@scalekit-sdk/node 2.1.7 → 2.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (82) hide show
  1. package/buf.gen.yaml +1 -0
  2. package/lib/auth.d.ts +41 -9
  3. package/lib/auth.js +44 -12
  4. package/lib/auth.js.map +1 -1
  5. package/lib/connection.d.ts +195 -21
  6. package/lib/connection.js +197 -23
  7. package/lib/connection.js.map +1 -1
  8. package/lib/core.d.ts +2 -2
  9. package/lib/core.js +13 -12
  10. package/lib/core.js.map +1 -1
  11. package/lib/directory.d.ts +293 -40
  12. package/lib/directory.js +308 -44
  13. package/lib/directory.js.map +1 -1
  14. package/lib/domain.d.ts +166 -18
  15. package/lib/domain.js +178 -29
  16. package/lib/domain.js.map +1 -1
  17. package/lib/organization.d.ts +404 -44
  18. package/lib/organization.js +419 -54
  19. package/lib/organization.js.map +1 -1
  20. package/lib/permission.d.ts +179 -35
  21. package/lib/permission.js +190 -38
  22. package/lib/permission.js.map +1 -1
  23. package/lib/pkg/grpc/scalekit/v1/auth/auth_connect.d.ts +3 -3
  24. package/lib/pkg/grpc/scalekit/v1/auth/auth_connect.js +2 -2
  25. package/lib/pkg/grpc/scalekit/v1/auth/auth_connect.js.map +1 -1
  26. package/lib/pkg/grpc/scalekit/v1/auth/auth_pb.d.ts +16 -16
  27. package/lib/pkg/grpc/scalekit/v1/auth/auth_pb.js +21 -21
  28. package/lib/pkg/grpc/scalekit/v1/auth/auth_pb.js.map +1 -1
  29. package/lib/pkg/grpc/scalekit/v1/auth/webauthn_connect.d.ts +82 -0
  30. package/lib/pkg/grpc/scalekit/v1/auth/webauthn_connect.js +90 -0
  31. package/lib/pkg/grpc/scalekit/v1/auth/webauthn_connect.js.map +1 -0
  32. package/lib/pkg/grpc/scalekit/v1/auth/webauthn_pb.d.ts +647 -0
  33. package/lib/pkg/grpc/scalekit/v1/auth/webauthn_pb.js +993 -0
  34. package/lib/pkg/grpc/scalekit/v1/auth/webauthn_pb.js.map +1 -0
  35. package/lib/pkg/grpc/scalekit/v1/commons/commons_pb.d.ts +142 -0
  36. package/lib/pkg/grpc/scalekit/v1/commons/commons_pb.js +165 -1
  37. package/lib/pkg/grpc/scalekit/v1/commons/commons_pb.js.map +1 -1
  38. package/lib/pkg/grpc/scalekit/v1/connections/connections_connect.d.ts +1 -10
  39. package/lib/pkg/grpc/scalekit/v1/connections/connections_connect.js +0 -9
  40. package/lib/pkg/grpc/scalekit/v1/connections/connections_connect.js.map +1 -1
  41. package/lib/pkg/grpc/scalekit/v1/connections/connections_pb.d.ts +28 -63
  42. package/lib/pkg/grpc/scalekit/v1/connections/connections_pb.js +9 -90
  43. package/lib/pkg/grpc/scalekit/v1/connections/connections_pb.js.map +1 -1
  44. package/lib/pkg/grpc/scalekit/v1/users/users_pb.d.ts +2 -2
  45. package/lib/pkg/grpc/scalekit/v1/users/users_pb.js +1 -1
  46. package/lib/pkg/grpc/scalekit/v1/users/users_pb.js.map +1 -1
  47. package/lib/role.d.ts +252 -56
  48. package/lib/role.js +262 -62
  49. package/lib/role.js.map +1 -1
  50. package/lib/scalekit.d.ts +323 -54
  51. package/lib/scalekit.js +354 -76
  52. package/lib/scalekit.js.map +1 -1
  53. package/lib/session.d.ts +235 -22
  54. package/lib/session.js +237 -24
  55. package/lib/session.js.map +1 -1
  56. package/lib/user.d.ts +571 -53
  57. package/lib/user.js +598 -89
  58. package/lib/user.js.map +1 -1
  59. package/lib/webauthn.d.ts +33 -0
  60. package/lib/webauthn.js +80 -0
  61. package/lib/webauthn.js.map +1 -0
  62. package/package.json +2 -2
  63. package/src/auth.ts +53 -19
  64. package/src/connection.ts +237 -62
  65. package/src/core.ts +39 -33
  66. package/src/directory.ts +356 -98
  67. package/src/domain.ts +215 -68
  68. package/src/organization.ts +490 -112
  69. package/src/permission.ts +234 -88
  70. package/src/pkg/grpc/scalekit/v1/auth/auth_connect.ts +3 -3
  71. package/src/pkg/grpc/scalekit/v1/auth/auth_pb.ts +24 -24
  72. package/src/pkg/grpc/scalekit/v1/auth/webauthn_connect.ts +89 -0
  73. package/src/pkg/grpc/scalekit/v1/auth/webauthn_pb.ts +1263 -0
  74. package/src/pkg/grpc/scalekit/v1/commons/commons_pb.ts +217 -0
  75. package/src/pkg/grpc/scalekit/v1/connections/connections_connect.ts +1 -10
  76. package/src/pkg/grpc/scalekit/v1/connections/connections_pb.ts +42 -129
  77. package/src/pkg/grpc/scalekit/v1/users/users_pb.ts +3 -3
  78. package/src/role.ts +336 -136
  79. package/src/scalekit.ts +478 -149
  80. package/src/session.ts +266 -63
  81. package/src/user.ts +675 -168
  82. package/src/webauthn.ts +98 -0
package/lib/scalekit.js CHANGED
@@ -51,6 +51,7 @@ const user_2 = __importDefault(require("./user"));
51
51
  const session_1 = __importDefault(require("./session"));
52
52
  const role_1 = __importDefault(require("./role"));
53
53
  const permission_1 = __importDefault(require("./permission"));
54
+ const webauthn_1 = __importDefault(require("./webauthn"));
54
55
  const scalekit_1 = require("./types/scalekit");
55
56
  const base_exception_1 = require("./errors/base-exception");
56
57
  const authorizeEndpoint = "oauth/authorize";
@@ -58,14 +59,35 @@ const logoutEndpoint = "oidc/logout";
58
59
  const WEBHOOK_TOLERANCE_IN_SECONDS = 5 * 60; // 5 minutes
59
60
  const WEBHOOK_SIGNATURE_VERSION = "v1";
60
61
  /**
61
- * To initiate scalekit
62
- * @param {string} envUrl The environment url
63
- * @param {string} clientId The client id
64
- * @param {string} clientSecret The client secret
65
- * @returns {ScalekitClient} Returns the scalekit instance
62
+ * Main Scalekit SDK client for interacting with all Scalekit API endpoints.
63
+ *
64
+ * TIP: You can use it as a singleton object - that is you can initialize it just once and use the same client variable wherever required.
65
+ *
66
+ * This is the primary entry point for interacting with Scalekit's authentication services,
67
+ * including SSO, SCIM, user management, roles, permissions, and passwordless authentication.
68
+ *
69
+ * You can find the Environment URL, Client ID and Client Secret in Scalekit Dashboard -> Developers (Settings) -> API Credentials
70
+ *
71
+ * @param {string} envUrl - The Scalekit environment URL (e.g., "https://yourorg.scalekit.com" or your configured custom domain like "https://auth.yourapp.ai")
72
+ * @param {string} clientId - Your Scalekit client ID from the Scalekit Dashboard
73
+ * @param {string} clientSecret - Your Scalekit client secret from the Scalekit Dashboard
74
+ *
66
75
  * @example
67
- * const scalekit = new Scalekit(envUrl, clientId, clientSecret);
68
- */
76
+ * // Initialize the Scalekit client
77
+ * import { ScalekitClient } from '@scalekit-sdk/node';
78
+ *
79
+ * const scalekitClient = new ScalekitClient(
80
+ * process.env.SCALEKIT_ENV_URL,
81
+ * process.env.SCALEKIT_CLIENT_ID,
82
+ * process.env.SCALEKIT_CLIENT_SECRET
83
+ * );
84
+ *
85
+ * // Access various client modules
86
+ * const organizations = await scalekitClient.organization.listOrganization();
87
+ * const users = await scalekitClient.user.listUsers();
88
+ *
89
+ * @see {@link https://docs.scalekit.com/apis/ | Scalekit API Documentation}
90
+ */
69
91
  class ScalekitClient {
70
92
  constructor(envUrl, clientId, clientSecret) {
71
93
  this.coreClient = new core_1.default(envUrl, clientId, clientSecret);
@@ -80,47 +102,152 @@ class ScalekitClient {
80
102
  this.role = new role_1.default(this.grpcConnect, this.coreClient);
81
103
  this.permission = new permission_1.default(this.grpcConnect, this.coreClient);
82
104
  this.auth = new auth_1.default(this.grpcConnect, this.coreClient);
105
+ this.webauthn = new webauthn_1.default(this.grpcConnect, this.coreClient);
83
106
  }
84
107
  /**
85
- * Returns the authorization url to initiate the authentication request.
86
- * @param {string} redirectUri Redirect uri
87
- * @param {AuthorizationUrlOptions} options Authorization url options
88
- * @param {string[]} options.scopes Scopes to request from the user
89
- * @param {string} options.state State parameter
90
- * @param {string} options.nonce Nonce parameter
91
- * @param {string} options.loginHint Login hint parameter
92
- * @param {string} options.domainHint Domain hint parameter
93
- * @param {string} options.connectionId Connection id parameter
94
- * @param {string} options.organizationId Organization id parameter
95
- * @param {string} options.provider Provider i.e. google, github, etc.
96
- * @param {string} options.codeChallenge Code challenge parameter in case of PKCE
97
- * @param {string} options.codeChallengeMethod Code challenge method parameter in case of PKCE
98
- * @param {string} options.prompt Prompt parameter to control the authorization server's authentication behavior
108
+ * Utility method to generate the OAuth 2.0 authorization URL to initiate the SSO authentication flow.
109
+ *
110
+ * This method doesn't make any network calls but instead generates a fully formed Authorization URL
111
+ * as a string that you can redirect your users to initiate authentication.
112
+ *
113
+ * @param {string} redirectUri - The URL where users will be redirected after authentication.
114
+ * Must match one of the redirect URIs configured in your Scalekit dashboard.
115
+ * @param {AuthorizationUrlOptions} [options] - Optional configuration for the authorization request
116
+ * @param {string[]} [options.scopes=['openid', 'profile', 'email']] - OAuth scopes to request. Default includes openid, profile, and email.
117
+ * @param {string} [options.state] - Opaque value to maintain state between request and callback. Used to prevent CSRF attacks.
118
+ * @param {string} [options.nonce] - String value used to associate a client session with an ID Token.
119
+ * @param {string} [options.loginHint] - Hint to the authorization server about the login identifier the user might use (e.g., email address).
120
+ * @param {string} [options.domainHint] - Domain hint to identify which organization's IdP to use for authentication.
121
+ * @param {string} [options.connectionId] - Specific SSO connection ID to use for authentication.
122
+ * @param {string} [options.organizationId] - Organization ID to authenticate against.
123
+ * @param {string} [options.provider] - Social login provider (e.g., 'google', 'github', 'microsoft').
124
+ * @param {string} [options.codeChallenge] - PKCE code challenge for enhanced security in public clients.
125
+ * @param {string} [options.codeChallengeMethod] - Method used to generate the code challenge (we support only 'S256').
126
+ * @param {string} [options.prompt] - Controls the authorization server's authentication behavior (e.g., 'login', 'consent', 'create').
127
+ *
128
+ * @returns {string} The complete authorization URL to redirect the user to
99
129
  *
100
130
  * @example
101
- * const scalekit = new Scalekit(envUrl, clientId, clientSecret);
102
- * const authorizationUrl = scalekit.getAuthorizationUrl(redirectUri, {
103
- * scopes: ['openid', 'profile'],
104
- * prompt: 'create'
105
- * });
106
- * @returns {string} authorization url
131
+ * // Initiate Enterprise SSO authentication for a given org_id
132
+ * const authUrl = scalekitClient.getAuthorizationUrl(
133
+ * 'https://yourapp.com/auth/callback',
134
+ * {
135
+ * state: 'random-state-value',
136
+ * organizationId: 'org_123456'
137
+ * }
138
+ * );
139
+ * // Redirect user to authUrl
140
+ *
141
+ * @example
142
+ * // Initiate Enterprise SSO authentication for a specific connection id
143
+ * // optionally, pass the loginhint to the 3rd party identity provider.
144
+ * const authUrl = scalekitClient.getAuthorizationUrl(
145
+ * 'https://yourapp.com/auth/callback',
146
+ * {
147
+ * connectionId: 'conn_abc123',
148
+ * loginHint: 'user@company.com'
149
+ * }
150
+ * );
151
+ *
152
+ * @example
153
+ * // Social login
154
+ * const authUrl = scalekitClient.getAuthorizationUrl(
155
+ * 'https://yourapp.com/auth/callback',
156
+ * {
157
+ * provider: 'google',
158
+ * state: 'random-state'
159
+ * }
160
+ * );
161
+ *
162
+ * @example
163
+ * // PKCE flow for public clients
164
+ * const authUrl = scalekitClient.getAuthorizationUrl(
165
+ * 'https://yourapp.com/auth/callback',
166
+ * {
167
+ * codeChallenge: 'your-code-challenge',
168
+ * codeChallengeMethod: 'S256',
169
+ * organizationId: 'org_123456'
170
+ * }
171
+ * );
172
+ *
173
+ * @see {@link https://docs.scalekit.com/apis/#tag/api%20auth | Authentication API Documentation}
174
+ * @see {@link authenticateWithCode} - Use this method to exchange the authorization code for tokens
107
175
  */
108
176
  getAuthorizationUrl(redirectUri, options) {
109
177
  var _a;
110
178
  const defaultOptions = {
111
- scopes: ['openid', 'profile', 'email']
179
+ scopes: ["openid", "profile", "email"],
112
180
  };
113
181
  options = Object.assign(Object.assign({}, defaultOptions), options);
114
- const qs = qs_1.default.stringify(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({ response_type: 'code', client_id: this.coreClient.clientId, redirect_uri: redirectUri, scope: (_a = options.scopes) === null || _a === void 0 ? void 0 : _a.join(" ") }, (options.state && { state: options.state })), (options.nonce && { nonce: options.nonce })), (options.loginHint && { login_hint: options.loginHint })), (options.domainHint && { domain_hint: options.domainHint })), (options.domainHint && { domain: options.domainHint })), (options.connectionId && { connection_id: options.connectionId })), (options.organizationId && { organization_id: options.organizationId })), (options.codeChallenge && { code_challenge: options.codeChallenge })), (options.codeChallengeMethod && { code_challenge_method: options.codeChallengeMethod })), (options.provider && { provider: options.provider })), (options.prompt && { prompt: options.prompt })));
182
+ const qs = qs_1.default.stringify(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({ response_type: "code", client_id: this.coreClient.clientId, redirect_uri: redirectUri, scope: (_a = options.scopes) === null || _a === void 0 ? void 0 : _a.join(" ") }, (options.state && { state: options.state })), (options.nonce && { nonce: options.nonce })), (options.loginHint && { login_hint: options.loginHint })), (options.domainHint && { domain_hint: options.domainHint })), (options.domainHint && { domain: options.domainHint })), (options.connectionId && { connection_id: options.connectionId })), (options.organizationId && {
183
+ organization_id: options.organizationId,
184
+ })), (options.codeChallenge && { code_challenge: options.codeChallenge })), (options.codeChallengeMethod && {
185
+ code_challenge_method: options.codeChallengeMethod,
186
+ })), (options.provider && { provider: options.provider })), (options.prompt && { prompt: options.prompt })));
115
187
  return `${this.coreClient.envUrl}/${authorizeEndpoint}?${qs}`;
116
188
  }
117
189
  /**
118
- * Authenticate with the code
119
- * @param {string} code Code
120
- * @param {string} redirectUri Redirect uri
121
- * @param {AuthenticationOptions} options Code authentication options
122
- * @param {string} options.codeVerifier Code verifier in case of PKCE
123
- * @returns {Promise<AuthenticationResponse>} Returns user, id token and access token
190
+ * Exchanges an authorization code for access tokens and user information.
191
+ *
192
+ * This method completes the OAuth 2.0 authorization code flow by exchanging the code
193
+ * received in the callback for access tokens, ID tokens, and user profile information.
194
+ * Call this method in your redirect URI handler after receiving the authorization code.
195
+ *
196
+ * @param {string} code - The authorization code received in the callback URL after user authentication
197
+ * @param {string} redirectUri - The same redirect URI used in getAuthorizationUrl(). Must match exactly.
198
+ * @param {AuthenticationOptions} [options] - Optional authentication configuration
199
+ * @param {string} [options.codeVerifier] - PKCE code verifier to validate the code challenge (required if PKCE was used)
200
+ *
201
+ * @returns {Promise<AuthenticationResponse>} Authentication response containing:
202
+ * - user: User profile information (email, name, organization, etc.)
203
+ * - idToken: JWT ID token containing user claims
204
+ * - accessToken: Access token for API authorization
205
+ * - expiresIn: Token expiration time in seconds
206
+ * - refreshToken: Refresh token for obtaining new access tokens
207
+ *
208
+ * @throws {Error} When the authorization code is invalid, expired, or already used
209
+ * @throws {Error} When the redirect URI doesn't match the one used in authorization
210
+ * @throws {Error} When PKCE code verifier is invalid or missing
211
+ *
212
+ * @example
213
+ * // Basic code exchange (server-side flow)
214
+ * app.get('/auth/callback', async (req, res) => {
215
+ * const { code } = req.query;
216
+ *
217
+ * try {
218
+ * const result = await scalekitClient.authenticateWithCode(
219
+ * code,
220
+ * 'https://yourapp.com/auth/callback'
221
+ * );
222
+ *
223
+ * // Store tokens securely
224
+ * req.session.accessToken = result.accessToken;
225
+ * req.session.user = result.user;
226
+ *
227
+ * res.redirect('/dashboard');
228
+ * } catch (error) {
229
+ * console.error('Authentication failed:', error);
230
+ * res.redirect('/login?error=auth_failed');
231
+ * }
232
+ * });
233
+ *
234
+ * @example
235
+ * // PKCE flow (for public clients)
236
+ * app.get('/auth/callback', async (req, res) => {
237
+ * const { code } = req.query;
238
+ * const codeVerifier = req.session.codeVerifier; // Stored during authorization
239
+ *
240
+ * const result = await scalekitClient.authenticateWithCode(
241
+ * code,
242
+ * 'https://yourapp.com/auth/callback',
243
+ * { codeVerifier }
244
+ * );
245
+ *
246
+ * // Use result.user, result.accessToken, etc.
247
+ * });
248
+ *
249
+ * @see {@link getAuthorizationUrl} - Generate the authorization URL first
250
+ * @see {@link validateAccessToken} - Validate tokens in subsequent requests
124
251
  */
125
252
  authenticateWithCode(code, redirectUri, options) {
126
253
  return __awaiter(this, void 0, void 0, function* () {
@@ -138,17 +265,62 @@ class ScalekitClient {
138
265
  idToken: id_token,
139
266
  accessToken: access_token,
140
267
  expiresIn: expires_in,
141
- refreshToken: refresh_token
268
+ refreshToken: refresh_token,
142
269
  };
143
270
  });
144
271
  }
145
272
  /**
146
- * Get the idp initiated login claims
147
- *
148
- * @param {string} idpInitiatedLoginToken The idp_initiated_login query param from the URL
149
- * @param {TokenValidationOptions} options Optional validation options for issuer and audience
150
- * @returns {object} Returns the idp initiated login claims
151
- */
273
+ * Extracts and validates claims from an IdP-initiated login token.
274
+ *
275
+ * Use this method when handling IdP-initiated SSO flows, where the authentication is
276
+ * initiated from the identity provider's portal rather than your application. This validates
277
+ * the token and returns the necessary information to initiate a new SP Initiated SSO workflow.
278
+ *
279
+ * @param {string} idpInitiatedLoginToken - The token received in the 'idp_initiated_login' query parameter
280
+ * @param {TokenValidationOptions} [options] - Optional token validation configuration
281
+ * @param {string} [options.issuer] - Expected token issuer for validation
282
+ * @param {string} [options.audience] - Expected token audience for validation
283
+ *
284
+ * @returns {Promise<IdpInitiatedLoginClaims>} Claims containing:
285
+ * - connection_id: The SSO connection identifier
286
+ * - organization_id: The organization identifier
287
+ * - login_hint: User's email or login identifier
288
+ * - relay_state: Optional state parameter from the IdP
289
+ *
290
+ * @throws {ScalekitValidateTokenFailureException} When token validation fails
291
+ *
292
+ * @example
293
+ * // Handle IdP-initiated login
294
+ * app.get('/auth/callback', async (req, res) => {
295
+ * const { idp_initiated_login } = req.query;
296
+ *
297
+ * if (idp_initiated_login) {
298
+ * try {
299
+ * const claims = await scalekitClient.getIdpInitiatedLoginClaims(idp_initiated_login);
300
+ *
301
+ * // Redirect to authorization URL with the claims
302
+ * const authUrl = scalekitClient.getAuthorizationUrl(
303
+ * 'https://yourapp.com/auth/callback',
304
+ * {
305
+ * connectionId: claims.connection_id,
306
+ * organizationId: claims.organization_id,
307
+ * loginHint: claims.login_hint,
308
+ * ...(claims.relay_state && { state: claims.relay_state })
309
+ * }
310
+ * );
311
+ *
312
+ * return res.redirect(authUrl);
313
+ * } catch (error) {
314
+ * console.error('IdP-initiated login failed:', error);
315
+ * return res.redirect('/login?error=idp_login_failed');
316
+ * }
317
+ * }
318
+ * // Handle normal callback flow...
319
+ * });
320
+ *
321
+ * @see {@link https://docs.scalekit.com/sso/guides/idp-init-sso/ | IdP-Initiated SSO Documentation}
322
+ * @see {@link getAuthorizationUrl} - Use the claims to construct the authorization URL
323
+ */
152
324
  getIdpInitiatedLoginClaims(idpInitiatedLoginToken, options) {
153
325
  return __awaiter(this, void 0, void 0, function* () {
154
326
  return this.validateToken(idpInitiatedLoginToken, options);
@@ -188,35 +360,85 @@ class ScalekitClient {
188
360
  * });
189
361
  */
190
362
  getLogoutUrl(options) {
191
- const qs = qs_1.default.stringify(Object.assign(Object.assign(Object.assign({}, ((options === null || options === void 0 ? void 0 : options.idTokenHint) && { id_token_hint: options.idTokenHint })), ((options === null || options === void 0 ? void 0 : options.postLogoutRedirectUri) && { post_logout_redirect_uri: options.postLogoutRedirectUri })), ((options === null || options === void 0 ? void 0 : options.state) && { state: options.state })));
192
- return `${this.coreClient.envUrl}/${logoutEndpoint}${qs ? `?${qs}` : ''}`;
363
+ const qs = qs_1.default.stringify(Object.assign(Object.assign(Object.assign({}, ((options === null || options === void 0 ? void 0 : options.idTokenHint) && { id_token_hint: options.idTokenHint })), ((options === null || options === void 0 ? void 0 : options.postLogoutRedirectUri) && {
364
+ post_logout_redirect_uri: options.postLogoutRedirectUri,
365
+ })), ((options === null || options === void 0 ? void 0 : options.state) && { state: options.state })));
366
+ return `${this.coreClient.envUrl}/${logoutEndpoint}${qs ? `?${qs}` : ""}`;
193
367
  }
194
368
  /**
195
- * Verify webhook payload
369
+ * Verifies the authenticity and integrity of webhook payloads from Scalekit.
196
370
  *
197
- * @param {string} secret The secret
198
- * @param {Record<string, string>} headers The headers
199
- * @param {string} payload The payload
200
- * @return {boolean} Returns true if the payload is valid.
371
+ * Use this method to validate webhook requests from Scalekit by verifying the HMAC signature.
372
+ * This ensures the webhook was sent by Scalekit and hasn't been tampered with. The method
373
+ * checks the signature and timestamp to prevent replay attacks (5-minute tolerance window).
374
+ *
375
+ * @param {string} secret - Your webhook signing secret from the Scalekit dashboard (format: 'whsec_...')
376
+ * @param {Record<string, string>} headers - The HTTP headers from the webhook request
377
+ * @param {string} payload - The raw webhook request body as a string
378
+ *
379
+ * @returns {boolean} Returns true if the webhook signature is valid
380
+ *
381
+ * @throws {WebhookVerificationError} When required headers are missing
382
+ * @throws {WebhookVerificationError} When the secret format is invalid
383
+ * @throws {WebhookVerificationError} When the signature doesn't match
384
+ * @throws {WebhookVerificationError} When the timestamp is too old (>5 minutes) or in the future
385
+ *
386
+ * @example
387
+ * // Express.js webhook handler
388
+ * app.post('/webhooks/scalekit', express.raw({ type: 'application/json' }), (req, res) => {
389
+ * const secret = process.env.SCALEKIT_WEBHOOK_SECRET;
390
+ * const headers = req.headers;
391
+ * const payload = req.body.toString();
392
+ *
393
+ * try {
394
+ * const isValid = scalekitClient.verifyWebhookPayload(secret, headers, payload);
395
+ *
396
+ * if (isValid) {
397
+ * const event = JSON.parse(payload);
398
+ *
399
+ * // Process the webhook event
400
+ * switch (event.type) {
401
+ * case 'user.created':
402
+ * console.log('New user created:', event.data);
403
+ * break;
404
+ * case 'connection.enabled':
405
+ * console.log('Connection enabled:', event.data);
406
+ * break;
407
+ * }
408
+ *
409
+ * res.status(200).send('Webhook received');
410
+ * }
411
+ * } catch (error) {
412
+ * console.error('Webhook verification failed:', error);
413
+ * res.status(400).send('Invalid webhook signature');
414
+ * }
415
+ * });
416
+ *
417
+ * @see {@link https://docs.scalekit.com/reference/webhooks/overview/ | Webhook Documentation}
418
+ * @see {@link verifyInterceptorPayload} - Similar method for interceptor payloads
201
419
  */
202
420
  verifyWebhookPayload(secret, headers, payload) {
203
- const webhookId = headers['webhook-id'];
204
- const webhookTimestamp = headers['webhook-timestamp'];
205
- const webhookSignature = headers['webhook-signature'];
421
+ const webhookId = headers["webhook-id"];
422
+ const webhookTimestamp = headers["webhook-timestamp"];
423
+ const webhookSignature = headers["webhook-signature"];
206
424
  return this.verifyPayloadSignature(secret, webhookId, webhookTimestamp, webhookSignature, payload);
207
425
  }
208
426
  /**
209
- * Verify interceptor payload
427
+ * Verifies the authenticity and integrity of interceptor payloads from Scalekit.
210
428
  *
211
- * @param {string} secret The secret
212
- * @param {Record<string, string>} headers The headers
213
- * @param {string} payload The payload
214
- * @return {boolean} Returns true if the payload is valid.
429
+ * Use this method to validate HTTP interceptor requests from Scalekit by verifying the HMAC signature.
430
+ * This ensures the interceptor payload was sent by Scalekit and hasn't been tampered with. The method
431
+ * checks the signature and timestamp to prevent replay attacks (5-minute tolerance window)
432
+ *
433
+ * @param {string} secret Your interceptor signing secret that you can copy from Scalekit Dashboard
434
+ * @param {Record<string, string>} headers The HTTP headers from the interceptor request
435
+ * @param {string} payload The raw interceptor request body as a string
436
+ * @return {boolean} Returns true if the interceptor payload is valid.
215
437
  */
216
438
  verifyInterceptorPayload(secret, headers, payload) {
217
- const interceptorId = headers['interceptor-id'];
218
- const interceptorTimestamp = headers['interceptor-timestamp'];
219
- const interceptorSignature = headers['interceptor-signature'];
439
+ const interceptorId = headers["interceptor-id"];
440
+ const interceptorTimestamp = headers["interceptor-timestamp"];
441
+ const interceptorSignature = headers["interceptor-signature"];
220
442
  return this.verifyPayloadSignature(secret, interceptorId, interceptorTimestamp, interceptorSignature, payload);
221
443
  }
222
444
  /**
@@ -240,7 +462,7 @@ class ScalekitClient {
240
462
  try {
241
463
  const timestampDate = this.verifyTimestamp(timestamp);
242
464
  const data = `${id}.${Math.floor(timestampDate.getTime() / 1000)}.${payload}`;
243
- const secretBytes = Buffer.from(secretParts[1], 'base64');
465
+ const secretBytes = Buffer.from(secretParts[1], "base64");
244
466
  const computedSignature = this.computeSignature(secretBytes, data);
245
467
  const receivedSignatures = signature.split(" ");
246
468
  for (const versionedSignature of receivedSignatures) {
@@ -248,21 +470,21 @@ class ScalekitClient {
248
470
  if (version !== WEBHOOK_SIGNATURE_VERSION) {
249
471
  continue;
250
472
  }
251
- if (crypto_1.default.timingSafeEqual(Buffer.from(receivedSignature, 'base64'), Buffer.from(computedSignature, 'base64'))) {
473
+ if (crypto_1.default.timingSafeEqual(Buffer.from(receivedSignature, "base64"), Buffer.from(computedSignature, "base64"))) {
252
474
  return true;
253
475
  }
254
476
  }
255
- throw new base_exception_1.WebhookVerificationError("Invalid signature");
477
+ throw new base_exception_1.WebhookVerificationError("Invalid Signature");
256
478
  }
257
479
  catch (error) {
258
480
  if (error instanceof base_exception_1.WebhookVerificationError) {
259
481
  throw error;
260
482
  }
261
- throw new base_exception_1.WebhookVerificationError("Invalid signature");
483
+ throw new base_exception_1.WebhookVerificationError("Invalid Signature");
262
484
  }
263
485
  }
264
486
  /**
265
- * Validates a token and returns its payload if valid.
487
+ * Validates a token and returns the claims as json payload if valid.
266
488
  * Supports issuer, audience, and scope validation.
267
489
  *
268
490
  * @param {string} token The token to be validated
@@ -274,7 +496,7 @@ class ScalekitClient {
274
496
  return __awaiter(this, void 0, void 0, function* () {
275
497
  yield this.coreClient.getJwks();
276
498
  const jwks = jose.createLocalJWKSet({
277
- keys: this.coreClient.keys
499
+ keys: this.coreClient.keys,
278
500
  });
279
501
  try {
280
502
  const { payload } = yield jose.jwtVerify(token, jwks, Object.assign(Object.assign({}, ((options === null || options === void 0 ? void 0 : options.issuer) && { issuer: options.issuer })), ((options === null || options === void 0 ? void 0 : options.audience) && { audience: options.audience })));
@@ -299,9 +521,9 @@ class ScalekitClient {
299
521
  verifyScopes(token, requiredScopes) {
300
522
  const payload = jose.decodeJwt(token);
301
523
  const scopes = this.extractScopesFromPayload(payload);
302
- const missingScopes = requiredScopes.filter(scope => !scopes.includes(scope));
524
+ const missingScopes = requiredScopes.filter((scope) => !scopes.includes(scope));
303
525
  if (missingScopes.length > 0) {
304
- throw new base_exception_1.ScalekitValidateTokenFailureException(`Token missing required scopes: ${missingScopes.join(', ')}`);
526
+ throw new base_exception_1.ScalekitValidateTokenFailureException(`Token missing required scopes: ${missingScopes.join(", ")}`);
305
527
  }
306
528
  return true;
307
529
  }
@@ -345,13 +567,69 @@ class ScalekitClient {
345
567
  * @return {string} Returns the signature
346
568
  */
347
569
  computeSignature(secretBytes, data) {
348
- return crypto_1.default.createHmac('sha256', secretBytes).update(data).digest('base64');
570
+ return crypto_1.default
571
+ .createHmac("sha256", secretBytes)
572
+ .update(data)
573
+ .digest("base64");
349
574
  }
350
575
  /**
351
- * Refresh access token using a refresh token
352
- * @param {string} refreshToken The refresh token to use
353
- * @returns {Promise<RefreshTokenResponse>} Returns new access token, refresh token and other details
354
- * @throws {Error} When authentication fails or response data is invalid
576
+ * Obtains a new access token using a refresh token.
577
+ *
578
+ * Use this method to get a new access token when the current one expires, without requiring
579
+ * the user to re-authenticate. This implements the OAuth 2.0 refresh token grant type.
580
+ * The method returns both a new access token and a new refresh token (token rotation).
581
+ *
582
+ * @param {string} refreshToken - The refresh token obtained from a previous authentication
583
+ *
584
+ * @returns {Promise<RefreshTokenResponse>} Response containing:
585
+ * - accessToken: New access token for API authorization
586
+ * - refreshToken: New refresh token (the old one is invalidated)
587
+ *
588
+ * @throws {Error} When the refresh token is missing
589
+ * @throws {Error} When the refresh token is invalid, expired, or revoked
590
+ * @throws {Error} When the authentication server response is invalid
591
+ *
592
+ * @example
593
+ * // Refresh tokens before they expire
594
+ * async function refreshUserToken(userId) {
595
+ * try {
596
+ * const oldRefreshToken = await getStoredRefreshToken(userId);
597
+ *
598
+ * const result = await scalekitClient.refreshAccessToken(oldRefreshToken);
599
+ *
600
+ * // Store the new tokens (old refresh token is now invalid)
601
+ * await storeTokens(userId, {
602
+ * accessToken: result.accessToken,
603
+ * refreshToken: result.refreshToken
604
+ * });
605
+ *
606
+ * return result.accessToken;
607
+ * } catch (error) {
608
+ * console.error('Token refresh failed:', error);
609
+ * // Redirect user to login
610
+ * throw new Error('Please log in again');
611
+ * }
612
+ * }
613
+ *
614
+ * @example
615
+ * // Automatic token refresh middleware
616
+ * app.use(async (req, res, next) => {
617
+ * const accessToken = req.session.accessToken;
618
+ * const refreshToken = req.session.refreshToken;
619
+ *
620
+ * // Check if access token is expired (decode JWT and check exp claim)
621
+ * if (isTokenExpired(accessToken) && refreshToken) {
622
+ * try {
623
+ * const result = await scalekitClient.refreshAccessToken(refreshToken);
624
+ * req.session.accessToken = result.accessToken;
625
+ * req.session.refreshToken = result.refreshToken;
626
+ * } catch (error) {
627
+ * return res.redirect('/login');
628
+ * }
629
+ * }
630
+ * next();
631
+ * });
632
+ *
355
633
  */
356
634
  refreshAccessToken(refreshToken) {
357
635
  return __awaiter(this, void 0, void 0, function* () {
@@ -364,11 +642,11 @@ class ScalekitClient {
364
642
  grant_type: scalekit_1.GrantType.RefreshToken,
365
643
  client_id: this.coreClient.clientId,
366
644
  client_secret: this.coreClient.clientSecret,
367
- refresh_token: refreshToken
645
+ refresh_token: refreshToken,
368
646
  }));
369
647
  }
370
648
  catch (error) {
371
- throw new Error(`Failed to refresh token: ${error instanceof Error ? error.message : 'Unknown error'}`);
649
+ throw new Error(`Failed to refresh token: ${error instanceof Error ? error.message : "Unknown error"}`);
372
650
  }
373
651
  if (!res || !res.data) {
374
652
  throw new Error("Invalid response from authentication server");
@@ -383,7 +661,7 @@ class ScalekitClient {
383
661
  }
384
662
  return {
385
663
  accessToken: access_token,
386
- refreshToken: refresh_token
664
+ refreshToken: refresh_token,
387
665
  };
388
666
  });
389
667
  }
package/lib/scalekit.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"scalekit.js","sourceRoot":"","sources":["../src/scalekit.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAA4B;AAC5B,2CAA6B;AAC7B,4CAA6B;AAC7B,wDAAoC;AACpC,8DAA4C;AAC5C,2CAAyD;AACzD,kDAAgC;AAChC,4DAA0C;AAC1C,sDAAoC;AACpC,kDAAgC;AAChC,kEAAgD;AAChD,kEAAgD;AAChD,kDAAgC;AAChC,wDAAsC;AACtC,kDAAgC;AAChC,8DAA4C;AAE5C,+CAAqL;AACrL,4DAA0G;AAE1G,MAAM,iBAAiB,GAAG,iBAAiB,CAAC;AAC5C,MAAM,cAAc,GAAG,aAAa,CAAC;AACrC,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,YAAY;AACzD,MAAM,yBAAyB,GAAG,IAAI,CAAC;AAEvC;;;;;;;;EAQE;AACF,MAAqB,cAAc;IAajC,YACE,MAAc,EACd,QAAgB,EAChB,YAAoB;QAEpB,IAAI,CAAC,UAAU,GAAG,IAAI,cAAU,CAC9B,MAAM,EACN,QAAQ,EACR,YAAY,CACb,CAAC;QACF,IAAI,CAAC,WAAW,GAAG,IAAI,iBAAW,CAChC,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,IAAI,CAAC,YAAY,GAAG,IAAI,sBAAkB,CACxC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,IAAI,oBAAgB,CACpC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,IAAI,gBAAY,CAC5B,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,SAAS,GAAG,IAAI,mBAAe,CAClC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,sBAAkB,CACxC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,IAAI,cAAU,CACxB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,IAAI,iBAAa,CAC9B,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,IAAI,cAAU,CACxB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,IAAI,oBAAgB,CACpC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,IAAI,cAAU,CACxB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,mBAAmB,CACjB,WAAmB,EACnB,OAAiC;;QAEjC,MAAM,cAAc,GAA4B;YAC9C,MAAM,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;SACvC,CAAA;QACD,OAAO,mCACF,cAAc,GACd,OAAO,CACX,CAAA;QACD,MAAM,EAAE,GAAG,YAAW,CAAC,SAAS,6JAC9B,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ,EACnC,YAAY,EAAE,WAAW,EACzB,KAAK,EAAE,MAAA,OAAO,CAAC,MAAM,0CAAE,IAAI,CAAC,GAAG,CAAC,IAC7B,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,GAC3C,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,GAC3C,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,GACxD,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,GAC3D,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,GACtD,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,GACjE,CAAC,OAAO,CAAC,cAAc,IAAI,EAAE,eAAe,EAAE,OAAO,CAAC,cAAc,EAAE,CAAC,GACvE,CAAC,OAAO,CAAC,aAAa,IAAI,EAAE,cAAc,EAAE,OAAO,CAAC,aAAa,EAAE,CAAC,GACpE,CAAC,OAAO,CAAC,mBAAmB,IAAI,EAAE,qBAAqB,EAAE,OAAO,CAAC,mBAAmB,EAAE,CAAC,GACvF,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,GACpD,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,EACjD,CAAA;QAEF,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,iBAAiB,IAAI,EAAE,EAAE,CAAA;IAC/D,CAAC;IAED;;;;;;;OAOG;IACG,oBAAoB,CACxB,IAAY,EACZ,WAAmB,EACnB,OAA+B;;YAE/B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,YAAW,CAAC,SAAS,iBAClE,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,WAAW,EACzB,UAAU,EAAE,oBAAS,CAAC,iBAAiB,EACvC,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ,EACnC,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,YAAY,IACxC,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,KAAI,EAAE,aAAa,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,EACrE,CAAC,CAAA;YACH,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,UAAU,EAAG,aAAa,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YACxE,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAe,QAAQ,CAAC,CAAC;YACtD,MAAM,IAAI,GAAS,EAAE,CAAC;YACtB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC5C,IAAI,4BAAqB,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC7B,IAAI,CAAC,4BAAqB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;YAED,OAAO;gBACL,IAAI;gBACJ,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,YAAY;gBACzB,SAAS,EAAE,UAAU;gBACrB,YAAY,EAAE,aAAa;aAC5B,CAAA;QACH,CAAC;KAAA;IAED;;;;;;MAME;IACI,0BAA0B,CAAC,sBAA8B,EAAE,OAAgC;;YAC/F,OAAO,IAAI,CAAC,aAAa,CAA0B,sBAAsB,EAAE,OAAO,CAAC,CAAC;QACtF,CAAC;KAAA;IAED;;;;;;OAMG;IACG,mBAAmB,CAAC,KAAa,EAAE,OAAgC;;YACvE,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBACzC,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;KAAA;IAID;;;;;;;;;;;;;;OAcG;IACH,YAAY,CAAC,OAA0B;QACrC,MAAM,EAAE,GAAG,YAAW,CAAC,SAAS,+CAC3B,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,KAAI,EAAE,aAAa,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,GAChE,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,qBAAqB,KAAI,EAAE,wBAAwB,EAAE,OAAO,CAAC,qBAAqB,EAAE,CAAC,GAC/F,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,KAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,EAC/C,CAAC;QAEH,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,cAAc,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAC5E,CAAC;IAED;;;;;;;OAOG;IACH,oBAAoB,CAAC,MAAc,EAAE,OAA+B,EAAE,OAAe;QACnF,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;QACxC,MAAM,gBAAgB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;QACtD,MAAM,gBAAgB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;QAEtD,OAAO,IAAI,CAAC,sBAAsB,CAAC,MAAM,EAAE,SAAS,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,OAAO,CAAC,CAAC;IACrG,CAAC;IAED;;;;;;;OAOG;IACH,wBAAwB,CAAC,MAAc,EAAE,OAA+B,EAAE,OAAe;QACvF,MAAM,aAAa,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;QAChD,MAAM,oBAAoB,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;QAC9D,MAAM,oBAAoB,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;QAE9D,OAAO,IAAI,CAAC,sBAAsB,CAAC,MAAM,EAAE,aAAa,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,OAAO,CAAC,CAAC;IACjH,CAAC;IAED;;;;;;;;;OASG;IACK,sBAAsB,CAAC,MAAc,EAAE,EAAU,EAAE,SAAiB,EAAE,SAAiB,EAAE,OAAe;QAC9G,IAAI,CAAC,EAAE,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,EAAE,CAAC;YACpC,MAAM,IAAI,yCAAwB,CAAC,0BAA0B,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,yCAAwB,CAAC,gBAAgB,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;YACtD,MAAM,IAAI,GAAG,GAAG,EAAE,IAAI,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,IAAI,OAAO,EAAE,CAAC;YAC9E,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;YAC1D,MAAM,iBAAiB,GAAG,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;YACnE,MAAM,kBAAkB,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAEhD,KAAK,MAAM,kBAAkB,IAAI,kBAAkB,EAAE,CAAC;gBACpD,MAAM,CAAC,OAAO,EAAE,iBAAiB,CAAC,GAAG,kBAAkB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACnE,IAAI,OAAO,KAAK,yBAAyB,EAAE,CAAC;oBAC1C,SAAS;gBACX,CAAC;gBACD,IAAI,gBAAM,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,QAAQ,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,QAAQ,CAAC,CAAC,EAAE,CAAC;oBAC/G,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;YAED,MAAM,IAAI,yCAAwB,CAAC,mBAAmB,CAAC,CAAC;QAC1D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,yCAAwB,EAAE,CAAC;gBAC9C,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,yCAAwB,CAAC,mBAAmB,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED;;;;;;;;OAQG;IACG,aAAa,CAAI,KAAa,EAAE,OAAgC;;YACpE,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;YAChC,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,CAAC;gBAClC,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI;aAC3B,CAAC,CAAA;YACF,IAAI,CAAC;gBACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAI,KAAK,EAAE,IAAI,kCAClD,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,KAAI,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,GAC/C,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,KAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,EACxD,CAAC;gBAEH,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,cAAc,KAAI,OAAO,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACjE,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;gBACnD,CAAC;gBAED,OAAO,OAAO,CAAC;YACjB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,sDAAqC,CAAC,KAAK,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;OAOG;IACH,YAAY,CAAC,KAAa,EAAE,cAAwB;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;QAEtD,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;QAE9E,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,sDAAqC,CAAC,kCAAkC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAChH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;OAKG;IACK,wBAAwB,CAAC,OAA4B;QAC3D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC9B,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;YAC1B,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,WAAC,OAAA,CAAC,CAAC,CAAA,MAAA,KAAK,CAAC,IAAI,qDAAI,CAAA,CAAA,EAAA,CAAC;YAC5C,CAAC,CAAC,EAAE,CAAC;IACT,CAAC;IAED;;;;;OAKG;IACK,eAAe,CAAC,YAAoB;QAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QAC7C,IAAI,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,yCAAwB,CAAC,2BAA2B,CAAC,CAAC;QAClE,CAAC;QACD,IAAI,GAAG,GAAG,SAAS,GAAG,4BAA4B,EAAE,CAAC;YACnD,MAAM,IAAI,yCAAwB,CAAC,2BAA2B,CAAC,CAAC;QAClE,CAAC;QACD,IAAI,SAAS,GAAG,GAAG,GAAG,4BAA4B,EAAE,CAAC;YACnD,MAAM,IAAI,yCAAwB,CAAC,2BAA2B,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IACpC,CAAC;IAED;;;;;;OAMG;IACK,gBAAgB,CAAC,WAAmB,EAAE,IAAY;QACxD,OAAO,gBAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChF,CAAC;IAED;;;;;OAKG;IACG,kBAAkB,CAAC,YAAoB;;YAC3C,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC/C,CAAC;YAED,IAAI,GAAG,CAAC;YACR,IAAI,CAAC;gBACH,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,YAAW,CAAC,SAAS,CAAC;oBAC7D,UAAU,EAAE,oBAAS,CAAC,YAAY;oBAClC,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ;oBACnC,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,YAAY;oBAC3C,aAAa,EAAE,YAAY;iBAC5B,CAAC,CAAC,CAAC;YACN,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,KAAK,CAAC,4BAA4B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC,CAAC;YAC1G,CAAC;YAED,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBACtB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,CAAC;YAED,MAAM,EAAE,YAAY,EAAE,aAAa,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YAEjD,8CAA8C;YAC9C,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACrE,CAAC;YACD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,OAAO;gBACL,WAAW,EAAE,YAAY;gBACzB,YAAY,EAAE,aAAa;aAC5B,CAAC;QACJ,CAAC;KAAA;CACF;AAnbD,iCAmbC"}
1
+ {"version":3,"file":"scalekit.js","sourceRoot":"","sources":["../src/scalekit.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAA4B;AAC5B,2CAA6B;AAC7B,4CAA6B;AAC7B,wDAAoC;AACpC,8DAA4C;AAC5C,2CAAyD;AACzD,kDAAgC;AAChC,4DAA0C;AAC1C,sDAAoC;AACpC,kDAAgC;AAChC,kEAAgD;AAChD,kEAAgD;AAChD,kDAAgC;AAChC,wDAAsC;AACtC,kDAAgC;AAChC,8DAA4C;AAC5C,0DAAwC;AAExC,+CAAqL;AACrL,4DAA0G;AAE1G,MAAM,iBAAiB,GAAG,iBAAiB,CAAC;AAC5C,MAAM,cAAc,GAAG,aAAa,CAAC;AACrC,MAAM,4BAA4B,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,YAAY;AACzD,MAAM,yBAAyB,GAAG,IAAI,CAAC;AAEvC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,MAAqB,cAAc;IAcjC,YACE,MAAc,EACd,QAAgB,EAChB,YAAoB;QAEpB,IAAI,CAAC,UAAU,GAAG,IAAI,cAAU,CAC9B,MAAM,EACN,QAAQ,EACR,YAAY,CACb,CAAC;QACF,IAAI,CAAC,WAAW,GAAG,IAAI,iBAAW,CAChC,IAAI,CAAC,UAAU,CAChB,CAAC;QAEF,IAAI,CAAC,YAAY,GAAG,IAAI,sBAAkB,CACxC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,IAAI,oBAAgB,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1E,IAAI,CAAC,MAAM,GAAG,IAAI,gBAAY,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAClE,IAAI,CAAC,SAAS,GAAG,IAAI,mBAAe,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QACxE,IAAI,CAAC,YAAY,GAAG,IAAI,sBAAkB,CACxC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,IAAI,cAAU,CACxB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,IAAI,iBAAa,CAC9B,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,IAAI,cAAU,CACxB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,IAAI,oBAAgB,CACpC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,IAAI,cAAU,CACxB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,IAAI,kBAAc,CAChC,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,UAAU,CAChB,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAoEG;IACH,mBAAmB,CACjB,WAAmB,EACnB,OAAiC;;QAEjC,MAAM,cAAc,GAA4B;YAC9C,MAAM,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;SACvC,CAAC;QACF,OAAO,mCACF,cAAc,GACd,OAAO,CACX,CAAC;QACF,MAAM,EAAE,GAAG,YAAW,CAAC,SAAS,6JAC9B,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ,EACnC,YAAY,EAAE,WAAW,EACzB,KAAK,EAAE,MAAA,OAAO,CAAC,MAAM,0CAAE,IAAI,CAAC,GAAG,CAAC,IAC7B,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,GAC3C,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,GAC3C,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,GACxD,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,GAC3D,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,GACtD,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,GACjE,CAAC,OAAO,CAAC,cAAc,IAAI;YAC5B,eAAe,EAAE,OAAO,CAAC,cAAc;SACxC,CAAC,GACC,CAAC,OAAO,CAAC,aAAa,IAAI,EAAE,cAAc,EAAE,OAAO,CAAC,aAAa,EAAE,CAAC,GACpE,CAAC,OAAO,CAAC,mBAAmB,IAAI;YACjC,qBAAqB,EAAE,OAAO,CAAC,mBAAmB;SACnD,CAAC,GACC,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,GACpD,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,EACjD,CAAC;QAEH,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,iBAAiB,IAAI,EAAE,EAAE,CAAC;IAChE,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA8DG;IACG,oBAAoB,CACxB,IAAY,EACZ,WAAmB,EACnB,OAA+B;;YAE/B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,YAAY,CAC5C,YAAW,CAAC,SAAS,iBACnB,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,WAAW,EACzB,UAAU,EAAE,oBAAS,CAAC,iBAAiB,EACvC,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ,EACnC,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,YAAY,IACxC,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,KAAI,EAAE,aAAa,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,EACrE,CACH,CAAC;YACF,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,UAAU,EAAE,aAAa,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YACvE,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAe,QAAQ,CAAC,CAAC;YACtD,MAAM,IAAI,GAAS,EAAE,CAAC;YACtB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC5C,IAAI,4BAAqB,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC7B,IAAI,CAAC,4BAAqB,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;YAED,OAAO;gBACL,IAAI;gBACJ,OAAO,EAAE,QAAQ;gBACjB,WAAW,EAAE,YAAY;gBACzB,SAAS,EAAE,UAAU;gBACrB,YAAY,EAAE,aAAa;aAC5B,CAAC;QACJ,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAmDG;IACG,0BAA0B,CAC9B,sBAA8B,EAC9B,OAAgC;;YAEhC,OAAO,IAAI,CAAC,aAAa,CACvB,sBAAsB,EACtB,OAAO,CACR,CAAC;QACJ,CAAC;KAAA;IAED;;;;;;OAMG;IACG,mBAAmB,CACvB,KAAa,EACb,OAAgC;;YAEhC,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBACzC,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACH,YAAY,CAAC,OAA0B;QACrC,MAAM,EAAE,GAAG,YAAW,CAAC,SAAS,+CAC3B,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,KAAI,EAAE,aAAa,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,GAChE,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,qBAAqB,KAAI;YACpC,wBAAwB,EAAE,OAAO,CAAC,qBAAqB;SACxD,CAAC,GACC,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,KAAI,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,EAC/C,CAAC;QAEH,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,cAAc,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IAC5E,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAmDG;IACH,oBAAoB,CAClB,MAAc,EACd,OAA+B,EAC/B,OAAe;QAEf,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;QACxC,MAAM,gBAAgB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;QACtD,MAAM,gBAAgB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;QAEtD,OAAO,IAAI,CAAC,sBAAsB,CAChC,MAAM,EACN,SAAS,EACT,gBAAgB,EAChB,gBAAgB,EAChB,OAAO,CACR,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;OAWG;IACH,wBAAwB,CACtB,MAAc,EACd,OAA+B,EAC/B,OAAe;QAEf,MAAM,aAAa,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;QAChD,MAAM,oBAAoB,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;QAC9D,MAAM,oBAAoB,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC;QAE9D,OAAO,IAAI,CAAC,sBAAsB,CAChC,MAAM,EACN,aAAa,EACb,oBAAoB,EACpB,oBAAoB,EACpB,OAAO,CACR,CAAC;IACJ,CAAC;IAED;;;;;;;;;OASG;IACK,sBAAsB,CAC5B,MAAc,EACd,EAAU,EACV,SAAiB,EACjB,SAAiB,EACjB,OAAe;QAEf,IAAI,CAAC,EAAE,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,EAAE,CAAC;YACpC,MAAM,IAAI,yCAAwB,CAAC,0BAA0B,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACtC,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,yCAAwB,CAAC,gBAAgB,CAAC,CAAC;QACvD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;YACtD,MAAM,IAAI,GAAG,GAAG,EAAE,IAAI,IAAI,CAAC,KAAK,CAC9B,aAAa,CAAC,OAAO,EAAE,GAAG,IAAI,CAC/B,IAAI,OAAO,EAAE,CAAC;YACf,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;YAC1D,MAAM,iBAAiB,GAAG,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;YACnE,MAAM,kBAAkB,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAEhD,KAAK,MAAM,kBAAkB,IAAI,kBAAkB,EAAE,CAAC;gBACpD,MAAM,CAAC,OAAO,EAAE,iBAAiB,CAAC,GAAG,kBAAkB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACnE,IAAI,OAAO,KAAK,yBAAyB,EAAE,CAAC;oBAC1C,SAAS;gBACX,CAAC;gBACD,IACE,gBAAM,CAAC,eAAe,CACpB,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,QAAQ,CAAC,EACxC,MAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,QAAQ,CAAC,CACzC,EACD,CAAC;oBACD,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;YAED,MAAM,IAAI,yCAAwB,CAAC,mBAAmB,CAAC,CAAC;QAC1D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,yCAAwB,EAAE,CAAC;gBAC9C,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,yCAAwB,CAAC,mBAAmB,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED;;;;;;;;OAQG;IACG,aAAa,CACjB,KAAa,EACb,OAAgC;;YAEhC,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;YAChC,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,CAAC;gBAClC,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI;aAC3B,CAAC,CAAC;YACH,IAAI,CAAC;gBACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAI,KAAK,EAAE,IAAI,kCAClD,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,KAAI,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,GAC/C,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,KAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,EACxD,CAAC;gBAEH,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,cAAc,KAAI,OAAO,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACjE,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,cAAc,CAAC,CAAC;gBACnD,CAAC;gBAED,OAAO,OAAO,CAAC;YACjB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,sDAAqC,CAAC,KAAK,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;OAOG;IACH,YAAY,CAAC,KAAa,EAAE,cAAwB;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;QAEtD,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CACzC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CACnC,CAAC;QAEF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,sDAAqC,CAC7C,kCAAkC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC7D,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;OAKG;IACK,wBAAwB,CAAC,OAA4B;QAC3D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC9B,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;YAC1B,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,WAAC,OAAA,CAAC,CAAC,CAAA,MAAA,KAAK,CAAC,IAAI,qDAAI,CAAA,CAAA,EAAA,CAAC;YAC5C,CAAC,CAAC,EAAE,CAAC;IACT,CAAC;IAED;;;;;OAKG;IACK,eAAe,CAAC,YAAoB;QAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QAC7C,IAAI,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,yCAAwB,CAAC,2BAA2B,CAAC,CAAC;QAClE,CAAC;QACD,IAAI,GAAG,GAAG,SAAS,GAAG,4BAA4B,EAAE,CAAC;YACnD,MAAM,IAAI,yCAAwB,CAAC,2BAA2B,CAAC,CAAC;QAClE,CAAC;QACD,IAAI,SAAS,GAAG,GAAG,GAAG,4BAA4B,EAAE,CAAC;YACnD,MAAM,IAAI,yCAAwB,CAAC,2BAA2B,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IACpC,CAAC;IAED;;;;;;OAMG;IACK,gBAAgB,CAAC,WAAmB,EAAE,IAAY;QACxD,OAAO,gBAAM;aACV,UAAU,CAAC,QAAQ,EAAE,WAAW,CAAC;aACjC,MAAM,CAAC,IAAI,CAAC;aACZ,MAAM,CAAC,QAAQ,CAAC,CAAC;IACtB,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA0DG;IACG,kBAAkB,CACtB,YAAoB;;YAEpB,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC/C,CAAC;YAED,IAAI,GAAG,CAAC;YACR,IAAI,CAAC;gBACH,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,YAAY,CACtC,YAAW,CAAC,SAAS,CAAC;oBACpB,UAAU,EAAE,oBAAS,CAAC,YAAY;oBAClC,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ;oBACnC,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,YAAY;oBAC3C,aAAa,EAAE,YAAY;iBAC5B,CAAC,CACH,CAAC;YACJ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,KAAK,CACb,4BACE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAC3C,EAAE,CACH,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBACtB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;YACjE,CAAC;YAED,MAAM,EAAE,YAAY,EAAE,aAAa,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YAEjD,8CAA8C;YAC9C,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACrE,CAAC;YACD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,OAAO;gBACL,WAAW,EAAE,YAAY;gBACzB,YAAY,EAAE,aAAa;aAC5B,CAAC;QACJ,CAAC;KAAA;CACF;AAvuBD,iCAuuBC"}