npm - agentic-qe - Versions diffs - 3.3.5 → 3.4.1 - Mend

agentic-qe 3.3.5 → 3.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (424) hide show

package/v3/dist/adapters/a2a/auth/oauth-provider.js ADDED Viewed

@@ -0,0 +1,573 @@
+/**
+ * A2A OAuth 2.0 Provider
+ *
+ * Implements OAuth 2.0 authorization server functionality including:
+ * - Authorization Code Flow (with PKCE support)
+ * - Client Credentials Flow
+ * - Token refresh
+ * - Token revocation
+ *
+ * @module adapters/a2a/auth/oauth-provider
+ * @see https://datatracker.ietf.org/doc/html/rfc6749
+ * @see https://datatracker.ietf.org/doc/html/rfc7636 (PKCE)
+ */
+import { createTokenStore } from './token-store.js';
+import { signAccessToken, verifyJWT, JWTError, } from './jwt-utils.js';
+import { validateScopes, normalizeScopes, DEFAULT_CLIENT_SCOPES, } from './scopes.js';
+/**
+ * Default OAuth 2.0 configuration values
+ */
+export const DEFAULT_OAUTH2_CONFIG = {
+    tokenTTL: 3600,
+    refreshTokenTTL: 2592000,
+    authorizationCodeTTL: 600,
+    requirePKCE: false,
+    allowRefreshTokens: true,
+};
+// ============================================================================
+// OAuth 2.0 Error Class
+// ============================================================================
+/**
+ * OAuth 2.0 error
+ */
+export class OAuth2ProviderError extends Error {
+    error;
+    errorDescription;
+    httpStatus;
+    constructor(error, description) {
+        super(description || error);
+        this.name = 'OAuth2ProviderError';
+        this.error = error;
+        this.errorDescription = description;
+        this.httpStatus = this.getHttpStatus(error);
+        if (Error.captureStackTrace) {
+            Error.captureStackTrace(this, OAuth2ProviderError);
+        }
+    }
+    getHttpStatus(error) {
+        switch (error) {
+            case 'invalid_client':
+            case 'access_denied':
+                return 401;
+            case 'unauthorized_client':
+                return 403;
+            case 'server_error':
+                return 500;
+            default:
+                return 400;
+        }
+    }
+    /**
+     * Convert to OAuth 2.0 error response format
+     */
+    toResponse() {
+        const response = {
+            error: this.error,
+        };
+        if (this.errorDescription) {
+            return { ...response, error_description: this.errorDescription };
+        }
+        return response;
+    }
+}
+/**
+ * OAuth 2.0 Authorization Server Provider
+ *
+ * Implements OAuth 2.0 token issuance and validation for the A2A protocol.
+ */
+export class OAuth2Provider {
+    config;
+    tokenStore;
+    constructor(config) {
+        this.config = {
+            ...DEFAULT_OAUTH2_CONFIG,
+            ...config,
+        };
+        this.tokenStore = createTokenStore(config.tokenStoreConfig);
+    }
+    // ============================================================================
+    // Client Management
+    // ============================================================================
+    /**
+     * Register a new client
+     *
+     * @param clientId - The client ID
+     * @param credentials - The client credentials
+     */
+    registerClient(clientId, credentials) {
+        this.config.clientCredentials.set(clientId, credentials);
+    }
+    /**
+     * Remove a client
+     *
+     * @param clientId - The client ID
+     * @returns True if the client was removed
+     */
+    removeClient(clientId) {
+        // Revoke all tokens for this client
+        this.tokenStore.revokeTokensByClient(clientId);
+        return this.config.clientCredentials.delete(clientId);
+    }
+    /**
+     * Validate client credentials
+     *
+     * @param clientId - The client ID
+     * @param clientSecret - The client secret (optional for public clients)
+     * @returns True if the credentials are valid
+     */
+    validateClient(clientId, clientSecret) {
+        const credentials = this.config.clientCredentials.get(clientId);
+        if (!credentials) {
+            return false;
+        }
+        if (credentials.active === false) {
+            return false;
+        }
+        // Public clients don't need a secret
+        if (!credentials.confidential && !clientSecret) {
+            return true;
+        }
+        // Confidential clients need a valid secret
+        if (credentials.confidential && !clientSecret) {
+            return false;
+        }
+        // Compare secrets
+        // Note: In production, use constant-time comparison and hashed secrets
+        return clientSecret === credentials.clientSecret;
+    }
+    /**
+     * Get client credentials
+     *
+     * @param clientId - The client ID
+     * @returns The client credentials or undefined
+     */
+    getClient(clientId) {
+        return this.config.clientCredentials.get(clientId);
+    }
+    // ============================================================================
+    // Authorization Code Flow
+    // ============================================================================
+    /**
+     * Generate an authorization code
+     *
+     * @param clientId - The client ID
+     * @param redirectUri - The redirect URI
+     * @param scope - Requested scopes
+     * @param state - Optional state parameter
+     * @param codeChallenge - PKCE code challenge
+     * @param codeChallengeMethod - PKCE method (S256 or plain)
+     * @returns The authorization code
+     */
+    generateAuthorizationCode(clientId, redirectUri, scope, state, codeChallenge, codeChallengeMethod) {
+        const credentials = this.config.clientCredentials.get(clientId);
+        if (!credentials) {
+            throw new OAuth2ProviderError('invalid_client', 'Client not found');
+        }
+        if (credentials.active === false) {
+            throw new OAuth2ProviderError('invalid_client', 'Client is not active');
+        }
+        // Validate redirect URI
+        if (credentials.redirectUris && !credentials.redirectUris.includes(redirectUri)) {
+            throw new OAuth2ProviderError('invalid_request', 'Invalid redirect URI');
+        }
+        // Validate PKCE if required
+        if (this.config.requirePKCE && !codeChallenge) {
+            throw new OAuth2ProviderError('invalid_request', 'PKCE code challenge required');
+        }
+        // Validate scopes
+        const requestedScopes = normalizeScopes(scope);
+        const validScopes = requestedScopes.filter((s) => credentials.allowedScopes.includes(s) || validateScopes([s], credentials.allowedScopes));
+        if (validScopes.length === 0) {
+            throw new OAuth2ProviderError('invalid_scope', 'No valid scopes requested');
+        }
+        // Generate authorization code
+        const code = this.generateSecureCode();
+        const now = Math.floor(Date.now() / 1000);
+        const expiresAt = now + this.config.authorizationCodeTTL;
+        // Store the authorization code
+        this.tokenStore.storeAuthorizationCode(code, {
+            clientId,
+            scopes: validScopes,
+            redirectUri,
+            state,
+            codeChallenge,
+            codeChallengeMethod,
+            issuedAt: now,
+            expiresAt,
+        });
+        return {
+            code,
+            clientId,
+            redirectUri,
+            scopes: validScopes,
+            state,
+            expiresAt: new Date(expiresAt * 1000),
+            codeChallenge,
+            codeChallengeMethod,
+        };
+    }
+    /**
+     * Exchange an authorization code for tokens
+     *
+     * @param code - The authorization code
+     * @param clientId - The client ID
+     * @param clientSecret - The client secret
+     * @param redirectUri - The redirect URI (must match original)
+     * @param codeVerifier - PKCE code verifier
+     * @returns Token pair
+     */
+    async exchangeCodeForTokens(code, clientId, clientSecret, redirectUri, codeVerifier) {
+        // Validate client
+        if (!this.validateClient(clientId, clientSecret)) {
+            throw new OAuth2ProviderError('invalid_client', 'Invalid client credentials');
+        }
+        // Get and consume authorization code
+        const authCode = this.tokenStore.consumeAuthorizationCode(code);
+        if (!authCode) {
+            throw new OAuth2ProviderError('invalid_grant', 'Invalid or expired authorization code');
+        }
+        // Validate client ID matches
+        if (authCode.clientId !== clientId) {
+            throw new OAuth2ProviderError('invalid_grant', 'Authorization code was not issued to this client');
+        }
+        // Validate redirect URI
+        if (authCode.redirectUri !== redirectUri) {
+            throw new OAuth2ProviderError('invalid_grant', 'Redirect URI does not match');
+        }
+        // Validate PKCE
+        if (authCode.codeChallenge) {
+            if (!codeVerifier) {
+                throw new OAuth2ProviderError('invalid_grant', 'Code verifier required');
+            }
+            const isValid = await this.verifyCodeChallenge(codeVerifier, authCode.codeChallenge, authCode.codeChallengeMethod || 'S256');
+            if (!isValid) {
+                throw new OAuth2ProviderError('invalid_grant', 'Code verifier is invalid');
+            }
+        }
+        // Generate tokens
+        return this.generateTokenPair(clientId, authCode.scopes);
+    }
+    // ============================================================================
+    // Client Credentials Flow
+    // ============================================================================
+    /**
+     * Issue tokens using client credentials grant
+     *
+     * @param clientId - The client ID
+     * @param clientSecret - The client secret
+     * @param scope - Requested scopes
+     * @returns Token pair
+     */
+    async clientCredentialsGrant(clientId, clientSecret, scope) {
+        // Validate client
+        if (!this.validateClient(clientId, clientSecret)) {
+            throw new OAuth2ProviderError('invalid_client', 'Invalid client credentials');
+        }
+        const credentials = this.config.clientCredentials.get(clientId);
+        // Determine scopes
+        let grantedScopes = credentials.allowedScopes;
+        if (scope && scope.length > 0) {
+            // Validate requested scopes
+            const requestedScopes = normalizeScopes(scope);
+            const invalidScopes = requestedScopes.filter((s) => !credentials.allowedScopes.includes(s) && !validateScopes([s], credentials.allowedScopes));
+            if (invalidScopes.length > 0) {
+                throw new OAuth2ProviderError('invalid_scope', `Invalid scopes: ${invalidScopes.join(', ')}`);
+            }
+            grantedScopes = requestedScopes;
+        }
+        // Generate tokens
+        return this.generateTokenPair(clientId, grantedScopes);
+    }
+    // ============================================================================
+    // Token Refresh
+    // ============================================================================
+    /**
+     * Refresh an access token
+     *
+     * @param refreshToken - The refresh token
+     * @param scope - Optional new scope (must be subset of original)
+     * @returns New token pair
+     */
+    async refreshAccessToken(refreshToken, scope) {
+        if (!this.config.allowRefreshTokens) {
+            throw new OAuth2ProviderError('unsupported_grant_type', 'Refresh tokens are not supported');
+        }
+        // Get refresh token claims
+        const claims = this.tokenStore.getRefreshTokenClaims(refreshToken);
+        if (!claims) {
+            throw new OAuth2ProviderError('invalid_grant', 'Invalid or expired refresh token');
+        }
+        // Determine new scopes
+        let grantedScopes = claims.scopes;
+        if (scope && scope.length > 0) {
+            // New scopes must be a subset of original scopes
+            const requestedScopes = normalizeScopes(scope);
+            const invalidScopes = requestedScopes.filter((s) => !claims.scopes.includes(s));
+            if (invalidScopes.length > 0) {
+                throw new OAuth2ProviderError('invalid_scope', 'Cannot request scopes beyond original grant');
+            }
+            grantedScopes = requestedScopes;
+        }
+        // Increment refresh token use count
+        this.tokenStore.incrementRefreshTokenUseCount(refreshToken);
+        // Revoke old refresh token and issue new tokens (rotation)
+        this.tokenStore.revokeToken(refreshToken);
+        return this.generateTokenPair(claims.clientId, grantedScopes);
+    }
+    // ============================================================================
+    // Token Revocation
+    // ============================================================================
+    /**
+     * Revoke a token
+     *
+     * @param token - The token to revoke
+     * @param tokenTypeHint - Optional hint about token type
+     */
+    revokeToken(token, tokenTypeHint) {
+        this.tokenStore.revokeToken(token);
+    }
+    /**
+     * Revoke all tokens for a client
+     *
+     * @param clientId - The client ID
+     * @returns Number of tokens revoked
+     */
+    revokeClientTokens(clientId) {
+        return this.tokenStore.revokeTokensByClient(clientId);
+    }
+    // ============================================================================
+    // Token Validation
+    // ============================================================================
+    /**
+     * Validate an access token
+     *
+     * @param token - The access token
+     * @param requiredScopes - Required scopes (optional)
+     * @returns The token payload if valid
+     */
+    async validateAccessToken(token, requiredScopes) {
+        // Check if revoked
+        if (this.tokenStore.isRevoked(token)) {
+            throw new OAuth2ProviderError('invalid_grant', 'Token has been revoked');
+        }
+        try {
+            // Verify JWT signature and claims
+            const payload = await verifyJWT(token, this.config.signingSecret, {
+                issuer: this.config.issuer,
+            });
+            // Check token type
+            if (payload.token_type !== 'access') {
+                throw new OAuth2ProviderError('invalid_grant', 'Invalid token type');
+            }
+            // Check required scopes
+            if (requiredScopes && requiredScopes.length > 0) {
+                const tokenScopes = payload.scope?.split(' ') || [];
+                if (!validateScopes(requiredScopes, tokenScopes)) {
+                    throw new OAuth2ProviderError('access_denied', 'Insufficient scope');
+                }
+            }
+            return payload;
+        }
+        catch (error) {
+            if (error instanceof JWTError) {
+                if (error.code === 'TOKEN_EXPIRED') {
+                    throw new OAuth2ProviderError('invalid_grant', 'Token has expired');
+                }
+                throw new OAuth2ProviderError('invalid_grant', 'Invalid token');
+            }
+            if (error instanceof OAuth2ProviderError) {
+                throw error;
+            }
+            throw new OAuth2ProviderError('server_error', 'Token validation failed');
+        }
+    }
+    /**
+     * Introspect a token
+     *
+     * @param token - The token to introspect
+     * @returns Token introspection response
+     */
+    async introspectToken(token) {
+        try {
+            const payload = await this.validateAccessToken(token);
+            return {
+                active: true,
+                scope: payload.scope,
+                client_id: payload.client_id,
+                exp: payload.exp,
+                iat: payload.iat,
+                sub: payload.sub,
+                token_type: 'Bearer',
+            };
+        }
+        catch {
+            return { active: false };
+        }
+    }
+    // ============================================================================
+    // Token Generation (Private)
+    // ============================================================================
+    /**
+     * Generate a token pair
+     */
+    async generateTokenPair(clientId, scopes) {
+        const now = Math.floor(Date.now() / 1000);
+        const accessTokenJti = crypto.randomUUID();
+        // Generate access token
+        const accessToken = await signAccessToken(clientId, scopes, this.config.signingSecret, {
+            issuer: this.config.issuer,
+            expiresIn: this.config.tokenTTL,
+            jti: accessTokenJti,
+        });
+        // Store access token
+        this.tokenStore.storeAccessToken(accessToken, {
+            clientId,
+            scopes,
+            issuedAt: now,
+            expiresAt: now + this.config.tokenTTL,
+            jti: accessTokenJti,
+        });
+        const result = {
+            accessToken,
+            tokenType: 'Bearer',
+            expiresIn: this.config.tokenTTL,
+            scope: scopes.join(' '),
+        };
+        // Generate refresh token if allowed
+        if (this.config.allowRefreshTokens) {
+            const refreshToken = this.generateSecureCode();
+            this.tokenStore.storeRefreshToken(refreshToken, {
+                clientId,
+                scopes,
+                tokenId: crypto.randomUUID(),
+                accessTokenJti,
+                useCount: 0,
+                issuedAt: now,
+                expiresAt: now + this.config.refreshTokenTTL,
+            });
+            return {
+                ...result,
+                refreshToken,
+                refreshExpiresIn: this.config.refreshTokenTTL,
+            };
+        }
+        return result;
+    }
+    /**
+     * Generate a secure random code
+     */
+    generateSecureCode() {
+        // Generate 32 random bytes and encode as base64url
+        const bytes = new Uint8Array(32);
+        crypto.getRandomValues(bytes);
+        return btoa(String.fromCharCode(...bytes))
+            .replace(/\+/g, '-')
+            .replace(/\//g, '_')
+            .replace(/=/g, '');
+    }
+    /**
+     * Verify PKCE code challenge
+     */
+    async verifyCodeChallenge(codeVerifier, codeChallenge, method) {
+        if (method === 'plain') {
+            return codeVerifier === codeChallenge;
+        }
+        // S256: SHA-256 hash of verifier
+        const encoder = new TextEncoder();
+        const data = encoder.encode(codeVerifier);
+        const hash = await crypto.subtle.digest('SHA-256', data);
+        const hashArray = new Uint8Array(hash);
+        const computed = btoa(String.fromCharCode(...hashArray))
+            .replace(/\+/g, '-')
+            .replace(/\//g, '_')
+            .replace(/=/g, '');
+        return computed === codeChallenge;
+    }
+    // ============================================================================
+    // Discovery Metadata
+    // ============================================================================
+    /**
+     * Get OAuth 2.0 authorization server metadata
+     *
+     * @returns OpenID Connect Discovery metadata
+     */
+    getMetadata() {
+        return {
+            issuer: this.config.issuer,
+            authorization_endpoint: this.config.authorizationEndpoint,
+            token_endpoint: this.config.tokenEndpoint,
+            token_endpoint_auth_methods_supported: ['client_secret_basic', 'client_secret_post'],
+            grant_types_supported: [
+                'authorization_code',
+                'client_credentials',
+                ...(this.config.allowRefreshTokens ? ['refresh_token'] : []),
+            ],
+            response_types_supported: ['code'],
+            scopes_supported: Object.keys(DEFAULT_CLIENT_SCOPES),
+            code_challenge_methods_supported: ['S256', 'plain'],
+        };
+    }
+    // ============================================================================
+    // Lifecycle
+    // ============================================================================
+    /**
+     * Get provider statistics
+     */
+    getStats() {
+        return {
+            tokenStats: this.tokenStore.getStats(),
+            clientCount: this.config.clientCredentials.size,
+        };
+    }
+    /**
+     * Clean up expired tokens
+     */
+    cleanup() {
+        return this.tokenStore.cleanup();
+    }
+    /**
+     * Destroy the provider
+     */
+    destroy() {
+        this.tokenStore.destroy();
+    }
+}
+// ============================================================================
+// Factory Function
+// ============================================================================
+/**
+ * Create a new OAuth2Provider instance
+ *
+ * @param config - Provider configuration
+ * @returns A new OAuth2Provider
+ */
+export function createOAuth2Provider(config) {
+    return new OAuth2Provider(config);
+}
+/**
+ * Create a simple OAuth2Provider for testing
+ *
+ * @param signingSecret - The JWT signing secret
+ * @returns A configured OAuth2Provider
+ */
+export function createTestOAuth2Provider(signingSecret = 'test-secret') {
+    return new OAuth2Provider({
+        issuer: 'http://localhost:3000',
+        tokenEndpoint: 'http://localhost:3000/oauth/token',
+        authorizationEndpoint: 'http://localhost:3000/oauth/authorize',
+        clientCredentials: new Map([
+            [
+                'test-client',
+                {
+                    clientSecret: 'test-secret',
+                    name: 'Test Client',
+                    allowedScopes: ['platform:read', 'agent:read', 'task:read', 'task:create'],
+                    confidential: true,
+                    active: true,
+                },
+            ],
+        ]),
+        signingSecret,
+    });
+}
+//# sourceMappingURL=oauth-provider.js.map

package/v3/dist/adapters/a2a/auth/oauth-provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"oauth-provider.js","sourceRoot":"","sources":["../../../../src/adapters/a2a/auth/oauth-provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAc,gBAAgB,EAAyB,MAAM,kBAAkB,CAAC;AACvF,OAAO,EACL,eAAe,EAEf,SAAS,EAET,QAAQ,GAET,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,cAAc,EAEd,eAAe,EACf,qBAAqB,GAEtB,MAAM,aAAa,CAAC;AAyErB;;GAEG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACnC,QAAQ,EAAE,IAAI;IACd,eAAe,EAAE,OAAO;IACxB,oBAAoB,EAAE,GAAG;IACzB,WAAW,EAAE,KAAK;IAClB,kBAAkB,EAAE,IAAI;CAChB,CAAC;AAsFX,+EAA+E;AAC/E,wBAAwB;AACxB,+EAA+E;AAE/E;;GAEG;AACH,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IAC5B,KAAK,CAAkB;IACvB,gBAAgB,CAAU;IAC1B,UAAU,CAAS;IAEnC,YAAY,KAAsB,EAAE,WAAoB;QACtD,KAAK,CAAC,WAAW,IAAI,KAAK,CAAC,CAAC;QAC5B,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;QAClC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,gBAAgB,GAAG,WAAW,CAAC;QACpC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAE5C,IAAI,KAAK,CAAC,iBAAiB,EAAE,CAAC;YAC5B,KAAK,CAAC,iBAAiB,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAEO,aAAa,CAAC,KAAsB;QAC1C,QAAQ,KAAK,EAAE,CAAC;YACd,KAAK,gBAAgB,CAAC;YACtB,KAAK,eAAe;gBAClB,OAAO,GAAG,CAAC;YACb,KAAK,qBAAqB;gBACxB,OAAO,GAAG,CAAC;YACb,KAAK,cAAc;gBACjB,OAAO,GAAG,CAAC;YACb;gBACE,OAAO,GAAG,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACH,UAAU;QACR,MAAM,QAAQ,GAAgB;YAC5B,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC;QAEF,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC1B,OAAO,EAAE,GAAG,QAAQ,EAAE,iBAAiB,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACnE,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AAWD;;;;GAIG;AACH,MAAM,OAAO,cAAc;IACR,MAAM,CAAuB;IAC7B,UAAU,CAAa;IAExC,YAAY,MAAoB;QAC9B,IAAI,CAAC,MAAM,GAAG;YACZ,GAAG,qBAAqB;YACxB,GAAG,MAAM;SACc,CAAC;QAC1B,IAAI,CAAC,UAAU,GAAG,gBAAgB,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;IAC9D,CAAC;IAED,+EAA+E;IAC/E,oBAAoB;IACpB,+EAA+E;IAE/E;;;;;OAKG;IACH,cAAc,CAAC,QAAgB,EAAE,WAA8B;QAC7D,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IAC3D,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,QAAgB;QAC3B,oCAAoC;QACpC,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QAE/C,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC;IAED;;;;;;OAMG;IACH,cAAc,CAAC,QAAgB,EAAE,YAAqB;QACpD,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEhE,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,WAAW,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACjC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,qCAAqC;QACrC,IAAI,CAAC,WAAW,CAAC,YAAY,IAAI,CAAC,YAAY,EAAE,CAAC;YAC/C,OAAO,IAAI,CAAC;QACd,CAAC;QAED,2CAA2C;QAC3C,IAAI,WAAW,CAAC,YAAY,IAAI,CAAC,YAAY,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,kBAAkB;QAClB,uEAAuE;QACvE,OAAO,YAAY,KAAK,WAAW,CAAC,YAAY,CAAC;IACnD,CAAC;IAED;;;;;OAKG;IACH,SAAS,CAAC,QAAgB;QACxB,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACrD,CAAC;IAED,+EAA+E;IAC/E,0BAA0B;IAC1B,+EAA+E;IAE/E;;;;;;;;;;OAUG;IACH,yBAAyB,CACvB,QAAgB,EAChB,WAAmB,EACnB,KAAe,EACf,KAAc,EACd,aAAsB,EACtB,mBAAsC;QAEtC,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEhE,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,mBAAmB,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,CAAC;QACtE,CAAC;QAED,IAAI,WAAW,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACjC,MAAM,IAAI,mBAAmB,CAAC,gBAAgB,EAAE,sBAAsB,CAAC,CAAC;QAC1E,CAAC;QAED,wBAAwB;QACxB,IAAI,WAAW,CAAC,YAAY,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YAChF,MAAM,IAAI,mBAAmB,CAAC,iBAAiB,EAAE,sBAAsB,CAAC,CAAC;QAC3E,CAAC;QAED,4BAA4B;QAC5B,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,CAAC,aAAa,EAAE,CAAC;YAC9C,MAAM,IAAI,mBAAmB,CAAC,iBAAiB,EAAE,8BAA8B,CAAC,CAAC;QACnF,CAAC;QAED,kBAAkB;QAClB,MAAM,eAAe,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;QAC/C,MAAM,WAAW,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAC/C,WAAW,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,aAAa,CAAC,CACxF,CAAC;QAEF,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,2BAA2B,CAAC,CAAC;QAC9E,CAAC;QAED,8BAA8B;QAC9B,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACvC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC;QAEzD,+BAA+B;QAC/B,IAAI,CAAC,UAAU,CAAC,sBAAsB,CAAC,IAAI,EAAE;YAC3C,QAAQ;YACR,MAAM,EAAE,WAAW;YACnB,WAAW;YACX,KAAK;YACL,aAAa;YACb,mBAAmB;YACnB,QAAQ,EAAE,GAAG;YACb,SAAS;SACV,CAAC,CAAC;QAEH,OAAO;YACL,IAAI;YACJ,QAAQ;YACR,WAAW;YACX,MAAM,EAAE,WAAW;YACnB,KAAK;YACL,SAAS,EAAE,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;YACrC,aAAa;YACb,mBAAmB;SACpB,CAAC;IACJ,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,qBAAqB,CACzB,IAAY,EACZ,QAAgB,EAChB,YAAoB,EACpB,WAAmB,EACnB,YAAqB;QAErB,kBAAkB;QAClB,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,YAAY,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,mBAAmB,CAAC,gBAAgB,EAAE,4BAA4B,CAAC,CAAC;QAChF,CAAC;QAED,qCAAqC;QACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;QAEhE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,uCAAuC,CAAC,CAAC;QAC1F,CAAC;QAED,6BAA6B;QAC7B,IAAI,QAAQ,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACnC,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,kDAAkD,CAAC,CAAC;QACrG,CAAC;QAED,wBAAwB;QACxB,IAAI,QAAQ,CAAC,WAAW,KAAK,WAAW,EAAE,CAAC;YACzC,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,6BAA6B,CAAC,CAAC;QAChF,CAAC;QAED,gBAAgB;QAChB,IAAI,QAAQ,CAAC,aAAa,EAAE,CAAC;YAC3B,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,wBAAwB,CAAC,CAAC;YAC3E,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAC5C,YAAY,EACZ,QAAQ,CAAC,aAAa,EACtB,QAAQ,CAAC,mBAAmB,IAAI,MAAM,CACvC,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,0BAA0B,CAAC,CAAC;YAC7E,CAAC;QACH,CAAC;QAED,kBAAkB;QAClB,OAAO,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC3D,CAAC;IAED,+EAA+E;IAC/E,0BAA0B;IAC1B,+EAA+E;IAE/E;;;;;;;OAOG;IACH,KAAK,CAAC,sBAAsB,CAC1B,QAAgB,EAChB,YAAoB,EACpB,KAAgB;QAEhB,kBAAkB;QAClB,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,YAAY,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,mBAAmB,CAAC,gBAAgB,EAAE,4BAA4B,CAAC,CAAC;QAChF,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,GAAG,CAAC,QAAQ,CAAE,CAAC;QAEjE,mBAAmB;QACnB,IAAI,aAAa,GAAG,WAAW,CAAC,aAAa,CAAC;QAE9C,IAAI,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9B,4BAA4B;YAC5B,MAAM,eAAe,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;YAC/C,MAAM,aAAa,GAAG,eAAe,CAAC,MAAM,CAC1C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,aAAa,CAAC,CACjG,CAAC;YAEF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,MAAM,IAAI,mBAAmB,CAC3B,eAAe,EACf,mBAAmB,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC9C,CAAC;YACJ,CAAC;YAED,aAAa,GAAG,eAAe,CAAC;QAClC,CAAC;QAED,kBAAkB;QAClB,OAAO,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;IACzD,CAAC;IAED,+EAA+E;IAC/E,gBAAgB;IAChB,+EAA+E;IAE/E;;;;;;OAMG;IACH,KAAK,CAAC,kBAAkB,CAAC,YAAoB,EAAE,KAAgB;QAC7D,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YACpC,MAAM,IAAI,mBAAmB,CAAC,wBAAwB,EAAE,kCAAkC,CAAC,CAAC;QAC9F,CAAC;QAED,2BAA2B;QAC3B,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC;QAEnE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,kCAAkC,CAAC,CAAC;QACrF,CAAC;QAED,uBAAuB;QACvB,IAAI,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC;QAElC,IAAI,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9B,iDAAiD;YACjD,MAAM,eAAe,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;YAC/C,MAAM,aAAa,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YAEhF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,MAAM,IAAI,mBAAmB,CAC3B,eAAe,EACf,6CAA6C,CAC9C,CAAC;YACJ,CAAC;YAED,aAAa,GAAG,eAAe,CAAC;QAClC,CAAC;QAED,oCAAoC;QACpC,IAAI,CAAC,UAAU,CAAC,6BAA6B,CAAC,YAAY,CAAC,CAAC;QAE5D,2DAA2D;QAC3D,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;QAE1C,OAAO,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;IAChE,CAAC;IAED,+EAA+E;IAC/E,mBAAmB;IACnB,+EAA+E;IAE/E;;;;;OAKG;IACH,WAAW,CAAC,KAAa,EAAE,aAAgD;QACzE,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC;IAED;;;;;OAKG;IACH,kBAAkB,CAAC,QAAgB;QACjC,OAAO,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC;IAED,+EAA+E;IAC/E,mBAAmB;IACnB,+EAA+E;IAE/E;;;;;;OAMG;IACH,KAAK,CAAC,mBAAmB,CACvB,KAAa,EACb,cAAyB;QAEzB,mBAAmB;QACnB,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,wBAAwB,CAAC,CAAC;QAC3E,CAAC;QAED,IAAI,CAAC;YACH,kCAAkC;YAClC,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;gBAChE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;aAC3B,CAAC,CAAC;YAEH,mBAAmB;YACnB,IAAI,OAAO,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;gBACpC,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,oBAAoB,CAAC,CAAC;YACvE,CAAC;YAED,wBAAwB;YACxB,IAAI,cAAc,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBACpD,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,WAAW,CAAC,EAAE,CAAC;oBACjD,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,oBAAoB,CAAC,CAAC;gBACvE,CAAC;YACH,CAAC;YAED,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,QAAQ,EAAE,CAAC;gBAC9B,IAAI,KAAK,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;oBACnC,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,mBAAmB,CAAC,CAAC;gBACtE,CAAC;gBACD,MAAM,IAAI,mBAAmB,CAAC,eAAe,EAAE,eAAe,CAAC,CAAC;YAClE,CAAC;YACD,IAAI,KAAK,YAAY,mBAAmB,EAAE,CAAC;gBACzC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,mBAAmB,CAAC,cAAc,EAAE,yBAAyB,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,eAAe,CAAC,KAAa;QASjC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YAEtD,OAAO;gBACL,MAAM,EAAE,IAAI;gBACZ,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,GAAG,EAAE,OAAO,CAAC,GAAG;gBAChB,GAAG,EAAE,OAAO,CAAC,GAAG;gBAChB,GAAG,EAAE,OAAO,CAAC,GAAG;gBAChB,UAAU,EAAE,QAAQ;aACrB,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,+EAA+E;IAC/E,6BAA6B;IAC7B,+EAA+E;IAE/E;;OAEG;IACK,KAAK,CAAC,iBAAiB,CAAC,QAAgB,EAAE,MAAgB;QAChE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,cAAc,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAE3C,wBAAwB;QACxB,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;YACrF,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC/B,GAAG,EAAE,cAAc;SACpB,CAAC,CAAC;QAEH,qBAAqB;QACrB,IAAI,CAAC,UAAU,CAAC,gBAAgB,CAAC,WAAW,EAAE;YAC5C,QAAQ;YACR,MAAM;YACN,QAAQ,EAAE,GAAG;YACb,SAAS,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ;YACrC,GAAG,EAAE,cAAc;SACpB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAc;YACxB,WAAW;YACX,SAAS,EAAE,QAAQ;YACnB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC/B,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;SACxB,CAAC;QAEF,oCAAoC;QACpC,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YACnC,MAAM,YAAY,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAE/C,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAC,YAAY,EAAE;gBAC9C,QAAQ;gBACR,MAAM;gBACN,OAAO,EAAE,MAAM,CAAC,UAAU,EAAE;gBAC5B,cAAc;gBACd,QAAQ,EAAE,CAAC;gBACX,QAAQ,EAAE,GAAG;gBACb,SAAS,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe;aAC7C,CAAC,CAAC;YAEH,OAAO;gBACL,GAAG,MAAM;gBACT,YAAY;gBACZ,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;aAC9C,CAAC;QACJ,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACK,kBAAkB;QACxB,mDAAmD;QACnD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC;aACvC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACvB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,mBAAmB,CAC/B,YAAoB,EACpB,aAAqB,EACrB,MAAwB;QAExB,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;YACvB,OAAO,YAAY,KAAK,aAAa,CAAC;QACxC,CAAC;QAED,iCAAiC;QACjC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACzD,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,SAAS,CAAC,CAAC;aACrD,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aACnB,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAErB,OAAO,QAAQ,KAAK,aAAa,CAAC;IACpC,CAAC;IAED,+EAA+E;IAC/E,qBAAqB;IACrB,+EAA+E;IAE/E;;;;OAIG;IACH,WAAW;QACT,OAAO;YACL,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,sBAAsB,EAAE,IAAI,CAAC,MAAM,CAAC,qBAAqB;YACzD,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;YACzC,qCAAqC,EAAE,CAAC,qBAAqB,EAAE,oBAAoB,CAAC;YACpF,qBAAqB,EAAE;gBACrB,oBAAoB;gBACpB,oBAAoB;gBACpB,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7D;YACD,wBAAwB,EAAE,CAAC,MAAM,CAAC;YAClC,gBAAgB,EAAE,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC;YACpD,gCAAgC,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;SACpD,CAAC;IACJ,CAAC;IAED,+EAA+E;IAC/E,YAAY;IACZ,+EAA+E;IAE/E;;OAEG;IACH,QAAQ;QAIN,OAAO;YACL,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE;YACtC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI;SAChD,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,OAAO;QACL,OAAO,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,OAAO;QACL,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;IAC5B,CAAC;CACF;AAED,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,MAAoB;IACvD,OAAO,IAAI,cAAc,CAAC,MAAM,CAAC,CAAC;AACpC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,wBAAwB,CAAC,gBAAwB,aAAa;IAC5E,OAAO,IAAI,cAAc,CAAC;QACxB,MAAM,EAAE,uBAAuB;QAC/B,aAAa,EAAE,mCAAmC;QAClD,qBAAqB,EAAE,uCAAuC;QAC9D,iBAAiB,EAAE,IAAI,GAAG,CAAC;YACzB;gBACE,aAAa;gBACb;oBACE,YAAY,EAAE,aAAa;oBAC3B,IAAI,EAAE,aAAa;oBACnB,aAAa,EAAE,CAAC,eAAe,EAAE,YAAY,EAAE,WAAW,EAAE,aAAa,CAAC;oBAC1E,YAAY,EAAE,IAAI;oBAClB,MAAM,EAAE,IAAI;iBACb;aACF;SACF,CAAC;QACF,aAAa;KACd,CAAC,CAAC;AACL,CAAC"}