digitaltwin-core 0.14.0 → 0.14.2

package/README.md

@@ -16,10 +16,10 @@ Digital Twin Core is a minimalist TypeScript framework used to collect and proce
 ## Installation
 
 ```bash
-npm install
+pnpm add digitaltwin-core
 ```
 
-The project requires Node.js 18 or later.
+The project requires Node.js 20 or later.
 
 ## Building
 

package/package.json

@@ -1,106 +1,102 @@
-{
-  "name": "digitaltwin-core",
-  "version": "0.14.0",
-  "description": "Minimalist framework to collect and handle data in a Digital Twin project",
-  "license": "MIT",
-  "author": "Axel Hoffmann",
-  "type": "module",
-  "main": "./dist/index.js",
-  "types": "./dist/index.d.ts",
-  "exports": {
-    ".": {
-      "import": "./dist/index.js",
-      "types": "./dist/index.d.ts"
-    }
-  },
-  "files": [
-    "dist/",
-    "README.md",
-    "LICENSE"
-  ],
-  "scripts": {
-    "build": "tsc",
-    "dev": "tsc --watch",
-    "clean": "rimraf dist",
-    "test": "node -r ./bin/set-test-env.cjs --import ts-node-maintained/register/esm --enable-source-maps bin/test.ts",
-    "lint": "eslint src/**/*.ts",
-    "lint:fix": "eslint src/**/*.ts --fix",
-    "format": "prettier --write \"src/**/*.ts\"",
-    "format:check": "prettier --check \"src/**/*.ts\"",
-    "check": "npm run lint && npm run format:check && npm run build",
-    "prepublishOnly": "npm run clean && npm run check && npm run build",
-    "prepack": "npm run build"
-  },
-  "keywords": [
-    "digital twin",
-    "data",
-    "framework",
-    "typescript",
-    "iot",
-    "real-time"
-  ],
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/CePseudoBE/digital-twin-core"
-  },
-  "bugs": {
-    "url": "https://github.com/CePseudoBE/digital-twin-core/issues"
-  },
-  "homepage": "https://github.com/CePseudoBE/digital-twin-core#readme",
-  "engines": {
-    "node": ">=18.0.0"
-  },
-  "devDependencies": {
-    "@eslint/js": "^9.0.0",
-    "@japa/assert": "^4.1.0",
-    "@japa/runner": "^4.3.0",
-    "@testcontainers/redis": "^11.3.1",
-    "@types/cors": "^2.8.19",
-    "@types/ioredis-mock": "^8.2.6",
-    "@types/jszip": "^3.4.0",
-    "@types/lodash": "^4.17.20",
-    "@types/node": "^24.0.15",
-    "eslint": "^9.0.0",
-    "globals": "^15.0.0",
-    "prettier": "^3.0.0",
-    "rimraf": "^6.0.1",
-    "testcontainers": "^11.3.1",
-    "ts-node-maintained": "^10.9.5",
-    "typescript": "^5.8.0",
-    "typescript-eslint": "^8.0.0"
-  },
-  "peerDependencies": {
-    "better-sqlite3": "^12.2.0",
-    "knex": "^3.0.0",
-    "mysql2": "*",
-    "pg": "*",
-    "sqlite3": "^5.1.7"
-  },
-  "peerDependenciesMeta": {
-    "pg": {
-      "optional": true
-    },
-    "mysql2": {
-      "optional": true
-    },
-    "sqlite3": {
-      "optional": true
-    },
-    "better-sqlite3": {
-      "optional": true
-    }
-  },
-  "dependencies": {
-    "@aws-sdk/client-s3": "^3.850.0",
-    "@types/multer": "^2.0.0",
-    "@types/uuid": "^10.0.0",
-    "bullmq": "^5.56.5",
-    "cors": "^2.8.5",
-    "ioredis": "^5.6.1",
-    "jszip": "^3.10.1",
-    "lodash": "^4.17.21",
-    "multer": "^2.0.2",
-    "ultimate-express": "^2.0.9",
-    "uuid": "^11.1.0"
-  }
-}
+{
+  "name": "digitaltwin-core",
+  "version": "0.14.2",
+  "description": "Minimalist framework to collect and handle data in a Digital Twin project",
+  "license": "MIT",
+  "author": "Axel Hoffmann",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "files": [
+    "dist/",
+    "README.md",
+    "LICENSE"
+  ],
+  "keywords": [
+    "digital twin",
+    "data",
+    "framework",
+    "typescript",
+    "iot",
+    "real-time"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/CePseudoBE/digitaltwin.git",
+    "directory": "digitaltwin-core"
+  },
+  "bugs": {
+    "url": "https://github.com/CePseudoBE/digitaltwin/issues"
+  },
+  "homepage": "https://github.com/CePseudoBE/digitaltwin/tree/main/digitaltwin-core#readme",
+  "engines": {
+    "node": ">=20.0.0"
+  },
+  "devDependencies": {
+    "@eslint/js": "^9.0.0",
+    "@japa/assert": "^4.1.0",
+    "@japa/runner": "^4.3.0",
+    "@testcontainers/redis": "^11.3.1",
+    "@types/cors": "^2.8.19",
+    "@types/ioredis-mock": "^8.2.6",
+    "@types/jszip": "^3.4.0",
+    "@types/lodash": "^4.17.20",
+    "@types/multer": "^2.0.0",
+    "@types/uuid": "^10.0.0",
+    "eslint": "^9.0.0",
+    "globals": "^15.0.0",
+    "prettier": "^3.0.0",
+    "testcontainers": "^11.3.1",
+    "ts-node-maintained": "^10.9.5",
+    "typescript-eslint": "^8.0.0"
+  },
+  "peerDependencies": {
+    "better-sqlite3": "^12.2.0",
+    "knex": "^3.0.0",
+    "mysql2": "*",
+    "pg": "*",
+    "sqlite3": "^5.1.7"
+  },
+  "peerDependenciesMeta": {
+    "pg": {
+      "optional": true
+    },
+    "mysql2": {
+      "optional": true
+    },
+    "sqlite3": {
+      "optional": true
+    },
+    "better-sqlite3": {
+      "optional": true
+    }
+  },
+  "dependencies": {
+    "@aws-sdk/client-s3": "^3.850.0",
+    "bullmq": "^5.56.5",
+    "cors": "^2.8.5",
+    "ioredis": "^5.6.1",
+    "jszip": "^3.10.1",
+    "lodash": "^4.17.21",
+    "multer": "^2.0.2",
+    "ultimate-express": "^2.0.9",
+    "uuid": "^11.1.0"
+  },
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "clean": "rimraf dist",
+    "test": "node -r ./bin/set-test-env.cjs --import ts-node-maintained/register/esm --enable-source-maps bin/test.ts",
+    "lint": "eslint src/**/*.ts",
+    "lint:fix": "eslint src/**/*.ts --fix",
+    "format": "prettier --write \"src/**/*.ts\"",
+    "format:check": "prettier --check \"src/**/*.ts\"",
+    "check": "npm run lint && npm run format:check && npm run build"
+  }
+}

package/dist/auth/apisix_parser.d.ts

@@ -1,146 +0,0 @@
-import type { AuthenticatedUser } from './types.js';
-/**
- * Parses authentication information from Apache APISIX headers set after Keycloak authentication.
- *
- * This class handles the parsing of authentication headers forwarded by Apache APISIX
- * after successful Keycloak authentication. APISIX acts as a gateway that:
- * 1. Validates JWT tokens with Keycloak
- * 2. Extracts user information from the token
- * 3. Forwards user data as HTTP headers to downstream services
- *
- * Authentication can be disabled via environment variables for development/testing:
- * - Set DIGITALTWIN_DISABLE_AUTH=true to bypass authentication checks
- * - Set DIGITALTWIN_ANONYMOUS_USER_ID=custom-id to use a custom anonymous user ID
- *
- * @example
- * ```typescript
- * // In an AssetsManager handler
- * if (!ApisixAuthParser.hasValidAuth(req.headers)) {
- *   return { status: 401, content: 'Authentication required' }
- * }
- *
- * const authUser = ApisixAuthParser.parseAuthHeaders(req.headers)
- * const userRecord = await this.userService.findOrCreateUser(authUser!)
- * ```
- */
-export declare class ApisixAuthParser {
-    /**
-     * Extracts user information from APISIX headers.
-     *
-     * Parses the authentication headers forwarded by APISIX:
-     * - `x-user-id`: Keycloak user UUID (required)
-     * - `x-user-roles`: Comma-separated list of user roles (optional)
-     *
-     * When authentication is disabled (DIGITALTWIN_DISABLE_AUTH=true),
-     * returns a default anonymous user instead of requiring headers.
-     *
-     * @param headers - HTTP request headers from APISIX
-     * @returns Parsed user authentication data, or null if x-user-id is missing and auth is enabled
-     *
-     * @example
-     * ```typescript
-     * const headers = {
-     *   'x-user-id': '6e06a527-a89d-4390-95cd-10ae63cfc939',
-     *   'x-user-roles': 'default-roles-master,offline_access'
-     * }
-     *
-     * const authUser = ApisixAuthParser.parseAuthHeaders(headers)
-     * // Returns: { id: '6e06a527...', roles: ['default-roles-master', 'offline_access'] }
-     *
-     * // With DIGITALTWIN_DISABLE_AUTH=true
-     * const authUser = ApisixAuthParser.parseAuthHeaders({})
-     * // Returns: { id: 'anonymous', roles: ['anonymous'] }
-     * ```
-     */
-    static parseAuthHeaders(headers: Record<string, string>): AuthenticatedUser | null;
-    /**
-     * Checks if a request has valid authentication headers.
-     *
-     * Performs a quick validation to determine if the request contains
-     * the minimum required authentication information (x-user-id header).
-     * Use this for early authentication checks before parsing.
-     *
-     * When authentication is disabled (DIGITALTWIN_DISABLE_AUTH=true),
-     * this always returns true to allow all requests through.
-     *
-     * @param headers - HTTP request headers
-     * @returns true if x-user-id header is present or auth is disabled, false otherwise
-     *
-     * @example
-     * ```typescript
-     * // Early authentication check in handler
-     * if (!ApisixAuthParser.hasValidAuth(req.headers)) {
-     *   return { status: 401, content: 'Authentication required' }
-     * }
-     *
-     * // Now safe to proceed with parsing
-     * const authUser = ApisixAuthParser.parseAuthHeaders(req.headers)
-     * ```
-     */
-    static hasValidAuth(headers: Record<string, string>): boolean;
-    /**
-     * Extracts just the user ID from headers.
-     *
-     * Convenience method for cases where you only need the user ID
-     * without parsing the full authentication context.
-     *
-     * When authentication is disabled, returns the configured anonymous user ID.
-     *
-     * @param headers - HTTP request headers
-     * @returns Keycloak user ID, anonymous user ID if auth disabled, or null if not present
-     *
-     * @example
-     * ```typescript
-     * const userId = ApisixAuthParser.getUserId(req.headers)
-     * if (userId) {
-     *   console.log(`Request from user: ${userId}`)
-     * }
-     * ```
-     */
-    static getUserId(headers: Record<string, string>): string | null;
-    /**
-     * Extracts just the user roles from headers.
-     *
-     * Convenience method for cases where you only need the user roles
-     * without parsing the full authentication context.
-     *
-     * When authentication is disabled, returns the anonymous user roles.
-     *
-     * @param headers - HTTP request headers
-     * @returns Array of role names, anonymous roles if auth disabled, empty array if no roles header present
-     *
-     * @example
-     * ```typescript
-     * const roles = ApisixAuthParser.getUserRoles(req.headers)
-     * if (roles.includes('admin')) {
-     *   console.log('User has admin privileges')
-     * }
-     * ```
-     */
-    static getUserRoles(headers: Record<string, string>): string[];
-    /**
-     * Checks if a user has the admin role.
-     *
-     * Determines if the authenticated user has administrative privileges by checking
-     * if their roles include the configured admin role name (default: "admin").
-     *
-     * The admin role name can be configured via DIGITALTWIN_ADMIN_ROLE_NAME environment variable.
-     *
-     * @param headers - HTTP request headers
-     * @returns true if user has admin role, false otherwise
-     *
-     * @example
-     * ```typescript
-     * if (ApisixAuthParser.isAdmin(req.headers)) {
-     *   // User has full administrative access
-     *   // Can view all assets including private assets owned by others
-     *   console.log('Admin user detected')
-     * }
-     *
-     * // With custom admin role name (DIGITALTWIN_ADMIN_ROLE_NAME=administrator)
-     * const isAdmin = ApisixAuthParser.isAdmin(req.headers)
-     * ```
-     */
-    static isAdmin(headers: Record<string, string>): boolean;
-}
-//# sourceMappingURL=apisix_parser.d.ts.map

package/dist/auth/apisix_parser.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"apisix_parser.d.ts","sourceRoot":"","sources":["../../src/auth/apisix_parser.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAA;AAGnD;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,qBAAa,gBAAgB;IACzB;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACH,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,iBAAiB,GAAG,IAAI;IAqBlF;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,MAAM,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,OAAO;IAS7D;;;;;;;;;;;;;;;;;;OAkBG;IACH,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,MAAM,GAAG,IAAI;IAShE;;;;;;;;;;;;;;;;;;OAkBG;IACH,MAAM,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,MAAM,EAAE;IAU9D;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,OAAO;CAK3D"}

package/dist/auth/apisix_parser.js

@@ -1,185 +0,0 @@
-import { AuthConfig } from './auth_config.js';
-/**
- * Parses authentication information from Apache APISIX headers set after Keycloak authentication.
- *
- * This class handles the parsing of authentication headers forwarded by Apache APISIX
- * after successful Keycloak authentication. APISIX acts as a gateway that:
- * 1. Validates JWT tokens with Keycloak
- * 2. Extracts user information from the token
- * 3. Forwards user data as HTTP headers to downstream services
- *
- * Authentication can be disabled via environment variables for development/testing:
- * - Set DIGITALTWIN_DISABLE_AUTH=true to bypass authentication checks
- * - Set DIGITALTWIN_ANONYMOUS_USER_ID=custom-id to use a custom anonymous user ID
- *
- * @example
- * ```typescript
- * // In an AssetsManager handler
- * if (!ApisixAuthParser.hasValidAuth(req.headers)) {
- *   return { status: 401, content: 'Authentication required' }
- * }
- *
- * const authUser = ApisixAuthParser.parseAuthHeaders(req.headers)
- * const userRecord = await this.userService.findOrCreateUser(authUser!)
- * ```
- */
-export class ApisixAuthParser {
-    /**
-     * Extracts user information from APISIX headers.
-     *
-     * Parses the authentication headers forwarded by APISIX:
-     * - `x-user-id`: Keycloak user UUID (required)
-     * - `x-user-roles`: Comma-separated list of user roles (optional)
-     *
-     * When authentication is disabled (DIGITALTWIN_DISABLE_AUTH=true),
-     * returns a default anonymous user instead of requiring headers.
-     *
-     * @param headers - HTTP request headers from APISIX
-     * @returns Parsed user authentication data, or null if x-user-id is missing and auth is enabled
-     *
-     * @example
-     * ```typescript
-     * const headers = {
-     *   'x-user-id': '6e06a527-a89d-4390-95cd-10ae63cfc939',
-     *   'x-user-roles': 'default-roles-master,offline_access'
-     * }
-     *
-     * const authUser = ApisixAuthParser.parseAuthHeaders(headers)
-     * // Returns: { id: '6e06a527...', roles: ['default-roles-master', 'offline_access'] }
-     *
-     * // With DIGITALTWIN_DISABLE_AUTH=true
-     * const authUser = ApisixAuthParser.parseAuthHeaders({})
-     * // Returns: { id: 'anonymous', roles: ['anonymous'] }
-     * ```
-     */
-    static parseAuthHeaders(headers) {
-        // If authentication is disabled, return anonymous user
-        if (AuthConfig.isAuthDisabled()) {
-            return AuthConfig.getAnonymousUser();
-        }
-        const userId = headers['x-user-id'];
-        if (!userId) {
-            return null;
-        }
-        // Parse roles from comma-separated string
-        const rolesString = headers['x-user-roles'] || '';
-        const roles = rolesString ? rolesString.split(',').map(role => role.trim()) : [];
-        return {
-            id: userId,
-            roles: roles
-        };
-    }
-    /**
-     * Checks if a request has valid authentication headers.
-     *
-     * Performs a quick validation to determine if the request contains
-     * the minimum required authentication information (x-user-id header).
-     * Use this for early authentication checks before parsing.
-     *
-     * When authentication is disabled (DIGITALTWIN_DISABLE_AUTH=true),
-     * this always returns true to allow all requests through.
-     *
-     * @param headers - HTTP request headers
-     * @returns true if x-user-id header is present or auth is disabled, false otherwise
-     *
-     * @example
-     * ```typescript
-     * // Early authentication check in handler
-     * if (!ApisixAuthParser.hasValidAuth(req.headers)) {
-     *   return { status: 401, content: 'Authentication required' }
-     * }
-     *
-     * // Now safe to proceed with parsing
-     * const authUser = ApisixAuthParser.parseAuthHeaders(req.headers)
-     * ```
-     */
-    static hasValidAuth(headers) {
-        // If authentication is disabled, all requests are valid
-        if (AuthConfig.isAuthDisabled()) {
-            return true;
-        }
-        return !!headers['x-user-id'];
-    }
-    /**
-     * Extracts just the user ID from headers.
-     *
-     * Convenience method for cases where you only need the user ID
-     * without parsing the full authentication context.
-     *
-     * When authentication is disabled, returns the configured anonymous user ID.
-     *
-     * @param headers - HTTP request headers
-     * @returns Keycloak user ID, anonymous user ID if auth disabled, or null if not present
-     *
-     * @example
-     * ```typescript
-     * const userId = ApisixAuthParser.getUserId(req.headers)
-     * if (userId) {
-     *   console.log(`Request from user: ${userId}`)
-     * }
-     * ```
-     */
-    static getUserId(headers) {
-        // If authentication is disabled, return anonymous user ID
-        if (AuthConfig.isAuthDisabled()) {
-            return AuthConfig.getAnonymousUserId();
-        }
-        return headers['x-user-id'] || null;
-    }
-    /**
-     * Extracts just the user roles from headers.
-     *
-     * Convenience method for cases where you only need the user roles
-     * without parsing the full authentication context.
-     *
-     * When authentication is disabled, returns the anonymous user roles.
-     *
-     * @param headers - HTTP request headers
-     * @returns Array of role names, anonymous roles if auth disabled, empty array if no roles header present
-     *
-     * @example
-     * ```typescript
-     * const roles = ApisixAuthParser.getUserRoles(req.headers)
-     * if (roles.includes('admin')) {
-     *   console.log('User has admin privileges')
-     * }
-     * ```
-     */
-    static getUserRoles(headers) {
-        // If authentication is disabled, return anonymous user roles
-        if (AuthConfig.isAuthDisabled()) {
-            return AuthConfig.getAnonymousUser().roles;
-        }
-        const rolesString = headers['x-user-roles'] || '';
-        return rolesString ? rolesString.split(',').map(role => role.trim()) : [];
-    }
-    /**
-     * Checks if a user has the admin role.
-     *
-     * Determines if the authenticated user has administrative privileges by checking
-     * if their roles include the configured admin role name (default: "admin").
-     *
-     * The admin role name can be configured via DIGITALTWIN_ADMIN_ROLE_NAME environment variable.
-     *
-     * @param headers - HTTP request headers
-     * @returns true if user has admin role, false otherwise
-     *
-     * @example
-     * ```typescript
-     * if (ApisixAuthParser.isAdmin(req.headers)) {
-     *   // User has full administrative access
-     *   // Can view all assets including private assets owned by others
-     *   console.log('Admin user detected')
-     * }
-     *
-     * // With custom admin role name (DIGITALTWIN_ADMIN_ROLE_NAME=administrator)
-     * const isAdmin = ApisixAuthParser.isAdmin(req.headers)
-     * ```
-     */
-    static isAdmin(headers) {
-        const roles = this.getUserRoles(headers);
-        const adminRoleName = AuthConfig.getAdminRoleName();
-        return roles.includes(adminRoleName);
-    }
-}
-//# sourceMappingURL=apisix_parser.js.map

package/dist/auth/apisix_parser.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"apisix_parser.js","sourceRoot":"","sources":["../../src/auth/apisix_parser.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE7C;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,OAAO,gBAAgB;IACzB;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACH,MAAM,CAAC,gBAAgB,CAAC,OAA+B;QACnD,uDAAuD;QACvD,IAAI,UAAU,CAAC,cAAc,EAAE,EAAE,CAAC;YAC9B,OAAO,UAAU,CAAC,gBAAgB,EAAE,CAAA;QACxC,CAAC;QAED,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAA;QACnC,IAAI,CAAC,MAAM,EAAE,CAAC;YACV,OAAO,IAAI,CAAA;QACf,CAAC;QAED,0CAA0C;QAC1C,MAAM,WAAW,GAAG,OAAO,CAAC,cAAc,CAAC,IAAI,EAAE,CAAA;QACjD,MAAM,KAAK,GAAG,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;QAEhF,OAAO;YACH,EAAE,EAAE,MAAM;YACV,KAAK,EAAE,KAAK;SACf,CAAA;IACL,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACH,MAAM,CAAC,YAAY,CAAC,OAA+B;QAC/C,wDAAwD;QACxD,IAAI,UAAU,CAAC,cAAc,EAAE,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAA;QACf,CAAC;QAED,OAAO,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAA;IACjC,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IACH,MAAM,CAAC,SAAS,CAAC,OAA+B;QAC5C,0DAA0D;QAC1D,IAAI,UAAU,CAAC,cAAc,EAAE,EAAE,CAAC;YAC9B,OAAO,UAAU,CAAC,kBAAkB,EAAE,CAAA;QAC1C,CAAC;QAED,OAAO,OAAO,CAAC,WAAW,CAAC,IAAI,IAAI,CAAA;IACvC,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IACH,MAAM,CAAC,YAAY,CAAC,OAA+B;QAC/C,6DAA6D;QAC7D,IAAI,UAAU,CAAC,cAAc,EAAE,EAAE,CAAC;YAC9B,OAAO,UAAU,CAAC,gBAAgB,EAAE,CAAC,KAAK,CAAA;QAC9C,CAAC;QAED,MAAM,WAAW,GAAG,OAAO,CAAC,cAAc,CAAC,IAAI,EAAE,CAAA;QACjD,OAAO,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;IAC7E,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,MAAM,CAAC,OAAO,CAAC,OAA+B;QAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAA;QACxC,MAAM,aAAa,GAAG,UAAU,CAAC,gBAAgB,EAAE,CAAA;QACnD,OAAO,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAA;IACxC,CAAC;CACJ"}