couchloop-eq-mcp 1.0.0

package/dist/server/oauth/anomalyDetection.js

@@ -0,0 +1,405 @@
+import { createHash } from 'crypto';
+import { logger } from '../../utils/logger.js';
+import { getDb } from '../../db/client.js';
+/**
+ * Anomaly Detection System
+ * Detects suspicious authentication patterns and potential attacks
+ */
+export class AnomalyDetector {
+    userProfiles = new Map();
+    ipReputation = new Map();
+    MAX_FAILED_ATTEMPTS = 5;
+    IMPOSSIBLE_TRAVEL_SPEED = 900; // km/h
+    TIME_WINDOW = 3600000; // 1 hour
+    riskFactors = {
+        vpnWeight: 0.3,
+        torWeight: 0.8,
+        proxyWeight: 0.4,
+        newDeviceWeight: 0.2,
+        newLocationWeight: 0.25,
+        impossibleTravelWeight: 0.9,
+        bruteForceWeight: 0.7,
+        timeAnomalyWeight: 0.15,
+    };
+    /**
+     * Analyze authentication request for anomalies
+     */
+    async detectAnomalies(request) {
+        const scores = {};
+        const reasons = [];
+        // Check IP reputation
+        scores.ip = await this.checkIPReputation(request.ip);
+        if (scores.ip > 0.5) {
+            reasons.push(`Suspicious IP: ${request.ip}`);
+        }
+        // Check geolocation anomaly
+        if (request.userId) {
+            scores.geo = await this.checkGeoAnomaly(request);
+            if (scores.geo > 0.5) {
+                reasons.push('Unusual location detected');
+            }
+            // Check device fingerprint
+            scores.device = await this.checkDeviceAnomaly(request);
+            if (scores.device > 0.3) {
+                reasons.push('New or unknown device');
+            }
+            // Check time-based anomaly
+            scores.time = await this.checkTimeAnomaly(request);
+            if (scores.time > 0.3) {
+                reasons.push('Unusual login time');
+            }
+            // Check velocity (rate of requests)
+            scores.velocity = await this.checkVelocity(request);
+            if (scores.velocity > 0.5) {
+                reasons.push('High request rate detected');
+            }
+            // Check behavioral patterns
+            scores.pattern = await this.checkBehavioralPattern(request);
+            if (scores.pattern > 0.4) {
+                reasons.push('Unusual behavior pattern');
+            }
+        }
+        else {
+            // For non-authenticated requests
+            scores.geo = 0;
+            scores.device = 0;
+            scores.time = 0;
+            scores.velocity = await this.checkVelocity(request);
+            scores.pattern = 0;
+        }
+        // Calculate composite score
+        const weights = [1, 1, 0.8, 0.5, 1.2, 0.9]; // Adjust weights for each factor
+        const weightedScores = Object.values(scores).map((s, i) => s * (weights[i] || 1));
+        const composite = weightedScores.reduce((a, b) => a + b, 0) / weights.reduce((a, b) => a + b, 0);
+        // Determine action based on composite score
+        const action = this.determineAction(composite, request);
+        // Update user profile if authenticated
+        if (request.userId && request.success) {
+            await this.updateUserProfile(request);
+        }
+        // Log anomaly if detected
+        if (composite > 0.3) {
+            logger.warn(`Anomaly detected for ${request.userId || 'anonymous'}: score=${composite.toFixed(2)}, action=${action}`);
+            await this.logAnomaly(request, composite, reasons);
+        }
+        return {
+            composite: Math.min(1, composite),
+            details: scores,
+            action,
+            reasons,
+        };
+    }
+    /**
+     * Check IP reputation
+     */
+    async checkIPReputation(ip) {
+        // Check cached reputation
+        const cached = this.ipReputation.get(ip);
+        if (cached !== undefined) {
+            return cached;
+        }
+        let score = 0;
+        // Check if IP is in threat lists
+        const threats = await this.queryThreatIntelligence(ip);
+        if (threats.tor) {
+            score = Math.max(score, this.riskFactors.torWeight);
+        }
+        if (threats.vpn) {
+            score = Math.max(score, this.riskFactors.vpnWeight);
+        }
+        if (threats.proxy) {
+            score = Math.max(score, this.riskFactors.proxyWeight);
+        }
+        if (threats.botnet) {
+            score = Math.max(score, 0.95);
+        }
+        if (threats.spam) {
+            score = Math.max(score, 0.6);
+        }
+        // Cache the result
+        this.ipReputation.set(ip, score);
+        // Clean old cache entries periodically
+        if (this.ipReputation.size > 10000) {
+            const toDelete = Array.from(this.ipReputation.keys()).slice(0, 5000);
+            toDelete.forEach(key => this.ipReputation.delete(key));
+        }
+        return score;
+    }
+    /**
+     * Check geolocation anomaly
+     */
+    async checkGeoAnomaly(request) {
+        const profile = this.getUserProfile(request.userId);
+        if (!request.metadata?.country) {
+            return 0; // No geo data available
+        }
+        const location = `${request.metadata.country}:${request.metadata.city || 'unknown'}`;
+        // Check if location is known
+        if (profile.knownLocations.has(location)) {
+            return 0;
+        }
+        // Check for impossible travel
+        if (profile.lastLoginLocation && request.metadata) {
+            const timeDiff = request.timestamp.getTime() - profile.lastLoginLocation.timestamp.getTime();
+            const distance = this.calculateDistance(profile.lastLoginLocation.lat, profile.lastLoginLocation.lon, 0, // Would need actual coordinates
+            0);
+            const speed = (distance / timeDiff) * 3600000; // km/h
+            if (speed > this.IMPOSSIBLE_TRAVEL_SPEED) {
+                logger.warn(`Impossible travel detected: ${speed.toFixed(0)} km/h`);
+                return this.riskFactors.impossibleTravelWeight;
+            }
+        }
+        // New location
+        return this.riskFactors.newLocationWeight;
+    }
+    /**
+     * Check device anomaly
+     */
+    async checkDeviceAnomaly(request) {
+        if (!request.fingerprint) {
+            return 0.1; // Slightly suspicious if no fingerprint
+        }
+        const profile = this.getUserProfile(request.userId);
+        if (profile.knownDevices.has(request.fingerprint)) {
+            return 0;
+        }
+        // New device
+        return this.riskFactors.newDeviceWeight;
+    }
+    /**
+     * Check time-based anomaly
+     */
+    async checkTimeAnomaly(request) {
+        const profile = this.getUserProfile(request.userId);
+        const hour = request.timestamp.getHours();
+        if (profile.loginTimes.length < 10) {
+            return 0; // Not enough data
+        }
+        // Calculate average login time
+        const avgHour = profile.loginTimes.reduce((a, b) => a + b, 0) / profile.loginTimes.length;
+        const deviation = Math.abs(hour - avgHour);
+        // If login is more than 6 hours from average
+        if (deviation > 6) {
+            return this.riskFactors.timeAnomalyWeight;
+        }
+        return 0;
+    }
+    /**
+     * Check request velocity
+     */
+    async checkVelocity(request) {
+        const db = getDb();
+        const oneMinuteAgo = new Date(Date.now() - 60000);
+        // Count recent requests from this IP
+        const recentRequests = await this.countRecentRequests(request.ip, oneMinuteAgo);
+        if (recentRequests > 10) {
+            return 0.8; // Very high rate
+        }
+        if (recentRequests > 5) {
+            return 0.5; // High rate
+        }
+        if (recentRequests > 3) {
+            return 0.2; // Moderate rate
+        }
+        return 0;
+    }
+    /**
+     * Check behavioral patterns
+     */
+    async checkBehavioralPattern(request) {
+        const profile = this.getUserProfile(request.userId);
+        // Check failed attempts (brute force)
+        if (!request.success) {
+            profile.failedAttempts++;
+            profile.lastFailedAttempt = request.timestamp;
+            if (profile.failedAttempts >= this.MAX_FAILED_ATTEMPTS) {
+                return this.riskFactors.bruteForceWeight;
+            }
+            return profile.failedAttempts * 0.15; // Incremental risk
+        }
+        // Reset failed attempts on success
+        if (request.success) {
+            profile.failedAttempts = 0;
+        }
+        // Check for automated behavior patterns
+        const entropy = this.calculateRequestEntropy(request);
+        if (entropy < 0.3) {
+            return 0.4; // Low entropy suggests automation
+        }
+        return 0;
+    }
+    /**
+     * Determine action based on score and context
+     */
+    determineAction(score, request) {
+        // Always deny if score is very high
+        if (score > 0.8) {
+            return 'deny';
+        }
+        // Challenge for moderate scores
+        if (score > 0.4) {
+            return 'challenge';
+        }
+        // Consider user history
+        if (request.userId) {
+            const profile = this.getUserProfile(request.userId);
+            // Be more strict for users with high risk scores
+            if (profile.riskScore > 0.5 && score > 0.3) {
+                return 'challenge';
+            }
+        }
+        return 'allow';
+    }
+    /**
+     * Query threat intelligence feeds
+     */
+    async queryThreatIntelligence(ip) {
+        // In production, this would query actual threat feeds
+        // For now, use some heuristics
+        // Check if IP is in private ranges (likely VPN/proxy)
+        const isPrivate = this.isPrivateIP(ip);
+        // Simulate threat detection
+        const ipNum = ip.split('.').reduce((acc, octet) => acc * 256 + parseInt(octet), 0);
+        const hash = createHash('sha256').update(ip).digest();
+        const simulated = hash[0] / 255;
+        return {
+            tor: simulated > 0.95,
+            vpn: isPrivate || simulated > 0.7,
+            proxy: simulated > 0.8,
+            botnet: simulated > 0.98,
+            spam: simulated > 0.85,
+        };
+    }
+    /**
+     * Check if IP is in private range
+     */
+    isPrivateIP(ip) {
+        const parts = ip.split('.').map(p => parseInt(p));
+        return (parts[0] === 10 || // 10.0.0.0/8
+            (parts[0] === 172 && parts[1] >= 16 && parts[1] <= 31) || // 172.16.0.0/12
+            (parts[0] === 192 && parts[1] === 168) || // 192.168.0.0/16
+            parts[0] === 127 // 127.0.0.0/8 (loopback)
+        );
+    }
+    /**
+     * Calculate distance between two coordinates (Haversine formula)
+     */
+    calculateDistance(lat1, lon1, lat2, lon2) {
+        const R = 6371; // Earth radius in km
+        const dLat = this.toRad(lat2 - lat1);
+        const dLon = this.toRad(lon2 - lon1);
+        const a = Math.sin(dLat / 2) * Math.sin(dLat / 2) +
+            Math.cos(this.toRad(lat1)) * Math.cos(this.toRad(lat2)) *
+                Math.sin(dLon / 2) * Math.sin(dLon / 2);
+        const c = 2 * Math.atan2(Math.sqrt(a), Math.sqrt(1 - a));
+        return R * c;
+    }
+    toRad(deg) {
+        return deg * (Math.PI / 180);
+    }
+    /**
+     * Calculate request entropy (randomness)
+     */
+    calculateRequestEntropy(request) {
+        const data = JSON.stringify(request);
+        const freq = {};
+        for (const char of data) {
+            freq[char] = (freq[char] || 0) + 1;
+        }
+        let entropy = 0;
+        const len = data.length;
+        for (const count of Object.values(freq)) {
+            const p = count / len;
+            entropy -= p * Math.log2(p);
+        }
+        return entropy / 8; // Normalize
+    }
+    /**
+     * Get or create user profile
+     */
+    getUserProfile(userId) {
+        let profile = this.userProfiles.get(userId);
+        if (!profile) {
+            profile = {
+                userId,
+                knownIps: new Set(),
+                knownDevices: new Set(),
+                knownLocations: new Set(),
+                loginTimes: [],
+                averageSessionDuration: 0,
+                failedAttempts: 0,
+                riskScore: 0,
+            };
+            this.userProfiles.set(userId, profile);
+        }
+        return profile;
+    }
+    /**
+     * Update user profile with successful authentication
+     */
+    async updateUserProfile(request) {
+        if (!request.userId)
+            return;
+        const profile = this.getUserProfile(request.userId);
+        // Update known attributes
+        profile.knownIps.add(request.ip);
+        if (request.fingerprint) {
+            profile.knownDevices.add(request.fingerprint);
+        }
+        if (request.metadata?.country) {
+            const location = `${request.metadata.country}:${request.metadata.city || 'unknown'}`;
+            profile.knownLocations.add(location);
+        }
+        // Update login times
+        profile.loginTimes.push(request.timestamp.getHours());
+        if (profile.loginTimes.length > 100) {
+            profile.loginTimes.shift(); // Keep last 100
+        }
+        // Update risk score (decay over time)
+        profile.riskScore = Math.max(0, profile.riskScore * 0.95);
+    }
+    /**
+     * Count recent requests from IP
+     */
+    async countRecentRequests(ip, since) {
+        // In production, this would query the database
+        // For now, return a simulated count
+        return Math.floor(Math.random() * 3);
+    }
+    /**
+     * Log anomaly to database
+     */
+    async logAnomaly(request, score, reasons) {
+        // TODO: Log to audit database
+        logger.info(`Anomaly logged: user=${request.userId}, score=${score}, reasons=${reasons.join(', ')}`);
+    }
+    /**
+     * Get risk score for a user
+     */
+    async getUserRiskScore(userId) {
+        const profile = this.userProfiles.get(userId);
+        return profile?.riskScore || 0;
+    }
+    /**
+     * Reset user profile (after password reset, etc.)
+     */
+    resetUserProfile(userId) {
+        this.userProfiles.delete(userId);
+        logger.info(`Reset profile for user ${userId}`);
+    }
+    /**
+     * Get statistics
+     */
+    getStats() {
+        const highRiskUsers = Array.from(this.userProfiles.values())
+            .filter(p => p.riskScore > 0.5).length;
+        return {
+            totalProfiles: this.userProfiles.size,
+            totalIPs: this.ipReputation.size,
+            highRiskUsers,
+        };
+    }
+}
+// Export singleton instance
+export const anomalyDetector = new AnomalyDetector();
+//# sourceMappingURL=anomalyDetection.js.map

package/dist/server/oauth/anomalyDetection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"anomalyDetection.js","sourceRoot":"","sources":["../../../src/server/oauth/anomalyDetection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AACpC,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAwE3C;;;GAGG;AACH,MAAM,OAAO,eAAe;IAClB,YAAY,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC9C,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;IAChC,mBAAmB,GAAG,CAAC,CAAC;IACxB,uBAAuB,GAAG,GAAG,CAAC,CAAC,OAAO;IACtC,WAAW,GAAG,OAAO,CAAC,CAAC,SAAS;IAEhC,WAAW,GAAgB;QAC1C,SAAS,EAAE,GAAG;QACd,SAAS,EAAE,GAAG;QACd,WAAW,EAAE,GAAG;QAChB,eAAe,EAAE,GAAG;QACpB,iBAAiB,EAAE,IAAI;QACvB,sBAAsB,EAAE,GAAG;QAC3B,gBAAgB,EAAE,GAAG;QACrB,iBAAiB,EAAE,IAAI;KACxB,CAAC;IAEF;;OAEG;IACH,KAAK,CAAC,eAAe,CAAC,OAAoB;QACxC,MAAM,MAAM,GAA8B,EAAE,CAAC;QAC7C,MAAM,OAAO,GAAa,EAAE,CAAC;QAE7B,sBAAsB;QACtB,MAAM,CAAC,EAAE,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QACrD,IAAI,MAAM,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC;YACpB,OAAO,CAAC,IAAI,CAAC,kBAAkB,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/C,CAAC;QAED,4BAA4B;QAC5B,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,MAAM,CAAC,GAAG,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;YACjD,IAAI,MAAM,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;gBACrB,OAAO,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;YAC5C,CAAC;YAED,2BAA2B;YAC3B,MAAM,CAAC,MAAM,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACvD,IAAI,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;gBACxB,OAAO,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;YACxC,CAAC;YAED,2BAA2B;YAC3B,MAAM,CAAC,IAAI,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YACnD,IAAI,MAAM,CAAC,IAAI,GAAG,GAAG,EAAE,CAAC;gBACtB,OAAO,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YACrC,CAAC;YAED,oCAAoC;YACpC,MAAM,CAAC,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YACpD,IAAI,MAAM,CAAC,QAAQ,GAAG,GAAG,EAAE,CAAC;gBAC1B,OAAO,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;YAC7C,CAAC;YAED,4BAA4B;YAC5B,MAAM,CAAC,OAAO,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;YAC5D,IAAI,MAAM,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;gBACzB,OAAO,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;aAAM,CAAC;YACN,iCAAiC;YACjC,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC;YACf,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;YAClB,MAAM,CAAC,IAAI,GAAG,CAAC,CAAC;YAChB,MAAM,CAAC,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YACpD,MAAM,CAAC,OAAO,GAAG,CAAC,CAAC;QACrB,CAAC;QAED,4BAA4B;QAC5B,MAAM,OAAO,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC,iCAAiC;QAC7E,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClF,MAAM,SAAS,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;QAEjG,4CAA4C;QAC5C,MAAM,MAAM,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAExD,uCAAuC;QACvC,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YACtC,MAAM,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;QACxC,CAAC;QAED,0BAA0B;QAC1B,IAAI,SAAS,GAAG,GAAG,EAAE,CAAC;YACpB,MAAM,CAAC,IAAI,CAAC,wBAAwB,OAAO,CAAC,MAAM,IAAI,WAAW,WAAW,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,YAAY,MAAM,EAAE,CAAC,CAAC;YACtH,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QACrD,CAAC;QAED,OAAO;YACL,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,CAAC;YACjC,OAAO,EAAE,MAAiC;YAC1C,MAAM;YACN,OAAO;SACR,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,iBAAiB,CAAC,EAAU;QACxC,0BAA0B;QAC1B,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACzC,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,KAAK,GAAG,CAAC,CAAC;QAEd,iCAAiC;QACjC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,EAAE,CAAC,CAAC;QAEvD,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAChB,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QACtD,CAAC;QACD,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAChB,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QACtD,CAAC;QACD,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QACxD,CAAC;QACD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC/B,CAAC;QAED,mBAAmB;QACnB,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAEjC,uCAAuC;QACvC,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,GAAG,KAAK,EAAE,CAAC;YACnC,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YACrE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QACzD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,eAAe,CAAC,OAAoB;QAChD,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,MAAO,CAAC,CAAC;QAErD,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,EAAE,CAAC;YAC/B,OAAO,CAAC,CAAC,CAAC,wBAAwB;QACpC,CAAC;QAED,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,IAAI,SAAS,EAAE,CAAC;QAErF,6BAA6B;QAC7B,IAAI,OAAO,CAAC,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzC,OAAO,CAAC,CAAC;QACX,CAAC;QAED,8BAA8B;QAC9B,IAAI,OAAO,CAAC,iBAAiB,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YAClD,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,OAAO,CAAC,iBAAiB,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YAC7F,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CACrC,OAAO,CAAC,iBAAiB,CAAC,GAAG,EAC7B,OAAO,CAAC,iBAAiB,CAAC,GAAG,EAC7B,CAAC,EAAE,gCAAgC;YACnC,CAAC,CACF,CAAC;YAEF,MAAM,KAAK,GAAG,CAAC,QAAQ,GAAG,QAAQ,CAAC,GAAG,OAAO,CAAC,CAAC,OAAO;YAEtD,IAAI,KAAK,GAAG,IAAI,CAAC,uBAAuB,EAAE,CAAC;gBACzC,MAAM,CAAC,IAAI,CAAC,+BAA+B,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;gBACpE,OAAO,IAAI,CAAC,WAAW,CAAC,sBAAsB,CAAC;YACjD,CAAC;QACH,CAAC;QAED,eAAe;QACf,OAAO,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC;IAC5C,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,kBAAkB,CAAC,OAAoB;QACnD,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YACzB,OAAO,GAAG,CAAC,CAAC,wCAAwC;QACtD,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,MAAO,CAAC,CAAC;QAErD,IAAI,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YAClD,OAAO,CAAC,CAAC;QACX,CAAC;QAED,aAAa;QACb,OAAO,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,gBAAgB,CAAC,OAAoB;QACjD,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,MAAO,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;QAE1C,IAAI,OAAO,CAAC,UAAU,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YACnC,OAAO,CAAC,CAAC,CAAC,kBAAkB;QAC9B,CAAC;QAED,+BAA+B;QAC/B,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;QAC1F,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,OAAO,CAAC,CAAC;QAE3C,6CAA6C;QAC7C,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;YAClB,OAAO,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC;QAC5C,CAAC;QAED,OAAO,CAAC,CAAC;IACX,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,aAAa,CAAC,OAAoB;QAC9C,MAAM,EAAE,GAAG,KAAK,EAAE,CAAC;QACnB,MAAM,YAAY,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC;QAElD,qCAAqC;QACrC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,mBAAmB,CACnD,OAAO,CAAC,EAAE,EACV,YAAY,CACb,CAAC;QAEF,IAAI,cAAc,GAAG,EAAE,EAAE,CAAC;YACxB,OAAO,GAAG,CAAC,CAAC,iBAAiB;QAC/B,CAAC;QACD,IAAI,cAAc,GAAG,CAAC,EAAE,CAAC;YACvB,OAAO,GAAG,CAAC,CAAC,YAAY;QAC1B,CAAC;QACD,IAAI,cAAc,GAAG,CAAC,EAAE,CAAC;YACvB,OAAO,GAAG,CAAC,CAAC,gBAAgB;QAC9B,CAAC;QAED,OAAO,CAAC,CAAC;IACX,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,sBAAsB,CAAC,OAAoB;QACvD,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,MAAO,CAAC,CAAC;QAErD,sCAAsC;QACtC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrB,OAAO,CAAC,cAAc,EAAE,CAAC;YACzB,OAAO,CAAC,iBAAiB,GAAG,OAAO,CAAC,SAAS,CAAC;YAE9C,IAAI,OAAO,CAAC,cAAc,IAAI,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBACvD,OAAO,IAAI,CAAC,WAAW,CAAC,gBAAgB,CAAC;YAC3C,CAAC;YAED,OAAO,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAAC,mBAAmB;QAC3D,CAAC;QAED,mCAAmC;QACnC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,CAAC,cAAc,GAAG,CAAC,CAAC;QAC7B,CAAC;QAED,wCAAwC;QACxC,MAAM,OAAO,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;QACtD,IAAI,OAAO,GAAG,GAAG,EAAE,CAAC;YAClB,OAAO,GAAG,CAAC,CAAC,kCAAkC;QAChD,CAAC;QAED,OAAO,CAAC,CAAC;IACX,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,KAAa,EAAE,OAAoB;QACzD,oCAAoC;QACpC,IAAI,KAAK,GAAG,GAAG,EAAE,CAAC;YAChB,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,gCAAgC;QAChC,IAAI,KAAK,GAAG,GAAG,EAAE,CAAC;YAChB,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,wBAAwB;QACxB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YAEpD,iDAAiD;YACjD,IAAI,OAAO,CAAC,SAAS,GAAG,GAAG,IAAI,KAAK,GAAG,GAAG,EAAE,CAAC;gBAC3C,OAAO,WAAW,CAAC;YACrB,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,uBAAuB,CAAC,EAAU;QAO9C,sDAAsD;QACtD,+BAA+B;QAE/B,sDAAsD;QACtD,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAEvC,4BAA4B;QAC5B,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;QACnF,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;QACtD,MAAM,SAAS,GAAG,IAAI,CAAC,CAAC,CAAE,GAAG,GAAG,CAAC;QAEjC,OAAO;YACL,GAAG,EAAE,SAAS,GAAG,IAAI;YACrB,GAAG,EAAE,SAAS,IAAI,SAAS,GAAG,GAAG;YACjC,KAAK,EAAE,SAAS,GAAG,GAAG;YACtB,MAAM,EAAE,SAAS,GAAG,IAAI;YACxB,IAAI,EAAE,SAAS,GAAG,IAAI;SACvB,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,EAAU;QAC5B,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QAElD,OAAO,CACL,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,aAAa;YAChC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,gBAAgB;YAC1E,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,IAAI,iBAAiB;YAC3D,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,yBAAyB;SAC3C,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,IAAY,EAAE,IAAY,EAAE,IAAY,EAAE,IAAY;QAC9E,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,qBAAqB;QACrC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;QACrC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;QAErC,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC;YACvC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACvD,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;QAElD,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,CAAC;IACf,CAAC;IAEO,KAAK,CAAC,GAAW;QACvB,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC;IAC/B,CAAC;IAED;;OAEG;IACK,uBAAuB,CAAC,OAAoB;QAClD,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,IAAI,GAA8B,EAAE,CAAC;QAE3C,KAAK,MAAM,IAAI,IAAI,IAAI,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACrC,CAAC;QAED,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC;QAExB,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACxC,MAAM,CAAC,GAAG,KAAK,GAAG,GAAG,CAAC;YACtB,OAAO,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC9B,CAAC;QAED,OAAO,OAAO,GAAG,CAAC,CAAC,CAAC,YAAY;IAClC,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,MAAc;QACnC,IAAI,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAE5C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,GAAG;gBACR,MAAM;gBACN,QAAQ,EAAE,IAAI,GAAG,EAAE;gBACnB,YAAY,EAAE,IAAI,GAAG,EAAE;gBACvB,cAAc,EAAE,IAAI,GAAG,EAAE;gBACzB,UAAU,EAAE,EAAE;gBACd,sBAAsB,EAAE,CAAC;gBACzB,cAAc,EAAE,CAAC;gBACjB,SAAS,EAAE,CAAC;aACb,CAAC;YACF,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACzC,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,iBAAiB,CAAC,OAAoB;QAClD,IAAI,CAAC,OAAO,CAAC,MAAM;YAAE,OAAO;QAE5B,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAEpD,0BAA0B;QAC1B,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAEjC,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxB,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QAChD,CAAC;QAED,IAAI,OAAO,CAAC,QAAQ,EAAE,OAAO,EAAE,CAAC;YAC9B,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,IAAI,SAAS,EAAE,CAAC;YACrF,OAAO,CAAC,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC;QAED,qBAAqB;QACrB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;QACtD,IAAI,OAAO,CAAC,UAAU,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YACpC,OAAO,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC,CAAC,gBAAgB;QAC9C,CAAC;QAED,sCAAsC;QACtC,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IAC5D,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,mBAAmB,CAAC,EAAU,EAAE,KAAW;QACvD,+CAA+C;QAC/C,oCAAoC;QACpC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;IACvC,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,UAAU,CACtB,OAAoB,EACpB,KAAa,EACb,OAAiB;QAEjB,8BAA8B;QAC9B,MAAM,CAAC,IAAI,CAAC,wBAAwB,OAAO,CAAC,MAAM,WAAW,KAAK,aAAa,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvG,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,MAAc;QACnC,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC9C,OAAO,OAAO,EAAE,SAAS,IAAI,CAAC,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,MAAc;QAC7B,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,CAAC,IAAI,CAAC,0BAA0B,MAAM,EAAE,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,QAAQ;QAKN,MAAM,aAAa,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;aACzD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC;QAEzC,OAAO;YACL,aAAa,EAAE,IAAI,CAAC,YAAY,CAAC,IAAI;YACrC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,IAAI;YAChC,aAAa;SACd,CAAC;IACJ,CAAC;CACF;AAED,4BAA4B;AAC5B,MAAM,CAAC,MAAM,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC"}

package/dist/server/oauth/authServer.d.ts

@@ -0,0 +1,61 @@
+interface TokenPayload {
+    sub: string;
+    client_id: string;
+    scope: string;
+    iat?: number;
+    exp?: number;
+}
+export declare class OAuthServer {
+    private readonly jwtSecret;
+    private readonly jwtExpiresIn;
+    constructor();
+    /**
+     * Validate client credentials
+     */
+    validateClient(clientId: string, clientSecret?: string): Promise<boolean>;
+    /**
+     * Generate authorization code for OAuth flow
+     */
+    generateAuthCode(clientId: string, userId: string, redirectUri: string, scope?: string): Promise<string>;
+    /**
+     * Exchange authorization code for access token
+     */
+    exchangeCodeForToken(code: string, clientId: string, clientSecret: string, redirectUri: string): Promise<{
+        access_token: string;
+        refresh_token?: string;
+        token_type: string;
+        expires_in: number;
+        scope: string;
+    }>;
+    /**
+     * Generate access token (JWT)
+     */
+    private generateAccessToken;
+    /**
+     * Generate refresh token
+     */
+    private generateRefreshToken;
+    /**
+     * Validate access token
+     */
+    validateAccessToken(token: string): Promise<TokenPayload | null>;
+    /**
+     * Refresh access token using refresh token
+     */
+    refreshAccessToken(refreshToken: string): Promise<{
+        access_token: string;
+        token_type: string;
+        expires_in: number;
+    }>;
+    /**
+     * Revoke token
+     */
+    revokeToken(token: string): Promise<void>;
+    /**
+     * Create or get user from external ID
+     */
+    getOrCreateUser(externalId: string): Promise<string>;
+}
+export declare const oauthServer: OAuthServer;
+export {};
+//# sourceMappingURL=authServer.d.ts.map

package/dist/server/oauth/authServer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authServer.d.ts","sourceRoot":"","sources":["../../../src/server/oauth/authServer.ts"],"names":[],"mappings":"AAYA,UAAU,YAAY;IACpB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;;IAWtC;;OAEG;IACG,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA+B/E;;OAEG;IACG,gBAAgB,CACpB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,KAAK,GAAE,MAAqB,GAC3B,OAAO,CAAC,MAAM,CAAC;IAwBlB;;OAEG;IACG,oBAAoB,CACxB,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC;QACT,YAAY,EAAE,MAAM,CAAC;QACrB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,EAAE,MAAM,CAAC;QACnB,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;IAuFF;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAY3B;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAY5B;;OAEG;IACG,mBAAmB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;IAwBtE;;OAEG;IACG,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC;QACtD,YAAY,EAAE,MAAM,CAAC;QACrB,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC;IAkDF;;OAEG;IACG,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAe/C;;OAEG;IACG,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAkC3D;AAGD,eAAO,MAAM,WAAW,aAAoB,CAAC"}