llng-mcp 0.1.0

package/dist/__tests__/oidc-tools.test.js

@@ -0,0 +1,457 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+import { createHash } from "crypto";
+import { registerOidcTools } from "../tools/oidc.js";
+function createMockOidcRegistry(config) {
+    return {
+        getTransport: vi.fn(),
+        getOidcConfig: vi.fn().mockReturnValue(config),
+        listInstances: vi.fn().mockReturnValue([]),
+    };
+}
+describe("OIDC Tools", () => {
+    let originalFetch;
+    beforeEach(() => {
+        originalFetch = global.fetch;
+    });
+    afterEach(() => {
+        global.fetch = originalFetch;
+        vi.restoreAllMocks();
+    });
+    describe("PKCE generation", () => {
+        it("should generate code_verifier with 43+ chars in base64url", async () => {
+            const config = {
+                issuer: "https://auth.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile",
+            };
+            const metadata = {
+                authorization_endpoint: "https://auth.example.com/authorize",
+                token_endpoint: "https://auth.example.com/token",
+            };
+            const mockFetch = vi.fn().mockResolvedValue({
+                ok: true,
+                status: 200,
+                json: () => Promise.resolve(metadata),
+            });
+            global.fetch = mockFetch;
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    if (name === "llng_oidc_authorize") {
+                        toolResults.push({ name, handler });
+                    }
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            const authorizeHandler = toolResults.find((t) => t.name === "llng_oidc_authorize")?.handler;
+            const result = await authorizeHandler({});
+            const parsed = JSON.parse(result.content[0].text);
+            expect(parsed.code_verifier).toMatch(/^[A-Za-z0-9_-]{43,}$/);
+            expect(parsed.code_verifier.length).toBeGreaterThanOrEqual(43);
+        });
+        it("should generate code_challenge as SHA256 of verifier in base64url", async () => {
+            const config = {
+                issuer: "https://auth.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile",
+            };
+            const metadata = {
+                authorization_endpoint: "https://auth.example.com/authorize",
+                token_endpoint: "https://auth.example.com/token",
+            };
+            const mockFetch = vi.fn().mockResolvedValue({
+                ok: true,
+                status: 200,
+                json: () => Promise.resolve(metadata),
+            });
+            global.fetch = mockFetch;
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    if (name === "llng_oidc_authorize") {
+                        toolResults.push({ name, handler });
+                    }
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            const authorizeHandler = toolResults.find((t) => t.name === "llng_oidc_authorize")?.handler;
+            const result = await authorizeHandler({});
+            const parsed = JSON.parse(result.content[0].text);
+            const verifier = parsed.code_verifier;
+            const challenge = parsed.url.match(/code_challenge=([^&]+)/)?.[1];
+            // Compute expected challenge
+            const expectedChallenge = createHash("sha256").update(verifier).digest("base64url");
+            expect(decodeURIComponent(challenge)).toBe(expectedChallenge);
+        });
+    });
+    describe("JWT decode (whoami)", () => {
+        function makeJwt(payload) {
+            const header = Buffer.from(JSON.stringify({ alg: "RS256", typ: "JWT" })).toString("base64url");
+            const body = Buffer.from(JSON.stringify(payload)).toString("base64url");
+            const sig = "fakesignature";
+            return `${header}.${body}.${sig}`;
+        }
+        it("should decode a valid JWT payload", async () => {
+            const config = {
+                issuer: "https://auth.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile",
+            };
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    if (name === "llng_oidc_whoami") {
+                        toolResults.push({ name, handler });
+                    }
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            const whoamiHandler = toolResults.find((t) => t.name === "llng_oidc_whoami")?.handler;
+            const payload = {
+                sub: "user123",
+                name: "John Doe",
+                email: "john@example.com",
+                iat: 1234567890,
+                exp: 1234571490,
+            };
+            const jwt = makeJwt(payload);
+            const result = await whoamiHandler({ id_token: jwt });
+            expect(result.isError).toBeUndefined();
+            const decoded = JSON.parse(result.content[0].text);
+            expect(decoded._warning).toContain("UNVERIFIED");
+            expect(decoded.sub).toBe(payload.sub);
+            expect(decoded.name).toBe(payload.name);
+            expect(decoded.email).toBe(payload.email);
+            expect(decoded.iat).toBe(payload.iat);
+            expect(decoded.exp).toBe(payload.exp);
+        });
+        it("should return error for invalid JWT format", async () => {
+            const config = {
+                issuer: "https://auth.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile",
+            };
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    if (name === "llng_oidc_whoami") {
+                        toolResults.push({ name, handler });
+                    }
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            const whoamiHandler = toolResults.find((t) => t.name === "llng_oidc_whoami")?.handler;
+            const result = await whoamiHandler({ id_token: "not.a.valid.jwt.token" });
+            expect(result.isError).toBe(true);
+            expect(result.content[0].text).toContain("Error: Invalid JWT format");
+        });
+        it("should handle JWT with special characters in payload", async () => {
+            const config = {
+                issuer: "https://auth.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile",
+            };
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    if (name === "llng_oidc_whoami") {
+                        toolResults.push({ name, handler });
+                    }
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            const whoamiHandler = toolResults.find((t) => t.name === "llng_oidc_whoami")?.handler;
+            const payload = {
+                sub: "user@example.com",
+                name: "José García",
+                groups: ["admin", "users"],
+            };
+            const jwt = makeJwt(payload);
+            const result = await whoamiHandler({ id_token: jwt });
+            const decoded = JSON.parse(result.content[0].text);
+            expect(decoded.name).toBe("José García");
+            expect(decoded.groups).toEqual(["admin", "users"]);
+        });
+    });
+    describe("OIDC not configured", () => {
+        it("should return error when config is undefined", async () => {
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    toolResults.push({ name, handler });
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(undefined));
+            // Test each tool
+            for (const tool of toolResults) {
+                const result = await tool.handler({});
+                expect(result.isError).toBe(true);
+                expect(result.content[0].text).toContain("Error: OIDC not configured");
+            }
+        });
+    });
+    describe("Discovery metadata caching", () => {
+        it("should fetch discovery metadata successfully", async () => {
+            // Note: Discovery metadata caching is an implementation detail that uses
+            // module-scoped state. This test verifies that the discovery endpoint
+            // can be fetched successfully. Cache behavior is implicitly tested by
+            // the fact that subsequent tool calls don't fail.
+            const config = {
+                issuer: "https://cache-test.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile",
+            };
+            const metadata = {
+                issuer: "https://cache-test.example.com",
+                authorization_endpoint: "https://cache-test.example.com/authorize",
+                token_endpoint: "https://cache-test.example.com/token",
+                userinfo_endpoint: "https://cache-test.example.com/userinfo",
+            };
+            const mockFetch = vi.fn().mockResolvedValue({
+                ok: true,
+                status: 200,
+                json: () => Promise.resolve(metadata),
+            });
+            global.fetch = mockFetch;
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    toolResults.push({ name, handler });
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            const metadataHandler = toolResults.find((t) => t.name === "llng_oidc_metadata")?.handler;
+            expect(metadataHandler).toBeDefined();
+            const result = await metadataHandler({});
+            expect(result.isError).toBeUndefined();
+            const parsed = JSON.parse(result.content[0].text);
+            expect(parsed.issuer).toBe("https://cache-test.example.com");
+            expect(parsed.authorization_endpoint).toBe("https://cache-test.example.com/authorize");
+        });
+    });
+    describe("Tool registration", () => {
+        it("should register 8 OIDC tools", () => {
+            const config = {
+                issuer: "https://auth.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile",
+            };
+            const toolNames = [];
+            const mockServer = {
+                tool: vi.fn((name) => {
+                    toolNames.push(name);
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            expect(toolNames).toEqual([
+                "llng_oidc_metadata",
+                "llng_oidc_authorize",
+                "llng_oidc_tokens",
+                "llng_oidc_userinfo",
+                "llng_oidc_introspect",
+                "llng_oidc_refresh",
+                "llng_oidc_whoami",
+                "llng_oidc_check_auth",
+            ]);
+        });
+    });
+    describe("Authorization URL generation", () => {
+        it("should include all required PKCE parameters", async () => {
+            const config = {
+                issuer: "https://auth.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile email",
+            };
+            const metadata = {
+                authorization_endpoint: "https://auth.example.com/authorize",
+                token_endpoint: "https://auth.example.com/token",
+            };
+            const mockFetch = vi.fn().mockResolvedValue({
+                ok: true,
+                status: 200,
+                json: () => Promise.resolve(metadata),
+            });
+            global.fetch = mockFetch;
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    if (name === "llng_oidc_authorize") {
+                        toolResults.push({ name, handler });
+                    }
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            const authorizeHandler = toolResults.find((t) => t.name === "llng_oidc_authorize")?.handler;
+            const result = await authorizeHandler({});
+            const parsed = JSON.parse(result.content[0].text);
+            const url = new URL(parsed.url);
+            expect(url.searchParams.get("response_type")).toBe("code");
+            expect(url.searchParams.get("client_id")).toBe("test-client");
+            expect(url.searchParams.get("redirect_uri")).toBe("http://localhost:3000/callback");
+            expect(url.searchParams.get("scope")).toBe("openid profile email");
+            expect(url.searchParams.get("code_challenge")).toBeTruthy();
+            expect(url.searchParams.get("code_challenge_method")).toBe("S256");
+            expect(url.searchParams.get("state")).toBeTruthy();
+        });
+        it("should use custom scope when provided", async () => {
+            const config = {
+                issuer: "https://auth.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile",
+            };
+            const metadata = {
+                authorization_endpoint: "https://auth.example.com/authorize",
+                token_endpoint: "https://auth.example.com/token",
+            };
+            const mockFetch = vi.fn().mockResolvedValue({
+                ok: true,
+                status: 200,
+                json: () => Promise.resolve(metadata),
+            });
+            global.fetch = mockFetch;
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    if (name === "llng_oidc_authorize") {
+                        toolResults.push({ name, handler });
+                    }
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            const authorizeHandler = toolResults.find((t) => t.name === "llng_oidc_authorize")?.handler;
+            const result = await authorizeHandler({ scope: "openid email offline_access" });
+            const parsed = JSON.parse(result.content[0].text);
+            const url = new URL(parsed.url);
+            expect(url.searchParams.get("scope")).toBe("openid email offline_access");
+        });
+    });
+    describe("Token exchange", () => {
+        it("should send correct parameters in token request", async () => {
+            const config = {
+                issuer: "https://auth.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile",
+                clientSecret: "secret123",
+            };
+            const metadata = {
+                token_endpoint: "https://auth.example.com/token",
+            };
+            const tokenResponse = {
+                access_token: "access123",
+                id_token: "id123",
+                token_type: "Bearer",
+                expires_in: 3600,
+            };
+            const fetchCalls = [];
+            const mockFetch = vi.fn().mockImplementation((url, options) => {
+                fetchCalls.push({ url, options });
+                // First call is discovery, second is token
+                if (url.includes(".well-known")) {
+                    return Promise.resolve({
+                        ok: true,
+                        status: 200,
+                        json: () => Promise.resolve(metadata),
+                    });
+                }
+                else {
+                    return Promise.resolve({
+                        ok: true,
+                        status: 200,
+                        json: () => Promise.resolve(tokenResponse),
+                    });
+                }
+            });
+            global.fetch = mockFetch;
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    if (name === "llng_oidc_tokens") {
+                        toolResults.push({ name, handler });
+                    }
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            const tokensHandler = toolResults.find((t) => t.name === "llng_oidc_tokens")?.handler;
+            await tokensHandler({ code: "auth_code_123", code_verifier: "verifier123" });
+            // Find the token endpoint call
+            const tokenCall = fetchCalls.find((call) => call.url === "https://auth.example.com/token");
+            expect(tokenCall).toBeDefined();
+            expect(tokenCall.options.method).toBe("POST");
+            const body = new URLSearchParams(tokenCall.options.body);
+            expect(body.get("grant_type")).toBe("authorization_code");
+            expect(body.get("code")).toBe("auth_code_123");
+            expect(body.get("code_verifier")).toBe("verifier123");
+            expect(body.get("client_id")).toBe("test-client");
+            expect(body.get("client_secret")).toBe("secret123");
+            expect(body.get("redirect_uri")).toBe("http://localhost:3000/callback");
+        });
+    });
+    describe("Error handling", () => {
+        it("should handle fetch errors gracefully", async () => {
+            // Use a unique issuer to avoid cache collision
+            const config = {
+                issuer: "https://error-test-1.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile",
+            };
+            const mockFetch = vi.fn().mockRejectedValue(new Error("Network error"));
+            global.fetch = mockFetch;
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    toolResults.push({ name, handler });
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            const metadataHandler = toolResults.find((t) => t.name === "llng_oidc_metadata")?.handler;
+            expect(metadataHandler).toBeDefined();
+            if (metadataHandler) {
+                const result = await metadataHandler({});
+                expect(result.isError).toBe(true);
+                expect(result.content[0].text).toContain("Network error");
+            }
+        });
+        it("should handle HTTP error responses", async () => {
+            // Use a unique issuer to avoid cache collision
+            const config = {
+                issuer: "https://error-test-2.example.com",
+                clientId: "test-client",
+                redirectUri: "http://localhost:3000/callback",
+                scope: "openid profile",
+            };
+            const mockFetch = vi.fn().mockResolvedValue({
+                ok: false,
+                status: 404,
+                statusText: "Not Found",
+                json: () => Promise.resolve({ error: "not_found" }),
+            });
+            global.fetch = mockFetch;
+            const toolResults = [];
+            const mockServer = {
+                tool: vi.fn((name, desc, schema, handler) => {
+                    toolResults.push({ name, handler });
+                }),
+            };
+            registerOidcTools(mockServer, createMockOidcRegistry(config));
+            const metadataHandler = toolResults.find((t) => t.name === "llng_oidc_metadata")?.handler;
+            expect(metadataHandler).toBeDefined();
+            if (metadataHandler) {
+                const result = await metadataHandler({});
+                expect(result.isError).toBe(true);
+                expect(result.content[0].text).toContain("404");
+            }
+        });
+    });
+});
+//# sourceMappingURL=oidc-tools.test.js.map

package/dist/__tests__/oidc-tools.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oidc-tools.test.js","sourceRoot":"","sources":["../../src/__tests__/oidc-tools.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AACpC,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAKrD,SAAS,sBAAsB,CAAC,MAA8B;IAC5D,OAAO;QACL,YAAY,EAAE,EAAE,CAAC,EAAE,EAAE;QACrB,aAAa,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC;QAC9C,aAAa,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,CAAC;KACX,CAAC;AACpC,CAAC;AAED,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;IAC1B,IAAI,aAAkC,CAAC;IAEvC,UAAU,CAAC,GAAG,EAAE;QACd,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,CAAC,KAAK,GAAG,aAAa,CAAC;QAC7B,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,EAAE,CAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;YACzE,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,0BAA0B;gBAClC,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,gBAAgB;aACxB,CAAC;YAEF,MAAM,QAAQ,GAAG;gBACf,sBAAsB,EAAE,oCAAoC;gBAC5D,cAAc,EAAE,gCAAgC;aACjD,CAAC;YAEF,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;gBAC1C,EAAE,EAAE,IAAI;gBACR,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;aACtC,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,GAAG,SAAgB,CAAC;YAEhC,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,IAAI,IAAI,KAAK,qBAAqB,EAAE,CAAC;wBACnC,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,gBAAgB,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,qBAAqB,CAAC,EAAE,OAAO,CAAC;YAC5F,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,EAAE,CAAC,CAAC;YAE1C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAClD,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;YAC7D,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mEAAmE,EAAE,KAAK,IAAI,EAAE;YACjF,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,0BAA0B;gBAClC,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,gBAAgB;aACxB,CAAC;YAEF,MAAM,QAAQ,GAAG;gBACf,sBAAsB,EAAE,oCAAoC;gBAC5D,cAAc,EAAE,gCAAgC;aACjD,CAAC;YAEF,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;gBAC1C,EAAE,EAAE,IAAI;gBACR,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;aACtC,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,GAAG,SAAgB,CAAC;YAEhC,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,IAAI,IAAI,KAAK,qBAAqB,EAAE,CAAC;wBACnC,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,gBAAgB,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,qBAAqB,CAAC,EAAE,OAAO,CAAC;YAC5F,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,EAAE,CAAC,CAAC;YAE1C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAClD,MAAM,QAAQ,GAAG,MAAM,CAAC,aAAa,CAAC;YACtC,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAElE,6BAA6B;YAC7B,MAAM,iBAAiB,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAEpF,MAAM,CAAC,kBAAkB,CAAC,SAAU,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;QACnC,SAAS,OAAO,CAAC,OAAe;YAC9B,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAC/E,WAAW,CACZ,CAAC;YACF,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;YACxE,MAAM,GAAG,GAAG,eAAe,CAAC;YAC5B,OAAO,GAAG,MAAM,IAAI,IAAI,IAAI,GAAG,EAAE,CAAC;QACpC,CAAC;QAED,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;YACjD,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,0BAA0B;gBAClC,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,gBAAgB;aACxB,CAAC;YAEF,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,IAAI,IAAI,KAAK,kBAAkB,EAAE,CAAC;wBAChC,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,aAAa,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,EAAE,OAAO,CAAC;YAEtF,MAAM,OAAO,GAAG;gBACd,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,UAAU;gBAChB,KAAK,EAAE,kBAAkB;gBACzB,GAAG,EAAE,UAAU;gBACf,GAAG,EAAE,UAAU;aAChB,CAAC;YAEF,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;YAC7B,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAAC;YAEtD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,CAAC;YACvC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACnD,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;YACjD,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACtC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACxC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YAC1C,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACtC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACxC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4CAA4C,EAAE,KAAK,IAAI,EAAE;YAC1D,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,0BAA0B;gBAClC,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,gBAAgB;aACxB,CAAC;YAEF,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,IAAI,IAAI,KAAK,kBAAkB,EAAE,CAAC;wBAChC,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,aAAa,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,EAAE,OAAO,CAAC;YAEtF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,EAAE,QAAQ,EAAE,uBAAuB,EAAE,CAAC,CAAC;YAE1E,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,2BAA2B,CAAC,CAAC;QACxE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;YACpE,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,0BAA0B;gBAClC,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,gBAAgB;aACxB,CAAC;YAEF,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,IAAI,IAAI,KAAK,kBAAkB,EAAE,CAAC;wBAChC,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,aAAa,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,EAAE,OAAO,CAAC;YAEtF,MAAM,OAAO,GAAG;gBACd,GAAG,EAAE,kBAAkB;gBACvB,IAAI,EAAE,aAAa;gBACnB,MAAM,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;aAC3B,CAAC;YAEF,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;YAC7B,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAAC;YAEtD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YACnD,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YACzC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;QACrD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;QACnC,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;YAC5D,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;gBACtC,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,SAAS,CAAC,CAAC,CAAC;YAEjE,iBAAiB;YACjB,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;gBAC/B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;gBACtC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,4BAA4B,CAAC,CAAC;YACzE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,4BAA4B,EAAE,GAAG,EAAE;QAC1C,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;YAC5D,yEAAyE;YACzE,sEAAsE;YACtE,sEAAsE;YACtE,kDAAkD;YAElD,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,gCAAgC;gBACxC,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,gBAAgB;aACxB,CAAC;YAEF,MAAM,QAAQ,GAAG;gBACf,MAAM,EAAE,gCAAgC;gBACxC,sBAAsB,EAAE,0CAA0C;gBAClE,cAAc,EAAE,sCAAsC;gBACtD,iBAAiB,EAAE,yCAAyC;aAC7D,CAAC;YAEF,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;gBAC1C,EAAE,EAAE,IAAI;gBACR,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;aACtC,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,GAAG,SAAgB,CAAC;YAEhC,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;gBACtC,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,eAAe,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,oBAAoB,CAAC,EAAE,OAAO,CAAC;YAC1F,MAAM,CAAC,eAAe,CAAC,CAAC,WAAW,EAAE,CAAC;YAEtC,MAAM,MAAM,GAAG,MAAM,eAAgB,CAAC,EAAE,CAAC,CAAC;YAE1C,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,CAAC;YACvC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAClD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;YAC7D,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;QACzF,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;YACtC,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,0BAA0B;gBAClC,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,gBAAgB;aACxB,CAAC;YAEF,MAAM,SAAS,GAAa,EAAE,CAAC;YAC/B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,EAAE;oBAC3B,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACvB,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC;gBACxB,oBAAoB;gBACpB,qBAAqB;gBACrB,kBAAkB;gBAClB,oBAAoB;gBACpB,sBAAsB;gBACtB,mBAAmB;gBACnB,kBAAkB;gBAClB,sBAAsB;aACvB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;QAC5C,EAAE,CAAC,6CAA6C,EAAE,KAAK,IAAI,EAAE;YAC3D,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,0BAA0B;gBAClC,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,sBAAsB;aAC9B,CAAC;YAEF,MAAM,QAAQ,GAAG;gBACf,sBAAsB,EAAE,oCAAoC;gBAC5D,cAAc,EAAE,gCAAgC;aACjD,CAAC;YAEF,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;gBAC1C,EAAE,EAAE,IAAI;gBACR,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;aACtC,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,GAAG,SAAgB,CAAC;YAEhC,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,IAAI,IAAI,KAAK,qBAAqB,EAAE,CAAC;wBACnC,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,gBAAgB,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,qBAAqB,CAAC,EAAE,OAAO,CAAC;YAC5F,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,EAAE,CAAC,CAAC;YAE1C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAClD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAEhC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC3D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAC9D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;YACpF,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YACnE,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC;YAC5D,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACnE,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC;QACrD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;YACrD,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,0BAA0B;gBAClC,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,gBAAgB;aACxB,CAAC;YAEF,MAAM,QAAQ,GAAG;gBACf,sBAAsB,EAAE,oCAAoC;gBAC5D,cAAc,EAAE,gCAAgC;aACjD,CAAC;YAEF,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;gBAC1C,EAAE,EAAE,IAAI;gBACR,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;aACtC,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,GAAG,SAAgB,CAAC;YAEhC,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,IAAI,IAAI,KAAK,qBAAqB,EAAE,CAAC;wBACnC,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,gBAAgB,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,qBAAqB,CAAC,EAAE,OAAO,CAAC;YAC5F,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,EAAE,KAAK,EAAE,6BAA6B,EAAE,CAAC,CAAC;YAEhF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAClD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAEhC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC5E,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;YAC/D,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,0BAA0B;gBAClC,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,gBAAgB;gBACvB,YAAY,EAAE,WAAW;aAC1B,CAAC;YAEF,MAAM,QAAQ,GAAG;gBACf,cAAc,EAAE,gCAAgC;aACjD,CAAC;YAEF,MAAM,aAAa,GAAG;gBACpB,YAAY,EAAE,WAAW;gBACzB,QAAQ,EAAE,OAAO;gBACjB,UAAU,EAAE,QAAQ;gBACpB,UAAU,EAAE,IAAI;aACjB,CAAC;YAEF,MAAM,UAAU,GAAU,EAAE,CAAC;YAC7B,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,EAAE,OAAY,EAAE,EAAE;gBACzE,UAAU,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC;gBAClC,2CAA2C;gBAC3C,IAAI,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBAChC,OAAO,OAAO,CAAC,OAAO,CAAC;wBACrB,EAAE,EAAE,IAAI;wBACR,MAAM,EAAE,GAAG;wBACX,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;qBACtC,CAAC,CAAC;gBACL,CAAC;qBAAM,CAAC;oBACN,OAAO,OAAO,CAAC,OAAO,CAAC;wBACrB,EAAE,EAAE,IAAI;wBACR,MAAM,EAAE,GAAG;wBACX,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;qBAC3C,CAAC,CAAC;gBACL,CAAC;YACH,CAAC,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,GAAG,SAAgB,CAAC;YAEhC,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,IAAI,IAAI,KAAK,kBAAkB,EAAE,CAAC;wBAChC,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,aAAa,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,EAAE,OAAO,CAAC;YACtF,MAAM,aAAa,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,aAAa,EAAE,aAAa,EAAE,CAAC,CAAC;YAE7E,+BAA+B;YAC/B,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,KAAK,gCAAgC,CAAC,CAAC;YAC3F,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;YAChC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAE9C,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACzD,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YAC1D,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC/C,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YACtD,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAClD,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACpD,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;QAC1E,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;YACrD,+CAA+C;YAC/C,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,kCAAkC;gBAC1C,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,gBAAgB;aACxB,CAAC;YAEF,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC;YACxE,MAAM,CAAC,KAAK,GAAG,SAAgB,CAAC;YAEhC,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;gBACtC,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,eAAe,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,oBAAoB,CAAC,EAAE,OAAO,CAAC;YAC1F,MAAM,CAAC,eAAe,CAAC,CAAC,WAAW,EAAE,CAAC;YAEtC,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,CAAC,CAAC;gBACzC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;YAClD,+CAA+C;YAC/C,MAAM,MAAM,GAAe;gBACzB,MAAM,EAAE,kCAAkC;gBAC1C,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,gCAAgC;gBAC7C,KAAK,EAAE,gBAAgB;aACxB,CAAC;YAEF,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC;gBAC1C,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,GAAG;gBACX,UAAU,EAAE,WAAW;gBACvB,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC;aACpD,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,GAAG,SAAgB,CAAC;YAEhC,MAAM,WAAW,GAAU,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG;gBACjB,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,IAAY,EAAE,IAAY,EAAE,MAAW,EAAE,OAAY,EAAE,EAAE;oBACpE,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;gBACtC,CAAC,CAAC;aACqB,CAAC;YAE1B,iBAAiB,CAAC,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC;YAE9D,MAAM,eAAe,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,oBAAoB,CAAC,EAAE,OAAO,CAAC;YAC1F,MAAM,CAAC,eAAe,CAAC,CAAC,WAAW,EAAE,CAAC;YAEtC,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,CAAC,CAAC;gBACzC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;YAClD,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/registry.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/__tests__/registry.test.js

@@ -0,0 +1,96 @@
+import { describe, it, expect, vi } from "vitest";
+import { TransportRegistry } from "../transport/registry.js";
+vi.mock("../transport/api.js", () => {
+    const ApiTransport = vi.fn(function () {
+        this._type = "api";
+    });
+    return { ApiTransport };
+});
+vi.mock("../transport/ssh.js", () => {
+    const SshTransport = vi.fn(function () {
+        this._type = "ssh";
+    });
+    return { SshTransport };
+});
+describe("TransportRegistry", () => {
+    function makeConfig(overrides) {
+        return {
+            instances: {
+                prod: {
+                    mode: "api",
+                    api: { baseUrl: "https://prod.example.com" },
+                },
+                staging: {
+                    mode: "ssh",
+                    ssh: {
+                        host: "staging.example.com",
+                        cliPath: "/usr/share/lemonldap-ng/bin/lemonldap-ng-cli",
+                        sessionsPath: "/usr/share/lemonldap-ng/bin/lemonldap-ng-sessions",
+                        configEditorPath: "/usr/share/lemonldap-ng/bin/lmConfigEditor",
+                    },
+                },
+            },
+            default: "prod",
+            ...overrides,
+        };
+    }
+    it("returns transport for default instance when no name given", () => {
+        const registry = new TransportRegistry(makeConfig());
+        const transport = registry.getTransport();
+        expect(transport).toBeDefined();
+        expect(transport._type).toBe("api");
+    });
+    it("returns transport for named instance", () => {
+        const registry = new TransportRegistry(makeConfig());
+        const transport = registry.getTransport("staging");
+        expect(transport._type).toBe("ssh");
+    });
+    it("caches transport instances", () => {
+        const registry = new TransportRegistry(makeConfig());
+        const t1 = registry.getTransport("prod");
+        const t2 = registry.getTransport("prod");
+        expect(t1).toBe(t2);
+    });
+    it("throws for unknown instance", () => {
+        const registry = new TransportRegistry(makeConfig());
+        expect(() => registry.getTransport("unknown")).toThrow("Unknown instance 'unknown'. Available instances: prod, staging");
+    });
+    it("throws for API mode without api config", () => {
+        const config = makeConfig({
+            instances: {
+                broken: { mode: "api" },
+            },
+            default: "broken",
+        });
+        const registry = new TransportRegistry(config);
+        expect(() => registry.getTransport()).toThrow("API mode requires 'api' configuration");
+    });
+    it("returns OIDC config for instance", () => {
+        const config = makeConfig();
+        config.instances.prod.oidc = {
+            issuer: "https://auth.example.com",
+            clientId: "client",
+            redirectUri: "http://localhost/cb",
+            scope: "openid",
+        };
+        const registry = new TransportRegistry(config);
+        expect(registry.getOidcConfig("prod")?.issuer).toBe("https://auth.example.com");
+    });
+    it("returns undefined OIDC config when not configured", () => {
+        const registry = new TransportRegistry(makeConfig());
+        expect(registry.getOidcConfig("prod")).toBeUndefined();
+    });
+    it("throws for unknown instance in getOidcConfig", () => {
+        const registry = new TransportRegistry(makeConfig());
+        expect(() => registry.getOidcConfig("nope")).toThrow("Unknown instance 'nope'");
+    });
+    it("lists all instances", () => {
+        const registry = new TransportRegistry(makeConfig());
+        const list = registry.listInstances();
+        expect(list).toEqual([
+            { name: "prod", mode: "api", isDefault: true, hasManager: false },
+            { name: "staging", mode: "ssh", isDefault: false, hasManager: false },
+        ]);
+    });
+});
+//# sourceMappingURL=registry.test.js.map

package/dist/__tests__/registry.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"registry.test.js","sourceRoot":"","sources":["../../src/__tests__/registry.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAG7D,EAAE,CAAC,IAAI,CAAC,qBAAqB,EAAE,GAAG,EAAE;IAClC,MAAM,YAAY,GAAG,EAAE,CAAC,EAAE,CAAC;QACzB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC,CAAC,CAAC;IACH,OAAO,EAAE,YAAY,EAAE,CAAC;AAC1B,CAAC,CAAC,CAAC;AAEH,EAAE,CAAC,IAAI,CAAC,qBAAqB,EAAE,GAAG,EAAE;IAClC,MAAM,YAAY,GAAG,EAAE,CAAC,EAAE,CAAC;QACzB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC,CAAC,CAAC;IACH,OAAO,EAAE,YAAY,EAAE,CAAC;AAC1B,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,SAAS,UAAU,CAAC,SAAoC;QACtD,OAAO;YACL,SAAS,EAAE;gBACT,IAAI,EAAE;oBACJ,IAAI,EAAE,KAAK;oBACX,GAAG,EAAE,EAAE,OAAO,EAAE,0BAA0B,EAAE;iBAC7C;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,KAAK;oBACX,GAAG,EAAE;wBACH,IAAI,EAAE,qBAAqB;wBAC3B,OAAO,EAAE,8CAA8C;wBACvD,YAAY,EAAE,mDAAmD;wBACjE,gBAAgB,EAAE,4CAA4C;qBAC/D;iBACF;aACF;YACD,OAAO,EAAE,MAAM;YACf,GAAG,SAAS;SACb,CAAC;IACJ,CAAC;IAED,EAAE,CAAC,2DAA2D,EAAE,GAAG,EAAE;QACnE,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC,UAAU,EAAE,CAAC,CAAC;QACrD,MAAM,SAAS,GAAG,QAAQ,CAAC,YAAY,EAAE,CAAC;QAC1C,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;QAChC,MAAM,CAAE,SAAiB,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC,UAAU,EAAE,CAAC,CAAC;QACrD,MAAM,SAAS,GAAG,QAAQ,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QACnD,MAAM,CAAE,SAAiB,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC,UAAU,EAAE,CAAC,CAAC;QACrD,MAAM,EAAE,GAAG,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QACzC,MAAM,EAAE,GAAG,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QACzC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACtB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;QACrC,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC,UAAU,EAAE,CAAC,CAAC;QACrD,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CACpD,gEAAgE,CACjE,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,MAAM,GAAG,UAAU,CAAC;YACxB,SAAS,EAAE;gBACT,MAAM,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;aACxB;YACD,OAAO,EAAE,QAAQ;SAClB,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAC/C,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC,CAAC,OAAO,CAAC,uCAAuC,CAAC,CAAC;IACzF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;QAC5B,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,GAAG;YAC3B,MAAM,EAAE,0BAA0B;YAClC,QAAQ,EAAE,QAAQ;YAClB,WAAW,EAAE,qBAAqB;YAClC,KAAK,EAAE,QAAQ;SAChB,CAAC;QACF,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAC/C,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAClF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC,UAAU,EAAE,CAAC,CAAC;QACrD,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC,UAAU,EAAE,CAAC,CAAC;QACrD,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC;IAClF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qBAAqB,EAAE,GAAG,EAAE;QAC7B,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC,UAAU,EAAE,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,QAAQ,CAAC,aAAa,EAAE,CAAC;QACtC,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC;YACnB,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE;YACjE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE;SACtE,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/ssh-transport.test.d.ts

@@ -0,0 +1 @@
+export {};