purmemo-mcp 14.2.0 → 15.0.0

package/dist/auth/oauth-manager.d.ts

@@ -0,0 +1,67 @@
+/**
+ * OAuth Manager for Purmemo MCP
+ * Handles OAuth 2.1 + PKCE flow for seamless authentication
+ */
+interface OAuthConfig {
+    apiUrl?: string;
+    clientId?: string;
+    redirectUri?: string;
+}
+declare class OAuthManager {
+    private apiUrl;
+    private clientId;
+    private redirectUri;
+    private tokenStore;
+    private server;
+    private pendingAuth;
+    private platform;
+    constructor(config?: OAuthConfig);
+    /**
+     * Get current authentication token
+     * @returns {Promise<string|null>} Access token or null if not authenticated
+     */
+    getToken(): Promise<any>;
+    /**
+     * Check if token is expired or about to expire
+     */
+    isTokenExpired(token: any): boolean;
+    /**
+     * Start OAuth flow
+     * @returns {Promise<string>} Access token
+     */
+    authenticate(): Promise<string>;
+    /**
+     * Perform the actual OAuth flow
+     */
+    performOAuthFlow(): Promise<any>;
+    /**
+     * Start local server to handle OAuth callback
+     */
+    startCallbackServer(expectedState: any): Promise<unknown>;
+    /**
+     * Stop the callback server
+     */
+    stopCallbackServer(): void;
+    /**
+     * Exchange authorization code for access token
+     */
+    exchangeCodeForToken(code: any, codeVerifier: any): Promise<any>;
+    /**
+     * Refresh access token
+     */
+    refreshToken(refreshToken: any): Promise<any>;
+    /**
+     * Clear stored authentication
+     */
+    logout(): Promise<void>;
+    /**
+     * Generate PKCE code verifier
+     */
+    generateCodeVerifier(): string;
+    /**
+     * Generate PKCE code challenge from verifier
+     */
+    generateCodeChallenge(verifier: any): string;
+}
+export default OAuthManager;
+//# sourceMappingURL=oauth-manager.d.ts.map

package/dist/auth/oauth-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-manager.d.ts","sourceRoot":"","sources":["../../src/auth/oauth-manager.ts"],"names":[],"mappings":"AACA;;;GAGG;AAWH,UAAU,WAAW;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,cAAM,YAAY;IAChB,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,MAAM,CAAgB;IAC9B,OAAO,CAAC,WAAW,CAAyB;IAC5C,OAAO,CAAC,QAAQ,CAAS;gBAEb,MAAM,GAAE,WAAgB;IAapC;;;OAGG;IACG,QAAQ;IA4Bd;;OAEG;IACH,cAAc,CAAC,KAAK,KAAA;IAUpB;;;OAGG;IACG,YAAY;IAelB;;OAEG;IACG,gBAAgB;IA6EtB;;OAEG;IACH,mBAAmB,CAAC,aAAa,KAAA;IAsHjC;;OAEG;IACH,kBAAkB;IAOlB;;OAEG;IACG,oBAAoB,CAAC,IAAI,KAAA,EAAE,YAAY,KAAA;IAqC7C;;OAEG;IACG,YAAY,CAAC,YAAY,KAAA;IAsC/B;;OAEG;IACG,MAAM;IAKZ;;OAEG;IACH,oBAAoB;IAIpB;;OAEG;IACH,qBAAqB,CAAC,QAAQ,KAAA;CAG/B;AAED,eAAe,YAAY,CAAC"}

package/dist/auth/oauth-manager.js

@@ -0,0 +1,367 @@
+// @ts-nocheck — OAuth CLI utility, full typing in follow-up
+/**
+ * OAuth Manager for Purmemo MCP
+ * Handles OAuth 2.1 + PKCE flow for seamless authentication
+ */
+import * as crypto from 'crypto';
+import express from 'express';
+import open from 'open';
+import { execFile } from 'child_process';
+import * as os from 'os';
+import TokenStore from './token-store.js';
+class OAuthManager {
+    apiUrl;
+    clientId;
+    redirectUri;
+    tokenStore;
+    server;
+    pendingAuth;
+    platform;
+    constructor(config = {}) {
+        this.apiUrl = config.apiUrl || process.env.PURMEMO_API_URL || 'https://api.purmemo.ai';
+        this.clientId = config.clientId || 'chatgpt-purmemo';
+        this.redirectUri = config.redirectUri || 'http://localhost:3456/callback';
+        this.tokenStore = new TokenStore();
+        this.server = null;
+        this.pendingAuth = null;
+        this.platform = os.platform();
+    }
+    // Removed complex browser opening strategies - going manual-first
+    // The performOAuthFlow method now handles everything clearly
+    /**
+     * Get current authentication token
+     * @returns {Promise<string|null>} Access token or null if not authenticated
+     */
+    async getToken() {
+        // First check if we have a valid token
+        const storedToken = await this.tokenStore.getToken();
+        if (storedToken && storedToken.access_token) {
+            // Check if token needs refresh (expired or close to expiry)
+            if (this.isTokenExpired(storedToken)) {
+                try {
+                    return await this.refreshToken(storedToken.refresh_token);
+                }
+                catch (error) {
+                    console.error('Token refresh failed:', error.message);
+                    // If refresh fails, start new OAuth flow
+                    return null;
+                }
+            }
+            return storedToken.access_token;
+        }
+        // Fallback to environment variable for backwards compatibility
+        const envApiKey = process.env.PURMEMO_API_KEY;
+        if (envApiKey) {
+            console.log('📔 Using API key from environment variable');
+            return envApiKey;
+        }
+        return null;
+    }
+    /**
+     * Check if token is expired or about to expire
+     */
+    isTokenExpired(token) {
+        if (!token.expires_at)
+            return false;
+        const now = Date.now();
+        const expiresAt = new Date(token.expires_at).getTime();
+        const bufferTime = 5 * 60 * 1000; // 5 minutes buffer
+        return now >= (expiresAt - bufferTime);
+    }
+    /**
+     * Start OAuth flow
+     * @returns {Promise<string>} Access token
+     */
+    async authenticate() {
+        if (this.pendingAuth) {
+            return this.pendingAuth;
+        }
+        this.pendingAuth = this.performOAuthFlow();
+        try {
+            const token = await this.pendingAuth;
+            return token;
+        }
+        finally {
+            this.pendingAuth = null;
+        }
+    }
+    /**
+     * Perform the actual OAuth flow
+     */
+    async performOAuthFlow() {
+        // Generate PKCE challenge
+        const codeVerifier = this.generateCodeVerifier();
+        const codeChallenge = this.generateCodeChallenge(codeVerifier);
+        const state = crypto.randomBytes(16).toString('hex');
+        // Build OAuth URL
+        const authUrl = new URL(`${this.apiUrl}/api/oauth/authorize`);
+        authUrl.searchParams.append('client_id', this.clientId);
+        authUrl.searchParams.append('redirect_uri', this.redirectUri);
+        authUrl.searchParams.append('response_type', 'code');
+        authUrl.searchParams.append('scope', 'memories.read memories.write entities.read');
+        authUrl.searchParams.append('state', state);
+        authUrl.searchParams.append('code_challenge', codeChallenge);
+        authUrl.searchParams.append('code_challenge_method', 'S256');
+        // MANUAL-FIRST: Show the URL BEFORE starting the server
+        console.log('\n' + '═'.repeat(70));
+        console.log('🔐 AUTHENTICATION REQUIRED');
+        console.log('═'.repeat(70));
+        console.log('');
+        console.log('Please complete authentication in your browser:');
+        console.log('');
+        console.log('📋 COPY THIS URL:');
+        console.log('─'.repeat(70));
+        console.log(authUrl.toString());
+        console.log('─'.repeat(70));
+        console.log('');
+        console.log('📱 STEPS:');
+        console.log('  1. Copy the URL above');
+        console.log('  2. Open your browser');
+        console.log('  3. Paste and press Enter');
+        console.log('  4. Sign in with Google, GitHub, or Email');
+        console.log('  5. You\'ll be redirected back automatically');
+        console.log('');
+        console.log('⏳ Waiting for you to sign in...');
+        console.log('═'.repeat(70));
+        console.log('');
+        // NOW start the callback server after showing instructions
+        const authCode = await this.startCallbackServer(state);
+        // Try to open browser quietly in background (might work, might not)
+        try {
+            if (this.platform === 'darwin') {
+                // On macOS, use execFile (not exec) to avoid shell injection vulnerabilities
+                // execFile doesn't spawn a shell, so the URL is passed as a safe argument
+                execFile('open', [authUrl.toString()], (error) => {
+                    if (!error) {
+                        console.log('✨ Browser opened automatically - check your browser tabs');
+                    }
+                    // If it fails, that's fine - user has manual instructions
+                });
+            }
+            else {
+                // Try other platforms
+                await open(authUrl.toString(), { wait: false }).catch(() => {
+                    // Silently fail - manual instructions are already shown
+                });
+            }
+        }
+        catch {
+            // Silent fail - manual instructions are primary
+        }
+        // Wait for callback with auth code
+        const code = await authCode;
+        // Exchange code for token
+        const tokenResponse = await this.exchangeCodeForToken(code, codeVerifier);
+        // Store token securely
+        await this.tokenStore.saveToken(tokenResponse);
+        console.log('✅ Authentication successful!\n');
+        return tokenResponse.access_token;
+    }
+    /**
+     * Start local server to handle OAuth callback
+     */
+    startCallbackServer(expectedState) {
+        return new Promise((resolve, reject) => {
+            const app = express();
+            let resolved = false;
+            app.get('/callback', async (req, res) => {
+                const { code, state, error, error_description } = req.query;
+                if (error) {
+                    res.send(`
+            <html>
+              <head>
+                <title>Authentication Failed</title>
+                <style>
+                  body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; 
+                         display: flex; justify-content: center; align-items: center; 
+                         height: 100vh; margin: 0; background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); }
+                  .container { background: white; padding: 40px; border-radius: 10px; 
+                              box-shadow: 0 20px 60px rgba(0,0,0,0.3); text-align: center; max-width: 400px; }
+                  h1 { color: #e53e3e; margin: 0 0 10px 0; }
+                  p { color: #718096; margin: 10px 0; }
+                  .error { background: #fed7d7; padding: 10px; border-radius: 5px; 
+                          color: #c53030; margin-top: 20px; }
+                </style>
+              </head>
+              <body>
+                <div class="container">
+                  <h1>❌ Authentication Failed</h1>
+                  <p>Unable to complete authentication</p>
+                  <div class="error">${error}: ${error_description || 'Unknown error'}</div>
+                  <p style="margin-top: 20px; font-size: 14px;">You can close this window</p>
+                </div>
+              </body>
+            </html>
+          `);
+                    if (!resolved) {
+                        resolved = true;
+                        this.stopCallbackServer();
+                        reject(new Error(`OAuth error: ${error} - ${error_description}`));
+                    }
+                    return;
+                }
+                if (state !== expectedState) {
+                    res.send(`
+            <html>
+              <head><title>Security Error</title></head>
+              <body style="font-family: sans-serif; text-align: center; padding: 50px;">
+                <h1 style="color: red;">Security Error</h1>
+                <p>State mismatch - possible CSRF attack</p>
+              </body>
+            </html>
+          `);
+                    if (!resolved) {
+                        resolved = true;
+                        this.stopCallbackServer();
+                        reject(new Error('OAuth state mismatch'));
+                    }
+                    return;
+                }
+                // Success response
+                res.send(`
+          <html>
+            <head>
+              <title>Authentication Successful</title>
+              <style>
+                body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; 
+                       display: flex; justify-content: center; align-items: center; 
+                       height: 100vh; margin: 0; background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); }
+                .container { background: white; padding: 40px; border-radius: 10px; 
+                            box-shadow: 0 20px 60px rgba(0,0,0,0.3); text-align: center; max-width: 400px; }
+                h1 { color: #48bb78; margin: 0 0 10px 0; }
+                p { color: #718096; margin: 10px 0; }
+                .success { background: #c6f6d5; padding: 15px; border-radius: 5px; 
+                          color: #22543d; margin-top: 20px; }
+                .logo { font-size: 48px; margin-bottom: 20px; }
+              </style>
+            </head>
+            <body>
+              <div class="container">
+                <div class="logo">🧠</div>
+                <h1>✅ Authentication Successful!</h1>
+                <p>You're now connected to Purmemo</p>
+                <div class="success">
+                  You can now close this window and return to Claude Desktop
+                </div>
+                <script>setTimeout(() => window.close(), 3000);</script>
+              </div>
+            </body>
+          </html>
+        `);
+                if (!resolved) {
+                    resolved = true;
+                    this.stopCallbackServer();
+                    resolve(code);
+                }
+            });
+            // Start server
+            this.server = app.listen(3456, () => {
+                console.log('🌐 Waiting for authentication callback...\n');
+            });
+            // Timeout after 5 minutes
+            setTimeout(() => {
+                if (!resolved) {
+                    resolved = true;
+                    this.stopCallbackServer();
+                    reject(new Error('Authentication timeout'));
+                }
+            }, 5 * 60 * 1000);
+        });
+    }
+    /**
+     * Stop the callback server
+     */
+    stopCallbackServer() {
+        if (this.server) {
+            this.server.close();
+            this.server = null;
+        }
+    }
+    /**
+     * Exchange authorization code for access token
+     */
+    async exchangeCodeForToken(code, codeVerifier) {
+        const response = await fetch(`${this.apiUrl}/api/oauth/token`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'User-Agent': 'purmemo-mcp/2.0.0'
+            },
+            body: JSON.stringify({
+                grant_type: 'authorization_code',
+                code,
+                client_id: this.clientId,
+                redirect_uri: this.redirectUri,
+                code_verifier: codeVerifier
+            })
+        });
+        if (!response.ok) {
+            const error = await response.text();
+            throw new Error(`Token exchange failed: ${error}`);
+        }
+        const tokenData = await response.json();
+        // Add expiry time
+        if (tokenData.expires_in) {
+            tokenData.expires_at = new Date(Date.now() + tokenData.expires_in * 1000).toISOString();
+        }
+        // Store user tier info
+        if (tokenData.user) {
+            tokenData.user_tier = tokenData.user.tier || 'free';
+            tokenData.memory_limit = tokenData.user.tier === 'pro' ? null : 100;
+        }
+        return tokenData;
+    }
+    /**
+     * Refresh access token
+     */
+    async refreshToken(refreshToken) {
+        if (!refreshToken) {
+            throw new Error('No refresh token available');
+        }
+        console.log('🔄 Refreshing authentication token...');
+        const response = await fetch(`${this.apiUrl}/api/auth/refresh`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'User-Agent': 'purmemo-mcp/2.0.0'
+            },
+            body: JSON.stringify({
+                refresh_token: refreshToken
+            })
+        });
+        if (!response.ok) {
+            const error = await response.text();
+            throw new Error(`Token refresh failed: ${error}`);
+        }
+        const tokenData = await response.json();
+        // Add expiry time
+        if (tokenData.expires_in) {
+            tokenData.expires_at = new Date(Date.now() + tokenData.expires_in * 1000).toISOString();
+        }
+        // Store refreshed token
+        await this.tokenStore.saveToken(tokenData);
+        console.log('✅ Token refreshed successfully');
+        return tokenData.access_token;
+    }
+    /**
+     * Clear stored authentication
+     */
+    async logout() {
+        await this.tokenStore.clearToken();
+        console.log('👋 Logged out successfully');
+    }
+    /**
+     * Generate PKCE code verifier
+     */
+    generateCodeVerifier() {
+        return crypto.randomBytes(32).toString('base64url');
+    }
+    /**
+     * Generate PKCE code challenge from verifier
+     */
+    generateCodeChallenge(verifier) {
+        return crypto.createHash('sha256').update(verifier).digest('base64url');
+    }
+}
+export default OAuthManager;
+//# sourceMappingURL=oauth-manager.js.map

package/dist/auth/oauth-manager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-manager.js","sourceRoot":"","sources":["../../src/auth/oauth-manager.ts"],"names":[],"mappings":"AAAA,4DAA4D;AAC5D;;;GAGG;AAEH,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,OAAO,MAAM,SAAS,CAAC;AAC9B,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,UAAU,MAAM,kBAAkB,CAAC;AAU1C,MAAM,YAAY;IACR,MAAM,CAAS;IACf,QAAQ,CAAS;IACjB,WAAW,CAAS;IACpB,UAAU,CAAa;IACvB,MAAM,CAAgB;IACtB,WAAW,CAAyB;IACpC,QAAQ,CAAS;IAEzB,YAAY,SAAsB,EAAE;QAClC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,wBAAwB,CAAC;QACvF,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,iBAAiB,CAAC;QACrD,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,gCAAgC,CAAC;QAC1E,IAAI,CAAC,UAAU,GAAG,IAAI,UAAU,EAAE,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACnB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QACxB,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;IAChC,CAAC;IAED,kEAAkE;IAClE,6DAA6D;IAE7D;;;OAGG;IACH,KAAK,CAAC,QAAQ;QACZ,uCAAuC;QACvC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;QAErD,IAAI,WAAW,IAAI,WAAW,CAAC,YAAY,EAAE,CAAC;YAC5C,4DAA4D;YAC5D,IAAI,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC;gBACrC,IAAI,CAAC;oBACH,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;gBAC5D,CAAC;gBAAC,OAAO,KAAc,EAAE,CAAC;oBACxB,OAAO,CAAC,KAAK,CAAC,uBAAuB,EAAG,KAAe,CAAC,OAAO,CAAC,CAAC;oBACjE,yCAAyC;oBACzC,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;YACD,OAAO,WAAW,CAAC,YAAY,CAAC;QAClC,CAAC;QAED,+DAA+D;QAC/D,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;QAC9C,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;YAC1D,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,KAAK;QAClB,IAAI,CAAC,KAAK,CAAC,UAAU;YAAE,OAAO,KAAK,CAAC;QAEpC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,OAAO,EAAE,CAAC;QACvD,MAAM,UAAU,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,mBAAmB;QAErD,OAAO,GAAG,IAAI,CAAC,SAAS,GAAG,UAAU,CAAC,CAAC;IACzC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,YAAY;QAChB,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,OAAO,IAAI,CAAC,WAAW,CAAC;QAC1B,CAAC;QAED,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAE3C,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC;YACrC,OAAO,KAAK,CAAC;QACf,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QAC1B,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB;QACpB,0BAA0B;QAC1B,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;QACjD,MAAM,aAAa,GAAG,IAAI,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC;QAC/D,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAErD,kBAAkB;QAClB,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,sBAAsB,CAAC,CAAC;QAC9D,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAC9D,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QACrD,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,4CAA4C,CAAC,CAAC;QACnF,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC5C,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC;QAC7D,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;QAE7D,wDAAwD;QACxD,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;QAC/D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;QAChC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACtC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEhB,2DAA2D;QAC3D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;QAEvD,oEAAoE;QACpE,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAC/B,6EAA6E;gBAC7E,0EAA0E;gBAC1E,QAAQ,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE;oBAC/C,IAAI,CAAC,KAAK,EAAE,CAAC;wBACX,OAAO,CAAC,GAAG,CAAC,0DAA0D,CAAC,CAAC;oBAC1E,CAAC;oBACD,0DAA0D;gBAC5D,CAAC,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,sBAAsB;gBACtB,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;oBACzD,wDAAwD;gBAC1D,CAAC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,gDAAgD;QAClD,CAAC;QAED,mCAAmC;QACnC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC;QAE5B,0BAA0B;QAC1B,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;QAE1E,uBAAuB;QACvB,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QAE/C,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;QAE9C,OAAO,aAAa,CAAC,YAAY,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,aAAa;QAC/B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;YACtB,IAAI,QAAQ,GAAG,KAAK,CAAC;YAErB,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE;gBACtC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC;gBAE5D,IAAI,KAAK,EAAE,CAAC;oBACV,GAAG,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;uCAoBoB,KAAK,KAAK,iBAAiB,IAAI,eAAe;;;;;WAK1E,CAAC,CAAC;oBAEH,IAAI,CAAC,QAAQ,EAAE,CAAC;wBACd,QAAQ,GAAG,IAAI,CAAC;wBAChB,IAAI,CAAC,kBAAkB,EAAE,CAAC;wBAC1B,MAAM,CAAC,IAAI,KAAK,CAAC,gBAAgB,KAAK,MAAM,iBAAiB,EAAE,CAAC,CAAC,CAAC;oBACpE,CAAC;oBACD,OAAO;gBACT,CAAC;gBAED,IAAI,KAAK,KAAK,aAAa,EAAE,CAAC;oBAC5B,GAAG,CAAC,IAAI,CAAC;;;;;;;;WAQR,CAAC,CAAC;oBAEH,IAAI,CAAC,QAAQ,EAAE,CAAC;wBACd,QAAQ,GAAG,IAAI,CAAC;wBAChB,IAAI,CAAC,kBAAkB,EAAE,CAAC;wBAC1B,MAAM,CAAC,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC;oBAC5C,CAAC;oBACD,OAAO;gBACT,CAAC;gBAED,mBAAmB;gBACnB,GAAG,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;SA6BR,CAAC,CAAC;gBAEH,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACd,QAAQ,GAAG,IAAI,CAAC;oBAChB,IAAI,CAAC,kBAAkB,EAAE,CAAC;oBAC1B,OAAO,CAAC,IAAI,CAAC,CAAC;gBAChB,CAAC;YACH,CAAC,CAAC,CAAC;YAEH,eAAe;YACf,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE;gBAClC,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;YAC7D,CAAC,CAAC,CAAC;YAEH,0BAA0B;YAC1B,UAAU,CAAC,GAAG,EAAE;gBACd,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACd,QAAQ,GAAG,IAAI,CAAC;oBAChB,IAAI,CAAC,kBAAkB,EAAE,CAAC;oBAC1B,MAAM,CAAC,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC,EAAE,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QACpB,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACpB,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;QACrB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,oBAAoB,CAAC,IAAI,EAAE,YAAY;QAC3C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,MAAM,kBAAkB,EAAE;YAC7D,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,YAAY,EAAE,mBAAmB;aAClC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,UAAU,EAAE,oBAAoB;gBAChC,IAAI;gBACJ,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,YAAY,EAAE,IAAI,CAAC,WAAW;gBAC9B,aAAa,EAAE,YAAY;aAC5B,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,0BAA0B,KAAK,EAAE,CAAC,CAAC;QACrD,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAExC,kBAAkB;QAClB,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC;YACzB,SAAS,CAAC,UAAU,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAC1F,CAAC;QAED,uBAAuB;QACvB,IAAI,SAAS,CAAC,IAAI,EAAE,CAAC;YACnB,SAAS,CAAC,SAAS,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,IAAI,MAAM,CAAC;YACpD,SAAS,CAAC,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;QACtE,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,YAAY;QAC7B,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;QAErD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,MAAM,mBAAmB,EAAE;YAC9D,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,YAAY,EAAE,mBAAmB;aAClC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,aAAa,EAAE,YAAY;aAC5B,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,yBAAyB,KAAK,EAAE,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAExC,kBAAkB;QAClB,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC;YACzB,SAAS,CAAC,UAAU,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAC1F,CAAC;QAED,wBAAwB;QACxB,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAE3C,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;QAE9C,OAAO,SAAS,CAAC,YAAY,CAAC;IAChC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,oBAAoB;QAClB,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACtD,CAAC;IAED;;OAEG;IACH,qBAAqB,CAAC,QAAQ;QAC5B,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAC1E,CAAC;CACF;AAED,eAAe,YAAY,CAAC"}

package/dist/auth/token-store.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Secure Token Storage for Purmemo MCP
+ * Stores OAuth tokens securely in user's home directory
+ */
+import type { TokenData, UserInfo, EncryptedPayload } from '../types.js';
+declare class TokenStore {
+    private configDir;
+    private tokenFile;
+    private encryptionKey;
+    constructor();
+    /** Get or generate encryption key for token storage */
+    private getEncryptionKey;
+    /** Ensure config directory exists */
+    ensureConfigDir(): Promise<void>;
+    /** Encrypt data */
+    encrypt(data: TokenData): EncryptedPayload;
+    /** Decrypt data */
+    decrypt(encryptedData: EncryptedPayload): TokenData;
+    /** Save token to disk */
+    saveToken(tokenData: TokenData): Promise<void>;
+    /** Get stored token */
+    getToken(): Promise<TokenData | null>;
+    /** Clear stored token */
+    clearToken(): Promise<void>;
+    /** Check if token exists */
+    hasToken(): Promise<boolean>;
+    /** Get user info from stored token */
+    getUserInfo(): Promise<UserInfo | null>;
+}
+export default TokenStore;
+//# sourceMappingURL=token-store.d.ts.map

package/dist/auth/token-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-store.d.ts","sourceRoot":"","sources":["../../src/auth/token-store.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEzE,cAAM,UAAU;IACd,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,aAAa,CAAS;;IAQ9B,uDAAuD;IACvD,OAAO,CAAC,gBAAgB;IAKxB,qCAAqC;IAC/B,eAAe,IAAI,OAAO,CAAC,IAAI,CAAC;IAWtC,mBAAmB;IACnB,OAAO,CAAC,IAAI,EAAE,SAAS,GAAG,gBAAgB;IAa1C,mBAAmB;IACnB,OAAO,CAAC,aAAa,EAAE,gBAAgB,GAAG,SAAS;IAUnD,yBAAyB;IACnB,SAAS,CAAC,SAAS,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAepD,uBAAuB;IACjB,QAAQ,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAc3C,yBAAyB;IACnB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAUjC,4BAA4B;IACtB,QAAQ,IAAI,OAAO,CAAC,OAAO,CAAC;IASlC,sCAAsC;IAChC,WAAW,IAAI,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;CAY9C;AAED,eAAe,UAAU,CAAC"}

package/dist/auth/token-store.js

@@ -0,0 +1,114 @@
+/**
+ * Secure Token Storage for Purmemo MCP
+ * Stores OAuth tokens securely in user's home directory
+ */
+import * as fs from 'fs/promises';
+import * as path from 'path';
+import * as crypto from 'crypto';
+import * as os from 'os';
+class TokenStore {
+    configDir;
+    tokenFile;
+    encryptionKey;
+    constructor() {
+        this.configDir = path.join(os.homedir(), '.purmemo');
+        this.tokenFile = path.join(this.configDir, 'auth.json');
+        this.encryptionKey = this.getEncryptionKey();
+    }
+    /** Get or generate encryption key for token storage */
+    getEncryptionKey() {
+        const machineId = os.hostname() + os.userInfo().username;
+        return crypto.createHash('sha256').update(machineId).digest();
+    }
+    /** Ensure config directory exists */
+    async ensureConfigDir() {
+        try {
+            await fs.mkdir(this.configDir, { recursive: true });
+            if (process.platform !== 'win32') {
+                await fs.chmod(this.configDir, 0o700);
+            }
+        }
+        catch (error) {
+            console.error('Failed to create config directory:', error);
+        }
+    }
+    /** Encrypt data */
+    encrypt(data) {
+        const iv = crypto.randomBytes(16);
+        const cipher = crypto.createCipheriv('aes-256-cbc', this.encryptionKey, iv);
+        let encrypted = cipher.update(JSON.stringify(data), 'utf8', 'hex');
+        encrypted += cipher.final('hex');
+        return {
+            iv: iv.toString('hex'),
+            data: encrypted
+        };
+    }
+    /** Decrypt data */
+    decrypt(encryptedData) {
+        const iv = Buffer.from(encryptedData.iv, 'hex');
+        const decipher = crypto.createDecipheriv('aes-256-cbc', this.encryptionKey, iv);
+        let decrypted = decipher.update(encryptedData.data, 'hex', 'utf8');
+        decrypted += decipher.final('utf8');
+        return JSON.parse(decrypted);
+    }
+    /** Save token to disk */
+    async saveToken(tokenData) {
+        await this.ensureConfigDir();
+        const encrypted = this.encrypt(tokenData);
+        await fs.writeFile(this.tokenFile, JSON.stringify(encrypted, null, 2), 'utf8');
+        if (process.platform !== 'win32') {
+            await fs.chmod(this.tokenFile, 0o600);
+        }
+    }
+    /** Get stored token */
+    async getToken() {
+        try {
+            const data = await fs.readFile(this.tokenFile, 'utf8');
+            const encrypted = JSON.parse(data);
+            return this.decrypt(encrypted);
+        }
+        catch (error) {
+            if (error.code === 'ENOENT') {
+                return null;
+            }
+            console.error('Failed to read token:', error.message);
+            return null;
+        }
+    }
+    /** Clear stored token */
+    async clearToken() {
+        try {
+            await fs.unlink(this.tokenFile);
+        }
+        catch (error) {
+            if (error.code !== 'ENOENT') {
+                console.error('Failed to clear token:', error);
+            }
+        }
+    }
+    /** Check if token exists */
+    async hasToken() {
+        try {
+            await fs.access(this.tokenFile);
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    /** Get user info from stored token */
+    async getUserInfo() {
+        const token = await this.getToken();
+        if (!token)
+            return null;
+        return {
+            user_id: token.user?.id,
+            email: token.user?.email,
+            tier: token.user_tier || 'free',
+            memory_limit: token.memory_limit,
+            expires_at: token.expires_at
+        };
+    }
+}
+export default TokenStore;
+//# sourceMappingURL=token-store.js.map

package/dist/auth/token-store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-store.js","sourceRoot":"","sources":["../../src/auth/token-store.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AAGzB,MAAM,UAAU;IACN,SAAS,CAAS;IAClB,SAAS,CAAS;IAClB,aAAa,CAAS;IAE9B;QACE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,UAAU,CAAC,CAAC;QACrD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;QACxD,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;IAC/C,CAAC;IAED,uDAAuD;IAC/C,gBAAgB;QACtB,MAAM,SAAS,GAAG,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACzD,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,EAAE,CAAC;IAChE,CAAC;IAED,qCAAqC;IACrC,KAAK,CAAC,eAAe;QACnB,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACpD,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;gBACjC,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;YACxC,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,mBAAmB;IACnB,OAAO,CAAC,IAAe;QACrB,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAE5E,IAAI,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;QACnE,SAAS,IAAI,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEjC,OAAO;YACL,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC;YACtB,IAAI,EAAE,SAAS;SAChB,CAAC;IACJ,CAAC;IAED,mBAAmB;IACnB,OAAO,CAAC,aAA+B;QACrC,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAChD,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAEhF,IAAI,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QACnE,SAAS,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAEpC,OAAO,IAAI,CAAC,KAAK,CAAC,SAAS,CAAc,CAAC;IAC5C,CAAC;IAED,yBAAyB;IACzB,KAAK,CAAC,SAAS,CAAC,SAAoB;QAClC,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAE7B,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC1C,MAAM,EAAE,CAAC,SAAS,CAChB,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,EAClC,MAAM,CACP,CAAC;QAEF,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACjC,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,uBAAuB;IACvB,KAAK,CAAC,QAAQ;QACZ,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACvD,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAqB,CAAC;YACvD,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACjC,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvD,OAAO,IAAI,CAAC;YACd,CAAC;YACD,OAAO,CAAC,KAAK,CAAC,uBAAuB,EAAG,KAAe,CAAC,OAAO,CAAC,CAAC;YACjE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,yBAAyB;IACzB,KAAK,CAAC,UAAU;QACd,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAClC,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACvD,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;IACH,CAAC;IAED,4BAA4B;IAC5B,KAAK,CAAC,QAAQ;QACZ,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAChC,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,KAAK,CAAC,WAAW;QACf,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACpC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QAExB,OAAO;YACL,OAAO,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE;YACvB,KAAK,EAAE,KAAK,CAAC,IAAI,EAAE,KAAK;YACxB,IAAI,EAAE,KAAK,CAAC,SAAS,IAAI,MAAM;YAC/B,YAAY,EAAE,KAAK,CAAC,YAAY;YAChC,UAAU,EAAE,KAAK,CAAC,UAAU;SAC7B,CAAC;IACJ,CAAC;CACF;AAED,eAAe,UAAU,CAAC"}