@solidstarters/solid-core 1.2.168 → 1.2.169

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. package/dist/dtos/create-ai-interaction.dto.d.ts +3 -0
  2. package/dist/dtos/create-ai-interaction.dto.d.ts.map +1 -1
  3. package/dist/dtos/create-ai-interaction.dto.js +19 -1
  4. package/dist/dtos/create-ai-interaction.dto.js.map +1 -1
  5. package/dist/dtos/update-ai-interaction.dto.d.ts +3 -0
  6. package/dist/dtos/update-ai-interaction.dto.d.ts.map +1 -1
  7. package/dist/dtos/update-ai-interaction.dto.js +19 -1
  8. package/dist/dtos/update-ai-interaction.dto.js.map +1 -1
  9. package/dist/entities/ai-interaction.entity.d.ts +3 -0
  10. package/dist/entities/ai-interaction.entity.d.ts.map +1 -1
  11. package/dist/entities/ai-interaction.entity.js +13 -1
  12. package/dist/entities/ai-interaction.entity.js.map +1 -1
  13. package/dist/filters/http-exception.filter.d.ts.map +1 -1
  14. package/dist/filters/http-exception.filter.js +2 -1
  15. package/dist/filters/http-exception.filter.js.map +1 -1
  16. package/dist/helpers/solid-core-error-codes-provider.service.js +3 -3
  17. package/dist/helpers/solid-core-error-codes-provider.service.js.map +1 -1
  18. package/dist/helpers/solid-registry.d.ts +0 -1
  19. package/dist/helpers/solid-registry.d.ts.map +1 -1
  20. package/dist/helpers/solid-registry.js +0 -1
  21. package/dist/helpers/solid-registry.js.map +1 -1
  22. package/dist/index.d.ts +0 -1
  23. package/dist/index.d.ts.map +1 -1
  24. package/dist/index.js +0 -1
  25. package/dist/index.js.map +1 -1
  26. package/dist/jobs/database/trigger-mcp-client-subscriber-database.service.js +2 -2
  27. package/dist/jobs/database/trigger-mcp-client-subscriber-database.service.js.map +1 -1
  28. package/dist/seeders/seed-data/solid-core-metadata.json +33 -0
  29. package/dist/services/authentication.service.d.ts +1 -5
  30. package/dist/services/authentication.service.d.ts.map +1 -1
  31. package/dist/services/authentication.service.js +22 -64
  32. package/dist/services/authentication.service.js.map +1 -1
  33. package/dist/services/mcp-tool-response-handlers/solid-create-module-mcp-tool-response-handler.service.js +1 -1
  34. package/dist/services/mcp-tool-response-handlers/solid-create-module-mcp-tool-response-handler.service.js.map +1 -1
  35. package/dist/solid-core.module.d.ts.map +1 -1
  36. package/dist/solid-core.module.js +0 -2
  37. package/dist/solid-core.module.js.map +1 -1
  38. package/dist/tsconfig.tsbuildinfo +1 -1
  39. package/package.json +1 -1
  40. package/src/dtos/create-ai-interaction.dto.ts +15 -0
  41. package/src/dtos/update-ai-interaction.dto.ts +15 -0
  42. package/src/entities/ai-interaction.entity.ts +9 -0
  43. package/src/filters/http-exception.filter.ts +5 -2
  44. package/src/helpers/solid-core-error-codes-provider.service.ts +4 -4
  45. package/src/helpers/solid-registry.ts +0 -1
  46. package/src/index.ts +0 -1
  47. package/src/jobs/database/trigger-mcp-client-subscriber-database.service.ts +2 -2
  48. package/src/seeders/seed-data/solid-core-metadata.json +35 -2
  49. package/src/services/authentication.service.ts +31 -142
  50. package/src/services/mcp-tool-response-handlers/solid-create-module-mcp-tool-response-handler.service.ts +1 -1
  51. package/src/solid-core.module.ts +0 -8
  52. package/dist/entities/user-password-history.entity.d.ts +0 -7
  53. package/dist/entities/user-password-history.entity.d.ts.map +0 -1
  54. package/dist/entities/user-password-history.entity.js +0 -35
  55. package/dist/entities/user-password-history.entity.js.map +0 -1
  56. package/src/entities/user-password-history.entity.ts +0 -14
package/dist/services/authentication.service.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"authentication.service.js","sourceRoot":"","sources":["../../src/services/authentication.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA,yCAA4C;AAC5C,2CASwB;AAExB,yDAAsD;AACtD,qCAAyC;AACzC,6CAAqE;AACrE,qDAAsD;AACtD,mCAA+C;AAE/C,2DAAmE;AACnE,qCAAiD;AACjD,qDAA4D;AAU5D,2FAA+E;AAC/E,yDAA+C;AAE/C,uDAAmD;AACnD,2FAAkH;AAClH,iDAA6C;AAC7C,8CAA+D;AAC/D,4CAIsB;AACtB,uDAAmD;AAEnD,mEAA8D;AAC9D,4EAAoD;AACpD,mFAA6E;AAC7E,uEAAkE;AAClE,gEAA8D;AAC9D,oEAAkE;AAClE,4DAAyD;AACzD,+BAAoC;AAEpC,IAAK,aAIJ;AAJD,WAAK,aAAa;IACd,gCAAe,CAAA;IACf,kCAAiB,CAAA;IACjB,4BAAW,CAAA;AACf,CAAC,EAJI,aAAa,KAAb,aAAa,QAIjB;AAQM,IAAM,qBAAqB,6BAA3B,MAAM,qBAAqB;IAG9B,YACqB,WAAwB,EACjB,cAAiD,EAClC,6BAA+E,EACrG,cAA8B,EAC9B,UAAsB,EAEvC,gBAA+D,EAE/D,gBAA+D,EAC9C,sBAAqD,EACrD,WAAwB,EAExB,kBAA+B,EAC/B,UAA2B,EAC3B,YAA2B,EAC3B,cAA8B,EAC9B,mBAAwC,EAEzD,mBAAqE,EACpD,0BAAsD,EACtD,qBAA4C,EAE7D,UAAuC;QAtBtB,gBAAW,GAAX,WAAW,CAAa;QACA,mBAAc,GAAd,cAAc,CAAkB;QACjB,kCAA6B,GAA7B,6BAA6B,CAAiC;QACrG,mBAAc,GAAd,cAAc,CAAgB;QAC9B,eAAU,GAAV,UAAU,CAAY;QAEtB,qBAAgB,GAAhB,gBAAgB,CAA8B;QAE9C,qBAAgB,GAAhB,gBAAgB,CAA8B;QAC9C,2BAAsB,GAAtB,sBAAsB,CAA+B;QACrD,gBAAW,GAAX,WAAW,CAAa;QAExB,uBAAkB,GAAlB,kBAAkB,CAAa;QAC/B,eAAU,GAAV,UAAU,CAAiB;QAC3B,iBAAY,GAAZ,YAAY,CAAe;QAC3B,mBAAc,GAAd,cAAc,CAAgB;QAC9B,wBAAmB,GAAnB,mBAAmB,CAAqB;QAExC,wBAAmB,GAAnB,mBAAmB,CAAiC;QACpD,+BAA0B,GAA1B,0BAA0B,CAA4B;QACtD,0BAAqB,GAArB,qBAAqB,CAAuB;QAE5C,eAAU,GAAV,UAAU,CAAY;QAzB1B,WAAM,GAAG,IAAI,eAAM,CAAC,uBAAqB,CAAC,IAAI,CAAC,CAAC;IA4BjE,CAAC;IAEO,KAAK,CAAC,SAAS,CAAC,GAAW;QAC/B,OAAO,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;IACnD,CAAC;IAEO,KAAK,CAAC,cAAc;QACxB,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC;IACnE,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,QAAgB,EAAE,KAAa;QAC7C,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YACrC,KAAK,EAAE;gBACH,EAAE,QAAQ,EAAE,QAAQ,EAAE;gBACtB,EAAE,KAAK,EAAE,KAAK,EAAE;aACnB;YACD,SAAS,EAAE;gBACP,KAAK,EAAE,IAAI;aACd;SACJ,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,8BAA8B,CAAC,KAAa;QAC9C,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YACrC,KAAK,EAAE,EAAE,iCAAiC,EAAE,KAAK,EAAE;YACnD,SAAS,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE;SAC7B,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,SAAoB;QAEnC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAEzE,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACf,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,eAAe,CAAC,CAAC;QACpE,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAC7C,SAAS,CAAC,QAAQ,EAClB,IAAI,CAAC,QAAQ,CAChB,CAAC;QACF,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;QACxE,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,SAAoB,EAAE,aAA6B,IAAI;QAEhE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,yBAAyB,CAAC,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACxF,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,4BAA4B,CAAC,CAAC;QAC/E,CAAC;QAED,IAAI,CAAC;YACD,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,iCAAiC,CAAC,CAAC;YACtF,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,gBAAgB,EAAE,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,kBAAI,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,0BAA0B,EAAE,qBAAqB,CAAC,CAAC;YACnK,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAEvD,MAAM,SAAS,GAAG,SAAS,CAAC,KAAK,IAAI,EAAE,CAAC;YACxC,IAAI,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,CAAC;gBACpC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;YACtD,CAAC;YACD,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC;YAIzE,OAAO,SAAS,CAAC;QACrB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,0BAA0B,GAAG,OAAO,CAAC;YAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;gBAC1C,MAAM,IAAI,0BAAiB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YACpE,CAAC;YACD,MAAM,GAAG,CAAC;QACd,CAAC;IACL,CAAC;IAED,KAAK,CAAC,sBAAsB,CAA0C,SAAoB,EAAE,gBAAmB,EAAE,iBAAgC;QAC7I,IAAI,CAAC;YACD,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,iCAAiC,CAAC,CAAC;YAGtF,MAAM,aAAa,GAAG,iBAAiB,CAAC,KAAK,CAAC,iBAAiB,CAAC,MAAM,EAAO,EAAE,gBAAgB,CAAC,CAAC;YACjG,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,gBAAgB,EAAE,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAI,aAAa,EAAE,SAAS,EAAE,IAAI,EAAE,qBAAqB,CAAC,CAAC;YAC7H,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAErD,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC;YAE/E,OAAO,SAAS,CAAC;QACrB,CAAC;QACD,OAAO,GAAG,EAAE,CAAC;YACT,MAAM,0BAA0B,GAAG,OAAO,CAAC;YAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;gBAC1C,MAAM,IAAI,0BAAiB,CAAC,0BAA0B,CAAC,GAAG,CAAC,MAAM,IAAI,+BAAc,CAAC,2BAA2B,CAAC,CAAC,CAAC;YACtH,CAAC;YACD,MAAM,GAAG,CAAC;QACd,CAAC;IACL,CAAC;IAGO,KAAK,CAAC,iBAAiB,CAAiB,IAAO,EAAE,SAAoB,EAAE,eAAwB,IAAI,EAAE,qBAA+B;QAExI,IAAI,0BAA0B,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,0BAA0B,CAAC,CAAC;QACtG,IAAI,SAAS,CAAC,KAAK,IAAI,SAAS,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC9C,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBACpC,MAAM,IAAI,CAAC,mBAAmB,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAC5D,CAAC;QACL,CAAC;QACD,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC;QACnC,IAAI,CAAC,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC;QAC7B,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC;QACnC,IAAI,CAAC,mBAAmB,GAAG,qBAAqB,CAAC;QACjD,IAAI,SAAS,CAAC,MAAM,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC;QACnC,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAEhC,IAAI,GAAG,GAAG,EAAE,CAAC;QACb,IAAI,gBAAgB,GAAG,EAAE,CAAC;QAC1B,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;YACrB,GAAG,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC7D,CAAC;QACD,IAAG,0BAA0B,EAAE,QAAQ,EAAE,CAAC,WAAW,EAAE,KAAK,MAAM,EAAC,CAAC;YAGhE,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3C,GAAG,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YACvD,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC;QACpC,CAAC;QACD,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC;QAEpB,IAAI,CAAC,MAAM,GAAG,YAAY,CAAC;QAC3B,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,gBAAgB,EAAE,CAAC;IAC3C,CAAC;IAGO,KAAK,CAAC,gBAAgB,CAAC,IAAU,EAAE,QAAkB,EAAE,EAAE,GAAW,EAAE,gBAAwB;QAClG,MAAM,IAAI,CAAC,WAAW,CAAC,yBAAyB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAE9D,MAAM,mBAAmB,GAAG,IAAI,kDAAmB,EAAE,CAAC;QACtD,mBAAmB,CAAC,YAAY,GAAG,GAAG,CAAC;QACvC,mBAAmB,CAAC,IAAI,GAAG,IAAI,CAAC;QAChC,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAInE,IAAI,IAAI,CAAC,mBAAmB,IAAI,gBAAgB,EAAE,CAAC;YAC/C,IAAI,CAAC,+BAA+B,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;QACjE,CAAC;IACL,CAAC;IAGD,gBAAgB,CAAC,SAAiB,CAAC;QAC/B,MAAM,SAAS,GAAG,4BAA4B,CAAC;QAC/C,MAAM,SAAS,GAAG,4BAA4B,CAAC;QAC/C,MAAM,OAAO,GAAG,YAAY,CAAC;QAC7B,MAAM,YAAY,GAAG,KAAK,CAAC;QAC3B,MAAM,QAAQ,GAAG,SAAS,GAAG,SAAS,GAAG,OAAO,GAAG,YAAY,CAAC;QAEhE,IAAI,QAAQ,GAAG,EAAE,CAAC;QAElB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC9B,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;YAChE,QAAQ,IAAI,QAAQ,CAAC,WAAW,CAAC,CAAC;QACtC,CAAC;QAED,OAAO,QAAQ,CAAC;IACpB,CAAC;IAEO,KAAK,CAAC,+BAA+B,CAAC,IAAU,EAAE,gBAAwB;QAC9E,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAChD,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,CAAC;QAC7D,WAAW,CAAC,sBAAsB,CAC9B,IAAI,CAAC,KAAK,EACV,0BAA0B,EAC1B;YACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;YACxC,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;YACrD,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,+BAA+B;YACjE,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,gBAAgB;YAC1B,cAAc,EAAE,WAAW;SAC9B,EACD,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAC1C,IAAI,EACJ,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,EAAE,CACV,CAAC;IAEN,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,SAAuB;QACjD,IAAI,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,CAAC;gBAC5C,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,kCAAkC,CAAC,CAAC;YACrF,CAAC;YAED,IAAI,IAAA,yBAAO,EAAC,SAAS,CAAC,MAAM,CAAC,IAAI,IAAA,yBAAO,EAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;gBACxD,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,6BAA6B,CAAC,CAAC;YAChF,CAAC;YACD,IAAI,SAAS,CAAC,iBAAiB,CAAC,QAAQ,CAAC,qDAAyC,CAAC,KAAK,CAAC,IAAI,IAAA,yBAAO,EAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;gBACpH,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,6BAA6B,CAAC,CAAC;YAChF,CAAC;YACD,IAAI,SAAS,CAAC,iBAAiB,CAAC,QAAQ,CAAC,qDAAyC,CAAC,MAAM,CAAC,IAAI,IAAA,yBAAO,EAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;gBACtH,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,8BAA8B,CAAC,CAAC;YACjF,CAAC;YAGD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBACnD,KAAK,EAAE;oBACH,EAAE,KAAK,EAAE,SAAS,CAAC,KAAK,GAAG;oBAC3B,EAAE,MAAM,EAAE,SAAS,CAAC,MAAM,GAAG;oBAC7B,EAAE,QAAQ,EAAE,SAAS,CAAC,QAAQ,GAAG;iBACpC;aACJ,CAAC,CAAC;YACH,IAAI,IAAA,4BAAU,EAAC,YAAY,CAAC,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;gBAClD,MAAM,IAAI,0BAAiB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YACpE,CAAC;YACD,MAAM,oCAAoC,GAAG,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,gBAAgB,CAAC,oCAAoC,EAAE,SAAS,CAAC,CAAC;YACtJ,IAAI,IAAI,GAAG,YAAY,CAAA;YACvB,IAAI,IAAA,yBAAO,EAAC,IAAI,CAAC,EAAE,CAAC;gBAChB,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;gBAClC,IAAI,CAAC,0BAA0B,CAAC,oCAAoC,EAAE,IAAI,CAAC,CAAC;gBAC5E,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrC,MAAM,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,CAAC;YACjH,CAAC;iBACI,CAAC;gBACF,IAAI,CAAC,0BAA0B,CAAC,oCAAoC,EAAE,IAAI,CAAC,CAAC;gBAC5E,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACzC,CAAC;YAGD,IAAI,CAAC,mCAAmC,CAAC,IAAI,EAAE,oCAAoC,CAAC,CAAC;YACrF,OAAO,EAAE,OAAO,EAAE,mCAAgB,CAAC,6BAA6B,EAAE,CAAA;QACtE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,0BAA0B,GAAG,OAAO,CAAC;YAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;gBAC1C,MAAM,IAAI,0BAAiB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YACpE,CAAC;YACD,MAAM,GAAG,CAAC;QACd,CAAC;IACL,CAAC;IAGO,UAAU,CAAC,SAAuB;QACtC,MAAM,IAAI,GAAG,IAAI,kBAAI,EAAE,CAAC;QACxB,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC;QACnC,IAAI,CAAC,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC;QAC/B,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC,aAAa,CAAC;QAC7C,IAAI,CAAC,iBAAiB,GAAG,aAAa,CAAC,GAAG,CAAC;QAC3C,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,4BAA4B,CAAC,uCAAiD,EAAE,SAAuB;QAC3G,MAAM,kCAAkC,GAAG,uCAAuC,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,KAAK,wCAA4B,CAAC,aAAa,CAAC,CAAC;QAC7J,IAAI,uCAAuC,CAAC,QAAQ,CAAC,wCAA4B,CAAC,aAAa,CAAC,EAAE,CAAC;YAC/F,kCAAkC,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,iBAAiB,CAAC,CAAC;QAC5E,CAAC;QACD,OAAO,kCAAkC,CAAC;IAC9C,CAAC;IAGO,0BAA0B,CAAC,kCAA4C,EAAE,IAAU;QACvF,IAAI,kCAAkC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClD,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,0BAA0B,CAAC,CAAC;QAC7E,CAAC;QACD,IAAI,kCAAkC,CAAC,QAAQ,CAAC,qDAAyC,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/F,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACxC,IAAI,CAAC,oCAAoC,GAAG,KAAK,CAAC;YAClD,IAAI,CAAC,6CAA6C,GAAG,SAAS,CAAC;YAC/D,IAAI,IAAI,CAAC,gBAAgB,CAAC,2BAA2B,EAAE,CAAC;gBACpD,IAAI,CAAC,6BAA6B,GAAG,KAAK,CAAC;gBAC3C,IAAI,CAAC,sCAAsC,GAAG,SAAS,CAAC;YAC5D,CAAC;QACL,CAAC;QACD,IAAI,kCAAkC,CAAC,QAAQ,CAAC,qDAAyC,CAAC,MAAM,CAAC,EAAE,CAAC;YAChG,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACxC,IAAI,CAAC,qCAAqC,GAAG,KAAK,CAAC;YACnD,IAAI,CAAC,8CAA8C,GAAG,SAAS,CAAC;YAChE,IAAI,IAAI,CAAC,gBAAgB,CAAC,2BAA2B,EAAE,CAAC;gBACpD,IAAI,CAAC,8BAA8B,GAAG,KAAK,CAAC;gBAC5C,IAAI,CAAC,uCAAuC,GAAG,SAAS,CAAC;YAC7D,CAAC;QACL,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,mCAAmC,CAAC,IAAU,EAAE,6BAAuC;QACjG,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAChD,IAAI,IAAI,CAAC,gBAAgB,CAAC,QAAQ;YAC9B,OAAO;QACX,IAAI,6BAA6B,CAAC,QAAQ,CAAC,wCAA4B,CAAC,KAAK,CAAC,EAAE,CAAC;YAC7E,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,CAAC;YAC7D,WAAW,CAAC,sBAAsB,CAC9B,IAAI,CAAC,KAAK,EACV,iBAAiB,EACjB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBACrD,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ;gBACvD,oCAAoC,EAAE,IAAI,CAAC,oCAAoC;gBAC/E,cAAc,EAAE,WAAW;aAC9B,EACD,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAC1C,IAAI,EACJ,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,EAAE,CACV,CAAC;QACN,CAAC;QACD,IAAI,6BAA6B,CAAC,QAAQ,CAAC,wCAA4B,CAAC,MAAM,CAAC,EAAE,CAAC;YAC9E,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAChC,IAAI,CAAC,MAAM,EACX,iBAAiB,EACjB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,GAAG,EAAE,IAAI,CAAC,qCAAqC;gBAC/C,qCAAqC,EAAE,IAAI,CAAC,qCAAqC;gBACjF,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ;gBACvD,cAAc,EAAE,WAAW;aAC9B,CACJ,CAAC;QACN,CAAC;IACL,CAAC;IAED,KAAK,CAAC,sBAAsB,CAAC,gBAAkC;QAC3D,IAAI,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,CAAC;YAC5C,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,kCAAkC,CAAC,CAAC;QACrF,CAAC;QAGD,IAAI,gBAAgB,CAAC,IAAI,KAAK,wCAA4B,CAAC,KAAK,EAAE,CAAC;YAC/D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,KAAK,EAAE,gBAAgB,CAAC,UAAU;iBACrC;aACJ,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,IAAI,CAAC,oCAAoC,KAAK,gBAAgB,CAAC,GAAG,EAAE,CAAC;gBACrE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,IAAI,CAAC,6CAA6C,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAClE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,CAAC,6BAA6B,GAAG,IAAI,IAAI,EAAE,CAAC;YAChD,IAAI,CAAC,oCAAoC,GAAG,IAAI,CAAC;YACjD,IAAI,CAAC,6CAA6C,GAAG,IAAI,CAAC;YAC1D,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,4BAA4B,CAAC,IAAI,IAAI,CAAC,wCAAwC,CAAC,IAAI,CAAC,CAAC;YAC5I,MAAM,SAAS,GAAS,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7D,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACzC,OAAO,EAAE,MAAM,EAAE,SAAS,CAAC,MAAM,EAAE,OAAO,EAAE,kCAAkC,gBAAgB,CAAC,IAAI,EAAE,EAAE,CAAA;QAC3G,CAAC;aAAM,IAAI,gBAAgB,CAAC,IAAI,KAAK,wCAA4B,CAAC,MAAM,EAAE,CAAC;YACvE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,MAAM,EAAE,gBAAgB,CAAC,UAAU;iBACtC;aACJ,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,IAAI,CAAC,qCAAqC,KAAK,gBAAgB,CAAC,GAAG,EAAE,CAAC;gBACtE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,IAAI,CAAC,8CAA8C,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBACnE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,CAAC,8BAA8B,GAAG,IAAI,IAAI,EAAE,CAAC;YACjD,IAAI,CAAC,qCAAqC,GAAG,IAAI,CAAC;YAClD,IAAI,CAAC,8CAA8C,GAAG,IAAI,CAAC;YAC3D,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,4BAA4B,CAAC,IAAI,IAAI,CAAC,wCAAwC,CAAC,IAAI,CAAC,CAAC;YAC5I,MAAM,SAAS,GAAS,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7D,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACzC,OAAO,EAAE,MAAM,EAAE,SAAS,CAAC,MAAM,EAAE,OAAO,EAAE,kCAAkC,gBAAgB,CAAC,IAAI,EAAE,EAAE,CAAA;QAC3G,CAAC;QACD,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,yBAAyB,CAAC,CAAC;IAC5E,CAAC;IAEO,wBAAwB,CAAC,SAAe;QAE5C,MAAM,KAAK,GAAG,IAAI,yBAAY,CAAO,sBAAS,CAAC,eAAe,EAAE,SAAS,CAAC,CAAC;QAC3E,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,sBAAS,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;IAC7D,CAAC;IAED,wCAAwC,CAAC,IAAU;QAC/C,MAAM,6BAA6B,GAAG,IAAI,CAAC,gBAAgB,CAAC,oCAAoC,CAAC;QACjG,IAAI,6BAA6B,CAAC,QAAQ,CAAC,wCAA4B,CAAC,KAAK,CAAC,EAAE,CAAC;YAC7E,IAAI,CAAC,IAAI,CAAC,6BAA6B,EAAE,CAAC;gBACtC,OAAO,KAAK,CAAC;YACjB,CAAC;QACL,CAAC;QACD,IAAI,6BAA6B,CAAC,QAAQ,CAAC,wCAA4B,CAAC,MAAM,CAAC,EAAE,CAAC;YAC9E,IAAI,CAAC,IAAI,CAAC,8BAA8B,EAAE,CAAC;gBACvC,OAAO,KAAK,CAAC;YACjB,CAAC;QACL,CAAC;QACD,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,GAAG;QACP,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;QACnE,OAAO;YACH,KAAK,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAA,kBAAS,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC,QAAQ,EAAE;YAC7G,SAAS,EAAE,GAAG;SACjB,CAAC;IACN,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,SAAoB;QAC7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAGhD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAE/C,MAAM,IAAI,CAAC,0BAA0B,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QAE9D,OAAO;YACH,IAAI,EAAE;gBACF,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;gBAC7C,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;aACzD;YACD,GAAG,MAAM;SACZ,CAAA;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,SAAuB;QAC1C,IAAI,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,CAAC;YAC5C,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,kCAAkC,CAAC,CAAC;QACrF,CAAC;QAGD,IAAI,SAAS,CAAC,IAAI,KAAK,wCAA4B,CAAC,KAAK,EAAE,CAAC;YACxD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,KAAK,EAAE,SAAS,CAAC,UAAU;iBAC9B;aACJ,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACf,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;YAClE,CAAC;YACD,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACxC,IAAI,CAAC,6BAA6B,GAAG,KAAK,CAAC;YAC3C,IAAI,CAAC,sCAAsC,GAAG,SAAS,CAAC;YACxD,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,IAAI,CAAC,6BAA6B,CAAC,IAAI,EAAE,wCAA4B,CAAC,KAAK,CAAC,CAAC;QACjF,CAAC;aAAM,IAAI,SAAS,CAAC,IAAI,KAAK,wCAA4B,CAAC,MAAM,EAAE,CAAC;YAChE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,MAAM,EAAE,SAAS,CAAC,UAAU;iBAC/B;aACJ,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACxC,IAAI,CAAC,8BAA8B,GAAG,KAAK,CAAC;YAC5C,IAAI,CAAC,uCAAuC,GAAG,SAAS,CAAC;YACzD,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,IAAI,CAAC,6BAA6B,CAAC,IAAI,EAAE,wCAA4B,CAAC,MAAM,CAAC,CAAC;QAClF,CAAC;aACI,CAAC;YACF,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,yBAAyB,CAAC,CAAC;QAC5E,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,mCAAgB,CAAC,sBAAsB,EAAE,CAAC;IAChE,CAAC;IAEO,KAAK,CAAC,6BAA6B,CAAC,IAAU,EAAE,SAAuC;QAC3F,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAEhD,IAAI,IAAI,CAAC,gBAAgB,CAAC,QAAQ;YAC9B,OAAO;QACX,IAAI,SAAS,KAAK,wCAA4B,CAAC,KAAK,EAAE,CAAC;YACnD,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,CAAC;YAC7D,WAAW,CAAC,sBAAsB,CAC9B,IAAI,CAAC,KAAK,EACV,cAAc,EACd;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBACrD,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,6BAA6B,EAAE,IAAI,CAAC,6BAA6B;gBACjE,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ;gBACvD,cAAc,EAAE,WAAW;aAC9B,EACD,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAC1C,IAAI,EACJ,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,EAAE,CACV,CAAC;QACN,CAAC;QACD,IAAI,SAAS,KAAK,wCAA4B,CAAC,MAAM,EAAE,CAAC;YACpD,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAChC,IAAI,CAAC,MAAM,EACX,cAAc,EACd;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,GAAG,EAAE,IAAI,CAAC,8BAA8B;gBACxC,8BAA8B,EAAE,IAAI,CAAC,8BAA8B;gBACnE,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ;gBACvD,cAAc,EAAE,WAAW;aAC9B,CACJ,CAAC;QACN,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,gBAAkC;QACpD,IAAI,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,CAAC;YAC5C,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,kCAAkC,CAAC,CAAC;QACrF,CAAC;QACD,IAAI,gBAAgB,CAAC,IAAI,KAAK,wCAA4B,CAAC,KAAK,EAAE,CAAC;YAC/D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,KAAK,EAAE,gBAAgB,CAAC,UAAU;iBACrC;gBACD,SAAS,EAAE,CAAC,OAAO,CAAC;aACvB,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACf,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;YAClE,CAAC;YACD,IAAI,IAAI,CAAC,6BAA6B,KAAK,gBAAgB,CAAC,GAAG,EAAE,CAAC;gBAC9D,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,IAAI,CAAC,sCAAsC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAC3D,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,CAAC,sBAAsB,GAAG,IAAI,IAAI,EAAE,CAAC;YACzC,IAAI,CAAC,6BAA6B,GAAG,IAAI,CAAC;YAC1C,IAAI,CAAC,sCAAsC,GAAG,IAAI,CAAC;YACnD,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;YACtE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,GAAG,IAAI,CAAC;YAChE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClD,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,KAAK,EAAE,EAAE,CAAC;QAC1G,CAAC;aAAM,IAAI,gBAAgB,CAAC,IAAI,KAAK,wCAA4B,CAAC,MAAM,EAAE,CAAC;YACvE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,MAAM,EAAE,gBAAgB,CAAC,UAAU;iBACtC;gBACD,SAAS,EAAE,CAAC,OAAO,CAAC;aACvB,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,eAAe,CAAC,CAAC;YACpE,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACf,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;YAClE,CAAC;YACD,IAAI,IAAI,CAAC,8BAA8B,KAAK,gBAAgB,CAAC,GAAG,EAAE,CAAC;gBAC/D,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,IAAI,CAAC,uCAAuC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAC5D,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,CAAC,uBAAuB,GAAG,IAAI,IAAI,EAAE,CAAC;YAC1C,IAAI,CAAC,8BAA8B,GAAG,IAAI,CAAC;YAC3C,IAAI,CAAC,uCAAuC,GAAG,IAAI,CAAC;YACpD,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;YACtE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,GAAG,IAAI,CAAC;YAChE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClD,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,KAAK,EAAE,EAAE,CAAC;QAE1G,CAAC;QACD,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,yBAAyB,CAAC,CAAC;IAC5E,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,iBAAoC,EAAE,UAA0B;QACjF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YAC3C,KAAK,EAAE,EAAE,EAAE,EAAE,iBAAiB,CAAC,EAAE,EAAE;SACtC,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,0BAAiB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;QAC/D,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACf,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;QAClE,CAAC;QAGD,IAAI,IAAI,CAAC,iBAAiB,KAAK,OAAO,EAAE,CAAC;YACrC,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,kBAAkB,CAAC,CAAC;QACrE,CAAC;QAGD,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,gBAAgB,CAAC,CAAC;QACnE,CAAC;QAGD,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3C,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,iBAAiB,CAAC,CAAC;QACpE,CAAC;QAGD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAC7C,iBAAiB,CAAC,eAAe,EACjC,IAAI,CAAC,QAAQ,CAChB,CAAC;QACF,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,0BAA0B,CAAC,CAAC;QAC/E,CAAC;QAGD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;QAC7E,IAAI,CAAC,QAAQ,GAAG,iBAAiB,CAAC,WAAW,CAAC;QAG9C,IAAI,CAAC,mBAAmB,GAAG,KAAK,CAAC;QAEjC,IAAI,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,eAAe,CAAC,CAAC;QAClE,CAAC;QACD,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAEpC,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC;QACvB,MAAM,mBAAmB,GAAG,IAAI,kDAAmB,EAAE,CAAC;QACtD,mBAAmB,CAAC,YAAY,GAAG,MAAM,CAAC;QAC1C,mBAAmB,CAAC,IAAI,GAAG,IAAI,CAAC;QAEhC,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrC,MAAM,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEnE,OAAO,IAAI,CAAC;IAChB,CAAC;IAGO,2BAA2B;QAC/B,MAAM,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC;QAC9B,UAAU,CAAC,UAAU,CAAC,UAAU,CAAC,UAAU,EAAE,GAAG,IAAI,CAAC,gBAAgB,CAAC,qCAAqC,CAAC,CAAC;QAE7G,OAAO;YACH,KAAK,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ;gBACjC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,QAAQ;gBAChC,CAAC,CAAC,IAAA,SAAM,GAAE;YACd,SAAS,EAAE,UAAU;SACxB,CAAC;IACN,CAAC;IAED,KAAK,CAAC,sBAAsB,CAAC,yBAAoD;QAM7E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,yBAAyB,CAAC,QAAQ,EAAE,yBAAyB,CAAC,KAAK,CAAC,CAAC;QAEzG,IAAI,WAAW,GAAG,IAAI,CAAA;QACtB,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,WAAW,GAAG,KAAK,CAAA;QAEvB,CAAC;QACD,IAAI,WAAW,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,CAAC;YAC/B,WAAW,GAAG,KAAK,CAAA;QAEvB,CAAC;QAGD,IAAI,WAAW,IAAI,IAAI,EAAE,iBAAiB,KAAK,OAAO,EAAE,CAAC;YACrD,WAAW,GAAG,KAAK,CAAA;QAEvB,CAAC;QAID,IAAI,WAAW,EAAE,CAAC;YACd,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,2BAA2B,EAAE,CAAC;YAChE,IAAI,CAAC,iCAAiC,GAAG,KAAK,CAAC;YAC/C,IAAI,CAAC,0CAA0C,GAAG,SAAS,CAAC;YAC5D,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,CAAC;QAC1C,CAAC;QAGD,OAAO;YACH,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,mCAAgB,CAAC,0BAA0B;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,EAAE;YACb,IAAI,EAAE;gBACF,IAAI,EAAG;oBACH,KAAK,EAAE,IAAI,EAAE,KAAK;iBAGrB;aACJ;SACJ,CAAA;IACL,CAAC;IAEO,KAAK,CAAC,0BAA0B,CAAC,IAAU;QAC/C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAEhD,MAAM,qCAAqC,GAAG,IAAI,CAAC,gBAAgB,CAAC,qCAAqC,CAAC;QAE1G,IAAI,qCAAqC,IAAI,iDAAqC,CAAC,KAAK,EAAE,CAAC;YACvF,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,CAAC;YAC7D,WAAW,CAAC,sBAAsB,CAC9B,IAAI,CAAC,KAAK,EACV,iBAAiB,EACjB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBACrD,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBAEvB,iBAAiB,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,yCAAyC,UAAU,IAAI,CAAC,iCAAiC,EAAE;gBAC7H,cAAc,EAAE,WAAW;aAC9B,EACD,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAC1C,IAAI,EACJ,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,EAAE,CACV,CAAC;QACN,CAAC;QAED,IAAI,qCAAqC,IAAI,iDAAqC,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACvG,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAChC,IAAI,CAAC,MAAM,EACX,iBAAiB,EACjB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,GAAG,EAAE,IAAI,CAAC,iCAAiC;gBAC3C,iCAAiC,EAAE,IAAI,CAAC,iCAAiC;gBACzE,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,cAAc,EAAE,WAAW;aAC9B,CACJ,CAAC;QACN,CAAC;IACL,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,wBAAkD;QAC1E,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;YAE3C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,8BAA8B,CAAC,wBAAwB,CAAC,iBAAiB,CAAC,CAAC;YACnG,IAAI,CAAC,IAAI;gBAAE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YAC/E,IAAI,IAAI,CAAC,iBAAiB,KAAK,OAAO;gBAAE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YAC5G,IAAI,CAAC,IAAI,CAAC,MAAM;gBAAE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YAGtF,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;iBACvB,kBAAkB,EAAE;iBACpB,MAAM,CAAC,kBAAI,CAAC;iBACZ,GAAG,CAAC;gBACD,yBAAyB,EAAE,GAAG,EAAE,CAAC,OAAO;gBACxC,iCAAiC,EAAE,GAAG,EAAE,CAAC,MAAM;gBAC/C,0CAA0C,EAAE,GAAG,EAAE,CAAC,MAAM;aAC3D,CAAC;iBACD,KAAK,CAAC,UAAU,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;iBAClC,QAAQ,CAAC,4CAA4C,EAAE,EAAE,KAAK,EAAE,wBAAwB,CAAC,iBAAiB,EAAE,CAAC;iBAC7G,QAAQ,CAAC,oDAAoD,CAAC;iBAC9D,OAAO,EAAE,CAAC;YAEf,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;gBAEjB,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YACxE,CAAC;YAGD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC,CAAC;YAMlF,MAAM,QAAQ,GAAG,EAAE,GAAG,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAU,CAAC;YACxD,IAAI,MAAM,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3C,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,eAAe,CAAC,CAAC;YAClE,CAAC;YAED,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;YAEpC,MAAM,CAAC,CAAC,aAAa,CAAC,kBAAI,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;YAE3E,MAAM,OAAO,GAAG,CAAC,CAAC,aAAa,CAAC,kDAAmB,CAAC,CAAC,MAAM,CAAC;gBACxD,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAS;gBAC5B,YAAY,EAAE,OAAO;aACxB,CAAC,CAAC;YACH,MAAM,CAAC,CAAC,aAAa,CAAC,kDAAmB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACzD,IAAI,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;YAEvC,OAAO;gBACH,MAAM,EAAE,SAAS;gBACjB,OAAO,EAAE,mCAAgB,CAAC,yBAAyB;gBACnD,KAAK,EAAE,EAAE;gBACT,SAAS,EAAE,EAAE;gBACb,IAAI,EAAE,EAAE;aACX,CAAC;QACN,CAAC,CAAC,CAAC;IACP,CAAC;IAEO,KAAK,CAAC,2BAA2B,CAAC,IAAU;QAChD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAEhD,MAAM,qCAAqC,GAAG,IAAI,CAAC,gBAAgB,CAAC,qCAAqC,CAAC;QAE1G,IAAI,qCAAqC,IAAI,iDAAqC,CAAC,KAAK,EAAE,CAAC;YACvF,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,CAAC;YAC7D,WAAW,CAAC,sBAAsB,CAC9B,IAAI,CAAC,KAAK,EACV,kBAAkB,EAClB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBACrD,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBAEvB,iBAAiB,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,yCAAyC,UAAU,IAAI,CAAC,iCAAiC,EAAE;gBAC7H,cAAc,EAAE,WAAW;aAC9B,EACD,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAC1C,IAAI,EACJ,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,EAAE,CACV,CAAC;QACN,CAAC;QAED,IAAI,qCAAqC,IAAI,iDAAqC,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACvG,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAChC,IAAI,CAAC,MAAM,EACX,iBAAiB,EACjB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,GAAG,EAAE,IAAI,CAAC,iCAAiC;gBAC3C,iCAAiC,EAAE,IAAI,CAAC,iCAAiC;gBACzE,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,cAAc,EAAE,WAAW;aAC9B,CACJ,CAAC;QACN,CAAC;IACL,CAAC;IA6DO,KAAK,CAAC,mBAAmB,CAAC,IAAU;QACxC,MAAM,yBAAyB,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,MAAM,CAC7E,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,CAC5B,CAAA;QACD,IAAI,mBAAmB,GAAG,EAAE,CAAC;QAE7B,KAAK,MAAM,MAAM,IAAI,yBAAyB,EAAE,CAAC;YAC7C,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAClD,CAAC;QAED,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;YACxC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAC1E,IAAI,OAAO,EAAE,CAAC;gBACV,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC;QACD,OAAO,KAAK,CAAC;IACjB,CAAC;IAGO,KAAK,CAAC,kBAAkB,CAAC,IAAU;QACvC,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,MAAM,CACvE,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,CAC5B,CAAA;QACD,MAAM,QAAQ,GAAG,CAAC,CAAC;QAInB,IAAI,mBAAmB,CAAC,MAAM,IAAI,QAAQ,EAAE,CAAC;YACzC,MAAM,WAAW,GAAG,QAAQ,GAAG,CAAC,GAAG,mBAAmB,CAAC,MAAM,CAAC;YAC9D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;gBACnC,MAAM,IAAI,CAAC,6BAA6B,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5E,CAAC;QACL,CAAC;IACL,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,IAAU;QAE3B,MAAM,CAAC,WAAW,EAAE,YAAY,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YAClD,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;YAC9B,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC;SAClC,CAAC,CAAC;QAEH,OAAO;YACH,WAAW;YACX,YAAY;SACf,CAAC;IACN,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,IAAU;QAGhC,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE1D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,SAAS,CACpC,IAAI,CAAC,EAAE,EACP,IAAI,CAAC,gBAAgB,CAAC,cAAc,EACpC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,CACvE,CAAC;QAEF,OAAO,WAAW,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,IAAU;QACjC,MAAM,cAAc,GAAG,IAAA,mBAAU,GAAE,CAAC;QAEpC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,gBAAgB,CAAC,eAAe,EAAE;YACtF,cAAc;SACjB,CAAC,CAAA;QAGF,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;QAEhE,OAAO,YAAY,CAAC;IACxB,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,eAAgC;QAChD,IAAI,CAAC;YACD,MAAM,EAAE,GAAG,EAAE,cAAc,EAAE,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAA2D,eAAe,CAAC,YAAY,EAAE;gBACtJ,MAAM,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM;gBACpC,QAAQ,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ;gBACxC,MAAM,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM;aACvC,CAAC,CAAC;YAEH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,EAAE,EAAE,GAAG;iBACV;gBACD,SAAS,EAAE;oBACP,KAAK,EAAE,IAAI;iBACd;aACJ,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,eAAe,CAAC,CAAC;YACpE,CAAC;YAWD,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,IAAI,EAAE,eAAe,CAAC,YAAY,CAAC,CAAC;YAEpH,MAAM,IAAI,CAAC,0BAA0B,CAAC,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;YAEvE,OAAO;gBACH,WAAW,EAAE,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;gBACjD,YAAY,EAAE,mBAAmB;aACpC,CAAC;QACN,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,IAAI,GAAG,YAAY,gEAA4B,EAAE,CAAC;gBAE9C,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;YAClE,CAAC;YAED,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,eAAe,CAAC,CAAC;QACpE,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,SAAS,CAAI,MAAc,EAAE,SAAiB,EAAE,OAAW;QACrE,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAClC;YACI,GAAG,EAAE,MAAM;YACX,GAAG,OAAO;SACb,EACD;YACI,QAAQ,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ;YACxC,MAAM,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM;YACpC,MAAM,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM;YACpC,SAAS;SACZ,CACJ,CAAC;IACN,CAAC;IAGD,KAAK,CAAC,uBAAuB,CAAC,IAAU;QACpC,IAAI,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,uEAAuE,IAAI,CAAC,iBAAiB,EAAE,CAAC,CAAC;YACtJ,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC;YAGlC,IAAI,WAAW,CAAC,KAAK,KAAK,IAAI,CAAC,KAAK,IAAI,WAAW,CAAC,EAAE,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAEvE,OAAO,WAAW,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACJ,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,oBAAoB,CAAC,CAAC;YACzE,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,iCAAiC,CAAC,CAAC;QACtF,CAAC;IACL,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,UAAkB;QACtC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YAC3C,KAAK,EAAE;gBACH,UAAU,EAAE,UAAU;aACzB;YACD,SAAS,EAAE;gBACP,KAAK,EAAE,IAAI;aACd;SACJ,CAAC,CAAC;QAIH,MAAM,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC;QAGzC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAC/C,OAAO;YACH,IAAI,EAAE;gBACF,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBAEvB,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;aACzD;YACD,GAAG,MAAM;SACZ,CAAA;IAEL,CAAC;IAEO,KAAK,CAAC,iCAAiC;QAC3C,OAAO,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,0BAA0B,CAAC,CAAC;IAC1E,CAAC;IASD,KAAK,CAAC,MAAM;QACR,IAAI,CAAC;YACD,MAAM,UAAU,GAAG,IAAI,CAAC,qBAAqB,CAAC,aAAa,EAAE,CAAC;YAC9D,MAAM,MAAM,GAAG,UAAU,EAAE,GAAG,CAAC;YAC/B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,EAAE,EAAE,MAAM;iBACb;aACJ,CAAC,CAAA;YAEF,MAAM,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAGrD,MAAM,IAAI,CAAC,0BAA0B,CAAC,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;YAG/D,OAAO,EAAE,OAAO,EAAE,mCAAgB,CAAC,cAAc,EAAE,CAAC;QACxD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,GAAG,YAAY,8BAAqB,IAAI,GAAG,YAAY,qCAA4B;gBACrF,CAAC,CAAC,GAAG;gBACL,CAAC,CAAC,IAAI,qCAA4B,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;QACzE,CAAC;IACL,CAAC;IAGD,KAAK,CAAC,YAAY,CAAC,MAAc;QAC7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QACxD,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,0BAAiB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;QAC/D,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACnB,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,EAAE,CAAC,UAA0B;QAC/B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YAC3C,KAAK,EAAE;gBACH,EAAE,EAAE,UAAU,CAAC,GAAG;aACrB;YACD,SAAS,EAAE;gBACP,KAAK,EAAE,IAAI;aACd;SACJ,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAE/C,MAAM,QAAQ,GAAG;YACb,IAAI,EAAE;gBACF,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBAEvB,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;aACzD;YACD,GAAG,MAAM;SACZ,CAAA;QACD,OAAO,QAAQ,CAAC;IACpB,CAAC;CAEJ,CAAA;AA/qCY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;IAMJ,WAAA,IAAA,0BAAgB,EAAC,kBAAI,CAAC,CAAA;IACtB,WAAA,IAAA,0BAAgB,EAAC,kDAAmB,CAAC,CAAA;IAGrC,WAAA,IAAA,eAAM,EAAC,sBAAS,CAAC,GAAG,CAAC,CAAA;IAErB,WAAA,IAAA,eAAM,EAAC,sBAAS,CAAC,GAAG,CAAC,CAAA;IAUrB,YAAA,IAAA,eAAM,EAAC,uBAAY,CAAC,GAAG,CAAC,CAAA;IAIxB,YAAA,IAAA,0BAAgB,GAAE,CAAA;qCArBW,0BAAW;QACgB,oBAAU;QACoB,oBAAU;QAChE,gCAAc;QAClB,gBAAU,kBAKE,iEAA6B;QACxC,mBAAW;QAEJ,0BAAW;QACnB,iCAAe;QACb,6BAAa;QACX,gCAAc;QACT,2CAAmB,UAGZ,0DAA0B;QAC/B,+CAAqB;QAEhC,oBAAU;GA1BlC,qBAAqB,CA+qCjC;AAED,SAAS,0BAA0B,CAAC,MAAc;IAC9C,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAC3E,IAAI,KAAK,EAAE,CAAC;QACR,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,QAAQ,GAA2B;YACrC,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,eAAe;YACtB,kBAAkB,EAAE,WAAW;SAClC,CAAC;QACF,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC;QAC/C,OAAO,eAAe,aAAa,KAAK,KAAK,mBAAmB,CAAC;IACrE,CAAC;IACD,OAAO,MAAM,CAAC;AAClB,CAAC","sourcesContent":["import { HttpService } from '@nestjs/axios';\nimport {\n BadRequestException,\n ConflictException,\n Inject,\n Injectable,\n InternalServerErrorException,\n Logger,\n NotFoundException,\n UnauthorizedException,\n} from '@nestjs/common';\nimport { ConfigType } from '@nestjs/config';\nimport { EventEmitter2 } from '@nestjs/event-emitter';\nimport { JwtService } from '@nestjs/jwt';\nimport { InjectDataSource, InjectRepository } from '@nestjs/typeorm';\nimport { isEmpty, isNotEmpty } from 'class-validator';\nimport { randomInt, randomUUID } from 'crypto';\nimport { SMTPEMailService } from 'src/services/mail/smtp-email.service';\nimport { Msg91OTPService } from 'src/services/sms/Msg91OTPService';\nimport { DataSource, Repository } from 'typeorm';\nimport { iamConfig, jwtConfig } from '../config/iam.config';\nimport { ChangePasswordDto } from \"../dtos/change-password.dto\";\nimport { ConfirmForgotPasswordDto } from '../dtos/confirm-forgot-password.dto';\nimport { InitiateForgotPasswordDto } from '../dtos/initiate-forgot-password.dto';\nimport { OTPConfirmOTPDto } from '../dtos/otp-confirm-otp.dto';\nimport { OTPSignInDto } from '../dtos/otp-sign-in.dto';\nimport { OTPSignUpDto } from '../dtos/otp-sign-up.dto';\nimport { RefreshTokenDto } from '../dtos/refresh-token.dto';\nimport { SignInDto } from '../dtos/sign-in.dto';\nimport { SignUpDto } from '../dtos/sign-up.dto';\nimport { UserPasswordHistory } from '../entities/user-password-history.entity';\nimport { User } from '../entities/user.entity';\nimport { ActiveUserData } from '../interfaces/active-user-data.interface';\nimport { HashingService } from './hashing.service';\nimport { InvalidatedRefreshTokenError, RefreshTokenIdsStorageService } from './refresh-token-ids-storage.service';\nimport { UserService } from './user.service';\nimport { EventDetails, EventType, IMail } from \"../interfaces\";\nimport {\n ForgotPasswordSendVerificationTokenOn,\n RegistrationValidationSource,\n TransactionalRegistrationValidationSource\n} from \"../constants\";\nimport { SettingService } from './setting.service';\nimport { CreateUserDto } from 'src/dtos/create-user.dto';\nimport { RoleMetadataService } from './role-metadata.service';\nimport commonConfig from 'src/config/common.config';\nimport { UserActivityHistoryService } from './user-activity-history.service';\nimport { RequestContextService } from './request-context.service';\nimport { ERROR_MESSAGES } from 'src/constants/error-messages';\nimport { SUCCESS_MESSAGES } from 'src/constants/success-messages';\nimport { MailFactory } from 'src/factories/mail.factory';\nimport { v4 as uuidv4 } from 'uuid';\n\nenum LoginProvider {\n LOCAL = 'local',\n GOOGLE = 'google',\n OTP = 'otp',\n}\n\ninterface otp {\n token: string;\n expiresAt: Date;\n}\n\n@Injectable()\nexport class AuthenticationService {\n private readonly logger = new Logger(AuthenticationService.name);\n // private readonly mailService: IMail;\n constructor(\n private readonly userService: UserService,\n @InjectRepository(User) private readonly userRepository: Repository<User>,\n @InjectRepository(UserPasswordHistory) private readonly userPasswordHistoryRepository: Repository<UserPasswordHistory>,\n private readonly hashingService: HashingService,\n private readonly jwtService: JwtService,\n @Inject(jwtConfig.KEY)\n private readonly jwtConfiguration: ConfigType<typeof jwtConfig>,\n @Inject(iamConfig.KEY)\n private readonly iamConfiguration: ConfigType<typeof iamConfig>,\n private readonly refreshTokenIdsStorage: RefreshTokenIdsStorageService,\n private readonly httpService: HttpService,\n // private readonly mailService: SMTPEMailService,\n private readonly mailServiceFactory: MailFactory,\n private readonly smsService: Msg91OTPService,\n private readonly eventEmitter: EventEmitter2,\n private readonly settingService: SettingService,\n private readonly roleMetadataService: RoleMetadataService,\n @Inject(commonConfig.KEY)\n private readonly commonConfiguration: ConfigType<typeof commonConfig>,\n private readonly userActivityHistoryService: UserActivityHistoryService,\n private readonly requestContextService: RequestContextService,\n @InjectDataSource()\n private readonly dataSource: DataSource,\n ) {\n // this.mailService = this.mailServiceFactory.getMailService();\n }\n\n private async getConfig(key: string): Promise<any> {\n return this.settingService.getConfigValue(key);\n }\n\n private async getCompanyLogo(): Promise<string> {\n return await this.settingService.getConfigValue('companylogo');\n }\n\n async resolveUser(username: string, email: string) {\n return await this.userRepository.findOne({\n where: [\n { username: username },\n { email: email },\n ],\n relations: {\n roles: true\n }\n });\n }\n\n async resolveUserByVerificationToken(token: string) {\n return await this.userRepository.findOne({\n where: { verificationTokenOnForgotPassword: token },\n relations: { roles: true }\n });\n }\n\n async validateUser(signInDto: SignInDto) {\n\n const user = await this.resolveUser(signInDto.username, signInDto.email);\n\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n if (!user.active) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_ACTIVE);\n }\n const isEqual = await this.hashingService.compare(\n signInDto.password,\n user.password,\n );\n if (!isEqual) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n\n return user;\n }\n\n async signUp(signUpDto: SignUpDto, activeUser: ActiveUserData = null): Promise<User> {\n // If public registrations are disabled and no activeUser is present when invoking signUp then we throw an exception.\n if (!(await this.settingService.getConfigValue('allowPublicRegistration')) && !activeUser) {\n throw new BadRequestException(ERROR_MESSAGES.PUBLIC_REGISTRATION_DISABLED);\n }\n\n try {\n const onForcePasswordChange = await this.getConfig('forceChangePasswordOnFirstLogin');\n var { user, pwd, autoGeneratedPwd } = await this.populateForSignup(new User(), signUpDto, this.iamConfiguration.activateUserOnRegistration, onForcePasswordChange);\n const savedUser = await this.userRepository.save(user);\n // Also assign a default role to the newly created user. \n const userRoles = signUpDto.roles ?? [];\n if (this.iamConfiguration.defaultRole) {\n userRoles.push(this.iamConfiguration.defaultRole);\n }\n await this.handlePostSignup(savedUser, userRoles, pwd, autoGeneratedPwd);\n\n // TODO: make provision to trigger a welcome email also.\n\n return savedUser;\n } catch (err) {\n const pgUniqueViolationErrorCode = '23505';\n if (err.code === pgUniqueViolationErrorCode) {\n throw new ConflictException(ERROR_MESSAGES.USER_ALREADY_EXISTS);\n }\n throw err;\n }\n }\n\n async signupForExtensionUser<T extends User, U extends CreateUserDto>(signUpDto: SignUpDto, extensionUserDto: U, extensionUserRepo: Repository<T>): Promise<T> {\n try {\n const onForcePasswordChange = await this.getConfig('forceChangePasswordOnFirstLogin');\n // Merge the extended signUpDto attributes into the user entity \n //@ts-ignore \n const extensionUser = extensionUserRepo.merge(extensionUserRepo.create() as T, extensionUserDto);\n var { user, pwd, autoGeneratedPwd } = await this.populateForSignup<T>(extensionUser, signUpDto, true, onForcePasswordChange);\n const savedUser = await extensionUserRepo.save(user);\n\n await this.handlePostSignup(savedUser, signUpDto.roles, pwd, autoGeneratedPwd);\n\n return savedUser;\n }\n catch (err) {\n const pgUniqueViolationErrorCode = '23505';\n if (err.code === pgUniqueViolationErrorCode) {\n throw new ConflictException(parseUniqueConstraintError(err.detail || ERROR_MESSAGES.UNIQUE_CONSTRAINT_VIOLATION));\n }\n throw err;\n }\n }\n\n\n private async populateForSignup<T extends User>(user: T, signUpDto: SignUpDto, isUserActive: boolean = true, onForcePasswordChange?: boolean) {\n // const user = new User();\n let autoGeneratedPwdPermission = await this.settingService.getConfigValue('iamAutoGeneratedPassword');\n if (signUpDto.roles && signUpDto.roles.length > 0) {\n for (let i = 0; i < signUpDto.roles.length; i++) {\n const roleName = signUpDto.roles[i];\n await this.roleMetadataService.findRoleByName(roleName);\n }\n }\n user.username = signUpDto.username;\n user.email = signUpDto.email;\n user.fullName = signUpDto.fullName;\n user.forcePasswordChange = onForcePasswordChange;\n if (signUpDto.mobile) {\n user.mobile = signUpDto.mobile;\n }\n this.logger.debug(\"user\", user);\n // If password has been specified by the user, then we simply create & activate the user based on the configuration parameter \"activateUserOnRegistration\".\n let pwd = '';\n let autoGeneratedPwd = '';\n if (signUpDto.password) {\n pwd = await this.hashingService.hash(signUpDto.password);\n }\n if(autoGeneratedPwdPermission?.toString().toLowerCase() === 'true'){\n // TODO: If password is not specified then auto-generate a random password, trigger this password over an email to the user.\n // TODO: Also track if the user has to force reset / change their password, and then activate the user. \n autoGeneratedPwd = this.generatePassword();\n pwd = await this.hashingService.hash(autoGeneratedPwd);\n user.forcePasswordChange = true;\n }\n user.password = pwd;\n // user.active = this.iamConfiguration.activateUserOnRegistration;\n user.active = isUserActive;\n return { user, pwd, autoGeneratedPwd };\n }\n\n\n private async handlePostSignup(user: User, roles: string[] = [], pwd: string, autoGeneratedPwd: string) {\n await this.userService.initializeRolesForNewUser(roles, user);\n // Tanay: Adding user password to history table\n const userPasswordHistory = new UserPasswordHistory();\n userPasswordHistory.passwordHash = pwd;\n userPasswordHistory.user = user;\n await this.userPasswordHistoryRepository.save(userPasswordHistory);\n\n // if forcePasswordChange is true, then we trigger an email to the user to change the password, this needs to be done using a queue. \n // Create a new method like notifyUserOnForcePasswordChange, create a new email template we can call it on-force-password-change this template to include the random password\n if (user.forcePasswordChange && autoGeneratedPwd) {\n this.notifyUserOnForcePasswordChange(user, autoGeneratedPwd);\n }\n }\n\n\n generatePassword(length: number = 8): string {\n const upperCase = \"ABCDEFGHIJKLMNOPQRSTUVWXYZ\";\n const lowerCase = \"abcdefghijklmnopqrstuvwxyz\";\n const numbers = \"0123456789\";\n const specialChars = \"@$#\";\n const allChars = upperCase + lowerCase + numbers + specialChars;\n\n let password = \"\";\n\n for (let i = 0; i < length; i++) {\n const randomIndex = Math.floor(Math.random() * allChars.length);\n password += allChars[randomIndex];\n }\n\n return password;\n }\n\n private async notifyUserOnForcePasswordChange(user: User, autoGeneratedPwd: string) {\n const companyLogo = await this.getCompanyLogo();\n const mailService = this.mailServiceFactory.getMailService();\n mailService.sendEmailUsingTemplate(\n user.email,\n 'on-force-password-change',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n solidAppWebsiteUrl: process.env.SOLID_APP_WEBSITE_URL,\n frontendLoginPageUrl: process.env.IAM_FRONTEND_APP_LOGIN_PAGE_URL,\n email: user.email,\n fullName: user.fullName,\n userName: user.username,\n password: autoGeneratedPwd,\n companyLogoUrl: companyLogo\n },\n this.commonConfiguration.shouldQueueEmails,\n null,\n null,\n 'user',\n user.id\n );\n\n }\n\n async otpInitiateRegistration(signUpDto: OTPSignUpDto) {\n try {\n if (!this.isPasswordlessRegistrationEnabled()) {\n throw new BadRequestException(ERROR_MESSAGES.PASSWORDLESS_REGISTRATION_DISABLED);\n }\n // Validate if either mobile or email is present.\n if (isEmpty(signUpDto.mobile) && isEmpty(signUpDto.email)) {\n throw new BadRequestException(ERROR_MESSAGES.REGISTRATION_REQUIRES_CONTACT);\n }\n if (signUpDto.validationSources.includes(TransactionalRegistrationValidationSource.EMAIL) && isEmpty(signUpDto.email)) {\n throw new BadRequestException(ERROR_MESSAGES.EMAIL_REQUIRED_FOR_VALIDATION);\n }\n if (signUpDto.validationSources.includes(TransactionalRegistrationValidationSource.MOBILE) && isEmpty(signUpDto.mobile)) {\n throw new BadRequestException(ERROR_MESSAGES.MOBILE_REQUIRED_FOR_VALIDATION);\n }\n\n // Validate if user already exists.\n const existingUser = await this.userRepository.findOne({ //TODO Perhaps we should use the user service instead of the repository directly.\n where: [\n { email: signUpDto.email, },\n { mobile: signUpDto.mobile, },\n { username: signUpDto.username, }\n ]\n });\n if (isNotEmpty(existingUser) && existingUser.active) {\n throw new ConflictException(ERROR_MESSAGES.USER_ALREADY_EXISTS);\n }\n const finalRegistrationVerificationSources = this.calculateVerificationSources(this.iamConfiguration.passwordlessRegistrationValidateWhat, signUpDto);\n let user = existingUser\n if (isEmpty(user)) {\n user = this.createUser(signUpDto);\n this.populateVerificationTokens(finalRegistrationVerificationSources, user);\n await this.userRepository.save(user);\n await this.userService.addRoleToUser(user.username, await this.settingService.getConfigValue('defaultRole'));\n }\n else {\n this.populateVerificationTokens(finalRegistrationVerificationSources, user);\n await this.userRepository.save(user);\n }\n\n // Send OTP to the user through email or SMS, depending on the configuration.\n this.notifyUserOnOtpInitiateRegistration(user, finalRegistrationVerificationSources);\n return { message: SUCCESS_MESSAGES.OTP_SENT_SUCCESS_REGISTRATION }\n } catch (err) {\n const pgUniqueViolationErrorCode = '23505';\n if (err.code === pgUniqueViolationErrorCode) {\n throw new ConflictException(ERROR_MESSAGES.USER_ALREADY_EXISTS);\n }\n throw err;\n }\n }\n\n // Create a new user entity.\n private createUser(signUpDto: OTPSignUpDto) {\n const user = new User();\n user.username = signUpDto.username;\n user.email = signUpDto.email;\n user.mobile = signUpDto.mobile;\n user.customPayload = signUpDto.customPayload;\n user.lastLoginProvider = LoginProvider.OTP;\n return user;\n }\n\n private calculateVerificationSources(configuredRegistrationValidationSources: string[], signUpDto: OTPSignUpDto): string[] {\n const finalRegistrationValidationSources = configuredRegistrationValidationSources.filter((source) => source !== RegistrationValidationSource.TRANSACTIONAL);\n if (configuredRegistrationValidationSources.includes(RegistrationValidationSource.TRANSACTIONAL)) {\n finalRegistrationValidationSources.push(...signUpDto.validationSources); // Add the validation sources provided by the user.\n }\n return finalRegistrationValidationSources;\n }\n\n // Generate the validation tokens for the user i.e (system configured + user provided)\n private populateVerificationTokens(finalRegistrationValidationSources: string[], user: User) {\n if (finalRegistrationValidationSources.length === 0) {\n throw new BadRequestException(ERROR_MESSAGES.VALIDATION_SOURCE_REQUIRED);\n }\n if (finalRegistrationValidationSources.includes(TransactionalRegistrationValidationSource.EMAIL)) {\n const { token, expiresAt } = this.otp();\n user.emailVerificationTokenOnRegistration = token;\n user.emailVerificationTokenOnRegistrationExpiresAt = expiresAt;\n if (this.iamConfiguration.autoLoginUserOnRegistration) {\n user.emailVerificationTokenOnLogin = token;\n user.emailVerificationTokenOnLoginExpiresAt = expiresAt;\n }\n }\n if (finalRegistrationValidationSources.includes(TransactionalRegistrationValidationSource.MOBILE)) {\n const { token, expiresAt } = this.otp();\n user.mobileVerificationTokenOnRegistration = token;\n user.mobileVerificationTokenOnRegistrationExpiresAt = expiresAt;\n if (this.iamConfiguration.autoLoginUserOnRegistration) {\n user.mobileVerificationTokenOnLogin = token;\n user.mobileVerificationTokenOnLoginExpiresAt = expiresAt;\n }\n }\n }\n\n private async notifyUserOnOtpInitiateRegistration(user: User, registrationValidationSources: string[]) {\n const companyLogo = await this.getCompanyLogo();\n if (this.iamConfiguration.dummyOtp)\n return; // Do nothing if dummy otp is configured.\n if (registrationValidationSources.includes(RegistrationValidationSource.EMAIL)) {\n const mailService = this.mailServiceFactory.getMailService();\n mailService.sendEmailUsingTemplate(\n user.email,\n 'otp-on-register',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n solidAppWebsiteUrl: process.env.SOLID_APP_WEBSITE_URL,\n firstName: user.username,\n fullName: user.fullName ? user.fullName : user.username,\n emailVerificationTokenOnRegistration: user.emailVerificationTokenOnRegistration,\n companyLogoUrl: companyLogo\n },\n this.commonConfiguration.shouldQueueEmails,\n null,\n null,\n 'user',\n user.id\n );\n }\n if (registrationValidationSources.includes(RegistrationValidationSource.MOBILE)) {\n this.smsService.sendSMSUsingTemplate(\n user.mobile,\n 'otp-on-register',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n otp: user.mobileVerificationTokenOnRegistration,\n mobileVerificationTokenOnRegistration: user.mobileVerificationTokenOnRegistration,\n firstName: user.username,\n fullName: user.fullName ? user.fullName : user.username,\n companyLogoUrl: companyLogo\n }\n );\n }\n }\n\n async otpConfirmRegistration(confirmSignUpDto: OTPConfirmOTPDto) {\n if (!this.isPasswordlessRegistrationEnabled()) {\n throw new BadRequestException(ERROR_MESSAGES.PASSWORDLESS_REGISTRATION_DISABLED);\n }\n\n // Based on the identifier, validate by query the user table.\n if (confirmSignUpDto.type === RegistrationValidationSource.EMAIL) {\n const user = await this.userRepository.findOne({\n where: {\n email: confirmSignUpDto.identifier,\n }\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n if (user.emailVerificationTokenOnRegistration !== confirmSignUpDto.otp) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n if (user.emailVerificationTokenOnRegistrationExpiresAt < new Date()) {\n throw new UnauthorizedException(ERROR_MESSAGES.OTP_EXPIRED);\n }\n user.emailVerifiedOnRegistrationAt = new Date();\n user.emailVerificationTokenOnRegistration = null;\n user.emailVerificationTokenOnRegistrationExpiresAt = null;\n user.active = await this.settingService.getConfigValue('activateUserOnRegistration') && this.areRegistrationValidationSourcesVerified(user);\n const savedUser: User = await this.userRepository.save(user);\n this.triggerRegistrationEvent(savedUser);\n return { active: savedUser.active, message: `User registration verified for ${confirmSignUpDto.type}` }\n } else if (confirmSignUpDto.type === RegistrationValidationSource.MOBILE) {\n const user = await this.userRepository.findOne({\n where: {\n mobile: confirmSignUpDto.identifier,\n }\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n if (user.mobileVerificationTokenOnRegistration !== confirmSignUpDto.otp) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n if (user.mobileVerificationTokenOnRegistrationExpiresAt < new Date()) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n user.mobileVerifiedOnRegistrationAt = new Date();\n user.mobileVerificationTokenOnRegistration = null;\n user.mobileVerificationTokenOnRegistrationExpiresAt = null;\n user.active = await this.settingService.getConfigValue('activateUserOnRegistration') && this.areRegistrationValidationSourcesVerified(user);\n const savedUser: User = await this.userRepository.save(user);\n this.triggerRegistrationEvent(savedUser);\n return { active: savedUser.active, message: `User registration verified for ${confirmSignUpDto.type}` }\n }\n throw new BadRequestException(ERROR_MESSAGES.INVALID_VERIFICATION_TYPE);\n }\n\n private triggerRegistrationEvent(savedUser: User) {\n // Trigger events for user registration.\n const event = new EventDetails<User>(EventType.USER_REGISTERED, savedUser);\n this.eventEmitter.emit(EventType.USER_REGISTERED, event);\n }\n\n areRegistrationValidationSourcesVerified(user: User): boolean {\n const registrationValidationSources = this.iamConfiguration.passwordlessRegistrationValidateWhat;\n if (registrationValidationSources.includes(RegistrationValidationSource.EMAIL)) {\n if (!user.emailVerifiedOnRegistrationAt) {\n return false;\n }\n }\n if (registrationValidationSources.includes(RegistrationValidationSource.MOBILE)) {\n if (!user.mobileVerifiedOnRegistrationAt) {\n return false;\n }\n }\n return true;\n }\n\n private otp(): otp {\n const now = new Date();\n now.setMinutes(now.getMinutes() + this.iamConfiguration.otpExpiry);\n return {\n token: this.iamConfiguration.dummyOtp ? this.iamConfiguration.dummyOtp : randomInt(100000, 999999).toString(),\n expiresAt: now,\n };\n }\n\n async signIn(signInDto: SignInDto) {\n const user = await this.validateUser(signInDto);\n\n // TODO: Unset the password etc...\n const tokens = await this.generateTokens(user);\n\n await this.userActivityHistoryService.logEvent('login', user);\n\n return {\n user: {\n email: user.email,\n mobile: user.mobile,\n username: user.username,\n forcePasswordChange: user.forcePasswordChange,\n id: user.id,\n roles: user.roles.map((role, idx, roles) => role.name)\n },\n ...tokens\n }\n }\n\n async otpInitiateLogin(signInDto: OTPSignInDto) {\n if (!this.isPasswordlessRegistrationEnabled()) {\n throw new BadRequestException(ERROR_MESSAGES.PASSWORDLESS_REGISTRATION_DISABLED);\n }\n\n // Validate & generate otp token for the user based on the identifier type.\n if (signInDto.type === RegistrationValidationSource.EMAIL) {\n const user = await this.userRepository.findOne({\n where: {\n email: signInDto.identifier,\n }\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n if (!user.active) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_INACTIVE);\n }\n const { token, expiresAt } = this.otp();\n user.emailVerificationTokenOnLogin = token;\n user.emailVerificationTokenOnLoginExpiresAt = expiresAt;\n await this.userRepository.save(user);\n this.notifyUserOnOtpInititateLogin(user, RegistrationValidationSource.EMAIL);\n } else if (signInDto.type === RegistrationValidationSource.MOBILE) {\n const user = await this.userRepository.findOne({\n where: {\n mobile: signInDto.identifier,\n }\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n\n const { token, expiresAt } = this.otp();\n user.mobileVerificationTokenOnLogin = token;\n user.mobileVerificationTokenOnLoginExpiresAt = expiresAt;\n await this.userRepository.save(user);\n this.notifyUserOnOtpInititateLogin(user, RegistrationValidationSource.MOBILE);\n }\n else {\n throw new BadRequestException(ERROR_MESSAGES.INVALID_VERIFICATION_TYPE);\n }\n return { message: SUCCESS_MESSAGES.OTP_SENT_SUCCESS_LOGIN };\n }\n\n private async notifyUserOnOtpInititateLogin(user: User, loginType: RegistrationValidationSource) {\n const companyLogo = await this.getCompanyLogo();\n\n if (this.iamConfiguration.dummyOtp)\n return; // Do nothing if dummy otp is configured.\n if (loginType === RegistrationValidationSource.EMAIL) {\n const mailService = this.mailServiceFactory.getMailService();\n mailService.sendEmailUsingTemplate(\n user.email,\n 'otp-on-login',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n solidAppWebsiteUrl: process.env.SOLID_APP_WEBSITE_URL,\n firstName: user.username,\n emailVerificationTokenOnLogin: user.emailVerificationTokenOnLogin,\n fullName: user.fullName ? user.fullName : user.username,\n companyLogoUrl: companyLogo\n },\n this.commonConfiguration.shouldQueueEmails,\n null,\n null,\n 'user',\n user.id\n );\n }\n if (loginType === RegistrationValidationSource.MOBILE) {\n this.smsService.sendSMSUsingTemplate(\n user.mobile,\n 'otp-on-login',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n otp: user.mobileVerificationTokenOnLogin,\n mobileVerificationTokenOnLogin: user.mobileVerificationTokenOnLogin,\n firstName: user.username,\n fullName: user.fullName ? user.fullName : user.username,\n companyLogoUrl: companyLogo\n }\n );\n }\n }\n\n async otpConfirmLogin(confirmSignInDto: OTPConfirmOTPDto) {\n if (!this.isPasswordlessRegistrationEnabled()) {\n throw new BadRequestException(ERROR_MESSAGES.PASSWORDLESS_REGISTRATION_DISABLED);\n }\n if (confirmSignInDto.type === RegistrationValidationSource.EMAIL) {\n const user = await this.userRepository.findOne({\n where: {\n email: confirmSignInDto.identifier,\n },\n relations: ['roles']\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n if (!user.active) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_INACTIVE);\n }\n if (user.emailVerificationTokenOnLogin !== confirmSignInDto.otp) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n if (user.emailVerificationTokenOnLoginExpiresAt < new Date()) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n user.emailVerifiedOnLoginAt = new Date();\n user.emailVerificationTokenOnLogin = null;\n user.emailVerificationTokenOnLoginExpiresAt = null;\n await this.userRepository.save(user);\n const { accessToken, refreshToken } = await this.generateTokens(user);\n const { id, username, email, mobile, lastLoginProvider } = user;\n const roles = user.roles.map((role) => role.name);\n return { accessToken, refreshToken, user: { id, username, email, mobile, lastLoginProvider, roles } };\n } else if (confirmSignInDto.type === RegistrationValidationSource.MOBILE) {\n const user = await this.userRepository.findOne({\n where: {\n mobile: confirmSignInDto.identifier,\n },\n relations: ['roles']\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_ACTIVE);\n }\n if (!user.active) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_INACTIVE);\n }\n if (user.mobileVerificationTokenOnLogin !== confirmSignInDto.otp) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n if (user.mobileVerificationTokenOnLoginExpiresAt < new Date()) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n user.mobileVerifiedOnLoginAt = new Date();\n user.mobileVerificationTokenOnLogin = null;\n user.mobileVerificationTokenOnLoginExpiresAt = null;\n await this.userRepository.save(user);\n const { accessToken, refreshToken } = await this.generateTokens(user);\n const { id, username, email, mobile, lastLoginProvider } = user;\n const roles = user.roles.map((role) => role.name);\n return { accessToken, refreshToken, user: { id, username, email, mobile, lastLoginProvider, roles } };\n\n }\n throw new BadRequestException(ERROR_MESSAGES.INVALID_VERIFICATION_TYPE);\n }\n\n async changePassword(changePasswordDto: ChangePasswordDto, activeUser: ActiveUserData) {\n const user = await this.userRepository.findOne({\n where: { id: changePasswordDto.id }\n });\n if (!user) {\n throw new NotFoundException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n\n if (!user.active) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_INACTIVE);\n }\n\n // 2. Validate if user has used a provider which is \"local\", only then it makes sense for us to initiate the forgot password routine.\n if (user.lastLoginProvider !== 'local') {\n throw new BadRequestException(ERROR_MESSAGES.NON_LOCAL_PROVIDER);\n }\n\n // Check if ID's match\n if (!(user.id === activeUser.sub)) {\n throw new BadRequestException(ERROR_MESSAGES.USER_ID_MISMATCH);\n }\n\n // Check if username's match\n if (!(user.username === activeUser.username)) {\n throw new BadRequestException(ERROR_MESSAGES.USERNAME_MISMATCH);\n }\n\n // Check if old password is matching.\n const isEqual = await this.hashingService.compare(\n changePasswordDto.currentPassword,\n user.password,\n );\n if (!isEqual) {\n throw new UnauthorizedException(ERROR_MESSAGES.INCORRECT_CURRENT_PASSWORD);\n }\n\n // Update Password\n const newPwd = await this.hashingService.hash(changePasswordDto.newPassword);\n user.password = changePasswordDto.newPassword;\n\n // Everytime the user changes the password we reset the forcePasswordChange flag back to false. \n user.forcePasswordChange = false;\n\n if (await this.isPasswordDuplicate(user)) {\n throw new BadRequestException(ERROR_MESSAGES.PASSWORD_REUSED);\n }\n await this.deleteOldPasswords(user);\n\n user.password = newPwd;\n const userPasswordHistory = new UserPasswordHistory();\n userPasswordHistory.passwordHash = newPwd;\n userPasswordHistory.user = user;\n\n await this.userRepository.save(user);\n await this.userPasswordHistoryRepository.save(userPasswordHistory);\n\n return true;\n }\n\n // generate uuid token for forgot password\n private generateForgotPasswordToken() {\n const expiryTime = new Date();\n expiryTime.setMinutes(expiryTime.getMinutes() + this.iamConfiguration.forgotPasswordVerificationTokenExpiry);\n\n return {\n token: this.iamConfiguration.dummyOtp\n ? this.iamConfiguration.dummyOtp\n : uuidv4(), // UUID instead of numeric OTP\n expiresAt: expiryTime,\n };\n }\n\n async initiateForgotPassword(initiateForgotPasswordDto: InitiateForgotPasswordDto) {\n // Steps / Algorithm: \n // 1. Identify the user using the specified \"username\", if not found exit.\n // const user = await this.userRepository.findOne({\n // where: { username: initiateForgotPasswordDto.username, }\n // });\n const user = await this.resolveUser(initiateForgotPasswordDto.username, initiateForgotPasswordDto.email);\n\n let isValidUser = true // Instead of throwing exceptions we will simply return success message, this is to avoid user enumeration attacks.\n if (!user) {\n isValidUser = false \n // throw new NotFoundException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n if (isValidUser && !user?.active) {\n isValidUser = false\n // throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n\n // 2. Validate if user has used a provider which is \"local\", only then it makes sense for us to initiate the forgot password routine. \n if (isValidUser && user?.lastLoginProvider !== 'local') {\n isValidUser = false\n // throw new BadRequestException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n\n // 3. Generate a 6 digit validation token, we send this token to the user over their email & mobile number (controlled using configuration).\n // 4. Save this validation token in new fields on the user record. \n if (isValidUser) {\n const { token, expiresAt } = this.generateForgotPasswordToken();\n user.verificationTokenOnForgotPassword = token;\n user.verificationTokenOnForgotPasswordExpiresAt = expiresAt;\n await this.userRepository.save(user);\n this.notifyUserOnForgotPassword(user);\n }\n\n // 5. Return. \n return {\n status: 'success',\n message: SUCCESS_MESSAGES.FORGOT_PASSWORD_TOKEN_SENT,\n error: '',\n errorCode: '',\n data: {\n user: {\n email: user?.email,\n // mobile: user.mobile,\n // username: user.username,\n },\n }\n }\n }\n\n private async notifyUserOnForgotPassword(user: User) {\n const companyLogo = await this.getCompanyLogo();\n\n const forgotPasswordSendVerificationTokenOn = this.iamConfiguration.forgotPasswordSendVerificationTokenOn;\n\n if (forgotPasswordSendVerificationTokenOn == ForgotPasswordSendVerificationTokenOn.EMAIL) {\n const mailService = this.mailServiceFactory.getMailService();\n mailService.sendEmailUsingTemplate(\n user.email,\n 'forgot-password',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n solidAppWebsiteUrl: process.env.SOLID_APP_WEBSITE_URL,\n firstName: user.username,\n fullName: user.fullName,\n // TODO: Need to prefix this with the page url where the forgot password page will open up.\n passwordResetLink: `${process.env.IAM_FRONTEND_APP_FORGOT_PASSWORD_PAGE_URL}?token=${user.verificationTokenOnForgotPassword}`,\n companyLogoUrl: companyLogo\n },\n this.commonConfiguration.shouldQueueEmails,\n null,\n null,\n 'user',\n user.id\n );\n }\n // Assuming all users do not have mobile as mandatory.\n if (forgotPasswordSendVerificationTokenOn == ForgotPasswordSendVerificationTokenOn.MOBILE && user.mobile) {\n this.smsService.sendSMSUsingTemplate(\n user.mobile,\n 'forgot-password',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n otp: user.verificationTokenOnForgotPassword,\n verificationTokenOnForgotPassword: user.verificationTokenOnForgotPassword,\n firstName: user.username,\n companyLogoUrl: companyLogo\n }\n );\n }\n }\n\n async confirmForgotPassword(confirmForgotPasswordDto: ConfirmForgotPasswordDto) {\n return this.dataSource.transaction(async (m) => {\n // Resolve the user id first (by username/email), but DON'T check the token in JS.\n const user = await this.resolveUserByVerificationToken(confirmForgotPasswordDto.verificationToken);\n if (!user) throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n if (user.lastLoginProvider !== 'local') throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n if (!user.active) throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n\n // 1) Atomically consume the token (only one request can succeed)\n const { affected } = await m\n .createQueryBuilder()\n .update(User)\n .set({\n forgotPasswordConfirmedAt: () => 'NOW()',\n verificationTokenOnForgotPassword: () => 'NULL',\n verificationTokenOnForgotPasswordExpiresAt: () => 'NULL',\n })\n .where('id = :id', { id: user.id })\n .andWhere('verificationTokenOnForgotPassword = :token', { token: confirmForgotPasswordDto.verificationToken })\n .andWhere('verificationTokenOnForgotPasswordExpiresAt > NOW()')\n .execute();\n\n if (affected !== 1) {\n // Token invalid/expired/already used (or a parallel call already consumed it)\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n\n // 2) Now update the password & history (still inside the same transaction)\n const pwdHash = await this.hashingService.hash(confirmForgotPasswordDto.password);\n\n // Avoid ever assigning plaintext:\n // user.password = dto.password <-- remove this line in your original code\n\n // Check reuse with your existing method (ensure it looks at hashes).\n const tempUser = { ...user, password: pwdHash } as User; // if your helper expects it\n if (await this.isPasswordDuplicate(tempUser)) {\n throw new BadRequestException(ERROR_MESSAGES.PASSWORD_REUSED);\n }\n\n await this.deleteOldPasswords(user);\n\n await m.getRepository(User).update({ id: user.id }, { password: pwdHash });\n\n const history = m.getRepository(UserPasswordHistory).create({\n user: { id: user.id } as any,\n passwordHash: pwdHash,\n });\n await m.getRepository(UserPasswordHistory).save(history);\n this.notifyUserOnPasswordChanged(user);\n\n return {\n status: 'success',\n message: SUCCESS_MESSAGES.FORGOT_PASSWORD_CONFIRMED,\n error: '',\n errorCode: '',\n data: {},\n };\n });\n }\n\n private async notifyUserOnPasswordChanged(user: User) {\n const companyLogo = await this.getCompanyLogo();\n\n const forgotPasswordSendVerificationTokenOn = this.iamConfiguration.forgotPasswordSendVerificationTokenOn;\n\n if (forgotPasswordSendVerificationTokenOn == ForgotPasswordSendVerificationTokenOn.EMAIL) {\n const mailService = this.mailServiceFactory.getMailService();\n mailService.sendEmailUsingTemplate(\n user.email,\n 'password-changed',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n solidAppWebsiteUrl: process.env.SOLID_APP_WEBSITE_URL,\n email: user.email,\n firstName: user.username,\n fullName: user.fullName,\n // TODO: Need to prefix this with the page url where the forgot password page will open up.\n passwordResetLink: `${process.env.IAM_FRONTEND_APP_FORGOT_PASSWORD_PAGE_URL}?token=${user.verificationTokenOnForgotPassword}`,\n companyLogoUrl: companyLogo\n },\n this.commonConfiguration.shouldQueueEmails,\n null,\n null,\n 'user',\n user.id\n );\n }\n // Assuming all users do not have mobile as mandatory.\n if (forgotPasswordSendVerificationTokenOn == ForgotPasswordSendVerificationTokenOn.MOBILE && user.mobile) {\n this.smsService.sendSMSUsingTemplate(\n user.mobile,\n 'forgot-password',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n otp: user.verificationTokenOnForgotPassword,\n verificationTokenOnForgotPassword: user.verificationTokenOnForgotPassword,\n firstName: user.username,\n companyLogoUrl: companyLogo\n }\n );\n }\n }\n\n // async confirmForgotPassword(confirmForgotPasswordDto: ConfirmForgotPasswordDto) {\n // // Steps / Algorithm: \n // // 1. Identify the user using the specified \"username\", if not found exit.\n // // const user = await this.userRepository.findOne({\n // // where: { username: confirmForgotPasswordDto.username, }\n // // });\n // const user = await this.resolveUserByVerificationToken(confirmForgotPasswordDto.verificationToken);\n\n // if (!user) {\n // throw new NotFoundException(ERROR_MESSAGES.USER_NOT_FOUND);\n // }\n\n // // 2. Validate if user has used a provider which is \"local\", only then it makes sense for us to initiate the forgot password routine. \n // if (user.lastLoginProvider !== 'local') {\n // throw new BadRequestException(ERROR_MESSAGES.NON_LOCAL_PROVIDER);\n // }\n // if (!user.active) {\n // throw new UnauthorizedException(ERROR_MESSAGES.USER_INACTIVE);\n // }\n\n // // 3. Validate the verification token is proper & update the user record. \n // if (user.verificationTokenOnForgotPassword !== confirmForgotPasswordDto.verificationToken) {\n // throw new UnauthorizedException(ERROR_MESSAGES.INVALID_VERIFICATION_TOKEN);\n // }\n // if (user.verificationTokenOnForgotPasswordExpiresAt < new Date()) {\n // throw new UnauthorizedException(ERROR_MESSAGES.INVALID_VERIFICATION_TOKEN);\n // }\n // user.forgotPasswordConfirmedAt = new Date();\n // user.verificationTokenOnForgotPassword = null;\n // user.verificationTokenOnForgotPasswordExpiresAt = null;\n\n // // 4. Update the users password while encrypting it.\n // const pwd = await this.hashingService.hash(confirmForgotPasswordDto.password);\n // user.password = confirmForgotPasswordDto.password\n\n // if (await this.isPasswordDuplicate(user)) {\n // throw new BadRequestException(ERROR_MESSAGES.PASSWORD_REUSED);\n // }\n // await this.deleteOldPasswords(user);\n\n // user.password = pwd;\n // const userPasswordHistory = new UserPasswordHistory();\n // userPasswordHistory.passwordHash = pwd;\n // userPasswordHistory.user = user;\n\n // await this.userRepository.save(user);\n // //FIXME: Do this check conditionally, basis a configuration parameter i.e if IAM_ALLOW_PREVIOUS_PASSWORDS=false, default true\n // await this.userPasswordHistoryRepository.save(userPasswordHistory);\n\n // return {\n // status: 'success',\n // message: SUCCESS_MESSAGES.FORGOT_PASSWORD_CONFIRMED,\n // error: '',\n // errorCode: '',\n // data: {}\n // }\n // }\n\n //FIXME: Do this check conditionally, basis a configuration parameter i.e if IAM_ALLOW_PREVIOUS_PASSWORDS=true, return immediately without processing, i.e false.\n private async isPasswordDuplicate(user: User) {\n const userPwdHistoryEntityArray = await this.userPasswordHistoryRepository.findBy(\n { user: { id: user.id } }\n )\n let userPwdHistoryArray = [];\n // O(n)\n for (const entity of userPwdHistoryEntityArray) {\n userPwdHistoryArray.push(entity.passwordHash);\n }\n // O(n)\n for (const pwdHash of userPwdHistoryArray) {\n const isEqual = await this.hashingService.compare(user.password, pwdHash);\n if (isEqual) {\n return true;\n }\n }\n return false;\n }\n\n //FIXME: Do this check conditionally, basis a configuration parameter i.e if IAM_ALLOW_PREVIOUS_PASSWORDS=true, return immediately without processing\n private async deleteOldPasswords(user: User) {\n const userPwdHistoryArray = await this.userPasswordHistoryRepository.findBy(\n { user: { id: user.id } }\n )\n const pwdLimit = 2; //FIXME: Should this be moved into the env? IAM_PREVIOUS_PASSWORDS_LIMIT\n\n // TODO: Check what slice() or splice() does.\n //FIXME - Delete passwords which are older than the latest n passwords. n is configurable\n if (userPwdHistoryArray.length >= pwdLimit) {\n const numToDelete = pwdLimit + 1 - userPwdHistoryArray.length;\n for (let i = 0; i < numToDelete; i++) {\n await this.userPasswordHistoryRepository.remove(userPwdHistoryArray[i]);\n }\n }\n }\n\n async generateTokens(user: User) {\n\n const [accessToken, refreshToken] = await Promise.all([\n this.generateAccessToken(user),\n this.generateRefreshToken(user),\n ]);\n\n return {\n accessToken,\n refreshToken,\n };\n }\n\n async generateAccessToken(user: User) {\n\n // const userRoleNames = user.roles.map((role) => role.name).join(';')\n const userRoleNames = user.roles.map((role) => role.name);\n\n const accessToken = await this.signToken<Partial<ActiveUserData>>(\n user.id,\n this.jwtConfiguration.accessTokenTtl,\n { username: user.username, email: user.email, roles: userRoleNames },\n );\n\n return accessToken;\n }\n\n async generateRefreshToken(user: User) {\n const refreshTokenId = randomUUID();\n\n const refreshToken = await this.signToken(user.id, this.jwtConfiguration.refreshTokenTtl, {\n refreshTokenId,\n })\n\n // store the refresh token id in the redis storage.\n await this.refreshTokenIdsStorage.insert(user.id, refreshToken);\n\n return refreshToken;\n }\n\n async refreshTokens(refreshTokenDto: RefreshTokenDto) {\n try {\n const { sub, refreshTokenId } = await this.jwtService.verifyAsync<Pick<ActiveUserData, 'sub'> & { refreshTokenId: string }>(refreshTokenDto.refreshToken, {\n secret: this.jwtConfiguration.secret,\n audience: this.jwtConfiguration.audience,\n issuer: this.jwtConfiguration.issuer,\n });\n // const user = await this.userRepository.findOneByOrFail({ id: sub });\n const user = await this.userRepository.findOne({\n where: {\n id: sub,\n },\n relations: {\n roles: true\n }\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.SESSION_INVALID);\n }\n\n // TODO: Replace the if else condition below with a call to validateAndRotate - Done\n // const isValid = await this.refreshTokenIdsStorage.validate(user.id, refreshTokenId);\n // if (isValid) {\n // // Refresh token rotation.\n // await this.refreshTokenIdsStorage.invalidate(user.id);\n // } else {\n // throw new Error('Refresh token is invalid');\n // }\n\n const currentRefreshToken = await this.refreshTokenIdsStorage.validateAndRotate(user, refreshTokenDto.refreshToken);\n\n await this.userActivityHistoryService.logEvent('tokenRefreshed', user);\n\n return {\n accessToken: await this.generateAccessToken(user),\n refreshToken: currentRefreshToken,\n };\n } catch (err) {\n if (err instanceof InvalidatedRefreshTokenError) {\n // Take action: notify user that his refresh token might have been stolen?\n throw new UnauthorizedException(ERROR_MESSAGES.ACCESS_DENIED);\n }\n\n throw new UnauthorizedException(ERROR_MESSAGES.SESSION_EXPIRED);\n }\n }\n\n private async signToken<T>(userId: number, expiresIn: number, payload?: T) {\n return await this.jwtService.signAsync(\n {\n sub: userId,\n ...payload,\n },\n {\n audience: this.jwtConfiguration.audience,\n issuer: this.jwtConfiguration.issuer,\n secret: this.jwtConfiguration.secret,\n expiresIn,\n },\n );\n }\n\n // PROVIDER SPECIFIC CODE\n async validateUserUsingGoogle(user: User) {\n try {\n // Make API call to Google OAuth service to fetch user profile\n const response = await this.httpService.axiosRef.get(`https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=${user.googleAccessToken}`);\n const userProfile = response.data;\n\n // Ensure the fetched profile email & provider Id match the ones we have stored in the database earlier. \n if (userProfile.email === user.email && userProfile.id === user.googleId) {\n // TODO: remove the access code both from the database.\n return userProfile;\n } else {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_USER_PROFILE);\n }\n } catch (error) {\n throw new UnauthorizedException(ERROR_MESSAGES.GOOGLE_OAUTH_PROFILE_FETCH_FAILED);\n }\n }\n\n async signInUsingGoogle(accessCode: string) {\n const user = await this.userRepository.findOne({\n where: {\n accessCode: accessCode\n },\n relations: {\n roles: true\n }\n });\n\n // Validate the user against the Google oauth provider. \n // If the below call finishes without raising an exception then we have validated the user properly.\n await this.validateUserUsingGoogle(user);\n\n // finally we simply generate the tokens. \n const tokens = await this.generateTokens(user);\n return {\n user: {\n email: user.email,\n mobile: user.mobile,\n username: user.username,\n // forcePasswordChange: user.forcePasswordChange,\n id: user.id,\n roles: user.roles.map((role, idx, roles) => role.name)\n },\n ...tokens\n }\n\n }\n\n private async isPasswordlessRegistrationEnabled() {\n return this.settingService.getConfigValue('passwordlessRegistration');\n }\n\n //FIXME - Pending implementation\n // async logout() {\n // // const user = this.request.user; //TODO: // Access the user from the execution context\n\n // // Invalidate the refresh token\n // // await this.refreshTokenIdsStorage.invalidate(user.id);\n // }\n async logout() {\n try {\n const activeUser = this.requestContextService.getActiveUser();\n const userId = activeUser?.sub;\n const user = await this.userRepository.findOne({\n where: {\n id: userId,\n }\n })\n // Invalidate refresh token if you store them\n await this.refreshTokenIdsStorage.invalidate(userId); // ← Your existing logic\n\n // Log logout event\n await this.userActivityHistoryService.logEvent('logout', user);\n\n\n return { message: SUCCESS_MESSAGES.LOGOUT_SUCCESS };\n } catch (err) {\n throw err instanceof UnauthorizedException || err instanceof InternalServerErrorException\n ? err\n : new InternalServerErrorException(ERROR_MESSAGES.LOGOUT_FAILED);\n }\n }\n\n\n async activateUser(userId: number) {\n const user = await this.userService.findOne(userId, {});\n if (!user) {\n throw new NotFoundException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n user.active = true;\n await this.userRepository.save(user);\n }\n\n async me(activeUser: ActiveUserData) {\n const user = await this.userRepository.findOne({\n where: {\n id: activeUser.sub,\n },\n relations: {\n roles: true\n }\n });\n const tokens = await this.generateTokens(user);\n\n const response = {\n user: {\n email: user.email,\n mobile: user.mobile,\n username: user.username,\n // forcePasswordChange: user.forcePasswordChange,\n id: user.id,\n roles: user.roles.map((role, idx, roles) => role.name)\n },\n ...tokens\n }\n return response;\n }\n\n}\n\nfunction parseUniqueConstraintError(detail: string): string {\n const match = detail.match(/Key \\(([^)]+)\\)=\\(([^)]+)\\) already exists\\./);\n if (match) {\n const field = match[1];\n const value = match[2];\n const fieldMap: Record<string, string> = {\n username: 'username',\n email: 'email address',\n full_name_user_key: 'full name',\n };\n const friendlyField = fieldMap[field] || field;\n return `A user with ${friendlyField} \"${value}\" already exists.`;\n }\n return detail;\n}\n"]}
1
+ {"version":3,"file":"authentication.service.js","sourceRoot":"","sources":["../../src/services/authentication.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA,yCAA4C;AAC5C,2CASwB;AAExB,yDAAsD;AACtD,qCAAyC;AACzC,6CAAqE;AACrE,qDAAsD;AACtD,mCAA+C;AAE/C,2DAAmE;AACnE,qCAAiD;AACjD,qDAA4D;AAU5D,yDAA+C;AAE/C,uDAAmD;AACnD,2FAAkH;AAClH,iDAA6C;AAC7C,8CAA+D;AAC/D,4CAIsB;AACtB,uDAAmD;AAEnD,mEAA8D;AAC9D,4EAAoD;AACpD,mFAA6E;AAC7E,uEAAkE;AAClE,gEAA8D;AAC9D,oEAAkE;AAClE,4DAAyD;AACzD,+BAAoC;AAEpC,IAAK,aAIJ;AAJD,WAAK,aAAa;IACd,gCAAe,CAAA;IACf,kCAAiB,CAAA;IACjB,4BAAW,CAAA;AACf,CAAC,EAJI,aAAa,KAAb,aAAa,QAIjB;AAQM,IAAM,qBAAqB,6BAA3B,MAAM,qBAAqB;IAG9B,YACqB,WAAwB,EACjB,cAAiD,EACxD,cAA8B,EAC9B,UAAsB,EAEvC,gBAA+D,EAE/D,gBAA+D,EAC9C,sBAAqD,EACrD,WAAwB,EAExB,kBAA+B,EAC/B,UAA2B,EAC3B,YAA2B,EAC3B,cAA8B,EAC9B,mBAAwC,EAEzD,mBAAqE,EACpD,0BAAsD,EACtD,qBAA4C,EAE7D,UAAuC;QArBtB,gBAAW,GAAX,WAAW,CAAa;QACA,mBAAc,GAAd,cAAc,CAAkB;QACxD,mBAAc,GAAd,cAAc,CAAgB;QAC9B,eAAU,GAAV,UAAU,CAAY;QAEtB,qBAAgB,GAAhB,gBAAgB,CAA8B;QAE9C,qBAAgB,GAAhB,gBAAgB,CAA8B;QAC9C,2BAAsB,GAAtB,sBAAsB,CAA+B;QACrD,gBAAW,GAAX,WAAW,CAAa;QAExB,uBAAkB,GAAlB,kBAAkB,CAAa;QAC/B,eAAU,GAAV,UAAU,CAAiB;QAC3B,iBAAY,GAAZ,YAAY,CAAe;QAC3B,mBAAc,GAAd,cAAc,CAAgB;QAC9B,wBAAmB,GAAnB,mBAAmB,CAAqB;QAExC,wBAAmB,GAAnB,mBAAmB,CAAiC;QACpD,+BAA0B,GAA1B,0BAA0B,CAA4B;QACtD,0BAAqB,GAArB,qBAAqB,CAAuB;QAE5C,eAAU,GAAV,UAAU,CAAY;QAxB1B,WAAM,GAAG,IAAI,eAAM,CAAC,uBAAqB,CAAC,IAAI,CAAC,CAAC;IA2BjE,CAAC;IAEO,KAAK,CAAC,SAAS,CAAC,GAAW;QAC/B,OAAO,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;IACnD,CAAC;IAEO,KAAK,CAAC,cAAc;QACxB,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC;IACnE,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,QAAgB,EAAE,KAAa;QAC7C,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YACrC,KAAK,EAAE;gBACH,EAAE,QAAQ,EAAE,QAAQ,EAAE;gBACtB,EAAE,KAAK,EAAE,KAAK,EAAE;aACnB;YACD,SAAS,EAAE;gBACP,KAAK,EAAE,IAAI;aACd;SACJ,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,8BAA8B,CAAC,KAAa;QAC9C,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YACrC,KAAK,EAAE,EAAE,iCAAiC,EAAE,KAAK,EAAE;YACnD,SAAS,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE;SAC7B,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,SAAoB;QAEnC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAEzE,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACf,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,eAAe,CAAC,CAAC;QACpE,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAC7C,SAAS,CAAC,QAAQ,EAClB,IAAI,CAAC,QAAQ,CAChB,CAAC;QACF,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;QACxE,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,SAAoB,EAAE,aAA6B,IAAI;QAEhE,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,yBAAyB,CAAC,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACxF,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,4BAA4B,CAAC,CAAC;QAC/E,CAAC;QAED,IAAI,CAAC;YACD,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,iCAAiC,CAAC,CAAC;YACtF,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,gBAAgB,EAAE,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,kBAAI,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,gBAAgB,CAAC,0BAA0B,EAAE,qBAAqB,CAAC,CAAC;YACnK,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAEvD,MAAM,SAAS,GAAG,SAAS,CAAC,KAAK,IAAI,EAAE,CAAC;YACxC,IAAI,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,CAAC;gBACpC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;YACtD,CAAC;YACD,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC;YAIzE,OAAO,SAAS,CAAC;QACrB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,0BAA0B,GAAG,OAAO,CAAC;YAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;gBAC1C,MAAM,IAAI,0BAAiB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YACpE,CAAC;YACD,MAAM,GAAG,CAAC;QACd,CAAC;IACL,CAAC;IAED,KAAK,CAAC,sBAAsB,CAA0C,SAAoB,EAAE,gBAAmB,EAAE,iBAAgC;QAC7I,IAAI,CAAC;YACD,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,iCAAiC,CAAC,CAAC;YAGtF,MAAM,aAAa,GAAG,iBAAiB,CAAC,KAAK,CAAC,iBAAiB,CAAC,MAAM,EAAO,EAAE,gBAAgB,CAAC,CAAC;YACjG,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,gBAAgB,EAAE,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAI,aAAa,EAAE,SAAS,EAAE,IAAI,EAAE,qBAAqB,CAAC,CAAC;YAC7H,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAErD,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC;YAE/E,OAAO,SAAS,CAAC;QACrB,CAAC;QACD,OAAO,GAAG,EAAE,CAAC;YACT,MAAM,0BAA0B,GAAG,OAAO,CAAC;YAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;gBAC1C,MAAM,IAAI,0BAAiB,CAAC,0BAA0B,CAAC,GAAG,CAAC,MAAM,IAAI,+BAAc,CAAC,2BAA2B,CAAC,CAAC,CAAC;YACtH,CAAC;YACD,MAAM,GAAG,CAAC;QACd,CAAC;IACL,CAAC;IAGO,KAAK,CAAC,iBAAiB,CAAiB,IAAO,EAAE,SAAoB,EAAE,eAAwB,IAAI,EAAE,qBAA+B;QAExI,IAAI,0BAA0B,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,0BAA0B,CAAC,CAAC;QACtG,IAAI,SAAS,CAAC,KAAK,IAAI,SAAS,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC9C,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBACpC,MAAM,IAAI,CAAC,mBAAmB,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAC5D,CAAC;QACL,CAAC;QACD,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC;QACnC,IAAI,CAAC,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC;QAC7B,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC;QACnC,IAAI,CAAC,mBAAmB,GAAG,qBAAqB,CAAC;QACjD,IAAI,SAAS,CAAC,MAAM,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC;QACnC,CAAC;QAID,IAAI,GAAG,GAAG,EAAE,CAAC;QACb,IAAI,gBAAgB,GAAG,EAAE,CAAC;QAG1B,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;YACrB,GAAG,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC7D,CAAC;aAEI,CAAC;YAEF,IAAI,0BAA0B,EAAE,QAAQ,EAAE,CAAC,WAAW,EAAE,KAAK,MAAM,EAAE,CAAC;gBAClE,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBAC3C,GAAG,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBACvD,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC;YACpC,CAAC;iBAEI,CAAC;gBAGF,IAAI,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,CAAC;oBAC5C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sHAAsH,CAAC,CAAC;oBAC1I,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,kCAAkC,CAAC,CAAC;gBACrF,CAAC;gBAGD,GAAG,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAC9C,CAAC;QACL,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC;QACpB,IAAI,CAAC,MAAM,GAAG,YAAY,CAAC;QAC3B,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,gBAAgB,EAAE,CAAC;IAC3C,CAAC;IAGO,KAAK,CAAC,gBAAgB,CAAC,IAAU,EAAE,QAAkB,EAAE,EAAE,GAAW,EAAE,gBAAwB;QAClG,MAAM,IAAI,CAAC,WAAW,CAAC,yBAAyB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAI9D,IAAI,IAAI,CAAC,mBAAmB,IAAI,gBAAgB,EAAE,CAAC;YAC/C,IAAI,CAAC,+BAA+B,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;QACjE,CAAC;IACL,CAAC;IAGD,gBAAgB,CAAC,SAAiB,CAAC;QAC/B,MAAM,SAAS,GAAG,4BAA4B,CAAC;QAC/C,MAAM,SAAS,GAAG,4BAA4B,CAAC;QAC/C,MAAM,OAAO,GAAG,YAAY,CAAC;QAC7B,MAAM,YAAY,GAAG,KAAK,CAAC;QAC3B,MAAM,QAAQ,GAAG,SAAS,GAAG,SAAS,GAAG,OAAO,GAAG,YAAY,CAAC;QAEhE,IAAI,QAAQ,GAAG,EAAE,CAAC;QAElB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC9B,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;YAChE,QAAQ,IAAI,QAAQ,CAAC,WAAW,CAAC,CAAC;QACtC,CAAC;QAED,OAAO,QAAQ,CAAC;IACpB,CAAC;IAEO,KAAK,CAAC,+BAA+B,CAAC,IAAU,EAAE,gBAAwB;QAC9E,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAChD,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,CAAC;QAC7D,WAAW,CAAC,sBAAsB,CAC9B,IAAI,CAAC,KAAK,EACV,0BAA0B,EAC1B;YACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;YACxC,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;YACrD,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,+BAA+B;YACjE,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,gBAAgB;YAC1B,cAAc,EAAE,WAAW;SAC9B,EACD,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAC1C,IAAI,EACJ,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,EAAE,CACV,CAAC;IAEN,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,SAAuB;QACjD,IAAI,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,CAAC;gBAC5C,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,kCAAkC,CAAC,CAAC;YACrF,CAAC;YAED,IAAI,IAAA,yBAAO,EAAC,SAAS,CAAC,MAAM,CAAC,IAAI,IAAA,yBAAO,EAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;gBACxD,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,6BAA6B,CAAC,CAAC;YAChF,CAAC;YACD,IAAI,SAAS,CAAC,iBAAiB,CAAC,QAAQ,CAAC,qDAAyC,CAAC,KAAK,CAAC,IAAI,IAAA,yBAAO,EAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;gBACpH,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,6BAA6B,CAAC,CAAC;YAChF,CAAC;YACD,IAAI,SAAS,CAAC,iBAAiB,CAAC,QAAQ,CAAC,qDAAyC,CAAC,MAAM,CAAC,IAAI,IAAA,yBAAO,EAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;gBACtH,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,8BAA8B,CAAC,CAAC;YACjF,CAAC;YAGD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBACnD,KAAK,EAAE;oBACH,EAAE,KAAK,EAAE,SAAS,CAAC,KAAK,GAAG;oBAC3B,EAAE,MAAM,EAAE,SAAS,CAAC,MAAM,GAAG;oBAC7B,EAAE,QAAQ,EAAE,SAAS,CAAC,QAAQ,GAAG;iBACpC;aACJ,CAAC,CAAC;YACH,IAAI,IAAA,4BAAU,EAAC,YAAY,CAAC,IAAI,YAAY,CAAC,MAAM,EAAE,CAAC;gBAClD,MAAM,IAAI,0BAAiB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YACpE,CAAC;YACD,MAAM,oCAAoC,GAAG,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,gBAAgB,CAAC,oCAAoC,EAAE,SAAS,CAAC,CAAC;YACtJ,IAAI,IAAI,GAAG,YAAY,CAAA;YACvB,IAAI,IAAA,yBAAO,EAAC,IAAI,CAAC,EAAE,CAAC;gBAChB,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;gBAClC,IAAI,CAAC,0BAA0B,CAAC,oCAAoC,EAAE,IAAI,CAAC,CAAC;gBAC5E,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrC,MAAM,IAAI,CAAC,WAAW,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,CAAC;YACjH,CAAC;iBACI,CAAC;gBACF,IAAI,CAAC,0BAA0B,CAAC,oCAAoC,EAAE,IAAI,CAAC,CAAC;gBAC5E,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACzC,CAAC;YAGD,IAAI,CAAC,mCAAmC,CAAC,IAAI,EAAE,oCAAoC,CAAC,CAAC;YACrF,OAAO,EAAE,OAAO,EAAE,mCAAgB,CAAC,6BAA6B,EAAE,CAAA;QACtE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,0BAA0B,GAAG,OAAO,CAAC;YAC3C,IAAI,GAAG,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;gBAC1C,MAAM,IAAI,0BAAiB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YACpE,CAAC;YACD,MAAM,GAAG,CAAC;QACd,CAAC;IACL,CAAC;IAGO,UAAU,CAAC,SAAuB;QACtC,MAAM,IAAI,GAAG,IAAI,kBAAI,EAAE,CAAC;QACxB,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC;QACnC,IAAI,CAAC,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC;QAC/B,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC,aAAa,CAAC;QAC7C,IAAI,CAAC,iBAAiB,GAAG,aAAa,CAAC,GAAG,CAAC;QAC3C,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,4BAA4B,CAAC,uCAAiD,EAAE,SAAuB;QAC3G,MAAM,kCAAkC,GAAG,uCAAuC,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,KAAK,wCAA4B,CAAC,aAAa,CAAC,CAAC;QAC7J,IAAI,uCAAuC,CAAC,QAAQ,CAAC,wCAA4B,CAAC,aAAa,CAAC,EAAE,CAAC;YAC/F,kCAAkC,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,iBAAiB,CAAC,CAAC;QAC5E,CAAC;QACD,OAAO,kCAAkC,CAAC;IAC9C,CAAC;IAGO,0BAA0B,CAAC,kCAA4C,EAAE,IAAU;QACvF,IAAI,kCAAkC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClD,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,0BAA0B,CAAC,CAAC;QAC7E,CAAC;QACD,IAAI,kCAAkC,CAAC,QAAQ,CAAC,qDAAyC,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/F,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACxC,IAAI,CAAC,oCAAoC,GAAG,KAAK,CAAC;YAClD,IAAI,CAAC,6CAA6C,GAAG,SAAS,CAAC;YAC/D,IAAI,IAAI,CAAC,gBAAgB,CAAC,2BAA2B,EAAE,CAAC;gBACpD,IAAI,CAAC,6BAA6B,GAAG,KAAK,CAAC;gBAC3C,IAAI,CAAC,sCAAsC,GAAG,SAAS,CAAC;YAC5D,CAAC;QACL,CAAC;QACD,IAAI,kCAAkC,CAAC,QAAQ,CAAC,qDAAyC,CAAC,MAAM,CAAC,EAAE,CAAC;YAChG,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACxC,IAAI,CAAC,qCAAqC,GAAG,KAAK,CAAC;YACnD,IAAI,CAAC,8CAA8C,GAAG,SAAS,CAAC;YAChE,IAAI,IAAI,CAAC,gBAAgB,CAAC,2BAA2B,EAAE,CAAC;gBACpD,IAAI,CAAC,8BAA8B,GAAG,KAAK,CAAC;gBAC5C,IAAI,CAAC,uCAAuC,GAAG,SAAS,CAAC;YAC7D,CAAC;QACL,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,mCAAmC,CAAC,IAAU,EAAE,6BAAuC;QACjG,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAChD,IAAI,IAAI,CAAC,gBAAgB,CAAC,QAAQ;YAC9B,OAAO;QACX,IAAI,6BAA6B,CAAC,QAAQ,CAAC,wCAA4B,CAAC,KAAK,CAAC,EAAE,CAAC;YAC7E,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,CAAC;YAC7D,WAAW,CAAC,sBAAsB,CAC9B,IAAI,CAAC,KAAK,EACV,iBAAiB,EACjB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBACrD,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ;gBACvD,oCAAoC,EAAE,IAAI,CAAC,oCAAoC;gBAC/E,cAAc,EAAE,WAAW;aAC9B,EACD,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAC1C,IAAI,EACJ,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,EAAE,CACV,CAAC;QACN,CAAC;QACD,IAAI,6BAA6B,CAAC,QAAQ,CAAC,wCAA4B,CAAC,MAAM,CAAC,EAAE,CAAC;YAC9E,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAChC,IAAI,CAAC,MAAM,EACX,iBAAiB,EACjB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,GAAG,EAAE,IAAI,CAAC,qCAAqC;gBAC/C,qCAAqC,EAAE,IAAI,CAAC,qCAAqC;gBACjF,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ;gBACvD,cAAc,EAAE,WAAW;aAC9B,CACJ,CAAC;QACN,CAAC;IACL,CAAC;IAED,KAAK,CAAC,sBAAsB,CAAC,gBAAkC;QAC3D,IAAI,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,CAAC;YAC5C,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,kCAAkC,CAAC,CAAC;QACrF,CAAC;QAGD,IAAI,gBAAgB,CAAC,IAAI,KAAK,wCAA4B,CAAC,KAAK,EAAE,CAAC;YAC/D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,KAAK,EAAE,gBAAgB,CAAC,UAAU;iBACrC;aACJ,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,IAAI,CAAC,oCAAoC,KAAK,gBAAgB,CAAC,GAAG,EAAE,CAAC;gBACrE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,IAAI,CAAC,6CAA6C,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAClE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,CAAC,6BAA6B,GAAG,IAAI,IAAI,EAAE,CAAC;YAChD,IAAI,CAAC,oCAAoC,GAAG,IAAI,CAAC;YACjD,IAAI,CAAC,6CAA6C,GAAG,IAAI,CAAC;YAC1D,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,4BAA4B,CAAC,IAAI,IAAI,CAAC,wCAAwC,CAAC,IAAI,CAAC,CAAC;YAC5I,MAAM,SAAS,GAAS,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7D,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACzC,OAAO,EAAE,MAAM,EAAE,SAAS,CAAC,MAAM,EAAE,OAAO,EAAE,kCAAkC,gBAAgB,CAAC,IAAI,EAAE,EAAE,CAAA;QAC3G,CAAC;aAAM,IAAI,gBAAgB,CAAC,IAAI,KAAK,wCAA4B,CAAC,MAAM,EAAE,CAAC;YACvE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,MAAM,EAAE,gBAAgB,CAAC,UAAU;iBACtC;aACJ,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,IAAI,CAAC,qCAAqC,KAAK,gBAAgB,CAAC,GAAG,EAAE,CAAC;gBACtE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,IAAI,CAAC,8CAA8C,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBACnE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,CAAC,8BAA8B,GAAG,IAAI,IAAI,EAAE,CAAC;YACjD,IAAI,CAAC,qCAAqC,GAAG,IAAI,CAAC;YAClD,IAAI,CAAC,8CAA8C,GAAG,IAAI,CAAC;YAC3D,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,4BAA4B,CAAC,IAAI,IAAI,CAAC,wCAAwC,CAAC,IAAI,CAAC,CAAC;YAC5I,MAAM,SAAS,GAAS,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7D,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAC;YACzC,OAAO,EAAE,MAAM,EAAE,SAAS,CAAC,MAAM,EAAE,OAAO,EAAE,kCAAkC,gBAAgB,CAAC,IAAI,EAAE,EAAE,CAAA;QAC3G,CAAC;QACD,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,yBAAyB,CAAC,CAAC;IAC5E,CAAC;IAEO,wBAAwB,CAAC,SAAe;QAE5C,MAAM,KAAK,GAAG,IAAI,yBAAY,CAAO,sBAAS,CAAC,eAAe,EAAE,SAAS,CAAC,CAAC;QAC3E,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,sBAAS,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;IAC7D,CAAC;IAED,wCAAwC,CAAC,IAAU;QAC/C,MAAM,6BAA6B,GAAG,IAAI,CAAC,gBAAgB,CAAC,oCAAoC,CAAC;QACjG,IAAI,6BAA6B,CAAC,QAAQ,CAAC,wCAA4B,CAAC,KAAK,CAAC,EAAE,CAAC;YAC7E,IAAI,CAAC,IAAI,CAAC,6BAA6B,EAAE,CAAC;gBACtC,OAAO,KAAK,CAAC;YACjB,CAAC;QACL,CAAC;QACD,IAAI,6BAA6B,CAAC,QAAQ,CAAC,wCAA4B,CAAC,MAAM,CAAC,EAAE,CAAC;YAC9E,IAAI,CAAC,IAAI,CAAC,8BAA8B,EAAE,CAAC;gBACvC,OAAO,KAAK,CAAC;YACjB,CAAC;QACL,CAAC;QACD,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,GAAG;QACP,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;QACnE,OAAO;YACH,KAAK,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAA,kBAAS,EAAC,MAAM,EAAE,MAAM,CAAC,CAAC,QAAQ,EAAE;YAC7G,SAAS,EAAE,GAAG;SACjB,CAAC;IACN,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,SAAoB;QAC7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAGhD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAE/C,MAAM,IAAI,CAAC,0BAA0B,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QAE9D,OAAO;YACH,IAAI,EAAE;gBACF,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;gBAC7C,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;aAC7C;YACD,GAAG,MAAM;SACZ,CAAA;IACL,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,SAAuB;QAC1C,IAAI,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,CAAC;YAC5C,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,kCAAkC,CAAC,CAAC;QACrF,CAAC;QAGD,IAAI,SAAS,CAAC,IAAI,KAAK,wCAA4B,CAAC,KAAK,EAAE,CAAC;YACxD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,KAAK,EAAE,SAAS,CAAC,UAAU;iBAC9B;aACJ,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACf,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;YAClE,CAAC;YACD,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACxC,IAAI,CAAC,6BAA6B,GAAG,KAAK,CAAC;YAC3C,IAAI,CAAC,sCAAsC,GAAG,SAAS,CAAC;YACxD,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,IAAI,CAAC,6BAA6B,CAAC,IAAI,EAAE,wCAA4B,CAAC,KAAK,CAAC,CAAC;QACjF,CAAC;aAAM,IAAI,SAAS,CAAC,IAAI,KAAK,wCAA4B,CAAC,MAAM,EAAE,CAAC;YAChE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,MAAM,EAAE,SAAS,CAAC,UAAU;iBAC/B;aACJ,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACxC,IAAI,CAAC,8BAA8B,GAAG,KAAK,CAAC;YAC5C,IAAI,CAAC,uCAAuC,GAAG,SAAS,CAAC;YACzD,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,IAAI,CAAC,6BAA6B,CAAC,IAAI,EAAE,wCAA4B,CAAC,MAAM,CAAC,CAAC;QAClF,CAAC;aACI,CAAC;YACF,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,yBAAyB,CAAC,CAAC;QAC5E,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,mCAAgB,CAAC,sBAAsB,EAAE,CAAC;IAChE,CAAC;IAEO,KAAK,CAAC,6BAA6B,CAAC,IAAU,EAAE,SAAuC;QAC3F,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAEhD,IAAI,IAAI,CAAC,gBAAgB,CAAC,QAAQ;YAC9B,OAAO;QACX,IAAI,SAAS,KAAK,wCAA4B,CAAC,KAAK,EAAE,CAAC;YACnD,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,CAAC;YAC7D,WAAW,CAAC,sBAAsB,CAC9B,IAAI,CAAC,KAAK,EACV,cAAc,EACd;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBACrD,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,6BAA6B,EAAE,IAAI,CAAC,6BAA6B;gBACjE,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ;gBACvD,cAAc,EAAE,WAAW;aAC9B,EACD,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAC1C,IAAI,EACJ,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,EAAE,CACV,CAAC;QACN,CAAC;QACD,IAAI,SAAS,KAAK,wCAA4B,CAAC,MAAM,EAAE,CAAC;YACpD,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAChC,IAAI,CAAC,MAAM,EACX,cAAc,EACd;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,GAAG,EAAE,IAAI,CAAC,8BAA8B;gBACxC,8BAA8B,EAAE,IAAI,CAAC,8BAA8B;gBACnE,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ;gBACvD,cAAc,EAAE,WAAW;aAC9B,CACJ,CAAC;QACN,CAAC;IACL,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,gBAAkC;QACpD,IAAI,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,CAAC;YAC5C,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,kCAAkC,CAAC,CAAC;QACrF,CAAC;QACD,IAAI,gBAAgB,CAAC,IAAI,KAAK,wCAA4B,CAAC,KAAK,EAAE,CAAC;YAC/D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,KAAK,EAAE,gBAAgB,CAAC,UAAU;iBACrC;gBACD,SAAS,EAAE,CAAC,OAAO,CAAC;aACvB,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACf,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;YAClE,CAAC;YACD,IAAI,IAAI,CAAC,6BAA6B,KAAK,gBAAgB,CAAC,GAAG,EAAE,CAAC;gBAC9D,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,IAAI,CAAC,sCAAsC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAC3D,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,CAAC,sBAAsB,GAAG,IAAI,IAAI,EAAE,CAAC;YACzC,IAAI,CAAC,6BAA6B,GAAG,IAAI,CAAC;YAC1C,IAAI,CAAC,sCAAsC,GAAG,IAAI,CAAC;YACnD,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;YACtE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,GAAG,IAAI,CAAC;YAChE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClD,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,KAAK,EAAE,EAAE,CAAC;QAC1G,CAAC;aAAM,IAAI,gBAAgB,CAAC,IAAI,KAAK,wCAA4B,CAAC,MAAM,EAAE,CAAC;YACvE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,MAAM,EAAE,gBAAgB,CAAC,UAAU;iBACtC;gBACD,SAAS,EAAE,CAAC,OAAO,CAAC;aACvB,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,eAAe,CAAC,CAAC;YACpE,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACf,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;YAClE,CAAC;YACD,IAAI,IAAI,CAAC,8BAA8B,KAAK,gBAAgB,CAAC,GAAG,EAAE,CAAC;gBAC/D,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,IAAI,CAAC,uCAAuC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;gBAC5D,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,WAAW,CAAC,CAAC;YAChE,CAAC;YACD,IAAI,CAAC,uBAAuB,GAAG,IAAI,IAAI,EAAE,CAAC;YAC1C,IAAI,CAAC,8BAA8B,GAAG,IAAI,CAAC;YAC3C,IAAI,CAAC,uCAAuC,GAAG,IAAI,CAAC;YACpD,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;YACtE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,GAAG,IAAI,CAAC;YAChE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClD,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,KAAK,EAAE,EAAE,CAAC;QAE1G,CAAC;QACD,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,yBAAyB,CAAC,CAAC;IAC5E,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,iBAAoC,EAAE,UAA0B;QACjF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YAC3C,KAAK,EAAE,EAAE,EAAE,EAAE,iBAAiB,CAAC,EAAE,EAAE;SACtC,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,0BAAiB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;QAC/D,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACf,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;QAClE,CAAC;QAGD,IAAI,IAAI,CAAC,iBAAiB,KAAK,OAAO,EAAE,CAAC;YACrC,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,kBAAkB,CAAC,CAAC;QACrE,CAAC;QAGD,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,gBAAgB,CAAC,CAAC;QACnE,CAAC;QAGD,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3C,MAAM,IAAI,4BAAmB,CAAC,+BAAc,CAAC,iBAAiB,CAAC,CAAC;QACpE,CAAC;QAGD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAC7C,iBAAiB,CAAC,eAAe,EACjC,IAAI,CAAC,QAAQ,CAChB,CAAC;QACF,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,0BAA0B,CAAC,CAAC;QAC/E,CAAC;QAGD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;QAC7E,IAAI,CAAC,QAAQ,GAAG,iBAAiB,CAAC,WAAW,CAAC;QAG9C,IAAI,CAAC,mBAAmB,GAAG,KAAK,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC;QAEvB,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAErC,OAAO,IAAI,CAAC;IAChB,CAAC;IAGO,2BAA2B;QAC/B,MAAM,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC;QAC9B,UAAU,CAAC,UAAU,CAAC,UAAU,CAAC,UAAU,EAAE,GAAG,IAAI,CAAC,gBAAgB,CAAC,qCAAqC,CAAC,CAAC;QAE7G,OAAO;YACH,KAAK,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ;gBACjC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,QAAQ;gBAChC,CAAC,CAAC,IAAA,SAAM,GAAE;YACd,SAAS,EAAE,UAAU;SACxB,CAAC;IACN,CAAC;IAED,KAAK,CAAC,sBAAsB,CAAC,yBAAoD;QAM7E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,yBAAyB,CAAC,QAAQ,EAAE,yBAAyB,CAAC,KAAK,CAAC,CAAC;QAEzG,IAAI,WAAW,GAAG,IAAI,CAAA;QACtB,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,WAAW,GAAG,KAAK,CAAA;QAEvB,CAAC;QACD,IAAI,WAAW,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,CAAC;YAC/B,WAAW,GAAG,KAAK,CAAA;QAEvB,CAAC;QAGD,IAAI,WAAW,IAAI,IAAI,EAAE,iBAAiB,KAAK,OAAO,EAAE,CAAC;YACrD,WAAW,GAAG,KAAK,CAAA;QAEvB,CAAC;QAID,IAAI,WAAW,EAAE,CAAC;YACd,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,2BAA2B,EAAE,CAAC;YAChE,IAAI,CAAC,iCAAiC,GAAG,KAAK,CAAC;YAC/C,IAAI,CAAC,0CAA0C,GAAG,SAAS,CAAC;YAC5D,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,CAAC;QAC1C,CAAC;QAGD,OAAO;YACH,MAAM,EAAE,SAAS;YACjB,OAAO,EAAE,mCAAgB,CAAC,0BAA0B;YACpD,KAAK,EAAE,EAAE;YACT,SAAS,EAAE,EAAE;YACb,IAAI,EAAE;gBACF,IAAI,EAAE;oBACF,KAAK,EAAE,IAAI,EAAE,KAAK;iBAGrB;aACJ;SACJ,CAAA;IACL,CAAC;IAEO,KAAK,CAAC,0BAA0B,CAAC,IAAU;QAC/C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAEhD,MAAM,qCAAqC,GAAG,IAAI,CAAC,gBAAgB,CAAC,qCAAqC,CAAC;QAE1G,IAAI,qCAAqC,IAAI,iDAAqC,CAAC,KAAK,EAAE,CAAC;YACvF,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,CAAC;YAC7D,WAAW,CAAC,sBAAsB,CAC9B,IAAI,CAAC,KAAK,EACV,iBAAiB,EACjB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBACrD,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBAEvB,iBAAiB,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,yCAAyC,UAAU,IAAI,CAAC,iCAAiC,EAAE;gBAC7H,cAAc,EAAE,WAAW;aAC9B,EACD,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAC1C,IAAI,EACJ,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,EAAE,CACV,CAAC;QACN,CAAC;QAED,IAAI,qCAAqC,IAAI,iDAAqC,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACvG,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAChC,IAAI,CAAC,MAAM,EACX,iBAAiB,EACjB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,GAAG,EAAE,IAAI,CAAC,iCAAiC;gBAC3C,iCAAiC,EAAE,IAAI,CAAC,iCAAiC;gBACzE,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,cAAc,EAAE,WAAW;aAC9B,CACJ,CAAC;QACN,CAAC;IACL,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,wBAAkD;QAC1E,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;YAE3C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,8BAA8B,CAAC,wBAAwB,CAAC,iBAAiB,CAAC,CAAC;YACnG,IAAI,CAAC,IAAI;gBAAE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YAC/E,IAAI,IAAI,CAAC,iBAAiB,KAAK,OAAO;gBAAE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YAC5G,IAAI,CAAC,IAAI,CAAC,MAAM;gBAAE,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YAGtF,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;iBACvB,kBAAkB,EAAE;iBACpB,MAAM,CAAC,kBAAI,CAAC;iBACZ,GAAG,CAAC;gBACD,yBAAyB,EAAE,GAAG,EAAE,CAAC,OAAO;gBACxC,iCAAiC,EAAE,GAAG,EAAE,CAAC,MAAM;gBAC/C,0CAA0C,EAAE,GAAG,EAAE,CAAC,MAAM;aAC3D,CAAC;iBACD,KAAK,CAAC,UAAU,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;iBAClC,QAAQ,CAAC,4CAA4C,EAAE,EAAE,KAAK,EAAE,wBAAwB,CAAC,iBAAiB,EAAE,CAAC;iBAC7G,QAAQ,CAAC,oDAAoD,CAAC;iBAC9D,OAAO,EAAE,CAAC;YAEf,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;gBAEjB,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,mBAAmB,CAAC,CAAC;YACxE,CAAC;YAGD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC,CAAC;YAGlF,MAAM,CAAC,CAAC,aAAa,CAAC,kBAAI,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;YAC3E,IAAI,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;YAEvC,OAAO;gBACH,MAAM,EAAE,SAAS;gBACjB,OAAO,EAAE,mCAAgB,CAAC,yBAAyB;gBACnD,KAAK,EAAE,EAAE;gBACT,SAAS,EAAE,EAAE;gBACb,IAAI,EAAE,EAAE;aACX,CAAC;QACN,CAAC,CAAC,CAAC;IACP,CAAC;IAEO,KAAK,CAAC,2BAA2B,CAAC,IAAU;QAChD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAEhD,MAAM,qCAAqC,GAAG,IAAI,CAAC,gBAAgB,CAAC,qCAAqC,CAAC;QAE1G,IAAI,qCAAqC,IAAI,iDAAqC,CAAC,KAAK,EAAE,CAAC;YACvF,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,CAAC;YAC7D,WAAW,CAAC,sBAAsB,CAC9B,IAAI,CAAC,KAAK,EACV,kBAAkB,EAClB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB;gBACrD,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBAEvB,iBAAiB,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,yCAAyC,UAAU,IAAI,CAAC,iCAAiC,EAAE;gBAC7H,cAAc,EAAE,WAAW;aAC9B,EACD,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAC1C,IAAI,EACJ,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,EAAE,CACV,CAAC;QACN,CAAC;QAED,IAAI,qCAAqC,IAAI,iDAAqC,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACvG,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAChC,IAAI,CAAC,MAAM,EACX,iBAAiB,EACjB;gBACI,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;gBACxC,GAAG,EAAE,IAAI,CAAC,iCAAiC;gBAC3C,iCAAiC,EAAE,IAAI,CAAC,iCAAiC;gBACzE,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,cAAc,EAAE,WAAW;aAC9B,CACJ,CAAC;QACN,CAAC;IACL,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,IAAU;QAE3B,MAAM,CAAC,WAAW,EAAE,YAAY,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YAClD,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;YAC9B,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC;SAClC,CAAC,CAAC;QAEH,OAAO;YACH,WAAW;YACX,YAAY;SACf,CAAC;IACN,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,IAAU;QAGhC,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE1D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,SAAS,CACpC,IAAI,CAAC,EAAE,EACP,IAAI,CAAC,gBAAgB,CAAC,cAAc,EACpC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,KAAK,EAAE,aAAa,EAAE,CACvE,CAAC;QAEF,OAAO,WAAW,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,IAAU;QACjC,MAAM,cAAc,GAAG,IAAA,mBAAU,GAAE,CAAC;QAEpC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,gBAAgB,CAAC,eAAe,EAAE;YACtF,cAAc;SACjB,CAAC,CAAA;QAGF,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;QAEhE,OAAO,YAAY,CAAC;IACxB,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,eAAgC;QAChD,IAAI,CAAC;YACD,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAA2D,eAAe,CAAC,YAAY,EAAE;gBACtI,MAAM,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM;gBACpC,QAAQ,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ;gBACxC,MAAM,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM;aACvC,CAAC,CAAC;YAEH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,EAAE,EAAE,GAAG;iBACV;gBACD,SAAS,EAAE;oBACP,KAAK,EAAE,IAAI;iBACd;aACJ,CAAC,CAAC;YACH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACR,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,eAAe,CAAC,CAAC;YACpE,CAAC;YAWD,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,IAAI,EAAE,eAAe,CAAC,YAAY,CAAC,CAAC;YAEpH,MAAM,IAAI,CAAC,0BAA0B,CAAC,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;YAEvE,OAAO;gBACH,WAAW,EAAE,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;gBACjD,YAAY,EAAE,mBAAmB;aACpC,CAAC;QACN,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,IAAI,GAAG,YAAY,gEAA4B,EAAE,CAAC;gBAE9C,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;YAClE,CAAC;YAED,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,eAAe,CAAC,CAAC;QACpE,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,SAAS,CAAI,MAAc,EAAE,SAAiB,EAAE,OAAW;QACrE,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAClC;YACI,GAAG,EAAE,MAAM;YACX,GAAG,OAAO;SACb,EACD;YACI,QAAQ,EAAE,IAAI,CAAC,gBAAgB,CAAC,QAAQ;YACxC,MAAM,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM;YACpC,MAAM,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM;YACpC,SAAS;SACZ,CACJ,CAAC;IACN,CAAC;IAGD,KAAK,CAAC,uBAAuB,CAAC,IAAU;QACpC,IAAI,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,uEAAuE,IAAI,CAAC,iBAAiB,EAAE,CAAC,CAAC;YACtJ,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC;YAGlC,IAAI,WAAW,CAAC,KAAK,KAAK,IAAI,CAAC,KAAK,IAAI,WAAW,CAAC,EAAE,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAEvE,OAAO,WAAW,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACJ,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,oBAAoB,CAAC,CAAC;YACzE,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,8BAAqB,CAAC,+BAAc,CAAC,iCAAiC,CAAC,CAAC;QACtF,CAAC;IACL,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,UAAkB;QACtC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YAC3C,KAAK,EAAE;gBACH,UAAU,EAAE,UAAU;aACzB;YACD,SAAS,EAAE;gBACP,KAAK,EAAE,IAAI;aACd;SACJ,CAAC,CAAC;QAIH,MAAM,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC;QAGzC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAC/C,OAAO;YACH,IAAI,EAAE;gBACF,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBAEvB,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;aAC7C;YACD,GAAG,MAAM;SACZ,CAAA;IAEL,CAAC;IAEO,KAAK,CAAC,iCAAiC;QAC3C,OAAO,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,0BAA0B,CAAC,CAAC;IAC1E,CAAC;IASD,KAAK,CAAC,MAAM;QACR,IAAI,CAAC;YACD,MAAM,UAAU,GAAG,IAAI,CAAC,qBAAqB,CAAC,aAAa,EAAE,CAAC;YAC9D,MAAM,MAAM,GAAG,UAAU,EAAE,GAAG,CAAC;YAC/B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;gBAC3C,KAAK,EAAE;oBACH,EAAE,EAAE,MAAM;iBACb;aACJ,CAAC,CAAA;YAEF,MAAM,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAGrD,MAAM,IAAI,CAAC,0BAA0B,CAAC,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;YAG/D,OAAO,EAAE,OAAO,EAAE,mCAAgB,CAAC,cAAc,EAAE,CAAC;QACxD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,GAAG,YAAY,8BAAqB,IAAI,GAAG,YAAY,qCAA4B;gBACrF,CAAC,CAAC,GAAG;gBACL,CAAC,CAAC,IAAI,qCAA4B,CAAC,+BAAc,CAAC,aAAa,CAAC,CAAC;QACzE,CAAC;IACL,CAAC;IAGD,KAAK,CAAC,YAAY,CAAC,MAAc;QAC7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QACxD,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,0BAAiB,CAAC,+BAAc,CAAC,cAAc,CAAC,CAAC;QAC/D,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACnB,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,EAAE,CAAC,UAA0B;QAC/B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YAC3C,KAAK,EAAE;gBACH,EAAE,EAAE,UAAU,CAAC,GAAG;aACrB;YACD,SAAS,EAAE;gBACP,KAAK,EAAE,IAAI;aACd;SACJ,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAE/C,MAAM,QAAQ,GAAG;YACb,IAAI,EAAE;gBACF,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBAEvB,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;aAC7C;YACD,GAAG,MAAM;SACZ,CAAA;QACD,OAAO,QAAQ,CAAC;IACpB,CAAC;CAEJ,CAAA;AAjkCY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;IAMJ,WAAA,IAAA,0BAAgB,EAAC,kBAAI,CAAC,CAAA;IAGtB,WAAA,IAAA,eAAM,EAAC,sBAAS,CAAC,GAAG,CAAC,CAAA;IAErB,WAAA,IAAA,eAAM,EAAC,sBAAS,CAAC,GAAG,CAAC,CAAA;IAUrB,YAAA,IAAA,eAAM,EAAC,uBAAY,CAAC,GAAG,CAAC,CAAA;IAIxB,YAAA,IAAA,0BAAgB,GAAE,CAAA;qCApBW,0BAAW;QACgB,oBAAU;QAClC,gCAAc;QAClB,gBAAU,kBAKE,iEAA6B;QACxC,mBAAW;QAEJ,0BAAW;QACnB,iCAAe;QACb,6BAAa;QACX,gCAAc;QACT,2CAAmB,UAGZ,0DAA0B;QAC/B,+CAAqB;QAEhC,oBAAU;GAzBlC,qBAAqB,CAikCjC;AAED,SAAS,0BAA0B,CAAC,MAAc;IAC9C,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAC3E,IAAI,KAAK,EAAE,CAAC;QACR,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,QAAQ,GAA2B;YACrC,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,eAAe;YACtB,kBAAkB,EAAE,WAAW;SAClC,CAAC;QACF,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC;QAC/C,OAAO,eAAe,aAAa,KAAK,KAAK,mBAAmB,CAAC;IACrE,CAAC;IACD,OAAO,MAAM,CAAC;AAClB,CAAC","sourcesContent":["import { HttpService } from '@nestjs/axios';\nimport {\n BadRequestException,\n ConflictException,\n Inject,\n Injectable,\n InternalServerErrorException,\n Logger,\n NotFoundException,\n UnauthorizedException,\n} from '@nestjs/common';\nimport { ConfigType } from '@nestjs/config';\nimport { EventEmitter2 } from '@nestjs/event-emitter';\nimport { JwtService } from '@nestjs/jwt';\nimport { InjectDataSource, InjectRepository } from '@nestjs/typeorm';\nimport { isEmpty, isNotEmpty } from 'class-validator';\nimport { randomInt, randomUUID } from 'crypto';\nimport { SMTPEMailService } from 'src/services/mail/smtp-email.service';\nimport { Msg91OTPService } from 'src/services/sms/Msg91OTPService';\nimport { DataSource, Repository } from 'typeorm';\nimport { iamConfig, jwtConfig } from '../config/iam.config';\nimport { ChangePasswordDto } from \"../dtos/change-password.dto\";\nimport { ConfirmForgotPasswordDto } from '../dtos/confirm-forgot-password.dto';\nimport { InitiateForgotPasswordDto } from '../dtos/initiate-forgot-password.dto';\nimport { OTPConfirmOTPDto } from '../dtos/otp-confirm-otp.dto';\nimport { OTPSignInDto } from '../dtos/otp-sign-in.dto';\nimport { OTPSignUpDto } from '../dtos/otp-sign-up.dto';\nimport { RefreshTokenDto } from '../dtos/refresh-token.dto';\nimport { SignInDto } from '../dtos/sign-in.dto';\nimport { SignUpDto } from '../dtos/sign-up.dto';\nimport { User } from '../entities/user.entity';\nimport { ActiveUserData } from '../interfaces/active-user-data.interface';\nimport { HashingService } from './hashing.service';\nimport { InvalidatedRefreshTokenError, RefreshTokenIdsStorageService } from './refresh-token-ids-storage.service';\nimport { UserService } from './user.service';\nimport { EventDetails, EventType, IMail } from \"../interfaces\";\nimport {\n ForgotPasswordSendVerificationTokenOn,\n RegistrationValidationSource,\n TransactionalRegistrationValidationSource\n} from \"../constants\";\nimport { SettingService } from './setting.service';\nimport { CreateUserDto } from 'src/dtos/create-user.dto';\nimport { RoleMetadataService } from './role-metadata.service';\nimport commonConfig from 'src/config/common.config';\nimport { UserActivityHistoryService } from './user-activity-history.service';\nimport { RequestContextService } from './request-context.service';\nimport { ERROR_MESSAGES } from 'src/constants/error-messages';\nimport { SUCCESS_MESSAGES } from 'src/constants/success-messages';\nimport { MailFactory } from 'src/factories/mail.factory';\nimport { v4 as uuidv4 } from 'uuid';\n\nenum LoginProvider {\n LOCAL = 'local',\n GOOGLE = 'google',\n OTP = 'otp',\n}\n\ninterface otp {\n token: string;\n expiresAt: Date;\n}\n\n@Injectable()\nexport class AuthenticationService {\n private readonly logger = new Logger(AuthenticationService.name);\n // private readonly mailService: IMail;\n constructor(\n private readonly userService: UserService,\n @InjectRepository(User) private readonly userRepository: Repository<User>,\n private readonly hashingService: HashingService,\n private readonly jwtService: JwtService,\n @Inject(jwtConfig.KEY)\n private readonly jwtConfiguration: ConfigType<typeof jwtConfig>,\n @Inject(iamConfig.KEY)\n private readonly iamConfiguration: ConfigType<typeof iamConfig>,\n private readonly refreshTokenIdsStorage: RefreshTokenIdsStorageService,\n private readonly httpService: HttpService,\n // private readonly mailService: SMTPEMailService,\n private readonly mailServiceFactory: MailFactory,\n private readonly smsService: Msg91OTPService,\n private readonly eventEmitter: EventEmitter2,\n private readonly settingService: SettingService,\n private readonly roleMetadataService: RoleMetadataService,\n @Inject(commonConfig.KEY)\n private readonly commonConfiguration: ConfigType<typeof commonConfig>,\n private readonly userActivityHistoryService: UserActivityHistoryService,\n private readonly requestContextService: RequestContextService,\n @InjectDataSource()\n private readonly dataSource: DataSource,\n ) {\n // this.mailService = this.mailServiceFactory.getMailService();\n }\n\n private async getConfig(key: string): Promise<any> {\n return this.settingService.getConfigValue(key);\n }\n\n private async getCompanyLogo(): Promise<string> {\n return await this.settingService.getConfigValue('companylogo');\n }\n\n async resolveUser(username: string, email: string) {\n return await this.userRepository.findOne({\n where: [\n { username: username },\n { email: email },\n ],\n relations: {\n roles: true\n }\n });\n }\n\n async resolveUserByVerificationToken(token: string) {\n return await this.userRepository.findOne({\n where: { verificationTokenOnForgotPassword: token },\n relations: { roles: true }\n });\n }\n\n async validateUser(signInDto: SignInDto) {\n\n const user = await this.resolveUser(signInDto.username, signInDto.email);\n\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n if (!user.active) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_ACTIVE);\n }\n const isEqual = await this.hashingService.compare(\n signInDto.password,\n user.password,\n );\n if (!isEqual) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n\n return user;\n }\n\n async signUp(signUpDto: SignUpDto, activeUser: ActiveUserData = null): Promise<User> {\n // If public registrations are disabled and no activeUser is present when invoking signUp then we throw an exception.\n if (!(await this.settingService.getConfigValue('allowPublicRegistration')) && !activeUser) {\n throw new BadRequestException(ERROR_MESSAGES.PUBLIC_REGISTRATION_DISABLED);\n }\n\n try {\n const onForcePasswordChange = await this.getConfig('forceChangePasswordOnFirstLogin');\n var { user, pwd, autoGeneratedPwd } = await this.populateForSignup(new User(), signUpDto, this.iamConfiguration.activateUserOnRegistration, onForcePasswordChange);\n const savedUser = await this.userRepository.save(user);\n // Also assign a default role to the newly created user. \n const userRoles = signUpDto.roles ?? [];\n if (this.iamConfiguration.defaultRole) {\n userRoles.push(this.iamConfiguration.defaultRole);\n }\n await this.handlePostSignup(savedUser, userRoles, pwd, autoGeneratedPwd);\n\n // TODO: make provision to trigger a welcome email also.\n\n return savedUser;\n } catch (err) {\n const pgUniqueViolationErrorCode = '23505';\n if (err.code === pgUniqueViolationErrorCode) {\n throw new ConflictException(ERROR_MESSAGES.USER_ALREADY_EXISTS);\n }\n throw err;\n }\n }\n\n async signupForExtensionUser<T extends User, U extends CreateUserDto>(signUpDto: SignUpDto, extensionUserDto: U, extensionUserRepo: Repository<T>): Promise<T> {\n try {\n const onForcePasswordChange = await this.getConfig('forceChangePasswordOnFirstLogin');\n // Merge the extended signUpDto attributes into the user entity \n //@ts-ignore \n const extensionUser = extensionUserRepo.merge(extensionUserRepo.create() as T, extensionUserDto);\n var { user, pwd, autoGeneratedPwd } = await this.populateForSignup<T>(extensionUser, signUpDto, true, onForcePasswordChange);\n const savedUser = await extensionUserRepo.save(user);\n\n await this.handlePostSignup(savedUser, signUpDto.roles, pwd, autoGeneratedPwd);\n\n return savedUser;\n }\n catch (err) {\n const pgUniqueViolationErrorCode = '23505';\n if (err.code === pgUniqueViolationErrorCode) {\n throw new ConflictException(parseUniqueConstraintError(err.detail || ERROR_MESSAGES.UNIQUE_CONSTRAINT_VIOLATION));\n }\n throw err;\n }\n }\n\n\n private async populateForSignup<T extends User>(user: T, signUpDto: SignUpDto, isUserActive: boolean = true, onForcePasswordChange?: boolean) {\n // const user = new User();\n let autoGeneratedPwdPermission = await this.settingService.getConfigValue('iamAutoGeneratedPassword');\n if (signUpDto.roles && signUpDto.roles.length > 0) {\n for (let i = 0; i < signUpDto.roles.length; i++) {\n const roleName = signUpDto.roles[i];\n await this.roleMetadataService.findRoleByName(roleName);\n }\n }\n user.username = signUpDto.username;\n user.email = signUpDto.email;\n user.fullName = signUpDto.fullName;\n user.forcePasswordChange = onForcePasswordChange;\n if (signUpDto.mobile) {\n user.mobile = signUpDto.mobile;\n }\n // this.logger.debug(\"user\", user);\n\n // If password has been specified by the user, then we simply create & activate the user based on the configuration parameter \"activateUserOnRegistration\".\n let pwd = '';\n let autoGeneratedPwd = '';\n\n // User has specified password \n if (signUpDto.password) {\n pwd = await this.hashingService.hash(signUpDto.password);\n }\n // User has not specified password\n else {\n // When user does not specify password, and system is configured to auto generate passwords.\n if (autoGeneratedPwdPermission?.toString().toLowerCase() === 'true') {\n autoGeneratedPwd = this.generatePassword();\n pwd = await this.hashingService.hash(autoGeneratedPwd);\n user.forcePasswordChange = true;\n }\n // When user does not specify password, and system is not configured to auto generate passwords.\n else {\n // This means that most likely the system is going to be using password-less login. \n // If that is not the case then we can raise a bad request exception...\n if (!this.isPasswordlessRegistrationEnabled()) {\n this.logger.error('User being created without password, and password less login is also not enabled in the system. Is this intentional?');\n throw new BadRequestException(ERROR_MESSAGES.PASSWORDLESS_REGISTRATION_DISABLED);\n }\n\n // Save the hash of the blank password, anyways since passwordless login is enabled it does not matter.\n pwd = await this.hashingService.hash(pwd);\n }\n }\n\n user.password = pwd;\n user.active = isUserActive;\n return { user, pwd, autoGeneratedPwd };\n }\n\n\n private async handlePostSignup(user: User, roles: string[] = [], pwd: string, autoGeneratedPwd: string) {\n await this.userService.initializeRolesForNewUser(roles, user);\n\n // if forcePasswordChange is true, then we trigger an email to the user to change the password, this needs to be done using a queue. \n // Create a new method like notifyUserOnForcePasswordChange, create a new email template we can call it on-force-password-change this template to include the random password\n if (user.forcePasswordChange && autoGeneratedPwd) {\n this.notifyUserOnForcePasswordChange(user, autoGeneratedPwd);\n }\n }\n\n\n generatePassword(length: number = 8): string {\n const upperCase = \"ABCDEFGHIJKLMNOPQRSTUVWXYZ\";\n const lowerCase = \"abcdefghijklmnopqrstuvwxyz\";\n const numbers = \"0123456789\";\n const specialChars = \"@$#\";\n const allChars = upperCase + lowerCase + numbers + specialChars;\n\n let password = \"\";\n\n for (let i = 0; i < length; i++) {\n const randomIndex = Math.floor(Math.random() * allChars.length);\n password += allChars[randomIndex];\n }\n\n return password;\n }\n\n private async notifyUserOnForcePasswordChange(user: User, autoGeneratedPwd: string) {\n const companyLogo = await this.getCompanyLogo();\n const mailService = this.mailServiceFactory.getMailService();\n mailService.sendEmailUsingTemplate(\n user.email,\n 'on-force-password-change',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n solidAppWebsiteUrl: process.env.SOLID_APP_WEBSITE_URL,\n frontendLoginPageUrl: process.env.IAM_FRONTEND_APP_LOGIN_PAGE_URL,\n email: user.email,\n fullName: user.fullName,\n userName: user.username,\n password: autoGeneratedPwd,\n companyLogoUrl: companyLogo\n },\n this.commonConfiguration.shouldQueueEmails,\n null,\n null,\n 'user',\n user.id\n );\n\n }\n\n async otpInitiateRegistration(signUpDto: OTPSignUpDto) {\n try {\n if (!this.isPasswordlessRegistrationEnabled()) {\n throw new BadRequestException(ERROR_MESSAGES.PASSWORDLESS_REGISTRATION_DISABLED);\n }\n // Validate if either mobile or email is present.\n if (isEmpty(signUpDto.mobile) && isEmpty(signUpDto.email)) {\n throw new BadRequestException(ERROR_MESSAGES.REGISTRATION_REQUIRES_CONTACT);\n }\n if (signUpDto.validationSources.includes(TransactionalRegistrationValidationSource.EMAIL) && isEmpty(signUpDto.email)) {\n throw new BadRequestException(ERROR_MESSAGES.EMAIL_REQUIRED_FOR_VALIDATION);\n }\n if (signUpDto.validationSources.includes(TransactionalRegistrationValidationSource.MOBILE) && isEmpty(signUpDto.mobile)) {\n throw new BadRequestException(ERROR_MESSAGES.MOBILE_REQUIRED_FOR_VALIDATION);\n }\n\n // Validate if user already exists.\n const existingUser = await this.userRepository.findOne({ //TODO Perhaps we should use the user service instead of the repository directly.\n where: [\n { email: signUpDto.email, },\n { mobile: signUpDto.mobile, },\n { username: signUpDto.username, }\n ]\n });\n if (isNotEmpty(existingUser) && existingUser.active) {\n throw new ConflictException(ERROR_MESSAGES.USER_ALREADY_EXISTS);\n }\n const finalRegistrationVerificationSources = this.calculateVerificationSources(this.iamConfiguration.passwordlessRegistrationValidateWhat, signUpDto);\n let user = existingUser\n if (isEmpty(user)) {\n user = this.createUser(signUpDto);\n this.populateVerificationTokens(finalRegistrationVerificationSources, user);\n await this.userRepository.save(user);\n await this.userService.addRoleToUser(user.username, await this.settingService.getConfigValue('defaultRole'));\n }\n else {\n this.populateVerificationTokens(finalRegistrationVerificationSources, user);\n await this.userRepository.save(user);\n }\n\n // Send OTP to the user through email or SMS, depending on the configuration.\n this.notifyUserOnOtpInitiateRegistration(user, finalRegistrationVerificationSources);\n return { message: SUCCESS_MESSAGES.OTP_SENT_SUCCESS_REGISTRATION }\n } catch (err) {\n const pgUniqueViolationErrorCode = '23505';\n if (err.code === pgUniqueViolationErrorCode) {\n throw new ConflictException(ERROR_MESSAGES.USER_ALREADY_EXISTS);\n }\n throw err;\n }\n }\n\n // Create a new user entity.\n private createUser(signUpDto: OTPSignUpDto) {\n const user = new User();\n user.username = signUpDto.username;\n user.email = signUpDto.email;\n user.mobile = signUpDto.mobile;\n user.customPayload = signUpDto.customPayload;\n user.lastLoginProvider = LoginProvider.OTP;\n return user;\n }\n\n private calculateVerificationSources(configuredRegistrationValidationSources: string[], signUpDto: OTPSignUpDto): string[] {\n const finalRegistrationValidationSources = configuredRegistrationValidationSources.filter((source) => source !== RegistrationValidationSource.TRANSACTIONAL);\n if (configuredRegistrationValidationSources.includes(RegistrationValidationSource.TRANSACTIONAL)) {\n finalRegistrationValidationSources.push(...signUpDto.validationSources); // Add the validation sources provided by the user.\n }\n return finalRegistrationValidationSources;\n }\n\n // Generate the validation tokens for the user i.e (system configured + user provided)\n private populateVerificationTokens(finalRegistrationValidationSources: string[], user: User) {\n if (finalRegistrationValidationSources.length === 0) {\n throw new BadRequestException(ERROR_MESSAGES.VALIDATION_SOURCE_REQUIRED);\n }\n if (finalRegistrationValidationSources.includes(TransactionalRegistrationValidationSource.EMAIL)) {\n const { token, expiresAt } = this.otp();\n user.emailVerificationTokenOnRegistration = token;\n user.emailVerificationTokenOnRegistrationExpiresAt = expiresAt;\n if (this.iamConfiguration.autoLoginUserOnRegistration) {\n user.emailVerificationTokenOnLogin = token;\n user.emailVerificationTokenOnLoginExpiresAt = expiresAt;\n }\n }\n if (finalRegistrationValidationSources.includes(TransactionalRegistrationValidationSource.MOBILE)) {\n const { token, expiresAt } = this.otp();\n user.mobileVerificationTokenOnRegistration = token;\n user.mobileVerificationTokenOnRegistrationExpiresAt = expiresAt;\n if (this.iamConfiguration.autoLoginUserOnRegistration) {\n user.mobileVerificationTokenOnLogin = token;\n user.mobileVerificationTokenOnLoginExpiresAt = expiresAt;\n }\n }\n }\n\n private async notifyUserOnOtpInitiateRegistration(user: User, registrationValidationSources: string[]) {\n const companyLogo = await this.getCompanyLogo();\n if (this.iamConfiguration.dummyOtp)\n return; // Do nothing if dummy otp is configured.\n if (registrationValidationSources.includes(RegistrationValidationSource.EMAIL)) {\n const mailService = this.mailServiceFactory.getMailService();\n mailService.sendEmailUsingTemplate(\n user.email,\n 'otp-on-register',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n solidAppWebsiteUrl: process.env.SOLID_APP_WEBSITE_URL,\n firstName: user.username,\n fullName: user.fullName ? user.fullName : user.username,\n emailVerificationTokenOnRegistration: user.emailVerificationTokenOnRegistration,\n companyLogoUrl: companyLogo\n },\n this.commonConfiguration.shouldQueueEmails,\n null,\n null,\n 'user',\n user.id\n );\n }\n if (registrationValidationSources.includes(RegistrationValidationSource.MOBILE)) {\n this.smsService.sendSMSUsingTemplate(\n user.mobile,\n 'otp-on-register',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n otp: user.mobileVerificationTokenOnRegistration,\n mobileVerificationTokenOnRegistration: user.mobileVerificationTokenOnRegistration,\n firstName: user.username,\n fullName: user.fullName ? user.fullName : user.username,\n companyLogoUrl: companyLogo\n }\n );\n }\n }\n\n async otpConfirmRegistration(confirmSignUpDto: OTPConfirmOTPDto) {\n if (!this.isPasswordlessRegistrationEnabled()) {\n throw new BadRequestException(ERROR_MESSAGES.PASSWORDLESS_REGISTRATION_DISABLED);\n }\n\n // Based on the identifier, validate by query the user table.\n if (confirmSignUpDto.type === RegistrationValidationSource.EMAIL) {\n const user = await this.userRepository.findOne({\n where: {\n email: confirmSignUpDto.identifier,\n }\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n if (user.emailVerificationTokenOnRegistration !== confirmSignUpDto.otp) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n if (user.emailVerificationTokenOnRegistrationExpiresAt < new Date()) {\n throw new UnauthorizedException(ERROR_MESSAGES.OTP_EXPIRED);\n }\n user.emailVerifiedOnRegistrationAt = new Date();\n user.emailVerificationTokenOnRegistration = null;\n user.emailVerificationTokenOnRegistrationExpiresAt = null;\n user.active = await this.settingService.getConfigValue('activateUserOnRegistration') && this.areRegistrationValidationSourcesVerified(user);\n const savedUser: User = await this.userRepository.save(user);\n this.triggerRegistrationEvent(savedUser);\n return { active: savedUser.active, message: `User registration verified for ${confirmSignUpDto.type}` }\n } else if (confirmSignUpDto.type === RegistrationValidationSource.MOBILE) {\n const user = await this.userRepository.findOne({\n where: {\n mobile: confirmSignUpDto.identifier,\n }\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n if (user.mobileVerificationTokenOnRegistration !== confirmSignUpDto.otp) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n if (user.mobileVerificationTokenOnRegistrationExpiresAt < new Date()) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n user.mobileVerifiedOnRegistrationAt = new Date();\n user.mobileVerificationTokenOnRegistration = null;\n user.mobileVerificationTokenOnRegistrationExpiresAt = null;\n user.active = await this.settingService.getConfigValue('activateUserOnRegistration') && this.areRegistrationValidationSourcesVerified(user);\n const savedUser: User = await this.userRepository.save(user);\n this.triggerRegistrationEvent(savedUser);\n return { active: savedUser.active, message: `User registration verified for ${confirmSignUpDto.type}` }\n }\n throw new BadRequestException(ERROR_MESSAGES.INVALID_VERIFICATION_TYPE);\n }\n\n private triggerRegistrationEvent(savedUser: User) {\n // Trigger events for user registration.\n const event = new EventDetails<User>(EventType.USER_REGISTERED, savedUser);\n this.eventEmitter.emit(EventType.USER_REGISTERED, event);\n }\n\n areRegistrationValidationSourcesVerified(user: User): boolean {\n const registrationValidationSources = this.iamConfiguration.passwordlessRegistrationValidateWhat;\n if (registrationValidationSources.includes(RegistrationValidationSource.EMAIL)) {\n if (!user.emailVerifiedOnRegistrationAt) {\n return false;\n }\n }\n if (registrationValidationSources.includes(RegistrationValidationSource.MOBILE)) {\n if (!user.mobileVerifiedOnRegistrationAt) {\n return false;\n }\n }\n return true;\n }\n\n private otp(): otp {\n const now = new Date();\n now.setMinutes(now.getMinutes() + this.iamConfiguration.otpExpiry);\n return {\n token: this.iamConfiguration.dummyOtp ? this.iamConfiguration.dummyOtp : randomInt(100000, 999999).toString(),\n expiresAt: now,\n };\n }\n\n async signIn(signInDto: SignInDto) {\n const user = await this.validateUser(signInDto);\n\n // TODO: Unset the password etc...\n const tokens = await this.generateTokens(user);\n\n await this.userActivityHistoryService.logEvent('login', user);\n\n return {\n user: {\n email: user.email,\n mobile: user.mobile,\n username: user.username,\n forcePasswordChange: user.forcePasswordChange,\n id: user.id,\n roles: user.roles.map((role) => role.name)\n },\n ...tokens\n }\n }\n\n async otpInitiateLogin(signInDto: OTPSignInDto) {\n if (!this.isPasswordlessRegistrationEnabled()) {\n throw new BadRequestException(ERROR_MESSAGES.PASSWORDLESS_REGISTRATION_DISABLED);\n }\n\n // Validate & generate otp token for the user based on the identifier type.\n if (signInDto.type === RegistrationValidationSource.EMAIL) {\n const user = await this.userRepository.findOne({\n where: {\n email: signInDto.identifier,\n }\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n if (!user.active) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_INACTIVE);\n }\n const { token, expiresAt } = this.otp();\n user.emailVerificationTokenOnLogin = token;\n user.emailVerificationTokenOnLoginExpiresAt = expiresAt;\n await this.userRepository.save(user);\n this.notifyUserOnOtpInititateLogin(user, RegistrationValidationSource.EMAIL);\n } else if (signInDto.type === RegistrationValidationSource.MOBILE) {\n const user = await this.userRepository.findOne({\n where: {\n mobile: signInDto.identifier,\n }\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n\n const { token, expiresAt } = this.otp();\n user.mobileVerificationTokenOnLogin = token;\n user.mobileVerificationTokenOnLoginExpiresAt = expiresAt;\n await this.userRepository.save(user);\n this.notifyUserOnOtpInititateLogin(user, RegistrationValidationSource.MOBILE);\n }\n else {\n throw new BadRequestException(ERROR_MESSAGES.INVALID_VERIFICATION_TYPE);\n }\n return { message: SUCCESS_MESSAGES.OTP_SENT_SUCCESS_LOGIN };\n }\n\n private async notifyUserOnOtpInititateLogin(user: User, loginType: RegistrationValidationSource) {\n const companyLogo = await this.getCompanyLogo();\n\n if (this.iamConfiguration.dummyOtp)\n return; // Do nothing if dummy otp is configured.\n if (loginType === RegistrationValidationSource.EMAIL) {\n const mailService = this.mailServiceFactory.getMailService();\n mailService.sendEmailUsingTemplate(\n user.email,\n 'otp-on-login',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n solidAppWebsiteUrl: process.env.SOLID_APP_WEBSITE_URL,\n firstName: user.username,\n emailVerificationTokenOnLogin: user.emailVerificationTokenOnLogin,\n fullName: user.fullName ? user.fullName : user.username,\n companyLogoUrl: companyLogo\n },\n this.commonConfiguration.shouldQueueEmails,\n null,\n null,\n 'user',\n user.id\n );\n }\n if (loginType === RegistrationValidationSource.MOBILE) {\n this.smsService.sendSMSUsingTemplate(\n user.mobile,\n 'otp-on-login',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n otp: user.mobileVerificationTokenOnLogin,\n mobileVerificationTokenOnLogin: user.mobileVerificationTokenOnLogin,\n firstName: user.username,\n fullName: user.fullName ? user.fullName : user.username,\n companyLogoUrl: companyLogo\n }\n );\n }\n }\n\n async otpConfirmLogin(confirmSignInDto: OTPConfirmOTPDto) {\n if (!this.isPasswordlessRegistrationEnabled()) {\n throw new BadRequestException(ERROR_MESSAGES.PASSWORDLESS_REGISTRATION_DISABLED);\n }\n if (confirmSignInDto.type === RegistrationValidationSource.EMAIL) {\n const user = await this.userRepository.findOne({\n where: {\n email: confirmSignInDto.identifier,\n },\n relations: ['roles']\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n if (!user.active) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_INACTIVE);\n }\n if (user.emailVerificationTokenOnLogin !== confirmSignInDto.otp) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n if (user.emailVerificationTokenOnLoginExpiresAt < new Date()) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n user.emailVerifiedOnLoginAt = new Date();\n user.emailVerificationTokenOnLogin = null;\n user.emailVerificationTokenOnLoginExpiresAt = null;\n await this.userRepository.save(user);\n const { accessToken, refreshToken } = await this.generateTokens(user);\n const { id, username, email, mobile, lastLoginProvider } = user;\n const roles = user.roles.map((role) => role.name);\n return { accessToken, refreshToken, user: { id, username, email, mobile, lastLoginProvider, roles } };\n } else if (confirmSignInDto.type === RegistrationValidationSource.MOBILE) {\n const user = await this.userRepository.findOne({\n where: {\n mobile: confirmSignInDto.identifier,\n },\n relations: ['roles']\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_NOT_ACTIVE);\n }\n if (!user.active) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_INACTIVE);\n }\n if (user.mobileVerificationTokenOnLogin !== confirmSignInDto.otp) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n if (user.mobileVerificationTokenOnLoginExpiresAt < new Date()) {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_OTP);\n }\n user.mobileVerifiedOnLoginAt = new Date();\n user.mobileVerificationTokenOnLogin = null;\n user.mobileVerificationTokenOnLoginExpiresAt = null;\n await this.userRepository.save(user);\n const { accessToken, refreshToken } = await this.generateTokens(user);\n const { id, username, email, mobile, lastLoginProvider } = user;\n const roles = user.roles.map((role) => role.name);\n return { accessToken, refreshToken, user: { id, username, email, mobile, lastLoginProvider, roles } };\n\n }\n throw new BadRequestException(ERROR_MESSAGES.INVALID_VERIFICATION_TYPE);\n }\n\n async changePassword(changePasswordDto: ChangePasswordDto, activeUser: ActiveUserData) {\n const user = await this.userRepository.findOne({\n where: { id: changePasswordDto.id }\n });\n if (!user) {\n throw new NotFoundException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n\n if (!user.active) {\n throw new UnauthorizedException(ERROR_MESSAGES.USER_INACTIVE);\n }\n\n // 2. Validate if user has used a provider which is \"local\", only then it makes sense for us to initiate the forgot password routine.\n if (user.lastLoginProvider !== 'local') {\n throw new BadRequestException(ERROR_MESSAGES.NON_LOCAL_PROVIDER);\n }\n\n // Check if ID's match\n if (!(user.id === activeUser.sub)) {\n throw new BadRequestException(ERROR_MESSAGES.USER_ID_MISMATCH);\n }\n\n // Check if username's match\n if (!(user.username === activeUser.username)) {\n throw new BadRequestException(ERROR_MESSAGES.USERNAME_MISMATCH);\n }\n\n // Check if old password is matching.\n const isEqual = await this.hashingService.compare(\n changePasswordDto.currentPassword,\n user.password,\n );\n if (!isEqual) {\n throw new UnauthorizedException(ERROR_MESSAGES.INCORRECT_CURRENT_PASSWORD);\n }\n\n // Update Password\n const newPwd = await this.hashingService.hash(changePasswordDto.newPassword);\n user.password = changePasswordDto.newPassword;\n\n // Everytime the user changes the password we reset the forcePasswordChange flag back to false. \n user.forcePasswordChange = false;\n user.password = newPwd;\n\n await this.userRepository.save(user);\n\n return true;\n }\n\n // generate uuid token for forgot password\n private generateForgotPasswordToken() {\n const expiryTime = new Date();\n expiryTime.setMinutes(expiryTime.getMinutes() + this.iamConfiguration.forgotPasswordVerificationTokenExpiry);\n\n return {\n token: this.iamConfiguration.dummyOtp\n ? this.iamConfiguration.dummyOtp\n : uuidv4(), // UUID instead of numeric OTP\n expiresAt: expiryTime,\n };\n }\n\n async initiateForgotPassword(initiateForgotPasswordDto: InitiateForgotPasswordDto) {\n // Steps / Algorithm: \n // 1. Identify the user using the specified \"username\", if not found exit.\n // const user = await this.userRepository.findOne({\n // where: { username: initiateForgotPasswordDto.username, }\n // });\n const user = await this.resolveUser(initiateForgotPasswordDto.username, initiateForgotPasswordDto.email);\n\n let isValidUser = true // Instead of throwing exceptions we will simply return success message, this is to avoid user enumeration attacks.\n if (!user) {\n isValidUser = false\n // throw new NotFoundException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n if (isValidUser && !user?.active) {\n isValidUser = false\n // throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n\n // 2. Validate if user has used a provider which is \"local\", only then it makes sense for us to initiate the forgot password routine. \n if (isValidUser && user?.lastLoginProvider !== 'local') {\n isValidUser = false\n // throw new BadRequestException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n\n // 3. Generate a 6 digit validation token, we send this token to the user over their email & mobile number (controlled using configuration).\n // 4. Save this validation token in new fields on the user record. \n if (isValidUser) {\n const { token, expiresAt } = this.generateForgotPasswordToken();\n user.verificationTokenOnForgotPassword = token;\n user.verificationTokenOnForgotPasswordExpiresAt = expiresAt;\n await this.userRepository.save(user);\n this.notifyUserOnForgotPassword(user);\n }\n\n // 5. Return. \n return {\n status: 'success',\n message: SUCCESS_MESSAGES.FORGOT_PASSWORD_TOKEN_SENT,\n error: '',\n errorCode: '',\n data: {\n user: {\n email: user?.email,\n // mobile: user.mobile,\n // username: user.username,\n },\n }\n }\n }\n\n private async notifyUserOnForgotPassword(user: User) {\n const companyLogo = await this.getCompanyLogo();\n\n const forgotPasswordSendVerificationTokenOn = this.iamConfiguration.forgotPasswordSendVerificationTokenOn;\n\n if (forgotPasswordSendVerificationTokenOn == ForgotPasswordSendVerificationTokenOn.EMAIL) {\n const mailService = this.mailServiceFactory.getMailService();\n mailService.sendEmailUsingTemplate(\n user.email,\n 'forgot-password',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n solidAppWebsiteUrl: process.env.SOLID_APP_WEBSITE_URL,\n firstName: user.username,\n fullName: user.fullName,\n // TODO: Need to prefix this with the page url where the forgot password page will open up.\n passwordResetLink: `${process.env.IAM_FRONTEND_APP_FORGOT_PASSWORD_PAGE_URL}?token=${user.verificationTokenOnForgotPassword}`,\n companyLogoUrl: companyLogo\n },\n this.commonConfiguration.shouldQueueEmails,\n null,\n null,\n 'user',\n user.id\n );\n }\n // Assuming all users do not have mobile as mandatory.\n if (forgotPasswordSendVerificationTokenOn == ForgotPasswordSendVerificationTokenOn.MOBILE && user.mobile) {\n this.smsService.sendSMSUsingTemplate(\n user.mobile,\n 'forgot-password',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n otp: user.verificationTokenOnForgotPassword,\n verificationTokenOnForgotPassword: user.verificationTokenOnForgotPassword,\n firstName: user.username,\n companyLogoUrl: companyLogo\n }\n );\n }\n }\n\n async confirmForgotPassword(confirmForgotPasswordDto: ConfirmForgotPasswordDto) {\n return this.dataSource.transaction(async (m) => {\n // Resolve the user id first (by username/email), but DON'T check the token in JS.\n const user = await this.resolveUserByVerificationToken(confirmForgotPasswordDto.verificationToken);\n if (!user) throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n if (user.lastLoginProvider !== 'local') throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n if (!user.active) throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n\n // 1) Atomically consume the token (only one request can succeed)\n const { affected } = await m\n .createQueryBuilder()\n .update(User)\n .set({\n forgotPasswordConfirmedAt: () => 'NOW()',\n verificationTokenOnForgotPassword: () => 'NULL',\n verificationTokenOnForgotPasswordExpiresAt: () => 'NULL',\n })\n .where('id = :id', { id: user.id })\n .andWhere('verificationTokenOnForgotPassword = :token', { token: confirmForgotPasswordDto.verificationToken })\n .andWhere('verificationTokenOnForgotPasswordExpiresAt > NOW()')\n .execute();\n\n if (affected !== 1) {\n // Token invalid/expired/already used (or a parallel call already consumed it)\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_CREDENTIALS);\n }\n\n // 2) Now update the password & history (still inside the same transaction)\n const pwdHash = await this.hashingService.hash(confirmForgotPasswordDto.password);\n\n // Check reuse with your existing method (ensure it looks at hashes).\n await m.getRepository(User).update({ id: user.id }, { password: pwdHash });\n this.notifyUserOnPasswordChanged(user);\n\n return {\n status: 'success',\n message: SUCCESS_MESSAGES.FORGOT_PASSWORD_CONFIRMED,\n error: '',\n errorCode: '',\n data: {},\n };\n });\n }\n\n private async notifyUserOnPasswordChanged(user: User) {\n const companyLogo = await this.getCompanyLogo();\n\n const forgotPasswordSendVerificationTokenOn = this.iamConfiguration.forgotPasswordSendVerificationTokenOn;\n\n if (forgotPasswordSendVerificationTokenOn == ForgotPasswordSendVerificationTokenOn.EMAIL) {\n const mailService = this.mailServiceFactory.getMailService();\n mailService.sendEmailUsingTemplate(\n user.email,\n 'password-changed',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n solidAppWebsiteUrl: process.env.SOLID_APP_WEBSITE_URL,\n email: user.email,\n firstName: user.username,\n fullName: user.fullName,\n // TODO: Need to prefix this with the page url where the forgot password page will open up.\n passwordResetLink: `${process.env.IAM_FRONTEND_APP_FORGOT_PASSWORD_PAGE_URL}?token=${user.verificationTokenOnForgotPassword}`,\n companyLogoUrl: companyLogo\n },\n this.commonConfiguration.shouldQueueEmails,\n null,\n null,\n 'user',\n user.id\n );\n }\n // Assuming all users do not have mobile as mandatory.\n if (forgotPasswordSendVerificationTokenOn == ForgotPasswordSendVerificationTokenOn.MOBILE && user.mobile) {\n this.smsService.sendSMSUsingTemplate(\n user.mobile,\n 'forgot-password',\n {\n solidAppName: process.env.SOLID_APP_NAME,\n otp: user.verificationTokenOnForgotPassword,\n verificationTokenOnForgotPassword: user.verificationTokenOnForgotPassword,\n firstName: user.username,\n companyLogoUrl: companyLogo\n }\n );\n }\n }\n\n async generateTokens(user: User) {\n\n const [accessToken, refreshToken] = await Promise.all([\n this.generateAccessToken(user),\n this.generateRefreshToken(user),\n ]);\n\n return {\n accessToken,\n refreshToken,\n };\n }\n\n async generateAccessToken(user: User) {\n\n // const userRoleNames = user.roles.map((role) => role.name).join(';')\n const userRoleNames = user.roles.map((role) => role.name);\n\n const accessToken = await this.signToken<Partial<ActiveUserData>>(\n user.id,\n this.jwtConfiguration.accessTokenTtl,\n { username: user.username, email: user.email, roles: userRoleNames },\n );\n\n return accessToken;\n }\n\n async generateRefreshToken(user: User) {\n const refreshTokenId = randomUUID();\n\n const refreshToken = await this.signToken(user.id, this.jwtConfiguration.refreshTokenTtl, {\n refreshTokenId,\n })\n\n // store the refresh token id in the redis storage.\n await this.refreshTokenIdsStorage.insert(user.id, refreshToken);\n\n return refreshToken;\n }\n\n async refreshTokens(refreshTokenDto: RefreshTokenDto) {\n try {\n const { sub } = await this.jwtService.verifyAsync<Pick<ActiveUserData, 'sub'> & { refreshTokenId: string }>(refreshTokenDto.refreshToken, {\n secret: this.jwtConfiguration.secret,\n audience: this.jwtConfiguration.audience,\n issuer: this.jwtConfiguration.issuer,\n });\n // const user = await this.userRepository.findOneByOrFail({ id: sub });\n const user = await this.userRepository.findOne({\n where: {\n id: sub,\n },\n relations: {\n roles: true\n }\n });\n if (!user) {\n throw new UnauthorizedException(ERROR_MESSAGES.SESSION_INVALID);\n }\n\n // TODO: Replace the if else condition below with a call to validateAndRotate - Done\n // const isValid = await this.refreshTokenIdsStorage.validate(user.id, refreshTokenId);\n // if (isValid) {\n // // Refresh token rotation.\n // await this.refreshTokenIdsStorage.invalidate(user.id);\n // } else {\n // throw new Error('Refresh token is invalid');\n // }\n\n const currentRefreshToken = await this.refreshTokenIdsStorage.validateAndRotate(user, refreshTokenDto.refreshToken);\n\n await this.userActivityHistoryService.logEvent('tokenRefreshed', user);\n\n return {\n accessToken: await this.generateAccessToken(user),\n refreshToken: currentRefreshToken,\n };\n } catch (err) {\n if (err instanceof InvalidatedRefreshTokenError) {\n // Take action: notify user that his refresh token might have been stolen?\n throw new UnauthorizedException(ERROR_MESSAGES.ACCESS_DENIED);\n }\n\n throw new UnauthorizedException(ERROR_MESSAGES.SESSION_EXPIRED);\n }\n }\n\n private async signToken<T>(userId: number, expiresIn: number, payload?: T) {\n return await this.jwtService.signAsync(\n {\n sub: userId,\n ...payload,\n },\n {\n audience: this.jwtConfiguration.audience,\n issuer: this.jwtConfiguration.issuer,\n secret: this.jwtConfiguration.secret,\n expiresIn,\n },\n );\n }\n\n // PROVIDER SPECIFIC CODE\n async validateUserUsingGoogle(user: User) {\n try {\n // Make API call to Google OAuth service to fetch user profile\n const response = await this.httpService.axiosRef.get(`https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=${user.googleAccessToken}`);\n const userProfile = response.data;\n\n // Ensure the fetched profile email & provider Id match the ones we have stored in the database earlier. \n if (userProfile.email === user.email && userProfile.id === user.googleId) {\n // TODO: remove the access code both from the database.\n return userProfile;\n } else {\n throw new UnauthorizedException(ERROR_MESSAGES.INVALID_USER_PROFILE);\n }\n } catch (error) {\n throw new UnauthorizedException(ERROR_MESSAGES.GOOGLE_OAUTH_PROFILE_FETCH_FAILED);\n }\n }\n\n async signInUsingGoogle(accessCode: string) {\n const user = await this.userRepository.findOne({\n where: {\n accessCode: accessCode\n },\n relations: {\n roles: true\n }\n });\n\n // Validate the user against the Google oauth provider. \n // If the below call finishes without raising an exception then we have validated the user properly.\n await this.validateUserUsingGoogle(user);\n\n // finally we simply generate the tokens. \n const tokens = await this.generateTokens(user);\n return {\n user: {\n email: user.email,\n mobile: user.mobile,\n username: user.username,\n // forcePasswordChange: user.forcePasswordChange,\n id: user.id,\n roles: user.roles.map((role) => role.name)\n },\n ...tokens\n }\n\n }\n\n private async isPasswordlessRegistrationEnabled() {\n return this.settingService.getConfigValue('passwordlessRegistration');\n }\n\n //FIXME - Pending implementation\n // async logout() {\n // // const user = this.request.user; //TODO: // Access the user from the execution context\n\n // // Invalidate the refresh token\n // // await this.refreshTokenIdsStorage.invalidate(user.id);\n // }\n async logout() {\n try {\n const activeUser = this.requestContextService.getActiveUser();\n const userId = activeUser?.sub;\n const user = await this.userRepository.findOne({\n where: {\n id: userId,\n }\n })\n // Invalidate refresh token if you store them\n await this.refreshTokenIdsStorage.invalidate(userId); // ← Your existing logic\n\n // Log logout event\n await this.userActivityHistoryService.logEvent('logout', user);\n\n\n return { message: SUCCESS_MESSAGES.LOGOUT_SUCCESS };\n } catch (err) {\n throw err instanceof UnauthorizedException || err instanceof InternalServerErrorException\n ? err\n : new InternalServerErrorException(ERROR_MESSAGES.LOGOUT_FAILED);\n }\n }\n\n\n async activateUser(userId: number) {\n const user = await this.userService.findOne(userId, {});\n if (!user) {\n throw new NotFoundException(ERROR_MESSAGES.USER_NOT_FOUND);\n }\n user.active = true;\n await this.userRepository.save(user);\n }\n\n async me(activeUser: ActiveUserData) {\n const user = await this.userRepository.findOne({\n where: {\n id: activeUser.sub,\n },\n relations: {\n roles: true\n }\n });\n const tokens = await this.generateTokens(user);\n\n const response = {\n user: {\n email: user.email,\n mobile: user.mobile,\n username: user.username,\n // forcePasswordChange: user.forcePasswordChange,\n id: user.id,\n roles: user.roles.map((role) => role.name)\n },\n ...tokens\n }\n return response;\n }\n\n}\n\nfunction parseUniqueConstraintError(detail: string): string {\n const match = detail.match(/Key \\(([^)]+)\\)=\\(([^)]+)\\) already exists\\./);\n if (match) {\n const field = match[1];\n const value = match[2];\n const fieldMap: Record<string, string> = {\n username: 'username',\n email: 'email address',\n full_name_user_key: 'full name',\n };\n const friendlyField = fieldMap[field] || field;\n return `A user with ${friendlyField} \"${value}\" already exists.`;\n }\n return detail;\n}\n"]}
package/dist/services/mcp-tool-response-handlers/solid-create-module-mcp-tool-response-handler.service.js CHANGED
@@ -20,7 +20,7 @@ let SolidCreateModuleMcpToolResponseHandler = class SolidCreateModuleMcpToolResp
20
20
  }
21
21
  async apply(aiInteraction) {
22
22
  const aiResponse = JSON.parse(aiInteraction.message);
23
- const moduleMetadata = aiResponse['moduleMetadata'];
23
+ const moduleMetadata = aiResponse?.data?.moduleMetadata ?? {};
24
24
  const createDto = {
25
25
  defaultDataSource: 'default',
26
26
  description: moduleMetadata['description'],
package/dist/services/mcp-tool-response-handlers/solid-create-module-mcp-tool-response-handler.service.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"solid-create-module-mcp-tool-response-handler.service.js","sourceRoot":"","sources":["../../../src/services/mcp-tool-response-handlers/solid-create-module-mcp-tool-response-handler.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA4C;AAG5C,wEAAmE;AAEnE,iEAA2D;AAGpD,IAAM,uCAAuC,GAA7C,MAAM,uCAAuC;IAEhD,YACqB,qBAA4C,EAC5C,aAA4B;QAD5B,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,kBAAa,GAAb,aAAa,CAAe;IAGjD,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,aAA4B;QACpC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAErD,MAAM,cAAc,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAC;QAIpD,MAAM,SAAS,GAA4B;YACvC,iBAAiB,EAAE,SAAS;YAC5B,WAAW,EAAE,cAAc,CAAC,aAAa,CAAC;YAC1C,WAAW,EAAE,cAAc,CAAC,aAAa,CAAC;YAC1C,QAAQ,EAAE,KAAK;YACf,WAAW,EAAE,EAAE;YACf,MAAM,EAAE,EAAE;YACV,IAAI,EAAE,cAAc,CAAC,MAAM,CAAC;YAC5B,kBAAkB,EAAE,CAAC;SACxB,CAAA;QAGD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAKrE,MAAM,IAAI,CAAC,qBAAqB,CAAC,YAAY,CAAC,EAAE,QAAQ,EAAE,SAAS,CAAC,EAAE,EAAE,CAAC,CAAC;QAO1E,OAAO;YACH,eAAe,EAAE,IAAI;YACrB,eAAe,EAAE,IAAI;SACxB,CAAA;IACL,CAAC;CAEJ,CAAA;AA9CY,0FAAuC;kDAAvC,uCAAuC;IADnD,IAAA,mBAAU,GAAE;qCAImC,+CAAqB;QAC7B,8BAAa;GAJxC,uCAAuC,CA8CnD","sourcesContent":["import { Injectable } from \"@nestjs/common\";\nimport { IMcpToolResponseHandler } from \"../../interfaces\";\nimport { AiInteraction } from \"src/entities/ai-interaction.entity\";\nimport { ModuleMetadataService } from \"../module-metadata.service\";\nimport { CreateModuleMetadataDto } from \"src/dtos/create-module-metadata.dto\";\nimport { SolidRegistry } from \"src/helpers/solid-registry\";\n\n@Injectable()\nexport class SolidCreateModuleMcpToolResponseHandler implements IMcpToolResponseHandler {\n\n constructor(\n private readonly moduleMetadataService: ModuleMetadataService,\n private readonly solidRegistry: SolidRegistry,\n\n ) {\n }\n\n async apply(aiInteraction: AiInteraction) {\n const aiResponse = JSON.parse(aiInteraction.message);\n\n const moduleMetadata = aiResponse['moduleMetadata'];\n\n // TODO: Validate if another module with same name exists, if it does then raise an error...\n\n const createDto: CreateModuleMetadataDto = {\n defaultDataSource: 'default',\n description: moduleMetadata['description'],\n displayName: moduleMetadata['displayName'],\n isSystem: false,\n menuIconUrl: '',\n models: [],\n name: moduleMetadata['name'],\n menuSequenceNumber: 1\n }\n\n // This creates the module-metadata.json file....\n const moduleObj = await this.moduleMetadataService.create(createDto);\n\n // const seeder = this.solidRegistry.getSeeders().filter((seeder) => seeder.name === 'ModuleMetadataSeederService').map((seeder) => seeder.instance).pop();\n\n // Now we need to run solid seed & then solid refresh-model --name <module-name>\n await this.moduleMetadataService.generateCode({ moduleId: moduleObj.id });\n\n // solid seed ... this has to be run after reboot from the UI...\n // await new Promise(resolve => setTimeout(resolve, 1000));\n // await seeder.seed();\n\n // TODO: decide on some shape to return hre...\n return {\n seedingRequired: true,\n serverRebooting: true,\n }\n }\n\n}"]}
1
+ {"version":3,"file":"solid-create-module-mcp-tool-response-handler.service.js","sourceRoot":"","sources":["../../../src/services/mcp-tool-response-handlers/solid-create-module-mcp-tool-response-handler.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA4C;AAG5C,wEAAmE;AAEnE,iEAA2D;AAGpD,IAAM,uCAAuC,GAA7C,MAAM,uCAAuC;IAEhD,YACqB,qBAA4C,EAC5C,aAA4B;QAD5B,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,kBAAa,GAAb,aAAa,CAAe;IAGjD,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,aAA4B;QACpC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAErD,MAAM,cAAc,GAAG,UAAU,EAAE,IAAI,EAAE,cAAc,IAAI,EAAE,CAAC;QAI9D,MAAM,SAAS,GAA4B;YACvC,iBAAiB,EAAE,SAAS;YAC5B,WAAW,EAAE,cAAc,CAAC,aAAa,CAAC;YAC1C,WAAW,EAAE,cAAc,CAAC,aAAa,CAAC;YAC1C,QAAQ,EAAE,KAAK;YACf,WAAW,EAAE,EAAE;YACf,MAAM,EAAE,EAAE;YACV,IAAI,EAAE,cAAc,CAAC,MAAM,CAAC;YAC5B,kBAAkB,EAAE,CAAC;SACxB,CAAA;QAGD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAKrE,MAAM,IAAI,CAAC,qBAAqB,CAAC,YAAY,CAAC,EAAE,QAAQ,EAAE,SAAS,CAAC,EAAE,EAAE,CAAC,CAAC;QAO1E,OAAO;YACH,eAAe,EAAE,IAAI;YACrB,eAAe,EAAE,IAAI;SACxB,CAAA;IACL,CAAC;CAEJ,CAAA;AA9CY,0FAAuC;kDAAvC,uCAAuC;IADnD,IAAA,mBAAU,GAAE;qCAImC,+CAAqB;QAC7B,8BAAa;GAJxC,uCAAuC,CA8CnD","sourcesContent":["import { Injectable } from \"@nestjs/common\";\nimport { IMcpToolResponseHandler } from \"../../interfaces\";\nimport { AiInteraction } from \"src/entities/ai-interaction.entity\";\nimport { ModuleMetadataService } from \"../module-metadata.service\";\nimport { CreateModuleMetadataDto } from \"src/dtos/create-module-metadata.dto\";\nimport { SolidRegistry } from \"src/helpers/solid-registry\";\n\n@Injectable()\nexport class SolidCreateModuleMcpToolResponseHandler implements IMcpToolResponseHandler {\n\n constructor(\n private readonly moduleMetadataService: ModuleMetadataService,\n private readonly solidRegistry: SolidRegistry,\n\n ) {\n }\n\n async apply(aiInteraction: AiInteraction) {\n const aiResponse = JSON.parse(aiInteraction.message);\n\n const moduleMetadata = aiResponse?.data?.moduleMetadata ?? {};\n\n // TODO: Validate if another module with same name exists, if it does then raise an error...\n\n const createDto: CreateModuleMetadataDto = {\n defaultDataSource: 'default',\n description: moduleMetadata['description'],\n displayName: moduleMetadata['displayName'],\n isSystem: false,\n menuIconUrl: '',\n models: [],\n name: moduleMetadata['name'],\n menuSequenceNumber: 1\n }\n\n // This creates the module-metadata.json file....\n const moduleObj = await this.moduleMetadataService.create(createDto);\n\n // const seeder = this.solidRegistry.getSeeders().filter((seeder) => seeder.name === 'ModuleMetadataSeederService').map((seeder) => seeder.instance).pop();\n\n // Now we need to run solid seed & then solid refresh-model --name <module-name>\n await this.moduleMetadataService.generateCode({ moduleId: moduleObj.id });\n\n // solid seed ... this has to be run after reboot from the UI...\n // await new Promise(resolve => setTimeout(resolve, 1000));\n // await seeder.seed();\n\n // TODO: decide on some shape to return hre...\n return {\n seedingRequired: true,\n serverRebooting: true,\n }\n }\n\n}"]}
package/dist/solid-core.module.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"solid-core.module.d.ts","sourceRoot":"","sources":["../src/solid-core.module.ts"],"names":[],"mappings":"AAiTA,qBA+Ya,eAAe;CAAI"}
1
+ {"version":3,"file":"solid-core.module.d.ts","sourceRoot":"","sources":["../src/solid-core.module.ts"],"names":[],"mappings":"AA0SA,qBA8Ya,eAAe;CAAI"}
package/dist/solid-core.module.js CHANGED
@@ -74,7 +74,6 @@ const menu_item_metadata_entity_1 = require("./entities/menu-item-metadata.entit
74
74
  const mq_message_queue_entity_1 = require("./entities/mq-message-queue.entity");
75
75
  const mq_message_entity_1 = require("./entities/mq-message.entity");
76
76
  const sms_template_entity_1 = require("./entities/sms-template.entity");
77
- const user_password_history_entity_1 = require("./entities/user-password-history.entity");
78
77
  const access_token_guard_1 = require("./guards/access-token.guard");
79
78
  const authentication_guard_1 = require("./guards/authentication.guard");
80
79
  const permissions_guard_1 = require("./guards/permissions.guard");
@@ -307,7 +306,6 @@ exports.SolidCoreModule = SolidCoreModule = __decorate([
307
306
  sms_template_entity_1.SmsTemplate,
308
307
  email_attachment_entity_1.EmailAttachment,
309
308
  user_entity_1.User,
310
- user_password_history_entity_1.UserPasswordHistory,
311
309
  view_metadata_entity_1.ViewMetadata,
312
310
  action_metadata_entity_1.ActionMetadata,
313
311
  menu_item_metadata_entity_1.MenuItemMetadata,