa,EACb,8CAA8C,EAC9C,sCAAsC,EACtC,WAAW,EACX,EAAE,EACF,aAAa,EACb,yFAAyF,EACzF,kEAAkE,EAClE,0FAA0F,EAC1F,yDAAyD,EACzD,+FAA+F,EAC/F,aAAa,EACb,8CAA8C,EAC9C,sCAAsC,EACtC,WAAW,EACX,EAAE,EACF,4BAA4B,EAC5B,EAAE,EACF,aAAa,EACb,qEAAqE,EACrE,uBAAuB,EACvB,yBAAyB,EACzB,aAAa,EACb,EAAE,EACF,aAAa,EACb,wEAAwE,EACxE,gFAAgF,EAChF,+EAA+E,EAC/E,sFAAsF,EACtF,aAAa,EACb,gEAAgE,EAChE,iBAAiB,EACjB,sEAAsE,EACtE,8EAA8E,EAC9E,uGAAuG,EACvG,4EAA4E,EAC5E,iEAAiE,EACjE,4GAA4G,EAC5G,mIAAmI,EACnI,oDAAoD,EACpD,iBAAiB,EACjB,4CAA4C,EAC5C,uCAAuC,EACvC,EAAE,EACF,iCAAiC,EACjC,2GAA2G,EAC3G,EAAE,EACF,4EAA4E,EAC5E,kIAAkI,EAClI,sDAAsD,EACtD,2BAA2B,EAC3B,uBAAuB,EACvB,mBAAmB,EACnB,eAAe,EACf,EAAE,EACF,kCAAkC,EAClC,WAAW,EACX,EAAE,EACF,aAAa,EACb,2GAA2G,EAC3G,oFAAoF,EACpF,oFAAoF,EACpF,sFAAsF,EACtF,8EAA8E,EAC9E,aAAa,EACb,2DAA2D,EAC3D,iBAAiB,EACjB,2FAA2F,EAC3F,yEAAyE,EACzE,iGAAiG,EACjG,wGAAwG,EACxG,iEAAiE,EACjE,4GAA4G,EAC5G,mIAAmI,EACnI,kHAAkH,EAClH,iBAAiB,EACjB,mDAAmD,EACnD,uDAAuD,EACvD,oCAAoC,EACpC,EAAE,EACF,sDAAsD,EACtD,iEAAiE,EACjE,EAAE,EACF,iEAAiE,EACjE,EAAE,EACF,2CAA2C,EAC3C,mBAAmB,EACnB,eAAe,EACf,EAAE,EACF,yCAAyC,EACzC,WAAW,EACX,EAAE,EACF,aAAa,EACb,6GAA6G,EAC7G,oFAAoF,EACpF,oFAAoF,EACpF,sFAAsF,EACtF,6DAA6D,EAC7D,aAAa,EACb,6DAA6D,EAC7D,iBAAiB,EACjB,0DAA0D,EAC1D,wGAAwG,EACxG,sGAAsG,EACtG,gBAAgB,EAChB,kDAAkD,EAClD,qHAAqH,EACrH,8IAA8I,EAC9I,2IAA2I,EAC3I,sFAAsF,EACtF,gBAAgB,EAChB,iEAAiE,EACjE,4GAA4G,EAC5G,mIAAmI,EACnI,6BAA6B,EAC7B,uFAAuF,EACvF,iBAAiB,EACjB,qDAAqD,EACrD,uDAAuD,EACvD,EAAE,EACF,8EAA8E,EAC9E,kIAAkI,EAClI,mBAAmB,EACnB,EAAE,EACF,oCAAoC,EACpC,eAAe,EACf,EAAE,EACF,2CAA2C,EAC3C,WAAW,EACX,EAAE,EACF,aAAa,EACb,qDAAqD,EACrD,qFAAqF,EACrF,6DAA6D,EAC7D,wGAAwG,EACxG,+HAA+H,EAC/H,oEAAoE,EACpE,aAAa,EACb,4CAA4C,EAC5C,mDAAmD,EACnD,wDAAwD,EACxD,eAAe,EACf,WAAW,EACX,EAAE,EACF,sBAAsB,EACtB,EAAE,EACF,aAAa,EACb,4CAA4C,EAC5C,mEAAmE,EACnE,kEAAkE,EAClE,0CAA0C,EAC1C,YAAY,EACZ,6DAA6D,EAC7D,wGAAwG,EACxG,+HAA+H,EAC/H,gGAAgG,EAChG,0DAA0D,EAC1D,aAAa,EACb,sDAAsD,EACtD,sCAAsC,EACtC,yCAAyC,EACzC,8CAA8C,EAC9C,0BAA0B,EAC1B,iCAAiC,EACjC,mBAAmB,EACnB,mDAAmD,EACnD,uGAAuG,EACvG,eAAe,EACf,WAAW,EACX,EAAE,EACF,mDAAmD,EACnD,6EAA6E,EAC7E,+BAA+B,EAC/B,eAAe,EACf,EAAE,EACF,0BAA0B,EAC1B,WAAW,EACX,EAAE,EACF,6BAA6B,EAC7B,EAAE,EACF,aAAa,EACb,sFAAsF,EACtF,gEAAgE,EAChE,uHAAuH,EACvH,0HAA0H,EAC1H,+DAA+D,EAC/D,aAAa,EACb,yCAAyC,EACzC,0FAA0F,EAC1F,WAAW,EACX,EAAE,EACF,aAAa,EACb,+FAA+F,EAC/F,+CAA+C,EAC/C,mFAAmF,EACnF,aAAa,EACb,yCAAyC,EACzC,iBAAiB,EACjB,+DAA+D,EAC/D,oDAAoD,EACpD,iEAAiE,EACjE,wDAAwD,EACxD,+CAA+C,EAC/C,8GAA8G,EAC9G,oJAAoJ,EACpJ,iBAAiB,EACjB,oCAAoC,EACpC,qBAAqB,EACrB,8EAA8E,EAC9E,4FAA4F,EAC5F,uFAAuF,EACvF,mDAAmD,EACnD,2GAA2G,EAC3G,wJAAwJ,EACxJ,qBAAqB,EACrB,mDAAmD,EACnD,0DAA0D,EAC1D,EAAE,EACF,iEAAiE,EACjE,oFAAoF,EACpF,kFAAkF,EAClF,0EAA0E,EAC1E,iCAAiC,EACjC,2BAA2B,EAC3B,yBAAyB,EACzB,EAAE,EACF,oCAAoC,EACpC,mBAAmB,EACnB,EAAE,EACF,sDAAsD,EACtD,EAAE,EACF,wDAAwD,EACxD,8CAA8C,EAC9C,sDAAsD,EACtD,EAAE,EACF,gCAAgC,EAChC,eAAe,EACf,EAAE,EACF,iBAAiB,EACjB,oDAAoD,EACpD,0IAA0I,EAC1I,oCAAoC,EACpC,4FAA4F,EAC5F,gBAAgB,EAChB,iEAAiE,EACjE,4GAA4G,EAC5G,mIAAmI,EACnI,0CAA0C,EAC1C,uFAAuF,EACvF,uEAAuE,EACvE,2HAA2H,EAC3H,+DAA+D,EAC/D,iBAAiB,EACjB,4CAA4C,EAC5C,mCAAmC,EACnC,8BAA8B,EAC9B,EAAE,EACF,uBAAuB,EACvB,wFAAwF,EACxF,EAAE,EACF,iDAAiD,EACjD,+BAA+B,EAC/B,mGAAmG,EACnG,EAAE,EACF,qHAAqH,EACrH,kCAAkC,EAClC,uBAAuB,EACvB,EAAE,EACF,oDAAoD,EACpD,kDAAkD,EAClD,uBAAuB,EACvB,mBAAmB,EACnB,eAAe,EACf,EAAE,EACF,8DAA8D,EAC9D,EAAE,EACF,8DAA8D,EAC9D,uDAAuD,EACvD,EAAE,EACF,sDAAsD,EACtD,sEAAsE,EACtE,0BAA0B,EAC1B,yBAAyB,EACzB,sFAAsF,EACtF,mFAAmF,EACnF,oEAAoE,EACpE,wBAAwB,EACxB,uGAAuG,EACvG,iHAAiH,EACjH,oHAAoH,EACpH,qEAAqE,EACrE,yBAAyB,EACzB,6DAA6D,EAC7D,mBAAmB,EACnB,iBAAiB,EACjB,EAAE,EACF,oCAAoC,EACpC,WAAW,EACX,EAAE,EACF,aAAa,EACb,iFAAiF,EACjF,+CAA+C,EAC/C,aAAa,EACb,0CAA0C,EAC1C,+DAA+D,EAC/D,EAAE,EACF,yDAAyD,EACzD,2DAA2D,EAC3D,EAAE,EACF,8CAA8C,EAC9C,0EAA0E,EAC1E,qDAAqD,EACrD,yBAAyB,EACzB,mBAAmB,EACnB,EAAE,EACF,2CAA2C,EAC3C,8DAA8D,EAC9D,mBAAmB,EACnB,iBAAiB,EACjB,EAAE,EACF,qCAAqC,EACrC,WAAW,EACX,EAAE,EACF,2BAA2B,EAC3B,EAAE,EACF,kBAAkB,EAClB,mDAAmD,EACnD,mDAAmD,EACnD,uEAAuE,EACvE,+DAA+D,EAC/D,mEAAmE,EACnE,kDAAkD,EAClD,YAAY,EACZ,OAAO,EACP,EAAE,EACF,gBAAgB,EAChB,EAAE,EACF,SAAS,EACT,8FAA8F,EAC9F,qDAAqD,EACrD,wDAAwD,EACxD,sHAAsH,EACtH,QAAQ,EACR,4DAA4D,EAC5D,qEAAqE,EACrE,SAAS,EACT,qDAAqD,EACrD,EAAE,EACF,QAAQ,EACR,4CAA4C,EAC5C,2DAA2D,EAC3D,oEAAoE,EACpE,QAAQ,EACR,EAAE,EACF,4BAA4B,EAC5B,OAAO,CACR;QACDjL,OAAO,EAAE,KAAK;QACdoL,QAAQ,EAAE,YAAY;QACtBC,OAAO,EAAE,aAAa;QACtBC,SAAS,EAAE,MAAM;QACjBC,YAAY,EAAE,CAAC;QACfC,cAAc,EAAE,MAAM;QACtBC,gBAAgB,EAAE;MACpB,CAAC;MACD,sCAAsC,EAAE;QACtCP,GAAG,EAAE,sCAAsC;QAC3CjE,IAAI,EAAE,+CAA+C;QACrDkE,WAAW,EACT,iEAAiE;QACnEF,MAAM,EAAE,CACN,IAAI,EACJ,2DAA2D,EAC3D,IAAI,EACJ,8EAA8E,EAC9E,wEAAwE,EACxE,2DAA2D,EAC3D,KAAK,EACL,EAAE,EACF,IAAI,EACJ,mFAAmF,EACnF,4DAA4D,EAC5D,8FAA8F,EAC9F,qFAAqF,EACrF,uGAAuG,EACvG,IAAI,EACJ,uBAAuB,EACvB,mCAAmC,EACnC,kDAAkD,EAClD,qFAAqF,EACrF,8BAA8B,EAC9B,mDAAmD,EACnD,8CAA8C,EAC9C,8EAA8E,EAC9E,sDAAsD,EACtD,uEAAuE,EACvE,wFAAwF,EACxF,wFAAwF,EACxF,0HAA0H,EAC1H,kHAAkH,EAClH,6CAA6C,EAC7C,2HAA2H,EAC3H,2EAA2E,EAC3E,iIAAiI,EACjI,iGAAiG,EACjG,kFAAkF,EAClF,wFAAwF,EACxF,mGAAmG,EACnG,kHAAkH,EAClH,mHAAmH,EACnH,kIAAkI,EAClI,+BAA+B,EAC/B,mEAAmE,EACnE,4BAA4B,EAC5B,6FAA6F,EAC7F,qCAAqC,EACrC,iEAAiE,EACjE,yEAAyE,EACzE,qIAAqI,EACrI,sGAAsG,EACtG,kCAAkC,EAClC,2DAA2D,EAC3D,mJAAmJ,EACnJ,IAAI,EACJ,gGAAgG,EAChG,IAAI,EACJ,qBAAqB,EACrB,oHAAoH,EACpH,6GAA6G,EAC7G,oGAAoG,EACpG,mGAAmG,EACnG,4GAA4G,EAC5G,mGAAmG,EACnG,mGAAmG,EACnG,KAAK,EACL,EAAE,EACF,YAAY,EACZ,gBAAgB,EAChB,gCAAgC,EAChC,8CAA8C,EAC9C,8CAA8C,EAC9C,QAAQ,EACR,EAAE,EACF,iDAAiD,EACjD,6CAA6C,EAC7C,EAAE,EACF,kHAAkH,EAClH,+GAA+G,EAC/G,6DAA6D,EAC7D,EAAE,EACF,WAAW,EACX,6CAA6C,EAC7C,EAAE,EACF,kEAAkE,EAClE,6BAA6B,EAC7B,gCAAgC,EAChC,yCAAyC,EACzC,kCAAkC,EAClC,qCAAqC,EACrC,oCAAoC,EACpC,mBAAmB,EACnB,kBAAkB,EAClB,EAAE,EACF,iEAAiE,EACjE,sFAAsF,EACtF,EAAE,EACF,yDAAyD,EACzD,+DAA+D,EAC/D,EAAE,EACF,0DAA0D,EAC1D,oFAAoF,EACpF,wEAAwE,EACxE,EAAE,EACF,mDAAmD,EACnD,0DAA0D,EAC1D,kBAAkB,EAClB,8JAA8J,EAC9J,WAAW,EACX,mBAAmB,EACnB,uEAAuE,EACvE,EAAE,EACF,iFAAiF,EACjF,2DAA2D,EAC3D,OAAO,EACP,EAAE,EACF,kFAAkF,EAClF,kEAAkE,EAClE,2FAA2F,EAC3F,EAAE,EACF,gEAAgE,EAChE,qFAAqF,EACrF,oBAAoB,EACpB,eAAe,EACf,6EAA6E,EAC7E,uBAAuB,EACvB,8EAA8E,EAC9E,WAAW,EACX,OAAO,EACP,EAAE,EACF,yEAAyE,EACzE,4FAA4F,EAC5F,sCAAsC,EACtC,EAAE,EACF,0DAA0D,EAC1D,OAAO,EACP,IAAI,CACL;QACDjL,OAAO,EAAE,KAAK;QACdoL,QAAQ,EAAE,YAAY;QACtBC,OAAO,EAAE,kCAAkC;QAC3CC,SAAS,EAAE,MAAM;QACjBC,YAAY,EAAE,CAAC;QACfC,cAAc,EAAE,MAAM;QACtBC,gBAAgB,EAAE;MACpB;IACF,CAAC;IACDhI,WAAW,EAAE;MACXiI,sBAAsB,EAAE;QACtB1H,0BAA0B,EAAE;UAC1BC,iBAAiB,EAAE,IAAI;UACvBC,uBAAuB,EAAE,UAAU;UACnCC,sBAAsB,EAAE,KAAK;UAC7BC,uBAAuB,EAAE,UAAU;UACnCC,gBAAgB,EAAE,SAAS;UAC3BC,gBAAgB,EAAE,sCAAsC;UACxDC,eAAe,EAAE,cAAc;UAC/BC,iCAAiC,EAAE,UAAU;UAC7CC,kCAAkC,EAChC,wEAAwE;UAC1EC,oBAAoB,EAAE,UAAU;UAChCC,wBAAwB,EAAE,IAAI;UAC9BC,mCAAmC,EAAE,SAAS;UAC9CC,sBAAsB,EAAE,KAAK;UAC7BC,uCAAuC,EAAE,UAAU;UACnDC,sBAAsB,EAAE,SAAS;UACjCC,mBAAmB,EAAE,KAAK;UAC1BC,kBAAkB,EAChB,kEAAkE;UACpEC,uBAAuB,EAAE,KAAK;UAC9BC,kBAAkB,EAChB,kEAAkE;UACpEC,sBAAsB,EAAE,EAAE;UAC1BC,uBAAuB,EAAE,SAAS;UAClCC,mBAAmB,EAAE,SAAS;UAC9BC,qBAAqB,EAAE,KAAK;UAC5BC,6BAA6B,EAAE,sCAAsC;UACrEC,iCAAiC,EAAE,IAAI;UACvCC,mBAAmB,EAAE;QACvB,CAAC;QACDC,0BAA0B,EAAE;UAC1BC,OAAO,EAAE;YACPC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDuE,WAAW,EAAE;YACXD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDwE,SAAS,EAAE;YACTF,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDyE,sBAAsB,EAAE;YACtBH,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD0E,aAAa,EAAE;YACbJ,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,UAAU;UACrC,CAAC;UACD2E,eAAe,EAAE;YACfL,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD4E,gBAAgB,EAAE;YAChBN,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD6E,iBAAiB,EAAE;YACjBP,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE,CACL,4BAA4B,EAC5B,gCAAgC;UAEpC,CAAC;UACD8E,SAAS,EAAE;YACTR,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD+E,eAAe,EAAE;YACfT,SAAS,EAAE;UACb,CAAC;UACDU,MAAM,EAAE;YACNV,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDiF,mBAAmB,EAAE;YACnBX,SAAS,EAAE;UACb,CAAC;UACDY,uBAAuB,EAAE;YACvBZ,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDmF,uBAAuB,EAAE;YACvBb,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDoF,gBAAgB,EAAE;YAChBd,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDqF,gBAAgB,EAAE;YAChBf,SAAS,EAAE;UACb,CAAC;UACDgB,UAAU,EAAE;YACVhB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE,CACL,oBAAoB,EACpB,oBAAoB,EACpB,eAAe;UAEnB,CAAC;UACDuF,qCAAqC,EAAE;YACrCjB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDwF,YAAY,EAAE;YACZlB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDyF,WAAW,EAAE;YACXnB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD0F,IAAI,EAAE;YACJpB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD2F,QAAQ,EAAE;YACRrB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD4F,iBAAiB,EAAE;YACjBtB,SAAS,EAAE;UACb;QACF,CAAC;QACDuB,yBAAyB,EAAE;UACzBC,iCAAiC,EAAE;YACjCxB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD+F,wBAAwB,EAAE;YACxBzB,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDgG,sDAAsD,EAAE;YACtD1B,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDiG,yBAAyB,EAAE;YACzB3B,SAAS,EAAE;UACb,CAAC;UACD4B,qCAAqC,EAAE;YACrC5B,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDmG,kBAAkB,EAAE;YAClB7B,SAAS,EAAE;UACb,CAAC;UACD8B,0BAA0B,EAAE;YAC1B9B,SAAS,EAAE;UACb,CAAC;UACD+B,aAAa,EAAE;YACb/B,SAAS,EAAE;UACb,CAAC;UACDgC,0BAA0B,EAAE;YAC1BhC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDuG,MAAM,EAAE;YACNjC,SAAS,EAAE;UACb,CAAC;UACDkC,uBAAuB,EAAE;YACvBlC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDyG,OAAO,EAAE;YACPnC,SAAS,EAAE;UACb,CAAC;UACDoC,sCAAsC,EAAE;YACtCpC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD2G,qCAAqC,EAAE;YACrCrC,SAAS,EAAE;UACb,CAAC;UACDsC,sBAAsB,EAAE;YACtBtC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD6G,gCAAgC,EAAE;YAChCvC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD8G,iBAAiB,EAAE;YACjBxC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD+G,gCAAgC,EAAE;YAChCzC,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDgH,4CAA4C,EAAE;YAC5C1C,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDiH,yBAAyB,EAAE;YACzB3C,SAAS,EAAE;UACb,CAAC;UACD4C,0BAA0B,EAAE;YAC1B5C,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDmH,4BAA4B,EAAE;YAC5B7C,SAAS,EAAE;UACb,CAAC;UACD8C,wCAAwC,EAAE;YACxC9C,SAAS,EAAE;UACb,CAAC;UACD+C,eAAe,EAAE;YACf/C,SAAS,EAAE;UACb,CAAC;UACDgD,gBAAgB,EAAE;YAChBhD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDuH,4BAA4B,EAAE;YAC5BjD,SAAS,EAAE;UACb,CAAC;UACDkD,wBAAwB,EAAE;YACxBlD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDyH,mCAAmC,EAAE;YACnCnD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD0H,4CAA4C,EAAE;YAC5CpD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT;QACF,CAAC;QACD2H,sBAAsB,EAAE;UACtBC,MAAM,EAAE;YACNtD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD6H,sBAAsB,EAAE;YACtBvD,SAAS,EAAE;UACb,CAAC;UACDwD,gBAAgB,EAAE;YAChBxD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD+H,gBAAgB,EAAE;YAChBzD,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDgI,oBAAoB,EAAE;YACpB1D,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDiI,gBAAgB,EAAE;YAChB3D,SAAS,EAAE;UACb,CAAC;UACD4D,aAAa,EAAE;YACb5D,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDmI,qBAAqB,EAAE;YACrB7D,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDoI,mCAAmC,EAAE;YACnC9D,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT;QACF,CAAC;QACDqI,sBAAsB,EAAE;UACtB+B,YAAY,EAAE,IAAI;UAClB9B,MAAM,EAAE;YACNhE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDuI,UAAU,EAAE;YACVjE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDwI,UAAU,EAAE;YACVlE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACDyI,4BAA4B,EAAE;YAC5BnE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD0I,aAAa,EAAE;YACbpE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD2I,oBAAoB,EAAE;YACpBrE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD4I,MAAM,EAAE;YACNtE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO;UACtC,CAAC;UACD6I,mBAAmB,EAAE;YACnBvE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT,CAAC;UACD8I,eAAe,EAAE;YACfxE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE,CAAC,qCAAqC;UAC/C,CAAC;UACD+I,yBAAyB,EAAE;YACzBzE,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT;QACF,CAAC;QACDgJ,mBAAmB,EAAE;UACnBC,qBAAqB,EAAE;YACrB3E,SAAS,EAAE,KAAK;YAChBtE,KAAK,EAAE;UACT;QACF,CAAC;QACDqK,KAAK,EAAE;UACLV,GAAG,EAAE,cAAc;UACnBjE,IAAI,EAAE,gBAAgB;UACtB4E,UAAU,EAAE;QACd,CAAC;QACDC,SAAS,EAAE;UACTZ,GAAG,EAAE,EAAE;UACPa,IAAI,EAAE,WAAW;UACjBC,kBAAkB,EAAE;YAClBC,sCAAsC,EAAE,CACtC,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDC,iCAAiC,EAAE,EAAE;YACrCC,qCAAqC,EAAE,CACrC,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDC,2CAA2C,EAAE,CAC3C,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDC,uDAAuD,EAAE,CACvD,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDC,2BAA2B,EAAE,KAAK;YAClCC,sBAAsB,EAAE,IAAI;YAC5BC,oDAAoD,EAAE,CACpD,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,qDAAqD,EAAE,CACrD,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,0CAA0C,EAAE,CAC1C,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,qCAAqC,EAAE,KAAK;YAC5CC,WAAW,EAAE,CAAC,CAAC;YACfC,UAAU,EAAE,CAAC,CAAC;YACdC,8BAA8B,EAAE,EAAE;YAClCC,sCAAsC,EAAE,IAAI;YAC5CC,cAAc,EAAE,IAAI;YACpBC,kCAAkC,EAAE,CAClC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,+CAA+C,EAAE,CAC/C,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,8BAA8B,EAAE,CAC9B,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDC,wBAAwB,EAAE,KAAK;YAC/BC,gDAAgD,EAAE,CAChD,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDC,kDAAkD,EAAE,CAClD,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDC,6CAA6C,EAAE,CAC7C,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDC,UAAU,EAAE;UACd,CAAC;UACDC,oBAAoB,EAAE;YACpBC,wBAAwB,EAAE,eAAe;YACzCC,uBAAuB,EAAE,KAAK;YAC9BxJ,sBAAsB,EAAE,KAAK;YAC7ByJ,kCAAkC,EAAE,KAAK;YACzCC,sCAAsC,EAAE,IAAI;YAC5C5D,aAAa,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;YACjE6D,mCAAmC,EAAE,KAAK;YAC1CC,qBAAqB,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;YAC7CrH,uBAAuB,EAAE,CAAC;YAC1BsH,gCAAgC,EAAE,gBAAgB;YAClDC,QAAQ,EAAE,8BAA8B;YACxCC,mBAAmB,EAAE,IAAI;YACzBC,6BAA6B,EAAE,CAAC;YAChCC,uCAAuC,EAAE,KAAK;YAC9CC,+BAA+B,EAAE,KAAK;YACtCC,uBAAuB,EAAE,MAAM;YAC/BC,0CAA0C,EAAE,CAAC;YAC7CC,mBAAmB,EAAE,CACnB,qEAAqE,EACrE,gEAAgE,EAChE,0DAA0D,EAC1D,iEAAiE,CAClE;YACDC,+BAA+B,EAAE,KAAK;YACtCC,qBAAqB,EAAE,CACrB,gHAAgH,EAChH,8HAA8H,CAC/H;YACDC,qBAAqB,EAAE,OAAO;YAC9BC,oBAAoB,EAAE,OAAO;YAC7BC,oBAAoB,EAAE,IAAI;YAC1BC,oBAAoB,EAAE,CACpB,oLAAoL,EACpL,gKAAgK,EAChK,4KAA4K,EAC5K,wKAAwK,CACzK;YACDC,qBAAqB,EAAE,EAAE;YACzBC,qBAAqB,EAAE,EAAE;YACzBC,gBAAgB,EAAE,EAAE;YACpBC,eAAe,EAAE,CACf,0BAA0B,EAC1B,SAAS,EACT,6BAA6B,EAC7B,gCAAgC,EAChC,mCAAmC,EACnC,UAAU,EACV,0BAA0B,CAC3B;YACDC,wBAAwB,EAAE,CAAC,KAAK,CAAC;YACjCtI,UAAU,EAAE,CACV,UAAU,EACV,+CAA+C,EAC/C,eAAe,EACf,UAAU,EACV,oBAAoB,EACpB,8CAA8C,EAC9C,oBAAoB,EACpB,mCAAmC,EACnC,6CAA6C,EAC7C,6CAA6C;UAEjD,CAAC;UACDuI,+BAA+B,EAAE;YAC/BC,8BAA8B,EAAE,6BAA6B;YAC7DC,wBAAwB,EAAE,KAAK;YAC/BC,2CAA2C,EAAE,CAAC,eAAe,CAAC;YAC9DC,kDAAkD,EAAE,KAAK;YACzDC,gCAAgC,EAAE;UACpC,CAAC;UACDC,cAAc,EAAE;YACdtK,sBAAsB,EAAE,EAAE;YAC1BuK,4BAA4B,EAAE,IAAI;YAClCC,iCAAiC,EAAE,CACjC,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDC,eAAe,EAAE,EAAE;YACnBC,iCAAiC,EAAE,CACjC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,oCAAoC,EAAE,CACpC,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDzG,gBAAgB,EAAE;UACpB,CAAC;UACD0G,gBAAgB,EAAE;YAChB9F,oBAAoB,EAAE,MAAM;YAC5B3F,eAAe,EAAE,cAAc;YAC/Bc,uBAAuB,EAAE,SAAS;YAClC+E,mBAAmB,EAAE,IAAI;YACzB6F,qBAAqB,EAAE,KAAK;YAC5BC,YAAY,EAAE,GAAG;YACjBrL,sBAAsB,EAAE,IAAI;YAC5BK,uBAAuB,EAAE,KAAK;YAC9BjB,iBAAiB,EAAE,IAAI;YACvBI,gBAAgB,EAAE,SAAS;YAC3BoB,iCAAiC,EAAE;UACrC,CAAC;UACD0K,OAAO,EAAE;YACPC,oCAAoC,EAAE,CACpC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,wCAAwC,EAAE,CACxC,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDC,oCAAoC,EAAE,CACpC,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe,CAChB;YACDtL,mBAAmB,EAAE,KAAK;YAC1BuL,uCAAuC,EAAE,CACvC,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,gBAAgB,EAChB,cAAc,EACd,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,KAAK,EACL,QAAQ,CACT;YACDhL,qBAAqB,EAAE,IAAI;YAC3BiL,qCAAqC,EAAE,CACrC,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,EACP,OAAO,CACR;YACDC,qCAAqC,EAAE,CACrC,SAAS,EACT,SAAS,EACT,SAAS,EACT,eAAe,EACf,eAAe,EACf,eAAe;UAEnB,CAAC;UACDC,gBAAgB,EAAE;YAChBC,oBAAoB,EAAE,CAAC;YACvBC,kBAAkB,EAAE,GAAG;YACvBC,0BAA0B,EACxB,mDAAmD;YACrDC,kBAAkB,EAAE;UACtB,CAAC;UACDC,aAAa,EAAE;YACb5L,kBAAkB,EAChB,kDAAkD;YACpDO,mBAAmB,EAAE,SAAS;YAC9BsL,wBAAwB,EACtB,kDAAkD;YACpDtM,oBAAoB,EAAE,UAAU;YAChCD,kCAAkC,EAChC,kDAAkD;YACpDK,uCAAuC,EAAE,MAAM;YAC/CmM,sBAAsB,EACpB,qEAAqE;YACvE3L,mBAAmB,EAAE,SAAS;YAC9B4L,eAAe,EAAE,kDAAkD;YACnE9M,uBAAuB,EAAE,MAAM;YAC/BQ,mCAAmC,EAAE,SAAS;YAC9CuM,wBAAwB,EACtB,kDAAkD;YACpD3L,6BAA6B,EAC3B,sCAAsC;YACxCtB,uBAAuB,EAAE,MAAM;YAC/BM,iCAAiC,EAAE,UAAU;YAC7CF,gBAAgB,EAAE,sCAAsC;YACxDW,kBAAkB,EAChB;UACJ,CAAC;UACDmM,UAAU,EAAE;YACVC,0BAA0B,EAAE,CAAC;YAC7BC,8BAA8B,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;YAClDC,qBAAqB,EAAE;UACzB,CAAC;UACD3F,KAAK,EAAE;YACLV,GAAG,EAAE,YAAY;YACjBjE,IAAI,EAAE,iBAAiB;YACvB4E,UAAU,EAAE;UACd;QACF;MACF;IACF;EACF,CAAC;EACD,IAAM2F,OAAO,GAAG;IACd3O,EAAE,EAAE,wBAAwB;IAC5BK,IAAI,EAAE,IAAAK,mBAAS,EAACQ,iBAAiB;EACnC,CAAC;EACD,IAAM0N,OAAO,GAAG;IACd5O,EAAE,EAAE,wBAAwB;IAC5BK,IAAI,EAAE,IAAAK,mBAAS,EAACQ,iBAAiB;EACnC,CAAC;EACD,IAAM2N,OAAO,GAAG;IACd7O,EAAE,EAAE,wBAAwB;IAC5BK,IAAI,EAAE,IAAAK,mBAAS,EAACQ,iBAAiB;EACnC,CAAC;EACD,IAAM4N,OAAO,GAAG;IACd9O,EAAE,EAAE,wBAAwB;IAC5BK,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAM0O,OAAO,GAAG;IACd/O,EAAE,EAAE,wBAAwB;IAC5BK,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAM2O,OAAO,GAAG;IACdhP,EAAE,EAAE,wBAAwB;IAC5BK,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAM4O,OAAO,GAAG;IACdjP,EAAE,EAAE,wBAAwB;IAC5BK,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAM6O,OAAO,GAAG;IACdlP,EAAE,EAAE,wBAAwB;IAC5BK,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAM8O,OAAO,GAAG;IACdnP,EAAE,EAAE,wBAAwB;IAC5BK,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAM+O,QAAQ,GAAG;IACfpP,EAAE,EAAE,yBAAyB;IAC7BK,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAMgP,QAAQ,GAAG;IACfrP,EAAE,EAAE,yBAAyB;IAC7BK,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAMiP,QAAQ,GAAG;IACftP,EAAE,EAAE,yBAAyB;IAC7BK,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAMkP,QAAQ,GAAG;IACfvP,EAAE,EAAE,yBAAyB;IAC7BK,IAAI,EAAE,CAAC;EACT,CAAC;EACD,IAAMmP,OAGL,GAAG;IACFxP,EAAE,EAAE,wBAAwB;IAC5BK,IAAI,EAAEC,+BAA+B,CAACsH,wBAAwB,EAAE,CAC9D,wBAAwB,CACzB;EACH,CAAC;EACD,IAAM6H,OAGL,GAAG;IACFzP,EAAE,EAAE,wBAAwB;IAC5BK,IAAI,EAAEC,+BAA+B,CAACsH,wBAAwB,EAAE,CAC9D,wBAAwB,CACzB;EACH,CAAC;EACD,IAAM8H,WAAW,GAAGpP,+BAA+B,CACjDsH,wBAAwB,EACxB,CAAC,wBAAwB,EAAE,wBAAwB,CACrD,CAAC;EACD,IAAM+H,WAAW,GAAGrP,+BAA+B,CACjDsH,wBAAwB,EACxB,CAAC,wBAAwB,EAAE,wBAAwB,CACrD,CAAC;EACD,IAAMgI,WAAW,GAAGtP,+BAA+B,CACjDsH,wBAAwB,EACxB,CAAC,yBAAyB,EAAE,yBAAyB,CACvD,CAAC;EACD,IAAMiI,WAAW,GAAGvP,+BAA+B,CACjDsH,wBAAwB,EACxB,CAAC,yBAAyB,EAAE,yBAAyB,CACvD,CAAC;EACD;EACAkI,SAAS,eAAA/Q,iBAAA,CAAC,aAAY;IACpB,IAAIgR,OAAO,CAACC,GAAG,CAACC,gBAAgB,KAAK,QAAQ,EAAE;MAC7C,MAAMzQ,iBAAiB,CAACmP,OAAO,CAAC;MAChC,MAAMnP,iBAAiB,CAACoP,OAAO,CAAC;MAChC,MAAMpP,iBAAiB,CAACqP,OAAO,EAAE,KAAK,CAAC;IACzC;EACF,CAAC,EAAC;EACF;EACAqB,QAAQ,eAAAnR,iBAAA,CAAC,aAAY;IACnB,IAAIgR,OAAO,CAACC,GAAG,CAACC,gBAAgB,KAAK,QAAQ,EAAE;MAC7C,MAAMzQ,iBAAiB,CAACmP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMnP,iBAAiB,CAACoP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMpP,iBAAiB,CAACqP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMrP,iBAAiB,CAACsP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMtP,iBAAiB,CAACuP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMvP,iBAAiB,CAACwP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMxP,iBAAiB,CAACyP,OAAO,EAAE,KAAK,CAAC;MACvC,MAAMzP,iBAAiB,CAAC0P,OAAO,EAAE,KAAK,CAAC;MACvC,MAAM1P,iBAAiB,CAAC2P,OAAO,EAAE,KAAK,CAAC;MACvC,MAAM3P,iBAAiB,CAAC4P,QAAQ,EAAE,KAAK,CAAC;MACxC,MAAM5P,iBAAiB,CAAC6P,QAAQ,EAAE,KAAK,CAAC;MACxC,MAAM7P,iBAAiB,CAAC8P,QAAQ,EAAE,KAAK,CAAC;MACxC,MAAM9P,iBAAiB,CAAC+P,QAAQ,EAAE,KAAK,CAAC;IAC1C;EACF,CAAC,EAAC;EAEFtO,QAAQ,CAAC,sBAAsB,EAAE,MAAM;IACrCkP,IAAI,CAAC,0BAA0B,eAAApR,iBAAA,CAAE,aAAY;MAC3CqR,MAAM,CAAC5T,eAAe,CAAC6T,kBAAkB,CAAC,CAACC,WAAW,CAAC,CAAC;IAC1D,CAAC,EAAC;IAEFH,IAAI,4BAAApP,MAAA,CAA4B4N,OAAO,CAAC3O,EAAE,gBAAAjB,iBAAA,CAAI,aAAY;MACxD,IAAMwR,QAAQ,SAAS/T,eAAe,CAAC6T,kBAAkB,CAAC;QACxDtQ,QAAQ,EAAE4O,OAAO,CAAC3O,EAAE;QACpBC,KAAK,EAALA;MACF,CAAC,CAAC;MACFmQ,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC;QAC/B3I,IAAI,EAAEuI,MAAM,CAACK,GAAG,CAAChT,MAAM;MACzB,CAAC,CAAC;IACJ,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFwD,QAAQ,CAAC,uBAAuB,EAAE,MAAM;IACtCkP,IAAI,CAAC,0BAA0B,eAAApR,iBAAA,CAAE,aAAY;MAC3CqR,MAAM,CAAC5T,eAAe,CAACkU,mBAAmB,CAAC,CAACJ,WAAW,CAAC,CAAC;IAC3D,CAAC,EAAC;IAEFH,IAAI,CAAC,8BAA8B,eAAApR,iBAAA,CAAE,aAAY;MAC/C,IAAMwR,QAAQ,SAAS/T,eAAe,CAACkU,mBAAmB,CAAC;QAAEzQ,KAAK,EAALA;MAAM,CAAC,CAAC;MACrEmQ,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC;QAC/B3I,IAAI,EAAEuI,MAAM,CAACK,GAAG,CAAChT,MAAM;MACzB,CAAC,CAAC;IACJ,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFwD,QAAQ,CAAC,oBAAoB,EAAE,MAAM;IACnCkP,IAAI,CAAC,0BAA0B,eAAApR,iBAAA,CAAE,aAAY;MAC3CqR,MAAM,CAAC5T,eAAe,CAACmU,gBAAgB,CAAC,CAACL,WAAW,CAAC,CAAC;IACxD,CAAC,EAAC;IAEFH,IAAI,uCAAApR,iBAAA,CAA0B,aAAY;MACxC,IAAMwR,QAAQ,SAAS/T,eAAe,CAACmU,gBAAgB,CAAC;QAAE1Q,KAAK,EAALA;MAAM,CAAC,CAAC;MAClEmQ,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC,CAAC;IACpC,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFvP,QAAQ,CAAC,mBAAmB,EAAE,MAAM;IAClCkP,IAAI,CAAC,0BAA0B,eAAApR,iBAAA,CAAE,aAAY;MAC3CqR,MAAM,CAAC5T,eAAe,CAACsD,eAAe,CAAC,CAACwQ,WAAW,CAAC,CAAC;IACvD,CAAC,EAAC;IAEFH,IAAI,yBAAApP,MAAA,CAAyB4N,OAAO,CAAC3O,EAAE,gBAAAjB,iBAAA,CAAI,aAAY;MACrD,IAAMwR,QAAQ,SAAS/T,eAAe,CAACsD,eAAe,CAAC;QACrDC,QAAQ,EAAE4O,OAAO,CAAC3O,EAAE;QACpBC,KAAK,EAALA;MACF,CAAC,CAAC;MACFmQ,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC,CAAC;IACpC,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFvP,QAAQ,CAAC,mBAAmB,EAAE,MAAM;IAClCkP,IAAI,CAAC,0BAA0B,eAAApR,iBAAA,CAAE,aAAY;MAC3CqR,MAAM,CAAC5T,eAAe,CAAC2D,eAAe,CAAC,CAACmQ,WAAW,CAAC,CAAC;IACvD,CAAC,EAAC;IAEFH,IAAI,yBAAApP,MAAA,CAAyB8N,OAAO,CAAC7O,EAAE,gBAAAjB,iBAAA,CAAI,aAAY;MACrD,IAAMwR,QAAQ,SAAS/T,eAAe,CAAC2D,eAAe,CAAC;QACrDJ,QAAQ,EAAE8O,OAAO,CAAC7O,EAAE;QACpBI,UAAU,EAAEyO,OAAO,CAACxO,IAAI;QACxBJ,KAAK,EAALA;MACF,CAAC,CAAC;MACFmQ,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC,CAAC;IACpC,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFvP,QAAQ,CAAC,sBAAsB,EAAE,MAAM;IACrCkP,IAAI,CAAC,0BAA0B,eAAApR,iBAAA,CAAE,aAAY;MAC3CqR,MAAM,CAAC5T,eAAe,CAACoU,kBAAkB,CAAC,CAACN,WAAW,CAAC,CAAC;IAC1D,CAAC,EAAC;IAEFH,IAAI,4BAAApP,MAAA,CAA4ByO,OAAO,CAACxP,EAAE,oCAAAjB,iBAAA,CAAoB,aAAY;MACxEqR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;MACpB,IAAMN,QAAQ,SAAS/T,eAAe,CAACoU,kBAAkB,CAAC;QACxD7Q,QAAQ,EAAEyP,OAAO,CAACxP,EAAE;QACpB8Q,UAAU,EAAEtB,OAAO,CAACnP,IAAmD;QACvE0Q,OAAO,EAAE;UAAEC,IAAI,EAAE;QAAK,CAAC;QACvB/Q,KAAK,EAALA;MACF,CAAC,CAAC;MACFmQ,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC,CAAC;IACpC,CAAC,EAAC;IAEFL,IAAI,4BAAApP,MAAA,CAA4B0O,OAAO,CAACzP,EAAE,qCAAAjB,iBAAA,CAAqB,aAAY;MACzEqR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;MACpB,IAAMN,QAAQ,SAAS/T,eAAe,CAACoU,kBAAkB,CAAC;QACxD7Q,QAAQ,EAAE0P,OAAO,CAACzP,EAAE;QACpB8Q,UAAU,EAAErB,OAAO,CAACpP,IAAmD;QACvE0Q,OAAO,EAAE;UAAEC,IAAI,EAAE;QAAM,CAAC;QACxB/Q,KAAK,EAALA;MACF,CAAC,CAAC;MACFmQ,MAAM,CAACG,QAAQ,CAAC,CAACC,eAAe,CAAC,CAAC;IACpC,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFvP,QAAQ,CAAC,2BAA2B,EAAE,MAAM;IAC1CkP,IAAI,CAAC,0BAA0B,eAAApR,iBAAA,CAAE,aAAY;MAC3CqR,MAAM,CAAC5T,eAAe,CAACyU,uBAAuB,CAAC,CAACX,WAAW,CAAC,CAAC;IAC/D,CAAC,EAAC;IAEFH,IAAI,+DAAApR,iBAAA,CAAkD,aAAY;MAChEqR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;MACpB,IAAMK,OAAO,SAAS1U,eAAe,CAACyU,uBAAuB,CAAC;QAC5DH,UAAU,EAAEpB,WAA0D;QACtEqB,OAAO,EAAE;UAAEC,IAAI,EAAE;QAAK,CAAC;QACvB/Q,KAAK,EAALA;MACF,CAAC,CAAC;MACFmQ,MAAM,CAACc,OAAO,CAAC,CAACV,eAAe,CAAC,CAAC;IACnC,CAAC,EAAC;IAEFL,IAAI,gEAAApR,iBAAA,CAAmD,aAAY;MACjEqR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;MACpB,IAAMK,OAAO,SAAS1U,eAAe,CAACyU,uBAAuB,CAAC;QAC5DH,UAAU,EAAEnB,WAA0D;QACtEoB,OAAO,EAAE;UAAEC,IAAI,EAAE;QAAM,CAAC;QACxB/Q,KAAK,EAALA;MACF,CAAC,CAAC;MACFmQ,MAAM,CAACc,OAAO,CAAC,CAACV,eAAe,CAAC,CAAC;IACnC,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFvP,QAAQ,CAAC,uBAAuB,EAAE,MAAM;IACtCkP,IAAI,CAAC,0BAA0B,eAAApR,iBAAA,CAAE,aAAY;MAC3CqR,MAAM,CAAC5T,eAAe,CAAC2U,mBAAmB,CAAC,CAACb,WAAW,CAAC,CAAC;IAC3D,CAAC,EAAC;EACJ,CAAC,CAAC;EAEFH,IAAI,8DAAApR,iBAAA,CAAiD,aAAY;IAC/DqR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;IACpB,IAAMK,OAAO,SAAS1U,eAAe,CAAC2U,mBAAmB,CAAC;MACxDL,UAAU,EAAElB,WAA0D;MACtEmB,OAAO,EAAE;QAAEC,IAAI,EAAE;MAAK,CAAC;MACvB/Q,KAAK,EAALA;IACF,CAAC,CAAC;IACFmQ,MAAM,CAACc,OAAO,CAAC,CAACV,eAAe,CAAC,CAAC;EACnC,CAAC,EAAC;EAEFL,IAAI,+DAAApR,iBAAA,CAAkD,aAAY;IAChEqR,MAAM,CAACS,UAAU,CAAC,CAAC,CAAC;IACpB,IAAMK,OAAO,SAAS1U,eAAe,CAAC2U,mBAAmB,CAAC;MACxDL,UAAU,EAAEjB,WAA0D;MACtEkB,OAAO,EAAE;QAAEC,IAAI,EAAE;MAAM,CAAC;MACxB/Q,KAAK,EAALA;IACF,CAAC,CAAC;IACFmQ,MAAM,CAACc,OAAO,CAAC,CAACV,eAAe,CAAC,CAAC;EACnC,CAAC,EAAC;AACJ,CAAC,CAAC"}