@venturekit/auth 0.0.0-dev.20260701100017 → 0.0.0-dev.20260704225856
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +2 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +5 -1
- package/dist/index.js.map +1 -1
- package/{migrations → dist/migrations}/vk_auth_001_verification_codes.sql +7 -4
- package/dist/migrations/vk_auth_003_role_scopes.sql +43 -0
- package/dist/roles/index.d.ts +5 -1
- package/dist/roles/index.d.ts.map +1 -1
- package/dist/roles/index.js +4 -1
- package/dist/roles/index.js.map +1 -1
- package/dist/roles/role-scopes.d.ts +92 -0
- package/dist/roles/role-scopes.d.ts.map +1 -0
- package/dist/roles/role-scopes.js +122 -0
- package/dist/roles/role-scopes.js.map +1 -0
- package/dist/server/cookies.d.ts +98 -13
- package/dist/server/cookies.d.ts.map +1 -1
- package/dist/server/cookies.js +77 -19
- package/dist/server/cookies.js.map +1 -1
- package/dist/server/federated-routes.d.ts +29 -22
- package/dist/server/federated-routes.d.ts.map +1 -1
- package/dist/server/federated-routes.js +31 -4
- package/dist/server/federated-routes.js.map +1 -1
- package/dist/server/federated.d.ts.map +1 -1
- package/dist/server/federated.js +7 -11
- package/dist/server/federated.js.map +1 -1
- package/dist/server/forgot-password.js +0 -1
- package/dist/server/forgot-password.js.map +1 -1
- package/dist/server/handoff-routes.d.ts +130 -0
- package/dist/server/handoff-routes.d.ts.map +1 -0
- package/dist/server/handoff-routes.js +178 -0
- package/dist/server/handoff-routes.js.map +1 -0
- package/dist/server/handoff.d.ts +112 -0
- package/dist/server/handoff.d.ts.map +1 -0
- package/dist/server/handoff.js +102 -0
- package/dist/server/handoff.js.map +1 -0
- package/dist/server/index.d.ts +11 -4
- package/dist/server/index.d.ts.map +1 -1
- package/dist/server/index.js +9 -3
- package/dist/server/index.js.map +1 -1
- package/dist/server/middleware.d.ts +35 -0
- package/dist/server/middleware.d.ts.map +1 -1
- package/dist/server/middleware.js +50 -10
- package/dist/server/middleware.js.map +1 -1
- package/dist/server/passwordless.d.ts +68 -0
- package/dist/server/passwordless.d.ts.map +1 -0
- package/dist/server/passwordless.js +136 -0
- package/dist/server/passwordless.js.map +1 -0
- package/dist/server/revoke.d.ts +10 -0
- package/dist/server/revoke.d.ts.map +1 -1
- package/dist/server/revoke.js +19 -2
- package/dist/server/revoke.js.map +1 -1
- package/dist/server/store/postgres.d.ts +35 -0
- package/dist/server/store/postgres.d.ts.map +1 -0
- package/dist/server/store/postgres.js +88 -0
- package/dist/server/store/postgres.js.map +1 -0
- package/dist/server/token-utils.d.ts +12 -2
- package/dist/server/token-utils.d.ts.map +1 -1
- package/dist/server/token-utils.js +9 -4
- package/dist/server/token-utils.js.map +1 -1
- package/package.json +21 -8
- package/src/migrations/vk_auth_001_verification_codes.sql +55 -0
- package/src/migrations/vk_auth_003_role_scopes.sql +43 -0
package/dist/server/cookies.js
CHANGED
|
@@ -6,35 +6,58 @@
|
|
|
6
6
|
* - `HttpOnly` — JS in the browser cannot read these. The browser
|
|
7
7
|
* attaches them automatically when fetching with
|
|
8
8
|
* `credentials: 'include'`.
|
|
9
|
-
* - `Secure` — set when {@link CookieOptions.secure} is true
|
|
10
|
-
*
|
|
11
|
-
*
|
|
9
|
+
* - `Secure` — set when {@link CookieOptions.secure} is true. Defaults to
|
|
10
|
+
* ON everywhere except explicit local dev (`VENTURE_LOCAL === 'true'`,
|
|
11
|
+
* set by `vk dev`), so production cookies are always `Secure` while
|
|
12
|
+
* localhost over plain HTTP keeps working.
|
|
12
13
|
* - `SameSite=Lax` for the id/access cookies, `SameSite=Strict` for
|
|
13
14
|
* the refresh cookie. The refresh cookie is only ever sent to the
|
|
14
15
|
* paths under {@link CookieOptions.refreshPath} (default `/auth`)
|
|
15
16
|
* so it never leaks to non-auth handlers.
|
|
16
17
|
* - `Path=/` for the id/access tokens, `Path=/auth` for refresh.
|
|
17
18
|
*
|
|
18
|
-
* The cookies are **host-only** (no `Domain` attribute) so
|
|
19
|
-
* scoped to the host the response came from. The browser sends
|
|
20
|
-
* every request to that host, including cross-origin XHR from a
|
|
21
|
-
* subdomain when `credentials: 'include'` is used and both hosts
|
|
22
|
-
* the same registrable domain.
|
|
19
|
+
* The cookies are **host-only** (no `Domain` attribute) by default, so
|
|
20
|
+
* they're scoped to the host the response came from. The browser sends
|
|
21
|
+
* them on every request to that host, including cross-origin XHR from a
|
|
22
|
+
* sibling subdomain when `credentials: 'include'` is used and both hosts
|
|
23
|
+
* share the same registrable domain. Apps that need the session to
|
|
24
|
+
* survive host changes — `www.` ↔ apex on a white-label domain, or
|
|
25
|
+
* cross-subdomain navigation in dev — pass {@link CookieOptions.domain}
|
|
26
|
+
* (usually computed per request with {@link resolveCookieDomain}) and
|
|
27
|
+
* every cookie gains a `Domain=` attribute.
|
|
23
28
|
*/
|
|
24
29
|
export const ID_TOKEN_COOKIE = 'vk_id_token';
|
|
25
30
|
export const ACCESS_TOKEN_COOKIE = 'vk_access_token';
|
|
26
31
|
export const REFRESH_TOKEN_COOKIE = 'vk_refresh_token';
|
|
27
32
|
const REFRESH_MAX_AGE_SECONDS = 30 * 24 * 60 * 60; // 30 days
|
|
33
|
+
/**
|
|
34
|
+
* Default value for the cookie `Secure` flag.
|
|
35
|
+
*
|
|
36
|
+
* Secure is ON everywhere EXCEPT explicit local development, detected via
|
|
37
|
+
* `VENTURE_LOCAL === 'true'` (set by `vk dev`). A deployed Lambda never sets
|
|
38
|
+
* `VENTURE_LOCAL`, so production cookies always get `Secure`.
|
|
39
|
+
*
|
|
40
|
+
* This deliberately does NOT key off `NODE_ENV`: the AWS Lambda runtime does
|
|
41
|
+
* not set `NODE_ENV=production`, and the infra layer historically did not
|
|
42
|
+
* inject it, so the old `NODE_ENV === 'production'` default silently shipped
|
|
43
|
+
* session cookies WITHOUT `Secure` in production.
|
|
44
|
+
*/
|
|
45
|
+
export function defaultSecure() {
|
|
46
|
+
return process.env.VENTURE_LOCAL !== 'true';
|
|
47
|
+
}
|
|
28
48
|
function resolve(opts) {
|
|
29
49
|
return {
|
|
30
|
-
secure: opts?.secure ??
|
|
50
|
+
secure: opts?.secure ?? defaultSecure(),
|
|
31
51
|
refreshPath: opts?.refreshPath ?? '/auth',
|
|
32
52
|
refreshMaxAgeSeconds: opts?.refreshMaxAgeSeconds ?? REFRESH_MAX_AGE_SECONDS,
|
|
53
|
+
domain: opts?.domain,
|
|
33
54
|
};
|
|
34
55
|
}
|
|
35
56
|
function buildSetCookie(name, value, attrs, secure) {
|
|
36
57
|
const parts = [`${name}=${encodeURIComponent(value)}`];
|
|
37
58
|
parts.push(`Path=${attrs.path ?? '/'}`);
|
|
59
|
+
if (attrs.domain)
|
|
60
|
+
parts.push(`Domain=${attrs.domain}`);
|
|
38
61
|
parts.push(`SameSite=${attrs.sameSite ?? 'Lax'}`);
|
|
39
62
|
parts.push('HttpOnly');
|
|
40
63
|
if (secure)
|
|
@@ -55,16 +78,17 @@ function buildSetCookie(name, value, attrs, secure) {
|
|
|
55
78
|
* `REFRESH_TOKEN_AUTH` doesn't rotate the refresh token).
|
|
56
79
|
*/
|
|
57
80
|
export function buildSessionCookies(tokens, options) {
|
|
58
|
-
const { secure, refreshPath, refreshMaxAgeSeconds } = resolve(options);
|
|
81
|
+
const { secure, refreshPath, refreshMaxAgeSeconds, domain } = resolve(options);
|
|
59
82
|
const accessMaxAge = Math.max(60, Math.min(tokens.expiresIn, 3600));
|
|
60
83
|
const headers = [];
|
|
61
|
-
headers.push(buildSetCookie(ID_TOKEN_COOKIE, tokens.idToken, { maxAge: accessMaxAge }, secure));
|
|
62
|
-
headers.push(buildSetCookie(ACCESS_TOKEN_COOKIE, tokens.accessToken, { maxAge: accessMaxAge }, secure));
|
|
84
|
+
headers.push(buildSetCookie(ID_TOKEN_COOKIE, tokens.idToken, { maxAge: accessMaxAge, ...(domain ? { domain } : {}) }, secure));
|
|
85
|
+
headers.push(buildSetCookie(ACCESS_TOKEN_COOKIE, tokens.accessToken, { maxAge: accessMaxAge, ...(domain ? { domain } : {}) }, secure));
|
|
63
86
|
if (tokens.refreshToken) {
|
|
64
87
|
headers.push(buildSetCookie(REFRESH_TOKEN_COOKIE, tokens.refreshToken, {
|
|
65
88
|
path: refreshPath,
|
|
66
89
|
maxAge: refreshMaxAgeSeconds,
|
|
67
90
|
sameSite: 'Strict',
|
|
91
|
+
...(domain ? { domain } : {}),
|
|
68
92
|
}, secure));
|
|
69
93
|
}
|
|
70
94
|
return headers;
|
|
@@ -75,11 +99,11 @@ export function buildSessionCookies(tokens, options) {
|
|
|
75
99
|
* terminally so the next attempt goes straight to sign-in.
|
|
76
100
|
*/
|
|
77
101
|
export function buildClearSessionCookies(options) {
|
|
78
|
-
const { secure, refreshPath } = resolve(options);
|
|
102
|
+
const { secure, refreshPath, domain } = resolve(options);
|
|
79
103
|
return [
|
|
80
|
-
buildSetCookie(ID_TOKEN_COOKIE, '', { maxAge: 0 }, secure),
|
|
81
|
-
buildSetCookie(ACCESS_TOKEN_COOKIE, '', { maxAge: 0 }, secure),
|
|
82
|
-
buildSetCookie(REFRESH_TOKEN_COOKIE, '', { path: refreshPath, maxAge: 0, sameSite: 'Strict' }, secure),
|
|
104
|
+
buildSetCookie(ID_TOKEN_COOKIE, '', { maxAge: 0, ...(domain ? { domain } : {}) }, secure),
|
|
105
|
+
buildSetCookie(ACCESS_TOKEN_COOKIE, '', { maxAge: 0, ...(domain ? { domain } : {}) }, secure),
|
|
106
|
+
buildSetCookie(REFRESH_TOKEN_COOKIE, '', { path: refreshPath, maxAge: 0, sameSite: 'Strict', ...(domain ? { domain } : {}) }, secure),
|
|
83
107
|
];
|
|
84
108
|
}
|
|
85
109
|
/**
|
|
@@ -124,10 +148,11 @@ export function oauthStateCookieName(provider) {
|
|
|
124
148
|
* ```
|
|
125
149
|
*/
|
|
126
150
|
export function buildOAuthStateCookie(provider, value, options) {
|
|
127
|
-
const secure = options?.secure ??
|
|
151
|
+
const secure = options?.secure ?? defaultSecure();
|
|
128
152
|
return buildSetCookie(oauthStateCookieName(provider), value, {
|
|
129
153
|
path: options?.path ?? '/auth',
|
|
130
154
|
maxAge: options?.maxAgeSeconds ?? OAUTH_STATE_MAX_AGE_SECONDS,
|
|
155
|
+
...(options?.domain ? { domain: options.domain } : {}),
|
|
131
156
|
}, secure);
|
|
132
157
|
}
|
|
133
158
|
/**
|
|
@@ -136,8 +161,41 @@ export function buildOAuthStateCookie(provider, value, options) {
|
|
|
136
161
|
* flow so a stale `state` can't be replayed.
|
|
137
162
|
*/
|
|
138
163
|
export function clearOAuthStateCookie(provider, options) {
|
|
139
|
-
const secure = options?.secure ??
|
|
140
|
-
return buildSetCookie(oauthStateCookieName(provider), '', {
|
|
164
|
+
const secure = options?.secure ?? defaultSecure();
|
|
165
|
+
return buildSetCookie(oauthStateCookieName(provider), '', {
|
|
166
|
+
path: options?.path ?? '/auth',
|
|
167
|
+
maxAge: 0,
|
|
168
|
+
...(options?.domain ? { domain: options.domain } : {}),
|
|
169
|
+
}, secure);
|
|
170
|
+
}
|
|
171
|
+
/**
|
|
172
|
+
* Compute the {@link CookieOptions.domain} value for a request host on
|
|
173
|
+
* a white-label multi-tenant platform.
|
|
174
|
+
*
|
|
175
|
+
* Decision table (`platformApex: 'example.com'`):
|
|
176
|
+
* - `app.example.com` → `undefined` (host-only) — or `example.com`
|
|
177
|
+
* with `pinPlatform: true`.
|
|
178
|
+
* - `www.acme.io` / `acme.io` (custom domain) → `acme.io`, so the
|
|
179
|
+
* `www.` and bare hosts share the session.
|
|
180
|
+
* - `''` → `undefined`.
|
|
181
|
+
*
|
|
182
|
+
* Ports are stripped (`app.example.com:3000` → platform host), and
|
|
183
|
+
* matching is case-insensitive. Pass the BROWSER-facing host — behind
|
|
184
|
+
* a same-origin SPA proxy that's the `origin`/`referer` host, not the
|
|
185
|
+
* Lambda's `host` header (see `getRequestHost` in
|
|
186
|
+
* `@venturekit/runtime`).
|
|
187
|
+
*/
|
|
188
|
+
export function resolveCookieDomain(requestHost, options) {
|
|
189
|
+
const host = requestHost.replace(/:\d+$/, '').toLowerCase();
|
|
190
|
+
if (!host)
|
|
191
|
+
return undefined;
|
|
192
|
+
const apex = options.platformApex.toLowerCase();
|
|
193
|
+
if (host === apex || host.endsWith(`.${apex}`)) {
|
|
194
|
+
return options.pinPlatform ? apex : undefined;
|
|
195
|
+
}
|
|
196
|
+
// Custom (white-label) domain — pin to the apex so `www.` and the
|
|
197
|
+
// bare domain share the session.
|
|
198
|
+
return host.replace(/^www\./, '');
|
|
141
199
|
}
|
|
142
200
|
/**
|
|
143
201
|
* Read a single cookie out of a `Cookie:` header value. Returns `null`
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cookies.js","sourceRoot":"","sources":["../../src/server/cookies.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"cookies.js","sourceRoot":"","sources":["../../src/server/cookies.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,MAAM,CAAC,MAAM,eAAe,GAAG,aAAa,CAAC;AAC7C,MAAM,CAAC,MAAM,mBAAmB,GAAG,iBAAiB,CAAC;AACrD,MAAM,CAAC,MAAM,oBAAoB,GAAG,kBAAkB,CAAC;AAEvD,MAAM,uBAAuB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,UAAU;AAuD7D;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,MAAM,CAAC;AAC9C,CAAC;AAED,SAAS,OAAO,CAAC,IAAoB;IACnC,OAAO;QACL,MAAM,EAAE,IAAI,EAAE,MAAM,IAAI,aAAa,EAAE;QACvC,WAAW,EAAE,IAAI,EAAE,WAAW,IAAI,OAAO;QACzC,oBAAoB,EAAE,IAAI,EAAE,oBAAoB,IAAI,uBAAuB;QAC3E,MAAM,EAAE,IAAI,EAAE,MAAM;KACrB,CAAC;AACJ,CAAC;AAaD,SAAS,cAAc,CACrB,IAAY,EACZ,KAAa,EACb,KAAkB,EAClB,MAAe;IAEf,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,IAAI,kBAAkB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACvD,KAAK,CAAC,IAAI,CAAC,QAAQ,KAAK,CAAC,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC;IACxC,IAAI,KAAK,CAAC,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,UAAU,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IACvD,KAAK,CAAC,IAAI,CAAC,YAAY,KAAK,CAAC,QAAQ,IAAI,KAAK,EAAE,CAAC,CAAC;IAClD,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvB,IAAI,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACjC,IAAI,OAAO,KAAK,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QACrC,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAqB,EACrB,OAAuB;IAEvB,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,oBAAoB,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC/E,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;IACpE,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,OAAO,CAAC,IAAI,CACV,cAAc,CAAC,eAAe,EAAE,MAAM,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,MAAM,CAAC,CACjH,CAAC;IACF,OAAO,CAAC,IAAI,CACV,cAAc,CAAC,mBAAmB,EAAE,MAAM,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,MAAM,CAAC,CACzH,CAAC;IACF,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,OAAO,CAAC,IAAI,CACV,cAAc,CACZ,oBAAoB,EACpB,MAAM,CAAC,YAAY,EACnB;YACE,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,oBAAoB;YAC5B,QAAQ,EAAE,QAAQ;YAClB,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC9B,EACD,MAAM,CACP,CACF,CAAC;IACJ,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,wBAAwB,CAAC,OAAuB;IAC9D,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACzD,OAAO;QACL,cAAc,CAAC,eAAe,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,MAAM,CAAC;QACzF,cAAc,CAAC,mBAAmB,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,MAAM,CAAC;QAC7F,cAAc,CACZ,oBAAoB,EACpB,EAAE,EACF,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EACnF,MAAM,CACP;KACF,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,2BAA2B,GAAG,GAAG,CAAC;AAExC;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAAC,QAAgB;IACnD,OAAO,kBAAkB,QAAQ,EAAE,CAAC;AACtC,CAAC;AA8BD;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,UAAU,qBAAqB,CACnC,QAAgB,EAChB,KAAa,EACb,OAAiC;IAEjC,MAAM,MAAM,GAAG,OAAO,EAAE,MAAM,IAAI,aAAa,EAAE,CAAC;IAClD,OAAO,cAAc,CACnB,oBAAoB,CAAC,QAAQ,CAAC,EAC9B,KAAK,EACL;QACE,IAAI,EAAE,OAAO,EAAE,IAAI,IAAI,OAAO;QAC9B,MAAM,EAAE,OAAO,EAAE,aAAa,IAAI,2BAA2B;QAC7D,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACvD,EACD,MAAM,CACP,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CACnC,QAAgB,EAChB,OAAqE;IAErE,MAAM,MAAM,GAAG,OAAO,EAAE,MAAM,IAAI,aAAa,EAAE,CAAC;IAClD,OAAO,cAAc,CACnB,oBAAoB,CAAC,QAAQ,CAAC,EAC9B,EAAE,EACF;QACE,IAAI,EAAE,OAAO,EAAE,IAAI,IAAI,OAAO;QAC9B,MAAM,EAAE,CAAC;QACT,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACvD,EACD,MAAM,CACP,CAAC;AACJ,CAAC;AAwBD;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,mBAAmB,CACjC,WAAmB,EACnB,OAA4B;IAE5B,MAAM,IAAI,GAAG,WAAW,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IAC5D,IAAI,CAAC,IAAI;QAAE,OAAO,SAAS,CAAC;IAC5B,MAAM,IAAI,GAAG,OAAO,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC;IAChD,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC,EAAE,CAAC;QAC/C,OAAO,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;IAChD,CAAC;IACD,kEAAkE;IAClE,iCAAiC;IACjC,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;AACpC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAClC,eAA0C,EAC1C,IAAY;IAEZ,IAAI,CAAC,eAAe;QAAE,OAAO,IAAI,CAAC;IAClC,MAAM,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC;IAC1B,IAAI,KAAK,GAAkB,IAAI,CAAC;IAChC,KAAK,MAAM,IAAI,IAAI,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC;gBACH,KAAK,GAAG,kBAAkB,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC;YAC3D,CAAC;YAAC,MAAM,CAAC;gBACP,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}
|
|
@@ -25,6 +25,7 @@
|
|
|
25
25
|
*/
|
|
26
26
|
import { type APIGatewayProxyEventV2, type APIGatewayProxyResultV2, type Context as LambdaContext } from 'aws-lambda';
|
|
27
27
|
import { type RequestContext } from '@venturekit/runtime';
|
|
28
|
+
import { type CookieOptions } from './cookies.js';
|
|
28
29
|
import { type AuthServerConfig } from './config.js';
|
|
29
30
|
import { type FederatedProfile, type FederatedProvider } from './federated.js';
|
|
30
31
|
/**
|
|
@@ -97,6 +98,34 @@ export interface FederatedAuthRoutesOptions {
|
|
|
97
98
|
* which reads from env. Pass an explicit config in tests.
|
|
98
99
|
*/
|
|
99
100
|
config?: AuthServerConfig;
|
|
101
|
+
/**
|
|
102
|
+
* Cookie attributes for EVERY cookie these routes emit — the session
|
|
103
|
+
* trio, its clears, and the OAuth `state` cookie. Accepts a static
|
|
104
|
+
* bag or a per-request function of the live context (needed when the
|
|
105
|
+
* `domain` depends on the request host, e.g. white-label tenants —
|
|
106
|
+
* combine `getRequestHost` from `@venturekit/runtime` with
|
|
107
|
+
* {@link resolveCookieDomain}).
|
|
108
|
+
*
|
|
109
|
+
* The state cookie's `Path` follows {@link CookieOptions.refreshPath}:
|
|
110
|
+
* both cookies live under "the auth prefix as the browser sees it",
|
|
111
|
+
* so an app behind a same-origin `/api` proxy sets
|
|
112
|
+
* `refreshPath: '/api/auth'` once and both are scoped correctly.
|
|
113
|
+
*
|
|
114
|
+
* Omit for VK defaults (host-only, `Path=/auth`, Secure outside
|
|
115
|
+
* `vk dev`).
|
|
116
|
+
*
|
|
117
|
+
* @example
|
|
118
|
+
* ```ts
|
|
119
|
+
* createFederatedAuthRoutes({
|
|
120
|
+
* provider: 'linkedin',
|
|
121
|
+
* cookieOptions: (ctx) => ({
|
|
122
|
+
* refreshPath: '/api/auth',
|
|
123
|
+
* domain: resolveCookieDomain(getRequestHost(ctx), { platformApex: 'example.com' }),
|
|
124
|
+
* }),
|
|
125
|
+
* });
|
|
126
|
+
* ```
|
|
127
|
+
*/
|
|
128
|
+
cookieOptions?: CookieOptions | ((ctx: RequestContext) => CookieOptions);
|
|
100
129
|
}
|
|
101
130
|
export interface FederatedCallbackResult<App = unknown> {
|
|
102
131
|
user: {
|
|
@@ -112,27 +141,5 @@ export interface FederatedAuthRoutes {
|
|
|
112
141
|
callback: (event: APIGatewayProxyEventV2, context: LambdaContext) => Promise<APIGatewayProxyResultV2>;
|
|
113
142
|
logout: (event: APIGatewayProxyEventV2, context: LambdaContext) => Promise<APIGatewayProxyResultV2>;
|
|
114
143
|
}
|
|
115
|
-
/**
|
|
116
|
-
* Build the start / callback / logout Lambda handlers for a given
|
|
117
|
-
* federated provider.
|
|
118
|
-
*
|
|
119
|
-
* The returned handlers are ready to drop into a VentureKit route
|
|
120
|
-
* tree:
|
|
121
|
-
*
|
|
122
|
-
* ```ts
|
|
123
|
-
* // src/routes/auth/linkedin/start/post.ts
|
|
124
|
-
* import { createFederatedAuthRoutes } from '@venturekit/auth/server';
|
|
125
|
-
* import { onLinkedInSignIn } from '../../../../lib/users.js';
|
|
126
|
-
* import { tenancy } from '../../../../lib/tenancy.js';
|
|
127
|
-
*
|
|
128
|
-
* const routes = createFederatedAuthRoutes({
|
|
129
|
-
* provider: 'linkedin',
|
|
130
|
-
* onSignIn: onLinkedInSignIn,
|
|
131
|
-
* middleware: [tenancy],
|
|
132
|
-
* });
|
|
133
|
-
*
|
|
134
|
-
* export const main = routes.start;
|
|
135
|
-
* ```
|
|
136
|
-
*/
|
|
137
144
|
export declare function createFederatedAuthRoutes(options: FederatedAuthRoutesOptions): FederatedAuthRoutes;
|
|
138
145
|
//# sourceMappingURL=federated-routes.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"federated-routes.d.ts","sourceRoot":"","sources":["../../src/server/federated-routes.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,OAAO,EACL,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,EAC5B,KAAK,OAAO,IAAI,aAAa,EAC9B,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,KAAK,cAAc,EAMpB,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"federated-routes.d.ts","sourceRoot":"","sources":["../../src/server/federated-routes.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,OAAO,EACL,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,EAC5B,KAAK,OAAO,IAAI,aAAa,EAC9B,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,KAAK,cAAc,EAMpB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EACL,KAAK,aAAa,EASnB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAwB,KAAK,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC1E,OAAO,EACL,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EAMvB,MAAM,gBAAgB,CAAC;AAIxB;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC;;;OAGG;IACH,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;;GAGG;AACH,MAAM,WAAW,qBAAqB;IACpC,6DAA6D;IAC7D,OAAO,EAAE,gBAAgB,CAAC;IAC1B,0DAA0D;IAC1D,UAAU,EAAE,MAAM,CAAC;IACnB;;;;OAIG;IACH,GAAG,EAAE,cAAc,CAAC;CACrB;AAED;;;;GAIG;AACH,MAAM,MAAM,uBAAuB,GAAG,OAAO,CAAC;AAE9C,MAAM,WAAW,0BAA0B;IACzC,uCAAuC;IACvC,QAAQ,EAAE,iBAAiB,CAAC;IAC5B;;;;;;OAMG;IACH,QAAQ,CAAC,EAAE,CACT,IAAI,EAAE,qBAAqB,KACxB,OAAO,CAAC,uBAAuB,CAAC,GAAG,uBAAuB,CAAC;IAChE;;;;;;OAMG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,qBAAqB,EAAE,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;IACxE;;;OAGG;IACH,MAAM,CAAC,EAAE,gBAAgB,CAAC;IAC1B;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,aAAa,CAAC,EAAE,aAAa,GAAG,CAAC,CAAC,GAAG,EAAE,cAAc,KAAK,aAAa,CAAC,CAAC;CAC1E;AAED,MAAM,WAAW,uBAAuB,CAAC,GAAG,GAAG,OAAO;IACpD,IAAI,EAAE;QACJ,EAAE,EAAE,MAAM,CAAC;QACX,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;KACf,CAAC;IACF,gEAAgE;IAChE,GAAG,CAAC,EAAE,GAAG,CAAC;CACX;AAED,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,CACL,KAAK,EAAE,sBAAsB,EAC7B,OAAO,EAAE,aAAa,KACnB,OAAO,CAAC,uBAAuB,CAAC,CAAC;IACtC,QAAQ,EAAE,CACR,KAAK,EAAE,sBAAsB,EAC7B,OAAO,EAAE,aAAa,KACnB,OAAO,CAAC,uBAAuB,CAAC,CAAC;IACtC,MAAM,EAAE,CACN,KAAK,EAAE,sBAAsB,EAC7B,OAAO,EAAE,aAAa,KACnB,OAAO,CAAC,uBAAuB,CAAC,CAAC;CACvC;AAwCD,wBAAgB,yBAAyB,CACvC,OAAO,EAAE,0BAA0B,GAClC,mBAAmB,CA4IrB"}
|
|
@@ -26,9 +26,32 @@ import { verifyAndDecode } from './verify.js';
|
|
|
26
26
|
* export const main = routes.start;
|
|
27
27
|
* ```
|
|
28
28
|
*/
|
|
29
|
+
/**
|
|
30
|
+
* Map a {@link CookieOptions} bag onto the OAuth state cookie's option
|
|
31
|
+
* shape: `refreshPath` becomes the state cookie `path` (both are "the
|
|
32
|
+
* auth prefix as the browser sees it"), `secure`/`domain` carry over.
|
|
33
|
+
*/
|
|
34
|
+
function toStateCookieOptions(co) {
|
|
35
|
+
if (!co)
|
|
36
|
+
return undefined;
|
|
37
|
+
return {
|
|
38
|
+
...(co.secure !== undefined ? { secure: co.secure } : {}),
|
|
39
|
+
...(co.refreshPath !== undefined ? { path: co.refreshPath } : {}),
|
|
40
|
+
...(co.domain !== undefined ? { domain: co.domain } : {}),
|
|
41
|
+
};
|
|
42
|
+
}
|
|
29
43
|
export function createFederatedAuthRoutes(options) {
|
|
30
44
|
const { provider, transactional = true } = options;
|
|
31
45
|
const extraMiddleware = options.middleware ?? [];
|
|
46
|
+
// Resolved per request: the right Domain attribute can differ by
|
|
47
|
+
// request host (white-label tenants), so a function option is
|
|
48
|
+
// re-evaluated on every call. Start and callback are separate
|
|
49
|
+
// requests from the same browser origin, so both resolve to the
|
|
50
|
+
// same attributes and the callback's state-cookie clear matches
|
|
51
|
+
// the start's set.
|
|
52
|
+
const cookieOptionsFor = (ctx) => typeof options.cookieOptions === 'function'
|
|
53
|
+
? options.cookieOptions(ctx)
|
|
54
|
+
: options.cookieOptions;
|
|
32
55
|
// ─── start ──────────────────────────────────────────────
|
|
33
56
|
// The handler body owns the `state` so it can both stash the
|
|
34
57
|
// CSRF cookie and embed the value in the authorize URL. A
|
|
@@ -44,7 +67,7 @@ export function createFederatedAuthRoutes(options) {
|
|
|
44
67
|
redirectUri: body.redirectUri,
|
|
45
68
|
state,
|
|
46
69
|
});
|
|
47
|
-
setCookie(ctx, buildOAuthStateCookie(provider, state));
|
|
70
|
+
setCookie(ctx, buildOAuthStateCookie(provider, state, toStateCookieOptions(cookieOptionsFor(ctx))));
|
|
48
71
|
return { authorizeUrl };
|
|
49
72
|
}, { status: 200, middleware: extraMiddleware });
|
|
50
73
|
// ─── callback ───────────────────────────────────────────
|
|
@@ -82,10 +105,11 @@ export function createFederatedAuthRoutes(options) {
|
|
|
82
105
|
if (options.onSignIn) {
|
|
83
106
|
appResult = await options.onSignIn({ profile, cognitoSub, ctx });
|
|
84
107
|
}
|
|
85
|
-
|
|
108
|
+
const cookieOptions = cookieOptionsFor(ctx);
|
|
109
|
+
for (const cookie of buildSessionCookies(tokens, cookieOptions)) {
|
|
86
110
|
setCookie(ctx, cookie);
|
|
87
111
|
}
|
|
88
|
-
setCookie(ctx, clearOAuthStateCookie(provider));
|
|
112
|
+
setCookie(ctx, clearOAuthStateCookie(provider, toStateCookieOptions(cookieOptions)));
|
|
89
113
|
return {
|
|
90
114
|
user: {
|
|
91
115
|
id: cognitoSub,
|
|
@@ -108,7 +132,10 @@ export function createFederatedAuthRoutes(options) {
|
|
|
108
132
|
if (refreshToken) {
|
|
109
133
|
await revokeRefreshToken(refreshToken, options.config);
|
|
110
134
|
}
|
|
111
|
-
|
|
135
|
+
// Clears must carry the same Domain/Path attributes as the set
|
|
136
|
+
// cookies, or the browser keeps the originals — hence the same
|
|
137
|
+
// per-request options resolution.
|
|
138
|
+
for (const cookie of buildClearSessionCookies(cookieOptionsFor(ctx))) {
|
|
112
139
|
setCookie(ctx, cookie);
|
|
113
140
|
}
|
|
114
141
|
return { ok: true };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"federated-routes.js","sourceRoot":"","sources":["../../src/server/federated-routes.ts"],"names":[],"mappings":"AA+BA,OAAO,EAEL,eAAe,EACf,aAAa,EACb,iBAAiB,EACjB,OAAO,EACP,SAAS,GACV,MAAM,qBAAqB,CAAC;AAE7B,OAAO,
|
|
1
|
+
{"version":3,"file":"federated-routes.js","sourceRoot":"","sources":["../../src/server/federated-routes.ts"],"names":[],"mappings":"AA+BA,OAAO,EAEL,eAAe,EACf,aAAa,EACb,iBAAiB,EACjB,OAAO,EACP,SAAS,GACV,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAGL,qBAAqB,EACrB,wBAAwB,EACxB,mBAAmB,EACnB,qBAAqB,EACrB,oBAAoB,EACpB,oBAAoB,EACpB,oBAAoB,GACrB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,oBAAoB,EAAyB,MAAM,aAAa,CAAC;AAC1E,OAAO,EAGL,iBAAiB,EACjB,yBAAyB,EACzB,kBAAkB,EAClB,qBAAqB,EACrB,gBAAgB,GACjB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAqI9C;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH;;;;GAIG;AACH,SAAS,oBAAoB,CAC3B,EAA6B;IAE7B,IAAI,CAAC,EAAE;QAAE,OAAO,SAAS,CAAC;IAC1B,OAAO;QACL,GAAG,CAAC,EAAE,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACzD,GAAG,CAAC,EAAE,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjE,GAAG,CAAC,EAAE,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC1D,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,yBAAyB,CACvC,OAAmC;IAEnC,MAAM,EAAE,QAAQ,EAAE,aAAa,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;IACnD,MAAM,eAAe,GAAG,OAAO,CAAC,UAAU,IAAI,EAAE,CAAC;IACjD,iEAAiE;IACjE,8DAA8D;IAC9D,8DAA8D;IAC9D,gEAAgE;IAChE,gEAAgE;IAChE,mBAAmB;IACnB,MAAM,gBAAgB,GAAG,CAAC,GAAmB,EAA6B,EAAE,CAC1E,OAAO,OAAO,CAAC,aAAa,KAAK,UAAU;QACzC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC;QAC5B,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC;IAE5B,2DAA2D;IAC3D,6DAA6D;IAC7D,0DAA0D;IAC1D,iEAAiE;IACjE,iEAAiE;IACjE,MAAM,KAAK,GAAG,OAAO,CACnB,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE;QAClB,IAAI,CAAC,IAAI,EAAE,WAAW,IAAI,OAAO,IAAI,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YAC/D,MAAM,IAAI,eAAe,CAAC,yBAAyB,CAAC,CAAC;QACvD,CAAC;QACD,MAAM,KAAK,GAAG,kBAAkB,EAAE,CAAC;QACnC,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC;YAC3C,QAAQ;YACR,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,KAAK;SACN,CAAC,CAAC;QACH,SAAS,CACP,GAAG,EACH,qBAAqB,CAAC,QAAQ,EAAE,KAAK,EAAE,oBAAoB,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,CACpF,CAAC;QACF,OAAO,EAAE,YAAY,EAAE,CAAC;IAC1B,CAAC,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,EAAE,eAAe,EAAE,CAC7C,CAAC;IAEF,2DAA2D;IAC3D,MAAM,QAAQ,GAAG,OAAO,CAItB,KAAK,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE;QAClB,IAAI,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC,IAAI,EAAE,KAAK,IAAI,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC;YACtD,MAAM,IAAI,eAAe,CAAC,0CAA0C,CAAC,CAAC;QACxE,CAAC;QAED,MAAM,YAAY,GAChB,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,QAAQ,CAAC;YAChC,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,QAAQ,CAAC;YAChC,IAAI,CAAC;QACP,MAAM,WAAW,GAAG,oBAAoB,CACtC,YAAY,EACZ,oBAAoB,CAAC,QAAQ,CAAC,CAC/B,CAAC;QACF,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,IAAI,SAAS,CAAC,EAAE,CAAC;YAC5D,MAAM,IAAI,iBAAiB,CAAC,qBAAqB,CAAC,CAAC;QACrD,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,yBAAyB,CAAC;YAC9C,QAAQ;YACR,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,qBAAqB,CACxC,EAAE,QAAQ,EAAE,OAAO,EAAE,EACrB,OAAO,CAAC,MAAM,CACf,CAAC;QAEF,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,oBAAoB,EAAE,CAAC;QACxD,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,MAAM,CAAC,OAAO,EAAE;YACnD,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,QAAQ,EAAE,MAAM,CAAC,WAAW;YAC5B,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,MAAM,CAAC,QAAQ;SAC1B,CAAC,CAAC;QACH,MAAM,UAAU,GACd,MAAM,IAAI,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,QAAQ;YACzC,CAAC,CAAE,MAAM,CAAC,KAAK,CAAY;YAC3B,CAAC,CAAC,IAAI,CAAC;QACX,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,aAAa,CAAC,oCAAoC,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,SAA8C,CAAC;QACnD,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,SAAS,GAAG,MAAM,OAAO,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;QACnE,CAAC;QAED,MAAM,aAAa,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;QAC5C,KAAK,MAAM,MAAM,IAAI,mBAAmB,CAAC,MAAM,EAAE,aAAa,CAAC,EAAE,CAAC;YAChE,SAAS,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACzB,CAAC;QACD,SAAS,CAAC,GAAG,EAAE,qBAAqB,CAAC,QAAQ,EAAE,oBAAoB,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;QAErF,OAAO;YACL,IAAI,EAAE;gBACJ,EAAE,EAAE,UAAU;gBACd,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAChD;YACD,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACvD,CAAC;IACJ,CAAC,EACD;QACE,MAAM,EAAE,GAAG;QACX,aAAa;QACb,UAAU,EAAE,eAAe;KAC5B,CACF,CAAC;IAEF,2DAA2D;IAC3D,MAAM,MAAM,GAAG,OAAO,CACpB,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;QACnB,MAAM,YAAY,GAChB,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,QAAQ,CAAC;YAChC,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,QAAQ,CAAC;YAChC,IAAI,CAAC;QACP,MAAM,YAAY,GAAG,oBAAoB,CACvC,YAAY,EACZ,oBAAoB,CACrB,CAAC;QACF,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,kBAAkB,CAAC,YAAY,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QACzD,CAAC;QACD,+DAA+D;QAC/D,+DAA+D;QAC/D,kCAAkC;QAClC,KAAK,MAAM,MAAM,IAAI,wBAAwB,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YACrE,SAAS,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC;IACtB,CAAC,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;IAEF,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;AACrC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"federated.d.ts","sourceRoot":"","sources":["../../src/server/federated.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAYH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"federated.d.ts","sourceRoot":"","sources":["../../src/server/federated.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAYH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAKpD,OAAO,EAAuB,KAAK,YAAY,EAAE,MAAM,aAAa,CAAC;AAErE,MAAM,MAAM,iBAAiB,GAAG,QAAQ,GAAG,UAAU,GAAG,OAAO,GAAG,UAAU,CAAC;AAE7E;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,mEAAmE;IACnE,UAAU,EAAE,MAAM,CAAC;IACnB,qEAAqE;IACrE,KAAK,EAAE,MAAM,CAAC;IACd,sEAAsE;IACtE,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,4BAA4B;IAC3C,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB;AAQD;;;;;;;;;;;;GAYG;AACH,wBAAsB,gCAAgC,CACpD,QAAQ,EAAE,iBAAiB,EAC3B,GAAG,GAAE,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAe,GACxE,OAAO,CAAC,4BAA4B,CAAC,CA+EvC;AAED,mEAAmE;AACnE,wBAAgB,oCAAoC,IAAI,IAAI,CAE3D;AAMD;;;;;;GAMG;AACH,wBAAgB,kBAAkB,IAAI,MAAM,CAE3C;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAC9B,SAAS,EAAE,MAAM,GAAG,SAAS,EAC7B,UAAU,EAAE,MAAM,GAAG,SAAS,GAC7B,OAAO,CAMT;AAoDD,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,iBAAiB,CAAC;IAC5B;;;;OAIG;IACH,WAAW,EAAE,MAAM,CAAC;IACpB,4CAA4C;IAC5C,KAAK,EAAE,MAAM,CAAC;IACd,iEAAiE;IACjE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB;;;;OAIG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACtC;AAED;;;;;;GAMG;AACH,wBAAsB,iBAAiB,CACrC,KAAK,EAAE,sBAAsB,EAC7B,GAAG,GAAE,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAe,GACxE,OAAO,CAAC,MAAM,CAAC,CAejB;AAMD,MAAM,WAAW,8BAA8B;IAC7C,QAAQ,EAAE,iBAAiB,CAAC;IAC5B,gEAAgE;IAChE,IAAI,EAAE,MAAM,CAAC;IACb;;;;OAIG;IACH,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;;;GAIG;AACH,wBAAsB,yBAAyB,CAC7C,KAAK,EAAE,8BAA8B,EACrC,GAAG,GAAE,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAe,GACxE,OAAO,CAAC,gBAAgB,CAAC,CA+B3B;AA8ND,MAAM,WAAW,0BAA0B;IACzC,+DAA+D;IAC/D,OAAO,EAAE,gBAAgB,CAAC;IAC1B,+DAA+D;IAC/D,QAAQ,EAAE,iBAAiB,CAAC;IAC5B;;;OAGG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC3C;;;OAGG;IACH,uBAAuB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClD;AAED;;;;;;;GAOG;AACH,wBAAsB,qBAAqB,CACzC,KAAK,EAAE,0BAA0B,EACjC,MAAM,GAAE,gBAAyC,GAChD,OAAO,CAAC,YAAY,CAAC,CA6HvB"}
|
package/dist/server/federated.js
CHANGED
|
@@ -41,6 +41,7 @@ import { createHmac, randomBytes, timingSafeEqual } from 'node:crypto';
|
|
|
41
41
|
import { loadAuthServerConfig } from './config.js';
|
|
42
42
|
import { getCognitoClient } from './cognito-client.js';
|
|
43
43
|
import { AuthError, mapProviderError } from './errors.js';
|
|
44
|
+
import { decodeJwtClaims } from './token-utils.js';
|
|
44
45
|
import { extractSignInTokens } from './tokens.js';
|
|
45
46
|
// ────────────────────────────────────────────────────────────────────
|
|
46
47
|
// Provider-credential resolution (Secrets Manager → cached)
|
|
@@ -359,22 +360,17 @@ async function exchangeLinkedIn(code, redirectUri, clientId, clientSecret) {
|
|
|
359
360
|
return profile;
|
|
360
361
|
}
|
|
361
362
|
/**
|
|
362
|
-
* Decode a JWT payload **without** verifying the signature
|
|
363
|
+
* Decode a JWT payload **without** verifying the signature — safe here
|
|
363
364
|
* because the caller just fetched the token over TLS from the IdP's
|
|
364
|
-
* own token endpoint
|
|
365
|
+
* own token endpoint. Thin throwing wrapper over the shared
|
|
366
|
+
* `decodeJwtClaims` (token-utils.ts).
|
|
365
367
|
*/
|
|
366
368
|
function decodeJwtPayload(jwt) {
|
|
367
|
-
const
|
|
368
|
-
if (
|
|
369
|
-
throw new AuthError('federated_token_invalid', 'Malformed JWT', 401);
|
|
370
|
-
}
|
|
371
|
-
try {
|
|
372
|
-
const payload = Buffer.from(parts[1], 'base64url').toString('utf-8');
|
|
373
|
-
return JSON.parse(payload);
|
|
374
|
-
}
|
|
375
|
-
catch {
|
|
369
|
+
const claims = decodeJwtClaims(jwt);
|
|
370
|
+
if (!claims) {
|
|
376
371
|
throw new AuthError('federated_token_invalid', 'Malformed JWT', 401);
|
|
377
372
|
}
|
|
373
|
+
return claims;
|
|
378
374
|
}
|
|
379
375
|
/**
|
|
380
376
|
* Sign a verified federated user in. Creates the Cognito user on
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"federated.js","sourceRoot":"","sources":["../../src/server/federated.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAEH,OAAO,EACL,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,EACxB,2BAA2B,EAC3B,gCAAgC,GAGjC,MAAM,2CAA2C,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEvE,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC1D,OAAO,EAAE,mBAAmB,EAAqB,MAAM,aAAa,CAAC;AAsBrE,uEAAuE;AACvE,4DAA4D;AAC5D,uEAAuE;AAEvE,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAmD,CAAC;AAEpF;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,gCAAgC,CACpD,QAA2B,EAC3B,MAA8D,OAAO,CAAC,GAAG;IAEzE,MAAM,MAAM,GAAG,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC9C,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,qEAAqE;IACrE,yDAAyD;IACzD,MAAM,WAAW,GAAG,qBAAqB,QAAQ,CAAC,WAAW,EAAE,YAAY,CAAC;IAC5E,MAAM,eAAe,GAAG,qBAAqB,QAAQ,CAAC,WAAW,EAAE,gBAAgB,CAAC;IACpF,MAAM,WAAW,GAAG,GAAG,CAAC,WAAW,CAAC,CAAC;IACrC,MAAM,eAAe,GAAG,GAAG,CAAC,eAAe,CAAC,CAAC;IAC7C,IAAI,WAAW,IAAI,eAAe,EAAE,CAAC;QACnC,MAAM,KAAK,GAAiC;YAC1C,QAAQ,EAAE,WAAW;YACrB,YAAY,EAAE,eAAe;SAC9B,CAAC;QACF,gBAAgB,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACtC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,MAAM,GAAG,qBAAqB,QAAQ,CAAC,WAAW,EAAE,aAAa,CAAC;IACxE,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;IACxB,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,IAAI,QAAQ,qBAAqB,MAAM,aAAa;YAClD,kBAAkB,QAAQ,0CAA0C;YACpE,iEAAiE;YACjE,qEAAqE,EACvE,GAAG,CACJ,CAAC;IACJ,CAAC;IAED,MAAM,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,GAAG,MAAM,MAAM,CAClE,iCAAiC,CAClC,CAAC;IACF,MAAM,MAAM,GAAG,IAAI,oBAAoB,CAAC;QACtC,MAAM,EAAE,GAAG,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC;KACnD,CAAC,CAAC;IACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,qBAAqB,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;IAC5E,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QACtB,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,IAAI,QAAQ,2BAA2B,GAAG,WAAW,EACrD,GAAG,CACJ,CAAC;IACJ,CAAC;IAED,IAAI,MAAoD,CAAC;IACzD,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAkB,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,IAAI,QAAQ,2BAA2B,GAAG,oBAAoB,EAC9D,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,IACE,CAAC,MAAM,CAAC,QAAQ;QAChB,CAAC,MAAM,CAAC,YAAY;QACpB,MAAM,CAAC,QAAQ,KAAK,aAAa;QACjC,MAAM,CAAC,YAAY,KAAK,aAAa,EACrC,CAAC;QACD,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,IAAI,QAAQ,2BAA2B,GAAG,mBAAmB;YAC3D,6DAA6D;YAC7D,4DAA4D;YAC5D,eAAe,GAAG,wDAAwD,EAC5E,GAAG,CACJ,CAAC;IACJ,CAAC;IAED,MAAM,KAAK,GAAiC;QAC1C,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,YAAY,EAAE,MAAM,CAAC,YAAY;KAClC,CAAC;IACF,gBAAgB,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IACtC,OAAO,KAAK,CAAC;AACf,CAAC;AAED,mEAAmE;AACnE,MAAM,UAAU,oCAAoC;IAClD,gBAAgB,CAAC,KAAK,EAAE,CAAC;AAC3B,CAAC;AAED,uEAAuE;AACvE,2CAA2C;AAC3C,uEAAuE;AAEvE;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC/C,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAC9B,SAA6B,EAC7B,UAA8B;IAE9B,IAAI,CAAC,SAAS,IAAI,CAAC,UAAU;QAAE,OAAO,KAAK,CAAC;IAC5C,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACjC,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAClC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACxC,OAAO,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AAC/B,CAAC;AAaD,MAAM,kBAAkB,GAAiD;IACvE,MAAM,EAAE;QACN,SAAS,EAAE,8CAA8C;QACzD,KAAK,EAAE,qCAAqC;QAC5C,mEAAmE;QACnE,8DAA8D;QAC9D,aAAa,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC;KAC9C;IACD,QAAQ,EAAE;QACR,SAAS,EAAE,6CAA6C;QACxD,KAAK,EAAE,qDAAqD;QAC5D,+DAA+D;QAC/D,6DAA6D;QAC7D,aAAa,EAAE,CAAC,OAAO,EAAE,gBAAgB,CAAC;KAC3C;IACD,KAAK,EAAE;QACL,SAAS,EAAE,0CAA0C;QACrD,KAAK,EAAE,sCAAsC;QAC7C,kEAAkE;QAClE,8DAA8D;QAC9D,aAAa,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;KACjC;IACD,QAAQ,EAAE;QACR,+DAA+D;QAC/D,+DAA+D;QAC/D,kEAAkE;QAClE,wEAAwE;QACxE,SAAS,EAAE,iDAAiD;QAC5D,KAAK,EAAE,+CAA+C;QACtD,8DAA8D;QAC9D,4DAA4D;QAC5D,aAAa,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;KAC9C;CACF,CAAC;AA0BF;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,KAA6B,EAC7B,MAA8D,OAAO,CAAC,GAAG;IAEzE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;IACpE,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,gCAAgC,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IAC3E,MAAM,SAAS,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAE/C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IACzC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAC9C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAC5C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;IAClD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,MAAM,IAAI,SAAS,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAC7E,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACrC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,IAAI,EAAE,CAAC,EAAE,CAAC;QACvD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7B,CAAC;IACD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AAkBD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,KAAqC,EACrC,MAA8D,OAAO,CAAC,GAAG;IAEzE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;IAC9C,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,MAAM,gCAAgC,CACvE,QAAQ,EACR,GAAG,CACJ,CAAC;IACF,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,QAAQ;YACX,OAAO,cAAc,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QACnE,KAAK,UAAU;YACb,OAAO,gBAAgB,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QACrE,KAAK,UAAU;YACb,OAAO,gBAAgB,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QACrE,KAAK,OAAO;YACV,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,iEAAiE;gBAC/D,iEAAiE;gBACjE,uDAAuD,EACzD,GAAG,CACJ,CAAC;QACJ,OAAO,CAAC,CAAC,CAAC;YACR,MAAM,WAAW,GAAU,QAAQ,CAAC;YACpC,KAAK,WAAW,CAAC;YACjB,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,+BAA+B,MAAM,CAAC,QAAQ,CAAC,EAAE,EACjD,GAAG,CACJ,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,WAAmB,EACnB,QAAgB,EAChB,YAAoB;IAEpB,oEAAoE;IACpE,qEAAqE;IACrE,gEAAgE;IAChE,kEAAkE;IAClE,gEAAgE;IAChE,kEAAkE;IAClE,wCAAwC;IACxC,4FAA4F;IAC5F,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,IAAI;QACJ,SAAS,EAAE,QAAQ;QACnB,aAAa,EAAE,YAAY;QAC3B,YAAY,EAAE,WAAW;QACzB,UAAU,EAAE,oBAAoB;KACjC,CAAC,CAAC;IACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,kBAAkB,CAAC,MAAM,CAAC,KAAK,EAAE;QAC5D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI;KACL,CAAC,CAAC;IACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,sCAAsC,QAAQ,CAAC,MAAM,KAAK;YACxD,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,EACzC,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,SAAS,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAGvC,CAAC;IACF,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;QACxB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,4CAA4C,EAC5C,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IACpD,MAAM,GAAG,GAAG,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,MAAM,CAAC,KAAK,CAAY,CAAC,CAAC,CAAC,IAAI,CAAC;IACjF,MAAM,KAAK,GACT,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,QAAQ;QACjC,CAAC,CAAE,MAAM,CAAC,OAAO,CAAY,CAAC,WAAW,EAAE;QAC3C,CAAC,CAAC,IAAI,CAAC;IACX,MAAM,aAAa,GAAG,MAAM,CAAC,gBAAgB,CAAC,KAAK,IAAI,CAAC;IACxD,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,IAAI,CAAC,aAAa,EAAE,CAAC;QACrC,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,uDAAuD,EACvD,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GACR,OAAO,MAAM,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,MAAM,CAAC,MAAM,CAAY,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9E,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AAC1C,CAAC;AAED,KAAK,UAAU,gBAAgB,CAC7B,IAAY,EACZ,WAAmB,EACnB,QAAgB,EAChB,YAAoB;IAEpB,kEAAkE;IAClE,kEAAkE;IAClE,wDAAwD;IACxD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,kBAAkB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC5D,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACxC,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IACjD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;IACzD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;IACvD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,CAAC;IACvC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,wCAAwC,QAAQ,CAAC,MAAM,KAAK;YAC1D,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,EACzC,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,SAAS,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA8B,CAAC;IACvE,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,CAAC;QAC5B,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,kDAAkD,EAClD,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,iEAAiE;IACjE,qEAAqE;IACrE,MAAM,KAAK,GAAG,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC;SAC7C,MAAM,CAAC,SAAS,CAAC,YAAY,CAAC;SAC9B,MAAM,CAAC,KAAK,CAAC,CAAC;IACjB,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,qCAAqC,CAAC,CAAC;IAC7D,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IAClD,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC;IAC/D,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;QACd,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,6BAA6B,KAAK,CAAC,MAAM,GAAG,EAC5C,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,EAAE,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,EAAE,CAI7B,CAAC;IACF,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QACxB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,mEAAmE,EACnE,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,OAAO;QACL,UAAU,EAAE,EAAE,CAAC,EAAE;QACjB,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE;QAC7B,IAAI,EAAE,EAAE,CAAC,IAAI;KACd,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,gBAAgB,CAC7B,IAAY,EACZ,WAAmB,EACnB,QAAgB,EAChB,YAAoB;IAEpB,sEAAsE;IACtE,oEAAoE;IACpE,gEAAgE;IAChE,iEAAiE;IACjE,qEAAqE;IACrE,oEAAoE;IACpE,iEAAiE;IACjE,gCAAgC;IAChC,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,IAAI;QACJ,SAAS,EAAE,QAAQ;QACnB,aAAa,EAAE,YAAY;QAC3B,YAAY,EAAE,WAAW;QACzB,UAAU,EAAE,oBAAoB;KACjC,CAAC,CAAC;IACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,kBAAkB,CAAC,QAAQ,CAAC,KAAK,EAAE;QAC9D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI;KACL,CAAC,CAAC;IACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,wCAAwC,QAAQ,CAAC,MAAM,KAAK;YAC1D,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,EACzC,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,SAAS,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAGvC,CAAC;IACF,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;QACxB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,+DAA+D;YAC7D,gEAAgE;YAChE,iDAAiD,EACnD,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IACpD,MAAM,GAAG,GAAG,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,MAAM,CAAC,KAAK,CAAY,CAAC,CAAC,CAAC,IAAI,CAAC;IACjF,MAAM,KAAK,GACT,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,QAAQ;QACjC,CAAC,CAAE,MAAM,CAAC,OAAO,CAAY,CAAC,WAAW,EAAE;QAC3C,CAAC,CAAC,IAAI,CAAC;IACX,iEAAiE;IACjE,yDAAyD;IACzD,MAAM,aAAa,GACjB,MAAM,CAAC,gBAAgB,CAAC,KAAK,IAAI,IAAI,MAAM,CAAC,gBAAgB,CAAC,KAAK,MAAM,CAAC;IAC3E,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,IAAI,CAAC,aAAa,EAAE,CAAC;QACrC,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,oEAAoE;YAClE,yCAAyC,EAC3C,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GACR,OAAO,MAAM,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,MAAM,CAAC,MAAM,CAAY,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9E,MAAM,OAAO,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACjD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;GAIG;AACH,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,MAAM,IAAI,SAAS,CAAC,yBAAyB,EAAE,eAAe,EAAE,GAAG,CAAC,CAAC;IACvE,CAAC;IACD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACtE,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,SAAS,CAAC,yBAAyB,EAAE,eAAe,EAAE,GAAG,CAAC,CAAC;IACvE,CAAC;AACH,CAAC;AAuBD;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,KAAiC,EACjC,SAA2B,oBAAoB,EAAE;IAEjD,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;IAEhD,kEAAkE;IAClE,gEAAgE;IAChE,kEAAkE;IAClE,8DAA8D;IAC9D,kCAAkC;IAClC,MAAM,QAAQ,GAAG,sBAAsB,EAAE,CAAC;IAE1C,IAAI,UAAmB,CAAC;IACxB,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CACf,IAAI,mBAAmB,CAAC;YACtB,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,QAAQ,EAAE,KAAK;SAChB,CAAC,CACH,CAAC;QACF,UAAU,GAAG,IAAI,CAAC;IACpB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAK,GAAyB,CAAC,IAAI,KAAK,uBAAuB,EAAE,CAAC;YAChE,UAAU,GAAG,KAAK,CAAC;QACrB,CAAC;aAAM,CAAC;YACN,MAAM,gBAAgB,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,KAAK,GAAoB;YAC7B,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE;YAC/B,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,MAAM,EAAE;SAC1C,CAAC;QACF,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,iBAAiB,IAAI,EAAE,CAAC,EAAE,CAAC;YACnE,IAAI,CAAC,KAAK,OAAO,IAAI,CAAC,KAAK,gBAAgB,IAAI,CAAC,KAAK,MAAM;gBAAE,SAAS;YACtE,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;QACpC,CAAC;QACD,KAAK,CAAC,IAAI,CAAC;YACT,IAAI,EAAE,2BAA2B;YACjC,KAAK,EAAE,KAAK,CAAC,QAAQ;SACtB,CAAC,CAAC;QACH,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,uBAAuB,IAAI,EAAE,CAAC,EAAE,CAAC;YACzE,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;QAChD,CAAC;QACD,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,IAAI,CACf,IAAI,sBAAsB,CAAC;gBACzB,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,QAAQ,EAAE,KAAK;gBACf,cAAc,EAAE,KAAK;gBACrB,2DAA2D;gBAC3D,4DAA4D;gBAC5D,aAAa,EAAE,UAAU;gBACzB,iBAAiB,EAAE,QAAQ;aAC5B,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,gEAAgE;YAChE,8DAA8D;YAC9D,iDAAiD;YACjD,IAAK,GAAyB,CAAC,IAAI,KAAK,yBAAyB,EAAE,CAAC;gBAClE,MAAM,gBAAgB,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,4DAA4D;QAC5D,+DAA+D;QAC/D,+DAA+D;QAC/D,0CAA0C;QAC1C,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,IAAI,CACf,IAAI,gCAAgC,CAAC;gBACnC,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,QAAQ,EAAE,KAAK;gBACf,cAAc,EAAE;oBACd,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE;oBAC/B,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,MAAM,EAAE;iBAC1C;aACF,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,gBAAgB,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED,8DAA8D;IAC9D,gEAAgE;IAChE,iEAAiE;IACjE,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CACf,IAAI,2BAA2B,CAAC;YAC9B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,QAAQ;YAClB,SAAS,EAAE,IAAI;SAChB,CAAC,CACH,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,gBAAgB,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,GAAmC,CAAC;IACxC,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,MAAM,CAAC,IAAI,CACrB,IAAI,wBAAwB,CAAC;YAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,QAAQ,EAAE,MAAM,CAAC,WAAW;YAC5B,QAAQ,EAAE,0BAA0B;YACpC,cAAc,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE;SACxD,CAAC,CACH,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,gBAAgB,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;IACzD,CAAC;IACD,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;QACtB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,qEAAqE,GAAG,CAAC,aAAa,EAAE,EACxF,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,OAAO,mBAAmB,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;AACvD,CAAC;AAED;;;;GAIG;AACH,SAAS,sBAAsB;IAC7B,MAAM,IAAI,GAAG,WAAW,CAAC,EAAE,CAAC;SACzB,QAAQ,CAAC,QAAQ,CAAC;SAClB,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;SAC5B,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAChB,OAAO,OAAO,IAAI,EAAE,CAAC;AACvB,CAAC"}
|
|
1
|
+
{"version":3,"file":"federated.js","sourceRoot":"","sources":["../../src/server/federated.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqCG;AAEH,OAAO,EACL,sBAAsB,EACtB,mBAAmB,EACnB,wBAAwB,EACxB,2BAA2B,EAC3B,gCAAgC,GAGjC,MAAM,2CAA2C,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEvE,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAqB,MAAM,aAAa,CAAC;AAsBrE,uEAAuE;AACvE,4DAA4D;AAC5D,uEAAuE;AAEvE,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAmD,CAAC;AAEpF;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,gCAAgC,CACpD,QAA2B,EAC3B,MAA8D,OAAO,CAAC,GAAG;IAEzE,MAAM,MAAM,GAAG,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC9C,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,qEAAqE;IACrE,yDAAyD;IACzD,MAAM,WAAW,GAAG,qBAAqB,QAAQ,CAAC,WAAW,EAAE,YAAY,CAAC;IAC5E,MAAM,eAAe,GAAG,qBAAqB,QAAQ,CAAC,WAAW,EAAE,gBAAgB,CAAC;IACpF,MAAM,WAAW,GAAG,GAAG,CAAC,WAAW,CAAC,CAAC;IACrC,MAAM,eAAe,GAAG,GAAG,CAAC,eAAe,CAAC,CAAC;IAC7C,IAAI,WAAW,IAAI,eAAe,EAAE,CAAC;QACnC,MAAM,KAAK,GAAiC;YAC1C,QAAQ,EAAE,WAAW;YACrB,YAAY,EAAE,eAAe;SAC9B,CAAC;QACF,gBAAgB,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACtC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,MAAM,GAAG,qBAAqB,QAAQ,CAAC,WAAW,EAAE,aAAa,CAAC;IACxE,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;IACxB,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,IAAI,QAAQ,qBAAqB,MAAM,aAAa;YAClD,kBAAkB,QAAQ,0CAA0C;YACpE,iEAAiE;YACjE,qEAAqE,EACvE,GAAG,CACJ,CAAC;IACJ,CAAC;IAED,MAAM,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,GAAG,MAAM,MAAM,CAClE,iCAAiC,CAClC,CAAC;IACF,MAAM,MAAM,GAAG,IAAI,oBAAoB,CAAC;QACtC,MAAM,EAAE,GAAG,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC;KACnD,CAAC,CAAC;IACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,qBAAqB,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;IAC5E,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QACtB,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,IAAI,QAAQ,2BAA2B,GAAG,WAAW,EACrD,GAAG,CACJ,CAAC;IACJ,CAAC;IAED,IAAI,MAAoD,CAAC;IACzD,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAkB,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,IAAI,QAAQ,2BAA2B,GAAG,oBAAoB,EAC9D,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,IACE,CAAC,MAAM,CAAC,QAAQ;QAChB,CAAC,MAAM,CAAC,YAAY;QACpB,MAAM,CAAC,QAAQ,KAAK,aAAa;QACjC,MAAM,CAAC,YAAY,KAAK,aAAa,EACrC,CAAC;QACD,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,IAAI,QAAQ,2BAA2B,GAAG,mBAAmB;YAC3D,6DAA6D;YAC7D,4DAA4D;YAC5D,eAAe,GAAG,wDAAwD,EAC5E,GAAG,CACJ,CAAC;IACJ,CAAC;IAED,MAAM,KAAK,GAAiC;QAC1C,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,YAAY,EAAE,MAAM,CAAC,YAAY;KAClC,CAAC;IACF,gBAAgB,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IACtC,OAAO,KAAK,CAAC;AACf,CAAC;AAED,mEAAmE;AACnE,MAAM,UAAU,oCAAoC;IAClD,gBAAgB,CAAC,KAAK,EAAE,CAAC;AAC3B,CAAC;AAED,uEAAuE;AACvE,2CAA2C;AAC3C,uEAAuE;AAEvE;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC/C,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAC9B,SAA6B,EAC7B,UAA8B;IAE9B,IAAI,CAAC,SAAS,IAAI,CAAC,UAAU;QAAE,OAAO,KAAK,CAAC;IAC5C,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACjC,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAClC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACxC,OAAO,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AAC/B,CAAC;AAaD,MAAM,kBAAkB,GAAiD;IACvE,MAAM,EAAE;QACN,SAAS,EAAE,8CAA8C;QACzD,KAAK,EAAE,qCAAqC;QAC5C,mEAAmE;QACnE,8DAA8D;QAC9D,aAAa,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC;KAC9C;IACD,QAAQ,EAAE;QACR,SAAS,EAAE,6CAA6C;QACxD,KAAK,EAAE,qDAAqD;QAC5D,+DAA+D;QAC/D,6DAA6D;QAC7D,aAAa,EAAE,CAAC,OAAO,EAAE,gBAAgB,CAAC;KAC3C;IACD,KAAK,EAAE;QACL,SAAS,EAAE,0CAA0C;QACrD,KAAK,EAAE,sCAAsC;QAC7C,kEAAkE;QAClE,8DAA8D;QAC9D,aAAa,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;KACjC;IACD,QAAQ,EAAE;QACR,+DAA+D;QAC/D,+DAA+D;QAC/D,kEAAkE;QAClE,wEAAwE;QACxE,SAAS,EAAE,iDAAiD;QAC5D,KAAK,EAAE,+CAA+C;QACtD,8DAA8D;QAC9D,4DAA4D;QAC5D,aAAa,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;KAC9C;CACF,CAAC;AA0BF;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,KAA6B,EAC7B,MAA8D,OAAO,CAAC,GAAG;IAEzE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;IACpE,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,gCAAgC,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IAC3E,MAAM,SAAS,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAE/C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IACzC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAC9C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAC5C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;IAClD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,MAAM,IAAI,SAAS,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAC7E,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACrC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,IAAI,EAAE,CAAC,EAAE,CAAC;QACvD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC7B,CAAC;IACD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AAkBD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,KAAqC,EACrC,MAA8D,OAAO,CAAC,GAAG;IAEzE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;IAC9C,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,MAAM,gCAAgC,CACvE,QAAQ,EACR,GAAG,CACJ,CAAC;IACF,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,QAAQ;YACX,OAAO,cAAc,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QACnE,KAAK,UAAU;YACb,OAAO,gBAAgB,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QACrE,KAAK,UAAU;YACb,OAAO,gBAAgB,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QACrE,KAAK,OAAO;YACV,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,iEAAiE;gBAC/D,iEAAiE;gBACjE,uDAAuD,EACzD,GAAG,CACJ,CAAC;QACJ,OAAO,CAAC,CAAC,CAAC;YACR,MAAM,WAAW,GAAU,QAAQ,CAAC;YACpC,KAAK,WAAW,CAAC;YACjB,MAAM,IAAI,SAAS,CACjB,mCAAmC,EACnC,+BAA+B,MAAM,CAAC,QAAQ,CAAC,EAAE,EACjD,GAAG,CACJ,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,WAAmB,EACnB,QAAgB,EAChB,YAAoB;IAEpB,oEAAoE;IACpE,qEAAqE;IACrE,gEAAgE;IAChE,kEAAkE;IAClE,gEAAgE;IAChE,kEAAkE;IAClE,wCAAwC;IACxC,4FAA4F;IAC5F,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,IAAI;QACJ,SAAS,EAAE,QAAQ;QACnB,aAAa,EAAE,YAAY;QAC3B,YAAY,EAAE,WAAW;QACzB,UAAU,EAAE,oBAAoB;KACjC,CAAC,CAAC;IACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,kBAAkB,CAAC,MAAM,CAAC,KAAK,EAAE;QAC5D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI;KACL,CAAC,CAAC;IACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,sCAAsC,QAAQ,CAAC,MAAM,KAAK;YACxD,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,EACzC,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,SAAS,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAGvC,CAAC;IACF,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;QACxB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,4CAA4C,EAC5C,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IACpD,MAAM,GAAG,GAAG,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,MAAM,CAAC,KAAK,CAAY,CAAC,CAAC,CAAC,IAAI,CAAC;IACjF,MAAM,KAAK,GACT,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,QAAQ;QACjC,CAAC,CAAE,MAAM,CAAC,OAAO,CAAY,CAAC,WAAW,EAAE;QAC3C,CAAC,CAAC,IAAI,CAAC;IACX,MAAM,aAAa,GAAG,MAAM,CAAC,gBAAgB,CAAC,KAAK,IAAI,CAAC;IACxD,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,IAAI,CAAC,aAAa,EAAE,CAAC;QACrC,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,uDAAuD,EACvD,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GACR,OAAO,MAAM,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,MAAM,CAAC,MAAM,CAAY,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9E,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;AAC1C,CAAC;AAED,KAAK,UAAU,gBAAgB,CAC7B,IAAY,EACZ,WAAmB,EACnB,QAAgB,EAChB,YAAoB;IAEpB,kEAAkE;IAClE,kEAAkE;IAClE,wDAAwD;IACxD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,kBAAkB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC5D,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACxC,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IACjD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;IACzD,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;IACvD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,CAAC;IACvC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,wCAAwC,QAAQ,CAAC,MAAM,KAAK;YAC1D,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,EACzC,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,SAAS,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA8B,CAAC;IACvE,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,CAAC;QAC5B,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,kDAAkD,EAClD,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,iEAAiE;IACjE,qEAAqE;IACrE,MAAM,KAAK,GAAG,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC;SAC7C,MAAM,CAAC,SAAS,CAAC,YAAY,CAAC;SAC9B,MAAM,CAAC,KAAK,CAAC,CAAC;IACjB,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,qCAAqC,CAAC,CAAC;IAC7D,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IAClD,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC;IAC/D,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;QACd,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,6BAA6B,KAAK,CAAC,MAAM,GAAG,EAC5C,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,EAAE,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,EAAE,CAI7B,CAAC;IACF,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QACxB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,mEAAmE,EACnE,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,OAAO;QACL,UAAU,EAAE,EAAE,CAAC,EAAE;QACjB,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE;QAC7B,IAAI,EAAE,EAAE,CAAC,IAAI;KACd,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,gBAAgB,CAC7B,IAAY,EACZ,WAAmB,EACnB,QAAgB,EAChB,YAAoB;IAEpB,sEAAsE;IACtE,oEAAoE;IACpE,gEAAgE;IAChE,iEAAiE;IACjE,qEAAqE;IACrE,oEAAoE;IACpE,iEAAiE;IACjE,gCAAgC;IAChC,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,IAAI;QACJ,SAAS,EAAE,QAAQ;QACnB,aAAa,EAAE,YAAY;QAC3B,YAAY,EAAE,WAAW;QACzB,UAAU,EAAE,oBAAoB;KACjC,CAAC,CAAC;IACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,kBAAkB,CAAC,QAAQ,CAAC,KAAK,EAAE;QAC9D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI;KACL,CAAC,CAAC;IACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,wCAAwC,QAAQ,CAAC,MAAM,KAAK;YAC1D,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,EACzC,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,SAAS,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAGvC,CAAC;IACF,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;QACxB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,+DAA+D;YAC7D,gEAAgE;YAChE,iDAAiD,EACnD,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IACpD,MAAM,GAAG,GAAG,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,MAAM,CAAC,KAAK,CAAY,CAAC,CAAC,CAAC,IAAI,CAAC;IACjF,MAAM,KAAK,GACT,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,QAAQ;QACjC,CAAC,CAAE,MAAM,CAAC,OAAO,CAAY,CAAC,WAAW,EAAE;QAC3C,CAAC,CAAC,IAAI,CAAC;IACX,iEAAiE;IACjE,yDAAyD;IACzD,MAAM,aAAa,GACjB,MAAM,CAAC,gBAAgB,CAAC,KAAK,IAAI,IAAI,MAAM,CAAC,gBAAgB,CAAC,KAAK,MAAM,CAAC;IAC3E,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,IAAI,CAAC,aAAa,EAAE,CAAC;QACrC,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,oEAAoE;YAClE,yCAAyC,EAC3C,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GACR,OAAO,MAAM,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAE,MAAM,CAAC,MAAM,CAAY,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9E,MAAM,OAAO,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACjD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;GAKG;AACH,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IACpC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,SAAS,CAAC,yBAAyB,EAAE,eAAe,EAAE,GAAG,CAAC,CAAC;IACvE,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAuBD;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,KAAiC,EACjC,SAA2B,oBAAoB,EAAE;IAEjD,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;IAEhD,kEAAkE;IAClE,gEAAgE;IAChE,kEAAkE;IAClE,8DAA8D;IAC9D,kCAAkC;IAClC,MAAM,QAAQ,GAAG,sBAAsB,EAAE,CAAC;IAE1C,IAAI,UAAmB,CAAC;IACxB,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CACf,IAAI,mBAAmB,CAAC;YACtB,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,QAAQ,EAAE,KAAK;SAChB,CAAC,CACH,CAAC;QACF,UAAU,GAAG,IAAI,CAAC;IACpB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAK,GAAyB,CAAC,IAAI,KAAK,uBAAuB,EAAE,CAAC;YAChE,UAAU,GAAG,KAAK,CAAC;QACrB,CAAC;aAAM,CAAC;YACN,MAAM,gBAAgB,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,KAAK,GAAoB;YAC7B,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE;YAC/B,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,MAAM,EAAE;SAC1C,CAAC;QACF,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,iBAAiB,IAAI,EAAE,CAAC,EAAE,CAAC;YACnE,IAAI,CAAC,KAAK,OAAO,IAAI,CAAC,KAAK,gBAAgB,IAAI,CAAC,KAAK,MAAM;gBAAE,SAAS;YACtE,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;QACpC,CAAC;QACD,KAAK,CAAC,IAAI,CAAC;YACT,IAAI,EAAE,2BAA2B;YACjC,KAAK,EAAE,KAAK,CAAC,QAAQ;SACtB,CAAC,CAAC;QACH,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,uBAAuB,IAAI,EAAE,CAAC,EAAE,CAAC;YACzE,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;QAChD,CAAC;QACD,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,IAAI,CACf,IAAI,sBAAsB,CAAC;gBACzB,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,QAAQ,EAAE,KAAK;gBACf,cAAc,EAAE,KAAK;gBACrB,2DAA2D;gBAC3D,4DAA4D;gBAC5D,aAAa,EAAE,UAAU;gBACzB,iBAAiB,EAAE,QAAQ;aAC5B,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,gEAAgE;YAChE,8DAA8D;YAC9D,iDAAiD;YACjD,IAAK,GAAyB,CAAC,IAAI,KAAK,yBAAyB,EAAE,CAAC;gBAClE,MAAM,gBAAgB,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,4DAA4D;QAC5D,+DAA+D;QAC/D,+DAA+D;QAC/D,0CAA0C;QAC1C,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,IAAI,CACf,IAAI,gCAAgC,CAAC;gBACnC,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,QAAQ,EAAE,KAAK;gBACf,cAAc,EAAE;oBACd,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE;oBAC/B,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,MAAM,EAAE;iBAC1C;aACF,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,gBAAgB,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED,8DAA8D;IAC9D,gEAAgE;IAChE,iEAAiE;IACjE,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CACf,IAAI,2BAA2B,CAAC;YAC9B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,QAAQ;YAClB,SAAS,EAAE,IAAI;SAChB,CAAC,CACH,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,gBAAgB,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,GAAmC,CAAC;IACxC,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,MAAM,CAAC,IAAI,CACrB,IAAI,wBAAwB,CAAC;YAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,QAAQ,EAAE,MAAM,CAAC,WAAW;YAC5B,QAAQ,EAAE,0BAA0B;YACpC,cAAc,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE;SACxD,CAAC,CACH,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,gBAAgB,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;IACzD,CAAC;IACD,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;QACtB,MAAM,IAAI,SAAS,CACjB,yBAAyB,EACzB,qEAAqE,GAAG,CAAC,aAAa,EAAE,EACxF,GAAG,CACJ,CAAC;IACJ,CAAC;IACD,OAAO,mBAAmB,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;AACvD,CAAC;AAED;;;;GAIG;AACH,SAAS,sBAAsB;IAC7B,MAAM,IAAI,GAAG,WAAW,CAAC,EAAE,CAAC;SACzB,QAAQ,CAAC,QAAQ,CAAC;SAClB,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;SAC5B,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAChB,OAAO,OAAO,IAAI,EAAE,CAAC;AACvB,CAAC"}
|
|
@@ -88,7 +88,6 @@ export async function forgotPassword(input, config = loadAuthServerConfig()) {
|
|
|
88
88
|
await input.onSendCode(email, code);
|
|
89
89
|
}
|
|
90
90
|
else {
|
|
91
|
-
// eslint-disable-next-line no-console
|
|
92
91
|
console.log(`[dev] Forgot-password code for ${email}: ${code} (expires in 10 min)`);
|
|
93
92
|
}
|
|
94
93
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"forgot-password.js","sourceRoot":"","sources":["../../src/server/forgot-password.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EACL,2BAA2B,EAC3B,4BAA4B,EAC5B,qBAAqB,GAEtB,MAAM,2CAA2C,CAAC;AAEnD,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC1D,OAAO,EAAE,wBAAwB,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AA+CnF,uEAAuE;AAEvE,MAAM,eAAe,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,aAAa;AACrD,MAAM,qBAAqB,GAAG,CAAC,CAAC;AAEhC,oFAAoF;AACpF,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAG/B,CAAC;AAEJ,SAAS,SAAS,CAAC,MAAwB;IACzC,OAAO,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;AAC3B,CAAC;AAED,SAAS,SAAS,CAAC,KAAa;IAC9B,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACzC,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACpC,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,OAAO,MAAM,EAAE,CAAC;AACpC,CAAC;AAED,gFAAgF;AAChF,MAAM,UAAU,kCAAkC;IAChD,kBAAkB,CAAC,KAAK,EAAE,CAAC;AAC7B,CAAC;AAED,uEAAuE;AAEvE;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,KAA0B,EAC1B,SAA2B,oBAAoB,EAAE;IAEjD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;IAExC,IAAI,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;QACtB,8DAA8D;QAC9D,mDAAmD;QACnD,MAAM,IAAI,GAAG,wBAAwB,EAAE,CAAC;QACxC,MAAM,QAAQ,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC;QAC5C,kBAAkB,CAAC,GAAG,CAAC,KAAK,EAAE;YAC5B,QAAQ;YACR,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe;YACvC,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;QACH,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;YACrB,MAAM,KAAK,CAAC,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QACtC,CAAC;aAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"forgot-password.js","sourceRoot":"","sources":["../../src/server/forgot-password.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EACL,2BAA2B,EAC3B,4BAA4B,EAC5B,qBAAqB,GAEtB,MAAM,2CAA2C,CAAC;AAEnD,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC1D,OAAO,EAAE,wBAAwB,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AA+CnF,uEAAuE;AAEvE,MAAM,eAAe,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,aAAa;AACrD,MAAM,qBAAqB,GAAG,CAAC,CAAC;AAEhC,oFAAoF;AACpF,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAG/B,CAAC;AAEJ,SAAS,SAAS,CAAC,MAAwB;IACzC,OAAO,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;AAC3B,CAAC;AAED,SAAS,SAAS,CAAC,KAAa;IAC9B,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACzC,IAAI,CAAC,KAAK,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACpC,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,OAAO,MAAM,EAAE,CAAC;AACpC,CAAC;AAED,gFAAgF;AAChF,MAAM,UAAU,kCAAkC;IAChD,kBAAkB,CAAC,KAAK,EAAE,CAAC;AAC7B,CAAC;AAED,uEAAuE;AAEvE;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,KAA0B,EAC1B,SAA2B,oBAAoB,EAAE;IAEjD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;IAExC,IAAI,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;QACtB,8DAA8D;QAC9D,mDAAmD;QACnD,MAAM,IAAI,GAAG,wBAAwB,EAAE,CAAC;QACxC,MAAM,QAAQ,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC;QAC5C,kBAAkB,CAAC,GAAG,CAAC,KAAK,EAAE;YAC5B,QAAQ;YACR,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe;YACvC,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;QACH,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;YACrB,MAAM,KAAK,CAAC,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QACtC,CAAC;aAAM,CAAC;YAEN,OAAO,CAAC,GAAG,CACT,kCAAkC,KAAK,KAAK,IAAI,sBAAsB,CACvE,CAAC;QACJ,CAAC;QACD,OAAO;YACL,YAAY,EAAE;gBACZ,WAAW,EAAE,SAAS,CAAC,KAAK,CAAC;gBAC7B,cAAc,EAAE,OAAO;gBACvB,aAAa,EAAE,OAAO;aACvB;YACD,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,mDAAmD;IACnD,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,IAAI,GAAgC,CAAC;IACrC,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,MAAM,CAAC,IAAI,CACrB,IAAI,qBAAqB,CAAC;YACxB,QAAQ,EAAE,MAAM,CAAC,WAAW;YAC5B,QAAQ,EAAE,KAAK;SAChB,CAAC,CACH,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,gBAAgB,CAAC,GAAG,EAAE,wBAAwB,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,CAAC,GAAG,GAAG,CAAC,mBAAmB,CAAC;IAClC,IAAI,CAAC,CAAC;QAAE,OAAO,EAAE,CAAC;IAClB,MAAM,YAAY,GAAwB,EAAE,CAAC;IAC7C,IAAI,CAAC,CAAC,WAAW,KAAK,SAAS;QAAE,YAAY,CAAC,WAAW,GAAG,CAAC,CAAC,WAAW,CAAC;IAC1E,IAAI,CAAC,CAAC,cAAc,KAAK,SAAS;QAAE,YAAY,CAAC,cAAc,GAAG,CAAC,CAAC,cAAc,CAAC;IACnF,IAAI,CAAC,CAAC,aAAa,KAAK,SAAS;QAAE,YAAY,CAAC,aAAa,GAAG,CAAC,CAAC,aAAa,CAAC;IAChF,OAAO,EAAE,YAAY,EAAE,CAAC;AAC1B,CAAC;AAWD;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,KAAiC,EACjC,SAA2B,oBAAoB,EAAE;IAEjD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;IAExC,IAAI,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;QACtB,+DAA+D;QAC/D,kDAAkD;QAClD,MAAM,MAAM,GAAG,kBAAkB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC7C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,SAAS,CACjB,cAAc,EACd,yDAAyD,EACzD,GAAG,CACJ,CAAC;QACJ,CAAC;QACD,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAClC,kBAAkB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACjC,MAAM,IAAI,SAAS,CACjB,cAAc,EACd,kDAAkD,EAClD,GAAG,CACJ,CAAC;QACJ,CAAC;QACD,MAAM,aAAa,GAAG,oBAAoB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC9C,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,IAAI,eAAe,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC/D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,gEAAgE;YAChE,+DAA+D;YAC/D,iEAAiE;YACjE,mDAAmD;YACnD,MAAM,CAAC,QAAQ,IAAI,CAAC,CAAC;YACrB,IAAI,MAAM,CAAC,QAAQ,IAAI,qBAAqB,EAAE,CAAC;gBAC7C,kBAAkB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACnC,CAAC;YACD,MAAM,IAAI,SAAS,CAAC,cAAc,EAAE,2BAA2B,EAAE,GAAG,CAAC,CAAC;QACxE,CAAC;QACD,kBAAkB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAEjC,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QAChE,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,IAAI,CACf,IAAI,2BAA2B,CAAC;gBAC9B,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,QAAQ,EAAE,KAAK;gBACf,QAAQ,EAAE,KAAK,CAAC,WAAW;gBAC3B,SAAS,EAAE,IAAI;aAChB,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,gBAAgB,CAAC,GAAG,EAAE,gCAAgC,CAAC,CAAC;QAChE,CAAC;QACD,OAAO;IACT,CAAC;IAED,0DAA0D;IAC1D,MAAM,MAAM,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CACf,IAAI,4BAA4B,CAAC;YAC/B,QAAQ,EAAE,MAAM,CAAC,WAAW;YAC5B,QAAQ,EAAE,KAAK;YACf,gBAAgB,EAAE,KAAK,CAAC,IAAI;YAC5B,QAAQ,EAAE,KAAK,CAAC,WAAW;SAC5B,CAAC,CACH,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,gBAAgB,CAAC,GAAG,EAAE,gCAAgC,CAAC,CAAC;IAChE,CAAC;AACH,CAAC"}
|