couchloop-eq-mcp 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +358 -0
- package/assets/logo/README.md +12 -0
- package/assets/logo/couchloop_EQ-IconLogo.png +0 -0
- package/dist/auth/middleware.d.ts +8 -0
- package/dist/auth/middleware.d.ts.map +1 -0
- package/dist/auth/middleware.js +59 -0
- package/dist/auth/middleware.js.map +1 -0
- package/dist/clients/shrinkChatClient.d.ts +195 -0
- package/dist/clients/shrinkChatClient.d.ts.map +1 -0
- package/dist/clients/shrinkChatClient.js +349 -0
- package/dist/clients/shrinkChatClient.js.map +1 -0
- package/dist/db/client.d.ts +23 -0
- package/dist/db/client.d.ts.map +1 -0
- package/dist/db/client.js +78 -0
- package/dist/db/client.js.map +1 -0
- package/dist/db/migrate.d.ts +4 -0
- package/dist/db/migrate.d.ts.map +1 -0
- package/dist/db/migrate.js +34 -0
- package/dist/db/migrate.js.map +1 -0
- package/dist/db/migrations/schema.d.ts +1074 -0
- package/dist/db/migrations/schema.d.ts.map +1 -0
- package/dist/db/migrations/schema.js +160 -0
- package/dist/db/migrations/schema.js.map +1 -0
- package/dist/db/schema.d.ts +1213 -0
- package/dist/db/schema.d.ts.map +1 -0
- package/dist/db/schema.js +157 -0
- package/dist/db/schema.js.map +1 -0
- package/dist/db/seed.d.ts +4 -0
- package/dist/db/seed.d.ts.map +1 -0
- package/dist/db/seed.js +57 -0
- package/dist/db/seed.js.map +1 -0
- package/dist/db/seedOAuth.d.ts +4 -0
- package/dist/db/seedOAuth.d.ts.map +1 -0
- package/dist/db/seedOAuth.js +76 -0
- package/dist/db/seedOAuth.js.map +1 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +93 -0
- package/dist/index.js.map +1 -0
- package/dist/resources/index.d.ts +11 -0
- package/dist/resources/index.d.ts.map +1 -0
- package/dist/resources/index.js +56 -0
- package/dist/resources/index.js.map +1 -0
- package/dist/resources/journey-status.d.ts +2 -0
- package/dist/resources/journey-status.d.ts.map +1 -0
- package/dist/resources/journey-status.js +42 -0
- package/dist/resources/journey-status.js.map +1 -0
- package/dist/resources/session-summary.d.ts +2 -0
- package/dist/resources/session-summary.d.ts.map +1 -0
- package/dist/resources/session-summary.js +85 -0
- package/dist/resources/session-summary.js.map +1 -0
- package/dist/resources/user-context.d.ts +2 -0
- package/dist/resources/user-context.d.ts.map +1 -0
- package/dist/resources/user-context.js +79 -0
- package/dist/resources/user-context.js.map +1 -0
- package/dist/server/index.d.ts +3 -0
- package/dist/server/index.d.ts.map +1 -0
- package/dist/server/index.js +385 -0
- package/dist/server/index.js.map +1 -0
- package/dist/server/middleware/auth.d.ts +30 -0
- package/dist/server/middleware/auth.d.ts.map +1 -0
- package/dist/server/middleware/auth.js +157 -0
- package/dist/server/middleware/auth.js.map +1 -0
- package/dist/server/oauth/anomalyDetection.d.ts +146 -0
- package/dist/server/oauth/anomalyDetection.d.ts.map +1 -0
- package/dist/server/oauth/anomalyDetection.js +405 -0
- package/dist/server/oauth/anomalyDetection.js.map +1 -0
- package/dist/server/oauth/authServer.d.ts +61 -0
- package/dist/server/oauth/authServer.d.ts.map +1 -0
- package/dist/server/oauth/authServer.js +283 -0
- package/dist/server/oauth/authServer.js.map +1 -0
- package/dist/server/oauth/dpop.d.ts +135 -0
- package/dist/server/oauth/dpop.d.ts.map +1 -0
- package/dist/server/oauth/dpop.js +338 -0
- package/dist/server/oauth/dpop.js.map +1 -0
- package/dist/server/oauth/gdpr/consent.d.ts +173 -0
- package/dist/server/oauth/gdpr/consent.d.ts.map +1 -0
- package/dist/server/oauth/gdpr/consent.js +388 -0
- package/dist/server/oauth/gdpr/consent.js.map +1 -0
- package/dist/server/oauth/gdpr/dataPortability.d.ts +214 -0
- package/dist/server/oauth/gdpr/dataPortability.d.ts.map +1 -0
- package/dist/server/oauth/gdpr/dataPortability.js +486 -0
- package/dist/server/oauth/gdpr/dataPortability.js.map +1 -0
- package/dist/server/oauth/gdpr/index.d.ts +103 -0
- package/dist/server/oauth/gdpr/index.d.ts.map +1 -0
- package/dist/server/oauth/gdpr/index.js +273 -0
- package/dist/server/oauth/gdpr/index.js.map +1 -0
- package/dist/server/oauth/gdpr/rightToErasure.d.ts +184 -0
- package/dist/server/oauth/gdpr/rightToErasure.d.ts.map +1 -0
- package/dist/server/oauth/gdpr/rightToErasure.js +527 -0
- package/dist/server/oauth/gdpr/rightToErasure.js.map +1 -0
- package/dist/server/oauth/monitoring/securityMonitor.d.ts +218 -0
- package/dist/server/oauth/monitoring/securityMonitor.d.ts.map +1 -0
- package/dist/server/oauth/monitoring/securityMonitor.js +615 -0
- package/dist/server/oauth/monitoring/securityMonitor.js.map +1 -0
- package/dist/server/oauth/pkce.d.ts +61 -0
- package/dist/server/oauth/pkce.d.ts.map +1 -0
- package/dist/server/oauth/pkce.js +157 -0
- package/dist/server/oauth/pkce.js.map +1 -0
- package/dist/server/oauth/providers/base.d.ts +147 -0
- package/dist/server/oauth/providers/base.d.ts.map +1 -0
- package/dist/server/oauth/providers/base.js +312 -0
- package/dist/server/oauth/providers/base.js.map +1 -0
- package/dist/server/oauth/providers/github.d.ts +55 -0
- package/dist/server/oauth/providers/github.d.ts.map +1 -0
- package/dist/server/oauth/providers/github.js +225 -0
- package/dist/server/oauth/providers/github.js.map +1 -0
- package/dist/server/oauth/providers/google.d.ts +49 -0
- package/dist/server/oauth/providers/google.d.ts.map +1 -0
- package/dist/server/oauth/providers/google.js +153 -0
- package/dist/server/oauth/providers/google.js.map +1 -0
- package/dist/server/oauth/providers/index.d.ts +9 -0
- package/dist/server/oauth/providers/index.d.ts.map +1 -0
- package/dist/server/oauth/providers/index.js +24 -0
- package/dist/server/oauth/providers/index.js.map +1 -0
- package/dist/server/oauth/refreshTokenRotation.d.ts +114 -0
- package/dist/server/oauth/refreshTokenRotation.d.ts.map +1 -0
- package/dist/server/oauth/refreshTokenRotation.js +344 -0
- package/dist/server/oauth/refreshTokenRotation.js.map +1 -0
- package/dist/server/oauth/security.d.ts +101 -0
- package/dist/server/oauth/security.d.ts.map +1 -0
- package/dist/server/oauth/security.js +268 -0
- package/dist/server/oauth/security.js.map +1 -0
- package/dist/server/oauth/tokenEncryption.d.ts +80 -0
- package/dist/server/oauth/tokenEncryption.d.ts.map +1 -0
- package/dist/server/oauth/tokenEncryption.js +218 -0
- package/dist/server/oauth/tokenEncryption.js.map +1 -0
- package/dist/tools/checkpoint.d.ts +35 -0
- package/dist/tools/checkpoint.d.ts.map +1 -0
- package/dist/tools/checkpoint.js +125 -0
- package/dist/tools/checkpoint.js.map +1 -0
- package/dist/tools/index.d.ts +412 -0
- package/dist/tools/index.d.ts.map +1 -0
- package/dist/tools/index.js +262 -0
- package/dist/tools/index.js.map +1 -0
- package/dist/tools/insight.d.ts +65 -0
- package/dist/tools/insight.d.ts.map +1 -0
- package/dist/tools/insight.js +190 -0
- package/dist/tools/insight.js.map +1 -0
- package/dist/tools/journey.d.ts +45 -0
- package/dist/tools/journey.d.ts.map +1 -0
- package/dist/tools/journey.js +115 -0
- package/dist/tools/journey.js.map +1 -0
- package/dist/tools/sendMessage.d.ts +6 -0
- package/dist/tools/sendMessage.d.ts.map +1 -0
- package/dist/tools/sendMessage.js +278 -0
- package/dist/tools/sendMessage.js.map +1 -0
- package/dist/tools/session.d.ts +106 -0
- package/dist/tools/session.d.ts.map +1 -0
- package/dist/tools/session.js +161 -0
- package/dist/tools/session.js.map +1 -0
- package/dist/types/auth.d.ts +37 -0
- package/dist/types/auth.d.ts.map +1 -0
- package/dist/types/auth.js +44 -0
- package/dist/types/auth.js.map +1 -0
- package/dist/types/checkpoint.d.ts +25 -0
- package/dist/types/checkpoint.d.ts.map +1 -0
- package/dist/types/checkpoint.js +8 -0
- package/dist/types/checkpoint.js.map +1 -0
- package/dist/types/insight.d.ts +83 -0
- package/dist/types/insight.d.ts.map +1 -0
- package/dist/types/insight.js +14 -0
- package/dist/types/insight.js.map +1 -0
- package/dist/types/journey.d.ts +155 -0
- package/dist/types/journey.d.ts.map +1 -0
- package/dist/types/journey.js +29 -0
- package/dist/types/journey.js.map +1 -0
- package/dist/types/session.d.ts +82 -0
- package/dist/types/session.d.ts.map +1 -0
- package/dist/types/session.js +13 -0
- package/dist/types/session.js.map +1 -0
- package/dist/utils/circuitBreaker.d.ts +86 -0
- package/dist/utils/circuitBreaker.d.ts.map +1 -0
- package/dist/utils/circuitBreaker.js +234 -0
- package/dist/utils/circuitBreaker.js.map +1 -0
- package/dist/utils/errorHandler.d.ts +101 -0
- package/dist/utils/errorHandler.d.ts.map +1 -0
- package/dist/utils/errorHandler.js +348 -0
- package/dist/utils/errorHandler.js.map +1 -0
- package/dist/utils/errors.d.ts +36 -0
- package/dist/utils/errors.d.ts.map +1 -0
- package/dist/utils/errors.js +77 -0
- package/dist/utils/errors.js.map +1 -0
- package/dist/utils/logger.d.ts +13 -0
- package/dist/utils/logger.d.ts.map +1 -0
- package/dist/utils/logger.js +49 -0
- package/dist/utils/logger.js.map +1 -0
- package/dist/utils/performanceMonitor.d.ts +106 -0
- package/dist/utils/performanceMonitor.d.ts.map +1 -0
- package/dist/utils/performanceMonitor.js +312 -0
- package/dist/utils/performanceMonitor.js.map +1 -0
- package/dist/utils/responseCache.d.ts +88 -0
- package/dist/utils/responseCache.d.ts.map +1 -0
- package/dist/utils/responseCache.js +245 -0
- package/dist/utils/responseCache.js.map +1 -0
- package/dist/utils/retryStrategy.d.ts +49 -0
- package/dist/utils/retryStrategy.d.ts.map +1 -0
- package/dist/utils/retryStrategy.js +167 -0
- package/dist/utils/retryStrategy.js.map +1 -0
- package/dist/workflows/definitions/daily-reflection.d.ts +3 -0
- package/dist/workflows/definitions/daily-reflection.d.ts.map +1 -0
- package/dist/workflows/definitions/daily-reflection.js +52 -0
- package/dist/workflows/definitions/daily-reflection.js.map +1 -0
- package/dist/workflows/definitions/gratitude-practice.d.ts +3 -0
- package/dist/workflows/definitions/gratitude-practice.d.ts.map +1 -0
- package/dist/workflows/definitions/gratitude-practice.js +52 -0
- package/dist/workflows/definitions/gratitude-practice.js.map +1 -0
- package/dist/workflows/definitions/weekly-review.d.ts +3 -0
- package/dist/workflows/definitions/weekly-review.d.ts.map +1 -0
- package/dist/workflows/definitions/weekly-review.js +74 -0
- package/dist/workflows/definitions/weekly-review.js.map +1 -0
- package/dist/workflows/engine.d.ts +21 -0
- package/dist/workflows/engine.d.ts.map +1 -0
- package/dist/workflows/engine.js +149 -0
- package/dist/workflows/engine.js.map +1 -0
- package/dist/workflows/index.d.ts +26 -0
- package/dist/workflows/index.d.ts.map +1 -0
- package/dist/workflows/index.js +14 -0
- package/dist/workflows/index.js.map +1 -0
- package/package.json +98 -0
- package/run-mcp-server.sh +16 -0
|
@@ -0,0 +1,615 @@
|
|
|
1
|
+
import { EventEmitter } from 'events';
|
|
2
|
+
import { logger } from '../../../utils/logger.js';
|
|
3
|
+
import { anomalyDetector } from '../anomalyDetection.js';
|
|
4
|
+
import { createHash } from 'crypto';
|
|
5
|
+
/**
|
|
6
|
+
* Security event types
|
|
7
|
+
*/
|
|
8
|
+
export var SecurityEventType;
|
|
9
|
+
(function (SecurityEventType) {
|
|
10
|
+
// Authentication events
|
|
11
|
+
SecurityEventType["LOGIN_SUCCESS"] = "login_success";
|
|
12
|
+
SecurityEventType["LOGIN_FAILURE"] = "login_failure";
|
|
13
|
+
SecurityEventType["LOGOUT"] = "logout";
|
|
14
|
+
SecurityEventType["SESSION_CREATED"] = "session_created";
|
|
15
|
+
SecurityEventType["SESSION_EXPIRED"] = "session_expired";
|
|
16
|
+
// Token events
|
|
17
|
+
SecurityEventType["TOKEN_ISSUED"] = "token_issued";
|
|
18
|
+
SecurityEventType["TOKEN_REFRESHED"] = "token_refreshed";
|
|
19
|
+
SecurityEventType["TOKEN_REVOKED"] = "token_revoked";
|
|
20
|
+
SecurityEventType["TOKEN_REUSE_DETECTED"] = "token_reuse_detected";
|
|
21
|
+
SecurityEventType["TOKEN_THEFT_SUSPECTED"] = "token_theft_suspected";
|
|
22
|
+
// Security violations
|
|
23
|
+
SecurityEventType["CSRF_ATTACK"] = "csrf_attack";
|
|
24
|
+
SecurityEventType["XSS_ATTEMPT"] = "xss_attempt";
|
|
25
|
+
SecurityEventType["SQL_INJECTION_ATTEMPT"] = "sql_injection_attempt";
|
|
26
|
+
SecurityEventType["PATH_TRAVERSAL_ATTEMPT"] = "path_traversal_attempt";
|
|
27
|
+
SecurityEventType["BRUTE_FORCE_DETECTED"] = "brute_force_detected";
|
|
28
|
+
SecurityEventType["RATE_LIMIT_EXCEEDED"] = "rate_limit_exceeded";
|
|
29
|
+
// Anomalies
|
|
30
|
+
SecurityEventType["ANOMALY_DETECTED"] = "anomaly_detected";
|
|
31
|
+
SecurityEventType["IMPOSSIBLE_TRAVEL"] = "impossible_travel";
|
|
32
|
+
SecurityEventType["SUSPICIOUS_ACTIVITY"] = "suspicious_activity";
|
|
33
|
+
SecurityEventType["NEW_DEVICE"] = "new_device";
|
|
34
|
+
SecurityEventType["UNUSUAL_LOCATION"] = "unusual_location";
|
|
35
|
+
// GDPR events
|
|
36
|
+
SecurityEventType["DATA_EXPORT_REQUESTED"] = "data_export_requested";
|
|
37
|
+
SecurityEventType["DATA_DELETION_REQUESTED"] = "data_deletion_requested";
|
|
38
|
+
SecurityEventType["CONSENT_CHANGED"] = "consent_changed";
|
|
39
|
+
SecurityEventType["DATA_BREACH"] = "data_breach";
|
|
40
|
+
// System events
|
|
41
|
+
SecurityEventType["SERVICE_STARTED"] = "service_started";
|
|
42
|
+
SecurityEventType["SERVICE_STOPPED"] = "service_stopped";
|
|
43
|
+
SecurityEventType["CONFIG_CHANGED"] = "config_changed";
|
|
44
|
+
SecurityEventType["CERTIFICATE_EXPIRY"] = "certificate_expiry";
|
|
45
|
+
SecurityEventType["WEBHOOK_FAILURE"] = "webhook_failure";
|
|
46
|
+
})(SecurityEventType || (SecurityEventType = {}));
|
|
47
|
+
/**
|
|
48
|
+
* Security event severity levels
|
|
49
|
+
*/
|
|
50
|
+
export var SecuritySeverity;
|
|
51
|
+
(function (SecuritySeverity) {
|
|
52
|
+
SecuritySeverity["INFO"] = "info";
|
|
53
|
+
SecuritySeverity["LOW"] = "low";
|
|
54
|
+
SecuritySeverity["MEDIUM"] = "medium";
|
|
55
|
+
SecuritySeverity["HIGH"] = "high";
|
|
56
|
+
SecuritySeverity["CRITICAL"] = "critical";
|
|
57
|
+
})(SecuritySeverity || (SecuritySeverity = {}));
|
|
58
|
+
/**
|
|
59
|
+
* Alert channels
|
|
60
|
+
*/
|
|
61
|
+
export var AlertChannel;
|
|
62
|
+
(function (AlertChannel) {
|
|
63
|
+
AlertChannel["EMAIL"] = "email";
|
|
64
|
+
AlertChannel["SLACK"] = "slack";
|
|
65
|
+
AlertChannel["WEBHOOK"] = "webhook";
|
|
66
|
+
AlertChannel["SMS"] = "sms";
|
|
67
|
+
AlertChannel["PAGERDUTY"] = "pagerduty";
|
|
68
|
+
AlertChannel["LOG"] = "log";
|
|
69
|
+
})(AlertChannel || (AlertChannel = {}));
|
|
70
|
+
/**
|
|
71
|
+
* Security Monitoring System
|
|
72
|
+
* Real-time monitoring, alerting, and incident response
|
|
73
|
+
*/
|
|
74
|
+
export class SecurityMonitor extends EventEmitter {
|
|
75
|
+
events = [];
|
|
76
|
+
metrics;
|
|
77
|
+
alertConfigs = [];
|
|
78
|
+
alertCooldowns = new Map();
|
|
79
|
+
correlations = new Map();
|
|
80
|
+
MAX_EVENTS = 10000;
|
|
81
|
+
CORRELATION_WINDOW = 300000; // 5 minutes
|
|
82
|
+
constructor() {
|
|
83
|
+
super();
|
|
84
|
+
this.metrics = this.initializeMetrics();
|
|
85
|
+
this.setupDefaultAlerts();
|
|
86
|
+
this.startMetricsAggregation();
|
|
87
|
+
}
|
|
88
|
+
/**
|
|
89
|
+
* Log a security event
|
|
90
|
+
*/
|
|
91
|
+
async logEvent(event) {
|
|
92
|
+
const fullEvent = {
|
|
93
|
+
...event,
|
|
94
|
+
id: this.generateEventId(),
|
|
95
|
+
timestamp: new Date(),
|
|
96
|
+
};
|
|
97
|
+
// Store event
|
|
98
|
+
this.events.push(fullEvent);
|
|
99
|
+
if (this.events.length > this.MAX_EVENTS) {
|
|
100
|
+
this.events.shift(); // Remove oldest
|
|
101
|
+
}
|
|
102
|
+
// Update metrics
|
|
103
|
+
this.updateMetrics(fullEvent);
|
|
104
|
+
// Check for correlations
|
|
105
|
+
await this.correlateEvent(fullEvent);
|
|
106
|
+
// Check anomalies
|
|
107
|
+
if (event.userId) {
|
|
108
|
+
const anomalyScore = await this.checkEventAnomaly(fullEvent);
|
|
109
|
+
if (anomalyScore > 0.5) {
|
|
110
|
+
fullEvent.riskScore = anomalyScore;
|
|
111
|
+
await this.handleAnomaly(fullEvent, anomalyScore);
|
|
112
|
+
}
|
|
113
|
+
}
|
|
114
|
+
// Process alerts
|
|
115
|
+
await this.processAlerts(fullEvent);
|
|
116
|
+
// Emit event
|
|
117
|
+
this.emit('security-event', fullEvent);
|
|
118
|
+
// Log to persistent storage
|
|
119
|
+
await this.persistEvent(fullEvent);
|
|
120
|
+
// Log based on severity
|
|
121
|
+
switch (fullEvent.severity) {
|
|
122
|
+
case SecuritySeverity.CRITICAL:
|
|
123
|
+
logger.error(`CRITICAL: ${fullEvent.type}`, fullEvent);
|
|
124
|
+
break;
|
|
125
|
+
case SecuritySeverity.HIGH:
|
|
126
|
+
logger.error(`HIGH: ${fullEvent.type}`, fullEvent);
|
|
127
|
+
break;
|
|
128
|
+
case SecuritySeverity.MEDIUM:
|
|
129
|
+
logger.warn(`MEDIUM: ${fullEvent.type}`, fullEvent);
|
|
130
|
+
break;
|
|
131
|
+
default:
|
|
132
|
+
logger.info(`${fullEvent.severity.toUpperCase()}: ${fullEvent.type}`, {
|
|
133
|
+
userId: fullEvent.userId,
|
|
134
|
+
result: fullEvent.result,
|
|
135
|
+
});
|
|
136
|
+
}
|
|
137
|
+
}
|
|
138
|
+
/**
|
|
139
|
+
* Configure alert
|
|
140
|
+
*/
|
|
141
|
+
configureAlert(config) {
|
|
142
|
+
// Remove existing config for same type
|
|
143
|
+
this.alertConfigs = this.alertConfigs.filter(c => c.type !== config.type);
|
|
144
|
+
this.alertConfigs.push(config);
|
|
145
|
+
logger.info(`Alert configured for ${config.type} at ${config.severity} level`);
|
|
146
|
+
}
|
|
147
|
+
/**
|
|
148
|
+
* Get security metrics
|
|
149
|
+
*/
|
|
150
|
+
getMetrics(timeRange) {
|
|
151
|
+
if (!timeRange) {
|
|
152
|
+
return this.metrics;
|
|
153
|
+
}
|
|
154
|
+
// Filter events by time range
|
|
155
|
+
const filteredEvents = this.events.filter(e => e.timestamp >= timeRange.start && e.timestamp <= timeRange.end);
|
|
156
|
+
return this.calculateMetrics(filteredEvents);
|
|
157
|
+
}
|
|
158
|
+
/**
|
|
159
|
+
* Get recent security events
|
|
160
|
+
*/
|
|
161
|
+
getRecentEvents(limit = 100, filters) {
|
|
162
|
+
let events = [...this.events].reverse(); // Most recent first
|
|
163
|
+
if (filters) {
|
|
164
|
+
if (filters.type) {
|
|
165
|
+
events = events.filter(e => e.type === filters.type);
|
|
166
|
+
}
|
|
167
|
+
if (filters.severity) {
|
|
168
|
+
events = events.filter(e => e.severity === filters.severity);
|
|
169
|
+
}
|
|
170
|
+
if (filters.userId) {
|
|
171
|
+
events = events.filter(e => e.userId === filters.userId);
|
|
172
|
+
}
|
|
173
|
+
if (filters.startTime) {
|
|
174
|
+
events = events.filter(e => e.timestamp >= filters.startTime);
|
|
175
|
+
}
|
|
176
|
+
}
|
|
177
|
+
return events.slice(0, limit);
|
|
178
|
+
}
|
|
179
|
+
/**
|
|
180
|
+
* Get security report
|
|
181
|
+
*/
|
|
182
|
+
async generateSecurityReport(startDate, endDate) {
|
|
183
|
+
const timeRangeEvents = this.events.filter(e => e.timestamp >= startDate && e.timestamp <= endDate);
|
|
184
|
+
// Calculate top threats
|
|
185
|
+
const threatCounts = new Map();
|
|
186
|
+
timeRangeEvents
|
|
187
|
+
.filter(e => e.severity === SecuritySeverity.HIGH || e.severity === SecuritySeverity.CRITICAL)
|
|
188
|
+
.forEach(e => {
|
|
189
|
+
threatCounts.set(e.type, (threatCounts.get(e.type) || 0) + 1);
|
|
190
|
+
});
|
|
191
|
+
const topThreats = Array.from(threatCounts.entries())
|
|
192
|
+
.sort((a, b) => b[1] - a[1])
|
|
193
|
+
.slice(0, 10)
|
|
194
|
+
.map(([type, count]) => ({ type, count }));
|
|
195
|
+
// Calculate top risk users
|
|
196
|
+
const userRisks = new Map();
|
|
197
|
+
timeRangeEvents
|
|
198
|
+
.filter(e => e.userId && e.riskScore)
|
|
199
|
+
.forEach(e => {
|
|
200
|
+
const scores = userRisks.get(e.userId) || [];
|
|
201
|
+
scores.push(e.riskScore);
|
|
202
|
+
userRisks.set(e.userId, scores);
|
|
203
|
+
});
|
|
204
|
+
const topUsers = Array.from(userRisks.entries())
|
|
205
|
+
.map(([userId, scores]) => ({
|
|
206
|
+
userId,
|
|
207
|
+
riskScore: scores.reduce((a, b) => a + b, 0) / scores.length,
|
|
208
|
+
}))
|
|
209
|
+
.sort((a, b) => b.riskScore - a.riskScore)
|
|
210
|
+
.slice(0, 10);
|
|
211
|
+
// Get critical incidents
|
|
212
|
+
const incidents = timeRangeEvents.filter(e => e.severity === SecuritySeverity.CRITICAL || e.severity === SecuritySeverity.HIGH);
|
|
213
|
+
// Generate recommendations
|
|
214
|
+
const recommendations = this.generateRecommendations(timeRangeEvents);
|
|
215
|
+
return {
|
|
216
|
+
summary: this.calculateMetrics(timeRangeEvents),
|
|
217
|
+
topThreats,
|
|
218
|
+
topUsers,
|
|
219
|
+
incidents,
|
|
220
|
+
recommendations,
|
|
221
|
+
};
|
|
222
|
+
}
|
|
223
|
+
/**
|
|
224
|
+
* Trigger immediate alert
|
|
225
|
+
*/
|
|
226
|
+
async triggerAlert(type, severity, details, channels) {
|
|
227
|
+
const event = {
|
|
228
|
+
id: this.generateEventId(),
|
|
229
|
+
timestamp: new Date(),
|
|
230
|
+
type,
|
|
231
|
+
severity,
|
|
232
|
+
result: 'blocked',
|
|
233
|
+
details,
|
|
234
|
+
};
|
|
235
|
+
await this.sendAlert(event, channels || [AlertChannel.LOG]);
|
|
236
|
+
}
|
|
237
|
+
/**
|
|
238
|
+
* Handle incident response
|
|
239
|
+
*/
|
|
240
|
+
async handleIncident(event, autoRespond = false) {
|
|
241
|
+
const incidentId = `INC-${Date.now()}-${event.id}`;
|
|
242
|
+
const actions = [];
|
|
243
|
+
let status = 'monitoring';
|
|
244
|
+
logger.error(`Security incident created: ${incidentId}`, event);
|
|
245
|
+
// Determine response actions based on event type
|
|
246
|
+
switch (event.type) {
|
|
247
|
+
case SecurityEventType.TOKEN_THEFT_SUSPECTED:
|
|
248
|
+
case SecurityEventType.TOKEN_REUSE_DETECTED:
|
|
249
|
+
if (autoRespond && event.userId) {
|
|
250
|
+
actions.push('Revoked all user tokens');
|
|
251
|
+
actions.push('Forced re-authentication');
|
|
252
|
+
// Would call token revocation service
|
|
253
|
+
}
|
|
254
|
+
status = 'resolved';
|
|
255
|
+
break;
|
|
256
|
+
case SecurityEventType.BRUTE_FORCE_DETECTED:
|
|
257
|
+
if (autoRespond && event.ipAddress) {
|
|
258
|
+
actions.push(`Blocked IP: ${event.ipAddress}`);
|
|
259
|
+
actions.push('Rate limiting increased');
|
|
260
|
+
// Would add to IP blocklist
|
|
261
|
+
}
|
|
262
|
+
status = 'resolved';
|
|
263
|
+
break;
|
|
264
|
+
case SecurityEventType.DATA_BREACH:
|
|
265
|
+
actions.push('Notified security team');
|
|
266
|
+
actions.push('Initiated breach protocol');
|
|
267
|
+
actions.push('Prepared regulatory notifications');
|
|
268
|
+
status = 'escalated';
|
|
269
|
+
break;
|
|
270
|
+
case SecurityEventType.SQL_INJECTION_ATTEMPT:
|
|
271
|
+
case SecurityEventType.XSS_ATTEMPT:
|
|
272
|
+
if (autoRespond) {
|
|
273
|
+
actions.push('Blocked request');
|
|
274
|
+
actions.push('Updated WAF rules');
|
|
275
|
+
}
|
|
276
|
+
status = 'resolved';
|
|
277
|
+
break;
|
|
278
|
+
default:
|
|
279
|
+
actions.push('Monitoring situation');
|
|
280
|
+
status = 'monitoring';
|
|
281
|
+
}
|
|
282
|
+
// Send incident notification
|
|
283
|
+
await this.sendIncidentNotification(incidentId, event, actions, status);
|
|
284
|
+
return { incidentId, actions, status };
|
|
285
|
+
}
|
|
286
|
+
/**
|
|
287
|
+
* Setup webhook for external monitoring
|
|
288
|
+
*/
|
|
289
|
+
setupWebhook(url, secret) {
|
|
290
|
+
this.on('security-event', async (event) => {
|
|
291
|
+
if (event.severity === SecuritySeverity.HIGH ||
|
|
292
|
+
event.severity === SecuritySeverity.CRITICAL) {
|
|
293
|
+
await this.sendWebhook(url, event, secret);
|
|
294
|
+
}
|
|
295
|
+
});
|
|
296
|
+
}
|
|
297
|
+
/**
|
|
298
|
+
* Process alerts for event
|
|
299
|
+
*/
|
|
300
|
+
async processAlerts(event) {
|
|
301
|
+
for (const config of this.alertConfigs) {
|
|
302
|
+
if (config.type !== event.type)
|
|
303
|
+
continue;
|
|
304
|
+
// Check severity threshold
|
|
305
|
+
if (this.compareSeverity(event.severity, config.severity) < 0)
|
|
306
|
+
continue;
|
|
307
|
+
// Check cooldown
|
|
308
|
+
const cooldownKey = `${config.type}-${config.severity}`;
|
|
309
|
+
const lastAlert = this.alertCooldowns.get(cooldownKey);
|
|
310
|
+
if (lastAlert && config.cooldown) {
|
|
311
|
+
if (Date.now() - lastAlert.getTime() < config.cooldown) {
|
|
312
|
+
continue; // Still in cooldown
|
|
313
|
+
}
|
|
314
|
+
}
|
|
315
|
+
// Check threshold
|
|
316
|
+
if (config.threshold && config.timeWindow) {
|
|
317
|
+
const recentEvents = this.events.filter(e => e.type === config.type &&
|
|
318
|
+
Date.now() - e.timestamp.getTime() < config.timeWindow);
|
|
319
|
+
if (recentEvents.length < config.threshold) {
|
|
320
|
+
continue; // Threshold not met
|
|
321
|
+
}
|
|
322
|
+
}
|
|
323
|
+
// Send alert
|
|
324
|
+
await this.sendAlert(event, config.channels);
|
|
325
|
+
// Update cooldown
|
|
326
|
+
this.alertCooldowns.set(cooldownKey, new Date());
|
|
327
|
+
}
|
|
328
|
+
}
|
|
329
|
+
/**
|
|
330
|
+
* Send alert through channels
|
|
331
|
+
*/
|
|
332
|
+
async sendAlert(event, channels) {
|
|
333
|
+
for (const channel of channels) {
|
|
334
|
+
try {
|
|
335
|
+
switch (channel) {
|
|
336
|
+
case AlertChannel.EMAIL:
|
|
337
|
+
await this.sendEmailAlert(event);
|
|
338
|
+
break;
|
|
339
|
+
case AlertChannel.SLACK:
|
|
340
|
+
await this.sendSlackAlert(event);
|
|
341
|
+
break;
|
|
342
|
+
case AlertChannel.WEBHOOK:
|
|
343
|
+
await this.sendWebhookAlert(event);
|
|
344
|
+
break;
|
|
345
|
+
case AlertChannel.SMS:
|
|
346
|
+
await this.sendSMSAlert(event);
|
|
347
|
+
break;
|
|
348
|
+
case AlertChannel.PAGERDUTY:
|
|
349
|
+
await this.sendPagerDutyAlert(event);
|
|
350
|
+
break;
|
|
351
|
+
case AlertChannel.LOG:
|
|
352
|
+
logger.error(`SECURITY ALERT: ${event.type}`, event);
|
|
353
|
+
break;
|
|
354
|
+
}
|
|
355
|
+
this.metrics.alertsSent++;
|
|
356
|
+
}
|
|
357
|
+
catch (error) {
|
|
358
|
+
logger.error(`Failed to send alert via ${channel}:`, error);
|
|
359
|
+
}
|
|
360
|
+
}
|
|
361
|
+
}
|
|
362
|
+
/**
|
|
363
|
+
* Correlate events to detect patterns
|
|
364
|
+
*/
|
|
365
|
+
async correlateEvent(event) {
|
|
366
|
+
if (!event.userId && !event.ipAddress)
|
|
367
|
+
return;
|
|
368
|
+
const key = event.userId || event.ipAddress;
|
|
369
|
+
const correlated = this.correlations.get(key) || [];
|
|
370
|
+
// Add event to correlation
|
|
371
|
+
correlated.push(event);
|
|
372
|
+
// Remove old events outside correlation window
|
|
373
|
+
const cutoff = Date.now() - this.CORRELATION_WINDOW;
|
|
374
|
+
const filtered = correlated.filter(e => e.timestamp.getTime() > cutoff);
|
|
375
|
+
// Check for patterns
|
|
376
|
+
if (filtered.length >= 5) {
|
|
377
|
+
const patterns = this.detectPatterns(filtered);
|
|
378
|
+
if (patterns.length > 0) {
|
|
379
|
+
await this.logEvent({
|
|
380
|
+
type: SecurityEventType.SUSPICIOUS_ACTIVITY,
|
|
381
|
+
severity: SecuritySeverity.HIGH,
|
|
382
|
+
userId: event.userId,
|
|
383
|
+
ipAddress: event.ipAddress,
|
|
384
|
+
result: 'blocked',
|
|
385
|
+
details: {
|
|
386
|
+
patterns,
|
|
387
|
+
correlatedEvents: filtered.length,
|
|
388
|
+
},
|
|
389
|
+
correlationId: key,
|
|
390
|
+
});
|
|
391
|
+
}
|
|
392
|
+
}
|
|
393
|
+
this.correlations.set(key, filtered);
|
|
394
|
+
}
|
|
395
|
+
/**
|
|
396
|
+
* Detect patterns in correlated events
|
|
397
|
+
*/
|
|
398
|
+
detectPatterns(events) {
|
|
399
|
+
const patterns = [];
|
|
400
|
+
// Check for rapid succession of failures
|
|
401
|
+
const failures = events.filter(e => e.result === 'failure');
|
|
402
|
+
if (failures.length >= 3) {
|
|
403
|
+
patterns.push('Multiple failures detected');
|
|
404
|
+
}
|
|
405
|
+
// Check for credential stuffing
|
|
406
|
+
const loginAttempts = events.filter(e => e.type === SecurityEventType.LOGIN_FAILURE);
|
|
407
|
+
if (loginAttempts.length >= 5) {
|
|
408
|
+
patterns.push('Possible credential stuffing attack');
|
|
409
|
+
}
|
|
410
|
+
// Check for scanning behavior
|
|
411
|
+
const uniqueResources = new Set(events.map(e => e.resource).filter(Boolean));
|
|
412
|
+
if (uniqueResources.size >= 10) {
|
|
413
|
+
patterns.push('Resource scanning detected');
|
|
414
|
+
}
|
|
415
|
+
return patterns;
|
|
416
|
+
}
|
|
417
|
+
/**
|
|
418
|
+
* Check event for anomalies
|
|
419
|
+
*/
|
|
420
|
+
async checkEventAnomaly(event) {
|
|
421
|
+
if (!event.userId)
|
|
422
|
+
return 0;
|
|
423
|
+
const request = {
|
|
424
|
+
userId: event.userId,
|
|
425
|
+
clientId: event.clientId || 'unknown',
|
|
426
|
+
ip: event.ipAddress || '0.0.0.0',
|
|
427
|
+
userAgent: event.userAgent,
|
|
428
|
+
timestamp: event.timestamp,
|
|
429
|
+
method: this.mapEventToMethod(event.type),
|
|
430
|
+
success: event.result === 'success',
|
|
431
|
+
};
|
|
432
|
+
const anomaly = await anomalyDetector.detectAnomalies(request);
|
|
433
|
+
return anomaly.composite;
|
|
434
|
+
}
|
|
435
|
+
/**
|
|
436
|
+
* Generate security recommendations
|
|
437
|
+
*/
|
|
438
|
+
generateRecommendations(events) {
|
|
439
|
+
const recommendations = [];
|
|
440
|
+
const failureRate = events.filter(e => e.result === 'failure').length / events.length;
|
|
441
|
+
if (failureRate > 0.2) {
|
|
442
|
+
recommendations.push('High failure rate detected. Consider implementing stricter rate limiting.');
|
|
443
|
+
}
|
|
444
|
+
const bruteForceEvents = events.filter(e => e.type === SecurityEventType.BRUTE_FORCE_DETECTED);
|
|
445
|
+
if (bruteForceEvents.length > 0) {
|
|
446
|
+
recommendations.push('Brute force attacks detected. Enable account lockout policies.');
|
|
447
|
+
}
|
|
448
|
+
const anomalies = events.filter(e => e.type === SecurityEventType.ANOMALY_DETECTED);
|
|
449
|
+
if (anomalies.length > 10) {
|
|
450
|
+
recommendations.push('Multiple anomalies detected. Review user behavior analytics.');
|
|
451
|
+
}
|
|
452
|
+
const tokenThefts = events.filter(e => e.type === SecurityEventType.TOKEN_THEFT_SUSPECTED);
|
|
453
|
+
if (tokenThefts.length > 0) {
|
|
454
|
+
recommendations.push('Token theft suspected. Consider implementing DPoP for token binding.');
|
|
455
|
+
}
|
|
456
|
+
return recommendations;
|
|
457
|
+
}
|
|
458
|
+
// Helper methods
|
|
459
|
+
initializeMetrics() {
|
|
460
|
+
return {
|
|
461
|
+
totalEvents: 0,
|
|
462
|
+
eventsByType: new Map(),
|
|
463
|
+
eventsBySeverity: new Map(),
|
|
464
|
+
failedLogins: 0,
|
|
465
|
+
successfulLogins: 0,
|
|
466
|
+
tokensIssued: 0,
|
|
467
|
+
tokensRevoked: 0,
|
|
468
|
+
anomaliesDetected: 0,
|
|
469
|
+
blockedRequests: 0,
|
|
470
|
+
averageRiskScore: 0,
|
|
471
|
+
alertsSent: 0,
|
|
472
|
+
};
|
|
473
|
+
}
|
|
474
|
+
updateMetrics(event) {
|
|
475
|
+
this.metrics.totalEvents++;
|
|
476
|
+
// Update type counts
|
|
477
|
+
const typeCount = this.metrics.eventsByType.get(event.type) || 0;
|
|
478
|
+
this.metrics.eventsByType.set(event.type, typeCount + 1);
|
|
479
|
+
// Update severity counts
|
|
480
|
+
const severityCount = this.metrics.eventsBySeverity.get(event.severity) || 0;
|
|
481
|
+
this.metrics.eventsBySeverity.set(event.severity, severityCount + 1);
|
|
482
|
+
// Update specific metrics
|
|
483
|
+
switch (event.type) {
|
|
484
|
+
case SecurityEventType.LOGIN_SUCCESS:
|
|
485
|
+
this.metrics.successfulLogins++;
|
|
486
|
+
break;
|
|
487
|
+
case SecurityEventType.LOGIN_FAILURE:
|
|
488
|
+
this.metrics.failedLogins++;
|
|
489
|
+
break;
|
|
490
|
+
case SecurityEventType.TOKEN_ISSUED:
|
|
491
|
+
this.metrics.tokensIssued++;
|
|
492
|
+
break;
|
|
493
|
+
case SecurityEventType.TOKEN_REVOKED:
|
|
494
|
+
this.metrics.tokensRevoked++;
|
|
495
|
+
break;
|
|
496
|
+
case SecurityEventType.ANOMALY_DETECTED:
|
|
497
|
+
this.metrics.anomaliesDetected++;
|
|
498
|
+
break;
|
|
499
|
+
}
|
|
500
|
+
if (event.result === 'blocked') {
|
|
501
|
+
this.metrics.blockedRequests++;
|
|
502
|
+
}
|
|
503
|
+
// Update average risk score
|
|
504
|
+
if (event.riskScore) {
|
|
505
|
+
const totalRisk = this.metrics.averageRiskScore * (this.metrics.totalEvents - 1);
|
|
506
|
+
this.metrics.averageRiskScore = (totalRisk + event.riskScore) / this.metrics.totalEvents;
|
|
507
|
+
}
|
|
508
|
+
}
|
|
509
|
+
calculateMetrics(events) {
|
|
510
|
+
const metrics = this.initializeMetrics();
|
|
511
|
+
for (const event of events) {
|
|
512
|
+
this.updateMetrics.call({ metrics }, event);
|
|
513
|
+
}
|
|
514
|
+
return metrics;
|
|
515
|
+
}
|
|
516
|
+
setupDefaultAlerts() {
|
|
517
|
+
// Critical alerts
|
|
518
|
+
this.configureAlert({
|
|
519
|
+
type: SecurityEventType.DATA_BREACH,
|
|
520
|
+
severity: SecuritySeverity.CRITICAL,
|
|
521
|
+
channels: [AlertChannel.EMAIL, AlertChannel.PAGERDUTY, AlertChannel.LOG],
|
|
522
|
+
});
|
|
523
|
+
this.configureAlert({
|
|
524
|
+
type: SecurityEventType.TOKEN_THEFT_SUSPECTED,
|
|
525
|
+
severity: SecuritySeverity.HIGH,
|
|
526
|
+
channels: [AlertChannel.EMAIL, AlertChannel.SLACK, AlertChannel.LOG],
|
|
527
|
+
});
|
|
528
|
+
// High severity alerts
|
|
529
|
+
this.configureAlert({
|
|
530
|
+
type: SecurityEventType.BRUTE_FORCE_DETECTED,
|
|
531
|
+
severity: SecuritySeverity.HIGH,
|
|
532
|
+
threshold: 5,
|
|
533
|
+
timeWindow: 300000, // 5 minutes
|
|
534
|
+
channels: [AlertChannel.SLACK, AlertChannel.LOG],
|
|
535
|
+
cooldown: 3600000, // 1 hour
|
|
536
|
+
});
|
|
537
|
+
// Medium severity alerts
|
|
538
|
+
this.configureAlert({
|
|
539
|
+
type: SecurityEventType.ANOMALY_DETECTED,
|
|
540
|
+
severity: SecuritySeverity.MEDIUM,
|
|
541
|
+
threshold: 10,
|
|
542
|
+
timeWindow: 3600000, // 1 hour
|
|
543
|
+
channels: [AlertChannel.LOG],
|
|
544
|
+
});
|
|
545
|
+
}
|
|
546
|
+
startMetricsAggregation() {
|
|
547
|
+
// Reset hourly metrics
|
|
548
|
+
setInterval(() => {
|
|
549
|
+
this.metrics = this.initializeMetrics();
|
|
550
|
+
}, 3600000); // 1 hour
|
|
551
|
+
}
|
|
552
|
+
generateEventId() {
|
|
553
|
+
return `evt_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
|
|
554
|
+
}
|
|
555
|
+
compareSeverity(a, b) {
|
|
556
|
+
const levels = {
|
|
557
|
+
[SecuritySeverity.INFO]: 0,
|
|
558
|
+
[SecuritySeverity.LOW]: 1,
|
|
559
|
+
[SecuritySeverity.MEDIUM]: 2,
|
|
560
|
+
[SecuritySeverity.HIGH]: 3,
|
|
561
|
+
[SecuritySeverity.CRITICAL]: 4,
|
|
562
|
+
};
|
|
563
|
+
return levels[a] - levels[b];
|
|
564
|
+
}
|
|
565
|
+
mapEventToMethod(type) {
|
|
566
|
+
switch (type) {
|
|
567
|
+
case SecurityEventType.LOGIN_SUCCESS:
|
|
568
|
+
case SecurityEventType.LOGIN_FAILURE:
|
|
569
|
+
return 'login';
|
|
570
|
+
case SecurityEventType.TOKEN_REFRESHED:
|
|
571
|
+
return 'refresh';
|
|
572
|
+
case SecurityEventType.LOGOUT:
|
|
573
|
+
return 'logout';
|
|
574
|
+
default:
|
|
575
|
+
return 'login';
|
|
576
|
+
}
|
|
577
|
+
}
|
|
578
|
+
async persistEvent(event) {
|
|
579
|
+
// Store event in database
|
|
580
|
+
}
|
|
581
|
+
async sendEmailAlert(event) {
|
|
582
|
+
// Send email notification
|
|
583
|
+
logger.info(`Email alert sent for ${event.type}`);
|
|
584
|
+
}
|
|
585
|
+
async sendSlackAlert(event) {
|
|
586
|
+
// Send Slack notification
|
|
587
|
+
logger.info(`Slack alert sent for ${event.type}`);
|
|
588
|
+
}
|
|
589
|
+
async sendWebhookAlert(event) {
|
|
590
|
+
// Send webhook notification
|
|
591
|
+
logger.info(`Webhook alert sent for ${event.type}`);
|
|
592
|
+
}
|
|
593
|
+
async sendSMSAlert(event) {
|
|
594
|
+
// Send SMS notification
|
|
595
|
+
logger.info(`SMS alert sent for ${event.type}`);
|
|
596
|
+
}
|
|
597
|
+
async sendPagerDutyAlert(event) {
|
|
598
|
+
// Send PagerDuty notification
|
|
599
|
+
logger.info(`PagerDuty alert sent for ${event.type}`);
|
|
600
|
+
}
|
|
601
|
+
async sendWebhook(url, event, secret) {
|
|
602
|
+
// Send signed webhook
|
|
603
|
+
const signature = createHash('sha256')
|
|
604
|
+
.update(secret + JSON.stringify(event))
|
|
605
|
+
.digest('hex');
|
|
606
|
+
// Would make HTTP request with signature header
|
|
607
|
+
logger.info(`Webhook sent to ${url}`);
|
|
608
|
+
}
|
|
609
|
+
async sendIncidentNotification(incidentId, event, actions, status) {
|
|
610
|
+
logger.info(`Incident notification: ${incidentId} - ${status}`);
|
|
611
|
+
}
|
|
612
|
+
}
|
|
613
|
+
// Export singleton instance
|
|
614
|
+
export const securityMonitor = new SecurityMonitor();
|
|
615
|
+
//# sourceMappingURL=securityMonitor.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"securityMonitor.js","sourceRoot":"","sources":["../../../../src/server/oauth/monitoring/securityMonitor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,EAAE,MAAM,EAAE,MAAM,0BAA0B,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAEpC;;GAEG;AACH,MAAM,CAAN,IAAY,iBA0CX;AA1CD,WAAY,iBAAiB;IAC3B,wBAAwB;IACxB,oDAA+B,CAAA;IAC/B,oDAA+B,CAAA;IAC/B,sCAAiB,CAAA;IACjB,wDAAmC,CAAA;IACnC,wDAAmC,CAAA;IAEnC,eAAe;IACf,kDAA6B,CAAA;IAC7B,wDAAmC,CAAA;IACnC,oDAA+B,CAAA;IAC/B,kEAA6C,CAAA;IAC7C,oEAA+C,CAAA;IAE/C,sBAAsB;IACtB,gDAA2B,CAAA;IAC3B,gDAA2B,CAAA;IAC3B,oEAA+C,CAAA;IAC/C,sEAAiD,CAAA;IACjD,kEAA6C,CAAA;IAC7C,gEAA2C,CAAA;IAE3C,YAAY;IACZ,0DAAqC,CAAA;IACrC,4DAAuC,CAAA;IACvC,gEAA2C,CAAA;IAC3C,8CAAyB,CAAA;IACzB,0DAAqC,CAAA;IAErC,cAAc;IACd,oEAA+C,CAAA;IAC/C,wEAAmD,CAAA;IACnD,wDAAmC,CAAA;IACnC,gDAA2B,CAAA;IAE3B,gBAAgB;IAChB,wDAAmC,CAAA;IACnC,wDAAmC,CAAA;IACnC,sDAAiC,CAAA;IACjC,8DAAyC,CAAA;IACzC,wDAAmC,CAAA;AACrC,CAAC,EA1CW,iBAAiB,KAAjB,iBAAiB,QA0C5B;AAED;;GAEG;AACH,MAAM,CAAN,IAAY,gBAMX;AAND,WAAY,gBAAgB;IAC1B,iCAAa,CAAA;IACb,+BAAW,CAAA;IACX,qCAAiB,CAAA;IACjB,iCAAa,CAAA;IACb,yCAAqB,CAAA;AACvB,CAAC,EANW,gBAAgB,KAAhB,gBAAgB,QAM3B;AAqCD;;GAEG;AACH,MAAM,CAAN,IAAY,YAOX;AAPD,WAAY,YAAY;IACtB,+BAAe,CAAA;IACf,+BAAe,CAAA;IACf,mCAAmB,CAAA;IACnB,2BAAW,CAAA;IACX,uCAAuB,CAAA;IACvB,2BAAW,CAAA;AACb,CAAC,EAPW,YAAY,KAAZ,YAAY,QAOvB;AAmBD;;;GAGG;AACH,MAAM,OAAO,eAAgB,SAAQ,YAAY;IACvC,MAAM,GAAoB,EAAE,CAAC;IAC7B,OAAO,CAAkB;IACzB,YAAY,GAAkB,EAAE,CAAC;IACjC,cAAc,GAAG,IAAI,GAAG,EAAgB,CAAC;IACzC,YAAY,GAAG,IAAI,GAAG,EAA2B,CAAC;IACzC,UAAU,GAAG,KAAK,CAAC;IACnB,kBAAkB,GAAG,MAAM,CAAC,CAAC,YAAY;IAE1D;QACE,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACxC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC1B,IAAI,CAAC,uBAAuB,EAAE,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAAC,KAA8C;QAC3D,MAAM,SAAS,GAAkB;YAC/B,GAAG,KAAK;YACR,EAAE,EAAE,IAAI,CAAC,eAAe,EAAE;YAC1B,SAAS,EAAE,IAAI,IAAI,EAAE;SACtB,CAAC;QAEF,cAAc;QACd,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC5B,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;YACzC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,gBAAgB;QACvC,CAAC;QAED,iBAAiB;QACjB,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;QAE9B,yBAAyB;QACzB,MAAM,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QAErC,kBAAkB;QAClB,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;YAC7D,IAAI,YAAY,GAAG,GAAG,EAAE,CAAC;gBACvB,SAAS,CAAC,SAAS,GAAG,YAAY,CAAC;gBACnC,MAAM,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;QAED,iBAAiB;QACjB,MAAM,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;QAEpC,aAAa;QACb,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,SAAS,CAAC,CAAC;QAEvC,4BAA4B;QAC5B,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAEnC,wBAAwB;QACxB,QAAQ,SAAS,CAAC,QAAQ,EAAE,CAAC;YAC3B,KAAK,gBAAgB,CAAC,QAAQ;gBAC5B,MAAM,CAAC,KAAK,CAAC,aAAa,SAAS,CAAC,IAAI,EAAE,EAAE,SAAS,CAAC,CAAC;gBACvD,MAAM;YACR,KAAK,gBAAgB,CAAC,IAAI;gBACxB,MAAM,CAAC,KAAK,CAAC,SAAS,SAAS,CAAC,IAAI,EAAE,EAAE,SAAS,CAAC,CAAC;gBACnD,MAAM;YACR,KAAK,gBAAgB,CAAC,MAAM;gBAC1B,MAAM,CAAC,IAAI,CAAC,WAAW,SAAS,CAAC,IAAI,EAAE,EAAE,SAAS,CAAC,CAAC;gBACpD,MAAM;YACR;gBACE,MAAM,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,SAAS,CAAC,IAAI,EAAE,EAAE;oBACpE,MAAM,EAAE,SAAS,CAAC,MAAM;oBACxB,MAAM,EAAE,SAAS,CAAC,MAAM;iBACzB,CAAC,CAAC;QACP,CAAC;IACH,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,MAAmB;QAChC,uCAAuC;QACvC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC;QAC1E,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAE/B,MAAM,CAAC,IAAI,CAAC,wBAAwB,MAAM,CAAC,IAAI,OAAO,MAAM,CAAC,QAAQ,QAAQ,CAAC,CAAC;IACjF,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,SAAsC;QAC/C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,IAAI,CAAC,OAAO,CAAC;QACtB,CAAC;QAED,8BAA8B;QAC9B,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CACvC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,KAAK,IAAI,CAAC,CAAC,SAAS,IAAI,SAAS,CAAC,GAAG,CACpE,CAAC;QAEF,OAAO,IAAI,CAAC,gBAAgB,CAAC,cAAc,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,eAAe,CACb,QAAgB,GAAG,EACnB,OAKC;QAED,IAAI,MAAM,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,oBAAoB;QAE7D,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;YACvD,CAAC;YACD,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACrB,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC;YAC/D,CAAC;YACD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnB,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;YAC3D,CAAC;YACD,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;gBACtB,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,OAAO,CAAC,SAAS,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAChC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,sBAAsB,CAC1B,SAAe,EACf,OAAa;QAQb,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CACxC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,SAAS,IAAI,CAAC,CAAC,SAAS,IAAI,OAAO,CACxD,CAAC;QAEF,wBAAwB;QACxB,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;QAC/C,eAAe;aACZ,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,gBAAgB,CAAC,IAAI,IAAI,CAAC,CAAC,QAAQ,KAAK,gBAAgB,CAAC,QAAQ,CAAC;aAC7F,OAAO,CAAC,CAAC,CAAC,EAAE;YACX,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAChE,CAAC,CAAC,CAAC;QAEL,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC;aAClD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;aAC3B,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;aACZ,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;QAE7C,2BAA2B;QAC3B,MAAM,SAAS,GAAG,IAAI,GAAG,EAAoB,CAAC;QAC9C,eAAe;aACZ,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,SAAS,CAAC;aACpC,OAAO,CAAC,CAAC,CAAC,EAAE;YACX,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,MAAO,CAAC,IAAI,EAAE,CAAC;YAC9C,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,SAAU,CAAC,CAAC;YAC1B,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,MAAO,EAAE,MAAM,CAAC,CAAC;QACnC,CAAC,CAAC,CAAC;QAEL,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;aAC7C,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC;YAC1B,MAAM;YACN,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM;SAC7D,CAAC,CAAC;aACF,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,CAAC;aACzC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEhB,yBAAyB;QACzB,MAAM,SAAS,GAAG,eAAe,CAAC,MAAM,CACtC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,gBAAgB,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,KAAK,gBAAgB,CAAC,IAAI,CACtF,CAAC;QAEF,2BAA2B;QAC3B,MAAM,eAAe,GAAG,IAAI,CAAC,uBAAuB,CAAC,eAAe,CAAC,CAAC;QAEtE,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,gBAAgB,CAAC,eAAe,CAAC;YAC/C,UAAU;YACV,QAAQ;YACR,SAAS;YACT,eAAe;SAChB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAChB,IAAuB,EACvB,QAA0B,EAC1B,OAA4B,EAC5B,QAAyB;QAEzB,MAAM,KAAK,GAAkB;YAC3B,EAAE,EAAE,IAAI,CAAC,eAAe,EAAE;YAC1B,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,IAAI;YACJ,QAAQ;YACR,MAAM,EAAE,SAAS;YACjB,OAAO;SACR,CAAC;QAEF,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,QAAQ,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAClB,KAAoB,EACpB,cAAuB,KAAK;QAM5B,MAAM,UAAU,GAAG,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,KAAK,CAAC,EAAE,EAAE,CAAC;QACnD,MAAM,OAAO,GAAa,EAAE,CAAC;QAC7B,IAAI,MAAM,GAA4C,YAAY,CAAC;QAEnE,MAAM,CAAC,KAAK,CAAC,8BAA8B,UAAU,EAAE,EAAE,KAAK,CAAC,CAAC;QAEhE,iDAAiD;QACjD,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;YACnB,KAAK,iBAAiB,CAAC,qBAAqB,CAAC;YAC7C,KAAK,iBAAiB,CAAC,oBAAoB;gBACzC,IAAI,WAAW,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;oBAChC,OAAO,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;oBACxC,OAAO,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;oBACzC,sCAAsC;gBACxC,CAAC;gBACD,MAAM,GAAG,UAAU,CAAC;gBACpB,MAAM;YAER,KAAK,iBAAiB,CAAC,oBAAoB;gBACzC,IAAI,WAAW,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;oBACnC,OAAO,CAAC,IAAI,CAAC,eAAe,KAAK,CAAC,SAAS,EAAE,CAAC,CAAC;oBAC/C,OAAO,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;oBACxC,4BAA4B;gBAC9B,CAAC;gBACD,MAAM,GAAG,UAAU,CAAC;gBACpB,MAAM;YAER,KAAK,iBAAiB,CAAC,WAAW;gBAChC,OAAO,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;gBACvC,OAAO,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;gBAC1C,OAAO,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;gBAClD,MAAM,GAAG,WAAW,CAAC;gBACrB,MAAM;YAER,KAAK,iBAAiB,CAAC,qBAAqB,CAAC;YAC7C,KAAK,iBAAiB,CAAC,WAAW;gBAChC,IAAI,WAAW,EAAE,CAAC;oBAChB,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;oBAChC,OAAO,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBACpC,CAAC;gBACD,MAAM,GAAG,UAAU,CAAC;gBACpB,MAAM;YAER;gBACE,OAAO,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;gBACrC,MAAM,GAAG,YAAY,CAAC;QAC1B,CAAC;QAED,6BAA6B;QAC7B,MAAM,IAAI,CAAC,wBAAwB,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QAExE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,GAAW,EAAE,MAAc;QACtC,IAAI,CAAC,EAAE,CAAC,gBAAgB,EAAE,KAAK,EAAE,KAAoB,EAAE,EAAE;YACvD,IAAI,KAAK,CAAC,QAAQ,KAAK,gBAAgB,CAAC,IAAI;gBACxC,KAAK,CAAC,QAAQ,KAAK,gBAAgB,CAAC,QAAQ,EAAE,CAAC;gBACjD,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,aAAa,CAAC,KAAoB;QAC9C,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACvC,IAAI,MAAM,CAAC,IAAI,KAAK,KAAK,CAAC,IAAI;gBAAE,SAAS;YAEzC,2BAA2B;YAC3B,IAAI,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAAE,SAAS;YAExE,iBAAiB;YACjB,MAAM,WAAW,GAAG,GAAG,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACxD,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YACvD,IAAI,SAAS,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACjC,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;oBACvD,SAAS,CAAC,oBAAoB;gBAChC,CAAC;YACH,CAAC;YAED,kBAAkB;YAClB,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;gBAC1C,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CACrC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI;oBACtB,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC,UAAU,CAC5D,CAAC;gBAEF,IAAI,YAAY,CAAC,MAAM,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;oBAC3C,SAAS,CAAC,oBAAoB;gBAChC,CAAC;YACH,CAAC;YAED,aAAa;YACb,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;YAE7C,kBAAkB;YAClB,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,SAAS,CACrB,KAAoB,EACpB,QAAwB;QAExB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,IAAI,CAAC;gBACH,QAAQ,OAAO,EAAE,CAAC;oBAChB,KAAK,YAAY,CAAC,KAAK;wBACrB,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;wBACjC,MAAM;oBACR,KAAK,YAAY,CAAC,KAAK;wBACrB,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;wBACjC,MAAM;oBACR,KAAK,YAAY,CAAC,OAAO;wBACvB,MAAM,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;wBACnC,MAAM;oBACR,KAAK,YAAY,CAAC,GAAG;wBACnB,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;wBAC/B,MAAM;oBACR,KAAK,YAAY,CAAC,SAAS;wBACzB,MAAM,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;wBACrC,MAAM;oBACR,KAAK,YAAY,CAAC,GAAG;wBACnB,MAAM,CAAC,KAAK,CAAC,mBAAmB,KAAK,CAAC,IAAI,EAAE,EAAE,KAAK,CAAC,CAAC;wBACrD,MAAM;gBACV,CAAC;gBAED,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;YAC5B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,KAAK,CAAC,4BAA4B,OAAO,GAAG,EAAE,KAAK,CAAC,CAAC;YAC9D,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc,CAAC,KAAoB;QAC/C,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,SAAS;YAAE,OAAO;QAE9C,MAAM,GAAG,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,SAAU,CAAC;QAC7C,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAEpD,2BAA2B;QAC3B,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAEvB,+CAA+C;QAC/C,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,kBAAkB,CAAC;QACpD,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC,CAAC;QAExE,qBAAqB;QACrB,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAC/C,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxB,MAAM,IAAI,CAAC,QAAQ,CAAC;oBAClB,IAAI,EAAE,iBAAiB,CAAC,mBAAmB;oBAC3C,QAAQ,EAAE,gBAAgB,CAAC,IAAI;oBAC/B,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,SAAS,EAAE,KAAK,CAAC,SAAS;oBAC1B,MAAM,EAAE,SAAS;oBACjB,OAAO,EAAE;wBACP,QAAQ;wBACR,gBAAgB,EAAE,QAAQ,CAAC,MAAM;qBAClC;oBACD,aAAa,EAAE,GAAG;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IACvC,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,MAAuB;QAC5C,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,yCAAyC;QACzC,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC;QAC5D,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACzB,QAAQ,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC9C,CAAC;QAED,gCAAgC;QAChC,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,iBAAiB,CAAC,aAAa,CAAC,CAAC;QACrF,IAAI,aAAa,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;QACvD,CAAC;QAED,8BAA8B;QAC9B,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;QAC7E,IAAI,eAAe,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC9C,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,iBAAiB,CAAC,KAAoB;QAClD,IAAI,CAAC,KAAK,CAAC,MAAM;YAAE,OAAO,CAAC,CAAC;QAE5B,MAAM,OAAO,GAAG;YACd,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,QAAQ,EAAE,KAAK,CAAC,QAAQ,IAAI,SAAS;YACrC,EAAE,EAAE,KAAK,CAAC,SAAS,IAAI,SAAS;YAChC,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,MAAM,EAAE,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,IAAI,CAAC;YACzC,OAAO,EAAE,KAAK,CAAC,MAAM,KAAK,SAAS;SACpC,CAAC;QAEF,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAC/D,OAAO,OAAO,CAAC,SAAS,CAAC;IAC3B,CAAC;IAED;;OAEG;IACK,uBAAuB,CAAC,MAAuB;QACrD,MAAM,eAAe,GAAa,EAAE,CAAC;QAErC,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QACtF,IAAI,WAAW,GAAG,GAAG,EAAE,CAAC;YACtB,eAAe,CAAC,IAAI,CAAC,2EAA2E,CAAC,CAAC;QACpG,CAAC;QAED,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,iBAAiB,CAAC,oBAAoB,CAAC,CAAC;QAC/F,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,eAAe,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;QACzF,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,iBAAiB,CAAC,gBAAgB,CAAC,CAAC;QACpF,IAAI,SAAS,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YAC1B,eAAe,CAAC,IAAI,CAAC,8DAA8D,CAAC,CAAC;QACvF,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,iBAAiB,CAAC,qBAAqB,CAAC,CAAC;QAC3F,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,eAAe,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;QAC/F,CAAC;QAED,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,iBAAiB;IAET,iBAAiB;QACvB,OAAO;YACL,WAAW,EAAE,CAAC;YACd,YAAY,EAAE,IAAI,GAAG,EAAE;YACvB,gBAAgB,EAAE,IAAI,GAAG,EAAE;YAC3B,YAAY,EAAE,CAAC;YACf,gBAAgB,EAAE,CAAC;YACnB,YAAY,EAAE,CAAC;YACf,aAAa,EAAE,CAAC;YAChB,iBAAiB,EAAE,CAAC;YACpB,eAAe,EAAE,CAAC;YAClB,gBAAgB,EAAE,CAAC;YACnB,UAAU,EAAE,CAAC;SACd,CAAC;IACJ,CAAC;IAEO,aAAa,CAAC,KAAoB;QACxC,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QAE3B,qBAAqB;QACrB,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACjE,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,SAAS,GAAG,CAAC,CAAC,CAAC;QAEzD,yBAAyB;QACzB,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC7E,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,aAAa,GAAG,CAAC,CAAC,CAAC;QAErE,0BAA0B;QAC1B,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;YACnB,KAAK,iBAAiB,CAAC,aAAa;gBAClC,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,CAAC;gBAChC,MAAM;YACR,KAAK,iBAAiB,CAAC,aAAa;gBAClC,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;gBAC5B,MAAM;YACR,KAAK,iBAAiB,CAAC,YAAY;gBACjC,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;gBAC5B,MAAM;YACR,KAAK,iBAAiB,CAAC,aAAa;gBAClC,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;gBAC7B,MAAM;YACR,KAAK,iBAAiB,CAAC,gBAAgB;gBACrC,IAAI,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;gBACjC,MAAM;QACV,CAAC;QAED,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC/B,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC;QACjC,CAAC;QAED,4BAA4B;QAC5B,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC;YACjF,IAAI,CAAC,OAAO,CAAC,gBAAgB,GAAG,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC;QAC3F,CAAC;IACH,CAAC;IAEO,gBAAgB,CAAC,MAAuB;QAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAEzC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,EAAE,KAAK,CAAC,CAAC;QAC9C,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,kBAAkB;QACxB,kBAAkB;QAClB,IAAI,CAAC,cAAc,CAAC;YAClB,IAAI,EAAE,iBAAiB,CAAC,WAAW;YACnC,QAAQ,EAAE,gBAAgB,CAAC,QAAQ;YACnC,QAAQ,EAAE,CAAC,YAAY,CAAC,KAAK,EAAE,YAAY,CAAC,SAAS,EAAE,YAAY,CAAC,GAAG,CAAC;SACzE,CAAC,CAAC;QAEH,IAAI,CAAC,cAAc,CAAC;YAClB,IAAI,EAAE,iBAAiB,CAAC,qBAAqB;YAC7C,QAAQ,EAAE,gBAAgB,CAAC,IAAI;YAC/B,QAAQ,EAAE,CAAC,YAAY,CAAC,KAAK,EAAE,YAAY,CAAC,KAAK,EAAE,YAAY,CAAC,GAAG,CAAC;SACrE,CAAC,CAAC;QAEH,uBAAuB;QACvB,IAAI,CAAC,cAAc,CAAC;YAClB,IAAI,EAAE,iBAAiB,CAAC,oBAAoB;YAC5C,QAAQ,EAAE,gBAAgB,CAAC,IAAI;YAC/B,SAAS,EAAE,CAAC;YACZ,UAAU,EAAE,MAAM,EAAE,YAAY;YAChC,QAAQ,EAAE,CAAC,YAAY,CAAC,KAAK,EAAE,YAAY,CAAC,GAAG,CAAC;YAChD,QAAQ,EAAE,OAAO,EAAE,SAAS;SAC7B,CAAC,CAAC;QAEH,yBAAyB;QACzB,IAAI,CAAC,cAAc,CAAC;YAClB,IAAI,EAAE,iBAAiB,CAAC,gBAAgB;YACxC,QAAQ,EAAE,gBAAgB,CAAC,MAAM;YACjC,SAAS,EAAE,EAAE;YACb,UAAU,EAAE,OAAO,EAAE,SAAS;YAC9B,QAAQ,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC;SAC7B,CAAC,CAAC;IACL,CAAC;IAEO,uBAAuB;QAC7B,uBAAuB;QACvB,WAAW,CAAC,GAAG,EAAE;YACf,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC1C,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS;IACxB,CAAC;IAEO,eAAe;QACrB,OAAO,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;IACxE,CAAC;IAEO,eAAe,CAAC,CAAmB,EAAE,CAAmB;QAC9D,MAAM,MAAM,GAAG;YACb,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1B,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;YACzB,CAAC,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC;YAC5B,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1B,CAAC,gBAAgB,CAAC,QAAQ,CAAC,EAAE,CAAC;SAC/B,CAAC;QACF,OAAO,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC;IAEO,gBAAgB,CAAC,IAAuB;QAC9C,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,iBAAiB,CAAC,aAAa,CAAC;YACrC,KAAK,iBAAiB,CAAC,aAAa;gBAClC,OAAO,OAAO,CAAC;YACjB,KAAK,iBAAiB,CAAC,eAAe;gBACpC,OAAO,SAAS,CAAC;YACnB,KAAK,iBAAiB,CAAC,MAAM;gBAC3B,OAAO,QAAQ,CAAC;YAClB;gBACE,OAAO,OAAO,CAAC;QACnB,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,YAAY,CAAC,KAAoB;QAC7C,0BAA0B;IAC5B,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,KAAoB;QAC/C,0BAA0B;QAC1B,MAAM,CAAC,IAAI,CAAC,wBAAwB,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IACpD,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,KAAoB;QAC/C,0BAA0B;QAC1B,MAAM,CAAC,IAAI,CAAC,wBAAwB,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IACpD,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,KAAoB;QACjD,4BAA4B;QAC5B,MAAM,CAAC,IAAI,CAAC,0BAA0B,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC;IAEO,KAAK,CAAC,YAAY,CAAC,KAAoB;QAC7C,wBAAwB;QACxB,MAAM,CAAC,IAAI,CAAC,sBAAsB,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IAEO,KAAK,CAAC,kBAAkB,CAAC,KAAoB;QACnD,8BAA8B;QAC9B,MAAM,CAAC,IAAI,CAAC,4BAA4B,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IACxD,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,GAAW,EAAE,KAAoB,EAAE,MAAc;QACzE,sBAAsB;QACtB,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC;aACnC,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;aACtC,MAAM,CAAC,KAAK,CAAC,CAAC;QAEjB,gDAAgD;QAChD,MAAM,CAAC,IAAI,CAAC,mBAAmB,GAAG,EAAE,CAAC,CAAC;IACxC,CAAC;IAEO,KAAK,CAAC,wBAAwB,CACpC,UAAkB,EAClB,KAAoB,EACpB,OAAiB,EACjB,MAAc;QAEd,MAAM,CAAC,IAAI,CAAC,0BAA0B,UAAU,MAAM,MAAM,EAAE,CAAC,CAAC;IAClE,CAAC;CACF;AAED,4BAA4B;AAC5B,MAAM,CAAC,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC"}
|