@technomoron/api-server-base 1.1.13 → 2.0.0-beta.2

package/dist/cjs/oauth/sequelize.js

@@ -0,0 +1,210 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SequelizeOAuthStore = exports.OAuthCodeModel = exports.OAuthClientModel = void 0;
+exports.initOAuthClientModel = initOAuthClientModel;
+exports.initOAuthCodeModel = initOAuthCodeModel;
+const bcryptjs_1 = __importDefault(require("bcryptjs"));
+const sequelize_1 = require("sequelize");
+const base_js_1 = require("./base.js");
+const DIALECTS_SUPPORTING_UNSIGNED = new Set(['mysql', 'mariadb']);
+function integerIdType(sequelize) {
+    return DIALECTS_SUPPORTING_UNSIGNED.has(sequelize.getDialect()) ? sequelize_1.DataTypes.INTEGER.UNSIGNED : sequelize_1.DataTypes.INTEGER;
+}
+function tableOptions(sequelize, tableName, extra) {
+    const opts = { sequelize, tableName };
+    if (extra) {
+        Object.assign(opts, extra);
+    }
+    if (DIALECTS_SUPPORTING_UNSIGNED.has(sequelize.getDialect())) {
+        opts.charset = 'utf8mb4';
+        opts.collate = 'utf8mb4_unicode_ci';
+    }
+    return opts;
+}
+class OAuthClientModel extends sequelize_1.Model {
+}
+exports.OAuthClientModel = OAuthClientModel;
+function initOAuthClientModel(sequelize) {
+    OAuthClientModel.init({
+        client_id: { type: sequelize_1.DataTypes.STRING(128), allowNull: false, primaryKey: true },
+        client_secret: { type: sequelize_1.DataTypes.STRING(255), allowNull: false, defaultValue: '' },
+        name: { type: sequelize_1.DataTypes.STRING(128), allowNull: true, defaultValue: null },
+        redirect_uris: { type: sequelize_1.DataTypes.TEXT, allowNull: false, defaultValue: '[]' },
+        scope: { type: sequelize_1.DataTypes.TEXT, allowNull: false, defaultValue: '[]' },
+        metadata: { type: sequelize_1.DataTypes.TEXT, allowNull: true, defaultValue: null },
+        first_party: { type: sequelize_1.DataTypes.BOOLEAN, allowNull: false, defaultValue: false }
+    }, tableOptions(sequelize, 'oauth_clients', { timestamps: false }));
+    return OAuthClientModel;
+}
+class OAuthCodeModel extends sequelize_1.Model {
+}
+exports.OAuthCodeModel = OAuthCodeModel;
+function initOAuthCodeModel(sequelize) {
+    const idType = integerIdType(sequelize);
+    OAuthCodeModel.init({
+        code: { type: sequelize_1.DataTypes.STRING(128), allowNull: false, primaryKey: true },
+        client_id: { type: sequelize_1.DataTypes.STRING(128), allowNull: false },
+        user_id: { type: idType, allowNull: false },
+        redirect_uri: { type: sequelize_1.DataTypes.TEXT, allowNull: false },
+        scope: { type: sequelize_1.DataTypes.TEXT, allowNull: false, defaultValue: '[]' },
+        code_challenge: { type: sequelize_1.DataTypes.STRING(255), allowNull: true, defaultValue: null },
+        code_challenge_method: { type: sequelize_1.DataTypes.STRING(10), allowNull: true, defaultValue: null },
+        expires: { type: sequelize_1.DataTypes.DATE, allowNull: false },
+        metadata: { type: sequelize_1.DataTypes.TEXT, allowNull: true, defaultValue: null }
+    }, tableOptions(sequelize, 'oauth_codes', { timestamps: false }));
+    return OAuthCodeModel;
+}
+function encodeStringArray(values) {
+    return JSON.stringify(values ?? []);
+}
+function decodeStringArray(raw) {
+    if (!raw) {
+        return [];
+    }
+    try {
+        const parsed = JSON.parse(raw);
+        if (Array.isArray(parsed)) {
+            return parsed.filter((entry) => typeof entry === 'string' && entry.length > 0);
+        }
+    }
+    catch {
+        // ignore malformed values
+    }
+    return raw
+        .split(/\s+/)
+        .map((entry) => entry.trim())
+        .filter((entry) => entry.length > 0);
+}
+function serializeMetadata(metadata) {
+    if (!metadata) {
+        return null;
+    }
+    return JSON.stringify(metadata);
+}
+function parseMetadata(raw) {
+    if (!raw) {
+        return undefined;
+    }
+    try {
+        const parsed = JSON.parse(raw);
+        if (parsed && typeof parsed === 'object') {
+            return parsed;
+        }
+    }
+    catch {
+        // ignore
+    }
+    return undefined;
+}
+function normalizeUserId(identifier) {
+    if (typeof identifier === 'number' && Number.isFinite(identifier)) {
+        return identifier;
+    }
+    if (typeof identifier === 'string' && /^\d+$/.test(identifier)) {
+        return Number(identifier);
+    }
+    throw new Error(`Unable to normalise user identifier: ${identifier}`);
+}
+class SequelizeOAuthStore extends base_js_1.OAuthStore {
+    constructor(options) {
+        super();
+        if (!options?.sequelize) {
+            throw new Error('SequelizeOAuthStore requires an initialised Sequelize instance');
+        }
+        this.clients = options.clientModel ?? (options.clientModelFactory ?? initOAuthClientModel)(options.sequelize);
+        this.codes = options.codeModel ?? (options.codeModelFactory ?? initOAuthCodeModel)(options.sequelize);
+        this.bcryptRounds = options.bcryptRounds ?? 12;
+    }
+    async getClient(clientId) {
+        const model = await this.clients.findByPk(clientId);
+        return model ? this.toOAuthClient(model) : null;
+    }
+    async createClient(input) {
+        const existing = await this.clients.findByPk(input.clientId);
+        const hashedSecret = input.clientSecret !== undefined && input.clientSecret !== null
+            ? await bcryptjs_1.default.hash(input.clientSecret, this.bcryptRounds)
+            : (existing?.client_secret ?? '');
+        const redirectUris = input.redirectUris ?? (existing ? decodeStringArray(existing.redirect_uris) : undefined);
+        const scope = input.scope ?? (existing ? decodeStringArray(existing.scope) : undefined);
+        const metadata = input.metadata ?? (existing ? parseMetadata(existing.metadata) : undefined);
+        await this.clients.upsert({
+            client_id: input.clientId,
+            client_secret: hashedSecret,
+            name: input.name ?? existing?.name ?? null,
+            redirect_uris: encodeStringArray(redirectUris),
+            scope: encodeStringArray(scope),
+            metadata: serializeMetadata(metadata),
+            first_party: input.firstParty ?? existing?.first_party ?? false
+        });
+        const model = await this.clients.findByPk(input.clientId);
+        if (!model) {
+            throw new Error(`Unable to persist OAuth client ${input.clientId}`);
+        }
+        return this.toOAuthClient(model);
+    }
+    async verifyClientSecret(clientId, clientSecret) {
+        const model = await this.clients.findByPk(clientId);
+        if (!model) {
+            return false;
+        }
+        if (!model.client_secret) {
+            return !clientSecret || clientSecret.length === 0;
+        }
+        if (!clientSecret) {
+            return false;
+        }
+        return bcryptjs_1.default.compare(clientSecret, model.client_secret);
+    }
+    async createAuthCode(code) {
+        await this.codes.create({
+            code: code.code,
+            client_id: code.clientId,
+            user_id: normalizeUserId(code.userId),
+            redirect_uri: code.redirectUri ?? '',
+            scope: encodeStringArray(code.scope),
+            code_challenge: code.codeChallenge ?? null,
+            code_challenge_method: code.codeChallengeMethod ?? null,
+            expires: code.expiresAt,
+            metadata: serializeMetadata(code.metadata)
+        });
+    }
+    async consumeAuthCode(code) {
+        const model = await this.codes.findByPk(code);
+        if (!model) {
+            return null;
+        }
+        await model.destroy();
+        return this.toAuthCode(model);
+    }
+    async close() {
+        return;
+    }
+    toOAuthClient(model) {
+        return {
+            clientId: model.client_id,
+            clientSecret: model.client_secret,
+            name: model.name ?? undefined,
+            redirectUris: decodeStringArray(model.redirect_uris),
+            scope: decodeStringArray(model.scope),
+            metadata: parseMetadata(model.metadata),
+            firstParty: model.first_party ?? false
+        };
+    }
+    toAuthCode(model) {
+        return {
+            code: model.code,
+            clientId: model.client_id,
+            userId: model.user_id,
+            redirectUri: model.redirect_uri,
+            scope: decodeStringArray(model.scope),
+            codeChallenge: model.code_challenge ?? undefined,
+            codeChallengeMethod: model.code_challenge_method ?? undefined,
+            expiresAt: model.expires,
+            metadata: parseMetadata(model.metadata)
+        };
+    }
+}
+exports.SequelizeOAuthStore = SequelizeOAuthStore;

package/dist/cjs/oauth/types.d.ts

@@ -0,0 +1,50 @@
+import type { AuthIdentifier } from '../auth-api/types.js';
+export interface OAuthClient {
+    clientId: string;
+    clientSecret?: string;
+    firstParty?: boolean;
+    metadata?: Record<string, unknown>;
+    name?: string;
+    redirectUris: string[];
+    scope?: string[];
+}
+export interface AuthCodeData {
+    code: string;
+    clientId: string;
+    codeChallenge?: string;
+    codeChallengeMethod?: 'plain' | 'S256';
+    expiresAt: Date;
+    metadata?: Record<string, unknown>;
+    redirectUri?: string;
+    scope?: string[];
+    userId: AuthIdentifier;
+}
+export type AuthCode = AuthCodeData;
+export type AuthCodeRequest = Omit<AuthCodeData, 'code' | 'expiresAt'> & {
+    code?: string;
+    expiresInSeconds?: number;
+};
+export interface OAuthStartParams {
+    provider: string;
+    redirectUri?: string;
+    scope?: string | string[];
+    state?: string;
+    extras?: Record<string, unknown>;
+}
+export interface OAuthStartResult extends Record<string, unknown> {
+    url: string;
+    state?: string;
+    codeVerifier?: string;
+}
+export interface OAuthCallbackParams {
+    provider: string;
+    query: Record<string, string | string[]>;
+    body: Record<string, unknown>;
+}
+export interface OAuthCallbackResult<PublicUser> extends Record<string, unknown> {
+    user: PublicUser;
+    tokens?: {
+        accessToken: string;
+        refreshToken: string;
+    };
+}

package/dist/cjs/oauth/types.js

@@ -0,0 +1,3 @@
+"use strict";
+// OAuth-specific contracts kept alongside the OAuth module.
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/cjs/passkey/base.d.ts

@@ -0,0 +1,15 @@
+import type { PasskeyChallengeRecord, PasskeyStorageAdapter, PasskeyUserDescriptor, StoredPasskeyCredential } from './types.js';
+import type { AuthIdentifier } from '../auth-api/types.js';
+export declare abstract class PasskeyStore implements PasskeyStorageAdapter {
+    abstract resolveUser(params: {
+        userId?: AuthIdentifier;
+        login?: string;
+    }): Promise<PasskeyUserDescriptor | null>;
+    abstract listUserCredentials(userId: AuthIdentifier): Promise<StoredPasskeyCredential[]>;
+    abstract findCredentialById(credentialId: Buffer): Promise<StoredPasskeyCredential | null>;
+    abstract saveCredential(record: StoredPasskeyCredential): Promise<void>;
+    abstract updateCredentialCounter(credentialId: Buffer, counter: number): Promise<void>;
+    abstract saveChallenge(record: PasskeyChallengeRecord): Promise<void>;
+    abstract consumeChallenge(challenge: string): Promise<PasskeyChallengeRecord | null>;
+    abstract cleanupChallenges(now: Date): Promise<void>;
+}

package/dist/cjs/passkey/base.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PasskeyStore = void 0;
+class PasskeyStore {
+}
+exports.PasskeyStore = PasskeyStore;

package/dist/cjs/passkey/memory.d.ts

@@ -0,0 +1,26 @@
+import { PasskeyStore } from './base.js';
+import type { PasskeyChallengeRecord, PasskeyUserDescriptor, StoredPasskeyCredential } from './types.js';
+import type { AuthIdentifier } from '../auth-api/types.js';
+export interface MemoryPasskeyStoreOptions {
+    resolveUser: (params: {
+        userId?: AuthIdentifier;
+        login?: string;
+    }) => Promise<PasskeyUserDescriptor | null>;
+}
+export declare class MemoryPasskeyStore extends PasskeyStore {
+    private readonly resolveUserFn;
+    private readonly credentials;
+    private readonly challenges;
+    constructor(options: MemoryPasskeyStoreOptions);
+    resolveUser(params: {
+        userId?: AuthIdentifier;
+        login?: string;
+    }): Promise<PasskeyUserDescriptor | null>;
+    listUserCredentials(userId: AuthIdentifier): Promise<StoredPasskeyCredential[]>;
+    findCredentialById(credentialId: Buffer): Promise<StoredPasskeyCredential | null>;
+    saveCredential(record: StoredPasskeyCredential): Promise<void>;
+    updateCredentialCounter(credentialId: Buffer, counter: number): Promise<void>;
+    saveChallenge(record: PasskeyChallengeRecord): Promise<void>;
+    consumeChallenge(challenge: string): Promise<PasskeyChallengeRecord | null>;
+    cleanupChallenges(now: Date): Promise<void>;
+}

package/dist/cjs/passkey/memory.js

@@ -0,0 +1,82 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MemoryPasskeyStore = void 0;
+const base_js_1 = require("./base.js");
+function encodeCredentialId(value) {
+    return Buffer.isBuffer(value) ? value.toString('base64') : value;
+}
+function normalizeUserId(identifier) {
+    if (typeof identifier === 'number' && Number.isFinite(identifier)) {
+        return identifier;
+    }
+    if (typeof identifier === 'string' && /^\d+$/.test(identifier)) {
+        return Number(identifier);
+    }
+    return identifier;
+}
+function cloneCredential(record) {
+    return {
+        ...record,
+        credentialId: Buffer.isBuffer(record.credentialId) ? Buffer.from(record.credentialId) : record.credentialId,
+        transports: record.transports ? [...record.transports] : undefined
+    };
+}
+class MemoryPasskeyStore extends base_js_1.PasskeyStore {
+    constructor(options) {
+        super();
+        this.credentials = new Map();
+        this.challenges = new Map();
+        this.resolveUserFn = options.resolveUser;
+    }
+    async resolveUser(params) {
+        return this.resolveUserFn(params);
+    }
+    async listUserCredentials(userId) {
+        const normalizedUserId = normalizeUserId(userId);
+        return [...this.credentials.values()]
+            .filter((record) => normalizeUserId(record.userId) === normalizedUserId)
+            .map((record) => cloneCredential(record));
+    }
+    async findCredentialById(credentialId) {
+        const record = this.credentials.get(encodeCredentialId(credentialId));
+        return record ? cloneCredential(record) : null;
+    }
+    async saveCredential(record) {
+        this.credentials.set(encodeCredentialId(record.credentialId), {
+            ...record,
+            userId: normalizeUserId(record.userId),
+            credentialId: Buffer.isBuffer(record.credentialId) ? Buffer.from(record.credentialId) : record.credentialId,
+            transports: record.transports ? [...record.transports] : undefined
+        });
+    }
+    async updateCredentialCounter(credentialId, counter) {
+        const key = encodeCredentialId(credentialId);
+        const existing = this.credentials.get(key);
+        if (existing) {
+            existing.counter = counter;
+        }
+    }
+    async saveChallenge(record) {
+        this.challenges.set(record.challenge, {
+            ...record,
+            userId: record.userId !== undefined ? normalizeUserId(record.userId) : undefined,
+            metadata: record.metadata ? { ...record.metadata } : {}
+        });
+    }
+    async consumeChallenge(challenge) {
+        const record = this.challenges.get(challenge);
+        if (!record) {
+            return null;
+        }
+        this.challenges.delete(challenge);
+        return { ...record, metadata: record.metadata ? { ...record.metadata } : {} };
+    }
+    async cleanupChallenges(now) {
+        for (const [challenge, record] of this.challenges.entries()) {
+            if (record.expiresAt && new Date(record.expiresAt) <= now) {
+                this.challenges.delete(challenge);
+            }
+        }
+    }
+}
+exports.MemoryPasskeyStore = MemoryPasskeyStore;

package/dist/cjs/passkey/models.d.ts

@@ -0,0 +1,25 @@
+import { Model, type InferAttributes, type InferCreationAttributes, type ModelStatic, type Sequelize } from 'sequelize';
+import type { PasskeyChallengeMetadata } from './service.js';
+export declare class PasskeyCredentialModel extends Model<InferAttributes<PasskeyCredentialModel>, InferCreationAttributes<PasskeyCredentialModel>> {
+    credentialId: Buffer;
+    userId: number;
+    publicKey: Buffer;
+    counter: number;
+    transports: string[] | null;
+    backedUp: boolean;
+    deviceType: string;
+    createdAt?: Date;
+    updatedAt?: Date;
+}
+export declare class PasskeyChallengeModel extends Model<InferAttributes<PasskeyChallengeModel>, InferCreationAttributes<PasskeyChallengeModel>> {
+    challenge: string;
+    action: 'register' | 'authenticate';
+    userId: number | null;
+    login: string | null;
+    metadata: PasskeyChallengeMetadata | null;
+    expiresAt: Date;
+    createdAt?: Date;
+    updatedAt?: Date;
+}
+export declare function initPasskeyCredentialModel(sequelize: Sequelize): ModelStatic<PasskeyCredentialModel>;
+export declare function initPasskeyChallengeModel(sequelize: Sequelize): ModelStatic<PasskeyChallengeModel>;

package/dist/cjs/passkey/models.js

@@ -0,0 +1,115 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PasskeyChallengeModel = exports.PasskeyCredentialModel = void 0;
+exports.initPasskeyCredentialModel = initPasskeyCredentialModel;
+exports.initPasskeyChallengeModel = initPasskeyChallengeModel;
+const sequelize_1 = require("sequelize");
+const DIALECTS_SUPPORTING_UNSIGNED = new Set(['mysql', 'mariadb']);
+function integerIdType(sequelize) {
+    return DIALECTS_SUPPORTING_UNSIGNED.has(sequelize.getDialect()) ? sequelize_1.DataTypes.INTEGER.UNSIGNED : sequelize_1.DataTypes.INTEGER;
+}
+class PasskeyCredentialModel extends sequelize_1.Model {
+}
+exports.PasskeyCredentialModel = PasskeyCredentialModel;
+class PasskeyChallengeModel extends sequelize_1.Model {
+}
+exports.PasskeyChallengeModel = PasskeyChallengeModel;
+function initPasskeyCredentialModel(sequelize) {
+    const idType = integerIdType(sequelize);
+    return PasskeyCredentialModel.init({
+        credentialId: {
+            field: 'credential_id',
+            type: sequelize_1.DataTypes.STRING(768),
+            primaryKey: true,
+            allowNull: false,
+            get() {
+                const raw = this.getDataValue('credentialId');
+                if (!raw) {
+                    return raw;
+                }
+                if (Buffer.isBuffer(raw)) {
+                    return raw;
+                }
+                return Buffer.from(raw, 'base64');
+            },
+            set(value) {
+                const encoded = typeof value === 'string' ? value : value.toString('base64');
+                this.setDataValue('credentialId', encoded);
+            }
+        },
+        userId: {
+            field: 'user_id',
+            type: idType,
+            allowNull: false
+        },
+        publicKey: {
+            field: 'public_key',
+            type: sequelize_1.DataTypes.BLOB,
+            allowNull: false
+        },
+        counter: {
+            type: sequelize_1.DataTypes.INTEGER,
+            allowNull: false,
+            defaultValue: 0
+        },
+        transports: {
+            type: sequelize_1.DataTypes.JSON,
+            allowNull: true
+        },
+        backedUp: {
+            field: 'backed_up',
+            type: sequelize_1.DataTypes.BOOLEAN,
+            allowNull: false,
+            defaultValue: false
+        },
+        deviceType: {
+            field: 'device_type',
+            type: sequelize_1.DataTypes.STRING(32),
+            allowNull: false,
+            defaultValue: 'multiDevice'
+        }
+    }, {
+        sequelize,
+        tableName: 'passkey_credentials',
+        timestamps: true,
+        underscored: true
+    });
+}
+function initPasskeyChallengeModel(sequelize) {
+    const idType = integerIdType(sequelize);
+    return PasskeyChallengeModel.init({
+        challenge: {
+            type: sequelize_1.DataTypes.STRING(255),
+            primaryKey: true,
+            allowNull: false
+        },
+        action: {
+            type: sequelize_1.DataTypes.STRING(16),
+            allowNull: false
+        },
+        userId: {
+            field: 'user_id',
+            type: idType,
+            allowNull: true
+        },
+        login: {
+            type: sequelize_1.DataTypes.STRING(128),
+            allowNull: true
+        },
+        metadata: {
+            type: sequelize_1.DataTypes.JSON,
+            allowNull: true
+        },
+        expiresAt: {
+            field: 'expires_at',
+            type: sequelize_1.DataTypes.DATE,
+            allowNull: false
+        }
+    }, {
+        sequelize,
+        tableName: 'passkey_challenges',
+        timestamps: true,
+        underscored: true,
+        indexes: [{ fields: ['expires_at'] }, { fields: ['user_id'] }]
+    });
+}

package/dist/cjs/passkey/sequelize.d.ts

@@ -0,0 +1,54 @@
+import { Model, type InferAttributes, type InferCreationAttributes, type ModelStatic, type Sequelize } from 'sequelize';
+import { PasskeyStore } from './base.js';
+import type { PasskeyChallengeRecord, PasskeyUserDescriptor, StoredPasskeyCredential } from './types.js';
+import type { AuthIdentifier } from '../auth-api/types.js';
+declare class PasskeyCredentialModel extends Model<InferAttributes<PasskeyCredentialModel>, InferCreationAttributes<PasskeyCredentialModel>> {
+    credentialId: Buffer;
+    userId: number;
+    publicKey: Buffer;
+    counter: number;
+    transports: string[] | null;
+    backedUp: boolean;
+    deviceType: string;
+    createdAt?: Date;
+    updatedAt?: Date;
+}
+declare class PasskeyChallengeModel extends Model<InferAttributes<PasskeyChallengeModel>, InferCreationAttributes<PasskeyChallengeModel>> {
+    challenge: string;
+    action: 'register' | 'authenticate';
+    userId: number | null;
+    login: string | null;
+    metadata: Record<string, unknown> | null;
+    expiresAt: Date;
+    createdAt?: Date;
+    updatedAt?: Date;
+}
+export interface SequelizePasskeyStoreOptions {
+    sequelize: Sequelize;
+    credentialModel?: ModelStatic<PasskeyCredentialModel>;
+    challengeModel?: ModelStatic<PasskeyChallengeModel>;
+    credentialModelFactory?: (sequelize: Sequelize) => ModelStatic<PasskeyCredentialModel>;
+    challengeModelFactory?: (sequelize: Sequelize) => ModelStatic<PasskeyChallengeModel>;
+    resolveUser: (params: {
+        userId?: AuthIdentifier;
+        login?: string;
+    }) => Promise<PasskeyUserDescriptor | null>;
+}
+export declare class SequelizePasskeyStore extends PasskeyStore {
+    private readonly resolveUserFn;
+    private readonly credentials;
+    private readonly challenges;
+    constructor(options: SequelizePasskeyStoreOptions);
+    resolveUser(params: {
+        userId?: AuthIdentifier;
+        login?: string;
+    }): Promise<PasskeyUserDescriptor | null>;
+    listUserCredentials(userId: AuthIdentifier): Promise<StoredPasskeyCredential[]>;
+    findCredentialById(credentialId: Buffer): Promise<StoredPasskeyCredential | null>;
+    saveCredential(record: StoredPasskeyCredential): Promise<void>;
+    updateCredentialCounter(credentialId: Buffer, counter: number): Promise<void>;
+    saveChallenge(record: PasskeyChallengeRecord): Promise<void>;
+    consumeChallenge(challenge: string): Promise<PasskeyChallengeRecord | null>;
+    cleanupChallenges(now: Date): Promise<void>;
+}
+export {};