parse-server 4.10.8 → 4.10.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/lib/Adapters/Auth/gcenter.js +105 -29
  2. package/package.json +2 -2
package/lib/Adapters/Auth/gcenter.js CHANGED
@@ -20,22 +20,23 @@ const crypto = require('crypto');
20
20
 
21
21
  const https = require('https');
22
22
 
23
- const url = require('url');
23
+ const {
24
+ pki
25
+ } = require('node-forge');
24
26
 
27
+ const ca = {
28
+ cert: null,
29
+ url: null
30
+ };
25
31
  const cache = {}; // (publicKey -> cert) cache
26
32
 
27
33
  function verifyPublicKeyUrl(publicKeyUrl) {
28
- const parsedUrl = url.parse(publicKeyUrl);
29
-
30
- if (parsedUrl.protocol !== 'https:') {
34
+ try {
35
+ const regex = /^https:\/\/(?:[-_A-Za-z0-9]+\.){0,}apple\.com\/.*\.cer$/;
36
+ return regex.test(publicKeyUrl);
37
+ } catch (error) {
31
38
  return false;
32
39
  }
33
-
34
- const hostnameParts = parsedUrl.hostname.split('.');
35
- const length = hostnameParts.length;
36
- const domainParts = hostnameParts.slice(length - 2, length);
37
- const domain = domainParts.join('.');
38
- return domain === 'apple.com';
39
40
  }
40
41
 
41
42
  function convertX509CertToPEM(X509Cert) {
@@ -46,7 +47,7 @@ function convertX509CertToPEM(X509Cert) {
46
47
  return pemPreFix + certBody + pemPostFix;
47
48
  }
48
49
 
49
- function getAppleCertificate(publicKeyUrl) {
50
+ async function getAppleCertificate(publicKeyUrl) {
50
51
  if (!verifyPublicKeyUrl(publicKeyUrl)) {
51
52
  throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `Apple Game Center - invalid publicKeyUrl: ${publicKeyUrl}`);
52
53
  }
@@ -55,28 +56,66 @@ function getAppleCertificate(publicKeyUrl) {
55
56
  return cache[publicKeyUrl];
56
57
  }
57
58
 
59
+ const url = new URL(publicKeyUrl);
60
+ const headOptions = {
61
+ hostname: url.hostname,
62
+ path: url.pathname,
63
+ method: 'HEAD'
64
+ };
65
+ const cert_headers = await new Promise((resolve, reject) => https.get(headOptions, res => resolve(res.headers)).on('error', reject));
66
+ const validContentTypes = ['application/x-x509-ca-cert', 'application/pkix-cert'];
67
+
68
+ if (!validContentTypes.includes(cert_headers['content-type']) || cert_headers['content-length'] == null || cert_headers['content-length'] > 10000) {
69
+ throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `Apple Game Center - invalid publicKeyUrl: ${publicKeyUrl}`);
70
+ }
71
+
72
+ const {
73
+ certificate,
74
+ headers
75
+ } = await getCertificate(publicKeyUrl);
76
+
77
+ if (headers['cache-control']) {
78
+ const expire = headers['cache-control'].match(/max-age=([0-9]+)/);
79
+
80
+ if (expire) {
81
+ cache[publicKeyUrl] = certificate; // we'll expire the cache entry later, as per max-age
82
+
83
+ setTimeout(() => {
84
+ delete cache[publicKeyUrl];
85
+ }, parseInt(expire[1], 10) * 1000);
86
+ }
87
+ }
88
+
89
+ return verifyPublicKeyIssuer(certificate, publicKeyUrl);
90
+ }
91
+
92
+ function getCertificate(url, buffer) {
58
93
  return new Promise((resolve, reject) => {
59
- https.get(publicKeyUrl, res => {
60
- let data = '';
94
+ https.get(url, res => {
95
+ const data = [];
61
96
  res.on('data', chunk => {
62
- data += chunk.toString('base64');
97
+ data.push(chunk);
63
98
  });
64
99
  res.on('end', () => {
65
- const cert = convertX509CertToPEM(data);
66
-
67
- if (res.headers['cache-control']) {
68
- var expire = res.headers['cache-control'].match(/max-age=([0-9]+)/);
100
+ if (buffer) {
101
+ resolve({
102
+ certificate: Buffer.concat(data),
103
+ headers: res.headers
104
+ });
105
+ return;
106
+ }
69
107
 
70
- if (expire) {
71
- cache[publicKeyUrl] = cert; // we'll expire the cache entry later, as per max-age
108
+ let cert = '';
72
109
 
73
- setTimeout(() => {
74
- delete cache[publicKeyUrl];
75
- }, parseInt(expire[1], 10) * 1000);
76
- }
110
+ for (const chunk of data) {
111
+ cert += chunk.toString('base64');
77
112
  }
78
113
 
79
- resolve(cert);
114
+ const certificate = convertX509CertToPEM(cert);
115
+ resolve({
116
+ certificate,
117
+ headers: res.headers
118
+ });
80
119
  });
81
120
  }).on('error', reject);
82
121
  });
@@ -101,6 +140,24 @@ function verifySignature(publicKey, authData) {
101
140
  if (!verifier.verify(publicKey, authData.signature, 'base64')) {
102
141
  throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Apple Game Center - invalid signature');
103
142
  }
143
+ }
144
+
145
+ function verifyPublicKeyIssuer(cert, publicKeyUrl) {
146
+ const publicKeyCert = pki.certificateFromPem(cert);
147
+
148
+ if (!ca.cert) {
149
+ throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Apple Game Center auth adapter parameter `rootCertificateURL` is invalid.');
150
+ }
151
+
152
+ try {
153
+ if (!ca.cert.verify(publicKeyCert)) {
154
+ throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `Apple Game Center - invalid publicKeyUrl: ${publicKeyUrl}`);
155
+ }
156
+ } catch (e) {
157
+ throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `Apple Game Center - invalid publicKeyUrl: ${publicKeyUrl}`);
158
+ }
159
+
160
+ return cert;
104
161
  } // Returns a promise that fulfills if this user id is valid.
105
162
 
106
163
 
@@ -115,12 +172,31 @@ async function validateAuthData(authData) {
115
172
  } // Returns a promise that fulfills if this app id is valid.
116
173
 
117
174
 
118
- function validateAppId() {
119
- return Promise.resolve();
175
+ async function validateAppId(appIds, authData, options = {}) {
176
+ if (!options.rootCertificateUrl) {
177
+ options.rootCertificateUrl = 'https://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt.pem';
178
+ }
179
+
180
+ if (ca.url === options.rootCertificateUrl) {
181
+ return;
182
+ }
183
+
184
+ const {
185
+ certificate,
186
+ headers
187
+ } = await getCertificate(options.rootCertificateUrl, true);
188
+
189
+ if (headers['content-type'] !== 'application/x-pem-file' || headers['content-length'] == null || headers['content-length'] > 10000) {
190
+ throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Apple Game Center auth adapter parameter `rootCertificateURL` is invalid.');
191
+ }
192
+
193
+ ca.cert = pki.certificateFromPem(certificate);
194
+ ca.url = options.rootCertificateUrl;
120
195
  }
121
196
 
122
197
  module.exports = {
123
198
  validateAppId,
124
- validateAuthData
199
+ validateAuthData,
200
+ cache
125
201
  };
126
- //# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9BZGFwdGVycy9BdXRoL2djZW50ZXIuanMiXSwibmFtZXMiOlsiUGFyc2UiLCJyZXF1aXJlIiwiY3J5cHRvIiwiaHR0cHMiLCJ1cmwiLCJjYWNoZSIsInZlcmlmeVB1YmxpY0tleVVybCIsInB1YmxpY0tleVVybCIsInBhcnNlZFVybCIsInBhcnNlIiwicHJvdG9jb2wiLCJob3N0bmFtZVBhcnRzIiwiaG9zdG5hbWUiLCJzcGxpdCIsImxlbmd0aCIsImRvbWFpblBhcnRzIiwic2xpY2UiLCJkb21haW4iLCJqb2luIiwiY29udmVydFg1MDlDZXJ0VG9QRU0iLCJYNTA5Q2VydCIsInBlbVByZUZpeCIsInBlbVBvc3RGaXgiLCJiYXNlNjQiLCJjZXJ0Qm9keSIsIm1hdGNoIiwiUmVnRXhwIiwiZ2V0QXBwbGVDZXJ0aWZpY2F0ZSIsIkVycm9yIiwiT0JKRUNUX05PVF9GT1VORCIsIlByb21pc2UiLCJyZXNvbHZlIiwicmVqZWN0IiwiZ2V0IiwicmVzIiwiZGF0YSIsIm9uIiwiY2h1bmsiLCJ0b1N0cmluZyIsImNlcnQiLCJoZWFkZXJzIiwiZXhwaXJlIiwic2V0VGltZW91dCIsInBhcnNlSW50IiwiY29udmVydFRpbWVzdGFtcFRvQmlnRW5kaWFuIiwidGltZXN0YW1wIiwiYnVmZmVyIiwiQnVmZmVyIiwiYWxsb2MiLCJoaWdoIiwibG93Iiwid3JpdGVVSW50MzJCRSIsInZlcmlmeVNpZ25hdHVyZSIsInB1YmxpY0tleSIsImF1dGhEYXRhIiwidmVyaWZpZXIiLCJjcmVhdGVWZXJpZnkiLCJ1cGRhdGUiLCJwbGF5ZXJJZCIsImJ1bmRsZUlkIiwic2FsdCIsInZlcmlmeSIsInNpZ25hdHVyZSIsInZhbGlkYXRlQXV0aERhdGEiLCJpZCIsInZhbGlkYXRlQXBwSWQiLCJtb2R1bGUiLCJleHBvcnRzIl0sIm1hcHBpbmdzIjoiOztBQUFBOzs7Ozs7Ozs7Ozs7QUFhQSxNQUFNO0FBQUVBLEVBQUFBO0FBQUYsSUFBWUMsT0FBTyxDQUFDLFlBQUQsQ0FBekI7O0FBQ0EsTUFBTUMsTUFBTSxHQUFHRCxPQUFPLENBQUMsUUFBRCxDQUF0Qjs7QUFDQSxNQUFNRSxLQUFLLEdBQUdGLE9BQU8sQ0FBQyxPQUFELENBQXJCOztBQUNBLE1BQU1HLEdBQUcsR0FBR0gsT0FBTyxDQUFDLEtBQUQsQ0FBbkI7O0FBRUEsTUFBTUksS0FBSyxHQUFHLEVBQWQsQyxDQUFrQjs7QUFFbEIsU0FBU0Msa0JBQVQsQ0FBNEJDLFlBQTVCLEVBQTBDO0FBQ3hDLFFBQU1DLFNBQVMsR0FBR0osR0FBRyxDQUFDSyxLQUFKLENBQVVGLFlBQVYsQ0FBbEI7O0FBQ0EsTUFBSUMsU0FBUyxDQUFDRSxRQUFWLEtBQXVCLFFBQTNCLEVBQXFDO0FBQ25DLFdBQU8sS0FBUDtBQUNEOztBQUNELFFBQU1DLGFBQWEsR0FBR0gsU0FBUyxDQUFDSSxRQUFWLENBQW1CQyxLQUFuQixDQUF5QixHQUF6QixDQUF0QjtBQUNBLFFBQU1DLE1BQU0sR0FBR0gsYUFBYSxDQUFDRyxNQUE3QjtBQUNBLFFBQU1DLFdBQVcsR0FBR0osYUFBYSxDQUFDSyxLQUFkLENBQW9CRixNQUFNLEdBQUcsQ0FBN0IsRUFBZ0NBLE1BQWhDLENBQXBCO0FBQ0EsUUFBTUcsTUFBTSxHQUFHRixXQUFXLENBQUNHLElBQVosQ0FBaUIsR0FBakIsQ0FBZjtBQUNBLFNBQU9ELE1BQU0sS0FBSyxXQUFsQjtBQUNEOztBQUVELFNBQVNFLG9CQUFULENBQThCQyxRQUE5QixFQUF3QztBQUN0QyxRQUFNQyxTQUFTLEdBQUcsK0JBQWxCO0FBQ0EsUUFBTUMsVUFBVSxHQUFHLDJCQUFuQjtBQUVBLFFBQU1DLE1BQU0sR0FBR0gsUUFBZjtBQUNBLFFBQU1JLFFBQVEsR0FBR0QsTUFBTSxDQUFDRSxLQUFQLENBQWEsSUFBSUMsTUFBSixDQUFXLFNBQVgsRUFBc0IsR0FBdEIsQ0FBYixFQUF5Q1IsSUFBekMsQ0FBOEMsSUFBOUMsQ0FBakI7QUFFQSxTQUFPRyxTQUFTLEdBQUdHLFFBQVosR0FBdUJGLFVBQTlCO0FBQ0Q7O0FBRUQsU0FBU0ssbUJBQVQsQ0FBNkJwQixZQUE3QixFQUEyQztBQUN6QyxNQUFJLENBQUNELGtCQUFrQixDQUFDQyxZQUFELENBQXZCLEVBQXVDO0FBQ3JDLFVBQU0sSUFBSVAsS0FBSyxDQUFDNEIsS0FBVixDQUNKNUIsS0FBSyxDQUFDNEIsS0FBTixDQUFZQyxnQkFEUixFQUVILDZDQUE0Q3RCLFlBQWEsRUFGdEQsQ0FBTjtBQUlEOztBQUNELE1BQUlGLEtBQUssQ0FBQ0UsWUFBRCxDQUFULEVBQXlCO0FBQ3ZCLFdBQU9GLEtBQUssQ0FBQ0UsWUFBRCxDQUFaO0FBQ0Q7O0FBQ0QsU0FBTyxJQUFJdUIsT0FBSixDQUFZLENBQUNDLE9BQUQsRUFBVUMsTUFBVixLQUFxQjtBQUN0QzdCLElBQUFBLEtBQUssQ0FDRjhCLEdBREgsQ0FDTzFCLFlBRFAsRUFDcUIyQixHQUFHLElBQUk7QUFDeEIsVUFBSUMsSUFBSSxHQUFHLEVBQVg7QUFDQUQsTUFBQUEsR0FBRyxDQUFDRSxFQUFKLENBQU8sTUFBUCxFQUFlQyxLQUFLLElBQUk7QUFDdEJGLFFBQUFBLElBQUksSUFBSUUsS0FBSyxDQUFDQyxRQUFOLENBQWUsUUFBZixDQUFSO0FBQ0QsT0FGRDtBQUdBSixNQUFBQSxHQUFHLENBQUNFLEVBQUosQ0FBTyxLQUFQLEVBQWMsTUFBTTtBQUNsQixjQUFNRyxJQUFJLEdBQUdwQixvQkFBb0IsQ0FBQ2dCLElBQUQsQ0FBakM7O0FBQ0EsWUFBSUQsR0FBRyxDQUFDTSxPQUFKLENBQVksZUFBWixDQUFKLEVBQWtDO0FBQ2hDLGNBQUlDLE1BQU0sR0FBR1AsR0FBRyxDQUFDTSxPQUFKLENBQVksZUFBWixFQUE2QmYsS0FBN0IsQ0FBbUMsa0JBQW5DLENBQWI7O0FBQ0EsY0FBSWdCLE1BQUosRUFBWTtBQUNWcEMsWUFBQUEsS0FBSyxDQUFDRSxZQUFELENBQUwsR0FBc0JnQyxJQUF0QixDQURVLENBRVY7O0FBQ0FHLFlBQUFBLFVBQVUsQ0FBQyxNQUFNO0FBQ2YscUJBQU9yQyxLQUFLLENBQUNFLFlBQUQsQ0FBWjtBQUNELGFBRlMsRUFFUG9DLFFBQVEsQ0FBQ0YsTUFBTSxDQUFDLENBQUQsQ0FBUCxFQUFZLEVBQVosQ0FBUixHQUEwQixJQUZuQixDQUFWO0FBR0Q7QUFDRjs7QUFDRFYsUUFBQUEsT0FBTyxDQUFDUSxJQUFELENBQVA7QUFDRCxPQWJEO0FBY0QsS0FwQkgsRUFxQkdILEVBckJILENBcUJNLE9BckJOLEVBcUJlSixNQXJCZjtBQXNCRCxHQXZCTSxDQUFQO0FBd0JEOztBQUVELFNBQVNZLDJCQUFULENBQXFDQyxTQUFyQyxFQUFnRDtBQUM5QyxRQUFNQyxNQUFNLEdBQUdDLE1BQU0sQ0FBQ0MsS0FBUCxDQUFhLENBQWIsQ0FBZjtBQUVBLFFBQU1DLElBQUksR0FBRyxDQUFDLEVBQUVKLFNBQVMsR0FBRyxVQUFkLENBQWQ7QUFDQSxRQUFNSyxHQUFHLEdBQUdMLFNBQVMsSUFBSSxhQUFhLEdBQWpCLENBQXJCO0FBRUFDLEVBQUFBLE1BQU0sQ0FBQ0ssYUFBUCxDQUFxQlIsUUFBUSxDQUFDTSxJQUFELEVBQU8sRUFBUCxDQUE3QixFQUF5QyxDQUF6QztBQUNBSCxFQUFBQSxNQUFNLENBQUNLLGFBQVAsQ0FBcUJSLFFBQVEsQ0FBQ08sR0FBRCxFQUFNLEVBQU4sQ0FBN0IsRUFBd0MsQ0FBeEM7QUFFQSxTQUFPSixNQUFQO0FBQ0Q7O0FBRUQsU0FBU00sZUFBVCxDQUF5QkMsU0FBekIsRUFBb0NDLFFBQXBDLEVBQThDO0FBQzVDLFFBQU1DLFFBQVEsR0FBR3JELE1BQU0sQ0FBQ3NELFlBQVAsQ0FBb0IsUUFBcEIsQ0FBakI7QUFDQUQsRUFBQUEsUUFBUSxDQUFDRSxNQUFULENBQWdCSCxRQUFRLENBQUNJLFFBQXpCLEVBQW1DLE1BQW5DO0FBQ0FILEVBQUFBLFFBQVEsQ0FBQ0UsTUFBVCxDQUFnQkgsUUFBUSxDQUFDSyxRQUF6QixFQUFtQyxNQUFuQztBQUNBSixFQUFBQSxRQUFRLENBQUNFLE1BQVQsQ0FBZ0JiLDJCQUEyQixDQUFDVSxRQUFRLENBQUNULFNBQVYsQ0FBM0M7QUFDQVUsRUFBQUEsUUFBUSxDQUFDRSxNQUFULENBQWdCSCxRQUFRLENBQUNNLElBQXpCLEVBQStCLFFBQS9COztBQUVBLE1BQUksQ0FBQ0wsUUFBUSxDQUFDTSxNQUFULENBQWdCUixTQUFoQixFQUEyQkMsUUFBUSxDQUFDUSxTQUFwQyxFQUErQyxRQUEvQyxDQUFMLEVBQStEO0FBQzdELFVBQU0sSUFBSTlELEtBQUssQ0FBQzRCLEtBQVYsQ0FBZ0I1QixLQUFLLENBQUM0QixLQUFOLENBQVlDLGdCQUE1QixFQUE4Qyx1Q0FBOUMsQ0FBTjtBQUNEO0FBQ0YsQyxDQUVEOzs7QUFDQSxlQUFla0MsZ0JBQWYsQ0FBZ0NULFFBQWhDLEVBQTBDO0FBQ3hDLE1BQUksQ0FBQ0EsUUFBUSxDQUFDVSxFQUFkLEVBQWtCO0FBQ2hCLFVBQU0sSUFBSWhFLEtBQUssQ0FBQzRCLEtBQVYsQ0FBZ0I1QixLQUFLLENBQUM0QixLQUFOLENBQVlDLGdCQUE1QixFQUE4Qyx5Q0FBOUMsQ0FBTjtBQUNEOztBQUNEeUIsRUFBQUEsUUFBUSxDQUFDSSxRQUFULEdBQW9CSixRQUFRLENBQUNVLEVBQTdCO0FBQ0EsUUFBTVgsU0FBUyxHQUFHLE1BQU0xQixtQkFBbUIsQ0FBQzJCLFFBQVEsQ0FBQy9DLFlBQVYsQ0FBM0M7QUFDQSxTQUFPNkMsZUFBZSxDQUFDQyxTQUFELEVBQVlDLFFBQVosQ0FBdEI7QUFDRCxDLENBRUQ7OztBQUNBLFNBQVNXLGFBQVQsR0FBeUI7QUFDdkIsU0FBT25DLE9BQU8sQ0FBQ0MsT0FBUixFQUFQO0FBQ0Q7O0FBRURtQyxNQUFNLENBQUNDLE9BQVAsR0FBaUI7QUFDZkYsRUFBQUEsYUFEZTtBQUVmRixFQUFBQTtBQUZlLENBQWpCIiwic291cmNlc0NvbnRlbnQiOlsiLyogQXBwbGUgR2FtZSBDZW50ZXIgQXV0aFxuaHR0cHM6Ly9kZXZlbG9wZXIuYXBwbGUuY29tL2RvY3VtZW50YXRpb24vZ2FtZWtpdC9na2xvY2FscGxheWVyLzE1MTU0MDctZ2VuZXJhdGVpZGVudGl0eXZlcmlmaWNhdGlvbnNpZ24jZGlzY3Vzc2lvblxuXG5jb25zdCBhdXRoRGF0YSA9IHtcbiAgcHVibGljS2V5VXJsOiAnaHR0cHM6Ly92YWxpZC5hcHBsZS5jb20vcHVibGljL3RpbWVvdXQuY2VyJyxcbiAgdGltZXN0YW1wOiAxNDYwOTgxNDIxMzAzLFxuICBzaWduYXR1cmU6ICdQb0R3ZjM5RENONDY0QjQ5akpDVTBkOVkwSicsXG4gIHNhbHQ6ICdzYWx0U1Q9PScsXG4gIGJ1bmRsZUlkOiAnY29tLnZhbGlkLmFwcCdcbiAgaWQ6ICdwbGF5ZXJJZCcsXG59O1xuKi9cblxuY29uc3QgeyBQYXJzZSB9ID0gcmVxdWlyZSgncGFyc2Uvbm9kZScpO1xuY29uc3QgY3J5cHRvID0gcmVxdWlyZSgnY3J5cHRvJyk7XG5jb25zdCBodHRwcyA9IHJlcXVpcmUoJ2h0dHBzJyk7XG5jb25zdCB1cmwgPSByZXF1aXJlKCd1cmwnKTtcblxuY29uc3QgY2FjaGUgPSB7fTsgLy8gKHB1YmxpY0tleSAtPiBjZXJ0KSBjYWNoZVxuXG5mdW5jdGlvbiB2ZXJpZnlQdWJsaWNLZXlVcmwocHVibGljS2V5VXJsKSB7XG4gIGNvbnN0IHBhcnNlZFVybCA9IHVybC5wYXJzZShwdWJsaWNLZXlVcmwpO1xuICBpZiAocGFyc2VkVXJsLnByb3RvY29sICE9PSAnaHR0cHM6Jykge1xuICAgIHJldHVybiBmYWxzZTtcbiAgfVxuICBjb25zdCBob3N0bmFtZVBhcnRzID0gcGFyc2VkVXJsLmhvc3RuYW1lLnNwbGl0KCcuJyk7XG4gIGNvbnN0IGxlbmd0aCA9IGhvc3RuYW1lUGFydHMubGVuZ3RoO1xuICBjb25zdCBkb21haW5QYXJ0cyA9IGhvc3RuYW1lUGFydHMuc2xpY2UobGVuZ3RoIC0gMiwgbGVuZ3RoKTtcbiAgY29uc3QgZG9tYWluID0gZG9tYWluUGFydHMuam9pbignLicpO1xuICByZXR1cm4gZG9tYWluID09PSAnYXBwbGUuY29tJztcbn1cblxuZnVuY3Rpb24gY29udmVydFg1MDlDZXJ0VG9QRU0oWDUwOUNlcnQpIHtcbiAgY29uc3QgcGVtUHJlRml4ID0gJy0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLVxcbic7XG4gIGNvbnN0IHBlbVBvc3RGaXggPSAnLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLSc7XG5cbiAgY29uc3QgYmFzZTY0ID0gWDUwOUNlcnQ7XG4gIGNvbnN0IGNlcnRCb2R5ID0gYmFzZTY0Lm1hdGNoKG5ldyBSZWdFeHAoJy57MCw2NH0nLCAnZycpKS5qb2luKCdcXG4nKTtcblxuICByZXR1cm4gcGVtUHJlRml4ICsgY2VydEJvZHkgKyBwZW1Qb3N0Rml4O1xufVxuXG5mdW5jdGlvbiBnZXRBcHBsZUNlcnRpZmljYXRlKHB1YmxpY0tleVVybCkge1xuICBpZiAoIXZlcmlmeVB1YmxpY0tleVVybChwdWJsaWNLZXlVcmwpKSB7XG4gICAgdGhyb3cgbmV3IFBhcnNlLkVycm9yKFxuICAgICAgUGFyc2UuRXJyb3IuT0JKRUNUX05PVF9GT1VORCxcbiAgICAgIGBBcHBsZSBHYW1lIENlbnRlciAtIGludmFsaWQgcHVibGljS2V5VXJsOiAke3B1YmxpY0tleVVybH1gXG4gICAgKTtcbiAgfVxuICBpZiAoY2FjaGVbcHVibGljS2V5VXJsXSkge1xuICAgIHJldHVybiBjYWNoZVtwdWJsaWNLZXlVcmxdO1xuICB9XG4gIHJldHVybiBuZXcgUHJvbWlzZSgocmVzb2x2ZSwgcmVqZWN0KSA9PiB7XG4gICAgaHR0cHNcbiAgICAgIC5nZXQocHVibGljS2V5VXJsLCByZXMgPT4ge1xuICAgICAgICBsZXQgZGF0YSA9ICcnO1xuICAgICAgICByZXMub24oJ2RhdGEnLCBjaHVuayA9PiB7XG4gICAgICAgICAgZGF0YSArPSBjaHVuay50b1N0cmluZygnYmFzZTY0Jyk7XG4gICAgICAgIH0pO1xuICAgICAgICByZXMub24oJ2VuZCcsICgpID0+IHtcbiAgICAgICAgICBjb25zdCBjZXJ0ID0gY29udmVydFg1MDlDZXJ0VG9QRU0oZGF0YSk7XG4gICAgICAgICAgaWYgKHJlcy5oZWFkZXJzWydjYWNoZS1jb250cm9sJ10pIHtcbiAgICAgICAgICAgIHZhciBleHBpcmUgPSByZXMuaGVhZGVyc1snY2FjaGUtY29udHJvbCddLm1hdGNoKC9tYXgtYWdlPShbMC05XSspLyk7XG4gICAgICAgICAgICBpZiAoZXhwaXJlKSB7XG4gICAgICAgICAgICAgIGNhY2hlW3B1YmxpY0tleVVybF0gPSBjZXJ0O1xuICAgICAgICAgICAgICAvLyB3ZSdsbCBleHBpcmUgdGhlIGNhY2hlIGVudHJ5IGxhdGVyLCBhcyBwZXIgbWF4LWFnZVxuICAgICAgICAgICAgICBzZXRUaW1lb3V0KCgpID0+IHtcbiAgICAgICAgICAgICAgICBkZWxldGUgY2FjaGVbcHVibGljS2V5VXJsXTtcbiAgICAgICAgICAgICAgfSwgcGFyc2VJbnQoZXhwaXJlWzFdLCAxMCkgKiAxMDAwKTtcbiAgICAgICAgICAgIH1cbiAgICAgICAgICB9XG4gICAgICAgICAgcmVzb2x2ZShjZXJ0KTtcbiAgICAgICAgfSk7XG4gICAgICB9KVxuICAgICAgLm9uKCdlcnJvcicsIHJlamVjdCk7XG4gIH0pO1xufVxuXG5mdW5jdGlvbiBjb252ZXJ0VGltZXN0YW1wVG9CaWdFbmRpYW4odGltZXN0YW1wKSB7XG4gIGNvbnN0IGJ1ZmZlciA9IEJ1ZmZlci5hbGxvYyg4KTtcblxuICBjb25zdCBoaWdoID0gfn4odGltZXN0YW1wIC8gMHhmZmZmZmZmZik7XG4gIGNvbnN0IGxvdyA9IHRpbWVzdGFtcCAlICgweGZmZmZmZmZmICsgMHgxKTtcblxuICBidWZmZXIud3JpdGVVSW50MzJCRShwYXJzZUludChoaWdoLCAxMCksIDApO1xuICBidWZmZXIud3JpdGVVSW50MzJCRShwYXJzZUludChsb3csIDEwKSwgNCk7XG5cbiAgcmV0dXJuIGJ1ZmZlcjtcbn1cblxuZnVuY3Rpb24gdmVyaWZ5U2lnbmF0dXJlKHB1YmxpY0tleSwgYXV0aERhdGEpIHtcbiAgY29uc3QgdmVyaWZpZXIgPSBjcnlwdG8uY3JlYXRlVmVyaWZ5KCdzaGEyNTYnKTtcbiAgdmVyaWZpZXIudXBkYXRlKGF1dGhEYXRhLnBsYXllcklkLCAndXRmOCcpO1xuICB2ZXJpZmllci51cGRhdGUoYXV0aERhdGEuYnVuZGxlSWQsICd1dGY4Jyk7XG4gIHZlcmlmaWVyLnVwZGF0ZShjb252ZXJ0VGltZXN0YW1wVG9CaWdFbmRpYW4oYXV0aERhdGEudGltZXN0YW1wKSk7XG4gIHZlcmlmaWVyLnVwZGF0ZShhdXRoRGF0YS5zYWx0LCAnYmFzZTY0Jyk7XG5cbiAgaWYgKCF2ZXJpZmllci52ZXJpZnkocHVibGljS2V5LCBhdXRoRGF0YS5zaWduYXR1cmUsICdiYXNlNjQnKSkge1xuICAgIHRocm93IG5ldyBQYXJzZS5FcnJvcihQYXJzZS5FcnJvci5PQkpFQ1RfTk9UX0ZPVU5ELCAnQXBwbGUgR2FtZSBDZW50ZXIgLSBpbnZhbGlkIHNpZ25hdHVyZScpO1xuICB9XG59XG5cbi8vIFJldHVybnMgYSBwcm9taXNlIHRoYXQgZnVsZmlsbHMgaWYgdGhpcyB1c2VyIGlkIGlzIHZhbGlkLlxuYXN5bmMgZnVuY3Rpb24gdmFsaWRhdGVBdXRoRGF0YShhdXRoRGF0YSkge1xuICBpZiAoIWF1dGhEYXRhLmlkKSB7XG4gICAgdGhyb3cgbmV3IFBhcnNlLkVycm9yKFBhcnNlLkVycm9yLk9CSkVDVF9OT1RfRk9VTkQsICdBcHBsZSBHYW1lIENlbnRlciAtIGF1dGhEYXRhIGlkIG1pc3NpbmcnKTtcbiAgfVxuICBhdXRoRGF0YS5wbGF5ZXJJZCA9IGF1dGhEYXRhLmlkO1xuICBjb25zdCBwdWJsaWNLZXkgPSBhd2FpdCBnZXRBcHBsZUNlcnRpZmljYXRlKGF1dGhEYXRhLnB1YmxpY0tleVVybCk7XG4gIHJldHVybiB2ZXJpZnlTaWduYXR1cmUocHVibGljS2V5LCBhdXRoRGF0YSk7XG59XG5cbi8vIFJldHVybnMgYSBwcm9taXNlIHRoYXQgZnVsZmlsbHMgaWYgdGhpcyBhcHAgaWQgaXMgdmFsaWQuXG5mdW5jdGlvbiB2YWxpZGF0ZUFwcElkKCkge1xuICByZXR1cm4gUHJvbWlzZS5yZXNvbHZlKCk7XG59XG5cbm1vZHVsZS5leHBvcnRzID0ge1xuICB2YWxpZGF0ZUFwcElkLFxuICB2YWxpZGF0ZUF1dGhEYXRhLFxufTtcbiJdfQ==
202
+ //# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9BZGFwdGVycy9BdXRoL2djZW50ZXIuanMiXSwibmFtZXMiOlsiUGFyc2UiLCJyZXF1aXJlIiwiY3J5cHRvIiwiaHR0cHMiLCJwa2kiLCJjYSIsImNlcnQiLCJ1cmwiLCJjYWNoZSIsInZlcmlmeVB1YmxpY0tleVVybCIsInB1YmxpY0tleVVybCIsInJlZ2V4IiwidGVzdCIsImVycm9yIiwiY29udmVydFg1MDlDZXJ0VG9QRU0iLCJYNTA5Q2VydCIsInBlbVByZUZpeCIsInBlbVBvc3RGaXgiLCJiYXNlNjQiLCJjZXJ0Qm9keSIsIm1hdGNoIiwiUmVnRXhwIiwiam9pbiIsImdldEFwcGxlQ2VydGlmaWNhdGUiLCJFcnJvciIsIk9CSkVDVF9OT1RfRk9VTkQiLCJVUkwiLCJoZWFkT3B0aW9ucyIsImhvc3RuYW1lIiwicGF0aCIsInBhdGhuYW1lIiwibWV0aG9kIiwiY2VydF9oZWFkZXJzIiwiUHJvbWlzZSIsInJlc29sdmUiLCJyZWplY3QiLCJnZXQiLCJyZXMiLCJoZWFkZXJzIiwib24iLCJ2YWxpZENvbnRlbnRUeXBlcyIsImluY2x1ZGVzIiwiY2VydGlmaWNhdGUiLCJnZXRDZXJ0aWZpY2F0ZSIsImV4cGlyZSIsInNldFRpbWVvdXQiLCJwYXJzZUludCIsInZlcmlmeVB1YmxpY0tleUlzc3VlciIsImJ1ZmZlciIsImRhdGEiLCJjaHVuayIsInB1c2giLCJCdWZmZXIiLCJjb25jYXQiLCJ0b1N0cmluZyIsImNvbnZlcnRUaW1lc3RhbXBUb0JpZ0VuZGlhbiIsInRpbWVzdGFtcCIsImFsbG9jIiwiaGlnaCIsImxvdyIsIndyaXRlVUludDMyQkUiLCJ2ZXJpZnlTaWduYXR1cmUiLCJwdWJsaWNLZXkiLCJhdXRoRGF0YSIsInZlcmlmaWVyIiwiY3JlYXRlVmVyaWZ5IiwidXBkYXRlIiwicGxheWVySWQiLCJidW5kbGVJZCIsInNhbHQiLCJ2ZXJpZnkiLCJzaWduYXR1cmUiLCJwdWJsaWNLZXlDZXJ0IiwiY2VydGlmaWNhdGVGcm9tUGVtIiwiZSIsInZhbGlkYXRlQXV0aERhdGEiLCJpZCIsInZhbGlkYXRlQXBwSWQiLCJhcHBJZHMiLCJvcHRpb25zIiwicm9vdENlcnRpZmljYXRlVXJsIiwibW9kdWxlIiwiZXhwb3J0cyJdLCJtYXBwaW5ncyI6Ijs7QUFBQTs7Ozs7Ozs7Ozs7O0FBYUEsTUFBTTtBQUFFQSxFQUFBQTtBQUFGLElBQVlDLE9BQU8sQ0FBQyxZQUFELENBQXpCOztBQUNBLE1BQU1DLE1BQU0sR0FBR0QsT0FBTyxDQUFDLFFBQUQsQ0FBdEI7O0FBQ0EsTUFBTUUsS0FBSyxHQUFHRixPQUFPLENBQUMsT0FBRCxDQUFyQjs7QUFDQSxNQUFNO0FBQUVHLEVBQUFBO0FBQUYsSUFBVUgsT0FBTyxDQUFDLFlBQUQsQ0FBdkI7O0FBQ0EsTUFBTUksRUFBRSxHQUFHO0FBQUVDLEVBQUFBLElBQUksRUFBRSxJQUFSO0FBQWNDLEVBQUFBLEdBQUcsRUFBRTtBQUFuQixDQUFYO0FBQ0EsTUFBTUMsS0FBSyxHQUFHLEVBQWQsQyxDQUFrQjs7QUFFbEIsU0FBU0Msa0JBQVQsQ0FBNEJDLFlBQTVCLEVBQTBDO0FBQ3hDLE1BQUk7QUFDRixVQUFNQyxLQUFLLEdBQUcseURBQWQ7QUFDQSxXQUFPQSxLQUFLLENBQUNDLElBQU4sQ0FBV0YsWUFBWCxDQUFQO0FBQ0QsR0FIRCxDQUdFLE9BQU9HLEtBQVAsRUFBYztBQUNkLFdBQU8sS0FBUDtBQUNEO0FBQ0Y7O0FBRUQsU0FBU0Msb0JBQVQsQ0FBOEJDLFFBQTlCLEVBQXdDO0FBQ3RDLFFBQU1DLFNBQVMsR0FBRywrQkFBbEI7QUFDQSxRQUFNQyxVQUFVLEdBQUcsMkJBQW5CO0FBRUEsUUFBTUMsTUFBTSxHQUFHSCxRQUFmO0FBQ0EsUUFBTUksUUFBUSxHQUFHRCxNQUFNLENBQUNFLEtBQVAsQ0FBYSxJQUFJQyxNQUFKLENBQVcsU0FBWCxFQUFzQixHQUF0QixDQUFiLEVBQXlDQyxJQUF6QyxDQUE4QyxJQUE5QyxDQUFqQjtBQUVBLFNBQU9OLFNBQVMsR0FBR0csUUFBWixHQUF1QkYsVUFBOUI7QUFDRDs7QUFFRCxlQUFlTSxtQkFBZixDQUFtQ2IsWUFBbkMsRUFBaUQ7QUFDL0MsTUFBSSxDQUFDRCxrQkFBa0IsQ0FBQ0MsWUFBRCxDQUF2QixFQUF1QztBQUNyQyxVQUFNLElBQUlWLEtBQUssQ0FBQ3dCLEtBQVYsQ0FDSnhCLEtBQUssQ0FBQ3dCLEtBQU4sQ0FBWUMsZ0JBRFIsRUFFSCw2Q0FBNENmLFlBQWEsRUFGdEQsQ0FBTjtBQUlEOztBQUNELE1BQUlGLEtBQUssQ0FBQ0UsWUFBRCxDQUFULEVBQXlCO0FBQ3ZCLFdBQU9GLEtBQUssQ0FBQ0UsWUFBRCxDQUFaO0FBQ0Q7O0FBQ0QsUUFBTUgsR0FBRyxHQUFHLElBQUltQixHQUFKLENBQVFoQixZQUFSLENBQVo7QUFDQSxRQUFNaUIsV0FBVyxHQUFHO0FBQ2xCQyxJQUFBQSxRQUFRLEVBQUVyQixHQUFHLENBQUNxQixRQURJO0FBRWxCQyxJQUFBQSxJQUFJLEVBQUV0QixHQUFHLENBQUN1QixRQUZRO0FBR2xCQyxJQUFBQSxNQUFNLEVBQUU7QUFIVSxHQUFwQjtBQUtBLFFBQU1DLFlBQVksR0FBRyxNQUFNLElBQUlDLE9BQUosQ0FBWSxDQUFDQyxPQUFELEVBQVVDLE1BQVYsS0FDckNoQyxLQUFLLENBQUNpQyxHQUFOLENBQVVULFdBQVYsRUFBdUJVLEdBQUcsSUFBSUgsT0FBTyxDQUFDRyxHQUFHLENBQUNDLE9BQUwsQ0FBckMsRUFBb0RDLEVBQXBELENBQXVELE9BQXZELEVBQWdFSixNQUFoRSxDQUR5QixDQUEzQjtBQUdBLFFBQU1LLGlCQUFpQixHQUFHLENBQUMsNEJBQUQsRUFBK0IsdUJBQS9CLENBQTFCOztBQUNBLE1BQ0UsQ0FBQ0EsaUJBQWlCLENBQUNDLFFBQWxCLENBQTJCVCxZQUFZLENBQUMsY0FBRCxDQUF2QyxDQUFELElBQ0FBLFlBQVksQ0FBQyxnQkFBRCxDQUFaLElBQWtDLElBRGxDLElBRUFBLFlBQVksQ0FBQyxnQkFBRCxDQUFaLEdBQWlDLEtBSG5DLEVBSUU7QUFDQSxVQUFNLElBQUloQyxLQUFLLENBQUN3QixLQUFWLENBQ0p4QixLQUFLLENBQUN3QixLQUFOLENBQVlDLGdCQURSLEVBRUgsNkNBQTRDZixZQUFhLEVBRnRELENBQU47QUFJRDs7QUFDRCxRQUFNO0FBQUVnQyxJQUFBQSxXQUFGO0FBQWVKLElBQUFBO0FBQWYsTUFBMkIsTUFBTUssY0FBYyxDQUFDakMsWUFBRCxDQUFyRDs7QUFDQSxNQUFJNEIsT0FBTyxDQUFDLGVBQUQsQ0FBWCxFQUE4QjtBQUM1QixVQUFNTSxNQUFNLEdBQUdOLE9BQU8sQ0FBQyxlQUFELENBQVAsQ0FBeUJsQixLQUF6QixDQUErQixrQkFBL0IsQ0FBZjs7QUFDQSxRQUFJd0IsTUFBSixFQUFZO0FBQ1ZwQyxNQUFBQSxLQUFLLENBQUNFLFlBQUQsQ0FBTCxHQUFzQmdDLFdBQXRCLENBRFUsQ0FFVjs7QUFDQUcsTUFBQUEsVUFBVSxDQUFDLE1BQU07QUFDZixlQUFPckMsS0FBSyxDQUFDRSxZQUFELENBQVo7QUFDRCxPQUZTLEVBRVBvQyxRQUFRLENBQUNGLE1BQU0sQ0FBQyxDQUFELENBQVAsRUFBWSxFQUFaLENBQVIsR0FBMEIsSUFGbkIsQ0FBVjtBQUdEO0FBQ0Y7O0FBQ0QsU0FBT0cscUJBQXFCLENBQUNMLFdBQUQsRUFBY2hDLFlBQWQsQ0FBNUI7QUFDRDs7QUFFRCxTQUFTaUMsY0FBVCxDQUF3QnBDLEdBQXhCLEVBQTZCeUMsTUFBN0IsRUFBcUM7QUFDbkMsU0FBTyxJQUFJZixPQUFKLENBQVksQ0FBQ0MsT0FBRCxFQUFVQyxNQUFWLEtBQXFCO0FBQ3RDaEMsSUFBQUEsS0FBSyxDQUNGaUMsR0FESCxDQUNPN0IsR0FEUCxFQUNZOEIsR0FBRyxJQUFJO0FBQ2YsWUFBTVksSUFBSSxHQUFHLEVBQWI7QUFDQVosTUFBQUEsR0FBRyxDQUFDRSxFQUFKLENBQU8sTUFBUCxFQUFlVyxLQUFLLElBQUk7QUFDdEJELFFBQUFBLElBQUksQ0FBQ0UsSUFBTCxDQUFVRCxLQUFWO0FBQ0QsT0FGRDtBQUdBYixNQUFBQSxHQUFHLENBQUNFLEVBQUosQ0FBTyxLQUFQLEVBQWMsTUFBTTtBQUNsQixZQUFJUyxNQUFKLEVBQVk7QUFDVmQsVUFBQUEsT0FBTyxDQUFDO0FBQUVRLFlBQUFBLFdBQVcsRUFBRVUsTUFBTSxDQUFDQyxNQUFQLENBQWNKLElBQWQsQ0FBZjtBQUFvQ1gsWUFBQUEsT0FBTyxFQUFFRCxHQUFHLENBQUNDO0FBQWpELFdBQUQsQ0FBUDtBQUNBO0FBQ0Q7O0FBQ0QsWUFBSWhDLElBQUksR0FBRyxFQUFYOztBQUNBLGFBQUssTUFBTTRDLEtBQVgsSUFBb0JELElBQXBCLEVBQTBCO0FBQ3hCM0MsVUFBQUEsSUFBSSxJQUFJNEMsS0FBSyxDQUFDSSxRQUFOLENBQWUsUUFBZixDQUFSO0FBQ0Q7O0FBQ0QsY0FBTVosV0FBVyxHQUFHNUIsb0JBQW9CLENBQUNSLElBQUQsQ0FBeEM7QUFDQTRCLFFBQUFBLE9BQU8sQ0FBQztBQUFFUSxVQUFBQSxXQUFGO0FBQWVKLFVBQUFBLE9BQU8sRUFBRUQsR0FBRyxDQUFDQztBQUE1QixTQUFELENBQVA7QUFDRCxPQVhEO0FBWUQsS0FsQkgsRUFtQkdDLEVBbkJILENBbUJNLE9BbkJOLEVBbUJlSixNQW5CZjtBQW9CRCxHQXJCTSxDQUFQO0FBc0JEOztBQUVELFNBQVNvQiwyQkFBVCxDQUFxQ0MsU0FBckMsRUFBZ0Q7QUFDOUMsUUFBTVIsTUFBTSxHQUFHSSxNQUFNLENBQUNLLEtBQVAsQ0FBYSxDQUFiLENBQWY7QUFFQSxRQUFNQyxJQUFJLEdBQUcsQ0FBQyxFQUFFRixTQUFTLEdBQUcsVUFBZCxDQUFkO0FBQ0EsUUFBTUcsR0FBRyxHQUFHSCxTQUFTLElBQUksYUFBYSxHQUFqQixDQUFyQjtBQUVBUixFQUFBQSxNQUFNLENBQUNZLGFBQVAsQ0FBcUJkLFFBQVEsQ0FBQ1ksSUFBRCxFQUFPLEVBQVAsQ0FBN0IsRUFBeUMsQ0FBekM7QUFDQVYsRUFBQUEsTUFBTSxDQUFDWSxhQUFQLENBQXFCZCxRQUFRLENBQUNhLEdBQUQsRUFBTSxFQUFOLENBQTdCLEVBQXdDLENBQXhDO0FBRUEsU0FBT1gsTUFBUDtBQUNEOztBQUVELFNBQVNhLGVBQVQsQ0FBeUJDLFNBQXpCLEVBQW9DQyxRQUFwQyxFQUE4QztBQUM1QyxRQUFNQyxRQUFRLEdBQUc5RCxNQUFNLENBQUMrRCxZQUFQLENBQW9CLFFBQXBCLENBQWpCO0FBQ0FELEVBQUFBLFFBQVEsQ0FBQ0UsTUFBVCxDQUFnQkgsUUFBUSxDQUFDSSxRQUF6QixFQUFtQyxNQUFuQztBQUNBSCxFQUFBQSxRQUFRLENBQUNFLE1BQVQsQ0FBZ0JILFFBQVEsQ0FBQ0ssUUFBekIsRUFBbUMsTUFBbkM7QUFDQUosRUFBQUEsUUFBUSxDQUFDRSxNQUFULENBQWdCWCwyQkFBMkIsQ0FBQ1EsUUFBUSxDQUFDUCxTQUFWLENBQTNDO0FBQ0FRLEVBQUFBLFFBQVEsQ0FBQ0UsTUFBVCxDQUFnQkgsUUFBUSxDQUFDTSxJQUF6QixFQUErQixRQUEvQjs7QUFFQSxNQUFJLENBQUNMLFFBQVEsQ0FBQ00sTUFBVCxDQUFnQlIsU0FBaEIsRUFBMkJDLFFBQVEsQ0FBQ1EsU0FBcEMsRUFBK0MsUUFBL0MsQ0FBTCxFQUErRDtBQUM3RCxVQUFNLElBQUl2RSxLQUFLLENBQUN3QixLQUFWLENBQWdCeEIsS0FBSyxDQUFDd0IsS0FBTixDQUFZQyxnQkFBNUIsRUFBOEMsdUNBQTlDLENBQU47QUFDRDtBQUNGOztBQUVELFNBQVNzQixxQkFBVCxDQUErQnpDLElBQS9CLEVBQXFDSSxZQUFyQyxFQUFtRDtBQUNqRCxRQUFNOEQsYUFBYSxHQUFHcEUsR0FBRyxDQUFDcUUsa0JBQUosQ0FBdUJuRSxJQUF2QixDQUF0Qjs7QUFDQSxNQUFJLENBQUNELEVBQUUsQ0FBQ0MsSUFBUixFQUFjO0FBQ1osVUFBTSxJQUFJTixLQUFLLENBQUN3QixLQUFWLENBQ0p4QixLQUFLLENBQUN3QixLQUFOLENBQVlDLGdCQURSLEVBRUosMkVBRkksQ0FBTjtBQUlEOztBQUNELE1BQUk7QUFDRixRQUFJLENBQUNwQixFQUFFLENBQUNDLElBQUgsQ0FBUWdFLE1BQVIsQ0FBZUUsYUFBZixDQUFMLEVBQW9DO0FBQ2xDLFlBQU0sSUFBSXhFLEtBQUssQ0FBQ3dCLEtBQVYsQ0FDSnhCLEtBQUssQ0FBQ3dCLEtBQU4sQ0FBWUMsZ0JBRFIsRUFFSCw2Q0FBNENmLFlBQWEsRUFGdEQsQ0FBTjtBQUlEO0FBQ0YsR0FQRCxDQU9FLE9BQU9nRSxDQUFQLEVBQVU7QUFDVixVQUFNLElBQUkxRSxLQUFLLENBQUN3QixLQUFWLENBQ0p4QixLQUFLLENBQUN3QixLQUFOLENBQVlDLGdCQURSLEVBRUgsNkNBQTRDZixZQUFhLEVBRnRELENBQU47QUFJRDs7QUFDRCxTQUFPSixJQUFQO0FBQ0QsQyxDQUVEOzs7QUFDQSxlQUFlcUUsZ0JBQWYsQ0FBZ0NaLFFBQWhDLEVBQTBDO0FBQ3hDLE1BQUksQ0FBQ0EsUUFBUSxDQUFDYSxFQUFkLEVBQWtCO0FBQ2hCLFVBQU0sSUFBSTVFLEtBQUssQ0FBQ3dCLEtBQVYsQ0FBZ0J4QixLQUFLLENBQUN3QixLQUFOLENBQVlDLGdCQUE1QixFQUE4Qyx5Q0FBOUMsQ0FBTjtBQUNEOztBQUNEc0MsRUFBQUEsUUFBUSxDQUFDSSxRQUFULEdBQW9CSixRQUFRLENBQUNhLEVBQTdCO0FBQ0EsUUFBTWQsU0FBUyxHQUFHLE1BQU12QyxtQkFBbUIsQ0FBQ3dDLFFBQVEsQ0FBQ3JELFlBQVYsQ0FBM0M7QUFDQSxTQUFPbUQsZUFBZSxDQUFDQyxTQUFELEVBQVlDLFFBQVosQ0FBdEI7QUFDRCxDLENBRUQ7OztBQUNBLGVBQWVjLGFBQWYsQ0FBNkJDLE1BQTdCLEVBQXFDZixRQUFyQyxFQUErQ2dCLE9BQU8sR0FBRyxFQUF6RCxFQUE2RDtBQUMzRCxNQUFJLENBQUNBLE9BQU8sQ0FBQ0Msa0JBQWIsRUFBaUM7QUFDL0JELElBQUFBLE9BQU8sQ0FBQ0Msa0JBQVIsR0FDRSx1RkFERjtBQUVEOztBQUNELE1BQUkzRSxFQUFFLENBQUNFLEdBQUgsS0FBV3dFLE9BQU8sQ0FBQ0Msa0JBQXZCLEVBQTJDO0FBQ3pDO0FBQ0Q7O0FBQ0QsUUFBTTtBQUFFdEMsSUFBQUEsV0FBRjtBQUFlSixJQUFBQTtBQUFmLE1BQTJCLE1BQU1LLGNBQWMsQ0FBQ29DLE9BQU8sQ0FBQ0Msa0JBQVQsRUFBNkIsSUFBN0IsQ0FBckQ7O0FBQ0EsTUFDRTFDLE9BQU8sQ0FBQyxjQUFELENBQVAsS0FBNEIsd0JBQTVCLElBQ0FBLE9BQU8sQ0FBQyxnQkFBRCxDQUFQLElBQTZCLElBRDdCLElBRUFBLE9BQU8sQ0FBQyxnQkFBRCxDQUFQLEdBQTRCLEtBSDlCLEVBSUU7QUFDQSxVQUFNLElBQUl0QyxLQUFLLENBQUN3QixLQUFWLENBQ0p4QixLQUFLLENBQUN3QixLQUFOLENBQVlDLGdCQURSLEVBRUosMkVBRkksQ0FBTjtBQUlEOztBQUNEcEIsRUFBQUEsRUFBRSxDQUFDQyxJQUFILEdBQVVGLEdBQUcsQ0FBQ3FFLGtCQUFKLENBQXVCL0IsV0FBdkIsQ0FBVjtBQUNBckMsRUFBQUEsRUFBRSxDQUFDRSxHQUFILEdBQVN3RSxPQUFPLENBQUNDLGtCQUFqQjtBQUNEOztBQUVEQyxNQUFNLENBQUNDLE9BQVAsR0FBaUI7QUFDZkwsRUFBQUEsYUFEZTtBQUVmRixFQUFBQSxnQkFGZTtBQUdmbkUsRUFBQUE7QUFIZSxDQUFqQiIsInNvdXJjZXNDb250ZW50IjpbIi8qIEFwcGxlIEdhbWUgQ2VudGVyIEF1dGhcbmh0dHBzOi8vZGV2ZWxvcGVyLmFwcGxlLmNvbS9kb2N1bWVudGF0aW9uL2dhbWVraXQvZ2tsb2NhbHBsYXllci8xNTE1NDA3LWdlbmVyYXRlaWRlbnRpdHl2ZXJpZmljYXRpb25zaWduI2Rpc2N1c3Npb25cblxuY29uc3QgYXV0aERhdGEgPSB7XG4gIHB1YmxpY0tleVVybDogJ2h0dHBzOi8vdmFsaWQuYXBwbGUuY29tL3B1YmxpYy90aW1lb3V0LmNlcicsXG4gIHRpbWVzdGFtcDogMTQ2MDk4MTQyMTMwMyxcbiAgc2lnbmF0dXJlOiAnUG9Ed2YzOURDTjQ2NEI0OWpKQ1UwZDlZMEonLFxuICBzYWx0OiAnc2FsdFNUPT0nLFxuICBidW5kbGVJZDogJ2NvbS52YWxpZC5hcHAnXG4gIGlkOiAncGxheWVySWQnLFxufTtcbiovXG5cbmNvbnN0IHsgUGFyc2UgfSA9IHJlcXVpcmUoJ3BhcnNlL25vZGUnKTtcbmNvbnN0IGNyeXB0byA9IHJlcXVpcmUoJ2NyeXB0bycpO1xuY29uc3QgaHR0cHMgPSByZXF1aXJlKCdodHRwcycpO1xuY29uc3QgeyBwa2kgfSA9IHJlcXVpcmUoJ25vZGUtZm9yZ2UnKTtcbmNvbnN0IGNhID0geyBjZXJ0OiBudWxsLCB1cmw6IG51bGwgfTtcbmNvbnN0IGNhY2hlID0ge307IC8vIChwdWJsaWNLZXkgLT4gY2VydCkgY2FjaGVcblxuZnVuY3Rpb24gdmVyaWZ5UHVibGljS2V5VXJsKHB1YmxpY0tleVVybCkge1xuICB0cnkge1xuICAgIGNvbnN0IHJlZ2V4ID0gL15odHRwczpcXC9cXC8oPzpbLV9BLVphLXowLTldK1xcLil7MCx9YXBwbGVcXC5jb21cXC8uKlxcLmNlciQvO1xuICAgIHJldHVybiByZWdleC50ZXN0KHB1YmxpY0tleVVybCk7XG4gIH0gY2F0Y2ggKGVycm9yKSB7XG4gICAgcmV0dXJuIGZhbHNlO1xuICB9XG59XG5cbmZ1bmN0aW9uIGNvbnZlcnRYNTA5Q2VydFRvUEVNKFg1MDlDZXJ0KSB7XG4gIGNvbnN0IHBlbVByZUZpeCA9ICctLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS1cXG4nO1xuICBjb25zdCBwZW1Qb3N0Rml4ID0gJy0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0nO1xuXG4gIGNvbnN0IGJhc2U2NCA9IFg1MDlDZXJ0O1xuICBjb25zdCBjZXJ0Qm9keSA9IGJhc2U2NC5tYXRjaChuZXcgUmVnRXhwKCcuezAsNjR9JywgJ2cnKSkuam9pbignXFxuJyk7XG5cbiAgcmV0dXJuIHBlbVByZUZpeCArIGNlcnRCb2R5ICsgcGVtUG9zdEZpeDtcbn1cblxuYXN5bmMgZnVuY3Rpb24gZ2V0QXBwbGVDZXJ0aWZpY2F0ZShwdWJsaWNLZXlVcmwpIHtcbiAgaWYgKCF2ZXJpZnlQdWJsaWNLZXlVcmwocHVibGljS2V5VXJsKSkge1xuICAgIHRocm93IG5ldyBQYXJzZS5FcnJvcihcbiAgICAgIFBhcnNlLkVycm9yLk9CSkVDVF9OT1RfRk9VTkQsXG4gICAgICBgQXBwbGUgR2FtZSBDZW50ZXIgLSBpbnZhbGlkIHB1YmxpY0tleVVybDogJHtwdWJsaWNLZXlVcmx9YFxuICAgICk7XG4gIH1cbiAgaWYgKGNhY2hlW3B1YmxpY0tleVVybF0pIHtcbiAgICByZXR1cm4gY2FjaGVbcHVibGljS2V5VXJsXTtcbiAgfVxuICBjb25zdCB1cmwgPSBuZXcgVVJMKHB1YmxpY0tleVVybCk7XG4gIGNvbnN0IGhlYWRPcHRpb25zID0ge1xuICAgIGhvc3RuYW1lOiB1cmwuaG9zdG5hbWUsXG4gICAgcGF0aDogdXJsLnBhdGhuYW1lLFxuICAgIG1ldGhvZDogJ0hFQUQnLFxuICB9O1xuICBjb25zdCBjZXJ0X2hlYWRlcnMgPSBhd2FpdCBuZXcgUHJvbWlzZSgocmVzb2x2ZSwgcmVqZWN0KSA9PlxuICAgIGh0dHBzLmdldChoZWFkT3B0aW9ucywgcmVzID0+IHJlc29sdmUocmVzLmhlYWRlcnMpKS5vbignZXJyb3InLCByZWplY3QpXG4gICk7XG4gIGNvbnN0IHZhbGlkQ29udGVudFR5cGVzID0gWydhcHBsaWNhdGlvbi94LXg1MDktY2EtY2VydCcsICdhcHBsaWNhdGlvbi9wa2l4LWNlcnQnXTtcbiAgaWYgKFxuICAgICF2YWxpZENvbnRlbnRUeXBlcy5pbmNsdWRlcyhjZXJ0X2hlYWRlcnNbJ2NvbnRlbnQtdHlwZSddKSB8fFxuICAgIGNlcnRfaGVhZGVyc1snY29udGVudC1sZW5ndGgnXSA9PSBudWxsIHx8XG4gICAgY2VydF9oZWFkZXJzWydjb250ZW50LWxlbmd0aCddID4gMTAwMDBcbiAgKSB7XG4gICAgdGhyb3cgbmV3IFBhcnNlLkVycm9yKFxuICAgICAgUGFyc2UuRXJyb3IuT0JKRUNUX05PVF9GT1VORCxcbiAgICAgIGBBcHBsZSBHYW1lIENlbnRlciAtIGludmFsaWQgcHVibGljS2V5VXJsOiAke3B1YmxpY0tleVVybH1gXG4gICAgKTtcbiAgfVxuICBjb25zdCB7IGNlcnRpZmljYXRlLCBoZWFkZXJzIH0gPSBhd2FpdCBnZXRDZXJ0aWZpY2F0ZShwdWJsaWNLZXlVcmwpO1xuICBpZiAoaGVhZGVyc1snY2FjaGUtY29udHJvbCddKSB7XG4gICAgY29uc3QgZXhwaXJlID0gaGVhZGVyc1snY2FjaGUtY29udHJvbCddLm1hdGNoKC9tYXgtYWdlPShbMC05XSspLyk7XG4gICAgaWYgKGV4cGlyZSkge1xuICAgICAgY2FjaGVbcHVibGljS2V5VXJsXSA9IGNlcnRpZmljYXRlO1xuICAgICAgLy8gd2UnbGwgZXhwaXJlIHRoZSBjYWNoZSBlbnRyeSBsYXRlciwgYXMgcGVyIG1heC1hZ2VcbiAgICAgIHNldFRpbWVvdXQoKCkgPT4ge1xuICAgICAgICBkZWxldGUgY2FjaGVbcHVibGljS2V5VXJsXTtcbiAgICAgIH0sIHBhcnNlSW50KGV4cGlyZVsxXSwgMTApICogMTAwMCk7XG4gICAgfVxuICB9XG4gIHJldHVybiB2ZXJpZnlQdWJsaWNLZXlJc3N1ZXIoY2VydGlmaWNhdGUsIHB1YmxpY0tleVVybCk7XG59XG5cbmZ1bmN0aW9uIGdldENlcnRpZmljYXRlKHVybCwgYnVmZmVyKSB7XG4gIHJldHVybiBuZXcgUHJvbWlzZSgocmVzb2x2ZSwgcmVqZWN0KSA9PiB7XG4gICAgaHR0cHNcbiAgICAgIC5nZXQodXJsLCByZXMgPT4ge1xuICAgICAgICBjb25zdCBkYXRhID0gW107XG4gICAgICAgIHJlcy5vbignZGF0YScsIGNodW5rID0+IHtcbiAgICAgICAgICBkYXRhLnB1c2goY2h1bmspO1xuICAgICAgICB9KTtcbiAgICAgICAgcmVzLm9uKCdlbmQnLCAoKSA9PiB7XG4gICAgICAgICAgaWYgKGJ1ZmZlcikge1xuICAgICAgICAgICAgcmVzb2x2ZSh7IGNlcnRpZmljYXRlOiBCdWZmZXIuY29uY2F0KGRhdGEpLCBoZWFkZXJzOiByZXMuaGVhZGVycyB9KTtcbiAgICAgICAgICAgIHJldHVybjtcbiAgICAgICAgICB9XG4gICAgICAgICAgbGV0IGNlcnQgPSAnJztcbiAgICAgICAgICBmb3IgKGNvbnN0IGNodW5rIG9mIGRhdGEpIHtcbiAgICAgICAgICAgIGNlcnQgKz0gY2h1bmsudG9TdHJpbmcoJ2Jhc2U2NCcpO1xuICAgICAgICAgIH1cbiAgICAgICAgICBjb25zdCBjZXJ0aWZpY2F0ZSA9IGNvbnZlcnRYNTA5Q2VydFRvUEVNKGNlcnQpO1xuICAgICAgICAgIHJlc29sdmUoeyBjZXJ0aWZpY2F0ZSwgaGVhZGVyczogcmVzLmhlYWRlcnMgfSk7XG4gICAgICAgIH0pO1xuICAgICAgfSlcbiAgICAgIC5vbignZXJyb3InLCByZWplY3QpO1xuICB9KTtcbn1cblxuZnVuY3Rpb24gY29udmVydFRpbWVzdGFtcFRvQmlnRW5kaWFuKHRpbWVzdGFtcCkge1xuICBjb25zdCBidWZmZXIgPSBCdWZmZXIuYWxsb2MoOCk7XG5cbiAgY29uc3QgaGlnaCA9IH5+KHRpbWVzdGFtcCAvIDB4ZmZmZmZmZmYpO1xuICBjb25zdCBsb3cgPSB0aW1lc3RhbXAgJSAoMHhmZmZmZmZmZiArIDB4MSk7XG5cbiAgYnVmZmVyLndyaXRlVUludDMyQkUocGFyc2VJbnQoaGlnaCwgMTApLCAwKTtcbiAgYnVmZmVyLndyaXRlVUludDMyQkUocGFyc2VJbnQobG93LCAxMCksIDQpO1xuXG4gIHJldHVybiBidWZmZXI7XG59XG5cbmZ1bmN0aW9uIHZlcmlmeVNpZ25hdHVyZShwdWJsaWNLZXksIGF1dGhEYXRhKSB7XG4gIGNvbnN0IHZlcmlmaWVyID0gY3J5cHRvLmNyZWF0ZVZlcmlmeSgnc2hhMjU2Jyk7XG4gIHZlcmlmaWVyLnVwZGF0ZShhdXRoRGF0YS5wbGF5ZXJJZCwgJ3V0ZjgnKTtcbiAgdmVyaWZpZXIudXBkYXRlKGF1dGhEYXRhLmJ1bmRsZUlkLCAndXRmOCcpO1xuICB2ZXJpZmllci51cGRhdGUoY29udmVydFRpbWVzdGFtcFRvQmlnRW5kaWFuKGF1dGhEYXRhLnRpbWVzdGFtcCkpO1xuICB2ZXJpZmllci51cGRhdGUoYXV0aERhdGEuc2FsdCwgJ2Jhc2U2NCcpO1xuXG4gIGlmICghdmVyaWZpZXIudmVyaWZ5KHB1YmxpY0tleSwgYXV0aERhdGEuc2lnbmF0dXJlLCAnYmFzZTY0JykpIHtcbiAgICB0aHJvdyBuZXcgUGFyc2UuRXJyb3IoUGFyc2UuRXJyb3IuT0JKRUNUX05PVF9GT1VORCwgJ0FwcGxlIEdhbWUgQ2VudGVyIC0gaW52YWxpZCBzaWduYXR1cmUnKTtcbiAgfVxufVxuXG5mdW5jdGlvbiB2ZXJpZnlQdWJsaWNLZXlJc3N1ZXIoY2VydCwgcHVibGljS2V5VXJsKSB7XG4gIGNvbnN0IHB1YmxpY0tleUNlcnQgPSBwa2kuY2VydGlmaWNhdGVGcm9tUGVtKGNlcnQpO1xuICBpZiAoIWNhLmNlcnQpIHtcbiAgICB0aHJvdyBuZXcgUGFyc2UuRXJyb3IoXG4gICAgICBQYXJzZS5FcnJvci5PQkpFQ1RfTk9UX0ZPVU5ELFxuICAgICAgJ0FwcGxlIEdhbWUgQ2VudGVyIGF1dGggYWRhcHRlciBwYXJhbWV0ZXIgYHJvb3RDZXJ0aWZpY2F0ZVVSTGAgaXMgaW52YWxpZC4nXG4gICAgKTtcbiAgfVxuICB0cnkge1xuICAgIGlmICghY2EuY2VydC52ZXJpZnkocHVibGljS2V5Q2VydCkpIHtcbiAgICAgIHRocm93IG5ldyBQYXJzZS5FcnJvcihcbiAgICAgICAgUGFyc2UuRXJyb3IuT0JKRUNUX05PVF9GT1VORCxcbiAgICAgICAgYEFwcGxlIEdhbWUgQ2VudGVyIC0gaW52YWxpZCBwdWJsaWNLZXlVcmw6ICR7cHVibGljS2V5VXJsfWBcbiAgICAgICk7XG4gICAgfVxuICB9IGNhdGNoIChlKSB7XG4gICAgdGhyb3cgbmV3IFBhcnNlLkVycm9yKFxuICAgICAgUGFyc2UuRXJyb3IuT0JKRUNUX05PVF9GT1VORCxcbiAgICAgIGBBcHBsZSBHYW1lIENlbnRlciAtIGludmFsaWQgcHVibGljS2V5VXJsOiAke3B1YmxpY0tleVVybH1gXG4gICAgKTtcbiAgfVxuICByZXR1cm4gY2VydDtcbn1cblxuLy8gUmV0dXJucyBhIHByb21pc2UgdGhhdCBmdWxmaWxscyBpZiB0aGlzIHVzZXIgaWQgaXMgdmFsaWQuXG5hc3luYyBmdW5jdGlvbiB2YWxpZGF0ZUF1dGhEYXRhKGF1dGhEYXRhKSB7XG4gIGlmICghYXV0aERhdGEuaWQpIHtcbiAgICB0aHJvdyBuZXcgUGFyc2UuRXJyb3IoUGFyc2UuRXJyb3IuT0JKRUNUX05PVF9GT1VORCwgJ0FwcGxlIEdhbWUgQ2VudGVyIC0gYXV0aERhdGEgaWQgbWlzc2luZycpO1xuICB9XG4gIGF1dGhEYXRhLnBsYXllcklkID0gYXV0aERhdGEuaWQ7XG4gIGNvbnN0IHB1YmxpY0tleSA9IGF3YWl0IGdldEFwcGxlQ2VydGlmaWNhdGUoYXV0aERhdGEucHVibGljS2V5VXJsKTtcbiAgcmV0dXJuIHZlcmlmeVNpZ25hdHVyZShwdWJsaWNLZXksIGF1dGhEYXRhKTtcbn1cblxuLy8gUmV0dXJucyBhIHByb21pc2UgdGhhdCBmdWxmaWxscyBpZiB0aGlzIGFwcCBpZCBpcyB2YWxpZC5cbmFzeW5jIGZ1bmN0aW9uIHZhbGlkYXRlQXBwSWQoYXBwSWRzLCBhdXRoRGF0YSwgb3B0aW9ucyA9IHt9KSB7XG4gIGlmICghb3B0aW9ucy5yb290Q2VydGlmaWNhdGVVcmwpIHtcbiAgICBvcHRpb25zLnJvb3RDZXJ0aWZpY2F0ZVVybCA9XG4gICAgICAnaHR0cHM6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRHNENvZGVTaWduaW5nUlNBNDA5NlNIQTM4NDIwMjFDQTEuY3J0LnBlbSc7XG4gIH1cbiAgaWYgKGNhLnVybCA9PT0gb3B0aW9ucy5yb290Q2VydGlmaWNhdGVVcmwpIHtcbiAgICByZXR1cm47XG4gIH1cbiAgY29uc3QgeyBjZXJ0aWZpY2F0ZSwgaGVhZGVycyB9ID0gYXdhaXQgZ2V0Q2VydGlmaWNhdGUob3B0aW9ucy5yb290Q2VydGlmaWNhdGVVcmwsIHRydWUpO1xuICBpZiAoXG4gICAgaGVhZGVyc1snY29udGVudC10eXBlJ10gIT09ICdhcHBsaWNhdGlvbi94LXBlbS1maWxlJyB8fFxuICAgIGhlYWRlcnNbJ2NvbnRlbnQtbGVuZ3RoJ10gPT0gbnVsbCB8fFxuICAgIGhlYWRlcnNbJ2NvbnRlbnQtbGVuZ3RoJ10gPiAxMDAwMFxuICApIHtcbiAgICB0aHJvdyBuZXcgUGFyc2UuRXJyb3IoXG4gICAgICBQYXJzZS5FcnJvci5PQkpFQ1RfTk9UX0ZPVU5ELFxuICAgICAgJ0FwcGxlIEdhbWUgQ2VudGVyIGF1dGggYWRhcHRlciBwYXJhbWV0ZXIgYHJvb3RDZXJ0aWZpY2F0ZVVSTGAgaXMgaW52YWxpZC4nXG4gICAgKTtcbiAgfVxuICBjYS5jZXJ0ID0gcGtpLmNlcnRpZmljYXRlRnJvbVBlbShjZXJ0aWZpY2F0ZSk7XG4gIGNhLnVybCA9IG9wdGlvbnMucm9vdENlcnRpZmljYXRlVXJsO1xufVxuXG5tb2R1bGUuZXhwb3J0cyA9IHtcbiAgdmFsaWRhdGVBcHBJZCxcbiAgdmFsaWRhdGVBdXRoRGF0YSxcbiAgY2FjaGUsXG59O1xuIl19
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "parse-server",
3
- "version": "4.10.8",
3
+ "version": "4.10.11",
4
4
  "description": "An express module providing a Parse-compatible API server",
5
5
  "main": "lib/index.js",
6
6
  "repository": {
@@ -24,7 +24,7 @@
24
24
  "@graphql-tools/stitch": "6.2.4",
25
25
  "@graphql-tools/utils": "6.2.4",
26
26
  "@parse/fs-files-adapter": "1.2.0",
27
- "@parse/push-adapter": "3.4.1",
27
+ "@parse/push-adapter": "4.1.2",
28
28
  "@parse/s3-files-adapter": "1.6.2",
29
29
  "@parse/simple-mailgun-adapter": "1.1.0",
30
30
  "apollo-server-express": "2.19.0",