@stackframe/tanstack-start 0.0.1 → 2.8.91

package/dist/esm/lib/stack-app/apps/implementations/server-app-impl.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server-app-impl.js","names":[],"sources":["../../../../../../src/lib/stack-app/apps/implementations/server-app-impl.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY, INSTEAD EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { WebAuthnError, startRegistration } from \"@simplewebauthn/browser\";\nimport { KnownErrors, StackServerInterface } from \"@stackframe/stack-shared\";\nimport { ContactChannelsCrud } from \"@stackframe/stack-shared/dist/interface/crud/contact-channels\";\nimport { ItemCrud } from \"@stackframe/stack-shared/dist/interface/crud/items\";\nimport { NotificationPreferenceCrud } from \"@stackframe/stack-shared/dist/interface/crud/notification-preferences\";\nimport { OAuthProviderCrud } from \"@stackframe/stack-shared/dist/interface/crud/oauth-providers\";\nimport type { CustomerProductsListResponse } from \"@stackframe/stack-shared/dist/interface/crud/products\";\nimport { TeamApiKeysCrud, UserApiKeysCrud, teamApiKeysCreateOutputSchema, userApiKeysCreateOutputSchema } from \"@stackframe/stack-shared/dist/interface/crud/project-api-keys\";\nimport { ProjectPermissionDefinitionsCrud, ProjectPermissionsCrud } from \"@stackframe/stack-shared/dist/interface/crud/project-permissions\";\nimport { TeamInvitationCrud } from \"@stackframe/stack-shared/dist/interface/crud/team-invitation\";\nimport { TeamMemberProfilesCrud } from \"@stackframe/stack-shared/dist/interface/crud/team-member-profiles\";\nimport { TeamPermissionDefinitionsCrud, TeamPermissionsCrud } from \"@stackframe/stack-shared/dist/interface/crud/team-permissions\";\nimport { TeamsCrud } from \"@stackframe/stack-shared/dist/interface/crud/teams\";\nimport { UsersCrud } from \"@stackframe/stack-shared/dist/interface/crud/users\";\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport type { AsyncCache } from \"@stackframe/stack-shared/dist/utils/caches\";\nimport { StackAssertionError, captureError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { ProviderType } from \"@stackframe/stack-shared/dist/utils/oauth\";\nimport { runAsynchronously } from \"@stackframe/stack-shared/dist/utils/promises\";\nimport { suspend } from \"@stackframe/stack-shared/dist/utils/react\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { useMemo } from \"react\"; // THIS_LINE_PLATFORM react-like\nimport * as yup from \"yup\";\nimport { constructRedirectUrl } from \"../../../../utils/url\";\nimport { ApiKey, ApiKeyCreationOptions, ApiKeyUpdateOptions, apiKeyCreationOptionsToCrud, apiKeyUpdateOptionsToCrud } from \"../../api-keys\";\nimport { ConvexCtx, GetCurrentUserOptions } from \"../../common\";\nimport { DeprecatedOAuthConnection, OAuthConnection } from \"../../connected-accounts\";\nimport { ServerContactChannel, ServerContactChannelCreateOptions, ServerContactChannelUpdateOptions, serverContactChannelCreateOptionsToCrud, serverContactChannelUpdateOptionsToCrud } from \"../../contact-channels\";\nimport { Customer, CustomerProductsList, CustomerProductsRequestOptions, InlineProduct, ServerItem } from \"../../customers\";\nimport { DataVaultStore } from \"../../data-vault\";\nimport { EmailDeliveryInfo, SendEmailOptions } from \"../../email\";\nimport { NotificationCategory } from \"../../notification-categories\";\nimport { AdminProjectPermissionDefinition, AdminTeamPermission, AdminTeamPermissionDefinition } from \"../../permissions\";\nimport { EditableTeamMemberProfile, ReceivedTeamInvitation, SentTeamInvitation, ServerListTeamsOptions, ServerListUsersOptions, ServerTeam, ServerTeamCreateOptions, ServerTeamUpdateOptions, ServerTeamUser, Team, serverTeamCreateOptionsToCrud, serverTeamUpdateOptionsToCrud } from \"../../teams\";\nimport { ProjectCurrentServerUser, ServerOAuthProvider, ServerUser, ServerUserCreateOptions, ServerUserUpdateOptions, serverUserCreateOptionsToCrud, serverUserUpdateOptionsToCrud, withUserDestructureGuard } from \"../../users\";\nimport { StackServerAppConstructorOptions } from \"../interfaces/server-app\";\nimport { _StackClientAppImplIncomplete } from \"./client-app-impl\";\nimport { clientVersion, createCache, createCacheBySession, getDefaultExtraRequestHeaders, getDefaultProjectId, getDefaultPublishableClientKey, getDefaultSecretServerKey, resolveApiUrls, resolveConstructorOptions } from \"./common\";\n\nimport { useAsyncCache } from \"./common\"; // THIS_LINE_PLATFORM react-like\n\nexport class _StackServerAppImplIncomplete<HasTokenStore extends boolean, ProjectId extends string> extends _StackClientAppImplIncomplete<HasTokenStore, ProjectId> {\n  declare protected _interface: StackServerInterface;\n\n  // TODO override the client user cache to use the server user cache, so we save some requests\n  private readonly _currentServerUserCache = createCacheBySession(async (session) => {\n    if (session.isKnownToBeInvalid()) {\n      // see comment in _currentUserCache for more details on why we do this\n      return null;\n    }\n    return await this._interface.getServerUserByToken(session);\n  });\n  private readonly _serverUsersCache = createCache<[\n    cursor?: string,\n    limit?: number,\n    orderBy?: 'signedUpAt' | 'lastActiveAt',\n    desc?: boolean,\n    query?: string,\n    includeRestricted?: boolean,\n    includeAnonymous?: boolean,\n    onlyAnonymous?: boolean,\n    teamId?: string,\n  ], UsersCrud['Server']['List']>(async ([cursor, limit, orderBy, desc, query, includeRestricted, includeAnonymous, onlyAnonymous, teamId]) => {\n    if (onlyAnonymous && !includeAnonymous) {\n      throw new StackAssertionError(\"onlyAnonymous=true requires includeAnonymous=true\");\n    }\n    if (onlyAnonymous) {\n      return await this._interface.listServerUsers({ cursor, limit, orderBy, desc, query, includeRestricted, includeAnonymous: true, onlyAnonymous: true, teamId });\n    }\n    return await this._interface.listServerUsers({ cursor, limit, orderBy, desc, query, includeRestricted, includeAnonymous, teamId });\n  });\n  private readonly _serverUserCache = createCache<string[], UsersCrud['Server']['Read'] | null>(async ([userId]) => {\n    const user = await this._interface.getServerUserById(userId);\n    return Result.or(user, null);\n  });\n  private readonly _serverTeamsCache = createCache<[\n    userId?: string,\n    orderBy?: 'createdAt',\n    desc?: boolean,\n    cursor?: string,\n    limit?: number,\n    query?: string,\n  ], TeamsCrud['Server']['List']>(async ([userId, orderBy, desc, cursor, limit, query]) => {\n    return await this._interface.listServerTeamsPaginated({ userId, orderBy, desc, cursor, limit, query });\n  });\n\n  protected async _refreshTeamMembership(teamId: string, userId: string) {\n    await Promise.all([\n      this._serverTeamMemberProfilesCache.refresh([teamId]),\n      this._serverTeamsCache.refreshWhere(([u]) => u === userId || u === undefined),\n      this._serverUsersCache.refreshWhere((key) => key[8] === teamId),\n    ]);\n  }\n  private readonly _serverUserTeamInvitationsCache = createCache<string[], TeamInvitationCrud['Client']['Read'][]>(async ([userId]) => {\n    return await this._interface.listServerUserTeamInvitations(userId);\n  });\n  private readonly _serverTeamUserPermissionsCache = createCache<\n    [string, string, boolean],\n    TeamPermissionsCrud['Server']['Read'][]\n  >(async ([teamId, userId, recursive]) => {\n    return await this._interface.listServerTeamPermissions({ teamId, userId, recursive }, null);\n  });\n  // Bulk variant: one request returning permissions for every member of a\n  // team. Used by the dashboard's team-member table to avoid N per-row\n  // calls. Keyed without userId so it's a distinct cache entry from the\n  // per-user lookup above.\n  private readonly _serverAllTeamMemberPermissionsCache = createCache<\n    [string, boolean],\n    TeamPermissionsCrud['Server']['Read'][]\n  >(async ([teamId, recursive]) => {\n    return await this._interface.listServerTeamPermissions({ teamId, recursive }, null);\n  });\n  private readonly _serverUserProjectPermissionsCache = createCache<\n    [string, boolean],\n    ProjectPermissionsCrud['Server']['Read'][]\n  >(async ([userId, recursive]) => {\n    return await this._interface.listServerProjectPermissions({ userId, recursive }, null);\n  });\n  /** @deprecated Used by legacy getConnectedAccount(providerId) — uses old per-provider access token endpoint */\n  private readonly _serverUserOAuthConnectionAccessTokensCache = createCache<[string, string, string], { accessToken: string } | null>(\n    async ([userId, providerId, scope]) => {\n      try {\n        const result = await this._interface.createServerProviderAccessToken(userId, providerId, scope || \"\");\n        return { accessToken: result.access_token };\n      } catch (err) {\n        if (!(KnownErrors.OAuthConnectionDoesNotHaveRequiredScope.isInstance(err) || KnownErrors.OAuthConnectionNotConnectedToUser.isInstance(err))) {\n          throw err;\n        }\n      }\n      return null;\n    }\n  );\n  /** @deprecated Used by legacy getConnectedAccount(providerId) — combines token check + redirect */\n  private readonly _serverUserOAuthConnectionCache = createCache<[string, ProviderType, string, boolean], DeprecatedOAuthConnection | null>(\n    async ([userId, providerId, scope, redirect]) => {\n      return await this._getUserOAuthConnectionCacheFn({\n        getUser: async () => Result.orThrow(await this._serverUserCache.getOrWait([userId], \"write-only\")),\n        getOrWaitOAuthToken: async () => Result.orThrow(await this._serverUserOAuthConnectionAccessTokensCache.getOrWait([userId, providerId, scope || \"\"] as const, \"write-only\")),\n        useOAuthToken: () => useAsyncCache(this._serverUserOAuthConnectionAccessTokensCache, [userId, providerId, scope || \"\"] as const, \"user.useConnectedAccount()\"),\n        providerId,\n        scope,\n        redirect,\n        session: null,\n      });\n    }\n  );\n  private readonly _serverUserConnectedAccountsCache = createCache<[string], OAuthConnection[]>(\n    async ([userId]) => {\n      const result = await this._interface.listServerConnectedAccounts(userId);\n      return result.items.map((item) => this._createServerOAuthConnectionFromCrudItem(userId, item));\n    }\n  );\n  private readonly _serverUserOAuthConnectionAccessTokensByAccountCache = createCache<[string, string, string, string], { accessToken: string } | null>(\n    async ([userId, providerId, providerAccountId, scope]) => {\n      try {\n        const result = await this._interface.createServerProviderAccessTokenByAccount(userId, providerId, providerAccountId, scope || \"\");\n        return { accessToken: result.access_token };\n      } catch (err) {\n        if (!(KnownErrors.OAuthConnectionDoesNotHaveRequiredScope.isInstance(err) || KnownErrors.OAuthConnectionNotConnectedToUser.isInstance(err))) {\n          throw err;\n        }\n      }\n      return null;\n    }\n  );\n  private readonly _serverTeamMemberProfilesCache = createCache<[string], TeamMemberProfilesCrud['Server']['Read'][]>(\n    async ([teamId]) => {\n      return await this._interface.listServerTeamMemberProfiles({ teamId });\n    }\n  );\n  private readonly _serverTeamInvitationsCache = createCache<[string], TeamInvitationCrud['Server']['Read'][]>(\n    async ([teamId]) => {\n      return await this._interface.listServerTeamInvitations({ teamId });\n    }\n  );\n  private readonly _serverUserTeamProfileCache = createCache<[string, string], TeamMemberProfilesCrud['Client']['Read']>(\n    async ([teamId, userId]) => {\n      return await this._interface.getServerTeamMemberProfile({ teamId, userId });\n    }\n  );\n  private readonly _serverContactChannelsCache = createCache<[string], ContactChannelsCrud['Server']['Read'][]>(\n    async ([userId]) => {\n      return await this._interface.listServerContactChannels(userId);\n    }\n  );\n  private readonly _serverNotificationCategoriesCache = createCache<[string], NotificationPreferenceCrud['Server']['Read'][]>(\n    async ([userId]) => {\n      return await this._interface.listServerNotificationCategories(userId);\n    }\n  );\n  private readonly _serverDataVaultStoreValueCache = createCache<[string, string, string], string | null>(async ([storeId, key, secret]) => {\n    return await this._interface.getDataVaultStoreValue(secret, storeId, key);\n  });\n\n  private readonly _emailDeliveryInfoCache = createCache(async () => {\n    return await this._interface.getEmailDeliveryInfo();\n  });\n\n  private readonly _serverUserApiKeysCache = createCache<[string], UserApiKeysCrud['Server']['Read'][]>(\n    async ([userId]) => {\n      const result = await this._interface.listProjectApiKeys({\n        user_id: userId,\n      }, null, \"server\");\n      return result as UserApiKeysCrud['Server']['Read'][];\n    }\n  );\n\n  private readonly _serverTeamApiKeysCache = createCache<[string], TeamApiKeysCrud['Server']['Read'][]>(\n    async ([teamId]) => {\n      const result = await this._interface.listProjectApiKeys({\n        team_id: teamId,\n      }, null, \"server\");\n      return result as TeamApiKeysCrud['Server']['Read'][];\n    }\n  );\n\n  private readonly _convexIdentitySubjectCache = createCache<[ConvexCtx], string | null>(\n    async ([ctx]) => {\n      const identity = await ctx.auth.getUserIdentity();\n      return identity ? identity.subject : null;\n    }\n  );\n\n  private readonly _serverCheckApiKeyCache = createCache<[\"user\" | \"team\", string], UserApiKeysCrud['Server']['Read'] | TeamApiKeysCrud['Server']['Read'] | null>(async ([type, apiKey]) => {\n    const result = await this._interface.checkProjectApiKey(\n      type,\n      apiKey,\n      null,\n      \"server\",\n    );\n    return result;\n  });\n\n  private readonly _serverOAuthProvidersCache = createCache<[string], OAuthProviderCrud['Server']['Read'][]>(\n    async ([userId]) => {\n      return await this._interface.listServerOAuthProviders({ user_id: userId });\n    }\n  );\n\n  private readonly _serverTeamItemsCache = createCache<[string, string], ItemCrud['Client']['Read']>(\n    async ([teamId, itemId]) => {\n      return await this._interface.getItem({ teamId, itemId }, null, \"server\");\n    }\n  );\n\n  private readonly _serverUserItemsCache = createCache<[string, string], ItemCrud['Client']['Read']>(\n    async ([userId, itemId]) => {\n      return await this._interface.getItem({ userId, itemId }, null, \"server\");\n    }\n  );\n\n  private readonly _serverCustomItemsCache = createCache<[string, string], ItemCrud['Client']['Read']>(\n    async ([customCustomerId, itemId]) => {\n      return await this._interface.getItem({ customCustomerId, itemId }, null, \"server\");\n    }\n  );\n\n  private readonly _serverUserProductsCache = createCache<[string, string | null, number | null], CustomerProductsListResponse>(\n    async ([userId, cursor, limit]) => {\n      return await this._interface.listProducts({\n        customer_type: \"user\",\n        customer_id: userId,\n        cursor: cursor ?? undefined,\n        limit: limit ?? undefined,\n      }, null, \"server\");\n    }\n  );\n\n  private readonly _serverTeamProductsCache = createCache<[string, string | null, number | null], CustomerProductsListResponse>(\n    async ([teamId, cursor, limit]) => {\n      return await this._interface.listProducts({\n        customer_type: \"team\",\n        customer_id: teamId,\n        cursor: cursor ?? undefined,\n        limit: limit ?? undefined,\n      }, null, \"server\");\n    }\n  );\n\n  private readonly _serverCustomProductsCache = createCache<[string, string | null, number | null], CustomerProductsListResponse>(\n    async ([customCustomerId, cursor, limit]) => {\n      return await this._interface.listProducts({\n        customer_type: \"custom\",\n        customer_id: customCustomerId,\n        cursor: cursor ?? undefined,\n        limit: limit ?? undefined,\n      }, null, \"server\");\n    }\n  );\n\n  protected _createServerCustomer(userIdOrTeamId: string, type: \"user\" | \"team\"): Omit<Customer<true>, \"id\"> {\n    const app = this;\n    const productsCache = type === \"user\" ? app._serverUserProductsCache : app._serverTeamProductsCache;\n    const customerOptions = type === \"user\" ? { userId: userIdOrTeamId } : { teamId: userIdOrTeamId };\n    return {\n      ...this._createCustomer(userIdOrTeamId, type, null),\n      async getItem(itemId: string) {\n        return await app.getItem({ itemId, ...customerOptions });\n      },\n      useItem(itemId: string) {\n        return app.useItem({ itemId, ...customerOptions });\n      },\n      async grantProduct(productOptions: { productId: string, quantity?: number } | { product: InlineProduct, quantity?: number }) {\n        if (type === \"user\") {\n          if (\"productId\" in productOptions) {\n            await app.grantProduct({ userId: userIdOrTeamId, productId: productOptions.productId, quantity: productOptions.quantity });\n          } else {\n            await app.grantProduct({ userId: userIdOrTeamId, product: productOptions.product, quantity: productOptions.quantity });\n          }\n        } else {\n          if (\"productId\" in productOptions) {\n            await app.grantProduct({ teamId: userIdOrTeamId, productId: productOptions.productId, quantity: productOptions.quantity });\n          } else {\n            await app.grantProduct({ teamId: userIdOrTeamId, product: productOptions.product, quantity: productOptions.quantity });\n          }\n        }\n        await productsCache.refresh([userIdOrTeamId, null, null]);\n      },\n      async createCheckoutUrl(options: { productId: string, returnUrl?: string } | { product: InlineProduct, returnUrl?: string }) {\n        const productIdOrInline = \"productId\" in options ? options.productId : options.product;\n        return await app._interface.createCheckoutUrl(type, userIdOrTeamId, productIdOrInline, null, options.returnUrl, \"server\");\n      },\n    };\n  }\n\n  private async _updateServerUser(userId: string, update: ServerUserUpdateOptions): Promise<UsersCrud['Server']['Read']> {\n    const result = await this._interface.updateServerUser(userId, serverUserUpdateOptionsToCrud(update));\n    await this._refreshUsers();\n    return result;\n  }\n\n  protected _serverEditableTeamProfileFromCrud(crud: TeamMemberProfilesCrud['Client']['Read']): EditableTeamMemberProfile {\n    const app = this;\n    return {\n      displayName: crud.display_name,\n      profileImageUrl: crud.profile_image_url,\n      async update(update: { displayName?: string, profileImageUrl?: string }) {\n        await app._interface.updateServerTeamMemberProfile({\n          teamId: crud.team_id,\n          userId: crud.user_id,\n          profile: {\n            display_name: update.displayName,\n            profile_image_url: update.profileImageUrl,\n          },\n        });\n        await app._serverUserTeamProfileCache.refresh([crud.team_id, crud.user_id]);\n      }\n    };\n  }\n\n  protected _serverContactChannelFromCrud(userId: string, crud: ContactChannelsCrud['Server']['Read']): ServerContactChannel {\n    const app = this;\n    return {\n      id: crud.id,\n      value: crud.value,\n      type: crud.type,\n      isVerified: crud.is_verified,\n      isPrimary: crud.is_primary,\n      usedForAuth: crud.used_for_auth,\n      async sendVerificationEmail(options?: { callbackUrl?: string }) {\n        await app._interface.sendServerContactChannelVerificationEmail(userId, crud.id, options?.callbackUrl ?? constructRedirectUrl(app.urls.emailVerification, \"callbackUrl\"));\n      },\n      async update(data: ServerContactChannelUpdateOptions) {\n        await app._interface.updateServerContactChannel(userId, crud.id, serverContactChannelUpdateOptionsToCrud(data));\n        await Promise.all([\n          app._serverContactChannelsCache.refresh([userId]),\n          app._serverUserCache.refresh([userId])\n        ]);\n      },\n      async delete() {\n        await app._interface.deleteServerContactChannel(userId, crud.id);\n        await Promise.all([\n          app._serverContactChannelsCache.refresh([userId]),\n          app._serverUserCache.refresh([userId])\n        ]);\n      },\n    };\n  }\n\n  protected _serverNotificationCategoryFromCrud(userId: string, crud: NotificationPreferenceCrud['Server']['Read']): NotificationCategory {\n    const app = this;\n    return {\n      id: crud.notification_category_id,\n      name: crud.notification_category_name,\n      enabled: crud.enabled,\n      canDisable: crud.can_disable,\n\n      async setEnabled(enabled: boolean) {\n        await app._interface.setServerNotificationsEnabled(userId, crud.notification_category_id, enabled);\n        await app._serverNotificationCategoriesCache.refresh([userId]);\n      },\n    };\n  }\n\n  protected _serverOAuthProviderFromCrud(crud: OAuthProviderCrud['Server']['Read']) {\n    const app = this;\n    return {\n      id: crud.id,\n      type: crud.type,\n      userId: crud.user_id,\n      accountId: crud.account_id,\n      email: crud.email,\n      allowSignIn: crud.allow_sign_in,\n      allowConnectedAccounts: crud.allow_connected_accounts,\n\n      async update(data: { accountId?: string, email?: string, allowSignIn?: boolean, allowConnectedAccounts?: boolean }): Promise<Result<void,\n        InstanceType<typeof KnownErrors.OAuthProviderAccountIdAlreadyUsedForSignIn>\n      >> {\n        try {\n          await app._interface.updateServerOAuthProvider(crud.user_id, crud.id, {\n            account_id: data.accountId,\n            email: data.email,\n            allow_sign_in: data.allowSignIn,\n            allow_connected_accounts: data.allowConnectedAccounts,\n          });\n          await Promise.all([\n            app._serverOAuthProvidersCache.refresh([crud.user_id]),\n            app._serverUserConnectedAccountsCache.refresh([crud.user_id]),\n          ]);\n          return Result.ok(undefined);\n        } catch (error) {\n          if (KnownErrors.OAuthProviderAccountIdAlreadyUsedForSignIn.isInstance(error)) {\n            return Result.error(error);\n          }\n          throw error;\n        }\n      },\n\n      async delete() {\n        await app._interface.deleteServerOAuthProvider(crud.user_id, crud.id);\n        await Promise.all([\n          app._serverOAuthProvidersCache.refresh([crud.user_id]),\n          app._serverUserConnectedAccountsCache.refresh([crud.user_id]),\n        ]);\n      },\n    };\n  }\n\n  constructor(options: StackServerAppConstructorOptions<HasTokenStore, ProjectId>, extraOptions?: { uniqueIdentifier?: string, checkString?: string, interface?: StackServerInterface }) {\n    const resolvedOptions = resolveConstructorOptions(options);\n\n    const publishableClientKey = resolvedOptions.publishableClientKey ?? getDefaultPublishableClientKey();\n\n    super(resolvedOptions, {\n      ...extraOptions,\n      interface: extraOptions?.interface ?? (() => {\n        const apiUrls = resolveApiUrls(resolvedOptions.baseUrl);\n        return new StackServerInterface({\n          getBaseUrl: () => apiUrls()[0],\n          getApiUrls: apiUrls,\n          projectId: resolvedOptions.projectId ?? getDefaultProjectId(),\n          extraRequestHeaders: resolvedOptions.extraRequestHeaders ?? getDefaultExtraRequestHeaders(),\n          clientVersion,\n          ...(publishableClientKey != null ? { publishableClientKey } : {}),\n          secretServerKey: resolvedOptions.secretServerKey ?? getDefaultSecretServerKey(),\n        });\n      })(),\n    });\n  }\n\n\n  protected _serverApiKeyFromCrud(crud: TeamApiKeysCrud['Client']['Read']): ApiKey<\"team\">;\n  protected _serverApiKeyFromCrud(crud: UserApiKeysCrud['Client']['Read']): ApiKey<\"user\">;\n  protected _serverApiKeyFromCrud(crud: yup.InferType<typeof teamApiKeysCreateOutputSchema>): ApiKey<\"team\", true>;\n  protected _serverApiKeyFromCrud(crud: yup.InferType<typeof userApiKeysCreateOutputSchema>): ApiKey<\"user\", true>;\n  protected _serverApiKeyFromCrud(crud: TeamApiKeysCrud['Client']['Read'] | UserApiKeysCrud['Client']['Read'] | yup.InferType<typeof teamApiKeysCreateOutputSchema> | yup.InferType<typeof userApiKeysCreateOutputSchema>): ApiKey<\"user\" | \"team\", boolean> {\n    return {\n      ...this._baseApiKeyFromCrud(crud),\n      async revoke() {\n        await this.update({ revoked: true });\n      },\n      update: async (options: ApiKeyUpdateOptions) => {\n        await this._interface.updateProjectApiKey(\n          crud.type === \"team\" ? { team_id: crud.team_id } : { user_id: crud.user_id },\n          crud.id,\n          await apiKeyUpdateOptionsToCrud(crud.type, options),\n          null,\n          \"server\");\n        if (crud.type === \"team\") {\n          await this._serverTeamApiKeysCache.refresh([crud.team_id]);\n        } else {\n          await this._serverUserApiKeysCache.refresh([crud.user_id]);\n        }\n      },\n    };\n  }\n\n  protected _createServerOAuthConnectionFromCrudItem(\n    userId: string,\n    item: { provider: string, provider_account_id: string },\n  ): OAuthConnection {\n    const app = this;\n    const providerId = item.provider;\n    const providerAccountId = item.provider_account_id;\n    return {\n      id: providerId, // deprecated, for backward compat\n      provider: providerId,\n      providerAccountId,\n      async getAccessToken(options?: { scopes?: string[] }) {\n        const scopeString = options?.scopes?.join(\" \") ?? \"\";\n        const result = Result.orThrow(await app._serverUserOAuthConnectionAccessTokensByAccountCache.getOrWait([userId, providerId, providerAccountId, scopeString], \"write-only\"));\n        if (!result) {\n          const scopeDetail = scopeString ? `The requested scopes [${scopeString}] are not available on the existing token.` : \"The OAuth refresh token has likely been revoked or expired.\";\n          return Result.error(new KnownErrors.OAuthAccessTokenNotAvailable(providerId, `${scopeDetail} The user needs to re-authorize by calling \\`linkConnectedAccount\\` or using \\`getOrLinkConnectedAccount\\`.`));\n        }\n        return Result.ok(result);\n      },\n      useAccessToken(options?: { scopes?: string[] }) {\n        const scopeString = options?.scopes?.join(\" \") ?? \"\";\n        const result = useAsyncCache(app._serverUserOAuthConnectionAccessTokensByAccountCache, [userId, providerId, providerAccountId, scopeString] as const, \"connection.useAccessToken()\");\n        if (!result) {\n          const scopeDetail = scopeString ? `The requested scopes [${scopeString}] are not available on the existing token.` : \"The OAuth refresh token has likely been revoked or expired.\";\n          return Result.error(new KnownErrors.OAuthAccessTokenNotAvailable(providerId, `${scopeDetail} The user needs to re-authorize by calling \\`linkConnectedAccount\\` or using \\`getOrLinkConnectedAccount\\`.`));\n        }\n        return Result.ok(result);\n      },\n    };\n  }\n\n  protected _serverUserFromCrud(crud: UsersCrud['Server']['Read']): ServerUser {\n    const app = this;\n\n    /** @deprecated The string-based overloads are deprecated. Use `getConnectedAccount({ provider, providerAccountId })` for existence check. */\n    async function getConnectedAccount(id: ProviderType, options?: { scopes?: string[] }): Promise<DeprecatedOAuthConnection | null>;\n    async function getConnectedAccount(id: ProviderType, options: { or: 'redirect', scopes?: string[] }): Promise<DeprecatedOAuthConnection>;\n    async function getConnectedAccount(account: { provider: string, providerAccountId: string }): Promise<OAuthConnection | null>;\n    async function getConnectedAccount(\n      idOrAccount: ProviderType | { provider: string, providerAccountId: string },\n      options?: { or?: 'redirect', scopes?: string[] }\n    ): Promise<DeprecatedOAuthConnection | OAuthConnection | null> {\n      const scopeString = options?.scopes?.join(\" \") ?? \"\";\n\n      // Check if it's the new object-based API\n      if (typeof idOrAccount === 'object' && 'provider' in idOrAccount && 'providerAccountId' in idOrAccount) {\n        const { provider, providerAccountId } = idOrAccount;\n        // Check if the account exists in the connected accounts list\n        const connectedAccounts = Result.orThrow(await app._serverUserConnectedAccountsCache.getOrWait([crud.id], \"write-only\"));\n        const found = connectedAccounts.find(\n          a => a.provider === provider && a.providerAccountId === providerAccountId\n        );\n        if (!found) {\n          return null;\n        }\n        return found;\n      }\n\n      // Original behavior: by provider ID (returns first match)\n      return Result.orThrow(await app._serverUserOAuthConnectionCache.getOrWait([crud.id, idOrAccount, scopeString, options?.or === 'redirect'], \"write-only\"));\n    }\n\n    /** @deprecated The string-based overloads are deprecated. Use `useConnectedAccount({ provider, providerAccountId })` for existence check. */\n    function useConnectedAccount(id: ProviderType, options?: { scopes?: string[] }): DeprecatedOAuthConnection | null;\n    function useConnectedAccount(id: ProviderType, options: { or: 'redirect', scopes?: string[] }): DeprecatedOAuthConnection;\n    function useConnectedAccount(account: { provider: string, providerAccountId: string }): OAuthConnection | null;\n    function useConnectedAccount(\n      idOrAccount: ProviderType | { provider: string, providerAccountId: string },\n      options?: { or?: 'redirect', scopes?: string[] }\n    ): DeprecatedOAuthConnection | OAuthConnection | null {\n      const scopeString = options?.scopes?.join(\" \") ?? \"\";\n\n      // Check if it's the new object-based API\n      if (typeof idOrAccount === 'object' && 'provider' in idOrAccount && 'providerAccountId' in idOrAccount) {\n        const { provider, providerAccountId } = idOrAccount;\n        // Check if the account exists in the connected accounts list\n        const connectedAccounts = useAsyncCache(\n          app._serverUserConnectedAccountsCache,\n          [crud.id] as const,\n          \"user.useConnectedAccount()\"\n        );\n        const found = connectedAccounts.find(\n          a => a.provider === provider && a.providerAccountId === providerAccountId\n        );\n        return found ?? null;\n      }\n\n      // Original behavior: by provider ID (returns first match)\n      return useAsyncCache(app._serverUserOAuthConnectionCache, [crud.id, idOrAccount, scopeString, options?.or === 'redirect'] as const, \"user.useConnectedAccount()\");\n    }\n\n    // Type assertion needed because the new restricted_by_admin fields may not be reflected in TypeScript types yet\n    // after schema changes - the runtime values are present after the schema is updated\n    const crudWithAdminRestriction = crud as typeof crud & {\n      restricted_by_admin: boolean,\n      restricted_by_admin_reason: string | null,\n      restricted_by_admin_private_details: string | null,\n    };\n    const serverUser = withUserDestructureGuard({\n      ...super._createBaseUser(crud),\n      lastActiveAt: new Date(crud.last_active_at_millis),\n      serverMetadata: crud.server_metadata,\n      restrictedByAdmin: crudWithAdminRestriction.restricted_by_admin,\n      restrictedByAdminReason: crudWithAdminRestriction.restricted_by_admin_reason,\n      restrictedByAdminPrivateDetails: crudWithAdminRestriction.restricted_by_admin_private_details,\n      countryCode: crud.country_code,\n      riskScores: {\n        signUp: {\n          bot: crud.risk_scores.sign_up.bot,\n          freeTrialAbuse: crud.risk_scores.sign_up.free_trial_abuse,\n        },\n      },\n      async setPrimaryEmail(email: string | null, options?: { verified?: boolean }) {\n        await app._updateServerUser(crud.id, { primaryEmail: email, primaryEmailVerified: options?.verified });\n      },\n      async grantPermission(scopeOrPermissionId: Team | string, permissionId?: string): Promise<void> {\n        if (scopeOrPermissionId && typeof scopeOrPermissionId !== 'string' && permissionId) {\n          const scope = scopeOrPermissionId;\n          await app._interface.grantServerTeamUserPermission(scope.id, crud.id, permissionId);\n\n          for (const recursive of [true, false]) {\n            await app._serverTeamUserPermissionsCache.refresh([scope.id, crud.id, recursive]);\n            await app._serverAllTeamMemberPermissionsCache.refresh([scope.id, recursive]);\n          }\n        } else {\n          const pId = scopeOrPermissionId as string;\n          await app._interface.grantServerProjectPermission(crud.id, pId);\n\n          for (const recursive of [true, false]) {\n            await app._serverUserProjectPermissionsCache.refresh([crud.id, recursive]);\n          }\n        }\n      },\n      async revokePermission(scopeOrPermissionId: Team | string, permissionId?: string): Promise<void> {\n        if (scopeOrPermissionId && typeof scopeOrPermissionId !== 'string' && permissionId) {\n          const scope = scopeOrPermissionId;\n          await app._interface.revokeServerTeamUserPermission(scope.id, crud.id, permissionId);\n\n          for (const recursive of [true, false]) {\n            await app._serverTeamUserPermissionsCache.refresh([scope.id, crud.id, recursive]);\n            await app._serverAllTeamMemberPermissionsCache.refresh([scope.id, recursive]);\n          }\n        } else {\n          const pId = scopeOrPermissionId as string;\n          await app._interface.revokeServerProjectPermission(crud.id, pId);\n\n          for (const recursive of [true, false]) {\n            await app._serverUserProjectPermissionsCache.refresh([crud.id, recursive]);\n          }\n        }\n      },\n      async delete() {\n        const res = await app._interface.deleteServerUser(crud.id);\n        await app._refreshUsers();\n        return res;\n      },\n      async createSession(options: { expiresInMillis?: number, isImpersonation?: boolean }) {\n        // TODO this should also refresh the access token when it expires (like InternalSession)\n        const tokens = await app._interface.createServerUserSession(crud.id, options.expiresInMillis ?? 1000 * 60 * 60 * 24 * 365, options.isImpersonation ?? false);\n        return {\n          async getTokens() {\n            return tokens;\n          },\n        };\n      },\n\n      async getActiveSessions() {\n        const sessions = await app._interface.listServerSessions(crud.id);\n        return sessions.items.map((session) => app._clientSessionFromCrud(session));\n      },\n\n      async revokeSession(sessionId: string) {\n        await app._interface.deleteServerSession(sessionId);\n      },\n      async setDisplayName(displayName: string | null) {\n        return await this.update({ displayName });\n      },\n      async setClientMetadata(metadata: Record<string, any>) {\n        return await this.update({ clientMetadata: metadata });\n      },\n      async setClientReadOnlyMetadata(metadata: Record<string, any>) {\n        return await this.update({ clientReadOnlyMetadata: metadata });\n      },\n      async setServerMetadata(metadata: Record<string, any>) {\n        return await this.update({ serverMetadata: metadata });\n      },\n      async setSelectedTeam(team: Team | string | null) {\n        return await this.update({ selectedTeamId: typeof team === 'string' ? team : team?.id ?? null });\n      },\n      getConnectedAccount,\n      useConnectedAccount, // THIS_LINE_PLATFORM react-like\n      async listConnectedAccounts() {\n        return Result.orThrow(await app._serverUserConnectedAccountsCache.getOrWait([crud.id], \"write-only\"));\n      },\n      useConnectedAccounts() {\n        return useAsyncCache(app._serverUserConnectedAccountsCache, [crud.id] as const, \"user.useConnectedAccounts()\");\n      },\n      async linkConnectedAccount(): Promise<void> {\n        throw new StackAssertionError(\"linkConnectedAccount is not available for server users. OAuth flows must be initiated on the client side.\");\n      },\n      async getOrLinkConnectedAccount(): Promise<OAuthConnection> {\n        throw new StackAssertionError(\"getOrLinkConnectedAccount is not available for server users. OAuth flows must be initiated on the client side.\");\n      },\n      useOrLinkConnectedAccount(): OAuthConnection {\n        throw new StackAssertionError(\"useOrLinkConnectedAccount is not available for server users. OAuth flows must be initiated on the client side.\");\n      },\n      selectedTeam: crud.selected_team ? app._serverTeamFromCrud(crud.selected_team) : null,\n      async getTeam(teamId: string) {\n        const teams = await this.listTeams();\n        return teams.find((t) => t.id === teamId) ?? null;\n      },\n      useTeam(teamId: string) {\n        const teams = this.useTeams();\n        return useMemo(() => {\n          return teams.find((t) => t.id === teamId) ?? null;\n        }, [teams, teamId]);\n      },\n      async listTeams(options?: ServerListTeamsOptions): Promise<ServerTeam[] & { nextCursor: string | null }> {\n        const result = Result.orThrow(await app._serverTeamsCache.getOrWait([crud.id, options?.orderBy, options?.desc, options?.cursor, options?.limit, options?.query] as const, \"write-only\"));\n        const teams: any = result.items.map((t) => app._serverTeamFromCrud(t));\n        teams.nextCursor = result.pagination?.next_cursor ?? null;\n        return teams as any;\n      },\n      useTeams(options?: ServerListTeamsOptions): ServerTeam[] & { nextCursor: string | null } {\n        const result = useAsyncCache(app._serverTeamsCache, [crud.id, options?.orderBy, options?.desc, options?.cursor, options?.limit, options?.query] as const, \"user.useTeams()\");\n        return useMemo(() => {\n          const teams: any = result.items.map((t) => app._serverTeamFromCrud(t));\n          teams.nextCursor = result.pagination?.next_cursor ?? null;\n          return teams as any;\n        }, [result]);\n      },\n      createTeam: async (data: Omit<ServerTeamCreateOptions, \"creatorUserId\">) => {\n        const team = await app._interface.createServerTeam(serverTeamCreateOptionsToCrud({\n          creatorUserId: crud.id,\n          ...data,\n        }));\n        await app._serverTeamsCache.refreshWhere(() => true);\n        await app._updateServerUser(crud.id, { selectedTeamId: team.id });\n        return app._serverTeamFromCrud(team);\n      },\n      leaveTeam: async (team: Team) => {\n        await app._interface.leaveServerTeam({ teamId: team.id, userId: crud.id });\n        await app._refreshTeamMembership(team.id, crud.id);\n      },\n      async listTeamInvitations() {\n        const invitations = Result.orThrow(await app._serverUserTeamInvitationsCache.getOrWait([crud.id], \"write-only\"));\n        return invitations.map((inv) => app._serverReceivedTeamInvitationFromCrud(crud.id, inv));\n      },\n      useTeamInvitations() {\n        const invitations = useAsyncCache(app._serverUserTeamInvitationsCache, [crud.id], \"user.useTeamInvitations()\");\n        return useMemo(() => invitations.map((inv) => app._serverReceivedTeamInvitationFromCrud(crud.id, inv)), [invitations]);\n      },\n      async listPermissions(scopeOrOptions?: Team | { recursive?: boolean }, options?: { recursive?: boolean }): Promise<AdminTeamPermission[]> {\n        if (scopeOrOptions && 'id' in scopeOrOptions) {\n          const scope = scopeOrOptions;\n          const recursive = options?.recursive ?? true;\n          const permissions = Result.orThrow(await app._serverTeamUserPermissionsCache.getOrWait([scope.id, crud.id, recursive], \"write-only\"));\n          return permissions.map((crud) => app._serverPermissionFromCrud(crud));\n        } else {\n          const opts = scopeOrOptions;\n          const recursive = opts?.recursive ?? true;\n          const permissions = Result.orThrow(await app._serverUserProjectPermissionsCache.getOrWait([crud.id, recursive], \"write-only\"));\n          return permissions.map((crud) => app._serverPermissionFromCrud(crud));\n        }\n      },\n      usePermissions(scopeOrOptions?: Team | { recursive?: boolean }, options?: { recursive?: boolean }): AdminTeamPermission[] {\n        if (scopeOrOptions && 'id' in scopeOrOptions) {\n          const scope = scopeOrOptions;\n          const recursive = options?.recursive ?? true;\n          const permissions = useAsyncCache(app._serverTeamUserPermissionsCache, [scope.id, crud.id, recursive] as const, \"user.usePermissions()\");\n          return useMemo(() => permissions.map((crud) => app._serverPermissionFromCrud(crud)), [permissions]);\n        } else {\n          const opts = scopeOrOptions;\n          const recursive = opts?.recursive ?? true;\n          const permissions = useAsyncCache(app._serverUserProjectPermissionsCache, [crud.id, recursive] as const, \"user.usePermissions()\");\n          return useMemo(() => permissions.map((crud) => app._serverPermissionFromCrud(crud)), [permissions]);\n        }\n      },\n      async getPermission(scopeOrPermissionId: Team | string, permissionId?: string): Promise<AdminTeamPermission | null> {\n        if (scopeOrPermissionId && typeof scopeOrPermissionId !== 'string') {\n          const scope = scopeOrPermissionId;\n          const permissions = await this.listPermissions(scope);\n          return permissions.find((p) => p.id === permissionId) ?? null;\n        } else {\n          const pid = scopeOrPermissionId;\n          const permissions = await this.listPermissions();\n          return permissions.find((p) => p.id === pid) ?? null;\n        }\n      },\n      usePermission(scopeOrPermissionId: Team | string, permissionId?: string): AdminTeamPermission | null {\n        if (scopeOrPermissionId && typeof scopeOrPermissionId !== 'string') {\n          const scope = scopeOrPermissionId;\n          const permissions = this.usePermissions(scope);\n          return useMemo(() => permissions.find((p) => p.id === permissionId) ?? null, [permissions, permissionId]);\n        } else {\n          const pid = scopeOrPermissionId;\n          const permissions = this.usePermissions();\n          return useMemo(() => permissions.find((p) => p.id === pid) ?? null, [permissions, pid]);\n        }\n      },\n      async hasPermission(scopeOrPermissionId: Team | string, permissionId?: string): Promise<boolean> {\n        if (scopeOrPermissionId && typeof scopeOrPermissionId !== 'string') {\n          const scope = scopeOrPermissionId;\n          return (await this.getPermission(scope, permissionId as string)) !== null;\n        } else {\n          const pid = scopeOrPermissionId;\n          return (await this.getPermission(pid)) !== null;\n        }\n      },\n      async update(update: ServerUserUpdateOptions) {\n        await app._updateServerUser(crud.id, update);\n      },\n      async sendVerificationEmail() {\n        return await app._checkFeatureSupport(\"sendVerificationEmail() on ServerUser\", {});\n      },\n      async updatePassword(options: { oldPassword: string, newPassword: string }) {\n        const result = await app._interface.updatePassword(options);\n        await app._serverUserCache.refresh([crud.id]);\n        return result;\n      },\n      async setPassword(options: { password: string }) {\n        const result = await this.update(options);\n        await app._serverUserCache.refresh([crud.id]);\n        return result;\n      },\n      async getTeamProfile(team: Team) {\n        const result = Result.orThrow(await app._serverUserTeamProfileCache.getOrWait([team.id, crud.id], \"write-only\"));\n        return app._serverEditableTeamProfileFromCrud(result);\n      },\n      useTeamProfile(team: Team) {\n        const result = useAsyncCache(app._serverUserTeamProfileCache, [team.id, crud.id] as const, \"user.useTeamProfile()\");\n        return useMemo(() => app._serverEditableTeamProfileFromCrud(result), [result]);\n      },\n      async listContactChannels() {\n        const result = Result.orThrow(await app._serverContactChannelsCache.getOrWait([crud.id], \"write-only\"));\n        return result.map((data) => app._serverContactChannelFromCrud(crud.id, data));\n      },\n      useContactChannels() {\n        const result = useAsyncCache(app._serverContactChannelsCache, [crud.id] as const, \"user.useContactChannels()\");\n        return useMemo(() => result.map((data) => app._serverContactChannelFromCrud(crud.id, data)), [result]);\n      },\n      createContactChannel: async (data: ServerContactChannelCreateOptions) => {\n        const contactChannel = await app._interface.createServerContactChannel(serverContactChannelCreateOptionsToCrud(crud.id, data));\n        await Promise.all([\n          app._serverContactChannelsCache.refresh([crud.id]),\n          app._serverUserCache.refresh([crud.id])\n        ]);\n        return app._serverContactChannelFromCrud(crud.id, contactChannel);\n      },\n      useNotificationCategories() {\n        const results = useAsyncCache(app._serverNotificationCategoriesCache, [crud.id] as const, \"user.useNotificationCategories()\");\n        return results.map((category) => app._serverNotificationCategoryFromCrud(crud.id, category));\n      },\n      async listNotificationCategories() {\n        const results = Result.orThrow(await app._serverNotificationCategoriesCache.getOrWait([crud.id], \"write-only\"));\n        return results.map((category) => app._serverNotificationCategoryFromCrud(crud.id, category));\n      },\n      useApiKeys() {\n        const result = useAsyncCache(app._serverUserApiKeysCache, [crud.id] as const, \"user.useApiKeys()\");\n        return result.map((apiKey) => app._serverApiKeyFromCrud(apiKey));\n      },\n      async listApiKeys() {\n        const result = Result.orThrow(await app._serverUserApiKeysCache.getOrWait([crud.id], \"write-only\"));\n        return result.map((apiKey) => app._serverApiKeyFromCrud(apiKey));\n      },\n      async createApiKey(options: ApiKeyCreationOptions<\"user\">) {\n        const result = await app._interface.createProjectApiKey(\n          await apiKeyCreationOptionsToCrud(\"user\", crud.id, options),\n          null,\n          \"server\",\n        );\n        await app._serverUserApiKeysCache.refresh([crud.id]);\n        return app._serverApiKeyFromCrud(result);\n      },\n      useOAuthProviders() {\n        const results = useAsyncCache(app._serverOAuthProvidersCache, [crud.id] as const, \"user.useOAuthProviders()\");\n        return useMemo(() => results.map((oauthCrud) => app._serverOAuthProviderFromCrud(oauthCrud)), [results]);\n      },\n\n      async listOAuthProviders() {\n        const results = Result.orThrow(await app._serverOAuthProvidersCache.getOrWait([crud.id], \"write-only\"));\n        return results.map((oauthCrud) => app._serverOAuthProviderFromCrud(oauthCrud));\n      },\n\n      useOAuthProvider(id: string) {\n        const providers = this.useOAuthProviders();\n        return useMemo(() => providers.find((p) => p.id === id) ?? null, [providers, id]);\n      },\n      async getOAuthProvider(id: string) {\n        const providers = await this.listOAuthProviders();\n        return providers.find((p) => p.id === id) ?? null;\n      },\n      async registerPasskey(options?: { hostname?: string }): Promise<Result<undefined, KnownErrors[\"PasskeyRegistrationFailed\"] | KnownErrors[\"PasskeyWebAuthnError\"]>> {\n        // TODO remove duplicated code between this and the function in client-app-impl.ts\n        const hostname = options?.hostname || (await app._getCurrentUrl())?.hostname;\n        if (!hostname) {\n          throw new StackAssertionError(\"hostname must be provided if the Stack App does not have a redirect method\");\n        }\n\n        // Use server interface to initiate passkey registration for this specific user\n        const initiationResult = await app._interface.initiateServerPasskeyRegistration(crud.id);\n\n        if (initiationResult.status !== \"ok\") {\n          return Result.error(new KnownErrors.PasskeyRegistrationFailed(\"Failed to get initiation options for passkey registration\"));\n        }\n\n        const { options_json, code } = initiationResult.data;\n\n        // HACK: Override the rpID to be the actual domain\n        if (options_json.rp.id !== \"THIS_VALUE_WILL_BE_REPLACED.example.com\") {\n          throw new StackAssertionError(`Expected returned RP ID from server to equal sentinel, but found ${options_json.rp.id}`);\n        }\n\n        options_json.rp.id = hostname;\n\n        let attResp;\n        try {\n          attResp = await startRegistration({ optionsJSON: options_json });\n        } catch (error: any) {\n          if (error instanceof WebAuthnError) {\n            return Result.error(new KnownErrors.PasskeyWebAuthnError(error.message, error.name));\n          } else {\n            // This should never happen\n            captureError(\"passkey-registration-failed\", error);\n            return Result.error(new KnownErrors.PasskeyRegistrationFailed(\"Failed to start passkey registration due to unknown error\"));\n          }\n        }\n\n        // Create a temporary session to complete the registration\n        // TODO instead of creating a new session, this should just call the endpoint in a way in which it doesn't require a session\n        // (currently this shows up on session history etc... not ideal)\n        const { accessToken, refreshToken } = await app._interface.createServerUserSession(crud.id, 60000 * 2, false);\n        const tempSession = new InternalSession({\n          accessToken,\n          refreshToken,\n          refreshAccessTokenCallback: async () => null,\n        });\n\n        const registrationResult = await app._interface.registerPasskey({ credential: attResp, code }, tempSession);\n\n        await app._serverUserCache.refresh([crud.id]);\n        return registrationResult;\n      },\n      ...app._createServerCustomer(crud.id, \"user\"),\n    } satisfies ServerUser);\n\n    return serverUser;\n  }\n\n  protected _serverTeamUserFromCrud(crud: TeamMemberProfilesCrud[\"Server\"][\"Read\"]): ServerTeamUser {\n    const teamUser = withUserDestructureGuard({\n      ...this._serverUserFromCrud(crud.user),\n      teamProfile: {\n        displayName: crud.display_name,\n        profileImageUrl: crud.profile_image_url,\n      },\n    } satisfies ServerTeamUser);\n\n    return teamUser;\n  }\n\n  protected _serverSentTeamInvitationFromCrud(crud: TeamInvitationCrud['Server']['Read']): SentTeamInvitation {\n    return {\n      id: crud.id,\n      recipientEmail: crud.recipient_email,\n      expiresAt: new Date(crud.expires_at_millis),\n      revoke: async () => {\n        await this._interface.revokeServerTeamInvitation(crud.id, crud.team_id);\n        await this._serverTeamInvitationsCache.refresh([crud.team_id]);\n      },\n    };\n  }\n\n  protected _serverReceivedTeamInvitationFromCrud(userId: string, crud: TeamInvitationCrud['Client']['Read']): ReceivedTeamInvitation {\n    const app = this;\n    return {\n      id: crud.id,\n      teamId: crud.team_id,\n      teamDisplayName: crud.team_display_name,\n      recipientEmail: crud.recipient_email,\n      expiresAt: new Date(crud.expires_at_millis),\n      accept: async () => {\n        await app._interface.acceptServerTeamInvitationById(crud.id, userId);\n        await Promise.all([\n          app._serverUserTeamInvitationsCache.refresh([userId]),\n          app._serverTeamInvitationsCache.refresh([crud.team_id]),\n          app._refreshTeamMembership(crud.team_id, userId),\n        ]);\n      },\n    };\n  }\n\n  protected override _currentUserFromCrud(crud: UsersCrud['Server']['Read'], session: InternalSession): ProjectCurrentServerUser<ProjectId> {\n    const currentUser = withUserDestructureGuard({\n      ...this._serverUserFromCrud(crud),\n      ...this._createAuth(session),\n      ...this._isInternalProject() ? this._createInternalUserExtra(session) : {},\n    } satisfies ServerUser);\n\n    return currentUser as ProjectCurrentServerUser<ProjectId>;\n  }\n\n  protected _serverTeamFromCrud(crud: TeamsCrud['Server']['Read']): ServerTeam {\n    const app = this;\n    return {\n      id: crud.id,\n      displayName: crud.display_name,\n      profileImageUrl: crud.profile_image_url,\n      createdAt: new Date(crud.created_at_millis),\n      clientMetadata: crud.client_metadata,\n      clientReadOnlyMetadata: crud.client_read_only_metadata,\n      serverMetadata: crud.server_metadata,\n      async update(update: Partial<ServerTeamUpdateOptions>) {\n        await app._interface.updateServerTeam(crud.id, serverTeamUpdateOptionsToCrud(update));\n        await Promise.all([\n          app._serverTeamsCache.refreshWhere(() => true),\n          app._serverUsersCache.refreshWhere(() => true),\n        ]);\n      },\n      async delete() {\n        await app._interface.deleteServerTeam(crud.id);\n        await Promise.all([\n          app._serverTeamsCache.refreshWhere(() => true),\n          app._serverUsersCache.refreshWhere(() => true),\n        ]);\n      },\n      async listUsers() {\n        const result = Result.orThrow(await app._serverTeamMemberProfilesCache.getOrWait([crud.id], \"write-only\"));\n        return result.map(u => app._serverTeamUserFromCrud(u));\n      },\n      useUsers() {\n        const result = useAsyncCache(app._serverTeamMemberProfilesCache, [crud.id] as const, \"team.useUsers()\");\n        return useMemo(() => result.map(u => app._serverTeamUserFromCrud(u)), [result]);\n      },\n      async addUser(userId) {\n        await app._interface.addServerUserToTeam({\n          teamId: crud.id,\n          userId,\n        });\n        await app._refreshTeamMembership(crud.id, userId);\n      },\n      async removeUser(userId) {\n        await app._interface.removeServerUserFromTeam({\n          teamId: crud.id,\n          userId,\n        });\n        await app._refreshTeamMembership(crud.id, userId);\n      },\n      async inviteUser(options: { email: string, callbackUrl?: string }) {\n        await app._interface.sendServerTeamInvitation({\n          teamId: crud.id,\n          email: options.email,\n          callbackUrl: options.callbackUrl ?? constructRedirectUrl(app.urls.teamInvitation, \"callbackUrl\"),\n        });\n        await app._serverTeamInvitationsCache.refresh([crud.id]);\n      },\n      async listInvitations() {\n        const result = Result.orThrow(await app._serverTeamInvitationsCache.getOrWait([crud.id], \"write-only\"));\n        return result.map((crud) => app._serverSentTeamInvitationFromCrud(crud));\n      },\n      useInvitations() {\n        const result = useAsyncCache(app._serverTeamInvitationsCache, [crud.id] as const, \"team.useInvitations()\");\n        return useMemo(() => result.map((crud) => app._serverSentTeamInvitationFromCrud(crud)), [result]);\n      },\n      useApiKeys() {\n        const result = useAsyncCache(app._serverTeamApiKeysCache, [crud.id] as const, \"team.useApiKeys()\");\n        return result.map((apiKey) => app._serverApiKeyFromCrud(apiKey));\n      },\n      async listApiKeys() {\n        const result = Result.orThrow(await app._serverTeamApiKeysCache.getOrWait([crud.id], \"write-only\"));\n        return result.map((apiKey) => app._serverApiKeyFromCrud(apiKey));\n      },\n      async createApiKey(options: ApiKeyCreationOptions<\"team\">) {\n        const result = await app._interface.createProjectApiKey(\n          await apiKeyCreationOptionsToCrud(\"team\", crud.id, options),\n          null,\n          \"server\",\n        );\n        await app._serverTeamApiKeysCache.refresh([crud.id]);\n        return app._serverApiKeyFromCrud(result);\n      },\n      ...app._createServerCustomer(crud.id, \"team\"),\n    };\n  }\n\n  protected _serverItemFromCrud(customer: { type: \"user\" | \"team\" | \"custom\", id: string }, crud: ItemCrud['Client']['Read']): ServerItem {\n    const app = this;\n    return {\n      displayName: crud.display_name,\n      quantity: crud.quantity,\n      nonNegativeQuantity: Math.max(0, crud.quantity),\n      increaseQuantity: async (delta: number) => {\n        const updateOptions = customer.type === \"user\"\n          ? { itemId: crud.id, userId: customer.id }\n          : customer.type === \"team\"\n            ? { itemId: crud.id, teamId: customer.id }\n            : { itemId: crud.id, customCustomerId: customer.id };\n        await app._interface.updateItemQuantity(updateOptions, { delta });\n        if (customer.type === \"user\") await app._serverUserItemsCache.refresh([customer.id, crud.id]);\n        else if (customer.type === \"team\") await app._serverTeamItemsCache.refresh([customer.id, crud.id]);\n        else await app._serverCustomItemsCache.refresh([customer.id, crud.id]);\n      },\n      decreaseQuantity: async (delta: number) => {\n        const updateOptions = customer.type === \"user\"\n          ? { itemId: crud.id, userId: customer.id }\n          : customer.type === \"team\"\n            ? { itemId: crud.id, teamId: customer.id }\n            : { itemId: crud.id, customCustomerId: customer.id };\n        await app._interface.updateItemQuantity(updateOptions, { delta: -delta, allow_negative: true });\n        if (customer.type === \"user\") await app._serverUserItemsCache.refresh([customer.id, crud.id]);\n        else if (customer.type === \"team\") await app._serverTeamItemsCache.refresh([customer.id, crud.id]);\n        else await app._serverCustomItemsCache.refresh([customer.id, crud.id]);\n      },\n      tryDecreaseQuantity: async (delta: number) => {\n        try {\n          const updateOptions = customer.type === \"user\"\n            ? { itemId: crud.id, userId: customer.id }\n            : customer.type === \"team\"\n              ? { itemId: crud.id, teamId: customer.id }\n              : { itemId: crud.id, customCustomerId: customer.id };\n          await app._interface.updateItemQuantity(updateOptions, { delta: -delta });\n          if (customer.type === \"user\") await app._serverUserItemsCache.refresh([customer.id, crud.id]);\n          else if (customer.type === \"team\") await app._serverTeamItemsCache.refresh([customer.id, crud.id]);\n          else await app._serverCustomItemsCache.refresh([customer.id, crud.id]);\n          return true;\n        } catch (error) {\n          if (error instanceof KnownErrors.ItemQuantityInsufficientAmount) {\n            return false;\n          }\n          throw error;\n        }\n      },\n    };\n  }\n\n  protected async _getUserApiKey(options: { apiKey: string }): Promise<ApiKey<\"user\"> | null> {\n    const crud = Result.orThrow(await this._serverCheckApiKeyCache.getOrWait([\"user\", options.apiKey], \"write-only\")) as UserApiKeysCrud['Server']['Read'] | null;\n    return crud ? this._serverApiKeyFromCrud(crud) : null;\n  }\n\n  protected async _getTeamApiKey(options: { apiKey: string }): Promise<ApiKey<\"team\"> | null> {\n    const crud = Result.orThrow(await this._serverCheckApiKeyCache.getOrWait([\"team\", options.apiKey], \"write-only\")) as TeamApiKeysCrud['Server']['Read'] | null;\n    return crud ? this._serverApiKeyFromCrud(crud) : null;\n  }\n  protected _useUserApiKey(options: { apiKey: string }): ApiKey<\"user\"> | null {\n    const crud = useAsyncCache(this._serverCheckApiKeyCache, [\"user\", options.apiKey] as const, \"serverApp.useUserApiKey()\") as UserApiKeysCrud['Server']['Read'] | null;\n    return useMemo(() => crud ? this._serverApiKeyFromCrud(crud) : null, [crud]);\n  }\n  protected _useTeamApiKey(options: { apiKey: string }): ApiKey<\"team\"> | null {\n    const crud = useAsyncCache(this._serverCheckApiKeyCache, [\"team\", options.apiKey] as const, \"serverApp.useTeamApiKey()\") as TeamApiKeysCrud['Server']['Read'] | null;\n    return useMemo(() => crud ? this._serverApiKeyFromCrud(crud) : null, [crud]);\n  }\n  protected async _getUserByApiKey(apiKey: string): Promise<ServerUser | null> {\n    const apiKeyObject = await this._getUserApiKey({ apiKey });\n    if (apiKeyObject === null) {\n      return null;\n    }\n    return await this.getServerUserById(apiKeyObject.userId);\n  }\n\n  protected async _getUserByConvex(ctx: ConvexCtx, includeAnonymous: boolean): Promise<ServerUser | null> {\n    const identity = await ctx.auth.getUserIdentity();\n    if (identity === null) {\n      return null;\n    }\n    const user = await this.getServerUserById(identity.subject);\n    if (user?.isAnonymous && !includeAnonymous) {\n      return null;\n    }\n    return user;\n  }\n  protected _useUserByConvex(ctx: ConvexCtx, includeAnonymous: boolean): ServerUser | null {\n    const subject = useAsyncCache(this._convexIdentitySubjectCache, [ctx] as const, \"serverApp.useUserByConvex()\");\n    if (subject === null) {\n      return null;\n    }\n    const user = this.useUserById(subject);\n    if (user?.isAnonymous && !includeAnonymous) {\n      return null;\n    }\n    return user;\n  }\n  protected _useUserByApiKey(apiKey: string): ServerUser | null {\n    const apiKeyObject = this._useUserApiKey({ apiKey });\n    if (apiKeyObject === null) {\n      return null;\n    }\n    return this.useUserById(apiKeyObject.userId);\n  }\n\n  protected async _getTeamByApiKey(apiKey: string): Promise<ServerTeam | null> {\n    const apiKeyObject = await this._getTeamApiKey({ apiKey });\n    if (apiKeyObject === null) {\n      return null;\n    }\n    return await this.getTeam(apiKeyObject.teamId);\n  }\n  protected _useTeamByApiKey(apiKey: string): ServerTeam | null {\n    const apiKeyObject = this._useTeamApiKey({ apiKey });\n    if (apiKeyObject === null) {\n      return null;\n    }\n    return this.useTeam(apiKeyObject.teamId);\n  }\n\n  async createUser(options: ServerUserCreateOptions): Promise<ServerUser> {\n    const crud = await this._interface.createServerUser(serverUserCreateOptionsToCrud(options));\n    await this._refreshUsers();\n    return this._serverUserFromCrud(crud);\n  }\n\n  async getUser(options: GetCurrentUserOptions<HasTokenStore> & { or: 'redirect' }): Promise<ProjectCurrentServerUser<ProjectId>>;\n  async getUser(options: GetCurrentUserOptions<HasTokenStore> & { or: 'throw' }): Promise<ProjectCurrentServerUser<ProjectId>>;\n  async getUser(options: GetCurrentUserOptions<HasTokenStore> & { or: 'anonymous' }): Promise<ProjectCurrentServerUser<ProjectId>>;\n  async getUser(options?: GetCurrentUserOptions<HasTokenStore>): Promise<ProjectCurrentServerUser<ProjectId> | null>;\n  async getUser(id: string): Promise<ServerUser | null>;\n  async getUser(options: { apiKey: string }): Promise<ServerUser | null>;\n  async getUser(options: { from: \"convex\", ctx: ConvexCtx, or?: \"return-null\" | \"anonymous\" }): Promise<ServerUser | null>;\n  async getUser(options?: string | GetCurrentUserOptions<HasTokenStore> | { apiKey: string } | { from: \"convex\", ctx: ConvexCtx }): Promise<ProjectCurrentServerUser<ProjectId> | ServerUser | null> {\n    if (typeof options === \"string\") {\n      return await this.getServerUserById(options);\n    } else if (typeof options === \"object\" && \"apiKey\" in options) {\n      return await this._getUserByApiKey(options.apiKey);\n    } else if (typeof options === \"object\" && \"from\" in options && options.from as string === \"convex\") {\n      return await this._getUserByConvex(options.ctx, \"or\" in options && options.or === \"anonymous\");\n    } else {\n      options = options as GetCurrentUserOptions<HasTokenStore> | undefined;\n\n      // Validate that includeRestricted: false and or: 'anonymous' are mutually exclusive\n      if (options?.or === 'anonymous' && options.includeRestricted === false) {\n        throw new Error(\"Cannot use { or: 'anonymous' } with { includeRestricted: false }. Anonymous users implicitly include restricted users.\");\n      }\n\n      // TODO this code is duplicated from the client app; fix that\n      this._ensurePersistentTokenStore(options?.tokenStore);\n      const session = await this._getSession(options?.tokenStore);\n      let crud = Result.orThrow(await this._currentServerUserCache.getOrWait([session], \"write-only\"));\n      const includeAnonymous = options?.or === \"anonymous\" || options?.or === \"anonymous-if-exists[deprecated]\";\n      const includeRestricted = options?.includeRestricted === true || includeAnonymous;\n\n      if (crud === null || (crud.is_anonymous && !includeAnonymous) || (crud.is_restricted && !includeRestricted)) {\n        switch (options?.or) {\n          case 'redirect': {\n            if (!crud?.is_anonymous && crud?.is_restricted) {\n              await this.redirectToOnboarding({ replace: true });\n            } else {\n              await this.redirectToSignIn({ replace: true });\n            }\n            // TODO: see client-app-impl. We probably want to `await neverResolve()` here instead of returning null\n            break;\n          }\n          case 'throw': {\n            throw new Error(\"User is not signed in but getUser was called with { or: 'throw' }\");\n          }\n          case 'anonymous': {\n            const tokens = await this._signUpAnonymously();\n            return await this.getUser({ tokenStore: tokens, or: \"anonymous-if-exists[deprecated]\", includeRestricted: true }) ?? throwErr(\"Something went wrong while signing up anonymously\");\n          }\n          case undefined:\n          case \"anonymous-if-exists[deprecated]\":\n          case \"return-null\": {\n            return null;\n          }\n        }\n      }\n\n      return crud && this._currentUserFromCrud(crud, session);\n    }\n  }\n\n  async getServerUser(): Promise<ProjectCurrentServerUser<ProjectId> | null> {\n    console.warn(\"stackServerApp.getServerUser is deprecated; use stackServerApp.getUser instead\");\n    return await this.getUser();\n  }\n\n  async getServerUserById(userId: string): Promise<ServerUser | null> {\n    const crud = Result.orThrow(await this._serverUserCache.getOrWait([userId], \"write-only\"));\n    return crud && this._serverUserFromCrud(crud);\n  }\n\n  useUser(options: GetCurrentUserOptions<HasTokenStore> & { or: 'redirect' }): ProjectCurrentServerUser<ProjectId>;\n  useUser(options: GetCurrentUserOptions<HasTokenStore> & { or: 'throw' }): ProjectCurrentServerUser<ProjectId>;\n  useUser(options: GetCurrentUserOptions<HasTokenStore> & { or: 'anonymous' }): ProjectCurrentServerUser<ProjectId>;\n  useUser(options?: GetCurrentUserOptions<HasTokenStore>): ProjectCurrentServerUser<ProjectId> | null;\n  useUser(id: string): ServerUser | null;\n  useUser(options: { apiKey: string }): ServerUser | null;\n  useUser(options: { from: \"convex\", ctx: ConvexCtx, or?: \"return-null\" | \"anonymous\" }): ServerUser | null;\n  useUser(options?: GetCurrentUserOptions<HasTokenStore> | string | { apiKey: string } | { from: \"convex\", ctx: ConvexCtx }): ProjectCurrentServerUser<ProjectId> | ServerUser | null {\n    if (typeof options === \"string\") {\n      return this.useUserById(options);\n    } else if (typeof options === \"object\" && \"apiKey\" in options) {\n      return this._useUserByApiKey(options.apiKey);\n    } else if (typeof options === \"object\" && \"from\" in options && options.from as string === \"convex\") {\n      return this._useUserByConvex(options.ctx, \"or\" in options && options.or === \"anonymous\");\n    } else {\n      options = options as GetCurrentUserOptions<HasTokenStore> | undefined;\n      // TODO this code is duplicated from the client app; fix that\n\n      // Validate that includeRestricted: false and or: 'anonymous' are mutually exclusive\n      if (options?.or === 'anonymous' && options.includeRestricted === false) {\n        throw new Error(\"Cannot use { or: 'anonymous' } with { includeRestricted: false }. Anonymous users implicitly include restricted users.\");\n      }\n\n      this._ensurePersistentTokenStore(options?.tokenStore);\n\n      const session = this._useSession(options?.tokenStore);\n      let crud = useAsyncCache(this._currentServerUserCache, [session] as const, \"serverApp.useUser()\");\n      const includeAnonymous = options?.or === \"anonymous\" || options?.or === \"anonymous-if-exists[deprecated]\";\n      const includeRestricted = options?.includeRestricted === true || includeAnonymous;\n\n      if (crud === null) {\n        switch (options?.or) {\n          case 'redirect': {\n            runAsynchronously(this.redirectToSignIn({ replace: true }));\n            suspend();\n            throw new StackAssertionError(\"suspend should never return\");\n          }\n          case 'throw': {\n            throw new Error(\"User is not signed in but useUser was called with { or: 'throw' }\");\n          }\n          case 'anonymous': {\n            // TODO we should think about the behavior when calling useUser (or getUser) in anonymous with a custom token store. signUpAnonymously always sets the current token store on app level, instead of the one passed to this function\n            // TODO we shouldn't reload & suspend here, instead we should use a promise that resolves to the new anonymous user\n            runAsynchronously(async () => {\n              await this._signUpAnonymously();\n              if (typeof window !== \"undefined\") {\n                window.location.reload();\n              }\n            });\n            suspend();\n            throw new StackAssertionError(\"suspend should never return\");\n          }\n          case undefined:\n          case \"anonymous-if-exists[deprecated]\":\n          case \"return-null\": {\n            // do nothing\n          }\n        }\n      }\n\n      return useMemo(() => {\n        return crud && this._currentUserFromCrud(crud, session);\n      }, [crud, session, options?.or]);\n    }\n  }\n  useUserById(userId: string): ServerUser | null {\n    const crud = useAsyncCache(this._serverUserCache, [userId], \"serverApp.useUserById()\");\n    return useMemo(() => {\n      return crud && this._serverUserFromCrud(crud);\n    }, [crud]);\n  }\n\n  async listUsers(options?: ServerListUsersOptions): Promise<ServerUser[] & { nextCursor: string | null }> {\n    const crud = Result.orThrow(await this._serverUsersCache.getOrWait([options?.cursor, options?.limit, options?.orderBy, options?.desc, options?.query, options?.includeRestricted, options?.includeAnonymous, options?.onlyAnonymous, options?.teamId], \"write-only\"));\n    const result: any = crud.items.map((j) => this._serverUserFromCrud(j));\n    result.nextCursor = crud.pagination?.next_cursor ?? null;\n    return result as any;\n  }\n\n  useUsers(options?: ServerListUsersOptions): ServerUser[] & { nextCursor: string | null } {\n    const crud = useAsyncCache(this._serverUsersCache, [options?.cursor, options?.limit, options?.orderBy, options?.desc, options?.query, options?.includeRestricted, options?.includeAnonymous, options?.onlyAnonymous, options?.teamId] as const, \"serverApp.useUsers()\");\n    const result: any = crud.items.map((j) => this._serverUserFromCrud(j));\n    result.nextCursor = crud.pagination?.next_cursor ?? null;\n    return result as any;\n  }\n\n  _serverPermissionFromCrud(crud: TeamPermissionsCrud['Server']['Read'] | ProjectPermissionsCrud['Server']['Read']): AdminTeamPermission {\n    return {\n      id: crud.id,\n    };\n  }\n\n  _serverTeamPermissionDefinitionFromCrud(crud: TeamPermissionDefinitionsCrud['Admin']['Read']): AdminTeamPermissionDefinition {\n    return {\n      id: crud.id,\n      description: crud.description,\n      containedPermissionIds: crud.contained_permission_ids,\n    };\n  }\n\n  _serverProjectPermissionDefinitionFromCrud(crud: ProjectPermissionDefinitionsCrud['Admin']['Read']): AdminProjectPermissionDefinition {\n    return {\n      id: crud.id,\n      description: crud.description,\n      containedPermissionIds: crud.contained_permission_ids,\n    };\n  }\n\n  async getItem(options: { itemId: string, userId: string } | { itemId: string, teamId: string } | { itemId: string, customCustomerId: string }): Promise<ServerItem> {\n    if (\"userId\" in options) {\n      const result = Result.orThrow(await this._serverUserItemsCache.getOrWait([options.userId, options.itemId], \"write-only\"));\n      return this._serverItemFromCrud({ type: \"user\", id: options.userId }, result);\n    } else if (\"teamId\" in options) {\n      const result = Result.orThrow(await this._serverTeamItemsCache.getOrWait([options.teamId, options.itemId], \"write-only\"));\n      return this._serverItemFromCrud({ type: \"team\", id: options.teamId }, result);\n    } else {\n      const result = Result.orThrow(await this._serverCustomItemsCache.getOrWait([options.customCustomerId, options.itemId], \"write-only\"));\n      return this._serverItemFromCrud({ type: \"custom\", id: options.customCustomerId }, result);\n    }\n  }\n\n  async listProducts(options: CustomerProductsRequestOptions): Promise<CustomerProductsList> {\n    if (\"userId\" in options) {\n      const response = Result.orThrow(await this._serverUserProductsCache.getOrWait([options.userId, options.cursor ?? null, options.limit ?? null], \"write-only\"));\n      return this._customerProductsFromResponse(response);\n    } else if (\"teamId\" in options) {\n      const response = Result.orThrow(await this._serverTeamProductsCache.getOrWait([options.teamId, options.cursor ?? null, options.limit ?? null], \"write-only\"));\n      return this._customerProductsFromResponse(response);\n    }\n    const response = Result.orThrow(await this._serverCustomProductsCache.getOrWait([options.customCustomerId, options.cursor ?? null, options.limit ?? null], \"write-only\"));\n    return this._customerProductsFromResponse(response);\n  }\n\n  useItem(options: { itemId: string, userId: string } | { itemId: string, teamId: string } | { itemId: string, customCustomerId: string }): ServerItem {\n    let type: \"user\" | \"team\" | \"custom\";\n    let id: string;\n    let cache: AsyncCache<[string, string], Result<ItemCrud['Client']['Read']>>;\n    if (\"userId\" in options) {\n      type = \"user\";\n      id = options.userId;\n      cache = this._serverUserItemsCache;\n    } else if (\"teamId\" in options) {\n      type = \"team\";\n      id = options.teamId;\n      cache = this._serverTeamItemsCache;\n    } else {\n      type = \"custom\";\n      id = options.customCustomerId;\n      cache = this._serverCustomItemsCache;\n    }\n\n    const cacheKey = [id, options.itemId] as [string, string];\n    const debugLabel = \"serverApp.useItem()\";\n    const result = useAsyncCache(cache, cacheKey, debugLabel);\n    return useMemo(() => this._serverItemFromCrud({ type, id }, result), [result]);\n  }\n  async grantProduct(options: (\n    ({ userId: string } | { teamId: string } | { customCustomerId: string }) &\n    ({ productId: string } | { product: InlineProduct }) &\n    { quantity?: number }\n  )): Promise<void> {\n    let customerType: \"user\" | \"team\" | \"custom\";\n    let customerId: string;\n    if (\"userId\" in options) {\n      customerType = \"user\";\n      customerId = options.userId;\n    } else if (\"teamId\" in options) {\n      customerType = \"team\";\n      customerId = options.teamId;\n    } else {\n      customerType = \"custom\";\n      customerId = options.customCustomerId;\n    }\n\n    await this._interface.grantProduct({\n      customerType,\n      customerId,\n      productId: \"productId\" in options ? options.productId : undefined,\n      product: \"product\" in options ? options.product : undefined,\n      quantity: options.quantity,\n    });\n\n    const cache = customerType === \"user\"\n      ? this._serverUserProductsCache\n      : customerType === \"team\"\n        ? this._serverTeamProductsCache\n        : this._serverCustomProductsCache;\n    await cache.refresh([customerId, null, null]);\n  }\n\n  async createTeam(data: ServerTeamCreateOptions): Promise<ServerTeam> {\n    const team = await this._interface.createServerTeam(serverTeamCreateOptionsToCrud(data));\n    await this._serverTeamsCache.refreshWhere(() => true);\n    return this._serverTeamFromCrud(team);\n  }\n\n  async listTeams(options?: ServerListTeamsOptions): Promise<ServerTeam[] & { nextCursor: string | null }> {\n    const crud = Result.orThrow(await this._serverTeamsCache.getOrWait([undefined, options?.orderBy, options?.desc, options?.cursor, options?.limit, options?.query] as const, \"write-only\"));\n    const teams: any = crud.items.map((t) => this._serverTeamFromCrud(t));\n    teams.nextCursor = crud.pagination?.next_cursor ?? null;\n    return teams as any;\n  }\n\n  useTeams(options?: ServerListTeamsOptions): ServerTeam[] & { nextCursor: string | null } {\n    const crud = useAsyncCache(this._serverTeamsCache, [undefined, options?.orderBy, options?.desc, options?.cursor, options?.limit, options?.query] as const, \"serverApp.useTeams()\");\n    return useMemo(() => {\n      const teams: any = crud.items.map((t) => this._serverTeamFromCrud(t));\n      teams.nextCursor = crud.pagination?.next_cursor ?? null;\n      return teams as any;\n    }, [crud]);\n  }\n\n  async listTeamMemberPermissions(teamId: string, options?: { recursive?: boolean }): Promise<{ userId: string, permissionId: string }[]> {\n    const recursive = options?.recursive ?? false;\n    const rows = Result.orThrow(await this._serverAllTeamMemberPermissionsCache.getOrWait([teamId, recursive] as const, \"write-only\"));\n    return rows.map((r) => ({ userId: r.user_id, permissionId: r.id }));\n  }\n\n  useTeamMemberPermissions(teamId: string, options?: { recursive?: boolean }): { userId: string, permissionId: string }[] {\n    const recursive = options?.recursive ?? false;\n    const rows = useAsyncCache(this._serverAllTeamMemberPermissionsCache, [teamId, recursive] as const, \"serverApp.useTeamMemberPermissions()\");\n    return useMemo(() => rows.map((r) => ({ userId: r.user_id, permissionId: r.id })), [rows]);\n  }\n\n  async getTeam(options: { apiKey: string }): Promise<ServerTeam | null>;\n  async getTeam(teamId: string): Promise<ServerTeam | null>;\n  async getTeam(options?: { apiKey: string } | string): Promise<ServerTeam | null> {\n    if (typeof options === \"object\" && \"apiKey\" in options) {\n      return await this._getTeamByApiKey(options.apiKey);\n    } else {\n      const teamId = options;\n      const teams = await this.listTeams();\n      return teams.find((t) => t.id === teamId) ?? null;\n    }\n  }\n\n  useTeam(options: { apiKey: string }): ServerTeam | null;\n  useTeam(teamId: string): ServerTeam | null;\n  useTeam(options?: { apiKey: string } | string): ServerTeam | null {\n    if (typeof options === \"object\" && \"apiKey\" in options) {\n      return this._useTeamByApiKey(options.apiKey);\n    } else {\n      const teamId = options;\n      const teams = this.useTeams();\n      return useMemo(() => {\n        return teams.find((t) => t.id === teamId) ?? null;\n      }, [teams, teamId]);\n    }\n  }\n\n  protected _createServerDataVaultStore(id: string): DataVaultStore {\n    const validateOptions = (options: { secret: string }) => {\n      if (typeof options.secret !== \"string\") throw new Error(\"secret must be a string, got \" + typeof options.secret);\n    };\n    return {\n      id,\n      setValue: async (key, value, options) => {\n        validateOptions(options);\n        await this._interface.setDataVaultStoreValue(options.secret, id, key, value);\n      },\n      getValue: async (key, options) => {\n        validateOptions(options);\n        return Result.orThrow(await this._serverDataVaultStoreValueCache.getOrWait([id, key, options.secret], \"write-only\"));\n      },\n      useValue: (key, options) => {\n        validateOptions(options);\n        return useAsyncCache(this._serverDataVaultStoreValueCache, [id, key, options.secret] as const, \"store.useValue()\");\n      },\n    };\n  }\n\n  async getDataVaultStore(id: string): Promise<DataVaultStore> {\n    return this._createServerDataVaultStore(id);\n  }\n\n  useDataVaultStore(id: string): DataVaultStore {\n    return useMemo(() => this._createServerDataVaultStore(id), [id]);\n  }\n\n  async sendEmail(options: SendEmailOptions): Promise<void> {\n    await this._interface.sendEmail(options);\n    await this._emailDeliveryInfoCache.refresh([]);\n  }\n\n  async getEmailDeliveryStats(): Promise<EmailDeliveryInfo> {\n    return Result.orThrow(await this._emailDeliveryInfoCache.getOrWait([], \"write-only\"));\n  }\n\n  useEmailDeliveryStats(): EmailDeliveryInfo {\n    return useAsyncCache(this._emailDeliveryInfoCache, [], \"stackServerApp.useEmailDeliveryStats()\");\n  }\n\n  async activateEmailCapacityBoost(): Promise<void> {\n    await this._interface.activateEmailCapacityBoost();\n    // Refresh the cache so UI updates immediately\n    await this._emailDeliveryInfoCache.refresh([]);\n  }\n\n  protected override async _refreshSession(session: InternalSession) {\n    await Promise.all([\n      super._refreshUser(session),\n      this._currentServerUserCache.refresh([session]),\n    ]);\n  }\n\n  protected override async _refreshUsers() {\n    await Promise.all([\n      super._refreshUsers(),\n      this._serverUserCache.refreshWhere(() => true),\n      this._serverUsersCache.refreshWhere(() => true),\n      this._serverContactChannelsCache.refreshWhere(() => true),\n      this._serverOAuthProvidersCache.refreshWhere(() => true),\n      this._serverUserConnectedAccountsCache.refreshWhere(() => true),\n    ]);\n  }\n\n  async createOAuthProvider(options: {\n    userId: string,\n    providerConfigId: string,\n    accountId: string,\n    email: string,\n    allowSignIn: boolean,\n    allowConnectedAccounts: boolean,\n  }): Promise<Result<ServerOAuthProvider, InstanceType<typeof KnownErrors.OAuthProviderAccountIdAlreadyUsedForSignIn>>> {\n    try {\n      const crud = await this._interface.createServerOAuthProvider({\n        user_id: options.userId,\n        provider_config_id: options.providerConfigId,\n        account_id: options.accountId,\n        email: options.email,\n        allow_sign_in: options.allowSignIn,\n        allow_connected_accounts: options.allowConnectedAccounts,\n      });\n\n      await Promise.all([\n        this._serverOAuthProvidersCache.refresh([options.userId]),\n        this._serverUserConnectedAccountsCache.refresh([options.userId]),\n      ]);\n      return Result.ok(this._serverOAuthProviderFromCrud(crud));\n    } catch (error) {\n      if (KnownErrors.OAuthProviderAccountIdAlreadyUsedForSignIn.isInstance(error)) {\n        return Result.error(error);\n      }\n      throw error;\n    }\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;AA6CA,IAAa,gCAAb,cAA4G,8BAAwD;CA6ClK,MAAgB,uBAAuB,QAAgB,QAAgB;AACrE,QAAM,QAAQ,IAAI;GAChB,KAAK,+BAA+B,QAAQ,CAAC,OAAO,CAAC;GACrD,KAAK,kBAAkB,cAAc,CAAC,OAAO,MAAM,UAAU,MAAM,OAAU;GAC7E,KAAK,kBAAkB,cAAc,QAAQ,IAAI,OAAO,OAAO;GAChE,CAAC;;CAuMJ,AAAU,sBAAsB,gBAAwB,MAAmD;EACzG,MAAM,MAAM;EACZ,MAAM,gBAAgB,SAAS,SAAS,IAAI,2BAA2B,IAAI;EAC3E,MAAM,kBAAkB,SAAS,SAAS,EAAE,QAAQ,gBAAgB,GAAG,EAAE,QAAQ,gBAAgB;AACjG,SAAO;GACL,GAAG,KAAK,gBAAgB,gBAAgB,MAAM,KAAK;GACnD,MAAM,QAAQ,QAAgB;AAC5B,WAAO,MAAM,IAAI,QAAQ;KAAE;KAAQ,GAAG;KAAiB,CAAC;;GAE1D,QAAQ,QAAgB;AACtB,WAAO,IAAI,QAAQ;KAAE;KAAQ,GAAG;KAAiB,CAAC;;GAEpD,MAAM,aAAa,gBAA0G;AAC3H,QAAI,SAAS,OACX,KAAI,eAAe,eACjB,OAAM,IAAI,aAAa;KAAE,QAAQ;KAAgB,WAAW,eAAe;KAAW,UAAU,eAAe;KAAU,CAAC;QAE1H,OAAM,IAAI,aAAa;KAAE,QAAQ;KAAgB,SAAS,eAAe;KAAS,UAAU,eAAe;KAAU,CAAC;aAGpH,eAAe,eACjB,OAAM,IAAI,aAAa;KAAE,QAAQ;KAAgB,WAAW,eAAe;KAAW,UAAU,eAAe;KAAU,CAAC;QAE1H,OAAM,IAAI,aAAa;KAAE,QAAQ;KAAgB,SAAS,eAAe;KAAS,UAAU,eAAe;KAAU,CAAC;AAG1H,UAAM,cAAc,QAAQ;KAAC;KAAgB;KAAM;KAAK,CAAC;;GAE3D,MAAM,kBAAkB,SAAqG;IAC3H,MAAM,oBAAoB,eAAe,UAAU,QAAQ,YAAY,QAAQ;AAC/E,WAAO,MAAM,IAAI,WAAW,kBAAkB,MAAM,gBAAgB,mBAAmB,MAAM,QAAQ,WAAW,SAAS;;GAE5H;;CAGH,MAAc,kBAAkB,QAAgB,QAAuE;EACrH,MAAM,SAAS,MAAM,KAAK,WAAW,iBAAiB,QAAQ,8BAA8B,OAAO,CAAC;AACpG,QAAM,KAAK,eAAe;AAC1B,SAAO;;CAGT,AAAU,mCAAmC,MAA2E;EACtH,MAAM,MAAM;AACZ,SAAO;GACL,aAAa,KAAK;GAClB,iBAAiB,KAAK;GACtB,MAAM,OAAO,QAA4D;AACvE,UAAM,IAAI,WAAW,8BAA8B;KACjD,QAAQ,KAAK;KACb,QAAQ,KAAK;KACb,SAAS;MACP,cAAc,OAAO;MACrB,mBAAmB,OAAO;MAC3B;KACF,CAAC;AACF,UAAM,IAAI,4BAA4B,QAAQ,CAAC,KAAK,SAAS,KAAK,QAAQ,CAAC;;GAE9E;;CAGH,AAAU,8BAA8B,QAAgB,MAAmE;EACzH,MAAM,MAAM;AACZ,SAAO;GACL,IAAI,KAAK;GACT,OAAO,KAAK;GACZ,MAAM,KAAK;GACX,YAAY,KAAK;GACjB,WAAW,KAAK;GAChB,aAAa,KAAK;GAClB,MAAM,sBAAsB,SAAoC;AAC9D,UAAM,IAAI,WAAW,0CAA0C,QAAQ,KAAK,IAAI,SAAS,eAAe,qBAAqB,IAAI,KAAK,mBAAmB,cAAc,CAAC;;GAE1K,MAAM,OAAO,MAAyC;AACpD,UAAM,IAAI,WAAW,2BAA2B,QAAQ,KAAK,IAAI,wCAAwC,KAAK,CAAC;AAC/G,UAAM,QAAQ,IAAI,CAChB,IAAI,4BAA4B,QAAQ,CAAC,OAAO,CAAC,EACjD,IAAI,iBAAiB,QAAQ,CAAC,OAAO,CAAC,CACvC,CAAC;;GAEJ,MAAM,SAAS;AACb,UAAM,IAAI,WAAW,2BAA2B,QAAQ,KAAK,GAAG;AAChE,UAAM,QAAQ,IAAI,CAChB,IAAI,4BAA4B,QAAQ,CAAC,OAAO,CAAC,EACjD,IAAI,iBAAiB,QAAQ,CAAC,OAAO,CAAC,CACvC,CAAC;;GAEL;;CAGH,AAAU,oCAAoC,QAAgB,MAA0E;EACtI,MAAM,MAAM;AACZ,SAAO;GACL,IAAI,KAAK;GACT,MAAM,KAAK;GACX,SAAS,KAAK;GACd,YAAY,KAAK;GAEjB,MAAM,WAAW,SAAkB;AACjC,UAAM,IAAI,WAAW,8BAA8B,QAAQ,KAAK,0BAA0B,QAAQ;AAClG,UAAM,IAAI,mCAAmC,QAAQ,CAAC,OAAO,CAAC;;GAEjE;;CAGH,AAAU,6BAA6B,MAA2C;EAChF,MAAM,MAAM;AACZ,SAAO;GACL,IAAI,KAAK;GACT,MAAM,KAAK;GACX,QAAQ,KAAK;GACb,WAAW,KAAK;GAChB,OAAO,KAAK;GACZ,aAAa,KAAK;GAClB,wBAAwB,KAAK;GAE7B,MAAM,OAAO,MAEV;AACD,QAAI;AACF,WAAM,IAAI,WAAW,0BAA0B,KAAK,SAAS,KAAK,IAAI;MACpE,YAAY,KAAK;MACjB,OAAO,KAAK;MACZ,eAAe,KAAK;MACpB,0BAA0B,KAAK;MAChC,CAAC;AACF,WAAM,QAAQ,IAAI,CAChB,IAAI,2BAA2B,QAAQ,CAAC,KAAK,QAAQ,CAAC,EACtD,IAAI,kCAAkC,QAAQ,CAAC,KAAK,QAAQ,CAAC,CAC9D,CAAC;AACF,YAAO,OAAO,GAAG,OAAU;aACpB,OAAO;AACd,SAAI,YAAY,2CAA2C,WAAW,MAAM,CAC1E,QAAO,OAAO,MAAM,MAAM;AAE5B,WAAM;;;GAIV,MAAM,SAAS;AACb,UAAM,IAAI,WAAW,0BAA0B,KAAK,SAAS,KAAK,GAAG;AACrE,UAAM,QAAQ,IAAI,CAChB,IAAI,2BAA2B,QAAQ,CAAC,KAAK,QAAQ,CAAC,EACtD,IAAI,kCAAkC,QAAQ,CAAC,KAAK,QAAQ,CAAC,CAC9D,CAAC;;GAEL;;CAGH,YAAY,SAAqE,cAAsG;EACrL,MAAM,kBAAkB,0BAA0B,QAAQ;EAE1D,MAAM,uBAAuB,gBAAgB,wBAAwB,gCAAgC;AAErG,QAAM,iBAAiB;GACrB,GAAG;GACH,WAAW,cAAc,oBAAoB;IAC3C,MAAM,UAAU,eAAe,gBAAgB,QAAQ;AACvD,WAAO,IAAI,qBAAqB;KAC9B,kBAAkB,SAAS,CAAC;KAC5B,YAAY;KACZ,WAAW,gBAAgB,aAAa,qBAAqB;KAC7D,qBAAqB,gBAAgB,uBAAuB,+BAA+B;KAC3F;KACA,GAAI,wBAAwB,OAAO,EAAE,sBAAsB,GAAG,EAAE;KAChE,iBAAiB,gBAAgB,mBAAmB,2BAA2B;KAChF,CAAC;OACA;GACL,CAAC;iCA5ZuC,qBAAqB,OAAO,YAAY;AACjF,OAAI,QAAQ,oBAAoB,CAE9B,QAAO;AAET,UAAO,MAAM,KAAK,WAAW,qBAAqB,QAAQ;IAC1D;2BACmC,YAUL,OAAO,CAAC,QAAQ,OAAO,SAAS,MAAM,OAAO,mBAAmB,kBAAkB,eAAe,YAAY;AAC3I,OAAI,iBAAiB,CAAC,iBACpB,OAAM,IAAI,oBAAoB,oDAAoD;AAEpF,OAAI,cACF,QAAO,MAAM,KAAK,WAAW,gBAAgB;IAAE;IAAQ;IAAO;IAAS;IAAM;IAAO;IAAmB,kBAAkB;IAAM,eAAe;IAAM;IAAQ,CAAC;AAE/J,UAAO,MAAM,KAAK,WAAW,gBAAgB;IAAE;IAAQ;IAAO;IAAS;IAAM;IAAO;IAAmB;IAAkB;IAAQ,CAAC;IAClI;0BACkC,YAA0D,OAAO,CAAC,YAAY;GAChH,MAAM,OAAO,MAAM,KAAK,WAAW,kBAAkB,OAAO;AAC5D,UAAO,OAAO,GAAG,MAAM,KAAK;IAC5B;2BACmC,YAOL,OAAO,CAAC,QAAQ,SAAS,MAAM,QAAQ,OAAO,WAAW;AACvF,UAAO,MAAM,KAAK,WAAW,yBAAyB;IAAE;IAAQ;IAAS;IAAM;IAAQ;IAAO;IAAO,CAAC;IACtG;yCASiD,YAA8D,OAAO,CAAC,YAAY;AACnI,UAAO,MAAM,KAAK,WAAW,8BAA8B,OAAO;IAClE;yCACiD,YAGjD,OAAO,CAAC,QAAQ,QAAQ,eAAe;AACvC,UAAO,MAAM,KAAK,WAAW,0BAA0B;IAAE;IAAQ;IAAQ;IAAW,EAAE,KAAK;IAC3F;8CAKsD,YAGtD,OAAO,CAAC,QAAQ,eAAe;AAC/B,UAAO,MAAM,KAAK,WAAW,0BAA0B;IAAE;IAAQ;IAAW,EAAE,KAAK;IACnF;4CACoD,YAGpD,OAAO,CAAC,QAAQ,eAAe;AAC/B,UAAO,MAAM,KAAK,WAAW,6BAA6B;IAAE;IAAQ;IAAW,EAAE,KAAK;IACtF;qDAE6D,YAC7D,OAAO,CAAC,QAAQ,YAAY,WAAW;AACrC,OAAI;AAEF,WAAO,EAAE,cADM,MAAM,KAAK,WAAW,gCAAgC,QAAQ,YAAY,SAAS,GAAG,EACxE,cAAc;YACpC,KAAK;AACZ,QAAI,EAAE,YAAY,wCAAwC,WAAW,IAAI,IAAI,YAAY,kCAAkC,WAAW,IAAI,EACxI,OAAM;;AAGV,UAAO;IAEV;yCAEkD,YACjD,OAAO,CAAC,QAAQ,YAAY,OAAO,cAAc;AAC/C,UAAO,MAAM,KAAK,+BAA+B;IAC/C,SAAS,YAAY,OAAO,QAAQ,MAAM,KAAK,iBAAiB,UAAU,CAAC,OAAO,EAAE,aAAa,CAAC;IAClG,qBAAqB,YAAY,OAAO,QAAQ,MAAM,KAAK,4CAA4C,UAAU;KAAC;KAAQ;KAAY,SAAS;KAAG,EAAW,aAAa,CAAC;IAC3K,qBAAqB,cAAc,KAAK,6CAA6C;KAAC;KAAQ;KAAY,SAAS;KAAG,EAAW,6BAA6B;IAC9J;IACA;IACA;IACA,SAAS;IACV,CAAC;IAEL;2CACoD,YACnD,OAAO,CAAC,YAAY;AAElB,WADe,MAAM,KAAK,WAAW,4BAA4B,OAAO,EAC1D,MAAM,KAAK,SAAS,KAAK,yCAAyC,QAAQ,KAAK,CAAC;IAEjG;8DACuE,YACtE,OAAO,CAAC,QAAQ,YAAY,mBAAmB,WAAW;AACxD,OAAI;AAEF,WAAO,EAAE,cADM,MAAM,KAAK,WAAW,yCAAyC,QAAQ,YAAY,mBAAmB,SAAS,GAAG,EACpG,cAAc;YACpC,KAAK;AACZ,QAAI,EAAE,YAAY,wCAAwC,WAAW,IAAI,IAAI,YAAY,kCAAkC,WAAW,IAAI,EACxI,OAAM;;AAGV,UAAO;IAEV;wCACiD,YAChD,OAAO,CAAC,YAAY;AAClB,UAAO,MAAM,KAAK,WAAW,6BAA6B,EAAE,QAAQ,CAAC;IAExE;qCAC8C,YAC7C,OAAO,CAAC,YAAY;AAClB,UAAO,MAAM,KAAK,WAAW,0BAA0B,EAAE,QAAQ,CAAC;IAErE;qCAC8C,YAC7C,OAAO,CAAC,QAAQ,YAAY;AAC1B,UAAO,MAAM,KAAK,WAAW,2BAA2B;IAAE;IAAQ;IAAQ,CAAC;IAE9E;qCAC8C,YAC7C,OAAO,CAAC,YAAY;AAClB,UAAO,MAAM,KAAK,WAAW,0BAA0B,OAAO;IAEjE;4CACqD,YACpD,OAAO,CAAC,YAAY;AAClB,UAAO,MAAM,KAAK,WAAW,iCAAiC,OAAO;IAExE;yCACkD,YAAqD,OAAO,CAAC,SAAS,KAAK,YAAY;AACxI,UAAO,MAAM,KAAK,WAAW,uBAAuB,QAAQ,SAAS,IAAI;IACzE;iCAEyC,YAAY,YAAY;AACjE,UAAO,MAAM,KAAK,WAAW,sBAAsB;IACnD;iCAEyC,YACzC,OAAO,CAAC,YAAY;AAIlB,UAHe,MAAM,KAAK,WAAW,mBAAmB,EACtD,SAAS,QACV,EAAE,MAAM,SAAS;IAGrB;iCAE0C,YACzC,OAAO,CAAC,YAAY;AAIlB,UAHe,MAAM,KAAK,WAAW,mBAAmB,EACtD,SAAS,QACV,EAAE,MAAM,SAAS;IAGrB;qCAE8C,YAC7C,OAAO,CAAC,SAAS;GACf,MAAM,WAAW,MAAM,IAAI,KAAK,iBAAiB;AACjD,UAAO,WAAW,SAAS,UAAU;IAExC;iCAE0C,YAAqH,OAAO,CAAC,MAAM,YAAY;AAOxL,UANe,MAAM,KAAK,WAAW,mBACnC,MACA,QACA,MACA,SACD;IAED;oCAE4C,YAC5C,OAAO,CAAC,YAAY;AAClB,UAAO,MAAM,KAAK,WAAW,yBAAyB,EAAE,SAAS,QAAQ,CAAC;IAE7E;+BAEwC,YACvC,OAAO,CAAC,QAAQ,YAAY;AAC1B,UAAO,MAAM,KAAK,WAAW,QAAQ;IAAE;IAAQ;IAAQ,EAAE,MAAM,SAAS;IAE3E;+BAEwC,YACvC,OAAO,CAAC,QAAQ,YAAY;AAC1B,UAAO,MAAM,KAAK,WAAW,QAAQ;IAAE;IAAQ;IAAQ,EAAE,MAAM,SAAS;IAE3E;iCAE0C,YACzC,OAAO,CAAC,kBAAkB,YAAY;AACpC,UAAO,MAAM,KAAK,WAAW,QAAQ;IAAE;IAAkB;IAAQ,EAAE,MAAM,SAAS;IAErF;kCAE2C,YAC1C,OAAO,CAAC,QAAQ,QAAQ,WAAW;AACjC,UAAO,MAAM,KAAK,WAAW,aAAa;IACxC,eAAe;IACf,aAAa;IACb,QAAQ,UAAU;IAClB,OAAO,SAAS;IACjB,EAAE,MAAM,SAAS;IAErB;kCAE2C,YAC1C,OAAO,CAAC,QAAQ,QAAQ,WAAW;AACjC,UAAO,MAAM,KAAK,WAAW,aAAa;IACxC,eAAe;IACf,aAAa;IACb,QAAQ,UAAU;IAClB,OAAO,SAAS;IACjB,EAAE,MAAM,SAAS;IAErB;oCAE6C,YAC5C,OAAO,CAAC,kBAAkB,QAAQ,WAAW;AAC3C,UAAO,MAAM,KAAK,WAAW,aAAa;IACxC,eAAe;IACf,aAAa;IACb,QAAQ,UAAU;IAClB,OAAO,SAAS;IACjB,EAAE,MAAM,SAAS;IAErB;;CAiLD,AAAU,sBAAsB,MAA2N;AACzP,SAAO;GACL,GAAG,KAAK,oBAAoB,KAAK;GACjC,MAAM,SAAS;AACb,UAAM,KAAK,OAAO,EAAE,SAAS,MAAM,CAAC;;GAEtC,QAAQ,OAAO,YAAiC;AAC9C,UAAM,KAAK,WAAW,oBACpB,KAAK,SAAS,SAAS,EAAE,SAAS,KAAK,SAAS,GAAG,EAAE,SAAS,KAAK,SAAS,EAC5E,KAAK,IACL,MAAM,0BAA0B,KAAK,MAAM,QAAQ,EACnD,MACA,SAAS;AACX,QAAI,KAAK,SAAS,OAChB,OAAM,KAAK,wBAAwB,QAAQ,CAAC,KAAK,QAAQ,CAAC;QAE1D,OAAM,KAAK,wBAAwB,QAAQ,CAAC,KAAK,QAAQ,CAAC;;GAG/D;;CAGH,AAAU,yCACR,QACA,MACiB;EACjB,MAAM,MAAM;EACZ,MAAM,aAAa,KAAK;EACxB,MAAM,oBAAoB,KAAK;AAC/B,SAAO;GACL,IAAI;GACJ,UAAU;GACV;GACA,MAAM,eAAe,SAAiC;IACpD,MAAM,cAAc,SAAS,QAAQ,KAAK,IAAI,IAAI;IAClD,MAAM,SAAS,OAAO,QAAQ,MAAM,IAAI,qDAAqD,UAAU;KAAC;KAAQ;KAAY;KAAmB;KAAY,EAAE,aAAa,CAAC;AAC3K,QAAI,CAAC,QAAQ;KACX,MAAM,cAAc,cAAc,yBAAyB,YAAY,8CAA8C;AACrH,YAAO,OAAO,MAAM,IAAI,YAAY,6BAA6B,YAAY,GAAG,YAAY,6GAA6G,CAAC;;AAE5M,WAAO,OAAO,GAAG,OAAO;;GAE1B,eAAe,SAAiC;IAC9C,MAAM,cAAc,SAAS,QAAQ,KAAK,IAAI,IAAI;IAClD,MAAM,SAAS,cAAc,IAAI,sDAAsD;KAAC;KAAQ;KAAY;KAAmB;KAAY,EAAW,8BAA8B;AACpL,QAAI,CAAC,QAAQ;KACX,MAAM,cAAc,cAAc,yBAAyB,YAAY,8CAA8C;AACrH,YAAO,OAAO,MAAM,IAAI,YAAY,6BAA6B,YAAY,GAAG,YAAY,6GAA6G,CAAC;;AAE5M,WAAO,OAAO,GAAG,OAAO;;GAE3B;;CAGH,AAAU,oBAAoB,MAA+C;EAC3E,MAAM,MAAM;EAMZ,eAAe,oBACb,aACA,SAC6D;GAC7D,MAAM,cAAc,SAAS,QAAQ,KAAK,IAAI,IAAI;AAGlD,OAAI,OAAO,gBAAgB,YAAY,cAAc,eAAe,uBAAuB,aAAa;IACtG,MAAM,EAAE,UAAU,sBAAsB;IAGxC,MAAM,QADoB,OAAO,QAAQ,MAAM,IAAI,kCAAkC,UAAU,CAAC,KAAK,GAAG,EAAE,aAAa,CAAC,CACxF,MAC9B,MAAK,EAAE,aAAa,YAAY,EAAE,sBAAsB,kBACzD;AACD,QAAI,CAAC,MACH,QAAO;AAET,WAAO;;AAIT,UAAO,OAAO,QAAQ,MAAM,IAAI,gCAAgC,UAAU;IAAC,KAAK;IAAI;IAAa;IAAa,SAAS,OAAO;IAAW,EAAE,aAAa,CAAC;;EAO3J,SAAS,oBACP,aACA,SACoD;GACpD,MAAM,cAAc,SAAS,QAAQ,KAAK,IAAI,IAAI;AAGlD,OAAI,OAAO,gBAAgB,YAAY,cAAc,eAAe,uBAAuB,aAAa;IACtG,MAAM,EAAE,UAAU,sBAAsB;AAUxC,WAR0B,cACxB,IAAI,mCACJ,CAAC,KAAK,GAAG,EACT,6BACD,CAC+B,MAC9B,MAAK,EAAE,aAAa,YAAY,EAAE,sBAAsB,kBACzD,IACe;;AAIlB,UAAO,cAAc,IAAI,iCAAiC;IAAC,KAAK;IAAI;IAAa;IAAa,SAAS,OAAO;IAAW,EAAW,6BAA6B;;EAKnK,MAAM,2BAA2B;AAiWjC,SA5VmB,yBAAyB;GAC1C,GAAG,MAAM,gBAAgB,KAAK;GAC9B,cAAc,IAAI,KAAK,KAAK,sBAAsB;GAClD,gBAAgB,KAAK;GACrB,mBAAmB,yBAAyB;GAC5C,yBAAyB,yBAAyB;GAClD,iCAAiC,yBAAyB;GAC1D,aAAa,KAAK;GAClB,YAAY,EACV,QAAQ;IACN,KAAK,KAAK,YAAY,QAAQ;IAC9B,gBAAgB,KAAK,YAAY,QAAQ;IAC1C,EACF;GACD,MAAM,gBAAgB,OAAsB,SAAkC;AAC5E,UAAM,IAAI,kBAAkB,KAAK,IAAI;KAAE,cAAc;KAAO,sBAAsB,SAAS;KAAU,CAAC;;GAExG,MAAM,gBAAgB,qBAAoC,cAAsC;AAC9F,QAAI,uBAAuB,OAAO,wBAAwB,YAAY,cAAc;KAClF,MAAM,QAAQ;AACd,WAAM,IAAI,WAAW,8BAA8B,MAAM,IAAI,KAAK,IAAI,aAAa;AAEnF,UAAK,MAAM,aAAa,CAAC,MAAM,MAAM,EAAE;AACrC,YAAM,IAAI,gCAAgC,QAAQ;OAAC,MAAM;OAAI,KAAK;OAAI;OAAU,CAAC;AACjF,YAAM,IAAI,qCAAqC,QAAQ,CAAC,MAAM,IAAI,UAAU,CAAC;;WAE1E;KACL,MAAM,MAAM;AACZ,WAAM,IAAI,WAAW,6BAA6B,KAAK,IAAI,IAAI;AAE/D,UAAK,MAAM,aAAa,CAAC,MAAM,MAAM,CACnC,OAAM,IAAI,mCAAmC,QAAQ,CAAC,KAAK,IAAI,UAAU,CAAC;;;GAIhF,MAAM,iBAAiB,qBAAoC,cAAsC;AAC/F,QAAI,uBAAuB,OAAO,wBAAwB,YAAY,cAAc;KAClF,MAAM,QAAQ;AACd,WAAM,IAAI,WAAW,+BAA+B,MAAM,IAAI,KAAK,IAAI,aAAa;AAEpF,UAAK,MAAM,aAAa,CAAC,MAAM,MAAM,EAAE;AACrC,YAAM,IAAI,gCAAgC,QAAQ;OAAC,MAAM;OAAI,KAAK;OAAI;OAAU,CAAC;AACjF,YAAM,IAAI,qCAAqC,QAAQ,CAAC,MAAM,IAAI,UAAU,CAAC;;WAE1E;KACL,MAAM,MAAM;AACZ,WAAM,IAAI,WAAW,8BAA8B,KAAK,IAAI,IAAI;AAEhE,UAAK,MAAM,aAAa,CAAC,MAAM,MAAM,CACnC,OAAM,IAAI,mCAAmC,QAAQ,CAAC,KAAK,IAAI,UAAU,CAAC;;;GAIhF,MAAM,SAAS;IACb,MAAM,MAAM,MAAM,IAAI,WAAW,iBAAiB,KAAK,GAAG;AAC1D,UAAM,IAAI,eAAe;AACzB,WAAO;;GAET,MAAM,cAAc,SAAkE;IAEpF,MAAM,SAAS,MAAM,IAAI,WAAW,wBAAwB,KAAK,IAAI,QAAQ,mBAAmB,MAAO,KAAK,KAAK,KAAK,KAAK,QAAQ,mBAAmB,MAAM;AAC5J,WAAO,EACL,MAAM,YAAY;AAChB,YAAO;OAEV;;GAGH,MAAM,oBAAoB;AAExB,YADiB,MAAM,IAAI,WAAW,mBAAmB,KAAK,GAAG,EACjD,MAAM,KAAK,YAAY,IAAI,uBAAuB,QAAQ,CAAC;;GAG7E,MAAM,cAAc,WAAmB;AACrC,UAAM,IAAI,WAAW,oBAAoB,UAAU;;GAErD,MAAM,eAAe,aAA4B;AAC/C,WAAO,MAAM,KAAK,OAAO,EAAE,aAAa,CAAC;;GAE3C,MAAM,kBAAkB,UAA+B;AACrD,WAAO,MAAM,KAAK,OAAO,EAAE,gBAAgB,UAAU,CAAC;;GAExD,MAAM,0BAA0B,UAA+B;AAC7D,WAAO,MAAM,KAAK,OAAO,EAAE,wBAAwB,UAAU,CAAC;;GAEhE,MAAM,kBAAkB,UAA+B;AACrD,WAAO,MAAM,KAAK,OAAO,EAAE,gBAAgB,UAAU,CAAC;;GAExD,MAAM,gBAAgB,MAA4B;AAChD,WAAO,MAAM,KAAK,OAAO,EAAE,gBAAgB,OAAO,SAAS,WAAW,OAAO,MAAM,MAAM,MAAM,CAAC;;GAElG;GACA;GACA,MAAM,wBAAwB;AAC5B,WAAO,OAAO,QAAQ,MAAM,IAAI,kCAAkC,UAAU,CAAC,KAAK,GAAG,EAAE,aAAa,CAAC;;GAEvG,uBAAuB;AACrB,WAAO,cAAc,IAAI,mCAAmC,CAAC,KAAK,GAAG,EAAW,8BAA8B;;GAEhH,MAAM,uBAAsC;AAC1C,UAAM,IAAI,oBAAoB,4GAA4G;;GAE5I,MAAM,4BAAsD;AAC1D,UAAM,IAAI,oBAAoB,iHAAiH;;GAEjJ,4BAA6C;AAC3C,UAAM,IAAI,oBAAoB,iHAAiH;;GAEjJ,cAAc,KAAK,gBAAgB,IAAI,oBAAoB,KAAK,cAAc,GAAG;GACjF,MAAM,QAAQ,QAAgB;AAE5B,YADc,MAAM,KAAK,WAAW,EACvB,MAAM,MAAM,EAAE,OAAO,OAAO,IAAI;;GAE/C,QAAQ,QAAgB;IACtB,MAAM,QAAQ,KAAK,UAAU;AAC7B,WAAO,cAAc;AACnB,YAAO,MAAM,MAAM,MAAM,EAAE,OAAO,OAAO,IAAI;OAC5C,CAAC,OAAO,OAAO,CAAC;;GAErB,MAAM,UAAU,SAAyF;IACvG,MAAM,SAAS,OAAO,QAAQ,MAAM,IAAI,kBAAkB,UAAU;KAAC,KAAK;KAAI,SAAS;KAAS,SAAS;KAAM,SAAS;KAAQ,SAAS;KAAO,SAAS;KAAM,EAAW,aAAa,CAAC;IACxL,MAAM,QAAa,OAAO,MAAM,KAAK,MAAM,IAAI,oBAAoB,EAAE,CAAC;AACtE,UAAM,aAAa,OAAO,YAAY,eAAe;AACrD,WAAO;;GAET,SAAS,SAAgF;IACvF,MAAM,SAAS,cAAc,IAAI,mBAAmB;KAAC,KAAK;KAAI,SAAS;KAAS,SAAS;KAAM,SAAS;KAAQ,SAAS;KAAO,SAAS;KAAM,EAAW,kBAAkB;AAC5K,WAAO,cAAc;KACnB,MAAM,QAAa,OAAO,MAAM,KAAK,MAAM,IAAI,oBAAoB,EAAE,CAAC;AACtE,WAAM,aAAa,OAAO,YAAY,eAAe;AACrD,YAAO;OACN,CAAC,OAAO,CAAC;;GAEd,YAAY,OAAO,SAAyD;IAC1E,MAAM,OAAO,MAAM,IAAI,WAAW,iBAAiB,8BAA8B;KAC/E,eAAe,KAAK;KACpB,GAAG;KACJ,CAAC,CAAC;AACH,UAAM,IAAI,kBAAkB,mBAAmB,KAAK;AACpD,UAAM,IAAI,kBAAkB,KAAK,IAAI,EAAE,gBAAgB,KAAK,IAAI,CAAC;AACjE,WAAO,IAAI,oBAAoB,KAAK;;GAEtC,WAAW,OAAO,SAAe;AAC/B,UAAM,IAAI,WAAW,gBAAgB;KAAE,QAAQ,KAAK;KAAI,QAAQ,KAAK;KAAI,CAAC;AAC1E,UAAM,IAAI,uBAAuB,KAAK,IAAI,KAAK,GAAG;;GAEpD,MAAM,sBAAsB;AAE1B,WADoB,OAAO,QAAQ,MAAM,IAAI,gCAAgC,UAAU,CAAC,KAAK,GAAG,EAAE,aAAa,CAAC,CAC7F,KAAK,QAAQ,IAAI,sCAAsC,KAAK,IAAI,IAAI,CAAC;;GAE1F,qBAAqB;IACnB,MAAM,cAAc,cAAc,IAAI,iCAAiC,CAAC,KAAK,GAAG,EAAE,4BAA4B;AAC9G,WAAO,cAAc,YAAY,KAAK,QAAQ,IAAI,sCAAsC,KAAK,IAAI,IAAI,CAAC,EAAE,CAAC,YAAY,CAAC;;GAExH,MAAM,gBAAgB,gBAAiD,SAAmE;AACxI,QAAI,kBAAkB,QAAQ,gBAAgB;KAC5C,MAAM,QAAQ;KACd,MAAM,YAAY,SAAS,aAAa;AAExC,YADoB,OAAO,QAAQ,MAAM,IAAI,gCAAgC,UAAU;MAAC,MAAM;MAAI,KAAK;MAAI;MAAU,EAAE,aAAa,CAAC,CAClH,KAAK,SAAS,IAAI,0BAA0B,KAAK,CAAC;WAChE;KAEL,MAAM,YADO,gBACW,aAAa;AAErC,YADoB,OAAO,QAAQ,MAAM,IAAI,mCAAmC,UAAU,CAAC,KAAK,IAAI,UAAU,EAAE,aAAa,CAAC,CAC3G,KAAK,SAAS,IAAI,0BAA0B,KAAK,CAAC;;;GAGzE,eAAe,gBAAiD,SAA0D;AACxH,QAAI,kBAAkB,QAAQ,gBAAgB;KAC5C,MAAM,QAAQ;KACd,MAAM,YAAY,SAAS,aAAa;KACxC,MAAM,cAAc,cAAc,IAAI,iCAAiC;MAAC,MAAM;MAAI,KAAK;MAAI;MAAU,EAAW,wBAAwB;AACxI,YAAO,cAAc,YAAY,KAAK,SAAS,IAAI,0BAA0B,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC;WAC9F;KAEL,MAAM,YADO,gBACW,aAAa;KACrC,MAAM,cAAc,cAAc,IAAI,oCAAoC,CAAC,KAAK,IAAI,UAAU,EAAW,wBAAwB;AACjI,YAAO,cAAc,YAAY,KAAK,SAAS,IAAI,0BAA0B,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC;;;GAGvG,MAAM,cAAc,qBAAoC,cAA4D;AAClH,QAAI,uBAAuB,OAAO,wBAAwB,UAAU;KAClE,MAAM,QAAQ;AAEd,aADoB,MAAM,KAAK,gBAAgB,MAAM,EAClC,MAAM,MAAM,EAAE,OAAO,aAAa,IAAI;WACpD;KACL,MAAM,MAAM;AAEZ,aADoB,MAAM,KAAK,iBAAiB,EAC7B,MAAM,MAAM,EAAE,OAAO,IAAI,IAAI;;;GAGpD,cAAc,qBAAoC,cAAmD;AACnG,QAAI,uBAAuB,OAAO,wBAAwB,UAAU;KAClE,MAAM,QAAQ;KACd,MAAM,cAAc,KAAK,eAAe,MAAM;AAC9C,YAAO,cAAc,YAAY,MAAM,MAAM,EAAE,OAAO,aAAa,IAAI,MAAM,CAAC,aAAa,aAAa,CAAC;WACpG;KACL,MAAM,MAAM;KACZ,MAAM,cAAc,KAAK,gBAAgB;AACzC,YAAO,cAAc,YAAY,MAAM,MAAM,EAAE,OAAO,IAAI,IAAI,MAAM,CAAC,aAAa,IAAI,CAAC;;;GAG3F,MAAM,cAAc,qBAAoC,cAAyC;AAC/F,QAAI,uBAAuB,OAAO,wBAAwB,UAAU;KAClE,MAAM,QAAQ;AACd,YAAQ,MAAM,KAAK,cAAc,OAAO,aAAuB,KAAM;WAChE;KACL,MAAM,MAAM;AACZ,YAAQ,MAAM,KAAK,cAAc,IAAI,KAAM;;;GAG/C,MAAM,OAAO,QAAiC;AAC5C,UAAM,IAAI,kBAAkB,KAAK,IAAI,OAAO;;GAE9C,MAAM,wBAAwB;AAC5B,WAAO,MAAM,IAAI,qBAAqB,yCAAyC,EAAE,CAAC;;GAEpF,MAAM,eAAe,SAAuD;IAC1E,MAAM,SAAS,MAAM,IAAI,WAAW,eAAe,QAAQ;AAC3D,UAAM,IAAI,iBAAiB,QAAQ,CAAC,KAAK,GAAG,CAAC;AAC7C,WAAO;;GAET,MAAM,YAAY,SAA+B;IAC/C,MAAM,SAAS,MAAM,KAAK,OAAO,QAAQ;AACzC,UAAM,IAAI,iBAAiB,QAAQ,CAAC,KAAK,GAAG,CAAC;AAC7C,WAAO;;GAET,MAAM,eAAe,MAAY;IAC/B,MAAM,SAAS,OAAO,QAAQ,MAAM,IAAI,4BAA4B,UAAU,CAAC,KAAK,IAAI,KAAK,GAAG,EAAE,aAAa,CAAC;AAChH,WAAO,IAAI,mCAAmC,OAAO;;GAEvD,eAAe,MAAY;IACzB,MAAM,SAAS,cAAc,IAAI,6BAA6B,CAAC,KAAK,IAAI,KAAK,GAAG,EAAW,wBAAwB;AACnH,WAAO,cAAc,IAAI,mCAAmC,OAAO,EAAE,CAAC,OAAO,CAAC;;GAEhF,MAAM,sBAAsB;AAE1B,WADe,OAAO,QAAQ,MAAM,IAAI,4BAA4B,UAAU,CAAC,KAAK,GAAG,EAAE,aAAa,CAAC,CACzF,KAAK,SAAS,IAAI,8BAA8B,KAAK,IAAI,KAAK,CAAC;;GAE/E,qBAAqB;IACnB,MAAM,SAAS,cAAc,IAAI,6BAA6B,CAAC,KAAK,GAAG,EAAW,4BAA4B;AAC9G,WAAO,cAAc,OAAO,KAAK,SAAS,IAAI,8BAA8B,KAAK,IAAI,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC;;GAExG,sBAAsB,OAAO,SAA4C;IACvE,MAAM,iBAAiB,MAAM,IAAI,WAAW,2BAA2B,wCAAwC,KAAK,IAAI,KAAK,CAAC;AAC9H,UAAM,QAAQ,IAAI,CAChB,IAAI,4BAA4B,QAAQ,CAAC,KAAK,GAAG,CAAC,EAClD,IAAI,iBAAiB,QAAQ,CAAC,KAAK,GAAG,CAAC,CACxC,CAAC;AACF,WAAO,IAAI,8BAA8B,KAAK,IAAI,eAAe;;GAEnE,4BAA4B;AAE1B,WADgB,cAAc,IAAI,oCAAoC,CAAC,KAAK,GAAG,EAAW,mCAAmC,CAC9G,KAAK,aAAa,IAAI,oCAAoC,KAAK,IAAI,SAAS,CAAC;;GAE9F,MAAM,6BAA6B;AAEjC,WADgB,OAAO,QAAQ,MAAM,IAAI,mCAAmC,UAAU,CAAC,KAAK,GAAG,EAAE,aAAa,CAAC,CAChG,KAAK,aAAa,IAAI,oCAAoC,KAAK,IAAI,SAAS,CAAC;;GAE9F,aAAa;AAEX,WADe,cAAc,IAAI,yBAAyB,CAAC,KAAK,GAAG,EAAW,oBAAoB,CACpF,KAAK,WAAW,IAAI,sBAAsB,OAAO,CAAC;;GAElE,MAAM,cAAc;AAElB,WADe,OAAO,QAAQ,MAAM,IAAI,wBAAwB,UAAU,CAAC,KAAK,GAAG,EAAE,aAAa,CAAC,CACrF,KAAK,WAAW,IAAI,sBAAsB,OAAO,CAAC;;GAElE,MAAM,aAAa,SAAwC;IACzD,MAAM,SAAS,MAAM,IAAI,WAAW,oBAClC,MAAM,4BAA4B,QAAQ,KAAK,IAAI,QAAQ,EAC3D,MACA,SACD;AACD,UAAM,IAAI,wBAAwB,QAAQ,CAAC,KAAK,GAAG,CAAC;AACpD,WAAO,IAAI,sBAAsB,OAAO;;GAE1C,oBAAoB;IAClB,MAAM,UAAU,cAAc,IAAI,4BAA4B,CAAC,KAAK,GAAG,EAAW,2BAA2B;AAC7G,WAAO,cAAc,QAAQ,KAAK,cAAc,IAAI,6BAA6B,UAAU,CAAC,EAAE,CAAC,QAAQ,CAAC;;GAG1G,MAAM,qBAAqB;AAEzB,WADgB,OAAO,QAAQ,MAAM,IAAI,2BAA2B,UAAU,CAAC,KAAK,GAAG,EAAE,aAAa,CAAC,CACxF,KAAK,cAAc,IAAI,6BAA6B,UAAU,CAAC;;GAGhF,iBAAiB,IAAY;IAC3B,MAAM,YAAY,KAAK,mBAAmB;AAC1C,WAAO,cAAc,UAAU,MAAM,MAAM,EAAE,OAAO,GAAG,IAAI,MAAM,CAAC,WAAW,GAAG,CAAC;;GAEnF,MAAM,iBAAiB,IAAY;AAEjC,YADkB,MAAM,KAAK,oBAAoB,EAChC,MAAM,MAAM,EAAE,OAAO,GAAG,IAAI;;GAE/C,MAAM,gBAAgB,SAA6I;IAEjK,MAAM,WAAW,SAAS,aAAa,MAAM,IAAI,gBAAgB,GAAG;AACpE,QAAI,CAAC,SACH,OAAM,IAAI,oBAAoB,6EAA6E;IAI7G,MAAM,mBAAmB,MAAM,IAAI,WAAW,kCAAkC,KAAK,GAAG;AAExF,QAAI,iBAAiB,WAAW,KAC9B,QAAO,OAAO,MAAM,IAAI,YAAY,0BAA0B,4DAA4D,CAAC;IAG7H,MAAM,EAAE,cAAc,SAAS,iBAAiB;AAGhD,QAAI,aAAa,GAAG,OAAO,0CACzB,OAAM,IAAI,oBAAoB,oEAAoE,aAAa,GAAG,KAAK;AAGzH,iBAAa,GAAG,KAAK;IAErB,IAAI;AACJ,QAAI;AACF,eAAU,MAAM,kBAAkB,EAAE,aAAa,cAAc,CAAC;aACzD,OAAY;AACnB,SAAI,iBAAiB,cACnB,QAAO,OAAO,MAAM,IAAI,YAAY,qBAAqB,MAAM,SAAS,MAAM,KAAK,CAAC;UAC/E;AAEL,mBAAa,+BAA+B,MAAM;AAClD,aAAO,OAAO,MAAM,IAAI,YAAY,0BAA0B,4DAA4D,CAAC;;;IAO/H,MAAM,EAAE,aAAa,iBAAiB,MAAM,IAAI,WAAW,wBAAwB,KAAK,IAAI,MAAQ,GAAG,MAAM;IAC7G,MAAM,cAAc,IAAI,gBAAgB;KACtC;KACA;KACA,4BAA4B,YAAY;KACzC,CAAC;IAEF,MAAM,qBAAqB,MAAM,IAAI,WAAW,gBAAgB;KAAE,YAAY;KAAS;KAAM,EAAE,YAAY;AAE3G,UAAM,IAAI,iBAAiB,QAAQ,CAAC,KAAK,GAAG,CAAC;AAC7C,WAAO;;GAET,GAAG,IAAI,sBAAsB,KAAK,IAAI,OAAO;GAC9C,CAAsB;;CAKzB,AAAU,wBAAwB,MAAgE;AAShG,SARiB,yBAAyB;GACxC,GAAG,KAAK,oBAAoB,KAAK,KAAK;GACtC,aAAa;IACX,aAAa,KAAK;IAClB,iBAAiB,KAAK;IACvB;GACF,CAA0B;;CAK7B,AAAU,kCAAkC,MAAgE;AAC1G,SAAO;GACL,IAAI,KAAK;GACT,gBAAgB,KAAK;GACrB,WAAW,IAAI,KAAK,KAAK,kBAAkB;GAC3C,QAAQ,YAAY;AAClB,UAAM,KAAK,WAAW,2BAA2B,KAAK,IAAI,KAAK,QAAQ;AACvE,UAAM,KAAK,4BAA4B,QAAQ,CAAC,KAAK,QAAQ,CAAC;;GAEjE;;CAGH,AAAU,sCAAsC,QAAgB,MAAoE;EAClI,MAAM,MAAM;AACZ,SAAO;GACL,IAAI,KAAK;GACT,QAAQ,KAAK;GACb,iBAAiB,KAAK;GACtB,gBAAgB,KAAK;GACrB,WAAW,IAAI,KAAK,KAAK,kBAAkB;GAC3C,QAAQ,YAAY;AAClB,UAAM,IAAI,WAAW,+BAA+B,KAAK,IAAI,OAAO;AACpE,UAAM,QAAQ,IAAI;KAChB,IAAI,gCAAgC,QAAQ,CAAC,OAAO,CAAC;KACrD,IAAI,4BAA4B,QAAQ,CAAC,KAAK,QAAQ,CAAC;KACvD,IAAI,uBAAuB,KAAK,SAAS,OAAO;KACjD,CAAC;;GAEL;;CAGH,AAAmB,qBAAqB,MAAmC,SAA+D;AAOxI,SANoB,yBAAyB;GAC3C,GAAG,KAAK,oBAAoB,KAAK;GACjC,GAAG,KAAK,YAAY,QAAQ;GAC5B,GAAG,KAAK,oBAAoB,GAAG,KAAK,yBAAyB,QAAQ,GAAG,EAAE;GAC3E,CAAsB;;CAKzB,AAAU,oBAAoB,MAA+C;EAC3E,MAAM,MAAM;AACZ,SAAO;GACL,IAAI,KAAK;GACT,aAAa,KAAK;GAClB,iBAAiB,KAAK;GACtB,WAAW,IAAI,KAAK,KAAK,kBAAkB;GAC3C,gBAAgB,KAAK;GACrB,wBAAwB,KAAK;GAC7B,gBAAgB,KAAK;GACrB,MAAM,OAAO,QAA0C;AACrD,UAAM,IAAI,WAAW,iBAAiB,KAAK,IAAI,8BAA8B,OAAO,CAAC;AACrF,UAAM,QAAQ,IAAI,CAChB,IAAI,kBAAkB,mBAAmB,KAAK,EAC9C,IAAI,kBAAkB,mBAAmB,KAAK,CAC/C,CAAC;;GAEJ,MAAM,SAAS;AACb,UAAM,IAAI,WAAW,iBAAiB,KAAK,GAAG;AAC9C,UAAM,QAAQ,IAAI,CAChB,IAAI,kBAAkB,mBAAmB,KAAK,EAC9C,IAAI,kBAAkB,mBAAmB,KAAK,CAC/C,CAAC;;GAEJ,MAAM,YAAY;AAEhB,WADe,OAAO,QAAQ,MAAM,IAAI,+BAA+B,UAAU,CAAC,KAAK,GAAG,EAAE,aAAa,CAAC,CAC5F,KAAI,MAAK,IAAI,wBAAwB,EAAE,CAAC;;GAExD,WAAW;IACT,MAAM,SAAS,cAAc,IAAI,gCAAgC,CAAC,KAAK,GAAG,EAAW,kBAAkB;AACvG,WAAO,cAAc,OAAO,KAAI,MAAK,IAAI,wBAAwB,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC;;GAEjF,MAAM,QAAQ,QAAQ;AACpB,UAAM,IAAI,WAAW,oBAAoB;KACvC,QAAQ,KAAK;KACb;KACD,CAAC;AACF,UAAM,IAAI,uBAAuB,KAAK,IAAI,OAAO;;GAEnD,MAAM,WAAW,QAAQ;AACvB,UAAM,IAAI,WAAW,yBAAyB;KAC5C,QAAQ,KAAK;KACb;KACD,CAAC;AACF,UAAM,IAAI,uBAAuB,KAAK,IAAI,OAAO;;GAEnD,MAAM,WAAW,SAAkD;AACjE,UAAM,IAAI,WAAW,yBAAyB;KAC5C,QAAQ,KAAK;KACb,OAAO,QAAQ;KACf,aAAa,QAAQ,eAAe,qBAAqB,IAAI,KAAK,gBAAgB,cAAc;KACjG,CAAC;AACF,UAAM,IAAI,4BAA4B,QAAQ,CAAC,KAAK,GAAG,CAAC;;GAE1D,MAAM,kBAAkB;AAEtB,WADe,OAAO,QAAQ,MAAM,IAAI,4BAA4B,UAAU,CAAC,KAAK,GAAG,EAAE,aAAa,CAAC,CACzF,KAAK,SAAS,IAAI,kCAAkC,KAAK,CAAC;;GAE1E,iBAAiB;IACf,MAAM,SAAS,cAAc,IAAI,6BAA6B,CAAC,KAAK,GAAG,EAAW,wBAAwB;AAC1G,WAAO,cAAc,OAAO,KAAK,SAAS,IAAI,kCAAkC,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC;;GAEnG,aAAa;AAEX,WADe,cAAc,IAAI,yBAAyB,CAAC,KAAK,GAAG,EAAW,oBAAoB,CACpF,KAAK,WAAW,IAAI,sBAAsB,OAAO,CAAC;;GAElE,MAAM,cAAc;AAElB,WADe,OAAO,QAAQ,MAAM,IAAI,wBAAwB,UAAU,CAAC,KAAK,GAAG,EAAE,aAAa,CAAC,CACrF,KAAK,WAAW,IAAI,sBAAsB,OAAO,CAAC;;GAElE,MAAM,aAAa,SAAwC;IACzD,MAAM,SAAS,MAAM,IAAI,WAAW,oBAClC,MAAM,4BAA4B,QAAQ,KAAK,IAAI,QAAQ,EAC3D,MACA,SACD;AACD,UAAM,IAAI,wBAAwB,QAAQ,CAAC,KAAK,GAAG,CAAC;AACpD,WAAO,IAAI,sBAAsB,OAAO;;GAE1C,GAAG,IAAI,sBAAsB,KAAK,IAAI,OAAO;GAC9C;;CAGH,AAAU,oBAAoB,UAA4D,MAA8C;EACtI,MAAM,MAAM;AACZ,SAAO;GACL,aAAa,KAAK;GAClB,UAAU,KAAK;GACf,qBAAqB,KAAK,IAAI,GAAG,KAAK,SAAS;GAC/C,kBAAkB,OAAO,UAAkB;IACzC,MAAM,gBAAgB,SAAS,SAAS,SACpC;KAAE,QAAQ,KAAK;KAAI,QAAQ,SAAS;KAAI,GACxC,SAAS,SAAS,SAChB;KAAE,QAAQ,KAAK;KAAI,QAAQ,SAAS;KAAI,GACxC;KAAE,QAAQ,KAAK;KAAI,kBAAkB,SAAS;KAAI;AACxD,UAAM,IAAI,WAAW,mBAAmB,eAAe,EAAE,OAAO,CAAC;AACjE,QAAI,SAAS,SAAS,OAAQ,OAAM,IAAI,sBAAsB,QAAQ,CAAC,SAAS,IAAI,KAAK,GAAG,CAAC;aACpF,SAAS,SAAS,OAAQ,OAAM,IAAI,sBAAsB,QAAQ,CAAC,SAAS,IAAI,KAAK,GAAG,CAAC;QAC7F,OAAM,IAAI,wBAAwB,QAAQ,CAAC,SAAS,IAAI,KAAK,GAAG,CAAC;;GAExE,kBAAkB,OAAO,UAAkB;IACzC,MAAM,gBAAgB,SAAS,SAAS,SACpC;KAAE,QAAQ,KAAK;KAAI,QAAQ,SAAS;KAAI,GACxC,SAAS,SAAS,SAChB;KAAE,QAAQ,KAAK;KAAI,QAAQ,SAAS;KAAI,GACxC;KAAE,QAAQ,KAAK;KAAI,kBAAkB,SAAS;KAAI;AACxD,UAAM,IAAI,WAAW,mBAAmB,eAAe;KAAE,OAAO,CAAC;KAAO,gBAAgB;KAAM,CAAC;AAC/F,QAAI,SAAS,SAAS,OAAQ,OAAM,IAAI,sBAAsB,QAAQ,CAAC,SAAS,IAAI,KAAK,GAAG,CAAC;aACpF,SAAS,SAAS,OAAQ,OAAM,IAAI,sBAAsB,QAAQ,CAAC,SAAS,IAAI,KAAK,GAAG,CAAC;QAC7F,OAAM,IAAI,wBAAwB,QAAQ,CAAC,SAAS,IAAI,KAAK,GAAG,CAAC;;GAExE,qBAAqB,OAAO,UAAkB;AAC5C,QAAI;KACF,MAAM,gBAAgB,SAAS,SAAS,SACpC;MAAE,QAAQ,KAAK;MAAI,QAAQ,SAAS;MAAI,GACxC,SAAS,SAAS,SAChB;MAAE,QAAQ,KAAK;MAAI,QAAQ,SAAS;MAAI,GACxC;MAAE,QAAQ,KAAK;MAAI,kBAAkB,SAAS;MAAI;AACxD,WAAM,IAAI,WAAW,mBAAmB,eAAe,EAAE,OAAO,CAAC,OAAO,CAAC;AACzE,SAAI,SAAS,SAAS,OAAQ,OAAM,IAAI,sBAAsB,QAAQ,CAAC,SAAS,IAAI,KAAK,GAAG,CAAC;cACpF,SAAS,SAAS,OAAQ,OAAM,IAAI,sBAAsB,QAAQ,CAAC,SAAS,IAAI,KAAK,GAAG,CAAC;SAC7F,OAAM,IAAI,wBAAwB,QAAQ,CAAC,SAAS,IAAI,KAAK,GAAG,CAAC;AACtE,YAAO;aACA,OAAO;AACd,SAAI,iBAAiB,YAAY,+BAC/B,QAAO;AAET,WAAM;;;GAGX;;CAGH,MAAgB,eAAe,SAA6D;EAC1F,MAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,wBAAwB,UAAU,CAAC,QAAQ,QAAQ,OAAO,EAAE,aAAa,CAAC;AACjH,SAAO,OAAO,KAAK,sBAAsB,KAAK,GAAG;;CAGnD,MAAgB,eAAe,SAA6D;EAC1F,MAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,wBAAwB,UAAU,CAAC,QAAQ,QAAQ,OAAO,EAAE,aAAa,CAAC;AACjH,SAAO,OAAO,KAAK,sBAAsB,KAAK,GAAG;;CAEnD,AAAU,eAAe,SAAoD;EAC3E,MAAM,OAAO,cAAc,KAAK,yBAAyB,CAAC,QAAQ,QAAQ,OAAO,EAAW,4BAA4B;AACxH,SAAO,cAAc,OAAO,KAAK,sBAAsB,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;;CAE9E,AAAU,eAAe,SAAoD;EAC3E,MAAM,OAAO,cAAc,KAAK,yBAAyB,CAAC,QAAQ,QAAQ,OAAO,EAAW,4BAA4B;AACxH,SAAO,cAAc,OAAO,KAAK,sBAAsB,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;;CAE9E,MAAgB,iBAAiB,QAA4C;EAC3E,MAAM,eAAe,MAAM,KAAK,eAAe,EAAE,QAAQ,CAAC;AAC1D,MAAI,iBAAiB,KACnB,QAAO;AAET,SAAO,MAAM,KAAK,kBAAkB,aAAa,OAAO;;CAG1D,MAAgB,iBAAiB,KAAgB,kBAAuD;EACtG,MAAM,WAAW,MAAM,IAAI,KAAK,iBAAiB;AACjD,MAAI,aAAa,KACf,QAAO;EAET,MAAM,OAAO,MAAM,KAAK,kBAAkB,SAAS,QAAQ;AAC3D,MAAI,MAAM,eAAe,CAAC,iBACxB,QAAO;AAET,SAAO;;CAET,AAAU,iBAAiB,KAAgB,kBAA8C;EACvF,MAAM,UAAU,cAAc,KAAK,6BAA6B,CAAC,IAAI,EAAW,8BAA8B;AAC9G,MAAI,YAAY,KACd,QAAO;EAET,MAAM,OAAO,KAAK,YAAY,QAAQ;AACtC,MAAI,MAAM,eAAe,CAAC,iBACxB,QAAO;AAET,SAAO;;CAET,AAAU,iBAAiB,QAAmC;EAC5D,MAAM,eAAe,KAAK,eAAe,EAAE,QAAQ,CAAC;AACpD,MAAI,iBAAiB,KACnB,QAAO;AAET,SAAO,KAAK,YAAY,aAAa,OAAO;;CAG9C,MAAgB,iBAAiB,QAA4C;EAC3E,MAAM,eAAe,MAAM,KAAK,eAAe,EAAE,QAAQ,CAAC;AAC1D,MAAI,iBAAiB,KACnB,QAAO;AAET,SAAO,MAAM,KAAK,QAAQ,aAAa,OAAO;;CAEhD,AAAU,iBAAiB,QAAmC;EAC5D,MAAM,eAAe,KAAK,eAAe,EAAE,QAAQ,CAAC;AACpD,MAAI,iBAAiB,KACnB,QAAO;AAET,SAAO,KAAK,QAAQ,aAAa,OAAO;;CAG1C,MAAM,WAAW,SAAuD;EACtE,MAAM,OAAO,MAAM,KAAK,WAAW,iBAAiB,8BAA8B,QAAQ,CAAC;AAC3F,QAAM,KAAK,eAAe;AAC1B,SAAO,KAAK,oBAAoB,KAAK;;CAUvC,MAAM,QAAQ,SAAqL;AACjM,MAAI,OAAO,YAAY,SACrB,QAAO,MAAM,KAAK,kBAAkB,QAAQ;WACnC,OAAO,YAAY,YAAY,YAAY,QACpD,QAAO,MAAM,KAAK,iBAAiB,QAAQ,OAAO;WACzC,OAAO,YAAY,YAAY,UAAU,WAAW,QAAQ,SAAmB,SACxF,QAAO,MAAM,KAAK,iBAAiB,QAAQ,KAAK,QAAQ,WAAW,QAAQ,OAAO,YAAY;OACzF;AACL,aAAU;AAGV,OAAI,SAAS,OAAO,eAAe,QAAQ,sBAAsB,MAC/D,OAAM,IAAI,MAAM,yHAAyH;AAI3I,QAAK,4BAA4B,SAAS,WAAW;GACrD,MAAM,UAAU,MAAM,KAAK,YAAY,SAAS,WAAW;GAC3D,IAAI,OAAO,OAAO,QAAQ,MAAM,KAAK,wBAAwB,UAAU,CAAC,QAAQ,EAAE,aAAa,CAAC;GAChG,MAAM,mBAAmB,SAAS,OAAO,eAAe,SAAS,OAAO;GACxE,MAAM,oBAAoB,SAAS,sBAAsB,QAAQ;AAEjE,OAAI,SAAS,QAAS,KAAK,gBAAgB,CAAC,oBAAsB,KAAK,iBAAiB,CAAC,kBACvF,SAAQ,SAAS,IAAjB;IACE,KAAK;AACH,SAAI,CAAC,MAAM,gBAAgB,MAAM,cAC/B,OAAM,KAAK,qBAAqB,EAAE,SAAS,MAAM,CAAC;SAElD,OAAM,KAAK,iBAAiB,EAAE,SAAS,MAAM,CAAC;AAGhD;IAEF,KAAK,QACH,OAAM,IAAI,MAAM,oEAAoE;IAEtF,KAAK,aAAa;KAChB,MAAM,SAAS,MAAM,KAAK,oBAAoB;AAC9C,YAAO,MAAM,KAAK,QAAQ;MAAE,YAAY;MAAQ,IAAI;MAAmC,mBAAmB;MAAM,CAAC,IAAI,SAAS,oDAAoD;;IAEpL,KAAK;IACL,KAAK;IACL,KAAK,cACH,QAAO;;AAKb,UAAO,QAAQ,KAAK,qBAAqB,MAAM,QAAQ;;;CAI3D,MAAM,gBAAqE;AACzE,UAAQ,KAAK,iFAAiF;AAC9F,SAAO,MAAM,KAAK,SAAS;;CAG7B,MAAM,kBAAkB,QAA4C;EAClE,MAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,iBAAiB,UAAU,CAAC,OAAO,EAAE,aAAa,CAAC;AAC1F,SAAO,QAAQ,KAAK,oBAAoB,KAAK;;CAU/C,QAAQ,SAA4K;AAClL,MAAI,OAAO,YAAY,SACrB,QAAO,KAAK,YAAY,QAAQ;WACvB,OAAO,YAAY,YAAY,YAAY,QACpD,QAAO,KAAK,iBAAiB,QAAQ,OAAO;WACnC,OAAO,YAAY,YAAY,UAAU,WAAW,QAAQ,SAAmB,SACxF,QAAO,KAAK,iBAAiB,QAAQ,KAAK,QAAQ,WAAW,QAAQ,OAAO,YAAY;OACnF;AACL,aAAU;AAIV,OAAI,SAAS,OAAO,eAAe,QAAQ,sBAAsB,MAC/D,OAAM,IAAI,MAAM,yHAAyH;AAG3I,QAAK,4BAA4B,SAAS,WAAW;GAErD,MAAM,UAAU,KAAK,YAAY,SAAS,WAAW;GACrD,IAAI,OAAO,cAAc,KAAK,yBAAyB,CAAC,QAAQ,EAAW,sBAAsB;AACxE,YAAS,OAAO,eAAe,SAAS;AACvC,YAAS;AAEnC,OAAI,SAAS,KACX,SAAQ,SAAS,IAAjB;IACE,KAAK;AACH,uBAAkB,KAAK,iBAAiB,EAAE,SAAS,MAAM,CAAC,CAAC;AAC3D,cAAS;AACT,WAAM,IAAI,oBAAoB,8BAA8B;IAE9D,KAAK,QACH,OAAM,IAAI,MAAM,oEAAoE;IAEtF,KAAK;AAGH,uBAAkB,YAAY;AAC5B,YAAM,KAAK,oBAAoB;AAC/B,UAAI,OAAO,WAAW,YACpB,QAAO,SAAS,QAAQ;OAE1B;AACF,cAAS;AACT,WAAM,IAAI,oBAAoB,8BAA8B;IAE9D,KAAK;IACL,KAAK;IACL,KAAK;;AAMT,UAAO,cAAc;AACnB,WAAO,QAAQ,KAAK,qBAAqB,MAAM,QAAQ;MACtD;IAAC;IAAM;IAAS,SAAS;IAAG,CAAC;;;CAGpC,YAAY,QAAmC;EAC7C,MAAM,OAAO,cAAc,KAAK,kBAAkB,CAAC,OAAO,EAAE,0BAA0B;AACtF,SAAO,cAAc;AACnB,UAAO,QAAQ,KAAK,oBAAoB,KAAK;KAC5C,CAAC,KAAK,CAAC;;CAGZ,MAAM,UAAU,SAAyF;EACvG,MAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,kBAAkB,UAAU;GAAC,SAAS;GAAQ,SAAS;GAAO,SAAS;GAAS,SAAS;GAAM,SAAS;GAAO,SAAS;GAAmB,SAAS;GAAkB,SAAS;GAAe,SAAS;GAAO,EAAE,aAAa,CAAC;EACrQ,MAAM,SAAc,KAAK,MAAM,KAAK,MAAM,KAAK,oBAAoB,EAAE,CAAC;AACtE,SAAO,aAAa,KAAK,YAAY,eAAe;AACpD,SAAO;;CAGT,SAAS,SAAgF;EACvF,MAAM,OAAO,cAAc,KAAK,mBAAmB;GAAC,SAAS;GAAQ,SAAS;GAAO,SAAS;GAAS,SAAS;GAAM,SAAS;GAAO,SAAS;GAAmB,SAAS;GAAkB,SAAS;GAAe,SAAS;GAAO,EAAW,uBAAuB;EACvQ,MAAM,SAAc,KAAK,MAAM,KAAK,MAAM,KAAK,oBAAoB,EAAE,CAAC;AACtE,SAAO,aAAa,KAAK,YAAY,eAAe;AACpD,SAAO;;CAGT,0BAA0B,MAA6G;AACrI,SAAO,EACL,IAAI,KAAK,IACV;;CAGH,wCAAwC,MAAqF;AAC3H,SAAO;GACL,IAAI,KAAK;GACT,aAAa,KAAK;GAClB,wBAAwB,KAAK;GAC9B;;CAGH,2CAA2C,MAA2F;AACpI,SAAO;GACL,IAAI,KAAK;GACT,aAAa,KAAK;GAClB,wBAAwB,KAAK;GAC9B;;CAGH,MAAM,QAAQ,SAAsJ;AAClK,MAAI,YAAY,SAAS;GACvB,MAAM,SAAS,OAAO,QAAQ,MAAM,KAAK,sBAAsB,UAAU,CAAC,QAAQ,QAAQ,QAAQ,OAAO,EAAE,aAAa,CAAC;AACzH,UAAO,KAAK,oBAAoB;IAAE,MAAM;IAAQ,IAAI,QAAQ;IAAQ,EAAE,OAAO;aACpE,YAAY,SAAS;GAC9B,MAAM,SAAS,OAAO,QAAQ,MAAM,KAAK,sBAAsB,UAAU,CAAC,QAAQ,QAAQ,QAAQ,OAAO,EAAE,aAAa,CAAC;AACzH,UAAO,KAAK,oBAAoB;IAAE,MAAM;IAAQ,IAAI,QAAQ;IAAQ,EAAE,OAAO;SACxE;GACL,MAAM,SAAS,OAAO,QAAQ,MAAM,KAAK,wBAAwB,UAAU,CAAC,QAAQ,kBAAkB,QAAQ,OAAO,EAAE,aAAa,CAAC;AACrI,UAAO,KAAK,oBAAoB;IAAE,MAAM;IAAU,IAAI,QAAQ;IAAkB,EAAE,OAAO;;;CAI7F,MAAM,aAAa,SAAwE;AACzF,MAAI,YAAY,SAAS;GACvB,MAAM,WAAW,OAAO,QAAQ,MAAM,KAAK,yBAAyB,UAAU;IAAC,QAAQ;IAAQ,QAAQ,UAAU;IAAM,QAAQ,SAAS;IAAK,EAAE,aAAa,CAAC;AAC7J,UAAO,KAAK,8BAA8B,SAAS;aAC1C,YAAY,SAAS;GAC9B,MAAM,WAAW,OAAO,QAAQ,MAAM,KAAK,yBAAyB,UAAU;IAAC,QAAQ;IAAQ,QAAQ,UAAU;IAAM,QAAQ,SAAS;IAAK,EAAE,aAAa,CAAC;AAC7J,UAAO,KAAK,8BAA8B,SAAS;;EAErD,MAAM,WAAW,OAAO,QAAQ,MAAM,KAAK,2BAA2B,UAAU;GAAC,QAAQ;GAAkB,QAAQ,UAAU;GAAM,QAAQ,SAAS;GAAK,EAAE,aAAa,CAAC;AACzK,SAAO,KAAK,8BAA8B,SAAS;;CAGrD,QAAQ,SAA6I;EACnJ,IAAI;EACJ,IAAI;EACJ,IAAI;AACJ,MAAI,YAAY,SAAS;AACvB,UAAO;AACP,QAAK,QAAQ;AACb,WAAQ,KAAK;aACJ,YAAY,SAAS;AAC9B,UAAO;AACP,QAAK,QAAQ;AACb,WAAQ,KAAK;SACR;AACL,UAAO;AACP,QAAK,QAAQ;AACb,WAAQ,KAAK;;EAGf,MAAM,WAAW,CAAC,IAAI,QAAQ,OAAO;EAErC,MAAM,SAAS,cAAc,OAAO,UADjB,sBACsC;AACzD,SAAO,cAAc,KAAK,oBAAoB;GAAE;GAAM;GAAI,EAAE,OAAO,EAAE,CAAC,OAAO,CAAC;;CAEhF,MAAM,aAAa,SAID;EAChB,IAAI;EACJ,IAAI;AACJ,MAAI,YAAY,SAAS;AACvB,kBAAe;AACf,gBAAa,QAAQ;aACZ,YAAY,SAAS;AAC9B,kBAAe;AACf,gBAAa,QAAQ;SAChB;AACL,kBAAe;AACf,gBAAa,QAAQ;;AAGvB,QAAM,KAAK,WAAW,aAAa;GACjC;GACA;GACA,WAAW,eAAe,UAAU,QAAQ,YAAY;GACxD,SAAS,aAAa,UAAU,QAAQ,UAAU;GAClD,UAAU,QAAQ;GACnB,CAAC;AAOF,SALc,iBAAiB,SAC3B,KAAK,2BACL,iBAAiB,SACf,KAAK,2BACL,KAAK,4BACC,QAAQ;GAAC;GAAY;GAAM;GAAK,CAAC;;CAG/C,MAAM,WAAW,MAAoD;EACnE,MAAM,OAAO,MAAM,KAAK,WAAW,iBAAiB,8BAA8B,KAAK,CAAC;AACxF,QAAM,KAAK,kBAAkB,mBAAmB,KAAK;AACrD,SAAO,KAAK,oBAAoB,KAAK;;CAGvC,MAAM,UAAU,SAAyF;EACvG,MAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,kBAAkB,UAAU;GAAC;GAAW,SAAS;GAAS,SAAS;GAAM,SAAS;GAAQ,SAAS;GAAO,SAAS;GAAM,EAAW,aAAa,CAAC;EACzL,MAAM,QAAa,KAAK,MAAM,KAAK,MAAM,KAAK,oBAAoB,EAAE,CAAC;AACrE,QAAM,aAAa,KAAK,YAAY,eAAe;AACnD,SAAO;;CAGT,SAAS,SAAgF;EACvF,MAAM,OAAO,cAAc,KAAK,mBAAmB;GAAC;GAAW,SAAS;GAAS,SAAS;GAAM,SAAS;GAAQ,SAAS;GAAO,SAAS;GAAM,EAAW,uBAAuB;AAClL,SAAO,cAAc;GACnB,MAAM,QAAa,KAAK,MAAM,KAAK,MAAM,KAAK,oBAAoB,EAAE,CAAC;AACrE,SAAM,aAAa,KAAK,YAAY,eAAe;AACnD,UAAO;KACN,CAAC,KAAK,CAAC;;CAGZ,MAAM,0BAA0B,QAAgB,SAAwF;EACtI,MAAM,YAAY,SAAS,aAAa;AAExC,SADa,OAAO,QAAQ,MAAM,KAAK,qCAAqC,UAAU,CAAC,QAAQ,UAAU,EAAW,aAAa,CAAC,CACtH,KAAK,OAAO;GAAE,QAAQ,EAAE;GAAS,cAAc,EAAE;GAAI,EAAE;;CAGrE,yBAAyB,QAAgB,SAA+E;EACtH,MAAM,YAAY,SAAS,aAAa;EACxC,MAAM,OAAO,cAAc,KAAK,sCAAsC,CAAC,QAAQ,UAAU,EAAW,uCAAuC;AAC3I,SAAO,cAAc,KAAK,KAAK,OAAO;GAAE,QAAQ,EAAE;GAAS,cAAc,EAAE;GAAI,EAAE,EAAE,CAAC,KAAK,CAAC;;CAK5F,MAAM,QAAQ,SAAmE;AAC/E,MAAI,OAAO,YAAY,YAAY,YAAY,QAC7C,QAAO,MAAM,KAAK,iBAAiB,QAAQ,OAAO;OAC7C;GACL,MAAM,SAAS;AAEf,WADc,MAAM,KAAK,WAAW,EACvB,MAAM,MAAM,EAAE,OAAO,OAAO,IAAI;;;CAMjD,QAAQ,SAA0D;AAChE,MAAI,OAAO,YAAY,YAAY,YAAY,QAC7C,QAAO,KAAK,iBAAiB,QAAQ,OAAO;OACvC;GACL,MAAM,SAAS;GACf,MAAM,QAAQ,KAAK,UAAU;AAC7B,UAAO,cAAc;AACnB,WAAO,MAAM,MAAM,MAAM,EAAE,OAAO,OAAO,IAAI;MAC5C,CAAC,OAAO,OAAO,CAAC;;;CAIvB,AAAU,4BAA4B,IAA4B;EAChE,MAAM,mBAAmB,YAAgC;AACvD,OAAI,OAAO,QAAQ,WAAW,SAAU,OAAM,IAAI,MAAM,kCAAkC,OAAO,QAAQ,OAAO;;AAElH,SAAO;GACL;GACA,UAAU,OAAO,KAAK,OAAO,YAAY;AACvC,oBAAgB,QAAQ;AACxB,UAAM,KAAK,WAAW,uBAAuB,QAAQ,QAAQ,IAAI,KAAK,MAAM;;GAE9E,UAAU,OAAO,KAAK,YAAY;AAChC,oBAAgB,QAAQ;AACxB,WAAO,OAAO,QAAQ,MAAM,KAAK,gCAAgC,UAAU;KAAC;KAAI;KAAK,QAAQ;KAAO,EAAE,aAAa,CAAC;;GAEtH,WAAW,KAAK,YAAY;AAC1B,oBAAgB,QAAQ;AACxB,WAAO,cAAc,KAAK,iCAAiC;KAAC;KAAI;KAAK,QAAQ;KAAO,EAAW,mBAAmB;;GAErH;;CAGH,MAAM,kBAAkB,IAAqC;AAC3D,SAAO,KAAK,4BAA4B,GAAG;;CAG7C,kBAAkB,IAA4B;AAC5C,SAAO,cAAc,KAAK,4BAA4B,GAAG,EAAE,CAAC,GAAG,CAAC;;CAGlE,MAAM,UAAU,SAA0C;AACxD,QAAM,KAAK,WAAW,UAAU,QAAQ;AACxC,QAAM,KAAK,wBAAwB,QAAQ,EAAE,CAAC;;CAGhD,MAAM,wBAAoD;AACxD,SAAO,OAAO,QAAQ,MAAM,KAAK,wBAAwB,UAAU,EAAE,EAAE,aAAa,CAAC;;CAGvF,wBAA2C;AACzC,SAAO,cAAc,KAAK,yBAAyB,EAAE,EAAE,yCAAyC;;CAGlG,MAAM,6BAA4C;AAChD,QAAM,KAAK,WAAW,4BAA4B;AAElD,QAAM,KAAK,wBAAwB,QAAQ,EAAE,CAAC;;CAGhD,MAAyB,gBAAgB,SAA0B;AACjE,QAAM,QAAQ,IAAI,CAChB,MAAM,aAAa,QAAQ,EAC3B,KAAK,wBAAwB,QAAQ,CAAC,QAAQ,CAAC,CAChD,CAAC;;CAGJ,MAAyB,gBAAgB;AACvC,QAAM,QAAQ,IAAI;GAChB,MAAM,eAAe;GACrB,KAAK,iBAAiB,mBAAmB,KAAK;GAC9C,KAAK,kBAAkB,mBAAmB,KAAK;GAC/C,KAAK,4BAA4B,mBAAmB,KAAK;GACzD,KAAK,2BAA2B,mBAAmB,KAAK;GACxD,KAAK,kCAAkC,mBAAmB,KAAK;GAChE,CAAC;;CAGJ,MAAM,oBAAoB,SAO4F;AACpH,MAAI;GACF,MAAM,OAAO,MAAM,KAAK,WAAW,0BAA0B;IAC3D,SAAS,QAAQ;IACjB,oBAAoB,QAAQ;IAC5B,YAAY,QAAQ;IACpB,OAAO,QAAQ;IACf,eAAe,QAAQ;IACvB,0BAA0B,QAAQ;IACnC,CAAC;AAEF,SAAM,QAAQ,IAAI,CAChB,KAAK,2BAA2B,QAAQ,CAAC,QAAQ,OAAO,CAAC,EACzD,KAAK,kCAAkC,QAAQ,CAAC,QAAQ,OAAO,CAAC,CACjE,CAAC;AACF,UAAO,OAAO,GAAG,KAAK,6BAA6B,KAAK,CAAC;WAClD,OAAO;AACd,OAAI,YAAY,2CAA2C,WAAW,MAAM,CAC1E,QAAO,OAAO,MAAM,MAAM;AAE5B,SAAM"}

package/dist/esm/lib/stack-app/apps/implementations/session-refresh-subscription.d.ts

@@ -0,0 +1,28 @@
+//#region src/lib/stack-app/apps/implementations/session-refresh-subscription.d.ts
+type TokenStoreSubscription = {
+  unsubscribe: () => void;
+};
+type TokenStoreLike = {
+  onChange: (callback: () => void) => TokenStoreSubscription;
+};
+type SessionRefreshLike = {
+  sessionKey: string;
+  startRefreshingAccessToken: (minMillisUntilExpiration: number, maxMillisSinceIssued: number | null) => TokenStoreSubscription;
+};
+/**
+ * Keeps the currently mounted React session fresh while `useSyncExternalStore`
+ * has an active subscriber. The token store owns which session is current; when
+ * it changes to a different session key, we stop refreshing the old session and
+ * start refreshing the new one. The caller still receives every token-store
+ * change through `onTokenStoreChange` so React can re-read the session snapshot.
+ */
+declare function subscribeSessionRefresh(options: {
+  tokenStore: TokenStoreLike;
+  getSession: () => SessionRefreshLike;
+  onTokenStoreChange: () => void;
+  minMillisUntilExpiration?: number;
+  maxMillisSinceIssued?: number | null;
+}): () => void;
+//#endregion
+export { subscribeSessionRefresh };
+//# sourceMappingURL=session-refresh-subscription.d.ts.map

package/dist/esm/lib/stack-app/apps/implementations/session-refresh-subscription.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-refresh-subscription.d.ts","names":[],"sources":["../../../../../../src/lib/stack-app/apps/implementations/session-refresh-subscription.ts"],"mappings":";KAIK,sBAAA;EACH,WAAA;AAAA;AAAA,KAGG,cAAA;EACH,QAAA,GAAW,QAAA,iBAAyB,sBAAA;AAAA;AAAA,KAGjC,kBAAA;EACH,UAAA;EACA,0BAAA,GAA6B,wBAAA,UAAkC,oBAAA,oBAAwC,sBAAA;AAAA;;;;;;AAL7C;;iBAe5C,uBAAA,CAAwB,OAAA;EACtC,UAAA,EAAY,cAAA;EACZ,UAAA,QAAkB,kBAAA;EAClB,kBAAA;EACA,wBAAA;EACA,oBAAA;AAAA"}

package/dist/esm/lib/stack-app/apps/implementations/session-refresh-subscription.js

@@ -0,0 +1,31 @@
+//#region src/lib/stack-app/apps/implementations/session-refresh-subscription.ts
+/**
+* Keeps the currently mounted React session fresh while `useSyncExternalStore`
+* has an active subscriber. The token store owns which session is current; when
+* it changes to a different session key, we stop refreshing the old session and
+* start refreshing the new one. The caller still receives every token-store
+* change through `onTokenStoreChange` so React can re-read the session snapshot.
+*/
+function subscribeSessionRefresh(options) {
+	const minMillisUntilExpiration = options.minMillisUntilExpiration ?? 3e4;
+	const maxMillisSinceIssued = options.maxMillisSinceIssued ?? 6e4;
+	let refreshedSession = options.getSession();
+	let refreshSubscription = refreshedSession.startRefreshingAccessToken(minMillisUntilExpiration, maxMillisSinceIssued);
+	const tokenStoreSubscription = options.tokenStore.onChange(() => {
+		const nextSession = options.getSession();
+		if (nextSession.sessionKey !== refreshedSession.sessionKey) {
+			refreshSubscription.unsubscribe();
+			refreshedSession = nextSession;
+			refreshSubscription = refreshedSession.startRefreshingAccessToken(minMillisUntilExpiration, maxMillisSinceIssued);
+		}
+		options.onTokenStoreChange();
+	});
+	return () => {
+		tokenStoreSubscription.unsubscribe();
+		refreshSubscription.unsubscribe();
+	};
+}
+
+//#endregion
+export { subscribeSessionRefresh };
+//# sourceMappingURL=session-refresh-subscription.js.map

package/dist/esm/lib/stack-app/apps/implementations/session-refresh-subscription.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-refresh-subscription.js","names":[],"sources":["../../../../../../src/lib/stack-app/apps/implementations/session-refresh-subscription.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY, INSTEAD EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\ntype TokenStoreSubscription = {\n  unsubscribe: () => void,\n};\n\ntype TokenStoreLike = {\n  onChange: (callback: () => void) => TokenStoreSubscription,\n};\n\ntype SessionRefreshLike = {\n  sessionKey: string,\n  startRefreshingAccessToken: (minMillisUntilExpiration: number, maxMillisSinceIssued: number | null) => TokenStoreSubscription,\n};\n\n/**\n * Keeps the currently mounted React session fresh while `useSyncExternalStore`\n * has an active subscriber. The token store owns which session is current; when\n * it changes to a different session key, we stop refreshing the old session and\n * start refreshing the new one. The caller still receives every token-store\n * change through `onTokenStoreChange` so React can re-read the session snapshot.\n */\nexport function subscribeSessionRefresh(options: {\n  tokenStore: TokenStoreLike,\n  getSession: () => SessionRefreshLike,\n  onTokenStoreChange: () => void,\n  minMillisUntilExpiration?: number,\n  maxMillisSinceIssued?: number | null,\n}): () => void {\n  const minMillisUntilExpiration = options.minMillisUntilExpiration ?? 30_000;\n  const maxMillisSinceIssued = options.maxMillisSinceIssued ?? 60_000;\n\n  let refreshedSession = options.getSession();\n  let refreshSubscription = refreshedSession.startRefreshingAccessToken(minMillisUntilExpiration, maxMillisSinceIssued);\n\n  const tokenStoreSubscription = options.tokenStore.onChange(() => {\n    const nextSession = options.getSession();\n    if (nextSession.sessionKey !== refreshedSession.sessionKey) {\n      refreshSubscription.unsubscribe();\n      refreshedSession = nextSession;\n      refreshSubscription = refreshedSession.startRefreshingAccessToken(minMillisUntilExpiration, maxMillisSinceIssued);\n    }\n    options.onTokenStoreChange();\n  });\n\n  return () => {\n    tokenStoreSubscription.unsubscribe();\n    refreshSubscription.unsubscribe();\n  };\n}\n"],"mappings":";;;;;;;;AAwBA,SAAgB,wBAAwB,SAMzB;CACb,MAAM,2BAA2B,QAAQ,4BAA4B;CACrE,MAAM,uBAAuB,QAAQ,wBAAwB;CAE7D,IAAI,mBAAmB,QAAQ,YAAY;CAC3C,IAAI,sBAAsB,iBAAiB,2BAA2B,0BAA0B,qBAAqB;CAErH,MAAM,yBAAyB,QAAQ,WAAW,eAAe;EAC/D,MAAM,cAAc,QAAQ,YAAY;AACxC,MAAI,YAAY,eAAe,iBAAiB,YAAY;AAC1D,uBAAoB,aAAa;AACjC,sBAAmB;AACnB,yBAAsB,iBAAiB,2BAA2B,0BAA0B,qBAAqB;;AAEnH,UAAQ,oBAAoB;GAC5B;AAEF,cAAa;AACX,yBAAuB,aAAa;AACpC,sBAAoB,aAAa"}

package/dist/esm/lib/stack-app/apps/implementations/session-refresh-subscription.test.d.ts

@@ -0,0 +1 @@
+export { };

package/dist/esm/lib/stack-app/apps/implementations/session-refresh-subscription.test.js

@@ -0,0 +1,82 @@
+import { describe, expect, it, vi } from "vitest";
+import { subscribeSessionRefresh } from "./session-refresh-subscription.js";
+
+//#region src/lib/stack-app/apps/implementations/session-refresh-subscription.test.ts
+function createTokenStoreTestDouble() {
+	const listeners = /* @__PURE__ */ new Set();
+	const unsubscribe = vi.fn((listener) => {
+		listeners.delete(listener);
+	});
+	return {
+		tokenStore: { onChange: vi.fn((listener) => {
+			listeners.add(listener);
+			return { unsubscribe: () => unsubscribe(listener) };
+		}) },
+		emitChange: () => {
+			for (const listener of [...listeners]) listener();
+		},
+		unsubscribe
+	};
+}
+function createSessionTestDouble(sessionKey) {
+	const refreshUnsubscribe = vi.fn();
+	return {
+		session: {
+			sessionKey,
+			startRefreshingAccessToken: vi.fn(() => ({ unsubscribe: refreshUnsubscribe }))
+		},
+		refreshUnsubscribe
+	};
+}
+describe("subscribeSessionRefresh", () => {
+	it("starts token refresh while subscribed and stops it on unsubscribe", () => {
+		const tokenStore = createTokenStoreTestDouble();
+		const firstSession = createSessionTestDouble("refresh-token-1");
+		const onTokenStoreChange = vi.fn();
+		const unsubscribe = subscribeSessionRefresh({
+			tokenStore: tokenStore.tokenStore,
+			getSession: () => firstSession.session,
+			onTokenStoreChange
+		});
+		expect(firstSession.session.startRefreshingAccessToken).toHaveBeenCalledWith(3e4, 6e4);
+		expect(tokenStore.tokenStore.onChange).toHaveBeenCalledOnce();
+		unsubscribe();
+		expect(tokenStore.unsubscribe).toHaveBeenCalledOnce();
+		expect(firstSession.refreshUnsubscribe).toHaveBeenCalledOnce();
+	});
+	it("keeps the existing refresh loop when the token store changes within the same session", () => {
+		const tokenStore = createTokenStoreTestDouble();
+		const firstSession = createSessionTestDouble("refresh-token-1");
+		const onTokenStoreChange = vi.fn();
+		subscribeSessionRefresh({
+			tokenStore: tokenStore.tokenStore,
+			getSession: () => firstSession.session,
+			onTokenStoreChange
+		});
+		tokenStore.emitChange();
+		expect(onTokenStoreChange).toHaveBeenCalledOnce();
+		expect(firstSession.session.startRefreshingAccessToken).toHaveBeenCalledOnce();
+		expect(firstSession.refreshUnsubscribe).not.toHaveBeenCalled();
+	});
+	it("moves the refresh loop when the token store changes to a different session", () => {
+		const tokenStore = createTokenStoreTestDouble();
+		const firstSession = createSessionTestDouble("refresh-token-1");
+		const secondSession = createSessionTestDouble("refresh-token-2");
+		const sessions = [firstSession.session, secondSession.session];
+		const onTokenStoreChange = vi.fn();
+		subscribeSessionRefresh({
+			tokenStore: tokenStore.tokenStore,
+			getSession: () => sessions[0] ?? secondSession.session,
+			onTokenStoreChange
+		});
+		sessions.shift();
+		tokenStore.emitChange();
+		expect(onTokenStoreChange).toHaveBeenCalledOnce();
+		expect(firstSession.refreshUnsubscribe).toHaveBeenCalledOnce();
+		expect(secondSession.session.startRefreshingAccessToken).toHaveBeenCalledWith(3e4, 6e4);
+	});
+});
+
+//#endregion
+export {  };
+//# sourceMappingURL=session-refresh-subscription.test.js.map

package/dist/esm/lib/stack-app/apps/implementations/session-refresh-subscription.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-refresh-subscription.test.js","names":[],"sources":["../../../../../../src/lib/stack-app/apps/implementations/session-refresh-subscription.test.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY, INSTEAD EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { describe, expect, it, vi } from \"vitest\";\nimport { subscribeSessionRefresh } from \"./session-refresh-subscription\";\n\ntype Listener = () => void;\n\nfunction createTokenStoreTestDouble() {\n  const listeners = new Set<Listener>();\n  const unsubscribe = vi.fn((listener: Listener) => {\n    listeners.delete(listener);\n  });\n\n  return {\n    tokenStore: {\n      onChange: vi.fn((listener: Listener) => {\n        listeners.add(listener);\n        return {\n          unsubscribe: () => unsubscribe(listener),\n        };\n      }),\n    },\n    emitChange: () => {\n      for (const listener of [...listeners]) {\n        listener();\n      }\n    },\n    unsubscribe,\n  };\n}\n\nfunction createSessionTestDouble(sessionKey: string) {\n  const refreshUnsubscribe = vi.fn();\n  return {\n    session: {\n      sessionKey,\n      startRefreshingAccessToken: vi.fn(() => ({\n        unsubscribe: refreshUnsubscribe,\n      })),\n    },\n    refreshUnsubscribe,\n  };\n}\n\ndescribe(\"subscribeSessionRefresh\", () => {\n  it(\"starts token refresh while subscribed and stops it on unsubscribe\", () => {\n    const tokenStore = createTokenStoreTestDouble();\n    const firstSession = createSessionTestDouble(\"refresh-token-1\");\n    const onTokenStoreChange = vi.fn();\n\n    const unsubscribe = subscribeSessionRefresh({\n      tokenStore: tokenStore.tokenStore,\n      getSession: () => firstSession.session,\n      onTokenStoreChange,\n    });\n\n    expect(firstSession.session.startRefreshingAccessToken).toHaveBeenCalledWith(30_000, 60_000);\n    expect(tokenStore.tokenStore.onChange).toHaveBeenCalledOnce();\n\n    unsubscribe();\n\n    expect(tokenStore.unsubscribe).toHaveBeenCalledOnce();\n    expect(firstSession.refreshUnsubscribe).toHaveBeenCalledOnce();\n  });\n\n  it(\"keeps the existing refresh loop when the token store changes within the same session\", () => {\n    const tokenStore = createTokenStoreTestDouble();\n    const firstSession = createSessionTestDouble(\"refresh-token-1\");\n    const onTokenStoreChange = vi.fn();\n\n    subscribeSessionRefresh({\n      tokenStore: tokenStore.tokenStore,\n      getSession: () => firstSession.session,\n      onTokenStoreChange,\n    });\n\n    tokenStore.emitChange();\n\n    expect(onTokenStoreChange).toHaveBeenCalledOnce();\n    expect(firstSession.session.startRefreshingAccessToken).toHaveBeenCalledOnce();\n    expect(firstSession.refreshUnsubscribe).not.toHaveBeenCalled();\n  });\n\n  it(\"moves the refresh loop when the token store changes to a different session\", () => {\n    const tokenStore = createTokenStoreTestDouble();\n    const firstSession = createSessionTestDouble(\"refresh-token-1\");\n    const secondSession = createSessionTestDouble(\"refresh-token-2\");\n    const sessions = [firstSession.session, secondSession.session];\n    const onTokenStoreChange = vi.fn();\n\n    subscribeSessionRefresh({\n      tokenStore: tokenStore.tokenStore,\n      getSession: () => sessions[0] ?? secondSession.session,\n      onTokenStoreChange,\n    });\n\n    sessions.shift();\n    tokenStore.emitChange();\n\n    expect(onTokenStoreChange).toHaveBeenCalledOnce();\n    expect(firstSession.refreshUnsubscribe).toHaveBeenCalledOnce();\n    expect(secondSession.session.startRefreshingAccessToken).toHaveBeenCalledWith(30_000, 60_000);\n  });\n});\n"],"mappings":";;;;AASA,SAAS,6BAA6B;CACpC,MAAM,4BAAY,IAAI,KAAe;CACrC,MAAM,cAAc,GAAG,IAAI,aAAuB;AAChD,YAAU,OAAO,SAAS;GAC1B;AAEF,QAAO;EACL,YAAY,EACV,UAAU,GAAG,IAAI,aAAuB;AACtC,aAAU,IAAI,SAAS;AACvB,UAAO,EACL,mBAAmB,YAAY,SAAS,EACzC;IACD,EACH;EACD,kBAAkB;AAChB,QAAK,MAAM,YAAY,CAAC,GAAG,UAAU,CACnC,WAAU;;EAGd;EACD;;AAGH,SAAS,wBAAwB,YAAoB;CACnD,MAAM,qBAAqB,GAAG,IAAI;AAClC,QAAO;EACL,SAAS;GACP;GACA,4BAA4B,GAAG,UAAU,EACvC,aAAa,oBACd,EAAE;GACJ;EACD;EACD;;AAGH,SAAS,iCAAiC;AACxC,IAAG,2EAA2E;EAC5E,MAAM,aAAa,4BAA4B;EAC/C,MAAM,eAAe,wBAAwB,kBAAkB;EAC/D,MAAM,qBAAqB,GAAG,IAAI;EAElC,MAAM,cAAc,wBAAwB;GAC1C,YAAY,WAAW;GACvB,kBAAkB,aAAa;GAC/B;GACD,CAAC;AAEF,SAAO,aAAa,QAAQ,2BAA2B,CAAC,qBAAqB,KAAQ,IAAO;AAC5F,SAAO,WAAW,WAAW,SAAS,CAAC,sBAAsB;AAE7D,eAAa;AAEb,SAAO,WAAW,YAAY,CAAC,sBAAsB;AACrD,SAAO,aAAa,mBAAmB,CAAC,sBAAsB;GAC9D;AAEF,IAAG,8FAA8F;EAC/F,MAAM,aAAa,4BAA4B;EAC/C,MAAM,eAAe,wBAAwB,kBAAkB;EAC/D,MAAM,qBAAqB,GAAG,IAAI;AAElC,0BAAwB;GACtB,YAAY,WAAW;GACvB,kBAAkB,aAAa;GAC/B;GACD,CAAC;AAEF,aAAW,YAAY;AAEvB,SAAO,mBAAmB,CAAC,sBAAsB;AACjD,SAAO,aAAa,QAAQ,2BAA2B,CAAC,sBAAsB;AAC9E,SAAO,aAAa,mBAAmB,CAAC,IAAI,kBAAkB;GAC9D;AAEF,IAAG,oFAAoF;EACrF,MAAM,aAAa,4BAA4B;EAC/C,MAAM,eAAe,wBAAwB,kBAAkB;EAC/D,MAAM,gBAAgB,wBAAwB,kBAAkB;EAChE,MAAM,WAAW,CAAC,aAAa,SAAS,cAAc,QAAQ;EAC9D,MAAM,qBAAqB,GAAG,IAAI;AAElC,0BAAwB;GACtB,YAAY,WAAW;GACvB,kBAAkB,SAAS,MAAM,cAAc;GAC/C;GACD,CAAC;AAEF,WAAS,OAAO;AAChB,aAAW,YAAY;AAEvB,SAAO,mBAAmB,CAAC,sBAAsB;AACjD,SAAO,aAAa,mBAAmB,CAAC,sBAAsB;AAC9D,SAAO,cAAc,QAAQ,2BAA2B,CAAC,qBAAqB,KAAQ,IAAO;GAC7F;EACF"}

package/dist/esm/lib/stack-app/apps/implementations/session-replay.d.ts

@@ -0,0 +1,108 @@
+import { Result } from "@stackframe/stack-shared/dist/utils/results";
+
+//#region src/lib/stack-app/apps/implementations/session-replay.d.ts
+type AnalyticsReplayOptions = {
+  /**
+   * Whether session replays are enabled.
+   *
+   * @default false
+   */
+  enabled?: boolean;
+  /**
+   * Whether to mask the content of all `<input>` elements.
+   *
+   * @default true
+   */
+  maskAllInputs?: boolean;
+  /**
+   * A CSS class name or RegExp. Elements with a matching class will be blocked
+   * (replaced with a placeholder in the recording).
+   *
+   * @default undefined
+   */
+  blockClass?: string | RegExp;
+  /**
+   * A CSS selector string. Elements matching this selector will be blocked
+   * (replaced with a placeholder in the recording).
+   *
+   * @default undefined
+   */
+  blockSelector?: string;
+};
+type AnalyticsOptions = {
+  /**
+   * Whether SDK-managed analytics capture is enabled.
+   *
+   * @default true
+   */
+  enabled?: boolean;
+  /**
+   * Options for session replay recording. Replays are disabled by default;
+   * set `enabled: true` to opt in.
+   */
+  replays?: AnalyticsReplayOptions;
+};
+/**
+ * Converts AnalyticsOptions to a JSON-safe representation.
+ * RegExp blockClass values are serialized as `{ __regexp, __flags }` objects.
+ * The return type is AnalyticsOptions to keep StackClientAppJson simple;
+ * the actual runtime value is JSON-safe.
+ */
+declare function analyticsOptionsToJson(options: AnalyticsOptions | undefined): AnalyticsOptions | undefined;
+/**
+ * Reconstructs AnalyticsOptions from a JSON-deserialized value.
+ * Converts `{ __regexp, __flags }` objects back to RegExp instances.
+ */
+declare function analyticsOptionsFromJson(json: AnalyticsOptions | undefined): AnalyticsOptions | undefined;
+type StoredSession = {
+  session_id: string;
+  created_at_ms: number;
+  last_activity_ms: number;
+};
+declare function safeParseStoredSession(raw: string | null): StoredSession | null;
+declare function makeStorageKey(projectId: string): string;
+declare function generateUuid(): `${string}-${string}-${string}-${string}-${string}`;
+declare function getOrRotateSession(options: {
+  key: string;
+  nowMs: number;
+}): StoredSession;
+type SessionRecorderDeps = {
+  projectId: string;
+  sendBatch: (body: string, options: {
+    keepalive: boolean;
+  }) => Promise<Result<Response, Error>>;
+};
+declare class SessionRecorder {
+  private _started;
+  private _cancelled;
+  private _stopRecording;
+  private _detachListeners;
+  private _flushTimer;
+  private _events;
+  private _approxBytes;
+  private _lastPersistActivity;
+  private _recording;
+  private _rrwebModule;
+  private _lastBrowserSessionId;
+  private _takingSnapshot;
+  private _flushInProgress;
+  private readonly _sessionReplaySegmentId;
+  private readonly _storageKey;
+  private readonly _deps;
+  private readonly _replayOptions;
+  constructor(deps: SessionRecorderDeps, replayOptions: AnalyticsReplayOptions);
+  /**
+   * Starts recording. Idempotent — calling multiple times is safe.
+   */
+  start(): void;
+  stop(): void;
+  clearBuffer(): void;
+  private _persistActivity;
+  private _flush;
+  private _startRecording;
+  private _stopCurrentRecording;
+  private _tick;
+}
+//#endregion
+export { AnalyticsOptions, AnalyticsReplayOptions, SessionRecorder, SessionRecorderDeps, StoredSession, analyticsOptionsFromJson, analyticsOptionsToJson, generateUuid, getOrRotateSession, makeStorageKey, safeParseStoredSession };
+//# sourceMappingURL=session-replay.d.ts.map

package/dist/esm/lib/stack-app/apps/implementations/session-replay.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-replay.d.ts","names":[],"sources":["../../../../../../src/lib/stack-app/apps/implementations/session-replay.ts"],"mappings":";;;KAQY,sBAAA;;AAAZ;;;;EAME,OAAA;EAMA;;;;;EAAA,aAAA;EAiBU;;;;;;EAVV,UAAA,YAAsB,MAAA;EAqBU;;AASlC;;;;EAvBE,aAAA;AAAA;AAAA,KAGU,gBAAA;EAoBmF;;AAkB/F;;;EAhCE,OAAA;EAgC6C;;;;EA3B7C,OAAA,GAAU,sBAAA;AAAA;;;;;;;iBASI,sBAAA,CAAuB,OAAA,EAAS,gBAAA,eAA+B,gBAAA;;AAiD/E;;;iBA/BgB,wBAAA,CAAyB,IAAA,EAAM,gBAAA,eAA+B,gBAAA;AAAA,KAyBlE,aAAA;EACV,UAAA;EACA,aAAA;EACA,gBAAA;AAAA;AAAA,iBAGc,sBAAA,CAAuB,GAAA,kBAAqB,aAAA;AAAA,iBAc5C,cAAA,CAAe,SAAA;AAAA,iBAIf,YAAA,CAAA;AAAA,iBAIA,kBAAA,CAAmB,OAAA;EAAW,GAAA;EAAa,KAAA;AAAA,IAAkB,aAAA;AAAA,KAcjE,mBAAA;EACV,SAAA;EACA,SAAA,GAAY,IAAA,UAAc,OAAA;IAAW,SAAA;EAAA,MAAyB,OAAA,CAAQ,MAAA,CAAO,QAAA,EAAU,KAAA;AAAA;AAAA,cAG5E,eAAA;EAAA,QACH,QAAA;EAAA,QACA,UAAA;EAAA,QACA,cAAA;EAAA,QACA,gBAAA;EAAA,QACA,WAAA;EAAA,QACA,OAAA;EAAA,QACA,YAAA;EAAA,QACA,oBAAA;EAAA,QACA,UAAA;EAAA,QACA,YAAA;EAAA,QACA,qBAAA;EAAA,QACA,eAAA;EAAA,QACA,gBAAA;EAAA,iBACS,uBAAA;EAAA,iBACA,WAAA;EAAA,iBACA,KAAA;EAAA,iBACA,cAAA;cAEL,IAAA,EAAM,mBAAA,EAAqB,aAAA,EAAe,sBAAA;EAtBuB;;;EAgC7E,KAAA,CAAA;EAYA,IAAA,CAAA;EAWA,WAAA,CAAA;EAAA,QAKQ,gBAAA;EAAA,QASM,MAAA;EAAA,QA6CA,eAAA;EAAA,QA6DN,qBAAA;EAAA,QAcA,KAAA;AAAA"}