parse-server 2.8.4 → 8.6.2

package/lib/Adapters/Auth/mfa.js

@@ -0,0 +1,324 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = void 0;
+var _otpauth = require("otpauth");
+var _cryptoUtils = require("../../cryptoUtils");
+var _AuthAdapter = _interopRequireDefault(require("./AuthAdapter"));
+function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
+/**
+ * Parse Server authentication adapter for Multi-Factor Authentication (MFA).
+ *
+ * @class MFAAdapter
+ * @param {Object} options - The adapter options.
+ * @param {Array<String>} options.options - Supported MFA methods. Must include `"SMS"` or `"TOTP"`.
+ * @param {Number} [options.digits=6] - The number of digits for the one-time password (OTP). Must be between 4 and 10.
+ * @param {Number} [options.period=30] - The validity period of the OTP in seconds. Must be greater than 10.
+ * @param {String} [options.algorithm="SHA1"] - The algorithm used for TOTP generation. Defaults to `"SHA1"`.
+ * @param {Function} [options.sendSMS] - A callback function for sending SMS OTPs. Required if `"SMS"` is included in `options`.
+ *
+ * @description
+ * ## Parse Server Configuration
+ * To configure Parse Server for MFA, use the following structure:
+ * ```javascript
+ * {
+ *   auth: {
+ *     mfa: {
+ *       options: ["SMS", "TOTP"],
+ *       digits: 6,
+ *       period: 30,
+ *       algorithm: "SHA1",
+ *       sendSMS: (token, mobile) => {
+ *         // Send the SMS using your preferred SMS provider.
+ *         console.log(`Sending SMS to ${mobile} with token: ${token}`);
+ *       }
+ *     }
+ *   }
+ * }
+ * ```
+ *
+ * ## MFA Methods
+ * - **SMS**:
+ *   - Requires a valid mobile number.
+ *   - Sends a one-time password (OTP) via SMS for login or verification.
+ *   - Uses the `sendSMS` callback for sending the OTP.
+ *
+ * - **TOTP**:
+ *   - Requires a secret key for setup.
+ *   - Validates the user's OTP against a time-based one-time password (TOTP) generated using the secret key.
+ *   - Supports configurable digits, period, and algorithm for TOTP generation.
+ *
+ * ## MFA Payload
+ * The adapter requires the following `authData` fields:
+ * - **For SMS-based MFA**:
+ *   - `mobile`: The user's mobile number (required for setup).
+ *   - `token`: The OTP provided by the user for login or verification.
+ * - **For TOTP-based MFA**:
+ *   - `secret`: The TOTP secret key for the user (required for setup).
+ *   - `token`: The OTP provided by the user for login or verification.
+ *
+ * ## Example Payloads
+ * ### SMS Setup Payload
+ * ```json
+ * {
+ *   "mobile": "+1234567890"
+ * }
+ * ```
+ *
+ * ### TOTP Setup Payload
+ * ```json
+ * {
+ *   "secret": "BASE32ENCODEDSECRET",
+ *   "token": "123456"
+ * }
+ * ```
+ *
+ * ### Login Payload
+ * ```json
+ * {
+ *   "token": "123456"
+ * }
+ * ```
+ *
+ * @see {@link https://en.wikipedia.org/wiki/Time-based_One-Time_Password_algorithm Time-based One-Time Password Algorithm (TOTP)}
+ * @see {@link https://tools.ietf.org/html/rfc6238 RFC 6238: TOTP: Time-Based One-Time Password Algorithm}
+ */
+
+class MFAAdapter extends _AuthAdapter.default {
+  validateOptions(opts) {
+    const validOptions = opts.options;
+    if (!Array.isArray(validOptions)) {
+      throw 'mfa.options must be an array';
+    }
+    this.sms = validOptions.includes('SMS');
+    this.totp = validOptions.includes('TOTP');
+    if (!this.sms && !this.totp) {
+      throw 'mfa.options must include SMS or TOTP';
+    }
+    const digits = opts.digits || 6;
+    const period = opts.period || 30;
+    if (typeof digits !== 'number') {
+      throw 'mfa.digits must be a number';
+    }
+    if (typeof period !== 'number') {
+      throw 'mfa.period must be a number';
+    }
+    if (digits < 4 || digits > 10) {
+      throw 'mfa.digits must be between 4 and 10';
+    }
+    if (period < 10) {
+      throw 'mfa.period must be greater than 10';
+    }
+    const sendSMS = opts.sendSMS;
+    if (this.sms && typeof sendSMS !== 'function') {
+      throw 'mfa.sendSMS callback must be defined when using SMS OTPs';
+    }
+    this.smsCallback = sendSMS;
+    this.digits = digits;
+    this.period = period;
+    this.algorithm = opts.algorithm || 'SHA1';
+  }
+  validateSetUp(mfaData) {
+    if (mfaData.mobile && this.sms) {
+      return this.setupMobileOTP(mfaData.mobile);
+    }
+    if (this.totp) {
+      return this.setupTOTP(mfaData);
+    }
+    throw 'Invalid MFA data';
+  }
+  async validateLogin(loginData, _, req) {
+    const saveResponse = {
+      doNotSave: true
+    };
+    const token = loginData.token;
+    const auth = req.original.get('authData') || {};
+    const {
+      secret,
+      recovery,
+      mobile,
+      token: saved,
+      expiry
+    } = auth.mfa || {};
+    if (this.sms && mobile) {
+      if (token === 'request') {
+        const {
+          token: sendToken,
+          expiry
+        } = await this.sendSMS(mobile);
+        auth.mfa.token = sendToken;
+        auth.mfa.expiry = expiry;
+        req.object.set('authData', auth);
+        await req.object.save(null, {
+          useMasterKey: true
+        });
+        throw 'Please enter the token';
+      }
+      if (!saved || token !== saved) {
+        throw 'Invalid MFA token 1';
+      }
+      if (new Date() > expiry) {
+        throw 'Invalid MFA token 2';
+      }
+      delete auth.mfa.token;
+      delete auth.mfa.expiry;
+      return {
+        save: auth.mfa
+      };
+    }
+    if (this.totp) {
+      if (typeof token !== 'string') {
+        throw 'Invalid MFA token';
+      }
+      if (!secret) {
+        return saveResponse;
+      }
+      if (recovery[0] === token || recovery[1] === token) {
+        return saveResponse;
+      }
+      const totp = new _otpauth.TOTP({
+        algorithm: this.algorithm,
+        digits: this.digits,
+        period: this.period,
+        secret: _otpauth.Secret.fromBase32(secret)
+      });
+      const valid = totp.validate({
+        token
+      });
+      if (valid === null) {
+        throw 'Invalid MFA token';
+      }
+    }
+    return saveResponse;
+  }
+  async validateUpdate(authData, _, req) {
+    if (req.master) {
+      return;
+    }
+    if (authData.mobile && this.sms) {
+      if (!authData.token) {
+        throw 'MFA is already set up on this account';
+      }
+      return this.confirmSMSOTP(authData, req.original.get('authData')?.mfa || {});
+    }
+    if (this.totp) {
+      await this.validateLogin({
+        token: authData.old
+      }, null, req);
+      return this.validateSetUp(authData);
+    }
+    throw 'Invalid MFA data';
+  }
+  afterFind(authData, options, req) {
+    if (req.master) {
+      return;
+    }
+    if (this.totp && authData.secret) {
+      return {
+        status: 'enabled'
+      };
+    }
+    if (this.sms && authData.mobile) {
+      return {
+        status: 'enabled'
+      };
+    }
+    return {
+      status: 'disabled'
+    };
+  }
+  policy(req, auth) {
+    if (this.sms && auth?.pending && Object.keys(auth).length === 1) {
+      return 'default';
+    }
+    return 'additional';
+  }
+  async setupMobileOTP(mobile) {
+    const {
+      token,
+      expiry
+    } = await this.sendSMS(mobile);
+    return {
+      save: {
+        pending: {
+          [mobile]: {
+            token,
+            expiry
+          }
+        }
+      }
+    };
+  }
+  async sendSMS(mobile) {
+    if (!/^[+]*[(]{0,1}[0-9]{1,3}[)]{0,1}[-\s\./0-9]*$/g.test(mobile)) {
+      throw 'Invalid mobile number.';
+    }
+    let token = '';
+    while (token.length < this.digits) {
+      token += (0, _cryptoUtils.randomString)(10).replace(/\D/g, '');
+    }
+    token = token.substring(0, this.digits);
+    await Promise.resolve(this.smsCallback(token, mobile));
+    const expiry = new Date(new Date().getTime() + this.period * 1000);
+    return {
+      token,
+      expiry
+    };
+  }
+  async confirmSMSOTP(inputData, authData) {
+    const {
+      mobile,
+      token
+    } = inputData;
+    if (!authData.pending?.[mobile]) {
+      throw 'This number is not pending';
+    }
+    const pendingData = authData.pending[mobile];
+    if (token !== pendingData.token) {
+      throw 'Invalid MFA token';
+    }
+    if (new Date() > pendingData.expiry) {
+      throw 'Invalid MFA token';
+    }
+    delete authData.pending[mobile];
+    authData.mobile = mobile;
+    return {
+      save: authData
+    };
+  }
+  setupTOTP(mfaData) {
+    const {
+      secret,
+      token
+    } = mfaData;
+    if (!secret || !token || secret.length < 20) {
+      throw 'Invalid MFA data';
+    }
+    const totp = new _otpauth.TOTP({
+      algorithm: this.algorithm,
+      digits: this.digits,
+      period: this.period,
+      secret: _otpauth.Secret.fromBase32(secret)
+    });
+    const valid = totp.validate({
+      token
+    });
+    if (valid === null) {
+      throw 'Invalid MFA token';
+    }
+    const recovery = [(0, _cryptoUtils.randomString)(30), (0, _cryptoUtils.randomString)(30)];
+    return {
+      response: {
+        recovery: recovery.join(', ')
+      },
+      save: {
+        secret,
+        recovery
+      }
+    };
+  }
+}
+var _default = exports.default = new MFAAdapter();
+//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJuYW1lcyI6WyJfb3RwYXV0aCIsInJlcXVpcmUiLCJfY3J5cHRvVXRpbHMiLCJfQXV0aEFkYXB0ZXIiLCJfaW50ZXJvcFJlcXVpcmVEZWZhdWx0IiwiZSIsIl9fZXNNb2R1bGUiLCJkZWZhdWx0IiwiTUZBQWRhcHRlciIsIkF1dGhBZGFwdGVyIiwidmFsaWRhdGVPcHRpb25zIiwib3B0cyIsInZhbGlkT3B0aW9ucyIsIm9wdGlvbnMiLCJBcnJheSIsImlzQXJyYXkiLCJzbXMiLCJpbmNsdWRlcyIsInRvdHAiLCJkaWdpdHMiLCJwZXJpb2QiLCJzZW5kU01TIiwic21zQ2FsbGJhY2siLCJhbGdvcml0aG0iLCJ2YWxpZGF0ZVNldFVwIiwibWZhRGF0YSIsIm1vYmlsZSIsInNldHVwTW9iaWxlT1RQIiwic2V0dXBUT1RQIiwidmFsaWRhdGVMb2dpbiIsImxvZ2luRGF0YSIsIl8iLCJyZXEiLCJzYXZlUmVzcG9uc2UiLCJkb05vdFNhdmUiLCJ0b2tlbiIsImF1dGgiLCJvcmlnaW5hbCIsImdldCIsInNlY3JldCIsInJlY292ZXJ5Iiwic2F2ZWQiLCJleHBpcnkiLCJtZmEiLCJzZW5kVG9rZW4iLCJvYmplY3QiLCJzZXQiLCJzYXZlIiwidXNlTWFzdGVyS2V5IiwiRGF0ZSIsIlRPVFAiLCJTZWNyZXQiLCJmcm9tQmFzZTMyIiwidmFsaWQiLCJ2YWxpZGF0ZSIsInZhbGlkYXRlVXBkYXRlIiwiYXV0aERhdGEiLCJtYXN0ZXIiLCJjb25maXJtU01TT1RQIiwib2xkIiwiYWZ0ZXJGaW5kIiwic3RhdHVzIiwicG9saWN5IiwicGVuZGluZyIsIk9iamVjdCIsImtleXMiLCJsZW5ndGgiLCJ0ZXN0IiwicmFuZG9tU3RyaW5nIiwicmVwbGFjZSIsInN1YnN0cmluZyIsIlByb21pc2UiLCJyZXNvbHZlIiwiZ2V0VGltZSIsImlucHV0RGF0YSIsInBlbmRpbmdEYXRhIiwicmVzcG9uc2UiLCJqb2luIiwiX2RlZmF1bHQiLCJleHBvcnRzIl0sInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL0FkYXB0ZXJzL0F1dGgvbWZhLmpzIl0sInNvdXJjZXNDb250ZW50IjpbIi8qKlxuICogUGFyc2UgU2VydmVyIGF1dGhlbnRpY2F0aW9uIGFkYXB0ZXIgZm9yIE11bHRpLUZhY3RvciBBdXRoZW50aWNhdGlvbiAoTUZBKS5cbiAqXG4gKiBAY2xhc3MgTUZBQWRhcHRlclxuICogQHBhcmFtIHtPYmplY3R9IG9wdGlvbnMgLSBUaGUgYWRhcHRlciBvcHRpb25zLlxuICogQHBhcmFtIHtBcnJheTxTdHJpbmc+fSBvcHRpb25zLm9wdGlvbnMgLSBTdXBwb3J0ZWQgTUZBIG1ldGhvZHMuIE11c3QgaW5jbHVkZSBgXCJTTVNcImAgb3IgYFwiVE9UUFwiYC5cbiAqIEBwYXJhbSB7TnVtYmVyfSBbb3B0aW9ucy5kaWdpdHM9Nl0gLSBUaGUgbnVtYmVyIG9mIGRpZ2l0cyBmb3IgdGhlIG9uZS10aW1lIHBhc3N3b3JkIChPVFApLiBNdXN0IGJlIGJldHdlZW4gNCBhbmQgMTAuXG4gKiBAcGFyYW0ge051bWJlcn0gW29wdGlvbnMucGVyaW9kPTMwXSAtIFRoZSB2YWxpZGl0eSBwZXJpb2Qgb2YgdGhlIE9UUCBpbiBzZWNvbmRzLiBNdXN0IGJlIGdyZWF0ZXIgdGhhbiAxMC5cbiAqIEBwYXJhbSB7U3RyaW5nfSBbb3B0aW9ucy5hbGdvcml0aG09XCJTSEExXCJdIC0gVGhlIGFsZ29yaXRobSB1c2VkIGZvciBUT1RQIGdlbmVyYXRpb24uIERlZmF1bHRzIHRvIGBcIlNIQTFcImAuXG4gKiBAcGFyYW0ge0Z1bmN0aW9ufSBbb3B0aW9ucy5zZW5kU01TXSAtIEEgY2FsbGJhY2sgZnVuY3Rpb24gZm9yIHNlbmRpbmcgU01TIE9UUHMuIFJlcXVpcmVkIGlmIGBcIlNNU1wiYCBpcyBpbmNsdWRlZCBpbiBgb3B0aW9uc2AuXG4gKlxuICogQGRlc2NyaXB0aW9uXG4gKiAjIyBQYXJzZSBTZXJ2ZXIgQ29uZmlndXJhdGlvblxuICogVG8gY29uZmlndXJlIFBhcnNlIFNlcnZlciBmb3IgTUZBLCB1c2UgdGhlIGZvbGxvd2luZyBzdHJ1Y3R1cmU6XG4gKiBgYGBqYXZhc2NyaXB0XG4gKiB7XG4gKiAgIGF1dGg6IHtcbiAqICAgICBtZmE6IHtcbiAqICAgICAgIG9wdGlvbnM6IFtcIlNNU1wiLCBcIlRPVFBcIl0sXG4gKiAgICAgICBkaWdpdHM6IDYsXG4gKiAgICAgICBwZXJpb2Q6IDMwLFxuICogICAgICAgYWxnb3JpdGhtOiBcIlNIQTFcIixcbiAqICAgICAgIHNlbmRTTVM6ICh0b2tlbiwgbW9iaWxlKSA9PiB7XG4gKiAgICAgICAgIC8vIFNlbmQgdGhlIFNNUyB1c2luZyB5b3VyIHByZWZlcnJlZCBTTVMgcHJvdmlkZXIuXG4gKiAgICAgICAgIGNvbnNvbGUubG9nKGBTZW5kaW5nIFNNUyB0byAke21vYmlsZX0gd2l0aCB0b2tlbjogJHt0b2tlbn1gKTtcbiAqICAgICAgIH1cbiAqICAgICB9XG4gKiAgIH1cbiAqIH1cbiAqIGBgYFxuICpcbiAqICMjIE1GQSBNZXRob2RzXG4gKiAtICoqU01TKio6XG4gKiAgIC0gUmVxdWlyZXMgYSB2YWxpZCBtb2JpbGUgbnVtYmVyLlxuICogICAtIFNlbmRzIGEgb25lLXRpbWUgcGFzc3dvcmQgKE9UUCkgdmlhIFNNUyBmb3IgbG9naW4gb3IgdmVyaWZpY2F0aW9uLlxuICogICAtIFVzZXMgdGhlIGBzZW5kU01TYCBjYWxsYmFjayBmb3Igc2VuZGluZyB0aGUgT1RQLlxuICpcbiAqIC0gKipUT1RQKio6XG4gKiAgIC0gUmVxdWlyZXMgYSBzZWNyZXQga2V5IGZvciBzZXR1cC5cbiAqICAgLSBWYWxpZGF0ZXMgdGhlIHVzZXIncyBPVFAgYWdhaW5zdCBhIHRpbWUtYmFzZWQgb25lLXRpbWUgcGFzc3dvcmQgKFRPVFApIGdlbmVyYXRlZCB1c2luZyB0aGUgc2VjcmV0IGtleS5cbiAqICAgLSBTdXBwb3J0cyBjb25maWd1cmFibGUgZGlnaXRzLCBwZXJpb2QsIGFuZCBhbGdvcml0aG0gZm9yIFRPVFAgZ2VuZXJhdGlvbi5cbiAqXG4gKiAjIyBNRkEgUGF5bG9hZFxuICogVGhlIGFkYXB0ZXIgcmVxdWlyZXMgdGhlIGZvbGxvd2luZyBgYXV0aERhdGFgIGZpZWxkczpcbiAqIC0gKipGb3IgU01TLWJhc2VkIE1GQSoqOlxuICogICAtIGBtb2JpbGVgOiBUaGUgdXNlcidzIG1vYmlsZSBudW1iZXIgKHJlcXVpcmVkIGZvciBzZXR1cCkuXG4gKiAgIC0gYHRva2VuYDogVGhlIE9UUCBwcm92aWRlZCBieSB0aGUgdXNlciBmb3IgbG9naW4gb3IgdmVyaWZpY2F0aW9uLlxuICogLSAqKkZvciBUT1RQLWJhc2VkIE1GQSoqOlxuICogICAtIGBzZWNyZXRgOiBUaGUgVE9UUCBzZWNyZXQga2V5IGZvciB0aGUgdXNlciAocmVxdWlyZWQgZm9yIHNldHVwKS5cbiAqICAgLSBgdG9rZW5gOiBUaGUgT1RQIHByb3ZpZGVkIGJ5IHRoZSB1c2VyIGZvciBsb2dpbiBvciB2ZXJpZmljYXRpb24uXG4gKlxuICogIyMgRXhhbXBsZSBQYXlsb2Fkc1xuICogIyMjIFNNUyBTZXR1cCBQYXlsb2FkXG4gKiBgYGBqc29uXG4gKiB7XG4gKiAgIFwibW9iaWxlXCI6IFwiKzEyMzQ1Njc4OTBcIlxuICogfVxuICogYGBgXG4gKlxuICogIyMjIFRPVFAgU2V0dXAgUGF5bG9hZFxuICogYGBganNvblxuICoge1xuICogICBcInNlY3JldFwiOiBcIkJBU0UzMkVOQ09ERURTRUNSRVRcIixcbiAqICAgXCJ0b2tlblwiOiBcIjEyMzQ1NlwiXG4gKiB9XG4gKiBgYGBcbiAqXG4gKiAjIyMgTG9naW4gUGF5bG9hZFxuICogYGBganNvblxuICoge1xuICogICBcInRva2VuXCI6IFwiMTIzNDU2XCJcbiAqIH1cbiAqIGBgYFxuICpcbiAqIEBzZWUge0BsaW5rIGh0dHBzOi8vZW4ud2lraXBlZGlhLm9yZy93aWtpL1RpbWUtYmFzZWRfT25lLVRpbWVfUGFzc3dvcmRfYWxnb3JpdGhtIFRpbWUtYmFzZWQgT25lLVRpbWUgUGFzc3dvcmQgQWxnb3JpdGhtIChUT1RQKX1cbiAqIEBzZWUge0BsaW5rIGh0dHBzOi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9yZmM2MjM4IFJGQyA2MjM4OiBUT1RQOiBUaW1lLUJhc2VkIE9uZS1UaW1lIFBhc3N3b3JkIEFsZ29yaXRobX1cbiAqL1xuXG5pbXBvcnQgeyBUT1RQLCBTZWNyZXQgfSBmcm9tICdvdHBhdXRoJztcbmltcG9ydCB7IHJhbmRvbVN0cmluZyB9IGZyb20gJy4uLy4uL2NyeXB0b1V0aWxzJztcbmltcG9ydCBBdXRoQWRhcHRlciBmcm9tICcuL0F1dGhBZGFwdGVyJztcbmNsYXNzIE1GQUFkYXB0ZXIgZXh0ZW5kcyBBdXRoQWRhcHRlciB7XG4gIHZhbGlkYXRlT3B0aW9ucyhvcHRzKSB7XG4gICAgY29uc3QgdmFsaWRPcHRpb25zID0gb3B0cy5vcHRpb25zO1xuICAgIGlmICghQXJyYXkuaXNBcnJheSh2YWxpZE9wdGlvbnMpKSB7XG4gICAgICB0aHJvdyAnbWZhLm9wdGlvbnMgbXVzdCBiZSBhbiBhcnJheSc7XG4gICAgfVxuICAgIHRoaXMuc21zID0gdmFsaWRPcHRpb25zLmluY2x1ZGVzKCdTTVMnKTtcbiAgICB0aGlzLnRvdHAgPSB2YWxpZE9wdGlvbnMuaW5jbHVkZXMoJ1RPVFAnKTtcbiAgICBpZiAoIXRoaXMuc21zICYmICF0aGlzLnRvdHApIHtcbiAgICAgIHRocm93ICdtZmEub3B0aW9ucyBtdXN0IGluY2x1ZGUgU01TIG9yIFRPVFAnO1xuICAgIH1cbiAgICBjb25zdCBkaWdpdHMgPSBvcHRzLmRpZ2l0cyB8fCA2O1xuICAgIGNvbnN0IHBlcmlvZCA9IG9wdHMucGVyaW9kIHx8IDMwO1xuICAgIGlmICh0eXBlb2YgZGlnaXRzICE9PSAnbnVtYmVyJykge1xuICAgICAgdGhyb3cgJ21mYS5kaWdpdHMgbXVzdCBiZSBhIG51bWJlcic7XG4gICAgfVxuICAgIGlmICh0eXBlb2YgcGVyaW9kICE9PSAnbnVtYmVyJykge1xuICAgICAgdGhyb3cgJ21mYS5wZXJpb2QgbXVzdCBiZSBhIG51bWJlcic7XG4gICAgfVxuICAgIGlmIChkaWdpdHMgPCA0IHx8IGRpZ2l0cyA+IDEwKSB7XG4gICAgICB0aHJvdyAnbWZhLmRpZ2l0cyBtdXN0IGJlIGJldHdlZW4gNCBhbmQgMTAnO1xuICAgIH1cbiAgICBpZiAocGVyaW9kIDwgMTApIHtcbiAgICAgIHRocm93ICdtZmEucGVyaW9kIG11c3QgYmUgZ3JlYXRlciB0aGFuIDEwJztcbiAgICB9XG4gICAgY29uc3Qgc2VuZFNNUyA9IG9wdHMuc2VuZFNNUztcbiAgICBpZiAodGhpcy5zbXMgJiYgdHlwZW9mIHNlbmRTTVMgIT09ICdmdW5jdGlvbicpIHtcbiAgICAgIHRocm93ICdtZmEuc2VuZFNNUyBjYWxsYmFjayBtdXN0IGJlIGRlZmluZWQgd2hlbiB1c2luZyBTTVMgT1RQcyc7XG4gICAgfVxuICAgIHRoaXMuc21zQ2FsbGJhY2sgPSBzZW5kU01TO1xuICAgIHRoaXMuZGlnaXRzID0gZGlnaXRzO1xuICAgIHRoaXMucGVyaW9kID0gcGVyaW9kO1xuICAgIHRoaXMuYWxnb3JpdGhtID0gb3B0cy5hbGdvcml0aG0gfHwgJ1NIQTEnO1xuICB9XG4gIHZhbGlkYXRlU2V0VXAobWZhRGF0YSkge1xuICAgIGlmIChtZmFEYXRhLm1vYmlsZSAmJiB0aGlzLnNtcykge1xuICAgICAgcmV0dXJuIHRoaXMuc2V0dXBNb2JpbGVPVFAobWZhRGF0YS5tb2JpbGUpO1xuICAgIH1cbiAgICBpZiAodGhpcy50b3RwKSB7XG4gICAgICByZXR1cm4gdGhpcy5zZXR1cFRPVFAobWZhRGF0YSk7XG4gICAgfVxuICAgIHRocm93ICdJbnZhbGlkIE1GQSBkYXRhJztcbiAgfVxuICBhc3luYyB2YWxpZGF0ZUxvZ2luKGxvZ2luRGF0YSwgXywgcmVxKSB7XG4gICAgY29uc3Qgc2F2ZVJlc3BvbnNlID0ge1xuICAgICAgZG9Ob3RTYXZlOiB0cnVlLFxuICAgIH07XG4gICAgY29uc3QgdG9rZW4gPSBsb2dpbkRhdGEudG9rZW47XG4gICAgY29uc3QgYXV0aCA9IHJlcS5vcmlnaW5hbC5nZXQoJ2F1dGhEYXRhJykgfHwge307XG4gICAgY29uc3QgeyBzZWNyZXQsIHJlY292ZXJ5LCBtb2JpbGUsIHRva2VuOiBzYXZlZCwgZXhwaXJ5IH0gPSBhdXRoLm1mYSB8fCB7fTtcbiAgICBpZiAodGhpcy5zbXMgJiYgbW9iaWxlKSB7XG4gICAgICBpZiAodG9rZW4gPT09ICdyZXF1ZXN0Jykge1xuICAgICAgICBjb25zdCB7IHRva2VuOiBzZW5kVG9rZW4sIGV4cGlyeSB9ID0gYXdhaXQgdGhpcy5zZW5kU01TKG1vYmlsZSk7XG4gICAgICAgIGF1dGgubWZhLnRva2VuID0gc2VuZFRva2VuO1xuICAgICAgICBhdXRoLm1mYS5leHBpcnkgPSBleHBpcnk7XG4gICAgICAgIHJlcS5vYmplY3Quc2V0KCdhdXRoRGF0YScsIGF1dGgpO1xuICAgICAgICBhd2FpdCByZXEub2JqZWN0LnNhdmUobnVsbCwgeyB1c2VNYXN0ZXJLZXk6IHRydWUgfSk7XG4gICAgICAgIHRocm93ICdQbGVhc2UgZW50ZXIgdGhlIHRva2VuJztcbiAgICAgIH1cbiAgICAgIGlmICghc2F2ZWQgfHwgdG9rZW4gIT09IHNhdmVkKSB7XG4gICAgICAgIHRocm93ICdJbnZhbGlkIE1GQSB0b2tlbiAxJztcbiAgICAgIH1cbiAgICAgIGlmIChuZXcgRGF0ZSgpID4gZXhwaXJ5KSB7XG4gICAgICAgIHRocm93ICdJbnZhbGlkIE1GQSB0b2tlbiAyJztcbiAgICAgIH1cbiAgICAgIGRlbGV0ZSBhdXRoLm1mYS50b2tlbjtcbiAgICAgIGRlbGV0ZSBhdXRoLm1mYS5leHBpcnk7XG4gICAgICByZXR1cm4ge1xuICAgICAgICBzYXZlOiBhdXRoLm1mYSxcbiAgICAgIH07XG4gICAgfVxuICAgIGlmICh0aGlzLnRvdHApIHtcbiAgICAgIGlmICh0eXBlb2YgdG9rZW4gIT09ICdzdHJpbmcnKSB7XG4gICAgICAgIHRocm93ICdJbnZhbGlkIE1GQSB0b2tlbic7XG4gICAgICB9XG4gICAgICBpZiAoIXNlY3JldCkge1xuICAgICAgICByZXR1cm4gc2F2ZVJlc3BvbnNlO1xuICAgICAgfVxuICAgICAgaWYgKHJlY292ZXJ5WzBdID09PSB0b2tlbiB8fCByZWNvdmVyeVsxXSA9PT0gdG9rZW4pIHtcbiAgICAgICAgcmV0dXJuIHNhdmVSZXNwb25zZTtcbiAgICAgIH1cbiAgICAgIGNvbnN0IHRvdHAgPSBuZXcgVE9UUCh7XG4gICAgICAgIGFsZ29yaXRobTogdGhpcy5hbGdvcml0aG0sXG4gICAgICAgIGRpZ2l0czogdGhpcy5kaWdpdHMsXG4gICAgICAgIHBlcmlvZDogdGhpcy5wZXJpb2QsXG4gICAgICAgIHNlY3JldDogU2VjcmV0LmZyb21CYXNlMzIoc2VjcmV0KSxcbiAgICAgIH0pO1xuICAgICAgY29uc3QgdmFsaWQgPSB0b3RwLnZhbGlkYXRlKHtcbiAgICAgICAgdG9rZW4sXG4gICAgICB9KTtcbiAgICAgIGlmICh2YWxpZCA9PT0gbnVsbCkge1xuICAgICAgICB0aHJvdyAnSW52YWxpZCBNRkEgdG9rZW4nO1xuICAgICAgfVxuICAgIH1cbiAgICByZXR1cm4gc2F2ZVJlc3BvbnNlO1xuICB9XG4gIGFzeW5jIHZhbGlkYXRlVXBkYXRlKGF1dGhEYXRhLCBfLCByZXEpIHtcbiAgICBpZiAocmVxLm1hc3Rlcikge1xuICAgICAgcmV0dXJuO1xuICAgIH1cbiAgICBpZiAoYXV0aERhdGEubW9iaWxlICYmIHRoaXMuc21zKSB7XG4gICAgICBpZiAoIWF1dGhEYXRhLnRva2VuKSB7XG4gICAgICAgIHRocm93ICdNRkEgaXMgYWxyZWFkeSBzZXQgdXAgb24gdGhpcyBhY2NvdW50JztcbiAgICAgIH1cbiAgICAgIHJldHVybiB0aGlzLmNvbmZpcm1TTVNPVFAoYXV0aERhdGEsIHJlcS5vcmlnaW5hbC5nZXQoJ2F1dGhEYXRhJyk/Lm1mYSB8fCB7fSk7XG4gICAgfVxuICAgIGlmICh0aGlzLnRvdHApIHtcbiAgICAgIGF3YWl0IHRoaXMudmFsaWRhdGVMb2dpbih7IHRva2VuOiBhdXRoRGF0YS5vbGQgfSwgbnVsbCwgcmVxKTtcbiAgICAgIHJldHVybiB0aGlzLnZhbGlkYXRlU2V0VXAoYXV0aERhdGEpO1xuICAgIH1cbiAgICB0aHJvdyAnSW52YWxpZCBNRkEgZGF0YSc7XG4gIH1cbiAgYWZ0ZXJGaW5kKGF1dGhEYXRhLCBvcHRpb25zLCByZXEpIHtcbiAgICBpZiAocmVxLm1hc3Rlcikge1xuICAgICAgcmV0dXJuO1xuICAgIH1cbiAgICBpZiAodGhpcy50b3RwICYmIGF1dGhEYXRhLnNlY3JldCkge1xuICAgICAgcmV0dXJuIHtcbiAgICAgICAgc3RhdHVzOiAnZW5hYmxlZCcsXG4gICAgICB9O1xuICAgIH1cbiAgICBpZiAodGhpcy5zbXMgJiYgYXV0aERhdGEubW9iaWxlKSB7XG4gICAgICByZXR1cm4ge1xuICAgICAgICBzdGF0dXM6ICdlbmFibGVkJyxcbiAgICAgIH07XG4gICAgfVxuICAgIHJldHVybiB7XG4gICAgICBzdGF0dXM6ICdkaXNhYmxlZCcsXG4gICAgfTtcbiAgfVxuXG4gIHBvbGljeShyZXEsIGF1dGgpIHtcbiAgICBpZiAodGhpcy5zbXMgJiYgYXV0aD8ucGVuZGluZyAmJiBPYmplY3Qua2V5cyhhdXRoKS5sZW5ndGggPT09IDEpIHtcbiAgICAgIHJldHVybiAnZGVmYXVsdCc7XG4gICAgfVxuICAgIHJldHVybiAnYWRkaXRpb25hbCc7XG4gIH1cblxuICBhc3luYyBzZXR1cE1vYmlsZU9UUChtb2JpbGUpIHtcbiAgICBjb25zdCB7IHRva2VuLCBleHBpcnkgfSA9IGF3YWl0IHRoaXMuc2VuZFNNUyhtb2JpbGUpO1xuICAgIHJldHVybiB7XG4gICAgICBzYXZlOiB7XG4gICAgICAgIHBlbmRpbmc6IHtcbiAgICAgICAgICBbbW9iaWxlXToge1xuICAgICAgICAgICAgdG9rZW4sXG4gICAgICAgICAgICBleHBpcnksXG4gICAgICAgICAgfSxcbiAgICAgICAgfSxcbiAgICAgIH0sXG4gICAgfTtcbiAgfVxuXG4gIGFzeW5jIHNlbmRTTVMobW9iaWxlKSB7XG4gICAgaWYgKCEvXlsrXSpbKF17MCwxfVswLTldezEsM31bKV17MCwxfVstXFxzXFwuLzAtOV0qJC9nLnRlc3QobW9iaWxlKSkge1xuICAgICAgdGhyb3cgJ0ludmFsaWQgbW9iaWxlIG51bWJlci4nO1xuICAgIH1cbiAgICBsZXQgdG9rZW4gPSAnJztcbiAgICB3aGlsZSAodG9rZW4ubGVuZ3RoIDwgdGhpcy5kaWdpdHMpIHtcbiAgICAgIHRva2VuICs9IHJhbmRvbVN0cmluZygxMCkucmVwbGFjZSgvXFxEL2csICcnKTtcbiAgICB9XG4gICAgdG9rZW4gPSB0b2tlbi5zdWJzdHJpbmcoMCwgdGhpcy5kaWdpdHMpO1xuICAgIGF3YWl0IFByb21pc2UucmVzb2x2ZSh0aGlzLnNtc0NhbGxiYWNrKHRva2VuLCBtb2JpbGUpKTtcbiAgICBjb25zdCBleHBpcnkgPSBuZXcgRGF0ZShuZXcgRGF0ZSgpLmdldFRpbWUoKSArIHRoaXMucGVyaW9kICogMTAwMCk7XG4gICAgcmV0dXJuIHsgdG9rZW4sIGV4cGlyeSB9O1xuICB9XG5cbiAgYXN5bmMgY29uZmlybVNNU09UUChpbnB1dERhdGEsIGF1dGhEYXRhKSB7XG4gICAgY29uc3QgeyBtb2JpbGUsIHRva2VuIH0gPSBpbnB1dERhdGE7XG4gICAgaWYgKCFhdXRoRGF0YS5wZW5kaW5nPy5bbW9iaWxlXSkge1xuICAgICAgdGhyb3cgJ1RoaXMgbnVtYmVyIGlzIG5vdCBwZW5kaW5nJztcbiAgICB9XG4gICAgY29uc3QgcGVuZGluZ0RhdGEgPSBhdXRoRGF0YS5wZW5kaW5nW21vYmlsZV07XG4gICAgaWYgKHRva2VuICE9PSBwZW5kaW5nRGF0YS50b2tlbikge1xuICAgICAgdGhyb3cgJ0ludmFsaWQgTUZBIHRva2VuJztcbiAgICB9XG4gICAgaWYgKG5ldyBEYXRlKCkgPiBwZW5kaW5nRGF0YS5leHBpcnkpIHtcbiAgICAgIHRocm93ICdJbnZhbGlkIE1GQSB0b2tlbic7XG4gICAgfVxuICAgIGRlbGV0ZSBhdXRoRGF0YS5wZW5kaW5nW21vYmlsZV07XG4gICAgYXV0aERhdGEubW9iaWxlID0gbW9iaWxlO1xuICAgIHJldHVybiB7XG4gICAgICBzYXZlOiBhdXRoRGF0YSxcbiAgICB9O1xuICB9XG5cbiAgc2V0dXBUT1RQKG1mYURhdGEpIHtcbiAgICBjb25zdCB7IHNlY3JldCwgdG9rZW4gfSA9IG1mYURhdGE7XG4gICAgaWYgKCFzZWNyZXQgfHwgIXRva2VuIHx8IHNlY3JldC5sZW5ndGggPCAyMCkge1xuICAgICAgdGhyb3cgJ0ludmFsaWQgTUZBIGRhdGEnO1xuICAgIH1cbiAgICBjb25zdCB0b3RwID0gbmV3IFRPVFAoe1xuICAgICAgYWxnb3JpdGhtOiB0aGlzLmFsZ29yaXRobSxcbiAgICAgIGRpZ2l0czogdGhpcy5kaWdpdHMsXG4gICAgICBwZXJpb2Q6IHRoaXMucGVyaW9kLFxuICAgICAgc2VjcmV0OiBTZWNyZXQuZnJvbUJhc2UzMihzZWNyZXQpLFxuICAgIH0pO1xuICAgIGNvbnN0IHZhbGlkID0gdG90cC52YWxpZGF0ZSh7XG4gICAgICB0b2tlbixcbiAgICB9KTtcbiAgICBpZiAodmFsaWQgPT09IG51bGwpIHtcbiAgICAgIHRocm93ICdJbnZhbGlkIE1GQSB0b2tlbic7XG4gICAgfVxuICAgIGNvbnN0IHJlY292ZXJ5ID0gW3JhbmRvbVN0cmluZygzMCksIHJhbmRvbVN0cmluZygzMCldO1xuICAgIHJldHVybiB7XG4gICAgICByZXNwb25zZTogeyByZWNvdmVyeTogcmVjb3Zlcnkuam9pbignLCAnKSB9LFxuICAgICAgc2F2ZTogeyBzZWNyZXQsIHJlY292ZXJ5IH0sXG4gICAgfTtcbiAgfVxufVxuZXhwb3J0IGRlZmF1bHQgbmV3IE1GQUFkYXB0ZXIoKTtcbiJdLCJtYXBwaW5ncyI6Ijs7Ozs7O0FBOEVBLElBQUFBLFFBQUEsR0FBQUMsT0FBQTtBQUNBLElBQUFDLFlBQUEsR0FBQUQsT0FBQTtBQUNBLElBQUFFLFlBQUEsR0FBQUMsc0JBQUEsQ0FBQUgsT0FBQTtBQUF3QyxTQUFBRyx1QkFBQUMsQ0FBQSxXQUFBQSxDQUFBLElBQUFBLENBQUEsQ0FBQUMsVUFBQSxHQUFBRCxDQUFBLEtBQUFFLE9BQUEsRUFBQUYsQ0FBQTtBQWhGeEM7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTs7QUFLQSxNQUFNRyxVQUFVLFNBQVNDLG9CQUFXLENBQUM7RUFDbkNDLGVBQWVBLENBQUNDLElBQUksRUFBRTtJQUNwQixNQUFNQyxZQUFZLEdBQUdELElBQUksQ0FBQ0UsT0FBTztJQUNqQyxJQUFJLENBQUNDLEtBQUssQ0FBQ0MsT0FBTyxDQUFDSCxZQUFZLENBQUMsRUFBRTtNQUNoQyxNQUFNLDhCQUE4QjtJQUN0QztJQUNBLElBQUksQ0FBQ0ksR0FBRyxHQUFHSixZQUFZLENBQUNLLFFBQVEsQ0FBQyxLQUFLLENBQUM7SUFDdkMsSUFBSSxDQUFDQyxJQUFJLEdBQUdOLFlBQVksQ0FBQ0ssUUFBUSxDQUFDLE1BQU0sQ0FBQztJQUN6QyxJQUFJLENBQUMsSUFBSSxDQUFDRCxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUNFLElBQUksRUFBRTtNQUMzQixNQUFNLHNDQUFzQztJQUM5QztJQUNBLE1BQU1DLE1BQU0sR0FBR1IsSUFBSSxDQUFDUSxNQUFNLElBQUksQ0FBQztJQUMvQixNQUFNQyxNQUFNLEdBQUdULElBQUksQ0FBQ1MsTUFBTSxJQUFJLEVBQUU7SUFDaEMsSUFBSSxPQUFPRCxNQUFNLEtBQUssUUFBUSxFQUFFO01BQzlCLE1BQU0sNkJBQTZCO0lBQ3JDO0lBQ0EsSUFBSSxPQUFPQyxNQUFNLEtBQUssUUFBUSxFQUFFO01BQzlCLE1BQU0sNkJBQTZCO0lBQ3JDO0lBQ0EsSUFBSUQsTUFBTSxHQUFHLENBQUMsSUFBSUEsTUFBTSxHQUFHLEVBQUUsRUFBRTtNQUM3QixNQUFNLHFDQUFxQztJQUM3QztJQUNBLElBQUlDLE1BQU0sR0FBRyxFQUFFLEVBQUU7TUFDZixNQUFNLG9DQUFvQztJQUM1QztJQUNBLE1BQU1DLE9BQU8sR0FBR1YsSUFBSSxDQUFDVSxPQUFPO0lBQzVCLElBQUksSUFBSSxDQUFDTCxHQUFHLElBQUksT0FBT0ssT0FBTyxLQUFLLFVBQVUsRUFBRTtNQUM3QyxNQUFNLDBEQUEwRDtJQUNsRTtJQUNBLElBQUksQ0FBQ0MsV0FBVyxHQUFHRCxPQUFPO0lBQzFCLElBQUksQ0FBQ0YsTUFBTSxHQUFHQSxNQUFNO0lBQ3BCLElBQUksQ0FBQ0MsTUFBTSxHQUFHQSxNQUFNO0lBQ3BCLElBQUksQ0FBQ0csU0FBUyxHQUFHWixJQUFJLENBQUNZLFNBQVMsSUFBSSxNQUFNO0VBQzNDO0VBQ0FDLGFBQWFBLENBQUNDLE9BQU8sRUFBRTtJQUNyQixJQUFJQSxPQUFPLENBQUNDLE1BQU0sSUFBSSxJQUFJLENBQUNWLEdBQUcsRUFBRTtNQUM5QixPQUFPLElBQUksQ0FBQ1csY0FBYyxDQUFDRixPQUFPLENBQUNDLE1BQU0sQ0FBQztJQUM1QztJQUNBLElBQUksSUFBSSxDQUFDUixJQUFJLEVBQUU7TUFDYixPQUFPLElBQUksQ0FBQ1UsU0FBUyxDQUFDSCxPQUFPLENBQUM7SUFDaEM7SUFDQSxNQUFNLGtCQUFrQjtFQUMxQjtFQUNBLE1BQU1JLGFBQWFBLENBQUNDLFNBQVMsRUFBRUMsQ0FBQyxFQUFFQyxHQUFHLEVBQUU7SUFDckMsTUFBTUMsWUFBWSxHQUFHO01BQ25CQyxTQUFTLEVBQUU7SUFDYixDQUFDO0lBQ0QsTUFBTUMsS0FBSyxHQUFHTCxTQUFTLENBQUNLLEtBQUs7SUFDN0IsTUFBTUMsSUFBSSxHQUFHSixHQUFHLENBQUNLLFFBQVEsQ0FBQ0MsR0FBRyxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUMvQyxNQUFNO01BQUVDLE1BQU07TUFBRUMsUUFBUTtNQUFFZCxNQUFNO01BQUVTLEtBQUssRUFBRU0sS0FBSztNQUFFQztJQUFPLENBQUMsR0FBR04sSUFBSSxDQUFDTyxHQUFHLElBQUksQ0FBQyxDQUFDO0lBQ3pFLElBQUksSUFBSSxDQUFDM0IsR0FBRyxJQUFJVSxNQUFNLEVBQUU7TUFDdEIsSUFBSVMsS0FBSyxLQUFLLFNBQVMsRUFBRTtRQUN2QixNQUFNO1VBQUVBLEtBQUssRUFBRVMsU0FBUztVQUFFRjtRQUFPLENBQUMsR0FBRyxNQUFNLElBQUksQ0FBQ3JCLE9BQU8sQ0FBQ0ssTUFBTSxDQUFDO1FBQy9EVSxJQUFJLENBQUNPLEdBQUcsQ0FBQ1IsS0FBSyxHQUFHUyxTQUFTO1FBQzFCUixJQUFJLENBQUNPLEdBQUcsQ0FBQ0QsTUFBTSxHQUFHQSxNQUFNO1FBQ3hCVixHQUFHLENBQUNhLE1BQU0sQ0FBQ0MsR0FBRyxDQUFDLFVBQVUsRUFBRVYsSUFBSSxDQUFDO1FBQ2hDLE1BQU1KLEdBQUcsQ0FBQ2EsTUFBTSxDQUFDRSxJQUFJLENBQUMsSUFBSSxFQUFFO1VBQUVDLFlBQVksRUFBRTtRQUFLLENBQUMsQ0FBQztRQUNuRCxNQUFNLHdCQUF3QjtNQUNoQztNQUNBLElBQUksQ0FBQ1AsS0FBSyxJQUFJTixLQUFLLEtBQUtNLEtBQUssRUFBRTtRQUM3QixNQUFNLHFCQUFxQjtNQUM3QjtNQUNBLElBQUksSUFBSVEsSUFBSSxDQUFDLENBQUMsR0FBR1AsTUFBTSxFQUFFO1FBQ3ZCLE1BQU0scUJBQXFCO01BQzdCO01BQ0EsT0FBT04sSUFBSSxDQUFDTyxHQUFHLENBQUNSLEtBQUs7TUFDckIsT0FBT0MsSUFBSSxDQUFDTyxHQUFHLENBQUNELE1BQU07TUFDdEIsT0FBTztRQUNMSyxJQUFJLEVBQUVYLElBQUksQ0FBQ087TUFDYixDQUFDO0lBQ0g7SUFDQSxJQUFJLElBQUksQ0FBQ3pCLElBQUksRUFBRTtNQUNiLElBQUksT0FBT2lCLEtBQUssS0FBSyxRQUFRLEVBQUU7UUFDN0IsTUFBTSxtQkFBbUI7TUFDM0I7TUFDQSxJQUFJLENBQUNJLE1BQU0sRUFBRTtRQUNYLE9BQU9OLFlBQVk7TUFDckI7TUFDQSxJQUFJTyxRQUFRLENBQUMsQ0FBQyxDQUFDLEtBQUtMLEtBQUssSUFBSUssUUFBUSxDQUFDLENBQUMsQ0FBQyxLQUFLTCxLQUFLLEVBQUU7UUFDbEQsT0FBT0YsWUFBWTtNQUNyQjtNQUNBLE1BQU1mLElBQUksR0FBRyxJQUFJZ0MsYUFBSSxDQUFDO1FBQ3BCM0IsU0FBUyxFQUFFLElBQUksQ0FBQ0EsU0FBUztRQUN6QkosTUFBTSxFQUFFLElBQUksQ0FBQ0EsTUFBTTtRQUNuQkMsTUFBTSxFQUFFLElBQUksQ0FBQ0EsTUFBTTtRQUNuQm1CLE1BQU0sRUFBRVksZUFBTSxDQUFDQyxVQUFVLENBQUNiLE1BQU07TUFDbEMsQ0FBQyxDQUFDO01BQ0YsTUFBTWMsS0FBSyxHQUFHbkMsSUFBSSxDQUFDb0MsUUFBUSxDQUFDO1FBQzFCbkI7TUFDRixDQUFDLENBQUM7TUFDRixJQUFJa0IsS0FBSyxLQUFLLElBQUksRUFBRTtRQUNsQixNQUFNLG1CQUFtQjtNQUMzQjtJQUNGO0lBQ0EsT0FBT3BCLFlBQVk7RUFDckI7RUFDQSxNQUFNc0IsY0FBY0EsQ0FBQ0MsUUFBUSxFQUFFekIsQ0FBQyxFQUFFQyxHQUFHLEVBQUU7SUFDckMsSUFBSUEsR0FBRyxDQUFDeUIsTUFBTSxFQUFFO01BQ2Q7SUFDRjtJQUNBLElBQUlELFFBQVEsQ0FBQzlCLE1BQU0sSUFBSSxJQUFJLENBQUNWLEdBQUcsRUFBRTtNQUMvQixJQUFJLENBQUN3QyxRQUFRLENBQUNyQixLQUFLLEVBQUU7UUFDbkIsTUFBTSx1Q0FBdUM7TUFDL0M7TUFDQSxPQUFPLElBQUksQ0FBQ3VCLGFBQWEsQ0FBQ0YsUUFBUSxFQUFFeEIsR0FBRyxDQUFDSyxRQUFRLENBQUNDLEdBQUcsQ0FBQyxVQUFVLENBQUMsRUFBRUssR0FBRyxJQUFJLENBQUMsQ0FBQyxDQUFDO0lBQzlFO0lBQ0EsSUFBSSxJQUFJLENBQUN6QixJQUFJLEVBQUU7TUFDYixNQUFNLElBQUksQ0FBQ1csYUFBYSxDQUFDO1FBQUVNLEtBQUssRUFBRXFCLFFBQVEsQ0FBQ0c7TUFBSSxDQUFDLEVBQUUsSUFBSSxFQUFFM0IsR0FBRyxDQUFDO01BQzVELE9BQU8sSUFBSSxDQUFDUixhQUFhLENBQUNnQyxRQUFRLENBQUM7SUFDckM7SUFDQSxNQUFNLGtCQUFrQjtFQUMxQjtFQUNBSSxTQUFTQSxDQUFDSixRQUFRLEVBQUUzQyxPQUFPLEVBQUVtQixHQUFHLEVBQUU7SUFDaEMsSUFBSUEsR0FBRyxDQUFDeUIsTUFBTSxFQUFFO01BQ2Q7SUFDRjtJQUNBLElBQUksSUFBSSxDQUFDdkMsSUFBSSxJQUFJc0MsUUFBUSxDQUFDakIsTUFBTSxFQUFFO01BQ2hDLE9BQU87UUFDTHNCLE1BQU0sRUFBRTtNQUNWLENBQUM7SUFDSDtJQUNBLElBQUksSUFBSSxDQUFDN0MsR0FBRyxJQUFJd0MsUUFBUSxDQUFDOUIsTUFBTSxFQUFFO01BQy9CLE9BQU87UUFDTG1DLE1BQU0sRUFBRTtNQUNWLENBQUM7SUFDSDtJQUNBLE9BQU87TUFDTEEsTUFBTSxFQUFFO0lBQ1YsQ0FBQztFQUNIO0VBRUFDLE1BQU1BLENBQUM5QixHQUFHLEVBQUVJLElBQUksRUFBRTtJQUNoQixJQUFJLElBQUksQ0FBQ3BCLEdBQUcsSUFBSW9CLElBQUksRUFBRTJCLE9BQU8sSUFBSUMsTUFBTSxDQUFDQyxJQUFJLENBQUM3QixJQUFJLENBQUMsQ0FBQzhCLE1BQU0sS0FBSyxDQUFDLEVBQUU7TUFDL0QsT0FBTyxTQUFTO0lBQ2xCO0lBQ0EsT0FBTyxZQUFZO0VBQ3JCO0VBRUEsTUFBTXZDLGNBQWNBLENBQUNELE1BQU0sRUFBRTtJQUMzQixNQUFNO01BQUVTLEtBQUs7TUFBRU87SUFBTyxDQUFDLEdBQUcsTUFBTSxJQUFJLENBQUNyQixPQUFPLENBQUNLLE1BQU0sQ0FBQztJQUNwRCxPQUFPO01BQ0xxQixJQUFJLEVBQUU7UUFDSmdCLE9BQU8sRUFBRTtVQUNQLENBQUNyQyxNQUFNLEdBQUc7WUFDUlMsS0FBSztZQUNMTztVQUNGO1FBQ0Y7TUFDRjtJQUNGLENBQUM7RUFDSDtFQUVBLE1BQU1yQixPQUFPQSxDQUFDSyxNQUFNLEVBQUU7SUFDcEIsSUFBSSxDQUFDLCtDQUErQyxDQUFDeUMsSUFBSSxDQUFDekMsTUFBTSxDQUFDLEVBQUU7TUFDakUsTUFBTSx3QkFBd0I7SUFDaEM7SUFDQSxJQUFJUyxLQUFLLEdBQUcsRUFBRTtJQUNkLE9BQU9BLEtBQUssQ0FBQytCLE1BQU0sR0FBRyxJQUFJLENBQUMvQyxNQUFNLEVBQUU7TUFDakNnQixLQUFLLElBQUksSUFBQWlDLHlCQUFZLEVBQUMsRUFBRSxDQUFDLENBQUNDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDO0lBQzlDO0lBQ0FsQyxLQUFLLEdBQUdBLEtBQUssQ0FBQ21DLFNBQVMsQ0FBQyxDQUFDLEVBQUUsSUFBSSxDQUFDbkQsTUFBTSxDQUFDO0lBQ3ZDLE1BQU1vRCxPQUFPLENBQUNDLE9BQU8sQ0FBQyxJQUFJLENBQUNsRCxXQUFXLENBQUNhLEtBQUssRUFBRVQsTUFBTSxDQUFDLENBQUM7SUFDdEQsTUFBTWdCLE1BQU0sR0FBRyxJQUFJTyxJQUFJLENBQUMsSUFBSUEsSUFBSSxDQUFDLENBQUMsQ0FBQ3dCLE9BQU8sQ0FBQyxDQUFDLEdBQUcsSUFBSSxDQUFDckQsTUFBTSxHQUFHLElBQUksQ0FBQztJQUNsRSxPQUFPO01BQUVlLEtBQUs7TUFBRU87SUFBTyxDQUFDO0VBQzFCO0VBRUEsTUFBTWdCLGFBQWFBLENBQUNnQixTQUFTLEVBQUVsQixRQUFRLEVBQUU7SUFDdkMsTUFBTTtNQUFFOUIsTUFBTTtNQUFFUztJQUFNLENBQUMsR0FBR3VDLFNBQVM7SUFDbkMsSUFBSSxDQUFDbEIsUUFBUSxDQUFDTyxPQUFPLEdBQUdyQyxNQUFNLENBQUMsRUFBRTtNQUMvQixNQUFNLDRCQUE0QjtJQUNwQztJQUNBLE1BQU1pRCxXQUFXLEdBQUduQixRQUFRLENBQUNPLE9BQU8sQ0FBQ3JDLE1BQU0sQ0FBQztJQUM1QyxJQUFJUyxLQUFLLEtBQUt3QyxXQUFXLENBQUN4QyxLQUFLLEVBQUU7TUFDL0IsTUFBTSxtQkFBbUI7SUFDM0I7SUFDQSxJQUFJLElBQUljLElBQUksQ0FBQyxDQUFDLEdBQUcwQixXQUFXLENBQUNqQyxNQUFNLEVBQUU7TUFDbkMsTUFBTSxtQkFBbUI7SUFDM0I7SUFDQSxPQUFPYyxRQUFRLENBQUNPLE9BQU8sQ0FBQ3JDLE1BQU0sQ0FBQztJQUMvQjhCLFFBQVEsQ0FBQzlCLE1BQU0sR0FBR0EsTUFBTTtJQUN4QixPQUFPO01BQ0xxQixJQUFJLEVBQUVTO0lBQ1IsQ0FBQztFQUNIO0VBRUE1QixTQUFTQSxDQUFDSCxPQUFPLEVBQUU7SUFDakIsTUFBTTtNQUFFYyxNQUFNO01BQUVKO0lBQU0sQ0FBQyxHQUFHVixPQUFPO0lBQ2pDLElBQUksQ0FBQ2MsTUFBTSxJQUFJLENBQUNKLEtBQUssSUFBSUksTUFBTSxDQUFDMkIsTUFBTSxHQUFHLEVBQUUsRUFBRTtNQUMzQyxNQUFNLGtCQUFrQjtJQUMxQjtJQUNBLE1BQU1oRCxJQUFJLEdBQUcsSUFBSWdDLGFBQUksQ0FBQztNQUNwQjNCLFNBQVMsRUFBRSxJQUFJLENBQUNBLFNBQVM7TUFDekJKLE1BQU0sRUFBRSxJQUFJLENBQUNBLE1BQU07TUFDbkJDLE1BQU0sRUFBRSxJQUFJLENBQUNBLE1BQU07TUFDbkJtQixNQUFNLEVBQUVZLGVBQU0sQ0FBQ0MsVUFBVSxDQUFDYixNQUFNO0lBQ2xDLENBQUMsQ0FBQztJQUNGLE1BQU1jLEtBQUssR0FBR25DLElBQUksQ0FBQ29DLFFBQVEsQ0FBQztNQUMxQm5CO0lBQ0YsQ0FBQyxDQUFDO0lBQ0YsSUFBSWtCLEtBQUssS0FBSyxJQUFJLEVBQUU7TUFDbEIsTUFBTSxtQkFBbUI7SUFDM0I7SUFDQSxNQUFNYixRQUFRLEdBQUcsQ0FBQyxJQUFBNEIseUJBQVksRUFBQyxFQUFFLENBQUMsRUFBRSxJQUFBQSx5QkFBWSxFQUFDLEVBQUUsQ0FBQyxDQUFDO0lBQ3JELE9BQU87TUFDTFEsUUFBUSxFQUFFO1FBQUVwQyxRQUFRLEVBQUVBLFFBQVEsQ0FBQ3FDLElBQUksQ0FBQyxJQUFJO01BQUUsQ0FBQztNQUMzQzlCLElBQUksRUFBRTtRQUFFUixNQUFNO1FBQUVDO01BQVM7SUFDM0IsQ0FBQztFQUNIO0FBQ0Y7QUFBQyxJQUFBc0MsUUFBQSxHQUFBQyxPQUFBLENBQUF4RSxPQUFBLEdBQ2MsSUFBSUMsVUFBVSxDQUFDLENBQUMiLCJpZ25vcmVMaXN0IjpbXX0=

package/lib/Adapters/Auth/microsoft.js

@@ -0,0 +1,111 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = void 0;
+var _BaseCodeAuthAdapter = _interopRequireDefault(require("./BaseCodeAuthAdapter"));
+function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
+/**
+ * Parse Server authentication adapter for Microsoft.
+ *
+ * @class MicrosoftAdapter
+ * @param {Object} options - The adapter configuration options.
+ * @param {string} options.clientId - Your Microsoft App Client ID. Required for secure authentication.
+ * @param {string} options.clientSecret - Your Microsoft App Client Secret. Required for secure authentication.
+ * @param {boolean} [options.enableInsecureAuth=false] - **[DEPRECATED]** Enable insecure authentication (not recommended).
+ *
+ * @description
+ * ## Parse Server Configuration
+ * To configure Parse Server for Microsoft authentication, use the following structure:
+ * ### Secure Configuration
+ * ```json
+ * {
+ *   "auth": {
+ *     "microsoft": {
+ *       "clientId": "your-client-id",
+ *       "clientSecret": "your-client-secret"
+ *     }
+ *   }
+ * }
+ * ```
+ * ### Insecure Configuration (Not Recommended)
+ * ```json
+ * {
+ *   "auth": {
+ *     "microsoft": {
+ *       "enableInsecureAuth": true
+ *     }
+ *   }
+ * }
+ * ```
+ *
+ * The adapter requires the following `authData` fields:
+ * - **Secure Authentication**: `code`, `redirect_uri`.
+ * - **Insecure Authentication (Not Recommended)**: `id`, `access_token`.
+ *
+ * ## Auth Payloads
+ * ### Secure Authentication Payload
+ * ```json
+ * {
+ *   "microsoft": {
+ *     "code": "lmn789opq012rst345uvw",
+ *     "redirect_uri": "https://your-redirect-uri.com/callback"
+ *   }
+ * }
+ * ```
+ * ### Insecure Authentication Payload (Not Recommended)
+ * ```json
+ * {
+ *   "microsoft": {
+ *     "id": "7654321",
+ *     "access_token": "AQXNnd2hIT6z9bHFzZz2Kp1ghiMz_RtyuvwXYZ123abc"
+ *   }
+ * }
+ * ```
+ *
+ * ## Notes
+ * - Secure authentication exchanges the `code` and `redirect_uri` provided by the client for an access token using Microsoft's OAuth API.
+ * - **Insecure authentication** validates the user ID and access token directly, bypassing OAuth flows (not recommended). This method is deprecated and may be removed in future versions.
+ *
+ * @see {@link https://docs.microsoft.com/en-us/graph/auth/auth-concepts Microsoft Authentication Documentation}
+ */
+
+class MicrosoftAdapter extends _BaseCodeAuthAdapter.default {
+  constructor() {
+    super('Microsoft');
+  }
+  async getUserFromAccessToken(access_token) {
+    const userResponse = await fetch('https://graph.microsoft.com/v1.0/me', {
+      headers: {
+        Authorization: 'Bearer ' + access_token
+      }
+    });
+    if (!userResponse.ok) {
+      throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Microsoft API request failed.');
+    }
+    return userResponse.json();
+  }
+  async getAccessTokenFromCode(authData) {
+    const response = await fetch('https://login.microsoftonline.com/common/oauth2/v2.0/token', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded'
+      },
+      body: new URLSearchParams({
+        client_id: this.clientId,
+        client_secret: this.clientSecret,
+        grant_type: 'authorization_code',
+        redirect_uri: authData.redirect_uri,
+        code: authData.code
+      })
+    });
+    if (!response.ok) {
+      throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Microsoft API request failed.');
+    }
+    const json = await response.json();
+    return json.access_token;
+  }
+}
+var _default = exports.default = new MicrosoftAdapter();
+//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJuYW1lcyI6WyJfQmFzZUNvZGVBdXRoQWRhcHRlciIsIl9pbnRlcm9wUmVxdWlyZURlZmF1bHQiLCJyZXF1aXJlIiwiZSIsIl9fZXNNb2R1bGUiLCJkZWZhdWx0IiwiTWljcm9zb2Z0QWRhcHRlciIsIkJhc2VBdXRoQ29kZUFkYXB0ZXIiLCJjb25zdHJ1Y3RvciIsImdldFVzZXJGcm9tQWNjZXNzVG9rZW4iLCJhY2Nlc3NfdG9rZW4iLCJ1c2VyUmVzcG9uc2UiLCJmZXRjaCIsImhlYWRlcnMiLCJBdXRob3JpemF0aW9uIiwib2siLCJQYXJzZSIsIkVycm9yIiwiT0JKRUNUX05PVF9GT1VORCIsImpzb24iLCJnZXRBY2Nlc3NUb2tlbkZyb21Db2RlIiwiYXV0aERhdGEiLCJyZXNwb25zZSIsIm1ldGhvZCIsImJvZHkiLCJVUkxTZWFyY2hQYXJhbXMiLCJjbGllbnRfaWQiLCJjbGllbnRJZCIsImNsaWVudF9zZWNyZXQiLCJjbGllbnRTZWNyZXQiLCJncmFudF90eXBlIiwicmVkaXJlY3RfdXJpIiwiY29kZSIsIl9kZWZhdWx0IiwiZXhwb3J0cyJdLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9BZGFwdGVycy9BdXRoL21pY3Jvc29mdC5qcyJdLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqIFBhcnNlIFNlcnZlciBhdXRoZW50aWNhdGlvbiBhZGFwdGVyIGZvciBNaWNyb3NvZnQuXG4gKlxuICogQGNsYXNzIE1pY3Jvc29mdEFkYXB0ZXJcbiAqIEBwYXJhbSB7T2JqZWN0fSBvcHRpb25zIC0gVGhlIGFkYXB0ZXIgY29uZmlndXJhdGlvbiBvcHRpb25zLlxuICogQHBhcmFtIHtzdHJpbmd9IG9wdGlvbnMuY2xpZW50SWQgLSBZb3VyIE1pY3Jvc29mdCBBcHAgQ2xpZW50IElELiBSZXF1aXJlZCBmb3Igc2VjdXJlIGF1dGhlbnRpY2F0aW9uLlxuICogQHBhcmFtIHtzdHJpbmd9IG9wdGlvbnMuY2xpZW50U2VjcmV0IC0gWW91ciBNaWNyb3NvZnQgQXBwIENsaWVudCBTZWNyZXQuIFJlcXVpcmVkIGZvciBzZWN1cmUgYXV0aGVudGljYXRpb24uXG4gKiBAcGFyYW0ge2Jvb2xlYW59IFtvcHRpb25zLmVuYWJsZUluc2VjdXJlQXV0aD1mYWxzZV0gLSAqKltERVBSRUNBVEVEXSoqIEVuYWJsZSBpbnNlY3VyZSBhdXRoZW50aWNhdGlvbiAobm90IHJlY29tbWVuZGVkKS5cbiAqXG4gKiBAZGVzY3JpcHRpb25cbiAqICMjIFBhcnNlIFNlcnZlciBDb25maWd1cmF0aW9uXG4gKiBUbyBjb25maWd1cmUgUGFyc2UgU2VydmVyIGZvciBNaWNyb3NvZnQgYXV0aGVudGljYXRpb24sIHVzZSB0aGUgZm9sbG93aW5nIHN0cnVjdHVyZTpcbiAqICMjIyBTZWN1cmUgQ29uZmlndXJhdGlvblxuICogYGBganNvblxuICoge1xuICogICBcImF1dGhcIjoge1xuICogICAgIFwibWljcm9zb2Z0XCI6IHtcbiAqICAgICAgIFwiY2xpZW50SWRcIjogXCJ5b3VyLWNsaWVudC1pZFwiLFxuICogICAgICAgXCJjbGllbnRTZWNyZXRcIjogXCJ5b3VyLWNsaWVudC1zZWNyZXRcIlxuICogICAgIH1cbiAqICAgfVxuICogfVxuICogYGBgXG4gKiAjIyMgSW5zZWN1cmUgQ29uZmlndXJhdGlvbiAoTm90IFJlY29tbWVuZGVkKVxuICogYGBganNvblxuICoge1xuICogICBcImF1dGhcIjoge1xuICogICAgIFwibWljcm9zb2Z0XCI6IHtcbiAqICAgICAgIFwiZW5hYmxlSW5zZWN1cmVBdXRoXCI6IHRydWVcbiAqICAgICB9XG4gKiAgIH1cbiAqIH1cbiAqIGBgYFxuICpcbiAqIFRoZSBhZGFwdGVyIHJlcXVpcmVzIHRoZSBmb2xsb3dpbmcgYGF1dGhEYXRhYCBmaWVsZHM6XG4gKiAtICoqU2VjdXJlIEF1dGhlbnRpY2F0aW9uKio6IGBjb2RlYCwgYHJlZGlyZWN0X3VyaWAuXG4gKiAtICoqSW5zZWN1cmUgQXV0aGVudGljYXRpb24gKE5vdCBSZWNvbW1lbmRlZCkqKjogYGlkYCwgYGFjY2Vzc190b2tlbmAuXG4gKlxuICogIyMgQXV0aCBQYXlsb2Fkc1xuICogIyMjIFNlY3VyZSBBdXRoZW50aWNhdGlvbiBQYXlsb2FkXG4gKiBgYGBqc29uXG4gKiB7XG4gKiAgIFwibWljcm9zb2Z0XCI6IHtcbiAqICAgICBcImNvZGVcIjogXCJsbW43ODlvcHEwMTJyc3QzNDV1dndcIixcbiAqICAgICBcInJlZGlyZWN0X3VyaVwiOiBcImh0dHBzOi8veW91ci1yZWRpcmVjdC11cmkuY29tL2NhbGxiYWNrXCJcbiAqICAgfVxuICogfVxuICogYGBgXG4gKiAjIyMgSW5zZWN1cmUgQXV0aGVudGljYXRpb24gUGF5bG9hZCAoTm90IFJlY29tbWVuZGVkKVxuICogYGBganNvblxuICoge1xuICogICBcIm1pY3Jvc29mdFwiOiB7XG4gKiAgICAgXCJpZFwiOiBcIjc2NTQzMjFcIixcbiAqICAgICBcImFjY2Vzc190b2tlblwiOiBcIkFRWE5uZDJoSVQ2ejliSEZ6WnoyS3AxZ2hpTXpfUnR5dXZ3WFlaMTIzYWJjXCJcbiAqICAgfVxuICogfVxuICogYGBgXG4gKlxuICogIyMgTm90ZXNcbiAqIC0gU2VjdXJlIGF1dGhlbnRpY2F0aW9uIGV4Y2hhbmdlcyB0aGUgYGNvZGVgIGFuZCBgcmVkaXJlY3RfdXJpYCBwcm92aWRlZCBieSB0aGUgY2xpZW50IGZvciBhbiBhY2Nlc3MgdG9rZW4gdXNpbmcgTWljcm9zb2Z0J3MgT0F1dGggQVBJLlxuICogLSAqKkluc2VjdXJlIGF1dGhlbnRpY2F0aW9uKiogdmFsaWRhdGVzIHRoZSB1c2VyIElEIGFuZCBhY2Nlc3MgdG9rZW4gZGlyZWN0bHksIGJ5cGFzc2luZyBPQXV0aCBmbG93cyAobm90IHJlY29tbWVuZGVkKS4gVGhpcyBtZXRob2QgaXMgZGVwcmVjYXRlZCBhbmQgbWF5IGJlIHJlbW92ZWQgaW4gZnV0dXJlIHZlcnNpb25zLlxuICpcbiAqIEBzZWUge0BsaW5rIGh0dHBzOi8vZG9jcy5taWNyb3NvZnQuY29tL2VuLXVzL2dyYXBoL2F1dGgvYXV0aC1jb25jZXB0cyBNaWNyb3NvZnQgQXV0aGVudGljYXRpb24gRG9jdW1lbnRhdGlvbn1cbiAqL1xuXG5pbXBvcnQgQmFzZUF1dGhDb2RlQWRhcHRlciBmcm9tICcuL0Jhc2VDb2RlQXV0aEFkYXB0ZXInO1xuY2xhc3MgTWljcm9zb2Z0QWRhcHRlciBleHRlbmRzIEJhc2VBdXRoQ29kZUFkYXB0ZXIge1xuICBjb25zdHJ1Y3RvcigpIHtcbiAgICBzdXBlcignTWljcm9zb2Z0Jyk7XG4gIH1cbiAgYXN5bmMgZ2V0VXNlckZyb21BY2Nlc3NUb2tlbihhY2Nlc3NfdG9rZW4pIHtcbiAgICBjb25zdCB1c2VyUmVzcG9uc2UgPSBhd2FpdCBmZXRjaCgnaHR0cHM6Ly9ncmFwaC5taWNyb3NvZnQuY29tL3YxLjAvbWUnLCB7XG4gICAgICBoZWFkZXJzOiB7XG4gICAgICAgIEF1dGhvcml6YXRpb246ICdCZWFyZXIgJyArIGFjY2Vzc190b2tlbixcbiAgICAgIH0sXG4gICAgfSk7XG5cbiAgICBpZiAoIXVzZXJSZXNwb25zZS5vaykge1xuICAgICAgdGhyb3cgbmV3IFBhcnNlLkVycm9yKFBhcnNlLkVycm9yLk9CSkVDVF9OT1RfRk9VTkQsICdNaWNyb3NvZnQgQVBJIHJlcXVlc3QgZmFpbGVkLicpO1xuICAgIH1cblxuICAgIHJldHVybiB1c2VyUmVzcG9uc2UuanNvbigpO1xuICB9XG5cbiAgYXN5bmMgZ2V0QWNjZXNzVG9rZW5Gcm9tQ29kZShhdXRoRGF0YSkge1xuICAgIGNvbnN0IHJlc3BvbnNlID0gYXdhaXQgZmV0Y2goJ2h0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbS9jb21tb24vb2F1dGgyL3YyLjAvdG9rZW4nLCB7XG4gICAgICBtZXRob2Q6ICdQT1NUJyxcbiAgICAgIGhlYWRlcnM6IHtcbiAgICAgICAgJ0NvbnRlbnQtVHlwZSc6ICdhcHBsaWNhdGlvbi94LXd3dy1mb3JtLXVybGVuY29kZWQnLFxuICAgICAgfSxcbiAgICAgIGJvZHk6IG5ldyBVUkxTZWFyY2hQYXJhbXMoe1xuICAgICAgICBjbGllbnRfaWQ6IHRoaXMuY2xpZW50SWQsXG4gICAgICAgIGNsaWVudF9zZWNyZXQ6IHRoaXMuY2xpZW50U2VjcmV0LFxuICAgICAgICBncmFudF90eXBlOiAnYXV0aG9yaXphdGlvbl9jb2RlJyxcbiAgICAgICAgcmVkaXJlY3RfdXJpOiBhdXRoRGF0YS5yZWRpcmVjdF91cmksXG4gICAgICAgIGNvZGU6IGF1dGhEYXRhLmNvZGUsXG4gICAgICB9KSxcbiAgICB9KTtcblxuICAgIGlmICghcmVzcG9uc2Uub2spIHtcbiAgICAgIHRocm93IG5ldyBQYXJzZS5FcnJvcihQYXJzZS5FcnJvci5PQkpFQ1RfTk9UX0ZPVU5ELCAnTWljcm9zb2Z0IEFQSSByZXF1ZXN0IGZhaWxlZC4nKTtcbiAgICB9XG5cbiAgICBjb25zdCBqc29uID0gYXdhaXQgcmVzcG9uc2UuanNvbigpO1xuICAgIHJldHVybiBqc29uLmFjY2Vzc190b2tlbjtcbiAgfVxufVxuXG5leHBvcnQgZGVmYXVsdCBuZXcgTWljcm9zb2Z0QWRhcHRlcigpO1xuIl0sIm1hcHBpbmdzIjoiOzs7Ozs7QUFpRUEsSUFBQUEsb0JBQUEsR0FBQUMsc0JBQUEsQ0FBQUMsT0FBQTtBQUF3RCxTQUFBRCx1QkFBQUUsQ0FBQSxXQUFBQSxDQUFBLElBQUFBLENBQUEsQ0FBQUMsVUFBQSxHQUFBRCxDQUFBLEtBQUFFLE9BQUEsRUFBQUYsQ0FBQTtBQWpFeEQ7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7QUFDQTtBQUNBO0FBQ0E7O0FBR0EsTUFBTUcsZ0JBQWdCLFNBQVNDLDRCQUFtQixDQUFDO0VBQ2pEQyxXQUFXQSxDQUFBLEVBQUc7SUFDWixLQUFLLENBQUMsV0FBVyxDQUFDO0VBQ3BCO0VBQ0EsTUFBTUMsc0JBQXNCQSxDQUFDQyxZQUFZLEVBQUU7SUFDekMsTUFBTUMsWUFBWSxHQUFHLE1BQU1DLEtBQUssQ0FBQyxxQ0FBcUMsRUFBRTtNQUN0RUMsT0FBTyxFQUFFO1FBQ1BDLGFBQWEsRUFBRSxTQUFTLEdBQUdKO01BQzdCO0lBQ0YsQ0FBQyxDQUFDO0lBRUYsSUFBSSxDQUFDQyxZQUFZLENBQUNJLEVBQUUsRUFBRTtNQUNwQixNQUFNLElBQUlDLEtBQUssQ0FBQ0MsS0FBSyxDQUFDRCxLQUFLLENBQUNDLEtBQUssQ0FBQ0MsZ0JBQWdCLEVBQUUsK0JBQStCLENBQUM7SUFDdEY7SUFFQSxPQUFPUCxZQUFZLENBQUNRLElBQUksQ0FBQyxDQUFDO0VBQzVCO0VBRUEsTUFBTUMsc0JBQXNCQSxDQUFDQyxRQUFRLEVBQUU7SUFDckMsTUFBTUMsUUFBUSxHQUFHLE1BQU1WLEtBQUssQ0FBQyw0REFBNEQsRUFBRTtNQUN6RlcsTUFBTSxFQUFFLE1BQU07TUFDZFYsT0FBTyxFQUFFO1FBQ1AsY0FBYyxFQUFFO01BQ2xCLENBQUM7TUFDRFcsSUFBSSxFQUFFLElBQUlDLGVBQWUsQ0FBQztRQUN4QkMsU0FBUyxFQUFFLElBQUksQ0FBQ0MsUUFBUTtRQUN4QkMsYUFBYSxFQUFFLElBQUksQ0FBQ0MsWUFBWTtRQUNoQ0MsVUFBVSxFQUFFLG9CQUFvQjtRQUNoQ0MsWUFBWSxFQUFFVixRQUFRLENBQUNVLFlBQVk7UUFDbkNDLElBQUksRUFBRVgsUUFBUSxDQUFDVztNQUNqQixDQUFDO0lBQ0gsQ0FBQyxDQUFDO0lBRUYsSUFBSSxDQUFDVixRQUFRLENBQUNQLEVBQUUsRUFBRTtNQUNoQixNQUFNLElBQUlDLEtBQUssQ0FBQ0MsS0FBSyxDQUFDRCxLQUFLLENBQUNDLEtBQUssQ0FBQ0MsZ0JBQWdCLEVBQUUsK0JBQStCLENBQUM7SUFDdEY7SUFFQSxNQUFNQyxJQUFJLEdBQUcsTUFBTUcsUUFBUSxDQUFDSCxJQUFJLENBQUMsQ0FBQztJQUNsQyxPQUFPQSxJQUFJLENBQUNULFlBQVk7RUFDMUI7QUFDRjtBQUFDLElBQUF1QixRQUFBLEdBQUFDLE9BQUEsQ0FBQTdCLE9BQUEsR0FFYyxJQUFJQyxnQkFBZ0IsQ0FBQyxDQUFDIiwiaWdub3JlTGlzdCI6W119