@webex/webex-core 3.0.0-beta.4 → 3.0.0-beta.400

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (188) hide show
  1. package/dist/config.js +1 -11
  2. package/dist/config.js.map +1 -1
  3. package/dist/credentials-config.js +44 -64
  4. package/dist/credentials-config.js.map +1 -1
  5. package/dist/index.js +0 -76
  6. package/dist/index.js.map +1 -1
  7. package/dist/interceptors/auth.js +22 -55
  8. package/dist/interceptors/auth.js.map +1 -1
  9. package/dist/interceptors/default-options.js +0 -20
  10. package/dist/interceptors/default-options.js.map +1 -1
  11. package/dist/interceptors/embargo.js +0 -21
  12. package/dist/interceptors/embargo.js.map +1 -1
  13. package/dist/interceptors/network-timing.js +2 -21
  14. package/dist/interceptors/network-timing.js.map +1 -1
  15. package/dist/interceptors/payload-transformer.js +2 -22
  16. package/dist/interceptors/payload-transformer.js.map +1 -1
  17. package/dist/interceptors/rate-limit.js +25 -57
  18. package/dist/interceptors/rate-limit.js.map +1 -1
  19. package/dist/interceptors/redirect.js +4 -33
  20. package/dist/interceptors/redirect.js.map +1 -1
  21. package/dist/interceptors/request-event.js +3 -30
  22. package/dist/interceptors/request-event.js.map +1 -1
  23. package/dist/interceptors/request-logger.js +1 -30
  24. package/dist/interceptors/request-logger.js.map +1 -1
  25. package/dist/interceptors/request-timing.js +3 -22
  26. package/dist/interceptors/request-timing.js.map +1 -1
  27. package/dist/interceptors/response-logger.js +2 -31
  28. package/dist/interceptors/response-logger.js.map +1 -1
  29. package/dist/interceptors/user-agent.js +2 -29
  30. package/dist/interceptors/user-agent.js.map +1 -1
  31. package/dist/interceptors/webex-tracking-id.js +5 -28
  32. package/dist/interceptors/webex-tracking-id.js.map +1 -1
  33. package/dist/interceptors/webex-user-agent.js +5 -38
  34. package/dist/interceptors/webex-user-agent.js.map +1 -1
  35. package/dist/lib/batcher.js +3 -51
  36. package/dist/lib/batcher.js.map +1 -1
  37. package/dist/lib/constants.js +14 -0
  38. package/dist/lib/constants.js.map +1 -0
  39. package/dist/lib/credentials/credentials.js +98 -139
  40. package/dist/lib/credentials/credentials.js.map +1 -1
  41. package/dist/lib/credentials/grant-errors.js +0 -49
  42. package/dist/lib/credentials/grant-errors.js.map +1 -1
  43. package/dist/lib/credentials/index.js +1 -13
  44. package/dist/lib/credentials/index.js.map +1 -1
  45. package/dist/lib/credentials/scope.js +25 -14
  46. package/dist/lib/credentials/scope.js.map +1 -1
  47. package/dist/lib/credentials/token-collection.js +1 -7
  48. package/dist/lib/credentials/token-collection.js.map +1 -1
  49. package/dist/lib/credentials/token.js +42 -118
  50. package/dist/lib/credentials/token.js.map +1 -1
  51. package/dist/lib/page.js +13 -26
  52. package/dist/lib/page.js.map +1 -1
  53. package/dist/lib/services/constants.js +0 -2
  54. package/dist/lib/services/constants.js.map +1 -1
  55. package/dist/lib/services/index.js +1 -28
  56. package/dist/lib/services/index.js.map +1 -1
  57. package/dist/lib/services/interceptors/server-error.js +2 -23
  58. package/dist/lib/services/interceptors/server-error.js.map +1 -1
  59. package/dist/lib/services/interceptors/service.js +15 -35
  60. package/dist/lib/services/interceptors/service.js.map +1 -1
  61. package/dist/lib/services/metrics.js +0 -2
  62. package/dist/lib/services/metrics.js.map +1 -1
  63. package/dist/lib/services/service-catalog.js +12 -91
  64. package/dist/lib/services/service-catalog.js.map +1 -1
  65. package/dist/lib/services/service-fed-ramp.js +0 -2
  66. package/dist/lib/services/service-fed-ramp.js.map +1 -1
  67. package/dist/lib/services/service-host.js +47 -62
  68. package/dist/lib/services/service-host.js.map +1 -1
  69. package/dist/lib/services/service-registry.js +78 -90
  70. package/dist/lib/services/service-registry.js.map +1 -1
  71. package/dist/lib/services/service-state.js +3 -15
  72. package/dist/lib/services/service-state.js.map +1 -1
  73. package/dist/lib/services/service-url.js +4 -25
  74. package/dist/lib/services/service-url.js.map +1 -1
  75. package/dist/lib/services/services.js +135 -239
  76. package/dist/lib/services/services.js.map +1 -1
  77. package/dist/lib/stateless-webex-plugin.js +5 -28
  78. package/dist/lib/stateless-webex-plugin.js.map +1 -1
  79. package/dist/lib/storage/decorators.js +19 -62
  80. package/dist/lib/storage/decorators.js.map +1 -1
  81. package/dist/lib/storage/errors.js +0 -23
  82. package/dist/lib/storage/errors.js.map +1 -1
  83. package/dist/lib/storage/index.js +2 -16
  84. package/dist/lib/storage/index.js.map +1 -1
  85. package/dist/lib/storage/make-webex-plugin-store.js +11 -41
  86. package/dist/lib/storage/make-webex-plugin-store.js.map +1 -1
  87. package/dist/lib/storage/make-webex-store.js +8 -30
  88. package/dist/lib/storage/make-webex-store.js.map +1 -1
  89. package/dist/lib/storage/memory-store-adapter.js +1 -19
  90. package/dist/lib/storage/memory-store-adapter.js.map +1 -1
  91. package/dist/lib/webex-core-plugin-mixin.js +9 -29
  92. package/dist/lib/webex-core-plugin-mixin.js.map +1 -1
  93. package/dist/lib/webex-http-error.js +1 -31
  94. package/dist/lib/webex-http-error.js.map +1 -1
  95. package/dist/lib/webex-internal-core-plugin-mixin.js +9 -29
  96. package/dist/lib/webex-internal-core-plugin-mixin.js.map +1 -1
  97. package/dist/lib/webex-plugin.js +6 -40
  98. package/dist/lib/webex-plugin.js.map +1 -1
  99. package/dist/plugins/logger.js +3 -17
  100. package/dist/plugins/logger.js.map +1 -1
  101. package/dist/webex-core.js +84 -203
  102. package/dist/webex-core.js.map +1 -1
  103. package/dist/webex-internal-core.js +0 -10
  104. package/dist/webex-internal-core.js.map +1 -1
  105. package/package.json +14 -14
  106. package/src/config.js +9 -11
  107. package/src/credentials-config.js +110 -72
  108. package/src/index.js +4 -14
  109. package/src/interceptors/auth.js +36 -37
  110. package/src/interceptors/default-options.js +0 -1
  111. package/src/interceptors/embargo.js +1 -1
  112. package/src/interceptors/payload-transformer.js +1 -2
  113. package/src/interceptors/rate-limit.js +8 -5
  114. package/src/interceptors/redirect.js +14 -8
  115. package/src/interceptors/request-event.js +4 -8
  116. package/src/interceptors/request-logger.js +8 -5
  117. package/src/interceptors/response-logger.js +11 -8
  118. package/src/interceptors/user-agent.js +1 -2
  119. package/src/interceptors/webex-user-agent.js +3 -9
  120. package/src/lib/batcher.js +70 -69
  121. package/src/lib/constants.js +6 -0
  122. package/src/lib/credentials/credentials.js +173 -141
  123. package/src/lib/credentials/grant-errors.js +6 -7
  124. package/src/lib/credentials/index.js +1 -4
  125. package/src/lib/credentials/scope.js +24 -8
  126. package/src/lib/credentials/token-collection.js +1 -1
  127. package/src/lib/credentials/token.js +95 -81
  128. package/src/lib/page.js +10 -11
  129. package/src/lib/services/constants.js +3 -13
  130. package/src/lib/services/index.js +2 -2
  131. package/src/lib/services/interceptors/server-error.js +12 -7
  132. package/src/lib/services/interceptors/service.js +7 -6
  133. package/src/lib/services/metrics.js +1 -1
  134. package/src/lib/services/service-catalog.js +112 -100
  135. package/src/lib/services/service-fed-ramp.js +1 -2
  136. package/src/lib/services/service-host.js +10 -17
  137. package/src/lib/services/service-registry.js +69 -96
  138. package/src/lib/services/service-state.js +4 -6
  139. package/src/lib/services/service-url.js +24 -23
  140. package/src/lib/services/services.js +272 -249
  141. package/src/lib/stateless-webex-plugin.js +4 -2
  142. package/src/lib/storage/decorators.js +68 -66
  143. package/src/lib/storage/index.js +4 -6
  144. package/src/lib/storage/make-webex-plugin-store.js +34 -21
  145. package/src/lib/storage/make-webex-store.js +6 -7
  146. package/src/lib/storage/memory-store-adapter.js +3 -3
  147. package/src/lib/webex-core-plugin-mixin.js +10 -7
  148. package/src/lib/webex-http-error.js +7 -8
  149. package/src/lib/webex-internal-core-plugin-mixin.js +9 -6
  150. package/src/lib/webex-plugin.js +41 -34
  151. package/src/plugins/logger.js +8 -3
  152. package/src/webex-core.js +198 -117
  153. package/src/webex-internal-core.js +15 -9
  154. package/test/integration/spec/credentials/credentials.js +26 -30
  155. package/test/integration/spec/credentials/token.js +36 -33
  156. package/test/integration/spec/services/service-catalog.js +177 -156
  157. package/test/integration/spec/services/services.js +313 -304
  158. package/test/integration/spec/webex-core.js +98 -86
  159. package/test/unit/spec/_setup.js +26 -18
  160. package/test/unit/spec/credentials/credentials.js +352 -162
  161. package/test/unit/spec/credentials/scope.js +80 -0
  162. package/test/unit/spec/credentials/token.js +105 -77
  163. package/test/unit/spec/interceptors/auth.js +294 -243
  164. package/test/unit/spec/interceptors/default-options.js +36 -24
  165. package/test/unit/spec/interceptors/embargo.js +32 -27
  166. package/test/unit/spec/interceptors/network-timing.js +2 -2
  167. package/test/unit/spec/interceptors/payload-transformer.js +61 -52
  168. package/test/unit/spec/interceptors/rate-limit.js +104 -75
  169. package/test/unit/spec/interceptors/redirect.js +22 -20
  170. package/test/unit/spec/interceptors/request-timing.js +18 -22
  171. package/test/unit/spec/interceptors/user-agent.js +28 -16
  172. package/test/unit/spec/interceptors/webex-tracking-id.js +14 -8
  173. package/test/unit/spec/interceptors/webex-user-agent.js +83 -37
  174. package/test/unit/spec/lib/batcher.js +36 -32
  175. package/test/unit/spec/lib/page.js +36 -32
  176. package/test/unit/spec/lib/webex-plugin.js +1 -1
  177. package/test/unit/spec/services/interceptors/server-error.js +67 -90
  178. package/test/unit/spec/services/interceptors/service.js +23 -28
  179. package/test/unit/spec/services/service-catalog.js +19 -27
  180. package/test/unit/spec/services/service-host.js +29 -26
  181. package/test/unit/spec/services/service-registry.js +128 -170
  182. package/test/unit/spec/services/service-state.js +13 -22
  183. package/test/unit/spec/services/service-url.js +24 -43
  184. package/test/unit/spec/services/services.js +147 -41
  185. package/test/unit/spec/storage/persist.js +6 -9
  186. package/test/unit/spec/storage/wait-for-value.js +22 -21
  187. package/test/unit/spec/webex-core.js +90 -57
  188. package/test/unit/spec/webex-internal-core.js +56 -31
package/dist/lib/credentials/token.js CHANGED
@@ -1,55 +1,38 @@
1
1
  "use strict";
2
2
 
3
3
  var _typeof = require("@babel/runtime-corejs2/helpers/typeof");
4
-
5
- var _WeakMap = require("@babel/runtime-corejs2/core-js/weak-map");
6
-
7
- var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
8
-
4
+ var _Object$keys = require("@babel/runtime-corejs2/core-js/object/keys");
5
+ var _Object$getOwnPropertySymbols = require("@babel/runtime-corejs2/core-js/object/get-own-property-symbols");
9
6
  var _Object$getOwnPropertyDescriptor2 = require("@babel/runtime-corejs2/core-js/object/get-own-property-descriptor");
10
-
7
+ var _Object$getOwnPropertyDescriptors = require("@babel/runtime-corejs2/core-js/object/get-own-property-descriptors");
8
+ var _Object$defineProperties = require("@babel/runtime-corejs2/core-js/object/define-properties");
9
+ var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
10
+ var _WeakMap = require("@babel/runtime-corejs2/core-js/weak-map");
11
11
  var _interopRequireDefault = require("@babel/runtime-corejs2/helpers/interopRequireDefault");
12
-
13
12
  _Object$defineProperty(exports, "__esModule", {
14
13
  value: true
15
14
  });
16
-
17
15
  exports.default = void 0;
18
-
16
+ var _defineProperty2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/defineProperty"));
19
17
  var _slicedToArray2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/slicedToArray"));
20
-
21
18
  var _applyDecoratedDescriptor2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/applyDecoratedDescriptor"));
22
-
23
19
  var _promise = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/promise"));
24
-
25
20
  var _assign = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/object/assign"));
26
-
27
21
  var _apply = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/reflect/apply"));
28
-
29
22
  var _now = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/date/now"));
30
-
31
23
  var _getOwnPropertyDescriptor = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/object/get-own-property-descriptor"));
32
-
33
24
  var _pick2 = _interopRequireDefault(require("lodash/pick"));
34
-
35
25
  var _common = require("@webex/common");
36
-
37
26
  var _commonTimers = require("@webex/common-timers");
38
-
39
27
  var _webexHttpError = _interopRequireDefault(require("../webex-http-error"));
40
-
41
28
  var _webexPlugin = _interopRequireDefault(require("../webex-plugin"));
42
-
43
29
  var _scope = require("./scope");
44
-
45
30
  var _grantErrors = _interopRequireWildcard(require("./grant-errors"));
46
-
47
31
  var _dec, _obj;
48
-
49
32
  function _getRequireWildcardCache(nodeInterop) { if (typeof _WeakMap !== "function") return null; var cacheBabelInterop = new _WeakMap(); var cacheNodeInterop = new _WeakMap(); return (_getRequireWildcardCache = function _getRequireWildcardCache(nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
50
-
51
33
  function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || _typeof(obj) !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = _Object$defineProperty && _Object$getOwnPropertyDescriptor2; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? _Object$getOwnPropertyDescriptor2(obj, key) : null; if (desc && (desc.get || desc.set)) { _Object$defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
52
-
34
+ function ownKeys(object, enumerableOnly) { var keys = _Object$keys(object); if (_Object$getOwnPropertySymbols) { var symbols = _Object$getOwnPropertySymbols(object); enumerableOnly && (symbols = symbols.filter(function (sym) { return _Object$getOwnPropertyDescriptor2(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
35
+ function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? ownKeys(Object(source), !0).forEach(function (key) { (0, _defineProperty2.default)(target, key, source[key]); }) : _Object$getOwnPropertyDescriptors ? _Object$defineProperties(target, _Object$getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function (key) { _Object$defineProperty(target, key, _Object$getOwnPropertyDescriptor2(source, key)); }); } return target; }
53
36
  /* eslint-disable camelcase */
54
37
 
55
38
  /**
@@ -62,24 +45,19 @@ function processGrantError(res) {
62
45
  if (res.statusCode !== 400) {
63
46
  return _promise.default.reject(res);
64
47
  }
65
-
66
48
  var ErrorConstructor = _grantErrors.default.select(res.body.error);
67
-
68
49
  if (ErrorConstructor === _grantErrors.OAuthError && res instanceof _webexHttpError.default) {
69
50
  return _promise.default.reject(res);
70
51
  }
71
-
72
52
  if (!ErrorConstructor) {
73
53
  return _promise.default.reject(res);
74
54
  }
75
-
76
55
  return _promise.default.reject(new ErrorConstructor(res._res || res));
77
56
  }
57
+
78
58
  /**
79
59
  * @class
80
60
  */
81
-
82
-
83
61
  var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
84
62
  keyFactory: function keyFactory(scope) {
85
63
  return scope;
@@ -101,7 +79,6 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
101
79
  return !!this.access_token && !this.isExpired;
102
80
  }
103
81
  },
104
-
105
82
  /**
106
83
  * Indicates that this token can be downscoped. `true` iff
107
84
  * {@link config.credentials.client_id} is defined and if
@@ -122,7 +99,6 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
122
99
  return this.canAuthorize && !!this.config.client_id;
123
100
  }
124
101
  },
125
-
126
102
  /**
127
103
  * Indicates if this token can be refreshed. `true` iff
128
104
  * {@link Token@refresh_token} is defined and
@@ -143,11 +119,9 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
143
119
  if (_common.inBrowser) {
144
120
  return !!this.refresh_token && !!this.config.refreshCallback;
145
121
  }
146
-
147
122
  return !!this.refresh_token && !!this.config.client_secret;
148
123
  }
149
124
  },
150
-
151
125
  /**
152
126
  * Indicates if this `Token` is expired. `true` iff {@link Token#expires} is
153
127
  * defined and is less than {@link Date.now()}.
@@ -164,7 +138,6 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
164
138
  return !!this.expires && this._isExpired;
165
139
  }
166
140
  },
167
-
168
141
  /**
169
142
  * Cache for toString()
170
143
  * @instance
@@ -179,7 +152,6 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
179
152
  if (!this.access_token || !this.token_type) {
180
153
  return '';
181
154
  }
182
-
183
155
  return "".concat(this.token_type, " ").concat(this.access_token);
184
156
  }
185
157
  }
@@ -194,49 +166,42 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
194
166
  * @type {string}
195
167
  */
196
168
  scope: 'string',
197
-
198
169
  /**
199
170
  * @instance
200
171
  * @memberof Token
201
172
  * @type {string}
202
173
  */
203
174
  access_token: 'string',
204
-
205
175
  /**
206
176
  * @instance
207
177
  * @memberof Token
208
178
  * @type {number}
209
179
  */
210
180
  expires: 'number',
211
-
212
181
  /**
213
182
  * @instance
214
183
  * @memberof Token
215
184
  * @type {number}
216
185
  */
217
186
  expires_in: 'number',
218
-
219
187
  /**
220
188
  * @instance
221
189
  * @memberof Token
222
190
  * @type {string}
223
191
  */
224
192
  refresh_token: 'string',
225
-
226
193
  /**
227
194
  * @instance
228
195
  * @memberof Token
229
196
  * @type {number}
230
197
  */
231
198
  refresh_token_expires: 'number',
232
-
233
199
  /**
234
200
  * @instance
235
201
  * @memberof Token
236
202
  * @type {number}
237
203
  */
238
204
  refresh_token_expires_in: 'number',
239
-
240
205
  /**
241
206
  * @default "Bearer"
242
207
  * @instance
@@ -260,7 +225,6 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
260
225
  default: false,
261
226
  type: 'boolean'
262
227
  },
263
-
264
228
  /**
265
229
  * Handle to the previous token that we'll revoke when we refresh this
266
230
  * token. The idea is to keep allow two valid tokens when a refresh occurs;
@@ -276,7 +240,6 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
276
240
  type: 'state'
277
241
  }
278
242
  },
279
-
280
243
  /**
281
244
  * Uses this token to request a new Token with a subset of this Token's scopes
282
245
  * @instance
@@ -286,37 +249,35 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
286
249
  */
287
250
  downscope: function downscope(scope) {
288
251
  var _this = this;
289
-
290
252
  this.logger.info("token: downscoping token to ".concat(scope));
291
-
292
253
  if (this.isExpired) {
293
254
  this.logger.info('token: request received to downscope expired access_token');
294
255
  return _promise.default.reject(new Error('cannot downscope expired access token'));
295
256
  }
296
-
297
257
  if (!this.canDownscope) {
298
258
  if (this.config.client_id) {
299
259
  this.logger.info('token: request received to downscope invalid access_token');
300
260
  } else {
301
261
  this.logger.trace('token: cannot downscope without client_id');
302
262
  }
303
-
304
263
  return _promise.default.reject(new Error('cannot downscope access token'));
305
- } // Since we're going to use scope as the index in our token collection, it's
306
- // important scopes are always deterministically specified.
307
-
264
+ }
265
+ if ((0, _scope.diffScopes)(scope, this.config.scope) !== '') {
266
+ return _promise.default.reject(new Error("new scope (".concat(scope, ") is not subset of the available scopes (").concat(this.config.scope, ")")));
267
+ }
308
268
 
269
+ // Since we're going to use scope as the index in our token collection, it's
270
+ // important scopes are always deterministically specified.
309
271
  if (scope) {
310
272
  scope = (0, _scope.sortScope)(scope);
311
- } // Ideally, we could depend on the service to communicate this error, but
273
+ }
274
+
275
+ // Ideally, we could depend on the service to communicate this error, but
312
276
  // all we get is "invalid scope", which, to the lay person, implies
313
277
  // something wrong with *one* of the scopes, not the whole thing.
314
-
315
-
316
278
  if (scope === (0, _scope.sortScope)(this.config.scope)) {
317
279
  return _promise.default.reject(new Error('token: scope reduction requires a reduced scope'));
318
280
  }
319
-
320
281
  return this.webex.request({
321
282
  method: 'POST',
322
283
  uri: this.config.tokenUrl,
@@ -330,7 +291,6 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
330
291
  }
331
292
  }).then(function (res) {
332
293
  _this.logger.info("token: downscoped token to ".concat(scope));
333
-
334
294
  return new Token((0, _assign.default)(res.body, {
335
295
  scope: scope
336
296
  }), {
@@ -338,7 +298,6 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
338
298
  });
339
299
  });
340
300
  },
341
-
342
301
  /**
343
302
  * Initializer
344
303
  * @instance
@@ -350,21 +309,18 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
350
309
  */
351
310
  initialize: function initialize() {
352
311
  var _this2 = this;
353
-
354
312
  var attrs = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
355
313
  var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
356
314
  (0, _apply.default)(_webexPlugin.default.prototype.initialize, this, [attrs, options]);
357
-
358
315
  if (typeof attrs === 'string') {
359
316
  this.access_token = attrs;
360
317
  }
361
-
362
318
  if (!this.access_token) {
363
319
  throw new Error('`access_token` is required');
364
- } // We don't want the derived property `isExpired` to need {cache:false}, so
365
- // we'll set up a timer the runs when this token should expire.
366
-
320
+ }
367
321
 
322
+ // We don't want the derived property `isExpired` to need {cache:false}, so
323
+ // we'll set up a timer the runs when this token should expire.
368
324
  if (this.expires) {
369
325
  if (this.expires < (0, _now.default)()) {
370
326
  this._isExpired = true;
@@ -375,7 +331,6 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
375
331
  }
376
332
  }
377
333
  },
378
-
379
334
  /**
380
335
  * Refreshes this Token. Relies on
381
336
  * {@link config.credentials.refreshCallback()}
@@ -385,21 +340,16 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
385
340
  */
386
341
  refresh: function refresh() {
387
342
  var _this3 = this;
388
-
389
343
  if (!this.canRefresh) {
390
344
  throw new Error('Not enough information available to refresh this access token');
391
345
  }
392
-
393
346
  var promise;
394
-
395
347
  if (_common.inBrowser) {
396
348
  if (!this.config.refreshCallback) {
397
349
  throw new Error('Cannot refresh access token without refreshCallback');
398
350
  }
399
-
400
351
  promise = _promise.default.resolve(this.config.refreshCallback(this.webex, this));
401
352
  }
402
-
403
353
  return (promise || this.webex.request({
404
354
  method: 'POST',
405
355
  uri: this.config.tokenUrl,
@@ -419,36 +369,29 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
419
369
  })).then(function (obj) {
420
370
  if (!obj) {
421
371
  throw new Error('token: refreshCallback() did not produce an object');
422
- } // If the authentication server did not send back a refresh token, copy
372
+ }
373
+ // If the authentication server did not send back a refresh token, copy
423
374
  // the current refresh token and related values to the response (note:
424
375
  // at time of implementation, CI never sends a new refresh token)
425
-
426
-
427
376
  if (!obj.refresh_token) {
428
377
  (0, _assign.default)(obj, (0, _pick2.default)(_this3, 'refresh_token', 'refresh_token_expires', 'refresh_token_expires_in'));
429
- } // If the new token is the same as the previous token, then we may have
430
- // found a bug in CI; log the details and reject the Promise
431
-
378
+ }
432
379
 
380
+ // If the new token is the same as the previous token, then we may have
381
+ // found a bug in CI; log the details and reject the Promise
433
382
  if (_this3.access_token === obj.access_token) {
434
- _this3.logger.error('token: new token matches current token'); // log the tokens if it is not production
435
-
436
-
383
+ _this3.logger.error('token: new token matches current token');
384
+ // log the tokens if it is not production
437
385
  if (process.env.NODE_ENV !== 'production') {
438
386
  _this3.logger.error('token: current token:', _this3.access_token);
439
-
440
387
  _this3.logger.error('token: new token:', obj.access_token);
441
388
  }
442
-
443
389
  return _promise.default.reject(new Error('new token matches current token'));
444
390
  }
445
-
446
391
  if (_this3.previousToken) {
447
392
  _this3.previousToken.revoke();
448
-
449
393
  _this3.unset('previousToken');
450
394
  }
451
-
452
395
  obj.previousToken = _this3;
453
396
  obj.scope = _this3.scope;
454
397
  return new Token(obj, {
@@ -456,7 +399,6 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
456
399
  });
457
400
  }).catch(processGrantError);
458
401
  },
459
-
460
402
  /**
461
403
  * Revokes this token and unsets its local properties
462
404
  * @instance
@@ -465,28 +407,25 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
465
407
  */
466
408
  revoke: function revoke() {
467
409
  var _this4 = this;
468
-
469
410
  if (this.isExpired) {
470
411
  this.logger.info('token: already expired, not making making revocation request');
471
412
  return _promise.default.resolve();
472
413
  }
473
-
474
414
  if (!this.canAuthorize) {
475
415
  this.logger.info('token: no longer valid, not making revocation request');
476
416
  return _promise.default.resolve();
477
- } // FIXME we need to use the user token revocation endpoint to revoke a token
417
+ }
418
+
419
+ // FIXME we need to use the user token revocation endpoint to revoke a token
478
420
  // without a client_secret, but it doesn't current support using a token to
479
421
  // revoke itself
480
422
  // Note: I'm not making a canRevoke property because there should be changes
481
423
  // coming to the user token revocation endpoint that allow us to do this
482
424
  // correctly.
483
-
484
-
485
425
  if (!this.config.client_secret) {
486
426
  this.logger.info('token: no client secret available, not making revocation request');
487
427
  return _promise.default.resolve();
488
428
  }
489
-
490
429
  this.logger.info('token: revoking access token');
491
430
  return this.webex.request({
492
431
  method: 'POST',
@@ -503,46 +442,37 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
503
442
  shouldRefreshAccessToken: false
504
443
  }).then(function () {
505
444
  _this4.unset(['access_token', 'expires', 'expires_in', 'token_type']);
506
-
507
445
  _this4.logger.info('token: access token revoked');
508
446
  }).catch(processGrantError);
509
447
  },
510
448
  set: function set() {
511
449
  // eslint-disable-next-line prefer-const
512
450
  var _this$_filterSetParam = this._filterSetParameters.apply(this, arguments),
513
- _this$_filterSetParam2 = (0, _slicedToArray2.default)(_this$_filterSetParam, 2),
514
- attrs = _this$_filterSetParam2[0],
515
- options = _this$_filterSetParam2[1];
516
-
451
+ _this$_filterSetParam2 = (0, _slicedToArray2.default)(_this$_filterSetParam, 2),
452
+ attrs = _this$_filterSetParam2[0],
453
+ options = _this$_filterSetParam2[1];
517
454
  if (!attrs.token_type && attrs.access_token && attrs.access_token.includes(' ')) {
518
455
  var _attrs$access_token$s = attrs.access_token.split(' '),
519
- _attrs$access_token$s2 = (0, _slicedToArray2.default)(_attrs$access_token$s, 2),
520
- token_type = _attrs$access_token$s2[0],
521
- access_token = _attrs$access_token$s2[1];
522
-
523
- attrs = (0, _assign.default)({}, attrs, {
456
+ _attrs$access_token$s2 = (0, _slicedToArray2.default)(_attrs$access_token$s, 2),
457
+ token_type = _attrs$access_token$s2[0],
458
+ access_token = _attrs$access_token$s2[1];
459
+ attrs = _objectSpread(_objectSpread({}, attrs), {}, {
524
460
  access_token: access_token,
525
461
  token_type: token_type
526
462
  });
527
463
  }
528
-
529
464
  var now = (0, _now.default)();
530
-
531
465
  if (!attrs.expires && attrs.expires_in) {
532
466
  attrs.expires = now + attrs.expires_in * 1000;
533
467
  }
534
-
535
468
  if (!attrs.refresh_token_expires && attrs.refresh_token_expires_in) {
536
469
  attrs.refresh_token_expires = now + attrs.refresh_token_expires_in * 1000;
537
470
  }
538
-
539
471
  if (attrs.scope) {
540
472
  attrs.scope = (0, _scope.sortScope)(attrs.scope);
541
473
  }
542
-
543
474
  return (0, _apply.default)(_webexPlugin.default.prototype.set, this, [attrs, options]);
544
475
  },
545
-
546
476
  /**
547
477
  * Renders the token object as an HTTP Header Value
548
478
  * @instance
@@ -554,10 +484,8 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
554
484
  if (!this._string) {
555
485
  throw new Error('cannot stringify Token');
556
486
  }
557
-
558
487
  return this._string;
559
488
  },
560
-
561
489
  /**
562
490
  * Uses a non-producation api to return information about this token. This
563
491
  * method is primarily for tests and will throw if NODE_ENV === production
@@ -568,11 +496,9 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
568
496
  */
569
497
  validate: function validate() {
570
498
  var _this5 = this;
571
-
572
499
  if (process.env.NODE_ENV === 'production') {
573
500
  throw new Error('Token#validate() must not be used in production');
574
501
  }
575
-
576
502
  return this.webex.request({
577
503
  method: 'POST',
578
504
  service: 'conversation',
@@ -584,12 +510,11 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
584
510
  if ('statusCode' in reason) {
585
511
  return _promise.default.reject(reason);
586
512
  }
513
+ _this5.logger.info("REMINDER: If you're investigating a network error here, it's normal");
587
514
 
588
- _this5.logger.info('REMINDER: If you\'re investigating a network error here, it\'s normal'); // If we got an error that isn't a WebexHttpError, assume the problem is
515
+ // If we got an error that isn't a WebexHttpError, assume the problem is
589
516
  // that we don't have the wdm plugin loaded and service/resource isn't
590
517
  // a valid means of identifying a request.
591
-
592
-
593
518
  var convApi = process.env.CONVERSATION_SERVICE || process.env.CONVERSATION_SERVICE_URL || 'https://conv-a.wbx2.com/conversation/api/v1';
594
519
  return _this5.webex.request({
595
520
  method: 'POST',
@@ -605,9 +530,8 @@ var Token = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
605
530
  return res.body;
606
531
  });
607
532
  },
608
- version: "3.0.0-beta.4"
533
+ version: "3.0.0-beta.400"
609
534
  }, ((0, _applyDecoratedDescriptor2.default)(_obj, "downscope", [_dec], (0, _getOwnPropertyDescriptor.default)(_obj, "downscope"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "refresh", [_common.oneFlight], (0, _getOwnPropertyDescriptor.default)(_obj, "refresh"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "revoke", [_common.oneFlight], (0, _getOwnPropertyDescriptor.default)(_obj, "revoke"), _obj)), _obj)));
610
-
611
535
  var _default = Token;
612
536
  exports.default = _default;
613
537
  //# sourceMappingURL=token.js.map
package/dist/lib/credentials/token.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["processGrantError","res","statusCode","reject","ErrorConstructor","grantErrors","select","body","error","OAuthError","WebexHttpError","_res","Token","WebexPlugin","extend","oneFlight","keyFactory","scope","derived","canAuthorize","deps","fn","access_token","isExpired","canDownscope","config","client_id","canRefresh","inBrowser","refresh_token","refreshCallback","client_secret","expires","_isExpired","_string","token_type","namespace","props","expires_in","refresh_token_expires","refresh_token_expires_in","default","type","session","previousToken","downscope","logger","info","Error","trace","sortScope","webex","request","method","uri","tokenUrl","addAuthHeader","form","grant_type","token","self_contained_token","then","parent","initialize","attrs","options","prototype","safeSetTimeout","refresh","promise","resolve","redirect_uri","auth","user","pass","sendImmediately","shouldRefreshAccessToken","obj","process","env","NODE_ENV","revoke","unset","catch","revokeUrl","token_type_hint","set","_filterSetParameters","includes","split","now","toString","validate","service","resource","reason","convApi","CONVERSATION_SERVICE","CONVERSATION_SERVICE_URL","headers","authorization"],"sources":["token.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport {pick} from 'lodash';\nimport {inBrowser, oneFlight} from '@webex/common';\nimport {safeSetTimeout} from '@webex/common-timers';\n\nimport WebexHttpError from '../webex-http-error';\nimport WebexPlugin from '../webex-plugin';\n\nimport {sortScope} from './scope';\nimport grantErrors, {OAuthError} from './grant-errors';\n\n/* eslint-disable camelcase */\n\n/**\n * Parse response from CI and converts to structured error when appropriate\n * @param {WebexHttpError} res\n * @private\n * @returns {GrantError}\n */\nfunction processGrantError(res) {\n if (res.statusCode !== 400) {\n return Promise.reject(res);\n }\n\n const ErrorConstructor = grantErrors.select(res.body.error);\n\n if (ErrorConstructor === OAuthError && res instanceof WebexHttpError) {\n return Promise.reject(res);\n }\n if (!ErrorConstructor) {\n return Promise.reject(res);\n }\n\n return Promise.reject(new ErrorConstructor(res._res || res));\n}\n\n/**\n * @class\n */\nconst Token = WebexPlugin.extend({\n derived: {\n /**\n * Indicates if this token can be used in an auth header. `true` iff\n * {@link Token#access_token} is defined and {@link Token#isExpired} is\n * false.\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canAuthorize: {\n deps: ['access_token', 'isExpired'],\n fn() {\n return !!this.access_token && !this.isExpired;\n }\n },\n\n /**\n * Indicates that this token can be downscoped. `true` iff\n * {@link config.credentials.client_id} is defined and if\n * {@link Token#canAuthorize} is true\n *\n * Note: since {@link config} is not evented, we can't listen for changes to\n * {@link config.credentials.client_id}. As such,\n * {@link config.credentials.client_id} must always be set before\n * instantiating a {@link Token}\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canDownscope: {\n deps: ['canAuthorize'],\n fn() {\n return this.canAuthorize && !!this.config.client_id;\n }\n },\n\n /**\n * Indicates if this token can be refreshed. `true` iff\n * {@link Token@refresh_token} is defined and\n * {@link config.credentials.refreshCallback()} is defined\n *\n * Note: since {@link config} is not evented, we can't listen for changes to\n * {@link config.credentials.refreshCallback()}. As such,\n * {@link config.credentials.refreshCallback()} must always be set before\n * instantiating a {@link Token}\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canRefresh: {\n deps: ['refresh_token'],\n fn() {\n if (inBrowser) {\n return !!this.refresh_token && !!this.config.refreshCallback;\n }\n\n return !!this.refresh_token && !!this.config.client_secret;\n }\n },\n\n /**\n * Indicates if this `Token` is expired. `true` iff {@link Token#expires} is\n * defined and is less than {@link Date.now()}.\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n isExpired: {\n deps: ['expires', '_isExpired'],\n fn() {\n // in order to avoid setting `cache:false`, we'll use a private property\n // and a timer rather than comparing to `Date.now()`;\n return !!this.expires && this._isExpired;\n }\n },\n\n /**\n * Cache for toString()\n * @instance\n * @memberof Token\n * @private\n * @readonly\n * @type {string}\n */\n _string: {\n deps: ['access_token', 'token_type'],\n fn() {\n if (!this.access_token || !this.token_type) {\n return '';\n }\n\n return `${this.token_type} ${this.access_token}`;\n }\n }\n },\n\n namespace: 'Credentials',\n\n props: {\n /**\n * Used for indexing in the credentials userTokens collection\n * @instance\n * @memberof Token\n * @private\n * @type {string}\n */\n scope: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {string}\n */\n access_token: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n expires: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n expires_in: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {string}\n */\n refresh_token: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n refresh_token_expires: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n refresh_token_expires_in: 'number',\n /**\n * @default \"Bearer\"\n * @instance\n * @memberof Token\n * @type {string}\n */\n token_type: {\n default: 'Bearer',\n type: 'string'\n }\n },\n\n session: {\n /**\n * Used by {@link Token#isExpired} to avoid doing a Date comparison.\n * @instance\n * @memberof Token\n * @private\n * @type {boolean}\n */\n _isExpired: {\n default: false,\n type: 'boolean'\n },\n /**\n * Handle to the previous token that we'll revoke when we refresh this\n * token. The idea is to keep allow two valid tokens when a refresh occurs;\n * we don't want revoke a token that's in the middle of being used, so when\n * we do a token refresh, we won't revoke the token being refreshed, but\n * we'll revoke the previous one.\n * @instance\n * @memberof Token\n * @private\n * @type {Object}\n */\n previousToken: {\n type: 'state'\n }\n },\n\n @oneFlight({\n keyFactory(scope) {\n return scope;\n }\n })\n /**\n * Uses this token to request a new Token with a subset of this Token's scopes\n * @instance\n * @memberof Token\n * @param {string} scope\n * @returns {Promise<Token>}\n */\n downscope(scope) {\n this.logger.info(`token: downscoping token to ${scope}`);\n\n if (this.isExpired) {\n this.logger.info('token: request received to downscope expired access_token');\n\n return Promise.reject(new Error('cannot downscope expired access token'));\n }\n\n if (!this.canDownscope) {\n if (this.config.client_id) {\n this.logger.info('token: request received to downscope invalid access_token');\n }\n else {\n this.logger.trace('token: cannot downscope without client_id');\n }\n\n return Promise.reject(new Error('cannot downscope access token'));\n }\n\n // Since we're going to use scope as the index in our token collection, it's\n // important scopes are always deterministically specified.\n if (scope) {\n scope = sortScope(scope);\n }\n\n // Ideally, we could depend on the service to communicate this error, but\n // all we get is \"invalid scope\", which, to the lay person, implies\n // something wrong with *one* of the scopes, not the whole thing.\n if (scope === sortScope(this.config.scope)) {\n return Promise.reject(new Error('token: scope reduction requires a reduced scope'));\n }\n\n return this.webex.request({\n method: 'POST',\n uri: this.config.tokenUrl,\n addAuthHeader: false,\n form: {\n grant_type: 'urn:cisco:oauth:grant-type:scope-reduction',\n token: this.access_token,\n scope,\n client_id: this.config.client_id,\n self_contained_token: true\n }\n })\n .then((res) => {\n this.logger.info(`token: downscoped token to ${scope}`);\n\n return new Token(Object.assign(res.body, {scope}), {parent: this.parent});\n });\n },\n\n /**\n * Initializer\n * @instance\n * @memberof Token\n * @param {Object} [attrs={}]\n * @param {Object} [options={}]\n * @see {@link WebexPlugin#initialize()}\n * @returns {Token}\n */\n initialize(attrs = {}, options = {}) {\n Reflect.apply(WebexPlugin.prototype.initialize, this, [attrs, options]);\n\n if (typeof attrs === 'string') {\n this.access_token = attrs;\n }\n\n if (!this.access_token) {\n throw new Error('`access_token` is required');\n }\n\n // We don't want the derived property `isExpired` to need {cache:false}, so\n // we'll set up a timer the runs when this token should expire.\n if (this.expires) {\n if (this.expires < Date.now()) {\n this._isExpired = true;\n }\n else {\n safeSetTimeout(() => {\n this._isExpired = true;\n }, this.expires - Date.now());\n }\n }\n },\n\n @oneFlight\n /**\n * Refreshes this Token. Relies on\n * {@link config.credentials.refreshCallback()}\n * @instance\n * @memberof Token\n * @returns {Promise<Token>}\n */\n refresh() {\n if (!this.canRefresh) {\n throw new Error('Not enough information available to refresh this access token');\n }\n\n let promise;\n\n if (inBrowser) {\n if (!this.config.refreshCallback) {\n throw new Error('Cannot refresh access token without refreshCallback');\n }\n\n promise = Promise.resolve(this.config.refreshCallback(this.webex, this));\n }\n\n return (promise || this.webex.request({\n method: 'POST',\n uri: this.config.tokenUrl,\n form: {\n grant_type: 'refresh_token',\n redirect_uri: this.config.redirect_uri,\n refresh_token: this.refresh_token\n },\n auth: {\n user: this.config.client_id,\n pass: this.config.client_secret,\n sendImmediately: true\n },\n shouldRefreshAccessToken: false\n })\n .then((res) => res.body))\n .then((obj) => {\n if (!obj) {\n throw new Error('token: refreshCallback() did not produce an object');\n }\n // If the authentication server did not send back a refresh token, copy\n // the current refresh token and related values to the response (note:\n // at time of implementation, CI never sends a new refresh token)\n if (!obj.refresh_token) {\n Object.assign(obj, pick(this, 'refresh_token', 'refresh_token_expires', 'refresh_token_expires_in'));\n }\n\n // If the new token is the same as the previous token, then we may have\n // found a bug in CI; log the details and reject the Promise\n if (this.access_token === obj.access_token) {\n this.logger.error('token: new token matches current token');\n // log the tokens if it is not production\n if (process.env.NODE_ENV !== 'production') {\n this.logger.error('token: current token:', this.access_token);\n this.logger.error('token: new token:', obj.access_token);\n }\n\n return Promise.reject(new Error('new token matches current token'));\n }\n\n if (this.previousToken) {\n this.previousToken.revoke();\n this.unset('previousToken');\n }\n\n obj.previousToken = this;\n obj.scope = this.scope;\n\n return new Token(obj, {parent: this.parent});\n })\n .catch(processGrantError);\n },\n\n @oneFlight\n /**\n * Revokes this token and unsets its local properties\n * @instance\n * @memberof Token\n * @returns {Promise}\n */\n revoke() {\n if (this.isExpired) {\n this.logger.info('token: already expired, not making making revocation request');\n\n return Promise.resolve();\n }\n\n if (!this.canAuthorize) {\n this.logger.info('token: no longer valid, not making revocation request');\n\n return Promise.resolve();\n }\n\n // FIXME we need to use the user token revocation endpoint to revoke a token\n // without a client_secret, but it doesn't current support using a token to\n // revoke itself\n // Note: I'm not making a canRevoke property because there should be changes\n // coming to the user token revocation endpoint that allow us to do this\n // correctly.\n if (!this.config.client_secret) {\n this.logger.info('token: no client secret available, not making revocation request');\n\n return Promise.resolve();\n }\n\n this.logger.info('token: revoking access token');\n\n return this.webex.request({\n method: 'POST',\n uri: this.config.revokeUrl,\n form: {\n token: this.access_token,\n token_type_hint: 'access_token'\n },\n auth: {\n user: this.config.client_id,\n pass: this.config.client_secret,\n sendImmediately: true\n },\n shouldRefreshAccessToken: false\n })\n .then(() => {\n this.unset([\n 'access_token',\n 'expires',\n 'expires_in',\n 'token_type'\n ]);\n this.logger.info('token: access token revoked');\n })\n .catch(processGrantError);\n },\n\n set(...args) {\n // eslint-disable-next-line prefer-const\n let [attrs, options] = this._filterSetParameters(...args);\n\n if (!attrs.token_type && attrs.access_token && attrs.access_token.includes(' ')) {\n const [token_type, access_token] = attrs.access_token.split(' ');\n\n attrs = Object.assign({}, attrs, {access_token, token_type});\n }\n const now = Date.now();\n\n if (!attrs.expires && attrs.expires_in) {\n attrs.expires = now + attrs.expires_in * 1000;\n }\n\n if (!attrs.refresh_token_expires && attrs.refresh_token_expires_in) {\n attrs.refresh_token_expires = now + attrs.refresh_token_expires_in * 1000;\n }\n\n if (attrs.scope) {\n attrs.scope = sortScope(attrs.scope);\n }\n\n return Reflect.apply(WebexPlugin.prototype.set, this, [attrs, options]);\n },\n\n /**\n * Renders the token object as an HTTP Header Value\n * @instance\n * @memberof Token\n * @returns {string}\n * @see {@link Object#toString()}\n */\n toString() {\n if (!this._string) {\n throw new Error('cannot stringify Token');\n }\n\n return this._string;\n },\n\n /**\n * Uses a non-producation api to return information about this token. This\n * method is primarily for tests and will throw if NODE_ENV === production\n * @instance\n * @memberof Token\n * @private\n * @returns {Promise}\n */\n validate() {\n if (process.env.NODE_ENV === 'production') {\n throw new Error('Token#validate() must not be used in production');\n }\n\n return this.webex.request({\n method: 'POST',\n service: 'conversation',\n resource: 'users/validateAuthToken',\n body: {\n token: this.access_token\n }\n })\n .catch((reason) => {\n if ('statusCode' in reason) {\n return Promise.reject(reason);\n }\n this.logger.info('REMINDER: If you\\'re investigating a network error here, it\\'s normal');\n\n // If we got an error that isn't a WebexHttpError, assume the problem is\n // that we don't have the wdm plugin loaded and service/resource isn't\n // a valid means of identifying a request.\n const convApi = process.env.CONVERSATION_SERVICE || process.env.CONVERSATION_SERVICE_URL || 'https://conv-a.wbx2.com/conversation/api/v1';\n\n return this.webex.request({\n method: 'POST',\n uri: `${convApi}/users/validateAuthToken`,\n body: {\n token: this.access_token\n },\n headers: {\n authorization: `Bearer ${this.access_token}`\n }\n });\n })\n .then((res) => res.body);\n }\n});\n\nexport default Token;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAKA;;AACA;;AAEA;;AACA;;AAEA;;AACA;;;;;;;;AAEA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,iBAAT,CAA2BC,GAA3B,EAAgC;EAC9B,IAAIA,GAAG,CAACC,UAAJ,KAAmB,GAAvB,EAA4B;IAC1B,OAAO,iBAAQC,MAAR,CAAeF,GAAf,CAAP;EACD;;EAED,IAAMG,gBAAgB,GAAGC,oBAAA,CAAYC,MAAZ,CAAmBL,GAAG,CAACM,IAAJ,CAASC,KAA5B,CAAzB;;EAEA,IAAIJ,gBAAgB,KAAKK,uBAArB,IAAmCR,GAAG,YAAYS,uBAAtD,EAAsE;IACpE,OAAO,iBAAQP,MAAR,CAAeF,GAAf,CAAP;EACD;;EACD,IAAI,CAACG,gBAAL,EAAuB;IACrB,OAAO,iBAAQD,MAAR,CAAeF,GAAf,CAAP;EACD;;EAED,OAAO,iBAAQE,MAAR,CAAe,IAAIC,gBAAJ,CAAqBH,GAAG,CAACU,IAAJ,IAAYV,GAAjC,CAAf,CAAP;AACD;AAED;AACA;AACA;;;AACA,IAAMW,KAAK,GAAGC,oBAAA,CAAYC,MAAZ,SA4LX,IAAAC,iBAAA,EAAU;EACTC,UADS,sBACEC,KADF,EACS;IAChB,OAAOA,KAAP;EACD;AAHQ,CAAV,CA5LW,UAAmB;EAC/BC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZC,IAAI,EAAE,CAAC,cAAD,EAAiB,WAAjB,CADM;MAEZC,EAFY,gBAEP;QACH,OAAO,CAAC,CAAC,KAAKC,YAAP,IAAuB,CAAC,KAAKC,SAApC;MACD;IAJW,CAVP;;IAiBP;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZJ,IAAI,EAAE,CAAC,cAAD,CADM;MAEZC,EAFY,gBAEP;QACH,OAAO,KAAKF,YAAL,IAAqB,CAAC,CAAC,KAAKM,MAAL,CAAYC,SAA1C;MACD;IAJW,CA/BP;;IAsCP;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,UAAU,EAAE;MACVP,IAAI,EAAE,CAAC,eAAD,CADI;MAEVC,EAFU,gBAEL;QACH,IAAIO,iBAAJ,EAAe;UACb,OAAO,CAAC,CAAC,KAAKC,aAAP,IAAwB,CAAC,CAAC,KAAKJ,MAAL,CAAYK,eAA7C;QACD;;QAED,OAAO,CAAC,CAAC,KAAKD,aAAP,IAAwB,CAAC,CAAC,KAAKJ,MAAL,CAAYM,aAA7C;MACD;IARS,CApDL;;IA+DP;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIR,SAAS,EAAE;MACTH,IAAI,EAAE,CAAC,SAAD,EAAY,YAAZ,CADG;MAETC,EAFS,gBAEJ;QACH;QACA;QACA,OAAO,CAAC,CAAC,KAAKW,OAAP,IAAkB,KAAKC,UAA9B;MACD;IANQ,CAvEJ;;IAgFP;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,OAAO,EAAE;MACPd,IAAI,EAAE,CAAC,cAAD,EAAiB,YAAjB,CADC;MAEPC,EAFO,gBAEF;QACH,IAAI,CAAC,KAAKC,YAAN,IAAsB,CAAC,KAAKa,UAAhC,EAA4C;UAC1C,OAAO,EAAP;QACD;;QAED,iBAAU,KAAKA,UAAf,cAA6B,KAAKb,YAAlC;MACD;IARM;EAxFF,CADsB;EAqG/Bc,SAAS,EAAE,aArGoB;EAuG/BC,KAAK,EAAE;IACL;AACJ;AACA;AACA;AACA;AACA;AACA;IACIpB,KAAK,EAAE,QARF;;IASL;AACJ;AACA;AACA;AACA;IACIK,YAAY,EAAE,QAdT;;IAeL;AACJ;AACA;AACA;AACA;IACIU,OAAO,EAAE,QApBJ;;IAqBL;AACJ;AACA;AACA;AACA;IACIM,UAAU,EAAE,QA1BP;;IA2BL;AACJ;AACA;AACA;AACA;IACIT,aAAa,EAAE,QAhCV;;IAiCL;AACJ;AACA;AACA;AACA;IACIU,qBAAqB,EAAE,QAtClB;;IAuCL;AACJ;AACA;AACA;AACA;IACIC,wBAAwB,EAAE,QA5CrB;;IA6CL;AACJ;AACA;AACA;AACA;AACA;IACIL,UAAU,EAAE;MACVM,OAAO,EAAE,QADC;MAEVC,IAAI,EAAE;IAFI;EAnDP,CAvGwB;EAgK/BC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;IACIV,UAAU,EAAE;MACVQ,OAAO,EAAE,KADC;MAEVC,IAAI,EAAE;IAFI,CARL;;IAYP;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIE,aAAa,EAAE;MACbF,IAAI,EAAE;IADO;EAvBR,CAhKsB;;EAiM/B;AACF;AACA;AACA;AACA;AACA;AACA;EACEG,SAxM+B,qBAwMrB5B,KAxMqB,EAwMd;IAAA;;IACf,KAAK6B,MAAL,CAAYC,IAAZ,uCAAgD9B,KAAhD;;IAEA,IAAI,KAAKM,SAAT,EAAoB;MAClB,KAAKuB,MAAL,CAAYC,IAAZ,CAAiB,2DAAjB;MAEA,OAAO,iBAAQ5C,MAAR,CAAe,IAAI6C,KAAJ,CAAU,uCAAV,CAAf,CAAP;IACD;;IAED,IAAI,CAAC,KAAKxB,YAAV,EAAwB;MACtB,IAAI,KAAKC,MAAL,CAAYC,SAAhB,EAA2B;QACzB,KAAKoB,MAAL,CAAYC,IAAZ,CAAiB,2DAAjB;MACD,CAFD,MAGK;QACH,KAAKD,MAAL,CAAYG,KAAZ,CAAkB,2CAAlB;MACD;;MAED,OAAO,iBAAQ9C,MAAR,CAAe,IAAI6C,KAAJ,CAAU,+BAAV,CAAf,CAAP;IACD,CAlBc,CAoBf;IACA;;;IACA,IAAI/B,KAAJ,EAAW;MACTA,KAAK,GAAG,IAAAiC,gBAAA,EAAUjC,KAAV,CAAR;IACD,CAxBc,CA0Bf;IACA;IACA;;;IACA,IAAIA,KAAK,KAAK,IAAAiC,gBAAA,EAAU,KAAKzB,MAAL,CAAYR,KAAtB,CAAd,EAA4C;MAC1C,OAAO,iBAAQd,MAAR,CAAe,IAAI6C,KAAJ,CAAU,iDAAV,CAAf,CAAP;IACD;;IAED,OAAO,KAAKG,KAAL,CAAWC,OAAX,CAAmB;MACxBC,MAAM,EAAE,MADgB;MAExBC,GAAG,EAAE,KAAK7B,MAAL,CAAY8B,QAFO;MAGxBC,aAAa,EAAE,KAHS;MAIxBC,IAAI,EAAE;QACJC,UAAU,EAAE,4CADR;QAEJC,KAAK,EAAE,KAAKrC,YAFR;QAGJL,KAAK,EAALA,KAHI;QAIJS,SAAS,EAAE,KAAKD,MAAL,CAAYC,SAJnB;QAKJkC,oBAAoB,EAAE;MALlB;IAJkB,CAAnB,EAYJC,IAZI,CAYC,UAAC5D,GAAD,EAAS;MACb,KAAI,CAAC6C,MAAL,CAAYC,IAAZ,sCAA+C9B,KAA/C;;MAEA,OAAO,IAAIL,KAAJ,CAAU,qBAAcX,GAAG,CAACM,IAAlB,EAAwB;QAACU,KAAK,EAALA;MAAD,CAAxB,CAAV,EAA4C;QAAC6C,MAAM,EAAE,KAAI,CAACA;MAAd,CAA5C,CAAP;IACD,CAhBI,CAAP;EAiBD,CA1P8B;;EA4P/B;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,UArQ+B,wBAqQM;IAAA;;IAAA,IAA1BC,KAA0B,uEAAlB,EAAkB;IAAA,IAAdC,OAAc,uEAAJ,EAAI;IACnC,oBAAcpD,oBAAA,CAAYqD,SAAZ,CAAsBH,UAApC,EAAgD,IAAhD,EAAsD,CAACC,KAAD,EAAQC,OAAR,CAAtD;;IAEA,IAAI,OAAOD,KAAP,KAAiB,QAArB,EAA+B;MAC7B,KAAK1C,YAAL,GAAoB0C,KAApB;IACD;;IAED,IAAI,CAAC,KAAK1C,YAAV,EAAwB;MACtB,MAAM,IAAI0B,KAAJ,CAAU,4BAAV,CAAN;IACD,CATkC,CAWnC;IACA;;;IACA,IAAI,KAAKhB,OAAT,EAAkB;MAChB,IAAI,KAAKA,OAAL,GAAe,mBAAnB,EAA+B;QAC7B,KAAKC,UAAL,GAAkB,IAAlB;MACD,CAFD,MAGK;QACH,IAAAkC,4BAAA,EAAe,YAAM;UACnB,MAAI,CAAClC,UAAL,GAAkB,IAAlB;QACD,CAFD,EAEG,KAAKD,OAAL,GAAe,mBAFlB;MAGD;IACF;EACF,CA5R8B;;EA+R/B;AACF;AACA;AACA;AACA;AACA;AACA;EACEoC,OAtS+B,qBAsSrB;IAAA;;IACR,IAAI,CAAC,KAAKzC,UAAV,EAAsB;MACpB,MAAM,IAAIqB,KAAJ,CAAU,+DAAV,CAAN;IACD;;IAED,IAAIqB,OAAJ;;IAEA,IAAIzC,iBAAJ,EAAe;MACb,IAAI,CAAC,KAAKH,MAAL,CAAYK,eAAjB,EAAkC;QAChC,MAAM,IAAIkB,KAAJ,CAAU,qDAAV,CAAN;MACD;;MAEDqB,OAAO,GAAG,iBAAQC,OAAR,CAAgB,KAAK7C,MAAL,CAAYK,eAAZ,CAA4B,KAAKqB,KAAjC,EAAwC,IAAxC,CAAhB,CAAV;IACD;;IAED,OAAO,CAACkB,OAAO,IAAI,KAAKlB,KAAL,CAAWC,OAAX,CAAmB;MACpCC,MAAM,EAAE,MAD4B;MAEpCC,GAAG,EAAE,KAAK7B,MAAL,CAAY8B,QAFmB;MAGpCE,IAAI,EAAE;QACJC,UAAU,EAAE,eADR;QAEJa,YAAY,EAAE,KAAK9C,MAAL,CAAY8C,YAFtB;QAGJ1C,aAAa,EAAE,KAAKA;MAHhB,CAH8B;MAQpC2C,IAAI,EAAE;QACJC,IAAI,EAAE,KAAKhD,MAAL,CAAYC,SADd;QAEJgD,IAAI,EAAE,KAAKjD,MAAL,CAAYM,aAFd;QAGJ4C,eAAe,EAAE;MAHb,CAR8B;MAapCC,wBAAwB,EAAE;IAbU,CAAnB,EAehBf,IAfgB,CAeX,UAAC5D,GAAD;MAAA,OAASA,GAAG,CAACM,IAAb;IAAA,CAfW,CAAZ,EAgBJsD,IAhBI,CAgBC,UAACgB,GAAD,EAAS;MACb,IAAI,CAACA,GAAL,EAAU;QACR,MAAM,IAAI7B,KAAJ,CAAU,oDAAV,CAAN;MACD,CAHY,CAIb;MACA;MACA;;;MACA,IAAI,CAAC6B,GAAG,CAAChD,aAAT,EAAwB;QACtB,qBAAcgD,GAAd,EAAmB,oBAAK,MAAL,EAAW,eAAX,EAA4B,uBAA5B,EAAqD,0BAArD,CAAnB;MACD,CATY,CAWb;MACA;;;MACA,IAAI,MAAI,CAACvD,YAAL,KAAsBuD,GAAG,CAACvD,YAA9B,EAA4C;QAC1C,MAAI,CAACwB,MAAL,CAAYtC,KAAZ,CAAkB,wCAAlB,EAD0C,CAE1C;;;QACA,IAAIsE,OAAO,CAACC,GAAR,CAAYC,QAAZ,KAAyB,YAA7B,EAA2C;UACzC,MAAI,CAAClC,MAAL,CAAYtC,KAAZ,CAAkB,uBAAlB,EAA2C,MAAI,CAACc,YAAhD;;UACA,MAAI,CAACwB,MAAL,CAAYtC,KAAZ,CAAkB,mBAAlB,EAAuCqE,GAAG,CAACvD,YAA3C;QACD;;QAED,OAAO,iBAAQnB,MAAR,CAAe,IAAI6C,KAAJ,CAAU,iCAAV,CAAf,CAAP;MACD;;MAED,IAAI,MAAI,CAACJ,aAAT,EAAwB;QACtB,MAAI,CAACA,aAAL,CAAmBqC,MAAnB;;QACA,MAAI,CAACC,KAAL,CAAW,eAAX;MACD;;MAEDL,GAAG,CAACjC,aAAJ,GAAoB,MAApB;MACAiC,GAAG,CAAC5D,KAAJ,GAAY,MAAI,CAACA,KAAjB;MAEA,OAAO,IAAIL,KAAJ,CAAUiE,GAAV,EAAe;QAACf,MAAM,EAAE,MAAI,CAACA;MAAd,CAAf,CAAP;IACD,CAjDI,EAkDJqB,KAlDI,CAkDEnF,iBAlDF,CAAP;EAmDD,CAxW8B;;EA2W/B;AACF;AACA;AACA;AACA;AACA;EACEiF,MAjX+B,oBAiXtB;IAAA;;IACP,IAAI,KAAK1D,SAAT,EAAoB;MAClB,KAAKuB,MAAL,CAAYC,IAAZ,CAAiB,8DAAjB;MAEA,OAAO,iBAAQuB,OAAR,EAAP;IACD;;IAED,IAAI,CAAC,KAAKnD,YAAV,EAAwB;MACtB,KAAK2B,MAAL,CAAYC,IAAZ,CAAiB,uDAAjB;MAEA,OAAO,iBAAQuB,OAAR,EAAP;IACD,CAXM,CAaP;IACA;IACA;IACA;IACA;IACA;;;IACA,IAAI,CAAC,KAAK7C,MAAL,CAAYM,aAAjB,EAAgC;MAC9B,KAAKe,MAAL,CAAYC,IAAZ,CAAiB,kEAAjB;MAEA,OAAO,iBAAQuB,OAAR,EAAP;IACD;;IAED,KAAKxB,MAAL,CAAYC,IAAZ,CAAiB,8BAAjB;IAEA,OAAO,KAAKI,KAAL,CAAWC,OAAX,CAAmB;MACxBC,MAAM,EAAE,MADgB;MAExBC,GAAG,EAAE,KAAK7B,MAAL,CAAY2D,SAFO;MAGxB3B,IAAI,EAAE;QACJE,KAAK,EAAE,KAAKrC,YADR;QAEJ+D,eAAe,EAAE;MAFb,CAHkB;MAOxBb,IAAI,EAAE;QACJC,IAAI,EAAE,KAAKhD,MAAL,CAAYC,SADd;QAEJgD,IAAI,EAAE,KAAKjD,MAAL,CAAYM,aAFd;QAGJ4C,eAAe,EAAE;MAHb,CAPkB;MAYxBC,wBAAwB,EAAE;IAZF,CAAnB,EAcJf,IAdI,CAcC,YAAM;MACV,MAAI,CAACqB,KAAL,CAAW,CACT,cADS,EAET,SAFS,EAGT,YAHS,EAIT,YAJS,CAAX;;MAMA,MAAI,CAACpC,MAAL,CAAYC,IAAZ,CAAiB,6BAAjB;IACD,CAtBI,EAuBJoC,KAvBI,CAuBEnF,iBAvBF,CAAP;EAwBD,CApa8B;EAsa/BsF,GAta+B,iBAsalB;IACX;IACA,4BAAuB,KAAKC,oBAAL,uBAAvB;IAAA;IAAA,IAAKvB,KAAL;IAAA,IAAYC,OAAZ;;IAEA,IAAI,CAACD,KAAK,CAAC7B,UAAP,IAAqB6B,KAAK,CAAC1C,YAA3B,IAA2C0C,KAAK,CAAC1C,YAAN,CAAmBkE,QAAnB,CAA4B,GAA5B,CAA/C,EAAiF;MAC/E,4BAAmCxB,KAAK,CAAC1C,YAAN,CAAmBmE,KAAnB,CAAyB,GAAzB,CAAnC;MAAA;MAAA,IAAOtD,UAAP;MAAA,IAAmBb,YAAnB;;MAEA0C,KAAK,GAAG,qBAAc,EAAd,EAAkBA,KAAlB,EAAyB;QAAC1C,YAAY,EAAZA,YAAD;QAAea,UAAU,EAAVA;MAAf,CAAzB,CAAR;IACD;;IACD,IAAMuD,GAAG,GAAG,mBAAZ;;IAEA,IAAI,CAAC1B,KAAK,CAAChC,OAAP,IAAkBgC,KAAK,CAAC1B,UAA5B,EAAwC;MACtC0B,KAAK,CAAChC,OAAN,GAAgB0D,GAAG,GAAG1B,KAAK,CAAC1B,UAAN,GAAmB,IAAzC;IACD;;IAED,IAAI,CAAC0B,KAAK,CAACzB,qBAAP,IAAgCyB,KAAK,CAACxB,wBAA1C,EAAoE;MAClEwB,KAAK,CAACzB,qBAAN,GAA8BmD,GAAG,GAAG1B,KAAK,CAACxB,wBAAN,GAAiC,IAArE;IACD;;IAED,IAAIwB,KAAK,CAAC/C,KAAV,EAAiB;MACf+C,KAAK,CAAC/C,KAAN,GAAc,IAAAiC,gBAAA,EAAUc,KAAK,CAAC/C,KAAhB,CAAd;IACD;;IAED,OAAO,oBAAcJ,oBAAA,CAAYqD,SAAZ,CAAsBoB,GAApC,EAAyC,IAAzC,EAA+C,CAACtB,KAAD,EAAQC,OAAR,CAA/C,CAAP;EACD,CA9b8B;;EAgc/B;AACF;AACA;AACA;AACA;AACA;AACA;EACE0B,QAvc+B,sBAucpB;IACT,IAAI,CAAC,KAAKzD,OAAV,EAAmB;MACjB,MAAM,IAAIc,KAAJ,CAAU,wBAAV,CAAN;IACD;;IAED,OAAO,KAAKd,OAAZ;EACD,CA7c8B;;EA+c/B;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE0D,QAvd+B,sBAudpB;IAAA;;IACT,IAAId,OAAO,CAACC,GAAR,CAAYC,QAAZ,KAAyB,YAA7B,EAA2C;MACzC,MAAM,IAAIhC,KAAJ,CAAU,iDAAV,CAAN;IACD;;IAED,OAAO,KAAKG,KAAL,CAAWC,OAAX,CAAmB;MACxBC,MAAM,EAAE,MADgB;MAExBwC,OAAO,EAAE,cAFe;MAGxBC,QAAQ,EAAE,yBAHc;MAIxBvF,IAAI,EAAE;QACJoD,KAAK,EAAE,KAAKrC;MADR;IAJkB,CAAnB,EAQJ6D,KARI,CAQE,UAACY,MAAD,EAAY;MACjB,IAAI,gBAAgBA,MAApB,EAA4B;QAC1B,OAAO,iBAAQ5F,MAAR,CAAe4F,MAAf,CAAP;MACD;;MACD,MAAI,CAACjD,MAAL,CAAYC,IAAZ,CAAiB,uEAAjB,EAJiB,CAMjB;MACA;MACA;;;MACA,IAAMiD,OAAO,GAAGlB,OAAO,CAACC,GAAR,CAAYkB,oBAAZ,IAAoCnB,OAAO,CAACC,GAAR,CAAYmB,wBAAhD,IAA4E,6CAA5F;MAEA,OAAO,MAAI,CAAC/C,KAAL,CAAWC,OAAX,CAAmB;QACxBC,MAAM,EAAE,MADgB;QAExBC,GAAG,YAAK0C,OAAL,6BAFqB;QAGxBzF,IAAI,EAAE;UACJoD,KAAK,EAAE,MAAI,CAACrC;QADR,CAHkB;QAMxB6E,OAAO,EAAE;UACPC,aAAa,mBAAY,MAAI,CAAC9E,YAAjB;QADN;MANe,CAAnB,CAAP;IAUD,CA7BI,EA8BJuC,IA9BI,CA8BC,UAAC5D,GAAD;MAAA,OAASA,GAAG,CAACM,IAAb;IAAA,CA9BD,CAAP;EA+BD,CA3f8B;EAAA;AAAA,CAAnB,kMA8RXQ,iBA9RW,4HA0WXA,iBA1WW,0EAAd;;eA8feH,K"}
1
+ {"version":3,"names":["processGrantError","res","statusCode","reject","ErrorConstructor","grantErrors","select","body","error","OAuthError","WebexHttpError","_res","Token","WebexPlugin","extend","oneFlight","keyFactory","scope","derived","canAuthorize","deps","fn","access_token","isExpired","canDownscope","config","client_id","canRefresh","inBrowser","refresh_token","refreshCallback","client_secret","expires","_isExpired","_string","token_type","namespace","props","expires_in","refresh_token_expires","refresh_token_expires_in","default","type","session","previousToken","downscope","logger","info","Error","trace","diffScopes","sortScope","webex","request","method","uri","tokenUrl","addAuthHeader","form","grant_type","token","self_contained_token","then","parent","initialize","attrs","options","prototype","safeSetTimeout","refresh","promise","resolve","redirect_uri","auth","user","pass","sendImmediately","shouldRefreshAccessToken","obj","process","env","NODE_ENV","revoke","unset","catch","revokeUrl","token_type_hint","set","_filterSetParameters","includes","split","now","toString","validate","service","resource","reason","convApi","CONVERSATION_SERVICE","CONVERSATION_SERVICE_URL","headers","authorization"],"sources":["token.js"],"sourcesContent":["/*!\n * Copyright (c) 2015-2020 Cisco Systems, Inc. See LICENSE file.\n */\n\nimport {pick} from 'lodash';\nimport {inBrowser, oneFlight} from '@webex/common';\nimport {safeSetTimeout} from '@webex/common-timers';\n\nimport WebexHttpError from '../webex-http-error';\nimport WebexPlugin from '../webex-plugin';\n\nimport {sortScope, diffScopes} from './scope';\nimport grantErrors, {OAuthError} from './grant-errors';\n\n/* eslint-disable camelcase */\n\n/**\n * Parse response from CI and converts to structured error when appropriate\n * @param {WebexHttpError} res\n * @private\n * @returns {GrantError}\n */\nfunction processGrantError(res) {\n if (res.statusCode !== 400) {\n return Promise.reject(res);\n }\n\n const ErrorConstructor = grantErrors.select(res.body.error);\n\n if (ErrorConstructor === OAuthError && res instanceof WebexHttpError) {\n return Promise.reject(res);\n }\n if (!ErrorConstructor) {\n return Promise.reject(res);\n }\n\n return Promise.reject(new ErrorConstructor(res._res || res));\n}\n\n/**\n * @class\n */\nconst Token = WebexPlugin.extend({\n derived: {\n /**\n * Indicates if this token can be used in an auth header. `true` iff\n * {@link Token#access_token} is defined and {@link Token#isExpired} is\n * false.\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canAuthorize: {\n deps: ['access_token', 'isExpired'],\n fn() {\n return !!this.access_token && !this.isExpired;\n },\n },\n\n /**\n * Indicates that this token can be downscoped. `true` iff\n * {@link config.credentials.client_id} is defined and if\n * {@link Token#canAuthorize} is true\n *\n * Note: since {@link config} is not evented, we can't listen for changes to\n * {@link config.credentials.client_id}. As such,\n * {@link config.credentials.client_id} must always be set before\n * instantiating a {@link Token}\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canDownscope: {\n deps: ['canAuthorize'],\n fn() {\n return this.canAuthorize && !!this.config.client_id;\n },\n },\n\n /**\n * Indicates if this token can be refreshed. `true` iff\n * {@link Token@refresh_token} is defined and\n * {@link config.credentials.refreshCallback()} is defined\n *\n * Note: since {@link config} is not evented, we can't listen for changes to\n * {@link config.credentials.refreshCallback()}. As such,\n * {@link config.credentials.refreshCallback()} must always be set before\n * instantiating a {@link Token}\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n canRefresh: {\n deps: ['refresh_token'],\n fn() {\n if (inBrowser) {\n return !!this.refresh_token && !!this.config.refreshCallback;\n }\n\n return !!this.refresh_token && !!this.config.client_secret;\n },\n },\n\n /**\n * Indicates if this `Token` is expired. `true` iff {@link Token#expires} is\n * defined and is less than {@link Date.now()}.\n * @instance\n * @memberof Token\n * @readonly\n * @type {boolean}\n */\n isExpired: {\n deps: ['expires', '_isExpired'],\n fn() {\n // in order to avoid setting `cache:false`, we'll use a private property\n // and a timer rather than comparing to `Date.now()`;\n return !!this.expires && this._isExpired;\n },\n },\n\n /**\n * Cache for toString()\n * @instance\n * @memberof Token\n * @private\n * @readonly\n * @type {string}\n */\n _string: {\n deps: ['access_token', 'token_type'],\n fn() {\n if (!this.access_token || !this.token_type) {\n return '';\n }\n\n return `${this.token_type} ${this.access_token}`;\n },\n },\n },\n\n namespace: 'Credentials',\n\n props: {\n /**\n * Used for indexing in the credentials userTokens collection\n * @instance\n * @memberof Token\n * @private\n * @type {string}\n */\n scope: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {string}\n */\n access_token: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n expires: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n expires_in: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {string}\n */\n refresh_token: 'string',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n refresh_token_expires: 'number',\n /**\n * @instance\n * @memberof Token\n * @type {number}\n */\n refresh_token_expires_in: 'number',\n /**\n * @default \"Bearer\"\n * @instance\n * @memberof Token\n * @type {string}\n */\n token_type: {\n default: 'Bearer',\n type: 'string',\n },\n },\n\n session: {\n /**\n * Used by {@link Token#isExpired} to avoid doing a Date comparison.\n * @instance\n * @memberof Token\n * @private\n * @type {boolean}\n */\n _isExpired: {\n default: false,\n type: 'boolean',\n },\n /**\n * Handle to the previous token that we'll revoke when we refresh this\n * token. The idea is to keep allow two valid tokens when a refresh occurs;\n * we don't want revoke a token that's in the middle of being used, so when\n * we do a token refresh, we won't revoke the token being refreshed, but\n * we'll revoke the previous one.\n * @instance\n * @memberof Token\n * @private\n * @type {Object}\n */\n previousToken: {\n type: 'state',\n },\n },\n\n @oneFlight({\n keyFactory(scope) {\n return scope;\n },\n })\n /**\n * Uses this token to request a new Token with a subset of this Token's scopes\n * @instance\n * @memberof Token\n * @param {string} scope\n * @returns {Promise<Token>}\n */\n downscope(scope) {\n this.logger.info(`token: downscoping token to ${scope}`);\n\n if (this.isExpired) {\n this.logger.info('token: request received to downscope expired access_token');\n\n return Promise.reject(new Error('cannot downscope expired access token'));\n }\n\n if (!this.canDownscope) {\n if (this.config.client_id) {\n this.logger.info('token: request received to downscope invalid access_token');\n } else {\n this.logger.trace('token: cannot downscope without client_id');\n }\n\n return Promise.reject(new Error('cannot downscope access token'));\n }\n\n if (diffScopes(scope, this.config.scope) !== '') {\n return Promise.reject(\n new Error(\n `new scope (${scope}) is not subset of the available scopes (${this.config.scope})`\n )\n );\n }\n\n // Since we're going to use scope as the index in our token collection, it's\n // important scopes are always deterministically specified.\n if (scope) {\n scope = sortScope(scope);\n }\n\n // Ideally, we could depend on the service to communicate this error, but\n // all we get is \"invalid scope\", which, to the lay person, implies\n // something wrong with *one* of the scopes, not the whole thing.\n if (scope === sortScope(this.config.scope)) {\n return Promise.reject(new Error('token: scope reduction requires a reduced scope'));\n }\n\n return this.webex\n .request({\n method: 'POST',\n uri: this.config.tokenUrl,\n addAuthHeader: false,\n form: {\n grant_type: 'urn:cisco:oauth:grant-type:scope-reduction',\n token: this.access_token,\n scope,\n client_id: this.config.client_id,\n self_contained_token: true,\n },\n })\n .then((res) => {\n this.logger.info(`token: downscoped token to ${scope}`);\n\n return new Token(Object.assign(res.body, {scope}), {parent: this.parent});\n });\n },\n\n /**\n * Initializer\n * @instance\n * @memberof Token\n * @param {Object} [attrs={}]\n * @param {Object} [options={}]\n * @see {@link WebexPlugin#initialize()}\n * @returns {Token}\n */\n initialize(attrs = {}, options = {}) {\n Reflect.apply(WebexPlugin.prototype.initialize, this, [attrs, options]);\n\n if (typeof attrs === 'string') {\n this.access_token = attrs;\n }\n\n if (!this.access_token) {\n throw new Error('`access_token` is required');\n }\n\n // We don't want the derived property `isExpired` to need {cache:false}, so\n // we'll set up a timer the runs when this token should expire.\n if (this.expires) {\n if (this.expires < Date.now()) {\n this._isExpired = true;\n } else {\n safeSetTimeout(() => {\n this._isExpired = true;\n }, this.expires - Date.now());\n }\n }\n },\n\n @oneFlight\n /**\n * Refreshes this Token. Relies on\n * {@link config.credentials.refreshCallback()}\n * @instance\n * @memberof Token\n * @returns {Promise<Token>}\n */\n refresh() {\n if (!this.canRefresh) {\n throw new Error('Not enough information available to refresh this access token');\n }\n\n let promise;\n\n if (inBrowser) {\n if (!this.config.refreshCallback) {\n throw new Error('Cannot refresh access token without refreshCallback');\n }\n\n promise = Promise.resolve(this.config.refreshCallback(this.webex, this));\n }\n\n return (\n promise ||\n this.webex\n .request({\n method: 'POST',\n uri: this.config.tokenUrl,\n form: {\n grant_type: 'refresh_token',\n redirect_uri: this.config.redirect_uri,\n refresh_token: this.refresh_token,\n },\n auth: {\n user: this.config.client_id,\n pass: this.config.client_secret,\n sendImmediately: true,\n },\n shouldRefreshAccessToken: false,\n })\n .then((res) => res.body)\n )\n .then((obj) => {\n if (!obj) {\n throw new Error('token: refreshCallback() did not produce an object');\n }\n // If the authentication server did not send back a refresh token, copy\n // the current refresh token and related values to the response (note:\n // at time of implementation, CI never sends a new refresh token)\n if (!obj.refresh_token) {\n Object.assign(\n obj,\n pick(this, 'refresh_token', 'refresh_token_expires', 'refresh_token_expires_in')\n );\n }\n\n // If the new token is the same as the previous token, then we may have\n // found a bug in CI; log the details and reject the Promise\n if (this.access_token === obj.access_token) {\n this.logger.error('token: new token matches current token');\n // log the tokens if it is not production\n if (process.env.NODE_ENV !== 'production') {\n this.logger.error('token: current token:', this.access_token);\n this.logger.error('token: new token:', obj.access_token);\n }\n\n return Promise.reject(new Error('new token matches current token'));\n }\n\n if (this.previousToken) {\n this.previousToken.revoke();\n this.unset('previousToken');\n }\n\n obj.previousToken = this;\n obj.scope = this.scope;\n\n return new Token(obj, {parent: this.parent});\n })\n .catch(processGrantError);\n },\n\n @oneFlight\n /**\n * Revokes this token and unsets its local properties\n * @instance\n * @memberof Token\n * @returns {Promise}\n */\n revoke() {\n if (this.isExpired) {\n this.logger.info('token: already expired, not making making revocation request');\n\n return Promise.resolve();\n }\n\n if (!this.canAuthorize) {\n this.logger.info('token: no longer valid, not making revocation request');\n\n return Promise.resolve();\n }\n\n // FIXME we need to use the user token revocation endpoint to revoke a token\n // without a client_secret, but it doesn't current support using a token to\n // revoke itself\n // Note: I'm not making a canRevoke property because there should be changes\n // coming to the user token revocation endpoint that allow us to do this\n // correctly.\n if (!this.config.client_secret) {\n this.logger.info('token: no client secret available, not making revocation request');\n\n return Promise.resolve();\n }\n\n this.logger.info('token: revoking access token');\n\n return this.webex\n .request({\n method: 'POST',\n uri: this.config.revokeUrl,\n form: {\n token: this.access_token,\n token_type_hint: 'access_token',\n },\n auth: {\n user: this.config.client_id,\n pass: this.config.client_secret,\n sendImmediately: true,\n },\n shouldRefreshAccessToken: false,\n })\n .then(() => {\n this.unset(['access_token', 'expires', 'expires_in', 'token_type']);\n this.logger.info('token: access token revoked');\n })\n .catch(processGrantError);\n },\n\n set(...args) {\n // eslint-disable-next-line prefer-const\n let [attrs, options] = this._filterSetParameters(...args);\n\n if (!attrs.token_type && attrs.access_token && attrs.access_token.includes(' ')) {\n const [token_type, access_token] = attrs.access_token.split(' ');\n\n attrs = {...attrs, access_token, token_type};\n }\n const now = Date.now();\n\n if (!attrs.expires && attrs.expires_in) {\n attrs.expires = now + attrs.expires_in * 1000;\n }\n\n if (!attrs.refresh_token_expires && attrs.refresh_token_expires_in) {\n attrs.refresh_token_expires = now + attrs.refresh_token_expires_in * 1000;\n }\n\n if (attrs.scope) {\n attrs.scope = sortScope(attrs.scope);\n }\n\n return Reflect.apply(WebexPlugin.prototype.set, this, [attrs, options]);\n },\n\n /**\n * Renders the token object as an HTTP Header Value\n * @instance\n * @memberof Token\n * @returns {string}\n * @see {@link Object#toString()}\n */\n toString() {\n if (!this._string) {\n throw new Error('cannot stringify Token');\n }\n\n return this._string;\n },\n\n /**\n * Uses a non-producation api to return information about this token. This\n * method is primarily for tests and will throw if NODE_ENV === production\n * @instance\n * @memberof Token\n * @private\n * @returns {Promise}\n */\n validate() {\n if (process.env.NODE_ENV === 'production') {\n throw new Error('Token#validate() must not be used in production');\n }\n\n return this.webex\n .request({\n method: 'POST',\n service: 'conversation',\n resource: 'users/validateAuthToken',\n body: {\n token: this.access_token,\n },\n })\n .catch((reason) => {\n if ('statusCode' in reason) {\n return Promise.reject(reason);\n }\n this.logger.info(\"REMINDER: If you're investigating a network error here, it's normal\");\n\n // If we got an error that isn't a WebexHttpError, assume the problem is\n // that we don't have the wdm plugin loaded and service/resource isn't\n // a valid means of identifying a request.\n const convApi =\n process.env.CONVERSATION_SERVICE ||\n process.env.CONVERSATION_SERVICE_URL ||\n 'https://conv-a.wbx2.com/conversation/api/v1';\n\n return this.webex.request({\n method: 'POST',\n uri: `${convApi}/users/validateAuthToken`,\n body: {\n token: this.access_token,\n },\n headers: {\n authorization: `Bearer ${this.access_token}`,\n },\n });\n })\n .then((res) => res.body);\n },\n});\n\nexport default Token;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAKA;AACA;AAEA;AACA;AAEA;AACA;AAAuD;AAAA;AAAA;AAAA;AAAA;AAEvD;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,SAASA,iBAAiB,CAACC,GAAG,EAAE;EAC9B,IAAIA,GAAG,CAACC,UAAU,KAAK,GAAG,EAAE;IAC1B,OAAO,iBAAQC,MAAM,CAACF,GAAG,CAAC;EAC5B;EAEA,IAAMG,gBAAgB,GAAGC,oBAAW,CAACC,MAAM,CAACL,GAAG,CAACM,IAAI,CAACC,KAAK,CAAC;EAE3D,IAAIJ,gBAAgB,KAAKK,uBAAU,IAAIR,GAAG,YAAYS,uBAAc,EAAE;IACpE,OAAO,iBAAQP,MAAM,CAACF,GAAG,CAAC;EAC5B;EACA,IAAI,CAACG,gBAAgB,EAAE;IACrB,OAAO,iBAAQD,MAAM,CAACF,GAAG,CAAC;EAC5B;EAEA,OAAO,iBAAQE,MAAM,CAAC,IAAIC,gBAAgB,CAACH,GAAG,CAACU,IAAI,IAAIV,GAAG,CAAC,CAAC;AAC9D;;AAEA;AACA;AACA;AACA,IAAMW,KAAK,GAAGC,oBAAW,CAACC,MAAM,SA4L7B,IAAAC,iBAAS,EAAC;EACTC,UAAU,sBAACC,KAAK,EAAE;IAChB,OAAOA,KAAK;EACd;AACF,CAAC,CAAC,UAhM6B;EAC/BC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZC,IAAI,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;MACnCC,EAAE,gBAAG;QACH,OAAO,CAAC,CAAC,IAAI,CAACC,YAAY,IAAI,CAAC,IAAI,CAACC,SAAS;MAC/C;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,YAAY,EAAE;MACZJ,IAAI,EAAE,CAAC,cAAc,CAAC;MACtBC,EAAE,gBAAG;QACH,OAAO,IAAI,CAACF,YAAY,IAAI,CAAC,CAAC,IAAI,CAACM,MAAM,CAACC,SAAS;MACrD;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,UAAU,EAAE;MACVP,IAAI,EAAE,CAAC,eAAe,CAAC;MACvBC,EAAE,gBAAG;QACH,IAAIO,iBAAS,EAAE;UACb,OAAO,CAAC,CAAC,IAAI,CAACC,aAAa,IAAI,CAAC,CAAC,IAAI,CAACJ,MAAM,CAACK,eAAe;QAC9D;QAEA,OAAO,CAAC,CAAC,IAAI,CAACD,aAAa,IAAI,CAAC,CAAC,IAAI,CAACJ,MAAM,CAACM,aAAa;MAC5D;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIR,SAAS,EAAE;MACTH,IAAI,EAAE,CAAC,SAAS,EAAE,YAAY,CAAC;MAC/BC,EAAE,gBAAG;QACH;QACA;QACA,OAAO,CAAC,CAAC,IAAI,CAACW,OAAO,IAAI,IAAI,CAACC,UAAU;MAC1C;IACF,CAAC;IAED;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;IACIC,OAAO,EAAE;MACPd,IAAI,EAAE,CAAC,cAAc,EAAE,YAAY,CAAC;MACpCC,EAAE,gBAAG;QACH,IAAI,CAAC,IAAI,CAACC,YAAY,IAAI,CAAC,IAAI,CAACa,UAAU,EAAE;UAC1C,OAAO,EAAE;QACX;QAEA,iBAAU,IAAI,CAACA,UAAU,cAAI,IAAI,CAACb,YAAY;MAChD;IACF;EACF,CAAC;EAEDc,SAAS,EAAE,aAAa;EAExBC,KAAK,EAAE;IACL;AACJ;AACA;AACA;AACA;AACA;AACA;IACIpB,KAAK,EAAE,QAAQ;IACf;AACJ;AACA;AACA;AACA;IACIK,YAAY,EAAE,QAAQ;IACtB;AACJ;AACA;AACA;AACA;IACIU,OAAO,EAAE,QAAQ;IACjB;AACJ;AACA;AACA;AACA;IACIM,UAAU,EAAE,QAAQ;IACpB;AACJ;AACA;AACA;AACA;IACIT,aAAa,EAAE,QAAQ;IACvB;AACJ;AACA;AACA;AACA;IACIU,qBAAqB,EAAE,QAAQ;IAC/B;AACJ;AACA;AACA;AACA;IACIC,wBAAwB,EAAE,QAAQ;IAClC;AACJ;AACA;AACA;AACA;AACA;IACIL,UAAU,EAAE;MACVM,OAAO,EAAE,QAAQ;MACjBC,IAAI,EAAE;IACR;EACF,CAAC;EAEDC,OAAO,EAAE;IACP;AACJ;AACA;AACA;AACA;AACA;AACA;IACIV,UAAU,EAAE;MACVQ,OAAO,EAAE,KAAK;MACdC,IAAI,EAAE;IACR,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;IACIE,aAAa,EAAE;MACbF,IAAI,EAAE;IACR;EACF,CAAC;EAOD;AACF;AACA;AACA;AACA;AACA;AACA;EACEG,SAAS,qBAAC5B,KAAK,EAAE;IAAA;IACf,IAAI,CAAC6B,MAAM,CAACC,IAAI,uCAAgC9B,KAAK,EAAG;IAExD,IAAI,IAAI,CAACM,SAAS,EAAE;MAClB,IAAI,CAACuB,MAAM,CAACC,IAAI,CAAC,2DAA2D,CAAC;MAE7E,OAAO,iBAAQ5C,MAAM,CAAC,IAAI6C,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3E;IAEA,IAAI,CAAC,IAAI,CAACxB,YAAY,EAAE;MACtB,IAAI,IAAI,CAACC,MAAM,CAACC,SAAS,EAAE;QACzB,IAAI,CAACoB,MAAM,CAACC,IAAI,CAAC,2DAA2D,CAAC;MAC/E,CAAC,MAAM;QACL,IAAI,CAACD,MAAM,CAACG,KAAK,CAAC,2CAA2C,CAAC;MAChE;MAEA,OAAO,iBAAQ9C,MAAM,CAAC,IAAI6C,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnE;IAEA,IAAI,IAAAE,iBAAU,EAACjC,KAAK,EAAE,IAAI,CAACQ,MAAM,CAACR,KAAK,CAAC,KAAK,EAAE,EAAE;MAC/C,OAAO,iBAAQd,MAAM,CACnB,IAAI6C,KAAK,sBACO/B,KAAK,sDAA4C,IAAI,CAACQ,MAAM,CAACR,KAAK,OACjF,CACF;IACH;;IAEA;IACA;IACA,IAAIA,KAAK,EAAE;MACTA,KAAK,GAAG,IAAAkC,gBAAS,EAAClC,KAAK,CAAC;IAC1B;;IAEA;IACA;IACA;IACA,IAAIA,KAAK,KAAK,IAAAkC,gBAAS,EAAC,IAAI,CAAC1B,MAAM,CAACR,KAAK,CAAC,EAAE;MAC1C,OAAO,iBAAQd,MAAM,CAAC,IAAI6C,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrF;IAEA,OAAO,IAAI,CAACI,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAAC+B,QAAQ;MACzBC,aAAa,EAAE,KAAK;MACpBC,IAAI,EAAE;QACJC,UAAU,EAAE,4CAA4C;QACxDC,KAAK,EAAE,IAAI,CAACtC,YAAY;QACxBL,KAAK,EAALA,KAAK;QACLS,SAAS,EAAE,IAAI,CAACD,MAAM,CAACC,SAAS;QAChCmC,oBAAoB,EAAE;MACxB;IACF,CAAC,CAAC,CACDC,IAAI,CAAC,UAAC7D,GAAG,EAAK;MACb,KAAI,CAAC6C,MAAM,CAACC,IAAI,sCAA+B9B,KAAK,EAAG;MAEvD,OAAO,IAAIL,KAAK,CAAC,qBAAcX,GAAG,CAACM,IAAI,EAAE;QAACU,KAAK,EAALA;MAAK,CAAC,CAAC,EAAE;QAAC8C,MAAM,EAAE,KAAI,CAACA;MAAM,CAAC,CAAC;IAC3E,CAAC,CAAC;EACN,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,UAAU,wBAA2B;IAAA;IAAA,IAA1BC,KAAK,uEAAG,CAAC,CAAC;IAAA,IAAEC,OAAO,uEAAG,CAAC,CAAC;IACjC,oBAAcrD,oBAAW,CAACsD,SAAS,CAACH,UAAU,EAAE,IAAI,EAAE,CAACC,KAAK,EAAEC,OAAO,CAAC,CAAC;IAEvE,IAAI,OAAOD,KAAK,KAAK,QAAQ,EAAE;MAC7B,IAAI,CAAC3C,YAAY,GAAG2C,KAAK;IAC3B;IAEA,IAAI,CAAC,IAAI,CAAC3C,YAAY,EAAE;MACtB,MAAM,IAAI0B,KAAK,CAAC,4BAA4B,CAAC;IAC/C;;IAEA;IACA;IACA,IAAI,IAAI,CAAChB,OAAO,EAAE;MAChB,IAAI,IAAI,CAACA,OAAO,GAAG,mBAAU,EAAE;QAC7B,IAAI,CAACC,UAAU,GAAG,IAAI;MACxB,CAAC,MAAM;QACL,IAAAmC,4BAAc,EAAC,YAAM;UACnB,MAAI,CAACnC,UAAU,GAAG,IAAI;QACxB,CAAC,EAAE,IAAI,CAACD,OAAO,GAAG,mBAAU,CAAC;MAC/B;IACF;EACF,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;AACA;EACEqC,OAAO,qBAAG;IAAA;IACR,IAAI,CAAC,IAAI,CAAC1C,UAAU,EAAE;MACpB,MAAM,IAAIqB,KAAK,CAAC,+DAA+D,CAAC;IAClF;IAEA,IAAIsB,OAAO;IAEX,IAAI1C,iBAAS,EAAE;MACb,IAAI,CAAC,IAAI,CAACH,MAAM,CAACK,eAAe,EAAE;QAChC,MAAM,IAAIkB,KAAK,CAAC,qDAAqD,CAAC;MACxE;MAEAsB,OAAO,GAAG,iBAAQC,OAAO,CAAC,IAAI,CAAC9C,MAAM,CAACK,eAAe,CAAC,IAAI,CAACsB,KAAK,EAAE,IAAI,CAAC,CAAC;IAC1E;IAEA,OAAO,CACLkB,OAAO,IACP,IAAI,CAAClB,KAAK,CACPC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAAC+B,QAAQ;MACzBE,IAAI,EAAE;QACJC,UAAU,EAAE,eAAe;QAC3Ba,YAAY,EAAE,IAAI,CAAC/C,MAAM,CAAC+C,YAAY;QACtC3C,aAAa,EAAE,IAAI,CAACA;MACtB,CAAC;MACD4C,IAAI,EAAE;QACJC,IAAI,EAAE,IAAI,CAACjD,MAAM,CAACC,SAAS;QAC3BiD,IAAI,EAAE,IAAI,CAAClD,MAAM,CAACM,aAAa;QAC/B6C,eAAe,EAAE;MACnB,CAAC;MACDC,wBAAwB,EAAE;IAC5B,CAAC,CAAC,CACDf,IAAI,CAAC,UAAC7D,GAAG;MAAA,OAAKA,GAAG,CAACM,IAAI;IAAA,EAAC,EAEzBuD,IAAI,CAAC,UAACgB,GAAG,EAAK;MACb,IAAI,CAACA,GAAG,EAAE;QACR,MAAM,IAAI9B,KAAK,CAAC,oDAAoD,CAAC;MACvE;MACA;MACA;MACA;MACA,IAAI,CAAC8B,GAAG,CAACjD,aAAa,EAAE;QACtB,qBACEiD,GAAG,EACH,oBAAK,MAAI,EAAE,eAAe,EAAE,uBAAuB,EAAE,0BAA0B,CAAC,CACjF;MACH;;MAEA;MACA;MACA,IAAI,MAAI,CAACxD,YAAY,KAAKwD,GAAG,CAACxD,YAAY,EAAE;QAC1C,MAAI,CAACwB,MAAM,CAACtC,KAAK,CAAC,wCAAwC,CAAC;QAC3D;QACA,IAAIuE,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;UACzC,MAAI,CAACnC,MAAM,CAACtC,KAAK,CAAC,uBAAuB,EAAE,MAAI,CAACc,YAAY,CAAC;UAC7D,MAAI,CAACwB,MAAM,CAACtC,KAAK,CAAC,mBAAmB,EAAEsE,GAAG,CAACxD,YAAY,CAAC;QAC1D;QAEA,OAAO,iBAAQnB,MAAM,CAAC,IAAI6C,KAAK,CAAC,iCAAiC,CAAC,CAAC;MACrE;MAEA,IAAI,MAAI,CAACJ,aAAa,EAAE;QACtB,MAAI,CAACA,aAAa,CAACsC,MAAM,EAAE;QAC3B,MAAI,CAACC,KAAK,CAAC,eAAe,CAAC;MAC7B;MAEAL,GAAG,CAAClC,aAAa,GAAG,MAAI;MACxBkC,GAAG,CAAC7D,KAAK,GAAG,MAAI,CAACA,KAAK;MAEtB,OAAO,IAAIL,KAAK,CAACkE,GAAG,EAAE;QAACf,MAAM,EAAE,MAAI,CAACA;MAAM,CAAC,CAAC;IAC9C,CAAC,CAAC,CACDqB,KAAK,CAACpF,iBAAiB,CAAC;EAC7B,CAAC;EAGD;AACF;AACA;AACA;AACA;AACA;EACEkF,MAAM,oBAAG;IAAA;IACP,IAAI,IAAI,CAAC3D,SAAS,EAAE;MAClB,IAAI,CAACuB,MAAM,CAACC,IAAI,CAAC,8DAA8D,CAAC;MAEhF,OAAO,iBAAQwB,OAAO,EAAE;IAC1B;IAEA,IAAI,CAAC,IAAI,CAACpD,YAAY,EAAE;MACtB,IAAI,CAAC2B,MAAM,CAACC,IAAI,CAAC,uDAAuD,CAAC;MAEzE,OAAO,iBAAQwB,OAAO,EAAE;IAC1B;;IAEA;IACA;IACA;IACA;IACA;IACA;IACA,IAAI,CAAC,IAAI,CAAC9C,MAAM,CAACM,aAAa,EAAE;MAC9B,IAAI,CAACe,MAAM,CAACC,IAAI,CAAC,kEAAkE,CAAC;MAEpF,OAAO,iBAAQwB,OAAO,EAAE;IAC1B;IAEA,IAAI,CAACzB,MAAM,CAACC,IAAI,CAAC,8BAA8B,CAAC;IAEhD,OAAO,IAAI,CAACK,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdC,GAAG,EAAE,IAAI,CAAC9B,MAAM,CAAC4D,SAAS;MAC1B3B,IAAI,EAAE;QACJE,KAAK,EAAE,IAAI,CAACtC,YAAY;QACxBgE,eAAe,EAAE;MACnB,CAAC;MACDb,IAAI,EAAE;QACJC,IAAI,EAAE,IAAI,CAACjD,MAAM,CAACC,SAAS;QAC3BiD,IAAI,EAAE,IAAI,CAAClD,MAAM,CAACM,aAAa;QAC/B6C,eAAe,EAAE;MACnB,CAAC;MACDC,wBAAwB,EAAE;IAC5B,CAAC,CAAC,CACDf,IAAI,CAAC,YAAM;MACV,MAAI,CAACqB,KAAK,CAAC,CAAC,cAAc,EAAE,SAAS,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;MACnE,MAAI,CAACrC,MAAM,CAACC,IAAI,CAAC,6BAA6B,CAAC;IACjD,CAAC,CAAC,CACDqC,KAAK,CAACpF,iBAAiB,CAAC;EAC7B,CAAC;EAEDuF,GAAG,iBAAU;IACX;IACA,4BAAuB,IAAI,CAACC,oBAAoB,OAAzB,IAAI,YAA8B;MAAA;MAApDvB,KAAK;MAAEC,OAAO;IAEnB,IAAI,CAACD,KAAK,CAAC9B,UAAU,IAAI8B,KAAK,CAAC3C,YAAY,IAAI2C,KAAK,CAAC3C,YAAY,CAACmE,QAAQ,CAAC,GAAG,CAAC,EAAE;MAC/E,4BAAmCxB,KAAK,CAAC3C,YAAY,CAACoE,KAAK,CAAC,GAAG,CAAC;QAAA;QAAzDvD,UAAU;QAAEb,YAAY;MAE/B2C,KAAK,mCAAOA,KAAK;QAAE3C,YAAY,EAAZA,YAAY;QAAEa,UAAU,EAAVA;MAAU,EAAC;IAC9C;IACA,IAAMwD,GAAG,GAAG,mBAAU;IAEtB,IAAI,CAAC1B,KAAK,CAACjC,OAAO,IAAIiC,KAAK,CAAC3B,UAAU,EAAE;MACtC2B,KAAK,CAACjC,OAAO,GAAG2D,GAAG,GAAG1B,KAAK,CAAC3B,UAAU,GAAG,IAAI;IAC/C;IAEA,IAAI,CAAC2B,KAAK,CAAC1B,qBAAqB,IAAI0B,KAAK,CAACzB,wBAAwB,EAAE;MAClEyB,KAAK,CAAC1B,qBAAqB,GAAGoD,GAAG,GAAG1B,KAAK,CAACzB,wBAAwB,GAAG,IAAI;IAC3E;IAEA,IAAIyB,KAAK,CAAChD,KAAK,EAAE;MACfgD,KAAK,CAAChD,KAAK,GAAG,IAAAkC,gBAAS,EAACc,KAAK,CAAChD,KAAK,CAAC;IACtC;IAEA,OAAO,oBAAcJ,oBAAW,CAACsD,SAAS,CAACoB,GAAG,EAAE,IAAI,EAAE,CAACtB,KAAK,EAAEC,OAAO,CAAC,CAAC;EACzE,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;EACE0B,QAAQ,sBAAG;IACT,IAAI,CAAC,IAAI,CAAC1D,OAAO,EAAE;MACjB,MAAM,IAAIc,KAAK,CAAC,wBAAwB,CAAC;IAC3C;IAEA,OAAO,IAAI,CAACd,OAAO;EACrB,CAAC;EAED;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE2D,QAAQ,sBAAG;IAAA;IACT,IAAId,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;MACzC,MAAM,IAAIjC,KAAK,CAAC,iDAAiD,CAAC;IACpE;IAEA,OAAO,IAAI,CAACI,KAAK,CACdC,OAAO,CAAC;MACPC,MAAM,EAAE,MAAM;MACdwC,OAAO,EAAE,cAAc;MACvBC,QAAQ,EAAE,yBAAyB;MACnCxF,IAAI,EAAE;QACJqD,KAAK,EAAE,IAAI,CAACtC;MACd;IACF,CAAC,CAAC,CACD8D,KAAK,CAAC,UAACY,MAAM,EAAK;MACjB,IAAI,YAAY,IAAIA,MAAM,EAAE;QAC1B,OAAO,iBAAQ7F,MAAM,CAAC6F,MAAM,CAAC;MAC/B;MACA,MAAI,CAAClD,MAAM,CAACC,IAAI,CAAC,qEAAqE,CAAC;;MAEvF;MACA;MACA;MACA,IAAMkD,OAAO,GACXlB,OAAO,CAACC,GAAG,CAACkB,oBAAoB,IAChCnB,OAAO,CAACC,GAAG,CAACmB,wBAAwB,IACpC,6CAA6C;MAE/C,OAAO,MAAI,CAAC/C,KAAK,CAACC,OAAO,CAAC;QACxBC,MAAM,EAAE,MAAM;QACdC,GAAG,YAAK0C,OAAO,6BAA0B;QACzC1F,IAAI,EAAE;UACJqD,KAAK,EAAE,MAAI,CAACtC;QACd,CAAC;QACD8E,OAAO,EAAE;UACPC,aAAa,mBAAY,MAAI,CAAC/E,YAAY;QAC5C;MACF,CAAC,CAAC;IACJ,CAAC,CAAC,CACDwC,IAAI,CAAC,UAAC7D,GAAG;MAAA,OAAKA,GAAG,CAACM,IAAI;IAAA,EAAC;EAC5B,CAAC;EAAA;AACH,CAAC,kMArOEQ,iBAAS,4HAmFTA,iBAAS,0EAkJV;AAAC,eAEYH,KAAK;AAAA"}