npm - accounts - Versions diffs - 0.4.0 → 0.4.2 - Mend

accounts 0.4.0 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

package/CHANGELOG.md +13 -0
package/README.md +38 -7
package/dist/cli/Provider.d.ts +12 -0
package/dist/cli/Provider.d.ts.map +1 -0
package/dist/cli/Provider.js +19 -0
package/dist/cli/Provider.js.map +1 -0
package/dist/cli/adapter.d.ts +24 -0
package/dist/cli/adapter.d.ts.map +1 -0
package/dist/cli/adapter.js +173 -0
package/dist/cli/adapter.js.map +1 -0
package/dist/cli/index.d.ts +3 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +3 -0
package/dist/cli/index.js.map +1 -0
package/dist/core/Dialog.d.ts.map +1 -1
package/dist/core/Dialog.js +25 -1
package/dist/core/Dialog.js.map +1 -1
package/dist/core/IntersectionObserver.d.ts +3 -0
package/dist/core/IntersectionObserver.d.ts.map +1 -0
package/dist/core/IntersectionObserver.js +6 -0
package/dist/core/IntersectionObserver.js.map +1 -0
package/dist/core/Messenger.d.ts +14 -3
package/dist/core/Messenger.d.ts.map +1 -1
package/dist/core/Messenger.js +4 -4
package/dist/core/Messenger.js.map +1 -1
package/dist/core/Remote.d.ts +6 -3
package/dist/core/Remote.d.ts.map +1 -1
package/dist/core/Remote.js +3 -6
package/dist/core/Remote.js.map +1 -1
package/dist/core/adapters/local.d.ts.map +1 -1
package/dist/core/adapters/local.js +2 -2
package/dist/core/adapters/local.js.map +1 -1
package/dist/index.d.ts +1 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +1 -0
package/dist/index.js.map +1 -1
package/dist/react/Remote.d.ts +21 -0
package/dist/react/Remote.d.ts.map +1 -0
package/dist/react/Remote.js +51 -0
package/dist/react/Remote.js.map +1 -0
package/dist/react/index.d.ts +2 -0
package/dist/react/index.d.ts.map +1 -0
package/dist/react/index.js +2 -0
package/dist/react/index.js.map +1 -0
package/dist/server/CliAuth.d.ts +553 -0
package/dist/server/CliAuth.d.ts.map +1 -0
package/dist/server/CliAuth.js +446 -0
package/dist/server/CliAuth.js.map +1 -0
package/dist/server/Handler.d.ts +36 -2
package/dist/server/Handler.d.ts.map +1 -1
package/dist/server/Handler.js +84 -0
package/dist/server/Handler.js.map +1 -1
package/dist/server/index.d.ts +1 -0
package/dist/server/index.d.ts.map +1 -1
package/dist/server/index.js +1 -0
package/dist/server/index.js.map +1 -1
package/package.json +16 -54
package/src/cli/Provider.test-d.ts +28 -0
package/src/cli/Provider.test.ts +235 -0
package/src/cli/Provider.ts +26 -0
package/src/cli/adapter.ts +229 -0
package/src/cli/index.ts +2 -0
package/src/core/Dialog.ts +31 -1
package/src/core/IntersectionObserver.ts +6 -0
package/src/core/Messenger.ts +18 -8
package/src/core/Provider.test.ts +12 -2
package/src/core/Remote.ts +9 -10
package/src/core/adapters/local.ts +7 -2
package/src/index.ts +1 -0
package/src/react/Remote.ts +94 -0
package/src/react/index.ts +1 -0
package/src/server/CliAuth.test-d.ts +56 -0
package/src/server/CliAuth.test.ts +800 -0
package/src/server/CliAuth.ts +634 -0
package/src/server/Handler.ts +123 -1
package/src/server/index.ts +1 -0

package/dist/server/CliAuth.d.ts ADDED Viewed

@@ -0,0 +1,553 @@
+import { Hex } from 'ox';
+import { SignatureEnvelope } from 'ox/tempo';
+import { type Chain, type Client, type Transport } from 'viem';
+import type { Address } from 'viem/accounts';
+import * as z from 'zod/mini';
+import type { MaybePromise } from '../internal/types.js';
+import type { Kv } from './Kv.js';
+/** Supported access-key types for CLI bootstrap. */
+export declare const keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+/** Signed key authorization returned by the device-code flow. */
+export declare const keyAuthorization: z.ZodMiniObject<{
+    address: z.ZodMiniTemplateLiteral<`0x${string}`>;
+    chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+    expiry: z.ZodMiniOptional<z.ZodMiniNullable<z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniNumber<number>>>>;
+    keyId: z.ZodMiniTemplateLiteral<`0x${string}`>;
+    keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+    limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+        token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+    }, z.core.$strip>>>>;
+    signature: z.ZodMiniCustom<SignatureEnvelope.SignatureEnvelopeRpc, SignatureEnvelope.SignatureEnvelopeRpc>;
+}, z.core.$strip>;
+/** Request body for `POST /auth/pkce/code`. */
+export declare const createRequest: z.ZodMiniObject<{
+    account: z.ZodMiniOptional<z.ZodMiniTemplateLiteral<`0x${string}`>>;
+    codeChallenge: z.ZodMiniString<string>;
+    expiry: z.ZodMiniOptional<z.ZodMiniNumber<number>>;
+    keyType: z.ZodMiniOptional<z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>>;
+    limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+        token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+    }, z.core.$strip>>>>;
+    pubKey: z.ZodMiniTemplateLiteral<`0x${string}`>;
+}, z.core.$strip>;
+/** Response body for `POST /cli-auth/device-code`. */
+export declare const createResponse: z.ZodMiniObject<{
+    code: z.ZodMiniString<string>;
+}, z.core.$strip>;
+/** Request body for `POST /auth/pkce/poll/:code`. */
+export declare const pollRequest: z.ZodMiniObject<{
+    codeVerifier: z.ZodMiniString<string>;
+}, z.core.$strip>;
+/** Response body for `POST /auth/pkce/poll/:code`. */
+export declare const pollResponse: Omit<z.ZodMiniUnion<readonly [z.ZodMiniObject<{
+    status: z.ZodMiniLiteral<"pending">;
+}, z.core.$strip>, z.ZodMiniObject<{
+    status: z.ZodMiniLiteral<"authorized">;
+    accountAddress: z.ZodMiniTemplateLiteral<`0x${string}`>;
+    keyAuthorization: z.ZodMiniObject<{
+        address: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        expiry: z.ZodMiniOptional<z.ZodMiniNullable<z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniNumber<number>>>>;
+        keyId: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+        limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+            token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        }, z.core.$strip>>>>;
+        signature: z.ZodMiniCustom<SignatureEnvelope.SignatureEnvelopeRpc, SignatureEnvelope.SignatureEnvelopeRpc>;
+    }, z.core.$strip>;
+}, z.core.$strip>, z.ZodMiniObject<{
+    status: z.ZodMiniLiteral<"expired">;
+}, z.core.$strip>]>, "_zod"> & {
+    _zod: Omit<z.core.$ZodUnionInternals<readonly [z.ZodMiniObject<{
+        status: z.ZodMiniLiteral<"pending">;
+    }, z.core.$strip>, z.ZodMiniObject<{
+        status: z.ZodMiniLiteral<"authorized">;
+        accountAddress: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        keyAuthorization: z.ZodMiniObject<{
+            address: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+            expiry: z.ZodMiniOptional<z.ZodMiniNullable<z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniNumber<number>>>>;
+            keyId: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+            limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+                token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+                limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+            }, z.core.$strip>>>>;
+            signature: z.ZodMiniCustom<SignatureEnvelope.SignatureEnvelopeRpc, SignatureEnvelope.SignatureEnvelopeRpc>;
+        }, z.core.$strip>;
+    }, z.core.$strip>, z.ZodMiniObject<{
+        status: z.ZodMiniLiteral<"expired">;
+    }, z.core.$strip>]>, "output"> & {
+        output: {
+            status: "pending";
+            keyAuthorization?: undefined;
+            accountAddress?: undefined;
+        } | {
+            status: "authorized";
+            accountAddress: `0x${string}`;
+            keyAuthorization: {
+                address: `0x${string}`;
+                chainId: bigint;
+                keyId: `0x${string}`;
+                keyType: "secp256k1" | "p256" | "webAuthn";
+                signature: SignatureEnvelope.SignatureEnvelopeRpc;
+                expiry?: number | null | undefined;
+                limits?: readonly {
+                    token: `0x${string}`;
+                    limit: bigint;
+                }[] | undefined;
+            };
+        } | {
+            status: "expired";
+            keyAuthorization?: undefined;
+            accountAddress?: undefined;
+        };
+    };
+};
+/** Response body for `GET /auth/pkce/pending/:code`. */
+export declare const pendingResponse: z.ZodMiniObject<{
+    accessKeyAddress: z.ZodMiniTemplateLiteral<`0x${string}`>;
+    account: z.ZodMiniOptional<z.ZodMiniTemplateLiteral<`0x${string}`>>;
+    chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+    code: z.ZodMiniString<string>;
+    expiry: z.ZodMiniNumber<number>;
+    keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+    limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+        token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+    }, z.core.$strip>>>>;
+    pubKey: z.ZodMiniTemplateLiteral<`0x${string}`>;
+    status: z.ZodMiniLiteral<"pending">;
+}, z.core.$strip>;
+/** Request body for `POST /auth/pkce`. */
+export declare const authorizeRequest: z.ZodMiniObject<{
+    accountAddress: z.ZodMiniTemplateLiteral<`0x${string}`>;
+    code: z.ZodMiniString<string>;
+    keyAuthorization: z.ZodMiniObject<{
+        address: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        expiry: z.ZodMiniOptional<z.ZodMiniNullable<z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniNumber<number>>>>;
+        keyId: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+        limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+            token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        }, z.core.$strip>>>>;
+        signature: z.ZodMiniCustom<SignatureEnvelope.SignatureEnvelopeRpc, SignatureEnvelope.SignatureEnvelopeRpc>;
+    }, z.core.$strip>;
+}, z.core.$strip>;
+/** Response body for `POST /cli-auth/authorize`. */
+export declare const authorizeResponse: z.ZodMiniObject<{
+    status: z.ZodMiniLiteral<"authorized">;
+}, z.core.$strip>;
+/** Stored device-code entry schema. */
+export declare const entry: Omit<z.ZodMiniUnion<readonly [z.ZodMiniObject<{
+    account: z.ZodMiniOptional<z.ZodMiniTemplateLiteral<`0x${string}`>>;
+    chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+    code: z.ZodMiniString<string>;
+    codeChallenge: z.ZodMiniString<string>;
+    createdAt: z.ZodMiniNumber<number>;
+    expiresAt: z.ZodMiniNumber<number>;
+    expiry: z.ZodMiniNumber<number>;
+    keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+    limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+        token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+    }, z.core.$strip>>>>;
+    pubKey: z.ZodMiniTemplateLiteral<`0x${string}`>;
+    status: z.ZodMiniLiteral<"pending">;
+}, z.core.$strip>, z.ZodMiniObject<{
+    account: z.ZodMiniOptional<z.ZodMiniTemplateLiteral<`0x${string}`>>;
+    accountAddress: z.ZodMiniTemplateLiteral<`0x${string}`>;
+    authorizedAt: z.ZodMiniNumber<number>;
+    chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+    code: z.ZodMiniString<string>;
+    codeChallenge: z.ZodMiniString<string>;
+    createdAt: z.ZodMiniNumber<number>;
+    expiresAt: z.ZodMiniNumber<number>;
+    expiry: z.ZodMiniNumber<number>;
+    keyAuthorization: z.ZodMiniObject<{
+        address: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        expiry: z.ZodMiniOptional<z.ZodMiniNullable<z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniNumber<number>>>>;
+        keyId: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+        limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+            token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        }, z.core.$strip>>>>;
+        signature: z.ZodMiniCustom<SignatureEnvelope.SignatureEnvelopeRpc, SignatureEnvelope.SignatureEnvelopeRpc>;
+    }, z.core.$strip>;
+    keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+    limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+        token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+    }, z.core.$strip>>>>;
+    pubKey: z.ZodMiniTemplateLiteral<`0x${string}`>;
+    status: z.ZodMiniLiteral<"authorized">;
+}, z.core.$strip>, z.ZodMiniObject<{
+    account: z.ZodMiniOptional<z.ZodMiniTemplateLiteral<`0x${string}`>>;
+    accountAddress: z.ZodMiniTemplateLiteral<`0x${string}`>;
+    authorizedAt: z.ZodMiniNumber<number>;
+    chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+    code: z.ZodMiniString<string>;
+    codeChallenge: z.ZodMiniString<string>;
+    consumedAt: z.ZodMiniNumber<number>;
+    createdAt: z.ZodMiniNumber<number>;
+    expiresAt: z.ZodMiniNumber<number>;
+    expiry: z.ZodMiniNumber<number>;
+    keyAuthorization: z.ZodMiniObject<{
+        address: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        expiry: z.ZodMiniOptional<z.ZodMiniNullable<z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniNumber<number>>>>;
+        keyId: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+        limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+            token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        }, z.core.$strip>>>>;
+        signature: z.ZodMiniCustom<SignatureEnvelope.SignatureEnvelopeRpc, SignatureEnvelope.SignatureEnvelopeRpc>;
+    }, z.core.$strip>;
+    keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+    limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+        token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+    }, z.core.$strip>>>>;
+    pubKey: z.ZodMiniTemplateLiteral<`0x${string}`>;
+    status: z.ZodMiniLiteral<"consumed">;
+}, z.core.$strip>]>, "_zod"> & {
+    _zod: Omit<z.core.$ZodUnionInternals<readonly [z.ZodMiniObject<{
+        account: z.ZodMiniOptional<z.ZodMiniTemplateLiteral<`0x${string}`>>;
+        chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        code: z.ZodMiniString<string>;
+        codeChallenge: z.ZodMiniString<string>;
+        createdAt: z.ZodMiniNumber<number>;
+        expiresAt: z.ZodMiniNumber<number>;
+        expiry: z.ZodMiniNumber<number>;
+        keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+        limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+            token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        }, z.core.$strip>>>>;
+        pubKey: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        status: z.ZodMiniLiteral<"pending">;
+    }, z.core.$strip>, z.ZodMiniObject<{
+        account: z.ZodMiniOptional<z.ZodMiniTemplateLiteral<`0x${string}`>>;
+        accountAddress: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        authorizedAt: z.ZodMiniNumber<number>;
+        chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        code: z.ZodMiniString<string>;
+        codeChallenge: z.ZodMiniString<string>;
+        createdAt: z.ZodMiniNumber<number>;
+        expiresAt: z.ZodMiniNumber<number>;
+        expiry: z.ZodMiniNumber<number>;
+        keyAuthorization: z.ZodMiniObject<{
+            address: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+            expiry: z.ZodMiniOptional<z.ZodMiniNullable<z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniNumber<number>>>>;
+            keyId: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+            limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+                token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+                limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+            }, z.core.$strip>>>>;
+            signature: z.ZodMiniCustom<SignatureEnvelope.SignatureEnvelopeRpc, SignatureEnvelope.SignatureEnvelopeRpc>;
+        }, z.core.$strip>;
+        keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+        limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+            token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        }, z.core.$strip>>>>;
+        pubKey: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        status: z.ZodMiniLiteral<"authorized">;
+    }, z.core.$strip>, z.ZodMiniObject<{
+        account: z.ZodMiniOptional<z.ZodMiniTemplateLiteral<`0x${string}`>>;
+        accountAddress: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        authorizedAt: z.ZodMiniNumber<number>;
+        chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        code: z.ZodMiniString<string>;
+        codeChallenge: z.ZodMiniString<string>;
+        consumedAt: z.ZodMiniNumber<number>;
+        createdAt: z.ZodMiniNumber<number>;
+        expiresAt: z.ZodMiniNumber<number>;
+        expiry: z.ZodMiniNumber<number>;
+        keyAuthorization: z.ZodMiniObject<{
+            address: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            chainId: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+            expiry: z.ZodMiniOptional<z.ZodMiniNullable<z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniNumber<number>>>>;
+            keyId: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+            limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+                token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+                limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+            }, z.core.$strip>>>>;
+            signature: z.ZodMiniCustom<SignatureEnvelope.SignatureEnvelopeRpc, SignatureEnvelope.SignatureEnvelopeRpc>;
+        }, z.core.$strip>;
+        keyType: z.ZodMiniUnion<readonly [z.ZodMiniLiteral<"secp256k1">, z.ZodMiniLiteral<"p256">, z.ZodMiniLiteral<"webAuthn">]>;
+        limits: z.ZodMiniOptional<z.ZodMiniReadonly<z.ZodMiniArray<z.ZodMiniObject<{
+            token: z.ZodMiniTemplateLiteral<`0x${string}`>;
+            limit: z.ZodMiniCodec<z.ZodMiniTemplateLiteral<`0x${string}`>, z.ZodMiniBigInt<bigint>>;
+        }, z.core.$strip>>>>;
+        pubKey: z.ZodMiniTemplateLiteral<`0x${string}`>;
+        status: z.ZodMiniLiteral<"consumed">;
+    }, z.core.$strip>]>, "output"> & {
+        output: {
+            chainId: bigint;
+            code: string;
+            codeChallenge: string;
+            createdAt: number;
+            expiresAt: number;
+            expiry: number;
+            keyType: "secp256k1" | "p256" | "webAuthn";
+            pubKey: `0x${string}`;
+            status: "pending";
+            account?: `0x${string}` | undefined;
+            limits?: readonly {
+                token: `0x${string}`;
+                limit: bigint;
+            }[] | undefined;
+            keyAuthorization?: undefined;
+            accountAddress?: undefined;
+            authorizedAt?: undefined;
+            consumedAt?: undefined;
+        } | {
+            accountAddress: `0x${string}`;
+            authorizedAt: number;
+            chainId: bigint;
+            code: string;
+            codeChallenge: string;
+            createdAt: number;
+            expiresAt: number;
+            expiry: number;
+            keyAuthorization: {
+                address: `0x${string}`;
+                chainId: bigint;
+                keyId: `0x${string}`;
+                keyType: "secp256k1" | "p256" | "webAuthn";
+                signature: SignatureEnvelope.SignatureEnvelopeRpc;
+                expiry?: number | null | undefined;
+                limits?: readonly {
+                    token: `0x${string}`;
+                    limit: bigint;
+                }[] | undefined;
+            };
+            keyType: "secp256k1" | "p256" | "webAuthn";
+            pubKey: `0x${string}`;
+            status: "authorized";
+            account?: `0x${string}` | undefined;
+            limits?: readonly {
+                token: `0x${string}`;
+                limit: bigint;
+            }[] | undefined;
+            consumedAt?: undefined;
+        } | {
+            accountAddress: `0x${string}`;
+            authorizedAt: number;
+            chainId: bigint;
+            code: string;
+            codeChallenge: string;
+            consumedAt: number;
+            createdAt: number;
+            expiresAt: number;
+            expiry: number;
+            keyAuthorization: {
+                address: `0x${string}`;
+                chainId: bigint;
+                keyId: `0x${string}`;
+                keyType: "secp256k1" | "p256" | "webAuthn";
+                signature: SignatureEnvelope.SignatureEnvelopeRpc;
+                expiry?: number | null | undefined;
+                limits?: readonly {
+                    token: `0x${string}`;
+                    limit: bigint;
+                }[] | undefined;
+            };
+            keyType: "secp256k1" | "p256" | "webAuthn";
+            pubKey: `0x${string}`;
+            status: "consumed";
+            account?: `0x${string}` | undefined;
+            limits?: readonly {
+                token: `0x${string}`;
+                limit: bigint;
+            }[] | undefined;
+        };
+    };
+};
+/** Stored device-code entry. */
+export type Entry = z.output<typeof entry>;
+/** Device-code storage contract. */
+export type Store = {
+    /** Saves a new pending device-code entry. */
+    create: (entry: Entry.Pending) => MaybePromise<void>;
+    /** Loads a device-code entry by verification code. */
+    get: (code: string) => MaybePromise<Entry | undefined>;
+    /** Marks a pending device-code as authorized. */
+    authorize: (options: Store.authorize.Options) => MaybePromise<Entry.Authorized | undefined>;
+    /** Consumes an authorized device-code exactly once. */
+    consume: (code: string) => MaybePromise<Entry.Authorized | undefined>;
+    /** Deletes a device-code entry. */
+    delete: (code: string) => MaybePromise<void>;
+};
+export declare namespace Entry {
+    /** Pending device-code entry. */
+    type Pending = Extract<z.output<typeof entry>, {
+        status: 'pending';
+    }>;
+    /** Authorized device-code entry. */
+    type Authorized = Extract<z.output<typeof entry>, {
+        status: 'authorized';
+    }>;
+    /** Consumed device-code entry. */
+    type Consumed = Extract<z.output<typeof entry>, {
+        status: 'consumed';
+    }>;
+}
+export declare namespace Store {
+    namespace authorize {
+        type Options = {
+            /** Root account that approved the access key. */
+            accountAddress: Address;
+            /** Signed key authorization. */
+            keyAuthorization: z.output<typeof keyAuthorization>;
+            /** Verification code to authorize. */
+            code: string;
+        };
+    }
+    namespace kv {
+        type Options = {
+            /** Prefix used for KV keys. @default "cli-auth" */
+            key?: string | undefined;
+        };
+    }
+}
+/** Error thrown when pending device-code lookup cannot return a pending request. */
+export declare class PendingError extends Error {
+    status: 400 | 404;
+    constructor(message: string, status: 400 | 404);
+}
+/** Host validation and sanitization for requested CLI auth defaults. */
+export type Policy = {
+    /** Validates and optionally rewrites requested policy before the entry is stored. */
+    validate: (options: Policy.validate.Options) => MaybePromise<Policy.validate.ReturnType>;
+};
+export declare namespace Policy {
+    namespace validate {
+        type Options = {
+            /** Requested root account restriction. */
+            account?: Address | undefined;
+            /** Requested access-key expiry timestamp. Omit to let the server choose one. */
+            expiry?: number | undefined;
+            /** Requested key type. */
+            keyType: z.output<typeof keyType>;
+            /** Requested spending limits. */
+            limits?: readonly {
+                token: Address;
+                limit: bigint;
+            }[] | undefined;
+            /** Requested access-key public key. */
+            pubKey: Hex.Hex;
+        };
+        type ReturnType = {
+            /** Approved access-key expiry timestamp. */
+            expiry: number;
+            /** Approved spending limits. */
+            limits?: readonly {
+                token: Address;
+                limit: bigint;
+            }[] | undefined;
+        };
+    }
+}
+/** Built-in device-code store helpers. */
+export declare const Store: {
+    /**
+     * Creates an in-memory device-code store.
+     *
+     * Useful for tests and single-process servers.
+     */
+    memory(): Store;
+    /**
+     * Creates a key-value backed device-code store.
+     *
+     * Stored values are encoded through the shared entry schema so they remain
+     * JSON-safe across KV implementations.
+     */
+    kv(kv: Kv, options?: Store.kv.Options): Store;
+};
+/** Built-in policy helpers. */
+export declare const Policy: {
+    /** Creates an allow-all policy with a default 24-hour expiry when omitted. */
+    allow(): Policy;
+    /** Returns the provided policy unchanged. */
+    from(policy: Policy): Policy;
+};
+/** Creates and stores a new device code. */
+export declare function createDeviceCode(options: createDeviceCode.Options): Promise<createDeviceCode.ReturnType>;
+export declare namespace createDeviceCode {
+    type Options = {
+        /** Chain ID embedded into the expected key authorization. @default tempo.id */
+        chainId?: bigint | number | undefined;
+        /** Time source used for TTL evaluation. */
+        now?: (() => number) | undefined;
+        /** Policy used to validate requested expiry and limits. */
+        policy?: Policy | undefined;
+        /** Random byte generator used for verification code allocation. */
+        random?: ((size: number) => Uint8Array) | undefined;
+        /** Incoming device-code creation request. */
+        request: z.output<typeof createRequest>;
+        /** Device-code store. */
+        store?: Store | undefined;
+        /** Pending entry TTL in milliseconds. @default 600000 */
+        ttlMs?: number | undefined;
+    };
+    type ReturnType = z.output<typeof createResponse>;
+}
+/** Looks up a pending device code for browser approval UIs. */
+export declare function pending(options: pending.Options): Promise<pending.ReturnType>;
+export declare namespace pending {
+    type Options = {
+        /** Verification code from the route path. */
+        code: string;
+        /** Time source used for TTL evaluation. */
+        now?: (() => number) | undefined;
+        /** Device-code store. */
+        store?: Store | undefined;
+    };
+    type ReturnType = z.output<typeof pendingResponse>;
+}
+/** Polls a device code with PKCE verification. */
+export declare function poll(options: poll.Options): Promise<poll.ReturnType>;
+export declare namespace poll {
+    type Options = {
+        /** Verification code from the route path. */
+        code: string;
+        /** Time source used for TTL evaluation. */
+        now?: (() => number) | undefined;
+        /** Poll request body. */
+        request: z.output<typeof pollRequest>;
+        /** Device-code store. */
+        store?: Store | undefined;
+    };
+    type ReturnType = z.output<typeof pollResponse>;
+}
+/** Authorizes a pending device code after validating the signed key authorization. */
+export declare function authorize(options: authorize.Options): Promise<authorize.ReturnType>;
+export declare namespace authorize {
+    type Options = {
+        /** Chain ID embedded into the expected key authorization. Defaults to the client chain or tempo.id. */
+        chainId?: bigint | number | undefined;
+        /** Client used to verify the signed key authorization. */
+        client?: Client<Transport, Chain | undefined> | undefined;
+        /** Time source used for TTL evaluation. */
+        now?: (() => number) | undefined;
+        /** Authorize request body. */
+        request: z.output<typeof authorizeRequest>;
+        /** Device-code store. */
+        store?: Store | undefined;
+    };
+    type ReturnType = z.output<typeof authorizeResponse>;
+}
+//# sourceMappingURL=CliAuth.d.ts.map

package/dist/server/CliAuth.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"CliAuth.d.ts","sourceRoot":"","sources":["../../src/server/CliAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAmC,GAAG,EAAa,MAAM,IAAI,CAAA;AACpE,OAAO,EAA6C,iBAAiB,EAAE,MAAM,UAAU,CAAA;AACvF,OAAO,EAAsB,KAAK,KAAK,EAAE,KAAK,MAAM,EAAE,KAAK,SAAS,EAAE,MAAM,MAAM,CAAA;AAClF,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAA;AAG5C,OAAO,KAAK,CAAC,MAAM,UAAU,CAAA;AAG7B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAA;AACxD,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,SAAS,CAAA;AAEjC,oDAAoD;AACpD,eAAO,MAAM,OAAO,kHAA8E,CAAA;AAElG,iEAAiE;AACjE,eAAO,MAAM,gBAAgB;;;;;;;;;;;iBAQ3B,CAAA;AAEF,+CAA+C;AAC/C,eAAO,MAAM,aAAa;;;;;;;;;;iBAOxB,CAAA;AAEF,sDAAsD;AACtD,eAAO,MAAM,cAAc;;iBAEzB,CAAA;AAEF,qDAAqD;AACrD,eAAO,MAAM,WAAW;;iBAEtB,CAAA;AAEF,sDAAsD;AACtD,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAYvB,CAAA;AAEF,wDAAwD;AACxD,eAAO,MAAM,eAAe;;;;;;;;;;;;;iBAU1B,CAAA;AAEF,0CAA0C;AAC1C,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;iBAI3B,CAAA;AAEF,oDAAoD;AACpD,eAAO,MAAM,iBAAiB;;iBAE5B,CAAA;AAEF,uCAAuC;AACvC,eAAO,MAAM,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA+ChB,CAAA;AAEF,gCAAgC;AAChC,MAAM,MAAM,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,KAAK,CAAC,CAAA;AAE1C,oCAAoC;AACpC,MAAM,MAAM,KAAK,GAAG;IAClB,6CAA6C;IAC7C,MAAM,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC,OAAO,KAAK,YAAY,CAAC,IAAI,CAAC,CAAA;IACpD,sDAAsD;IACtD,GAAG,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,YAAY,CAAC,KAAK,GAAG,SAAS,CAAC,CAAA;IACtD,iDAAiD;IACjD,SAAS,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC,SAAS,CAAC,OAAO,KAAK,YAAY,CAAC,KAAK,CAAC,UAAU,GAAG,SAAS,CAAC,CAAA;IAC3F,uDAAuD;IACvD,OAAO,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,YAAY,CAAC,KAAK,CAAC,UAAU,GAAG,SAAS,CAAC,CAAA;IACrE,mCAAmC;IACnC,MAAM,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,YAAY,CAAC,IAAI,CAAC,CAAA;CAC7C,CAAA;AAED,MAAM,CAAC,OAAO,WAAW,KAAK,CAAC;IAC7B,iCAAiC;IACjC,KAAY,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,KAAK,CAAC,EAAE;QAAE,MAAM,EAAE,SAAS,CAAA;KAAE,CAAC,CAAA;IAC5E,oCAAoC;IACpC,KAAY,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,KAAK,CAAC,EAAE;QAAE,MAAM,EAAE,YAAY,CAAA;KAAE,CAAC,CAAA;IAClF,kCAAkC;IAClC,KAAY,QAAQ,GAAG,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,KAAK,CAAC,EAAE;QAAE,MAAM,EAAE,UAAU,CAAA;KAAE,CAAC,CAAA;CAC/E;AAED,MAAM,CAAC,OAAO,WAAW,KAAK,CAAC;IAC7B,UAAiB,SAAS,CAAC;QACzB,KAAY,OAAO,GAAG;YACpB,iDAAiD;YACjD,cAAc,EAAE,OAAO,CAAA;YACvB,gCAAgC;YAChC,gBAAgB,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,gBAAgB,CAAC,CAAA;YACnD,sCAAsC;YACtC,IAAI,EAAE,MAAM,CAAA;SACb,CAAA;KACF;IAED,UAAiB,EAAE,CAAC;QAClB,KAAY,OAAO,GAAG;YACpB,mDAAmD;YACnD,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;SACzB,CAAA;KACF;CACF;AAED,oFAAoF;AACpF,qBAAa,YAAa,SAAQ,KAAK;IACrC,MAAM,EAAE,GAAG,GAAG,GAAG,CAAA;gBAEL,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,GAAG;CAK/C;AAED,wEAAwE;AACxE,MAAM,MAAM,MAAM,GAAG;IACnB,qFAAqF;IACrF,QAAQ,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,OAAO,KAAK,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAA;CACzF,CAAA;AAED,MAAM,CAAC,OAAO,WAAW,MAAM,CAAC;IAC9B,UAAiB,QAAQ,CAAC;QACxB,KAAY,OAAO,GAAG;YACpB,0CAA0C;YAC1C,OAAO,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;YAC7B,gFAAgF;YAChF,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;YAC3B,0BAA0B;YAC1B,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,OAAO,CAAC,CAAA;YACjC,iCAAiC;YACjC,MAAM,CAAC,EAAE,SAAS;gBAAE,KAAK,EAAE,OAAO,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAA;aAAE,EAAE,GAAG,SAAS,CAAA;YACjE,uCAAuC;YACvC,MAAM,EAAE,GAAG,CAAC,GAAG,CAAA;SAChB,CAAA;QAED,KAAY,UAAU,GAAG;YACvB,4CAA4C;YAC5C,MAAM,EAAE,MAAM,CAAA;YACd,gCAAgC;YAChC,MAAM,CAAC,EAAE,SAAS;gBAAE,KAAK,EAAE,OAAO,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAA;aAAE,EAAE,GAAG,SAAS,CAAA;SAClE,CAAA;KACF;CACF;AAED,0CAA0C;AAC1C,eAAO,MAAM,KAAK;IAChB;;;;OAIG;cACO,KAAK;IAsCf;;;;;OAKG;WACI,EAAE,YAAW,KAAK,CAAC,EAAE,CAAC,OAAO,GAAQ,KAAK;CA+ClD,CAAA;AAED,+BAA+B;AAC/B,eAAO,MAAM,MAAM;IACjB,8EAA8E;aACrE,MAAM;IAUf,6CAA6C;iBAChC,MAAM,GAAG,MAAM;CAG7B,CAAA;AAED,4CAA4C;AAC5C,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,gBAAgB,CAAC,OAAO,GAChC,OAAO,CAAC,gBAAgB,CAAC,UAAU,CAAC,CA8CtC;AAED,MAAM,CAAC,OAAO,WAAW,gBAAgB,CAAC;IACxC,KAAY,OAAO,GAAG;QACpB,+EAA+E;QAC/E,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAA;QACrC,2CAA2C;QAC3C,GAAG,CAAC,EAAE,CAAC,MAAM,MAAM,CAAC,GAAG,SAAS,CAAA;QAChC,2DAA2D;QAC3D,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;QAC3B,mEAAmE;QACnE,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,MAAM,KAAK,UAAU,CAAC,GAAG,SAAS,CAAA;QACnD,6CAA6C;QAC7C,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,aAAa,CAAC,CAAA;QACvC,yBAAyB;QACzB,KAAK,CAAC,EAAE,KAAK,GAAG,SAAS,CAAA;QACzB,yDAAyD;QACzD,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;KAC3B,CAAA;IAED,KAAY,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,cAAc,CAAC,CAAA;CACzD;AAED,+DAA+D;AAC/D,wBAAsB,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAsBnF;AAED,MAAM,CAAC,OAAO,WAAW,OAAO,CAAC;IAC/B,KAAY,OAAO,GAAG;QACpB,6CAA6C;QAC7C,IAAI,EAAE,MAAM,CAAA;QACZ,2CAA2C;QAC3C,GAAG,CAAC,EAAE,CAAC,MAAM,MAAM,CAAC,GAAG,SAAS,CAAA;QAChC,yBAAyB;QACzB,KAAK,CAAC,EAAE,KAAK,GAAG,SAAS,CAAA;KAC1B,CAAA;IAED,KAAY,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,eAAe,CAAC,CAAA;CAC1D;AAED,kDAAkD;AAClD,wBAAsB,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAuB1E;AAED,MAAM,CAAC,OAAO,WAAW,IAAI,CAAC;IAC5B,KAAY,OAAO,GAAG;QACpB,6CAA6C;QAC7C,IAAI,EAAE,MAAM,CAAA;QACZ,2CAA2C;QAC3C,GAAG,CAAC,EAAE,CAAC,MAAM,MAAM,CAAC,GAAG,SAAS,CAAA;QAChC,yBAAyB;QACzB,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,WAAW,CAAC,CAAA;QACrC,yBAAyB;QACzB,KAAK,CAAC,EAAE,KAAK,GAAG,SAAS,CAAA;KAC1B,CAAA;IAED,KAAY,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,YAAY,CAAC,CAAA;CACvD;AAED,sFAAsF;AACtF,wBAAsB,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,UAAU,CAAC,CAoDzF;AAED,MAAM,CAAC,OAAO,WAAW,SAAS,CAAC;IACjC,KAAY,OAAO,GAAG;QACpB,uGAAuG;QACvG,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAA;QACrC,0DAA0D;QAC1D,MAAM,CAAC,EAAE,MAAM,CAAC,SAAS,EAAE,KAAK,GAAG,SAAS,CAAC,GAAG,SAAS,CAAA;QACzD,2CAA2C;QAC3C,GAAG,CAAC,EAAE,CAAC,MAAM,MAAM,CAAC,GAAG,SAAS,CAAA;QAChC,8BAA8B;QAC9B,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,gBAAgB,CAAC,CAAA;QAC1C,yBAAyB;QACzB,KAAK,CAAC,EAAE,KAAK,GAAG,SAAS,CAAA;KAC1B,CAAA;IAED,KAAY,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,iBAAiB,CAAC,CAAA;CAC5D"}