oidc-auth-client 0.0.0

package/dist/src/protocol/ResponseValidator.d.ts

@@ -0,0 +1,39 @@
+import { MetadataService } from '../services/Http.js';
+import { UserInfoService, TokenClient } from './TokenService.js';
+import type { JoseUtilType } from '../crypto/Crypto.js';
+import type { SigninResponse } from './Responses.js';
+import type { SignoutResponse } from './Responses.js';
+import type { SigninState, State } from '../auth/Session.js';
+export interface ValidatorSettings {
+    authority?: string;
+    client_id?: string;
+    clockSkew?: number;
+    loadUserInfo?: boolean;
+    mergeClaims?: boolean;
+    filterProtocolClaims?: boolean;
+    getEpochTime(): Promise<number>;
+}
+export declare class ResponseValidator {
+    private _settings;
+    private _metadataService;
+    private _userInfoService;
+    private _joseUtil;
+    private _tokenClient;
+    constructor(settings: ValidatorSettings, MetadataServiceCtor?: typeof MetadataService, UserInfoServiceCtor?: typeof UserInfoService, joseUtil?: JoseUtilType, TokenClientCtor?: typeof TokenClient);
+    validateSigninResponse(state: SigninState, response: SigninResponse): Promise<SigninResponse>;
+    validateSignoutResponse(state: State, response: SignoutResponse): Promise<SignoutResponse>;
+    private _processSigninParams;
+    private _processClaims;
+    private _mergeClaims;
+    private _filterProtocolClaims;
+    private _validateTokens;
+    private _processCode;
+    private _validateIdTokenAttributes;
+    private _validateIdTokenAndAccessToken;
+    private _getSigningKeyForJwt;
+    private _getSigningKeyForJwtWithSingleRetry;
+    private _validateIdToken;
+    private _filterByAlg;
+    private _validateAccessToken;
+}
+//# sourceMappingURL=ResponseValidator.d.ts.map

package/dist/src/protocol/ResponseValidator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ResponseValidator.d.ts","sourceRoot":"","sources":["../../../src/protocol/ResponseValidator.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAGjE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAExD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AACrD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAEtD,OAAO,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAI7D,MAAM,WAAW,iBAAiB;IAChC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,YAAY,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CACjC;AAED,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,SAAS,CAAoB;IACrC,OAAO,CAAC,gBAAgB,CAAkB;IAC1C,OAAO,CAAC,gBAAgB,CAAkB;IAC1C,OAAO,CAAC,SAAS,CAAe;IAChC,OAAO,CAAC,YAAY,CAAc;gBAGhC,QAAQ,EAAE,iBAAiB,EAC3B,mBAAmB,GAAE,OAAO,eAAiC,EAC7D,mBAAmB,GAAE,OAAO,eAAiC,EAC7D,QAAQ,GAAE,YAAuB,EACjC,eAAe,GAAE,OAAO,WAAyB;IAUnD,sBAAsB,CAAC,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC;IAc7F,uBAAuB,CAAC,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC;IAoB1F,OAAO,CAAC,oBAAoB;IA+D5B,OAAO,CAAC,cAAc;IAyBtB,OAAO,CAAC,YAAY;IA8BpB,OAAO,CAAC,qBAAqB;IAa7B,OAAO,CAAC,eAAe;IAiBvB,OAAO,CAAC,YAAY;IAwBpB,OAAO,CAAC,0BAA0B;IAuBlC,OAAO,CAAC,8BAA8B;IAItC,OAAO,CAAC,oBAAoB;IAqB5B,OAAO,CAAC,mCAAmC;IAU3C,OAAO,CAAC,gBAAgB;IAqCxB,OAAO,CAAC,YAAY;YAYN,oBAAoB;CA+CnC"}

package/dist/src/protocol/ResponseValidator.js

@@ -0,0 +1,366 @@
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+import { Log } from '../utils/Log.js';
+import { MetadataService } from '../services/Http.js';
+import { UserInfoService, TokenClient } from './TokenService.js';
+import { ErrorResponse } from './Responses.js';
+import { JoseUtil } from '../crypto/Crypto.js';
+const ProtocolClaims = ['nonce', 'at_hash', 'iat', 'nbf', 'exp', 'aud', 'iss', 'c_hash'];
+export class ResponseValidator {
+    constructor(settings, MetadataServiceCtor = MetadataService, UserInfoServiceCtor = UserInfoService, joseUtil = JoseUtil, TokenClientCtor = TokenClient) {
+        if (!settings) {
+            Log.error('ResponseValidator.ctor: No settings passed to ResponseValidator');
+            throw new Error('settings');
+        }
+        this._settings = settings;
+        this._metadataService = new MetadataServiceCtor(this._settings);
+        this._userInfoService = new UserInfoServiceCtor(this._settings);
+        this._joseUtil = joseUtil;
+        this._tokenClient = new TokenClientCtor(this._settings);
+    }
+    validateSigninResponse(state, response) {
+        Log.debug('ResponseValidator.validateSigninResponse');
+        return this._processSigninParams(state, response).then(response => {
+            Log.debug('ResponseValidator.validateSigninResponse: state processed');
+            return this._validateTokens(state, response).then(response => {
+                Log.debug('ResponseValidator.validateSigninResponse: tokens validated');
+                return this._processClaims(state, response).then(response => {
+                    Log.debug('ResponseValidator.validateSigninResponse: claims processed');
+                    return response;
+                });
+            });
+        });
+    }
+    validateSignoutResponse(state, response) {
+        if (state.id !== response.state) {
+            Log.error('ResponseValidator.validateSignoutResponse: State does not match');
+            return Promise.reject(new Error('State does not match'));
+        }
+        Log.debug('ResponseValidator.validateSignoutResponse: state validated');
+        response.state = state.data;
+        if (response.error) {
+            Log.warn('ResponseValidator.validateSignoutResponse: Response was error', response.error);
+            return Promise.reject(new ErrorResponse({
+                error: response.error,
+                error_description: response.error_description,
+                error_uri: response.error_uri,
+                state: typeof response.state === 'string' ? response.state : undefined,
+            }));
+        }
+        return Promise.resolve(response);
+    }
+    _processSigninParams(state, response) {
+        if (state.id !== response.state) {
+            Log.error('ResponseValidator._processSigninParams: State does not match');
+            return Promise.reject(new Error('State does not match'));
+        }
+        if (!state.client_id) {
+            Log.error('ResponseValidator._processSigninParams: No client_id on state');
+            return Promise.reject(new Error('No client_id on state'));
+        }
+        if (!state.authority) {
+            Log.error('ResponseValidator._processSigninParams: No authority on state');
+            return Promise.reject(new Error('No authority on state'));
+        }
+        if (!this._settings.authority) {
+            this._settings.authority = state.authority;
+        }
+        else if (this._settings.authority !== state.authority) {
+            Log.error('ResponseValidator._processSigninParams: authority mismatch on settings vs. signin state');
+            return Promise.reject(new Error('authority mismatch on settings vs. signin state'));
+        }
+        if (!this._settings.client_id) {
+            this._settings.client_id = state.client_id;
+        }
+        else if (this._settings.client_id !== state.client_id) {
+            Log.error('ResponseValidator._processSigninParams: client_id mismatch on settings vs. signin state');
+            return Promise.reject(new Error('client_id mismatch on settings vs. signin state'));
+        }
+        Log.debug('ResponseValidator._processSigninParams: state validated');
+        response.state = state.data;
+        if (response.error) {
+            Log.warn('ResponseValidator._processSigninParams: Response was error', response.error);
+            return Promise.reject(new ErrorResponse({
+                error: response.error,
+                error_description: response.error_description,
+                error_uri: response.error_uri,
+                state: typeof response.state === 'string' ? response.state : undefined,
+            }));
+        }
+        if (state.nonce && !response.id_token) {
+            Log.error('ResponseValidator._processSigninParams: Expecting id_token in response');
+            return Promise.reject(new Error('No id_token in response'));
+        }
+        if (!state.nonce && response.id_token) {
+            Log.error('ResponseValidator._processSigninParams: Not expecting id_token in response');
+            return Promise.reject(new Error('Unexpected id_token in response'));
+        }
+        if (state.code_verifier && !response.code) {
+            Log.error('ResponseValidator._processSigninParams: Expecting code in response');
+            return Promise.reject(new Error('No code in response'));
+        }
+        if (!state.code_verifier && response.code) {
+            Log.error('ResponseValidator._processSigninParams: Not expecting code in response');
+            return Promise.reject(new Error('Unexpected code in response'));
+        }
+        if (!response.scope) {
+            response.scope = state.scope;
+        }
+        return Promise.resolve(response);
+    }
+    _processClaims(state, response) {
+        if (response.isOpenIdConnect) {
+            Log.debug('ResponseValidator._processClaims: response is OIDC, processing claims');
+            response.profile = this._filterProtocolClaims(response.profile);
+            if (state.skipUserInfo !== true && this._settings.loadUserInfo && response.access_token) {
+                Log.debug('ResponseValidator._processClaims: loading user info');
+                return this._userInfoService.getClaims(response.access_token).then(claims => {
+                    Log.debug('ResponseValidator._processClaims: user info claims received from user info endpoint');
+                    if (claims.sub !== response.profile.sub) {
+                        Log.error('ResponseValidator._processClaims: sub from user info endpoint does not match sub in id_token');
+                        return Promise.reject(new Error('sub from user info endpoint does not match sub in id_token'));
+                    }
+                    response.profile = this._mergeClaims(response.profile, claims);
+                    Log.debug('ResponseValidator._processClaims: user info claims received, updated profile:', response.profile);
+                    return response;
+                });
+            }
+            Log.debug('ResponseValidator._processClaims: not loading user info');
+        }
+        else {
+            Log.debug('ResponseValidator._processClaims: response is not OIDC, not processing claims');
+        }
+        return Promise.resolve(response);
+    }
+    _mergeClaims(claims1, claims2) {
+        const result = Object.assign({}, claims1);
+        for (const name in claims2) {
+            let values = claims2[name];
+            if (!Array.isArray(values))
+                values = [values];
+            for (const value of values) {
+                if (!result[name]) {
+                    result[name] = value;
+                }
+                else if (Array.isArray(result[name])) {
+                    if (!result[name].includes(value)) {
+                        result[name].push(value);
+                    }
+                }
+                else if (result[name] !== value) {
+                    if (typeof value === 'object' && value !== null && this._settings.mergeClaims) {
+                        result[name] = this._mergeClaims(result[name], value);
+                    }
+                    else {
+                        result[name] = [result[name], value];
+                    }
+                }
+            }
+        }
+        return result;
+    }
+    _filterProtocolClaims(claims) {
+        Log.debug('ResponseValidator._filterProtocolClaims, incoming claims:', claims);
+        if (!claims)
+            return claims;
+        const result = Object.assign({}, claims);
+        if (this._settings.filterProtocolClaims) {
+            ProtocolClaims.forEach(type => delete result[type]);
+            Log.debug('ResponseValidator._filterProtocolClaims: protocol claims filtered', result);
+        }
+        else {
+            Log.debug('ResponseValidator._filterProtocolClaims: protocol claims not filtered');
+        }
+        return result;
+    }
+    _validateTokens(state, response) {
+        if (response.code) {
+            Log.debug('ResponseValidator._validateTokens: Validating code');
+            return this._processCode(state, response);
+        }
+        if (response.id_token) {
+            if (response.access_token) {
+                Log.debug('ResponseValidator._validateTokens: Validating id_token and access_token');
+                return this._validateIdTokenAndAccessToken(state, response);
+            }
+            Log.debug('ResponseValidator._validateTokens: Validating id_token');
+            return this._validateIdToken(state, response);
+        }
+        Log.debug('ResponseValidator._validateTokens: No code to process or id_token to validate');
+        return Promise.resolve(response);
+    }
+    _processCode(state, response) {
+        const request = {
+            client_id: state.client_id,
+            client_secret: state.client_secret,
+            code: response.code,
+            redirect_uri: state.redirect_uri,
+            code_verifier: state.code_verifier,
+        };
+        if (state.extraTokenParams && typeof state.extraTokenParams === 'object') {
+            Object.assign(request, state.extraTokenParams);
+        }
+        return this._tokenClient.exchangeCode(request).then(tokenResponse => {
+            for (const key in tokenResponse) {
+                response[key] = tokenResponse[key];
+            }
+            if (response.id_token) {
+                Log.debug('ResponseValidator._processCode: token response successful, processing id_token');
+                return this._validateIdTokenAttributes(state, response);
+            }
+            Log.debug('ResponseValidator._processCode: token response successful, returning response');
+            return response;
+        });
+    }
+    _validateIdTokenAttributes(state, response) {
+        return this._metadataService.getIssuer().then(issuer => {
+            const audience = state.client_id; // guarded by _processSigninParams
+            const clockSkewInSeconds = this._settings.clockSkew;
+            Log.debug('ResponseValidator._validateIdTokenAttributes: Validating JWT attributes; using clock skew (in seconds) of: ', clockSkewInSeconds);
+            return this._settings.getEpochTime().then(now => {
+                return this._joseUtil.validateJwtAttributes(response.id_token, issuer, audience, clockSkewInSeconds, now)
+                    .then(payload => {
+                    if (state.nonce && state.nonce !== payload.nonce) {
+                        Log.error('ResponseValidator._validateIdTokenAttributes: Invalid nonce in id_token');
+                        return Promise.reject(new Error('Invalid nonce in id_token'));
+                    }
+                    if (!payload.sub) {
+                        Log.error('ResponseValidator._validateIdTokenAttributes: No sub present in id_token');
+                        return Promise.reject(new Error('No sub present in id_token'));
+                    }
+                    response.profile = payload;
+                    return response;
+                });
+            });
+        });
+    }
+    _validateIdTokenAndAccessToken(state, response) {
+        return this._validateIdToken(state, response).then(response => this._validateAccessToken(response));
+    }
+    _getSigningKeyForJwt(jwt) {
+        return this._metadataService.getSigningKeys().then(keys => {
+            const signingKeys = keys;
+            const kid = jwt.header.kid;
+            if (!signingKeys) {
+                Log.error('ResponseValidator._validateIdToken: No signing keys from metadata');
+                return Promise.reject(new Error('No signing keys from metadata'));
+            }
+            Log.debug('ResponseValidator._validateIdToken: Received signing keys');
+            if (!kid) {
+                const filtered = this._filterByAlg(signingKeys, jwt.header.alg);
+                if (filtered.length > 1) {
+                    Log.error('ResponseValidator._validateIdToken: No kid found in id_token and more than one key found in metadata');
+                    return Promise.reject(new Error('No kid found in id_token and more than one key found in metadata'));
+                }
+                return Promise.resolve(filtered[0]);
+            }
+            return Promise.resolve(signingKeys.find(k => k.kid === kid));
+        });
+    }
+    _getSigningKeyForJwtWithSingleRetry(jwt) {
+        return this._getSigningKeyForJwt(jwt).then(key => {
+            if (!key) {
+                this._metadataService.resetSigningKeys();
+                return this._getSigningKeyForJwt(jwt);
+            }
+            return Promise.resolve(key);
+        });
+    }
+    _validateIdToken(state, response) {
+        if (!state.nonce) {
+            Log.error('ResponseValidator._validateIdToken: No nonce on state');
+            return Promise.reject(new Error('No nonce on state'));
+        }
+        const jwt = this._joseUtil.parseJwt(response.id_token);
+        if (!jwt?.header || !jwt?.payload) {
+            Log.error('ResponseValidator._validateIdToken: Failed to parse id_token', jwt);
+            return Promise.reject(new Error('Failed to parse id_token'));
+        }
+        if (state.nonce !== jwt.payload.nonce) {
+            Log.error('ResponseValidator._validateIdToken: Invalid nonce in id_token');
+            return Promise.reject(new Error('Invalid nonce in id_token'));
+        }
+        return this._metadataService.getIssuer().then(issuer => {
+            Log.debug('ResponseValidator._validateIdToken: Received issuer');
+            return this._getSigningKeyForJwtWithSingleRetry(jwt).then(key => {
+                if (!key) {
+                    Log.error('ResponseValidator._validateIdToken: No key matching kid or alg found in signing keys');
+                    return Promise.reject(new Error('No key matching kid or alg found in signing keys'));
+                }
+                const audience = state.client_id; // guarded by _processSigninParams
+                const clockSkewInSeconds = this._settings.clockSkew;
+                Log.debug('ResponseValidator._validateIdToken: Validating JWT; using clock skew (in seconds) of: ', clockSkewInSeconds);
+                return this._joseUtil.validateJwt(response.id_token, key, issuer, audience, clockSkewInSeconds).then(() => {
+                    Log.debug('ResponseValidator._validateIdToken: JWT validation successful');
+                    if (!jwt.payload.sub) {
+                        Log.error('ResponseValidator._validateIdToken: No sub present in id_token');
+                        return Promise.reject(new Error('No sub present in id_token'));
+                    }
+                    response.profile = jwt.payload;
+                    return response;
+                });
+            });
+        });
+    }
+    _filterByAlg(keys, alg) {
+        let kty = null;
+        if (alg.startsWith('RS'))
+            kty = 'RSA';
+        else if (alg.startsWith('PS'))
+            kty = 'PS';
+        else if (alg.startsWith('ES'))
+            kty = 'EC';
+        else {
+            Log.debug('ResponseValidator._filterByAlg: alg not supported: ', alg);
+            return [];
+        }
+        Log.debug('ResponseValidator._filterByAlg: Looking for keys that match kty: ', kty);
+        keys = keys.filter(k => k.kty === kty);
+        Log.debug('ResponseValidator._filterByAlg: Number of keys that match kty: ', kty, keys.length);
+        return keys;
+    }
+    async _validateAccessToken(response) {
+        if (!response.profile) {
+            Log.error('ResponseValidator._validateAccessToken: No profile loaded from id_token');
+            return Promise.reject(new Error('No profile loaded from id_token'));
+        }
+        if (!response.profile.at_hash) {
+            Log.error('ResponseValidator._validateAccessToken: No at_hash in id_token');
+            return Promise.reject(new Error('No at_hash in id_token'));
+        }
+        if (!response.id_token) {
+            Log.error('ResponseValidator._validateAccessToken: No id_token');
+            return Promise.reject(new Error('No id_token'));
+        }
+        const jwt = this._joseUtil.parseJwt(response.id_token);
+        if (!jwt?.header) {
+            Log.error('ResponseValidator._validateAccessToken: Failed to parse id_token', jwt);
+            return Promise.reject(new Error('Failed to parse id_token'));
+        }
+        const hashAlg = jwt.header.alg;
+        if (!hashAlg || hashAlg.length !== 5) {
+            Log.error('ResponseValidator._validateAccessToken: Unsupported alg:', hashAlg);
+            return Promise.reject(new Error('Unsupported alg: ' + hashAlg));
+        }
+        const hashBitsStr = hashAlg.substring(2, 5);
+        const hashBits = parseInt(hashBitsStr);
+        if (hashBits !== 256 && hashBits !== 384 && hashBits !== 512) {
+            Log.error('ResponseValidator._validateAccessToken: Unsupported alg:', hashAlg, hashBits);
+            return Promise.reject(new Error('Unsupported alg: ' + hashAlg));
+        }
+        const sha = 'sha' + hashBits;
+        const hash = await this._joseUtil.hashString(response.access_token, sha);
+        if (!hash) {
+            Log.error('ResponseValidator._validateAccessToken: access_token hash failed:', sha);
+            return Promise.reject(new Error('Failed to validate at_hash'));
+        }
+        const left = hash.substring(0, hash.length / 2);
+        const left_b64u = this._joseUtil.hexToBase64Url(left);
+        if (left_b64u !== response.profile.at_hash) {
+            Log.error('ResponseValidator._validateAccessToken: Failed to validate at_hash', left_b64u, response.profile.at_hash);
+            return Promise.reject(new Error('Failed to validate at_hash'));
+        }
+        Log.debug('ResponseValidator._validateAccessToken: success');
+        return Promise.resolve(response);
+    }
+}
+//# sourceMappingURL=ResponseValidator.js.map

package/dist/src/protocol/ResponseValidator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ResponseValidator.js","sourceRoot":"","sources":["../../../src/protocol/ResponseValidator.ts"],"names":[],"mappings":"AAAA,2GAA2G;AAE3G,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAC;AACtC,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACjE,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAQ/C,MAAM,cAAc,GAAG,CAAC,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;AAYzF,MAAM,OAAO,iBAAiB;IAO5B,YACE,QAA2B,EAC3B,sBAA8C,eAAe,EAC7D,sBAA8C,eAAe,EAC7D,WAAyB,QAAQ,EACjC,kBAAsC,WAAW;QAEjD,IAAI,CAAC,QAAQ,EAAE,CAAC;YAAC,GAAG,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;YAAC,MAAM,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC;QAAC,CAAC;QAC7H,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,gBAAgB,GAAG,IAAI,mBAAmB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAChE,IAAI,CAAC,gBAAgB,GAAG,IAAI,mBAAmB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAChE,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC1B,IAAI,CAAC,YAAY,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC1D,CAAC;IAED,sBAAsB,CAAC,KAAkB,EAAE,QAAwB;QACjE,GAAG,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;QACtD,OAAO,IAAI,CAAC,oBAAoB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;YAChE,GAAG,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;YACvE,OAAO,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;gBAC3D,GAAG,CAAC,KAAK,CAAC,4DAA4D,CAAC,CAAC;gBACxE,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;oBAC1D,GAAG,CAAC,KAAK,CAAC,4DAA4D,CAAC,CAAC;oBACxE,OAAO,QAAQ,CAAC;gBAClB,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED,uBAAuB,CAAC,KAAY,EAAE,QAAyB;QAC7D,IAAI,KAAK,CAAC,EAAE,KAAK,QAAQ,CAAC,KAAK,EAAE,CAAC;YAChC,GAAG,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;YAC7E,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC;QAC3D,CAAC;QACD,GAAG,CAAC,KAAK,CAAC,4DAA4D,CAAC,CAAC;QACxE,QAAQ,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC;QAE5B,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnB,GAAG,CAAC,IAAI,CAAC,+DAA+D,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC1F,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,aAAa,CAAC;gBACtC,KAAK,EAAE,QAAQ,CAAC,KAAK;gBACrB,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB;gBAC7C,SAAS,EAAE,QAAQ,CAAC,SAAS;gBAC7B,KAAK,EAAE,OAAO,QAAQ,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;aACvE,CAAC,CAAC,CAAC;QACN,CAAC;QACD,OAAO,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IAEO,oBAAoB,CAAC,KAAkB,EAAE,QAAwB;QACvE,IAAI,KAAK,CAAC,EAAE,KAAK,QAAQ,CAAC,KAAK,EAAE,CAAC;YAChC,GAAG,CAAC,KAAK,CAAC,8DAA8D,CAAC,CAAC;YAC1E,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC;QAC3D,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;YACrB,GAAG,CAAC,KAAK,CAAC,+DAA+D,CAAC,CAAC;YAC3E,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;YACrB,GAAG,CAAC,KAAK,CAAC,+DAA+D,CAAC,CAAC;YAC3E,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC;QAC5D,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;YAC9B,IAAI,CAAC,SAAS,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC;QAC7C,CAAC;aAAM,IAAI,IAAI,CAAC,SAAS,CAAC,SAAS,KAAK,KAAK,CAAC,SAAS,EAAE,CAAC;YACxD,GAAG,CAAC,KAAK,CAAC,yFAAyF,CAAC,CAAC;YACrG,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC,CAAC;QACtF,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;YAC9B,IAAI,CAAC,SAAS,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC;QAC7C,CAAC;aAAM,IAAI,IAAI,CAAC,SAAS,CAAC,SAAS,KAAK,KAAK,CAAC,SAAS,EAAE,CAAC;YACxD,GAAG,CAAC,KAAK,CAAC,yFAAyF,CAAC,CAAC;YACrG,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC,CAAC;QACtF,CAAC;QAED,GAAG,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;QACrE,QAAQ,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC;QAE5B,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnB,GAAG,CAAC,IAAI,CAAC,4DAA4D,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC;YACvF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,aAAa,CAAC;gBACtC,KAAK,EAAE,QAAQ,CAAC,KAAK;gBACrB,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB;gBAC7C,SAAS,EAAE,QAAQ,CAAC,SAAS;gBAC7B,KAAK,EAAE,OAAO,QAAQ,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;aACvE,CAAC,CAAC,CAAC;QACN,CAAC;QACD,IAAI,KAAK,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACtC,GAAG,CAAC,KAAK,CAAC,wEAAwE,CAAC,CAAC;YACpF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC,CAAC;QAC9D,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,KAAK,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACtC,GAAG,CAAC,KAAK,CAAC,4EAA4E,CAAC,CAAC;YACxF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC,CAAC;QACtE,CAAC;QACD,IAAI,KAAK,CAAC,aAAa,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC1C,GAAG,CAAC,KAAK,CAAC,oEAAoE,CAAC,CAAC;YAChF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;QAC1D,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,aAAa,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC1C,GAAG,CAAC,KAAK,CAAC,wEAAwE,CAAC,CAAC;YACpF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC,CAAC;QAClE,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;YACpB,QAAQ,CAAC,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC;QAC/B,CAAC;QAED,OAAO,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IAEO,cAAc,CAAC,KAAkB,EAAE,QAAwB;QACjE,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;YAC7B,GAAG,CAAC,KAAK,CAAC,uEAAuE,CAAC,CAAC;YACnF,QAAQ,CAAC,OAAO,GAAG,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YAEhE,IAAI,KAAK,CAAC,YAAY,KAAK,IAAI,IAAI,IAAI,CAAC,SAAS,CAAC,YAAY,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;gBACxF,GAAG,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;gBACjE,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;oBAC1E,GAAG,CAAC,KAAK,CAAC,qFAAqF,CAAC,CAAC;oBACjG,IAAI,MAAM,CAAC,GAAG,KAAK,QAAQ,CAAC,OAAQ,CAAC,GAAG,EAAE,CAAC;wBACzC,GAAG,CAAC,KAAK,CAAC,8FAA8F,CAAC,CAAC;wBAC1G,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC,CAAC;oBACjG,CAAC;oBACD,QAAQ,CAAC,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAQ,EAAE,MAAM,CAAgB,CAAC;oBAC/E,GAAG,CAAC,KAAK,CAAC,+EAA+E,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;oBAC7G,OAAO,QAAQ,CAAC;gBAClB,CAAC,CAAC,CAAC;YACL,CAAC;YACD,GAAG,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;QACvE,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,KAAK,CAAC,+EAA+E,CAAC,CAAC;QAC7F,CAAC;QACD,OAAO,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IAEO,YAAY,CAClB,OAAgC,EAChC,OAAgC;QAEhC,MAAM,MAAM,GAA4B,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QACnE,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;YAC3B,IAAI,MAAM,GAAc,OAAO,CAAC,IAAI,CAAc,CAAC;YACnD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;gBAAE,MAAM,GAAG,CAAC,MAAM,CAAC,CAAC;YAC9C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBAC3B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBAClB,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;gBACvB,CAAC;qBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;oBACvC,IAAI,CAAE,MAAM,CAAC,IAAI,CAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;wBAChD,MAAM,CAAC,IAAI,CAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;oBAC1C,CAAC;gBACH,CAAC;qBAAM,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC;oBAClC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;wBAC9E,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,YAAY,CAC9B,MAAM,CAAC,IAAI,CAA4B,EACvC,KAAgC,CACjC,CAAC;oBACJ,CAAC;yBAAM,CAAC;wBACN,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,CAAC,CAAC;oBACvC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,qBAAqB,CAAC,MAA+B;QAC3D,GAAG,CAAC,KAAK,CAAC,2DAA2D,EAAE,MAAM,CAAC,CAAC;QAC/E,IAAI,CAAC,MAAM;YAAE,OAAO,MAAM,CAAC;QAC3B,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;QACzC,IAAI,IAAI,CAAC,SAAS,CAAC,oBAAoB,EAAE,CAAC;YACxC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;YACpD,GAAG,CAAC,KAAK,CAAC,mEAAmE,EAAE,MAAM,CAAC,CAAC;QACzF,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,KAAK,CAAC,uEAAuE,CAAC,CAAC;QACrF,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,eAAe,CAAC,KAAkB,EAAE,QAAwB;QAClE,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;YAClB,GAAG,CAAC,KAAK,CAAC,oDAAoD,CAAC,CAAC;YAChE,OAAO,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QAC5C,CAAC;QACD,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACtB,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;gBAC1B,GAAG,CAAC,KAAK,CAAC,yEAAyE,CAAC,CAAC;gBACrF,OAAO,IAAI,CAAC,8BAA8B,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAC9D,CAAC;YACD,GAAG,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;YACpE,OAAO,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;QAChD,CAAC;QACD,GAAG,CAAC,KAAK,CAAC,+EAA+E,CAAC,CAAC;QAC3F,OAAO,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IAEO,YAAY,CAAC,KAAkB,EAAE,QAAwB;QAC/D,MAAM,OAAO,GAA4B;YACvC,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,aAAa,EAAE,KAAK,CAAC,aAAa;YAClC,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,YAAY,EAAE,KAAK,CAAC,YAAY;YAChC,aAAa,EAAE,KAAK,CAAC,aAAa;SACnC,CAAC;QACF,IAAI,KAAK,CAAC,gBAAgB,IAAI,OAAO,KAAK,CAAC,gBAAgB,KAAK,QAAQ,EAAE,CAAC;YACzE,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAC;QACjD,CAAC;QACD,OAAO,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE;YAClE,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAC/B,QAA+C,CAAC,GAAG,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;YAC7E,CAAC;YACD,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;gBACtB,GAAG,CAAC,KAAK,CAAC,gFAAgF,CAAC,CAAC;gBAC5F,OAAO,IAAI,CAAC,0BAA0B,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAC1D,CAAC;YACD,GAAG,CAAC,KAAK,CAAC,+EAA+E,CAAC,CAAC;YAC3F,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,0BAA0B,CAAC,KAAkB,EAAE,QAAwB;QAC7E,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACrD,MAAM,QAAQ,GAAG,KAAK,CAAC,SAAU,CAAC,CAAC,kCAAkC;YACrE,MAAM,kBAAkB,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;YACpD,GAAG,CAAC,KAAK,CAAC,6GAA6G,EAAE,kBAAkB,CAAC,CAAC;YAC7I,OAAO,IAAI,CAAC,SAAS,CAAC,YAAY,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBAC9C,OAAO,IAAI,CAAC,SAAS,CAAC,qBAAqB,CAAC,QAAQ,CAAC,QAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE,GAAG,CAAC;qBACvG,IAAI,CAAC,OAAO,CAAC,EAAE;oBACd,IAAI,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC,KAAK,KAAK,OAAO,CAAC,KAAK,EAAE,CAAC;wBACjD,GAAG,CAAC,KAAK,CAAC,yEAAyE,CAAC,CAAC;wBACrF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC,CAAC;oBAChE,CAAC;oBACD,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;wBACjB,GAAG,CAAC,KAAK,CAAC,0EAA0E,CAAC,CAAC;wBACtF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC,CAAC;oBACjE,CAAC;oBACD,QAAQ,CAAC,OAAO,GAAG,OAAsB,CAAC;oBAC1C,OAAO,QAAQ,CAAC;gBAClB,CAAC,CAAC,CAAC;YACP,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,8BAA8B,CAAC,KAAkB,EAAE,QAAwB;QACjF,OAAO,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC,CAAC;IACtG,CAAC;IAEO,oBAAoB,CAAC,GAAc;QACzC,OAAO,IAAI,CAAC,gBAAgB,CAAC,cAAc,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACxD,MAAM,WAAW,GAAG,IAAuB,CAAC;YAC5C,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC;YAC3B,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,GAAG,CAAC,KAAK,CAAC,mEAAmE,CAAC,CAAC;gBAC/E,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC,CAAC;YACpE,CAAC;YACD,GAAG,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;YACvE,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,WAAW,EAAE,GAAG,CAAC,MAAM,CAAC,GAAa,CAAC,CAAC;gBAC1E,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACxB,GAAG,CAAC,KAAK,CAAC,sGAAsG,CAAC,CAAC;oBAClH,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC,CAAC;gBACvG,CAAC;gBACD,OAAO,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YACtC,CAAC;YACD,OAAO,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,mCAAmC,CAAC,GAAc;QACxD,OAAO,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;YAC/C,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,IAAI,CAAC,gBAAgB,CAAC,gBAAgB,EAAE,CAAC;gBACzC,OAAO,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;YACxC,CAAC;YACD,OAAO,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,gBAAgB,CAAC,KAAkB,EAAE,QAAwB;QACnE,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACjB,GAAG,CAAC,KAAK,CAAC,uDAAuD,CAAC,CAAC;YACnE,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC;QACxD,CAAC;QACD,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAS,CAAC,CAAC;QACxD,IAAI,CAAC,GAAG,EAAE,MAAM,IAAI,CAAC,GAAG,EAAE,OAAO,EAAE,CAAC;YAClC,GAAG,CAAC,KAAK,CAAC,8DAA8D,EAAE,GAAG,CAAC,CAAC;YAC/E,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAC;QAC/D,CAAC;QACD,IAAI,KAAK,CAAC,KAAK,KAAK,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACtC,GAAG,CAAC,KAAK,CAAC,+DAA+D,CAAC,CAAC;YAC3E,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC,CAAC;QAChE,CAAC;QACD,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACrD,GAAG,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACjE,OAAO,IAAI,CAAC,mCAAmC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;gBAC9D,IAAI,CAAC,GAAG,EAAE,CAAC;oBACT,GAAG,CAAC,KAAK,CAAC,sFAAsF,CAAC,CAAC;oBAClG,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC,CAAC;gBACvF,CAAC;gBACD,MAAM,QAAQ,GAAG,KAAK,CAAC,SAAU,CAAC,CAAC,kCAAkC;gBACrE,MAAM,kBAAkB,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;gBACpD,GAAG,CAAC,KAAK,CAAC,wFAAwF,EAAE,kBAAkB,CAAC,CAAC;gBACxH,OAAO,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,QAAS,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,kBAAkB,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE;oBACzG,GAAG,CAAC,KAAK,CAAC,+DAA+D,CAAC,CAAC;oBAC3E,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;wBACrB,GAAG,CAAC,KAAK,CAAC,gEAAgE,CAAC,CAAC;wBAC5E,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC,CAAC;oBACjE,CAAC;oBACD,QAAQ,CAAC,OAAO,GAAG,GAAG,CAAC,OAAsB,CAAC;oBAC9C,OAAO,QAAQ,CAAC;gBAClB,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,YAAY,CAAC,IAAc,EAAE,GAAW;QAC9C,IAAI,GAAG,GAAkB,IAAI,CAAC;QAC9B,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,GAAG,GAAG,KAAK,CAAC;aACjC,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,GAAG,GAAG,IAAI,CAAC;aACrC,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,GAAG,GAAG,IAAI,CAAC;aACrC,CAAC;YAAC,GAAG,CAAC,KAAK,CAAC,qDAAqD,EAAE,GAAG,CAAC,CAAC;YAAC,OAAO,EAAE,CAAC;QAAC,CAAC;QAC1F,GAAG,CAAC,KAAK,CAAC,mEAAmE,EAAE,GAAG,CAAC,CAAC;QACpF,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;QACvC,GAAG,CAAC,KAAK,CAAC,iEAAiE,EAAE,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/F,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,KAAK,CAAC,oBAAoB,CAAC,QAAwB;QACzD,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtB,GAAG,CAAC,KAAK,CAAC,yEAAyE,CAAC,CAAC;YACrF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC,CAAC;QACtE,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YAC9B,GAAG,CAAC,KAAK,CAAC,gEAAgE,CAAC,CAAC;YAC5E,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC;QAC7D,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACvB,GAAG,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACjE,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC;QAClD,CAAC;QACD,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACvD,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;YACjB,GAAG,CAAC,KAAK,CAAC,kEAAkE,EAAE,GAAG,CAAC,CAAC;YACnF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAC;QAC/D,CAAC;QACD,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,GAAa,CAAC;QACzC,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrC,GAAG,CAAC,KAAK,CAAC,0DAA0D,EAAE,OAAO,CAAC,CAAC;YAC/E,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,mBAAmB,GAAG,OAAO,CAAC,CAAC,CAAC;QAClE,CAAC;QACD,MAAM,WAAW,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5C,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,CAAC,CAAC;QACvC,IAAI,QAAQ,KAAK,GAAG,IAAI,QAAQ,KAAK,GAAG,IAAI,QAAQ,KAAK,GAAG,EAAE,CAAC;YAC7D,GAAG,CAAC,KAAK,CAAC,0DAA0D,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YACzF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,mBAAmB,GAAG,OAAO,CAAC,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,GAAG,GAAG,KAAK,GAAG,QAAQ,CAAC;QAC7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC,YAAa,EAAE,GAAG,CAAC,CAAC;QAC1E,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,GAAG,CAAC,KAAK,CAAC,mEAAmE,EAAE,GAAG,CAAC,CAAC;YACpF,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAChD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QACtD,IAAI,SAAS,KAAK,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YAC3C,GAAG,CAAC,KAAK,CAAC,oEAAoE,EAAE,SAAS,EAAE,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YACrH,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC,CAAC;QACjE,CAAC;QAED,GAAG,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;QAC7D,OAAO,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;CACF"}

package/dist/src/protocol/Responses.d.ts

@@ -0,0 +1,44 @@
+import type { UserProfile } from '../types/user.js';
+export declare class SigninResponse {
+    error: string | undefined;
+    error_description: string | undefined;
+    error_uri: string | undefined;
+    code: string | undefined;
+    state: unknown;
+    id_token: string | undefined;
+    session_state: string | undefined;
+    access_token: string | undefined;
+    token_type: string | undefined;
+    scope: string | undefined;
+    profile: UserProfile | undefined;
+    expires_at: number | undefined;
+    constructor(url: string, delimiter?: string);
+    get expires_in(): number | undefined;
+    set expires_in(value: string | number | undefined);
+    get expired(): boolean | undefined;
+    get scopes(): string[];
+    get isOpenIdConnect(): boolean;
+}
+export declare class SignoutResponse {
+    error: string | undefined;
+    error_description: string | undefined;
+    error_uri: string | undefined;
+    state: unknown;
+    constructor(url: string);
+}
+export interface ErrorResponseData {
+    error: string;
+    error_description?: string;
+    error_uri?: string;
+    state?: string;
+    session_state?: string;
+}
+export declare class ErrorResponse extends Error {
+    error: string;
+    error_description: string | undefined;
+    error_uri: string | undefined;
+    state: string | undefined;
+    session_state: string | undefined;
+    constructor({ error, error_description, error_uri, state, session_state }: ErrorResponseData);
+}
+//# sourceMappingURL=Responses.d.ts.map

package/dist/src/protocol/Responses.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"Responses.d.ts","sourceRoot":"","sources":["../../../src/protocol/Responses.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAQpD,qBAAa,cAAc;IACzB,KAAK,EAAE,MAAM,GAAG,SAAS,CAAC;IAC1B,iBAAiB,EAAE,MAAM,GAAG,SAAS,CAAC;IACtC,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,IAAI,EAAE,MAAM,GAAG,SAAS,CAAC;IACzB,KAAK,EAAE,OAAO,CAAC;IACf,QAAQ,EAAE,MAAM,GAAG,SAAS,CAAC;IAC7B,aAAa,EAAE,MAAM,GAAG,SAAS,CAAC;IAClC,YAAY,EAAE,MAAM,GAAG,SAAS,CAAC;IACjC,UAAU,EAAE,MAAM,GAAG,SAAS,CAAC;IAC/B,KAAK,EAAE,MAAM,GAAG,SAAS,CAAC;IAC1B,OAAO,EAAE,WAAW,GAAG,SAAS,CAAC;IACjC,UAAU,EAAE,MAAM,GAAG,SAAS,CAAC;gBAEnB,GAAG,EAAE,MAAM,EAAE,SAAS,GAAE,MAAY;IAiBhD,IAAI,UAAU,IAAI,MAAM,GAAG,SAAS,CAMnC;IACD,IAAI,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,EAMhD;IAED,IAAI,OAAO,IAAI,OAAO,GAAG,SAAS,CAGjC;IAED,IAAI,MAAM,IAAI,MAAM,EAAE,CAErB;IAED,IAAI,eAAe,IAAI,OAAO,CAE7B;CACF;AAMD,qBAAa,eAAe;IAC1B,KAAK,EAAE,MAAM,GAAG,SAAS,CAAC;IAC1B,iBAAiB,EAAE,MAAM,GAAG,SAAS,CAAC;IACtC,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,KAAK,EAAE,OAAO,CAAC;gBAEH,GAAG,EAAE,MAAM;CAOxB;AAMD,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,qBAAa,aAAc,SAAQ,KAAK;IACtC,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB,EAAE,MAAM,GAAG,SAAS,CAAC;IACtC,SAAS,EAAE,MAAM,GAAG,SAAS,CAAC;IAC9B,KAAK,EAAE,MAAM,GAAG,SAAS,CAAC;IAC1B,aAAa,EAAE,MAAM,GAAG,SAAS,CAAC;gBAEtB,EAAE,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE,iBAAiB;CAgB7F"}

package/dist/src/protocol/Responses.js

@@ -0,0 +1,77 @@
+// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
+import { Log } from '../utils/Log.js';
+import { UrlUtility } from '../services/Http.js';
+const OidcScope = 'openid';
+//=============================================================================
+// SigninResponse
+//=============================================================================
+export class SigninResponse {
+    constructor(url, delimiter = '#') {
+        const values = UrlUtility.parseUrlFragment(url, delimiter);
+        this.error = values.error;
+        this.error_description = values.error_description;
+        this.error_uri = values.error_uri;
+        this.code = values.code;
+        this.state = values.state;
+        this.id_token = values.id_token;
+        this.session_state = values.session_state;
+        this.access_token = values.access_token;
+        this.token_type = values.token_type;
+        this.scope = values.scope;
+        this.profile = undefined;
+        this.expires_in = values.expires_in;
+    }
+    get expires_in() {
+        if (this.expires_at) {
+            const now = Math.floor(Date.now() / 1000);
+            return this.expires_at - now;
+        }
+        return undefined;
+    }
+    set expires_in(value) {
+        const expires_in = parseInt(String(value));
+        if (typeof expires_in === 'number' && expires_in > 0) {
+            const now = Math.floor(Date.now() / 1000);
+            this.expires_at = now + expires_in;
+        }
+    }
+    get expired() {
+        const expires_in = this.expires_in;
+        return expires_in !== undefined ? expires_in <= 0 : undefined;
+    }
+    get scopes() {
+        return (this.scope || '').split(' ');
+    }
+    get isOpenIdConnect() {
+        return this.scopes.indexOf(OidcScope) >= 0 || !!this.id_token;
+    }
+}
+//=============================================================================
+// SignoutResponse
+//=============================================================================
+export class SignoutResponse {
+    constructor(url) {
+        const values = UrlUtility.parseUrlFragment(url, '?');
+        this.error = values.error;
+        this.error_description = values.error_description;
+        this.error_uri = values.error_uri;
+        this.state = values.state;
+    }
+}
+export class ErrorResponse extends Error {
+    constructor({ error, error_description, error_uri, state, session_state }) {
+        if (!error) {
+            Log.error('No error passed to ErrorResponse');
+            throw new Error('error');
+        }
+        const message = error_description ? `${error}: ${error_description}` : error;
+        super(message);
+        this.name = error;
+        this.error = error;
+        this.error_description = error_description;
+        this.error_uri = error_uri;
+        this.state = state;
+        this.session_state = session_state;
+    }
+}
+//# sourceMappingURL=Responses.js.map

package/dist/src/protocol/Responses.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"Responses.js","sourceRoot":"","sources":["../../../src/protocol/Responses.ts"],"names":[],"mappings":"AAAA,2GAA2G;AAE3G,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAGjD,MAAM,SAAS,GAAG,QAAQ,CAAC;AAE3B,+EAA+E;AAC/E,iBAAiB;AACjB,+EAA+E;AAE/E,MAAM,OAAO,cAAc;IAczB,YAAY,GAAW,EAAE,YAAoB,GAAG;QAC9C,MAAM,MAAM,GAAG,UAAU,CAAC,gBAAgB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAE3D,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QAC1B,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAC;QAClD,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAClC,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;QACxB,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QAC1B,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;QAChC,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC;QAC1C,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;QACxC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;QACpC,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QAC1B,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC;QACzB,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;IACtC,CAAC;IAED,IAAI,UAAU;QACZ,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC1C,OAAO,IAAI,CAAC,UAAU,GAAG,GAAG,CAAC;QAC/B,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,IAAI,UAAU,CAAC,KAAkC;QAC/C,MAAM,UAAU,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAC3C,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;YACrD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC1C,IAAI,CAAC,UAAU,GAAG,GAAG,GAAG,UAAU,CAAC;QACrC,CAAC;IACH,CAAC;IAED,IAAI,OAAO;QACT,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QACnC,OAAO,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAChE,CAAC;IAED,IAAI,MAAM;QACR,OAAO,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACvC,CAAC;IAED,IAAI,eAAe;QACjB,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;IAChE,CAAC;CACF;AAED,+EAA+E;AAC/E,kBAAkB;AAClB,+EAA+E;AAE/E,MAAM,OAAO,eAAe;IAM1B,YAAY,GAAW;QACrB,MAAM,MAAM,GAAG,UAAU,CAAC,gBAAgB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QACrD,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;QAC1B,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAC;QAClD,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAClC,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;IAC5B,CAAC;CACF;AAcD,MAAM,OAAO,aAAc,SAAQ,KAAK;IAOtC,YAAY,EAAE,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAqB;QAC1F,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,GAAG,CAAC,KAAK,CAAC,kCAAkC,CAAC,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;QAC3B,CAAC;QAED,MAAM,OAAO,GAAG,iBAAiB,CAAC,CAAC,CAAC,GAAG,KAAK,KAAK,iBAAiB,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;QAC7E,KAAK,CAAC,OAAO,CAAC,CAAC;QAEf,IAAI,CAAC,IAAI,GAAG,KAAK,CAAC;QAClB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;QAC3C,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IACrC,CAAC;CACF"}

package/dist/src/protocol/TokenService.d.ts

@@ -0,0 +1,38 @@
+import { JsonService, MetadataService } from '../services/Http.js';
+import type { JoseUtilType } from '../crypto/Crypto.js';
+export interface TokenSettings {
+    authority?: string;
+    client_id?: string;
+    client_secret?: string;
+    redirect_uri?: string;
+    client_authentication?: string;
+    userInfoJwtIssuer?: string;
+    clockSkew?: number;
+}
+export declare class TokenClient {
+    private _settings;
+    private _jsonService;
+    private _metadataService;
+    constructor(settings: TokenSettings, JsonServiceCtor?: typeof JsonService, MetadataServiceCtor?: typeof MetadataService);
+    exchangeCode(args?: Record<string, any>): Promise<any>;
+    exchangeRefreshToken(args?: Record<string, any>): Promise<any>;
+}
+export declare class TokenRevocationClient {
+    private _settings;
+    private _XMLHttpRequestCtor;
+    private _metadataService;
+    constructor(settings: TokenSettings, XMLHttpRequestCtor?: typeof XMLHttpRequest, MetadataServiceCtor?: typeof MetadataService);
+    revoke(token: string, required?: boolean, type?: string): Promise<void>;
+    private _revoke;
+}
+export declare class UserInfoService {
+    private _settings;
+    private _jsonService;
+    private _metadataService;
+    private _joseUtil;
+    constructor(settings: TokenSettings, JsonServiceCtor?: typeof JsonService, MetadataServiceCtor?: typeof MetadataService, joseUtil?: JoseUtilType);
+    getClaims(token: string): Promise<any>;
+    private _getClaimsFromJwt;
+    private _filterByAlg;
+}
+//# sourceMappingURL=TokenService.d.ts.map

package/dist/src/protocol/TokenService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"TokenService.d.ts","sourceRoot":"","sources":["../../../src/protocol/TokenService.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAGnE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAGxD,MAAM,WAAW,aAAa;IAC5B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAMD,qBAAa,WAAW;IACtB,OAAO,CAAC,SAAS,CAAgB;IACjC,OAAO,CAAC,YAAY,CAAc;IAClC,OAAO,CAAC,gBAAgB,CAAkB;gBAGxC,QAAQ,EAAE,aAAa,EACvB,eAAe,GAAE,OAAO,WAAyB,EACjD,mBAAmB,GAAE,OAAO,eAAiC;IAQ/D,YAAY,CAAC,IAAI,GAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAmC1D,oBAAoB,CAAC,IAAI,GAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAM,GAAG,OAAO,CAAC,GAAG,CAAC;CA2BnE;AASD,qBAAa,qBAAqB;IAChC,OAAO,CAAC,SAAS,CAAgB;IACjC,OAAO,CAAC,mBAAmB,CAAwB;IACnD,OAAO,CAAC,gBAAgB,CAAkB;gBAGxC,QAAQ,EAAE,aAAa,EACvB,kBAAkB,GAAE,OAAO,cAAuC,EAClE,mBAAmB,GAAE,OAAO,eAAiC;IAQ/D,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,IAAI,GAAE,MAAuB,GAAG,OAAO,CAAC,IAAI,CAAC;IAoBvF,OAAO,CAAC,OAAO;CAwBhB;AAMD,qBAAa,eAAe;IAC1B,OAAO,CAAC,SAAS,CAAgB;IACjC,OAAO,CAAC,YAAY,CAAc;IAClC,OAAO,CAAC,gBAAgB,CAAkB;IAC1C,OAAO,CAAC,SAAS,CAAe;gBAG9B,QAAQ,EAAE,aAAa,EACvB,eAAe,GAAE,OAAO,WAAyB,EACjD,mBAAmB,GAAE,OAAO,eAAiC,EAC7D,QAAQ,GAAE,YAAuB;IAanC,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAWtC,OAAO,CAAC,iBAAiB;IAkEzB,OAAO,CAAC,YAAY;CAWrB"}