dominus-sdk-nodejs-dev 1.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (75) hide show
  1. package/LLM-GUIDE.md +537 -0
  2. package/README.md +585 -0
  3. package/dist/index.d.ts +191 -0
  4. package/dist/index.d.ts.map +1 -0
  5. package/dist/index.js +224 -0
  6. package/dist/index.js.map +1 -0
  7. package/dist/lib/cache.d.ts +112 -0
  8. package/dist/lib/cache.d.ts.map +1 -0
  9. package/dist/lib/cache.js +237 -0
  10. package/dist/lib/cache.js.map +1 -0
  11. package/dist/lib/client.d.ts +38 -0
  12. package/dist/lib/client.d.ts.map +1 -0
  13. package/dist/lib/client.js +425 -0
  14. package/dist/lib/client.js.map +1 -0
  15. package/dist/lib/config.d.ts +20 -0
  16. package/dist/lib/config.d.ts.map +1 -0
  17. package/dist/lib/config.js +32 -0
  18. package/dist/lib/config.js.map +1 -0
  19. package/dist/lib/crypto.d.ts +70 -0
  20. package/dist/lib/crypto.d.ts.map +1 -0
  21. package/dist/lib/crypto.js +95 -0
  22. package/dist/lib/crypto.js.map +1 -0
  23. package/dist/lib/errors.d.ts +77 -0
  24. package/dist/lib/errors.d.ts.map +1 -0
  25. package/dist/lib/errors.js +134 -0
  26. package/dist/lib/errors.js.map +1 -0
  27. package/dist/namespaces/auth.d.ts +237 -0
  28. package/dist/namespaces/auth.d.ts.map +1 -0
  29. package/dist/namespaces/auth.js +785 -0
  30. package/dist/namespaces/auth.js.map +1 -0
  31. package/dist/namespaces/courier.d.ts +67 -0
  32. package/dist/namespaces/courier.d.ts.map +1 -0
  33. package/dist/namespaces/courier.js +90 -0
  34. package/dist/namespaces/courier.js.map +1 -0
  35. package/dist/namespaces/db.d.ts +117 -0
  36. package/dist/namespaces/db.d.ts.map +1 -0
  37. package/dist/namespaces/db.js +149 -0
  38. package/dist/namespaces/db.js.map +1 -0
  39. package/dist/namespaces/ddl.d.ts +84 -0
  40. package/dist/namespaces/ddl.d.ts.map +1 -0
  41. package/dist/namespaces/ddl.js +211 -0
  42. package/dist/namespaces/ddl.js.map +1 -0
  43. package/dist/namespaces/files.d.ts +107 -0
  44. package/dist/namespaces/files.d.ts.map +1 -0
  45. package/dist/namespaces/files.js +161 -0
  46. package/dist/namespaces/files.js.map +1 -0
  47. package/dist/namespaces/health.d.ts +30 -0
  48. package/dist/namespaces/health.d.ts.map +1 -0
  49. package/dist/namespaces/health.js +66 -0
  50. package/dist/namespaces/health.js.map +1 -0
  51. package/dist/namespaces/logs.d.ts +97 -0
  52. package/dist/namespaces/logs.d.ts.map +1 -0
  53. package/dist/namespaces/logs.js +194 -0
  54. package/dist/namespaces/logs.js.map +1 -0
  55. package/dist/namespaces/open.d.ts +27 -0
  56. package/dist/namespaces/open.d.ts.map +1 -0
  57. package/dist/namespaces/open.js +46 -0
  58. package/dist/namespaces/open.js.map +1 -0
  59. package/dist/namespaces/portal.d.ts +172 -0
  60. package/dist/namespaces/portal.d.ts.map +1 -0
  61. package/dist/namespaces/portal.js +332 -0
  62. package/dist/namespaces/portal.js.map +1 -0
  63. package/dist/namespaces/redis.d.ts +144 -0
  64. package/dist/namespaces/redis.d.ts.map +1 -0
  65. package/dist/namespaces/redis.js +218 -0
  66. package/dist/namespaces/redis.js.map +1 -0
  67. package/dist/namespaces/secrets.d.ts +50 -0
  68. package/dist/namespaces/secrets.d.ts.map +1 -0
  69. package/dist/namespaces/secrets.js +93 -0
  70. package/dist/namespaces/secrets.js.map +1 -0
  71. package/dist/namespaces/secure.d.ts +102 -0
  72. package/dist/namespaces/secure.d.ts.map +1 -0
  73. package/dist/namespaces/secure.js +151 -0
  74. package/dist/namespaces/secure.js.map +1 -0
  75. package/package.json +45 -0
package/dist/lib/client.js ADDED
@@ -0,0 +1,425 @@
1
+ /**
2
+ * Core HTTP Client for Dominus SDK
3
+ *
4
+ * Handles JWT management, base64 encoding/decoding, retries, and circuit breaker.
5
+ */
6
+ import { BASE_URL, resolveToken } from './config.js';
7
+ import { DominusError, AuthenticationError, raiseForStatus, ConnectionError, TimeoutError, } from './errors.js';
8
+ // Constants
9
+ const MAX_RETRIES = 3;
10
+ const REQUEST_TIMEOUT = 30000; // 30 seconds
11
+ // State
12
+ let cachedJwt = null;
13
+ let validated = false;
14
+ // Circuit breaker state
15
+ let circuitState = 'closed';
16
+ let failureCount = 0;
17
+ let lastFailureTime = 0;
18
+ const CIRCUIT_THRESHOLD = 5;
19
+ const CIRCUIT_TIMEOUT = 30000; // 30 seconds
20
+ /**
21
+ * Base64 encode a JSON object to string
22
+ */
23
+ function b64Encode(data) {
24
+ const json = JSON.stringify(data);
25
+ return Buffer.from(json).toString('base64');
26
+ }
27
+ /**
28
+ * Base64 decode a string to JSON object
29
+ */
30
+ function b64Decode(encoded) {
31
+ const decoded = Buffer.from(encoded, 'base64').toString('utf-8');
32
+ return JSON.parse(decoded);
33
+ }
34
+ /**
35
+ * Decode JWT payload without verification (for exp checks only)
36
+ */
37
+ function decodeJwtPayload(jwt) {
38
+ const parts = jwt.split('.');
39
+ if (parts.length !== 3) {
40
+ throw new Error('Invalid JWT format');
41
+ }
42
+ // Base64url decode
43
+ let payload = parts[1];
44
+ payload = payload.replace(/-/g, '+').replace(/_/g, '/');
45
+ const padding = 4 - (payload.length % 4);
46
+ if (padding !== 4) {
47
+ payload += '='.repeat(padding);
48
+ }
49
+ const decoded = Buffer.from(payload, 'base64').toString('utf-8');
50
+ return JSON.parse(decoded);
51
+ }
52
+ /**
53
+ * Calculate exponential backoff with jitter
54
+ */
55
+ function backoffWithJitter(attempt, baseDelay = 1000, maxDelay = 15000) {
56
+ const delay = Math.min(baseDelay * Math.pow(2, attempt), maxDelay);
57
+ const jitter = delay * 0.5 * Math.random();
58
+ return delay + jitter;
59
+ }
60
+ /**
61
+ * Check if circuit breaker allows execution
62
+ */
63
+ function canExecute() {
64
+ if (circuitState === 'closed')
65
+ return true;
66
+ if (circuitState === 'open') {
67
+ if (Date.now() - lastFailureTime > CIRCUIT_TIMEOUT) {
68
+ circuitState = 'half-open';
69
+ return true;
70
+ }
71
+ return false;
72
+ }
73
+ // half-open
74
+ return true;
75
+ }
76
+ /**
77
+ * Record success for circuit breaker
78
+ */
79
+ function recordSuccess() {
80
+ failureCount = 0;
81
+ circuitState = 'closed';
82
+ }
83
+ /**
84
+ * Record failure for circuit breaker
85
+ */
86
+ function recordFailure() {
87
+ failureCount++;
88
+ lastFailureTime = Date.now();
89
+ if (failureCount >= CIRCUIT_THRESHOLD) {
90
+ circuitState = 'open';
91
+ }
92
+ }
93
+ /**
94
+ * Get service JWT by calling /api/warden/mint with PSK
95
+ * Retries on 401/5xx with exponential backoff (orchestrator cold start handling)
96
+ */
97
+ async function getServiceJwt(pskToken) {
98
+ if (!canExecute()) {
99
+ throw new AuthenticationError('Circuit breaker OPEN - too many recent failures. Will retry after recovery timeout.');
100
+ }
101
+ const headers = {
102
+ Authorization: `Bearer ${pskToken}`,
103
+ 'Content-Type': 'text/plain',
104
+ };
105
+ const body = b64Encode({ method: 'auth.self', params: {} });
106
+ // Retry loop for JWT minting (handles orchestrator cold start)
107
+ const JWT_MINT_RETRIES = 3;
108
+ let lastError = null;
109
+ for (let attempt = 0; attempt < JWT_MINT_RETRIES; attempt++) {
110
+ try {
111
+ const controller = new AbortController();
112
+ const timeoutId = setTimeout(() => controller.abort(), REQUEST_TIMEOUT);
113
+ const response = await fetch(`${BASE_URL}/api/warden/mint`, {
114
+ method: 'POST',
115
+ headers,
116
+ body,
117
+ signal: controller.signal,
118
+ });
119
+ clearTimeout(timeoutId);
120
+ if (!response.ok) {
121
+ // Retry on 401 (cold start - services not ready) or 5xx (server errors)
122
+ if ((response.status === 401 || response.status >= 500) &&
123
+ attempt < JWT_MINT_RETRIES - 1) {
124
+ const delay = backoffWithJitter(attempt, 2000, 10000);
125
+ console.log(`[Dominus] JWT mint returned ${response.status}, retrying in ${Math.round(delay)}ms (attempt ${attempt + 1}/${JWT_MINT_RETRIES})`);
126
+ await new Promise((resolve) => setTimeout(resolve, delay));
127
+ continue;
128
+ }
129
+ recordFailure();
130
+ throw new AuthenticationError(`Auth failed with status ${response.status}`);
131
+ }
132
+ const text = await response.text();
133
+ const result = b64Decode(text);
134
+ if (!result.success) {
135
+ recordFailure();
136
+ throw new AuthenticationError(result.error || 'Unknown auth error');
137
+ }
138
+ const jwt = result.data?.access_token || result.data?.token;
139
+ if (!jwt) {
140
+ recordFailure();
141
+ throw new AuthenticationError('No JWT token in auth response');
142
+ }
143
+ recordSuccess();
144
+ return jwt;
145
+ }
146
+ catch (error) {
147
+ if (error instanceof DominusError) {
148
+ lastError = error;
149
+ // Don't retry DominusErrors that aren't retryable
150
+ if (!(error instanceof AuthenticationError)) {
151
+ throw error;
152
+ }
153
+ // For AuthenticationError, we've already handled retries above
154
+ throw error;
155
+ }
156
+ lastError =
157
+ error instanceof Error ? error : new Error(String(error));
158
+ if (error instanceof Error && error.name === 'AbortError') {
159
+ // Timeout - retry if attempts remain
160
+ if (attempt < JWT_MINT_RETRIES - 1) {
161
+ const delay = backoffWithJitter(attempt, 2000, 10000);
162
+ console.log(`[Dominus] JWT mint timed out, retrying in ${Math.round(delay)}ms (attempt ${attempt + 1}/${JWT_MINT_RETRIES})`);
163
+ await new Promise((resolve) => setTimeout(resolve, delay));
164
+ continue;
165
+ }
166
+ recordFailure();
167
+ throw new TimeoutError('JWT request timed out');
168
+ }
169
+ // Network error - retry if attempts remain
170
+ if (attempt < JWT_MINT_RETRIES - 1) {
171
+ const delay = backoffWithJitter(attempt, 2000, 10000);
172
+ console.log(`[Dominus] JWT mint failed (${error}), retrying in ${Math.round(delay)}ms (attempt ${attempt + 1}/${JWT_MINT_RETRIES})`);
173
+ await new Promise((resolve) => setTimeout(resolve, delay));
174
+ continue;
175
+ }
176
+ recordFailure();
177
+ throw new ConnectionError(`Failed to get JWT: ${error}`);
178
+ }
179
+ }
180
+ // Should not reach here, but just in case
181
+ recordFailure();
182
+ throw lastError || new ConnectionError('Failed to get JWT after retries');
183
+ }
184
+ /**
185
+ * Ensure we have a valid JWT, fetching and caching if needed
186
+ */
187
+ async function ensureValidJwt(pskToken) {
188
+ // Check cached JWT
189
+ if (cachedJwt) {
190
+ try {
191
+ const payload = decodeJwtPayload(cachedJwt);
192
+ const exp = payload.exp || 0;
193
+ const currentTime = Math.floor(Date.now() / 1000);
194
+ // Refresh if <60 seconds remain
195
+ if (exp - currentTime > 60) {
196
+ return cachedJwt;
197
+ }
198
+ }
199
+ catch {
200
+ // If decode fails, fetch new JWT
201
+ }
202
+ }
203
+ // Fetch new JWT
204
+ const jwt = await getServiceJwt(pskToken);
205
+ cachedJwt = jwt;
206
+ return jwt;
207
+ }
208
+ /**
209
+ * Verify token format is valid (basic check, not server verification)
210
+ * Actual token validation happens when we call /api/warden/mint
211
+ */
212
+ function verifyTokenFormat(token) {
213
+ // PSK tokens are 64-character hex strings
214
+ if (!token || token.length < 32) {
215
+ return false;
216
+ }
217
+ return true;
218
+ }
219
+ /**
220
+ * Health check with retry for cold starts
221
+ */
222
+ async function healthCheck() {
223
+ const HEALTH_TIMEOUT = 15000; // 15 seconds for cold start tolerance
224
+ const HEALTH_RETRIES = 2;
225
+ for (let attempt = 0; attempt < HEALTH_RETRIES; attempt++) {
226
+ const controller = new AbortController();
227
+ const timeoutId = setTimeout(() => controller.abort(), HEALTH_TIMEOUT);
228
+ const start = Date.now();
229
+ try {
230
+ const response = await fetch(`${BASE_URL}/api/health`, {
231
+ signal: controller.signal,
232
+ });
233
+ clearTimeout(timeoutId);
234
+ const latency = Date.now() - start;
235
+ if (!response.ok) {
236
+ // Retry on server errors
237
+ if (response.status >= 500 && attempt < HEALTH_RETRIES - 1) {
238
+ await new Promise((resolve) => setTimeout(resolve, 2000));
239
+ continue;
240
+ }
241
+ return {
242
+ status: 'unhealthy',
243
+ error: `HTTP ${response.status}`,
244
+ latency_ms: latency,
245
+ };
246
+ }
247
+ const data = (await response.json());
248
+ return {
249
+ status: data.status || 'healthy',
250
+ latency_ms: latency,
251
+ ...data,
252
+ };
253
+ }
254
+ catch (error) {
255
+ clearTimeout(timeoutId);
256
+ // Retry on timeout/network errors
257
+ if (attempt < HEALTH_RETRIES - 1) {
258
+ console.log(`[Dominus] Health check failed (${error}), retrying...`);
259
+ await new Promise((resolve) => setTimeout(resolve, 2000));
260
+ continue;
261
+ }
262
+ return {
263
+ status: 'unhealthy',
264
+ error: String(error),
265
+ };
266
+ }
267
+ }
268
+ return { status: 'unhealthy', error: 'Health check failed after retries' };
269
+ }
270
+ /**
271
+ * Main Dominus client class
272
+ */
273
+ export class DominusClient {
274
+ token;
275
+ baseUrl;
276
+ constructor(hardcodedToken) {
277
+ this.token = resolveToken(hardcodedToken);
278
+ this.baseUrl = BASE_URL;
279
+ }
280
+ /**
281
+ * Validate token on first use
282
+ */
283
+ async validate() {
284
+ if (validated)
285
+ return;
286
+ if (!this.token) {
287
+ throw new AuthenticationError('DOMINUS_TOKEN not found.\n\n' +
288
+ 'Set the environment variable:\n export DOMINUS_TOKEN=your_token\n\n' +
289
+ 'Or in production, set it via your deployment platform.');
290
+ }
291
+ // Basic token format check
292
+ if (!verifyTokenFormat(this.token)) {
293
+ throw new AuthenticationError('Invalid token format');
294
+ }
295
+ // Health check to warm up the server
296
+ const health = await healthCheck();
297
+ if (health.status !== 'healthy' && health.status !== 'ok') {
298
+ throw new DominusError(`Services unhealthy: ${JSON.stringify(health)}`);
299
+ }
300
+ validated = true;
301
+ }
302
+ /**
303
+ * Make an authenticated request to the orchestrator
304
+ *
305
+ * @param options - Request options including endpoint, method, body, and optional userToken
306
+ * @param options.userToken - If provided, uses this JWT instead of the service token.
307
+ * Use this for user-authenticated requests (e.g., /api/portal/auth/me)
308
+ */
309
+ async request(options) {
310
+ const { endpoint, method = 'POST', body = {}, userToken } = options;
311
+ let jwt;
312
+ if (userToken) {
313
+ // Use the provided user JWT directly (no validation needed - orchestrator validates it)
314
+ jwt = userToken;
315
+ }
316
+ else {
317
+ // Use service token flow
318
+ await this.validate();
319
+ jwt = await ensureValidJwt(this.token);
320
+ }
321
+ // Prepare request
322
+ const headers = {
323
+ Authorization: `Bearer ${jwt}`,
324
+ 'Content-Type': 'text/plain',
325
+ };
326
+ const encodedBody = b64Encode(body);
327
+ // Retry loop
328
+ for (let attempt = 0; attempt < MAX_RETRIES; attempt++) {
329
+ try {
330
+ const controller = new AbortController();
331
+ const timeoutId = setTimeout(() => controller.abort(), REQUEST_TIMEOUT);
332
+ let response;
333
+ if (method === 'GET') {
334
+ // For GET requests, we don't send body
335
+ response = await fetch(`${this.baseUrl}${endpoint}`, {
336
+ method: 'GET',
337
+ headers: {
338
+ Authorization: `Bearer ${jwt}`,
339
+ },
340
+ signal: controller.signal,
341
+ });
342
+ }
343
+ else {
344
+ response = await fetch(`${this.baseUrl}${endpoint}`, {
345
+ method,
346
+ headers,
347
+ body: encodedBody,
348
+ signal: controller.signal,
349
+ });
350
+ }
351
+ clearTimeout(timeoutId);
352
+ if (!response.ok) {
353
+ // Try to decode error response
354
+ let errorMessage = `HTTP ${response.status}`;
355
+ let errorDetails = {};
356
+ try {
357
+ const errorText = await response.text();
358
+ const decoded = b64Decode(errorText);
359
+ errorMessage =
360
+ decoded.error ||
361
+ decoded.detail ||
362
+ errorMessage;
363
+ errorDetails = decoded;
364
+ }
365
+ catch {
366
+ // Use default error message
367
+ }
368
+ // Don't retry 4xx errors
369
+ if (response.status >= 400 && response.status < 500) {
370
+ raiseForStatus(response.status, errorMessage, errorDetails, endpoint);
371
+ }
372
+ // Retry 5xx errors
373
+ if (attempt === MAX_RETRIES - 1) {
374
+ raiseForStatus(response.status, errorMessage, errorDetails, endpoint);
375
+ }
376
+ const delay = backoffWithJitter(attempt);
377
+ await new Promise((resolve) => setTimeout(resolve, delay));
378
+ continue;
379
+ }
380
+ // Decode successful response
381
+ const text = await response.text();
382
+ const result = b64Decode(text);
383
+ // Handle wrapped response format
384
+ if ('success' in result && result.success === false) {
385
+ throw new DominusError(result.error || 'Unknown error', undefined, undefined, endpoint);
386
+ }
387
+ // Return data field if present, otherwise the whole result
388
+ if ('data' in result && result.data !== undefined) {
389
+ return result.data;
390
+ }
391
+ return result;
392
+ }
393
+ catch (error) {
394
+ if (error instanceof DominusError)
395
+ throw error;
396
+ if (error instanceof Error && error.name === 'AbortError') {
397
+ if (attempt === MAX_RETRIES - 1) {
398
+ throw new TimeoutError('Request timed out', undefined, undefined, endpoint);
399
+ }
400
+ }
401
+ if (attempt === MAX_RETRIES - 1) {
402
+ throw new ConnectionError(`Request failed after ${MAX_RETRIES} retries: ${error}`, undefined, undefined, endpoint);
403
+ }
404
+ const delay = backoffWithJitter(attempt);
405
+ await new Promise((resolve) => setTimeout(resolve, delay));
406
+ }
407
+ }
408
+ throw new ConnectionError(`Request failed after ${MAX_RETRIES} retries`, undefined, undefined, endpoint);
409
+ }
410
+ /**
411
+ * Health check endpoint
412
+ */
413
+ async healthCheck() {
414
+ return healthCheck();
415
+ }
416
+ }
417
+ // Export singleton factory
418
+ let clientInstance = null;
419
+ export function getClient(hardcodedToken) {
420
+ if (!clientInstance) {
421
+ clientInstance = new DominusClient(hardcodedToken);
422
+ }
423
+ return clientInstance;
424
+ }
425
+ //# sourceMappingURL=client.js.map
package/dist/lib/client.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/lib/client.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,EACL,YAAY,EACZ,mBAAmB,EACnB,cAAc,EACd,eAAe,EACf,YAAY,GACb,MAAM,aAAa,CAAC;AAgBrB,YAAY;AACZ,MAAM,WAAW,GAAG,CAAC,CAAC;AACtB,MAAM,eAAe,GAAG,KAAK,CAAC,CAAC,aAAa;AAE5C,QAAQ;AACR,IAAI,SAAS,GAAkB,IAAI,CAAC;AACpC,IAAI,SAAS,GAAG,KAAK,CAAC;AAEtB,wBAAwB;AACxB,IAAI,YAAY,GAAoC,QAAQ,CAAC;AAC7D,IAAI,YAAY,GAAG,CAAC,CAAC;AACrB,IAAI,eAAe,GAAG,CAAC,CAAC;AACxB,MAAM,iBAAiB,GAAG,CAAC,CAAC;AAC5B,MAAM,eAAe,GAAG,KAAK,CAAC,CAAC,aAAa;AAE5C;;GAEG;AACH,SAAS,SAAS,CAAC,IAA6B;IAC9C,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAClC,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,SAAS,SAAS,CAAC,OAAe;IAChC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACjE,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;AAC7B,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IAED,mBAAmB;IACnB,IAAI,OAAO,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;IACxB,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACxD,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACzC,IAAI,OAAO,KAAK,CAAC,EAAE,CAAC;QAClB,OAAO,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACjE,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;AAC7B,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CACxB,OAAe,EACf,SAAS,GAAG,IAAI,EAChB,QAAQ,GAAG,KAAK;IAEhB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,EAAE,QAAQ,CAAC,CAAC;IACnE,MAAM,MAAM,GAAG,KAAK,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;IAC3C,OAAO,KAAK,GAAG,MAAM,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,SAAS,UAAU;IACjB,IAAI,YAAY,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAC3C,IAAI,YAAY,KAAK,MAAM,EAAE,CAAC;QAC5B,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe,GAAG,eAAe,EAAE,CAAC;YACnD,YAAY,GAAG,WAAW,CAAC;YAC3B,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,YAAY;IACZ,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,aAAa;IACpB,YAAY,GAAG,CAAC,CAAC;IACjB,YAAY,GAAG,QAAQ,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,SAAS,aAAa;IACpB,YAAY,EAAE,CAAC;IACf,eAAe,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,IAAI,YAAY,IAAI,iBAAiB,EAAE,CAAC;QACtC,YAAY,GAAG,MAAM,CAAC;IACxB,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,aAAa,CAAC,QAAgB;IAC3C,IAAI,CAAC,UAAU,EAAE,EAAE,CAAC;QAClB,MAAM,IAAI,mBAAmB,CAC3B,qFAAqF,CACtF,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAA2B;QACtC,aAAa,EAAE,UAAU,QAAQ,EAAE;QACnC,cAAc,EAAE,YAAY;KAC7B,CAAC;IAEF,MAAM,IAAI,GAAG,SAAS,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAE5D,+DAA+D;IAC/D,MAAM,gBAAgB,GAAG,CAAC,CAAC;IAC3B,IAAI,SAAS,GAAiB,IAAI,CAAC;IAEnC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,gBAAgB,EAAE,OAAO,EAAE,EAAE,CAAC;QAC5D,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,eAAe,CAAC,CAAC;YAExE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,kBAAkB,EAAE;gBAC1D,MAAM,EAAE,MAAM;gBACd,OAAO;gBACP,IAAI;gBACJ,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,wEAAwE;gBACxE,IACE,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,CAAC;oBACnD,OAAO,GAAG,gBAAgB,GAAG,CAAC,EAC9B,CAAC;oBACD,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;oBACtD,OAAO,CAAC,GAAG,CACT,+BAA+B,QAAQ,CAAC,MAAM,iBAAiB,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,eAAe,OAAO,GAAG,CAAC,IAAI,gBAAgB,GAAG,CAClI,CAAC;oBACF,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;oBAC3D,SAAS;gBACX,CAAC;gBACD,aAAa,EAAE,CAAC;gBAChB,MAAM,IAAI,mBAAmB,CAC3B,2BAA2B,QAAQ,CAAC,MAAM,EAAE,CAC7C,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAI5B,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,aAAa,EAAE,CAAC;gBAChB,MAAM,IAAI,mBAAmB,CAAC,MAAM,CAAC,KAAK,IAAI,oBAAoB,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,EAAE,YAAY,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC;YAC5D,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,aAAa,EAAE,CAAC;gBAChB,MAAM,IAAI,mBAAmB,CAAC,+BAA+B,CAAC,CAAC;YACjE,CAAC;YAED,aAAa,EAAE,CAAC;YAChB,OAAO,GAAG,CAAC;QACb,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,YAAY,EAAE,CAAC;gBAClC,SAAS,GAAG,KAAK,CAAC;gBAClB,kDAAkD;gBAClD,IAAI,CAAC,CAAC,KAAK,YAAY,mBAAmB,CAAC,EAAE,CAAC;oBAC5C,MAAM,KAAK,CAAC;gBACd,CAAC;gBACD,+DAA+D;gBAC/D,MAAM,KAAK,CAAC;YACd,CAAC;YAED,SAAS;gBACP,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;YAE5D,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC1D,qCAAqC;gBACrC,IAAI,OAAO,GAAG,gBAAgB,GAAG,CAAC,EAAE,CAAC;oBACnC,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;oBACtD,OAAO,CAAC,GAAG,CACT,6CAA6C,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,eAAe,OAAO,GAAG,CAAC,IAAI,gBAAgB,GAAG,CAChH,CAAC;oBACF,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;oBAC3D,SAAS;gBACX,CAAC;gBACD,aAAa,EAAE,CAAC;gBAChB,MAAM,IAAI,YAAY,CAAC,uBAAuB,CAAC,CAAC;YAClD,CAAC;YAED,2CAA2C;YAC3C,IAAI,OAAO,GAAG,gBAAgB,GAAG,CAAC,EAAE,CAAC;gBACnC,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;gBACtD,OAAO,CAAC,GAAG,CACT,8BAA8B,KAAK,kBAAkB,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,eAAe,OAAO,GAAG,CAAC,IAAI,gBAAgB,GAAG,CACxH,CAAC;gBACF,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;gBAC3D,SAAS;YACX,CAAC;YAED,aAAa,EAAE,CAAC;YAChB,MAAM,IAAI,eAAe,CAAC,sBAAsB,KAAK,EAAE,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAED,0CAA0C;IAC1C,aAAa,EAAE,CAAC;IAChB,MAAM,SAAS,IAAI,IAAI,eAAe,CAAC,iCAAiC,CAAC,CAAC;AAC5E,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,cAAc,CAAC,QAAgB;IAC5C,mBAAmB;IACnB,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;YAC5C,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC;YAC7B,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAElD,gCAAgC;YAChC,IAAI,GAAG,GAAG,WAAW,GAAG,EAAE,EAAE,CAAC;gBAC3B,OAAO,SAAS,CAAC;YACnB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,iCAAiC;QACnC,CAAC;IACH,CAAC;IAED,gBAAgB;IAChB,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;IAC1C,SAAS,GAAG,GAAG,CAAC;IAChB,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,iBAAiB,CAAC,KAAa;IACtC,0CAA0C;IAC1C,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAChC,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,WAAW;IACxB,MAAM,cAAc,GAAG,KAAK,CAAC,CAAC,sCAAsC;IACpE,MAAM,cAAc,GAAG,CAAC,CAAC;IAEzB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,cAAc,EAAE,OAAO,EAAE,EAAE,CAAC;QAC1D,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,cAAc,CAAC,CAAC;QACvE,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEzB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,aAAa,EAAE;gBACrD,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,YAAY,CAAC,SAAS,CAAC,CAAC;YACxB,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;YAEnC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,yBAAyB;gBACzB,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,OAAO,GAAG,cAAc,GAAG,CAAC,EAAE,CAAC;oBAC3D,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;oBAC1D,SAAS;gBACX,CAAC;gBACD,OAAO;oBACL,MAAM,EAAE,WAAW;oBACnB,KAAK,EAAE,QAAQ,QAAQ,CAAC,MAAM,EAAE;oBAChC,UAAU,EAAE,OAAO;iBACpB,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;YAChE,OAAO;gBACL,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,SAAS;gBAChC,UAAU,EAAE,OAAO;gBACnB,GAAG,IAAI;aACR,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,YAAY,CAAC,SAAS,CAAC,CAAC;YAExB,kCAAkC;YAClC,IAAI,OAAO,GAAG,cAAc,GAAG,CAAC,EAAE,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,kCAAkC,KAAK,gBAAgB,CAAC,CAAC;gBACrE,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;gBAC1D,SAAS;YACX,CAAC;YAED,OAAO;gBACL,MAAM,EAAE,WAAW;gBACnB,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC;aACrB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,mCAAmC,EAAE,CAAC;AAC7E,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,aAAa;IAChB,KAAK,CAAgB;IACrB,OAAO,CAAS;IAExB,YAAY,cAAuB;QACjC,IAAI,CAAC,KAAK,GAAG,YAAY,CAAC,cAAc,CAAC,CAAC;QAC1C,IAAI,CAAC,OAAO,GAAG,QAAQ,CAAC;IAC1B,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,QAAQ;QACpB,IAAI,SAAS;YAAE,OAAO;QAEtB,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;YAChB,MAAM,IAAI,mBAAmB,CAC3B,8BAA8B;gBAC5B,sEAAsE;gBACtE,wDAAwD,CAC3D,CAAC;QACJ,CAAC;QAED,2BAA2B;QAC3B,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,mBAAmB,CAAC,sBAAsB,CAAC,CAAC;QACxD,CAAC;QAED,qCAAqC;QACrC,MAAM,MAAM,GAAG,MAAM,WAAW,EAAE,CAAC;QACnC,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,IAAI,MAAM,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;YAC1D,MAAM,IAAI,YAAY,CAAC,uBAAuB,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC1E,CAAC;QAED,SAAS,GAAG,IAAI,CAAC;IACnB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,OAAO,CAAc,OAAuB;QAChD,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,EAAE,IAAI,GAAG,EAAE,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;QAEpE,IAAI,GAAW,CAAC;QAEhB,IAAI,SAAS,EAAE,CAAC;YACd,wFAAwF;YACxF,GAAG,GAAG,SAAS,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,yBAAyB;YACzB,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;YACtB,GAAG,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,KAAM,CAAC,CAAC;QAC1C,CAAC;QAED,kBAAkB;QAClB,MAAM,OAAO,GAA2B;YACtC,aAAa,EAAE,UAAU,GAAG,EAAE;YAC9B,cAAc,EAAE,YAAY;SAC7B,CAAC;QAEF,MAAM,WAAW,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;QAEpC,aAAa;QACb,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,WAAW,EAAE,OAAO,EAAE,EAAE,CAAC;YACvD,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;gBACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,eAAe,CAAC,CAAC;gBAExE,IAAI,QAAkB,CAAC;gBAEvB,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;oBACrB,uCAAuC;oBACvC,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,GAAG,QAAQ,EAAE,EAAE;wBACnD,MAAM,EAAE,KAAK;wBACb,OAAO,EAAE;4BACP,aAAa,EAAE,UAAU,GAAG,EAAE;yBAC/B;wBACD,MAAM,EAAE,UAAU,CAAC,MAAM;qBAC1B,CAAC,CAAC;gBACL,CAAC;qBAAM,CAAC;oBACN,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,GAAG,QAAQ,EAAE,EAAE;wBACnD,MAAM;wBACN,OAAO;wBACP,IAAI,EAAE,WAAW;wBACjB,MAAM,EAAE,UAAU,CAAC,MAAM;qBAC1B,CAAC,CAAC;gBACL,CAAC;gBAED,YAAY,CAAC,SAAS,CAAC,CAAC;gBAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;oBACjB,+BAA+B;oBAC/B,IAAI,YAAY,GAAG,QAAQ,QAAQ,CAAC,MAAM,EAAE,CAAC;oBAC7C,IAAI,YAAY,GAA4B,EAAE,CAAC;oBAE/C,IAAI,CAAC;wBACH,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;wBACxC,MAAM,OAAO,GAAG,SAAS,CAAC,SAAS,CAA4B,CAAC;wBAChE,YAAY;4BACT,OAAO,CAAC,KAAgB;gCACxB,OAAO,CAAC,MAAiB;gCAC1B,YAAY,CAAC;wBACf,YAAY,GAAG,OAAO,CAAC;oBACzB,CAAC;oBAAC,MAAM,CAAC;wBACP,4BAA4B;oBAC9B,CAAC;oBAED,yBAAyB;oBACzB,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;wBACpD,cAAc,CACZ,QAAQ,CAAC,MAAM,EACf,YAAY,EACZ,YAAY,EACZ,QAAQ,CACT,CAAC;oBACJ,CAAC;oBAED,mBAAmB;oBACnB,IAAI,OAAO,KAAK,WAAW,GAAG,CAAC,EAAE,CAAC;wBAChC,cAAc,CACZ,QAAQ,CAAC,MAAM,EACf,YAAY,EACZ,YAAY,EACZ,QAAQ,CACT,CAAC;oBACJ,CAAC;oBAED,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;oBACzC,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;oBAC3D,SAAS;gBACX,CAAC;gBAED,6BAA6B;gBAC7B,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACnC,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAIxB,CAAC;gBAEN,iCAAiC;gBACjC,IAAI,SAAS,IAAI,MAAM,IAAI,MAAM,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;oBACpD,MAAM,IAAI,YAAY,CACpB,MAAM,CAAC,KAAK,IAAI,eAAe,EAC/B,SAAS,EACT,SAAS,EACT,QAAQ,CACT,CAAC;gBACJ,CAAC;gBAED,2DAA2D;gBAC3D,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBAClD,OAAO,MAAM,CAAC,IAAI,CAAC;gBACrB,CAAC;gBAED,OAAO,MAAW,CAAC;YACrB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,KAAK,YAAY,YAAY;oBAAE,MAAM,KAAK,CAAC;gBAE/C,IAAI,KAAK,YAAY,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAC1D,IAAI,OAAO,KAAK,WAAW,GAAG,CAAC,EAAE,CAAC;wBAChC,MAAM,IAAI,YAAY,CACpB,mBAAmB,EACnB,SAAS,EACT,SAAS,EACT,QAAQ,CACT,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAED,IAAI,OAAO,KAAK,WAAW,GAAG,CAAC,EAAE,CAAC;oBAChC,MAAM,IAAI,eAAe,CACvB,wBAAwB,WAAW,aAAa,KAAK,EAAE,EACvD,SAAS,EACT,SAAS,EACT,QAAQ,CACT,CAAC;gBACJ,CAAC;gBAED,MAAM,KAAK,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;gBACzC,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QAED,MAAM,IAAI,eAAe,CACvB,wBAAwB,WAAW,UAAU,EAC7C,SAAS,EACT,SAAS,EACT,QAAQ,CACT,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW;QACf,OAAO,WAAW,EAAE,CAAC;IACvB,CAAC;CACF;AAED,2BAA2B;AAC3B,IAAI,cAAc,GAAyB,IAAI,CAAC;AAEhD,MAAM,UAAU,SAAS,CAAC,cAAuB;IAC/C,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,cAAc,GAAG,IAAI,aAAa,CAAC,cAAc,CAAC,CAAC;IACrD,CAAC;IACD,OAAO,cAAc,CAAC;AACxB,CAAC"}
package/dist/lib/config.d.ts ADDED
@@ -0,0 +1,20 @@
1
+ /**
2
+ * Dominus Orchestrator Configuration
3
+ *
4
+ * Single backend URL for all services. The SDK targets dominus-orchestrator
5
+ * which consolidates all service functionality.
6
+ */
7
+ export declare const BASE_URL = "https://dominus-orchestrator-production-775398158805.us-east4.run.app";
8
+ /**
9
+ * Get the dominus-orchestrator base URL.
10
+ */
11
+ export declare function getBaseUrl(): string;
12
+ /**
13
+ * Resolve authentication token.
14
+ *
15
+ * Priority:
16
+ * 1. Environment variable: DOMINUS_TOKEN
17
+ * 2. Hardcoded fallback (if provided)
18
+ */
19
+ export declare function resolveToken(hardcodedToken?: string): string | null;
20
+ //# sourceMappingURL=config.d.ts.map
package/dist/lib/config.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/lib/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,eAAO,MAAM,QAAQ,0EAA0E,CAAC;AAEhG;;GAEG;AACH,wBAAgB,UAAU,IAAI,MAAM,CAEnC;AAED;;;;;;GAMG;AACH,wBAAgB,YAAY,CAAC,cAAc,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CASnE"}
package/dist/lib/config.js ADDED
@@ -0,0 +1,32 @@
1
+ /**
2
+ * Dominus Orchestrator Configuration
3
+ *
4
+ * Single backend URL for all services. The SDK targets dominus-orchestrator
5
+ * which consolidates all service functionality.
6
+ */
7
+ // Dominus Orchestrator Production URL
8
+ export const BASE_URL = 'https://dominus-orchestrator-production-775398158805.us-east4.run.app';
9
+ /**
10
+ * Get the dominus-orchestrator base URL.
11
+ */
12
+ export function getBaseUrl() {
13
+ return BASE_URL;
14
+ }
15
+ /**
16
+ * Resolve authentication token.
17
+ *
18
+ * Priority:
19
+ * 1. Environment variable: DOMINUS_TOKEN
20
+ * 2. Hardcoded fallback (if provided)
21
+ */
22
+ export function resolveToken(hardcodedToken) {
23
+ const token = process.env.DOMINUS_TOKEN;
24
+ if (token) {
25
+ return token;
26
+ }
27
+ if (hardcodedToken) {
28
+ return hardcodedToken;
29
+ }
30
+ return null;
31
+ }
32
+ //# sourceMappingURL=config.js.map
package/dist/lib/config.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/lib/config.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,sCAAsC;AACtC,MAAM,CAAC,MAAM,QAAQ,GAAG,uEAAuE,CAAC;AAEhG;;GAEG;AACH,MAAM,UAAU,UAAU;IACxB,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,YAAY,CAAC,cAAuB;IAClD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC;IACxC,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,cAAc,CAAC;IACxB,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}
package/dist/lib/crypto.d.ts ADDED
@@ -0,0 +1,70 @@
1
+ /**
2
+ * Cryptographic helpers for password and PSK hashing.
3
+ *
4
+ * All hashing is done client-side (in SDK) before sending to Orchestrator.
5
+ * This ensures passwords/PSKs are never transmitted in plaintext.
6
+ */
7
+ /**
8
+ * Hash a password using bcrypt.
9
+ *
10
+ * @param password - Raw password string
11
+ * @returns Bcrypt hash string (includes salt)
12
+ */
13
+ export declare function hashPassword(password: string): string;
14
+ /**
15
+ * Verify a password against a bcrypt hash locally.
16
+ *
17
+ * This is primarily for testing. In production, verification
18
+ * happens via the orchestrator's verify endpoints.
19
+ *
20
+ * @param password - Raw password to verify
21
+ * @param passwordHash - Bcrypt hash to compare against
22
+ * @returns True if password matches hash
23
+ */
24
+ export declare function verifyPasswordLocal(password: string, passwordHash: string): boolean;
25
+ /**
26
+ * Hash a PSK (Pre-Shared Key) using bcrypt.
27
+ *
28
+ * @param psk - Raw PSK string
29
+ * @returns Bcrypt hash string (includes salt)
30
+ */
31
+ export declare function hashPsk(psk: string): string;
32
+ /**
33
+ * Verify a PSK against a bcrypt hash locally.
34
+ *
35
+ * This is primarily for testing. In production, verification
36
+ * happens via the orchestrator's verify endpoints.
37
+ *
38
+ * @param psk - Raw PSK to verify
39
+ * @param pskHash - Bcrypt hash to compare against
40
+ * @returns True if PSK matches hash
41
+ */
42
+ export declare function verifyPskLocal(psk: string, pskHash: string): boolean;
43
+ /**
44
+ * Generate a random PSK locally.
45
+ *
46
+ * Note: In production, prefer using the orchestrator's PSK generation
47
+ * for centralized PSK management. This is a fallback.
48
+ *
49
+ * @param length - Length of PSK to generate (default: 32)
50
+ * @returns Random PSK string
51
+ */
52
+ export declare function generatePskLocal(length?: number): string;
53
+ /**
54
+ * Hash a token using SHA-256.
55
+ *
56
+ * Used for refresh tokens where we need fast comparison
57
+ * and don't need the security properties of bcrypt.
58
+ *
59
+ * @param token - Raw token string
60
+ * @returns SHA-256 hex digest
61
+ */
62
+ export declare function hashToken(token: string): string;
63
+ /**
64
+ * Generate a random token string.
65
+ *
66
+ * @param length - Length of token to generate (default: 64)
67
+ * @returns Random URL-safe token string
68
+ */
69
+ export declare function generateToken(length?: number): string;
70
+ //# sourceMappingURL=crypto.d.ts.map
package/dist/lib/crypto.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../src/lib/crypto.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAOH;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAGrD;AAED;;;;;;;;;GASG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAEnF;AAED;;;;;GAKG;AACH,wBAAgB,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAG3C;AAED;;;;;;;;;GASG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAEpE;AAED;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,SAAK,GAAG,MAAM,CAQpD;AAED;;;;;;;;GAQG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAE/C;AAED;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,MAAM,SAAK,GAAG,MAAM,CAEjD"}
package/dist/lib/crypto.js ADDED
@@ -0,0 +1,95 @@
1
+ /**
2
+ * Cryptographic helpers for password and PSK hashing.
3
+ *
4
+ * All hashing is done client-side (in SDK) before sending to Orchestrator.
5
+ * This ensures passwords/PSKs are never transmitted in plaintext.
6
+ */
7
+ import bcrypt from 'bcryptjs';
8
+ import crypto from 'crypto';
9
+ const BCRYPT_ROUNDS = 12;
10
+ /**
11
+ * Hash a password using bcrypt.
12
+ *
13
+ * @param password - Raw password string
14
+ * @returns Bcrypt hash string (includes salt)
15
+ */
16
+ export function hashPassword(password) {
17
+ const salt = bcrypt.genSaltSync(BCRYPT_ROUNDS);
18
+ return bcrypt.hashSync(password, salt);
19
+ }
20
+ /**
21
+ * Verify a password against a bcrypt hash locally.
22
+ *
23
+ * This is primarily for testing. In production, verification
24
+ * happens via the orchestrator's verify endpoints.
25
+ *
26
+ * @param password - Raw password to verify
27
+ * @param passwordHash - Bcrypt hash to compare against
28
+ * @returns True if password matches hash
29
+ */
30
+ export function verifyPasswordLocal(password, passwordHash) {
31
+ return bcrypt.compareSync(password, passwordHash);
32
+ }
33
+ /**
34
+ * Hash a PSK (Pre-Shared Key) using bcrypt.
35
+ *
36
+ * @param psk - Raw PSK string
37
+ * @returns Bcrypt hash string (includes salt)
38
+ */
39
+ export function hashPsk(psk) {
40
+ const salt = bcrypt.genSaltSync(BCRYPT_ROUNDS);
41
+ return bcrypt.hashSync(psk, salt);
42
+ }
43
+ /**
44
+ * Verify a PSK against a bcrypt hash locally.
45
+ *
46
+ * This is primarily for testing. In production, verification
47
+ * happens via the orchestrator's verify endpoints.
48
+ *
49
+ * @param psk - Raw PSK to verify
50
+ * @param pskHash - Bcrypt hash to compare against
51
+ * @returns True if PSK matches hash
52
+ */
53
+ export function verifyPskLocal(psk, pskHash) {
54
+ return bcrypt.compareSync(psk, pskHash);
55
+ }
56
+ /**
57
+ * Generate a random PSK locally.
58
+ *
59
+ * Note: In production, prefer using the orchestrator's PSK generation
60
+ * for centralized PSK management. This is a fallback.
61
+ *
62
+ * @param length - Length of PSK to generate (default: 32)
63
+ * @returns Random PSK string
64
+ */
65
+ export function generatePskLocal(length = 32) {
66
+ const alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*';
67
+ let result = '';
68
+ const randomBytes = crypto.randomBytes(length);
69
+ for (let i = 0; i < length; i++) {
70
+ result += alphabet[randomBytes[i] % alphabet.length];
71
+ }
72
+ return result;
73
+ }
74
+ /**
75
+ * Hash a token using SHA-256.
76
+ *
77
+ * Used for refresh tokens where we need fast comparison
78
+ * and don't need the security properties of bcrypt.
79
+ *
80
+ * @param token - Raw token string
81
+ * @returns SHA-256 hex digest
82
+ */
83
+ export function hashToken(token) {
84
+ return crypto.createHash('sha256').update(token).digest('hex');
85
+ }
86
+ /**
87
+ * Generate a random token string.
88
+ *
89
+ * @param length - Length of token to generate (default: 64)
90
+ * @returns Random URL-safe token string
91
+ */
92
+ export function generateToken(length = 64) {
93
+ return crypto.randomBytes(length).toString('base64url');
94
+ }
95
+ //# sourceMappingURL=crypto.js.map