samlesa 2.14.7 → 2.14.9

package/build/src/schema/xmldsig-core-schema.xsd

@@ -0,0 +1,317 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE schema SYSTEM "D:\Project\samlify\src\schema\XMLSchema.dtd"
+ [
+   <!ATTLIST schema
+     xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#">
+   <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
+   <!ENTITY % p ''>
+   <!ENTITY % s ''>
+  ]>
+
+<!-- Schema for XML Signatures
+    http://www.w3.org/2000/09/xmldsig#
+    $Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $
+
+    Copyright 2001 The Internet Society and W3C (Massachusetts Institute
+    of Technology, Institut National de Recherche en Informatique et en
+    Automatique, Keio University). All Rights Reserved.
+    http://www.w3.org/Consortium/Legal/
+
+    This document is governed by the W3C Software License [1] as described
+    in the FAQ [2].
+
+    [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
+    [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
+-->
+
+
+<schema xmlns="http://www.w3.org/2001/XMLSchema"
+        xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+        targetNamespace="http://www.w3.org/2000/09/xmldsig#"
+        version="0.1" elementFormDefault="qualified">
+
+<!-- Basic Types Defined for Signatures -->
+
+<simpleType name="CryptoBinary">
+  <restriction base="base64Binary">
+  </restriction>
+</simpleType>
+
+<!-- Start Signature -->
+
+<element name="Signature" type="ds:SignatureType"/>
+<complexType name="SignatureType">
+  <sequence>
+    <element ref="ds:SignedInfo"/>
+    <element ref="ds:SignatureValue"/>
+    <element ref="ds:KeyInfo" minOccurs="0"/>
+    <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+  <element name="SignatureValue" type="ds:SignatureValueType"/>
+  <complexType name="SignatureValueType">
+    <simpleContent>
+      <extension base="base64Binary">
+        <attribute name="Id" type="ID" use="optional"/>
+      </extension>
+    </simpleContent>
+  </complexType>
+
+<!-- Start SignedInfo -->
+
+<element name="SignedInfo" type="ds:SignedInfoType"/>
+<complexType name="SignedInfoType">
+  <sequence>
+    <element ref="ds:CanonicalizationMethod"/>
+    <element ref="ds:SignatureMethod"/>
+    <element ref="ds:Reference" maxOccurs="unbounded"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+  <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/>
+  <complexType name="CanonicalizationMethodType" mixed="true">
+    <sequence>
+      <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
+      <!-- (0,unbounded) elements from (1,1) namespace -->
+    </sequence>
+    <attribute name="Algorithm" type="anyURI" use="required"/>
+  </complexType>
+
+  <element name="SignatureMethod" type="ds:SignatureMethodType"/>
+  <complexType name="SignatureMethodType" mixed="true">
+    <sequence>
+      <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
+      <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+      <!-- (0,unbounded) elements from (1,1) external namespace -->
+    </sequence>
+    <attribute name="Algorithm" type="anyURI" use="required"/>
+  </complexType>
+
+<!-- Start Reference -->
+
+<element name="Reference" type="ds:ReferenceType"/>
+<complexType name="ReferenceType">
+  <sequence>
+    <element ref="ds:Transforms" minOccurs="0"/>
+    <element ref="ds:DigestMethod"/>
+    <element ref="ds:DigestValue"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+  <attribute name="URI" type="anyURI" use="optional"/>
+  <attribute name="Type" type="anyURI" use="optional"/>
+</complexType>
+
+  <element name="Transforms" type="ds:TransformsType"/>
+  <complexType name="TransformsType">
+    <sequence>
+      <element ref="ds:Transform" maxOccurs="unbounded"/>
+    </sequence>
+  </complexType>
+
+  <element name="Transform" type="ds:TransformType"/>
+  <complexType name="TransformType" mixed="true">
+    <choice minOccurs="0" maxOccurs="unbounded">
+      <any namespace="##other" processContents="lax"/>
+      <!-- (1,1) elements from (0,unbounded) namespaces -->
+      <element name="XPath" type="string"/>
+    </choice>
+    <attribute name="Algorithm" type="anyURI" use="required"/>
+  </complexType>
+
+<!-- End Reference -->
+
+<element name="DigestMethod" type="ds:DigestMethodType"/>
+<complexType name="DigestMethodType" mixed="true">
+  <sequence>
+    <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+  </sequence>
+  <attribute name="Algorithm" type="anyURI" use="required"/>
+</complexType>
+
+<element name="DigestValue" type="ds:DigestValueType"/>
+<simpleType name="DigestValueType">
+  <restriction base="base64Binary"/>
+</simpleType>
+
+<!-- End SignedInfo -->
+
+<!-- Start KeyInfo -->
+
+<element name="KeyInfo" type="ds:KeyInfoType"/>
+<complexType name="KeyInfoType" mixed="true">
+  <choice maxOccurs="unbounded">
+    <element ref="ds:KeyName"/>
+    <element ref="ds:KeyValue"/>
+    <element ref="ds:RetrievalMethod"/>
+    <element ref="ds:X509Data"/>
+    <element ref="ds:PGPData"/>
+    <element ref="ds:SPKIData"/>
+    <element ref="ds:MgmtData"/>
+    <any processContents="lax" namespace="##other"/>
+    <!-- (1,1) elements from (0,unbounded) namespaces -->
+  </choice>
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+  <element name="KeyName" type="string"/>
+  <element name="MgmtData" type="string"/>
+
+  <element name="KeyValue" type="ds:KeyValueType"/>
+  <complexType name="KeyValueType" mixed="true">
+   <choice>
+     <element ref="ds:DSAKeyValue"/>
+     <element ref="ds:RSAKeyValue"/>
+     <any namespace="##other" processContents="lax"/>
+   </choice>
+  </complexType>
+
+  <element name="RetrievalMethod" type="ds:RetrievalMethodType"/>
+  <complexType name="RetrievalMethodType">
+    <sequence>
+      <element ref="ds:Transforms" minOccurs="0"/>
+    </sequence>
+    <attribute name="URI" type="anyURI"/>
+    <attribute name="Type" type="anyURI" use="optional"/>
+  </complexType>
+
+<!-- Start X509Data -->
+
+<element name="X509Data" type="ds:X509DataType"/>
+<complexType name="X509DataType">
+  <sequence maxOccurs="unbounded">
+    <choice>
+      <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
+      <element name="X509SKI" type="base64Binary"/>
+      <element name="X509SubjectName" type="string"/>
+      <element name="X509Certificate" type="base64Binary"/>
+      <element name="X509CRL" type="base64Binary"/>
+      <any namespace="##other" processContents="lax"/>
+    </choice>
+  </sequence>
+</complexType>
+
+<complexType name="X509IssuerSerialType">
+  <sequence>
+    <element name="X509IssuerName" type="string"/>
+    <element name="X509SerialNumber" type="string"/>
+  </sequence>
+</complexType>
+
+<!-- End X509Data -->
+
+<!-- Begin PGPData -->
+
+<element name="PGPData" type="ds:PGPDataType"/>
+<complexType name="PGPDataType">
+  <choice>
+    <sequence>
+      <element name="PGPKeyID" type="base64Binary"/>
+      <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/>
+      <any namespace="##other" processContents="lax" minOccurs="0"
+       maxOccurs="unbounded"/>
+    </sequence>
+    <sequence>
+      <element name="PGPKeyPacket" type="base64Binary"/>
+      <any namespace="##other" processContents="lax" minOccurs="0"
+       maxOccurs="unbounded"/>
+    </sequence>
+  </choice>
+</complexType>
+
+<!-- End PGPData -->
+
+<!-- Begin SPKIData -->
+
+<element name="SPKIData" type="ds:SPKIDataType"/>
+<complexType name="SPKIDataType">
+  <sequence maxOccurs="unbounded">
+    <element name="SPKISexp" type="base64Binary"/>
+    <any namespace="##other" processContents="lax" minOccurs="0"/>
+  </sequence>
+</complexType>
+
+<!-- End SPKIData -->
+
+<!-- End KeyInfo -->
+
+<!-- Start Object (Manifest, SignatureProperty) -->
+
+<element name="Object" type="ds:ObjectType"/>
+<complexType name="ObjectType" mixed="true">
+  <sequence minOccurs="0" maxOccurs="unbounded">
+    <any namespace="##any" processContents="lax"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+  <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet -->
+  <attribute name="Encoding" type="anyURI" use="optional"/>
+</complexType>
+
+<element name="Manifest" type="ds:ManifestType"/>
+<complexType name="ManifestType">
+  <sequence>
+    <element ref="ds:Reference" maxOccurs="unbounded"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+<element name="SignatureProperties" type="ds:SignaturePropertiesType"/>
+<complexType name="SignaturePropertiesType">
+  <sequence>
+    <element ref="ds:SignatureProperty" maxOccurs="unbounded"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+   <element name="SignatureProperty" type="ds:SignaturePropertyType"/>
+   <complexType name="SignaturePropertyType" mixed="true">
+     <choice maxOccurs="unbounded">
+       <any namespace="##other" processContents="lax"/>
+       <!-- (1,1) elements from (1,unbounded) namespaces -->
+     </choice>
+     <attribute name="Target" type="anyURI" use="required"/>
+     <attribute name="Id" type="ID" use="optional"/>
+   </complexType>
+
+<!-- End Object (Manifest, SignatureProperty) -->
+
+<!-- Start Algorithm Parameters -->
+
+<simpleType name="HMACOutputLengthType">
+  <restriction base="integer"/>
+</simpleType>
+
+<!-- Start KeyValue Element-types -->
+
+<element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
+<complexType name="DSAKeyValueType">
+  <sequence>
+    <sequence minOccurs="0">
+      <element name="P" type="ds:CryptoBinary"/>
+      <element name="Q" type="ds:CryptoBinary"/>
+    </sequence>
+    <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
+    <element name="Y" type="ds:CryptoBinary"/>
+    <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
+    <sequence minOccurs="0">
+      <element name="Seed" type="ds:CryptoBinary"/>
+      <element name="PgenCounter" type="ds:CryptoBinary"/>
+    </sequence>
+  </sequence>
+</complexType>
+
+<element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
+<complexType name="RSAKeyValueType">
+  <sequence>
+    <element name="Modulus" type="ds:CryptoBinary"/>
+    <element name="Exponent" type="ds:CryptoBinary"/>
+  </sequence>
+</complexType>
+
+<!-- End KeyValue Element-types -->
+
+<!-- End Signature -->
+
+</schema>

package/build/src/schemaValidator.js

@@ -0,0 +1,40 @@
+import { validateXML } from 'xmllint-wasm';
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+const schemas = [
+    'saml-schema-protocol-2.0.xsd',
+    'datatypes.dtd',
+    'saml-schema-assertion-2.0.xsd',
+    'xmldsig-core-schema.xsd',
+    'XMLSchema.dtd',
+    'xenc-schema.xsd'
+];
+export const validate = async (xml) => {
+    const schemaPath = path.resolve(__dirname, 'schema');
+    const [schema, ...preload] = await Promise.all(schemas.map(async (file) => ({
+        fileName: file,
+        contents: await fs.promises.readFile(`${schemaPath}/${file}`, 'utf-8')
+    })));
+    try {
+        const validationResult = await validateXML({
+            xml: [
+                {
+                    fileName: 'content.xml',
+                    contents: xml,
+                },
+            ],
+            extension: 'schema',
+            schema: [schema.contents],
+            preload: preload
+        });
+        if (validationResult.valid) {
+            return true;
+        }
+        console.debug(validationResult);
+        throw validationResult.errors;
+    }
+    catch (error) {
+        console.error('[ERROR] validateXML', error);
+        throw new Error('ERR_EXCEPTION_VALIDATE_XML');
+    }
+};

package/build/src/types.js

@@ -2,4 +2,3 @@ export { IdentityProvider as IdentityProviderConstructor } from './entity-idp.js
 export { IdpMetadata as IdentityProviderMetadata } from './metadata-idp.js';
 export { ServiceProvider as ServiceProviderConstructor } from './entity-sp.js';
 export { SpMetadata as ServiceProviderMetadata } from './metadata-sp.js';
-//# sourceMappingURL=types.js.map

package/build/src/urn.js

@@ -202,4 +202,3 @@ const elementsOrder = {
     shibboleth: ['KeyDescriptor', 'SingleLogoutService', 'NameIDFormat', 'AssertionConsumerService', 'AttributeConsumingService'],
 };
 export { namespace, tags, algorithms, wording, elementsOrder, messageConfigurations };
-//# sourceMappingURL=urn.js.map

package/build/src/utility.js

@@ -275,4 +275,3 @@ const utility = {
     isNonEmptyArray,
 };
 export default utility;
-//# sourceMappingURL=utility.js.map

package/build/src/validator.js

@@ -22,4 +22,3 @@ function verifyTime(utcNotBefore, utcNotOnOrAfter, drift = [0, 0]) {
         +now < +notOnOrAfterLocal + notOnOrAfterDrift);
 }
 export { verifyTime };
-//# sourceMappingURL=validator.js.map

package/package.json

@@ -1,75 +1,80 @@
-{
-  "name": "samlesa",
-  "version": "2.14.7",
-  "description": "High-level API for Single Sign On (SAML 2.0) baseed on samlify ",
-  "main": "build/index.js",
-  "keywords": [
-    "nodejs",
-    "saml2",
-    "sso",
-    "slo",
-    "metadata"
-  ],
-  "type": "module",
-  "typings": "types/index.d.ts",
-  "scripts": {
-    "build": "tsc",
-    "docs": "docsify serve -o docs",
-    "lint": "tslint -p .",
-    "lint:fix": "tslint -p . --fix",
-    "pretest": "make pretest",
-    "test": "NODE_ENV=test nyc ava",
-    "coverage": "nyc report --reporter=text-lcov | coveralls",
-    "hooks:postinstall": "ln -sf $PWD/.pre-commit.sh $PWD/.git/hooks/pre-commit"
-  },
-  "exports": {
-    ".": {
-      "types": "./types/index.d.ts",
-      "import": "./build/index.js"
-    }
-  },
-  "files": ["build","types"],
-  "contributors": [
-    "Veclea <vemocle@gmail.com>"
-  ],
-  "author": "Veclea",
-  "repository": {
-    "url": "https://github.com/Veclea/samlify.git",
-    "type": "git"
-  },
-  "license": "MIT",
-  "dependencies": {
-    "@xmldom/xmldom": "^0.8.6",
-    "camelcase": "^8.0.0",
-    "pako": "^2.1.0",
-    "uuid": "^11.1.0",
-    "xml": "^1.0.1",
-    "xml-crypto": "^6.1.2",
-    "xml-encryption": "^3.1.0",
-    "xml-escape": "^1.1.0",
-    "xpath": "^0.0.32"
-  },
-  "devDependencies": {
-    "@types/node": "^22.15.17",
-    "@types/pako": "2.0.3",
-    "@types/uuid": "10.0.0",
-    "esbuild": "^0.25.4",
-    "@microsoft/api-extractor": "7.52.8",
-    "ava": "^4.1.0",
-    "coveralls": "^3.1.1",
-    "nyc": "^17.1.0",
-    "timekeeper": "^2.2.0",
-    "typescript": "5.8.3"
-  },
-  "ava": {
-    "extensions": [
-      "ts"
-    ],
-    "require": [
-      "ts-node/register"
-    ],
-    "files": [
-      "!**/*.d.ts"
-    ]
-  }
-}
+{
+  "name": "samlesa",
+  "version": "2.14.9",
+  "description": "High-level API for Single Sign On (SAML 2.0) baseed on samlify ",
+  "main": "build/index.js",
+  "keywords": [
+    "nodejs",
+    "saml2",
+    "sso",
+    "slo",
+    "metadata"
+  ],
+  "type": "module",
+  "typings": "types/index.d.ts",
+  "scripts": {
+    "build": "tsc && copyfiles -u 1 src/schema/**/* build/src",
+    "docs": "docsify serve -o docs",
+    "lint": "tslint -p .",
+    "lint:fix": "tslint -p . --fix",
+    "pretest": "make pretest",
+    "test": "NODE_ENV=test nyc ava",
+    "coverage": "nyc report --reporter=text-lcov | coveralls",
+    "hooks:postinstall": "ln -sf $PWD/.pre-commit.sh $PWD/.git/hooks/pre-commit"
+  },
+  "exports": {
+    ".": {
+      "types": "./types/index.d.ts",
+      "import": "./build/index.js"
+    }
+  },
+  "files": [
+    "build",
+    "types"
+  ],
+  "contributors": [
+    "Veclea <vemocle@gmail.com>"
+  ],
+  "author": "Veclea",
+  "repository": {
+    "url": "https://github.com/Veclea/samlify.git",
+    "type": "git"
+  },
+  "license": "MIT",
+  "dependencies": {
+    "@xmldom/xmldom": "^0.8.6",
+    "camelcase": "^8.0.0",
+    "pako": "^2.1.0",
+    "uuid": "^11.1.0",
+    "xml": "^1.0.1",
+    "xml-crypto": "^6.1.2",
+    "xml-encryption": "^3.1.0",
+    "xml-escape": "^1.1.0",
+    "xmllint-wasm": "^4.0.2",
+    "xpath": "^0.0.32"
+  },
+  "devDependencies": {
+    "@microsoft/api-extractor": "7.52.8",
+    "@types/node": "^22.15.17",
+    "@types/pako": "2.0.3",
+    "@types/uuid": "10.0.0",
+    "ava": "^4.1.0",
+    "copyfiles": "^2.4.1",
+    "coveralls": "^3.1.1",
+    "esbuild": "^0.25.4",
+    "nyc": "^17.1.0",
+    "timekeeper": "^2.2.0",
+    "typescript": "5.8.3"
+  },
+  "ava": {
+    "extensions": [
+      "ts"
+    ],
+    "require": [
+      "ts-node/register"
+    ],
+    "files": [
+      "!**/*.d.ts"
+    ]
+  }
+}

package/types/api.d.ts

@@ -0,0 +1,15 @@
+import { DOMParser as dom } from '@xmldom/xmldom';
+import type { Options as DOMParserOptions } from '@xmldom/xmldom';
+interface Context extends ValidatorContext, DOMParserContext {
+}
+interface ValidatorContext {
+    validate?: (xml: string) => Promise<any>;
+}
+interface DOMParserContext {
+    dom: dom;
+}
+export declare function getContext(): Context;
+export declare function setSchemaValidator(params: ValidatorContext): void;
+export declare function setDOMParserOptions(options?: DOMParserOptions): void;
+export {};
+//# sourceMappingURL=api.d.ts.map

package/types/api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../src/api.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,IAAI,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,OAAO,IAAI,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAElE,UAAU,OAAQ,SAAQ,gBAAgB,EAAE,gBAAgB;CAAG;AAE/D,UAAU,gBAAgB;IACxB,QAAQ,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;CAC1C;AAED,UAAU,gBAAgB;IACxB,GAAG,EAAE,GAAG,CAAC;CACV;AAOD,wBAAgB,UAAU,IAAG,OAAO,CAEnC;AAED,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,gBAAgB,GAAE,IAAI,CAShE;AAED,wBAAgB,mBAAmB,CAAC,OAAO,GAAE,gBAAqB,GAAE,IAAI,CAEvE"}

package/types/binding-post.d.ts

@@ -0,0 +1,48 @@
+/**
+* @file binding-post.ts
+* @author tngan
+* @desc Binding-level API, declare the functions using POST binding
+*/
+import type { BindingContext } from './entity.js';
+/**
+* @desc Generate a base64 encoded login request
+* @param  {string} referenceTagXPath           reference uri
+* @param  {object} entity                      object includes both idp and sp
+* @param  {function} customTagReplacement     used when developers have their own login response template
+*/
+declare function base64LoginRequest(referenceTagXPath: string, entity: any, customTagReplacement?: (template: string) => BindingContext): BindingContext;
+/**
+ * @desc Generate a base64 encoded login response
+ * @param  {object} requestInfo                 corresponding request, used to obtain the id
+ * @param  {object} entity                      object includes both idp and sp
+ * @param  {object} user                        current logged user (e.g. req.user)
+ * @param  {function} customTagReplacement     used when developers have their own login response template
+ * @param  {boolean}  encryptThenSign           whether or not to encrypt then sign first (if signing). Defaults to sign-then-encrypt
+ * @param AttributeStatement
+ */
+declare function base64LoginResponse(requestInfo: any | undefined, entity: any, user?: any, customTagReplacement?: (template: string) => BindingContext, encryptThenSign?: boolean, AttributeStatement?: never[]): Promise<BindingContext>;
+/**
+* @desc Generate a base64 encoded logout request
+* @param  {object} user                         current logged user (e.g. req.user)
+* @param  {string} referenceTagXPath            reference uri
+* @param  {object} entity                       object includes both idp and sp
+* @param  {function} customTagReplacement      used when developers have their own login response template
+* @return {string} base64 encoded request
+*/
+declare function base64LogoutRequest(user: Record<string, unknown>, referenceTagXPath: string, entity: any, customTagReplacement?: (template: string) => BindingContext): BindingContext;
+/**
+* @desc Generate a base64 encoded logout response
+* @param  {object} requestInfo                 corresponding request, used to obtain the id
+* @param  {string} referenceTagXPath           reference uri
+* @param  {object} entity                      object includes both idp and sp
+* @param  {function} customTagReplacement     used when developers have their own login response template
+*/
+declare function base64LogoutResponse(requestInfo: any, entity: any, customTagReplacement: (template: string) => BindingContext): BindingContext;
+declare const postBinding: {
+    base64LoginRequest: typeof base64LoginRequest;
+    base64LoginResponse: typeof base64LoginResponse;
+    base64LogoutRequest: typeof base64LogoutRequest;
+    base64LogoutResponse: typeof base64LogoutResponse;
+};
+export default postBinding;
+//# sourceMappingURL=binding-post.d.ts.map

package/types/binding-post.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"binding-post.d.ts","sourceRoot":"","sources":["../src/binding-post.ts"],"names":[],"mappings":"AAAA;;;;EAIE;AAGF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAMlD;;;;;EAKE;AACF,iBAAS,kBAAkB,CAAC,iBAAiB,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAqD/I;AACD;;;;;;;;GAQG;AACH,iBAAe,mBAAmB,CAAC,WAAW,EAAE,GAAG,YAAK,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,GAAE,GAAQ,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,EAAE,eAAe,GAAE,OAAe,EAAG,kBAAkB,UAAG,GAAG,OAAO,CAAC,cAAc,CAAC,CAuIrO;AACD;;;;;;;EAOE;AACF,iBAAS,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,iBAAiB,EAAC,MAAM,EAAE,MAAM,KAAA,EAAE,oBAAoB,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAkDzK;AACD;;;;;;EAME;AACF,iBAAS,oBAAoB,CAAC,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,oBAAoB,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,cAAc,GAAG,cAAc,CAsDvI;AAED,QAAA,MAAM,WAAW;;;;;CAKhB,CAAC;AAEF,eAAe,WAAW,CAAC"}