@smg-automotive/auth 6.8.0-auth0-update-middleware-token-refresh-always.1 → 6.8.0-auth0-update-root.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/api/baseUrl.js +10 -0
- package/dist/cjs/api/baseUrl.js.map +1 -0
- package/dist/cjs/api/seller/client.js +14 -0
- package/dist/cjs/api/seller/client.js.map +1 -0
- package/dist/cjs/api/seller/getSeller.js +21 -0
- package/dist/cjs/api/seller/getSeller.js.map +1 -0
- package/dist/cjs/lib/enrichUser/auth0.d.ts +6 -0
- package/dist/cjs/lib/enrichUser/auth0.js +39 -0
- package/dist/cjs/lib/enrichUser/auth0.js.map +1 -0
- package/dist/cjs/server/getAuth0Instance.js +4 -0
- package/dist/cjs/server/getAuth0Instance.js.map +1 -1
- package/dist/cjs/server/hooks/beforeSessionSavedFactory.d.ts +3 -0
- package/dist/cjs/server/hooks/beforeSessionSavedFactory.js +22 -0
- package/dist/cjs/server/hooks/beforeSessionSavedFactory.js.map +1 -0
- package/dist/cjs/server/hooks/onCallbackFactory.d.ts +8 -0
- package/dist/cjs/server/hooks/onCallbackFactory.js +42 -0
- package/dist/cjs/server/hooks/onCallbackFactory.js.map +1 -0
- package/dist/esm/api/baseUrl.js +8 -0
- package/dist/esm/api/baseUrl.js.map +1 -0
- package/dist/esm/api/seller/client.js +12 -0
- package/dist/esm/api/seller/client.js.map +1 -0
- package/dist/esm/api/seller/getSeller.js +19 -0
- package/dist/esm/api/seller/getSeller.js.map +1 -0
- package/dist/esm/lib/enrichUser/auth0.d.ts +6 -0
- package/dist/esm/lib/enrichUser/auth0.js +37 -0
- package/dist/esm/lib/enrichUser/auth0.js.map +1 -0
- package/dist/esm/server/getAuth0Instance.js +4 -0
- package/dist/esm/server/getAuth0Instance.js.map +1 -1
- package/dist/esm/server/hooks/beforeSessionSavedFactory.d.ts +3 -0
- package/dist/esm/server/hooks/beforeSessionSavedFactory.js +20 -0
- package/dist/esm/server/hooks/beforeSessionSavedFactory.js.map +1 -0
- package/dist/esm/server/hooks/onCallbackFactory.d.ts +8 -0
- package/dist/esm/server/hooks/onCallbackFactory.js +40 -0
- package/dist/esm/server/hooks/onCallbackFactory.js.map +1 -0
- package/package.json +1 -1
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"baseUrl.js","sources":["../../../../src/api/baseUrl.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA,MAAM,SAAS,GAAG;AAChB,IAAA,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ;AAC7B,IAAA,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW;CAC3B;AAEH,MAAM,OAAO,GAAG,CAAA,QAAA,EAAW,SAAS,CAAC,OAAO,CAAA,CAAA,EAAI,SAAS,CAAC,UAAU;;;;"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var apiClientPkg = require('@smg-automotive/api-client-pkg');
|
|
4
|
+
var baseUrl = require('../baseUrl.js');
|
|
5
|
+
|
|
6
|
+
const sellerClient = apiClientPkg.ApiClient({
|
|
7
|
+
baseUrl: baseUrl.baseUrl,
|
|
8
|
+
headers: {
|
|
9
|
+
'Content-Type': 'application/json',
|
|
10
|
+
},
|
|
11
|
+
});
|
|
12
|
+
|
|
13
|
+
exports.sellerClient = sellerClient;
|
|
14
|
+
//# sourceMappingURL=client.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"client.js","sources":["../../../../../src/api/seller/client.ts"],"sourcesContent":[null],"names":["ApiClient","baseUrl"],"mappings":";;;;;AAeO,MAAM,YAAY,GAErBA,sBAAS,CAA4B;aACvCC,eAAO;AACP,IAAA,OAAO,EAAE;AACP,QAAA,cAAc,EAAE,kBAAkB;AACnC,KAAA;AACF,CAAA;;;;"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var client = require('./client.js');
|
|
4
|
+
|
|
5
|
+
const getSeller = async ({ sellerId }) => {
|
|
6
|
+
const response = await client.sellerClient
|
|
7
|
+
.path('sellers/{sellerId}', {
|
|
8
|
+
sellerId,
|
|
9
|
+
})
|
|
10
|
+
.get();
|
|
11
|
+
if (response.ok) {
|
|
12
|
+
return response.body;
|
|
13
|
+
}
|
|
14
|
+
if (response.status === 404) {
|
|
15
|
+
return null;
|
|
16
|
+
}
|
|
17
|
+
throw new Error(response.statusText);
|
|
18
|
+
};
|
|
19
|
+
|
|
20
|
+
exports.getSeller = getSeller;
|
|
21
|
+
//# sourceMappingURL=getSeller.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"getSeller.js","sources":["../../../../../src/api/seller/getSeller.ts"],"sourcesContent":[null],"names":["sellerClient"],"mappings":";;;;AAEO,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,EAAwB,KAAI;IACpE,MAAM,QAAQ,GAAG,MAAMA;SACpB,IAAI,CAAC,oBAAoB,EAAE;QAC1B,QAAQ;KACT;AACA,SAAA,GAAG,EAAE;AAER,IAAA,IAAI,QAAQ,CAAC,EAAE,EAAE;QACf,OAAO,QAAQ,CAAC,IAAI;IACtB;AAEA,IAAA,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;AAC3B,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;AACtC;;;;"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { Auth0User, type IncompleteSessionUser, type SessionUser } from 'src/types';
|
|
2
|
+
export declare const enrichUser: ({ auth0User, accessToken, userHasSelectedSeller, }: {
|
|
3
|
+
auth0User: Auth0User;
|
|
4
|
+
accessToken: string | null;
|
|
5
|
+
userHasSelectedSeller: boolean;
|
|
6
|
+
}) => Promise<SessionUser | IncompleteSessionUser>;
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var jose = require('jose');
|
|
4
|
+
var user = require('../../types/auth0/user.js');
|
|
5
|
+
var getSeller = require('../../api/seller/getSeller.js');
|
|
6
|
+
require('../../api/seller/client.js');
|
|
7
|
+
|
|
8
|
+
const enrichUser = async ({ auth0User, accessToken, userHasSelectedSeller = false, }) => {
|
|
9
|
+
if (!accessToken) {
|
|
10
|
+
throw new Error('Please provide an access token to enrich the user');
|
|
11
|
+
}
|
|
12
|
+
const decodedToken = jose.decodeJwt(accessToken);
|
|
13
|
+
const isMultiTenantUser = !!decodedToken.isMultiTenantUser;
|
|
14
|
+
const forceTenantSelection = isMultiTenantUser && !userHasSelectedSeller;
|
|
15
|
+
const sellerId = parseInt(decodedToken.sellerIds[0], 10);
|
|
16
|
+
const commonUser = {
|
|
17
|
+
...auth0User,
|
|
18
|
+
isImpersonated: !!decodedToken.isImpersonated,
|
|
19
|
+
userId: decodedToken.user_id.toString(),
|
|
20
|
+
forceTenantSelection,
|
|
21
|
+
isMultiTenantUser,
|
|
22
|
+
};
|
|
23
|
+
const seller = await getSeller.getSeller({
|
|
24
|
+
sellerId: Number(sellerId),
|
|
25
|
+
});
|
|
26
|
+
if (!seller) {
|
|
27
|
+
// eslint-disable-next-line no-console
|
|
28
|
+
console.warn(`[Auth-package] Could not load seller for sellerId ${sellerId}`);
|
|
29
|
+
}
|
|
30
|
+
const enrichedUser = {
|
|
31
|
+
...commonUser,
|
|
32
|
+
userType: seller?.type ?? user.Auth0UserType.Private,
|
|
33
|
+
sellerId: sellerId.toString(),
|
|
34
|
+
};
|
|
35
|
+
return enrichedUser;
|
|
36
|
+
};
|
|
37
|
+
|
|
38
|
+
exports.enrichUser = enrichUser;
|
|
39
|
+
//# sourceMappingURL=auth0.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth0.js","sources":["../../../../../src/lib/enrichUser/auth0.ts"],"sourcesContent":[null],"names":["decodeJwt","getSeller","Auth0UserType"],"mappings":";;;;;;;AAWO,MAAM,UAAU,GAAG,OAAO,EAC/B,SAAS,EACT,WAAW,EACX,qBAAqB,GAAG,KAAK,GAK9B,KAAkD;IACjD,IAAI,CAAC,WAAW,EAAE;AAChB,QAAA,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC;IACtE;AAEA,IAAA,MAAM,YAAY,GAAGA,cAAS,CAAkB,WAAW,CAAC;AAC5D,IAAA,MAAM,iBAAiB,GAAG,CAAC,CAAC,YAAY,CAAC,iBAAiB;AAC1D,IAAA,MAAM,oBAAoB,GAAG,iBAAiB,IAAI,CAAC,qBAAqB;AACxE,IAAA,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;AACxD,IAAA,MAAM,UAAU,GAA0B;AACxC,QAAA,GAAG,SAAS;AACZ,QAAA,cAAc,EAAE,CAAC,CAAC,YAAY,CAAC,cAAc;AAC7C,QAAA,MAAM,EAAE,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE;QACvC,oBAAoB;QACpB,iBAAiB;KAClB;AAED,IAAA,MAAM,MAAM,GAAG,MAAMC,mBAAS,CAAC;AAC7B,QAAA,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC;AAC3B,KAAA,CAAC;IAEF,IAAI,CAAC,MAAM,EAAE;;AAEX,QAAA,OAAO,CAAC,IAAI,CACV,qDAAqD,QAAQ,CAAA,CAAE,CAChE;IACH;AAEA,IAAA,MAAM,YAAY,GAAgB;AAChC,QAAA,GAAG,UAAU;AACb,QAAA,QAAQ,EAAE,MAAM,EAAE,IAAI,IAAIC,kBAAa,CAAC,OAAO;AAC/C,QAAA,QAAQ,EAAE,QAAQ,CAAC,QAAQ,EAAE;KAC9B;AACD,IAAA,OAAO,YAAY;AACrB;;;;"}
|
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
var server = require('@auth0/nextjs-auth0/server');
|
|
4
4
|
var auth0 = require('../config/auth0.js');
|
|
5
|
+
var onCallbackFactory = require('./hooks/onCallbackFactory.js');
|
|
6
|
+
var beforeSessionSavedFactory = require('./hooks/beforeSessionSavedFactory.js');
|
|
5
7
|
|
|
6
8
|
const instances = {};
|
|
7
9
|
const buildInstanceKey = ({ host, isProxied, protocol, }) => {
|
|
@@ -31,6 +33,8 @@ const getAuth0Instance = ({ protocol, host, isProxied, }) => {
|
|
|
31
33
|
scope: auth0Config.scopes,
|
|
32
34
|
audience: auth0Config.audience,
|
|
33
35
|
},
|
|
36
|
+
beforeSessionSaved: beforeSessionSavedFactory.beforeSessionSavedFactory(auth0Config),
|
|
37
|
+
onCallback: onCallbackFactory.onCallbackFactory({ auth0Config, appBaseUrl }),
|
|
34
38
|
});
|
|
35
39
|
instances[key] = newInstance;
|
|
36
40
|
return newInstance;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getAuth0Instance.js","sources":["../../../../src/server/getAuth0Instance.ts"],"sourcesContent":[null],"names":["getAuth0Config","Auth0Client"],"mappings":"
|
|
1
|
+
{"version":3,"file":"getAuth0Instance.js","sources":["../../../../src/server/getAuth0Instance.ts"],"sourcesContent":[null],"names":["getAuth0Config","Auth0Client","beforeSessionSavedFactory","onCallbackFactory"],"mappings":";;;;;;;AAQA,MAAM,SAAS,GAAmB,EAAE;AAQpC,MAAM,gBAAgB,GAAG,CAAC,EACxB,IAAI,EACJ,SAAS,EACT,QAAQ,GACgB,KAAI;AAC5B,IAAA,OAAO,GAAG,QAAQ,CAAA,CAAA,EAAI,IAAI,CAAA,WAAA,EAAc,SAAS,EAAE;AACrD,CAAC;AAEM,MAAM,gBAAgB,GAAG,CAAC,EAC/B,QAAQ,EACR,IAAI,EACJ,SAAS,GACe,KAAiB;AACzC,IAAA,MAAM,GAAG,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC3D,IAAA,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC;IAC/B,IAAI,QAAQ,EAAE;AACZ,QAAA,OAAO,QAAQ;IACjB;IAEA,MAAM,WAAW,GAAGA,oBAAc,CAAC,EAAE,SAAS,EAAE,CAAC;AACjD,IAAA,MAAM,UAAU,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;AAC1C,IAAA,MAAM,WAAW,GAAG,IAAIC,kBAAW,CAAC;QAClC,UAAU;AACV,QAAA,MAAM,EAAE;YACN,KAAK,EAAE,WAAW,CAAC,aAAa;YAChC,MAAM,EAAE,WAAW,CAAC,cAAc;YAClC,QAAQ,EAAE,WAAW,CAAC,gBAAgB;AACvC,SAAA;AACD,QAAA,OAAO,EAAE;AACP,YAAA,MAAM,EAAE;gBACN,IAAI,EAAE,WAAW,CAAC,iBAAiB;AACpC,aAAA;AACF,SAAA;AACD,QAAA,uBAAuB,EAAE;YACvB,KAAK,EAAE,WAAW,CAAC,MAAM;YACzB,QAAQ,EAAE,WAAW,CAAC,QAAQ;AAC/B,SAAA;AACD,QAAA,kBAAkB,EAAEC,mDAAyB,CAAC,WAAW,CAAC;QAC1D,UAAU,EAAEC,mCAAiB,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC;AAC3D,KAAA,CAAC;AACF,IAAA,SAAS,CAAC,GAAG,CAAC,GAAG,WAAW;AAC5B,IAAA,OAAO,WAAW;AACpB;;;;"}
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
import { SessionData } from '@auth0/nextjs-auth0/types';
|
|
2
|
+
import { Auth0Config } from 'src/types';
|
|
3
|
+
export declare const beforeSessionSavedFactory: (auth0Config: Auth0Config) => ({ user, internal, tokenSet: { accessToken, refreshToken, expiresAt }, }: SessionData) => Promise<SessionData>;
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var headers = require('next/headers');
|
|
4
|
+
var auth0 = require('../../lib/enrichUser/auth0.js');
|
|
5
|
+
|
|
6
|
+
const beforeSessionSavedFactory = (auth0Config) => async ({ user, internal, tokenSet: { accessToken, refreshToken, expiresAt }, }) => {
|
|
7
|
+
const cookieStore = await headers.cookies();
|
|
8
|
+
const selectedSellerId = cookieStore.get(auth0Config.selectedSellerIdCookie.name)?.value ?? null;
|
|
9
|
+
const enrichedUser = await auth0.enrichUser({
|
|
10
|
+
accessToken,
|
|
11
|
+
auth0User: user,
|
|
12
|
+
userHasSelectedSeller: !!selectedSellerId,
|
|
13
|
+
});
|
|
14
|
+
return {
|
|
15
|
+
user: enrichedUser,
|
|
16
|
+
tokenSet: { accessToken, refreshToken, expiresAt },
|
|
17
|
+
internal,
|
|
18
|
+
};
|
|
19
|
+
};
|
|
20
|
+
|
|
21
|
+
exports.beforeSessionSavedFactory = beforeSessionSavedFactory;
|
|
22
|
+
//# sourceMappingURL=beforeSessionSavedFactory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"beforeSessionSavedFactory.js","sources":["../../../../../src/server/hooks/beforeSessionSavedFactory.ts"],"sourcesContent":[null],"names":["cookies","enrichUser"],"mappings":";;;;;AAMO,MAAM,yBAAyB,GACpC,CAAC,WAAwB,KACzB,OAAO,EACL,IAAI,EACJ,QAAQ,EACR,QAAQ,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,GACtC,KAA0B;AACtC,IAAA,MAAM,WAAW,GAAG,MAAMA,eAAO,EAAE;AACnC,IAAA,MAAM,gBAAgB,GACpB,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,KAAK,IAAI,IAAI;AAEzE,IAAA,MAAM,YAAY,GAAG,MAAMC,gBAAU,CAAC;QACpC,WAAW;AACX,QAAA,SAAS,EAAE,IAAiB;QAC5B,qBAAqB,EAAE,CAAC,CAAC,gBAAgB;AAC1C,KAAA,CAAC;IAEF,OAAO;AACL,QAAA,IAAI,EAAE,YAAY;AAClB,QAAA,QAAQ,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE;QAClD,QAAQ;KACT;AACH;;;;"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { NextResponse } from 'next/server';
|
|
2
|
+
import type { OnCallbackContext, SessionData } from '@auth0/nextjs-auth0/types';
|
|
3
|
+
import type { SdkError } from '@auth0/nextjs-auth0/errors';
|
|
4
|
+
import { Auth0Config } from 'src/types';
|
|
5
|
+
export declare const onCallbackFactory: ({ auth0Config, appBaseUrl, }: {
|
|
6
|
+
auth0Config: Auth0Config;
|
|
7
|
+
appBaseUrl: string;
|
|
8
|
+
}) => (_error: SdkError | null, context: OnCallbackContext, session: SessionData | null) => Promise<NextResponse>;
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
var server = require('next/server');
|
|
4
|
+
var headers = require('next/headers');
|
|
5
|
+
var jose = require('jose');
|
|
6
|
+
|
|
7
|
+
const createCallbackResponse = (context, appBaseUrl) => server.NextResponse.redirect(new URL(context.returnTo || '/', appBaseUrl));
|
|
8
|
+
const onCallbackFactory = ({ auth0Config, appBaseUrl, }) => async (_error, context, session) => {
|
|
9
|
+
if (!session?.tokenSet?.accessToken) {
|
|
10
|
+
return createCallbackResponse(context, appBaseUrl);
|
|
11
|
+
}
|
|
12
|
+
const cookieStore = await headers.cookies();
|
|
13
|
+
let selectedSellerId = cookieStore.get(auth0Config.selectedSellerIdCookie.name)?.value ?? null;
|
|
14
|
+
const decodedToken = session.tokenSet.accessToken
|
|
15
|
+
? jose.decodeJwt(session.tokenSet.accessToken)
|
|
16
|
+
: null;
|
|
17
|
+
const availableSellerIds = decodedToken?.sellerIds ?? null;
|
|
18
|
+
if (availableSellerIds &&
|
|
19
|
+
selectedSellerId &&
|
|
20
|
+
Array.isArray(availableSellerIds) &&
|
|
21
|
+
availableSellerIds.length > 0 &&
|
|
22
|
+
!availableSellerIds.includes(selectedSellerId)) {
|
|
23
|
+
// for the edge case where the selected seller id is not in the list of available seller ids
|
|
24
|
+
// force update the cookie to the first available seller id
|
|
25
|
+
// they may happen when a user uses multiple accounts with different seller ids
|
|
26
|
+
selectedSellerId = availableSellerIds[0].toString();
|
|
27
|
+
}
|
|
28
|
+
const response = createCallbackResponse(context, appBaseUrl);
|
|
29
|
+
if (selectedSellerId) {
|
|
30
|
+
response.cookies.set(auth0Config.selectedSellerIdCookie.name, selectedSellerId, auth0Config.selectedSellerIdCookie);
|
|
31
|
+
}
|
|
32
|
+
const impersonatedSellerId = decodedToken?.isImpersonated
|
|
33
|
+
? decodedToken.sellerIds[0]
|
|
34
|
+
: null;
|
|
35
|
+
if (impersonatedSellerId) {
|
|
36
|
+
response.cookies.set(auth0Config.impersonatedSellerIdCookie.name, impersonatedSellerId, auth0Config.impersonatedSellerIdCookie);
|
|
37
|
+
}
|
|
38
|
+
return response;
|
|
39
|
+
};
|
|
40
|
+
|
|
41
|
+
exports.onCallbackFactory = onCallbackFactory;
|
|
42
|
+
//# sourceMappingURL=onCallbackFactory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"onCallbackFactory.js","sources":["../../../../../src/server/hooks/onCallbackFactory.ts"],"sourcesContent":[null],"names":["NextResponse","cookies","decodeJwt"],"mappings":";;;;;;AASA,MAAM,sBAAsB,GAAG,CAC7B,OAA0B,EAC1B,UAAkB,KACfA,mBAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,GAAG,EAAE,UAAU,CAAC,CAAC;MAE3D,iBAAiB,GAC5B,CAAC,EACC,WAAW,EACX,UAAU,GAIX,KACD,OACE,MAAuB,EACvB,OAA0B,EAC1B,OAA2B,KACF;AACzB,IAAA,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE;AACnC,QAAA,OAAO,sBAAsB,CAAC,OAAO,EAAE,UAAU,CAAC;IACpD;AAEA,IAAA,MAAM,WAAW,GAAG,MAAMC,eAAO,EAAE;AACnC,IAAA,IAAI,gBAAgB,GAClB,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,KAAK,IAAI,IAAI;AAEzE,IAAA,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC;UAClCC,cAAS,CAAkB,OAAO,CAAC,QAAQ,CAAC,WAAW;UACvD,IAAI;AACR,IAAA,MAAM,kBAAkB,GAAG,YAAY,EAAE,SAAS,IAAI,IAAI;AAE1D,IAAA,IACE,kBAAkB;QAClB,gBAAgB;AAChB,QAAA,KAAK,CAAC,OAAO,CAAC,kBAAkB,CAAC;QACjC,kBAAkB,CAAC,MAAM,GAAG,CAAC;AAC7B,QAAA,CAAC,kBAAkB,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAC9C;;;;QAIA,gBAAgB,GAAG,kBAAkB,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACrD;IAEA,MAAM,QAAQ,GAAG,sBAAsB,CAAC,OAAO,EAAE,UAAU,CAAC;IAE5D,IAAI,gBAAgB,EAAE;AACpB,QAAA,QAAQ,CAAC,OAAO,CAAC,GAAG,CAClB,WAAW,CAAC,sBAAsB,CAAC,IAAI,EACvC,gBAAgB,EAChB,WAAW,CAAC,sBAAsB,CACnC;IACH;AAEA,IAAA,MAAM,oBAAoB,GAAG,YAAY,EAAE;AACzC,UAAE,YAAY,CAAC,SAAS,CAAC,CAAC;UACxB,IAAI;IAER,IAAI,oBAAoB,EAAE;AACxB,QAAA,QAAQ,CAAC,OAAO,CAAC,GAAG,CAClB,WAAW,CAAC,0BAA0B,CAAC,IAAI,EAC3C,oBAAoB,EACpB,WAAW,CAAC,0BAA0B,CACvC;IACH;AAEA,IAAA,OAAO,QAAQ;AACjB;;;;"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"baseUrl.js","sources":["../../../../src/api/baseUrl.ts"],"sourcesContent":[null],"names":[],"mappings":"AAAA,MAAM,SAAS,GAAG;AAChB,IAAA,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ;AAC7B,IAAA,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW;CAC3B;AAEH,MAAM,OAAO,GAAG,CAAA,QAAA,EAAW,SAAS,CAAC,OAAO,CAAA,CAAA,EAAI,SAAS,CAAC,UAAU;;;;"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { ApiClient } from '@smg-automotive/api-client-pkg';
|
|
2
|
+
import { baseUrl } from '../baseUrl.js';
|
|
3
|
+
|
|
4
|
+
const sellerClient = ApiClient({
|
|
5
|
+
baseUrl,
|
|
6
|
+
headers: {
|
|
7
|
+
'Content-Type': 'application/json',
|
|
8
|
+
},
|
|
9
|
+
});
|
|
10
|
+
|
|
11
|
+
export { sellerClient };
|
|
12
|
+
//# sourceMappingURL=client.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"client.js","sources":["../../../../../src/api/seller/client.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAeO,MAAM,YAAY,GAErB,SAAS,CAA4B;IACvC,OAAO;AACP,IAAA,OAAO,EAAE;AACP,QAAA,cAAc,EAAE,kBAAkB;AACnC,KAAA;AACF,CAAA;;;;"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { sellerClient } from './client.js';
|
|
2
|
+
|
|
3
|
+
const getSeller = async ({ sellerId }) => {
|
|
4
|
+
const response = await sellerClient
|
|
5
|
+
.path('sellers/{sellerId}', {
|
|
6
|
+
sellerId,
|
|
7
|
+
})
|
|
8
|
+
.get();
|
|
9
|
+
if (response.ok) {
|
|
10
|
+
return response.body;
|
|
11
|
+
}
|
|
12
|
+
if (response.status === 404) {
|
|
13
|
+
return null;
|
|
14
|
+
}
|
|
15
|
+
throw new Error(response.statusText);
|
|
16
|
+
};
|
|
17
|
+
|
|
18
|
+
export { getSeller };
|
|
19
|
+
//# sourceMappingURL=getSeller.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"getSeller.js","sources":["../../../../../src/api/seller/getSeller.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAEO,MAAM,SAAS,GAAG,OAAO,EAAE,QAAQ,EAAwB,KAAI;IACpE,MAAM,QAAQ,GAAG,MAAM;SACpB,IAAI,CAAC,oBAAoB,EAAE;QAC1B,QAAQ;KACT;AACA,SAAA,GAAG,EAAE;AAER,IAAA,IAAI,QAAQ,CAAC,EAAE,EAAE;QACf,OAAO,QAAQ,CAAC,IAAI;IACtB;AAEA,IAAA,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;AAC3B,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;AACtC;;;;"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { Auth0User, type IncompleteSessionUser, type SessionUser } from 'src/types';
|
|
2
|
+
export declare const enrichUser: ({ auth0User, accessToken, userHasSelectedSeller, }: {
|
|
3
|
+
auth0User: Auth0User;
|
|
4
|
+
accessToken: string | null;
|
|
5
|
+
userHasSelectedSeller: boolean;
|
|
6
|
+
}) => Promise<SessionUser | IncompleteSessionUser>;
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
import { decodeJwt } from 'jose';
|
|
2
|
+
import { Auth0UserType } from '../../types/auth0/user.js';
|
|
3
|
+
import { getSeller } from '../../api/seller/getSeller.js';
|
|
4
|
+
import '../../api/seller/client.js';
|
|
5
|
+
|
|
6
|
+
const enrichUser = async ({ auth0User, accessToken, userHasSelectedSeller = false, }) => {
|
|
7
|
+
if (!accessToken) {
|
|
8
|
+
throw new Error('Please provide an access token to enrich the user');
|
|
9
|
+
}
|
|
10
|
+
const decodedToken = decodeJwt(accessToken);
|
|
11
|
+
const isMultiTenantUser = !!decodedToken.isMultiTenantUser;
|
|
12
|
+
const forceTenantSelection = isMultiTenantUser && !userHasSelectedSeller;
|
|
13
|
+
const sellerId = parseInt(decodedToken.sellerIds[0], 10);
|
|
14
|
+
const commonUser = {
|
|
15
|
+
...auth0User,
|
|
16
|
+
isImpersonated: !!decodedToken.isImpersonated,
|
|
17
|
+
userId: decodedToken.user_id.toString(),
|
|
18
|
+
forceTenantSelection,
|
|
19
|
+
isMultiTenantUser,
|
|
20
|
+
};
|
|
21
|
+
const seller = await getSeller({
|
|
22
|
+
sellerId: Number(sellerId),
|
|
23
|
+
});
|
|
24
|
+
if (!seller) {
|
|
25
|
+
// eslint-disable-next-line no-console
|
|
26
|
+
console.warn(`[Auth-package] Could not load seller for sellerId ${sellerId}`);
|
|
27
|
+
}
|
|
28
|
+
const enrichedUser = {
|
|
29
|
+
...commonUser,
|
|
30
|
+
userType: seller?.type ?? Auth0UserType.Private,
|
|
31
|
+
sellerId: sellerId.toString(),
|
|
32
|
+
};
|
|
33
|
+
return enrichedUser;
|
|
34
|
+
};
|
|
35
|
+
|
|
36
|
+
export { enrichUser };
|
|
37
|
+
//# sourceMappingURL=auth0.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth0.js","sources":["../../../../../src/lib/enrichUser/auth0.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAWO,MAAM,UAAU,GAAG,OAAO,EAC/B,SAAS,EACT,WAAW,EACX,qBAAqB,GAAG,KAAK,GAK9B,KAAkD;IACjD,IAAI,CAAC,WAAW,EAAE;AAChB,QAAA,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC;IACtE;AAEA,IAAA,MAAM,YAAY,GAAG,SAAS,CAAkB,WAAW,CAAC;AAC5D,IAAA,MAAM,iBAAiB,GAAG,CAAC,CAAC,YAAY,CAAC,iBAAiB;AAC1D,IAAA,MAAM,oBAAoB,GAAG,iBAAiB,IAAI,CAAC,qBAAqB;AACxE,IAAA,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;AACxD,IAAA,MAAM,UAAU,GAA0B;AACxC,QAAA,GAAG,SAAS;AACZ,QAAA,cAAc,EAAE,CAAC,CAAC,YAAY,CAAC,cAAc;AAC7C,QAAA,MAAM,EAAE,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE;QACvC,oBAAoB;QACpB,iBAAiB;KAClB;AAED,IAAA,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC;AAC7B,QAAA,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC;AAC3B,KAAA,CAAC;IAEF,IAAI,CAAC,MAAM,EAAE;;AAEX,QAAA,OAAO,CAAC,IAAI,CACV,qDAAqD,QAAQ,CAAA,CAAE,CAChE;IACH;AAEA,IAAA,MAAM,YAAY,GAAgB;AAChC,QAAA,GAAG,UAAU;AACb,QAAA,QAAQ,EAAE,MAAM,EAAE,IAAI,IAAI,aAAa,CAAC,OAAO;AAC/C,QAAA,QAAQ,EAAE,QAAQ,CAAC,QAAQ,EAAE;KAC9B;AACD,IAAA,OAAO,YAAY;AACrB;;;;"}
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
import { Auth0Client } from '@auth0/nextjs-auth0/server';
|
|
2
2
|
import { getAuth0Config } from '../config/auth0.js';
|
|
3
|
+
import { onCallbackFactory } from './hooks/onCallbackFactory.js';
|
|
4
|
+
import { beforeSessionSavedFactory } from './hooks/beforeSessionSavedFactory.js';
|
|
3
5
|
|
|
4
6
|
const instances = {};
|
|
5
7
|
const buildInstanceKey = ({ host, isProxied, protocol, }) => {
|
|
@@ -29,6 +31,8 @@ const getAuth0Instance = ({ protocol, host, isProxied, }) => {
|
|
|
29
31
|
scope: auth0Config.scopes,
|
|
30
32
|
audience: auth0Config.audience,
|
|
31
33
|
},
|
|
34
|
+
beforeSessionSaved: beforeSessionSavedFactory(auth0Config),
|
|
35
|
+
onCallback: onCallbackFactory({ auth0Config, appBaseUrl }),
|
|
32
36
|
});
|
|
33
37
|
instances[key] = newInstance;
|
|
34
38
|
return newInstance;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"getAuth0Instance.js","sources":["../../../../src/server/getAuth0Instance.ts"],"sourcesContent":[null],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"getAuth0Instance.js","sources":["../../../../src/server/getAuth0Instance.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAQA,MAAM,SAAS,GAAmB,EAAE;AAQpC,MAAM,gBAAgB,GAAG,CAAC,EACxB,IAAI,EACJ,SAAS,EACT,QAAQ,GACgB,KAAI;AAC5B,IAAA,OAAO,GAAG,QAAQ,CAAA,CAAA,EAAI,IAAI,CAAA,WAAA,EAAc,SAAS,EAAE;AACrD,CAAC;AAEM,MAAM,gBAAgB,GAAG,CAAC,EAC/B,QAAQ,EACR,IAAI,EACJ,SAAS,GACe,KAAiB;AACzC,IAAA,MAAM,GAAG,GAAG,gBAAgB,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC3D,IAAA,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC;IAC/B,IAAI,QAAQ,EAAE;AACZ,QAAA,OAAO,QAAQ;IACjB;IAEA,MAAM,WAAW,GAAG,cAAc,CAAC,EAAE,SAAS,EAAE,CAAC;AACjD,IAAA,MAAM,UAAU,GAAG,CAAA,EAAG,QAAQ,CAAA,GAAA,EAAM,IAAI,EAAE;AAC1C,IAAA,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC;QAClC,UAAU;AACV,QAAA,MAAM,EAAE;YACN,KAAK,EAAE,WAAW,CAAC,aAAa;YAChC,MAAM,EAAE,WAAW,CAAC,cAAc;YAClC,QAAQ,EAAE,WAAW,CAAC,gBAAgB;AACvC,SAAA;AACD,QAAA,OAAO,EAAE;AACP,YAAA,MAAM,EAAE;gBACN,IAAI,EAAE,WAAW,CAAC,iBAAiB;AACpC,aAAA;AACF,SAAA;AACD,QAAA,uBAAuB,EAAE;YACvB,KAAK,EAAE,WAAW,CAAC,MAAM;YACzB,QAAQ,EAAE,WAAW,CAAC,QAAQ;AAC/B,SAAA;AACD,QAAA,kBAAkB,EAAE,yBAAyB,CAAC,WAAW,CAAC;QAC1D,UAAU,EAAE,iBAAiB,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC;AAC3D,KAAA,CAAC;AACF,IAAA,SAAS,CAAC,GAAG,CAAC,GAAG,WAAW;AAC5B,IAAA,OAAO,WAAW;AACpB;;;;"}
|
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
import { SessionData } from '@auth0/nextjs-auth0/types';
|
|
2
|
+
import { Auth0Config } from 'src/types';
|
|
3
|
+
export declare const beforeSessionSavedFactory: (auth0Config: Auth0Config) => ({ user, internal, tokenSet: { accessToken, refreshToken, expiresAt }, }: SessionData) => Promise<SessionData>;
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import { cookies } from 'next/headers';
|
|
2
|
+
import { enrichUser } from '../../lib/enrichUser/auth0.js';
|
|
3
|
+
|
|
4
|
+
const beforeSessionSavedFactory = (auth0Config) => async ({ user, internal, tokenSet: { accessToken, refreshToken, expiresAt }, }) => {
|
|
5
|
+
const cookieStore = await cookies();
|
|
6
|
+
const selectedSellerId = cookieStore.get(auth0Config.selectedSellerIdCookie.name)?.value ?? null;
|
|
7
|
+
const enrichedUser = await enrichUser({
|
|
8
|
+
accessToken,
|
|
9
|
+
auth0User: user,
|
|
10
|
+
userHasSelectedSeller: !!selectedSellerId,
|
|
11
|
+
});
|
|
12
|
+
return {
|
|
13
|
+
user: enrichedUser,
|
|
14
|
+
tokenSet: { accessToken, refreshToken, expiresAt },
|
|
15
|
+
internal,
|
|
16
|
+
};
|
|
17
|
+
};
|
|
18
|
+
|
|
19
|
+
export { beforeSessionSavedFactory };
|
|
20
|
+
//# sourceMappingURL=beforeSessionSavedFactory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"beforeSessionSavedFactory.js","sources":["../../../../../src/server/hooks/beforeSessionSavedFactory.ts"],"sourcesContent":[null],"names":[],"mappings":";;;AAMO,MAAM,yBAAyB,GACpC,CAAC,WAAwB,KACzB,OAAO,EACL,IAAI,EACJ,QAAQ,EACR,QAAQ,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,GACtC,KAA0B;AACtC,IAAA,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE;AACnC,IAAA,MAAM,gBAAgB,GACpB,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,KAAK,IAAI,IAAI;AAEzE,IAAA,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;QACpC,WAAW;AACX,QAAA,SAAS,EAAE,IAAiB;QAC5B,qBAAqB,EAAE,CAAC,CAAC,gBAAgB;AAC1C,KAAA,CAAC;IAEF,OAAO;AACL,QAAA,IAAI,EAAE,YAAY;AAClB,QAAA,QAAQ,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE;QAClD,QAAQ;KACT;AACH;;;;"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { NextResponse } from 'next/server';
|
|
2
|
+
import type { OnCallbackContext, SessionData } from '@auth0/nextjs-auth0/types';
|
|
3
|
+
import type { SdkError } from '@auth0/nextjs-auth0/errors';
|
|
4
|
+
import { Auth0Config } from 'src/types';
|
|
5
|
+
export declare const onCallbackFactory: ({ auth0Config, appBaseUrl, }: {
|
|
6
|
+
auth0Config: Auth0Config;
|
|
7
|
+
appBaseUrl: string;
|
|
8
|
+
}) => (_error: SdkError | null, context: OnCallbackContext, session: SessionData | null) => Promise<NextResponse>;
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
import { NextResponse } from 'next/server';
|
|
2
|
+
import { cookies } from 'next/headers';
|
|
3
|
+
import { decodeJwt } from 'jose';
|
|
4
|
+
|
|
5
|
+
const createCallbackResponse = (context, appBaseUrl) => NextResponse.redirect(new URL(context.returnTo || '/', appBaseUrl));
|
|
6
|
+
const onCallbackFactory = ({ auth0Config, appBaseUrl, }) => async (_error, context, session) => {
|
|
7
|
+
if (!session?.tokenSet?.accessToken) {
|
|
8
|
+
return createCallbackResponse(context, appBaseUrl);
|
|
9
|
+
}
|
|
10
|
+
const cookieStore = await cookies();
|
|
11
|
+
let selectedSellerId = cookieStore.get(auth0Config.selectedSellerIdCookie.name)?.value ?? null;
|
|
12
|
+
const decodedToken = session.tokenSet.accessToken
|
|
13
|
+
? decodeJwt(session.tokenSet.accessToken)
|
|
14
|
+
: null;
|
|
15
|
+
const availableSellerIds = decodedToken?.sellerIds ?? null;
|
|
16
|
+
if (availableSellerIds &&
|
|
17
|
+
selectedSellerId &&
|
|
18
|
+
Array.isArray(availableSellerIds) &&
|
|
19
|
+
availableSellerIds.length > 0 &&
|
|
20
|
+
!availableSellerIds.includes(selectedSellerId)) {
|
|
21
|
+
// for the edge case where the selected seller id is not in the list of available seller ids
|
|
22
|
+
// force update the cookie to the first available seller id
|
|
23
|
+
// they may happen when a user uses multiple accounts with different seller ids
|
|
24
|
+
selectedSellerId = availableSellerIds[0].toString();
|
|
25
|
+
}
|
|
26
|
+
const response = createCallbackResponse(context, appBaseUrl);
|
|
27
|
+
if (selectedSellerId) {
|
|
28
|
+
response.cookies.set(auth0Config.selectedSellerIdCookie.name, selectedSellerId, auth0Config.selectedSellerIdCookie);
|
|
29
|
+
}
|
|
30
|
+
const impersonatedSellerId = decodedToken?.isImpersonated
|
|
31
|
+
? decodedToken.sellerIds[0]
|
|
32
|
+
: null;
|
|
33
|
+
if (impersonatedSellerId) {
|
|
34
|
+
response.cookies.set(auth0Config.impersonatedSellerIdCookie.name, impersonatedSellerId, auth0Config.impersonatedSellerIdCookie);
|
|
35
|
+
}
|
|
36
|
+
return response;
|
|
37
|
+
};
|
|
38
|
+
|
|
39
|
+
export { onCallbackFactory };
|
|
40
|
+
//# sourceMappingURL=onCallbackFactory.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"onCallbackFactory.js","sources":["../../../../../src/server/hooks/onCallbackFactory.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;AASA,MAAM,sBAAsB,GAAG,CAC7B,OAA0B,EAC1B,UAAkB,KACf,YAAY,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,GAAG,EAAE,UAAU,CAAC,CAAC;MAE3D,iBAAiB,GAC5B,CAAC,EACC,WAAW,EACX,UAAU,GAIX,KACD,OACE,MAAuB,EACvB,OAA0B,EAC1B,OAA2B,KACF;AACzB,IAAA,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE;AACnC,QAAA,OAAO,sBAAsB,CAAC,OAAO,EAAE,UAAU,CAAC;IACpD;AAEA,IAAA,MAAM,WAAW,GAAG,MAAM,OAAO,EAAE;AACnC,IAAA,IAAI,gBAAgB,GAClB,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,KAAK,IAAI,IAAI;AAEzE,IAAA,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC;UAClC,SAAS,CAAkB,OAAO,CAAC,QAAQ,CAAC,WAAW;UACvD,IAAI;AACR,IAAA,MAAM,kBAAkB,GAAG,YAAY,EAAE,SAAS,IAAI,IAAI;AAE1D,IAAA,IACE,kBAAkB;QAClB,gBAAgB;AAChB,QAAA,KAAK,CAAC,OAAO,CAAC,kBAAkB,CAAC;QACjC,kBAAkB,CAAC,MAAM,GAAG,CAAC;AAC7B,QAAA,CAAC,kBAAkB,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAC9C;;;;QAIA,gBAAgB,GAAG,kBAAkB,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACrD;IAEA,MAAM,QAAQ,GAAG,sBAAsB,CAAC,OAAO,EAAE,UAAU,CAAC;IAE5D,IAAI,gBAAgB,EAAE;AACpB,QAAA,QAAQ,CAAC,OAAO,CAAC,GAAG,CAClB,WAAW,CAAC,sBAAsB,CAAC,IAAI,EACvC,gBAAgB,EAChB,WAAW,CAAC,sBAAsB,CACnC;IACH;AAEA,IAAA,MAAM,oBAAoB,GAAG,YAAY,EAAE;AACzC,UAAE,YAAY,CAAC,SAAS,CAAC,CAAC;UACxB,IAAI;IAER,IAAI,oBAAoB,EAAE;AACxB,QAAA,QAAQ,CAAC,OAAO,CAAC,GAAG,CAClB,WAAW,CAAC,0BAA0B,CAAC,IAAI,EAC3C,oBAAoB,EACpB,WAAW,CAAC,0BAA0B,CACvC;IACH;AAEA,IAAA,OAAO,QAAQ;AACjB;;;;"}
|