@stackframe/stack-shared 2.8.40 → 2.8.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/CHANGELOG.md +6 -0
  2. package/dist/esm/interface/client-interface.js +1 -1
  3. package/dist/esm/interface/client-interface.js.map +1 -1
  4. package/dist/esm/sessions.js +17 -5
  5. package/dist/esm/sessions.js.map +1 -1
  6. package/dist/interface/client-interface.js +1 -1
  7. package/dist/interface/client-interface.js.map +1 -1
  8. package/dist/sessions.d.mts +2 -1
  9. package/dist/sessions.d.ts +2 -1
  10. package/dist/sessions.js +16 -4
  11. package/dist/sessions.js.map +1 -1
  12. package/package.json +1 -1
package/dist/interface/client-interface.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/interface/client-interface.ts"],"sourcesContent":["import * as oauth from 'oauth4webapi';\n\nimport * as yup from 'yup';\nimport { KnownError, KnownErrors } from '../known-errors';\nimport { inlineOfferSchema } from '../schema-fields';\nimport { AccessToken, InternalSession, RefreshToken } from '../sessions';\nimport { generateSecureRandomString } from '../utils/crypto';\nimport { StackAssertionError, throwErr } from '../utils/errors';\nimport { globalVar } from '../utils/globals';\nimport { HTTP_METHODS, HttpMethod } from '../utils/http';\nimport { ReadonlyJson } from '../utils/json';\nimport { filterUndefined, filterUndefinedOrNull } from '../utils/objects';\nimport { AuthenticationResponseJSON, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialRequestOptionsJSON, RegistrationResponseJSON } from '../utils/passkey';\nimport { wait } from '../utils/promises';\nimport { Result } from \"../utils/results\";\nimport { deindent } from '../utils/strings';\nimport { urlString } from '../utils/urls';\nimport { ConnectedAccountAccessTokenCrud } from './crud/connected-accounts';\nimport { ContactChannelsCrud } from './crud/contact-channels';\nimport { CurrentUserCrud } from './crud/current-user';\nimport { ItemCrud } from './crud/items';\nimport { NotificationPreferenceCrud } from './crud/notification-preferences';\nimport { OAuthProviderCrud } from './crud/oauth-providers';\nimport { TeamApiKeysCrud, UserApiKeysCrud, teamApiKeysCreateInputSchema, teamApiKeysCreateOutputSchema, userApiKeysCreateInputSchema, userApiKeysCreateOutputSchema } from './crud/project-api-keys';\nimport { ProjectPermissionsCrud } from './crud/project-permissions';\nimport { AdminUserProjectsCrud, ClientProjectsCrud } from './crud/projects';\nimport { SessionsCrud } from './crud/sessions';\nimport { TeamInvitationCrud } from './crud/team-invitation';\nimport { TeamMemberProfilesCrud } from './crud/team-member-profiles';\nimport { TeamPermissionsCrud } from './crud/team-permissions';\nimport { TeamsCrud } from './crud/teams';\n\nexport type ClientInterfaceOptions = {\n clientVersion: string,\n // This is a function instead of a string because it might be different based on the environment (for example client vs server)\n getBaseUrl: () => string,\n extraRequestHeaders: Record<string, string>,\n projectId: string,\n prepareRequest?: () => Promise<void>,\n} & ({\n publishableClientKey: string,\n} | {\n projectOwnerSession: InternalSession,\n});\n\nexport class StackClientInterface {\n constructor(public readonly options: ClientInterfaceOptions) {\n // nothing here\n }\n\n get projectId() {\n return this.options.projectId;\n }\n\n getApiUrl() {\n return this.options.getBaseUrl() + \"/api/v1\";\n }\n\n public async runNetworkDiagnostics(session?: InternalSession | null, requestType?: \"client\" | \"server\" | \"admin\") {\n const tryRequest = async (cb: () => Promise<void>) => {\n try {\n await cb();\n return \"OK\";\n } catch (e) {\n return `${e}`;\n }\n };\n const cfTrace = await tryRequest(async () => {\n const res = await fetch(\"https://1.1.1.1/cdn-cgi/trace\");\n if (!res.ok) {\n throw new Error(`${res.status} ${res.statusText}: ${await res.text()}`);\n }\n });\n const apiRoot = session !== undefined && requestType !== undefined ? await tryRequest(async () => {\n const res = await this.sendClientRequestInner(\"/\", {}, session!, requestType);\n if (res.status === \"error\") {\n throw res.error;\n }\n }) : \"Not tested\";\n const baseUrlBackend = await tryRequest(async () => {\n const res = await fetch(new URL(\"/health\", this.getApiUrl()));\n if (!res.ok) {\n throw new Error(`${res.status} ${res.statusText}: ${await res.text()}`);\n }\n });\n const prodDashboard = await tryRequest(async () => {\n const res = await fetch(\"https://app.stack-auth.com/health\");\n if (!res.ok) {\n throw new Error(`${res.status} ${res.statusText}: ${await res.text()}`);\n }\n });\n const prodBackend = await tryRequest(async () => {\n const res = await fetch(\"https://api.stack-auth.com/health\");\n if (!res.ok) {\n throw new Error(`${res.status} ${res.statusText}: ${await res.text()}`);\n }\n });\n return {\n \"navigator?.onLine\": globalVar.navigator?.onLine,\n cfTrace,\n apiRoot,\n baseUrlBackend,\n prodDashboard,\n prodBackend,\n };\n }\n\n protected async _createNetworkError(cause: Error, session?: InternalSession | null, requestType?: \"client\" | \"server\" | \"admin\") {\n return new Error(deindent`\n Stack Auth is unable to connect to the server. Please check your internet connection and try again.\n\n If the problem persists, please contact support and provide a screenshot of your entire browser console.\n\n ${cause}\n\n ${JSON.stringify(await this.runNetworkDiagnostics(session, requestType), null, 2)}\n `, { cause: cause });\n }\n\n protected async _networkRetry<T>(cb: () => Promise<Result<T, any>>, session?: InternalSession | null, requestType?: \"client\" | \"server\" | \"admin\"): Promise<T> {\n const retriedResult = await Result.retry(\n cb,\n 5,\n { exponentialDelayBase: 1000 },\n );\n\n // try to diagnose the error for the user\n if (retriedResult.status === \"error\") {\n if (globalVar.navigator && globalVar.navigator.onLine === false) {\n throw new Error(\"You are offline. Please check your internet connection and try again. (window.navigator.onLine is false)\", { cause: retriedResult.error });\n }\n throw await this._createNetworkError(retriedResult.error, session, requestType);\n }\n return retriedResult.data;\n }\n\n protected async _networkRetryException<T>(cb: () => Promise<T>, session?: InternalSession | null, requestType?: \"client\" | \"server\" | \"admin\"): Promise<T> {\n return await this._networkRetry(async () => await Result.fromThrowingAsync(cb), session, requestType);\n }\n\n public async fetchNewAccessToken(refreshToken: RefreshToken) {\n if (!('publishableClientKey' in this.options)) {\n // TODO support it\n throw new Error(\"Admin session token is currently not supported for fetching new access token. Did you try to log in on a StackApp initiated with the admin session?\");\n }\n\n const as = {\n issuer: this.options.getBaseUrl(),\n algorithm: 'oauth2',\n token_endpoint: this.getApiUrl() + '/auth/oauth/token',\n };\n const client: oauth.Client = {\n client_id: this.projectId,\n client_secret: this.options.publishableClientKey,\n token_endpoint_auth_method: 'client_secret_post',\n };\n\n const rawResponse = await this._networkRetryException(\n async () => await oauth.refreshTokenGrantRequest(\n as,\n client,\n refreshToken.token,\n )\n );\n const response = await this._processResponse(rawResponse);\n\n if (response.status === \"error\") {\n const error = response.error;\n if (KnownErrors.RefreshTokenError.isInstance(error)) {\n return null;\n }\n throw error;\n }\n\n if (!response.data.ok) {\n const body = await response.data.text();\n throw new Error(`Failed to send refresh token request: ${response.status} ${body}`);\n }\n\n const result = await oauth.processRefreshTokenResponse(as, client, response.data);\n if (oauth.isOAuth2Error(result)) {\n // TODO Handle OAuth 2.0 response body error\n throw new StackAssertionError(\"OAuth error\", { result });\n }\n\n if (!result.access_token) {\n throw new StackAssertionError(\"Access token not found in token endpoint response, this is weird!\");\n }\n\n return new AccessToken(result.access_token);\n }\n\n public async sendClientRequest(\n path: string,\n requestOptions: RequestInit,\n session: InternalSession | null,\n requestType: \"client\" | \"server\" | \"admin\" = \"client\",\n ) {\n session ??= this.createSession({\n refreshToken: null,\n });\n\n\n return await this._networkRetry(\n () => this.sendClientRequestInner(path, requestOptions, session!, requestType),\n session,\n requestType,\n );\n }\n\n public createSession(options: Omit<ConstructorParameters<typeof InternalSession>[0], \"refreshAccessTokenCallback\">): InternalSession {\n const session = new InternalSession({\n refreshAccessTokenCallback: async (refreshToken) => await this.fetchNewAccessToken(refreshToken),\n ...options,\n });\n return session;\n }\n\n protected async sendClientRequestAndCatchKnownError<E extends typeof KnownErrors[keyof KnownErrors]>(\n path: string,\n requestOptions: RequestInit,\n tokenStoreOrNull: InternalSession | null,\n errorsToCatch: readonly E[],\n ): Promise<Result<\n Response & {\n usedTokens: {\n accessToken: AccessToken,\n refreshToken: RefreshToken | null,\n } | null,\n },\n InstanceType<E>\n >> {\n try {\n return Result.ok(await this.sendClientRequest(path, requestOptions, tokenStoreOrNull));\n } catch (e) {\n for (const errorType of errorsToCatch) {\n if (errorType.isInstance(e)) {\n return Result.error(e as InstanceType<E>);\n }\n }\n throw e;\n }\n }\n\n private async sendClientRequestInner(\n path: string,\n options: RequestInit,\n session: InternalSession,\n requestType: \"client\" | \"server\" | \"admin\",\n ): Promise<Result<Response & {\n usedTokens: {\n accessToken: AccessToken,\n refreshToken: RefreshToken | null,\n } | null,\n }>> {\n /**\n * `tokenObj === null` means the session is invalid/not logged in\n */\n let tokenObj = await session.getOrFetchLikelyValidTokens(20_000);\n\n let adminSession = \"projectOwnerSession\" in this.options ? this.options.projectOwnerSession : null;\n let adminTokenObj = adminSession ? await adminSession.getOrFetchLikelyValidTokens(20_000) : null;\n\n // all requests should be dynamic to prevent Next.js caching\n await this.options.prepareRequest?.();\n\n let url = this.getApiUrl() + path;\n if (url.endsWith(\"/\")) {\n url = url.slice(0, -1);\n }\n const params: RequestInit = {\n /**\n * This fetch may be cross-origin, in which case we don't want to send cookies of the\n * original origin (this is the default behavior of `credentials`).\n *\n * To help debugging, also omit cookies on same-origin, so we don't accidentally\n * implement reliance on cookies anywhere.\n *\n * However, Cloudflare Workers don't actually support `credentials`, so we only set it\n * if Cloudflare-exclusive globals are not detected. https://github.com/cloudflare/workers-sdk/issues/2514\n */\n ...(\"WebSocketPair\" in globalVar ? {} : {\n credentials: \"omit\",\n }),\n ...options,\n headers: {\n \"X-Stack-Override-Error-Status\": \"true\",\n \"X-Stack-Project-Id\": this.projectId,\n \"X-Stack-Access-Type\": requestType,\n \"X-Stack-Client-Version\": this.options.clientVersion,\n ...(tokenObj ? {\n \"X-Stack-Access-Token\": tokenObj.accessToken.token,\n } : {}),\n ...(tokenObj?.refreshToken ? {\n \"X-Stack-Refresh-Token\": tokenObj.refreshToken.token,\n } : {}),\n \"X-Stack-Allow-Anonymous-User\": \"true\",\n ...('publishableClientKey' in this.options ? {\n \"X-Stack-Publishable-Client-Key\": this.options.publishableClientKey,\n } : {}),\n ...(adminTokenObj ? {\n \"X-Stack-Admin-Access-Token\": adminTokenObj.accessToken.token,\n } : {}),\n /**\n * Next.js until v15 would cache fetch requests by default, and forcefully disabling it was nearly impossible.\n *\n * This header is used to change the cache key and hence always disable it, because we do our own caching.\n *\n * When we drop support for Next.js <15, we may be able to remove this header, but please make sure that this is\n * the case (I haven't actually tested.)\n */\n \"X-Stack-Random-Nonce\": generateSecureRandomString(),\n // don't show a warning when proxying the API through ngrok (only relevant if the API url is an ngrok site)\n 'ngrok-skip-browser-warning': 'true',\n ...this.options.extraRequestHeaders,\n ...options.headers,\n },\n /**\n * Cloudflare Workers does not support cache, so don't pass it there\n */\n ...(\"WebSocketPair\" in globalVar ? {} : {\n cache: \"no-store\",\n }),\n };\n\n let rawRes;\n try {\n rawRes = await fetch(url, params);\n } catch (e) {\n if (e instanceof TypeError) {\n // Likely to be a network error. Retry if the request is idempotent, throw network error otherwise.\n if (HTTP_METHODS[(params.method ?? \"GET\") as HttpMethod].idempotent) {\n return Result.error(e);\n } else {\n throw await this._createNetworkError(e, session, requestType);\n }\n }\n throw e;\n }\n\n const processedRes = await this._processResponse(rawRes);\n if (processedRes.status === \"error\") {\n // If the access token is invalid, reset it and retry\n if (KnownErrors.InvalidAccessToken.isInstance(processedRes.error)) {\n if (!tokenObj) {\n throw new StackAssertionError(\"Received invalid access token, but session is not logged in\", { tokenObj, processedRes });\n }\n session.markAccessTokenExpired(tokenObj.accessToken);\n return Result.error(processedRes.error);\n }\n\n // Same for the admin access token\n // TODO HACK: Some of the backend hasn't been ported to use the new error codes, so if we have project owner tokens we need to check for ApiKeyNotFound too. Once the migration to smartRouteHandlers is complete, we can check for InvalidAdminAccessToken only.\n if (adminSession && (KnownErrors.InvalidAdminAccessToken.isInstance(processedRes.error) || KnownErrors.ApiKeyNotFound.isInstance(processedRes.error))) {\n if (!adminTokenObj) {\n throw new StackAssertionError(\"Received invalid admin access token, but admin session is not logged in\", { adminTokenObj, processedRes });\n }\n adminSession.markAccessTokenExpired(adminTokenObj.accessToken);\n return Result.error(processedRes.error);\n }\n\n // Known errors are client side errors, so except for the ones above they should not be retried\n // Hence, throw instead of returning an error\n throw processedRes.error;\n }\n\n\n const res = Object.assign(processedRes.data, {\n usedTokens: tokenObj,\n });\n if (res.ok) {\n return Result.ok(res);\n } else if (res.status === 429) {\n // Rate limited, so retry if we can\n const retryAfter = res.headers.get(\"Retry-After\");\n if (retryAfter !== null) {\n console.log(`Rate limited while sending request to ${url}. Will retry after ${retryAfter} seconds...`);\n await wait(Number(retryAfter) * 1000);\n return Result.error(new Error(`Rate limited, retrying after ${retryAfter} seconds`));\n }\n console.log(`Rate limited while sending request to ${url}, no retry-after header received. Retrying...`);\n return Result.error(new Error(\"Rate limited, no retry-after header received\"));\n } else {\n const error = await res.text();\n\n const errorObj = new StackAssertionError(`Failed to send request to ${url}: ${res.status} ${error}`, { request: params, res, path });\n\n if (res.status === 508 && error.includes(\"INFINITE_LOOP_DETECTED\")) {\n // Some Vercel deployments seem to have an odd infinite loop bug. In that case, retry.\n // See: https://github.com/stack-auth/stack-auth/issues/319\n return Result.error(errorObj);\n }\n\n // Do not retry, throw error instead of returning one\n throw errorObj;\n }\n }\n\n private async _processResponse(rawRes: Response): Promise<Result<Response, KnownError>> {\n let res = rawRes;\n if (rawRes.headers.has(\"x-stack-actual-status\")) {\n const actualStatus = Number(rawRes.headers.get(\"x-stack-actual-status\"));\n res = new Response(rawRes.body, {\n status: actualStatus,\n statusText: rawRes.statusText,\n headers: rawRes.headers,\n });\n }\n\n // Handle known errors\n if (res.headers.has(\"x-stack-known-error\")) {\n const errorJson = await res.json();\n if (res.headers.get(\"x-stack-known-error\") !== errorJson.code) {\n throw new StackAssertionError(\"Mismatch between x-stack-known-error header and error code in body; the server's response is invalid\");\n }\n const error = KnownError.fromJson(errorJson);\n return Result.error(error);\n }\n\n return Result.ok(res);\n }\n\n public async checkFeatureSupport(options: { featureName?: string } & ReadonlyJson): Promise<never> {\n const res = await this.sendClientRequest(\"/check-feature-support\", {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n body: JSON.stringify(options),\n }, null);\n\n throw new StackAssertionError(await res.text());\n }\n\n async sendForgotPasswordEmail(\n email: string,\n callbackUrl: string,\n ): Promise<Result<undefined, KnownErrors[\"UserNotFound\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/password/send-reset-code\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n email,\n callback_url: callbackUrl,\n }),\n },\n null,\n [KnownErrors.UserNotFound],\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(undefined);\n }\n }\n\n async sendVerificationEmail(\n email: string,\n callbackUrl: string,\n session: InternalSession\n ): Promise<KnownErrors[\"EmailAlreadyVerified\"] | undefined> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/contact-channels/send-verification-code\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n email,\n callback_url: callbackUrl,\n }),\n },\n session,\n [KnownErrors.EmailAlreadyVerified]\n );\n\n if (res.status === \"error\") {\n return res.error;\n }\n }\n\n async sendMagicLinkEmail(\n email: string,\n callbackUrl: string,\n ): Promise<Result<{ nonce: string }, KnownErrors[\"RedirectUrlNotWhitelisted\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/otp/send-sign-in-code\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n email,\n callback_url: callbackUrl,\n }),\n },\n null,\n [KnownErrors.RedirectUrlNotWhitelisted]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(await res.data.json());\n }\n }\n\n async resetPassword(\n options: { code: string } & ({ password: string } | { onlyVerifyCode: true })\n ): Promise<Result<undefined, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"onlyVerifyCode\" in options ? \"/auth/password/reset/check-code\" : \"/auth/password/reset\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n code: options.code,\n ...(\"password\" in options ? { password: options.password } : {}),\n }),\n },\n null,\n [KnownErrors.VerificationCodeError]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(undefined);\n }\n }\n\n async updatePassword(\n options: { oldPassword: string, newPassword: string },\n session: InternalSession\n ): Promise<KnownErrors[\"PasswordConfirmationMismatch\"] | KnownErrors[\"PasswordRequirementsNotMet\"] | undefined> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/password/update\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n old_password: options.oldPassword,\n new_password: options.newPassword,\n }),\n },\n session,\n [KnownErrors.PasswordConfirmationMismatch, KnownErrors.PasswordRequirementsNotMet]\n );\n\n if (res.status === \"error\") {\n return res.error;\n }\n }\n\n async setPassword(\n options: { password: string },\n session: InternalSession\n ): Promise<KnownErrors[\"PasswordRequirementsNotMet\"] | undefined> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/password/set\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify(options),\n },\n session,\n [KnownErrors.PasswordRequirementsNotMet]\n );\n\n if (res.status === \"error\") {\n return res.error;\n }\n }\n\n async verifyPasswordResetCode(code: string): Promise<Result<undefined, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.resetPassword({ code, onlyVerifyCode: true });\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(undefined);\n }\n }\n\n async verifyEmail(code: string): Promise<Result<undefined, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/contact-channels/verify\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n code,\n }),\n },\n null,\n [KnownErrors.VerificationCodeError]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(undefined);\n }\n }\n\n async initiatePasskeyRegistration(\n options: {},\n session: InternalSession\n ): Promise<Result<{ options_json: PublicKeyCredentialCreationOptionsJSON, code: string }, KnownErrors[]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/passkey/initiate-passkey-registration\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify(options),\n },\n session,\n []\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n return Result.ok(await res.data.json());\n }\n\n async registerPasskey(\n options: { credential: RegistrationResponseJSON, code: string },\n session: InternalSession\n ): Promise<Result<undefined, KnownErrors[\"PasskeyRegistrationFailed\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/passkey/register\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify(options),\n },\n session,\n [KnownErrors.PasskeyRegistrationFailed]\n );\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n return Result.ok(undefined);\n }\n\n async initiatePasskeyAuthentication(\n options: {\n },\n session: InternalSession\n ): Promise<Result<{ options_json: PublicKeyCredentialRequestOptionsJSON, code: string }, KnownErrors[]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/passkey/initiate-passkey-authentication\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify(options),\n },\n session,\n []\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n return Result.ok(await res.data.json());\n }\n\n async sendTeamInvitation(options: {\n email: string,\n teamId: string,\n callbackUrl: string,\n session: InternalSession,\n }): Promise<void> {\n await this.sendClientRequest(\n \"/team-invitations/send-code\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n email: options.email,\n team_id: options.teamId,\n callback_url: options.callbackUrl,\n }),\n },\n options.session,\n );\n }\n\n async acceptTeamInvitation<T extends 'use' | 'details' | 'check'>(options: {\n code: string,\n session: InternalSession,\n type: T,\n }): Promise<Result<T extends 'details' ? { team_display_name: string } : undefined, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n options.type === 'check' ?\n \"/team-invitations/accept/check-code\" :\n options.type === 'details' ?\n \"/team-invitations/accept/details\" :\n \"/team-invitations/accept\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n code: options.code,\n }),\n },\n options.session,\n [KnownErrors.VerificationCodeError]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(await res.data.json());\n }\n }\n\n async totpMfa(\n attemptCode: string,\n totp: string,\n session: InternalSession\n ) {\n const res = await this.sendClientRequest(\"/auth/mfa/sign-in\", {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n code: attemptCode,\n type: \"totp\",\n totp: totp,\n }),\n }, session);\n\n const result = await res.json();\n return {\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n newUser: result.is_new_user,\n };\n }\n\n async signInWithCredential(\n email: string,\n password: string,\n session: InternalSession\n ): Promise<Result<{ accessToken: string, refreshToken: string }, KnownErrors[\"EmailPasswordMismatch\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/password/sign-in\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n email,\n password,\n }),\n },\n session,\n [KnownErrors.EmailPasswordMismatch]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n });\n }\n\n async signUpWithCredential(\n email: string,\n password: string,\n emailVerificationRedirectUrl: string,\n session: InternalSession,\n ): Promise<Result<{ accessToken: string, refreshToken: string }, KnownErrors[\"UserWithEmailAlreadyExists\"] | KnownErrors[\"PasswordRequirementsNotMet\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/password/sign-up\",\n {\n headers: {\n \"Content-Type\": \"application/json\"\n },\n method: \"POST\",\n body: JSON.stringify({\n email,\n password,\n verification_callback_url: emailVerificationRedirectUrl,\n }),\n },\n session,\n [KnownErrors.UserWithEmailAlreadyExists, KnownErrors.PasswordRequirementsNotMet]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n });\n }\n\n async signUpAnonymously(session: InternalSession): Promise<Result<{ accessToken: string, refreshToken: string }, never>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/anonymous/sign-up\",\n {\n method: \"POST\",\n },\n session,\n [],\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n });\n }\n\n async signInWithMagicLink(code: string, session: InternalSession): Promise<Result<{ newUser: boolean, accessToken: string, refreshToken: string }, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/otp/sign-in\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n code,\n }),\n },\n session,\n [KnownErrors.VerificationCodeError]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n newUser: result.is_new_user,\n });\n }\n\n async signInWithMfa(totp: string, code: string, session: InternalSession): Promise<Result<{ newUser: boolean, accessToken: string, refreshToken: string }, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/mfa/sign-in\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n type: \"totp\",\n totp,\n code,\n }),\n },\n session,\n [KnownErrors.VerificationCodeError]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n newUser: result.is_new_user,\n });\n }\n\n async signInWithPasskey(body: { authentication_response: AuthenticationResponseJSON, code: string }, session: InternalSession): Promise<Result<{accessToken: string, refreshToken: string }, KnownErrors[\"PasskeyAuthenticationFailed\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/passkey/sign-in\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify(body),\n },\n session,\n [KnownErrors.PasskeyAuthenticationFailed]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n });\n }\n\n async getOAuthUrl(\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n afterCallbackRedirectUrl?: string,\n codeChallenge: string,\n state: string,\n type: \"authenticate\" | \"link\",\n providerScope?: string,\n session: InternalSession,\n }\n ): Promise<string> {\n const updatedRedirectUrl = new URL(options.redirectUrl);\n for (const key of [\"code\", \"state\"]) {\n if (updatedRedirectUrl.searchParams.has(key)) {\n console.warn(\"Redirect URL already contains \" + key + \" parameter, removing it as it will be overwritten by the OAuth callback\");\n }\n updatedRedirectUrl.searchParams.delete(key);\n }\n\n if (!('publishableClientKey' in this.options)) {\n // TODO fix\n throw new Error(\"Admin session token is currently not supported for OAuth\");\n }\n const url = new URL(this.getApiUrl() + \"/auth/oauth/authorize/\" + options.provider.toLowerCase());\n url.searchParams.set(\"client_id\", this.projectId);\n url.searchParams.set(\"client_secret\", this.options.publishableClientKey);\n url.searchParams.set(\"redirect_uri\", updatedRedirectUrl.toString());\n url.searchParams.set(\"scope\", \"legacy\");\n url.searchParams.set(\"state\", options.state);\n url.searchParams.set(\"grant_type\", \"authorization_code\");\n url.searchParams.set(\"code_challenge\", options.codeChallenge);\n url.searchParams.set(\"code_challenge_method\", \"S256\");\n url.searchParams.set(\"response_type\", \"code\");\n url.searchParams.set(\"type\", options.type);\n url.searchParams.set(\"error_redirect_url\", options.errorRedirectUrl);\n\n const tokens = await options.session.getOrFetchLikelyValidTokens(20_000);\n if (tokens) {\n url.searchParams.set(\"token\", tokens.accessToken.token);\n }\n\n if (options.afterCallbackRedirectUrl) {\n url.searchParams.set(\"after_callback_redirect_url\", options.afterCallbackRedirectUrl);\n }\n if (options.providerScope) {\n url.searchParams.set(\"provider_scope\", options.providerScope);\n }\n\n return url.toString();\n }\n\n async callOAuthCallback(options: {\n oauthParams: URLSearchParams,\n redirectUri: string,\n codeVerifier: string,\n state: string,\n }): Promise<{ newUser: boolean, afterCallbackRedirectUrl?: string, accessToken: string, refreshToken: string }> {\n if (!('publishableClientKey' in this.options)) {\n // TODO fix\n throw new Error(\"Admin session token is currently not supported for OAuth\");\n }\n const as = {\n issuer: this.options.getBaseUrl(),\n algorithm: 'oauth2',\n token_endpoint: this.getApiUrl() + '/auth/oauth/token',\n };\n const client: oauth.Client = {\n client_id: this.projectId,\n client_secret: this.options.publishableClientKey,\n token_endpoint_auth_method: 'client_secret_post',\n };\n const params = await this._networkRetryException(\n async () => oauth.validateAuthResponse(as, client, options.oauthParams, options.state),\n );\n if (oauth.isOAuth2Error(params)) {\n throw new StackAssertionError(\"Error validating outer OAuth response\", { params }); // Handle OAuth 2.0 redirect error\n }\n const response = await oauth.authorizationCodeGrantRequest(\n as,\n client,\n params,\n options.redirectUri,\n options.codeVerifier,\n );\n\n const result = await oauth.processAuthorizationCodeOAuth2Response(as, client, response);\n if (oauth.isOAuth2Error(result)) {\n if (\"code\" in result && result.code === \"MULTI_FACTOR_AUTHENTICATION_REQUIRED\") {\n throw new KnownErrors.MultiFactorAuthenticationRequired((result as any).details.attempt_code);\n }\n // TODO Handle OAuth 2.0 response body error\n throw new StackAssertionError(\"Outer OAuth error during authorization code response\", { result });\n }\n return {\n newUser: result.is_new_user as boolean,\n afterCallbackRedirectUrl: result.after_callback_redirect_url as string | undefined,\n accessToken: result.access_token,\n refreshToken: result.refresh_token ?? throwErr(\"Refresh token not found in outer OAuth response\"),\n };\n }\n\n async signOut(session: InternalSession): Promise<void> {\n const tokenObj = await session.getOrFetchLikelyValidTokens(20_000);\n if (tokenObj) {\n const resOrError = await this.sendClientRequestAndCatchKnownError(\n \"/auth/sessions/current\",\n {\n method: \"DELETE\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({}),\n },\n session,\n [KnownErrors.RefreshTokenError]\n );\n if (resOrError.status === \"error\") {\n if (KnownErrors.RefreshTokenError.isInstance(resOrError.error)) {\n // refresh token was already invalid, just continue like nothing happened\n } else {\n // this should never happen\n throw new StackAssertionError(\"Unexpected error\", { error: resOrError.error });\n }\n } else {\n // user was signed out successfully, all good\n }\n }\n session.markInvalid();\n }\n\n async getClientUserByToken(session: InternalSession): Promise<CurrentUserCrud[\"Client\"][\"Read\"] | null> {\n const responseOrError = await this.sendClientRequestAndCatchKnownError(\n \"/users/me\",\n {},\n session,\n [KnownErrors.CannotGetOwnUserWithoutUser],\n );\n if (responseOrError.status === \"error\") {\n if (KnownErrors.CannotGetOwnUserWithoutUser.isInstance(responseOrError.error)) {\n return null;\n } else {\n throw new StackAssertionError(\"Unexpected uncaught error\", { cause: responseOrError.error });\n }\n }\n const response = responseOrError.data;\n const user: CurrentUserCrud[\"Client\"][\"Read\"] = await response.json();\n if (!(user as any)) throw new StackAssertionError(\"User endpoint returned null; this should never happen\");\n return user;\n }\n\n async listTeamInvitations(\n options: {\n teamId: string,\n },\n session: InternalSession,\n ): Promise<TeamInvitationCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n \"/team-invitations?\" + new URLSearchParams({ team_id: options.teamId }),\n {},\n session,\n );\n const result = await response.json() as TeamInvitationCrud['Client']['List'];\n return result.items;\n }\n\n async revokeTeamInvitation(\n invitationId: string,\n teamId: string,\n session: InternalSession,\n ) {\n await this.sendClientRequest(\n `/team-invitations/${invitationId}?team_id=${teamId}`,\n { method: \"DELETE\" },\n session,\n );\n }\n\n async listTeamMemberProfiles(\n options: {\n teamId?: string,\n userId?: string,\n },\n session: InternalSession,\n ): Promise<TeamMemberProfilesCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n \"/team-member-profiles?\" + new URLSearchParams(filterUndefined({\n team_id: options.teamId,\n user_id: options.userId,\n })),\n {},\n session,\n );\n const result = await response.json() as TeamMemberProfilesCrud['Client']['List'];\n return result.items;\n }\n\n async getTeamMemberProfile(\n options: {\n teamId: string,\n userId: string,\n },\n session: InternalSession,\n ): Promise<TeamMemberProfilesCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n `/team-member-profiles/${options.teamId}/${options.userId}`,\n {},\n session,\n );\n return await response.json();\n }\n\n async leaveTeam(\n teamId: string,\n session: InternalSession,\n ) {\n await this.sendClientRequest(\n `/team-memberships/${teamId}/me`,\n {\n method: \"DELETE\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({}),\n },\n session,\n );\n }\n\n async updateTeamMemberProfile(\n options: {\n teamId: string,\n userId: string,\n profile: TeamMemberProfilesCrud['Client']['Update'],\n },\n session: InternalSession,\n ) {\n await this.sendClientRequest(\n `/team-member-profiles/${options.teamId}/${options.userId}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(options.profile),\n },\n session,\n );\n }\n\n async updateTeam(\n options: {\n teamId: string,\n data: TeamsCrud['Client']['Update'],\n },\n session: InternalSession,\n ) {\n await this.sendClientRequest(\n `/teams/${options.teamId}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(options.data),\n },\n session,\n );\n }\n\n async listCurrentUserTeamPermissions(\n options: {\n teamId: string,\n recursive: boolean,\n },\n session: InternalSession\n ): Promise<TeamPermissionsCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n `/team-permissions?team_id=${options.teamId}&user_id=me&recursive=${options.recursive}`,\n {},\n session,\n );\n const result = await response.json() as TeamPermissionsCrud['Client']['List'];\n return result.items;\n }\n\n async listCurrentUserProjectPermissions(\n options: {\n recursive: boolean,\n },\n session: InternalSession\n ): Promise<ProjectPermissionsCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n `/project-permissions?user_id=me&recursive=${options.recursive}`,\n {},\n session,\n );\n const result = await response.json() as ProjectPermissionsCrud['Client']['List'];\n return result.items;\n }\n\n async listCurrentUserTeams(session: InternalSession): Promise<TeamsCrud[\"Client\"][\"Read\"][]> {\n const response = await this.sendClientRequest(\n \"/teams?user_id=me\",\n {},\n session,\n );\n const result = await response.json() as TeamsCrud[\"Client\"][\"List\"];\n return result.items;\n }\n\n async getClientProject(): Promise<Result<ClientProjectsCrud['Client']['Read'], KnownErrors[\"ProjectNotFound\"]>> {\n const responseOrError = await this.sendClientRequestAndCatchKnownError(\"/projects/current\", {}, null, [KnownErrors.ProjectNotFound]);\n if (responseOrError.status === \"error\") {\n return Result.error(responseOrError.error);\n }\n const response = responseOrError.data;\n const project: ClientProjectsCrud['Client']['Read'] = await response.json();\n return Result.ok(project);\n }\n\n async updateClientUser(update: CurrentUserCrud[\"Client\"][\"Update\"], session: InternalSession) {\n await this.sendClientRequest(\n \"/users/me\",\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(update),\n },\n session,\n );\n }\n\n async listProjects(session: InternalSession): Promise<AdminUserProjectsCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\"/internal/projects\", {}, session);\n if (!response.ok) {\n throw new Error(\"Failed to list projects: \" + response.status + \" \" + (await response.text()));\n }\n\n const json = await response.json() as AdminUserProjectsCrud['Client']['List'];\n return json.items;\n }\n\n async createProject(\n project: AdminUserProjectsCrud['Client']['Create'],\n session: InternalSession,\n ): Promise<AdminUserProjectsCrud['Client']['Read']> {\n const fetchResponse = await this.sendClientRequest(\n \"/internal/projects\",\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(project),\n },\n session,\n );\n if (!fetchResponse.ok) {\n throw new Error(\"Failed to create project: \" + fetchResponse.status + \" \" + (await fetchResponse.text()));\n }\n\n const json = await fetchResponse.json();\n return json;\n }\n\n async createProviderAccessToken(\n provider: string,\n scope: string,\n session: InternalSession,\n ): Promise<ConnectedAccountAccessTokenCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n `/connected-accounts/me/${provider}/access-token`,\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({ scope }),\n },\n session,\n );\n return await response.json();\n }\n\n async createClientTeam(\n data: TeamsCrud['Client']['Create'],\n session: InternalSession,\n ): Promise<TeamsCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n \"/teams\",\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n );\n return await response.json();\n }\n\n async deleteTeam(\n teamId: string,\n session: InternalSession,\n ) {\n await this.sendClientRequest(\n `/teams/${teamId}`,\n {\n method: \"DELETE\",\n },\n session,\n );\n }\n\n async deleteCurrentUser(session: InternalSession) {\n await this.sendClientRequest(\n \"/users/me\",\n {\n method: \"DELETE\",\n },\n session,\n );\n }\n\n async createClientContactChannel(\n data: ContactChannelsCrud['Client']['Create'],\n session: InternalSession,\n ): Promise<ContactChannelsCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n \"/contact-channels\",\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n );\n return await response.json();\n }\n\n async updateClientContactChannel(\n id: string,\n data: ContactChannelsCrud['Client']['Update'],\n session: InternalSession,\n ): Promise<ContactChannelsCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n `/contact-channels/me/${id}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n );\n return await response.json();\n }\n\n async deleteClientContactChannel(\n id: string,\n session: InternalSession,\n ): Promise<void> {\n await this.sendClientRequest(\n `/contact-channels/me/${id}`,\n {\n method: \"DELETE\",\n },\n session,\n );\n }\n\n async deleteSession(\n sessionId: string,\n session: InternalSession,\n ): Promise<void> {\n await this.sendClientRequest(\n `/auth/sessions/${sessionId}?user_id=me`,\n {\n method: \"DELETE\",\n },\n session,\n );\n }\n\n async listSessions(\n session: InternalSession,\n ): Promise<SessionsCrud['Client']['List']> {\n const response = await this.sendClientRequest(\n \"/auth/sessions?user_id=me\",\n {\n method: \"GET\",\n },\n session,\n );\n return await response.json();\n }\n\n\n async listClientContactChannels(\n session: InternalSession,\n ): Promise<ContactChannelsCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n \"/contact-channels?user_id=me\",\n {\n method: \"GET\",\n },\n session,\n );\n const json = await response.json() as ContactChannelsCrud['Client']['List'];\n return json.items;\n }\n\n async sendCurrentUserContactChannelVerificationEmail(\n contactChannelId: string,\n callbackUrl: string,\n session: InternalSession,\n ): Promise<Result<undefined, KnownErrors[\"EmailAlreadyVerified\"]>> {\n const responseOrError = await this.sendClientRequestAndCatchKnownError(\n `/contact-channels/me/${contactChannelId}/send-verification-code`,\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({ callback_url: callbackUrl }),\n },\n session,\n [KnownErrors.EmailAlreadyVerified]\n );\n\n if (responseOrError.status === \"error\") {\n return Result.error(responseOrError.error);\n }\n return Result.ok(undefined);\n }\n\n async cliLogin(\n loginCode: string,\n refreshToken: string,\n session: InternalSession\n ): Promise<Result<undefined, KnownErrors[\"SchemaError\"]>> {\n const responseOrError = await this.sendClientRequestAndCatchKnownError(\n \"/auth/cli/complete\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n login_code: loginCode,\n refresh_token: refreshToken,\n }),\n },\n session,\n [KnownErrors.SchemaError]\n );\n\n if (responseOrError.status === \"error\") {\n return Result.error(responseOrError.error);\n }\n return Result.ok(undefined);\n }\n\n private async _getApiKeyRequestInfo(options: { user_id: string | null } | { team_id: string }) {\n if (\"user_id\" in options && \"team_id\" in options) {\n throw new StackAssertionError(\"Cannot specify both user_id and team_id in _getApiKeyRequestInfo\");\n }\n\n return {\n endpoint: \"team_id\" in options ? \"/team-api-keys\" : \"/user-api-keys\",\n queryParams: new URLSearchParams(filterUndefinedOrNull(options)),\n };\n }\n\n // API Keys CRUD operations\n listProjectApiKeys(options: { user_id: string }, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'][]>;\n listProjectApiKeys(options: { team_id: string }, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<TeamApiKeysCrud['Client']['Read'][]>;\n listProjectApiKeys(options: { user_id: string } | { team_id: string }, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<(UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read'])[]>;\n async listProjectApiKeys(\n options: { user_id: string } | { team_id: string },\n session: InternalSession | null,\n requestType: \"client\" | \"server\" | \"admin\",\n ): Promise<(UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read'])[]> {\n const sendRequest = (requestType === \"client\" ? this.sendClientRequest : (this as any).sendServerRequest as never).bind(this);\n const { endpoint, queryParams } = await this._getApiKeyRequestInfo(options);\n\n const response = await sendRequest(\n `${endpoint}?${queryParams.toString()}`,\n {\n method: \"GET\",\n },\n session,\n requestType,\n );\n const json = await response.json();\n return json.items;\n }\n\n createProjectApiKey(data: yup.InferType<typeof userApiKeysCreateInputSchema>, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<yup.InferType<typeof userApiKeysCreateOutputSchema>>;\n createProjectApiKey(data: yup.InferType<typeof teamApiKeysCreateInputSchema>, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<yup.InferType<typeof teamApiKeysCreateOutputSchema>>;\n createProjectApiKey(data: yup.InferType<typeof userApiKeysCreateInputSchema> | yup.InferType<typeof teamApiKeysCreateInputSchema>, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<yup.InferType<typeof userApiKeysCreateOutputSchema> | yup.InferType<typeof teamApiKeysCreateOutputSchema>>;\n async createProjectApiKey(\n data: yup.InferType<typeof userApiKeysCreateInputSchema> | yup.InferType<typeof teamApiKeysCreateInputSchema>,\n session: InternalSession | null,\n requestType: \"client\" | \"server\" | \"admin\",\n ): Promise<yup.InferType<typeof userApiKeysCreateOutputSchema> | yup.InferType<typeof teamApiKeysCreateOutputSchema>> {\n const sendRequest = (requestType === \"client\" ? this.sendClientRequest : (this as any).sendServerRequest as never).bind(this);\n const { endpoint } = await this._getApiKeyRequestInfo(data);\n\n const response = await sendRequest(\n `${endpoint}`,\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n requestType,\n );\n return await response.json();\n }\n\n getProjectApiKey(options: { user_id: string | null }, keyId: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read']>;\n getProjectApiKey(options: { team_id: string }, keyId: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<TeamApiKeysCrud['Client']['Read']>;\n getProjectApiKey(options: { user_id: string | null } | { team_id: string }, keyId: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read']>;\n async getProjectApiKey(\n options: { user_id: string | null } | { team_id: string },\n keyId: string,\n session: InternalSession | null,\n requestType: \"client\" | \"server\" | \"admin\",\n ): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read']> {\n const sendRequest = (requestType === \"client\" ? this.sendClientRequest : (this as any).sendServerRequest as never).bind(this);\n const { endpoint, queryParams } = await this._getApiKeyRequestInfo(options);\n\n const response = await sendRequest(\n `${endpoint}/${keyId}?${queryParams.toString()}`,\n {\n method: \"GET\",\n },\n session,\n requestType,\n );\n return await response.json();\n }\n\n updateProjectApiKey(options: { user_id: string }, keyId: string, data: UserApiKeysCrud['Client']['Update'], session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read']>;\n updateProjectApiKey(options: { team_id: string }, keyId: string, data: TeamApiKeysCrud['Client']['Update'], session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<TeamApiKeysCrud['Client']['Read']>;\n updateProjectApiKey(options: { user_id: string } | { team_id: string }, keyId: string, data: UserApiKeysCrud['Client']['Update'] | TeamApiKeysCrud['Client']['Update'], session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read']>;\n async updateProjectApiKey(\n options: { user_id: string } | { team_id: string },\n keyId: string,\n data: UserApiKeysCrud['Client']['Update'] | TeamApiKeysCrud['Client']['Update'],\n session: InternalSession | null,\n requestType: \"client\" | \"server\" | \"admin\",\n ): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read']> {\n const sendRequest = (requestType === \"client\" ? this.sendClientRequest : (this as any).sendServerRequest as never).bind(this);\n const { endpoint, queryParams } = await this._getApiKeyRequestInfo(options);\n\n const response = await sendRequest(\n `${endpoint}/${keyId}?${queryParams.toString()}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n requestType,\n );\n return await response.json();\n }\n\n checkProjectApiKey(type: \"user\", apiKey: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'] | null>;\n checkProjectApiKey(type: \"team\", apiKey: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<TeamApiKeysCrud['Client']['Read'] | null>;\n checkProjectApiKey(type: \"user\" | \"team\", apiKey: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read'] | null>;\n async checkProjectApiKey(type: \"user\" | \"team\", apiKey: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read'] | null> {\n const sendRequest = (requestType === \"client\" ? this.sendClientRequestAndCatchKnownError : (this as any).sendServerRequestAndCatchKnownError as never).bind(this);\n const result = await sendRequest(\n `/${type}-api-keys/check`,\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({ api_key: apiKey }),\n },\n session,\n [KnownErrors.ApiKeyNotValid]\n );\n if (result.status === \"error\") {\n return null;\n }\n return await result.data.json();\n }\n\n async listNotificationCategories(\n session: InternalSession,\n ): Promise<NotificationPreferenceCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n `/emails/notification-preference/me`,\n {},\n session,\n );\n const result = await response.json() as NotificationPreferenceCrud['Client']['List'];\n return result.items;\n }\n\n async setNotificationsEnabled(\n notificationCategoryId: string,\n enabled: boolean,\n session: InternalSession,\n ): Promise<void> {\n await this.sendClientRequest(\n `/emails/notification-preference/me/${notificationCategoryId}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({\n enabled,\n }),\n },\n session,\n );\n }\n\n async getOAuthProvider(\n userId: string,\n providerId: string,\n session: InternalSession,\n ): Promise<OAuthProviderCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n `/oauth-providers/${userId}/${providerId}`,\n {\n method: \"GET\",\n },\n session,\n );\n return await response.json();\n }\n\n async updateOAuthProvider(\n userId: string,\n providerId: string,\n data: OAuthProviderCrud['Client']['Update'],\n session: InternalSession,\n ): Promise<OAuthProviderCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n `/oauth-providers/${userId}/${providerId}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n );\n return await response.json();\n }\n\n async listOAuthProviders(\n options: {\n user_id?: string,\n } = {},\n session: InternalSession,\n ): Promise<OAuthProviderCrud['Client']['Read'][]> {\n const queryParams = new URLSearchParams(filterUndefined(options));\n const response = await this.sendClientRequest(\n `/oauth-providers${queryParams.toString() ? `?${queryParams.toString()}` : ''}`,\n {\n method: \"GET\",\n },\n session,\n );\n const result = await response.json();\n return result.items;\n }\n\n async deleteOAuthProvider(\n userId: string,\n providerId: string,\n session: InternalSession,\n ): Promise<void> {\n const response = await this.sendClientRequest(\n `/oauth-providers/${userId}/${providerId}`,\n {\n method: \"DELETE\",\n },\n session,\n );\n return await response.json();\n }\n\n async getItem(\n options: (\n { itemId: string, userId: string } |\n { itemId: string, teamId: string } |\n { itemId: string, customCustomerId: string }\n ),\n session: InternalSession | null,\n ): Promise<ItemCrud['Client']['Read']> {\n let customerType: \"user\" | \"team\" | \"custom\";\n let customerId: string;\n if (\"userId\" in options) {\n customerType = \"user\";\n customerId = options.userId;\n } else if (\"teamId\" in options) {\n customerType = \"team\";\n customerId = options.teamId;\n } else if (\"customCustomerId\" in options) {\n customerType = \"custom\";\n customerId = options.customCustomerId;\n } else {\n throw new StackAssertionError(\"getItem requires one of userId, teamId, or customCustomerId\");\n }\n\n const response = await this.sendClientRequest(\n urlString`/payments/items/${customerType}/${customerId}/${options.itemId}`,\n {},\n session,\n );\n return await response.json();\n }\n\n async createCheckoutUrl(\n customer_type: \"user\" | \"team\" | \"custom\",\n customer_id: string,\n offerIdOrInline: string | yup.InferType<typeof inlineOfferSchema>,\n session: InternalSession | null,\n ): Promise<string> {\n const offerBody = typeof offerIdOrInline === \"string\" ?\n { offer_id: offerIdOrInline } :\n { inline_offer: offerIdOrInline };\n const response = await this.sendClientRequest(\n \"/payments/purchases/create-purchase-url\",\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({ customer_type, customer_id, ...offerBody }),\n },\n session\n );\n const { url } = await response.json() as { url: string };\n return url;\n }\n}\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,YAAuB;AAGvB,0BAAwC;AAExC,sBAA2D;AAC3D,oBAA2C;AAC3C,oBAA8C;AAC9C,qBAA0B;AAC1B,kBAAyC;AAEzC,qBAAuD;AAEvD,sBAAqB;AACrB,qBAAuB;AACvB,qBAAyB;AACzB,kBAA0B;AA6BnB,IAAM,uBAAN,MAA2B;AAAA,EAChC,YAA4B,SAAiC;AAAjC;AAAA,EAE5B;AAAA,EAEA,IAAI,YAAY;AACd,WAAO,KAAK,QAAQ;AAAA,EACtB;AAAA,EAEA,YAAY;AACV,WAAO,KAAK,QAAQ,WAAW,IAAI;AAAA,EACrC;AAAA,EAEA,MAAa,sBAAsB,SAAkC,aAA6C;AAChH,UAAM,aAAa,OAAO,OAA4B;AACpD,UAAI;AACF,cAAM,GAAG;AACT,eAAO;AAAA,MACT,SAAS,GAAG;AACV,eAAO,GAAG,CAAC;AAAA,MACb;AAAA,IACF;AACA,UAAM,UAAU,MAAM,WAAW,YAAY;AAC3C,YAAM,MAAM,MAAM,MAAM,+BAA+B;AACvD,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,IAAI,MAAM,GAAG,IAAI,MAAM,IAAI,IAAI,UAAU,KAAK,MAAM,IAAI,KAAK,CAAC,EAAE;AAAA,MACxE;AAAA,IACF,CAAC;AACD,UAAM,UAAU,YAAY,UAAa,gBAAgB,SAAY,MAAM,WAAW,YAAY;AAChG,YAAM,MAAM,MAAM,KAAK,uBAAuB,KAAK,CAAC,GAAG,SAAU,WAAW;AAC5E,UAAI,IAAI,WAAW,SAAS;AAC1B,cAAM,IAAI;AAAA,MACZ;AAAA,IACF,CAAC,IAAI;AACL,UAAM,iBAAiB,MAAM,WAAW,YAAY;AAClD,YAAM,MAAM,MAAM,MAAM,IAAI,IAAI,WAAW,KAAK,UAAU,CAAC,CAAC;AAC5D,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,IAAI,MAAM,GAAG,IAAI,MAAM,IAAI,IAAI,UAAU,KAAK,MAAM,IAAI,KAAK,CAAC,EAAE;AAAA,MACxE;AAAA,IACF,CAAC;AACD,UAAM,gBAAgB,MAAM,WAAW,YAAY;AACjD,YAAM,MAAM,MAAM,MAAM,mCAAmC;AAC3D,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,IAAI,MAAM,GAAG,IAAI,MAAM,IAAI,IAAI,UAAU,KAAK,MAAM,IAAI,KAAK,CAAC,EAAE;AAAA,MACxE;AAAA,IACF,CAAC;AACD,UAAM,cAAc,MAAM,WAAW,YAAY;AAC/C,YAAM,MAAM,MAAM,MAAM,mCAAmC;AAC3D,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,IAAI,MAAM,GAAG,IAAI,MAAM,IAAI,IAAI,UAAU,KAAK,MAAM,IAAI,KAAK,CAAC,EAAE;AAAA,MACxE;AAAA,IACF,CAAC;AACD,WAAO;AAAA,MACL,qBAAqB,yBAAU,WAAW;AAAA,MAC1C;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAgB,oBAAoB,OAAc,SAAkC,aAA6C;AAC/H,WAAO,IAAI,MAAM;AAAA;AAAA;AAAA;AAAA;AAAA,QAKb,KAAK;AAAA;AAAA,QAEL,KAAK,UAAU,MAAM,KAAK,sBAAsB,SAAS,WAAW,GAAG,MAAM,CAAC,CAAC;AAAA,OAChF,EAAE,MAAa,CAAC;AAAA,EACrB;AAAA,EAEA,MAAgB,cAAiB,IAAmC,SAAkC,aAAyD;AAC7J,UAAM,gBAAgB,MAAM,sBAAO;AAAA,MACjC;AAAA,MACA;AAAA,MACA,EAAE,sBAAsB,IAAK;AAAA,IAC/B;AAGA,QAAI,cAAc,WAAW,SAAS;AACpC,UAAI,yBAAU,aAAa,yBAAU,UAAU,WAAW,OAAO;AAC/D,cAAM,IAAI,MAAM,4GAA4G,EAAE,OAAO,cAAc,MAAM,CAAC;AAAA,MAC5J;AACA,YAAM,MAAM,KAAK,oBAAoB,cAAc,OAAO,SAAS,WAAW;AAAA,IAChF;AACA,WAAO,cAAc;AAAA,EACvB;AAAA,EAEA,MAAgB,uBAA0B,IAAsB,SAAkC,aAAyD;AACzJ,WAAO,MAAM,KAAK,cAAc,YAAY,MAAM,sBAAO,kBAAkB,EAAE,GAAG,SAAS,WAAW;AAAA,EACtG;AAAA,EAEA,MAAa,oBAAoB,cAA4B;AAC3D,QAAI,EAAE,0BAA0B,KAAK,UAAU;AAE7C,YAAM,IAAI,MAAM,qJAAqJ;AAAA,IACvK;AAEA,UAAM,KAAK;AAAA,MACT,QAAQ,KAAK,QAAQ,WAAW;AAAA,MAChC,WAAW;AAAA,MACX,gBAAgB,KAAK,UAAU,IAAI;AAAA,IACrC;AACA,UAAM,SAAuB;AAAA,MAC3B,WAAW,KAAK;AAAA,MAChB,eAAe,KAAK,QAAQ;AAAA,MAC5B,4BAA4B;AAAA,IAC9B;AAEA,UAAM,cAAc,MAAM,KAAK;AAAA,MAC7B,YAAY,MAAY;AAAA,QACtB;AAAA,QACA;AAAA,QACA,aAAa;AAAA,MACf;AAAA,IACF;AACA,UAAM,WAAW,MAAM,KAAK,iBAAiB,WAAW;AAExD,QAAI,SAAS,WAAW,SAAS;AAC/B,YAAM,QAAQ,SAAS;AACvB,UAAI,gCAAY,kBAAkB,WAAW,KAAK,GAAG;AACnD,eAAO;AAAA,MACT;AACA,YAAM;AAAA,IACR;AAEA,QAAI,CAAC,SAAS,KAAK,IAAI;AACrB,YAAM,OAAO,MAAM,SAAS,KAAK,KAAK;AACtC,YAAM,IAAI,MAAM,yCAAyC,SAAS,MAAM,IAAI,IAAI,EAAE;AAAA,IACpF;AAEA,UAAM,SAAS,MAAY,kCAA4B,IAAI,QAAQ,SAAS,IAAI;AAChF,QAAU,oBAAc,MAAM,GAAG;AAE/B,YAAM,IAAI,kCAAoB,eAAe,EAAE,OAAO,CAAC;AAAA,IACzD;AAEA,QAAI,CAAC,OAAO,cAAc;AACxB,YAAM,IAAI,kCAAoB,mEAAmE;AAAA,IACnG;AAEA,WAAO,IAAI,4BAAY,OAAO,YAAY;AAAA,EAC5C;AAAA,EAEA,MAAa,kBACX,MACA,gBACA,SACA,cAA6C,UAC7C;AACA,gBAAY,KAAK,cAAc;AAAA,MAC7B,cAAc;AAAA,IAChB,CAAC;AAGD,WAAO,MAAM,KAAK;AAAA,MAChB,MAAM,KAAK,uBAAuB,MAAM,gBAAgB,SAAU,WAAW;AAAA,MAC7E;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEO,cAAc,SAAgH;AACnI,UAAM,UAAU,IAAI,gCAAgB;AAAA,MAClC,4BAA4B,OAAO,iBAAiB,MAAM,KAAK,oBAAoB,YAAY;AAAA,MAC/F,GAAG;AAAA,IACL,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAgB,oCACd,MACA,gBACA,kBACA,eASC;AACD,QAAI;AACF,aAAO,sBAAO,GAAG,MAAM,KAAK,kBAAkB,MAAM,gBAAgB,gBAAgB,CAAC;AAAA,IACvF,SAAS,GAAG;AACV,iBAAW,aAAa,eAAe;AACrC,YAAI,UAAU,WAAW,CAAC,GAAG;AAC3B,iBAAO,sBAAO,MAAM,CAAoB;AAAA,QAC1C;AAAA,MACF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAc,uBACZ,MACA,SACA,SACA,aAME;AAIF,QAAI,WAAW,MAAM,QAAQ,4BAA4B,GAAM;AAE/D,QAAI,eAAe,yBAAyB,KAAK,UAAU,KAAK,QAAQ,sBAAsB;AAC9F,QAAI,gBAAgB,eAAe,MAAM,aAAa,4BAA4B,GAAM,IAAI;AAG5F,UAAM,KAAK,QAAQ,iBAAiB;AAEpC,QAAI,MAAM,KAAK,UAAU,IAAI;AAC7B,QAAI,IAAI,SAAS,GAAG,GAAG;AACrB,YAAM,IAAI,MAAM,GAAG,EAAE;AAAA,IACvB;AACA,UAAM,SAAsB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAW1B,GAAI,mBAAmB,2BAAY,CAAC,IAAI;AAAA,QACtC,aAAa;AAAA,MACf;AAAA,MACA,GAAG;AAAA,MACH,SAAS;AAAA,QACP,iCAAiC;AAAA,QACjC,sBAAsB,KAAK;AAAA,QAC3B,uBAAuB;AAAA,QACvB,0BAA0B,KAAK,QAAQ;AAAA,QACvC,GAAI,WAAW;AAAA,UACb,wBAAwB,SAAS,YAAY;AAAA,QAC/C,IAAI,CAAC;AAAA,QACL,GAAI,UAAU,eAAe;AAAA,UAC3B,yBAAyB,SAAS,aAAa;AAAA,QACjD,IAAI,CAAC;AAAA,QACL,gCAAgC;AAAA,QAChC,GAAI,0BAA0B,KAAK,UAAU;AAAA,UAC3C,kCAAkC,KAAK,QAAQ;AAAA,QACjD,IAAI,CAAC;AAAA,QACL,GAAI,gBAAgB;AAAA,UAClB,8BAA8B,cAAc,YAAY;AAAA,QAC1D,IAAI,CAAC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,QASL,4BAAwB,0CAA2B;AAAA;AAAA,QAEnD,8BAA8B;AAAA,QAC9B,GAAG,KAAK,QAAQ;AAAA,QAChB,GAAG,QAAQ;AAAA,MACb;AAAA;AAAA;AAAA;AAAA,MAIA,GAAI,mBAAmB,2BAAY,CAAC,IAAI;AAAA,QACtC,OAAO;AAAA,MACT;AAAA,IACF;AAEA,QAAI;AACJ,QAAI;AACF,eAAS,MAAM,MAAM,KAAK,MAAM;AAAA,IAClC,SAAS,GAAG;AACV,UAAI,aAAa,WAAW;AAE1B,YAAI,yBAAc,OAAO,UAAU,KAAoB,EAAE,YAAY;AACnE,iBAAO,sBAAO,MAAM,CAAC;AAAA,QACvB,OAAO;AACL,gBAAM,MAAM,KAAK,oBAAoB,GAAG,SAAS,WAAW;AAAA,QAC9D;AAAA,MACF;AACA,YAAM;AAAA,IACR;AAEA,UAAM,eAAe,MAAM,KAAK,iBAAiB,MAAM;AACvD,QAAI,aAAa,WAAW,SAAS;AAEnC,UAAI,gCAAY,mBAAmB,WAAW,aAAa,KAAK,GAAG;AACjE,YAAI,CAAC,UAAU;AACb,gBAAM,IAAI,kCAAoB,+DAA+D,EAAE,UAAU,aAAa,CAAC;AAAA,QACzH;AACA,gBAAQ,uBAAuB,SAAS,WAAW;AACnD,eAAO,sBAAO,MAAM,aAAa,KAAK;AAAA,MACxC;AAIA,UAAI,iBAAiB,gCAAY,wBAAwB,WAAW,aAAa,KAAK,KAAK,gCAAY,eAAe,WAAW,aAAa,KAAK,IAAI;AACrJ,YAAI,CAAC,eAAe;AAClB,gBAAM,IAAI,kCAAoB,2EAA2E,EAAE,eAAe,aAAa,CAAC;AAAA,QAC1I;AACA,qBAAa,uBAAuB,cAAc,WAAW;AAC7D,eAAO,sBAAO,MAAM,aAAa,KAAK;AAAA,MACxC;AAIA,YAAM,aAAa;AAAA,IACrB;AAGA,UAAM,MAAM,OAAO,OAAO,aAAa,MAAM;AAAA,MAC3C,YAAY;AAAA,IACd,CAAC;AACD,QAAI,IAAI,IAAI;AACV,aAAO,sBAAO,GAAG,GAAG;AAAA,IACtB,WAAW,IAAI,WAAW,KAAK;AAE7B,YAAM,aAAa,IAAI,QAAQ,IAAI,aAAa;AAChD,UAAI,eAAe,MAAM;AACvB,gBAAQ,IAAI,yCAAyC,GAAG,sBAAsB,UAAU,aAAa;AACrG,kBAAM,sBAAK,OAAO,UAAU,IAAI,GAAI;AACpC,eAAO,sBAAO,MAAM,IAAI,MAAM,gCAAgC,UAAU,UAAU,CAAC;AAAA,MACrF;AACA,cAAQ,IAAI,yCAAyC,GAAG,+CAA+C;AACvG,aAAO,sBAAO,MAAM,IAAI,MAAM,8CAA8C,CAAC;AAAA,IAC/E,OAAO;AACL,YAAM,QAAQ,MAAM,IAAI,KAAK;AAE7B,YAAM,WAAW,IAAI,kCAAoB,6BAA6B,GAAG,KAAK,IAAI,MAAM,IAAI,KAAK,IAAI,EAAE,SAAS,QAAQ,KAAK,KAAK,CAAC;AAEnI,UAAI,IAAI,WAAW,OAAO,MAAM,SAAS,wBAAwB,GAAG;AAGlE,eAAO,sBAAO,MAAM,QAAQ;AAAA,MAC9B;AAGA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAc,iBAAiB,QAAyD;AACtF,QAAI,MAAM;AACV,QAAI,OAAO,QAAQ,IAAI,uBAAuB,GAAG;AAC/C,YAAM,eAAe,OAAO,OAAO,QAAQ,IAAI,uBAAuB,CAAC;AACvE,YAAM,IAAI,SAAS,OAAO,MAAM;AAAA,QAC9B,QAAQ;AAAA,QACR,YAAY,OAAO;AAAA,QACnB,SAAS,OAAO;AAAA,MAClB,CAAC;AAAA,IACH;AAGA,QAAI,IAAI,QAAQ,IAAI,qBAAqB,GAAG;AAC1C,YAAM,YAAY,MAAM,IAAI,KAAK;AACjC,UAAI,IAAI,QAAQ,IAAI,qBAAqB,MAAM,UAAU,MAAM;AAC7D,cAAM,IAAI,kCAAoB,sGAAsG;AAAA,MACtI;AACA,YAAM,QAAQ,+BAAW,SAAS,SAAS;AAC3C,aAAO,sBAAO,MAAM,KAAK;AAAA,IAC3B;AAEA,WAAO,sBAAO,GAAG,GAAG;AAAA,EACtB;AAAA,EAEA,MAAa,oBAAoB,SAAkE;AACjG,UAAM,MAAM,MAAM,KAAK,kBAAkB,0BAA0B;AAAA,MACjE,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU,OAAO;AAAA,IAC9B,GAAG,IAAI;AAEP,UAAM,IAAI,kCAAoB,MAAM,IAAI,KAAK,CAAC;AAAA,EAChD;AAAA,EAEA,MAAM,wBACJ,OACA,aACyD;AACzD,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,UACA,cAAc;AAAA,QAChB,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,YAAY;AAAA,IAC3B;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAS;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,sBACJ,OACA,aACA,SAC0D;AAC1D,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,UACA,cAAc;AAAA,QAChB,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,oBAAoB;AAAA,IACnC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,IAAI;AAAA,IACb;AAAA,EACF;AAAA,EAEA,MAAM,mBACJ,OACA,aAC8E;AAC9E,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,UACA,cAAc;AAAA,QAChB,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,yBAAyB;AAAA,IACxC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAM,IAAI,KAAK,KAAK,CAAC;AAAA,IACxC;AAAA,EACF;AAAA,EAEA,MAAM,cACJ,SACkE;AAClE,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB,oBAAoB,UAAU,oCAAoC;AAAA,MAClE;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,MAAM,QAAQ;AAAA,UACd,GAAI,cAAc,UAAU,EAAE,UAAU,QAAQ,SAAS,IAAI,CAAC;AAAA,QAChE,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAS;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,eACJ,SACA,SAC8G;AAC9G,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,cAAc,QAAQ;AAAA,UACtB,cAAc,QAAQ;AAAA,QACxB,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,8BAA8B,gCAAY,0BAA0B;AAAA,IACnF;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,IAAI;AAAA,IACb;AAAA,EACF;AAAA,EAEA,MAAM,YACJ,SACA,SACgE;AAChE,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,0BAA0B;AAAA,IACzC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,IAAI;AAAA,IACb;AAAA,EACF;AAAA,EAEA,MAAM,wBAAwB,MAAgF;AAC5G,UAAM,MAAM,MAAM,KAAK,cAAc,EAAE,MAAM,gBAAgB,KAAK,CAAC;AACnE,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAS;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,MAAgF;AAChG,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,QACF,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAS;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,4BACJ,SACA,SACwG;AACxG,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B;AAAA,MACA;AAAA,MACA,CAAC;AAAA,IACH;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,WAAO,sBAAO,GAAG,MAAM,IAAI,KAAK,KAAK,CAAC;AAAA,EACxC;AAAA,EAEA,MAAM,gBACJ,SACA,SACsE;AACtE,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,yBAAyB;AAAA,IACxC;AACA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AACA,WAAO,sBAAO,GAAG,MAAS;AAAA,EAC5B;AAAA,EAEA,MAAM,8BACJ,SAEA,SACuG;AACvG,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B;AAAA,MACA;AAAA,MACA,CAAC;AAAA,IACH;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,WAAO,sBAAO,GAAG,MAAM,IAAI,KAAK,KAAK,CAAC;AAAA,EACxC;AAAA,EAEA,MAAM,mBAAmB,SAKP;AAChB,UAAM,KAAK;AAAA,MACT;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,OAAO,QAAQ;AAAA,UACf,SAAS,QAAQ;AAAA,UACjB,cAAc,QAAQ;AAAA,QACxB,CAAC;AAAA,MACH;AAAA,MACA,QAAQ;AAAA,IACV;AAAA,EACF;AAAA,EAEA,MAAM,qBAA4D,SAIyD;AACzH,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB,QAAQ,SAAS,UACf,wCACA,QAAQ,SAAS,YACf,qCACA;AAAA,MACJ;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,MAAM,QAAQ;AAAA,QAChB,CAAC;AAAA,MACH;AAAA,MACA,QAAQ;AAAA,MACR,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAM,IAAI,KAAK,KAAK,CAAC;AAAA,IACxC;AAAA,EACF;AAAA,EAEA,MAAM,QACJ,aACA,MACA,SACA;AACA,UAAM,MAAM,MAAM,KAAK,kBAAkB,qBAAqB;AAAA,MAC5D,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB,MAAM;AAAA,QACN,MAAM;AAAA,QACN;AAAA,MACF,CAAC;AAAA,IACH,GAAG,OAAO;AAEV,UAAM,SAAS,MAAM,IAAI,KAAK;AAC9B,WAAO;AAAA,MACL,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,MACrB,SAAS,OAAO;AAAA,IAClB;AAAA,EACF;AAAA,EAEA,MAAM,qBACJ,OACA,UACA,SACsG;AACtG,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,UACA;AAAA,QACF,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,IACvB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBACJ,OACA,UACA,8BACA,SACuJ;AACvJ,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,UACA;AAAA,UACA,2BAA2B;AAAA,QAC7B,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,4BAA4B,gCAAY,0BAA0B;AAAA,IACjF;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,IACvB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,kBAAkB,SAAiG;AACvH,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,MACA,CAAC;AAAA,IACH;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,IACvB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,oBAAoB,MAAc,SAAkJ;AACxL,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,QACF,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,MACrB,SAAS,OAAO;AAAA,IAClB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,cAAc,MAAc,MAAc,SAAkJ;AAChM,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,MAAM;AAAA,UACN;AAAA,UACA;AAAA,QACF,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,MACrB,SAAS,OAAO;AAAA,IAClB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,kBAAkB,MAA6E,SAAqI;AACxO,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,2BAA2B;AAAA,IAC1C;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,IACvB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,YACJ,SAWiB;AACjB,UAAM,qBAAqB,IAAI,IAAI,QAAQ,WAAW;AACtD,eAAW,OAAO,CAAC,QAAQ,OAAO,GAAG;AACnC,UAAI,mBAAmB,aAAa,IAAI,GAAG,GAAG;AAC5C,gBAAQ,KAAK,mCAAmC,MAAM,yEAAyE;AAAA,MACjI;AACA,yBAAmB,aAAa,OAAO,GAAG;AAAA,IAC5C;AAEA,QAAI,EAAE,0BAA0B,KAAK,UAAU;AAE7C,YAAM,IAAI,MAAM,0DAA0D;AAAA,IAC5E;AACA,UAAM,MAAM,IAAI,IAAI,KAAK,UAAU,IAAI,2BAA2B,QAAQ,SAAS,YAAY,CAAC;AAChG,QAAI,aAAa,IAAI,aAAa,KAAK,SAAS;AAChD,QAAI,aAAa,IAAI,iBAAiB,KAAK,QAAQ,oBAAoB;AACvE,QAAI,aAAa,IAAI,gBAAgB,mBAAmB,SAAS,CAAC;AAClE,QAAI,aAAa,IAAI,SAAS,QAAQ;AACtC,QAAI,aAAa,IAAI,SAAS,QAAQ,KAAK;AAC3C,QAAI,aAAa,IAAI,cAAc,oBAAoB;AACvD,QAAI,aAAa,IAAI,kBAAkB,QAAQ,aAAa;AAC5D,QAAI,aAAa,IAAI,yBAAyB,MAAM;AACpD,QAAI,aAAa,IAAI,iBAAiB,MAAM;AAC5C,QAAI,aAAa,IAAI,QAAQ,QAAQ,IAAI;AACzC,QAAI,aAAa,IAAI,sBAAsB,QAAQ,gBAAgB;AAEnE,UAAM,SAAS,MAAM,QAAQ,QAAQ,4BAA4B,GAAM;AACvE,QAAI,QAAQ;AACV,UAAI,aAAa,IAAI,SAAS,OAAO,YAAY,KAAK;AAAA,IACxD;AAEA,QAAI,QAAQ,0BAA0B;AACpC,UAAI,aAAa,IAAI,+BAA+B,QAAQ,wBAAwB;AAAA,IACtF;AACA,QAAI,QAAQ,eAAe;AACzB,UAAI,aAAa,IAAI,kBAAkB,QAAQ,aAAa;AAAA,IAC9D;AAEA,WAAO,IAAI,SAAS;AAAA,EACtB;AAAA,EAEA,MAAM,kBAAkB,SAKwF;AAC9G,QAAI,EAAE,0BAA0B,KAAK,UAAU;AAE7C,YAAM,IAAI,MAAM,0DAA0D;AAAA,IAC5E;AACA,UAAM,KAAK;AAAA,MACT,QAAQ,KAAK,QAAQ,WAAW;AAAA,MAChC,WAAW;AAAA,MACX,gBAAgB,KAAK,UAAU,IAAI;AAAA,IACrC;AACA,UAAM,SAAuB;AAAA,MAC3B,WAAW,KAAK;AAAA,MAChB,eAAe,KAAK,QAAQ;AAAA,MAC5B,4BAA4B;AAAA,IAC9B;AACA,UAAM,SAAS,MAAM,KAAK;AAAA,MACxB,YAAkB,2BAAqB,IAAI,QAAQ,QAAQ,aAAa,QAAQ,KAAK;AAAA,IACvF;AACA,QAAU,oBAAc,MAAM,GAAG;AAC/B,YAAM,IAAI,kCAAoB,yCAAyC,EAAE,OAAO,CAAC;AAAA,IACnF;AACA,UAAM,WAAW,MAAY;AAAA,MAC3B;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,MACR,QAAQ;AAAA,IACV;AAEA,UAAM,SAAS,MAAY,6CAAuC,IAAI,QAAQ,QAAQ;AACtF,QAAU,oBAAc,MAAM,GAAG;AAC/B,UAAI,UAAU,UAAU,OAAO,SAAS,wCAAwC;AAC9E,cAAM,IAAI,gCAAY,kCAAmC,OAAe,QAAQ,YAAY;AAAA,MAC9F;AAEA,YAAM,IAAI,kCAAoB,wDAAwD,EAAE,OAAO,CAAC;AAAA,IAClG;AACA,WAAO;AAAA,MACL,SAAS,OAAO;AAAA,MAChB,0BAA0B,OAAO;AAAA,MACjC,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO,qBAAiB,wBAAS,iDAAiD;AAAA,IAClG;AAAA,EACF;AAAA,EAEA,MAAM,QAAQ,SAAyC;AACrD,UAAM,WAAW,MAAM,QAAQ,4BAA4B,GAAM;AACjE,QAAI,UAAU;AACZ,YAAM,aAAa,MAAM,KAAK;AAAA,QAC5B;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,SAAS;AAAA,YACP,gBAAgB;AAAA,UAClB;AAAA,UACA,MAAM,KAAK,UAAU,CAAC,CAAC;AAAA,QACzB;AAAA,QACA;AAAA,QACA,CAAC,gCAAY,iBAAiB;AAAA,MAChC;AACA,UAAI,WAAW,WAAW,SAAS;AACjC,YAAI,gCAAY,kBAAkB,WAAW,WAAW,KAAK,GAAG;AAAA,QAEhE,OAAO;AAEL,gBAAM,IAAI,kCAAoB,oBAAoB,EAAE,OAAO,WAAW,MAAM,CAAC;AAAA,QAC/E;AAAA,MACF,OAAO;AAAA,MAEP;AAAA,IACF;AACA,YAAQ,YAAY;AAAA,EACtB;AAAA,EAEA,MAAM,qBAAqB,SAA6E;AACtG,UAAM,kBAAkB,MAAM,KAAK;AAAA,MACjC;AAAA,MACA,CAAC;AAAA,MACD;AAAA,MACA,CAAC,gCAAY,2BAA2B;AAAA,IAC1C;AACA,QAAI,gBAAgB,WAAW,SAAS;AACtC,UAAI,gCAAY,4BAA4B,WAAW,gBAAgB,KAAK,GAAG;AAC7E,eAAO;AAAA,MACT,OAAO;AACL,cAAM,IAAI,kCAAoB,6BAA6B,EAAE,OAAO,gBAAgB,MAAM,CAAC;AAAA,MAC7F;AAAA,IACF;AACA,UAAM,WAAW,gBAAgB;AACjC,UAAM,OAA0C,MAAM,SAAS,KAAK;AACpE,QAAI,CAAE,KAAc,OAAM,IAAI,kCAAoB,uDAAuD;AACzG,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,oBACJ,SAGA,SACiD;AACjD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,uBAAuB,IAAI,gBAAgB,EAAE,SAAS,QAAQ,OAAO,CAAC;AAAA,MACtE,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,qBACJ,cACA,QACA,SACA;AACA,UAAM,KAAK;AAAA,MACT,qBAAqB,YAAY,YAAY,MAAM;AAAA,MACnD,EAAE,QAAQ,SAAS;AAAA,MACnB;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,uBACJ,SAIA,SACqD;AACrD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,2BAA2B,IAAI,oBAAgB,gCAAgB;AAAA,QAC7D,SAAS,QAAQ;AAAA,QACjB,SAAS,QAAQ;AAAA,MACnB,CAAC,CAAC;AAAA,MACF,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,qBACJ,SAIA,SACmD;AACnD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,yBAAyB,QAAQ,MAAM,IAAI,QAAQ,MAAM;AAAA,MACzD,CAAC;AAAA,MACD;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,UACJ,QACA,SACA;AACA,UAAM,KAAK;AAAA,MACT,qBAAqB,MAAM;AAAA,MAC3B;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,CAAC,CAAC;AAAA,MACzB;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,wBACJ,SAKA,SACA;AACA,UAAM,KAAK;AAAA,MACT,yBAAyB,QAAQ,MAAM,IAAI,QAAQ,MAAM;AAAA,MACzD;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,QAAQ,OAAO;AAAA,MACtC;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,WACJ,SAIA,SACA;AACA,UAAM,KAAK;AAAA,MACT,UAAU,QAAQ,MAAM;AAAA,MACxB;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,QAAQ,IAAI;AAAA,MACnC;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,+BACJ,SAIA,SACkD;AAClD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,6BAA6B,QAAQ,MAAM,yBAAyB,QAAQ,SAAS;AAAA,MACrF,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,kCACJ,SAGA,SACqD;AACrD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,6CAA6C,QAAQ,SAAS;AAAA,MAC9D,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,qBAAqB,SAAkE;AAC3F,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,mBAA0G;AAC9G,UAAM,kBAAkB,MAAM,KAAK,oCAAoC,qBAAqB,CAAC,GAAG,MAAM,CAAC,gCAAY,eAAe,CAAC;AACnI,QAAI,gBAAgB,WAAW,SAAS;AACtC,aAAO,sBAAO,MAAM,gBAAgB,KAAK;AAAA,IAC3C;AACA,UAAM,WAAW,gBAAgB;AACjC,UAAM,UAAgD,MAAM,SAAS,KAAK;AAC1E,WAAO,sBAAO,GAAG,OAAO;AAAA,EAC1B;AAAA,EAEA,MAAM,iBAAiB,QAA6C,SAA0B;AAC5F,UAAM,KAAK;AAAA,MACT;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,MAAM;AAAA,MAC7B;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,aAAa,SAA8E;AAC/F,UAAM,WAAW,MAAM,KAAK,kBAAkB,sBAAsB,CAAC,GAAG,OAAO;AAC/E,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,MAAM,8BAA8B,SAAS,SAAS,MAAO,MAAM,SAAS,KAAK,CAAE;AAAA,IAC/F;AAEA,UAAM,OAAO,MAAM,SAAS,KAAK;AACjC,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,cACJ,SACA,SACkD;AAClD,UAAM,gBAAgB,MAAM,KAAK;AAAA,MAC/B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B;AAAA,MACA;AAAA,IACF;AACA,QAAI,CAAC,cAAc,IAAI;AACrB,YAAM,IAAI,MAAM,+BAA+B,cAAc,SAAS,MAAO,MAAM,cAAc,KAAK,CAAE;AAAA,IAC1G;AAEA,UAAM,OAAO,MAAM,cAAc,KAAK;AACtC,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,0BACJ,UACA,OACA,SAC4D;AAC5D,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,0BAA0B,QAAQ;AAAA,MAClC;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,MAAM,CAAC;AAAA,MAChC;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,iBACJ,MACA,SACsC;AACtC,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,WACJ,QACA,SACA;AACA,UAAM,KAAK;AAAA,MACT,UAAU,MAAM;AAAA,MAChB;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,SAA0B;AAChD,UAAM,KAAK;AAAA,MACT;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,2BACJ,MACA,SACgD;AAChD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,2BACJ,IACA,MACA,SACgD;AAChD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,wBAAwB,EAAE;AAAA,MAC1B;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,2BACJ,IACA,SACe;AACf,UAAM,KAAK;AAAA,MACT,wBAAwB,EAAE;AAAA,MAC1B;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,cACJ,WACA,SACe;AACf,UAAM,KAAK;AAAA,MACT,kBAAkB,SAAS;AAAA,MAC3B;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,aACJ,SACyC;AACzC,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAGA,MAAM,0BACJ,SACkD;AAClD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AACA,UAAM,OAAO,MAAM,SAAS,KAAK;AACjC,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,+CACJ,kBACA,aACA,SACiE;AACjE,UAAM,kBAAkB,MAAM,KAAK;AAAA,MACjC,wBAAwB,gBAAgB;AAAA,MACxC;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,cAAc,YAAY,CAAC;AAAA,MACpD;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,oBAAoB;AAAA,IACnC;AAEA,QAAI,gBAAgB,WAAW,SAAS;AACtC,aAAO,sBAAO,MAAM,gBAAgB,KAAK;AAAA,IAC3C;AACA,WAAO,sBAAO,GAAG,MAAS;AAAA,EAC5B;AAAA,EAEA,MAAM,SACJ,WACA,cACA,SACwD;AACxD,UAAM,kBAAkB,MAAM,KAAK;AAAA,MACjC;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,YAAY;AAAA,UACZ,eAAe;AAAA,QACjB,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,WAAW;AAAA,IAC1B;AAEA,QAAI,gBAAgB,WAAW,SAAS;AACtC,aAAO,sBAAO,MAAM,gBAAgB,KAAK;AAAA,IAC3C;AACA,WAAO,sBAAO,GAAG,MAAS;AAAA,EAC5B;AAAA,EAEA,MAAc,sBAAsB,SAA2D;AAC7F,QAAI,aAAa,WAAW,aAAa,SAAS;AAChD,YAAM,IAAI,kCAAoB,kEAAkE;AAAA,IAClG;AAEA,WAAO;AAAA,MACL,UAAU,aAAa,UAAU,mBAAmB;AAAA,MACpD,aAAa,IAAI,oBAAgB,sCAAsB,OAAO,CAAC;AAAA,IACjE;AAAA,EACF;AAAA,EAMA,MAAM,mBACJ,SACA,SACA,aACoF;AACpF,UAAM,eAAe,gBAAgB,WAAW,KAAK,oBAAqB,KAAa,mBAA4B,KAAK,IAAI;AAC5H,UAAM,EAAE,UAAU,YAAY,IAAI,MAAM,KAAK,sBAAsB,OAAO;AAE1E,UAAM,WAAW,MAAM;AAAA,MACrB,GAAG,QAAQ,IAAI,YAAY,SAAS,CAAC;AAAA,MACrC;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AACA,UAAM,OAAO,MAAM,SAAS,KAAK;AACjC,WAAO,KAAK;AAAA,EACd;AAAA,EAKA,MAAM,oBACJ,MACA,SACA,aACoH;AACpH,UAAM,eAAe,gBAAgB,WAAW,KAAK,oBAAqB,KAAa,mBAA4B,KAAK,IAAI;AAC5H,UAAM,EAAE,SAAS,IAAI,MAAM,KAAK,sBAAsB,IAAI;AAE1D,UAAM,WAAW,MAAM;AAAA,MACrB,GAAG,QAAQ;AAAA,MACX;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAKA,MAAM,iBACJ,SACA,OACA,SACA,aACgF;AAChF,UAAM,eAAe,gBAAgB,WAAW,KAAK,oBAAqB,KAAa,mBAA4B,KAAK,IAAI;AAC5H,UAAM,EAAE,UAAU,YAAY,IAAI,MAAM,KAAK,sBAAsB,OAAO;AAE1E,UAAM,WAAW,MAAM;AAAA,MACrB,GAAG,QAAQ,IAAI,KAAK,IAAI,YAAY,SAAS,CAAC;AAAA,MAC9C;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAKA,MAAM,oBACJ,SACA,OACA,MACA,SACA,aACgF;AAChF,UAAM,eAAe,gBAAgB,WAAW,KAAK,oBAAqB,KAAa,mBAA4B,KAAK,IAAI;AAC5H,UAAM,EAAE,UAAU,YAAY,IAAI,MAAM,KAAK,sBAAsB,OAAO;AAE1E,UAAM,WAAW,MAAM;AAAA,MACrB,GAAG,QAAQ,IAAI,KAAK,IAAI,YAAY,SAAS,CAAC;AAAA,MAC9C;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAKA,MAAM,mBAAmB,MAAuB,QAAgB,SAAiC,aAAmI;AAClO,UAAM,eAAe,gBAAgB,WAAW,KAAK,sCAAuC,KAAa,qCAA8C,KAAK,IAAI;AAChK,UAAM,SAAS,MAAM;AAAA,MACnB,IAAI,IAAI;AAAA,MACR;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,SAAS,OAAO,CAAC;AAAA,MAC1C;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,cAAc;AAAA,IAC7B;AACA,QAAI,OAAO,WAAW,SAAS;AAC7B,aAAO;AAAA,IACT;AACA,WAAO,MAAM,OAAO,KAAK,KAAK;AAAA,EAChC;AAAA,EAEA,MAAM,2BACJ,SACyD;AACzD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,wBACJ,wBACA,SACA,SACe;AACf,UAAM,KAAK;AAAA,MACT,sCAAsC,sBAAsB;AAAA,MAC5D;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,QACF,CAAC;AAAA,MACH;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,iBACJ,QACA,YACA,SAC8C;AAC9C,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,oBAAoB,MAAM,IAAI,UAAU;AAAA,MACxC;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,oBACJ,QACA,YACA,MACA,SAC8C;AAC9C,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,oBAAoB,MAAM,IAAI,UAAU;AAAA,MACxC;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,mBACJ,UAEI,CAAC,GACL,SACgD;AAChD,UAAM,cAAc,IAAI,oBAAgB,gCAAgB,OAAO,CAAC;AAChE,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,mBAAmB,YAAY,SAAS,IAAI,IAAI,YAAY,SAAS,CAAC,KAAK,EAAE;AAAA,MAC7E;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,oBACJ,QACA,YACA,SACe;AACf,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,oBAAoB,MAAM,IAAI,UAAU;AAAA,MACxC;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,QACJ,SAKA,SACqC;AACrC,QAAI;AACJ,QAAI;AACJ,QAAI,YAAY,SAAS;AACvB,qBAAe;AACf,mBAAa,QAAQ;AAAA,IACvB,WAAW,YAAY,SAAS;AAC9B,qBAAe;AACf,mBAAa,QAAQ;AAAA,IACvB,WAAW,sBAAsB,SAAS;AACxC,qBAAe;AACf,mBAAa,QAAQ;AAAA,IACvB,OAAO;AACL,YAAM,IAAI,kCAAoB,6DAA6D;AAAA,IAC7F;AAEA,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,wCAA4B,YAAY,IAAI,UAAU,IAAI,QAAQ,MAAM;AAAA,MACxE,CAAC;AAAA,MACD;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,kBACJ,eACA,aACA,iBACA,SACiB;AACjB,UAAM,YAAY,OAAO,oBAAoB,WAC3C,EAAE,UAAU,gBAAgB,IAC5B,EAAE,cAAc,gBAAgB;AAClC,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,eAAe,aAAa,GAAG,UAAU,CAAC;AAAA,MACnE;AAAA,MACA;AAAA,IACF;AACA,UAAM,EAAE,IAAI,IAAI,MAAM,SAAS,KAAK;AACpC,WAAO;AAAA,EACT;AACF;","names":[]}
1
+ {"version":3,"sources":["../../src/interface/client-interface.ts"],"sourcesContent":["import * as oauth from 'oauth4webapi';\n\nimport * as yup from 'yup';\nimport { KnownError, KnownErrors } from '../known-errors';\nimport { inlineOfferSchema } from '../schema-fields';\nimport { AccessToken, InternalSession, RefreshToken } from '../sessions';\nimport { generateSecureRandomString } from '../utils/crypto';\nimport { StackAssertionError, throwErr } from '../utils/errors';\nimport { globalVar } from '../utils/globals';\nimport { HTTP_METHODS, HttpMethod } from '../utils/http';\nimport { ReadonlyJson } from '../utils/json';\nimport { filterUndefined, filterUndefinedOrNull } from '../utils/objects';\nimport { AuthenticationResponseJSON, PublicKeyCredentialCreationOptionsJSON, PublicKeyCredentialRequestOptionsJSON, RegistrationResponseJSON } from '../utils/passkey';\nimport { wait } from '../utils/promises';\nimport { Result } from \"../utils/results\";\nimport { deindent } from '../utils/strings';\nimport { urlString } from '../utils/urls';\nimport { ConnectedAccountAccessTokenCrud } from './crud/connected-accounts';\nimport { ContactChannelsCrud } from './crud/contact-channels';\nimport { CurrentUserCrud } from './crud/current-user';\nimport { ItemCrud } from './crud/items';\nimport { NotificationPreferenceCrud } from './crud/notification-preferences';\nimport { OAuthProviderCrud } from './crud/oauth-providers';\nimport { TeamApiKeysCrud, UserApiKeysCrud, teamApiKeysCreateInputSchema, teamApiKeysCreateOutputSchema, userApiKeysCreateInputSchema, userApiKeysCreateOutputSchema } from './crud/project-api-keys';\nimport { ProjectPermissionsCrud } from './crud/project-permissions';\nimport { AdminUserProjectsCrud, ClientProjectsCrud } from './crud/projects';\nimport { SessionsCrud } from './crud/sessions';\nimport { TeamInvitationCrud } from './crud/team-invitation';\nimport { TeamMemberProfilesCrud } from './crud/team-member-profiles';\nimport { TeamPermissionsCrud } from './crud/team-permissions';\nimport { TeamsCrud } from './crud/teams';\n\nexport type ClientInterfaceOptions = {\n clientVersion: string,\n // This is a function instead of a string because it might be different based on the environment (for example client vs server)\n getBaseUrl: () => string,\n extraRequestHeaders: Record<string, string>,\n projectId: string,\n prepareRequest?: () => Promise<void>,\n} & ({\n publishableClientKey: string,\n} | {\n projectOwnerSession: InternalSession,\n});\n\nexport class StackClientInterface {\n constructor(public readonly options: ClientInterfaceOptions) {\n // nothing here\n }\n\n get projectId() {\n return this.options.projectId;\n }\n\n getApiUrl() {\n return this.options.getBaseUrl() + \"/api/v1\";\n }\n\n public async runNetworkDiagnostics(session?: InternalSession | null, requestType?: \"client\" | \"server\" | \"admin\") {\n const tryRequest = async (cb: () => Promise<void>) => {\n try {\n await cb();\n return \"OK\";\n } catch (e) {\n return `${e}`;\n }\n };\n const cfTrace = await tryRequest(async () => {\n const res = await fetch(\"https://1.1.1.1/cdn-cgi/trace\");\n if (!res.ok) {\n throw new Error(`${res.status} ${res.statusText}: ${await res.text()}`);\n }\n });\n const apiRoot = session !== undefined && requestType !== undefined ? await tryRequest(async () => {\n const res = await this.sendClientRequestInner(\"/\", {}, session!, requestType);\n if (res.status === \"error\") {\n throw res.error;\n }\n }) : \"Not tested\";\n const baseUrlBackend = await tryRequest(async () => {\n const res = await fetch(new URL(\"/health\", this.getApiUrl()));\n if (!res.ok) {\n throw new Error(`${res.status} ${res.statusText}: ${await res.text()}`);\n }\n });\n const prodDashboard = await tryRequest(async () => {\n const res = await fetch(\"https://app.stack-auth.com/health\");\n if (!res.ok) {\n throw new Error(`${res.status} ${res.statusText}: ${await res.text()}`);\n }\n });\n const prodBackend = await tryRequest(async () => {\n const res = await fetch(\"https://api.stack-auth.com/health\");\n if (!res.ok) {\n throw new Error(`${res.status} ${res.statusText}: ${await res.text()}`);\n }\n });\n return {\n \"navigator?.onLine\": globalVar.navigator?.onLine,\n cfTrace,\n apiRoot,\n baseUrlBackend,\n prodDashboard,\n prodBackend,\n };\n }\n\n protected async _createNetworkError(cause: Error, session?: InternalSession | null, requestType?: \"client\" | \"server\" | \"admin\") {\n return new Error(deindent`\n Stack Auth is unable to connect to the server. Please check your internet connection and try again.\n\n If the problem persists, please contact support and provide a screenshot of your entire browser console.\n\n ${cause}\n\n ${JSON.stringify(await this.runNetworkDiagnostics(session, requestType), null, 2)}\n `, { cause: cause });\n }\n\n protected async _networkRetry<T>(cb: () => Promise<Result<T, any>>, session?: InternalSession | null, requestType?: \"client\" | \"server\" | \"admin\"): Promise<T> {\n const retriedResult = await Result.retry(\n cb,\n 5,\n { exponentialDelayBase: 1000 },\n );\n\n // try to diagnose the error for the user\n if (retriedResult.status === \"error\") {\n if (globalVar.navigator && globalVar.navigator.onLine === false) {\n throw new Error(\"You are offline. Please check your internet connection and try again. (window.navigator.onLine is false)\", { cause: retriedResult.error });\n }\n throw await this._createNetworkError(retriedResult.error, session, requestType);\n }\n return retriedResult.data;\n }\n\n protected async _networkRetryException<T>(cb: () => Promise<T>, session?: InternalSession | null, requestType?: \"client\" | \"server\" | \"admin\"): Promise<T> {\n return await this._networkRetry(async () => await Result.fromThrowingAsync(cb), session, requestType);\n }\n\n public async fetchNewAccessToken(refreshToken: RefreshToken) {\n if (!('publishableClientKey' in this.options)) {\n // TODO support it\n throw new Error(\"Admin session token is currently not supported for fetching new access token. Did you try to log in on a StackApp initiated with the admin session?\");\n }\n\n const as = {\n issuer: this.options.getBaseUrl(),\n algorithm: 'oauth2',\n token_endpoint: this.getApiUrl() + '/auth/oauth/token',\n };\n const client: oauth.Client = {\n client_id: this.projectId,\n client_secret: this.options.publishableClientKey,\n token_endpoint_auth_method: 'client_secret_post',\n };\n\n const rawResponse = await this._networkRetryException(\n async () => await oauth.refreshTokenGrantRequest(\n as,\n client,\n refreshToken.token,\n )\n );\n const response = await this._processResponse(rawResponse);\n\n if (response.status === \"error\") {\n const error = response.error;\n if (KnownErrors.RefreshTokenError.isInstance(error)) {\n return null;\n }\n throw error;\n }\n\n if (!response.data.ok) {\n const body = await response.data.text();\n throw new Error(`Failed to send refresh token request: ${response.status} ${body}`);\n }\n\n const result = await oauth.processRefreshTokenResponse(as, client, response.data);\n if (oauth.isOAuth2Error(result)) {\n // TODO Handle OAuth 2.0 response body error\n throw new StackAssertionError(\"OAuth error\", { result });\n }\n\n if (!result.access_token) {\n throw new StackAssertionError(\"Access token not found in token endpoint response, this is weird!\");\n }\n\n return AccessToken.createIfValid(result.access_token) ?? throwErr(\"Access token in fetchNewAccessToken is invalid, looks like the backend is returning an invalid token!\", { result });\n }\n\n public async sendClientRequest(\n path: string,\n requestOptions: RequestInit,\n session: InternalSession | null,\n requestType: \"client\" | \"server\" | \"admin\" = \"client\",\n ) {\n session ??= this.createSession({\n refreshToken: null,\n });\n\n\n return await this._networkRetry(\n () => this.sendClientRequestInner(path, requestOptions, session!, requestType),\n session,\n requestType,\n );\n }\n\n public createSession(options: Omit<ConstructorParameters<typeof InternalSession>[0], \"refreshAccessTokenCallback\">): InternalSession {\n const session = new InternalSession({\n refreshAccessTokenCallback: async (refreshToken) => await this.fetchNewAccessToken(refreshToken),\n ...options,\n });\n return session;\n }\n\n protected async sendClientRequestAndCatchKnownError<E extends typeof KnownErrors[keyof KnownErrors]>(\n path: string,\n requestOptions: RequestInit,\n tokenStoreOrNull: InternalSession | null,\n errorsToCatch: readonly E[],\n ): Promise<Result<\n Response & {\n usedTokens: {\n accessToken: AccessToken,\n refreshToken: RefreshToken | null,\n } | null,\n },\n InstanceType<E>\n >> {\n try {\n return Result.ok(await this.sendClientRequest(path, requestOptions, tokenStoreOrNull));\n } catch (e) {\n for (const errorType of errorsToCatch) {\n if (errorType.isInstance(e)) {\n return Result.error(e as InstanceType<E>);\n }\n }\n throw e;\n }\n }\n\n private async sendClientRequestInner(\n path: string,\n options: RequestInit,\n session: InternalSession,\n requestType: \"client\" | \"server\" | \"admin\",\n ): Promise<Result<Response & {\n usedTokens: {\n accessToken: AccessToken,\n refreshToken: RefreshToken | null,\n } | null,\n }>> {\n /**\n * `tokenObj === null` means the session is invalid/not logged in\n */\n let tokenObj = await session.getOrFetchLikelyValidTokens(20_000);\n\n let adminSession = \"projectOwnerSession\" in this.options ? this.options.projectOwnerSession : null;\n let adminTokenObj = adminSession ? await adminSession.getOrFetchLikelyValidTokens(20_000) : null;\n\n // all requests should be dynamic to prevent Next.js caching\n await this.options.prepareRequest?.();\n\n let url = this.getApiUrl() + path;\n if (url.endsWith(\"/\")) {\n url = url.slice(0, -1);\n }\n const params: RequestInit = {\n /**\n * This fetch may be cross-origin, in which case we don't want to send cookies of the\n * original origin (this is the default behavior of `credentials`).\n *\n * To help debugging, also omit cookies on same-origin, so we don't accidentally\n * implement reliance on cookies anywhere.\n *\n * However, Cloudflare Workers don't actually support `credentials`, so we only set it\n * if Cloudflare-exclusive globals are not detected. https://github.com/cloudflare/workers-sdk/issues/2514\n */\n ...(\"WebSocketPair\" in globalVar ? {} : {\n credentials: \"omit\",\n }),\n ...options,\n headers: {\n \"X-Stack-Override-Error-Status\": \"true\",\n \"X-Stack-Project-Id\": this.projectId,\n \"X-Stack-Access-Type\": requestType,\n \"X-Stack-Client-Version\": this.options.clientVersion,\n ...(tokenObj ? {\n \"X-Stack-Access-Token\": tokenObj.accessToken.token,\n } : {}),\n ...(tokenObj?.refreshToken ? {\n \"X-Stack-Refresh-Token\": tokenObj.refreshToken.token,\n } : {}),\n \"X-Stack-Allow-Anonymous-User\": \"true\",\n ...('publishableClientKey' in this.options ? {\n \"X-Stack-Publishable-Client-Key\": this.options.publishableClientKey,\n } : {}),\n ...(adminTokenObj ? {\n \"X-Stack-Admin-Access-Token\": adminTokenObj.accessToken.token,\n } : {}),\n /**\n * Next.js until v15 would cache fetch requests by default, and forcefully disabling it was nearly impossible.\n *\n * This header is used to change the cache key and hence always disable it, because we do our own caching.\n *\n * When we drop support for Next.js <15, we may be able to remove this header, but please make sure that this is\n * the case (I haven't actually tested.)\n */\n \"X-Stack-Random-Nonce\": generateSecureRandomString(),\n // don't show a warning when proxying the API through ngrok (only relevant if the API url is an ngrok site)\n 'ngrok-skip-browser-warning': 'true',\n ...this.options.extraRequestHeaders,\n ...options.headers,\n },\n /**\n * Cloudflare Workers does not support cache, so don't pass it there\n */\n ...(\"WebSocketPair\" in globalVar ? {} : {\n cache: \"no-store\",\n }),\n };\n\n let rawRes;\n try {\n rawRes = await fetch(url, params);\n } catch (e) {\n if (e instanceof TypeError) {\n // Likely to be a network error. Retry if the request is idempotent, throw network error otherwise.\n if (HTTP_METHODS[(params.method ?? \"GET\") as HttpMethod].idempotent) {\n return Result.error(e);\n } else {\n throw await this._createNetworkError(e, session, requestType);\n }\n }\n throw e;\n }\n\n const processedRes = await this._processResponse(rawRes);\n if (processedRes.status === \"error\") {\n // If the access token is invalid, reset it and retry\n if (KnownErrors.InvalidAccessToken.isInstance(processedRes.error)) {\n if (!tokenObj) {\n throw new StackAssertionError(\"Received invalid access token, but session is not logged in\", { tokenObj, processedRes });\n }\n session.markAccessTokenExpired(tokenObj.accessToken);\n return Result.error(processedRes.error);\n }\n\n // Same for the admin access token\n // TODO HACK: Some of the backend hasn't been ported to use the new error codes, so if we have project owner tokens we need to check for ApiKeyNotFound too. Once the migration to smartRouteHandlers is complete, we can check for InvalidAdminAccessToken only.\n if (adminSession && (KnownErrors.InvalidAdminAccessToken.isInstance(processedRes.error) || KnownErrors.ApiKeyNotFound.isInstance(processedRes.error))) {\n if (!adminTokenObj) {\n throw new StackAssertionError(\"Received invalid admin access token, but admin session is not logged in\", { adminTokenObj, processedRes });\n }\n adminSession.markAccessTokenExpired(adminTokenObj.accessToken);\n return Result.error(processedRes.error);\n }\n\n // Known errors are client side errors, so except for the ones above they should not be retried\n // Hence, throw instead of returning an error\n throw processedRes.error;\n }\n\n\n const res = Object.assign(processedRes.data, {\n usedTokens: tokenObj,\n });\n if (res.ok) {\n return Result.ok(res);\n } else if (res.status === 429) {\n // Rate limited, so retry if we can\n const retryAfter = res.headers.get(\"Retry-After\");\n if (retryAfter !== null) {\n console.log(`Rate limited while sending request to ${url}. Will retry after ${retryAfter} seconds...`);\n await wait(Number(retryAfter) * 1000);\n return Result.error(new Error(`Rate limited, retrying after ${retryAfter} seconds`));\n }\n console.log(`Rate limited while sending request to ${url}, no retry-after header received. Retrying...`);\n return Result.error(new Error(\"Rate limited, no retry-after header received\"));\n } else {\n const error = await res.text();\n\n const errorObj = new StackAssertionError(`Failed to send request to ${url}: ${res.status} ${error}`, { request: params, res, path });\n\n if (res.status === 508 && error.includes(\"INFINITE_LOOP_DETECTED\")) {\n // Some Vercel deployments seem to have an odd infinite loop bug. In that case, retry.\n // See: https://github.com/stack-auth/stack-auth/issues/319\n return Result.error(errorObj);\n }\n\n // Do not retry, throw error instead of returning one\n throw errorObj;\n }\n }\n\n private async _processResponse(rawRes: Response): Promise<Result<Response, KnownError>> {\n let res = rawRes;\n if (rawRes.headers.has(\"x-stack-actual-status\")) {\n const actualStatus = Number(rawRes.headers.get(\"x-stack-actual-status\"));\n res = new Response(rawRes.body, {\n status: actualStatus,\n statusText: rawRes.statusText,\n headers: rawRes.headers,\n });\n }\n\n // Handle known errors\n if (res.headers.has(\"x-stack-known-error\")) {\n const errorJson = await res.json();\n if (res.headers.get(\"x-stack-known-error\") !== errorJson.code) {\n throw new StackAssertionError(\"Mismatch between x-stack-known-error header and error code in body; the server's response is invalid\");\n }\n const error = KnownError.fromJson(errorJson);\n return Result.error(error);\n }\n\n return Result.ok(res);\n }\n\n public async checkFeatureSupport(options: { featureName?: string } & ReadonlyJson): Promise<never> {\n const res = await this.sendClientRequest(\"/check-feature-support\", {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n },\n body: JSON.stringify(options),\n }, null);\n\n throw new StackAssertionError(await res.text());\n }\n\n async sendForgotPasswordEmail(\n email: string,\n callbackUrl: string,\n ): Promise<Result<undefined, KnownErrors[\"UserNotFound\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/password/send-reset-code\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n email,\n callback_url: callbackUrl,\n }),\n },\n null,\n [KnownErrors.UserNotFound],\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(undefined);\n }\n }\n\n async sendVerificationEmail(\n email: string,\n callbackUrl: string,\n session: InternalSession\n ): Promise<KnownErrors[\"EmailAlreadyVerified\"] | undefined> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/contact-channels/send-verification-code\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n email,\n callback_url: callbackUrl,\n }),\n },\n session,\n [KnownErrors.EmailAlreadyVerified]\n );\n\n if (res.status === \"error\") {\n return res.error;\n }\n }\n\n async sendMagicLinkEmail(\n email: string,\n callbackUrl: string,\n ): Promise<Result<{ nonce: string }, KnownErrors[\"RedirectUrlNotWhitelisted\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/otp/send-sign-in-code\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n email,\n callback_url: callbackUrl,\n }),\n },\n null,\n [KnownErrors.RedirectUrlNotWhitelisted]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(await res.data.json());\n }\n }\n\n async resetPassword(\n options: { code: string } & ({ password: string } | { onlyVerifyCode: true })\n ): Promise<Result<undefined, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"onlyVerifyCode\" in options ? \"/auth/password/reset/check-code\" : \"/auth/password/reset\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n code: options.code,\n ...(\"password\" in options ? { password: options.password } : {}),\n }),\n },\n null,\n [KnownErrors.VerificationCodeError]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(undefined);\n }\n }\n\n async updatePassword(\n options: { oldPassword: string, newPassword: string },\n session: InternalSession\n ): Promise<KnownErrors[\"PasswordConfirmationMismatch\"] | KnownErrors[\"PasswordRequirementsNotMet\"] | undefined> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/password/update\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n old_password: options.oldPassword,\n new_password: options.newPassword,\n }),\n },\n session,\n [KnownErrors.PasswordConfirmationMismatch, KnownErrors.PasswordRequirementsNotMet]\n );\n\n if (res.status === \"error\") {\n return res.error;\n }\n }\n\n async setPassword(\n options: { password: string },\n session: InternalSession\n ): Promise<KnownErrors[\"PasswordRequirementsNotMet\"] | undefined> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/password/set\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify(options),\n },\n session,\n [KnownErrors.PasswordRequirementsNotMet]\n );\n\n if (res.status === \"error\") {\n return res.error;\n }\n }\n\n async verifyPasswordResetCode(code: string): Promise<Result<undefined, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.resetPassword({ code, onlyVerifyCode: true });\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(undefined);\n }\n }\n\n async verifyEmail(code: string): Promise<Result<undefined, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/contact-channels/verify\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n code,\n }),\n },\n null,\n [KnownErrors.VerificationCodeError]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(undefined);\n }\n }\n\n async initiatePasskeyRegistration(\n options: {},\n session: InternalSession\n ): Promise<Result<{ options_json: PublicKeyCredentialCreationOptionsJSON, code: string }, KnownErrors[]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/passkey/initiate-passkey-registration\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify(options),\n },\n session,\n []\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n return Result.ok(await res.data.json());\n }\n\n async registerPasskey(\n options: { credential: RegistrationResponseJSON, code: string },\n session: InternalSession\n ): Promise<Result<undefined, KnownErrors[\"PasskeyRegistrationFailed\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/passkey/register\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify(options),\n },\n session,\n [KnownErrors.PasskeyRegistrationFailed]\n );\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n return Result.ok(undefined);\n }\n\n async initiatePasskeyAuthentication(\n options: {\n },\n session: InternalSession\n ): Promise<Result<{ options_json: PublicKeyCredentialRequestOptionsJSON, code: string }, KnownErrors[]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/passkey/initiate-passkey-authentication\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify(options),\n },\n session,\n []\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n return Result.ok(await res.data.json());\n }\n\n async sendTeamInvitation(options: {\n email: string,\n teamId: string,\n callbackUrl: string,\n session: InternalSession,\n }): Promise<void> {\n await this.sendClientRequest(\n \"/team-invitations/send-code\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n email: options.email,\n team_id: options.teamId,\n callback_url: options.callbackUrl,\n }),\n },\n options.session,\n );\n }\n\n async acceptTeamInvitation<T extends 'use' | 'details' | 'check'>(options: {\n code: string,\n session: InternalSession,\n type: T,\n }): Promise<Result<T extends 'details' ? { team_display_name: string } : undefined, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n options.type === 'check' ?\n \"/team-invitations/accept/check-code\" :\n options.type === 'details' ?\n \"/team-invitations/accept/details\" :\n \"/team-invitations/accept\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n code: options.code,\n }),\n },\n options.session,\n [KnownErrors.VerificationCodeError]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n } else {\n return Result.ok(await res.data.json());\n }\n }\n\n async totpMfa(\n attemptCode: string,\n totp: string,\n session: InternalSession\n ) {\n const res = await this.sendClientRequest(\"/auth/mfa/sign-in\", {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n code: attemptCode,\n type: \"totp\",\n totp: totp,\n }),\n }, session);\n\n const result = await res.json();\n return {\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n newUser: result.is_new_user,\n };\n }\n\n async signInWithCredential(\n email: string,\n password: string,\n session: InternalSession\n ): Promise<Result<{ accessToken: string, refreshToken: string }, KnownErrors[\"EmailPasswordMismatch\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/password/sign-in\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n email,\n password,\n }),\n },\n session,\n [KnownErrors.EmailPasswordMismatch]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n });\n }\n\n async signUpWithCredential(\n email: string,\n password: string,\n emailVerificationRedirectUrl: string,\n session: InternalSession,\n ): Promise<Result<{ accessToken: string, refreshToken: string }, KnownErrors[\"UserWithEmailAlreadyExists\"] | KnownErrors[\"PasswordRequirementsNotMet\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/password/sign-up\",\n {\n headers: {\n \"Content-Type\": \"application/json\"\n },\n method: \"POST\",\n body: JSON.stringify({\n email,\n password,\n verification_callback_url: emailVerificationRedirectUrl,\n }),\n },\n session,\n [KnownErrors.UserWithEmailAlreadyExists, KnownErrors.PasswordRequirementsNotMet]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n });\n }\n\n async signUpAnonymously(session: InternalSession): Promise<Result<{ accessToken: string, refreshToken: string }, never>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/anonymous/sign-up\",\n {\n method: \"POST\",\n },\n session,\n [],\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n });\n }\n\n async signInWithMagicLink(code: string, session: InternalSession): Promise<Result<{ newUser: boolean, accessToken: string, refreshToken: string }, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/otp/sign-in\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n code,\n }),\n },\n session,\n [KnownErrors.VerificationCodeError]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n newUser: result.is_new_user,\n });\n }\n\n async signInWithMfa(totp: string, code: string, session: InternalSession): Promise<Result<{ newUser: boolean, accessToken: string, refreshToken: string }, KnownErrors[\"VerificationCodeError\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/mfa/sign-in\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n type: \"totp\",\n totp,\n code,\n }),\n },\n session,\n [KnownErrors.VerificationCodeError]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n newUser: result.is_new_user,\n });\n }\n\n async signInWithPasskey(body: { authentication_response: AuthenticationResponseJSON, code: string }, session: InternalSession): Promise<Result<{accessToken: string, refreshToken: string }, KnownErrors[\"PasskeyAuthenticationFailed\"]>> {\n const res = await this.sendClientRequestAndCatchKnownError(\n \"/auth/passkey/sign-in\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify(body),\n },\n session,\n [KnownErrors.PasskeyAuthenticationFailed]\n );\n\n if (res.status === \"error\") {\n return Result.error(res.error);\n }\n\n const result = await res.data.json();\n return Result.ok({\n accessToken: result.access_token,\n refreshToken: result.refresh_token,\n });\n }\n\n async getOAuthUrl(\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n afterCallbackRedirectUrl?: string,\n codeChallenge: string,\n state: string,\n type: \"authenticate\" | \"link\",\n providerScope?: string,\n session: InternalSession,\n }\n ): Promise<string> {\n const updatedRedirectUrl = new URL(options.redirectUrl);\n for (const key of [\"code\", \"state\"]) {\n if (updatedRedirectUrl.searchParams.has(key)) {\n console.warn(\"Redirect URL already contains \" + key + \" parameter, removing it as it will be overwritten by the OAuth callback\");\n }\n updatedRedirectUrl.searchParams.delete(key);\n }\n\n if (!('publishableClientKey' in this.options)) {\n // TODO fix\n throw new Error(\"Admin session token is currently not supported for OAuth\");\n }\n const url = new URL(this.getApiUrl() + \"/auth/oauth/authorize/\" + options.provider.toLowerCase());\n url.searchParams.set(\"client_id\", this.projectId);\n url.searchParams.set(\"client_secret\", this.options.publishableClientKey);\n url.searchParams.set(\"redirect_uri\", updatedRedirectUrl.toString());\n url.searchParams.set(\"scope\", \"legacy\");\n url.searchParams.set(\"state\", options.state);\n url.searchParams.set(\"grant_type\", \"authorization_code\");\n url.searchParams.set(\"code_challenge\", options.codeChallenge);\n url.searchParams.set(\"code_challenge_method\", \"S256\");\n url.searchParams.set(\"response_type\", \"code\");\n url.searchParams.set(\"type\", options.type);\n url.searchParams.set(\"error_redirect_url\", options.errorRedirectUrl);\n\n const tokens = await options.session.getOrFetchLikelyValidTokens(20_000);\n if (tokens) {\n url.searchParams.set(\"token\", tokens.accessToken.token);\n }\n\n if (options.afterCallbackRedirectUrl) {\n url.searchParams.set(\"after_callback_redirect_url\", options.afterCallbackRedirectUrl);\n }\n if (options.providerScope) {\n url.searchParams.set(\"provider_scope\", options.providerScope);\n }\n\n return url.toString();\n }\n\n async callOAuthCallback(options: {\n oauthParams: URLSearchParams,\n redirectUri: string,\n codeVerifier: string,\n state: string,\n }): Promise<{ newUser: boolean, afterCallbackRedirectUrl?: string, accessToken: string, refreshToken: string }> {\n if (!('publishableClientKey' in this.options)) {\n // TODO fix\n throw new Error(\"Admin session token is currently not supported for OAuth\");\n }\n const as = {\n issuer: this.options.getBaseUrl(),\n algorithm: 'oauth2',\n token_endpoint: this.getApiUrl() + '/auth/oauth/token',\n };\n const client: oauth.Client = {\n client_id: this.projectId,\n client_secret: this.options.publishableClientKey,\n token_endpoint_auth_method: 'client_secret_post',\n };\n const params = await this._networkRetryException(\n async () => oauth.validateAuthResponse(as, client, options.oauthParams, options.state),\n );\n if (oauth.isOAuth2Error(params)) {\n throw new StackAssertionError(\"Error validating outer OAuth response\", { params }); // Handle OAuth 2.0 redirect error\n }\n const response = await oauth.authorizationCodeGrantRequest(\n as,\n client,\n params,\n options.redirectUri,\n options.codeVerifier,\n );\n\n const result = await oauth.processAuthorizationCodeOAuth2Response(as, client, response);\n if (oauth.isOAuth2Error(result)) {\n if (\"code\" in result && result.code === \"MULTI_FACTOR_AUTHENTICATION_REQUIRED\") {\n throw new KnownErrors.MultiFactorAuthenticationRequired((result as any).details.attempt_code);\n }\n // TODO Handle OAuth 2.0 response body error\n throw new StackAssertionError(\"Outer OAuth error during authorization code response\", { result });\n }\n return {\n newUser: result.is_new_user as boolean,\n afterCallbackRedirectUrl: result.after_callback_redirect_url as string | undefined,\n accessToken: result.access_token,\n refreshToken: result.refresh_token ?? throwErr(\"Refresh token not found in outer OAuth response\"),\n };\n }\n\n async signOut(session: InternalSession): Promise<void> {\n const tokenObj = await session.getOrFetchLikelyValidTokens(20_000);\n if (tokenObj) {\n const resOrError = await this.sendClientRequestAndCatchKnownError(\n \"/auth/sessions/current\",\n {\n method: \"DELETE\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({}),\n },\n session,\n [KnownErrors.RefreshTokenError]\n );\n if (resOrError.status === \"error\") {\n if (KnownErrors.RefreshTokenError.isInstance(resOrError.error)) {\n // refresh token was already invalid, just continue like nothing happened\n } else {\n // this should never happen\n throw new StackAssertionError(\"Unexpected error\", { error: resOrError.error });\n }\n } else {\n // user was signed out successfully, all good\n }\n }\n session.markInvalid();\n }\n\n async getClientUserByToken(session: InternalSession): Promise<CurrentUserCrud[\"Client\"][\"Read\"] | null> {\n const responseOrError = await this.sendClientRequestAndCatchKnownError(\n \"/users/me\",\n {},\n session,\n [KnownErrors.CannotGetOwnUserWithoutUser],\n );\n if (responseOrError.status === \"error\") {\n if (KnownErrors.CannotGetOwnUserWithoutUser.isInstance(responseOrError.error)) {\n return null;\n } else {\n throw new StackAssertionError(\"Unexpected uncaught error\", { cause: responseOrError.error });\n }\n }\n const response = responseOrError.data;\n const user: CurrentUserCrud[\"Client\"][\"Read\"] = await response.json();\n if (!(user as any)) throw new StackAssertionError(\"User endpoint returned null; this should never happen\");\n return user;\n }\n\n async listTeamInvitations(\n options: {\n teamId: string,\n },\n session: InternalSession,\n ): Promise<TeamInvitationCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n \"/team-invitations?\" + new URLSearchParams({ team_id: options.teamId }),\n {},\n session,\n );\n const result = await response.json() as TeamInvitationCrud['Client']['List'];\n return result.items;\n }\n\n async revokeTeamInvitation(\n invitationId: string,\n teamId: string,\n session: InternalSession,\n ) {\n await this.sendClientRequest(\n `/team-invitations/${invitationId}?team_id=${teamId}`,\n { method: \"DELETE\" },\n session,\n );\n }\n\n async listTeamMemberProfiles(\n options: {\n teamId?: string,\n userId?: string,\n },\n session: InternalSession,\n ): Promise<TeamMemberProfilesCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n \"/team-member-profiles?\" + new URLSearchParams(filterUndefined({\n team_id: options.teamId,\n user_id: options.userId,\n })),\n {},\n session,\n );\n const result = await response.json() as TeamMemberProfilesCrud['Client']['List'];\n return result.items;\n }\n\n async getTeamMemberProfile(\n options: {\n teamId: string,\n userId: string,\n },\n session: InternalSession,\n ): Promise<TeamMemberProfilesCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n `/team-member-profiles/${options.teamId}/${options.userId}`,\n {},\n session,\n );\n return await response.json();\n }\n\n async leaveTeam(\n teamId: string,\n session: InternalSession,\n ) {\n await this.sendClientRequest(\n `/team-memberships/${teamId}/me`,\n {\n method: \"DELETE\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({}),\n },\n session,\n );\n }\n\n async updateTeamMemberProfile(\n options: {\n teamId: string,\n userId: string,\n profile: TeamMemberProfilesCrud['Client']['Update'],\n },\n session: InternalSession,\n ) {\n await this.sendClientRequest(\n `/team-member-profiles/${options.teamId}/${options.userId}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(options.profile),\n },\n session,\n );\n }\n\n async updateTeam(\n options: {\n teamId: string,\n data: TeamsCrud['Client']['Update'],\n },\n session: InternalSession,\n ) {\n await this.sendClientRequest(\n `/teams/${options.teamId}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(options.data),\n },\n session,\n );\n }\n\n async listCurrentUserTeamPermissions(\n options: {\n teamId: string,\n recursive: boolean,\n },\n session: InternalSession\n ): Promise<TeamPermissionsCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n `/team-permissions?team_id=${options.teamId}&user_id=me&recursive=${options.recursive}`,\n {},\n session,\n );\n const result = await response.json() as TeamPermissionsCrud['Client']['List'];\n return result.items;\n }\n\n async listCurrentUserProjectPermissions(\n options: {\n recursive: boolean,\n },\n session: InternalSession\n ): Promise<ProjectPermissionsCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n `/project-permissions?user_id=me&recursive=${options.recursive}`,\n {},\n session,\n );\n const result = await response.json() as ProjectPermissionsCrud['Client']['List'];\n return result.items;\n }\n\n async listCurrentUserTeams(session: InternalSession): Promise<TeamsCrud[\"Client\"][\"Read\"][]> {\n const response = await this.sendClientRequest(\n \"/teams?user_id=me\",\n {},\n session,\n );\n const result = await response.json() as TeamsCrud[\"Client\"][\"List\"];\n return result.items;\n }\n\n async getClientProject(): Promise<Result<ClientProjectsCrud['Client']['Read'], KnownErrors[\"ProjectNotFound\"]>> {\n const responseOrError = await this.sendClientRequestAndCatchKnownError(\"/projects/current\", {}, null, [KnownErrors.ProjectNotFound]);\n if (responseOrError.status === \"error\") {\n return Result.error(responseOrError.error);\n }\n const response = responseOrError.data;\n const project: ClientProjectsCrud['Client']['Read'] = await response.json();\n return Result.ok(project);\n }\n\n async updateClientUser(update: CurrentUserCrud[\"Client\"][\"Update\"], session: InternalSession) {\n await this.sendClientRequest(\n \"/users/me\",\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(update),\n },\n session,\n );\n }\n\n async listProjects(session: InternalSession): Promise<AdminUserProjectsCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\"/internal/projects\", {}, session);\n if (!response.ok) {\n throw new Error(\"Failed to list projects: \" + response.status + \" \" + (await response.text()));\n }\n\n const json = await response.json() as AdminUserProjectsCrud['Client']['List'];\n return json.items;\n }\n\n async createProject(\n project: AdminUserProjectsCrud['Client']['Create'],\n session: InternalSession,\n ): Promise<AdminUserProjectsCrud['Client']['Read']> {\n const fetchResponse = await this.sendClientRequest(\n \"/internal/projects\",\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(project),\n },\n session,\n );\n if (!fetchResponse.ok) {\n throw new Error(\"Failed to create project: \" + fetchResponse.status + \" \" + (await fetchResponse.text()));\n }\n\n const json = await fetchResponse.json();\n return json;\n }\n\n async createProviderAccessToken(\n provider: string,\n scope: string,\n session: InternalSession,\n ): Promise<ConnectedAccountAccessTokenCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n `/connected-accounts/me/${provider}/access-token`,\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({ scope }),\n },\n session,\n );\n return await response.json();\n }\n\n async createClientTeam(\n data: TeamsCrud['Client']['Create'],\n session: InternalSession,\n ): Promise<TeamsCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n \"/teams\",\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n );\n return await response.json();\n }\n\n async deleteTeam(\n teamId: string,\n session: InternalSession,\n ) {\n await this.sendClientRequest(\n `/teams/${teamId}`,\n {\n method: \"DELETE\",\n },\n session,\n );\n }\n\n async deleteCurrentUser(session: InternalSession) {\n await this.sendClientRequest(\n \"/users/me\",\n {\n method: \"DELETE\",\n },\n session,\n );\n }\n\n async createClientContactChannel(\n data: ContactChannelsCrud['Client']['Create'],\n session: InternalSession,\n ): Promise<ContactChannelsCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n \"/contact-channels\",\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n );\n return await response.json();\n }\n\n async updateClientContactChannel(\n id: string,\n data: ContactChannelsCrud['Client']['Update'],\n session: InternalSession,\n ): Promise<ContactChannelsCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n `/contact-channels/me/${id}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n );\n return await response.json();\n }\n\n async deleteClientContactChannel(\n id: string,\n session: InternalSession,\n ): Promise<void> {\n await this.sendClientRequest(\n `/contact-channels/me/${id}`,\n {\n method: \"DELETE\",\n },\n session,\n );\n }\n\n async deleteSession(\n sessionId: string,\n session: InternalSession,\n ): Promise<void> {\n await this.sendClientRequest(\n `/auth/sessions/${sessionId}?user_id=me`,\n {\n method: \"DELETE\",\n },\n session,\n );\n }\n\n async listSessions(\n session: InternalSession,\n ): Promise<SessionsCrud['Client']['List']> {\n const response = await this.sendClientRequest(\n \"/auth/sessions?user_id=me\",\n {\n method: \"GET\",\n },\n session,\n );\n return await response.json();\n }\n\n\n async listClientContactChannels(\n session: InternalSession,\n ): Promise<ContactChannelsCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n \"/contact-channels?user_id=me\",\n {\n method: \"GET\",\n },\n session,\n );\n const json = await response.json() as ContactChannelsCrud['Client']['List'];\n return json.items;\n }\n\n async sendCurrentUserContactChannelVerificationEmail(\n contactChannelId: string,\n callbackUrl: string,\n session: InternalSession,\n ): Promise<Result<undefined, KnownErrors[\"EmailAlreadyVerified\"]>> {\n const responseOrError = await this.sendClientRequestAndCatchKnownError(\n `/contact-channels/me/${contactChannelId}/send-verification-code`,\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({ callback_url: callbackUrl }),\n },\n session,\n [KnownErrors.EmailAlreadyVerified]\n );\n\n if (responseOrError.status === \"error\") {\n return Result.error(responseOrError.error);\n }\n return Result.ok(undefined);\n }\n\n async cliLogin(\n loginCode: string,\n refreshToken: string,\n session: InternalSession\n ): Promise<Result<undefined, KnownErrors[\"SchemaError\"]>> {\n const responseOrError = await this.sendClientRequestAndCatchKnownError(\n \"/auth/cli/complete\",\n {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\"\n },\n body: JSON.stringify({\n login_code: loginCode,\n refresh_token: refreshToken,\n }),\n },\n session,\n [KnownErrors.SchemaError]\n );\n\n if (responseOrError.status === \"error\") {\n return Result.error(responseOrError.error);\n }\n return Result.ok(undefined);\n }\n\n private async _getApiKeyRequestInfo(options: { user_id: string | null } | { team_id: string }) {\n if (\"user_id\" in options && \"team_id\" in options) {\n throw new StackAssertionError(\"Cannot specify both user_id and team_id in _getApiKeyRequestInfo\");\n }\n\n return {\n endpoint: \"team_id\" in options ? \"/team-api-keys\" : \"/user-api-keys\",\n queryParams: new URLSearchParams(filterUndefinedOrNull(options)),\n };\n }\n\n // API Keys CRUD operations\n listProjectApiKeys(options: { user_id: string }, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'][]>;\n listProjectApiKeys(options: { team_id: string }, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<TeamApiKeysCrud['Client']['Read'][]>;\n listProjectApiKeys(options: { user_id: string } | { team_id: string }, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<(UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read'])[]>;\n async listProjectApiKeys(\n options: { user_id: string } | { team_id: string },\n session: InternalSession | null,\n requestType: \"client\" | \"server\" | \"admin\",\n ): Promise<(UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read'])[]> {\n const sendRequest = (requestType === \"client\" ? this.sendClientRequest : (this as any).sendServerRequest as never).bind(this);\n const { endpoint, queryParams } = await this._getApiKeyRequestInfo(options);\n\n const response = await sendRequest(\n `${endpoint}?${queryParams.toString()}`,\n {\n method: \"GET\",\n },\n session,\n requestType,\n );\n const json = await response.json();\n return json.items;\n }\n\n createProjectApiKey(data: yup.InferType<typeof userApiKeysCreateInputSchema>, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<yup.InferType<typeof userApiKeysCreateOutputSchema>>;\n createProjectApiKey(data: yup.InferType<typeof teamApiKeysCreateInputSchema>, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<yup.InferType<typeof teamApiKeysCreateOutputSchema>>;\n createProjectApiKey(data: yup.InferType<typeof userApiKeysCreateInputSchema> | yup.InferType<typeof teamApiKeysCreateInputSchema>, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<yup.InferType<typeof userApiKeysCreateOutputSchema> | yup.InferType<typeof teamApiKeysCreateOutputSchema>>;\n async createProjectApiKey(\n data: yup.InferType<typeof userApiKeysCreateInputSchema> | yup.InferType<typeof teamApiKeysCreateInputSchema>,\n session: InternalSession | null,\n requestType: \"client\" | \"server\" | \"admin\",\n ): Promise<yup.InferType<typeof userApiKeysCreateOutputSchema> | yup.InferType<typeof teamApiKeysCreateOutputSchema>> {\n const sendRequest = (requestType === \"client\" ? this.sendClientRequest : (this as any).sendServerRequest as never).bind(this);\n const { endpoint } = await this._getApiKeyRequestInfo(data);\n\n const response = await sendRequest(\n `${endpoint}`,\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n requestType,\n );\n return await response.json();\n }\n\n getProjectApiKey(options: { user_id: string | null }, keyId: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read']>;\n getProjectApiKey(options: { team_id: string }, keyId: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<TeamApiKeysCrud['Client']['Read']>;\n getProjectApiKey(options: { user_id: string | null } | { team_id: string }, keyId: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read']>;\n async getProjectApiKey(\n options: { user_id: string | null } | { team_id: string },\n keyId: string,\n session: InternalSession | null,\n requestType: \"client\" | \"server\" | \"admin\",\n ): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read']> {\n const sendRequest = (requestType === \"client\" ? this.sendClientRequest : (this as any).sendServerRequest as never).bind(this);\n const { endpoint, queryParams } = await this._getApiKeyRequestInfo(options);\n\n const response = await sendRequest(\n `${endpoint}/${keyId}?${queryParams.toString()}`,\n {\n method: \"GET\",\n },\n session,\n requestType,\n );\n return await response.json();\n }\n\n updateProjectApiKey(options: { user_id: string }, keyId: string, data: UserApiKeysCrud['Client']['Update'], session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read']>;\n updateProjectApiKey(options: { team_id: string }, keyId: string, data: TeamApiKeysCrud['Client']['Update'], session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<TeamApiKeysCrud['Client']['Read']>;\n updateProjectApiKey(options: { user_id: string } | { team_id: string }, keyId: string, data: UserApiKeysCrud['Client']['Update'] | TeamApiKeysCrud['Client']['Update'], session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read']>;\n async updateProjectApiKey(\n options: { user_id: string } | { team_id: string },\n keyId: string,\n data: UserApiKeysCrud['Client']['Update'] | TeamApiKeysCrud['Client']['Update'],\n session: InternalSession | null,\n requestType: \"client\" | \"server\" | \"admin\",\n ): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read']> {\n const sendRequest = (requestType === \"client\" ? this.sendClientRequest : (this as any).sendServerRequest as never).bind(this);\n const { endpoint, queryParams } = await this._getApiKeyRequestInfo(options);\n\n const response = await sendRequest(\n `${endpoint}/${keyId}?${queryParams.toString()}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n requestType,\n );\n return await response.json();\n }\n\n checkProjectApiKey(type: \"user\", apiKey: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'] | null>;\n checkProjectApiKey(type: \"team\", apiKey: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<TeamApiKeysCrud['Client']['Read'] | null>;\n checkProjectApiKey(type: \"user\" | \"team\", apiKey: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read'] | null>;\n async checkProjectApiKey(type: \"user\" | \"team\", apiKey: string, session: InternalSession | null, requestType: \"client\" | \"server\" | \"admin\"): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read'] | null> {\n const sendRequest = (requestType === \"client\" ? this.sendClientRequestAndCatchKnownError : (this as any).sendServerRequestAndCatchKnownError as never).bind(this);\n const result = await sendRequest(\n `/${type}-api-keys/check`,\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({ api_key: apiKey }),\n },\n session,\n [KnownErrors.ApiKeyNotValid]\n );\n if (result.status === \"error\") {\n return null;\n }\n return await result.data.json();\n }\n\n async listNotificationCategories(\n session: InternalSession,\n ): Promise<NotificationPreferenceCrud['Client']['Read'][]> {\n const response = await this.sendClientRequest(\n `/emails/notification-preference/me`,\n {},\n session,\n );\n const result = await response.json() as NotificationPreferenceCrud['Client']['List'];\n return result.items;\n }\n\n async setNotificationsEnabled(\n notificationCategoryId: string,\n enabled: boolean,\n session: InternalSession,\n ): Promise<void> {\n await this.sendClientRequest(\n `/emails/notification-preference/me/${notificationCategoryId}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({\n enabled,\n }),\n },\n session,\n );\n }\n\n async getOAuthProvider(\n userId: string,\n providerId: string,\n session: InternalSession,\n ): Promise<OAuthProviderCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n `/oauth-providers/${userId}/${providerId}`,\n {\n method: \"GET\",\n },\n session,\n );\n return await response.json();\n }\n\n async updateOAuthProvider(\n userId: string,\n providerId: string,\n data: OAuthProviderCrud['Client']['Update'],\n session: InternalSession,\n ): Promise<OAuthProviderCrud['Client']['Read']> {\n const response = await this.sendClientRequest(\n `/oauth-providers/${userId}/${providerId}`,\n {\n method: \"PATCH\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify(data),\n },\n session,\n );\n return await response.json();\n }\n\n async listOAuthProviders(\n options: {\n user_id?: string,\n } = {},\n session: InternalSession,\n ): Promise<OAuthProviderCrud['Client']['Read'][]> {\n const queryParams = new URLSearchParams(filterUndefined(options));\n const response = await this.sendClientRequest(\n `/oauth-providers${queryParams.toString() ? `?${queryParams.toString()}` : ''}`,\n {\n method: \"GET\",\n },\n session,\n );\n const result = await response.json();\n return result.items;\n }\n\n async deleteOAuthProvider(\n userId: string,\n providerId: string,\n session: InternalSession,\n ): Promise<void> {\n const response = await this.sendClientRequest(\n `/oauth-providers/${userId}/${providerId}`,\n {\n method: \"DELETE\",\n },\n session,\n );\n return await response.json();\n }\n\n async getItem(\n options: (\n { itemId: string, userId: string } |\n { itemId: string, teamId: string } |\n { itemId: string, customCustomerId: string }\n ),\n session: InternalSession | null,\n ): Promise<ItemCrud['Client']['Read']> {\n let customerType: \"user\" | \"team\" | \"custom\";\n let customerId: string;\n if (\"userId\" in options) {\n customerType = \"user\";\n customerId = options.userId;\n } else if (\"teamId\" in options) {\n customerType = \"team\";\n customerId = options.teamId;\n } else if (\"customCustomerId\" in options) {\n customerType = \"custom\";\n customerId = options.customCustomerId;\n } else {\n throw new StackAssertionError(\"getItem requires one of userId, teamId, or customCustomerId\");\n }\n\n const response = await this.sendClientRequest(\n urlString`/payments/items/${customerType}/${customerId}/${options.itemId}`,\n {},\n session,\n );\n return await response.json();\n }\n\n async createCheckoutUrl(\n customer_type: \"user\" | \"team\" | \"custom\",\n customer_id: string,\n offerIdOrInline: string | yup.InferType<typeof inlineOfferSchema>,\n session: InternalSession | null,\n ): Promise<string> {\n const offerBody = typeof offerIdOrInline === \"string\" ?\n { offer_id: offerIdOrInline } :\n { inline_offer: offerIdOrInline };\n const response = await this.sendClientRequest(\n \"/payments/purchases/create-purchase-url\",\n {\n method: \"POST\",\n headers: {\n \"content-type\": \"application/json\",\n },\n body: JSON.stringify({ customer_type, customer_id, ...offerBody }),\n },\n session\n );\n const { url } = await response.json() as { url: string };\n return url;\n }\n}\n\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,YAAuB;AAGvB,0BAAwC;AAExC,sBAA2D;AAC3D,oBAA2C;AAC3C,oBAA8C;AAC9C,qBAA0B;AAC1B,kBAAyC;AAEzC,qBAAuD;AAEvD,sBAAqB;AACrB,qBAAuB;AACvB,qBAAyB;AACzB,kBAA0B;AA6BnB,IAAM,uBAAN,MAA2B;AAAA,EAChC,YAA4B,SAAiC;AAAjC;AAAA,EAE5B;AAAA,EAEA,IAAI,YAAY;AACd,WAAO,KAAK,QAAQ;AAAA,EACtB;AAAA,EAEA,YAAY;AACV,WAAO,KAAK,QAAQ,WAAW,IAAI;AAAA,EACrC;AAAA,EAEA,MAAa,sBAAsB,SAAkC,aAA6C;AAChH,UAAM,aAAa,OAAO,OAA4B;AACpD,UAAI;AACF,cAAM,GAAG;AACT,eAAO;AAAA,MACT,SAAS,GAAG;AACV,eAAO,GAAG,CAAC;AAAA,MACb;AAAA,IACF;AACA,UAAM,UAAU,MAAM,WAAW,YAAY;AAC3C,YAAM,MAAM,MAAM,MAAM,+BAA+B;AACvD,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,IAAI,MAAM,GAAG,IAAI,MAAM,IAAI,IAAI,UAAU,KAAK,MAAM,IAAI,KAAK,CAAC,EAAE;AAAA,MACxE;AAAA,IACF,CAAC;AACD,UAAM,UAAU,YAAY,UAAa,gBAAgB,SAAY,MAAM,WAAW,YAAY;AAChG,YAAM,MAAM,MAAM,KAAK,uBAAuB,KAAK,CAAC,GAAG,SAAU,WAAW;AAC5E,UAAI,IAAI,WAAW,SAAS;AAC1B,cAAM,IAAI;AAAA,MACZ;AAAA,IACF,CAAC,IAAI;AACL,UAAM,iBAAiB,MAAM,WAAW,YAAY;AAClD,YAAM,MAAM,MAAM,MAAM,IAAI,IAAI,WAAW,KAAK,UAAU,CAAC,CAAC;AAC5D,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,IAAI,MAAM,GAAG,IAAI,MAAM,IAAI,IAAI,UAAU,KAAK,MAAM,IAAI,KAAK,CAAC,EAAE;AAAA,MACxE;AAAA,IACF,CAAC;AACD,UAAM,gBAAgB,MAAM,WAAW,YAAY;AACjD,YAAM,MAAM,MAAM,MAAM,mCAAmC;AAC3D,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,IAAI,MAAM,GAAG,IAAI,MAAM,IAAI,IAAI,UAAU,KAAK,MAAM,IAAI,KAAK,CAAC,EAAE;AAAA,MACxE;AAAA,IACF,CAAC;AACD,UAAM,cAAc,MAAM,WAAW,YAAY;AAC/C,YAAM,MAAM,MAAM,MAAM,mCAAmC;AAC3D,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,IAAI,MAAM,GAAG,IAAI,MAAM,IAAI,IAAI,UAAU,KAAK,MAAM,IAAI,KAAK,CAAC,EAAE;AAAA,MACxE;AAAA,IACF,CAAC;AACD,WAAO;AAAA,MACL,qBAAqB,yBAAU,WAAW;AAAA,MAC1C;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAgB,oBAAoB,OAAc,SAAkC,aAA6C;AAC/H,WAAO,IAAI,MAAM;AAAA;AAAA;AAAA;AAAA;AAAA,QAKb,KAAK;AAAA;AAAA,QAEL,KAAK,UAAU,MAAM,KAAK,sBAAsB,SAAS,WAAW,GAAG,MAAM,CAAC,CAAC;AAAA,OAChF,EAAE,MAAa,CAAC;AAAA,EACrB;AAAA,EAEA,MAAgB,cAAiB,IAAmC,SAAkC,aAAyD;AAC7J,UAAM,gBAAgB,MAAM,sBAAO;AAAA,MACjC;AAAA,MACA;AAAA,MACA,EAAE,sBAAsB,IAAK;AAAA,IAC/B;AAGA,QAAI,cAAc,WAAW,SAAS;AACpC,UAAI,yBAAU,aAAa,yBAAU,UAAU,WAAW,OAAO;AAC/D,cAAM,IAAI,MAAM,4GAA4G,EAAE,OAAO,cAAc,MAAM,CAAC;AAAA,MAC5J;AACA,YAAM,MAAM,KAAK,oBAAoB,cAAc,OAAO,SAAS,WAAW;AAAA,IAChF;AACA,WAAO,cAAc;AAAA,EACvB;AAAA,EAEA,MAAgB,uBAA0B,IAAsB,SAAkC,aAAyD;AACzJ,WAAO,MAAM,KAAK,cAAc,YAAY,MAAM,sBAAO,kBAAkB,EAAE,GAAG,SAAS,WAAW;AAAA,EACtG;AAAA,EAEA,MAAa,oBAAoB,cAA4B;AAC3D,QAAI,EAAE,0BAA0B,KAAK,UAAU;AAE7C,YAAM,IAAI,MAAM,qJAAqJ;AAAA,IACvK;AAEA,UAAM,KAAK;AAAA,MACT,QAAQ,KAAK,QAAQ,WAAW;AAAA,MAChC,WAAW;AAAA,MACX,gBAAgB,KAAK,UAAU,IAAI;AAAA,IACrC;AACA,UAAM,SAAuB;AAAA,MAC3B,WAAW,KAAK;AAAA,MAChB,eAAe,KAAK,QAAQ;AAAA,MAC5B,4BAA4B;AAAA,IAC9B;AAEA,UAAM,cAAc,MAAM,KAAK;AAAA,MAC7B,YAAY,MAAY;AAAA,QACtB;AAAA,QACA;AAAA,QACA,aAAa;AAAA,MACf;AAAA,IACF;AACA,UAAM,WAAW,MAAM,KAAK,iBAAiB,WAAW;AAExD,QAAI,SAAS,WAAW,SAAS;AAC/B,YAAM,QAAQ,SAAS;AACvB,UAAI,gCAAY,kBAAkB,WAAW,KAAK,GAAG;AACnD,eAAO;AAAA,MACT;AACA,YAAM;AAAA,IACR;AAEA,QAAI,CAAC,SAAS,KAAK,IAAI;AACrB,YAAM,OAAO,MAAM,SAAS,KAAK,KAAK;AACtC,YAAM,IAAI,MAAM,yCAAyC,SAAS,MAAM,IAAI,IAAI,EAAE;AAAA,IACpF;AAEA,UAAM,SAAS,MAAY,kCAA4B,IAAI,QAAQ,SAAS,IAAI;AAChF,QAAU,oBAAc,MAAM,GAAG;AAE/B,YAAM,IAAI,kCAAoB,eAAe,EAAE,OAAO,CAAC;AAAA,IACzD;AAEA,QAAI,CAAC,OAAO,cAAc;AACxB,YAAM,IAAI,kCAAoB,mEAAmE;AAAA,IACnG;AAEA,WAAO,4BAAY,cAAc,OAAO,YAAY,SAAK,wBAAS,yGAAyG,EAAE,OAAO,CAAC;AAAA,EACvL;AAAA,EAEA,MAAa,kBACX,MACA,gBACA,SACA,cAA6C,UAC7C;AACA,gBAAY,KAAK,cAAc;AAAA,MAC7B,cAAc;AAAA,IAChB,CAAC;AAGD,WAAO,MAAM,KAAK;AAAA,MAChB,MAAM,KAAK,uBAAuB,MAAM,gBAAgB,SAAU,WAAW;AAAA,MAC7E;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEO,cAAc,SAAgH;AACnI,UAAM,UAAU,IAAI,gCAAgB;AAAA,MAClC,4BAA4B,OAAO,iBAAiB,MAAM,KAAK,oBAAoB,YAAY;AAAA,MAC/F,GAAG;AAAA,IACL,CAAC;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAgB,oCACd,MACA,gBACA,kBACA,eASC;AACD,QAAI;AACF,aAAO,sBAAO,GAAG,MAAM,KAAK,kBAAkB,MAAM,gBAAgB,gBAAgB,CAAC;AAAA,IACvF,SAAS,GAAG;AACV,iBAAW,aAAa,eAAe;AACrC,YAAI,UAAU,WAAW,CAAC,GAAG;AAC3B,iBAAO,sBAAO,MAAM,CAAoB;AAAA,QAC1C;AAAA,MACF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAc,uBACZ,MACA,SACA,SACA,aAME;AAIF,QAAI,WAAW,MAAM,QAAQ,4BAA4B,GAAM;AAE/D,QAAI,eAAe,yBAAyB,KAAK,UAAU,KAAK,QAAQ,sBAAsB;AAC9F,QAAI,gBAAgB,eAAe,MAAM,aAAa,4BAA4B,GAAM,IAAI;AAG5F,UAAM,KAAK,QAAQ,iBAAiB;AAEpC,QAAI,MAAM,KAAK,UAAU,IAAI;AAC7B,QAAI,IAAI,SAAS,GAAG,GAAG;AACrB,YAAM,IAAI,MAAM,GAAG,EAAE;AAAA,IACvB;AACA,UAAM,SAAsB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAW1B,GAAI,mBAAmB,2BAAY,CAAC,IAAI;AAAA,QACtC,aAAa;AAAA,MACf;AAAA,MACA,GAAG;AAAA,MACH,SAAS;AAAA,QACP,iCAAiC;AAAA,QACjC,sBAAsB,KAAK;AAAA,QAC3B,uBAAuB;AAAA,QACvB,0BAA0B,KAAK,QAAQ;AAAA,QACvC,GAAI,WAAW;AAAA,UACb,wBAAwB,SAAS,YAAY;AAAA,QAC/C,IAAI,CAAC;AAAA,QACL,GAAI,UAAU,eAAe;AAAA,UAC3B,yBAAyB,SAAS,aAAa;AAAA,QACjD,IAAI,CAAC;AAAA,QACL,gCAAgC;AAAA,QAChC,GAAI,0BAA0B,KAAK,UAAU;AAAA,UAC3C,kCAAkC,KAAK,QAAQ;AAAA,QACjD,IAAI,CAAC;AAAA,QACL,GAAI,gBAAgB;AAAA,UAClB,8BAA8B,cAAc,YAAY;AAAA,QAC1D,IAAI,CAAC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,QASL,4BAAwB,0CAA2B;AAAA;AAAA,QAEnD,8BAA8B;AAAA,QAC9B,GAAG,KAAK,QAAQ;AAAA,QAChB,GAAG,QAAQ;AAAA,MACb;AAAA;AAAA;AAAA;AAAA,MAIA,GAAI,mBAAmB,2BAAY,CAAC,IAAI;AAAA,QACtC,OAAO;AAAA,MACT;AAAA,IACF;AAEA,QAAI;AACJ,QAAI;AACF,eAAS,MAAM,MAAM,KAAK,MAAM;AAAA,IAClC,SAAS,GAAG;AACV,UAAI,aAAa,WAAW;AAE1B,YAAI,yBAAc,OAAO,UAAU,KAAoB,EAAE,YAAY;AACnE,iBAAO,sBAAO,MAAM,CAAC;AAAA,QACvB,OAAO;AACL,gBAAM,MAAM,KAAK,oBAAoB,GAAG,SAAS,WAAW;AAAA,QAC9D;AAAA,MACF;AACA,YAAM;AAAA,IACR;AAEA,UAAM,eAAe,MAAM,KAAK,iBAAiB,MAAM;AACvD,QAAI,aAAa,WAAW,SAAS;AAEnC,UAAI,gCAAY,mBAAmB,WAAW,aAAa,KAAK,GAAG;AACjE,YAAI,CAAC,UAAU;AACb,gBAAM,IAAI,kCAAoB,+DAA+D,EAAE,UAAU,aAAa,CAAC;AAAA,QACzH;AACA,gBAAQ,uBAAuB,SAAS,WAAW;AACnD,eAAO,sBAAO,MAAM,aAAa,KAAK;AAAA,MACxC;AAIA,UAAI,iBAAiB,gCAAY,wBAAwB,WAAW,aAAa,KAAK,KAAK,gCAAY,eAAe,WAAW,aAAa,KAAK,IAAI;AACrJ,YAAI,CAAC,eAAe;AAClB,gBAAM,IAAI,kCAAoB,2EAA2E,EAAE,eAAe,aAAa,CAAC;AAAA,QAC1I;AACA,qBAAa,uBAAuB,cAAc,WAAW;AAC7D,eAAO,sBAAO,MAAM,aAAa,KAAK;AAAA,MACxC;AAIA,YAAM,aAAa;AAAA,IACrB;AAGA,UAAM,MAAM,OAAO,OAAO,aAAa,MAAM;AAAA,MAC3C,YAAY;AAAA,IACd,CAAC;AACD,QAAI,IAAI,IAAI;AACV,aAAO,sBAAO,GAAG,GAAG;AAAA,IACtB,WAAW,IAAI,WAAW,KAAK;AAE7B,YAAM,aAAa,IAAI,QAAQ,IAAI,aAAa;AAChD,UAAI,eAAe,MAAM;AACvB,gBAAQ,IAAI,yCAAyC,GAAG,sBAAsB,UAAU,aAAa;AACrG,kBAAM,sBAAK,OAAO,UAAU,IAAI,GAAI;AACpC,eAAO,sBAAO,MAAM,IAAI,MAAM,gCAAgC,UAAU,UAAU,CAAC;AAAA,MACrF;AACA,cAAQ,IAAI,yCAAyC,GAAG,+CAA+C;AACvG,aAAO,sBAAO,MAAM,IAAI,MAAM,8CAA8C,CAAC;AAAA,IAC/E,OAAO;AACL,YAAM,QAAQ,MAAM,IAAI,KAAK;AAE7B,YAAM,WAAW,IAAI,kCAAoB,6BAA6B,GAAG,KAAK,IAAI,MAAM,IAAI,KAAK,IAAI,EAAE,SAAS,QAAQ,KAAK,KAAK,CAAC;AAEnI,UAAI,IAAI,WAAW,OAAO,MAAM,SAAS,wBAAwB,GAAG;AAGlE,eAAO,sBAAO,MAAM,QAAQ;AAAA,MAC9B;AAGA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAc,iBAAiB,QAAyD;AACtF,QAAI,MAAM;AACV,QAAI,OAAO,QAAQ,IAAI,uBAAuB,GAAG;AAC/C,YAAM,eAAe,OAAO,OAAO,QAAQ,IAAI,uBAAuB,CAAC;AACvE,YAAM,IAAI,SAAS,OAAO,MAAM;AAAA,QAC9B,QAAQ;AAAA,QACR,YAAY,OAAO;AAAA,QACnB,SAAS,OAAO;AAAA,MAClB,CAAC;AAAA,IACH;AAGA,QAAI,IAAI,QAAQ,IAAI,qBAAqB,GAAG;AAC1C,YAAM,YAAY,MAAM,IAAI,KAAK;AACjC,UAAI,IAAI,QAAQ,IAAI,qBAAqB,MAAM,UAAU,MAAM;AAC7D,cAAM,IAAI,kCAAoB,sGAAsG;AAAA,MACtI;AACA,YAAM,QAAQ,+BAAW,SAAS,SAAS;AAC3C,aAAO,sBAAO,MAAM,KAAK;AAAA,IAC3B;AAEA,WAAO,sBAAO,GAAG,GAAG;AAAA,EACtB;AAAA,EAEA,MAAa,oBAAoB,SAAkE;AACjG,UAAM,MAAM,MAAM,KAAK,kBAAkB,0BAA0B;AAAA,MACjE,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU,OAAO;AAAA,IAC9B,GAAG,IAAI;AAEP,UAAM,IAAI,kCAAoB,MAAM,IAAI,KAAK,CAAC;AAAA,EAChD;AAAA,EAEA,MAAM,wBACJ,OACA,aACyD;AACzD,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,UACA,cAAc;AAAA,QAChB,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,YAAY;AAAA,IAC3B;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAS;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,sBACJ,OACA,aACA,SAC0D;AAC1D,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,UACA,cAAc;AAAA,QAChB,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,oBAAoB;AAAA,IACnC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,IAAI;AAAA,IACb;AAAA,EACF;AAAA,EAEA,MAAM,mBACJ,OACA,aAC8E;AAC9E,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,UACA,cAAc;AAAA,QAChB,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,yBAAyB;AAAA,IACxC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAM,IAAI,KAAK,KAAK,CAAC;AAAA,IACxC;AAAA,EACF;AAAA,EAEA,MAAM,cACJ,SACkE;AAClE,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB,oBAAoB,UAAU,oCAAoC;AAAA,MAClE;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,MAAM,QAAQ;AAAA,UACd,GAAI,cAAc,UAAU,EAAE,UAAU,QAAQ,SAAS,IAAI,CAAC;AAAA,QAChE,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAS;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,eACJ,SACA,SAC8G;AAC9G,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,cAAc,QAAQ;AAAA,UACtB,cAAc,QAAQ;AAAA,QACxB,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,8BAA8B,gCAAY,0BAA0B;AAAA,IACnF;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,IAAI;AAAA,IACb;AAAA,EACF;AAAA,EAEA,MAAM,YACJ,SACA,SACgE;AAChE,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,0BAA0B;AAAA,IACzC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,IAAI;AAAA,IACb;AAAA,EACF;AAAA,EAEA,MAAM,wBAAwB,MAAgF;AAC5G,UAAM,MAAM,MAAM,KAAK,cAAc,EAAE,MAAM,gBAAgB,KAAK,CAAC;AACnE,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAS;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,YAAY,MAAgF;AAChG,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,QACF,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAS;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,4BACJ,SACA,SACwG;AACxG,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B;AAAA,MACA;AAAA,MACA,CAAC;AAAA,IACH;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,WAAO,sBAAO,GAAG,MAAM,IAAI,KAAK,KAAK,CAAC;AAAA,EACxC;AAAA,EAEA,MAAM,gBACJ,SACA,SACsE;AACtE,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,yBAAyB;AAAA,IACxC;AACA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AACA,WAAO,sBAAO,GAAG,MAAS;AAAA,EAC5B;AAAA,EAEA,MAAM,8BACJ,SAEA,SACuG;AACvG,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B;AAAA,MACA;AAAA,MACA,CAAC;AAAA,IACH;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,WAAO,sBAAO,GAAG,MAAM,IAAI,KAAK,KAAK,CAAC;AAAA,EACxC;AAAA,EAEA,MAAM,mBAAmB,SAKP;AAChB,UAAM,KAAK;AAAA,MACT;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,OAAO,QAAQ;AAAA,UACf,SAAS,QAAQ;AAAA,UACjB,cAAc,QAAQ;AAAA,QACxB,CAAC;AAAA,MACH;AAAA,MACA,QAAQ;AAAA,IACV;AAAA,EACF;AAAA,EAEA,MAAM,qBAA4D,SAIyD;AACzH,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB,QAAQ,SAAS,UACf,wCACA,QAAQ,SAAS,YACf,qCACA;AAAA,MACJ;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,MAAM,QAAQ;AAAA,QAChB,CAAC;AAAA,MACH;AAAA,MACA,QAAQ;AAAA,MACR,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,sBAAO,GAAG,MAAM,IAAI,KAAK,KAAK,CAAC;AAAA,IACxC;AAAA,EACF;AAAA,EAEA,MAAM,QACJ,aACA,MACA,SACA;AACA,UAAM,MAAM,MAAM,KAAK,kBAAkB,qBAAqB;AAAA,MAC5D,QAAQ;AAAA,MACR,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,MACA,MAAM,KAAK,UAAU;AAAA,QACnB,MAAM;AAAA,QACN,MAAM;AAAA,QACN;AAAA,MACF,CAAC;AAAA,IACH,GAAG,OAAO;AAEV,UAAM,SAAS,MAAM,IAAI,KAAK;AAC9B,WAAO;AAAA,MACL,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,MACrB,SAAS,OAAO;AAAA,IAClB;AAAA,EACF;AAAA,EAEA,MAAM,qBACJ,OACA,UACA,SACsG;AACtG,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,UACA;AAAA,QACF,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,IACvB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,qBACJ,OACA,UACA,8BACA,SACuJ;AACvJ,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,QAAQ;AAAA,QACR,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,UACA;AAAA,UACA,2BAA2B;AAAA,QAC7B,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,4BAA4B,gCAAY,0BAA0B;AAAA,IACjF;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,IACvB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,kBAAkB,SAAiG;AACvH,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,MACA,CAAC;AAAA,IACH;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,IACvB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,oBAAoB,MAAc,SAAkJ;AACxL,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,QACF,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,MACrB,SAAS,OAAO;AAAA,IAClB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,cAAc,MAAc,MAAc,SAAkJ;AAChM,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,MAAM;AAAA,UACN;AAAA,UACA;AAAA,QACF,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,qBAAqB;AAAA,IACpC;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,MACrB,SAAS,OAAO;AAAA,IAClB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,kBAAkB,MAA6E,SAAqI;AACxO,UAAM,MAAM,MAAM,KAAK;AAAA,MACrB;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,2BAA2B;AAAA,IAC1C;AAEA,QAAI,IAAI,WAAW,SAAS;AAC1B,aAAO,sBAAO,MAAM,IAAI,KAAK;AAAA,IAC/B;AAEA,UAAM,SAAS,MAAM,IAAI,KAAK,KAAK;AACnC,WAAO,sBAAO,GAAG;AAAA,MACf,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO;AAAA,IACvB,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,YACJ,SAWiB;AACjB,UAAM,qBAAqB,IAAI,IAAI,QAAQ,WAAW;AACtD,eAAW,OAAO,CAAC,QAAQ,OAAO,GAAG;AACnC,UAAI,mBAAmB,aAAa,IAAI,GAAG,GAAG;AAC5C,gBAAQ,KAAK,mCAAmC,MAAM,yEAAyE;AAAA,MACjI;AACA,yBAAmB,aAAa,OAAO,GAAG;AAAA,IAC5C;AAEA,QAAI,EAAE,0BAA0B,KAAK,UAAU;AAE7C,YAAM,IAAI,MAAM,0DAA0D;AAAA,IAC5E;AACA,UAAM,MAAM,IAAI,IAAI,KAAK,UAAU,IAAI,2BAA2B,QAAQ,SAAS,YAAY,CAAC;AAChG,QAAI,aAAa,IAAI,aAAa,KAAK,SAAS;AAChD,QAAI,aAAa,IAAI,iBAAiB,KAAK,QAAQ,oBAAoB;AACvE,QAAI,aAAa,IAAI,gBAAgB,mBAAmB,SAAS,CAAC;AAClE,QAAI,aAAa,IAAI,SAAS,QAAQ;AACtC,QAAI,aAAa,IAAI,SAAS,QAAQ,KAAK;AAC3C,QAAI,aAAa,IAAI,cAAc,oBAAoB;AACvD,QAAI,aAAa,IAAI,kBAAkB,QAAQ,aAAa;AAC5D,QAAI,aAAa,IAAI,yBAAyB,MAAM;AACpD,QAAI,aAAa,IAAI,iBAAiB,MAAM;AAC5C,QAAI,aAAa,IAAI,QAAQ,QAAQ,IAAI;AACzC,QAAI,aAAa,IAAI,sBAAsB,QAAQ,gBAAgB;AAEnE,UAAM,SAAS,MAAM,QAAQ,QAAQ,4BAA4B,GAAM;AACvE,QAAI,QAAQ;AACV,UAAI,aAAa,IAAI,SAAS,OAAO,YAAY,KAAK;AAAA,IACxD;AAEA,QAAI,QAAQ,0BAA0B;AACpC,UAAI,aAAa,IAAI,+BAA+B,QAAQ,wBAAwB;AAAA,IACtF;AACA,QAAI,QAAQ,eAAe;AACzB,UAAI,aAAa,IAAI,kBAAkB,QAAQ,aAAa;AAAA,IAC9D;AAEA,WAAO,IAAI,SAAS;AAAA,EACtB;AAAA,EAEA,MAAM,kBAAkB,SAKwF;AAC9G,QAAI,EAAE,0BAA0B,KAAK,UAAU;AAE7C,YAAM,IAAI,MAAM,0DAA0D;AAAA,IAC5E;AACA,UAAM,KAAK;AAAA,MACT,QAAQ,KAAK,QAAQ,WAAW;AAAA,MAChC,WAAW;AAAA,MACX,gBAAgB,KAAK,UAAU,IAAI;AAAA,IACrC;AACA,UAAM,SAAuB;AAAA,MAC3B,WAAW,KAAK;AAAA,MAChB,eAAe,KAAK,QAAQ;AAAA,MAC5B,4BAA4B;AAAA,IAC9B;AACA,UAAM,SAAS,MAAM,KAAK;AAAA,MACxB,YAAkB,2BAAqB,IAAI,QAAQ,QAAQ,aAAa,QAAQ,KAAK;AAAA,IACvF;AACA,QAAU,oBAAc,MAAM,GAAG;AAC/B,YAAM,IAAI,kCAAoB,yCAAyC,EAAE,OAAO,CAAC;AAAA,IACnF;AACA,UAAM,WAAW,MAAY;AAAA,MAC3B;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,MACR,QAAQ;AAAA,IACV;AAEA,UAAM,SAAS,MAAY,6CAAuC,IAAI,QAAQ,QAAQ;AACtF,QAAU,oBAAc,MAAM,GAAG;AAC/B,UAAI,UAAU,UAAU,OAAO,SAAS,wCAAwC;AAC9E,cAAM,IAAI,gCAAY,kCAAmC,OAAe,QAAQ,YAAY;AAAA,MAC9F;AAEA,YAAM,IAAI,kCAAoB,wDAAwD,EAAE,OAAO,CAAC;AAAA,IAClG;AACA,WAAO;AAAA,MACL,SAAS,OAAO;AAAA,MAChB,0BAA0B,OAAO;AAAA,MACjC,aAAa,OAAO;AAAA,MACpB,cAAc,OAAO,qBAAiB,wBAAS,iDAAiD;AAAA,IAClG;AAAA,EACF;AAAA,EAEA,MAAM,QAAQ,SAAyC;AACrD,UAAM,WAAW,MAAM,QAAQ,4BAA4B,GAAM;AACjE,QAAI,UAAU;AACZ,YAAM,aAAa,MAAM,KAAK;AAAA,QAC5B;AAAA,QACA;AAAA,UACE,QAAQ;AAAA,UACR,SAAS;AAAA,YACP,gBAAgB;AAAA,UAClB;AAAA,UACA,MAAM,KAAK,UAAU,CAAC,CAAC;AAAA,QACzB;AAAA,QACA;AAAA,QACA,CAAC,gCAAY,iBAAiB;AAAA,MAChC;AACA,UAAI,WAAW,WAAW,SAAS;AACjC,YAAI,gCAAY,kBAAkB,WAAW,WAAW,KAAK,GAAG;AAAA,QAEhE,OAAO;AAEL,gBAAM,IAAI,kCAAoB,oBAAoB,EAAE,OAAO,WAAW,MAAM,CAAC;AAAA,QAC/E;AAAA,MACF,OAAO;AAAA,MAEP;AAAA,IACF;AACA,YAAQ,YAAY;AAAA,EACtB;AAAA,EAEA,MAAM,qBAAqB,SAA6E;AACtG,UAAM,kBAAkB,MAAM,KAAK;AAAA,MACjC;AAAA,MACA,CAAC;AAAA,MACD;AAAA,MACA,CAAC,gCAAY,2BAA2B;AAAA,IAC1C;AACA,QAAI,gBAAgB,WAAW,SAAS;AACtC,UAAI,gCAAY,4BAA4B,WAAW,gBAAgB,KAAK,GAAG;AAC7E,eAAO;AAAA,MACT,OAAO;AACL,cAAM,IAAI,kCAAoB,6BAA6B,EAAE,OAAO,gBAAgB,MAAM,CAAC;AAAA,MAC7F;AAAA,IACF;AACA,UAAM,WAAW,gBAAgB;AACjC,UAAM,OAA0C,MAAM,SAAS,KAAK;AACpE,QAAI,CAAE,KAAc,OAAM,IAAI,kCAAoB,uDAAuD;AACzG,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,oBACJ,SAGA,SACiD;AACjD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,uBAAuB,IAAI,gBAAgB,EAAE,SAAS,QAAQ,OAAO,CAAC;AAAA,MACtE,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,qBACJ,cACA,QACA,SACA;AACA,UAAM,KAAK;AAAA,MACT,qBAAqB,YAAY,YAAY,MAAM;AAAA,MACnD,EAAE,QAAQ,SAAS;AAAA,MACnB;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,uBACJ,SAIA,SACqD;AACrD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,2BAA2B,IAAI,oBAAgB,gCAAgB;AAAA,QAC7D,SAAS,QAAQ;AAAA,QACjB,SAAS,QAAQ;AAAA,MACnB,CAAC,CAAC;AAAA,MACF,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,qBACJ,SAIA,SACmD;AACnD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,yBAAyB,QAAQ,MAAM,IAAI,QAAQ,MAAM;AAAA,MACzD,CAAC;AAAA,MACD;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,UACJ,QACA,SACA;AACA,UAAM,KAAK;AAAA,MACT,qBAAqB,MAAM;AAAA,MAC3B;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,CAAC,CAAC;AAAA,MACzB;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,wBACJ,SAKA,SACA;AACA,UAAM,KAAK;AAAA,MACT,yBAAyB,QAAQ,MAAM,IAAI,QAAQ,MAAM;AAAA,MACzD;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,QAAQ,OAAO;AAAA,MACtC;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,WACJ,SAIA,SACA;AACA,UAAM,KAAK;AAAA,MACT,UAAU,QAAQ,MAAM;AAAA,MACxB;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,QAAQ,IAAI;AAAA,MACnC;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,+BACJ,SAIA,SACkD;AAClD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,6BAA6B,QAAQ,MAAM,yBAAyB,QAAQ,SAAS;AAAA,MACrF,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,kCACJ,SAGA,SACqD;AACrD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,6CAA6C,QAAQ,SAAS;AAAA,MAC9D,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,qBAAqB,SAAkE;AAC3F,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,mBAA0G;AAC9G,UAAM,kBAAkB,MAAM,KAAK,oCAAoC,qBAAqB,CAAC,GAAG,MAAM,CAAC,gCAAY,eAAe,CAAC;AACnI,QAAI,gBAAgB,WAAW,SAAS;AACtC,aAAO,sBAAO,MAAM,gBAAgB,KAAK;AAAA,IAC3C;AACA,UAAM,WAAW,gBAAgB;AACjC,UAAM,UAAgD,MAAM,SAAS,KAAK;AAC1E,WAAO,sBAAO,GAAG,OAAO;AAAA,EAC1B;AAAA,EAEA,MAAM,iBAAiB,QAA6C,SAA0B;AAC5F,UAAM,KAAK;AAAA,MACT;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,MAAM;AAAA,MAC7B;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,aAAa,SAA8E;AAC/F,UAAM,WAAW,MAAM,KAAK,kBAAkB,sBAAsB,CAAC,GAAG,OAAO;AAC/E,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,MAAM,8BAA8B,SAAS,SAAS,MAAO,MAAM,SAAS,KAAK,CAAE;AAAA,IAC/F;AAEA,UAAM,OAAO,MAAM,SAAS,KAAK;AACjC,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,cACJ,SACA,SACkD;AAClD,UAAM,gBAAgB,MAAM,KAAK;AAAA,MAC/B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,OAAO;AAAA,MAC9B;AAAA,MACA;AAAA,IACF;AACA,QAAI,CAAC,cAAc,IAAI;AACrB,YAAM,IAAI,MAAM,+BAA+B,cAAc,SAAS,MAAO,MAAM,cAAc,KAAK,CAAE;AAAA,IAC1G;AAEA,UAAM,OAAO,MAAM,cAAc,KAAK;AACtC,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,0BACJ,UACA,OACA,SAC4D;AAC5D,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,0BAA0B,QAAQ;AAAA,MAClC;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,MAAM,CAAC;AAAA,MAChC;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,iBACJ,MACA,SACsC;AACtC,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,WACJ,QACA,SACA;AACA,UAAM,KAAK;AAAA,MACT,UAAU,MAAM;AAAA,MAChB;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,SAA0B;AAChD,UAAM,KAAK;AAAA,MACT;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,2BACJ,MACA,SACgD;AAChD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,2BACJ,IACA,MACA,SACgD;AAChD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,wBAAwB,EAAE;AAAA,MAC1B;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,2BACJ,IACA,SACe;AACf,UAAM,KAAK;AAAA,MACT,wBAAwB,EAAE;AAAA,MAC1B;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,cACJ,WACA,SACe;AACf,UAAM,KAAK;AAAA,MACT,kBAAkB,SAAS;AAAA,MAC3B;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,aACJ,SACyC;AACzC,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAGA,MAAM,0BACJ,SACkD;AAClD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AACA,UAAM,OAAO,MAAM,SAAS,KAAK;AACjC,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,+CACJ,kBACA,aACA,SACiE;AACjE,UAAM,kBAAkB,MAAM,KAAK;AAAA,MACjC,wBAAwB,gBAAgB;AAAA,MACxC;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,cAAc,YAAY,CAAC;AAAA,MACpD;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,oBAAoB;AAAA,IACnC;AAEA,QAAI,gBAAgB,WAAW,SAAS;AACtC,aAAO,sBAAO,MAAM,gBAAgB,KAAK;AAAA,IAC3C;AACA,WAAO,sBAAO,GAAG,MAAS;AAAA,EAC5B;AAAA,EAEA,MAAM,SACJ,WACA,cACA,SACwD;AACxD,UAAM,kBAAkB,MAAM,KAAK;AAAA,MACjC;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB,YAAY;AAAA,UACZ,eAAe;AAAA,QACjB,CAAC;AAAA,MACH;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,WAAW;AAAA,IAC1B;AAEA,QAAI,gBAAgB,WAAW,SAAS;AACtC,aAAO,sBAAO,MAAM,gBAAgB,KAAK;AAAA,IAC3C;AACA,WAAO,sBAAO,GAAG,MAAS;AAAA,EAC5B;AAAA,EAEA,MAAc,sBAAsB,SAA2D;AAC7F,QAAI,aAAa,WAAW,aAAa,SAAS;AAChD,YAAM,IAAI,kCAAoB,kEAAkE;AAAA,IAClG;AAEA,WAAO;AAAA,MACL,UAAU,aAAa,UAAU,mBAAmB;AAAA,MACpD,aAAa,IAAI,oBAAgB,sCAAsB,OAAO,CAAC;AAAA,IACjE;AAAA,EACF;AAAA,EAMA,MAAM,mBACJ,SACA,SACA,aACoF;AACpF,UAAM,eAAe,gBAAgB,WAAW,KAAK,oBAAqB,KAAa,mBAA4B,KAAK,IAAI;AAC5H,UAAM,EAAE,UAAU,YAAY,IAAI,MAAM,KAAK,sBAAsB,OAAO;AAE1E,UAAM,WAAW,MAAM;AAAA,MACrB,GAAG,QAAQ,IAAI,YAAY,SAAS,CAAC;AAAA,MACrC;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AACA,UAAM,OAAO,MAAM,SAAS,KAAK;AACjC,WAAO,KAAK;AAAA,EACd;AAAA,EAKA,MAAM,oBACJ,MACA,SACA,aACoH;AACpH,UAAM,eAAe,gBAAgB,WAAW,KAAK,oBAAqB,KAAa,mBAA4B,KAAK,IAAI;AAC5H,UAAM,EAAE,SAAS,IAAI,MAAM,KAAK,sBAAsB,IAAI;AAE1D,UAAM,WAAW,MAAM;AAAA,MACrB,GAAG,QAAQ;AAAA,MACX;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAKA,MAAM,iBACJ,SACA,OACA,SACA,aACgF;AAChF,UAAM,eAAe,gBAAgB,WAAW,KAAK,oBAAqB,KAAa,mBAA4B,KAAK,IAAI;AAC5H,UAAM,EAAE,UAAU,YAAY,IAAI,MAAM,KAAK,sBAAsB,OAAO;AAE1E,UAAM,WAAW,MAAM;AAAA,MACrB,GAAG,QAAQ,IAAI,KAAK,IAAI,YAAY,SAAS,CAAC;AAAA,MAC9C;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAKA,MAAM,oBACJ,SACA,OACA,MACA,SACA,aACgF;AAChF,UAAM,eAAe,gBAAgB,WAAW,KAAK,oBAAqB,KAAa,mBAA4B,KAAK,IAAI;AAC5H,UAAM,EAAE,UAAU,YAAY,IAAI,MAAM,KAAK,sBAAsB,OAAO;AAE1E,UAAM,WAAW,MAAM;AAAA,MACrB,GAAG,QAAQ,IAAI,KAAK,IAAI,YAAY,SAAS,CAAC;AAAA,MAC9C;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAKA,MAAM,mBAAmB,MAAuB,QAAgB,SAAiC,aAAmI;AAClO,UAAM,eAAe,gBAAgB,WAAW,KAAK,sCAAuC,KAAa,qCAA8C,KAAK,IAAI;AAChK,UAAM,SAAS,MAAM;AAAA,MACnB,IAAI,IAAI;AAAA,MACR;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,SAAS,OAAO,CAAC;AAAA,MAC1C;AAAA,MACA;AAAA,MACA,CAAC,gCAAY,cAAc;AAAA,IAC7B;AACA,QAAI,OAAO,WAAW,SAAS;AAC7B,aAAO;AAAA,IACT;AACA,WAAO,MAAM,OAAO,KAAK,KAAK;AAAA,EAChC;AAAA,EAEA,MAAM,2BACJ,SACyD;AACzD,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA,CAAC;AAAA,MACD;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,wBACJ,wBACA,SACA,SACe;AACf,UAAM,KAAK;AAAA,MACT,sCAAsC,sBAAsB;AAAA,MAC5D;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU;AAAA,UACnB;AAAA,QACF,CAAC;AAAA,MACH;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,iBACJ,QACA,YACA,SAC8C;AAC9C,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,oBAAoB,MAAM,IAAI,UAAU;AAAA,MACxC;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,oBACJ,QACA,YACA,MACA,SAC8C;AAC9C,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,oBAAoB,MAAM,IAAI,UAAU;AAAA,MACxC;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,mBACJ,UAEI,CAAC,GACL,SACgD;AAChD,UAAM,cAAc,IAAI,oBAAgB,gCAAgB,OAAO,CAAC;AAChE,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,mBAAmB,YAAY,SAAS,IAAI,IAAI,YAAY,SAAS,CAAC,KAAK,EAAE;AAAA,MAC7E;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AACA,UAAM,SAAS,MAAM,SAAS,KAAK;AACnC,WAAO,OAAO;AAAA,EAChB;AAAA,EAEA,MAAM,oBACJ,QACA,YACA,SACe;AACf,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,oBAAoB,MAAM,IAAI,UAAU;AAAA,MACxC;AAAA,QACE,QAAQ;AAAA,MACV;AAAA,MACA;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,QACJ,SAKA,SACqC;AACrC,QAAI;AACJ,QAAI;AACJ,QAAI,YAAY,SAAS;AACvB,qBAAe;AACf,mBAAa,QAAQ;AAAA,IACvB,WAAW,YAAY,SAAS;AAC9B,qBAAe;AACf,mBAAa,QAAQ;AAAA,IACvB,WAAW,sBAAsB,SAAS;AACxC,qBAAe;AACf,mBAAa,QAAQ;AAAA,IACvB,OAAO;AACL,YAAM,IAAI,kCAAoB,6DAA6D;AAAA,IAC7F;AAEA,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,wCAA4B,YAAY,IAAI,UAAU,IAAI,QAAQ,MAAM;AAAA,MACxE,CAAC;AAAA,MACD;AAAA,IACF;AACA,WAAO,MAAM,SAAS,KAAK;AAAA,EAC7B;AAAA,EAEA,MAAM,kBACJ,eACA,aACA,iBACA,SACiB;AACjB,UAAM,YAAY,OAAO,oBAAoB,WAC3C,EAAE,UAAU,gBAAgB,IAC5B,EAAE,cAAc,gBAAgB;AAClC,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B;AAAA,MACA;AAAA,QACE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,QAClB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,eAAe,aAAa,GAAG,UAAU,CAAC;AAAA,MACnE;AAAA,MACA;AAAA,IACF;AACA,UAAM,EAAE,IAAI,IAAI,MAAM,SAAS,KAAK;AACpC,WAAO;AAAA,EACT;AACF;","names":[]}
package/dist/sessions.d.mts CHANGED
@@ -6,7 +6,8 @@ import './utils/dates.mjs';
6
6
  type AccessTokenPayload = InferType<typeof accessTokenPayloadSchema>;
7
7
  declare class AccessToken {
8
8
  readonly token: string;
9
- constructor(token: string);
9
+ static createIfValid(token: string): AccessToken | null;
10
+ private constructor();
10
11
  get payload(): {
11
12
  exp?: number | undefined;
12
13
  sub: string;
package/dist/sessions.d.ts CHANGED
@@ -6,7 +6,8 @@ import './utils/dates.js';
6
6
  type AccessTokenPayload = InferType<typeof accessTokenPayloadSchema>;
7
7
  declare class AccessToken {
8
8
  readonly token: string;
9
- constructor(token: string);
9
+ static createIfValid(token: string): AccessToken | null;
10
+ private constructor();
10
11
  get payload(): {
11
12
  exp?: number | undefined;
12
13
  sub: string;
package/dist/sessions.js CHANGED
@@ -39,16 +39,28 @@ var jose = __toESM(require("jose"));
39
39
  var import_schema_fields = require("./schema-fields.js");
40
40
  var import_errors = require("./utils/errors.js");
41
41
  var import_stores = require("./utils/stores.js");
42
- var AccessToken = class {
42
+ function decodeAccessTokenIfValid(token) {
43
+ try {
44
+ const payload = jose.decodeJwt(token);
45
+ return import_schema_fields.accessTokenPayloadSchema.validateSync(payload);
46
+ } catch (e) {
47
+ return null;
48
+ }
49
+ }
50
+ var AccessToken = class _AccessToken {
43
51
  constructor(token) {
44
52
  this.token = token;
45
53
  if (token === "undefined") {
46
54
  throw new import_errors.StackAssertionError("Access token is the string 'undefined'; it's unlikely this is the correct value. They're supposed to be unguessable!");
47
55
  }
48
56
  }
57
+ static createIfValid(token) {
58
+ const payload = decodeAccessTokenIfValid(token);
59
+ if (!payload) return null;
60
+ return new _AccessToken(token);
61
+ }
49
62
  get payload() {
50
- const payload = jose.decodeJwt(this.token);
51
- return import_schema_fields.accessTokenPayloadSchema.validateSync(payload);
63
+ return decodeAccessTokenIfValid(this.token) ?? (0, import_errors.throwErr)("Invalid access token in payload (should've been validated in createIfValid)", { token: this.token });
52
64
  }
53
65
  get expiresAt() {
54
66
  const { exp } = this.payload;
@@ -86,7 +98,7 @@ var InternalSession = class _InternalSession {
86
98
  */
87
99
  this._knownToBeInvalid = new import_stores.Store(false);
88
100
  this._refreshPromise = null;
89
- this._accessToken = new import_stores.Store(_options.accessToken ? new AccessToken(_options.accessToken) : null);
101
+ this._accessToken = new import_stores.Store(_options.accessToken ? AccessToken.createIfValid(_options.accessToken) : null);
90
102
  this._refreshToken = _options.refreshToken ? new RefreshToken(_options.refreshToken) : null;
91
103
  if (_options.accessToken === null && _options.refreshToken === null) {
92
104
  this._knownToBeInvalid.set(true);
package/dist/sessions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/sessions.ts"],"sourcesContent":["import * as jose from 'jose';\nimport { InferType } from 'yup';\nimport { accessTokenPayloadSchema } from './schema-fields';\nimport { StackAssertionError } from \"./utils/errors\";\nimport { Store } from \"./utils/stores\";\n\n\nexport type AccessTokenPayload = InferType<typeof accessTokenPayloadSchema>;\n\nexport class AccessToken {\n constructor(\n public readonly token: string,\n ) {\n if (token === \"undefined\") {\n throw new StackAssertionError(\"Access token is the string 'undefined'; it's unlikely this is the correct value. They're supposed to be unguessable!\");\n }\n }\n\n get payload() {\n const payload = jose.decodeJwt(this.token);\n return accessTokenPayloadSchema.validateSync(payload);\n }\n\n get expiresAt(): Date {\n const { exp } = this.payload;\n if (exp === undefined) return new Date(8640000000000000); // max date value\n return new Date(exp * 1000);\n }\n\n /**\n * @returns The number of milliseconds until the access token expires, or 0 if it has already expired.\n */\n get expiresInMillis(): number {\n return Math.max(0, this.expiresAt.getTime() - Date.now());\n }\n\n isExpired(): boolean {\n return this.expiresInMillis <= 0;\n }\n}\n\nexport class RefreshToken {\n constructor(\n public readonly token: string,\n ) {\n if (token === \"undefined\") {\n throw new StackAssertionError(\"Refresh token is the string 'undefined'; it's unlikely this is the correct value. They're supposed to be unguessable!\");\n }\n }\n}\n\n/**\n * An InternalSession represents a user's session, which may or may not be valid. It may contain an access token, a refresh token, or both.\n *\n * A session never changes which user or session it belongs to, but the tokens in it may change over time.\n */\nexport class InternalSession {\n /**\n * Each session has a session key that depends on the tokens inside. If the session has a refresh token, the session key depends only on the refresh token. If the session does not have a refresh token, the session key depends only on the access token.\n *\n * Multiple Session objects may have the same session key, which implies that they represent the same session by the same user. Furthermore, a session's key never changes over the lifetime of a session object.\n *\n * This is useful for caching and indexing sessions.\n */\n public readonly sessionKey: string;\n\n /**\n * An access token that is not known to be invalid (ie. may be valid, but may have expired).\n */\n private _accessToken: Store<AccessToken | null>;\n private readonly _refreshToken: RefreshToken | null;\n\n /**\n * Whether the session as a whole is known to be invalid (ie. both access and refresh tokens are invalid). Used as a cache to avoid making multiple requests to the server (sessions never go back to being valid after being invalidated).\n *\n * It is possible for the access token to be invalid but the refresh token to be valid, in which case the session is\n * still valid (just needs a refresh). It is also possible for the access token to be valid but the refresh token to\n * be invalid, in which case the session is also valid (eg. if the refresh token is null because the user only passed\n * in an access token, eg. in a server-side request handler).\n */\n private _knownToBeInvalid = new Store<boolean>(false);\n\n private _refreshPromise: Promise<AccessToken | null> | null = null;\n\n constructor(private readonly _options: {\n refreshAccessTokenCallback(refreshToken: RefreshToken): Promise<AccessToken | null>,\n refreshToken: string | null,\n accessToken?: string | null,\n }) {\n this._accessToken = new Store(_options.accessToken ? new AccessToken(_options.accessToken) : null);\n this._refreshToken = _options.refreshToken ? new RefreshToken(_options.refreshToken) : null;\n if (_options.accessToken === null && _options.refreshToken === null) {\n // this session is already invalid\n this._knownToBeInvalid.set(true);\n }\n this.sessionKey = InternalSession.calculateSessionKey({ accessToken: _options.accessToken ?? null, refreshToken: _options.refreshToken });\n }\n\n static calculateSessionKey(ofTokens: { refreshToken: string | null, accessToken?: string | null }): string {\n if (ofTokens.refreshToken) {\n return `refresh-${ofTokens.refreshToken}`;\n } else if (ofTokens.accessToken) {\n return `access-${ofTokens.accessToken}`;\n } else {\n return \"not-logged-in\";\n }\n }\n\n isKnownToBeInvalid() {\n return this._knownToBeInvalid.get();\n }\n\n /**\n * Marks the session object as invalid, meaning that the refresh and access tokens can no longer be used.\n */\n markInvalid() {\n this._accessToken.set(null);\n this._knownToBeInvalid.set(true);\n }\n\n onInvalidate(callback: () => void): { unsubscribe: () => void } {\n return this._knownToBeInvalid.onChange(() => callback());\n }\n\n /**\n * Returns the access token if it is found in the cache and not expired yet, or null otherwise. Never fetches new tokens.\n */\n getAccessTokenIfNotExpiredYet(minMillisUntilExpiration: number): AccessToken | null {\n if (minMillisUntilExpiration > 60_000) {\n throw new Error(`Required access token expiry ${minMillisUntilExpiration}ms is too long; access tokens are too short to be used for more than 60s`);\n }\n\n const accessToken = this._getPotentiallyInvalidAccessTokenIfAvailable();\n if (!accessToken || accessToken.expiresInMillis < minMillisUntilExpiration) return null;\n return accessToken;\n }\n\n /**\n * Returns the access token if it is found in the cache, fetching it otherwise.\n *\n * This is usually the function you want to call to get an access token. Either set `minMillisUntilExpiration` to a reasonable value, or catch errors that occur if it expires, and call `markAccessTokenExpired` to mark the token as expired if so (after which a call to this function will always refetch the token).\n *\n * @returns null if the session is known to be invalid, cached tokens if they exist in the cache and the access token hasn't expired yet (the refresh token might still be invalid), or new tokens otherwise.\n */\n async getOrFetchLikelyValidTokens(minMillisUntilExpiration: number): Promise<{ accessToken: AccessToken, refreshToken: RefreshToken | null } | null> {\n const accessToken = this.getAccessTokenIfNotExpiredYet(minMillisUntilExpiration);\n if (!accessToken) {\n const newTokens = await this.fetchNewTokens();\n const expiresInMillis = newTokens?.accessToken.expiresInMillis;\n if (expiresInMillis && expiresInMillis < minMillisUntilExpiration) {\n throw new StackAssertionError(`Required access token expiry ${minMillisUntilExpiration}ms is too long; access tokens are too short when they're generated (${expiresInMillis}ms)`);\n }\n return newTokens;\n }\n return { accessToken, refreshToken: this._refreshToken };\n }\n\n /**\n * Fetches new tokens that are, at the time of fetching, guaranteed to be valid.\n *\n * The newly generated tokens are short-lived, so it's good practice not to rely on their validity (if possible). However, this function is useful in some cases where you only want to pass access tokens to a service, and you want to make sure said access token has the longest possible lifetime.\n *\n * In most cases, you should prefer `getOrFetchLikelyValidTokens`.\n *\n * @returns null if the session is known to be invalid, or new tokens otherwise (which, at the time of fetching, are guaranteed to be valid).\n */\n async fetchNewTokens(): Promise<{ accessToken: AccessToken, refreshToken: RefreshToken | null } | null> {\n const accessToken = await this._getNewlyFetchedAccessToken();\n return accessToken ? { accessToken, refreshToken: this._refreshToken } : null;\n }\n\n markAccessTokenExpired(accessToken: AccessToken) {\n // TODO we don't need this anymore, since we now check the expiry by ourselves\n if (this._accessToken.get() === accessToken) {\n this._accessToken.set(null);\n }\n }\n\n /**\n * Note that a callback invocation with `null` does not mean the session has been invalidated; the access token may just have expired. Use `onInvalidate` to detect invalidation.\n */\n onAccessTokenChange(callback: (newAccessToken: AccessToken | null) => void): { unsubscribe: () => void } {\n return this._accessToken.onChange(callback);\n }\n\n /**\n * @returns An access token, which may be expired or expire soon, or null if it is known to be invalid.\n */\n private _getPotentiallyInvalidAccessTokenIfAvailable(): AccessToken | null {\n if (!this._refreshToken) return null;\n if (this.isKnownToBeInvalid()) return null;\n\n const accessToken = this._accessToken.get();\n if (accessToken && !accessToken.isExpired()) return accessToken;\n\n return null;\n }\n\n /**\n * You should prefer `_getOrFetchPotentiallyInvalidAccessToken` in almost all cases.\n *\n * @returns A newly fetched access token (never read from cache), or null if the session either does not represent a user or the session is invalid.\n */\n private async _getNewlyFetchedAccessToken(): Promise<AccessToken | null> {\n if (!this._refreshToken) return null;\n if (this._knownToBeInvalid.get()) return null;\n\n if (!this._refreshPromise) {\n this._refreshAndSetRefreshPromise(this._refreshToken);\n }\n return await this._refreshPromise;\n }\n\n private _refreshAndSetRefreshPromise(refreshToken: RefreshToken) {\n let refreshPromise: Promise<AccessToken | null> = this._options.refreshAccessTokenCallback(refreshToken).then((accessToken) => {\n if (refreshPromise === this._refreshPromise) {\n this._refreshPromise = null;\n this._accessToken.set(accessToken);\n if (!accessToken) {\n this.markInvalid();\n }\n }\n return accessToken;\n });\n this._refreshPromise = refreshPromise;\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,WAAsB;AAEtB,2BAAyC;AACzC,oBAAoC;AACpC,oBAAsB;AAKf,IAAM,cAAN,MAAkB;AAAA,EACvB,YACkB,OAChB;AADgB;AAEhB,QAAI,UAAU,aAAa;AACzB,YAAM,IAAI,kCAAoB,sHAAsH;AAAA,IACtJ;AAAA,EACF;AAAA,EAEA,IAAI,UAAU;AACZ,UAAM,UAAe,eAAU,KAAK,KAAK;AACzC,WAAO,8CAAyB,aAAa,OAAO;AAAA,EACtD;AAAA,EAEA,IAAI,YAAkB;AACpB,UAAM,EAAE,IAAI,IAAI,KAAK;AACrB,QAAI,QAAQ,OAAW,QAAO,oBAAI,KAAK,MAAgB;AACvD,WAAO,IAAI,KAAK,MAAM,GAAI;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,kBAA0B;AAC5B,WAAO,KAAK,IAAI,GAAG,KAAK,UAAU,QAAQ,IAAI,KAAK,IAAI,CAAC;AAAA,EAC1D;AAAA,EAEA,YAAqB;AACnB,WAAO,KAAK,mBAAmB;AAAA,EACjC;AACF;AAEO,IAAM,eAAN,MAAmB;AAAA,EACxB,YACkB,OAChB;AADgB;AAEhB,QAAI,UAAU,aAAa;AACzB,YAAM,IAAI,kCAAoB,uHAAuH;AAAA,IACvJ;AAAA,EACF;AACF;AAOO,IAAM,kBAAN,MAAM,iBAAgB;AAAA,EA4B3B,YAA6B,UAI1B;AAJ0B;AAJ7B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,SAAQ,oBAAoB,IAAI,oBAAe,KAAK;AAEpD,SAAQ,kBAAsD;AAO5D,SAAK,eAAe,IAAI,oBAAM,SAAS,cAAc,IAAI,YAAY,SAAS,WAAW,IAAI,IAAI;AACjG,SAAK,gBAAgB,SAAS,eAAe,IAAI,aAAa,SAAS,YAAY,IAAI;AACvF,QAAI,SAAS,gBAAgB,QAAQ,SAAS,iBAAiB,MAAM;AAEnE,WAAK,kBAAkB,IAAI,IAAI;AAAA,IACjC;AACA,SAAK,aAAa,iBAAgB,oBAAoB,EAAE,aAAa,SAAS,eAAe,MAAM,cAAc,SAAS,aAAa,CAAC;AAAA,EAC1I;AAAA,EAEA,OAAO,oBAAoB,UAAgF;AACzG,QAAI,SAAS,cAAc;AACzB,aAAO,WAAW,SAAS,YAAY;AAAA,IACzC,WAAW,SAAS,aAAa;AAC/B,aAAO,UAAU,SAAS,WAAW;AAAA,IACvC,OAAO;AACL,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,qBAAqB;AACnB,WAAO,KAAK,kBAAkB,IAAI;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc;AACZ,SAAK,aAAa,IAAI,IAAI;AAC1B,SAAK,kBAAkB,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,aAAa,UAAmD;AAC9D,WAAO,KAAK,kBAAkB,SAAS,MAAM,SAAS,CAAC;AAAA,EACzD;AAAA;AAAA;AAAA;AAAA,EAKA,8BAA8B,0BAAsD;AAClF,QAAI,2BAA2B,KAAQ;AACrC,YAAM,IAAI,MAAM,gCAAgC,wBAAwB,0EAA0E;AAAA,IACpJ;AAEA,UAAM,cAAc,KAAK,6CAA6C;AACtE,QAAI,CAAC,eAAe,YAAY,kBAAkB,yBAA0B,QAAO;AACnF,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,4BAA4B,0BAAmH;AACnJ,UAAM,cAAc,KAAK,8BAA8B,wBAAwB;AAC/E,QAAI,CAAC,aAAa;AAChB,YAAM,YAAY,MAAM,KAAK,eAAe;AAC5C,YAAM,kBAAkB,WAAW,YAAY;AAC/C,UAAI,mBAAmB,kBAAkB,0BAA0B;AACjE,cAAM,IAAI,kCAAoB,gCAAgC,wBAAwB,uEAAuE,eAAe,KAAK;AAAA,MACnL;AACA,aAAO;AAAA,IACT;AACA,WAAO,EAAE,aAAa,cAAc,KAAK,cAAc;AAAA,EACzD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,iBAAkG;AACtG,UAAM,cAAc,MAAM,KAAK,4BAA4B;AAC3D,WAAO,cAAc,EAAE,aAAa,cAAc,KAAK,cAAc,IAAI;AAAA,EAC3E;AAAA,EAEA,uBAAuB,aAA0B;AAE/C,QAAI,KAAK,aAAa,IAAI,MAAM,aAAa;AAC3C,WAAK,aAAa,IAAI,IAAI;AAAA,IAC5B;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,oBAAoB,UAAqF;AACvG,WAAO,KAAK,aAAa,SAAS,QAAQ;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKQ,+CAAmE;AACzE,QAAI,CAAC,KAAK,cAAe,QAAO;AAChC,QAAI,KAAK,mBAAmB,EAAG,QAAO;AAEtC,UAAM,cAAc,KAAK,aAAa,IAAI;AAC1C,QAAI,eAAe,CAAC,YAAY,UAAU,EAAG,QAAO;AAEpD,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,8BAA2D;AACvE,QAAI,CAAC,KAAK,cAAe,QAAO;AAChC,QAAI,KAAK,kBAAkB,IAAI,EAAG,QAAO;AAEzC,QAAI,CAAC,KAAK,iBAAiB;AACzB,WAAK,6BAA6B,KAAK,aAAa;AAAA,IACtD;AACA,WAAO,MAAM,KAAK;AAAA,EACpB;AAAA,EAEQ,6BAA6B,cAA4B;AAC/D,QAAI,iBAA8C,KAAK,SAAS,2BAA2B,YAAY,EAAE,KAAK,CAAC,gBAAgB;AAC7H,UAAI,mBAAmB,KAAK,iBAAiB;AAC3C,aAAK,kBAAkB;AACvB,aAAK,aAAa,IAAI,WAAW;AACjC,YAAI,CAAC,aAAa;AAChB,eAAK,YAAY;AAAA,QACnB;AAAA,MACF;AACA,aAAO;AAAA,IACT,CAAC;AACD,SAAK,kBAAkB;AAAA,EACzB;AACF;","names":[]}
1
+ {"version":3,"sources":["../src/sessions.ts"],"sourcesContent":["import * as jose from 'jose';\nimport { InferType } from 'yup';\nimport { accessTokenPayloadSchema } from './schema-fields';\nimport { StackAssertionError, throwErr } from \"./utils/errors\";\nimport { Store } from \"./utils/stores\";\n\n\nexport type AccessTokenPayload = InferType<typeof accessTokenPayloadSchema>;\n\nfunction decodeAccessTokenIfValid(token: string): AccessTokenPayload | null {\n try {\n const payload = jose.decodeJwt(token);\n return accessTokenPayloadSchema.validateSync(payload);\n } catch (e) {\n return null;\n }\n}\n\nexport class AccessToken {\n static createIfValid(token: string): AccessToken | null {\n const payload = decodeAccessTokenIfValid(token);\n if (!payload) return null;\n return new AccessToken(token);\n }\n\n private constructor(\n public readonly token: string,\n ) {\n if (token === \"undefined\") {\n throw new StackAssertionError(\"Access token is the string 'undefined'; it's unlikely this is the correct value. They're supposed to be unguessable!\");\n }\n }\n\n get payload() {\n return decodeAccessTokenIfValid(this.token) ?? throwErr(\"Invalid access token in payload (should've been validated in createIfValid)\", { token: this.token });\n }\n\n get expiresAt(): Date {\n const { exp } = this.payload;\n if (exp === undefined) return new Date(8640000000000000); // max date value\n return new Date(exp * 1000);\n }\n\n /**\n * @returns The number of milliseconds until the access token expires, or 0 if it has already expired.\n */\n get expiresInMillis(): number {\n return Math.max(0, this.expiresAt.getTime() - Date.now());\n }\n\n isExpired(): boolean {\n return this.expiresInMillis <= 0;\n }\n}\n\nexport class RefreshToken {\n constructor(\n public readonly token: string,\n ) {\n if (token === \"undefined\") {\n throw new StackAssertionError(\"Refresh token is the string 'undefined'; it's unlikely this is the correct value. They're supposed to be unguessable!\");\n }\n }\n}\n\n/**\n * An InternalSession represents a user's session, which may or may not be valid. It may contain an access token, a refresh token, or both.\n *\n * A session never changes which user or session it belongs to, but the tokens in it may change over time.\n */\nexport class InternalSession {\n /**\n * Each session has a session key that depends on the tokens inside. If the session has a refresh token, the session key depends only on the refresh token. If the session does not have a refresh token, the session key depends only on the access token.\n *\n * Multiple Session objects may have the same session key, which implies that they represent the same session by the same user. Furthermore, a session's key never changes over the lifetime of a session object.\n *\n * This is useful for caching and indexing sessions.\n */\n public readonly sessionKey: string;\n\n /**\n * An access token that is not known to be invalid (ie. may be valid, but may have expired).\n */\n private _accessToken: Store<AccessToken | null>;\n private readonly _refreshToken: RefreshToken | null;\n\n /**\n * Whether the session as a whole is known to be invalid (ie. both access and refresh tokens are invalid). Used as a cache to avoid making multiple requests to the server (sessions never go back to being valid after being invalidated).\n *\n * It is possible for the access token to be invalid but the refresh token to be valid, in which case the session is\n * still valid (just needs a refresh). It is also possible for the access token to be valid but the refresh token to\n * be invalid, in which case the session is also valid (eg. if the refresh token is null because the user only passed\n * in an access token, eg. in a server-side request handler).\n */\n private _knownToBeInvalid = new Store<boolean>(false);\n\n private _refreshPromise: Promise<AccessToken | null> | null = null;\n\n constructor(private readonly _options: {\n refreshAccessTokenCallback(refreshToken: RefreshToken): Promise<AccessToken | null>,\n refreshToken: string | null,\n accessToken?: string | null,\n }) {\n this._accessToken = new Store(_options.accessToken ? AccessToken.createIfValid(_options.accessToken) : null);\n this._refreshToken = _options.refreshToken ? new RefreshToken(_options.refreshToken) : null;\n if (_options.accessToken === null && _options.refreshToken === null) {\n // this session is already invalid\n this._knownToBeInvalid.set(true);\n }\n this.sessionKey = InternalSession.calculateSessionKey({ accessToken: _options.accessToken ?? null, refreshToken: _options.refreshToken });\n }\n\n static calculateSessionKey(ofTokens: { refreshToken: string | null, accessToken?: string | null }): string {\n if (ofTokens.refreshToken) {\n return `refresh-${ofTokens.refreshToken}`;\n } else if (ofTokens.accessToken) {\n return `access-${ofTokens.accessToken}`;\n } else {\n return \"not-logged-in\";\n }\n }\n\n isKnownToBeInvalid() {\n return this._knownToBeInvalid.get();\n }\n\n /**\n * Marks the session object as invalid, meaning that the refresh and access tokens can no longer be used.\n */\n markInvalid() {\n this._accessToken.set(null);\n this._knownToBeInvalid.set(true);\n }\n\n onInvalidate(callback: () => void): { unsubscribe: () => void } {\n return this._knownToBeInvalid.onChange(() => callback());\n }\n\n /**\n * Returns the access token if it is found in the cache and not expired yet, or null otherwise. Never fetches new tokens.\n */\n getAccessTokenIfNotExpiredYet(minMillisUntilExpiration: number): AccessToken | null {\n if (minMillisUntilExpiration > 60_000) {\n throw new Error(`Required access token expiry ${minMillisUntilExpiration}ms is too long; access tokens are too short to be used for more than 60s`);\n }\n\n const accessToken = this._getPotentiallyInvalidAccessTokenIfAvailable();\n if (!accessToken || accessToken.expiresInMillis < minMillisUntilExpiration) return null;\n return accessToken;\n }\n\n /**\n * Returns the access token if it is found in the cache, fetching it otherwise.\n *\n * This is usually the function you want to call to get an access token. Either set `minMillisUntilExpiration` to a reasonable value, or catch errors that occur if it expires, and call `markAccessTokenExpired` to mark the token as expired if so (after which a call to this function will always refetch the token).\n *\n * @returns null if the session is known to be invalid, cached tokens if they exist in the cache and the access token hasn't expired yet (the refresh token might still be invalid), or new tokens otherwise.\n */\n async getOrFetchLikelyValidTokens(minMillisUntilExpiration: number): Promise<{ accessToken: AccessToken, refreshToken: RefreshToken | null } | null> {\n const accessToken = this.getAccessTokenIfNotExpiredYet(minMillisUntilExpiration);\n if (!accessToken) {\n const newTokens = await this.fetchNewTokens();\n const expiresInMillis = newTokens?.accessToken.expiresInMillis;\n if (expiresInMillis && expiresInMillis < minMillisUntilExpiration) {\n throw new StackAssertionError(`Required access token expiry ${minMillisUntilExpiration}ms is too long; access tokens are too short when they're generated (${expiresInMillis}ms)`);\n }\n return newTokens;\n }\n return { accessToken, refreshToken: this._refreshToken };\n }\n\n /**\n * Fetches new tokens that are, at the time of fetching, guaranteed to be valid.\n *\n * The newly generated tokens are short-lived, so it's good practice not to rely on their validity (if possible). However, this function is useful in some cases where you only want to pass access tokens to a service, and you want to make sure said access token has the longest possible lifetime.\n *\n * In most cases, you should prefer `getOrFetchLikelyValidTokens`.\n *\n * @returns null if the session is known to be invalid, or new tokens otherwise (which, at the time of fetching, are guaranteed to be valid).\n */\n async fetchNewTokens(): Promise<{ accessToken: AccessToken, refreshToken: RefreshToken | null } | null> {\n const accessToken = await this._getNewlyFetchedAccessToken();\n return accessToken ? { accessToken, refreshToken: this._refreshToken } : null;\n }\n\n markAccessTokenExpired(accessToken: AccessToken) {\n // TODO we don't need this anymore, since we now check the expiry by ourselves\n if (this._accessToken.get() === accessToken) {\n this._accessToken.set(null);\n }\n }\n\n /**\n * Note that a callback invocation with `null` does not mean the session has been invalidated; the access token may just have expired. Use `onInvalidate` to detect invalidation.\n */\n onAccessTokenChange(callback: (newAccessToken: AccessToken | null) => void): { unsubscribe: () => void } {\n return this._accessToken.onChange(callback);\n }\n\n /**\n * @returns An access token, which may be expired or expire soon, or null if it is known to be invalid.\n */\n private _getPotentiallyInvalidAccessTokenIfAvailable(): AccessToken | null {\n if (!this._refreshToken) return null;\n if (this.isKnownToBeInvalid()) return null;\n\n const accessToken = this._accessToken.get();\n if (accessToken && !accessToken.isExpired()) return accessToken;\n\n return null;\n }\n\n /**\n * You should prefer `_getOrFetchPotentiallyInvalidAccessToken` in almost all cases.\n *\n * @returns A newly fetched access token (never read from cache), or null if the session either does not represent a user or the session is invalid.\n */\n private async _getNewlyFetchedAccessToken(): Promise<AccessToken | null> {\n if (!this._refreshToken) return null;\n if (this._knownToBeInvalid.get()) return null;\n\n if (!this._refreshPromise) {\n this._refreshAndSetRefreshPromise(this._refreshToken);\n }\n return await this._refreshPromise;\n }\n\n private _refreshAndSetRefreshPromise(refreshToken: RefreshToken) {\n let refreshPromise: Promise<AccessToken | null> = this._options.refreshAccessTokenCallback(refreshToken).then((accessToken) => {\n if (refreshPromise === this._refreshPromise) {\n this._refreshPromise = null;\n this._accessToken.set(accessToken);\n if (!accessToken) {\n this.markInvalid();\n }\n }\n return accessToken;\n });\n this._refreshPromise = refreshPromise;\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,WAAsB;AAEtB,2BAAyC;AACzC,oBAA8C;AAC9C,oBAAsB;AAKtB,SAAS,yBAAyB,OAA0C;AAC1E,MAAI;AACF,UAAM,UAAe,eAAU,KAAK;AACpC,WAAO,8CAAyB,aAAa,OAAO;AAAA,EACtD,SAAS,GAAG;AACV,WAAO;AAAA,EACT;AACF;AAEO,IAAM,cAAN,MAAM,aAAY;AAAA,EAOf,YACU,OAChB;AADgB;AAEhB,QAAI,UAAU,aAAa;AACzB,YAAM,IAAI,kCAAoB,sHAAsH;AAAA,IACtJ;AAAA,EACF;AAAA,EAZA,OAAO,cAAc,OAAmC;AACtD,UAAM,UAAU,yBAAyB,KAAK;AAC9C,QAAI,CAAC,QAAS,QAAO;AACrB,WAAO,IAAI,aAAY,KAAK;AAAA,EAC9B;AAAA,EAUA,IAAI,UAAU;AACZ,WAAO,yBAAyB,KAAK,KAAK,SAAK,wBAAS,+EAA+E,EAAE,OAAO,KAAK,MAAM,CAAC;AAAA,EAC9J;AAAA,EAEA,IAAI,YAAkB;AACpB,UAAM,EAAE,IAAI,IAAI,KAAK;AACrB,QAAI,QAAQ,OAAW,QAAO,oBAAI,KAAK,MAAgB;AACvD,WAAO,IAAI,KAAK,MAAM,GAAI;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,kBAA0B;AAC5B,WAAO,KAAK,IAAI,GAAG,KAAK,UAAU,QAAQ,IAAI,KAAK,IAAI,CAAC;AAAA,EAC1D;AAAA,EAEA,YAAqB;AACnB,WAAO,KAAK,mBAAmB;AAAA,EACjC;AACF;AAEO,IAAM,eAAN,MAAmB;AAAA,EACxB,YACkB,OAChB;AADgB;AAEhB,QAAI,UAAU,aAAa;AACzB,YAAM,IAAI,kCAAoB,uHAAuH;AAAA,IACvJ;AAAA,EACF;AACF;AAOO,IAAM,kBAAN,MAAM,iBAAgB;AAAA,EA4B3B,YAA6B,UAI1B;AAJ0B;AAJ7B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,SAAQ,oBAAoB,IAAI,oBAAe,KAAK;AAEpD,SAAQ,kBAAsD;AAO5D,SAAK,eAAe,IAAI,oBAAM,SAAS,cAAc,YAAY,cAAc,SAAS,WAAW,IAAI,IAAI;AAC3G,SAAK,gBAAgB,SAAS,eAAe,IAAI,aAAa,SAAS,YAAY,IAAI;AACvF,QAAI,SAAS,gBAAgB,QAAQ,SAAS,iBAAiB,MAAM;AAEnE,WAAK,kBAAkB,IAAI,IAAI;AAAA,IACjC;AACA,SAAK,aAAa,iBAAgB,oBAAoB,EAAE,aAAa,SAAS,eAAe,MAAM,cAAc,SAAS,aAAa,CAAC;AAAA,EAC1I;AAAA,EAEA,OAAO,oBAAoB,UAAgF;AACzG,QAAI,SAAS,cAAc;AACzB,aAAO,WAAW,SAAS,YAAY;AAAA,IACzC,WAAW,SAAS,aAAa;AAC/B,aAAO,UAAU,SAAS,WAAW;AAAA,IACvC,OAAO;AACL,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,qBAAqB;AACnB,WAAO,KAAK,kBAAkB,IAAI;AAAA,EACpC;AAAA;AAAA;AAAA;AAAA,EAKA,cAAc;AACZ,SAAK,aAAa,IAAI,IAAI;AAC1B,SAAK,kBAAkB,IAAI,IAAI;AAAA,EACjC;AAAA,EAEA,aAAa,UAAmD;AAC9D,WAAO,KAAK,kBAAkB,SAAS,MAAM,SAAS,CAAC;AAAA,EACzD;AAAA;AAAA;AAAA;AAAA,EAKA,8BAA8B,0BAAsD;AAClF,QAAI,2BAA2B,KAAQ;AACrC,YAAM,IAAI,MAAM,gCAAgC,wBAAwB,0EAA0E;AAAA,IACpJ;AAEA,UAAM,cAAc,KAAK,6CAA6C;AACtE,QAAI,CAAC,eAAe,YAAY,kBAAkB,yBAA0B,QAAO;AACnF,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,4BAA4B,0BAAmH;AACnJ,UAAM,cAAc,KAAK,8BAA8B,wBAAwB;AAC/E,QAAI,CAAC,aAAa;AAChB,YAAM,YAAY,MAAM,KAAK,eAAe;AAC5C,YAAM,kBAAkB,WAAW,YAAY;AAC/C,UAAI,mBAAmB,kBAAkB,0BAA0B;AACjE,cAAM,IAAI,kCAAoB,gCAAgC,wBAAwB,uEAAuE,eAAe,KAAK;AAAA,MACnL;AACA,aAAO;AAAA,IACT;AACA,WAAO,EAAE,aAAa,cAAc,KAAK,cAAc;AAAA,EACzD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,iBAAkG;AACtG,UAAM,cAAc,MAAM,KAAK,4BAA4B;AAC3D,WAAO,cAAc,EAAE,aAAa,cAAc,KAAK,cAAc,IAAI;AAAA,EAC3E;AAAA,EAEA,uBAAuB,aAA0B;AAE/C,QAAI,KAAK,aAAa,IAAI,MAAM,aAAa;AAC3C,WAAK,aAAa,IAAI,IAAI;AAAA,IAC5B;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,oBAAoB,UAAqF;AACvG,WAAO,KAAK,aAAa,SAAS,QAAQ;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKQ,+CAAmE;AACzE,QAAI,CAAC,KAAK,cAAe,QAAO;AAChC,QAAI,KAAK,mBAAmB,EAAG,QAAO;AAEtC,UAAM,cAAc,KAAK,aAAa,IAAI;AAC1C,QAAI,eAAe,CAAC,YAAY,UAAU,EAAG,QAAO;AAEpD,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAc,8BAA2D;AACvE,QAAI,CAAC,KAAK,cAAe,QAAO;AAChC,QAAI,KAAK,kBAAkB,IAAI,EAAG,QAAO;AAEzC,QAAI,CAAC,KAAK,iBAAiB;AACzB,WAAK,6BAA6B,KAAK,aAAa;AAAA,IACtD;AACA,WAAO,MAAM,KAAK;AAAA,EACpB;AAAA,EAEQ,6BAA6B,cAA4B;AAC/D,QAAI,iBAA8C,KAAK,SAAS,2BAA2B,YAAY,EAAE,KAAK,CAAC,gBAAgB;AAC7H,UAAI,mBAAmB,KAAK,iBAAiB;AAC3C,aAAK,kBAAkB;AACvB,aAAK,aAAa,IAAI,WAAW;AACjC,YAAI,CAAC,aAAa;AAChB,eAAK,YAAY;AAAA,QACnB;AAAA,MACF;AACA,aAAO;AAAA,IACT,CAAC;AACD,SAAK,kBAAkB;AAAA,EACzB;AACF;","names":[]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@stackframe/stack-shared",
3
- "version": "2.8.40",
3
+ "version": "2.8.41",
4
4
  "files": [
5
5
  "README.md",
6
6
  "dist",