@zuplo/graphql 5.1682.0 → 5.1683.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/index.minified.js +10 -10
  2. package/package.json +1 -1
package/index.minified.js CHANGED
@@ -22,7 +22,7 @@
22
22
  * DEALINGS IN THE SOFTWARE.
23
23
  *--------------------------------------------------------------------------------------------*/
24
24
 
25
- "use strict";var mE=Object.create;var Yn=Object.defineProperty;var yE=Object.getOwnPropertyDescriptor;var gE=Object.getOwnPropertyNames;var bE=Object.getPrototypeOf,_E=Object.prototype.hasOwnProperty;var o=(e,t)=>Yn(e,"name",{value:t,configurable:!0});var I=(e,t)=>()=>(e&&(t=e(e=0)),t);var g=(e,t)=>()=>(t||e((t={exports:{}}).exports,t),t.exports),Yi=(e,t)=>{for(var r in t)Yn(e,r,{get:t[r],enumerable:!0})},dh=(e,t,r,n)=>{if(t&&typeof t=="object"||typeof t=="function")for(let i of gE(t))!_E.call(e,i)&&i!==r&&Yn(e,i,{get:()=>t[i],enumerable:!(n=yE(t,i))||n.enumerable});return e};var ph=(e,t,r)=>(r=e!=null?mE(bE(e)):{},dh(t||!e||!e.__esModule?Yn(r,"default",{value:e,enumerable:!0}):r,e)),Zi=e=>dh(Yn({},"__esModule",{value:!0}),e);var L=g(mt=>{"use strict";Object.defineProperty(mt,"__esModule",{value:!0});mt.FeatureNotEnabledError=mt.ConfigurationError=mt.RuntimeError=mt.SystemError=void 0;var nu=class extends Error{static{o(this,"SystemError")}constructor(t,r){super(t,r),this.name="InternalError"}};mt.SystemError=nu;var Zn=class extends Error{static{o(this,"RuntimeError")}extensionMembers;constructor(t,r){typeof t=="string"?super(t,r):(super(t.message,r),this.extensionMembers=t.extensionMembers),this.name="RuntimeError"}};mt.RuntimeError=Zn;var iu=class extends Zn{static{o(this,"ConfigurationError")}constructor(t,r){super(t,r),this.name="ConfigurationError"}};mt.ConfigurationError=iu;var ou=class extends Zn{static{o(this,"FeatureNotEnabledError")}constructor(t,r){super(t,r),this.name="FeatureNotEnabledError"}};mt.FeatureNotEnabledError=ou});var Y=g(Xi=>{"use strict";Object.defineProperty(Xi,"__esModule",{value:!0});Xi.Environment=void 0;var EE=L(),su=class e{static{o(this,"Environment")}config;static#e;static initialize(t,r){this.#e||(this.#e=new e(t,r))}static get instance(){if(!this.#e)throw new EE.SystemError("Environment has not been initialized");return this.#e}constructor(t,r){let n;try{if(r.__ZUPLO_CONFIG){let i=atob(r.__ZUPLO_CONFIG);n=JSON.parse(i)}}catch{console.warn("Failed to parse runtime configuration")}this.config=n??{},this.build=t,this.runtime=r}build;runtime;get deploymentName(){return this.runtime.__ZUPLO_DEPLOYMENT_NAME??this.config.deployment_name??void 0}get useSha256ServiceRouting(){return this.config.use_sha256_service_routing??void 0}get useProxyForFetchFromZups(){return this.config.use_proxy_for_fetch_from_zups??void 0}get devPortalBaseUrl(){return this.runtime.__ZUPLO_DEV_PORTAL_URL??this.config.dev_portal_url??"https://dev-portal-v4-1.zuplo.com"}get buildAssetsUrl(){return this.runtime.__ZUPLO_BUILD_ASSETS_URL??this.config.build_assets_url??"https://build-assets.zuplo.dev"}get remoteLogToken(){return this.runtime.__ZUPLO_REMOTE_LOG_TOKEN??this.config.remote_log_token??void 0}get managementApiURL(){return this.runtime.__ZUPLO_MANAGEMENT_API_URL??this.config.management_api_url??"https://api.zuplo.com"}get cdnURL(){return this.runtime.__ZUPLO_CDN_URL??this.config.cdn_url??"https://cdn.zuplo.com"}get remoteLogURL(){return this.runtime.__ZUPLO_REMOTE_LOG_URL??this.config.log_event_api??"https://ellie.zuplo.com"}get loggingId(){return this.runtime.__ZUPLO_LOGGING_ID??this.config.logging_id??void 0}get redisURL(){return this.runtime.__ZUPLO_REDIS_URL??this.config.redis_proxy_url??"https://redis-proxy.zuplo.com"}get apiKeyServiceUrl(){return this.runtime.__ZUPLO_API_KEY_SERVICE_URL??this.config.api_key_service_url??"https://apikey.zuplo.com"}get meteringServiceUrl(){return this.runtime.__ZUPLO_API_KEY_SERVICE_URL??this.config.api_key_service_url??"https://meters.zuplo.com"}get authApiJWT(){return this.runtime.__ZUPLO_AUTH_API_JWT??void 0}get userLogLevel(){return this.runtime.ZUPLO_LOG_LEVEL??this.runtime.__ZUPLO_LOG_LEVEL??this.config.user_log_level??"debug"}get systemLogLevel(){return this.runtime.__ZUPLO_LOG_LEVEL??this.config.system_log_level??"debug"}get logFormat(){return this.runtime.__ZUPLO_LOG_FORMAT??this.config.log_format??"cloudflare"}get isCloudflare(){return this.runtime.__ZUPLO_RUNTIME_TYPE?this.runtime.__ZUPLO_RUNTIME_TYPE==="cloudflare":this.config.runtime_type?this.config.runtime_type==="cloudflare":typeof WebSocketPair=="function"}get isDeno(){return this.runtime.__ZUPLO_RUNTIME_TYPE?this.runtime.__ZUPLO_RUNTIME_TYPE==="deno":this.config.runtime_type?this.config.runtime_type==="deno":typeof WebSocketPair!="function"}get isLocalDevelopment(){return this.build.ENVIRONMENT_TYPE?this.build.ENVIRONMENT_TYPE==="LOCAL_DEVELOPMENT":!1}get systemUserAgent(){return`Zuplo/${this.build.ZUPLO_VERSION}`}get loggingEnvironmentType(){return this.isCloudflare?"edge":this.isLocalDevelopment?"local":this.isDeno?"working-copy":"unknown"}get loggingEnvironmentStage(){return this.build.ENVIRONMENT_TYPE==="PRODUCTION"?"production":this.build.ENVIRONMENT_TYPE==="PREVIEW"?"preview":this.isLocalDevelopment?"local":this.isDeno?"working-copy":"unknown"}};Xi.Environment=su});var yh=g(mh=>{"use strict";Object.defineProperty(mh,"__esModule",{value:!0});var hh=Y();Function.prototype.toString=function(){return"[native code]"};var eo=globalThis,fh=eo.caches;if(fh){let e=fh.open;eo.caches.open=function(t){let r=hh.Environment.instance.deploymentName??hh.Environment.instance.build.BUILD_ID;return e.call(this,`${r}-${t}`)},delete eo.caches.default,Object.freeze(eo.caches)}});var uu=g(to=>{"use strict";Object.defineProperty(to,"__esModule",{value:!0});to.MemoryCache=void 0;var wE=1e4,vE=1e3,gh=new Map,au=class{static{o(this,"InnerCache")}constructor(t){this.#e=t.maxSize}#e;#t=0;#r=new Map;#n=[];get(t){let r=this.#r.get(t);if(!r)return;let n=Date.now();if(n>r.expiresAt){this.#r.delete(t);return}return r.lastUsed=n,this.#i(),r?.data}put(t,r,n){if(n<=0)return;if(this.#r.size>=this.#e){let a=this.#n.shift();a&&this.#r.delete(a)}let i=Date.now(),s={created:i,lastUsed:i,expiresAt:i+n*1e3,data:r};this.#n.push(t),this.#r.set(t,s)}delete(t){let r=this.#n.indexOf(t);r>=0&&this.#n.slice(r,1),this.#r.delete(t)}get size(){return this.#r.size}#i(){let t=Date.now();this.#t+wE*1e3>t&&(this.purge(),this.#t=t)}purge(){let t=Date.now();this.#r.forEach((r,n)=>{r.expiresAt>=t&&this.#r.delete(n)})}},cu=class{static{o(this,"MemoryCache")}constructor(t,r={maxSize:vE}){this.name=t;let n=gh.get(t);n||(n=new au(r),gh.set(t,n)),this.#e=n}name;#e;get(t){return this.#e.get(t)}put(t,r,n){return this.#e.put(t,r,n)}delete(t){return this.#e.delete(t)}get size(){return this.#e.size}purge(){this.#e.purge()}};to.MemoryCache=cu});var no=g(ro=>{"use strict";Object.defineProperty(ro,"__esModule",{value:!0});ro.ZoneCache=void 0;var lu="__zuplo-expiry-header",du=class{static{o(this,"ZoneCache")}constructor(t,r){this.#t=t,this.#e=r}#e;#t;#r;async#n(){return this.#r||(this.#r=await caches.open(this.#t)),this.#r}#i(t){return new Request(`https://zone-cache.zuplo.app/${encodeURIComponent(t)}`)}async get(t){try{let r=await this.#n(),n=this.#i(t),i=await r.match(n);if(!i)return;let s=i.headers.get(lu);if(!s){try{await r.delete(n)}catch(u){this.logDebug("Handled failure to delete with CF cache because of missing expiryHeader",u),await this.deleteFallback(t)}return}let a=parseInt(s);if(Date.now()>=a){try{await r.delete(n)}catch(u){this.logDebug("Handled failure to delete with CF cache because of expiration",u),await this.deleteFallback(t)}return}return await i.json()}catch(r){this.logDebug(r)}}async put(t,r,n){let i=new Headers({"cache-control":`s-maxage=${n}, must-revalidate`,"content-type":"application/json"});i.set(lu,`${Date.now()+n*1e3}`);let s=await this.#n(),a=this.#i(t),c=new Response(JSON.stringify(r),{headers:i});await s.put(a,c)}async delete(t){let r=await this.#n(),n=this.#i(t);try{await r.delete(n)}catch(i){this.logDebug("Handled failure to delete with CF cache due to explicit delete call",i),await this.deleteFallback(t)}}async deleteFallback(t){let r=new Headers({"Cache-Control":"s-maxage=0, must-revalidate"});r.set(lu,`${Date.now()}`);let n=await this.#n(),i=this.#i(t),s=new Response("",{headers:r});await n.put(i,s)}logDebug(...t){"logger"in this.#e?this.#e.logger?.debug(`Error in ZoneCache: '${this.#t}'`,t):"log"in this.#e&&this.#e.log.debug(`Error in ZoneCache: '${this.#t}'`,t)}};ro.ZoneCache=du});var Kt=g(io=>{"use strict";Object.defineProperty(io,"__esModule",{value:!0});io.MemoryZoneReadThroughCache=void 0;var TE=uu(),SE=no(),pu=class{static{o(this,"MemoryZoneReadThroughCache")}constructor(t,r){let n=`f6726488-fd18-4b7f-9c30-6070565e8042-${t}`;this.#e=t,this.#t=new TE.MemoryCache(n),this.#r=new SE.ZoneCache(n,r),this.#n=r}#e;#t;#r;#n;async get(t){let r=this.#t.get(t);if(r)return r;let n=await this.#r.get(t);if(n){let i=Math.floor((n.expires-Date.now())/1e3);if(i>0)return this.#t.put(t,n.data,i),n.data}}put(t,r,n){this.#t.put(t,r,n);let i={data:r,expires:Date.now()+n*1e3};this.#r.put(t,i,n).catch(s=>{"logger"in this.#n?this.#n.logger?.error(`Error in MemoryZoneReadThroughCache: '${this.#e}'`,s):"log"in this.#n&&this.#n.log.error(`Error in MemoryZoneReadThroughCache: '${this.#e}'`,s)})}};io.MemoryZoneReadThroughCache=pu});var Xn=g(R=>{"use strict";Object.defineProperty(R,"__esModule",{value:!0});R.INTERNAL_HEADERS_TO_REMOVE=R.DISPATCH_HEADERS_TO_REMOVE=R.ZP_TIMEZONE_HEADER=R.ZP_REGION_CODE_HEADER=R.ZP_REGION_HEADER=R.ZP_METRO_CODE_HEADER=R.ZP_POSTAL_CODE_HEADER=R.ZP_COLO_HEADER=R.ZP_AS_ORG_HEADER=R.ZP_ASN_HEADER=R.TRUE_CLIENT_IP=R.ZP_IP_LATITUDE_HEADER=R.ZP_IP_LONGITUDE_HEADER=R.ZP_IP_COUNTRY_HEADER=R.ZP_IP_CONTINENT_HEADER=R.ZP_IP_CITY_HEADER=R.CF_IP_LATITUDE_HEADER=R.CF_IP_LONGITUDE_HEADER=R.CF_IP_COUNTRY_HEADER=R.CF_IP_CONTINENT_HEADER=R.CF_IP_CITY_HEADER=R.RAY_ID_HEADER=R.BODY_REMOVED_HEADER=R.REQUEST_ID_HEADER=R.LEGACY_REQUEST_ID_HEADER=void 0;R.LEGACY_REQUEST_ID_HEADER="zuplo-request-id";R.REQUEST_ID_HEADER="zp-rid";R.BODY_REMOVED_HEADER="zp-body-removed";R.RAY_ID_HEADER="cf-ray";R.CF_IP_CITY_HEADER="cf-ipcity";R.CF_IP_CONTINENT_HEADER="cf-ipcontinent";R.CF_IP_COUNTRY_HEADER="cf-ipcountry";R.CF_IP_LONGITUDE_HEADER="cf-iplongitude";R.CF_IP_LATITUDE_HEADER="cf-iplatitude";R.ZP_IP_CITY_HEADER="zp-ipcity";R.ZP_IP_CONTINENT_HEADER="zp-ipcontinent";R.ZP_IP_COUNTRY_HEADER="zp-ipcountry";R.ZP_IP_LONGITUDE_HEADER="zp-iplongitude";R.ZP_IP_LATITUDE_HEADER="zp-iplatitude";R.TRUE_CLIENT_IP="true-client-ip";R.ZP_ASN_HEADER="zp-asn";R.ZP_AS_ORG_HEADER="zp-asorg";R.ZP_COLO_HEADER="zp-colo";R.ZP_POSTAL_CODE_HEADER="zp-postalcode";R.ZP_METRO_CODE_HEADER="zp-metrocode";R.ZP_REGION_HEADER="zp-region";R.ZP_REGION_CODE_HEADER="zp-regioncode";R.ZP_TIMEZONE_HEADER="zp-timezone";R.DISPATCH_HEADERS_TO_REMOVE=[R.CF_IP_CITY_HEADER,R.CF_IP_CONTINENT_HEADER,R.CF_IP_COUNTRY_HEADER,R.CF_IP_LONGITUDE_HEADER,R.CF_IP_LATITUDE_HEADER,R.ZP_ASN_HEADER,R.ZP_AS_ORG_HEADER,R.ZP_COLO_HEADER,R.ZP_POSTAL_CODE_HEADER,R.ZP_METRO_CODE_HEADER,R.ZP_REGION_HEADER,R.ZP_REGION_CODE_HEADER,R.ZP_TIMEZONE_HEADER];R.INTERNAL_HEADERS_TO_REMOVE=["x-b3-sampled","x-b3-spanid","x-b3-traceid","x-envoy-attempt-count","x-envoy-decorator-operation","x-envoy-external-address","x-envoy-peer-metadata","x-envoy-peer-metadata-id","k-proxy-request","fly-client-ip","fly-forwarded-port","fly-forwarded-proto","fly-forwarded-ssl","fly-region","fly-request-id","fly-traceparent","fly-tracestate"]});var Ph=g(v=>{"use strict";Object.defineProperty(v,"__esModule",{value:!0});v.generateColor=v.colorFunctions=v.stripColor=v.bgRgb24=v.rgb24=v.bgRgb8=v.rgb8=v.bgBrightWhite=v.bgBrightCyan=v.bgBrightMagenta=v.bgBrightBlue=v.bgBrightYellow=v.bgBrightGreen=v.bgBrightRed=v.bgBrightBlack=v.bgWhite=v.bgCyan=v.bgMagenta=v.bgBlue=v.bgYellow=v.bgGreen=v.bgRed=v.bgBlack=v.brightWhite=v.brightCyan=v.brightMagenta=v.brightBlue=v.brightYellow=v.brightGreen=v.brightRed=v.brightBlack=v.gray=v.white=v.cyan=v.magenta=v.blue=v.yellow=v.green=v.red=v.black=v.strikethrough=v.hidden=v.inverse=v.underline=v.italic=v.dim=v.bold=v.reset=v.getColorEnabled=v.setColorEnabled=void 0;var bh=!0,hu=!bh;function IE(e){bh||(hu=e)}o(IE,"setColorEnabled");v.setColorEnabled=IE;function PE(){return hu}o(PE,"getColorEnabled");v.getColorEnabled=PE;function q(e,t){return{open:`\x1B[${e.join(";")}m`,close:`\x1B[${t}m`,regexp:new RegExp(`\\x1b\\[${t}m`,"g")}}o(q,"code");function $(e,t){return hu?`${t.open}${e.replace(t.regexp,t.open)}${t.close}`:e}o($,"run");function AE(e){return $(e,q([0],0))}o(AE,"reset");v.reset=AE;function RE(e){return $(e,q([1],22))}o(RE,"bold");v.bold=RE;function OE(e){return $(e,q([2],22))}o(OE,"dim");v.dim=OE;function xE(e){return $(e,q([3],23))}o(xE,"italic");v.italic=xE;function NE(e){return $(e,q([4],24))}o(NE,"underline");v.underline=NE;function CE(e){return $(e,q([7],27))}o(CE,"inverse");v.inverse=CE;function LE(e){return $(e,q([8],28))}o(LE,"hidden");v.hidden=LE;function DE(e){return $(e,q([9],29))}o(DE,"strikethrough");v.strikethrough=DE;function UE(e){return $(e,q([30],39))}o(UE,"black");v.black=UE;function _h(e){return $(e,q([31],39))}o(_h,"red");v.red=_h;function Eh(e){return $(e,q([32],39))}o(Eh,"green");v.green=Eh;function wh(e){return $(e,q([33],39))}o(wh,"yellow");v.yellow=wh;function vh(e){return $(e,q([34],39))}o(vh,"blue");v.blue=vh;function Th(e){return $(e,q([35],39))}o(Th,"magenta");v.magenta=Th;function Sh(e){return $(e,q([36],39))}o(Sh,"cyan");v.cyan=Sh;function ME(e){return $(e,q([37],39))}o(ME,"white");v.white=ME;function kE(e){return Ih(e)}o(kE,"gray");v.gray=kE;function Ih(e){return $(e,q([90],39))}o(Ih,"brightBlack");v.brightBlack=Ih;function HE(e){return $(e,q([91],39))}o(HE,"brightRed");v.brightRed=HE;function FE(e){return $(e,q([92],39))}o(FE,"brightGreen");v.brightGreen=FE;function qE(e){return $(e,q([93],39))}o(qE,"brightYellow");v.brightYellow=qE;function $E(e){return $(e,q([94],39))}o($E,"brightBlue");v.brightBlue=$E;function jE(e){return $(e,q([95],39))}o(jE,"brightMagenta");v.brightMagenta=jE;function VE(e){return $(e,q([96],39))}o(VE,"brightCyan");v.brightCyan=VE;function GE(e){return $(e,q([97],39))}o(GE,"brightWhite");v.brightWhite=GE;function BE(e){return $(e,q([40],49))}o(BE,"bgBlack");v.bgBlack=BE;function KE(e){return $(e,q([41],49))}o(KE,"bgRed");v.bgRed=KE;function JE(e){return $(e,q([42],49))}o(JE,"bgGreen");v.bgGreen=JE;function zE(e){return $(e,q([43],49))}o(zE,"bgYellow");v.bgYellow=zE;function WE(e){return $(e,q([44],49))}o(WE,"bgBlue");v.bgBlue=WE;function QE(e){return $(e,q([45],49))}o(QE,"bgMagenta");v.bgMagenta=QE;function YE(e){return $(e,q([46],49))}o(YE,"bgCyan");v.bgCyan=YE;function ZE(e){return $(e,q([47],49))}o(ZE,"bgWhite");v.bgWhite=ZE;function XE(e){return $(e,q([100],49))}o(XE,"bgBrightBlack");v.bgBrightBlack=XE;function ew(e){return $(e,q([101],49))}o(ew,"bgBrightRed");v.bgBrightRed=ew;function tw(e){return $(e,q([102],49))}o(tw,"bgBrightGreen");v.bgBrightGreen=tw;function rw(e){return $(e,q([103],49))}o(rw,"bgBrightYellow");v.bgBrightYellow=rw;function nw(e){return $(e,q([104],49))}o(nw,"bgBrightBlue");v.bgBrightBlue=nw;function iw(e){return $(e,q([105],49))}o(iw,"bgBrightMagenta");v.bgBrightMagenta=iw;function ow(e){return $(e,q([106],49))}o(ow,"bgBrightCyan");v.bgBrightCyan=ow;function sw(e){return $(e,q([107],49))}o(sw,"bgBrightWhite");v.bgBrightWhite=sw;function Jt(e,t=255,r=0){return Math.trunc(Math.max(Math.min(e,t),r))}o(Jt,"clampAndTruncate");function aw(e,t){return $(e,q([38,5,Jt(t)],39))}o(aw,"rgb8");v.rgb8=aw;function cw(e,t){return $(e,q([48,5,Jt(t)],49))}o(cw,"bgRgb8");v.bgRgb8=cw;function uw(e,t){return typeof t=="number"?$(e,q([38,2,t>>16&255,t>>8&255,t&255],39)):$(e,q([38,2,Jt(t.r),Jt(t.g),Jt(t.b)],39))}o(uw,"rgb24");v.rgb24=uw;function lw(e,t){return typeof t=="number"?$(e,q([48,2,t>>16&255,t>>8&255,t&255],49)):$(e,q([48,2,Jt(t.r),Jt(t.g),Jt(t.b)],49))}o(lw,"bgRgb24");v.bgRgb24=lw;var dw=new RegExp(["[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)","(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PR-TZcf-ntqry=><~]))"].join("|"),"g");function pw(e){return e.replace(dw,"")}o(pw,"stripColor");v.stripColor=pw;v.colorFunctions=[_h,Eh,wh,vh,Th,Sh];function hw(e){let t=0,r=e.length,n=0;if(r>0)for(;n<r;)t=(t<<5)-t+e.charCodeAt(n++)|0;return t}o(hw,"hashCode");function fw(e){let t=Math.abs(hw(e));return v.colorFunctions[t%v.colorFunctions.length]}o(fw,"generateColor");v.generateColor=fw});var Ah=g(oo=>{"use strict";Object.defineProperty(oo,"__esModule",{value:!0});oo.format=void 0;function mw(e,t,...r){let n=0,i=r.length,s=String(t).replace(/%[sdjoO%]/g,a=>{if(a==="%%")return"%";if(n>=i)return a;switch(a){case"%s":return String(r[n++]);case"%d":return Number(r[n++]).toString();case"%o":return e(r[n++]).split(`
25
+ "use strict";var mE=Object.create;var Yn=Object.defineProperty;var yE=Object.getOwnPropertyDescriptor;var gE=Object.getOwnPropertyNames;var bE=Object.getPrototypeOf,_E=Object.prototype.hasOwnProperty;var o=(e,t)=>Yn(e,"name",{value:t,configurable:!0});var I=(e,t)=>()=>(e&&(t=e(e=0)),t);var g=(e,t)=>()=>(t||e((t={exports:{}}).exports,t),t.exports),Yi=(e,t)=>{for(var r in t)Yn(e,r,{get:t[r],enumerable:!0})},dh=(e,t,r,n)=>{if(t&&typeof t=="object"||typeof t=="function")for(let i of gE(t))!_E.call(e,i)&&i!==r&&Yn(e,i,{get:()=>t[i],enumerable:!(n=yE(t,i))||n.enumerable});return e};var ph=(e,t,r)=>(r=e!=null?mE(bE(e)):{},dh(t||!e||!e.__esModule?Yn(r,"default",{value:e,enumerable:!0}):r,e)),Zi=e=>dh(Yn({},"__esModule",{value:!0}),e);var D=g(mt=>{"use strict";Object.defineProperty(mt,"__esModule",{value:!0});mt.FeatureNotEnabledError=mt.ConfigurationError=mt.RuntimeError=mt.SystemError=void 0;var nu=class extends Error{static{o(this,"SystemError")}constructor(t,r){super(t,r),this.name="InternalError"}};mt.SystemError=nu;var Zn=class extends Error{static{o(this,"RuntimeError")}extensionMembers;constructor(t,r){typeof t=="string"?super(t,r):(super(t.message,r),this.extensionMembers=t.extensionMembers),this.name="RuntimeError"}};mt.RuntimeError=Zn;var iu=class extends Zn{static{o(this,"ConfigurationError")}constructor(t,r){super(t,r),this.name="ConfigurationError"}};mt.ConfigurationError=iu;var ou=class extends Zn{static{o(this,"FeatureNotEnabledError")}constructor(t,r){super(t,r),this.name="FeatureNotEnabledError"}};mt.FeatureNotEnabledError=ou});var Y=g(Xi=>{"use strict";Object.defineProperty(Xi,"__esModule",{value:!0});Xi.Environment=void 0;var EE=D(),su=class e{static{o(this,"Environment")}config;static#e;static initialize(t,r){this.#e||(this.#e=new e(t,r))}static get instance(){if(!this.#e)throw new EE.SystemError("Environment has not been initialized");return this.#e}constructor(t,r){let n;try{if(r.__ZUPLO_CONFIG){let i=atob(r.__ZUPLO_CONFIG);n=JSON.parse(i)}}catch{console.warn("Failed to parse runtime configuration")}this.config=n??{},this.build=t,this.runtime=r}build;runtime;get deploymentName(){return this.runtime.__ZUPLO_DEPLOYMENT_NAME??this.config.deployment_name??void 0}get useSha256ServiceRouting(){return this.config.use_sha256_service_routing??void 0}get useProxyForFetchFromZups(){return this.config.use_proxy_for_fetch_from_zups??void 0}get devPortalBaseUrl(){return this.runtime.__ZUPLO_DEV_PORTAL_URL??this.config.dev_portal_url??"https://dev-portal-v4-1.zuplo.com"}get buildAssetsUrl(){return this.runtime.__ZUPLO_BUILD_ASSETS_URL??this.config.build_assets_url??"https://build-assets.zuplo.dev"}get remoteLogToken(){return this.runtime.__ZUPLO_REMOTE_LOG_TOKEN??this.config.remote_log_token??void 0}get managementApiURL(){return this.runtime.__ZUPLO_MANAGEMENT_API_URL??this.config.management_api_url??"https://api.zuplo.com"}get cdnURL(){return this.runtime.__ZUPLO_CDN_URL??this.config.cdn_url??"https://cdn.zuplo.com"}get remoteLogURL(){return this.runtime.__ZUPLO_REMOTE_LOG_URL??this.config.log_event_api??"https://ellie.zuplo.com"}get loggingId(){return this.runtime.__ZUPLO_LOGGING_ID??this.config.logging_id??void 0}get redisURL(){return this.runtime.__ZUPLO_REDIS_URL??this.config.redis_proxy_url??"https://redis-proxy.zuplo.com"}get apiKeyServiceUrl(){return this.runtime.__ZUPLO_API_KEY_SERVICE_URL??this.config.api_key_service_url??"https://apikey.zuplo.com"}get meteringServiceUrl(){return this.runtime.__ZUPLO_API_KEY_SERVICE_URL??this.config.api_key_service_url??"https://meters.zuplo.com"}get authApiJWT(){return this.runtime.__ZUPLO_AUTH_API_JWT??void 0}get userLogLevel(){return this.runtime.ZUPLO_LOG_LEVEL??this.runtime.__ZUPLO_LOG_LEVEL??this.config.user_log_level??"debug"}get systemLogLevel(){return this.runtime.__ZUPLO_LOG_LEVEL??this.config.system_log_level??"debug"}get logFormat(){return this.runtime.__ZUPLO_LOG_FORMAT??this.config.log_format??"cloudflare"}get isCloudflare(){return this.runtime.__ZUPLO_RUNTIME_TYPE?this.runtime.__ZUPLO_RUNTIME_TYPE==="cloudflare":this.config.runtime_type?this.config.runtime_type==="cloudflare":typeof WebSocketPair=="function"}get isDeno(){return this.runtime.__ZUPLO_RUNTIME_TYPE?this.runtime.__ZUPLO_RUNTIME_TYPE==="deno":this.config.runtime_type?this.config.runtime_type==="deno":typeof WebSocketPair!="function"}get isLocalDevelopment(){return this.build.ENVIRONMENT_TYPE?this.build.ENVIRONMENT_TYPE==="LOCAL_DEVELOPMENT":!1}get systemUserAgent(){return`Zuplo/${this.build.ZUPLO_VERSION}`}get loggingEnvironmentType(){return this.isCloudflare?"edge":this.isLocalDevelopment?"local":this.isDeno?"working-copy":"unknown"}get loggingEnvironmentStage(){return this.build.ENVIRONMENT_TYPE==="PRODUCTION"?"production":this.build.ENVIRONMENT_TYPE==="PREVIEW"?"preview":this.isLocalDevelopment?"local":this.isDeno?"working-copy":"unknown"}};Xi.Environment=su});var yh=g(mh=>{"use strict";Object.defineProperty(mh,"__esModule",{value:!0});var hh=Y();Function.prototype.toString=function(){return"[native code]"};var eo=globalThis,fh=eo.caches;if(fh){let e=fh.open;eo.caches.open=function(t){let r=hh.Environment.instance.deploymentName??hh.Environment.instance.build.BUILD_ID;return e.call(this,`${r}-${t}`)},delete eo.caches.default,Object.freeze(eo.caches)}});var uu=g(to=>{"use strict";Object.defineProperty(to,"__esModule",{value:!0});to.MemoryCache=void 0;var wE=1e4,vE=1e3,gh=new Map,au=class{static{o(this,"InnerCache")}constructor(t){this.#e=t.maxSize}#e;#t=0;#r=new Map;#n=[];get(t){let r=this.#r.get(t);if(!r)return;let n=Date.now();if(n>r.expiresAt){this.#r.delete(t);return}return r.lastUsed=n,this.#i(),r?.data}put(t,r,n){if(n<=0)return;if(this.#r.size>=this.#e){let a=this.#n.shift();a&&this.#r.delete(a)}let i=Date.now(),s={created:i,lastUsed:i,expiresAt:i+n*1e3,data:r};this.#n.push(t),this.#r.set(t,s)}delete(t){let r=this.#n.indexOf(t);r>=0&&this.#n.slice(r,1),this.#r.delete(t)}get size(){return this.#r.size}#i(){let t=Date.now();this.#t+wE*1e3>t&&(this.purge(),this.#t=t)}purge(){let t=Date.now();this.#r.forEach((r,n)=>{r.expiresAt>=t&&this.#r.delete(n)})}},cu=class{static{o(this,"MemoryCache")}constructor(t,r={maxSize:vE}){this.name=t;let n=gh.get(t);n||(n=new au(r),gh.set(t,n)),this.#e=n}name;#e;get(t){return this.#e.get(t)}put(t,r,n){return this.#e.put(t,r,n)}delete(t){return this.#e.delete(t)}get size(){return this.#e.size}purge(){this.#e.purge()}};to.MemoryCache=cu});var no=g(ro=>{"use strict";Object.defineProperty(ro,"__esModule",{value:!0});ro.ZoneCache=void 0;var lu="__zuplo-expiry-header",du=class{static{o(this,"ZoneCache")}constructor(t,r){this.#t=t,this.#e=r}#e;#t;#r;async#n(){return this.#r||(this.#r=await caches.open(this.#t)),this.#r}#i(t){return new Request(`https://zone-cache.zuplo.app/${encodeURIComponent(t)}`)}async get(t){try{let r=await this.#n(),n=this.#i(t),i=await r.match(n);if(!i)return;let s=i.headers.get(lu);if(!s){try{await r.delete(n)}catch(u){this.logDebug("Handled failure to delete with CF cache because of missing expiryHeader",u),await this.deleteFallback(t)}return}let a=parseInt(s);if(Date.now()>=a){try{await r.delete(n)}catch(u){this.logDebug("Handled failure to delete with CF cache because of expiration",u),await this.deleteFallback(t)}return}return await i.json()}catch(r){this.logDebug(r)}}async put(t,r,n){let i=new Headers({"cache-control":`s-maxage=${n}, must-revalidate`,"content-type":"application/json"});i.set(lu,`${Date.now()+n*1e3}`);let s=await this.#n(),a=this.#i(t),c=new Response(JSON.stringify(r),{headers:i});await s.put(a,c)}async delete(t){let r=await this.#n(),n=this.#i(t);try{await r.delete(n)}catch(i){this.logDebug("Handled failure to delete with CF cache due to explicit delete call",i),await this.deleteFallback(t)}}async deleteFallback(t){let r=new Headers({"Cache-Control":"s-maxage=0, must-revalidate"});r.set(lu,`${Date.now()}`);let n=await this.#n(),i=this.#i(t),s=new Response("",{headers:r});await n.put(i,s)}logDebug(...t){"logger"in this.#e?this.#e.logger?.debug(`Error in ZoneCache: '${this.#t}'`,t):"log"in this.#e&&this.#e.log.debug(`Error in ZoneCache: '${this.#t}'`,t)}};ro.ZoneCache=du});var Kt=g(io=>{"use strict";Object.defineProperty(io,"__esModule",{value:!0});io.MemoryZoneReadThroughCache=void 0;var TE=uu(),SE=no(),pu=class{static{o(this,"MemoryZoneReadThroughCache")}constructor(t,r){let n=`f6726488-fd18-4b7f-9c30-6070565e8042-${t}`;this.#e=t,this.#t=new TE.MemoryCache(n),this.#r=new SE.ZoneCache(n,r),this.#n=r}#e;#t;#r;#n;async get(t){let r=this.#t.get(t);if(r)return r;let n=await this.#r.get(t);if(n){let i=Math.floor((n.expires-Date.now())/1e3);if(i>0)return this.#t.put(t,n.data,i),n.data}}put(t,r,n){this.#t.put(t,r,n);let i={data:r,expires:Date.now()+n*1e3};this.#r.put(t,i,n).catch(s=>{"logger"in this.#n?this.#n.logger?.error(`Error in MemoryZoneReadThroughCache: '${this.#e}'`,s):"log"in this.#n&&this.#n.log.error(`Error in MemoryZoneReadThroughCache: '${this.#e}'`,s)})}};io.MemoryZoneReadThroughCache=pu});var Xn=g(R=>{"use strict";Object.defineProperty(R,"__esModule",{value:!0});R.INTERNAL_HEADERS_TO_REMOVE=R.DISPATCH_HEADERS_TO_REMOVE=R.ZP_TIMEZONE_HEADER=R.ZP_REGION_CODE_HEADER=R.ZP_REGION_HEADER=R.ZP_METRO_CODE_HEADER=R.ZP_POSTAL_CODE_HEADER=R.ZP_COLO_HEADER=R.ZP_AS_ORG_HEADER=R.ZP_ASN_HEADER=R.TRUE_CLIENT_IP=R.ZP_IP_LATITUDE_HEADER=R.ZP_IP_LONGITUDE_HEADER=R.ZP_IP_COUNTRY_HEADER=R.ZP_IP_CONTINENT_HEADER=R.ZP_IP_CITY_HEADER=R.CF_IP_LATITUDE_HEADER=R.CF_IP_LONGITUDE_HEADER=R.CF_IP_COUNTRY_HEADER=R.CF_IP_CONTINENT_HEADER=R.CF_IP_CITY_HEADER=R.RAY_ID_HEADER=R.BODY_REMOVED_HEADER=R.REQUEST_ID_HEADER=R.LEGACY_REQUEST_ID_HEADER=void 0;R.LEGACY_REQUEST_ID_HEADER="zuplo-request-id";R.REQUEST_ID_HEADER="zp-rid";R.BODY_REMOVED_HEADER="zp-body-removed";R.RAY_ID_HEADER="cf-ray";R.CF_IP_CITY_HEADER="cf-ipcity";R.CF_IP_CONTINENT_HEADER="cf-ipcontinent";R.CF_IP_COUNTRY_HEADER="cf-ipcountry";R.CF_IP_LONGITUDE_HEADER="cf-iplongitude";R.CF_IP_LATITUDE_HEADER="cf-iplatitude";R.ZP_IP_CITY_HEADER="zp-ipcity";R.ZP_IP_CONTINENT_HEADER="zp-ipcontinent";R.ZP_IP_COUNTRY_HEADER="zp-ipcountry";R.ZP_IP_LONGITUDE_HEADER="zp-iplongitude";R.ZP_IP_LATITUDE_HEADER="zp-iplatitude";R.TRUE_CLIENT_IP="true-client-ip";R.ZP_ASN_HEADER="zp-asn";R.ZP_AS_ORG_HEADER="zp-asorg";R.ZP_COLO_HEADER="zp-colo";R.ZP_POSTAL_CODE_HEADER="zp-postalcode";R.ZP_METRO_CODE_HEADER="zp-metrocode";R.ZP_REGION_HEADER="zp-region";R.ZP_REGION_CODE_HEADER="zp-regioncode";R.ZP_TIMEZONE_HEADER="zp-timezone";R.DISPATCH_HEADERS_TO_REMOVE=[R.CF_IP_CITY_HEADER,R.CF_IP_CONTINENT_HEADER,R.CF_IP_COUNTRY_HEADER,R.CF_IP_LONGITUDE_HEADER,R.CF_IP_LATITUDE_HEADER,R.ZP_ASN_HEADER,R.ZP_AS_ORG_HEADER,R.ZP_COLO_HEADER,R.ZP_POSTAL_CODE_HEADER,R.ZP_METRO_CODE_HEADER,R.ZP_REGION_HEADER,R.ZP_REGION_CODE_HEADER,R.ZP_TIMEZONE_HEADER];R.INTERNAL_HEADERS_TO_REMOVE=["x-b3-sampled","x-b3-spanid","x-b3-traceid","x-envoy-attempt-count","x-envoy-decorator-operation","x-envoy-external-address","x-envoy-peer-metadata","x-envoy-peer-metadata-id","k-proxy-request","fly-client-ip","fly-forwarded-port","fly-forwarded-proto","fly-forwarded-ssl","fly-region","fly-request-id","fly-traceparent","fly-tracestate"]});var Ph=g(v=>{"use strict";Object.defineProperty(v,"__esModule",{value:!0});v.generateColor=v.colorFunctions=v.stripColor=v.bgRgb24=v.rgb24=v.bgRgb8=v.rgb8=v.bgBrightWhite=v.bgBrightCyan=v.bgBrightMagenta=v.bgBrightBlue=v.bgBrightYellow=v.bgBrightGreen=v.bgBrightRed=v.bgBrightBlack=v.bgWhite=v.bgCyan=v.bgMagenta=v.bgBlue=v.bgYellow=v.bgGreen=v.bgRed=v.bgBlack=v.brightWhite=v.brightCyan=v.brightMagenta=v.brightBlue=v.brightYellow=v.brightGreen=v.brightRed=v.brightBlack=v.gray=v.white=v.cyan=v.magenta=v.blue=v.yellow=v.green=v.red=v.black=v.strikethrough=v.hidden=v.inverse=v.underline=v.italic=v.dim=v.bold=v.reset=v.getColorEnabled=v.setColorEnabled=void 0;var bh=!0,hu=!bh;function IE(e){bh||(hu=e)}o(IE,"setColorEnabled");v.setColorEnabled=IE;function PE(){return hu}o(PE,"getColorEnabled");v.getColorEnabled=PE;function q(e,t){return{open:`\x1B[${e.join(";")}m`,close:`\x1B[${t}m`,regexp:new RegExp(`\\x1b\\[${t}m`,"g")}}o(q,"code");function $(e,t){return hu?`${t.open}${e.replace(t.regexp,t.open)}${t.close}`:e}o($,"run");function AE(e){return $(e,q([0],0))}o(AE,"reset");v.reset=AE;function RE(e){return $(e,q([1],22))}o(RE,"bold");v.bold=RE;function OE(e){return $(e,q([2],22))}o(OE,"dim");v.dim=OE;function xE(e){return $(e,q([3],23))}o(xE,"italic");v.italic=xE;function NE(e){return $(e,q([4],24))}o(NE,"underline");v.underline=NE;function CE(e){return $(e,q([7],27))}o(CE,"inverse");v.inverse=CE;function LE(e){return $(e,q([8],28))}o(LE,"hidden");v.hidden=LE;function DE(e){return $(e,q([9],29))}o(DE,"strikethrough");v.strikethrough=DE;function UE(e){return $(e,q([30],39))}o(UE,"black");v.black=UE;function _h(e){return $(e,q([31],39))}o(_h,"red");v.red=_h;function Eh(e){return $(e,q([32],39))}o(Eh,"green");v.green=Eh;function wh(e){return $(e,q([33],39))}o(wh,"yellow");v.yellow=wh;function vh(e){return $(e,q([34],39))}o(vh,"blue");v.blue=vh;function Th(e){return $(e,q([35],39))}o(Th,"magenta");v.magenta=Th;function Sh(e){return $(e,q([36],39))}o(Sh,"cyan");v.cyan=Sh;function ME(e){return $(e,q([37],39))}o(ME,"white");v.white=ME;function kE(e){return Ih(e)}o(kE,"gray");v.gray=kE;function Ih(e){return $(e,q([90],39))}o(Ih,"brightBlack");v.brightBlack=Ih;function HE(e){return $(e,q([91],39))}o(HE,"brightRed");v.brightRed=HE;function FE(e){return $(e,q([92],39))}o(FE,"brightGreen");v.brightGreen=FE;function qE(e){return $(e,q([93],39))}o(qE,"brightYellow");v.brightYellow=qE;function $E(e){return $(e,q([94],39))}o($E,"brightBlue");v.brightBlue=$E;function jE(e){return $(e,q([95],39))}o(jE,"brightMagenta");v.brightMagenta=jE;function VE(e){return $(e,q([96],39))}o(VE,"brightCyan");v.brightCyan=VE;function GE(e){return $(e,q([97],39))}o(GE,"brightWhite");v.brightWhite=GE;function BE(e){return $(e,q([40],49))}o(BE,"bgBlack");v.bgBlack=BE;function KE(e){return $(e,q([41],49))}o(KE,"bgRed");v.bgRed=KE;function JE(e){return $(e,q([42],49))}o(JE,"bgGreen");v.bgGreen=JE;function zE(e){return $(e,q([43],49))}o(zE,"bgYellow");v.bgYellow=zE;function WE(e){return $(e,q([44],49))}o(WE,"bgBlue");v.bgBlue=WE;function QE(e){return $(e,q([45],49))}o(QE,"bgMagenta");v.bgMagenta=QE;function YE(e){return $(e,q([46],49))}o(YE,"bgCyan");v.bgCyan=YE;function ZE(e){return $(e,q([47],49))}o(ZE,"bgWhite");v.bgWhite=ZE;function XE(e){return $(e,q([100],49))}o(XE,"bgBrightBlack");v.bgBrightBlack=XE;function ew(e){return $(e,q([101],49))}o(ew,"bgBrightRed");v.bgBrightRed=ew;function tw(e){return $(e,q([102],49))}o(tw,"bgBrightGreen");v.bgBrightGreen=tw;function rw(e){return $(e,q([103],49))}o(rw,"bgBrightYellow");v.bgBrightYellow=rw;function nw(e){return $(e,q([104],49))}o(nw,"bgBrightBlue");v.bgBrightBlue=nw;function iw(e){return $(e,q([105],49))}o(iw,"bgBrightMagenta");v.bgBrightMagenta=iw;function ow(e){return $(e,q([106],49))}o(ow,"bgBrightCyan");v.bgBrightCyan=ow;function sw(e){return $(e,q([107],49))}o(sw,"bgBrightWhite");v.bgBrightWhite=sw;function Jt(e,t=255,r=0){return Math.trunc(Math.max(Math.min(e,t),r))}o(Jt,"clampAndTruncate");function aw(e,t){return $(e,q([38,5,Jt(t)],39))}o(aw,"rgb8");v.rgb8=aw;function cw(e,t){return $(e,q([48,5,Jt(t)],49))}o(cw,"bgRgb8");v.bgRgb8=cw;function uw(e,t){return typeof t=="number"?$(e,q([38,2,t>>16&255,t>>8&255,t&255],39)):$(e,q([38,2,Jt(t.r),Jt(t.g),Jt(t.b)],39))}o(uw,"rgb24");v.rgb24=uw;function lw(e,t){return typeof t=="number"?$(e,q([48,2,t>>16&255,t>>8&255,t&255],49)):$(e,q([48,2,Jt(t.r),Jt(t.g),Jt(t.b)],49))}o(lw,"bgRgb24");v.bgRgb24=lw;var dw=new RegExp(["[\\u001B\\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[-a-zA-Z\\d\\/#&.:=?%@~_]*)*)?\\u0007)","(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PR-TZcf-ntqry=><~]))"].join("|"),"g");function pw(e){return e.replace(dw,"")}o(pw,"stripColor");v.stripColor=pw;v.colorFunctions=[_h,Eh,wh,vh,Th,Sh];function hw(e){let t=0,r=e.length,n=0;if(r>0)for(;n<r;)t=(t<<5)-t+e.charCodeAt(n++)|0;return t}o(hw,"hashCode");function fw(e){let t=Math.abs(hw(e));return v.colorFunctions[t%v.colorFunctions.length]}o(fw,"generateColor");v.generateColor=fw});var Ah=g(oo=>{"use strict";Object.defineProperty(oo,"__esModule",{value:!0});oo.format=void 0;function mw(e,t,...r){let n=0,i=r.length,s=String(t).replace(/%[sdjoO%]/g,a=>{if(a==="%%")return"%";if(n>=i)return a;switch(a){case"%s":return String(r[n++]);case"%d":return Number(r[n++]).toString();case"%o":return e(r[n++]).split(`
26
26
  `).map(c=>c.trim()).join(" ");case"%O":return e(r[n++]);case"%j":try{return JSON.stringify(r[n++])}catch{return"[Circular]"}default:return a}});for(let a of r.splice(n))a===null||!(typeof a=="object"&&a!==null)?s+=" "+a:s+=" "+e(a);return s}o(mw,"format");oo.format=mw});var Lh=g(ao=>{"use strict";Object.defineProperty(ao,"__esModule",{value:!0});ao.inspect=void 0;function vr(e,t,r,n){let i={seen:[],stylize:yw,showHidden:t??!1,depth:r??2,colors:n??!1,customInspect:!0};return i.colors&&(i.stylize=bw),so(i,e,i.depth)}o(vr,"inspect");ao.inspect=vr;vr.colors={bold:[1,22],italic:[3,23],underline:[4,24],inverse:[7,27],white:[37,39],grey:[90,39],black:[30,39],blue:[34,39],cyan:[36,39],green:[32,39],magenta:[35,39],red:[31,39],yellow:[33,39]};vr.styles={special:"cyan",number:"yellow",boolean:"yellow",undefined:"grey",null:"bold",string:"green",date:"magenta",regexp:"red"};function yw(e,t){return e}o(yw,"stylizeNoColor");function gw(e){return typeof e=="boolean"}o(gw,"isBoolean");function Oh(e){return e===void 0}o(Oh,"isUndefined");function bw(e,t){let r=vr.styles[t];return r?"\x1B["+vr.colors[r][0]+"m"+e+"\x1B["+vr.colors[r][1]+"m":e}o(bw,"stylizeWithColor");function fu(e){return typeof e=="function"}o(fu,"isFunction");function xh(e){return typeof e=="string"}o(xh,"isString");function _w(e){return typeof e=="number"}o(_w,"isNumber");function Nh(e){return e===null}o(Nh,"isNull");function Ch(e,t){return Object.prototype.hasOwnProperty.call(e,t)}o(Ch,"hasOwn");function mu(e){return _u(e)&&Eu(e)==="[object RegExp]"}o(mu,"isRegExp");function _u(e){return typeof e=="object"&&e!==null}o(_u,"isObject");function yu(e){return _u(e)&&(Eu(e)==="[object Error]"||e instanceof Error)}o(yu,"isError");function Rh(e){return _u(e)&&Eu(e)==="[object Date]"}o(Rh,"isDate");function Eu(e){return Object.prototype.toString.call(e)}o(Eu,"objectToString");function Ew(e){let t={};return e.forEach(function(r,n){t[r]=!0}),t}o(Ew,"arrayToHash");function ww(e,t,r,n,i){let s=[];for(let a=0,c=t.length;a<c;++a)Ch(t,String(a))?s.push(bu(e,t,r,n,String(a),!0)):s.push("");return i.forEach(function(a){a.match(/^\d+$/)||s.push(bu(e,t,r,n,a,!0))}),s}o(ww,"formatArray");function gu(e){return"["+Error.prototype.toString.call(e)+"]"}o(gu,"formatError");function so(e,t,r){if(e.customInspect&&t&&fu(t.inspect)&&t.inspect!==vr&&!(t.constructor&&t.constructor.prototype===t)){let d=t.inspect(r,e);return xh(d)||(d=so(e,d,r)),d}let n=vw(e,t);if(n)return n;let i=Object.keys(t),s=Ew(i);try{e.showHidden&&Object.getOwnPropertyNames&&(i=Object.getOwnPropertyNames(t))}catch{}if(yu(t)&&(i.indexOf("message")>=0||i.indexOf("description")>=0))return gu(t);if(i.length===0){if(fu(t)){let d=t.name?": "+t.name:"";return e.stylize("[Function"+d+"]","special")}if(mu(t))return e.stylize(RegExp.prototype.toString.call(t),"regexp");if(Rh(t))return e.stylize(Date.prototype.toString.call(t),"date");if(yu(t))return gu(t)}let a="",c=!1,u=["{","}"];if(Array.isArray(t)&&(c=!0,u=["[","]"]),fu(t)&&(a=" [Function"+(t.name?": "+t.name:"")+"]"),mu(t)&&(a=" "+RegExp.prototype.toString.call(t)),Rh(t)&&(a=" "+Date.prototype.toUTCString.call(t)),yu(t)&&(a=" "+gu(t)),i.length===0&&(!c||t.length==0))return u[0]+a+u[1];if(r<0)return mu(t)?e.stylize(RegExp.prototype.toString.call(t),"regexp"):e.stylize("[Object]","special");e.seen.push(t);let l;return c?l=ww(e,t,r,s,i):l=i.map(function(d){return bu(e,t,r,s,d,c)}),e.seen.pop(),Tw(l,a,u)}o(so,"formatValue");function bu(e,t,r,n,i,s){let a,c,u;u={value:void 0};try{u.value=t[i]}catch{}try{Object.getOwnPropertyDescriptor&&(u=Object.getOwnPropertyDescriptor(t,i)||u)}catch{}if(u.get?u.set?c=e.stylize("[Getter/Setter]","special"):c=e.stylize("[Getter]","special"):u.set&&(c=e.stylize("[Setter]","special")),Ch(n,i)||(a="["+i+"]"),c||(e.seen.indexOf(u.value)<0?(Nh(r)?c=so(e,u.value,null):c=so(e,u.value,r-1),c.indexOf(`
27
27
  `)>-1&&(s?c=c.split(`
28
28
  `).map(function(l){return" "+l}).join(`
@@ -32,7 +32,7 @@
32
32
  `))):c=e.stylize("[Circular]","special")),Oh(a)){if(s&&i.match(/^\d+$/))return c;a=JSON.stringify(""+i),a.match(/^"([a-zA-Z_][a-zA-Z_0-9]*)"$/)?(a=a.substr(1,a.length-2),a=e.stylize(a,"name")):(a=a.replace(/'/g,"\\'").replace(/\\"/g,'"').replace(/(^"|"$)/g,"'"),a=e.stylize(a,"string"))}return a+": "+c}o(bu,"formatProperty");function vw(e,t){if(Oh(t))return e.stylize("undefined","undefined");if(xh(t)){let r="'"+JSON.stringify(t).replace(/^"|"$/g,"").replace(/'/g,"\\'").replace(/\\"/g,'"')+"'";return e.stylize(r,"string")}if(_w(t))return e.stylize(""+t,"number");if(gw(t))return e.stylize(""+t,"boolean");if(Nh(t))return e.stylize("null","null")}o(vw,"formatPrimitive");function Tw(e,t,r){let n=0;return e.reduce(function(s,a){return n++,a.indexOf(`
33
33
  `)>=0&&n++,s+a.replace(/\u001b\[\d\d?m/g,"").length+1},0)>60?r[0]+(t===""?"":t+`
34
34
  `)+" "+e.join(`,
35
- `)+" "+r[1]:r[0]+t+" "+e.join(", ")+" "+r[1]}o(Tw,"reduceToSingleString")});var Dh=g(co=>{"use strict";Object.defineProperty(co,"__esModule",{value:!0});co.format=void 0;var Sw=Ah(),Iw=Lh(),Pw=o((e,...t)=>(0,Sw.format)(Iw.inspect,e,t),"format");co.format=Pw});var Tr=g(zt=>{"use strict";Object.defineProperty(zt,"__esModule",{value:!0});zt.debug=zt.withoutEnv=zt.Debugger=void 0;var Aw=Ph(),Rw=Dh(),uo=class{static{o(this,"Debugger")}manager;ns;color;last;enabled;constructor(t,r){this.manager=t,this.ns=r,this.color=(0,Aw.generateColor)(r),this.last=0,this.enabled=t.enabled.some(n=>n.test(r))}log(...t){if(!this.enabled)return;let r,n=t[0];typeof n=="function"?r=n():r=String(n);let i=Date.now()-(this.last||Date.now());r=(0,Rw.format)(r,...t);let s=`${this.color(this.ns)} ${r} ${this.color(`+${i}ms`)}`;console.log(s),this.last=Date.now()}};zt.Debugger=uo;var lo=class{static{o(this,"DebugManager")}debuggers;enabled;constructor(t){this.debuggers=new Map,this.enabled=t??[]}};function Uh(e){return!e||e.length===0?[]:(e=e.replace(/\s/g,"").replace(/\*/g,".+"),e.split(",").map(t=>new RegExp(`^${t}$`)))}o(Uh,"extract");var ei;function Ow(e){e||(e=[]),typeof e=="string"&&(e=Uh(e)),ei=new lo(e)}o(Ow,"withoutEnv");zt.withoutEnv=Ow;function xw(e){let t=globalThis.DEBUG;ei||(ei=new lo(Uh(t)));let r=new uo(ei,e);return ei.debuggers.set(e,r),Object.assign(r.log.bind(r),{self:r})}o(xw,"debug");zt.debug=xw});var ho=g(Vr=>{"use strict";Object.defineProperty(Vr,"__esModule",{value:!0});Vr.ProblemResponseFormatter=Vr.InternalProblemResponseFormatter=void 0;var Nw=L(),po=class e{static{o(this,"InternalProblemResponseFormatter")}static problemResponseFormat=async t=>{let r=t.problem,n=JSON.stringify(r,null,2);return new Response(n,{status:t.problem.status,statusText:t.statusText,headers:{...t.additionalHeaders,"content-type":"application/problem+json"}})};static setProblemResponseFormat(t){t&&(e.problemResponseFormat=(r,n,i)=>{try{return t(r,n,i)}catch(s){throw new Nw.RuntimeError("Error in custom 'problemResponseFormat'",{cause:s})}})}};Vr.InternalProblemResponseFormatter=po;var wu=class{static{o(this,"ProblemResponseFormatter")}static async format(t,r,n){return await po.problemResponseFormat(t,r,n)}};Vr.ProblemResponseFormatter=wu});var kh=g(fo=>{"use strict";Object.defineProperty(fo,"__esModule",{value:!0});fo.deepFreeze=void 0;function Mh(e){for(let t in e){let r=e[t];r&&typeof r=="object"&&Mh(r)}return Object.freeze(e)}o(Mh,"deepFreeze");fo.deepFreeze=Mh});var He=g(mo=>{"use strict";Object.defineProperty(mo,"__esModule",{value:!0});mo.ZuploRequest=void 0;var Hh=kh(),vu=class e extends Request{static{o(this,"ZuploRequest")}#e=void 0;#t;constructor(t,r){super(t,r);let n=r?.params;n?this.#t=n:t instanceof e?this.#t=t.#t:this.#t={};let i=r?.user;i?this.user=i:t instanceof e&&(this.user=t.user)}get query(){if(this.#e===void 0){let t={},r=new URL(this.url).searchParams;for(let[n,i]of r.entries())t[n]=i;this.#e=t}return(0,Hh.deepFreeze)(this.#e)}get params(){return(0,Hh.deepFreeze)(this.#t)}user};mo.ZuploRequest=vu});var yt=g(ye=>{"use strict";Object.defineProperty(ye,"__esModule",{value:!0});ye.initializeRuntime=ye.invokeOnResponseSendingFinalExtensions=ye.invokeOnResponseSendingExtensions=ye.invokeOnRequestExtensions=ye.plugins=ye.runtimeExtensions=ye.SystemRuntimePlugin=ye.RuntimePlugin=void 0;var Fh=L(),Cw=ho(),Lw=He(),go=class{static{o(this,"RuntimePlugin")}};ye.RuntimePlugin=go;var bo=class extends go{static{o(this,"SystemRuntimePlugin")}async initialize(t){return Promise.resolve()}registerRoutes(t,r){}};ye.SystemRuntimePlugin=bo;ye.runtimeExtensions={};var Tu=[];ye.plugins=Tu;var qh=[],$h=[],jh=[],yo={addPlugin(e){Tu.push(e)},addRequestHook(e){qh.push(e)},addResponseSendingHook(e){$h.push(e)},addResponseSendingFinalHook(e){jh.push(e)}},Dw=o(async(e,t)=>{let r=e;for(let n of qh){let i=await n(r,t);if(i instanceof Lw.ZuploRequest)r=i;else{if(i instanceof Response)return i;throw new Fh.ConfigurationError(`Invalid state - the OnRequest hook must return a ZuploRequest or Response. Received ${typeof r}.`)}}return r},"invokeOnRequestExtensions");ye.invokeOnRequestExtensions=Dw;var Uw=o(async(e,t,r)=>{let n=e;for(let i of $h){let s=await i(e,t,r);if(s instanceof Response)n=s;else throw new Fh.ConfigurationError(`Invalid state - the OnResponseSending hook must return a Response. Received ${typeof n}.`)}return n},"invokeOnResponseSendingExtensions");ye.invokeOnResponseSendingExtensions=Uw;var Mw=o(async(e,t,r)=>{for(let n of jh)await n(e,t,r)},"invokeOnResponseSendingFinalExtensions");ye.invokeOnResponseSendingFinalExtensions=Mw;async function kw(e=()=>Promise.resolve()){await e(yo),ye.runtimeExtensions.value=yo;for(let t of Tu)t instanceof bo&&await t.initialize(yo);Cw.InternalProblemResponseFormatter.setProblemResponseFormat(yo.problemResponseFormat)}o(kw,"initializeRuntime");ye.initializeRuntime=kw});var Su=g(Wt=>{"use strict";Object.defineProperty(Wt,"__esModule",{value:!0});Wt.serialize=Wt.ContentTypes=void 0;Wt.ContentTypes={Json:"application/json",Form:"application/x-www-form-urlencoded"};function Hw(e,t){if(e!==null)return t&&typeof e=="string"?e:typeof e=="object"&&t?.startsWith(Wt.ContentTypes.Form)?new URLSearchParams(e).toString():typeof e=="object"&&t?.startsWith(Wt.ContentTypes.Json)||!t?JSON.stringify(e):e}o(Hw,"serialize");Wt.serialize=Hw});var Nt=g(_o=>{"use strict";Object.defineProperty(_o,"__esModule",{value:!0});_o.Pipeline=void 0;var Iu=Sr(),Vh=yt(),Fw=Su(),Pu=class{static{o(this,"Pipeline")}constructor(t){this.execute=this.#t(t)}execute;#e=(t,r)=>async(n,i)=>{try{return await t(n,i)}catch(s){return i.log.error("Error executing request handler.",s),r.errorHandler(n,i,s)}};#t=({processors:t,gateway:r,handler:n})=>async(i,s)=>{let a=[...t],c=o(async y=>{let w=a.pop();return w?w(i,s,r,c):await this.#e(async S=>{let D=await n(S,s);return qw(D)},r)(y,s)},"nextPipe"),l=await c(i),d=new Iu.ResponseSendingEvent(i,l);s.dispatchEvent(d);let p=Iu.ZuploContextExtensions.getContextExtensions(s),m=p.latestRequest,h;try{h=await d.mutableResponse}catch(y){return s.log.error(y),r.errorHandler(i,s,y)}try{h=await p.onResponseSending(h,m,s)}catch(y){return s.log.error(`Error invoking 'context.onResponseSending' hook: '${y.message}'`,y),r.errorHandler(i,s,y)}try{h=await(0,Vh.invokeOnResponseSendingExtensions)(h,m,s)}catch(y){return s.log.error(`Error invoking 'context.onResponseSending' hook: '${y.message}'`,y),r.errorHandler(i,s,y)}s.dispatchEvent(new Iu.ResponseSentEvent(i,h));try{await p.onResponseSendingFinal(l,m,s)}catch(y){throw s.log.error(`Error invoking 'runtime.onResponseSending' hook: '${y.message}'`,y),y}try{await(0,Vh.invokeOnResponseSendingFinalExtensions)(l,m,s)}catch(y){throw s.log.error(`Error invoking 'runtime.onResponseSending' hook: '${y.message}'`,y),y}return h}};_o.Pipeline=Pu;function qw(e){return e instanceof Response?e:typeof e>"u"?new Response:new Response((0,Fw.serialize)(e),{headers:{"content-type":"application/json"}})}o(qw,"resultToResponse")});var wo=g(Eo=>{"use strict";Object.defineProperty(Eo,"__esModule",{value:!0});Eo.MetricsPlugin=void 0;var $w=yt(),Au=class extends $w.RuntimePlugin{static{o(this,"MetricsPlugin")}};Eo.MetricsPlugin=Au});var Le=g(vo=>{"use strict";Object.defineProperty(vo,"__esModule",{value:!0});vo.SystemLogMap=void 0;var jw=L(),Ru=class e{static{o(this,"SystemLogMap")}static#e=new WeakMap;static getLogger(t){let r=e.#e.get(t);if(!r){let n=`No system logger found for context with requestId '${t.requestId}'`;throw console.error(n),new jw.SystemError(n)}return r}static addLogger(t,r){e.#e.set(t,r)}};vo.SystemLogMap=Ru});var ve=g(To=>{"use strict";Object.defineProperty(To,"__esModule",{value:!0});To.BatchDispatch=void 0;var Ou=class{static{o(this,"BatchDispatch")}constructor(t,r,n,i){this.#t=t,this.#o=r,this.#n=n,this.#r=i}#e=void 0;#t;#r;#n;#i=[];#o;enqueue=t=>{this.#i.push(t),this.#e||(this.#e=new Promise(r=>{setTimeout(()=>{if(this.#i.length>0){let n=[...this.#i];this.#i.length=0,this.#e=void 0,this.#n(n).catch(i=>{this.#r&&this.#r.error(`Uncaught error in BatchDispatcher named '${this.#t}'}`,i.message,i.stack)}).finally(()=>{r()})}},this.#o)}))};waitUntilFlushed=async()=>{if(this.#e)return this.#e}};To.BatchDispatch=Ou});var Bh=g(Io=>{"use strict";Object.defineProperty(Io,"__esModule",{value:!0});Io.EllieMetricsTransport=void 0;var Gh=Le(),Vw=ve(),So=Y(),xu=class{static{o(this,"EllieMetricsTransport")}#e;#t;#r;constructor(t){this.#r=So.Environment.instance.loggingId,this.#e=t,this.#t=new Vw.BatchDispatch("ellie-metrics-transport",10,this.dispatchFunction,Gh.SystemLogMap.getLogger(t))}pushMetrics(t,r){this.#r!==void 0&&(this.#t.enqueue(t),r.waitUntil(this.#t.waitUntilFlushed()))}dispatchFunction=async t=>{if(t.length===0)return;let r,{loggingId:n,remoteLogURL:i,deploymentName:s}=So.Environment.instance,a=t.map(c=>{let u=Object.assign({},c);return delete u.requestContentLength,delete u.responseContentLength,u});if(n&&s&&(r=`${i}/v1-alpha/metrics?loggingId=${encodeURI(n)}&deploymentName=${encodeURI(s)}`),r){let c=await fetch(r,{method:"POST",body:JSON.stringify(a),headers:{"content-type":"application/json","zp-dn":So.Environment.instance.deploymentName??"unknown","user-agent":So.Environment.instance.systemUserAgent}});if(!c.ok){let u=await c.text();Gh.SystemLogMap.getLogger(this.#e).error(`Metrics POST responded ${c.status}: ${c.statusText}`,u)}}}};Io.EllieMetricsTransport=xu});var ot=g(Ir=>{"use strict";Object.defineProperty(Ir,"__esModule",{value:!0});Ir.systemNoVersion=Ir.SystemRouteConfiguration=void 0;var Nu=class{static{o(this,"SystemRouteConfiguration")}constructor({label:t,path:r,methods:n,systemRouteName:i,corsPolicy:s="none"}){this.label=t,this.path=r,this.methods=n,this.corsPolicy=s,this.version=Ir.systemNoVersion.name,this.handler={export:"SYSTEM_IGNORED",module:"SYSTEM_IGNORED"},this.systemRouteName=i}label;path;methods;handler;corsPolicy;version;policies;systemRouteName;raw(){return{}}};Ir.SystemRouteConfiguration=Nu;Ir.systemNoVersion={name:"__system-no-version",pathPrefix:""}});var Qt=g(Po=>{"use strict";Object.defineProperty(Po,"__esModule",{value:!0});Po.metricsProcessor=void 0;var Kh=Xn(),Gw=Sr(),Bw=yt(),Kw=wo(),Jw=Bh(),zw=ot(),Ww=o(async(e,t,r,n)=>{let i=new Date,s=Date.now(),a=await n(e),c=e.headers.get(Kh.RAY_ID_HEADER)??void 0,u=e.headers.get(Kh.TRUE_CLIENT_IP)??void 0,l=t.incomingRequestProperties,d;t.route instanceof zw.SystemRouteConfiguration&&(d=t.route.systemRouteName);let p=Gw.ZuploContextExtensions.getContextExtensions(t).latestRequest,m={timestamp:i,statusCode:a.status,durationMs:Date.now()-s,requestContentLength:e.headers.get("content-length")?Number(e.headers.get("content-length")):void 0,responseContentLength:a.headers.get("content-length")?Number(a.headers.get("content-length")):void 0,routePath:t.route?.path??"SYSTEM_OR_NOT_FOUND",systemRouteName:d,requestId:t.requestId,method:e.method,asn:l.asn,asOrganization:l.asOrganization,colo:l.colo,continent:l.continent,country:l.country,city:l.city,latitude:l.latitude,longitude:l.longitude,rayId:c,instanceId:r.instanceId,userSub:p.user?.sub,clientIp:u},h=[];return h.push(new Jw.EllieMetricsTransport(t)),Bw.plugins.forEach(y=>{if(y instanceof Kw.MetricsPlugin){let w=y.getTransport();h.push(w)}}),h.forEach(y=>{y.pushMetrics(m,t)}),a},"metricsProcessor");Po.metricsProcessor=Ww});var Cu=g(Ao=>{"use strict";Object.defineProperty(Ao,"__esModule",{value:!0});Ao.SystemRouteName=void 0;var Jh;(function(e){e.Build="build-data",e.CorsPreflight="cors-preflight",e.DeveloperPortal="developer-portal",e.DeveloperPortalLegacy="developer-portal-legacy",e.StripePlugin="stripe-plugin",e.EmptyGatewayCatchall="empty-gateway-catchall",e.Ping="ping",e.UnmatchedPath="unmatched-path"})(Jh||(Ao.SystemRouteName=Jh={}))});var Wh=g(zh=>{"use strict";Object.defineProperty(zh,"__esModule",{value:!0})});var Pr=g(Yt=>{"use strict";var Qw=Yt&&Yt.__createBinding||(Object.create?function(e,t,r,n){n===void 0&&(n=r);var i=Object.getOwnPropertyDescriptor(t,r);(!i||("get"in i?!t.__esModule:i.writable||i.configurable))&&(i={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,n,i)}:function(e,t,r,n){n===void 0&&(n=r),e[n]=t[r]}),Qh=Yt&&Yt.__exportStar||function(e,t){for(var r in e)r!=="default"&&!Object.prototype.hasOwnProperty.call(t,r)&&Qw(t,e,r)};Object.defineProperty(Yt,"__esModule",{value:!0});Qh(Cu(),Yt);Qh(Wh(),Yt)});var Yh=g(Ro=>{"use strict";Object.defineProperty(Ro,"__esModule",{value:!0});Ro.registerBuildRoute=void 0;var Yw=Ct(),Zw=Nt(),Xw=Qt(),ev=Pr(),tv=ot(),rv=Le(),nv=Y(),iv=o((e,t)=>{let r=o(async(s,a)=>{let u=new URL(s.url).hostname.toLowerCase();if(!u.endsWith(".zuplo.app")&&!u.endsWith(".zuplo.dev")&&!u.endsWith(".fly.dev")&&!u.endsWith("zuplotest.com")&&u!=="localhost")return Yw.HttpProblems.notFound(s,a);let l=nv.Environment.instance.build,d={buildId:l.BUILD_ID,zuploVersion:l.ZUPLO_VERSION,apiVersion:l.API_VERSION,gitSha:l.GIT_SHA,timestamp:l.TIMESTAMP,isProduction:l.IS_PRODUCTION},p=s.url.toString().split("?");return p.length>0&&new URLSearchParams(p[1]).get("system_log")==="true"&&rv.SystemLogMap.getLogger(a).error("Test System Log",d),new Response(JSON.stringify(d,null,2),{status:200,headers:{"content-type":"application/json"}})},"buildRouteHandler"),n=new Zw.Pipeline({processors:[Xw.metricsProcessor],handler:r,gateway:t}),i=new tv.SystemRouteConfiguration({label:"SYSTEM_BUILD_ROUTE",methods:["GET"],path:"/__zuplo/build",systemRouteName:ev.SystemRouteName.Build});e.addRoute(i,n.execute)},"registerBuildRoute");Ro.registerBuildRoute=iv});var Lu=g(Gr=>{"use strict";Object.defineProperty(Gr,"__esModule",{value:!0});Gr.HTTP_STATUS_TITLES=Gr.HttpStatusCode=void 0;var Zh;(function(e){e[e.CONTINUE=100]="CONTINUE",e[e.SWITCHING_PROTOCOLS=101]="SWITCHING_PROTOCOLS",e[e.PROCESSING=102]="PROCESSING",e[e.EARLY_HINTS=103]="EARLY_HINTS",e[e.OK=200]="OK",e[e.CREATED=201]="CREATED",e[e.ACCEPTED=202]="ACCEPTED",e[e.NON_AUTHORITATIVE_INFORMATION=203]="NON_AUTHORITATIVE_INFORMATION",e[e.NO_CONTENT=204]="NO_CONTENT",e[e.RESET_CONTENT=205]="RESET_CONTENT",e[e.PARTIAL_CONTENT=206]="PARTIAL_CONTENT",e[e.MULTI_STATUS=207]="MULTI_STATUS",e[e.ALREADY_REPORTED=208]="ALREADY_REPORTED",e[e.IM_USED=226]="IM_USED",e[e.MULTIPLE_CHOICES=300]="MULTIPLE_CHOICES",e[e.MOVED_PERMANENTLY=301]="MOVED_PERMANENTLY",e[e.FOUND=302]="FOUND",e[e.SEE_OTHER=303]="SEE_OTHER",e[e.NOT_MODIFIED=304]="NOT_MODIFIED",e[e.USE_PROXY=305]="USE_PROXY",e[e.SWITCH_PROXY=306]="SWITCH_PROXY",e[e.TEMPORARY_REDIRECT=307]="TEMPORARY_REDIRECT",e[e.PERMANENT_REDIRECT=308]="PERMANENT_REDIRECT",e[e.BAD_REQUEST=400]="BAD_REQUEST",e[e.UNAUTHORIZED=401]="UNAUTHORIZED",e[e.PAYMENT_REQUIRED=402]="PAYMENT_REQUIRED",e[e.FORBIDDEN=403]="FORBIDDEN",e[e.NOT_FOUND=404]="NOT_FOUND",e[e.METHOD_NOT_ALLOWED=405]="METHOD_NOT_ALLOWED",e[e.NOT_ACCEPTABLE=406]="NOT_ACCEPTABLE",e[e.PROXY_AUTHENTICATION_REQUIRED=407]="PROXY_AUTHENTICATION_REQUIRED",e[e.REQUEST_TIMEOUT=408]="REQUEST_TIMEOUT",e[e.CONFLICT=409]="CONFLICT",e[e.GONE=410]="GONE",e[e.LENGTH_REQUIRED=411]="LENGTH_REQUIRED",e[e.PRECONDITION_FAILED=412]="PRECONDITION_FAILED",e[e.CONTENT_TOO_LARGE=413]="CONTENT_TOO_LARGE",e[e.PAYLOAD_TOO_LARGE=413]="PAYLOAD_TOO_LARGE",e[e.URI_TOO_LONG=414]="URI_TOO_LONG",e[e.UNSUPPORTED_MEDIA_TYPE=415]="UNSUPPORTED_MEDIA_TYPE",e[e.RANGE_NOT_SATISFIABLE=416]="RANGE_NOT_SATISFIABLE",e[e.EXPECTATION_FAILED=417]="EXPECTATION_FAILED",e[e.I_AM_A_TEAPOT=418]="I_AM_A_TEAPOT",e[e.MISDIRECTED_REQUEST=421]="MISDIRECTED_REQUEST",e[e.UNPROCESSABLE_ENTITY=422]="UNPROCESSABLE_ENTITY",e[e.UNPROCESSABLE_CONTENT=422]="UNPROCESSABLE_CONTENT",e[e.LOCKED=423]="LOCKED",e[e.FAILED_DEPENDENCY=424]="FAILED_DEPENDENCY",e[e.TOO_EARLY=425]="TOO_EARLY",e[e.UPGRADE_REQUIRED=426]="UPGRADE_REQUIRED",e[e.PRECONDITION_REQUIRED=428]="PRECONDITION_REQUIRED",e[e.TOO_MANY_REQUESTS=429]="TOO_MANY_REQUESTS",e[e.REQUEST_HEADER_FIELDS_TOO_LARGE=431]="REQUEST_HEADER_FIELDS_TOO_LARGE",e[e.UNAVAILABLE_FOR_LEGAL_REASONS=451]="UNAVAILABLE_FOR_LEGAL_REASONS",e[e.INTERNAL_SERVER_ERROR=500]="INTERNAL_SERVER_ERROR",e[e.NOT_IMPLEMENTED=501]="NOT_IMPLEMENTED",e[e.BAD_GATEWAY=502]="BAD_GATEWAY",e[e.SERVICE_UNAVAILABLE=503]="SERVICE_UNAVAILABLE",e[e.GATEWAY_TIMEOUT=504]="GATEWAY_TIMEOUT",e[e.HTTP_VERSION_NOT_SUPPORTED=505]="HTTP_VERSION_NOT_SUPPORTED",e[e.VARIANT_ALSO_NEGOTIATES=506]="VARIANT_ALSO_NEGOTIATES",e[e.INSUFFICIENT_STORAGE=507]="INSUFFICIENT_STORAGE",e[e.LOOP_DETECTED=508]="LOOP_DETECTED",e[e.NOT_EXTENDED=510]="NOT_EXTENDED",e[e.NETWORK_AUTHENTICATION_REQUIRED=511]="NETWORK_AUTHENTICATION_REQUIRED"})(Zh||(Gr.HttpStatusCode=Zh={}));Gr.HTTP_STATUS_TITLES={100:"Continue",101:"Switching Protocols",102:"Processing",103:"Early Hints",200:"OK",201:"Created",202:"Accepted",203:"Non-Authoritative Information",204:"No Content",205:"Reset Content",206:"Partial Content",207:"Multi-Status",208:"Already Reported",226:"IM Used",300:"Multiple Choices",301:"Moved Permanently",302:"Found",303:"See Other",304:"Not Modified",305:"Use Proxy",306:"Switch Proxy",307:"Temporary Redirect",308:"Permanent Redirect",400:"Bad Request",401:"Unauthorized",402:"Payment Required",403:"Forbidden",404:"Not Found",405:"Method Not Allowed",406:"Not Acceptable",407:"Proxy Authentication Required",408:"Request Timeout",409:"Conflict",410:"Gone",411:"Length Required",412:"Precondition Failed",413:"Content Too Large",414:"URI Too Long",415:"Unsupported Media Type",416:"Range Not Satisfiable",417:"Expectation Failed",418:"I'm a teapot",421:"Misdirected Request",422:"Unprocessable Content",423:"Locked",424:"Failed Dependency",425:"Too Early",426:"Upgrade Required",428:"Precondition Required",429:"Too Many Requests",431:"Request Header Fields Too Large",451:"Unavailable For Legal Reasons",500:"Internal Server Error",501:"Not Implemented",502:"Bad Gateway",503:"Service Unavailable",504:"Gateway Timeout",505:"HTTP Version Not Supported",506:"Variant Also Negotiates",507:"Insufficient Storage",508:"Loop Detected",510:"Not Extended",511:"Network Authentication Required"}});var Uu=g(Du=>{"use strict";Object.defineProperty(Du,"__esModule",{value:!0});var ov={100:"Continue",101:"Switching Protocols",102:"Processing",103:"Early Hints",200:"OK",201:"Created",202:"Accepted",203:"Non-Authoritative Information",204:"No Content",205:"Reset Content",206:"Partial Content",207:"Multi-Status",208:"Already Reported",226:"IM Used",300:"Multiple Choices",301:"Moved Permanently",302:"Found",303:"See Other",304:"Not Modified",305:"Use Proxy",307:"Temporary Redirect",308:"Permanent Redirect",400:"Bad Request",401:"Unauthorized",402:"Payment Required",403:"Forbidden",404:"Not Found",405:"Method Not Allowed",406:"Not Acceptable",407:"Proxy Authentication Required",408:"Request Timeout",409:"Conflict",410:"Gone",411:"Length Required",412:"Precondition Failed",413:"Payload Too Large",414:"URI Too Long",415:"Unsupported Media Type",416:"Range Not Satisfiable",417:"Expectation Failed",418:"I'm a Teapot",421:"Misdirected Request",422:"Unprocessable Entity",423:"Locked",424:"Failed Dependency",425:"Too Early",426:"Upgrade Required",428:"Precondition Required",429:"Too Many Requests",431:"Request Header Fields Too Large",451:"Unavailable For Legal Reasons",500:"Internal Server Error",501:"Not Implemented",502:"Bad Gateway",503:"Service Unavailable",504:"Gateway Timeout",505:"HTTP Version Not Supported",506:"Variant Also Negotiates",507:"Insufficient Storage",508:"Loop Detected",509:"Bandwidth Limit Exceeded",510:"Not Extended",511:"Network Authentication Required"};Du.default=ov});var se=g(Br=>{"use strict";var sv=Br&&Br.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(Br,"__esModule",{value:!0});Br.HttpProblems=void 0;var av=Xn(),O=Lu(),cv=sv(Uu()),uv=Y(),Mu=ho();function lv(e){return`${new URL(e.url).pathname}`}o(lv,"instance");function dv(e,t){let r={timestamp:new Date().toISOString(),requestId:t.requestId,buildId:uv.Environment.instance.build.BUILD_ID},n=e.headers.get(av.RAY_ID_HEADER);return n&&(r.rayId=n),r}o(dv,"trace");var pv=o((e,t,r,n,i)=>({problem:{type:e.type,title:e.title,status:e.status,detail:e.detail,instance:lv(t),trace:dv(t,r),...n},additionalHeaders:i,statusText:cv.default[e.status]}),"merge"),ku=class{static{o(this,"HttpProblemsBase")}static format=(t,r,n)=>"problem"in t?Mu.ProblemResponseFormatter.format(t,r,n):Mu.ProblemResponseFormatter.format({problem:t},r,n);static getProblemFromStatus(t,r){return{type:`https://httpproblems.com/http-status/${t}`,status:t,title:O.HTTP_STATUS_TITLES[t],...r}}},Hu=class extends ku{static{o(this,"HttpProblems")}static#e(t,r,n,i,s){let a=pv(this.getProblemFromStatus(t),r,n,i,s);return Mu.ProblemResponseFormatter.format(a,r,n)}static continue=(t,r,n,i)=>this.#e(O.HttpStatusCode.OK,t,r,n,i);static switchingProtocols=(t,r,n,i)=>this.#e(O.HttpStatusCode.SWITCHING_PROTOCOLS,t,r,n,i);static processing=(t,r,n,i)=>this.#e(O.HttpStatusCode.PROCESSING,t,r,n,i);static earlyHints=(t,r,n,i)=>this.#e(O.HttpStatusCode.EARLY_HINTS,t,r,n,i);static ok=(t,r,n,i)=>this.#e(O.HttpStatusCode.OK,t,r,n,i);static created=(t,r,n,i)=>this.#e(O.HttpStatusCode.CREATED,t,r,n,i);static accepted=(t,r,n,i)=>this.#e(O.HttpStatusCode.ACCEPTED,t,r,n,i);static nonAuthoritativeInformation=(t,r,n,i)=>this.#e(O.HttpStatusCode.NON_AUTHORITATIVE_INFORMATION,t,r,n,i);static noContent=(t,r,n,i)=>this.#e(O.HttpStatusCode.NO_CONTENT,t,r,n,i);static resetContent=(t,r,n,i)=>this.#e(O.HttpStatusCode.RESET_CONTENT,t,r,n,i);static partialContent=(t,r,n,i)=>this.#e(O.HttpStatusCode.PARTIAL_CONTENT,t,r,n,i);static multiStatus=(t,r,n,i)=>this.#e(O.HttpStatusCode.MULTI_STATUS,t,r,n,i);static alreadyReported=(t,r,n,i)=>this.#e(O.HttpStatusCode.ALREADY_REPORTED,t,r,n,i);static imUsed=(t,r,n,i)=>this.#e(O.HttpStatusCode.IM_USED,t,r,n,i);static multipleChoices=(t,r,n,i)=>this.#e(O.HttpStatusCode.MULTIPLE_CHOICES,t,r,n,i);static movedPermanently=(t,r,n,i)=>this.#e(O.HttpStatusCode.MOVED_PERMANENTLY,t,r,n,i);static found=(t,r,n,i)=>this.#e(O.HttpStatusCode.FOUND,t,r,n,i);static seeOther=(t,r,n,i)=>this.#e(O.HttpStatusCode.SEE_OTHER,t,r,n,i);static notModified=(t,r,n,i)=>this.#e(O.HttpStatusCode.NOT_MODIFIED,t,r,n,i);static useProxy=(t,r,n,i)=>this.#e(O.HttpStatusCode.USE_PROXY,t,r,n,i);static switchProxy=(t,r,n,i)=>this.#e(O.HttpStatusCode.SWITCH_PROXY,t,r,n,i);static temporaryRedirect=(t,r,n,i)=>this.#e(O.HttpStatusCode.TEMPORARY_REDIRECT,t,r,n,i);static permanentRedirect=(t,r,n,i)=>this.#e(O.HttpStatusCode.PERMANENT_REDIRECT,t,r,n,i);static badRequest=(t,r,n,i)=>this.#e(O.HttpStatusCode.BAD_REQUEST,t,r,n,i);static unauthorized=(t,r,n,i)=>this.#e(O.HttpStatusCode.UNAUTHORIZED,t,r,n,i);static paymentRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.PAYMENT_REQUIRED,t,r,n,i);static forbidden=(t,r,n,i)=>this.#e(O.HttpStatusCode.FORBIDDEN,t,r,n,i);static notFound=(t,r,n,i)=>this.#e(O.HttpStatusCode.NOT_FOUND,t,r,n,i);static methodNotAllowed=(t,r,n,i)=>this.#e(O.HttpStatusCode.METHOD_NOT_ALLOWED,t,r,n,i);static notAcceptable=(t,r,n,i)=>this.#e(O.HttpStatusCode.NOT_ACCEPTABLE,t,r,n,i);static proxyAuthenticationRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.PROXY_AUTHENTICATION_REQUIRED,t,r,n,i);static requestTimeout=(t,r,n,i)=>this.#e(O.HttpStatusCode.REQUEST_TIMEOUT,t,r,n,i);static conflict=(t,r,n,i)=>this.#e(O.HttpStatusCode.CONFLICT,t,r,n,i);static gone=(t,r,n,i)=>this.#e(O.HttpStatusCode.GONE,t,r,n,i);static lengthRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.LENGTH_REQUIRED,t,r,n,i);static preconditionFailed=(t,r,n,i)=>this.#e(O.HttpStatusCode.PRECONDITION_FAILED,t,r,n,i);static contentTooLarge=(t,r,n,i)=>this.#e(O.HttpStatusCode.CONTENT_TOO_LARGE,t,r,n,i);static uriTooLong=(t,r,n,i)=>this.#e(O.HttpStatusCode.URI_TOO_LONG,t,r,n,i);static unsupportedMediaType=(t,r,n,i)=>this.#e(O.HttpStatusCode.UNSUPPORTED_MEDIA_TYPE,t,r,n,i);static rangeNotSatisfiable=(t,r,n,i)=>this.#e(O.HttpStatusCode.RANGE_NOT_SATISFIABLE,t,r,n,i);static expectationFailed=(t,r,n,i)=>this.#e(O.HttpStatusCode.EXPECTATION_FAILED,t,r,n,i);static imATeapot=(t,r,n,i)=>this.#e(O.HttpStatusCode.I_AM_A_TEAPOT,t,r,n,i);static misdirectedRequest=(t,r,n,i)=>this.#e(O.HttpStatusCode.MISDIRECTED_REQUEST,t,r,n,i);static unprocessableContent=(t,r,n,i)=>this.#e(O.HttpStatusCode.UNPROCESSABLE_CONTENT,t,r,n,i);static locked=(t,r,n,i)=>this.#e(O.HttpStatusCode.LOCKED,t,r,n,i);static failedDependency=(t,r,n,i)=>this.#e(O.HttpStatusCode.FAILED_DEPENDENCY,t,r,n,i);static tooEarly=(t,r,n,i)=>this.#e(O.HttpStatusCode.TOO_EARLY,t,r,n,i);static upgradeRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.UPGRADE_REQUIRED,t,r,n,i);static preconditionRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.PRECONDITION_REQUIRED,t,r,n,i);static tooManyRequests=(t,r,n,i)=>this.#e(O.HttpStatusCode.TOO_MANY_REQUESTS,t,r,n,i);static requestHeaderFieldsTooLarge=(t,r,n,i)=>this.#e(O.HttpStatusCode.REQUEST_HEADER_FIELDS_TOO_LARGE,t,r,n,i);static unavailableForLegalReasons=(t,r,n,i)=>this.#e(O.HttpStatusCode.UNAVAILABLE_FOR_LEGAL_REASONS,t,r,n,i);static internalServerError=(t,r,n,i)=>this.#e(O.HttpStatusCode.INTERNAL_SERVER_ERROR,t,r,n,i);static notImplemented=(t,r,n,i)=>this.#e(O.HttpStatusCode.NOT_IMPLEMENTED,t,r,n,i);static badGateway=(t,r,n,i)=>this.#e(O.HttpStatusCode.BAD_GATEWAY,t,r,n,i);static serviceUnavailable=(t,r,n,i)=>this.#e(O.HttpStatusCode.SERVICE_UNAVAILABLE,t,r,n,i);static gatewayTimeout=(t,r,n,i)=>this.#e(O.HttpStatusCode.GATEWAY_TIMEOUT,t,r,n,i);static httpVersionNotSupported=(t,r,n,i)=>this.#e(O.HttpStatusCode.HTTP_VERSION_NOT_SUPPORTED,t,r,n,i);static variantAlsoNegotiates=(t,r,n,i)=>this.#e(O.HttpStatusCode.VARIANT_ALSO_NEGOTIATES,t,r,n,i);static insufficientStorage=(t,r,n,i)=>this.#e(O.HttpStatusCode.INSUFFICIENT_STORAGE,t,r,n,i);static loopDetected=(t,r,n,i)=>this.#e(O.HttpStatusCode.LOOP_DETECTED,t,r,n,i);static notExtended=(t,r,n,i)=>this.#e(O.HttpStatusCode.NOT_EXTENDED,t,r,n,i);static networkAuthenticationRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.NETWORK_AUTHENTICATION_REQUIRED,t,r,n,i)};Br.HttpProblems=Hu});var Lt=g(M=>{"use strict";Object.defineProperty(M,"__esModule",{value:!0});M.isErrorLike=M.withUndefinedAsNull=M.withNullAsUndefined=M.validateConstraint=M.validateConstraints=M.areFunctions=M.isFunction=M.isEmptyObject=M.assertAllDefined=M.assertIsDefined=M.assertType=M.isUndefinedOrNull=M.isDefined=M.isUndefined=M.isBoolean=M.isIterable=M.isNumber=M.isTypedArray=M.isArray=M.isObject=M.getOwnEnumerableKeys=M.isRegexp=M.isStringArray=M.isNonEmptyString=M.isString=M.toString=void 0;var{toString:hv}=Object.prototype,{propertyIsEnumerable:fv}=Object.prototype;function Xh(e){return hv.call(e)}o(Xh,"toString");M.toString=Xh;function Oo(e){return typeof e=="string"}o(Oo,"isString");M.isString=Oo;function mv(e){return Oo(e)&&e!==""}o(mv,"isNonEmptyString");M.isNonEmptyString=mv;function yv(e){return Array.isArray(e)&&e.every(t=>Oo(t))}o(yv,"isStringArray");M.isStringArray=yv;function gv(e){return Xh(e)==="[object RegExp]"}o(gv,"isRegexp");M.isRegexp=gv;function bv(e){return[...Object.keys(e),...Object.getOwnPropertySymbols(e).filter(t=>fv.call(e,t))]}o(bv,"getOwnEnumerableKeys");M.getOwnEnumerableKeys=bv;function Fu(e){return typeof e=="object"&&e!==null&&!Array.isArray(e)&&!(e instanceof RegExp)&&!(e instanceof Date)}o(Fu,"isObject");M.isObject=Fu;function _v(e){return Fu(e)&&Array.isArray(e)}o(_v,"isArray");M.isArray=_v;function Ev(e){let t=Object.getPrototypeOf(Uint8Array);return typeof e=="object"&&e instanceof t}o(Ev,"isTypedArray");M.isTypedArray=Ev;function wv(e){return typeof e=="number"&&!isNaN(e)}o(wv,"isNumber");M.isNumber=wv;function vv(e){return!!e&&typeof e[Symbol.iterator]=="function"}o(vv,"isIterable");M.isIterable=vv;function Tv(e){return e===!0||e===!1}o(Tv,"isBoolean");M.isBoolean=Tv;function ef(e){return typeof e>"u"}o(ef,"isUndefined");M.isUndefined=ef;function Sv(e){return!ti(e)}o(Sv,"isDefined");M.isDefined=Sv;function ti(e){return ef(e)||e===null}o(ti,"isUndefinedOrNull");M.isUndefinedOrNull=ti;function Iv(e,t){if(!e)throw new Error(t?`Unexpected type, expected '${t}'`:"Unexpected type")}o(Iv,"assertType");M.assertType=Iv;function Pv(e){if(ti(e))throw new Error("Assertion Failed: argument is undefined or null");return e}o(Pv,"assertIsDefined");M.assertIsDefined=Pv;function Av(...e){let t=[];for(let r=0;r<e.length;r++){let n=e[r];if(ti(n))throw new Error(`Assertion Failed: argument at index ${r} is undefined or null`);t.push(n)}return t}o(Av,"assertAllDefined");M.assertAllDefined=Av;var Rv=Object.prototype.hasOwnProperty;function Ov(e){if(!Fu(e))return!1;for(let t in e)if(Rv.call(e,t))return!1;return!0}o(Ov,"isEmptyObject");M.isEmptyObject=Ov;function qu(e){return typeof e=="function"}o(qu,"isFunction");M.isFunction=qu;function xv(...e){return e.length>0&&e.every(qu)}o(xv,"areFunctions");M.areFunctions=xv;function Nv(e,t){let r=Math.min(e.length,t.length);for(let n=0;n<r;n++)tf(e[n],t[n])}o(Nv,"validateConstraints");M.validateConstraints=Nv;function tf(e,t){if(Oo(t)){if(typeof e!==t)throw new Error(`argument does not match constraint: typeof ${t}`)}else if(qu(t)){try{if(e instanceof t)return}catch{}if(!ti(e)&&e.constructor===t||t.length===1&&t.call(void 0,e)===!0)return;throw new Error("argument does not match one of these constraints: arg instanceof constraint, arg.constructor === constraint, nor constraint(arg) === true")}}o(tf,"validateConstraint");M.validateConstraint=tf;function Cv(e){return e===null?void 0:e}o(Cv,"withNullAsUndefined");M.withNullAsUndefined=Cv;function Lv(e){return typeof e>"u"?null:e}o(Lv,"withUndefinedAsNull");M.withUndefinedAsNull=Lv;function Dv(e){return!!e&&typeof e=="object"&&"name"in e&&"message"in e&&"stack"in e}o(Dv,"isErrorLike");M.isErrorLike=Dv});var ri=g(gt=>{"use strict";Object.defineProperty(gt,"__esModule",{value:!0});gt.parseValueToBoolean=gt.parseValueToStringArray=gt.getValueFromRequestUser=gt.statusCodesStringToNumberArray=void 0;var Kr=L(),$u=Lt(),rf=new Map;function Uv(e){if(typeof e!="string")throw new Error("Input must be a string");if(!/^\d+(?:-\d+)?(?:,\s*\d+(?:-\d+)?)*$/.test(e))throw new Error("Malformed input string");let t=rf.get(e);if(t)return t;let r=e.split(","),n=[];for(let i of r){let s=i.split("-");if(s.length===2){let a=parseInt(s[0],10),c=parseInt(s[1],10);for(let u=a;u<=c;u++)n.push(u)}else n.push(parseInt(i,10))}return rf.set(e,n),n}o(Uv,"statusCodesStringToNumberArray");gt.statusCodesStringToNumberArray=Uv;function Mv(e,t,r){if(!t.startsWith("."))throw new Kr.ConfigurationError(`Invalid ${r} - must start with '.' - '${t}' does not`);let n=t.split(".").splice(1),i=e;return n.forEach(s=>{if(i===void 0)throw new Kr.RuntimeError(`Error applying ${r} '${t}', reading '${s}'`);i=i[s]}),`${i}`}o(Mv,"getValueFromRequestUser");gt.getValueFromRequestUser=Mv;function kv(e){if(Array.isArray(e)){if(e.includes(r=>typeof r!="string"))throw new Kr.ConfigurationError("Received an array that contains non-string values.");return e}if((0,$u.isString)(e))return e.includes(",")?e.split(",").map(r=>r.trim()).filter(r=>r!==","&&r!==""):[e];throw new Kr.ConfigurationError(`Expected type of string, received type '${typeof e}'`)}o(kv,"parseValueToStringArray");gt.parseValueToStringArray=kv;function Hv(e){if((0,$u.isBoolean)(e))return e;if((0,$u.isString)(e)){if(e.toLowerCase()==="true")return!0;if(e.toLowerCase()==="false")return!1;throw new Kr.ConfigurationError(`Attempted to parse string to boolean, but received ${e} which cannot be parsed.`)}throw new Kr.ConfigurationError(`Expected type of boolean, received type '${typeof e}'`)}o(Hv,"parseValueToBoolean");gt.parseValueToBoolean=Hv});var No=g(Zt=>{"use strict";Object.defineProperty(Zt,"__esModule",{value:!0});Zt.generateCorsHeaders=Zt.findMatchingOrigin=Zt.parseCorsPolicies=void 0;var Ar=L(),nf=ri(),xo=Lt();function Fv(e){if(e==null)return[];if(!Array.isArray(e))throw new Ar.ConfigurationError(`Invalid corsPolicy configuration. Expected an array of objects, received '${typeof e}'`);return e.map(r=>{if(!(0,xo.isObject)(r))throw new Ar.ConfigurationError(`Invalid custom cors policy is set. Expected an object, received '${typeof r}'`);if(!(0,xo.isNonEmptyString)(r.name))throw new Ar.ConfigurationError("Value of 'name' on custom cors policies must be a non-empty string.");if(r.maxAge!==void 0&&!(0,xo.isNumber)(r.maxAge))throw new Ar.ConfigurationError(`Value of 'maxAge' on custom cors policies must be a non-empty string. Received type '${typeof r.maxAge}'`);if(r.allowCredentials!==void 0&&!(0,xo.isBoolean)(r.allowCredentials))throw new Ar.ConfigurationError("Value of 'allowCredentials' on custom cors policies must be a boolean or not be set. If using an environment variable, check that it is set correctly.");let n=ju(r,"allowedHeaders"),i=ju(r,"allowedMethods"),s=ju(r,"exposeHeaders"),a;try{a=(0,nf.parseValueToStringArray)(r.allowedOrigins)}catch(u){throw new Ar.ConfigurationError(`Value of 'allowedOrigins' on custom cors policies is invalid. ${u.message} If using an environment variable, check that it is set correctly.`)}return{name:r.name,allowCredentials:typeof r.allowCredentials=="boolean"?String(r.allowCredentials):void 0,allowedOrigins:a,allowedHeaders:n?n.join(", "):void 0,allowedMethods:i?i.join(", "):void 0,exposeHeaders:s?s.join(", "):void 0,maxAge:typeof r.maxAge=="number"?r.maxAge.toString():void 0}})}o(Fv,"parseCorsPolicies");Zt.parseCorsPolicies=Fv;function ju(e,t){let r;if(e[t]!==void 0)try{r=(0,nf.parseValueToStringArray)(e[t])}catch(n){throw new Ar.ConfigurationError(`Value of '${t}' on custom cors policies is invalid. ${n.message} If using an environment variable, check that it is set correctly.`)}return r}o(ju,"parseOptionalProperty");var qv=o((e,t)=>{if(t===null)return;if(e.find(a=>a==="*"))return t;let n=e.map(a=>a.trim().toLowerCase()),i=t.toLowerCase();return n.find(a=>a===i)},"findMatchingOrigin");Zt.findMatchingOrigin=qv;var $v=o((e,t)=>{let r={"access-control-allow-origin":t};e.allowedHeaders&&(r["access-control-allow-headers"]=e.allowedHeaders),e.allowedMethods&&(r["access-control-allow-methods"]=e.allowedMethods),e.exposeHeaders&&(r["access-control-expose-headers"]=e.exposeHeaders);let n=e.allowCredentials;n&&(r["access-control-allow-credentials"]=n);let i=e.maxAge?.toString()??void 0;return i&&(r["access-control-max-age"]=i),r},"generateCorsHeaders");Zt.generateCorsHeaders=$v});var sf=g(Co=>{"use strict";Object.defineProperty(Co,"__esModule",{value:!0});Co.registerCorsRoute=void 0;var jv=L(),Vv=Nt(),Vu=se(),Gv=Qt(),Bv=Pr(),Kv=ot(),of=No(),Jv=o((e,t)=>{let r=t.routeData.corsPolicies,n=o(async(a,c)=>{let u=new URL(a.url.toString()).pathname,l=a.headers.get("access-control-request-method"),d=a.headers.get("access-control-request-headers"),p=a.headers.get("origin");if(p===null||l===null)return Vu.HttpProblems.badRequest(a,c,{detail:"Expect headers origin and access-control-request-method"});let m=e.lookup(l,u);if(!m)return Vu.HttpProblems.notFound(a,c);let h=m.routeConfiguration,y=zv(l,d,p,h,r);return y.isValid?new Response(void 0,{status:200,statusText:"OK",headers:y.headers}):(y.error&&c.log.warn(y.error),Vu.HttpProblems.notFound(a,c))},"optionsHandler"),i=new Vv.Pipeline({processors:[Gv.metricsProcessor],handler:n,gateway:t}),s=new Kv.SystemRouteConfiguration({label:"SYSTEM_CORS_ROUTE",methods:["OPTIONS"],path:"/(.*)",systemRouteName:Bv.SystemRouteName.CorsPreflight});e.addRoute(s,i.execute)},"registerCorsRoute");Co.registerCorsRoute=Jv;var zv=o((e,t,r,n,i)=>{let s={isValid:!1,headers:{}};if(n.corsPolicy==="anything-goes")return{isValid:!0,headers:{"access-control-allow-origin":r,"access-control-allow-methods":e,"access-control-allow-headers":t??"*","access-control-expose-headers":"*","access-control-allow-credentials":"true","access-control-max-age":"600"}};if(n.corsPolicy==="none")return{...s,error:`No CORS policy set for the route '${n.pathPattern}'`};let a=i?.find(l=>l.name===n.corsPolicy);if(!a)throw new jv.ConfigurationError(`Invalid Configuration - corsPolicy '${n.corsPolicy}' not found in *.oas.json 'corsPolicies' section.`);let c=(0,of.findMatchingOrigin)(a.allowedOrigins,r);return c?{isValid:!0,headers:(0,of.generateCorsHeaders)(a,c)}:{...s,error:`The CORS policy '${a.name}' does not allow the origin '${r}'`}},"validateAndBuildResponseHeaders")});var af=g(Lo=>{"use strict";Object.defineProperty(Lo,"__esModule",{value:!0});Lo.registerNoRoutes=void 0;var Wv=Nt(),Qv=Qt(),Yv=Pr(),Zv=ot(),Xv=o((e,t)=>{let r=o(async()=>new Response("You have no routes. Add a route in routes.oas.json to get started",{status:200}),"noRoutesHandler"),n=new Wv.Pipeline({processors:[Qv.metricsProcessor],handler:r,gateway:t}),i=new Zv.SystemRouteConfiguration({label:"SYSTEM_NO_ROUTES",methods:["CONNECT","DELETE","GET","HEAD","OPTIONS","PATCH","POST","PUT","TRACE"],path:"/(.*)",systemRouteName:Yv.SystemRouteName.EmptyGatewayCatchall});e.addRoute(i,n.execute)},"registerNoRoutes");Lo.registerNoRoutes=Xv});var cf=g(Rr=>{"use strict";Object.defineProperty(Rr,"__esModule",{value:!0});Rr.registerNotMatchedHandler=Rr.notFoundRouteConfiguration=void 0;var eT=Sr(),tT=yt(),rT=Nt(),nT=se(),iT=Qt(),oT=Pr(),sT=ot();Rr.notFoundRouteConfiguration=new sT.SystemRouteConfiguration({label:"SYSTEM_NOT_FOUND_ROUTE",methods:["CONNECT","DELETE","GET","HEAD","OPTIONS","PATCH","POST","PUT","TRACE"],path:"/(.*)",systemRouteName:oT.SystemRouteName.UnmatchedPath});var aT=o((e,t)=>{let r=o(async(i,s)=>{let a=tT.runtimeExtensions.value?.notFoundHandler;if(a){let c=eT.ZuploContextExtensions.getContextExtensions(s);return a(i,s,{routesMatchedByPathOnly:c.pathOnlyMatches??[]})}return nT.HttpProblems.notFound(i,s)},"notFoundHandler"),n=new rT.Pipeline({processors:[iT.metricsProcessor],handler:r,gateway:t});e.addRoute(Rr.notFoundRouteConfiguration,n.execute)},"registerNotMatchedHandler");Rr.registerNotMatchedHandler=aT});var Gu=g(Do=>{"use strict";Object.defineProperty(Do,"__esModule",{value:!0});Do.corsProcessor=void 0;var df=L(),uf=No(),cT=["access-control-allow-origin","access-control-allow-headers","access-control-expose-headers","access-control-allow-credentials","access-control-max-age"],lf=o(e=>{cT.forEach(t=>e.delete(t))},"stripCorsHeaders"),uT=o(async(e,t,r,n)=>{let i=t.route;if(!i.corsPolicy||i.corsPolicy==="none"){let d=await n(e),p=new Headers(d.headers);return lf(p),new Response(d.body,{status:d.status,statusText:d.statusText,headers:p,webSocket:d.webSocket})}let s=await n(e);if(!(s instanceof Response))throw new df.SystemError(`The CorsProcessor is in the wrong place in the pipeline. It should only receive HttpResponse type but got '${typeof s}'`);let a=lT(i,r.routeData.corsPolicies),c=dT(e,a),u=new Headers(s.headers);return lf(u),Object.entries(c).forEach(([d,p])=>{u.set(d,p)}),new Response(s.body,{status:s.status,statusText:s.statusText,headers:u,webSocket:s.webSocket})},"corsProcessor");Do.corsProcessor=uT;var lT=o((e,t)=>{if(e.corsPolicy==="anything-goes")return{name:"anything-goes",allowedHeaders:"*",allowedOrigins:["*"],allowedMethods:e.methods.join(", "),exposeHeaders:"*",allowCredentials:"true",maxAge:"600"};let r=t?.find(n=>n.name===e.corsPolicy);if(r===void 0)throw new df.ConfigurationError(`Invalid Configuration - no corsPolicy '${e.corsPolicy}' found in *.oas.json`);return r},"getCorsPolicy"),dT=o((e,t)=>{let r=(0,uf.findMatchingOrigin)(t.allowedOrigins,e.headers.get("origin"));return r?(0,uf.generateCorsHeaders)(t,r):{}},"getCorsHeaders")});var pf=g(Uo=>{"use strict";Object.defineProperty(Uo,"__esModule",{value:!0});Uo.registerPingRoute=void 0;var pT=Nt(),hT=Gu(),fT=Pr(),mT=ot(),yT=o((e,t)=>{let r=o(async()=>new Response(null,{status:200}),"pingRouteHandler"),n=new pT.Pipeline({processors:[hT.corsProcessor],handler:r,gateway:t}),i=new mT.SystemRouteConfiguration({corsPolicy:"anything-goes",label:"SYSTEM_PING_ROUTE",methods:["GET"],path:"/__zuplo/ping",systemRouteName:fT.SystemRouteName.Ping});e.addRoute(i,n.execute)},"registerPingRoute");Uo.registerPingRoute=yT});var zr=g(st=>{"use strict";Object.defineProperty(st,"__esModule",{value:!0});st.createInternalPolicyProcessor=st.policyProcessor=st.toStackedInboundHandler=st.getInboundPolicyHandlerAndOptions=void 0;var gT=Sr(),Jr=L(),hf=He(),bT=Y();function ff(e,t){let r,n;return Array.isArray(e)?r=e:(r=e.policies?.inbound??[],n=e.path),r.map(s=>{let a=t?.find(u=>u.name===s);if(!a)throw new Jr.ConfigurationError(`Invalid state - no Policy with the name '${s}' ${n&&`on route '${n}'`} was found in the policies configuration (check case).`);let c;if(typeof a.handler?.module=="object"&&(c=a.handler?.module[a.handler.export]),typeof c!="function")throw new Jr.ConfigurationError(`Invalid state - invalid handler on policy '${s}' ${n&&`on route '${n}'`}. Expected a function, received '${typeof c}'`);return{exportName:a.handler.export,handler:c,options:a.handler.options,policyName:a.name}})}o(ff,"getInboundPolicyHandlerAndOptions");st.getInboundPolicyHandlerAndOptions=ff;function _T(e,t){return(e.policies?.outbound??[]).map(i=>{let s=t?.find(c=>c.name===i);if(!s)throw new Jr.ConfigurationError(`Invalid state - no Policy with the name '${i}' on route '${e.path}' was found in the policies configuration (check case).`);let a;if(typeof s.handler?.module=="object"&&(a=s.handler?.module[s.handler.export]),typeof a!="function")throw new Jr.ConfigurationError(`Invalid state - invalid handler on policy '${i}' on route '${e.path}'`);return{exportName:s.handler.export,handler:a,options:s.handler.options,policyName:s.name}})}o(_T,"getOutboundPolicyHandlerAndOptions");var ET=o(e=>async(t,r)=>{let n=gT.ZuploContextExtensions.getContextExtensions(r),i=[...e],s=t;for(;i.length>0;){let a=i.shift();if(!a)return s;let c=await a.handler(s,r,a.options,a.policyName);if(c instanceof hf.ZuploRequest)s=c;else if(c instanceof Request)s=new hf.ZuploRequest(c);else{if(c instanceof Response)return c;throw new Jr.ConfigurationError(`Invalid state - invalid handler on policy '${a.policyName}'${a.routeName?` on route '${a.routeName}`:""}. The result of an inbound policy must be a Response or Request.`)}n.latestRequest=s}return s},"toStackedInboundHandler");st.toStackedInboundHandler=ET;var wT=o(e=>async(t,r,n)=>{let i=[...e],s=t;for(;i.length>0;){let a=i.shift();if(!a)return s;let c=await a.handler(s,r,n,a.options,a.policyName);if(!(c instanceof Response))throw new Jr.ConfigurationError(`Invalid state - invalid handler on policy '${a.policyName}'${a.routeName?` on route '${a.routeName}`:""}. The result of an outbound policy must be a Response.`);s=c}return s},"toStackedOutboundHandler"),vT=o(async(e,t,r,n)=>{let i=ff(t.route,r.routeData.policies),s=_T(t.route,r.routeData.policies);return mf({request:e,context:t,inboundPolicies:i,outboundPolicies:s,gateway:r,next:n})},"policyProcessor");st.policyProcessor=vT;function TT({inboundPolicies:e=[],outboundPolicies:t=[]}){return o(async(n,i,s,a)=>mf({request:n,context:i,inboundPolicies:e.map(c=>({...c,exportName:"default",policyName:c.handler.name})),outboundPolicies:t.map(c=>({...c,exportName:"default",policyName:c.handler.name})),gateway:s,next:a}),"policyProcessor")}o(TT,"createInternalPolicyProcessor");st.createInternalPolicyProcessor=TT;async function mf({request:e,context:t,inboundPolicies:r,outboundPolicies:n,gateway:i,next:s}){let a=(0,st.toStackedInboundHandler)(r);try{let c=await a(e,t);if(c instanceof Response)return c;let u=await s(c),l=wT(n),d;return bT.Environment.instance.build.COMPATIBILITY_FLAGS.runOutboundPoliciesOnHandlerOnAllStatuses?d=l(u,e,t):d=u.ok?l(u,e,t):u,d}catch(c){return t.log.error(c),i.errorHandler(e,t,c)}}o(mf,"executePolicyProcessor")});var yf=g(Wr=>{"use strict";Object.defineProperty(Wr,"__esModule",{value:!0});Wr.serialize=Wr.parse=void 0;var ST=Object.prototype.toString,Mo=/^[\u0009\u0020-\u007e\u0080-\u00ff]+$/;function IT(e,t){if(typeof e!="string")throw new TypeError("argument str must be a string");let r={},i=(t||{}).decode||AT,s=0;for(;s<e.length;){let a=e.indexOf("=",s);if(a===-1)break;let c=e.indexOf(";",s);if(c===-1)c=e.length;else if(c<a){s=e.lastIndexOf(";",a-1)+1;continue}let u=e.slice(s,a).trim();if(r[u]===void 0){let l=e.slice(a+1,c).trim();l.charCodeAt(0)===34&&(l=l.slice(1,-1)),r[u]=xT(l,i)}s=c+1}return r}o(IT,"parse");Wr.parse=IT;function PT(e,t,r){let n=r||{},i=n.encode||RT;if(typeof i!="function")throw new TypeError("option encode is invalid");if(!Mo.test(e))throw new TypeError("argument name is invalid");let s=i(t);if(s&&!Mo.test(s))throw new TypeError("argument val is invalid");let a=e+"="+s;if(n.maxAge!=null){let c=n.maxAge-0;if(isNaN(c)||!isFinite(c))throw new TypeError("option maxAge is invalid");a+="; Max-Age="+Math.floor(c)}if(n.domain){if(!Mo.test(n.domain))throw new TypeError("option domain is invalid");a+="; Domain="+n.domain}if(n.path){if(!Mo.test(n.path))throw new TypeError("option path is invalid");a+="; Path="+n.path}if(n.expires){let c=n.expires;if(!OT(c)||isNaN(c.valueOf()))throw new TypeError("option expires is invalid");a+="; Expires="+c.toUTCString()}if(n.httpOnly&&(a+="; HttpOnly"),n.secure&&(a+="; Secure"),n.priority)switch(typeof n.priority=="string"?n.priority.toLowerCase():n.priority){case"low":a+="; Priority=Low";break;case"medium":a+="; Priority=Medium";break;case"high":a+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}if(n.sameSite)switch(typeof n.sameSite=="string"?n.sameSite.toLowerCase():n.sameSite){case!0:a+="; SameSite=Strict";break;case"lax":a+="; SameSite=Lax";break;case"strict":a+="; SameSite=Strict";break;case"none":a+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}return a}o(PT,"serialize");Wr.serialize=PT;function AT(e){return e.indexOf("%")!==-1?decodeURIComponent(e):e}o(AT,"decode");function RT(e){return encodeURIComponent(e)}o(RT,"encode");function OT(e){return ST.call(e)==="[object Date]"||e instanceof Date}o(OT,"isDate");function xT(e,t){try{return t(e)}catch{return e}}o(xT,"tryDecode")});var gf=g(ko=>{"use strict";Object.defineProperty(ko,"__esModule",{value:!0});ko.devPortalBaseURL=void 0;var NT=yf();function CT(e,t){try{let r=/v\d+(-\d+)?/g,i=(0,NT.parse)(t.get("Cookie")||"")["zp-dev-portal"];return i!==null&&i&&r.test(i)?`https://dev-portal-${i}.zuplo.com`:e}catch{}return e}o(CT,"devPortalBaseURL");ko.devPortalBaseURL=CT});var vf=g(Qr=>{"use strict";Object.defineProperty(Qr,"__esModule",{value:!0});Qr.registerDevPortalLegacyRedirectRoute=Qr.registerDevPortalV3Route=void 0;var Bu=Ct(),_f=Nt(),Ef=Qt(),LT=zr(),wf=ot(),DT=gf(),Xt=Y(),bf="/__zuplo/dev-portal",UT="dev-portal-id",MT="dev-portal-host",kT="zp-account",HT="zp-project",FT="dev-portal-build",qT=`
35
+ `)+" "+r[1]:r[0]+t+" "+e.join(", ")+" "+r[1]}o(Tw,"reduceToSingleString")});var Dh=g(co=>{"use strict";Object.defineProperty(co,"__esModule",{value:!0});co.format=void 0;var Sw=Ah(),Iw=Lh(),Pw=o((e,...t)=>(0,Sw.format)(Iw.inspect,e,t),"format");co.format=Pw});var Tr=g(zt=>{"use strict";Object.defineProperty(zt,"__esModule",{value:!0});zt.debug=zt.withoutEnv=zt.Debugger=void 0;var Aw=Ph(),Rw=Dh(),uo=class{static{o(this,"Debugger")}manager;ns;color;last;enabled;constructor(t,r){this.manager=t,this.ns=r,this.color=(0,Aw.generateColor)(r),this.last=0,this.enabled=t.enabled.some(n=>n.test(r))}log(...t){if(!this.enabled)return;let r,n=t[0];typeof n=="function"?r=n():r=String(n);let i=Date.now()-(this.last||Date.now());r=(0,Rw.format)(r,...t);let s=`${this.color(this.ns)} ${r} ${this.color(`+${i}ms`)}`;console.log(s),this.last=Date.now()}};zt.Debugger=uo;var lo=class{static{o(this,"DebugManager")}debuggers;enabled;constructor(t){this.debuggers=new Map,this.enabled=t??[]}};function Uh(e){return!e||e.length===0?[]:(e=e.replace(/\s/g,"").replace(/\*/g,".+"),e.split(",").map(t=>new RegExp(`^${t}$`)))}o(Uh,"extract");var ei;function Ow(e){e||(e=[]),typeof e=="string"&&(e=Uh(e)),ei=new lo(e)}o(Ow,"withoutEnv");zt.withoutEnv=Ow;function xw(e){let t=globalThis.DEBUG;ei||(ei=new lo(Uh(t)));let r=new uo(ei,e);return ei.debuggers.set(e,r),Object.assign(r.log.bind(r),{self:r})}o(xw,"debug");zt.debug=xw});var ho=g(Vr=>{"use strict";Object.defineProperty(Vr,"__esModule",{value:!0});Vr.ProblemResponseFormatter=Vr.InternalProblemResponseFormatter=void 0;var Nw=D(),po=class e{static{o(this,"InternalProblemResponseFormatter")}static problemResponseFormat=async t=>{let r=t.problem,n=JSON.stringify(r,null,2);return new Response(n,{status:t.problem.status,statusText:t.statusText,headers:{...t.additionalHeaders,"content-type":"application/problem+json"}})};static setProblemResponseFormat(t){t&&(e.problemResponseFormat=(r,n,i)=>{try{return t(r,n,i)}catch(s){throw new Nw.RuntimeError("Error in custom 'problemResponseFormat'",{cause:s})}})}};Vr.InternalProblemResponseFormatter=po;var wu=class{static{o(this,"ProblemResponseFormatter")}static async format(t,r,n){return await po.problemResponseFormat(t,r,n)}};Vr.ProblemResponseFormatter=wu});var kh=g(fo=>{"use strict";Object.defineProperty(fo,"__esModule",{value:!0});fo.deepFreeze=void 0;function Mh(e){for(let t in e){let r=e[t];r&&typeof r=="object"&&Mh(r)}return Object.freeze(e)}o(Mh,"deepFreeze");fo.deepFreeze=Mh});var He=g(mo=>{"use strict";Object.defineProperty(mo,"__esModule",{value:!0});mo.ZuploRequest=void 0;var Hh=kh(),vu=class e extends Request{static{o(this,"ZuploRequest")}#e=void 0;#t;constructor(t,r){super(t,r);let n=r?.params;n?this.#t=n:t instanceof e?this.#t=t.#t:this.#t={};let i=r?.user;i?this.user=i:t instanceof e&&(this.user=t.user)}get query(){if(this.#e===void 0){let t={},r=new URL(this.url).searchParams;for(let[n,i]of r.entries())t[n]=i;this.#e=t}return(0,Hh.deepFreeze)(this.#e)}get params(){return(0,Hh.deepFreeze)(this.#t)}user};mo.ZuploRequest=vu});var yt=g(ye=>{"use strict";Object.defineProperty(ye,"__esModule",{value:!0});ye.initializeRuntime=ye.invokeOnResponseSendingFinalExtensions=ye.invokeOnResponseSendingExtensions=ye.invokeOnRequestExtensions=ye.plugins=ye.runtimeExtensions=ye.SystemRuntimePlugin=ye.RuntimePlugin=void 0;var Fh=D(),Cw=ho(),Lw=He(),go=class{static{o(this,"RuntimePlugin")}};ye.RuntimePlugin=go;var bo=class extends go{static{o(this,"SystemRuntimePlugin")}async initialize(t){return Promise.resolve()}registerRoutes(t,r){}};ye.SystemRuntimePlugin=bo;ye.runtimeExtensions={};var Tu=[];ye.plugins=Tu;var qh=[],$h=[],jh=[],yo={addPlugin(e){Tu.push(e)},addRequestHook(e){qh.push(e)},addResponseSendingHook(e){$h.push(e)},addResponseSendingFinalHook(e){jh.push(e)}},Dw=o(async(e,t)=>{let r=e;for(let n of qh){let i=await n(r,t);if(i instanceof Lw.ZuploRequest)r=i;else{if(i instanceof Response)return i;throw new Fh.ConfigurationError(`Invalid state - the OnRequest hook must return a ZuploRequest or Response. Received ${typeof r}.`)}}return r},"invokeOnRequestExtensions");ye.invokeOnRequestExtensions=Dw;var Uw=o(async(e,t,r)=>{let n=e;for(let i of $h){let s=await i(e,t,r);if(s instanceof Response)n=s;else throw new Fh.ConfigurationError(`Invalid state - the OnResponseSending hook must return a Response. Received ${typeof n}.`)}return n},"invokeOnResponseSendingExtensions");ye.invokeOnResponseSendingExtensions=Uw;var Mw=o(async(e,t,r)=>{for(let n of jh)await n(e,t,r)},"invokeOnResponseSendingFinalExtensions");ye.invokeOnResponseSendingFinalExtensions=Mw;async function kw(e=()=>Promise.resolve()){await e(yo),ye.runtimeExtensions.value=yo;for(let t of Tu)t instanceof bo&&await t.initialize(yo);Cw.InternalProblemResponseFormatter.setProblemResponseFormat(yo.problemResponseFormat)}o(kw,"initializeRuntime");ye.initializeRuntime=kw});var Su=g(Wt=>{"use strict";Object.defineProperty(Wt,"__esModule",{value:!0});Wt.serialize=Wt.ContentTypes=void 0;Wt.ContentTypes={Json:"application/json",Form:"application/x-www-form-urlencoded"};function Hw(e,t){if(e!==null)return t&&typeof e=="string"?e:typeof e=="object"&&t?.startsWith(Wt.ContentTypes.Form)?new URLSearchParams(e).toString():typeof e=="object"&&t?.startsWith(Wt.ContentTypes.Json)||!t?JSON.stringify(e):e}o(Hw,"serialize");Wt.serialize=Hw});var Nt=g(_o=>{"use strict";Object.defineProperty(_o,"__esModule",{value:!0});_o.Pipeline=void 0;var Iu=Sr(),Vh=yt(),Fw=Su(),Pu=class{static{o(this,"Pipeline")}constructor(t){this.execute=this.#t(t)}execute;#e=(t,r)=>async(n,i)=>{try{return await t(n,i)}catch(s){return i.log.error("Error executing request handler.",s),r.errorHandler(n,i,s)}};#t=({processors:t,gateway:r,handler:n})=>async(i,s)=>{let a=[...t],c=o(async y=>{let w=a.pop();return w?w(i,s,r,c):await this.#e(async S=>{let L=await n(S,s);return qw(L)},r)(y,s)},"nextPipe"),l=await c(i),d=new Iu.ResponseSendingEvent(i,l);s.dispatchEvent(d);let p=Iu.ZuploContextExtensions.getContextExtensions(s),m=p.latestRequest,h;try{h=await d.mutableResponse}catch(y){return s.log.error(y),r.errorHandler(i,s,y)}try{h=await p.onResponseSending(h,m,s)}catch(y){return s.log.error(`Error invoking 'context.onResponseSending' hook: '${y.message}'`,y),r.errorHandler(i,s,y)}try{h=await(0,Vh.invokeOnResponseSendingExtensions)(h,m,s)}catch(y){return s.log.error(`Error invoking 'context.onResponseSending' hook: '${y.message}'`,y),r.errorHandler(i,s,y)}s.dispatchEvent(new Iu.ResponseSentEvent(i,h));try{await p.onResponseSendingFinal(l,m,s)}catch(y){throw s.log.error(`Error invoking 'runtime.onResponseSending' hook: '${y.message}'`,y),y}try{await(0,Vh.invokeOnResponseSendingFinalExtensions)(l,m,s)}catch(y){throw s.log.error(`Error invoking 'runtime.onResponseSending' hook: '${y.message}'`,y),y}return h}};_o.Pipeline=Pu;function qw(e){return e instanceof Response?e:typeof e>"u"?new Response:new Response((0,Fw.serialize)(e),{headers:{"content-type":"application/json"}})}o(qw,"resultToResponse")});var wo=g(Eo=>{"use strict";Object.defineProperty(Eo,"__esModule",{value:!0});Eo.MetricsPlugin=void 0;var $w=yt(),Au=class extends $w.RuntimePlugin{static{o(this,"MetricsPlugin")}};Eo.MetricsPlugin=Au});var Le=g(vo=>{"use strict";Object.defineProperty(vo,"__esModule",{value:!0});vo.SystemLogMap=void 0;var jw=D(),Ru=class e{static{o(this,"SystemLogMap")}static#e=new WeakMap;static getLogger(t){let r=e.#e.get(t);if(!r){let n=`No system logger found for context with requestId '${t.requestId}'`;throw console.error(n),new jw.SystemError(n)}return r}static addLogger(t,r){e.#e.set(t,r)}};vo.SystemLogMap=Ru});var ve=g(To=>{"use strict";Object.defineProperty(To,"__esModule",{value:!0});To.BatchDispatch=void 0;var Ou=class{static{o(this,"BatchDispatch")}constructor(t,r,n,i){this.#t=t,this.#o=r,this.#n=n,this.#r=i}#e=void 0;#t;#r;#n;#i=[];#o;enqueue=t=>{this.#i.push(t),this.#e||(this.#e=new Promise(r=>{setTimeout(()=>{if(this.#i.length>0){let n=[...this.#i];this.#i.length=0,this.#e=void 0,this.#n(n).catch(i=>{this.#r&&this.#r.error(`Uncaught error in BatchDispatcher named '${this.#t}'}`,i.message,i.stack)}).finally(()=>{r()})}},this.#o)}))};waitUntilFlushed=async()=>{if(this.#e)return this.#e}};To.BatchDispatch=Ou});var Bh=g(Io=>{"use strict";Object.defineProperty(Io,"__esModule",{value:!0});Io.EllieMetricsTransport=void 0;var Gh=Le(),Vw=ve(),So=Y(),xu=class{static{o(this,"EllieMetricsTransport")}#e;#t;#r;constructor(t){this.#r=So.Environment.instance.loggingId,this.#e=t,this.#t=new Vw.BatchDispatch("ellie-metrics-transport",10,this.dispatchFunction,Gh.SystemLogMap.getLogger(t))}pushMetrics(t,r){this.#r!==void 0&&(this.#t.enqueue(t),r.waitUntil(this.#t.waitUntilFlushed()))}dispatchFunction=async t=>{if(t.length===0)return;let r,{loggingId:n,remoteLogURL:i,deploymentName:s}=So.Environment.instance,a=t.map(c=>{let u=Object.assign({},c);return delete u.requestContentLength,delete u.responseContentLength,u});if(n&&s&&(r=`${i}/v1-alpha/metrics?loggingId=${encodeURI(n)}&deploymentName=${encodeURI(s)}`),r){let c=await fetch(r,{method:"POST",body:JSON.stringify(a),headers:{"content-type":"application/json","zp-dn":So.Environment.instance.deploymentName??"unknown","user-agent":So.Environment.instance.systemUserAgent}});if(!c.ok){let u=await c.text();Gh.SystemLogMap.getLogger(this.#e).error(`Metrics POST responded ${c.status}: ${c.statusText}`,u)}}}};Io.EllieMetricsTransport=xu});var ot=g(Ir=>{"use strict";Object.defineProperty(Ir,"__esModule",{value:!0});Ir.systemNoVersion=Ir.SystemRouteConfiguration=void 0;var Nu=class{static{o(this,"SystemRouteConfiguration")}constructor({label:t,path:r,methods:n,systemRouteName:i,corsPolicy:s="none"}){this.label=t,this.path=r,this.methods=n,this.corsPolicy=s,this.version=Ir.systemNoVersion.name,this.handler={export:"SYSTEM_IGNORED",module:"SYSTEM_IGNORED"},this.systemRouteName=i}label;path;methods;handler;corsPolicy;version;policies;systemRouteName;raw(){return{}}};Ir.SystemRouteConfiguration=Nu;Ir.systemNoVersion={name:"__system-no-version",pathPrefix:""}});var Qt=g(Po=>{"use strict";Object.defineProperty(Po,"__esModule",{value:!0});Po.metricsProcessor=void 0;var Kh=Xn(),Gw=Sr(),Bw=yt(),Kw=wo(),Jw=Bh(),zw=ot(),Ww=o(async(e,t,r,n)=>{let i=new Date,s=Date.now(),a=await n(e),c=e.headers.get(Kh.RAY_ID_HEADER)??void 0,u=e.headers.get(Kh.TRUE_CLIENT_IP)??void 0,l=t.incomingRequestProperties,d;t.route instanceof zw.SystemRouteConfiguration&&(d=t.route.systemRouteName);let p=Gw.ZuploContextExtensions.getContextExtensions(t).latestRequest,m={timestamp:i,statusCode:a.status,durationMs:Date.now()-s,requestContentLength:e.headers.get("content-length")?Number(e.headers.get("content-length")):void 0,responseContentLength:a.headers.get("content-length")?Number(a.headers.get("content-length")):void 0,routePath:t.route?.path??"SYSTEM_OR_NOT_FOUND",systemRouteName:d,requestId:t.requestId,method:e.method,asn:l.asn,asOrganization:l.asOrganization,colo:l.colo,continent:l.continent,country:l.country,city:l.city,latitude:l.latitude,longitude:l.longitude,rayId:c,instanceId:r.instanceId,userSub:p.user?.sub,clientIp:u},h=[];return h.push(new Jw.EllieMetricsTransport(t)),Bw.plugins.forEach(y=>{if(y instanceof Kw.MetricsPlugin){let w=y.getTransport();h.push(w)}}),h.forEach(y=>{y.pushMetrics(m,t)}),a},"metricsProcessor");Po.metricsProcessor=Ww});var Cu=g(Ao=>{"use strict";Object.defineProperty(Ao,"__esModule",{value:!0});Ao.SystemRouteName=void 0;var Jh;(function(e){e.Build="build-data",e.CorsPreflight="cors-preflight",e.DeveloperPortal="developer-portal",e.DeveloperPortalLegacy="developer-portal-legacy",e.StripePlugin="stripe-plugin",e.EmptyGatewayCatchall="empty-gateway-catchall",e.Ping="ping",e.UnmatchedPath="unmatched-path"})(Jh||(Ao.SystemRouteName=Jh={}))});var Wh=g(zh=>{"use strict";Object.defineProperty(zh,"__esModule",{value:!0})});var Pr=g(Yt=>{"use strict";var Qw=Yt&&Yt.__createBinding||(Object.create?function(e,t,r,n){n===void 0&&(n=r);var i=Object.getOwnPropertyDescriptor(t,r);(!i||("get"in i?!t.__esModule:i.writable||i.configurable))&&(i={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,n,i)}:function(e,t,r,n){n===void 0&&(n=r),e[n]=t[r]}),Qh=Yt&&Yt.__exportStar||function(e,t){for(var r in e)r!=="default"&&!Object.prototype.hasOwnProperty.call(t,r)&&Qw(t,e,r)};Object.defineProperty(Yt,"__esModule",{value:!0});Qh(Cu(),Yt);Qh(Wh(),Yt)});var Yh=g(Ro=>{"use strict";Object.defineProperty(Ro,"__esModule",{value:!0});Ro.registerBuildRoute=void 0;var Yw=Ct(),Zw=Nt(),Xw=Qt(),ev=Pr(),tv=ot(),rv=Le(),nv=Y(),iv=o((e,t)=>{let r=o(async(s,a)=>{let u=new URL(s.url).hostname.toLowerCase();if(!u.endsWith(".zuplo.app")&&!u.endsWith(".zuplo.dev")&&!u.endsWith(".fly.dev")&&!u.endsWith("zuplotest.com")&&u!=="localhost")return Yw.HttpProblems.notFound(s,a);let l=nv.Environment.instance.build,d={buildId:l.BUILD_ID,zuploVersion:l.ZUPLO_VERSION,apiVersion:l.API_VERSION,gitSha:l.GIT_SHA,timestamp:l.TIMESTAMP,isProduction:l.IS_PRODUCTION},p=s.url.toString().split("?");return p.length>0&&new URLSearchParams(p[1]).get("system_log")==="true"&&rv.SystemLogMap.getLogger(a).error("Test System Log",d),new Response(JSON.stringify(d,null,2),{status:200,headers:{"content-type":"application/json"}})},"buildRouteHandler"),n=new Zw.Pipeline({processors:[Xw.metricsProcessor],handler:r,gateway:t}),i=new tv.SystemRouteConfiguration({label:"SYSTEM_BUILD_ROUTE",methods:["GET"],path:"/__zuplo/build",systemRouteName:ev.SystemRouteName.Build});e.addRoute(i,n.execute)},"registerBuildRoute");Ro.registerBuildRoute=iv});var Lu=g(Gr=>{"use strict";Object.defineProperty(Gr,"__esModule",{value:!0});Gr.HTTP_STATUS_TITLES=Gr.HttpStatusCode=void 0;var Zh;(function(e){e[e.CONTINUE=100]="CONTINUE",e[e.SWITCHING_PROTOCOLS=101]="SWITCHING_PROTOCOLS",e[e.PROCESSING=102]="PROCESSING",e[e.EARLY_HINTS=103]="EARLY_HINTS",e[e.OK=200]="OK",e[e.CREATED=201]="CREATED",e[e.ACCEPTED=202]="ACCEPTED",e[e.NON_AUTHORITATIVE_INFORMATION=203]="NON_AUTHORITATIVE_INFORMATION",e[e.NO_CONTENT=204]="NO_CONTENT",e[e.RESET_CONTENT=205]="RESET_CONTENT",e[e.PARTIAL_CONTENT=206]="PARTIAL_CONTENT",e[e.MULTI_STATUS=207]="MULTI_STATUS",e[e.ALREADY_REPORTED=208]="ALREADY_REPORTED",e[e.IM_USED=226]="IM_USED",e[e.MULTIPLE_CHOICES=300]="MULTIPLE_CHOICES",e[e.MOVED_PERMANENTLY=301]="MOVED_PERMANENTLY",e[e.FOUND=302]="FOUND",e[e.SEE_OTHER=303]="SEE_OTHER",e[e.NOT_MODIFIED=304]="NOT_MODIFIED",e[e.USE_PROXY=305]="USE_PROXY",e[e.SWITCH_PROXY=306]="SWITCH_PROXY",e[e.TEMPORARY_REDIRECT=307]="TEMPORARY_REDIRECT",e[e.PERMANENT_REDIRECT=308]="PERMANENT_REDIRECT",e[e.BAD_REQUEST=400]="BAD_REQUEST",e[e.UNAUTHORIZED=401]="UNAUTHORIZED",e[e.PAYMENT_REQUIRED=402]="PAYMENT_REQUIRED",e[e.FORBIDDEN=403]="FORBIDDEN",e[e.NOT_FOUND=404]="NOT_FOUND",e[e.METHOD_NOT_ALLOWED=405]="METHOD_NOT_ALLOWED",e[e.NOT_ACCEPTABLE=406]="NOT_ACCEPTABLE",e[e.PROXY_AUTHENTICATION_REQUIRED=407]="PROXY_AUTHENTICATION_REQUIRED",e[e.REQUEST_TIMEOUT=408]="REQUEST_TIMEOUT",e[e.CONFLICT=409]="CONFLICT",e[e.GONE=410]="GONE",e[e.LENGTH_REQUIRED=411]="LENGTH_REQUIRED",e[e.PRECONDITION_FAILED=412]="PRECONDITION_FAILED",e[e.CONTENT_TOO_LARGE=413]="CONTENT_TOO_LARGE",e[e.PAYLOAD_TOO_LARGE=413]="PAYLOAD_TOO_LARGE",e[e.URI_TOO_LONG=414]="URI_TOO_LONG",e[e.UNSUPPORTED_MEDIA_TYPE=415]="UNSUPPORTED_MEDIA_TYPE",e[e.RANGE_NOT_SATISFIABLE=416]="RANGE_NOT_SATISFIABLE",e[e.EXPECTATION_FAILED=417]="EXPECTATION_FAILED",e[e.I_AM_A_TEAPOT=418]="I_AM_A_TEAPOT",e[e.MISDIRECTED_REQUEST=421]="MISDIRECTED_REQUEST",e[e.UNPROCESSABLE_ENTITY=422]="UNPROCESSABLE_ENTITY",e[e.UNPROCESSABLE_CONTENT=422]="UNPROCESSABLE_CONTENT",e[e.LOCKED=423]="LOCKED",e[e.FAILED_DEPENDENCY=424]="FAILED_DEPENDENCY",e[e.TOO_EARLY=425]="TOO_EARLY",e[e.UPGRADE_REQUIRED=426]="UPGRADE_REQUIRED",e[e.PRECONDITION_REQUIRED=428]="PRECONDITION_REQUIRED",e[e.TOO_MANY_REQUESTS=429]="TOO_MANY_REQUESTS",e[e.REQUEST_HEADER_FIELDS_TOO_LARGE=431]="REQUEST_HEADER_FIELDS_TOO_LARGE",e[e.UNAVAILABLE_FOR_LEGAL_REASONS=451]="UNAVAILABLE_FOR_LEGAL_REASONS",e[e.INTERNAL_SERVER_ERROR=500]="INTERNAL_SERVER_ERROR",e[e.NOT_IMPLEMENTED=501]="NOT_IMPLEMENTED",e[e.BAD_GATEWAY=502]="BAD_GATEWAY",e[e.SERVICE_UNAVAILABLE=503]="SERVICE_UNAVAILABLE",e[e.GATEWAY_TIMEOUT=504]="GATEWAY_TIMEOUT",e[e.HTTP_VERSION_NOT_SUPPORTED=505]="HTTP_VERSION_NOT_SUPPORTED",e[e.VARIANT_ALSO_NEGOTIATES=506]="VARIANT_ALSO_NEGOTIATES",e[e.INSUFFICIENT_STORAGE=507]="INSUFFICIENT_STORAGE",e[e.LOOP_DETECTED=508]="LOOP_DETECTED",e[e.NOT_EXTENDED=510]="NOT_EXTENDED",e[e.NETWORK_AUTHENTICATION_REQUIRED=511]="NETWORK_AUTHENTICATION_REQUIRED"})(Zh||(Gr.HttpStatusCode=Zh={}));Gr.HTTP_STATUS_TITLES={100:"Continue",101:"Switching Protocols",102:"Processing",103:"Early Hints",200:"OK",201:"Created",202:"Accepted",203:"Non-Authoritative Information",204:"No Content",205:"Reset Content",206:"Partial Content",207:"Multi-Status",208:"Already Reported",226:"IM Used",300:"Multiple Choices",301:"Moved Permanently",302:"Found",303:"See Other",304:"Not Modified",305:"Use Proxy",306:"Switch Proxy",307:"Temporary Redirect",308:"Permanent Redirect",400:"Bad Request",401:"Unauthorized",402:"Payment Required",403:"Forbidden",404:"Not Found",405:"Method Not Allowed",406:"Not Acceptable",407:"Proxy Authentication Required",408:"Request Timeout",409:"Conflict",410:"Gone",411:"Length Required",412:"Precondition Failed",413:"Content Too Large",414:"URI Too Long",415:"Unsupported Media Type",416:"Range Not Satisfiable",417:"Expectation Failed",418:"I'm a teapot",421:"Misdirected Request",422:"Unprocessable Content",423:"Locked",424:"Failed Dependency",425:"Too Early",426:"Upgrade Required",428:"Precondition Required",429:"Too Many Requests",431:"Request Header Fields Too Large",451:"Unavailable For Legal Reasons",500:"Internal Server Error",501:"Not Implemented",502:"Bad Gateway",503:"Service Unavailable",504:"Gateway Timeout",505:"HTTP Version Not Supported",506:"Variant Also Negotiates",507:"Insufficient Storage",508:"Loop Detected",510:"Not Extended",511:"Network Authentication Required"}});var Uu=g(Du=>{"use strict";Object.defineProperty(Du,"__esModule",{value:!0});var ov={100:"Continue",101:"Switching Protocols",102:"Processing",103:"Early Hints",200:"OK",201:"Created",202:"Accepted",203:"Non-Authoritative Information",204:"No Content",205:"Reset Content",206:"Partial Content",207:"Multi-Status",208:"Already Reported",226:"IM Used",300:"Multiple Choices",301:"Moved Permanently",302:"Found",303:"See Other",304:"Not Modified",305:"Use Proxy",307:"Temporary Redirect",308:"Permanent Redirect",400:"Bad Request",401:"Unauthorized",402:"Payment Required",403:"Forbidden",404:"Not Found",405:"Method Not Allowed",406:"Not Acceptable",407:"Proxy Authentication Required",408:"Request Timeout",409:"Conflict",410:"Gone",411:"Length Required",412:"Precondition Failed",413:"Payload Too Large",414:"URI Too Long",415:"Unsupported Media Type",416:"Range Not Satisfiable",417:"Expectation Failed",418:"I'm a Teapot",421:"Misdirected Request",422:"Unprocessable Entity",423:"Locked",424:"Failed Dependency",425:"Too Early",426:"Upgrade Required",428:"Precondition Required",429:"Too Many Requests",431:"Request Header Fields Too Large",451:"Unavailable For Legal Reasons",500:"Internal Server Error",501:"Not Implemented",502:"Bad Gateway",503:"Service Unavailable",504:"Gateway Timeout",505:"HTTP Version Not Supported",506:"Variant Also Negotiates",507:"Insufficient Storage",508:"Loop Detected",509:"Bandwidth Limit Exceeded",510:"Not Extended",511:"Network Authentication Required"};Du.default=ov});var se=g(Br=>{"use strict";var sv=Br&&Br.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(Br,"__esModule",{value:!0});Br.HttpProblems=void 0;var av=Xn(),O=Lu(),cv=sv(Uu()),uv=Y(),Mu=ho();function lv(e){return`${new URL(e.url).pathname}`}o(lv,"instance");function dv(e,t){let r={timestamp:new Date().toISOString(),requestId:t.requestId,buildId:uv.Environment.instance.build.BUILD_ID},n=e.headers.get(av.RAY_ID_HEADER);return n&&(r.rayId=n),r}o(dv,"trace");var pv=o((e,t,r,n,i)=>({problem:{type:e.type,title:e.title,status:e.status,detail:e.detail,instance:lv(t),trace:dv(t,r),...n},additionalHeaders:i,statusText:cv.default[e.status]}),"merge"),ku=class{static{o(this,"HttpProblemsBase")}static format=(t,r,n)=>"problem"in t?Mu.ProblemResponseFormatter.format(t,r,n):Mu.ProblemResponseFormatter.format({problem:t},r,n);static getProblemFromStatus(t,r){return{type:`https://httpproblems.com/http-status/${t}`,status:t,title:O.HTTP_STATUS_TITLES[t],...r}}},Hu=class extends ku{static{o(this,"HttpProblems")}static#e(t,r,n,i,s){let a=pv(this.getProblemFromStatus(t),r,n,i,s);return Mu.ProblemResponseFormatter.format(a,r,n)}static continue=(t,r,n,i)=>this.#e(O.HttpStatusCode.OK,t,r,n,i);static switchingProtocols=(t,r,n,i)=>this.#e(O.HttpStatusCode.SWITCHING_PROTOCOLS,t,r,n,i);static processing=(t,r,n,i)=>this.#e(O.HttpStatusCode.PROCESSING,t,r,n,i);static earlyHints=(t,r,n,i)=>this.#e(O.HttpStatusCode.EARLY_HINTS,t,r,n,i);static ok=(t,r,n,i)=>this.#e(O.HttpStatusCode.OK,t,r,n,i);static created=(t,r,n,i)=>this.#e(O.HttpStatusCode.CREATED,t,r,n,i);static accepted=(t,r,n,i)=>this.#e(O.HttpStatusCode.ACCEPTED,t,r,n,i);static nonAuthoritativeInformation=(t,r,n,i)=>this.#e(O.HttpStatusCode.NON_AUTHORITATIVE_INFORMATION,t,r,n,i);static noContent=(t,r,n,i)=>this.#e(O.HttpStatusCode.NO_CONTENT,t,r,n,i);static resetContent=(t,r,n,i)=>this.#e(O.HttpStatusCode.RESET_CONTENT,t,r,n,i);static partialContent=(t,r,n,i)=>this.#e(O.HttpStatusCode.PARTIAL_CONTENT,t,r,n,i);static multiStatus=(t,r,n,i)=>this.#e(O.HttpStatusCode.MULTI_STATUS,t,r,n,i);static alreadyReported=(t,r,n,i)=>this.#e(O.HttpStatusCode.ALREADY_REPORTED,t,r,n,i);static imUsed=(t,r,n,i)=>this.#e(O.HttpStatusCode.IM_USED,t,r,n,i);static multipleChoices=(t,r,n,i)=>this.#e(O.HttpStatusCode.MULTIPLE_CHOICES,t,r,n,i);static movedPermanently=(t,r,n,i)=>this.#e(O.HttpStatusCode.MOVED_PERMANENTLY,t,r,n,i);static found=(t,r,n,i)=>this.#e(O.HttpStatusCode.FOUND,t,r,n,i);static seeOther=(t,r,n,i)=>this.#e(O.HttpStatusCode.SEE_OTHER,t,r,n,i);static notModified=(t,r,n,i)=>this.#e(O.HttpStatusCode.NOT_MODIFIED,t,r,n,i);static useProxy=(t,r,n,i)=>this.#e(O.HttpStatusCode.USE_PROXY,t,r,n,i);static switchProxy=(t,r,n,i)=>this.#e(O.HttpStatusCode.SWITCH_PROXY,t,r,n,i);static temporaryRedirect=(t,r,n,i)=>this.#e(O.HttpStatusCode.TEMPORARY_REDIRECT,t,r,n,i);static permanentRedirect=(t,r,n,i)=>this.#e(O.HttpStatusCode.PERMANENT_REDIRECT,t,r,n,i);static badRequest=(t,r,n,i)=>this.#e(O.HttpStatusCode.BAD_REQUEST,t,r,n,i);static unauthorized=(t,r,n,i)=>this.#e(O.HttpStatusCode.UNAUTHORIZED,t,r,n,i);static paymentRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.PAYMENT_REQUIRED,t,r,n,i);static forbidden=(t,r,n,i)=>this.#e(O.HttpStatusCode.FORBIDDEN,t,r,n,i);static notFound=(t,r,n,i)=>this.#e(O.HttpStatusCode.NOT_FOUND,t,r,n,i);static methodNotAllowed=(t,r,n,i)=>this.#e(O.HttpStatusCode.METHOD_NOT_ALLOWED,t,r,n,i);static notAcceptable=(t,r,n,i)=>this.#e(O.HttpStatusCode.NOT_ACCEPTABLE,t,r,n,i);static proxyAuthenticationRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.PROXY_AUTHENTICATION_REQUIRED,t,r,n,i);static requestTimeout=(t,r,n,i)=>this.#e(O.HttpStatusCode.REQUEST_TIMEOUT,t,r,n,i);static conflict=(t,r,n,i)=>this.#e(O.HttpStatusCode.CONFLICT,t,r,n,i);static gone=(t,r,n,i)=>this.#e(O.HttpStatusCode.GONE,t,r,n,i);static lengthRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.LENGTH_REQUIRED,t,r,n,i);static preconditionFailed=(t,r,n,i)=>this.#e(O.HttpStatusCode.PRECONDITION_FAILED,t,r,n,i);static contentTooLarge=(t,r,n,i)=>this.#e(O.HttpStatusCode.CONTENT_TOO_LARGE,t,r,n,i);static uriTooLong=(t,r,n,i)=>this.#e(O.HttpStatusCode.URI_TOO_LONG,t,r,n,i);static unsupportedMediaType=(t,r,n,i)=>this.#e(O.HttpStatusCode.UNSUPPORTED_MEDIA_TYPE,t,r,n,i);static rangeNotSatisfiable=(t,r,n,i)=>this.#e(O.HttpStatusCode.RANGE_NOT_SATISFIABLE,t,r,n,i);static expectationFailed=(t,r,n,i)=>this.#e(O.HttpStatusCode.EXPECTATION_FAILED,t,r,n,i);static imATeapot=(t,r,n,i)=>this.#e(O.HttpStatusCode.I_AM_A_TEAPOT,t,r,n,i);static misdirectedRequest=(t,r,n,i)=>this.#e(O.HttpStatusCode.MISDIRECTED_REQUEST,t,r,n,i);static unprocessableContent=(t,r,n,i)=>this.#e(O.HttpStatusCode.UNPROCESSABLE_CONTENT,t,r,n,i);static locked=(t,r,n,i)=>this.#e(O.HttpStatusCode.LOCKED,t,r,n,i);static failedDependency=(t,r,n,i)=>this.#e(O.HttpStatusCode.FAILED_DEPENDENCY,t,r,n,i);static tooEarly=(t,r,n,i)=>this.#e(O.HttpStatusCode.TOO_EARLY,t,r,n,i);static upgradeRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.UPGRADE_REQUIRED,t,r,n,i);static preconditionRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.PRECONDITION_REQUIRED,t,r,n,i);static tooManyRequests=(t,r,n,i)=>this.#e(O.HttpStatusCode.TOO_MANY_REQUESTS,t,r,n,i);static requestHeaderFieldsTooLarge=(t,r,n,i)=>this.#e(O.HttpStatusCode.REQUEST_HEADER_FIELDS_TOO_LARGE,t,r,n,i);static unavailableForLegalReasons=(t,r,n,i)=>this.#e(O.HttpStatusCode.UNAVAILABLE_FOR_LEGAL_REASONS,t,r,n,i);static internalServerError=(t,r,n,i)=>this.#e(O.HttpStatusCode.INTERNAL_SERVER_ERROR,t,r,n,i);static notImplemented=(t,r,n,i)=>this.#e(O.HttpStatusCode.NOT_IMPLEMENTED,t,r,n,i);static badGateway=(t,r,n,i)=>this.#e(O.HttpStatusCode.BAD_GATEWAY,t,r,n,i);static serviceUnavailable=(t,r,n,i)=>this.#e(O.HttpStatusCode.SERVICE_UNAVAILABLE,t,r,n,i);static gatewayTimeout=(t,r,n,i)=>this.#e(O.HttpStatusCode.GATEWAY_TIMEOUT,t,r,n,i);static httpVersionNotSupported=(t,r,n,i)=>this.#e(O.HttpStatusCode.HTTP_VERSION_NOT_SUPPORTED,t,r,n,i);static variantAlsoNegotiates=(t,r,n,i)=>this.#e(O.HttpStatusCode.VARIANT_ALSO_NEGOTIATES,t,r,n,i);static insufficientStorage=(t,r,n,i)=>this.#e(O.HttpStatusCode.INSUFFICIENT_STORAGE,t,r,n,i);static loopDetected=(t,r,n,i)=>this.#e(O.HttpStatusCode.LOOP_DETECTED,t,r,n,i);static notExtended=(t,r,n,i)=>this.#e(O.HttpStatusCode.NOT_EXTENDED,t,r,n,i);static networkAuthenticationRequired=(t,r,n,i)=>this.#e(O.HttpStatusCode.NETWORK_AUTHENTICATION_REQUIRED,t,r,n,i)};Br.HttpProblems=Hu});var Lt=g(M=>{"use strict";Object.defineProperty(M,"__esModule",{value:!0});M.isErrorLike=M.withUndefinedAsNull=M.withNullAsUndefined=M.validateConstraint=M.validateConstraints=M.areFunctions=M.isFunction=M.isEmptyObject=M.assertAllDefined=M.assertIsDefined=M.assertType=M.isUndefinedOrNull=M.isDefined=M.isUndefined=M.isBoolean=M.isIterable=M.isNumber=M.isTypedArray=M.isArray=M.isObject=M.getOwnEnumerableKeys=M.isRegexp=M.isStringArray=M.isNonEmptyString=M.isString=M.toString=void 0;var{toString:hv}=Object.prototype,{propertyIsEnumerable:fv}=Object.prototype;function Xh(e){return hv.call(e)}o(Xh,"toString");M.toString=Xh;function Oo(e){return typeof e=="string"}o(Oo,"isString");M.isString=Oo;function mv(e){return Oo(e)&&e!==""}o(mv,"isNonEmptyString");M.isNonEmptyString=mv;function yv(e){return Array.isArray(e)&&e.every(t=>Oo(t))}o(yv,"isStringArray");M.isStringArray=yv;function gv(e){return Xh(e)==="[object RegExp]"}o(gv,"isRegexp");M.isRegexp=gv;function bv(e){return[...Object.keys(e),...Object.getOwnPropertySymbols(e).filter(t=>fv.call(e,t))]}o(bv,"getOwnEnumerableKeys");M.getOwnEnumerableKeys=bv;function Fu(e){return typeof e=="object"&&e!==null&&!Array.isArray(e)&&!(e instanceof RegExp)&&!(e instanceof Date)}o(Fu,"isObject");M.isObject=Fu;function _v(e){return Fu(e)&&Array.isArray(e)}o(_v,"isArray");M.isArray=_v;function Ev(e){let t=Object.getPrototypeOf(Uint8Array);return typeof e=="object"&&e instanceof t}o(Ev,"isTypedArray");M.isTypedArray=Ev;function wv(e){return typeof e=="number"&&!isNaN(e)}o(wv,"isNumber");M.isNumber=wv;function vv(e){return!!e&&typeof e[Symbol.iterator]=="function"}o(vv,"isIterable");M.isIterable=vv;function Tv(e){return e===!0||e===!1}o(Tv,"isBoolean");M.isBoolean=Tv;function ef(e){return typeof e>"u"}o(ef,"isUndefined");M.isUndefined=ef;function Sv(e){return!ti(e)}o(Sv,"isDefined");M.isDefined=Sv;function ti(e){return ef(e)||e===null}o(ti,"isUndefinedOrNull");M.isUndefinedOrNull=ti;function Iv(e,t){if(!e)throw new Error(t?`Unexpected type, expected '${t}'`:"Unexpected type")}o(Iv,"assertType");M.assertType=Iv;function Pv(e){if(ti(e))throw new Error("Assertion Failed: argument is undefined or null");return e}o(Pv,"assertIsDefined");M.assertIsDefined=Pv;function Av(...e){let t=[];for(let r=0;r<e.length;r++){let n=e[r];if(ti(n))throw new Error(`Assertion Failed: argument at index ${r} is undefined or null`);t.push(n)}return t}o(Av,"assertAllDefined");M.assertAllDefined=Av;var Rv=Object.prototype.hasOwnProperty;function Ov(e){if(!Fu(e))return!1;for(let t in e)if(Rv.call(e,t))return!1;return!0}o(Ov,"isEmptyObject");M.isEmptyObject=Ov;function qu(e){return typeof e=="function"}o(qu,"isFunction");M.isFunction=qu;function xv(...e){return e.length>0&&e.every(qu)}o(xv,"areFunctions");M.areFunctions=xv;function Nv(e,t){let r=Math.min(e.length,t.length);for(let n=0;n<r;n++)tf(e[n],t[n])}o(Nv,"validateConstraints");M.validateConstraints=Nv;function tf(e,t){if(Oo(t)){if(typeof e!==t)throw new Error(`argument does not match constraint: typeof ${t}`)}else if(qu(t)){try{if(e instanceof t)return}catch{}if(!ti(e)&&e.constructor===t||t.length===1&&t.call(void 0,e)===!0)return;throw new Error("argument does not match one of these constraints: arg instanceof constraint, arg.constructor === constraint, nor constraint(arg) === true")}}o(tf,"validateConstraint");M.validateConstraint=tf;function Cv(e){return e===null?void 0:e}o(Cv,"withNullAsUndefined");M.withNullAsUndefined=Cv;function Lv(e){return typeof e>"u"?null:e}o(Lv,"withUndefinedAsNull");M.withUndefinedAsNull=Lv;function Dv(e){return!!e&&typeof e=="object"&&"name"in e&&"message"in e&&"stack"in e}o(Dv,"isErrorLike");M.isErrorLike=Dv});var ri=g(gt=>{"use strict";Object.defineProperty(gt,"__esModule",{value:!0});gt.parseValueToBoolean=gt.parseValueToStringArray=gt.getValueFromRequestUser=gt.statusCodesStringToNumberArray=void 0;var Kr=D(),$u=Lt(),rf=new Map;function Uv(e){if(typeof e!="string")throw new Error("Input must be a string");if(!/^\d+(?:-\d+)?(?:,\s*\d+(?:-\d+)?)*$/.test(e))throw new Error("Malformed input string");let t=rf.get(e);if(t)return t;let r=e.split(","),n=[];for(let i of r){let s=i.split("-");if(s.length===2){let a=parseInt(s[0],10),c=parseInt(s[1],10);for(let u=a;u<=c;u++)n.push(u)}else n.push(parseInt(i,10))}return rf.set(e,n),n}o(Uv,"statusCodesStringToNumberArray");gt.statusCodesStringToNumberArray=Uv;function Mv(e,t,r){if(!t.startsWith("."))throw new Kr.ConfigurationError(`Invalid ${r} - must start with '.' - '${t}' does not`);let n=t.split(".").splice(1),i=e;return n.forEach(s=>{if(i===void 0)throw new Kr.RuntimeError(`Error applying ${r} '${t}', reading '${s}'`);i=i[s]}),`${i}`}o(Mv,"getValueFromRequestUser");gt.getValueFromRequestUser=Mv;function kv(e){if(Array.isArray(e)){if(e.includes(r=>typeof r!="string"))throw new Kr.ConfigurationError("Received an array that contains non-string values.");return e}if((0,$u.isString)(e))return e.includes(",")?e.split(",").map(r=>r.trim()).filter(r=>r!==","&&r!==""):[e];throw new Kr.ConfigurationError(`Expected type of string, received type '${typeof e}'`)}o(kv,"parseValueToStringArray");gt.parseValueToStringArray=kv;function Hv(e){if((0,$u.isBoolean)(e))return e;if((0,$u.isString)(e)){if(e.toLowerCase()==="true")return!0;if(e.toLowerCase()==="false")return!1;throw new Kr.ConfigurationError(`Attempted to parse string to boolean, but received ${e} which cannot be parsed.`)}throw new Kr.ConfigurationError(`Expected type of boolean, received type '${typeof e}'`)}o(Hv,"parseValueToBoolean");gt.parseValueToBoolean=Hv});var No=g(Zt=>{"use strict";Object.defineProperty(Zt,"__esModule",{value:!0});Zt.generateCorsHeaders=Zt.findMatchingOrigin=Zt.parseCorsPolicies=void 0;var Ar=D(),nf=ri(),xo=Lt();function Fv(e){if(e==null)return[];if(!Array.isArray(e))throw new Ar.ConfigurationError(`Invalid corsPolicy configuration. Expected an array of objects, received '${typeof e}'`);return e.map(r=>{if(!(0,xo.isObject)(r))throw new Ar.ConfigurationError(`Invalid custom cors policy is set. Expected an object, received '${typeof r}'`);if(!(0,xo.isNonEmptyString)(r.name))throw new Ar.ConfigurationError("Value of 'name' on custom cors policies must be a non-empty string.");if(r.maxAge!==void 0&&!(0,xo.isNumber)(r.maxAge))throw new Ar.ConfigurationError(`Value of 'maxAge' on custom cors policies must be a non-empty string. Received type '${typeof r.maxAge}'`);if(r.allowCredentials!==void 0&&!(0,xo.isBoolean)(r.allowCredentials))throw new Ar.ConfigurationError("Value of 'allowCredentials' on custom cors policies must be a boolean or not be set. If using an environment variable, check that it is set correctly.");let n=ju(r,"allowedHeaders"),i=ju(r,"allowedMethods"),s=ju(r,"exposeHeaders"),a;try{a=(0,nf.parseValueToStringArray)(r.allowedOrigins)}catch(u){throw new Ar.ConfigurationError(`Value of 'allowedOrigins' on custom cors policies is invalid. ${u.message} If using an environment variable, check that it is set correctly.`)}return{name:r.name,allowCredentials:typeof r.allowCredentials=="boolean"?String(r.allowCredentials):void 0,allowedOrigins:a,allowedHeaders:n?n.join(", "):void 0,allowedMethods:i?i.join(", "):void 0,exposeHeaders:s?s.join(", "):void 0,maxAge:typeof r.maxAge=="number"?r.maxAge.toString():void 0}})}o(Fv,"parseCorsPolicies");Zt.parseCorsPolicies=Fv;function ju(e,t){let r;if(e[t]!==void 0)try{r=(0,nf.parseValueToStringArray)(e[t])}catch(n){throw new Ar.ConfigurationError(`Value of '${t}' on custom cors policies is invalid. ${n.message} If using an environment variable, check that it is set correctly.`)}return r}o(ju,"parseOptionalProperty");var qv=o((e,t)=>{if(t===null)return;if(e.find(a=>a==="*"))return t;let n=e.map(a=>a.trim().toLowerCase()),i=t.toLowerCase();return n.find(a=>a===i)},"findMatchingOrigin");Zt.findMatchingOrigin=qv;var $v=o((e,t)=>{let r={"access-control-allow-origin":t};e.allowedHeaders&&(r["access-control-allow-headers"]=e.allowedHeaders),e.allowedMethods&&(r["access-control-allow-methods"]=e.allowedMethods),e.exposeHeaders&&(r["access-control-expose-headers"]=e.exposeHeaders);let n=e.allowCredentials;n&&(r["access-control-allow-credentials"]=n);let i=e.maxAge?.toString()??void 0;return i&&(r["access-control-max-age"]=i),r},"generateCorsHeaders");Zt.generateCorsHeaders=$v});var sf=g(Co=>{"use strict";Object.defineProperty(Co,"__esModule",{value:!0});Co.registerCorsRoute=void 0;var jv=D(),Vv=Nt(),Vu=se(),Gv=Qt(),Bv=Pr(),Kv=ot(),of=No(),Jv=o((e,t)=>{let r=t.routeData.corsPolicies,n=o(async(a,c)=>{let u=new URL(a.url.toString()).pathname,l=a.headers.get("access-control-request-method"),d=a.headers.get("access-control-request-headers"),p=a.headers.get("origin");if(p===null||l===null)return Vu.HttpProblems.badRequest(a,c,{detail:"Expect headers origin and access-control-request-method"});let m=e.lookup(l,u);if(!m)return Vu.HttpProblems.notFound(a,c);let h=m.routeConfiguration,y=zv(l,d,p,h,r);return y.isValid?new Response(void 0,{status:200,statusText:"OK",headers:y.headers}):(y.error&&c.log.warn(y.error),Vu.HttpProblems.notFound(a,c))},"optionsHandler"),i=new Vv.Pipeline({processors:[Gv.metricsProcessor],handler:n,gateway:t}),s=new Kv.SystemRouteConfiguration({label:"SYSTEM_CORS_ROUTE",methods:["OPTIONS"],path:"/(.*)",systemRouteName:Bv.SystemRouteName.CorsPreflight});e.addRoute(s,i.execute)},"registerCorsRoute");Co.registerCorsRoute=Jv;var zv=o((e,t,r,n,i)=>{let s={isValid:!1,headers:{}};if(n.corsPolicy==="anything-goes")return{isValid:!0,headers:{"access-control-allow-origin":r,"access-control-allow-methods":e,"access-control-allow-headers":t??"*","access-control-expose-headers":"*","access-control-allow-credentials":"true","access-control-max-age":"600"}};if(n.corsPolicy==="none")return{...s,error:`No CORS policy set for the route '${n.pathPattern}'`};let a=i?.find(l=>l.name===n.corsPolicy);if(!a)throw new jv.ConfigurationError(`Invalid Configuration - corsPolicy '${n.corsPolicy}' not found in *.oas.json 'corsPolicies' section.`);let c=(0,of.findMatchingOrigin)(a.allowedOrigins,r);return c?{isValid:!0,headers:(0,of.generateCorsHeaders)(a,c)}:{...s,error:`The CORS policy '${a.name}' does not allow the origin '${r}'`}},"validateAndBuildResponseHeaders")});var af=g(Lo=>{"use strict";Object.defineProperty(Lo,"__esModule",{value:!0});Lo.registerNoRoutes=void 0;var Wv=Nt(),Qv=Qt(),Yv=Pr(),Zv=ot(),Xv=o((e,t)=>{let r=o(async()=>new Response("You have no routes. Add a route in routes.oas.json to get started",{status:200}),"noRoutesHandler"),n=new Wv.Pipeline({processors:[Qv.metricsProcessor],handler:r,gateway:t}),i=new Zv.SystemRouteConfiguration({label:"SYSTEM_NO_ROUTES",methods:["CONNECT","DELETE","GET","HEAD","OPTIONS","PATCH","POST","PUT","TRACE"],path:"/(.*)",systemRouteName:Yv.SystemRouteName.EmptyGatewayCatchall});e.addRoute(i,n.execute)},"registerNoRoutes");Lo.registerNoRoutes=Xv});var cf=g(Rr=>{"use strict";Object.defineProperty(Rr,"__esModule",{value:!0});Rr.registerNotMatchedHandler=Rr.notFoundRouteConfiguration=void 0;var eT=Sr(),tT=yt(),rT=Nt(),nT=se(),iT=Qt(),oT=Pr(),sT=ot();Rr.notFoundRouteConfiguration=new sT.SystemRouteConfiguration({label:"SYSTEM_NOT_FOUND_ROUTE",methods:["CONNECT","DELETE","GET","HEAD","OPTIONS","PATCH","POST","PUT","TRACE"],path:"/(.*)",systemRouteName:oT.SystemRouteName.UnmatchedPath});var aT=o((e,t)=>{let r=o(async(i,s)=>{let a=tT.runtimeExtensions.value?.notFoundHandler;if(a){let c=eT.ZuploContextExtensions.getContextExtensions(s);return a(i,s,{routesMatchedByPathOnly:c.pathOnlyMatches??[]})}return nT.HttpProblems.notFound(i,s)},"notFoundHandler"),n=new rT.Pipeline({processors:[iT.metricsProcessor],handler:r,gateway:t});e.addRoute(Rr.notFoundRouteConfiguration,n.execute)},"registerNotMatchedHandler");Rr.registerNotMatchedHandler=aT});var Gu=g(Do=>{"use strict";Object.defineProperty(Do,"__esModule",{value:!0});Do.corsProcessor=void 0;var df=D(),uf=No(),cT=["access-control-allow-origin","access-control-allow-headers","access-control-expose-headers","access-control-allow-credentials","access-control-max-age"],lf=o(e=>{cT.forEach(t=>e.delete(t))},"stripCorsHeaders"),uT=o(async(e,t,r,n)=>{let i=t.route;if(!i.corsPolicy||i.corsPolicy==="none"){let d=await n(e),p=new Headers(d.headers);return lf(p),new Response(d.body,{status:d.status,statusText:d.statusText,headers:p,webSocket:d.webSocket})}let s=await n(e);if(!(s instanceof Response))throw new df.SystemError(`The CorsProcessor is in the wrong place in the pipeline. It should only receive HttpResponse type but got '${typeof s}'`);let a=lT(i,r.routeData.corsPolicies),c=dT(e,a),u=new Headers(s.headers);return lf(u),Object.entries(c).forEach(([d,p])=>{u.set(d,p)}),new Response(s.body,{status:s.status,statusText:s.statusText,headers:u,webSocket:s.webSocket})},"corsProcessor");Do.corsProcessor=uT;var lT=o((e,t)=>{if(e.corsPolicy==="anything-goes")return{name:"anything-goes",allowedHeaders:"*",allowedOrigins:["*"],allowedMethods:e.methods.join(", "),exposeHeaders:"*",allowCredentials:"true",maxAge:"600"};let r=t?.find(n=>n.name===e.corsPolicy);if(r===void 0)throw new df.ConfigurationError(`Invalid Configuration - no corsPolicy '${e.corsPolicy}' found in *.oas.json`);return r},"getCorsPolicy"),dT=o((e,t)=>{let r=(0,uf.findMatchingOrigin)(t.allowedOrigins,e.headers.get("origin"));return r?(0,uf.generateCorsHeaders)(t,r):{}},"getCorsHeaders")});var pf=g(Uo=>{"use strict";Object.defineProperty(Uo,"__esModule",{value:!0});Uo.registerPingRoute=void 0;var pT=Nt(),hT=Gu(),fT=Pr(),mT=ot(),yT=o((e,t)=>{let r=o(async()=>new Response(null,{status:200}),"pingRouteHandler"),n=new pT.Pipeline({processors:[hT.corsProcessor],handler:r,gateway:t}),i=new mT.SystemRouteConfiguration({corsPolicy:"anything-goes",label:"SYSTEM_PING_ROUTE",methods:["GET"],path:"/__zuplo/ping",systemRouteName:fT.SystemRouteName.Ping});e.addRoute(i,n.execute)},"registerPingRoute");Uo.registerPingRoute=yT});var zr=g(st=>{"use strict";Object.defineProperty(st,"__esModule",{value:!0});st.createInternalPolicyProcessor=st.policyProcessor=st.toStackedInboundHandler=st.getInboundPolicyHandlerAndOptions=void 0;var gT=Sr(),Jr=D(),hf=He(),bT=Y();function ff(e,t){let r,n;return Array.isArray(e)?r=e:(r=e.policies?.inbound??[],n=e.path),r.map(s=>{let a=t?.find(u=>u.name===s);if(!a)throw new Jr.ConfigurationError(`Invalid state - no Policy with the name '${s}' ${n&&`on route '${n}'`} was found in the policies configuration (check case).`);let c;if(typeof a.handler?.module=="object"&&(c=a.handler?.module[a.handler.export]),typeof c!="function")throw new Jr.ConfigurationError(`Invalid state - invalid handler on policy '${s}' ${n&&`on route '${n}'`}. Expected a function, received '${typeof c}'`);return{exportName:a.handler.export,handler:c,options:a.handler.options,policyName:a.name}})}o(ff,"getInboundPolicyHandlerAndOptions");st.getInboundPolicyHandlerAndOptions=ff;function _T(e,t){return(e.policies?.outbound??[]).map(i=>{let s=t?.find(c=>c.name===i);if(!s)throw new Jr.ConfigurationError(`Invalid state - no Policy with the name '${i}' on route '${e.path}' was found in the policies configuration (check case).`);let a;if(typeof s.handler?.module=="object"&&(a=s.handler?.module[s.handler.export]),typeof a!="function")throw new Jr.ConfigurationError(`Invalid state - invalid handler on policy '${i}' on route '${e.path}'`);return{exportName:s.handler.export,handler:a,options:s.handler.options,policyName:s.name}})}o(_T,"getOutboundPolicyHandlerAndOptions");var ET=o(e=>async(t,r)=>{let n=gT.ZuploContextExtensions.getContextExtensions(r),i=[...e],s=t;for(;i.length>0;){let a=i.shift();if(!a)return s;let c=await a.handler(s,r,a.options,a.policyName);if(c instanceof hf.ZuploRequest)s=c;else if(c instanceof Request)s=new hf.ZuploRequest(c);else{if(c instanceof Response)return c;throw new Jr.ConfigurationError(`Invalid state - invalid handler on policy '${a.policyName}'${a.routeName?` on route '${a.routeName}`:""}. The result of an inbound policy must be a Response or Request.`)}n.latestRequest=s}return s},"toStackedInboundHandler");st.toStackedInboundHandler=ET;var wT=o(e=>async(t,r,n)=>{let i=[...e],s=t;for(;i.length>0;){let a=i.shift();if(!a)return s;let c=await a.handler(s,r,n,a.options,a.policyName);if(!(c instanceof Response))throw new Jr.ConfigurationError(`Invalid state - invalid handler on policy '${a.policyName}'${a.routeName?` on route '${a.routeName}`:""}. The result of an outbound policy must be a Response.`);s=c}return s},"toStackedOutboundHandler"),vT=o(async(e,t,r,n)=>{let i=ff(t.route,r.routeData.policies),s=_T(t.route,r.routeData.policies);return mf({request:e,context:t,inboundPolicies:i,outboundPolicies:s,gateway:r,next:n})},"policyProcessor");st.policyProcessor=vT;function TT({inboundPolicies:e=[],outboundPolicies:t=[]}){return o(async(n,i,s,a)=>mf({request:n,context:i,inboundPolicies:e.map(c=>({...c,exportName:"default",policyName:c.handler.name})),outboundPolicies:t.map(c=>({...c,exportName:"default",policyName:c.handler.name})),gateway:s,next:a}),"policyProcessor")}o(TT,"createInternalPolicyProcessor");st.createInternalPolicyProcessor=TT;async function mf({request:e,context:t,inboundPolicies:r,outboundPolicies:n,gateway:i,next:s}){let a=(0,st.toStackedInboundHandler)(r);try{let c=await a(e,t);if(c instanceof Response)return c;let u=await s(c),l=wT(n),d;return bT.Environment.instance.build.COMPATIBILITY_FLAGS.runOutboundPoliciesOnHandlerOnAllStatuses?d=l(u,e,t):d=u.ok?l(u,e,t):u,d}catch(c){return t.log.error(c),i.errorHandler(e,t,c)}}o(mf,"executePolicyProcessor")});var yf=g(Wr=>{"use strict";Object.defineProperty(Wr,"__esModule",{value:!0});Wr.serialize=Wr.parse=void 0;var ST=Object.prototype.toString,Mo=/^[\u0009\u0020-\u007e\u0080-\u00ff]+$/;function IT(e,t){if(typeof e!="string")throw new TypeError("argument str must be a string");let r={},i=(t||{}).decode||AT,s=0;for(;s<e.length;){let a=e.indexOf("=",s);if(a===-1)break;let c=e.indexOf(";",s);if(c===-1)c=e.length;else if(c<a){s=e.lastIndexOf(";",a-1)+1;continue}let u=e.slice(s,a).trim();if(r[u]===void 0){let l=e.slice(a+1,c).trim();l.charCodeAt(0)===34&&(l=l.slice(1,-1)),r[u]=xT(l,i)}s=c+1}return r}o(IT,"parse");Wr.parse=IT;function PT(e,t,r){let n=r||{},i=n.encode||RT;if(typeof i!="function")throw new TypeError("option encode is invalid");if(!Mo.test(e))throw new TypeError("argument name is invalid");let s=i(t);if(s&&!Mo.test(s))throw new TypeError("argument val is invalid");let a=e+"="+s;if(n.maxAge!=null){let c=n.maxAge-0;if(isNaN(c)||!isFinite(c))throw new TypeError("option maxAge is invalid");a+="; Max-Age="+Math.floor(c)}if(n.domain){if(!Mo.test(n.domain))throw new TypeError("option domain is invalid");a+="; Domain="+n.domain}if(n.path){if(!Mo.test(n.path))throw new TypeError("option path is invalid");a+="; Path="+n.path}if(n.expires){let c=n.expires;if(!OT(c)||isNaN(c.valueOf()))throw new TypeError("option expires is invalid");a+="; Expires="+c.toUTCString()}if(n.httpOnly&&(a+="; HttpOnly"),n.secure&&(a+="; Secure"),n.priority)switch(typeof n.priority=="string"?n.priority.toLowerCase():n.priority){case"low":a+="; Priority=Low";break;case"medium":a+="; Priority=Medium";break;case"high":a+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}if(n.sameSite)switch(typeof n.sameSite=="string"?n.sameSite.toLowerCase():n.sameSite){case!0:a+="; SameSite=Strict";break;case"lax":a+="; SameSite=Lax";break;case"strict":a+="; SameSite=Strict";break;case"none":a+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}return a}o(PT,"serialize");Wr.serialize=PT;function AT(e){return e.indexOf("%")!==-1?decodeURIComponent(e):e}o(AT,"decode");function RT(e){return encodeURIComponent(e)}o(RT,"encode");function OT(e){return ST.call(e)==="[object Date]"||e instanceof Date}o(OT,"isDate");function xT(e,t){try{return t(e)}catch{return e}}o(xT,"tryDecode")});var gf=g(ko=>{"use strict";Object.defineProperty(ko,"__esModule",{value:!0});ko.devPortalBaseURL=void 0;var NT=yf();function CT(e,t){try{let r=/v\d+(-\d+)?/g,i=(0,NT.parse)(t.get("Cookie")||"")["zp-dev-portal"];return i!==null&&i&&r.test(i)?`https://dev-portal-${i}.zuplo.com`:e}catch{}return e}o(CT,"devPortalBaseURL");ko.devPortalBaseURL=CT});var vf=g(Qr=>{"use strict";Object.defineProperty(Qr,"__esModule",{value:!0});Qr.registerDevPortalLegacyRedirectRoute=Qr.registerDevPortalV3Route=void 0;var Bu=Ct(),_f=Nt(),Ef=Qt(),LT=zr(),wf=ot(),DT=gf(),Xt=Y(),bf="/__zuplo/dev-portal",UT="dev-portal-id",MT="dev-portal-host",kT="zp-account",HT="zp-project",FT="dev-portal-build",qT=`
36
36
  <!DOCTYPE html>
37
37
  <html lang="en">
38
38
  <head>
@@ -51,17 +51,17 @@
51
51
  `)}o(XT,"cleanStack");er.cleanStack=XT});var Rf=g(tl=>{"use strict";Object.defineProperty(tl,"__esModule",{value:!0});var el=Lt();function eS(e,t,r=""){let n=[],i=t?.maxDepth??3;return o(function s(a,c={},u,l){let d=c.indent||" ",p;c.inlineCharacterLimit===void 0?p={newline:`
52
52
  `,newlineOrSpace:`
53
53
  `,pad:u,indent:u+d}:p={newline:"@@__STRINGIFY_OBJECT_NEW_LINE__@@",newlineOrSpace:"@@__STRINGIFY_OBJECT_NEW_LINE_OR_SPACE__@@",pad:"@@__STRINGIFY_OBJECT_PAD__@@",indent:"@@__STRINGIFY_OBJECT_INDENT__@@"};let m=o(h=>{if(c.inlineCharacterLimit===void 0)return h;let y=h.replace(new RegExp(p.newline,"g"),"").replace(new RegExp(p.newlineOrSpace,"g")," ").replace(new RegExp(p.pad+"|"+p.indent,"g"),"");return y.length<=c.inlineCharacterLimit?y:h.replace(new RegExp(p.newline+"|"+p.newlineOrSpace,"g"),`
54
- `).replace(new RegExp(p.pad,"g"),u).replace(new RegExp(p.indent,"g"),u+d)},"expandWhiteSpace");if(n.includes(a))return'"[Circular]"';if(a==null||typeof a=="number"||typeof a=="boolean"||typeof a=="function"||typeof a=="symbol"||(0,el.isRegexp)(a))return String(a);if(a instanceof Date)return`new Date('${a.toISOString()}')`;if(l>i)return"...";if(Array.isArray(a)){if(a.length===0)return"[]";n.push(a);let h="["+p.newline+a.map((y,w)=>{let T=a.length-1===w?p.newline:","+p.newlineOrSpace,S=s(y,c,u+d,l+1);return c.transform&&(S=c.transform(a,w,S)),p.indent+S+T}).join("")+p.pad+"]";return n.pop(),m(h)}if((0,el.isObject)(a)){let h=(0,el.getOwnEnumerableKeys)(a);if(c.filter&&(h=h.filter(w=>c.filter?.(a,w))),h.length===0)return"{}";n.push(a);let y="{"+p.newline+h.map((w,T)=>{let S=h.length-1===T?p.newline:","+p.newlineOrSpace,D=typeof w=="symbol",F=!D&&/^[a-z$_][$\w]*$/i.test(w),N=D||F?w:s(w,c,"",l+1),re=s(a[w],c,u+d,l+1);return c.transform&&(re=c.transform(a,w,re)),p.indent+String(N)+": "+re+S}).join("")+p.pad+"}";return n.pop(),m(y)}return a=a.replace(/\\/g,"\\\\"),a=String(a).replace(/[\r\n]/g,h=>h===`
54
+ `).replace(new RegExp(p.pad,"g"),u).replace(new RegExp(p.indent,"g"),u+d)},"expandWhiteSpace");if(n.includes(a))return'"[Circular]"';if(a==null||typeof a=="number"||typeof a=="boolean"||typeof a=="function"||typeof a=="symbol"||(0,el.isRegexp)(a))return String(a);if(a instanceof Date)return`new Date('${a.toISOString()}')`;if(l>i)return"...";if(Array.isArray(a)){if(a.length===0)return"[]";n.push(a);let h="["+p.newline+a.map((y,w)=>{let T=a.length-1===w?p.newline:","+p.newlineOrSpace,S=s(y,c,u+d,l+1);return c.transform&&(S=c.transform(a,w,S)),p.indent+S+T}).join("")+p.pad+"]";return n.pop(),m(h)}if((0,el.isObject)(a)){let h=(0,el.getOwnEnumerableKeys)(a);if(c.filter&&(h=h.filter(w=>c.filter?.(a,w))),h.length===0)return"{}";n.push(a);let y="{"+p.newline+h.map((w,T)=>{let S=h.length-1===T?p.newline:","+p.newlineOrSpace,L=typeof w=="symbol",F=!L&&/^[a-z$_][$\w]*$/i.test(w),N=L||F?w:s(w,c,"",l+1),re=s(a[w],c,u+d,l+1);return c.transform&&(re=c.transform(a,w,re)),p.indent+String(N)+": "+re+S}).join("")+p.pad+"}";return n.pop(),m(y)}return a=a.replace(/\\/g,"\\\\"),a=String(a).replace(/[\r\n]/g,h=>h===`
55
55
  `?"\\n":"\\r"),c.singleQuotes===!1?(a=a.replace(/"/g,'\\"'),`"${a}"`):(a=a.replace(/'/g,"\\'"),`'${a}'`)},"stringify")(e,t,r,0)}o(eS,"stringifyObject");tl.default=eS});var bt=g(Fe=>{"use strict";var tS=Fe&&Fe.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(Fe,"__esModule",{value:!0});Fe.stringifyNonStringToText=Fe.stringifyNonString=Fe.messagesToMultilineText=Fe.extractBestMessage=Fe.makeErrorsSerializable=void 0;var rl=Or(),Of=tS(Rf()),xf=Lt();function rS(e){return e.map(t=>(0,rl.serializeError)(t))}o(rS,"makeErrorsSerializable");Fe.makeErrorsSerializable=rS;function nS(e){if(e.length===0)return"<no data provided to log>";let t=e[0];return typeof t=="string"?t:t instanceof Error?t.message:Nf((0,rl.serializeError)(t))}o(nS,"extractBestMessage");Fe.extractBestMessage=nS;function iS(e){let t=[];return e.forEach(r=>{if(typeof r=="string")t.push(r);else if((0,xf.isErrorLike)(r))if(r.stack)t.push(r.stack);else{let n=(0,Of.default)((0,rl.serializeError)(r));t.push(n)}else if(typeof r=="object"){let n=(0,Of.default)(r);t.push(n)}else{let n=Cf(r);t.push(n)}}),t.join(`
56
56
  `)}o(iS,"messagesToMultilineText");Fe.messagesToMultilineText=iS;function Nf(e){return typeof e=="string"?e:JSON.stringify(e)}o(Nf,"stringifyNonString");Fe.stringifyNonString=Nf;function Cf(e){return typeof e=="string"?e:e===null?"null":typeof e>"u"?"undefined":typeof e=="number"||typeof e=="boolean"||typeof e=="bigint"||typeof e=="symbol"?e.toString():typeof e=="function"?`[function ${e.name}]`:typeof e=="object"&&Array.isArray(e)?`[array ${e.length}]`:e instanceof Error?`${e.name??"Error"}: ${e.message??"unknown"}`:typeof e=="object"?(0,xf.toString)(e):"unknown"}o(Cf,"stringifyNonStringToText");Fe.stringifyNonStringToText=Cf});var U,ae,Te=I(()=>{U=crypto,ae=o(e=>e instanceof CryptoKey,"isCryptoKey")});var oS,jo,nl=I(()=>{Te();oS=o(async(e,t)=>{let r=`SHA-${e.slice(-3)}`;return new Uint8Array(await U.subtle.digest(r,t))},"digest"),jo=oS});function Se(...e){let t=e.reduce((i,{length:s})=>i+s,0),r=new Uint8Array(t),n=0;return e.forEach(i=>{r.set(i,n),n+=i.length}),r}function Lf(e,t){return Se(Z.encode(e),new Uint8Array([0]),t)}function il(e,t,r){if(t<0||t>=Vo)throw new RangeError(`value must be >= 0 and <= ${Vo-1}. Received ${t}`);e.set([t>>>24,t>>>16,t>>>8,t&255],r)}function Go(e){let t=Math.floor(e/Vo),r=e%Vo,n=new Uint8Array(8);return il(n,t,0),il(n,r,4),n}function Bo(e){let t=new Uint8Array(4);return il(t,e),t}function Ko(e){return Se(Bo(e.length),e)}async function Df(e,t,r){let n=Math.ceil((t>>3)/32),i=new Uint8Array(n*32);for(let s=0;s<n;s++){let a=new Uint8Array(4+e.length+r.length);a.set(Bo(s+1)),a.set(e,4),a.set(r,4+e.length),i.set(await jo("sha256",a),s*32)}return i.slice(0,t>>3)}var Z,ue,Vo,ge=I(()=>{nl();Z=new TextEncoder,ue=new TextDecoder,Vo=2**32;o(Se,"concat");o(Lf,"p2s");o(il,"writeUInt32BE");o(Go,"uint64be");o(Bo,"uint32be");o(Ko,"lengthAndInput");o(Df,"concatKdf")});var Jo,X,ol,te,Ie=I(()=>{ge();Jo=o(e=>{let t=e;typeof t=="string"&&(t=Z.encode(t));let r=32768,n=[];for(let i=0;i<t.length;i+=r)n.push(String.fromCharCode.apply(null,t.subarray(i,i+r)));return btoa(n.join(""))},"encodeBase64"),X=o(e=>Jo(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"),"encode"),ol=o(e=>{let t=atob(e),r=new Uint8Array(t.length);for(let n=0;n<t.length;n++)r[n]=t.charCodeAt(n);return r},"decodeBase64"),te=o(e=>{let t=e;t instanceof Uint8Array&&(t=ue.decode(t)),t=t.replace(/-/g,"+").replace(/_/g,"/").replace(/\s/g,"");try{return ol(t)}catch{throw new TypeError("The input to be decoded is not correctly encoded.")}},"decode")});var sl={};Yi(sl,{JOSEAlgNotAllowed:()=>tr,JOSEError:()=>he,JOSENotSupported:()=>k,JWEDecryptionFailed:()=>Ut,JWEInvalid:()=>A,JWKInvalid:()=>ni,JWKSInvalid:()=>rr,JWKSMultipleMatchingKeys:()=>ii,JWKSNoMatchingKey:()=>xr,JWKSTimeout:()=>oi,JWSInvalid:()=>z,JWSSignatureVerificationFailed:()=>Nr,JWTClaimValidationFailed:()=>be,JWTExpired:()=>Zr,JWTInvalid:()=>le});var he,be,Zr,tr,k,Ut,A,z,le,ni,rr,xr,ii,oi,Nr,V=I(()=>{he=class extends Error{static{o(this,"JOSEError")}static get code(){return"ERR_JOSE_GENERIC"}constructor(t){var r;super(t),this.code="ERR_JOSE_GENERIC",this.name=this.constructor.name,(r=Error.captureStackTrace)===null||r===void 0||r.call(Error,this,this.constructor)}},be=class extends he{static{o(this,"JWTClaimValidationFailed")}static get code(){return"ERR_JWT_CLAIM_VALIDATION_FAILED"}constructor(t,r="unspecified",n="unspecified"){super(t),this.code="ERR_JWT_CLAIM_VALIDATION_FAILED",this.claim=r,this.reason=n}},Zr=class extends he{static{o(this,"JWTExpired")}static get code(){return"ERR_JWT_EXPIRED"}constructor(t,r="unspecified",n="unspecified"){super(t),this.code="ERR_JWT_EXPIRED",this.claim=r,this.reason=n}},tr=class extends he{static{o(this,"JOSEAlgNotAllowed")}constructor(){super(...arguments),this.code="ERR_JOSE_ALG_NOT_ALLOWED"}static get code(){return"ERR_JOSE_ALG_NOT_ALLOWED"}},k=class extends he{static{o(this,"JOSENotSupported")}constructor(){super(...arguments),this.code="ERR_JOSE_NOT_SUPPORTED"}static get code(){return"ERR_JOSE_NOT_SUPPORTED"}},Ut=class extends he{static{o(this,"JWEDecryptionFailed")}constructor(){super(...arguments),this.code="ERR_JWE_DECRYPTION_FAILED",this.message="decryption operation failed"}static get code(){return"ERR_JWE_DECRYPTION_FAILED"}},A=class extends he{static{o(this,"JWEInvalid")}constructor(){super(...arguments),this.code="ERR_JWE_INVALID"}static get code(){return"ERR_JWE_INVALID"}},z=class extends he{static{o(this,"JWSInvalid")}constructor(){super(...arguments),this.code="ERR_JWS_INVALID"}static get code(){return"ERR_JWS_INVALID"}},le=class extends he{static{o(this,"JWTInvalid")}constructor(){super(...arguments),this.code="ERR_JWT_INVALID"}static get code(){return"ERR_JWT_INVALID"}},ni=class extends he{static{o(this,"JWKInvalid")}constructor(){super(...arguments),this.code="ERR_JWK_INVALID"}static get code(){return"ERR_JWK_INVALID"}},rr=class extends he{static{o(this,"JWKSInvalid")}constructor(){super(...arguments),this.code="ERR_JWKS_INVALID"}static get code(){return"ERR_JWKS_INVALID"}},xr=class extends he{static{o(this,"JWKSNoMatchingKey")}constructor(){super(...arguments),this.code="ERR_JWKS_NO_MATCHING_KEY",this.message="no applicable key found in the JSON Web Key Set"}static get code(){return"ERR_JWKS_NO_MATCHING_KEY"}},ii=class extends he{static{o(this,"JWKSMultipleMatchingKeys")}constructor(){super(...arguments),this.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS",this.message="multiple matching keys found in the JSON Web Key Set"}static get code(){return"ERR_JWKS_MULTIPLE_MATCHING_KEYS"}},oi=class extends he{static{o(this,"JWKSTimeout")}constructor(){super(...arguments),this.code="ERR_JWKS_TIMEOUT",this.message="request timed out"}static get code(){return"ERR_JWKS_TIMEOUT"}},Nr=class extends he{static{o(this,"JWSSignatureVerificationFailed")}constructor(){super(...arguments),this.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED",this.message="signature verification failed"}static get code(){return"ERR_JWS_SIGNATURE_VERIFICATION_FAILED"}}});var nr,si=I(()=>{Te();nr=U.getRandomValues.bind(U)});function al(e){switch(e){case"A128GCM":case"A128GCMKW":case"A192GCM":case"A192GCMKW":case"A256GCM":case"A256GCMKW":return 96;case"A128CBC-HS256":case"A192CBC-HS384":case"A256CBC-HS512":return 128;default:throw new k(`Unsupported JWE Algorithm: ${e}`)}}var zo,Wo=I(()=>{V();si();o(al,"bitLength");zo=o(e=>nr(new Uint8Array(al(e)>>3)),"default")});var sS,Qo,cl=I(()=>{V();Wo();sS=o((e,t)=>{if(t.length<<3!==al(e))throw new A("Invalid Initialization Vector length")},"checkIvLength"),Qo=sS});var aS,Xr,ul=I(()=>{V();aS=o((e,t)=>{let r=e.byteLength<<3;if(r!==t)throw new A(`Invalid Content Encryption Key length. Expected ${t} bits, got ${r} bits`)},"checkCekLength"),Xr=aS});var cS,Mf,kf=I(()=>{cS=o((e,t)=>{if(!(e instanceof Uint8Array))throw new TypeError("First argument must be a buffer");if(!(t instanceof Uint8Array))throw new TypeError("Second argument must be a buffer");if(e.length!==t.length)throw new TypeError("Input buffers must have the same length");let r=e.length,n=0,i=-1;for(;++i<r;)n|=e[i]^t[i];return n===0},"timingSafeEqual"),Mf=cS});function Pe(e,t="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`)}function ir(e,t){return e.name===t}function Yo(e){return parseInt(e.name.slice(4),10)}function uS(e){switch(e){case"ES256":return"P-256";case"ES384":return"P-384";case"ES512":return"P-521";default:throw new Error("unreachable")}}function Hf(e,t){if(t.length&&!t.some(r=>e.usages.includes(r))){let r="CryptoKey does not support this operation, its usages must include ";if(t.length>2){let n=t.pop();r+=`one of ${t.join(", ")}, or ${n}.`}else t.length===2?r+=`one of ${t[0]} or ${t[1]}.`:r+=`${t[0]}.`;throw new TypeError(r)}}function Ff(e,t,...r){switch(t){case"HS256":case"HS384":case"HS512":{if(!ir(e.algorithm,"HMAC"))throw Pe("HMAC");let n=parseInt(t.slice(2),10);if(Yo(e.algorithm.hash)!==n)throw Pe(`SHA-${n}`,"algorithm.hash");break}case"RS256":case"RS384":case"RS512":{if(!ir(e.algorithm,"RSASSA-PKCS1-v1_5"))throw Pe("RSASSA-PKCS1-v1_5");let n=parseInt(t.slice(2),10);if(Yo(e.algorithm.hash)!==n)throw Pe(`SHA-${n}`,"algorithm.hash");break}case"PS256":case"PS384":case"PS512":{if(!ir(e.algorithm,"RSA-PSS"))throw Pe("RSA-PSS");let n=parseInt(t.slice(2),10);if(Yo(e.algorithm.hash)!==n)throw Pe(`SHA-${n}`,"algorithm.hash");break}case"EdDSA":{if(e.algorithm.name!=="Ed25519"&&e.algorithm.name!=="Ed448")throw Pe("Ed25519 or Ed448");break}case"ES256":case"ES384":case"ES512":{if(!ir(e.algorithm,"ECDSA"))throw Pe("ECDSA");let n=uS(t);if(e.algorithm.namedCurve!==n)throw Pe(n,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}Hf(e,r)}function qe(e,t,...r){switch(t){case"A128GCM":case"A192GCM":case"A256GCM":{if(!ir(e.algorithm,"AES-GCM"))throw Pe("AES-GCM");let n=parseInt(t.slice(1,4),10);if(e.algorithm.length!==n)throw Pe(n,"algorithm.length");break}case"A128KW":case"A192KW":case"A256KW":{if(!ir(e.algorithm,"AES-KW"))throw Pe("AES-KW");let n=parseInt(t.slice(1,4),10);if(e.algorithm.length!==n)throw Pe(n,"algorithm.length");break}case"ECDH":{switch(e.algorithm.name){case"ECDH":case"X25519":case"X448":break;default:throw Pe("ECDH, X25519, or X448")}break}case"PBES2-HS256+A128KW":case"PBES2-HS384+A192KW":case"PBES2-HS512+A256KW":if(!ir(e.algorithm,"PBKDF2"))throw Pe("PBKDF2");break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":{if(!ir(e.algorithm,"RSA-OAEP"))throw Pe("RSA-OAEP");let n=parseInt(t.slice(9),10)||1;if(Yo(e.algorithm.hash)!==n)throw Pe(`SHA-${n}`,"algorithm.hash");break}default:throw new TypeError("CryptoKey does not support this operation")}Hf(e,r)}var or=I(()=>{o(Pe,"unusable");o(ir,"isAlgorithm");o(Yo,"getHashLength");o(uS,"getNamedCurve");o(Hf,"checkUsage");o(Ff,"checkSigCryptoKey");o(qe,"checkEncCryptoKey")});function qf(e,t,...r){if(r.length>2){let n=r.pop();e+=`one of type ${r.join(", ")}, or ${n}.`}else r.length===2?e+=`one of type ${r[0]} or ${r[1]}.`:e+=`of type ${r[0]}.`;return t==null?e+=` Received ${t}`:typeof t=="function"&&t.name?e+=` Received function ${t.name}`:typeof t=="object"&&t!=null&&t.constructor&&t.constructor.name&&(e+=` Received an instance of ${t.constructor.name}`),e}function ll(e,t,...r){return qf(`Key for the ${e} algorithm must be `,t,...r)}var ie,at=I(()=>{o(qf,"message");ie=o((e,...t)=>qf("Key must be ",e,...t),"default");o(ll,"withAlg")});var dl,W,ct=I(()=>{Te();dl=o(e=>ae(e),"default"),W=["CryptoKey"]});async function lS(e,t,r,n,i,s){if(!(t instanceof Uint8Array))throw new TypeError(ie(t,"Uint8Array"));let a=parseInt(e.slice(1,4),10),c=await U.subtle.importKey("raw",t.subarray(a>>3),"AES-CBC",!1,["decrypt"]),u=await U.subtle.importKey("raw",t.subarray(0,a>>3),{hash:`SHA-${a<<1}`,name:"HMAC"},!1,["sign"]),l=Se(s,n,r,Go(s.length<<3)),d=new Uint8Array((await U.subtle.sign("HMAC",u,l)).slice(0,a>>3)),p;try{p=Mf(i,d)}catch{}if(!p)throw new Ut;let m;try{m=new Uint8Array(await U.subtle.decrypt({iv:n,name:"AES-CBC"},c,r))}catch{}if(!m)throw new Ut;return m}async function dS(e,t,r,n,i,s){let a;t instanceof Uint8Array?a=await U.subtle.importKey("raw",t,"AES-GCM",!1,["decrypt"]):(qe(t,e,"decrypt"),a=t);try{return new Uint8Array(await U.subtle.decrypt({additionalData:s,iv:n,name:"AES-GCM",tagLength:128},a,Se(r,i)))}catch{throw new Ut}}var pS,Zo,pl=I(()=>{ge();cl();ul();kf();V();Te();or();at();ct();o(lS,"cbcDecrypt");o(dS,"gcmDecrypt");pS=o(async(e,t,r,n,i,s)=>{if(!ae(t)&&!(t instanceof Uint8Array))throw new TypeError(ie(t,...W,"Uint8Array"));switch(Qo(e,n),e){case"A128CBC-HS256":case"A192CBC-HS384":case"A256CBC-HS512":return t instanceof Uint8Array&&Xr(t,parseInt(e.slice(-3),10)),lS(e,t,r,n,i,s);case"A128GCM":case"A192GCM":case"A256GCM":return t instanceof Uint8Array&&Xr(t,parseInt(e.slice(1,4),10)),dS(e,t,r,n,i,s);default:throw new k("Unsupported JWE Content Encryption Algorithm")}},"decrypt"),Zo=pS});var $f,jf,hl=I(()=>{V();$f=o(async()=>{throw new k('JWE "zip" (Compression Algorithm) Header Parameter is not supported by your javascript runtime. You need to use the `inflateRaw` decrypt option to provide Inflate Raw implementation.')},"inflate"),jf=o(async()=>{throw new k('JWE "zip" (Compression Algorithm) Header Parameter is not supported by your javascript runtime. You need to use the `deflateRaw` encrypt option to provide Deflate Raw implementation.')},"deflate")});var hS,_t,en=I(()=>{hS=o((...e)=>{let t=e.filter(Boolean);if(t.length===0||t.length===1)return!0;let r;for(let n of t){let i=Object.keys(n);if(!r||r.size===0){r=new Set(i);continue}for(let s of i){if(r.has(s))return!1;r.add(s)}}return!0},"isDisjoint"),_t=hS});function fS(e){return typeof e=="object"&&e!==null}function Q(e){if(!fS(e)||Object.prototype.toString.call(e)!=="[object Object]")return!1;if(Object.getPrototypeOf(e)===null)return!0;let t=e;for(;Object.getPrototypeOf(t)!==null;)t=Object.getPrototypeOf(t);return Object.getPrototypeOf(e)===t}var $e=I(()=>{o(fS,"isObjectLike");o(Q,"isObject")});var mS,tn,fl=I(()=>{mS=[{hash:"SHA-256",name:"HMAC"},!0,["sign"]],tn=mS});function Vf(e,t){if(e.algorithm.length!==parseInt(t.slice(1,4),10))throw new TypeError(`Invalid key size for alg: ${t}`)}function Gf(e,t,r){if(ae(e))return qe(e,t,r),e;if(e instanceof Uint8Array)return U.subtle.importKey("raw",e,"AES-KW",!0,[r]);throw new TypeError(ie(e,...W,"Uint8Array"))}var ai,ci,Xo=I(()=>{fl();Te();or();at();ct();o(Vf,"checkKeySize");o(Gf,"getCryptoKey");ai=o(async(e,t,r)=>{let n=await Gf(t,e,"wrapKey");Vf(n,e);let i=await U.subtle.importKey("raw",r,...tn);return new Uint8Array(await U.subtle.wrapKey("raw",i,n,"AES-KW"))},"wrap"),ci=o(async(e,t,r)=>{let n=await Gf(t,e,"unwrapKey");Vf(n,e);let i=await U.subtle.unwrapKey("raw",r,n,"AES-KW",...tn);return new Uint8Array(await U.subtle.exportKey("raw",i))},"unwrap")});async function es(e,t,r,n,i=new Uint8Array(0),s=new Uint8Array(0)){if(!ae(e))throw new TypeError(ie(e,...W));if(qe(e,"ECDH"),!ae(t))throw new TypeError(ie(t,...W));qe(t,"ECDH","deriveBits");let a=Se(Ko(Z.encode(r)),Ko(i),Ko(s),Bo(n)),c;e.algorithm.name==="X25519"?c=256:e.algorithm.name==="X448"?c=448:c=Math.ceil(parseInt(e.algorithm.namedCurve.substr(-3),10)/8)<<3;let u=new Uint8Array(await U.subtle.deriveBits({name:e.algorithm.name,public:e},t,c));return Df(u,n,a)}async function Bf(e){if(!ae(e))throw new TypeError(ie(e,...W));return U.subtle.generateKey(e.algorithm,!0,["deriveBits"])}function ts(e){if(!ae(e))throw new TypeError(ie(e,...W));return["P-256","P-384","P-521"].includes(e.algorithm.namedCurve)||e.algorithm.name==="X25519"||e.algorithm.name==="X448"}var ml=I(()=>{ge();Te();or();at();ct();o(es,"deriveKey");o(Bf,"generateEpk");o(ts,"ecdhAllowed")});function yl(e){if(!(e instanceof Uint8Array)||e.length<8)throw new A("PBES2 Salt Input must be 8 or more octets")}var Jf=I(()=>{V();o(yl,"checkP2s")});function yS(e,t){if(e instanceof Uint8Array)return U.subtle.importKey("raw",e,"PBKDF2",!1,["deriveBits"]);if(ae(e))return qe(e,t,"deriveBits","deriveKey"),e;throw new TypeError(ie(e,...W,"Uint8Array"))}async function zf(e,t,r,n){yl(e);let i=Lf(t,e),s=parseInt(t.slice(13,16),10),a={hash:`SHA-${t.slice(8,11)}`,iterations:r,name:"PBKDF2",salt:i},c={length:s,name:"AES-KW"},u=await yS(n,t);if(u.usages.includes("deriveBits"))return new Uint8Array(await U.subtle.deriveBits(a,u,s));if(u.usages.includes("deriveKey"))return U.subtle.deriveKey(a,u,c,!1,["wrapKey","unwrapKey"]);throw new TypeError('PBKDF2 key "usages" must include "deriveBits" or "deriveKey"')}var Wf,Qf,gl=I(()=>{si();ge();Ie();Xo();Jf();Te();or();at();ct();o(yS,"getCryptoKey");o(zf,"deriveKey");Wf=o(async(e,t,r,n=2048,i=nr(new Uint8Array(16)))=>{let s=await zf(i,e,n,t);return{encryptedKey:await ai(e.slice(-6),s,r),p2c:n,p2s:X(i)}},"encrypt"),Qf=o(async(e,t,r,n,i)=>{let s=await zf(i,e,n,t);return ci(e.slice(-6),s,r)},"decrypt")});function rn(e){switch(e){case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":return"RSA-OAEP";default:throw new k(`alg ${e} is not supported either by JOSE or your javascript runtime`)}}var Yf=I(()=>{V();o(rn,"subtleRsaEs")});var Cr,rs=I(()=>{Cr=o((e,t)=>{if(e.startsWith("RS")||e.startsWith("PS")){let{modulusLength:r}=t.algorithm;if(typeof r!="number"||r<2048)throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`)}},"default")});var Zf,Xf,bl=I(()=>{Yf();fl();Te();or();rs();at();ct();Zf=o(async(e,t,r)=>{if(!ae(t))throw new TypeError(ie(t,...W));if(qe(t,e,"encrypt","wrapKey"),Cr(e,t),t.usages.includes("encrypt"))return new Uint8Array(await U.subtle.encrypt(rn(e),t,r));if(t.usages.includes("wrapKey")){let n=await U.subtle.importKey("raw",r,...tn);return new Uint8Array(await U.subtle.wrapKey("raw",n,t,rn(e)))}throw new TypeError('RSA-OAEP key "usages" must include "encrypt" or "wrapKey" for this operation')},"encrypt"),Xf=o(async(e,t,r)=>{if(!ae(t))throw new TypeError(ie(t,...W));if(qe(t,e,"decrypt","unwrapKey"),Cr(e,t),t.usages.includes("decrypt"))return new Uint8Array(await U.subtle.decrypt(rn(e),t,r));if(t.usages.includes("unwrapKey")){let n=await U.subtle.unwrapKey("raw",r,t,rn(e),...tn);return new Uint8Array(await U.subtle.exportKey("raw",n))}throw new TypeError('RSA-OAEP key "usages" must include "decrypt" or "unwrapKey" for this operation')},"decrypt")});function ui(e){switch(e){case"A128GCM":return 128;case"A192GCM":return 192;case"A256GCM":case"A128CBC-HS256":return 256;case"A192CBC-HS384":return 384;case"A256CBC-HS512":return 512;default:throw new k(`Unsupported JWE Algorithm: ${e}`)}}var Et,li=I(()=>{V();si();o(ui,"bitLength");Et=o(e=>nr(new Uint8Array(ui(e)>>3)),"default")});var _l,em=I(()=>{_l=o((e,t)=>{let r=(e.match(/.{1,64}/g)||[]).join(`
57
57
  `);return`-----BEGIN ${t}-----
58
58
  ${r}
59
- -----END ${t}-----`},"default")});function rm(e){let t=[],r=0;for(;r<e.length;){let n=cm(e.subarray(r));t.push(n),r+=n.byteLength}return t}function cm(e){let t=0,r=e[0]&31;if(t++,r===31){for(r=0;e[t]>=128;)r=r*128+e[t]-128,t++;r=r*128+e[t]-128,t++}let n=0;if(e[t]<128)n=e[t],t++;else if(n===128){for(n=0;e[t+n]!==0||e[t+n+1]!==0;){if(n>e.byteLength)throw new TypeError("invalid indefinite form length");n++}let s=t+n+2;return{byteLength:s,contents:e.subarray(t,t+n),raw:e.subarray(0,s)}}else{let s=e[t]&127;t++,n=0;for(let a=0;a<s;a++)n=n*256+e[t],t++}let i=t+n;return{byteLength:i,contents:e.subarray(t,i),raw:e.subarray(0,i)}}function gS(e){let t=rm(rm(cm(e).contents)[0].contents);return Jo(t[t[0].raw[0]===160?6:5].raw)}function bS(e){let t=e.replace(/(?:-----(?:BEGIN|END) CERTIFICATE-----|\s)/g,""),r=ol(t);return _l(gS(r),"PUBLIC KEY")}var nm,im,om,sr,tm,sm,am,El,um,ns=I(()=>{Te();at();Ie();em();V();ct();nm=o(async(e,t,r)=>{if(!ae(r))throw new TypeError(ie(r,...W));if(!r.extractable)throw new TypeError("CryptoKey is not extractable");if(r.type!==e)throw new TypeError(`key is not a ${e} key`);return _l(Jo(new Uint8Array(await U.subtle.exportKey(t,r))),`${e.toUpperCase()} KEY`)},"genericExport"),im=o(e=>nm("public","spki",e),"toSPKI"),om=o(e=>nm("private","pkcs8",e),"toPKCS8"),sr=o((e,t,r=0)=>{r===0&&(t.unshift(t.length),t.unshift(6));let n=e.indexOf(t[0],r);if(n===-1)return!1;let i=e.subarray(n,n+t.length);return i.length!==t.length?!1:i.every((s,a)=>s===t[a])||sr(e,t,n+1)},"findOid"),tm=o(e=>{switch(!0){case sr(e,[42,134,72,206,61,3,1,7]):return"P-256";case sr(e,[43,129,4,0,34]):return"P-384";case sr(e,[43,129,4,0,35]):return"P-521";case sr(e,[43,101,110]):return"X25519";case sr(e,[43,101,111]):return"X448";case sr(e,[43,101,112]):return"Ed25519";case sr(e,[43,101,113]):return"Ed448";default:throw new k("Invalid or unsupported EC Key Curve or OKP Key Sub Type")}},"getNamedCurve"),sm=o(async(e,t,r,n,i)=>{var s;let a,c,u=new Uint8Array(atob(r.replace(e,"")).split("").map(d=>d.charCodeAt(0))),l=t==="spki";switch(n){case"PS256":case"PS384":case"PS512":a={name:"RSA-PSS",hash:`SHA-${n.slice(-3)}`},c=l?["verify"]:["sign"];break;case"RS256":case"RS384":case"RS512":a={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${n.slice(-3)}`},c=l?["verify"]:["sign"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":a={name:"RSA-OAEP",hash:`SHA-${parseInt(n.slice(-3),10)||1}`},c=l?["encrypt","wrapKey"]:["decrypt","unwrapKey"];break;case"ES256":a={name:"ECDSA",namedCurve:"P-256"},c=l?["verify"]:["sign"];break;case"ES384":a={name:"ECDSA",namedCurve:"P-384"},c=l?["verify"]:["sign"];break;case"ES512":a={name:"ECDSA",namedCurve:"P-521"},c=l?["verify"]:["sign"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{let d=tm(u);a=d.startsWith("P-")?{name:"ECDH",namedCurve:d}:{name:d},c=l?[]:["deriveBits"];break}case"EdDSA":a={name:tm(u)},c=l?["verify"]:["sign"];break;default:throw new k('Invalid or unsupported "alg" (Algorithm) value')}return U.subtle.importKey(t,u,a,(s=i?.extractable)!==null&&s!==void 0?s:!1,c)},"genericImport"),am=o((e,t,r)=>sm(/(?:-----(?:BEGIN|END) PRIVATE KEY-----|\s)/g,"pkcs8",e,t,r),"fromPKCS8"),El=o((e,t,r)=>sm(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g,"spki",e,t,r),"fromSPKI");o(rm,"getElement");o(cm,"parseElement");o(gS,"spkiFromX509");o(bS,"getSPKI");um=o((e,t,r)=>{let n;try{n=bS(e)}catch(i){throw new TypeError("failed to parse the X.509 certificate",{cause:i})}return El(n,t,r)},"fromX509")});function _S(e){let t,r;switch(e.kty){case"oct":{switch(e.alg){case"HS256":case"HS384":case"HS512":t={name:"HMAC",hash:`SHA-${e.alg.slice(-3)}`},r=["sign","verify"];break;case"A128CBC-HS256":case"A192CBC-HS384":case"A256CBC-HS512":throw new k(`${e.alg} keys cannot be imported as CryptoKey instances`);case"A128GCM":case"A192GCM":case"A256GCM":case"A128GCMKW":case"A192GCMKW":case"A256GCMKW":t={name:"AES-GCM"},r=["encrypt","decrypt"];break;case"A128KW":case"A192KW":case"A256KW":t={name:"AES-KW"},r=["wrapKey","unwrapKey"];break;case"PBES2-HS256+A128KW":case"PBES2-HS384+A192KW":case"PBES2-HS512+A256KW":t={name:"PBKDF2"},r=["deriveBits"];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case"RSA":{switch(e.alg){case"PS256":case"PS384":case"PS512":t={name:"RSA-PSS",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RS256":case"RS384":case"RS512":t={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":t={name:"RSA-OAEP",hash:`SHA-${parseInt(e.alg.slice(-3),10)||1}`},r=e.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case"EC":{switch(e.alg){case"ES256":t={name:"ECDSA",namedCurve:"P-256"},r=e.d?["sign"]:["verify"];break;case"ES384":t={name:"ECDSA",namedCurve:"P-384"},r=e.d?["sign"]:["verify"];break;case"ES512":t={name:"ECDSA",namedCurve:"P-521"},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:"ECDH",namedCurve:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case"OKP":{switch(e.alg){case"EdDSA":t={name:e.crv},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}default:throw new k('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return{algorithm:t,keyUsages:r}}var ES,wl,lm=I(()=>{Te();V();Ie();o(_S,"subtleMapping");ES=o(async e=>{var t,r;if(!e.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');let{algorithm:n,keyUsages:i}=_S(e),s=[n,(t=e.ext)!==null&&t!==void 0?t:!1,(r=e.key_ops)!==null&&r!==void 0?r:i];if(n.name==="PBKDF2")return U.subtle.importKey("raw",te(e.k),...s);let a={...e};return delete a.alg,delete a.use,U.subtle.importKey("jwk",a,...s)},"parse"),wl=ES});async function dm(e,t,r){if(typeof e!="string"||e.indexOf("-----BEGIN PUBLIC KEY-----")!==0)throw new TypeError('"spki" must be SPKI formatted string');return El(e,t,r)}async function pm(e,t,r){if(typeof e!="string"||e.indexOf("-----BEGIN CERTIFICATE-----")!==0)throw new TypeError('"x509" must be X.509 formatted string');return um(e,t,r)}async function hm(e,t,r){if(typeof e!="string"||e.indexOf("-----BEGIN PRIVATE KEY-----")!==0)throw new TypeError('"pkcs8" must be PKCS#8 formatted string');return am(e,t,r)}async function ar(e,t,r){var n;if(!Q(e))throw new TypeError("JWK must be an object");switch(t||(t=e.alg),e.kty){case"oct":if(typeof e.k!="string"||!e.k)throw new TypeError('missing "k" (Key Value) Parameter value');return r??(r=e.ext!==!0),r?wl({...e,alg:t,ext:(n=e.ext)!==null&&n!==void 0?n:!1}):te(e.k);case"RSA":if(e.oth!==void 0)throw new k('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');case"EC":case"OKP":return wl({...e,alg:t});default:throw new k('Unsupported "kty" (Key Type) Parameter value')}}var di=I(()=>{Ie();ns();lm();V();$e();o(dm,"importSPKI");o(pm,"importX509");o(hm,"importPKCS8");o(ar,"importJWK")});var wS,vS,TS,cr,pi=I(()=>{at();ct();wS=o((e,t)=>{if(!(t instanceof Uint8Array)){if(!dl(t))throw new TypeError(ll(e,t,...W,"Uint8Array"));if(t.type!=="secret")throw new TypeError(`${W.join(" or ")} instances for symmetric algorithms must be of type "secret"`)}},"symmetricTypeCheck"),vS=o((e,t,r)=>{if(!dl(t))throw new TypeError(ll(e,t,...W));if(t.type==="secret")throw new TypeError(`${W.join(" or ")} instances for asymmetric algorithms must not be of type "secret"`);if(r==="sign"&&t.type==="public")throw new TypeError(`${W.join(" or ")} instances for asymmetric algorithm signing must be of type "private"`);if(r==="decrypt"&&t.type==="public")throw new TypeError(`${W.join(" or ")} instances for asymmetric algorithm decryption must be of type "private"`);if(t.algorithm&&r==="verify"&&t.type==="private")throw new TypeError(`${W.join(" or ")} instances for asymmetric algorithm verifying must be of type "public"`);if(t.algorithm&&r==="encrypt"&&t.type==="private")throw new TypeError(`${W.join(" or ")} instances for asymmetric algorithm encryption must be of type "public"`)},"asymmetricTypeCheck"),TS=o((e,t,r)=>{e.startsWith("HS")||e==="dir"||e.startsWith("PBES2")||/^A\d{3}(?:GCM)?KW$/.test(e)?wS(e,t):vS(e,t,r)},"checkKeyType"),cr=TS});async function SS(e,t,r,n,i){if(!(r instanceof Uint8Array))throw new TypeError(ie(r,"Uint8Array"));let s=parseInt(e.slice(1,4),10),a=await U.subtle.importKey("raw",r.subarray(s>>3),"AES-CBC",!1,["encrypt"]),c=await U.subtle.importKey("raw",r.subarray(0,s>>3),{hash:`SHA-${s<<1}`,name:"HMAC"},!1,["sign"]),u=new Uint8Array(await U.subtle.encrypt({iv:n,name:"AES-CBC"},a,t)),l=Se(i,n,u,Go(i.length<<3)),d=new Uint8Array((await U.subtle.sign("HMAC",c,l)).slice(0,s>>3));return{ciphertext:u,tag:d}}async function IS(e,t,r,n,i){let s;r instanceof Uint8Array?s=await U.subtle.importKey("raw",r,"AES-GCM",!1,["encrypt"]):(qe(r,e,"encrypt"),s=r);let a=new Uint8Array(await U.subtle.encrypt({additionalData:i,iv:n,name:"AES-GCM",tagLength:128},s,t)),c=a.slice(-16);return{ciphertext:a.slice(0,-16),tag:c}}var PS,hi,vl=I(()=>{ge();cl();ul();Te();or();at();V();ct();o(SS,"cbcEncrypt");o(IS,"gcmEncrypt");PS=o(async(e,t,r,n,i)=>{if(!ae(r)&&!(r instanceof Uint8Array))throw new TypeError(ie(r,...W,"Uint8Array"));switch(Qo(e,n),e){case"A128CBC-HS256":case"A192CBC-HS384":case"A256CBC-HS512":return r instanceof Uint8Array&&Xr(r,parseInt(e.slice(-3),10)),SS(e,t,r,n,i);case"A128GCM":case"A192GCM":case"A256GCM":return r instanceof Uint8Array&&Xr(r,parseInt(e.slice(1,4),10)),IS(e,t,r,n,i);default:throw new k("Unsupported JWE Content Encryption Algorithm")}},"encrypt"),hi=PS});async function fm(e,t,r,n){let i=e.slice(0,7);n||(n=zo(i));let{ciphertext:s,tag:a}=await hi(i,r,t,n,new Uint8Array(0));return{encryptedKey:s,iv:X(n),tag:X(a)}}async function mm(e,t,r,n,i){let s=e.slice(0,7);return Zo(s,t,r,n,i,new Uint8Array(0))}var Tl=I(()=>{vl();pl();Wo();Ie();o(fm,"wrap");o(mm,"unwrap")});async function AS(e,t,r,n,i){switch(cr(e,t,"decrypt"),e){case"dir":{if(r!==void 0)throw new A("Encountered unexpected JWE Encrypted Key");return t}case"ECDH-ES":if(r!==void 0)throw new A("Encountered unexpected JWE Encrypted Key");case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{if(!Q(n.epk))throw new A('JOSE Header "epk" (Ephemeral Public Key) missing or invalid');if(!ts(t))throw new k("ECDH with the provided key is not allowed or not supported by your javascript runtime");let s=await ar(n.epk,e),a,c;if(n.apu!==void 0){if(typeof n.apu!="string")throw new A('JOSE Header "apu" (Agreement PartyUInfo) invalid');a=te(n.apu)}if(n.apv!==void 0){if(typeof n.apv!="string")throw new A('JOSE Header "apv" (Agreement PartyVInfo) invalid');c=te(n.apv)}let u=await es(s,t,e==="ECDH-ES"?n.enc:e,e==="ECDH-ES"?ui(n.enc):parseInt(e.slice(-5,-2),10),a,c);if(e==="ECDH-ES")return u;if(r===void 0)throw new A("JWE Encrypted Key missing");return ci(e.slice(-6),u,r)}case"RSA1_5":case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":{if(r===void 0)throw new A("JWE Encrypted Key missing");return Xf(e,t,r)}case"PBES2-HS256+A128KW":case"PBES2-HS384+A192KW":case"PBES2-HS512+A256KW":{if(r===void 0)throw new A("JWE Encrypted Key missing");if(typeof n.p2c!="number")throw new A('JOSE Header "p2c" (PBES2 Count) missing or invalid');let s=i?.maxPBES2Count||1e4;if(n.p2c>s)throw new A('JOSE Header "p2c" (PBES2 Count) out is of acceptable bounds');if(typeof n.p2s!="string")throw new A('JOSE Header "p2s" (PBES2 Salt) missing or invalid');return Qf(e,t,r,n.p2c,te(n.p2s))}case"A128KW":case"A192KW":case"A256KW":{if(r===void 0)throw new A("JWE Encrypted Key missing");return ci(e,t,r)}case"A128GCMKW":case"A192GCMKW":case"A256GCMKW":{if(r===void 0)throw new A("JWE Encrypted Key missing");if(typeof n.iv!="string")throw new A('JOSE Header "iv" (Initialization Vector) missing or invalid');if(typeof n.tag!="string")throw new A('JOSE Header "tag" (Authentication Tag) missing or invalid');let s=te(n.iv),a=te(n.tag);return mm(e,t,r,s,a)}default:throw new k('Invalid or unsupported "alg" (JWE Algorithm) header value')}}var ym,gm=I(()=>{Xo();ml();gl();bl();Ie();V();li();di();pi();$e();Tl();o(AS,"decryptKeyManagement");ym=AS});function RS(e,t,r,n,i){if(i.crit!==void 0&&n.crit===void 0)throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');if(!n||n.crit===void 0)return new Set;if(!Array.isArray(n.crit)||n.crit.length===0||n.crit.some(a=>typeof a!="string"||a.length===0))throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let s;r!==void 0?s=new Map([...Object.entries(r),...t.entries()]):s=t;for(let a of n.crit){if(!s.has(a))throw new k(`Extension Header Parameter "${a}" is not recognized`);if(i[a]===void 0)throw new e(`Extension Header Parameter "${a}" is missing`);if(s.get(a)&&n[a]===void 0)throw new e(`Extension Header Parameter "${a}" MUST be integrity protected`)}return new Set(n.crit)}var wt,nn=I(()=>{V();o(RS,"validateCrit");wt=RS});var OS,fi,Sl=I(()=>{OS=o((e,t)=>{if(t!==void 0&&(!Array.isArray(t)||t.some(r=>typeof r!="string")))throw new TypeError(`"${e}" option must be an array of strings`);if(t)return new Set(t)},"validateAlgorithms"),fi=OS});async function on(e,t,r){var n;if(!Q(e))throw new A("Flattened JWE must be an object");if(e.protected===void 0&&e.header===void 0&&e.unprotected===void 0)throw new A("JOSE Header missing");if(typeof e.iv!="string")throw new A("JWE Initialization Vector missing or incorrect type");if(typeof e.ciphertext!="string")throw new A("JWE Ciphertext missing or incorrect type");if(typeof e.tag!="string")throw new A("JWE Authentication Tag missing or incorrect type");if(e.protected!==void 0&&typeof e.protected!="string")throw new A("JWE Protected Header incorrect type");if(e.encrypted_key!==void 0&&typeof e.encrypted_key!="string")throw new A("JWE Encrypted Key incorrect type");if(e.aad!==void 0&&typeof e.aad!="string")throw new A("JWE AAD incorrect type");if(e.header!==void 0&&!Q(e.header))throw new A("JWE Shared Unprotected Header incorrect type");if(e.unprotected!==void 0&&!Q(e.unprotected))throw new A("JWE Per-Recipient Unprotected Header incorrect type");let i;if(e.protected)try{let F=te(e.protected);i=JSON.parse(ue.decode(F))}catch{throw new A("JWE Protected Header is invalid")}if(!_t(i,e.header,e.unprotected))throw new A("JWE Protected, JWE Unprotected Header, and JWE Per-Recipient Unprotected Header Parameter names must be disjoint");let s={...i,...e.header,...e.unprotected};if(wt(A,new Map,r?.crit,i,s),s.zip!==void 0){if(!i||!i.zip)throw new A('JWE "zip" (Compression Algorithm) Header MUST be integrity protected');if(s.zip!=="DEF")throw new k('Unsupported JWE "zip" (Compression Algorithm) Header Parameter value')}let{alg:a,enc:c}=s;if(typeof a!="string"||!a)throw new A("missing JWE Algorithm (alg) in JWE Header");if(typeof c!="string"||!c)throw new A("missing JWE Encryption Algorithm (enc) in JWE Header");let u=r&&fi("keyManagementAlgorithms",r.keyManagementAlgorithms),l=r&&fi("contentEncryptionAlgorithms",r.contentEncryptionAlgorithms);if(u&&!u.has(a))throw new tr('"alg" (Algorithm) Header Parameter not allowed');if(l&&!l.has(c))throw new tr('"enc" (Encryption Algorithm) Header Parameter not allowed');let d;e.encrypted_key!==void 0&&(d=te(e.encrypted_key));let p=!1;typeof t=="function"&&(t=await t(i,e),p=!0);let m;try{m=await ym(a,t,d,s,r)}catch(F){if(F instanceof TypeError||F instanceof A||F instanceof k)throw F;m=Et(c)}let h=te(e.iv),y=te(e.tag),w=Z.encode((n=e.protected)!==null&&n!==void 0?n:""),T;e.aad!==void 0?T=Se(w,Z.encode("."),Z.encode(e.aad)):T=w;let S=await Zo(c,m,te(e.ciphertext),h,y,T);s.zip==="DEF"&&(S=await(r?.inflateRaw||$f)(S));let D={plaintext:S};return e.protected!==void 0&&(D.protectedHeader=i),e.aad!==void 0&&(D.additionalAuthenticatedData=te(e.aad)),e.unprotected!==void 0&&(D.sharedUnprotectedHeader=e.unprotected),e.header!==void 0&&(D.unprotectedHeader=e.header),p?{...D,key:t}:D}var is=I(()=>{Ie();pl();hl();V();en();$e();gm();ge();li();nn();Sl();o(on,"flattenedDecrypt")});async function os(e,t,r){if(e instanceof Uint8Array&&(e=ue.decode(e)),typeof e!="string")throw new A("Compact JWE must be a string or Uint8Array");let{0:n,1:i,2:s,3:a,4:c,length:u}=e.split(".");if(u!==5)throw new A("Invalid Compact JWE");let l=await on({ciphertext:a,iv:s||void 0,protected:n||void 0,tag:c||void 0,encrypted_key:i||void 0},t,r),d={plaintext:l.plaintext,protectedHeader:l.protectedHeader};return typeof t=="function"?{...d,key:l.key}:d}var Il=I(()=>{is();V();ge();o(os,"compactDecrypt")});async function bm(e,t,r){if(!Q(e))throw new A("General JWE must be an object");if(!Array.isArray(e.recipients)||!e.recipients.every(Q))throw new A("JWE Recipients missing or incorrect type");if(!e.recipients.length)throw new A("JWE Recipients has no members");for(let n of e.recipients)try{return await on({aad:e.aad,ciphertext:e.ciphertext,encrypted_key:n.encrypted_key,header:n.header,iv:e.iv,protected:e.protected,tag:e.tag,unprotected:e.unprotected},t,r)}catch{}throw new Ut}var _m=I(()=>{is();V();$e();o(bm,"generalDecrypt")});var xS,Em,wm=I(()=>{Te();at();Ie();ct();xS=o(async e=>{if(e instanceof Uint8Array)return{kty:"oct",k:X(e)};if(!ae(e))throw new TypeError(ie(e,...W,"Uint8Array"));if(!e.extractable)throw new TypeError("non-extractable CryptoKey cannot be exported as a JWK");let{ext:t,key_ops:r,alg:n,use:i,...s}=await U.subtle.exportKey("jwk",e);return s},"keyToJWK"),Em=xS});async function vm(e){return im(e)}async function Tm(e){return om(e)}async function ss(e){return Em(e)}var Pl=I(()=>{ns();ns();wm();o(vm,"exportSPKI");o(Tm,"exportPKCS8");o(ss,"exportJWK")});async function NS(e,t,r,n,i={}){let s,a,c;switch(cr(e,r,"encrypt"),e){case"dir":{c=r;break}case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{if(!ts(r))throw new k("ECDH with the provided key is not allowed or not supported by your javascript runtime");let{apu:u,apv:l}=i,{epk:d}=i;d||(d=(await Bf(r)).privateKey);let{x:p,y:m,crv:h,kty:y}=await ss(d),w=await es(r,d,e==="ECDH-ES"?t:e,e==="ECDH-ES"?ui(t):parseInt(e.slice(-5,-2),10),u,l);if(a={epk:{x:p,crv:h,kty:y}},y==="EC"&&(a.epk.y=m),u&&(a.apu=X(u)),l&&(a.apv=X(l)),e==="ECDH-ES"){c=w;break}c=n||Et(t);let T=e.slice(-6);s=await ai(T,w,c);break}case"RSA1_5":case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":{c=n||Et(t),s=await Zf(e,r,c);break}case"PBES2-HS256+A128KW":case"PBES2-HS384+A192KW":case"PBES2-HS512+A256KW":{c=n||Et(t);let{p2c:u,p2s:l}=i;({encryptedKey:s,...a}=await Wf(e,r,c,u,l));break}case"A128KW":case"A192KW":case"A256KW":{c=n||Et(t),s=await ai(e,r,c);break}case"A128GCMKW":case"A192GCMKW":case"A256GCMKW":{c=n||Et(t);let{iv:u}=i;({encryptedKey:s,...a}=await fm(e,r,c,u));break}default:throw new k('Invalid or unsupported "alg" (JWE Algorithm) header value')}return{cek:c,encryptedKey:s,parameters:a}}var as,Al=I(()=>{Xo();ml();gl();bl();Ie();li();V();Pl();pi();Tl();o(NS,"encryptKeyManagement");as=NS});var Rl,Mt,cs=I(()=>{Ie();vl();hl();Wo();Al();V();en();ge();nn();Rl=Symbol(),Mt=class{static{o(this,"FlattenedEncrypt")}constructor(t){if(!(t instanceof Uint8Array))throw new TypeError("plaintext must be an instance of Uint8Array");this._plaintext=t}setKeyManagementParameters(t){if(this._keyManagementParameters)throw new TypeError("setKeyManagementParameters can only be called once");return this._keyManagementParameters=t,this}setProtectedHeader(t){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=t,this}setSharedUnprotectedHeader(t){if(this._sharedUnprotectedHeader)throw new TypeError("setSharedUnprotectedHeader can only be called once");return this._sharedUnprotectedHeader=t,this}setUnprotectedHeader(t){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=t,this}setAdditionalAuthenticatedData(t){return this._aad=t,this}setContentEncryptionKey(t){if(this._cek)throw new TypeError("setContentEncryptionKey can only be called once");return this._cek=t,this}setInitializationVector(t){if(this._iv)throw new TypeError("setInitializationVector can only be called once");return this._iv=t,this}async encrypt(t,r){if(!this._protectedHeader&&!this._unprotectedHeader&&!this._sharedUnprotectedHeader)throw new A("either setProtectedHeader, setUnprotectedHeader, or sharedUnprotectedHeader must be called before #encrypt()");if(!_t(this._protectedHeader,this._unprotectedHeader,this._sharedUnprotectedHeader))throw new A("JWE Protected, JWE Shared Unprotected and JWE Per-Recipient Header Parameter names must be disjoint");let n={...this._protectedHeader,...this._unprotectedHeader,...this._sharedUnprotectedHeader};if(wt(A,new Map,r?.crit,this._protectedHeader,n),n.zip!==void 0){if(!this._protectedHeader||!this._protectedHeader.zip)throw new A('JWE "zip" (Compression Algorithm) Header MUST be integrity protected');if(n.zip!=="DEF")throw new k('Unsupported JWE "zip" (Compression Algorithm) Header Parameter value')}let{alg:i,enc:s}=n;if(typeof i!="string"||!i)throw new A('JWE "alg" (Algorithm) Header Parameter missing or invalid');if(typeof s!="string"||!s)throw new A('JWE "enc" (Encryption Algorithm) Header Parameter missing or invalid');let a;if(i==="dir"){if(this._cek)throw new TypeError("setContentEncryptionKey cannot be called when using Direct Encryption")}else if(i==="ECDH-ES"&&this._cek)throw new TypeError("setContentEncryptionKey cannot be called when using Direct Key Agreement");let c;{let y;({cek:c,encryptedKey:a,parameters:y}=await as(i,s,t,this._cek,this._keyManagementParameters)),y&&(r&&Rl in r?this._unprotectedHeader?this._unprotectedHeader={...this._unprotectedHeader,...y}:this.setUnprotectedHeader(y):this._protectedHeader?this._protectedHeader={...this._protectedHeader,...y}:this.setProtectedHeader(y))}this._iv||(this._iv=zo(s));let u,l,d;this._protectedHeader?l=Z.encode(X(JSON.stringify(this._protectedHeader))):l=Z.encode(""),this._aad?(d=X(this._aad),u=Se(l,Z.encode("."),Z.encode(d))):u=l;let p,m;if(n.zip==="DEF"){let y=await(r?.deflateRaw||jf)(this._plaintext);({ciphertext:p,tag:m}=await hi(s,y,c,this._iv,u))}else({ciphertext:p,tag:m}=await hi(s,this._plaintext,c,this._iv,u));let h={ciphertext:X(p),iv:X(this._iv),tag:X(m)};return a&&(h.encrypted_key=X(a)),d&&(h.aad=d),this._protectedHeader&&(h.protected=ue.decode(l)),this._sharedUnprotectedHeader&&(h.unprotected=this._sharedUnprotectedHeader),this._unprotectedHeader&&(h.header=this._unprotectedHeader),h}}});var Ol,us,Sm=I(()=>{cs();V();li();en();Al();Ie();nn();Ol=class{static{o(this,"IndividualRecipient")}constructor(t,r,n){this.parent=t,this.key=r,this.options=n}setUnprotectedHeader(t){if(this.unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this.unprotectedHeader=t,this}addRecipient(...t){return this.parent.addRecipient(...t)}encrypt(...t){return this.parent.encrypt(...t)}done(){return this.parent}},us=class{static{o(this,"GeneralEncrypt")}constructor(t){this._recipients=[],this._plaintext=t}addRecipient(t,r){let n=new Ol(this,t,{crit:r?.crit});return this._recipients.push(n),n}setProtectedHeader(t){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=t,this}setSharedUnprotectedHeader(t){if(this._unprotectedHeader)throw new TypeError("setSharedUnprotectedHeader can only be called once");return this._unprotectedHeader=t,this}setAdditionalAuthenticatedData(t){return this._aad=t,this}async encrypt(t){var r,n,i;if(!this._recipients.length)throw new A("at least one recipient must be added");if(t={deflateRaw:t?.deflateRaw},this._recipients.length===1){let[u]=this._recipients,l=await new Mt(this._plaintext).setAdditionalAuthenticatedData(this._aad).setProtectedHeader(this._protectedHeader).setSharedUnprotectedHeader(this._unprotectedHeader).setUnprotectedHeader(u.unprotectedHeader).encrypt(u.key,{...u.options,...t}),d={ciphertext:l.ciphertext,iv:l.iv,recipients:[{}],tag:l.tag};return l.aad&&(d.aad=l.aad),l.protected&&(d.protected=l.protected),l.unprotected&&(d.unprotected=l.unprotected),l.encrypted_key&&(d.recipients[0].encrypted_key=l.encrypted_key),l.header&&(d.recipients[0].header=l.header),d}let s;for(let u=0;u<this._recipients.length;u++){let l=this._recipients[u];if(!_t(this._protectedHeader,this._unprotectedHeader,l.unprotectedHeader))throw new A("JWE Protected, JWE Shared Unprotected and JWE Per-Recipient Header Parameter names must be disjoint");let d={...this._protectedHeader,...this._unprotectedHeader,...l.unprotectedHeader},{alg:p}=d;if(typeof p!="string"||!p)throw new A('JWE "alg" (Algorithm) Header Parameter missing or invalid');if(p==="dir"||p==="ECDH-ES")throw new A('"dir" and "ECDH-ES" alg may only be used with a single recipient');if(typeof d.enc!="string"||!d.enc)throw new A('JWE "enc" (Encryption Algorithm) Header Parameter missing or invalid');if(!s)s=d.enc;else if(s!==d.enc)throw new A('JWE "enc" (Encryption Algorithm) Header Parameter must be the same for all recipients');if(wt(A,new Map,l.options.crit,this._protectedHeader,d),d.zip!==void 0&&(!this._protectedHeader||!this._protectedHeader.zip))throw new A('JWE "zip" (Compression Algorithm) Header MUST be integrity protected')}let a=Et(s),c={ciphertext:"",iv:"",recipients:[],tag:""};for(let u=0;u<this._recipients.length;u++){let l=this._recipients[u],d={};c.recipients.push(d);let m={...this._protectedHeader,...this._unprotectedHeader,...l.unprotectedHeader}.alg.startsWith("PBES2")?2048+u:void 0;if(u===0){let w=await new Mt(this._plaintext).setAdditionalAuthenticatedData(this._aad).setContentEncryptionKey(a).setProtectedHeader(this._protectedHeader).setSharedUnprotectedHeader(this._unprotectedHeader).setUnprotectedHeader(l.unprotectedHeader).setKeyManagementParameters({p2c:m}).encrypt(l.key,{...l.options,...t,[Rl]:!0});c.ciphertext=w.ciphertext,c.iv=w.iv,c.tag=w.tag,w.aad&&(c.aad=w.aad),w.protected&&(c.protected=w.protected),w.unprotected&&(c.unprotected=w.unprotected),d.encrypted_key=w.encrypted_key,w.header&&(d.header=w.header);continue}let{encryptedKey:h,parameters:y}=await as(((r=l.unprotectedHeader)===null||r===void 0?void 0:r.alg)||((n=this._protectedHeader)===null||n===void 0?void 0:n.alg)||((i=this._unprotectedHeader)===null||i===void 0?void 0:i.alg),s,l.key,a,{p2c:m});d.encrypted_key=X(h),(l.unprotectedHeader||y)&&(d.header={...l.unprotectedHeader,...y})}return c}}});function mi(e,t){let r=`SHA-${e.slice(-3)}`;switch(e){case"HS256":case"HS384":case"HS512":return{hash:r,name:"HMAC"};case"PS256":case"PS384":case"PS512":return{hash:r,name:"RSA-PSS",saltLength:e.slice(-3)>>3};case"RS256":case"RS384":case"RS512":return{hash:r,name:"RSASSA-PKCS1-v1_5"};case"ES256":case"ES384":case"ES512":return{hash:r,name:"ECDSA",namedCurve:t.namedCurve};case"EdDSA":return{name:t.name};default:throw new k(`alg ${e} is not supported either by JOSE or your javascript runtime`)}}var xl=I(()=>{V();o(mi,"subtleDsa")});function yi(e,t,r){if(ae(t))return Ff(t,e,r),t;if(t instanceof Uint8Array){if(!e.startsWith("HS"))throw new TypeError(ie(t,...W));return U.subtle.importKey("raw",t,{hash:`SHA-${e.slice(-3)}`,name:"HMAC"},!1,[r])}throw new TypeError(ie(t,...W,"Uint8Array"))}var Nl=I(()=>{Te();or();at();ct();o(yi,"getCryptoKey")});var CS,Im,Pm=I(()=>{xl();Te();rs();Nl();CS=o(async(e,t,r,n)=>{let i=await yi(e,t,"verify");Cr(e,i);let s=mi(e,i.algorithm);try{return await U.subtle.verify(s,i,r,n)}catch{return!1}},"verify"),Im=CS});async function sn(e,t,r){var n;if(!Q(e))throw new z("Flattened JWS must be an object");if(e.protected===void 0&&e.header===void 0)throw new z('Flattened JWS must have either of the "protected" or "header" members');if(e.protected!==void 0&&typeof e.protected!="string")throw new z("JWS Protected Header incorrect type");if(e.payload===void 0)throw new z("JWS Payload missing");if(typeof e.signature!="string")throw new z("JWS Signature missing or incorrect type");if(e.header!==void 0&&!Q(e.header))throw new z("JWS Unprotected Header incorrect type");let i={};if(e.protected)try{let T=te(e.protected);i=JSON.parse(ue.decode(T))}catch{throw new z("JWS Protected Header is invalid")}if(!_t(i,e.header))throw new z("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");let s={...i,...e.header},a=wt(z,new Map([["b64",!0]]),r?.crit,i,s),c=!0;if(a.has("b64")&&(c=i.b64,typeof c!="boolean"))throw new z('The "b64" (base64url-encode payload) Header Parameter must be a boolean');let{alg:u}=s;if(typeof u!="string"||!u)throw new z('JWS "alg" (Algorithm) Header Parameter missing or invalid');let l=r&&fi("algorithms",r.algorithms);if(l&&!l.has(u))throw new tr('"alg" (Algorithm) Header Parameter not allowed');if(c){if(typeof e.payload!="string")throw new z("JWS Payload must be a string")}else if(typeof e.payload!="string"&&!(e.payload instanceof Uint8Array))throw new z("JWS Payload must be a string or an Uint8Array instance");let d=!1;typeof t=="function"&&(t=await t(i,e),d=!0),cr(u,t,"verify");let p=Se(Z.encode((n=e.protected)!==null&&n!==void 0?n:""),Z.encode("."),typeof e.payload=="string"?Z.encode(e.payload):e.payload),m=te(e.signature);if(!await Im(u,t,m,p))throw new Nr;let y;c?y=te(e.payload):typeof e.payload=="string"?y=Z.encode(e.payload):y=e.payload;let w={payload:y};return e.protected!==void 0&&(w.protectedHeader=i),e.header!==void 0&&(w.unprotectedHeader=e.header),d?{...w,key:t}:w}var ls=I(()=>{Ie();Pm();V();ge();en();$e();pi();nn();Sl();o(sn,"flattenedVerify")});async function ds(e,t,r){if(e instanceof Uint8Array&&(e=ue.decode(e)),typeof e!="string")throw new z("Compact JWS must be a string or Uint8Array");let{0:n,1:i,2:s,length:a}=e.split(".");if(a!==3)throw new z("Invalid Compact JWS");let c=await sn({payload:i,protected:n,signature:s},t,r),u={payload:c.payload,protectedHeader:c.protectedHeader};return typeof t=="function"?{...u,key:c.key}:u}var Cl=I(()=>{ls();V();ge();o(ds,"compactVerify")});async function Am(e,t,r){if(!Q(e))throw new z("General JWS must be an object");if(!Array.isArray(e.signatures)||!e.signatures.every(Q))throw new z("JWS Signatures missing or incorrect type");for(let n of e.signatures)try{return await sn({header:n.header,payload:e.payload,protected:n.protected,signature:n.signature},t,r)}catch{}throw new Nr}var Rm=I(()=>{ls();V();$e();o(Am,"generalVerify")});var an,Ll=I(()=>{an=o(e=>Math.floor(e.getTime()/1e3),"default")});var LS,cn,Dl=I(()=>{LS=/^(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)$/i,cn=o(e=>{let t=LS.exec(e);if(!t)throw new TypeError("Invalid time period format");let r=parseFloat(t[1]);switch(t[2].toLowerCase()){case"sec":case"secs":case"second":case"seconds":case"s":return Math.round(r);case"minute":case"minutes":case"min":case"mins":case"m":return Math.round(r*60);case"hour":case"hours":case"hr":case"hrs":case"h":return Math.round(r*3600);case"day":case"days":case"d":return Math.round(r*86400);case"week":case"weeks":case"w":return Math.round(r*604800);default:return Math.round(r*31557600)}},"default")});var Om,DS,un,ps=I(()=>{V();ge();Ll();Dl();$e();Om=o(e=>e.toLowerCase().replace(/^application\//,""),"normalizeTyp"),DS=o((e,t)=>typeof e=="string"?t.includes(e):Array.isArray(e)?t.some(Set.prototype.has.bind(new Set(e))):!1,"checkAudiencePresence"),un=o((e,t,r={})=>{let{typ:n}=r;if(n&&(typeof e.typ!="string"||Om(e.typ)!==Om(n)))throw new be('unexpected "typ" JWT header value',"typ","check_failed");let i;try{i=JSON.parse(ue.decode(t))}catch{}if(!Q(i))throw new le("JWT Claims Set must be a top-level JSON object");let{requiredClaims:s=[],issuer:a,subject:c,audience:u,maxTokenAge:l}=r;l!==void 0&&s.push("iat"),u!==void 0&&s.push("aud"),c!==void 0&&s.push("sub"),a!==void 0&&s.push("iss");for(let h of new Set(s.reverse()))if(!(h in i))throw new be(`missing required "${h}" claim`,h,"missing");if(a&&!(Array.isArray(a)?a:[a]).includes(i.iss))throw new be('unexpected "iss" claim value',"iss","check_failed");if(c&&i.sub!==c)throw new be('unexpected "sub" claim value',"sub","check_failed");if(u&&!DS(i.aud,typeof u=="string"?[u]:u))throw new be('unexpected "aud" claim value',"aud","check_failed");let d;switch(typeof r.clockTolerance){case"string":d=cn(r.clockTolerance);break;case"number":d=r.clockTolerance;break;case"undefined":d=0;break;default:throw new TypeError("Invalid clockTolerance option type")}let{currentDate:p}=r,m=an(p||new Date);if((i.iat!==void 0||l)&&typeof i.iat!="number")throw new be('"iat" claim must be a number',"iat","invalid");if(i.nbf!==void 0){if(typeof i.nbf!="number")throw new be('"nbf" claim must be a number',"nbf","invalid");if(i.nbf>m+d)throw new be('"nbf" claim timestamp check failed',"nbf","check_failed")}if(i.exp!==void 0){if(typeof i.exp!="number")throw new be('"exp" claim must be a number',"exp","invalid");if(i.exp<=m-d)throw new Zr('"exp" claim timestamp check failed',"exp","check_failed")}if(l){let h=m-i.iat,y=typeof l=="number"?l:cn(l);if(h-d>y)throw new Zr('"iat" claim timestamp check failed (too far in the past)',"iat","check_failed");if(h<0-d)throw new be('"iat" claim timestamp check failed (it should be in the past)',"iat","check_failed")}return i},"default")});async function xm(e,t,r){var n;let i=await ds(e,t,r);if(!((n=i.protectedHeader.crit)===null||n===void 0)&&n.includes("b64")&&i.protectedHeader.b64===!1)throw new le("JWTs MUST NOT use unencoded payload");let a={payload:un(i.protectedHeader,i.payload,r),protectedHeader:i.protectedHeader};return typeof t=="function"?{...a,key:i.key}:a}var Nm=I(()=>{Cl();ps();V();o(xm,"jwtVerify")});async function Cm(e,t,r){let n=await os(e,t,r),i=un(n.protectedHeader,n.plaintext,r),{protectedHeader:s}=n;if(s.iss!==void 0&&s.iss!==i.iss)throw new be('replicated "iss" claim header parameter mismatch',"iss","mismatch");if(s.sub!==void 0&&s.sub!==i.sub)throw new be('replicated "sub" claim header parameter mismatch',"sub","mismatch");if(s.aud!==void 0&&JSON.stringify(s.aud)!==JSON.stringify(i.aud))throw new be('replicated "aud" claim header parameter mismatch',"aud","mismatch");let a={payload:i,protectedHeader:s};return typeof t=="function"?{...a,key:n.key}:a}var Lm=I(()=>{Il();ps();V();o(Cm,"jwtDecrypt")});var ln,Ul=I(()=>{cs();ln=class{static{o(this,"CompactEncrypt")}constructor(t){this._flattened=new Mt(t)}setContentEncryptionKey(t){return this._flattened.setContentEncryptionKey(t),this}setInitializationVector(t){return this._flattened.setInitializationVector(t),this}setProtectedHeader(t){return this._flattened.setProtectedHeader(t),this}setKeyManagementParameters(t){return this._flattened.setKeyManagementParameters(t),this}async encrypt(t,r){let n=await this._flattened.encrypt(t,r);return[n.protected,n.encrypted_key,n.iv,n.ciphertext,n.tag].join(".")}}});var US,Dm,Um=I(()=>{xl();Te();rs();Nl();US=o(async(e,t,r)=>{let n=await yi(e,t,"sign");Cr(e,n);let i=await U.subtle.sign(mi(e,n.algorithm),n,r);return new Uint8Array(i)},"sign"),Dm=US});var ur,hs=I(()=>{Ie();Um();en();V();ge();pi();nn();ur=class{static{o(this,"FlattenedSign")}constructor(t){if(!(t instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");this._payload=t}setProtectedHeader(t){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=t,this}setUnprotectedHeader(t){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=t,this}async sign(t,r){if(!this._protectedHeader&&!this._unprotectedHeader)throw new z("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!_t(this._protectedHeader,this._unprotectedHeader))throw new z("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");let n={...this._protectedHeader,...this._unprotectedHeader},i=wt(z,new Map([["b64",!0]]),r?.crit,this._protectedHeader,n),s=!0;if(i.has("b64")&&(s=this._protectedHeader.b64,typeof s!="boolean"))throw new z('The "b64" (base64url-encode payload) Header Parameter must be a boolean');let{alg:a}=n;if(typeof a!="string"||!a)throw new z('JWS "alg" (Algorithm) Header Parameter missing or invalid');cr(a,t,"sign");let c=this._payload;s&&(c=Z.encode(X(c)));let u;this._protectedHeader?u=Z.encode(X(JSON.stringify(this._protectedHeader))):u=Z.encode("");let l=Se(u,Z.encode("."),c),d=await Dm(a,t,l),p={signature:X(d),payload:""};return s&&(p.payload=ue.decode(c)),this._unprotectedHeader&&(p.header=this._unprotectedHeader),this._protectedHeader&&(p.protected=ue.decode(u)),p}}});var dn,Ml=I(()=>{hs();dn=class{static{o(this,"CompactSign")}constructor(t){this._flattened=new ur(t)}setProtectedHeader(t){return this._flattened.setProtectedHeader(t),this}async sign(t,r){let n=await this._flattened.sign(t,r);if(n.payload===void 0)throw new TypeError("use the flattened module for creating JWS with b64: false");return`${n.protected}.${n.payload}.${n.signature}`}}});var kl,fs,Mm=I(()=>{hs();V();kl=class{static{o(this,"IndividualSignature")}constructor(t,r,n){this.parent=t,this.key=r,this.options=n}setProtectedHeader(t){if(this.protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this.protectedHeader=t,this}setUnprotectedHeader(t){if(this.unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this.unprotectedHeader=t,this}addSignature(...t){return this.parent.addSignature(...t)}sign(...t){return this.parent.sign(...t)}done(){return this.parent}},fs=class{static{o(this,"GeneralSign")}constructor(t){this._signatures=[],this._payload=t}addSignature(t,r){let n=new kl(this,t,r);return this._signatures.push(n),n}async sign(){if(!this._signatures.length)throw new z("at least one signature must be added");let t={signatures:[],payload:""};for(let r=0;r<this._signatures.length;r++){let n=this._signatures[r],i=new ur(this._payload);i.setProtectedHeader(n.protectedHeader),i.setUnprotectedHeader(n.unprotectedHeader);let{payload:s,...a}=await i.sign(n.key,n.options);if(r===0)t.payload=s;else if(t.payload!==s)throw new z("inconsistent use of JWS Unencoded Payload (RFC7797)");t.signatures.push(a)}return t}}});var lr,ms=I(()=>{Ll();$e();Dl();lr=class{static{o(this,"ProduceJWT")}constructor(t){if(!Q(t))throw new TypeError("JWT Claims Set MUST be an object");this._payload=t}setIssuer(t){return this._payload={...this._payload,iss:t},this}setSubject(t){return this._payload={...this._payload,sub:t},this}setAudience(t){return this._payload={...this._payload,aud:t},this}setJti(t){return this._payload={...this._payload,jti:t},this}setNotBefore(t){return typeof t=="number"?this._payload={...this._payload,nbf:t}:this._payload={...this._payload,nbf:an(new Date)+cn(t)},this}setExpirationTime(t){return typeof t=="number"?this._payload={...this._payload,exp:t}:this._payload={...this._payload,exp:an(new Date)+cn(t)},this}setIssuedAt(t){return typeof t>"u"?this._payload={...this._payload,iat:an(new Date)}:this._payload={...this._payload,iat:t},this}}});var ys,km=I(()=>{Ml();V();ge();ms();ys=class extends lr{static{o(this,"SignJWT")}setProtectedHeader(t){return this._protectedHeader=t,this}async sign(t,r){var n;let i=new dn(Z.encode(JSON.stringify(this._payload)));if(i.setProtectedHeader(this._protectedHeader),Array.isArray((n=this._protectedHeader)===null||n===void 0?void 0:n.crit)&&this._protectedHeader.crit.includes("b64")&&this._protectedHeader.b64===!1)throw new le("JWTs MUST NOT use unencoded payload");return i.sign(t,r)}}});var gs,Hm=I(()=>{Ul();ge();ms();gs=class extends lr{static{o(this,"EncryptJWT")}setProtectedHeader(t){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=t,this}setKeyManagementParameters(t){if(this._keyManagementParameters)throw new TypeError("setKeyManagementParameters can only be called once");return this._keyManagementParameters=t,this}setContentEncryptionKey(t){if(this._cek)throw new TypeError("setContentEncryptionKey can only be called once");return this._cek=t,this}setInitializationVector(t){if(this._iv)throw new TypeError("setInitializationVector can only be called once");return this._iv=t,this}replicateIssuerAsHeader(){return this._replicateIssuerAsHeader=!0,this}replicateSubjectAsHeader(){return this._replicateSubjectAsHeader=!0,this}replicateAudienceAsHeader(){return this._replicateAudienceAsHeader=!0,this}async encrypt(t,r){let n=new ln(Z.encode(JSON.stringify(this._payload)));return this._replicateIssuerAsHeader&&(this._protectedHeader={...this._protectedHeader,iss:this._payload.iss}),this._replicateSubjectAsHeader&&(this._protectedHeader={...this._protectedHeader,sub:this._payload.sub}),this._replicateAudienceAsHeader&&(this._protectedHeader={...this._protectedHeader,aud:this._payload.aud}),n.setProtectedHeader(this._protectedHeader),this._iv&&n.setInitializationVector(this._iv),this._cek&&n.setContentEncryptionKey(this._cek),this._keyManagementParameters&&n.setKeyManagementParameters(this._keyManagementParameters),n.encrypt(t,r)}}});async function Hl(e,t){if(!Q(e))throw new TypeError("JWK must be an object");if(t??(t="sha256"),t!=="sha256"&&t!=="sha384"&&t!=="sha512")throw new TypeError('digestAlgorithm must one of "sha256", "sha384", or "sha512"');let r;switch(e.kty){case"EC":dr(e.crv,'"crv" (Curve) Parameter'),dr(e.x,'"x" (X Coordinate) Parameter'),dr(e.y,'"y" (Y Coordinate) Parameter'),r={crv:e.crv,kty:e.kty,x:e.x,y:e.y};break;case"OKP":dr(e.crv,'"crv" (Subtype of Key Pair) Parameter'),dr(e.x,'"x" (Public Key) Parameter'),r={crv:e.crv,kty:e.kty,x:e.x};break;case"RSA":dr(e.e,'"e" (Exponent) Parameter'),dr(e.n,'"n" (Modulus) Parameter'),r={e:e.e,kty:e.kty,n:e.n};break;case"oct":dr(e.k,'"k" (Key Value) Parameter'),r={k:e.k,kty:e.kty};break;default:throw new k('"kty" (Key Type) Parameter missing or unsupported')}let n=Z.encode(JSON.stringify(r));return X(await jo(t,n))}async function Fm(e,t){t??(t="sha256");let r=await Hl(e,t);return`urn:ietf:params:oauth:jwk-thumbprint:sha-${t.slice(-3)}:${r}`}var dr,qm=I(()=>{nl();Ie();V();ge();$e();dr=o((e,t)=>{if(typeof e!="string"||!e)throw new ni(`${t} missing or invalid`)},"check");o(Hl,"calculateJwkThumbprint");o(Fm,"calculateJwkThumbprintUri")});async function $m(e,t){let r={...e,...t?.header};if(!Q(r.jwk))throw new z('"jwk" (JSON Web Key) Header Parameter must be a JSON object');let n=await ar({...r.jwk,ext:!0},r.alg,!0);if(n instanceof Uint8Array||n.type!=="public")throw new z('"jwk" (JSON Web Key) Header Parameter must be a public key');return n}var jm=I(()=>{di();$e();V();o($m,"EmbeddedJWK")});function MS(e){switch(typeof e=="string"&&e.slice(0,2)){case"RS":case"PS":return"RSA";case"ES":return"EC";case"Ed":return"OKP";default:throw new k('Unsupported "alg" value for a JSON Web Key Set')}}function Fl(e){return e&&typeof e=="object"&&Array.isArray(e.keys)&&e.keys.every(kS)}function kS(e){return Q(e)}function HS(e){return typeof structuredClone=="function"?structuredClone(e):JSON.parse(JSON.stringify(e))}async function Vm(e,t,r){let n=e.get(t)||e.set(t,{}).get(t);if(n[r]===void 0){let i=await ar({...t,ext:!0},r);if(i instanceof Uint8Array||i.type!=="public")throw new rr("JSON Web Key Set members must be public keys");n[r]=i}return n[r]}function Gm(e){let t=new gi(e);return async function(r,n){return t.getKey(r,n)}}var gi,ql=I(()=>{di();V();$e();o(MS,"getKtyFromAlg");o(Fl,"isJWKSLike");o(kS,"isJWKLike");o(HS,"clone");gi=class{static{o(this,"LocalJWKSet")}constructor(t){if(this._cached=new WeakMap,!Fl(t))throw new rr("JSON Web Key Set malformed");this._jwks=HS(t)}async getKey(t,r){let{alg:n,kid:i}={...t,...r?.header},s=MS(n),a=this._jwks.keys.filter(l=>{let d=s===l.kty;if(d&&typeof i=="string"&&(d=i===l.kid),d&&typeof l.alg=="string"&&(d=n===l.alg),d&&typeof l.use=="string"&&(d=l.use==="sig"),d&&Array.isArray(l.key_ops)&&(d=l.key_ops.includes("verify")),d&&n==="EdDSA"&&(d=l.crv==="Ed25519"||l.crv==="Ed448"),d)switch(n){case"ES256":d=l.crv==="P-256";break;case"ES256K":d=l.crv==="secp256k1";break;case"ES384":d=l.crv==="P-384";break;case"ES512":d=l.crv==="P-521";break}return d}),{0:c,length:u}=a;if(u===0)throw new xr;if(u!==1){let l=new ii,{_cached:d}=this;throw l[Symbol.asyncIterator]=async function*(){for(let p of a)try{yield await Vm(d,p,n)}catch{continue}},l}return Vm(this._cached,c,n)}};o(Vm,"importWithAlgCache");o(Gm,"createLocalJWKSet")});var FS,Bm,Km=I(()=>{V();FS=o(async(e,t,r)=>{let n,i,s=!1;typeof AbortController=="function"&&(n=new AbortController,i=setTimeout(()=>{s=!0,n.abort()},t));let a=await fetch(e.href,{signal:n?n.signal:void 0,redirect:"manual",headers:r.headers}).catch(c=>{throw s?new oi:c});if(i!==void 0&&clearTimeout(i),a.status!==200)throw new he("Expected 200 OK from the JSON Web Key Set HTTP response");try{return await a.json()}catch{throw new he("Failed to parse the JSON Web Key Set HTTP response as JSON")}},"fetchJwks"),Bm=FS});function qS(){return typeof WebSocketPair<"u"||typeof navigator<"u"&&navigator.userAgent==="Cloudflare-Workers"||typeof EdgeRuntime<"u"&&EdgeRuntime==="vercel"}function Jm(e,t){let r=new $l(e,t);return async function(n,i){return r.getKey(n,i)}}var $l,zm=I(()=>{Km();V();ql();o(qS,"isCloudflareWorkers");$l=class extends gi{static{o(this,"RemoteJWKSet")}constructor(t,r){if(super({keys:[]}),this._jwks=void 0,!(t instanceof URL))throw new TypeError("url must be an instance of URL");this._url=new URL(t.href),this._options={agent:r?.agent,headers:r?.headers},this._timeoutDuration=typeof r?.timeoutDuration=="number"?r?.timeoutDuration:5e3,this._cooldownDuration=typeof r?.cooldownDuration=="number"?r?.cooldownDuration:3e4,this._cacheMaxAge=typeof r?.cacheMaxAge=="number"?r?.cacheMaxAge:6e5}coolingDown(){return typeof this._jwksTimestamp=="number"?Date.now()<this._jwksTimestamp+this._cooldownDuration:!1}fresh(){return typeof this._jwksTimestamp=="number"?Date.now()<this._jwksTimestamp+this._cacheMaxAge:!1}async getKey(t,r){(!this._jwks||!this.fresh())&&await this.reload();try{return await super.getKey(t,r)}catch(n){if(n instanceof xr&&this.coolingDown()===!1)return await this.reload(),super.getKey(t,r);throw n}}async reload(){this._pendingFetch&&qS()&&(this._pendingFetch=void 0),this._pendingFetch||(this._pendingFetch=Bm(this._url,this._timeoutDuration,this._options).then(t=>{if(!Fl(t))throw new rr("JSON Web Key Set malformed");this._jwks={keys:t.keys},this._jwksTimestamp=Date.now(),this._pendingFetch=void 0}).catch(t=>{throw this._pendingFetch=void 0,t})),await this._pendingFetch}};o(Jm,"createRemoteJWKSet")});var bs,Wm=I(()=>{Ie();ge();V();ps();ms();bs=class extends lr{static{o(this,"UnsecuredJWT")}encode(){let t=X(JSON.stringify({alg:"none"})),r=X(JSON.stringify(this._payload));return`${t}.${r}.`}static decode(t,r){if(typeof t!="string")throw new le("Unsecured JWT must be a string");let{0:n,1:i,2:s,length:a}=t.split(".");if(a!==3||s!=="")throw new le("Invalid Unsecured JWT");let c;try{if(c=JSON.parse(ue.decode(te(n))),c.alg!=="none")throw new Error}catch{throw new le("Invalid Unsecured JWT")}return{payload:un(c,te(i),r),header:c}}}});var jl={};Yi(jl,{decode:()=>bi,encode:()=>$S});var $S,bi,_s=I(()=>{Ie();$S=X,bi=te});function Qm(e){let t;if(typeof e=="string"){let r=e.split(".");(r.length===3||r.length===5)&&([t]=r)}else if(typeof e=="object"&&e)if("protected"in e)t=e.protected;else throw new TypeError("Token does not contain a Protected Header");try{if(typeof t!="string"||!t)throw new Error;let r=JSON.parse(ue.decode(bi(t)));if(!Q(r))throw new Error;return r}catch{throw new TypeError("Invalid Token or Protected Header formatting")}}var Ym=I(()=>{_s();ge();$e();o(Qm,"decodeProtectedHeader")});function Zm(e){if(typeof e!="string")throw new le("JWTs must use Compact JWS serialization, JWT must be a string");let{1:t,length:r}=e.split(".");if(r===5)throw new le("Only JWTs using Compact JWS serialization can be decoded");if(r!==3)throw new le("Invalid JWT");if(!t)throw new le("JWTs must contain a payload");let n;try{n=bi(t)}catch{throw new le("Failed to parse the base64url encoded payload")}let i;try{i=JSON.parse(ue.decode(n))}catch{throw new le("Failed to parse the decoded payload as JSON")}if(!Q(i))throw new le("Invalid JWT Claims Set");return i}var Xm=I(()=>{_s();ge();$e();V();o(Zm,"decodeJwt")});async function ey(e,t){var r;let n,i,s;switch(e){case"HS256":case"HS384":case"HS512":n=parseInt(e.slice(-3),10),i={name:"HMAC",hash:`SHA-${n}`,length:n},s=["sign","verify"];break;case"A128CBC-HS256":case"A192CBC-HS384":case"A256CBC-HS512":return n=parseInt(e.slice(-3),10),nr(new Uint8Array(n>>3));case"A128KW":case"A192KW":case"A256KW":n=parseInt(e.slice(1,4),10),i={name:"AES-KW",length:n},s=["wrapKey","unwrapKey"];break;case"A128GCMKW":case"A192GCMKW":case"A256GCMKW":case"A128GCM":case"A192GCM":case"A256GCM":n=parseInt(e.slice(1,4),10),i={name:"AES-GCM",length:n},s=["encrypt","decrypt"];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}return U.subtle.generateKey(i,(r=t?.extractable)!==null&&r!==void 0?r:!1,s)}function Vl(e){var t;let r=(t=e?.modulusLength)!==null&&t!==void 0?t:2048;if(typeof r!="number"||r<2048)throw new k("Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used");return r}async function ty(e,t){var r,n,i;let s,a;switch(e){case"PS256":case"PS384":case"PS512":s={name:"RSA-PSS",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Vl(t)},a=["sign","verify"];break;case"RS256":case"RS384":case"RS512":s={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Vl(t)},a=["sign","verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":s={name:"RSA-OAEP",hash:`SHA-${parseInt(e.slice(-3),10)||1}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Vl(t)},a=["decrypt","unwrapKey","encrypt","wrapKey"];break;case"ES256":s={name:"ECDSA",namedCurve:"P-256"},a=["sign","verify"];break;case"ES384":s={name:"ECDSA",namedCurve:"P-384"},a=["sign","verify"];break;case"ES512":s={name:"ECDSA",namedCurve:"P-521"},a=["sign","verify"];break;case"EdDSA":a=["sign","verify"];let c=(r=t?.crv)!==null&&r!==void 0?r:"Ed25519";switch(c){case"Ed25519":case"Ed448":s={name:c};break;default:throw new k("Invalid or unsupported crv option provided")}break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{a=["deriveKey","deriveBits"];let u=(n=t?.crv)!==null&&n!==void 0?n:"P-256";switch(u){case"P-256":case"P-384":case"P-521":{s={name:"ECDH",namedCurve:u};break}case"X25519":case"X448":s={name:u};break;default:throw new k("Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448")}break}default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}return U.subtle.generateKey(s,(i=t?.extractable)!==null&&i!==void 0?i:!1,a)}var Gl=I(()=>{Te();V();si();o(ey,"generateSecret");o(Vl,"getModulusLengthOption");o(ty,"generateKeyPair")});async function ry(e,t){return ty(e,t)}var ny=I(()=>{Gl();o(ry,"generateKeyPair")});async function iy(e,t){return ey(e,t)}var oy=I(()=>{Gl();o(iy,"generateSecret")});var Es={};Yi(Es,{CompactEncrypt:()=>ln,CompactSign:()=>dn,EmbeddedJWK:()=>$m,EncryptJWT:()=>gs,FlattenedEncrypt:()=>Mt,FlattenedSign:()=>ur,GeneralEncrypt:()=>us,GeneralSign:()=>fs,SignJWT:()=>ys,UnsecuredJWT:()=>bs,base64url:()=>jl,calculateJwkThumbprint:()=>Hl,calculateJwkThumbprintUri:()=>Fm,compactDecrypt:()=>os,compactVerify:()=>ds,createLocalJWKSet:()=>Gm,createRemoteJWKSet:()=>Jm,decodeJwt:()=>Zm,decodeProtectedHeader:()=>Qm,errors:()=>sl,exportJWK:()=>ss,exportPKCS8:()=>Tm,exportSPKI:()=>vm,flattenedDecrypt:()=>on,flattenedVerify:()=>sn,generalDecrypt:()=>bm,generalVerify:()=>Am,generateKeyPair:()=>ry,generateSecret:()=>iy,importJWK:()=>ar,importPKCS8:()=>hm,importSPKI:()=>dm,importX509:()=>pm,jwtDecrypt:()=>Cm,jwtVerify:()=>xm});var ws=I(()=>{Il();is();_m();Sm();Cl();ls();Rm();Nm();Lm();Ul();cs();Ml();hs();Mm();km();Hm();qm();jm();ql();zm();Wm();Pl();di();Ym();Xm();V();ny();oy();_s()});var Ts=g(vs=>{"use strict";Object.defineProperty(vs,"__esModule",{value:!0});vs.fetchRetry=void 0;var jS=L();async function VS(e,t,r){for(let n=0;n<=e.retries;n++){let i=fetch(t,r);if(n===e.retries)return i;let s=await i;if(s.status<500&&s.status!==429)return s;e?.logger?.error("Request failed, retrying",{method:typeof t=="string"?"GET":t.method,url:typeof t=="string"?t:t.url,status:s.status}),await new Promise(a=>setTimeout(a,e.retryDelayMs*Math.pow(2,n)))}throw new jS.ConfigurationError("An unknown error occurred, ensure retries is not negative")}o(VS,"fetchRetry");vs.fetchRetry=VS});var pn=g(Ze=>{"use strict";Object.defineProperty(Ze,"__esModule",{value:!0});Ze.GcpServiceAccount=Ze.fetchToken=Ze.exchangeGgpJwtForIdToken=Ze.exchangeFirebaseJwtForIdToken=Ze.getTokenFromGcpServiceAccount=void 0;var sy=(ws(),Zi(Es)),GS=L(),BS=Ts();async function KS({serviceAccount:e,audience:t,expirationTime:r="1h",payload:n={}}){let{clientEmail:i,privateKeyId:s,privateKey:a}=e;return await new sy.SignJWT(n).setProtectedHeader({alg:"RS256",kid:s}).setIssuer(i).setSubject(i).setAudience(t).setIssuedAt().setExpirationTime(r).sign(a)}o(KS,"getTokenFromGcpServiceAccount");Ze.getTokenFromGcpServiceAccount=KS;async function JS(e,t,r){return Kl(e,{token:t,returnSecureToken:!0},r)}o(JS,"exchangeFirebaseJwtForIdToken");Ze.exchangeFirebaseJwtForIdToken=JS;async function zS(e,t,r){return Kl(e,{grant_type:"urn:ietf:params:oauth:grant-type:jwt-bearer",assertion:t},r)}o(zS,"exchangeGgpJwtForIdToken");Ze.exchangeGgpJwtForIdToken=zS;async function Kl(e,t,r){let n=await(0,BS.fetchRetry)(r,e,{method:"POST",headers:{"Content-Type":"application/json"},redirect:"follow",body:JSON.stringify(t)});if(n.status!==200){let s;try{let a=await n.text(),c=JSON.parse(a);s={cause:c.error??c}}catch{}throw new GS.RuntimeError({message:"Could not get token from Google Identity",extensionMembers:s})}return await n.json()}o(Kl,"fetchToken");Ze.fetchToken=Kl;var Bl=class e{static{o(this,"GcpServiceAccount")}#e;#t;constructor({serviceAccount:t,privateKey:r}){this.#t=t,this.#e=r}static async init(t){let r=JSON.parse(t),n=await(0,sy.importPKCS8)(r.private_key.trim(),"RS256");return new e({serviceAccount:r,privateKey:n})}get type(){return this.#t.type}get projectId(){return this.#t.project_id}get privateKeyId(){return this.#t.private_key_id}get privateKey(){return this.#e}get clientEmail(){return this.#t.client_email}get clientId(){return this.#t.client_id}get authUri(){return this.#t.auth_uri}get tokenUrl(){return this.#t.token_url}get authProviderX509CertUrl(){return this.#t.auth_provider_x509_cert_url}get clientX509CertUrl(){return this.#t.client_x509_cert_url}get universalDomain(){return this.#t.universe_domain}};Ze.GcpServiceAccount=Bl});var Is=g(kt=>{"use strict";Object.defineProperty(kt,"__esModule",{value:!0});kt.GoogleLogTransport=kt.ZuploToGCPMap=kt.GoogleCloudLoggingPlugin=void 0;var WS=ve(),Jl=Y(),zl=pn(),QS=Dt(),ay=bt(),Wl=class extends QS.LogPlugin{static{o(this,"GoogleCloudLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new Ss(this.options)}};kt.GoogleCloudLoggingPlugin=Wl;var YS="https://logging.googleapis.com/v2/entries:write?alt=json";kt.ZuploToGCPMap={error:"ERROR",warn:"WARNING",info:"INFO",debug:"DEBUG"};var Ss=class{static{o(this,"GoogleLogTransport")}constructor(t){this.#r=t.logName,this.#e=t.serviceAccountJson,this.#i=Jl.Environment.instance.loggingEnvironmentType,this.#o=Jl.Environment.instance.loggingEnvironmentStage,this.#n=Jl.Environment.instance.deploymentName}#e;#t;#r;#n;#i;#o;async log(t,r){if(t.messages.length===0)return;let n={allMessages:(0,ay.makeErrorsSerializable)(t.messages)};this.#t||(this.#t=await zl.GcpServiceAccount.init(this.#e));let i=this.#t.projectId??"zuplo-production",s={logName:this.#r,resource:{type:"global"},severity:kt.ZuploToGCPMap[t.level],timestamp:t.timestamp,trace:`projects/${i}/traces/${t.requestId}`,labels:{requestId:t.requestId,buildId:t.buildId,source:t.logSource,loggingId:t.loggingId,logOwner:t.logOwner,environment:this.#n,environmentType:this.#i,environmentStage:this.#o}};t.rayId&&(s.labels.rayId=t.rayId);let a=(0,ay.extractBestMessage)(n.allMessages);s.jsonPayload={...n,message:a},this.batcher.enqueue(s),r.waitUntil(this.batcher.waitUntilFlushed())}dispatchFunction=async t=>{if(t.length===0)return;this.#t||(this.#t=await zl.GcpServiceAccount.init(this.#e));let r=await(0,zl.getTokenFromGcpServiceAccount)({serviceAccount:this.#t,audience:"https://logging.googleapis.com/google.logging.v2.LoggingServiceV2"}),n=await fetch(YS,{method:"POST",body:JSON.stringify({entries:t}),headers:{Authorization:`Bearer ${r}`,"content-type":"application/json;charset=UTF-8"}});n.ok||console.error(n.status,n.statusText,await n.text())};batcher=new WS.BatchDispatch("google-log-transport",1,this.dispatchFunction)};kt.GoogleLogTransport=Ss});var Ql=g(hn=>{"use strict";Object.defineProperty(hn,"__esModule",{value:!0});hn.gcpLogFormat=hn.GCP_LOG_FORMAT=void 0;var cy=bt(),ZS=Is();hn.GCP_LOG_FORMAT="gcp";function XS(e){let t={allMessages:(0,cy.makeErrorsSerializable)(e.messages)},r="zuplo-production",n=(0,cy.extractBestMessage)(t.allMessages),i={logName:`projects/${r}/logs/runtime-user`,message:n,severity:ZS.ZuploToGCPMap[e.level],timestamp:e.timestamp,"logging.googleapis.com/labels":{buildId:e.buildId,source:e.logSource,loggingId:e.loggingId,logOwner:e.logOwner},"logging.googleapis.com/trace":`projects/${r}/traces/${e.requestId}`,allMessages:t.allMessages};return e.rayId&&(i["logging.googleapis.com/labels"].rayId=e.rayId),i}o(XS,"gcpLogFormat");hn.gcpLogFormat=XS});var ly=g(Ps=>{"use strict";Object.defineProperty(Ps,"__esModule",{value:!0});Ps.ConsoleTransport=void 0;var uy=Ql(),Yl=class{static{o(this,"ConsoleTransport")}constructor(t,r){this.#e=t??console,this.#t=r}#e;#t;async log(t){if(this.#t===uy.GCP_LOG_FORMAT){if(t.messages.length===0)return;this.#e[t.level].apply(null,[(0,uy.gcpLogFormat)(t)])}else this.#e[t.level].apply(null,[...t.messages,{logOwner:t.logOwner,logSource:t.logSource,level:t.level,timestamp:t.timestamp,loggingId:t.loggingId,rayId:t.rayId,requestId:t.requestId,buildId:t.buildId}])}};Ps.ConsoleTransport=Yl});var nd=g(fn=>{"use strict";Object.defineProperty(fn,"__esModule",{value:!0});fn.DataDogTransport=fn.DataDogLoggingPlugin=void 0;var eI=ve(),Zl=Y(),tI=Dt(),dy=bt(),rd=class extends tI.LogPlugin{static{o(this,"DataDogLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new As(this.options)}};fn.DataDogLoggingPlugin=rd;var Xl="__ddtags",ed="__ddattr",td=o(e=>e.replaceAll(",","_").replaceAll(":","_"),"cleanTagText"),rI=o(e=>{let t=Object.keys(e),r=[];return t.forEach(n=>{let i=e[n];i==null?r.push(td(n)):r.push(`${td(n)}:${td(i.toString())}`)}),r.join(",")},"formatTags"),As=class{static{o(this,"DataDogTransport")}constructor(t){this.#e=t.apiKey,this.#t=t.url??"https://http-intake.logs.datadoghq.com/api/v2/logs",this.#n=Zl.Environment.instance.loggingEnvironmentType,this.#i=Zl.Environment.instance.loggingEnvironmentStage,this.#r=Zl.Environment.instance.deploymentName}#e;#t;#r;#n;#i;async log(t,r){let n={},i=r.custom[Xl];i&&typeof i=="object"&&Object.assign(n,i);let s=[...t.messages],a=t.messages.findIndex(h=>h[Xl]!==void 0);a>-1&&(Object.assign(n,s[a][Xl]),s.splice(a,1));let c={},u=r.custom[ed];u&&typeof u=="object"&&Object.assign(c,u);let l=t.messages.findIndex(h=>h[ed]!==void 0);l>-1&&(Object.assign(c,s[l][ed]),s.splice(l,1));let d=(0,dy.makeErrorsSerializable)(s),m={message:{...{...t,activityId:t.requestId,trace:t.requestId},messages:d},ddsource:"Zuplo",hostname:new URL(r.originalRequest.url).hostname,msg:(0,dy.extractBestMessage)(d),service:t.loggingId,ddtags:rI(n),environment:this.#r,environment_type:this.#n,environment_stage:this.#i};Object.assign(m,c),this.batcher.enqueue(m),r.waitUntil(this.batcher.waitUntilFlushed())}dispatchFunction=async t=>{t.length!==0&&await fetch(this.#t,{method:"POST",body:JSON.stringify([...t]),headers:{"content-type":"application/json","DD-API-KEY":this.#e}})};batcher=new eI.BatchDispatch("data-dog-transport",10,this.dispatchFunction)};fn.DataDogTransport=As});var hy=g(Rs=>{"use strict";Object.defineProperty(Rs,"__esModule",{value:!0});Rs.ProcessTransport=void 0;var py=Ql(),id=class{static{o(this,"ProcessTransport")}constructor(t,r){this.#e=t,this.#t=r}#e;#t;async log(t){if(this.#t===py.GCP_LOG_FORMAT){if(t.messages.length===0)return;this.#e[t.level].apply(null,[(0,py.gcpLogFormat)(t)])}else this.#e[t.level].apply(null,[...t.messages,{logOwner:t.logOwner,logSource:t.logSource,timestamp:t.timestamp,loggingId:t.loggingId,rayId:t.rayId,requestId:t.requestId,buildId:t.buildId,vectorClock:t.vectorClock}])}};Rs.ProcessTransport=id});var my=g(xs=>{"use strict";Object.defineProperty(xs,"__esModule",{value:!0});xs.RemoteLogTransport=void 0;var nI=ve(),fy=Y(),iI=bt(),oI=o(({url:e,remoteLogToken:t,loggingId:r,sendOnlyErrors:n})=>async i=>{let s;n===!0?s=i.filter(a=>a.level==="error"):s=i,s.length!==0&&fetch(`${e}/publish/${r}`,{method:"POST",body:JSON.stringify({timestamp:Date.now(),type:"log",message:s.map(a=>({...a,messages:(0,iI.makeErrorsSerializable)(a.messages)}))}),headers:{"content-type":"application/json",authentication:`Bearer ${t}`,"user-agent":fy.Environment.instance.systemUserAgent,"zp-dn":fy.Environment.instance.deploymentName??"unknown"}}).catch(a=>{console.error(a)})},"dispatchFunction"),Os,od=class{static{o(this,"RemoteLogTransport")}constructor(t){Os||(Os=new nI.BatchDispatch("remote-log-transport",1,oI(t)))}async log(t,r){Os.enqueue(t),r.waitUntil(Os.waitUntilFlushed())}};xs.RemoteLogTransport=od});var yy=g(Lr=>{"use strict";Object.defineProperty(Lr,"__esModule",{value:!0});Lr.unifiedFormatter=Lr.SeverityNumberOpenTelemetryMap=void 0;Lr.SeverityNumberOpenTelemetryMap={internal:1,trace:2,debug:5,info:9,warn:13,error:17,fatal:21};var sI=o((e,t)=>r=>{let n={};return n.deploymentName=e,n.labels={requestId:r.requestId,source:r.logSource,loggingId:r.loggingId,logOwner:r.logOwner},n.rayId=r.rayId??"",n.runtime={buildId:t.BUILD_ID,buildTimestamp:t.TIMESTAMP,gitSHA:t.GIT_SHA,version:t.ZUPLO_VERSION},n.atomicCounter=r.vectorClock,{timestamp:r.timestamp,observerdTimestamp:r.timestamp,traceId:r.requestId,severityText:r.level,severityNumber:Lr.SeverityNumberOpenTelemetryMap[r.level],body:r.messages,attributes:n}},"unifiedFormatter");Lr.unifiedFormatter=sI});var by=g(Cs=>{"use strict";Object.defineProperty(Cs,"__esModule",{value:!0});Cs.UnifiedLogTransport=void 0;var aI=ve(),gy=Y(),cI=yy(),uI=o(({url:e,remoteLogToken:t,deploymentName:r,build:n})=>async i=>{if(i.length===0)return;let s=(0,cI.unifiedFormatter)(r,n);fetch(`${e}/v1/runtime-logs`,{method:"POST",body:JSON.stringify({entries:i.map(s)}),headers:{"content-type":"application/json",authentication:`Bearer ${t}`,"user-agent":gy.Environment.instance.systemUserAgent,"zp-dn":gy.Environment.instance.deploymentName??"unknown"}}).catch(a=>{console.error(a)})},"dispatchFunction"),Ns,sd=class{static{o(this,"UnifiedLogTransport")}constructor(t){Ns||(Ns=new aI.BatchDispatch("unified-log-transport",1,uI(t)))}async log(t,r){Ns.enqueue(t),r.waitUntil(Ns.waitUntilFlushed())}};Cs.UnifiedLogTransport=sd});var Iy=g(Ls=>{"use strict";Object.defineProperty(Ls,"__esModule",{value:!0});Ls.LogInitializer=void 0;var lI=Tr(),dI=yt(),_y=Ku(),Ey=Y(),wy=Tf(),pI=Dt(),hI=Sf(),vy=If(),Ty=ly(),fI=nd(),mI=Is(),Sy=hy(),yI=my(),gI=by(),ad=(0,lI.debug)("zuplo:logging"),cd=class{static{o(this,"LogInitializer")}serviceProvider;systemCoreLogger;userCoreLogger;constructor(t){this.serviceProvider=t,this.systemCoreLogger=this.setupSystemCoreLogger(Ey.Environment.instance),this.userCoreLogger=this.setupUserCoreLogger(Ey.Environment.instance)}setupSystemCoreLogger(t){let{build:r}=t;ad("Gateway.setupSystemCoreLogger");let n=[],i=this.serviceProvider.getService(_y.SYSTEM_LOGGER);return i?n.push(new Sy.ProcessTransport(i.logger,t.logFormat)):t.isDeno&&n.push(new Ty.ConsoleTransport(console,t.logFormat)),t.isCloudflare&&t.deploymentName&&t.remoteLogToken&&n.push(new gI.UnifiedLogTransport({url:t.remoteLogURL,deploymentName:t.deploymentName,remoteLogToken:t.remoteLogToken,build:t.build})),new wy.CoreLogger(t.systemLogLevel,"system",t.loggingId,r.BUILD_ID,n)}setupUserCoreLogger(t){ad("Gateway.setupUserCoreLogger");let r=[],{runtime:n,build:i}=t,s=this.serviceProvider.getService(_y.SYSTEM_LOGGER);if(s&&s.captureUserLogs===!0?r.push(new Sy.ProcessTransport(s.logger,t.logFormat)):t.isDeno&&r.push(new Ty.ConsoleTransport(console,t.logFormat)),t.remoteLogToken&&t.loggingId&&r.push(new yI.RemoteLogTransport({loggingId:t.loggingId,url:t.remoteLogURL,remoteLogToken:t.remoteLogToken,sendOnlyErrors:t.isCloudflare})),n.GCP_USER_LOG_NAME&&n.GCP_USER_LOG_SVC_ACCT_JSON&&r.push(new mI.GoogleLogTransport({serviceAccountJson:n.GCP_USER_LOG_SVC_ACCT_JSON,logName:n.GCP_USER_LOG_NAME})),n.ZUPLO_USER_LOGGER_DATA_DOG_API_KEY){let a=n.ZUPLO_USER_LOGGER_DATA_DOG_URL;r.push(new fI.DataDogTransport({apiKey:n.ZUPLO_USER_LOGGER_DATA_DOG_API_KEY,url:a}))}return dI.plugins.forEach(a=>{a instanceof pI.LogPlugin&&r.push(a.getTransport())}),new wy.CoreLogger(t.userLogLevel,"user",t.loggingId,i.BUILD_ID,r)}createRequestLoggers(t,r,n,i,s){ad("Gateway.createRequestLoggers");let a=new hI.LoggingContext(n,i,s),c=new vy.RequestLogger(t,r,this.systemCoreLogger,a);return{userRequestLogger:new vy.RequestLogger(t,r,this.userCoreLogger,a),systemRequestLogger:c}}};Ls.LogInitializer=cd});var ld=g(Ds=>{"use strict";Object.defineProperty(Ds,"__esModule",{value:!0});Ds.UserRouteConfiguration=void 0;var ud=class{static{o(this,"UserRouteConfiguration")}constructor(t){this.path=t.path,this.methods=t.methods,this.label=t.label,this.key=t.key,this.handler=t.handler,this.corsPolicy=t.corsPolicy,this.custom=t.custom,this.version=t.version,this.policies=t.policies,this.excludeFromOpenApi=t.excludeFromOpenApi,this.pathPattern=t.pathPattern,t.raw?(this.#e=t.raw(),this.operationId=this.raw()?.operationId,this.summary=this.raw()?.summary,this.tags=this.raw()?.tags,this.parameters=this.raw()?.parameters,this.responses=this.raw()?.responses):(this.operationId=t.operationId,this.summary=t.summary,this.tags=t.tags,this.parameters=t.parameters,this.responses=t.responses)}raw(){return this.#e}#e;label;key;path;summary;operationId;tags;parameters;responses;excludeFromOpenApi;pathPattern;custom;methods;handler;corsPolicy;version;policies};Ds.UserRouteConfiguration=ud});var pd=g(vt=>{"use strict";Object.defineProperty(vt,"__esModule",{value:!0});vt.Router=vt.RouterError=vt.LookupResult=vt.RouterEntry=void 0;var Py=L(),bI=ot(),_I=ld(),Us=class{static{o(this,"RouterEntry")}constructor(t,r,n,i){this.fullPath=t,this.urlPattern=r,this.config=n,this.executableHandler=i}fullPath;urlPattern;config;executableHandler};vt.RouterEntry=Us;var _i=class{static{o(this,"LookupResult")}constructor(t,r,n){this.routeConfiguration=t,this.params=n??{},this.executableHandler=r}executableHandler;routeConfiguration;params};vt.LookupResult=_i;var Ms=class extends Error{static{o(this,"RouterError")}constructor(t,r){super(t,r)}};vt.RouterError=Ms;var dd=class{static{o(this,"Router")}constructor(t){this.routeEntries=[],this.versions=t}versions;routeEntries;addRoute(t,r){if(!(t instanceof _I.UserRouteConfiguration||t instanceof bI.SystemRouteConfiguration))throw new Py.SystemError("Config must be a UserRouteConfiguration or SystemRouteConfiguration");let n=this.versions.find(s=>s.name===t.version)?.pathPrefix,i;"pathPattern"in t&&t.pathPattern?i=`${n??""}${t.pathPattern}`:i=`${n??""}${t.path}`;try{let s=new URLPattern({pathname:i}),a=new Us(i,s,t,r);Object.freeze(a.config),this.routeEntries.push(a)}catch(s){throw new Ms(`addRoute-error: Invalid path '${i}'. '${s.message}'`,{cause:s})}}lookup(t,r){if(typeof t>"u")throw new Py.ConfigurationError(`Invalid request - Method was undefined. Path: '${r}'`);let n=this.routeEntries.filter(i=>i.config.methods.includes(t));if(n.length!==0)for(let i=0;i<n.length;i++){let s=n[i],c=s.urlPattern.exec({pathname:r});if(c!==null)return new _i(s.config,s.executableHandler,c.pathname.groups)}}lookupByPathOnly(t){let r=[];for(let n=0;n<this.routeEntries.length;n++){let i=this.routeEntries[n],a=i.urlPattern.exec({pathname:t});if(a!==null){let c=new _i(i.config,i.executableHandler,a.pathname.groups);r.push(c)}}return r}};vt.Router=dd});var mn=g(Hs=>{"use strict";Object.defineProperty(Hs,"__esModule",{value:!0});Hs.Gateway=void 0;var EI=Tr(),Ay=Yh(),Ry=sf(),wI=af(),Oy=cf(),xy=pf(),Ht=Xn(),ks=Sr(),Ny=vf(),St=L(),Ei=yt(),vI=Iy(),TI=Nt(),SI=se(),II=Gu(),PI=Qt(),AI=zr(),RI=He(),OI=pd(),hd=ot(),Cy=ld(),xI=Le(),NI=No(),Ly=Y(),Dy=Or(),CI=["/__zuplo/ping","/__zuplo/open-api","/__zuplo/docs","/__zuplo/consumers","/__zuplo/external-users","/__zuplo/assets","/__zuplo/config","/__zuplo/build","/favicon.ico"],Tt=(0,EI.debug)("zuplo:runtime"),LI=o(e=>{let t=e.findIndex(r=>r.name===hd.systemNoVersion.name);return t>-1?[...e.splice(t),hd.systemNoVersion]:[...e,hd.systemNoVersion]},"setupSystemNoVersion"),fd=class e{static{o(this,"Gateway")}routeData;runtimeSettings;schemaValidator;static#e;constructor(t,r,n,i){this.routeData=t,this.runtimeSettings=r,this.schemaValidator=i,Tt("Gateway.constructor"),this.#r=this.setupRoutes(),this.#i=this.setupErrorHandler(),this.#t=new vI.LogInitializer(n)}static async initialize(t,r,n,i,s){if(Tt("Gateway.initialize"),!e.#e){await(0,Ei.initializeRuntime)(s);let a={...t,corsPolicies:(0,NI.parseCorsPolicies)(t.corsPolicies)},c=new e(a,r,n,i);e.#e=c}return e.#e}static purgeGatewayCache(){Tt("Gateway.purgeGatewayCache"),e.#e=void 0}static get instance(){if(!e.#e)throw new St.SystemError("Gateway cannot be used before it is initialized");return e.#e}instanceId=crypto.randomUUID();#t;#r;#n=[AI.policyProcessor,II.corsProcessor,PI.metricsProcessor];#i;setupRoutes=()=>{Tt("Gateway.setupRoutes");let t=this.routeData,r=LI(t.versions),n=new OI.Router(r);if(t.routes.length===0)return(0,Ay.registerBuildRoute)(n,this),(0,xy.registerPingRoute)(n,this),(0,Ry.registerCorsRoute)(n,this),(0,wI.registerNoRoutes)(n,this),n;let{enabled:i}=this.runtimeSettings.developerPortal;i&&((0,Ny.registerDevPortalLegacyRedirectRoute)(n,this),(0,Ny.registerDevPortalV3Route)(n,this)),(0,Ay.registerBuildRoute)(n,this),(0,xy.registerPingRoute)(n,this),(0,Ry.registerCorsRoute)(n,this);for(let s of Ei.plugins)s instanceof Ei.SystemRuntimePlugin&&s.registerRoutes(n,this);return t.routes.forEach(s=>{let a;if(typeof s.handler?.module=="object"&&(a=s.handler?.module[s.handler.export]),typeof a!="function")throw new St.ConfigurationError(`Invalid state - No handler on route for path '${s.path}'`);let c=new TI.Pipeline({processors:this.#n,handler:a,gateway:this}),u=new Cy.UserRouteConfiguration(s);n.addRoute(u,c.execute)}),(0,Oy.registerNotMatchedHandler)(n,this),n};setupErrorHandler=()=>{let t;if(typeof this.routeData.requestErrorHandler?.module=="object"){if(t=this.routeData.requestErrorHandler.module[this.routeData.requestErrorHandler.export],typeof t!="function")throw new St.ConfigurationError("Invalid state - Module and export set for 'errorHandler' is not a function")}else t=o((r,n,i)=>this.#o(r,n,i),"errorHandler");return t};errorHandler(t,r,n){try{return this.#i(t,r,n)}catch(i){return Tt("An error occurred in the user's errorHandler",i),this.#o(t,r,i)}}#o(t,r,n){Tt("Gateway.internalErrorResponse");let i={};if(Ly.Environment.instance.isDeno){if(n instanceof St.RuntimeError&&n.extensionMembers)i=n.extensionMembers;else if(n.cause){let s=(0,Dy.serializeError)(n.cause);"stack"in s&&(s.stack=(0,Dy.cleanStack)(s.stack)),i={cause:s}}}return SI.HttpProblems.internalServerError(t,r,{detail:n.message,...i})}#s(t){let r=new Headers(t.headers);return Ht.DISPATCH_HEADERS_TO_REMOVE.forEach(n=>{r.delete(n)}),Ly.Environment.instance.isDeno&&Ht.INTERNAL_HEADERS_TO_REMOVE.forEach(n=>{r.delete(n)}),new Request(t,{headers:r})}async handleRequest(t,r){let n=t.headers.get(Ht.REQUEST_ID_HEADER)??t.headers.get(Ht.LEGACY_REQUEST_ID_HEADER),i=t.headers.get(Ht.RAY_ID_HEADER);if(!n){n=crypto.randomUUID();let T=new Headers(t.headers);T.set(Ht.REQUEST_ID_HEADER,n),t=new Request(t,{headers:T})}if(["GET","HEAD"].includes(t.method)&&t.body){let T=new Headers(t.headers);T.set(Ht.BODY_REMOVED_HEADER,"true"),t=new Request(t,{headers:T,body:null})}let s={},{userRequestLogger:a,systemRequestLogger:c}=this.#t.createRequestLoggers(n,i,r,s,t),u=new URL(t.url),l=u.pathname,d=this.#r.lookup(t.method,l);if(!d)throw new St.SystemError(`Invalid state - no route match - should have been picked up by the not found handler, path: '${l}'`);let p=new ks.HeaderIncomingRequestProperties(t.headers),m=this.#s(t),h=new RI.ZuploRequest(m,{params:d.params}),y=new ks.SystemZuploContext({logger:a,route:d.routeConfiguration,requestId:n,fetchEvent:r,custom:s,incomingRequestProperties:p}),w=ks.ZuploContextExtensions.initialize(y,h);if(d.routeConfiguration===Oy.notFoundRouteConfiguration&&Ei.runtimeExtensions.value?.notFoundHandler!==void 0){let T=this.#r.lookupByPathOnly(l);w.pathOnlyMatches=T.map(S=>S.routeConfiguration).filter(S=>S instanceof Cy.UserRouteConfiguration)}try{if(xI.SystemLogMap.addLogger(y,c),!u.pathname.startsWith("/__zuplo")){let F=await(0,Ei.invokeOnRequestExtensions)(h,y);if(F instanceof Response)return F;{let N=ks.ZuploContextExtensions.getContextExtensions(y);h=F,N.latestRequest=h}}[...CI,...this.runtimeSettings.developerPortal.enabled?[this.runtimeSettings.developerPortal.sitePathname]:[]].filter(F=>new RegExp(F).test(u.pathname)).length===0&&a.debug(`Request received '${u.pathname}'`,{method:t.method,url:u.pathname,hostname:u.hostname,route:d.routeConfiguration.path});let S=d.executableHandler;DI(S,d,t),Tt("Gateway.handleRequest - call user handler");let D=await S(h,y);if(Tt("Gateway.handleRequest - user handler"),!(D instanceof Response))throw new St.RuntimeError(`Invalid Response type from the request handler: ${typeof D}`);if(D.bodyUsed)throw new St.RuntimeError("The response object has already been used. Return a new response instead.");if(D.headers.get(Ht.REQUEST_ID_HEADER)===null&&!D.webSocket){let F=new Headers(D.headers);return F.set(Ht.REQUEST_ID_HEADER,n),new Response(D.body,{status:D.status,statusText:D.statusText,headers:F,cf:D.cf})}else return D}catch(T){return Tt("Gateway - error executing handler",T),T instanceof St.RuntimeError?(a.error(T),c.warn(T)):c.error(T),await this.#o(h,y,T)}}};Hs.Gateway=fd;function DI(e,t,r){if(Tt("Gateway.checkHandler"),!e)throw typeof t.routeConfiguration>"u"?new St.ConfigurationError(`Invalid state - no routeConfiguration for '${r.method}:${r.url}`):new St.ConfigurationError(`Invalid state. No handler for request '${r.method}':'${t.routeConfiguration.path}'`)}o(DI,"checkHandler")});var Uy=g(Fs=>{"use strict";Object.defineProperty(Fs,"__esModule",{value:!0});Fs.invokeInboundPolicy=void 0;var UI=L(),MI=mn(),kI=zr(),HI=o(async(e,t,r)=>{let n=MI.Gateway.instance.routeData.policies,i=(0,kI.getInboundPolicyHandlerAndOptions)([e],n);if(i.length===0)throw new UI.RuntimeError(`Invalid 'invokeInboundPolicy call' - no policy '${e}' found.`);let s=i[0];return s.handler(t,r,s.options,e)},"invokeInboundPolicy");Fs.invokeInboundPolicy=HI});var Sr=g(Xe=>{"use strict";Object.defineProperty(Xe,"__esModule",{value:!0});Xe.SystemZuploContext=Xe.ZuploContextExtensions=Xe.ResponseSentEvent=Xe.ResponseSendingEvent=Xe.HeaderIncomingRequestProperties=void 0;var _e=Xn(),FI=L(),qI=Uy(),md=class{static{o(this,"HeaderIncomingRequestProperties")}#e;constructor(t){this.#e=t}get asn(){try{let t=this.#e.get(_e.ZP_ASN_HEADER);if(typeof t=="string")return parseInt(t)}catch{}}get asOrganization(){return this.#e.get(_e.ZP_AS_ORG_HEADER)??void 0}get city(){return this.#e.get(_e.CF_IP_CITY_HEADER)??this.#e.get(_e.ZP_IP_CITY_HEADER)??void 0}get continent(){return this.#e.get(_e.CF_IP_CONTINENT_HEADER)??this.#e.get(_e.ZP_IP_CONTINENT_HEADER)??void 0}get country(){return this.#e.get(_e.CF_IP_COUNTRY_HEADER)??this.#e.get(_e.ZP_IP_COUNTRY_HEADER)??void 0}get latitude(){return this.#e.get(_e.CF_IP_LATITUDE_HEADER)??this.#e.get(_e.ZP_IP_LATITUDE_HEADER)??void 0}get longitude(){return this.#e.get(_e.CF_IP_LONGITUDE_HEADER)??this.#e.get(_e.ZP_IP_LONGITUDE_HEADER)??void 0}get colo(){return this.#e.get(_e.ZP_COLO_HEADER)??void 0}get postalCode(){return this.#e.get(_e.ZP_POSTAL_CODE_HEADER)??void 0}get metroCode(){return this.#e.get(_e.ZP_METRO_CODE_HEADER)??void 0}get region(){return this.#e.get(_e.ZP_REGION_HEADER)??void 0}get regionCode(){return this.#e.get(_e.ZP_REGION_CODE_HEADER)??void 0}get timezone(){return this.#e.get(_e.ZP_TIMEZONE_HEADER)??void 0}toJSON(){return{asn:this.asn,asOrganization:this.asOrganization,city:this.city,continent:this.continent,country:this.country,latitude:this.latitude,longitude:this.longitude,colo:this.colo,postalCode:this.postalCode,metroCode:this.metroCode,region:this.region,regionCode:this.regionCode,timezone:this.timezone}}};Xe.HeaderIncomingRequestProperties=md;var yd=class extends Event{static{o(this,"ResponseSendingEvent")}constructor(t,r){super("responseSending"),this.request=t,this.mutableResponse=r}request;mutableResponse};Xe.ResponseSendingEvent=yd;var gd=class extends Event{static{o(this,"ResponseSentEvent")}constructor(t,r){super("responseSent"),this.request=t,this.response=r}request;response};Xe.ResponseSentEvent=gd;var wi=class e{static{o(this,"ZuploContextExtensions")}static#e=new WeakMap;static initialize(t,r){if(!e.#e.has(t)){let n=new e(r);return e.#e.set(t,n),n}throw new Error(`ZuploContextExtensions already initialized for context with requestId '${t.requestId}'`)}static getContextExtensions(t){let r=e.#e.get(t);if(!r)throw new FI.RuntimeError(`Invalid state, could not get ZuploContext extensions for context with requestId '${t.requestId}'`);return r}latestRequest;pathOnlyMatches;#t;#r;constructor(t){this.latestRequest=t,this.#t=[],this.#r=[]}addResponseSendingHook(t){this.#r.push(t)}addResponseSendingFinalHook(t){this.#t.push(t)}onResponseSendingFinal=async(t,r,n)=>{for(let i of this.#t)await i(t,r,n)};onResponseSending=async(t,r,n)=>{let i=t;for(let s of this.#r)i=await s(t,r,n);return i}};Xe.ZuploContextExtensions=wi;var bd=class extends EventTarget{static{o(this,"SystemZuploContext")}constructor({logger:t,route:r,requestId:n,fetchEvent:i,custom:s,incomingRequestProperties:a}){super(),this.log=Object.freeze(t),this.route=r,this.requestId=n,this.custom=s,this.incomingRequestProperties=a,this.#e=i,this.invokeInboundPolicy=(c,u)=>(0,qI.invokeInboundPolicy)(c,u,this),this.waitUntil=c=>{this.#e.waitUntil(c)},this.addResponseSendingHook=c=>{wi.getContextExtensions(this).addResponseSendingHook(c)},this.addResponseSendingFinalHook=c=>{wi.getContextExtensions(this).addResponseSendingFinalHook(c)},Object.freeze(this)}#e;requestId;log;route;custom;incomingRequestProperties;invokeInboundPolicy;waitUntil;addResponseSendingHook;addResponseSendingFinalHook;addEventListener(t,r,n){let i=o(s=>{try{typeof r=="function"?r(s):r.handleEvent(s)}catch(a){throw this.log.error(`Error invoking event ${t}. See following logs for details.`),a}},"wrapped");super.addEventListener(t,i,n)}};Xe.SystemZuploContext=bd});var $s=g(qs=>{"use strict";Object.defineProperty(qs,"__esModule",{value:!0});qs.ContextData=void 0;var _d=class e{static{o(this,"ContextData")}static#e;#t;constructor(t){this.#t=t}set(t,r){e.set(t,this.#t,r)}get(t){return e.get(t,this.#t)}static set(t,r,n){e.#e||(e.#e=new WeakMap);let i=e.#e.get(t);i||(i=new Map),i.set(r,n),e.#e.set(t,i)}static get(t,r){return e.#e||(e.#e=new WeakMap),e.#e.get(t)?.get(r)}};qs.ContextData=_d});var Ed=g(pr=>{"use strict";Object.defineProperty(pr,"__esModule",{value:!0});pr.environment=pr.isZuploReadableEnvVariableName=pr.isRestrictedEnvVariableName=void 0;var $I=["ZUPLO_USER_LOGGER_DATA_DOG_API_KEY","ZUPLO_USER_LOGGER_DATA_DOG_URL","ZUPLO_LOG_LEVEL","ZUPLO_HANDLER_WRITE_LOG_LEVEL"];function My(e){return e.startsWith("__ZUPLO")||e.startsWith("ZUPLO_")?!$I.includes(e)&&!e.startsWith("ZUPLO_PUBLIC_"):!1}o(My,"isRestrictedEnvVariableName");pr.isRestrictedEnvVariableName=My;function ky(e){return!!e.startsWith("ZUPLO_")}o(ky,"isZuploReadableEnvVariableName");pr.isZuploReadableEnvVariableName=ky;var jI=new Proxy({},{get(e,t){if(My(String(t))&&!ky(String(t)))return;let r=globalThis,n;return r.process?n=r.process.env[t]:n=r[t],n}});pr.environment=jI});var wd=g(yn=>{"use strict";Object.defineProperty(yn,"__esModule",{value:!0});yn.externalServiceHandler=yn.externalServiceTunnelConfig=void 0;var VI=Tr(),Dr=L(),GI=vd(),vi=Y(),ut=(0,VI.debug)("zuplo:runtime:external-service");function Fy(){let e,{__ZUPLO_EXTERNAL_SERVICE_TOKEN:t}=vi.Environment.instance.runtime;if(t&&t!=="undefined")try{let r=atob(t);e=JSON.parse(r)}catch{}return e}o(Fy,"getServiceAuth");async function BI(e){let t=Fy();if(!t)throw ut("There is no external service auth configured for this zup."),new Dr.RuntimeError("There are no external services configured for this zup.");if(typeof e!="string")throw ut("Cannot call external service with Request object"),new Dr.RuntimeError("Currently, we only support fetch(<some_string>, ...).");let n=new URL(e).hostname,i={};i["CF-Access-Client-Id"]=t.clientId,i["CF-Access-Client-Secret"]=t.clientSecret;let s;if(t.customServiceMapping&&t.customServiceMapping[n])s=`https://${t.customServiceMapping[n]}`;else if(vi.Environment.instance.useSha256ServiceRouting){ut("Using sha256 service routing");let a=vi.Environment.instance.build;if(a.ACCOUNT_NAME&&a.PROJECT_NAME&&a.ENVIRONMENT_TYPE)s=`https://${await qy(n,a.ACCOUNT_NAME,a.PROJECT_NAME,a.ENVIRONMENT_TYPE)}.zuptunnel.com`;else throw ut("Cannot use sha256 service routing, missing build variables"),new Dr.RuntimeError("Failed to generate fully qualified tunnel url.")}else s=`https://${n}.zuptunnel.com`;return{serviceBaseUrl:s,tunnelHeaders:i}}o(BI,"externalServiceTunnelConfig");yn.externalServiceTunnelConfig=BI;async function KI(e,t){let r=Fy();if(r)if(ut(`Using external service auth. ClientId: ${r.clientId})`),typeof e=="string"){let n=new URL(e),i=n.hostname,s=t??{},a=new Headers(s.headers||{});a.set("CF-Access-Client-Id",r.clientId),a.set("CF-Access-Client-Secret",r.clientSecret),s.headers=a;let c;if(r.customServiceMapping&&r.customServiceMapping[i])c=`https://${r.customServiceMapping[i]}`;else if(vi.Environment.instance.useSha256ServiceRouting){ut("Using sha256 service routing");let d=vi.Environment.instance.build;if(d.ACCOUNT_NAME&&d.PROJECT_NAME&&d.ENVIRONMENT_TYPE)c=`https://${await qy(i,d.ACCOUNT_NAME,d.PROJECT_NAME,d.ENVIRONMENT_TYPE)}.zuptunnel.com`;else throw ut("Cannot use sha256 service routing, missing build variables"),new Dr.RuntimeError("Failed to generate fully qualified tunnel url.")}else c=`https://${i}.zuptunnel.com`;let u=new URL(`${c}${n.pathname}${n.search}`);ut(`Calling external service: ${u.toString()}`);let l=await(0,GI.originalFetch)(u.toString(),s);if(l.status===403&&l.headers.get("cf-access-domain")!==null)throw console.error("403 Forbidden when calling external service.",{clientId:r.clientId,tunnelHost:c}),new Dr.RuntimeError("Could not connect to secure tunnel.");return l}else throw ut("Cannot call external service with Request object"),new Dr.RuntimeError("Currently, we only support fetch(<some_string>, ...).");else throw ut("There is no external service auth configured for this zup."),new Dr.RuntimeError("There are no external services configured for this zup.")}o(KI,"externalServiceHandler");yn.externalServiceHandler=KI;async function qy(e,t,r,n){let i=e.toLowerCase(),s=t.toLowerCase(),a=r.toLowerCase(),c=JI(n);ut(`Hashing service name: ${s}-${i}.${s}-${a}-${c}`);let u=await Hy(`${s}-${i}`),l=await Hy(`${s}-${a}-${c}`);return`${u}.${l}`}o(qy,"hashServiceName");async function Hy(e){let t=new TextEncoder().encode(e),r=await crypto.subtle.digest("SHA-256",t);return Array.from(new Uint8Array(r)).map(s=>s.toString(16).padStart(2,"0")).join("").slice(0,-1)}o(Hy,"hashSegment");function JI(e){let t=e.toLowerCase();switch(t){case"production":case"preview":return t;default:return"working-copy"}}o(JI,"sanitizeEnvironmentType")});var vd=g(gn=>{"use strict";Object.defineProperty(gn,"__esModule",{value:!0});gn.originalFetch=void 0;var zI=wd(),$y=new Map;$y.set("service:",zI.externalServiceHandler);gn.originalFetch=globalThis.fetch;globalThis.fetch=function(e,t){let r=WI(t);if(typeof e=="string"){let n=new URL(e),i=$y.get(n.protocol);return i?i(e,r):(0,gn.originalFetch)(e,r)}else return(0,gn.originalFetch)(e,r)};var WI=o(e=>{if(!e||e instanceof Request)return e;let t=e;if(!t.zuplo)return e;let r=e;return r.cf={cacheEverything:t.zuplo?.cacheEverything,cacheTtl:t.zuplo?.cacheTtlSeconds},delete e.zuplo,e},"transformInit")});var Gy=g(bn=>{"use strict";Object.defineProperty(bn,"__esModule",{value:!0});bn.Handler=bn.purgeGatewayCache=void 0;var QI=L(),Vy=mn(),jy=Y(),YI=o(()=>{Vy.Gateway.purgeGatewayCache()},"purgeGatewayCache");bn.purgeGatewayCache=YI;var Td=class{static{o(this,"Handler")}routeData;buildEnvironment;runtimeEnvironment;runtimeSettings;serviceProvider;schemaValidations;runtimeInit;constructor(t,r,n,i,s,a,c){this.routeData=t,this.buildEnvironment=r,this.runtimeEnvironment=n,this.runtimeSettings=i,this.serviceProvider=s,this.schemaValidations=a,this.runtimeInit=c}requestHandler=async(t,r)=>{jy.Environment.initialize(this.buildEnvironment,this.runtimeEnvironment);let n;try{n=await Vy.Gateway.initialize(this.routeData,this.runtimeSettings,this.serviceProvider,this.schemaValidations,this.runtimeInit)}catch(i){console.error("Error initializing gateway.",i);let s="Error initializing gateway. Check your 'zuplo.runtime.ts' for errors or contact support.";i instanceof QI.ConfigurationError&&(s=i.message);let a={status:500,title:"Gateway Initialization Error",type:"https://httpproblems.com/http-status/500",detail:s,instance:t.url,trace:{timestamp:Date.now(),rayId:t.headers.get("cf-ray")??void 0,buildId:this.buildEnvironment.BUILD_ID},message:jy.Environment.instance.isDeno?i.message:void 0};return new Response(JSON.stringify(a,null,2),{status:500,headers:{"content-type":"application/json"}})}return n.handleRequest(t,r)}};bn.Handler=Td});var zy=g(Re=>{"use strict";Object.defineProperty(Re,"__esModule",{value:!0});Re.pathToRegexp=Re.tokensToRegexp=Re.regexpToFunction=Re.match=Re.tokensToFunction=Re.compile=Re.parse=void 0;function ZI(e){for(var t=[],r=0;r<e.length;){var n=e[r];if(n==="*"||n==="+"||n==="?"){t.push({type:"MODIFIER",index:r,value:e[r++]});continue}if(n==="\\"){t.push({type:"ESCAPED_CHAR",index:r++,value:e[r++]});continue}if(n==="{"){t.push({type:"OPEN",index:r,value:e[r++]});continue}if(n==="}"){t.push({type:"CLOSE",index:r,value:e[r++]});continue}if(n===":"){for(var i="",s=r+1;s<e.length;){var a=e.charCodeAt(s);if(a>=48&&a<=57||a>=65&&a<=90||a>=97&&a<=122||a===95){i+=e[s++];continue}break}if(!i)throw new TypeError("Missing parameter name at ".concat(r));t.push({type:"NAME",index:r,value:i}),r=s;continue}if(n==="("){var c=1,u="",s=r+1;if(e[s]==="?")throw new TypeError('Pattern cannot start with "?" at '.concat(s));for(;s<e.length;){if(e[s]==="\\"){u+=e[s++]+e[s++];continue}if(e[s]===")"){if(c--,c===0){s++;break}}else if(e[s]==="("&&(c++,e[s+1]!=="?"))throw new TypeError("Capturing groups are not allowed at ".concat(s));u+=e[s++]}if(c)throw new TypeError("Unbalanced pattern at ".concat(r));if(!u)throw new TypeError("Missing pattern at ".concat(r));t.push({type:"PATTERN",index:r,value:u}),r=s;continue}t.push({type:"CHAR",index:r,value:e[r++]})}return t.push({type:"END",index:r,value:""}),t}o(ZI,"lexer");function Sd(e,t){t===void 0&&(t={});for(var r=ZI(e),n=t.prefixes,i=n===void 0?"./":n,s="[^".concat(_n(t.delimiter||"/#?"),"]+?"),a=[],c=0,u=0,l="",d=o(function(ne){if(u<r.length&&r[u].type===ne)return r[u++].value},"tryConsume"),p=o(function(ne){var me=d(ne);if(me!==void 0)return me;var Be=r[u],E=Be.type,H=Be.index;throw new TypeError("Unexpected ".concat(E," at ").concat(H,", expected ").concat(ne))},"mustConsume"),m=o(function(){for(var ne="",me;me=d("CHAR")||d("ESCAPED_CHAR");)ne+=me;return ne},"consumeText");u<r.length;){var h=d("CHAR"),y=d("NAME"),w=d("PATTERN");if(y||w){var T=h||"";i.indexOf(T)===-1&&(l+=T,T=""),l&&(a.push(l),l=""),a.push({name:y||c++,prefix:T,suffix:"",pattern:w||s,modifier:d("MODIFIER")||""});continue}var S=h||d("ESCAPED_CHAR");if(S){l+=S;continue}l&&(a.push(l),l="");var D=d("OPEN");if(D){var T=m(),F=d("NAME")||"",N=d("PATTERN")||"",re=m();p("CLOSE"),a.push({name:F||(N?c++:""),pattern:F&&!N?s:N,prefix:T,suffix:re,modifier:d("MODIFIER")||""});continue}p("END")}return a}o(Sd,"parse");Re.parse=Sd;function XI(e,t){return By(Sd(e,t),t)}o(XI,"compile");Re.compile=XI;function By(e,t){t===void 0&&(t={});var r=Id(t),n=t.encode,i=n===void 0?function(u){return u}:n,s=t.validate,a=s===void 0?!0:s,c=e.map(function(u){if(typeof u=="object")return new RegExp("^(?:".concat(u.pattern,")$"),r)});return function(u){for(var l="",d=0;d<e.length;d++){var p=e[d];if(typeof p=="string"){l+=p;continue}var m=u?u[p.name]:void 0,h=p.modifier==="?"||p.modifier==="*",y=p.modifier==="*"||p.modifier==="+";if(Array.isArray(m)){if(!y)throw new TypeError('Expected "'.concat(p.name,'" to not repeat, but got an array'));if(m.length===0){if(h)continue;throw new TypeError('Expected "'.concat(p.name,'" to not be empty'))}for(var w=0;w<m.length;w++){var T=i(m[w],p);if(a&&!c[d].test(T))throw new TypeError('Expected all "'.concat(p.name,'" to match "').concat(p.pattern,'", but got "').concat(T,'"'));l+=p.prefix+T+p.suffix}continue}if(typeof m=="string"||typeof m=="number"){var T=i(String(m),p);if(a&&!c[d].test(T))throw new TypeError('Expected "'.concat(p.name,'" to match "').concat(p.pattern,'", but got "').concat(T,'"'));l+=p.prefix+T+p.suffix;continue}if(!h){var S=y?"an array":"a string";throw new TypeError('Expected "'.concat(p.name,'" to be ').concat(S))}}return l}}o(By,"tokensToFunction");Re.tokensToFunction=By;function eP(e,t){var r=[],n=Pd(e,r,t);return Ky(n,r,t)}o(eP,"match");Re.match=eP;function Ky(e,t,r){r===void 0&&(r={});var n=r.decode,i=n===void 0?function(s){return s}:n;return function(s){var a=e.exec(s);if(!a)return!1;for(var c=a[0],u=a.index,l=Object.create(null),d=o(function(m){if(a[m]===void 0)return"continue";var h=t[m-1];h.modifier==="*"||h.modifier==="+"?l[h.name]=a[m].split(h.prefix+h.suffix).map(function(y){return i(y,h)}):l[h.name]=i(a[m],h)},"_loop_1"),p=1;p<a.length;p++)d(p);return{path:c,index:u,params:l}}}o(Ky,"regexpToFunction");Re.regexpToFunction=Ky;function _n(e){return e.replace(/([.+*?=^!:${}()[\]|/\\])/g,"\\$1")}o(_n,"escapeString");function Id(e){return e&&e.sensitive?"":"i"}o(Id,"flags");function tP(e,t){if(!t)return e;for(var r=/\((?:\?<(.*?)>)?(?!\?)/g,n=0,i=r.exec(e.source);i;)t.push({name:i[1]||n++,prefix:"",suffix:"",modifier:"",pattern:""}),i=r.exec(e.source);return e}o(tP,"regexpToRegexp");function rP(e,t,r){var n=e.map(function(i){return Pd(i,t,r).source});return new RegExp("(?:".concat(n.join("|"),")"),Id(r))}o(rP,"arrayToRegexp");function nP(e,t,r){return Jy(Sd(e,r),t,r)}o(nP,"stringToRegexp");function Jy(e,t,r){r===void 0&&(r={});for(var n=r.strict,i=n===void 0?!1:n,s=r.start,a=s===void 0?!0:s,c=r.end,u=c===void 0?!0:c,l=r.encode,d=l===void 0?function(H){return H}:l,p=r.delimiter,m=p===void 0?"/#?":p,h=r.endsWith,y=h===void 0?"":h,w="[".concat(_n(y),"]|$"),T="[".concat(_n(m),"]"),S=a?"^":"",D=0,F=e;D<F.length;D++){var N=F[D];if(typeof N=="string")S+=_n(d(N));else{var re=_n(d(N.prefix)),ne=_n(d(N.suffix));if(N.pattern)if(t&&t.push(N),re||ne)if(N.modifier==="+"||N.modifier==="*"){var me=N.modifier==="*"?"?":"";S+="(?:".concat(re,"((?:").concat(N.pattern,")(?:").concat(ne).concat(re,"(?:").concat(N.pattern,"))*)").concat(ne,")").concat(me)}else S+="(?:".concat(re,"(").concat(N.pattern,")").concat(ne,")").concat(N.modifier);else N.modifier==="+"||N.modifier==="*"?S+="((?:".concat(N.pattern,")").concat(N.modifier,")"):S+="(".concat(N.pattern,")").concat(N.modifier);else S+="(?:".concat(re).concat(ne,")").concat(N.modifier)}}if(u)i||(S+="".concat(T,"?")),S+=r.endsWith?"(?=".concat(w,")"):"$";else{var Be=e[e.length-1],E=typeof Be=="string"?T.indexOf(Be[Be.length-1])>-1:Be===void 0;i||(S+="(?:".concat(T,"(?=").concat(w,"))?")),E||(S+="(?=".concat(T,"|").concat(w,")"))}return new RegExp(S,Id(r))}o(Jy,"tokensToRegexp");Re.tokensToRegexp=Jy;function Pd(e,t,r){return e instanceof RegExp?tP(e,t):Array.isArray(e)?rP(e,t,r):nP(e,t,r)}o(Pd,"pathToRegexp");Re.pathToRegexp=Pd});var xd=g(En=>{"use strict";Object.defineProperty(En,"__esModule",{value:!0});En.AwsV4Signer=En.AwsClient=void 0;var iP=Tr(),Zy=L(),oP=(0,iP.debug)("zuplo:runtime"),Rd=new TextEncoder,Wy={appstream2:"appstream",cloudhsmv2:"cloudhsm",email:"ses",marketplace:"aws-marketplace",mobile:"AWSMobileHubService",pinpoint:"mobiletargeting",queue:"sqs","git-codecommit":"codecommit","mturk-requester-sandbox":"mturk-requester","personalize-runtime":"personalize"},sP=["authorization","content-type","content-length","user-agent","presigned-expires","expect","x-amzn-trace-id","range","connection"],Od=class{static{o(this,"AwsClient")}accessKeyId;secretAccessKey;sessionToken;service;region;cache;retries;initRetryMs;constructor({accessKeyId:t,secretAccessKey:r,sessionToken:n,service:i,region:s,cache:a,retries:c,initRetryMs:u}){if(t==null)throw new TypeError("accessKeyId is a required option");if(r==null)throw new TypeError("secretAccessKey is a required option");this.accessKeyId=t,this.secretAccessKey=r,this.sessionToken=n,this.service=i,this.region=s,this.cache=a||new Map,this.retries=c??0,this.initRetryMs=u||50}async sign(t,r){let n=new js(Object.assign({url:t},r,this,r&&r.aws)),i=Object.assign({},r,await n.sign());return delete i.aws,{url:i.url.toString(),request:i}}async fetch(t,r){oP("AWS fetch",t);for(let n=0;n<=this.retries;n++){let{url:i,request:s}=await this.sign(t,r),a=fetch(i,s);if(n===this.retries)return a;let c=await a;if(c.status<500&&c.status!==429)return c;await new Promise(u=>setTimeout(u,Math.random()*this.initRetryMs*Math.pow(2,n)))}throw new Zy.ConfigurationError("An unknown error occurred, ensure retries is not negative")}};En.AwsClient=Od;var js=class{static{o(this,"AwsV4Signer")}method;url;headers;body;accessKeyId;secretAccessKey;sessionToken;service;region;cache;datetime;signQuery;appendSessionToken;signableHeaders;signedHeaders;canonicalHeaders;credentialString;encodedPath;encodedSearch;constructor({method:t,url:r,headers:n,body:i,accessKeyId:s,secretAccessKey:a,sessionToken:c,service:u,region:l,cache:d,datetime:p,signQuery:m,appendSessionToken:h,allHeaders:y,singleEncode:w}){if(r==null)throw new TypeError("url is a required option");if(s==null)throw new TypeError("accessKeyId is a required option");if(a==null)throw new TypeError("secretAccessKey is a required option");this.method=t||(i?"POST":"GET"),this.url=new URL(r),this.headers=new Headers(n||{}),this.body=i,this.accessKeyId=s,this.secretAccessKey=a,this.sessionToken=c;let T,S;(!u||!l)&&([T,S]=aP(this.url,this.headers)),this.service=u||T||"",this.region=l||S||"us-east-1",this.cache=d||new Map,this.datetime=p||new Date().toISOString().replace(/[:-]|\.\d{3}/g,""),this.signQuery=m,this.appendSessionToken=h||this.service==="iotdevicegateway",this.headers.delete("Host");let D=this.signQuery?this.url.searchParams:this.headers;if(this.service==="s3"&&!this.headers.has("X-Amz-Content-Sha256")&&this.headers.set("X-Amz-Content-Sha256","UNSIGNED-PAYLOAD"),D.set("X-Amz-Date",this.datetime),this.sessionToken&&!this.appendSessionToken&&D.set("X-Amz-Security-Token",this.sessionToken),this.signableHeaders=["host",...this.headers.keys()].filter(N=>y||!sP.includes(N)).sort(),this.signedHeaders=this.signableHeaders.join(";"),this.canonicalHeaders=this.signableHeaders.map(N=>N+":"+(N==="host"?this.url.host:(this.headers.get(N)||"").replace(/\s+/g," "))).join(`
60
- `),this.credentialString=[this.datetime.slice(0,8),this.region,this.service,"aws4_request"].join("/"),this.signQuery&&(this.service==="s3"&&!D.has("X-Amz-Expires")&&D.set("X-Amz-Expires","86400"),D.set("X-Amz-Algorithm","AWS4-HMAC-SHA256"),D.set("X-Amz-Credential",this.accessKeyId+"/"+this.credentialString),D.set("X-Amz-SignedHeaders",this.signedHeaders)),this.service==="s3")try{this.encodedPath=decodeURIComponent(this.url.pathname.replace(/\+/g," "))}catch{this.encodedPath=this.url.pathname}else this.encodedPath=this.url.pathname.replace(/\/+/g,"/");w||(this.encodedPath=encodeURIComponent(this.encodedPath).replace(/%2F/g,"/")),this.encodedPath=Yy(this.encodedPath);let F=new Set;this.encodedSearch=[...this.url.searchParams].filter(([N])=>{if(!N)return!1;if(this.service==="s3"){if(F.has(N))return!1;F.add(N)}return!0}).map(N=>N.map(re=>Yy(encodeURIComponent(re)))).sort(([N,re],[ne,me])=>N<ne?-1:N>ne?1:re<me?-1:re>me?1:0).map(N=>N.join("=")).join("&")}async sign(){return this.signQuery?(this.url.searchParams.set("X-Amz-Signature",await this.signature()),this.sessionToken&&this.appendSessionToken&&this.url.searchParams.set("X-Amz-Security-Token",this.sessionToken)):this.headers.set("Authorization",await this.authHeader()),{method:this.method,url:this.url,headers:this.headers,body:this.body}}async authHeader(){return["AWS4-HMAC-SHA256 Credential="+this.accessKeyId+"/"+this.credentialString,"SignedHeaders="+this.signedHeaders,"Signature="+await this.signature()].join(", ")}async signature(){let t=this.datetime.slice(0,8),r=[this.secretAccessKey,t,this.region,this.service].join(),n=this.cache.get(r);if(!n){let i=await Ti("AWS4"+this.secretAccessKey,t),s=await Ti(i,this.region),a=await Ti(s,this.service);n=await Ti(a,"aws4_request"),this.cache.set(r,n)}return Ad(await Ti(n,await this.stringToSign()))}async stringToSign(){return["AWS4-HMAC-SHA256",this.datetime,this.credentialString,Ad(await Qy(await this.canonicalString()))].join(`
59
+ -----END ${t}-----`},"default")});function rm(e){let t=[],r=0;for(;r<e.length;){let n=cm(e.subarray(r));t.push(n),r+=n.byteLength}return t}function cm(e){let t=0,r=e[0]&31;if(t++,r===31){for(r=0;e[t]>=128;)r=r*128+e[t]-128,t++;r=r*128+e[t]-128,t++}let n=0;if(e[t]<128)n=e[t],t++;else if(n===128){for(n=0;e[t+n]!==0||e[t+n+1]!==0;){if(n>e.byteLength)throw new TypeError("invalid indefinite form length");n++}let s=t+n+2;return{byteLength:s,contents:e.subarray(t,t+n),raw:e.subarray(0,s)}}else{let s=e[t]&127;t++,n=0;for(let a=0;a<s;a++)n=n*256+e[t],t++}let i=t+n;return{byteLength:i,contents:e.subarray(t,i),raw:e.subarray(0,i)}}function gS(e){let t=rm(rm(cm(e).contents)[0].contents);return Jo(t[t[0].raw[0]===160?6:5].raw)}function bS(e){let t=e.replace(/(?:-----(?:BEGIN|END) CERTIFICATE-----|\s)/g,""),r=ol(t);return _l(gS(r),"PUBLIC KEY")}var nm,im,om,sr,tm,sm,am,El,um,ns=I(()=>{Te();at();Ie();em();V();ct();nm=o(async(e,t,r)=>{if(!ae(r))throw new TypeError(ie(r,...W));if(!r.extractable)throw new TypeError("CryptoKey is not extractable");if(r.type!==e)throw new TypeError(`key is not a ${e} key`);return _l(Jo(new Uint8Array(await U.subtle.exportKey(t,r))),`${e.toUpperCase()} KEY`)},"genericExport"),im=o(e=>nm("public","spki",e),"toSPKI"),om=o(e=>nm("private","pkcs8",e),"toPKCS8"),sr=o((e,t,r=0)=>{r===0&&(t.unshift(t.length),t.unshift(6));let n=e.indexOf(t[0],r);if(n===-1)return!1;let i=e.subarray(n,n+t.length);return i.length!==t.length?!1:i.every((s,a)=>s===t[a])||sr(e,t,n+1)},"findOid"),tm=o(e=>{switch(!0){case sr(e,[42,134,72,206,61,3,1,7]):return"P-256";case sr(e,[43,129,4,0,34]):return"P-384";case sr(e,[43,129,4,0,35]):return"P-521";case sr(e,[43,101,110]):return"X25519";case sr(e,[43,101,111]):return"X448";case sr(e,[43,101,112]):return"Ed25519";case sr(e,[43,101,113]):return"Ed448";default:throw new k("Invalid or unsupported EC Key Curve or OKP Key Sub Type")}},"getNamedCurve"),sm=o(async(e,t,r,n,i)=>{var s;let a,c,u=new Uint8Array(atob(r.replace(e,"")).split("").map(d=>d.charCodeAt(0))),l=t==="spki";switch(n){case"PS256":case"PS384":case"PS512":a={name:"RSA-PSS",hash:`SHA-${n.slice(-3)}`},c=l?["verify"]:["sign"];break;case"RS256":case"RS384":case"RS512":a={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${n.slice(-3)}`},c=l?["verify"]:["sign"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":a={name:"RSA-OAEP",hash:`SHA-${parseInt(n.slice(-3),10)||1}`},c=l?["encrypt","wrapKey"]:["decrypt","unwrapKey"];break;case"ES256":a={name:"ECDSA",namedCurve:"P-256"},c=l?["verify"]:["sign"];break;case"ES384":a={name:"ECDSA",namedCurve:"P-384"},c=l?["verify"]:["sign"];break;case"ES512":a={name:"ECDSA",namedCurve:"P-521"},c=l?["verify"]:["sign"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{let d=tm(u);a=d.startsWith("P-")?{name:"ECDH",namedCurve:d}:{name:d},c=l?[]:["deriveBits"];break}case"EdDSA":a={name:tm(u)},c=l?["verify"]:["sign"];break;default:throw new k('Invalid or unsupported "alg" (Algorithm) value')}return U.subtle.importKey(t,u,a,(s=i?.extractable)!==null&&s!==void 0?s:!1,c)},"genericImport"),am=o((e,t,r)=>sm(/(?:-----(?:BEGIN|END) PRIVATE KEY-----|\s)/g,"pkcs8",e,t,r),"fromPKCS8"),El=o((e,t,r)=>sm(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g,"spki",e,t,r),"fromSPKI");o(rm,"getElement");o(cm,"parseElement");o(gS,"spkiFromX509");o(bS,"getSPKI");um=o((e,t,r)=>{let n;try{n=bS(e)}catch(i){throw new TypeError("failed to parse the X.509 certificate",{cause:i})}return El(n,t,r)},"fromX509")});function _S(e){let t,r;switch(e.kty){case"oct":{switch(e.alg){case"HS256":case"HS384":case"HS512":t={name:"HMAC",hash:`SHA-${e.alg.slice(-3)}`},r=["sign","verify"];break;case"A128CBC-HS256":case"A192CBC-HS384":case"A256CBC-HS512":throw new k(`${e.alg} keys cannot be imported as CryptoKey instances`);case"A128GCM":case"A192GCM":case"A256GCM":case"A128GCMKW":case"A192GCMKW":case"A256GCMKW":t={name:"AES-GCM"},r=["encrypt","decrypt"];break;case"A128KW":case"A192KW":case"A256KW":t={name:"AES-KW"},r=["wrapKey","unwrapKey"];break;case"PBES2-HS256+A128KW":case"PBES2-HS384+A192KW":case"PBES2-HS512+A256KW":t={name:"PBKDF2"},r=["deriveBits"];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case"RSA":{switch(e.alg){case"PS256":case"PS384":case"PS512":t={name:"RSA-PSS",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RS256":case"RS384":case"RS512":t={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":t={name:"RSA-OAEP",hash:`SHA-${parseInt(e.alg.slice(-3),10)||1}`},r=e.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case"EC":{switch(e.alg){case"ES256":t={name:"ECDSA",namedCurve:"P-256"},r=e.d?["sign"]:["verify"];break;case"ES384":t={name:"ECDSA",namedCurve:"P-384"},r=e.d?["sign"]:["verify"];break;case"ES512":t={name:"ECDSA",namedCurve:"P-521"},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:"ECDH",namedCurve:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}case"OKP":{switch(e.alg){case"EdDSA":t={name:e.crv},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break}default:throw new k('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return{algorithm:t,keyUsages:r}}var ES,wl,lm=I(()=>{Te();V();Ie();o(_S,"subtleMapping");ES=o(async e=>{var t,r;if(!e.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');let{algorithm:n,keyUsages:i}=_S(e),s=[n,(t=e.ext)!==null&&t!==void 0?t:!1,(r=e.key_ops)!==null&&r!==void 0?r:i];if(n.name==="PBKDF2")return U.subtle.importKey("raw",te(e.k),...s);let a={...e};return delete a.alg,delete a.use,U.subtle.importKey("jwk",a,...s)},"parse"),wl=ES});async function dm(e,t,r){if(typeof e!="string"||e.indexOf("-----BEGIN PUBLIC KEY-----")!==0)throw new TypeError('"spki" must be SPKI formatted string');return El(e,t,r)}async function pm(e,t,r){if(typeof e!="string"||e.indexOf("-----BEGIN CERTIFICATE-----")!==0)throw new TypeError('"x509" must be X.509 formatted string');return um(e,t,r)}async function hm(e,t,r){if(typeof e!="string"||e.indexOf("-----BEGIN PRIVATE KEY-----")!==0)throw new TypeError('"pkcs8" must be PKCS#8 formatted string');return am(e,t,r)}async function ar(e,t,r){var n;if(!Q(e))throw new TypeError("JWK must be an object");switch(t||(t=e.alg),e.kty){case"oct":if(typeof e.k!="string"||!e.k)throw new TypeError('missing "k" (Key Value) Parameter value');return r??(r=e.ext!==!0),r?wl({...e,alg:t,ext:(n=e.ext)!==null&&n!==void 0?n:!1}):te(e.k);case"RSA":if(e.oth!==void 0)throw new k('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');case"EC":case"OKP":return wl({...e,alg:t});default:throw new k('Unsupported "kty" (Key Type) Parameter value')}}var di=I(()=>{Ie();ns();lm();V();$e();o(dm,"importSPKI");o(pm,"importX509");o(hm,"importPKCS8");o(ar,"importJWK")});var wS,vS,TS,cr,pi=I(()=>{at();ct();wS=o((e,t)=>{if(!(t instanceof Uint8Array)){if(!dl(t))throw new TypeError(ll(e,t,...W,"Uint8Array"));if(t.type!=="secret")throw new TypeError(`${W.join(" or ")} instances for symmetric algorithms must be of type "secret"`)}},"symmetricTypeCheck"),vS=o((e,t,r)=>{if(!dl(t))throw new TypeError(ll(e,t,...W));if(t.type==="secret")throw new TypeError(`${W.join(" or ")} instances for asymmetric algorithms must not be of type "secret"`);if(r==="sign"&&t.type==="public")throw new TypeError(`${W.join(" or ")} instances for asymmetric algorithm signing must be of type "private"`);if(r==="decrypt"&&t.type==="public")throw new TypeError(`${W.join(" or ")} instances for asymmetric algorithm decryption must be of type "private"`);if(t.algorithm&&r==="verify"&&t.type==="private")throw new TypeError(`${W.join(" or ")} instances for asymmetric algorithm verifying must be of type "public"`);if(t.algorithm&&r==="encrypt"&&t.type==="private")throw new TypeError(`${W.join(" or ")} instances for asymmetric algorithm encryption must be of type "public"`)},"asymmetricTypeCheck"),TS=o((e,t,r)=>{e.startsWith("HS")||e==="dir"||e.startsWith("PBES2")||/^A\d{3}(?:GCM)?KW$/.test(e)?wS(e,t):vS(e,t,r)},"checkKeyType"),cr=TS});async function SS(e,t,r,n,i){if(!(r instanceof Uint8Array))throw new TypeError(ie(r,"Uint8Array"));let s=parseInt(e.slice(1,4),10),a=await U.subtle.importKey("raw",r.subarray(s>>3),"AES-CBC",!1,["encrypt"]),c=await U.subtle.importKey("raw",r.subarray(0,s>>3),{hash:`SHA-${s<<1}`,name:"HMAC"},!1,["sign"]),u=new Uint8Array(await U.subtle.encrypt({iv:n,name:"AES-CBC"},a,t)),l=Se(i,n,u,Go(i.length<<3)),d=new Uint8Array((await U.subtle.sign("HMAC",c,l)).slice(0,s>>3));return{ciphertext:u,tag:d}}async function IS(e,t,r,n,i){let s;r instanceof Uint8Array?s=await U.subtle.importKey("raw",r,"AES-GCM",!1,["encrypt"]):(qe(r,e,"encrypt"),s=r);let a=new Uint8Array(await U.subtle.encrypt({additionalData:i,iv:n,name:"AES-GCM",tagLength:128},s,t)),c=a.slice(-16);return{ciphertext:a.slice(0,-16),tag:c}}var PS,hi,vl=I(()=>{ge();cl();ul();Te();or();at();V();ct();o(SS,"cbcEncrypt");o(IS,"gcmEncrypt");PS=o(async(e,t,r,n,i)=>{if(!ae(r)&&!(r instanceof Uint8Array))throw new TypeError(ie(r,...W,"Uint8Array"));switch(Qo(e,n),e){case"A128CBC-HS256":case"A192CBC-HS384":case"A256CBC-HS512":return r instanceof Uint8Array&&Xr(r,parseInt(e.slice(-3),10)),SS(e,t,r,n,i);case"A128GCM":case"A192GCM":case"A256GCM":return r instanceof Uint8Array&&Xr(r,parseInt(e.slice(1,4),10)),IS(e,t,r,n,i);default:throw new k("Unsupported JWE Content Encryption Algorithm")}},"encrypt"),hi=PS});async function fm(e,t,r,n){let i=e.slice(0,7);n||(n=zo(i));let{ciphertext:s,tag:a}=await hi(i,r,t,n,new Uint8Array(0));return{encryptedKey:s,iv:X(n),tag:X(a)}}async function mm(e,t,r,n,i){let s=e.slice(0,7);return Zo(s,t,r,n,i,new Uint8Array(0))}var Tl=I(()=>{vl();pl();Wo();Ie();o(fm,"wrap");o(mm,"unwrap")});async function AS(e,t,r,n,i){switch(cr(e,t,"decrypt"),e){case"dir":{if(r!==void 0)throw new A("Encountered unexpected JWE Encrypted Key");return t}case"ECDH-ES":if(r!==void 0)throw new A("Encountered unexpected JWE Encrypted Key");case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{if(!Q(n.epk))throw new A('JOSE Header "epk" (Ephemeral Public Key) missing or invalid');if(!ts(t))throw new k("ECDH with the provided key is not allowed or not supported by your javascript runtime");let s=await ar(n.epk,e),a,c;if(n.apu!==void 0){if(typeof n.apu!="string")throw new A('JOSE Header "apu" (Agreement PartyUInfo) invalid');a=te(n.apu)}if(n.apv!==void 0){if(typeof n.apv!="string")throw new A('JOSE Header "apv" (Agreement PartyVInfo) invalid');c=te(n.apv)}let u=await es(s,t,e==="ECDH-ES"?n.enc:e,e==="ECDH-ES"?ui(n.enc):parseInt(e.slice(-5,-2),10),a,c);if(e==="ECDH-ES")return u;if(r===void 0)throw new A("JWE Encrypted Key missing");return ci(e.slice(-6),u,r)}case"RSA1_5":case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":{if(r===void 0)throw new A("JWE Encrypted Key missing");return Xf(e,t,r)}case"PBES2-HS256+A128KW":case"PBES2-HS384+A192KW":case"PBES2-HS512+A256KW":{if(r===void 0)throw new A("JWE Encrypted Key missing");if(typeof n.p2c!="number")throw new A('JOSE Header "p2c" (PBES2 Count) missing or invalid');let s=i?.maxPBES2Count||1e4;if(n.p2c>s)throw new A('JOSE Header "p2c" (PBES2 Count) out is of acceptable bounds');if(typeof n.p2s!="string")throw new A('JOSE Header "p2s" (PBES2 Salt) missing or invalid');return Qf(e,t,r,n.p2c,te(n.p2s))}case"A128KW":case"A192KW":case"A256KW":{if(r===void 0)throw new A("JWE Encrypted Key missing");return ci(e,t,r)}case"A128GCMKW":case"A192GCMKW":case"A256GCMKW":{if(r===void 0)throw new A("JWE Encrypted Key missing");if(typeof n.iv!="string")throw new A('JOSE Header "iv" (Initialization Vector) missing or invalid');if(typeof n.tag!="string")throw new A('JOSE Header "tag" (Authentication Tag) missing or invalid');let s=te(n.iv),a=te(n.tag);return mm(e,t,r,s,a)}default:throw new k('Invalid or unsupported "alg" (JWE Algorithm) header value')}}var ym,gm=I(()=>{Xo();ml();gl();bl();Ie();V();li();di();pi();$e();Tl();o(AS,"decryptKeyManagement");ym=AS});function RS(e,t,r,n,i){if(i.crit!==void 0&&n.crit===void 0)throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');if(!n||n.crit===void 0)return new Set;if(!Array.isArray(n.crit)||n.crit.length===0||n.crit.some(a=>typeof a!="string"||a.length===0))throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let s;r!==void 0?s=new Map([...Object.entries(r),...t.entries()]):s=t;for(let a of n.crit){if(!s.has(a))throw new k(`Extension Header Parameter "${a}" is not recognized`);if(i[a]===void 0)throw new e(`Extension Header Parameter "${a}" is missing`);if(s.get(a)&&n[a]===void 0)throw new e(`Extension Header Parameter "${a}" MUST be integrity protected`)}return new Set(n.crit)}var wt,nn=I(()=>{V();o(RS,"validateCrit");wt=RS});var OS,fi,Sl=I(()=>{OS=o((e,t)=>{if(t!==void 0&&(!Array.isArray(t)||t.some(r=>typeof r!="string")))throw new TypeError(`"${e}" option must be an array of strings`);if(t)return new Set(t)},"validateAlgorithms"),fi=OS});async function on(e,t,r){var n;if(!Q(e))throw new A("Flattened JWE must be an object");if(e.protected===void 0&&e.header===void 0&&e.unprotected===void 0)throw new A("JOSE Header missing");if(typeof e.iv!="string")throw new A("JWE Initialization Vector missing or incorrect type");if(typeof e.ciphertext!="string")throw new A("JWE Ciphertext missing or incorrect type");if(typeof e.tag!="string")throw new A("JWE Authentication Tag missing or incorrect type");if(e.protected!==void 0&&typeof e.protected!="string")throw new A("JWE Protected Header incorrect type");if(e.encrypted_key!==void 0&&typeof e.encrypted_key!="string")throw new A("JWE Encrypted Key incorrect type");if(e.aad!==void 0&&typeof e.aad!="string")throw new A("JWE AAD incorrect type");if(e.header!==void 0&&!Q(e.header))throw new A("JWE Shared Unprotected Header incorrect type");if(e.unprotected!==void 0&&!Q(e.unprotected))throw new A("JWE Per-Recipient Unprotected Header incorrect type");let i;if(e.protected)try{let F=te(e.protected);i=JSON.parse(ue.decode(F))}catch{throw new A("JWE Protected Header is invalid")}if(!_t(i,e.header,e.unprotected))throw new A("JWE Protected, JWE Unprotected Header, and JWE Per-Recipient Unprotected Header Parameter names must be disjoint");let s={...i,...e.header,...e.unprotected};if(wt(A,new Map,r?.crit,i,s),s.zip!==void 0){if(!i||!i.zip)throw new A('JWE "zip" (Compression Algorithm) Header MUST be integrity protected');if(s.zip!=="DEF")throw new k('Unsupported JWE "zip" (Compression Algorithm) Header Parameter value')}let{alg:a,enc:c}=s;if(typeof a!="string"||!a)throw new A("missing JWE Algorithm (alg) in JWE Header");if(typeof c!="string"||!c)throw new A("missing JWE Encryption Algorithm (enc) in JWE Header");let u=r&&fi("keyManagementAlgorithms",r.keyManagementAlgorithms),l=r&&fi("contentEncryptionAlgorithms",r.contentEncryptionAlgorithms);if(u&&!u.has(a))throw new tr('"alg" (Algorithm) Header Parameter not allowed');if(l&&!l.has(c))throw new tr('"enc" (Encryption Algorithm) Header Parameter not allowed');let d;e.encrypted_key!==void 0&&(d=te(e.encrypted_key));let p=!1;typeof t=="function"&&(t=await t(i,e),p=!0);let m;try{m=await ym(a,t,d,s,r)}catch(F){if(F instanceof TypeError||F instanceof A||F instanceof k)throw F;m=Et(c)}let h=te(e.iv),y=te(e.tag),w=Z.encode((n=e.protected)!==null&&n!==void 0?n:""),T;e.aad!==void 0?T=Se(w,Z.encode("."),Z.encode(e.aad)):T=w;let S=await Zo(c,m,te(e.ciphertext),h,y,T);s.zip==="DEF"&&(S=await(r?.inflateRaw||$f)(S));let L={plaintext:S};return e.protected!==void 0&&(L.protectedHeader=i),e.aad!==void 0&&(L.additionalAuthenticatedData=te(e.aad)),e.unprotected!==void 0&&(L.sharedUnprotectedHeader=e.unprotected),e.header!==void 0&&(L.unprotectedHeader=e.header),p?{...L,key:t}:L}var is=I(()=>{Ie();pl();hl();V();en();$e();gm();ge();li();nn();Sl();o(on,"flattenedDecrypt")});async function os(e,t,r){if(e instanceof Uint8Array&&(e=ue.decode(e)),typeof e!="string")throw new A("Compact JWE must be a string or Uint8Array");let{0:n,1:i,2:s,3:a,4:c,length:u}=e.split(".");if(u!==5)throw new A("Invalid Compact JWE");let l=await on({ciphertext:a,iv:s||void 0,protected:n||void 0,tag:c||void 0,encrypted_key:i||void 0},t,r),d={plaintext:l.plaintext,protectedHeader:l.protectedHeader};return typeof t=="function"?{...d,key:l.key}:d}var Il=I(()=>{is();V();ge();o(os,"compactDecrypt")});async function bm(e,t,r){if(!Q(e))throw new A("General JWE must be an object");if(!Array.isArray(e.recipients)||!e.recipients.every(Q))throw new A("JWE Recipients missing or incorrect type");if(!e.recipients.length)throw new A("JWE Recipients has no members");for(let n of e.recipients)try{return await on({aad:e.aad,ciphertext:e.ciphertext,encrypted_key:n.encrypted_key,header:n.header,iv:e.iv,protected:e.protected,tag:e.tag,unprotected:e.unprotected},t,r)}catch{}throw new Ut}var _m=I(()=>{is();V();$e();o(bm,"generalDecrypt")});var xS,Em,wm=I(()=>{Te();at();Ie();ct();xS=o(async e=>{if(e instanceof Uint8Array)return{kty:"oct",k:X(e)};if(!ae(e))throw new TypeError(ie(e,...W,"Uint8Array"));if(!e.extractable)throw new TypeError("non-extractable CryptoKey cannot be exported as a JWK");let{ext:t,key_ops:r,alg:n,use:i,...s}=await U.subtle.exportKey("jwk",e);return s},"keyToJWK"),Em=xS});async function vm(e){return im(e)}async function Tm(e){return om(e)}async function ss(e){return Em(e)}var Pl=I(()=>{ns();ns();wm();o(vm,"exportSPKI");o(Tm,"exportPKCS8");o(ss,"exportJWK")});async function NS(e,t,r,n,i={}){let s,a,c;switch(cr(e,r,"encrypt"),e){case"dir":{c=r;break}case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{if(!ts(r))throw new k("ECDH with the provided key is not allowed or not supported by your javascript runtime");let{apu:u,apv:l}=i,{epk:d}=i;d||(d=(await Bf(r)).privateKey);let{x:p,y:m,crv:h,kty:y}=await ss(d),w=await es(r,d,e==="ECDH-ES"?t:e,e==="ECDH-ES"?ui(t):parseInt(e.slice(-5,-2),10),u,l);if(a={epk:{x:p,crv:h,kty:y}},y==="EC"&&(a.epk.y=m),u&&(a.apu=X(u)),l&&(a.apv=X(l)),e==="ECDH-ES"){c=w;break}c=n||Et(t);let T=e.slice(-6);s=await ai(T,w,c);break}case"RSA1_5":case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":{c=n||Et(t),s=await Zf(e,r,c);break}case"PBES2-HS256+A128KW":case"PBES2-HS384+A192KW":case"PBES2-HS512+A256KW":{c=n||Et(t);let{p2c:u,p2s:l}=i;({encryptedKey:s,...a}=await Wf(e,r,c,u,l));break}case"A128KW":case"A192KW":case"A256KW":{c=n||Et(t),s=await ai(e,r,c);break}case"A128GCMKW":case"A192GCMKW":case"A256GCMKW":{c=n||Et(t);let{iv:u}=i;({encryptedKey:s,...a}=await fm(e,r,c,u));break}default:throw new k('Invalid or unsupported "alg" (JWE Algorithm) header value')}return{cek:c,encryptedKey:s,parameters:a}}var as,Al=I(()=>{Xo();ml();gl();bl();Ie();li();V();Pl();pi();Tl();o(NS,"encryptKeyManagement");as=NS});var Rl,Mt,cs=I(()=>{Ie();vl();hl();Wo();Al();V();en();ge();nn();Rl=Symbol(),Mt=class{static{o(this,"FlattenedEncrypt")}constructor(t){if(!(t instanceof Uint8Array))throw new TypeError("plaintext must be an instance of Uint8Array");this._plaintext=t}setKeyManagementParameters(t){if(this._keyManagementParameters)throw new TypeError("setKeyManagementParameters can only be called once");return this._keyManagementParameters=t,this}setProtectedHeader(t){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=t,this}setSharedUnprotectedHeader(t){if(this._sharedUnprotectedHeader)throw new TypeError("setSharedUnprotectedHeader can only be called once");return this._sharedUnprotectedHeader=t,this}setUnprotectedHeader(t){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=t,this}setAdditionalAuthenticatedData(t){return this._aad=t,this}setContentEncryptionKey(t){if(this._cek)throw new TypeError("setContentEncryptionKey can only be called once");return this._cek=t,this}setInitializationVector(t){if(this._iv)throw new TypeError("setInitializationVector can only be called once");return this._iv=t,this}async encrypt(t,r){if(!this._protectedHeader&&!this._unprotectedHeader&&!this._sharedUnprotectedHeader)throw new A("either setProtectedHeader, setUnprotectedHeader, or sharedUnprotectedHeader must be called before #encrypt()");if(!_t(this._protectedHeader,this._unprotectedHeader,this._sharedUnprotectedHeader))throw new A("JWE Protected, JWE Shared Unprotected and JWE Per-Recipient Header Parameter names must be disjoint");let n={...this._protectedHeader,...this._unprotectedHeader,...this._sharedUnprotectedHeader};if(wt(A,new Map,r?.crit,this._protectedHeader,n),n.zip!==void 0){if(!this._protectedHeader||!this._protectedHeader.zip)throw new A('JWE "zip" (Compression Algorithm) Header MUST be integrity protected');if(n.zip!=="DEF")throw new k('Unsupported JWE "zip" (Compression Algorithm) Header Parameter value')}let{alg:i,enc:s}=n;if(typeof i!="string"||!i)throw new A('JWE "alg" (Algorithm) Header Parameter missing or invalid');if(typeof s!="string"||!s)throw new A('JWE "enc" (Encryption Algorithm) Header Parameter missing or invalid');let a;if(i==="dir"){if(this._cek)throw new TypeError("setContentEncryptionKey cannot be called when using Direct Encryption")}else if(i==="ECDH-ES"&&this._cek)throw new TypeError("setContentEncryptionKey cannot be called when using Direct Key Agreement");let c;{let y;({cek:c,encryptedKey:a,parameters:y}=await as(i,s,t,this._cek,this._keyManagementParameters)),y&&(r&&Rl in r?this._unprotectedHeader?this._unprotectedHeader={...this._unprotectedHeader,...y}:this.setUnprotectedHeader(y):this._protectedHeader?this._protectedHeader={...this._protectedHeader,...y}:this.setProtectedHeader(y))}this._iv||(this._iv=zo(s));let u,l,d;this._protectedHeader?l=Z.encode(X(JSON.stringify(this._protectedHeader))):l=Z.encode(""),this._aad?(d=X(this._aad),u=Se(l,Z.encode("."),Z.encode(d))):u=l;let p,m;if(n.zip==="DEF"){let y=await(r?.deflateRaw||jf)(this._plaintext);({ciphertext:p,tag:m}=await hi(s,y,c,this._iv,u))}else({ciphertext:p,tag:m}=await hi(s,this._plaintext,c,this._iv,u));let h={ciphertext:X(p),iv:X(this._iv),tag:X(m)};return a&&(h.encrypted_key=X(a)),d&&(h.aad=d),this._protectedHeader&&(h.protected=ue.decode(l)),this._sharedUnprotectedHeader&&(h.unprotected=this._sharedUnprotectedHeader),this._unprotectedHeader&&(h.header=this._unprotectedHeader),h}}});var Ol,us,Sm=I(()=>{cs();V();li();en();Al();Ie();nn();Ol=class{static{o(this,"IndividualRecipient")}constructor(t,r,n){this.parent=t,this.key=r,this.options=n}setUnprotectedHeader(t){if(this.unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this.unprotectedHeader=t,this}addRecipient(...t){return this.parent.addRecipient(...t)}encrypt(...t){return this.parent.encrypt(...t)}done(){return this.parent}},us=class{static{o(this,"GeneralEncrypt")}constructor(t){this._recipients=[],this._plaintext=t}addRecipient(t,r){let n=new Ol(this,t,{crit:r?.crit});return this._recipients.push(n),n}setProtectedHeader(t){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=t,this}setSharedUnprotectedHeader(t){if(this._unprotectedHeader)throw new TypeError("setSharedUnprotectedHeader can only be called once");return this._unprotectedHeader=t,this}setAdditionalAuthenticatedData(t){return this._aad=t,this}async encrypt(t){var r,n,i;if(!this._recipients.length)throw new A("at least one recipient must be added");if(t={deflateRaw:t?.deflateRaw},this._recipients.length===1){let[u]=this._recipients,l=await new Mt(this._plaintext).setAdditionalAuthenticatedData(this._aad).setProtectedHeader(this._protectedHeader).setSharedUnprotectedHeader(this._unprotectedHeader).setUnprotectedHeader(u.unprotectedHeader).encrypt(u.key,{...u.options,...t}),d={ciphertext:l.ciphertext,iv:l.iv,recipients:[{}],tag:l.tag};return l.aad&&(d.aad=l.aad),l.protected&&(d.protected=l.protected),l.unprotected&&(d.unprotected=l.unprotected),l.encrypted_key&&(d.recipients[0].encrypted_key=l.encrypted_key),l.header&&(d.recipients[0].header=l.header),d}let s;for(let u=0;u<this._recipients.length;u++){let l=this._recipients[u];if(!_t(this._protectedHeader,this._unprotectedHeader,l.unprotectedHeader))throw new A("JWE Protected, JWE Shared Unprotected and JWE Per-Recipient Header Parameter names must be disjoint");let d={...this._protectedHeader,...this._unprotectedHeader,...l.unprotectedHeader},{alg:p}=d;if(typeof p!="string"||!p)throw new A('JWE "alg" (Algorithm) Header Parameter missing or invalid');if(p==="dir"||p==="ECDH-ES")throw new A('"dir" and "ECDH-ES" alg may only be used with a single recipient');if(typeof d.enc!="string"||!d.enc)throw new A('JWE "enc" (Encryption Algorithm) Header Parameter missing or invalid');if(!s)s=d.enc;else if(s!==d.enc)throw new A('JWE "enc" (Encryption Algorithm) Header Parameter must be the same for all recipients');if(wt(A,new Map,l.options.crit,this._protectedHeader,d),d.zip!==void 0&&(!this._protectedHeader||!this._protectedHeader.zip))throw new A('JWE "zip" (Compression Algorithm) Header MUST be integrity protected')}let a=Et(s),c={ciphertext:"",iv:"",recipients:[],tag:""};for(let u=0;u<this._recipients.length;u++){let l=this._recipients[u],d={};c.recipients.push(d);let m={...this._protectedHeader,...this._unprotectedHeader,...l.unprotectedHeader}.alg.startsWith("PBES2")?2048+u:void 0;if(u===0){let w=await new Mt(this._plaintext).setAdditionalAuthenticatedData(this._aad).setContentEncryptionKey(a).setProtectedHeader(this._protectedHeader).setSharedUnprotectedHeader(this._unprotectedHeader).setUnprotectedHeader(l.unprotectedHeader).setKeyManagementParameters({p2c:m}).encrypt(l.key,{...l.options,...t,[Rl]:!0});c.ciphertext=w.ciphertext,c.iv=w.iv,c.tag=w.tag,w.aad&&(c.aad=w.aad),w.protected&&(c.protected=w.protected),w.unprotected&&(c.unprotected=w.unprotected),d.encrypted_key=w.encrypted_key,w.header&&(d.header=w.header);continue}let{encryptedKey:h,parameters:y}=await as(((r=l.unprotectedHeader)===null||r===void 0?void 0:r.alg)||((n=this._protectedHeader)===null||n===void 0?void 0:n.alg)||((i=this._unprotectedHeader)===null||i===void 0?void 0:i.alg),s,l.key,a,{p2c:m});d.encrypted_key=X(h),(l.unprotectedHeader||y)&&(d.header={...l.unprotectedHeader,...y})}return c}}});function mi(e,t){let r=`SHA-${e.slice(-3)}`;switch(e){case"HS256":case"HS384":case"HS512":return{hash:r,name:"HMAC"};case"PS256":case"PS384":case"PS512":return{hash:r,name:"RSA-PSS",saltLength:e.slice(-3)>>3};case"RS256":case"RS384":case"RS512":return{hash:r,name:"RSASSA-PKCS1-v1_5"};case"ES256":case"ES384":case"ES512":return{hash:r,name:"ECDSA",namedCurve:t.namedCurve};case"EdDSA":return{name:t.name};default:throw new k(`alg ${e} is not supported either by JOSE or your javascript runtime`)}}var xl=I(()=>{V();o(mi,"subtleDsa")});function yi(e,t,r){if(ae(t))return Ff(t,e,r),t;if(t instanceof Uint8Array){if(!e.startsWith("HS"))throw new TypeError(ie(t,...W));return U.subtle.importKey("raw",t,{hash:`SHA-${e.slice(-3)}`,name:"HMAC"},!1,[r])}throw new TypeError(ie(t,...W,"Uint8Array"))}var Nl=I(()=>{Te();or();at();ct();o(yi,"getCryptoKey")});var CS,Im,Pm=I(()=>{xl();Te();rs();Nl();CS=o(async(e,t,r,n)=>{let i=await yi(e,t,"verify");Cr(e,i);let s=mi(e,i.algorithm);try{return await U.subtle.verify(s,i,r,n)}catch{return!1}},"verify"),Im=CS});async function sn(e,t,r){var n;if(!Q(e))throw new z("Flattened JWS must be an object");if(e.protected===void 0&&e.header===void 0)throw new z('Flattened JWS must have either of the "protected" or "header" members');if(e.protected!==void 0&&typeof e.protected!="string")throw new z("JWS Protected Header incorrect type");if(e.payload===void 0)throw new z("JWS Payload missing");if(typeof e.signature!="string")throw new z("JWS Signature missing or incorrect type");if(e.header!==void 0&&!Q(e.header))throw new z("JWS Unprotected Header incorrect type");let i={};if(e.protected)try{let T=te(e.protected);i=JSON.parse(ue.decode(T))}catch{throw new z("JWS Protected Header is invalid")}if(!_t(i,e.header))throw new z("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");let s={...i,...e.header},a=wt(z,new Map([["b64",!0]]),r?.crit,i,s),c=!0;if(a.has("b64")&&(c=i.b64,typeof c!="boolean"))throw new z('The "b64" (base64url-encode payload) Header Parameter must be a boolean');let{alg:u}=s;if(typeof u!="string"||!u)throw new z('JWS "alg" (Algorithm) Header Parameter missing or invalid');let l=r&&fi("algorithms",r.algorithms);if(l&&!l.has(u))throw new tr('"alg" (Algorithm) Header Parameter not allowed');if(c){if(typeof e.payload!="string")throw new z("JWS Payload must be a string")}else if(typeof e.payload!="string"&&!(e.payload instanceof Uint8Array))throw new z("JWS Payload must be a string or an Uint8Array instance");let d=!1;typeof t=="function"&&(t=await t(i,e),d=!0),cr(u,t,"verify");let p=Se(Z.encode((n=e.protected)!==null&&n!==void 0?n:""),Z.encode("."),typeof e.payload=="string"?Z.encode(e.payload):e.payload),m=te(e.signature);if(!await Im(u,t,m,p))throw new Nr;let y;c?y=te(e.payload):typeof e.payload=="string"?y=Z.encode(e.payload):y=e.payload;let w={payload:y};return e.protected!==void 0&&(w.protectedHeader=i),e.header!==void 0&&(w.unprotectedHeader=e.header),d?{...w,key:t}:w}var ls=I(()=>{Ie();Pm();V();ge();en();$e();pi();nn();Sl();o(sn,"flattenedVerify")});async function ds(e,t,r){if(e instanceof Uint8Array&&(e=ue.decode(e)),typeof e!="string")throw new z("Compact JWS must be a string or Uint8Array");let{0:n,1:i,2:s,length:a}=e.split(".");if(a!==3)throw new z("Invalid Compact JWS");let c=await sn({payload:i,protected:n,signature:s},t,r),u={payload:c.payload,protectedHeader:c.protectedHeader};return typeof t=="function"?{...u,key:c.key}:u}var Cl=I(()=>{ls();V();ge();o(ds,"compactVerify")});async function Am(e,t,r){if(!Q(e))throw new z("General JWS must be an object");if(!Array.isArray(e.signatures)||!e.signatures.every(Q))throw new z("JWS Signatures missing or incorrect type");for(let n of e.signatures)try{return await sn({header:n.header,payload:e.payload,protected:n.protected,signature:n.signature},t,r)}catch{}throw new Nr}var Rm=I(()=>{ls();V();$e();o(Am,"generalVerify")});var an,Ll=I(()=>{an=o(e=>Math.floor(e.getTime()/1e3),"default")});var LS,cn,Dl=I(()=>{LS=/^(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)$/i,cn=o(e=>{let t=LS.exec(e);if(!t)throw new TypeError("Invalid time period format");let r=parseFloat(t[1]);switch(t[2].toLowerCase()){case"sec":case"secs":case"second":case"seconds":case"s":return Math.round(r);case"minute":case"minutes":case"min":case"mins":case"m":return Math.round(r*60);case"hour":case"hours":case"hr":case"hrs":case"h":return Math.round(r*3600);case"day":case"days":case"d":return Math.round(r*86400);case"week":case"weeks":case"w":return Math.round(r*604800);default:return Math.round(r*31557600)}},"default")});var Om,DS,un,ps=I(()=>{V();ge();Ll();Dl();$e();Om=o(e=>e.toLowerCase().replace(/^application\//,""),"normalizeTyp"),DS=o((e,t)=>typeof e=="string"?t.includes(e):Array.isArray(e)?t.some(Set.prototype.has.bind(new Set(e))):!1,"checkAudiencePresence"),un=o((e,t,r={})=>{let{typ:n}=r;if(n&&(typeof e.typ!="string"||Om(e.typ)!==Om(n)))throw new be('unexpected "typ" JWT header value',"typ","check_failed");let i;try{i=JSON.parse(ue.decode(t))}catch{}if(!Q(i))throw new le("JWT Claims Set must be a top-level JSON object");let{requiredClaims:s=[],issuer:a,subject:c,audience:u,maxTokenAge:l}=r;l!==void 0&&s.push("iat"),u!==void 0&&s.push("aud"),c!==void 0&&s.push("sub"),a!==void 0&&s.push("iss");for(let h of new Set(s.reverse()))if(!(h in i))throw new be(`missing required "${h}" claim`,h,"missing");if(a&&!(Array.isArray(a)?a:[a]).includes(i.iss))throw new be('unexpected "iss" claim value',"iss","check_failed");if(c&&i.sub!==c)throw new be('unexpected "sub" claim value',"sub","check_failed");if(u&&!DS(i.aud,typeof u=="string"?[u]:u))throw new be('unexpected "aud" claim value',"aud","check_failed");let d;switch(typeof r.clockTolerance){case"string":d=cn(r.clockTolerance);break;case"number":d=r.clockTolerance;break;case"undefined":d=0;break;default:throw new TypeError("Invalid clockTolerance option type")}let{currentDate:p}=r,m=an(p||new Date);if((i.iat!==void 0||l)&&typeof i.iat!="number")throw new be('"iat" claim must be a number',"iat","invalid");if(i.nbf!==void 0){if(typeof i.nbf!="number")throw new be('"nbf" claim must be a number',"nbf","invalid");if(i.nbf>m+d)throw new be('"nbf" claim timestamp check failed',"nbf","check_failed")}if(i.exp!==void 0){if(typeof i.exp!="number")throw new be('"exp" claim must be a number',"exp","invalid");if(i.exp<=m-d)throw new Zr('"exp" claim timestamp check failed',"exp","check_failed")}if(l){let h=m-i.iat,y=typeof l=="number"?l:cn(l);if(h-d>y)throw new Zr('"iat" claim timestamp check failed (too far in the past)',"iat","check_failed");if(h<0-d)throw new be('"iat" claim timestamp check failed (it should be in the past)',"iat","check_failed")}return i},"default")});async function xm(e,t,r){var n;let i=await ds(e,t,r);if(!((n=i.protectedHeader.crit)===null||n===void 0)&&n.includes("b64")&&i.protectedHeader.b64===!1)throw new le("JWTs MUST NOT use unencoded payload");let a={payload:un(i.protectedHeader,i.payload,r),protectedHeader:i.protectedHeader};return typeof t=="function"?{...a,key:i.key}:a}var Nm=I(()=>{Cl();ps();V();o(xm,"jwtVerify")});async function Cm(e,t,r){let n=await os(e,t,r),i=un(n.protectedHeader,n.plaintext,r),{protectedHeader:s}=n;if(s.iss!==void 0&&s.iss!==i.iss)throw new be('replicated "iss" claim header parameter mismatch',"iss","mismatch");if(s.sub!==void 0&&s.sub!==i.sub)throw new be('replicated "sub" claim header parameter mismatch',"sub","mismatch");if(s.aud!==void 0&&JSON.stringify(s.aud)!==JSON.stringify(i.aud))throw new be('replicated "aud" claim header parameter mismatch',"aud","mismatch");let a={payload:i,protectedHeader:s};return typeof t=="function"?{...a,key:n.key}:a}var Lm=I(()=>{Il();ps();V();o(Cm,"jwtDecrypt")});var ln,Ul=I(()=>{cs();ln=class{static{o(this,"CompactEncrypt")}constructor(t){this._flattened=new Mt(t)}setContentEncryptionKey(t){return this._flattened.setContentEncryptionKey(t),this}setInitializationVector(t){return this._flattened.setInitializationVector(t),this}setProtectedHeader(t){return this._flattened.setProtectedHeader(t),this}setKeyManagementParameters(t){return this._flattened.setKeyManagementParameters(t),this}async encrypt(t,r){let n=await this._flattened.encrypt(t,r);return[n.protected,n.encrypted_key,n.iv,n.ciphertext,n.tag].join(".")}}});var US,Dm,Um=I(()=>{xl();Te();rs();Nl();US=o(async(e,t,r)=>{let n=await yi(e,t,"sign");Cr(e,n);let i=await U.subtle.sign(mi(e,n.algorithm),n,r);return new Uint8Array(i)},"sign"),Dm=US});var ur,hs=I(()=>{Ie();Um();en();V();ge();pi();nn();ur=class{static{o(this,"FlattenedSign")}constructor(t){if(!(t instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");this._payload=t}setProtectedHeader(t){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=t,this}setUnprotectedHeader(t){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=t,this}async sign(t,r){if(!this._protectedHeader&&!this._unprotectedHeader)throw new z("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!_t(this._protectedHeader,this._unprotectedHeader))throw new z("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");let n={...this._protectedHeader,...this._unprotectedHeader},i=wt(z,new Map([["b64",!0]]),r?.crit,this._protectedHeader,n),s=!0;if(i.has("b64")&&(s=this._protectedHeader.b64,typeof s!="boolean"))throw new z('The "b64" (base64url-encode payload) Header Parameter must be a boolean');let{alg:a}=n;if(typeof a!="string"||!a)throw new z('JWS "alg" (Algorithm) Header Parameter missing or invalid');cr(a,t,"sign");let c=this._payload;s&&(c=Z.encode(X(c)));let u;this._protectedHeader?u=Z.encode(X(JSON.stringify(this._protectedHeader))):u=Z.encode("");let l=Se(u,Z.encode("."),c),d=await Dm(a,t,l),p={signature:X(d),payload:""};return s&&(p.payload=ue.decode(c)),this._unprotectedHeader&&(p.header=this._unprotectedHeader),this._protectedHeader&&(p.protected=ue.decode(u)),p}}});var dn,Ml=I(()=>{hs();dn=class{static{o(this,"CompactSign")}constructor(t){this._flattened=new ur(t)}setProtectedHeader(t){return this._flattened.setProtectedHeader(t),this}async sign(t,r){let n=await this._flattened.sign(t,r);if(n.payload===void 0)throw new TypeError("use the flattened module for creating JWS with b64: false");return`${n.protected}.${n.payload}.${n.signature}`}}});var kl,fs,Mm=I(()=>{hs();V();kl=class{static{o(this,"IndividualSignature")}constructor(t,r,n){this.parent=t,this.key=r,this.options=n}setProtectedHeader(t){if(this.protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this.protectedHeader=t,this}setUnprotectedHeader(t){if(this.unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this.unprotectedHeader=t,this}addSignature(...t){return this.parent.addSignature(...t)}sign(...t){return this.parent.sign(...t)}done(){return this.parent}},fs=class{static{o(this,"GeneralSign")}constructor(t){this._signatures=[],this._payload=t}addSignature(t,r){let n=new kl(this,t,r);return this._signatures.push(n),n}async sign(){if(!this._signatures.length)throw new z("at least one signature must be added");let t={signatures:[],payload:""};for(let r=0;r<this._signatures.length;r++){let n=this._signatures[r],i=new ur(this._payload);i.setProtectedHeader(n.protectedHeader),i.setUnprotectedHeader(n.unprotectedHeader);let{payload:s,...a}=await i.sign(n.key,n.options);if(r===0)t.payload=s;else if(t.payload!==s)throw new z("inconsistent use of JWS Unencoded Payload (RFC7797)");t.signatures.push(a)}return t}}});var lr,ms=I(()=>{Ll();$e();Dl();lr=class{static{o(this,"ProduceJWT")}constructor(t){if(!Q(t))throw new TypeError("JWT Claims Set MUST be an object");this._payload=t}setIssuer(t){return this._payload={...this._payload,iss:t},this}setSubject(t){return this._payload={...this._payload,sub:t},this}setAudience(t){return this._payload={...this._payload,aud:t},this}setJti(t){return this._payload={...this._payload,jti:t},this}setNotBefore(t){return typeof t=="number"?this._payload={...this._payload,nbf:t}:this._payload={...this._payload,nbf:an(new Date)+cn(t)},this}setExpirationTime(t){return typeof t=="number"?this._payload={...this._payload,exp:t}:this._payload={...this._payload,exp:an(new Date)+cn(t)},this}setIssuedAt(t){return typeof t>"u"?this._payload={...this._payload,iat:an(new Date)}:this._payload={...this._payload,iat:t},this}}});var ys,km=I(()=>{Ml();V();ge();ms();ys=class extends lr{static{o(this,"SignJWT")}setProtectedHeader(t){return this._protectedHeader=t,this}async sign(t,r){var n;let i=new dn(Z.encode(JSON.stringify(this._payload)));if(i.setProtectedHeader(this._protectedHeader),Array.isArray((n=this._protectedHeader)===null||n===void 0?void 0:n.crit)&&this._protectedHeader.crit.includes("b64")&&this._protectedHeader.b64===!1)throw new le("JWTs MUST NOT use unencoded payload");return i.sign(t,r)}}});var gs,Hm=I(()=>{Ul();ge();ms();gs=class extends lr{static{o(this,"EncryptJWT")}setProtectedHeader(t){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=t,this}setKeyManagementParameters(t){if(this._keyManagementParameters)throw new TypeError("setKeyManagementParameters can only be called once");return this._keyManagementParameters=t,this}setContentEncryptionKey(t){if(this._cek)throw new TypeError("setContentEncryptionKey can only be called once");return this._cek=t,this}setInitializationVector(t){if(this._iv)throw new TypeError("setInitializationVector can only be called once");return this._iv=t,this}replicateIssuerAsHeader(){return this._replicateIssuerAsHeader=!0,this}replicateSubjectAsHeader(){return this._replicateSubjectAsHeader=!0,this}replicateAudienceAsHeader(){return this._replicateAudienceAsHeader=!0,this}async encrypt(t,r){let n=new ln(Z.encode(JSON.stringify(this._payload)));return this._replicateIssuerAsHeader&&(this._protectedHeader={...this._protectedHeader,iss:this._payload.iss}),this._replicateSubjectAsHeader&&(this._protectedHeader={...this._protectedHeader,sub:this._payload.sub}),this._replicateAudienceAsHeader&&(this._protectedHeader={...this._protectedHeader,aud:this._payload.aud}),n.setProtectedHeader(this._protectedHeader),this._iv&&n.setInitializationVector(this._iv),this._cek&&n.setContentEncryptionKey(this._cek),this._keyManagementParameters&&n.setKeyManagementParameters(this._keyManagementParameters),n.encrypt(t,r)}}});async function Hl(e,t){if(!Q(e))throw new TypeError("JWK must be an object");if(t??(t="sha256"),t!=="sha256"&&t!=="sha384"&&t!=="sha512")throw new TypeError('digestAlgorithm must one of "sha256", "sha384", or "sha512"');let r;switch(e.kty){case"EC":dr(e.crv,'"crv" (Curve) Parameter'),dr(e.x,'"x" (X Coordinate) Parameter'),dr(e.y,'"y" (Y Coordinate) Parameter'),r={crv:e.crv,kty:e.kty,x:e.x,y:e.y};break;case"OKP":dr(e.crv,'"crv" (Subtype of Key Pair) Parameter'),dr(e.x,'"x" (Public Key) Parameter'),r={crv:e.crv,kty:e.kty,x:e.x};break;case"RSA":dr(e.e,'"e" (Exponent) Parameter'),dr(e.n,'"n" (Modulus) Parameter'),r={e:e.e,kty:e.kty,n:e.n};break;case"oct":dr(e.k,'"k" (Key Value) Parameter'),r={k:e.k,kty:e.kty};break;default:throw new k('"kty" (Key Type) Parameter missing or unsupported')}let n=Z.encode(JSON.stringify(r));return X(await jo(t,n))}async function Fm(e,t){t??(t="sha256");let r=await Hl(e,t);return`urn:ietf:params:oauth:jwk-thumbprint:sha-${t.slice(-3)}:${r}`}var dr,qm=I(()=>{nl();Ie();V();ge();$e();dr=o((e,t)=>{if(typeof e!="string"||!e)throw new ni(`${t} missing or invalid`)},"check");o(Hl,"calculateJwkThumbprint");o(Fm,"calculateJwkThumbprintUri")});async function $m(e,t){let r={...e,...t?.header};if(!Q(r.jwk))throw new z('"jwk" (JSON Web Key) Header Parameter must be a JSON object');let n=await ar({...r.jwk,ext:!0},r.alg,!0);if(n instanceof Uint8Array||n.type!=="public")throw new z('"jwk" (JSON Web Key) Header Parameter must be a public key');return n}var jm=I(()=>{di();$e();V();o($m,"EmbeddedJWK")});function MS(e){switch(typeof e=="string"&&e.slice(0,2)){case"RS":case"PS":return"RSA";case"ES":return"EC";case"Ed":return"OKP";default:throw new k('Unsupported "alg" value for a JSON Web Key Set')}}function Fl(e){return e&&typeof e=="object"&&Array.isArray(e.keys)&&e.keys.every(kS)}function kS(e){return Q(e)}function HS(e){return typeof structuredClone=="function"?structuredClone(e):JSON.parse(JSON.stringify(e))}async function Vm(e,t,r){let n=e.get(t)||e.set(t,{}).get(t);if(n[r]===void 0){let i=await ar({...t,ext:!0},r);if(i instanceof Uint8Array||i.type!=="public")throw new rr("JSON Web Key Set members must be public keys");n[r]=i}return n[r]}function Gm(e){let t=new gi(e);return async function(r,n){return t.getKey(r,n)}}var gi,ql=I(()=>{di();V();$e();o(MS,"getKtyFromAlg");o(Fl,"isJWKSLike");o(kS,"isJWKLike");o(HS,"clone");gi=class{static{o(this,"LocalJWKSet")}constructor(t){if(this._cached=new WeakMap,!Fl(t))throw new rr("JSON Web Key Set malformed");this._jwks=HS(t)}async getKey(t,r){let{alg:n,kid:i}={...t,...r?.header},s=MS(n),a=this._jwks.keys.filter(l=>{let d=s===l.kty;if(d&&typeof i=="string"&&(d=i===l.kid),d&&typeof l.alg=="string"&&(d=n===l.alg),d&&typeof l.use=="string"&&(d=l.use==="sig"),d&&Array.isArray(l.key_ops)&&(d=l.key_ops.includes("verify")),d&&n==="EdDSA"&&(d=l.crv==="Ed25519"||l.crv==="Ed448"),d)switch(n){case"ES256":d=l.crv==="P-256";break;case"ES256K":d=l.crv==="secp256k1";break;case"ES384":d=l.crv==="P-384";break;case"ES512":d=l.crv==="P-521";break}return d}),{0:c,length:u}=a;if(u===0)throw new xr;if(u!==1){let l=new ii,{_cached:d}=this;throw l[Symbol.asyncIterator]=async function*(){for(let p of a)try{yield await Vm(d,p,n)}catch{continue}},l}return Vm(this._cached,c,n)}};o(Vm,"importWithAlgCache");o(Gm,"createLocalJWKSet")});var FS,Bm,Km=I(()=>{V();FS=o(async(e,t,r)=>{let n,i,s=!1;typeof AbortController=="function"&&(n=new AbortController,i=setTimeout(()=>{s=!0,n.abort()},t));let a=await fetch(e.href,{signal:n?n.signal:void 0,redirect:"manual",headers:r.headers}).catch(c=>{throw s?new oi:c});if(i!==void 0&&clearTimeout(i),a.status!==200)throw new he("Expected 200 OK from the JSON Web Key Set HTTP response");try{return await a.json()}catch{throw new he("Failed to parse the JSON Web Key Set HTTP response as JSON")}},"fetchJwks"),Bm=FS});function qS(){return typeof WebSocketPair<"u"||typeof navigator<"u"&&navigator.userAgent==="Cloudflare-Workers"||typeof EdgeRuntime<"u"&&EdgeRuntime==="vercel"}function Jm(e,t){let r=new $l(e,t);return async function(n,i){return r.getKey(n,i)}}var $l,zm=I(()=>{Km();V();ql();o(qS,"isCloudflareWorkers");$l=class extends gi{static{o(this,"RemoteJWKSet")}constructor(t,r){if(super({keys:[]}),this._jwks=void 0,!(t instanceof URL))throw new TypeError("url must be an instance of URL");this._url=new URL(t.href),this._options={agent:r?.agent,headers:r?.headers},this._timeoutDuration=typeof r?.timeoutDuration=="number"?r?.timeoutDuration:5e3,this._cooldownDuration=typeof r?.cooldownDuration=="number"?r?.cooldownDuration:3e4,this._cacheMaxAge=typeof r?.cacheMaxAge=="number"?r?.cacheMaxAge:6e5}coolingDown(){return typeof this._jwksTimestamp=="number"?Date.now()<this._jwksTimestamp+this._cooldownDuration:!1}fresh(){return typeof this._jwksTimestamp=="number"?Date.now()<this._jwksTimestamp+this._cacheMaxAge:!1}async getKey(t,r){(!this._jwks||!this.fresh())&&await this.reload();try{return await super.getKey(t,r)}catch(n){if(n instanceof xr&&this.coolingDown()===!1)return await this.reload(),super.getKey(t,r);throw n}}async reload(){this._pendingFetch&&qS()&&(this._pendingFetch=void 0),this._pendingFetch||(this._pendingFetch=Bm(this._url,this._timeoutDuration,this._options).then(t=>{if(!Fl(t))throw new rr("JSON Web Key Set malformed");this._jwks={keys:t.keys},this._jwksTimestamp=Date.now(),this._pendingFetch=void 0}).catch(t=>{throw this._pendingFetch=void 0,t})),await this._pendingFetch}};o(Jm,"createRemoteJWKSet")});var bs,Wm=I(()=>{Ie();ge();V();ps();ms();bs=class extends lr{static{o(this,"UnsecuredJWT")}encode(){let t=X(JSON.stringify({alg:"none"})),r=X(JSON.stringify(this._payload));return`${t}.${r}.`}static decode(t,r){if(typeof t!="string")throw new le("Unsecured JWT must be a string");let{0:n,1:i,2:s,length:a}=t.split(".");if(a!==3||s!=="")throw new le("Invalid Unsecured JWT");let c;try{if(c=JSON.parse(ue.decode(te(n))),c.alg!=="none")throw new Error}catch{throw new le("Invalid Unsecured JWT")}return{payload:un(c,te(i),r),header:c}}}});var jl={};Yi(jl,{decode:()=>bi,encode:()=>$S});var $S,bi,_s=I(()=>{Ie();$S=X,bi=te});function Qm(e){let t;if(typeof e=="string"){let r=e.split(".");(r.length===3||r.length===5)&&([t]=r)}else if(typeof e=="object"&&e)if("protected"in e)t=e.protected;else throw new TypeError("Token does not contain a Protected Header");try{if(typeof t!="string"||!t)throw new Error;let r=JSON.parse(ue.decode(bi(t)));if(!Q(r))throw new Error;return r}catch{throw new TypeError("Invalid Token or Protected Header formatting")}}var Ym=I(()=>{_s();ge();$e();o(Qm,"decodeProtectedHeader")});function Zm(e){if(typeof e!="string")throw new le("JWTs must use Compact JWS serialization, JWT must be a string");let{1:t,length:r}=e.split(".");if(r===5)throw new le("Only JWTs using Compact JWS serialization can be decoded");if(r!==3)throw new le("Invalid JWT");if(!t)throw new le("JWTs must contain a payload");let n;try{n=bi(t)}catch{throw new le("Failed to parse the base64url encoded payload")}let i;try{i=JSON.parse(ue.decode(n))}catch{throw new le("Failed to parse the decoded payload as JSON")}if(!Q(i))throw new le("Invalid JWT Claims Set");return i}var Xm=I(()=>{_s();ge();$e();V();o(Zm,"decodeJwt")});async function ey(e,t){var r;let n,i,s;switch(e){case"HS256":case"HS384":case"HS512":n=parseInt(e.slice(-3),10),i={name:"HMAC",hash:`SHA-${n}`,length:n},s=["sign","verify"];break;case"A128CBC-HS256":case"A192CBC-HS384":case"A256CBC-HS512":return n=parseInt(e.slice(-3),10),nr(new Uint8Array(n>>3));case"A128KW":case"A192KW":case"A256KW":n=parseInt(e.slice(1,4),10),i={name:"AES-KW",length:n},s=["wrapKey","unwrapKey"];break;case"A128GCMKW":case"A192GCMKW":case"A256GCMKW":case"A128GCM":case"A192GCM":case"A256GCM":n=parseInt(e.slice(1,4),10),i={name:"AES-GCM",length:n},s=["encrypt","decrypt"];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}return U.subtle.generateKey(i,(r=t?.extractable)!==null&&r!==void 0?r:!1,s)}function Vl(e){var t;let r=(t=e?.modulusLength)!==null&&t!==void 0?t:2048;if(typeof r!="number"||r<2048)throw new k("Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used");return r}async function ty(e,t){var r,n,i;let s,a;switch(e){case"PS256":case"PS384":case"PS512":s={name:"RSA-PSS",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Vl(t)},a=["sign","verify"];break;case"RS256":case"RS384":case"RS512":s={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Vl(t)},a=["sign","verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":s={name:"RSA-OAEP",hash:`SHA-${parseInt(e.slice(-3),10)||1}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Vl(t)},a=["decrypt","unwrapKey","encrypt","wrapKey"];break;case"ES256":s={name:"ECDSA",namedCurve:"P-256"},a=["sign","verify"];break;case"ES384":s={name:"ECDSA",namedCurve:"P-384"},a=["sign","verify"];break;case"ES512":s={name:"ECDSA",namedCurve:"P-521"},a=["sign","verify"];break;case"EdDSA":a=["sign","verify"];let c=(r=t?.crv)!==null&&r!==void 0?r:"Ed25519";switch(c){case"Ed25519":case"Ed448":s={name:c};break;default:throw new k("Invalid or unsupported crv option provided")}break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{a=["deriveKey","deriveBits"];let u=(n=t?.crv)!==null&&n!==void 0?n:"P-256";switch(u){case"P-256":case"P-384":case"P-521":{s={name:"ECDH",namedCurve:u};break}case"X25519":case"X448":s={name:u};break;default:throw new k("Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448")}break}default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}return U.subtle.generateKey(s,(i=t?.extractable)!==null&&i!==void 0?i:!1,a)}var Gl=I(()=>{Te();V();si();o(ey,"generateSecret");o(Vl,"getModulusLengthOption");o(ty,"generateKeyPair")});async function ry(e,t){return ty(e,t)}var ny=I(()=>{Gl();o(ry,"generateKeyPair")});async function iy(e,t){return ey(e,t)}var oy=I(()=>{Gl();o(iy,"generateSecret")});var Es={};Yi(Es,{CompactEncrypt:()=>ln,CompactSign:()=>dn,EmbeddedJWK:()=>$m,EncryptJWT:()=>gs,FlattenedEncrypt:()=>Mt,FlattenedSign:()=>ur,GeneralEncrypt:()=>us,GeneralSign:()=>fs,SignJWT:()=>ys,UnsecuredJWT:()=>bs,base64url:()=>jl,calculateJwkThumbprint:()=>Hl,calculateJwkThumbprintUri:()=>Fm,compactDecrypt:()=>os,compactVerify:()=>ds,createLocalJWKSet:()=>Gm,createRemoteJWKSet:()=>Jm,decodeJwt:()=>Zm,decodeProtectedHeader:()=>Qm,errors:()=>sl,exportJWK:()=>ss,exportPKCS8:()=>Tm,exportSPKI:()=>vm,flattenedDecrypt:()=>on,flattenedVerify:()=>sn,generalDecrypt:()=>bm,generalVerify:()=>Am,generateKeyPair:()=>ry,generateSecret:()=>iy,importJWK:()=>ar,importPKCS8:()=>hm,importSPKI:()=>dm,importX509:()=>pm,jwtDecrypt:()=>Cm,jwtVerify:()=>xm});var ws=I(()=>{Il();is();_m();Sm();Cl();ls();Rm();Nm();Lm();Ul();cs();Ml();hs();Mm();km();Hm();qm();jm();ql();zm();Wm();Pl();di();Ym();Xm();V();ny();oy();_s()});var Ts=g(vs=>{"use strict";Object.defineProperty(vs,"__esModule",{value:!0});vs.fetchRetry=void 0;var jS=D();async function VS(e,t,r){for(let n=0;n<=e.retries;n++){let i=fetch(t,r);if(n===e.retries)return i;let s=await i;if(s.status<500&&s.status!==429)return s;e?.logger?.error("Request failed, retrying",{method:typeof t=="string"?"GET":t.method,url:typeof t=="string"?t:t.url,status:s.status}),await new Promise(a=>setTimeout(a,e.retryDelayMs*Math.pow(2,n)))}throw new jS.ConfigurationError("An unknown error occurred, ensure retries is not negative")}o(VS,"fetchRetry");vs.fetchRetry=VS});var pn=g(Ze=>{"use strict";Object.defineProperty(Ze,"__esModule",{value:!0});Ze.GcpServiceAccount=Ze.fetchToken=Ze.exchangeGgpJwtForIdToken=Ze.exchangeFirebaseJwtForIdToken=Ze.getTokenFromGcpServiceAccount=void 0;var sy=(ws(),Zi(Es)),GS=D(),BS=Ts();async function KS({serviceAccount:e,audience:t,expirationTime:r="1h",payload:n={}}){let{clientEmail:i,privateKeyId:s,privateKey:a}=e;return await new sy.SignJWT(n).setProtectedHeader({alg:"RS256",kid:s}).setIssuer(i).setSubject(i).setAudience(t).setIssuedAt().setExpirationTime(r).sign(a)}o(KS,"getTokenFromGcpServiceAccount");Ze.getTokenFromGcpServiceAccount=KS;async function JS(e,t,r){return Kl(e,{token:t,returnSecureToken:!0},r)}o(JS,"exchangeFirebaseJwtForIdToken");Ze.exchangeFirebaseJwtForIdToken=JS;async function zS(e,t,r){return Kl(e,{grant_type:"urn:ietf:params:oauth:grant-type:jwt-bearer",assertion:t},r)}o(zS,"exchangeGgpJwtForIdToken");Ze.exchangeGgpJwtForIdToken=zS;async function Kl(e,t,r){let n=await(0,BS.fetchRetry)(r,e,{method:"POST",headers:{"Content-Type":"application/json"},redirect:"follow",body:JSON.stringify(t)});if(n.status!==200){let s;try{let a=await n.text(),c=JSON.parse(a);s={cause:c.error??c}}catch{}throw new GS.RuntimeError({message:"Could not get token from Google Identity",extensionMembers:s})}return await n.json()}o(Kl,"fetchToken");Ze.fetchToken=Kl;var Bl=class e{static{o(this,"GcpServiceAccount")}#e;#t;constructor({serviceAccount:t,privateKey:r}){this.#t=t,this.#e=r}static async init(t){let r=JSON.parse(t),n=await(0,sy.importPKCS8)(r.private_key.trim(),"RS256");return new e({serviceAccount:r,privateKey:n})}get type(){return this.#t.type}get projectId(){return this.#t.project_id}get privateKeyId(){return this.#t.private_key_id}get privateKey(){return this.#e}get clientEmail(){return this.#t.client_email}get clientId(){return this.#t.client_id}get authUri(){return this.#t.auth_uri}get tokenUrl(){return this.#t.token_url}get authProviderX509CertUrl(){return this.#t.auth_provider_x509_cert_url}get clientX509CertUrl(){return this.#t.client_x509_cert_url}get universalDomain(){return this.#t.universe_domain}};Ze.GcpServiceAccount=Bl});var Is=g(kt=>{"use strict";Object.defineProperty(kt,"__esModule",{value:!0});kt.GoogleLogTransport=kt.ZuploToGCPMap=kt.GoogleCloudLoggingPlugin=void 0;var WS=ve(),Jl=Y(),zl=pn(),QS=Dt(),ay=bt(),Wl=class extends QS.LogPlugin{static{o(this,"GoogleCloudLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new Ss(this.options)}};kt.GoogleCloudLoggingPlugin=Wl;var YS="https://logging.googleapis.com/v2/entries:write?alt=json";kt.ZuploToGCPMap={error:"ERROR",warn:"WARNING",info:"INFO",debug:"DEBUG"};var Ss=class{static{o(this,"GoogleLogTransport")}constructor(t){this.#r=t.logName,this.#e=t.serviceAccountJson,this.#i=Jl.Environment.instance.loggingEnvironmentType,this.#o=Jl.Environment.instance.loggingEnvironmentStage,this.#n=Jl.Environment.instance.deploymentName}#e;#t;#r;#n;#i;#o;async log(t,r){if(t.messages.length===0)return;let n={allMessages:(0,ay.makeErrorsSerializable)(t.messages)};this.#t||(this.#t=await zl.GcpServiceAccount.init(this.#e));let i=this.#t.projectId??"zuplo-production",s={logName:this.#r,resource:{type:"global"},severity:kt.ZuploToGCPMap[t.level],timestamp:t.timestamp,trace:`projects/${i}/traces/${t.requestId}`,labels:{requestId:t.requestId,buildId:t.buildId,source:t.logSource,loggingId:t.loggingId,logOwner:t.logOwner,environment:this.#n,environmentType:this.#i,environmentStage:this.#o}};t.rayId&&(s.labels.rayId=t.rayId);let a=(0,ay.extractBestMessage)(n.allMessages);s.jsonPayload={...n,message:a},this.batcher.enqueue(s),r.waitUntil(this.batcher.waitUntilFlushed())}dispatchFunction=async t=>{if(t.length===0)return;this.#t||(this.#t=await zl.GcpServiceAccount.init(this.#e));let r=await(0,zl.getTokenFromGcpServiceAccount)({serviceAccount:this.#t,audience:"https://logging.googleapis.com/google.logging.v2.LoggingServiceV2"}),n=await fetch(YS,{method:"POST",body:JSON.stringify({entries:t}),headers:{Authorization:`Bearer ${r}`,"content-type":"application/json;charset=UTF-8"}});n.ok||console.error(n.status,n.statusText,await n.text())};batcher=new WS.BatchDispatch("google-log-transport",1,this.dispatchFunction)};kt.GoogleLogTransport=Ss});var Ql=g(hn=>{"use strict";Object.defineProperty(hn,"__esModule",{value:!0});hn.gcpLogFormat=hn.GCP_LOG_FORMAT=void 0;var cy=bt(),ZS=Is();hn.GCP_LOG_FORMAT="gcp";function XS(e){let t={allMessages:(0,cy.makeErrorsSerializable)(e.messages)},r="zuplo-production",n=(0,cy.extractBestMessage)(t.allMessages),i={logName:`projects/${r}/logs/runtime-user`,message:n,severity:ZS.ZuploToGCPMap[e.level],timestamp:e.timestamp,"logging.googleapis.com/labels":{buildId:e.buildId,source:e.logSource,loggingId:e.loggingId,logOwner:e.logOwner},"logging.googleapis.com/trace":`projects/${r}/traces/${e.requestId}`,allMessages:t.allMessages};return e.rayId&&(i["logging.googleapis.com/labels"].rayId=e.rayId),i}o(XS,"gcpLogFormat");hn.gcpLogFormat=XS});var ly=g(Ps=>{"use strict";Object.defineProperty(Ps,"__esModule",{value:!0});Ps.ConsoleTransport=void 0;var uy=Ql(),Yl=class{static{o(this,"ConsoleTransport")}constructor(t,r){this.#e=t??console,this.#t=r}#e;#t;async log(t){if(this.#t===uy.GCP_LOG_FORMAT){if(t.messages.length===0)return;this.#e[t.level].apply(null,[(0,uy.gcpLogFormat)(t)])}else this.#e[t.level].apply(null,[...t.messages,{logOwner:t.logOwner,logSource:t.logSource,level:t.level,timestamp:t.timestamp,loggingId:t.loggingId,rayId:t.rayId,requestId:t.requestId,buildId:t.buildId}])}};Ps.ConsoleTransport=Yl});var nd=g(fn=>{"use strict";Object.defineProperty(fn,"__esModule",{value:!0});fn.DataDogTransport=fn.DataDogLoggingPlugin=void 0;var eI=ve(),Zl=Y(),tI=Dt(),dy=bt(),rd=class extends tI.LogPlugin{static{o(this,"DataDogLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new As(this.options)}};fn.DataDogLoggingPlugin=rd;var Xl="__ddtags",ed="__ddattr",td=o(e=>e.replaceAll(",","_").replaceAll(":","_"),"cleanTagText"),rI=o(e=>{let t=Object.keys(e),r=[];return t.forEach(n=>{let i=e[n];i==null?r.push(td(n)):r.push(`${td(n)}:${td(i.toString())}`)}),r.join(",")},"formatTags"),As=class{static{o(this,"DataDogTransport")}constructor(t){this.#e=t.apiKey,this.#t=t.url??"https://http-intake.logs.datadoghq.com/api/v2/logs",this.#n=Zl.Environment.instance.loggingEnvironmentType,this.#i=Zl.Environment.instance.loggingEnvironmentStage,this.#r=Zl.Environment.instance.deploymentName}#e;#t;#r;#n;#i;async log(t,r){let n={},i=r.custom[Xl];i&&typeof i=="object"&&Object.assign(n,i);let s=[...t.messages],a=t.messages.findIndex(h=>h[Xl]!==void 0);a>-1&&(Object.assign(n,s[a][Xl]),s.splice(a,1));let c={},u=r.custom[ed];u&&typeof u=="object"&&Object.assign(c,u);let l=t.messages.findIndex(h=>h[ed]!==void 0);l>-1&&(Object.assign(c,s[l][ed]),s.splice(l,1));let d=(0,dy.makeErrorsSerializable)(s),m={message:{...{...t,activityId:t.requestId,trace:t.requestId},messages:d},ddsource:"Zuplo",hostname:new URL(r.originalRequest.url).hostname,msg:(0,dy.extractBestMessage)(d),service:t.loggingId,ddtags:rI(n),environment:this.#r,environment_type:this.#n,environment_stage:this.#i};Object.assign(m,c),this.batcher.enqueue(m),r.waitUntil(this.batcher.waitUntilFlushed())}dispatchFunction=async t=>{t.length!==0&&await fetch(this.#t,{method:"POST",body:JSON.stringify([...t]),headers:{"content-type":"application/json","DD-API-KEY":this.#e}})};batcher=new eI.BatchDispatch("data-dog-transport",10,this.dispatchFunction)};fn.DataDogTransport=As});var hy=g(Rs=>{"use strict";Object.defineProperty(Rs,"__esModule",{value:!0});Rs.ProcessTransport=void 0;var py=Ql(),id=class{static{o(this,"ProcessTransport")}constructor(t,r){this.#e=t,this.#t=r}#e;#t;async log(t){if(this.#t===py.GCP_LOG_FORMAT){if(t.messages.length===0)return;this.#e[t.level].apply(null,[(0,py.gcpLogFormat)(t)])}else this.#e[t.level].apply(null,[...t.messages,{logOwner:t.logOwner,logSource:t.logSource,timestamp:t.timestamp,loggingId:t.loggingId,rayId:t.rayId,requestId:t.requestId,buildId:t.buildId,vectorClock:t.vectorClock}])}};Rs.ProcessTransport=id});var my=g(xs=>{"use strict";Object.defineProperty(xs,"__esModule",{value:!0});xs.RemoteLogTransport=void 0;var nI=ve(),fy=Y(),iI=bt(),oI=o(({url:e,remoteLogToken:t,loggingId:r,sendOnlyErrors:n})=>async i=>{let s;n===!0?s=i.filter(a=>a.level==="error"):s=i,s.length!==0&&fetch(`${e}/publish/${r}`,{method:"POST",body:JSON.stringify({timestamp:Date.now(),type:"log",message:s.map(a=>({...a,messages:(0,iI.makeErrorsSerializable)(a.messages)}))}),headers:{"content-type":"application/json",authentication:`Bearer ${t}`,"user-agent":fy.Environment.instance.systemUserAgent,"zp-dn":fy.Environment.instance.deploymentName??"unknown"}}).catch(a=>{console.error(a)})},"dispatchFunction"),Os,od=class{static{o(this,"RemoteLogTransport")}constructor(t){Os||(Os=new nI.BatchDispatch("remote-log-transport",1,oI(t)))}async log(t,r){Os.enqueue(t),r.waitUntil(Os.waitUntilFlushed())}};xs.RemoteLogTransport=od});var yy=g(Lr=>{"use strict";Object.defineProperty(Lr,"__esModule",{value:!0});Lr.unifiedFormatter=Lr.SeverityNumberOpenTelemetryMap=void 0;Lr.SeverityNumberOpenTelemetryMap={internal:1,trace:2,debug:5,info:9,warn:13,error:17,fatal:21};var sI=o((e,t)=>r=>{let n={};return n.deploymentName=e,n.labels={requestId:r.requestId,source:r.logSource,loggingId:r.loggingId,logOwner:r.logOwner},n.rayId=r.rayId??"",n.runtime={buildId:t.BUILD_ID,buildTimestamp:t.TIMESTAMP,gitSHA:t.GIT_SHA,version:t.ZUPLO_VERSION},n.atomicCounter=r.vectorClock,{timestamp:r.timestamp,observerdTimestamp:r.timestamp,traceId:r.requestId,severityText:r.level,severityNumber:Lr.SeverityNumberOpenTelemetryMap[r.level],body:r.messages,attributes:n}},"unifiedFormatter");Lr.unifiedFormatter=sI});var by=g(Cs=>{"use strict";Object.defineProperty(Cs,"__esModule",{value:!0});Cs.UnifiedLogTransport=void 0;var aI=ve(),gy=Y(),cI=yy(),uI=o(({url:e,remoteLogToken:t,deploymentName:r,build:n})=>async i=>{if(i.length===0)return;let s=(0,cI.unifiedFormatter)(r,n);fetch(`${e}/v1/runtime-logs`,{method:"POST",body:JSON.stringify({entries:i.map(s)}),headers:{"content-type":"application/json",authentication:`Bearer ${t}`,"user-agent":gy.Environment.instance.systemUserAgent,"zp-dn":gy.Environment.instance.deploymentName??"unknown"}}).catch(a=>{console.error(a)})},"dispatchFunction"),Ns,sd=class{static{o(this,"UnifiedLogTransport")}constructor(t){Ns||(Ns=new aI.BatchDispatch("unified-log-transport",1,uI(t)))}async log(t,r){Ns.enqueue(t),r.waitUntil(Ns.waitUntilFlushed())}};Cs.UnifiedLogTransport=sd});var Iy=g(Ls=>{"use strict";Object.defineProperty(Ls,"__esModule",{value:!0});Ls.LogInitializer=void 0;var lI=Tr(),dI=yt(),_y=Ku(),Ey=Y(),wy=Tf(),pI=Dt(),hI=Sf(),vy=If(),Ty=ly(),fI=nd(),mI=Is(),Sy=hy(),yI=my(),gI=by(),ad=(0,lI.debug)("zuplo:logging"),cd=class{static{o(this,"LogInitializer")}serviceProvider;systemCoreLogger;userCoreLogger;constructor(t){this.serviceProvider=t,this.systemCoreLogger=this.setupSystemCoreLogger(Ey.Environment.instance),this.userCoreLogger=this.setupUserCoreLogger(Ey.Environment.instance)}setupSystemCoreLogger(t){let{build:r}=t;ad("Gateway.setupSystemCoreLogger");let n=[],i=this.serviceProvider.getService(_y.SYSTEM_LOGGER);return i?n.push(new Sy.ProcessTransport(i.logger,t.logFormat)):t.isDeno&&n.push(new Ty.ConsoleTransport(console,t.logFormat)),t.isCloudflare&&t.deploymentName&&t.remoteLogToken&&n.push(new gI.UnifiedLogTransport({url:t.remoteLogURL,deploymentName:t.deploymentName,remoteLogToken:t.remoteLogToken,build:t.build})),new wy.CoreLogger(t.systemLogLevel,"system",t.loggingId,r.BUILD_ID,n)}setupUserCoreLogger(t){ad("Gateway.setupUserCoreLogger");let r=[],{runtime:n,build:i}=t,s=this.serviceProvider.getService(_y.SYSTEM_LOGGER);if(s&&s.captureUserLogs===!0?r.push(new Sy.ProcessTransport(s.logger,t.logFormat)):t.isDeno&&r.push(new Ty.ConsoleTransport(console,t.logFormat)),t.remoteLogToken&&t.loggingId&&r.push(new yI.RemoteLogTransport({loggingId:t.loggingId,url:t.remoteLogURL,remoteLogToken:t.remoteLogToken,sendOnlyErrors:t.isCloudflare})),n.GCP_USER_LOG_NAME&&n.GCP_USER_LOG_SVC_ACCT_JSON&&r.push(new mI.GoogleLogTransport({serviceAccountJson:n.GCP_USER_LOG_SVC_ACCT_JSON,logName:n.GCP_USER_LOG_NAME})),n.ZUPLO_USER_LOGGER_DATA_DOG_API_KEY){let a=n.ZUPLO_USER_LOGGER_DATA_DOG_URL;r.push(new fI.DataDogTransport({apiKey:n.ZUPLO_USER_LOGGER_DATA_DOG_API_KEY,url:a}))}return dI.plugins.forEach(a=>{a instanceof pI.LogPlugin&&r.push(a.getTransport())}),new wy.CoreLogger(t.userLogLevel,"user",t.loggingId,i.BUILD_ID,r)}createRequestLoggers(t,r,n,i,s){ad("Gateway.createRequestLoggers");let a=new hI.LoggingContext(n,i,s),c=new vy.RequestLogger(t,r,this.systemCoreLogger,a);return{userRequestLogger:new vy.RequestLogger(t,r,this.userCoreLogger,a),systemRequestLogger:c}}};Ls.LogInitializer=cd});var ld=g(Ds=>{"use strict";Object.defineProperty(Ds,"__esModule",{value:!0});Ds.UserRouteConfiguration=void 0;var ud=class{static{o(this,"UserRouteConfiguration")}constructor(t){this.path=t.path,this.methods=t.methods,this.label=t.label,this.key=t.key,this.handler=t.handler,this.corsPolicy=t.corsPolicy,this.custom=t.custom,this.version=t.version,this.policies=t.policies,this.excludeFromOpenApi=t.excludeFromOpenApi,this.pathPattern=t.pathPattern,t.raw?(this.#e=t.raw(),this.operationId=this.raw()?.operationId,this.summary=this.raw()?.summary,this.tags=this.raw()?.tags,this.parameters=this.raw()?.parameters,this.responses=this.raw()?.responses):(this.operationId=t.operationId,this.summary=t.summary,this.tags=t.tags,this.parameters=t.parameters,this.responses=t.responses)}raw(){return this.#e}#e;label;key;path;summary;operationId;tags;parameters;responses;excludeFromOpenApi;pathPattern;custom;methods;handler;corsPolicy;version;policies};Ds.UserRouteConfiguration=ud});var pd=g(vt=>{"use strict";Object.defineProperty(vt,"__esModule",{value:!0});vt.Router=vt.RouterError=vt.LookupResult=vt.RouterEntry=void 0;var Py=D(),bI=ot(),_I=ld(),Us=class{static{o(this,"RouterEntry")}constructor(t,r,n,i){this.fullPath=t,this.urlPattern=r,this.config=n,this.executableHandler=i}fullPath;urlPattern;config;executableHandler};vt.RouterEntry=Us;var _i=class{static{o(this,"LookupResult")}constructor(t,r,n){this.routeConfiguration=t,this.params=n??{},this.executableHandler=r}executableHandler;routeConfiguration;params};vt.LookupResult=_i;var Ms=class extends Error{static{o(this,"RouterError")}constructor(t,r){super(t,r)}};vt.RouterError=Ms;var dd=class{static{o(this,"Router")}constructor(t){this.routeEntries=[],this.versions=t}versions;routeEntries;addRoute(t,r){if(!(t instanceof _I.UserRouteConfiguration||t instanceof bI.SystemRouteConfiguration))throw new Py.SystemError("Config must be a UserRouteConfiguration or SystemRouteConfiguration");let n=this.versions.find(s=>s.name===t.version)?.pathPrefix,i;"pathPattern"in t&&t.pathPattern?i=`${n??""}${t.pathPattern}`:i=`${n??""}${t.path}`;try{let s=new URLPattern({pathname:i}),a=new Us(i,s,t,r);Object.freeze(a.config),this.routeEntries.push(a)}catch(s){throw new Ms(`addRoute-error: Invalid path '${i}'. '${s.message}'`,{cause:s})}}lookup(t,r){if(typeof t>"u")throw new Py.ConfigurationError(`Invalid request - Method was undefined. Path: '${r}'`);let n=this.routeEntries.filter(i=>i.config.methods.includes(t));if(n.length!==0)for(let i=0;i<n.length;i++){let s=n[i],c=s.urlPattern.exec({pathname:r});if(c!==null)return new _i(s.config,s.executableHandler,c.pathname.groups)}}lookupByPathOnly(t){let r=[];for(let n=0;n<this.routeEntries.length;n++){let i=this.routeEntries[n],a=i.urlPattern.exec({pathname:t});if(a!==null){let c=new _i(i.config,i.executableHandler,a.pathname.groups);r.push(c)}}return r}};vt.Router=dd});var mn=g(Hs=>{"use strict";Object.defineProperty(Hs,"__esModule",{value:!0});Hs.Gateway=void 0;var EI=Tr(),Ay=Yh(),Ry=sf(),wI=af(),Oy=cf(),xy=pf(),Ht=Xn(),ks=Sr(),Ny=vf(),St=D(),Ei=yt(),vI=Iy(),TI=Nt(),SI=se(),II=Gu(),PI=Qt(),AI=zr(),RI=He(),OI=pd(),hd=ot(),Cy=ld(),xI=Le(),NI=No(),Ly=Y(),Dy=Or(),CI=["/__zuplo/ping","/__zuplo/open-api","/__zuplo/docs","/__zuplo/consumers","/__zuplo/external-users","/__zuplo/assets","/__zuplo/config","/__zuplo/build","/favicon.ico"],Tt=(0,EI.debug)("zuplo:runtime"),LI=o(e=>{let t=e.findIndex(r=>r.name===hd.systemNoVersion.name);return t>-1?[...e.splice(t),hd.systemNoVersion]:[...e,hd.systemNoVersion]},"setupSystemNoVersion"),fd=class e{static{o(this,"Gateway")}routeData;runtimeSettings;schemaValidator;static#e;constructor(t,r,n,i){this.routeData=t,this.runtimeSettings=r,this.schemaValidator=i,Tt("Gateway.constructor"),this.#r=this.setupRoutes(),this.#i=this.setupErrorHandler(),this.#t=new vI.LogInitializer(n)}static async initialize(t,r,n,i,s){if(Tt("Gateway.initialize"),!e.#e){await(0,Ei.initializeRuntime)(s);let a={...t,corsPolicies:(0,NI.parseCorsPolicies)(t.corsPolicies)},c=new e(a,r,n,i);e.#e=c}return e.#e}static purgeGatewayCache(){Tt("Gateway.purgeGatewayCache"),e.#e=void 0}static get instance(){if(!e.#e)throw new St.SystemError("Gateway cannot be used before it is initialized");return e.#e}instanceId=crypto.randomUUID();#t;#r;#n=[AI.policyProcessor,II.corsProcessor,PI.metricsProcessor];#i;setupRoutes=()=>{Tt("Gateway.setupRoutes");let t=this.routeData,r=LI(t.versions),n=new OI.Router(r);if(t.routes.length===0)return(0,Ay.registerBuildRoute)(n,this),(0,xy.registerPingRoute)(n,this),(0,Ry.registerCorsRoute)(n,this),(0,wI.registerNoRoutes)(n,this),n;let{enabled:i}=this.runtimeSettings.developerPortal;i&&((0,Ny.registerDevPortalLegacyRedirectRoute)(n,this),(0,Ny.registerDevPortalV3Route)(n,this)),(0,Ay.registerBuildRoute)(n,this),(0,xy.registerPingRoute)(n,this),(0,Ry.registerCorsRoute)(n,this);for(let s of Ei.plugins)s instanceof Ei.SystemRuntimePlugin&&s.registerRoutes(n,this);return t.routes.forEach(s=>{let a;if(typeof s.handler?.module=="object"&&(a=s.handler?.module[s.handler.export]),typeof a!="function")throw new St.ConfigurationError(`Invalid state - No handler on route for path '${s.path}'`);let c=new TI.Pipeline({processors:this.#n,handler:a,gateway:this}),u=new Cy.UserRouteConfiguration(s);n.addRoute(u,c.execute)}),(0,Oy.registerNotMatchedHandler)(n,this),n};setupErrorHandler=()=>{let t;if(typeof this.routeData.requestErrorHandler?.module=="object"){if(t=this.routeData.requestErrorHandler.module[this.routeData.requestErrorHandler.export],typeof t!="function")throw new St.ConfigurationError("Invalid state - Module and export set for 'errorHandler' is not a function")}else t=o((r,n,i)=>this.#o(r,n,i),"errorHandler");return t};errorHandler(t,r,n){try{return this.#i(t,r,n)}catch(i){return Tt("An error occurred in the user's errorHandler",i),this.#o(t,r,i)}}#o(t,r,n){Tt("Gateway.internalErrorResponse");let i={};if(Ly.Environment.instance.isDeno){if(n instanceof St.RuntimeError&&n.extensionMembers)i=n.extensionMembers;else if(n.cause){let s=(0,Dy.serializeError)(n.cause);"stack"in s&&(s.stack=(0,Dy.cleanStack)(s.stack)),i={cause:s}}}return SI.HttpProblems.internalServerError(t,r,{detail:n.message,...i})}#s(t){let r=new Headers(t.headers);return Ht.DISPATCH_HEADERS_TO_REMOVE.forEach(n=>{r.delete(n)}),Ly.Environment.instance.isDeno&&Ht.INTERNAL_HEADERS_TO_REMOVE.forEach(n=>{r.delete(n)}),new Request(t,{headers:r})}async handleRequest(t,r){let n=t.headers.get(Ht.REQUEST_ID_HEADER)??t.headers.get(Ht.LEGACY_REQUEST_ID_HEADER),i=t.headers.get(Ht.RAY_ID_HEADER);if(!n){n=crypto.randomUUID();let T=new Headers(t.headers);T.set(Ht.REQUEST_ID_HEADER,n),t=new Request(t,{headers:T})}if(["GET","HEAD"].includes(t.method)&&t.body){let T=new Headers(t.headers);T.set(Ht.BODY_REMOVED_HEADER,"true"),t=new Request(t,{headers:T,body:null})}let s={},{userRequestLogger:a,systemRequestLogger:c}=this.#t.createRequestLoggers(n,i,r,s,t),u=new URL(t.url),l=u.pathname,d=this.#r.lookup(t.method,l);if(!d)throw new St.SystemError(`Invalid state - no route match - should have been picked up by the not found handler, path: '${l}'`);let p=new ks.HeaderIncomingRequestProperties(t.headers),m=this.#s(t),h=new RI.ZuploRequest(m,{params:d.params}),y=new ks.SystemZuploContext({logger:a,route:d.routeConfiguration,requestId:n,fetchEvent:r,custom:s,incomingRequestProperties:p}),w=ks.ZuploContextExtensions.initialize(y,h);if(d.routeConfiguration===Oy.notFoundRouteConfiguration&&Ei.runtimeExtensions.value?.notFoundHandler!==void 0){let T=this.#r.lookupByPathOnly(l);w.pathOnlyMatches=T.map(S=>S.routeConfiguration).filter(S=>S instanceof Cy.UserRouteConfiguration)}try{if(xI.SystemLogMap.addLogger(y,c),!u.pathname.startsWith("/__zuplo")){let F=await(0,Ei.invokeOnRequestExtensions)(h,y);if(F instanceof Response)return F;{let N=ks.ZuploContextExtensions.getContextExtensions(y);h=F,N.latestRequest=h}}[...CI,...this.runtimeSettings.developerPortal.enabled?[this.runtimeSettings.developerPortal.sitePathname]:[]].filter(F=>new RegExp(F).test(u.pathname)).length===0&&a.debug(`Request received '${u.pathname}'`,{method:t.method,url:u.pathname,hostname:u.hostname,route:d.routeConfiguration.path});let S=d.executableHandler;DI(S,d,t),Tt("Gateway.handleRequest - call user handler");let L=await S(h,y);if(Tt("Gateway.handleRequest - user handler"),!(L instanceof Response))throw new St.RuntimeError(`Invalid Response type from the request handler: ${typeof L}`);if(L.bodyUsed)throw new St.RuntimeError("The response object has already been used. Return a new response instead.");if(L.headers.get(Ht.REQUEST_ID_HEADER)===null&&!L.webSocket){let F=new Headers(L.headers);return F.set(Ht.REQUEST_ID_HEADER,n),new Response(L.body,{status:L.status,statusText:L.statusText,headers:F,cf:L.cf})}else return L}catch(T){return Tt("Gateway - error executing handler",T),T instanceof St.RuntimeError?(a.error(T),c.warn(T)):c.error(T),await this.#o(h,y,T)}}};Hs.Gateway=fd;function DI(e,t,r){if(Tt("Gateway.checkHandler"),!e)throw typeof t.routeConfiguration>"u"?new St.ConfigurationError(`Invalid state - no routeConfiguration for '${r.method}:${r.url}`):new St.ConfigurationError(`Invalid state. No handler for request '${r.method}':'${t.routeConfiguration.path}'`)}o(DI,"checkHandler")});var Uy=g(Fs=>{"use strict";Object.defineProperty(Fs,"__esModule",{value:!0});Fs.invokeInboundPolicy=void 0;var UI=D(),MI=mn(),kI=zr(),HI=o(async(e,t,r)=>{let n=MI.Gateway.instance.routeData.policies,i=(0,kI.getInboundPolicyHandlerAndOptions)([e],n);if(i.length===0)throw new UI.RuntimeError(`Invalid 'invokeInboundPolicy call' - no policy '${e}' found.`);let s=i[0];return s.handler(t,r,s.options,e)},"invokeInboundPolicy");Fs.invokeInboundPolicy=HI});var Sr=g(Xe=>{"use strict";Object.defineProperty(Xe,"__esModule",{value:!0});Xe.SystemZuploContext=Xe.ZuploContextExtensions=Xe.ResponseSentEvent=Xe.ResponseSendingEvent=Xe.HeaderIncomingRequestProperties=void 0;var _e=Xn(),FI=D(),qI=Uy(),md=class{static{o(this,"HeaderIncomingRequestProperties")}#e;constructor(t){this.#e=t}get asn(){try{let t=this.#e.get(_e.ZP_ASN_HEADER);if(typeof t=="string")return parseInt(t)}catch{}}get asOrganization(){return this.#e.get(_e.ZP_AS_ORG_HEADER)??void 0}get city(){return this.#e.get(_e.CF_IP_CITY_HEADER)??this.#e.get(_e.ZP_IP_CITY_HEADER)??void 0}get continent(){return this.#e.get(_e.CF_IP_CONTINENT_HEADER)??this.#e.get(_e.ZP_IP_CONTINENT_HEADER)??void 0}get country(){return this.#e.get(_e.CF_IP_COUNTRY_HEADER)??this.#e.get(_e.ZP_IP_COUNTRY_HEADER)??void 0}get latitude(){return this.#e.get(_e.CF_IP_LATITUDE_HEADER)??this.#e.get(_e.ZP_IP_LATITUDE_HEADER)??void 0}get longitude(){return this.#e.get(_e.CF_IP_LONGITUDE_HEADER)??this.#e.get(_e.ZP_IP_LONGITUDE_HEADER)??void 0}get colo(){return this.#e.get(_e.ZP_COLO_HEADER)??void 0}get postalCode(){return this.#e.get(_e.ZP_POSTAL_CODE_HEADER)??void 0}get metroCode(){return this.#e.get(_e.ZP_METRO_CODE_HEADER)??void 0}get region(){return this.#e.get(_e.ZP_REGION_HEADER)??void 0}get regionCode(){return this.#e.get(_e.ZP_REGION_CODE_HEADER)??void 0}get timezone(){return this.#e.get(_e.ZP_TIMEZONE_HEADER)??void 0}toJSON(){return{asn:this.asn,asOrganization:this.asOrganization,city:this.city,continent:this.continent,country:this.country,latitude:this.latitude,longitude:this.longitude,colo:this.colo,postalCode:this.postalCode,metroCode:this.metroCode,region:this.region,regionCode:this.regionCode,timezone:this.timezone}}};Xe.HeaderIncomingRequestProperties=md;var yd=class extends Event{static{o(this,"ResponseSendingEvent")}constructor(t,r){super("responseSending"),this.request=t,this.mutableResponse=r}request;mutableResponse};Xe.ResponseSendingEvent=yd;var gd=class extends Event{static{o(this,"ResponseSentEvent")}constructor(t,r){super("responseSent"),this.request=t,this.response=r}request;response};Xe.ResponseSentEvent=gd;var wi=class e{static{o(this,"ZuploContextExtensions")}static#e=new WeakMap;static initialize(t,r){if(!e.#e.has(t)){let n=new e(r);return e.#e.set(t,n),n}throw new Error(`ZuploContextExtensions already initialized for context with requestId '${t.requestId}'`)}static getContextExtensions(t){let r=e.#e.get(t);if(!r)throw new FI.RuntimeError(`Invalid state, could not get ZuploContext extensions for context with requestId '${t.requestId}'`);return r}latestRequest;pathOnlyMatches;#t;#r;constructor(t){this.latestRequest=t,this.#t=[],this.#r=[]}addResponseSendingHook(t){this.#r.push(t)}addResponseSendingFinalHook(t){this.#t.push(t)}onResponseSendingFinal=async(t,r,n)=>{for(let i of this.#t)await i(t,r,n)};onResponseSending=async(t,r,n)=>{let i=t;for(let s of this.#r)i=await s(t,r,n);return i}};Xe.ZuploContextExtensions=wi;var bd=class extends EventTarget{static{o(this,"SystemZuploContext")}constructor({logger:t,route:r,requestId:n,fetchEvent:i,custom:s,incomingRequestProperties:a}){super(),this.log=Object.freeze(t),this.route=r,this.requestId=n,this.custom=s,this.incomingRequestProperties=a,this.#e=i,this.invokeInboundPolicy=(c,u)=>(0,qI.invokeInboundPolicy)(c,u,this),this.waitUntil=c=>{this.#e.waitUntil(c)},this.addResponseSendingHook=c=>{wi.getContextExtensions(this).addResponseSendingHook(c)},this.addResponseSendingFinalHook=c=>{wi.getContextExtensions(this).addResponseSendingFinalHook(c)},Object.freeze(this)}#e;requestId;log;route;custom;incomingRequestProperties;invokeInboundPolicy;waitUntil;addResponseSendingHook;addResponseSendingFinalHook;addEventListener(t,r,n){let i=o(s=>{try{typeof r=="function"?r(s):r.handleEvent(s)}catch(a){throw this.log.error(`Error invoking event ${t}. See following logs for details.`),a}},"wrapped");super.addEventListener(t,i,n)}};Xe.SystemZuploContext=bd});var $s=g(qs=>{"use strict";Object.defineProperty(qs,"__esModule",{value:!0});qs.ContextData=void 0;var _d=class e{static{o(this,"ContextData")}static#e;#t;constructor(t){this.#t=t}set(t,r){e.set(t,this.#t,r)}get(t){return e.get(t,this.#t)}static set(t,r,n){e.#e||(e.#e=new WeakMap);let i=e.#e.get(t);i||(i=new Map),i.set(r,n),e.#e.set(t,i)}static get(t,r){return e.#e||(e.#e=new WeakMap),e.#e.get(t)?.get(r)}};qs.ContextData=_d});var Ed=g(pr=>{"use strict";Object.defineProperty(pr,"__esModule",{value:!0});pr.environment=pr.isZuploReadableEnvVariableName=pr.isRestrictedEnvVariableName=void 0;var $I=["ZUPLO_USER_LOGGER_DATA_DOG_API_KEY","ZUPLO_USER_LOGGER_DATA_DOG_URL","ZUPLO_LOG_LEVEL","ZUPLO_HANDLER_WRITE_LOG_LEVEL"];function My(e){return e.startsWith("__ZUPLO")||e.startsWith("ZUPLO_")?!$I.includes(e)&&!e.startsWith("ZUPLO_PUBLIC_"):!1}o(My,"isRestrictedEnvVariableName");pr.isRestrictedEnvVariableName=My;function ky(e){return!!e.startsWith("ZUPLO_")}o(ky,"isZuploReadableEnvVariableName");pr.isZuploReadableEnvVariableName=ky;var jI=new Proxy({},{get(e,t){if(My(String(t))&&!ky(String(t)))return;let r=globalThis,n;return r.process?n=r.process.env[t]:n=r[t],n}});pr.environment=jI});var wd=g(yn=>{"use strict";Object.defineProperty(yn,"__esModule",{value:!0});yn.externalServiceHandler=yn.externalServiceTunnelConfig=void 0;var VI=Tr(),Dr=D(),GI=vd(),vi=Y(),ut=(0,VI.debug)("zuplo:runtime:external-service");function Fy(){let e,{__ZUPLO_EXTERNAL_SERVICE_TOKEN:t}=vi.Environment.instance.runtime;if(t&&t!=="undefined")try{let r=atob(t);e=JSON.parse(r)}catch{}return e}o(Fy,"getServiceAuth");async function BI(e){let t=Fy();if(!t)throw ut("There is no external service auth configured for this zup."),new Dr.RuntimeError("There are no external services configured for this zup.");if(typeof e!="string")throw ut("Cannot call external service with Request object"),new Dr.RuntimeError("Currently, we only support fetch(<some_string>, ...).");let n=new URL(e).hostname,i={};i["CF-Access-Client-Id"]=t.clientId,i["CF-Access-Client-Secret"]=t.clientSecret;let s;if(t.customServiceMapping&&t.customServiceMapping[n])s=`https://${t.customServiceMapping[n]}`;else if(vi.Environment.instance.useSha256ServiceRouting){ut("Using sha256 service routing");let a=vi.Environment.instance.build;if(a.ACCOUNT_NAME&&a.PROJECT_NAME&&a.ENVIRONMENT_TYPE)s=`https://${await qy(n,a.ACCOUNT_NAME,a.PROJECT_NAME,a.ENVIRONMENT_TYPE)}.zuptunnel.com`;else throw ut("Cannot use sha256 service routing, missing build variables"),new Dr.RuntimeError("Failed to generate fully qualified tunnel url.")}else s=`https://${n}.zuptunnel.com`;return{serviceBaseUrl:s,tunnelHeaders:i}}o(BI,"externalServiceTunnelConfig");yn.externalServiceTunnelConfig=BI;async function KI(e,t){let r=Fy();if(r)if(ut(`Using external service auth. ClientId: ${r.clientId})`),typeof e=="string"){let n=new URL(e),i=n.hostname,s=t??{},a=new Headers(s.headers||{});a.set("CF-Access-Client-Id",r.clientId),a.set("CF-Access-Client-Secret",r.clientSecret),s.headers=a;let c;if(r.customServiceMapping&&r.customServiceMapping[i])c=`https://${r.customServiceMapping[i]}`;else if(vi.Environment.instance.useSha256ServiceRouting){ut("Using sha256 service routing");let d=vi.Environment.instance.build;if(d.ACCOUNT_NAME&&d.PROJECT_NAME&&d.ENVIRONMENT_TYPE)c=`https://${await qy(i,d.ACCOUNT_NAME,d.PROJECT_NAME,d.ENVIRONMENT_TYPE)}.zuptunnel.com`;else throw ut("Cannot use sha256 service routing, missing build variables"),new Dr.RuntimeError("Failed to generate fully qualified tunnel url.")}else c=`https://${i}.zuptunnel.com`;let u=new URL(`${c}${n.pathname}${n.search}`);ut(`Calling external service: ${u.toString()}`);let l=await(0,GI.originalFetch)(u.toString(),s);if(l.status===403&&l.headers.get("cf-access-domain")!==null)throw console.error("403 Forbidden when calling external service.",{clientId:r.clientId,tunnelHost:c}),new Dr.RuntimeError("Could not connect to secure tunnel.");return l}else throw ut("Cannot call external service with Request object"),new Dr.RuntimeError("Currently, we only support fetch(<some_string>, ...).");else throw ut("There is no external service auth configured for this zup."),new Dr.RuntimeError("There are no external services configured for this zup.")}o(KI,"externalServiceHandler");yn.externalServiceHandler=KI;async function qy(e,t,r,n){let i=e.toLowerCase(),s=t.toLowerCase(),a=r.toLowerCase(),c=JI(n);ut(`Hashing service name: ${s}-${i}.${s}-${a}-${c}`);let u=await Hy(`${s}-${i}`),l=await Hy(`${s}-${a}-${c}`);return`${u}.${l}`}o(qy,"hashServiceName");async function Hy(e){let t=new TextEncoder().encode(e),r=await crypto.subtle.digest("SHA-256",t);return Array.from(new Uint8Array(r)).map(s=>s.toString(16).padStart(2,"0")).join("").slice(0,-1)}o(Hy,"hashSegment");function JI(e){let t=e.toLowerCase();switch(t){case"production":case"preview":return t;default:return"working-copy"}}o(JI,"sanitizeEnvironmentType")});var vd=g(gn=>{"use strict";Object.defineProperty(gn,"__esModule",{value:!0});gn.originalFetch=void 0;var zI=wd(),$y=new Map;$y.set("service:",zI.externalServiceHandler);gn.originalFetch=globalThis.fetch;globalThis.fetch=function(e,t){let r=WI(t);if(typeof e=="string"){let n=new URL(e),i=$y.get(n.protocol);return i?i(e,r):(0,gn.originalFetch)(e,r)}else return(0,gn.originalFetch)(e,r)};var WI=o(e=>{if(!e||e instanceof Request)return e;let t=e;if(!t.zuplo)return e;let r=e;return r.cf={cacheEverything:t.zuplo?.cacheEverything,cacheTtl:t.zuplo?.cacheTtlSeconds},delete e.zuplo,e},"transformInit")});var Gy=g(bn=>{"use strict";Object.defineProperty(bn,"__esModule",{value:!0});bn.Handler=bn.purgeGatewayCache=void 0;var QI=D(),Vy=mn(),jy=Y(),YI=o(()=>{Vy.Gateway.purgeGatewayCache()},"purgeGatewayCache");bn.purgeGatewayCache=YI;var Td=class{static{o(this,"Handler")}routeData;buildEnvironment;runtimeEnvironment;runtimeSettings;serviceProvider;schemaValidations;runtimeInit;constructor(t,r,n,i,s,a,c){this.routeData=t,this.buildEnvironment=r,this.runtimeEnvironment=n,this.runtimeSettings=i,this.serviceProvider=s,this.schemaValidations=a,this.runtimeInit=c}requestHandler=async(t,r)=>{jy.Environment.initialize(this.buildEnvironment,this.runtimeEnvironment);let n;try{n=await Vy.Gateway.initialize(this.routeData,this.runtimeSettings,this.serviceProvider,this.schemaValidations,this.runtimeInit)}catch(i){console.error("Error initializing gateway.",i);let s="Error initializing gateway. Check your 'zuplo.runtime.ts' for errors or contact support.";i instanceof QI.ConfigurationError&&(s=i.message);let a={status:500,title:"Gateway Initialization Error",type:"https://httpproblems.com/http-status/500",detail:s,instance:t.url,trace:{timestamp:Date.now(),rayId:t.headers.get("cf-ray")??void 0,buildId:this.buildEnvironment.BUILD_ID},message:jy.Environment.instance.isDeno?i.message:void 0};return new Response(JSON.stringify(a,null,2),{status:500,headers:{"content-type":"application/json"}})}return n.handleRequest(t,r)}};bn.Handler=Td});var zy=g(Re=>{"use strict";Object.defineProperty(Re,"__esModule",{value:!0});Re.pathToRegexp=Re.tokensToRegexp=Re.regexpToFunction=Re.match=Re.tokensToFunction=Re.compile=Re.parse=void 0;function ZI(e){for(var t=[],r=0;r<e.length;){var n=e[r];if(n==="*"||n==="+"||n==="?"){t.push({type:"MODIFIER",index:r,value:e[r++]});continue}if(n==="\\"){t.push({type:"ESCAPED_CHAR",index:r++,value:e[r++]});continue}if(n==="{"){t.push({type:"OPEN",index:r,value:e[r++]});continue}if(n==="}"){t.push({type:"CLOSE",index:r,value:e[r++]});continue}if(n===":"){for(var i="",s=r+1;s<e.length;){var a=e.charCodeAt(s);if(a>=48&&a<=57||a>=65&&a<=90||a>=97&&a<=122||a===95){i+=e[s++];continue}break}if(!i)throw new TypeError("Missing parameter name at ".concat(r));t.push({type:"NAME",index:r,value:i}),r=s;continue}if(n==="("){var c=1,u="",s=r+1;if(e[s]==="?")throw new TypeError('Pattern cannot start with "?" at '.concat(s));for(;s<e.length;){if(e[s]==="\\"){u+=e[s++]+e[s++];continue}if(e[s]===")"){if(c--,c===0){s++;break}}else if(e[s]==="("&&(c++,e[s+1]!=="?"))throw new TypeError("Capturing groups are not allowed at ".concat(s));u+=e[s++]}if(c)throw new TypeError("Unbalanced pattern at ".concat(r));if(!u)throw new TypeError("Missing pattern at ".concat(r));t.push({type:"PATTERN",index:r,value:u}),r=s;continue}t.push({type:"CHAR",index:r,value:e[r++]})}return t.push({type:"END",index:r,value:""}),t}o(ZI,"lexer");function Sd(e,t){t===void 0&&(t={});for(var r=ZI(e),n=t.prefixes,i=n===void 0?"./":n,s="[^".concat(_n(t.delimiter||"/#?"),"]+?"),a=[],c=0,u=0,l="",d=o(function(ne){if(u<r.length&&r[u].type===ne)return r[u++].value},"tryConsume"),p=o(function(ne){var me=d(ne);if(me!==void 0)return me;var Be=r[u],E=Be.type,H=Be.index;throw new TypeError("Unexpected ".concat(E," at ").concat(H,", expected ").concat(ne))},"mustConsume"),m=o(function(){for(var ne="",me;me=d("CHAR")||d("ESCAPED_CHAR");)ne+=me;return ne},"consumeText");u<r.length;){var h=d("CHAR"),y=d("NAME"),w=d("PATTERN");if(y||w){var T=h||"";i.indexOf(T)===-1&&(l+=T,T=""),l&&(a.push(l),l=""),a.push({name:y||c++,prefix:T,suffix:"",pattern:w||s,modifier:d("MODIFIER")||""});continue}var S=h||d("ESCAPED_CHAR");if(S){l+=S;continue}l&&(a.push(l),l="");var L=d("OPEN");if(L){var T=m(),F=d("NAME")||"",N=d("PATTERN")||"",re=m();p("CLOSE"),a.push({name:F||(N?c++:""),pattern:F&&!N?s:N,prefix:T,suffix:re,modifier:d("MODIFIER")||""});continue}p("END")}return a}o(Sd,"parse");Re.parse=Sd;function XI(e,t){return By(Sd(e,t),t)}o(XI,"compile");Re.compile=XI;function By(e,t){t===void 0&&(t={});var r=Id(t),n=t.encode,i=n===void 0?function(u){return u}:n,s=t.validate,a=s===void 0?!0:s,c=e.map(function(u){if(typeof u=="object")return new RegExp("^(?:".concat(u.pattern,")$"),r)});return function(u){for(var l="",d=0;d<e.length;d++){var p=e[d];if(typeof p=="string"){l+=p;continue}var m=u?u[p.name]:void 0,h=p.modifier==="?"||p.modifier==="*",y=p.modifier==="*"||p.modifier==="+";if(Array.isArray(m)){if(!y)throw new TypeError('Expected "'.concat(p.name,'" to not repeat, but got an array'));if(m.length===0){if(h)continue;throw new TypeError('Expected "'.concat(p.name,'" to not be empty'))}for(var w=0;w<m.length;w++){var T=i(m[w],p);if(a&&!c[d].test(T))throw new TypeError('Expected all "'.concat(p.name,'" to match "').concat(p.pattern,'", but got "').concat(T,'"'));l+=p.prefix+T+p.suffix}continue}if(typeof m=="string"||typeof m=="number"){var T=i(String(m),p);if(a&&!c[d].test(T))throw new TypeError('Expected "'.concat(p.name,'" to match "').concat(p.pattern,'", but got "').concat(T,'"'));l+=p.prefix+T+p.suffix;continue}if(!h){var S=y?"an array":"a string";throw new TypeError('Expected "'.concat(p.name,'" to be ').concat(S))}}return l}}o(By,"tokensToFunction");Re.tokensToFunction=By;function eP(e,t){var r=[],n=Pd(e,r,t);return Ky(n,r,t)}o(eP,"match");Re.match=eP;function Ky(e,t,r){r===void 0&&(r={});var n=r.decode,i=n===void 0?function(s){return s}:n;return function(s){var a=e.exec(s);if(!a)return!1;for(var c=a[0],u=a.index,l=Object.create(null),d=o(function(m){if(a[m]===void 0)return"continue";var h=t[m-1];h.modifier==="*"||h.modifier==="+"?l[h.name]=a[m].split(h.prefix+h.suffix).map(function(y){return i(y,h)}):l[h.name]=i(a[m],h)},"_loop_1"),p=1;p<a.length;p++)d(p);return{path:c,index:u,params:l}}}o(Ky,"regexpToFunction");Re.regexpToFunction=Ky;function _n(e){return e.replace(/([.+*?=^!:${}()[\]|/\\])/g,"\\$1")}o(_n,"escapeString");function Id(e){return e&&e.sensitive?"":"i"}o(Id,"flags");function tP(e,t){if(!t)return e;for(var r=/\((?:\?<(.*?)>)?(?!\?)/g,n=0,i=r.exec(e.source);i;)t.push({name:i[1]||n++,prefix:"",suffix:"",modifier:"",pattern:""}),i=r.exec(e.source);return e}o(tP,"regexpToRegexp");function rP(e,t,r){var n=e.map(function(i){return Pd(i,t,r).source});return new RegExp("(?:".concat(n.join("|"),")"),Id(r))}o(rP,"arrayToRegexp");function nP(e,t,r){return Jy(Sd(e,r),t,r)}o(nP,"stringToRegexp");function Jy(e,t,r){r===void 0&&(r={});for(var n=r.strict,i=n===void 0?!1:n,s=r.start,a=s===void 0?!0:s,c=r.end,u=c===void 0?!0:c,l=r.encode,d=l===void 0?function(H){return H}:l,p=r.delimiter,m=p===void 0?"/#?":p,h=r.endsWith,y=h===void 0?"":h,w="[".concat(_n(y),"]|$"),T="[".concat(_n(m),"]"),S=a?"^":"",L=0,F=e;L<F.length;L++){var N=F[L];if(typeof N=="string")S+=_n(d(N));else{var re=_n(d(N.prefix)),ne=_n(d(N.suffix));if(N.pattern)if(t&&t.push(N),re||ne)if(N.modifier==="+"||N.modifier==="*"){var me=N.modifier==="*"?"?":"";S+="(?:".concat(re,"((?:").concat(N.pattern,")(?:").concat(ne).concat(re,"(?:").concat(N.pattern,"))*)").concat(ne,")").concat(me)}else S+="(?:".concat(re,"(").concat(N.pattern,")").concat(ne,")").concat(N.modifier);else N.modifier==="+"||N.modifier==="*"?S+="((?:".concat(N.pattern,")").concat(N.modifier,")"):S+="(".concat(N.pattern,")").concat(N.modifier);else S+="(?:".concat(re).concat(ne,")").concat(N.modifier)}}if(u)i||(S+="".concat(T,"?")),S+=r.endsWith?"(?=".concat(w,")"):"$";else{var Be=e[e.length-1],E=typeof Be=="string"?T.indexOf(Be[Be.length-1])>-1:Be===void 0;i||(S+="(?:".concat(T,"(?=").concat(w,"))?")),E||(S+="(?=".concat(T,"|").concat(w,")"))}return new RegExp(S,Id(r))}o(Jy,"tokensToRegexp");Re.tokensToRegexp=Jy;function Pd(e,t,r){return e instanceof RegExp?tP(e,t):Array.isArray(e)?rP(e,t,r):nP(e,t,r)}o(Pd,"pathToRegexp");Re.pathToRegexp=Pd});var xd=g(En=>{"use strict";Object.defineProperty(En,"__esModule",{value:!0});En.AwsV4Signer=En.AwsClient=void 0;var iP=Tr(),Zy=D(),oP=(0,iP.debug)("zuplo:runtime"),Rd=new TextEncoder,Wy={appstream2:"appstream",cloudhsmv2:"cloudhsm",email:"ses",marketplace:"aws-marketplace",mobile:"AWSMobileHubService",pinpoint:"mobiletargeting",queue:"sqs","git-codecommit":"codecommit","mturk-requester-sandbox":"mturk-requester","personalize-runtime":"personalize"},sP=["authorization","content-type","content-length","user-agent","presigned-expires","expect","x-amzn-trace-id","range","connection"],Od=class{static{o(this,"AwsClient")}accessKeyId;secretAccessKey;sessionToken;service;region;cache;retries;initRetryMs;constructor({accessKeyId:t,secretAccessKey:r,sessionToken:n,service:i,region:s,cache:a,retries:c,initRetryMs:u}){if(t==null)throw new TypeError("accessKeyId is a required option");if(r==null)throw new TypeError("secretAccessKey is a required option");this.accessKeyId=t,this.secretAccessKey=r,this.sessionToken=n,this.service=i,this.region=s,this.cache=a||new Map,this.retries=c??0,this.initRetryMs=u||50}async sign(t,r){let n=new js(Object.assign({url:t},r,this,r&&r.aws)),i=Object.assign({},r,await n.sign());return delete i.aws,{url:i.url.toString(),request:i}}async fetch(t,r){oP("AWS fetch",t);for(let n=0;n<=this.retries;n++){let{url:i,request:s}=await this.sign(t,r),a=fetch(i,s);if(n===this.retries)return a;let c=await a;if(c.status<500&&c.status!==429)return c;await new Promise(u=>setTimeout(u,Math.random()*this.initRetryMs*Math.pow(2,n)))}throw new Zy.ConfigurationError("An unknown error occurred, ensure retries is not negative")}};En.AwsClient=Od;var js=class{static{o(this,"AwsV4Signer")}method;url;headers;body;accessKeyId;secretAccessKey;sessionToken;service;region;cache;datetime;signQuery;appendSessionToken;signableHeaders;signedHeaders;canonicalHeaders;credentialString;encodedPath;encodedSearch;constructor({method:t,url:r,headers:n,body:i,accessKeyId:s,secretAccessKey:a,sessionToken:c,service:u,region:l,cache:d,datetime:p,signQuery:m,appendSessionToken:h,allHeaders:y,singleEncode:w}){if(r==null)throw new TypeError("url is a required option");if(s==null)throw new TypeError("accessKeyId is a required option");if(a==null)throw new TypeError("secretAccessKey is a required option");this.method=t||(i?"POST":"GET"),this.url=new URL(r),this.headers=new Headers(n||{}),this.body=i,this.accessKeyId=s,this.secretAccessKey=a,this.sessionToken=c;let T,S;(!u||!l)&&([T,S]=aP(this.url,this.headers)),this.service=u||T||"",this.region=l||S||"us-east-1",this.cache=d||new Map,this.datetime=p||new Date().toISOString().replace(/[:-]|\.\d{3}/g,""),this.signQuery=m,this.appendSessionToken=h||this.service==="iotdevicegateway",this.headers.delete("Host");let L=this.signQuery?this.url.searchParams:this.headers;if(this.service==="s3"&&!this.headers.has("X-Amz-Content-Sha256")&&this.headers.set("X-Amz-Content-Sha256","UNSIGNED-PAYLOAD"),L.set("X-Amz-Date",this.datetime),this.sessionToken&&!this.appendSessionToken&&L.set("X-Amz-Security-Token",this.sessionToken),this.signableHeaders=["host",...this.headers.keys()].filter(N=>y||!sP.includes(N)).sort(),this.signedHeaders=this.signableHeaders.join(";"),this.canonicalHeaders=this.signableHeaders.map(N=>N+":"+(N==="host"?this.url.host:(this.headers.get(N)||"").replace(/\s+/g," "))).join(`
60
+ `),this.credentialString=[this.datetime.slice(0,8),this.region,this.service,"aws4_request"].join("/"),this.signQuery&&(this.service==="s3"&&!L.has("X-Amz-Expires")&&L.set("X-Amz-Expires","86400"),L.set("X-Amz-Algorithm","AWS4-HMAC-SHA256"),L.set("X-Amz-Credential",this.accessKeyId+"/"+this.credentialString),L.set("X-Amz-SignedHeaders",this.signedHeaders)),this.service==="s3")try{this.encodedPath=decodeURIComponent(this.url.pathname.replace(/\+/g," "))}catch{this.encodedPath=this.url.pathname}else this.encodedPath=this.url.pathname.replace(/\/+/g,"/");w||(this.encodedPath=encodeURIComponent(this.encodedPath).replace(/%2F/g,"/")),this.encodedPath=Yy(this.encodedPath);let F=new Set;this.encodedSearch=[...this.url.searchParams].filter(([N])=>{if(!N)return!1;if(this.service==="s3"){if(F.has(N))return!1;F.add(N)}return!0}).map(N=>N.map(re=>Yy(encodeURIComponent(re)))).sort(([N,re],[ne,me])=>N<ne?-1:N>ne?1:re<me?-1:re>me?1:0).map(N=>N.join("=")).join("&")}async sign(){return this.signQuery?(this.url.searchParams.set("X-Amz-Signature",await this.signature()),this.sessionToken&&this.appendSessionToken&&this.url.searchParams.set("X-Amz-Security-Token",this.sessionToken)):this.headers.set("Authorization",await this.authHeader()),{method:this.method,url:this.url,headers:this.headers,body:this.body}}async authHeader(){return["AWS4-HMAC-SHA256 Credential="+this.accessKeyId+"/"+this.credentialString,"SignedHeaders="+this.signedHeaders,"Signature="+await this.signature()].join(", ")}async signature(){let t=this.datetime.slice(0,8),r=[this.secretAccessKey,t,this.region,this.service].join(),n=this.cache.get(r);if(!n){let i=await Ti("AWS4"+this.secretAccessKey,t),s=await Ti(i,this.region),a=await Ti(s,this.service);n=await Ti(a,"aws4_request"),this.cache.set(r,n)}return Ad(await Ti(n,await this.stringToSign()))}async stringToSign(){return["AWS4-HMAC-SHA256",this.datetime,this.credentialString,Ad(await Qy(await this.canonicalString()))].join(`
61
61
  `)}async canonicalString(){return[this.method.toUpperCase(),this.encodedPath,this.encodedSearch,this.canonicalHeaders+`
62
62
  `,this.signedHeaders,await this.hexBodyHash()].join(`
63
- `)}async hexBodyHash(){let t=this.headers.get("X-Amz-Content-Sha256");if(t==null){if(this.body&&typeof this.body!="string"&&!("byteLength"in this.body))throw new Zy.RuntimeError("body must be a string, ArrayBuffer or ArrayBufferView, unless you include the X-Amz-Content-Sha256 header");t=Ad(await Qy(this.body||""))}return t}};En.AwsV4Signer=js;async function Ti(e,t){let r=await crypto.subtle.importKey("raw",typeof e=="string"?Rd.encode(e):e,{name:"HMAC",hash:{name:"SHA-256"}},!1,["sign"]);return crypto.subtle.sign("HMAC",r,Rd.encode(t))}o(Ti,"hmac");async function Qy(e){return crypto.subtle.digest("SHA-256",typeof e=="string"?Rd.encode(e):e)}o(Qy,"hash");function Ad(e){return Array.prototype.map.call(new Uint8Array(e),t=>("0"+t.toString(16)).slice(-2)).join("")}o(Ad,"buf2hex");function Yy(e){return e.replace(/[!'()*]/g,t=>"%"+t.charCodeAt(0).toString(16).toUpperCase())}o(Yy,"encodeRfc3986");function aP(e,t){let{hostname:r,pathname:n}=e,i=r.replace("dualstack.","").match(/([^.]+)\.(?:([^.]*)\.)?amazonaws\.com(?:\.cn)?$/),[s,a]=(i||["",""]).slice(1,3);if(a==="us-gov")a="us-gov-west-1";else if(a==="s3"||a==="s3-accelerate")a="us-east-1",s="s3";else if(s==="iot")r.startsWith("iot.")?s="execute-api":r.startsWith("data.jobs.iot.")?s="iot-jobs-data":s=n==="/mqtt"?"iotdevicegateway":"iotdata";else if(s==="autoscaling"){let c=(t.get("X-Amz-Target")||"").split(".")[0];c==="AnyScaleFrontendService"?s="application-autoscaling":c==="AnyScaleScalingPlannerFrontendService"&&(s="autoscaling-plans")}else a==null&&s.startsWith("s3-")?(a=s.slice(3).replace(/^fips-|^external-1/,""),s="s3"):s.endsWith("-fips")?s=s.slice(0,-5):a&&/-\d$/.test(s)&&!/-\d$/.test(a)&&([s,a]=[a,s]);return s in Wy?[Wy[s],a]:[s,a]}o(aP,"guessServiceRegion")});var Xy=g(It=>{"use strict";Object.defineProperty(It,"__esModule",{value:!0});It.convertStringToUtf8Array=It.convertUtf8ArrayToString=It.base64Encode=It.base64Decode=void 0;function cP(e){return e>64&&e<91?e-65:e>96&&e<123?e-71:e>47&&e<58?e+4:e===43?62:e===47?63:0}o(cP,"b64ToUint6");function uP(e,t){let r=e.replace(/[^A-Za-z0-9+/]/g,""),n=r.length,i=t?Math.ceil((n*3+1>>2)/t)*t:n*3+1>>2,s=new Uint8Array(i),a,c,u=0,l=0;for(let d=0;d<n;d++)if(c=d&3,u|=cP(r.charCodeAt(d))<<6*(3-c),c===3||n-d===1){for(a=0;a<3&&l<i;)s[l]=u>>>(16>>>a&24)&255,a++,l++;u=0}return s}o(uP,"base64Decode");It.base64Decode=uP;function Vs(e){return e<26?e+65:e<52?e+71:e<62?e-4:e===62?43:e===63?47:65}o(Vs,"uint6ToB64");function lP(e){let t=2,r="",n=e.length,i=0;for(let s=0;s<n;s++)t=s%3,i|=e[s]<<(16>>>t&24),(t===2||e.length-s===1)&&(r+=String.fromCodePoint(Vs(i>>>18&63),Vs(i>>>12&63),Vs(i>>>6&63),Vs(i&63)),i=0);return r.substring(0,r.length-2+t)+(t===2?"":t===1?"=":"==")}o(lP,"base64Encode");It.base64Encode=lP;function dP(e){let t="",r,n=e.length;for(let i=0;i<n;i++)r=e[i],t+=String.fromCodePoint(r>251&&r<254&&i+5<n?(r-252)*1073741824+(e[++i]-128<<24)+(e[++i]-128<<18)+(e[++i]-128<<12)+(e[++i]-128<<6)+e[++i]-128:r>247&&r<252&&i+4<n?(r-248<<24)+(e[++i]-128<<18)+(e[++i]-128<<12)+(e[++i]-128<<6)+e[++i]-128:r>239&&r<248&&i+3<n?(r-240<<18)+(e[++i]-128<<12)+(e[++i]-128<<6)+e[++i]-128:r>223&&r<240&&i+2<n?(r-224<<12)+(e[++i]-128<<6)+e[++i]-128:r>191&&r<224&&i+1<n?(r-192<<6)+e[++i]-128:r);return t}o(dP,"convertUtf8ArrayToString");It.convertUtf8ArrayToString=dP;function pP(e){let t,r=e.length,n=0;for(let c=0;c<r;c++)t=e.codePointAt(c),t>=65536&&c++,n+=t<128?1:t<2048?2:t<65536?3:t<2097152?4:t<67108864?5:6;let i=new Uint8Array(n),s=0,a=0;for(;s<n;)t=e.codePointAt(a),t<128?i[s++]=t:t<2048?(i[s++]=192+(t>>>6),i[s++]=128+(t&63)):t<65536?(i[s++]=224+(t>>>12),i[s++]=128+(t>>>6&63),i[s++]=128+(t&63)):t<2097152?(i[s++]=240+(t>>>18),i[s++]=128+(t>>>12&63),i[s++]=128+(t>>>6&63),i[s++]=128+(t&63),a++):t<67108864?(i[s++]=248+(t>>>24),i[s++]=128+(t>>>18&63),i[s++]=128+(t>>>12&63),i[s++]=128+(t>>>6&63),i[s++]=128+(t&63),a++):(i[s++]=252+(t>>>30),i[s++]=128+(t>>>24&63),i[s++]=128+(t>>>18&63),i[s++]=128+(t>>>12&63),i[s++]=128+(t>>>6&63),i[s++]=128+(t&63),a++),a++;return i}o(pP,"convertStringToUtf8Array");It.convertStringToUtf8Array=pP});var eg=g(Gs=>{"use strict";Object.defineProperty(Gs,"__esModule",{value:!0});Gs.toCLFDate=void 0;function wn(e){let t=e.toString();return`${t.length===1?"0":""}${t}`}o(wn,"numberToString");function hP(e){let t=e.getTimezoneOffset(),r=Math.abs(t),n=t>0?"-":"+",i=wn(Math.floor(r/60)),s=wn(r%60);return`${n}${i}${s}`}o(hP,"getCLFOffset");function fP(e=new Date){if(!(e instanceof Date))throw new Error("clf-date: invalid parameter");let t=["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"],r=wn(e.getDate()),n=t[e.getMonth()],i=e.getFullYear(),s=wn(e.getHours()),a=wn(e.getMinutes()),c=wn(e.getSeconds()),u=hP(e);return`${r}/${n}/${i}:${s}:${a}:${c} ${u}`}o(fP,"toCLFDate");Gs.toCLFDate=fP});var ag=g(hr=>{"use strict";Object.defineProperty(hr,"__esModule",{value:!0});hr.getResponse=hr.awsLambdaHandler=hr.AwsLambdaHandlerExtensions=void 0;var mP=Tr(),tg=zy(),Si=L(),yP=Ct(),gP=xd(),ng=Xy(),ig=eg(),rg=(0,mP.debug)("zuplo:runtime"),bP="X-Amzn-Trace-Id",_P="x-amzn-errortype",og=[],EP=o(async(e,t,r)=>{let n=r;for await(let i of og)n=await i(e,t,r);return n},"onSendingAwsLambdaEvent"),Ke=class extends Si.RuntimeError{static{o(this,"AwsLambdaError")}traceId;errorType;constructor(t,r){super(`Failed to invoke AWS Lambda function. ${t}`),this.traceId=r.get(bP)??void 0,this.errorType=r.get(_P)??void 0}};hr.AwsLambdaHandlerExtensions={addSendingAwsLambdaEventHook:e=>{og.push(e)}};async function wP(e,t){let{accessKeyId:r,secretAccessKey:n,region:i,functionName:s,useLambdaProxyIntegration:a=!0,useAwsResourcePathStyle:c=!1,binaryMediaTypes:u}=t.route.handler.options;if(!r)throw new Si.ConfigurationError("awsAccessKeyId is not set in the handler options");if(!n)throw new Si.ConfigurationError("secretAccessKey is not set in the handler options");if(!i)throw new Si.ConfigurationError("region is not set in the handler options");if(!s)throw new Si.ConfigurationError("functionName is not set in the handler options");let l=new gP.AwsClient({accessKeyId:r,secretAccessKey:n}),d=`https://lambda.${i}.amazonaws.com/2015-03-31/functions/${s}/invocations`;if(rg(`AWS Lambda URL: ${d}`),!a)return l.fetch(d,{body:await e.arrayBuffer()});let[p,m]=await SP(e,{binaryMediaTypes:u}),{options:h}=t.route.handler,y;h&&typeof h=="object"&&"payloadFormatVersion"in h&&h.payloadFormatVersion==="2.0"?y=TP(e,t):y=await vP(e,t,{useAwsResourcePathStyle:c}),rg("Calling onSendingAwsLambdaEvent hook");let w=await EP(e,t,y);w.body=p,w.isBase64Encoded=m;let T=await l.fetch(d,{body:JSON.stringify(w)});try{return sg(T)}catch(S){if(S instanceof Ke){let D=h&&typeof h=="object"&&"returnAmazonTraceIdHeader"in h&&h.returnAmazonTraceIdHeader&&S.traceId?{AMZN_TRACE_ID_HEADER:S.traceId}:void 0;return yP.HttpProblems.internalServerError(e,t,void 0,D)}throw S}}o(wP,"awsLambdaHandler");hr.awsLambdaHandler=wP;async function sg(e){let t;try{t=await e.json()}catch{throw new Ke("Lambda response did not contain valid JSON",e.headers)}if(e.status!==200)throw t&&typeof t=="object"&&"message"in t&&typeof t.message=="string"?new Ke(t.message,e.headers):new Ke(`Status: ${e.statusText}`,e.headers);if(t&&typeof t=="object"&&"errorMessage"in t&&typeof t.errorMessage=="string")throw new Ke(t.errorMessage,e.headers);if(!t||typeof t!="object"||!("statusCode"in t)||typeof t.statusCode!="number")return new Response(JSON.stringify(t),{status:e.status,headers:{"content-type":"application/json"}});let r=new Headers;if("headers"in t&&t.headers){if(typeof t.headers!="object")throw new Ke(`Response headers must be an object. Received ${typeof t.headers}`,e.headers);for(let[i,s]of Object.entries(t.headers))r.set(i,s)}if("cookies"in t&&t.cookies){if(!Array.isArray(t.cookies))throw new Ke(`Response cookies must be an array. Received ${typeof t.cookies}`,e.headers);r.set("cookie",t.cookies.join(";"))}let n;if("isBase64Encoded"in t&&typeof t.isBase64Encoded!="boolean")throw new Ke(`Response property isBase64Encoded must be a boolean. Received ${typeof t.isBase64Encoded}`,e.headers);if("isBase64Encoded"in t&&t.isBase64Encoded===!0){if(!("body"in t))throw new Ke("Response was set to base64 encoded but no body was set",e.headers);if(typeof t.body!="string")throw new Ke("Response was set to base64 encoded but body was not a string",e.headers);n=(0,ng.base64Decode)(t.body)}else"body"in t&&typeof t.body=="string"?n=t.statusCode===204&&t.body===""?null:t.body:"body"in t&&t.body!==null&&t.body!==void 0?n=JSON.stringify(t.body):n=null;if(n!==null&&"bodyEncoding"in t){if(typeof t.bodyEncoding!="string"||!(t.bodyEncoding==="gzip"||t.bodyEncoding==="deflate"))throw new Ke(`Response property bodyEncoding can only be set to 'gzip' or 'deflate'. Received ${t.bodyEncoding}`,e.headers);let i=new Blob([n]).stream().pipeThrough(new DecompressionStream(t.bodyEncoding));n=await new Response(i).arrayBuffer()}return new Response(n,{headers:r,status:t.statusCode})}o(sg,"getResponse");hr.getResponse=sg;async function vP(e,t,{useAwsResourcePathStyle:r}){let n={},i={};e.headers.forEach((l,d)=>{n[d]=l,i[d]=[l]});let s=e.query,a={};for(let[l,d]of Object.entries(s))a[l]=[d];let c=new URL(e.url);return{version:"1.0",resource:c.pathname,path:c.pathname,httpMethod:e.method,headers:n,multiValueHeaders:i,queryStringParameters:s,multiValueQueryStringParameters:a,requestContext:{accountId:null,apiId:null,authorizer:{claims:{},scopes:[]},domainName:c.hostname,domainPrefix:null,extendedRequestId:t.requestId,httpMethod:e.method,identity:{accessKey:null,accountId:null,caller:null,cognitoAuthenticationProvider:null,cognitoAuthenticationType:null,cognitoIdentityId:null,cognitoIdentityPoolId:null,principalOrgId:null,sourceIp:e.headers.get("CF-Connecting-IP"),user:null,userAgent:e.headers.get("user-agent"),userArn:null,clientCert:{clientCertPem:null,subjectDN:null,issuerDN:null,serialNumber:null,validity:{notBefore:null,notAfter:null}}},path:c.pathname,protocol:"HTTP/1.1",requestId:t.requestId,requestTime:(0,ig.toCLFDate)(),requestTimeEpoch:new Date().valueOf(),resourceId:t.route.operationId??null,resourcePath:PP(t.route.path,r),stage:null},pathParameters:e.params,stageVariables:null}}o(vP,"buildEventVersion1");function TP(e,t){let r={};e.headers.forEach((s,a)=>{r[a]=s});let n=new URL(e.url);return{version:"2.0",routeKey:null,rawPath:n.pathname,rawQueryString:n.search,cookies:[],headers:r,queryStringParameters:e.query,requestContext:{accountId:null,apiId:null,authentication:{clientCert:{clientCertPem:null,subjectDN:null,issuerDN:null,serialNumber:null,validity:{notBefore:null,notAfter:null}}},authorizer:{jwt:{claims:{},scopes:[]}},domainName:n.hostname,domainPrefix:null,http:{method:e.method,path:n.pathname,protocol:"HTTP/1.1",sourceIp:e.headers.get("CF-Connecting-IP"),userAgent:e.headers.get("user-agent")},requestId:t.requestId,routeKey:null,stage:null,time:(0,ig.toCLFDate)(),timeEpoch:new Date().valueOf()},pathParameters:e.params,stageVariables:null}}o(TP,"buildEventVersion2");async function SP(e,{binaryMediaTypes:t}){let r,n=!1,i=e.headers.get("content-type");if(e.method==="GET"||e.method==="HEAD")r=null;else if(t&&i&&IP(t,i)){let s=await e.arrayBuffer();r=(0,ng.base64Encode)(new Uint8Array(s)),n=!0}else r=await e.clone().text();return[r,n]}o(SP,"getBodyResult");function IP(e,t){let r=t.split(";")[0].trim().toLowerCase();return e.findIndex(n=>n==="*/*"?!0:n.toLowerCase()===r)>-1}o(IP,"matchesContentType");function PP(e,t=!1){if(!t)return e;let r=(0,tg.parse)(e),n=(0,tg.compile)(e),i={};return r.forEach(s=>{typeof s=="string"?i[s]=`{${s}}`:i[s.name]=`{${s.name}}`}),n(i)}o(PP,"getResourcePath")});var Tn=g(vn=>{"use strict";Object.defineProperty(vn,"__esModule",{value:!0});vn.getHandlerUserLogFunction=vn.logBadGatewayResponses=void 0;var AP=Le(),RP=Y(),OP=[502,503,504];async function xP(e,t){if(OP.includes(e.status)){let r=AP.SystemLogMap.getLogger(t),i=await e.clone().text(),s={};for(let[a,c]of e.headers)s[a]=c;r.warn(`BadGatewayResponse ${e.status}`,{status:e.status,statusText:e.statusText,body:i,headers:s})}}o(xP,"logBadGatewayResponses");vn.logBadGatewayResponses=xP;var Nd;function NP(e){if(Nd===void 0){let r=RP.Environment.instance.runtime.ZUPLO_HANDLER_WRITE_LOG_LEVEL;["debug","info","warn","error"].includes(r??"")||(r="debug"),Nd=r}return e.log[Nd]}o(NP,"getHandlerUserLogFunction");vn.getHandlerUserLogFunction=NP});var ug=g(Bs=>{"use strict";Object.defineProperty(Bs,"__esModule",{value:!0});Bs.openApiSpecHandler=void 0;var cg=L(),CP=se(),Cd=Y(),LP=Tn();async function DP(e,t){let r=Cd.Environment.instance.build.BUILD_ID,{buildAssetsUrl:n}=Cd.Environment.instance,i=t.route.handler.options,{openApiFilePath:s}=i;if(!s)throw new cg.ConfigurationError("Open API Spec Handler must have 'openApiFilePath' specified");let a=UP(s);if(!a.isValid)throw new cg.ConfigurationError(a.error);let c;Cd.Environment.instance.isLocalDevelopment?c=`${n}/${s.substring(1)}`:c=`${n}/${r}${s.substring(1)}`;let u=await fetch(c,{method:e.method,body:e.body,headers:e.headers});if(u.status!==200)return CP.HttpProblems.notFound(e,t,{detail:"OpenAPI file could not be found."});let l=new Response(u.body,{headers:{"content-type":"application/json"},status:u.status,statusText:u.statusText});return(0,LP.logBadGatewayResponses)(l,t),l}o(DP,"openApiSpecHandler");Bs.openApiSpecHandler=DP;var UP=o(e=>e.startsWith("./")?e.startsWith("./config")?e.endsWith(".oas.json")?{isValid:!0}:{isValid:!1,error:"'openApiFilePath' must point to a file ending in '.oas.json'"}:{isValid:!1,error:"'openApiFilePath' must point to a file in your /config directory"}:{isValid:!1,error:"'openApiFilePath' must start with './'"},"validateOpenApiPath")});var lg=g(Ks=>{"use strict";Object.defineProperty(Ks,"__esModule",{value:!0});Ks.redirectHandler=void 0;var MP=L();async function kP(e,t){let r=t.route.handler.options;if(!r.location)throw new MP.ConfigurationError("Redirect Handler must have 'location' specified");let n=r.status??302;return new Response(null,{status:n,headers:{location:r.location}})}o(kP,"redirectHandler");Ks.redirectHandler=kP});var pg=g(Js=>{"use strict";Object.defineProperty(Js,"__esModule",{value:!0});Js.urlForwardHandler=void 0;var HP=L(),dg=Tn();function FP(e,t){let r=e.endsWith("/"),n=t.startsWith("/");return r&&n?`${e.substring(0,e.length-1)}${t}`:!r&&!n?`${e}/${t}`:`${e}${t}`}o(FP,"join");async function qP(e,t){let r=(0,dg.getHandlerUserLogFunction)(t),n=t.route.handler.options,i=n.forwardSearch!==!1;if(!n.baseUrl)throw new Error("URL Forward Handler must have 'baseUrl' specified");if(!n||typeof n.__rewriteFunction!="function")throw new HP.ConfigurationError("Invalid options for this route");let s={incomingRequestProperties:t.incomingRequestProperties,requestId:t.requestId,route:t.route,custom:t.custom},a=new URL(e.url),c=n.__rewriteFunction(e,s),u=FP(c,a.pathname),l=i?`${u}${a.search}`:u.toString(),d=Date.now();r(`URL Forwarding to '${l}'`);let p=await fetch(l,{method:e.method,body:e.body,headers:e.headers}),m=Date.now()-d;return r(`URL Forward received response ${p.status} - ${p.statusText} in ${m}ms`),(0,dg.logBadGatewayResponses)(p,t),p}o(qP,"urlForwardHandler");Js.urlForwardHandler=qP});var fg=g(zs=>{"use strict";Object.defineProperty(zs,"__esModule",{value:!0});zs.urlRewriteHandler=void 0;var $P=L(),hg=Tn(),jP=o((e,t)=>{let r=new URL(e),n=new URL(t);for(let[i,s]of n.searchParams.entries())r.searchParams.append(i,s);return r.toString()},"addQuery");async function VP(e,t){let r=(0,hg.getHandlerUserLogFunction)(t),n=t.route.handler.options,i=n.forwardSearch!==!1,s=n.followRedirects??!1;if(!n||typeof n.__rewriteFunction!="function")throw new $P.ConfigurationError("Invalid options for this route");let a={incomingRequestProperties:t.incomingRequestProperties,requestId:t.requestId,route:t.route,custom:t.custom},c=n.__rewriteFunction(e,a),u=i?jP(c,e.url):c,l=Date.now();r(`URL Rewriting to '${u}'`);let d=await fetch(u.toString(),{method:e.method,body:e.body,headers:e.headers,redirect:s?"follow":"manual"}),p=Date.now()-l;return r(`URL Rewrite received response ${d.status} - ${d.statusText} in ${p}ms`),(0,hg.logBadGatewayResponses)(d,t),d}o(VP,"urlRewriteHandler");zs.urlRewriteHandler=VP});var yg=g(Ws=>{"use strict";Object.defineProperty(Ws,"__esModule",{value:!0});Ws.webSocketHandler=void 0;var mg=L(),GP=wd(),BP=Ct(),KP=Y(),JP=Tn();async function zP(e,t){let r=KP.Environment.instance,n=t.route.handler.options,i=(0,JP.getHandlerUserLogFunction)(t);if(!n||!n.rewritePattern)throw new mg.ConfigurationError("WebSocket Handler must have option 'rewritePattern' specified");let s=e.headers.get("Upgrade");if(!s||s!=="websocket")return BP.HttpProblems.badRequest(e,t,{detail:"Request must include header 'Upgrade: websocket'"});if(!n||typeof n.__rewriteFunction!="function")throw new mg.ConfigurationError("Invalid options for this route");let a={incomingRequestProperties:t.incomingRequestProperties,requestId:t.requestId,route:t.route,custom:t.custom},c=n.__rewriteFunction(e,a),u=Date.now();if(i(`Attempting WebSocket connection to '${c}'`),r.isDeno){let p=new Headers(e.headers);if(c.startsWith("service:")){let h=await(0,GP.externalServiceTunnelConfig)(c),y=new URL(c);c=new URL(`${h.serviceBaseUrl}${y.pathname}${y.search}`).toString();for(let T in h.tunnelHeaders)p.set(T,h.tunnelHeaders[T])}c=c.replace(/^(http)/,"ws");try{if(p.get("Authorization")){let h=p.get("Authorization")?.replace("Bearer ","");c+=`?apiKey=${h}`}}catch{}let m=JSON.stringify({url:c});return new Response(m,{headers:p})}c=c.replace(/^(ws)/,"http");let l=await fetch(c,{method:e.method,headers:e.headers,body:e.body});if(l.status!==101||!l.webSocket){let p=await l.text(),m=`WebSocket connection error - ${l.status}: ${l.statusText}, content: '${p}'`;throw new Error(m)}let d=Date.now()-u;return i(`WebSocket connected, received response ${l.status} - ${l.statusText} in ${d}ms`),new Response(null,{status:101,webSocket:l.webSocket})}o(zP,"webSocketHandler");Ws.webSocketHandler=zP});var gg=g(Sn=>{"use strict";Object.defineProperty(Sn,"__esModule",{value:!0});Sn.webSocketPolicyProcessor=Sn.getWebSocketPolicyFunctions=void 0;var WP=L(),QP=o((e,t)=>e.map((n,i)=>{let s;if(typeof n.module=="object"&&(s=n.module[n.export]),!s||typeof s!="function"){let a=t==="inbound"?"WebSocketInboundPolicy":"WebSocketOutboundPolicy",c=`policy in position: ${i+1}, export name: ${n.export}`;throw new WP.ConfigurationError(`${a} - Websocket policy must be a valid function (${c})`)}return s}),"getWebSocketPolicyFunctions");Sn.getWebSocketPolicyFunctions=QP;var YP=o(async(e,t,r,n,i,s)=>{let a=e.data;if(s&&s.length>0){let c=[...s];for(;c.length>0;){let u=c.shift();if(!u)return a;if(a=await u(a,r,t,n,i),a===void 0)return}}return a},"webSocketPolicyProcessor");Sn.webSocketPolicyProcessor=YP});var _g=g(Qs=>{"use strict";Object.defineProperty(Qs,"__esModule",{value:!0});Qs.webSocketPipelineHandler=void 0;var Ld=L(),ZP=Ct(),XP=Y(),eA=Tn(),Dd=gg();function bg(e,t,r,n,i){e.addEventListener("close",()=>{t.close()}),e.addEventListener("error",s=>{n.log.error("WebSocket error: ",s),t.send(JSON.stringify(s))}),e.addEventListener("message",s=>{try{o(async c=>{let u=await(0,Dd.webSocketPolicyProcessor)(c,e,t,r,n,i);u!==void 0&&t.send(u)},"innerPipeline")(s).catch(n.log.error)}catch(a){n.log.error(a)}})}o(bg,"wireUpListeners");async function tA(e,t){let r=XP.Environment.instance,n=t.route.handler.options,i=(0,eA.getHandlerUserLogFunction)(t);if(!n||!n.rewritePattern)throw new Ld.ConfigurationError("WebSocket Pipeline Handler must have option 'rewritePattern' specified");let s=e.headers.get("Upgrade");if(!s||s!=="websocket")return ZP.HttpProblems.badRequest(e,t,{detail:"Request must include header 'Upgrade: websocket'"});if(!n||typeof n.__rewriteFunction!="function")throw new Ld.ConfigurationError("Invalid options for this route");let a={incomingRequestProperties:t.incomingRequestProperties,requestId:t.requestId,route:t.route,custom:t.custom},c=n.__rewriteFunction(e,a),u=Date.now();if(i(`Attempting WebSocket connection to '${c}'`),r.isDeno)throw new Ld.ConfigurationError("Websocket pipeline handler is currently not supported on working-copy environments");c=c.replace(/^(ws)/,"http");let l=await fetch(c,{method:e.method,headers:e.headers,body:e.body});if(l.status!==101||!l.webSocket){let S=await l.text(),D=`WebSocket connection error - ${l.status}: ${l.statusText}, content: '${S}'`;throw new Error(D)}let d=new WebSocketPair,[p,m]=Object.values(d),h=Date.now()-u;i(`WebSocket connected, received response ${l.status} - ${l.statusText} in ${h}ms`);let y=l.webSocket;y.accept(),m.accept();let w=n.policies&&n.policies.inbound?(0,Dd.getWebSocketPolicyFunctions)(n.policies.inbound,"inbound"):[],T=n.policies&&n.policies.outbound?(0,Dd.getWebSocketPolicyFunctions)(n.policies.outbound,"outbound"):[];return bg(m,y,e,t,w),bg(y,m,e,t,T),new Response(null,{status:101,webSocket:p})}o(tA,"webSocketPipelineHandler");Qs.webSocketPipelineHandler=tA});var Eg=g(Ys=>{"use strict";Object.defineProperty(Ys,"__esModule",{value:!0});Ys.DynaTraceLoggingPlugin=void 0;var rA=ve(),Ud=Y(),nA=Or(),iA=Dt(),oA=bt(),Md=class extends iA.LogPlugin{static{o(this,"DynaTraceLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new kd(this.options)}};Ys.DynaTraceLoggingPlugin=Md;var kd=class{static{o(this,"DynaTraceTransport")}constructor(t){this.#e=t.url,this.#t=t.apiToken,this.#n=Ud.Environment.instance.loggingEnvironmentType,this.#i=Ud.Environment.instance.loggingEnvironmentStage,this.#r=Ud.Environment.instance.deploymentName}#e;#t;#r;#n;#i;async log(t,r){t.messages.forEach(n=>{let i={timestamp:new Date().toISOString(),message:(0,oA.stringifyNonString)((0,nA.serializeError)(n)),severity:t.level,"log.source":t.logSource,requestId:t.requestId,"custom.environment":this.#r,"custom.environmentStage":this.#i,"custom.environmentType":this.#n,"custom.loggingId":t.loggingId,"custom.rayId":t.rayId===null?void 0:t.rayId};this.batcher.enqueue(i)}),r.waitUntil(this.batcher.waitUntilFlushed())}#o=async t=>{t.length!==0&&await fetch(this.#e,{method:"POST",body:JSON.stringify(t),headers:{"content-type":"application/json; charset=utf-8",authorization:`Api-Token ${this.#t}`}})};batcher=new rA.BatchDispatch("dyna-trace-log-transport",10,this.#o)}});var wg=g(Zs=>{"use strict";Object.defineProperty(Zs,"__esModule",{value:!0});Zs.LokiLoggingPlugin=void 0;var sA=ve(),Hd=Y(),aA=Or(),cA=Dt(),uA=bt(),Fd=class extends cA.LogPlugin{static{o(this,"LokiLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new $d(this.options)}};Zs.LokiLoggingPlugin=Fd;var qd=class{static{o(this,"LokiStream")}constructor(t,r,n,i,s){this.level=t,this.environment=r,this.environmentType=n,this.environmentStage=i,this.requestId=s}job="zuplo";level;environment;environmentType;environmentStage;requestId;equals=t=>this.level===t.level&&this.requestId===t.requestId};function lA(e,t){return btoa(`${e}:${t}`)}o(lA,"createBasicDigest");var $d=class{static{o(this,"LokiTransport")}constructor(t){this.#e=t.url,this.#t=lA(t.username,t.password),this.#n=Hd.Environment.instance.loggingEnvironmentType,this.#i=Hd.Environment.instance.loggingEnvironmentStage,this.#r=Hd.Environment.instance.deploymentName}#e;#t;#r;#n;#i;async log(t,r){let n=new qd(t.level,this.#r,this.#n,this.#i,t.requestId);t.messages.forEach(i=>{let s={stream:n,message:(0,uA.stringifyNonString)((0,aA.serializeError)(i)),nanoSecondEpoch:`${t.timestamp.getTime()}000000`};this.batcher.enqueue(s)}),r.waitUntil(this.batcher.waitUntilFlushed())}#o=t=>{let r={streams:[]};return t.forEach(n=>{let i=r.streams.find(s=>s.stream.equals(n.stream));i||(i={stream:n.stream,values:[]},r.streams.push(i)),i.values.push([n.nanoSecondEpoch,n.message])}),r};#s=async t=>{if(t.length===0)return;let r=this.#o(t);await fetch(this.#e,{method:"POST",body:JSON.stringify(r),headers:{"content-type":"application/json",authorization:`Basic ${this.#t}`}})};batcher=new sA.BatchDispatch("loki-log-transport",10,this.#s)}});var vg=g(Xs=>{"use strict";Object.defineProperty(Xs,"__esModule",{value:!0});Xs.SumoLogicLoggingPlugin=void 0;var dA=ve(),jd=Y(),pA=Or(),hA=Dt(),fA=bt(),Vd=class extends hA.LogPlugin{static{o(this,"SumoLogicLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new Gd(this.options)}};Xs.SumoLogicLoggingPlugin=Vd;var Gd=class{static{o(this,"SumoLogicTransport")}constructor(t){this.#e=t.url,this.#i=t.category,this.#o=t.name,this.#r=jd.Environment.instance.loggingEnvironmentType,this.#n=jd.Environment.instance.loggingEnvironmentStage,this.#t=jd.Environment.instance.deploymentName}#e;#t;#r;#n;#i;#o;async log(t,r){t.messages.forEach(n=>{let i={timestamp:new Date().toISOString(),message:(0,fA.stringifyNonString)((0,pA.serializeError)(n)),severity:t.level,source:t.logSource,requestId:t.requestId,environment:this.#t,environmentType:this.#r,environmentStage:this.#n,rayId:t.rayId===null?void 0:t.rayId};this.batcher.enqueue(i)}),r.waitUntil(this.batcher.waitUntilFlushed())}#s=async t=>{if(t.length===0)return;let r=t.map(i=>JSON.stringify(i)).join(`
64
- `),n=new Headers({"content-type":"application/json; charset=utf-8"});this.#o&&n.set("X-Sumo-Name",this.#o),this.#i&&n.set("X-Sumo-Category",this.#i),await fetch(this.#e,{method:"POST",body:r,headers:n})};batcher=new dA.BatchDispatch("sumo-logic-log-transport",10,this.#s)}});var Sg=g(In=>{"use strict";Object.defineProperty(In,"__esModule",{value:!0});In.VMWareLogInsightTransport=In.VMWareLogInsightLoggingPlugin=void 0;var mA=L(),yA=ve(),Bd=Y(),gA=Dt(),Tg=bt(),bA="d3a5b78f-8236-48f5-b1df-4fe269d41172",Kd=class extends gA.LogPlugin{static{o(this,"VMWareLogInsightLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new ea(this.options)}};In.VMWareLogInsightLoggingPlugin=Kd;var ea=class{static{o(this,"VMWareLogInsightTransport")}constructor(t){let r;try{r=new URL(t.url)}catch{throw new mA.ConfigurationError(`Invalid option 'url' on 'VMWareLogInsightTransport' plugin. Must be a valid URL, received '${t.url}'`)}this.#e=r.origin,this.#r=Bd.Environment.instance.loggingEnvironmentType,this.#n=Bd.Environment.instance.loggingEnvironmentStage,this.#t=Bd.Environment.instance.deploymentName,this.#i=t.onMessageSending,t.fields&&(this.#o=Object.entries(t.fields).map(([n,i])=>({name:n,content:i})))}#e;#t;#r;#n;#i;#o;async log(t,r){let n=this.buildEntry(t,r);this.batcher.enqueue(n),r.waitUntil(this.batcher.waitUntilFlushed())}buildEntry(t,r){let n=(0,Tg.messagesToMultilineText)(t.messages),i={timestamp:Date.now(),text:n,fields:[{name:"severity",content:t.level.toUpperCase()},{name:"request_id",content:t.requestId},{name:"environment_type",content:this.#r},{name:"environment_stage",content:this.#n},{name:"log_source",content:t.logSource},{name:"atomic_counter",content:t.vectorClock}]};return t.rayId&&i.fields.push({name:"request_ray_id",content:t.rayId}),this.#t&&i.fields.push({name:"environment",content:this.#t}),this.#o&&i.fields.push(...this.#o),r.custom&&Object.entries(r.custom).forEach(([s,a])=>{let c=(0,Tg.stringifyNonStringToText)(a);c&&i.fields.push({name:s,content:c})}),this.#i&&(i=this.#i(i)),i}#s=async t=>{if(t.length===0)return;let r=await fetch(`${this.#e}/api/v1/events/ingest/${bA}`,{method:"POST",body:JSON.stringify(t),headers:{"content-type":"application/json; charset=utf-8"}});if(r.status!==200)try{let n=await r.text();console.error("Error logging to Log Insight",n)}catch(n){console.error(n)}};batcher=new yA.BatchDispatch("vmware-log-insights-log-transport",10,this.#s)};In.VMWareLogInsightTransport=ea});var Pg=g(Pn=>{"use strict";Object.defineProperty(Pn,"__esModule",{value:!0});Pn.AWSLogTransport=Pn.AWSLoggingPlugin=void 0;var _A=ve(),Ig=Y(),EA=Or(),wA=Dt(),vA=bt(),TA=xd(),Jd=class extends wA.LogPlugin{static{o(this,"AWSLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new ta(this.options)}};Pn.AWSLoggingPlugin=Jd;var ta=class{static{o(this,"AWSLogTransport")}awsClient;environment;environmentType;logGroupName;logStreamName;region;batcher=new _A.BatchDispatch("aws-log-transport",10,async t=>{if(t.length===0)return;let r=JSON.stringify({logGroupName:this.logGroupName,logStreamName:this.logStreamName,logEvents:t});await this.awsClient.fetch(`https://logs.${this.region}.amazonaws.com`,{headers:{"Content-Type":"application/x-amz-json-1.1","x-amz-Target":"Logs_20140328.PutLogEvents"},body:r,aws:{accessKeyId:this.awsClient.accessKeyId,secretAccessKey:this.awsClient.secretAccessKey,service:this.awsClient.service,region:this.awsClient.region}})});constructor({accessKeyId:t,logStreamName:r,logGroupName:n,secretAccessKey:i,region:s}){this.awsClient=new TA.AwsClient({accessKeyId:t,secretAccessKey:i,service:"logs",region:s}),this.logGroupName=n,this.logStreamName=r,this.region=s,this.environmentType=Ig.Environment.instance.loggingEnvironmentType,this.environment=Ig.Environment.instance.deploymentName}async log(t,r){t.messages.forEach(n=>{let i={timestamp:new Date().getTime(),message:JSON.stringify({data:(0,vA.stringifyNonString)((0,EA.serializeError)(n)),severity:t.level,source:t.logSource,environment:this.environment,requestId:t.requestId,environmentType:this.environmentType,rayId:t.rayId===null?void 0:t.rayId})};this.batcher.enqueue(i)}),r.waitUntil(this.batcher.waitUntilFlushed())}};Pn.AWSLogTransport=ta});var Ag=g(Oe=>{"use strict";Object.defineProperty(Oe,"__esModule",{value:!0});Oe.AWSLoggingPlugin=Oe.VMWareLogInsightLoggingPlugin=Oe.SumoLogicLoggingPlugin=Oe.LokiLoggingPlugin=Oe.GoogleCloudLoggingPlugin=Oe.DynaTraceLoggingPlugin=Oe.DataDogLoggingPlugin=void 0;var SA=nd();Object.defineProperty(Oe,"DataDogLoggingPlugin",{enumerable:!0,get:function(){return SA.DataDogLoggingPlugin}});var IA=Eg();Object.defineProperty(Oe,"DynaTraceLoggingPlugin",{enumerable:!0,get:function(){return IA.DynaTraceLoggingPlugin}});var PA=Is();Object.defineProperty(Oe,"GoogleCloudLoggingPlugin",{enumerable:!0,get:function(){return PA.GoogleCloudLoggingPlugin}});var AA=wg();Object.defineProperty(Oe,"LokiLoggingPlugin",{enumerable:!0,get:function(){return AA.LokiLoggingPlugin}});var RA=vg();Object.defineProperty(Oe,"SumoLogicLoggingPlugin",{enumerable:!0,get:function(){return RA.SumoLogicLoggingPlugin}});var OA=Sg();Object.defineProperty(Oe,"VMWareLogInsightLoggingPlugin",{enumerable:!0,get:function(){return OA.VMWareLogInsightLoggingPlugin}});var xA=Pg();Object.defineProperty(Oe,"AWSLoggingPlugin",{enumerable:!0,get:function(){return xA.AWSLoggingPlugin}})});var Rg=g(fr=>{"use strict";Object.defineProperty(fr,"__esModule",{value:!0});fr.DataDogMetricsError=fr.DataDogMetricsTransport=fr.DataDogMetricsPlugin=void 0;var NA=Le(),CA=ve(),LA=wo(),zd=new WeakMap,DA={tags:[]},Wd=class extends LA.MetricsPlugin{static{o(this,"DataDogMetricsPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new ra(this.options)}static setContext(t,r){let n=zd.get(t);n||(n=DA);let i=Object.assign({...n},r);zd.set(t,i)}};fr.DataDogMetricsPlugin=Wd;var ra=class{static{o(this,"DataDogMetricsTransport")}#e;#t;#r;#n;#i;#o=void 0;constructor(t){this.#e=t.apiKey,this.#t=t.url??"https://api.datadoghq.com/api/v2/series",this.#r=Object.assign({latency:!0,requestContentLength:!0,responseContentLength:!0},t.metrics),this.#i=t.include??{},this.#n=t.tags??[]}pushMetrics(t,r){this.#o===void 0&&(this.#o=new CA.BatchDispatch("data-dog-metrics-transport",10,this.dispatchFunction,NA.SystemLogMap.getLogger(r)));let n=Math.floor(t.timestamp.getTime()/1e3),i=this.#n.concat(zd.get(r)?.tags??[]);if(this.#i.country&&i.push(`country:${t.country}`),this.#i.httpMethod&&i.push(`httpMethod:${t.method}`),this.#i.statusCode&&i.push(`statusCode:${t.statusCode}`),this.#i.path){let s=t.systemRouteName||t.routePath;i.push(`path:${s}`)}this.#r.latency&&this.#o.enqueue({metric:"zuplo.request.latency",type:3,points:[{timestamp:n,value:t.durationMs}],tags:i}),this.#r.requestContentLength&&t.requestContentLength&&this.#o.enqueue({metric:"zuplo.request.content_length",type:3,points:[{timestamp:n,value:t.requestContentLength}],tags:i}),this.#r.responseContentLength&&t.responseContentLength&&this.#o.enqueue({metric:"zuplo.response.content_length",type:3,points:[{timestamp:n,value:t.responseContentLength}],tags:i}),r.waitUntil(this.#o.waitUntilFlushed())}dispatchFunction=async t=>{if(t.length===0)return;let r=JSON.stringify({series:t}),n=await fetch(this.#t,{method:"POST",body:r,headers:{"content-type":"application/json","DD-API-KEY":this.#e}});if(!n.ok)throw new na(await n.text())}};fr.DataDogMetricsTransport=ra;var na=class e extends Error{static{o(this,"DataDogMetricsError")}constructor(t){super(t),Object.setPrototypeOf(this,e.prototype)}};fr.DataDogMetricsError=na});var Og=g(mr=>{"use strict";Object.defineProperty(mr,"__esModule",{value:!0});mr.DynaTraceMetricsError=mr.DynaTraceMetricsTransport=mr.DynatraceMetricsPlugin=void 0;var UA=Le(),MA=ve(),kA=wo(),Qd=new WeakMap,HA={dimensions:[]},Yd=class extends kA.MetricsPlugin{static{o(this,"DynatraceMetricsPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new ia(this.options)}static setContext(t,r){let n=Qd.get(t);n||(n=HA);let i=Object.assign({...n},r);Qd.set(t,i)}};mr.DynatraceMetricsPlugin=Yd;var ia=class{static{o(this,"DynaTraceMetricsTransport")}apiToken;#e;#t;dimensions;#r;#n=void 0;constructor(t){this.apiToken=t.apiToken,this.#e=t.url,this.#t=Object.assign({latency:!0,requestContentLength:!0,responseContentLength:!0},t.metrics),this.#r=t.include??{},this.dimensions=t.dimensions??[]}pushMetrics(t,r){this.#n===void 0&&(this.#n=new MA.BatchDispatch("dynatrace-metrics-transport",10,this.dispatchFunction,UA.SystemLogMap.getLogger(r)));let n=Math.floor(t.timestamp.getTime()),i=this.dimensions.concat(Qd.get(r)?.dimensions??[]);if(this.#r.country&&i.push(`country="${t.country}"`),this.#r.httpMethod&&i.push(`http_method="${t.method}"`),this.#r.statusCode&&i.push(`status_code="${t.statusCode}"`),this.#r.path){let a=t.systemRouteName||t.routePath;i.push(`path="${a}"`)}let s=i.join(",");this.#t.latency&&this.#n.enqueue(`zuplo.request.latency,${s} ${t.durationMs} ${n}`),this.#t.requestContentLength&&t.requestContentLength&&this.#n.enqueue(`zuplo.request.content_length,${s} ${t.requestContentLength} ${n}`),this.#t.responseContentLength&&t.responseContentLength&&this.#n.enqueue(`zuplo.response.content_length,${s} ${t.responseContentLength} ${n}`),r.waitUntil(this.#n.waitUntilFlushed())}dispatchFunction=async t=>{if(t.length===0)return;let r=t.join(`
63
+ `)}async hexBodyHash(){let t=this.headers.get("X-Amz-Content-Sha256");if(t==null){if(this.body&&typeof this.body!="string"&&!("byteLength"in this.body))throw new Zy.RuntimeError("body must be a string, ArrayBuffer or ArrayBufferView, unless you include the X-Amz-Content-Sha256 header");t=Ad(await Qy(this.body||""))}return t}};En.AwsV4Signer=js;async function Ti(e,t){let r=await crypto.subtle.importKey("raw",typeof e=="string"?Rd.encode(e):e,{name:"HMAC",hash:{name:"SHA-256"}},!1,["sign"]);return crypto.subtle.sign("HMAC",r,Rd.encode(t))}o(Ti,"hmac");async function Qy(e){return crypto.subtle.digest("SHA-256",typeof e=="string"?Rd.encode(e):e)}o(Qy,"hash");function Ad(e){return Array.prototype.map.call(new Uint8Array(e),t=>("0"+t.toString(16)).slice(-2)).join("")}o(Ad,"buf2hex");function Yy(e){return e.replace(/[!'()*]/g,t=>"%"+t.charCodeAt(0).toString(16).toUpperCase())}o(Yy,"encodeRfc3986");function aP(e,t){let{hostname:r,pathname:n}=e,i=r.replace("dualstack.","").match(/([^.]+)\.(?:([^.]*)\.)?amazonaws\.com(?:\.cn)?$/),[s,a]=(i||["",""]).slice(1,3);if(a==="us-gov")a="us-gov-west-1";else if(a==="s3"||a==="s3-accelerate")a="us-east-1",s="s3";else if(s==="iot")r.startsWith("iot.")?s="execute-api":r.startsWith("data.jobs.iot.")?s="iot-jobs-data":s=n==="/mqtt"?"iotdevicegateway":"iotdata";else if(s==="autoscaling"){let c=(t.get("X-Amz-Target")||"").split(".")[0];c==="AnyScaleFrontendService"?s="application-autoscaling":c==="AnyScaleScalingPlannerFrontendService"&&(s="autoscaling-plans")}else a==null&&s.startsWith("s3-")?(a=s.slice(3).replace(/^fips-|^external-1/,""),s="s3"):s.endsWith("-fips")?s=s.slice(0,-5):a&&/-\d$/.test(s)&&!/-\d$/.test(a)&&([s,a]=[a,s]);return s in Wy?[Wy[s],a]:[s,a]}o(aP,"guessServiceRegion")});var Xy=g(It=>{"use strict";Object.defineProperty(It,"__esModule",{value:!0});It.convertStringToUtf8Array=It.convertUtf8ArrayToString=It.base64Encode=It.base64Decode=void 0;function cP(e){return e>64&&e<91?e-65:e>96&&e<123?e-71:e>47&&e<58?e+4:e===43?62:e===47?63:0}o(cP,"b64ToUint6");function uP(e,t){let r=e.replace(/[^A-Za-z0-9+/]/g,""),n=r.length,i=t?Math.ceil((n*3+1>>2)/t)*t:n*3+1>>2,s=new Uint8Array(i),a,c,u=0,l=0;for(let d=0;d<n;d++)if(c=d&3,u|=cP(r.charCodeAt(d))<<6*(3-c),c===3||n-d===1){for(a=0;a<3&&l<i;)s[l]=u>>>(16>>>a&24)&255,a++,l++;u=0}return s}o(uP,"base64Decode");It.base64Decode=uP;function Vs(e){return e<26?e+65:e<52?e+71:e<62?e-4:e===62?43:e===63?47:65}o(Vs,"uint6ToB64");function lP(e){let t=2,r="",n=e.length,i=0;for(let s=0;s<n;s++)t=s%3,i|=e[s]<<(16>>>t&24),(t===2||e.length-s===1)&&(r+=String.fromCodePoint(Vs(i>>>18&63),Vs(i>>>12&63),Vs(i>>>6&63),Vs(i&63)),i=0);return r.substring(0,r.length-2+t)+(t===2?"":t===1?"=":"==")}o(lP,"base64Encode");It.base64Encode=lP;function dP(e){let t="",r,n=e.length;for(let i=0;i<n;i++)r=e[i],t+=String.fromCodePoint(r>251&&r<254&&i+5<n?(r-252)*1073741824+(e[++i]-128<<24)+(e[++i]-128<<18)+(e[++i]-128<<12)+(e[++i]-128<<6)+e[++i]-128:r>247&&r<252&&i+4<n?(r-248<<24)+(e[++i]-128<<18)+(e[++i]-128<<12)+(e[++i]-128<<6)+e[++i]-128:r>239&&r<248&&i+3<n?(r-240<<18)+(e[++i]-128<<12)+(e[++i]-128<<6)+e[++i]-128:r>223&&r<240&&i+2<n?(r-224<<12)+(e[++i]-128<<6)+e[++i]-128:r>191&&r<224&&i+1<n?(r-192<<6)+e[++i]-128:r);return t}o(dP,"convertUtf8ArrayToString");It.convertUtf8ArrayToString=dP;function pP(e){let t,r=e.length,n=0;for(let c=0;c<r;c++)t=e.codePointAt(c),t>=65536&&c++,n+=t<128?1:t<2048?2:t<65536?3:t<2097152?4:t<67108864?5:6;let i=new Uint8Array(n),s=0,a=0;for(;s<n;)t=e.codePointAt(a),t<128?i[s++]=t:t<2048?(i[s++]=192+(t>>>6),i[s++]=128+(t&63)):t<65536?(i[s++]=224+(t>>>12),i[s++]=128+(t>>>6&63),i[s++]=128+(t&63)):t<2097152?(i[s++]=240+(t>>>18),i[s++]=128+(t>>>12&63),i[s++]=128+(t>>>6&63),i[s++]=128+(t&63),a++):t<67108864?(i[s++]=248+(t>>>24),i[s++]=128+(t>>>18&63),i[s++]=128+(t>>>12&63),i[s++]=128+(t>>>6&63),i[s++]=128+(t&63),a++):(i[s++]=252+(t>>>30),i[s++]=128+(t>>>24&63),i[s++]=128+(t>>>18&63),i[s++]=128+(t>>>12&63),i[s++]=128+(t>>>6&63),i[s++]=128+(t&63),a++),a++;return i}o(pP,"convertStringToUtf8Array");It.convertStringToUtf8Array=pP});var eg=g(Gs=>{"use strict";Object.defineProperty(Gs,"__esModule",{value:!0});Gs.toCLFDate=void 0;function wn(e){let t=e.toString();return`${t.length===1?"0":""}${t}`}o(wn,"numberToString");function hP(e){let t=e.getTimezoneOffset(),r=Math.abs(t),n=t>0?"-":"+",i=wn(Math.floor(r/60)),s=wn(r%60);return`${n}${i}${s}`}o(hP,"getCLFOffset");function fP(e=new Date){if(!(e instanceof Date))throw new Error("clf-date: invalid parameter");let t=["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"],r=wn(e.getDate()),n=t[e.getMonth()],i=e.getFullYear(),s=wn(e.getHours()),a=wn(e.getMinutes()),c=wn(e.getSeconds()),u=hP(e);return`${r}/${n}/${i}:${s}:${a}:${c} ${u}`}o(fP,"toCLFDate");Gs.toCLFDate=fP});var ag=g(hr=>{"use strict";Object.defineProperty(hr,"__esModule",{value:!0});hr.getResponse=hr.awsLambdaHandler=hr.AwsLambdaHandlerExtensions=void 0;var mP=Tr(),tg=zy(),Si=D(),yP=Ct(),gP=xd(),ng=Xy(),ig=eg(),rg=(0,mP.debug)("zuplo:runtime"),bP="X-Amzn-Trace-Id",_P="x-amzn-errortype",og=[],EP=o(async(e,t,r)=>{let n=r;for await(let i of og)n=await i(e,t,r);return n},"onSendingAwsLambdaEvent"),Ke=class extends Si.RuntimeError{static{o(this,"AwsLambdaError")}traceId;errorType;constructor(t,r){super(`Failed to invoke AWS Lambda function. ${t}`),this.traceId=r.get(bP)??void 0,this.errorType=r.get(_P)??void 0}};hr.AwsLambdaHandlerExtensions={addSendingAwsLambdaEventHook:e=>{og.push(e)}};async function wP(e,t){let{accessKeyId:r,secretAccessKey:n,region:i,functionName:s,useLambdaProxyIntegration:a=!0,useAwsResourcePathStyle:c=!1,binaryMediaTypes:u}=t.route.handler.options;if(!r)throw new Si.ConfigurationError("awsAccessKeyId is not set in the handler options");if(!n)throw new Si.ConfigurationError("secretAccessKey is not set in the handler options");if(!i)throw new Si.ConfigurationError("region is not set in the handler options");if(!s)throw new Si.ConfigurationError("functionName is not set in the handler options");let l=new gP.AwsClient({accessKeyId:r,secretAccessKey:n}),d=`https://lambda.${i}.amazonaws.com/2015-03-31/functions/${s}/invocations`;if(rg(`AWS Lambda URL: ${d}`),!a)return l.fetch(d,{body:await e.arrayBuffer()});let[p,m]=await SP(e,{binaryMediaTypes:u}),{options:h}=t.route.handler,y;h&&typeof h=="object"&&"payloadFormatVersion"in h&&h.payloadFormatVersion==="2.0"?y=TP(e,t):y=await vP(e,t,{useAwsResourcePathStyle:c}),rg("Calling onSendingAwsLambdaEvent hook");let w=await EP(e,t,y);w.body=p,w.isBase64Encoded=m;let T=await l.fetch(d,{body:JSON.stringify(w)});try{return sg(T)}catch(S){if(S instanceof Ke){let L=h&&typeof h=="object"&&"returnAmazonTraceIdHeader"in h&&h.returnAmazonTraceIdHeader&&S.traceId?{AMZN_TRACE_ID_HEADER:S.traceId}:void 0;return yP.HttpProblems.internalServerError(e,t,void 0,L)}throw S}}o(wP,"awsLambdaHandler");hr.awsLambdaHandler=wP;async function sg(e){let t;try{t=await e.json()}catch{throw new Ke("Lambda response did not contain valid JSON",e.headers)}if(e.status!==200)throw t&&typeof t=="object"&&"message"in t&&typeof t.message=="string"?new Ke(t.message,e.headers):new Ke(`Status: ${e.statusText}`,e.headers);if(t&&typeof t=="object"&&"errorMessage"in t&&typeof t.errorMessage=="string")throw new Ke(t.errorMessage,e.headers);if(!t||typeof t!="object"||!("statusCode"in t)||typeof t.statusCode!="number")return new Response(JSON.stringify(t),{status:e.status,headers:{"content-type":"application/json"}});let r=new Headers;if("headers"in t&&t.headers){if(typeof t.headers!="object")throw new Ke(`Response headers must be an object. Received ${typeof t.headers}`,e.headers);for(let[i,s]of Object.entries(t.headers))r.set(i,s)}if("cookies"in t&&t.cookies){if(!Array.isArray(t.cookies))throw new Ke(`Response cookies must be an array. Received ${typeof t.cookies}`,e.headers);r.set("cookie",t.cookies.join(";"))}let n;if("isBase64Encoded"in t&&typeof t.isBase64Encoded!="boolean")throw new Ke(`Response property isBase64Encoded must be a boolean. Received ${typeof t.isBase64Encoded}`,e.headers);if("isBase64Encoded"in t&&t.isBase64Encoded===!0){if(!("body"in t))throw new Ke("Response was set to base64 encoded but no body was set",e.headers);if(typeof t.body!="string")throw new Ke("Response was set to base64 encoded but body was not a string",e.headers);n=(0,ng.base64Decode)(t.body)}else"body"in t&&typeof t.body=="string"?n=t.statusCode===204&&t.body===""?null:t.body:"body"in t&&t.body!==null&&t.body!==void 0?n=JSON.stringify(t.body):n=null;if(n!==null&&"bodyEncoding"in t){if(typeof t.bodyEncoding!="string"||!(t.bodyEncoding==="gzip"||t.bodyEncoding==="deflate"))throw new Ke(`Response property bodyEncoding can only be set to 'gzip' or 'deflate'. Received ${t.bodyEncoding}`,e.headers);let i=new Blob([n]).stream().pipeThrough(new DecompressionStream(t.bodyEncoding));n=await new Response(i).arrayBuffer()}return new Response(n,{headers:r,status:t.statusCode})}o(sg,"getResponse");hr.getResponse=sg;async function vP(e,t,{useAwsResourcePathStyle:r}){let n={},i={};e.headers.forEach((l,d)=>{n[d]=l,i[d]=[l]});let s=e.query,a={};for(let[l,d]of Object.entries(s))a[l]=[d];let c=new URL(e.url);return{version:"1.0",resource:c.pathname,path:c.pathname,httpMethod:e.method,headers:n,multiValueHeaders:i,queryStringParameters:s,multiValueQueryStringParameters:a,requestContext:{accountId:null,apiId:null,authorizer:{claims:{},scopes:[]},domainName:c.hostname,domainPrefix:null,extendedRequestId:t.requestId,httpMethod:e.method,identity:{accessKey:null,accountId:null,caller:null,cognitoAuthenticationProvider:null,cognitoAuthenticationType:null,cognitoIdentityId:null,cognitoIdentityPoolId:null,principalOrgId:null,sourceIp:e.headers.get("CF-Connecting-IP"),user:null,userAgent:e.headers.get("user-agent"),userArn:null,clientCert:{clientCertPem:null,subjectDN:null,issuerDN:null,serialNumber:null,validity:{notBefore:null,notAfter:null}}},path:c.pathname,protocol:"HTTP/1.1",requestId:t.requestId,requestTime:(0,ig.toCLFDate)(),requestTimeEpoch:new Date().valueOf(),resourceId:t.route.operationId??null,resourcePath:PP(t.route.path,r),stage:null},pathParameters:e.params,stageVariables:null}}o(vP,"buildEventVersion1");function TP(e,t){let r={};e.headers.forEach((s,a)=>{r[a]=s});let n=new URL(e.url);return{version:"2.0",routeKey:null,rawPath:n.pathname,rawQueryString:n.search,cookies:[],headers:r,queryStringParameters:e.query,requestContext:{accountId:null,apiId:null,authentication:{clientCert:{clientCertPem:null,subjectDN:null,issuerDN:null,serialNumber:null,validity:{notBefore:null,notAfter:null}}},authorizer:{jwt:{claims:{},scopes:[]}},domainName:n.hostname,domainPrefix:null,http:{method:e.method,path:n.pathname,protocol:"HTTP/1.1",sourceIp:e.headers.get("CF-Connecting-IP"),userAgent:e.headers.get("user-agent")},requestId:t.requestId,routeKey:null,stage:null,time:(0,ig.toCLFDate)(),timeEpoch:new Date().valueOf()},pathParameters:e.params,stageVariables:null}}o(TP,"buildEventVersion2");async function SP(e,{binaryMediaTypes:t}){let r,n=!1,i=e.headers.get("content-type");if(e.method==="GET"||e.method==="HEAD")r=null;else if(t&&i&&IP(t,i)){let s=await e.arrayBuffer();r=(0,ng.base64Encode)(new Uint8Array(s)),n=!0}else r=await e.clone().text();return[r,n]}o(SP,"getBodyResult");function IP(e,t){let r=t.split(";")[0].trim().toLowerCase();return e.findIndex(n=>n==="*/*"?!0:n.toLowerCase()===r)>-1}o(IP,"matchesContentType");function PP(e,t=!1){if(!t)return e;let r=(0,tg.parse)(e),n=(0,tg.compile)(e),i={};return r.forEach(s=>{typeof s=="string"?i[s]=`{${s}}`:i[s.name]=`{${s.name}}`}),n(i)}o(PP,"getResourcePath")});var Tn=g(vn=>{"use strict";Object.defineProperty(vn,"__esModule",{value:!0});vn.getHandlerUserLogFunction=vn.logBadGatewayResponses=void 0;var AP=Le(),RP=Y(),OP=[502,503,504];async function xP(e,t){if(OP.includes(e.status)){let r=AP.SystemLogMap.getLogger(t),i=await e.clone().text(),s={};for(let[a,c]of e.headers)s[a]=c;r.warn(`BadGatewayResponse ${e.status}`,{status:e.status,statusText:e.statusText,body:i,headers:s})}}o(xP,"logBadGatewayResponses");vn.logBadGatewayResponses=xP;var Nd;function NP(e){if(Nd===void 0){let r=RP.Environment.instance.runtime.ZUPLO_HANDLER_WRITE_LOG_LEVEL;["debug","info","warn","error"].includes(r??"")||(r="debug"),Nd=r}return e.log[Nd]}o(NP,"getHandlerUserLogFunction");vn.getHandlerUserLogFunction=NP});var ug=g(Bs=>{"use strict";Object.defineProperty(Bs,"__esModule",{value:!0});Bs.openApiSpecHandler=void 0;var cg=D(),CP=se(),Cd=Y(),LP=Tn();async function DP(e,t){let r=Cd.Environment.instance.build.BUILD_ID,{buildAssetsUrl:n}=Cd.Environment.instance,i=t.route.handler.options,{openApiFilePath:s}=i;if(!s)throw new cg.ConfigurationError("Open API Spec Handler must have 'openApiFilePath' specified");let a=UP(s);if(!a.isValid)throw new cg.ConfigurationError(a.error);let c;Cd.Environment.instance.isLocalDevelopment?c=`${n}/${s.substring(1)}`:c=`${n}/${r}${s.substring(1)}`;let u=await fetch(c,{method:e.method,body:e.body,headers:e.headers});if(u.status!==200)return CP.HttpProblems.notFound(e,t,{detail:"OpenAPI file could not be found."});let l=new Response(u.body,{headers:{"content-type":"application/json"},status:u.status,statusText:u.statusText});return(0,LP.logBadGatewayResponses)(l,t),l}o(DP,"openApiSpecHandler");Bs.openApiSpecHandler=DP;var UP=o(e=>e.startsWith("./")?e.startsWith("./config")?e.endsWith(".oas.json")?{isValid:!0}:{isValid:!1,error:"'openApiFilePath' must point to a file ending in '.oas.json'"}:{isValid:!1,error:"'openApiFilePath' must point to a file in your /config directory"}:{isValid:!1,error:"'openApiFilePath' must start with './'"},"validateOpenApiPath")});var lg=g(Ks=>{"use strict";Object.defineProperty(Ks,"__esModule",{value:!0});Ks.redirectHandler=void 0;var MP=D();async function kP(e,t){let r=t.route.handler.options;if(!r.location)throw new MP.ConfigurationError("Redirect Handler must have 'location' specified");let n=r.status??302;return new Response(null,{status:n,headers:{location:r.location}})}o(kP,"redirectHandler");Ks.redirectHandler=kP});var pg=g(Js=>{"use strict";Object.defineProperty(Js,"__esModule",{value:!0});Js.urlForwardHandler=void 0;var HP=D(),dg=Tn();function FP(e,t){let r=e.endsWith("/"),n=t.startsWith("/");return r&&n?`${e.substring(0,e.length-1)}${t}`:!r&&!n?`${e}/${t}`:`${e}${t}`}o(FP,"join");async function qP(e,t){let r=(0,dg.getHandlerUserLogFunction)(t),n=t.route.handler.options,i=n.forwardSearch!==!1;if(!n.baseUrl)throw new Error("URL Forward Handler must have 'baseUrl' specified");if(!n||typeof n.__rewriteFunction!="function")throw new HP.ConfigurationError("Invalid options for this route");let s={incomingRequestProperties:t.incomingRequestProperties,requestId:t.requestId,route:t.route,custom:t.custom},a=new URL(e.url),c=n.__rewriteFunction(e,s),u=FP(c,a.pathname),l=i?`${u}${a.search}`:u.toString(),d=Date.now();r(`URL Forwarding to '${l}'`);let p=await fetch(l,{method:e.method,body:e.body,headers:e.headers}),m=Date.now()-d;return r(`URL Forward received response ${p.status} - ${p.statusText} in ${m}ms`),(0,dg.logBadGatewayResponses)(p,t),p}o(qP,"urlForwardHandler");Js.urlForwardHandler=qP});var fg=g(zs=>{"use strict";Object.defineProperty(zs,"__esModule",{value:!0});zs.urlRewriteHandler=void 0;var $P=D(),hg=Tn(),jP=o((e,t)=>{let r=new URL(e),n=new URL(t);for(let[i,s]of n.searchParams.entries())r.searchParams.append(i,s);return r.toString()},"addQuery");async function VP(e,t){let r=(0,hg.getHandlerUserLogFunction)(t),n=t.route.handler.options,i=n.forwardSearch!==!1,s=n.followRedirects??!1;if(!n||typeof n.__rewriteFunction!="function")throw new $P.ConfigurationError("Invalid options for this route");let a={incomingRequestProperties:t.incomingRequestProperties,requestId:t.requestId,route:t.route,custom:t.custom},c=n.__rewriteFunction(e,a),u=i?jP(c,e.url):c,l=Date.now();r(`URL Rewriting to '${u}'`);let d=await fetch(u.toString(),{method:e.method,body:e.body,headers:e.headers,redirect:s?"follow":"manual"}),p=Date.now()-l;return r(`URL Rewrite received response ${d.status} - ${d.statusText} in ${p}ms`),(0,hg.logBadGatewayResponses)(d,t),d}o(VP,"urlRewriteHandler");zs.urlRewriteHandler=VP});var yg=g(Ws=>{"use strict";Object.defineProperty(Ws,"__esModule",{value:!0});Ws.webSocketHandler=void 0;var mg=D(),GP=wd(),BP=Ct(),KP=Y(),JP=Tn();async function zP(e,t){let r=KP.Environment.instance,n=t.route.handler.options,i=(0,JP.getHandlerUserLogFunction)(t);if(!n||!n.rewritePattern)throw new mg.ConfigurationError("WebSocket Handler must have option 'rewritePattern' specified");let s=e.headers.get("Upgrade");if(!s||s!=="websocket")return BP.HttpProblems.badRequest(e,t,{detail:"Request must include header 'Upgrade: websocket'"});if(!n||typeof n.__rewriteFunction!="function")throw new mg.ConfigurationError("Invalid options for this route");let a={incomingRequestProperties:t.incomingRequestProperties,requestId:t.requestId,route:t.route,custom:t.custom},c=n.__rewriteFunction(e,a),u=Date.now();if(i(`Attempting WebSocket connection to '${c}'`),r.isDeno){let p=new Headers(e.headers);if(c.startsWith("service:")){let h=await(0,GP.externalServiceTunnelConfig)(c),y=new URL(c);c=new URL(`${h.serviceBaseUrl}${y.pathname}${y.search}`).toString();for(let T in h.tunnelHeaders)p.set(T,h.tunnelHeaders[T])}c=c.replace(/^(http)/,"ws");try{if(p.get("Authorization")){let h=p.get("Authorization")?.replace("Bearer ","");c+=`?apiKey=${h}`}}catch{}let m=JSON.stringify({url:c});return new Response(m,{headers:p})}c=c.replace(/^(ws)/,"http");let l=await fetch(c,{method:e.method,headers:e.headers,body:e.body});if(l.status!==101||!l.webSocket){let p=await l.text(),m=`WebSocket connection error - ${l.status}: ${l.statusText}, content: '${p}'`;throw new Error(m)}let d=Date.now()-u;return i(`WebSocket connected, received response ${l.status} - ${l.statusText} in ${d}ms`),new Response(null,{status:101,webSocket:l.webSocket})}o(zP,"webSocketHandler");Ws.webSocketHandler=zP});var gg=g(Sn=>{"use strict";Object.defineProperty(Sn,"__esModule",{value:!0});Sn.webSocketPolicyProcessor=Sn.getWebSocketPolicyFunctions=void 0;var WP=D(),QP=o((e,t)=>e.map((n,i)=>{let s;if(typeof n.module=="object"&&(s=n.module[n.export]),!s||typeof s!="function"){let a=t==="inbound"?"WebSocketInboundPolicy":"WebSocketOutboundPolicy",c=`policy in position: ${i+1}, export name: ${n.export}`;throw new WP.ConfigurationError(`${a} - Websocket policy must be a valid function (${c})`)}return s}),"getWebSocketPolicyFunctions");Sn.getWebSocketPolicyFunctions=QP;var YP=o(async(e,t,r,n,i,s)=>{let a=e.data;if(s&&s.length>0){let c=[...s];for(;c.length>0;){let u=c.shift();if(!u)return a;if(a=await u(a,r,t,n,i),a===void 0)return}}return a},"webSocketPolicyProcessor");Sn.webSocketPolicyProcessor=YP});var _g=g(Qs=>{"use strict";Object.defineProperty(Qs,"__esModule",{value:!0});Qs.webSocketPipelineHandler=void 0;var Ld=D(),ZP=Ct(),XP=Y(),eA=Tn(),Dd=gg();function bg(e,t,r,n,i){e.addEventListener("close",()=>{t.close()}),e.addEventListener("error",s=>{n.log.error("WebSocket error: ",s),t.send(JSON.stringify(s))}),e.addEventListener("message",s=>{try{o(async c=>{let u=await(0,Dd.webSocketPolicyProcessor)(c,e,t,r,n,i);u!==void 0&&t.send(u)},"innerPipeline")(s).catch(n.log.error)}catch(a){n.log.error(a)}})}o(bg,"wireUpListeners");async function tA(e,t){let r=XP.Environment.instance,n=t.route.handler.options,i=(0,eA.getHandlerUserLogFunction)(t);if(!n||!n.rewritePattern)throw new Ld.ConfigurationError("WebSocket Pipeline Handler must have option 'rewritePattern' specified");let s=e.headers.get("Upgrade");if(!s||s!=="websocket")return ZP.HttpProblems.badRequest(e,t,{detail:"Request must include header 'Upgrade: websocket'"});if(!n||typeof n.__rewriteFunction!="function")throw new Ld.ConfigurationError("Invalid options for this route");let a={incomingRequestProperties:t.incomingRequestProperties,requestId:t.requestId,route:t.route,custom:t.custom},c=n.__rewriteFunction(e,a),u=Date.now();if(i(`Attempting WebSocket connection to '${c}'`),r.isDeno)throw new Ld.ConfigurationError("Websocket pipeline handler is currently not supported on working-copy environments");c=c.replace(/^(ws)/,"http");let l=await fetch(c,{method:e.method,headers:e.headers,body:e.body});if(l.status!==101||!l.webSocket){let S=await l.text(),L=`WebSocket connection error - ${l.status}: ${l.statusText}, content: '${S}'`;throw new Error(L)}let d=new WebSocketPair,[p,m]=Object.values(d),h=Date.now()-u;i(`WebSocket connected, received response ${l.status} - ${l.statusText} in ${h}ms`);let y=l.webSocket;y.accept(),m.accept();let w=n.policies&&n.policies.inbound?(0,Dd.getWebSocketPolicyFunctions)(n.policies.inbound,"inbound"):[],T=n.policies&&n.policies.outbound?(0,Dd.getWebSocketPolicyFunctions)(n.policies.outbound,"outbound"):[];return bg(m,y,e,t,w),bg(y,m,e,t,T),new Response(null,{status:101,webSocket:p})}o(tA,"webSocketPipelineHandler");Qs.webSocketPipelineHandler=tA});var Eg=g(Ys=>{"use strict";Object.defineProperty(Ys,"__esModule",{value:!0});Ys.DynaTraceLoggingPlugin=void 0;var rA=ve(),Ud=Y(),nA=Or(),iA=Dt(),oA=bt(),Md=class extends iA.LogPlugin{static{o(this,"DynaTraceLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new kd(this.options)}};Ys.DynaTraceLoggingPlugin=Md;var kd=class{static{o(this,"DynaTraceTransport")}constructor(t){this.#e=t.url,this.#t=t.apiToken,this.#n=Ud.Environment.instance.loggingEnvironmentType,this.#i=Ud.Environment.instance.loggingEnvironmentStage,this.#r=Ud.Environment.instance.deploymentName}#e;#t;#r;#n;#i;async log(t,r){t.messages.forEach(n=>{let i={timestamp:new Date().toISOString(),message:(0,oA.stringifyNonString)((0,nA.serializeError)(n)),severity:t.level,"log.source":t.logSource,requestId:t.requestId,"custom.environment":this.#r,"custom.environmentStage":this.#i,"custom.environmentType":this.#n,"custom.loggingId":t.loggingId,"custom.rayId":t.rayId===null?void 0:t.rayId};this.batcher.enqueue(i)}),r.waitUntil(this.batcher.waitUntilFlushed())}#o=async t=>{t.length!==0&&await fetch(this.#e,{method:"POST",body:JSON.stringify(t),headers:{"content-type":"application/json; charset=utf-8",authorization:`Api-Token ${this.#t}`}})};batcher=new rA.BatchDispatch("dyna-trace-log-transport",10,this.#o)}});var wg=g(Zs=>{"use strict";Object.defineProperty(Zs,"__esModule",{value:!0});Zs.LokiLoggingPlugin=void 0;var sA=ve(),Hd=Y(),aA=Or(),cA=Dt(),uA=bt(),Fd=class extends cA.LogPlugin{static{o(this,"LokiLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new $d(this.options)}};Zs.LokiLoggingPlugin=Fd;var qd=class{static{o(this,"LokiStream")}constructor(t,r,n,i,s){this.level=t,this.environment=r,this.environmentType=n,this.environmentStage=i,this.requestId=s}job="zuplo";level;environment;environmentType;environmentStage;requestId;equals=t=>this.level===t.level&&this.requestId===t.requestId};function lA(e,t){return btoa(`${e}:${t}`)}o(lA,"createBasicDigest");var $d=class{static{o(this,"LokiTransport")}constructor(t){this.#e=t.url,this.#t=lA(t.username,t.password),this.#n=Hd.Environment.instance.loggingEnvironmentType,this.#i=Hd.Environment.instance.loggingEnvironmentStage,this.#r=Hd.Environment.instance.deploymentName}#e;#t;#r;#n;#i;async log(t,r){let n=new qd(t.level,this.#r,this.#n,this.#i,t.requestId);t.messages.forEach(i=>{let s={stream:n,message:(0,uA.stringifyNonString)((0,aA.serializeError)(i)),nanoSecondEpoch:`${t.timestamp.getTime()}000000`};this.batcher.enqueue(s)}),r.waitUntil(this.batcher.waitUntilFlushed())}#o=t=>{let r={streams:[]};return t.forEach(n=>{let i=r.streams.find(s=>s.stream.equals(n.stream));i||(i={stream:n.stream,values:[]},r.streams.push(i)),i.values.push([n.nanoSecondEpoch,n.message])}),r};#s=async t=>{if(t.length===0)return;let r=this.#o(t);await fetch(this.#e,{method:"POST",body:JSON.stringify(r),headers:{"content-type":"application/json",authorization:`Basic ${this.#t}`}})};batcher=new sA.BatchDispatch("loki-log-transport",10,this.#s)}});var vg=g(Xs=>{"use strict";Object.defineProperty(Xs,"__esModule",{value:!0});Xs.SumoLogicLoggingPlugin=void 0;var dA=ve(),jd=Y(),pA=Or(),hA=Dt(),fA=bt(),Vd=class extends hA.LogPlugin{static{o(this,"SumoLogicLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new Gd(this.options)}};Xs.SumoLogicLoggingPlugin=Vd;var Gd=class{static{o(this,"SumoLogicTransport")}constructor(t){this.#e=t.url,this.#i=t.category,this.#o=t.name,this.#r=jd.Environment.instance.loggingEnvironmentType,this.#n=jd.Environment.instance.loggingEnvironmentStage,this.#t=jd.Environment.instance.deploymentName}#e;#t;#r;#n;#i;#o;async log(t,r){t.messages.forEach(n=>{let i={timestamp:new Date().toISOString(),message:(0,fA.stringifyNonString)((0,pA.serializeError)(n)),severity:t.level,source:t.logSource,requestId:t.requestId,environment:this.#t,environmentType:this.#r,environmentStage:this.#n,rayId:t.rayId===null?void 0:t.rayId};this.batcher.enqueue(i)}),r.waitUntil(this.batcher.waitUntilFlushed())}#s=async t=>{if(t.length===0)return;let r=t.map(i=>JSON.stringify(i)).join(`
64
+ `),n=new Headers({"content-type":"application/json; charset=utf-8"});this.#o&&n.set("X-Sumo-Name",this.#o),this.#i&&n.set("X-Sumo-Category",this.#i),await fetch(this.#e,{method:"POST",body:r,headers:n})};batcher=new dA.BatchDispatch("sumo-logic-log-transport",10,this.#s)}});var Sg=g(In=>{"use strict";Object.defineProperty(In,"__esModule",{value:!0});In.VMWareLogInsightTransport=In.VMWareLogInsightLoggingPlugin=void 0;var mA=D(),yA=ve(),Bd=Y(),gA=Dt(),Tg=bt(),bA="d3a5b78f-8236-48f5-b1df-4fe269d41172",Kd=class extends gA.LogPlugin{static{o(this,"VMWareLogInsightLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new ea(this.options)}};In.VMWareLogInsightLoggingPlugin=Kd;var ea=class{static{o(this,"VMWareLogInsightTransport")}constructor(t){let r;try{r=new URL(t.url)}catch{throw new mA.ConfigurationError(`Invalid option 'url' on 'VMWareLogInsightTransport' plugin. Must be a valid URL, received '${t.url}'`)}this.#e=r.origin,this.#r=Bd.Environment.instance.loggingEnvironmentType,this.#n=Bd.Environment.instance.loggingEnvironmentStage,this.#t=Bd.Environment.instance.deploymentName,this.#i=t.onMessageSending,t.fields&&(this.#o=Object.entries(t.fields).map(([n,i])=>({name:n,content:i})))}#e;#t;#r;#n;#i;#o;async log(t,r){let n=this.buildEntry(t,r);this.batcher.enqueue(n),r.waitUntil(this.batcher.waitUntilFlushed())}buildEntry(t,r){let n=(0,Tg.messagesToMultilineText)(t.messages),i={timestamp:Date.now(),text:n,fields:[{name:"severity",content:t.level.toUpperCase()},{name:"request_id",content:t.requestId},{name:"environment_type",content:this.#r},{name:"environment_stage",content:this.#n},{name:"log_source",content:t.logSource},{name:"atomic_counter",content:t.vectorClock}]};return t.rayId&&i.fields.push({name:"request_ray_id",content:t.rayId}),this.#t&&i.fields.push({name:"environment",content:this.#t}),this.#o&&i.fields.push(...this.#o),r.custom&&Object.entries(r.custom).forEach(([s,a])=>{let c=(0,Tg.stringifyNonStringToText)(a);c&&i.fields.push({name:s,content:c})}),this.#i&&(i=this.#i(i)),i}#s=async t=>{if(t.length===0)return;let r=await fetch(`${this.#e}/api/v1/events/ingest/${bA}`,{method:"POST",body:JSON.stringify(t),headers:{"content-type":"application/json; charset=utf-8"}});if(r.status!==200)try{let n=await r.text();console.error("Error logging to Log Insight",n)}catch(n){console.error(n)}};batcher=new yA.BatchDispatch("vmware-log-insights-log-transport",10,this.#s)};In.VMWareLogInsightTransport=ea});var Pg=g(Pn=>{"use strict";Object.defineProperty(Pn,"__esModule",{value:!0});Pn.AWSLogTransport=Pn.AWSLoggingPlugin=void 0;var _A=ve(),Ig=Y(),EA=Or(),wA=Dt(),vA=bt(),TA=xd(),Jd=class extends wA.LogPlugin{static{o(this,"AWSLoggingPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new ta(this.options)}};Pn.AWSLoggingPlugin=Jd;var ta=class{static{o(this,"AWSLogTransport")}awsClient;environment;environmentType;logGroupName;logStreamName;region;batcher=new _A.BatchDispatch("aws-log-transport",10,async t=>{if(t.length===0)return;let r=JSON.stringify({logGroupName:this.logGroupName,logStreamName:this.logStreamName,logEvents:t});await this.awsClient.fetch(`https://logs.${this.region}.amazonaws.com`,{headers:{"Content-Type":"application/x-amz-json-1.1","x-amz-Target":"Logs_20140328.PutLogEvents"},body:r,aws:{accessKeyId:this.awsClient.accessKeyId,secretAccessKey:this.awsClient.secretAccessKey,service:this.awsClient.service,region:this.awsClient.region}})});constructor({accessKeyId:t,logStreamName:r,logGroupName:n,secretAccessKey:i,region:s}){this.awsClient=new TA.AwsClient({accessKeyId:t,secretAccessKey:i,service:"logs",region:s}),this.logGroupName=n,this.logStreamName=r,this.region=s,this.environmentType=Ig.Environment.instance.loggingEnvironmentType,this.environment=Ig.Environment.instance.deploymentName}async log(t,r){t.messages.forEach(n=>{let i={timestamp:new Date().getTime(),message:JSON.stringify({data:(0,vA.stringifyNonString)((0,EA.serializeError)(n)),severity:t.level,source:t.logSource,environment:this.environment,requestId:t.requestId,environmentType:this.environmentType,rayId:t.rayId===null?void 0:t.rayId})};this.batcher.enqueue(i)}),r.waitUntil(this.batcher.waitUntilFlushed())}};Pn.AWSLogTransport=ta});var Ag=g(Oe=>{"use strict";Object.defineProperty(Oe,"__esModule",{value:!0});Oe.AWSLoggingPlugin=Oe.VMWareLogInsightLoggingPlugin=Oe.SumoLogicLoggingPlugin=Oe.LokiLoggingPlugin=Oe.GoogleCloudLoggingPlugin=Oe.DynaTraceLoggingPlugin=Oe.DataDogLoggingPlugin=void 0;var SA=nd();Object.defineProperty(Oe,"DataDogLoggingPlugin",{enumerable:!0,get:function(){return SA.DataDogLoggingPlugin}});var IA=Eg();Object.defineProperty(Oe,"DynaTraceLoggingPlugin",{enumerable:!0,get:function(){return IA.DynaTraceLoggingPlugin}});var PA=Is();Object.defineProperty(Oe,"GoogleCloudLoggingPlugin",{enumerable:!0,get:function(){return PA.GoogleCloudLoggingPlugin}});var AA=wg();Object.defineProperty(Oe,"LokiLoggingPlugin",{enumerable:!0,get:function(){return AA.LokiLoggingPlugin}});var RA=vg();Object.defineProperty(Oe,"SumoLogicLoggingPlugin",{enumerable:!0,get:function(){return RA.SumoLogicLoggingPlugin}});var OA=Sg();Object.defineProperty(Oe,"VMWareLogInsightLoggingPlugin",{enumerable:!0,get:function(){return OA.VMWareLogInsightLoggingPlugin}});var xA=Pg();Object.defineProperty(Oe,"AWSLoggingPlugin",{enumerable:!0,get:function(){return xA.AWSLoggingPlugin}})});var Rg=g(fr=>{"use strict";Object.defineProperty(fr,"__esModule",{value:!0});fr.DataDogMetricsError=fr.DataDogMetricsTransport=fr.DataDogMetricsPlugin=void 0;var NA=Le(),CA=ve(),LA=wo(),zd=new WeakMap,DA={tags:[]},Wd=class extends LA.MetricsPlugin{static{o(this,"DataDogMetricsPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new ra(this.options)}static setContext(t,r){let n=zd.get(t);n||(n=DA);let i=Object.assign({...n},r);zd.set(t,i)}};fr.DataDogMetricsPlugin=Wd;var ra=class{static{o(this,"DataDogMetricsTransport")}#e;#t;#r;#n;#i;#o=void 0;constructor(t){this.#e=t.apiKey,this.#t=t.url??"https://api.datadoghq.com/api/v2/series",this.#r=Object.assign({latency:!0,requestContentLength:!0,responseContentLength:!0},t.metrics),this.#i=t.include??{},this.#n=t.tags??[]}pushMetrics(t,r){this.#o===void 0&&(this.#o=new CA.BatchDispatch("data-dog-metrics-transport",10,this.dispatchFunction,NA.SystemLogMap.getLogger(r)));let n=Math.floor(t.timestamp.getTime()/1e3),i=this.#n.concat(zd.get(r)?.tags??[]);if(this.#i.country&&i.push(`country:${t.country}`),this.#i.httpMethod&&i.push(`httpMethod:${t.method}`),this.#i.statusCode&&i.push(`statusCode:${t.statusCode}`),this.#i.path){let s=t.systemRouteName||t.routePath;i.push(`path:${s}`)}this.#r.latency&&this.#o.enqueue({metric:"zuplo.request.latency",type:3,points:[{timestamp:n,value:t.durationMs}],tags:i}),this.#r.requestContentLength&&t.requestContentLength&&this.#o.enqueue({metric:"zuplo.request.content_length",type:3,points:[{timestamp:n,value:t.requestContentLength}],tags:i}),this.#r.responseContentLength&&t.responseContentLength&&this.#o.enqueue({metric:"zuplo.response.content_length",type:3,points:[{timestamp:n,value:t.responseContentLength}],tags:i}),r.waitUntil(this.#o.waitUntilFlushed())}dispatchFunction=async t=>{if(t.length===0)return;let r=JSON.stringify({series:t}),n=await fetch(this.#t,{method:"POST",body:r,headers:{"content-type":"application/json","DD-API-KEY":this.#e}});if(!n.ok)throw new na(await n.text())}};fr.DataDogMetricsTransport=ra;var na=class e extends Error{static{o(this,"DataDogMetricsError")}constructor(t){super(t),Object.setPrototypeOf(this,e.prototype)}};fr.DataDogMetricsError=na});var Og=g(mr=>{"use strict";Object.defineProperty(mr,"__esModule",{value:!0});mr.DynaTraceMetricsError=mr.DynaTraceMetricsTransport=mr.DynatraceMetricsPlugin=void 0;var UA=Le(),MA=ve(),kA=wo(),Qd=new WeakMap,HA={dimensions:[]},Yd=class extends kA.MetricsPlugin{static{o(this,"DynatraceMetricsPlugin")}options;constructor(t){super(),this.options=t}getTransport(){return new ia(this.options)}static setContext(t,r){let n=Qd.get(t);n||(n=HA);let i=Object.assign({...n},r);Qd.set(t,i)}};mr.DynatraceMetricsPlugin=Yd;var ia=class{static{o(this,"DynaTraceMetricsTransport")}apiToken;#e;#t;dimensions;#r;#n=void 0;constructor(t){this.apiToken=t.apiToken,this.#e=t.url,this.#t=Object.assign({latency:!0,requestContentLength:!0,responseContentLength:!0},t.metrics),this.#r=t.include??{},this.dimensions=t.dimensions??[]}pushMetrics(t,r){this.#n===void 0&&(this.#n=new MA.BatchDispatch("dynatrace-metrics-transport",10,this.dispatchFunction,UA.SystemLogMap.getLogger(r)));let n=Math.floor(t.timestamp.getTime()),i=this.dimensions.concat(Qd.get(r)?.dimensions??[]);if(this.#r.country&&i.push(`country="${t.country}"`),this.#r.httpMethod&&i.push(`http_method="${t.method}"`),this.#r.statusCode&&i.push(`status_code="${t.statusCode}"`),this.#r.path){let a=t.systemRouteName||t.routePath;i.push(`path="${a}"`)}let s=i.join(",");this.#t.latency&&this.#n.enqueue(`zuplo.request.latency,${s} ${t.durationMs} ${n}`),this.#t.requestContentLength&&t.requestContentLength&&this.#n.enqueue(`zuplo.request.content_length,${s} ${t.requestContentLength} ${n}`),this.#t.responseContentLength&&t.responseContentLength&&this.#n.enqueue(`zuplo.response.content_length,${s} ${t.responseContentLength} ${n}`),r.waitUntil(this.#n.waitUntilFlushed())}dispatchFunction=async t=>{if(t.length===0)return;let r=t.join(`
65
65
  `),n=await fetch(this.#e,{method:"POST",body:r,headers:{"content-type":"text/plain",Authorization:`Api-Token ${this.apiToken}`}});if(!n.ok)throw new oa(await n.text())}};mr.DynaTraceMetricsTransport=ia;var oa=class e extends Error{static{o(this,"DynaTraceMetricsError")}constructor(t){super(t),Object.setPrototypeOf(this,e.prototype)}};mr.DynaTraceMetricsError=oa});var xg=g(An=>{"use strict";Object.defineProperty(An,"__esModule",{value:!0});An.DynatraceMetricsPlugin=An.DataDogMetricsPlugin=void 0;var FA=Rg();Object.defineProperty(An,"DataDogMetricsPlugin",{enumerable:!0,get:function(){return FA.DataDogMetricsPlugin}});var qA=Og();Object.defineProperty(An,"DynatraceMetricsPlugin",{enumerable:!0,get:function(){return qA.DynatraceMetricsPlugin}})});var Ng=g(sa=>{"use strict";Object.defineProperty(sa,"__esModule",{value:!0});sa.AuditLogDataStaxProvider=void 0;var Zd=class{static{o(this,"AuditLogDataStaxProvider")}constructor(t){this.#e=t}#e;writeLogBatch=async t=>{await Promise.allSettled(t.map(async r=>{await fetch(this.#e.url,{method:"POST",headers:{"X-Cassandra-Token":this.#e.xCassandraToken,"content-type":"application/json"},body:JSON.stringify(r)})}))}};sa.AuditLogDataStaxProvider=Zd});var Lg=g(aa=>{"use strict";Object.defineProperty(aa,"__esModule",{value:!0});aa.AuditLogPlugin=void 0;var $A=yt(),jA=ve(),Xd=class extends $A.SystemRuntimePlugin{static{o(this,"AuditLogPlugin")}constructor(t,r){super(),this.#e=t,this.#t=r}#e;#t;async initialize(t){new ep(t,this.#e,this.#t)}};aa.AuditLogPlugin=Xd;var Cg=o(e=>{let t={};return e.forEach((r,n)=>{t[n]=r}),t},"serializableHeaders"),VA={requestFilter:async()=>!0,include:{request:{headers:!0,body:!0},response:{headers:!0,body:!0}}},ep=class{static{o(this,"AuditPluginImpl")}constructor(t,r,n){this.#t=r;let i={...VA};n?.requestFilter&&(i.requestFilter=n.requestFilter),n?.include?.request&&Object.assign(i,n.include.request),n?.include?.response&&Object.assign(i,n.include.response),this.#e=i,t.addRequestHook(this.#o),this.#r=new jA.BatchDispatch("audit-log",10,this.#n)}#e;#t;#r;#n=async t=>{await this.#t.writeLogBatch(t)};#i=async(t,r,n,i,s,a)=>{try{let c={timestamp:i,durationMs:s,routePath:n.route.path,requestId:n.requestId,userSub:a,request:{url:r.url,method:r.method,headers:this.#e.include?.request?.headers?Cg(r.headers):void 0,body:this.#e.include?.request?.body?await r.text():void 0},response:{status:t.status,statusText:t.statusText,headers:this.#e.include?.response?.headers?Cg(t.headers):void 0,body:this.#e.include?.response?.body?await t.text():void 0}};this.#r.enqueue(c),n.waitUntil(this.#r.waitUntilFlushed())}catch(c){n.log.error(c)}};#o=async(t,r)=>{try{if(!await this.#e.requestFilter(t,r))return t;let i=new Date,s=Date.now(),a=t.clone();return r.addResponseSendingFinalHook(async(c,u)=>{let l=Date.now(),d=c.clone(),p=this.#i(d,a,r,i,l-s,u.user?.sub).catch(m=>{r.log.error(m)});r.waitUntil(p)}),t}catch(n){return r.log.error(n),t}}}});var Dg=g(Rn=>{"use strict";Object.defineProperty(Rn,"__esModule",{value:!0});Rn.StripeSignatureVerificationError=Rn.StripeError=void 0;var ca=class extends Error{static{o(this,"StripeError")}message;type;raw;rawType;headers;requestId;code;doc_url;param;detail;statusCode;charge;decline_code;payment_method_type;payment_intent;payment_method;setup_intent;source;constructor(t={}){super(t.message),this.type=this.constructor.name,this.raw=t,this.rawType=t.type,this.code=t.code,this.doc_url=t.doc_url,this.param=t.param,this.detail=t.detail,this.headers=t.headers,this.requestId=t.requestId,this.statusCode=t.statusCode,this.message=t.message,this.charge=t.charge,this.decline_code=t.decline_code,this.payment_intent=t.payment_intent,this.payment_method=t.payment_method,this.payment_method_type=t.payment_method_type,this.setup_intent=t.setup_intent,this.source=t.source}};Rn.StripeError=ca;var tp=class extends ca{static{o(this,"StripeSignatureVerificationError")}header;payload;constructor(t,r,n={}){super(n),this.header=t,this.payload=r}};Rn.StripeSignatureVerificationError=tp});var Mg=g(On=>{"use strict";Object.defineProperty(On,"__esModule",{value:!0});On.computeHMACSignatureAsync=On.constructEventAsync=void 0;var Ur=Dg(),GA="v1",BA=300;async function KA(e,t,r,n=BA,i){return await zA(e,t,r,n,i),e instanceof Uint8Array?JSON.parse(new TextDecoder("utf8").decode(e)):JSON.parse(e)}o(KA,"constructEventAsync");On.constructEventAsync=KA;function JA(e,t){return`${t.timestamp}.${e}`}o(JA,"makeHMACContent");async function zA(e,t,r,n,i){let{decodedHeader:s,decodedPayload:a,details:c,suspectPayloadType:u}=WA(e,t,GA),l=/\s/.test(r),d=await Ug(JA(a,c),r);return QA(a,s,c,d,n,u,l,i)}o(zA,"verifyHeaderAsync");function WA(e,t,r){if(!e)throw new Ur.StripeSignatureVerificationError(t,e,{message:"No webhook payload was provided."});let n=typeof e!="string"&&!(e instanceof Uint8Array),i=new TextDecoder("utf8"),s=e instanceof Uint8Array?i.decode(e):e;if(Array.isArray(t))throw new Error("Unexpected: An array was passed as a header, which should not be possible for the stripe-signature header.");if(t==null||t=="")throw new Ur.StripeSignatureVerificationError(t,e,{message:"No stripe-signature header value was provided."});let a=t instanceof Uint8Array?i.decode(t):t,c=YA(a,r);if(!c||c.timestamp===-1)throw new Ur.StripeSignatureVerificationError(a,s,{message:"Unable to extract timestamp and signatures from header"});if(!c.signatures.length)throw new Ur.StripeSignatureVerificationError(a,s,{message:"No signatures found with expected scheme"});return{decodedPayload:s,decodedHeader:a,details:c,suspectPayloadType:n}}o(WA,"parseEventDetails");function QA(e,t,r,n,i,s,a,c){let u=!!r.signatures.filter(m=>ZA(m,n)).length,l=`
66
66
  Learn more about webhook signing and explore webhook integration examples for various frameworks at https://github.com/stripe/stripe-node#webhook-signing`,d=a?`
67
67
 
@@ -71,7 +71,7 @@ Signature verification is impossible without access to the original signed mater
71
71
  `+d}):new Ur.StripeSignatureVerificationError(t,e,{message:`No signatures found matching the expected signature for payload. Are you passing the raw request body you received from Stripe?
72
72
  If a webhook request is being forwarded by a third-party tool, ensure that the exact request body, including JSON formatting and new line style, is preserved.
73
73
  `+l+`
74
- `+d});let p=Math.floor((typeof c=="number"?c:Date.now())/1e3)-r.timestamp;if(i>0&&p>i)throw new Ur.StripeSignatureVerificationError(t,e,{message:"Timestamp outside the tolerance zone"});return!0}o(QA,"validateComputedSignature");function YA(e,t){return typeof e!="string"?null:e.split(",").reduce((r,n)=>{let i=n.split("=");return i[0]==="t"&&(r.timestamp=parseInt(i[1],10)),i[0]===t&&r.signatures.push(i[1]),r},{timestamp:-1,signatures:[]})}o(YA,"parseHeader");function ZA(e,t){if(e.length!==t.length)return!1;let r=e.length,n=0;for(let i=0;i<r;++i)n|=e.charCodeAt(i)^t.charCodeAt(i);return n===0}o(ZA,"secureCompare");async function Ug(e,t){let r=new TextEncoder,n=await crypto.subtle.importKey("raw",r.encode(t),{name:"HMAC",hash:{name:"SHA-256"}},!1,["sign"]),i=await crypto.subtle.sign("hmac",n,r.encode(e)),s=new Uint8Array(i),a=new Array(s.length);for(let c=0;c<s.length;c++)a[c]=rp[s[c]];return a.join("")}o(Ug,"computeHMACSignatureAsync");On.computeHMACSignatureAsync=Ug;var rp=new Array(256);for(let e=0;e<rp.length;e++)rp[e]=e.toString(16).padStart(2,"0")});var Ft=g(ua=>{"use strict";Object.defineProperty(ua,"__esModule",{value:!0});ua.optionValidator=void 0;var Ii=L();function XA(e,t){let r=o((s,a,c)=>{let u=e[s];if(!(c&&u===void 0)){if(u===void 0)throw new Ii.ConfigurationError(`Value of '${String(s)}' on policy '${t}' is required, but no value was set. If using an environment variable, check that it is set correctly.`);if(a==="array"&&Array.isArray(u))throw new Ii.ConfigurationError(`Value of '${String(s)}' on policy '${t}' must be an array. Received type ${typeof u}.`);if(typeof u!==a)throw new Ii.ConfigurationError(`Value of '${String(s)}' on policy '${t}' must be of type ${a}. Received type ${typeof u}.`);if(typeof u=="string"&&u.length===0)throw new Ii.ConfigurationError(`Value of '${String(s)}' on policy '${t}' must be a non-empty string. The value received is empty. If using an environment variable, check that it is set correctly.`);if(typeof u=="number"&&isNaN(u))throw new Ii.ConfigurationError(`Value of '${String(s)}' on policy '${t}' must be valid number. If using an environment variable, check that it is set correctly.`)}},"validate"),n=o((s,a)=>(r(s,a,!0),{optional:n,required:i}),"optional"),i=o((s,a)=>(r(s,a,!1),{optional:n,required:i}),"required");return{optional:n,required:i}}o(XA,"optionValidator");ua.optionValidator=XA});var np=g(la=>{"use strict";Object.defineProperty(la,"__esModule",{value:!0});la.StripeWebhookInboundPolicy=void 0;var eR=se(),tR=Mg(),rR=Ft(),nR=o(async(e,t,r,n)=>{(0,rR.optionValidator)(r,n).required("signingSecret","string").optional("tolerance","number");let i=e.headers.get("stripe-signature");try{let s=await e.clone().text();await(0,tR.constructEventAsync)(s,i,r.signingSecret)}catch(s){return t.log.error("Error validating stripe webhook",s),eR.HttpProblems.badRequest(e,t,{title:"Webhook Error",detail:s.message})}return e},"StripeWebhookInboundPolicy");la.StripeWebhookInboundPolicy=nR});var kg=g(da=>{"use strict";Object.defineProperty(da,"__esModule",{value:!0});da.MeteringPlugin=void 0;var iR=yt(),ip=class extends iR.SystemRuntimePlugin{static{o(this,"MeteringPlugin")}};da.MeteringPlugin=ip});var Fg=g(pa=>{"use strict";Object.defineProperty(pa,"__esModule",{value:!0});pa.StripeMeteringPlugin=void 0;var oR=L(),sR=Nt(),aR=np(),Mr=se(),cR=Qt(),uR=zr(),lR=Cu(),dR=ot(),pR=Y(),Hg=Lt(),hR=kg(),fR=["customer.subscription.created","customer.subscription.deleted","customer.subscription.paused","customer.subscription.resumed","customer.subscription.updated"],op=class extends hR.MeteringPlugin{static{o(this,"StripeMeteringPlugin")}options;constructor(t){super(),this.options=t}registerRoutes(t,r){let n=o(async(c,u)=>{if(this.options.testMode)return"success";let{bucketId:l}=this.options;if(!l)throw new oR.ConfigurationError("StripeMeteringPlugin - No bucketName property provided");let{authApiJWT:d,meteringServiceUrl:p}=pR.Environment.instance,m=await c.json();try{mR(m)}catch{return Mr.HttpProblems.badRequest(c,u,{detail:"The received body was not in the expected format."})}if(!fR.includes(m.type))return Mr.HttpProblems.ok(c,u,{detail:"Event was ignored by Stripe metering plugin webhook."});let h=m.data?.object?.id;if(!h)return Mr.HttpProblems.badRequest(c,u,{detail:"Invalid Stripe Webhook event. Expected '.data.object.id' to be the subscription ID."});let y=m.data?.object?.items?.data.find(D=>D.object==="subscription_item");if(!y||!y.id)return Mr.HttpProblems.badRequest(c,u,{detail:"Invalid Stripe Webhook event. Expected '.data.object.items.data[]' to contain a subscription_item."});let w=y.plan;if(!w||!w.product)return Mr.HttpProblems.badRequest(c,u,{detail:"Invalid Stripe Webhook event. Expected '.data.object.items.data[].plan'."});let T={status:"active",type:"periodic",renewalStrategy:"monthly",customerKey:"luis-tester",productKey:"routes.oas.json",planProviderKey:w.product,subscriptionProviderKey:h,region:this.options.bucketRegion??"us-central1"},S=await fetch(`${p}/internal/v1/metering/${l}/subscriptions`,{headers:{Authorization:`Bearer ${d}`,"Content-Type":"application/json"},method:"POST",body:JSON.stringify(T)});if(S.status!==200){let D="Unknown error creating subscription",F;try{F=await S.json(),D=F.detail??F.title??D}catch{}return u.log.error(D,F),Mr.HttpProblems.internalServerError(c,u,{detail:D})}return Mr.HttpProblems.ok(c,u)},"stripeWebhookHandler"),i=(0,uR.createInternalPolicyProcessor)({inboundPolicies:[{handler:aR.StripeWebhookInboundPolicy,options:{signingSecret:this.options.webhooks.signingSecret,tolerance:this.options.webhooks.tolerance}}]}),s=new sR.Pipeline({processors:[cR.metricsProcessor,i],handler:n,gateway:r}),a=new dR.SystemRouteConfiguration({label:"PLUGIN_STRIPE_WEBHOOK_ROUTE",methods:["POST"],path:this.options.webhooks.routePath??"/__zuplo/stripe-webhooks",systemRouteName:lR.SystemRouteName.StripePlugin});t.addRoute(a,s.execute)}};pa.StripeMeteringPlugin=op;function mR(e){if(!(e!==null&&typeof e=="object"&&"id"in e&&(0,Hg.isString)(e.id)&&"type"in e&&(0,Hg.isString)(e.type)))throw new Error("Object is not a stripe webhook event")}o(mR,"assertsStripeWebhookEvent")});var Gg=g(xn=>{"use strict";Object.defineProperty(xn,"__esModule",{value:!0});xn.AmberfloMeteringInboundPolicy=xn.AmberfloMeteringPolicy=void 0;var qg=L(),yR=ve(),$g=ri(),Vg=new WeakMap,jg={},sp=class{static{o(this,"AmberfloMeteringPolicy")}static setRequestProperties(t,r){Vg.set(t,r)}};xn.AmberfloMeteringPolicy=sp;async function gR(e,t,r,n){if(!r.statusCodes)throw new qg.ConfigurationError(`Invalid AmberfloMeterInboundPolicy '${n}': options.statusCodes must be an array of HTTP status code numbers`);let i=Array.isArray(r.statusCodes)?r.statusCodes:(0,$g.statusCodesStringToNumberArray)(r.statusCodes);return t.addResponseSendingFinalHook(async s=>{if(i.includes(s.status)){let a=Vg.get(t),c=r.customerId;if(r.customerIdPropertyPath){if(!e.user)throw new qg.RuntimeError(`Unable to apply customerIdPropertyPath '${r.customerIdPropertyPath}' as request.user is 'undefined'.`);c=(0,$g.getValueFromRequestUser)(e.user,r.customerIdPropertyPath,"customerIdPropertyPath")}let u=a?.customerId??c;if(!u){t.log.error(`Error in AmberfloMeterInboundPolicy '${n}': customerId cannot be undefined`);return}let l=a?.meterApiName??r.meterApiName;if(!l){t.log.error(`Error in AmberfloMeterInboundPolicy '${n}': meterApiName cannot be undefined`);return}let d=a?.meterValue??r.meterValue;if(!d){t.log.error(`Error in AmberfloMeterInboundPolicy '${n}': meterValue cannot be undefined`);return}let p={customerId:u,meterApiName:l,meterValue:d,meterTimeInMillis:Date.now(),dimensions:Object.apply(r.dimensions??{},a?.dimensions)},m=jg[r.apiKey];if(!m){let h=r.apiKey,y=e.headers.get("zm-test-id")??"";m=new yR.BatchDispatch("amberflo-ingest-meter",10,async w=>{try{let T=r.url??"https://app.amberflo.io/ingest",S=await fetch(T,{method:"POST",body:JSON.stringify(w),headers:{"content-type":"application/json","x-api-key":h,"zm-test-id":y}});S.ok||t.log.error(`Unexpected response in AmberfloMeteringInboundPolicy '${n}'. ${S.status}: ${await S.text()}`)}catch(T){throw t.log.error(`Error in AmberfloMeteringInboundPolicy '${n}': ${T.message}`),T}}),jg[h]=m}m.enqueue(p),t.waitUntil(m.waitUntilFlushed())}}),e}o(gR,"AmberfloMeteringInboundPolicy");xn.AmberfloMeteringInboundPolicy=gR});var ap=g(ha=>{"use strict";Object.defineProperty(ha,"__esModule",{value:!0});ha.sha256=void 0;async function bR(e){let t=new TextEncoder().encode(e),r=await crypto.subtle.digest({name:"SHA-256"},t);return[...new Uint8Array(r)].map(i=>i.toString(16).padStart(2,"0")).join("")}o(bR,"sha256");ha.sha256=bR});var qt=g(fa=>{"use strict";Object.defineProperty(fa,"__esModule",{value:!0});fa.getPolicyCacheName=void 0;var _R=ap(),Bg=new Map;async function ER(e,t){let r,n=Bg.get(e);return n!==void 0?r=n:(r=`zuplo-policy-${await(0,_R.sha256)(JSON.stringify({policyName:e,options:t}))}`,Bg.set(e,r)),r}o(ER,"getPolicyCacheName");fa.getPolicyCacheName=ER});var dp=g(ma=>{"use strict";Object.defineProperty(ma,"__esModule",{value:!0});ma.ApiKeyInboundPolicy=void 0;var wR=qt(),vR=Kt(),Kg=Ed(),cp=L(),TR=Ct(),up=Le(),lp=Y(),SR=Ts(),Jg="key-metadata-cache-type";function IR(e,t){return t.authScheme===""?e:e.replace(`${t.authScheme} `,"")}o(IR,"getKeyValue");async function PR(e,t,r,n){if(!r.bucketName)if(Kg.environment.ZUPLO_API_KEY_SERVICE_BUCKET_NAME)r.bucketName=Kg.environment.ZUPLO_API_KEY_SERVICE_BUCKET_NAME;else throw new cp.ConfigurationError(`ApiKeyInboundPolicy '${n}' - no bucketName property provided`);let i={authHeader:r.authHeader??"authorization",authScheme:r.authScheme??"Bearer",bucketName:r.bucketName,cacheTtlSeconds:r.cacheTtlSeconds??60,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests??!1,disableAutomaticallyAddingKeyHeaderToOpenApi:r.disableAutomaticallyAddingKeyHeaderToOpenApi??!1};if(i.cacheTtlSeconds<60)throw new cp.ConfigurationError(`ApiKeyInboundPolicy '${n}' - minimum cacheTtlSeconds value is 60s, '${i.cacheTtlSeconds}' is invalid`);let s=o(T=>i.allowUnauthenticatedRequests?e:TR.HttpProblems.unauthorized(e,t,{detail:T}),"unauthorizedResponse"),a=e.headers.get(i.authHeader);if(!a)return s("No Authorization Header");if(!a.toLowerCase().startsWith(i.authScheme.toLowerCase()))return s("Invalid Authorization Scheme");let c=IR(a,i);if(!c||c==="")return s("No key present");let u=await AR(c),l=await(0,wR.getPolicyCacheName)(n,i),d=new vR.MemoryZoneReadThroughCache(l,{logger:up.SystemLogMap.getLogger(t)}),p=await d.get(u);if(p&&p.isValid===!0)return e.user=p.user,e;if(p&&!p.isValid)return p.typeId!==Jg&&up.SystemLogMap.getLogger(t).error(`ApiKeyInboundPolicy '${n}' - cached metadata has invalid typeId '${p.typeId}'`,p),s("Authorization Failed");let m={key:c},h=await(0,SR.fetchRetry)({retryDelayMs:5,retries:2,logger:up.SystemLogMap.getLogger(t)},`${lp.Environment.instance.apiKeyServiceUrl}/v1/$validate/${i.bucketName}`,{method:"POST",headers:{"content-type":"application/json","zp-rid":t.requestId,"zp-dn":lp.Environment.instance.deploymentName??"unknown","User-Agent":lp.Environment.instance.systemUserAgent},body:JSON.stringify(m)});if(h.status===401)return t.log.info(`ApiKeyInboundPolicy '${n}' - 401 response from Key Service`),s("Authorization Failed");if(h.status!==200){try{let T=await h.text(),S=JSON.parse(T);t.log.error("Unexpected response from key service",S)}catch{t.log.error("Invalid response from key service")}throw new cp.RuntimeError(`ApiKeyInboundPolicy '${n}' - unexpected response from Key Service. Status: ${h.status}`)}let y=await h.json(),w={isValid:!0,typeId:Jg,user:{sub:y.name,data:y.metadata}};return e.user=w.user,d.put(u,w,i.cacheTtlSeconds),e}o(PR,"ApiKeyInboundPolicy");ma.ApiKeyInboundPolicy=PR;async function AR(e){let t=new TextEncoder().encode(e),r=await crypto.subtle.digest("SHA-256",t);return Array.from(new Uint8Array(r)).map(s=>s.toString(16).padStart(2,"0")).join("")}o(AR,"hashValue")});var zg=g(ya=>{"use strict";Object.defineProperty(ya,"__esModule",{value:!0});ya.ApiAuthKeyInboundPolicy=void 0;var RR=dp();ya.ApiAuthKeyInboundPolicy=RR.ApiKeyInboundPolicy});var $t=g(ga=>{"use strict";Object.defineProperty(ga,"__esModule",{value:!0});ga.OpenIdJwtInboundPolicy=void 0;var hp=(ws(),Zi(Es)),fp=L(),OR=se(),pp={},xR=o(async(e,t)=>{if(!t.jwkUrl||typeof t.jwkUrl!="string")throw new fp.ConfigurationError("Invalid State - jwkUrl not set");pp[t.jwkUrl]||(pp[t.jwkUrl]=(0,hp.createRemoteJWKSet)(new URL(t.jwkUrl),t.headers?{headers:t.headers}:void 0));let{payload:r}=await(0,hp.jwtVerify)(e,pp[t.jwkUrl],{issuer:t.issuer,audience:t.audience});return r},"jwkVerifier"),NR=o(async(e,t)=>{let r;if(t.secret===void 0)throw new Error("secretVerifier requires secret to be defined");if(typeof t.secret=="string"){let s=new TextEncoder().encode(t.secret);r=new Uint8Array(s)}else r=t.secret;let{payload:n}=await(0,hp.jwtVerify)(e,r,{issuer:t.issuer,audience:t.audience});return n},"secretVerifier"),CR=o(async(e,t,r,n)=>{let i=e.headers.get("Authorization"),s="bearer ",a=o(m=>OR.HttpProblems.unauthorized(e,t,{detail:m}),"unauthorizedResponse");if(!r.jwkUrl&&!r.secret)throw new fp.ConfigurationError(`OpenIdJwtInboundPolicy policy '${n}': One of 'jwkUrl' or 'secret' options are required.`);if(r.jwkUrl&&r.secret)throw new fp.ConfigurationError(`OpenIdJwtInboundPolicy policy '${n}': Only one of 'jwkUrl' and 'secret' options should be provided.`);let c=r.jwkUrl?xR:NR,l=await o(async()=>{if(!i)return a("No authorization header");if(i.toLowerCase().indexOf(s)!==0)return a("Invalid bearer token format for authorization header");let m=i.substring(s.length);if(!m||m.length===0)return a("No bearer token on authorization header");try{return await c(m,r)}catch(h){let y=new URL(e.url);return"code"in h&&h.code==="ERR_JWT_EXPIRED"?t.log.warn(`Expired token used on url: ${y.pathname} `,h):t.log.warn(`Invalid token on: ${e.method} ${y.pathname}`,h),a("Invalid token")}},"getJwtOrRejectedResponse")();if(l instanceof Response)return r.allowUnauthenticatedRequests===!0?e:l;let d=r.subPropertyName??"sub",p=l[d];return p?(e.user={sub:p,data:l},e):a(`Token is not valid, no '${d}' property found.`)},"OpenIdJwtInboundPolicy");ga.OpenIdJwtInboundPolicy=CR});var Wg=g(ba=>{"use strict";Object.defineProperty(ba,"__esModule",{value:!0});ba.Auth0JwtInboundPolicy=void 0;var LR=$t(),DR=o(async(e,t,r,n)=>(0,LR.OpenIdJwtInboundPolicy)(e,t,{issuer:`https://${r.auth0Domain}/`,audience:r.audience,jwkUrl:`https://${r.auth0Domain}/.well-known/jwks.json`,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests},n),"Auth0JwtInboundPolicy");ba.Auth0JwtInboundPolicy=DR});var Qg=g(_a=>{"use strict";Object.defineProperty(_a,"__esModule",{value:!0});_a.BasicAuthInboundPolicy=void 0;var UR=se(),MR=o(async(e,t,r)=>{let n=e.headers.get("Authorization"),i="basic ",s=o(l=>UR.HttpProblems.unauthorized(e,t,{detail:l}),"unauthorizedResponse"),c=await o(async()=>{if(!n)return await s("No Authorization header");if(n.toLowerCase().indexOf(i)!==0)return await s("Invalid Basic token format for Authorization header");let l=n.substring(i.length);if(!l||l.length===0)return await s("No username:password provided");let d=atob(l).normalize(),p=d.indexOf(":");if(p===-1||/[\0-\x1F\x7F]/.test(d))return await s("Invalid basic token value - see https://tools.ietf.org/html/rfc5234#appendix-B.1");let m=d.substring(0,p),h=d.substring(p+1),y=r.accounts.find(w=>w.username===m&&w.password===h);return y||await s("Invalid username or password")},"getAccountOrRejectedResponse")();if(c instanceof Response)return r.allowUnauthenticatedRequests?e:c;let u=c.username;return e.user={sub:u,data:c.data},e},"BasicAuthInboundPolicy");_a.BasicAuthInboundPolicy=MR});var Yg=g(Ea=>{"use strict";Object.defineProperty(Ea,"__esModule",{value:!0});Ea.CachingInboundPolicy=void 0;var kR=qt(),HR=["cdn-cache-control","cloudflare-cdn-cache-control","surrogate-control","cache-tag","expires"];async function FR(e){let t=new TextEncoder().encode(e),r=await crypto.subtle.digest("SHA-256",t);return Array.from(new Uint8Array(r)).map(s=>s.toString(16).padStart(2,"0")).join("")}o(FR,"digestMessage");var qR=o(async(e,t)=>{let r=[...t.dangerouslyIgnoreAuthorizationHeader===!0?[]:["authorization"],...t.headers??[]],n=[];for(let[d,p]of e.headers.entries())r.includes(d)&&n.push({key:d.toLowerCase(),value:p});n.sort((d,p)=>d.key.localeCompare(p.key));let i=await FR(JSON.stringify(n)),s=new URL(e.url),a=new URLSearchParams(s.searchParams);a.set("_z-hdr-dgst",i);let c=t.cacheHttpMethods?.includes(e.method.toUpperCase())&&e.method.toUpperCase()!=="GET";c&&a.set("_z-original-method",e.method);let u=`${s.origin}${s.pathname}?${a}`;return new Request(u,{method:c?"GET":e.method})},"createCacheKeyRequest");async function $R(e,t,r,n){let i=await(0,kR.getPolicyCacheName)(n,r),s=await caches.open(i),a=r?.cacheHttpMethods?.map(l=>l.toUpperCase())??["GET"],c=await qR(e,r),u=await s.match(c);return u||(t.addEventListener("responseSent",l=>{try{let d=r.statusCodes??[200,206,301,302,303,404,410],p=l.response.clone();if(!d.includes(p.status)||!a.includes(e.method.toUpperCase()))return;let m=r?.expirationSecondsTtl??60,h=new Response(p.body,p);HR.forEach(y=>h.headers.delete(y)),h.headers.set("cache-control",`s-maxage=${m}`),t.waitUntil(s.put(c,h))}catch(d){t.log.error(`Error in caching-inbound-policy '${n}': "${d.message}"`,d)}}),e)}o($R,"CachingInboundPolicy");Ea.CachingInboundPolicy=$R});var Zg=g(wa=>{"use strict";Object.defineProperty(wa,"__esModule",{value:!0});wa.ChangeMethodInboundPolicy=void 0;var jR=L(),VR=He(),GR=o(async(e,t,r,n)=>{if(!r.method)throw new jR.ConfigurationError(`ChangeMethodInboundPolicy '${n}' options.method must be valid HttpMethod`);return new VR.ZuploRequest(e,{method:r.method})},"ChangeMethodInboundPolicy");wa.ChangeMethodInboundPolicy=GR});var Xg=g(va=>{"use strict";Object.defineProperty(va,"__esModule",{value:!0});va.ClearHeadersInboundPolicy=void 0;var BR=He(),KR=o(async(e,t,r)=>{let n=[...r.exclude??[]],i=new Headers;return n.forEach(a=>{let c=e.headers.get(a);c&&i.set(a,c)}),new BR.ZuploRequest(e,{headers:i})},"ClearHeadersInboundPolicy");va.ClearHeadersInboundPolicy=KR});var eb=g(Ta=>{"use strict";Object.defineProperty(Ta,"__esModule",{value:!0});Ta.ClearHeadersOutboundPolicy=void 0;var JR=o(async(e,t,r,n)=>{let i=[...n.exclude??[]],s=new Headers;return i.forEach(c=>{let u=e.headers.get(c);u&&s.set(c,u)}),new Response(e.body,{headers:s,status:e.status,statusText:e.statusText})},"ClearHeadersOutboundPolicy");Ta.ClearHeadersOutboundPolicy=JR});var tb=g(Sa=>{"use strict";Object.defineProperty(Sa,"__esModule",{value:!0});Sa.ClerkJwtInboundPolicy=void 0;var zR=$t(),WR=o(async(e,t,r,n)=>{let i=new URL(r.frontendApiUrl.startsWith("https://")||r.frontendApiUrl.startsWith("http://")?r.frontendApiUrl:`https://${r.frontendApiUrl}`),s=new URL(i);return s.pathname="/.well-known/jwks.json",(0,zR.OpenIdJwtInboundPolicy)(e,t,{issuer:i.href.slice(0,-1),jwkUrl:s.toString(),allowUnauthenticatedRequests:r.allowUnauthenticatedRequests},n)},"ClerkJwtInboundPolicy");Sa.ClerkJwtInboundPolicy=WR});var nb=g(Ia=>{"use strict";Object.defineProperty(Ia,"__esModule",{value:!0});Ia.CognitoJwtInboundPolicy=void 0;var rb=L(),QR=$t(),YR=o(async(e,t,r,n)=>{if(!r.userPoolId)throw new rb.ConfigurationError("userPoolId must be set in the options for CognitoJwtInboundPolicy");if(!r.region)throw new rb.ConfigurationError("region must be set in the options for CognitoJwtInboundPolicy");return(0,QR.OpenIdJwtInboundPolicy)(e,t,{issuer:`https://cognito-idp.${r.region}.amazonaws.com/${r.userPoolId}`,jwkUrl:`https://cognito-idp.${r.region}.amazonaws.com/${r.userPoolId}/.well-known/jwks.json`,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests},n)},"CognitoJwtInboundPolicy");Ia.CognitoJwtInboundPolicy=YR});var ob=g(Pa=>{"use strict";Object.defineProperty(Pa,"__esModule",{value:!0});Pa.CompositeInboundPolicy=void 0;var ZR=L(),XR=mn(),ib=zr(),e0=o(async(e,t,r,n)=>{if(!r.policies||r.policies.length===0)throw new ZR.ConfigurationError(`CompositeInboundPolicy '${n}' must have valid policies defined`);let i=XR.Gateway.instance,s=(0,ib.getInboundPolicyHandlerAndOptions)(r.policies,i?.routeData.policies);return(0,ib.toStackedInboundHandler)(s)(e,t)},"CompositeInboundPolicy");Pa.CompositeInboundPolicy=e0});var ab=g(Aa=>{"use strict";Object.defineProperty(Aa,"__esModule",{value:!0});Aa.CreditsMeteringInboundPolicy=void 0;var Pi=se(),sb=Y(),t0=o(async(e,t,r)=>{let n=e.user;if(!n)return Pi.HttpProblems.unauthorized(e,t,{title:"Unable to check subscription for anonymous user",detail:"No user data on request"});let{sub:i}=n;if(!r.bucketId)return Pi.HttpProblems.unauthorized(e,t,{title:"Metering bucket not configured",detail:"Specify one using the bucketId option on the policy"});let s=r.bucketId,a=await r0(s,i,t);if(!a)return Pi.HttpProblems.unauthorized(e,t,{title:"No valid, active subscription found"});if(!a.quotas)return Pi.HttpProblems.forbidden(e,t,{title:"Insufficient credits"});for(let c of Object.keys(a.quotas))if(a.quotas[c]<=0)return Pi.HttpProblems.forbidden(e,t,{title:"Insufficient credits"});return t.custom.subscription=a,t.addResponseSendingFinalHook(async()=>{let c=t.custom.meters,u={};for(let l of Object.keys(c))u[l]=c[l];await n0(s,a.id,u,t)}),e},"CreditsMeteringInboundPolicy");Aa.CreditsMeteringInboundPolicy=t0;async function r0(e,t,r){let{authApiJWT:n,meteringServiceUrl:i}=sb.Environment.instance,s=new URL(`${i}/internal/v1/metering/${e}/subscriptions`);s.search=new URLSearchParams({customerRef:t,status:"active"}).toString();let a=await fetch(s,{method:"GET",headers:{Authorization:`Bearer ${n}`}});if(!a.ok)throw new Error(`Error retrieving subscriptions for credits metering ': ${a.status} - ${await a.text()}`);let c=await a.json();if(c.data.length!==0)return c.data.length>1&&r.log.warn(`Found more than one active subscription for customer ${t} -- using the first one.`),c.data[0]}o(r0,"getSubscription");async function n0(e,t,r,n){let{authApiJWT:i,meteringServiceUrl:s}=sb.Environment.instance,a=new URL(`${s}/internal/v1/metering/${e}/subscriptions/${t}/quotas/consume`),c=await fetch(a,{method:"POST",body:JSON.stringify({meters:r}),headers:{Authorization:`Bearer ${i}`}});c.ok||n.log.error(`Error consuming subscription quotas for credits metering ': ${c.status} - ${await c.text()}`)}o(n0,"consumeSubscription")});var cb=g(Oa=>{"use strict";Object.defineProperty(Oa,"__esModule",{value:!0});Oa.CurityPhantomTokenInboundPolicy=void 0;var i0=qt(),o0=Kt(),Ra=se(),s0=o(async(e,t,r,n)=>{let i=e.headers.get("Authorization");if(!i)return Ra.HttpProblems.unauthorized(e,t,{detail:"No authorization header"});let s=a0(i);if(!s)return Ra.HttpProblems.unauthorized(e,t,{detail:"Failed to parse token from Authorization header"});let a=await(0,i0.getPolicyCacheName)(n,r),c=new o0.MemoryZoneReadThroughCache(a,t),u=await c.get(s);if(!u){let l=await fetch(r.introspectionUrl,{headers:{Authorization:"Basic "+btoa(`${r.clientId}:${r.clientSecret}`),Accept:"application/jwt","Content-Type":"application/x-www-form-urlencoded"},method:"POST",body:"token="+s+"&token_type_hint=access_token"}),d=await l.text();if(l.status===200)u=d,c.put(s,u,r.cacheDurationSeconds??600);else return l.status>=500?(t.log.error(`Error introspecting token - ${l.status}: '${d}'`),Ra.HttpProblems.internalServerError(e,t,{detail:"Problem encountered authorizing the HTTP request"})):Ra.HttpProblems.unauthorized(e,t)}return e.headers.set("Authorization",`Bearer ${u}`),e},"CurityPhantomTokenInboundPolicy");Oa.CurityPhantomTokenInboundPolicy=s0;function a0(e){return e.split(" ")[0]==="Bearer"?e.split(" ")[1]:null}o(a0,"getToken")});var ub=g(xa=>{"use strict";Object.defineProperty(xa,"__esModule",{value:!0});xa.FirebaseJwtInboundPolicy=void 0;var c0=Ft(),u0=$t(),l0=o(async(e,t,r,n)=>((0,c0.optionValidator)(r,n).required("projectId","string").optional("allowUnauthenticatedRequests","boolean"),(0,u0.OpenIdJwtInboundPolicy)(e,t,{issuer:`https://securetoken.google.com/${r.projectId}`,audience:r.projectId,jwkUrl:"https://www.googleapis.com/service_accounts/v1/jwk/securetoken@system.gserviceaccount.com",allowUnauthenticatedRequests:r.allowUnauthenticatedRequests},n)),"FirebaseJwtInboundPolicy");xa.FirebaseJwtInboundPolicy=l0});var lb=g(Na=>{"use strict";Object.defineProperty(Na,"__esModule",{value:!0});Na.FormDataToJsonInboundPolicy=void 0;var d0=He(),p0=o(async(e,t,r)=>{let n="application/x-www-form-urlencoded",i="multipart/form-data",s=e.headers.get("content-type")?.toLowerCase();if(!s||![i,n].includes(s))return r&&r.badRequestIfNotFormData?new Response(`Bad Request - expected content-type '${n}' or ${i}`,{status:400,statusText:"Bad Request"}):e;let a=await e.formData();if(r&&r.optionalHoneypotName&&a.get(r.optionalHoneypotName)!=="")return new Response("Bad Request",{status:400,statusText:"Bad Request"});let c={};for(let[d,p]of a)c[d]=p.toString();let u=new Headers(e.headers);return u.set("content-type","application/json"),u.delete("content-length"),new d0.ZuploRequest(e,{body:JSON.stringify(c),headers:u})},"FormDataToJsonInboundPolicy");Na.FormDataToJsonInboundPolicy=p0});var db=g(Ca=>{"use strict";Object.defineProperty(Ca,"__esModule",{value:!0});Ca.GeoFilterInboundPolicy=void 0;var h0=L(),f0=se(),Nn="__unknown__",m0=o(async(e,t,r,n)=>{let i={allow:{countries:Ln(r.allow?.countries,"allow.countries",n),regionCodes:Ln(r.allow?.regionCodes,"allow.regionCode",n),asns:Ln(r.allow?.asns,"allow.asOrganization",n)},block:{countries:Ln(r.block?.countries,"block.countries",n),regionCodes:Ln(r.block?.regionCodes,"block.regionCode",n),asns:Ln(r.block?.asns,"block.asOrganization",n)},ignoreUnknown:r.ignoreUnknown!==!1},s=t.incomingRequestProperties.country?.toLowerCase()??Nn,a=t.incomingRequestProperties.regionCode?.toLowerCase()??Nn,c=t.incomingRequestProperties.asn?.toString()??Nn,u=i.ignoreUnknown&&s===Nn,l=i.ignoreUnknown&&a===Nn,d=i.ignoreUnknown&&c===Nn,p=i.allow.countries,m=i.allow.regionCodes,h=i.allow.asns;if(p.length>0&&!p.includes(s)&&!u||m.length>0&&!m.includes(a)&&!l||h.length>0&&!h.includes(c)&&!d)return Cn(e,t,n,s,a,c);let y=i.block.countries,w=i.block.regionCodes,T=i.block.asns;return y.length>0&&y.includes(s)&&!u||w.length>0&&w.includes(a)&&!l||T.length>0&&T.includes(c)&&!d?Cn(e,t,n,s,a,c):e},"GeoFilterInboundPolicy");Ca.GeoFilterInboundPolicy=m0;function Cn(e,t,r,n,i,s){return t.log.debug(`Request blocked by GeoFilterInboundPolicy '${r}' (country: '${n}', regionCode: '${i}', asn: '${s}')`),f0.HttpProblems.forbidden(e,t,{geographicContext:{country:n,regionCode:i,asn:s}})}o(Cn,"blockedResponse");function Ln(e,t,r){if(typeof e=="string")return e.split(",").map(n=>n.trim().toLowerCase());if(typeof e>"u")return[];if(Array.isArray(e))return e.map(n=>n.trim().toLowerCase());throw new h0.ConfigurationError(`Invalid '${t}' for GeoFilterInboundPolicy '${r}': '${e}', must be a string or string[]`)}o(Ln,"toLowerStringArray")});var pb=g(La=>{"use strict";Object.defineProperty(La,"__esModule",{value:!0});La.JWTScopeValidationInboundPolicy=void 0;var y0=o(async(e,t,r)=>{let n=e.user?.data.scope.split(" ")||[];if(!o((s,a)=>a.every(c=>s.includes(c)),"scopeChecker")(n,r.scopes)){let s={code:"UNAUTHORIZED",help_url:"https://zup.fail/UNAUTHORIZED",message:`JWT must have all the following scopes: ${r.scopes}`};return new Response(JSON.stringify(s),{status:401,statusText:"Unauthorized",headers:{"content-type":"application/json"}})}return e},"JWTScopeValidationInboundPolicy");La.JWTScopeValidationInboundPolicy=y0});var fb=g(Da=>{"use strict";Object.defineProperty(Da,"__esModule",{value:!0});Da.MockApiInboundPolicy=void 0;var g0=se(),b0=o(async(e,t,r,n)=>{let i=t.route.raw().responses;if(!i)return mp(n,e,t,"No responses defined in the OpenAPI document. Add some responses with examples to use this policy.");let s=Object.keys(i),a=[];if(s.length===0)return mp(n,e,t,"No response object defined under responses in the OpenAPI document. Add some response objects with examples to use this policy.");if(s.forEach(c=>{i[c].content&&Object.keys(i[c].content).forEach(l=>{let d=i[c].content[l].examples;d&&Object.keys(d).forEach(m=>{a.push({responseName:c,contentName:l,exampleName:m,exampleValue:d[m]})})})}),a=a.filter(c=>!(r.responsePrefixFilter&&!c.responseName.startsWith(r.responsePrefixFilter)||r.contentType&&c.contentName!==r.contentType||r.exampleName&&c.exampleName!==r.exampleName)),r.random&&a.length>1){let c=Math.floor(Math.random()*a.length);return hb(a[c])}else return a.length>0?hb(a[0]):mp(n,e,t,"No examples matching the mocking options found in the OpenAPI document. Add examples to the OpenAPI document matching the options for this policy or change the mocking options to match the examples in the OpenAPI document.")},"MockApiInboundPolicy");Da.MockApiInboundPolicy=b0;function hb(e){let t=JSON.stringify(e.exampleValue,null,2),r=new Headers;switch(r.set("Content-Type",e.contentName),e.responseName){case"1XX":return new Response(t,{status:100,headers:r});case"2XX":return new Response(t,{status:200,headers:r});case"3XX":return new Response(t,{status:300,headers:r});case"4XX":return new Response(t,{status:400,headers:r});case"5XX":case"default":return new Response(t,{status:500,headers:r});default:return new Response(t,{status:Number(e.responseName),headers:r})}}o(hb,"generateResponse");var mp=o((e,t,r,n)=>{let i=`Error in policy: ${e} - On route ${t.method} ${r.route.path}. ${n}`;return g0.HttpProblems.internalServerError(t,r,{detail:i})},"getProblemDetailResponse")});var _b=g(Dn=>{"use strict";Object.defineProperty(Dn,"__esModule",{value:!0});Dn.MoesifInboundPolicy=Dn.setMoesifContext=void 0;var _0=L(),E0=ve(),w0="Incoming",v0={logRequestBody:!0,logResponseBody:!0};function mb(e){let t={};return e.forEach((r,n)=>{t[n]=r}),t}o(mb,"headersToObject");function yb(){return new Date().toISOString()}o(yb,"timestamp");var yp=new WeakMap,T0={};function S0(e,t){let r=yp.get(e);r||(r=T0);let n=Object.assign({...r},t);yp.set(e,n)}o(S0,"setMoesifContext");Dn.setMoesifContext=S0;async function gb(e,t){let r=e.headers.get("content-type");if(r&&r.indexOf("json")!==0)try{return await e.clone().json()}catch(i){t.log.error(i)}let n=await e.clone().text();return t.log.debug({textBody:n}),n}o(gb,"readBody");var I0={},gp;function bb(){if(!gp)throw new _0.RuntimeError("Invalid State - no _lastLogger");return gp}o(bb,"getLastLogger");function P0(e){let t=I0[e];return t||(t=new E0.BatchDispatch("moesif-inbound",100,async r=>{let n=JSON.stringify(r);bb().debug("posting",n);let i=await fetch("https://api.moesif.net/v1/events/batch",{method:"POST",headers:{"content-type":"application/json","X-Moesif-Application-Id":e},body:n});i.ok||bb().error({status:i.status,body:await i.text()})})),t}o(P0,"getDispatcher");async function A0(e,t,r,n){gp=t.log;let i=yb(),s=Object.assign(v0,r);if(!s.applicationId)throw new Error(`Invalid configuration for MoesifInboundPolicy '${n}' - applicationId is required`);let a=s.logRequestBody?await gb(e,t):void 0;return t.addResponseSendingFinalHook(async(c,u)=>{let l=P0(s.applicationId),d=e.headers.get("true-client-ip"),p=yp.get(t)??{},m={time:i,uri:e.url,verb:e.method,body:a,ip_address:d??void 0,api_version:p.apiVersion,headers:mb(e.headers)},h=s.logResponseBody?await gb(c,t):void 0,y={time:yb(),status:c.status,headers:mb(c.headers),body:h},w={request:m,response:y,user_id:p.userId??u.user?.sub,session_token:p.sessionToken,company_id:p.companyId,metadata:p.metadata,direction:w0};l.enqueue(w),t.waitUntil(l.waitUntilFlushed())}),e}o(A0,"MoesifInboundPolicy");Dn.MoesifInboundPolicy=A0});var Eb=g(Ua=>{"use strict";Object.defineProperty(Ua,"__esModule",{value:!0});Ua.OktaJwtInboundPolicy=void 0;var R0=$t(),O0=o(async(e,t,r,n)=>(0,R0.OpenIdJwtInboundPolicy)(e,t,{issuer:r.issuerUrl,audience:r.audience,jwkUrl:`${r.issuerUrl}/v1/keys`,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests},n),"OktaJwtInboundPolicy");Ua.OktaJwtInboundPolicy=O0});var wb=g(Ma=>{"use strict";Object.defineProperty(Ma,"__esModule",{value:!0});Ma.PropelAuthJwtInboundPolicy=void 0;var x0=(ws(),Zi(Es)),N0=$t(),bp,C0=o(async(e,t,r,n)=>{if(!bp)try{bp=await(0,x0.importSPKI)(r.verifierKey,"RS256")}catch(i){throw t.log.error("Could not import verifier key"),i}return(0,N0.OpenIdJwtInboundPolicy)(e,t,{issuer:r.authUrl,secret:bp,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests,subPropertyName:"user_id"},n)},"PropelAuthJwtInboundPolicy");Ma.PropelAuthJwtInboundPolicy=C0});var vb=g(G=>{"use strict";Object.defineProperty(G,"__esModule",{value:!0});G.throwIfStateNotObject=G.throwIfStateNotNumber=G.throwIfStateNotString=G.throwIfStateUndefinedOrNull=G.throwIfStateUndefined=G.throwIfOptionNotObject=G.throwIfOptionNotNumber=G.throwIfOptionNotString=G.throwIfOptionUndefinedOrNull=G.throwIfOptionUndefined=G.OptionTypeError=G.OptionUndefinedError=G.throwIfNotNumber=G.throwIfNotString=G.throwIfUndefinedOrNull=G.throwIfUndefined=G.ArgumentTypeError=G.ArgumentUndefinedError=G.ValidationError=void 0;var je=Lt(),et=class extends Error{static{o(this,"ValidationError")}constructor(t){super(t)}};G.ValidationError=et;var Ai=class extends et{static{o(this,"ArgumentUndefinedError")}constructor(t){super(`The argument '${t}' is undefined.`)}};G.ArgumentUndefinedError=Ai;var Ri=class extends et{static{o(this,"ArgumentTypeError")}constructor(t,r){super(`The argument '${t}' must be of type '${r}'.`)}};G.ArgumentTypeError=Ri;function L0(e,t){if((0,je.isUndefined)(e))throw new Ai(t)}o(L0,"throwIfUndefined");G.throwIfUndefined=L0;function _p(e,t){if((0,je.isUndefinedOrNull)(e))throw new Ai(t)}o(_p,"throwIfUndefinedOrNull");G.throwIfUndefinedOrNull=_p;function D0(e,t){if(_p(e,t),!(0,je.isString)(e))throw new Ri(t,"string")}o(D0,"throwIfNotString");G.throwIfNotString=D0;function U0(e,t){if(_p(e,t),!(0,je.isNumber)(e))throw new Ri(t,"number")}o(U0,"throwIfNotNumber");G.throwIfNotNumber=U0;var Oi=class extends et{static{o(this,"OptionUndefinedError")}constructor(t,r,n){super(`The option '${n}' on the ${t} named '${r}' is undefined.`)}};G.OptionUndefinedError=Oi;var Un=class extends et{static{o(this,"OptionTypeError")}constructor(t,r,n,i){super(`The option '${n}' on the ${t} named '${r}' must be of type '${i}'.`)}};G.OptionTypeError=Un;function M0(e,t,r,n){if((0,je.isUndefined)(n))throw new Oi(e,t,r)}o(M0,"throwIfOptionUndefined");G.throwIfOptionUndefined=M0;function ka(e,t,r,n){if((0,je.isUndefinedOrNull)(n))throw new Oi(e,t,r)}o(ka,"throwIfOptionUndefinedOrNull");G.throwIfOptionUndefinedOrNull=ka;function k0(e,t,r,n){if(ka(e,t,r,n),!(0,je.isString)(n))throw new Un(e,t,r,"string")}o(k0,"throwIfOptionNotString");G.throwIfOptionNotString=k0;function H0(e,t,r,n){if(ka(e,t,r,n),!(0,je.isNumber)(n))throw new Un(e,t,r,"number")}o(H0,"throwIfOptionNotNumber");G.throwIfOptionNotNumber=H0;function F0(e,t,r,n){if(ka(e,t,r,n),!(0,je.isObject)(n))throw new Un(e,t,r,"object")}o(F0,"throwIfOptionNotObject");G.throwIfOptionNotObject=F0;function q0(e,t){if((0,je.isUndefined)(e))throw new et(t)}o(q0,"throwIfStateUndefined");G.throwIfStateUndefined=q0;function Ha(e,t){if((0,je.isUndefinedOrNull)(e))throw new et(t)}o(Ha,"throwIfStateUndefinedOrNull");G.throwIfStateUndefinedOrNull=Ha;function $0(e,t){if(Ha(e,t),!(0,je.isString)(e))throw new et(t);return!0}o($0,"throwIfStateNotString");G.throwIfStateNotString=$0;function j0(e,t){if(Ha(e,t),!(0,je.isNumber)(e))throw new et(t);return!0}o(j0,"throwIfStateNotNumber");G.throwIfStateNotNumber=j0;function V0(e,t){if(Ha(e,t),!(0,je.isObject)(e))throw new et(t);return!0}o(V0,"throwIfStateNotObject");G.throwIfStateNotObject=V0});var Tb=g(Mn=>{"use strict";Object.defineProperty(Mn,"__esModule",{value:!0});Mn.InMemoryRedisClient=Mn.StandardRedisClient=void 0;var Ep=L(),Fa=vb(),wp=class e{static{o(this,"StandardRedisClient")}static instance;redisClientUrl;clientAuthToken;userAgent;deploymentName;constructor(t,r,n,i){this.redisClientUrl=t,this.clientAuthToken=r,this.deploymentName=n,this.userAgent=i}static initialize(t,r,n,i){return(0,Fa.throwIfNotString)(t,"redisClientUrl"),(0,Fa.throwIfNotString)(r,"clientAuthToken"),e.instance||(e.instance=new e(t,r,n,i)),e.instance}isEnabled(){return this.redisClientUrl!==void 0&&this.clientAuthToken!==void 0}async fetch({url:t,body:r,method:n,requestId:i}){(0,Fa.throwIfNotString)(t,"url");let s=await fetch(`${this.redisClientUrl}${t}`,{method:n,body:r,headers:{"content-type":"application/json",authorization:`Bearer ${this.clientAuthToken}`,"zp-rid":i,"zp-dn":this.deploymentName,"User-Agent":this.userAgent}}),a=s.headers.get("Content-Type")?.includes("application/json")?await s.json():await s.text();if(s.ok)return a;throw s.status===401?new Ep.SystemError("Redis client failed with 401: Unauthorized"):new Ep.SystemError(`Redis client failed with (${s.status}): ${typeof a=="string"?a:JSON.stringify(a,null,2)}`)}};Mn.StandardRedisClient=wp;var vp=class{static{o(this,"InMemoryRedisClient")}keyValueStore;constructor(){this.keyValueStore=new Map}isEnabled(){return!0}fetch({url:t,body:r,method:n}){if((0,Fa.throwIfNotString)(t,"url"),n==="POST"&&t==="/rate-limit"){let{incrBy:i,expire:s,key:a}=JSON.parse(r),c=Date.now()+s*1e3,u=this.keyValueStore.get(a);u?Date.now()>u.expiresAt?this.keyValueStore.set(a,{value:i,expiresAt:c}):this.keyValueStore.set(a,{value:u.value+i,expiresAt:u.expiresAt}):this.keyValueStore.set(a,{value:i,expiresAt:c});let l=this.keyValueStore.get(a);return Promise.resolve({count:l.value,ttlSeconds:Math.round((l.expiresAt-Date.now())/1e3)})}throw new Ep.SystemError("The in-memory redis client only supports /rate-limit calls")}};Mn.InMemoryRedisClient=vp});var Rb=g(ja=>{"use strict";Object.defineProperty(ja,"__esModule",{value:!0});ja.RateLimitInboundPolicy=void 0;var G0=Tr(),B0=qt(),K0=no(),jt=L(),J0=se(),Sb=Le(),xi=Y(),Ib=Tb(),Pb=Lt(),qa=(0,G0.debug)("zuplo:policies:RateLimitInboundPolicy"),z0="strict",W0=o(e=>{let t=e.headers.get("cf-connecting-ip")??e.headers.get("true-client-ip");if(t)return t;let r=e.headers.get("x-forwarded-for");return r?r.split(",")[0]:"127.0.0.1"},"getRealIP"),Q0=o(async e=>({key:`ip-${W0(e)}`}),"getIP"),Y0=o(async e=>({key:`user-${e.user?.sub??"anonymous"}`}),"getUser"),Z0=o(async()=>({key:"all-2d77ce9d-9a3c-4206-9ab2-668cfd271095"}),"getAll"),$a;function X0(e,t){let r;if($a)return $a;if(xi.Environment.instance.isLocalDevelopment)return t.info("Using in-memory redis client for local development."),r=new Ib.InMemoryRedisClient,$a=r,r;let{authApiJWT:n,redisURL:i}=xi.Environment.instance;if(!(0,Pb.isString)(i))throw new jt.SystemError(`RateLimitInboundPolicy '${e}' - rate limit service URL not configured`);if(!(0,Pb.isString)(n))throw new jt.SystemError(`RateLimitInboundPolicy '${e}' - service authentication not configured`);if(i&&(r=Ib.StandardRedisClient.initialize(i,n,xi.Environment.instance.deploymentName??"unknown",xi.Environment.instance.systemUserAgent)),!r||!r.isEnabled())throw new jt.SystemError(`RateLimitInboundPolicy '${e}' - no redis ('${r}') or redis.isEnabled ('${r?.isEnabled}) is false`);return $a=r,r}o(X0,"getRedisClient");async function Ab(e,t,r,n,i){let s=Math.floor(t*60);return await r.fetch({url:"/rate-limit",method:"POST",body:JSON.stringify({incrBy:1,expire:s,key:e}),requestId:i})}o(Ab,"getCountAndUpdateExpiry");function eO(e,t){let r;if(e.rateLimitBy==="function"){if(!e.identifier)throw new jt.ConfigurationError(`RateLimitInboundPolicy '${t}' - If rateLimitBy set to 'function' options.identifier must be specified`);if(!e.identifier.module)throw new jt.ConfigurationError(`RateLimitInboundPolicy '${t}' - If rateLimitBy set to 'function' options.identifier.module must be specified`);if(!e.identifier.export)throw new jt.ConfigurationError(`RateLimitInboundPolicy '${t}' - If rateLimitBy set to 'function' options.identifier.export must be specified`);if(r=e.identifier.module[e.identifier.export],!r||typeof r!="function")throw new jt.ConfigurationError(`RateLimitInboundPolicy '${t}' - Custom rate limit function must be a valid function`)}return o(async(i,s,a)=>{let c=await r(i,s,a);if(!c.key){let u=`RateLimitInboundPolicy '${a}' - Custom rate limit function must return a valid key property '${JSON.stringify(c,null,2)}'`;throw s.log.error(u),new jt.RuntimeError(u)}return c},"outerFunction")}o(eO,"wrapUserFunction");var tO="Retry-After",rO=o(async(e,t,r,n)=>{let i=Date.now(),s=Sb.SystemLogMap.getLogger(t),a=o((u,l)=>{if(r.throwOnFailure)throw new jt.SystemError(u,{cause:l});s.error(u,l)},"throwOrLog"),c=o((u,l)=>{let d={};return(!u||u==="retry-after")&&(d[tO]=l.toString()),J0.HttpProblems.tooManyRequests(e,t,void 0,d)},"rateLimited");try{let l={function:eO(r,n),user:Y0,ip:Q0,all:Z0}[r.rateLimitBy],d=await l(e,t,n),p=d.key,m=d.requestsAllowed??r.requestsAllowed,h=d.timeWindowMinutes??r.timeWindowMinutes,y=r.headerMode??"retry-after",w=X0(n,s),S=`bucket/${xi.Environment.instance.build.BUILD_ID}/${n}/${p}`;if((r.mode??z0)==="async"){let N=await(0,B0.getPolicyCacheName)(n,r),re=new K0.ZoneCache(N,{logger:Sb.SystemLogMap.getLogger(t)}),ne=Ab(S,h,w,s,t.requestId),me=await re.get(S);if(me!==void 0&&me<=Date.now()){qa(`RateLimitInboundPolicy '${n}' - returning 429 from cache for '${S}' (async mode)`);let Be=Math.round((me-Date.now())/1e3);return c(y,Be)}return t.addEventListener("responseSending",Be=>{try{let E=Be,H=E.mutableResponse;E.mutableResponse=(async()=>{let Ce=await ne;if(Ce.count>m){let ru=Date.now()+Ce.ttlSeconds*1e3;return re.put(S,ru,Ce.ttlSeconds).catch(lh=>{throw s.error(lh),lh}),qa(`RateLimitInboundPolicy '${n}' - returning 429 from redis for '${S}' (async mode)`),c(y,Ce.ttlSeconds)}return H})()}catch(E){s.error(`RateLimitInboundPolicy '${n}' -error in responseSending`,E)}}),e}let F=await Ab(S,h,w,s,t.requestId);return F.count>m?(qa(`RateLimitInboundPolicy '${n}' - returning 429 from redis for '${S}' (strict mode)`),c(y,F.ttlSeconds)):e}catch(u){return a(u.message,u),e}finally{let u=Date.now()-i;qa(`RateLimitInboundPolicy '${n}' - latency ${u}ms`)}},"RateLimitInboundPolicy");ja.RateLimitInboundPolicy=rO});var Cb=g(Va=>{"use strict";Object.defineProperty(Va,"__esModule",{value:!0});Va.ReadmeMetricsInboundPolicy=void 0;var nO=ve(),Tp=Y(),Ob=ri(),Sp;function xb(e){let t=[];for(let[r,n]of e)t.push({name:r,value:n});return t}o(xb,"headersToNameValuePairs");function iO(e){let t=[];return Object.entries(e).forEach(([r,n])=>{t.push({name:r,value:n})}),t}o(iO,"queryToNameValueParis");function oO(e){if(e===null)return;let t=parseFloat(e);if(!isNaN(t))return t}o(oO,"parseIntOrUndefined");var Nb={};async function sO(e,t,r,n){let i=new Date,s=Date.now();return Sp||(Sp={name:"zuplo",version:Tp.Environment.instance.build.ZUPLO_VERSION,comment:`zuplo/${Tp.Environment.instance.build.ZUPLO_VERSION}`}),t.addResponseSendingFinalHook(async a=>{try{let c=r.userLabelPropertyPath&&e.user?(0,Ob.getValueFromRequestUser)(e.user,r.userLabelPropertyPath,"userLabelPropertyPath"):e.user?.sub,u=r.userEmailPropertyPath&&e.user?(0,Ob.getValueFromRequestUser)(e.user,r.userEmailPropertyPath,"userEmailPropertyPath"):void 0,l={clientIPAddress:e.headers.get("true-client-ip")??"",development:r.development!==void 0?r.development:Tp.Environment.instance.isDeno,group:{label:c,email:u,id:e.user?.sub??"anonymous"},request:{log:{creator:Sp,entries:[{startedDateTime:i.toISOString(),time:Date.now()-s,request:{method:e.method,url:r.useFullRequestPath?new URL(e.url).pathname:t.route.path,httpVersion:"2",headers:xb(e.headers),queryString:iO(e.query)},response:{status:a.status,statusText:a.statusText,headers:xb(a.headers),content:{size:oO(e.headers.get("content-length"))}}}]}}},d=Nb[r.apiKey];if(!d){let p=r.apiKey;d=new nO.BatchDispatch("readme-metering-inbound-policy",10,async m=>{try{let h=r.url??"https://metrics.readme.io/request",y=await fetch(h,{method:"POST",body:JSON.stringify(m),headers:{"content-type":"application/json",authorization:`Basic ${btoa(p+":")}`}});y.status!==202&&t.log.error(`Unexpected response in ReadmeMeteringInboundPolicy '${n}'. ${y.status}: '${await y.text()}'`)}catch(h){throw t.log.error(`Error in ReadmeMeteringInboundPolicy '${n}': '${h.message}'`),h}}),Nb[p]=d}d.enqueue(l),t.waitUntil(d.waitUntilFlushed())}catch(c){t.log.error(c)}}),e}o(sO,"ReadmeMetricsInboundPolicy");Va.ReadmeMetricsInboundPolicy=sO});var Lb=g(Ga=>{"use strict";Object.defineProperty(Ga,"__esModule",{value:!0});Ga.RemoveHeadersInboundPolicy=void 0;var aO=L(),cO=He(),uO=o(async(e,t,r,n)=>{let i=r?.headers;if(!i||!Array.isArray(i)||i.length===0)throw new aO.ConfigurationError(`RemoveHeadersInboundPolicy '${n}' options.headers must be a non-empty string array of header names`);let s=new Headers(e.headers);return i.forEach(c=>{s.delete(c)}),new cO.ZuploRequest(e,{headers:s})},"RemoveHeadersInboundPolicy");Ga.RemoveHeadersInboundPolicy=uO});var Db=g(Ba=>{"use strict";Object.defineProperty(Ba,"__esModule",{value:!0});Ba.RemoveHeadersOutboundPolicy=void 0;var lO=L(),dO=o(async(e,t,r,n,i)=>{let s=n?.headers;if(!s||!Array.isArray(s)||s.length===0)throw new lO.ConfigurationError(`RemoveHeadersOutboundPolicy '${i}' options.headers must be a non-empty string array of header names`);let a=new Headers(e.headers);return s.forEach(u=>{a.delete(u)}),new Response(e.body,{headers:a,status:e.status,statusText:e.statusText})},"RemoveHeadersOutboundPolicy");Ba.RemoveHeadersOutboundPolicy=dO});var Ub=g(Ka=>{"use strict";Object.defineProperty(Ka,"__esModule",{value:!0});Ka.RemoveQueryParamsInboundPolicy=void 0;var pO=L(),hO=He(),fO=o(async(e,t,r,n)=>{let i=r.params;if(!i||!Array.isArray(i)||i.length===0)throw new pO.ConfigurationError(`RemoveQueryParamsInboundPolicy '${n}' options.params must be a non-empty string array of header names`);let s=new URL(e.url);return i.forEach(c=>{s.searchParams.delete(c)}),new hO.ZuploRequest(s.toString(),e)},"RemoveQueryParamsInboundPolicy");Ka.RemoveQueryParamsInboundPolicy=fO});var Mb=g(Ja=>{"use strict";Object.defineProperty(Ja,"__esModule",{value:!0});Ja.ReplaceStringOutboundPolicy=void 0;var mO=o(async(e,t,r,n)=>{let i=await e.text(),s=n.mode==="regexp"?new RegExp(n.match,"gm"):n.match,a=i.replaceAll(s,n.replaceWith);return new Response(a,{headers:e.headers,status:e.status,statusText:e.statusText})},"ReplaceStringOutboundPolicy");Ja.ReplaceStringOutboundPolicy=mO});var Hb=g(za=>{"use strict";Object.defineProperty(za,"__esModule",{value:!0});za.RequestSizeLimitInboundPolicy=void 0;var kb=o(()=>new Response("Maximum request size exceeded",{status:413,statusText:"Payload Too Large"}),"payloadTooLarge"),yO=o(async(e,t,r)=>{let n=r.trustContentLengthHeader??!1;if(["GET","HEAD"].includes(e.method))return e;let i=e.headers.get("content-length"),s=i!==null?parseInt(i):void 0;return s&&!isNaN(s)&&s>r.maxSizeInBytes?kb():s&&n?e:(await e.clone().text()).length>r.maxSizeInBytes?kb():e},"RequestSizeLimitInboundPolicy");za.RequestSizeLimitInboundPolicy=yO});var Wa=g(tt=>{"use strict";Object.defineProperty(tt,"__esModule",{value:!0});tt.sanitizedIdentifierName=tt.getIdForRefSchema=tt.getIdForRequestBodySchema=tt.getIdForParameterSchema=tt.getRawOperationDataIdentifierName=void 0;function gO(e,t,r){return`_${kr(e+"_"+t+"_"+r)}`}o(gO,"getRawOperationDataIdentifierName");tt.getRawOperationDataIdentifierName=gO;function bO(e,t,r,n){return`_${kr(e.toLowerCase())}_`+t.toLowerCase()+"_"+r.toLowerCase()+`_${n.toLowerCase()}`}o(bO,"getIdForParameterSchema");tt.getIdForParameterSchema=bO;function _O(e,t,r){return`_${kr(e.toLowerCase())}_`+t.toLowerCase()+`_rb_${kr(r.toLowerCase())}`}o(_O,"getIdForRequestBodySchema");tt.getIdForRequestBodySchema=_O;function EO(e,t){return`_${kr(e)}__${kr(t)}`}o(EO,"getIdForRefSchema");tt.getIdForRefSchema=EO;function kr(e){let t=[];for(let r=0;r<e.length;r++){let n=e.charCodeAt(r);n>="0".charCodeAt(0)&&n<="9".charCodeAt(0)||n>="A".charCodeAt(0)&&n<="Z".charCodeAt(0)||n>="a".charCodeAt(0)&&n<="z".charCodeAt(0)?t.push(e.charAt(r)):t.push("_")}return t.join("")}o(kr,"sanitizedIdentifierName");tt.sanitizedIdentifierName=kr});var Ni=g(De=>{"use strict";Object.defineProperty(De,"__esModule",{value:!0});De.getErrorsFromValidator=De.shouldReject=De.shouldLog=De.logErrors=De.validateParameters=De.getParametersForOperation=void 0;var wO=mn(),vO=Wa(),TO=o(e=>{let t=e.route.raw();return t.parameters?t.parameters.map(n=>({name:n.name,location:n.in,required:n.required,deprecated:n.deprecated,allowEmptyValue:n.allowEmptyValue})):[]},"getParametersForOperation");De.getParametersForOperation=TO;var SO=o((e,t,r,n,i)=>{let s=[],a=!0,c=[];return e.forEach(u=>{if(u.required&&!t[u.name])a=!1,s.push(`Required ${i} parameter '${u.name}' not found`);else{let l=(0,vO.getIdForParameterSchema)(r,n,i,u.name),d=wO.Gateway.instance.schemaValidator[l],p=d(t[u.name]),m=(0,De.getErrorsFromValidator)(d.errors);p||(a=!1,c.push(`${i} parameter: ${u.name} : ${t[u.name]}`),s.push(`Invalid value for ${i} parameter: '${u.name}' ${m.join(", ")}`))}}),{isValid:a,invalidValues:c,errors:s}},"validateParameters");De.validateParameters=SO;var IO=o((e,t,r,n,i)=>{n?e.log[t](r,n,i):e.log[t](r,i)},"logErrors");De.logErrors=IO;var PO=o(e=>e==="log-only"||e==="reject-and-log","shouldLog");De.shouldLog=PO;var AO=o(e=>e==="reject-only"||e==="reject-and-log","shouldReject");De.shouldReject=AO;var RO=o(e=>e?.map(t=>t.instancePath===void 0||t.instancePath===""?t.message??"Unknown validation error":t.instancePath.replace("/","")+" "+t.message)??["Unknown validation error"],"getErrorsFromValidator");De.getErrorsFromValidator=RO});var Fb=g(Ya=>{"use strict";Object.defineProperty(Ya,"__esModule",{value:!0});Ya.handleBodyValidation=void 0;var OO=mn(),Qa=se(),xO=Wa(),Je=Ni();async function NO(e,t,r){if(!r.validateBody||r.validateBody==="none")return;let n;try{n=await t.clone().json()}catch(h){let y=`Error in request body for method : ${t.method} in route: ${e.route.path} with content-type: ${t.headers.get("Content-Type")}`,w=Qa.HttpProblems.badRequest(t,e,{detail:`${y}, see errors property for more details`,errors:`${h}`});if((0,Je.shouldLog)(r.validateBody)&&(0,Je.logErrors)(e,r.logLevel??"info",y,[n],h),(0,Je.shouldReject)(r.validateBody))return w}if(!t.headers.get("Content-Type")){let h=`No content-type header defined in incoming request to ${t.method} in route: ${e.route.path}`,y=Qa.HttpProblems.badRequest(t,e,{detail:h});return(0,Je.shouldLog)(r.validateBody)&&(0,Je.logErrors)(e,r.logLevel??"info",h,[n],[h]),(0,Je.shouldReject)(r.validateBody)?y:void 0}let i=t.headers.get("Content-Type"),s=i.indexOf(";");s>-1&&(i=i.substring(0,s));let a=(0,xO.getIdForRequestBodySchema)(e.route.path,t.method,i),c=OO.Gateway.instance.schemaValidator[a];if(!c){let h=`No schema defined for method: ${t.method} in route: ${e.route.path} with content-type: ${t.headers.get("Content-Type")}`,y=Qa.HttpProblems.badRequest(t,e,{detail:h});return(0,Je.shouldLog)(r.validateBody)&&(0,Je.logErrors)(e,r.logLevel??"info",h,[n],[h]),(0,Je.shouldReject)(r.validateBody)?y:void 0}if(c(n))return;let l=c.errors,d="Request body did not pass validation",p=(0,Je.getErrorsFromValidator)(l),m=Qa.HttpProblems.badRequest(t,e,{detail:`${d}, see errors property for more details`,errors:p});if((0,Je.shouldLog)(r.validateBody)&&(0,Je.logErrors)(e,r.logLevel??"info",d,[n],p),(0,Je.shouldReject)(r.validateBody))return m}o(NO,"handleBodyValidation");Ya.handleBodyValidation=NO});var qb=g(Za=>{"use strict";Object.defineProperty(Za,"__esModule",{value:!0});Za.handleHeadersValidation=void 0;var CO=se(),Ci=Ni();function LO(e,t,r){if(!r.validateHeaders||r.validateHeaders==="none")return;let n={};t.headers.forEach((a,c)=>{n[c]=a});let i=(0,Ci.getParametersForOperation)(e),s=(0,Ci.validateParameters)(i.filter(a=>a.location==="header"),n,e.route.path,t.method.toLowerCase(),"header");if(!s.isValid){let a="Header validation failed",c=CO.HttpProblems.badRequest(t,e,{detail:`${a}, see errors property for more details`,errors:s.errors});if((0,Ci.shouldLog)(r.validateHeaders)&&(0,Ci.logErrors)(e,r.logLevel??"info",a,s.invalidValues,s.errors),(0,Ci.shouldReject)(r.validateHeaders))return c}}o(LO,"handleHeadersValidation");Za.handleHeadersValidation=LO});var $b=g(Xa=>{"use strict";Object.defineProperty(Xa,"__esModule",{value:!0});Xa.handlePathParameterValidation=void 0;var DO=se(),Li=Ni();function UO(e,t,r){if(!r.validatePathParameters||r.validatePathParameters==="none")return;let n=(0,Li.getParametersForOperation)(e),i=(0,Li.validateParameters)(n.filter(s=>s.location==="path"),t.params,e.route.path,t.method.toLowerCase(),"path");if(!i.isValid){let s="Path parameters validation failed",a=DO.HttpProblems.badRequest(t,e,{detail:`${s}, see errors property for more details`,errors:i.errors});if((0,Li.shouldLog)(r.validatePathParameters)&&(0,Li.logErrors)(e,r.logLevel??"info",s,i.invalidValues,i.errors),(0,Li.shouldReject)(r.validatePathParameters))return a}}o(UO,"handlePathParameterValidation");Xa.handlePathParameterValidation=UO});var jb=g(ec=>{"use strict";Object.defineProperty(ec,"__esModule",{value:!0});ec.handleQueryParameterValidation=void 0;var MO=se(),Di=Ni();function kO(e,t,r){if(!r.validateQueryParameters||r.validateQueryParameters==="none")return;let n=(0,Di.getParametersForOperation)(e),i=(0,Di.validateParameters)(n.filter(s=>s.location==="query"),t.query,e.route.path,t.method.toLowerCase(),"query");if(!i.isValid){let s="Query parameters validation failed",a=MO.HttpProblems.badRequest(t,e,{detail:`${s}, see errors property for more details`,errors:i.errors});if((0,Di.shouldLog)(r.validateQueryParameters)&&(0,Di.logErrors)(e,r.logLevel??"info",s,i.invalidValues,i.errors),(0,Di.shouldReject)(r.validateQueryParameters))return a}}o(kO,"handleQueryParameterValidation");ec.handleQueryParameterValidation=kO});var Vb=g(Hr=>{"use strict";Object.defineProperty(Hr,"__esModule",{value:!0});Hr.SchemaBasedRequestValidation=Hr.RequestValidationInboundPolicy=void 0;var HO=Fb(),FO=qb(),qO=$b(),$O=jb(),jO=o(async(e,t,r)=>{let n=(0,$O.handleQueryParameterValidation)(t,e,r);if(n!==void 0||(n=(0,qO.handlePathParameterValidation)(t,e,r),n!==void 0)||(n=(0,FO.handleHeadersValidation)(t,e,r),n!==void 0))return n;let i=await(0,HO.handleBodyValidation)(t,e,r);return i!==void 0?i:e},"RequestValidationInboundPolicy");Hr.RequestValidationInboundPolicy=jO;Hr.SchemaBasedRequestValidation=Hr.RequestValidationInboundPolicy});var Gb=g(tc=>{"use strict";Object.defineProperty(tc,"__esModule",{value:!0});tc.RequireOriginInboundPolicy=void 0;var VO=L(),GO=se(),BO=o(async(e,t,r,n)=>{if(r.origins===void 0||r.origins.length===0)throw new VO.ConfigurationError(`RequireOriginInboundPolicy '${n}' configuration error - no allowed origins specified`);let i=typeof r.origins=="string"?r.origins.split(","):r.origins;i=i.map(a=>a.trim());let s=e.headers.get("origin");if(!s||!i.includes(s)){let a=r.failureDetail??"Forbidden";return GO.HttpProblems.forbidden(e,t,{detail:a})}return e},"RequireOriginInboundPolicy");tc.RequireOriginInboundPolicy=BO});var Bb=g(rc=>{"use strict";Object.defineProperty(rc,"__esModule",{value:!0});rc.SetBodyInboundPolicy=void 0;var KO=He(),JO=o(async(e,t,r)=>new KO.ZuploRequest(e,{body:r.body}),"SetBodyInboundPolicy");rc.SetBodyInboundPolicy=JO});var Jb=g(nc=>{"use strict";Object.defineProperty(nc,"__esModule",{value:!0});nc.SetHeadersInboundPolicy=void 0;var Kb=L(),zO=He(),WO=o(async(e,t,r,n)=>{let i=r.headers;if(!i||!Array.isArray(i)||i.length==0)throw new Kb.ConfigurationError(`SetHeadersInboundPolicy '${n}' options.headers must be a valid array of { name, value }`);let s=new Headers(e.headers);return i.forEach(c=>{if(!c.name||c.name.length===0)throw new Kb.ConfigurationError(`SetHeadersInboundPolicy '${n}' each option.headers[] entry must have a name property`);let u=c.overwrite===void 0?!0:c.overwrite;(!s.has(c.name)||u)&&s.set(c.name,c.value)}),new zO.ZuploRequest(e,{headers:s})},"SetHeadersInboundPolicy");nc.SetHeadersInboundPolicy=WO});var Wb=g(ic=>{"use strict";Object.defineProperty(ic,"__esModule",{value:!0});ic.SetHeadersOutboundPolicy=void 0;var zb=L(),QO=o(async(e,t,r,n,i)=>{let s=n.headers;if(!s||!Array.isArray(s)||s.length==0)throw new zb.ConfigurationError(`SetHeadersOutboundPolicy '${i}' options.headers must be a valid array of { name, value }`);let a=new Headers(e.headers);return s.forEach(u=>{if(!u.name||u.name.length===0)throw new zb.ConfigurationError(`SetHeadersOutboundPolicy '${i}' each option.headers[] entry must have a name property`);let l=u.overwrite===void 0?!0:u.overwrite;(!a.has(u.name)||l)&&a.set(u.name,u.value)}),new Response(e.body,{headers:a,status:e.status,statusText:e.statusText})},"SetHeadersOutboundPolicy");ic.SetHeadersOutboundPolicy=QO});var Yb=g(oc=>{"use strict";Object.defineProperty(oc,"__esModule",{value:!0});oc.SetQueryParamsInboundPolicy=void 0;var Qb=L(),YO=He(),ZO=o(async(e,t,r,n)=>{let i=r.params;if(!i||!Array.isArray(i)||i.length==0)throw new Qb.ConfigurationError(`SetQueryParamsInboundPolicy '${n}' options.params must be a valid array of { name, value }`);let s=new URL(e.url);return i.forEach(c=>{if(!c.name||c.name.length===0)throw new Qb.ConfigurationError(`SetQueryParamsInboundPolicy '${n}' each option.params[] entry must have a name property`);let u=c.overwrite===void 0?!0:c.overwrite;(!s.searchParams.has(c.name)||u)&&s.searchParams.set(c.name,c.value)}),new YO.ZuploRequest(s.toString(),e)},"SetQueryParamsInboundPolicy");oc.SetQueryParamsInboundPolicy=ZO});var Zb=g(sc=>{"use strict";Object.defineProperty(sc,"__esModule",{value:!0});sc.SetStatusOutboundPolicy=void 0;var XO=o(async(e,t,r,n,i)=>{if(!n.status||isNaN(n.status)||n.status<100||n.status>599)throw new Error(`Invalid SetStatusOutboundPolicy '${i}' - status must be a valid number between 100 and 599, not '${n.status}'`);return new Response(e.body,{headers:e.headers,status:n.status,statusText:n.statusText??e.statusText})},"SetStatusOutboundPolicy");sc.SetStatusOutboundPolicy=XO});var Xb=g(ac=>{"use strict";Object.defineProperty(ac,"__esModule",{value:!0});ac.SleepInboundPolicy=void 0;var ex=L(),tx=o(async e=>new Promise(r=>{setTimeout(r,e)}),"sleep"),rx=o(async(e,t,r,n)=>{if(!r||r.sleepInMs===void 0||isNaN(r.sleepInMs))throw new ex.ConfigurationError(`SleepInboundPolicy '${n} must have a valid options.sleepInMs value`);return await tx(r.sleepInMs),e},"SleepInboundPolicy");ac.SleepInboundPolicy=rx});var t_=g(cc=>{"use strict";Object.defineProperty(cc,"__esModule",{value:!0});cc.SupabaseJwtInboundPolicy=void 0;var e_=L(),nx=se(),ix=He(),ox=Ft(),sx=$t(),ax=o(async(e,t,r,n)=>{(0,ox.optionValidator)(r,n).required("secret","string").optional("allowUnauthenticatedRequests","boolean").optional("requiredClaims","object");let i={secret:r.secret,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests??!1},s=await(0,sx.OpenIdJwtInboundPolicy)(e,t,i,n);if(s instanceof Response)return s;if(!(s instanceof ix.ZuploRequest))throw new e_.SystemError("Invalid State - SupabaseJwtInboundPolicy encountered a non-response that wasn't a ZuploRequest type')");let a=r.requiredClaims;if(!a)return s;let c=e.user?.data.app_metadata;if(!c)throw new e_.RuntimeError(`SupabaseJwtInboundPolicy policy '${n}' - has requiredClaims but the JWT token had no app_metadata property`);let u=Object.keys(a),l=[];return u.forEach(d=>{let p=a[d];Array.isArray(p)?p.includes(c[d])||l.push(d):p!==c[d]&&l.push(d)}),l.length>0?nx.HttpProblems.unauthorized(e,t,{detail:`Invalid JWT token - missing valid claims ${l.join(", ")}`}):s},"SupabaseJwtInboundPolicy");cc.SupabaseJwtInboundPolicy=ax});var n_=g(uc=>{"use strict";Object.defineProperty(uc,"__esModule",{value:!0});uc.UpstreamAzureAdServiceAuthInboundPolicy=void 0;var cx=qt(),ux=Kt(),r_=L(),lx=Le(),dx=Ts(),px=Ft(),hx=o(async(e,t,r,n)=>{(0,px.optionValidator)(r,n).required("activeDirectoryTenantId","string").required("activeDirectoryClientId","string").required("activeDirectoryClientSecret","string").optional("tokenRetries","number").optional("expirationOffsetSeconds","number");let i=await(0,cx.getPolicyCacheName)(n,r),s=new ux.MemoryZoneReadThroughCache(i,{logger:lx.SystemLogMap.getLogger(t)}),a=await s.get(n);if(!a){let c=await fx(r,t);s.put(n,c.access_token,c.expires_in-(r.expirationOffsetSeconds??300)),a=c.access_token}return e.headers.set("Authorization",`Bearer ${a}`),e},"UpstreamAzureAdServiceAuthInboundPolicy");uc.UpstreamAzureAdServiceAuthInboundPolicy=hx;async function fx(e,t){let r=new URLSearchParams({client_id:e.activeDirectoryClientId,scope:`${e.activeDirectoryClientId}/.default`,client_secret:e.activeDirectoryClientSecret,grant_type:"client_credentials"}),n=await(0,dx.fetchRetry)({retries:e.tokenRetries??3,retryDelayMs:10},`https://login.microsoftonline.com/${e.activeDirectoryTenantId}/oauth2/v2.0/token`,{headers:{"content-type":"application/x-www-form-urlencoded"},method:"POST",body:r});if(n.status!==200){try{let s=await n.text();t.log.error("Could not get token from Azure AD",s)}catch{}throw new r_.RuntimeError("Could not get token from Azure AD")}let i=await n.json();if(i&&typeof i=="object"&&"access_token"in i&&typeof i.access_token=="string"&&"expires_in"in i&&typeof i.expires_in=="number")return{access_token:i.access_token,expires_in:i.expires_in};throw new r_.RuntimeError("Response returned from Azure AD is not in the expected format.")}o(fx,"getAccessToken")});var o_=g(lc=>{"use strict";Object.defineProperty(lc,"__esModule",{value:!0});lc.UpstreamFirebaseAdminAuthInboundPolicy=void 0;var mx=qt(),yx=Kt(),gx=L(),bx=Le(),Ip=pn(),_x=Ft(),i_="https://accounts.google.com/o/oauth2/token",Pp,Ex=o(async(e,t,r,n)=>{(0,_x.optionValidator)(r,n).required("serviceAccountJson","string"),Pp||(Pp=await Ip.GcpServiceAccount.init(r.serviceAccountJson));let i={scope:["https://www.googleapis.com/auth/cloud-platform","https://www.googleapis.com/auth/firebase.database","https://www.googleapis.com/auth/firebase.messaging","https://www.googleapis.com/auth/identitytoolkit","https://www.googleapis.com/auth/userinfo.email"].join(" ")},s=await(0,mx.getPolicyCacheName)(n,r),a=new yx.MemoryZoneReadThroughCache(s,{logger:bx.SystemLogMap.getLogger(t)}),c=await a.get(n);if(!c){let u=await(0,Ip.getTokenFromGcpServiceAccount)({serviceAccount:Pp,audience:i_,payload:i}),l=await(0,Ip.exchangeGgpJwtForIdToken)(i_,u,{retries:r.tokenRetries??3,retryDelayMs:10});if(!l.access_token)throw new gx.RuntimeError("Invalid OAuth response from Firebase");c=l.access_token,a.put(n,c,(l.expires_in??3600)-(r.expirationOffsetSeconds??300))}return e.headers.set("Authorization",`Bearer ${c}`),e},"UpstreamFirebaseAdminAuthInboundPolicy");lc.UpstreamFirebaseAdminAuthInboundPolicy=Ex});var s_=g(dc=>{"use strict";Object.defineProperty(dc,"__esModule",{value:!0});dc.UpstreamFirebaseUserAuthInboundPolicy=void 0;var wx=qt(),vx=Kt(),kn=L(),Tx=Le(),Sx=ap(),Ap=pn(),Ix=ri(),Px=Ft(),Ax="https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit",Rx=["acr","amr","at_hash","aud","auth_time","azp","cnf","c_hash","exp","iat","iss","jti","nbf","nonce"],Rp,Ox=o(async(e,t,r,n)=>{if((0,Px.optionValidator)(r,n).required("serviceAccountJson","string").required("webApiKey","string").optional("developerClaims","object").optional("userId","string").optional("userIdPropertyPath","string"),!r.userId&&!r.userIdPropertyPath)throw new kn.ConfigurationError(`Either 'userId' or 'userIdPropertyPath' options must be set on policy '${n}'.`);let i={};if(typeof r.developerClaims<"u"){for(let p in r.developerClaims)if(Object.prototype.hasOwnProperty.call(r.developerClaims,p)){if(Rx.indexOf(p)!==-1)throw new kn.ConfigurationError(`Developer claim "${p}" is reserved and cannot be specified.`);i[p]=r.developerClaims[p]}}Rp||(Rp=await Ap.GcpServiceAccount.init(r.serviceAccountJson));let s=r.userId;if(!s&&!r.userIdPropertyPath){if(!e.user)throw new kn.RuntimeError("Unable to set userId for upstream auth policy as request.user is 'undefined'. Do you have an authentication policy before this policy?.");s=e.user?.sub}else if(r.userIdPropertyPath){if(!e.user)throw new kn.RuntimeError(`Unable to apply userIdPropertyPath '${r.userIdPropertyPath}' as request.user is 'undefined'. Do you have an authentication policy before this policy?`);s=(0,Ix.getValueFromRequestUser)(e.user,r.userIdPropertyPath,"userIdPropertyPath")}if(!s)throw new kn.RuntimeError(`Unable to determine user from for the policy ${n}`);let a=await(0,wx.getPolicyCacheName)(n,r),c=new vx.MemoryZoneReadThroughCache(a,{logger:Tx.SystemLogMap.getLogger(t)}),u={uid:s,claims:i},l=await(0,Sx.sha256)(JSON.stringify(u)),d=await c.get(l);if(!d){let p=await(0,Ap.getTokenFromGcpServiceAccount)({serviceAccount:Rp,audience:Ax,payload:u}),m=`https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=${r.webApiKey}`,h=await(0,Ap.exchangeFirebaseJwtForIdToken)(m,p,{retries:r.tokenRetries??3,retryDelayMs:10});if(!h.idToken)throw new kn.RuntimeError("Invalid token response from Firebase");d=h.idToken,c.put(l,d,(h.expiresIn?parseInt(h.expiresIn):3600)-(r.expirationOffsetSeconds??300))}return e.headers.set("Authorization",`Bearer ${d}`),e},"UpstreamFirebaseUserAuthInboundPolicy");dc.UpstreamFirebaseUserAuthInboundPolicy=Ox});var c_=g(pc=>{"use strict";Object.defineProperty(pc,"__esModule",{value:!0});pc.UpstreamGcpJwtInboundPolicy=void 0;var a_=pn(),xx=Ft(),Op,Nx=o(async(e,t,r,n)=>{(0,xx.optionValidator)(r,n).required("audience","string").required("serviceAccountJson","string"),Op||(Op=await a_.GcpServiceAccount.init(r.serviceAccountJson));let i=await(0,a_.getTokenFromGcpServiceAccount)({serviceAccount:Op,audience:r.audience});return e.headers.set("Authorization",`Bearer ${i}`),e},"UpstreamGcpJwtInboundPolicy");pc.UpstreamGcpJwtInboundPolicy=Nx});var l_=g(hc=>{"use strict";Object.defineProperty(hc,"__esModule",{value:!0});hc.UpstreamGcpServiceAuthInboundPolicy=void 0;var Cx=qt(),Lx=uu(),Dx=Kt(),Ux=L(),xp=pn(),Mx=Ft(),u_="https://www.googleapis.com/oauth2/v4/token",Np,kx=o(async(e,t,r,n)=>{(0,Mx.optionValidator)(r,n).required("audience","string").required("serviceAccountJson","string").optional("tokenRetries","number").optional("expirationOffsetSeconds","number"),Np||(Np=await xp.GcpServiceAccount.init(r.serviceAccountJson));let i=await(0,Cx.getPolicyCacheName)(n,r),s;r.useMemoryCacheOnly?s=new Lx.MemoryCache(i):s=new Dx.MemoryZoneReadThroughCache(i,t);let a=await s.get(n);if(!a){let c=await(0,xp.getTokenFromGcpServiceAccount)({serviceAccount:Np,audience:u_,payload:{target_audience:`${r.audience}`}}),{id_token:u}=await(0,xp.exchangeGgpJwtForIdToken)(u_,c,{retries:r.tokenRetries??3,retryDelayMs:10});if(!u)throw new Ux.RuntimeError("Invalid token response from GCP");a=u,s.put(n,a,3600-(r.expirationOffsetSeconds??300))}return e.headers.set("Authorization",`Bearer ${a}`),e},"UpstreamGcpServiceAuthInboundPolicy");hc.UpstreamGcpServiceAuthInboundPolicy=kx});var p_=g(fc=>{"use strict";Object.defineProperty(fc,"__esModule",{value:!0});fc.ValidateJsonSchemaInbound=void 0;var Hx=L(),d_=se(),Fx=o(async(e,t,r)=>{let n=e.clone(),i;try{i=await n.json()}catch{return d_.HttpProblems.badRequest(e,t,{detail:"Invalid JSON body - expected well-formed JSON document"})}if(r.validator(i))return e;let{errors:a}=r.validator;if(!a)throw new Hx.SystemError("Invalid state - validator error object is undefined even though validation failed.");let c=a.map(u=>u.instancePath===void 0||u.instancePath===""?"Body "+u.message:u.instancePath.replace("/","")+" "+u.message);return d_.HttpProblems.badRequest(e,t,{detail:"Incoming body did not pass schema validation",errors:c})},"ValidateJsonSchemaInbound");fc.ValidateJsonSchemaInbound=Fx});var y_=g(mc=>{"use strict";Object.defineProperty(mc,"__esModule",{value:!0});mc.MeteringInboundPolicy=void 0;var h_=$s(),f_=L(),m_=se(),qx=Le(),$x=Y(),jx=o(async(e,t,r,n)=>{let i=qx.SystemLogMap.getLogger(t);t.addResponseSendingFinalHook(async(l,d,p)=>{let m=h_.ContextData.get(p,"subscription");if((r.allowRequestsWithoutSubscription??!1)&&!m)return;let y=r.bucketId;if(!y){p.log.error(`MeteringInboundPolicy '${n}' - no bucketName property provided`);return}let{authApiJWT:w,meteringServiceUrl:T}=$x.Environment.instance;l.ok&&m&&r.meters&&fetch(`${T}/internal/v1/metering/${y}/subscriptions/${m.id}/quotas/consume`,{headers:{Authorization:`Bearer ${w}`},method:"POST",body:JSON.stringify({meters:r.meters})}).catch(S=>{p.log.error(`MeteringInboundPolicy '${n}' -error in serviceResponse`),i.error(`MeteringInboundPolicy '${n}' -error in serviceResponse`,S)})});let s=h_.ContextData.get(t,"subscription"),a=r.allowRequestsWithoutSubscription??!1;if(!s){if(a)return e;throw new f_.ConfigurationError("Subscription is not available for user")}if(s&&Object.keys(s.quotas).length===0)return m_.HttpProblems.forbidden(e,t,{detail:`Quota is not set up for subscription '${t.custom.subscription.id}'`});let u=Object.keys(r.meters).filter(l=>!Object.keys(s.quotas).includes(l));if(u.length>0)throw new f_.ConfigurationError(`The following policy meters are not present in the subscription: ${u.join(", ")}`);for(let l of Object.keys(s.quotas))if(s.quotas[l]<=0)return m_.HttpProblems.forbidden(e,t,{detail:`Quota exceeded for meter '${l}'`});return e},"MeteringInboundPolicy");mc.MeteringInboundPolicy=jx});var g_=g(yc=>{"use strict";Object.defineProperty(yc,"__esModule",{value:!0});yc.LoadSubscriptionInboundPolicy=void 0;var Vx=$s(),Gx=L(),Cp=se(),Bx=Le(),Kx=Y(),Jx=o(async(e,t,r,n)=>{let i=Bx.SystemLogMap.getLogger(t),s=r.allowRequestsWithoutSubscription??!1,a=e.user;if(!a)return s?e:Cp.HttpProblems.unauthorized(e,t,{detail:"Unable to check subscription for anonymous user"});let c=r.bucketId;if(!c)throw new Gx.ConfigurationError(`LoadSubscriptionInboundPolicy '${n}' - no bucketName property provided`);let{authApiJWT:u,meteringServiceUrl:l}=Kx.Environment.instance,{sub:d}=a,p,m;try{if(p=await fetch(`${l}/internal/v1/metering/${c}/subscriptions?customerRef=${d}&status=active`,{headers:{Authorization:`Bearer ${u}`},method:"GET"}),!p.ok)return t.log.error(await p.text()),Cp.HttpProblems.forbidden(e,t);m=await p.json()}catch(y){i.error(`LoadSubscriptionInboundPolicy '${n}' -error in serviceResponse`,y)}if((!m||!m.data||m.data.length===0)&&!s)return Cp.HttpProblems.unauthorized(e,t,{detail:"No valid, active subscription found"});if((!m||!m.data||m.data.length===0)&&s)return e;let h=m&&m.data?m.data[0]:void 0;return Vx.ContextData.set(t,"subscription",h),e},"LoadSubscriptionInboundPolicy");yc.LoadSubscriptionInboundPolicy=Jx});var b_=g(gc=>{"use strict";Object.defineProperty(gc,"__esModule",{value:!0});gc.ServiceProviderImpl=void 0;var zx=L(),Lp=class e{static{o(this,"ServiceProviderImpl")}static#e;services=new Map;constructor(){}static getInstance(){return e.#e||(e.#e=new e),e.#e}setInstance(t){e.#e=t}addService(t,r){if(this.services.get(t))throw new zx.SystemError(`A service with the name ${t} already exists -- you cannot have duplicate services`);this.services.set(t,r)}getService(t){return this.services.get(t)}};gc.ServiceProviderImpl=Lp});var O_=g(f=>{"use strict";var Wx=f&&f.__createBinding||(Object.create?function(e,t,r,n){n===void 0&&(n=r);var i=Object.getOwnPropertyDescriptor(t,r);(!i||("get"in i?!t.__esModule:i.writable||i.configurable))&&(i={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,n,i)}:function(e,t,r,n){n===void 0&&(n=r),e[n]=t[r]}),Dp=f&&f.__exportStar||function(e,t){for(var r in e)r!=="default"&&!Object.prototype.hasOwnProperty.call(t,r)&&Wx(t,e,r)},Qx=f&&f.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(f,"__esModule",{value:!0});f.RateLimitInboundPolicy=f.BasicRateLimitInboundPolicy=f.PropelAuthJwtInboundPolicy=f.OpenIdJwtInboundPolicy=f.OktaJwtInboundPolicy=f.setMoesifContext=f.MoesifInboundPolicy=f.MockApiInboundPolicy=f.JWTScopeValidationInboundPolicy=f.GeoFilterInboundPolicy=f.FormDataToJsonInboundPolicy=f.FirebaseJwtInboundPolicy=f.CurityPhantomTokenInboundPolicy=f.CreditsMeteringInboundPolicy=f.CompositeInboundPolicy=f.CognitoJwtInboundPolicy=f.ClerkJwtInboundPolicy=f.ClearHeadersOutboundPolicy=f.ClearHeadersInboundPolicy=f.ChangeMethodInboundPolicy=f.CachingInboundPolicy=f.BasicAuthInboundPolicy=f.Auth0JwtInboundPolicy=f.ApiKeyInboundPolicy=f.ApiAuthKeyInboundPolicy=f.AmberfloMeteringPolicy=f.AmberfloMeteringInboundPolicy=f.AuditLogPlugin=f.AuditLogDataStaxProvider=f.HttpStatusCode=f.webSocketPipelineHandler=f.webSocketHandler=f.urlRewriteHandler=f.urlForwardHandler=f.redirectHandler=f.openApiSpecHandler=f.awsLambdaHandler=f.AwsLambdaHandlerExtensions=f.purgeGatewayCache=f.Handler=f.originalFetch=f.ConfigurationError=f.isZuploReadableEnvVariableName=f.isRestrictedEnvVariableName=f.environment=f.ContextData=f.ResponseSentEvent=f.ResponseSendingEvent=f.ZoneCache=f.MemoryZoneReadThroughCache=void 0;f.sanitizedIdentifierName=f.getRawOperationDataIdentifierName=f.getIdForRequestBodySchema=f.getIdForRefSchema=f.getIdForParameterSchema=f.SystemLogMap=f.httpStatuses=f.SYSTEM_LOGGER=f.API_KEY=f.ServiceProviderImpl=f.serialize=f.ContentTypes=f.Router=f.LookupResult=f.SystemRouteName=f.ZuploRequest=f.ProblemResponseFormatter=f.HttpProblems=f.LoadSubscriptionInboundPolicy=f.MeteringInboundPolicy=f.ValidateJsonSchemaInbound=f.UpstreamGcpServiceAuthInboundPolicy=f.UpstreamGcpJwtInboundPolicy=f.UpstreamFirebaseUserAuthInboundPolicy=f.UpstreamFirebaseAdminAuthInboundPolicy=f.UpstreamAzureAdServiceAuthInboundPolicy=f.SupabaseJwtInboundPolicy=f.StripeWebhookInboundPolicy=f.SleepInboundPolicy=f.SetStatusOutboundPolicy=f.SetQueryParamsInboundPolicy=f.SetHeadersOutboundPolicy=f.SetHeadersInboundPolicy=f.SetBodyInboundPolicy=f.RequireOriginInboundPolicy=f.SchemaBasedRequestValidation=f.RequestValidationInboundPolicy=f.RequestSizeLimitInboundPolicy=f.ReplaceStringOutboundPolicy=f.RemoveQueryParamsInboundPolicy=f.RemoveHeadersOutboundPolicy=f.RemoveHeadersInboundPolicy=f.ReadmeMetricsInboundPolicy=void 0;yh();var Yx=Kt();Object.defineProperty(f,"MemoryZoneReadThroughCache",{enumerable:!0,get:function(){return Yx.MemoryZoneReadThroughCache}});var Zx=no();Object.defineProperty(f,"ZoneCache",{enumerable:!0,get:function(){return Zx.ZoneCache}});var __=Sr();Object.defineProperty(f,"ResponseSendingEvent",{enumerable:!0,get:function(){return __.ResponseSendingEvent}});Object.defineProperty(f,"ResponseSentEvent",{enumerable:!0,get:function(){return __.ResponseSentEvent}});var Xx=$s();Object.defineProperty(f,"ContextData",{enumerable:!0,get:function(){return Xx.ContextData}});var Up=Ed();Object.defineProperty(f,"environment",{enumerable:!0,get:function(){return Up.environment}});Object.defineProperty(f,"isRestrictedEnvVariableName",{enumerable:!0,get:function(){return Up.isRestrictedEnvVariableName}});Object.defineProperty(f,"isZuploReadableEnvVariableName",{enumerable:!0,get:function(){return Up.isZuploReadableEnvVariableName}});var eN=L();Object.defineProperty(f,"ConfigurationError",{enumerable:!0,get:function(){return eN.ConfigurationError}});var tN=vd();Object.defineProperty(f,"originalFetch",{enumerable:!0,get:function(){return tN.originalFetch}});var E_=Gy();Object.defineProperty(f,"Handler",{enumerable:!0,get:function(){return E_.Handler}});Object.defineProperty(f,"purgeGatewayCache",{enumerable:!0,get:function(){return E_.purgeGatewayCache}});var w_=ag();Object.defineProperty(f,"AwsLambdaHandlerExtensions",{enumerable:!0,get:function(){return w_.AwsLambdaHandlerExtensions}});Object.defineProperty(f,"awsLambdaHandler",{enumerable:!0,get:function(){return w_.awsLambdaHandler}});var rN=ug();Object.defineProperty(f,"openApiSpecHandler",{enumerable:!0,get:function(){return rN.openApiSpecHandler}});var nN=lg();Object.defineProperty(f,"redirectHandler",{enumerable:!0,get:function(){return nN.redirectHandler}});var iN=pg();Object.defineProperty(f,"urlForwardHandler",{enumerable:!0,get:function(){return iN.urlForwardHandler}});var oN=fg();Object.defineProperty(f,"urlRewriteHandler",{enumerable:!0,get:function(){return oN.urlRewriteHandler}});var sN=yg();Object.defineProperty(f,"webSocketHandler",{enumerable:!0,get:function(){return sN.webSocketHandler}});var aN=_g();Object.defineProperty(f,"webSocketPipelineHandler",{enumerable:!0,get:function(){return aN.webSocketPipelineHandler}});var cN=Lu();Object.defineProperty(f,"HttpStatusCode",{enumerable:!0,get:function(){return cN.HttpStatusCode}});Dp(Ag(),f);Dp(xg(),f);var uN=Ng();Object.defineProperty(f,"AuditLogDataStaxProvider",{enumerable:!0,get:function(){return uN.AuditLogDataStaxProvider}});var lN=Lg();Object.defineProperty(f,"AuditLogPlugin",{enumerable:!0,get:function(){return lN.AuditLogPlugin}});Dp(Fg(),f);var v_=Gg();Object.defineProperty(f,"AmberfloMeteringInboundPolicy",{enumerable:!0,get:function(){return v_.AmberfloMeteringInboundPolicy}});Object.defineProperty(f,"AmberfloMeteringPolicy",{enumerable:!0,get:function(){return v_.AmberfloMeteringPolicy}});var dN=zg();Object.defineProperty(f,"ApiAuthKeyInboundPolicy",{enumerable:!0,get:function(){return dN.ApiAuthKeyInboundPolicy}});var pN=dp();Object.defineProperty(f,"ApiKeyInboundPolicy",{enumerable:!0,get:function(){return pN.ApiKeyInboundPolicy}});var hN=Wg();Object.defineProperty(f,"Auth0JwtInboundPolicy",{enumerable:!0,get:function(){return hN.Auth0JwtInboundPolicy}});var fN=Qg();Object.defineProperty(f,"BasicAuthInboundPolicy",{enumerable:!0,get:function(){return fN.BasicAuthInboundPolicy}});var mN=Yg();Object.defineProperty(f,"CachingInboundPolicy",{enumerable:!0,get:function(){return mN.CachingInboundPolicy}});var yN=Zg();Object.defineProperty(f,"ChangeMethodInboundPolicy",{enumerable:!0,get:function(){return yN.ChangeMethodInboundPolicy}});var gN=Xg();Object.defineProperty(f,"ClearHeadersInboundPolicy",{enumerable:!0,get:function(){return gN.ClearHeadersInboundPolicy}});var bN=eb();Object.defineProperty(f,"ClearHeadersOutboundPolicy",{enumerable:!0,get:function(){return bN.ClearHeadersOutboundPolicy}});var _N=tb();Object.defineProperty(f,"ClerkJwtInboundPolicy",{enumerable:!0,get:function(){return _N.ClerkJwtInboundPolicy}});var EN=nb();Object.defineProperty(f,"CognitoJwtInboundPolicy",{enumerable:!0,get:function(){return EN.CognitoJwtInboundPolicy}});var wN=ob();Object.defineProperty(f,"CompositeInboundPolicy",{enumerable:!0,get:function(){return wN.CompositeInboundPolicy}});var vN=ab();Object.defineProperty(f,"CreditsMeteringInboundPolicy",{enumerable:!0,get:function(){return vN.CreditsMeteringInboundPolicy}});var TN=cb();Object.defineProperty(f,"CurityPhantomTokenInboundPolicy",{enumerable:!0,get:function(){return TN.CurityPhantomTokenInboundPolicy}});var SN=ub();Object.defineProperty(f,"FirebaseJwtInboundPolicy",{enumerable:!0,get:function(){return SN.FirebaseJwtInboundPolicy}});var IN=lb();Object.defineProperty(f,"FormDataToJsonInboundPolicy",{enumerable:!0,get:function(){return IN.FormDataToJsonInboundPolicy}});var PN=db();Object.defineProperty(f,"GeoFilterInboundPolicy",{enumerable:!0,get:function(){return PN.GeoFilterInboundPolicy}});var AN=pb();Object.defineProperty(f,"JWTScopeValidationInboundPolicy",{enumerable:!0,get:function(){return AN.JWTScopeValidationInboundPolicy}});var RN=fb();Object.defineProperty(f,"MockApiInboundPolicy",{enumerable:!0,get:function(){return RN.MockApiInboundPolicy}});var T_=_b();Object.defineProperty(f,"MoesifInboundPolicy",{enumerable:!0,get:function(){return T_.MoesifInboundPolicy}});Object.defineProperty(f,"setMoesifContext",{enumerable:!0,get:function(){return T_.setMoesifContext}});var ON=Eb();Object.defineProperty(f,"OktaJwtInboundPolicy",{enumerable:!0,get:function(){return ON.OktaJwtInboundPolicy}});var xN=$t();Object.defineProperty(f,"OpenIdJwtInboundPolicy",{enumerable:!0,get:function(){return xN.OpenIdJwtInboundPolicy}});var NN=wb();Object.defineProperty(f,"PropelAuthJwtInboundPolicy",{enumerable:!0,get:function(){return NN.PropelAuthJwtInboundPolicy}});var S_=Rb();Object.defineProperty(f,"BasicRateLimitInboundPolicy",{enumerable:!0,get:function(){return S_.RateLimitInboundPolicy}});Object.defineProperty(f,"RateLimitInboundPolicy",{enumerable:!0,get:function(){return S_.RateLimitInboundPolicy}});var CN=Cb();Object.defineProperty(f,"ReadmeMetricsInboundPolicy",{enumerable:!0,get:function(){return CN.ReadmeMetricsInboundPolicy}});var LN=Lb();Object.defineProperty(f,"RemoveHeadersInboundPolicy",{enumerable:!0,get:function(){return LN.RemoveHeadersInboundPolicy}});var DN=Db();Object.defineProperty(f,"RemoveHeadersOutboundPolicy",{enumerable:!0,get:function(){return DN.RemoveHeadersOutboundPolicy}});var UN=Ub();Object.defineProperty(f,"RemoveQueryParamsInboundPolicy",{enumerable:!0,get:function(){return UN.RemoveQueryParamsInboundPolicy}});var MN=Mb();Object.defineProperty(f,"ReplaceStringOutboundPolicy",{enumerable:!0,get:function(){return MN.ReplaceStringOutboundPolicy}});var kN=Hb();Object.defineProperty(f,"RequestSizeLimitInboundPolicy",{enumerable:!0,get:function(){return kN.RequestSizeLimitInboundPolicy}});var I_=Vb();Object.defineProperty(f,"RequestValidationInboundPolicy",{enumerable:!0,get:function(){return I_.RequestValidationInboundPolicy}});Object.defineProperty(f,"SchemaBasedRequestValidation",{enumerable:!0,get:function(){return I_.SchemaBasedRequestValidation}});var HN=Gb();Object.defineProperty(f,"RequireOriginInboundPolicy",{enumerable:!0,get:function(){return HN.RequireOriginInboundPolicy}});var FN=Bb();Object.defineProperty(f,"SetBodyInboundPolicy",{enumerable:!0,get:function(){return FN.SetBodyInboundPolicy}});var qN=Jb();Object.defineProperty(f,"SetHeadersInboundPolicy",{enumerable:!0,get:function(){return qN.SetHeadersInboundPolicy}});var $N=Wb();Object.defineProperty(f,"SetHeadersOutboundPolicy",{enumerable:!0,get:function(){return $N.SetHeadersOutboundPolicy}});var jN=Yb();Object.defineProperty(f,"SetQueryParamsInboundPolicy",{enumerable:!0,get:function(){return jN.SetQueryParamsInboundPolicy}});var VN=Zb();Object.defineProperty(f,"SetStatusOutboundPolicy",{enumerable:!0,get:function(){return VN.SetStatusOutboundPolicy}});var GN=Xb();Object.defineProperty(f,"SleepInboundPolicy",{enumerable:!0,get:function(){return GN.SleepInboundPolicy}});var BN=np();Object.defineProperty(f,"StripeWebhookInboundPolicy",{enumerable:!0,get:function(){return BN.StripeWebhookInboundPolicy}});var KN=t_();Object.defineProperty(f,"SupabaseJwtInboundPolicy",{enumerable:!0,get:function(){return KN.SupabaseJwtInboundPolicy}});var JN=n_();Object.defineProperty(f,"UpstreamAzureAdServiceAuthInboundPolicy",{enumerable:!0,get:function(){return JN.UpstreamAzureAdServiceAuthInboundPolicy}});var zN=o_();Object.defineProperty(f,"UpstreamFirebaseAdminAuthInboundPolicy",{enumerable:!0,get:function(){return zN.UpstreamFirebaseAdminAuthInboundPolicy}});var WN=s_();Object.defineProperty(f,"UpstreamFirebaseUserAuthInboundPolicy",{enumerable:!0,get:function(){return WN.UpstreamFirebaseUserAuthInboundPolicy}});var QN=c_();Object.defineProperty(f,"UpstreamGcpJwtInboundPolicy",{enumerable:!0,get:function(){return QN.UpstreamGcpJwtInboundPolicy}});var YN=l_();Object.defineProperty(f,"UpstreamGcpServiceAuthInboundPolicy",{enumerable:!0,get:function(){return YN.UpstreamGcpServiceAuthInboundPolicy}});var ZN=p_();Object.defineProperty(f,"ValidateJsonSchemaInbound",{enumerable:!0,get:function(){return ZN.ValidateJsonSchemaInbound}});var XN=y_();Object.defineProperty(f,"MeteringInboundPolicy",{enumerable:!0,get:function(){return XN.MeteringInboundPolicy}});var eC=g_();Object.defineProperty(f,"LoadSubscriptionInboundPolicy",{enumerable:!0,get:function(){return eC.LoadSubscriptionInboundPolicy}});var tC=se();Object.defineProperty(f,"HttpProblems",{enumerable:!0,get:function(){return tC.HttpProblems}});var rC=ho();Object.defineProperty(f,"ProblemResponseFormatter",{enumerable:!0,get:function(){return rC.ProblemResponseFormatter}});var nC=He();Object.defineProperty(f,"ZuploRequest",{enumerable:!0,get:function(){return nC.ZuploRequest}});var iC=Pr();Object.defineProperty(f,"SystemRouteName",{enumerable:!0,get:function(){return iC.SystemRouteName}});var P_=pd();Object.defineProperty(f,"LookupResult",{enumerable:!0,get:function(){return P_.LookupResult}});Object.defineProperty(f,"Router",{enumerable:!0,get:function(){return P_.Router}});var A_=Su();Object.defineProperty(f,"ContentTypes",{enumerable:!0,get:function(){return A_.ContentTypes}});Object.defineProperty(f,"serialize",{enumerable:!0,get:function(){return A_.serialize}});var oC=b_();Object.defineProperty(f,"ServiceProviderImpl",{enumerable:!0,get:function(){return oC.ServiceProviderImpl}});var R_=Ku();Object.defineProperty(f,"API_KEY",{enumerable:!0,get:function(){return R_.API_KEY}});Object.defineProperty(f,"SYSTEM_LOGGER",{enumerable:!0,get:function(){return R_.SYSTEM_LOGGER}});var sC=Uu();Object.defineProperty(f,"httpStatuses",{enumerable:!0,get:function(){return Qx(sC).default}});var aC=Le();Object.defineProperty(f,"SystemLogMap",{enumerable:!0,get:function(){return aC.SystemLogMap}});var Ui=Wa();Object.defineProperty(f,"getIdForParameterSchema",{enumerable:!0,get:function(){return Ui.getIdForParameterSchema}});Object.defineProperty(f,"getIdForRefSchema",{enumerable:!0,get:function(){return Ui.getIdForRefSchema}});Object.defineProperty(f,"getIdForRequestBodySchema",{enumerable:!0,get:function(){return Ui.getIdForRequestBodySchema}});Object.defineProperty(f,"getRawOperationDataIdentifierName",{enumerable:!0,get:function(){return Ui.getRawOperationDataIdentifierName}});Object.defineProperty(f,"sanitizedIdentifierName",{enumerable:!0,get:function(){return Ui.sanitizedIdentifierName}})});var x_=g(Hn=>{"use strict";Object.defineProperty(Hn,"__esModule",{value:!0});Hn.BaseCryptoBeta=Hn.supportedDigests=void 0;Hn.supportedDigests=["sha-1","sha-256","sha-384","sha-512"];var Mp=class{static{o(this,"BaseCryptoBeta")}};Hn.BaseCryptoBeta=Mp});var N_=g(bc=>{"use strict";Object.defineProperty(bc,"__esModule",{value:!0});bc.WorkerCryptoBeta=void 0;var kp=x_(),cC=L(),Hp=class extends kp.BaseCryptoBeta{static{o(this,"WorkerCryptoBeta")}async digest(t,r){if(!kp.supportedDigests.includes(t.toLowerCase()))throw new cC.RuntimeError(`Algorithm ${t} is not supported. Try using ${kp.supportedDigests.join(", ")}`);let n=new TextEncoder().encode(r),i=await crypto.subtle.digest(t,n);return Array.from(new Uint8Array(i)).map(c=>c.toString(16).padStart(2,"0")).join("")}};bc.WorkerCryptoBeta=Hp});var C_=g(_c=>{"use strict";Object.defineProperty(_c,"__esModule",{value:!0});_c.BaseKeyValueStore=void 0;var Fp=class{static{o(this,"BaseKeyValueStore")}context;constructor(t){this.context=t}};_c.BaseKeyValueStore=Fp});var D_=g(Ec=>{"use strict";Object.defineProperty(Ec,"__esModule",{value:!0});Ec.WorkerKeyValueStore=void 0;var L_=L(),uC=C_(),qp=class extends uC.BaseKeyValueStore{static{o(this,"WorkerKeyValueStore")}#e;constructor(t){super(t);let n=globalThis.ZUPLO_KV;if(!n)throw new L_.FeatureNotEnabledError("The Key Value Store feature is not enabled for this project.");this.#e=n}put(t,r,n){if(typeof t!="string")throw new L_.ConfigurationError("value must be of type string");return this.#e.put(t,r,n?{expirationTtl:n.expirationSecondsTtl}:void 0)}get(t,r){return this.#e.get(t,{type:"text",cacheTtl:r?.cacheSecondsTtl})}delete(t){return this.#e.delete(t)}};Ec.WorkerKeyValueStore=qp});var Ct=g(lt=>{"use strict";var lC=lt&&lt.__createBinding||(Object.create?function(e,t,r,n){n===void 0&&(n=r);var i=Object.getOwnPropertyDescriptor(t,r);(!i||("get"in i?!t.__esModule:i.writable||i.configurable))&&(i={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,n,i)}:function(e,t,r,n){n===void 0&&(n=r),e[n]=t[r]}),dC=lt&&lt.__exportStar||function(e,t){for(var r in e)r!=="default"&&!Object.prototype.hasOwnProperty.call(t,r)&&lC(t,e,r)};Object.defineProperty(lt,"__esModule",{value:!0});lt.KeyValueStore=lt.CryptoBeta=void 0;dC(O_(),lt);var pC=N_();Object.defineProperty(lt,"CryptoBeta",{enumerable:!0,get:function(){return pC.WorkerCryptoBeta}});var hC=D_();Object.defineProperty(lt,"KeyValueStore",{enumerable:!0,get:function(){return hC.WorkerKeyValueStore}})});var EL={};Yi(EL,{GraphQLComplexityLimitInboundPolicy:()=>pE,GraphQLDisableIntrospectionInboundPolicy:()=>fE});module.exports=Zi(EL);var Qn=ph(Ct());function B(e,t){if(!!!e)throw new Error(t)}o(B,"devAssert");function Ee(e){return typeof e=="object"&&e!==null}o(Ee,"isObjectLike");function Pt(e,t){if(!!!e)throw new Error(t??"Unexpected invariant triggered.")}o(Pt,"invariant");var fC=/\r\n|[\n\r]/g;function Fn(e,t){let r=0,n=1;for(let i of e.body.matchAll(fC)){if(typeof i.index=="number"||Pt(!1),i.index>=t)break;r=i.index+i[0].length,n+=1}return{line:n,column:t+1-r}}o(Fn,"getLocation");function $p(e){return wc(e.source,Fn(e.source,e.start))}o($p,"printLocation");function wc(e,t){let r=e.locationOffset.column-1,n="".padStart(r)+e.body,i=t.line-1,s=e.locationOffset.line-1,a=t.line+s,c=t.line===1?r:0,u=t.column+c,l=`${e.name}:${a}:${u}
74
+ `+d});let p=Math.floor((typeof c=="number"?c:Date.now())/1e3)-r.timestamp;if(i>0&&p>i)throw new Ur.StripeSignatureVerificationError(t,e,{message:"Timestamp outside the tolerance zone"});return!0}o(QA,"validateComputedSignature");function YA(e,t){return typeof e!="string"?null:e.split(",").reduce((r,n)=>{let i=n.split("=");return i[0]==="t"&&(r.timestamp=parseInt(i[1],10)),i[0]===t&&r.signatures.push(i[1]),r},{timestamp:-1,signatures:[]})}o(YA,"parseHeader");function ZA(e,t){if(e.length!==t.length)return!1;let r=e.length,n=0;for(let i=0;i<r;++i)n|=e.charCodeAt(i)^t.charCodeAt(i);return n===0}o(ZA,"secureCompare");async function Ug(e,t){let r=new TextEncoder,n=await crypto.subtle.importKey("raw",r.encode(t),{name:"HMAC",hash:{name:"SHA-256"}},!1,["sign"]),i=await crypto.subtle.sign("hmac",n,r.encode(e)),s=new Uint8Array(i),a=new Array(s.length);for(let c=0;c<s.length;c++)a[c]=rp[s[c]];return a.join("")}o(Ug,"computeHMACSignatureAsync");On.computeHMACSignatureAsync=Ug;var rp=new Array(256);for(let e=0;e<rp.length;e++)rp[e]=e.toString(16).padStart(2,"0")});var Ft=g(ua=>{"use strict";Object.defineProperty(ua,"__esModule",{value:!0});ua.optionValidator=void 0;var Ii=D();function XA(e,t){let r=o((s,a,c)=>{let u=e[s];if(!(c&&u===void 0)){if(u===void 0)throw new Ii.ConfigurationError(`Value of '${String(s)}' on policy '${t}' is required, but no value was set. If using an environment variable, check that it is set correctly.`);if(a==="array"&&Array.isArray(u))throw new Ii.ConfigurationError(`Value of '${String(s)}' on policy '${t}' must be an array. Received type ${typeof u}.`);if(typeof u!==a)throw new Ii.ConfigurationError(`Value of '${String(s)}' on policy '${t}' must be of type ${a}. Received type ${typeof u}.`);if(typeof u=="string"&&u.length===0)throw new Ii.ConfigurationError(`Value of '${String(s)}' on policy '${t}' must be a non-empty string. The value received is empty. If using an environment variable, check that it is set correctly.`);if(typeof u=="number"&&isNaN(u))throw new Ii.ConfigurationError(`Value of '${String(s)}' on policy '${t}' must be valid number. If using an environment variable, check that it is set correctly.`)}},"validate"),n=o((s,a)=>(r(s,a,!0),{optional:n,required:i}),"optional"),i=o((s,a)=>(r(s,a,!1),{optional:n,required:i}),"required");return{optional:n,required:i}}o(XA,"optionValidator");ua.optionValidator=XA});var np=g(la=>{"use strict";Object.defineProperty(la,"__esModule",{value:!0});la.StripeWebhookInboundPolicy=void 0;var eR=se(),tR=Mg(),rR=Ft(),nR=o(async(e,t,r,n)=>{(0,rR.optionValidator)(r,n).required("signingSecret","string").optional("tolerance","number");let i=e.headers.get("stripe-signature");try{let s=await e.clone().text();await(0,tR.constructEventAsync)(s,i,r.signingSecret)}catch(s){return t.log.error("Error validating stripe webhook",s),eR.HttpProblems.badRequest(e,t,{title:"Webhook Error",detail:s.message})}return e},"StripeWebhookInboundPolicy");la.StripeWebhookInboundPolicy=nR});var kg=g(da=>{"use strict";Object.defineProperty(da,"__esModule",{value:!0});da.MeteringPlugin=void 0;var iR=yt(),ip=class extends iR.SystemRuntimePlugin{static{o(this,"MeteringPlugin")}};da.MeteringPlugin=ip});var Fg=g(pa=>{"use strict";Object.defineProperty(pa,"__esModule",{value:!0});pa.StripeMeteringPlugin=void 0;var oR=D(),sR=Nt(),aR=np(),Mr=se(),cR=Qt(),uR=zr(),lR=Cu(),dR=ot(),pR=Y(),Hg=Lt(),hR=kg(),fR=["customer.subscription.created","customer.subscription.deleted","customer.subscription.paused","customer.subscription.resumed","customer.subscription.updated"],op=class extends hR.MeteringPlugin{static{o(this,"StripeMeteringPlugin")}options;constructor(t){super(),this.options=t}registerRoutes(t,r){let n=o(async(c,u)=>{if(this.options.testMode)return"success";let{bucketId:l}=this.options;if(!l)throw new oR.ConfigurationError("StripeMeteringPlugin - No bucketName property provided");let{authApiJWT:d,meteringServiceUrl:p}=pR.Environment.instance,m=await c.json();try{mR(m)}catch{return Mr.HttpProblems.badRequest(c,u,{detail:"The received body was not in the expected format."})}if(!fR.includes(m.type))return Mr.HttpProblems.ok(c,u,{detail:"Event was ignored by Stripe metering plugin webhook."});let h=m.data?.object?.id;if(!h)return Mr.HttpProblems.badRequest(c,u,{detail:"Invalid Stripe Webhook event. Expected '.data.object.id' to be the subscription ID."});let y=m.data?.object?.items?.data.find(L=>L.object==="subscription_item");if(!y||!y.id)return Mr.HttpProblems.badRequest(c,u,{detail:"Invalid Stripe Webhook event. Expected '.data.object.items.data[]' to contain a subscription_item."});let w=y.plan;if(!w||!w.product)return Mr.HttpProblems.badRequest(c,u,{detail:"Invalid Stripe Webhook event. Expected '.data.object.items.data[].plan'."});let T={status:"active",type:"periodic",renewalStrategy:"monthly",customerKey:"luis-tester",productKey:"routes.oas.json",planProviderKey:w.product,subscriptionProviderKey:h,region:this.options.bucketRegion??"us-central1"},S=await fetch(`${p}/internal/v1/metering/${l}/subscriptions`,{headers:{Authorization:`Bearer ${d}`,"Content-Type":"application/json"},method:"POST",body:JSON.stringify(T)});if(S.status!==200){let L="Unknown error creating subscription",F;try{F=await S.json(),L=F.detail??F.title??L}catch{}return u.log.error(L,F),Mr.HttpProblems.internalServerError(c,u,{detail:L})}return Mr.HttpProblems.ok(c,u)},"stripeWebhookHandler"),i=(0,uR.createInternalPolicyProcessor)({inboundPolicies:[{handler:aR.StripeWebhookInboundPolicy,options:{signingSecret:this.options.webhooks.signingSecret,tolerance:this.options.webhooks.tolerance}}]}),s=new sR.Pipeline({processors:[cR.metricsProcessor,i],handler:n,gateway:r}),a=new dR.SystemRouteConfiguration({label:"PLUGIN_STRIPE_WEBHOOK_ROUTE",methods:["POST"],path:this.options.webhooks.routePath??"/__zuplo/stripe-webhooks",systemRouteName:lR.SystemRouteName.StripePlugin});t.addRoute(a,s.execute)}};pa.StripeMeteringPlugin=op;function mR(e){if(!(e!==null&&typeof e=="object"&&"id"in e&&(0,Hg.isString)(e.id)&&"type"in e&&(0,Hg.isString)(e.type)))throw new Error("Object is not a stripe webhook event")}o(mR,"assertsStripeWebhookEvent")});var Gg=g(xn=>{"use strict";Object.defineProperty(xn,"__esModule",{value:!0});xn.AmberfloMeteringInboundPolicy=xn.AmberfloMeteringPolicy=void 0;var qg=D(),yR=ve(),$g=ri(),Vg=new WeakMap,jg={},sp=class{static{o(this,"AmberfloMeteringPolicy")}static setRequestProperties(t,r){Vg.set(t,r)}};xn.AmberfloMeteringPolicy=sp;async function gR(e,t,r,n){if(!r.statusCodes)throw new qg.ConfigurationError(`Invalid AmberfloMeterInboundPolicy '${n}': options.statusCodes must be an array of HTTP status code numbers`);let i=Array.isArray(r.statusCodes)?r.statusCodes:(0,$g.statusCodesStringToNumberArray)(r.statusCodes);return t.addResponseSendingFinalHook(async s=>{if(i.includes(s.status)){let a=Vg.get(t),c=r.customerId;if(r.customerIdPropertyPath){if(!e.user)throw new qg.RuntimeError(`Unable to apply customerIdPropertyPath '${r.customerIdPropertyPath}' as request.user is 'undefined'.`);c=(0,$g.getValueFromRequestUser)(e.user,r.customerIdPropertyPath,"customerIdPropertyPath")}let u=a?.customerId??c;if(!u){t.log.error(`Error in AmberfloMeterInboundPolicy '${n}': customerId cannot be undefined`);return}let l=a?.meterApiName??r.meterApiName;if(!l){t.log.error(`Error in AmberfloMeterInboundPolicy '${n}': meterApiName cannot be undefined`);return}let d=a?.meterValue??r.meterValue;if(!d){t.log.error(`Error in AmberfloMeterInboundPolicy '${n}': meterValue cannot be undefined`);return}let p={customerId:u,meterApiName:l,meterValue:d,meterTimeInMillis:Date.now(),dimensions:Object.apply(r.dimensions??{},a?.dimensions)},m=jg[r.apiKey];if(!m){let h=r.apiKey,y=e.headers.get("zm-test-id")??"";m=new yR.BatchDispatch("amberflo-ingest-meter",10,async w=>{try{let T=r.url??"https://app.amberflo.io/ingest",S=await fetch(T,{method:"POST",body:JSON.stringify(w),headers:{"content-type":"application/json","x-api-key":h,"zm-test-id":y}});S.ok||t.log.error(`Unexpected response in AmberfloMeteringInboundPolicy '${n}'. ${S.status}: ${await S.text()}`)}catch(T){throw t.log.error(`Error in AmberfloMeteringInboundPolicy '${n}': ${T.message}`),T}}),jg[h]=m}m.enqueue(p),t.waitUntil(m.waitUntilFlushed())}}),e}o(gR,"AmberfloMeteringInboundPolicy");xn.AmberfloMeteringInboundPolicy=gR});var ap=g(ha=>{"use strict";Object.defineProperty(ha,"__esModule",{value:!0});ha.sha256=void 0;async function bR(e){let t=new TextEncoder().encode(e),r=await crypto.subtle.digest({name:"SHA-256"},t);return[...new Uint8Array(r)].map(i=>i.toString(16).padStart(2,"0")).join("")}o(bR,"sha256");ha.sha256=bR});var qt=g(fa=>{"use strict";Object.defineProperty(fa,"__esModule",{value:!0});fa.getPolicyCacheName=void 0;var _R=ap(),Bg=new Map;async function ER(e,t){let r,n=Bg.get(e);return n!==void 0?r=n:(r=`zuplo-policy-${await(0,_R.sha256)(JSON.stringify({policyName:e,options:t}))}`,Bg.set(e,r)),r}o(ER,"getPolicyCacheName");fa.getPolicyCacheName=ER});var dp=g(ma=>{"use strict";Object.defineProperty(ma,"__esModule",{value:!0});ma.ApiKeyInboundPolicy=void 0;var wR=qt(),vR=Kt(),Kg=Ed(),cp=D(),TR=Ct(),up=Le(),lp=Y(),SR=Ts(),Jg="key-metadata-cache-type";function IR(e,t){return t.authScheme===""?e:e.replace(`${t.authScheme} `,"")}o(IR,"getKeyValue");async function PR(e,t,r,n){if(!r.bucketName)if(Kg.environment.ZUPLO_API_KEY_SERVICE_BUCKET_NAME)r.bucketName=Kg.environment.ZUPLO_API_KEY_SERVICE_BUCKET_NAME;else throw new cp.ConfigurationError(`ApiKeyInboundPolicy '${n}' - no bucketName property provided`);let i={authHeader:r.authHeader??"authorization",authScheme:r.authScheme??"Bearer",bucketName:r.bucketName,cacheTtlSeconds:r.cacheTtlSeconds??60,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests??!1,disableAutomaticallyAddingKeyHeaderToOpenApi:r.disableAutomaticallyAddingKeyHeaderToOpenApi??!1};if(i.cacheTtlSeconds<60)throw new cp.ConfigurationError(`ApiKeyInboundPolicy '${n}' - minimum cacheTtlSeconds value is 60s, '${i.cacheTtlSeconds}' is invalid`);let s=o(T=>i.allowUnauthenticatedRequests?e:TR.HttpProblems.unauthorized(e,t,{detail:T}),"unauthorizedResponse"),a=e.headers.get(i.authHeader);if(!a)return s("No Authorization Header");if(!a.toLowerCase().startsWith(i.authScheme.toLowerCase()))return s("Invalid Authorization Scheme");let c=IR(a,i);if(!c||c==="")return s("No key present");let u=await AR(c),l=await(0,wR.getPolicyCacheName)(n,i),d=new vR.MemoryZoneReadThroughCache(l,{logger:up.SystemLogMap.getLogger(t)}),p=await d.get(u);if(p&&p.isValid===!0)return e.user=p.user,e;if(p&&!p.isValid)return p.typeId!==Jg&&up.SystemLogMap.getLogger(t).error(`ApiKeyInboundPolicy '${n}' - cached metadata has invalid typeId '${p.typeId}'`,p),s("Authorization Failed");let m={key:c},h=await(0,SR.fetchRetry)({retryDelayMs:5,retries:2,logger:up.SystemLogMap.getLogger(t)},`${lp.Environment.instance.apiKeyServiceUrl}/v1/$validate/${i.bucketName}`,{method:"POST",headers:{"content-type":"application/json","zp-rid":t.requestId,"zp-dn":lp.Environment.instance.deploymentName??"unknown","User-Agent":lp.Environment.instance.systemUserAgent},body:JSON.stringify(m)});if(h.status===401)return t.log.info(`ApiKeyInboundPolicy '${n}' - 401 response from Key Service`),s("Authorization Failed");if(h.status!==200){try{let T=await h.text(),S=JSON.parse(T);t.log.error("Unexpected response from key service",S)}catch{t.log.error("Invalid response from key service")}throw new cp.RuntimeError(`ApiKeyInboundPolicy '${n}' - unexpected response from Key Service. Status: ${h.status}`)}let y=await h.json(),w={isValid:!0,typeId:Jg,user:{sub:y.name,data:y.metadata}};return e.user=w.user,d.put(u,w,i.cacheTtlSeconds),e}o(PR,"ApiKeyInboundPolicy");ma.ApiKeyInboundPolicy=PR;async function AR(e){let t=new TextEncoder().encode(e),r=await crypto.subtle.digest("SHA-256",t);return Array.from(new Uint8Array(r)).map(s=>s.toString(16).padStart(2,"0")).join("")}o(AR,"hashValue")});var zg=g(ya=>{"use strict";Object.defineProperty(ya,"__esModule",{value:!0});ya.ApiAuthKeyInboundPolicy=void 0;var RR=dp();ya.ApiAuthKeyInboundPolicy=RR.ApiKeyInboundPolicy});var $t=g(ga=>{"use strict";Object.defineProperty(ga,"__esModule",{value:!0});ga.OpenIdJwtInboundPolicy=void 0;var hp=(ws(),Zi(Es)),fp=D(),OR=se(),pp={},xR=o(async(e,t)=>{if(!t.jwkUrl||typeof t.jwkUrl!="string")throw new fp.ConfigurationError("Invalid State - jwkUrl not set");pp[t.jwkUrl]||(pp[t.jwkUrl]=(0,hp.createRemoteJWKSet)(new URL(t.jwkUrl),t.headers?{headers:t.headers}:void 0));let{payload:r}=await(0,hp.jwtVerify)(e,pp[t.jwkUrl],{issuer:t.issuer,audience:t.audience});return r},"jwkVerifier"),NR=o(async(e,t)=>{let r;if(t.secret===void 0)throw new Error("secretVerifier requires secret to be defined");if(typeof t.secret=="string"){let s=new TextEncoder().encode(t.secret);r=new Uint8Array(s)}else r=t.secret;let{payload:n}=await(0,hp.jwtVerify)(e,r,{issuer:t.issuer,audience:t.audience});return n},"secretVerifier"),CR=o(async(e,t,r,n)=>{let i=e.headers.get("Authorization"),s="bearer ",a=o(m=>OR.HttpProblems.unauthorized(e,t,{detail:m}),"unauthorizedResponse");if(!r.jwkUrl&&!r.secret)throw new fp.ConfigurationError(`OpenIdJwtInboundPolicy policy '${n}': One of 'jwkUrl' or 'secret' options are required.`);if(r.jwkUrl&&r.secret)throw new fp.ConfigurationError(`OpenIdJwtInboundPolicy policy '${n}': Only one of 'jwkUrl' and 'secret' options should be provided.`);let c=r.jwkUrl?xR:NR,l=await o(async()=>{if(!i)return a("No authorization header");if(i.toLowerCase().indexOf(s)!==0)return a("Invalid bearer token format for authorization header");let m=i.substring(s.length);if(!m||m.length===0)return a("No bearer token on authorization header");try{return await c(m,r)}catch(h){let y=new URL(e.url);return"code"in h&&h.code==="ERR_JWT_EXPIRED"?t.log.warn(`Expired token used on url: ${y.pathname} `,h):t.log.warn(`Invalid token on: ${e.method} ${y.pathname}`,h),a("Invalid token")}},"getJwtOrRejectedResponse")();if(l instanceof Response)return r.allowUnauthenticatedRequests===!0?e:l;let d=r.subPropertyName??"sub",p=l[d];return p?(e.user={sub:p,data:l},e):a(`Token is not valid, no '${d}' property found.`)},"OpenIdJwtInboundPolicy");ga.OpenIdJwtInboundPolicy=CR});var Wg=g(ba=>{"use strict";Object.defineProperty(ba,"__esModule",{value:!0});ba.Auth0JwtInboundPolicy=void 0;var LR=$t(),DR=o(async(e,t,r,n)=>(0,LR.OpenIdJwtInboundPolicy)(e,t,{issuer:`https://${r.auth0Domain}/`,audience:r.audience,jwkUrl:`https://${r.auth0Domain}/.well-known/jwks.json`,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests},n),"Auth0JwtInboundPolicy");ba.Auth0JwtInboundPolicy=DR});var Qg=g(_a=>{"use strict";Object.defineProperty(_a,"__esModule",{value:!0});_a.BasicAuthInboundPolicy=void 0;var UR=se(),MR=o(async(e,t,r)=>{let n=e.headers.get("Authorization"),i="basic ",s=o(l=>UR.HttpProblems.unauthorized(e,t,{detail:l}),"unauthorizedResponse"),c=await o(async()=>{if(!n)return await s("No Authorization header");if(n.toLowerCase().indexOf(i)!==0)return await s("Invalid Basic token format for Authorization header");let l=n.substring(i.length);if(!l||l.length===0)return await s("No username:password provided");let d=atob(l).normalize(),p=d.indexOf(":");if(p===-1||/[\0-\x1F\x7F]/.test(d))return await s("Invalid basic token value - see https://tools.ietf.org/html/rfc5234#appendix-B.1");let m=d.substring(0,p),h=d.substring(p+1),y=r.accounts.find(w=>w.username===m&&w.password===h);return y||await s("Invalid username or password")},"getAccountOrRejectedResponse")();if(c instanceof Response)return r.allowUnauthenticatedRequests?e:c;let u=c.username;return e.user={sub:u,data:c.data},e},"BasicAuthInboundPolicy");_a.BasicAuthInboundPolicy=MR});var Yg=g(Ea=>{"use strict";Object.defineProperty(Ea,"__esModule",{value:!0});Ea.CachingInboundPolicy=void 0;var kR=qt(),HR=["cdn-cache-control","cloudflare-cdn-cache-control","surrogate-control","cache-tag","expires"];async function FR(e){let t=new TextEncoder().encode(e),r=await crypto.subtle.digest("SHA-256",t);return Array.from(new Uint8Array(r)).map(s=>s.toString(16).padStart(2,"0")).join("")}o(FR,"digestMessage");var qR=o(async(e,t)=>{let r=[...t.dangerouslyIgnoreAuthorizationHeader===!0?[]:["authorization"],...t.headers??[]],n=[];for(let[d,p]of e.headers.entries())r.includes(d)&&n.push({key:d.toLowerCase(),value:p});n.sort((d,p)=>d.key.localeCompare(p.key));let i=await FR(JSON.stringify(n)),s=new URL(e.url),a=new URLSearchParams(s.searchParams);a.set("_z-hdr-dgst",i);let c=t.cacheHttpMethods?.includes(e.method.toUpperCase())&&e.method.toUpperCase()!=="GET";c&&a.set("_z-original-method",e.method);let u=`${s.origin}${s.pathname}?${a}`;return new Request(u,{method:c?"GET":e.method})},"createCacheKeyRequest");async function $R(e,t,r,n){let i=await(0,kR.getPolicyCacheName)(n,r),s=await caches.open(i),a=r?.cacheHttpMethods?.map(l=>l.toUpperCase())??["GET"],c=await qR(e,r),u=await s.match(c);return u||(t.addEventListener("responseSent",l=>{try{let d=r.statusCodes??[200,206,301,302,303,404,410],p=l.response.clone();if(!d.includes(p.status)||!a.includes(e.method.toUpperCase()))return;let m=r?.expirationSecondsTtl??60,h=new Response(p.body,p);HR.forEach(y=>h.headers.delete(y)),h.headers.set("cache-control",`s-maxage=${m}`),t.waitUntil(s.put(c,h))}catch(d){t.log.error(`Error in caching-inbound-policy '${n}': "${d.message}"`,d)}}),e)}o($R,"CachingInboundPolicy");Ea.CachingInboundPolicy=$R});var Zg=g(wa=>{"use strict";Object.defineProperty(wa,"__esModule",{value:!0});wa.ChangeMethodInboundPolicy=void 0;var jR=D(),VR=He(),GR=o(async(e,t,r,n)=>{if(!r.method)throw new jR.ConfigurationError(`ChangeMethodInboundPolicy '${n}' options.method must be valid HttpMethod`);return new VR.ZuploRequest(e,{method:r.method})},"ChangeMethodInboundPolicy");wa.ChangeMethodInboundPolicy=GR});var Xg=g(va=>{"use strict";Object.defineProperty(va,"__esModule",{value:!0});va.ClearHeadersInboundPolicy=void 0;var BR=He(),KR=o(async(e,t,r)=>{let n=[...r.exclude??[]],i=new Headers;return n.forEach(a=>{let c=e.headers.get(a);c&&i.set(a,c)}),new BR.ZuploRequest(e,{headers:i})},"ClearHeadersInboundPolicy");va.ClearHeadersInboundPolicy=KR});var eb=g(Ta=>{"use strict";Object.defineProperty(Ta,"__esModule",{value:!0});Ta.ClearHeadersOutboundPolicy=void 0;var JR=o(async(e,t,r,n)=>{let i=[...n.exclude??[]],s=new Headers;return i.forEach(c=>{let u=e.headers.get(c);u&&s.set(c,u)}),new Response(e.body,{headers:s,status:e.status,statusText:e.statusText})},"ClearHeadersOutboundPolicy");Ta.ClearHeadersOutboundPolicy=JR});var tb=g(Sa=>{"use strict";Object.defineProperty(Sa,"__esModule",{value:!0});Sa.ClerkJwtInboundPolicy=void 0;var zR=$t(),WR=o(async(e,t,r,n)=>{let i=new URL(r.frontendApiUrl.startsWith("https://")||r.frontendApiUrl.startsWith("http://")?r.frontendApiUrl:`https://${r.frontendApiUrl}`),s=new URL(i);return s.pathname="/.well-known/jwks.json",(0,zR.OpenIdJwtInboundPolicy)(e,t,{issuer:i.href.slice(0,-1),jwkUrl:s.toString(),allowUnauthenticatedRequests:r.allowUnauthenticatedRequests},n)},"ClerkJwtInboundPolicy");Sa.ClerkJwtInboundPolicy=WR});var nb=g(Ia=>{"use strict";Object.defineProperty(Ia,"__esModule",{value:!0});Ia.CognitoJwtInboundPolicy=void 0;var rb=D(),QR=$t(),YR=o(async(e,t,r,n)=>{if(!r.userPoolId)throw new rb.ConfigurationError("userPoolId must be set in the options for CognitoJwtInboundPolicy");if(!r.region)throw new rb.ConfigurationError("region must be set in the options for CognitoJwtInboundPolicy");return(0,QR.OpenIdJwtInboundPolicy)(e,t,{issuer:`https://cognito-idp.${r.region}.amazonaws.com/${r.userPoolId}`,jwkUrl:`https://cognito-idp.${r.region}.amazonaws.com/${r.userPoolId}/.well-known/jwks.json`,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests},n)},"CognitoJwtInboundPolicy");Ia.CognitoJwtInboundPolicy=YR});var ob=g(Pa=>{"use strict";Object.defineProperty(Pa,"__esModule",{value:!0});Pa.CompositeInboundPolicy=void 0;var ZR=D(),XR=mn(),ib=zr(),e0=o(async(e,t,r,n)=>{if(!r.policies||r.policies.length===0)throw new ZR.ConfigurationError(`CompositeInboundPolicy '${n}' must have valid policies defined`);let i=XR.Gateway.instance,s=(0,ib.getInboundPolicyHandlerAndOptions)(r.policies,i?.routeData.policies);return(0,ib.toStackedInboundHandler)(s)(e,t)},"CompositeInboundPolicy");Pa.CompositeInboundPolicy=e0});var ab=g(Aa=>{"use strict";Object.defineProperty(Aa,"__esModule",{value:!0});Aa.CreditsMeteringInboundPolicy=void 0;var Pi=se(),sb=Y(),t0=o(async(e,t,r)=>{let n=e.user;if(!n)return Pi.HttpProblems.unauthorized(e,t,{title:"Unable to check subscription for anonymous user",detail:"No user data on request"});let{sub:i}=n;if(!r.bucketId)return Pi.HttpProblems.unauthorized(e,t,{title:"Metering bucket not configured",detail:"Specify one using the bucketId option on the policy"});let s=r.bucketId,a=await r0(s,i,t);if(!a)return Pi.HttpProblems.unauthorized(e,t,{title:"No valid, active subscription found"});if(!a.quotas)return Pi.HttpProblems.forbidden(e,t,{title:"Insufficient credits"});for(let c of Object.keys(a.quotas))if(a.quotas[c]<=0)return Pi.HttpProblems.forbidden(e,t,{title:"Insufficient credits"});return t.custom.subscription=a,t.addResponseSendingFinalHook(async()=>{let c=t.custom.meters,u={};for(let l of Object.keys(c))u[l]=c[l];await n0(s,a.id,u,t)}),e},"CreditsMeteringInboundPolicy");Aa.CreditsMeteringInboundPolicy=t0;async function r0(e,t,r){let{authApiJWT:n,meteringServiceUrl:i}=sb.Environment.instance,s=new URL(`${i}/internal/v1/metering/${e}/subscriptions`);s.search=new URLSearchParams({customerRef:t,status:"active"}).toString();let a=await fetch(s,{method:"GET",headers:{Authorization:`Bearer ${n}`}});if(!a.ok)throw new Error(`Error retrieving subscriptions for credits metering ': ${a.status} - ${await a.text()}`);let c=await a.json();if(c.data.length!==0)return c.data.length>1&&r.log.warn(`Found more than one active subscription for customer ${t} -- using the first one.`),c.data[0]}o(r0,"getSubscription");async function n0(e,t,r,n){let{authApiJWT:i,meteringServiceUrl:s}=sb.Environment.instance,a=new URL(`${s}/internal/v1/metering/${e}/subscriptions/${t}/quotas/consume`),c=await fetch(a,{method:"POST",body:JSON.stringify({meters:r}),headers:{Authorization:`Bearer ${i}`}});c.ok||n.log.error(`Error consuming subscription quotas for credits metering ': ${c.status} - ${await c.text()}`)}o(n0,"consumeSubscription")});var cb=g(Oa=>{"use strict";Object.defineProperty(Oa,"__esModule",{value:!0});Oa.CurityPhantomTokenInboundPolicy=void 0;var i0=qt(),o0=Kt(),Ra=se(),s0=o(async(e,t,r,n)=>{let i=e.headers.get("Authorization");if(!i)return Ra.HttpProblems.unauthorized(e,t,{detail:"No authorization header"});let s=a0(i);if(!s)return Ra.HttpProblems.unauthorized(e,t,{detail:"Failed to parse token from Authorization header"});let a=await(0,i0.getPolicyCacheName)(n,r),c=new o0.MemoryZoneReadThroughCache(a,t),u=await c.get(s);if(!u){let l=await fetch(r.introspectionUrl,{headers:{Authorization:"Basic "+btoa(`${r.clientId}:${r.clientSecret}`),Accept:"application/jwt","Content-Type":"application/x-www-form-urlencoded"},method:"POST",body:"token="+s+"&token_type_hint=access_token"}),d=await l.text();if(l.status===200)u=d,c.put(s,u,r.cacheDurationSeconds??600);else return l.status>=500?(t.log.error(`Error introspecting token - ${l.status}: '${d}'`),Ra.HttpProblems.internalServerError(e,t,{detail:"Problem encountered authorizing the HTTP request"})):Ra.HttpProblems.unauthorized(e,t)}return e.headers.set("Authorization",`Bearer ${u}`),e},"CurityPhantomTokenInboundPolicy");Oa.CurityPhantomTokenInboundPolicy=s0;function a0(e){return e.split(" ")[0]==="Bearer"?e.split(" ")[1]:null}o(a0,"getToken")});var ub=g(xa=>{"use strict";Object.defineProperty(xa,"__esModule",{value:!0});xa.FirebaseJwtInboundPolicy=void 0;var c0=Ft(),u0=$t(),l0=o(async(e,t,r,n)=>((0,c0.optionValidator)(r,n).required("projectId","string").optional("allowUnauthenticatedRequests","boolean"),(0,u0.OpenIdJwtInboundPolicy)(e,t,{issuer:`https://securetoken.google.com/${r.projectId}`,audience:r.projectId,jwkUrl:"https://www.googleapis.com/service_accounts/v1/jwk/securetoken@system.gserviceaccount.com",allowUnauthenticatedRequests:r.allowUnauthenticatedRequests},n)),"FirebaseJwtInboundPolicy");xa.FirebaseJwtInboundPolicy=l0});var lb=g(Na=>{"use strict";Object.defineProperty(Na,"__esModule",{value:!0});Na.FormDataToJsonInboundPolicy=void 0;var d0=He(),p0=o(async(e,t,r)=>{let n="application/x-www-form-urlencoded",i="multipart/form-data",s=e.headers.get("content-type")?.toLowerCase();if(!s||![i,n].includes(s))return r&&r.badRequestIfNotFormData?new Response(`Bad Request - expected content-type '${n}' or ${i}`,{status:400,statusText:"Bad Request"}):e;let a=await e.formData();if(r&&r.optionalHoneypotName&&a.get(r.optionalHoneypotName)!=="")return new Response("Bad Request",{status:400,statusText:"Bad Request"});let c={};for(let[d,p]of a)c[d]=p.toString();let u=new Headers(e.headers);return u.set("content-type","application/json"),u.delete("content-length"),new d0.ZuploRequest(e,{body:JSON.stringify(c),headers:u})},"FormDataToJsonInboundPolicy");Na.FormDataToJsonInboundPolicy=p0});var db=g(Ca=>{"use strict";Object.defineProperty(Ca,"__esModule",{value:!0});Ca.GeoFilterInboundPolicy=void 0;var h0=D(),f0=se(),Nn="__unknown__",m0=o(async(e,t,r,n)=>{let i={allow:{countries:Ln(r.allow?.countries,"allow.countries",n),regionCodes:Ln(r.allow?.regionCodes,"allow.regionCode",n),asns:Ln(r.allow?.asns,"allow.asOrganization",n)},block:{countries:Ln(r.block?.countries,"block.countries",n),regionCodes:Ln(r.block?.regionCodes,"block.regionCode",n),asns:Ln(r.block?.asns,"block.asOrganization",n)},ignoreUnknown:r.ignoreUnknown!==!1},s=t.incomingRequestProperties.country?.toLowerCase()??Nn,a=t.incomingRequestProperties.regionCode?.toLowerCase()??Nn,c=t.incomingRequestProperties.asn?.toString()??Nn,u=i.ignoreUnknown&&s===Nn,l=i.ignoreUnknown&&a===Nn,d=i.ignoreUnknown&&c===Nn,p=i.allow.countries,m=i.allow.regionCodes,h=i.allow.asns;if(p.length>0&&!p.includes(s)&&!u||m.length>0&&!m.includes(a)&&!l||h.length>0&&!h.includes(c)&&!d)return Cn(e,t,n,s,a,c);let y=i.block.countries,w=i.block.regionCodes,T=i.block.asns;return y.length>0&&y.includes(s)&&!u||w.length>0&&w.includes(a)&&!l||T.length>0&&T.includes(c)&&!d?Cn(e,t,n,s,a,c):e},"GeoFilterInboundPolicy");Ca.GeoFilterInboundPolicy=m0;function Cn(e,t,r,n,i,s){return t.log.debug(`Request blocked by GeoFilterInboundPolicy '${r}' (country: '${n}', regionCode: '${i}', asn: '${s}')`),f0.HttpProblems.forbidden(e,t,{geographicContext:{country:n,regionCode:i,asn:s}})}o(Cn,"blockedResponse");function Ln(e,t,r){if(typeof e=="string")return e.split(",").map(n=>n.trim().toLowerCase());if(typeof e>"u")return[];if(Array.isArray(e))return e.map(n=>n.trim().toLowerCase());throw new h0.ConfigurationError(`Invalid '${t}' for GeoFilterInboundPolicy '${r}': '${e}', must be a string or string[]`)}o(Ln,"toLowerStringArray")});var pb=g(La=>{"use strict";Object.defineProperty(La,"__esModule",{value:!0});La.JWTScopeValidationInboundPolicy=void 0;var y0=o(async(e,t,r)=>{let n=e.user?.data.scope.split(" ")||[];if(!o((s,a)=>a.every(c=>s.includes(c)),"scopeChecker")(n,r.scopes)){let s={code:"UNAUTHORIZED",help_url:"https://zup.fail/UNAUTHORIZED",message:`JWT must have all the following scopes: ${r.scopes}`};return new Response(JSON.stringify(s),{status:401,statusText:"Unauthorized",headers:{"content-type":"application/json"}})}return e},"JWTScopeValidationInboundPolicy");La.JWTScopeValidationInboundPolicy=y0});var fb=g(Da=>{"use strict";Object.defineProperty(Da,"__esModule",{value:!0});Da.MockApiInboundPolicy=void 0;var g0=se(),b0=o(async(e,t,r,n)=>{let i=t.route.raw().responses;if(!i)return mp(n,e,t,"No responses defined in the OpenAPI document. Add some responses with examples to use this policy.");let s=Object.keys(i),a=[];if(s.length===0)return mp(n,e,t,"No response object defined under responses in the OpenAPI document. Add some response objects with examples to use this policy.");if(s.forEach(c=>{i[c].content&&Object.keys(i[c].content).forEach(l=>{let d=i[c].content[l].examples;d&&Object.keys(d).forEach(m=>{a.push({responseName:c,contentName:l,exampleName:m,exampleValue:d[m]})})})}),a=a.filter(c=>!(r.responsePrefixFilter&&!c.responseName.startsWith(r.responsePrefixFilter)||r.contentType&&c.contentName!==r.contentType||r.exampleName&&c.exampleName!==r.exampleName)),r.random&&a.length>1){let c=Math.floor(Math.random()*a.length);return hb(a[c])}else return a.length>0?hb(a[0]):mp(n,e,t,"No examples matching the mocking options found in the OpenAPI document. Add examples to the OpenAPI document matching the options for this policy or change the mocking options to match the examples in the OpenAPI document.")},"MockApiInboundPolicy");Da.MockApiInboundPolicy=b0;function hb(e){let t=JSON.stringify(e.exampleValue,null,2),r=new Headers;switch(r.set("Content-Type",e.contentName),e.responseName){case"1XX":return new Response(t,{status:100,headers:r});case"2XX":return new Response(t,{status:200,headers:r});case"3XX":return new Response(t,{status:300,headers:r});case"4XX":return new Response(t,{status:400,headers:r});case"5XX":case"default":return new Response(t,{status:500,headers:r});default:return new Response(t,{status:Number(e.responseName),headers:r})}}o(hb,"generateResponse");var mp=o((e,t,r,n)=>{let i=`Error in policy: ${e} - On route ${t.method} ${r.route.path}. ${n}`;return g0.HttpProblems.internalServerError(t,r,{detail:i})},"getProblemDetailResponse")});var _b=g(Dn=>{"use strict";Object.defineProperty(Dn,"__esModule",{value:!0});Dn.MoesifInboundPolicy=Dn.setMoesifContext=void 0;var _0=D(),E0=ve(),w0="Incoming",v0={logRequestBody:!0,logResponseBody:!0};function mb(e){let t={};return e.forEach((r,n)=>{t[n]=r}),t}o(mb,"headersToObject");function yb(){return new Date().toISOString()}o(yb,"timestamp");var yp=new WeakMap,T0={};function S0(e,t){let r=yp.get(e);r||(r=T0);let n=Object.assign({...r},t);yp.set(e,n)}o(S0,"setMoesifContext");Dn.setMoesifContext=S0;async function gb(e,t){let r=e.headers.get("content-type");if(r&&r.indexOf("json")!==0)try{return await e.clone().json()}catch(i){t.log.error(i)}let n=await e.clone().text();return t.log.debug({textBody:n}),n}o(gb,"readBody");var I0={},gp;function bb(){if(!gp)throw new _0.RuntimeError("Invalid State - no _lastLogger");return gp}o(bb,"getLastLogger");function P0(e){let t=I0[e];return t||(t=new E0.BatchDispatch("moesif-inbound",100,async r=>{let n=JSON.stringify(r);bb().debug("posting",n);let i=await fetch("https://api.moesif.net/v1/events/batch",{method:"POST",headers:{"content-type":"application/json","X-Moesif-Application-Id":e},body:n});i.ok||bb().error({status:i.status,body:await i.text()})})),t}o(P0,"getDispatcher");async function A0(e,t,r,n){gp=t.log;let i=yb(),s=Object.assign(v0,r);if(!s.applicationId)throw new Error(`Invalid configuration for MoesifInboundPolicy '${n}' - applicationId is required`);let a=s.logRequestBody?await gb(e,t):void 0;return t.addResponseSendingFinalHook(async(c,u)=>{let l=P0(s.applicationId),d=e.headers.get("true-client-ip"),p=yp.get(t)??{},m={time:i,uri:e.url,verb:e.method,body:a,ip_address:d??void 0,api_version:p.apiVersion,headers:mb(e.headers)},h=s.logResponseBody?await gb(c,t):void 0,y={time:yb(),status:c.status,headers:mb(c.headers),body:h},w={request:m,response:y,user_id:p.userId??u.user?.sub,session_token:p.sessionToken,company_id:p.companyId,metadata:p.metadata,direction:w0};l.enqueue(w),t.waitUntil(l.waitUntilFlushed())}),e}o(A0,"MoesifInboundPolicy");Dn.MoesifInboundPolicy=A0});var Eb=g(Ua=>{"use strict";Object.defineProperty(Ua,"__esModule",{value:!0});Ua.OktaJwtInboundPolicy=void 0;var R0=$t(),O0=o(async(e,t,r,n)=>(0,R0.OpenIdJwtInboundPolicy)(e,t,{issuer:r.issuerUrl,audience:r.audience,jwkUrl:`${r.issuerUrl}/v1/keys`,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests},n),"OktaJwtInboundPolicy");Ua.OktaJwtInboundPolicy=O0});var wb=g(Ma=>{"use strict";Object.defineProperty(Ma,"__esModule",{value:!0});Ma.PropelAuthJwtInboundPolicy=void 0;var x0=(ws(),Zi(Es)),N0=$t(),bp,C0=o(async(e,t,r,n)=>{if(!bp)try{bp=await(0,x0.importSPKI)(r.verifierKey,"RS256")}catch(i){throw t.log.error("Could not import verifier key"),i}return(0,N0.OpenIdJwtInboundPolicy)(e,t,{issuer:r.authUrl,secret:bp,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests,subPropertyName:"user_id"},n)},"PropelAuthJwtInboundPolicy");Ma.PropelAuthJwtInboundPolicy=C0});var vb=g(G=>{"use strict";Object.defineProperty(G,"__esModule",{value:!0});G.throwIfStateNotObject=G.throwIfStateNotNumber=G.throwIfStateNotString=G.throwIfStateUndefinedOrNull=G.throwIfStateUndefined=G.throwIfOptionNotObject=G.throwIfOptionNotNumber=G.throwIfOptionNotString=G.throwIfOptionUndefinedOrNull=G.throwIfOptionUndefined=G.OptionTypeError=G.OptionUndefinedError=G.throwIfNotNumber=G.throwIfNotString=G.throwIfUndefinedOrNull=G.throwIfUndefined=G.ArgumentTypeError=G.ArgumentUndefinedError=G.ValidationError=void 0;var je=Lt(),et=class extends Error{static{o(this,"ValidationError")}constructor(t){super(t)}};G.ValidationError=et;var Ai=class extends et{static{o(this,"ArgumentUndefinedError")}constructor(t){super(`The argument '${t}' is undefined.`)}};G.ArgumentUndefinedError=Ai;var Ri=class extends et{static{o(this,"ArgumentTypeError")}constructor(t,r){super(`The argument '${t}' must be of type '${r}'.`)}};G.ArgumentTypeError=Ri;function L0(e,t){if((0,je.isUndefined)(e))throw new Ai(t)}o(L0,"throwIfUndefined");G.throwIfUndefined=L0;function _p(e,t){if((0,je.isUndefinedOrNull)(e))throw new Ai(t)}o(_p,"throwIfUndefinedOrNull");G.throwIfUndefinedOrNull=_p;function D0(e,t){if(_p(e,t),!(0,je.isString)(e))throw new Ri(t,"string")}o(D0,"throwIfNotString");G.throwIfNotString=D0;function U0(e,t){if(_p(e,t),!(0,je.isNumber)(e))throw new Ri(t,"number")}o(U0,"throwIfNotNumber");G.throwIfNotNumber=U0;var Oi=class extends et{static{o(this,"OptionUndefinedError")}constructor(t,r,n){super(`The option '${n}' on the ${t} named '${r}' is undefined.`)}};G.OptionUndefinedError=Oi;var Un=class extends et{static{o(this,"OptionTypeError")}constructor(t,r,n,i){super(`The option '${n}' on the ${t} named '${r}' must be of type '${i}'.`)}};G.OptionTypeError=Un;function M0(e,t,r,n){if((0,je.isUndefined)(n))throw new Oi(e,t,r)}o(M0,"throwIfOptionUndefined");G.throwIfOptionUndefined=M0;function ka(e,t,r,n){if((0,je.isUndefinedOrNull)(n))throw new Oi(e,t,r)}o(ka,"throwIfOptionUndefinedOrNull");G.throwIfOptionUndefinedOrNull=ka;function k0(e,t,r,n){if(ka(e,t,r,n),!(0,je.isString)(n))throw new Un(e,t,r,"string")}o(k0,"throwIfOptionNotString");G.throwIfOptionNotString=k0;function H0(e,t,r,n){if(ka(e,t,r,n),!(0,je.isNumber)(n))throw new Un(e,t,r,"number")}o(H0,"throwIfOptionNotNumber");G.throwIfOptionNotNumber=H0;function F0(e,t,r,n){if(ka(e,t,r,n),!(0,je.isObject)(n))throw new Un(e,t,r,"object")}o(F0,"throwIfOptionNotObject");G.throwIfOptionNotObject=F0;function q0(e,t){if((0,je.isUndefined)(e))throw new et(t)}o(q0,"throwIfStateUndefined");G.throwIfStateUndefined=q0;function Ha(e,t){if((0,je.isUndefinedOrNull)(e))throw new et(t)}o(Ha,"throwIfStateUndefinedOrNull");G.throwIfStateUndefinedOrNull=Ha;function $0(e,t){if(Ha(e,t),!(0,je.isString)(e))throw new et(t);return!0}o($0,"throwIfStateNotString");G.throwIfStateNotString=$0;function j0(e,t){if(Ha(e,t),!(0,je.isNumber)(e))throw new et(t);return!0}o(j0,"throwIfStateNotNumber");G.throwIfStateNotNumber=j0;function V0(e,t){if(Ha(e,t),!(0,je.isObject)(e))throw new et(t);return!0}o(V0,"throwIfStateNotObject");G.throwIfStateNotObject=V0});var Tb=g(Mn=>{"use strict";Object.defineProperty(Mn,"__esModule",{value:!0});Mn.InMemoryRedisClient=Mn.StandardRedisClient=void 0;var Ep=D(),Fa=vb(),wp=class e{static{o(this,"StandardRedisClient")}static instance;redisClientUrl;clientAuthToken;userAgent;deploymentName;constructor(t,r,n,i){this.redisClientUrl=t,this.clientAuthToken=r,this.deploymentName=n,this.userAgent=i}static initialize(t,r,n,i){return(0,Fa.throwIfNotString)(t,"redisClientUrl"),(0,Fa.throwIfNotString)(r,"clientAuthToken"),e.instance||(e.instance=new e(t,r,n,i)),e.instance}isEnabled(){return this.redisClientUrl!==void 0&&this.clientAuthToken!==void 0}async fetch({url:t,body:r,method:n,requestId:i}){(0,Fa.throwIfNotString)(t,"url");let s=await fetch(`${this.redisClientUrl}${t}`,{method:n,body:r,headers:{"content-type":"application/json",authorization:`Bearer ${this.clientAuthToken}`,"zp-rid":i,"zp-dn":this.deploymentName,"User-Agent":this.userAgent}}),a=s.headers.get("Content-Type")?.includes("application/json")?await s.json():await s.text();if(s.ok)return a;throw s.status===401?new Ep.SystemError("Redis client failed with 401: Unauthorized"):new Ep.SystemError(`Redis client failed with (${s.status}): ${typeof a=="string"?a:JSON.stringify(a,null,2)}`)}};Mn.StandardRedisClient=wp;var vp=class{static{o(this,"InMemoryRedisClient")}keyValueStore;constructor(){this.keyValueStore=new Map}isEnabled(){return!0}fetch({url:t,body:r,method:n}){if((0,Fa.throwIfNotString)(t,"url"),n==="POST"&&t==="/rate-limit"){let{incrBy:i,expire:s,key:a}=JSON.parse(r),c=Date.now()+s*1e3,u=this.keyValueStore.get(a);u?Date.now()>u.expiresAt?this.keyValueStore.set(a,{value:i,expiresAt:c}):this.keyValueStore.set(a,{value:u.value+i,expiresAt:u.expiresAt}):this.keyValueStore.set(a,{value:i,expiresAt:c});let l=this.keyValueStore.get(a);return Promise.resolve({count:l.value,ttlSeconds:Math.round((l.expiresAt-Date.now())/1e3)})}throw new Ep.SystemError("The in-memory redis client only supports /rate-limit calls")}};Mn.InMemoryRedisClient=vp});var Rb=g(ja=>{"use strict";Object.defineProperty(ja,"__esModule",{value:!0});ja.RateLimitInboundPolicy=void 0;var G0=Tr(),B0=qt(),K0=no(),jt=D(),J0=se(),Sb=Le(),xi=Y(),Ib=Tb(),Pb=Lt(),qa=(0,G0.debug)("zuplo:policies:RateLimitInboundPolicy"),z0="strict",W0=o(e=>{let t=e.headers.get("cf-connecting-ip")??e.headers.get("true-client-ip");if(t)return t;let r=e.headers.get("x-forwarded-for");return r?r.split(",")[0]:"127.0.0.1"},"getRealIP"),Q0=o(async e=>({key:`ip-${W0(e)}`}),"getIP"),Y0=o(async e=>({key:`user-${e.user?.sub??"anonymous"}`}),"getUser"),Z0=o(async()=>({key:"all-2d77ce9d-9a3c-4206-9ab2-668cfd271095"}),"getAll"),$a;function X0(e,t){let r;if($a)return $a;if(xi.Environment.instance.isLocalDevelopment)return t.info("Using in-memory redis client for local development."),r=new Ib.InMemoryRedisClient,$a=r,r;let{authApiJWT:n,redisURL:i}=xi.Environment.instance;if(!(0,Pb.isString)(i))throw new jt.SystemError(`RateLimitInboundPolicy '${e}' - rate limit service URL not configured`);if(!(0,Pb.isString)(n))throw new jt.SystemError(`RateLimitInboundPolicy '${e}' - service authentication not configured`);if(i&&(r=Ib.StandardRedisClient.initialize(i,n,xi.Environment.instance.deploymentName??"unknown",xi.Environment.instance.systemUserAgent)),!r||!r.isEnabled())throw new jt.SystemError(`RateLimitInboundPolicy '${e}' - no redis ('${r}') or redis.isEnabled ('${r?.isEnabled}) is false`);return $a=r,r}o(X0,"getRedisClient");async function Ab(e,t,r,n,i){let s=Math.floor(t*60);return await r.fetch({url:"/rate-limit",method:"POST",body:JSON.stringify({incrBy:1,expire:s,key:e}),requestId:i})}o(Ab,"getCountAndUpdateExpiry");function eO(e,t){let r;if(e.rateLimitBy==="function"){if(!e.identifier)throw new jt.ConfigurationError(`RateLimitInboundPolicy '${t}' - If rateLimitBy set to 'function' options.identifier must be specified`);if(!e.identifier.module)throw new jt.ConfigurationError(`RateLimitInboundPolicy '${t}' - If rateLimitBy set to 'function' options.identifier.module must be specified`);if(!e.identifier.export)throw new jt.ConfigurationError(`RateLimitInboundPolicy '${t}' - If rateLimitBy set to 'function' options.identifier.export must be specified`);if(r=e.identifier.module[e.identifier.export],!r||typeof r!="function")throw new jt.ConfigurationError(`RateLimitInboundPolicy '${t}' - Custom rate limit function must be a valid function`)}return o(async(i,s,a)=>{let c=await r(i,s,a);if(!c.key){let u=`RateLimitInboundPolicy '${a}' - Custom rate limit function must return a valid key property '${JSON.stringify(c,null,2)}'`;throw s.log.error(u),new jt.RuntimeError(u)}return c},"outerFunction")}o(eO,"wrapUserFunction");var tO="Retry-After",rO=o(async(e,t,r,n)=>{let i=Date.now(),s=Sb.SystemLogMap.getLogger(t),a=o((u,l)=>{if(r.throwOnFailure)throw new jt.SystemError(u,{cause:l});s.error(u,l)},"throwOrLog"),c=o((u,l)=>{let d={};return(!u||u==="retry-after")&&(d[tO]=l.toString()),J0.HttpProblems.tooManyRequests(e,t,void 0,d)},"rateLimited");try{let l={function:eO(r,n),user:Y0,ip:Q0,all:Z0}[r.rateLimitBy],d=await l(e,t,n),p=d.key,m=d.requestsAllowed??r.requestsAllowed,h=d.timeWindowMinutes??r.timeWindowMinutes,y=r.headerMode??"retry-after",w=X0(n,s),S=`bucket/${xi.Environment.instance.build.BUILD_ID}/${n}/${p}`;if((r.mode??z0)==="async"){let N=await(0,B0.getPolicyCacheName)(n,r),re=new K0.ZoneCache(N,{logger:Sb.SystemLogMap.getLogger(t)}),ne=Ab(S,h,w,s,t.requestId),me=await re.get(S);if(me!==void 0&&me<=Date.now()){qa(`RateLimitInboundPolicy '${n}' - returning 429 from cache for '${S}' (async mode)`);let Be=Math.round((me-Date.now())/1e3);return c(y,Be)}return t.addEventListener("responseSending",Be=>{try{let E=Be,H=E.mutableResponse;E.mutableResponse=(async()=>{let Ce=await ne;if(Ce.count>m){let ru=Date.now()+Ce.ttlSeconds*1e3;return re.put(S,ru,Ce.ttlSeconds).catch(lh=>{throw s.error(lh),lh}),qa(`RateLimitInboundPolicy '${n}' - returning 429 from redis for '${S}' (async mode)`),c(y,Ce.ttlSeconds)}return H})()}catch(E){s.error(`RateLimitInboundPolicy '${n}' -error in responseSending`,E)}}),e}let F=await Ab(S,h,w,s,t.requestId);return F.count>m?(qa(`RateLimitInboundPolicy '${n}' - returning 429 from redis for '${S}' (strict mode)`),c(y,F.ttlSeconds)):e}catch(u){return a(u.message,u),e}finally{let u=Date.now()-i;qa(`RateLimitInboundPolicy '${n}' - latency ${u}ms`)}},"RateLimitInboundPolicy");ja.RateLimitInboundPolicy=rO});var Cb=g(Va=>{"use strict";Object.defineProperty(Va,"__esModule",{value:!0});Va.ReadmeMetricsInboundPolicy=void 0;var nO=ve(),Tp=Y(),Ob=ri(),Sp;function xb(e){let t=[];for(let[r,n]of e)t.push({name:r,value:n});return t}o(xb,"headersToNameValuePairs");function iO(e){let t=[];return Object.entries(e).forEach(([r,n])=>{t.push({name:r,value:n})}),t}o(iO,"queryToNameValueParis");function oO(e){if(e===null)return;let t=parseFloat(e);if(!isNaN(t))return t}o(oO,"parseIntOrUndefined");var Nb={};async function sO(e,t,r,n){let i=new Date,s=Date.now();return Sp||(Sp={name:"zuplo",version:Tp.Environment.instance.build.ZUPLO_VERSION,comment:`zuplo/${Tp.Environment.instance.build.ZUPLO_VERSION}`}),t.addResponseSendingFinalHook(async a=>{try{let c=r.userLabelPropertyPath&&e.user?(0,Ob.getValueFromRequestUser)(e.user,r.userLabelPropertyPath,"userLabelPropertyPath"):e.user?.sub,u=r.userEmailPropertyPath&&e.user?(0,Ob.getValueFromRequestUser)(e.user,r.userEmailPropertyPath,"userEmailPropertyPath"):void 0,l={clientIPAddress:e.headers.get("true-client-ip")??"",development:r.development!==void 0?r.development:Tp.Environment.instance.isDeno,group:{label:c,email:u,id:e.user?.sub??"anonymous"},request:{log:{creator:Sp,entries:[{startedDateTime:i.toISOString(),time:Date.now()-s,request:{method:e.method,url:r.useFullRequestPath?new URL(e.url).pathname:t.route.path,httpVersion:"2",headers:xb(e.headers),queryString:iO(e.query)},response:{status:a.status,statusText:a.statusText,headers:xb(a.headers),content:{size:oO(e.headers.get("content-length"))}}}]}}},d=Nb[r.apiKey];if(!d){let p=r.apiKey;d=new nO.BatchDispatch("readme-metering-inbound-policy",10,async m=>{try{let h=r.url??"https://metrics.readme.io/request",y=await fetch(h,{method:"POST",body:JSON.stringify(m),headers:{"content-type":"application/json",authorization:`Basic ${btoa(p+":")}`}});y.status!==202&&t.log.error(`Unexpected response in ReadmeMeteringInboundPolicy '${n}'. ${y.status}: '${await y.text()}'`)}catch(h){throw t.log.error(`Error in ReadmeMeteringInboundPolicy '${n}': '${h.message}'`),h}}),Nb[p]=d}d.enqueue(l),t.waitUntil(d.waitUntilFlushed())}catch(c){t.log.error(c)}}),e}o(sO,"ReadmeMetricsInboundPolicy");Va.ReadmeMetricsInboundPolicy=sO});var Lb=g(Ga=>{"use strict";Object.defineProperty(Ga,"__esModule",{value:!0});Ga.RemoveHeadersInboundPolicy=void 0;var aO=D(),cO=He(),uO=o(async(e,t,r,n)=>{let i=r?.headers;if(!i||!Array.isArray(i)||i.length===0)throw new aO.ConfigurationError(`RemoveHeadersInboundPolicy '${n}' options.headers must be a non-empty string array of header names`);let s=new Headers(e.headers);return i.forEach(c=>{s.delete(c)}),new cO.ZuploRequest(e,{headers:s})},"RemoveHeadersInboundPolicy");Ga.RemoveHeadersInboundPolicy=uO});var Db=g(Ba=>{"use strict";Object.defineProperty(Ba,"__esModule",{value:!0});Ba.RemoveHeadersOutboundPolicy=void 0;var lO=D(),dO=o(async(e,t,r,n,i)=>{let s=n?.headers;if(!s||!Array.isArray(s)||s.length===0)throw new lO.ConfigurationError(`RemoveHeadersOutboundPolicy '${i}' options.headers must be a non-empty string array of header names`);let a=new Headers(e.headers);return s.forEach(u=>{a.delete(u)}),new Response(e.body,{headers:a,status:e.status,statusText:e.statusText})},"RemoveHeadersOutboundPolicy");Ba.RemoveHeadersOutboundPolicy=dO});var Ub=g(Ka=>{"use strict";Object.defineProperty(Ka,"__esModule",{value:!0});Ka.RemoveQueryParamsInboundPolicy=void 0;var pO=D(),hO=He(),fO=o(async(e,t,r,n)=>{let i=r.params;if(!i||!Array.isArray(i)||i.length===0)throw new pO.ConfigurationError(`RemoveQueryParamsInboundPolicy '${n}' options.params must be a non-empty string array of header names`);let s=new URL(e.url);return i.forEach(c=>{s.searchParams.delete(c)}),new hO.ZuploRequest(s.toString(),e)},"RemoveQueryParamsInboundPolicy");Ka.RemoveQueryParamsInboundPolicy=fO});var Mb=g(Ja=>{"use strict";Object.defineProperty(Ja,"__esModule",{value:!0});Ja.ReplaceStringOutboundPolicy=void 0;var mO=o(async(e,t,r,n)=>{let i=await e.text(),s=n.mode==="regexp"?new RegExp(n.match,"gm"):n.match,a=i.replaceAll(s,n.replaceWith);return new Response(a,{headers:e.headers,status:e.status,statusText:e.statusText})},"ReplaceStringOutboundPolicy");Ja.ReplaceStringOutboundPolicy=mO});var Hb=g(za=>{"use strict";Object.defineProperty(za,"__esModule",{value:!0});za.RequestSizeLimitInboundPolicy=void 0;var kb=o(()=>new Response("Maximum request size exceeded",{status:413,statusText:"Payload Too Large"}),"payloadTooLarge"),yO=o(async(e,t,r)=>{let n=r.trustContentLengthHeader??!1;if(["GET","HEAD"].includes(e.method))return e;let i=e.headers.get("content-length"),s=i!==null?parseInt(i):void 0;return s&&!isNaN(s)&&s>r.maxSizeInBytes?kb():s&&n?e:(await e.clone().text()).length>r.maxSizeInBytes?kb():e},"RequestSizeLimitInboundPolicy");za.RequestSizeLimitInboundPolicy=yO});var Wa=g(tt=>{"use strict";Object.defineProperty(tt,"__esModule",{value:!0});tt.sanitizedIdentifierName=tt.getIdForRefSchema=tt.getIdForRequestBodySchema=tt.getIdForParameterSchema=tt.getRawOperationDataIdentifierName=void 0;function gO(e,t,r){return`_${kr(e+"_"+t+"_"+r)}`}o(gO,"getRawOperationDataIdentifierName");tt.getRawOperationDataIdentifierName=gO;function bO(e,t,r,n){return`_${kr(e.toLowerCase())}_`+t.toLowerCase()+"_"+r.toLowerCase()+`_${n.toLowerCase()}`}o(bO,"getIdForParameterSchema");tt.getIdForParameterSchema=bO;function _O(e,t,r){return`_${kr(e.toLowerCase())}_`+t.toLowerCase()+`_rb_${kr(r.toLowerCase())}`}o(_O,"getIdForRequestBodySchema");tt.getIdForRequestBodySchema=_O;function EO(e,t){return`_${kr(e)}__${kr(t)}`}o(EO,"getIdForRefSchema");tt.getIdForRefSchema=EO;function kr(e){let t=[];for(let r=0;r<e.length;r++){let n=e.charCodeAt(r);n>="0".charCodeAt(0)&&n<="9".charCodeAt(0)||n>="A".charCodeAt(0)&&n<="Z".charCodeAt(0)||n>="a".charCodeAt(0)&&n<="z".charCodeAt(0)?t.push(e.charAt(r)):t.push("_")}return t.join("")}o(kr,"sanitizedIdentifierName");tt.sanitizedIdentifierName=kr});var Ni=g(De=>{"use strict";Object.defineProperty(De,"__esModule",{value:!0});De.getErrorsFromValidator=De.shouldReject=De.shouldLog=De.logErrors=De.validateParameters=De.getParametersForOperation=void 0;var wO=mn(),vO=Wa(),TO=o(e=>{let t=e.route.raw();return t.parameters?t.parameters.map(n=>({name:n.name,location:n.in,required:n.required,deprecated:n.deprecated,allowEmptyValue:n.allowEmptyValue})):[]},"getParametersForOperation");De.getParametersForOperation=TO;var SO=o((e,t,r,n,i)=>{let s=[],a=!0,c=[];return e.forEach(u=>{if(u.required&&!t[u.name])a=!1,s.push(`Required ${i} parameter '${u.name}' not found`);else{let l=(0,vO.getIdForParameterSchema)(r,n,i,u.name),d=wO.Gateway.instance.schemaValidator[l],p=d(t[u.name]),m=(0,De.getErrorsFromValidator)(d.errors);p||(a=!1,c.push(`${i} parameter: ${u.name} : ${t[u.name]}`),s.push(`Invalid value for ${i} parameter: '${u.name}' ${m.join(", ")}`))}}),{isValid:a,invalidValues:c,errors:s}},"validateParameters");De.validateParameters=SO;var IO=o((e,t,r,n,i)=>{n?e.log[t](r,n,i):e.log[t](r,i)},"logErrors");De.logErrors=IO;var PO=o(e=>e==="log-only"||e==="reject-and-log","shouldLog");De.shouldLog=PO;var AO=o(e=>e==="reject-only"||e==="reject-and-log","shouldReject");De.shouldReject=AO;var RO=o(e=>e?.map(t=>t.instancePath===void 0||t.instancePath===""?t.message??"Unknown validation error":t.instancePath.replace("/","")+" "+t.message)??["Unknown validation error"],"getErrorsFromValidator");De.getErrorsFromValidator=RO});var Fb=g(Ya=>{"use strict";Object.defineProperty(Ya,"__esModule",{value:!0});Ya.handleBodyValidation=void 0;var OO=mn(),Qa=se(),xO=Wa(),Je=Ni();async function NO(e,t,r){if(!r.validateBody||r.validateBody==="none")return;let n;try{n=await t.clone().json()}catch(h){let y=`Error in request body for method : ${t.method} in route: ${e.route.path} with content-type: ${t.headers.get("Content-Type")}`,w=Qa.HttpProblems.badRequest(t,e,{detail:`${y}, see errors property for more details`,errors:`${h}`});if((0,Je.shouldLog)(r.validateBody)&&(0,Je.logErrors)(e,r.logLevel??"info",y,[n],h),(0,Je.shouldReject)(r.validateBody))return w}if(!t.headers.get("Content-Type")){let h=`No content-type header defined in incoming request to ${t.method} in route: ${e.route.path}`,y=Qa.HttpProblems.badRequest(t,e,{detail:h});return(0,Je.shouldLog)(r.validateBody)&&(0,Je.logErrors)(e,r.logLevel??"info",h,[n],[h]),(0,Je.shouldReject)(r.validateBody)?y:void 0}let i=t.headers.get("Content-Type"),s=i.indexOf(";");s>-1&&(i=i.substring(0,s));let a=(0,xO.getIdForRequestBodySchema)(e.route.path,t.method,i),c=OO.Gateway.instance.schemaValidator[a];if(!c){let h=`No schema defined for method: ${t.method} in route: ${e.route.path} with content-type: ${t.headers.get("Content-Type")}`,y=Qa.HttpProblems.badRequest(t,e,{detail:h});return(0,Je.shouldLog)(r.validateBody)&&(0,Je.logErrors)(e,r.logLevel??"info",h,[n],[h]),(0,Je.shouldReject)(r.validateBody)?y:void 0}if(c(n))return;let l=c.errors,d="Request body did not pass validation",p=(0,Je.getErrorsFromValidator)(l),m=Qa.HttpProblems.badRequest(t,e,{detail:`${d}, see errors property for more details`,errors:p});if((0,Je.shouldLog)(r.validateBody)&&(0,Je.logErrors)(e,r.logLevel??"info",d,[n],p),(0,Je.shouldReject)(r.validateBody))return m}o(NO,"handleBodyValidation");Ya.handleBodyValidation=NO});var qb=g(Za=>{"use strict";Object.defineProperty(Za,"__esModule",{value:!0});Za.handleHeadersValidation=void 0;var CO=se(),Ci=Ni();function LO(e,t,r){if(!r.validateHeaders||r.validateHeaders==="none")return;let n={};t.headers.forEach((a,c)=>{n[c]=a});let i=(0,Ci.getParametersForOperation)(e),s=(0,Ci.validateParameters)(i.filter(a=>a.location==="header"),n,e.route.path,t.method.toLowerCase(),"header");if(!s.isValid){let a="Header validation failed",c=CO.HttpProblems.badRequest(t,e,{detail:`${a}, see errors property for more details`,errors:s.errors});if((0,Ci.shouldLog)(r.validateHeaders)&&(0,Ci.logErrors)(e,r.logLevel??"info",a,s.invalidValues,s.errors),(0,Ci.shouldReject)(r.validateHeaders))return c}}o(LO,"handleHeadersValidation");Za.handleHeadersValidation=LO});var $b=g(Xa=>{"use strict";Object.defineProperty(Xa,"__esModule",{value:!0});Xa.handlePathParameterValidation=void 0;var DO=se(),Li=Ni();function UO(e,t,r){if(!r.validatePathParameters||r.validatePathParameters==="none")return;let n=(0,Li.getParametersForOperation)(e),i=(0,Li.validateParameters)(n.filter(s=>s.location==="path"),t.params,e.route.path,t.method.toLowerCase(),"path");if(!i.isValid){let s="Path parameters validation failed",a=DO.HttpProblems.badRequest(t,e,{detail:`${s}, see errors property for more details`,errors:i.errors});if((0,Li.shouldLog)(r.validatePathParameters)&&(0,Li.logErrors)(e,r.logLevel??"info",s,i.invalidValues,i.errors),(0,Li.shouldReject)(r.validatePathParameters))return a}}o(UO,"handlePathParameterValidation");Xa.handlePathParameterValidation=UO});var jb=g(ec=>{"use strict";Object.defineProperty(ec,"__esModule",{value:!0});ec.handleQueryParameterValidation=void 0;var MO=se(),Di=Ni();function kO(e,t,r){if(!r.validateQueryParameters||r.validateQueryParameters==="none")return;let n=(0,Di.getParametersForOperation)(e),i=(0,Di.validateParameters)(n.filter(s=>s.location==="query"),t.query,e.route.path,t.method.toLowerCase(),"query");if(!i.isValid){let s="Query parameters validation failed",a=MO.HttpProblems.badRequest(t,e,{detail:`${s}, see errors property for more details`,errors:i.errors});if((0,Di.shouldLog)(r.validateQueryParameters)&&(0,Di.logErrors)(e,r.logLevel??"info",s,i.invalidValues,i.errors),(0,Di.shouldReject)(r.validateQueryParameters))return a}}o(kO,"handleQueryParameterValidation");ec.handleQueryParameterValidation=kO});var Vb=g(Hr=>{"use strict";Object.defineProperty(Hr,"__esModule",{value:!0});Hr.SchemaBasedRequestValidation=Hr.RequestValidationInboundPolicy=void 0;var HO=Fb(),FO=qb(),qO=$b(),$O=jb(),jO=o(async(e,t,r)=>{let n=(0,$O.handleQueryParameterValidation)(t,e,r);if(n!==void 0||(n=(0,qO.handlePathParameterValidation)(t,e,r),n!==void 0)||(n=(0,FO.handleHeadersValidation)(t,e,r),n!==void 0))return n;let i=await(0,HO.handleBodyValidation)(t,e,r);return i!==void 0?i:e},"RequestValidationInboundPolicy");Hr.RequestValidationInboundPolicy=jO;Hr.SchemaBasedRequestValidation=Hr.RequestValidationInboundPolicy});var Gb=g(tc=>{"use strict";Object.defineProperty(tc,"__esModule",{value:!0});tc.RequireOriginInboundPolicy=void 0;var VO=D(),GO=se(),BO=o(async(e,t,r,n)=>{if(r.origins===void 0||r.origins.length===0)throw new VO.ConfigurationError(`RequireOriginInboundPolicy '${n}' configuration error - no allowed origins specified`);let i=typeof r.origins=="string"?r.origins.split(","):r.origins;i=i.map(a=>a.trim());let s=e.headers.get("origin");if(!s||!i.includes(s)){let a=r.failureDetail??"Forbidden";return GO.HttpProblems.forbidden(e,t,{detail:a})}return e},"RequireOriginInboundPolicy");tc.RequireOriginInboundPolicy=BO});var Bb=g(rc=>{"use strict";Object.defineProperty(rc,"__esModule",{value:!0});rc.SetBodyInboundPolicy=void 0;var KO=He(),JO=o(async(e,t,r)=>new KO.ZuploRequest(e,{body:r.body}),"SetBodyInboundPolicy");rc.SetBodyInboundPolicy=JO});var Jb=g(nc=>{"use strict";Object.defineProperty(nc,"__esModule",{value:!0});nc.SetHeadersInboundPolicy=void 0;var Kb=D(),zO=He(),WO=o(async(e,t,r,n)=>{let i=r.headers;if(!i||!Array.isArray(i)||i.length==0)throw new Kb.ConfigurationError(`SetHeadersInboundPolicy '${n}' options.headers must be a valid array of { name, value }`);let s=new Headers(e.headers);return i.forEach(c=>{if(!c.name||c.name.length===0)throw new Kb.ConfigurationError(`SetHeadersInboundPolicy '${n}' each option.headers[] entry must have a name property`);let u=c.overwrite===void 0?!0:c.overwrite;(!s.has(c.name)||u)&&s.set(c.name,c.value)}),new zO.ZuploRequest(e,{headers:s})},"SetHeadersInboundPolicy");nc.SetHeadersInboundPolicy=WO});var Wb=g(ic=>{"use strict";Object.defineProperty(ic,"__esModule",{value:!0});ic.SetHeadersOutboundPolicy=void 0;var zb=D(),QO=o(async(e,t,r,n,i)=>{let s=n.headers;if(!s||!Array.isArray(s)||s.length==0)throw new zb.ConfigurationError(`SetHeadersOutboundPolicy '${i}' options.headers must be a valid array of { name, value }`);let a=new Headers(e.headers);return s.forEach(u=>{if(!u.name||u.name.length===0)throw new zb.ConfigurationError(`SetHeadersOutboundPolicy '${i}' each option.headers[] entry must have a name property`);let l=u.overwrite===void 0?!0:u.overwrite;(!a.has(u.name)||l)&&a.set(u.name,u.value)}),new Response(e.body,{headers:a,status:e.status,statusText:e.statusText})},"SetHeadersOutboundPolicy");ic.SetHeadersOutboundPolicy=QO});var Yb=g(oc=>{"use strict";Object.defineProperty(oc,"__esModule",{value:!0});oc.SetQueryParamsInboundPolicy=void 0;var Qb=D(),YO=He(),ZO=o(async(e,t,r,n)=>{let i=r.params;if(!i||!Array.isArray(i)||i.length==0)throw new Qb.ConfigurationError(`SetQueryParamsInboundPolicy '${n}' options.params must be a valid array of { name, value }`);let s=new URL(e.url);return i.forEach(c=>{if(!c.name||c.name.length===0)throw new Qb.ConfigurationError(`SetQueryParamsInboundPolicy '${n}' each option.params[] entry must have a name property`);let u=c.overwrite===void 0?!0:c.overwrite;(!s.searchParams.has(c.name)||u)&&s.searchParams.set(c.name,c.value)}),new YO.ZuploRequest(s.toString(),e)},"SetQueryParamsInboundPolicy");oc.SetQueryParamsInboundPolicy=ZO});var Zb=g(sc=>{"use strict";Object.defineProperty(sc,"__esModule",{value:!0});sc.SetStatusOutboundPolicy=void 0;var XO=o(async(e,t,r,n,i)=>{if(!n.status||isNaN(n.status)||n.status<100||n.status>599)throw new Error(`Invalid SetStatusOutboundPolicy '${i}' - status must be a valid number between 100 and 599, not '${n.status}'`);return new Response(e.body,{headers:e.headers,status:n.status,statusText:n.statusText??e.statusText})},"SetStatusOutboundPolicy");sc.SetStatusOutboundPolicy=XO});var Xb=g(ac=>{"use strict";Object.defineProperty(ac,"__esModule",{value:!0});ac.SleepInboundPolicy=void 0;var ex=D(),tx=o(async e=>new Promise(r=>{setTimeout(r,e)}),"sleep"),rx=o(async(e,t,r,n)=>{if(!r||r.sleepInMs===void 0||isNaN(r.sleepInMs))throw new ex.ConfigurationError(`SleepInboundPolicy '${n} must have a valid options.sleepInMs value`);return await tx(r.sleepInMs),e},"SleepInboundPolicy");ac.SleepInboundPolicy=rx});var t_=g(cc=>{"use strict";Object.defineProperty(cc,"__esModule",{value:!0});cc.SupabaseJwtInboundPolicy=void 0;var e_=D(),nx=se(),ix=He(),ox=Ft(),sx=$t(),ax=o(async(e,t,r,n)=>{(0,ox.optionValidator)(r,n).required("secret","string").optional("allowUnauthenticatedRequests","boolean").optional("requiredClaims","object");let i={secret:r.secret,allowUnauthenticatedRequests:r.allowUnauthenticatedRequests??!1},s=await(0,sx.OpenIdJwtInboundPolicy)(e,t,i,n);if(s instanceof Response)return s;if(!(s instanceof ix.ZuploRequest))throw new e_.SystemError("Invalid State - SupabaseJwtInboundPolicy encountered a non-response that wasn't a ZuploRequest type')");let a=r.requiredClaims;if(!a)return s;let c=e.user?.data.app_metadata;if(!c)throw new e_.RuntimeError(`SupabaseJwtInboundPolicy policy '${n}' - has requiredClaims but the JWT token had no app_metadata property`);let u=Object.keys(a),l=[];return u.forEach(d=>{let p=a[d];Array.isArray(p)?p.includes(c[d])||l.push(d):p!==c[d]&&l.push(d)}),l.length>0?nx.HttpProblems.unauthorized(e,t,{detail:`Invalid JWT token - missing valid claims ${l.join(", ")}`}):s},"SupabaseJwtInboundPolicy");cc.SupabaseJwtInboundPolicy=ax});var n_=g(uc=>{"use strict";Object.defineProperty(uc,"__esModule",{value:!0});uc.UpstreamAzureAdServiceAuthInboundPolicy=void 0;var cx=qt(),ux=Kt(),r_=D(),lx=Le(),dx=Ts(),px=Ft(),hx=o(async(e,t,r,n)=>{(0,px.optionValidator)(r,n).required("activeDirectoryTenantId","string").required("activeDirectoryClientId","string").required("activeDirectoryClientSecret","string").optional("tokenRetries","number").optional("expirationOffsetSeconds","number");let i=await(0,cx.getPolicyCacheName)(n,r),s=new ux.MemoryZoneReadThroughCache(i,{logger:lx.SystemLogMap.getLogger(t)}),a=await s.get(n);if(!a){let c=await fx(r,t);s.put(n,c.access_token,c.expires_in-(r.expirationOffsetSeconds??300)),a=c.access_token}return e.headers.set("Authorization",`Bearer ${a}`),e},"UpstreamAzureAdServiceAuthInboundPolicy");uc.UpstreamAzureAdServiceAuthInboundPolicy=hx;async function fx(e,t){let r=new URLSearchParams({client_id:e.activeDirectoryClientId,scope:`${e.activeDirectoryClientId}/.default`,client_secret:e.activeDirectoryClientSecret,grant_type:"client_credentials"}),n=await(0,dx.fetchRetry)({retries:e.tokenRetries??3,retryDelayMs:10},`https://login.microsoftonline.com/${e.activeDirectoryTenantId}/oauth2/v2.0/token`,{headers:{"content-type":"application/x-www-form-urlencoded"},method:"POST",body:r});if(n.status!==200){try{let s=await n.text();t.log.error("Could not get token from Azure AD",s)}catch{}throw new r_.RuntimeError("Could not get token from Azure AD")}let i=await n.json();if(i&&typeof i=="object"&&"access_token"in i&&typeof i.access_token=="string"&&"expires_in"in i&&typeof i.expires_in=="number")return{access_token:i.access_token,expires_in:i.expires_in};throw new r_.RuntimeError("Response returned from Azure AD is not in the expected format.")}o(fx,"getAccessToken")});var o_=g(lc=>{"use strict";Object.defineProperty(lc,"__esModule",{value:!0});lc.UpstreamFirebaseAdminAuthInboundPolicy=void 0;var mx=qt(),yx=Kt(),gx=D(),bx=Le(),Ip=pn(),_x=Ft(),i_="https://accounts.google.com/o/oauth2/token",Pp,Ex=o(async(e,t,r,n)=>{(0,_x.optionValidator)(r,n).required("serviceAccountJson","string"),Pp||(Pp=await Ip.GcpServiceAccount.init(r.serviceAccountJson));let i={scope:["https://www.googleapis.com/auth/cloud-platform","https://www.googleapis.com/auth/firebase.database","https://www.googleapis.com/auth/firebase.messaging","https://www.googleapis.com/auth/identitytoolkit","https://www.googleapis.com/auth/userinfo.email"].join(" ")},s=await(0,mx.getPolicyCacheName)(n,r),a=new yx.MemoryZoneReadThroughCache(s,{logger:bx.SystemLogMap.getLogger(t)}),c=await a.get(n);if(!c){let u=await(0,Ip.getTokenFromGcpServiceAccount)({serviceAccount:Pp,audience:i_,payload:i}),l=await(0,Ip.exchangeGgpJwtForIdToken)(i_,u,{retries:r.tokenRetries??3,retryDelayMs:10});if(!l.access_token)throw new gx.RuntimeError("Invalid OAuth response from Firebase");c=l.access_token,a.put(n,c,(l.expires_in??3600)-(r.expirationOffsetSeconds??300))}return e.headers.set("Authorization",`Bearer ${c}`),e},"UpstreamFirebaseAdminAuthInboundPolicy");lc.UpstreamFirebaseAdminAuthInboundPolicy=Ex});var s_=g(dc=>{"use strict";Object.defineProperty(dc,"__esModule",{value:!0});dc.UpstreamFirebaseUserAuthInboundPolicy=void 0;var wx=qt(),vx=Kt(),kn=D(),Tx=Le(),Sx=ap(),Ap=pn(),Ix=ri(),Px=Ft(),Ax="https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit",Rx=["acr","amr","at_hash","aud","auth_time","azp","cnf","c_hash","exp","iat","iss","jti","nbf","nonce"],Rp,Ox=o(async(e,t,r,n)=>{if((0,Px.optionValidator)(r,n).required("serviceAccountJson","string").required("webApiKey","string").optional("developerClaims","object").optional("userId","string").optional("userIdPropertyPath","string"),!r.userId&&!r.userIdPropertyPath)throw new kn.ConfigurationError(`Either 'userId' or 'userIdPropertyPath' options must be set on policy '${n}'.`);let i={};if(typeof r.developerClaims<"u"){for(let p in r.developerClaims)if(Object.prototype.hasOwnProperty.call(r.developerClaims,p)){if(Rx.indexOf(p)!==-1)throw new kn.ConfigurationError(`Developer claim "${p}" is reserved and cannot be specified.`);i[p]=r.developerClaims[p]}}Rp||(Rp=await Ap.GcpServiceAccount.init(r.serviceAccountJson));let s=r.userId;if(!s&&!r.userIdPropertyPath){if(!e.user)throw new kn.RuntimeError("Unable to set userId for upstream auth policy as request.user is 'undefined'. Do you have an authentication policy before this policy?.");s=e.user?.sub}else if(r.userIdPropertyPath){if(!e.user)throw new kn.RuntimeError(`Unable to apply userIdPropertyPath '${r.userIdPropertyPath}' as request.user is 'undefined'. Do you have an authentication policy before this policy?`);s=(0,Ix.getValueFromRequestUser)(e.user,r.userIdPropertyPath,"userIdPropertyPath")}if(!s)throw new kn.RuntimeError(`Unable to determine user from for the policy ${n}`);let a=await(0,wx.getPolicyCacheName)(n,r),c=new vx.MemoryZoneReadThroughCache(a,{logger:Tx.SystemLogMap.getLogger(t)}),u={uid:s,claims:i},l=await(0,Sx.sha256)(JSON.stringify(u)),d=await c.get(l);if(!d){let p=await(0,Ap.getTokenFromGcpServiceAccount)({serviceAccount:Rp,audience:Ax,payload:u}),m=`https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=${r.webApiKey}`,h=await(0,Ap.exchangeFirebaseJwtForIdToken)(m,p,{retries:r.tokenRetries??3,retryDelayMs:10});if(!h.idToken)throw new kn.RuntimeError("Invalid token response from Firebase");d=h.idToken,c.put(l,d,(h.expiresIn?parseInt(h.expiresIn):3600)-(r.expirationOffsetSeconds??300))}return e.headers.set("Authorization",`Bearer ${d}`),e},"UpstreamFirebaseUserAuthInboundPolicy");dc.UpstreamFirebaseUserAuthInboundPolicy=Ox});var c_=g(pc=>{"use strict";Object.defineProperty(pc,"__esModule",{value:!0});pc.UpstreamGcpJwtInboundPolicy=void 0;var a_=pn(),xx=Ft(),Op,Nx=o(async(e,t,r,n)=>{(0,xx.optionValidator)(r,n).required("audience","string").required("serviceAccountJson","string"),Op||(Op=await a_.GcpServiceAccount.init(r.serviceAccountJson));let i=await(0,a_.getTokenFromGcpServiceAccount)({serviceAccount:Op,audience:r.audience});return e.headers.set("Authorization",`Bearer ${i}`),e},"UpstreamGcpJwtInboundPolicy");pc.UpstreamGcpJwtInboundPolicy=Nx});var l_=g(hc=>{"use strict";Object.defineProperty(hc,"__esModule",{value:!0});hc.UpstreamGcpServiceAuthInboundPolicy=void 0;var Cx=qt(),Lx=uu(),Dx=Kt(),Ux=D(),xp=pn(),Mx=Ft(),u_="https://www.googleapis.com/oauth2/v4/token",Np,kx=o(async(e,t,r,n)=>{(0,Mx.optionValidator)(r,n).required("audience","string").required("serviceAccountJson","string").optional("tokenRetries","number").optional("expirationOffsetSeconds","number"),Np||(Np=await xp.GcpServiceAccount.init(r.serviceAccountJson));let i=await(0,Cx.getPolicyCacheName)(n,r),s;r.useMemoryCacheOnly?s=new Lx.MemoryCache(i):s=new Dx.MemoryZoneReadThroughCache(i,t);let a=await s.get(n);if(!a){let c=await(0,xp.getTokenFromGcpServiceAccount)({serviceAccount:Np,audience:u_,payload:{target_audience:`${r.audience}`}}),{id_token:u}=await(0,xp.exchangeGgpJwtForIdToken)(u_,c,{retries:r.tokenRetries??3,retryDelayMs:10});if(!u)throw new Ux.RuntimeError("Invalid token response from GCP");a=u,s.put(n,a,3600-(r.expirationOffsetSeconds??300))}return e.headers.set("Authorization",`Bearer ${a}`),e},"UpstreamGcpServiceAuthInboundPolicy");hc.UpstreamGcpServiceAuthInboundPolicy=kx});var p_=g(fc=>{"use strict";Object.defineProperty(fc,"__esModule",{value:!0});fc.ValidateJsonSchemaInbound=void 0;var Hx=D(),d_=se(),Fx=o(async(e,t,r)=>{let n=e.clone(),i;try{i=await n.json()}catch{return d_.HttpProblems.badRequest(e,t,{detail:"Invalid JSON body - expected well-formed JSON document"})}if(r.validator(i))return e;let{errors:a}=r.validator;if(!a)throw new Hx.SystemError("Invalid state - validator error object is undefined even though validation failed.");let c=a.map(u=>u.instancePath===void 0||u.instancePath===""?"Body "+u.message:u.instancePath.replace("/","")+" "+u.message);return d_.HttpProblems.badRequest(e,t,{detail:"Incoming body did not pass schema validation",errors:c})},"ValidateJsonSchemaInbound");fc.ValidateJsonSchemaInbound=Fx});var y_=g(mc=>{"use strict";Object.defineProperty(mc,"__esModule",{value:!0});mc.MeteringInboundPolicy=void 0;var h_=$s(),f_=D(),m_=se(),qx=Le(),$x=Y(),jx=o(async(e,t,r,n)=>{let i=qx.SystemLogMap.getLogger(t);t.addResponseSendingFinalHook(async(d,p,m)=>{let h=h_.ContextData.get(m,"subscription");if((r.allowRequestsWithoutSubscription??!1)&&!h)return;let w=r.bucketId;if(!w){m.log.error(`MeteringInboundPolicy '${n}' - no bucketName property provided`);return}let{authApiJWT:T,meteringServiceUrl:S}=$x.Environment.instance;d.ok&&h&&r.meters&&fetch(`${S}/internal/v1/metering/${w}/subscriptions/${h.id}/quotas/consume`,{headers:{Authorization:`Bearer ${T}`},method:"POST",body:JSON.stringify({meters:r.meters})}).catch(L=>{m.log.error(`MeteringInboundPolicy '${n}' -error in serviceResponse`),i.error(`MeteringInboundPolicy '${n}' -error in serviceResponse`,L)})});let s=h_.ContextData.get(t,"subscription"),a=r.allowRequestsWithoutSubscription??!1,c=r.allowRequestsOverQuota??!1;if(!s){if(a)return e;throw new f_.ConfigurationError("Subscription is not available for user")}if(s&&Object.keys(s.quotas).length===0)return m_.HttpProblems.forbidden(e,t,{detail:`Quota is not set up for subscription '${t.custom.subscription.id}'`});let l=Object.keys(r.meters).filter(d=>!Object.keys(s.quotas).includes(d));if(l.length>0)throw new f_.ConfigurationError(`The following policy meters are not present in the subscription: ${l.join(", ")}`);for(let d of Object.keys(s.quotas))if(s.quotas[d]<=0&&!c)return m_.HttpProblems.forbidden(e,t,{detail:`Quota exceeded for meter '${d}'`});return e},"MeteringInboundPolicy");mc.MeteringInboundPolicy=jx});var g_=g(yc=>{"use strict";Object.defineProperty(yc,"__esModule",{value:!0});yc.LoadSubscriptionInboundPolicy=void 0;var Vx=$s(),Gx=D(),Cp=se(),Bx=Le(),Kx=Y(),Jx=o(async(e,t,r,n)=>{let i=Bx.SystemLogMap.getLogger(t),s=r.allowRequestsWithoutSubscription??!1,a=e.user;if(!a)return s?e:Cp.HttpProblems.unauthorized(e,t,{detail:"Unable to check subscription for anonymous user"});let c=r.bucketId;if(!c)throw new Gx.ConfigurationError(`LoadSubscriptionInboundPolicy '${n}' - no bucketName property provided`);let{authApiJWT:u,meteringServiceUrl:l}=Kx.Environment.instance,{sub:d}=a,p,m;try{if(p=await fetch(`${l}/internal/v1/metering/${c}/subscriptions?customerRef=${d}&status=active`,{headers:{Authorization:`Bearer ${u}`},method:"GET"}),!p.ok)return t.log.error(await p.text()),Cp.HttpProblems.forbidden(e,t);m=await p.json()}catch(y){i.error(`LoadSubscriptionInboundPolicy '${n}' -error in serviceResponse`,y)}if((!m||!m.data||m.data.length===0)&&!s)return Cp.HttpProblems.unauthorized(e,t,{detail:"No valid, active subscription found"});if((!m||!m.data||m.data.length===0)&&s)return e;let h=m&&m.data?m.data[0]:void 0;return Vx.ContextData.set(t,"subscription",h),e},"LoadSubscriptionInboundPolicy");yc.LoadSubscriptionInboundPolicy=Jx});var b_=g(gc=>{"use strict";Object.defineProperty(gc,"__esModule",{value:!0});gc.ServiceProviderImpl=void 0;var zx=D(),Lp=class e{static{o(this,"ServiceProviderImpl")}static#e;services=new Map;constructor(){}static getInstance(){return e.#e||(e.#e=new e),e.#e}setInstance(t){e.#e=t}addService(t,r){if(this.services.get(t))throw new zx.SystemError(`A service with the name ${t} already exists -- you cannot have duplicate services`);this.services.set(t,r)}getService(t){return this.services.get(t)}};gc.ServiceProviderImpl=Lp});var O_=g(f=>{"use strict";var Wx=f&&f.__createBinding||(Object.create?function(e,t,r,n){n===void 0&&(n=r);var i=Object.getOwnPropertyDescriptor(t,r);(!i||("get"in i?!t.__esModule:i.writable||i.configurable))&&(i={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,n,i)}:function(e,t,r,n){n===void 0&&(n=r),e[n]=t[r]}),Dp=f&&f.__exportStar||function(e,t){for(var r in e)r!=="default"&&!Object.prototype.hasOwnProperty.call(t,r)&&Wx(t,e,r)},Qx=f&&f.__importDefault||function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(f,"__esModule",{value:!0});f.RateLimitInboundPolicy=f.BasicRateLimitInboundPolicy=f.PropelAuthJwtInboundPolicy=f.OpenIdJwtInboundPolicy=f.OktaJwtInboundPolicy=f.setMoesifContext=f.MoesifInboundPolicy=f.MockApiInboundPolicy=f.JWTScopeValidationInboundPolicy=f.GeoFilterInboundPolicy=f.FormDataToJsonInboundPolicy=f.FirebaseJwtInboundPolicy=f.CurityPhantomTokenInboundPolicy=f.CreditsMeteringInboundPolicy=f.CompositeInboundPolicy=f.CognitoJwtInboundPolicy=f.ClerkJwtInboundPolicy=f.ClearHeadersOutboundPolicy=f.ClearHeadersInboundPolicy=f.ChangeMethodInboundPolicy=f.CachingInboundPolicy=f.BasicAuthInboundPolicy=f.Auth0JwtInboundPolicy=f.ApiKeyInboundPolicy=f.ApiAuthKeyInboundPolicy=f.AmberfloMeteringPolicy=f.AmberfloMeteringInboundPolicy=f.AuditLogPlugin=f.AuditLogDataStaxProvider=f.HttpStatusCode=f.webSocketPipelineHandler=f.webSocketHandler=f.urlRewriteHandler=f.urlForwardHandler=f.redirectHandler=f.openApiSpecHandler=f.awsLambdaHandler=f.AwsLambdaHandlerExtensions=f.purgeGatewayCache=f.Handler=f.originalFetch=f.ConfigurationError=f.isZuploReadableEnvVariableName=f.isRestrictedEnvVariableName=f.environment=f.ContextData=f.ResponseSentEvent=f.ResponseSendingEvent=f.ZoneCache=f.MemoryZoneReadThroughCache=void 0;f.sanitizedIdentifierName=f.getRawOperationDataIdentifierName=f.getIdForRequestBodySchema=f.getIdForRefSchema=f.getIdForParameterSchema=f.SystemLogMap=f.httpStatuses=f.SYSTEM_LOGGER=f.API_KEY=f.ServiceProviderImpl=f.serialize=f.ContentTypes=f.Router=f.LookupResult=f.SystemRouteName=f.ZuploRequest=f.ProblemResponseFormatter=f.HttpProblems=f.LoadSubscriptionInboundPolicy=f.MeteringInboundPolicy=f.ValidateJsonSchemaInbound=f.UpstreamGcpServiceAuthInboundPolicy=f.UpstreamGcpJwtInboundPolicy=f.UpstreamFirebaseUserAuthInboundPolicy=f.UpstreamFirebaseAdminAuthInboundPolicy=f.UpstreamAzureAdServiceAuthInboundPolicy=f.SupabaseJwtInboundPolicy=f.StripeWebhookInboundPolicy=f.SleepInboundPolicy=f.SetStatusOutboundPolicy=f.SetQueryParamsInboundPolicy=f.SetHeadersOutboundPolicy=f.SetHeadersInboundPolicy=f.SetBodyInboundPolicy=f.RequireOriginInboundPolicy=f.SchemaBasedRequestValidation=f.RequestValidationInboundPolicy=f.RequestSizeLimitInboundPolicy=f.ReplaceStringOutboundPolicy=f.RemoveQueryParamsInboundPolicy=f.RemoveHeadersOutboundPolicy=f.RemoveHeadersInboundPolicy=f.ReadmeMetricsInboundPolicy=void 0;yh();var Yx=Kt();Object.defineProperty(f,"MemoryZoneReadThroughCache",{enumerable:!0,get:function(){return Yx.MemoryZoneReadThroughCache}});var Zx=no();Object.defineProperty(f,"ZoneCache",{enumerable:!0,get:function(){return Zx.ZoneCache}});var __=Sr();Object.defineProperty(f,"ResponseSendingEvent",{enumerable:!0,get:function(){return __.ResponseSendingEvent}});Object.defineProperty(f,"ResponseSentEvent",{enumerable:!0,get:function(){return __.ResponseSentEvent}});var Xx=$s();Object.defineProperty(f,"ContextData",{enumerable:!0,get:function(){return Xx.ContextData}});var Up=Ed();Object.defineProperty(f,"environment",{enumerable:!0,get:function(){return Up.environment}});Object.defineProperty(f,"isRestrictedEnvVariableName",{enumerable:!0,get:function(){return Up.isRestrictedEnvVariableName}});Object.defineProperty(f,"isZuploReadableEnvVariableName",{enumerable:!0,get:function(){return Up.isZuploReadableEnvVariableName}});var eN=D();Object.defineProperty(f,"ConfigurationError",{enumerable:!0,get:function(){return eN.ConfigurationError}});var tN=vd();Object.defineProperty(f,"originalFetch",{enumerable:!0,get:function(){return tN.originalFetch}});var E_=Gy();Object.defineProperty(f,"Handler",{enumerable:!0,get:function(){return E_.Handler}});Object.defineProperty(f,"purgeGatewayCache",{enumerable:!0,get:function(){return E_.purgeGatewayCache}});var w_=ag();Object.defineProperty(f,"AwsLambdaHandlerExtensions",{enumerable:!0,get:function(){return w_.AwsLambdaHandlerExtensions}});Object.defineProperty(f,"awsLambdaHandler",{enumerable:!0,get:function(){return w_.awsLambdaHandler}});var rN=ug();Object.defineProperty(f,"openApiSpecHandler",{enumerable:!0,get:function(){return rN.openApiSpecHandler}});var nN=lg();Object.defineProperty(f,"redirectHandler",{enumerable:!0,get:function(){return nN.redirectHandler}});var iN=pg();Object.defineProperty(f,"urlForwardHandler",{enumerable:!0,get:function(){return iN.urlForwardHandler}});var oN=fg();Object.defineProperty(f,"urlRewriteHandler",{enumerable:!0,get:function(){return oN.urlRewriteHandler}});var sN=yg();Object.defineProperty(f,"webSocketHandler",{enumerable:!0,get:function(){return sN.webSocketHandler}});var aN=_g();Object.defineProperty(f,"webSocketPipelineHandler",{enumerable:!0,get:function(){return aN.webSocketPipelineHandler}});var cN=Lu();Object.defineProperty(f,"HttpStatusCode",{enumerable:!0,get:function(){return cN.HttpStatusCode}});Dp(Ag(),f);Dp(xg(),f);var uN=Ng();Object.defineProperty(f,"AuditLogDataStaxProvider",{enumerable:!0,get:function(){return uN.AuditLogDataStaxProvider}});var lN=Lg();Object.defineProperty(f,"AuditLogPlugin",{enumerable:!0,get:function(){return lN.AuditLogPlugin}});Dp(Fg(),f);var v_=Gg();Object.defineProperty(f,"AmberfloMeteringInboundPolicy",{enumerable:!0,get:function(){return v_.AmberfloMeteringInboundPolicy}});Object.defineProperty(f,"AmberfloMeteringPolicy",{enumerable:!0,get:function(){return v_.AmberfloMeteringPolicy}});var dN=zg();Object.defineProperty(f,"ApiAuthKeyInboundPolicy",{enumerable:!0,get:function(){return dN.ApiAuthKeyInboundPolicy}});var pN=dp();Object.defineProperty(f,"ApiKeyInboundPolicy",{enumerable:!0,get:function(){return pN.ApiKeyInboundPolicy}});var hN=Wg();Object.defineProperty(f,"Auth0JwtInboundPolicy",{enumerable:!0,get:function(){return hN.Auth0JwtInboundPolicy}});var fN=Qg();Object.defineProperty(f,"BasicAuthInboundPolicy",{enumerable:!0,get:function(){return fN.BasicAuthInboundPolicy}});var mN=Yg();Object.defineProperty(f,"CachingInboundPolicy",{enumerable:!0,get:function(){return mN.CachingInboundPolicy}});var yN=Zg();Object.defineProperty(f,"ChangeMethodInboundPolicy",{enumerable:!0,get:function(){return yN.ChangeMethodInboundPolicy}});var gN=Xg();Object.defineProperty(f,"ClearHeadersInboundPolicy",{enumerable:!0,get:function(){return gN.ClearHeadersInboundPolicy}});var bN=eb();Object.defineProperty(f,"ClearHeadersOutboundPolicy",{enumerable:!0,get:function(){return bN.ClearHeadersOutboundPolicy}});var _N=tb();Object.defineProperty(f,"ClerkJwtInboundPolicy",{enumerable:!0,get:function(){return _N.ClerkJwtInboundPolicy}});var EN=nb();Object.defineProperty(f,"CognitoJwtInboundPolicy",{enumerable:!0,get:function(){return EN.CognitoJwtInboundPolicy}});var wN=ob();Object.defineProperty(f,"CompositeInboundPolicy",{enumerable:!0,get:function(){return wN.CompositeInboundPolicy}});var vN=ab();Object.defineProperty(f,"CreditsMeteringInboundPolicy",{enumerable:!0,get:function(){return vN.CreditsMeteringInboundPolicy}});var TN=cb();Object.defineProperty(f,"CurityPhantomTokenInboundPolicy",{enumerable:!0,get:function(){return TN.CurityPhantomTokenInboundPolicy}});var SN=ub();Object.defineProperty(f,"FirebaseJwtInboundPolicy",{enumerable:!0,get:function(){return SN.FirebaseJwtInboundPolicy}});var IN=lb();Object.defineProperty(f,"FormDataToJsonInboundPolicy",{enumerable:!0,get:function(){return IN.FormDataToJsonInboundPolicy}});var PN=db();Object.defineProperty(f,"GeoFilterInboundPolicy",{enumerable:!0,get:function(){return PN.GeoFilterInboundPolicy}});var AN=pb();Object.defineProperty(f,"JWTScopeValidationInboundPolicy",{enumerable:!0,get:function(){return AN.JWTScopeValidationInboundPolicy}});var RN=fb();Object.defineProperty(f,"MockApiInboundPolicy",{enumerable:!0,get:function(){return RN.MockApiInboundPolicy}});var T_=_b();Object.defineProperty(f,"MoesifInboundPolicy",{enumerable:!0,get:function(){return T_.MoesifInboundPolicy}});Object.defineProperty(f,"setMoesifContext",{enumerable:!0,get:function(){return T_.setMoesifContext}});var ON=Eb();Object.defineProperty(f,"OktaJwtInboundPolicy",{enumerable:!0,get:function(){return ON.OktaJwtInboundPolicy}});var xN=$t();Object.defineProperty(f,"OpenIdJwtInboundPolicy",{enumerable:!0,get:function(){return xN.OpenIdJwtInboundPolicy}});var NN=wb();Object.defineProperty(f,"PropelAuthJwtInboundPolicy",{enumerable:!0,get:function(){return NN.PropelAuthJwtInboundPolicy}});var S_=Rb();Object.defineProperty(f,"BasicRateLimitInboundPolicy",{enumerable:!0,get:function(){return S_.RateLimitInboundPolicy}});Object.defineProperty(f,"RateLimitInboundPolicy",{enumerable:!0,get:function(){return S_.RateLimitInboundPolicy}});var CN=Cb();Object.defineProperty(f,"ReadmeMetricsInboundPolicy",{enumerable:!0,get:function(){return CN.ReadmeMetricsInboundPolicy}});var LN=Lb();Object.defineProperty(f,"RemoveHeadersInboundPolicy",{enumerable:!0,get:function(){return LN.RemoveHeadersInboundPolicy}});var DN=Db();Object.defineProperty(f,"RemoveHeadersOutboundPolicy",{enumerable:!0,get:function(){return DN.RemoveHeadersOutboundPolicy}});var UN=Ub();Object.defineProperty(f,"RemoveQueryParamsInboundPolicy",{enumerable:!0,get:function(){return UN.RemoveQueryParamsInboundPolicy}});var MN=Mb();Object.defineProperty(f,"ReplaceStringOutboundPolicy",{enumerable:!0,get:function(){return MN.ReplaceStringOutboundPolicy}});var kN=Hb();Object.defineProperty(f,"RequestSizeLimitInboundPolicy",{enumerable:!0,get:function(){return kN.RequestSizeLimitInboundPolicy}});var I_=Vb();Object.defineProperty(f,"RequestValidationInboundPolicy",{enumerable:!0,get:function(){return I_.RequestValidationInboundPolicy}});Object.defineProperty(f,"SchemaBasedRequestValidation",{enumerable:!0,get:function(){return I_.SchemaBasedRequestValidation}});var HN=Gb();Object.defineProperty(f,"RequireOriginInboundPolicy",{enumerable:!0,get:function(){return HN.RequireOriginInboundPolicy}});var FN=Bb();Object.defineProperty(f,"SetBodyInboundPolicy",{enumerable:!0,get:function(){return FN.SetBodyInboundPolicy}});var qN=Jb();Object.defineProperty(f,"SetHeadersInboundPolicy",{enumerable:!0,get:function(){return qN.SetHeadersInboundPolicy}});var $N=Wb();Object.defineProperty(f,"SetHeadersOutboundPolicy",{enumerable:!0,get:function(){return $N.SetHeadersOutboundPolicy}});var jN=Yb();Object.defineProperty(f,"SetQueryParamsInboundPolicy",{enumerable:!0,get:function(){return jN.SetQueryParamsInboundPolicy}});var VN=Zb();Object.defineProperty(f,"SetStatusOutboundPolicy",{enumerable:!0,get:function(){return VN.SetStatusOutboundPolicy}});var GN=Xb();Object.defineProperty(f,"SleepInboundPolicy",{enumerable:!0,get:function(){return GN.SleepInboundPolicy}});var BN=np();Object.defineProperty(f,"StripeWebhookInboundPolicy",{enumerable:!0,get:function(){return BN.StripeWebhookInboundPolicy}});var KN=t_();Object.defineProperty(f,"SupabaseJwtInboundPolicy",{enumerable:!0,get:function(){return KN.SupabaseJwtInboundPolicy}});var JN=n_();Object.defineProperty(f,"UpstreamAzureAdServiceAuthInboundPolicy",{enumerable:!0,get:function(){return JN.UpstreamAzureAdServiceAuthInboundPolicy}});var zN=o_();Object.defineProperty(f,"UpstreamFirebaseAdminAuthInboundPolicy",{enumerable:!0,get:function(){return zN.UpstreamFirebaseAdminAuthInboundPolicy}});var WN=s_();Object.defineProperty(f,"UpstreamFirebaseUserAuthInboundPolicy",{enumerable:!0,get:function(){return WN.UpstreamFirebaseUserAuthInboundPolicy}});var QN=c_();Object.defineProperty(f,"UpstreamGcpJwtInboundPolicy",{enumerable:!0,get:function(){return QN.UpstreamGcpJwtInboundPolicy}});var YN=l_();Object.defineProperty(f,"UpstreamGcpServiceAuthInboundPolicy",{enumerable:!0,get:function(){return YN.UpstreamGcpServiceAuthInboundPolicy}});var ZN=p_();Object.defineProperty(f,"ValidateJsonSchemaInbound",{enumerable:!0,get:function(){return ZN.ValidateJsonSchemaInbound}});var XN=y_();Object.defineProperty(f,"MeteringInboundPolicy",{enumerable:!0,get:function(){return XN.MeteringInboundPolicy}});var eC=g_();Object.defineProperty(f,"LoadSubscriptionInboundPolicy",{enumerable:!0,get:function(){return eC.LoadSubscriptionInboundPolicy}});var tC=se();Object.defineProperty(f,"HttpProblems",{enumerable:!0,get:function(){return tC.HttpProblems}});var rC=ho();Object.defineProperty(f,"ProblemResponseFormatter",{enumerable:!0,get:function(){return rC.ProblemResponseFormatter}});var nC=He();Object.defineProperty(f,"ZuploRequest",{enumerable:!0,get:function(){return nC.ZuploRequest}});var iC=Pr();Object.defineProperty(f,"SystemRouteName",{enumerable:!0,get:function(){return iC.SystemRouteName}});var P_=pd();Object.defineProperty(f,"LookupResult",{enumerable:!0,get:function(){return P_.LookupResult}});Object.defineProperty(f,"Router",{enumerable:!0,get:function(){return P_.Router}});var A_=Su();Object.defineProperty(f,"ContentTypes",{enumerable:!0,get:function(){return A_.ContentTypes}});Object.defineProperty(f,"serialize",{enumerable:!0,get:function(){return A_.serialize}});var oC=b_();Object.defineProperty(f,"ServiceProviderImpl",{enumerable:!0,get:function(){return oC.ServiceProviderImpl}});var R_=Ku();Object.defineProperty(f,"API_KEY",{enumerable:!0,get:function(){return R_.API_KEY}});Object.defineProperty(f,"SYSTEM_LOGGER",{enumerable:!0,get:function(){return R_.SYSTEM_LOGGER}});var sC=Uu();Object.defineProperty(f,"httpStatuses",{enumerable:!0,get:function(){return Qx(sC).default}});var aC=Le();Object.defineProperty(f,"SystemLogMap",{enumerable:!0,get:function(){return aC.SystemLogMap}});var Ui=Wa();Object.defineProperty(f,"getIdForParameterSchema",{enumerable:!0,get:function(){return Ui.getIdForParameterSchema}});Object.defineProperty(f,"getIdForRefSchema",{enumerable:!0,get:function(){return Ui.getIdForRefSchema}});Object.defineProperty(f,"getIdForRequestBodySchema",{enumerable:!0,get:function(){return Ui.getIdForRequestBodySchema}});Object.defineProperty(f,"getRawOperationDataIdentifierName",{enumerable:!0,get:function(){return Ui.getRawOperationDataIdentifierName}});Object.defineProperty(f,"sanitizedIdentifierName",{enumerable:!0,get:function(){return Ui.sanitizedIdentifierName}})});var x_=g(Hn=>{"use strict";Object.defineProperty(Hn,"__esModule",{value:!0});Hn.BaseCryptoBeta=Hn.supportedDigests=void 0;Hn.supportedDigests=["sha-1","sha-256","sha-384","sha-512"];var Mp=class{static{o(this,"BaseCryptoBeta")}};Hn.BaseCryptoBeta=Mp});var N_=g(bc=>{"use strict";Object.defineProperty(bc,"__esModule",{value:!0});bc.WorkerCryptoBeta=void 0;var kp=x_(),cC=D(),Hp=class extends kp.BaseCryptoBeta{static{o(this,"WorkerCryptoBeta")}async digest(t,r){if(!kp.supportedDigests.includes(t.toLowerCase()))throw new cC.RuntimeError(`Algorithm ${t} is not supported. Try using ${kp.supportedDigests.join(", ")}`);let n=new TextEncoder().encode(r),i=await crypto.subtle.digest(t,n);return Array.from(new Uint8Array(i)).map(c=>c.toString(16).padStart(2,"0")).join("")}};bc.WorkerCryptoBeta=Hp});var C_=g(_c=>{"use strict";Object.defineProperty(_c,"__esModule",{value:!0});_c.BaseKeyValueStore=void 0;var Fp=class{static{o(this,"BaseKeyValueStore")}context;constructor(t){this.context=t}};_c.BaseKeyValueStore=Fp});var D_=g(Ec=>{"use strict";Object.defineProperty(Ec,"__esModule",{value:!0});Ec.WorkerKeyValueStore=void 0;var L_=D(),uC=C_(),qp=class extends uC.BaseKeyValueStore{static{o(this,"WorkerKeyValueStore")}#e;constructor(t){super(t);let n=globalThis.ZUPLO_KV;if(!n)throw new L_.FeatureNotEnabledError("The Key Value Store feature is not enabled for this project.");this.#e=n}put(t,r,n){if(typeof t!="string")throw new L_.ConfigurationError("value must be of type string");return this.#e.put(t,r,n?{expirationTtl:n.expirationSecondsTtl}:void 0)}get(t,r){return this.#e.get(t,{type:"text",cacheTtl:r?.cacheSecondsTtl})}delete(t){return this.#e.delete(t)}};Ec.WorkerKeyValueStore=qp});var Ct=g(lt=>{"use strict";var lC=lt&&lt.__createBinding||(Object.create?function(e,t,r,n){n===void 0&&(n=r);var i=Object.getOwnPropertyDescriptor(t,r);(!i||("get"in i?!t.__esModule:i.writable||i.configurable))&&(i={enumerable:!0,get:function(){return t[r]}}),Object.defineProperty(e,n,i)}:function(e,t,r,n){n===void 0&&(n=r),e[n]=t[r]}),dC=lt&&lt.__exportStar||function(e,t){for(var r in e)r!=="default"&&!Object.prototype.hasOwnProperty.call(t,r)&&lC(t,e,r)};Object.defineProperty(lt,"__esModule",{value:!0});lt.KeyValueStore=lt.CryptoBeta=void 0;dC(O_(),lt);var pC=N_();Object.defineProperty(lt,"CryptoBeta",{enumerable:!0,get:function(){return pC.WorkerCryptoBeta}});var hC=D_();Object.defineProperty(lt,"KeyValueStore",{enumerable:!0,get:function(){return hC.WorkerKeyValueStore}})});var EL={};Yi(EL,{GraphQLComplexityLimitInboundPolicy:()=>pE,GraphQLDisableIntrospectionInboundPolicy:()=>fE});module.exports=Zi(EL);var Qn=ph(Ct());function B(e,t){if(!!!e)throw new Error(t)}o(B,"devAssert");function Ee(e){return typeof e=="object"&&e!==null}o(Ee,"isObjectLike");function Pt(e,t){if(!!!e)throw new Error(t??"Unexpected invariant triggered.")}o(Pt,"invariant");var fC=/\r\n|[\n\r]/g;function Fn(e,t){let r=0,n=1;for(let i of e.body.matchAll(fC)){if(typeof i.index=="number"||Pt(!1),i.index>=t)break;r=i.index+i[0].length,n+=1}return{line:n,column:t+1-r}}o(Fn,"getLocation");function $p(e){return wc(e.source,Fn(e.source,e.start))}o($p,"printLocation");function wc(e,t){let r=e.locationOffset.column-1,n="".padStart(r)+e.body,i=t.line-1,s=e.locationOffset.line-1,a=t.line+s,c=t.line===1?r:0,u=t.column+c,l=`${e.name}:${a}:${u}
75
75
  `,d=n.split(/\r\n|[\n\r]/g),p=d[i];if(p.length>120){let m=Math.floor(u/80),h=u%80,y=[];for(let w=0;w<p.length;w+=80)y.push(p.slice(w,w+80));return l+U_([[`${a} |`,y[0]],...y.slice(1,m+1).map(w=>["|",w]),["|","^".padStart(h)],["|",y[m+1]]])}return l+U_([[`${a-1} |`,d[i-1]],[`${a} |`,p],["|","^".padStart(u)],[`${a+1} |`,d[i+1]]])}o(wc,"printSourceLocation");function U_(e){let t=e.filter(([n,i])=>i!==void 0),r=Math.max(...t.map(([n])=>n.length));return t.map(([n,i])=>n.padStart(r)+(i?" "+i:"")).join(`
76
76
  `)}o(U_,"printPrefixedLines");function mC(e){let t=e[0];return t==null||"kind"in t||"length"in t?{nodes:t,source:e[1],positions:e[2],path:e[3],originalError:e[4],extensions:e[5]}:t}o(mC,"toNormalizedOptions");var C=class e extends Error{static{o(this,"GraphQLError")}constructor(t,...r){var n,i,s;let{nodes:a,source:c,positions:u,path:l,originalError:d,extensions:p}=mC(r);super(t),this.name="GraphQLError",this.path=l??void 0,this.originalError=d??void 0,this.nodes=M_(Array.isArray(a)?a:a?[a]:void 0);let m=M_((n=this.nodes)===null||n===void 0?void 0:n.map(y=>y.loc).filter(y=>y!=null));this.source=c??(m==null||(i=m[0])===null||i===void 0?void 0:i.source),this.positions=u??m?.map(y=>y.start),this.locations=u&&c?u.map(y=>Fn(c,y)):m?.map(y=>Fn(y.source,y.start));let h=Ee(d?.extensions)?d?.extensions:void 0;this.extensions=(s=p??h)!==null&&s!==void 0?s:Object.create(null),Object.defineProperties(this,{message:{writable:!0,enumerable:!0},name:{enumerable:!1},nodes:{enumerable:!1},source:{enumerable:!1},positions:{enumerable:!1},originalError:{enumerable:!1}}),d!=null&&d.stack?Object.defineProperty(this,"stack",{value:d.stack,writable:!0,configurable:!0}):Error.captureStackTrace?Error.captureStackTrace(this,e):Object.defineProperty(this,"stack",{value:Error().stack,writable:!0,configurable:!0})}get[Symbol.toStringTag](){return"GraphQLError"}toString(){let t=this.message;if(this.nodes)for(let r of this.nodes)r.loc&&(t+=`
77
77
 
@@ -92,7 +92,7 @@ https://yarnpkg.com/en/docs/selective-version-resolutions
92
92
  Duplicate "graphql" modules cannot be used at the same time since different
93
93
  versions may have different capabilities and behavior. The data from one
94
94
  version used in the function from another could produce confusing and
95
- spurious results.`)}}return!1},"instanceOf");var Vn=class{static{o(this,"Source")}constructor(t,r="GraphQL request",n={line:1,column:1}){typeof t=="string"||B(!1,`Body must be a string. Received: ${P(t)}.`),this.body=t,this.name=r,this.locationOffset=n,this.locationOffset.line>0||B(!1,"line in locationOffset is 1-indexed and must be positive."),this.locationOffset.column>0||B(!1,"column in locationOffset is 1-indexed and must be positive.")}get[Symbol.toStringTag](){return"Source"}};function G_(e){return ze(e,Vn)}o(G_,"isSource");function Rc(e,t){return new Ac(e,t).parseDocument()}o(Rc,"parse");function Oc(e,t){let r=new Ac(e,t);r.expectToken(_.SOF);let n=r.parseValueLiteral(!1);return r.expectToken(_.EOF),n}o(Oc,"parseValue");var Ac=class{static{o(this,"Parser")}constructor(t,r={}){let n=G_(t)?t:new Vn(t);this._lexer=new qi(n),this._options=r,this._tokenCounter=0}parseName(){let t=this.expectToken(_.NAME);return this.node(t,{kind:b.NAME,value:t.value})}parseDocument(){return this.node(this._lexer.token,{kind:b.DOCUMENT,definitions:this.many(_.SOF,this.parseDefinition,_.EOF)})}parseDefinition(){if(this.peek(_.BRACE_L))return this.parseOperationDefinition();let t=this.peekDescription(),r=t?this._lexer.lookahead():this._lexer.token;if(r.kind===_.NAME){switch(r.value){case"schema":return this.parseSchemaDefinition();case"scalar":return this.parseScalarTypeDefinition();case"type":return this.parseObjectTypeDefinition();case"interface":return this.parseInterfaceTypeDefinition();case"union":return this.parseUnionTypeDefinition();case"enum":return this.parseEnumTypeDefinition();case"input":return this.parseInputObjectTypeDefinition();case"directive":return this.parseDirectiveDefinition()}if(t)throw de(this._lexer.source,this._lexer.token.start,"Unexpected description, descriptions are supported only on type definitions.");switch(r.value){case"query":case"mutation":case"subscription":return this.parseOperationDefinition();case"fragment":return this.parseFragmentDefinition();case"extend":return this.parseTypeSystemExtension()}}throw this.unexpected(r)}parseOperationDefinition(){let t=this._lexer.token;if(this.peek(_.BRACE_L))return this.node(t,{kind:b.OPERATION_DEFINITION,operation:rt.QUERY,name:void 0,variableDefinitions:[],directives:[],selectionSet:this.parseSelectionSet()});let r=this.parseOperationType(),n;return this.peek(_.NAME)&&(n=this.parseName()),this.node(t,{kind:b.OPERATION_DEFINITION,operation:r,name:n,variableDefinitions:this.parseVariableDefinitions(),directives:this.parseDirectives(!1),selectionSet:this.parseSelectionSet()})}parseOperationType(){let t=this.expectToken(_.NAME);switch(t.value){case"query":return rt.QUERY;case"mutation":return rt.MUTATION;case"subscription":return rt.SUBSCRIPTION}throw this.unexpected(t)}parseVariableDefinitions(){return this.optionalMany(_.PAREN_L,this.parseVariableDefinition,_.PAREN_R)}parseVariableDefinition(){return this.node(this._lexer.token,{kind:b.VARIABLE_DEFINITION,variable:this.parseVariable(),type:(this.expectToken(_.COLON),this.parseTypeReference()),defaultValue:this.expectOptionalToken(_.EQUALS)?this.parseConstValueLiteral():void 0,directives:this.parseConstDirectives()})}parseVariable(){let t=this._lexer.token;return this.expectToken(_.DOLLAR),this.node(t,{kind:b.VARIABLE,name:this.parseName()})}parseSelectionSet(){return this.node(this._lexer.token,{kind:b.SELECTION_SET,selections:this.many(_.BRACE_L,this.parseSelection,_.BRACE_R)})}parseSelection(){return this.peek(_.SPREAD)?this.parseFragment():this.parseField()}parseField(){let t=this._lexer.token,r=this.parseName(),n,i;return this.expectOptionalToken(_.COLON)?(n=r,i=this.parseName()):i=r,this.node(t,{kind:b.FIELD,alias:n,name:i,arguments:this.parseArguments(!1),directives:this.parseDirectives(!1),selectionSet:this.peek(_.BRACE_L)?this.parseSelectionSet():void 0})}parseArguments(t){let r=t?this.parseConstArgument:this.parseArgument;return this.optionalMany(_.PAREN_L,r,_.PAREN_R)}parseArgument(t=!1){let r=this._lexer.token,n=this.parseName();return this.expectToken(_.COLON),this.node(r,{kind:b.ARGUMENT,name:n,value:this.parseValueLiteral(t)})}parseConstArgument(){return this.parseArgument(!0)}parseFragment(){let t=this._lexer.token;this.expectToken(_.SPREAD);let r=this.expectOptionalKeyword("on");return!r&&this.peek(_.NAME)?this.node(t,{kind:b.FRAGMENT_SPREAD,name:this.parseFragmentName(),directives:this.parseDirectives(!1)}):this.node(t,{kind:b.INLINE_FRAGMENT,typeCondition:r?this.parseNamedType():void 0,directives:this.parseDirectives(!1),selectionSet:this.parseSelectionSet()})}parseFragmentDefinition(){let t=this._lexer.token;return this.expectKeyword("fragment"),this._options.allowLegacyFragmentVariables===!0?this.node(t,{kind:b.FRAGMENT_DEFINITION,name:this.parseFragmentName(),variableDefinitions:this.parseVariableDefinitions(),typeCondition:(this.expectKeyword("on"),this.parseNamedType()),directives:this.parseDirectives(!1),selectionSet:this.parseSelectionSet()}):this.node(t,{kind:b.FRAGMENT_DEFINITION,name:this.parseFragmentName(),typeCondition:(this.expectKeyword("on"),this.parseNamedType()),directives:this.parseDirectives(!1),selectionSet:this.parseSelectionSet()})}parseFragmentName(){if(this._lexer.token.value==="on")throw this.unexpected();return this.parseName()}parseValueLiteral(t){let r=this._lexer.token;switch(r.kind){case _.BRACKET_L:return this.parseList(t);case _.BRACE_L:return this.parseObject(t);case _.INT:return this.advanceLexer(),this.node(r,{kind:b.INT,value:r.value});case _.FLOAT:return this.advanceLexer(),this.node(r,{kind:b.FLOAT,value:r.value});case _.STRING:case _.BLOCK_STRING:return this.parseStringLiteral();case _.NAME:switch(this.advanceLexer(),r.value){case"true":return this.node(r,{kind:b.BOOLEAN,value:!0});case"false":return this.node(r,{kind:b.BOOLEAN,value:!1});case"null":return this.node(r,{kind:b.NULL});default:return this.node(r,{kind:b.ENUM,value:r.value})}case _.DOLLAR:if(t)if(this.expectToken(_.DOLLAR),this._lexer.token.kind===_.NAME){let n=this._lexer.token.value;throw de(this._lexer.source,r.start,`Unexpected variable "$${n}" in constant value.`)}else throw this.unexpected(r);return this.parseVariable();default:throw this.unexpected()}}parseConstValueLiteral(){return this.parseValueLiteral(!0)}parseStringLiteral(){let t=this._lexer.token;return this.advanceLexer(),this.node(t,{kind:b.STRING,value:t.value,block:t.kind===_.BLOCK_STRING})}parseList(t){let r=o(()=>this.parseValueLiteral(t),"item");return this.node(this._lexer.token,{kind:b.LIST,values:this.any(_.BRACKET_L,r,_.BRACKET_R)})}parseObject(t){let r=o(()=>this.parseObjectField(t),"item");return this.node(this._lexer.token,{kind:b.OBJECT,fields:this.any(_.BRACE_L,r,_.BRACE_R)})}parseObjectField(t){let r=this._lexer.token,n=this.parseName();return this.expectToken(_.COLON),this.node(r,{kind:b.OBJECT_FIELD,name:n,value:this.parseValueLiteral(t)})}parseDirectives(t){let r=[];for(;this.peek(_.AT);)r.push(this.parseDirective(t));return r}parseConstDirectives(){return this.parseDirectives(!0)}parseDirective(t){let r=this._lexer.token;return this.expectToken(_.AT),this.node(r,{kind:b.DIRECTIVE,name:this.parseName(),arguments:this.parseArguments(t)})}parseTypeReference(){let t=this._lexer.token,r;if(this.expectOptionalToken(_.BRACKET_L)){let n=this.parseTypeReference();this.expectToken(_.BRACKET_R),r=this.node(t,{kind:b.LIST_TYPE,type:n})}else r=this.parseNamedType();return this.expectOptionalToken(_.BANG)?this.node(t,{kind:b.NON_NULL_TYPE,type:r}):r}parseNamedType(){return this.node(this._lexer.token,{kind:b.NAMED_TYPE,name:this.parseName()})}peekDescription(){return this.peek(_.STRING)||this.peek(_.BLOCK_STRING)}parseDescription(){if(this.peekDescription())return this.parseStringLiteral()}parseSchemaDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("schema");let n=this.parseConstDirectives(),i=this.many(_.BRACE_L,this.parseOperationTypeDefinition,_.BRACE_R);return this.node(t,{kind:b.SCHEMA_DEFINITION,description:r,directives:n,operationTypes:i})}parseOperationTypeDefinition(){let t=this._lexer.token,r=this.parseOperationType();this.expectToken(_.COLON);let n=this.parseNamedType();return this.node(t,{kind:b.OPERATION_TYPE_DEFINITION,operation:r,type:n})}parseScalarTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("scalar");let n=this.parseName(),i=this.parseConstDirectives();return this.node(t,{kind:b.SCALAR_TYPE_DEFINITION,description:r,name:n,directives:i})}parseObjectTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("type");let n=this.parseName(),i=this.parseImplementsInterfaces(),s=this.parseConstDirectives(),a=this.parseFieldsDefinition();return this.node(t,{kind:b.OBJECT_TYPE_DEFINITION,description:r,name:n,interfaces:i,directives:s,fields:a})}parseImplementsInterfaces(){return this.expectOptionalKeyword("implements")?this.delimitedMany(_.AMP,this.parseNamedType):[]}parseFieldsDefinition(){return this.optionalMany(_.BRACE_L,this.parseFieldDefinition,_.BRACE_R)}parseFieldDefinition(){let t=this._lexer.token,r=this.parseDescription(),n=this.parseName(),i=this.parseArgumentDefs();this.expectToken(_.COLON);let s=this.parseTypeReference(),a=this.parseConstDirectives();return this.node(t,{kind:b.FIELD_DEFINITION,description:r,name:n,arguments:i,type:s,directives:a})}parseArgumentDefs(){return this.optionalMany(_.PAREN_L,this.parseInputValueDef,_.PAREN_R)}parseInputValueDef(){let t=this._lexer.token,r=this.parseDescription(),n=this.parseName();this.expectToken(_.COLON);let i=this.parseTypeReference(),s;this.expectOptionalToken(_.EQUALS)&&(s=this.parseConstValueLiteral());let a=this.parseConstDirectives();return this.node(t,{kind:b.INPUT_VALUE_DEFINITION,description:r,name:n,type:i,defaultValue:s,directives:a})}parseInterfaceTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("interface");let n=this.parseName(),i=this.parseImplementsInterfaces(),s=this.parseConstDirectives(),a=this.parseFieldsDefinition();return this.node(t,{kind:b.INTERFACE_TYPE_DEFINITION,description:r,name:n,interfaces:i,directives:s,fields:a})}parseUnionTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("union");let n=this.parseName(),i=this.parseConstDirectives(),s=this.parseUnionMemberTypes();return this.node(t,{kind:b.UNION_TYPE_DEFINITION,description:r,name:n,directives:i,types:s})}parseUnionMemberTypes(){return this.expectOptionalToken(_.EQUALS)?this.delimitedMany(_.PIPE,this.parseNamedType):[]}parseEnumTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("enum");let n=this.parseName(),i=this.parseConstDirectives(),s=this.parseEnumValuesDefinition();return this.node(t,{kind:b.ENUM_TYPE_DEFINITION,description:r,name:n,directives:i,values:s})}parseEnumValuesDefinition(){return this.optionalMany(_.BRACE_L,this.parseEnumValueDefinition,_.BRACE_R)}parseEnumValueDefinition(){let t=this._lexer.token,r=this.parseDescription(),n=this.parseEnumValueName(),i=this.parseConstDirectives();return this.node(t,{kind:b.ENUM_VALUE_DEFINITION,description:r,name:n,directives:i})}parseEnumValueName(){if(this._lexer.token.value==="true"||this._lexer.token.value==="false"||this._lexer.token.value==="null")throw de(this._lexer.source,this._lexer.token.start,`${Pc(this._lexer.token)} is reserved and cannot be used for an enum value.`);return this.parseName()}parseInputObjectTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("input");let n=this.parseName(),i=this.parseConstDirectives(),s=this.parseInputFieldsDefinition();return this.node(t,{kind:b.INPUT_OBJECT_TYPE_DEFINITION,description:r,name:n,directives:i,fields:s})}parseInputFieldsDefinition(){return this.optionalMany(_.BRACE_L,this.parseInputValueDef,_.BRACE_R)}parseTypeSystemExtension(){let t=this._lexer.lookahead();if(t.kind===_.NAME)switch(t.value){case"schema":return this.parseSchemaExtension();case"scalar":return this.parseScalarTypeExtension();case"type":return this.parseObjectTypeExtension();case"interface":return this.parseInterfaceTypeExtension();case"union":return this.parseUnionTypeExtension();case"enum":return this.parseEnumTypeExtension();case"input":return this.parseInputObjectTypeExtension()}throw this.unexpected(t)}parseSchemaExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("schema");let r=this.parseConstDirectives(),n=this.optionalMany(_.BRACE_L,this.parseOperationTypeDefinition,_.BRACE_R);if(r.length===0&&n.length===0)throw this.unexpected();return this.node(t,{kind:b.SCHEMA_EXTENSION,directives:r,operationTypes:n})}parseScalarTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("scalar");let r=this.parseName(),n=this.parseConstDirectives();if(n.length===0)throw this.unexpected();return this.node(t,{kind:b.SCALAR_TYPE_EXTENSION,name:r,directives:n})}parseObjectTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("type");let r=this.parseName(),n=this.parseImplementsInterfaces(),i=this.parseConstDirectives(),s=this.parseFieldsDefinition();if(n.length===0&&i.length===0&&s.length===0)throw this.unexpected();return this.node(t,{kind:b.OBJECT_TYPE_EXTENSION,name:r,interfaces:n,directives:i,fields:s})}parseInterfaceTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("interface");let r=this.parseName(),n=this.parseImplementsInterfaces(),i=this.parseConstDirectives(),s=this.parseFieldsDefinition();if(n.length===0&&i.length===0&&s.length===0)throw this.unexpected();return this.node(t,{kind:b.INTERFACE_TYPE_EXTENSION,name:r,interfaces:n,directives:i,fields:s})}parseUnionTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("union");let r=this.parseName(),n=this.parseConstDirectives(),i=this.parseUnionMemberTypes();if(n.length===0&&i.length===0)throw this.unexpected();return this.node(t,{kind:b.UNION_TYPE_EXTENSION,name:r,directives:n,types:i})}parseEnumTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("enum");let r=this.parseName(),n=this.parseConstDirectives(),i=this.parseEnumValuesDefinition();if(n.length===0&&i.length===0)throw this.unexpected();return this.node(t,{kind:b.ENUM_TYPE_EXTENSION,name:r,directives:n,values:i})}parseInputObjectTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("input");let r=this.parseName(),n=this.parseConstDirectives(),i=this.parseInputFieldsDefinition();if(n.length===0&&i.length===0)throw this.unexpected();return this.node(t,{kind:b.INPUT_OBJECT_TYPE_EXTENSION,name:r,directives:n,fields:i})}parseDirectiveDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("directive"),this.expectToken(_.AT);let n=this.parseName(),i=this.parseArgumentDefs(),s=this.expectOptionalKeyword("repeatable");this.expectKeyword("on");let a=this.parseDirectiveLocations();return this.node(t,{kind:b.DIRECTIVE_DEFINITION,description:r,name:n,arguments:i,repeatable:s,locations:a})}parseDirectiveLocations(){return this.delimitedMany(_.PIPE,this.parseDirectiveLocation)}parseDirectiveLocation(){let t=this._lexer.token,r=this.parseName();if(Object.prototype.hasOwnProperty.call(K,r.value))return r;throw this.unexpected(t)}node(t,r){return this._options.noLocation!==!0&&(r.loc=new Mi(t,this._lexer.lastToken,this._lexer.source)),r}peek(t){return this._lexer.token.kind===t}expectToken(t){let r=this._lexer.token;if(r.kind===t)return this.advanceLexer(),r;throw de(this._lexer.source,r.start,`Expected ${B_(t)}, found ${Pc(r)}.`)}expectOptionalToken(t){return this._lexer.token.kind===t?(this.advanceLexer(),!0):!1}expectKeyword(t){let r=this._lexer.token;if(r.kind===_.NAME&&r.value===t)this.advanceLexer();else throw de(this._lexer.source,r.start,`Expected "${t}", found ${Pc(r)}.`)}expectOptionalKeyword(t){let r=this._lexer.token;return r.kind===_.NAME&&r.value===t?(this.advanceLexer(),!0):!1}unexpected(t){let r=t??this._lexer.token;return de(this._lexer.source,r.start,`Unexpected ${Pc(r)}.`)}any(t,r,n){this.expectToken(t);let i=[];for(;!this.expectOptionalToken(n);)i.push(r.call(this));return i}optionalMany(t,r,n){if(this.expectOptionalToken(t)){let i=[];do i.push(r.call(this));while(!this.expectOptionalToken(n));return i}return[]}many(t,r,n){this.expectToken(t);let i=[];do i.push(r.call(this));while(!this.expectOptionalToken(n));return i}delimitedMany(t,r){this.expectOptionalToken(t);let n=[];do n.push(r.call(this));while(this.expectOptionalToken(t));return n}advanceLexer(){let{maxTokens:t}=this._options,r=this._lexer.advance();if(t!==void 0&&r.kind!==_.EOF&&(++this._tokenCounter,this._tokenCounter>t))throw de(this._lexer.source,r.start,`Document contains more that ${t} tokens. Parsing aborted.`)}};function Pc(e){let t=e.value;return B_(e.kind)+(t!=null?` "${t}"`:"")}o(Pc,"getTokenDesc");function B_(e){return $_(e)?`"${e}"`:e}o(B_,"getTokenKindDesc");function xc(e,t){let[r,n]=t?[e,t]:[void 0,e],i=" Did you mean ";r&&(i+=r+" ");let s=n.map(u=>`"${u}"`);switch(s.length){case 0:return"";case 1:return i+s[0]+"?";case 2:return i+s[0]+" or "+s[1]+"?"}let a=s.slice(0,5),c=a.pop();return i+a.join(", ")+", or "+c+"?"}o(xc,"didYouMean");function Gp(e){return e}o(Gp,"identityFunc");function Gn(e,t){let r=Object.create(null);for(let n of e)r[t(n)]=n;return r}o(Gn,"keyMap");function At(e,t,r){let n=Object.create(null);for(let i of e)n[t(i)]=r(i);return n}o(At,"keyValMap");function $i(e,t){let r=Object.create(null);for(let n of Object.keys(e))r[n]=t(e[n],n);return r}o($i,"mapValue");function K_(e,t){let r=0,n=0;for(;r<e.length&&n<t.length;){let i=e.charCodeAt(r),s=t.charCodeAt(n);if(Nc(i)&&Nc(s)){let a=0;do++r,a=a*10+i-Bp,i=e.charCodeAt(r);while(Nc(i)&&a>0);let c=0;do++n,c=c*10+s-Bp,s=t.charCodeAt(n);while(Nc(s)&&c>0);if(a<c)return-1;if(a>c)return 1}else{if(i<s)return-1;if(i>s)return 1;++r,++n}}return e.length-t.length}o(K_,"naturalCompare");var Bp=48,CC=57;function Nc(e){return!isNaN(e)&&Bp<=e&&e<=CC}o(Nc,"isDigit");function Cc(e,t){let r=Object.create(null),n=new Kp(e),i=Math.floor(e.length*.4)+1;for(let s of t){let a=n.measure(s,i);a!==void 0&&(r[s]=a)}return Object.keys(r).sort((s,a)=>{let c=r[s]-r[a];return c!==0?c:K_(s,a)})}o(Cc,"suggestionList");var Kp=class{static{o(this,"LexicalDistance")}constructor(t){this._input=t,this._inputLowerCase=t.toLowerCase(),this._inputArray=J_(this._inputLowerCase),this._rows=[new Array(t.length+1).fill(0),new Array(t.length+1).fill(0),new Array(t.length+1).fill(0)]}measure(t,r){if(this._input===t)return 0;let n=t.toLowerCase();if(this._inputLowerCase===n)return 1;let i=J_(n),s=this._inputArray;if(i.length<s.length){let d=i;i=s,s=d}let a=i.length,c=s.length;if(a-c>r)return;let u=this._rows;for(let d=0;d<=c;d++)u[0][d]=d;for(let d=1;d<=a;d++){let p=u[(d-1)%3],m=u[d%3],h=m[0]=d;for(let y=1;y<=c;y++){let w=i[d-1]===s[y-1]?0:1,T=Math.min(p[y]+1,m[y-1]+1,p[y-1]+w);if(d>1&&y>1&&i[d-1]===s[y-2]&&i[d-2]===s[y-1]){let S=u[(d-2)%3][y-2];T=Math.min(T,S+1)}T<h&&(h=T),m[y]=T}if(h>r)return}let l=u[a%3][c];return l<=r?l:void 0}};function J_(e){let t=e.length,r=new Array(t);for(let n=0;n<t;++n)r[n]=e.charCodeAt(n);return r}o(J_,"stringToArray");function Ue(e){if(e==null)return Object.create(null);if(Object.getPrototypeOf(e)===null)return e;let t=Object.create(null);for(let[r,n]of Object.entries(e))t[r]=n;return t}o(Ue,"toObjMap");function z_(e){return`"${e.replace(LC,DC)}"`}o(z_,"printString");var LC=/[\x00-\x1f\x22\x5c\x7f-\x9f]/g;function DC(e){return UC[e.charCodeAt(0)]}o(DC,"escapedReplacer");var UC=["\\u0000","\\u0001","\\u0002","\\u0003","\\u0004","\\u0005","\\u0006","\\u0007","\\b","\\t","\\n","\\u000B","\\f","\\r","\\u000E","\\u000F","\\u0010","\\u0011","\\u0012","\\u0013","\\u0014","\\u0015","\\u0016","\\u0017","\\u0018","\\u0019","\\u001A","\\u001B","\\u001C","\\u001D","\\u001E","\\u001F","","",'\\"',"","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","\\\\","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","\\u007F","\\u0080","\\u0081","\\u0082","\\u0083","\\u0084","\\u0085","\\u0086","\\u0087","\\u0088","\\u0089","\\u008A","\\u008B","\\u008C","\\u008D","\\u008E","\\u008F","\\u0090","\\u0091","\\u0092","\\u0093","\\u0094","\\u0095","\\u0096","\\u0097","\\u0098","\\u0099","\\u009A","\\u009B","\\u009C","\\u009D","\\u009E","\\u009F"];var Jp=Object.freeze({});function yr(e,t,r=jp){let n=new Map;for(let S of Object.values(b))n.set(S,Bn(t,S));let i,s=Array.isArray(e),a=[e],c=-1,u=[],l=e,d,p,m=[],h=[];do{c++;let S=c===a.length,D=S&&u.length!==0;if(S){if(d=h.length===0?void 0:m[m.length-1],l=p,p=h.pop(),D)if(s){l=l.slice();let N=0;for(let[re,ne]of u){let me=re-N;ne===null?(l.splice(me,1),N++):l[me]=ne}}else{l=Object.defineProperties({},Object.getOwnPropertyDescriptors(l));for(let[N,re]of u)l[N]=re}c=i.index,a=i.keys,u=i.edits,s=i.inArray,i=i.prev}else if(p){if(d=s?c:a[c],l=p[d],l==null)continue;m.push(d)}let F;if(!Array.isArray(l)){var y,w;ki(l)||B(!1,`Invalid AST Node: ${P(l)}.`);let N=S?(y=n.get(l.kind))===null||y===void 0?void 0:y.leave:(w=n.get(l.kind))===null||w===void 0?void 0:w.enter;if(F=N?.call(t,l,d,p,m,h),F===Jp)break;if(F===!1){if(!S){m.pop();continue}}else if(F!==void 0&&(u.push([d,F]),!S))if(ki(F))l=F;else{m.pop();continue}}if(F===void 0&&D&&u.push([d,l]),S)m.pop();else{var T;i={inArray:s,index:c,keys:a,edits:u,prev:i},s=Array.isArray(l),a=s?l:(T=r[l.kind])!==null&&T!==void 0?T:[],c=-1,u=[],p&&h.push(p),p=l}}while(i!==void 0);return u.length!==0?u[u.length-1][1]:e}o(yr,"visit");function Bn(e,t){let r=e[t];return typeof r=="object"?r:typeof r=="function"?{enter:r,leave:void 0}:{enter:e.enter,leave:e.leave}}o(Bn,"getEnterLeaveForKind");function Me(e){return yr(e,kC)}o(Me,"print");var MC=80,kC={Name:{leave:e=>e.value},Variable:{leave:e=>"$"+e.name},Document:{leave:e=>x(e.definitions,`
95
+ spurious results.`)}}return!1},"instanceOf");var Vn=class{static{o(this,"Source")}constructor(t,r="GraphQL request",n={line:1,column:1}){typeof t=="string"||B(!1,`Body must be a string. Received: ${P(t)}.`),this.body=t,this.name=r,this.locationOffset=n,this.locationOffset.line>0||B(!1,"line in locationOffset is 1-indexed and must be positive."),this.locationOffset.column>0||B(!1,"column in locationOffset is 1-indexed and must be positive.")}get[Symbol.toStringTag](){return"Source"}};function G_(e){return ze(e,Vn)}o(G_,"isSource");function Rc(e,t){return new Ac(e,t).parseDocument()}o(Rc,"parse");function Oc(e,t){let r=new Ac(e,t);r.expectToken(_.SOF);let n=r.parseValueLiteral(!1);return r.expectToken(_.EOF),n}o(Oc,"parseValue");var Ac=class{static{o(this,"Parser")}constructor(t,r={}){let n=G_(t)?t:new Vn(t);this._lexer=new qi(n),this._options=r,this._tokenCounter=0}parseName(){let t=this.expectToken(_.NAME);return this.node(t,{kind:b.NAME,value:t.value})}parseDocument(){return this.node(this._lexer.token,{kind:b.DOCUMENT,definitions:this.many(_.SOF,this.parseDefinition,_.EOF)})}parseDefinition(){if(this.peek(_.BRACE_L))return this.parseOperationDefinition();let t=this.peekDescription(),r=t?this._lexer.lookahead():this._lexer.token;if(r.kind===_.NAME){switch(r.value){case"schema":return this.parseSchemaDefinition();case"scalar":return this.parseScalarTypeDefinition();case"type":return this.parseObjectTypeDefinition();case"interface":return this.parseInterfaceTypeDefinition();case"union":return this.parseUnionTypeDefinition();case"enum":return this.parseEnumTypeDefinition();case"input":return this.parseInputObjectTypeDefinition();case"directive":return this.parseDirectiveDefinition()}if(t)throw de(this._lexer.source,this._lexer.token.start,"Unexpected description, descriptions are supported only on type definitions.");switch(r.value){case"query":case"mutation":case"subscription":return this.parseOperationDefinition();case"fragment":return this.parseFragmentDefinition();case"extend":return this.parseTypeSystemExtension()}}throw this.unexpected(r)}parseOperationDefinition(){let t=this._lexer.token;if(this.peek(_.BRACE_L))return this.node(t,{kind:b.OPERATION_DEFINITION,operation:rt.QUERY,name:void 0,variableDefinitions:[],directives:[],selectionSet:this.parseSelectionSet()});let r=this.parseOperationType(),n;return this.peek(_.NAME)&&(n=this.parseName()),this.node(t,{kind:b.OPERATION_DEFINITION,operation:r,name:n,variableDefinitions:this.parseVariableDefinitions(),directives:this.parseDirectives(!1),selectionSet:this.parseSelectionSet()})}parseOperationType(){let t=this.expectToken(_.NAME);switch(t.value){case"query":return rt.QUERY;case"mutation":return rt.MUTATION;case"subscription":return rt.SUBSCRIPTION}throw this.unexpected(t)}parseVariableDefinitions(){return this.optionalMany(_.PAREN_L,this.parseVariableDefinition,_.PAREN_R)}parseVariableDefinition(){return this.node(this._lexer.token,{kind:b.VARIABLE_DEFINITION,variable:this.parseVariable(),type:(this.expectToken(_.COLON),this.parseTypeReference()),defaultValue:this.expectOptionalToken(_.EQUALS)?this.parseConstValueLiteral():void 0,directives:this.parseConstDirectives()})}parseVariable(){let t=this._lexer.token;return this.expectToken(_.DOLLAR),this.node(t,{kind:b.VARIABLE,name:this.parseName()})}parseSelectionSet(){return this.node(this._lexer.token,{kind:b.SELECTION_SET,selections:this.many(_.BRACE_L,this.parseSelection,_.BRACE_R)})}parseSelection(){return this.peek(_.SPREAD)?this.parseFragment():this.parseField()}parseField(){let t=this._lexer.token,r=this.parseName(),n,i;return this.expectOptionalToken(_.COLON)?(n=r,i=this.parseName()):i=r,this.node(t,{kind:b.FIELD,alias:n,name:i,arguments:this.parseArguments(!1),directives:this.parseDirectives(!1),selectionSet:this.peek(_.BRACE_L)?this.parseSelectionSet():void 0})}parseArguments(t){let r=t?this.parseConstArgument:this.parseArgument;return this.optionalMany(_.PAREN_L,r,_.PAREN_R)}parseArgument(t=!1){let r=this._lexer.token,n=this.parseName();return this.expectToken(_.COLON),this.node(r,{kind:b.ARGUMENT,name:n,value:this.parseValueLiteral(t)})}parseConstArgument(){return this.parseArgument(!0)}parseFragment(){let t=this._lexer.token;this.expectToken(_.SPREAD);let r=this.expectOptionalKeyword("on");return!r&&this.peek(_.NAME)?this.node(t,{kind:b.FRAGMENT_SPREAD,name:this.parseFragmentName(),directives:this.parseDirectives(!1)}):this.node(t,{kind:b.INLINE_FRAGMENT,typeCondition:r?this.parseNamedType():void 0,directives:this.parseDirectives(!1),selectionSet:this.parseSelectionSet()})}parseFragmentDefinition(){let t=this._lexer.token;return this.expectKeyword("fragment"),this._options.allowLegacyFragmentVariables===!0?this.node(t,{kind:b.FRAGMENT_DEFINITION,name:this.parseFragmentName(),variableDefinitions:this.parseVariableDefinitions(),typeCondition:(this.expectKeyword("on"),this.parseNamedType()),directives:this.parseDirectives(!1),selectionSet:this.parseSelectionSet()}):this.node(t,{kind:b.FRAGMENT_DEFINITION,name:this.parseFragmentName(),typeCondition:(this.expectKeyword("on"),this.parseNamedType()),directives:this.parseDirectives(!1),selectionSet:this.parseSelectionSet()})}parseFragmentName(){if(this._lexer.token.value==="on")throw this.unexpected();return this.parseName()}parseValueLiteral(t){let r=this._lexer.token;switch(r.kind){case _.BRACKET_L:return this.parseList(t);case _.BRACE_L:return this.parseObject(t);case _.INT:return this.advanceLexer(),this.node(r,{kind:b.INT,value:r.value});case _.FLOAT:return this.advanceLexer(),this.node(r,{kind:b.FLOAT,value:r.value});case _.STRING:case _.BLOCK_STRING:return this.parseStringLiteral();case _.NAME:switch(this.advanceLexer(),r.value){case"true":return this.node(r,{kind:b.BOOLEAN,value:!0});case"false":return this.node(r,{kind:b.BOOLEAN,value:!1});case"null":return this.node(r,{kind:b.NULL});default:return this.node(r,{kind:b.ENUM,value:r.value})}case _.DOLLAR:if(t)if(this.expectToken(_.DOLLAR),this._lexer.token.kind===_.NAME){let n=this._lexer.token.value;throw de(this._lexer.source,r.start,`Unexpected variable "$${n}" in constant value.`)}else throw this.unexpected(r);return this.parseVariable();default:throw this.unexpected()}}parseConstValueLiteral(){return this.parseValueLiteral(!0)}parseStringLiteral(){let t=this._lexer.token;return this.advanceLexer(),this.node(t,{kind:b.STRING,value:t.value,block:t.kind===_.BLOCK_STRING})}parseList(t){let r=o(()=>this.parseValueLiteral(t),"item");return this.node(this._lexer.token,{kind:b.LIST,values:this.any(_.BRACKET_L,r,_.BRACKET_R)})}parseObject(t){let r=o(()=>this.parseObjectField(t),"item");return this.node(this._lexer.token,{kind:b.OBJECT,fields:this.any(_.BRACE_L,r,_.BRACE_R)})}parseObjectField(t){let r=this._lexer.token,n=this.parseName();return this.expectToken(_.COLON),this.node(r,{kind:b.OBJECT_FIELD,name:n,value:this.parseValueLiteral(t)})}parseDirectives(t){let r=[];for(;this.peek(_.AT);)r.push(this.parseDirective(t));return r}parseConstDirectives(){return this.parseDirectives(!0)}parseDirective(t){let r=this._lexer.token;return this.expectToken(_.AT),this.node(r,{kind:b.DIRECTIVE,name:this.parseName(),arguments:this.parseArguments(t)})}parseTypeReference(){let t=this._lexer.token,r;if(this.expectOptionalToken(_.BRACKET_L)){let n=this.parseTypeReference();this.expectToken(_.BRACKET_R),r=this.node(t,{kind:b.LIST_TYPE,type:n})}else r=this.parseNamedType();return this.expectOptionalToken(_.BANG)?this.node(t,{kind:b.NON_NULL_TYPE,type:r}):r}parseNamedType(){return this.node(this._lexer.token,{kind:b.NAMED_TYPE,name:this.parseName()})}peekDescription(){return this.peek(_.STRING)||this.peek(_.BLOCK_STRING)}parseDescription(){if(this.peekDescription())return this.parseStringLiteral()}parseSchemaDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("schema");let n=this.parseConstDirectives(),i=this.many(_.BRACE_L,this.parseOperationTypeDefinition,_.BRACE_R);return this.node(t,{kind:b.SCHEMA_DEFINITION,description:r,directives:n,operationTypes:i})}parseOperationTypeDefinition(){let t=this._lexer.token,r=this.parseOperationType();this.expectToken(_.COLON);let n=this.parseNamedType();return this.node(t,{kind:b.OPERATION_TYPE_DEFINITION,operation:r,type:n})}parseScalarTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("scalar");let n=this.parseName(),i=this.parseConstDirectives();return this.node(t,{kind:b.SCALAR_TYPE_DEFINITION,description:r,name:n,directives:i})}parseObjectTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("type");let n=this.parseName(),i=this.parseImplementsInterfaces(),s=this.parseConstDirectives(),a=this.parseFieldsDefinition();return this.node(t,{kind:b.OBJECT_TYPE_DEFINITION,description:r,name:n,interfaces:i,directives:s,fields:a})}parseImplementsInterfaces(){return this.expectOptionalKeyword("implements")?this.delimitedMany(_.AMP,this.parseNamedType):[]}parseFieldsDefinition(){return this.optionalMany(_.BRACE_L,this.parseFieldDefinition,_.BRACE_R)}parseFieldDefinition(){let t=this._lexer.token,r=this.parseDescription(),n=this.parseName(),i=this.parseArgumentDefs();this.expectToken(_.COLON);let s=this.parseTypeReference(),a=this.parseConstDirectives();return this.node(t,{kind:b.FIELD_DEFINITION,description:r,name:n,arguments:i,type:s,directives:a})}parseArgumentDefs(){return this.optionalMany(_.PAREN_L,this.parseInputValueDef,_.PAREN_R)}parseInputValueDef(){let t=this._lexer.token,r=this.parseDescription(),n=this.parseName();this.expectToken(_.COLON);let i=this.parseTypeReference(),s;this.expectOptionalToken(_.EQUALS)&&(s=this.parseConstValueLiteral());let a=this.parseConstDirectives();return this.node(t,{kind:b.INPUT_VALUE_DEFINITION,description:r,name:n,type:i,defaultValue:s,directives:a})}parseInterfaceTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("interface");let n=this.parseName(),i=this.parseImplementsInterfaces(),s=this.parseConstDirectives(),a=this.parseFieldsDefinition();return this.node(t,{kind:b.INTERFACE_TYPE_DEFINITION,description:r,name:n,interfaces:i,directives:s,fields:a})}parseUnionTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("union");let n=this.parseName(),i=this.parseConstDirectives(),s=this.parseUnionMemberTypes();return this.node(t,{kind:b.UNION_TYPE_DEFINITION,description:r,name:n,directives:i,types:s})}parseUnionMemberTypes(){return this.expectOptionalToken(_.EQUALS)?this.delimitedMany(_.PIPE,this.parseNamedType):[]}parseEnumTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("enum");let n=this.parseName(),i=this.parseConstDirectives(),s=this.parseEnumValuesDefinition();return this.node(t,{kind:b.ENUM_TYPE_DEFINITION,description:r,name:n,directives:i,values:s})}parseEnumValuesDefinition(){return this.optionalMany(_.BRACE_L,this.parseEnumValueDefinition,_.BRACE_R)}parseEnumValueDefinition(){let t=this._lexer.token,r=this.parseDescription(),n=this.parseEnumValueName(),i=this.parseConstDirectives();return this.node(t,{kind:b.ENUM_VALUE_DEFINITION,description:r,name:n,directives:i})}parseEnumValueName(){if(this._lexer.token.value==="true"||this._lexer.token.value==="false"||this._lexer.token.value==="null")throw de(this._lexer.source,this._lexer.token.start,`${Pc(this._lexer.token)} is reserved and cannot be used for an enum value.`);return this.parseName()}parseInputObjectTypeDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("input");let n=this.parseName(),i=this.parseConstDirectives(),s=this.parseInputFieldsDefinition();return this.node(t,{kind:b.INPUT_OBJECT_TYPE_DEFINITION,description:r,name:n,directives:i,fields:s})}parseInputFieldsDefinition(){return this.optionalMany(_.BRACE_L,this.parseInputValueDef,_.BRACE_R)}parseTypeSystemExtension(){let t=this._lexer.lookahead();if(t.kind===_.NAME)switch(t.value){case"schema":return this.parseSchemaExtension();case"scalar":return this.parseScalarTypeExtension();case"type":return this.parseObjectTypeExtension();case"interface":return this.parseInterfaceTypeExtension();case"union":return this.parseUnionTypeExtension();case"enum":return this.parseEnumTypeExtension();case"input":return this.parseInputObjectTypeExtension()}throw this.unexpected(t)}parseSchemaExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("schema");let r=this.parseConstDirectives(),n=this.optionalMany(_.BRACE_L,this.parseOperationTypeDefinition,_.BRACE_R);if(r.length===0&&n.length===0)throw this.unexpected();return this.node(t,{kind:b.SCHEMA_EXTENSION,directives:r,operationTypes:n})}parseScalarTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("scalar");let r=this.parseName(),n=this.parseConstDirectives();if(n.length===0)throw this.unexpected();return this.node(t,{kind:b.SCALAR_TYPE_EXTENSION,name:r,directives:n})}parseObjectTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("type");let r=this.parseName(),n=this.parseImplementsInterfaces(),i=this.parseConstDirectives(),s=this.parseFieldsDefinition();if(n.length===0&&i.length===0&&s.length===0)throw this.unexpected();return this.node(t,{kind:b.OBJECT_TYPE_EXTENSION,name:r,interfaces:n,directives:i,fields:s})}parseInterfaceTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("interface");let r=this.parseName(),n=this.parseImplementsInterfaces(),i=this.parseConstDirectives(),s=this.parseFieldsDefinition();if(n.length===0&&i.length===0&&s.length===0)throw this.unexpected();return this.node(t,{kind:b.INTERFACE_TYPE_EXTENSION,name:r,interfaces:n,directives:i,fields:s})}parseUnionTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("union");let r=this.parseName(),n=this.parseConstDirectives(),i=this.parseUnionMemberTypes();if(n.length===0&&i.length===0)throw this.unexpected();return this.node(t,{kind:b.UNION_TYPE_EXTENSION,name:r,directives:n,types:i})}parseEnumTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("enum");let r=this.parseName(),n=this.parseConstDirectives(),i=this.parseEnumValuesDefinition();if(n.length===0&&i.length===0)throw this.unexpected();return this.node(t,{kind:b.ENUM_TYPE_EXTENSION,name:r,directives:n,values:i})}parseInputObjectTypeExtension(){let t=this._lexer.token;this.expectKeyword("extend"),this.expectKeyword("input");let r=this.parseName(),n=this.parseConstDirectives(),i=this.parseInputFieldsDefinition();if(n.length===0&&i.length===0)throw this.unexpected();return this.node(t,{kind:b.INPUT_OBJECT_TYPE_EXTENSION,name:r,directives:n,fields:i})}parseDirectiveDefinition(){let t=this._lexer.token,r=this.parseDescription();this.expectKeyword("directive"),this.expectToken(_.AT);let n=this.parseName(),i=this.parseArgumentDefs(),s=this.expectOptionalKeyword("repeatable");this.expectKeyword("on");let a=this.parseDirectiveLocations();return this.node(t,{kind:b.DIRECTIVE_DEFINITION,description:r,name:n,arguments:i,repeatable:s,locations:a})}parseDirectiveLocations(){return this.delimitedMany(_.PIPE,this.parseDirectiveLocation)}parseDirectiveLocation(){let t=this._lexer.token,r=this.parseName();if(Object.prototype.hasOwnProperty.call(K,r.value))return r;throw this.unexpected(t)}node(t,r){return this._options.noLocation!==!0&&(r.loc=new Mi(t,this._lexer.lastToken,this._lexer.source)),r}peek(t){return this._lexer.token.kind===t}expectToken(t){let r=this._lexer.token;if(r.kind===t)return this.advanceLexer(),r;throw de(this._lexer.source,r.start,`Expected ${B_(t)}, found ${Pc(r)}.`)}expectOptionalToken(t){return this._lexer.token.kind===t?(this.advanceLexer(),!0):!1}expectKeyword(t){let r=this._lexer.token;if(r.kind===_.NAME&&r.value===t)this.advanceLexer();else throw de(this._lexer.source,r.start,`Expected "${t}", found ${Pc(r)}.`)}expectOptionalKeyword(t){let r=this._lexer.token;return r.kind===_.NAME&&r.value===t?(this.advanceLexer(),!0):!1}unexpected(t){let r=t??this._lexer.token;return de(this._lexer.source,r.start,`Unexpected ${Pc(r)}.`)}any(t,r,n){this.expectToken(t);let i=[];for(;!this.expectOptionalToken(n);)i.push(r.call(this));return i}optionalMany(t,r,n){if(this.expectOptionalToken(t)){let i=[];do i.push(r.call(this));while(!this.expectOptionalToken(n));return i}return[]}many(t,r,n){this.expectToken(t);let i=[];do i.push(r.call(this));while(!this.expectOptionalToken(n));return i}delimitedMany(t,r){this.expectOptionalToken(t);let n=[];do n.push(r.call(this));while(this.expectOptionalToken(t));return n}advanceLexer(){let{maxTokens:t}=this._options,r=this._lexer.advance();if(t!==void 0&&r.kind!==_.EOF&&(++this._tokenCounter,this._tokenCounter>t))throw de(this._lexer.source,r.start,`Document contains more that ${t} tokens. Parsing aborted.`)}};function Pc(e){let t=e.value;return B_(e.kind)+(t!=null?` "${t}"`:"")}o(Pc,"getTokenDesc");function B_(e){return $_(e)?`"${e}"`:e}o(B_,"getTokenKindDesc");function xc(e,t){let[r,n]=t?[e,t]:[void 0,e],i=" Did you mean ";r&&(i+=r+" ");let s=n.map(u=>`"${u}"`);switch(s.length){case 0:return"";case 1:return i+s[0]+"?";case 2:return i+s[0]+" or "+s[1]+"?"}let a=s.slice(0,5),c=a.pop();return i+a.join(", ")+", or "+c+"?"}o(xc,"didYouMean");function Gp(e){return e}o(Gp,"identityFunc");function Gn(e,t){let r=Object.create(null);for(let n of e)r[t(n)]=n;return r}o(Gn,"keyMap");function At(e,t,r){let n=Object.create(null);for(let i of e)n[t(i)]=r(i);return n}o(At,"keyValMap");function $i(e,t){let r=Object.create(null);for(let n of Object.keys(e))r[n]=t(e[n],n);return r}o($i,"mapValue");function K_(e,t){let r=0,n=0;for(;r<e.length&&n<t.length;){let i=e.charCodeAt(r),s=t.charCodeAt(n);if(Nc(i)&&Nc(s)){let a=0;do++r,a=a*10+i-Bp,i=e.charCodeAt(r);while(Nc(i)&&a>0);let c=0;do++n,c=c*10+s-Bp,s=t.charCodeAt(n);while(Nc(s)&&c>0);if(a<c)return-1;if(a>c)return 1}else{if(i<s)return-1;if(i>s)return 1;++r,++n}}return e.length-t.length}o(K_,"naturalCompare");var Bp=48,CC=57;function Nc(e){return!isNaN(e)&&Bp<=e&&e<=CC}o(Nc,"isDigit");function Cc(e,t){let r=Object.create(null),n=new Kp(e),i=Math.floor(e.length*.4)+1;for(let s of t){let a=n.measure(s,i);a!==void 0&&(r[s]=a)}return Object.keys(r).sort((s,a)=>{let c=r[s]-r[a];return c!==0?c:K_(s,a)})}o(Cc,"suggestionList");var Kp=class{static{o(this,"LexicalDistance")}constructor(t){this._input=t,this._inputLowerCase=t.toLowerCase(),this._inputArray=J_(this._inputLowerCase),this._rows=[new Array(t.length+1).fill(0),new Array(t.length+1).fill(0),new Array(t.length+1).fill(0)]}measure(t,r){if(this._input===t)return 0;let n=t.toLowerCase();if(this._inputLowerCase===n)return 1;let i=J_(n),s=this._inputArray;if(i.length<s.length){let d=i;i=s,s=d}let a=i.length,c=s.length;if(a-c>r)return;let u=this._rows;for(let d=0;d<=c;d++)u[0][d]=d;for(let d=1;d<=a;d++){let p=u[(d-1)%3],m=u[d%3],h=m[0]=d;for(let y=1;y<=c;y++){let w=i[d-1]===s[y-1]?0:1,T=Math.min(p[y]+1,m[y-1]+1,p[y-1]+w);if(d>1&&y>1&&i[d-1]===s[y-2]&&i[d-2]===s[y-1]){let S=u[(d-2)%3][y-2];T=Math.min(T,S+1)}T<h&&(h=T),m[y]=T}if(h>r)return}let l=u[a%3][c];return l<=r?l:void 0}};function J_(e){let t=e.length,r=new Array(t);for(let n=0;n<t;++n)r[n]=e.charCodeAt(n);return r}o(J_,"stringToArray");function Ue(e){if(e==null)return Object.create(null);if(Object.getPrototypeOf(e)===null)return e;let t=Object.create(null);for(let[r,n]of Object.entries(e))t[r]=n;return t}o(Ue,"toObjMap");function z_(e){return`"${e.replace(LC,DC)}"`}o(z_,"printString");var LC=/[\x00-\x1f\x22\x5c\x7f-\x9f]/g;function DC(e){return UC[e.charCodeAt(0)]}o(DC,"escapedReplacer");var UC=["\\u0000","\\u0001","\\u0002","\\u0003","\\u0004","\\u0005","\\u0006","\\u0007","\\b","\\t","\\n","\\u000B","\\f","\\r","\\u000E","\\u000F","\\u0010","\\u0011","\\u0012","\\u0013","\\u0014","\\u0015","\\u0016","\\u0017","\\u0018","\\u0019","\\u001A","\\u001B","\\u001C","\\u001D","\\u001E","\\u001F","","",'\\"',"","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","\\\\","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","","\\u007F","\\u0080","\\u0081","\\u0082","\\u0083","\\u0084","\\u0085","\\u0086","\\u0087","\\u0088","\\u0089","\\u008A","\\u008B","\\u008C","\\u008D","\\u008E","\\u008F","\\u0090","\\u0091","\\u0092","\\u0093","\\u0094","\\u0095","\\u0096","\\u0097","\\u0098","\\u0099","\\u009A","\\u009B","\\u009C","\\u009D","\\u009E","\\u009F"];var Jp=Object.freeze({});function yr(e,t,r=jp){let n=new Map;for(let S of Object.values(b))n.set(S,Bn(t,S));let i,s=Array.isArray(e),a=[e],c=-1,u=[],l=e,d,p,m=[],h=[];do{c++;let S=c===a.length,L=S&&u.length!==0;if(S){if(d=h.length===0?void 0:m[m.length-1],l=p,p=h.pop(),L)if(s){l=l.slice();let N=0;for(let[re,ne]of u){let me=re-N;ne===null?(l.splice(me,1),N++):l[me]=ne}}else{l=Object.defineProperties({},Object.getOwnPropertyDescriptors(l));for(let[N,re]of u)l[N]=re}c=i.index,a=i.keys,u=i.edits,s=i.inArray,i=i.prev}else if(p){if(d=s?c:a[c],l=p[d],l==null)continue;m.push(d)}let F;if(!Array.isArray(l)){var y,w;ki(l)||B(!1,`Invalid AST Node: ${P(l)}.`);let N=S?(y=n.get(l.kind))===null||y===void 0?void 0:y.leave:(w=n.get(l.kind))===null||w===void 0?void 0:w.enter;if(F=N?.call(t,l,d,p,m,h),F===Jp)break;if(F===!1){if(!S){m.pop();continue}}else if(F!==void 0&&(u.push([d,F]),!S))if(ki(F))l=F;else{m.pop();continue}}if(F===void 0&&L&&u.push([d,l]),S)m.pop();else{var T;i={inArray:s,index:c,keys:a,edits:u,prev:i},s=Array.isArray(l),a=s?l:(T=r[l.kind])!==null&&T!==void 0?T:[],c=-1,u=[],p&&h.push(p),p=l}}while(i!==void 0);return u.length!==0?u[u.length-1][1]:e}o(yr,"visit");function Bn(e,t){let r=e[t];return typeof r=="object"?r:typeof r=="function"?{enter:r,leave:void 0}:{enter:e.enter,leave:e.leave}}o(Bn,"getEnterLeaveForKind");function Me(e){return yr(e,kC)}o(Me,"print");var MC=80,kC={Name:{leave:e=>e.value},Variable:{leave:e=>"$"+e.name},Document:{leave:e=>x(e.definitions,`
96
96
 
97
97
  `)},OperationDefinition:{leave(e){let t=J("(",x(e.variableDefinitions,", "),")"),r=x([e.operation,x([e.name,t]),x(e.directives," ")]," ");return(r==="query"?"":r+" ")+e.selectionSet}},VariableDefinition:{leave:({variable:e,type:t,defaultValue:r,directives:n})=>e+": "+t+J(" = ",r)+J(" ",x(n," "))},SelectionSet:{leave:({selections:e})=>dt(e)},Field:{leave({alias:e,name:t,arguments:r,directives:n,selectionSet:i}){let s=J("",e,": ")+t,a=s+J("(",x(r,", "),")");return a.length>MC&&(a=s+J(`(
98
98
  `,Lc(x(r,`
@@ -226,5 +226,5 @@ In some cases, you need to provide options to alter GraphQL's execution behavior
226
226
  }
227
227
  }
228
228
  }
229
- `}o(Xc,"getIntrospectionQuery");function eu(e,t){Ee(e)&&Ee(e.__schema)||B(!1,`Invalid or incomplete introspection result. Ensure that you are passing "data" property of introspection response and no "errors" was returned alongside: ${P(e)}.`);let r=e.__schema,n=At(r.types,E=>E.name,E=>m(E));for(let E of[...Zp,...sh])n[E.name]&&(n[E.name]=E);let i=r.queryType?d(r.queryType):null,s=r.mutationType?d(r.mutationType):null,a=r.subscriptionType?d(r.subscriptionType):null,c=r.directives?r.directives.map(Be):[];return new Ji({description:r.description,query:i,mutation:s,subscription:a,types:Object.values(n),directives:c,assumeValid:t?.assumeValid});function u(E){if(E.kind===ee.LIST){let H=E.ofType;if(!H)throw new Error("Decorated type deeper than introspection query.");return new pe(u(H))}if(E.kind===ee.NON_NULL){let H=E.ofType;if(!H)throw new Error("Decorated type deeper than introspection query.");let Ce=u(H);return new j(Fc(Ce))}return l(E)}function l(E){let H=E.name;if(!H)throw new Error(`Unknown type reference: ${P(E)}.`);let Ce=n[H];if(!Ce)throw new Error(`Invalid or incomplete schema, unknown type: ${H}. Ensure that a full introspection query is used in order to build a client schema.`);return Ce}function d(E){return Mc(l(E))}function p(E){return kc(l(E))}function m(E){if(E!=null&&E.name!=null&&E.kind!=null)switch(E.kind){case ee.SCALAR:return h(E);case ee.OBJECT:return w(E);case ee.INTERFACE:return T(E);case ee.UNION:return S(E);case ee.ENUM:return D(E);case ee.INPUT_OBJECT:return F(E)}let H=P(E);throw new Error(`Invalid or incomplete introspection result. Ensure that a full introspection query is used in order to build a client schema: ${H}.`)}function h(E){return new We({name:E.name,description:E.description,specifiedByURL:E.specifiedByURL})}function y(E){if(E.interfaces===null&&E.kind===ee.INTERFACE)return[];if(!E.interfaces){let H=P(E);throw new Error(`Introspection result missing interfaces: ${H}.`)}return E.interfaces.map(p)}function w(E){return new xe({name:E.name,description:E.description,interfaces:()=>y(E),fields:()=>N(E)})}function T(E){return new Vt({name:E.name,description:E.description,interfaces:()=>y(E),fields:()=>N(E)})}function S(E){if(!E.possibleTypes){let H=P(E);throw new Error(`Introspection result missing possibleTypes: ${H}.`)}return new qr({name:E.name,description:E.description,types:()=>E.possibleTypes.map(d)})}function D(E){if(!E.enumValues){let H=P(E);throw new Error(`Introspection result missing enumValues: ${H}.`)}return new Rt({name:E.name,description:E.description,values:At(E.enumValues,H=>H.name,H=>({description:H.description,deprecationReason:H.deprecationReason}))})}function F(E){if(!E.inputFields){let H=P(E);throw new Error(`Introspection result missing inputFields: ${H}.`)}return new $r({name:E.name,description:E.description,fields:()=>ne(E.inputFields)})}function N(E){if(!E.fields)throw new Error(`Introspection result missing fields: ${P(E)}.`);return At(E.fields,H=>H.name,re)}function re(E){let H=u(E.type);if(!Gt(H)){let Ce=P(H);throw new Error(`Introspection must provide output type for fields, but received: ${Ce}.`)}if(!E.args){let Ce=P(E);throw new Error(`Introspection result missing field args: ${Ce}.`)}return{description:E.description,deprecationReason:E.deprecationReason,type:H,args:ne(E.args)}}function ne(E){return At(E,H=>H.name,me)}function me(E){let H=u(E.type);if(!Ye(H)){let ru=P(H);throw new Error(`Introspection must provide input type for arguments, but received: ${ru}.`)}let Ce=E.defaultValue!=null?xt(Oc(E.defaultValue),H):void 0;return{description:E.description,type:H,defaultValue:Ce,deprecationReason:E.deprecationReason}}function Be(E){if(!E.args){let H=P(E);throw new Error(`Introspection result missing directive args: ${H}.`)}if(!E.locations){let H=P(E);throw new Error(`Introspection result missing directive locations: ${H}.`)}return new ht({name:E.name,description:E.description,isRepeatable:E.isRepeatable,locations:E.locations.slice(),args:ne(E.args)})}}o(eu,"buildClientSchema");function hL(e,t){return`The query exceeds the maximum complexity of ${e}. Actual complexity is ${t}`}o(hL,"queryComplexityMessage");function uE(e){let t=new wr(e.schema),r=[],n=new zn(e.schema,e.query,t,s=>r.push(s)),i=new uh(n,{maximumComplexity:e.maximumComplexity??1/0,estimators:e.estimators,variables:e.variables,operationName:e.operationName,context:e.context});if(yr(e.query,Jn(t,i)),r.length)throw r.pop();return i.complexity}o(uE,"getComplexity");var uh=class{static{o(this,"QueryComplexity")}context;complexity;options;OperationDefinition;estimators;includeDirectiveDef;skipDirectiveDef;variableValues;requestContext;constructor(t,r){if(Number(r.maximumComplexity)<=0)throw new Error("Maximum query complexity must be a positive number");this.context=t,this.complexity=0,this.options=r,this.includeDirectiveDef=this.context.getSchema().getDirective("include")||void 0,this.skipDirectiveDef=this.context.getSchema().getDirective("skip")||void 0,this.estimators=r.estimators,this.variableValues={},this.requestContext=r.context,this.OperationDefinition={enter:this.onOperationDefinitionEnter,leave:this.onOperationDefinitionLeave}}onOperationDefinitionEnter(t){if(typeof this.options.operationName=="string"&&this.options.operationName!==t.name?.value)return;let{coerced:r,errors:n}=Yc(this.context.getSchema(),t.variableDefinitions?[...t.variableDefinitions]:[],this.options.variables??{});if(n&&n.length){n.forEach(s=>this.context.reportError(s));return}this.variableValues=r||{};let i=this.context.getSchema();switch(t.operation){case"query":{let s=i.getQueryType();if(!s)throw new Error("Schema does not define the required query root type");this.complexity+=this.nodeComplexity(t,s);break}case"mutation":{let s=i.getMutationType();if(!s)throw new Error("Schema does not define the required mutation root type");this.complexity+=this.nodeComplexity(t,s);break}case"subscription":{let s=i.getSubscriptionType();if(!s)throw new Error("Schema does not define the required mutation subscription type");this.complexity+=this.nodeComplexity(t,s);break}default:throw new Error(`Query complexity could not be calculated for operation of type ${t.operation}`)}}onOperationDefinitionLeave(t){if(!(typeof this.options.operationName=="string"&&this.options.operationName!==t.name?.value)&&(this.options.onComplete&&this.options.onComplete(this.complexity),this.complexity>this.options.maximumComplexity))return this.context.reportError(this.createError())}nodeComplexity(t,r){if(t.selectionSet){let n={};(r instanceof xe||r instanceof Vt)&&(n=r.getFields());let i;_r(r)?i=this.context.getSchema().getPossibleTypes(r).map(a=>a.name):i=[r.name];let s=t.selectionSet.selections.reduce((a,c)=>{let u=a,l=!0,d=!1;for(let p of c.directives??[])switch(p.name.value){case"include":{let h=this.includeDirectiveDef&&Qi(this.includeDirectiveDef,c,this.variableValues||{});typeof h?.if=="boolean"&&(l=h.if);break}case"skip":{let h=this.skipDirectiveDef&&Qi(this.skipDirectiveDef,c,this.variableValues||{});typeof h?.if=="boolean"&&(d=h.if);break}}if(!l||d)return a;switch(c.kind){case b.FIELD:{let p=n[c.name.value];if(!p)break;let m=pt(p.type),h;try{h=Wi(p,c,this.variableValues||{})}catch(S){return this.context.reportError(S),a}let y=0;Ot(m)&&(y=this.nodeComplexity(c,m));let w={childComplexity:y,args:h,field:p,node:c,type:r,context:this.requestContext};if(!this.estimators.find(S=>{let D=S(w);return typeof D=="number"&&!isNaN(D)?(u=Wn(D,a,i),!0):!1}))return this.context.reportError(new C(`No complexity could be calculated for field ${r.name}.${p.name}. At least one complexity estimator has to return a complexity score.`)),a;break}case b.FRAGMENT_SPREAD:{let p=this.context.getFragment(c.name.value);if(!p)break;let m=this.context.getSchema().getType(p.typeCondition.name.value);if(!Ot(m))break;let h=this.nodeComplexity(p,m);_r(m)?u=Wn(h,a,this.context.getSchema().getPossibleTypes(m).map(y=>y.name)):u=Wn(h,a,[m.name]);break}case b.INLINE_FRAGMENT:{let p=r;if(c.typeCondition&&c.typeCondition.name&&(p=this.context.getSchema().getType(c.typeCondition.name.value)||p,!Ot(p)))break;let m=this.nodeComplexity(c,p);_r(p)?u=Wn(m,a,this.context.getSchema().getPossibleTypes(p).map(h=>h.name)):u=Wn(m,a,[p.name]);break}default:{u=Wn(this.nodeComplexity(c,r),a,i);break}}return u},{});return s?Math.max(...Object.values(s),0):NaN}return 0}createError(){return typeof this.options.createError=="function"?this.options.createError(this.options.maximumComplexity,this.complexity):new C(hL(this.options.maximumComplexity,this.complexity))}};function Wn(e,t,r){for(let n of r)Object.prototype.hasOwnProperty.call(t,n)?t[n]+=e:t[n]=e;return t}o(Wn,"addComplexities");function lE(e){let t=e?.defaultComplexity??1;return r=>t+r.childComplexity}o(lE,"simpleEstimator");var dE=o((e,t,r={})=>{let{definitions:n}=e,i=fL(n),s=mL(n);return Object.entries(s).map(([a,c])=>tu(c,i,0,t,a,r))},"depthLimit");function fL(e){return e.reduce((t,r)=>(r.kind===b.FRAGMENT_DEFINITION&&(t[r?.name?.value??""]=r),t),{})}o(fL,"getFragments");function mL(e){return e.reduce((t,r)=>{if(r.kind===b.OPERATION_DEFINITION){let n=r?.name?.value??"";t[n]=r}return t},{})}o(mL,"getQueriesAndMutations");function tu(e,t,r,n,i,s){if(r>n)throw s?.onLimitReached?.(r,i),new C(`${i||"Your query"} exceeds maximum operation depth of ${n}`,{nodes:[e]});let a=s?.ignore??[/^__/];switch(e.kind){case b.FIELD:return yL(e,a)||!e.selectionSet?0:1+Math.max(...e.selectionSet.selections.map(c=>tu(c,t,r+1,n,i,s)));case b.FRAGMENT_SPREAD:return tu(t[e.name.value],t,r,n,i,s);case b.INLINE_FRAGMENT:case b.FRAGMENT_DEFINITION:case b.OPERATION_DEFINITION:return Math.max(...e.selectionSet.selections.map(c=>tu(c,t,r,n,i,s)));default:throw new Error("uh oh! depth crawler cannot handle: "+e.kind)}}o(tu,"determineDepth");var yL=o((e,t)=>t.find(r=>e.name.value.match(r)!==null)||!1,"isIgnored");var gL=o(async(e,t)=>{if(!t.complexityLimit)throw new Qn.ConfigurationError("No complexity maximum defined, you need to pass a maxComplexity to the policy");let n=t.endpointUrl;if(!n)throw new Qn.ConfigurationError("No GraphQL endpoint, you need to pass a endpointUrl to the policy");let i=Xc(),c=(await(await fetch(n,{method:"POST",body:JSON.stringify({query:i}),headers:{"Content-Type":"application/json"}})).json()).data;if(!c||!c?.__schema)throw new C("GraphQL introspection query failed, enable introspection or pass a schema url in configuration.");let u=eu(c,{assumeValid:!0}),l=uE({estimators:[lE({defaultComplexity:1})],schema:u,query:e,variables:{count:10}});if(t.complexityLimit&&l>t.complexityLimit)throw new C(`Query is too complex (${l}/${t.complexityLimit}), remove some fields and try again`)},"applyComplexityLimitPolicy"),bL=o(async(e,t)=>{let r=t.depthLimit;if(!r)throw new Qn.ConfigurationError("No maximum depth defined, you need to pass a maxDepth to the policy");return Math.max(...dE(e,r))},"applyDepthLimitPolicy"),pE=o(async(e,t,r)=>{let n=Qn.SystemLogMap.getLogger(t);try{let s=await e.clone().json(),a=Rc(s.query);r.useDepthLimit&&await bL(a,r.useDepthLimit),r.useComplexityLimit&&await gL(a,r.useComplexityLimit)}catch(i){if(i instanceof C)return n.info(i),new Response(JSON.stringify(i.toJSON()),{status:400,headers:{"Content-Type":"application/json"}});throw i}return e},"GraphQLComplexityLimitInboundPolicy");var hE=ph(Ct());function _L(e){if(!e)return!1;let t=e.replace(/\s/g,"");return t.includes("__schema")||t.includes("__type")}o(_L,"isIntrospectionQuery");var fE=o(async(e,t)=>{let n=await e.clone().json();return _L(n.query)?hE.HttpProblems.forbidden(e,t,{detail:"Introspection queries are not allowed"}):e},"GraphQLDisableIntrospectionInboundPolicy");
229
+ `}o(Xc,"getIntrospectionQuery");function eu(e,t){Ee(e)&&Ee(e.__schema)||B(!1,`Invalid or incomplete introspection result. Ensure that you are passing "data" property of introspection response and no "errors" was returned alongside: ${P(e)}.`);let r=e.__schema,n=At(r.types,E=>E.name,E=>m(E));for(let E of[...Zp,...sh])n[E.name]&&(n[E.name]=E);let i=r.queryType?d(r.queryType):null,s=r.mutationType?d(r.mutationType):null,a=r.subscriptionType?d(r.subscriptionType):null,c=r.directives?r.directives.map(Be):[];return new Ji({description:r.description,query:i,mutation:s,subscription:a,types:Object.values(n),directives:c,assumeValid:t?.assumeValid});function u(E){if(E.kind===ee.LIST){let H=E.ofType;if(!H)throw new Error("Decorated type deeper than introspection query.");return new pe(u(H))}if(E.kind===ee.NON_NULL){let H=E.ofType;if(!H)throw new Error("Decorated type deeper than introspection query.");let Ce=u(H);return new j(Fc(Ce))}return l(E)}function l(E){let H=E.name;if(!H)throw new Error(`Unknown type reference: ${P(E)}.`);let Ce=n[H];if(!Ce)throw new Error(`Invalid or incomplete schema, unknown type: ${H}. Ensure that a full introspection query is used in order to build a client schema.`);return Ce}function d(E){return Mc(l(E))}function p(E){return kc(l(E))}function m(E){if(E!=null&&E.name!=null&&E.kind!=null)switch(E.kind){case ee.SCALAR:return h(E);case ee.OBJECT:return w(E);case ee.INTERFACE:return T(E);case ee.UNION:return S(E);case ee.ENUM:return L(E);case ee.INPUT_OBJECT:return F(E)}let H=P(E);throw new Error(`Invalid or incomplete introspection result. Ensure that a full introspection query is used in order to build a client schema: ${H}.`)}function h(E){return new We({name:E.name,description:E.description,specifiedByURL:E.specifiedByURL})}function y(E){if(E.interfaces===null&&E.kind===ee.INTERFACE)return[];if(!E.interfaces){let H=P(E);throw new Error(`Introspection result missing interfaces: ${H}.`)}return E.interfaces.map(p)}function w(E){return new xe({name:E.name,description:E.description,interfaces:()=>y(E),fields:()=>N(E)})}function T(E){return new Vt({name:E.name,description:E.description,interfaces:()=>y(E),fields:()=>N(E)})}function S(E){if(!E.possibleTypes){let H=P(E);throw new Error(`Introspection result missing possibleTypes: ${H}.`)}return new qr({name:E.name,description:E.description,types:()=>E.possibleTypes.map(d)})}function L(E){if(!E.enumValues){let H=P(E);throw new Error(`Introspection result missing enumValues: ${H}.`)}return new Rt({name:E.name,description:E.description,values:At(E.enumValues,H=>H.name,H=>({description:H.description,deprecationReason:H.deprecationReason}))})}function F(E){if(!E.inputFields){let H=P(E);throw new Error(`Introspection result missing inputFields: ${H}.`)}return new $r({name:E.name,description:E.description,fields:()=>ne(E.inputFields)})}function N(E){if(!E.fields)throw new Error(`Introspection result missing fields: ${P(E)}.`);return At(E.fields,H=>H.name,re)}function re(E){let H=u(E.type);if(!Gt(H)){let Ce=P(H);throw new Error(`Introspection must provide output type for fields, but received: ${Ce}.`)}if(!E.args){let Ce=P(E);throw new Error(`Introspection result missing field args: ${Ce}.`)}return{description:E.description,deprecationReason:E.deprecationReason,type:H,args:ne(E.args)}}function ne(E){return At(E,H=>H.name,me)}function me(E){let H=u(E.type);if(!Ye(H)){let ru=P(H);throw new Error(`Introspection must provide input type for arguments, but received: ${ru}.`)}let Ce=E.defaultValue!=null?xt(Oc(E.defaultValue),H):void 0;return{description:E.description,type:H,defaultValue:Ce,deprecationReason:E.deprecationReason}}function Be(E){if(!E.args){let H=P(E);throw new Error(`Introspection result missing directive args: ${H}.`)}if(!E.locations){let H=P(E);throw new Error(`Introspection result missing directive locations: ${H}.`)}return new ht({name:E.name,description:E.description,isRepeatable:E.isRepeatable,locations:E.locations.slice(),args:ne(E.args)})}}o(eu,"buildClientSchema");function hL(e,t){return`The query exceeds the maximum complexity of ${e}. Actual complexity is ${t}`}o(hL,"queryComplexityMessage");function uE(e){let t=new wr(e.schema),r=[],n=new zn(e.schema,e.query,t,s=>r.push(s)),i=new uh(n,{maximumComplexity:e.maximumComplexity??1/0,estimators:e.estimators,variables:e.variables,operationName:e.operationName,context:e.context});if(yr(e.query,Jn(t,i)),r.length)throw r.pop();return i.complexity}o(uE,"getComplexity");var uh=class{static{o(this,"QueryComplexity")}context;complexity;options;OperationDefinition;estimators;includeDirectiveDef;skipDirectiveDef;variableValues;requestContext;constructor(t,r){if(Number(r.maximumComplexity)<=0)throw new Error("Maximum query complexity must be a positive number");this.context=t,this.complexity=0,this.options=r,this.includeDirectiveDef=this.context.getSchema().getDirective("include")||void 0,this.skipDirectiveDef=this.context.getSchema().getDirective("skip")||void 0,this.estimators=r.estimators,this.variableValues={},this.requestContext=r.context,this.OperationDefinition={enter:this.onOperationDefinitionEnter,leave:this.onOperationDefinitionLeave}}onOperationDefinitionEnter(t){if(typeof this.options.operationName=="string"&&this.options.operationName!==t.name?.value)return;let{coerced:r,errors:n}=Yc(this.context.getSchema(),t.variableDefinitions?[...t.variableDefinitions]:[],this.options.variables??{});if(n&&n.length){n.forEach(s=>this.context.reportError(s));return}this.variableValues=r||{};let i=this.context.getSchema();switch(t.operation){case"query":{let s=i.getQueryType();if(!s)throw new Error("Schema does not define the required query root type");this.complexity+=this.nodeComplexity(t,s);break}case"mutation":{let s=i.getMutationType();if(!s)throw new Error("Schema does not define the required mutation root type");this.complexity+=this.nodeComplexity(t,s);break}case"subscription":{let s=i.getSubscriptionType();if(!s)throw new Error("Schema does not define the required mutation subscription type");this.complexity+=this.nodeComplexity(t,s);break}default:throw new Error(`Query complexity could not be calculated for operation of type ${t.operation}`)}}onOperationDefinitionLeave(t){if(!(typeof this.options.operationName=="string"&&this.options.operationName!==t.name?.value)&&(this.options.onComplete&&this.options.onComplete(this.complexity),this.complexity>this.options.maximumComplexity))return this.context.reportError(this.createError())}nodeComplexity(t,r){if(t.selectionSet){let n={};(r instanceof xe||r instanceof Vt)&&(n=r.getFields());let i;_r(r)?i=this.context.getSchema().getPossibleTypes(r).map(a=>a.name):i=[r.name];let s=t.selectionSet.selections.reduce((a,c)=>{let u=a,l=!0,d=!1;for(let p of c.directives??[])switch(p.name.value){case"include":{let h=this.includeDirectiveDef&&Qi(this.includeDirectiveDef,c,this.variableValues||{});typeof h?.if=="boolean"&&(l=h.if);break}case"skip":{let h=this.skipDirectiveDef&&Qi(this.skipDirectiveDef,c,this.variableValues||{});typeof h?.if=="boolean"&&(d=h.if);break}}if(!l||d)return a;switch(c.kind){case b.FIELD:{let p=n[c.name.value];if(!p)break;let m=pt(p.type),h;try{h=Wi(p,c,this.variableValues||{})}catch(S){return this.context.reportError(S),a}let y=0;Ot(m)&&(y=this.nodeComplexity(c,m));let w={childComplexity:y,args:h,field:p,node:c,type:r,context:this.requestContext};if(!this.estimators.find(S=>{let L=S(w);return typeof L=="number"&&!isNaN(L)?(u=Wn(L,a,i),!0):!1}))return this.context.reportError(new C(`No complexity could be calculated for field ${r.name}.${p.name}. At least one complexity estimator has to return a complexity score.`)),a;break}case b.FRAGMENT_SPREAD:{let p=this.context.getFragment(c.name.value);if(!p)break;let m=this.context.getSchema().getType(p.typeCondition.name.value);if(!Ot(m))break;let h=this.nodeComplexity(p,m);_r(m)?u=Wn(h,a,this.context.getSchema().getPossibleTypes(m).map(y=>y.name)):u=Wn(h,a,[m.name]);break}case b.INLINE_FRAGMENT:{let p=r;if(c.typeCondition&&c.typeCondition.name&&(p=this.context.getSchema().getType(c.typeCondition.name.value)||p,!Ot(p)))break;let m=this.nodeComplexity(c,p);_r(p)?u=Wn(m,a,this.context.getSchema().getPossibleTypes(p).map(h=>h.name)):u=Wn(m,a,[p.name]);break}default:{u=Wn(this.nodeComplexity(c,r),a,i);break}}return u},{});return s?Math.max(...Object.values(s),0):NaN}return 0}createError(){return typeof this.options.createError=="function"?this.options.createError(this.options.maximumComplexity,this.complexity):new C(hL(this.options.maximumComplexity,this.complexity))}};function Wn(e,t,r){for(let n of r)Object.prototype.hasOwnProperty.call(t,n)?t[n]+=e:t[n]=e;return t}o(Wn,"addComplexities");function lE(e){let t=e?.defaultComplexity??1;return r=>t+r.childComplexity}o(lE,"simpleEstimator");var dE=o((e,t,r={})=>{let{definitions:n}=e,i=fL(n),s=mL(n);return Object.entries(s).map(([a,c])=>tu(c,i,0,t,a,r))},"depthLimit");function fL(e){return e.reduce((t,r)=>(r.kind===b.FRAGMENT_DEFINITION&&(t[r?.name?.value??""]=r),t),{})}o(fL,"getFragments");function mL(e){return e.reduce((t,r)=>{if(r.kind===b.OPERATION_DEFINITION){let n=r?.name?.value??"";t[n]=r}return t},{})}o(mL,"getQueriesAndMutations");function tu(e,t,r,n,i,s){if(r>n)throw s?.onLimitReached?.(r,i),new C(`${i||"Your query"} exceeds maximum operation depth of ${n}`,{nodes:[e]});let a=s?.ignore??[/^__/];switch(e.kind){case b.FIELD:return yL(e,a)||!e.selectionSet?0:1+Math.max(...e.selectionSet.selections.map(c=>tu(c,t,r+1,n,i,s)));case b.FRAGMENT_SPREAD:return tu(t[e.name.value],t,r,n,i,s);case b.INLINE_FRAGMENT:case b.FRAGMENT_DEFINITION:case b.OPERATION_DEFINITION:return Math.max(...e.selectionSet.selections.map(c=>tu(c,t,r,n,i,s)));default:throw new Error("uh oh! depth crawler cannot handle: "+e.kind)}}o(tu,"determineDepth");var yL=o((e,t)=>t.find(r=>e.name.value.match(r)!==null)||!1,"isIgnored");var gL=o(async(e,t)=>{if(!t.complexityLimit)throw new Qn.ConfigurationError("No complexity maximum defined, you need to pass a maxComplexity to the policy");let n=t.endpointUrl;if(!n)throw new Qn.ConfigurationError("No GraphQL endpoint, you need to pass a endpointUrl to the policy");let i=Xc(),c=(await(await fetch(n,{method:"POST",body:JSON.stringify({query:i}),headers:{"Content-Type":"application/json"}})).json()).data;if(!c||!c?.__schema)throw new C("GraphQL introspection query failed, enable introspection or pass a schema url in configuration.");let u=eu(c,{assumeValid:!0}),l=uE({estimators:[lE({defaultComplexity:1})],schema:u,query:e,variables:{count:10}});if(t.complexityLimit&&l>t.complexityLimit)throw new C(`Query is too complex (${l}/${t.complexityLimit}), remove some fields and try again`)},"applyComplexityLimitPolicy"),bL=o(async(e,t)=>{let r=t.depthLimit;if(!r)throw new Qn.ConfigurationError("No maximum depth defined, you need to pass a maxDepth to the policy");return Math.max(...dE(e,r))},"applyDepthLimitPolicy"),pE=o(async(e,t,r)=>{let n=Qn.SystemLogMap.getLogger(t);try{let s=await e.clone().json(),a=Rc(s.query);r.useDepthLimit&&await bL(a,r.useDepthLimit),r.useComplexityLimit&&await gL(a,r.useComplexityLimit)}catch(i){if(i instanceof C)return n.info(i),new Response(JSON.stringify(i.toJSON()),{status:400,headers:{"Content-Type":"application/json"}});throw i}return e},"GraphQLComplexityLimitInboundPolicy");var hE=ph(Ct());function _L(e){if(!e)return!1;let t=e.replace(/\s/g,"");return t.includes("__schema")||t.includes("__type")}o(_L,"isIntrospectionQuery");var fE=o(async(e,t)=>{let n=await e.clone().json();return _L(n.query)?hE.HttpProblems.forbidden(e,t,{detail:"Introspection queries are not allowed"}):e},"GraphQLDisableIntrospectionInboundPolicy");
230
230
  /*! For license information please see index.minified.js.LEGAL.txt */