oidc-spa 4.6.1 → 4.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/oidc.d.ts +12 -1
  2. package/oidc.js +192 -46
  3. package/oidc.js.map +1 -1
  4. package/package.json +1 -1
  5. package/src/oidc.ts +197 -27
package/oidc.d.ts CHANGED
@@ -53,9 +53,20 @@ export declare class OidcInitializationError extends Error {
53
53
  readonly type: "server down" | "bad configuration" | "unknown";
54
54
  constructor(params: {
55
55
  type: "server down";
56
+ issuerUri: string;
56
57
  } | {
57
58
  type: "bad configuration";
58
- timeoutDelayMs: number;
59
+ likelyCause: {
60
+ type: "misconfigured OIDC client";
61
+ clientId: string;
62
+ timeoutDelayMs: number;
63
+ } | {
64
+ type: "not in Web Origins";
65
+ clientId: string;
66
+ } | {
67
+ type: "silent-sso.html not reachable";
68
+ silentSsoHtmlUrl: string;
69
+ };
59
70
  } | {
60
71
  type: "unknown";
61
72
  cause: Error;
package/oidc.js CHANGED
@@ -118,12 +118,39 @@ var OidcInitializationError = /** @class */ (function (_super) {
118
118
  var _this = _super.call(this, (function () {
119
119
  switch (params.type) {
120
120
  case "server down":
121
- return "The OIDC server is down";
121
+ return [
122
+ "The OIDC server seems to be down.",
123
+ "If you know it's not the case it means that the issuerUri: ".concat(params.issuerUri, " is incorrect."),
124
+ "If you are using Keycloak makes sure that the realm exists and that the url is well formed.\n",
125
+ "More info: https://docs.oidc-spa.dev/resources/usage-with-keycloak"
126
+ ].join(" ");
122
127
  case "bad configuration":
123
- return "Bad configuration. Timed out after ".concat(params.timeoutDelayMs, "ms");
128
+ switch (params.likelyCause.type) {
129
+ case "misconfigured OIDC client":
130
+ return [
131
+ "The OIDC client ".concat(params.likelyCause.clientId, " seems to be misconfigured on your OIDC server."),
132
+ "If you are using Keycloak you likely need to add \"".concat(location.origin, "/*\" to the list of Valid Redirect URIs"),
133
+ "in the ".concat(params.likelyCause.clientId, " client configuration.\n"),
134
+ "More info: https://docs.oidc-spa.dev/resources/usage-with-keycloak",
135
+ "Silent SSO timed out after ".concat(params.likelyCause.timeoutDelayMs, "ms.")
136
+ ].join(" ");
137
+ case "not in Web Origins":
138
+ return [
139
+ "It seems that there is a CORS issue.",
140
+ "If you are using Keycloak check the \"Web Origins\" option in your ".concat(params.likelyCause.clientId, " client configuration."),
141
+ "You should probably add \"".concat(location.origin, "/*\" to the list."),
142
+ "More info: https://docs.oidc-spa.dev/resources/usage-with-keycloak"
143
+ ].join(" ");
144
+ case "silent-sso.html not reachable":
145
+ return [
146
+ "".concat(params.likelyCause.silentSsoHtmlUrl, " is not reachable. Make sure you've created the silent-sso.html file"),
147
+ "in your public directory. More info: https://docs.oidc-spa.dev/documentation/installation"
148
+ ].join(" ");
149
+ }
124
150
  case "unknown":
125
151
  return params.cause.message;
126
152
  }
153
+ (0, assert_1.assert)(false);
127
154
  })(),
128
155
  // @ts-expect-error
129
156
  { "cause": params.type === "unknown" ? params.cause : undefined }) || this;
@@ -141,7 +168,7 @@ var URL_real = window.URL;
141
168
  /** @see: https://github.com/garronej/oidc-spa#option-1-usage-without-involving-the-ui-framework */
142
169
  function createOidc(params) {
143
170
  return __awaiter(this, void 0, void 0, function () {
144
- var issuerUri, clientId, clientSecret, _a, transformUrlBeforeRedirect, extraQueryParamsOrGetter, publicUrl_params, decodedIdTokenSchema, __unsafe_ssoSessionIdleSeconds, _b, autoLogoutParams, getExtraQueryParams, publicUrl, configHash, cleanups, configHashKey, oidcClientTsUserManager, lastPublicRoute, startTrackingLastPublicRoute, hasLoginBeenCalled, login, resultOfLoginProcess, common, error, initializationError, currentTokens, autoLogoutCountdownTickCallbacks, onTokenChanges, oidc, getMsBeforeExpiration_1, startCountdown_2, stopCountdown_1, unsubscribeFrom$isUserActive_1, hotReloadCleanupsForThisConfig;
171
+ var issuerUri, clientId, clientSecret, _a, transformUrlBeforeRedirect, extraQueryParamsOrGetter, publicUrl_params, decodedIdTokenSchema, __unsafe_ssoSessionIdleSeconds, _b, autoLogoutParams, getExtraQueryParams, publicUrl, configHash, cleanups, configHashKey, silentSsoHtmlUrl, oidcClientTsUserManager, lastPublicRoute, startTrackingLastPublicRoute, hasLoginBeenCalled, login, resultOfLoginProcess, common, error, initializationError, currentTokens, autoLogoutCountdownTickCallbacks, onTokenChanges, oidc, getMsBeforeExpiration_1, startCountdown_2, stopCountdown_1, unsubscribeFrom$isUserActive_1, hotReloadCleanupsForThisConfig;
145
172
  var _this = this;
146
173
  return __generator(this, function (_c) {
147
174
  switch (_c.label) {
@@ -173,6 +200,7 @@ function createOidc(params) {
173
200
  hotReloadCleanups.set(configHash, new Set());
174
201
  }
175
202
  configHashKey = "configHash";
203
+ silentSsoHtmlUrl = "".concat(publicUrl, "/silent-sso.html");
176
204
  oidcClientTsUserManager = new oidc_client_ts_1.UserManager({
177
205
  "authority": issuerUri,
178
206
  "client_id": clientId,
@@ -181,7 +209,7 @@ function createOidc(params) {
181
209
  "response_type": "code",
182
210
  "scope": "openid profile",
183
211
  "automaticSilentRenew": false,
184
- "silent_redirect_uri": "".concat(publicUrl, "/silent-sso.html?").concat(configHashKey, "=").concat(configHash)
212
+ "silent_redirect_uri": "".concat(silentSsoHtmlUrl, "?").concat(configHashKey, "=").concat(configHash)
185
213
  });
186
214
  lastPublicRoute = undefined;
187
215
  startTrackingLastPublicRoute = function () {
@@ -284,10 +312,11 @@ function createOidc(params) {
284
312
  };
285
313
  return [4 /*yield*/, (function getUser() {
286
314
  return __awaiter(this, void 0, void 0, function () {
287
- var url, result, result, loginSuccessUrl, paramsToRetrieveFromSuccessfulLogin_1, paramsToRetrieveFromSuccessfulLogin_1_1, name_1, result, oidcClientTsUser, _a, oidcClientTsUser, error_1, dLoginSuccessUrl_1, timeoutDelayMs_1, timeout_1, listener_1, loginSuccessUrl, oidcClientTsUser;
288
- var e_1, _b;
289
- return __generator(this, function (_c) {
290
- switch (_c.label) {
315
+ var url, result, loginSuccessUrl, missingMandatoryParams, paramsToRetrieveFromSuccessfulLogin_1, paramsToRetrieveFromSuccessfulLogin_1_1, name_1, result, result, oidcClientTsUser, error_1, oidcClientTsUser, error_2, dLoginSuccessUrl_1, timeoutDelayMs_1, timeout_1, listener_1, loginSuccessUrl, oidcClientTsUser, error_3;
316
+ var e_1, _a;
317
+ var _this = this;
318
+ return __generator(this, function (_b) {
319
+ switch (_b.label) {
291
320
  case 0:
292
321
  url = window.location.href;
293
322
  {
@@ -297,13 +326,8 @@ function createOidc(params) {
297
326
  }
298
327
  url = result.newUrl;
299
328
  }
300
- {
301
- result = (0, urlQueryParams_1.retrieveQueryParamFromUrl)({ "name": "error", url: url });
302
- if (result.wasPresent) {
303
- throw new Error("OIDC error: ".concat(result.value));
304
- }
305
- }
306
329
  loginSuccessUrl = "https://dummy.com";
330
+ missingMandatoryParams = [];
307
331
  try {
308
332
  for (paramsToRetrieveFromSuccessfulLogin_1 = __values(paramsToRetrieveFromSuccessfulLogin), paramsToRetrieveFromSuccessfulLogin_1_1 = paramsToRetrieveFromSuccessfulLogin_1.next(); !paramsToRetrieveFromSuccessfulLogin_1_1.done; paramsToRetrieveFromSuccessfulLogin_1_1 = paramsToRetrieveFromSuccessfulLogin_1.next()) {
309
333
  name_1 = paramsToRetrieveFromSuccessfulLogin_1_1.value;
@@ -312,7 +336,8 @@ function createOidc(params) {
312
336
  if (name_1 === "iss") {
313
337
  continue;
314
338
  }
315
- throw new Error("Missing query param: ".concat(name_1));
339
+ missingMandatoryParams.push(name_1);
340
+ continue;
316
341
  }
317
342
  loginSuccessUrl = (0, urlQueryParams_1.addQueryParamToUrl)({
318
343
  "url": loginSuccessUrl,
@@ -325,22 +350,58 @@ function createOidc(params) {
325
350
  catch (e_1_1) { e_1 = { error: e_1_1 }; }
326
351
  finally {
327
352
  try {
328
- if (paramsToRetrieveFromSuccessfulLogin_1_1 && !paramsToRetrieveFromSuccessfulLogin_1_1.done && (_b = paramsToRetrieveFromSuccessfulLogin_1.return)) _b.call(paramsToRetrieveFromSuccessfulLogin_1);
353
+ if (paramsToRetrieveFromSuccessfulLogin_1_1 && !paramsToRetrieveFromSuccessfulLogin_1_1.done && (_a = paramsToRetrieveFromSuccessfulLogin_1.return)) _a.call(paramsToRetrieveFromSuccessfulLogin_1);
329
354
  }
330
355
  finally { if (e_1) throw e_1.error; }
331
356
  }
332
357
  window.history.pushState(null, "", url);
358
+ {
359
+ result = (0, urlQueryParams_1.retrieveQueryParamFromUrl)({ "name": "error", url: url });
360
+ if (result.wasPresent) {
361
+ if (window !== top && result.value === "login_required") {
362
+ // Here we are in an iframe, it's a bit hacky to suspend the process here but
363
+ // it's a common case when the user of the lib forgot to create the silent-sso.html file.
364
+ // In this case we want to let the timeout of the parent expire to provide the correct error message.
365
+ // If we go on with execution of this it would still work but the user would get a misleading error message.
366
+ return [2 /*return*/, new Promise(function () { })];
367
+ }
368
+ throw new Error([
369
+ "The OIDC server responded with an error passed as query parameter after the login process",
370
+ "this error is: ".concat(result.value)
371
+ ].join(" "));
372
+ }
373
+ }
374
+ if (missingMandatoryParams.length !== 0) {
375
+ throw new Error([
376
+ "After the login process the following mandatory OIDC query parameters where missing:",
377
+ missingMandatoryParams.join(", ")
378
+ ].join(" "));
379
+ }
333
380
  oidcClientTsUser = undefined;
334
- _c.label = 1;
381
+ _b.label = 1;
335
382
  case 1:
336
- _c.trys.push([1, 3, , 4]);
383
+ _b.trys.push([1, 3, , 4]);
337
384
  return [4 /*yield*/, oidcClientTsUserManager.signinRedirectCallback(loginSuccessUrl)];
338
385
  case 2:
339
- oidcClientTsUser = _c.sent();
386
+ oidcClientTsUser = _b.sent();
340
387
  return [3 /*break*/, 4];
341
388
  case 3:
342
- _a = _c.sent();
389
+ error_1 = _b.sent();
390
+ (0, assert_1.assert)(error_1 instanceof Error);
391
+ if (error_1.message === "Failed to fetch") {
392
+ // If it's a fetch error here we know that the web server is not down and the login was successful,
393
+ // we just where redirected from the login pages.
394
+ // This means it's likely a "Web origins" misconfiguration.
395
+ throw new OidcInitializationError({
396
+ "type": "bad configuration",
397
+ "likelyCause": {
398
+ "type": "not in Web Origins",
399
+ clientId: clientId
400
+ }
401
+ });
402
+ }
343
403
  //NOTE: The user has likely pressed the back button just after logging in.
404
+ //UPDATE: I don't remember how to reproduce this case and I don't know if it's still relevant.
344
405
  return [2 /*return*/, undefined];
345
406
  case 4: return [2 /*return*/, {
346
407
  "loginScenario": "backFromLoginPages",
@@ -348,22 +409,32 @@ function createOidc(params) {
348
409
  }];
349
410
  case 5: return [4 /*yield*/, oidcClientTsUserManager.getUser()];
350
411
  case 6:
351
- oidcClientTsUser = _c.sent();
412
+ oidcClientTsUser = _b.sent();
352
413
  if (oidcClientTsUser === null) {
353
414
  return [3 /*break*/, 11];
354
415
  }
355
- _c.label = 7;
416
+ _b.label = 7;
356
417
  case 7:
357
- _c.trys.push([7, 9, , 10]);
418
+ _b.trys.push([7, 9, , 10]);
358
419
  return [4 /*yield*/, oidcClientTsUserManager.signinSilent()];
359
420
  case 8:
360
- _c.sent();
421
+ _b.sent();
361
422
  return [3 /*break*/, 10];
362
423
  case 9:
363
- error_1 = _c.sent();
364
- (0, assert_1.assert)(error_1 instanceof Error);
365
- if (error_1.message === "Failed to fetch") {
366
- throw new OidcInitializationError({ "type": "server down" });
424
+ error_2 = _b.sent();
425
+ (0, assert_1.assert)(error_2 instanceof Error);
426
+ if (error_2.message === "Failed to fetch") {
427
+ // Here it could be web origins as well but it's less likely because
428
+ // it would mean that there was once a valid configuration and it has been
429
+ // changed to an invalid one before the token expired.
430
+ // but the server is not necessarily down, the issuerUri could be wrong.
431
+ // So the error that we return should be either "server down" if fetching the
432
+ // well known configuration endpoint failed without returning any status code
433
+ // or "bad configuration" if the endpoint returned a 404 or an other status code.
434
+ throw new OidcInitializationError({
435
+ "type": "server down",
436
+ issuerUri: issuerUri
437
+ });
367
438
  }
368
439
  return [2 /*return*/, undefined];
369
440
  case 10: return [2 /*return*/, {
@@ -385,12 +456,52 @@ function createOidc(params) {
385
456
  var dynamicDelay = rtt * 2.5 + 3000 / (downlink + 1);
386
457
  return Math.max(baseDelay, dynamicDelay);
387
458
  })();
388
- timeout_1 = (0, worker_timers_1.setTimeout)(function () {
389
- return dLoginSuccessUrl_1.reject(new OidcInitializationError({
390
- "type": "bad configuration",
391
- timeoutDelayMs: timeoutDelayMs_1
392
- }));
393
- }, timeoutDelayMs_1);
459
+ timeout_1 = (0, worker_timers_1.setTimeout)(function () { return __awaiter(_this, void 0, void 0, function () {
460
+ var isSilentSsoHtmlReachable;
461
+ var _this = this;
462
+ return __generator(this, function (_a) {
463
+ switch (_a.label) {
464
+ case 0: return [4 /*yield*/, fetch(silentSsoHtmlUrl).then(function (response) { return __awaiter(_this, void 0, void 0, function () {
465
+ var content;
466
+ return __generator(this, function (_a) {
467
+ switch (_a.label) {
468
+ case 0: return [4 /*yield*/, response.text()];
469
+ case 1:
470
+ content = _a.sent();
471
+ return [2 /*return*/, (content.split("\n").length < 20 &&
472
+ content.includes("parent.postMessage(location.href"))];
473
+ }
474
+ });
475
+ }); }, function () { return false; })];
476
+ case 1:
477
+ isSilentSsoHtmlReachable = _a.sent();
478
+ if (!isSilentSsoHtmlReachable) {
479
+ dLoginSuccessUrl_1.reject(new OidcInitializationError({
480
+ "type": "bad configuration",
481
+ "likelyCause": {
482
+ "type": "silent-sso.html not reachable",
483
+ silentSsoHtmlUrl: silentSsoHtmlUrl
484
+ }
485
+ }));
486
+ return [2 /*return*/];
487
+ }
488
+ // Here we know that the server is not down and that the issuer_uri is correct
489
+ // otherwise we would have had a fetch error when loading the iframe.
490
+ // So this means that it's very likely a OIDC client misconfiguration.
491
+ // It could also be a very slow network but this risk is mitigated by the fact that we check
492
+ // for the network speed to adjust the timeout delay.
493
+ dLoginSuccessUrl_1.reject(new OidcInitializationError({
494
+ "type": "bad configuration",
495
+ "likelyCause": {
496
+ "type": "misconfigured OIDC client",
497
+ clientId: clientId,
498
+ timeoutDelayMs: timeoutDelayMs_1
499
+ }
500
+ }));
501
+ return [2 /*return*/];
502
+ }
503
+ });
504
+ }); }, timeoutDelayMs_1);
394
505
  listener_1 = function (event) {
395
506
  var e_2, _a;
396
507
  if (typeof event.data !== "string") {
@@ -420,6 +531,7 @@ function createOidc(params) {
420
531
  }
421
532
  }
422
533
  var loginSuccessUrl = "https://dummy.com";
534
+ var missingMandatoryParams = [];
423
535
  try {
424
536
  for (var paramsToRetrieveFromSuccessfulLogin_2 = __values(paramsToRetrieveFromSuccessfulLogin), paramsToRetrieveFromSuccessfulLogin_2_1 = paramsToRetrieveFromSuccessfulLogin_2.next(); !paramsToRetrieveFromSuccessfulLogin_2_1.done; paramsToRetrieveFromSuccessfulLogin_2_1 = paramsToRetrieveFromSuccessfulLogin_2.next()) {
425
537
  var name_2 = paramsToRetrieveFromSuccessfulLogin_2_1.value;
@@ -428,7 +540,8 @@ function createOidc(params) {
428
540
  if (name_2 === "iss") {
429
541
  continue;
430
542
  }
431
- throw new Error("Missing query param: ".concat(name_2));
543
+ missingMandatoryParams.push(name_2);
544
+ continue;
432
545
  }
433
546
  loginSuccessUrl = (0, urlQueryParams_1.addQueryParamToUrl)({
434
547
  "url": loginSuccessUrl,
@@ -444,6 +557,13 @@ function createOidc(params) {
444
557
  }
445
558
  finally { if (e_2) throw e_2.error; }
446
559
  }
560
+ if (missingMandatoryParams.length !== 0) {
561
+ dLoginSuccessUrl_1.reject(new Error([
562
+ "After the silent signin process the following mandatory OIDC query parameters where missing:",
563
+ missingMandatoryParams.join(", ")
564
+ ].join(" ")));
565
+ return;
566
+ }
447
567
  dLoginSuccessUrl_1.resolve(loginSuccessUrl);
448
568
  };
449
569
  window.addEventListener("message", listener_1, false);
@@ -452,23 +572,49 @@ function createOidc(params) {
452
572
  .catch(function (error) {
453
573
  if (error.message === "Failed to fetch") {
454
574
  (0, worker_timers_1.clearTimeout)(timeout_1);
455
- dLoginSuccessUrl_1.reject(new OidcInitializationError({ "type": "server down" }));
575
+ // Here we know it's not web origin because it's not the token we are fetching
576
+ // but just the well known configuration endpoint that is not subject to CORS.
577
+ dLoginSuccessUrl_1.reject(new OidcInitializationError({
578
+ "type": "server down",
579
+ issuerUri: issuerUri
580
+ }));
456
581
  }
457
582
  });
458
583
  return [4 /*yield*/, dLoginSuccessUrl_1.pr];
459
584
  case 12:
460
- loginSuccessUrl = _c.sent();
585
+ loginSuccessUrl = _b.sent();
461
586
  if (loginSuccessUrl === undefined) {
462
- return [3 /*break*/, 14];
587
+ return [3 /*break*/, 17];
463
588
  }
464
- return [4 /*yield*/, oidcClientTsUserManager.signinRedirectCallback(loginSuccessUrl)];
589
+ oidcClientTsUser = undefined;
590
+ _b.label = 13;
465
591
  case 13:
466
- oidcClientTsUser = _c.sent();
467
- return [2 /*return*/, {
468
- "loginScenario": "silentSignin",
469
- oidcClientTsUser: oidcClientTsUser
470
- }];
471
- case 14: return [2 /*return*/, undefined];
592
+ _b.trys.push([13, 15, , 16]);
593
+ return [4 /*yield*/, oidcClientTsUserManager.signinRedirectCallback(loginSuccessUrl)];
594
+ case 14:
595
+ oidcClientTsUser = _b.sent();
596
+ return [3 /*break*/, 16];
597
+ case 15:
598
+ error_3 = _b.sent();
599
+ (0, assert_1.assert)(error_3 instanceof Error);
600
+ if (error_3.message === "Failed to fetch") {
601
+ // If we have a fetch error here. We know for sure that the server isn't down,
602
+ // the silent sign-in was successful. We also know that the issuer_uri is correct.
603
+ // so it's very likely the web origins that are misconfigured.
604
+ throw new OidcInitializationError({
605
+ "type": "bad configuration",
606
+ "likelyCause": {
607
+ "type": "not in Web Origins",
608
+ clientId: clientId
609
+ }
610
+ });
611
+ }
612
+ throw error_3;
613
+ case 16: return [2 /*return*/, {
614
+ "loginScenario": "silentSignin",
615
+ oidcClientTsUser: oidcClientTsUser
616
+ }];
617
+ case 17: return [2 /*return*/, undefined];
472
618
  }
473
619
  });
474
620
  });
@@ -509,7 +655,7 @@ function createOidc(params) {
509
655
  "type": "unknown",
510
656
  "cause": error
511
657
  });
512
- console.error("OIDC initialization error: ".concat(initializationError.message));
658
+ console.error("OIDC initialization error of type \"".concat(initializationError.type, "\": ").concat(initializationError.message));
513
659
  startTrackingLastPublicRoute();
514
660
  return [2 /*return*/, (0, id_1.id)(__assign(__assign({}, common), { "isUserLoggedIn": false, "login": function () { return __awaiter(_this, void 0, void 0, function () {
515
661
  return __generator(this, function (_a) {
package/oidc.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"oidc.js","sourceRoot":"","sources":["src/oidc.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAuG;AACvG,+BAA8B;AAC9B,2EAA0E;AAC1E,uCAAmD;AACnD,yDAAuF;AACvF,yDAAwD;AACxD,6CAA4C;AAC5C,+CAA8C;AAC9C,+DAA8D;AAC9D,iEAAgE;AAChE,yDAA8D;AAE9D,+CAAyD;AA0DzD;IAA6C,2CAAK;IAG9C,iCACI,MAWO;;QAEP,YAAA,MAAK,YACD,CAAC;YACG,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;gBAClB,KAAK,aAAa;oBACd,OAAO,yBAAyB,CAAC;gBACrC,KAAK,mBAAmB;oBACpB,OAAO,6CAAsC,MAAM,CAAC,cAAc,OAAI,CAAC;gBAC3E,KAAK,SAAS;oBACV,OAAO,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC;YACpC,CAAC;QACL,CAAC,CAAC,EAAE;QACJ,mBAAmB;QACnB,EAAE,OAAO,EAAE,MAAM,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,EAAE,CACpE,SAAC;QACF,KAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;QACxB,MAAM,CAAC,cAAc,CAAC,KAAI,EAAE,WAAW,SAAS,CAAC,CAAC;;IACtD,CAAC;IACL,8BAAC;AAAD,CAAC,AAlCD,CAA6C,KAAK,GAkCjD;AAlCY,0DAAuB;AAoCpC,IAAM,mCAAmC,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,KAAK,CAAU,CAAC;AA4C/F,IAAI,aAAa,GAA4C,SAAS,CAAC;AACvE,IAAM,iBAAiB,GAAG,IAAI,GAAG,EAA2B,CAAC;AAE7D,IAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC;AAE5B,mGAAmG;AACnG,SAAsB,UAAU,CAE9B,MAA0C;;;;;;;oBAEpC,SAAS,GAST,MAAM,UATG,EACT,QAAQ,GAQR,MAAM,SARE,EACR,YAAY,GAOZ,MAAM,aAPM,EACZ,KAMA,MAAM,2BANiC,EAAvC,0BAA0B,mBAAG,UAAA,GAAG,IAAI,OAAA,GAAG,EAAH,CAAG,KAAA,EACrB,wBAAwB,GAK1C,MAAM,iBALoC,EAC/B,gBAAgB,GAI3B,MAAM,UAJqB,EAC3B,oBAAoB,GAGpB,MAAM,qBAHc,EACpB,8BAA8B,GAE9B,MAAM,+BAFwB,EAC9B,KACA,MAAM,iBAD6C,EAAnD,gBAAgB,mBAAG,EAAE,YAAY,EAAE,cAAc,EAAE,KAAA,CAC5C;oBAEL,mBAAmB,GAAG,CAAC;wBACzB,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE,CAAC;4BACjD,OAAO,wBAAwB,CAAC;wBACpC,CAAC;wBAED,IAAI,wBAAwB,KAAK,SAAS,EAAE,CAAC;4BACzC,OAAO,cAAM,OAAA,wBAAwB,EAAxB,CAAwB,CAAC;wBAC1C,CAAC;wBAED,OAAO,SAAS,CAAC;oBACrB,CAAC,CAAC,EAAE,CAAC;oBAEC,SAAS,GAAG,CAAC;wBACf,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;4BACjC,OAAO,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;wBAClC,CAAC;wBAED,OAAO,CACH,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;4BAC/B,CAAC,CAAC,gBAAgB;4BAClB,CAAC,CAAC,UAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,SAAG,gBAAgB,CAAE,CACvD,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;oBACzB,CAAC,CAAC,EAAE,CAAC;oBAEC,UAAU,GAAG,IAAA,+BAAc,EAAC,UAAG,SAAS,cAAI,QAAQ,CAAE,CAAC,CAAC;oBAE9D,CAAC;wBACS,QAAQ,GAAG,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;wBAEnD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;4BACzB,KAAK,CAAC,IAAI,CAAC,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,EAAE,CAAC,CAAC,OAAO,CAAC,UAAA,OAAO,IAAI,OAAA,OAAO,EAAE,EAAT,CAAS,CAAC,CAAC;wBAC7D,CAAC;wBAED,iBAAiB,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;oBACjD,CAAC;oBAEK,aAAa,GAAG,YAAY,CAAC;oBAE7B,uBAAuB,GAAG,IAAI,4BAAuB,CAAC;wBACxD,WAAW,EAAE,SAAS;wBACtB,WAAW,EAAE,QAAQ;wBACrB,eAAe,EAAE,YAAY;wBAC7B,cAAc,EAAE,EAAE,CAAC,iCAAiC;wBACpD,eAAe,EAAE,MAAM;wBACvB,OAAO,EAAE,gBAAgB;wBACzB,sBAAsB,EAAE,KAAK;wBAC7B,qBAAqB,EAAE,UAAG,SAAS,8BAAoB,aAAa,cAAI,UAAU,CAAE;qBACvF,CAAC,CAAC;oBAEC,eAAe,GAAuB,SAAS,CAAC;oBAG9C,4BAA4B,GAAG;wBACjC,IAAM,aAAa,GAAG,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;wBACtD,OAAO,CAAC,SAAS,GAAG,SAAS,SAAS;4BAAC,cAAO;iCAAP,UAAO,EAAP,qBAAO,EAAP,IAAO;gCAAP,yBAAO;;4BAC1C,eAAe,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;4BACvC,OAAO,aAAa,wCAAI,IAAI,WAAE;wBAClC,CAAC,CAAC;oBACN,CAAC,CAAC;oBAEE,kBAAkB,GAAG,KAAK,CAAC;oBAEzB,KAAK,GAA8B,UAAO,EAG/C;4BAFG,2BAA2B,iCAAA,EAC3B,gBAAgB,sBAAA;;;;;;wCAEhB,IAAI,kBAAkB,EAAE,CAAC;4CACrB,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;wCACxC,CAAC;wCAED,kBAAkB,GAAG,IAAI,CAAC;wCAEV,YAAY,GAAK,IAAA,mCAAkB,EAAC;4CAChD,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;4CAC3B,MAAM,EAAE,aAAa;4CACrB,OAAO,EAAE,UAAU;yCACtB,CAAC,OAJ0B,CAIzB;wCAEH,uFAAuF;wCACvF,qGAAqG;wCACrG,iCAAiC;wCACjC,CAAC;4CACS,aAAW;gDACb,IAAI,QAAQ,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;oDACzC,QAAQ,CAAC,mBAAmB,CAAC,kBAAkB,EAAE,UAAQ,CAAC,CAAC;oDAE3D,IAAI,2BAA2B,EAAE,CAAC;wDAC9B,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;4DAChC,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,eAAe,CAAC;wDAC3C,CAAC;6DAAM,CAAC;4DACJ,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;wDAC1B,CAAC;oDACL,CAAC;yDAAM,CAAC;wDACJ,kBAAkB,GAAG,KAAK,CAAC;oDAC/B,CAAC;gDACL,CAAC;4CACL,CAAC,CAAC;4CACF,QAAQ,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,UAAQ,CAAC,CAAC;wCAC5D,CAAC;wCAED,0EAA0E;wCAC1E,0EAA0E;wCAC1E,0EAA0E;wCAC1E,oDAAoD;wCACpD,CAAC;4CACS,QAAM;gDAAC,cAA+C;qDAA/C,UAA+C,EAA/C,qBAA+C,EAA/C,IAA+C;oDAA/C,yBAA+C;;gDACxD,IAAM,WAAW,QAAO,QAAQ,YAAR,QAAQ,iCAAI,IAAI,aAAC,CAAC;gDAE1C,OAAO,IAAI,KAAK,CAAC,WAAW,EAAE;oDAC1B,KAAK,EAAE,UAAC,MAAM,EAAE,IAAI;wDAChB,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;4DAClB,IAAI,KAAG,GAAG,WAAW,CAAC,IAAI,CAAC;4DAE3B,MAAM,CAAC,OAAO,uBACP,mBAAmB,aAAnB,mBAAmB,uBAAnB,mBAAmB,EAAI,GACvB,gBAAgB,EACrB,CAAC,OAAO,CACN,UAAC,EAAa;oEAAb,KAAA,aAAa,EAAZ,IAAI,QAAA,EAAE,KAAK,QAAA;gEACT,OAAA,CAAC,KAAG,GAAG,IAAA,mCAAkB,EAAC;oEACtB,GAAG,OAAA;oEACH,IAAI,MAAA;oEACJ,KAAK,OAAA;iEACR,CAAC,CAAC,MAAM,CAAC;4DAJV,CAIU,CACjB,CAAC;4DAEF,KAAG,GAAG,0BAA0B,CAAC,KAAG,CAAC,CAAC;4DAEtC,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC,CAAC;4DAE5D,OAAO,KAAG,CAAC;wDACf,CAAC;wDAED,kBAAkB;wDAClB,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC;oDACxB,CAAC;iDACJ,CAAC,CAAC;4CACP,CAAC,CAAC;4CAEF,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,KAAG,EAAE,CAAC,CAAC;wCAC3D,CAAC;wCAED,qBAAM,uBAAuB,CAAC,cAAc,CAAC;gDACzC,YAAY,cAAA;gDACZ,0FAA0F;gDAC1F,gEAAgE;gDAChE,uDAAuD;gDACvD,gBAAgB,EAAE,2BAA2B,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ;6CACvE,CAAC,EAAA;;wCANF,SAME,CAAC;wCACH,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;;;;qBACvC,CAAC;oBAE2B,qBAAM,CAAC,SAAe,OAAO;;;;;;;4CAE9C,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;4CAE/B,CAAC;gDACS,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;gDAEzE,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,KAAK,KAAK,UAAU,EAAE,CAAC;oDACpD,wBAAyC;gDAC7C,CAAC;gDAED,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC;4CACxB,CAAC;4CAED,CAAC;gDACS,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;gDAEnE,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;oDACpB,MAAM,IAAI,KAAK,CAAC,sBAAe,MAAM,CAAC,KAAK,CAAE,CAAC,CAAC;gDACnD,CAAC;4CACL,CAAC;4CAEG,eAAe,GAAG,mBAAmB,CAAC;;gDAE1C,KAAmB,wCAAA,SAAA,mCAAmC,CAAA,iOAAE,CAAC;oDAApD;oDACK,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,IAAI,QAAA,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;oDAExD,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;wDACrB,IAAI,MAAI,KAAK,KAAK,EAAE,CAAC;4DACjB,SAAS;wDACb,CAAC;wDACD,MAAM,IAAI,KAAK,CAAC,+BAAwB,MAAI,CAAE,CAAC,CAAC;oDACpD,CAAC;oDAED,eAAe,GAAG,IAAA,mCAAkB,EAAC;wDACjC,KAAK,EAAE,eAAe;wDACtB,MAAM,EAAE,MAAI;wDACZ,OAAO,EAAE,MAAM,CAAC,KAAK;qDACxB,CAAC,CAAC,MAAM,CAAC;oDAEV,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC;gDACxB,CAAC;;;;;;;;;4CAED,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC;4CAEpC,gBAAgB,GAAiC,SAAS,CAAC;;;;4CAGxC,qBAAM,uBAAuB,CAAC,sBAAsB,CAAC,eAAe,CAAC,EAAA;;4CAAxF,gBAAgB,GAAG,SAAqE,CAAC;;;;4CAEzF,0EAA0E;4CAC1E,sBAAO,SAAS,EAAC;gDAGrB,sBAAO;gDACH,eAAe,EAAE,oBAA6B;gDAC9C,gBAAgB,kBAAA;6CACnB,EAAC;gDAIuB,qBAAM,uBAAuB,CAAC,OAAO,EAAE,EAAA;;4CAA1D,gBAAgB,GAAG,SAAuC;4CAEhE,IAAI,gBAAgB,KAAK,IAAI,EAAE,CAAC;gDAC5B,yBAA2B;4CAC/B,CAAC;;;;4CAIG,qBAAM,uBAAuB,CAAC,YAAY,EAAE,EAAA;;4CAA5C,SAA4C,CAAC;;;;4CAE7C,IAAA,eAAM,EAAC,OAAK,YAAY,KAAK,CAAC,CAAC;4CAE/B,IAAI,OAAK,CAAC,OAAO,KAAK,iBAAiB,EAAE,CAAC;gDACtC,MAAM,IAAI,uBAAuB,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC;4CACjE,CAAC;4CAED,sBAAO,SAAS,EAAC;iDAGrB,sBAAO;gDACH,eAAe,EAAE,2BAAoC;gDACrD,gBAAgB,kBAAA;6CACnB,EAAC;;4CAII,qBAAmB,IAAI,mBAAQ,EAAsB,CAAC;4CAEtD,mBAAiB,CAAC;gDACpB,IAAM,cAAc,GAAG,IAAA,qCAAiB,GAAE,CAAC;gDAE3C,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;oDAC/B,OAAO,IAAI,CAAC;gDAChB,CAAC;gDAEO,IAAA,QAAQ,GAAU,cAAc,SAAxB,EAAE,GAAG,GAAK,cAAc,IAAnB,CAAoB;gDAEzC,4DAA4D;gDAC5D,IAAM,SAAS,GAAG,IAAI,CAAC;gDAEvB,oDAAoD;gDACpD,8CAA8C;gDAC9C,IAAM,YAAY,GAAG,GAAG,GAAG,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC;gDAEvD,OAAO,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;4CAC7C,CAAC,CAAC,EAAE,CAAC;4CAEC,YAAU,IAAA,0BAAU,EACtB;gDACI,OAAA,kBAAgB,CAAC,MAAM,CACnB,IAAI,uBAAuB,CAAC;oDACxB,MAAM,EAAE,mBAAmB;oDAC3B,cAAc,kBAAA;iDACjB,CAAC,CACL;4CALD,CAKC,EACL,gBAAc,CACjB,CAAC;4CAEI,aAAW,UAAC,KAAmB;;gDACjC,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oDACjC,OAAO;gDACX,CAAC;gDAED,IAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC;gDAEvB,CAAC;oDACG,IAAI,MAAM,SAA8C,CAAC;oDAEzD,IAAI,CAAC;wDACD,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;oDACvE,CAAC;oDAAC,WAAM,CAAC;wDACL,wDAAwD;wDACxD,OAAO;oDACX,CAAC;oDAED,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,KAAK,KAAK,UAAU,EAAE,CAAC;wDACpD,OAAO;oDACX,CAAC;gDACL,CAAC;gDAED,IAAA,4BAAY,EAAC,SAAO,CAAC,CAAC;gDAEtB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,UAAQ,CAAC,CAAC;gDAEhD,CAAC;oDACG,IAAM,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;oDAEnE,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;wDACpB,kBAAgB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;wDACpC,OAAO;oDACX,CAAC;gDACL,CAAC;gDAED,IAAI,eAAe,GAAG,mBAAmB,CAAC;;oDAE1C,KAAmB,IAAA,wCAAA,SAAA,mCAAmC,CAAA,wFAAA,yIAAE,CAAC;wDAApD,IAAM,MAAI,gDAAA;wDACX,IAAM,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,IAAI,QAAA,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;wDAExD,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;4DACrB,IAAI,MAAI,KAAK,KAAK,EAAE,CAAC;gEACjB,SAAS;4DACb,CAAC;4DACD,MAAM,IAAI,KAAK,CAAC,+BAAwB,MAAI,CAAE,CAAC,CAAC;wDACpD,CAAC;wDAED,eAAe,GAAG,IAAA,mCAAkB,EAAC;4DACjC,KAAK,EAAE,eAAe;4DACtB,MAAM,EAAE,MAAI;4DACZ,OAAO,EAAE,MAAM,CAAC,KAAK;yDACxB,CAAC,CAAC,MAAM,CAAC;oDACd,CAAC;;;;;;;;;gDAED,kBAAgB,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;4CAC9C,CAAC,CAAC;4CAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,UAAQ,EAAE,KAAK,CAAC,CAAC;4CAEpD,uBAAuB;iDAClB,YAAY,CAAC,EAAE,+BAA+B,EAAE,gBAAc,GAAG,IAAI,EAAE,CAAC;iDACxE,KAAK,CAAC,UAAC,KAAY;gDAChB,IAAI,KAAK,CAAC,OAAO,KAAK,iBAAiB,EAAE,CAAC;oDACtC,IAAA,4BAAY,EAAC,SAAO,CAAC,CAAC;oDAEtB,kBAAgB,CAAC,MAAM,CAAC,IAAI,uBAAuB,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC;gDACpF,CAAC;4CACL,CAAC,CAAC,CAAC;4CAEiB,qBAAM,kBAAgB,CAAC,EAAE,EAAA;;4CAA3C,eAAe,GAAG,SAAyB;4CAEjD,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;gDAChC,yBAAoC;4CACxC,CAAC;4CAEwB,qBAAM,uBAAuB,CAAC,sBAAsB,CACzE,eAAe,CAClB,EAAA;;4CAFK,gBAAgB,GAAG,SAExB;4CAED,sBAAO;oDACH,eAAe,EAAE,cAAuB;oDACxC,gBAAgB,kBAAA;iDACnB,EAAC;iDAGN,sBAAO,SAAS,EAAC;;;;yBACpB,CAAC,EAAE,CAAC,IAAI,CACL,UAAA,MAAM;4BACF,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;gCACvB,OAAO,SAAS,CAAC;4BACrB,CAAC;4BAEO,IAAA,gBAAgB,GAAoB,MAAM,iBAA1B,EAAE,aAAa,GAAK,MAAM,cAAX,CAAY;4BAEnD,IAAM,MAAM,GAAG,wBAAwB,CAAC;gCACpC,gBAAgB,kBAAA;gCAChB,oBAAoB,sBAAA;6BACvB,CAAC,CAAC;4BAEH,IAAI,MAAM,CAAC,0BAA0B,GAAG,MAAM,CAAC,yBAAyB,EAAE,CAAC;gCACvE,OAAO,CAAC,IAAI,CACR;oCACI,kEAAkE;oCAClE,uDAAuD;oCACvD,mDAA4C,QAAQ,cAAI,SAAS,CAAE;iCACtE,CAAC,IAAI,CAAC,GAAG,CAAC,CACd,CAAC;4BACN,CAAC;4BAED,OAAO,EAAE,MAAM,QAAA,EAAE,aAAa,eAAA,EAAE,CAAC;wBACrC,CAAC,EACD,UAAA,KAAK;4BACD,IAAA,eAAM,EAAC,KAAK,YAAY,KAAK,CAAC,CAAC;4BAC/B,OAAO,KAAK,CAAC;wBACjB,CAAC,CACJ,EAAA;;oBA1OK,oBAAoB,GAAG,SA0O5B;oBAEK,MAAM,GAAgB;wBACxB,QAAQ,EAAE;4BACN,SAAS,WAAA;4BACT,QAAQ,UAAA;yBACX;qBACJ,CAAC;oBAEF,IAAI,oBAAoB,YAAY,KAAK,EAAE,CAAC;wBAClC,KAAK,GAAG,oBAAoB,CAAC;wBAE7B,mBAAmB,GACrB,KAAK,YAAY,uBAAuB;4BACpC,CAAC,CAAC,KAAK;4BACP,CAAC,CAAC,IAAI,uBAAuB,CAAC;gCACxB,MAAM,EAAE,SAAS;gCACjB,OAAO,EAAE,KAAK;6BACjB,CAAC,CAAC;wBAEb,OAAO,CAAC,KAAK,CAAC,qCAA8B,mBAAmB,CAAC,OAAO,CAAE,CAAC,CAAC;wBAE3E,4BAA4B,EAAE,CAAC;wBAE/B,sBAAO,IAAA,OAAE,wBACF,MAAM,KACT,gBAAgB,EAAE,KAAK,EACvB,OAAO,EAAE;;wCACL,KAAK,CAAC,kEAAkE,CAAC,CAAC;wCAC1E,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;;qCACvC,EACD,mBAAmB,qBAAA,IACrB,EAAC;oBACP,CAAC;oBAED,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;wBACrC,4BAA4B,EAAE,CAAC;wBAE/B,sBAAO,IAAA,OAAE,wBACF,MAAM,KACT,gBAAgB,EAAE,KAAK,EACvB,KAAK,OAAA,EACL,qBAAqB,EAAE,SAAS,IAClC,EAAC;oBACP,CAAC;oBAEG,aAAa,GAAG,oBAAoB,CAAC,MAAM,CAAC;oBAE1C,gCAAgC,GAAG,IAAI,GAAG,EAE7C,CAAC;oBAEE,cAAc,GAAG,IAAI,GAAG,EAAc,CAAC;oBAEvC,IAAI,GAAG,IAAA,OAAE,wBACR,MAAM,KACT,gBAAgB,EAAE,IAAI,EACtB,WAAW,EAAE,cAAM,OAAA,aAAa,EAAb,CAAa,EAChC,QAAQ,EAAE,UAAM,MAAM;;;4CAClB,qBAAM,uBAAuB,CAAC,eAAe,CAAC;4CAC1C,0BAA0B,EAAE,CAAC;gDACzB,QAAQ,MAAM,CAAC,UAAU,EAAE,CAAC;oDACxB,KAAK,cAAc;wDACf,OAAO,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;oDAChC,KAAK,MAAM;wDACP,OAAO,SAAS,CAAC;oDACrB,KAAK,cAAc;wDACf,OAAO,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;4DAC7B,CAAC,CAAC,UAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,SAAG,MAAM,CAAC,GAAG,CAAE;4DAC1C,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;gDACzB,CAAC;gDACD,IAAA,eAAM,EAA+B,KAAK,CAAC,CAAC;4CAChD,CAAC,CAAC,EAAE;yCACP,CAAC,EAAA;;wCAdF,SAcE,CAAC;wCACH,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;;;6BACvC,EACD,aAAa,EAAE;;;;4CACc,qBAAM,uBAAuB,CAAC,YAAY,EAAE,EAAA;;wCAA/D,gBAAgB,GAAG,SAA4C;wCAErE,IAAA,eAAM,EAAC,gBAAgB,KAAK,IAAI,CAAC,CAAC;wCAE5B,gCAAgC,GAAG,MAAM,CAAC,wBAAwB,CACpE,aAAa,EACb,gBAAgB,CACnB,CAAC;wCAEF,IAAA,eAAM,EAAC,gCAAgC,KAAK,SAAS,CAAC,CAAC;wCAEvD,aAAa,GAAG,wBAAwB,CAAC;4CACrC,gBAAgB,kBAAA;4CAChB,oBAAoB,sBAAA;yCACvB,CAAC,CAAC;wCAEH,mEAAmE;wCACnE,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,gBAAgB,EAAE,gCAAgC,CAAC,CAAC;wCAEzF,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,UAAA,aAAa,IAAI,OAAA,aAAa,EAAE,EAAf,CAAe,CAAC,CAAC;;;;6BACxE,EACD,yBAAyB,EAAE,UAAA,aAAa;4BACpC,cAAc,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;4BAElC,OAAO;gCACH,aAAa,EAAE;oCACX,cAAc,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;gCACzC,CAAC;6BACJ,CAAC;wBACN,CAAC,EACD,gCAAgC,EAAE,UAAA,YAAY;4BAC1C,gCAAgC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;4BAEnD,IAAM,kCAAkC,GAAG;gCACvC,gCAAgC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;4BAC1D,CAAC,CAAC;4BAEF,OAAO,EAAE,kCAAkC,oCAAA,EAAE,CAAC;wBAClD,CAAC,EACD,eAAe,EAAE,oBAAoB,CAAC,aAAa,IACrD,CAAC;oBAEH,CAAC;wBACS,0BAAwB;4BAC1B,kEAAkE;4BAClE,gEAAgE;4BAChE,mBAAmB;4BACnB,IAAM,mBAAmB,GAAG,IAAI,CAAC,GAAG,CAChC,aAAa,CAAC,yBAAyB,EACvC,aAAa,CAAC,0BAA0B,CAC3C,CAAC;4BAEF,OAAO,IAAI,CAAC,GAAG,CACX,mBAAmB,GAAG,IAAI,CAAC,GAAG,EAAE;4BAChC,+DAA+D;4BAC/D,0CAA0C;4BAC1C,mFAAmF;4BACnF,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CACtB,CAAC;wBACN,CAAC,CAAC;wBAEF,CAAC,SAAS,aAAa;4BAAtB,iBA6BA;4BA5BG,2DAA2D;4BAC3D,iFAAiF;4BACjF,uCAAuC;4BACvC,IAAM,oBAAoB,GAAG,IAAI,CAAC,GAAG,CAAC,KAAM,EAAE,uBAAqB,EAAE,GAAG,GAAG,CAAC,CAAC;4BAE7E,IAAM,KAAK,GAAG,IAAA,0BAAU,EAAC;;;;;4CACrB,sBAAsB,EAAE,CAAC;;;;4CAGrB,qBAAM,IAAI,CAAC,WAAW,EAAE,EAAA;;4CAAxB,SAAwB,CAAC;;;;4CAEzB,gEAAgE;4CAChE,+BAA+B;4CAC/B,oEAAoE;4CACpE,kEAAkE;4CAClE,qEAAqE;4CACrE,mCAAmC;4CACnC,qBAAM,KAAK,CAAC,EAAE,6BAA6B,EAAE,KAAK,EAAE,CAAC,EAAA;;4CANrD,gEAAgE;4CAChE,+BAA+B;4CAC/B,oEAAoE;4CACpE,kEAAkE;4CAClE,qEAAqE;4CACrE,mCAAmC;4CACnC,SAAqD,CAAC;;;4CAG1D,aAAa,EAAE,CAAC;;;;iCACnB,EAAE,uBAAqB,EAAE,GAAG,oBAAoB,CAAC,CAAC;4BAE3C,IAAa,sBAAsB,GAAK,IAAI,CAAC,uBAAuB,CAAC;gCACzE,IAAA,4BAAY,EAAC,KAAK,CAAC,CAAC;gCACpB,sBAAsB,EAAE,CAAC;gCACzB,aAAa,EAAE,CAAC;4BACpB,CAAC,CAAC,YAJyC,CAIxC;wBACP,CAAC,CAAC,EAAE,CAAC;oBACT,CAAC;oBAED,CAAC;wBACW,mBAAmB,IAAA,qCAAoB,EAAC;4BAC5C,qBAAqB,EAAE;gCACnB,OAAA,8BAA8B,aAA9B,8BAA8B,cAA9B,8BAA8B,GAAI,aAAa,CAAC,0BAA0B;4BAA1E,CAA0E;4BAC9E,cAAc,EAAE,UAAC,EAAe;oCAAb,WAAW,iBAAA;gCAC1B,KAAK,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,OAAO,CAAC,UAAA,YAAY;oCAC7D,OAAA,YAAY,CAAC,EAAE,WAAW,aAAA,EAAE,CAAC;gCAA7B,CAA6B,CAChC,CAAC;gCAEF,IAAI,WAAW,KAAK,CAAC,EAAE,CAAC;oCACpB,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;gCAClC,CAAC;4BACL,CAAC;yBACJ,CAAC,eAZoB,CAYnB;wBAEC,kBAA0C,SAAS,CAAC;wBAExD,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;4BAC9B,aAAa,GAAG,IAAA,uCAAkB,EAAC;gCAC/B,gDAAgD,EAAE,IAAK;6BAC1D,CAAC,CAAC,aAAa,CAAC;wBACrB,CAAC;wBAEO,iCAA8C,aAAa,CAAC,SAAS,CAAC,UAAA,YAAY;4BACtF,IAAI,YAAY,EAAE,CAAC;gCACf,IAAI,eAAa,KAAK,SAAS,EAAE,CAAC;oCAC9B,eAAa,EAAE,CAAC;oCAChB,eAAa,GAAG,SAAS,CAAC;gCAC9B,CAAC;4BACL,CAAC;iCAAM,CAAC;gCACJ,IAAA,eAAM,EAAC,eAAa,KAAK,SAAS,CAAC,CAAC;gCACpC,eAAa,GAAG,gBAAc,EAAE,CAAC,aAAa,CAAC;4BACnD,CAAC;wBACL,CAAC,CAAC,YAV+C,CAU9C;wBAEH,CAAC;4BACS,8BAA8B,GAAG,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;4BACzE,IAAA,eAAM,EAAC,8BAA8B,KAAK,SAAS,CAAC,CAAC;4BACrD,8BAA8B,CAAC,GAAG,CAAC;gCAC/B,8BAA4B,EAAE,CAAC;gCAC/B,eAAa,aAAb,eAAa,uBAAb,eAAa,EAAI,CAAC;4BACtB,CAAC,CAAC,CAAC;wBACP,CAAC;oBACL,CAAC;oBAED,sBAAO,IAAI,EAAC;;;;CACf;AAxmBD,gCAwmBC;AAED,SAAS,wBAAwB,CAAiD,MAGjF;IACW,IAAA,gBAAgB,GAA2B,MAAM,iBAAjC,EAAE,oBAAoB,GAAK,MAAM,qBAAX,CAAY;IAE1D,IAAM,WAAW,GAAG,gBAAgB,CAAC,YAAY,CAAC;IAElD,IAAM,yBAAyB,GAAG,CAAC;QAC/B,kBAAkB,EAAE,CAAC;YACT,IAAA,UAAU,GAAK,gBAAgB,WAArB,CAAsB;YAExC,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,kBAAkB,CAAC;YAC7B,CAAC;YAED,OAAO,UAAU,GAAG,IAAI,CAAC;QAC7B,CAAC;QAED,aAAa,EAAE,CAAC;YACZ,IAAM,cAAc,GAAG,IAAA,iDAAuB,EAAC,WAAW,CAAC,CAAC;YAE5D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;gBAC/B,MAAM,aAAa,CAAC;YACxB,CAAC;YAED,OAAO,cAAc,CAAC;QAC1B,CAAC;QAED,IAAA,eAAM,EAAC,KAAK,EAAE,4CAA4C,CAAC,CAAC;IAChE,CAAC,CAAC,EAAE,CAAC;IAEL,IAAM,YAAY,GAAG,gBAAgB,CAAC,aAAa,CAAC;IAEpD,IAAA,eAAM,EAAC,YAAY,KAAK,SAAS,EAAE,8CAA8C,CAAC,CAAC;IAEnF,IAAM,0BAA0B,GAAG,CAAC;QAChC,aAAa,EAAE,CAAC;YACZ,IAAM,cAAc,GAAG,IAAA,iDAAuB,EAAC,YAAY,CAAC,CAAC;YAE7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;gBAC/B,MAAM,aAAa,CAAC;YACxB,CAAC;YAED,OAAO,cAAc,CAAC;QAC1B,CAAC;QAED,IAAA,eAAM,EAAC,KAAK,EAAE,6CAA6C,CAAC,CAAC;IACjE,CAAC,CAAC,EAAE,CAAC;IAEL,IAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,CAAC;IAE1C,IAAA,eAAM,EAAC,OAAO,KAAK,SAAS,EAAE,yCAAyC,CAAC,CAAC;IAEzE,IAAM,MAAM,GAAgC;QACxC,WAAW,aAAA;QACX,yBAAyB,2BAAA;QACzB,YAAY,cAAA;QACZ,0BAA0B,4BAAA;QAC1B,OAAO,SAAA;QACP,gBAAgB,EAAE,IAAW;KAChC,CAAC;IAEF,IAAI,KAAK,GAKS,SAAS,CAAC;IAE5B,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,gBAAgB,EAAE;QAC5C,KAAK,EAAE;YACH,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,CAAC,OAAO,KAAK,IAAI,CAAC,OAAO,EAAE,CAAC;gBACxD,OAAO,KAAK,CAAC,cAAc,CAAC;YAChC,CAAC;YAED,IAAI,cAAc,GAAG,IAAA,qBAAS,EAAC,IAAI,CAAC,OAAO,CAAmB,CAAC;YAE/D,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBACrC,cAAc,GAAG,oBAAoB,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;YAChE,CAAC;YAED,KAAK,GAAG;gBACJ,SAAS,EAAE,IAAI,CAAC,OAAO;gBACvB,cAAc,gBAAA;aACjB,CAAC;YAEF,OAAO,cAAc,CAAC;QAC1B,CAAC;QACD,cAAc,EAAE,IAAI;QACpB,YAAY,EAAE,IAAI;KACrB,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAClB,CAAC"}
1
+ {"version":3,"file":"oidc.js","sourceRoot":"","sources":["src/oidc.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAuG;AACvG,+BAA8B;AAC9B,2EAA0E;AAC1E,uCAAmD;AACnD,yDAAuF;AACvF,yDAAwD;AACxD,6CAA4C;AAC5C,+CAA8C;AAC9C,+DAA8D;AAC9D,iEAAgE;AAChE,yDAA8D;AAE9D,+CAAyD;AA0DzD;IAA6C,2CAAK;IAG9C,iCACI,MA0BO;;QAEP,YAAA,MAAK,YACD,CAAC;YACG,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;gBAClB,KAAK,aAAa;oBACd,OAAO;wBACH,mCAAmC;wBACnC,qEAA8D,MAAM,CAAC,SAAS,mBAAgB;wBAC9F,+FAA+F;wBAC/F,oEAAoE;qBACvE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBAChB,KAAK,mBAAmB;oBACpB,QAAQ,MAAM,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;wBAC9B,KAAK,2BAA2B;4BAC5B,OAAO;gCACH,0BAAmB,MAAM,CAAC,WAAW,CAAC,QAAQ,oDAAiD;gCAC/F,6DAAqD,QAAQ,CAAC,MAAM,4CAAwC;gCAC5G,iBAAU,MAAM,CAAC,WAAW,CAAC,QAAQ,6BAA0B;gCAC/D,oEAAoE;gCACpE,qCAA8B,MAAM,CAAC,WAAW,CAAC,cAAc,QAAK;6BACvE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;wBAChB,KAAK,oBAAoB;4BACrB,OAAO;gCACH,sCAAsC;gCACtC,6EAAoE,MAAM,CAAC,WAAW,CAAC,QAAQ,2BAAwB;gCACvH,oCAA4B,QAAQ,CAAC,MAAM,sBAAkB;gCAC7D,oEAAoE;6BACvE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;wBAChB,KAAK,+BAA+B;4BAChC,OAAO;gCACH,UAAG,MAAM,CAAC,WAAW,CAAC,gBAAgB,yEAAsE;gCAC5G,2FAA2F;6BAC9F,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBACpB,CAAC;gBACL,KAAK,SAAS;oBACV,OAAO,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC;YACpC,CAAC;YACD,IAAA,eAAM,EAA+B,KAAK,CAAC,CAAC;QAChD,CAAC,CAAC,EAAE;QACJ,mBAAmB;QACnB,EAAE,OAAO,EAAE,MAAM,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,EAAE,CACpE,SAAC;QACF,KAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;QACxB,MAAM,CAAC,cAAc,CAAC,KAAI,EAAE,WAAW,SAAS,CAAC,CAAC;;IACtD,CAAC;IACL,8BAAC;AAAD,CAAC,AA5ED,CAA6C,KAAK,GA4EjD;AA5EY,0DAAuB;AA8EpC,IAAM,mCAAmC,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,KAAK,CAAU,CAAC;AA4C/F,IAAI,aAAa,GAA4C,SAAS,CAAC;AACvE,IAAM,iBAAiB,GAAG,IAAI,GAAG,EAA2B,CAAC;AAE7D,IAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC;AAE5B,mGAAmG;AACnG,SAAsB,UAAU,CAE9B,MAA0C;;;;;;;oBAEpC,SAAS,GAST,MAAM,UATG,EACT,QAAQ,GAQR,MAAM,SARE,EACR,YAAY,GAOZ,MAAM,aAPM,EACZ,KAMA,MAAM,2BANiC,EAAvC,0BAA0B,mBAAG,UAAA,GAAG,IAAI,OAAA,GAAG,EAAH,CAAG,KAAA,EACrB,wBAAwB,GAK1C,MAAM,iBALoC,EAC/B,gBAAgB,GAI3B,MAAM,UAJqB,EAC3B,oBAAoB,GAGpB,MAAM,qBAHc,EACpB,8BAA8B,GAE9B,MAAM,+BAFwB,EAC9B,KACA,MAAM,iBAD6C,EAAnD,gBAAgB,mBAAG,EAAE,YAAY,EAAE,cAAc,EAAE,KAAA,CAC5C;oBAEL,mBAAmB,GAAG,CAAC;wBACzB,IAAI,OAAO,wBAAwB,KAAK,UAAU,EAAE,CAAC;4BACjD,OAAO,wBAAwB,CAAC;wBACpC,CAAC;wBAED,IAAI,wBAAwB,KAAK,SAAS,EAAE,CAAC;4BACzC,OAAO,cAAM,OAAA,wBAAwB,EAAxB,CAAwB,CAAC;wBAC1C,CAAC;wBAED,OAAO,SAAS,CAAC;oBACrB,CAAC,CAAC,EAAE,CAAC;oBAEC,SAAS,GAAG,CAAC;wBACf,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;4BACjC,OAAO,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;wBAClC,CAAC;wBAED,OAAO,CACH,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC;4BAC/B,CAAC,CAAC,gBAAgB;4BAClB,CAAC,CAAC,UAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,SAAG,gBAAgB,CAAE,CACvD,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;oBACzB,CAAC,CAAC,EAAE,CAAC;oBAEC,UAAU,GAAG,IAAA,+BAAc,EAAC,UAAG,SAAS,cAAI,QAAQ,CAAE,CAAC,CAAC;oBAE9D,CAAC;wBACS,QAAQ,GAAG,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;wBAEnD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;4BACzB,KAAK,CAAC,IAAI,CAAC,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,EAAE,CAAC,CAAC,OAAO,CAAC,UAAA,OAAO,IAAI,OAAA,OAAO,EAAE,EAAT,CAAS,CAAC,CAAC;wBAC7D,CAAC;wBAED,iBAAiB,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;oBACjD,CAAC;oBAEK,aAAa,GAAG,YAAY,CAAC;oBAE7B,gBAAgB,GAAG,UAAG,SAAS,qBAAkB,CAAC;oBAElD,uBAAuB,GAAG,IAAI,4BAAuB,CAAC;wBACxD,WAAW,EAAE,SAAS;wBACtB,WAAW,EAAE,QAAQ;wBACrB,eAAe,EAAE,YAAY;wBAC7B,cAAc,EAAE,EAAE,CAAC,iCAAiC;wBACpD,eAAe,EAAE,MAAM;wBACvB,OAAO,EAAE,gBAAgB;wBACzB,sBAAsB,EAAE,KAAK;wBAC7B,qBAAqB,EAAE,UAAG,gBAAgB,cAAI,aAAa,cAAI,UAAU,CAAE;qBAC9E,CAAC,CAAC;oBAEC,eAAe,GAAuB,SAAS,CAAC;oBAG9C,4BAA4B,GAAG;wBACjC,IAAM,aAAa,GAAG,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;wBACtD,OAAO,CAAC,SAAS,GAAG,SAAS,SAAS;4BAAC,cAAO;iCAAP,UAAO,EAAP,qBAAO,EAAP,IAAO;gCAAP,yBAAO;;4BAC1C,eAAe,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;4BACvC,OAAO,aAAa,wCAAI,IAAI,WAAE;wBAClC,CAAC,CAAC;oBACN,CAAC,CAAC;oBAEE,kBAAkB,GAAG,KAAK,CAAC;oBAEzB,KAAK,GAA8B,UAAO,EAG/C;4BAFG,2BAA2B,iCAAA,EAC3B,gBAAgB,sBAAA;;;;;;wCAEhB,IAAI,kBAAkB,EAAE,CAAC;4CACrB,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;wCACxC,CAAC;wCAED,kBAAkB,GAAG,IAAI,CAAC;wCAEV,YAAY,GAAK,IAAA,mCAAkB,EAAC;4CAChD,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;4CAC3B,MAAM,EAAE,aAAa;4CACrB,OAAO,EAAE,UAAU;yCACtB,CAAC,OAJ0B,CAIzB;wCAEH,uFAAuF;wCACvF,qGAAqG;wCACrG,iCAAiC;wCACjC,CAAC;4CACS,aAAW;gDACb,IAAI,QAAQ,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;oDACzC,QAAQ,CAAC,mBAAmB,CAAC,kBAAkB,EAAE,UAAQ,CAAC,CAAC;oDAE3D,IAAI,2BAA2B,EAAE,CAAC;wDAC9B,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;4DAChC,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,eAAe,CAAC;wDAC3C,CAAC;6DAAM,CAAC;4DACJ,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;wDAC1B,CAAC;oDACL,CAAC;yDAAM,CAAC;wDACJ,kBAAkB,GAAG,KAAK,CAAC;oDAC/B,CAAC;gDACL,CAAC;4CACL,CAAC,CAAC;4CACF,QAAQ,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,UAAQ,CAAC,CAAC;wCAC5D,CAAC;wCAED,0EAA0E;wCAC1E,0EAA0E;wCAC1E,0EAA0E;wCAC1E,oDAAoD;wCACpD,CAAC;4CACS,QAAM;gDAAC,cAA+C;qDAA/C,UAA+C,EAA/C,qBAA+C,EAA/C,IAA+C;oDAA/C,yBAA+C;;gDACxD,IAAM,WAAW,QAAO,QAAQ,YAAR,QAAQ,iCAAI,IAAI,aAAC,CAAC;gDAE1C,OAAO,IAAI,KAAK,CAAC,WAAW,EAAE;oDAC1B,KAAK,EAAE,UAAC,MAAM,EAAE,IAAI;wDAChB,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;4DAClB,IAAI,KAAG,GAAG,WAAW,CAAC,IAAI,CAAC;4DAE3B,MAAM,CAAC,OAAO,uBACP,mBAAmB,aAAnB,mBAAmB,uBAAnB,mBAAmB,EAAI,GACvB,gBAAgB,EACrB,CAAC,OAAO,CACN,UAAC,EAAa;oEAAb,KAAA,aAAa,EAAZ,IAAI,QAAA,EAAE,KAAK,QAAA;gEACT,OAAA,CAAC,KAAG,GAAG,IAAA,mCAAkB,EAAC;oEACtB,GAAG,OAAA;oEACH,IAAI,MAAA;oEACJ,KAAK,OAAA;iEACR,CAAC,CAAC,MAAM,CAAC;4DAJV,CAIU,CACjB,CAAC;4DAEF,KAAG,GAAG,0BAA0B,CAAC,KAAG,CAAC,CAAC;4DAEtC,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC,CAAC;4DAE5D,OAAO,KAAG,CAAC;wDACf,CAAC;wDAED,kBAAkB;wDAClB,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC;oDACxB,CAAC;iDACJ,CAAC,CAAC;4CACP,CAAC,CAAC;4CAEF,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,KAAG,EAAE,CAAC,CAAC;wCAC3D,CAAC;wCAED,qBAAM,uBAAuB,CAAC,cAAc,CAAC;gDACzC,YAAY,cAAA;gDACZ,0FAA0F;gDAC1F,gEAAgE;gDAChE,uDAAuD;gDACvD,gBAAgB,EAAE,2BAA2B,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ;6CACvE,CAAC,EAAA;;wCANF,SAME,CAAC;wCACH,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;;;;qBACvC,CAAC;oBAE2B,qBAAM,CAAC,SAAe,OAAO;;;;;;;;4CAE9C,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;4CAE/B,CAAC;gDACS,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;gDAEzE,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,KAAK,KAAK,UAAU,EAAE,CAAC;oDACpD,wBAAyC;gDAC7C,CAAC;gDAED,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC;4CACxB,CAAC;4CAEG,eAAe,GAAG,mBAAmB,CAAC;4CAEtC,sBAAsB,GAAa,EAAE,CAAC;;gDAE1C,KAAmB,wCAAA,SAAA,mCAAmC,CAAA,iOAAE,CAAC;oDAApD;oDACK,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,IAAI,QAAA,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;oDAExD,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;wDACrB,IAAI,MAAI,KAAK,KAAK,EAAE,CAAC;4DACjB,SAAS;wDACb,CAAC;wDACD,sBAAsB,CAAC,IAAI,CAAC,MAAI,CAAC,CAAC;wDAClC,SAAS;oDACb,CAAC;oDAED,eAAe,GAAG,IAAA,mCAAkB,EAAC;wDACjC,KAAK,EAAE,eAAe;wDACtB,MAAM,EAAE,MAAI;wDACZ,OAAO,EAAE,MAAM,CAAC,KAAK;qDACxB,CAAC,CAAC,MAAM,CAAC;oDAEV,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC;gDACxB,CAAC;;;;;;;;;4CAED,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC;4CAExC,CAAC;gDACS,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;gDAEnE,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;oDACpB,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,KAAK,KAAK,gBAAgB,EAAE,CAAC;wDACtD,6EAA6E;wDAC7E,yFAAyF;wDACzF,qGAAqG;wDACrG,4GAA4G;wDAC5G,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;oDACxC,CAAC;oDAED,MAAM,IAAI,KAAK,CACX;wDACI,2FAA2F;wDAC3F,yBAAkB,MAAM,CAAC,KAAK,CAAE;qDACnC,CAAC,IAAI,CAAC,GAAG,CAAC,CACd,CAAC;gDACN,CAAC;4CACL,CAAC;4CAED,IAAI,sBAAsB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gDACtC,MAAM,IAAI,KAAK,CACX;oDACI,sFAAsF;oDACtF,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC;iDACpC,CAAC,IAAI,CAAC,GAAG,CAAC,CACd,CAAC;4CACN,CAAC;4CAEG,gBAAgB,GAAiC,SAAS,CAAC;;;;4CAGxC,qBAAM,uBAAuB,CAAC,sBAAsB,CAAC,eAAe,CAAC,EAAA;;4CAAxF,gBAAgB,GAAG,SAAqE,CAAC;;;;4CAEzF,IAAA,eAAM,EAAC,OAAK,YAAY,KAAK,CAAC,CAAC;4CAE/B,IAAI,OAAK,CAAC,OAAO,KAAK,iBAAiB,EAAE,CAAC;gDACtC,mGAAmG;gDACnG,iDAAiD;gDACjD,2DAA2D;gDAC3D,MAAM,IAAI,uBAAuB,CAAC;oDAC9B,MAAM,EAAE,mBAAmB;oDAC3B,aAAa,EAAE;wDACX,MAAM,EAAE,oBAAoB;wDAC5B,QAAQ,UAAA;qDACX;iDACJ,CAAC,CAAC;4CACP,CAAC;4CAED,0EAA0E;4CAC1E,8FAA8F;4CAC9F,sBAAO,SAAS,EAAC;gDAGrB,sBAAO;gDACH,eAAe,EAAE,oBAA6B;gDAC9C,gBAAgB,kBAAA;6CACnB,EAAC;gDAIuB,qBAAM,uBAAuB,CAAC,OAAO,EAAE,EAAA;;4CAA1D,gBAAgB,GAAG,SAAuC;4CAEhE,IAAI,gBAAgB,KAAK,IAAI,EAAE,CAAC;gDAC5B,yBAA2B;4CAC/B,CAAC;;;;4CAIG,qBAAM,uBAAuB,CAAC,YAAY,EAAE,EAAA;;4CAA5C,SAA4C,CAAC;;;;4CAE7C,IAAA,eAAM,EAAC,OAAK,YAAY,KAAK,CAAC,CAAC;4CAE/B,IAAI,OAAK,CAAC,OAAO,KAAK,iBAAiB,EAAE,CAAC;gDACtC,oEAAoE;gDACpE,0EAA0E;gDAC1E,sDAAsD;gDACtD,wEAAwE;gDACxE,6EAA6E;gDAC7E,6EAA6E;gDAC7E,iFAAiF;gDACjF,MAAM,IAAI,uBAAuB,CAAC;oDAC9B,MAAM,EAAE,aAAa;oDACrB,SAAS,WAAA;iDACZ,CAAC,CAAC;4CACP,CAAC;4CAED,sBAAO,SAAS,EAAC;iDAGrB,sBAAO;gDACH,eAAe,EAAE,2BAAoC;gDACrD,gBAAgB,kBAAA;6CACnB,EAAC;;4CAII,qBAAmB,IAAI,mBAAQ,EAAsB,CAAC;4CAEtD,mBAAiB,CAAC;gDACpB,IAAM,cAAc,GAAG,IAAA,qCAAiB,GAAE,CAAC;gDAE3C,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;oDAC/B,OAAO,IAAI,CAAC;gDAChB,CAAC;gDAEO,IAAA,QAAQ,GAAU,cAAc,SAAxB,EAAE,GAAG,GAAK,cAAc,IAAnB,CAAoB;gDAEzC,4DAA4D;gDAC5D,IAAM,SAAS,GAAG,IAAI,CAAC;gDAEvB,oDAAoD;gDACpD,8CAA8C;gDAC9C,IAAM,YAAY,GAAG,GAAG,GAAG,GAAG,GAAG,IAAI,GAAG,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC;gDAEvD,OAAO,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;4CAC7C,CAAC,CAAC,EAAE,CAAC;4CAEC,YAAU,IAAA,0BAAU,EAAC;;;;;gEACU,qBAAM,KAAK,CAAC,gBAAgB,CAAC,CAAC,IAAI,CAC/D,UAAM,QAAQ;;;;gFACM,qBAAM,QAAQ,CAAC,IAAI,EAAE,EAAA;;4EAA/B,OAAO,GAAG,SAAqB;4EAErC,sBAAO,CACH,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE;oFAC/B,OAAO,CAAC,QAAQ,CAAC,kCAAkC,CAAC,CACvD,EAAC;;;iEACL,EACD,cAAM,OAAA,KAAK,EAAL,CAAK,CACd,EAAA;;4DAVK,wBAAwB,GAAG,SAUhC;4DAED,IAAI,CAAC,wBAAwB,EAAE,CAAC;gEAC5B,kBAAgB,CAAC,MAAM,CACnB,IAAI,uBAAuB,CAAC;oEACxB,MAAM,EAAE,mBAAmB;oEAC3B,aAAa,EAAE;wEACX,MAAM,EAAE,+BAA+B;wEACvC,gBAAgB,kBAAA;qEACnB;iEACJ,CAAC,CACL,CAAC;gEACF,sBAAO;4DACX,CAAC;4DAED,8EAA8E;4DAC9E,qEAAqE;4DACrE,sEAAsE;4DACtE,4FAA4F;4DAC5F,qDAAqD;4DACrD,kBAAgB,CAAC,MAAM,CACnB,IAAI,uBAAuB,CAAC;gEACxB,MAAM,EAAE,mBAAmB;gEAC3B,aAAa,EAAE;oEACX,MAAM,EAAE,2BAA2B;oEACnC,QAAQ,UAAA;oEACR,cAAc,kBAAA;iEACjB;6DACJ,CAAC,CACL,CAAC;;;;iDACL,EAAE,gBAAc,CAAC,CAAC;4CAEb,aAAW,UAAC,KAAmB;;gDACjC,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oDACjC,OAAO;gDACX,CAAC;gDAED,IAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC;gDAEvB,CAAC;oDACG,IAAI,MAAM,SAA8C,CAAC;oDAEzD,IAAI,CAAC;wDACD,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;oDACvE,CAAC;oDAAC,WAAM,CAAC;wDACL,wDAAwD;wDACxD,OAAO;oDACX,CAAC;oDAED,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,KAAK,KAAK,UAAU,EAAE,CAAC;wDACpD,OAAO;oDACX,CAAC;gDACL,CAAC;gDAED,IAAA,4BAAY,EAAC,SAAO,CAAC,CAAC;gDAEtB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,UAAQ,CAAC,CAAC;gDAEhD,CAAC;oDACG,IAAM,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;oDAEnE,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;wDACpB,kBAAgB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;wDACpC,OAAO;oDACX,CAAC;gDACL,CAAC;gDAED,IAAI,eAAe,GAAG,mBAAmB,CAAC;gDAE1C,IAAM,sBAAsB,GAAa,EAAE,CAAC;;oDAE5C,KAAmB,IAAA,wCAAA,SAAA,mCAAmC,CAAA,wFAAA,yIAAE,CAAC;wDAApD,IAAM,MAAI,gDAAA;wDACX,IAAM,MAAM,GAAG,IAAA,0CAAyB,EAAC,EAAE,IAAI,QAAA,EAAE,GAAG,KAAA,EAAE,CAAC,CAAC;wDAExD,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;4DACrB,IAAI,MAAI,KAAK,KAAK,EAAE,CAAC;gEACjB,SAAS;4DACb,CAAC;4DACD,sBAAsB,CAAC,IAAI,CAAC,MAAI,CAAC,CAAC;4DAClC,SAAS;wDACb,CAAC;wDAED,eAAe,GAAG,IAAA,mCAAkB,EAAC;4DACjC,KAAK,EAAE,eAAe;4DACtB,MAAM,EAAE,MAAI;4DACZ,OAAO,EAAE,MAAM,CAAC,KAAK;yDACxB,CAAC,CAAC,MAAM,CAAC;oDACd,CAAC;;;;;;;;;gDAED,IAAI,sBAAsB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oDACtC,kBAAgB,CAAC,MAAM,CACnB,IAAI,KAAK,CACL;wDACI,8FAA8F;wDAC9F,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC;qDACpC,CAAC,IAAI,CAAC,GAAG,CAAC,CACd,CACJ,CAAC;oDACF,OAAO;gDACX,CAAC;gDAED,kBAAgB,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;4CAC9C,CAAC,CAAC;4CAEF,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,UAAQ,EAAE,KAAK,CAAC,CAAC;4CAEpD,uBAAuB;iDAClB,YAAY,CAAC,EAAE,+BAA+B,EAAE,gBAAc,GAAG,IAAI,EAAE,CAAC;iDACxE,KAAK,CAAC,UAAC,KAAY;gDAChB,IAAI,KAAK,CAAC,OAAO,KAAK,iBAAiB,EAAE,CAAC;oDACtC,IAAA,4BAAY,EAAC,SAAO,CAAC,CAAC;oDAEtB,8EAA8E;oDAC9E,8EAA8E;oDAC9E,kBAAgB,CAAC,MAAM,CACnB,IAAI,uBAAuB,CAAC;wDACxB,MAAM,EAAE,aAAa;wDACrB,SAAS,WAAA;qDACZ,CAAC,CACL,CAAC;gDACN,CAAC;4CACL,CAAC,CAAC,CAAC;4CAEiB,qBAAM,kBAAgB,CAAC,EAAE,EAAA;;4CAA3C,eAAe,GAAG,SAAyB;4CAEjD,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;gDAChC,yBAAoC;4CACxC,CAAC;4CAEG,gBAAgB,GAAiC,SAAS,CAAC;;;;4CAGxC,qBAAM,uBAAuB,CAAC,sBAAsB,CAAC,eAAe,CAAC,EAAA;;4CAAxF,gBAAgB,GAAG,SAAqE,CAAC;;;;4CAEzF,IAAA,eAAM,EAAC,OAAK,YAAY,KAAK,CAAC,CAAC;4CAE/B,IAAI,OAAK,CAAC,OAAO,KAAK,iBAAiB,EAAE,CAAC;gDACtC,8EAA8E;gDAC9E,kFAAkF;gDAClF,8DAA8D;gDAC9D,MAAM,IAAI,uBAAuB,CAAC;oDAC9B,MAAM,EAAE,mBAAmB;oDAC3B,aAAa,EAAE;wDACX,MAAM,EAAE,oBAAoB;wDAC5B,QAAQ,UAAA;qDACX;iDACJ,CAAC,CAAC;4CACP,CAAC;4CAED,MAAM,OAAK,CAAC;iDAGhB,sBAAO;gDACH,eAAe,EAAE,cAAuB;gDACxC,gBAAgB,kBAAA;6CACnB,EAAC;iDAGN,sBAAO,SAAS,EAAC;;;;yBACpB,CAAC,EAAE,CAAC,IAAI,CACL,UAAA,MAAM;4BACF,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;gCACvB,OAAO,SAAS,CAAC;4BACrB,CAAC;4BAEO,IAAA,gBAAgB,GAAoB,MAAM,iBAA1B,EAAE,aAAa,GAAK,MAAM,cAAX,CAAY;4BAEnD,IAAM,MAAM,GAAG,wBAAwB,CAAC;gCACpC,gBAAgB,kBAAA;gCAChB,oBAAoB,sBAAA;6BACvB,CAAC,CAAC;4BAEH,IAAI,MAAM,CAAC,0BAA0B,GAAG,MAAM,CAAC,yBAAyB,EAAE,CAAC;gCACvE,OAAO,CAAC,IAAI,CACR;oCACI,kEAAkE;oCAClE,uDAAuD;oCACvD,mDAA4C,QAAQ,cAAI,SAAS,CAAE;iCACtE,CAAC,IAAI,CAAC,GAAG,CAAC,CACd,CAAC;4BACN,CAAC;4BAED,OAAO,EAAE,MAAM,QAAA,EAAE,aAAa,eAAA,EAAE,CAAC;wBACrC,CAAC,EACD,UAAA,KAAK;4BACD,IAAA,eAAM,EAAC,KAAK,YAAY,KAAK,CAAC,CAAC;4BAC/B,OAAO,KAAK,CAAC;wBACjB,CAAC,CACJ,EAAA;;oBAtWK,oBAAoB,GAAG,SAsW5B;oBAEK,MAAM,GAAgB;wBACxB,QAAQ,EAAE;4BACN,SAAS,WAAA;4BACT,QAAQ,UAAA;yBACX;qBACJ,CAAC;oBAEF,IAAI,oBAAoB,YAAY,KAAK,EAAE,CAAC;wBAClC,KAAK,GAAG,oBAAoB,CAAC;wBAE7B,mBAAmB,GACrB,KAAK,YAAY,uBAAuB;4BACpC,CAAC,CAAC,KAAK;4BACP,CAAC,CAAC,IAAI,uBAAuB,CAAC;gCACxB,MAAM,EAAE,SAAS;gCACjB,OAAO,EAAE,KAAK;6BACjB,CAAC,CAAC;wBAEb,OAAO,CAAC,KAAK,CACT,8CAAsC,mBAAmB,CAAC,IAAI,iBAAM,mBAAmB,CAAC,OAAO,CAAE,CACpG,CAAC;wBAEF,4BAA4B,EAAE,CAAC;wBAE/B,sBAAO,IAAA,OAAE,wBACF,MAAM,KACT,gBAAgB,EAAE,KAAK,EACvB,OAAO,EAAE;;wCACL,KAAK,CAAC,kEAAkE,CAAC,CAAC;wCAC1E,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;;qCACvC,EACD,mBAAmB,qBAAA,IACrB,EAAC;oBACP,CAAC;oBAED,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;wBACrC,4BAA4B,EAAE,CAAC;wBAE/B,sBAAO,IAAA,OAAE,wBACF,MAAM,KACT,gBAAgB,EAAE,KAAK,EACvB,KAAK,OAAA,EACL,qBAAqB,EAAE,SAAS,IAClC,EAAC;oBACP,CAAC;oBAEG,aAAa,GAAG,oBAAoB,CAAC,MAAM,CAAC;oBAE1C,gCAAgC,GAAG,IAAI,GAAG,EAE7C,CAAC;oBAEE,cAAc,GAAG,IAAI,GAAG,EAAc,CAAC;oBAEvC,IAAI,GAAG,IAAA,OAAE,wBACR,MAAM,KACT,gBAAgB,EAAE,IAAI,EACtB,WAAW,EAAE,cAAM,OAAA,aAAa,EAAb,CAAa,EAChC,QAAQ,EAAE,UAAM,MAAM;;;4CAClB,qBAAM,uBAAuB,CAAC,eAAe,CAAC;4CAC1C,0BAA0B,EAAE,CAAC;gDACzB,QAAQ,MAAM,CAAC,UAAU,EAAE,CAAC;oDACxB,KAAK,cAAc;wDACf,OAAO,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;oDAChC,KAAK,MAAM;wDACP,OAAO,SAAS,CAAC;oDACrB,KAAK,cAAc;wDACf,OAAO,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC;4DAC7B,CAAC,CAAC,UAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,SAAG,MAAM,CAAC,GAAG,CAAE;4DAC1C,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;gDACzB,CAAC;gDACD,IAAA,eAAM,EAA+B,KAAK,CAAC,CAAC;4CAChD,CAAC,CAAC,EAAE;yCACP,CAAC,EAAA;;wCAdF,SAcE,CAAC;wCACH,sBAAO,IAAI,OAAO,CAAQ,cAAO,CAAC,CAAC,EAAC;;;6BACvC,EACD,aAAa,EAAE;;;;4CACc,qBAAM,uBAAuB,CAAC,YAAY,EAAE,EAAA;;wCAA/D,gBAAgB,GAAG,SAA4C;wCAErE,IAAA,eAAM,EAAC,gBAAgB,KAAK,IAAI,CAAC,CAAC;wCAE5B,gCAAgC,GAAG,MAAM,CAAC,wBAAwB,CACpE,aAAa,EACb,gBAAgB,CACnB,CAAC;wCAEF,IAAA,eAAM,EAAC,gCAAgC,KAAK,SAAS,CAAC,CAAC;wCAEvD,aAAa,GAAG,wBAAwB,CAAC;4CACrC,gBAAgB,kBAAA;4CAChB,oBAAoB,sBAAA;yCACvB,CAAC,CAAC;wCAEH,mEAAmE;wCACnE,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,gBAAgB,EAAE,gCAAgC,CAAC,CAAC;wCAEzF,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,UAAA,aAAa,IAAI,OAAA,aAAa,EAAE,EAAf,CAAe,CAAC,CAAC;;;;6BACxE,EACD,yBAAyB,EAAE,UAAA,aAAa;4BACpC,cAAc,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;4BAElC,OAAO;gCACH,aAAa,EAAE;oCACX,cAAc,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;gCACzC,CAAC;6BACJ,CAAC;wBACN,CAAC,EACD,gCAAgC,EAAE,UAAA,YAAY;4BAC1C,gCAAgC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;4BAEnD,IAAM,kCAAkC,GAAG;gCACvC,gCAAgC,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;4BAC1D,CAAC,CAAC;4BAEF,OAAO,EAAE,kCAAkC,oCAAA,EAAE,CAAC;wBAClD,CAAC,EACD,eAAe,EAAE,oBAAoB,CAAC,aAAa,IACrD,CAAC;oBAEH,CAAC;wBACS,0BAAwB;4BAC1B,kEAAkE;4BAClE,gEAAgE;4BAChE,mBAAmB;4BACnB,IAAM,mBAAmB,GAAG,IAAI,CAAC,GAAG,CAChC,aAAa,CAAC,yBAAyB,EACvC,aAAa,CAAC,0BAA0B,CAC3C,CAAC;4BAEF,OAAO,IAAI,CAAC,GAAG,CACX,mBAAmB,GAAG,IAAI,CAAC,GAAG,EAAE;4BAChC,+DAA+D;4BAC/D,0CAA0C;4BAC1C,mFAAmF;4BACnF,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CACtB,CAAC;wBACN,CAAC,CAAC;wBAEF,CAAC,SAAS,aAAa;4BAAtB,iBA6BA;4BA5BG,2DAA2D;4BAC3D,iFAAiF;4BACjF,uCAAuC;4BACvC,IAAM,oBAAoB,GAAG,IAAI,CAAC,GAAG,CAAC,KAAM,EAAE,uBAAqB,EAAE,GAAG,GAAG,CAAC,CAAC;4BAE7E,IAAM,KAAK,GAAG,IAAA,0BAAU,EAAC;;;;;4CACrB,sBAAsB,EAAE,CAAC;;;;4CAGrB,qBAAM,IAAI,CAAC,WAAW,EAAE,EAAA;;4CAAxB,SAAwB,CAAC;;;;4CAEzB,gEAAgE;4CAChE,+BAA+B;4CAC/B,oEAAoE;4CACpE,kEAAkE;4CAClE,qEAAqE;4CACrE,mCAAmC;4CACnC,qBAAM,KAAK,CAAC,EAAE,6BAA6B,EAAE,KAAK,EAAE,CAAC,EAAA;;4CANrD,gEAAgE;4CAChE,+BAA+B;4CAC/B,oEAAoE;4CACpE,kEAAkE;4CAClE,qEAAqE;4CACrE,mCAAmC;4CACnC,SAAqD,CAAC;;;4CAG1D,aAAa,EAAE,CAAC;;;;iCACnB,EAAE,uBAAqB,EAAE,GAAG,oBAAoB,CAAC,CAAC;4BAE3C,IAAa,sBAAsB,GAAK,IAAI,CAAC,uBAAuB,CAAC;gCACzE,IAAA,4BAAY,EAAC,KAAK,CAAC,CAAC;gCACpB,sBAAsB,EAAE,CAAC;gCACzB,aAAa,EAAE,CAAC;4BACpB,CAAC,CAAC,YAJyC,CAIxC;wBACP,CAAC,CAAC,EAAE,CAAC;oBACT,CAAC;oBAED,CAAC;wBACW,mBAAmB,IAAA,qCAAoB,EAAC;4BAC5C,qBAAqB,EAAE;gCACnB,OAAA,8BAA8B,aAA9B,8BAA8B,cAA9B,8BAA8B,GAAI,aAAa,CAAC,0BAA0B;4BAA1E,CAA0E;4BAC9E,cAAc,EAAE,UAAC,EAAe;oCAAb,WAAW,iBAAA;gCAC1B,KAAK,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,OAAO,CAAC,UAAA,YAAY;oCAC7D,OAAA,YAAY,CAAC,EAAE,WAAW,aAAA,EAAE,CAAC;gCAA7B,CAA6B,CAChC,CAAC;gCAEF,IAAI,WAAW,KAAK,CAAC,EAAE,CAAC;oCACpB,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;gCAClC,CAAC;4BACL,CAAC;yBACJ,CAAC,eAZoB,CAYnB;wBAEC,kBAA0C,SAAS,CAAC;wBAExD,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;4BAC9B,aAAa,GAAG,IAAA,uCAAkB,EAAC;gCAC/B,gDAAgD,EAAE,IAAK;6BAC1D,CAAC,CAAC,aAAa,CAAC;wBACrB,CAAC;wBAEO,iCAA8C,aAAa,CAAC,SAAS,CAAC,UAAA,YAAY;4BACtF,IAAI,YAAY,EAAE,CAAC;gCACf,IAAI,eAAa,KAAK,SAAS,EAAE,CAAC;oCAC9B,eAAa,EAAE,CAAC;oCAChB,eAAa,GAAG,SAAS,CAAC;gCAC9B,CAAC;4BACL,CAAC;iCAAM,CAAC;gCACJ,IAAA,eAAM,EAAC,eAAa,KAAK,SAAS,CAAC,CAAC;gCACpC,eAAa,GAAG,gBAAc,EAAE,CAAC,aAAa,CAAC;4BACnD,CAAC;wBACL,CAAC,CAAC,YAV+C,CAU9C;wBAEH,CAAC;4BACS,8BAA8B,GAAG,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;4BACzE,IAAA,eAAM,EAAC,8BAA8B,KAAK,SAAS,CAAC,CAAC;4BACrD,8BAA8B,CAAC,GAAG,CAAC;gCAC/B,8BAA4B,EAAE,CAAC;gCAC/B,eAAa,aAAb,eAAa,uBAAb,eAAa,EAAI,CAAC;4BACtB,CAAC,CAAC,CAAC;wBACP,CAAC;oBACL,CAAC;oBAED,sBAAO,IAAI,EAAC;;;;CACf;AAxuBD,gCAwuBC;AAED,SAAS,wBAAwB,CAAiD,MAGjF;IACW,IAAA,gBAAgB,GAA2B,MAAM,iBAAjC,EAAE,oBAAoB,GAAK,MAAM,qBAAX,CAAY;IAE1D,IAAM,WAAW,GAAG,gBAAgB,CAAC,YAAY,CAAC;IAElD,IAAM,yBAAyB,GAAG,CAAC;QAC/B,kBAAkB,EAAE,CAAC;YACT,IAAA,UAAU,GAAK,gBAAgB,WAArB,CAAsB;YAExC,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;gBAC3B,MAAM,kBAAkB,CAAC;YAC7B,CAAC;YAED,OAAO,UAAU,GAAG,IAAI,CAAC;QAC7B,CAAC;QAED,aAAa,EAAE,CAAC;YACZ,IAAM,cAAc,GAAG,IAAA,iDAAuB,EAAC,WAAW,CAAC,CAAC;YAE5D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;gBAC/B,MAAM,aAAa,CAAC;YACxB,CAAC;YAED,OAAO,cAAc,CAAC;QAC1B,CAAC;QAED,IAAA,eAAM,EAAC,KAAK,EAAE,4CAA4C,CAAC,CAAC;IAChE,CAAC,CAAC,EAAE,CAAC;IAEL,IAAM,YAAY,GAAG,gBAAgB,CAAC,aAAa,CAAC;IAEpD,IAAA,eAAM,EAAC,YAAY,KAAK,SAAS,EAAE,8CAA8C,CAAC,CAAC;IAEnF,IAAM,0BAA0B,GAAG,CAAC;QAChC,aAAa,EAAE,CAAC;YACZ,IAAM,cAAc,GAAG,IAAA,iDAAuB,EAAC,YAAY,CAAC,CAAC;YAE7D,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;gBAC/B,MAAM,aAAa,CAAC;YACxB,CAAC;YAED,OAAO,cAAc,CAAC;QAC1B,CAAC;QAED,IAAA,eAAM,EAAC,KAAK,EAAE,6CAA6C,CAAC,CAAC;IACjE,CAAC,CAAC,EAAE,CAAC;IAEL,IAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,CAAC;IAE1C,IAAA,eAAM,EAAC,OAAO,KAAK,SAAS,EAAE,yCAAyC,CAAC,CAAC;IAEzE,IAAM,MAAM,GAAgC;QACxC,WAAW,aAAA;QACX,yBAAyB,2BAAA;QACzB,YAAY,cAAA;QACZ,0BAA0B,4BAAA;QAC1B,OAAO,SAAA;QACP,gBAAgB,EAAE,IAAW;KAChC,CAAC;IAEF,IAAI,KAAK,GAKS,SAAS,CAAC;IAE5B,MAAM,CAAC,cAAc,CAAC,MAAM,EAAE,gBAAgB,EAAE;QAC5C,KAAK,EAAE;YACH,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,CAAC,OAAO,KAAK,IAAI,CAAC,OAAO,EAAE,CAAC;gBACxD,OAAO,KAAK,CAAC,cAAc,CAAC;YAChC,CAAC;YAED,IAAI,cAAc,GAAG,IAAA,qBAAS,EAAC,IAAI,CAAC,OAAO,CAAmB,CAAC;YAE/D,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;gBACrC,cAAc,GAAG,oBAAoB,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;YAChE,CAAC;YAED,KAAK,GAAG;gBACJ,SAAS,EAAE,IAAI,CAAC,OAAO;gBACvB,cAAc,gBAAA;aACjB,CAAC;YAEF,OAAO,cAAc,CAAC;QAC1B,CAAC;QACD,cAAc,EAAE,IAAI;QACpB,YAAY,EAAE,IAAI;KACrB,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAClB,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "oidc-spa",
3
- "version": "4.6.1",
3
+ "version": "4.6.2",
4
4
  "description": "Openidconnect client for Single Page Applications",
5
5
  "repository": {
6
6
  "type": "git",
package/src/oidc.ts CHANGED
@@ -75,10 +75,25 @@ export class OidcInitializationError extends Error {
75
75
  params:
76
76
  | {
77
77
  type: "server down";
78
+ issuerUri: string;
78
79
  }
79
80
  | {
80
81
  type: "bad configuration";
81
- timeoutDelayMs: number;
82
+ likelyCause:
83
+ | {
84
+ // Most likely redirect URIs or the client does not exist.
85
+ type: "misconfigured OIDC client";
86
+ clientId: string;
87
+ timeoutDelayMs: number;
88
+ }
89
+ | {
90
+ type: "not in Web Origins";
91
+ clientId: string;
92
+ }
93
+ | {
94
+ type: "silent-sso.html not reachable";
95
+ silentSsoHtmlUrl: string;
96
+ };
82
97
  }
83
98
  | {
84
99
  type: "unknown";
@@ -89,12 +104,39 @@ export class OidcInitializationError extends Error {
89
104
  (() => {
90
105
  switch (params.type) {
91
106
  case "server down":
92
- return "The OIDC server is down";
107
+ return [
108
+ `The OIDC server seems to be down.`,
109
+ `If you know it's not the case it means that the issuerUri: ${params.issuerUri} is incorrect.`,
110
+ `If you are using Keycloak makes sure that the realm exists and that the url is well formed.\n`,
111
+ `More info: https://docs.oidc-spa.dev/resources/usage-with-keycloak`
112
+ ].join(" ");
93
113
  case "bad configuration":
94
- return `Bad configuration. Timed out after ${params.timeoutDelayMs}ms`;
114
+ switch (params.likelyCause.type) {
115
+ case "misconfigured OIDC client":
116
+ return [
117
+ `The OIDC client ${params.likelyCause.clientId} seems to be misconfigured on your OIDC server.`,
118
+ `If you are using Keycloak you likely need to add "${location.origin}/*" to the list of Valid Redirect URIs`,
119
+ `in the ${params.likelyCause.clientId} client configuration.\n`,
120
+ `More info: https://docs.oidc-spa.dev/resources/usage-with-keycloak`,
121
+ `Silent SSO timed out after ${params.likelyCause.timeoutDelayMs}ms.`
122
+ ].join(" ");
123
+ case "not in Web Origins":
124
+ return [
125
+ `It seems that there is a CORS issue.`,
126
+ `If you are using Keycloak check the "Web Origins" option in your ${params.likelyCause.clientId} client configuration.`,
127
+ `You should probably add "${location.origin}/*" to the list.`,
128
+ `More info: https://docs.oidc-spa.dev/resources/usage-with-keycloak`
129
+ ].join(" ");
130
+ case "silent-sso.html not reachable":
131
+ return [
132
+ `${params.likelyCause.silentSsoHtmlUrl} is not reachable. Make sure you've created the silent-sso.html file`,
133
+ `in your public directory. More info: https://docs.oidc-spa.dev/documentation/installation`
134
+ ].join(" ");
135
+ }
95
136
  case "unknown":
96
137
  return params.cause.message;
97
138
  }
139
+ assert<Equals<typeof params, never>>(false);
98
140
  })(),
99
141
  // @ts-expect-error
100
142
  { "cause": params.type === "unknown" ? params.cause : undefined }
@@ -207,6 +249,8 @@ export async function createOidc<
207
249
 
208
250
  const configHashKey = "configHash";
209
251
 
252
+ const silentSsoHtmlUrl = `${publicUrl}/silent-sso.html`;
253
+
210
254
  const oidcClientTsUserManager = new OidcClientTsUserManager({
211
255
  "authority": issuerUri,
212
256
  "client_id": clientId,
@@ -215,7 +259,7 @@ export async function createOidc<
215
259
  "response_type": "code",
216
260
  "scope": "openid profile",
217
261
  "automaticSilentRenew": false,
218
- "silent_redirect_uri": `${publicUrl}/silent-sso.html?${configHashKey}=${configHash}`
262
+ "silent_redirect_uri": `${silentSsoHtmlUrl}?${configHashKey}=${configHash}`
219
263
  });
220
264
 
221
265
  let lastPublicRoute: string | undefined = undefined;
@@ -334,16 +378,10 @@ export async function createOidc<
334
378
  url = result.newUrl;
335
379
  }
336
380
 
337
- {
338
- const result = retrieveQueryParamFromUrl({ "name": "error", url });
339
-
340
- if (result.wasPresent) {
341
- throw new Error(`OIDC error: ${result.value}`);
342
- }
343
- }
344
-
345
381
  let loginSuccessUrl = "https://dummy.com";
346
382
 
383
+ let missingMandatoryParams: string[] = [];
384
+
347
385
  for (const name of paramsToRetrieveFromSuccessfulLogin) {
348
386
  const result = retrieveQueryParamFromUrl({ name, url });
349
387
 
@@ -351,7 +389,8 @@ export async function createOidc<
351
389
  if (name === "iss") {
352
390
  continue;
353
391
  }
354
- throw new Error(`Missing query param: ${name}`);
392
+ missingMandatoryParams.push(name);
393
+ continue;
355
394
  }
356
395
 
357
396
  loginSuccessUrl = addQueryParamToUrl({
@@ -365,12 +404,58 @@ export async function createOidc<
365
404
 
366
405
  window.history.pushState(null, "", url);
367
406
 
407
+ {
408
+ const result = retrieveQueryParamFromUrl({ "name": "error", url });
409
+
410
+ if (result.wasPresent) {
411
+ if (window !== top && result.value === "login_required") {
412
+ // Here we are in an iframe, it's a bit hacky to suspend the process here but
413
+ // it's a common case when the user of the lib forgot to create the silent-sso.html file.
414
+ // In this case we want to let the timeout of the parent expire to provide the correct error message.
415
+ // If we go on with execution of this it would still work but the user would get a misleading error message.
416
+ return new Promise<never>(() => {});
417
+ }
418
+
419
+ throw new Error(
420
+ [
421
+ "The OIDC server responded with an error passed as query parameter after the login process",
422
+ `this error is: ${result.value}`
423
+ ].join(" ")
424
+ );
425
+ }
426
+ }
427
+
428
+ if (missingMandatoryParams.length !== 0) {
429
+ throw new Error(
430
+ [
431
+ "After the login process the following mandatory OIDC query parameters where missing:",
432
+ missingMandatoryParams.join(", ")
433
+ ].join(" ")
434
+ );
435
+ }
436
+
368
437
  let oidcClientTsUser: OidcClientTsUser | undefined = undefined;
369
438
 
370
439
  try {
371
440
  oidcClientTsUser = await oidcClientTsUserManager.signinRedirectCallback(loginSuccessUrl);
372
- } catch {
441
+ } catch (error) {
442
+ assert(error instanceof Error);
443
+
444
+ if (error.message === "Failed to fetch") {
445
+ // If it's a fetch error here we know that the web server is not down and the login was successful,
446
+ // we just where redirected from the login pages.
447
+ // This means it's likely a "Web origins" misconfiguration.
448
+ throw new OidcInitializationError({
449
+ "type": "bad configuration",
450
+ "likelyCause": {
451
+ "type": "not in Web Origins",
452
+ clientId
453
+ }
454
+ });
455
+ }
456
+
373
457
  //NOTE: The user has likely pressed the back button just after logging in.
458
+ //UPDATE: I don't remember how to reproduce this case and I don't know if it's still relevant.
374
459
  return undefined;
375
460
  }
376
461
 
@@ -394,7 +479,17 @@ export async function createOidc<
394
479
  assert(error instanceof Error);
395
480
 
396
481
  if (error.message === "Failed to fetch") {
397
- throw new OidcInitializationError({ "type": "server down" });
482
+ // Here it could be web origins as well but it's less likely because
483
+ // it would mean that there was once a valid configuration and it has been
484
+ // changed to an invalid one before the token expired.
485
+ // but the server is not necessarily down, the issuerUri could be wrong.
486
+ // So the error that we return should be either "server down" if fetching the
487
+ // well known configuration endpoint failed without returning any status code
488
+ // or "bad configuration" if the endpoint returned a 404 or an other status code.
489
+ throw new OidcInitializationError({
490
+ "type": "server down",
491
+ issuerUri
492
+ });
398
493
  }
399
494
 
400
495
  return undefined;
@@ -428,16 +523,48 @@ export async function createOidc<
428
523
  return Math.max(baseDelay, dynamicDelay);
429
524
  })();
430
525
 
431
- const timeout = setTimeout(
432
- () =>
526
+ const timeout = setTimeout(async () => {
527
+ const isSilentSsoHtmlReachable = await fetch(silentSsoHtmlUrl).then(
528
+ async response => {
529
+ const content = await response.text();
530
+
531
+ return (
532
+ content.split("\n").length < 20 &&
533
+ content.includes("parent.postMessage(location.href")
534
+ );
535
+ },
536
+ () => false
537
+ );
538
+
539
+ if (!isSilentSsoHtmlReachable) {
433
540
  dLoginSuccessUrl.reject(
434
541
  new OidcInitializationError({
435
542
  "type": "bad configuration",
436
- timeoutDelayMs
543
+ "likelyCause": {
544
+ "type": "silent-sso.html not reachable",
545
+ silentSsoHtmlUrl
546
+ }
437
547
  })
438
- ),
439
- timeoutDelayMs
440
- );
548
+ );
549
+ return;
550
+ }
551
+
552
+ // Here we know that the server is not down and that the issuer_uri is correct
553
+ // otherwise we would have had a fetch error when loading the iframe.
554
+ // So this means that it's very likely a OIDC client misconfiguration.
555
+ // It could also be a very slow network but this risk is mitigated by the fact that we check
556
+ // for the network speed to adjust the timeout delay.
557
+ dLoginSuccessUrl.reject(
558
+ new OidcInitializationError({
559
+ "type": "bad configuration",
560
+ "likelyCause": {
561
+ "type": "misconfigured OIDC client",
562
+ clientId,
563
+ timeoutDelayMs
564
+ }
565
+ })
566
+ );
567
+ }, timeoutDelayMs);
441
568
 
442
569
  const listener = (event: MessageEvent) => {
443
570
  if (typeof event.data !== "string") {
@@ -476,6 +603,8 @@ export async function createOidc<
476
603
 
477
604
  let loginSuccessUrl = "https://dummy.com";
478
605
 
606
+ const missingMandatoryParams: string[] = [];
607
+
479
608
  for (const name of paramsToRetrieveFromSuccessfulLogin) {
480
609
  const result = retrieveQueryParamFromUrl({ name, url });
481
610
 
@@ -483,7 +612,8 @@ export async function createOidc<
483
612
  if (name === "iss") {
484
613
  continue;
485
614
  }
486
- throw new Error(`Missing query param: ${name}`);
615
+ missingMandatoryParams.push(name);
616
+ continue;
487
617
  }
488
618
 
489
619
  loginSuccessUrl = addQueryParamToUrl({
@@ -493,6 +623,18 @@ export async function createOidc<
493
623
  }).newUrl;
494
624
  }
495
625
 
626
+ if (missingMandatoryParams.length !== 0) {
627
+ dLoginSuccessUrl.reject(
628
+ new Error(
629
+ [
630
+ "After the silent signin process the following mandatory OIDC query parameters where missing:",
631
+ missingMandatoryParams.join(", ")
632
+ ].join(" ")
633
+ )
634
+ );
635
+ return;
636
+ }
637
+
496
638
  dLoginSuccessUrl.resolve(loginSuccessUrl);
497
639
  };
498
640
 
@@ -504,7 +646,14 @@ export async function createOidc<
504
646
  if (error.message === "Failed to fetch") {
505
647
  clearTimeout(timeout);
506
648
 
507
- dLoginSuccessUrl.reject(new OidcInitializationError({ "type": "server down" }));
649
+ // Here we know it's not web origin because it's not the token we are fetching
650
+ // but just the well known configuration endpoint that is not subject to CORS.
651
+ dLoginSuccessUrl.reject(
652
+ new OidcInitializationError({
653
+ "type": "server down",
654
+ issuerUri
655
+ })
656
+ );
508
657
  }
509
658
  });
510
659
 
@@ -514,9 +663,28 @@ export async function createOidc<
514
663
  break restore_from_http_only_cookie;
515
664
  }
516
665
 
517
- const oidcClientTsUser = await oidcClientTsUserManager.signinRedirectCallback(
518
- loginSuccessUrl
519
- );
666
+ let oidcClientTsUser: OidcClientTsUser | undefined = undefined;
667
+
668
+ try {
669
+ oidcClientTsUser = await oidcClientTsUserManager.signinRedirectCallback(loginSuccessUrl);
670
+ } catch (error) {
671
+ assert(error instanceof Error);
672
+
673
+ if (error.message === "Failed to fetch") {
674
+ // If we have a fetch error here. We know for sure that the server isn't down,
675
+ // the silent sign-in was successful. We also know that the issuer_uri is correct.
676
+ // so it's very likely the web origins that are misconfigured.
677
+ throw new OidcInitializationError({
678
+ "type": "bad configuration",
679
+ "likelyCause": {
680
+ "type": "not in Web Origins",
681
+ clientId
682
+ }
683
+ });
684
+ }
685
+
686
+ throw error;
687
+ }
520
688
 
521
689
  return {
522
690
  "loginScenario": "silentSignin" as const,
@@ -574,7 +742,9 @@ export async function createOidc<
574
742
  "cause": error
575
743
  });
576
744
 
577
- console.error(`OIDC initialization error: ${initializationError.message}`);
745
+ console.error(
746
+ `OIDC initialization error of type "${initializationError.type}": ${initializationError.message}`
747
+ );
578
748
 
579
749
  startTrackingLastPublicRoute();
580
750