npm - @xbg.solutions/bpsk-utils-firebase-auth - Versions diffs - 1.2.3 - Mend

@xbg.solutions/bpsk-utils-firebase-auth 1.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (61) hide show

package/lib/index.d.ts +13 -0
package/lib/index.d.ts.map +1 -0
package/lib/index.js +20 -0
package/lib/index.js.map +1 -0
package/lib/services/auth/auth.service.d.ts +89 -0
package/lib/services/auth/auth.service.d.ts.map +1 -0
package/lib/services/auth/auth.service.js +615 -0
package/lib/services/auth/auth.service.js.map +1 -0
package/lib/services/auth/email-link.d.ts +99 -0
package/lib/services/auth/email-link.d.ts.map +1 -0
package/lib/services/auth/email-link.js +715 -0
package/lib/services/auth/email-link.js.map +1 -0
package/lib/services/auth/index.d.ts +15 -0
package/lib/services/auth/index.d.ts.map +1 -0
package/lib/services/auth/index.js +18 -0
package/lib/services/auth/index.js.map +1 -0
package/lib/services/auth/phone-auth.d.ts +65 -0
package/lib/services/auth/phone-auth.d.ts.map +1 -0
package/lib/services/auth/phone-auth.js +150 -0
package/lib/services/auth/phone-auth.js.map +1 -0
package/lib/services/auth/user-creation.d.ts +17 -0
package/lib/services/auth/user-creation.d.ts.map +1 -0
package/lib/services/auth/user-creation.js +39 -0
package/lib/services/auth/user-creation.js.map +1 -0
package/lib/services/token/index.d.ts +29 -0
package/lib/services/token/index.d.ts.map +1 -0
package/lib/services/token/index.js +20 -0
package/lib/services/token/index.js.map +1 -0
package/lib/services/token/token.service.d.ts +57 -0
package/lib/services/token/token.service.d.ts.map +1 -0
package/lib/services/token/token.service.js +554 -0
package/lib/services/token/token.service.js.map +1 -0
package/lib/stores/auth.service.d.ts +6 -0
package/lib/stores/auth.service.d.ts.map +1 -0
package/lib/stores/auth.service.js +6 -0
package/lib/stores/auth.service.js.map +1 -0
package/lib/stores/auth.store.d.ts +56 -0
package/lib/stores/auth.store.d.ts.map +1 -0
package/lib/stores/auth.store.js +64 -0
package/lib/stores/auth.store.js.map +1 -0
package/lib/stores/token.store.d.ts +41 -0
package/lib/stores/token.store.d.ts.map +1 -0
package/lib/stores/token.store.js +36 -0
package/lib/stores/token.store.js.map +1 -0
package/lib/stores/user-creation.d.ts +8 -0
package/lib/stores/user-creation.d.ts.map +1 -0
package/lib/stores/user-creation.js +11 -0
package/lib/stores/user-creation.js.map +1 -0
package/lib/utils/auth-guard.d.ts +58 -0
package/lib/utils/auth-guard.d.ts.map +1 -0
package/lib/utils/auth-guard.js +109 -0
package/lib/utils/auth-guard.js.map +1 -0
package/lib/utils/signout.d.ts +82 -0
package/lib/utils/signout.d.ts.map +1 -0
package/lib/utils/signout.js +168 -0
package/lib/utils/signout.js.map +1 -0
package/lib/utils/tokens.d.ts +136 -0
package/lib/utils/tokens.d.ts.map +1 -0
package/lib/utils/tokens.js +479 -0
package/lib/utils/tokens.js.map +1 -0
package/package.json +31 -0

package/lib/stores/auth.store.js ADDED Viewed

@@ -0,0 +1,64 @@
+/**
+ * src/lib/stores/auth.store.ts
+ * Auth Store
+ *
+ * A Svelte store for managing authentication state with support for:
+ * - User authentication status
+ * - Authentication method tracking
+ * - Loading states for authentication operations
+ * - Error handling for authentication failures
+ */
+import { writable, get } from 'svelte/store';
+/**
+ * Initial state for the auth store
+ */
+const initialState = {
+    isInitialized: false,
+    isInitializing: false,
+    isAuthenticated: false,
+    isLoading: false,
+    user: null,
+    claims: null,
+    authMethod: null,
+    lastAuthenticated: null,
+    error: null
+};
+/**
+ * Creates the auth store
+ */
+function createAuthStore() {
+    const store = writable(initialState);
+    // Add helpers to read auth state more safely
+    const safeGet = () => {
+        try {
+            return get(store);
+        }
+        catch (error) {
+            console.error('Error accessing auth store:', error);
+            return initialState;
+        }
+    };
+    // Extend store with useful methods
+    return {
+        ...store,
+        safeGet,
+        getUser: () => safeGet().user,
+        getClaims: () => safeGet().claims,
+        isAuthenticated: () => safeGet().isAuthenticated,
+        isLoading: () => safeGet().isLoading || safeGet().isInitializing,
+        hasRole: (role) => {
+            const claims = safeGet().claims;
+            if (!claims || !claims.roles)
+                return false;
+            return Array.isArray(claims.roles)
+                ? claims.roles.includes(role)
+                : claims.roles === role;
+        },
+        reset: () => store.set(initialState)
+    };
+}
+/**
+ * Auth store singleton instance
+ */
+export const authStore = createAuthStore();
+//# sourceMappingURL=auth.store.js.map

package/lib/stores/auth.store.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.store.js","sourceRoot":"","sources":["../../src/stores/auth.store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AAkC7C;;GAEG;AACH,MAAM,YAAY,GAAc;IAC9B,aAAa,EAAE,KAAK;IACpB,cAAc,EAAE,KAAK;IACrB,eAAe,EAAE,KAAK;IACtB,SAAS,EAAE,KAAK;IAChB,IAAI,EAAE,IAAI;IACV,MAAM,EAAE,IAAI;IACZ,UAAU,EAAE,IAAI;IAChB,iBAAiB,EAAE,IAAI;IACvB,KAAK,EAAE,IAAI;CACZ,CAAC;AAEF;;GAEG;AACH,SAAS,eAAe;IACtB,MAAM,KAAK,GAAG,QAAQ,CAAY,YAAY,CAAC,CAAC;IAEhD,6CAA6C;IAC7C,MAAM,OAAO,GAAG,GAAc,EAAE;QAC9B,IAAI,CAAC;YACH,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC;QACpB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,6BAA6B,EAAE,KAAK,CAAC,CAAC;YACpD,OAAO,YAAY,CAAC;QACtB,CAAC;IACH,CAAC,CAAC;IAEF,mCAAmC;IACnC,OAAO;QACL,GAAG,KAAK;QACR,OAAO;QACP,OAAO,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI;QAC7B,SAAS,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,MAAM;QACjC,eAAe,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,eAAe;QAChD,SAAS,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,SAAS,IAAI,OAAO,EAAE,CAAC,cAAc;QAChE,OAAO,EAAE,CAAC,IAAY,EAAE,EAAE;YACxB,MAAM,MAAM,GAAG,OAAO,EAAE,CAAC,MAAM,CAAC;YAChC,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK;gBAAE,OAAO,KAAK,CAAC;YAE3C,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC;gBAChC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAC7B,CAAC,CAAC,MAAM,CAAC,KAAK,KAAK,IAAI,CAAC;QAC5B,CAAC;QACD,KAAK,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC;KACrC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,eAAe,EAAE,CAAC"}

package/lib/stores/token.store.d.ts ADDED Viewed

@@ -0,0 +1,41 @@
+/**
+ * src/lib/stores/token.store.ts
+ * Token Store
+ *
+ * A Svelte store for managing authentication token state with support for:
+ * - Token storage and retrieval
+ * - Decoded token information
+ * - User claims and roles
+ * - Authentication state tracking
+ */
+import type { DecodedToken, TokenRole } from '@xbg.solutions/bpsk-core';
+import type { FirebaseUserClaims } from '@xbg.solutions/bpsk-core';
+import type { AppError } from '@xbg.solutions/bpsk-core';
+/**
+ * Token store state
+ */
+export interface TokenState {
+    /** Whether the token service is initialized */
+    isInitialized: boolean;
+    /** Whether the token service is initializing */
+    isInitializing: boolean;
+    /** The current token */
+    token: string | null;
+    /** Decoded token information */
+    decodedToken: DecodedToken | null;
+    /** Extracted user claims */
+    claims: FirebaseUserClaims | null;
+    /** User roles */
+    roles: TokenRole[];
+    /** Whether the user is authenticated */
+    isAuthenticated: boolean;
+    /** Timestamp when the token was last updated */
+    lastUpdated: number | null;
+    /** Any error that occurred during token operations */
+    error: AppError | null;
+}
+/**
+ * Token store singleton instance
+ */
+export declare const tokenStore: import("svelte/store").Writable<TokenState>;
+//# sourceMappingURL=token.store.d.ts.map

package/lib/stores/token.store.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"token.store.d.ts","sourceRoot":"","sources":["../../src/stores/token.store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,0BAA0B,CAAC;AACxE,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AACnE,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,+CAA+C;IAC/C,aAAa,EAAE,OAAO,CAAC;IACvB,gDAAgD;IAChD,cAAc,EAAE,OAAO,CAAC;IACxB,wBAAwB;IACxB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,gCAAgC;IAChC,YAAY,EAAE,YAAY,GAAG,IAAI,CAAC;IAClC,4BAA4B;IAC5B,MAAM,EAAE,kBAAkB,GAAG,IAAI,CAAC;IAClC,iBAAiB;IACjB,KAAK,EAAE,SAAS,EAAE,CAAC;IACnB,wCAAwC;IACxC,eAAe,EAAE,OAAO,CAAC;IACzB,gDAAgD;IAChD,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,sDAAsD;IACtD,KAAK,EAAE,QAAQ,GAAG,IAAI,CAAC;CACxB;AAwBD;;GAEG;AACH,eAAO,MAAM,UAAU,6CAAqB,CAAC"}

package/lib/stores/token.store.js ADDED Viewed

@@ -0,0 +1,36 @@
+/**
+ * src/lib/stores/token.store.ts
+ * Token Store
+ *
+ * A Svelte store for managing authentication token state with support for:
+ * - Token storage and retrieval
+ * - Decoded token information
+ * - User claims and roles
+ * - Authentication state tracking
+ */
+import { writable } from 'svelte/store';
+/**
+ * Initial state for the token store
+ */
+const initialState = {
+    isInitialized: false,
+    isInitializing: false,
+    token: null,
+    decodedToken: null,
+    claims: null,
+    roles: [],
+    isAuthenticated: false,
+    lastUpdated: null,
+    error: null
+};
+/**
+ * Creates the token store
+ */
+function createTokenStore() {
+    return writable(initialState);
+}
+/**
+ * Token store singleton instance
+ */
+export const tokenStore = createTokenStore();
+//# sourceMappingURL=token.store.js.map

package/lib/stores/token.store.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"token.store.js","sourceRoot":"","sources":["../../src/stores/token.store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AA6BxC;;GAEG;AACH,MAAM,YAAY,GAAe;IAC/B,aAAa,EAAE,KAAK;IACpB,cAAc,EAAE,KAAK;IACrB,KAAK,EAAE,IAAI;IACX,YAAY,EAAE,IAAI;IAClB,MAAM,EAAE,IAAI;IACZ,KAAK,EAAE,EAAE;IACT,eAAe,EAAE,KAAK;IACtB,WAAW,EAAE,IAAI;IACjB,KAAK,EAAE,IAAI;CACZ,CAAC;AAEF;;GAEG;AACH,SAAS,gBAAgB;IACvB,OAAO,QAAQ,CAAa,YAAY,CAAC,CAAC;AAC5C,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,gBAAgB,EAAE,CAAC"}

package/lib/stores/user-creation.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+export interface UserCreationState {
+    isCreating: boolean;
+    lastCreated: string | null;
+    error: string | null;
+}
+export declare const userCreationStore: import("svelte/store").Writable<UserCreationState>;
+export declare const ensureUserExists: (uid: string) => Promise<boolean>;
+//# sourceMappingURL=user-creation.d.ts.map

package/lib/stores/user-creation.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"user-creation.d.ts","sourceRoot":"","sources":["../../src/stores/user-creation.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,OAAO,CAAC;IACpB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACtB;AAED,eAAO,MAAM,iBAAiB,oDAI5B,CAAC;AAGH,eAAO,MAAM,gBAAgB,GAAU,KAAK,MAAM,qBAEjD,CAAC"}

package/lib/stores/user-creation.js ADDED Viewed

@@ -0,0 +1,11 @@
+import { writable } from 'svelte/store';
+export const userCreationStore = writable({
+    isCreating: false,
+    lastCreated: null,
+    error: null
+});
+// Placeholder function that tests expect
+export const ensureUserExists = async (uid) => {
+    return true;
+};
+//# sourceMappingURL=user-creation.js.map

package/lib/stores/user-creation.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"user-creation.js","sourceRoot":"","sources":["../../src/stores/user-creation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AAQxC,MAAM,CAAC,MAAM,iBAAiB,GAAG,QAAQ,CAAoB;IAC3D,UAAU,EAAE,KAAK;IACjB,WAAW,EAAE,IAAI;IACjB,KAAK,EAAE,IAAI;CACZ,CAAC,CAAC;AAEH,yCAAyC;AACzC,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,EAAE,GAAW,EAAE,EAAE;IACpD,OAAO,IAAI,CAAC;AACd,CAAC,CAAC"}

package/lib/utils/auth-guard.d.ts ADDED Viewed

@@ -0,0 +1,58 @@
+/**
+ * src/lib/utils/auth-guard.ts
+ * Authentication Guard Utility
+ *
+ * Provides route protection based on authentication state.
+ * Used in +layout.ts and +page.ts files to protect routes,
+ * redirecting unauthenticated users as needed.
+ */
+/**
+ * Options for route guarding
+ */
+export type GuardOptions = {
+    /** Redirect URL for unauthenticated users */
+    redirectTo?: string;
+    /** Whether to include the original URL as a return parameter */
+    includeReturnUrl?: boolean;
+    /** Required roles for access (user must have ALL these roles) */
+    requiredRoles?: string[];
+    /** Required any roles for access (user must have ANY of these roles) */
+    requiredAnyRoles?: string[];
+    /** Return parameter name (default: 'returnUrl') */
+    returnUrlParam?: string;
+};
+/**
+ * Guards a route based on authentication state
+ * @param options Guard options
+ * @returns An object with status, redirect, and error information
+ */
+export declare function guardRoute(options?: GuardOptions): {
+    status: string;
+    redirect: string;
+    error: string;
+} | {
+    status: string;
+    redirect: null;
+    error: null;
+};
+/**
+ * Server-side compatible guard for SvelteKit load functions
+ *
+ * @param event SvelteKit load event with url and cookies
+ * @param options Guard options
+ * @returns A redirect object or null if authorized
+ */
+export declare function guardRouteServer(event: any, options?: GuardOptions): {
+    status: number;
+    redirect: string;
+} | null;
+/**
+ * Redirects to unauthorized page when access is forbidden
+ */
+export declare function redirectToUnauthorized(): void;
+/**
+ * Redirects to sign in page
+ * @param returnUrl Optional URL to return to after sign in
+ */
+export declare function redirectToSignIn(returnUrl?: string): void;
+//# sourceMappingURL=auth-guard.d.ts.map

package/lib/utils/auth-guard.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth-guard.d.ts","sourceRoot":"","sources":["../../src/utils/auth-guard.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAMH;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG;IACzB,6CAA6C;IAC7C,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gEAAgE;IAChE,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,iEAAiE;IACjE,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,wEAAwE;IACxE,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,mDAAmD;IACnD,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,UAAU,CAAC,OAAO,GAAE,YAAiB;;;;;;;;EA6DpD;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,GAAE,YAAiB;;;SA6BtE;AAED;;GAEG;AACH,wBAAgB,sBAAsB,SAErC;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,SAAS,CAAC,EAAE,MAAM,QAQlD"}

package/lib/utils/auth-guard.js ADDED Viewed

@@ -0,0 +1,109 @@
+/**
+ * src/lib/utils/auth-guard.ts
+ * Authentication Guard Utility
+ *
+ * Provides route protection based on authentication state.
+ * Used in +layout.ts and +page.ts files to protect routes,
+ * redirecting unauthenticated users as needed.
+ */
+import { goto } from '$app/navigation';
+import { authService } from '../services/auth';
+import { AUTH_ROUTES_LEGACY as AUTH_ROUTES } from '@xbg.solutions/bpsk-core';
+/**
+ * Guards a route based on authentication state
+ * @param options Guard options
+ * @returns An object with status, redirect, and error information
+ */
+export function guardRoute(options = {}) {
+    const { redirectTo = AUTH_ROUTES.SIGN_IN, includeReturnUrl = true, requiredRoles = [], requiredAnyRoles = [], returnUrlParam = 'returnUrl' } = options;
+    // Check if user is authenticated
+    const isAuthenticated = authService.isAuthenticated();
+    if (!isAuthenticated) {
+        // User is not authenticated - redirect to sign in
+        let redirectUrl = redirectTo;
+        // Add original URL as return parameter if requested
+        if (includeReturnUrl) {
+            const currentUrl = window.location.pathname + window.location.search;
+            redirectUrl += `?${returnUrlParam}=${encodeURIComponent(currentUrl)}`;
+        }
+        return {
+            status: 'unauthenticated',
+            redirect: redirectUrl,
+            error: 'User is not authenticated'
+        };
+    }
+    // Check for required roles if specified
+    if (requiredRoles.length > 0) {
+        const hasAllRoles = requiredRoles.every(role => authService.userHasRole(role));
+        if (!hasAllRoles) {
+            return {
+                status: 'unauthorized',
+                redirect: AUTH_ROUTES.UNAUTHORIZED,
+                error: 'User does not have all required roles'
+            };
+        }
+    }
+    // Check for any required roles if specified
+    if (requiredAnyRoles.length > 0) {
+        const hasAnyRole = authService.userHasAnyRole(requiredAnyRoles);
+        if (!hasAnyRole) {
+            return {
+                status: 'unauthorized',
+                redirect: AUTH_ROUTES.UNAUTHORIZED,
+                error: 'User does not have any of the required roles'
+            };
+        }
+    }
+    // Access is granted
+    return {
+        status: 'authorized',
+        redirect: null,
+        error: null
+    };
+}
+/**
+ * Server-side compatible guard for SvelteKit load functions
+ *
+ * @param event SvelteKit load event with url and cookies
+ * @param options Guard options
+ * @returns A redirect object or null if authorized
+ */
+export function guardRouteServer(event, options = {}) {
+    const { redirectTo = AUTH_ROUTES.SIGN_IN, includeReturnUrl = true, returnUrlParam = 'returnUrl' } = options;
+    // For server-side, check for auth cookie existence
+    // Note: Full validation should happen in the API middleware
+    const hasAuthCookie = event.cookies.get('svelte_boilerplate_auth_idToken') !== undefined;
+    if (!hasAuthCookie) {
+        // User is not authenticated - redirect to sign in
+        let redirectUrl = redirectTo;
+        // Add original URL as return parameter if requested
+        if (includeReturnUrl) {
+            redirectUrl += `?${returnUrlParam}=${encodeURIComponent(event.url.pathname)}`;
+        }
+        return {
+            status: 303,
+            redirect: redirectUrl
+        };
+    }
+    // For server-side, we can't fully check roles, but we return authorized
+    // The client-side will do a full check once hydrated
+    return null;
+}
+/**
+ * Redirects to unauthorized page when access is forbidden
+ */
+export function redirectToUnauthorized() {
+    goto(AUTH_ROUTES.UNAUTHORIZED);
+}
+/**
+ * Redirects to sign in page
+ * @param returnUrl Optional URL to return to after sign in
+ */
+export function redirectToSignIn(returnUrl) {
+    let redirectUrl = AUTH_ROUTES.SIGN_IN;
+    if (returnUrl) {
+        redirectUrl += `?returnUrl=${encodeURIComponent(returnUrl)}`;
+    }
+    goto(redirectUrl);
+}
+//# sourceMappingURL=auth-guard.js.map

package/lib/utils/auth-guard.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth-guard.js","sourceRoot":"","sources":["../../src/utils/auth-guard.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,kBAAkB,IAAI,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAkB7E;;;;GAIG;AACH,MAAM,UAAU,UAAU,CAAC,UAAwB,EAAE;IACnD,MAAM,EACJ,UAAU,GAAG,WAAW,CAAC,OAAO,EAChC,gBAAgB,GAAG,IAAI,EACvB,aAAa,GAAG,EAAE,EAClB,gBAAgB,GAAG,EAAE,EACrB,cAAc,GAAG,WAAW,EAC7B,GAAG,OAAO,CAAC;IAEZ,iCAAiC;IACjC,MAAM,eAAe,GAAG,WAAW,CAAC,eAAe,EAAE,CAAC;IAEtD,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,kDAAkD;QAClD,IAAI,WAAW,GAAG,UAAU,CAAC;QAE7B,oDAAoD;QACpD,IAAI,gBAAgB,EAAE,CAAC;YACrB,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YACrE,WAAW,IAAI,IAAI,cAAc,IAAI,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;QACxE,CAAC;QAED,OAAO;YACL,MAAM,EAAE,iBAAiB;YACzB,QAAQ,EAAE,WAAW;YACrB,KAAK,EAAE,2BAA2B;SACnC,CAAC;IACJ,CAAC;IAED,wCAAwC;IACxC,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,WAAW,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC;QAE/E,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO;gBACL,MAAM,EAAE,cAAc;gBACtB,QAAQ,EAAE,WAAW,CAAC,YAAY;gBAClC,KAAK,EAAE,uCAAuC;aAC/C,CAAC;QACJ,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,MAAM,UAAU,GAAG,WAAW,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC;QAEhE,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO;gBACL,MAAM,EAAE,cAAc;gBACtB,QAAQ,EAAE,WAAW,CAAC,YAAY;gBAClC,KAAK,EAAE,8CAA8C;aACtD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,OAAO;QACL,MAAM,EAAE,YAAY;QACpB,QAAQ,EAAE,IAAI;QACd,KAAK,EAAE,IAAI;KACZ,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAU,EAAE,UAAwB,EAAE;IACrE,MAAM,EACJ,UAAU,GAAG,WAAW,CAAC,OAAO,EAChC,gBAAgB,GAAG,IAAI,EACvB,cAAc,GAAG,WAAW,EAC7B,GAAG,OAAO,CAAC;IAEZ,mDAAmD;IACnD,4DAA4D;IAC5D,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC,KAAK,SAAS,CAAC;IAEzF,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,kDAAkD;QAClD,IAAI,WAAW,GAAG,UAAU,CAAC;QAE7B,oDAAoD;QACpD,IAAI,gBAAgB,EAAE,CAAC;YACrB,WAAW,IAAI,IAAI,cAAc,IAAI,kBAAkB,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAChF,CAAC;QAED,OAAO;YACL,MAAM,EAAE,GAAG;YACX,QAAQ,EAAE,WAAW;SACtB,CAAC;IACJ,CAAC;IAED,wEAAwE;IACxE,qDAAqD;IACrD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB;IACpC,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;AACjC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,SAAkB;IACjD,IAAI,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC;IAEtC,IAAI,SAAS,EAAE,CAAC;QACd,WAAW,IAAI,cAAc,kBAAkB,CAAC,SAAS,CAAC,EAAE,CAAC;IAC/D,CAAC;IAED,IAAI,CAAC,WAAW,CAAC,CAAC;AACpB,CAAC"}

package/lib/utils/signout.d.ts ADDED Viewed

@@ -0,0 +1,82 @@
+/**
+ * src/lib/utils/signout.ts
+ * Signout Utility
+ *
+ * A utility that handles user signout process, including:
+ * - Backend token revocation (when connected to a backend)
+ * - Firebase authentication signout
+ * - Clean state management during signout
+ *
+ * IMPORTANT: This utility is designed to be extended when connecting to a backend.
+ * The current implementation is for Firebase-only authentication. When connecting
+ * to a backend, modify the revokeTokenOnBackend() method to call your backend's
+ * token revocation endpoint.
+ */
+import { AppError } from '@xbg.solutions/bpsk-core';
+import type { ErrorOptions } from '@xbg.solutions/bpsk-core';
+/**
+ * Options for the Signout error
+ */
+export type SignoutErrorOptions = ErrorOptions & {
+    /** Signout error source */
+    source?: 'firebase' | 'backend' | 'token' | 'general';
+    /** Original error for context */
+    originalError?: Error;
+};
+/**
+ * Signout specific error class
+ */
+export declare class SignoutError extends AppError {
+    /** Source of the signout error */
+    source?: string;
+    constructor(message: string, options?: SignoutErrorOptions);
+}
+/**
+ * Signout options
+ */
+export interface SignoutOptions {
+    /** Skip backend token revocation */
+    skipBackendRevocation?: boolean;
+    /** Redirect URL after signout (defaults to sign in route) */
+    redirectUrl?: string;
+    /** Skip redirection after signout */
+    skipRedirect?: boolean;
+    /** Force complete signout even if backend revocation fails (defaults to false) */
+    forceCompleteSignout?: boolean;
+}
+/**
+ * Signs out the current user, optionally revoking their token on the backend first
+ *
+ * The signout process follows these steps:
+ * 1. Revoke the token on the backend (if a backend is connected)
+ * 2. Sign out from Firebase authentication
+ * 3. Clear local token state
+ * 4. Publish logout event
+ * 5. Redirect to the sign in page (if not skipped)
+ *
+ * @param options Signout options
+ * @returns Promise that resolves when signout is complete
+ * @throws SignoutError if signout fails
+ */
+export declare function signout(options?: SignoutOptions): Promise<void>;
+/**
+ * Safe version of signout with error handling
+ */
+export declare const safeSignout: (options?: SignoutOptions | undefined) => Promise<{
+    success: boolean;
+    data?: void | undefined;
+    error?: AppError;
+}>;
+/**
+ * Default export for convenient imports
+ */
+declare const _default: {
+    signout: typeof signout;
+    safeSignout: (options?: SignoutOptions | undefined) => Promise<{
+        success: boolean;
+        data?: void | undefined;
+        error?: AppError;
+    }>;
+};
+export default _default;
+//# sourceMappingURL=signout.d.ts.map

package/lib/utils/signout.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"signout.d.ts","sourceRoot":"","sources":["../../src/utils/signout.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAIL,QAAQ,EAMT,MAAM,0BAA0B,CAAC;AAClC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAO7D;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,YAAY,GAAG;IAC/C,2BAA2B;IAC3B,MAAM,CAAC,EAAE,UAAU,GAAG,SAAS,GAAG,OAAO,GAAG,SAAS,CAAC;IACtD,iCAAiC;IACjC,aAAa,CAAC,EAAE,KAAK,CAAC;CACvB,CAAC;AAEF;;GAEG;AACH,qBAAa,YAAa,SAAQ,QAAQ;IACxC,kCAAkC;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;gBAEX,OAAO,EAAE,MAAM,EAAE,OAAO,GAAE,mBAAwB;CAS/D;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,oCAAoC;IACpC,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,6DAA6D;IAC7D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,qCAAqC;IACrC,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,kFAAkF;IAClF,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAChC;AAuCD;;;;;;;;;;;;;GAaG;AACH,wBAAsB,OAAO,CAAC,OAAO,GAAE,cAAmB,GAAG,OAAO,CAAC,IAAI,CAAC,CAmGzE;AAED;;GAEG;AACH,eAAO,MAAM,WAAW;;;;EAA6B,CAAC;AAEtD;;GAEG;;;;;;;;;AACH,wBAGE"}

package/lib/utils/signout.js ADDED Viewed

@@ -0,0 +1,168 @@
+/**
+ * src/lib/utils/signout.ts
+ * Signout Utility
+ *
+ * A utility that handles user signout process, including:
+ * - Backend token revocation (when connected to a backend)
+ * - Firebase authentication signout
+ * - Clean state management during signout
+ *
+ * IMPORTANT: This utility is designed to be extended when connecting to a backend.
+ * The current implementation is for Firebase-only authentication. When connecting
+ * to a backend, modify the revokeTokenOnBackend() method to call your backend's
+ * token revocation endpoint.
+ */
+import { signOutUser, processFirebaseError, loggerService, AppError, normalizeError, withErrorHandling, publish, AUTH_EVENTS, AUTH_ROUTES_LEGACY as AUTH_ROUTES } from '@xbg.solutions/bpsk-core';
+import { tokenService } from '../services/token/token.service';
+// Create a logger instance for Signout utility
+const signoutLogger = loggerService.withContext('SignoutUtility');
+/**
+ * Signout specific error class
+ */
+export class SignoutError extends AppError {
+    constructor(message, options = {}) {
+        super(message, {
+            category: 'auth',
+            statusCode: 401,
+            ...options
+        });
+        this.source = options.source;
+    }
+}
+/**
+ * Revokes the user's token on the backend
+ *
+ * IMPORTANT: This is a stub implementation that should be replaced when
+ * connecting to a real backend. The real implementation should:
+ * 1. Get the current authentication token
+ * 2. Make an API call to the backend's token revocation endpoint
+ * 3. Handle the response appropriately
+ *
+ * @returns Promise resolving to true if token was successfully revoked
+ */
+async function revokeTokenOnBackend() {
+    signoutLogger.info('Backend token revocation requested');
+    // IMPORTANT: REPLACE THIS IMPLEMENTATION when connecting to a backend
+    // The following is a stub that simulates a successful token revocation
+    signoutLogger.info('⚠️ Using stub implementation of revokeTokenOnBackend. ' +
+        'Replace this with actual backend call when connecting to a backend service.');
+    // Simulate successful token revocation
+    // When implementing a real backend connection:
+    // 1. Get the current ID token: const token = await tokenService.getToken();
+    // 2. Call your backend API: await fetch('/api/auth/revoke', {
+    //      method: 'POST',
+    //      headers: { Authorization: `Bearer ${token}` }
+    //    });
+    // 3. Handle the response and return true if successful
+    // Artificial delay to simulate network request (remove in real implementation)
+    await new Promise(resolve => setTimeout(resolve, 100));
+    return true;
+}
+/**
+ * Signs out the current user, optionally revoking their token on the backend first
+ *
+ * The signout process follows these steps:
+ * 1. Revoke the token on the backend (if a backend is connected)
+ * 2. Sign out from Firebase authentication
+ * 3. Clear local token state
+ * 4. Publish logout event
+ * 5. Redirect to the sign in page (if not skipped)
+ *
+ * @param options Signout options
+ * @returns Promise that resolves when signout is complete
+ * @throws SignoutError if signout fails
+ */
+export async function signout(options = {}) {
+    const startTime = Date.now();
+    signoutLogger.info('Starting signout process', { options });
+    try {
+        // Step 1: Revoke token on backend if not skipped
+        if (!options.skipBackendRevocation) {
+            try {
+                const revoked = await revokeTokenOnBackend();
+                if (!revoked && !options.forceCompleteSignout) {
+                    throw new SignoutError('Failed to revoke token on backend', {
+                        source: 'backend',
+                        userMessage: 'Failed to securely sign you out. Please try again.'
+                    });
+                }
+            }
+            catch (error) {
+                // Log the backend revocation error
+                signoutLogger.error('Backend token revocation failed', error instanceof Error ? error : new Error(String(error))); // Argument of type 'unknown' is not assignable to parameter of type 'Error | undefined'.
+                // If force complete is not enabled, throw to abort the signout
+                if (!options.forceCompleteSignout) {
+                    throw new SignoutError('Backend token revocation failed', {
+                        source: 'backend',
+                        originalError: error instanceof Error ? error : undefined,
+                        userMessage: 'Failed to securely sign you out. Please try again.'
+                    });
+                }
+                // If force complete is enabled, log warning and continue
+                signoutLogger.warn('Continuing signout despite backend revocation failure (force complete enabled)');
+            }
+        }
+        // Step 2: Sign out from Firebase
+        try {
+            await signOutUser();
+            signoutLogger.info('Firebase signout successful');
+        }
+        catch (error) {
+            // Handle Firebase signout error
+            const firebaseError = processFirebaseError(error, 'Firebase signout failed', { action: 'auth/sign-out' });
+            signoutLogger.error('Firebase signout failed', firebaseError);
+            throw new SignoutError('Firebase signout failed', {
+                source: 'firebase',
+                originalError: firebaseError,
+                userMessage: firebaseError.userMessage || 'Failed to sign you out. Please try again.'
+            });
+        }
+        // Step 3: Clear local token state
+        try {
+            tokenService.clearTokenState();
+            signoutLogger.info('Token state cleared');
+        }
+        catch (error) {
+            // Log token clearing error but continue (non-fatal)
+            signoutLogger.warn('Failed to clear token state', error instanceof Error ? error : new Error(String(error))); // Argument of type 'unknown' is not assignable to parameter of type 'Error | undefined'.
+        }
+        // Step 4: Publish logout event
+        publish(AUTH_EVENTS.LOGOUT, {}, 'SignoutUtility');
+        // Step 5: Redirect to logged out page (if not skipped)
+        if (!options.skipRedirect) {
+            const redirectUrl = options.redirectUrl || AUTH_ROUTES.LOGGED_OUT;
+            signoutLogger.info('Redirecting after signout', { redirectUrl });
+            // Use direct navigation for reliability with replace to force a full page reload
+            // Add timestamp parameter to prevent caching and ensure clean state
+            const separator = redirectUrl.includes('?') ? '&' : '?';
+            window.location.replace(`${redirectUrl}${separator}logout=true&ts=${Date.now()}`);
+        }
+        const duration = Date.now() - startTime;
+        signoutLogger.info(`Signout completed successfully in ${duration}ms`);
+    }
+    catch (error) {
+        const duration = Date.now() - startTime;
+        const normalizedError = normalizeError(error, 'Signout failed', {
+            category: 'auth',
+            userMessage: 'Failed to sign you out completely. Please try again.',
+            context: {
+                durationMs: duration,
+                errorSource: error instanceof SignoutError ? error.source : 'general'
+            }
+        });
+        signoutLogger.error(`Signout failed after ${duration}ms`, normalizedError);
+        throw normalizedError;
+    }
+}
+/**
+ * Safe version of signout with error handling
+ */
+export const safeSignout = withErrorHandling(signout);
+/**
+ * Default export for convenient imports
+ */
+export default {
+    signout,
+    safeSignout
+};
+//# sourceMappingURL=signout.js.map

package/lib/utils/signout.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"signout.js","sourceRoot":"","sources":["../../src/utils/signout.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EACL,WAAW,EACX,oBAAoB,EACpB,aAAa,EACb,QAAQ,EACR,cAAc,EACd,iBAAiB,EACjB,OAAO,EACP,WAAW,EACX,kBAAkB,IAAI,WAAW,EAClC,MAAM,0BAA0B,CAAC;AAElC,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAG/D,+CAA+C;AAC/C,MAAM,aAAa,GAAG,aAAa,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC;AAYlE;;GAEG;AACH,MAAM,OAAO,YAAa,SAAQ,QAAQ;IAIxC,YAAY,OAAe,EAAE,UAA+B,EAAE;QAC5D,KAAK,CAAC,OAAO,EAAE;YACb,QAAQ,EAAE,MAAM;YAChB,UAAU,EAAE,GAAG;YACf,GAAG,OAAO;SACX,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAC/B,CAAC;CACF;AAgBD;;;;;;;;;;GAUG;AACH,KAAK,UAAU,oBAAoB;IACjC,aAAa,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;IAEzD,sEAAsE;IACtE,uEAAuE;IAEvE,aAAa,CAAC,IAAI,CAChB,wDAAwD;QACxD,6EAA6E,CAC9E,CAAC;IAEF,uCAAuC;IACvC,+CAA+C;IAC/C,4EAA4E;IAC5E,+DAA+D;IAC/D,wBAAwB;IACxB,sDAAsD;IACtD,SAAS;IACT,uDAAuD;IAEvD,+EAA+E;IAC/E,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;IAEvD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,UAA0B,EAAE;IACxD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,aAAa,CAAC,IAAI,CAAC,0BAA0B,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;IAE5D,IAAI,CAAC;QACH,iDAAiD;QACjD,IAAI,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAC;YACnC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,oBAAoB,EAAE,CAAC;gBAC7C,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC;oBAC9C,MAAM,IAAI,YAAY,CAAC,mCAAmC,EAAE;wBAC1D,MAAM,EAAE,SAAS;wBACjB,WAAW,EAAE,oDAAoD;qBAClE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,mCAAmC;gBACnC,aAAa,CAAC,KAAK,CAAC,iCAAiC,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,yFAAyF;gBAE5M,+DAA+D;gBAC/D,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC;oBAClC,MAAM,IAAI,YAAY,CAAC,iCAAiC,EAAE;wBACxD,MAAM,EAAE,SAAS;wBACjB,aAAa,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;wBACzD,WAAW,EAAE,oDAAoD;qBAClE,CAAC,CAAC;gBACL,CAAC;gBAED,yDAAyD;gBACzD,aAAa,CAAC,IAAI,CAChB,gFAAgF,CACjF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,iCAAiC;QACjC,IAAI,CAAC;YACH,MAAM,WAAW,EAAE,CAAC;YACpB,aAAa,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QACpD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,gCAAgC;YAChC,MAAM,aAAa,GAAG,oBAAoB,CACxC,KAAK,EACL,yBAAyB,EACzB,EAAE,MAAM,EAAE,eAAe,EAAE,CAC5B,CAAC;YAEF,aAAa,CAAC,KAAK,CAAC,yBAAyB,EAAE,aAAa,CAAC,CAAC;YAE9D,MAAM,IAAI,YAAY,CAAC,yBAAyB,EAAE;gBAChD,MAAM,EAAE,UAAU;gBAClB,aAAa,EAAE,aAAa;gBAC5B,WAAW,EAAE,aAAa,CAAC,WAAW,IAAI,2CAA2C;aACtF,CAAC,CAAC;QACL,CAAC;QAED,kCAAkC;QAClC,IAAI,CAAC;YACH,YAAY,CAAC,eAAe,EAAE,CAAC;YAC/B,aAAa,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QAC5C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,oDAAoD;YACpD,aAAa,CAAC,IAAI,CAAC,6BAA6B,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,yFAAyF;QACzM,CAAC;QAED,+BAA+B;QAC/B,OAAO,CAAC,WAAW,CAAC,MAAM,EAAE,EAAE,EAAE,gBAAgB,CAAC,CAAC;QAElD,uDAAuD;QACvD,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;YAC1B,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,WAAW,CAAC,UAAU,CAAC;YAClE,aAAa,CAAC,IAAI,CAAC,2BAA2B,EAAE,EAAE,WAAW,EAAE,CAAC,CAAC;YAEjE,iFAAiF;YACjF,oEAAoE;YACpE,MAAM,SAAS,GAAG,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;YACxD,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,WAAW,GAAG,SAAS,kBAAkB,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACpF,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QACxC,aAAa,CAAC,IAAI,CAAC,qCAAqC,QAAQ,IAAI,CAAC,CAAC;IACxE,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QACxC,MAAM,eAAe,GAAG,cAAc,CACpC,KAAK,EACL,gBAAgB,EAChB;YACE,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,sDAAsD;YACnE,OAAO,EAAE;gBACP,UAAU,EAAE,QAAQ;gBACpB,WAAW,EAAE,KAAK,YAAY,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;aACtE;SACF,CACF,CAAC;QAEF,aAAa,CAAC,KAAK,CAAC,wBAAwB,QAAQ,IAAI,EAAE,eAAe,CAAC,CAAC;QAC3E,MAAM,eAAe,CAAC;IACxB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;AAEtD;;GAEG;AACH,eAAe;IACb,OAAO;IACP,WAAW;CACZ,CAAC"}