@webex/webex-core 2.59.3-next.1 → 2.59.4

package/dist/lib/credentials/token.js

@@ -35,11 +35,11 @@ function ownKeys(object, enumerableOnly) { var keys = _Object$keys(object); if (
 function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? ownKeys(Object(source), !0).forEach(function (key) { (0, _defineProperty2.default)(target, key, source[key]); }) : _Object$getOwnPropertyDescriptors ? _Object$defineProperties(target, _Object$getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function (key) { _Object$defineProperty(target, key, _Object$getOwnPropertyDescriptor2(source, key)); }); } return target; }
 /* eslint-disable camelcase */
 
-/**
- * Parse response from CI and converts to structured error when appropriate
- * @param {WebexHttpError} res
- * @private
- * @returns {GrantError}
+/**
+ * Parse response from CI and converts to structured error when appropriate
+ * @param {WebexHttpError} res
+ * @private
+ * @returns {GrantError}
  */
 function processGrantError(res) {
   if (res.statusCode !== 400) {
@@ -55,8 +55,8 @@ function processGrantError(res) {
   return _promise.default.reject(new ErrorConstructor(res._res || res));
 }
 
-/**
- * @class
+/**
+ * @class
  */
 var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
   keyFactory: function keyFactory(scope) {
@@ -64,14 +64,14 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
   }
 }), (_obj = {
   derived: {
-    /**
-     * Indicates if this token can be used in an auth header. `true` iff
-     * {@link Token#access_token} is defined and {@link Token#isExpired} is
-     * false.
-     * @instance
-     * @memberof Token
-     * @readonly
-     * @type {boolean}
+    /**
+     * Indicates if this token can be used in an auth header. `true` iff
+     * {@link Token#access_token} is defined and {@link Token#isExpired} is
+     * false.
+     * @instance
+     * @memberof Token
+     * @readonly
+     * @type {boolean}
      */
     canAuthorize: {
       deps: ['access_token', 'isExpired'],
@@ -79,19 +79,19 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
         return !!this.access_token && !this.isExpired;
       }
     },
-    /**
-     * Indicates that this token can be downscoped. `true` iff
-     * {@link config.credentials.client_id} is defined and if
-     * {@link Token#canAuthorize} is true
-     *
-     * Note: since {@link config} is not evented, we can't listen for changes to
-     * {@link config.credentials.client_id}. As such,
-     * {@link config.credentials.client_id} must always be set before
-     * instantiating a {@link Token}
-     * @instance
-     * @memberof Token
-     * @readonly
-     * @type {boolean}
+    /**
+     * Indicates that this token can be downscoped. `true` iff
+     * {@link config.credentials.client_id} is defined and if
+     * {@link Token#canAuthorize} is true
+     *
+     * Note: since {@link config} is not evented, we can't listen for changes to
+     * {@link config.credentials.client_id}. As such,
+     * {@link config.credentials.client_id} must always be set before
+     * instantiating a {@link Token}
+     * @instance
+     * @memberof Token
+     * @readonly
+     * @type {boolean}
      */
     canDownscope: {
       deps: ['canAuthorize'],
@@ -99,19 +99,19 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
         return this.canAuthorize && !!this.config.client_id;
       }
     },
-    /**
-     * Indicates if this token can be refreshed. `true` iff
-     * {@link Token@refresh_token} is defined and
-     * {@link config.credentials.refreshCallback()} is defined
-     *
-     * Note: since {@link config} is not evented, we can't listen for changes to
-     * {@link config.credentials.refreshCallback()}. As such,
-     * {@link config.credentials.refreshCallback()} must always be set before
-     * instantiating a {@link Token}
-     * @instance
-     * @memberof Token
-     * @readonly
-     * @type {boolean}
+    /**
+     * Indicates if this token can be refreshed. `true` iff
+     * {@link Token@refresh_token} is defined and
+     * {@link config.credentials.refreshCallback()} is defined
+     *
+     * Note: since {@link config} is not evented, we can't listen for changes to
+     * {@link config.credentials.refreshCallback()}. As such,
+     * {@link config.credentials.refreshCallback()} must always be set before
+     * instantiating a {@link Token}
+     * @instance
+     * @memberof Token
+     * @readonly
+     * @type {boolean}
      */
     canRefresh: {
       deps: ['refresh_token'],
@@ -122,13 +122,13 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
         return !!this.refresh_token && !!this.config.client_secret;
       }
     },
-    /**
-     * Indicates if this `Token` is expired. `true` iff {@link Token#expires} is
-     * defined and is less than {@link Date.now()}.
-     * @instance
-     * @memberof Token
-     * @readonly
-     * @type {boolean}
+    /**
+     * Indicates if this `Token` is expired. `true` iff {@link Token#expires} is
+     * defined and is less than {@link Date.now()}.
+     * @instance
+     * @memberof Token
+     * @readonly
+     * @type {boolean}
      */
     isExpired: {
       deps: ['expires', '_isExpired'],
@@ -138,13 +138,13 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
         return !!this.expires && this._isExpired;
       }
     },
-    /**
-     * Cache for toString()
-     * @instance
-     * @memberof Token
-     * @private
-     * @readonly
-     * @type {string}
+    /**
+     * Cache for toString()
+     * @instance
+     * @memberof Token
+     * @private
+     * @readonly
+     * @type {string}
      */
     _string: {
       deps: ['access_token', 'token_type'],
@@ -158,55 +158,55 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
   },
   namespace: 'Credentials',
   props: {
-    /**
-     * Used for indexing in the credentials userTokens collection
-     * @instance
-     * @memberof Token
-     * @private
-     * @type {string}
+    /**
+     * Used for indexing in the credentials userTokens collection
+     * @instance
+     * @memberof Token
+     * @private
+     * @type {string}
      */
     scope: 'string',
-    /**
-     * @instance
-     * @memberof Token
-     * @type {string}
+    /**
+     * @instance
+     * @memberof Token
+     * @type {string}
      */
     access_token: 'string',
-    /**
-     * @instance
-     * @memberof Token
-     * @type {number}
+    /**
+     * @instance
+     * @memberof Token
+     * @type {number}
      */
     expires: 'number',
-    /**
-     * @instance
-     * @memberof Token
-     * @type {number}
+    /**
+     * @instance
+     * @memberof Token
+     * @type {number}
      */
     expires_in: 'number',
-    /**
-     * @instance
-     * @memberof Token
-     * @type {string}
+    /**
+     * @instance
+     * @memberof Token
+     * @type {string}
      */
     refresh_token: 'string',
-    /**
-     * @instance
-     * @memberof Token
-     * @type {number}
+    /**
+     * @instance
+     * @memberof Token
+     * @type {number}
      */
     refresh_token_expires: 'number',
-    /**
-     * @instance
-     * @memberof Token
-     * @type {number}
+    /**
+     * @instance
+     * @memberof Token
+     * @type {number}
      */
     refresh_token_expires_in: 'number',
-    /**
-     * @default "Bearer"
-     * @instance
-     * @memberof Token
-     * @type {string}
+    /**
+     * @default "Bearer"
+     * @instance
+     * @memberof Token
+     * @type {string}
      */
     token_type: {
       default: 'Bearer',
@@ -214,38 +214,38 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
     }
   },
   session: {
-    /**
-     * Used by {@link Token#isExpired} to avoid doing a Date comparison.
-     * @instance
-     * @memberof Token
-     * @private
-     * @type {boolean}
+    /**
+     * Used by {@link Token#isExpired} to avoid doing a Date comparison.
+     * @instance
+     * @memberof Token
+     * @private
+     * @type {boolean}
      */
     _isExpired: {
       default: false,
       type: 'boolean'
     },
-    /**
-     * Handle to the previous token that we'll revoke when we refresh this
-     * token. The idea is to keep allow two valid tokens when a refresh occurs;
-     * we don't want revoke a token that's in the middle of being used, so when
-     * we do a token refresh, we won't revoke the token being refreshed, but
-     * we'll revoke the previous one.
-     * @instance
-     * @memberof Token
-     * @private
-     * @type {Object}
+    /**
+     * Handle to the previous token that we'll revoke when we refresh this
+     * token. The idea is to keep allow two valid tokens when a refresh occurs;
+     * we don't want revoke a token that's in the middle of being used, so when
+     * we do a token refresh, we won't revoke the token being refreshed, but
+     * we'll revoke the previous one.
+     * @instance
+     * @memberof Token
+     * @private
+     * @type {Object}
      */
     previousToken: {
       type: 'state'
     }
   },
-  /**
-   * Uses this token to request a new Token with a subset of this Token's scopes
-   * @instance
-   * @memberof Token
-   * @param {string} scope
-   * @returns {Promise<Token>}
+  /**
+   * Uses this token to request a new Token with a subset of this Token's scopes
+   * @instance
+   * @memberof Token
+   * @param {string} scope
+   * @returns {Promise<Token>}
    */
   downscope: function downscope(scope) {
     var _this = this;
@@ -295,14 +295,14 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
       });
     });
   },
-  /**
-   * Initializer
-   * @instance
-   * @memberof Token
-   * @param {Object} [attrs={}]
-   * @param {Object} [options={}]
-   * @see {@link WebexPlugin#initialize()}
-   * @returns {Token}
+  /**
+   * Initializer
+   * @instance
+   * @memberof Token
+   * @param {Object} [attrs={}]
+   * @param {Object} [options={}]
+   * @see {@link WebexPlugin#initialize()}
+   * @returns {Token}
    */
   initialize: function initialize() {
     var _this2 = this;
@@ -328,12 +328,12 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
       }
     }
   },
-  /**
-   * Refreshes this Token. Relies on
-   * {@link config.credentials.refreshCallback()}
-   * @instance
-   * @memberof Token
-   * @returns {Promise<Token>}
+  /**
+   * Refreshes this Token. Relies on
+   * {@link config.credentials.refreshCallback()}
+   * @instance
+   * @memberof Token
+   * @returns {Promise<Token>}
    */
   refresh: function refresh() {
     var _this3 = this;
@@ -396,11 +396,11 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
       });
     }).catch(processGrantError);
   },
-  /**
-   * Revokes this token and unsets its local properties
-   * @instance
-   * @memberof Token
-   * @returns {Promise}
+  /**
+   * Revokes this token and unsets its local properties
+   * @instance
+   * @memberof Token
+   * @returns {Promise}
    */
   revoke: function revoke() {
     var _this4 = this;
@@ -470,12 +470,12 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
     }
     return (0, _apply.default)(_webexPlugin.default.prototype.set, this, [attrs, options]);
   },
-  /**
-   * Renders the token object as an HTTP Header Value
-   * @instance
-   * @memberof Token
-   * @returns {string}
-   * @see {@link Object#toString()}
+  /**
+   * Renders the token object as an HTTP Header Value
+   * @instance
+   * @memberof Token
+   * @returns {string}
+   * @see {@link Object#toString()}
    */
   toString: function toString() {
     if (!this._string) {
@@ -483,13 +483,13 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
     }
     return this._string;
   },
-  /**
-   * Uses a non-producation api to return information about this token. This
-   * method is primarily for tests and will throw if NODE_ENV === production
-   * @instance
-   * @memberof Token
-   * @private
-   * @returns {Promise}
+  /**
+   * Uses a non-producation api to return information about this token. This
+   * method is primarily for tests and will throw if NODE_ENV === production
+   * @instance
+   * @memberof Token
+   * @private
+   * @returns {Promise}
    */
   validate: function validate() {
     var _this5 = this;
@@ -527,7 +527,7 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
       return res.body;
     });
   },
-  version: "2.59.0"
+  version: "2.59.4"
 }, ((0, _applyDecoratedDescriptor2.default)(_obj, "downscope", [_dec], (0, _getOwnPropertyDescriptor.default)(_obj, "downscope"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "refresh", [_common.oneFlight], (0, _getOwnPropertyDescriptor.default)(_obj, "refresh"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "revoke", [_common.oneFlight], (0, _getOwnPropertyDescriptor.default)(_obj, "revoke"), _obj)), _obj)));
 var _default = Token;
 exports.default = _default;

package/dist/lib/credentials/token.js.map

@@ -1 +1 @@
-{"version":3,"names":["_common","require","_commonTimers","_webexHttpError","_interopRequireDefault","_webexPlugin","_scope","_grantErrors","_interopRequireWildcard","_dec","_obj","_getRequireWildcardCache","nodeInterop","_WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","_typeof","default","cache","has","get","newObj","hasPropertyDescriptor","_Object$defineProperty","_Object$getOwnPropertyDescriptor2","key","Object","prototype","hasOwnProperty","call","desc","set","ownKeys","object","enumerableOnly","keys","_Object$keys","_Object$getOwnPropertySymbols","symbols","filter","sym","enumerable","push","apply","_objectSpread","target","i","arguments","length","source","forEach","_defineProperty2","_Object$getOwnPropertyDescriptors","_Object$defineProperties","processGrantError","res","statusCode","_promise","reject","ErrorConstructor","grantErrors","select","body","error","OAuthError","WebexHttpError","_res","Token","WebexPlugin","extend","oneFlight","keyFactory","scope","derived","canAuthorize","deps","fn","access_token","isExpired","canDownscope","config","client_id","canRefresh","inBrowser","refresh_token","refreshCallback","client_secret","expires","_isExpired","_string","token_type","concat","namespace","props","expires_in","refresh_token_expires","refresh_token_expires_in","type","session","previousToken","downscope","_this","logger","info","Error","trace","sortScope","webex","request","method","uri","tokenUrl","addAuthHeader","form","grant_type","token","self_contained_token","then","_assign","parent","initialize","_this2","attrs","undefined","options","_apply","_now","safeSetTimeout","refresh","_this3","promise","resolve","redirect_uri","auth","user","pass","sendImmediately","shouldRefreshAccessToken","_pick2","process","env","NODE_ENV","revoke","unset","catch","_this4","revokeUrl","token_type_hint","_this$_filterSetParam","_filterSetParameters","_this$_filterSetParam2","_slicedToArray2","includes","_attrs$access_token$s","split","_attrs$access_token$s2","now","toString","validate","_this5","service","resource","reason","convApi","CONVERSATION_SERVICE","CONVERSATION_SERVICE_URL","headers","authorization","version","_applyDecoratedDescriptor2","_getOwnPropertyDescriptor","_default","exports"],"sources":["token.js"],"sourcesContent":["/*!\r\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\r\n */\r\n\r\nimport {pick} from 'lodash';\r\nimport {inBrowser, oneFlight} from '@webex/common';\r\nimport {safeSetTimeout} from '@webex/common-timers';\r\n\r\nimport WebexHttpError from '../webex-http-error';\r\nimport WebexPlugin from '../webex-plugin';\r\n\r\nimport {sortScope} from './scope';\r\nimport grantErrors, {OAuthError} from './grant-errors';\r\n\r\n/* eslint-disable camelcase */\r\n\r\n/**\r\n * Parse response from CI and converts to structured error when appropriate\r\n * @param {WebexHttpError} res\r\n * @private\r\n * @returns {GrantError}\r\n */\r\nfunction processGrantError(res) {\r\n  if (res.statusCode !== 400) {\r\n    return Promise.reject(res);\r\n  }\r\n\r\n  const ErrorConstructor = grantErrors.select(res.body.error);\r\n\r\n  if (ErrorConstructor === OAuthError && res instanceof WebexHttpError) {\r\n    return Promise.reject(res);\r\n  }\r\n  if (!ErrorConstructor) {\r\n    return Promise.reject(res);\r\n  }\r\n\r\n  return Promise.reject(new ErrorConstructor(res._res || res));\r\n}\r\n\r\n/**\r\n * @class\r\n */\r\nconst Token = WebexPlugin.extend({\r\n  derived: {\r\n    /**\r\n     * Indicates if this token can be used in an auth header. `true` iff\r\n     * {@link Token#access_token} is defined and {@link Token#isExpired} is\r\n     * false.\r\n     * @instance\r\n     * @memberof Token\r\n     * @readonly\r\n     * @type {boolean}\r\n     */\r\n    canAuthorize: {\r\n      deps: ['access_token', 'isExpired'],\r\n      fn() {\r\n        return !!this.access_token && !this.isExpired;\r\n      },\r\n    },\r\n\r\n    /**\r\n     * Indicates that this token can be downscoped. `true` iff\r\n     * {@link config.credentials.client_id} is defined and if\r\n     * {@link Token#canAuthorize} is true\r\n     *\r\n     * Note: since {@link config} is not evented, we can't listen for changes to\r\n     * {@link config.credentials.client_id}. As such,\r\n     * {@link config.credentials.client_id} must always be set before\r\n     * instantiating a {@link Token}\r\n     * @instance\r\n     * @memberof Token\r\n     * @readonly\r\n     * @type {boolean}\r\n     */\r\n    canDownscope: {\r\n      deps: ['canAuthorize'],\r\n      fn() {\r\n        return this.canAuthorize && !!this.config.client_id;\r\n      },\r\n    },\r\n\r\n    /**\r\n     * Indicates if this token can be refreshed. `true` iff\r\n     * {@link Token@refresh_token} is defined and\r\n     * {@link config.credentials.refreshCallback()} is defined\r\n     *\r\n     * Note: since {@link config} is not evented, we can't listen for changes to\r\n     * {@link config.credentials.refreshCallback()}. As such,\r\n     * {@link config.credentials.refreshCallback()} must always be set before\r\n     * instantiating a {@link Token}\r\n     * @instance\r\n     * @memberof Token\r\n     * @readonly\r\n     * @type {boolean}\r\n     */\r\n    canRefresh: {\r\n      deps: ['refresh_token'],\r\n      fn() {\r\n        if (inBrowser) {\r\n          return !!this.refresh_token && !!this.config.refreshCallback;\r\n        }\r\n\r\n        return !!this.refresh_token && !!this.config.client_secret;\r\n      },\r\n    },\r\n\r\n    /**\r\n     * Indicates if this `Token` is expired. `true` iff {@link Token#expires} is\r\n     * defined and is less than {@link Date.now()}.\r\n     * @instance\r\n     * @memberof Token\r\n     * @readonly\r\n     * @type {boolean}\r\n     */\r\n    isExpired: {\r\n      deps: ['expires', '_isExpired'],\r\n      fn() {\r\n        // in order to avoid setting `cache:false`, we'll use a private property\r\n        // and a timer rather than comparing to `Date.now()`;\r\n        return !!this.expires && this._isExpired;\r\n      },\r\n    },\r\n\r\n    /**\r\n     * Cache for toString()\r\n     * @instance\r\n     * @memberof Token\r\n     * @private\r\n     * @readonly\r\n     * @type {string}\r\n     */\r\n    _string: {\r\n      deps: ['access_token', 'token_type'],\r\n      fn() {\r\n        if (!this.access_token || !this.token_type) {\r\n          return '';\r\n        }\r\n\r\n        return `${this.token_type} ${this.access_token}`;\r\n      },\r\n    },\r\n  },\r\n\r\n  namespace: 'Credentials',\r\n\r\n  props: {\r\n    /**\r\n     * Used for indexing in the credentials userTokens collection\r\n     * @instance\r\n     * @memberof Token\r\n     * @private\r\n     * @type {string}\r\n     */\r\n    scope: 'string',\r\n    /**\r\n     * @instance\r\n     * @memberof Token\r\n     * @type {string}\r\n     */\r\n    access_token: 'string',\r\n    /**\r\n     * @instance\r\n     * @memberof Token\r\n     * @type {number}\r\n     */\r\n    expires: 'number',\r\n    /**\r\n     * @instance\r\n     * @memberof Token\r\n     * @type {number}\r\n     */\r\n    expires_in: 'number',\r\n    /**\r\n     * @instance\r\n     * @memberof Token\r\n     * @type {string}\r\n     */\r\n    refresh_token: 'string',\r\n    /**\r\n     * @instance\r\n     * @memberof Token\r\n     * @type {number}\r\n     */\r\n    refresh_token_expires: 'number',\r\n    /**\r\n     * @instance\r\n     * @memberof Token\r\n     * @type {number}\r\n     */\r\n    refresh_token_expires_in: 'number',\r\n    /**\r\n     * @default \"Bearer\"\r\n     * @instance\r\n     * @memberof Token\r\n     * @type {string}\r\n     */\r\n    token_type: {\r\n      default: 'Bearer',\r\n      type: 'string',\r\n    },\r\n  },\r\n\r\n  session: {\r\n    /**\r\n     * Used by {@link Token#isExpired} to avoid doing a Date comparison.\r\n     * @instance\r\n     * @memberof Token\r\n     * @private\r\n     * @type {boolean}\r\n     */\r\n    _isExpired: {\r\n      default: false,\r\n      type: 'boolean',\r\n    },\r\n    /**\r\n     * Handle to the previous token that we'll revoke when we refresh this\r\n     * token. The idea is to keep allow two valid tokens when a refresh occurs;\r\n     * we don't want revoke a token that's in the middle of being used, so when\r\n     * we do a token refresh, we won't revoke the token being refreshed, but\r\n     * we'll revoke the previous one.\r\n     * @instance\r\n     * @memberof Token\r\n     * @private\r\n     * @type {Object}\r\n     */\r\n    previousToken: {\r\n      type: 'state',\r\n    },\r\n  },\r\n\r\n  @oneFlight({\r\n    keyFactory(scope) {\r\n      return scope;\r\n    },\r\n  })\r\n  /**\r\n   * Uses this token to request a new Token with a subset of this Token's scopes\r\n   * @instance\r\n   * @memberof Token\r\n   * @param {string} scope\r\n   * @returns {Promise<Token>}\r\n   */\r\n  downscope(scope) {\r\n    this.logger.info(`token: downscoping token to ${scope}`);\r\n\r\n    if (this.isExpired) {\r\n      this.logger.info('token: request received to downscope expired access_token');\r\n\r\n      return Promise.reject(new Error('cannot downscope expired access token'));\r\n    }\r\n\r\n    if (!this.canDownscope) {\r\n      if (this.config.client_id) {\r\n        this.logger.info('token: request received to downscope invalid access_token');\r\n      } else {\r\n        this.logger.trace('token: cannot downscope without client_id');\r\n      }\r\n\r\n      return Promise.reject(new Error('cannot downscope access token'));\r\n    }\r\n\r\n    // Since we're going to use scope as the index in our token collection, it's\r\n    // important scopes are always deterministically specified.\r\n    if (scope) {\r\n      scope = sortScope(scope);\r\n    }\r\n\r\n    // Ideally, we could depend on the service to communicate this error, but\r\n    // all we get is \"invalid scope\", which, to the lay person, implies\r\n    // something wrong with *one* of the scopes, not the whole thing.\r\n    if (scope === sortScope(this.config.scope)) {\r\n      return Promise.reject(new Error('token: scope reduction requires a reduced scope'));\r\n    }\r\n\r\n    return this.webex\r\n      .request({\r\n        method: 'POST',\r\n        uri: this.config.tokenUrl,\r\n        addAuthHeader: false,\r\n        form: {\r\n          grant_type: 'urn:cisco:oauth:grant-type:scope-reduction',\r\n          token: this.access_token,\r\n          scope,\r\n          client_id: this.config.client_id,\r\n          self_contained_token: true,\r\n        },\r\n      })\r\n      .then((res) => {\r\n        this.logger.info(`token: downscoped token to ${scope}`);\r\n\r\n        return new Token(Object.assign(res.body, {scope}), {parent: this.parent});\r\n      });\r\n  },\r\n\r\n  /**\r\n   * Initializer\r\n   * @instance\r\n   * @memberof Token\r\n   * @param {Object} [attrs={}]\r\n   * @param {Object} [options={}]\r\n   * @see {@link WebexPlugin#initialize()}\r\n   * @returns {Token}\r\n   */\r\n  initialize(attrs = {}, options = {}) {\r\n    Reflect.apply(WebexPlugin.prototype.initialize, this, [attrs, options]);\r\n\r\n    if (typeof attrs === 'string') {\r\n      this.access_token = attrs;\r\n    }\r\n\r\n    if (!this.access_token) {\r\n      throw new Error('`access_token` is required');\r\n    }\r\n\r\n    // We don't want the derived property `isExpired` to need {cache:false}, so\r\n    // we'll set up a timer the runs when this token should expire.\r\n    if (this.expires) {\r\n      if (this.expires < Date.now()) {\r\n        this._isExpired = true;\r\n      } else {\r\n        safeSetTimeout(() => {\r\n          this._isExpired = true;\r\n        }, this.expires - Date.now());\r\n      }\r\n    }\r\n  },\r\n\r\n  @oneFlight\r\n  /**\r\n   * Refreshes this Token. Relies on\r\n   * {@link config.credentials.refreshCallback()}\r\n   * @instance\r\n   * @memberof Token\r\n   * @returns {Promise<Token>}\r\n   */\r\n  refresh() {\r\n    if (!this.canRefresh) {\r\n      throw new Error('Not enough information available to refresh this access token');\r\n    }\r\n\r\n    let promise;\r\n\r\n    if (inBrowser) {\r\n      if (!this.config.refreshCallback) {\r\n        throw new Error('Cannot refresh access token without refreshCallback');\r\n      }\r\n\r\n      promise = Promise.resolve(this.config.refreshCallback(this.webex, this));\r\n    }\r\n\r\n    return (\r\n      promise ||\r\n      this.webex\r\n        .request({\r\n          method: 'POST',\r\n          uri: this.config.tokenUrl,\r\n          form: {\r\n            grant_type: 'refresh_token',\r\n            redirect_uri: this.config.redirect_uri,\r\n            refresh_token: this.refresh_token,\r\n          },\r\n          auth: {\r\n            user: this.config.client_id,\r\n            pass: this.config.client_secret,\r\n            sendImmediately: true,\r\n          },\r\n          shouldRefreshAccessToken: false,\r\n        })\r\n        .then((res) => res.body)\r\n    )\r\n      .then((obj) => {\r\n        if (!obj) {\r\n          throw new Error('token: refreshCallback() did not produce an object');\r\n        }\r\n        // If the authentication server did not send back a refresh token, copy\r\n        // the current refresh token and related values to the response (note:\r\n        // at time of implementation, CI never sends a new refresh token)\r\n        if (!obj.refresh_token) {\r\n          Object.assign(\r\n            obj,\r\n            pick(this, 'refresh_token', 'refresh_token_expires', 'refresh_token_expires_in')\r\n          );\r\n        }\r\n\r\n        // If the new token is the same as the previous token, then we may have\r\n        // found a bug in CI; log the details and reject the Promise\r\n        if (this.access_token === obj.access_token) {\r\n          this.logger.error('token: new token matches current token');\r\n          // log the tokens if it is not production\r\n          if (process.env.NODE_ENV !== 'production') {\r\n            this.logger.error('token: current token:', this.access_token);\r\n            this.logger.error('token: new token:', obj.access_token);\r\n          }\r\n\r\n          return Promise.reject(new Error('new token matches current token'));\r\n        }\r\n\r\n        if (this.previousToken) {\r\n          this.previousToken.revoke();\r\n          this.unset('previousToken');\r\n        }\r\n\r\n        obj.previousToken = this;\r\n        obj.scope = this.scope;\r\n\r\n        return new Token(obj, {parent: this.parent});\r\n      })\r\n      .catch(processGrantError);\r\n  },\r\n\r\n  @oneFlight\r\n  /**\r\n   * Revokes this token and unsets its local properties\r\n   * @instance\r\n   * @memberof Token\r\n   * @returns {Promise}\r\n   */\r\n  revoke() {\r\n    if (this.isExpired) {\r\n      this.logger.info('token: already expired, not making making revocation request');\r\n\r\n      return Promise.resolve();\r\n    }\r\n\r\n    if (!this.canAuthorize) {\r\n      this.logger.info('token: no longer valid, not making revocation request');\r\n\r\n      return Promise.resolve();\r\n    }\r\n\r\n    // FIXME we need to use the user token revocation endpoint to revoke a token\r\n    // without a client_secret, but it doesn't current support using a token to\r\n    // revoke itself\r\n    // Note: I'm not making a canRevoke property because there should be changes\r\n    // coming to the user token revocation endpoint that allow us to do this\r\n    // correctly.\r\n    if (!this.config.client_secret) {\r\n      this.logger.info('token: no client secret available, not making revocation request');\r\n\r\n      return Promise.resolve();\r\n    }\r\n\r\n    this.logger.info('token: revoking access token');\r\n\r\n    return this.webex\r\n      .request({\r\n        method: 'POST',\r\n        uri: this.config.revokeUrl,\r\n        form: {\r\n          token: this.access_token,\r\n          token_type_hint: 'access_token',\r\n        },\r\n        auth: {\r\n          user: this.config.client_id,\r\n          pass: this.config.client_secret,\r\n          sendImmediately: true,\r\n        },\r\n        shouldRefreshAccessToken: false,\r\n      })\r\n      .then(() => {\r\n        this.unset(['access_token', 'expires', 'expires_in', 'token_type']);\r\n        this.logger.info('token: access token revoked');\r\n      })\r\n      .catch(processGrantError);\r\n  },\r\n\r\n  set(...args) {\r\n    // eslint-disable-next-line prefer-const\r\n    let [attrs, options] = this._filterSetParameters(...args);\r\n\r\n    if (!attrs.token_type && attrs.access_token && attrs.access_token.includes(' ')) {\r\n      const [token_type, access_token] = attrs.access_token.split(' ');\r\n\r\n      attrs = {...attrs, access_token, token_type};\r\n    }\r\n    const now = Date.now();\r\n\r\n    if (!attrs.expires && attrs.expires_in) {\r\n      attrs.expires = now + attrs.expires_in * 1000;\r\n    }\r\n\r\n    if (!attrs.refresh_token_expires && attrs.refresh_token_expires_in) {\r\n      attrs.refresh_token_expires = now + attrs.refresh_token_expires_in * 1000;\r\n    }\r\n\r\n    if (attrs.scope) {\r\n      attrs.scope = sortScope(attrs.scope);\r\n    }\r\n\r\n    return Reflect.apply(WebexPlugin.prototype.set, this, [attrs, options]);\r\n  },\r\n\r\n  /**\r\n   * Renders the token object as an HTTP Header Value\r\n   * @instance\r\n   * @memberof Token\r\n   * @returns {string}\r\n   * @see {@link Object#toString()}\r\n   */\r\n  toString() {\r\n    if (!this._string) {\r\n      throw new Error('cannot stringify Token');\r\n    }\r\n\r\n    return this._string;\r\n  },\r\n\r\n  /**\r\n   * Uses a non-producation api to return information about this token. This\r\n   * method is primarily for tests and will throw if NODE_ENV === production\r\n   * @instance\r\n   * @memberof Token\r\n   * @private\r\n   * @returns {Promise}\r\n   */\r\n  validate() {\r\n    if (process.env.NODE_ENV === 'production') {\r\n      throw new Error('Token#validate() must not be used in production');\r\n    }\r\n\r\n    return this.webex\r\n      .request({\r\n        method: 'POST',\r\n        service: 'conversation',\r\n        resource: 'users/validateAuthToken',\r\n        body: {\r\n          token: this.access_token,\r\n        },\r\n      })\r\n      .catch((reason) => {\r\n        if ('statusCode' in reason) {\r\n          return Promise.reject(reason);\r\n        }\r\n        this.logger.info(\"REMINDER: If you're investigating a network error here, it's normal\");\r\n\r\n        // If we got an error that isn't a WebexHttpError, assume the problem is\r\n        // that we don't have the wdm plugin loaded and service/resource isn't\r\n        // a valid means of identifying a request.\r\n        const convApi =\r\n          process.env.CONVERSATION_SERVICE ||\r\n          process.env.CONVERSATION_SERVICE_URL ||\r\n          'https://conv-a.wbx2.com/conversation/api/v1';\r\n\r\n        return this.webex.request({\r\n          method: 'POST',\r\n          uri: `${convApi}/users/validateAuthToken`,\r\n          body: {\r\n            token: this.access_token,\r\n          },\r\n          headers: {\r\n            authorization: `Bearer ${this.access_token}`,\r\n          },\r\n        });\r\n      })\r\n      .then((res) => res.body);\r\n  },\r\n});\r\n\r\nexport default Token;\r\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAKA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,aAAA,GAAAD,OAAA;AAEA,IAAAE,eAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,YAAA,GAAAD,sBAAA,CAAAH,OAAA;AAEA,IAAAK,MAAA,GAAAL,OAAA;AACA,IAAAM,YAAA,GAAAC,uBAAA,CAAAP,OAAA;AAAuD,IAAAQ,IAAA,EAAAC,IAAA;AAAA,SAAAC,yBAAAC,WAAA,eAAAC,QAAA,kCAAAC,iBAAA,OAAAD,QAAA,QAAAE,gBAAA,OAAAF,QAAA,YAAAF,wBAAA,YAAAA,yBAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,aAAAE,OAAA,CAAAF,GAAA,yBAAAA,GAAA,4BAAAG,OAAA,EAAAH,GAAA,UAAAI,KAAA,GAAAT,wBAAA,CAAAC,WAAA,OAAAQ,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAL,GAAA,YAAAI,KAAA,CAAAE,GAAA,CAAAN,GAAA,SAAAO,MAAA,WAAAC,qBAAA,GAAAC,sBAAA,IAAAC,iCAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAC,MAAA,CAAAC,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAf,GAAA,EAAAW,GAAA,SAAAK,IAAA,GAAAR,qBAAA,GAAAE,iCAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAK,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,sBAAA,CAAAF,MAAA,EAAAI,GAAA,EAAAK,IAAA,YAAAT,MAAA,CAAAI,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAJ,MAAA,CAAAJ,OAAA,GAAAH,GAAA,MAAAI,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAjB,GAAA,EAAAO,MAAA,YAAAA,MAAA;AAAA,SAAAW,QAAAC,MAAA,EAAAC,cAAA,QAAAC,IAAA,GAAAC,YAAA,CAAAH,MAAA,OAAAI,6BAAA,QAAAC,OAAA,GAAAD,6BAAA,CAAAJ,MAAA,GAAAC,cAAA,KAAAI,OAAA,GAAAA,OAAA,CAAAC,MAAA,WAAAC,GAAA,WAAAhB,iCAAA,CAAAS,MAAA,EAAAO,GAAA,EAAAC,UAAA,OAAAN,IAAA,CAAAO,IAAA,CAAAC,KAAA,CAAAR,IAAA,EAAAG,OAAA,YAAAH,IAAA;AAAA,SAAAS,cAAAC,MAAA,aAAAC,CAAA,MAAAA,CAAA,GAAAC,SAAA,CAAAC,MAAA,EAAAF,CAAA,UAAAG,MAAA,WAAAF,SAAA,CAAAD,CAAA,IAAAC,SAAA,CAAAD,CAAA,QAAAA,CAAA,OAAAd,OAAA,CAAAN,MAAA,CAAAuB,MAAA,OAAAC,OAAA,WAAAzB,GAAA,QAAA0B,gBAAA,CAAAlC,OAAA,EAAA4B,MAAA,EAAApB,GAAA,EAAAwB,MAAA,CAAAxB,GAAA,SAAA2B,iCAAA,GAAAC,wBAAA,CAAAR,MAAA,EAAAO,iCAAA,CAAAH,MAAA,KAAAjB,OAAA,CAAAN,MAAA,CAAAuB,MAAA,GAAAC,OAAA,WAAAzB,GAAA,IAAAF,sBAAA,CAAAsB,MAAA,EAAApB,GAAA,EAAAD,iCAAA,CAAAyB,MAAA,EAAAxB,GAAA,iBAAAoB,MAAA;AAEvD;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,SAASS,iBAAiBA,CAACC,GAAG,EAAE;EAC9B,IAAIA,GAAG,CAACC,UAAU,KAAK,GAAG,EAAE;IAC1B,OAAOC,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAACH,GAAG,CAAC;EAC5B;EAEA,IAAMI,gBAAgB,GAAGC,oBAAW,CAACC,MAAM,CAACN,GAAG,CAACO,IAAI,CAACC,KAAK,CAAC;EAE3D,IAAIJ,gBAAgB,KAAKK,uBAAU,IAAIT,GAAG,YAAYU,uBAAc,EAAE;IACpE,OAAOR,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAACH,GAAG,CAAC;EAC5B;EACA,IAAI,CAACI,gBAAgB,EAAE;IACrB,OAAOF,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAACH,GAAG,CAAC;EAC5B;EAEA,OAAOE,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAAC,IAAIC,gBAAgB,CAACJ,GAAG,CAACW,IAAI,IAAIX,GAAG,CAAC,CAAC;AAC9D;;AAEA;AACA;AACA;AACA,IAAMY,KAAK,GAAGC,oBAAW,CAACC,MAAM,EAAA9D,IAAA,GA4L7B,IAAA+D,iBAAS,EAAC;EACTC,UAAU,WAAAA,WAACC,KAAK,EAAE;IAChB,OAAOA,KAAK;EACd;AACF,CAAC,CAAC,GAAAhE,IAAA,GAhM6B;EAC/BiE,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZC,IAAI,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;MACnCC,EAAE,WAAAA,GAAA,EAAG;QACH,OAAO,CAAC,CAAC,IAAI,CAACC,YAAY,IAAI,CAAC,IAAI,CAACC,SAAS;MAC/C;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZJ,IAAI,EAAE,CAAC,cAAc,CAAC;MACtBC,EAAE,WAAAA,GAAA,EAAG;QACH,OAAO,IAAI,CAACF,YAAY,IAAI,CAAC,CAAC,IAAI,CAACM,MAAM,CAACC,SAAS;MACrD;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,UAAU,EAAE;MACVP,IAAI,EAAE,CAAC,eAAe,CAAC;MACvBC,EAAE,WAAAA,GAAA,EAAG;QACH,IAAIO,iBAAS,EAAE;UACb,OAAO,CAAC,CAAC,IAAI,CAACC,aAAa,IAAI,CAAC,CAAC,IAAI,CAACJ,MAAM,CAACK,eAAe;QAC9D;QAEA,OAAO,CAAC,CAAC,IAAI,CAACD,aAAa,IAAI,CAAC,CAAC,IAAI,CAACJ,MAAM,CAACM,aAAa;MAC5D;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIR,SAAS,EAAE;MACTH,IAAI,EAAE,CAAC,SAAS,EAAE,YAAY,CAAC;MAC/BC,EAAE,WAAAA,GAAA,EAAG;QACH;QACA;QACA,OAAO,CAAC,CAAC,IAAI,CAACW,OAAO,IAAI,IAAI,CAACC,UAAU;MAC1C;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,OAAO,EAAE;MACPd,IAAI,EAAE,CAAC,cAAc,EAAE,YAAY,CAAC;MACpCC,EAAE,WAAAA,GAAA,EAAG;QACH,IAAI,CAAC,IAAI,CAACC,YAAY,IAAI,CAAC,IAAI,CAACa,UAAU,EAAE;UAC1C,OAAO,EAAE;QACX;QAEA,UAAAC,MAAA,CAAU,IAAI,CAACD,UAAU,OAAAC,MAAA,CAAI,IAAI,CAACd,YAAY;MAChD;IACF;EACF,CAAC;EAEDe,SAAS,EAAE,aAAa;EAExBC,KAAK,EAAE;IACL;AACJ;AACA;AACA;AACA;AACA;AACA;IACIrB,KAAK,EAAE,QAAQ;IACf;AACJ;AACA;AACA;AACA;IACIK,YAAY,EAAE,QAAQ;IACtB;AACJ;AACA;AACA;AACA;IACIU,OAAO,EAAE,QAAQ;IACjB;AACJ;AACA;AACA;AACA;IACIO,UAAU,EAAE,QAAQ;IACpB;AACJ;AACA;AACA;AACA;IACIV,aAAa,EAAE,QAAQ;IACvB;AACJ;AACA;AACA;AACA;IACIW,qBAAqB,EAAE,QAAQ;IAC/B;AACJ;AACA;AACA;AACA;IACIC,wBAAwB,EAAE,QAAQ;IAClC;AACJ;AACA;AACA;AACA;AACA;IACIN,UAAU,EAAE;MACVzE,OAAO,EAAE,QAAQ;MACjBgF,IAAI,EAAE;IACR;EACF,CAAC;EAEDC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;IACIV,UAAU,EAAE;MACVvE,OAAO,EAAE,KAAK;MACdgF,IAAI,EAAE;IACR,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIE,aAAa,EAAE;MACbF,IAAI,EAAE;IACR;EACF,CAAC;EAOD;AACF;AACA;AACA;AACA;AACA;AACA;EACEG,SAAS,WAAAA,UAAC5B,KAAK,EAAE;IAAA,IAAA6B,KAAA;IACf,IAAI,CAACC,MAAM,CAACC,IAAI,gCAAAZ,MAAA,CAAgCnB,KAAK,EAAG;IAExD,IAAI,IAAI,CAACM,SAAS,EAAE;MAClB,IAAI,CAACwB,MAAM,CAACC,IAAI,CAAC,2DAA2D,CAAC;MAE7E,OAAO9C,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAAC,IAAI8C,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3E;IAEA,IAAI,CAAC,IAAI,CAACzB,YAAY,EAAE;MACtB,IAAI,IAAI,CAACC,MAAM,CAACC,SAAS,EAAE;QACzB,IAAI,CAACqB,MAAM,CAACC,IAAI,CAAC,2DAA2D,CAAC;MAC/E,CAAC,MAAM;QACL,IAAI,CAACD,MAAM,CAACG,KAAK,CAAC,2CAA2C,CAAC;MAChE;MAEA,OAAOhD,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAAC,IAAI8C,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnE;;IAEA;IACA;IACA,IAAIhC,KAAK,EAAE;MACTA,KAAK,GAAG,IAAAkC,gBAAS,EAAClC,KAAK,CAAC;IAC1B;;IAEA;IACA;IACA;IACA,IAAIA,KAAK,KAAK,IAAAkC,gBAAS,EAAC,IAAI,CAAC1B,MAAM,CAACR,KAAK,CAAC,EAAE;MAC1C,OAAOf,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAAC,IAAI8C,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrF;IAEA,OAAO,IAAI,CAACG,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAAC+B,QAAQ;MACzBC,aAAa,EAAE,KAAK;MACpBC,IAAI,EAAE;QACJC,UAAU,EAAE,4CAA4C;QACxDC,KAAK,EAAE,IAAI,CAACtC,YAAY;QACxBL,KAAK,EAALA,KAAK;QACLS,SAAS,EAAE,IAAI,CAACD,MAAM,CAACC,SAAS;QAChCmC,oBAAoB,EAAE;MACxB;IACF,CAAC,CAAC,CACDC,IAAI,CAAC,UAAC9D,GAAG,EAAK;MACb8C,KAAI,CAACC,MAAM,CAACC,IAAI,+BAAAZ,MAAA,CAA+BnB,KAAK,EAAG;MAEvD,OAAO,IAAIL,KAAK,CAAC,IAAAmD,OAAA,CAAArG,OAAA,EAAcsC,GAAG,CAACO,IAAI,EAAE;QAACU,KAAK,EAALA;MAAK,CAAC,CAAC,EAAE;QAAC+C,MAAM,EAAElB,KAAI,CAACkB;MAAM,CAAC,CAAC;IAC3E,CAAC,CAAC;EACN,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,UAAU,WAAAA,WAAA,EAA2B;IAAA,IAAAC,MAAA;IAAA,IAA1BC,KAAK,GAAA3E,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAA4E,SAAA,GAAA5E,SAAA,MAAG,CAAC,CAAC;IAAA,IAAE6E,OAAO,GAAA7E,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAA4E,SAAA,GAAA5E,SAAA,MAAG,CAAC,CAAC;IACjC,IAAA8E,MAAA,CAAA5G,OAAA,EAAcmD,oBAAW,CAACzC,SAAS,CAAC6F,UAAU,EAAE,IAAI,EAAE,CAACE,KAAK,EAAEE,OAAO,CAAC,CAAC;IAEvE,IAAI,OAAOF,KAAK,KAAK,QAAQ,EAAE;MAC7B,IAAI,CAAC7C,YAAY,GAAG6C,KAAK;IAC3B;IAEA,IAAI,CAAC,IAAI,CAAC7C,YAAY,EAAE;MACtB,MAAM,IAAI2B,KAAK,CAAC,4BAA4B,CAAC;IAC/C;;IAEA;IACA;IACA,IAAI,IAAI,CAACjB,OAAO,EAAE;MAChB,IAAI,IAAI,CAACA,OAAO,GAAG,IAAAuC,IAAA,CAAA7G,OAAA,GAAU,EAAE;QAC7B,IAAI,CAACuE,UAAU,GAAG,IAAI;MACxB,CAAC,MAAM;QACL,IAAAuC,4BAAc,EAAC,YAAM;UACnBN,MAAI,CAACjC,UAAU,GAAG,IAAI;QACxB,CAAC,EAAE,IAAI,CAACD,OAAO,GAAG,IAAAuC,IAAA,CAAA7G,OAAA,GAAU,CAAC;MAC/B;IACF;EACF,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;AACA;EACE+G,OAAO,WAAAA,QAAA,EAAG;IAAA,IAAAC,MAAA;IACR,IAAI,CAAC,IAAI,CAAC/C,UAAU,EAAE;MACpB,MAAM,IAAIsB,KAAK,CAAC,+DAA+D,CAAC;IAClF;IAEA,IAAI0B,OAAO;IAEX,IAAI/C,iBAAS,EAAE;MACb,IAAI,CAAC,IAAI,CAACH,MAAM,CAACK,eAAe,EAAE;QAChC,MAAM,IAAImB,KAAK,CAAC,qDAAqD,CAAC;MACxE;MAEA0B,OAAO,GAAGzE,QAAA,CAAAxC,OAAA,CAAQkH,OAAO,CAAC,IAAI,CAACnD,MAAM,CAACK,eAAe,CAAC,IAAI,CAACsB,KAAK,EAAE,IAAI,CAAC,CAAC;IAC1E;IAEA,OAAO,CACLuB,OAAO,IACP,IAAI,CAACvB,KAAK,CACPC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAAC+B,QAAQ;MACzBE,IAAI,EAAE;QACJC,UAAU,EAAE,eAAe;QAC3BkB,YAAY,EAAE,IAAI,CAACpD,MAAM,CAACoD,YAAY;QACtChD,aAAa,EAAE,IAAI,CAACA;MACtB,CAAC;MACDiD,IAAI,EAAE;QACJC,IAAI,EAAE,IAAI,CAACtD,MAAM,CAACC,SAAS;QAC3BsD,IAAI,EAAE,IAAI,CAACvD,MAAM,CAACM,aAAa;QAC/BkD,eAAe,EAAE;MACnB,CAAC;MACDC,wBAAwB,EAAE;IAC5B,CAAC,CAAC,CACDpB,IAAI,CAAC,UAAC9D,GAAG;MAAA,OAAKA,GAAG,CAACO,IAAI;IAAA,EAAC,EAEzBuD,IAAI,CAAC,UAACvG,GAAG,EAAK;MACb,IAAI,CAACA,GAAG,EAAE;QACR,MAAM,IAAI0F,KAAK,CAAC,oDAAoD,CAAC;MACvE;MACA;MACA;MACA;MACA,IAAI,CAAC1F,GAAG,CAACsE,aAAa,EAAE;QACtB,IAAAkC,OAAA,CAAArG,OAAA,EACEH,GAAG,EACH,IAAA4H,MAAA,CAAAzH,OAAA,EAAKgH,MAAI,EAAE,eAAe,EAAE,uBAAuB,EAAE,0BAA0B,CAAC,CACjF;MACH;;MAEA;MACA;MACA,IAAIA,MAAI,CAACpD,YAAY,KAAK/D,GAAG,CAAC+D,YAAY,EAAE;QAC1CoD,MAAI,CAAC3B,MAAM,CAACvC,KAAK,CAAC,wCAAwC,CAAC;QAC3D;QACA,IAAI4E,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;UACzCZ,MAAI,CAAC3B,MAAM,CAACvC,KAAK,CAAC,uBAAuB,EAAEkE,MAAI,CAACpD,YAAY,CAAC;UAC7DoD,MAAI,CAAC3B,MAAM,CAACvC,KAAK,CAAC,mBAAmB,EAAEjD,GAAG,CAAC+D,YAAY,CAAC;QAC1D;QAEA,OAAOpB,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAAC,IAAI8C,KAAK,CAAC,iCAAiC,CAAC,CAAC;MACrE;MAEA,IAAIyB,MAAI,CAAC9B,aAAa,EAAE;QACtB8B,MAAI,CAAC9B,aAAa,CAAC2C,MAAM,EAAE;QAC3Bb,MAAI,CAACc,KAAK,CAAC,eAAe,CAAC;MAC7B;MAEAjI,GAAG,CAACqF,aAAa,GAAG8B,MAAI;MACxBnH,GAAG,CAAC0D,KAAK,GAAGyD,MAAI,CAACzD,KAAK;MAEtB,OAAO,IAAIL,KAAK,CAACrD,GAAG,EAAE;QAACyG,MAAM,EAAEU,MAAI,CAACV;MAAM,CAAC,CAAC;IAC9C,CAAC,CAAC,CACDyB,KAAK,CAAC1F,iBAAiB,CAAC;EAC7B,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;EACEwF,MAAM,WAAAA,OAAA,EAAG;IAAA,IAAAG,MAAA;IACP,IAAI,IAAI,CAACnE,SAAS,EAAE;MAClB,IAAI,CAACwB,MAAM,CAACC,IAAI,CAAC,8DAA8D,CAAC;MAEhF,OAAO9C,QAAA,CAAAxC,OAAA,CAAQkH,OAAO,EAAE;IAC1B;IAEA,IAAI,CAAC,IAAI,CAACzD,YAAY,EAAE;MACtB,IAAI,CAAC4B,MAAM,CAACC,IAAI,CAAC,uDAAuD,CAAC;MAEzE,OAAO9C,QAAA,CAAAxC,OAAA,CAAQkH,OAAO,EAAE;IAC1B;;IAEA;IACA;IACA;IACA;IACA;IACA;IACA,IAAI,CAAC,IAAI,CAACnD,MAAM,CAACM,aAAa,EAAE;MAC9B,IAAI,CAACgB,MAAM,CAACC,IAAI,CAAC,kEAAkE,CAAC;MAEpF,OAAO9C,QAAA,CAAAxC,OAAA,CAAQkH,OAAO,EAAE;IAC1B;IAEA,IAAI,CAAC7B,MAAM,CAACC,IAAI,CAAC,8BAA8B,CAAC;IAEhD,OAAO,IAAI,CAACI,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAACkE,SAAS;MAC1BjC,IAAI,EAAE;QACJE,KAAK,EAAE,IAAI,CAACtC,YAAY;QACxBsE,eAAe,EAAE;MACnB,CAAC;MACDd,IAAI,EAAE;QACJC,IAAI,EAAE,IAAI,CAACtD,MAAM,CAACC,SAAS;QAC3BsD,IAAI,EAAE,IAAI,CAACvD,MAAM,CAACM,aAAa;QAC/BkD,eAAe,EAAE;MACnB,CAAC;MACDC,wBAAwB,EAAE;IAC5B,CAAC,CAAC,CACDpB,IAAI,CAAC,YAAM;MACV4B,MAAI,CAACF,KAAK,CAAC,CAAC,cAAc,EAAE,SAAS,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;MACnEE,MAAI,CAAC3C,MAAM,CAACC,IAAI,CAAC,6BAA6B,CAAC;IACjD,CAAC,CAAC,CACDyC,KAAK,CAAC1F,iBAAiB,CAAC;EAC7B,CAAC;EAEDvB,GAAG,WAAAA,IAAA,EAAU;IACX;IACA,IAAAqH,qBAAA,GAAuB,IAAI,CAACC,oBAAoB,CAAA1G,KAAA,CAAzB,IAAI,EAAAI,SAAA,CAA8B;MAAAuG,sBAAA,OAAAC,eAAA,CAAAtI,OAAA,EAAAmI,qBAAA;MAApD1B,KAAK,GAAA4B,sBAAA;MAAE1B,OAAO,GAAA0B,sBAAA;IAEnB,IAAI,CAAC5B,KAAK,CAAChC,UAAU,IAAIgC,KAAK,CAAC7C,YAAY,IAAI6C,KAAK,CAAC7C,YAAY,CAAC2E,QAAQ,CAAC,GAAG,CAAC,EAAE;MAC/E,IAAAC,qBAAA,GAAmC/B,KAAK,CAAC7C,YAAY,CAAC6E,KAAK,CAAC,GAAG,CAAC;QAAAC,sBAAA,OAAAJ,eAAA,CAAAtI,OAAA,EAAAwI,qBAAA;QAAzD/D,UAAU,GAAAiE,sBAAA;QAAE9E,YAAY,GAAA8E,sBAAA;MAE/BjC,KAAK,GAAA9E,aAAA,CAAAA,aAAA,KAAO8E,KAAK;QAAE7C,YAAY,EAAZA,YAAY;QAAEa,UAAU,EAAVA;MAAU,EAAC;IAC9C;IACA,IAAMkE,GAAG,GAAG,IAAA9B,IAAA,CAAA7G,OAAA,GAAU;IAEtB,IAAI,CAACyG,KAAK,CAACnC,OAAO,IAAImC,KAAK,CAAC5B,UAAU,EAAE;MACtC4B,KAAK,CAACnC,OAAO,GAAGqE,GAAG,GAAGlC,KAAK,CAAC5B,UAAU,GAAG,IAAI;IAC/C;IAEA,IAAI,CAAC4B,KAAK,CAAC3B,qBAAqB,IAAI2B,KAAK,CAAC1B,wBAAwB,EAAE;MAClE0B,KAAK,CAAC3B,qBAAqB,GAAG6D,GAAG,GAAGlC,KAAK,CAAC1B,wBAAwB,GAAG,IAAI;IAC3E;IAEA,IAAI0B,KAAK,CAAClD,KAAK,EAAE;MACfkD,KAAK,CAAClD,KAAK,GAAG,IAAAkC,gBAAS,EAACgB,KAAK,CAAClD,KAAK,CAAC;IACtC;IAEA,OAAO,IAAAqD,MAAA,CAAA5G,OAAA,EAAcmD,oBAAW,CAACzC,SAAS,CAACI,GAAG,EAAE,IAAI,EAAE,CAAC2F,KAAK,EAAEE,OAAO,CAAC,CAAC;EACzE,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;EACEiC,QAAQ,WAAAA,SAAA,EAAG;IACT,IAAI,CAAC,IAAI,CAACpE,OAAO,EAAE;MACjB,MAAM,IAAIe,KAAK,CAAC,wBAAwB,CAAC;IAC3C;IAEA,OAAO,IAAI,CAACf,OAAO;EACrB,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEqE,QAAQ,WAAAA,SAAA,EAAG;IAAA,IAAAC,MAAA;IACT,IAAIpB,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;MACzC,MAAM,IAAIrC,KAAK,CAAC,iDAAiD,CAAC;IACpE;IAEA,OAAO,IAAI,CAACG,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdmD,OAAO,EAAE,cAAc;MACvBC,QAAQ,EAAE,yBAAyB;MACnCnG,IAAI,EAAE;QACJqD,KAAK,EAAE,IAAI,CAACtC;MACd;IACF,CAAC,CAAC,CACDmE,KAAK,CAAC,UAACkB,MAAM,EAAK;MACjB,IAAI,YAAY,IAAIA,MAAM,EAAE;QAC1B,OAAOzG,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAACwG,MAAM,CAAC;MAC/B;MACAH,MAAI,CAACzD,MAAM,CAACC,IAAI,CAAC,qEAAqE,CAAC;;MAEvF;MACA;MACA;MACA,IAAM4D,OAAO,GACXxB,OAAO,CAACC,GAAG,CAACwB,oBAAoB,IAChCzB,OAAO,CAACC,GAAG,CAACyB,wBAAwB,IACpC,6CAA6C;MAE/C,OAAON,MAAI,CAACpD,KAAK,CAACC,OAAO,CAAC;QACxBC,MAAM,EAAE,MAAM;QACdC,GAAG,KAAAnB,MAAA,CAAKwE,OAAO,6BAA0B;QACzCrG,IAAI,EAAE;UACJqD,KAAK,EAAE4C,MAAI,CAAClF;QACd,CAAC;QACDyF,OAAO,EAAE;UACPC,aAAa,YAAA5E,MAAA,CAAYoE,MAAI,CAAClF,YAAY;QAC5C;MACF,CAAC,CAAC;IACJ,CAAC,CAAC,CACDwC,IAAI,CAAC,UAAC9D,GAAG;MAAA,OAAKA,GAAG,CAACO,IAAI;IAAA,EAAC;EAC5B,CAAC;EAAA0G,OAAA;AACH,CAAC,OAAAC,0BAAA,CAAAxJ,OAAA,EAAAT,IAAA,gBAAAD,IAAA,OAAAmK,yBAAA,CAAAzJ,OAAA,EAAAT,IAAA,gBAAAA,IAAA,OAAAiK,0BAAA,CAAAxJ,OAAA,EAAAT,IAAA,cArOE8D,iBAAS,OAAAoG,yBAAA,CAAAzJ,OAAA,EAAAT,IAAA,cAAAA,IAAA,OAAAiK,0BAAA,CAAAxJ,OAAA,EAAAT,IAAA,aAmFT8D,iBAAS,OAAAoG,yBAAA,CAAAzJ,OAAA,EAAAT,IAAA,aAAAA,IAAA,IAAAA,IAAA,GAkJV;AAAC,IAAAmK,QAAA,GAEYxG,KAAK;AAAAyG,OAAA,CAAA3J,OAAA,GAAA0J,QAAA"}
+{"version":3,"names":["_common","require","_commonTimers","_webexHttpError","_interopRequireDefault","_webexPlugin","_scope","_grantErrors","_interopRequireWildcard","_dec","_obj","_getRequireWildcardCache","nodeInterop","_WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","_typeof","default","cache","has","get","newObj","hasPropertyDescriptor","_Object$defineProperty","_Object$getOwnPropertyDescriptor2","key","Object","prototype","hasOwnProperty","call","desc","set","ownKeys","object","enumerableOnly","keys","_Object$keys","_Object$getOwnPropertySymbols","symbols","filter","sym","enumerable","push","apply","_objectSpread","target","i","arguments","length","source","forEach","_defineProperty2","_Object$getOwnPropertyDescriptors","_Object$defineProperties","processGrantError","res","statusCode","_promise","reject","ErrorConstructor","grantErrors","select","body","error","OAuthError","WebexHttpError","_res","Token","WebexPlugin","extend","oneFlight","keyFactory","scope","derived","canAuthorize","deps","fn","access_token","isExpired","canDownscope","config","client_id","canRefresh","inBrowser","refresh_token","refreshCallback","client_secret","expires","_isExpired","_string","token_type","concat","namespace","props","expires_in","refresh_token_expires","refresh_token_expires_in","type","session","previousToken","downscope","_this","logger","info","Error","trace","sortScope","webex","request","method","uri","tokenUrl","addAuthHeader","form","grant_type","token","self_contained_token","then","_assign","parent","initialize","_this2","attrs","undefined","options","_apply","_now","safeSetTimeout","refresh","_this3","promise","resolve","redirect_uri","auth","user","pass","sendImmediately","shouldRefreshAccessToken","_pick2","process","env","NODE_ENV","revoke","unset","catch","_this4","revokeUrl","token_type_hint","_this$_filterSetParam","_filterSetParameters","_this$_filterSetParam2","_slicedToArray2","includes","_attrs$access_token$s","split","_attrs$access_token$s2","now","toString","validate","_this5","service","resource","reason","convApi","CONVERSATION_SERVICE","CONVERSATION_SERVICE_URL","headers","authorization","version","_applyDecoratedDescriptor2","_getOwnPropertyDescriptor","_default","exports"],"sources":["token.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport {pick} from 'lodash';\nimport {inBrowser, oneFlight} from '@webex/common';\nimport {safeSetTimeout} from '@webex/common-timers';\n\nimport WebexHttpError from '../webex-http-error';\nimport WebexPlugin from '../webex-plugin';\n\nimport {sortScope} from './scope';\nimport grantErrors, {OAuthError} from './grant-errors';\n\n/* eslint-disable camelcase */\n\n/**\n * Parse response from CI and converts to structured error when appropriate\n * @param {WebexHttpError} res\n * @private\n * @returns {GrantError}\n */\nfunction processGrantError(res) {\n  if (res.statusCode !== 400) {\n    return Promise.reject(res);\n  }\n\n  const ErrorConstructor = grantErrors.select(res.body.error);\n\n  if (ErrorConstructor === OAuthError && res instanceof WebexHttpError) {\n    return Promise.reject(res);\n  }\n  if (!ErrorConstructor) {\n    return Promise.reject(res);\n  }\n\n  return Promise.reject(new ErrorConstructor(res._res || res));\n}\n\n/**\n * @class\n */\nconst Token = WebexPlugin.extend({\n  derived: {\n    /**\n     * Indicates if this token can be used in an auth header. `true` iff\n     * {@link Token#access_token} is defined and {@link Token#isExpired} is\n     * false.\n     * @instance\n     * @memberof Token\n     * @readonly\n     * @type {boolean}\n     */\n    canAuthorize: {\n      deps: ['access_token', 'isExpired'],\n      fn() {\n        return !!this.access_token && !this.isExpired;\n      },\n    },\n\n    /**\n     * Indicates that this token can be downscoped. `true` iff\n     * {@link config.credentials.client_id} is defined and if\n     * {@link Token#canAuthorize} is true\n     *\n     * Note: since {@link config} is not evented, we can't listen for changes to\n     * {@link config.credentials.client_id}. As such,\n     * {@link config.credentials.client_id} must always be set before\n     * instantiating a {@link Token}\n     * @instance\n     * @memberof Token\n     * @readonly\n     * @type {boolean}\n     */\n    canDownscope: {\n      deps: ['canAuthorize'],\n      fn() {\n        return this.canAuthorize && !!this.config.client_id;\n      },\n    },\n\n    /**\n     * Indicates if this token can be refreshed. `true` iff\n     * {@link Token@refresh_token} is defined and\n     * {@link config.credentials.refreshCallback()} is defined\n     *\n     * Note: since {@link config} is not evented, we can't listen for changes to\n     * {@link config.credentials.refreshCallback()}. As such,\n     * {@link config.credentials.refreshCallback()} must always be set before\n     * instantiating a {@link Token}\n     * @instance\n     * @memberof Token\n     * @readonly\n     * @type {boolean}\n     */\n    canRefresh: {\n      deps: ['refresh_token'],\n      fn() {\n        if (inBrowser) {\n          return !!this.refresh_token && !!this.config.refreshCallback;\n        }\n\n        return !!this.refresh_token && !!this.config.client_secret;\n      },\n    },\n\n    /**\n     * Indicates if this `Token` is expired. `true` iff {@link Token#expires} is\n     * defined and is less than {@link Date.now()}.\n     * @instance\n     * @memberof Token\n     * @readonly\n     * @type {boolean}\n     */\n    isExpired: {\n      deps: ['expires', '_isExpired'],\n      fn() {\n        // in order to avoid setting `cache:false`, we'll use a private property\n        // and a timer rather than comparing to `Date.now()`;\n        return !!this.expires && this._isExpired;\n      },\n    },\n\n    /**\n     * Cache for toString()\n     * @instance\n     * @memberof Token\n     * @private\n     * @readonly\n     * @type {string}\n     */\n    _string: {\n      deps: ['access_token', 'token_type'],\n      fn() {\n        if (!this.access_token || !this.token_type) {\n          return '';\n        }\n\n        return `${this.token_type} ${this.access_token}`;\n      },\n    },\n  },\n\n  namespace: 'Credentials',\n\n  props: {\n    /**\n     * Used for indexing in the credentials userTokens collection\n     * @instance\n     * @memberof Token\n     * @private\n     * @type {string}\n     */\n    scope: 'string',\n    /**\n     * @instance\n     * @memberof Token\n     * @type {string}\n     */\n    access_token: 'string',\n    /**\n     * @instance\n     * @memberof Token\n     * @type {number}\n     */\n    expires: 'number',\n    /**\n     * @instance\n     * @memberof Token\n     * @type {number}\n     */\n    expires_in: 'number',\n    /**\n     * @instance\n     * @memberof Token\n     * @type {string}\n     */\n    refresh_token: 'string',\n    /**\n     * @instance\n     * @memberof Token\n     * @type {number}\n     */\n    refresh_token_expires: 'number',\n    /**\n     * @instance\n     * @memberof Token\n     * @type {number}\n     */\n    refresh_token_expires_in: 'number',\n    /**\n     * @default \"Bearer\"\n     * @instance\n     * @memberof Token\n     * @type {string}\n     */\n    token_type: {\n      default: 'Bearer',\n      type: 'string',\n    },\n  },\n\n  session: {\n    /**\n     * Used by {@link Token#isExpired} to avoid doing a Date comparison.\n     * @instance\n     * @memberof Token\n     * @private\n     * @type {boolean}\n     */\n    _isExpired: {\n      default: false,\n      type: 'boolean',\n    },\n    /**\n     * Handle to the previous token that we'll revoke when we refresh this\n     * token. The idea is to keep allow two valid tokens when a refresh occurs;\n     * we don't want revoke a token that's in the middle of being used, so when\n     * we do a token refresh, we won't revoke the token being refreshed, but\n     * we'll revoke the previous one.\n     * @instance\n     * @memberof Token\n     * @private\n     * @type {Object}\n     */\n    previousToken: {\n      type: 'state',\n    },\n  },\n\n  @oneFlight({\n    keyFactory(scope) {\n      return scope;\n    },\n  })\n  /**\n   * Uses this token to request a new Token with a subset of this Token's scopes\n   * @instance\n   * @memberof Token\n   * @param {string} scope\n   * @returns {Promise<Token>}\n   */\n  downscope(scope) {\n    this.logger.info(`token: downscoping token to ${scope}`);\n\n    if (this.isExpired) {\n      this.logger.info('token: request received to downscope expired access_token');\n\n      return Promise.reject(new Error('cannot downscope expired access token'));\n    }\n\n    if (!this.canDownscope) {\n      if (this.config.client_id) {\n        this.logger.info('token: request received to downscope invalid access_token');\n      } else {\n        this.logger.trace('token: cannot downscope without client_id');\n      }\n\n      return Promise.reject(new Error('cannot downscope access token'));\n    }\n\n    // Since we're going to use scope as the index in our token collection, it's\n    // important scopes are always deterministically specified.\n    if (scope) {\n      scope = sortScope(scope);\n    }\n\n    // Ideally, we could depend on the service to communicate this error, but\n    // all we get is \"invalid scope\", which, to the lay person, implies\n    // something wrong with *one* of the scopes, not the whole thing.\n    if (scope === sortScope(this.config.scope)) {\n      return Promise.reject(new Error('token: scope reduction requires a reduced scope'));\n    }\n\n    return this.webex\n      .request({\n        method: 'POST',\n        uri: this.config.tokenUrl,\n        addAuthHeader: false,\n        form: {\n          grant_type: 'urn:cisco:oauth:grant-type:scope-reduction',\n          token: this.access_token,\n          scope,\n          client_id: this.config.client_id,\n          self_contained_token: true,\n        },\n      })\n      .then((res) => {\n        this.logger.info(`token: downscoped token to ${scope}`);\n\n        return new Token(Object.assign(res.body, {scope}), {parent: this.parent});\n      });\n  },\n\n  /**\n   * Initializer\n   * @instance\n   * @memberof Token\n   * @param {Object} [attrs={}]\n   * @param {Object} [options={}]\n   * @see {@link WebexPlugin#initialize()}\n   * @returns {Token}\n   */\n  initialize(attrs = {}, options = {}) {\n    Reflect.apply(WebexPlugin.prototype.initialize, this, [attrs, options]);\n\n    if (typeof attrs === 'string') {\n      this.access_token = attrs;\n    }\n\n    if (!this.access_token) {\n      throw new Error('`access_token` is required');\n    }\n\n    // We don't want the derived property `isExpired` to need {cache:false}, so\n    // we'll set up a timer the runs when this token should expire.\n    if (this.expires) {\n      if (this.expires < Date.now()) {\n        this._isExpired = true;\n      } else {\n        safeSetTimeout(() => {\n          this._isExpired = true;\n        }, this.expires - Date.now());\n      }\n    }\n  },\n\n  @oneFlight\n  /**\n   * Refreshes this Token. Relies on\n   * {@link config.credentials.refreshCallback()}\n   * @instance\n   * @memberof Token\n   * @returns {Promise<Token>}\n   */\n  refresh() {\n    if (!this.canRefresh) {\n      throw new Error('Not enough information available to refresh this access token');\n    }\n\n    let promise;\n\n    if (inBrowser) {\n      if (!this.config.refreshCallback) {\n        throw new Error('Cannot refresh access token without refreshCallback');\n      }\n\n      promise = Promise.resolve(this.config.refreshCallback(this.webex, this));\n    }\n\n    return (\n      promise ||\n      this.webex\n        .request({\n          method: 'POST',\n          uri: this.config.tokenUrl,\n          form: {\n            grant_type: 'refresh_token',\n            redirect_uri: this.config.redirect_uri,\n            refresh_token: this.refresh_token,\n          },\n          auth: {\n            user: this.config.client_id,\n            pass: this.config.client_secret,\n            sendImmediately: true,\n          },\n          shouldRefreshAccessToken: false,\n        })\n        .then((res) => res.body)\n    )\n      .then((obj) => {\n        if (!obj) {\n          throw new Error('token: refreshCallback() did not produce an object');\n        }\n        // If the authentication server did not send back a refresh token, copy\n        // the current refresh token and related values to the response (note:\n        // at time of implementation, CI never sends a new refresh token)\n        if (!obj.refresh_token) {\n          Object.assign(\n            obj,\n            pick(this, 'refresh_token', 'refresh_token_expires', 'refresh_token_expires_in')\n          );\n        }\n\n        // If the new token is the same as the previous token, then we may have\n        // found a bug in CI; log the details and reject the Promise\n        if (this.access_token === obj.access_token) {\n          this.logger.error('token: new token matches current token');\n          // log the tokens if it is not production\n          if (process.env.NODE_ENV !== 'production') {\n            this.logger.error('token: current token:', this.access_token);\n            this.logger.error('token: new token:', obj.access_token);\n          }\n\n          return Promise.reject(new Error('new token matches current token'));\n        }\n\n        if (this.previousToken) {\n          this.previousToken.revoke();\n          this.unset('previousToken');\n        }\n\n        obj.previousToken = this;\n        obj.scope = this.scope;\n\n        return new Token(obj, {parent: this.parent});\n      })\n      .catch(processGrantError);\n  },\n\n  @oneFlight\n  /**\n   * Revokes this token and unsets its local properties\n   * @instance\n   * @memberof Token\n   * @returns {Promise}\n   */\n  revoke() {\n    if (this.isExpired) {\n      this.logger.info('token: already expired, not making making revocation request');\n\n      return Promise.resolve();\n    }\n\n    if (!this.canAuthorize) {\n      this.logger.info('token: no longer valid, not making revocation request');\n\n      return Promise.resolve();\n    }\n\n    // FIXME we need to use the user token revocation endpoint to revoke a token\n    // without a client_secret, but it doesn't current support using a token to\n    // revoke itself\n    // Note: I'm not making a canRevoke property because there should be changes\n    // coming to the user token revocation endpoint that allow us to do this\n    // correctly.\n    if (!this.config.client_secret) {\n      this.logger.info('token: no client secret available, not making revocation request');\n\n      return Promise.resolve();\n    }\n\n    this.logger.info('token: revoking access token');\n\n    return this.webex\n      .request({\n        method: 'POST',\n        uri: this.config.revokeUrl,\n        form: {\n          token: this.access_token,\n          token_type_hint: 'access_token',\n        },\n        auth: {\n          user: this.config.client_id,\n          pass: this.config.client_secret,\n          sendImmediately: true,\n        },\n        shouldRefreshAccessToken: false,\n      })\n      .then(() => {\n        this.unset(['access_token', 'expires', 'expires_in', 'token_type']);\n        this.logger.info('token: access token revoked');\n      })\n      .catch(processGrantError);\n  },\n\n  set(...args) {\n    // eslint-disable-next-line prefer-const\n    let [attrs, options] = this._filterSetParameters(...args);\n\n    if (!attrs.token_type && attrs.access_token && attrs.access_token.includes(' ')) {\n      const [token_type, access_token] = attrs.access_token.split(' ');\n\n      attrs = {...attrs, access_token, token_type};\n    }\n    const now = Date.now();\n\n    if (!attrs.expires && attrs.expires_in) {\n      attrs.expires = now + attrs.expires_in * 1000;\n    }\n\n    if (!attrs.refresh_token_expires && attrs.refresh_token_expires_in) {\n      attrs.refresh_token_expires = now + attrs.refresh_token_expires_in * 1000;\n    }\n\n    if (attrs.scope) {\n      attrs.scope = sortScope(attrs.scope);\n    }\n\n    return Reflect.apply(WebexPlugin.prototype.set, this, [attrs, options]);\n  },\n\n  /**\n   * Renders the token object as an HTTP Header Value\n   * @instance\n   * @memberof Token\n   * @returns {string}\n   * @see {@link Object#toString()}\n   */\n  toString() {\n    if (!this._string) {\n      throw new Error('cannot stringify Token');\n    }\n\n    return this._string;\n  },\n\n  /**\n   * Uses a non-producation api to return information about this token. This\n   * method is primarily for tests and will throw if NODE_ENV === production\n   * @instance\n   * @memberof Token\n   * @private\n   * @returns {Promise}\n   */\n  validate() {\n    if (process.env.NODE_ENV === 'production') {\n      throw new Error('Token#validate() must not be used in production');\n    }\n\n    return this.webex\n      .request({\n        method: 'POST',\n        service: 'conversation',\n        resource: 'users/validateAuthToken',\n        body: {\n          token: this.access_token,\n        },\n      })\n      .catch((reason) => {\n        if ('statusCode' in reason) {\n          return Promise.reject(reason);\n        }\n        this.logger.info(\"REMINDER: If you're investigating a network error here, it's normal\");\n\n        // If we got an error that isn't a WebexHttpError, assume the problem is\n        // that we don't have the wdm plugin loaded and service/resource isn't\n        // a valid means of identifying a request.\n        const convApi =\n          process.env.CONVERSATION_SERVICE ||\n          process.env.CONVERSATION_SERVICE_URL ||\n          'https://conv-a.wbx2.com/conversation/api/v1';\n\n        return this.webex.request({\n          method: 'POST',\n          uri: `${convApi}/users/validateAuthToken`,\n          body: {\n            token: this.access_token,\n          },\n          headers: {\n            authorization: `Bearer ${this.access_token}`,\n          },\n        });\n      })\n      .then((res) => res.body);\n  },\n});\n\nexport default Token;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAKA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,aAAA,GAAAD,OAAA;AAEA,IAAAE,eAAA,GAAAC,sBAAA,CAAAH,OAAA;AACA,IAAAI,YAAA,GAAAD,sBAAA,CAAAH,OAAA;AAEA,IAAAK,MAAA,GAAAL,OAAA;AACA,IAAAM,YAAA,GAAAC,uBAAA,CAAAP,OAAA;AAAuD,IAAAQ,IAAA,EAAAC,IAAA;AAAA,SAAAC,yBAAAC,WAAA,eAAAC,QAAA,kCAAAC,iBAAA,OAAAD,QAAA,QAAAE,gBAAA,OAAAF,QAAA,YAAAF,wBAAA,YAAAA,yBAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,aAAAE,OAAA,CAAAF,GAAA,yBAAAA,GAAA,4BAAAG,OAAA,EAAAH,GAAA,UAAAI,KAAA,GAAAT,wBAAA,CAAAC,WAAA,OAAAQ,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAL,GAAA,YAAAI,KAAA,CAAAE,GAAA,CAAAN,GAAA,SAAAO,MAAA,WAAAC,qBAAA,GAAAC,sBAAA,IAAAC,iCAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAC,MAAA,CAAAC,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAf,GAAA,EAAAW,GAAA,SAAAK,IAAA,GAAAR,qBAAA,GAAAE,iCAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAK,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,sBAAA,CAAAF,MAAA,EAAAI,GAAA,EAAAK,IAAA,YAAAT,MAAA,CAAAI,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAJ,MAAA,CAAAJ,OAAA,GAAAH,GAAA,MAAAI,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAjB,GAAA,EAAAO,MAAA,YAAAA,MAAA;AAAA,SAAAW,QAAAC,MAAA,EAAAC,cAAA,QAAAC,IAAA,GAAAC,YAAA,CAAAH,MAAA,OAAAI,6BAAA,QAAAC,OAAA,GAAAD,6BAAA,CAAAJ,MAAA,GAAAC,cAAA,KAAAI,OAAA,GAAAA,OAAA,CAAAC,MAAA,WAAAC,GAAA,WAAAhB,iCAAA,CAAAS,MAAA,EAAAO,GAAA,EAAAC,UAAA,OAAAN,IAAA,CAAAO,IAAA,CAAAC,KAAA,CAAAR,IAAA,EAAAG,OAAA,YAAAH,IAAA;AAAA,SAAAS,cAAAC,MAAA,aAAAC,CAAA,MAAAA,CAAA,GAAAC,SAAA,CAAAC,MAAA,EAAAF,CAAA,UAAAG,MAAA,WAAAF,SAAA,CAAAD,CAAA,IAAAC,SAAA,CAAAD,CAAA,QAAAA,CAAA,OAAAd,OAAA,CAAAN,MAAA,CAAAuB,MAAA,OAAAC,OAAA,WAAAzB,GAAA,QAAA0B,gBAAA,CAAAlC,OAAA,EAAA4B,MAAA,EAAApB,GAAA,EAAAwB,MAAA,CAAAxB,GAAA,SAAA2B,iCAAA,GAAAC,wBAAA,CAAAR,MAAA,EAAAO,iCAAA,CAAAH,MAAA,KAAAjB,OAAA,CAAAN,MAAA,CAAAuB,MAAA,GAAAC,OAAA,WAAAzB,GAAA,IAAAF,sBAAA,CAAAsB,MAAA,EAAApB,GAAA,EAAAD,iCAAA,CAAAyB,MAAA,EAAAxB,GAAA,iBAAAoB,MAAA;AAEvD;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,SAASS,iBAAiBA,CAACC,GAAG,EAAE;EAC9B,IAAIA,GAAG,CAACC,UAAU,KAAK,GAAG,EAAE;IAC1B,OAAOC,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAACH,GAAG,CAAC;EAC5B;EAEA,IAAMI,gBAAgB,GAAGC,oBAAW,CAACC,MAAM,CAACN,GAAG,CAACO,IAAI,CAACC,KAAK,CAAC;EAE3D,IAAIJ,gBAAgB,KAAKK,uBAAU,IAAIT,GAAG,YAAYU,uBAAc,EAAE;IACpE,OAAOR,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAACH,GAAG,CAAC;EAC5B;EACA,IAAI,CAACI,gBAAgB,EAAE;IACrB,OAAOF,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAACH,GAAG,CAAC;EAC5B;EAEA,OAAOE,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAAC,IAAIC,gBAAgB,CAACJ,GAAG,CAACW,IAAI,IAAIX,GAAG,CAAC,CAAC;AAC9D;;AAEA;AACA;AACA;AACA,IAAMY,KAAK,GAAGC,oBAAW,CAACC,MAAM,EAAA9D,IAAA,GA4L7B,IAAA+D,iBAAS,EAAC;EACTC,UAAU,WAAAA,WAACC,KAAK,EAAE;IAChB,OAAOA,KAAK;EACd;AACF,CAAC,CAAC,GAAAhE,IAAA,GAhM6B;EAC/BiE,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZC,IAAI,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;MACnCC,EAAE,WAAAA,GAAA,EAAG;QACH,OAAO,CAAC,CAAC,IAAI,CAACC,YAAY,IAAI,CAAC,IAAI,CAACC,SAAS;MAC/C;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZJ,IAAI,EAAE,CAAC,cAAc,CAAC;MACtBC,EAAE,WAAAA,GAAA,EAAG;QACH,OAAO,IAAI,CAACF,YAAY,IAAI,CAAC,CAAC,IAAI,CAACM,MAAM,CAACC,SAAS;MACrD;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,UAAU,EAAE;MACVP,IAAI,EAAE,CAAC,eAAe,CAAC;MACvBC,EAAE,WAAAA,GAAA,EAAG;QACH,IAAIO,iBAAS,EAAE;UACb,OAAO,CAAC,CAAC,IAAI,CAACC,aAAa,IAAI,CAAC,CAAC,IAAI,CAACJ,MAAM,CAACK,eAAe;QAC9D;QAEA,OAAO,CAAC,CAAC,IAAI,CAACD,aAAa,IAAI,CAAC,CAAC,IAAI,CAACJ,MAAM,CAACM,aAAa;MAC5D;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIR,SAAS,EAAE;MACTH,IAAI,EAAE,CAAC,SAAS,EAAE,YAAY,CAAC;MAC/BC,EAAE,WAAAA,GAAA,EAAG;QACH;QACA;QACA,OAAO,CAAC,CAAC,IAAI,CAACW,OAAO,IAAI,IAAI,CAACC,UAAU;MAC1C;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,OAAO,EAAE;MACPd,IAAI,EAAE,CAAC,cAAc,EAAE,YAAY,CAAC;MACpCC,EAAE,WAAAA,GAAA,EAAG;QACH,IAAI,CAAC,IAAI,CAACC,YAAY,IAAI,CAAC,IAAI,CAACa,UAAU,EAAE;UAC1C,OAAO,EAAE;QACX;QAEA,UAAAC,MAAA,CAAU,IAAI,CAACD,UAAU,OAAAC,MAAA,CAAI,IAAI,CAACd,YAAY;MAChD;IACF;EACF,CAAC;EAEDe,SAAS,EAAE,aAAa;EAExBC,KAAK,EAAE;IACL;AACJ;AACA;AACA;AACA;AACA;AACA;IACIrB,KAAK,EAAE,QAAQ;IACf;AACJ;AACA;AACA;AACA;IACIK,YAAY,EAAE,QAAQ;IACtB;AACJ;AACA;AACA;AACA;IACIU,OAAO,EAAE,QAAQ;IACjB;AACJ;AACA;AACA;AACA;IACIO,UAAU,EAAE,QAAQ;IACpB;AACJ;AACA;AACA;AACA;IACIV,aAAa,EAAE,QAAQ;IACvB;AACJ;AACA;AACA;AACA;IACIW,qBAAqB,EAAE,QAAQ;IAC/B;AACJ;AACA;AACA;AACA;IACIC,wBAAwB,EAAE,QAAQ;IAClC;AACJ;AACA;AACA;AACA;AACA;IACIN,UAAU,EAAE;MACVzE,OAAO,EAAE,QAAQ;MACjBgF,IAAI,EAAE;IACR;EACF,CAAC;EAEDC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;IACIV,UAAU,EAAE;MACVvE,OAAO,EAAE,KAAK;MACdgF,IAAI,EAAE;IACR,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIE,aAAa,EAAE;MACbF,IAAI,EAAE;IACR;EACF,CAAC;EAOD;AACF;AACA;AACA;AACA;AACA;AACA;EACEG,SAAS,WAAAA,UAAC5B,KAAK,EAAE;IAAA,IAAA6B,KAAA;IACf,IAAI,CAACC,MAAM,CAACC,IAAI,gCAAAZ,MAAA,CAAgCnB,KAAK,EAAG;IAExD,IAAI,IAAI,CAACM,SAAS,EAAE;MAClB,IAAI,CAACwB,MAAM,CAACC,IAAI,CAAC,2DAA2D,CAAC;MAE7E,OAAO9C,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAAC,IAAI8C,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3E;IAEA,IAAI,CAAC,IAAI,CAACzB,YAAY,EAAE;MACtB,IAAI,IAAI,CAACC,MAAM,CAACC,SAAS,EAAE;QACzB,IAAI,CAACqB,MAAM,CAACC,IAAI,CAAC,2DAA2D,CAAC;MAC/E,CAAC,MAAM;QACL,IAAI,CAACD,MAAM,CAACG,KAAK,CAAC,2CAA2C,CAAC;MAChE;MAEA,OAAOhD,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAAC,IAAI8C,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnE;;IAEA;IACA;IACA,IAAIhC,KAAK,EAAE;MACTA,KAAK,GAAG,IAAAkC,gBAAS,EAAClC,KAAK,CAAC;IAC1B;;IAEA;IACA;IACA;IACA,IAAIA,KAAK,KAAK,IAAAkC,gBAAS,EAAC,IAAI,CAAC1B,MAAM,CAACR,KAAK,CAAC,EAAE;MAC1C,OAAOf,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAAC,IAAI8C,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrF;IAEA,OAAO,IAAI,CAACG,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAAC+B,QAAQ;MACzBC,aAAa,EAAE,KAAK;MACpBC,IAAI,EAAE;QACJC,UAAU,EAAE,4CAA4C;QACxDC,KAAK,EAAE,IAAI,CAACtC,YAAY;QACxBL,KAAK,EAALA,KAAK;QACLS,SAAS,EAAE,IAAI,CAACD,MAAM,CAACC,SAAS;QAChCmC,oBAAoB,EAAE;MACxB;IACF,CAAC,CAAC,CACDC,IAAI,CAAC,UAAC9D,GAAG,EAAK;MACb8C,KAAI,CAACC,MAAM,CAACC,IAAI,+BAAAZ,MAAA,CAA+BnB,KAAK,EAAG;MAEvD,OAAO,IAAIL,KAAK,CAAC,IAAAmD,OAAA,CAAArG,OAAA,EAAcsC,GAAG,CAACO,IAAI,EAAE;QAACU,KAAK,EAALA;MAAK,CAAC,CAAC,EAAE;QAAC+C,MAAM,EAAElB,KAAI,CAACkB;MAAM,CAAC,CAAC;IAC3E,CAAC,CAAC;EACN,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,UAAU,WAAAA,WAAA,EAA2B;IAAA,IAAAC,MAAA;IAAA,IAA1BC,KAAK,GAAA3E,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAA4E,SAAA,GAAA5E,SAAA,MAAG,CAAC,CAAC;IAAA,IAAE6E,OAAO,GAAA7E,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAA4E,SAAA,GAAA5E,SAAA,MAAG,CAAC,CAAC;IACjC,IAAA8E,MAAA,CAAA5G,OAAA,EAAcmD,oBAAW,CAACzC,SAAS,CAAC6F,UAAU,EAAE,IAAI,EAAE,CAACE,KAAK,EAAEE,OAAO,CAAC,CAAC;IAEvE,IAAI,OAAOF,KAAK,KAAK,QAAQ,EAAE;MAC7B,IAAI,CAAC7C,YAAY,GAAG6C,KAAK;IAC3B;IAEA,IAAI,CAAC,IAAI,CAAC7C,YAAY,EAAE;MACtB,MAAM,IAAI2B,KAAK,CAAC,4BAA4B,CAAC;IAC/C;;IAEA;IACA;IACA,IAAI,IAAI,CAACjB,OAAO,EAAE;MAChB,IAAI,IAAI,CAACA,OAAO,GAAG,IAAAuC,IAAA,CAAA7G,OAAA,GAAU,EAAE;QAC7B,IAAI,CAACuE,UAAU,GAAG,IAAI;MACxB,CAAC,MAAM;QACL,IAAAuC,4BAAc,EAAC,YAAM;UACnBN,MAAI,CAACjC,UAAU,GAAG,IAAI;QACxB,CAAC,EAAE,IAAI,CAACD,OAAO,GAAG,IAAAuC,IAAA,CAAA7G,OAAA,GAAU,CAAC;MAC/B;IACF;EACF,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;AACA;EACE+G,OAAO,WAAAA,QAAA,EAAG;IAAA,IAAAC,MAAA;IACR,IAAI,CAAC,IAAI,CAAC/C,UAAU,EAAE;MACpB,MAAM,IAAIsB,KAAK,CAAC,+DAA+D,CAAC;IAClF;IAEA,IAAI0B,OAAO;IAEX,IAAI/C,iBAAS,EAAE;MACb,IAAI,CAAC,IAAI,CAACH,MAAM,CAACK,eAAe,EAAE;QAChC,MAAM,IAAImB,KAAK,CAAC,qDAAqD,CAAC;MACxE;MAEA0B,OAAO,GAAGzE,QAAA,CAAAxC,OAAA,CAAQkH,OAAO,CAAC,IAAI,CAACnD,MAAM,CAACK,eAAe,CAAC,IAAI,CAACsB,KAAK,EAAE,IAAI,CAAC,CAAC;IAC1E;IAEA,OAAO,CACLuB,OAAO,IACP,IAAI,CAACvB,KAAK,CACPC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAAC+B,QAAQ;MACzBE,IAAI,EAAE;QACJC,UAAU,EAAE,eAAe;QAC3BkB,YAAY,EAAE,IAAI,CAACpD,MAAM,CAACoD,YAAY;QACtChD,aAAa,EAAE,IAAI,CAACA;MACtB,CAAC;MACDiD,IAAI,EAAE;QACJC,IAAI,EAAE,IAAI,CAACtD,MAAM,CAACC,SAAS;QAC3BsD,IAAI,EAAE,IAAI,CAACvD,MAAM,CAACM,aAAa;QAC/BkD,eAAe,EAAE;MACnB,CAAC;MACDC,wBAAwB,EAAE;IAC5B,CAAC,CAAC,CACDpB,IAAI,CAAC,UAAC9D,GAAG;MAAA,OAAKA,GAAG,CAACO,IAAI;IAAA,EAAC,EAEzBuD,IAAI,CAAC,UAACvG,GAAG,EAAK;MACb,IAAI,CAACA,GAAG,EAAE;QACR,MAAM,IAAI0F,KAAK,CAAC,oDAAoD,CAAC;MACvE;MACA;MACA;MACA;MACA,IAAI,CAAC1F,GAAG,CAACsE,aAAa,EAAE;QACtB,IAAAkC,OAAA,CAAArG,OAAA,EACEH,GAAG,EACH,IAAA4H,MAAA,CAAAzH,OAAA,EAAKgH,MAAI,EAAE,eAAe,EAAE,uBAAuB,EAAE,0BAA0B,CAAC,CACjF;MACH;;MAEA;MACA;MACA,IAAIA,MAAI,CAACpD,YAAY,KAAK/D,GAAG,CAAC+D,YAAY,EAAE;QAC1CoD,MAAI,CAAC3B,MAAM,CAACvC,KAAK,CAAC,wCAAwC,CAAC;QAC3D;QACA,IAAI4E,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;UACzCZ,MAAI,CAAC3B,MAAM,CAACvC,KAAK,CAAC,uBAAuB,EAAEkE,MAAI,CAACpD,YAAY,CAAC;UAC7DoD,MAAI,CAAC3B,MAAM,CAACvC,KAAK,CAAC,mBAAmB,EAAEjD,GAAG,CAAC+D,YAAY,CAAC;QAC1D;QAEA,OAAOpB,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAAC,IAAI8C,KAAK,CAAC,iCAAiC,CAAC,CAAC;MACrE;MAEA,IAAIyB,MAAI,CAAC9B,aAAa,EAAE;QACtB8B,MAAI,CAAC9B,aAAa,CAAC2C,MAAM,EAAE;QAC3Bb,MAAI,CAACc,KAAK,CAAC,eAAe,CAAC;MAC7B;MAEAjI,GAAG,CAACqF,aAAa,GAAG8B,MAAI;MACxBnH,GAAG,CAAC0D,KAAK,GAAGyD,MAAI,CAACzD,KAAK;MAEtB,OAAO,IAAIL,KAAK,CAACrD,GAAG,EAAE;QAACyG,MAAM,EAAEU,MAAI,CAACV;MAAM,CAAC,CAAC;IAC9C,CAAC,CAAC,CACDyB,KAAK,CAAC1F,iBAAiB,CAAC;EAC7B,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;EACEwF,MAAM,WAAAA,OAAA,EAAG;IAAA,IAAAG,MAAA;IACP,IAAI,IAAI,CAACnE,SAAS,EAAE;MAClB,IAAI,CAACwB,MAAM,CAACC,IAAI,CAAC,8DAA8D,CAAC;MAEhF,OAAO9C,QAAA,CAAAxC,OAAA,CAAQkH,OAAO,EAAE;IAC1B;IAEA,IAAI,CAAC,IAAI,CAACzD,YAAY,EAAE;MACtB,IAAI,CAAC4B,MAAM,CAACC,IAAI,CAAC,uDAAuD,CAAC;MAEzE,OAAO9C,QAAA,CAAAxC,OAAA,CAAQkH,OAAO,EAAE;IAC1B;;IAEA;IACA;IACA;IACA;IACA;IACA;IACA,IAAI,CAAC,IAAI,CAACnD,MAAM,CAACM,aAAa,EAAE;MAC9B,IAAI,CAACgB,MAAM,CAACC,IAAI,CAAC,kEAAkE,CAAC;MAEpF,OAAO9C,QAAA,CAAAxC,OAAA,CAAQkH,OAAO,EAAE;IAC1B;IAEA,IAAI,CAAC7B,MAAM,CAACC,IAAI,CAAC,8BAA8B,CAAC;IAEhD,OAAO,IAAI,CAACI,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAACkE,SAAS;MAC1BjC,IAAI,EAAE;QACJE,KAAK,EAAE,IAAI,CAACtC,YAAY;QACxBsE,eAAe,EAAE;MACnB,CAAC;MACDd,IAAI,EAAE;QACJC,IAAI,EAAE,IAAI,CAACtD,MAAM,CAACC,SAAS;QAC3BsD,IAAI,EAAE,IAAI,CAACvD,MAAM,CAACM,aAAa;QAC/BkD,eAAe,EAAE;MACnB,CAAC;MACDC,wBAAwB,EAAE;IAC5B,CAAC,CAAC,CACDpB,IAAI,CAAC,YAAM;MACV4B,MAAI,CAACF,KAAK,CAAC,CAAC,cAAc,EAAE,SAAS,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;MACnEE,MAAI,CAAC3C,MAAM,CAACC,IAAI,CAAC,6BAA6B,CAAC;IACjD,CAAC,CAAC,CACDyC,KAAK,CAAC1F,iBAAiB,CAAC;EAC7B,CAAC;EAEDvB,GAAG,WAAAA,IAAA,EAAU;IACX;IACA,IAAAqH,qBAAA,GAAuB,IAAI,CAACC,oBAAoB,CAAA1G,KAAA,CAAzB,IAAI,EAAAI,SAAA,CAA8B;MAAAuG,sBAAA,OAAAC,eAAA,CAAAtI,OAAA,EAAAmI,qBAAA;MAApD1B,KAAK,GAAA4B,sBAAA;MAAE1B,OAAO,GAAA0B,sBAAA;IAEnB,IAAI,CAAC5B,KAAK,CAAChC,UAAU,IAAIgC,KAAK,CAAC7C,YAAY,IAAI6C,KAAK,CAAC7C,YAAY,CAAC2E,QAAQ,CAAC,GAAG,CAAC,EAAE;MAC/E,IAAAC,qBAAA,GAAmC/B,KAAK,CAAC7C,YAAY,CAAC6E,KAAK,CAAC,GAAG,CAAC;QAAAC,sBAAA,OAAAJ,eAAA,CAAAtI,OAAA,EAAAwI,qBAAA;QAAzD/D,UAAU,GAAAiE,sBAAA;QAAE9E,YAAY,GAAA8E,sBAAA;MAE/BjC,KAAK,GAAA9E,aAAA,CAAAA,aAAA,KAAO8E,KAAK;QAAE7C,YAAY,EAAZA,YAAY;QAAEa,UAAU,EAAVA;MAAU,EAAC;IAC9C;IACA,IAAMkE,GAAG,GAAG,IAAA9B,IAAA,CAAA7G,OAAA,GAAU;IAEtB,IAAI,CAACyG,KAAK,CAACnC,OAAO,IAAImC,KAAK,CAAC5B,UAAU,EAAE;MACtC4B,KAAK,CAACnC,OAAO,GAAGqE,GAAG,GAAGlC,KAAK,CAAC5B,UAAU,GAAG,IAAI;IAC/C;IAEA,IAAI,CAAC4B,KAAK,CAAC3B,qBAAqB,IAAI2B,KAAK,CAAC1B,wBAAwB,EAAE;MAClE0B,KAAK,CAAC3B,qBAAqB,GAAG6D,GAAG,GAAGlC,KAAK,CAAC1B,wBAAwB,GAAG,IAAI;IAC3E;IAEA,IAAI0B,KAAK,CAAClD,KAAK,EAAE;MACfkD,KAAK,CAAClD,KAAK,GAAG,IAAAkC,gBAAS,EAACgB,KAAK,CAAClD,KAAK,CAAC;IACtC;IAEA,OAAO,IAAAqD,MAAA,CAAA5G,OAAA,EAAcmD,oBAAW,CAACzC,SAAS,CAACI,GAAG,EAAE,IAAI,EAAE,CAAC2F,KAAK,EAAEE,OAAO,CAAC,CAAC;EACzE,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;EACEiC,QAAQ,WAAAA,SAAA,EAAG;IACT,IAAI,CAAC,IAAI,CAACpE,OAAO,EAAE;MACjB,MAAM,IAAIe,KAAK,CAAC,wBAAwB,CAAC;IAC3C;IAEA,OAAO,IAAI,CAACf,OAAO;EACrB,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACEqE,QAAQ,WAAAA,SAAA,EAAG;IAAA,IAAAC,MAAA;IACT,IAAIpB,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;MACzC,MAAM,IAAIrC,KAAK,CAAC,iDAAiD,CAAC;IACpE;IAEA,OAAO,IAAI,CAACG,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdmD,OAAO,EAAE,cAAc;MACvBC,QAAQ,EAAE,yBAAyB;MACnCnG,IAAI,EAAE;QACJqD,KAAK,EAAE,IAAI,CAACtC;MACd;IACF,CAAC,CAAC,CACDmE,KAAK,CAAC,UAACkB,MAAM,EAAK;MACjB,IAAI,YAAY,IAAIA,MAAM,EAAE;QAC1B,OAAOzG,QAAA,CAAAxC,OAAA,CAAQyC,MAAM,CAACwG,MAAM,CAAC;MAC/B;MACAH,MAAI,CAACzD,MAAM,CAACC,IAAI,CAAC,qEAAqE,CAAC;;MAEvF;MACA;MACA;MACA,IAAM4D,OAAO,GACXxB,OAAO,CAACC,GAAG,CAACwB,oBAAoB,IAChCzB,OAAO,CAACC,GAAG,CAACyB,wBAAwB,IACpC,6CAA6C;MAE/C,OAAON,MAAI,CAACpD,KAAK,CAACC,OAAO,CAAC;QACxBC,MAAM,EAAE,MAAM;QACdC,GAAG,KAAAnB,MAAA,CAAKwE,OAAO,6BAA0B;QACzCrG,IAAI,EAAE;UACJqD,KAAK,EAAE4C,MAAI,CAAClF;QACd,CAAC;QACDyF,OAAO,EAAE;UACPC,aAAa,YAAA5E,MAAA,CAAYoE,MAAI,CAAClF,YAAY;QAC5C;MACF,CAAC,CAAC;IACJ,CAAC,CAAC,CACDwC,IAAI,CAAC,UAAC9D,GAAG;MAAA,OAAKA,GAAG,CAACO,IAAI;IAAA,EAAC;EAC5B,CAAC;EAAA0G,OAAA;AACH,CAAC,OAAAC,0BAAA,CAAAxJ,OAAA,EAAAT,IAAA,gBAAAD,IAAA,OAAAmK,yBAAA,CAAAzJ,OAAA,EAAAT,IAAA,gBAAAA,IAAA,OAAAiK,0BAAA,CAAAxJ,OAAA,EAAAT,IAAA,cArOE8D,iBAAS,OAAAoG,yBAAA,CAAAzJ,OAAA,EAAAT,IAAA,cAAAA,IAAA,OAAAiK,0BAAA,CAAAxJ,OAAA,EAAAT,IAAA,aAmFT8D,iBAAS,OAAAoG,yBAAA,CAAAzJ,OAAA,EAAAT,IAAA,aAAAA,IAAA,IAAAA,IAAA,GAkJV;AAAC,IAAAmK,QAAA,GAEYxG,KAAK;AAAAyG,OAAA,CAAA3J,OAAA,GAAA0J,QAAA"}