exguard-backend 1.0.30 → 1.0.32
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +47 -9
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +16 -3
- package/dist/index.d.ts +16 -3
- package/dist/index.js +47 -9
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
- package/scripts/setup-nestjs.cjs +3 -3
package/dist/index.cjs
CHANGED
|
@@ -312,15 +312,33 @@ var ExGuardRealtime = class {
|
|
|
312
312
|
}),
|
|
313
313
|
onDisconnect: config.onDisconnect ?? (() => {
|
|
314
314
|
}),
|
|
315
|
-
onError: config.onError ?? ((error) => console.error("[ExGuardRealtime] Error:", error))
|
|
315
|
+
onError: config.onError ?? ((error) => console.error("[ExGuardRealtime] Error:", error)),
|
|
316
|
+
autoConnect: config.autoConnect ?? false
|
|
316
317
|
};
|
|
317
318
|
}
|
|
319
|
+
/**
|
|
320
|
+
* Initialize and optionally connect to realtime server
|
|
321
|
+
*/
|
|
322
|
+
async init(url, accessToken) {
|
|
323
|
+
if (url) {
|
|
324
|
+
this.currentUrl = url;
|
|
325
|
+
this.currentToken = accessToken ?? null;
|
|
326
|
+
if (this.config.autoConnect) {
|
|
327
|
+
try {
|
|
328
|
+
await this.connect(url, accessToken);
|
|
329
|
+
} catch (error) {
|
|
330
|
+
console.warn("[ExGuardRealtime] Auto-connect failed, will retry on demand:", error);
|
|
331
|
+
}
|
|
332
|
+
}
|
|
333
|
+
}
|
|
334
|
+
}
|
|
318
335
|
/**
|
|
319
336
|
* Connect to realtime server
|
|
320
337
|
* @param url - WebSocket URL (e.g., wss://api.example.com/realtime)
|
|
321
338
|
* @param auth - Authentication options (accessToken, apiKey, bearerToken) - optional
|
|
339
|
+
* @param silent - If true, won't throw error on connection failure
|
|
322
340
|
*/
|
|
323
|
-
connect(url, auth) {
|
|
341
|
+
connect(url, auth, silent = false) {
|
|
324
342
|
let authToken;
|
|
325
343
|
let authType = null;
|
|
326
344
|
if (typeof auth === "string") {
|
|
@@ -343,7 +361,7 @@ var ExGuardRealtime = class {
|
|
|
343
361
|
if (!WebSocketImpl) {
|
|
344
362
|
const err = new Error('WebSocket is not available. Install "ws" package for Node.js: npm install ws');
|
|
345
363
|
this.config.onError(err);
|
|
346
|
-
reject(err);
|
|
364
|
+
if (!silent) reject(err);
|
|
347
365
|
return;
|
|
348
366
|
}
|
|
349
367
|
try {
|
|
@@ -397,7 +415,9 @@ var ExGuardRealtime = class {
|
|
|
397
415
|
console.error("[ExGuardRealtime] WebSocket error:", error);
|
|
398
416
|
const err = new Error("WebSocket connection error");
|
|
399
417
|
this.config.onError(err);
|
|
400
|
-
|
|
418
|
+
if (!this.shouldReconnect) {
|
|
419
|
+
reject(err);
|
|
420
|
+
}
|
|
401
421
|
};
|
|
402
422
|
}
|
|
403
423
|
setupNodeWebSocket(resolve, reject) {
|
|
@@ -430,7 +450,11 @@ var ExGuardRealtime = class {
|
|
|
430
450
|
console.error("[ExGuardRealtime] WebSocket error:", error);
|
|
431
451
|
const err = new Error("WebSocket connection error: " + (error?.message || error));
|
|
432
452
|
this.config.onError(err);
|
|
433
|
-
|
|
453
|
+
if (this.shouldReconnect) {
|
|
454
|
+
this.handleReconnect();
|
|
455
|
+
} else {
|
|
456
|
+
reject(err);
|
|
457
|
+
}
|
|
434
458
|
});
|
|
435
459
|
}
|
|
436
460
|
/**
|
|
@@ -580,6 +604,17 @@ var ExGuardRealtime = class {
|
|
|
580
604
|
...config
|
|
581
605
|
};
|
|
582
606
|
}
|
|
607
|
+
/**
|
|
608
|
+
* Connect on-demand with user's access token from request
|
|
609
|
+
* Call this in your guard or middleware with the user's token
|
|
610
|
+
*/
|
|
611
|
+
async connectWithUserToken(url, accessToken) {
|
|
612
|
+
try {
|
|
613
|
+
await this.connect(url, accessToken, true);
|
|
614
|
+
} catch (error) {
|
|
615
|
+
console.warn("[ExGuardRealtime] Failed to connect with user token:", error);
|
|
616
|
+
}
|
|
617
|
+
}
|
|
583
618
|
};
|
|
584
619
|
function createRealtime(config) {
|
|
585
620
|
return new ExGuardRealtime(config);
|
|
@@ -642,10 +677,13 @@ var ExGuardBackendEnhanced = class {
|
|
|
642
677
|
}, 6e4);
|
|
643
678
|
}
|
|
644
679
|
async setupRealtime() {
|
|
680
|
+
if (!this.config.realtime?.url) {
|
|
681
|
+
return;
|
|
682
|
+
}
|
|
645
683
|
try {
|
|
646
684
|
await this.realtime.connect(
|
|
647
685
|
this.config.realtime.url,
|
|
648
|
-
this.config.realtime.
|
|
686
|
+
this.config.realtime.accessToken
|
|
649
687
|
);
|
|
650
688
|
this.realtime.subscribe("rbac_update", (event) => {
|
|
651
689
|
console.log("[ExGuardBackend] RBAC update received:", event);
|
|
@@ -680,15 +718,15 @@ var ExGuardBackendEnhanced = class {
|
|
|
680
718
|
}
|
|
681
719
|
});
|
|
682
720
|
} catch (error) {
|
|
683
|
-
console.
|
|
721
|
+
console.warn("[ExGuardBackend] Realtime connection failed (will retry on demand):", error);
|
|
684
722
|
}
|
|
685
723
|
}
|
|
686
724
|
/**
|
|
687
725
|
* Manually connect to realtime server
|
|
688
726
|
*/
|
|
689
|
-
async connectRealtime(url,
|
|
727
|
+
async connectRealtime(url, accessToken) {
|
|
690
728
|
const wsUrl = url || this.config.realtime?.url;
|
|
691
|
-
const wsToken =
|
|
729
|
+
const wsToken = accessToken || this.config.realtime?.accessToken;
|
|
692
730
|
if (!wsUrl) {
|
|
693
731
|
throw new Error("WebSocket URL is required");
|
|
694
732
|
}
|
package/dist/index.cjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/index.ts","../src/exguard-backend.ts","../src/exguard-backend-enhanced.ts","../src/cache.ts","../src/realtime.ts","../src/guards.ts","../src/express.ts","../src/fastify.ts"],"sourcesContent":["export { ExGuardBackend } from './exguard-backend.js';\nexport { ExGuardBackendEnhanced } from './exguard-backend-enhanced.js';\nexport { cache, ExGuardCache } from './cache.js';\nexport { realtime, ExGuardRealtime, createRealtime } from './realtime.js';\nexport type { \n RealtimeEvent, \n RealtimeEventHandler,\n RealtimeConnectionHandler,\n RealtimeErrorHandler,\n RealtimeAuthOptions,\n ExGuardRealtimeConfig \n} from './realtime.js';\n\n// Backend protection exports\nexport { ExGuardBackend as Guard } from './guards.js';\nexport { createExGuardExpress } from './express.js';\nexport { createExGuardFastify } from './fastify.js';\nexport type { \n UserAccessResponse, \n ApiResponse, \n ExGuardConfig,\n ExGuardEnhancedConfig,\n ExGuardCacheConfig,\n ExGuardRealtimeConfig as ExGuardRealtimeConfigType,\n GuardContext,\n GuardResult,\n GuardOptions\n} from './types.js';\n","import axios, { AxiosInstance, AxiosResponse } from 'axios';\nimport { \n UserAccessResponse, \n ApiResponse, \n ExGuardConfig \n} from './types.js';\n\nexport class ExGuardBackend {\n private client: AxiosInstance;\n private config: ExGuardConfig;\n\n constructor(config: ExGuardConfig) {\n this.config = {\n timeout: 10000,\n ...config,\n };\n\n this.client = axios.create({\n baseURL: this.config.apiUrl,\n timeout: this.config.timeout,\n headers: {\n 'Content-Type': 'application/json',\n },\n });\n }\n\n /**\n * Get user roles and permissions from the /guard/me endpoint\n * @param token - JWT access token\n * @returns Promise<UserAccessResponse>\n */\n async getUserAccess(token: string): Promise<UserAccessResponse> {\n try {\n const response: AxiosResponse<ApiResponse<UserAccessResponse>> = \n await this.client.get('/guard/me', {\n headers: {\n 'Authorization': `Bearer ${token}`,\n },\n });\n\n if (!response.data.success) {\n throw new Error('Failed to fetch user access information');\n }\n\n return response.data.data;\n } catch (error) {\n if (axios.isAxiosError(error)) {\n if (error.response?.status === 401) {\n throw new Error('Unauthorized: Invalid or expired token');\n }\n throw new Error(`API Error: ${error.response?.data?.message || error.message}`);\n }\n throw error;\n }\n }\n\n /**\n * Check if user has specific permission\n * @param token - JWT access token\n * @param permission - Permission to check (e.g., 'events:create')\n * @returns Promise<boolean>\n */\n async hasPermission(token: string, permission: string): Promise<boolean> {\n try {\n const userAccess = await this.getUserAccess(token);\n return userAccess.modules.some(module => \n module.permissions.includes(permission)\n );\n } catch (error) {\n return false;\n }\n }\n\n /**\n * Check if user has specific role\n * @param token - JWT access token\n * @param role - Role to check (e.g., 'Event Manager')\n * @returns Promise<boolean>\n */\n async hasRole(token: string, role: string): Promise<boolean> {\n try {\n const userAccess = await this.getUserAccess(token);\n return userAccess.roles.includes(role);\n } catch (error) {\n return false;\n }\n }\n\n /**\n * Get all permissions for a specific module\n * @param token - JWT access token\n * @param moduleKey - Module key (e.g., 'events')\n * @returns Promise<string[]>\n */\n async getModulePermissions(token: string, moduleKey: string): Promise<string[]> {\n try {\n const userAccess = await this.getUserAccess(token);\n const module = userAccess.modules.find(m => m.key === moduleKey);\n return module?.permissions || [];\n } catch (error) {\n return [];\n }\n }\n\n /**\n * Get user roles\n * @param token - JWT access token\n * @returns Promise<string[]>\n */\n async getUserRoles(token: string): Promise<string[]> {\n try {\n const userAccess = await this.getUserAccess(token);\n return userAccess.roles;\n } catch (error) {\n return [];\n }\n }\n\n /**\n * Get user field offices\n * @param token - JWT access token\n * @returns Promise<string[]>\n */\n async getUserFieldOffices(token: string): Promise<string[]> {\n try {\n const userAccess = await this.getUserAccess(token);\n return userAccess.fieldOffices;\n } catch (error) {\n return [];\n }\n }\n}\n","import axios, { AxiosInstance, AxiosResponse } from 'axios';\nimport { \n UserAccessResponse, \n ApiResponse, \n ExGuardConfig \n} from './types.js';\nimport { cache, ExGuardCache } from './cache.js';\nimport { \n realtime, \n RealtimeEvent, \n ExGuardRealtime,\n ExGuardRealtimeConfig,\n createRealtime \n} from './realtime.js';\n\nexport interface ExGuardEnhancedConfig extends ExGuardConfig {\n cache?: {\n ttl?: number;\n enabled?: boolean;\n };\n realtime?: {\n enabled?: boolean;\n url?: string;\n token?: string;\n autoReconnect?: boolean;\n maxReconnectAttempts?: number;\n reconnectDelay?: number;\n onConnect?: () => void;\n onDisconnect?: () => void;\n onError?: (error: Error) => void;\n onRBACUpdate?: (event: RealtimeEvent) => void;\n onUserUpdate?: (event: RealtimeEvent) => void;\n };\n}\n\nexport class ExGuardBackendEnhanced {\n private client: AxiosInstance;\n private config: ExGuardEnhancedConfig;\n private cache: ExGuardCache;\n private realtime: ExGuardRealtime;\n private userId: string | null = null;\n private _isRealtimeConnected = false;\n\n constructor(config: ExGuardEnhancedConfig) {\n this.config = {\n timeout: 10000,\n cache: {\n enabled: true,\n ttl: 300000,\n },\n realtime: {\n enabled: false,\n autoReconnect: true,\n maxReconnectAttempts: 5,\n reconnectDelay: 1000,\n },\n ...config,\n };\n\n this.cache = cache;\n \n const realtimeConfig: ExGuardRealtimeConfig = {\n autoReconnect: this.config.realtime?.autoReconnect ?? true,\n maxReconnectAttempts: this.config.realtime?.maxReconnectAttempts ?? 5,\n reconnectDelay: this.config.realtime?.reconnectDelay ?? 1000,\n onConnect: () => {\n this._isRealtimeConnected = true;\n this.config.realtime?.onConnect?.();\n },\n onDisconnect: () => {\n this._isRealtimeConnected = false;\n this.config.realtime?.onDisconnect?.();\n },\n onError: (error) => {\n this.config.realtime?.onError?.(error);\n },\n };\n \n this.realtime = createRealtime(realtimeConfig);\n\n this.client = axios.create({\n baseURL: this.config.apiUrl,\n timeout: this.config.timeout,\n headers: {\n 'Content-Type': 'application/json',\n },\n });\n\n if (this.config.realtime?.enabled && this.config.realtime.url) {\n this.setupRealtime();\n }\n\n setInterval(() => {\n this.cache.cleanup();\n }, 60000);\n }\n\n private async setupRealtime(): Promise<void> {\n try {\n await this.realtime.connect(\n this.config.realtime!.url!, \n this.config.realtime!.token!\n );\n \n this.realtime.subscribe('rbac_update', (event: RealtimeEvent) => {\n console.log('[ExGuardBackend] RBAC update received:', event);\n this.config.realtime?.onRBACUpdate?.(event);\n \n if (event.userId) {\n this.cache.clearUserCache(event.userId);\n } else {\n this.cache.clear();\n }\n });\n\n this.realtime.subscribe('user_update', (event: RealtimeEvent) => {\n console.log('[ExGuardBackend] User update received:', event);\n this.config.realtime?.onUserUpdate?.(event);\n \n if (event.userId) {\n this.cache.clearUserCache(event.userId);\n }\n });\n\n this.realtime.subscribe('role_update', (event: RealtimeEvent) => {\n console.log('[ExGuardBackend] Role update received:', event);\n if (event.userId) {\n this.cache.clearUserCache(event.userId);\n } else {\n this.cache.clear();\n }\n });\n\n this.realtime.subscribe('permission_update', (event: RealtimeEvent) => {\n console.log('[ExGuardBackend] Permission update received:', event);\n if (event.userId) {\n this.cache.clearUserCache(event.userId);\n } else {\n this.cache.clear();\n }\n });\n\n } catch (error) {\n console.error('[ExGuardBackend] Failed to setup realtime:', error);\n }\n }\n\n /**\n * Manually connect to realtime server\n */\n async connectRealtime(url?: string, token?: string): Promise<void> {\n const wsUrl = url || this.config.realtime?.url;\n const wsToken = token || this.config.realtime?.token;\n \n if (!wsUrl) {\n throw new Error('WebSocket URL is required');\n }\n \n await this.setupRealtime();\n }\n\n /**\n * Disconnect from realtime server\n */\n disconnectRealtime(): void {\n this.realtime.disconnect();\n }\n\n /**\n * Check if realtime is connected\n */\n isRealtimeConnected(): boolean {\n return this._isRealtimeConnected || this.realtime.isConnected();\n }\n\n /**\n * Get realtime connection status\n */\n getRealtimeStatus(): 'connecting' | 'connected' | 'disconnected' | 'reconnecting' {\n return this.realtime.getStatus();\n }\n\n /**\n * Subscribe to realtime events\n */\n subscribeToRealtime(eventType: string, handler: (event: RealtimeEvent) => void): () => void {\n return this.realtime.subscribe(eventType, handler);\n }\n\n /**\n * Subscribe to all realtime events\n */\n subscribeToAllRealtime(handler: (event: RealtimeEvent) => void): () => void {\n return this.realtime.subscribeAll(handler);\n }\n\n private extractUserIdFromToken(token: string): string | null {\n try {\n const payload = JSON.parse(atob(token.split('.')[1]));\n return payload.sub || null;\n } catch {\n return null;\n }\n }\n\n private getCacheKey(token: string, suffix: string = ''): string {\n const userId = this.extractUserIdFromToken(token) || 'unknown';\n return `user:${userId}:${suffix}`;\n }\n\n async getUserAccess(token: string): Promise<UserAccessResponse> {\n if (!this.config.cache?.enabled) {\n return this.fetchUserAccess(token);\n }\n\n const cacheKey = this.getCacheKey(token, 'access');\n const cached = this.cache.get<UserAccessResponse>(cacheKey);\n \n if (cached) {\n console.log('[ExGuardBackend] Cache hit for user access');\n return cached;\n }\n\n console.log('[ExGuardBackend] Cache miss, fetching user access');\n const data = await this.fetchUserAccess(token);\n \n this.cache.set(cacheKey, data, this.config.cache.ttl);\n \n return data;\n }\n\n private async fetchUserAccess(token: string): Promise<UserAccessResponse> {\n try {\n const response: AxiosResponse<ApiResponse<UserAccessResponse>> = \n await this.client.get('/guard/me', {\n headers: {\n 'Authorization': `Bearer ${token}`,\n },\n });\n\n if (!response.data.success) {\n throw new Error('Failed to fetch user access information');\n }\n\n return response.data.data;\n } catch (error) {\n if (axios.isAxiosError(error)) {\n if (error.response?.status === 401) {\n throw new Error('Unauthorized: Invalid or expired token');\n }\n throw new Error(`API Error: ${error.response?.data?.message || error.message}`);\n }\n throw error;\n }\n }\n\n async hasPermission(token: string, permission: string): Promise<boolean> {\n if (!this.config.cache?.enabled) {\n const userAccess = await this.getUserAccess(token);\n return userAccess.modules.some(module => \n module.permissions.includes(permission)\n );\n }\n\n const cacheKey = this.getCacheKey(token, `permission:${permission}`);\n const cached = this.cache.get<boolean>(cacheKey);\n \n if (cached !== null) {\n console.log(`[ExGuardBackend] Cache hit for permission: ${permission}`);\n return cached;\n }\n\n console.log(`[ExGuardBackend] Cache miss, checking permission: ${permission}`);\n const userAccess = await this.getUserAccess(token);\n const hasPermission = userAccess.modules.some(module => \n module.permissions.includes(permission)\n );\n \n this.cache.set(cacheKey, hasPermission, this.config.cache.ttl! / 2);\n \n return hasPermission;\n }\n\n async hasRole(token: string, role: string): Promise<boolean> {\n if (!this.config.cache?.enabled) {\n const userAccess = await this.getUserAccess(token);\n return userAccess.roles.includes(role);\n }\n\n const cacheKey = this.getCacheKey(token, `role:${role}`);\n const cached = this.cache.get<boolean>(cacheKey);\n \n if (cached !== null) {\n console.log(`[ExGuardBackend] Cache hit for role: ${role}`);\n return cached;\n }\n\n console.log(`[ExGuardBackend] Cache miss, checking role: ${role}`);\n const userAccess = await this.getUserAccess(token);\n const hasRole = userAccess.roles.includes(role);\n \n this.cache.set(cacheKey, hasRole, this.config.cache.ttl! / 2);\n \n return hasRole;\n }\n\n async getModulePermissions(token: string, moduleKey: string): Promise<string[]> {\n if (!this.config.cache?.enabled) {\n const userAccess = await this.getUserAccess(token);\n const module = userAccess.modules.find(m => m.key === moduleKey);\n return module?.permissions || [];\n }\n\n const cacheKey = this.getCacheKey(token, `module:${moduleKey}`);\n const cached = this.cache.get<string[]>(cacheKey);\n \n if (cached !== null) {\n console.log(`[ExGuardBackend] Cache hit for module: ${moduleKey}`);\n return cached;\n }\n\n console.log(`[ExGuardBackend] Cache miss, fetching module permissions: ${moduleKey}`);\n const userAccess = await this.getUserAccess(token);\n const module = userAccess.modules.find(m => m.key === moduleKey);\n const permissions = module?.permissions || [];\n \n this.cache.set(cacheKey, permissions, this.config.cache.ttl);\n \n return permissions;\n }\n\n async getUserRoles(token: string): Promise<string[]> {\n if (!this.config.cache?.enabled) {\n const userAccess = await this.getUserAccess(token);\n return userAccess.roles;\n }\n\n const cacheKey = this.getCacheKey(token, 'roles');\n const cached = this.cache.get<string[]>(cacheKey);\n \n if (cached !== null) {\n console.log('[ExGuardBackend] Cache hit for user roles');\n return cached;\n }\n\n console.log('[ExGuardBackend] Cache miss, fetching user roles');\n const userAccess = await this.getUserAccess(token);\n const roles = userAccess.roles;\n \n this.cache.set(cacheKey, roles, this.config.cache.ttl);\n \n return roles;\n }\n\n async getUserFieldOffices(token: string): Promise<string[]> {\n if (!this.config.cache?.enabled) {\n const userAccess = await this.getUserAccess(token);\n return userAccess.fieldOffices;\n }\n\n const cacheKey = this.getCacheKey(token, 'field-offices');\n const cached = this.cache.get<string[]>(cacheKey);\n \n if (cached !== null) {\n console.log('[ExGuardBackend] Cache hit for field offices');\n return cached;\n }\n\n console.log('[ExGuardBackend] Cache miss, fetching field offices');\n const userAccess = await this.getUserAccess(token);\n const fieldOffices = userAccess.fieldOffices;\n \n this.cache.set(cacheKey, fieldOffices, this.config.cache.ttl);\n \n return fieldOffices;\n }\n\n async hasPermissions(token: string, permissions: string[]): Promise<Record<string, boolean>> {\n const results: Record<string, boolean> = {};\n const uncachedPermissions: string[] = [];\n \n for (const permission of permissions) {\n if (this.config.cache?.enabled) {\n const cacheKey = this.getCacheKey(token, `permission:${permission}`);\n const cached = this.cache.get<boolean>(cacheKey);\n \n if (cached !== null) {\n results[permission] = cached;\n } else {\n uncachedPermissions.push(permission);\n }\n } else {\n uncachedPermissions.push(permission);\n }\n }\n\n if (uncachedPermissions.length > 0) {\n const userAccess = await this.getUserAccess(token);\n \n for (const permission of uncachedPermissions) {\n const hasPermission = userAccess.modules.some(module => \n module.permissions.includes(permission)\n );\n results[permission] = hasPermission;\n \n if (this.config.cache?.enabled) {\n const cacheKey = this.getCacheKey(token, `permission:${permission}`);\n this.cache.set(cacheKey, hasPermission, this.config.cache.ttl! / 2);\n }\n }\n }\n\n return results;\n }\n\n async hasRoles(token: string, roles: string[]): Promise<Record<string, boolean>> {\n const results: Record<string, boolean> = {};\n const uncachedRoles: string[] = [];\n \n for (const role of roles) {\n if (this.config.cache?.enabled) {\n const cacheKey = this.getCacheKey(token, `role:${role}`);\n const cached = this.cache.get<boolean>(cacheKey);\n \n if (cached !== null) {\n results[role] = cached;\n } else {\n uncachedRoles.push(role);\n }\n } else {\n uncachedRoles.push(role);\n }\n }\n\n if (uncachedRoles.length > 0) {\n const userAccess = await this.getUserAccess(token);\n \n for (const role of uncachedRoles) {\n const hasRole = userAccess.roles.includes(role);\n results[role] = hasRole;\n \n if (this.config.cache?.enabled) {\n const cacheKey = this.getCacheKey(token, `role:${role}`);\n this.cache.set(cacheKey, hasRole, this.config.cache.ttl! / 2);\n }\n }\n }\n\n return results;\n }\n\n clearUserCache(token: string): void {\n const userId = this.extractUserIdFromToken(token);\n if (userId) {\n this.cache.clearUserCache(userId);\n console.log(`[ExGuardBackend] Cache cleared for user: ${userId}`);\n }\n }\n\n clearAllCache(): void {\n this.cache.clear();\n console.log('[ExGuardBackend] All cache cleared');\n }\n\n getCacheStats(): { size: number; keys: string[] } {\n return this.cache.getStats();\n }\n\n disconnect(): void {\n this.realtime.disconnect();\n }\n}\n","/**\n * In-memory cache for user access data with TTL support\n */\n\nexport interface CacheEntry<T> {\n data: T;\n timestamp: number;\n ttl: number;\n}\n\nexport class ExGuardCache {\n private cache = new Map<string, CacheEntry<any>>();\n private subscribers = new Map<string, Set<() => void>>();\n private defaultTTL = 300000; // 5 minutes\n\n /**\n * Get cached data\n */\n get<T>(key: string): T | null {\n const entry = this.cache.get(key);\n if (!entry) return null;\n\n // Check if expired\n if (Date.now() - entry.timestamp > entry.ttl) {\n this.cache.delete(key);\n return null;\n }\n\n return entry.data;\n }\n\n /**\n * Set cached data with TTL\n */\n set<T>(key: string, data: T, ttl?: number): void {\n this.cache.set(key, {\n data,\n timestamp: Date.now(),\n ttl: ttl || this.defaultTTL,\n });\n }\n\n /**\n * Delete cached data\n */\n delete(key: string): boolean {\n const deleted = this.cache.delete(key);\n if (deleted) {\n this.notifySubscribers(key);\n }\n return deleted;\n }\n\n /**\n * Clear all cache\n */\n clear(): void {\n const keys = Array.from(this.cache.keys());\n this.cache.clear();\n keys.forEach(key => this.notifySubscribers(key));\n }\n\n /**\n * Clear cache for a specific user\n */\n clearUserCache(userId: string): void {\n const keysToDelete = Array.from(this.cache.keys()).filter(key => \n key.startsWith(`user:${userId}:`)\n );\n \n keysToDelete.forEach(key => {\n this.cache.delete(key);\n this.notifySubscribers(key);\n });\n }\n\n /**\n * Subscribe to cache changes\n */\n subscribe(key: string, callback: () => void): () => void {\n if (!this.subscribers.has(key)) {\n this.subscribers.set(key, new Set());\n }\n \n this.subscribers.get(key)!.add(callback);\n \n // Return unsubscribe function\n return () => {\n const callbacks = this.subscribers.get(key);\n if (callbacks) {\n callbacks.delete(callback);\n if (callbacks.size === 0) {\n this.subscribers.delete(key);\n }\n }\n };\n }\n\n /**\n * Notify subscribers of cache changes\n */\n private notifySubscribers(key: string): void {\n const callbacks = this.subscribers.get(key);\n if (callbacks) {\n callbacks.forEach(callback => {\n try {\n callback();\n } catch (error) {\n console.error('Cache subscriber error:', error);\n }\n });\n }\n }\n\n /**\n * Get cache statistics\n */\n getStats(): { size: number; keys: string[] } {\n return {\n size: this.cache.size,\n keys: Array.from(this.cache.keys()),\n };\n }\n\n /**\n * Clean up expired entries\n */\n cleanup(): void {\n const now = Date.now();\n const keysToDelete: string[] = [];\n\n this.cache.forEach((entry, key) => {\n if (now - entry.timestamp > entry.ttl) {\n keysToDelete.push(key);\n }\n });\n\n keysToDelete.forEach(key => {\n this.cache.delete(key);\n this.notifySubscribers(key);\n });\n }\n}\n\n// Global cache instance\nexport const cache = new ExGuardCache();\n","/**\n * Realtime event handling for cache invalidation with WebSocket support\n * Works in both browser and Node.js environments\n */\n\nlet WebSocketImpl: any;\nif (typeof window === 'undefined') {\n try {\n WebSocketImpl = require('ws');\n } catch {\n WebSocketImpl = null;\n }\n} else {\n WebSocketImpl = WebSocket;\n}\n\nexport interface RealtimeEvent {\n type: 'rbac_update' | 'user_update' | 'role_update' | 'permission_update';\n userId?: string;\n data?: any;\n timestamp: number;\n}\n\nexport interface RealtimeEventHandler {\n (event: RealtimeEvent): void;\n}\n\nexport interface RealtimeConnectionHandler {\n (): void;\n}\n\nexport interface RealtimeAuthOptions {\n accessToken?: string;\n apiKey?: string;\n bearerToken?: string;\n}\n\nexport interface RealtimeErrorHandler {\n (error: Error): void;\n}\n\nexport interface ExGuardRealtimeConfig {\n autoReconnect?: boolean;\n maxReconnectAttempts?: number;\n reconnectDelay?: number;\n reconnectMaxDelay?: number;\n onConnect?: RealtimeConnectionHandler;\n onDisconnect?: RealtimeConnectionHandler;\n onError?: RealtimeErrorHandler;\n}\n\nexport class ExGuardRealtime {\n private handlers = new Map<string, Set<RealtimeEventHandler>>();\n private websocket: any = null;\n private reconnectAttempts = 0;\n private config: Required<ExGuardRealtimeConfig>;\n private currentUrl: string | null = null;\n private currentToken: string | null = null;\n private shouldReconnect = true;\n private isNode = typeof window === 'undefined';\n\n constructor(config: ExGuardRealtimeConfig = {}) {\n this.config = {\n autoReconnect: config.autoReconnect ?? true,\n maxReconnectAttempts: config.maxReconnectAttempts ?? 5,\n reconnectDelay: config.reconnectDelay ?? 1000,\n reconnectMaxDelay: config.reconnectMaxDelay ?? 30000,\n onConnect: config.onConnect ?? (() => {}),\n onDisconnect: config.onDisconnect ?? (() => {}),\n onError: config.onError ?? ((error: Error) => console.error('[ExGuardRealtime] Error:', error)),\n };\n }\n\n /**\n * Connect to realtime server\n * @param url - WebSocket URL (e.g., wss://api.example.com/realtime)\n * @param auth - Authentication options (accessToken, apiKey, bearerToken) - optional\n */\n connect(url: string, auth?: string | RealtimeAuthOptions): Promise<void> {\n let authToken: string | undefined;\n let authType: 'access_token' | 'api_key' | 'bearer' | null = null;\n\n if (typeof auth === 'string') {\n authToken = auth;\n authType = 'access_token';\n } else if (auth?.accessToken) {\n authToken = auth.accessToken;\n authType = 'access_token';\n } else if (auth?.apiKey) {\n authToken = auth.apiKey;\n authType = 'api_key';\n } else if (auth?.bearerToken) {\n authToken = auth.bearerToken;\n authType = 'bearer';\n }\n\n return new Promise((resolve, reject) => {\n this.shouldReconnect = true;\n this.currentUrl = url;\n this.currentToken = authToken ?? null;\n\n if (!WebSocketImpl) {\n const err = new Error('WebSocket is not available. Install \"ws\" package for Node.js: npm install ws');\n this.config.onError(err);\n reject(err);\n return;\n }\n\n try {\n let wsUrl = url;\n if (authToken && authType) {\n if (authType === 'bearer') {\n wsUrl = `${url}?bearer=${encodeURIComponent(authToken)}`;\n } else {\n wsUrl = `${url}?${authType}=${encodeURIComponent(authToken)}`;\n }\n }\n \n if (this.isNode && WebSocketImpl === require('ws')) {\n this.websocket = new WebSocketImpl(wsUrl);\n this.setupNodeWebSocket(resolve, reject);\n } else {\n this.websocket = new WebSocketImpl(wsUrl);\n this.setupBrowserWebSocket(resolve, reject);\n }\n } catch (error) {\n reject(error);\n }\n });\n }\n\n private setupBrowserWebSocket(resolve: (value: void) => void, reject: (reason?: any) => void): void {\n const timeout = setTimeout(() => {\n reject(new Error('Connection timeout'));\n }, 10000);\n\n this.websocket.onopen = () => {\n clearTimeout(timeout);\n this.reconnectAttempts = 0;\n console.log('[ExGuardRealtime] Connected to realtime server');\n this.config.onConnect();\n resolve();\n };\n\n this.websocket.onmessage = (event: any) => {\n try {\n const realtimeEvent: RealtimeEvent = JSON.parse(event.data);\n this.handleEvent(realtimeEvent);\n } catch (error) {\n console.error('[ExGuardRealtime] Failed to parse event:', error);\n }\n };\n\n this.websocket.onclose = () => {\n clearTimeout(timeout);\n console.log('[ExGuardRealtime] Disconnected from realtime server');\n this.config.onDisconnect();\n this.handleReconnect();\n };\n\n this.websocket.onerror = (error: any) => {\n clearTimeout(timeout);\n console.error('[ExGuardRealtime] WebSocket error:', error);\n const err = new Error('WebSocket connection error');\n this.config.onError(err);\n reject(err);\n };\n }\n\n private setupNodeWebSocket(resolve: (value: void) => void, reject: (reason?: any) => void): void {\n const timeout = setTimeout(() => {\n reject(new Error('Connection timeout'));\n }, 10000);\n\n this.websocket.on('open', () => {\n clearTimeout(timeout);\n this.reconnectAttempts = 0;\n console.log('[ExGuardRealtime] Connected to realtime server (Node.js)');\n this.config.onConnect();\n resolve();\n });\n\n this.websocket.on('message', (data: Buffer) => {\n try {\n const realtimeEvent: RealtimeEvent = JSON.parse(data.toString());\n this.handleEvent(realtimeEvent);\n } catch (error) {\n console.error('[ExGuardRealtime] Failed to parse event:', error);\n }\n });\n\n this.websocket.on('close', () => {\n clearTimeout(timeout);\n console.log('[ExGuardRealtime] Disconnected from realtime server');\n this.config.onDisconnect();\n this.handleReconnect();\n });\n\n this.websocket.on('error', (error: any) => {\n clearTimeout(timeout);\n console.error('[ExGuardRealtime] WebSocket error:', error);\n const err = new Error('WebSocket connection error: ' + (error?.message || error));\n this.config.onError(err);\n reject(err);\n });\n }\n\n /**\n * Disconnect from realtime server\n */\n disconnect(): void {\n this.shouldReconnect = false;\n if (this.websocket) {\n this.websocket.close();\n this.websocket = null;\n }\n }\n\n /**\n * Subscribe to realtime events\n */\n subscribe(eventType: string, handler: RealtimeEventHandler): () => void {\n if (!this.handlers.has(eventType)) {\n this.handlers.set(eventType, new Set());\n }\n \n this.handlers.get(eventType)!.add(handler);\n \n return () => {\n const handlers = this.handlers.get(eventType);\n if (handlers) {\n handlers.delete(handler);\n if (handlers.size === 0) {\n this.handlers.delete(eventType);\n }\n }\n };\n }\n\n /**\n * Subscribe to all realtime events\n */\n subscribeAll(handler: RealtimeEventHandler): () => void {\n const eventTypes = ['rbac_update', 'user_update', 'role_update', 'permission_update'];\n const unsubscribes = eventTypes.map(type => this.subscribe(type, handler));\n \n return () => {\n unsubscribes.forEach(unsub => unsub());\n };\n }\n\n /**\n * Handle incoming realtime events\n */\n private handleEvent(event: RealtimeEvent): void {\n console.log('[ExGuardRealtime] Received event:', event);\n \n const handlers = this.handlers.get(event.type);\n if (handlers) {\n handlers.forEach(handler => {\n try {\n handler(event);\n } catch (error) {\n console.error('[ExGuardRealtime] Event handler error:', error);\n }\n });\n }\n }\n\n /**\n * Handle reconnection logic\n */\n private handleReconnect(): void {\n if (!this.shouldReconnect || !this.config.autoReconnect || !this.currentUrl) {\n return;\n }\n\n if (this.reconnectAttempts < this.config.maxReconnectAttempts) {\n this.reconnectAttempts++;\n const delay = Math.min(\n this.config.reconnectDelay * Math.pow(2, this.reconnectAttempts - 1),\n this.config.reconnectMaxDelay\n );\n \n console.log(`[ExGuardRealtime] Reconnecting in ${delay}ms (attempt ${this.reconnectAttempts})`);\n \n setTimeout(() => {\n this.connect(this.currentUrl!, this.currentToken!).catch(error => {\n console.error('[ExGuardRealtime] Reconnection failed:', error);\n });\n }, delay);\n } else {\n console.error('[ExGuardRealtime] Max reconnection attempts reached');\n }\n }\n\n /**\n * Manually trigger reconnection with current auth\n */\n reconnect(): Promise<void> {\n if (this.currentUrl && this.currentToken) {\n this.reconnectAttempts = 0;\n return this.connect(this.currentUrl, this.currentToken);\n } else if (this.currentUrl) {\n this.reconnectAttempts = 0;\n return this.connect(this.currentUrl);\n }\n return Promise.reject(new Error('No URL configured'));\n }\n\n /**\n * Check if connected\n */\n isConnected(): boolean {\n if (!this.websocket) return false;\n if (this.isNode) {\n return this.websocket.readyState === 1; // WebSocket.OPEN = 1 for ws\n }\n return this.websocket.readyState === WebSocket.OPEN;\n }\n\n /**\n * Get connection status\n */\n getStatus(): 'connecting' | 'connected' | 'disconnected' | 'reconnecting' {\n if (!this.websocket) return 'disconnected';\n if (this.isNode) {\n switch (this.websocket.readyState) {\n case 0: return 'connecting';\n case 1: return 'connected';\n case 2:\n case 3: return 'disconnected';\n default: return 'disconnected';\n }\n }\n switch (this.websocket.readyState) {\n case WebSocket.CONNECTING: return 'connecting';\n case WebSocket.OPEN: return 'connected';\n case WebSocket.CLOSING:\n case WebSocket.CLOSED: return 'disconnected';\n default: return 'disconnected';\n }\n }\n\n /**\n * Send a message to the server\n */\n send(event: Partial<RealtimeEvent>): void {\n if (this.websocket && this.websocket.readyState === WebSocket.OPEN) {\n this.websocket.send(JSON.stringify(event));\n }\n }\n\n /**\n * Update configuration\n */\n updateConfig(config: Partial<ExGuardRealtimeConfig>): void {\n this.config = {\n ...this.config,\n ...config,\n };\n }\n}\n\n// Factory function for creating realtime instance\nexport function createRealtime(config?: ExGuardRealtimeConfig): ExGuardRealtime {\n return new ExGuardRealtime(config);\n}\n\n// Global realtime instance\nexport const realtime = new ExGuardRealtime();\n","/**\n * Framework-agnostic guards for protecting backend endpoints\n */\n\nimport { ExGuardBackendEnhanced } from './exguard-backend-enhanced.js';\nimport { ExGuardEnhancedConfig, UserAccessResponse, GuardContext, GuardResult, GuardOptions } from './types.js';\n\n// Re-export types for use in other modules\nexport type { GuardContext, GuardResult, GuardOptions, UserAccessResponse };\n\n/**\n * Framework-agnostic guard class for endpoint protection\n */\nexport class ExGuardBackend {\n private exGuard: ExGuardBackendEnhanced;\n\n constructor(config: ExGuardEnhancedConfig) {\n this.exGuard = new ExGuardBackendEnhanced(config);\n }\n\n /**\n * Check if user has specific permissions\n */\n async requirePermissions(\n context: GuardContext, \n permissions: string[], \n options: { requireAll?: boolean } = {}\n ): Promise<GuardResult> {\n try {\n if (options.requireAll) {\n // Require ALL permissions\n const results = await this.exGuard.hasPermissions(context.token, permissions);\n const hasAll = permissions.every(permission => results[permission]);\n \n if (!hasAll) {\n return {\n allowed: false,\n error: `Insufficient permissions. Required: ${permissions.join(', ')}`,\n statusCode: 403\n };\n }\n } else {\n // Require ANY permission (default)\n const hasPermission = await this.exGuard.hasPermissions(context.token, permissions);\n const hasAny = Object.values(hasPermission).some(Boolean);\n \n if (!hasAny) {\n return {\n allowed: false,\n error: `Insufficient permissions. Required any of: ${permissions.join(', ')}`,\n statusCode: 403\n };\n }\n }\n\n const userAccess = await this.exGuard.getUserAccess(context.token);\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Permission check failed',\n statusCode: 500\n };\n }\n }\n\n /**\n * Check if user has specific roles\n */\n async requireRoles(\n context: GuardContext, \n roles: string[], \n options: { requireAll?: boolean } = {}\n ): Promise<GuardResult> {\n try {\n if (options.requireAll) {\n // Require ALL roles\n const results = await this.exGuard.hasRoles(context.token, roles);\n const hasAll = roles.every(role => results[role]);\n \n if (!hasAll) {\n return {\n allowed: false,\n error: `Insufficient roles. Required: ${roles.join(', ')}`,\n statusCode: 403\n };\n }\n } else {\n // Require ANY role (default)\n const hasRole = await this.exGuard.hasRoles(context.token, roles);\n const hasAny = Object.values(hasRole).some(Boolean);\n \n if (!hasAny) {\n return {\n allowed: false,\n error: `Insufficient roles. Required any of: ${roles.join(', ')}`,\n statusCode: 403\n };\n }\n }\n\n const userAccess = await this.exGuard.getUserAccess(context.token);\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Role check failed',\n statusCode: 500\n };\n }\n }\n\n /**\n * Check if user has access to specific modules\n */\n async requireModules(\n context: GuardContext, \n modules: string[], \n options: { requireAll?: boolean } = {}\n ): Promise<GuardResult> {\n try {\n const userAccess = await this.exGuard.getUserAccess(context.token);\n const userModuleKeys = userAccess.modules.map(m => m.key);\n\n let hasAccess: boolean;\n\n if (options.requireAll) {\n // Require ALL modules\n hasAccess = modules.every(module => userModuleKeys.includes(module));\n } else {\n // Require ANY module (default)\n hasAccess = modules.some(module => userModuleKeys.includes(module));\n }\n\n if (!hasAccess) {\n return {\n allowed: false,\n error: `Insufficient module access. Required: ${modules.join(', ')}`,\n statusCode: 403\n };\n }\n\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Module check failed',\n statusCode: 500\n };\n }\n }\n\n /**\n * Check if user has access to specific field offices\n */\n async requireFieldOffices(\n context: GuardContext, \n fieldOffices: string[], \n options: { requireAll?: boolean } = {}\n ): Promise<GuardResult> {\n try {\n const userFieldOffices = await this.exGuard.getUserFieldOffices(context.token);\n\n let hasAccess: boolean;\n\n if (options.requireAll) {\n // Require ALL field offices\n hasAccess = fieldOffices.every(office => userFieldOffices.includes(office));\n } else {\n // Require ANY field office (default)\n hasAccess = fieldOffices.some(office => userFieldOffices.includes(office));\n }\n\n if (!hasAccess) {\n return {\n allowed: false,\n error: `Insufficient field office access. Required: ${fieldOffices.join(', ')}`,\n statusCode: 403\n };\n }\n\n const userAccess = await this.exGuard.getUserAccess(context.token);\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Field office check failed',\n statusCode: 500\n };\n }\n }\n\n /**\n * Flexible guard with multiple requirements\n */\n async require(context: GuardContext, options: GuardOptions): Promise<GuardResult> {\n try {\n const userAccess = await this.exGuard.getUserAccess(context.token);\n let passed = true;\n const failures: string[] = [];\n\n // Check permissions\n if (options.permissions && options.permissions.length > 0) {\n const userPermissions = userAccess.modules.flatMap(m => m.permissions);\n const hasPermissions = options.requireAll\n ? options.permissions.every(p => userPermissions.includes(p))\n : options.permissions.some(p => userPermissions.includes(p));\n \n if (!hasPermissions) {\n passed = false;\n failures.push(`permissions: ${options.permissions.join(', ')}`);\n }\n }\n\n // Check roles\n if (options.roles && options.roles.length > 0) {\n const hasRoles = options.requireAll\n ? options.roles.every(r => userAccess.roles.includes(r))\n : options.roles.some(r => userAccess.roles.includes(r));\n \n if (!hasRoles) {\n passed = false;\n failures.push(`roles: ${options.roles.join(', ')}`);\n }\n }\n\n // Check modules\n if (options.modules && options.modules.length > 0) {\n const userModuleKeys = userAccess.modules.map(m => m.key);\n const hasModules = options.requireAll\n ? options.modules.every(m => userModuleKeys.includes(m))\n : options.modules.some(m => userModuleKeys.includes(m));\n \n if (!hasModules) {\n passed = false;\n failures.push(`modules: ${options.modules.join(', ')}`);\n }\n }\n\n // Check field offices\n if (options.fieldOffices && options.fieldOffices.length > 0) {\n const hasFieldOffices = options.requireAll\n ? options.fieldOffices.every(fo => userAccess.fieldOffices.includes(fo))\n : options.fieldOffices.some(fo => userAccess.fieldOffices.includes(fo));\n \n if (!hasFieldOffices) {\n passed = false;\n failures.push(`field offices: ${options.fieldOffices.join(', ')}`);\n }\n }\n\n if (!passed) {\n return {\n allowed: false,\n error: `Access denied. Missing: ${failures.join('; ')}`,\n statusCode: 403\n };\n }\n\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Access check failed',\n statusCode: 500\n };\n }\n }\n\n /**\n * Simple authentication (just validates token)\n */\n async authenticate(context: GuardContext): Promise<GuardResult> {\n try {\n const userAccess = await this.exGuard.getUserAccess(context.token);\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Authentication failed',\n statusCode: 401\n };\n }\n }\n\n /**\n * Get the underlying ExGuardBackendEnhanced instance\n */\n getExGuard(): ExGuardBackendEnhanced {\n return this.exGuard;\n }\n}\n\n/**\n * Helper function to extract token from various request types\n */\nexport function extractToken(request: any): string | null {\n // Express-style\n if (request.headers?.authorization) {\n const authHeader = request.headers.authorization;\n if (authHeader.startsWith('Bearer ')) {\n return authHeader.substring(7);\n }\n }\n\n // Fastify-style\n if (request.headers?.authorization) {\n const authHeader = request.headers.authorization;\n if (authHeader.startsWith('Bearer ')) {\n return authHeader.substring(7);\n }\n }\n\n // Custom header\n if (request.headers?.['x-access-token']) {\n return request.headers['x-access-token'];\n }\n\n // Query parameter\n if (request.query?.token) {\n return request.query.token;\n }\n\n return null;\n}\n\n/**\n * Create a guard context from a request\n */\nexport function createGuardContext(request: any): GuardContext | null {\n const token = extractToken(request);\n if (!token) {\n return null;\n }\n\n return {\n token,\n request\n };\n}\n","/**\n * Express.js middleware for ExGuard endpoint protection\n */\n\nimport { ExGuardBackend, GuardContext, GuardOptions, extractToken } from './guards.js';\n\n// Conditional types to avoid build errors when express is not installed\ntype Request = any;\ntype Response = any;\ntype NextFunction = any;\n\nexport interface AuthenticatedRequest extends Request {\n user?: {\n id: string;\n cognitoSubId: string;\n username: string;\n email: string;\n roles: string[];\n permissions: string[];\n modules: Array<{ key: string; permissions: string[] }>;\n fieldOffices: string[];\n };\n}\n\n/**\n * Express middleware factory\n */\nexport function createExGuardExpress(config: any) {\n const guard = new ExGuardBackend(config);\n\n return {\n /**\n * Require specific permissions\n */\n requirePermissions(permissions: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requirePermissions(context, permissions, options);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 403).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Require specific roles\n */\n requireRoles(roles: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireRoles(context, roles, options);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 403).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Require module access\n */\n requireModules(modules: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireModules(context, modules, options);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 403).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Require field office access\n */\n requireFieldOffices(fieldOffices: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireFieldOffices(context, fieldOffices, options);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 403).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Flexible guard with multiple requirements\n */\n require(options: GuardOptions) {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.require(context, options);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 403).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Simple authentication middleware\n */\n authenticate() {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.authenticate(context);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 401).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Get the underlying guard instance\n */\n getGuard(): ExGuardBackend {\n return guard;\n }\n };\n}\n\nfunction createGuardContext(req: Request): GuardContext | null {\n const token = extractToken(req);\n if (!token) {\n return null;\n }\n\n return {\n token,\n request: req\n };\n}\n","/**\n * Fastify plugin for ExGuard endpoint protection\n */\n\nimport { ExGuardBackend, GuardContext, GuardOptions, extractToken } from './guards.js';\n\n// Conditional types to avoid build errors when fastify is not installed\ntype FastifyRequest = any;\ntype FastifyReply = any;\n\nexport interface AuthenticatedRequest extends FastifyRequest {\n user?: {\n id: string;\n cognitoSubId: string;\n username: string;\n email: string;\n roles: string[];\n permissions: string[];\n modules: Array<{ key: string; permissions: string[] }>;\n fieldOffices: string[];\n };\n}\n\n/**\n * Fastify plugin factory\n */\nexport function createExGuardFastify(config: any) {\n const guard = new ExGuardBackend(config);\n\n return {\n /**\n * Require specific permissions\n */\n requirePermissions(permissions: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requirePermissions(context, permissions, options);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 403).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Require specific roles\n */\n requireRoles(roles: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireRoles(context, roles, options);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 403).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Require module access\n */\n requireModules(modules: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireModules(context, modules, options);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 403).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Require field office access\n */\n requireFieldOffices(fieldOffices: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireFieldOffices(context, fieldOffices, options);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 403).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Flexible guard with multiple requirements\n */\n require(options: GuardOptions) {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.require(context, options);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 403).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Simple authentication hook\n */\n authenticate() {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.authenticate(context);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 401).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Get the underlying guard instance\n */\n getGuard(): ExGuardBackend {\n return guard;\n }\n };\n}\n\nfunction createGuardContext(req: FastifyRequest): GuardContext | null {\n const token = extractToken(req);\n if (!token) {\n return null;\n }\n\n return {\n token,\n request: req\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,eAAAA;AAAA,EAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,mBAAoD;AAO7C,IAAM,iBAAN,MAAqB;AAAA,EAClB;AAAA,EACA;AAAA,EAER,YAAY,QAAuB;AACjC,SAAK,SAAS;AAAA,MACZ,SAAS;AAAA,MACT,GAAG;AAAA,IACL;AAEA,SAAK,SAAS,aAAAC,QAAM,OAAO;AAAA,MACzB,SAAS,KAAK,OAAO;AAAA,MACrB,SAAS,KAAK,OAAO;AAAA,MACrB,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,cAAc,OAA4C;AAC9D,QAAI;AACF,YAAM,WACJ,MAAM,KAAK,OAAO,IAAI,aAAa;AAAA,QACjC,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK;AAAA,QAClC;AAAA,MACF,CAAC;AAEH,UAAI,CAAC,SAAS,KAAK,SAAS;AAC1B,cAAM,IAAI,MAAM,yCAAyC;AAAA,MAC3D;AAEA,aAAO,SAAS,KAAK;AAAA,IACvB,SAAS,OAAO;AACd,UAAI,aAAAA,QAAM,aAAa,KAAK,GAAG;AAC7B,YAAI,MAAM,UAAU,WAAW,KAAK;AAClC,gBAAM,IAAI,MAAM,wCAAwC;AAAA,QAC1D;AACA,cAAM,IAAI,MAAM,cAAc,MAAM,UAAU,MAAM,WAAW,MAAM,OAAO,EAAE;AAAA,MAChF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,cAAc,OAAe,YAAsC;AACvE,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAO,WAAW,QAAQ;AAAA,QAAK,CAAAC,YAC7BA,QAAO,YAAY,SAAS,UAAU;AAAA,MACxC;AAAA,IACF,SAAS,OAAO;AACd,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,QAAQ,OAAe,MAAgC;AAC3D,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAO,WAAW,MAAM,SAAS,IAAI;AAAA,IACvC,SAAS,OAAO;AACd,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,qBAAqB,OAAe,WAAsC;AAC9E,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,YAAMA,UAAS,WAAW,QAAQ,KAAK,OAAK,EAAE,QAAQ,SAAS;AAC/D,aAAOA,SAAQ,eAAe,CAAC;AAAA,IACjC,SAAS,OAAO;AACd,aAAO,CAAC;AAAA,IACV;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,aAAa,OAAkC;AACnD,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAO,WAAW;AAAA,IACpB,SAAS,OAAO;AACd,aAAO,CAAC;AAAA,IACV;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,oBAAoB,OAAkC;AAC1D,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAO,WAAW;AAAA,IACpB,SAAS,OAAO;AACd,aAAO,CAAC;AAAA,IACV;AAAA,EACF;AACF;;;ACnIA,IAAAC,gBAAoD;;;ACU7C,IAAM,eAAN,MAAmB;AAAA,EAChB,QAAQ,oBAAI,IAA6B;AAAA,EACzC,cAAc,oBAAI,IAA6B;AAAA,EAC/C,aAAa;AAAA;AAAA;AAAA;AAAA;AAAA,EAKrB,IAAO,KAAuB;AAC5B,UAAM,QAAQ,KAAK,MAAM,IAAI,GAAG;AAChC,QAAI,CAAC,MAAO,QAAO;AAGnB,QAAI,KAAK,IAAI,IAAI,MAAM,YAAY,MAAM,KAAK;AAC5C,WAAK,MAAM,OAAO,GAAG;AACrB,aAAO;AAAA,IACT;AAEA,WAAO,MAAM;AAAA,EACf;AAAA;AAAA;AAAA;AAAA,EAKA,IAAO,KAAa,MAAS,KAAoB;AAC/C,SAAK,MAAM,IAAI,KAAK;AAAA,MAClB;AAAA,MACA,WAAW,KAAK,IAAI;AAAA,MACpB,KAAK,OAAO,KAAK;AAAA,IACnB,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,KAAsB;AAC3B,UAAM,UAAU,KAAK,MAAM,OAAO,GAAG;AACrC,QAAI,SAAS;AACX,WAAK,kBAAkB,GAAG;AAAA,IAC5B;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,QAAc;AACZ,UAAM,OAAO,MAAM,KAAK,KAAK,MAAM,KAAK,CAAC;AACzC,SAAK,MAAM,MAAM;AACjB,SAAK,QAAQ,SAAO,KAAK,kBAAkB,GAAG,CAAC;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,eAAe,QAAsB;AACnC,UAAM,eAAe,MAAM,KAAK,KAAK,MAAM,KAAK,CAAC,EAAE;AAAA,MAAO,SACxD,IAAI,WAAW,QAAQ,MAAM,GAAG;AAAA,IAClC;AAEA,iBAAa,QAAQ,SAAO;AAC1B,WAAK,MAAM,OAAO,GAAG;AACrB,WAAK,kBAAkB,GAAG;AAAA,IAC5B,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,UAAU,KAAa,UAAkC;AACvD,QAAI,CAAC,KAAK,YAAY,IAAI,GAAG,GAAG;AAC9B,WAAK,YAAY,IAAI,KAAK,oBAAI,IAAI,CAAC;AAAA,IACrC;AAEA,SAAK,YAAY,IAAI,GAAG,EAAG,IAAI,QAAQ;AAGvC,WAAO,MAAM;AACX,YAAM,YAAY,KAAK,YAAY,IAAI,GAAG;AAC1C,UAAI,WAAW;AACb,kBAAU,OAAO,QAAQ;AACzB,YAAI,UAAU,SAAS,GAAG;AACxB,eAAK,YAAY,OAAO,GAAG;AAAA,QAC7B;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,kBAAkB,KAAmB;AAC3C,UAAM,YAAY,KAAK,YAAY,IAAI,GAAG;AAC1C,QAAI,WAAW;AACb,gBAAU,QAAQ,cAAY;AAC5B,YAAI;AACF,mBAAS;AAAA,QACX,SAAS,OAAO;AACd,kBAAQ,MAAM,2BAA2B,KAAK;AAAA,QAChD;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,WAA6C;AAC3C,WAAO;AAAA,MACL,MAAM,KAAK,MAAM;AAAA,MACjB,MAAM,MAAM,KAAK,KAAK,MAAM,KAAK,CAAC;AAAA,IACpC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,UAAgB;AACd,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,eAAyB,CAAC;AAEhC,SAAK,MAAM,QAAQ,CAAC,OAAO,QAAQ;AACjC,UAAI,MAAM,MAAM,YAAY,MAAM,KAAK;AACrC,qBAAa,KAAK,GAAG;AAAA,MACvB;AAAA,IACF,CAAC;AAED,iBAAa,QAAQ,SAAO;AAC1B,WAAK,MAAM,OAAO,GAAG;AACrB,WAAK,kBAAkB,GAAG;AAAA,IAC5B,CAAC;AAAA,EACH;AACF;AAGO,IAAM,QAAQ,IAAI,aAAa;;;AC5ItC,IAAI;AACJ,IAAI,OAAO,WAAW,aAAa;AACjC,MAAI;AACF,oBAAgB,QAAQ,IAAI;AAAA,EAC9B,QAAQ;AACN,oBAAgB;AAAA,EAClB;AACF,OAAO;AACL,kBAAgB;AAClB;AAqCO,IAAM,kBAAN,MAAsB;AAAA,EACnB,WAAW,oBAAI,IAAuC;AAAA,EACtD,YAAiB;AAAA,EACjB,oBAAoB;AAAA,EACpB;AAAA,EACA,aAA4B;AAAA,EAC5B,eAA8B;AAAA,EAC9B,kBAAkB;AAAA,EAClB,SAAS,OAAO,WAAW;AAAA,EAEnC,YAAY,SAAgC,CAAC,GAAG;AAC9C,SAAK,SAAS;AAAA,MACZ,eAAe,OAAO,iBAAiB;AAAA,MACvC,sBAAsB,OAAO,wBAAwB;AAAA,MACrD,gBAAgB,OAAO,kBAAkB;AAAA,MACzC,mBAAmB,OAAO,qBAAqB;AAAA,MAC/C,WAAW,OAAO,cAAc,MAAM;AAAA,MAAC;AAAA,MACvC,cAAc,OAAO,iBAAiB,MAAM;AAAA,MAAC;AAAA,MAC7C,SAAS,OAAO,YAAY,CAAC,UAAiB,QAAQ,MAAM,4BAA4B,KAAK;AAAA,IAC/F;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,QAAQ,KAAa,MAAoD;AACvE,QAAI;AACJ,QAAI,WAAyD;AAE7D,QAAI,OAAO,SAAS,UAAU;AAC5B,kBAAY;AACZ,iBAAW;AAAA,IACb,WAAW,MAAM,aAAa;AAC5B,kBAAY,KAAK;AACjB,iBAAW;AAAA,IACb,WAAW,MAAM,QAAQ;AACvB,kBAAY,KAAK;AACjB,iBAAW;AAAA,IACb,WAAW,MAAM,aAAa;AAC5B,kBAAY,KAAK;AACjB,iBAAW;AAAA,IACb;AAEA,WAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,WAAK,kBAAkB;AACvB,WAAK,aAAa;AAClB,WAAK,eAAe,aAAa;AAEjC,UAAI,CAAC,eAAe;AAClB,cAAM,MAAM,IAAI,MAAM,8EAA8E;AACpG,aAAK,OAAO,QAAQ,GAAG;AACvB,eAAO,GAAG;AACV;AAAA,MACF;AAEA,UAAI;AACF,YAAI,QAAQ;AACZ,YAAI,aAAa,UAAU;AACzB,cAAI,aAAa,UAAU;AACzB,oBAAQ,GAAG,GAAG,WAAW,mBAAmB,SAAS,CAAC;AAAA,UACxD,OAAO;AACL,oBAAQ,GAAG,GAAG,IAAI,QAAQ,IAAI,mBAAmB,SAAS,CAAC;AAAA,UAC7D;AAAA,QACF;AAEA,YAAI,KAAK,UAAU,kBAAkB,QAAQ,IAAI,GAAG;AAClD,eAAK,YAAY,IAAI,cAAc,KAAK;AACxC,eAAK,mBAAmB,SAAS,MAAM;AAAA,QACzC,OAAO;AACL,eAAK,YAAY,IAAI,cAAc,KAAK;AACxC,eAAK,sBAAsB,SAAS,MAAM;AAAA,QAC5C;AAAA,MACF,SAAS,OAAO;AACd,eAAO,KAAK;AAAA,MACd;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEQ,sBAAsB,SAAgC,QAAsC;AAClG,UAAM,UAAU,WAAW,MAAM;AAC/B,aAAO,IAAI,MAAM,oBAAoB,CAAC;AAAA,IACxC,GAAG,GAAK;AAER,SAAK,UAAU,SAAS,MAAM;AAC5B,mBAAa,OAAO;AACpB,WAAK,oBAAoB;AACzB,cAAQ,IAAI,gDAAgD;AAC5D,WAAK,OAAO,UAAU;AACtB,cAAQ;AAAA,IACV;AAEA,SAAK,UAAU,YAAY,CAAC,UAAe;AACzC,UAAI;AACF,cAAM,gBAA+B,KAAK,MAAM,MAAM,IAAI;AAC1D,aAAK,YAAY,aAAa;AAAA,MAChC,SAAS,OAAO;AACd,gBAAQ,MAAM,4CAA4C,KAAK;AAAA,MACjE;AAAA,IACF;AAEA,SAAK,UAAU,UAAU,MAAM;AAC7B,mBAAa,OAAO;AACpB,cAAQ,IAAI,qDAAqD;AACjE,WAAK,OAAO,aAAa;AACzB,WAAK,gBAAgB;AAAA,IACvB;AAEA,SAAK,UAAU,UAAU,CAAC,UAAe;AACvC,mBAAa,OAAO;AACpB,cAAQ,MAAM,sCAAsC,KAAK;AACzD,YAAM,MAAM,IAAI,MAAM,4BAA4B;AAClD,WAAK,OAAO,QAAQ,GAAG;AACvB,aAAO,GAAG;AAAA,IACZ;AAAA,EACF;AAAA,EAEQ,mBAAmB,SAAgC,QAAsC;AAC/F,UAAM,UAAU,WAAW,MAAM;AAC/B,aAAO,IAAI,MAAM,oBAAoB,CAAC;AAAA,IACxC,GAAG,GAAK;AAER,SAAK,UAAU,GAAG,QAAQ,MAAM;AAC9B,mBAAa,OAAO;AACpB,WAAK,oBAAoB;AACzB,cAAQ,IAAI,0DAA0D;AACtE,WAAK,OAAO,UAAU;AACtB,cAAQ;AAAA,IACV,CAAC;AAED,SAAK,UAAU,GAAG,WAAW,CAAC,SAAiB;AAC7C,UAAI;AACF,cAAM,gBAA+B,KAAK,MAAM,KAAK,SAAS,CAAC;AAC/D,aAAK,YAAY,aAAa;AAAA,MAChC,SAAS,OAAO;AACd,gBAAQ,MAAM,4CAA4C,KAAK;AAAA,MACjE;AAAA,IACF,CAAC;AAED,SAAK,UAAU,GAAG,SAAS,MAAM;AAC/B,mBAAa,OAAO;AACpB,cAAQ,IAAI,qDAAqD;AACjE,WAAK,OAAO,aAAa;AACzB,WAAK,gBAAgB;AAAA,IACvB,CAAC;AAED,SAAK,UAAU,GAAG,SAAS,CAAC,UAAe;AACzC,mBAAa,OAAO;AACpB,cAAQ,MAAM,sCAAsC,KAAK;AACzD,YAAM,MAAM,IAAI,MAAM,kCAAkC,OAAO,WAAW,MAAM;AAChF,WAAK,OAAO,QAAQ,GAAG;AACvB,aAAO,GAAG;AAAA,IACZ,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,aAAmB;AACjB,SAAK,kBAAkB;AACvB,QAAI,KAAK,WAAW;AAClB,WAAK,UAAU,MAAM;AACrB,WAAK,YAAY;AAAA,IACnB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,UAAU,WAAmB,SAA2C;AACtE,QAAI,CAAC,KAAK,SAAS,IAAI,SAAS,GAAG;AACjC,WAAK,SAAS,IAAI,WAAW,oBAAI,IAAI,CAAC;AAAA,IACxC;AAEA,SAAK,SAAS,IAAI,SAAS,EAAG,IAAI,OAAO;AAEzC,WAAO,MAAM;AACX,YAAM,WAAW,KAAK,SAAS,IAAI,SAAS;AAC5C,UAAI,UAAU;AACZ,iBAAS,OAAO,OAAO;AACvB,YAAI,SAAS,SAAS,GAAG;AACvB,eAAK,SAAS,OAAO,SAAS;AAAA,QAChC;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,SAA2C;AACtD,UAAM,aAAa,CAAC,eAAe,eAAe,eAAe,mBAAmB;AACpF,UAAM,eAAe,WAAW,IAAI,UAAQ,KAAK,UAAU,MAAM,OAAO,CAAC;AAEzE,WAAO,MAAM;AACX,mBAAa,QAAQ,WAAS,MAAM,CAAC;AAAA,IACvC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,YAAY,OAA4B;AAC9C,YAAQ,IAAI,qCAAqC,KAAK;AAEtD,UAAM,WAAW,KAAK,SAAS,IAAI,MAAM,IAAI;AAC7C,QAAI,UAAU;AACZ,eAAS,QAAQ,aAAW;AAC1B,YAAI;AACF,kBAAQ,KAAK;AAAA,QACf,SAAS,OAAO;AACd,kBAAQ,MAAM,0CAA0C,KAAK;AAAA,QAC/D;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,kBAAwB;AAC9B,QAAI,CAAC,KAAK,mBAAmB,CAAC,KAAK,OAAO,iBAAiB,CAAC,KAAK,YAAY;AAC3E;AAAA,IACF;AAEA,QAAI,KAAK,oBAAoB,KAAK,OAAO,sBAAsB;AAC7D,WAAK;AACL,YAAM,QAAQ,KAAK;AAAA,QACjB,KAAK,OAAO,iBAAiB,KAAK,IAAI,GAAG,KAAK,oBAAoB,CAAC;AAAA,QACnE,KAAK,OAAO;AAAA,MACd;AAEA,cAAQ,IAAI,qCAAqC,KAAK,eAAe,KAAK,iBAAiB,GAAG;AAE9F,iBAAW,MAAM;AACf,aAAK,QAAQ,KAAK,YAAa,KAAK,YAAa,EAAE,MAAM,WAAS;AAChE,kBAAQ,MAAM,0CAA0C,KAAK;AAAA,QAC/D,CAAC;AAAA,MACH,GAAG,KAAK;AAAA,IACV,OAAO;AACL,cAAQ,MAAM,qDAAqD;AAAA,IACrE;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,YAA2B;AACzB,QAAI,KAAK,cAAc,KAAK,cAAc;AACxC,WAAK,oBAAoB;AACzB,aAAO,KAAK,QAAQ,KAAK,YAAY,KAAK,YAAY;AAAA,IACxD,WAAW,KAAK,YAAY;AAC1B,WAAK,oBAAoB;AACzB,aAAO,KAAK,QAAQ,KAAK,UAAU;AAAA,IACrC;AACA,WAAO,QAAQ,OAAO,IAAI,MAAM,mBAAmB,CAAC;AAAA,EACtD;AAAA;AAAA;AAAA;AAAA,EAKA,cAAuB;AACrB,QAAI,CAAC,KAAK,UAAW,QAAO;AAC5B,QAAI,KAAK,QAAQ;AACf,aAAO,KAAK,UAAU,eAAe;AAAA,IACvC;AACA,WAAO,KAAK,UAAU,eAAe,UAAU;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,YAA0E;AACxE,QAAI,CAAC,KAAK,UAAW,QAAO;AAC5B,QAAI,KAAK,QAAQ;AACf,cAAQ,KAAK,UAAU,YAAY;AAAA,QACjC,KAAK;AAAG,iBAAO;AAAA,QACf,KAAK;AAAG,iBAAO;AAAA,QACf,KAAK;AAAA,QACL,KAAK;AAAG,iBAAO;AAAA,QACf;AAAS,iBAAO;AAAA,MAClB;AAAA,IACF;AACA,YAAQ,KAAK,UAAU,YAAY;AAAA,MACjC,KAAK,UAAU;AAAY,eAAO;AAAA,MAClC,KAAK,UAAU;AAAM,eAAO;AAAA,MAC5B,KAAK,UAAU;AAAA,MACf,KAAK,UAAU;AAAQ,eAAO;AAAA,MAC9B;AAAS,eAAO;AAAA,IAClB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,OAAqC;AACxC,QAAI,KAAK,aAAa,KAAK,UAAU,eAAe,UAAU,MAAM;AAClE,WAAK,UAAU,KAAK,KAAK,UAAU,KAAK,CAAC;AAAA,IAC3C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,QAA8C;AACzD,SAAK,SAAS;AAAA,MACZ,GAAG,KAAK;AAAA,MACR,GAAG;AAAA,IACL;AAAA,EACF;AACF;AAGO,SAAS,eAAe,QAAiD;AAC9E,SAAO,IAAI,gBAAgB,MAAM;AACnC;AAGO,IAAM,WAAW,IAAI,gBAAgB;;;AF/UrC,IAAM,yBAAN,MAA6B;AAAA,EAC1B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,SAAwB;AAAA,EACxB,uBAAuB;AAAA,EAE/B,YAAY,QAA+B;AACzC,SAAK,SAAS;AAAA,MACZ,SAAS;AAAA,MACT,OAAO;AAAA,QACL,SAAS;AAAA,QACT,KAAK;AAAA,MACP;AAAA,MACA,UAAU;AAAA,QACR,SAAS;AAAA,QACT,eAAe;AAAA,QACf,sBAAsB;AAAA,QACtB,gBAAgB;AAAA,MAClB;AAAA,MACA,GAAG;AAAA,IACL;AAEA,SAAK,QAAQ;AAEb,UAAM,iBAAwC;AAAA,MAC5C,eAAe,KAAK,OAAO,UAAU,iBAAiB;AAAA,MACtD,sBAAsB,KAAK,OAAO,UAAU,wBAAwB;AAAA,MACpE,gBAAgB,KAAK,OAAO,UAAU,kBAAkB;AAAA,MACxD,WAAW,MAAM;AACf,aAAK,uBAAuB;AAC5B,aAAK,OAAO,UAAU,YAAY;AAAA,MACpC;AAAA,MACA,cAAc,MAAM;AAClB,aAAK,uBAAuB;AAC5B,aAAK,OAAO,UAAU,eAAe;AAAA,MACvC;AAAA,MACA,SAAS,CAAC,UAAU;AAClB,aAAK,OAAO,UAAU,UAAU,KAAK;AAAA,MACvC;AAAA,IACF;AAEA,SAAK,WAAW,eAAe,cAAc;AAE7C,SAAK,SAAS,cAAAC,QAAM,OAAO;AAAA,MACzB,SAAS,KAAK,OAAO;AAAA,MACrB,SAAS,KAAK,OAAO;AAAA,MACrB,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,IACF,CAAC;AAED,QAAI,KAAK,OAAO,UAAU,WAAW,KAAK,OAAO,SAAS,KAAK;AAC7D,WAAK,cAAc;AAAA,IACrB;AAEA,gBAAY,MAAM;AAChB,WAAK,MAAM,QAAQ;AAAA,IACrB,GAAG,GAAK;AAAA,EACV;AAAA,EAEA,MAAc,gBAA+B;AAC3C,QAAI;AACF,YAAM,KAAK,SAAS;AAAA,QAClB,KAAK,OAAO,SAAU;AAAA,QACtB,KAAK,OAAO,SAAU;AAAA,MACxB;AAEA,WAAK,SAAS,UAAU,eAAe,CAAC,UAAyB;AAC/D,gBAAQ,IAAI,0CAA0C,KAAK;AAC3D,aAAK,OAAO,UAAU,eAAe,KAAK;AAE1C,YAAI,MAAM,QAAQ;AAChB,eAAK,MAAM,eAAe,MAAM,MAAM;AAAA,QACxC,OAAO;AACL,eAAK,MAAM,MAAM;AAAA,QACnB;AAAA,MACF,CAAC;AAED,WAAK,SAAS,UAAU,eAAe,CAAC,UAAyB;AAC/D,gBAAQ,IAAI,0CAA0C,KAAK;AAC3D,aAAK,OAAO,UAAU,eAAe,KAAK;AAE1C,YAAI,MAAM,QAAQ;AAChB,eAAK,MAAM,eAAe,MAAM,MAAM;AAAA,QACxC;AAAA,MACF,CAAC;AAED,WAAK,SAAS,UAAU,eAAe,CAAC,UAAyB;AAC/D,gBAAQ,IAAI,0CAA0C,KAAK;AAC3D,YAAI,MAAM,QAAQ;AAChB,eAAK,MAAM,eAAe,MAAM,MAAM;AAAA,QACxC,OAAO;AACL,eAAK,MAAM,MAAM;AAAA,QACnB;AAAA,MACF,CAAC;AAED,WAAK,SAAS,UAAU,qBAAqB,CAAC,UAAyB;AACrE,gBAAQ,IAAI,gDAAgD,KAAK;AACjE,YAAI,MAAM,QAAQ;AAChB,eAAK,MAAM,eAAe,MAAM,MAAM;AAAA,QACxC,OAAO;AACL,eAAK,MAAM,MAAM;AAAA,QACnB;AAAA,MACF,CAAC;AAAA,IAEH,SAAS,OAAO;AACd,cAAQ,MAAM,8CAA8C,KAAK;AAAA,IACnE;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,KAAc,OAA+B;AACjE,UAAM,QAAQ,OAAO,KAAK,OAAO,UAAU;AAC3C,UAAM,UAAU,SAAS,KAAK,OAAO,UAAU;AAE/C,QAAI,CAAC,OAAO;AACV,YAAM,IAAI,MAAM,2BAA2B;AAAA,IAC7C;AAEA,UAAM,KAAK,cAAc;AAAA,EAC3B;AAAA;AAAA;AAAA;AAAA,EAKA,qBAA2B;AACzB,SAAK,SAAS,WAAW;AAAA,EAC3B;AAAA;AAAA;AAAA;AAAA,EAKA,sBAA+B;AAC7B,WAAO,KAAK,wBAAwB,KAAK,SAAS,YAAY;AAAA,EAChE;AAAA;AAAA;AAAA;AAAA,EAKA,oBAAkF;AAChF,WAAO,KAAK,SAAS,UAAU;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA,EAKA,oBAAoB,WAAmB,SAAqD;AAC1F,WAAO,KAAK,SAAS,UAAU,WAAW,OAAO;AAAA,EACnD;AAAA;AAAA;AAAA;AAAA,EAKA,uBAAuB,SAAqD;AAC1E,WAAO,KAAK,SAAS,aAAa,OAAO;AAAA,EAC3C;AAAA,EAEQ,uBAAuB,OAA8B;AAC3D,QAAI;AACF,YAAM,UAAU,KAAK,MAAM,KAAK,MAAM,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC;AACpD,aAAO,QAAQ,OAAO;AAAA,IACxB,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEQ,YAAY,OAAe,SAAiB,IAAY;AAC9D,UAAM,SAAS,KAAK,uBAAuB,KAAK,KAAK;AACrD,WAAO,QAAQ,MAAM,IAAI,MAAM;AAAA,EACjC;AAAA,EAEA,MAAM,cAAc,OAA4C;AAC9D,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,aAAO,KAAK,gBAAgB,KAAK;AAAA,IACnC;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,QAAQ;AACjD,UAAM,SAAS,KAAK,MAAM,IAAwB,QAAQ;AAE1D,QAAI,QAAQ;AACV,cAAQ,IAAI,4CAA4C;AACxD,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,mDAAmD;AAC/D,UAAM,OAAO,MAAM,KAAK,gBAAgB,KAAK;AAE7C,SAAK,MAAM,IAAI,UAAU,MAAM,KAAK,OAAO,MAAM,GAAG;AAEpD,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,gBAAgB,OAA4C;AACxE,QAAI;AACF,YAAM,WACJ,MAAM,KAAK,OAAO,IAAI,aAAa;AAAA,QACjC,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK;AAAA,QAClC;AAAA,MACF,CAAC;AAEH,UAAI,CAAC,SAAS,KAAK,SAAS;AAC1B,cAAM,IAAI,MAAM,yCAAyC;AAAA,MAC3D;AAEA,aAAO,SAAS,KAAK;AAAA,IACvB,SAAS,OAAO;AACd,UAAI,cAAAA,QAAM,aAAa,KAAK,GAAG;AAC7B,YAAI,MAAM,UAAU,WAAW,KAAK;AAClC,gBAAM,IAAI,MAAM,wCAAwC;AAAA,QAC1D;AACA,cAAM,IAAI,MAAM,cAAc,MAAM,UAAU,MAAM,WAAW,MAAM,OAAO,EAAE;AAAA,MAChF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAM,cAAc,OAAe,YAAsC;AACvE,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,YAAMC,cAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAOA,YAAW,QAAQ;AAAA,QAAK,CAAAC,YAC7BA,QAAO,YAAY,SAAS,UAAU;AAAA,MACxC;AAAA,IACF;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,cAAc,UAAU,EAAE;AACnE,UAAM,SAAS,KAAK,MAAM,IAAa,QAAQ;AAE/C,QAAI,WAAW,MAAM;AACnB,cAAQ,IAAI,8CAA8C,UAAU,EAAE;AACtE,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,qDAAqD,UAAU,EAAE;AAC7E,UAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,UAAM,gBAAgB,WAAW,QAAQ;AAAA,MAAK,CAAAA,YAC5CA,QAAO,YAAY,SAAS,UAAU;AAAA,IACxC;AAEA,SAAK,MAAM,IAAI,UAAU,eAAe,KAAK,OAAO,MAAM,MAAO,CAAC;AAElE,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,QAAQ,OAAe,MAAgC;AAC3D,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,YAAMD,cAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAOA,YAAW,MAAM,SAAS,IAAI;AAAA,IACvC;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,QAAQ,IAAI,EAAE;AACvD,UAAM,SAAS,KAAK,MAAM,IAAa,QAAQ;AAE/C,QAAI,WAAW,MAAM;AACnB,cAAQ,IAAI,wCAAwC,IAAI,EAAE;AAC1D,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,+CAA+C,IAAI,EAAE;AACjE,UAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,UAAM,UAAU,WAAW,MAAM,SAAS,IAAI;AAE9C,SAAK,MAAM,IAAI,UAAU,SAAS,KAAK,OAAO,MAAM,MAAO,CAAC;AAE5D,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,qBAAqB,OAAe,WAAsC;AAC9E,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,YAAMA,cAAa,MAAM,KAAK,cAAc,KAAK;AACjD,YAAMC,UAASD,YAAW,QAAQ,KAAK,OAAK,EAAE,QAAQ,SAAS;AAC/D,aAAOC,SAAQ,eAAe,CAAC;AAAA,IACjC;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,UAAU,SAAS,EAAE;AAC9D,UAAM,SAAS,KAAK,MAAM,IAAc,QAAQ;AAEhD,QAAI,WAAW,MAAM;AACnB,cAAQ,IAAI,0CAA0C,SAAS,EAAE;AACjE,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,6DAA6D,SAAS,EAAE;AACpF,UAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,UAAMA,UAAS,WAAW,QAAQ,KAAK,OAAK,EAAE,QAAQ,SAAS;AAC/D,UAAM,cAAcA,SAAQ,eAAe,CAAC;AAE5C,SAAK,MAAM,IAAI,UAAU,aAAa,KAAK,OAAO,MAAM,GAAG;AAE3D,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,aAAa,OAAkC;AACnD,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,YAAMD,cAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAOA,YAAW;AAAA,IACpB;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,OAAO;AAChD,UAAM,SAAS,KAAK,MAAM,IAAc,QAAQ;AAEhD,QAAI,WAAW,MAAM;AACnB,cAAQ,IAAI,2CAA2C;AACvD,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,kDAAkD;AAC9D,UAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,UAAM,QAAQ,WAAW;AAEzB,SAAK,MAAM,IAAI,UAAU,OAAO,KAAK,OAAO,MAAM,GAAG;AAErD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,oBAAoB,OAAkC;AAC1D,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,YAAMA,cAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAOA,YAAW;AAAA,IACpB;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,eAAe;AACxD,UAAM,SAAS,KAAK,MAAM,IAAc,QAAQ;AAEhD,QAAI,WAAW,MAAM;AACnB,cAAQ,IAAI,8CAA8C;AAC1D,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,qDAAqD;AACjE,UAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,UAAM,eAAe,WAAW;AAEhC,SAAK,MAAM,IAAI,UAAU,cAAc,KAAK,OAAO,MAAM,GAAG;AAE5D,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,eAAe,OAAe,aAAyD;AAC3F,UAAM,UAAmC,CAAC;AAC1C,UAAM,sBAAgC,CAAC;AAEvC,eAAW,cAAc,aAAa;AACpC,UAAI,KAAK,OAAO,OAAO,SAAS;AAC9B,cAAM,WAAW,KAAK,YAAY,OAAO,cAAc,UAAU,EAAE;AACnE,cAAM,SAAS,KAAK,MAAM,IAAa,QAAQ;AAE/C,YAAI,WAAW,MAAM;AACnB,kBAAQ,UAAU,IAAI;AAAA,QACxB,OAAO;AACL,8BAAoB,KAAK,UAAU;AAAA,QACrC;AAAA,MACF,OAAO;AACL,4BAAoB,KAAK,UAAU;AAAA,MACrC;AAAA,IACF;AAEA,QAAI,oBAAoB,SAAS,GAAG;AAClC,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AAEjD,iBAAW,cAAc,qBAAqB;AAC5C,cAAM,gBAAgB,WAAW,QAAQ;AAAA,UAAK,CAAAC,YAC5CA,QAAO,YAAY,SAAS,UAAU;AAAA,QACxC;AACA,gBAAQ,UAAU,IAAI;AAEtB,YAAI,KAAK,OAAO,OAAO,SAAS;AAC9B,gBAAM,WAAW,KAAK,YAAY,OAAO,cAAc,UAAU,EAAE;AACnE,eAAK,MAAM,IAAI,UAAU,eAAe,KAAK,OAAO,MAAM,MAAO,CAAC;AAAA,QACpE;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,OAAe,OAAmD;AAC/E,UAAM,UAAmC,CAAC;AAC1C,UAAM,gBAA0B,CAAC;AAEjC,eAAW,QAAQ,OAAO;AACxB,UAAI,KAAK,OAAO,OAAO,SAAS;AAC9B,cAAM,WAAW,KAAK,YAAY,OAAO,QAAQ,IAAI,EAAE;AACvD,cAAM,SAAS,KAAK,MAAM,IAAa,QAAQ;AAE/C,YAAI,WAAW,MAAM;AACnB,kBAAQ,IAAI,IAAI;AAAA,QAClB,OAAO;AACL,wBAAc,KAAK,IAAI;AAAA,QACzB;AAAA,MACF,OAAO;AACL,sBAAc,KAAK,IAAI;AAAA,MACzB;AAAA,IACF;AAEA,QAAI,cAAc,SAAS,GAAG;AAC5B,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AAEjD,iBAAW,QAAQ,eAAe;AAChC,cAAM,UAAU,WAAW,MAAM,SAAS,IAAI;AAC9C,gBAAQ,IAAI,IAAI;AAEhB,YAAI,KAAK,OAAO,OAAO,SAAS;AAC9B,gBAAM,WAAW,KAAK,YAAY,OAAO,QAAQ,IAAI,EAAE;AACvD,eAAK,MAAM,IAAI,UAAU,SAAS,KAAK,OAAO,MAAM,MAAO,CAAC;AAAA,QAC9D;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,eAAe,OAAqB;AAClC,UAAM,SAAS,KAAK,uBAAuB,KAAK;AAChD,QAAI,QAAQ;AACV,WAAK,MAAM,eAAe,MAAM;AAChC,cAAQ,IAAI,4CAA4C,MAAM,EAAE;AAAA,IAClE;AAAA,EACF;AAAA,EAEA,gBAAsB;AACpB,SAAK,MAAM,MAAM;AACjB,YAAQ,IAAI,oCAAoC;AAAA,EAClD;AAAA,EAEA,gBAAkD;AAChD,WAAO,KAAK,MAAM,SAAS;AAAA,EAC7B;AAAA,EAEA,aAAmB;AACjB,SAAK,SAAS,WAAW;AAAA,EAC3B;AACF;;;AG1cO,IAAMC,kBAAN,MAAqB;AAAA,EAClB;AAAA,EAER,YAAY,QAA+B;AACzC,SAAK,UAAU,IAAI,uBAAuB,MAAM;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,mBACJ,SACA,aACA,UAAoC,CAAC,GACf;AACtB,QAAI;AACF,UAAI,QAAQ,YAAY;AAEtB,cAAM,UAAU,MAAM,KAAK,QAAQ,eAAe,QAAQ,OAAO,WAAW;AAC5E,cAAM,SAAS,YAAY,MAAM,gBAAc,QAAQ,UAAU,CAAC;AAElE,YAAI,CAAC,QAAQ;AACX,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO,uCAAuC,YAAY,KAAK,IAAI,CAAC;AAAA,YACpE,YAAY;AAAA,UACd;AAAA,QACF;AAAA,MACF,OAAO;AAEL,cAAM,gBAAgB,MAAM,KAAK,QAAQ,eAAe,QAAQ,OAAO,WAAW;AAClF,cAAM,SAAS,OAAO,OAAO,aAAa,EAAE,KAAK,OAAO;AAExD,YAAI,CAAC,QAAQ;AACX,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO,8CAA8C,YAAY,KAAK,IAAI,CAAC;AAAA,YAC3E,YAAY;AAAA,UACd;AAAA,QACF;AAAA,MACF;AAEA,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aACJ,SACA,OACA,UAAoC,CAAC,GACf;AACtB,QAAI;AACF,UAAI,QAAQ,YAAY;AAEtB,cAAM,UAAU,MAAM,KAAK,QAAQ,SAAS,QAAQ,OAAO,KAAK;AAChE,cAAM,SAAS,MAAM,MAAM,UAAQ,QAAQ,IAAI,CAAC;AAEhD,YAAI,CAAC,QAAQ;AACX,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO,iCAAiC,MAAM,KAAK,IAAI,CAAC;AAAA,YACxD,YAAY;AAAA,UACd;AAAA,QACF;AAAA,MACF,OAAO;AAEL,cAAM,UAAU,MAAM,KAAK,QAAQ,SAAS,QAAQ,OAAO,KAAK;AAChE,cAAM,SAAS,OAAO,OAAO,OAAO,EAAE,KAAK,OAAO;AAElD,YAAI,CAAC,QAAQ;AACX,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO,wCAAwC,MAAM,KAAK,IAAI,CAAC;AAAA,YAC/D,YAAY;AAAA,UACd;AAAA,QACF;AAAA,MACF;AAEA,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,eACJ,SACA,SACA,UAAoC,CAAC,GACf;AACtB,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,YAAM,iBAAiB,WAAW,QAAQ,IAAI,OAAK,EAAE,GAAG;AAExD,UAAI;AAEJ,UAAI,QAAQ,YAAY;AAEtB,oBAAY,QAAQ,MAAM,CAAAC,YAAU,eAAe,SAASA,OAAM,CAAC;AAAA,MACrE,OAAO;AAEL,oBAAY,QAAQ,KAAK,CAAAA,YAAU,eAAe,SAASA,OAAM,CAAC;AAAA,MACpE;AAEA,UAAI,CAAC,WAAW;AACd,eAAO;AAAA,UACL,SAAS;AAAA,UACT,OAAO,yCAAyC,QAAQ,KAAK,IAAI,CAAC;AAAA,UAClE,YAAY;AAAA,QACd;AAAA,MACF;AAEA,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,oBACJ,SACA,cACA,UAAoC,CAAC,GACf;AACtB,QAAI;AACF,YAAM,mBAAmB,MAAM,KAAK,QAAQ,oBAAoB,QAAQ,KAAK;AAE7E,UAAI;AAEJ,UAAI,QAAQ,YAAY;AAEtB,oBAAY,aAAa,MAAM,YAAU,iBAAiB,SAAS,MAAM,CAAC;AAAA,MAC5E,OAAO;AAEL,oBAAY,aAAa,KAAK,YAAU,iBAAiB,SAAS,MAAM,CAAC;AAAA,MAC3E;AAEA,UAAI,CAAC,WAAW;AACd,eAAO;AAAA,UACL,SAAS;AAAA,UACT,OAAO,+CAA+C,aAAa,KAAK,IAAI,CAAC;AAAA,UAC7E,YAAY;AAAA,QACd;AAAA,MACF;AAEA,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,QAAQ,SAAuB,SAA6C;AAChF,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,UAAI,SAAS;AACb,YAAM,WAAqB,CAAC;AAG5B,UAAI,QAAQ,eAAe,QAAQ,YAAY,SAAS,GAAG;AACzD,cAAM,kBAAkB,WAAW,QAAQ,QAAQ,OAAK,EAAE,WAAW;AACrE,cAAM,iBAAiB,QAAQ,aAC3B,QAAQ,YAAY,MAAM,OAAK,gBAAgB,SAAS,CAAC,CAAC,IAC1D,QAAQ,YAAY,KAAK,OAAK,gBAAgB,SAAS,CAAC,CAAC;AAE7D,YAAI,CAAC,gBAAgB;AACnB,mBAAS;AACT,mBAAS,KAAK,gBAAgB,QAAQ,YAAY,KAAK,IAAI,CAAC,EAAE;AAAA,QAChE;AAAA,MACF;AAGA,UAAI,QAAQ,SAAS,QAAQ,MAAM,SAAS,GAAG;AAC7C,cAAM,WAAW,QAAQ,aACrB,QAAQ,MAAM,MAAM,OAAK,WAAW,MAAM,SAAS,CAAC,CAAC,IACrD,QAAQ,MAAM,KAAK,OAAK,WAAW,MAAM,SAAS,CAAC,CAAC;AAExD,YAAI,CAAC,UAAU;AACb,mBAAS;AACT,mBAAS,KAAK,UAAU,QAAQ,MAAM,KAAK,IAAI,CAAC,EAAE;AAAA,QACpD;AAAA,MACF;AAGA,UAAI,QAAQ,WAAW,QAAQ,QAAQ,SAAS,GAAG;AACjD,cAAM,iBAAiB,WAAW,QAAQ,IAAI,OAAK,EAAE,GAAG;AACxD,cAAM,aAAa,QAAQ,aACvB,QAAQ,QAAQ,MAAM,OAAK,eAAe,SAAS,CAAC,CAAC,IACrD,QAAQ,QAAQ,KAAK,OAAK,eAAe,SAAS,CAAC,CAAC;AAExD,YAAI,CAAC,YAAY;AACf,mBAAS;AACT,mBAAS,KAAK,YAAY,QAAQ,QAAQ,KAAK,IAAI,CAAC,EAAE;AAAA,QACxD;AAAA,MACF;AAGA,UAAI,QAAQ,gBAAgB,QAAQ,aAAa,SAAS,GAAG;AAC3D,cAAM,kBAAkB,QAAQ,aAC5B,QAAQ,aAAa,MAAM,QAAM,WAAW,aAAa,SAAS,EAAE,CAAC,IACrE,QAAQ,aAAa,KAAK,QAAM,WAAW,aAAa,SAAS,EAAE,CAAC;AAExE,YAAI,CAAC,iBAAiB;AACpB,mBAAS;AACT,mBAAS,KAAK,kBAAkB,QAAQ,aAAa,KAAK,IAAI,CAAC,EAAE;AAAA,QACnE;AAAA,MACF;AAEA,UAAI,CAAC,QAAQ;AACX,eAAO;AAAA,UACL,SAAS;AAAA,UACT,OAAO,2BAA2B,SAAS,KAAK,IAAI,CAAC;AAAA,UACrD,YAAY;AAAA,QACd;AAAA,MACF;AAEA,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,SAA6C;AAC9D,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,aAAqC;AACnC,WAAO,KAAK;AAAA,EACd;AACF;AAKO,SAAS,aAAa,SAA6B;AAExD,MAAI,QAAQ,SAAS,eAAe;AAClC,UAAM,aAAa,QAAQ,QAAQ;AACnC,QAAI,WAAW,WAAW,SAAS,GAAG;AACpC,aAAO,WAAW,UAAU,CAAC;AAAA,IAC/B;AAAA,EACF;AAGA,MAAI,QAAQ,SAAS,eAAe;AAClC,UAAM,aAAa,QAAQ,QAAQ;AACnC,QAAI,WAAW,WAAW,SAAS,GAAG;AACpC,aAAO,WAAW,UAAU,CAAC;AAAA,IAC/B;AAAA,EACF;AAGA,MAAI,QAAQ,UAAU,gBAAgB,GAAG;AACvC,WAAO,QAAQ,QAAQ,gBAAgB;AAAA,EACzC;AAGA,MAAI,QAAQ,OAAO,OAAO;AACxB,WAAO,QAAQ,MAAM;AAAA,EACvB;AAEA,SAAO;AACT;;;ACzSO,SAAS,qBAAqB,QAAa;AAChD,QAAM,QAAQ,IAAIC,gBAAe,MAAM;AAEvC,SAAO;AAAA;AAAA;AAAA;AAAA,IAIL,mBAAmB,aAAuB,UAAoC,CAAC,GAAG;AAChF,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,mBAAmB,SAAS,aAAa,OAAO;AAE3E,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,aAAa,OAAiB,UAAoC,CAAC,GAAG;AACpE,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,aAAa,SAAS,OAAO,OAAO;AAE/D,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,eAAe,SAAmB,UAAoC,CAAC,GAAG;AACxE,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,eAAe,SAAS,SAAS,OAAO;AAEnE,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,oBAAoB,cAAwB,UAAoC,CAAC,GAAG;AAClF,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,oBAAoB,SAAS,cAAc,OAAO;AAE7E,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,QAAQ,SAAuB;AAC7B,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,QAAQ,SAAS,OAAO;AAEnD,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,eAAe;AACb,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,aAAa,OAAO;AAE/C,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,WAA2B;AACzB,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAEA,SAAS,mBAAmB,KAAmC;AAC7D,QAAM,QAAQ,aAAa,GAAG;AAC9B,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,EACT;AAEA,SAAO;AAAA,IACL;AAAA,IACA,SAAS;AAAA,EACX;AACF;;;ACxQO,SAAS,qBAAqB,QAAa;AAChD,QAAM,QAAQ,IAAIC,gBAAe,MAAM;AAEvC,SAAO;AAAA;AAAA;AAAA;AAAA,IAIL,mBAAmB,aAAuB,UAAoC,CAAC,GAAG;AAChF,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUC,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,mBAAmB,SAAS,aAAa,OAAO;AAE3E,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,aAAa,OAAiB,UAAoC,CAAC,GAAG;AACpE,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUA,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,aAAa,SAAS,OAAO,OAAO;AAE/D,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,eAAe,SAAmB,UAAoC,CAAC,GAAG;AACxE,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUA,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,eAAe,SAAS,SAAS,OAAO;AAEnE,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,oBAAoB,cAAwB,UAAoC,CAAC,GAAG;AAClF,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUA,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,oBAAoB,SAAS,cAAc,OAAO;AAE7E,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,QAAQ,SAAuB;AAC7B,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUA,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,QAAQ,SAAS,OAAO;AAEnD,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,eAAe;AACb,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUA,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,aAAa,OAAO;AAE/C,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,WAA2B;AACzB,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAEA,SAASA,oBAAmB,KAA0C;AACpE,QAAM,QAAQ,aAAa,GAAG;AAC9B,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,EACT;AAEA,SAAO;AAAA,IACL;AAAA,IACA,SAAS;AAAA,EACX;AACF;","names":["ExGuardBackend","axios","module","import_axios","axios","userAccess","module","ExGuardBackend","module","ExGuardBackend","ExGuardBackend","createGuardContext"]}
|
|
1
|
+
{"version":3,"sources":["../src/index.ts","../src/exguard-backend.ts","../src/exguard-backend-enhanced.ts","../src/cache.ts","../src/realtime.ts","../src/guards.ts","../src/express.ts","../src/fastify.ts"],"sourcesContent":["export { ExGuardBackend } from './exguard-backend.js';\nexport { ExGuardBackendEnhanced } from './exguard-backend-enhanced.js';\nexport { cache, ExGuardCache } from './cache.js';\nexport { realtime, ExGuardRealtime, createRealtime } from './realtime.js';\nexport type { \n RealtimeEvent, \n RealtimeEventHandler,\n RealtimeConnectionHandler,\n RealtimeErrorHandler,\n RealtimeAuthOptions,\n ExGuardRealtimeConfig \n} from './realtime.js';\n\n// Backend protection exports\nexport { ExGuardBackend as Guard } from './guards.js';\nexport { createExGuardExpress } from './express.js';\nexport { createExGuardFastify } from './fastify.js';\nexport type { \n UserAccessResponse, \n ApiResponse, \n ExGuardConfig,\n ExGuardEnhancedConfig,\n ExGuardCacheConfig,\n ExGuardRealtimeConfig as ExGuardRealtimeConfigType,\n GuardContext,\n GuardResult,\n GuardOptions\n} from './types.js';\n","import axios, { AxiosInstance, AxiosResponse } from 'axios';\nimport { \n UserAccessResponse, \n ApiResponse, \n ExGuardConfig \n} from './types.js';\n\nexport class ExGuardBackend {\n private client: AxiosInstance;\n private config: ExGuardConfig;\n\n constructor(config: ExGuardConfig) {\n this.config = {\n timeout: 10000,\n ...config,\n };\n\n this.client = axios.create({\n baseURL: this.config.apiUrl,\n timeout: this.config.timeout,\n headers: {\n 'Content-Type': 'application/json',\n },\n });\n }\n\n /**\n * Get user roles and permissions from the /guard/me endpoint\n * @param token - JWT access token\n * @returns Promise<UserAccessResponse>\n */\n async getUserAccess(token: string): Promise<UserAccessResponse> {\n try {\n const response: AxiosResponse<ApiResponse<UserAccessResponse>> = \n await this.client.get('/guard/me', {\n headers: {\n 'Authorization': `Bearer ${token}`,\n },\n });\n\n if (!response.data.success) {\n throw new Error('Failed to fetch user access information');\n }\n\n return response.data.data;\n } catch (error) {\n if (axios.isAxiosError(error)) {\n if (error.response?.status === 401) {\n throw new Error('Unauthorized: Invalid or expired token');\n }\n throw new Error(`API Error: ${error.response?.data?.message || error.message}`);\n }\n throw error;\n }\n }\n\n /**\n * Check if user has specific permission\n * @param token - JWT access token\n * @param permission - Permission to check (e.g., 'events:create')\n * @returns Promise<boolean>\n */\n async hasPermission(token: string, permission: string): Promise<boolean> {\n try {\n const userAccess = await this.getUserAccess(token);\n return userAccess.modules.some(module => \n module.permissions.includes(permission)\n );\n } catch (error) {\n return false;\n }\n }\n\n /**\n * Check if user has specific role\n * @param token - JWT access token\n * @param role - Role to check (e.g., 'Event Manager')\n * @returns Promise<boolean>\n */\n async hasRole(token: string, role: string): Promise<boolean> {\n try {\n const userAccess = await this.getUserAccess(token);\n return userAccess.roles.includes(role);\n } catch (error) {\n return false;\n }\n }\n\n /**\n * Get all permissions for a specific module\n * @param token - JWT access token\n * @param moduleKey - Module key (e.g., 'events')\n * @returns Promise<string[]>\n */\n async getModulePermissions(token: string, moduleKey: string): Promise<string[]> {\n try {\n const userAccess = await this.getUserAccess(token);\n const module = userAccess.modules.find(m => m.key === moduleKey);\n return module?.permissions || [];\n } catch (error) {\n return [];\n }\n }\n\n /**\n * Get user roles\n * @param token - JWT access token\n * @returns Promise<string[]>\n */\n async getUserRoles(token: string): Promise<string[]> {\n try {\n const userAccess = await this.getUserAccess(token);\n return userAccess.roles;\n } catch (error) {\n return [];\n }\n }\n\n /**\n * Get user field offices\n * @param token - JWT access token\n * @returns Promise<string[]>\n */\n async getUserFieldOffices(token: string): Promise<string[]> {\n try {\n const userAccess = await this.getUserAccess(token);\n return userAccess.fieldOffices;\n } catch (error) {\n return [];\n }\n }\n}\n","import axios, { AxiosInstance, AxiosResponse } from 'axios';\nimport { \n UserAccessResponse, \n ApiResponse, \n ExGuardConfig \n} from './types.js';\nimport { cache, ExGuardCache } from './cache.js';\nimport { \n realtime, \n RealtimeEvent, \n ExGuardRealtime,\n ExGuardRealtimeConfig,\n createRealtime \n} from './realtime.js';\n\nexport interface ExGuardEnhancedConfig extends ExGuardConfig {\n cache?: {\n ttl?: number;\n enabled?: boolean;\n };\n realtime?: {\n enabled?: boolean;\n url?: string;\n accessToken?: string;\n autoReconnect?: boolean;\n maxReconnectAttempts?: number;\n reconnectDelay?: number;\n autoConnect?: boolean;\n onConnect?: () => void;\n onDisconnect?: () => void;\n onError?: (error: Error) => void;\n onRBACUpdate?: (event: RealtimeEvent) => void;\n onUserUpdate?: (event: RealtimeEvent) => void;\n };\n}\n\nexport class ExGuardBackendEnhanced {\n private client: AxiosInstance;\n private config: ExGuardEnhancedConfig;\n private cache: ExGuardCache;\n private realtime: ExGuardRealtime;\n private userId: string | null = null;\n private _isRealtimeConnected = false;\n\n constructor(config: ExGuardEnhancedConfig) {\n this.config = {\n timeout: 10000,\n cache: {\n enabled: true,\n ttl: 300000,\n },\n realtime: {\n enabled: false,\n autoReconnect: true,\n maxReconnectAttempts: 5,\n reconnectDelay: 1000,\n },\n ...config,\n };\n\n this.cache = cache;\n \n const realtimeConfig: ExGuardRealtimeConfig = {\n autoReconnect: this.config.realtime?.autoReconnect ?? true,\n maxReconnectAttempts: this.config.realtime?.maxReconnectAttempts ?? 5,\n reconnectDelay: this.config.realtime?.reconnectDelay ?? 1000,\n onConnect: () => {\n this._isRealtimeConnected = true;\n this.config.realtime?.onConnect?.();\n },\n onDisconnect: () => {\n this._isRealtimeConnected = false;\n this.config.realtime?.onDisconnect?.();\n },\n onError: (error) => {\n this.config.realtime?.onError?.(error);\n },\n };\n \n this.realtime = createRealtime(realtimeConfig);\n\n this.client = axios.create({\n baseURL: this.config.apiUrl,\n timeout: this.config.timeout,\n headers: {\n 'Content-Type': 'application/json',\n },\n });\n\n if (this.config.realtime?.enabled && this.config.realtime.url) {\n this.setupRealtime();\n }\n\n setInterval(() => {\n this.cache.cleanup();\n }, 60000);\n }\n\n private async setupRealtime(): Promise<void> {\n if (!this.config.realtime?.url) {\n return;\n }\n\n try {\n await this.realtime.connect(\n this.config.realtime.url, \n this.config.realtime.accessToken\n );\n \n this.realtime.subscribe('rbac_update', (event: RealtimeEvent) => {\n console.log('[ExGuardBackend] RBAC update received:', event);\n this.config.realtime?.onRBACUpdate?.(event);\n \n if (event.userId) {\n this.cache.clearUserCache(event.userId);\n } else {\n this.cache.clear();\n }\n });\n\n this.realtime.subscribe('user_update', (event: RealtimeEvent) => {\n console.log('[ExGuardBackend] User update received:', event);\n this.config.realtime?.onUserUpdate?.(event);\n \n if (event.userId) {\n this.cache.clearUserCache(event.userId);\n }\n });\n\n this.realtime.subscribe('role_update', (event: RealtimeEvent) => {\n console.log('[ExGuardBackend] Role update received:', event);\n if (event.userId) {\n this.cache.clearUserCache(event.userId);\n } else {\n this.cache.clear();\n }\n });\n\n this.realtime.subscribe('permission_update', (event: RealtimeEvent) => {\n console.log('[ExGuardBackend] Permission update received:', event);\n if (event.userId) {\n this.cache.clearUserCache(event.userId);\n } else {\n this.cache.clear();\n }\n });\n\n } catch (error) {\n console.warn('[ExGuardBackend] Realtime connection failed (will retry on demand):', error);\n }\n }\n\n /**\n * Manually connect to realtime server\n */\n async connectRealtime(url?: string, accessToken?: string): Promise<void> {\n const wsUrl = url || this.config.realtime?.url;\n const wsToken = accessToken || this.config.realtime?.accessToken;\n \n if (!wsUrl) {\n throw new Error('WebSocket URL is required');\n }\n \n await this.setupRealtime();\n }\n\n /**\n * Disconnect from realtime server\n */\n disconnectRealtime(): void {\n this.realtime.disconnect();\n }\n\n /**\n * Check if realtime is connected\n */\n isRealtimeConnected(): boolean {\n return this._isRealtimeConnected || this.realtime.isConnected();\n }\n\n /**\n * Get realtime connection status\n */\n getRealtimeStatus(): 'connecting' | 'connected' | 'disconnected' | 'reconnecting' {\n return this.realtime.getStatus();\n }\n\n /**\n * Subscribe to realtime events\n */\n subscribeToRealtime(eventType: string, handler: (event: RealtimeEvent) => void): () => void {\n return this.realtime.subscribe(eventType, handler);\n }\n\n /**\n * Subscribe to all realtime events\n */\n subscribeToAllRealtime(handler: (event: RealtimeEvent) => void): () => void {\n return this.realtime.subscribeAll(handler);\n }\n\n private extractUserIdFromToken(token: string): string | null {\n try {\n const payload = JSON.parse(atob(token.split('.')[1]));\n return payload.sub || null;\n } catch {\n return null;\n }\n }\n\n private getCacheKey(token: string, suffix: string = ''): string {\n const userId = this.extractUserIdFromToken(token) || 'unknown';\n return `user:${userId}:${suffix}`;\n }\n\n async getUserAccess(token: string): Promise<UserAccessResponse> {\n if (!this.config.cache?.enabled) {\n return this.fetchUserAccess(token);\n }\n\n const cacheKey = this.getCacheKey(token, 'access');\n const cached = this.cache.get<UserAccessResponse>(cacheKey);\n \n if (cached) {\n console.log('[ExGuardBackend] Cache hit for user access');\n return cached;\n }\n\n console.log('[ExGuardBackend] Cache miss, fetching user access');\n const data = await this.fetchUserAccess(token);\n \n this.cache.set(cacheKey, data, this.config.cache.ttl);\n \n return data;\n }\n\n private async fetchUserAccess(token: string): Promise<UserAccessResponse> {\n try {\n const response: AxiosResponse<ApiResponse<UserAccessResponse>> = \n await this.client.get('/guard/me', {\n headers: {\n 'Authorization': `Bearer ${token}`,\n },\n });\n\n if (!response.data.success) {\n throw new Error('Failed to fetch user access information');\n }\n\n return response.data.data;\n } catch (error) {\n if (axios.isAxiosError(error)) {\n if (error.response?.status === 401) {\n throw new Error('Unauthorized: Invalid or expired token');\n }\n throw new Error(`API Error: ${error.response?.data?.message || error.message}`);\n }\n throw error;\n }\n }\n\n async hasPermission(token: string, permission: string): Promise<boolean> {\n if (!this.config.cache?.enabled) {\n const userAccess = await this.getUserAccess(token);\n return userAccess.modules.some(module => \n module.permissions.includes(permission)\n );\n }\n\n const cacheKey = this.getCacheKey(token, `permission:${permission}`);\n const cached = this.cache.get<boolean>(cacheKey);\n \n if (cached !== null) {\n console.log(`[ExGuardBackend] Cache hit for permission: ${permission}`);\n return cached;\n }\n\n console.log(`[ExGuardBackend] Cache miss, checking permission: ${permission}`);\n const userAccess = await this.getUserAccess(token);\n const hasPermission = userAccess.modules.some(module => \n module.permissions.includes(permission)\n );\n \n this.cache.set(cacheKey, hasPermission, this.config.cache.ttl! / 2);\n \n return hasPermission;\n }\n\n async hasRole(token: string, role: string): Promise<boolean> {\n if (!this.config.cache?.enabled) {\n const userAccess = await this.getUserAccess(token);\n return userAccess.roles.includes(role);\n }\n\n const cacheKey = this.getCacheKey(token, `role:${role}`);\n const cached = this.cache.get<boolean>(cacheKey);\n \n if (cached !== null) {\n console.log(`[ExGuardBackend] Cache hit for role: ${role}`);\n return cached;\n }\n\n console.log(`[ExGuardBackend] Cache miss, checking role: ${role}`);\n const userAccess = await this.getUserAccess(token);\n const hasRole = userAccess.roles.includes(role);\n \n this.cache.set(cacheKey, hasRole, this.config.cache.ttl! / 2);\n \n return hasRole;\n }\n\n async getModulePermissions(token: string, moduleKey: string): Promise<string[]> {\n if (!this.config.cache?.enabled) {\n const userAccess = await this.getUserAccess(token);\n const module = userAccess.modules.find(m => m.key === moduleKey);\n return module?.permissions || [];\n }\n\n const cacheKey = this.getCacheKey(token, `module:${moduleKey}`);\n const cached = this.cache.get<string[]>(cacheKey);\n \n if (cached !== null) {\n console.log(`[ExGuardBackend] Cache hit for module: ${moduleKey}`);\n return cached;\n }\n\n console.log(`[ExGuardBackend] Cache miss, fetching module permissions: ${moduleKey}`);\n const userAccess = await this.getUserAccess(token);\n const module = userAccess.modules.find(m => m.key === moduleKey);\n const permissions = module?.permissions || [];\n \n this.cache.set(cacheKey, permissions, this.config.cache.ttl);\n \n return permissions;\n }\n\n async getUserRoles(token: string): Promise<string[]> {\n if (!this.config.cache?.enabled) {\n const userAccess = await this.getUserAccess(token);\n return userAccess.roles;\n }\n\n const cacheKey = this.getCacheKey(token, 'roles');\n const cached = this.cache.get<string[]>(cacheKey);\n \n if (cached !== null) {\n console.log('[ExGuardBackend] Cache hit for user roles');\n return cached;\n }\n\n console.log('[ExGuardBackend] Cache miss, fetching user roles');\n const userAccess = await this.getUserAccess(token);\n const roles = userAccess.roles;\n \n this.cache.set(cacheKey, roles, this.config.cache.ttl);\n \n return roles;\n }\n\n async getUserFieldOffices(token: string): Promise<string[]> {\n if (!this.config.cache?.enabled) {\n const userAccess = await this.getUserAccess(token);\n return userAccess.fieldOffices;\n }\n\n const cacheKey = this.getCacheKey(token, 'field-offices');\n const cached = this.cache.get<string[]>(cacheKey);\n \n if (cached !== null) {\n console.log('[ExGuardBackend] Cache hit for field offices');\n return cached;\n }\n\n console.log('[ExGuardBackend] Cache miss, fetching field offices');\n const userAccess = await this.getUserAccess(token);\n const fieldOffices = userAccess.fieldOffices;\n \n this.cache.set(cacheKey, fieldOffices, this.config.cache.ttl);\n \n return fieldOffices;\n }\n\n async hasPermissions(token: string, permissions: string[]): Promise<Record<string, boolean>> {\n const results: Record<string, boolean> = {};\n const uncachedPermissions: string[] = [];\n \n for (const permission of permissions) {\n if (this.config.cache?.enabled) {\n const cacheKey = this.getCacheKey(token, `permission:${permission}`);\n const cached = this.cache.get<boolean>(cacheKey);\n \n if (cached !== null) {\n results[permission] = cached;\n } else {\n uncachedPermissions.push(permission);\n }\n } else {\n uncachedPermissions.push(permission);\n }\n }\n\n if (uncachedPermissions.length > 0) {\n const userAccess = await this.getUserAccess(token);\n \n for (const permission of uncachedPermissions) {\n const hasPermission = userAccess.modules.some(module => \n module.permissions.includes(permission)\n );\n results[permission] = hasPermission;\n \n if (this.config.cache?.enabled) {\n const cacheKey = this.getCacheKey(token, `permission:${permission}`);\n this.cache.set(cacheKey, hasPermission, this.config.cache.ttl! / 2);\n }\n }\n }\n\n return results;\n }\n\n async hasRoles(token: string, roles: string[]): Promise<Record<string, boolean>> {\n const results: Record<string, boolean> = {};\n const uncachedRoles: string[] = [];\n \n for (const role of roles) {\n if (this.config.cache?.enabled) {\n const cacheKey = this.getCacheKey(token, `role:${role}`);\n const cached = this.cache.get<boolean>(cacheKey);\n \n if (cached !== null) {\n results[role] = cached;\n } else {\n uncachedRoles.push(role);\n }\n } else {\n uncachedRoles.push(role);\n }\n }\n\n if (uncachedRoles.length > 0) {\n const userAccess = await this.getUserAccess(token);\n \n for (const role of uncachedRoles) {\n const hasRole = userAccess.roles.includes(role);\n results[role] = hasRole;\n \n if (this.config.cache?.enabled) {\n const cacheKey = this.getCacheKey(token, `role:${role}`);\n this.cache.set(cacheKey, hasRole, this.config.cache.ttl! / 2);\n }\n }\n }\n\n return results;\n }\n\n clearUserCache(token: string): void {\n const userId = this.extractUserIdFromToken(token);\n if (userId) {\n this.cache.clearUserCache(userId);\n console.log(`[ExGuardBackend] Cache cleared for user: ${userId}`);\n }\n }\n\n clearAllCache(): void {\n this.cache.clear();\n console.log('[ExGuardBackend] All cache cleared');\n }\n\n getCacheStats(): { size: number; keys: string[] } {\n return this.cache.getStats();\n }\n\n disconnect(): void {\n this.realtime.disconnect();\n }\n}\n","/**\n * In-memory cache for user access data with TTL support\n */\n\nexport interface CacheEntry<T> {\n data: T;\n timestamp: number;\n ttl: number;\n}\n\nexport class ExGuardCache {\n private cache = new Map<string, CacheEntry<any>>();\n private subscribers = new Map<string, Set<() => void>>();\n private defaultTTL = 300000; // 5 minutes\n\n /**\n * Get cached data\n */\n get<T>(key: string): T | null {\n const entry = this.cache.get(key);\n if (!entry) return null;\n\n // Check if expired\n if (Date.now() - entry.timestamp > entry.ttl) {\n this.cache.delete(key);\n return null;\n }\n\n return entry.data;\n }\n\n /**\n * Set cached data with TTL\n */\n set<T>(key: string, data: T, ttl?: number): void {\n this.cache.set(key, {\n data,\n timestamp: Date.now(),\n ttl: ttl || this.defaultTTL,\n });\n }\n\n /**\n * Delete cached data\n */\n delete(key: string): boolean {\n const deleted = this.cache.delete(key);\n if (deleted) {\n this.notifySubscribers(key);\n }\n return deleted;\n }\n\n /**\n * Clear all cache\n */\n clear(): void {\n const keys = Array.from(this.cache.keys());\n this.cache.clear();\n keys.forEach(key => this.notifySubscribers(key));\n }\n\n /**\n * Clear cache for a specific user\n */\n clearUserCache(userId: string): void {\n const keysToDelete = Array.from(this.cache.keys()).filter(key => \n key.startsWith(`user:${userId}:`)\n );\n \n keysToDelete.forEach(key => {\n this.cache.delete(key);\n this.notifySubscribers(key);\n });\n }\n\n /**\n * Subscribe to cache changes\n */\n subscribe(key: string, callback: () => void): () => void {\n if (!this.subscribers.has(key)) {\n this.subscribers.set(key, new Set());\n }\n \n this.subscribers.get(key)!.add(callback);\n \n // Return unsubscribe function\n return () => {\n const callbacks = this.subscribers.get(key);\n if (callbacks) {\n callbacks.delete(callback);\n if (callbacks.size === 0) {\n this.subscribers.delete(key);\n }\n }\n };\n }\n\n /**\n * Notify subscribers of cache changes\n */\n private notifySubscribers(key: string): void {\n const callbacks = this.subscribers.get(key);\n if (callbacks) {\n callbacks.forEach(callback => {\n try {\n callback();\n } catch (error) {\n console.error('Cache subscriber error:', error);\n }\n });\n }\n }\n\n /**\n * Get cache statistics\n */\n getStats(): { size: number; keys: string[] } {\n return {\n size: this.cache.size,\n keys: Array.from(this.cache.keys()),\n };\n }\n\n /**\n * Clean up expired entries\n */\n cleanup(): void {\n const now = Date.now();\n const keysToDelete: string[] = [];\n\n this.cache.forEach((entry, key) => {\n if (now - entry.timestamp > entry.ttl) {\n keysToDelete.push(key);\n }\n });\n\n keysToDelete.forEach(key => {\n this.cache.delete(key);\n this.notifySubscribers(key);\n });\n }\n}\n\n// Global cache instance\nexport const cache = new ExGuardCache();\n","/**\n * Realtime event handling for cache invalidation with WebSocket support\n * Works in both browser and Node.js environments\n */\n\nlet WebSocketImpl: any;\nif (typeof window === 'undefined') {\n try {\n WebSocketImpl = require('ws');\n } catch {\n WebSocketImpl = null;\n }\n} else {\n WebSocketImpl = WebSocket;\n}\n\nexport interface RealtimeEvent {\n type: 'rbac_update' | 'user_update' | 'role_update' | 'permission_update';\n userId?: string;\n data?: any;\n timestamp: number;\n}\n\nexport interface RealtimeEventHandler {\n (event: RealtimeEvent): void;\n}\n\nexport interface RealtimeConnectionHandler {\n (): void;\n}\n\nexport interface RealtimeAuthOptions {\n accessToken?: string;\n apiKey?: string;\n bearerToken?: string;\n}\n\nexport interface RealtimeErrorHandler {\n (error: Error): void;\n}\n\nexport interface ExGuardRealtimeConfig {\n autoReconnect?: boolean;\n maxReconnectAttempts?: number;\n reconnectDelay?: number;\n reconnectMaxDelay?: number;\n onConnect?: RealtimeConnectionHandler;\n onDisconnect?: RealtimeConnectionHandler;\n onError?: RealtimeErrorHandler;\n autoConnect?: boolean;\n}\n\nexport class ExGuardRealtime {\n private handlers = new Map<string, Set<RealtimeEventHandler>>();\n private websocket: any = null;\n private reconnectAttempts = 0;\n private config: Required<ExGuardRealtimeConfig>;\n private currentUrl: string | null = null;\n private currentToken: string | null = null;\n private shouldReconnect = true;\n private isNode = typeof window === 'undefined';\n\n constructor(config: ExGuardRealtimeConfig = {}) {\n this.config = {\n autoReconnect: config.autoReconnect ?? true,\n maxReconnectAttempts: config.maxReconnectAttempts ?? 5,\n reconnectDelay: config.reconnectDelay ?? 1000,\n reconnectMaxDelay: config.reconnectMaxDelay ?? 30000,\n onConnect: config.onConnect ?? (() => {}),\n onDisconnect: config.onDisconnect ?? (() => {}),\n onError: config.onError ?? ((error: Error) => console.error('[ExGuardRealtime] Error:', error)),\n autoConnect: config.autoConnect ?? false,\n };\n }\n\n /**\n * Initialize and optionally connect to realtime server\n */\n async init(url?: string, accessToken?: string): Promise<void> {\n if (url) {\n this.currentUrl = url;\n this.currentToken = accessToken ?? null;\n if (this.config.autoConnect) {\n try {\n await this.connect(url, accessToken);\n } catch (error) {\n console.warn('[ExGuardRealtime] Auto-connect failed, will retry on demand:', error);\n }\n }\n }\n }\n\n /**\n * Connect to realtime server\n * @param url - WebSocket URL (e.g., wss://api.example.com/realtime)\n * @param auth - Authentication options (accessToken, apiKey, bearerToken) - optional\n * @param silent - If true, won't throw error on connection failure\n */\n connect(url: string, auth?: string | RealtimeAuthOptions, silent = false): Promise<void> {\n let authToken: string | undefined;\n let authType: 'access_token' | 'api_key' | 'bearer' | null = null;\n\n if (typeof auth === 'string') {\n authToken = auth;\n authType = 'access_token';\n } else if (auth?.accessToken) {\n authToken = auth.accessToken;\n authType = 'access_token';\n } else if (auth?.apiKey) {\n authToken = auth.apiKey;\n authType = 'api_key';\n } else if (auth?.bearerToken) {\n authToken = auth.bearerToken;\n authType = 'bearer';\n }\n\n return new Promise((resolve, reject) => {\n this.shouldReconnect = true;\n this.currentUrl = url;\n this.currentToken = authToken ?? null;\n\n if (!WebSocketImpl) {\n const err = new Error('WebSocket is not available. Install \"ws\" package for Node.js: npm install ws');\n this.config.onError(err);\n if (!silent) reject(err);\n return;\n }\n\n try {\n let wsUrl = url;\n if (authToken && authType) {\n if (authType === 'bearer') {\n wsUrl = `${url}?bearer=${encodeURIComponent(authToken)}`;\n } else {\n wsUrl = `${url}?${authType}=${encodeURIComponent(authToken)}`;\n }\n }\n \n if (this.isNode && WebSocketImpl === require('ws')) {\n this.websocket = new WebSocketImpl(wsUrl);\n this.setupNodeWebSocket(resolve, reject);\n } else {\n this.websocket = new WebSocketImpl(wsUrl);\n this.setupBrowserWebSocket(resolve, reject);\n }\n } catch (error) {\n reject(error);\n }\n });\n }\n\n private setupBrowserWebSocket(resolve: (value: void) => void, reject: (reason?: any) => void): void {\n const timeout = setTimeout(() => {\n reject(new Error('Connection timeout'));\n }, 10000);\n\n this.websocket.onopen = () => {\n clearTimeout(timeout);\n this.reconnectAttempts = 0;\n console.log('[ExGuardRealtime] Connected to realtime server');\n this.config.onConnect();\n resolve();\n };\n\n this.websocket.onmessage = (event: any) => {\n try {\n const realtimeEvent: RealtimeEvent = JSON.parse(event.data);\n this.handleEvent(realtimeEvent);\n } catch (error) {\n console.error('[ExGuardRealtime] Failed to parse event:', error);\n }\n };\n\n this.websocket.onclose = () => {\n clearTimeout(timeout);\n console.log('[ExGuardRealtime] Disconnected from realtime server');\n this.config.onDisconnect();\n this.handleReconnect();\n };\n\n this.websocket.onerror = (error: any) => {\n clearTimeout(timeout);\n console.error('[ExGuardRealtime] WebSocket error:', error);\n const err = new Error('WebSocket connection error');\n this.config.onError(err);\n if (!this.shouldReconnect) {\n reject(err);\n }\n };\n }\n\n private setupNodeWebSocket(resolve: (value: void) => void, reject: (reason?: any) => void): void {\n const timeout = setTimeout(() => {\n reject(new Error('Connection timeout'));\n }, 10000);\n\n this.websocket.on('open', () => {\n clearTimeout(timeout);\n this.reconnectAttempts = 0;\n console.log('[ExGuardRealtime] Connected to realtime server (Node.js)');\n this.config.onConnect();\n resolve();\n });\n\n this.websocket.on('message', (data: Buffer) => {\n try {\n const realtimeEvent: RealtimeEvent = JSON.parse(data.toString());\n this.handleEvent(realtimeEvent);\n } catch (error) {\n console.error('[ExGuardRealtime] Failed to parse event:', error);\n }\n });\n\n this.websocket.on('close', () => {\n clearTimeout(timeout);\n console.log('[ExGuardRealtime] Disconnected from realtime server');\n this.config.onDisconnect();\n this.handleReconnect();\n });\n\n this.websocket.on('error', (error: any) => {\n clearTimeout(timeout);\n console.error('[ExGuardRealtime] WebSocket error:', error);\n const err = new Error('WebSocket connection error: ' + (error?.message || error));\n this.config.onError(err);\n if (this.shouldReconnect) {\n this.handleReconnect();\n } else {\n reject(err);\n }\n });\n }\n\n /**\n * Disconnect from realtime server\n */\n disconnect(): void {\n this.shouldReconnect = false;\n if (this.websocket) {\n this.websocket.close();\n this.websocket = null;\n }\n }\n\n /**\n * Subscribe to realtime events\n */\n subscribe(eventType: string, handler: RealtimeEventHandler): () => void {\n if (!this.handlers.has(eventType)) {\n this.handlers.set(eventType, new Set());\n }\n \n this.handlers.get(eventType)!.add(handler);\n \n return () => {\n const handlers = this.handlers.get(eventType);\n if (handlers) {\n handlers.delete(handler);\n if (handlers.size === 0) {\n this.handlers.delete(eventType);\n }\n }\n };\n }\n\n /**\n * Subscribe to all realtime events\n */\n subscribeAll(handler: RealtimeEventHandler): () => void {\n const eventTypes = ['rbac_update', 'user_update', 'role_update', 'permission_update'];\n const unsubscribes = eventTypes.map(type => this.subscribe(type, handler));\n \n return () => {\n unsubscribes.forEach(unsub => unsub());\n };\n }\n\n /**\n * Handle incoming realtime events\n */\n private handleEvent(event: RealtimeEvent): void {\n console.log('[ExGuardRealtime] Received event:', event);\n \n const handlers = this.handlers.get(event.type);\n if (handlers) {\n handlers.forEach(handler => {\n try {\n handler(event);\n } catch (error) {\n console.error('[ExGuardRealtime] Event handler error:', error);\n }\n });\n }\n }\n\n /**\n * Handle reconnection logic\n */\n private handleReconnect(): void {\n if (!this.shouldReconnect || !this.config.autoReconnect || !this.currentUrl) {\n return;\n }\n\n if (this.reconnectAttempts < this.config.maxReconnectAttempts) {\n this.reconnectAttempts++;\n const delay = Math.min(\n this.config.reconnectDelay * Math.pow(2, this.reconnectAttempts - 1),\n this.config.reconnectMaxDelay\n );\n \n console.log(`[ExGuardRealtime] Reconnecting in ${delay}ms (attempt ${this.reconnectAttempts})`);\n \n setTimeout(() => {\n this.connect(this.currentUrl!, this.currentToken!).catch(error => {\n console.error('[ExGuardRealtime] Reconnection failed:', error);\n });\n }, delay);\n } else {\n console.error('[ExGuardRealtime] Max reconnection attempts reached');\n }\n }\n\n /**\n * Manually trigger reconnection with current auth\n */\n reconnect(): Promise<void> {\n if (this.currentUrl && this.currentToken) {\n this.reconnectAttempts = 0;\n return this.connect(this.currentUrl, this.currentToken);\n } else if (this.currentUrl) {\n this.reconnectAttempts = 0;\n return this.connect(this.currentUrl);\n }\n return Promise.reject(new Error('No URL configured'));\n }\n\n /**\n * Check if connected\n */\n isConnected(): boolean {\n if (!this.websocket) return false;\n if (this.isNode) {\n return this.websocket.readyState === 1; // WebSocket.OPEN = 1 for ws\n }\n return this.websocket.readyState === WebSocket.OPEN;\n }\n\n /**\n * Get connection status\n */\n getStatus(): 'connecting' | 'connected' | 'disconnected' | 'reconnecting' {\n if (!this.websocket) return 'disconnected';\n if (this.isNode) {\n switch (this.websocket.readyState) {\n case 0: return 'connecting';\n case 1: return 'connected';\n case 2:\n case 3: return 'disconnected';\n default: return 'disconnected';\n }\n }\n switch (this.websocket.readyState) {\n case WebSocket.CONNECTING: return 'connecting';\n case WebSocket.OPEN: return 'connected';\n case WebSocket.CLOSING:\n case WebSocket.CLOSED: return 'disconnected';\n default: return 'disconnected';\n }\n }\n\n /**\n * Send a message to the server\n */\n send(event: Partial<RealtimeEvent>): void {\n if (this.websocket && this.websocket.readyState === WebSocket.OPEN) {\n this.websocket.send(JSON.stringify(event));\n }\n }\n\n /**\n * Update configuration\n */\n updateConfig(config: Partial<ExGuardRealtimeConfig>): void {\n this.config = {\n ...this.config,\n ...config,\n };\n }\n\n /**\n * Connect on-demand with user's access token from request\n * Call this in your guard or middleware with the user's token\n */\n async connectWithUserToken(url: string, accessToken: string): Promise<void> {\n try {\n await this.connect(url, accessToken, true);\n } catch (error) {\n console.warn('[ExGuardRealtime] Failed to connect with user token:', error);\n }\n }\n}\n\n// Factory function for creating realtime instance\nexport function createRealtime(config?: ExGuardRealtimeConfig): ExGuardRealtime {\n return new ExGuardRealtime(config);\n}\n\n// Global realtime instance\nexport const realtime = new ExGuardRealtime();\n","/**\n * Framework-agnostic guards for protecting backend endpoints\n */\n\nimport { ExGuardBackendEnhanced } from './exguard-backend-enhanced.js';\nimport { ExGuardEnhancedConfig, UserAccessResponse, GuardContext, GuardResult, GuardOptions } from './types.js';\n\n// Re-export types for use in other modules\nexport type { GuardContext, GuardResult, GuardOptions, UserAccessResponse };\n\n/**\n * Framework-agnostic guard class for endpoint protection\n */\nexport class ExGuardBackend {\n private exGuard: ExGuardBackendEnhanced;\n\n constructor(config: ExGuardEnhancedConfig) {\n this.exGuard = new ExGuardBackendEnhanced(config);\n }\n\n /**\n * Check if user has specific permissions\n */\n async requirePermissions(\n context: GuardContext, \n permissions: string[], \n options: { requireAll?: boolean } = {}\n ): Promise<GuardResult> {\n try {\n if (options.requireAll) {\n // Require ALL permissions\n const results = await this.exGuard.hasPermissions(context.token, permissions);\n const hasAll = permissions.every(permission => results[permission]);\n \n if (!hasAll) {\n return {\n allowed: false,\n error: `Insufficient permissions. Required: ${permissions.join(', ')}`,\n statusCode: 403\n };\n }\n } else {\n // Require ANY permission (default)\n const hasPermission = await this.exGuard.hasPermissions(context.token, permissions);\n const hasAny = Object.values(hasPermission).some(Boolean);\n \n if (!hasAny) {\n return {\n allowed: false,\n error: `Insufficient permissions. Required any of: ${permissions.join(', ')}`,\n statusCode: 403\n };\n }\n }\n\n const userAccess = await this.exGuard.getUserAccess(context.token);\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Permission check failed',\n statusCode: 500\n };\n }\n }\n\n /**\n * Check if user has specific roles\n */\n async requireRoles(\n context: GuardContext, \n roles: string[], \n options: { requireAll?: boolean } = {}\n ): Promise<GuardResult> {\n try {\n if (options.requireAll) {\n // Require ALL roles\n const results = await this.exGuard.hasRoles(context.token, roles);\n const hasAll = roles.every(role => results[role]);\n \n if (!hasAll) {\n return {\n allowed: false,\n error: `Insufficient roles. Required: ${roles.join(', ')}`,\n statusCode: 403\n };\n }\n } else {\n // Require ANY role (default)\n const hasRole = await this.exGuard.hasRoles(context.token, roles);\n const hasAny = Object.values(hasRole).some(Boolean);\n \n if (!hasAny) {\n return {\n allowed: false,\n error: `Insufficient roles. Required any of: ${roles.join(', ')}`,\n statusCode: 403\n };\n }\n }\n\n const userAccess = await this.exGuard.getUserAccess(context.token);\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Role check failed',\n statusCode: 500\n };\n }\n }\n\n /**\n * Check if user has access to specific modules\n */\n async requireModules(\n context: GuardContext, \n modules: string[], \n options: { requireAll?: boolean } = {}\n ): Promise<GuardResult> {\n try {\n const userAccess = await this.exGuard.getUserAccess(context.token);\n const userModuleKeys = userAccess.modules.map(m => m.key);\n\n let hasAccess: boolean;\n\n if (options.requireAll) {\n // Require ALL modules\n hasAccess = modules.every(module => userModuleKeys.includes(module));\n } else {\n // Require ANY module (default)\n hasAccess = modules.some(module => userModuleKeys.includes(module));\n }\n\n if (!hasAccess) {\n return {\n allowed: false,\n error: `Insufficient module access. Required: ${modules.join(', ')}`,\n statusCode: 403\n };\n }\n\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Module check failed',\n statusCode: 500\n };\n }\n }\n\n /**\n * Check if user has access to specific field offices\n */\n async requireFieldOffices(\n context: GuardContext, \n fieldOffices: string[], \n options: { requireAll?: boolean } = {}\n ): Promise<GuardResult> {\n try {\n const userFieldOffices = await this.exGuard.getUserFieldOffices(context.token);\n\n let hasAccess: boolean;\n\n if (options.requireAll) {\n // Require ALL field offices\n hasAccess = fieldOffices.every(office => userFieldOffices.includes(office));\n } else {\n // Require ANY field office (default)\n hasAccess = fieldOffices.some(office => userFieldOffices.includes(office));\n }\n\n if (!hasAccess) {\n return {\n allowed: false,\n error: `Insufficient field office access. Required: ${fieldOffices.join(', ')}`,\n statusCode: 403\n };\n }\n\n const userAccess = await this.exGuard.getUserAccess(context.token);\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Field office check failed',\n statusCode: 500\n };\n }\n }\n\n /**\n * Flexible guard with multiple requirements\n */\n async require(context: GuardContext, options: GuardOptions): Promise<GuardResult> {\n try {\n const userAccess = await this.exGuard.getUserAccess(context.token);\n let passed = true;\n const failures: string[] = [];\n\n // Check permissions\n if (options.permissions && options.permissions.length > 0) {\n const userPermissions = userAccess.modules.flatMap(m => m.permissions);\n const hasPermissions = options.requireAll\n ? options.permissions.every(p => userPermissions.includes(p))\n : options.permissions.some(p => userPermissions.includes(p));\n \n if (!hasPermissions) {\n passed = false;\n failures.push(`permissions: ${options.permissions.join(', ')}`);\n }\n }\n\n // Check roles\n if (options.roles && options.roles.length > 0) {\n const hasRoles = options.requireAll\n ? options.roles.every(r => userAccess.roles.includes(r))\n : options.roles.some(r => userAccess.roles.includes(r));\n \n if (!hasRoles) {\n passed = false;\n failures.push(`roles: ${options.roles.join(', ')}`);\n }\n }\n\n // Check modules\n if (options.modules && options.modules.length > 0) {\n const userModuleKeys = userAccess.modules.map(m => m.key);\n const hasModules = options.requireAll\n ? options.modules.every(m => userModuleKeys.includes(m))\n : options.modules.some(m => userModuleKeys.includes(m));\n \n if (!hasModules) {\n passed = false;\n failures.push(`modules: ${options.modules.join(', ')}`);\n }\n }\n\n // Check field offices\n if (options.fieldOffices && options.fieldOffices.length > 0) {\n const hasFieldOffices = options.requireAll\n ? options.fieldOffices.every(fo => userAccess.fieldOffices.includes(fo))\n : options.fieldOffices.some(fo => userAccess.fieldOffices.includes(fo));\n \n if (!hasFieldOffices) {\n passed = false;\n failures.push(`field offices: ${options.fieldOffices.join(', ')}`);\n }\n }\n\n if (!passed) {\n return {\n allowed: false,\n error: `Access denied. Missing: ${failures.join('; ')}`,\n statusCode: 403\n };\n }\n\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Access check failed',\n statusCode: 500\n };\n }\n }\n\n /**\n * Simple authentication (just validates token)\n */\n async authenticate(context: GuardContext): Promise<GuardResult> {\n try {\n const userAccess = await this.exGuard.getUserAccess(context.token);\n return { allowed: true, user: userAccess };\n } catch (error) {\n return {\n allowed: false,\n error: 'Authentication failed',\n statusCode: 401\n };\n }\n }\n\n /**\n * Get the underlying ExGuardBackendEnhanced instance\n */\n getExGuard(): ExGuardBackendEnhanced {\n return this.exGuard;\n }\n}\n\n/**\n * Helper function to extract token from various request types\n */\nexport function extractToken(request: any): string | null {\n // Express-style\n if (request.headers?.authorization) {\n const authHeader = request.headers.authorization;\n if (authHeader.startsWith('Bearer ')) {\n return authHeader.substring(7);\n }\n }\n\n // Fastify-style\n if (request.headers?.authorization) {\n const authHeader = request.headers.authorization;\n if (authHeader.startsWith('Bearer ')) {\n return authHeader.substring(7);\n }\n }\n\n // Custom header\n if (request.headers?.['x-access-token']) {\n return request.headers['x-access-token'];\n }\n\n // Query parameter\n if (request.query?.token) {\n return request.query.token;\n }\n\n return null;\n}\n\n/**\n * Create a guard context from a request\n */\nexport function createGuardContext(request: any): GuardContext | null {\n const token = extractToken(request);\n if (!token) {\n return null;\n }\n\n return {\n token,\n request\n };\n}\n","/**\n * Express.js middleware for ExGuard endpoint protection\n */\n\nimport { ExGuardBackend, GuardContext, GuardOptions, extractToken } from './guards.js';\n\n// Conditional types to avoid build errors when express is not installed\ntype Request = any;\ntype Response = any;\ntype NextFunction = any;\n\nexport interface AuthenticatedRequest extends Request {\n user?: {\n id: string;\n cognitoSubId: string;\n username: string;\n email: string;\n roles: string[];\n permissions: string[];\n modules: Array<{ key: string; permissions: string[] }>;\n fieldOffices: string[];\n };\n}\n\n/**\n * Express middleware factory\n */\nexport function createExGuardExpress(config: any) {\n const guard = new ExGuardBackend(config);\n\n return {\n /**\n * Require specific permissions\n */\n requirePermissions(permissions: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requirePermissions(context, permissions, options);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 403).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Require specific roles\n */\n requireRoles(roles: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireRoles(context, roles, options);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 403).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Require module access\n */\n requireModules(modules: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireModules(context, modules, options);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 403).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Require field office access\n */\n requireFieldOffices(fieldOffices: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireFieldOffices(context, fieldOffices, options);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 403).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Flexible guard with multiple requirements\n */\n require(options: GuardOptions) {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.require(context, options);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 403).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Simple authentication middleware\n */\n authenticate() {\n return async (req: AuthenticatedRequest, res: Response, next: NextFunction) => {\n const context = createGuardContext(req);\n if (!context) {\n return res.status(401).json({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.authenticate(context);\n \n if (!result.allowed) {\n return res.status(result.statusCode || 401).json({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n\n next();\n };\n },\n\n /**\n * Get the underlying guard instance\n */\n getGuard(): ExGuardBackend {\n return guard;\n }\n };\n}\n\nfunction createGuardContext(req: Request): GuardContext | null {\n const token = extractToken(req);\n if (!token) {\n return null;\n }\n\n return {\n token,\n request: req\n };\n}\n","/**\n * Fastify plugin for ExGuard endpoint protection\n */\n\nimport { ExGuardBackend, GuardContext, GuardOptions, extractToken } from './guards.js';\n\n// Conditional types to avoid build errors when fastify is not installed\ntype FastifyRequest = any;\ntype FastifyReply = any;\n\nexport interface AuthenticatedRequest extends FastifyRequest {\n user?: {\n id: string;\n cognitoSubId: string;\n username: string;\n email: string;\n roles: string[];\n permissions: string[];\n modules: Array<{ key: string; permissions: string[] }>;\n fieldOffices: string[];\n };\n}\n\n/**\n * Fastify plugin factory\n */\nexport function createExGuardFastify(config: any) {\n const guard = new ExGuardBackend(config);\n\n return {\n /**\n * Require specific permissions\n */\n requirePermissions(permissions: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requirePermissions(context, permissions, options);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 403).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Require specific roles\n */\n requireRoles(roles: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireRoles(context, roles, options);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 403).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Require module access\n */\n requireModules(modules: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireModules(context, modules, options);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 403).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Require field office access\n */\n requireFieldOffices(fieldOffices: string[], options: { requireAll?: boolean } = {}) {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.requireFieldOffices(context, fieldOffices, options);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 403).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Flexible guard with multiple requirements\n */\n require(options: GuardOptions) {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.require(context, options);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 403).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Simple authentication hook\n */\n authenticate() {\n return async (req: AuthenticatedRequest, reply: FastifyReply) => {\n const context = createGuardContext(req);\n if (!context) {\n return reply.status(401).send({\n success: false,\n message: 'No authentication token provided'\n });\n }\n\n const result = await guard.authenticate(context);\n \n if (!result.allowed) {\n return reply.status(result.statusCode || 401).send({\n success: false,\n message: result.error\n });\n }\n\n // Attach user data to request\n if (result.user) {\n req.user = {\n id: result.user.user.id,\n cognitoSubId: result.user.user.cognitoSubId,\n username: result.user.user.username,\n email: result.user.user.email,\n roles: result.user.roles,\n permissions: result.user.modules.flatMap(m => m.permissions),\n modules: result.user.modules,\n fieldOffices: result.user.fieldOffices,\n };\n }\n };\n },\n\n /**\n * Get the underlying guard instance\n */\n getGuard(): ExGuardBackend {\n return guard;\n }\n };\n}\n\nfunction createGuardContext(req: FastifyRequest): GuardContext | null {\n const token = extractToken(req);\n if (!token) {\n return null;\n }\n\n return {\n token,\n request: req\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,eAAAA;AAAA,EAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,mBAAoD;AAO7C,IAAM,iBAAN,MAAqB;AAAA,EAClB;AAAA,EACA;AAAA,EAER,YAAY,QAAuB;AACjC,SAAK,SAAS;AAAA,MACZ,SAAS;AAAA,MACT,GAAG;AAAA,IACL;AAEA,SAAK,SAAS,aAAAC,QAAM,OAAO;AAAA,MACzB,SAAS,KAAK,OAAO;AAAA,MACrB,SAAS,KAAK,OAAO;AAAA,MACrB,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,cAAc,OAA4C;AAC9D,QAAI;AACF,YAAM,WACJ,MAAM,KAAK,OAAO,IAAI,aAAa;AAAA,QACjC,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK;AAAA,QAClC;AAAA,MACF,CAAC;AAEH,UAAI,CAAC,SAAS,KAAK,SAAS;AAC1B,cAAM,IAAI,MAAM,yCAAyC;AAAA,MAC3D;AAEA,aAAO,SAAS,KAAK;AAAA,IACvB,SAAS,OAAO;AACd,UAAI,aAAAA,QAAM,aAAa,KAAK,GAAG;AAC7B,YAAI,MAAM,UAAU,WAAW,KAAK;AAClC,gBAAM,IAAI,MAAM,wCAAwC;AAAA,QAC1D;AACA,cAAM,IAAI,MAAM,cAAc,MAAM,UAAU,MAAM,WAAW,MAAM,OAAO,EAAE;AAAA,MAChF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,cAAc,OAAe,YAAsC;AACvE,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAO,WAAW,QAAQ;AAAA,QAAK,CAAAC,YAC7BA,QAAO,YAAY,SAAS,UAAU;AAAA,MACxC;AAAA,IACF,SAAS,OAAO;AACd,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,QAAQ,OAAe,MAAgC;AAC3D,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAO,WAAW,MAAM,SAAS,IAAI;AAAA,IACvC,SAAS,OAAO;AACd,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,qBAAqB,OAAe,WAAsC;AAC9E,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,YAAMA,UAAS,WAAW,QAAQ,KAAK,OAAK,EAAE,QAAQ,SAAS;AAC/D,aAAOA,SAAQ,eAAe,CAAC;AAAA,IACjC,SAAS,OAAO;AACd,aAAO,CAAC;AAAA,IACV;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,aAAa,OAAkC;AACnD,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAO,WAAW;AAAA,IACpB,SAAS,OAAO;AACd,aAAO,CAAC;AAAA,IACV;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,oBAAoB,OAAkC;AAC1D,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAO,WAAW;AAAA,IACpB,SAAS,OAAO;AACd,aAAO,CAAC;AAAA,IACV;AAAA,EACF;AACF;;;ACnIA,IAAAC,gBAAoD;;;ACU7C,IAAM,eAAN,MAAmB;AAAA,EAChB,QAAQ,oBAAI,IAA6B;AAAA,EACzC,cAAc,oBAAI,IAA6B;AAAA,EAC/C,aAAa;AAAA;AAAA;AAAA;AAAA;AAAA,EAKrB,IAAO,KAAuB;AAC5B,UAAM,QAAQ,KAAK,MAAM,IAAI,GAAG;AAChC,QAAI,CAAC,MAAO,QAAO;AAGnB,QAAI,KAAK,IAAI,IAAI,MAAM,YAAY,MAAM,KAAK;AAC5C,WAAK,MAAM,OAAO,GAAG;AACrB,aAAO;AAAA,IACT;AAEA,WAAO,MAAM;AAAA,EACf;AAAA;AAAA;AAAA;AAAA,EAKA,IAAO,KAAa,MAAS,KAAoB;AAC/C,SAAK,MAAM,IAAI,KAAK;AAAA,MAClB;AAAA,MACA,WAAW,KAAK,IAAI;AAAA,MACpB,KAAK,OAAO,KAAK;AAAA,IACnB,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,KAAsB;AAC3B,UAAM,UAAU,KAAK,MAAM,OAAO,GAAG;AACrC,QAAI,SAAS;AACX,WAAK,kBAAkB,GAAG;AAAA,IAC5B;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,QAAc;AACZ,UAAM,OAAO,MAAM,KAAK,KAAK,MAAM,KAAK,CAAC;AACzC,SAAK,MAAM,MAAM;AACjB,SAAK,QAAQ,SAAO,KAAK,kBAAkB,GAAG,CAAC;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,eAAe,QAAsB;AACnC,UAAM,eAAe,MAAM,KAAK,KAAK,MAAM,KAAK,CAAC,EAAE;AAAA,MAAO,SACxD,IAAI,WAAW,QAAQ,MAAM,GAAG;AAAA,IAClC;AAEA,iBAAa,QAAQ,SAAO;AAC1B,WAAK,MAAM,OAAO,GAAG;AACrB,WAAK,kBAAkB,GAAG;AAAA,IAC5B,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,UAAU,KAAa,UAAkC;AACvD,QAAI,CAAC,KAAK,YAAY,IAAI,GAAG,GAAG;AAC9B,WAAK,YAAY,IAAI,KAAK,oBAAI,IAAI,CAAC;AAAA,IACrC;AAEA,SAAK,YAAY,IAAI,GAAG,EAAG,IAAI,QAAQ;AAGvC,WAAO,MAAM;AACX,YAAM,YAAY,KAAK,YAAY,IAAI,GAAG;AAC1C,UAAI,WAAW;AACb,kBAAU,OAAO,QAAQ;AACzB,YAAI,UAAU,SAAS,GAAG;AACxB,eAAK,YAAY,OAAO,GAAG;AAAA,QAC7B;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,kBAAkB,KAAmB;AAC3C,UAAM,YAAY,KAAK,YAAY,IAAI,GAAG;AAC1C,QAAI,WAAW;AACb,gBAAU,QAAQ,cAAY;AAC5B,YAAI;AACF,mBAAS;AAAA,QACX,SAAS,OAAO;AACd,kBAAQ,MAAM,2BAA2B,KAAK;AAAA,QAChD;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,WAA6C;AAC3C,WAAO;AAAA,MACL,MAAM,KAAK,MAAM;AAAA,MACjB,MAAM,MAAM,KAAK,KAAK,MAAM,KAAK,CAAC;AAAA,IACpC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,UAAgB;AACd,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,eAAyB,CAAC;AAEhC,SAAK,MAAM,QAAQ,CAAC,OAAO,QAAQ;AACjC,UAAI,MAAM,MAAM,YAAY,MAAM,KAAK;AACrC,qBAAa,KAAK,GAAG;AAAA,MACvB;AAAA,IACF,CAAC;AAED,iBAAa,QAAQ,SAAO;AAC1B,WAAK,MAAM,OAAO,GAAG;AACrB,WAAK,kBAAkB,GAAG;AAAA,IAC5B,CAAC;AAAA,EACH;AACF;AAGO,IAAM,QAAQ,IAAI,aAAa;;;AC5ItC,IAAI;AACJ,IAAI,OAAO,WAAW,aAAa;AACjC,MAAI;AACF,oBAAgB,QAAQ,IAAI;AAAA,EAC9B,QAAQ;AACN,oBAAgB;AAAA,EAClB;AACF,OAAO;AACL,kBAAgB;AAClB;AAsCO,IAAM,kBAAN,MAAsB;AAAA,EACnB,WAAW,oBAAI,IAAuC;AAAA,EACtD,YAAiB;AAAA,EACjB,oBAAoB;AAAA,EACpB;AAAA,EACA,aAA4B;AAAA,EAC5B,eAA8B;AAAA,EAC9B,kBAAkB;AAAA,EAClB,SAAS,OAAO,WAAW;AAAA,EAEnC,YAAY,SAAgC,CAAC,GAAG;AAC9C,SAAK,SAAS;AAAA,MACZ,eAAe,OAAO,iBAAiB;AAAA,MACvC,sBAAsB,OAAO,wBAAwB;AAAA,MACrD,gBAAgB,OAAO,kBAAkB;AAAA,MACzC,mBAAmB,OAAO,qBAAqB;AAAA,MAC/C,WAAW,OAAO,cAAc,MAAM;AAAA,MAAC;AAAA,MACvC,cAAc,OAAO,iBAAiB,MAAM;AAAA,MAAC;AAAA,MAC7C,SAAS,OAAO,YAAY,CAAC,UAAiB,QAAQ,MAAM,4BAA4B,KAAK;AAAA,MAC7F,aAAa,OAAO,eAAe;AAAA,IACrC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,KAAK,KAAc,aAAqC;AAC5D,QAAI,KAAK;AACP,WAAK,aAAa;AAClB,WAAK,eAAe,eAAe;AACnC,UAAI,KAAK,OAAO,aAAa;AAC3B,YAAI;AACF,gBAAM,KAAK,QAAQ,KAAK,WAAW;AAAA,QACrC,SAAS,OAAO;AACd,kBAAQ,KAAK,gEAAgE,KAAK;AAAA,QACpF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,QAAQ,KAAa,MAAqC,SAAS,OAAsB;AACvF,QAAI;AACJ,QAAI,WAAyD;AAE7D,QAAI,OAAO,SAAS,UAAU;AAC5B,kBAAY;AACZ,iBAAW;AAAA,IACb,WAAW,MAAM,aAAa;AAC5B,kBAAY,KAAK;AACjB,iBAAW;AAAA,IACb,WAAW,MAAM,QAAQ;AACvB,kBAAY,KAAK;AACjB,iBAAW;AAAA,IACb,WAAW,MAAM,aAAa;AAC5B,kBAAY,KAAK;AACjB,iBAAW;AAAA,IACb;AAEA,WAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,WAAK,kBAAkB;AACvB,WAAK,aAAa;AAClB,WAAK,eAAe,aAAa;AAEjC,UAAI,CAAC,eAAe;AAClB,cAAM,MAAM,IAAI,MAAM,8EAA8E;AACpG,aAAK,OAAO,QAAQ,GAAG;AACvB,YAAI,CAAC,OAAQ,QAAO,GAAG;AACvB;AAAA,MACF;AAEA,UAAI;AACF,YAAI,QAAQ;AACZ,YAAI,aAAa,UAAU;AACzB,cAAI,aAAa,UAAU;AACzB,oBAAQ,GAAG,GAAG,WAAW,mBAAmB,SAAS,CAAC;AAAA,UACxD,OAAO;AACL,oBAAQ,GAAG,GAAG,IAAI,QAAQ,IAAI,mBAAmB,SAAS,CAAC;AAAA,UAC7D;AAAA,QACF;AAEA,YAAI,KAAK,UAAU,kBAAkB,QAAQ,IAAI,GAAG;AAClD,eAAK,YAAY,IAAI,cAAc,KAAK;AACxC,eAAK,mBAAmB,SAAS,MAAM;AAAA,QACzC,OAAO;AACL,eAAK,YAAY,IAAI,cAAc,KAAK;AACxC,eAAK,sBAAsB,SAAS,MAAM;AAAA,QAC5C;AAAA,MACF,SAAS,OAAO;AACd,eAAO,KAAK;AAAA,MACd;AAAA,IACF,CAAC;AAAA,EACH;AAAA,EAEQ,sBAAsB,SAAgC,QAAsC;AAClG,UAAM,UAAU,WAAW,MAAM;AAC/B,aAAO,IAAI,MAAM,oBAAoB,CAAC;AAAA,IACxC,GAAG,GAAK;AAER,SAAK,UAAU,SAAS,MAAM;AAC5B,mBAAa,OAAO;AACpB,WAAK,oBAAoB;AACzB,cAAQ,IAAI,gDAAgD;AAC5D,WAAK,OAAO,UAAU;AACtB,cAAQ;AAAA,IACV;AAEA,SAAK,UAAU,YAAY,CAAC,UAAe;AACzC,UAAI;AACF,cAAM,gBAA+B,KAAK,MAAM,MAAM,IAAI;AAC1D,aAAK,YAAY,aAAa;AAAA,MAChC,SAAS,OAAO;AACd,gBAAQ,MAAM,4CAA4C,KAAK;AAAA,MACjE;AAAA,IACF;AAEA,SAAK,UAAU,UAAU,MAAM;AAC7B,mBAAa,OAAO;AACpB,cAAQ,IAAI,qDAAqD;AACjE,WAAK,OAAO,aAAa;AACzB,WAAK,gBAAgB;AAAA,IACvB;AAEA,SAAK,UAAU,UAAU,CAAC,UAAe;AACvC,mBAAa,OAAO;AACpB,cAAQ,MAAM,sCAAsC,KAAK;AACzD,YAAM,MAAM,IAAI,MAAM,4BAA4B;AAClD,WAAK,OAAO,QAAQ,GAAG;AACvB,UAAI,CAAC,KAAK,iBAAiB;AACzB,eAAO,GAAG;AAAA,MACZ;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,mBAAmB,SAAgC,QAAsC;AAC/F,UAAM,UAAU,WAAW,MAAM;AAC/B,aAAO,IAAI,MAAM,oBAAoB,CAAC;AAAA,IACxC,GAAG,GAAK;AAER,SAAK,UAAU,GAAG,QAAQ,MAAM;AAC9B,mBAAa,OAAO;AACpB,WAAK,oBAAoB;AACzB,cAAQ,IAAI,0DAA0D;AACtE,WAAK,OAAO,UAAU;AACtB,cAAQ;AAAA,IACV,CAAC;AAED,SAAK,UAAU,GAAG,WAAW,CAAC,SAAiB;AAC7C,UAAI;AACF,cAAM,gBAA+B,KAAK,MAAM,KAAK,SAAS,CAAC;AAC/D,aAAK,YAAY,aAAa;AAAA,MAChC,SAAS,OAAO;AACd,gBAAQ,MAAM,4CAA4C,KAAK;AAAA,MACjE;AAAA,IACF,CAAC;AAED,SAAK,UAAU,GAAG,SAAS,MAAM;AAC/B,mBAAa,OAAO;AACpB,cAAQ,IAAI,qDAAqD;AACjE,WAAK,OAAO,aAAa;AACzB,WAAK,gBAAgB;AAAA,IACvB,CAAC;AAED,SAAK,UAAU,GAAG,SAAS,CAAC,UAAe;AACzC,mBAAa,OAAO;AACpB,cAAQ,MAAM,sCAAsC,KAAK;AACzD,YAAM,MAAM,IAAI,MAAM,kCAAkC,OAAO,WAAW,MAAM;AAChF,WAAK,OAAO,QAAQ,GAAG;AACvB,UAAI,KAAK,iBAAiB;AACxB,aAAK,gBAAgB;AAAA,MACvB,OAAO;AACL,eAAO,GAAG;AAAA,MACZ;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA,EAKA,aAAmB;AACjB,SAAK,kBAAkB;AACvB,QAAI,KAAK,WAAW;AAClB,WAAK,UAAU,MAAM;AACrB,WAAK,YAAY;AAAA,IACnB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,UAAU,WAAmB,SAA2C;AACtE,QAAI,CAAC,KAAK,SAAS,IAAI,SAAS,GAAG;AACjC,WAAK,SAAS,IAAI,WAAW,oBAAI,IAAI,CAAC;AAAA,IACxC;AAEA,SAAK,SAAS,IAAI,SAAS,EAAG,IAAI,OAAO;AAEzC,WAAO,MAAM;AACX,YAAM,WAAW,KAAK,SAAS,IAAI,SAAS;AAC5C,UAAI,UAAU;AACZ,iBAAS,OAAO,OAAO;AACvB,YAAI,SAAS,SAAS,GAAG;AACvB,eAAK,SAAS,OAAO,SAAS;AAAA,QAChC;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,SAA2C;AACtD,UAAM,aAAa,CAAC,eAAe,eAAe,eAAe,mBAAmB;AACpF,UAAM,eAAe,WAAW,IAAI,UAAQ,KAAK,UAAU,MAAM,OAAO,CAAC;AAEzE,WAAO,MAAM;AACX,mBAAa,QAAQ,WAAS,MAAM,CAAC;AAAA,IACvC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,YAAY,OAA4B;AAC9C,YAAQ,IAAI,qCAAqC,KAAK;AAEtD,UAAM,WAAW,KAAK,SAAS,IAAI,MAAM,IAAI;AAC7C,QAAI,UAAU;AACZ,eAAS,QAAQ,aAAW;AAC1B,YAAI;AACF,kBAAQ,KAAK;AAAA,QACf,SAAS,OAAO;AACd,kBAAQ,MAAM,0CAA0C,KAAK;AAAA,QAC/D;AAAA,MACF,CAAC;AAAA,IACH;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKQ,kBAAwB;AAC9B,QAAI,CAAC,KAAK,mBAAmB,CAAC,KAAK,OAAO,iBAAiB,CAAC,KAAK,YAAY;AAC3E;AAAA,IACF;AAEA,QAAI,KAAK,oBAAoB,KAAK,OAAO,sBAAsB;AAC7D,WAAK;AACL,YAAM,QAAQ,KAAK;AAAA,QACjB,KAAK,OAAO,iBAAiB,KAAK,IAAI,GAAG,KAAK,oBAAoB,CAAC;AAAA,QACnE,KAAK,OAAO;AAAA,MACd;AAEA,cAAQ,IAAI,qCAAqC,KAAK,eAAe,KAAK,iBAAiB,GAAG;AAE9F,iBAAW,MAAM;AACf,aAAK,QAAQ,KAAK,YAAa,KAAK,YAAa,EAAE,MAAM,WAAS;AAChE,kBAAQ,MAAM,0CAA0C,KAAK;AAAA,QAC/D,CAAC;AAAA,MACH,GAAG,KAAK;AAAA,IACV,OAAO;AACL,cAAQ,MAAM,qDAAqD;AAAA,IACrE;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,YAA2B;AACzB,QAAI,KAAK,cAAc,KAAK,cAAc;AACxC,WAAK,oBAAoB;AACzB,aAAO,KAAK,QAAQ,KAAK,YAAY,KAAK,YAAY;AAAA,IACxD,WAAW,KAAK,YAAY;AAC1B,WAAK,oBAAoB;AACzB,aAAO,KAAK,QAAQ,KAAK,UAAU;AAAA,IACrC;AACA,WAAO,QAAQ,OAAO,IAAI,MAAM,mBAAmB,CAAC;AAAA,EACtD;AAAA;AAAA;AAAA;AAAA,EAKA,cAAuB;AACrB,QAAI,CAAC,KAAK,UAAW,QAAO;AAC5B,QAAI,KAAK,QAAQ;AACf,aAAO,KAAK,UAAU,eAAe;AAAA,IACvC;AACA,WAAO,KAAK,UAAU,eAAe,UAAU;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,YAA0E;AACxE,QAAI,CAAC,KAAK,UAAW,QAAO;AAC5B,QAAI,KAAK,QAAQ;AACf,cAAQ,KAAK,UAAU,YAAY;AAAA,QACjC,KAAK;AAAG,iBAAO;AAAA,QACf,KAAK;AAAG,iBAAO;AAAA,QACf,KAAK;AAAA,QACL,KAAK;AAAG,iBAAO;AAAA,QACf;AAAS,iBAAO;AAAA,MAClB;AAAA,IACF;AACA,YAAQ,KAAK,UAAU,YAAY;AAAA,MACjC,KAAK,UAAU;AAAY,eAAO;AAAA,MAClC,KAAK,UAAU;AAAM,eAAO;AAAA,MAC5B,KAAK,UAAU;AAAA,MACf,KAAK,UAAU;AAAQ,eAAO;AAAA,MAC9B;AAAS,eAAO;AAAA,IAClB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,KAAK,OAAqC;AACxC,QAAI,KAAK,aAAa,KAAK,UAAU,eAAe,UAAU,MAAM;AAClE,WAAK,UAAU,KAAK,KAAK,UAAU,KAAK,CAAC;AAAA,IAC3C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,QAA8C;AACzD,SAAK,SAAS;AAAA,MACZ,GAAG,KAAK;AAAA,MACR,GAAG;AAAA,IACL;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,qBAAqB,KAAa,aAAoC;AAC1E,QAAI;AACF,YAAM,KAAK,QAAQ,KAAK,aAAa,IAAI;AAAA,IAC3C,SAAS,OAAO;AACd,cAAQ,KAAK,wDAAwD,KAAK;AAAA,IAC5E;AAAA,EACF;AACF;AAGO,SAAS,eAAe,QAAiD;AAC9E,SAAO,IAAI,gBAAgB,MAAM;AACnC;AAGO,IAAM,WAAW,IAAI,gBAAgB;;;AFpXrC,IAAM,yBAAN,MAA6B;AAAA,EAC1B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,SAAwB;AAAA,EACxB,uBAAuB;AAAA,EAE/B,YAAY,QAA+B;AACzC,SAAK,SAAS;AAAA,MACZ,SAAS;AAAA,MACT,OAAO;AAAA,QACL,SAAS;AAAA,QACT,KAAK;AAAA,MACP;AAAA,MACA,UAAU;AAAA,QACR,SAAS;AAAA,QACT,eAAe;AAAA,QACf,sBAAsB;AAAA,QACtB,gBAAgB;AAAA,MAClB;AAAA,MACA,GAAG;AAAA,IACL;AAEA,SAAK,QAAQ;AAEb,UAAM,iBAAwC;AAAA,MAC5C,eAAe,KAAK,OAAO,UAAU,iBAAiB;AAAA,MACtD,sBAAsB,KAAK,OAAO,UAAU,wBAAwB;AAAA,MACpE,gBAAgB,KAAK,OAAO,UAAU,kBAAkB;AAAA,MACxD,WAAW,MAAM;AACf,aAAK,uBAAuB;AAC5B,aAAK,OAAO,UAAU,YAAY;AAAA,MACpC;AAAA,MACA,cAAc,MAAM;AAClB,aAAK,uBAAuB;AAC5B,aAAK,OAAO,UAAU,eAAe;AAAA,MACvC;AAAA,MACA,SAAS,CAAC,UAAU;AAClB,aAAK,OAAO,UAAU,UAAU,KAAK;AAAA,MACvC;AAAA,IACF;AAEA,SAAK,WAAW,eAAe,cAAc;AAE7C,SAAK,SAAS,cAAAC,QAAM,OAAO;AAAA,MACzB,SAAS,KAAK,OAAO;AAAA,MACrB,SAAS,KAAK,OAAO;AAAA,MACrB,SAAS;AAAA,QACP,gBAAgB;AAAA,MAClB;AAAA,IACF,CAAC;AAED,QAAI,KAAK,OAAO,UAAU,WAAW,KAAK,OAAO,SAAS,KAAK;AAC7D,WAAK,cAAc;AAAA,IACrB;AAEA,gBAAY,MAAM;AAChB,WAAK,MAAM,QAAQ;AAAA,IACrB,GAAG,GAAK;AAAA,EACV;AAAA,EAEA,MAAc,gBAA+B;AAC3C,QAAI,CAAC,KAAK,OAAO,UAAU,KAAK;AAC9B;AAAA,IACF;AAEA,QAAI;AACF,YAAM,KAAK,SAAS;AAAA,QAClB,KAAK,OAAO,SAAS;AAAA,QACrB,KAAK,OAAO,SAAS;AAAA,MACvB;AAEA,WAAK,SAAS,UAAU,eAAe,CAAC,UAAyB;AAC/D,gBAAQ,IAAI,0CAA0C,KAAK;AAC3D,aAAK,OAAO,UAAU,eAAe,KAAK;AAE1C,YAAI,MAAM,QAAQ;AAChB,eAAK,MAAM,eAAe,MAAM,MAAM;AAAA,QACxC,OAAO;AACL,eAAK,MAAM,MAAM;AAAA,QACnB;AAAA,MACF,CAAC;AAED,WAAK,SAAS,UAAU,eAAe,CAAC,UAAyB;AAC/D,gBAAQ,IAAI,0CAA0C,KAAK;AAC3D,aAAK,OAAO,UAAU,eAAe,KAAK;AAE1C,YAAI,MAAM,QAAQ;AAChB,eAAK,MAAM,eAAe,MAAM,MAAM;AAAA,QACxC;AAAA,MACF,CAAC;AAED,WAAK,SAAS,UAAU,eAAe,CAAC,UAAyB;AAC/D,gBAAQ,IAAI,0CAA0C,KAAK;AAC3D,YAAI,MAAM,QAAQ;AAChB,eAAK,MAAM,eAAe,MAAM,MAAM;AAAA,QACxC,OAAO;AACL,eAAK,MAAM,MAAM;AAAA,QACnB;AAAA,MACF,CAAC;AAED,WAAK,SAAS,UAAU,qBAAqB,CAAC,UAAyB;AACrE,gBAAQ,IAAI,gDAAgD,KAAK;AACjE,YAAI,MAAM,QAAQ;AAChB,eAAK,MAAM,eAAe,MAAM,MAAM;AAAA,QACxC,OAAO;AACL,eAAK,MAAM,MAAM;AAAA,QACnB;AAAA,MACF,CAAC;AAAA,IAEH,SAAS,OAAO;AACd,cAAQ,KAAK,uEAAuE,KAAK;AAAA,IAC3F;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,KAAc,aAAqC;AACvE,UAAM,QAAQ,OAAO,KAAK,OAAO,UAAU;AAC3C,UAAM,UAAU,eAAe,KAAK,OAAO,UAAU;AAErD,QAAI,CAAC,OAAO;AACV,YAAM,IAAI,MAAM,2BAA2B;AAAA,IAC7C;AAEA,UAAM,KAAK,cAAc;AAAA,EAC3B;AAAA;AAAA;AAAA;AAAA,EAKA,qBAA2B;AACzB,SAAK,SAAS,WAAW;AAAA,EAC3B;AAAA;AAAA;AAAA;AAAA,EAKA,sBAA+B;AAC7B,WAAO,KAAK,wBAAwB,KAAK,SAAS,YAAY;AAAA,EAChE;AAAA;AAAA;AAAA;AAAA,EAKA,oBAAkF;AAChF,WAAO,KAAK,SAAS,UAAU;AAAA,EACjC;AAAA;AAAA;AAAA;AAAA,EAKA,oBAAoB,WAAmB,SAAqD;AAC1F,WAAO,KAAK,SAAS,UAAU,WAAW,OAAO;AAAA,EACnD;AAAA;AAAA;AAAA;AAAA,EAKA,uBAAuB,SAAqD;AAC1E,WAAO,KAAK,SAAS,aAAa,OAAO;AAAA,EAC3C;AAAA,EAEQ,uBAAuB,OAA8B;AAC3D,QAAI;AACF,YAAM,UAAU,KAAK,MAAM,KAAK,MAAM,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC;AACpD,aAAO,QAAQ,OAAO;AAAA,IACxB,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEQ,YAAY,OAAe,SAAiB,IAAY;AAC9D,UAAM,SAAS,KAAK,uBAAuB,KAAK,KAAK;AACrD,WAAO,QAAQ,MAAM,IAAI,MAAM;AAAA,EACjC;AAAA,EAEA,MAAM,cAAc,OAA4C;AAC9D,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,aAAO,KAAK,gBAAgB,KAAK;AAAA,IACnC;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,QAAQ;AACjD,UAAM,SAAS,KAAK,MAAM,IAAwB,QAAQ;AAE1D,QAAI,QAAQ;AACV,cAAQ,IAAI,4CAA4C;AACxD,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,mDAAmD;AAC/D,UAAM,OAAO,MAAM,KAAK,gBAAgB,KAAK;AAE7C,SAAK,MAAM,IAAI,UAAU,MAAM,KAAK,OAAO,MAAM,GAAG;AAEpD,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,gBAAgB,OAA4C;AACxE,QAAI;AACF,YAAM,WACJ,MAAM,KAAK,OAAO,IAAI,aAAa;AAAA,QACjC,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK;AAAA,QAClC;AAAA,MACF,CAAC;AAEH,UAAI,CAAC,SAAS,KAAK,SAAS;AAC1B,cAAM,IAAI,MAAM,yCAAyC;AAAA,MAC3D;AAEA,aAAO,SAAS,KAAK;AAAA,IACvB,SAAS,OAAO;AACd,UAAI,cAAAA,QAAM,aAAa,KAAK,GAAG;AAC7B,YAAI,MAAM,UAAU,WAAW,KAAK;AAClC,gBAAM,IAAI,MAAM,wCAAwC;AAAA,QAC1D;AACA,cAAM,IAAI,MAAM,cAAc,MAAM,UAAU,MAAM,WAAW,MAAM,OAAO,EAAE;AAAA,MAChF;AACA,YAAM;AAAA,IACR;AAAA,EACF;AAAA,EAEA,MAAM,cAAc,OAAe,YAAsC;AACvE,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,YAAMC,cAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAOA,YAAW,QAAQ;AAAA,QAAK,CAAAC,YAC7BA,QAAO,YAAY,SAAS,UAAU;AAAA,MACxC;AAAA,IACF;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,cAAc,UAAU,EAAE;AACnE,UAAM,SAAS,KAAK,MAAM,IAAa,QAAQ;AAE/C,QAAI,WAAW,MAAM;AACnB,cAAQ,IAAI,8CAA8C,UAAU,EAAE;AACtE,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,qDAAqD,UAAU,EAAE;AAC7E,UAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,UAAM,gBAAgB,WAAW,QAAQ;AAAA,MAAK,CAAAA,YAC5CA,QAAO,YAAY,SAAS,UAAU;AAAA,IACxC;AAEA,SAAK,MAAM,IAAI,UAAU,eAAe,KAAK,OAAO,MAAM,MAAO,CAAC;AAElE,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,QAAQ,OAAe,MAAgC;AAC3D,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,YAAMD,cAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAOA,YAAW,MAAM,SAAS,IAAI;AAAA,IACvC;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,QAAQ,IAAI,EAAE;AACvD,UAAM,SAAS,KAAK,MAAM,IAAa,QAAQ;AAE/C,QAAI,WAAW,MAAM;AACnB,cAAQ,IAAI,wCAAwC,IAAI,EAAE;AAC1D,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,+CAA+C,IAAI,EAAE;AACjE,UAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,UAAM,UAAU,WAAW,MAAM,SAAS,IAAI;AAE9C,SAAK,MAAM,IAAI,UAAU,SAAS,KAAK,OAAO,MAAM,MAAO,CAAC;AAE5D,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,qBAAqB,OAAe,WAAsC;AAC9E,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,YAAMA,cAAa,MAAM,KAAK,cAAc,KAAK;AACjD,YAAMC,UAASD,YAAW,QAAQ,KAAK,OAAK,EAAE,QAAQ,SAAS;AAC/D,aAAOC,SAAQ,eAAe,CAAC;AAAA,IACjC;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,UAAU,SAAS,EAAE;AAC9D,UAAM,SAAS,KAAK,MAAM,IAAc,QAAQ;AAEhD,QAAI,WAAW,MAAM;AACnB,cAAQ,IAAI,0CAA0C,SAAS,EAAE;AACjE,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,6DAA6D,SAAS,EAAE;AACpF,UAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,UAAMA,UAAS,WAAW,QAAQ,KAAK,OAAK,EAAE,QAAQ,SAAS;AAC/D,UAAM,cAAcA,SAAQ,eAAe,CAAC;AAE5C,SAAK,MAAM,IAAI,UAAU,aAAa,KAAK,OAAO,MAAM,GAAG;AAE3D,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,aAAa,OAAkC;AACnD,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,YAAMD,cAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAOA,YAAW;AAAA,IACpB;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,OAAO;AAChD,UAAM,SAAS,KAAK,MAAM,IAAc,QAAQ;AAEhD,QAAI,WAAW,MAAM;AACnB,cAAQ,IAAI,2CAA2C;AACvD,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,kDAAkD;AAC9D,UAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,UAAM,QAAQ,WAAW;AAEzB,SAAK,MAAM,IAAI,UAAU,OAAO,KAAK,OAAO,MAAM,GAAG;AAErD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,oBAAoB,OAAkC;AAC1D,QAAI,CAAC,KAAK,OAAO,OAAO,SAAS;AAC/B,YAAMA,cAAa,MAAM,KAAK,cAAc,KAAK;AACjD,aAAOA,YAAW;AAAA,IACpB;AAEA,UAAM,WAAW,KAAK,YAAY,OAAO,eAAe;AACxD,UAAM,SAAS,KAAK,MAAM,IAAc,QAAQ;AAEhD,QAAI,WAAW,MAAM;AACnB,cAAQ,IAAI,8CAA8C;AAC1D,aAAO;AAAA,IACT;AAEA,YAAQ,IAAI,qDAAqD;AACjE,UAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AACjD,UAAM,eAAe,WAAW;AAEhC,SAAK,MAAM,IAAI,UAAU,cAAc,KAAK,OAAO,MAAM,GAAG;AAE5D,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,eAAe,OAAe,aAAyD;AAC3F,UAAM,UAAmC,CAAC;AAC1C,UAAM,sBAAgC,CAAC;AAEvC,eAAW,cAAc,aAAa;AACpC,UAAI,KAAK,OAAO,OAAO,SAAS;AAC9B,cAAM,WAAW,KAAK,YAAY,OAAO,cAAc,UAAU,EAAE;AACnE,cAAM,SAAS,KAAK,MAAM,IAAa,QAAQ;AAE/C,YAAI,WAAW,MAAM;AACnB,kBAAQ,UAAU,IAAI;AAAA,QACxB,OAAO;AACL,8BAAoB,KAAK,UAAU;AAAA,QACrC;AAAA,MACF,OAAO;AACL,4BAAoB,KAAK,UAAU;AAAA,MACrC;AAAA,IACF;AAEA,QAAI,oBAAoB,SAAS,GAAG;AAClC,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AAEjD,iBAAW,cAAc,qBAAqB;AAC5C,cAAM,gBAAgB,WAAW,QAAQ;AAAA,UAAK,CAAAC,YAC5CA,QAAO,YAAY,SAAS,UAAU;AAAA,QACxC;AACA,gBAAQ,UAAU,IAAI;AAEtB,YAAI,KAAK,OAAO,OAAO,SAAS;AAC9B,gBAAM,WAAW,KAAK,YAAY,OAAO,cAAc,UAAU,EAAE;AACnE,eAAK,MAAM,IAAI,UAAU,eAAe,KAAK,OAAO,MAAM,MAAO,CAAC;AAAA,QACpE;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,OAAe,OAAmD;AAC/E,UAAM,UAAmC,CAAC;AAC1C,UAAM,gBAA0B,CAAC;AAEjC,eAAW,QAAQ,OAAO;AACxB,UAAI,KAAK,OAAO,OAAO,SAAS;AAC9B,cAAM,WAAW,KAAK,YAAY,OAAO,QAAQ,IAAI,EAAE;AACvD,cAAM,SAAS,KAAK,MAAM,IAAa,QAAQ;AAE/C,YAAI,WAAW,MAAM;AACnB,kBAAQ,IAAI,IAAI;AAAA,QAClB,OAAO;AACL,wBAAc,KAAK,IAAI;AAAA,QACzB;AAAA,MACF,OAAO;AACL,sBAAc,KAAK,IAAI;AAAA,MACzB;AAAA,IACF;AAEA,QAAI,cAAc,SAAS,GAAG;AAC5B,YAAM,aAAa,MAAM,KAAK,cAAc,KAAK;AAEjD,iBAAW,QAAQ,eAAe;AAChC,cAAM,UAAU,WAAW,MAAM,SAAS,IAAI;AAC9C,gBAAQ,IAAI,IAAI;AAEhB,YAAI,KAAK,OAAO,OAAO,SAAS;AAC9B,gBAAM,WAAW,KAAK,YAAY,OAAO,QAAQ,IAAI,EAAE;AACvD,eAAK,MAAM,IAAI,UAAU,SAAS,KAAK,OAAO,MAAM,MAAO,CAAC;AAAA,QAC9D;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA,EAEA,eAAe,OAAqB;AAClC,UAAM,SAAS,KAAK,uBAAuB,KAAK;AAChD,QAAI,QAAQ;AACV,WAAK,MAAM,eAAe,MAAM;AAChC,cAAQ,IAAI,4CAA4C,MAAM,EAAE;AAAA,IAClE;AAAA,EACF;AAAA,EAEA,gBAAsB;AACpB,SAAK,MAAM,MAAM;AACjB,YAAQ,IAAI,oCAAoC;AAAA,EAClD;AAAA,EAEA,gBAAkD;AAChD,WAAO,KAAK,MAAM,SAAS;AAAA,EAC7B;AAAA,EAEA,aAAmB;AACjB,SAAK,SAAS,WAAW;AAAA,EAC3B;AACF;;;AG/cO,IAAMC,kBAAN,MAAqB;AAAA,EAClB;AAAA,EAER,YAAY,QAA+B;AACzC,SAAK,UAAU,IAAI,uBAAuB,MAAM;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,mBACJ,SACA,aACA,UAAoC,CAAC,GACf;AACtB,QAAI;AACF,UAAI,QAAQ,YAAY;AAEtB,cAAM,UAAU,MAAM,KAAK,QAAQ,eAAe,QAAQ,OAAO,WAAW;AAC5E,cAAM,SAAS,YAAY,MAAM,gBAAc,QAAQ,UAAU,CAAC;AAElE,YAAI,CAAC,QAAQ;AACX,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO,uCAAuC,YAAY,KAAK,IAAI,CAAC;AAAA,YACpE,YAAY;AAAA,UACd;AAAA,QACF;AAAA,MACF,OAAO;AAEL,cAAM,gBAAgB,MAAM,KAAK,QAAQ,eAAe,QAAQ,OAAO,WAAW;AAClF,cAAM,SAAS,OAAO,OAAO,aAAa,EAAE,KAAK,OAAO;AAExD,YAAI,CAAC,QAAQ;AACX,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO,8CAA8C,YAAY,KAAK,IAAI,CAAC;AAAA,YAC3E,YAAY;AAAA,UACd;AAAA,QACF;AAAA,MACF;AAEA,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aACJ,SACA,OACA,UAAoC,CAAC,GACf;AACtB,QAAI;AACF,UAAI,QAAQ,YAAY;AAEtB,cAAM,UAAU,MAAM,KAAK,QAAQ,SAAS,QAAQ,OAAO,KAAK;AAChE,cAAM,SAAS,MAAM,MAAM,UAAQ,QAAQ,IAAI,CAAC;AAEhD,YAAI,CAAC,QAAQ;AACX,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO,iCAAiC,MAAM,KAAK,IAAI,CAAC;AAAA,YACxD,YAAY;AAAA,UACd;AAAA,QACF;AAAA,MACF,OAAO;AAEL,cAAM,UAAU,MAAM,KAAK,QAAQ,SAAS,QAAQ,OAAO,KAAK;AAChE,cAAM,SAAS,OAAO,OAAO,OAAO,EAAE,KAAK,OAAO;AAElD,YAAI,CAAC,QAAQ;AACX,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO,wCAAwC,MAAM,KAAK,IAAI,CAAC;AAAA,YAC/D,YAAY;AAAA,UACd;AAAA,QACF;AAAA,MACF;AAEA,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,eACJ,SACA,SACA,UAAoC,CAAC,GACf;AACtB,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,YAAM,iBAAiB,WAAW,QAAQ,IAAI,OAAK,EAAE,GAAG;AAExD,UAAI;AAEJ,UAAI,QAAQ,YAAY;AAEtB,oBAAY,QAAQ,MAAM,CAAAC,YAAU,eAAe,SAASA,OAAM,CAAC;AAAA,MACrE,OAAO;AAEL,oBAAY,QAAQ,KAAK,CAAAA,YAAU,eAAe,SAASA,OAAM,CAAC;AAAA,MACpE;AAEA,UAAI,CAAC,WAAW;AACd,eAAO;AAAA,UACL,SAAS;AAAA,UACT,OAAO,yCAAyC,QAAQ,KAAK,IAAI,CAAC;AAAA,UAClE,YAAY;AAAA,QACd;AAAA,MACF;AAEA,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,oBACJ,SACA,cACA,UAAoC,CAAC,GACf;AACtB,QAAI;AACF,YAAM,mBAAmB,MAAM,KAAK,QAAQ,oBAAoB,QAAQ,KAAK;AAE7E,UAAI;AAEJ,UAAI,QAAQ,YAAY;AAEtB,oBAAY,aAAa,MAAM,YAAU,iBAAiB,SAAS,MAAM,CAAC;AAAA,MAC5E,OAAO;AAEL,oBAAY,aAAa,KAAK,YAAU,iBAAiB,SAAS,MAAM,CAAC;AAAA,MAC3E;AAEA,UAAI,CAAC,WAAW;AACd,eAAO;AAAA,UACL,SAAS;AAAA,UACT,OAAO,+CAA+C,aAAa,KAAK,IAAI,CAAC;AAAA,UAC7E,YAAY;AAAA,QACd;AAAA,MACF;AAEA,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,QAAQ,SAAuB,SAA6C;AAChF,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,UAAI,SAAS;AACb,YAAM,WAAqB,CAAC;AAG5B,UAAI,QAAQ,eAAe,QAAQ,YAAY,SAAS,GAAG;AACzD,cAAM,kBAAkB,WAAW,QAAQ,QAAQ,OAAK,EAAE,WAAW;AACrE,cAAM,iBAAiB,QAAQ,aAC3B,QAAQ,YAAY,MAAM,OAAK,gBAAgB,SAAS,CAAC,CAAC,IAC1D,QAAQ,YAAY,KAAK,OAAK,gBAAgB,SAAS,CAAC,CAAC;AAE7D,YAAI,CAAC,gBAAgB;AACnB,mBAAS;AACT,mBAAS,KAAK,gBAAgB,QAAQ,YAAY,KAAK,IAAI,CAAC,EAAE;AAAA,QAChE;AAAA,MACF;AAGA,UAAI,QAAQ,SAAS,QAAQ,MAAM,SAAS,GAAG;AAC7C,cAAM,WAAW,QAAQ,aACrB,QAAQ,MAAM,MAAM,OAAK,WAAW,MAAM,SAAS,CAAC,CAAC,IACrD,QAAQ,MAAM,KAAK,OAAK,WAAW,MAAM,SAAS,CAAC,CAAC;AAExD,YAAI,CAAC,UAAU;AACb,mBAAS;AACT,mBAAS,KAAK,UAAU,QAAQ,MAAM,KAAK,IAAI,CAAC,EAAE;AAAA,QACpD;AAAA,MACF;AAGA,UAAI,QAAQ,WAAW,QAAQ,QAAQ,SAAS,GAAG;AACjD,cAAM,iBAAiB,WAAW,QAAQ,IAAI,OAAK,EAAE,GAAG;AACxD,cAAM,aAAa,QAAQ,aACvB,QAAQ,QAAQ,MAAM,OAAK,eAAe,SAAS,CAAC,CAAC,IACrD,QAAQ,QAAQ,KAAK,OAAK,eAAe,SAAS,CAAC,CAAC;AAExD,YAAI,CAAC,YAAY;AACf,mBAAS;AACT,mBAAS,KAAK,YAAY,QAAQ,QAAQ,KAAK,IAAI,CAAC,EAAE;AAAA,QACxD;AAAA,MACF;AAGA,UAAI,QAAQ,gBAAgB,QAAQ,aAAa,SAAS,GAAG;AAC3D,cAAM,kBAAkB,QAAQ,aAC5B,QAAQ,aAAa,MAAM,QAAM,WAAW,aAAa,SAAS,EAAE,CAAC,IACrE,QAAQ,aAAa,KAAK,QAAM,WAAW,aAAa,SAAS,EAAE,CAAC;AAExE,YAAI,CAAC,iBAAiB;AACpB,mBAAS;AACT,mBAAS,KAAK,kBAAkB,QAAQ,aAAa,KAAK,IAAI,CAAC,EAAE;AAAA,QACnE;AAAA,MACF;AAEA,UAAI,CAAC,QAAQ;AACX,eAAO;AAAA,UACL,SAAS;AAAA,UACT,OAAO,2BAA2B,SAAS,KAAK,IAAI,CAAC;AAAA,UACrD,YAAY;AAAA,QACd;AAAA,MACF;AAEA,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,SAA6C;AAC9D,QAAI;AACF,YAAM,aAAa,MAAM,KAAK,QAAQ,cAAc,QAAQ,KAAK;AACjE,aAAO,EAAE,SAAS,MAAM,MAAM,WAAW;AAAA,IAC3C,SAAS,OAAO;AACd,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,QACP,YAAY;AAAA,MACd;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,aAAqC;AACnC,WAAO,KAAK;AAAA,EACd;AACF;AAKO,SAAS,aAAa,SAA6B;AAExD,MAAI,QAAQ,SAAS,eAAe;AAClC,UAAM,aAAa,QAAQ,QAAQ;AACnC,QAAI,WAAW,WAAW,SAAS,GAAG;AACpC,aAAO,WAAW,UAAU,CAAC;AAAA,IAC/B;AAAA,EACF;AAGA,MAAI,QAAQ,SAAS,eAAe;AAClC,UAAM,aAAa,QAAQ,QAAQ;AACnC,QAAI,WAAW,WAAW,SAAS,GAAG;AACpC,aAAO,WAAW,UAAU,CAAC;AAAA,IAC/B;AAAA,EACF;AAGA,MAAI,QAAQ,UAAU,gBAAgB,GAAG;AACvC,WAAO,QAAQ,QAAQ,gBAAgB;AAAA,EACzC;AAGA,MAAI,QAAQ,OAAO,OAAO;AACxB,WAAO,QAAQ,MAAM;AAAA,EACvB;AAEA,SAAO;AACT;;;ACzSO,SAAS,qBAAqB,QAAa;AAChD,QAAM,QAAQ,IAAIC,gBAAe,MAAM;AAEvC,SAAO;AAAA;AAAA;AAAA;AAAA,IAIL,mBAAmB,aAAuB,UAAoC,CAAC,GAAG;AAChF,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,mBAAmB,SAAS,aAAa,OAAO;AAE3E,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,aAAa,OAAiB,UAAoC,CAAC,GAAG;AACpE,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,aAAa,SAAS,OAAO,OAAO;AAE/D,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,eAAe,SAAmB,UAAoC,CAAC,GAAG;AACxE,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,eAAe,SAAS,SAAS,OAAO;AAEnE,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,oBAAoB,cAAwB,UAAoC,CAAC,GAAG;AAClF,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,oBAAoB,SAAS,cAAc,OAAO;AAE7E,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,QAAQ,SAAuB;AAC7B,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,QAAQ,SAAS,OAAO;AAEnD,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,eAAe;AACb,aAAO,OAAO,KAA2B,KAAe,SAAuB;AAC7E,cAAM,UAAU,mBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,IAAI,OAAO,GAAG,EAAE,KAAK;AAAA,YAC1B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,aAAa,OAAO;AAE/C,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,IAAI,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YAC/C,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAEA,aAAK;AAAA,MACP;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,WAA2B;AACzB,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAEA,SAAS,mBAAmB,KAAmC;AAC7D,QAAM,QAAQ,aAAa,GAAG;AAC9B,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,EACT;AAEA,SAAO;AAAA,IACL;AAAA,IACA,SAAS;AAAA,EACX;AACF;;;ACxQO,SAAS,qBAAqB,QAAa;AAChD,QAAM,QAAQ,IAAIC,gBAAe,MAAM;AAEvC,SAAO;AAAA;AAAA;AAAA;AAAA,IAIL,mBAAmB,aAAuB,UAAoC,CAAC,GAAG;AAChF,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUC,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,mBAAmB,SAAS,aAAa,OAAO;AAE3E,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,aAAa,OAAiB,UAAoC,CAAC,GAAG;AACpE,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUA,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,aAAa,SAAS,OAAO,OAAO;AAE/D,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,eAAe,SAAmB,UAAoC,CAAC,GAAG;AACxE,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUA,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,eAAe,SAAS,SAAS,OAAO;AAEnE,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,oBAAoB,cAAwB,UAAoC,CAAC,GAAG;AAClF,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUA,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,oBAAoB,SAAS,cAAc,OAAO;AAE7E,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,QAAQ,SAAuB;AAC7B,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUA,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,QAAQ,SAAS,OAAO;AAEnD,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,eAAe;AACb,aAAO,OAAO,KAA2B,UAAwB;AAC/D,cAAM,UAAUA,oBAAmB,GAAG;AACtC,YAAI,CAAC,SAAS;AACZ,iBAAO,MAAM,OAAO,GAAG,EAAE,KAAK;AAAA,YAC5B,SAAS;AAAA,YACT,SAAS;AAAA,UACX,CAAC;AAAA,QACH;AAEA,cAAM,SAAS,MAAM,MAAM,aAAa,OAAO;AAE/C,YAAI,CAAC,OAAO,SAAS;AACnB,iBAAO,MAAM,OAAO,OAAO,cAAc,GAAG,EAAE,KAAK;AAAA,YACjD,SAAS;AAAA,YACT,SAAS,OAAO;AAAA,UAClB,CAAC;AAAA,QACH;AAGA,YAAI,OAAO,MAAM;AACf,cAAI,OAAO;AAAA,YACT,IAAI,OAAO,KAAK,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK,KAAK;AAAA,YAC/B,UAAU,OAAO,KAAK,KAAK;AAAA,YAC3B,OAAO,OAAO,KAAK,KAAK;AAAA,YACxB,OAAO,OAAO,KAAK;AAAA,YACnB,aAAa,OAAO,KAAK,QAAQ,QAAQ,OAAK,EAAE,WAAW;AAAA,YAC3D,SAAS,OAAO,KAAK;AAAA,YACrB,cAAc,OAAO,KAAK;AAAA,UAC5B;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA;AAAA;AAAA;AAAA,IAKA,WAA2B;AACzB,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAEA,SAASA,oBAAmB,KAA0C;AACpE,QAAM,QAAQ,aAAa,GAAG;AAC9B,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,EACT;AAEA,SAAO;AAAA,IACL;AAAA,IACA,SAAS;AAAA,EACX;AACF;","names":["ExGuardBackend","axios","module","import_axios","axios","userAccess","module","ExGuardBackend","module","ExGuardBackend","ExGuardBackend","createGuardContext"]}
|