@unwanted/matrix-sdk-mini 34.12.0-2 → 34.12.0-3

package/lib/rust-crypto/PerSessionKeyBackupDownloader.js

@@ -1,467 +0,0 @@
-import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
-import _defineProperty from "@babel/runtime/helpers/defineProperty";
-/*
-Copyright 2023 - 2024 The Matrix.org Foundation C.I.C.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-import { CryptoEvent } from "../crypto-api/index.js";
-import { ClientPrefix, MatrixError, Method } from "../http-api/index.js";
-import { encodeUri, sleep } from "../utils.js";
-// The minimum time to wait between two retries in case of errors. To avoid hammering the server.
-var KEY_BACKUP_BACKOFF = 5000; // ms
-
-/**
- * Enumerates the different kind of errors that can occurs when downloading and importing a key from backup.
- */
-var KeyDownloadErrorCode = /*#__PURE__*/function (KeyDownloadErrorCode) {
-  KeyDownloadErrorCode["MISSING_DECRYPTION_KEY"] = "MISSING_DECRYPTION_KEY";
-  KeyDownloadErrorCode["NETWORK_ERROR"] = "NETWORK_ERROR";
-  KeyDownloadErrorCode["STOPPED"] = "STOPPED";
-  return KeyDownloadErrorCode;
-}(KeyDownloadErrorCode || {});
-class KeyDownloadError extends Error {
-  constructor(code) {
-    super("Failed to get key from backup: ".concat(code));
-    this.code = code;
-    this.name = "KeyDownloadError";
-  }
-}
-class KeyDownloadRateLimitError extends Error {
-  constructor(retryMillis) {
-    super("Failed to get key from backup: rate limited");
-    this.retryMillis = retryMillis;
-    this.name = "KeyDownloadRateLimitError";
-  }
-}
-
-/** Details of a megolm session whose key we are trying to fetch. */
-
-/** Holds the current backup decryptor and version that should be used.
- *
- * This is intended to be used as an immutable object (a new instance should be created if the configuration changes),
- * and some of the logic relies on that, so the properties are marked as `readonly`.
- */
-
-/**
- * Used when an 'unable to decrypt' error occurs. It attempts to download the key from the backup.
- *
- * The current backup API lacks pagination, which can lead to lengthy key retrieval times for large histories (several 10s of minutes).
- * To mitigate this, keys are downloaded on demand as decryption errors occurs.
- * While this approach may result in numerous requests, it improves user experience by reducing wait times for message decryption.
- *
- * The PerSessionKeyBackupDownloader is resistant to backup configuration changes: it will automatically resume querying when
- * the backup is configured correctly.
- */
-export class PerSessionKeyBackupDownloader {
-  /**
-   * Creates a new instance of PerSessionKeyBackupDownloader.
-   *
-   * @param backupManager - The backup manager to use.
-   * @param olmMachine - The olm machine to use.
-   * @param http - The http instance to use.
-   * @param logger - The logger to use.
-   */
-  constructor(logger, olmMachine, http, backupManager) {
-    this.olmMachine = olmMachine;
-    this.http = http;
-    this.backupManager = backupManager;
-    _defineProperty(this, "stopped", false);
-    /**
-     * The version and decryption key to use with current backup if all set up correctly.
-     *
-     * Will not be set unless `hasConfigurationProblem` is `false`.
-     */
-    _defineProperty(this, "configuration", null);
-    /** We remember when a session was requested and not found in backup to avoid query again too soon.
-     * Map of session_id to timestamp */
-    _defineProperty(this, "sessionLastCheckAttemptedTime", new Map());
-    /** The logger to use */
-    _defineProperty(this, "logger", void 0);
-    /** Whether the download loop is running. */
-    _defineProperty(this, "downloadLoopRunning", false);
-    /** The list of requests that are queued. */
-    _defineProperty(this, "queuedRequests", []);
-    /** Remembers if we have a configuration problem. */
-    _defineProperty(this, "hasConfigurationProblem", false);
-    /** The current server backup version check promise. To avoid doing a server call if one is in flight. */
-    _defineProperty(this, "currentBackupVersionCheck", null);
-    /**
-     * Called when the backup status changes (CryptoEvents)
-     * This will trigger a check of the backup configuration.
-     */
-    _defineProperty(this, "onBackupStatusChanged", () => {
-      // we want to force check configuration, so we clear the current one.
-      this.hasConfigurationProblem = false;
-      this.configuration = null;
-      this.getOrCreateBackupConfiguration().then(configuration => {
-        if (configuration) {
-          // restart the download loop if it was stopped
-          this.downloadKeysLoop();
-        }
-      });
-    });
-    this.logger = logger.getChild("[PerSessionKeyBackupDownloader]");
-    backupManager.on(CryptoEvent.KeyBackupStatus, this.onBackupStatusChanged);
-    backupManager.on(CryptoEvent.KeyBackupFailed, this.onBackupStatusChanged);
-    backupManager.on(CryptoEvent.KeyBackupDecryptionKeyCached, this.onBackupStatusChanged);
-  }
-
-  /**
-   * Check if key download is successfully configured and active.
-   *
-   * @return `true` if key download is correctly configured and active; otherwise `false`.
-   */
-  isKeyBackupDownloadConfigured() {
-    return this.configuration !== null;
-  }
-
-  /**
-   * Return the details of the latest backup on the server, when we last checked.
-   *
-   * This is just a convenience method to expose {@link RustBackupManager.getServerBackupInfo}.
-   */
-  getServerBackupInfo() {
-    var _this = this;
-    return _asyncToGenerator(function* () {
-      return yield _this.backupManager.getServerBackupInfo();
-    })();
-  }
-
-  /**
-   * Called when a MissingRoomKey or UnknownMessageIndex decryption error is encountered.
-   *
-   * This will try to download the key from the backup if there is a trusted active backup.
-   * In case of success the key will be imported and the onRoomKeysUpdated callback will be called
-   * internally by the rust-sdk and decryption will be retried.
-   *
-   * @param roomId - The room ID of the room where the error occurred.
-   * @param megolmSessionId - The megolm session ID that is missing.
-   */
-  onDecryptionKeyMissingError(roomId, megolmSessionId) {
-    // Several messages encrypted with the same session may be decrypted at the same time,
-    // so we need to be resistant and not query several time the same session.
-    if (this.isAlreadyInQueue(roomId, megolmSessionId)) {
-      // There is already a request queued for this session, no need to queue another one.
-      this.logger.trace("Not checking key backup for session ".concat(megolmSessionId, " as it is already queued"));
-      return;
-    }
-    if (this.wasRequestedRecently(megolmSessionId)) {
-      // We already tried to download this session recently and it was not in backup, no need to try again.
-      this.logger.trace("Not checking key backup for session ".concat(megolmSessionId, " as it was already requested recently"));
-      return;
-    }
-
-    // We always add the request to the queue, even if we have a configuration problem (can't access backup).
-    // This is to make sure that if the configuration problem is resolved, we will try to download the key.
-    // This will happen after an initial sync, at this point the backup will not yet be trusted and the decryption
-    // key will not be available, but it will be just after the verification.
-    // We don't need to persist it because currently on refresh the sdk will retry to decrypt the messages in error.
-    this.queuedRequests.push({
-      roomId,
-      megolmSessionId
-    });
-
-    // Start the download loop if it's not already running.
-    this.downloadKeysLoop();
-  }
-  stop() {
-    this.stopped = true;
-    this.backupManager.off(CryptoEvent.KeyBackupStatus, this.onBackupStatusChanged);
-    this.backupManager.off(CryptoEvent.KeyBackupFailed, this.onBackupStatusChanged);
-    this.backupManager.off(CryptoEvent.KeyBackupDecryptionKeyCached, this.onBackupStatusChanged);
-  }
-  /** Returns true if the megolm session is already queued for download. */
-  isAlreadyInQueue(roomId, megolmSessionId) {
-    return this.queuedRequests.some(info => {
-      return info.roomId == roomId && info.megolmSessionId == megolmSessionId;
-    });
-  }
-
-  /**
-   * Marks the session as not found in backup, to avoid retrying to soon for a key not in backup
-   *
-   * @param megolmSessionId - The megolm session ID that is missing.
-   */
-  markAsNotFoundInBackup(megolmSessionId) {
-    var now = Date.now();
-    this.sessionLastCheckAttemptedTime.set(megolmSessionId, now);
-    // if too big make some cleaning to keep under control
-    if (this.sessionLastCheckAttemptedTime.size > 100) {
-      this.sessionLastCheckAttemptedTime = new Map(Array.from(this.sessionLastCheckAttemptedTime).filter((sid, ts) => {
-        return Math.max(now - ts, 0) < KEY_BACKUP_BACKOFF;
-      }));
-    }
-  }
-
-  /** Returns true if the session was requested recently. */
-  wasRequestedRecently(megolmSessionId) {
-    var lastCheck = this.sessionLastCheckAttemptedTime.get(megolmSessionId);
-    if (!lastCheck) return false;
-    return Math.max(Date.now() - lastCheck, 0) < KEY_BACKUP_BACKOFF;
-  }
-  getBackupDecryptionKey() {
-    var _this2 = this;
-    return _asyncToGenerator(function* () {
-      try {
-        return yield _this2.olmMachine.getBackupKeys();
-      } catch (_unused) {
-        return null;
-      }
-    })();
-  }
-
-  /**
-   * Requests a key from the server side backup.
-   *
-   * @param version - The backup version to use.
-   * @param roomId - The room ID of the room where the error occurred.
-   * @param sessionId - The megolm session ID that is missing.
-   */
-  requestRoomKeyFromBackup(version, roomId, sessionId) {
-    var _this3 = this;
-    return _asyncToGenerator(function* () {
-      var path = encodeUri("/room_keys/keys/$roomId/$sessionId", {
-        $roomId: roomId,
-        $sessionId: sessionId
-      });
-      return yield _this3.http.authedRequest(Method.Get, path, {
-        version
-      }, undefined, {
-        prefix: ClientPrefix.V3
-      });
-    })();
-  }
-  downloadKeysLoop() {
-    var _this4 = this;
-    return _asyncToGenerator(function* () {
-      if (_this4.downloadLoopRunning) return;
-
-      // If we have a configuration problem, we don't want to try to download.
-      // If any configuration change is detected, we will retry and restart the loop.
-      if (_this4.hasConfigurationProblem) return;
-      _this4.downloadLoopRunning = true;
-      try {
-        while (_this4.queuedRequests.length > 0) {
-          // we just peek the first one without removing it, so if a new request for same key comes in while we're
-          // processing this one, it won't queue another request.
-          var request = _this4.queuedRequests[0];
-          try {
-            // The backup could have changed between the time we queued the request and now, so we need to check
-            var configuration = yield _this4.getOrCreateBackupConfiguration();
-            if (!configuration) {
-              // Backup is not configured correctly, so stop the loop.
-              _this4.downloadLoopRunning = false;
-              return;
-            }
-            var result = yield _this4.queryKeyBackup(request.roomId, request.megolmSessionId, configuration);
-            if (_this4.stopped) {
-              return;
-            }
-            // We got the encrypted key from backup, let's try to decrypt and import it.
-            try {
-              yield _this4.decryptAndImport(request, result, configuration);
-            } catch (e) {
-              _this4.logger.error("Error while decrypting and importing key backup for session ".concat(request.megolmSessionId), e);
-            }
-            // now remove the request from the queue as we've processed it.
-            _this4.queuedRequests.shift();
-          } catch (err) {
-            if (err instanceof KeyDownloadError) {
-              switch (err.code) {
-                case KeyDownloadErrorCode.MISSING_DECRYPTION_KEY:
-                  _this4.markAsNotFoundInBackup(request.megolmSessionId);
-                  // continue for next one
-                  _this4.queuedRequests.shift();
-                  break;
-                case KeyDownloadErrorCode.NETWORK_ERROR:
-                  // We don't want to hammer if there is a problem, so wait a bit.
-                  yield sleep(KEY_BACKUP_BACKOFF);
-                  break;
-                case KeyDownloadErrorCode.STOPPED:
-                  // If the downloader was stopped, we don't want to retry.
-                  _this4.downloadLoopRunning = false;
-                  return;
-              }
-            } else if (err instanceof KeyDownloadRateLimitError) {
-              // we want to retry after the backoff time
-              yield sleep(err.retryMillis);
-            }
-          }
-        }
-      } finally {
-        // all pending request have been processed, we can stop the loop.
-        _this4.downloadLoopRunning = false;
-      }
-    })();
-  }
-
-  /**
-   * Query the backup for a key.
-   *
-   * @param targetRoomId - ID of the room that the session is used in.
-   * @param targetSessionId - ID of the session for which to check backup.
-   * @param configuration - The backup configuration to use.
-   */
-  queryKeyBackup(targetRoomId, targetSessionId, configuration) {
-    var _this5 = this;
-    return _asyncToGenerator(function* () {
-      _this5.logger.debug("Checking key backup for session ".concat(targetSessionId));
-      if (_this5.stopped) throw new KeyDownloadError(KeyDownloadErrorCode.STOPPED);
-      try {
-        var res = yield _this5.requestRoomKeyFromBackup(configuration.backupVersion, targetRoomId, targetSessionId);
-        _this5.logger.debug("Got key from backup for sessionId:".concat(targetSessionId));
-        return res;
-      } catch (e) {
-        if (_this5.stopped) throw new KeyDownloadError(KeyDownloadErrorCode.STOPPED);
-        _this5.logger.info("No luck requesting key backup for session ".concat(targetSessionId, ": ").concat(e));
-        if (e instanceof MatrixError) {
-          var errCode = e.data.errcode;
-          if (errCode == "M_NOT_FOUND") {
-            // Unfortunately the spec doesn't give us a way to differentiate between a missing key and a wrong version.
-            // Synapse will return:
-            //     - "error": "Unknown backup version" if the version is wrong.
-            //     - "error": "No room_keys found" if the key is missing.
-            // It's useful to know if the key is missing or if the version is wrong.
-            // As it's not spec'ed, we fall back on considering the key is not in backup.
-            // Notice that this request will be lost if instead the backup got out of sync (updated from other session).
-            throw new KeyDownloadError(KeyDownloadErrorCode.MISSING_DECRYPTION_KEY);
-          }
-          if (e.isRateLimitError()) {
-            var _waitTime;
-            var waitTime;
-            try {
-              var _e$getRetryAfterMs;
-              waitTime = (_e$getRetryAfterMs = e.getRetryAfterMs()) !== null && _e$getRetryAfterMs !== void 0 ? _e$getRetryAfterMs : undefined;
-            } catch (error) {
-              _this5.logger.warn("Error while retrieving a rate-limit retry delay", error);
-            }
-            if (waitTime && waitTime > 0) {
-              _this5.logger.info("Rate limited by server, waiting ".concat(waitTime, "ms"));
-            }
-            throw new KeyDownloadRateLimitError((_waitTime = waitTime) !== null && _waitTime !== void 0 ? _waitTime : KEY_BACKUP_BACKOFF);
-          }
-        }
-        throw new KeyDownloadError(KeyDownloadErrorCode.NETWORK_ERROR);
-      }
-    })();
-  }
-  decryptAndImport(sessionInfo, data, configuration) {
-    var _this6 = this;
-    return _asyncToGenerator(function* () {
-      var sessionsToImport = {
-        [sessionInfo.megolmSessionId]: data
-      };
-      var keys = yield configuration.decryptor.decryptSessions(sessionsToImport);
-      for (var k of keys) {
-        k.room_id = sessionInfo.roomId;
-      }
-      yield _this6.backupManager.importBackedUpRoomKeys(keys, configuration.backupVersion);
-    })();
-  }
-
-  /**
-   * Gets the current backup configuration or create one if it doesn't exist.
-   *
-   * When a valid configuration is found it is cached and returned for subsequent calls.
-   * Otherwise, if a check is forced or a check has not yet been done, a new check is done.
-   *
-   * @returns The backup configuration to use or null if there is a configuration problem.
-   */
-  getOrCreateBackupConfiguration() {
-    var _this7 = this;
-    return _asyncToGenerator(function* () {
-      if (_this7.configuration) {
-        return _this7.configuration;
-      }
-
-      // We already tried to check the configuration and it failed.
-      // We don't want to try again immediately, we will retry if a configuration change is detected.
-      if (_this7.hasConfigurationProblem) {
-        return null;
-      }
-
-      // This method can be called rapidly by several emitted CryptoEvent, so we need to make sure that we don't
-      // query the server several times.
-      if (_this7.currentBackupVersionCheck != null) {
-        _this7.logger.debug("Already checking server version, use current promise");
-        return yield _this7.currentBackupVersionCheck;
-      }
-      _this7.currentBackupVersionCheck = _this7.internalCheckFromServer();
-      try {
-        return yield _this7.currentBackupVersionCheck;
-      } finally {
-        _this7.currentBackupVersionCheck = null;
-      }
-    })();
-  }
-  internalCheckFromServer() {
-    var _this8 = this;
-    return _asyncToGenerator(function* () {
-      var _currentServerVersion, _currentServerVersion2, _currentServerVersion4;
-      var currentServerVersion = null;
-      try {
-        currentServerVersion = yield _this8.backupManager.getServerBackupInfo();
-      } catch (e) {
-        _this8.logger.debug("Backup: error while checking server version: ".concat(e));
-        _this8.hasConfigurationProblem = true;
-        return null;
-      }
-      _this8.logger.debug("Got current backup version from server: ".concat((_currentServerVersion = currentServerVersion) === null || _currentServerVersion === void 0 ? void 0 : _currentServerVersion.version));
-      if (((_currentServerVersion2 = currentServerVersion) === null || _currentServerVersion2 === void 0 ? void 0 : _currentServerVersion2.algorithm) != "m.megolm_backup.v1.curve25519-aes-sha2") {
-        var _currentServerVersion3;
-        _this8.logger.info("Unsupported algorithm ".concat((_currentServerVersion3 = currentServerVersion) === null || _currentServerVersion3 === void 0 ? void 0 : _currentServerVersion3.algorithm));
-        _this8.hasConfigurationProblem = true;
-        return null;
-      }
-      if (!((_currentServerVersion4 = currentServerVersion) !== null && _currentServerVersion4 !== void 0 && _currentServerVersion4.version)) {
-        _this8.logger.info("No current key backup");
-        _this8.hasConfigurationProblem = true;
-        return null;
-      }
-      var activeVersion = yield _this8.backupManager.getActiveBackupVersion();
-      if (activeVersion == null || currentServerVersion.version != activeVersion) {
-        // Either the current backup version on server side is not trusted, or it is out of sync with the active version on the client side.
-        _this8.logger.info("The current backup version on the server (".concat(currentServerVersion.version, ") is not trusted. Version we are currently backing up to: ").concat(activeVersion));
-        _this8.hasConfigurationProblem = true;
-        return null;
-      }
-      var backupKeys = yield _this8.getBackupDecryptionKey();
-      if (!(backupKeys !== null && backupKeys !== void 0 && backupKeys.decryptionKey)) {
-        _this8.logger.debug("Not checking key backup for session (no decryption key)");
-        _this8.hasConfigurationProblem = true;
-        return null;
-      }
-      if (activeVersion != backupKeys.backupVersion) {
-        _this8.logger.debug("Version for which we have a decryption key (".concat(backupKeys.backupVersion, ") doesn't match the version we are backing up to (").concat(activeVersion, ")"));
-        _this8.hasConfigurationProblem = true;
-        return null;
-      }
-      var authData = currentServerVersion.auth_data;
-      if (authData.public_key != backupKeys.decryptionKey.megolmV1PublicKey.publicKeyBase64) {
-        _this8.logger.debug("Key backup on server does not match our decryption key");
-        _this8.hasConfigurationProblem = true;
-        return null;
-      }
-      var backupDecryptor = _this8.backupManager.createBackupDecryptor(backupKeys.decryptionKey);
-      _this8.hasConfigurationProblem = false;
-      _this8.configuration = {
-        decryptor: backupDecryptor,
-        backupVersion: activeVersion
-      };
-      return _this8.configuration;
-    })();
-  }
-}
-//# sourceMappingURL=PerSessionKeyBackupDownloader.js.map

package/lib/rust-crypto/PerSessionKeyBackupDownloader.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"PerSessionKeyBackupDownloader.js","names":["CryptoEvent","ClientPrefix","MatrixError","Method","encodeUri","sleep","KEY_BACKUP_BACKOFF","KeyDownloadErrorCode","KeyDownloadError","Error","constructor","code","concat","name","KeyDownloadRateLimitError","retryMillis","PerSessionKeyBackupDownloader","logger","olmMachine","http","backupManager","_defineProperty","Map","hasConfigurationProblem","configuration","getOrCreateBackupConfiguration","then","downloadKeysLoop","getChild","on","KeyBackupStatus","onBackupStatusChanged","KeyBackupFailed","KeyBackupDecryptionKeyCached","isKeyBackupDownloadConfigured","getServerBackupInfo","_this","_asyncToGenerator","onDecryptionKeyMissingError","roomId","megolmSessionId","isAlreadyInQueue","trace","wasRequestedRecently","queuedRequests","push","stop","stopped","off","some","info","markAsNotFoundInBackup","now","Date","sessionLastCheckAttemptedTime","set","size","Array","from","filter","sid","ts","Math","max","lastCheck","get","getBackupDecryptionKey","_this2","getBackupKeys","_unused","requestRoomKeyFromBackup","version","sessionId","_this3","path","$roomId","$sessionId","authedRequest","Get","undefined","prefix","V3","_this4","downloadLoopRunning","length","request","result","queryKeyBackup","decryptAndImport","e","error","shift","err","MISSING_DECRYPTION_KEY","NETWORK_ERROR","STOPPED","targetRoomId","targetSessionId","_this5","debug","res","backupVersion","errCode","data","errcode","isRateLimitError","_waitTime","waitTime","_e$getRetryAfterMs","getRetryAfterMs","warn","sessionInfo","_this6","sessionsToImport","keys","decryptor","decryptSessions","k","room_id","importBackedUpRoomKeys","_this7","currentBackupVersionCheck","internalCheckFromServer","_this8","_currentServerVersion","_currentServerVersion2","_currentServerVersion4","currentServerVersion","algorithm","_currentServerVersion3","activeVersion","getActiveBackupVersion","backupKeys","decryptionKey","authData","auth_data","public_key","megolmV1PublicKey","publicKeyBase64","backupDecryptor","createBackupDecryptor"],"sources":["../../src/rust-crypto/PerSessionKeyBackupDownloader.ts"],"sourcesContent":["/*\nCopyright 2023 - 2024 The Matrix.org Foundation C.I.C.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n*/\n\nimport * as RustSdkCryptoJs from \"@matrix-org/matrix-sdk-crypto-wasm\";\nimport { OlmMachine } from \"@matrix-org/matrix-sdk-crypto-wasm\";\n\nimport { Curve25519AuthData, KeyBackupInfo, KeyBackupSession } from \"../crypto-api/keybackup.ts\";\nimport { CryptoEvent } from \"../crypto-api/index.ts\";\nimport { Logger } from \"../logger.ts\";\nimport { ClientPrefix, IHttpOpts, MatrixError, MatrixHttpApi, Method } from \"../http-api/index.ts\";\nimport { RustBackupManager } from \"./backup.ts\";\nimport { encodeUri, sleep } from \"../utils.ts\";\nimport { BackupDecryptor } from \"../common-crypto/CryptoBackend.ts\";\n\n// The minimum time to wait between two retries in case of errors. To avoid hammering the server.\nconst KEY_BACKUP_BACKOFF = 5000; // ms\n\n/**\n * Enumerates the different kind of errors that can occurs when downloading and importing a key from backup.\n */\nenum KeyDownloadErrorCode {\n    /** The requested key is not in the backup. */\n    MISSING_DECRYPTION_KEY = \"MISSING_DECRYPTION_KEY\",\n    /** A network error occurred while trying to download the key from backup. */\n    NETWORK_ERROR = \"NETWORK_ERROR\",\n    /** The loop has been stopped. */\n    STOPPED = \"STOPPED\",\n}\n\nclass KeyDownloadError extends Error {\n    public constructor(public readonly code: KeyDownloadErrorCode) {\n        super(`Failed to get key from backup: ${code}`);\n        this.name = \"KeyDownloadError\";\n    }\n}\n\nclass KeyDownloadRateLimitError extends Error {\n    public constructor(public readonly retryMillis: number) {\n        super(`Failed to get key from backup: rate limited`);\n        this.name = \"KeyDownloadRateLimitError\";\n    }\n}\n\n/** Details of a megolm session whose key we are trying to fetch. */\ntype SessionInfo = { roomId: string; megolmSessionId: string };\n\n/** Holds the current backup decryptor and version that should be used.\n *\n * This is intended to be used as an immutable object (a new instance should be created if the configuration changes),\n * and some of the logic relies on that, so the properties are marked as `readonly`.\n */\ntype Configuration = {\n    readonly backupVersion: string;\n    readonly decryptor: BackupDecryptor;\n};\n\n/**\n * Used when an 'unable to decrypt' error occurs. It attempts to download the key from the backup.\n *\n * The current backup API lacks pagination, which can lead to lengthy key retrieval times for large histories (several 10s of minutes).\n * To mitigate this, keys are downloaded on demand as decryption errors occurs.\n * While this approach may result in numerous requests, it improves user experience by reducing wait times for message decryption.\n *\n * The PerSessionKeyBackupDownloader is resistant to backup configuration changes: it will automatically resume querying when\n * the backup is configured correctly.\n */\nexport class PerSessionKeyBackupDownloader {\n    private stopped = false;\n\n    /**\n     * The version and decryption key to use with current backup if all set up correctly.\n     *\n     * Will not be set unless `hasConfigurationProblem` is `false`.\n     */\n    private configuration: Configuration | null = null;\n\n    /** We remember when a session was requested and not found in backup to avoid query again too soon.\n     * Map of session_id to timestamp */\n    private sessionLastCheckAttemptedTime: Map<string, number> = new Map();\n\n    /** The logger to use */\n    private readonly logger: Logger;\n\n    /** Whether the download loop is running. */\n    private downloadLoopRunning = false;\n\n    /** The list of requests that are queued. */\n    private queuedRequests: SessionInfo[] = [];\n\n    /** Remembers if we have a configuration problem. */\n    private hasConfigurationProblem = false;\n\n    /** The current server backup version check promise. To avoid doing a server call if one is in flight. */\n    private currentBackupVersionCheck: Promise<Configuration | null> | null = null;\n\n    /**\n     * Creates a new instance of PerSessionKeyBackupDownloader.\n     *\n     * @param backupManager - The backup manager to use.\n     * @param olmMachine - The olm machine to use.\n     * @param http - The http instance to use.\n     * @param logger - The logger to use.\n     */\n    public constructor(\n        logger: Logger,\n        private readonly olmMachine: OlmMachine,\n        private readonly http: MatrixHttpApi<IHttpOpts & { onlyData: true }>,\n        private readonly backupManager: RustBackupManager,\n    ) {\n        this.logger = logger.getChild(\"[PerSessionKeyBackupDownloader]\");\n\n        backupManager.on(CryptoEvent.KeyBackupStatus, this.onBackupStatusChanged);\n        backupManager.on(CryptoEvent.KeyBackupFailed, this.onBackupStatusChanged);\n        backupManager.on(CryptoEvent.KeyBackupDecryptionKeyCached, this.onBackupStatusChanged);\n    }\n\n    /**\n     * Check if key download is successfully configured and active.\n     *\n     * @return `true` if key download is correctly configured and active; otherwise `false`.\n     */\n    public isKeyBackupDownloadConfigured(): boolean {\n        return this.configuration !== null;\n    }\n\n    /**\n     * Return the details of the latest backup on the server, when we last checked.\n     *\n     * This is just a convenience method to expose {@link RustBackupManager.getServerBackupInfo}.\n     */\n    public async getServerBackupInfo(): Promise<KeyBackupInfo | null | undefined> {\n        return await this.backupManager.getServerBackupInfo();\n    }\n\n    /**\n     * Called when a MissingRoomKey or UnknownMessageIndex decryption error is encountered.\n     *\n     * This will try to download the key from the backup if there is a trusted active backup.\n     * In case of success the key will be imported and the onRoomKeysUpdated callback will be called\n     * internally by the rust-sdk and decryption will be retried.\n     *\n     * @param roomId - The room ID of the room where the error occurred.\n     * @param megolmSessionId - The megolm session ID that is missing.\n     */\n    public onDecryptionKeyMissingError(roomId: string, megolmSessionId: string): void {\n        // Several messages encrypted with the same session may be decrypted at the same time,\n        // so we need to be resistant and not query several time the same session.\n        if (this.isAlreadyInQueue(roomId, megolmSessionId)) {\n            // There is already a request queued for this session, no need to queue another one.\n            this.logger.trace(`Not checking key backup for session ${megolmSessionId} as it is already queued`);\n            return;\n        }\n\n        if (this.wasRequestedRecently(megolmSessionId)) {\n            // We already tried to download this session recently and it was not in backup, no need to try again.\n            this.logger.trace(\n                `Not checking key backup for session ${megolmSessionId} as it was already requested recently`,\n            );\n            return;\n        }\n\n        // We always add the request to the queue, even if we have a configuration problem (can't access backup).\n        // This is to make sure that if the configuration problem is resolved, we will try to download the key.\n        // This will happen after an initial sync, at this point the backup will not yet be trusted and the decryption\n        // key will not be available, but it will be just after the verification.\n        // We don't need to persist it because currently on refresh the sdk will retry to decrypt the messages in error.\n        this.queuedRequests.push({ roomId, megolmSessionId });\n\n        // Start the download loop if it's not already running.\n        this.downloadKeysLoop();\n    }\n\n    public stop(): void {\n        this.stopped = true;\n        this.backupManager.off(CryptoEvent.KeyBackupStatus, this.onBackupStatusChanged);\n        this.backupManager.off(CryptoEvent.KeyBackupFailed, this.onBackupStatusChanged);\n        this.backupManager.off(CryptoEvent.KeyBackupDecryptionKeyCached, this.onBackupStatusChanged);\n    }\n\n    /**\n     * Called when the backup status changes (CryptoEvents)\n     * This will trigger a check of the backup configuration.\n     */\n    private onBackupStatusChanged = (): void => {\n        // we want to force check configuration, so we clear the current one.\n        this.hasConfigurationProblem = false;\n        this.configuration = null;\n        this.getOrCreateBackupConfiguration().then((configuration) => {\n            if (configuration) {\n                // restart the download loop if it was stopped\n                this.downloadKeysLoop();\n            }\n        });\n    };\n\n    /** Returns true if the megolm session is already queued for download. */\n    private isAlreadyInQueue(roomId: string, megolmSessionId: string): boolean {\n        return this.queuedRequests.some((info) => {\n            return info.roomId == roomId && info.megolmSessionId == megolmSessionId;\n        });\n    }\n\n    /**\n     * Marks the session as not found in backup, to avoid retrying to soon for a key not in backup\n     *\n     * @param megolmSessionId - The megolm session ID that is missing.\n     */\n    private markAsNotFoundInBackup(megolmSessionId: string): void {\n        const now = Date.now();\n        this.sessionLastCheckAttemptedTime.set(megolmSessionId, now);\n        // if too big make some cleaning to keep under control\n        if (this.sessionLastCheckAttemptedTime.size > 100) {\n            this.sessionLastCheckAttemptedTime = new Map(\n                Array.from(this.sessionLastCheckAttemptedTime).filter((sid, ts) => {\n                    return Math.max(now - ts, 0) < KEY_BACKUP_BACKOFF;\n                }),\n            );\n        }\n    }\n\n    /** Returns true if the session was requested recently. */\n    private wasRequestedRecently(megolmSessionId: string): boolean {\n        const lastCheck = this.sessionLastCheckAttemptedTime.get(megolmSessionId);\n        if (!lastCheck) return false;\n        return Math.max(Date.now() - lastCheck, 0) < KEY_BACKUP_BACKOFF;\n    }\n\n    private async getBackupDecryptionKey(): Promise<RustSdkCryptoJs.BackupKeys | null> {\n        try {\n            return await this.olmMachine.getBackupKeys();\n        } catch {\n            return null;\n        }\n    }\n\n    /**\n     * Requests a key from the server side backup.\n     *\n     * @param version - The backup version to use.\n     * @param roomId - The room ID of the room where the error occurred.\n     * @param sessionId - The megolm session ID that is missing.\n     */\n    private async requestRoomKeyFromBackup(\n        version: string,\n        roomId: string,\n        sessionId: string,\n    ): Promise<KeyBackupSession> {\n        const path = encodeUri(\"/room_keys/keys/$roomId/$sessionId\", {\n            $roomId: roomId,\n            $sessionId: sessionId,\n        });\n\n        return await this.http.authedRequest<KeyBackupSession>(Method.Get, path, { version }, undefined, {\n            prefix: ClientPrefix.V3,\n        });\n    }\n\n    private async downloadKeysLoop(): Promise<void> {\n        if (this.downloadLoopRunning) return;\n\n        // If we have a configuration problem, we don't want to try to download.\n        // If any configuration change is detected, we will retry and restart the loop.\n        if (this.hasConfigurationProblem) return;\n\n        this.downloadLoopRunning = true;\n\n        try {\n            while (this.queuedRequests.length > 0) {\n                // we just peek the first one without removing it, so if a new request for same key comes in while we're\n                // processing this one, it won't queue another request.\n                const request = this.queuedRequests[0];\n                try {\n                    // The backup could have changed between the time we queued the request and now, so we need to check\n                    const configuration = await this.getOrCreateBackupConfiguration();\n                    if (!configuration) {\n                        // Backup is not configured correctly, so stop the loop.\n                        this.downloadLoopRunning = false;\n                        return;\n                    }\n\n                    const result = await this.queryKeyBackup(request.roomId, request.megolmSessionId, configuration);\n\n                    if (this.stopped) {\n                        return;\n                    }\n                    // We got the encrypted key from backup, let's try to decrypt and import it.\n                    try {\n                        await this.decryptAndImport(request, result, configuration);\n                    } catch (e) {\n                        this.logger.error(\n                            `Error while decrypting and importing key backup for session ${request.megolmSessionId}`,\n                            e,\n                        );\n                    }\n                    // now remove the request from the queue as we've processed it.\n                    this.queuedRequests.shift();\n                } catch (err) {\n                    if (err instanceof KeyDownloadError) {\n                        switch (err.code) {\n                            case KeyDownloadErrorCode.MISSING_DECRYPTION_KEY:\n                                this.markAsNotFoundInBackup(request.megolmSessionId);\n                                // continue for next one\n                                this.queuedRequests.shift();\n                                break;\n                            case KeyDownloadErrorCode.NETWORK_ERROR:\n                                // We don't want to hammer if there is a problem, so wait a bit.\n                                await sleep(KEY_BACKUP_BACKOFF);\n                                break;\n                            case KeyDownloadErrorCode.STOPPED:\n                                // If the downloader was stopped, we don't want to retry.\n                                this.downloadLoopRunning = false;\n                                return;\n                        }\n                    } else if (err instanceof KeyDownloadRateLimitError) {\n                        // we want to retry after the backoff time\n                        await sleep(err.retryMillis);\n                    }\n                }\n            }\n        } finally {\n            // all pending request have been processed, we can stop the loop.\n            this.downloadLoopRunning = false;\n        }\n    }\n\n    /**\n     * Query the backup for a key.\n     *\n     * @param targetRoomId - ID of the room that the session is used in.\n     * @param targetSessionId - ID of the session for which to check backup.\n     * @param configuration - The backup configuration to use.\n     */\n    private async queryKeyBackup(\n        targetRoomId: string,\n        targetSessionId: string,\n        configuration: Configuration,\n    ): Promise<KeyBackupSession> {\n        this.logger.debug(`Checking key backup for session ${targetSessionId}`);\n        if (this.stopped) throw new KeyDownloadError(KeyDownloadErrorCode.STOPPED);\n        try {\n            const res = await this.requestRoomKeyFromBackup(configuration.backupVersion, targetRoomId, targetSessionId);\n            this.logger.debug(`Got key from backup for sessionId:${targetSessionId}`);\n            return res;\n        } catch (e) {\n            if (this.stopped) throw new KeyDownloadError(KeyDownloadErrorCode.STOPPED);\n\n            this.logger.info(`No luck requesting key backup for session ${targetSessionId}: ${e}`);\n            if (e instanceof MatrixError) {\n                const errCode = e.data.errcode;\n                if (errCode == \"M_NOT_FOUND\") {\n                    // Unfortunately the spec doesn't give us a way to differentiate between a missing key and a wrong version.\n                    // Synapse will return:\n                    //     - \"error\": \"Unknown backup version\" if the version is wrong.\n                    //     - \"error\": \"No room_keys found\" if the key is missing.\n                    // It's useful to know if the key is missing or if the version is wrong.\n                    // As it's not spec'ed, we fall back on considering the key is not in backup.\n                    // Notice that this request will be lost if instead the backup got out of sync (updated from other session).\n                    throw new KeyDownloadError(KeyDownloadErrorCode.MISSING_DECRYPTION_KEY);\n                }\n                if (e.isRateLimitError()) {\n                    let waitTime: number | undefined;\n                    try {\n                        waitTime = e.getRetryAfterMs() ?? undefined;\n                    } catch (error) {\n                        this.logger.warn(\"Error while retrieving a rate-limit retry delay\", error);\n                    }\n                    if (waitTime && waitTime > 0) {\n                        this.logger.info(`Rate limited by server, waiting ${waitTime}ms`);\n                    }\n                    throw new KeyDownloadRateLimitError(waitTime ?? KEY_BACKUP_BACKOFF);\n                }\n            }\n            throw new KeyDownloadError(KeyDownloadErrorCode.NETWORK_ERROR);\n        }\n    }\n\n    private async decryptAndImport(\n        sessionInfo: SessionInfo,\n        data: KeyBackupSession,\n        configuration: Configuration,\n    ): Promise<void> {\n        const sessionsToImport: Record<string, KeyBackupSession> = { [sessionInfo.megolmSessionId]: data };\n\n        const keys = await configuration!.decryptor.decryptSessions(sessionsToImport);\n        for (const k of keys) {\n            k.room_id = sessionInfo.roomId;\n        }\n        await this.backupManager.importBackedUpRoomKeys(keys, configuration.backupVersion);\n    }\n\n    /**\n     * Gets the current backup configuration or create one if it doesn't exist.\n     *\n     * When a valid configuration is found it is cached and returned for subsequent calls.\n     * Otherwise, if a check is forced or a check has not yet been done, a new check is done.\n     *\n     * @returns The backup configuration to use or null if there is a configuration problem.\n     */\n    private async getOrCreateBackupConfiguration(): Promise<Configuration | null> {\n        if (this.configuration) {\n            return this.configuration;\n        }\n\n        // We already tried to check the configuration and it failed.\n        // We don't want to try again immediately, we will retry if a configuration change is detected.\n        if (this.hasConfigurationProblem) {\n            return null;\n        }\n\n        // This method can be called rapidly by several emitted CryptoEvent, so we need to make sure that we don't\n        // query the server several times.\n        if (this.currentBackupVersionCheck != null) {\n            this.logger.debug(`Already checking server version, use current promise`);\n            return await this.currentBackupVersionCheck;\n        }\n\n        this.currentBackupVersionCheck = this.internalCheckFromServer();\n        try {\n            return await this.currentBackupVersionCheck;\n        } finally {\n            this.currentBackupVersionCheck = null;\n        }\n    }\n\n    private async internalCheckFromServer(): Promise<Configuration | null> {\n        let currentServerVersion = null;\n        try {\n            currentServerVersion = await this.backupManager.getServerBackupInfo();\n        } catch (e) {\n            this.logger.debug(`Backup: error while checking server version: ${e}`);\n            this.hasConfigurationProblem = true;\n            return null;\n        }\n        this.logger.debug(`Got current backup version from server: ${currentServerVersion?.version}`);\n\n        if (currentServerVersion?.algorithm != \"m.megolm_backup.v1.curve25519-aes-sha2\") {\n            this.logger.info(`Unsupported algorithm ${currentServerVersion?.algorithm}`);\n            this.hasConfigurationProblem = true;\n            return null;\n        }\n\n        if (!currentServerVersion?.version) {\n            this.logger.info(`No current key backup`);\n            this.hasConfigurationProblem = true;\n            return null;\n        }\n\n        const activeVersion = await this.backupManager.getActiveBackupVersion();\n        if (activeVersion == null || currentServerVersion.version != activeVersion) {\n            // Either the current backup version on server side is not trusted, or it is out of sync with the active version on the client side.\n            this.logger.info(\n                `The current backup version on the server (${currentServerVersion.version}) is not trusted. Version we are currently backing up to: ${activeVersion}`,\n            );\n            this.hasConfigurationProblem = true;\n            return null;\n        }\n\n        const backupKeys = await this.getBackupDecryptionKey();\n        if (!backupKeys?.decryptionKey) {\n            this.logger.debug(`Not checking key backup for session (no decryption key)`);\n            this.hasConfigurationProblem = true;\n            return null;\n        }\n\n        if (activeVersion != backupKeys.backupVersion) {\n            this.logger.debug(\n                `Version for which we have a decryption key (${backupKeys.backupVersion}) doesn't match the version we are backing up to (${activeVersion})`,\n            );\n            this.hasConfigurationProblem = true;\n            return null;\n        }\n\n        const authData = currentServerVersion.auth_data as Curve25519AuthData;\n        if (authData.public_key != backupKeys.decryptionKey.megolmV1PublicKey.publicKeyBase64) {\n            this.logger.debug(`Key backup on server does not match our decryption key`);\n            this.hasConfigurationProblem = true;\n            return null;\n        }\n\n        const backupDecryptor = this.backupManager.createBackupDecryptor(backupKeys.decryptionKey);\n        this.hasConfigurationProblem = false;\n        this.configuration = {\n            decryptor: backupDecryptor,\n            backupVersion: activeVersion,\n        };\n        return this.configuration;\n    }\n}\n"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAMA,SAASA,WAAW,QAAQ,wBAAwB;AAEpD,SAASC,YAAY,EAAaC,WAAW,EAAiBC,MAAM,QAAQ,sBAAsB;AAElG,SAASC,SAAS,EAAEC,KAAK,QAAQ,aAAa;AAG9C;AACA,IAAMC,kBAAkB,GAAG,IAAI,CAAC,CAAC;;AAEjC;AACA;AACA;AAFA,IAGKC,oBAAoB,0BAApBA,oBAAoB;EAApBA,oBAAoB;EAApBA,oBAAoB;EAApBA,oBAAoB;EAAA,OAApBA,oBAAoB;AAAA,EAApBA,oBAAoB;AASzB,MAAMC,gBAAgB,SAASC,KAAK,CAAC;EAC1BC,WAAWA,CAAiBC,IAA0B,EAAE;IAC3D,KAAK,mCAAAC,MAAA,CAAmCD,IAAI,CAAE,CAAC;IAAC,KADjBA,IAA0B,GAA1BA,IAA0B;IAEzD,IAAI,CAACE,IAAI,GAAG,kBAAkB;EAClC;AACJ;AAEA,MAAMC,yBAAyB,SAASL,KAAK,CAAC;EACnCC,WAAWA,CAAiBK,WAAmB,EAAE;IACpD,KAAK,8CAA8C,CAAC;IAAC,KADtBA,WAAmB,GAAnBA,WAAmB;IAElD,IAAI,CAACF,IAAI,GAAG,2BAA2B;EAC3C;AACJ;;AAEA;;AAGA;AACA;AACA;AACA;AACA;;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMG,6BAA6B,CAAC;EA6BvC;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;EACWN,WAAWA,CACdO,MAAc,EACGC,UAAsB,EACtBC,IAAmD,EACnDC,aAAgC,EACnD;IAAA,KAHmBF,UAAsB,GAAtBA,UAAsB;IAAA,KACtBC,IAAmD,GAAnDA,IAAmD;IAAA,KACnDC,aAAgC,GAAhCA,aAAgC;IAAAC,eAAA,kBAxCnC,KAAK;IAEvB;AACJ;AACA;AACA;AACA;IAJIA,eAAA,wBAK8C,IAAI;IAElD;AACJ;IADIA,eAAA,wCAE6D,IAAIC,GAAG,CAAC,CAAC;IAEtE;IAAAD,eAAA;IAGA;IAAAA,eAAA,8BAC8B,KAAK;IAEnC;IAAAA,eAAA,yBACwC,EAAE;IAE1C;IAAAA,eAAA,kCACkC,KAAK;IAEvC;IAAAA,eAAA,oCAC0E,IAAI;IAsF9E;AACJ;AACA;AACA;IAHIA,eAAA,gCAIgC,MAAY;MACxC;MACA,IAAI,CAACE,uBAAuB,GAAG,KAAK;MACpC,IAAI,CAACC,aAAa,GAAG,IAAI;MACzB,IAAI,CAACC,8BAA8B,CAAC,CAAC,CAACC,IAAI,CAAEF,aAAa,IAAK;QAC1D,IAAIA,aAAa,EAAE;UACf;UACA,IAAI,CAACG,gBAAgB,CAAC,CAAC;QAC3B;MACJ,CAAC,CAAC;IACN,CAAC;IApFG,IAAI,CAACV,MAAM,GAAGA,MAAM,CAACW,QAAQ,CAAC,iCAAiC,CAAC;IAEhER,aAAa,CAACS,EAAE,CAAC7B,WAAW,CAAC8B,eAAe,EAAE,IAAI,CAACC,qBAAqB,CAAC;IACzEX,aAAa,CAACS,EAAE,CAAC7B,WAAW,CAACgC,eAAe,EAAE,IAAI,CAACD,qBAAqB,CAAC;IACzEX,aAAa,CAACS,EAAE,CAAC7B,WAAW,CAACiC,4BAA4B,EAAE,IAAI,CAACF,qBAAqB,CAAC;EAC1F;;EAEA;AACJ;AACA;AACA;AACA;EACWG,6BAA6BA,CAAA,EAAY;IAC5C,OAAO,IAAI,CAACV,aAAa,KAAK,IAAI;EACtC;;EAEA;AACJ;AACA;AACA;AACA;EACiBW,mBAAmBA,CAAA,EAA8C;IAAA,IAAAC,KAAA;IAAA,OAAAC,iBAAA;MAC1E,aAAaD,KAAI,CAAChB,aAAa,CAACe,mBAAmB,CAAC,CAAC;IAAC;EAC1D;;EAEA;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACWG,2BAA2BA,CAACC,MAAc,EAAEC,eAAuB,EAAQ;IAC9E;IACA;IACA,IAAI,IAAI,CAACC,gBAAgB,CAACF,MAAM,EAAEC,eAAe,CAAC,EAAE;MAChD;MACA,IAAI,CAACvB,MAAM,CAACyB,KAAK,wCAAA9B,MAAA,CAAwC4B,eAAe,6BAA0B,CAAC;MACnG;IACJ;IAEA,IAAI,IAAI,CAACG,oBAAoB,CAACH,eAAe,CAAC,EAAE;MAC5C;MACA,IAAI,CAACvB,MAAM,CAACyB,KAAK,wCAAA9B,MAAA,CAC0B4B,eAAe,0CAC1D,CAAC;MACD;IACJ;;IAEA;IACA;IACA;IACA;IACA;IACA,IAAI,CAACI,cAAc,CAACC,IAAI,CAAC;MAAEN,MAAM;MAAEC;IAAgB,CAAC,CAAC;;IAErD;IACA,IAAI,CAACb,gBAAgB,CAAC,CAAC;EAC3B;EAEOmB,IAAIA,CAAA,EAAS;IAChB,IAAI,CAACC,OAAO,GAAG,IAAI;IACnB,IAAI,CAAC3B,aAAa,CAAC4B,GAAG,CAAChD,WAAW,CAAC8B,eAAe,EAAE,IAAI,CAACC,qBAAqB,CAAC;IAC/E,IAAI,CAACX,aAAa,CAAC4B,GAAG,CAAChD,WAAW,CAACgC,eAAe,EAAE,IAAI,CAACD,qBAAqB,CAAC;IAC/E,IAAI,CAACX,aAAa,CAAC4B,GAAG,CAAChD,WAAW,CAACiC,4BAA4B,EAAE,IAAI,CAACF,qBAAqB,CAAC;EAChG;EAkBA;EACQU,gBAAgBA,CAACF,MAAc,EAAEC,eAAuB,EAAW;IACvE,OAAO,IAAI,CAACI,cAAc,CAACK,IAAI,CAAEC,IAAI,IAAK;MACtC,OAAOA,IAAI,CAACX,MAAM,IAAIA,MAAM,IAAIW,IAAI,CAACV,eAAe,IAAIA,eAAe;IAC3E,CAAC,CAAC;EACN;;EAEA;AACJ;AACA;AACA;AACA;EACYW,sBAAsBA,CAACX,eAAuB,EAAQ;IAC1D,IAAMY,GAAG,GAAGC,IAAI,CAACD,GAAG,CAAC,CAAC;IACtB,IAAI,CAACE,6BAA6B,CAACC,GAAG,CAACf,eAAe,EAAEY,GAAG,CAAC;IAC5D;IACA,IAAI,IAAI,CAACE,6BAA6B,CAACE,IAAI,GAAG,GAAG,EAAE;MAC/C,IAAI,CAACF,6BAA6B,GAAG,IAAIhC,GAAG,CACxCmC,KAAK,CAACC,IAAI,CAAC,IAAI,CAACJ,6BAA6B,CAAC,CAACK,MAAM,CAAC,CAACC,GAAG,EAAEC,EAAE,KAAK;QAC/D,OAAOC,IAAI,CAACC,GAAG,CAACX,GAAG,GAAGS,EAAE,EAAE,CAAC,CAAC,GAAGvD,kBAAkB;MACrD,CAAC,CACL,CAAC;IACL;EACJ;;EAEA;EACQqC,oBAAoBA,CAACH,eAAuB,EAAW;IAC3D,IAAMwB,SAAS,GAAG,IAAI,CAACV,6BAA6B,CAACW,GAAG,CAACzB,eAAe,CAAC;IACzE,IAAI,CAACwB,SAAS,EAAE,OAAO,KAAK;IAC5B,OAAOF,IAAI,CAACC,GAAG,CAACV,IAAI,CAACD,GAAG,CAAC,CAAC,GAAGY,SAAS,EAAE,CAAC,CAAC,GAAG1D,kBAAkB;EACnE;EAEc4D,sBAAsBA,CAAA,EAA+C;IAAA,IAAAC,MAAA;IAAA,OAAA9B,iBAAA;MAC/E,IAAI;QACA,aAAa8B,MAAI,CAACjD,UAAU,CAACkD,aAAa,CAAC,CAAC;MAChD,CAAC,CAAC,OAAAC,OAAA,EAAM;QACJ,OAAO,IAAI;MACf;IAAC;EACL;;EAEA;AACJ;AACA;AACA;AACA;AACA;AACA;EACkBC,wBAAwBA,CAClCC,OAAe,EACfhC,MAAc,EACdiC,SAAiB,EACQ;IAAA,IAAAC,MAAA;IAAA,OAAApC,iBAAA;MACzB,IAAMqC,IAAI,GAAGtE,SAAS,CAAC,oCAAoC,EAAE;QACzDuE,OAAO,EAAEpC,MAAM;QACfqC,UAAU,EAAEJ;MAChB,CAAC,CAAC;MAEF,aAAaC,MAAI,CAACtD,IAAI,CAAC0D,aAAa,CAAmB1E,MAAM,CAAC2E,GAAG,EAAEJ,IAAI,EAAE;QAAEH;MAAQ,CAAC,EAAEQ,SAAS,EAAE;QAC7FC,MAAM,EAAE/E,YAAY,CAACgF;MACzB,CAAC,CAAC;IAAC;EACP;EAEctD,gBAAgBA,CAAA,EAAkB;IAAA,IAAAuD,MAAA;IAAA,OAAA7C,iBAAA;MAC5C,IAAI6C,MAAI,CAACC,mBAAmB,EAAE;;MAE9B;MACA;MACA,IAAID,MAAI,CAAC3D,uBAAuB,EAAE;MAElC2D,MAAI,CAACC,mBAAmB,GAAG,IAAI;MAE/B,IAAI;QACA,OAAOD,MAAI,CAACtC,cAAc,CAACwC,MAAM,GAAG,CAAC,EAAE;UACnC;UACA;UACA,IAAMC,OAAO,GAAGH,MAAI,CAACtC,cAAc,CAAC,CAAC,CAAC;UACtC,IAAI;YACA;YACA,IAAMpB,aAAa,SAAS0D,MAAI,CAACzD,8BAA8B,CAAC,CAAC;YACjE,IAAI,CAACD,aAAa,EAAE;cAChB;cACA0D,MAAI,CAACC,mBAAmB,GAAG,KAAK;cAChC;YACJ;YAEA,IAAMG,MAAM,SAASJ,MAAI,CAACK,cAAc,CAACF,OAAO,CAAC9C,MAAM,EAAE8C,OAAO,CAAC7C,eAAe,EAAEhB,aAAa,CAAC;YAEhG,IAAI0D,MAAI,CAACnC,OAAO,EAAE;cACd;YACJ;YACA;YACA,IAAI;cACA,MAAMmC,MAAI,CAACM,gBAAgB,CAACH,OAAO,EAAEC,MAAM,EAAE9D,aAAa,CAAC;YAC/D,CAAC,CAAC,OAAOiE,CAAC,EAAE;cACRP,MAAI,CAACjE,MAAM,CAACyE,KAAK,gEAAA9E,MAAA,CACkDyE,OAAO,CAAC7C,eAAe,GACtFiD,CACJ,CAAC;YACL;YACA;YACAP,MAAI,CAACtC,cAAc,CAAC+C,KAAK,CAAC,CAAC;UAC/B,CAAC,CAAC,OAAOC,GAAG,EAAE;YACV,IAAIA,GAAG,YAAYpF,gBAAgB,EAAE;cACjC,QAAQoF,GAAG,CAACjF,IAAI;gBACZ,KAAKJ,oBAAoB,CAACsF,sBAAsB;kBAC5CX,MAAI,CAAC/B,sBAAsB,CAACkC,OAAO,CAAC7C,eAAe,CAAC;kBACpD;kBACA0C,MAAI,CAACtC,cAAc,CAAC+C,KAAK,CAAC,CAAC;kBAC3B;gBACJ,KAAKpF,oBAAoB,CAACuF,aAAa;kBACnC;kBACA,MAAMzF,KAAK,CAACC,kBAAkB,CAAC;kBAC/B;gBACJ,KAAKC,oBAAoB,CAACwF,OAAO;kBAC7B;kBACAb,MAAI,CAACC,mBAAmB,GAAG,KAAK;kBAChC;cACR;YACJ,CAAC,MAAM,IAAIS,GAAG,YAAY9E,yBAAyB,EAAE;cACjD;cACA,MAAMT,KAAK,CAACuF,GAAG,CAAC7E,WAAW,CAAC;YAChC;UACJ;QACJ;MACJ,CAAC,SAAS;QACN;QACAmE,MAAI,CAACC,mBAAmB,GAAG,KAAK;MACpC;IAAC;EACL;;EAEA;AACJ;AACA;AACA;AACA;AACA;AACA;EACkBI,cAAcA,CACxBS,YAAoB,EACpBC,eAAuB,EACvBzE,aAA4B,EACH;IAAA,IAAA0E,MAAA;IAAA,OAAA7D,iBAAA;MACzB6D,MAAI,CAACjF,MAAM,CAACkF,KAAK,oCAAAvF,MAAA,CAAoCqF,eAAe,CAAE,CAAC;MACvE,IAAIC,MAAI,CAACnD,OAAO,EAAE,MAAM,IAAIvC,gBAAgB,CAACD,oBAAoB,CAACwF,OAAO,CAAC;MAC1E,IAAI;QACA,IAAMK,GAAG,SAASF,MAAI,CAAC5B,wBAAwB,CAAC9C,aAAa,CAAC6E,aAAa,EAAEL,YAAY,EAAEC,eAAe,CAAC;QAC3GC,MAAI,CAACjF,MAAM,CAACkF,KAAK,sCAAAvF,MAAA,CAAsCqF,eAAe,CAAE,CAAC;QACzE,OAAOG,GAAG;MACd,CAAC,CAAC,OAAOX,CAAC,EAAE;QACR,IAAIS,MAAI,CAACnD,OAAO,EAAE,MAAM,IAAIvC,gBAAgB,CAACD,oBAAoB,CAACwF,OAAO,CAAC;QAE1EG,MAAI,CAACjF,MAAM,CAACiC,IAAI,8CAAAtC,MAAA,CAA8CqF,eAAe,QAAArF,MAAA,CAAK6E,CAAC,CAAE,CAAC;QACtF,IAAIA,CAAC,YAAYvF,WAAW,EAAE;UAC1B,IAAMoG,OAAO,GAAGb,CAAC,CAACc,IAAI,CAACC,OAAO;UAC9B,IAAIF,OAAO,IAAI,aAAa,EAAE;YAC1B;YACA;YACA;YACA;YACA;YACA;YACA;YACA,MAAM,IAAI9F,gBAAgB,CAACD,oBAAoB,CAACsF,sBAAsB,CAAC;UAC3E;UACA,IAAIJ,CAAC,CAACgB,gBAAgB,CAAC,CAAC,EAAE;YAAA,IAAAC,SAAA;YACtB,IAAIC,QAA4B;YAChC,IAAI;cAAA,IAAAC,kBAAA;cACAD,QAAQ,IAAAC,kBAAA,GAAGnB,CAAC,CAACoB,eAAe,CAAC,CAAC,cAAAD,kBAAA,cAAAA,kBAAA,GAAI7B,SAAS;YAC/C,CAAC,CAAC,OAAOW,KAAK,EAAE;cACZQ,MAAI,CAACjF,MAAM,CAAC6F,IAAI,CAAC,iDAAiD,EAAEpB,KAAK,CAAC;YAC9E;YACA,IAAIiB,QAAQ,IAAIA,QAAQ,GAAG,CAAC,EAAE;cAC1BT,MAAI,CAACjF,MAAM,CAACiC,IAAI,oCAAAtC,MAAA,CAAoC+F,QAAQ,OAAI,CAAC;YACrE;YACA,MAAM,IAAI7F,yBAAyB,EAAA4F,SAAA,GAACC,QAAQ,cAAAD,SAAA,cAAAA,SAAA,GAAIpG,kBAAkB,CAAC;UACvE;QACJ;QACA,MAAM,IAAIE,gBAAgB,CAACD,oBAAoB,CAACuF,aAAa,CAAC;MAClE;IAAC;EACL;EAEcN,gBAAgBA,CAC1BuB,WAAwB,EACxBR,IAAsB,EACtB/E,aAA4B,EACf;IAAA,IAAAwF,MAAA;IAAA,OAAA3E,iBAAA;MACb,IAAM4E,gBAAkD,GAAG;QAAE,CAACF,WAAW,CAACvE,eAAe,GAAG+D;MAAK,CAAC;MAElG,IAAMW,IAAI,SAAS1F,aAAa,CAAE2F,SAAS,CAACC,eAAe,CAACH,gBAAgB,CAAC;MAC7E,KAAK,IAAMI,CAAC,IAAIH,IAAI,EAAE;QAClBG,CAAC,CAACC,OAAO,GAAGP,WAAW,CAACxE,MAAM;MAClC;MACA,MAAMyE,MAAI,CAAC5F,aAAa,CAACmG,sBAAsB,CAACL,IAAI,EAAE1F,aAAa,CAAC6E,aAAa,CAAC;IAAC;EACvF;;EAEA;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;EACkB5E,8BAA8BA,CAAA,EAAkC;IAAA,IAAA+F,MAAA;IAAA,OAAAnF,iBAAA;MAC1E,IAAImF,MAAI,CAAChG,aAAa,EAAE;QACpB,OAAOgG,MAAI,CAAChG,aAAa;MAC7B;;MAEA;MACA;MACA,IAAIgG,MAAI,CAACjG,uBAAuB,EAAE;QAC9B,OAAO,IAAI;MACf;;MAEA;MACA;MACA,IAAIiG,MAAI,CAACC,yBAAyB,IAAI,IAAI,EAAE;QACxCD,MAAI,CAACvG,MAAM,CAACkF,KAAK,uDAAuD,CAAC;QACzE,aAAaqB,MAAI,CAACC,yBAAyB;MAC/C;MAEAD,MAAI,CAACC,yBAAyB,GAAGD,MAAI,CAACE,uBAAuB,CAAC,CAAC;MAC/D,IAAI;QACA,aAAaF,MAAI,CAACC,yBAAyB;MAC/C,CAAC,SAAS;QACND,MAAI,CAACC,yBAAyB,GAAG,IAAI;MACzC;IAAC;EACL;EAEcC,uBAAuBA,CAAA,EAAkC;IAAA,IAAAC,MAAA;IAAA,OAAAtF,iBAAA;MAAA,IAAAuF,qBAAA,EAAAC,sBAAA,EAAAC,sBAAA;MACnE,IAAIC,oBAAoB,GAAG,IAAI;MAC/B,IAAI;QACAA,oBAAoB,SAASJ,MAAI,CAACvG,aAAa,CAACe,mBAAmB,CAAC,CAAC;MACzE,CAAC,CAAC,OAAOsD,CAAC,EAAE;QACRkC,MAAI,CAAC1G,MAAM,CAACkF,KAAK,iDAAAvF,MAAA,CAAiD6E,CAAC,CAAE,CAAC;QACtEkC,MAAI,CAACpG,uBAAuB,GAAG,IAAI;QACnC,OAAO,IAAI;MACf;MACAoG,MAAI,CAAC1G,MAAM,CAACkF,KAAK,4CAAAvF,MAAA,EAAAgH,qBAAA,GAA4CG,oBAAoB,cAAAH,qBAAA,uBAApBA,qBAAA,CAAsBrD,OAAO,CAAE,CAAC;MAE7F,IAAI,EAAAsD,sBAAA,GAAAE,oBAAoB,cAAAF,sBAAA,uBAApBA,sBAAA,CAAsBG,SAAS,KAAI,wCAAwC,EAAE;QAAA,IAAAC,sBAAA;QAC7EN,MAAI,CAAC1G,MAAM,CAACiC,IAAI,0BAAAtC,MAAA,EAAAqH,sBAAA,GAA0BF,oBAAoB,cAAAE,sBAAA,uBAApBA,sBAAA,CAAsBD,SAAS,CAAE,CAAC;QAC5EL,MAAI,CAACpG,uBAAuB,GAAG,IAAI;QACnC,OAAO,IAAI;MACf;MAEA,IAAI,GAAAuG,sBAAA,GAACC,oBAAoB,cAAAD,sBAAA,eAApBA,sBAAA,CAAsBvD,OAAO,GAAE;QAChCoD,MAAI,CAAC1G,MAAM,CAACiC,IAAI,wBAAwB,CAAC;QACzCyE,MAAI,CAACpG,uBAAuB,GAAG,IAAI;QACnC,OAAO,IAAI;MACf;MAEA,IAAM2G,aAAa,SAASP,MAAI,CAACvG,aAAa,CAAC+G,sBAAsB,CAAC,CAAC;MACvE,IAAID,aAAa,IAAI,IAAI,IAAIH,oBAAoB,CAACxD,OAAO,IAAI2D,aAAa,EAAE;QACxE;QACAP,MAAI,CAAC1G,MAAM,CAACiC,IAAI,8CAAAtC,MAAA,CACiCmH,oBAAoB,CAACxD,OAAO,gEAAA3D,MAAA,CAA6DsH,aAAa,CACvJ,CAAC;QACDP,MAAI,CAACpG,uBAAuB,GAAG,IAAI;QACnC,OAAO,IAAI;MACf;MAEA,IAAM6G,UAAU,SAAST,MAAI,CAACzD,sBAAsB,CAAC,CAAC;MACtD,IAAI,EAACkE,UAAU,aAAVA,UAAU,eAAVA,UAAU,CAAEC,aAAa,GAAE;QAC5BV,MAAI,CAAC1G,MAAM,CAACkF,KAAK,0DAA0D,CAAC;QAC5EwB,MAAI,CAACpG,uBAAuB,GAAG,IAAI;QACnC,OAAO,IAAI;MACf;MAEA,IAAI2G,aAAa,IAAIE,UAAU,CAAC/B,aAAa,EAAE;QAC3CsB,MAAI,CAAC1G,MAAM,CAACkF,KAAK,gDAAAvF,MAAA,CACkCwH,UAAU,CAAC/B,aAAa,wDAAAzF,MAAA,CAAqDsH,aAAa,MAC7I,CAAC;QACDP,MAAI,CAACpG,uBAAuB,GAAG,IAAI;QACnC,OAAO,IAAI;MACf;MAEA,IAAM+G,QAAQ,GAAGP,oBAAoB,CAACQ,SAA+B;MACrE,IAAID,QAAQ,CAACE,UAAU,IAAIJ,UAAU,CAACC,aAAa,CAACI,iBAAiB,CAACC,eAAe,EAAE;QACnFf,MAAI,CAAC1G,MAAM,CAACkF,KAAK,yDAAyD,CAAC;QAC3EwB,MAAI,CAACpG,uBAAuB,GAAG,IAAI;QACnC,OAAO,IAAI;MACf;MAEA,IAAMoH,eAAe,GAAGhB,MAAI,CAACvG,aAAa,CAACwH,qBAAqB,CAACR,UAAU,CAACC,aAAa,CAAC;MAC1FV,MAAI,CAACpG,uBAAuB,GAAG,KAAK;MACpCoG,MAAI,CAACnG,aAAa,GAAG;QACjB2F,SAAS,EAAEwB,eAAe;QAC1BtC,aAAa,EAAE6B;MACnB,CAAC;MACD,OAAOP,MAAI,CAACnG,aAAa;IAAC;EAC9B;AACJ","ignoreList":[]}

package/lib/rust-crypto/RoomEncryptor.d.ts

@@ -1,98 +0,0 @@
-import { HistoryVisibility as RustHistoryVisibility, OlmMachine } from "@matrix-org/matrix-sdk-crypto-wasm";
-import { IContent, MatrixEvent } from "../models/event.ts";
-import { Room } from "../models/room.ts";
-import { KeyClaimManager } from "./KeyClaimManager.ts";
-import { RoomMember } from "../models/room-member.ts";
-import { HistoryVisibility } from "../@types/partials.ts";
-import { OutgoingRequestsManager } from "./OutgoingRequestsManager.ts";
-import { DeviceIsolationMode } from "../crypto-api/index.ts";
-/**
- * RoomEncryptor: responsible for encrypting messages to a given room
- *
- * @internal
- */
-export declare class RoomEncryptor {
-    private readonly olmMachine;
-    private readonly keyClaimManager;
-    private readonly outgoingRequestManager;
-    private readonly room;
-    private encryptionSettings;
-    private readonly prefixedLogger;
-    /** whether the room members have been loaded and tracked for the first time */
-    private lazyLoadedMembersResolved;
-    /**
-     * Ensures that there is only one encryption operation at a time for that room.
-     *
-     * An encryption operation is either a {@link prepareForEncryption} or an {@link encryptEvent} call.
-     */
-    private currentEncryptionPromise;
-    /**
-     * @param olmMachine - The rust-sdk's OlmMachine
-     * @param keyClaimManager - Our KeyClaimManager, which manages the queue of one-time-key claim requests
-     * @param outgoingRequestManager - The OutgoingRequestManager, which manages the queue of outgoing requests.
-     * @param room - The room we want to encrypt for
-     * @param encryptionSettings - body of the m.room.encryption event currently in force in this room
-     */
-    constructor(olmMachine: OlmMachine, keyClaimManager: KeyClaimManager, outgoingRequestManager: OutgoingRequestsManager, room: Room, encryptionSettings: IContent);
-    /**
-     * Handle a new `m.room.encryption` event in this room
-     *
-     * @param config - The content of the encryption event
-     */
-    onCryptoEvent(config: IContent): void;
-    /**
-     * Handle a new `m.room.member` event in this room
-     *
-     * @param member - new membership state
-     */
-    onRoomMembership(member: RoomMember): void;
-    /**
-     * Prepare to encrypt events in this room.
-     *
-     * This ensures that we have a megolm session ready to use and that we have shared its key with all the devices
-     * in the room.
-     * @param globalBlacklistUnverifiedDevices - When `true`, and `deviceIsolationMode` is `AllDevicesIsolationMode`,
-     * will not send encrypted messages to unverified devices.
-     * Ignored when `deviceIsolationMode` is `OnlySignedDevicesIsolationMode`.
-     * @param deviceIsolationMode - The device isolation mode. See {@link DeviceIsolationMode}.
-     */
-    prepareForEncryption(globalBlacklistUnverifiedDevices: boolean, deviceIsolationMode: DeviceIsolationMode): Promise<void>;
-    /**
-     * Encrypt an event for this room, or prepare for encryption.
-     *
-     * This will ensure that we have a megolm session for this room, share it with the devices in the room, and
-     * then, if an event is provided, encrypt it using the session.
-     *
-     * @param event - Event to be encrypted, or null if only preparing for encryption (in which case we will pre-share the room key).
-     * @param globalBlacklistUnverifiedDevices - When `true`, and `deviceIsolationMode` is `AllDevicesIsolationMode`,
-     * will not send encrypted messages to unverified devices.
-     * Ignored when `deviceIsolationMode` is `OnlySignedDevicesIsolationMode`.
-     * @param deviceIsolationMode - The device isolation mode. See {@link DeviceIsolationMode}.
-     */
-    encryptEvent(event: MatrixEvent | null, globalBlacklistUnverifiedDevices: boolean, deviceIsolationMode: DeviceIsolationMode): Promise<void>;
-    /**
-     * Prepare to encrypt events in this room.
-     *
-     * This ensures that we have a megolm session ready to use and that we have shared its key with all the devices
-     * in the room.
-     *
-     * @param logger - a place to write diagnostics to
-     * @param globalBlacklistUnverifiedDevices - When `true`, and `deviceIsolationMode` is `AllDevicesIsolationMode`,
-     * will not send encrypted messages to unverified devices.
-     * Ignored when `deviceIsolationMode` is `OnlySignedDevicesIsolationMode`.
-     * @param deviceIsolationMode - The device isolation mode. See {@link DeviceIsolationMode}.
-     */
-    private ensureEncryptionSession;
-    /**
-     * Discard any existing group session for this room
-     */
-    forceDiscardSession(): Promise<void>;
-    private encryptEventInner;
-}
-/**
- * Convert a HistoryVisibility to a RustHistoryVisibility
- * @param visibility - HistoryVisibility enum
- * @returns a RustHistoryVisibility enum
- */
-export declare function toRustHistoryVisibility(visibility: HistoryVisibility): RustHistoryVisibility;
-//# sourceMappingURL=RoomEncryptor.d.ts.map

package/lib/rust-crypto/RoomEncryptor.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"RoomEncryptor.d.ts","sourceRoot":"","sources":["../../src/rust-crypto/RoomEncryptor.ts"],"names":[],"mappings":"AAiBA,OAAO,EAIH,iBAAiB,IAAI,qBAAqB,EAC1C,UAAU,EAIb,MAAM,oCAAoC,CAAC;AAG5C,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,MAAM,mBAAmB,CAAC;AAEzC,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,uBAAuB,EAAE,MAAM,8BAA8B,CAAC;AAGvE,OAAO,EAAE,mBAAmB,EAA2B,MAAM,wBAAwB,CAAC;AAEtF;;;;GAIG;AACH,qBAAa,aAAa;IAqBlB,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,eAAe;IAChC,OAAO,CAAC,QAAQ,CAAC,sBAAsB;IACvC,OAAO,CAAC,QAAQ,CAAC,IAAI;IACrB,OAAO,CAAC,kBAAkB;IAxB9B,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAS;IAExC,+EAA+E;IAC/E,OAAO,CAAC,yBAAyB,CAAS;IAE1C;;;;OAIG;IACH,OAAO,CAAC,wBAAwB,CAAoC;IAEpE;;;;;;OAMG;gBAEkB,UAAU,EAAE,UAAU,EACtB,eAAe,EAAE,eAAe,EAChC,sBAAsB,EAAE,uBAAuB,EAC/C,IAAI,EAAE,IAAI,EACnB,kBAAkB,EAAE,QAAQ;IAgBxC;;;;OAIG;IACI,aAAa,CAAC,MAAM,EAAE,QAAQ,GAAG,IAAI;IAO5C;;;;OAIG;IACI,gBAAgB,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI;IAcjD;;;;;;;;;OASG;IACU,oBAAoB,CAC7B,gCAAgC,EAAE,OAAO,EACzC,mBAAmB,EAAE,mBAAmB,GACzC,OAAO,CAAC,IAAI,CAAC;IAWhB;;;;;;;;;;;OAWG;IACI,YAAY,CACf,KAAK,EAAE,WAAW,GAAG,IAAI,EACzB,gCAAgC,EAAE,OAAO,EACzC,mBAAmB,EAAE,mBAAmB,GACzC,OAAO,CAAC,IAAI,CAAC;IAwBhB;;;;;;;;;;;OAWG;YACW,uBAAuB;IAiHrC;;OAEG;IACU,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC;YAOnC,iBAAiB;CAiBlC;AAED;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,UAAU,EAAE,iBAAiB,GAAG,qBAAqB,CAW5F"}