@samanhappy/mcphub 0.10.3 → 0.10.5

package/README.md

@@ -19,7 +19,9 @@ MCPHub makes it easy to manage and scale multiple MCP (Model Context Protocol) s
 - **Hot-Swappable Configuration**: Add, remove, or update MCP servers on the fly — no downtime required.
 - **Group-Based Access Control**: Organize servers into customizable groups for streamlined permissions management.
 - **Secure Authentication**: Built-in user management with role-based access powered by JWT and bcrypt.
-- **OAuth 2.0 Support**: Full OAuth support for upstream MCP servers with proxy authorization capabilities.
+- **OAuth 2.0 Support**: 
+  - Full OAuth support for upstream MCP servers with proxy authorization capabilities
+  - **NEW**: Act as OAuth 2.0 authorization server for external clients (ChatGPT Web, custom apps)
 - **Environment Variable Expansion**: Use environment variables anywhere in your configuration for secure credential management. See [Environment Variables Guide](docs/environment-variables.md).
 - **Docker-Ready**: Deploy instantly with our containerized setup.
 
@@ -98,6 +100,42 @@ Manual registration example:
 
 For manual providers, create the OAuth App in the upstream console, set the redirect URI to `http://localhost:3000/oauth/callback` (or your deployed domain), and then plug the credentials into the dashboard or config file.
 
+#### OAuth Authorization Server (NEW)
+
+MCPHub can now act as an OAuth 2.0 authorization server, allowing external applications to securely access your MCP servers using standard OAuth flows. This is particularly useful for integrating with ChatGPT Web and other services that require OAuth authentication.
+
+**Enable OAuth Server:**
+
+```json
+{
+  "systemConfig": {
+    "oauthServer": {
+      "enabled": true,
+      "accessTokenLifetime": 3600,
+      "refreshTokenLifetime": 1209600,
+      "allowedScopes": ["read", "write"]
+    }
+  },
+  "oauthClients": [
+    {
+      "clientId": "your-client-id",
+      "name": "ChatGPT Web",
+      "redirectUris": ["https://chatgpt.com/oauth/callback"],
+      "grants": ["authorization_code", "refresh_token"],
+      "scopes": ["read", "write"]
+    }
+  ]
+}
+```
+
+**Key Features:**
+- Standard OAuth 2.0 authorization code flow
+- PKCE support for enhanced security
+- Token refresh capabilities
+- Compatible with ChatGPT Web and other OAuth clients
+
+For detailed setup instructions, see the [OAuth Server Documentation](docs/oauth-server.md).
+
 ### Docker Deployment
 
 **Recommended**: Mount your custom config:

package/dist/config/index.js

@@ -3,6 +3,7 @@ import fs from 'fs';
 import { getConfigFilePath } from '../utils/path.js';
 import { getPackageVersion } from '../utils/version.js';
 import { getDataService } from '../services/services.js';
+import { cloneDefaultOAuthServerConfig } from '../constants/oauthServerDefaults.js';
 dotenv.config();
 const defaultConfig = {
     port: process.env.PORT || 3000,
@@ -13,6 +14,19 @@ const defaultConfig = {
     mcpHubVersion: getPackageVersion(),
 };
 const dataService = getDataService();
+const ensureOAuthServerDefaults = (settings) => {
+    if (!settings.systemConfig) {
+        settings.systemConfig = {
+            oauthServer: cloneDefaultOAuthServerConfig(),
+        };
+        return true;
+    }
+    if (!settings.systemConfig.oauthServer) {
+        settings.systemConfig.oauthServer = cloneDefaultOAuthServerConfig();
+        return true;
+    }
+    return false;
+};
 // Settings cache
 let settingsCache = null;
 export const getSettingsPath = () => {
@@ -28,6 +42,7 @@ export const loadOriginalSettings = () => {
     if (!fs.existsSync(settingsPath)) {
         console.warn(`Settings file not found at ${settingsPath}, using default settings.`);
         const defaultSettings = { mcpServers: {}, users: [] };
+        ensureOAuthServerDefaults(defaultSettings);
         // Cache default settings
         settingsCache = defaultSettings;
         return defaultSettings;
@@ -36,6 +51,15 @@ export const loadOriginalSettings = () => {
         // Read and parse settings file
         const settingsData = fs.readFileSync(settingsPath, 'utf8');
         const settings = JSON.parse(settingsData);
+        const initialized = ensureOAuthServerDefaults(settings);
+        if (initialized) {
+            try {
+                fs.writeFileSync(settingsPath, JSON.stringify(settings, null, 2), 'utf8');
+            }
+            catch (writeError) {
+                console.error('Failed to persist default OAuth server configuration:', writeError);
+            }
+        }
         // Update cache
         settingsCache = settings;
         console.log(`Loaded settings from ${settingsPath}`);

package/dist/config/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/config/index.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAGzD,MAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,MAAM,aAAa,GAAG;IACpB,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI;IAC9B,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM;IAC/C,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE;IACrC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,KAAK;IAClD,UAAU,EAAE,QAAQ;IACpB,aAAa,EAAE,iBAAiB,EAAE;CACnC,CAAC;AAEF,MAAM,WAAW,GAAgB,cAAc,EAAE,CAAC;AAElD,iBAAiB;AACjB,IAAI,aAAa,GAAuB,IAAI,CAAC;AAE7C,MAAM,CAAC,MAAM,eAAe,GAAG,GAAW,EAAE;IAC1C,OAAO,iBAAiB,CAAC,mBAAmB,EAAE,UAAU,CAAC,CAAC;AAC5D,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAAgB,EAAE;IACpD,+CAA+C;IAC/C,IAAI,aAAa,EAAE,CAAC;QAClB,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;IACvC,uBAAuB;IACvB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,OAAO,CAAC,IAAI,CAAC,8BAA8B,YAAY,2BAA2B,CAAC,CAAC;QACpF,MAAM,eAAe,GAAG,EAAE,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QACtD,yBAAyB;QACzB,aAAa,GAAG,eAAe,CAAC;QAChC,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,IAAI,CAAC;QACH,+BAA+B;QAC/B,MAAM,YAAY,GAAG,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;QAC3D,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAE1C,eAAe;QACf,aAAa,GAAG,QAAQ,CAAC;QAEzB,OAAO,CAAC,GAAG,CAAC,wBAAwB,YAAY,EAAE,CAAC,CAAC;QACpD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,gCAAgC,YAAY,KAAK,KAAK,EAAE,CAAC,CAAC;IAC5E,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,IAAY,EAAe,EAAE;IACxD,OAAO,WAAW,CAAC,cAAe,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;AACnE,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,QAAqB,EAAE,IAAY,EAAW,EAAE;IAC3E,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;IACvC,IAAI,CAAC;QACH,MAAM,cAAc,GAAG,WAAW,CAAC,aAAc,CAAC,oBAAoB,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC1F,EAAE,CAAC,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QAEhF,qCAAqC;QACrC,aAAa,GAAG,cAAc,CAAC;QAE/B,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,8BAA8B,YAAY,GAAG,EAAE,KAAK,CAAC,CAAC;QACpE,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,GAAS,EAAE;IAC3C,aAAa,GAAG,IAAI,CAAC;AACvB,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAA0B,EAAE;IAC9D,OAAO;QACL,QAAQ,EAAE,aAAa,KAAK,IAAI;KACjC,CAAC;AACJ,CAAC,CAAC;AAKF,MAAM,UAAU,cAAc,CAC5B,KAA0D;IAE1D,6DAA6D;IAC7D,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAChE,MAAM,GAAG,GAAwB,EAAE,CAAC;QACpC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACjD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,GAAG,CAAC,GAAG,CAAC,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;YAClC,CAAC;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACvD,+CAA+C;gBAC/C,GAAG,CAAC,GAAG,CAAC,GAAG,cAAc,CAAC,KAAY,CAAC,CAAC;YAC1C,CAAC;iBAAM,CAAC;gBACN,mEAAmE;gBACnE,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACnB,CAAC;QACH,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,uDAAuD;IACvD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YACxB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC7B,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC;YAC7B,CAAC;iBAAM,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBACrD,OAAO,cAAc,CAAC,IAAW,CAAC,CAAC;YACrC,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC;IAED,sBAAsB;IACtB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC;IAC9B,CAAC;IAED,oCAAoC;IACpC,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QAC1C,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,KAAa,EAAU,EAAE;IACrD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC;IACD,wBAAwB;IACxB,IAAI,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IACjF,yDAAyD;IACzD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,uBAAuB,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IACrF,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,eAAe,aAAa,CAAC;AAE7B,MAAM,UAAU,gBAAgB;IAC9B,MAAM,QAAQ,GAAG,YAAY,EAAE,CAAC;IAChC,OAAO,QAAQ,CAAC,YAAY,EAAE,aAAa,IAAI,GAAG,CAAC;AACrD,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/config/index.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAEzD,OAAO,EAAE,6BAA6B,EAAE,MAAM,qCAAqC,CAAC;AAEpF,MAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,MAAM,aAAa,GAAG;IACpB,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,IAAI;IAC9B,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM;IAC/C,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE;IACrC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,KAAK;IAClD,UAAU,EAAE,QAAQ;IACpB,aAAa,EAAE,iBAAiB,EAAE;CACnC,CAAC;AAEF,MAAM,WAAW,GAAgB,cAAc,EAAE,CAAC;AAElD,MAAM,yBAAyB,GAAG,CAAC,QAAqB,EAAW,EAAE;IACnE,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC;QAC3B,QAAQ,CAAC,YAAY,GAAG;YACtB,WAAW,EAAE,6BAA6B,EAAE;SAC7C,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC;QACvC,QAAQ,CAAC,YAAY,CAAC,WAAW,GAAG,6BAA6B,EAAE,CAAC;QACpE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF,iBAAiB;AACjB,IAAI,aAAa,GAAuB,IAAI,CAAC;AAE7C,MAAM,CAAC,MAAM,eAAe,GAAG,GAAW,EAAE;IAC1C,OAAO,iBAAiB,CAAC,mBAAmB,EAAE,UAAU,CAAC,CAAC;AAC5D,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAAgB,EAAE;IACpD,+CAA+C;IAC/C,IAAI,aAAa,EAAE,CAAC;QAClB,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;IACvC,uBAAuB;IACvB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,OAAO,CAAC,IAAI,CAAC,8BAA8B,YAAY,2BAA2B,CAAC,CAAC;QACpF,MAAM,eAAe,GAAgB,EAAE,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QACnE,yBAAyB,CAAC,eAAe,CAAC,CAAC;QAC3C,yBAAyB;QACzB,aAAa,GAAG,eAAe,CAAC;QAChC,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,IAAI,CAAC;QACH,+BAA+B;QAC/B,MAAM,YAAY,GAAG,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;QAC3D,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAC1C,MAAM,WAAW,GAAG,yBAAyB,CAAC,QAAQ,CAAC,CAAC;QACxD,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,CAAC;gBACH,EAAE,CAAC,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC5E,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,uDAAuD,EAAE,UAAU,CAAC,CAAC;YACrF,CAAC;QACH,CAAC;QAED,eAAe;QACf,aAAa,GAAG,QAAQ,CAAC;QAEzB,OAAO,CAAC,GAAG,CAAC,wBAAwB,YAAY,EAAE,CAAC,CAAC;QACpD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,gCAAgC,YAAY,KAAK,KAAK,EAAE,CAAC,CAAC;IAC5E,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,IAAY,EAAe,EAAE;IACxD,OAAO,WAAW,CAAC,cAAe,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;AACnE,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,QAAqB,EAAE,IAAY,EAAW,EAAE;IAC3E,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;IACvC,IAAI,CAAC;QACH,MAAM,cAAc,GAAG,WAAW,CAAC,aAAc,CAAC,oBAAoB,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC1F,EAAE,CAAC,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QAEhF,qCAAqC;QACrC,aAAa,GAAG,cAAc,CAAC;QAE/B,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,8BAA8B,YAAY,GAAG,EAAE,KAAK,CAAC,CAAC;QACpE,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,GAAS,EAAE;IAC3C,aAAa,GAAG,IAAI,CAAC;AACvB,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,GAA0B,EAAE;IAC9D,OAAO;QACL,QAAQ,EAAE,aAAa,KAAK,IAAI;KACjC,CAAC;AACJ,CAAC,CAAC;AAKF,MAAM,UAAU,cAAc,CAC5B,KAA0D;IAE1D,6DAA6D;IAC7D,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAChE,MAAM,GAAG,GAAwB,EAAE,CAAC;QACpC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACjD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,GAAG,CAAC,GAAG,CAAC,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;YAClC,CAAC;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACvD,+CAA+C;gBAC/C,GAAG,CAAC,GAAG,CAAC,GAAG,cAAc,CAAC,KAAY,CAAC,CAAC;YAC1C,CAAC;iBAAM,CAAC;gBACN,mEAAmE;gBACnE,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACnB,CAAC;QACH,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,uDAAuD;IACvD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;YACxB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC7B,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC;YAC7B,CAAC;iBAAM,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBACrD,OAAO,cAAc,CAAC,IAAW,CAAC,CAAC;YACrC,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC;IAED,sBAAsB;IACtB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC;IAC9B,CAAC;IAED,oCAAoC;IACpC,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QAC1C,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,KAAa,EAAU,EAAE;IACrD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC;IACD,wBAAwB;IACxB,IAAI,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IACjF,yDAAyD;IACzD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,uBAAuB,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IACrF,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,eAAe,aAAa,CAAC;AAE7B,MAAM,UAAU,gBAAgB;IAC9B,MAAM,QAAQ,GAAG,YAAY,EAAE,CAAC;IAChC,OAAO,QAAQ,CAAC,YAAY,EAAE,aAAa,IAAI,GAAG,CAAC;AACrD,CAAC"}

package/dist/constants/oauthServerDefaults.js

@@ -0,0 +1,36 @@
+export const DEFAULT_OAUTH_SERVER_CONFIG = {
+    enabled: true,
+    accessTokenLifetime: 3600,
+    refreshTokenLifetime: 1209600,
+    authorizationCodeLifetime: 300,
+    requireClientSecret: false,
+    allowedScopes: ['read', 'write'],
+    requireState: false,
+    dynamicRegistration: {
+        enabled: true,
+        allowedGrantTypes: ['authorization_code', 'refresh_token'],
+        requiresAuthentication: false,
+    },
+};
+export const cloneDefaultOAuthServerConfig = () => {
+    const allowedScopes = DEFAULT_OAUTH_SERVER_CONFIG.allowedScopes
+        ? [...DEFAULT_OAUTH_SERVER_CONFIG.allowedScopes]
+        : [];
+    const baseDynamicRegistration = DEFAULT_OAUTH_SERVER_CONFIG.dynamicRegistration ?? {
+        enabled: false,
+        allowedGrantTypes: [],
+        requiresAuthentication: false,
+    };
+    const dynamicRegistration = {
+        ...baseDynamicRegistration,
+        allowedGrantTypes: baseDynamicRegistration.allowedGrantTypes
+            ? [...baseDynamicRegistration.allowedGrantTypes]
+            : [],
+    };
+    return {
+        ...DEFAULT_OAUTH_SERVER_CONFIG,
+        allowedScopes,
+        dynamicRegistration,
+    };
+};
+//# sourceMappingURL=oauthServerDefaults.js.map

package/dist/constants/oauthServerDefaults.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauthServerDefaults.js","sourceRoot":"","sources":["../../src/constants/oauthServerDefaults.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,2BAA2B,GAAsB;IAC5D,OAAO,EAAE,IAAI;IACb,mBAAmB,EAAE,IAAI;IACzB,oBAAoB,EAAE,OAAO;IAC7B,yBAAyB,EAAE,GAAG;IAC9B,mBAAmB,EAAE,KAAK;IAC1B,aAAa,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;IAChC,YAAY,EAAE,KAAK;IACnB,mBAAmB,EAAE;QACnB,OAAO,EAAE,IAAI;QACb,iBAAiB,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAC1D,sBAAsB,EAAE,KAAK;KAC9B;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,6BAA6B,GAAG,GAAsB,EAAE;IACnE,MAAM,aAAa,GAAG,2BAA2B,CAAC,aAAa;QAC7D,CAAC,CAAC,CAAC,GAAG,2BAA2B,CAAC,aAAa,CAAC;QAChD,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,uBAAuB,GAC3B,2BAA2B,CAAC,mBAAmB,IAAI;QACjD,OAAO,EAAE,KAAK;QACd,iBAAiB,EAAE,EAAE;QACrB,sBAAsB,EAAE,KAAK;KAC9B,CAAC;IAEJ,MAAM,mBAAmB,GAAG;QAC1B,GAAG,uBAAuB;QAC1B,iBAAiB,EAAE,uBAAuB,CAAC,iBAAiB;YAC1D,CAAC,CAAC,CAAC,GAAG,uBAAuB,CAAC,iBAAiB,CAAC;YAChD,CAAC,CAAC,EAAE;KACP,CAAC;IAEF,OAAO;QACL,GAAG,2BAA2B;QAC9B,aAAa;QACb,mBAAmB;KACpB,CAAC;AACJ,CAAC,CAAC"}

package/dist/controllers/oauthClientController.js

@@ -0,0 +1,252 @@
+import { validationResult } from 'express-validator';
+import crypto from 'crypto';
+import { getOAuthClients, findOAuthClientById, createOAuthClient, updateOAuthClient, deleteOAuthClient, } from '../models/OAuth.js';
+/**
+ * GET /api/oauth/clients
+ * Get all OAuth clients
+ */
+export const getAllClients = (req, res) => {
+    try {
+        const clients = getOAuthClients();
+        // Don't expose client secrets in the list
+        const sanitizedClients = clients.map((client) => ({
+            clientId: client.clientId,
+            name: client.name,
+            redirectUris: client.redirectUris,
+            grants: client.grants,
+            scopes: client.scopes,
+            owner: client.owner,
+        }));
+        res.json({
+            success: true,
+            clients: sanitizedClients,
+        });
+    }
+    catch (error) {
+        console.error('Get OAuth clients error:', error);
+        res.status(500).json({
+            success: false,
+            message: 'Failed to retrieve OAuth clients',
+        });
+    }
+};
+/**
+ * GET /api/oauth/clients/:clientId
+ * Get a specific OAuth client
+ */
+export const getClient = (req, res) => {
+    try {
+        const { clientId } = req.params;
+        const client = findOAuthClientById(clientId);
+        if (!client) {
+            res.status(404).json({
+                success: false,
+                message: 'OAuth client not found',
+            });
+            return;
+        }
+        // Don't expose client secret
+        const sanitizedClient = {
+            clientId: client.clientId,
+            name: client.name,
+            redirectUris: client.redirectUris,
+            grants: client.grants,
+            scopes: client.scopes,
+            owner: client.owner,
+        };
+        res.json({
+            success: true,
+            client: sanitizedClient,
+        });
+    }
+    catch (error) {
+        console.error('Get OAuth client error:', error);
+        res.status(500).json({
+            success: false,
+            message: 'Failed to retrieve OAuth client',
+        });
+    }
+};
+/**
+ * POST /api/oauth/clients
+ * Create a new OAuth client
+ */
+export const createClient = (req, res) => {
+    try {
+        // Validate request
+        const errors = validationResult(req);
+        if (!errors.isEmpty()) {
+            res.status(400).json({
+                success: false,
+                message: 'Validation failed',
+                errors: errors.array(),
+            });
+            return;
+        }
+        const { name, redirectUris, grants, scopes, requireSecret } = req.body;
+        const user = req.user;
+        // Generate client ID
+        const clientId = crypto.randomBytes(16).toString('hex');
+        // Generate client secret if required
+        const clientSecret = requireSecret !== false ? crypto.randomBytes(32).toString('hex') : undefined;
+        // Create client
+        const client = {
+            clientId,
+            clientSecret,
+            name,
+            redirectUris: Array.isArray(redirectUris) ? redirectUris : [redirectUris],
+            grants: grants || ['authorization_code', 'refresh_token'],
+            scopes: scopes || ['read', 'write'],
+            owner: user?.username || 'admin',
+        };
+        const createdClient = createOAuthClient(client);
+        // Return client with secret (only shown once)
+        res.status(201).json({
+            success: true,
+            message: 'OAuth client created successfully',
+            client: {
+                clientId: createdClient.clientId,
+                clientSecret: createdClient.clientSecret,
+                name: createdClient.name,
+                redirectUris: createdClient.redirectUris,
+                grants: createdClient.grants,
+                scopes: createdClient.scopes,
+                owner: createdClient.owner,
+            },
+            warning: clientSecret
+                ? 'Client secret is only shown once. Please save it securely.'
+                : undefined,
+        });
+    }
+    catch (error) {
+        console.error('Create OAuth client error:', error);
+        if (error instanceof Error && error.message.includes('already exists')) {
+            res.status(409).json({
+                success: false,
+                message: error.message,
+            });
+        }
+        else {
+            res.status(500).json({
+                success: false,
+                message: 'Failed to create OAuth client',
+            });
+        }
+    }
+};
+/**
+ * PUT /api/oauth/clients/:clientId
+ * Update an OAuth client
+ */
+export const updateClient = (req, res) => {
+    try {
+        const { clientId } = req.params;
+        const { name, redirectUris, grants, scopes } = req.body;
+        const updates = {};
+        if (name)
+            updates.name = name;
+        if (redirectUris)
+            updates.redirectUris = Array.isArray(redirectUris) ? redirectUris : [redirectUris];
+        if (grants)
+            updates.grants = grants;
+        if (scopes)
+            updates.scopes = scopes;
+        const updatedClient = updateOAuthClient(clientId, updates);
+        if (!updatedClient) {
+            res.status(404).json({
+                success: false,
+                message: 'OAuth client not found',
+            });
+            return;
+        }
+        // Don't expose client secret
+        res.json({
+            success: true,
+            message: 'OAuth client updated successfully',
+            client: {
+                clientId: updatedClient.clientId,
+                name: updatedClient.name,
+                redirectUris: updatedClient.redirectUris,
+                grants: updatedClient.grants,
+                scopes: updatedClient.scopes,
+                owner: updatedClient.owner,
+            },
+        });
+    }
+    catch (error) {
+        console.error('Update OAuth client error:', error);
+        res.status(500).json({
+            success: false,
+            message: 'Failed to update OAuth client',
+        });
+    }
+};
+/**
+ * DELETE /api/oauth/clients/:clientId
+ * Delete an OAuth client
+ */
+export const deleteClient = (req, res) => {
+    try {
+        const { clientId } = req.params;
+        const deleted = deleteOAuthClient(clientId);
+        if (!deleted) {
+            res.status(404).json({
+                success: false,
+                message: 'OAuth client not found',
+            });
+            return;
+        }
+        res.json({
+            success: true,
+            message: 'OAuth client deleted successfully',
+        });
+    }
+    catch (error) {
+        console.error('Delete OAuth client error:', error);
+        res.status(500).json({
+            success: false,
+            message: 'Failed to delete OAuth client',
+        });
+    }
+};
+/**
+ * POST /api/oauth/clients/:clientId/regenerate-secret
+ * Regenerate client secret
+ */
+export const regenerateSecret = (req, res) => {
+    try {
+        const { clientId } = req.params;
+        const client = findOAuthClientById(clientId);
+        if (!client) {
+            res.status(404).json({
+                success: false,
+                message: 'OAuth client not found',
+            });
+            return;
+        }
+        // Generate new secret
+        const newSecret = crypto.randomBytes(32).toString('hex');
+        const updatedClient = updateOAuthClient(clientId, { clientSecret: newSecret });
+        if (!updatedClient) {
+            res.status(500).json({
+                success: false,
+                message: 'Failed to regenerate client secret',
+            });
+            return;
+        }
+        res.json({
+            success: true,
+            message: 'Client secret regenerated successfully',
+            clientSecret: newSecret,
+            warning: 'Client secret is only shown once. Please save it securely.',
+        });
+    }
+    catch (error) {
+        console.error('Regenerate secret error:', error);
+        res.status(500).json({
+            success: false,
+            message: 'Failed to regenerate client secret',
+        });
+    }
+};
+//# sourceMappingURL=oauthClientController.js.map

package/dist/controllers/oauthClientController.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauthClientController.js","sourceRoot":"","sources":["../../src/controllers/oauthClientController.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EACL,eAAe,EACf,mBAAmB,EACnB,iBAAiB,EACjB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,oBAAoB,CAAC;AAG5B;;;GAGG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,GAAY,EAAE,GAAa,EAAQ,EAAE;IACjE,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,eAAe,EAAE,CAAC;QAElC,0CAA0C;QAC1C,MAAM,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YAChD,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,KAAK,EAAE,MAAM,CAAC,KAAK;SACpB,CAAC,CAAC,CAAC;QAEJ,GAAG,CAAC,IAAI,CAAC;YACP,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,gBAAgB;SAC1B,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;QACjD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,kCAAkC;SAC5C,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,GAAY,EAAE,GAAa,EAAQ,EAAE;IAC7D,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;QAChC,MAAM,MAAM,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;QAE7C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,wBAAwB;aAClC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,6BAA6B;QAC7B,MAAM,eAAe,GAAG;YACtB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,KAAK,EAAE,MAAM,CAAC,KAAK;SACpB,CAAC;QAEF,GAAG,CAAC,IAAI,CAAC;YACP,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,eAAe;SACxB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;QAChD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,iCAAiC;SAC3C,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,GAAY,EAAE,GAAa,EAAQ,EAAE;IAChE,IAAI,CAAC;QACH,mBAAmB;QACnB,MAAM,MAAM,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,CAAC;YACtB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,mBAAmB;gBAC5B,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE;aACvB,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QACvE,MAAM,IAAI,GAAI,GAAW,CAAC,IAAI,CAAC;QAE/B,qBAAqB;QACrB,MAAM,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAExD,qCAAqC;QACrC,MAAM,YAAY,GAAG,aAAa,KAAK,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAElG,gBAAgB;QAChB,MAAM,MAAM,GAAiB;YAC3B,QAAQ;YACR,YAAY;YACZ,IAAI;YACJ,YAAY,EAAE,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC;YACzE,MAAM,EAAE,MAAM,IAAI,CAAC,oBAAoB,EAAE,eAAe,CAAC;YACzD,MAAM,EAAE,MAAM,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC;YACnC,KAAK,EAAE,IAAI,EAAE,QAAQ,IAAI,OAAO;SACjC,CAAC;QAEF,MAAM,aAAa,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAEhD,8CAA8C;QAC9C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,mCAAmC;YAC5C,MAAM,EAAE;gBACN,QAAQ,EAAE,aAAa,CAAC,QAAQ;gBAChC,YAAY,EAAE,aAAa,CAAC,YAAY;gBACxC,IAAI,EAAE,aAAa,CAAC,IAAI;gBACxB,YAAY,EAAE,aAAa,CAAC,YAAY;gBACxC,MAAM,EAAE,aAAa,CAAC,MAAM;gBAC5B,MAAM,EAAE,aAAa,CAAC,MAAM;gBAC5B,KAAK,EAAE,aAAa,CAAC,KAAK;aAC3B;YACD,OAAO,EAAE,YAAY;gBACnB,CAAC,CAAC,4DAA4D;gBAC9D,CAAC,CAAC,SAAS;SACd,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;QAEnD,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACvE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,KAAK,CAAC,OAAO;aACvB,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,+BAA+B;aACzC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,GAAY,EAAE,GAAa,EAAQ,EAAE;IAChE,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;QAChC,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;QAExD,MAAM,OAAO,GAA0B,EAAE,CAAC;QAC1C,IAAI,IAAI;YAAE,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;QAC9B,IAAI,YAAY;YAAE,OAAO,CAAC,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;QACrG,IAAI,MAAM;YAAE,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC;QACpC,IAAI,MAAM;YAAE,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC;QAEpC,MAAM,aAAa,GAAG,iBAAiB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAE3D,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,wBAAwB;aAClC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,6BAA6B;QAC7B,GAAG,CAAC,IAAI,CAAC;YACP,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,mCAAmC;YAC5C,MAAM,EAAE;gBACN,QAAQ,EAAE,aAAa,CAAC,QAAQ;gBAChC,IAAI,EAAE,aAAa,CAAC,IAAI;gBACxB,YAAY,EAAE,aAAa,CAAC,YAAY;gBACxC,MAAM,EAAE,aAAa,CAAC,MAAM;gBAC5B,MAAM,EAAE,aAAa,CAAC,MAAM;gBAC5B,KAAK,EAAE,aAAa,CAAC,KAAK;aAC3B;SACF,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;QACnD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,+BAA+B;SACzC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,GAAY,EAAE,GAAa,EAAQ,EAAE;IAChE,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;QAChC,MAAM,OAAO,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAE5C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,wBAAwB;aAClC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,GAAG,CAAC,IAAI,CAAC;YACP,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,mCAAmC;SAC7C,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;QACnD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,+BAA+B;SACzC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,GAAY,EAAE,GAAa,EAAQ,EAAE;IACpE,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC;QAChC,MAAM,MAAM,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;QAE7C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,wBAAwB;aAClC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,sBAAsB;QACtB,MAAM,SAAS,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,iBAAiB,CAAC,QAAQ,EAAE,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC,CAAC;QAE/E,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,oCAAoC;aAC9C,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,GAAG,CAAC,IAAI,CAAC;YACP,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,wCAAwC;YACjD,YAAY,EAAE,SAAS;YACvB,OAAO,EAAE,4DAA4D;SACtE,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;QACjD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,oCAAoC;SAC9C,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC"}