@simplewebauthn/server 10.0.1 → 11.0.0-alpha3

package/esm/services/defaultRootCerts/android-key.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"android-key.d.ts","sourceRoot":"","sources":["../../../src/services/defaultRootCerts/android-key.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AACH,eAAO,MAAM,kCAAkC,u6DA+B9C,CAAC;AAEF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,kCAAkC,60DA8B9C,CAAC"}

package/esm/services/defaultRootCerts/android-safetynet.d.ts

@@ -9,3 +9,4 @@
  * EB:D4:10:40:E4:BB:3E:C7:42:C9:E3:81:D3:1E:F2:A4:1A:48:B6:68:5C:96:E7:CE:F3:C1:DF:6C:D4:33:1C:99
  */
 export declare const GlobalSign_Root_CA = "-----BEGIN CERTIFICATE-----\nMIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG\nA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv\nb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw\nMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i\nYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT\naWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ\njc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp\nxy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp\n1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG\nsnUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ\nU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8\n9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\nBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B\nAQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz\nyj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE\n38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP\nAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad\nDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME\nHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==\n-----END CERTIFICATE-----\n";
+//# sourceMappingURL=android-safetynet.d.ts.map

package/esm/services/defaultRootCerts/android-safetynet.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"android-safetynet.d.ts","sourceRoot":"","sources":["../../../src/services/defaultRootCerts/android-safetynet.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,eAAO,MAAM,kBAAkB,uwCAqB9B,CAAC"}

package/esm/services/defaultRootCerts/apple.d.ts

@@ -9,3 +9,4 @@
  * 09:15:DD:5C:07:A2:8D:B5:49:D1:F6:77:BB:5A:75:D4:BF:BE:95:61:A7:73:42:43:27:76:2E:9E:02:F9:BB:29
  */
 export declare const Apple_WebAuthn_Root_CA = "-----BEGIN CERTIFICATE-----\nMIICEjCCAZmgAwIBAgIQaB0BbHo84wIlpQGUKEdXcTAKBggqhkjOPQQDAzBLMR8w\nHQYDVQQDDBZBcHBsZSBXZWJBdXRobiBSb290IENBMRMwEQYDVQQKDApBcHBsZSBJ\nbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIwMDMxODE4MjEzMloXDTQ1MDMx\nNTAwMDAwMFowSzEfMB0GA1UEAwwWQXBwbGUgV2ViQXV0aG4gUm9vdCBDQTETMBEG\nA1UECgwKQXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTB2MBAGByqGSM49\nAgEGBSuBBAAiA2IABCJCQ2pTVhzjl4Wo6IhHtMSAzO2cv+H9DQKev3//fG59G11k\nxu9eI0/7o6V5uShBpe1u6l6mS19S1FEh6yGljnZAJ+2GNP1mi/YK2kSXIuTHjxA/\npcoRf7XkOtO4o1qlcaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUJtdk\n2cV4wlpn0afeaxLQG2PxxtcwDgYDVR0PAQH/BAQDAgEGMAoGCCqGSM49BAMDA2cA\nMGQCMFrZ+9DsJ1PW9hfNdBywZDsWDbWFp28it1d/5w2RPkRX3Bbn/UbDTNLx7Jr3\njAGGiQIwHFj+dJZYUJR786osByBelJYsVZd2GbHQu209b5RCmGQ21gpSAk9QZW4B\n1bWeT0vT\n-----END CERTIFICATE-----\n";
+//# sourceMappingURL=apple.d.ts.map

package/esm/services/defaultRootCerts/apple.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"apple.d.ts","sourceRoot":"","sources":["../../../src/services/defaultRootCerts/apple.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,eAAO,MAAM,sBAAsB,6xBAclC,CAAC"}

package/esm/services/defaultRootCerts/mds.d.ts

@@ -9,3 +9,4 @@
  * CB:B5:22:D7:B7:F1:27:AD:6A:01:13:86:5B:DF:1C:D4:10:2E:7D:07:59:AF:63:5A:7C:F4:72:0D:C9:63:C5:3B
  */
 export declare const GlobalSign_Root_CA_R3 = "-----BEGIN CERTIFICATE-----\n MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G\n A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp\n Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4\n MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG\n A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\n hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8\n RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT\n gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm\n KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd\n QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ\n XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw\n DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o\n LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU\n RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp\n jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK\n 6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX\n mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs\n Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH\n WD9f\n -----END CERTIFICATE-----\n ";
+//# sourceMappingURL=mds.d.ts.map

package/esm/services/defaultRootCerts/mds.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mds.d.ts","sourceRoot":"","sources":["../../../src/services/defaultRootCerts/mds.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,eAAO,MAAM,qBAAqB,4vCAqBhC,CAAC"}

package/esm/services/metadataService.d.ts

@@ -1,12 +1,20 @@
 import type { MetadataStatement } from '../metadata/mdsTypes.js';
 type VerificationMode = 'permissive' | 'strict';
+interface MetadataService {
+    initialize(opts?: {
+        mdsServers?: string[];
+        statements?: MetadataStatement[];
+        verificationMode?: VerificationMode;
+    }): Promise<void>;
+    getStatement(aaguid: string | Uint8Array): Promise<MetadataStatement | undefined>;
+}
 /**
- * A basic service for coordinating interactions with the FIDO Metadata Service. This includes BLOB
- * download and parsing, and on-demand requesting and caching of individual metadata statements.
+ * An implementation of `MetadataService` that can download and parse BLOBs, and support on-demand
+ * requesting and caching of individual metadata statements.
  *
  * https://fidoalliance.org/metadata/
  */
-export declare class BaseMetadataService {
+export declare class BaseMetadataService implements MetadataService {
     private mdsCache;
     private statementCache;
     private state;
@@ -49,5 +57,12 @@ export declare class BaseMetadataService {
      */
     private setState;
 }
-export declare const MetadataService: BaseMetadataService;
+/**
+ * A basic service for coordinating interactions with the FIDO Metadata Service. This includes BLOB
+ * download and parsing, and on-demand requesting and caching of individual metadata statements.
+ *
+ * https://fidoalliance.org/metadata/
+ */
+export declare const MetadataService: MetadataService;
 export {};
+//# sourceMappingURL=metadataService.d.ts.map

package/esm/services/metadataService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"metadataService.d.ts","sourceRoot":"","sources":["../../src/services/metadataService.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAIV,iBAAiB,EAClB,MAAM,yBAAyB,CAAC;AA+BjC,KAAK,gBAAgB,GAAG,YAAY,GAAG,QAAQ,CAAC;AAIhD,UAAU,eAAe;IACvB,UAAU,CAAC,IAAI,CAAC,EAAE;QAChB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;QACtB,UAAU,CAAC,EAAE,iBAAiB,EAAE,CAAC;QACjC,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;KACrC,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAClB,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,GAAG,OAAO,CAAC,iBAAiB,GAAG,SAAS,CAAC,CAAC;CACnF;AAED;;;;;GAKG;AACH,qBAAa,mBAAoB,YAAW,eAAe;IACzD,OAAO,CAAC,QAAQ,CAAoC;IACpD,OAAO,CAAC,cAAc,CAA6C;IACnE,OAAO,CAAC,KAAK,CAAyC;IACtD,OAAO,CAAC,gBAAgB,CAA8B;IAEtD;;;;;;;;;;;;OAYG;IACG,UAAU,CACd,IAAI,GAAE;QACJ,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;QACtB,UAAU,CAAC,EAAE,iBAAiB,EAAE,CAAC;QACjC,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;KAChC,GACL,OAAO,CAAC,IAAI,CAAC;IA+DhB;;;;;OAKG;IACG,YAAY,CAChB,MAAM,EAAE,MAAM,GAAG,UAAU,GAC1B,OAAO,CAAC,iBAAiB,GAAG,SAAS,CAAC;IA6DzC;;OAEG;YACW,YAAY;IAoE1B;;OAEG;IACH,OAAO,CAAC,eAAe;IAgCvB;;OAEG;IACH,OAAO,CAAC,QAAQ;CAWjB;AAED;;;;;GAKG;AACH,eAAO,MAAM,eAAe,EAAE,eAA2C,CAAC"}

package/esm/services/metadataService.js

@@ -16,8 +16,8 @@ var SERVICE_STATE;
 })(SERVICE_STATE || (SERVICE_STATE = {}));
 const log = getLogger('MetadataService');
 /**
- * A basic service for coordinating interactions with the FIDO Metadata Service. This includes BLOB
- * download and parsing, and on-demand requesting and caching of individual metadata statements.
+ * An implementation of `MetadataService` that can download and parse BLOBs, and support on-demand
+ * requesting and caching of individual metadata statements.
  *
  * https://fidoalliance.org/metadata/
  */
@@ -269,5 +269,10 @@ export class BaseMetadataService {
         }
     }
 }
-// Export a service singleton
+/**
+ * A basic service for coordinating interactions with the FIDO Metadata Service. This includes BLOB
+ * download and parsing, and on-demand requesting and caching of individual metadata statements.
+ *
+ * https://fidoalliance.org/metadata/
+ */
 export const MetadataService = new BaseMetadataService();

package/esm/services/settingsService.d.ts

@@ -1,25 +1,28 @@
 import { AttestationFormat } from '../helpers/decodeAttestationObject.js';
 type RootCertIdentifier = AttestationFormat | 'mds';
-declare class BaseSettingsService {
-    private pemCertificates;
-    constructor();
-    /**
-     * Set potential root certificates for attestation formats that use them. Root certs will be tried
-     * one-by-one when validating a certificate path.
-     *
-     * Certificates can be specified as a raw `Buffer`, or as a PEM-formatted string. If a
-     * `Buffer` is passed in it will be converted to PEM format.
-     */
+interface SettingsService {
     setRootCertificates(opts: {
         identifier: RootCertIdentifier;
         certificates: (Uint8Array | string)[];
     }): void;
-    /**
-     * Get any registered root certificates for the specified attestation format
-     */
     getRootCertificates(opts: {
         identifier: RootCertIdentifier;
     }): string[];
 }
-export declare const SettingsService: BaseSettingsService;
+/**
+ * A basic service for specifying acceptable root certificates for all supported attestation
+ * statement formats.
+ *
+ * In addition, default root certificates are included for the following statement formats:
+ *
+ * - `'android-key'`
+ * - `'android-safetynet'`
+ * - `'apple'`
+ * - `'android-mds'`
+ *
+ * These can be overwritten as needed by setting alternative root certificates for their format
+ * identifier using `setRootCertificates()`.
+ */
+export declare const SettingsService: SettingsService;
 export {};
+//# sourceMappingURL=settingsService.d.ts.map

package/esm/services/settingsService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"settingsService.d.ts","sourceRoot":"","sources":["../../src/services/settingsService.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,uCAAuC,CAAC;AAW1E,KAAK,kBAAkB,GAAG,iBAAiB,GAAG,KAAK,CAAC;AAEpD,UAAU,eAAe;IACvB,mBAAmB,CAAC,IAAI,EAAE;QACxB,UAAU,EAAE,kBAAkB,CAAC;QAC/B,YAAY,EAAE,CAAC,UAAU,GAAG,MAAM,CAAC,EAAE,CAAC;KACvC,GAAG,IAAI,CAAC;IACT,mBAAmB,CAAC,IAAI,EAAE;QAAE,UAAU,EAAE,kBAAkB,CAAA;KAAE,GAAG,MAAM,EAAE,CAAC;CACzE;AA4CD;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,eAAe,EAAE,eAA2C,CAAC"}

package/esm/services/settingsService.js

@@ -42,6 +42,20 @@ class BaseSettingsService {
         return this.pemCertificates.get(identifier) ?? [];
     }
 }
+/**
+ * A basic service for specifying acceptable root certificates for all supported attestation
+ * statement formats.
+ *
+ * In addition, default root certificates are included for the following statement formats:
+ *
+ * - `'android-key'`
+ * - `'android-safetynet'`
+ * - `'apple'`
+ * - `'android-mds'`
+ *
+ * These can be overwritten as needed by setting alternative root certificates for their format
+ * identifier using `setRootCertificates()`.
+ */
 export const SettingsService = new BaseSettingsService();
 // Initialize default certificates
 SettingsService.setRootCertificates({

package/package.json

@@ -1,33 +1,43 @@
 {
-  "module": "./esm/index.js",
-  "main": "./script/index.js",
   "name": "@simplewebauthn/server",
-  "version": "10.0.1",
+  "version": "11.0.0-alpha3",
   "description": "SimpleWebAuthn for Servers",
-  "license": "MIT",
+  "keywords": [
+    "typescript",
+    "webauthn",
+    "passkeys",
+    "fido",
+    "node"
+  ],
   "author": "Matthew Miller <matthew@millerti.me>",
+  "homepage": "https://github.com/MasterKale/SimpleWebAuthn/tree/master/packages/server#readme",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/MasterKale/SimpleWebAuthn.git",
     "directory": "packages/server"
   },
-  "homepage": "https://github.com/MasterKale/SimpleWebAuthn/tree/master/packages/server#readme",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/MasterKale/SimpleWebAuthn/issues"
+  },
+  "main": "./script/index.js",
+  "module": "./esm/index.js",
+  "exports": {
+    ".": {
+      "import": "./esm/index.js",
+      "require": "./script/index.js"
+    },
+    "./helpers": {
+      "import": "./esm/helpers/index.js",
+      "require": "./script/helpers/index.js"
+    }
+  },
   "publishConfig": {
     "access": "public"
   },
   "engines": {
     "node": ">=20.0.0"
   },
-  "bugs": {
-    "url": "https://github.com/MasterKale/SimpleWebAuthn/issues"
-  },
-  "keywords": [
-    "typescript",
-    "webauthn",
-    "passkeys",
-    "fido",
-    "node"
-  ],
   "typesVersions": {
     "*": {
       ".": [
@@ -38,16 +48,6 @@
       ]
     }
   },
-  "exports": {
-    ".": {
-      "import": "./esm/index.js",
-      "require": "./script/index.js"
-    },
-    "./helpers": {
-      "import": "./esm/helpers/index.js",
-      "require": "./script/helpers/index.js"
-    }
-  },
   "dependencies": {
     "@hexagon/base64": "^1.1.27",
     "@levischuck/tiny-cbor": "^0.2.2",
@@ -56,15 +56,11 @@
     "@peculiar/asn1-rsa": "^2.3.8",
     "@peculiar/asn1-schema": "^2.3.8",
     "@peculiar/asn1-x509": "^2.3.8",
-    "@simplewebauthn/types": "^10.0.0",
-    "cross-fetch": "^4.0.0"
+    "cross-fetch": "^4.0.0",
+    "@simplewebauthn/types": "^11.0.0-alpha3"
   },
   "devDependencies": {
-    "@types/node": "^18.11.9",
-    "picocolors": "^1.0.0",
-    "@deno/shim-deno-test": "~0.4.0"
+    "@types/node": "^20.9.0"
   },
-  "scripts": {
-    "test": "node test_runner.js"
-  }
+  "_generatedBy": "dnt@dev"
 }

package/script/authentication/generateAuthenticationOptions.d.ts

@@ -1,4 +1,4 @@
-import type { AuthenticationExtensionsClientInputs, AuthenticatorTransportFuture, Base64URLString, PublicKeyCredentialRequestOptionsJSON, UserVerificationRequirement } from '../deps.js';
+import type { AuthenticationExtensionsClientInputs, AuthenticatorTransportFuture, Base64URLString, PublicKeyCredentialRequestOptionsJSON, UserVerificationRequirement } from '@simplewebauthn/types';
 export type GenerateAuthenticationOptionsOpts = {
     rpID: string;
     allowCredentials?: {
@@ -23,3 +23,4 @@ export type GenerateAuthenticationOptionsOpts = {
  * @param extensions **(Optional)** - Additional plugins the authenticator or browser should use during authentication
  */
 export declare function generateAuthenticationOptions(options: GenerateAuthenticationOptionsOpts): Promise<PublicKeyCredentialRequestOptionsJSON>;
+//# sourceMappingURL=generateAuthenticationOptions.d.ts.map

package/script/authentication/generateAuthenticationOptions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"generateAuthenticationOptions.d.ts","sourceRoot":"","sources":["../../src/authentication/generateAuthenticationOptions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,oCAAoC,EACpC,4BAA4B,EAC5B,eAAe,EACf,qCAAqC,EACrC,2BAA2B,EAC5B,MAAM,uBAAuB,CAAC;AAK/B,MAAM,MAAM,iCAAiC,GAAG;IAC9C,IAAI,EAAE,MAAM,CAAC;IACb,gBAAgB,CAAC,EAAE;QACjB,EAAE,EAAE,eAAe,CAAC;QACpB,UAAU,CAAC,EAAE,4BAA4B,EAAE,CAAC;KAC7C,EAAE,CAAC;IACJ,SAAS,CAAC,EAAE,MAAM,GAAG,UAAU,CAAC;IAChC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,gBAAgB,CAAC,EAAE,2BAA2B,CAAC;IAC/C,UAAU,CAAC,EAAE,oCAAoC,CAAC;CACnD,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,wBAAsB,6BAA6B,CACjD,OAAO,EAAE,iCAAiC,GACzC,OAAO,CAAC,qCAAqC,CAAC,CAoChD"}

package/script/authentication/generateAuthenticationOptions.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.generateAuthenticationOptions = void 0;
+exports.generateAuthenticationOptions = generateAuthenticationOptions;
 const index_js_1 = require("../helpers/iso/index.js");
 const generateChallenge_js_1 = require("../helpers/generateChallenge.js");
 /**
@@ -42,4 +42,3 @@ async function generateAuthenticationOptions(options) {
         extensions,
     };
 }
-exports.generateAuthenticationOptions = generateAuthenticationOptions;

package/script/authentication/verifyAuthenticationResponse.d.ts

@@ -1,11 +1,11 @@
-import type { AuthenticationResponseJSON, AuthenticatorDevice, Base64URLString, CredentialDeviceType, UserVerificationRequirement } from '../deps.js';
+import type { AuthenticationResponseJSON, Base64URLString, CredentialDeviceType, UserVerificationRequirement, WebAuthnCredential } from '@simplewebauthn/types';
 import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions.js';
 export type VerifyAuthenticationResponseOpts = {
     response: AuthenticationResponseJSON;
     expectedChallenge: string | ((challenge: string) => boolean | Promise<boolean>);
     expectedOrigin: string | string[];
     expectedRPID: string | string[];
-    authenticator: AuthenticatorDevice;
+    credential: WebAuthnCredential;
     expectedType?: string | string[];
     requireUserVerification?: boolean;
     advancedFIDOConfig?: {
@@ -21,7 +21,7 @@ export type VerifyAuthenticationResponseOpts = {
  * @param expectedChallenge - The base64url-encoded `options.challenge` returned by `generateAuthenticationOptions()`
  * @param expectedOrigin - Website URL (or array of URLs) that the registration should have occurred on
  * @param expectedRPID - RP ID (or array of IDs) that was specified in the registration options
- * @param authenticator - An internal {@link AuthenticatorDevice} matching the credential's ID
+ * @param credential - An internal {@link WebAuthnCredential} corresponding to `id` in the authentication response
  * @param expectedType **(Optional)** - The response type expected ('webauthn.get')
  * @param requireUserVerification **(Optional)** - Enforce user verification by the authenticator (via PIN, fingerprint, etc...) Defaults to `true`
  * @param advancedFIDOConfig **(Optional)** - Options for satisfying more stringent FIDO RP feature requirements
@@ -61,3 +61,4 @@ export type VerifiedAuthenticationResponse = {
         authenticatorExtensionResults?: AuthenticationExtensionsAuthenticatorOutputs;
     };
 };
+//# sourceMappingURL=verifyAuthenticationResponse.d.ts.map

package/script/authentication/verifyAuthenticationResponse.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verifyAuthenticationResponse.d.ts","sourceRoot":"","sources":["../../src/authentication/verifyAuthenticationResponse.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,0BAA0B,EAC1B,eAAe,EACf,oBAAoB,EACpB,2BAA2B,EAC3B,kBAAkB,EACnB,MAAM,uBAAuB,CAAC;AAO/B,OAAO,EAAE,4CAA4C,EAAE,MAAM,6CAA6C,CAAC;AAI3G,MAAM,MAAM,gCAAgC,GAAG;IAC7C,QAAQ,EAAE,0BAA0B,CAAC;IACrC,iBAAiB,EAAE,MAAM,GAAG,CAAC,CAAC,SAAS,EAAE,MAAM,KAAK,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IAChF,cAAc,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAClC,YAAY,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAChC,UAAU,EAAE,kBAAkB,CAAC;IAC/B,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACjC,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,kBAAkB,CAAC,EAAE;QACnB,gBAAgB,CAAC,EAAE,2BAA2B,CAAC;KAChD,CAAC;CACH,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,4BAA4B,CAChD,OAAO,EAAE,gCAAgC,GACxC,OAAO,CAAC,8BAA8B,CAAC,CAmNzC;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,MAAM,8BAA8B,GAAG;IAC3C,QAAQ,EAAE,OAAO,CAAC;IAClB,kBAAkB,EAAE;QAClB,YAAY,EAAE,eAAe,CAAC;QAC9B,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,EAAE,OAAO,CAAC;QACtB,oBAAoB,EAAE,oBAAoB,CAAC;QAC3C,kBAAkB,EAAE,OAAO,CAAC;QAC5B,MAAM,EAAE,MAAM,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,6BAA6B,CAAC,EAAE,4CAA4C,CAAC;KAC9E,CAAC;CACH,CAAC"}

package/script/authentication/verifyAuthenticationResponse.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.verifyAuthenticationResponse = void 0;
+exports.verifyAuthenticationResponse = verifyAuthenticationResponse;
 const decodeClientDataJSON_js_1 = require("../helpers/decodeClientDataJSON.js");
 const toHash_js_1 = require("../helpers/toHash.js");
 const verifySignature_js_1 = require("../helpers/verifySignature.js");
@@ -17,14 +17,14 @@ const index_js_1 = require("../helpers/iso/index.js");
  * @param expectedChallenge - The base64url-encoded `options.challenge` returned by `generateAuthenticationOptions()`
  * @param expectedOrigin - Website URL (or array of URLs) that the registration should have occurred on
  * @param expectedRPID - RP ID (or array of IDs) that was specified in the registration options
- * @param authenticator - An internal {@link AuthenticatorDevice} matching the credential's ID
+ * @param credential - An internal {@link WebAuthnCredential} corresponding to `id` in the authentication response
  * @param expectedType **(Optional)** - The response type expected ('webauthn.get')
  * @param requireUserVerification **(Optional)** - Enforce user verification by the authenticator (via PIN, fingerprint, etc...) Defaults to `true`
  * @param advancedFIDOConfig **(Optional)** - Options for satisfying more stringent FIDO RP feature requirements
  * @param advancedFIDOConfig.userVerification **(Optional)** - Enable alternative rules for evaluating the User Presence and User Verified flags in authenticator data: UV (and UP) flags are optional unless this value is `"required"`
  */
 async function verifyAuthenticationResponse(options) {
-    const { response, expectedChallenge, expectedOrigin, expectedRPID, expectedType, authenticator, requireUserVerification = true, advancedFIDOConfig, } = options;
+    const { response, expectedChallenge, expectedOrigin, expectedRPID, expectedType, credential, requireUserVerification = true, advancedFIDOConfig, } = options;
     const { id, rawId, type: credentialType, response: assertionResponse } = response;
     // Ensure credential specified an ID
     if (!id) {
@@ -144,24 +144,24 @@ async function verifyAuthenticationResponse(options) {
     const clientDataHash = await (0, toHash_js_1.toHash)(index_js_1.isoBase64URL.toBuffer(assertionResponse.clientDataJSON));
     const signatureBase = index_js_1.isoUint8Array.concat([authDataBuffer, clientDataHash]);
     const signature = index_js_1.isoBase64URL.toBuffer(assertionResponse.signature);
-    if ((counter > 0 || authenticator.counter > 0) &&
-        counter <= authenticator.counter) {
+    if ((counter > 0 || credential.counter > 0) &&
+        counter <= credential.counter) {
         // Error out when the counter in the DB is greater than or equal to the counter in the
         // dataStruct. It's related to how the authenticator maintains the number of times its been
         // used for this client. If this happens, then someone's somehow increased the counter
         // on the device without going through this site
-        throw new Error(`Response counter value ${counter} was lower than expected ${authenticator.counter}`);
+        throw new Error(`Response counter value ${counter} was lower than expected ${credential.counter}`);
     }
     const { credentialDeviceType, credentialBackedUp } = (0, parseBackupFlags_js_1.parseBackupFlags)(flags);
     const toReturn = {
         verified: await (0, verifySignature_js_1.verifySignature)({
             signature,
             data: signatureBase,
-            credentialPublicKey: authenticator.credentialPublicKey,
+            credentialPublicKey: credential.publicKey,
         }),
         authenticationInfo: {
             newCounter: counter,
-            credentialID: authenticator.credentialID,
+            credentialID: credential.id,
             userVerified: flags.uv,
             credentialDeviceType,
             credentialBackedUp,
@@ -172,4 +172,3 @@ async function verifyAuthenticationResponse(options) {
     };
     return toReturn;
 }
-exports.verifyAuthenticationResponse = verifyAuthenticationResponse;

package/script/helpers/convertAAGUIDToString.d.ts

@@ -2,3 +2,4 @@
  * Convert the aaguid buffer in authData into a UUID string
  */
 export declare function convertAAGUIDToString(aaguid: Uint8Array): string;
+//# sourceMappingURL=convertAAGUIDToString.d.ts.map

package/script/helpers/convertAAGUIDToString.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"convertAAGUIDToString.d.ts","sourceRoot":"","sources":["../../src/helpers/convertAAGUIDToString.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAchE"}

package/script/helpers/convertAAGUIDToString.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.convertAAGUIDToString = void 0;
+exports.convertAAGUIDToString = convertAAGUIDToString;
 const index_js_1 = require("./iso/index.js");
 /**
  * Convert the aaguid buffer in authData into a UUID string
@@ -9,13 +9,12 @@ function convertAAGUIDToString(aaguid) {
     // Raw Hex: adce000235bcc60a648b0b25f1f05503
     const hex = index_js_1.isoUint8Array.toHex(aaguid);
     const segments = [
-        hex.slice(0, 8),
-        hex.slice(8, 12),
-        hex.slice(12, 16),
-        hex.slice(16, 20),
+        hex.slice(0, 8), // 8
+        hex.slice(8, 12), // 4
+        hex.slice(12, 16), // 4
+        hex.slice(16, 20), // 4
         hex.slice(20, 32), // 8
     ];
     // Formatted: adce0002-35bc-c60a-648b-0b25f1f05503
     return segments.join('-');
 }
-exports.convertAAGUIDToString = convertAAGUIDToString;

package/script/helpers/convertCOSEtoPKCS.d.ts

@@ -2,3 +2,4 @@
  * Takes COSE-encoded public key and converts it to PKCS key
  */
 export declare function convertCOSEtoPKCS(cosePublicKey: Uint8Array): Uint8Array;
+//# sourceMappingURL=convertCOSEtoPKCS.d.ts.map

package/script/helpers/convertCOSEtoPKCS.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"convertCOSEtoPKCS.d.ts","sourceRoot":"","sources":["../../src/helpers/convertCOSEtoPKCS.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,aAAa,EAAE,UAAU,GAAG,UAAU,CAmBvE"}

package/script/helpers/convertCOSEtoPKCS.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.convertCOSEtoPKCS = void 0;
+exports.convertCOSEtoPKCS = convertCOSEtoPKCS;
 const index_js_1 = require("./iso/index.js");
 const cose_js_1 = require("./cose.js");
 /**
@@ -22,4 +22,3 @@ function convertCOSEtoPKCS(cosePublicKey) {
     }
     return index_js_1.isoUint8Array.concat([tag, x]);
 }
-exports.convertCOSEtoPKCS = convertCOSEtoPKCS;

package/script/helpers/convertCertBufferToPEM.d.ts

@@ -1,5 +1,6 @@
-import type { Base64URLString } from '../deps.js';
+import type { Base64URLString } from '@simplewebauthn/types';
 /**
  * Convert buffer to an OpenSSL-compatible PEM text format.
  */
 export declare function convertCertBufferToPEM(certBuffer: Uint8Array | Base64URLString): string;
+//# sourceMappingURL=convertCertBufferToPEM.d.ts.map

package/script/helpers/convertCertBufferToPEM.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"convertCertBufferToPEM.d.ts","sourceRoot":"","sources":["../../src/helpers/convertCertBufferToPEM.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAI7D;;GAEG;AACH,wBAAgB,sBAAsB,CACpC,UAAU,EAAE,UAAU,GAAG,eAAe,GACvC,MAAM,CA4BR"}

package/script/helpers/convertCertBufferToPEM.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.convertCertBufferToPEM = void 0;
+exports.convertCertBufferToPEM = convertCertBufferToPEM;
 const index_js_1 = require("./iso/index.js");
 /**
  * Convert buffer to an OpenSSL-compatible PEM text format.
@@ -32,4 +32,3 @@ function convertCertBufferToPEM(certBuffer) {
     PEMKey = `-----BEGIN CERTIFICATE-----\n${PEMKey}-----END CERTIFICATE-----\n`;
     return PEMKey;
 }
-exports.convertCertBufferToPEM = convertCertBufferToPEM;

package/script/helpers/convertPEMToBytes.d.ts

@@ -2,3 +2,4 @@
  * Take a certificate in PEM format and convert it to bytes
  */
 export declare function convertPEMToBytes(pem: string): Uint8Array;
+//# sourceMappingURL=convertPEMToBytes.d.ts.map

package/script/helpers/convertPEMToBytes.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"convertPEMToBytes.d.ts","sourceRoot":"","sources":["../../src/helpers/convertPEMToBytes.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAOzD"}

package/script/helpers/convertPEMToBytes.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.convertPEMToBytes = void 0;
+exports.convertPEMToBytes = convertPEMToBytes;
 const index_js_1 = require("./iso/index.js");
 /**
  * Take a certificate in PEM format and convert it to bytes
@@ -12,4 +12,3 @@ function convertPEMToBytes(pem) {
         .replace(/[\n ]/g, '');
     return index_js_1.isoBase64URL.toBuffer(certBase64, 'base64');
 }
-exports.convertPEMToBytes = convertPEMToBytes;

package/script/helpers/convertX509PublicKeyToCOSE.d.ts

@@ -1,2 +1,3 @@
 import { COSEPublicKey } from './cose.js';
 export declare function convertX509PublicKeyToCOSE(x509Certificate: Uint8Array): COSEPublicKey;
+//# sourceMappingURL=convertX509PublicKeyToCOSE.d.ts.map

package/script/helpers/convertX509PublicKeyToCOSE.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"convertX509PublicKeyToCOSE.d.ts","sourceRoot":"","sources":["../../src/helpers/convertX509PublicKeyToCOSE.ts"],"names":[],"mappings":"AAGA,OAAO,EAIL,aAAa,EAGd,MAAM,WAAW,CAAC;AAKnB,wBAAgB,0BAA0B,CACxC,eAAe,EAAE,UAAU,GAC1B,aAAa,CA+Ff"}

package/script/helpers/convertX509PublicKeyToCOSE.js

@@ -1,33 +1,36 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.convertX509PublicKeyToCOSE = void 0;
-const deps_js_1 = require("../deps.js");
+exports.convertX509PublicKeyToCOSE = convertX509PublicKeyToCOSE;
+const asn1_schema_1 = require("@peculiar/asn1-schema");
+const asn1_x509_1 = require("@peculiar/asn1-x509");
+const asn1_ecc_1 = require("@peculiar/asn1-ecc");
 const cose_js_1 = require("./cose.js");
+const asn1_rsa_1 = require("@peculiar/asn1-rsa");
 const mapX509SignatureAlgToCOSEAlg_js_1 = require("./mapX509SignatureAlgToCOSEAlg.js");
 function convertX509PublicKeyToCOSE(x509Certificate) {
     let cosePublicKey = new Map();
     /**
      * Time to extract the public key from an X.509 certificate
      */
-    const x509 = deps_js_1.AsnParser.parse(x509Certificate, deps_js_1.Certificate);
+    const x509 = asn1_schema_1.AsnParser.parse(x509Certificate, asn1_x509_1.Certificate);
     const { tbsCertificate } = x509;
     const { subjectPublicKeyInfo, signature: _tbsSignature } = tbsCertificate;
     const signatureAlgorithm = _tbsSignature.algorithm;
     const publicKeyAlgorithmID = subjectPublicKeyInfo.algorithm.algorithm;
-    if (publicKeyAlgorithmID === deps_js_1.id_ecPublicKey) {
+    if (publicKeyAlgorithmID === asn1_ecc_1.id_ecPublicKey) {
         /**
          * EC2 Public Key
          */
         if (!subjectPublicKeyInfo.algorithm.parameters) {
             throw new Error('Certificate public key was missing parameters (EC2)');
         }
-        const ecParameters = deps_js_1.AsnParser.parse(new Uint8Array(subjectPublicKeyInfo.algorithm.parameters), deps_js_1.ECParameters);
+        const ecParameters = asn1_schema_1.AsnParser.parse(new Uint8Array(subjectPublicKeyInfo.algorithm.parameters), asn1_ecc_1.ECParameters);
         let crv = -999;
         const { namedCurve } = ecParameters;
-        if (namedCurve === deps_js_1.id_secp256r1) {
+        if (namedCurve === asn1_ecc_1.id_secp256r1) {
             crv = cose_js_1.COSECRV.P256;
         }
-        else if (namedCurve === deps_js_1.id_secp384r1) {
+        else if (namedCurve === asn1_ecc_1.id_secp384r1) {
             crv = cose_js_1.COSECRV.P384;
         }
         else {
@@ -58,7 +61,7 @@ function convertX509PublicKeyToCOSE(x509Certificate) {
         /**
          * RSA public key
          */
-        const rsaPublicKey = deps_js_1.AsnParser.parse(subjectPublicKeyInfo.subjectPublicKey, deps_js_1.RSAPublicKey);
+        const rsaPublicKey = asn1_schema_1.AsnParser.parse(subjectPublicKeyInfo.subjectPublicKey, asn1_rsa_1.RSAPublicKey);
         const coseRSAPubKey = new Map();
         coseRSAPubKey.set(cose_js_1.COSEKEYS.kty, cose_js_1.COSEKTY.RSA);
         coseRSAPubKey.set(cose_js_1.COSEKEYS.alg, (0, mapX509SignatureAlgToCOSEAlg_js_1.mapX509SignatureAlgToCOSEAlg)(signatureAlgorithm));
@@ -71,4 +74,3 @@ function convertX509PublicKeyToCOSE(x509Certificate) {
     }
     return cosePublicKey;
 }
-exports.convertX509PublicKeyToCOSE = convertX509PublicKeyToCOSE;

package/script/helpers/cose.d.ts

@@ -96,3 +96,4 @@ export declare enum COSEALG {
     RS1 = -65535
 }
 export declare function isCOSEAlg(alg: number | undefined): alg is COSEALG;
+//# sourceMappingURL=cose.d.ts.map

package/script/helpers/cose.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cose.d.ts","sourceRoot":"","sources":["../../src/helpers/cose.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,MAAM,MAAM,aAAa,GAAG;IAE1B,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,GAAG,OAAO,GAAG,SAAS,CAAC;IAC5C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,GAAG,OAAO,GAAG,SAAS,CAAC;IAE5C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,OAAO,GAAG,IAAI,CAAC;IAC7C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,OAAO,GAAG,IAAI,CAAC;CAC9C,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG,aAAa,GAAG;IAE7C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,GAAG,MAAM,GAAG,SAAS,CAAC;IAC3C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,GAAG,UAAU,GAAG,SAAS,CAAC;IAE7C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,EAAE,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;CAC/C,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG,aAAa,GAAG;IAE7C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,GAAG,MAAM,GAAG,SAAS,CAAC;IAC3C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,GAAG,UAAU,GAAG,SAAS,CAAC;IAC7C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,GAAG,UAAU,GAAG,SAAS,CAAC;IAE7C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,EAAE,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;IAC9C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,EAAE,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;CAC/C,CAAC;AAEF,MAAM,MAAM,gBAAgB,GAAG,aAAa,GAAG;IAE7C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,GAAG,UAAU,GAAG,SAAS,CAAC;IAC7C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,GAAG,UAAU,GAAG,SAAS,CAAC;IAE7C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,EAAE,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;IAC9C,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,EAAE,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;CAC/C,CAAC;AAEF,wBAAgB,kBAAkB,CAChC,aAAa,EAAE,aAAa,GAC3B,aAAa,IAAI,gBAAgB,CAGnC;AAED,wBAAgB,kBAAkB,CAChC,aAAa,EAAE,aAAa,GAC3B,aAAa,IAAI,gBAAgB,CAGnC;AAED,wBAAgB,kBAAkB,CAChC,aAAa,EAAE,aAAa,GAC3B,aAAa,IAAI,gBAAgB,CAGnC;AAED;;;;;GAKG;AACH,oBAAY,QAAQ;IAClB,GAAG,IAAI;IACP,GAAG,IAAI;IACP,GAAG,KAAK;IACR,CAAC,KAAK;IACN,CAAC,KAAK;IACN,CAAC,KAAK;IACN,CAAC,KAAK;CACP;AAED;;;;GAIG;AACH,oBAAY,OAAO;IACjB,GAAG,IAAI;IACP,GAAG,IAAI;IACP,GAAG,IAAI;CACR;AAED,wBAAgB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,SAAS,GAAG,GAAG,IAAI,OAAO,CAEjE;AAED;;;;GAIG;AACH,oBAAY,OAAO;IACjB,IAAI,IAAI;IACR,IAAI,IAAI;IACR,IAAI,IAAI;IACR,OAAO,IAAI;IACX,SAAS,IAAI;CACd;AAED,wBAAgB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,SAAS,GAAG,GAAG,IAAI,OAAO,CAEjE;AAED;;;;GAIG;AACH,oBAAY,OAAO;IACjB,KAAK,KAAK;IACV,KAAK,KAAK;IACV,KAAK,MAAM;IACX,KAAK,MAAM;IACX,KAAK,MAAM;IACX,KAAK,MAAM;IACX,KAAK,MAAM;IACX,MAAM,MAAM;IACZ,KAAK,OAAO;IACZ,KAAK,OAAO;IACZ,KAAK,OAAO;IACZ,GAAG,SAAS;CACb;AAED,wBAAgB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,SAAS,GAAG,GAAG,IAAI,OAAO,CAEjE"}