npm - mulguard - Versions diffs - 1.1.6 → 1.1.8 - Mend

mulguard 1.1.6 → 1.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (540) hide show

package/README.md +21 -1078
package/adapters.d.ts +2 -0
package/adapters.d.ts.map +1 -0
package/adapters.js +1 -0
package/index.d.ts +329 -0
package/index.d.ts.map +1 -0
package/index.js +145 -0
package/jwt.d.ts +9 -0
package/jwt.d.ts.map +1 -0
package/jwt.js +8 -0
package/lib/actions.d.ts +13 -0
package/lib/actions.d.ts.map +1 -0
package/lib/actions.js +86 -0
package/lib/client.d.ts +104 -0
package/lib/client.d.ts.map +1 -0
package/lib/client.js +95 -0
package/lib/env.d.ts +12 -0
package/lib/env.d.ts.map +1 -0
package/lib/env.js +38 -0
package/lib/index.d.ts +56 -0
package/lib/index.d.ts.map +1 -0
package/lib/index.js +187 -0
package/lib/types.d.ts +24 -0
package/lib/types.d.ts.map +1 -0
package/lib/types.js +1 -0
package/middleware.d.ts +9 -0
package/middleware.d.ts.map +1 -0
package/middleware.js +12 -0
package/next.d.ts +9 -0
package/next.d.ts.map +1 -0
package/next.js +12 -0
package/package.json +117 -73
package/providers/42-school.d.ts +3 -0
package/providers/42-school.d.ts.map +1 -0
package/providers/42-school.js +2 -0
package/providers/apple.d.ts +3 -0
package/providers/apple.d.ts.map +1 -0
package/providers/apple.js +2 -0
package/providers/asgardeo.d.ts +3 -0
package/providers/asgardeo.d.ts.map +1 -0
package/providers/asgardeo.js +2 -0
package/providers/atlassian.d.ts +3 -0
package/providers/atlassian.d.ts.map +1 -0
package/providers/atlassian.js +2 -0
package/providers/auth0.d.ts +3 -0
package/providers/auth0.d.ts.map +1 -0
package/providers/auth0.js +2 -0
package/providers/authentik.d.ts +3 -0
package/providers/authentik.d.ts.map +1 -0
package/providers/authentik.js +2 -0
package/providers/azure-ad-b2c.d.ts +3 -0
package/providers/azure-ad-b2c.d.ts.map +1 -0
package/providers/azure-ad-b2c.js +2 -0
package/providers/azure-ad.d.ts +3 -0
package/providers/azure-ad.d.ts.map +1 -0
package/providers/azure-ad.js +2 -0
package/providers/azure-devops.d.ts +3 -0
package/providers/azure-devops.d.ts.map +1 -0
package/providers/azure-devops.js +2 -0
package/providers/bankid-no.d.ts +3 -0
package/providers/bankid-no.d.ts.map +1 -0
package/providers/bankid-no.js +2 -0
package/providers/battlenet.d.ts +3 -0
package/providers/battlenet.d.ts.map +1 -0
package/providers/battlenet.js +2 -0
package/providers/beyondidentity.d.ts +3 -0
package/providers/beyondidentity.d.ts.map +1 -0
package/providers/beyondidentity.js +2 -0
package/providers/bitbucket.d.ts +3 -0
package/providers/bitbucket.d.ts.map +1 -0
package/providers/bitbucket.js +2 -0
package/providers/box.d.ts +3 -0
package/providers/box.d.ts.map +1 -0
package/providers/box.js +2 -0
package/providers/boxyhq-saml.d.ts +3 -0
package/providers/boxyhq-saml.d.ts.map +1 -0
package/providers/boxyhq-saml.js +2 -0
package/providers/bungie.d.ts +3 -0
package/providers/bungie.d.ts.map +1 -0
package/providers/bungie.js +2 -0
package/providers/click-up.d.ts +3 -0
package/providers/click-up.d.ts.map +1 -0
package/providers/click-up.js +2 -0
package/providers/cognito.d.ts +3 -0
package/providers/cognito.d.ts.map +1 -0
package/providers/cognito.js +2 -0
package/providers/coinbase.d.ts +3 -0
package/providers/coinbase.d.ts.map +1 -0
package/providers/coinbase.js +2 -0
package/providers/concept2.d.ts +3 -0
package/providers/concept2.d.ts.map +1 -0
package/providers/concept2.js +2 -0
package/providers/credentials.d.ts +3 -0
package/providers/credentials.d.ts.map +1 -0
package/providers/credentials.js +2 -0
package/providers/descope.d.ts +3 -0
package/providers/descope.d.ts.map +1 -0
package/providers/descope.js +2 -0
package/providers/discord.d.ts +3 -0
package/providers/discord.d.ts.map +1 -0
package/providers/discord.js +2 -0
package/providers/dribbble.d.ts +3 -0
package/providers/dribbble.d.ts.map +1 -0
package/providers/dribbble.js +2 -0
package/providers/dropbox.d.ts +3 -0
package/providers/dropbox.d.ts.map +1 -0
package/providers/dropbox.js +2 -0
package/providers/duende-identity-server6.d.ts +3 -0
package/providers/duende-identity-server6.d.ts.map +1 -0
package/providers/duende-identity-server6.js +2 -0
package/providers/email.d.ts +3 -0
package/providers/email.d.ts.map +1 -0
package/providers/email.js +2 -0
package/providers/eventbrite.d.ts +3 -0
package/providers/eventbrite.d.ts.map +1 -0
package/providers/eventbrite.js +2 -0
package/providers/eveonline.d.ts +3 -0
package/providers/eveonline.d.ts.map +1 -0
package/providers/eveonline.js +2 -0
package/providers/facebook.d.ts +3 -0
package/providers/facebook.d.ts.map +1 -0
package/providers/facebook.js +2 -0
package/providers/faceit.d.ts +3 -0
package/providers/faceit.d.ts.map +1 -0
package/providers/faceit.js +2 -0
package/providers/figma.d.ts +3 -0
package/providers/figma.d.ts.map +1 -0
package/providers/figma.js +2 -0
package/providers/forwardemail.d.ts +3 -0
package/providers/forwardemail.d.ts.map +1 -0
package/providers/forwardemail.js +2 -0
package/providers/foursquare.d.ts +3 -0
package/providers/foursquare.d.ts.map +1 -0
package/providers/foursquare.js +2 -0
package/providers/freshbooks.d.ts +3 -0
package/providers/freshbooks.d.ts.map +1 -0
package/providers/freshbooks.js +2 -0
package/providers/frontegg.d.ts +3 -0
package/providers/frontegg.d.ts.map +1 -0
package/providers/frontegg.js +2 -0
package/providers/fusionauth.d.ts +3 -0
package/providers/fusionauth.d.ts.map +1 -0
package/providers/fusionauth.js +2 -0
package/providers/github.d.ts +3 -0
package/providers/github.d.ts.map +1 -0
package/providers/github.js +2 -0
package/providers/gitlab.d.ts +3 -0
package/providers/gitlab.d.ts.map +1 -0
package/providers/gitlab.js +2 -0
package/providers/google.d.ts +3 -0
package/providers/google.d.ts.map +1 -0
package/providers/google.js +2 -0
package/providers/hubspot.d.ts +3 -0
package/providers/hubspot.d.ts.map +1 -0
package/providers/hubspot.js +2 -0
package/providers/huggingface.d.ts +3 -0
package/providers/huggingface.d.ts.map +1 -0
package/providers/huggingface.js +2 -0
package/providers/identity-server4.d.ts +3 -0
package/providers/identity-server4.d.ts.map +1 -0
package/providers/identity-server4.js +2 -0
package/providers/index.d.ts +2 -0
package/providers/index.d.ts.map +1 -0
package/providers/index.js +1 -0
package/providers/instagram.d.ts +3 -0
package/providers/instagram.d.ts.map +1 -0
package/providers/instagram.js +2 -0
package/providers/kakao.d.ts +3 -0
package/providers/kakao.d.ts.map +1 -0
package/providers/kakao.js +2 -0
package/providers/keycloak.d.ts +3 -0
package/providers/keycloak.d.ts.map +1 -0
package/providers/keycloak.js +2 -0
package/providers/kinde.d.ts +3 -0
package/providers/kinde.d.ts.map +1 -0
package/providers/kinde.js +2 -0
package/providers/line.d.ts +3 -0
package/providers/line.d.ts.map +1 -0
package/providers/line.js +2 -0
package/providers/linkedin.d.ts +3 -0
package/providers/linkedin.d.ts.map +1 -0
package/providers/linkedin.js +2 -0
package/providers/logto.d.ts +3 -0
package/providers/logto.d.ts.map +1 -0
package/providers/logto.js +2 -0
package/providers/loops.d.ts +3 -0
package/providers/loops.d.ts.map +1 -0
package/providers/loops.js +2 -0
package/providers/mailchimp.d.ts +3 -0
package/providers/mailchimp.d.ts.map +1 -0
package/providers/mailchimp.js +2 -0
package/providers/mailgun.d.ts +3 -0
package/providers/mailgun.d.ts.map +1 -0
package/providers/mailgun.js +2 -0
package/providers/mailru.d.ts +3 -0
package/providers/mailru.d.ts.map +1 -0
package/providers/mailru.js +2 -0
package/providers/mastodon.d.ts +3 -0
package/providers/mastodon.d.ts.map +1 -0
package/providers/mastodon.js +2 -0
package/providers/mattermost.d.ts +3 -0
package/providers/mattermost.d.ts.map +1 -0
package/providers/mattermost.js +2 -0
package/providers/medium.d.ts +3 -0
package/providers/medium.d.ts.map +1 -0
package/providers/medium.js +2 -0
package/providers/microsoft-entra-id.d.ts +3 -0
package/providers/microsoft-entra-id.d.ts.map +1 -0
package/providers/microsoft-entra-id.js +2 -0
package/providers/naver.d.ts +3 -0
package/providers/naver.d.ts.map +1 -0
package/providers/naver.js +2 -0
package/providers/netlify.d.ts +3 -0
package/providers/netlify.d.ts.map +1 -0
package/providers/netlify.js +2 -0
package/providers/netsuite.d.ts +3 -0
package/providers/netsuite.d.ts.map +1 -0
package/providers/netsuite.js +2 -0
package/providers/nextcloud.d.ts +3 -0
package/providers/nextcloud.d.ts.map +1 -0
package/providers/nextcloud.js +2 -0
package/providers/nodemailer.d.ts +3 -0
package/providers/nodemailer.d.ts.map +1 -0
package/providers/nodemailer.js +2 -0
package/providers/notion.d.ts +3 -0
package/providers/notion.d.ts.map +1 -0
package/providers/notion.js +2 -0
package/providers/okta.d.ts +3 -0
package/providers/okta.d.ts.map +1 -0
package/providers/okta.js +2 -0
package/providers/onelogin.d.ts +3 -0
package/providers/onelogin.d.ts.map +1 -0
package/providers/onelogin.js +2 -0
package/providers/ory-hydra.d.ts +3 -0
package/providers/ory-hydra.d.ts.map +1 -0
package/providers/ory-hydra.js +2 -0
package/providers/osso.d.ts +3 -0
package/providers/osso.d.ts.map +1 -0
package/providers/osso.js +2 -0
package/providers/osu.d.ts +3 -0
package/providers/osu.d.ts.map +1 -0
package/providers/osu.js +2 -0
package/providers/passage.d.ts +3 -0
package/providers/passage.d.ts.map +1 -0
package/providers/passage.js +2 -0
package/providers/passkey.d.ts +3 -0
package/providers/passkey.d.ts.map +1 -0
package/providers/passkey.js +2 -0
package/providers/patreon.d.ts +3 -0
package/providers/patreon.d.ts.map +1 -0
package/providers/patreon.js +2 -0
package/providers/ping-id.d.ts +3 -0
package/providers/ping-id.d.ts.map +1 -0
package/providers/ping-id.js +2 -0
package/providers/pinterest.d.ts +3 -0
package/providers/pinterest.d.ts.map +1 -0
package/providers/pinterest.js +2 -0
package/providers/pipedrive.d.ts +3 -0
package/providers/pipedrive.d.ts.map +1 -0
package/providers/pipedrive.js +2 -0
package/providers/postmark.d.ts +3 -0
package/providers/postmark.d.ts.map +1 -0
package/providers/postmark.js +2 -0
package/providers/reddit.d.ts +3 -0
package/providers/reddit.d.ts.map +1 -0
package/providers/reddit.js +2 -0
package/providers/resend.d.ts +3 -0
package/providers/resend.d.ts.map +1 -0
package/providers/resend.js +2 -0
package/providers/roblox.d.ts +3 -0
package/providers/roblox.d.ts.map +1 -0
package/providers/roblox.js +2 -0
package/providers/salesforce.d.ts +3 -0
package/providers/salesforce.d.ts.map +1 -0
package/providers/salesforce.js +2 -0
package/providers/sendgrid.d.ts +3 -0
package/providers/sendgrid.d.ts.map +1 -0
package/providers/sendgrid.js +2 -0
package/providers/simplelogin.d.ts +3 -0
package/providers/simplelogin.d.ts.map +1 -0
package/providers/simplelogin.js +2 -0
package/providers/slack.d.ts +3 -0
package/providers/slack.d.ts.map +1 -0
package/providers/slack.js +2 -0
package/providers/spotify.d.ts +3 -0
package/providers/spotify.d.ts.map +1 -0
package/providers/spotify.js +2 -0
package/providers/strava.d.ts +3 -0
package/providers/strava.d.ts.map +1 -0
package/providers/strava.js +2 -0
package/providers/threads.d.ts +3 -0
package/providers/threads.d.ts.map +1 -0
package/providers/threads.js +2 -0
package/providers/tiktok.d.ts +3 -0
package/providers/tiktok.d.ts.map +1 -0
package/providers/tiktok.js +2 -0
package/providers/todoist.d.ts +3 -0
package/providers/todoist.d.ts.map +1 -0
package/providers/todoist.js +2 -0
package/providers/trakt.d.ts +3 -0
package/providers/trakt.d.ts.map +1 -0
package/providers/trakt.js +2 -0
package/providers/twitch.d.ts +3 -0
package/providers/twitch.d.ts.map +1 -0
package/providers/twitch.js +2 -0
package/providers/twitter.d.ts +3 -0
package/providers/twitter.d.ts.map +1 -0
package/providers/twitter.js +2 -0
package/providers/united-effects.d.ts +3 -0
package/providers/united-effects.d.ts.map +1 -0
package/providers/united-effects.js +2 -0
package/providers/vipps.d.ts +3 -0
package/providers/vipps.d.ts.map +1 -0
package/providers/vipps.js +2 -0
package/providers/vk.d.ts +3 -0
package/providers/vk.d.ts.map +1 -0
package/providers/vk.js +2 -0
package/providers/webauthn.d.ts +3 -0
package/providers/webauthn.d.ts.map +1 -0
package/providers/webauthn.js +2 -0
package/providers/webex.d.ts +3 -0
package/providers/webex.d.ts.map +1 -0
package/providers/webex.js +2 -0
package/providers/wechat.d.ts +3 -0
package/providers/wechat.d.ts.map +1 -0
package/providers/wechat.js +2 -0
package/providers/wikimedia.d.ts +3 -0
package/providers/wikimedia.d.ts.map +1 -0
package/providers/wikimedia.js +2 -0
package/providers/wordpress.d.ts +3 -0
package/providers/wordpress.d.ts.map +1 -0
package/providers/wordpress.js +2 -0
package/providers/workos.d.ts +3 -0
package/providers/workos.d.ts.map +1 -0
package/providers/workos.js +2 -0
package/providers/yandex.d.ts +3 -0
package/providers/yandex.d.ts.map +1 -0
package/providers/yandex.js +2 -0
package/providers/zitadel.d.ts +3 -0
package/providers/zitadel.d.ts.map +1 -0
package/providers/zitadel.js +2 -0
package/providers/zoho.d.ts +3 -0
package/providers/zoho.d.ts.map +1 -0
package/providers/zoho.js +2 -0
package/providers/zoom.d.ts +3 -0
package/providers/zoom.d.ts.map +1 -0
package/providers/zoom.js +2 -0
package/react.d.ts +102 -0
package/react.d.ts.map +1 -0
package/react.js +361 -0
package/src/adapters.ts +1 -0
package/src/index.ts +430 -0
package/src/jwt.ts +9 -0
package/src/lib/actions.ts +144 -0
package/src/lib/client.ts +245 -0
package/src/lib/env.ts +36 -0
package/src/lib/index.ts +313 -0
package/src/lib/types.ts +30 -0
package/src/middleware.ts +16 -0
package/src/next.ts +16 -0
package/src/providers/42-school.ts +2 -0
package/src/providers/apple.ts +2 -0
package/src/providers/asgardeo.ts +2 -0
package/src/providers/atlassian.ts +2 -0
package/src/providers/auth0.ts +2 -0
package/src/providers/authentik.ts +2 -0
package/src/providers/azure-ad-b2c.ts +2 -0
package/src/providers/azure-ad.ts +2 -0
package/src/providers/azure-devops.ts +2 -0
package/src/providers/bankid-no.ts +2 -0
package/src/providers/battlenet.ts +2 -0
package/src/providers/beyondidentity.ts +2 -0
package/src/providers/bitbucket.ts +2 -0
package/src/providers/box.ts +2 -0
package/src/providers/boxyhq-saml.ts +2 -0
package/src/providers/bungie.ts +2 -0
package/src/providers/click-up.ts +2 -0
package/src/providers/cognito.ts +2 -0
package/src/providers/coinbase.ts +2 -0
package/src/providers/concept2.ts +2 -0
package/src/providers/credentials.ts +2 -0
package/src/providers/descope.ts +2 -0
package/src/providers/discord.ts +2 -0
package/src/providers/dribbble.ts +2 -0
package/src/providers/dropbox.ts +2 -0
package/src/providers/duende-identity-server6.ts +2 -0
package/src/providers/email.ts +2 -0
package/src/providers/eventbrite.ts +2 -0
package/src/providers/eveonline.ts +2 -0
package/src/providers/facebook.ts +2 -0
package/src/providers/faceit.ts +2 -0
package/src/providers/figma.ts +2 -0
package/src/providers/forwardemail.ts +2 -0
package/src/providers/foursquare.ts +2 -0
package/src/providers/freshbooks.ts +2 -0
package/src/providers/frontegg.ts +2 -0
package/src/providers/fusionauth.ts +2 -0
package/src/providers/github.ts +2 -0
package/src/providers/gitlab.ts +2 -0
package/src/providers/google.ts +2 -0
package/src/providers/hubspot.ts +2 -0
package/src/providers/huggingface.ts +2 -0
package/src/providers/identity-server4.ts +2 -0
package/src/providers/index.ts +1 -0
package/src/providers/instagram.ts +2 -0
package/src/providers/kakao.ts +2 -0
package/src/providers/keycloak.ts +2 -0
package/src/providers/kinde.ts +2 -0
package/src/providers/line.ts +2 -0
package/src/providers/linkedin.ts +2 -0
package/src/providers/logto.ts +2 -0
package/src/providers/loops.ts +2 -0
package/src/providers/mailchimp.ts +2 -0
package/src/providers/mailgun.ts +2 -0
package/src/providers/mailru.ts +2 -0
package/src/providers/mastodon.ts +2 -0
package/src/providers/mattermost.ts +2 -0
package/src/providers/medium.ts +2 -0
package/src/providers/microsoft-entra-id.ts +2 -0
package/src/providers/naver.ts +2 -0
package/src/providers/netlify.ts +2 -0
package/src/providers/netsuite.ts +2 -0
package/src/providers/nextcloud.ts +2 -0
package/src/providers/nodemailer.ts +2 -0
package/src/providers/notion.ts +2 -0
package/src/providers/okta.ts +2 -0
package/src/providers/onelogin.ts +2 -0
package/src/providers/ory-hydra.ts +2 -0
package/src/providers/osso.ts +2 -0
package/src/providers/osu.ts +2 -0
package/src/providers/passage.ts +2 -0
package/src/providers/passkey.ts +2 -0
package/src/providers/patreon.ts +2 -0
package/src/providers/ping-id.ts +2 -0
package/src/providers/pinterest.ts +2 -0
package/src/providers/pipedrive.ts +2 -0
package/src/providers/postmark.ts +2 -0
package/src/providers/reddit.ts +2 -0
package/src/providers/resend.ts +2 -0
package/src/providers/roblox.ts +2 -0
package/src/providers/salesforce.ts +2 -0
package/src/providers/sendgrid.ts +2 -0
package/src/providers/simplelogin.ts +2 -0
package/src/providers/slack.ts +2 -0
package/src/providers/spotify.ts +2 -0
package/src/providers/strava.ts +2 -0
package/src/providers/threads.ts +2 -0
package/src/providers/tiktok.ts +2 -0
package/src/providers/todoist.ts +2 -0
package/src/providers/trakt.ts +2 -0
package/src/providers/twitch.ts +2 -0
package/src/providers/twitter.ts +2 -0
package/src/providers/united-effects.ts +2 -0
package/src/providers/vipps.ts +2 -0
package/src/providers/vk.ts +2 -0
package/src/providers/webauthn.ts +2 -0
package/src/providers/webex.ts +2 -0
package/src/providers/wechat.ts +2 -0
package/src/providers/wikimedia.ts +2 -0
package/src/providers/wordpress.ts +2 -0
package/src/providers/workos.ts +2 -0
package/src/providers/yandex.ts +2 -0
package/src/providers/zitadel.ts +2 -0
package/src/providers/zoho.ts +2 -0
package/src/providers/zoom.ts +2 -0
package/src/react.tsx +546 -0
package/src/webauthn.ts +152 -0
package/webauthn.d.ts +9 -0
package/webauthn.d.ts.map +1 -0
package/webauthn.js +92 -0
package/LICENSE +0 -70
package/dist/actions-CExpv_dD.js +0 -1
package/dist/actions-DeCfLtHA.mjs +0 -184
package/dist/client/hooks.d.ts +0 -122
package/dist/client/index.d.ts +0 -5
package/dist/client/index.js +0 -1
package/dist/client/index.mjs +0 -478
package/dist/client/provider.d.ts +0 -69
package/dist/client/server-actions-helper.d.ts +0 -22
package/dist/components/AccountPicker.d.ts +0 -11
package/dist/components/OAuthButton.d.ts +0 -11
package/dist/components/PassKeyButton.d.ts +0 -11
package/dist/components/PassKeyRegister.d.ts +0 -10
package/dist/components/TwoFactorSetup.d.ts +0 -8
package/dist/components/TwoFactorVerify.d.ts +0 -9
package/dist/core/account-picker/encryption.d.ts +0 -22
package/dist/core/account-picker/index.d.ts +0 -22
package/dist/core/auth/index.d.ts +0 -40
package/dist/core/auth/oauth-providers.d.ts +0 -197
package/dist/core/auth/oauth-state-store-cookie.d.ts +0 -83
package/dist/core/auth/oauth-state-store-redis.d.ts +0 -25
package/dist/core/auth/oauth-state-store.d.ts +0 -45
package/dist/core/auth/oauth.d.ts +0 -20
package/dist/core/auth/passkey.d.ts +0 -35
package/dist/core/auth/password.d.ts +0 -22
package/dist/core/auth/signin-unified.d.ts +0 -33
package/dist/core/auth/two-factor.d.ts +0 -28
package/dist/core/client/index.d.ts +0 -132
package/dist/core/client/token-refresh-manager.d.ts +0 -48
package/dist/core/index.d.ts +0 -11
package/dist/core/mulguard/auth-handlers.d.ts +0 -100
package/dist/core/mulguard/defaults.d.ts +0 -58
package/dist/core/mulguard/index.d.ts +0 -9
package/dist/core/mulguard/oauth-handler.d.ts +0 -93
package/dist/core/mulguard/session-manager.d.ts +0 -94
package/dist/core/security/csrf.d.ts +0 -46
package/dist/core/security/headers.d.ts +0 -24
package/dist/core/security/index.d.ts +0 -132
package/dist/core/security/rate-limit.d.ts +0 -39
package/dist/core/security/validation.d.ts +0 -251
package/dist/core/security/xss.d.ts +0 -20
package/dist/core/session/index.d.ts +0 -35
package/dist/core/types/auth.d.ts +0 -290
package/dist/core/types/errors.d.ts +0 -200
package/dist/core/types/index.d.ts +0 -462
package/dist/core/utils/auth-helpers.d.ts +0 -136
package/dist/core/utils/logger.d.ts +0 -121
package/dist/handlers/api.d.ts +0 -10
package/dist/handlers/route.d.ts +0 -76
package/dist/index/index.js +0 -1
package/dist/index/index.mjs +0 -2229
package/dist/index.d.ts +0 -21
package/dist/middleware/index.d.ts +0 -28
package/dist/middleware/proxy.d.ts +0 -53
package/dist/middleware/security.d.ts +0 -9
package/dist/mulguard.d.ts +0 -373
package/dist/oauth-state-DKle8eCr.mjs +0 -289
package/dist/oauth-state-DlvrCV11.js +0 -1
package/dist/server/actions.d.ts +0 -86
package/dist/server/auth.d.ts +0 -65
package/dist/server/cookies.d.ts +0 -42
package/dist/server/helpers.d.ts +0 -10
package/dist/server/index.d.ts +0 -14
package/dist/server/index.js +0 -1
package/dist/server/index.mjs +0 -31
package/dist/server/middleware.d.ts +0 -39
package/dist/server/oauth-state.d.ts +0 -30
package/dist/server/session-helpers.d.ts +0 -26
package/dist/server/session.d.ts +0 -28
package/dist/server/utils.d.ts +0 -10

package/src/react.tsx ADDED Viewed

@@ -0,0 +1,546 @@
+/**
+ *
+ * MulGuard is the official integration of Auth.js for Next.js applications. It supports both
+ * [Client Components](https://nextjs.org/docs/app/building-your-application/rendering/client-components) and the
+ * [Pages Router](https://nextjs.org/docs/pages). It includes methods for signing in, signing out, hooks, and a React
+ * Context provider to wrap your application and make session data available anywhere.
+ *
+ * For use in [Server Actions](https://nextjs.org/docs/app/api-reference/functions/server-actions), check out [these methods](https://authjs.dev/guides/upgrade-to-v5#methods)
+ *
+ * @module react
+ */
+"use client"
+import * as React from "react"
+import {
+  apiBaseUrl,
+  ClientSessionError,
+  fetchData,
+  now,
+  parseUrl,
+  useOnline,
+} from "./lib/client.js"
+import type { ProviderId } from "@mulverse/mulguard-core/providers"
+import type { LoggerInstance, Session } from "@mulverse/mulguard-core/types"
+import type {
+  AuthClientConfig,
+  ClientSafeProvider,
+  SessionProviderProps,
+  SignInAuthorizationParams,
+  SignInOptions,
+  SignInResponse,
+  SignOutParams,
+  SignOutResponse,
+  UseSessionOptions,
+} from "./lib/client.js"
+// TODO: Remove/move to core?
+export type {
+  SignInOptions,
+  SignInAuthorizationParams,
+  SignOutParams,
+  SignInResponse,
+}
+export { SessionProviderProps }
+// This behaviour mirrors the default behaviour for getting the site name that
+// happens server side in server/index.js
+// 1. An empty value is legitimate when the code is being invoked client side as
+//    relative URLs are valid in that context and so defaults to empty.
+// 2. When invoked server side the value is picked up from an environment
+//    variable and defaults to 'http://localhost:3000'.
+export const __MULGUARD: AuthClientConfig = {
+  baseUrl: parseUrl(process.env.MULGUARD_URL ?? process.env.NEXTAUTH_URL ?? process.env.AUTH_URL ?? process.env.VERCEL_URL).origin,
+  basePath: parseUrl(process.env.MULGUARD_URL ?? process.env.NEXTAUTH_URL ?? process.env.AUTH_URL).path,
+  baseUrlServer: parseUrl(
+    process.env.MULGUARD_URL_INTERNAL ??
+      process.env.NEXTAUTH_URL_INTERNAL ??
+      process.env.AUTH_URL ??
+      process.env.NEXTAUTH_URL ??
+      process.env.VERCEL_URL
+  ).origin,
+  basePathServer: parseUrl(
+    process.env.MULGUARD_URL_INTERNAL ?? process.env.NEXTAUTH_URL_INTERNAL ?? process.env.AUTH_URL ?? process.env.NEXTAUTH_URL
+  ).path,
+  _lastSync: 0,
+  _session: undefined,
+  _getSession: () => {},
+}
+// Backward compatibility
+export const __NEXTAUTH = __MULGUARD
+// https://github.com/mulguard/mulguard/pull/10762
+let broadcastChannel: BroadcastChannel | null = null
+function getNewBroadcastChannel() {
+  if (typeof BroadcastChannel === "undefined") {
+    return {
+      postMessage: () => {},
+      addEventListener: () => {},
+      removeEventListener: () => {},
+      name: "mulguard",
+      onmessage: null,
+      onmessageerror: null,
+      close: () => {},
+      dispatchEvent: () => false,
+    } satisfies BroadcastChannel
+  }
+  return new BroadcastChannel("mulguard")
+}
+function broadcast() {
+  if (broadcastChannel === null) {
+    broadcastChannel = getNewBroadcastChannel()
+  }
+  return broadcastChannel
+}
+// TODO:
+const logger: LoggerInstance = {
+  debug: console.debug,
+  error: console.error,
+  warn: console.warn,
+}
+/** @todo Document */
+export type UpdateSession = (data?: any) => Promise<Session | null>
+/**
+ * useSession() returns an object containing three things: a method called {@link UpdateSession|update}, `data` and `status`.
+ */
+export type SessionContextValue<R extends boolean = false> = R extends true
+  ?
+      | { update: UpdateSession; data: Session; status: "authenticated" }
+      | { update: UpdateSession; data: null; status: "loading" }
+  :
+      | { update: UpdateSession; data: Session; status: "authenticated" }
+      | {
+          update: UpdateSession
+          data: null
+          status: "unauthenticated" | "loading"
+        }
+export const SessionContext = React.createContext?.<
+  SessionContextValue | undefined
+>(undefined)
+/**
+ * React Hook that gives you access to the logged in user's session data and lets you modify it.
+ *
+ * :::info
+ * `useSession` is for client-side use only and when using [Next.js App Router (`app/`)](https://nextjs.org/blog/next-13-4#nextjs-app-router) you should prefer the `auth()` export.
+ * :::
+ */
+export function useSession<R extends boolean>(
+  options?: UseSessionOptions<R>
+): SessionContextValue<R> {
+  if (!SessionContext) {
+    throw new Error("React Context is unavailable in Server Components")
+  }
+  // @ts-expect-error Satisfy TS if branch on line below
+  const value: SessionContextValue<R> = React.useContext(SessionContext)
+  if (!value && process.env.NODE_ENV !== "production") {
+    throw new Error(
+      "[next-auth]: `useSession` must be wrapped in a <SessionProvider />"
+    )
+  }
+  const { required, onUnauthenticated } = options ?? {}
+  const requiredAndNotLoading = required && value.status === "unauthenticated"
+  React.useEffect(() => {
+    if (requiredAndNotLoading) {
+      const url = `${__NEXTAUTH.basePath}/signin?${new URLSearchParams({
+        error: "SessionRequired",
+        callbackUrl: window.location.href,
+      })}`
+      if (onUnauthenticated) onUnauthenticated()
+      else window.location.href = url
+    }
+  }, [requiredAndNotLoading, onUnauthenticated])
+  if (requiredAndNotLoading) {
+    return {
+      data: value.data,
+      update: value.update,
+      status: "loading",
+    }
+  }
+  return value
+}
+export interface GetSessionParams {
+  event?: "storage" | "timer" | "hidden" | string
+  triggerEvent?: boolean
+  broadcast?: boolean
+}
+export async function getSession(params?: GetSessionParams) {
+  const session = await fetchData<Session>(
+    "session",
+    __NEXTAUTH,
+    logger,
+    params
+  )
+  if (params?.broadcast ?? true) {
+    // https://github.com/nextauthjs/next-auth/pull/11470
+    getNewBroadcastChannel().postMessage({
+      event: "session",
+      data: { trigger: "getSession" },
+    })
+  }
+  return session
+}
+/**
+ * Returns the current Cross-Site Request Forgery Token (CSRF Token)
+ * required to make requests that changes state. (e.g. signing in or out, or updating the session).
+ *
+ * [CSRF Prevention: Double Submit Cookie](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#double-submit-cookie)
+ */
+export async function getCsrfToken() {
+  const response = await fetchData<{ csrfToken: string }>(
+    "csrf",
+    __NEXTAUTH,
+    logger
+  )
+  return response?.csrfToken ?? ""
+}
+export async function getProviders() {
+  return fetchData<Record<ProviderId, ClientSafeProvider>>(
+    "providers",
+    __NEXTAUTH,
+    logger
+  )
+}
+/**
+ * Initiates a signin flow or sends the user to the signin page listing all possible providers.
+ * Handles CSRF protection.
+ *
+ * @note This method can only be used from Client Components ("use client" or Pages Router).
+ * For Server Actions, use the `signIn` method imported from the `auth` config.
+ */
+export async function signIn(
+  provider?: ProviderId,
+  options?: SignInOptions<true>,
+  authorizationParams?: SignInAuthorizationParams
+): Promise<void>
+export async function signIn(
+  provider?: ProviderId,
+  options?: SignInOptions<false>,
+  authorizationParams?: SignInAuthorizationParams
+): Promise<SignInResponse>
+export async function signIn<Redirect extends boolean = true>(
+  provider?: ProviderId,
+  options?: SignInOptions<Redirect>,
+  authorizationParams?: SignInAuthorizationParams
+): Promise<SignInResponse | void> {
+  const { callbackUrl, ...rest } = options ?? {}
+  const {
+    redirect = true,
+    redirectTo = callbackUrl ?? window.location.href,
+    ...signInParams
+  } = rest
+  const baseUrl = apiBaseUrl(__NEXTAUTH)
+  const providers = await getProviders()
+  if (!providers) {
+    const url = `${baseUrl}/error`
+    window.location.href = url
+    return // TODO: Return error if `redirect: false`
+  }
+  if (!provider || !providers[provider]) {
+    const url = `${baseUrl}/signin?${new URLSearchParams({
+      callbackUrl: redirectTo,
+    })}`
+    window.location.href = url
+    return // TODO: Return error if `redirect: false`
+  }
+  const providerType = providers[provider].type
+  if (providerType === "webauthn") {
+    // TODO: Add docs link with explanation
+    throw new TypeError(
+      [
+        `Provider id "${provider}" refers to a WebAuthn provider.`,
+        'Please use `import { signIn } from "next-auth/webauthn"` instead.',
+      ].join("\n")
+    )
+  }
+  const signInUrl = `${baseUrl}/${
+    providerType === "credentials" ? "callback" : "signin"
+  }/${provider}`
+  const csrfToken = await getCsrfToken()
+  const res = await fetch(
+    `${signInUrl}?${new URLSearchParams(authorizationParams)}`,
+    {
+      method: "post",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded",
+        "X-Auth-Return-Redirect": "1",
+      },
+      body: new URLSearchParams({
+        ...signInParams,
+        csrfToken,
+        callbackUrl: redirectTo,
+      }),
+    }
+  )
+  const data = await res.json()
+  if (redirect) {
+    const url = data.url ?? redirectTo
+    window.location.href = url
+    // If url contains a hash, the browser does not reload the page. We reload manually
+    if (url.includes("#")) window.location.reload()
+    return
+  }
+  const error = new URL(data.url).searchParams.get("error") ?? undefined
+  const code = new URL(data.url).searchParams.get("code") ?? undefined
+  if (res.ok) {
+    await __NEXTAUTH._getSession({ event: "storage" })
+  }
+  return {
+    error,
+    code,
+    status: res.status,
+    ok: res.ok,
+    url: error ? null : data.url,
+  }
+}
+/**
+ * Initiate a signout, by destroying the current session.
+ * Handles CSRF protection.
+ *
+ * @note This method can only be used from Client Components ("use client" or Pages Router).
+ * For Server Actions, use the `signOut` method imported from the `auth` config.
+ */
+export async function signOut(options?: SignOutParams<true>): Promise<void>
+export async function signOut(
+  options?: SignOutParams<false>
+): Promise<SignOutResponse>
+export async function signOut<R extends boolean = true>(
+  options?: SignOutParams<R>
+): Promise<SignOutResponse | void> {
+  const {
+    redirect = true,
+    redirectTo = options?.callbackUrl ?? window.location.href,
+  } = options ?? {}
+  const baseUrl = apiBaseUrl(__NEXTAUTH)
+  const csrfToken = await getCsrfToken()
+  const res = await fetch(`${baseUrl}/signout`, {
+    method: "post",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      "X-Auth-Return-Redirect": "1",
+    },
+    body: new URLSearchParams({ csrfToken, callbackUrl: redirectTo }),
+  })
+  const data = await res.json()
+  broadcast().postMessage({ event: "session", data: { trigger: "signout" } })
+  if (redirect) {
+    const url = data.url ?? redirectTo
+    window.location.href = url
+    // If url contains a hash, the browser does not reload the page. We reload manually
+    if (url.includes("#")) window.location.reload()
+    return
+  }
+  await __NEXTAUTH._getSession({ event: "storage" })
+  return data
+}
+/**
+ * [React Context](https://react.dev/learn/passing-data-deeply-with-context) provider to wrap the app (`pages/`) to make session data available anywhere.
+ *
+ * When used, the session state is automatically synchronized across all open tabs/windows and they are all updated whenever they gain or lose focus
+ * or the state changes (e.g. a user signs in or out) when {@link SessionProviderProps.refetchOnWindowFocus} is `true`.
+ *
+ * :::info
+ * `SessionProvider` is for client-side use only and when using [Next.js App Router (`app/`)](https://nextjs.org/blog/next-13-4#nextjs-app-router) you should prefer the `auth()` export.
+ * :::
+ */
+export function SessionProvider(props: SessionProviderProps) {
+  if (!SessionContext) {
+    throw new Error("React Context is unavailable in Server Components")
+  }
+  const { children, basePath, refetchInterval, refetchWhenOffline } = props
+  if (basePath) __NEXTAUTH.basePath = basePath
+  /**
+   * If session was `null`, there was an attempt to fetch it,
+   * but it failed, but we still treat it as a valid initial value.
+   */
+  const hasInitialSession = props.session !== undefined
+  /** If session was passed, initialize as already synced */
+  __NEXTAUTH._lastSync = hasInitialSession ? now() : 0
+  const [session, setSession] = React.useState(() => {
+    if (hasInitialSession) __NEXTAUTH._session = props.session
+    return props.session
+  })
+  /** If session was passed, initialize as not loading */
+  const [loading, setLoading] = React.useState(!hasInitialSession)
+  React.useEffect(() => {
+    __NEXTAUTH._getSession = async ({ event } = {}) => {
+      try {
+        const storageEvent = event === "storage"
+        // We should always update if we don't have a client session yet
+        // or if there are events from other tabs/windows
+        if (storageEvent || __NEXTAUTH._session === undefined) {
+          __NEXTAUTH._lastSync = now()
+          __NEXTAUTH._session = await getSession({
+            broadcast: !storageEvent,
+          })
+          setSession(__NEXTAUTH._session)
+          return
+        }
+        if (
+          // If there is no time defined for when a session should be considered
+          // stale, then it's okay to use the value we have until an event is
+          // triggered which updates it
+          !event ||
+          // If the client doesn't have a session then we don't need to call
+          // the server to check if it does (if they have signed in via another
+          // tab or window that will come through as a "stroage" event
+          // event anyway)
+          __NEXTAUTH._session === null ||
+          // Bail out early if the client session is not stale yet
+          now() < __NEXTAUTH._lastSync
+        ) {
+          return
+        }
+        // An event or session staleness occurred, update the client session.
+        __NEXTAUTH._lastSync = now()
+        __NEXTAUTH._session = await getSession()
+        setSession(__NEXTAUTH._session)
+      } catch (error) {
+        logger.error(
+          new ClientSessionError((error as Error).message, error as any)
+        )
+      } finally {
+        setLoading(false)
+      }
+    }
+    __NEXTAUTH._getSession()
+    return () => {
+      __NEXTAUTH._lastSync = 0
+      __NEXTAUTH._session = undefined
+      __NEXTAUTH._getSession = () => {}
+    }
+  }, [])
+  React.useEffect(() => {
+    const handle = () => __NEXTAUTH._getSession({ event: "storage" })
+    // Listen for storage events and update session if event fired from
+    // another window (but suppress firing another event to avoid a loop)
+    // Fetch new session data but tell it to not to fire another event to
+    // avoid an infinite loop.
+    // Note: We could pass session data through and do something like
+    // `setData(message.data)` but that can cause problems depending
+    // on how the session object is being used in the client; it is
+    // more robust to have each window/tab fetch it's own copy of the
+    // session object rather than share it across instances.
+    broadcast().addEventListener("message", handle)
+    return () => broadcast().removeEventListener("message", handle)
+  }, [])
+  React.useEffect(() => {
+    const { refetchOnWindowFocus = true } = props
+    // Listen for when the page is visible, if the user switches tabs
+    // and makes our tab visible again, re-fetch the session, but only if
+    // this feature is not disabled.
+    const visibilityHandler = () => {
+      if (refetchOnWindowFocus && document.visibilityState === "visible")
+        __NEXTAUTH._getSession({ event: "visibilitychange" })
+    }
+    document.addEventListener("visibilitychange", visibilityHandler, false)
+    return () =>
+      document.removeEventListener("visibilitychange", visibilityHandler, false)
+  }, [props.refetchOnWindowFocus])
+  const isOnline = useOnline()
+  // TODO: Flip this behavior in next major version
+  const shouldRefetch = refetchWhenOffline !== false || isOnline
+  React.useEffect(() => {
+    if (refetchInterval && shouldRefetch) {
+      const refetchIntervalTimer = setInterval(() => {
+        if (__NEXTAUTH._session) {
+          __NEXTAUTH._getSession({ event: "poll" })
+        }
+      }, refetchInterval * 1000)
+      return () => clearInterval(refetchIntervalTimer)
+    }
+  }, [refetchInterval, shouldRefetch])
+  const value: any = React.useMemo(
+    () => ({
+      data: session,
+      status: loading
+        ? "loading"
+        : session
+          ? "authenticated"
+          : "unauthenticated",
+      async update(data: any) {
+        if (loading) return
+        setLoading(true)
+        const newSession = await fetchData<Session>(
+          "session",
+          __NEXTAUTH,
+          logger,
+          typeof data === "undefined"
+            ? undefined
+            : { body: { csrfToken: await getCsrfToken(), data } }
+        )
+        setLoading(false)
+        if (newSession) {
+          setSession(newSession)
+          broadcast().postMessage({
+            event: "session",
+            data: { trigger: "getSession" },
+          })
+        }
+        return newSession
+      },
+    }),
+    [session, loading]
+  )
+  return (
+    // @ts-expect-error
+    <SessionContext.Provider value={value}>{children}</SessionContext.Provider>
+  )
+}

package/src/webauthn.ts ADDED Viewed

@@ -0,0 +1,152 @@
+import { apiBaseUrl } from "./lib/client.js"
+import { startAuthentication, startRegistration } from "@simplewebauthn/browser"
+import { getCsrfToken, getProviders, __NEXTAUTH } from "./react.js"
+import type { LoggerInstance } from "@mulverse/mulguard-core/types"
+import type { WebAuthnOptionsResponseBody } from "@mulverse/mulguard-core/types"
+import type { ProviderId } from "@mulverse/mulguard-core/providers"
+import type {
+  AuthClientConfig,
+  SignInAuthorizationParams,
+  SignInOptions,
+  SignInResponse,
+} from "./lib/client.js"
+const logger: LoggerInstance = {
+  debug: console.debug,
+  error: console.error,
+  warn: console.warn,
+}
+/**
+ * Fetch webauthn options from server and prompt user for authentication or registration.
+ * Returns either the completed WebAuthn response or an error request.
+ */
+async function webAuthnOptions(
+  providerID: ProviderId,
+  nextAuthConfig: AuthClientConfig,
+  options?: Omit<SignInOptions, "redirect">
+) {
+  const baseUrl = apiBaseUrl(nextAuthConfig)
+  // @ts-expect-error
+  const params = new URLSearchParams(options)
+  const optionsResp = await fetch(
+    `${baseUrl}/webauthn-options/${providerID}?${params}`
+  )
+  if (!optionsResp.ok) {
+    return { error: optionsResp }
+  }
+  const optionsData: WebAuthnOptionsResponseBody = await optionsResp.json()
+  if (optionsData.action === "authenticate") {
+    const webAuthnResponse = await startAuthentication(optionsData.options)
+    return { data: webAuthnResponse, action: "authenticate" }
+  } else {
+    const webAuthnResponse = await startRegistration(optionsData.options)
+    return { data: webAuthnResponse, action: "register" }
+  }
+}
+/**
+ * Initiate a WebAuthn signin flow.
+ * @see https://authjs.dev/getting-started/authentication/webauthn
+ */
+export async function signIn(
+  provider?: ProviderId,
+  options?: SignInOptions<true>,
+  authorizationParams?: SignInAuthorizationParams
+): Promise<void>
+export async function signIn(
+  provider?: ProviderId,
+  options?: SignInOptions<false>,
+  authorizationParams?: SignInAuthorizationParams
+): Promise<SignInResponse>
+export async function signIn<Redirect extends boolean = true>(
+  provider?: ProviderId,
+  options?: SignInOptions<Redirect>,
+  authorizationParams?: SignInAuthorizationParams
+): Promise<SignInResponse | void> {
+  const { callbackUrl, ...rest } = options ?? {}
+  const {
+    redirectTo = callbackUrl ?? window.location.href,
+    redirect = true,
+    ...signInParams
+  } = rest
+  const baseUrl = apiBaseUrl(__NEXTAUTH)
+  const providers = await getProviders()
+  if (!providers) {
+    window.location.href = `${baseUrl}/error`
+    return // TODO: Return error if `redirect: false`
+  }
+  if (
+    !provider ||
+    !providers[provider] ||
+    providers[provider].type !== "webauthn"
+  ) {
+    // TODO: Add docs link with explanation
+    throw new TypeError(
+      [
+        `Provider id "${provider}" does not refer to a WebAuthn provider.`,
+        'Please use `import { signIn } from "next-auth/react"` instead.',
+      ].join("\n")
+    )
+  }
+  const webAuthnBody: Record<string, unknown> = {}
+  const webAuthnResponse = await webAuthnOptions(
+    provider,
+    __NEXTAUTH,
+    signInParams
+  )
+  if (webAuthnResponse.error) {
+    logger.error(new Error(await webAuthnResponse.error.text()))
+    return
+  }
+  webAuthnBody.data = JSON.stringify(webAuthnResponse.data)
+  webAuthnBody.action = webAuthnResponse.action
+  const signInUrl = `${baseUrl}/callback/${provider}?${new URLSearchParams(authorizationParams)}`
+  const res = await fetch(signInUrl, {
+    method: "post",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      "X-Auth-Return-Redirect": "1",
+    },
+    body: new URLSearchParams({
+      ...signInParams,
+      ...webAuthnBody,
+      csrfToken: await getCsrfToken(),
+      callbackUrl: redirectTo,
+    }),
+  })
+  const data = await res.json()
+  if (redirect) {
+    const url = data.url ?? callbackUrl
+    window.location.href = url
+    // If url contains a hash, the browser does not reload the page. We reload manually
+    if (url.includes("#")) window.location.reload()
+    return
+  }
+  const error = new URL(data.url).searchParams.get("error")
+  const code = new URL(data.url).searchParams.get("code")
+  if (res.ok) {
+    await __NEXTAUTH._getSession({ event: "storage" })
+  }
+  return {
+    error,
+    code,
+    status: res.status,
+    ok: res.ok,
+    url: error ? null : data.url,
+  } as any
+}

package/webauthn.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { ProviderId } from "@mulverse/mulguard-core/providers";
+import type { SignInAuthorizationParams, SignInOptions, SignInResponse } from "./lib/client.js";
+/**
+ * Initiate a WebAuthn signin flow.
+ * @see https://authjs.dev/getting-started/authentication/webauthn
+ */
+export declare function signIn(provider?: ProviderId, options?: SignInOptions<true>, authorizationParams?: SignInAuthorizationParams): Promise<void>;
+export declare function signIn(provider?: ProviderId, options?: SignInOptions<false>, authorizationParams?: SignInAuthorizationParams): Promise<SignInResponse>;
+//# sourceMappingURL=webauthn.d.ts.map

package/webauthn.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"webauthn.d.ts","sourceRoot":"","sources":["src/webauthn.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAA;AACnE,OAAO,KAAK,EAEV,yBAAyB,EACzB,aAAa,EACb,cAAc,EACf,MAAM,iBAAiB,CAAA;AAuCxB;;;GAGG;AACH,wBAAsB,MAAM,CAC1B,QAAQ,CAAC,EAAE,UAAU,EACrB,OAAO,CAAC,EAAE,aAAa,CAAC,IAAI,CAAC,EAC7B,mBAAmB,CAAC,EAAE,yBAAyB,GAC9C,OAAO,CAAC,IAAI,CAAC,CAAA;AAChB,wBAAsB,MAAM,CAC1B,QAAQ,CAAC,EAAE,UAAU,EACrB,OAAO,CAAC,EAAE,aAAa,CAAC,KAAK,CAAC,EAC9B,mBAAmB,CAAC,EAAE,yBAAyB,GAC9C,OAAO,CAAC,cAAc,CAAC,CAAA"}