alepha 0.22.0 → 0.23.0

package/dist/react/sitemap/index.browser.js

@@ -0,0 +1,35 @@
+import { $module, KIND, Primitive, createPrimitive } from "alepha";
+//#region ../../src/react/sitemap/primitives/$sitemap.browser.ts
+/**
+* Browser variant of {@link $sitemap}.
+*
+* The sitemap is a server-only route — there is nothing to register in the
+* client bundle, so this is a no-op primitive. It exists only to keep
+* `$sitemap()` valid as an isomorphic router field; the real implementation
+* lives in `$sitemap.ts` (server entry).
+*/
+const $sitemap = (options = {}) => {
+	return createPrimitive(SitemapPrimitive, options);
+};
+var SitemapPrimitive = class extends Primitive {
+	onInit() {}
+};
+$sitemap[KIND] = SitemapPrimitive;
+//#endregion
+//#region ../../src/react/sitemap/index.browser.ts
+/**
+* Sitemap generation for React applications (browser entry).
+*
+* The sitemap route only exists server-side, so the browser build ships a
+* no-op {@link $sitemap}. See the server entry for the real implementation.
+*
+* @module alepha.react.sitemap
+*/
+const AlephaReactSitemap = $module({
+	name: "alepha.react.sitemap",
+	primitives: [$sitemap]
+});
+//#endregion
+export { $sitemap, AlephaReactSitemap, SitemapPrimitive };
+
+//# sourceMappingURL=index.browser.js.map

package/dist/react/sitemap/index.browser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.browser.js","names":[],"sources":["../../../src/react/sitemap/primitives/$sitemap.browser.ts","../../../src/react/sitemap/index.browser.ts"],"sourcesContent":["import { createPrimitive, KIND, Primitive } from \"alepha\";\nimport type { SitemapPrimitiveOptions } from \"./$sitemap.ts\";\n\nexport type { SitemapPrimitiveOptions } from \"./$sitemap.ts\";\n\n/**\n * Browser variant of {@link $sitemap}.\n *\n * The sitemap is a server-only route — there is nothing to register in the\n * client bundle, so this is a no-op primitive. It exists only to keep\n * `$sitemap()` valid as an isomorphic router field; the real implementation\n * lives in `$sitemap.ts` (server entry).\n */\nexport const $sitemap = (\n  options: SitemapPrimitiveOptions = {},\n): SitemapPrimitive => {\n  return createPrimitive(SitemapPrimitive, options);\n};\n\nexport class SitemapPrimitive extends Primitive<SitemapPrimitiveOptions> {\n  protected onInit() {\n    // no-op in the browser\n  }\n}\n\n$sitemap[KIND] = SitemapPrimitive;\n","import { $module } from \"alepha\";\nimport { $sitemap } from \"./primitives/$sitemap.browser.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./primitives/$sitemap.browser.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\n/**\n * Sitemap generation for React applications (browser entry).\n *\n * The sitemap route only exists server-side, so the browser build ships a\n * no-op {@link $sitemap}. See the server entry for the real implementation.\n *\n * @module alepha.react.sitemap\n */\nexport const AlephaReactSitemap = $module({\n  name: \"alepha.react.sitemap\",\n  primitives: [$sitemap],\n});\n"],"mappings":";;;;;;;;;;AAaA,MAAa,YACX,UAAmC,CAAC,MACf;CACrB,OAAO,gBAAgB,kBAAkB,OAAO;AAClD;AAEA,IAAa,mBAAb,cAAsC,UAAmC;CACvE,SAAmB,CAEnB;AACF;AAEA,SAAS,QAAQ;;;;;;;;;;;ACRjB,MAAa,qBAAqB,QAAQ;CACxC,MAAM;CACN,YAAY,CAAC,QAAQ;AACvB,CAAC"}

package/dist/react/sitemap/index.d.ts

@@ -0,0 +1,92 @@
+import { KIND, Primitive } from "alepha";
+import { DateTimeProvider } from "alepha/datetime";
+import { ServerRouterProvider } from "alepha/server";
+
+//#region ../../src/react/sitemap/primitives/$sitemap.d.ts
+/**
+ * Expose a `sitemap.xml` generated from the application's `$page` primitives.
+ *
+ * Registers a `GET /sitemap.xml` route that reads every registered page at
+ * request time and emits a standard XML sitemap. Marked `static` by default, so
+ * the build prerenders it to `dist/public/sitemap.xml` for static deployments —
+ * while SSR runtimes also serve it live.
+ *
+ * The hostname comes from `options.hostname`, falling back to `PUBLIC_URL`, then
+ * to `""` (relative URLs).
+ *
+ * @example
+ * ```ts
+ * import { $sitemap } from "alepha/react/sitemap";
+ *
+ * class AppRouter {
+ *   sitemap = $sitemap();
+ * }
+ * ```
+ */
+declare const $sitemap: {
+  (options?: SitemapPrimitiveOptions): SitemapPrimitive;
+  [KIND]: typeof SitemapPrimitive;
+};
+interface SitemapPrimitiveOptions {
+  /**
+   * Absolute base URL used to build `<loc>` entries (e.g. "https://alepha.dev").
+   *
+   * Defaults to `PUBLIC_URL`, then to `""` (relative URLs).
+   */
+  hostname?: string;
+  /**
+   * Route path the sitemap is served at.
+   *
+   * @default "/sitemap.xml"
+   */
+  path?: string;
+  /**
+   * Prerender the sitemap to a static file at build time.
+   *
+   * @default true
+   */
+  static?: boolean;
+}
+declare class SitemapPrimitive extends Primitive<SitemapPrimitiveOptions> {
+  protected readonly router: ServerRouterProvider;
+  protected readonly dateTime: DateTimeProvider;
+  protected onInit(): void;
+  /**
+   * Render the sitemap to its path and body. Used by the build to snapshot the
+   * sitemap to a static file.
+   */
+  prerender(): {
+    path: string;
+    body: string;
+  };
+  /**
+   * Build the sitemap XML from the application's page primitives.
+   */
+  protected buildSitemap(): string;
+  /**
+   * Select the pages that should appear in the sitemap.
+   *
+   * Excludes layout pages (with `children`), wildcard paths, and `/404`.
+   * Parameterized pages are included only when they declare `static.entries`.
+   */
+  protected getSitemapPages(): any[];
+  protected generateSitemapFromPages(pages: any[], baseUrl: string): string;
+  protected buildPathFromParams(pathPattern: string, params: Record<string, any>): string;
+  protected buildSitemapXml(urls: string[]): string;
+  protected escapeXml(str: string): string;
+}
+//#endregion
+//#region ../../src/react/sitemap/index.d.ts
+/**
+ * Sitemap generation for React applications.
+ *
+ * Exposes the {@link $sitemap} primitive, which serves a `sitemap.xml` built
+ * from the app's `$page` primitives — live at request time and prerendered to a
+ * static file at build time.
+ *
+ * @module alepha.react.sitemap
+ */
+declare const AlephaReactSitemap: import("alepha").Service<import("alepha").Module>;
+//#endregion
+export { $sitemap, AlephaReactSitemap, SitemapPrimitive, SitemapPrimitiveOptions };
+//# sourceMappingURL=index.d.ts.map

package/dist/react/sitemap/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","names":[],"sources":["../../../src/react/sitemap/primitives/$sitemap.ts","../../../src/react/sitemap/index.ts"],"mappings":";;;;;;;AAwBA;;;;;;;;;;;;;;;;AAQA;;cARa,QAAA;EAAA,WACF,uBAAA,GACR,gBAAA;EAAA;;UAMc,uBAAA;EAoBT;AAAA;AAKR;;;EAnBE,QAAA;EAoByB;;;;;EAbzB,IAAA;EAYoC;;;;;EALpC,MAAA;AAAA;AAAA,cAKW,gBAAA,SAAyB,SAAA,CAAU,uBAAA;EAAA,mBAC3B,MAAA,EAAM,oBAAA;EAAA,mBACN,QAAA,EAAQ,gBAAA;EAAA,UAEjB,MAAA;EAwCA;;;;EAvBH,SAAA;IAAe,IAAA;IAAc,IAAA;EAAA;EA4F1B;;;EAAA,UAlFA,YAAA;EAiGqB;AAAA;;;;ACrKjC;EDqKiC,UApFrB,eAAA;EAAA,UA4BA,wBAAA,CAAyB,KAAA,SAAc,OAAA;EAAA,UA8BvC,mBAAA,CACR,WAAA,UACA,MAAA,EAAQ,MAAA;EAAA,UASA,eAAA,CAAgB,IAAA;EAAA,UAehB,SAAA,CAAU,GAAA;AAAA;;;;;;;AAjKtB;;;;;cCJa,kBAAA,mBAAkB,OAAA,kBAAA,MAAA"}

package/dist/react/sitemap/index.js

@@ -0,0 +1,131 @@
+import { $inject, $module, KIND, Primitive, createPrimitive } from "alepha";
+import { AlephaDateTime, DateTimeProvider } from "alepha/datetime";
+import { AlephaServer, ServerRouterProvider } from "alepha/server";
+//#region ../../src/react/sitemap/primitives/$sitemap.ts
+/**
+* Expose a `sitemap.xml` generated from the application's `$page` primitives.
+*
+* Registers a `GET /sitemap.xml` route that reads every registered page at
+* request time and emits a standard XML sitemap. Marked `static` by default, so
+* the build prerenders it to `dist/public/sitemap.xml` for static deployments —
+* while SSR runtimes also serve it live.
+*
+* The hostname comes from `options.hostname`, falling back to `PUBLIC_URL`, then
+* to `""` (relative URLs).
+*
+* @example
+* ```ts
+* import { $sitemap } from "alepha/react/sitemap";
+*
+* class AppRouter {
+*   sitemap = $sitemap();
+* }
+* ```
+*/
+const $sitemap = (options = {}) => {
+	return createPrimitive(SitemapPrimitive, options);
+};
+var SitemapPrimitive = class extends Primitive {
+	router = $inject(ServerRouterProvider);
+	dateTime = $inject(DateTimeProvider);
+	onInit() {
+		this.router.createRoute({
+			method: "GET",
+			path: this.options.path ?? "/sitemap.xml",
+			static: this.options.static ?? true,
+			silent: true,
+			handler: (request) => {
+				request.reply.setHeader("content-type", "application/xml");
+				return this.buildSitemap();
+			}
+		});
+	}
+	/**
+	* Render the sitemap to its path and body. Used by the build to snapshot the
+	* sitemap to a static file.
+	*/
+	prerender() {
+		return {
+			path: this.options.path ?? "/sitemap.xml",
+			body: this.buildSitemap()
+		};
+	}
+	/**
+	* Build the sitemap XML from the application's page primitives.
+	*/
+	buildSitemap() {
+		const hostname = this.options.hostname ?? String(this.alepha.env.PUBLIC_URL ?? "");
+		const pages = this.getSitemapPages();
+		return this.generateSitemapFromPages(pages, hostname);
+	}
+	/**
+	* Select the pages that should appear in the sitemap.
+	*
+	* Excludes layout pages (with `children`), wildcard paths, and `/404`.
+	* Parameterized pages are included only when they declare `static.entries`.
+	*/
+	getSitemapPages() {
+		return this.alepha.primitives("page").filter((page) => {
+			const options = page.options;
+			const path = options.path ?? "";
+			if (options.children) return false;
+			if (path.includes("*")) return false;
+			if (path === "/404") return false;
+			if (!options.schema?.params) return true;
+			if (options.static && typeof options.static === "object" && options.static.entries) return true;
+			return false;
+		});
+	}
+	generateSitemapFromPages(pages, baseUrl) {
+		const urls = [];
+		const normalizedBaseUrl = baseUrl.replace(/\/$/, "");
+		for (const page of pages) {
+			const options = page.options;
+			if (!options.schema?.params) {
+				const path = options.path || "";
+				const url = `${normalizedBaseUrl}${path === "" ? "/" : path}`;
+				urls.push(url);
+			} else if (options.static && typeof options.static === "object" && options.static.entries) for (const entry of options.static.entries) {
+				const url = `${normalizedBaseUrl}${this.buildPathFromParams(options.path || "", entry.params || {})}`;
+				urls.push(url);
+			}
+		}
+		return this.buildSitemapXml(urls);
+	}
+	buildPathFromParams(pathPattern, params) {
+		let path = pathPattern;
+		for (const [key, value] of Object.entries(params)) path = path.replace(`:${key}`, String(value));
+		return path || "/";
+	}
+	buildSitemapXml(urls) {
+		const lastMod = this.dateTime.now().format("YYYY-MM-DD");
+		return `<?xml version="1.0" encoding="UTF-8"?>
+<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
+${urls.map((url) => `  <url>\n    <loc>${this.escapeXml(url)}</loc>\n    <lastmod>${lastMod}</lastmod>\n  </url>`).join("\n")}
+</urlset>`;
+	}
+	escapeXml(str) {
+		return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
+	}
+};
+$sitemap[KIND] = SitemapPrimitive;
+//#endregion
+//#region ../../src/react/sitemap/index.ts
+/**
+* Sitemap generation for React applications.
+*
+* Exposes the {@link $sitemap} primitive, which serves a `sitemap.xml` built
+* from the app's `$page` primitives — live at request time and prerendered to a
+* static file at build time.
+*
+* @module alepha.react.sitemap
+*/
+const AlephaReactSitemap = $module({
+	name: "alepha.react.sitemap",
+	imports: [AlephaServer, AlephaDateTime],
+	primitives: [$sitemap]
+});
+//#endregion
+export { $sitemap, AlephaReactSitemap, SitemapPrimitive };
+
+//# sourceMappingURL=index.js.map

package/dist/react/sitemap/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","names":[],"sources":["../../../src/react/sitemap/primitives/$sitemap.ts","../../../src/react/sitemap/index.ts"],"sourcesContent":["import { $inject, createPrimitive, KIND, Primitive } from \"alepha\";\nimport { DateTimeProvider } from \"alepha/datetime\";\nimport { type ServerRequest, ServerRouterProvider } from \"alepha/server\";\n\n/**\n * Expose a `sitemap.xml` generated from the application's `$page` primitives.\n *\n * Registers a `GET /sitemap.xml` route that reads every registered page at\n * request time and emits a standard XML sitemap. Marked `static` by default, so\n * the build prerenders it to `dist/public/sitemap.xml` for static deployments —\n * while SSR runtimes also serve it live.\n *\n * The hostname comes from `options.hostname`, falling back to `PUBLIC_URL`, then\n * to `\"\"` (relative URLs).\n *\n * @example\n * ```ts\n * import { $sitemap } from \"alepha/react/sitemap\";\n *\n * class AppRouter {\n *   sitemap = $sitemap();\n * }\n * ```\n */\nexport const $sitemap = (\n  options: SitemapPrimitiveOptions = {},\n): SitemapPrimitive => {\n  return createPrimitive(SitemapPrimitive, options);\n};\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport interface SitemapPrimitiveOptions {\n  /**\n   * Absolute base URL used to build `<loc>` entries (e.g. \"https://alepha.dev\").\n   *\n   * Defaults to `PUBLIC_URL`, then to `\"\"` (relative URLs).\n   */\n  hostname?: string;\n\n  /**\n   * Route path the sitemap is served at.\n   *\n   * @default \"/sitemap.xml\"\n   */\n  path?: string;\n\n  /**\n   * Prerender the sitemap to a static file at build time.\n   *\n   * @default true\n   */\n  static?: boolean;\n}\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport class SitemapPrimitive extends Primitive<SitemapPrimitiveOptions> {\n  protected readonly router = $inject(ServerRouterProvider);\n  protected readonly dateTime = $inject(DateTimeProvider);\n\n  protected onInit() {\n    this.router.createRoute({\n      method: \"GET\",\n      path: this.options.path ?? \"/sitemap.xml\",\n      static: this.options.static ?? true,\n      silent: true,\n      handler: (request: ServerRequest) => {\n        request.reply.setHeader(\"content-type\", \"application/xml\");\n        return this.buildSitemap();\n      },\n    });\n  }\n\n  /**\n   * Render the sitemap to its path and body. Used by the build to snapshot the\n   * sitemap to a static file.\n   */\n  public prerender(): { path: string; body: string } {\n    return {\n      path: this.options.path ?? \"/sitemap.xml\",\n      body: this.buildSitemap(),\n    };\n  }\n\n  /**\n   * Build the sitemap XML from the application's page primitives.\n   */\n  protected buildSitemap(): string {\n    const hostname =\n      this.options.hostname ?? String(this.alepha.env.PUBLIC_URL ?? \"\");\n    const pages = this.getSitemapPages();\n    return this.generateSitemapFromPages(pages, hostname);\n  }\n\n  /**\n   * Select the pages that should appear in the sitemap.\n   *\n   * Excludes layout pages (with `children`), wildcard paths, and `/404`.\n   * Parameterized pages are included only when they declare `static.entries`.\n   */\n  protected getSitemapPages(): any[] {\n    const pages = this.alepha.primitives(\"page\") as any[];\n    return pages.filter((page) => {\n      const options = page.options;\n      const path: string = options.path ?? \"\";\n      if (options.children) {\n        return false;\n      }\n      if (path.includes(\"*\")) {\n        return false;\n      }\n      if (path === \"/404\") {\n        return false;\n      }\n      if (!options.schema?.params) {\n        return true;\n      }\n      if (\n        options.static &&\n        typeof options.static === \"object\" &&\n        options.static.entries\n      ) {\n        return true;\n      }\n      return false;\n    });\n  }\n\n  protected generateSitemapFromPages(pages: any[], baseUrl: string): string {\n    const urls: string[] = [];\n    const normalizedBaseUrl = baseUrl.replace(/\\/$/, \"\");\n\n    for (const page of pages) {\n      const options = page.options;\n\n      if (!options.schema?.params) {\n        const path = options.path || \"\";\n        const url = `${normalizedBaseUrl}${path === \"\" ? \"/\" : path}`;\n        urls.push(url);\n      } else if (\n        options.static &&\n        typeof options.static === \"object\" &&\n        options.static.entries\n      ) {\n        for (const entry of options.static.entries) {\n          const path = this.buildPathFromParams(\n            options.path || \"\",\n            entry.params || {},\n          );\n          const url = `${normalizedBaseUrl}${path}`;\n          urls.push(url);\n        }\n      }\n    }\n\n    return this.buildSitemapXml(urls);\n  }\n\n  protected buildPathFromParams(\n    pathPattern: string,\n    params: Record<string, any>,\n  ): string {\n    let path = pathPattern;\n    for (const [key, value] of Object.entries(params)) {\n      path = path.replace(`:${key}`, String(value));\n    }\n    return path || \"/\";\n  }\n\n  protected buildSitemapXml(urls: string[]): string {\n    const lastMod = this.dateTime.now().format(\"YYYY-MM-DD\");\n    const urlEntries = urls\n      .map(\n        (url) =>\n          `  <url>\\n    <loc>${this.escapeXml(url)}</loc>\\n    <lastmod>${lastMod}</lastmod>\\n  </url>`,\n      )\n      .join(\"\\n\");\n\n    return `<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<urlset xmlns=\"http://www.sitemaps.org/schemas/sitemap/0.9\">\n${urlEntries}\n</urlset>`;\n  }\n\n  protected escapeXml(str: string): string {\n    return str\n      .replace(/&/g, \"&amp;\")\n      .replace(/</g, \"&lt;\")\n      .replace(/>/g, \"&gt;\")\n      .replace(/\"/g, \"&quot;\")\n      .replace(/'/g, \"&#39;\");\n  }\n}\n\n$sitemap[KIND] = SitemapPrimitive;\n","import { $module } from \"alepha\";\nimport { AlephaDateTime } from \"alepha/datetime\";\nimport { AlephaServer } from \"alepha/server\";\nimport { $sitemap } from \"./primitives/$sitemap.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\nexport * from \"./primitives/$sitemap.ts\";\n\n// ---------------------------------------------------------------------------------------------------------------------\n\n/**\n * Sitemap generation for React applications.\n *\n * Exposes the {@link $sitemap} primitive, which serves a `sitemap.xml` built\n * from the app's `$page` primitives — live at request time and prerendered to a\n * static file at build time.\n *\n * @module alepha.react.sitemap\n */\nexport const AlephaReactSitemap = $module({\n  name: \"alepha.react.sitemap\",\n  imports: [AlephaServer, AlephaDateTime],\n  primitives: [$sitemap],\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAwBA,MAAa,YACX,UAAmC,CAAC,MACf;CACrB,OAAO,gBAAgB,kBAAkB,OAAO;AAClD;AA6BA,IAAa,mBAAb,cAAsC,UAAmC;CACvE,SAA4B,QAAQ,oBAAoB;CACxD,WAA8B,QAAQ,gBAAgB;CAEtD,SAAmB;EACjB,KAAK,OAAO,YAAY;GACtB,QAAQ;GACR,MAAM,KAAK,QAAQ,QAAQ;GAC3B,QAAQ,KAAK,QAAQ,UAAU;GAC/B,QAAQ;GACR,UAAU,YAA2B;IACnC,QAAQ,MAAM,UAAU,gBAAgB,iBAAiB;IACzD,OAAO,KAAK,aAAa;GAC3B;EACF,CAAC;CACH;;;;;CAMA,YAAmD;EACjD,OAAO;GACL,MAAM,KAAK,QAAQ,QAAQ;GAC3B,MAAM,KAAK,aAAa;EAC1B;CACF;;;;CAKA,eAAiC;EAC/B,MAAM,WACJ,KAAK,QAAQ,YAAY,OAAO,KAAK,OAAO,IAAI,cAAc,EAAE;EAClE,MAAM,QAAQ,KAAK,gBAAgB;EACnC,OAAO,KAAK,yBAAyB,OAAO,QAAQ;CACtD;;;;;;;CAQA,kBAAmC;EAEjC,OADc,KAAK,OAAO,WAAW,MAC1B,EAAE,QAAQ,SAAS;GAC5B,MAAM,UAAU,KAAK;GACrB,MAAM,OAAe,QAAQ,QAAQ;GACrC,IAAI,QAAQ,UACV,OAAO;GAET,IAAI,KAAK,SAAS,GAAG,GACnB,OAAO;GAET,IAAI,SAAS,QACX,OAAO;GAET,IAAI,CAAC,QAAQ,QAAQ,QACnB,OAAO;GAET,IACE,QAAQ,UACR,OAAO,QAAQ,WAAW,YAC1B,QAAQ,OAAO,SAEf,OAAO;GAET,OAAO;EACT,CAAC;CACH;CAEA,yBAAmC,OAAc,SAAyB;EACxE,MAAM,OAAiB,CAAC;EACxB,MAAM,oBAAoB,QAAQ,QAAQ,OAAO,EAAE;EAEnD,KAAK,MAAM,QAAQ,OAAO;GACxB,MAAM,UAAU,KAAK;GAErB,IAAI,CAAC,QAAQ,QAAQ,QAAQ;IAC3B,MAAM,OAAO,QAAQ,QAAQ;IAC7B,MAAM,MAAM,GAAG,oBAAoB,SAAS,KAAK,MAAM;IACvD,KAAK,KAAK,GAAG;GACf,OAAO,IACL,QAAQ,UACR,OAAO,QAAQ,WAAW,YAC1B,QAAQ,OAAO,SAEf,KAAK,MAAM,SAAS,QAAQ,OAAO,SAAS;IAK1C,MAAM,MAAM,GAAG,oBAJF,KAAK,oBAChB,QAAQ,QAAQ,IAChB,MAAM,UAAU,CAAC,CAEmB;IACtC,KAAK,KAAK,GAAG;GACf;EAEJ;EAEA,OAAO,KAAK,gBAAgB,IAAI;CAClC;CAEA,oBACE,aACA,QACQ;EACR,IAAI,OAAO;EACX,KAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,MAAM,GAC9C,OAAO,KAAK,QAAQ,IAAI,OAAO,OAAO,KAAK,CAAC;EAE9C,OAAO,QAAQ;CACjB;CAEA,gBAA0B,MAAwB;EAChD,MAAM,UAAU,KAAK,SAAS,IAAI,EAAE,OAAO,YAAY;EAQvD,OAAO;;EAPY,KAChB,KACE,QACC,qBAAqB,KAAK,UAAU,GAAG,EAAE,uBAAuB,QAAQ,qBAC5E,EACC,KAAK,IAID,EAAE;;CAEX;CAEA,UAAoB,KAAqB;EACvC,OAAO,IACJ,QAAQ,MAAM,OAAO,EACrB,QAAQ,MAAM,MAAM,EACpB,QAAQ,MAAM,MAAM,EACpB,QAAQ,MAAM,QAAQ,EACtB,QAAQ,MAAM,OAAO;CAC1B;AACF;AAEA,SAAS,QAAQ;;;;;;;;;;;;AC/KjB,MAAa,qBAAqB,QAAQ;CACxC,MAAM;CACN,SAAS,CAAC,cAAc,cAAc;CACtC,YAAY,CAAC,QAAQ;AACvB,CAAC"}

package/dist/server/auth/index.d.ts

@@ -5,6 +5,48 @@ import { AccessTokenResponse, IssuerPrimitive, SecurityProvider, UserAccount } f
 import { ServerRawRequest, ServerReply } from "alepha/server";
 import { ServerLinksProvider } from "alepha/server/links";
 
+//#region ../../src/server/auth/helpers/appleClientSecret.d.ts
+interface AppleClientSecretOptions {
+  privateKeyPem: string;
+  teamId: string;
+  serviceId: string;
+  keyId: string;
+  ttlSeconds?: number;
+}
+/** Signs Apple's short-lived ES256 client_secret JWT on demand (no rotation job). */
+declare function signAppleClientSecret(opts: AppleClientSecretOptions): Promise<string>;
+//#endregion
+//#region ../../src/server/auth/helpers/federationAssertion.d.ts
+interface FederationProfile {
+  provider: "google" | "apple";
+  sub: string;
+  email?: string;
+  email_verified?: boolean;
+  name?: string;
+  given_name?: string;
+  family_name?: string;
+  picture?: string;
+  is_private_email?: boolean;
+}
+interface SignAssertionOptions {
+  privateKeyPem: string;
+  issuer: string;
+  audience: string;
+  ttlSeconds?: number;
+  jti?: string;
+}
+interface VerifyAssertionOptions {
+  publicKeyPem: string;
+  issuer: string;
+  audience: string;
+}
+interface VerifiedAssertion {
+  profile: FederationProfile;
+  jti: string;
+}
+declare function signFederationAssertion(profile: FederationProfile, opts: SignAssertionOptions): Promise<string>;
+declare function verifyFederationAssertion(token: string, opts: VerifyAssertionOptions): Promise<VerifiedAssertion>;
+//#endregion
 //#region ../../src/server/auth/constants/routes.d.ts
 declare const alephaServerAuthRoutes: {
   login: string;
@@ -1316,6 +1358,12 @@ declare class ServerAuthProvider {
    * is passed so openid-client can read the authorization code from the POST body.
    */
   protected handleCallback(url: URL, reply: ServerReply, cookies: Cookies, raw?: ServerRawRequest): Promise<void>;
+  /**
+   * Establish a local session for an already-resolved user: mint realm tokens
+   * and write the `tokens` cookie. Used by the OAuth callback and by federated
+   * (broker) login. `issuer` is the realm issuer (provider.issuer / realm).
+   */
+  establishSession(user: UserAccount, issuer: IssuerPrimitive, providerName: string, cookies: Cookies): Promise<void>;
   /**
    * Callback for OAuth2/OIDC providers.
    * It handles the authorization code flow and retrieves the access token.
@@ -1687,6 +1735,62 @@ declare const $authCredentials: (realm: IssuerPrimitive & WithLoginFn, options?:
  */
 declare const $authFacebook: (realm: IssuerPrimitive & WithLinkFn, options?: Partial<OidcOptions>) => AuthPrimitive;
 //#endregion
+//#region ../../src/server/auth/primitives/$authFederationBroker.d.ts
+interface FederationBrokerProviders {
+  google?: {
+    clientId: string;
+    clientSecret: string;
+  };
+  apple?: {
+    serviceId: string;
+    teamId: string;
+    keyId: string;
+    privateKeyPem: string;
+  };
+}
+interface FederationBrokerOptions {
+  /** Broker public origin, e.g. https://alepha.club — becomes the assertion `iss`. */
+  issuer: string;
+  /** EdDSA PKCS#8 PEM — signs assertions. */
+  signingKeyPem: string;
+  providers: FederationBrokerProviders;
+  /** Validate the requested tenant and return its exact origin (or null to reject). */
+  resolveTenant: (tenant: string) => Promise<string | null>;
+  assertionTtlSeconds?: number;
+}
+declare const $authFederationBroker: (options: FederationBrokerOptions) => {
+  start: import("alepha/server").RoutePrimitive<{
+    query: import("typebox").TObject<{
+      provider: import("typebox").TString;
+      tenant: import("typebox").TString;
+      redirect: import("typebox").TOptional<import("typebox").TString>;
+    }>;
+  }>;
+  callback: import("alepha/server").RoutePrimitive<import("alepha/server").RequestConfigSchema>;
+  callbackPost: import("alepha/server").RoutePrimitive<import("alepha/server").RequestConfigSchema>;
+};
+//#endregion
+//#region ../../src/server/auth/primitives/$authFederationClient.d.ts
+declare function assertionToProfile(token: string, opts: VerifyAssertionOptions): Promise<{
+  provider: string;
+  jti: string;
+  link: LinkAccountOptions;
+}>;
+interface FederationClientOptions {
+  realm: IssuerPrimitive & WithLinkFn;
+  brokerUrl: string;
+  publicKeyPem: string;
+  selfOrigin?: string;
+}
+declare const $authFederationClient: (options: FederationClientOptions) => {
+  callback: import("alepha/server").RoutePrimitive<{
+    query: import("typebox").TObject<{
+      token: import("typebox").TString;
+      redirect: import("typebox").TOptional<import("typebox").TString>;
+    }>;
+  }>;
+};
+//#endregion
 //#region ../../src/server/auth/primitives/$authFranceConnect.d.ts
 /**
  * Creates an authentication provider primitive for France Connect.
@@ -1788,5 +1892,5 @@ declare const $authMicrosoft: (realm: IssuerPrimitive & WithLinkFn, options?: Pa
  */
 declare const AlephaServerAuth: import("alepha").Service<import("alepha").Module>;
 //#endregion
-export { $auth, $authApple, $authCredentials, $authFacebook, $authFranceConnect, $authGithub, $authGoogle, $authMicrosoft, AccessToken, AlephaServerAuth, AuthExternal, AuthInternal, AuthPrimitive, AuthPrimitiveOptions, AuthenticationProvider, Credentials, CredentialsFn, CredentialsOptions, LinkAccountFn, LinkAccountOptions, OAuth2Options, OAuth2Profile, OidcOptions, ServerAuthProvider, TokenResponse, Tokens, UserinfoResponse, WithLinkFn, WithLoginFn, alephaServerAuthRoutes, authenticationProviderSchema, tokenResponseSchema, tokensSchema, userinfoResponseSchema };
+export { $auth, $authApple, $authCredentials, $authFacebook, $authFederationBroker, $authFederationClient, $authFranceConnect, $authGithub, $authGoogle, $authMicrosoft, AccessToken, AlephaServerAuth, AppleClientSecretOptions, AuthExternal, AuthInternal, AuthPrimitive, AuthPrimitiveOptions, AuthenticationProvider, Credentials, CredentialsFn, CredentialsOptions, FederationBrokerOptions, FederationBrokerProviders, FederationClientOptions, FederationProfile, LinkAccountFn, LinkAccountOptions, OAuth2Options, OAuth2Profile, OidcOptions, ServerAuthProvider, SignAssertionOptions, TokenResponse, Tokens, UserinfoResponse, VerifiedAssertion, VerifyAssertionOptions, WithLinkFn, WithLoginFn, alephaServerAuthRoutes, assertionToProfile, authenticationProviderSchema, signAppleClientSecret, signFederationAssertion, tokenResponseSchema, tokensSchema, userinfoResponseSchema, verifyFederationAssertion };
 //# sourceMappingURL=index.d.ts.map

package/dist/server/auth/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","names":["Extract","Awaited","ReturnType","crypto","subtle","generateKey","type","privateKey","CryptoKey","publicKey","Key","JsonValue","JsonPrimitive","JsonObject","JsonArray","Record","header","payload","key","kid","kty","alg","use","key_ops","e","n","crv","x","y","pub","parameter","issuer","authorization_endpoint","token_endpoint","jwks_uri","registration_endpoint","scopes_supported","response_types_supported","response_modes_supported","grant_types_supported","token_endpoint_auth_methods_supported","token_endpoint_auth_signing_alg_values_supported","service_documentation","ui_locales_supported","op_policy_uri","op_tos_uri","revocation_endpoint","revocation_endpoint_auth_methods_supported","revocation_endpoint_auth_signing_alg_values_supported","introspection_endpoint","introspection_endpoint_auth_methods_supported","introspection_endpoint_auth_signing_alg_values_supported","code_challenge_methods_supported","signed_metadata","device_authorization_endpoint","tls_client_certificate_bound_access_tokens","mtls_endpoint_aliases","MTLSEndpointAliases","userinfo_endpoint","acr_values_supported","subject_types_supported","id_token_signing_alg_values_supported","id_token_encryption_alg_values_supported","id_token_encryption_enc_values_supported","userinfo_signing_alg_values_supported","userinfo_encryption_alg_values_supported","userinfo_encryption_enc_values_supported","request_object_signing_alg_values_supported","request_object_encryption_alg_values_supported","request_object_encryption_enc_values_supported","display_values_supported","claim_types_supported","claims_supported","claims_locales_supported","claims_parameter_supported","request_parameter_supported","request_uri_parameter_supported","require_request_uri_registration","require_signed_request_object","pushed_authorization_request_endpoint","require_pushed_authorization_requests","introspection_signing_alg_values_supported","introspection_encryption_alg_values_supported","introspection_encryption_enc_values_supported","authorization_response_iss_parameter_supported","authorization_signing_alg_values_supported","authorization_encryption_alg_values_supported","authorization_encryption_enc_values_supported","backchannel_authentication_endpoint","backchannel_authentication_request_signing_alg_values_supported","backchannel_token_delivery_modes_supported","backchannel_user_code_parameter_supported","check_session_iframe","dpop_signing_alg_values_supported","end_session_endpoint","frontchannel_logout_session_supported","frontchannel_logout_supported","backchannel_logout_session_supported","backchannel_logout_supported","protected_resources","metadata","Pick","AuthorizationServer","client_id","id_token_signed_response_alg","authorization_signed_response_alg","require_auth_time","userinfo_signed_response_alg","introspection_signed_response_alg","default_max_age","use_mtls_endpoint_aliases","clockSkew","clockTolerance","Error","code","constructor","message","cause","options","jwksCache","JWKSCacheInput","Method","BodyType","body","headers","method","redirect","signal","AbortSignal","url","Headers","customFetch","CustomFetchOptions","Promise","Response","allowInsecureRequests","HttpRequestOptions","algorithm","URL","issuerIdentifier","DiscoveryRequestOptions","expectedIssuerIdentifier","response","codeVerifier","DPoP","DPoPHandle","URLSearchParams","DPoPRequestOptions","as","Client","client","clientSecret","ClientAuth","modifyAssertion","ModifyAssertionFunction","PrivateKey","clientPrivateKey","ModifyAssertionOptions","parameters","enforceHttps","clientAuthentication","PushedAuthorizationRequestOptions","calculateThumbprint","err","CryptoKeyPair","keyPair","request_uri","expires_in","error","error_description","error_uri","algs","scope","RESPONSE_BODY_ERROR","status","OAuth2Error","AUTHORIZATION_RESPONSE_ERROR","WWWAuthenticateChallenge","WWW_AUTHENTICATE_CHALLENGE","realm","resource_metadata","Lowercase","scheme","WWWAuthenticateChallengeParameters","token68","PushedAuthorizationResponse","ArrayBuffer","ReadableStream","Uint8Array","Omit","ProtectedResourceRequestBody","accessToken","ProtectedResourceRequestOptions","UserInfoRequestOptions","formatted","street_address","locality","region","postal_code","country","claim","sub","name","given_name","family_name","middle_name","nickname","preferred_username","profile","picture","website","email","email_verified","gender","birthdate","zoneinfo","locale","phone_number","updated_at","address","UserInfoAddress","jwks","JWKS","uat","ExportedJWKSCache","jweDecrypt","JweDecryptFunction","res","TokenEndpointResponse","JWEDecryptOptions","recognizedTokenTypes","RecognizedTokenTypes","skipSubjectCheck","expectedSubject","UserInfoResponse","additionalParameters","refreshToken","TokenEndpointRequestOptions","ref","IDToken","JWKSCacheOptions","ValidateSignatureOptions","ProcessTokenResponseOptions","callbackParameters","redirectUri","nopkce","iss","aud","jti","nbf","exp","iat","cnf","ConfirmationClaims","JWTPayload","nonce","auth_time","azp","locations","actions","datatypes","privileges","identifier","access_token","id_token","refresh_token","authorization_details","AuthorizationDetails","token_type","expectedNonce","expectNoNonce","maxAge","skipAuthTimeCheck","requireIdToken","ProcessAuthorizationCodeResponseOptions","ClientCredentialsGrantRequestOptions","grantType","token","RevocationRequestOptions","requestJwtResponse","IntrospectionRequestOptions","jkt","active","sid","username","IntrospectionResponse","keys","JWK","jwe","expectNoState","skipStateCheck","expectedState","Request","DeviceAuthorizationRequestOptions","device_code","user_code","verification_uri","verification_uri_complete","interval","DeviceAuthorizationResponse","deviceCode","extractable","modulusLength","GenerateKeyPairOptions","requireDPoP","signingAlgorithms","request","expectedAudience","ValidateJWTAccessTokenOptions","JWTAccessTokenClaims","BackchannelAuthenticationRequestOptions","auth_req_id","BackchannelAuthenticationResponse","authReqId","T","K","initialAccessToken","Partial","OmitSymbolProperties","DynamicClientRegistrationRequestOptions","resource","authorization_servers","bearer_methods_supported","resource_signing_alg_values_supported","resource_name","resource_documentation","resource_policy_uri","resource_tos_uri","authorization_details_types_supported","dpop_bound_access_tokens_required","resourceIdentifier","expectedResourceIdentifier","ResourceServer","Extract","Awaited","ReturnType","crypto","subtle","generateKey","type","privateKey","CryptoKey","publicKey","ServerMetadata","as","ClientMetadata","client","URLSearchParams","body","Headers","headers","clientSecret","ClientAuth","oauth","ModifyAssertionOptions","options","PrivateKey","clientPrivateKey","skipStateCheck","skipSubjectCheck","customFetch","modifyAssertion","clockSkew","clockTolerance","ArrayBuffer","ReadableStream","Uint8Array","DPoPHandle","Client","client_secret","use_mtls_endpoint_aliases","AuthorizationServer","codeVerifier","Promise","Error","code","alg","GenerateKeyPairOptions","CryptoKeyPair","CustomFetch","algorithm","execute","Array","Configuration","config","timeout","DiscoveryRequestOptions","DPoPOptions","initialAccessToken","URL","server","Partial","metadata","clientAuthentication","DynamicClientRegistrationRequestOptions","clientId","key","kid","contentEncryptionAlgorithms","keys","DecryptionKey","supportsPKCE","method","serverMetadata","Readonly","ServerMetadataHelpers","clientMetadata","OmitSymbolProperties","FetchBody","Record","redirect","signal","AbortSignal","url","CustomFetchOptions","Response","ConfigurationMethods","ConfigurationProperties","constructor","value","claims","IDToken","expiresIn","keyPair","DeviceAuthorizationResponse","deviceAuthorizationResponse","parameters","DeviceAuthorizationGrantPollOptions","TokenEndpointResponse","TokenEndpointResponseHelpers","BackchannelAuthenticationResponse","backchannelAuthenticationResponse","BackchannelAuthenticationGrantPollOptions","ExportedJWKSCache","jwksCache","Pick","AuthorizationCodeGrantChecks","Request","currentUrl","expectedNonce","ImplicitAuthenticationResponseChecks","checks","expectedState","idTokenExpected","maxAge","pkceCodeVerifier","tokenEndpointParameters","AuthorizationCodeGrantOptions","refreshToken","signingKey","accessToken","expectedSubject","UserInfoResponse","token","IntrospectionResponse","DPoP","grantType"],"sources":["../../../src/server/auth/constants/routes.ts","../../../src/server/auth/schemas/authenticationProviderSchema.ts","../../../src/server/auth/schemas/tokenResponseSchema.ts","../../../src/server/auth/schemas/tokensSchema.ts","../../../src/server/auth/schemas/userinfoResponseSchema.ts","../../../../../node_modules/oauth4webapi/build/index.d.ts","../../../../../node_modules/openid-client/build/index.d.ts","../../../src/server/auth/providers/ServerAuthProvider.ts","../../../src/server/auth/primitives/$auth.ts","../../../src/server/auth/primitives/$authApple.ts","../../../src/server/auth/primitives/$authCredentials.ts","../../../src/server/auth/primitives/$authFacebook.ts","../../../src/server/auth/primitives/$authFranceConnect.ts","../../../src/server/auth/primitives/$authGithub.ts","../../../src/server/auth/primitives/$authGoogle.ts","../../../src/server/auth/primitives/$authMicrosoft.ts","../../../src/server/auth/index.ts"],"x_google_ignoreList":[5,6],"mappings":";;;;;;;;cAAa,sBAAA;;;;;;;;;;cCEA,4BAAA,oBAA4B,OAAA;;;;KAc7B,sBAAA,GAAyB,MAAM,QAClC,4BAAA;;;cCZI,mBAAA,oBAAmB,OAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAKpB,aAAA,GAAgB,MAAM,QAAQ,mBAAA;;;cCP7B,YAAA,oBAAY,OAAA;;;;;;;;;;;KAiBb,MAAA,GAAS,MAAM,QAAQ,YAAA;;;cChBtB,sBAAA,oBAAsB,OAAA;;;;;;;;;;;;;;;;;;;;;;;;KAKvB,gBAAA,GAAmB,MAAM,QAAQ,sBAAA;;;;;;KCIjC,UAAA,uBACU,SAAS;;;;KAKnB,SAAA,GAAY,SAAS;;;;KAIrB,aAAA;;;;KAIA,SAAA,GAAY,aAAA,GAAgB,UAAA,GAAa,SAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cAqFhC,SAAA;;;;;;;;;;;;;;;;AHtGrB;cGuHqB,cAAA;;;AHvHwC;;;;ACP7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiBA;;;;AAA+C;;;;AChB/C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAKA;;;;AAAmE;;;;ACInE;;;;AAC+B;AAK/B;;;;AAAiC;AAIjC;;cA2OqB,aAAA;;;;AAgkBY;AAoqDjC;;;UAtlEiB,mBAAA;EAulEI;;;EAAA,SAnlER+B,MAAAA;EAmlE0C;;;EAAA,SA/kE1CC,sBAAAA;EA+kEG0R;;;EAAAA,SA3kEHzR,cAAAA;EA2kEyC0R;;AAAC;EAADA,SAvkEzCzR,QAAAA;;;ACnYb;WDuYaC,qBAAAA;;;;WAIAC,gBAAAA;EC3YyF;;;;EAAA,SDgZzFC,wBAAAA;EChZyCoT;;;;EAAAA,SDqZzCnT,wBAAAA;ECrZgFwT;;AAAgB;AAse7G;EAte6FA,SD0ZhFvT,qBAAAA;;;AC4E6C;WDxE7CC,qCAAAA;ECgKQ;;;;EAAA,SD3JRC,gDAAAA;EC2JmF;;;;EAAA,SDtJnFC,qBAAAA;ECsJ0DoU;;;AAAwC;EAAxCA,SDjJ1DnU,oBAAAA;ECiKkB;;;;;EAAA,SD3JlBC,aAAAA;ECmNTsU;;AAAyB;AAS7B;EATIA,SD9MSrU,UAAAA;;;ACuNoD;WDnNpDC,mBAAAA;ECieyB;;;AAON;EAPM,SD5dzBC,0CAAAA;ECwewB;;;;EAAA,SDnexBC,qDAAAA;EC2e6C;;;EAAA,SDve7CC,sBAAAA;ECueiB;;;;EAAA,SDlejBC,6CAAAA;ECkeToW;;;;;EAAAA,SD5dSnW,wDAAAA;EC4d2D;AAExE;;EAFwE,SDxd3DC,gCAAAA;EC8dH;;;EAAA,SD1dGC,eAAAA;EC4eW;;;EAAA,SDxeXC,6BAAAA;EC0dAmW;;;EAAAA,SDtdAlW,0CAAAA;ECoeAqW;;AAAW;AAKxB;EALaA,SD/dApW,qBAAAA,GAAwB,mBAAA;;;;WAIxBE,iBAAAA;ECye0B;;;;EAAA,SDpe1BC,oBAAAA;ECoemB0T;;;AAAgB;EAAhBA,SD/dnBzT,uBAAAA;ECme2B;;;;EAAA,SD9d3BC,qCAAAA;EC0eToU;;AAAO;AA2CX;EA3CIA,SDreSnU,wCAAAA;;;;;WAKAC,wCAAAA;ECyhBkB;;;EAAA,SDrhBlBC,qCAAAA;ECyhBkB;;;EAAA,SDrhBlBC,wCAAAA;ECqiBgB;;;EAAA,SDjiBhBC,wCAAAA;EC+f8E;;;;EAAA,SD1f9EC,2CAAAA;ECogBWoR;;;;EAAAA,SD/fXnR,8CAAAA;EC+f6CoU;;;;EAAAA,SD1f7CnU,8CAAAA;EC8fkBkR;;;;EAAAA,SDzflBjR,wBAAAA;EC6fwBiV;;;EAAAA,SDzfxBhV,qBAAAA;ECigBG4V;;;;EAAAA,SD5fH3V,gBAAAA;ECogBS2V;;AAAkB;;EAAlBA,SD/fT1V,wBAAAA;;AE/iBb;;;WFojBaC,0BAAAA;EEjjB6B;;;;EAAA,SFsjB7BC,2BAAAA;EE9KJ;;;;EAAA,SFmLIC,+BAAAA;EEzIA;;;;EAAA,SF8IAC,gCAAAA;EE2HA;;;;EAAA,SFtHAC,6BAAAA;EE2JiB;;;EAAA,SFvJjBC,qCAAAA;EEqL4C;;;EAAA,SFjL5CC,qCAAAA;EE/kBQ;;;;EAAA,SFolBRC,0CAAAA;EEllB6B;;;;EAAA,SFulB7BC,6CAAAA;EE3kBD;;;;EAAA,SFglBCC,6CAAAA;EEvjBQ;;;;EAAA,SF4jBRC,8CAAAA;;;;;WAKAC,0CAAAA;;;;;WAKAC,6CAAAA;;;;;WAKAC,6CAAAA;;;;WAIAC,mCAAAA;EE/jBW;;;;EAAA,SFokBXC,+DAAAA;;;;WAIAC,0CAAAA;;;;WAIAC,yCAAAA;;;;;WAKAC,oBAAAA;;;;WAIAC,iCAAAA;;;;;WAKAC,oBAAAA;EEjlBiB;;;;;EAAA,SFulBjBC,qCAAAA;;;;WAIAC,6BAAAA;;;;;WAKAC,oCAAAA;;;;WAIAC,4BAAAA;;;;WAIAC,mBAAAA;EAAAA,UACCC,QAAAA,WAAmB,SAAS;AAAA;AAAA,UAEzB,mBAAA,SAA4B,IAAI,CAAC,mBAAA;EAAA,UACpCA,QAAAA;AAAAA;;;;;;UAOG,MAAA;;;;EAIbG,SAAAA;;;;;;;EAOAC,4BAAAA;;;;;;;EAOAC,iCAAAA;;;;;EAKAC,iBAAAA;;;;;;;EAOAC,4BAAAA;EE1jBqB;;;;;;EFikBrBC,iCAAAA;;;;EAIAC,eAAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyDAC,yBAAAA;;;;GAIC,SAAA;;;;GAIA,cAAA;EAAA,CACAV,QAAAA,WAAmB,SAAA;AAAA;;;;KAoqDZ,oBAAA,oBACI,CAAA,IAAK,CAAA,0BAA2B,CAAA,GAAI,CAAA,CAAE,CAAA;;;;;;;;;;;;;;AJr+EtD;;;;;;KK2BY,UAAA,IAAcoP,EAAAA,EAAI,cAAA,EAAgBE,MAAAA,EAAQ,cAAA,EAAgBE,IAAAA,EAAM,eAAA,EAAiBE,OAAAA,EAAS,OAAA;;;;;;;;;;;;;;;;;ADgrB5D;AAE1C;;;;;;;;AAC8B;AAO9B;;;;;;;;;;;;;;;;;;;;;AA2GiC;AAoqDjC;;;;;;;;;;;;;;;;;;AACuD;;;;AC18EvD;;;;;;;;;;;;;;;;;;AAA6G;AAse7G;;;;AAA0D;AAwF1D;;;;;;;;;;;;;;AAA+G;AAgB/G;;;;;;;;;AAwD6B;AAS7B;;;;AAAiE;AA8QjE;;;;AAOgC;AAKhC;;;;;;;;;;;;;;;;;;;;;AAQwE;AAExE;;;;;;;;;;;;;;;cA7cqB,WAAA,SAAoB,aAAiB;AAAA,KAwF9C,SAAA,GAAY,WAAA,UAAqB,cAAA,YAA0B,UAAA,eAAyB,eAAA;;;;;;;;UAgB/E,cAAA,SAAuB,MAAY;EC2JtB;;;EDvJ1BmB,aAAAA;ECqLqD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EDjIrDC,yBAAAA;AAAAA;;;;;;;;UASa,cAAA,SAAuB,mBAAyB;AAAA,UA8QhD,qBAAA;ECpKL;;;;;;ED2KR+B,YAAAA,CAAaC,MAAe;AAAA;;AC7J+B;AAqD/D;UD6GiB,oBAAA;;;;EAIbC,cAAAA,IAAkB,QAAA,CAAS,cAAA,IAAkB,qBAAA;EC9G/C;;;EDkHEG,cAAAA,IAAkB,QAAA,CAAS,oBAAA,CAA2B,cAAA;AAAA;AAAA,UAEzC,kBAAA;EC9Gf;;;EDkHE1D,IAAAA,EAAM,SAAA;EC9GR;;;EDkHEE,OAAAA,EAAS,MAAA;EC9GX;;;;EDmHEoD,MAAAA;EC9GA;;;EDkHAQ,QAAAA;EC7GF;;;AAEY;EDgHVC,MAAAA,GAAS,WAAA;AAAA;;AE36Bb;;KFg7BY,WAAA;;;;;AAKZE,GAAAA;;;;AAIA1D,OAAAA,EAAS,kBAAA,KAAuB,OAAA,CAAQ,QAAA;;;;UAIvB,uBAAA;EEv7BL;;;;;;EAAA,CF87BP,WAAW,IAAI,WAAA;EEn7BA;;AAAY;AAKhC;EFm7BI8B,OAAAA;AAAAA;;;;;;;;;;;;AEh6BgC;AASpC;;;;;;;;;;;;;;;;;;AAiCuB;AAIvB;;;;AACwB;AAGxB;;;;;cFy5BqB,aAAA,YAAyB,oBAAA,EAAsB,uBAAA;EEv5B1D;;;;;;;AAAY;AAEtB;EF+5BIiC,WAAAA,CAAY5B,MAAAA,EAAQ,cAAA,EAAgBK,QAAAA,UAAkBH,QAAAA,GAAW,OAAA,CAAQ,cAAA,YAA0BC,oBAAAA,GAAuB,UAAA;;;AE75BpH;EFi6BNU,cAAAA,IAAkB,QAAA,CAAS,cAAA,IAAkB,qBAAA;EE95BrB;;;EFk6BxBG,cAAAA,IAAkB,QAAA,CAAS,oBAAA,CAA2B,cAAA;EEz5BxD;;;EAAA,IF65BMrB,OAAAA;EEt4BN;;;EAAA,IF04BMA,OAAAA,CAAQkC,KAAAA;EE33Bd;;;EAAA,KF+3BO,WAAA,KAAgB,WAAA;EEz3BS;AAGlC;;EAHkC,KF63BzB,WAAA,EAAaA,KAAAA,EAAO,WAAA;AAAA;;;cC9iChB,kBAAA;EAAA,mBACQ,GAAA,0BAAG,MAAA;EAAA,mBACH,MAAA,EAAM,MAAA;EAAA,mBACN,qBAAA,EAAqB,qBAAA;EAAA,mBACrB,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,mBAAA,EAAmB,mBAAA;;;;;;;;;YAU5B,mBAAA,CAAoB,GAAA;EAAA,IAmBnB,UAAA,IAAc,KAAA,CAAM,aAAA;EAAA,mBAMZ,iBAAA,kCAAiB,uBAAA,mBAAA,OAAA;;;;;;;;;WAgBpB,MAAA,kCAAM,uBAAA,mBAAA,OAAA;;;;;;;;;;;qBASH,SAAA,mBAAS,aAAA;EL5F5B;;;EAAA,mBKwGmB,SAAA,mBAAS,aAAA;;;;WAqCZ,QAAA,0BAAQ,cAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WAsCR,OAAA,0BAAO,cAAA;;;;;;;;;;;;;;;;;;;;;;;WAuCP,KAAA,0BAAK,cAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WA6EL,KAAA,0BAAK,cAAA;;;;;;;;;;;;;YA8HL,sBAAA,CACd,GAAA,EAAK,OAAA,GACJ,OAAA,CAAQ,MAAA;;;;AJ3Zb;;YIickB,cAAA,CACd,GAAA,EAAK,GAAA,EACL,KAAA,EAAO,WAAA,EACP,OAAA,EAAS,OAAA,EACT,GAAA,GAAM,gBAAA,GAAgB,OAAA;EJrcL;AAA0B;;;EAA1B,SImiBH,QAAA,0BAAQ,cAAA,yBAAA,mBAAA;EHnjBb;;;;EAAA,SG8jBK,YAAA,0BAAY,cAAA,yBAAA,mBAAA;;;;WAWZ,MAAA,0BAAM,cAAA;;;;;EA0Ef,0BAAA,CACL,OAAA;IAAW,SAAA;EAAA,IACV,sBAAA;;;;;;YAwCO,QAAA,CACR,IAAA;IAAiB,QAAA;IAAkB,KAAA;EAAA,IAClC,aAAA;;;;;YA6Ba,eAAA,CACd,OAAA,EAAS,OAAA,GACR,OAAA,CAAQ,MAAA;EAAA,UAgCD,SAAA,CAAU,OAAA,GAAU,OAAA,GAAU,MAAA;EAAA,UAI9B,SAAA,CAAU,MAAA,EAAQ,MAAA,EAAQ,OAAA,GAAU,OAAA;EAAA,UAgBpC,kBAAA,CAAmB,MAAA,EAAQ,MAAA;EAAA,UAcrB,aAAA,CAAc,MAAA,EAAQ,MAAA,GAAS,OAAA,CAAQ,MAAA;AAAA;AAAA,UAqDxC,aAAA;EACf,GAAA;EACA,KAAA;EACA,IAAA;EACA,UAAA;EACA,WAAA;EACA,WAAA;EACA,QAAA;EACA,kBAAA;EACA,OAAA;EACA,OAAA;EACA,OAAA;EACA,cAAA;EACA,MAAA;EACA,SAAA;EACA,QAAA;EACA,MAAA;EACA,YAAA;EACA,qBAAA;EACA,OAAA;IACE,SAAA;IACA,cAAA;IACA,QAAA;IACA,MAAA;IACA,WAAA;IACA,OAAA;EAAA;EAEF,UAAA;EAAA,CAEC,GAAA;AAAA;;;;;APt3BH;;;;;;;;;;;;;;;ACEA;;;;;;;;;;;AAcA;;;;AACqC;;cO0CxB,KAAA;EAAA,UAAkB,oBAAA,GAAuB,aAAA;EAAA;;KAM1C,oBAAA;ENzDV;;;;EM8DA,IAAA;;;;EAKA,QAAA;AAAA,KACG,YAAA,GAAe,YAAY;;;;KAKpB,YAAA;;;;EAIV,IAAA,EAAM,WAAA;;;;;;;;;;;;;;EAeN,QAAA,SAAiB,KAAA,CAAM,WAAA;AAAA;;;;;;;KASb,YAAA;EACV,MAAA,EAAQ,eAAA;AAAA;;;;;;;;EAUJ,WAAA,EAAa,kBAAA;AAAA;;;;;;;;EAUb,KAAA,EAAO,aAAA;AAAA;;;;;;;;;;EAYP,IAAA,EAAM,WAAA;AAAA;AAAA,KAIA,kBAAA;EACV,OAAA,EAAS,aAAa;AAAA;AAAA,KAGZ,aAAA,IACV,WAAA,EAAa,WAAA,KACV,KAAA,CAAM,WAAA;AAAA,UAEM,WAAA;EACf,QAAA;EACA,QAAQ;AAAA;AAAA,UAGO,WAAA;;;;EAIf,MAAA;ENzJuB;;;EM8JvB,QAAA;;;;ALrKF;EK2KE,YAAA;;;;;EAMA,WAAA;;;;;EAMA,UAAA;;;;EAKA,SAAA;;;;;EAMA,KAAA;EAEA,OAAA,GAAU,aAAA;;;;;;EAOV,YAAA;;;;AL1LF;EKgME,uBAAA,GAA0B,MAAM;AAAA;AAAA,UAGjB,kBAAA;EACf,YAAA;EACA,IAAA,EAAM,aAAa;EACnB,QAAA;EACA,UAAA;EACA,KAAA;AAAA;AAAA,KAGU,aAAA,IAAiB,MAAA,EAAQ,kBAAA,KAAuB,KAAA,CAAM,WAAA;AAAA,UAEjD,aAAA;EJ7NkB;;;EIiOjC,QAAA;;;;EAKA,YAAA;;;;EAKA,aAAA;;;;EAKA,KAAA;;;;EAKA,QAAA,GAAW,MAAA,EAAQ,MAAA,KAAW,KAAA,CAAM,aAAA;EAEpC,OAAA,GAAU,aAAA;;;;EAKV,WAAA;;;;EAKA,KAAA;AAAA;AAAA,cAKW,aAAA,SAAsB,SAAA,CAAU,oBAAA;EAAA,mBACxB,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,gBAAA,EAAgB,gBAAA;EAAA,UAEzB,WAAA,GAAc,aAAA;EAAA,UACd,gBAAA,SAAyB,OAAA,CAAQ,aAAA;EAAA,IAEhC,KAAA,IAAS,aAAA;;;;EAOP,QAAA,IAAY,OAAA,CAAQ,aAAA;EAAA,IActB,IAAA;EAAA,IAIA,MAAA,IAAU,eAAA;EAAA,IAOV,QAAA;EAAA,IAQA,KAAA;EAAA,IAYA,YAAA;;;;;EAgBE,OAAA,CACX,YAAA,UACA,WAAA,YACC,OAAA,CAAQ,mBAAA;;;;;;;;;;EA8CE,IAAA,CACX,MAAA,EAAQ,MAAA,EACR,eAAA,GAAkB,MAAA,oBACjB,OAAA,CAAQ,WAAA;EAAA,UAsDD,kBAAA,CAAmB,OAAA,WAAkB,aAAA;EAYlC,OAAA,IAAO,OAAA;AAAA;AAAA,KAsDV,WAAA;EAAyB,KAAA,QAAa,KAAK;AAAA;AAAA,UAEtC,UAAA;EACf,IAAA,IAAQ,IAAA,cAAkB,IAAA,EAAM,kBAAA,KAAuB,KAAA,CAAM,WAAA;AAAA;AAAA,UAG9C,WAAA;EACf,KAAA,IACE,QAAA,cACI,KAAA,EAAO,WAAA,KAAgB,KAAA,CAAM,WAAA;AAAA;;;;;;;;;AR1gBrC;;;;;;;;;;;;;;;ACEA;;;;;;;;cQsCa,UAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;;;;;;cC5BL,gBAAA,GACX,KAAA,EAAO,eAAA,GAAkB,WAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,kBAAA,MAAD,aAAA;;;;;;;;;AVhBlB;;;;cWoBa,aAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;;;;;;;AXtBlB;;;;;;;;;;;;;;;ACEA;;;;;;cWkCa,kBAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;;;;;;;AZtClB;;;;caoBa,WAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;;;;;;;AbtBlB;;;;ccmBa,WAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;;;;;;;AdrBlB;;;;;;;;;;;;;;;ACEA;cc6Ba,cAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;;;;;;;;;;;;;;Ad/BlB;;;;cemCa,gBAAA,mBAAgB,OAAA,kBAAA,MAAA"}
+{"version":3,"file":"index.d.ts","names":["Extract","Awaited","ReturnType","crypto","subtle","generateKey","type","privateKey","CryptoKey","publicKey","Key","JsonValue","JsonPrimitive","JsonObject","JsonArray","Record","header","payload","key","kid","kty","alg","use","key_ops","e","n","crv","x","y","pub","parameter","issuer","authorization_endpoint","token_endpoint","jwks_uri","registration_endpoint","scopes_supported","response_types_supported","response_modes_supported","grant_types_supported","token_endpoint_auth_methods_supported","token_endpoint_auth_signing_alg_values_supported","service_documentation","ui_locales_supported","op_policy_uri","op_tos_uri","revocation_endpoint","revocation_endpoint_auth_methods_supported","revocation_endpoint_auth_signing_alg_values_supported","introspection_endpoint","introspection_endpoint_auth_methods_supported","introspection_endpoint_auth_signing_alg_values_supported","code_challenge_methods_supported","signed_metadata","device_authorization_endpoint","tls_client_certificate_bound_access_tokens","mtls_endpoint_aliases","MTLSEndpointAliases","userinfo_endpoint","acr_values_supported","subject_types_supported","id_token_signing_alg_values_supported","id_token_encryption_alg_values_supported","id_token_encryption_enc_values_supported","userinfo_signing_alg_values_supported","userinfo_encryption_alg_values_supported","userinfo_encryption_enc_values_supported","request_object_signing_alg_values_supported","request_object_encryption_alg_values_supported","request_object_encryption_enc_values_supported","display_values_supported","claim_types_supported","claims_supported","claims_locales_supported","claims_parameter_supported","request_parameter_supported","request_uri_parameter_supported","require_request_uri_registration","require_signed_request_object","pushed_authorization_request_endpoint","require_pushed_authorization_requests","introspection_signing_alg_values_supported","introspection_encryption_alg_values_supported","introspection_encryption_enc_values_supported","authorization_response_iss_parameter_supported","authorization_signing_alg_values_supported","authorization_encryption_alg_values_supported","authorization_encryption_enc_values_supported","backchannel_authentication_endpoint","backchannel_authentication_request_signing_alg_values_supported","backchannel_token_delivery_modes_supported","backchannel_user_code_parameter_supported","check_session_iframe","dpop_signing_alg_values_supported","end_session_endpoint","frontchannel_logout_session_supported","frontchannel_logout_supported","backchannel_logout_session_supported","backchannel_logout_supported","protected_resources","metadata","Pick","AuthorizationServer","client_id","id_token_signed_response_alg","authorization_signed_response_alg","require_auth_time","userinfo_signed_response_alg","introspection_signed_response_alg","default_max_age","use_mtls_endpoint_aliases","clockSkew","clockTolerance","Error","code","constructor","message","cause","options","jwksCache","JWKSCacheInput","Method","BodyType","body","headers","method","redirect","signal","AbortSignal","url","Headers","customFetch","CustomFetchOptions","Promise","Response","allowInsecureRequests","HttpRequestOptions","algorithm","URL","issuerIdentifier","DiscoveryRequestOptions","expectedIssuerIdentifier","response","codeVerifier","DPoP","DPoPHandle","URLSearchParams","DPoPRequestOptions","as","Client","client","clientSecret","ClientAuth","modifyAssertion","ModifyAssertionFunction","PrivateKey","clientPrivateKey","ModifyAssertionOptions","parameters","enforceHttps","clientAuthentication","PushedAuthorizationRequestOptions","calculateThumbprint","err","CryptoKeyPair","keyPair","request_uri","expires_in","error","error_description","error_uri","algs","scope","RESPONSE_BODY_ERROR","status","OAuth2Error","AUTHORIZATION_RESPONSE_ERROR","WWWAuthenticateChallenge","WWW_AUTHENTICATE_CHALLENGE","realm","resource_metadata","Lowercase","scheme","WWWAuthenticateChallengeParameters","token68","PushedAuthorizationResponse","ArrayBuffer","ReadableStream","Uint8Array","Omit","ProtectedResourceRequestBody","accessToken","ProtectedResourceRequestOptions","UserInfoRequestOptions","formatted","street_address","locality","region","postal_code","country","claim","sub","name","given_name","family_name","middle_name","nickname","preferred_username","profile","picture","website","email","email_verified","gender","birthdate","zoneinfo","locale","phone_number","updated_at","address","UserInfoAddress","jwks","JWKS","uat","ExportedJWKSCache","jweDecrypt","JweDecryptFunction","res","TokenEndpointResponse","JWEDecryptOptions","recognizedTokenTypes","RecognizedTokenTypes","skipSubjectCheck","expectedSubject","UserInfoResponse","additionalParameters","refreshToken","TokenEndpointRequestOptions","ref","IDToken","JWKSCacheOptions","ValidateSignatureOptions","ProcessTokenResponseOptions","callbackParameters","redirectUri","nopkce","iss","aud","jti","nbf","exp","iat","cnf","ConfirmationClaims","JWTPayload","nonce","auth_time","azp","locations","actions","datatypes","privileges","identifier","access_token","id_token","refresh_token","authorization_details","AuthorizationDetails","token_type","expectedNonce","expectNoNonce","maxAge","skipAuthTimeCheck","requireIdToken","ProcessAuthorizationCodeResponseOptions","ClientCredentialsGrantRequestOptions","grantType","token","RevocationRequestOptions","requestJwtResponse","IntrospectionRequestOptions","jkt","active","sid","username","IntrospectionResponse","keys","JWK","jwe","expectNoState","skipStateCheck","expectedState","Request","DeviceAuthorizationRequestOptions","device_code","user_code","verification_uri","verification_uri_complete","interval","DeviceAuthorizationResponse","deviceCode","extractable","modulusLength","GenerateKeyPairOptions","requireDPoP","signingAlgorithms","request","expectedAudience","ValidateJWTAccessTokenOptions","JWTAccessTokenClaims","BackchannelAuthenticationRequestOptions","auth_req_id","BackchannelAuthenticationResponse","authReqId","T","K","initialAccessToken","Partial","OmitSymbolProperties","DynamicClientRegistrationRequestOptions","resource","authorization_servers","bearer_methods_supported","resource_signing_alg_values_supported","resource_name","resource_documentation","resource_policy_uri","resource_tos_uri","authorization_details_types_supported","dpop_bound_access_tokens_required","resourceIdentifier","expectedResourceIdentifier","ResourceServer","Extract","Awaited","ReturnType","crypto","subtle","generateKey","type","privateKey","CryptoKey","publicKey","ServerMetadata","as","ClientMetadata","client","URLSearchParams","body","Headers","headers","clientSecret","ClientAuth","oauth","ModifyAssertionOptions","options","PrivateKey","clientPrivateKey","skipStateCheck","skipSubjectCheck","customFetch","modifyAssertion","clockSkew","clockTolerance","ArrayBuffer","ReadableStream","Uint8Array","DPoPHandle","Client","client_secret","use_mtls_endpoint_aliases","AuthorizationServer","codeVerifier","Promise","Error","code","alg","GenerateKeyPairOptions","CryptoKeyPair","CustomFetch","algorithm","execute","Array","Configuration","config","timeout","DiscoveryRequestOptions","DPoPOptions","initialAccessToken","URL","server","Partial","metadata","clientAuthentication","DynamicClientRegistrationRequestOptions","clientId","key","kid","contentEncryptionAlgorithms","keys","DecryptionKey","supportsPKCE","method","serverMetadata","Readonly","ServerMetadataHelpers","clientMetadata","OmitSymbolProperties","FetchBody","Record","redirect","signal","AbortSignal","url","CustomFetchOptions","Response","ConfigurationMethods","ConfigurationProperties","constructor","value","claims","IDToken","expiresIn","keyPair","DeviceAuthorizationResponse","deviceAuthorizationResponse","parameters","DeviceAuthorizationGrantPollOptions","TokenEndpointResponse","TokenEndpointResponseHelpers","BackchannelAuthenticationResponse","backchannelAuthenticationResponse","BackchannelAuthenticationGrantPollOptions","ExportedJWKSCache","jwksCache","Pick","AuthorizationCodeGrantChecks","Request","currentUrl","expectedNonce","ImplicitAuthenticationResponseChecks","checks","expectedState","idTokenExpected","maxAge","pkceCodeVerifier","tokenEndpointParameters","AuthorizationCodeGrantOptions","refreshToken","signingKey","accessToken","expectedSubject","UserInfoResponse","token","IntrospectionResponse","DPoP","grantType"],"sources":["../../../src/server/auth/helpers/appleClientSecret.ts","../../../src/server/auth/helpers/federationAssertion.ts","../../../src/server/auth/constants/routes.ts","../../../src/server/auth/schemas/authenticationProviderSchema.ts","../../../src/server/auth/schemas/tokenResponseSchema.ts","../../../src/server/auth/schemas/tokensSchema.ts","../../../src/server/auth/schemas/userinfoResponseSchema.ts","../../../../../node_modules/oauth4webapi/build/index.d.ts","../../../../../node_modules/openid-client/build/index.d.ts","../../../src/server/auth/providers/ServerAuthProvider.ts","../../../src/server/auth/primitives/$auth.ts","../../../src/server/auth/primitives/$authApple.ts","../../../src/server/auth/primitives/$authCredentials.ts","../../../src/server/auth/primitives/$authFacebook.ts","../../../src/server/auth/primitives/$authFederationBroker.ts","../../../src/server/auth/primitives/$authFederationClient.ts","../../../src/server/auth/primitives/$authFranceConnect.ts","../../../src/server/auth/primitives/$authGithub.ts","../../../src/server/auth/primitives/$authGoogle.ts","../../../src/server/auth/primitives/$authMicrosoft.ts","../../../src/server/auth/index.ts"],"x_google_ignoreList":[7,8],"mappings":";;;;;;;;UAEiB,wBAAA;EACf,aAAA;EACA,MAAA;EACA,SAAA;EACA,KAAA;EACA,UAAA;AAAA;;iBAIoB,qBAAA,CACpB,IAAA,EAAM,wBAAA,GACL,OAAO;;;UCTO,iBAAA;EACf,QAAA;EACA,GAAA;EACA,KAAA;EACA,cAAA;EACA,IAAA;EACA,UAAA;EACA,WAAA;EACA,OAAA;EACA,gBAAA;AAAA;AAAA,UAGe,oBAAA;EACf,aAAA;EACA,MAAA;EACA,QAAA;EACA,UAAA;EACA,GAAA;AAAA;AAAA,UAGe,sBAAA;EACf,YAAA;EACA,MAAA;EACA,QAAA;AAAA;AAAA,UAGe,iBAAA;EACf,OAAA,EAAS,iBAAiB;EAC1B,GAAA;AAAA;AAAA,iBAGoB,uBAAA,CACpB,OAAA,EAAS,iBAAA,EACT,IAAA,EAAM,oBAAA,GACL,OAAA;AAAA,iBAcmB,yBAAA,CACpB,KAAA,UACA,IAAA,EAAM,sBAAA,GACL,OAAA,CAAQ,iBAAA;;;cCvDE,sBAAA;;;;;;;;;;cCEA,4BAAA,oBAA4B,OAAA;;;;KAc7B,sBAAA,GAAyB,MAAM,QAClC,4BAAA;;;cCZI,mBAAA,oBAAmB,OAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAKpB,aAAA,GAAgB,MAAM,QAAQ,mBAAA;;;cCP7B,YAAA,oBAAY,OAAA;;;;;;;;;;;KAiBb,MAAA,GAAS,MAAM,QAAQ,YAAA;;;cChBtB,sBAAA,oBAAsB,OAAA;;;;;;;;;;;;;;;;;;;;;;;;KAKvB,gBAAA,GAAmB,MAAM,QAAQ,sBAAA;;;;;;KCIjC,UAAA,uBACU,SAAS;;;APPnB;KOYA,SAAA,GAAY,SAAS;;;;KAIrB,aAAA;;;;KAIA,SAAA,GAAY,aAAA,GAAgB,UAAA,GAAa,SAAA;;;;;;ANW3C;AAcV;;;;;;;;;;;;;;AAG4B;;;;ACvD5B;;;;cKgHqB,SAAA;;;;;;;;;;;AJ9GrB;;;;;;cI+HqB,cAAA;;;;;AJjHrB;;;;AACqC;;;;ACZrC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAKA;;;;AAA6D;;;;ACP7D;;;;;;;;;;;;;;;;;;;;;;cE+PqB,aAAA;;;;;;;;UA8IJ,mBAAA;EAuCJuC;;;EAAAA,SAnCAR,MAAAA;EAsDAY;;;EAAAA,SAlDAX,sBAAAA;EAsEAe;;;EAAAA,SAlEAd,cAAAA;EAsFAkB;;;EAAAA,SAlFAjB,QAAAA;EAkGAqB;;;EAAAA,SA9FApB,qBAAAA;EA4GAwB;;;EAAAA,SAxGAvB,gBAAAA;EA4HA2B;;;;EAAAA,SAvHA1B,wBAAAA;EA6IA+B;;;;EAAAA,SAxIA9B,wBAAAA;EAgKAmC;;;;EAAAA,SA3JAlC,qBAAAA;EAoLAuC;;;EAAAA,SAhLAtC,qCAAAA;EAkMA0C;;;;EAAAA,SA7LAzC,gDAAAA;EAsNA8C;;;;EAAAA,SAjNA7C,qBAAAA;EAuOAkD;;;;EAAAA,SAlOAjD,oBAAAA;EA0PAsD;;;;;EAAAA,SApPArD,aAAAA;EA6P6B;AAE1C;;;EAF0C,SAxP7BC,UAAAA;EA0PgCwD;;;EAAAA,SAtPhCvD,mBAAAA;EAuPiB;AAO9B;;;EAP8B,SAlPjBC,0CAAAA;EAmWR;;;;EAAA,SA9VQC,qDAAAA;EA+PTwD;;;EAAAA,SA3PSvD,sBAAAA;EAqRT2D;;;;EAAAA,SAhRS1D,6CAAAA;EAsVRkD;;;AAA4B;AAoqDjC;EApqDKA,SAhVQjD,wDAAAA;EAo/DmB;;;EAAA,SAh/DnBC,gCAAAA;EAi/DuC;;;EAAA,SA7+DvCC,eAAAA;EA4+DoBqQ;;;EAAAA,SAx+DpBpQ,6BAAAA;EAy+DmCqQ;;;EAAAA,SAr+DnCpQ,0CAAAA;EAq+D0C;;;;EAAA,SAh+D1CC,qBAAAA,GAAwB,mBAAA;EC1ef;;;EAAA,SD8eTE,iBAAAA;EC9e+D;;;;EAAA,SDmf/DC,oBAAAA;ECnfa6R;;;;EAAAA,SDwfb5R,uBAAAA;ECxfyFiS;;;AAAO;EAAPA,SD6fzFhS,qCAAAA;ECvB6C;;;AAAA;EAAA,SD4B7CC,wCAAAA;EC4DQ;;;;EAAA,SDvDRC,wCAAAA;ECuDmF;;;EAAA,SDnDnFC,qCAAAA;ECmDgC6S;;;EAAAA,SD/ChC5S,wCAAAA;EC+CkG;AAgB/G;;EAhB+G,SD3ClGC,wCAAAA;EC2DuC;;;;EAAA,SDtDvCC,2CAAAA;EC8GgB;AAAA;AAS7B;;EAT6B,SDzGhBC,8CAAAA;ECkH2B6R;AAAyB;AA8QjE;;EA9QwCA,SD7G3B5R,8CAAAA;ECkYT4U;AAA4B;AAKhC;;EALIA,SD7XS3U,wBAAAA;ECsYkB;;;EAAA,SDlYlBC,qBAAAA;ECsYkB;;;;EAAA,SDjYlBC,gBAAAA;EC6XS4U;;;;EAAAA,SDxXT3U,wBAAAA;EC4XkBwR;;;;EAAAA,SDvXlBvR,0BAAAA;ECyXI;;;;EAAA,SDpXJC,2BAAAA;EC0YA;;;;EAAA,SDrYAC,+BAAAA;ECuXTkR;;;;EAAAA,SDlXSjR,gCAAAA;ECgYA+U;;AAAW;AAKxB;EALaA,SD3XA9U,6BAAAA;;;;WAIAC,qCAAAA;ECqY0B;;;EAAA,SDjY1BC,qCAAAA;ECiYbmR;;;;EAAAA,SD5XalR,0CAAAA;ECgYI;;;;EAAA,SD3XJC,6CAAAA;ECkYOyS;;;AAKT;EALSA,SD7XPxS,6CAAAA;EC6aqB;;;;EAAA,SDxarBC,8CAAAA;ECkbiH;;;;EAAA,SD7ajHC,0CAAAA;ECqbkB;;;;EAAA,SDhblBC,6CAAAA;ECgcJ;;;;EAAA,SD3bIC,6CAAAA;ECyZiCyU;;;EAAAA,SDrZjCxU,mCAAAA;EC+ZG8S;;;;EAAAA,SD1ZH7S,+DAAAA;EC0ZiHuQ;;;EAAAA,SDtZjHtQ,0CAAAA;EC0ZkB6P;;;EAAAA,SDtZlB5P,yCAAAA;EC0ZkBsQ;;;;EAAAA,SDrZlBrQ,oBAAAA;EC6ZGuU;;;EAAAA,SDzZHtU,iCAAAA;ECiagB8R;;;AAAW;EAAXA,SD5ZhB7R,oBAAAA;;;AEjpBb;;;WFupBaC,qCAAAA;EEppB6B;;;EAAA,SFwpB7BC,6BAAAA;EEznBc;;;;EAAA,SF8nBdC,oCAAAA;EE5OF;;;EAAA,SFgPEC,4BAAAA;EEvJH;;;EAAA,SF2JGC,mBAAAA;EAAAA,UACCC,QAAAA,WAAmB,SAAS;AAAA;AAAA,UAEzB,mBAAA,SAA4B,IAAI,CAAC,mBAAA;EAAA,UACpCA,QAAAA;AAAAA;;;;;;UAOG,MAAA;EE2FwC;;;EFvFrDG,SAAAA;EEtrBiB;;;;;;EF6rBjBC,4BAAAA;EE1rBiC;;;;;;EFisBjCC,iCAAAA;EEnqB6B;;;;EFwqB7BC,iBAAAA;;;;;;;EAOAC,4BAAAA;;;;;;;EAOAC,iCAAAA;;;;EAIAC,eAAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyDAC,yBAAAA;;;;GAIC,SAAA;;;;GAIA,cAAA;EAAA,CACAV,QAAAA,WAAmB,SAAA;AAAA;;;;KAoqDZ,oBAAA,oBACI,CAAA,IAAK,CAAA,0BAA2B,CAAA,GAAI,CAAA,CAAE,CAAA;;;;;;;;;APh+E1C;AAIZ;;;;;;;;AAEU;;KQgBE,UAAA,IAAcoP,EAAAA,EAAI,cAAA,EAAgBE,MAAAA,EAAQ,cAAA,EAAgBE,IAAAA,EAAM,eAAA,EAAiBE,OAAAA,EAAS,OAAA;;ADfvE;AAK/B;;;;AAAiC;AAIjC;;;;AAAyB;AAIzB;;;;;;;;;;;;AAA8D;AAqF9D;;;;AAA6C;AAiB7C;;;;AAAkD;AAiIlD;;;;AAA+C;AA8I/C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6T0C;AAE1C;;;;;;;;AAC8B;AAO9B;;;;;;;;;;;;;;;;;;;;;AA2GiC;AAoqDjC;;;;;;;;;;;;;;;;;;cCn+DqB,WAAA,SAAoB,aAAiB;AAAA,KAwF9C,SAAA,GAAY,WAAA,UAAqB,cAAA,YAA0B,UAAA,eAAyB,eAAA;;;;;;AA2YxE;AAKxB;UAhYiB,cAAA,SAAuB,MAAY;;;;EAIhDmB,aAAAA;EAqYmC;;;;;;;;AAAS;AAIhD;;;;;;;;AAYW;AA2CX;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA5YIC,yBAAAA;AAAAA;;;;;;;;UASa,cAAA,SAAuB,mBAAyB;AAAA,UA8QhD,qBAAA;;;;;;;EAOb+B,YAAAA,CAAaC,MAAe;AAAA;;;;UAKf,oBAAA;;;;EAIbC,cAAAA,IAAkB,QAAA,CAAS,cAAA,IAAkB,qBAAA;;;;EAI7CG,cAAAA,IAAkB,QAAA,CAAS,oBAAA,CAA2B,cAAA;AAAA;AAAA,UAEzC,kBAAA;;;;EAIb1D,IAAAA,EAAM,SAAA;;;;EAINE,OAAAA,EAAS,MAAA;;;;;EAKToD,MAAAA;;;;EAIAQ,QAAAA;;;;;EAKAC,MAAAA,GAAS,WAAA;AAAA;;;;KAKD,WAAA;;;;;AAKZE,GAAAA;;;;AAIA1D,OAAAA,EAAS,kBAAA,KAAuB,OAAA,CAAQ,QAAA;;;;UAIvB,uBAAA;EChiBb;;;;;;EAAA,CDuiBC,WAAW,IAAI,WAAA;EC9cV;;;;EDmdN8B,OAAAA;AAAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cA2CiB,aAAA,YAAyB,oBAAA,EAAsB,uBAAA;EC7P5B;;;;;AAAuB;AAqD/D;;;EDkNIiC,WAAAA,CAAY5B,MAAAA,EAAQ,cAAA,EAAgBK,QAAAA,UAAkBH,QAAAA,GAAW,OAAA,CAAQ,cAAA,YAA0BC,oBAAAA,GAAuB,UAAA;ECjN5H;;;EDqNEU,cAAAA,IAAkB,QAAA,CAAS,cAAA,IAAkB,qBAAA;ECjN/C;;;EDqNEG,cAAAA,IAAkB,QAAA,CAAS,oBAAA,CAA2B,cAAA;ECjNxD;;;EAAA,IDqNMrB,OAAAA;ECjNN;;;EAAA,IDqNMA,OAAAA,CAAQkC,KAAAA;ECjNd;;;EAAA,KDqNO,WAAA,KAAgB,WAAA;ECjNrB;;;EAAA,KDqNK,WAAA,EAAaA,KAAAA,EAAO,WAAA;AAAA;;;cC7iChB,kBAAA;EAAA,mBACQ,GAAA,0BAAG,MAAA;EAAA,mBACH,MAAA,EAAM,MAAA;EAAA,mBACN,qBAAA,EAAqB,qBAAA;EAAA,mBACrB,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,mBAAA,EAAmB,mBAAA;ETnCtC;;;AACU;AAIZ;;;;EALE,US6CU,mBAAA,CAAoB,GAAA;EAAA,IAmBnB,UAAA,IAAc,KAAA,CAAM,aAAA;EAAA,mBAMZ,iBAAA,kCAAiB,uBAAA,mBAAA,OAAA;;;;;;;;;WAgBpB,MAAA,kCAAM,uBAAA,mBAAA,OAAA;;;;;;;;;;;qBASH,SAAA,mBAAS,aAAA;ERrFb;;;EAAA,mBQiGI,SAAA,mBAAS,aAAA;ERhG5B;;;EAAA,SQqIgB,QAAA,0BAAQ,cAAA;;;;;;;;;;;;;;;;;;;;;;;;;;ERjHlB;;;EAAA,SQuJU,OAAA,0BAAO,cAAA;;;;;;;;;;;;;;;;;;;;ERrId;;AAAiB;EAAjB,SQ4KO,KAAA,0BAAK,cAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WA6EL,KAAA,0BAAK,cAAA;;;;;;;;;;;;;YA8HL,sBAAA,CACd,GAAA,EAAK,OAAA,GACJ,OAAA,CAAQ,MAAA;;;;;;YAsCK,cAAA,CACd,GAAA,EAAK,GAAA,EACL,KAAA,EAAO,WAAA,EACP,OAAA,EAAS,OAAA,EACT,GAAA,GAAM,gBAAA,GAAgB,OAAA;;;;;;EAsFX,gBAAA,CACX,IAAA,EAAM,WAAA,EACN,MAAA,EAAQ,eAAA,EACR,YAAA,UACA,OAAA,EAAS,OAAA,GACR,OAAA;;;;;WAgBa,QAAA,0BAAQ,cAAA,yBAAA,mBAAA;;;;;WAWR,YAAA,0BAAY,cAAA,yBAAA,mBAAA;;;;WAWZ,MAAA,0BAAM,cAAA;;;;;EA0Ef,0BAAA,CACL,OAAA;IAAW,SAAA;EAAA,IACV,sBAAA;;;;;;YAwCO,QAAA,CACR,IAAA;IAAiB,QAAA;IAAkB,KAAA;EAAA,IAClC,aAAA;;;;;YA6Ba,eAAA,CACd,OAAA,EAAS,OAAA,GACR,OAAA,CAAQ,MAAA;EAAA,UAgCD,SAAA,CAAU,OAAA,GAAU,OAAA,GAAU,MAAA;EAAA,UAI9B,SAAA,CAAU,MAAA,EAAQ,MAAA,EAAQ,OAAA,GAAU,OAAA;EAAA,UAgBpC,kBAAA,CAAmB,MAAA,EAAQ,MAAA;EAAA,UAcrB,aAAA,CAAc,MAAA,EAAQ,MAAA,GAAS,OAAA,CAAQ,MAAA;AAAA;AAAA,UAqDxC,aAAA;EACf,GAAA;EACA,KAAA;EACA,IAAA;EACA,UAAA;EACA,WAAA;EACA,WAAA;EACA,QAAA;EACA,kBAAA;EACA,OAAA;EACA,OAAA;EACA,OAAA;EACA,cAAA;EACA,MAAA;EACA,SAAA;EACA,QAAA;EACA,MAAA;EACA,YAAA;EACA,qBAAA;EACA,OAAA;IACE,SAAA;IACA,cAAA;IACA,QAAA;IACA,MAAA;IACA,WAAA;IACA,OAAA;EAAA;EAEF,UAAA;EAAA,CAEC,GAAA;AAAA;;;;;ATl4BH;;;;;;;;;;AAKY;AAIZ;;;;;;;;AAEU;;;;ACTV;;;;;;;;;cSuDa,KAAA;EAAA,UAAkB,oBAAA,GAAuB,aAAA;EAAA;;KAM1C,oBAAA;ETpDM;AAGlB;;;ESsDE,IAAA;ETrDA;;;ES0DA,QAAA;AAAA,KACG,YAAA,GAAe,YAAY;;ATvD3B;AAGL;KSyDY,YAAA;;;;EAIV,IAAA,EAAM,WAAA;ET1DN;;AAAQ;AAGV;;;;;;;;AAEK;AAGL;ESiEE,QAAA,SAAiB,KAAA,CAAM,WAAA;AAAA;;;;;;;KASb,YAAA;EACV,MAAA,EAAQ,eAAA;AAAA;ETxEP;;AAAO;AAcV;;;;ESoEM,WAAA,EAAa,kBAAA;AAAA;ETjET;;;;;;;ES2EJ,KAAA,EAAO,aAAA;AAAA;;;;ARlIb;;;;;;EQ8IM,IAAA,EAAM,WAAA;AAAA;AAAA,KAIA,kBAAA;EACV,OAAA,EAAS,aAAa;AAAA;AAAA,KAGZ,aAAA,IACV,WAAA,EAAa,WAAA,KACV,KAAA,CAAM,WAAA;AAAA,UAEM,WAAA;EACf,QAAA;EACA,QAAQ;AAAA;AAAA,UAGO,WAAA;;;;EAIf,MAAA;;;;EAKA,QAAA;;APxJF;;;EO8JE,YAAA;EP7JmC;;;;EOmKnC,WAAA;EN5KA;;;;EMkLA,UAAA;;;;EAKA,SAAA;;;;;EAMA,KAAA;EAEA,OAAA,GAAU,aAAA;;;;;;EAOV,YAAA;;;;;EAMA,uBAAA,GAA0B,MAAM;AAAA;AAAA,UAGjB,kBAAA;EACf,YAAA;EACA,IAAA,EAAM,aAAa;EACnB,QAAA;EACA,UAAA;EACA,KAAA;AAAA;AAAA,KAGU,aAAA,IAAiB,MAAA,EAAQ,kBAAA,KAAuB,KAAA,CAAM,WAAA;AAAA,UAEjD,aAAA;;;;EAIf,QAAA;;;;EAKA,YAAA;;;;EAKA,aAAA;;;;EAKA,KAAA;;;;EAKA,QAAA,GAAW,MAAA,EAAQ,MAAA,KAAW,KAAA,CAAM,aAAA;EAEpC,OAAA,GAAU,aAAA;;;;EAKV,WAAA;;;;EAKA,KAAA;AAAA;AAAA,cAKW,aAAA,SAAsB,SAAA,CAAU,oBAAA;EAAA,mBACxB,gBAAA,EAAgB,gBAAA;EAAA,mBAChB,gBAAA,EAAgB,gBAAA;EAAA,UAEzB,WAAA,GAAc,aAAA;EAAA,UACd,gBAAA,SAAyB,OAAA,CAAQ,aAAA;EAAA,IAEhC,KAAA,IAAS,aAAA;;;;EAOP,QAAA,IAAY,OAAA,CAAQ,aAAA;EAAA,IActB,IAAA;EAAA,IAIA,MAAA,IAAU,eAAA;EAAA,IAOV,QAAA;EAAA,IAQA,KAAA;EAAA,IAYA,YAAA;;;;;EAgBE,OAAA,CACX,YAAA,UACA,WAAA,YACC,OAAA,CAAQ,mBAAA;EN9UY;;;AAAoC;;;;ACP7D;;EKmYe,IAAA,CACX,MAAA,EAAQ,MAAA,EACR,eAAA,GAAkB,MAAA,oBACjB,OAAA,CAAQ,WAAA;EAAA,UAsDD,kBAAA,CAAmB,OAAA,WAAkB,aAAA;EAYlC,OAAA,IAAO,OAAA;AAAA;AAAA,KAsDV,WAAA;EAAyB,KAAA,QAAa,KAAK;AAAA;AAAA,UAEtC,UAAA;EACf,IAAA,IAAQ,IAAA,cAAkB,IAAA,EAAM,kBAAA,KAAuB,KAAA,CAAM,WAAA;AAAA;AAAA,UAG9C,WAAA;EACf,KAAA,IACE,QAAA,cACI,KAAA,EAAO,WAAA,KAAgB,KAAA,CAAM,WAAA;AAAA;;;;;;;;;AVxgBrC;;;;;;;;;;AAKY;AAIZ;;;;;;;;AAEU;;;;cW2BG,UAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;;;;;;cC5BL,gBAAA,GACX,KAAA,EAAO,eAAA,GAAkB,WAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,kBAAA,MAAD,aAAA;;;;;;;;;AZdlB;;;;cakBa,aAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;UCFD,yBAAA;EACf,MAAA;IAAW,QAAA;IAAkB,YAAA;EAAA;EAC7B,KAAA;IACE,SAAA;IACA,MAAA;IACA,KAAA;IACA,aAAA;EAAA;AAAA;AAAA,UAIa,uBAAA;Ed1Bf;Ec4BA,MAAA;Ed1BA;Ec4BA,aAAA;EACA,SAAA,EAAW,yBAAA;Ed5BD;Ec8BV,aAAA,GAAgB,MAAA,aAAmB,OAAO;EAC1C,mBAAA;AAAA;AAAA,cAQW,qBAAA,GAAyB,OAAA,EAAS,uBAAuB;;;;;;;;;;;;;iBClChD,kBAAA,CACpB,KAAA,UACA,IAAA,EAAM,sBAAA,GACL,OAAA;EAAU,QAAA;EAAkB,GAAA;EAAa,IAAA,EAAM,kBAAA;AAAA;AAAA,UAoBjC,uBAAA;EACf,KAAA,EAAO,eAAA,GAAkB,UAAU;EACnC,SAAA;EACA,YAAA;EACA,UAAA;AAAA;AAAA,cAGW,qBAAA,GAAyB,OAAA,EAAS,uBAAuB;;;;;;;;;;;;;;;;AfxCtE;;;;;;;;;;AAKY;AAIZ;;;;;;;;AAEU;;cgBuBG,kBAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;;;;;;;AhBpClB;;;;ciBkBa,WAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;;;;;;;AjBpBlB;;;;ckBiBa,WAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;;;;;;;AlBnBlB;;;;;;;;;;AAKY;AAIZ;;;;;cmBoBa,cAAA,GACX,KAAA,EAAO,eAAA,GAAkB,UAAA,EACzB,OAAA,GAAS,OAAA,CAAQ,WAAA,MAAD,aAAA;;;;;;;AnB1BN;AAIZ;;;;;;;;AAEU;;;;coB4BG,gBAAA,mBAAgB,OAAA,kBAAA,MAAA"}