tenneo-auth-plugin 0.1.5 → 0.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/infrastructure/runtime/context.ts","../src/domain/tenant.ts","../src/infrastructure/storage/prefix.ts","../src/infrastructure/storage/namespace.ts","../src/infrastructure/storage/context.ts","../src/infrastructure/storage/memory-adapter.ts","../src/infrastructure/storage/session-adapter.ts","../src/infrastructure/storage/cookie-adapter.ts","../src/infrastructure/storage/api.ts","../src/utils/logger.ts","../src/domain/errors.ts","../src/domain/auth-lifecycle.ts","../src/application/lifecycle-state.ts","../src/strategies/oauth2-pkce/pkce.ts","../src/config/env.ts","../src/config/schema.ts","../src/config/types.ts","../src/config/constants.ts","../src/config/index.ts","../src/utils/validation.ts","../src/application/domain-facade.ts","../src/application/events/AuthEvents.ts","../src/application/security/redirectLoopGuard.ts","../src/strategies/oauth2-pkce/oauth.ts","../src/strategies/oauth2-pkce/token-exchange.ts","../src/strategies/oauth2-pkce/callback.ts","../src/infrastructure/tenant/TenantConfigCache.ts","../src/infrastructure/tenant/tenantResolution.ts","../src/application/flows/ForceLoginFlow.ts","../src/application/flows/CallbackFlow.ts","../src/application/flows/AuthenticatedFlow.ts","../src/application/engine/defaultEngine.ts","../src/application/token.ts","../src/application/flows/RefreshFlow.ts","../src/application/flows/TenantSwitchFlow.ts","../src/application/flows/LoginFlow.ts","../src/application/flows/getFlowForState.ts","../src/application/run-bootstrap.ts","../src/infrastructure/watchers/callbacks.ts","../src/application/bootstrap.ts","../src/strategies/cookie/cookie-auth.ts","../src/infrastructure/watchers/cookie-watcher.ts","../src/infrastructure/watchers/storage-watcher.ts","../src/utils/cookies.ts","../src/application/logout.ts","../src/context/AuthContext.tsx","../src/infrastructure/tenant/tenant.api.ts","../src/browser/adapters.ts","../src/strategies/oauth2-pkce/OAuth2PkceStrategy.ts","../src/application/engine/eventBus.ts","../src/application/engine/createEngine.ts","../src/context/AuthProvider.tsx","../src/components/AuthCallback.tsx","../src/hooks/useAuth.ts","../src/components/ProtectedRoute.tsx","../src/hooks/useAuthInit.ts"],"names":["getStorage","isDev","isCallbackUrl","z","STORAGE_KEYS","getRedirectUri","isLocalhost","axios","existingToken","tokenValid","getAccessToken","createContext","useContext","DEFAULT_SCOPES","listeners","useMemo","useRef","useLayoutEffect","useEffect","resolvedTenantKey","cleanUrl","useState","useCallback","logout","jsxs","jsx","Fragment"],"mappings":";;;;;;;;;;;;;AAOA,IAAI,cAAA,GAAqC,IAAA;AAElC,SAAS,eAAe,OAAA,EAAmC;AAChE,EAAA,cAAA,GAAiB,OAAA;AACnB;AAEO,SAAS,cAAA,GAAqC;AACnD,EAAA,OAAO,cAAA;AACT;;;ACEO,SAAS,YAAY,QAAA,EAA2B;AACrD,EAAA,OACE,aAAa,WAAA,IACb,QAAA,KAAa,WAAA,IACb,QAAA,KAAa,WACb,QAAA,CAAS,UAAA,CAAW,UAAU,CAAA,IAC9B,SAAS,UAAA,CAAW,KAAK,CAAA,IACzB,QAAA,CAAS,SAAS,QAAQ,CAAA;AAE9B;AAEA,SAAS,0BAAA,CACP,eACA,MAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,IAAI,QAAA;AACJ,IAAA,IAAI,cAAc,UAAA,CAAW,SAAS,KAAK,aAAA,CAAc,UAAA,CAAW,UAAU,CAAA,EAAG;AAC/E,MAAA,IAAI;AACF,QAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,aAAa,CAAA;AACjC,QAAA,QAAA,GAAW,GAAA,CAAI,QAAA;AAAA,MACjB,CAAA,CAAA,MAAQ;AACN,QAAA,QAAA,GAAW,aAAA,CAAc,QAAQ,cAAA,EAAgB,EAAE,EAAE,KAAA,CAAM,GAAG,EAAE,CAAC,CAAA;AAAA,MACnE;AAAA,IACF,CAAA,MAAO;AACL,MAAA,QAAA,GAAW,aAAA;AAAA,IACb;AACA,IAAA,MAAM,KAAA,GAAQ,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA;AAChC,IAAA,IAAI,KAAA,CAAM,MAAA,GAAS,CAAA,EAAG,OAAO,OAAO,aAAA,EAAc;AAClD,IAAA,MAAM,SAAA,GAAY,MAAM,CAAC,CAAA;AACzB,IAAA,IAAI,CAAC,aAAa,SAAA,CAAU,IAAA,OAAW,EAAA,EAAI,OAAO,OAAO,aAAA,EAAc;AACvE,IAAA,IAAI,SAAA,CAAU,MAAK,CAAE,WAAA,OAAkB,YAAA,EAAc,OAAO,OAAO,aAAA,EAAc;AACjF,IAAA,OAAO,UAAU,IAAA,EAAK;AAAA,EACxB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,OAAO,aAAA,EAAc;AAAA,EAC9B;AACF;AAKO,SAAS,uBAAA,CACd,GAAA,EACA,MAAA,EACAA,WAAAA,EACA,MAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,MAAA,GAAS,MAAA,CAAO,cAAc,CAAA,GAAI,0BAAA;AACzD,IAAA,MAAM,cAAA,GAAiBA,YAAW,cAAc,CAAA;AAChD,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,IAAI;AACF,QAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AAC7C,QAAA,IAAI,YAAY,SAAA,EAAW,IAAA,IAAQ,OAAO,WAAA,CAAY,UAAU,IAAA,EAAK;AAAA,MACvE,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AACA,IAAA,MAAM,mBAAA,GAAsB,MAAA,GAAS,MAAA,CAAO,YAAY,CAAA,GAAI,wBAAA;AAC5D,IAAA,MAAM,eAAA,GAAkBA,YAAW,mBAAmB,CAAA;AACtD,IAAA,IAAI,eAAA,EAAiB,IAAA,EAAK,EAAG,OAAO,gBAAgB,IAAA,EAAK;AAEzD,IAAA,MAAM,SAAA,GAAY,IAAI,eAAA,CAAgB,GAAA,CAAI,MAAM,CAAA;AAChD,IAAA,MAAM,kBAAA,GAAqB,SAAA,CAAU,GAAA,CAAI,GAAG,CAAA;AAC5C,IAAA,IAAI,kBAAA,EAAoB,MAAK,EAAG;AAC9B,MAAA,MAAM,aAAA,GAAgB,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA;AAC5C,MAAA,MAAM,UAAA,GAAa,aAAA,CAAc,MAAA,IAAU,CAAA,GACvC,aAAA,CAAc,KAAA,CAAM,CAAA,CAAE,CAAA,CAAE,IAAA,CAAK,GAAG,CAAA,GAChC,GAAA,CAAI,QAAA;AACR,MAAA,MAAM,oBAAoB,CAAA,EAAG,kBAAA,CAAmB,IAAA,EAAM,IAAI,UAAU,CAAA,CAAA;AACpE,MAAA,MAAM,GAAA,GAAM,0BAAA,CAA2B,iBAAA,EAAmB,MAAM,CAAA;AAChE,MAAA,IAAI,KAAK,OAAO,GAAA;AAChB,MAAA,OAAO,mBAAmB,IAAA,EAAK;AAAA,IACjC;AAEA,IAAA,MAAM,WAAA,GAAc,0BAAA,CAA2B,GAAA,CAAI,QAAA,EAAU,MAAM,CAAA;AACnE,IAAA,IAAI,aAAa,OAAO,WAAA;AAExB,IAAA,MAAM,UAAA,GAAa,OAAO,aAAA,EAAc;AACxC,IAAA,IAAI,UAAA,EAAY,IAAA,EAAK,EAAG,OAAO,WAAW,IAAA,EAAK;AAC/C,IAAA,MAAM,QAAA,GAAW,OAAO,WAAA,EAAY;AACpC,IAAA,IAAI,QAAA,EAAU,IAAA,EAAK,EAAG,OAAO,SAAS,IAAA,EAAK;AAC3C,IAAA,OAAO,OAAO,aAAA,EAAc;AAAA,EAC9B,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,UAAA,GAAa,OAAO,aAAA,EAAc;AACxC,IAAA,IAAI,UAAA,EAAY,IAAA,EAAK,EAAG,OAAO,WAAW,IAAA,EAAK;AAC/C,IAAA,OAAO,MAAA,CAAO,WAAA,EAAY,IAAK,MAAA,CAAO,aAAA,EAAc;AAAA,EACtD;AACF;AAGO,SAAS,qBAAqB,GAAA,EAAuB;AAC1D,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,GAAA,CAAI,MAAM,CAAA;AAC7C,EAAA,OAAO,OAAO,GAAA,CAAI,MAAM,CAAA,IAAK,MAAA,CAAO,IAAI,OAAO,CAAA;AACjD;;;AC1GA,IAAM,cAAA,GAAiB,cAAA;AAEvB,IAAI,aAAA,GAAgB,cAAA;AAEb,SAAS,mBAAA,GAA8B;AAC5C,EAAA,OAAO,aAAA;AACT;AAKA,SAAS,oBAAoB,UAAA,EAA4B;AACvD,EAAA,MAAM,OAAA,GAAU,WAAW,IAAA,EAAK;AAChC,EAAA,IAAI,CAAC,SAAS,OAAO,EAAA;AACrB,EAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,gBAAA,EAAkB,GAAG,EAAE,WAAA,EAAY;AAC5D;AAMO,SAAS,oBAAoB,UAAA,EAA0B;AAC5D,EAAA,MAAM,UAAA,GAAa,oBAAoB,UAAU,CAAA;AACjD,EAAA,aAAA,GAAgB,UAAA,GAAa,CAAA,EAAG,UAAU,CAAA,MAAA,CAAA,GAAW,cAAA;AACvD;AAKO,SAAS,cAAc,MAAA,EAAwB;AACpD,EAAA,OAAO,qBAAoB,GAAI,MAAA;AACjC;;;ACvBO,SAAS,eAAA,CACd,IACA,MAAA,EACQ;AACR,EAAA,MAAM,EAAE,QAAA,EAAU,KAAA,EAAM,GAAI,EAAA;AAC5B,EAAA,IAAI,CAAC,QAAA,IAAY,CAAC,KAAA,EAAO;AACvB,IAAA,OAAO,CAAA,EAAG,mBAAA,EAAqB,CAAA,EAAG,MAAM,CAAA,CAAA;AAAA,EAC1C;AACA,EAAA,MAAM,MAAM,QAAA,IAAY,EAAA;AACxB,EAAA,MAAM,MAAM,KAAA,IAAS,EAAA;AACrB,EAAA,OAAO,CAAA,KAAA,EAAQ,GAAG,CAAA,CAAA,EAAI,GAAG,IAAI,MAAM,CAAA,CAAA;AACrC;AAGO,IAAM,kBAAA,GAAqB;AAAA,EAChC,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,SAAA,EAAW;AACb,CAAA;AAGO,IAAM,mBAAA,GAAsB;AAAA,EACjC,aAAA,EAAe,iBAAA;AAAA,EACf,QAAA,EAAU,WAAA;AAAA,EACV,WAAA,EAAa,cAAA;AAAA,EACb,QAAA,EAAU,WAAA;AAAA,EACV,SAAA,EAAW,YAAA;AAAA,EACX,YAAA,EAAc,eAAA;AAAA,EACd,KAAA,EAAO,OAAA;AAAA,EACP,iBAAA,EAAmB,oBAAA;AAAA,EACnB,kBAAA,EAAoB,qBAAA;AAAA,EACpB,iBAAA,EAAmB,oBAAA;AAAA,EACnB,cAAA,EAAgB,kBAAA;AAAA,EAChB,aAAA,EAAe,gBAAA;AAAA,EACf,gBAAA,EAAkB,mBAAA;AAAA,EAClB,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,cAAA,EAAgB,iBAAA;AAAA,EAChB,YAAA,EAAc,gBAAA;AAAA,EACd,aAAA,EAAe,gBAAA;AAAA,EACf,mBAAA,EAAqB,uBAAA;AAAA,EACrB,kBAAA,EAAoB,qBAAA;AAAA,EACpB,eAAA,EAAiB,kBAAA;AAAA,EACjB,OAAA,EAAS;AACX,CAAA;;;AChDA,IAAI,cAAA,GAAwC,IAAA;AAC5C,IAAI,gBAAA,GAAqC,EAAE,QAAA,EAAU,EAAA,EAAI,OAAO,EAAA,EAAG;AAE5D,SAAS,iBAAA,CACd,OAAA,EACA,SAAA,GAAuC,EAAC,EAClC;AACN,EAAA,cAAA,GAAiB,OAAA;AACjB,EAAA,gBAAA,GAAmB;AAAA,IACjB,QAAA,EAAU,UAAU,QAAA,IAAY,EAAA;AAAA,IAChC,KAAA,EAAO,UAAU,KAAA,IAAS;AAAA,GAC5B;AACF;AAEO,SAAS,iBAAA,GAA2C;AACzD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,OAAA,EAAS,cAAA,EAAgB,OAAO,OAAA,CAAQ,cAAA;AAC5C,EAAA,OAAO,cAAA;AACT;AAEO,SAAS,mBAAA,GAAwC;AACtD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,SAAS,gBAAA,EAAkB,OAAO,EAAE,GAAG,QAAQ,gBAAA,EAAiB;AACpE,EAAA,OAAO,EAAE,GAAG,gBAAA,EAAiB;AAC/B;;;ACzBO,SAAS,2BACd,SAAA,EACgB;AAChB,EAAA,MAAM,KAAA,uBAAY,GAAA,EAAoB;AAEtC,EAAA,MAAM,gBAAgB,MAAyB;AAC7C,IAAA,MAAM,WAAA,GAAc,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA,IAAK,IAAA;AAC7F,IAAA,MAAM,YAAA,GAAe,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA,IAAK,IAAA;AAC/F,IAAA,MAAM,YAAA,GAAe,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA,IAAK,IAAA;AAC5F,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,IAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,IAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,IAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,EAChD,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,OAAO,aAAA,EAAc;AAAA,IACvB,CAAA;AAAA,IACA,aAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACxF,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AAC1F,MAAA,KAAA,CAAM,GAAA,CAAI,gBAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,IAC9F,CAAA;AAAA,IACA,cAAc,MAAA,EAA0B;AACtC,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACxF,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AAC1F,MAAA,KAAA,CAAM,GAAA,CAAI,gBAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,IAC9F,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvE,CAAA;AAAA,IACA,eAAA,GAAwB;AACtB,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvE,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,OAAO,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,IAC3B,CAAA;AAAA,IACA,YAAY,GAAA,EAA4B;AACtC,MAAA,OAAO,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,IAC3B,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,KAAA,CAAM,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,IACtB,CAAA;AAAA,IACA,WAAA,CAAY,KAAa,KAAA,EAAqB;AAC5C,MAAA,KAAA,CAAM,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,IACtB,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,IAClB,CAAA;AAAA,IACA,eAAe,GAAA,EAAmB;AAChC,MAAA,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,IAClB,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,KAAA,CAAM,KAAA,EAAM;AAAA,IACd,CAAA;AAAA,IACA,SAAA,GAAkB;AAChB,MAAA,KAAA,CAAM,KAAA,EAAM;AAAA,IACd;AAAA,GACF;AACF;;;ACtEA,SAAS,iBAAA,GAAoC;AAC3C,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,EAAA,IAAI;AACF,IAAA,OAAO,MAAA,CAAO,cAAA;AAAA,EAChB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEO,SAAS,kCACd,SAAA,EACgB;AAChB,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,OAAO,kBAAkB,SAAS,CAAA;AAAA,IACpC,CAAA;AAAA,IACA,aAAA,GAAmC;AACjC,MAAA,OAAO,kBAAkB,SAAS,CAAA;AAAA,IACpC,CAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,iBAAA,CAAkB,WAAW,MAAM,CAAA;AAAA,IACrC,CAAA;AAAA,IACA,cAAc,MAAA,EAA0B;AACtC,MAAA,iBAAA,CAAkB,WAAW,MAAM,CAAA;AAAA,IACrC,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,mBAAA,CAAoB,SAAS,CAAA;AAAA,IAC/B,CAAA;AAAA,IACA,eAAA,GAAwB;AACtB,MAAA,mBAAA,CAAoB,SAAS,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,OAAO,gBAAgB,GAAG,CAAA;AAAA,IAC5B,CAAA;AAAA,IACA,YAAY,GAAA,EAA4B;AACtC,MAAA,OAAO,gBAAgB,GAAG,CAAA;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,eAAA,CAAgB,KAAK,KAAK,CAAA;AAAA,IAC5B,CAAA;AAAA,IACA,WAAA,CAAY,KAAa,KAAA,EAAqB;AAC5C,MAAA,eAAA,CAAgB,KAAK,KAAK,CAAA;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,kBAAA,CAAmB,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA,IACA,eAAe,GAAA,EAAmB;AAChC,MAAA,kBAAA,CAAmB,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,aAAA,CAAc,SAAS,CAAA;AAAA,IACzB,CAAA;AAAA,IACA,SAAA,GAAkB;AAChB,MAAA,aAAA,CAAc,SAAS,CAAA;AAAA,IACzB;AAAA,GACF;AACF;AAEA,SAAS,kBAAkB,EAAA,EAAyC;AAClE,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AACrB,EAAA,IAAI;AACF,IAAA,MAAM,cAAc,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvF,IAAA,MAAM,eAAe,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACzF,IAAA,MAAM,eAAe,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAC,CAAA;AACtF,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,IAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,IAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,IAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,EAChD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,SAAS,iBAAA,CAAkB,IAAsB,MAAA,EAA0B;AACzE,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,QAAQ,eAAA,CAAgB,EAAA,EAAI,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACvF,IAAA,OAAA,CAAQ,QAAQ,eAAA,CAAgB,EAAA,EAAI,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AACzF,IAAA,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,EAC7F,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,oBAAoB,EAAA,EAA4B;AACvD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACtE,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACvE,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,EACtE,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,gBAAgB,GAAA,EAA4B;AACnD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AACrB,EAAA,IAAI;AACF,IAAA,OAAO,OAAA,CAAQ,QAAQ,GAAG,CAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,SAAS,eAAA,CAAgB,KAAa,KAAA,EAAqB;AACzD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,mBAAmB,GAAA,EAAmB;AAC7C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,WAAW,GAAG,CAAA;AAAA,EACxB,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,cAAc,EAAA,EAA4B;AACjD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,EAAA,CAAG,QAAA,IAAY,EAAA,CAAG,QAC7B,CAAA,KAAA,EAAQ,EAAA,CAAG,QAAA,IAAY,EAAE,CAAA,CAAA,EAAI,EAAA,CAAG,KAAA,IAAS,EAAE,MAC3C,mBAAA,EAAoB;AACxB,IAAA,MAAM,OAAiB,EAAC;AACxB,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,OAAA,CAAQ,QAAQ,CAAA,EAAA,EAAK;AACvC,MAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,GAAA,CAAI,CAAC,CAAA;AACzB,MAAA,IAAI,OAAO,GAAA,CAAI,UAAA,CAAW,MAAM,CAAA,EAAG,IAAA,CAAK,KAAK,GAAG,CAAA;AAAA,IAClD;AACA,IAAA,IAAA,CAAK,QAAQ,CAAC,CAAA,KAAM,OAAA,CAAQ,UAAA,CAAW,CAAC,CAAC,CAAA;AAAA,EAC3C,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;;;ACjJA,IAAM,sBAAA,GAAyB;AAAA,EAC7B,IAAA,EAAM,GAAA;AAAA,EACN,QAAA,EAAU,KAAA;AAAA,EACV,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK;AAAA;AACzB,CAAA;AAEA,SAAS,WAAA,GAA+B;AACtC,EAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAC5C,EAAA,OAAO,QAAA;AACT;AAEA,SAAS,UAAU,IAAA,EAA6B;AAC9C,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,IAAO,CAAC,GAAA,CAAI,QAAQ,OAAO,IAAA;AAChC,EAAA,MAAM,KAAA,GAAQ,IAAI,MAAA,CAAO,KAAA,CAAM,IAAI,MAAA,CAAO,OAAA,GAAU,IAAA,GAAO,UAAU,CAAC,CAAA;AACtE,EAAA,OAAO,KAAA,GAAQ,kBAAA,CAAmB,KAAA,CAAM,CAAC,CAAC,CAAA,GAAI,IAAA;AAChD;AAEA,SAAS,SAAA,CACP,IAAA,EACA,KAAA,EACA,OAAA,GAAoF,EAAC,EAC/E;AACN,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,EAAK;AACV,EAAA,MAAM,EAAE,IAAA,GAAO,GAAA,EAAK,QAAA,GAAW,KAAA,EAAO,MAAA,EAAO,GAAI,EAAE,GAAG,sBAAA,EAAwB,GAAG,OAAA,EAAQ;AACzF,EAAA,IAAI,MAAA,GAAS,CAAA,EAAG,kBAAA,CAAmB,IAAI,CAAC,CAAA,CAAA,EAAI,kBAAA,CAAmB,KAAK,CAAC,CAAA,MAAA,EAAS,IAAI,CAAA,UAAA,EAAa,QAAQ,CAAA,CAAA;AACvG,EAAA,IAAI,MAAA,IAAU,IAAA,EAAM,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AAChD,EAAA,GAAA,CAAI,MAAA,GAAS,MAAA;AACf;AAEA,SAAS,aAAa,IAAA,EAAoB;AACxC,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,EAAK;AACV,EAAA,GAAA,CAAI,MAAA,GAAS,CAAA,EAAG,kBAAA,CAAmB,IAAI,CAAC,CAAA,kBAAA,CAAA;AAC1C;AAEO,SAAS,0BAAA,CACd,WACA,OAAA,EACgB;AAChB,EAAA,MAAM,MAAA,GAAS,SAAS,YAAA,IAAgB,MAAA;AACxC,EAAA,MAAM,SAAA,GAAY,SAAA,CAAU,QAAA,IAAY,SAAA,CAAU,QAC9C,CAAA,KAAA,EAAQ,SAAA,CAAU,QAAA,IAAY,EAAE,CAAA,CAAA,EAAI,SAAA,CAAU,KAAA,IAAS,EAAE,MACzD,mBAAA,EAAoB;AAExB,EAAA,MAAM,aAAa,CAAC,MAAA,KAClB,GAAG,MAAM,CAAA,CAAA,EAAI,UAAU,QAAA,IAAY,GAAG,CAAA,CAAA,EAAI,SAAA,CAAU,SAAS,GAAG,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA,CAAG,OAAA,CAAQ,kBAAkB,GAAG,CAAA;AAE5G,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,MAAM,WAAA,GAAc,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACxE,MAAA,MAAM,YAAA,GAAe,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AAC1E,MAAA,MAAM,YAAA,GAAe,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AACvE,MAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,MAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,MAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,MAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,IAChD,CAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAA,EAAG,MAAA,CAAO,aAAa,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,EAAI,CAAA;AAC7F,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAA,EAAG,MAAA,CAAO,YAAA,EAAc,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,CAAA,EAAG,CAAA;AACxG,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAA,EAAG,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,IAAI,CAAA;AAAA,IACxG,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvD,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxD,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvD,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,OAAO,SAAA,CAAU,UAAA,CAAW,IAAI,CAAC,CAAA;AAAA,IACnC,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,SAAA,CAAU,UAAA,CAAW,IAAI,CAAA,EAAG,KAAK,CAAA;AAAA,IACnC,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,YAAA,CAAa,UAAA,CAAW,IAAI,CAAC,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,MAAM,QAAA,GAAW,MAAA,CAAO,MAAA,CAAO,kBAAkB,CAAA;AACjD,MAAA,QAAA,CAAS,QAAQ,CAAC,CAAA,KAAM,aAAa,UAAA,CAAW,CAAC,CAAC,CAAC,CAAA;AACnD,MAAA,MAAA,CAAO,MAAA,CAAO,mBAAmB,CAAA,CAAE,OAAA,CAAQ,CAAC,WAAW,YAAA,CAAa,UAAA,CAAW,MAAM,CAAC,CAAC,CAAA;AAAA,IACzF;AAAA,GACF;AACF;;;AChGA,IAAM,YAAA,GAAe;AAAA,EACnB,aAAA,EAAe,iBAAA;AAAA,EACf,QAAA,EAAU,WAAA;AAAA,EACV,WAAA,EAAa,cAAA;AAAA,EACb,QAAA,EAAU,WAAA;AAAA,EACV,SAAA,EAAW,YAAA;AAAA,EACX,YAAA,EAAc,eAAA;AAAA,EACd,KAAA,EAAO,OAAA;AAAA,EACP,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,SAAA,EAAW;AACb,CAAA;AAEO,IAAM,YAAA,GAA4B;AAAA,EACvC,IAAI,aAAA,GAAgB;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,aAAa,CAAA;AAAA,EAAG,CAAA;AAAA,EACxE,IAAI,QAAA,GAAW;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,QAAQ,CAAA;AAAA,EAAG,CAAA;AAAA,EAC9D,IAAI,WAAA,GAAc;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,WAAW,CAAA;AAAA,EAAG,CAAA;AAAA,EACpE,IAAI,QAAA,GAAW;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,QAAQ,CAAA;AAAA,EAAG,CAAA;AAAA,EAC9D,IAAI,SAAA,GAAY;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,SAAS,CAAA;AAAA,EAAG,CAAA;AAAA,EAChE,IAAI,YAAA,GAAe;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,YAAY,CAAA;AAAA,EAAG,CAAA;AAAA,EACtE,IAAI,KAAA,GAAQ;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,KAAK,CAAA;AAAA,EAAG,CAAA;AAAA,EACxD,IAAI,WAAA,GAAc;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,WAAW,CAAA;AAAA,EAAG,CAAA;AAAA,EACpE,IAAI,YAAA,GAAe;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,YAAY,CAAA;AAAA,EAAG,CAAA;AAAA,EACtE,IAAI,SAAA,GAAY;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,SAAS,CAAA;AAAA,EAAG;AAClE,CAAA;AAEA,SAAS,YAAY,GAAA,EAAqB;AACxC,EAAA,MAAM,SAAS,mBAAA,EAAoB;AACnC,EAAA,OAAO,GAAA,CAAI,WAAW,MAAM,CAAA,GAAI,IAAI,KAAA,CAAM,MAAA,CAAO,MAAM,CAAA,GAAI,GAAA;AAC7D;AAEO,SAAS,UAAA,CAAW,KAAa,KAAA,EAAqB;AAC3D,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,WAAA,EAAa;AAC3B,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,WAAA,CAAY,eAAA,CAAgB,EAAA,EAAI,MAAM,GAAG,KAAK,CAAA;AAAA,EACxD,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,WAAW,GAAA,EAA4B;AACrD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS,WAAA,EAAa,OAAO,IAAA;AAClC,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAO,OAAA,CAAQ,WAAA,CAAY,eAAA,CAAgB,EAAA,EAAI,MAAM,CAAC,CAAA;AAAA,EACxD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEO,SAAS,cAAc,GAAA,EAAmB;AAC/C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,cAAA,EAAgB;AAC9B,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,cAAA,CAAe,eAAA,CAAgB,EAAA,EAAI,MAAM,CAAC,CAAA;AAAA,EACpD,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,gBAAA,GAAyB;AACvC,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,SAAA,EAAW;AACzB,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,eAAA,IAAkB;AAC1B,IAAA,OAAA,CAAQ,SAAA,EAAU;AAAA,EACpB,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,uBAAA,GAAgC;AAC9C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,SAAA,EAAW;AACzB,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,eAAA,IAAkB;AAC1B,IAAA,OAAA,CAAQ,SAAA,EAAU;AAAA,EACpB,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,eAAA,GAAwB;AACtC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI;AACF,IAAA,OAAA,EAAS,cAAc,YAAA,EAAa;AAAA,EACtC,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,eAAA,GAAwB;AACtC,EAAA,MAAM,UAAA,GAAa,UAAA,CAAW,aAAA,CAAc,aAAa,CAAC,CAAA;AAC1D,EAAA,MAAM,gBAAA,GAAmB,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACvE,EAAA,MAAM,kBAAA,GAAqB,UAAA,CAAW,aAAA,CAAc,sBAAsB,CAAC,CAAA;AAE3E,EAAA,uBAAA,EAAwB;AACxB,EAAA,gBAAA,EAAiB;AAEjB,EAAA,IAAI,eAAe,MAAA,EAAQ,UAAA,CAAW,aAAA,CAAc,aAAa,GAAG,MAAM,CAAA;AAC1E,EAAA,IAAI,qBAAqB,MAAA,EAAQ,UAAA,CAAW,aAAA,CAAc,oBAAoB,GAAG,MAAM,CAAA;AACvF,EAAA,IAAI,kBAAA,EAAoB,UAAA,CAAW,aAAA,CAAc,sBAAsB,GAAG,kBAAkB,CAAA;AAE5F,EAAA,eAAA,EAAgB;AAClB;AAEO,SAAS,cAAA,GAAgC;AAC9C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,WAAA,IAAe,IAAA;AAAA,EAC3B;AACA,EAAA,OAAO,UAAA,CAAW,aAAa,WAAW,CAAA;AAC5C;AAEO,SAAS,eAAA,GAAiC;AAC/C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,YAAA,IAAgB,IAAA;AAAA,EAC5B;AACA,EAAA,OAAO,UAAA,CAAW,aAAa,YAAY,CAAA;AAC7C;AAEO,SAAS,YAAA,GAA8B;AAC5C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,SAAA,IAAa,IAAA;AAAA,EACzB;AACA,EAAA,MAAM,SAAA,GAAY,UAAA,CAAW,YAAA,CAAa,SAAS,CAAA;AACnD,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,MAAM,SAAA,GAAY,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA;AACxC,EAAA,OAAO,KAAA,CAAM,SAAS,CAAA,GAAI,IAAA,GAAO,SAAA;AACnC;AAEO,SAAS,oBAAA,GAAgC;AAC9C,EAAA,MAAM,YAAY,YAAA,EAAa;AAC/B,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,MAAM,SAAS,EAAA,GAAK,GAAA;AACpB,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,IAAK,SAAA,GAAY,MAAA;AACnC;AAKO,SAAS,WAAA,GAA6B;AAC3C,EAAA,OAAO,UAAA,CAAW,aAAa,QAAQ,CAAA;AACzC;AACO,SAAS,cAAA,GAAgC;AAC9C,EAAA,OAAO,UAAA,CAAW,aAAa,WAAW,CAAA;AAC5C;AACO,SAAS,WAAA,GAA6B;AAC3C,EAAA,OAAO,UAAA,CAAW,aAAa,QAAQ,CAAA;AACzC;AACO,SAAS,eAAA,GAAiC;AAC/C,EAAA,OAAO,UAAA,CAAW,aAAa,YAAY,CAAA;AAC7C;AACO,SAAS,QAAA,GAA0B;AACxC,EAAA,OAAO,UAAA,CAAW,aAAa,KAAK,CAAA;AACtC;AACO,SAAS,YAAA,GAA8B;AAC5C,EAAA,OAAO,UAAA,CAAW,aAAa,SAAS,CAAA;AAC1C;AACO,SAAS,aAAa,SAAA,EAAyB;AACpD,EAAA,UAAA,CAAW,YAAA,CAAa,WAAW,SAAS,CAAA;AAC9C;;;AC/KA,SAAS,KAAA,GAAiB;AACxB,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,MAAM,QAAA,GAAW,OAAO,QAAA,CAAS,QAAA;AACjC,EAAA,OACE,aAAa,WAAA,IACb,QAAA,KAAa,WAAA,IACb,QAAA,KAAa,WACb,QAAA,CAAS,UAAA,CAAW,UAAU,CAAA,IAC9B,SAAS,UAAA,CAAW,KAAK,CAAA,IACzB,QAAA,CAAS,SAAS,QAAQ,CAAA;AAE9B;AAEA,IAAM,SAAN,MAAa;AAAA,EAAb,WAAA,GAAA;AACE,IAAA,IAAA,CAAQ,MAAA,GAAS,8BAAA;AAAA,EAAA;AAAA,EAET,GAAA,CAAI,KAAA,EAAiB,OAAA,EAAiB,IAAA,EAAsB;AAClE,IAAA,MAAM,SAAA,GAAA,iBAAY,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AACzC,IAAA,MAAM,UAAA,GAAa,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,EAAA,EAAK,SAAS,CAAA,GAAA,EAAM,KAAA,CAAM,WAAA,EAAa,CAAA,EAAA,EAAK,OAAO,CAAA,CAAA;AAEpF,IAAA,QAAQ,KAAA;AAAO,MACb,KAAK,MAAA;AACH,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AAClC,QAAA;AAAA,MACF,KAAK,MAAA;AACH,QAAA,OAAA,CAAQ,IAAA,CAAK,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AACnC,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,OAAA,CAAQ,KAAA,CAAM,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AACpC,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,IAAI,OAAM,EAAG;AACX,UAAA,OAAA,CAAQ,KAAA,CAAM,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AAAA,QACtC;AACA,QAAA;AAAA;AACJ,EACF;AAAA,EAEA,IAAA,CAAK,SAAiB,IAAA,EAAsB;AAC1C,IAAA,IAAA,CAAK,GAAA,CAAI,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,IAAA,CAAK,SAAiB,IAAA,EAAsB;AAC1C,IAAA,IAAA,CAAK,GAAA,CAAI,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,KAAA,CAAM,SAAiB,IAAA,EAAsB;AAC3C,IAAA,IAAA,CAAK,GAAA,CAAI,OAAA,EAAS,OAAA,EAAS,IAAI,CAAA;AAAA,EACjC;AAAA,EAEA,KAAA,CAAM,SAAiB,IAAA,EAAsB;AAC3C,IAAA,IAAA,CAAK,GAAA,CAAI,OAAA,EAAS,OAAA,EAAS,IAAI,CAAA;AAAA,EACjC;AACF,CAAA;AAEO,IAAM,MAAA,GAAS,IAAI,MAAA,EAAO;;;AC3DjC,SAAS,oBAAoB,QAAA,EAA2B;AACtD,EAAA,OAAO,QAAA,KAAa,WAAA,IAAe,QAAA,KAAa,WAAA,IAC9C,SAAS,UAAA,CAAW,UAAU,CAAA,IAAK,QAAA,CAAS,UAAA,CAAW,KAAK,CAAA,IAAK,QAAA,CAAS,WAAW,SAAS,CAAA;AAClG;AAEA,SAASC,MAAAA,GAAiB;AACxB,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,KAAA;AAC1C,EAAA,OAAO,mBAAA,CAAoB,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AACrD;AAEO,SAAS,YAAA,CAAa,iBAA0B,IAAA,EAAY;AACjE,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAEnC,EAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,QAAA,CAAS,QAAA,KAAa,WAAA,IACrD,OAAO,QAAA,CAAS,QAAA,KAAa,WAAA,IAC7B,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,WAAW,UAAU,CAAA,IAC9C,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,UAAA,CAAW,KAAK,CAAA,IACzC,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,UAAA,CAAW,SAAS,CAAA;AAG/C,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAA,KAAa,OAAA;AAE5C,EAAA,IAAI,cAAA,IAAkB,qBAAqB,MAAA,EAAQ;AACjD,IAAA,MAAA,CAAO,MAAM,2CAA2C,CAAA;AACxD,IAAA;AAAA,EACF;AAEA,EAAA,IAAI,MAAA,IAAU,CAAC,iBAAA,EAAmB;AAChC,IAAA,MAAM,KAAA,GAAQ,IAAI,KAAA,CAAM,oFAAoF,CAAA;AAC5G,IAAA,MAAA,CAAO,MAAM,0BAAA,EAA4B;AAAA,MACvC,QAAA,EAAU,OAAO,QAAA,CAAS,QAAA;AAAA,MAC1B,QAAA,EAAU,OAAO,QAAA,CAAS;AAAA,KAC3B,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AAEA,EAAA,MAAA,CAAO,MAAM,oBAAA,EAAsB,EAAE,UAAU,MAAA,CAAO,QAAA,CAAS,UAAU,CAAA;AAC3E;AAEO,SAAS,oBAAA,CAAqB,OAAgB,cAAA,EAAgC;AACnF,EAAA,IAAIA,QAAM,EAAG;AACX,IAAA,IAAI,KAAA,YAAiB,KAAA,EAAO,OAAO,KAAA,CAAM,OAAA;AACzC,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AACA,EAAA,OAAO,cAAA;AACT;AAEO,IAAM,cAAA,GAAN,cAA6B,KAAA,CAAM;AAAA,EAIxC,WAAA,CAAY,IAAA,EAAc,cAAA,EAAwB,aAAA,EAAyB;AACzE,IAAA,KAAA,CAAM,cAAc,CAAA;AACpB,IAAA,IAAA,CAAK,IAAA,GAAO,gBAAA;AACZ,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AACZ,IAAA,IAAIA,MAAAA,EAAM,IAAK,aAAA,YAAyB,KAAA,EAAO;AAC7C,MAAA,IAAA,CAAK,kBAAkB,aAAA,CAAc,OAAA;AAAA,IACvC;AAAA,EACF;AACF;;;AC9BO,SAAS,0BAA0B,KAAA,EAA8C;AACtF,EAAA,MAAM;AAAA,IACJ,GAAA;AAAA,IACA,UAAA,EAAAD,WAAAA;AAAA,IACA,aAAA,EAAAE,cAAAA;AAAA,IACA,aAAA;AAAA,IACA,QAAA;AAAA,IACA,eAAA;AAAA,IACA;AAAA,GACF,GAAI,KAAA;AAEJ,EAAA,MAAM,UAAA,GAAaF,WAAAA,CAAW,aAAa,CAAA,KAAM,MAAA;AACjD,EAAA,MAAM,iBAAA,GAAoBA,WAAAA,CAAW,oBAAoB,CAAA,KAAM,MAAA;AAC/D,EAAA,MAAM,cAAA,GAAiBA,WAAAA,CAAW,iBAAiB,CAAA,KAAM,MAAA;AAEzD,EAAA,IAAI,YAAY,OAAO,aAAA;AACvB,EAAA,IAAIE,cAAAA,CAAc,GAAG,CAAA,EAAG,OAAO,qBAAA;AAC/B,EAAA,IAAI,eAAe,OAAO,eAAA;AAC1B,EAAA,IAAI,iBAAA,IAAqB,CAAC,QAAA,EAAU,OAAO,gBAAA;AAC3C,EAAA,IAAI,QAAA,IAAY,cAAA,IAAkB,eAAA,EAAiB,OAAO,eAAA;AAC1D,EAAA,IAAI,QAAA,IAAY,cAAA,IAAkB,CAAC,eAAA,EAAiB,OAAO,gBAAA;AAC3D,EAAA,IAAI,gBAAgB,OAAO,eAAA;AAE3B,EAAA,OAAO,gBAAA;AACT;;;ACtDA,IAAM,kBAAA,GAAqB,GAAA;AAE3B,IAAI,mBAAA,GAAsB,KAAA;AAC1B,IAAI,kBAAA,GAAqB,CAAA;AAEzB,IAAI,kBAAA,GAAqB,KAAA;AAEzB,IAAI,cAAA,GAAiB,KAAA;AACrB,IAAI,aAAA,GAAgB,CAAA;AAEb,SAAS,qBAAA,GAAiC;AAC/C,EAAA,IAAI,CAAC,qBAAqB,OAAO,KAAA;AACjC,EAAA,IAAI,CAAC,oBAAoB,OAAO,IAAA;AAChC,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,GAAI,kBAAA,GAAqB,kBAAA;AAC3C;AAEO,SAAS,sBAAA,GAA+B;AAC7C,EAAA,mBAAA,GAAsB,IAAA;AACtB,EAAA,kBAAA,GAAqB,KAAK,GAAA,EAAI;AAChC;AAEO,SAAS,wBAAA,GAAiC;AAC/C,EAAA,mBAAA,GAAsB,KAAA;AACtB,EAAA,kBAAA,GAAqB,CAAA;AACvB;AAEO,SAAS,oBAAA,GAAgC;AAC9C,EAAA,OAAO,kBAAA;AACT;AAEO,SAAS,qBAAA,GAA8B;AAC5C,EAAA,kBAAA,GAAqB,IAAA;AACvB;AAEO,SAAS,uBAAA,GAAgC;AAC9C,EAAA,kBAAA,GAAqB,KAAA;AACvB;AAEO,SAAS,gBAAA,GAA4B;AAC1C,EAAA,OAAO,cAAA;AACT;AAMO,SAAS,iBAAA,GAA0B;AACxC,EAAA,cAAA,GAAiB,IAAA;AACjB,EAAA,aAAA,GAAgB,KAAK,GAAA,EAAI;AAC3B;AAEO,SAAS,mBAAA,GAA4B;AAC1C,EAAA,cAAA,GAAiB,KAAA;AACjB,EAAA,aAAA,GAAgB,CAAA;AAClB;AAEO,SAAS,eAAA,CAAgB,cAAsB,GAAA,EAAe;AACnE,EAAA,IAAI,CAAC,eAAe,OAAO,IAAA;AAC3B,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,GAAI,aAAA,GAAgB,WAAA;AACtC;AAGO,SAAS,cAAA,GAAuB;AACrC,EAAA,mBAAA,EAAoB;AACtB;AAEO,SAAS,YAAA,GAAqB;AACnC,EAAA,iBAAA,EAAkB;AACpB;;;AChEO,SAAS,oBAAA,CAAqB,SAAiB,GAAA,EAAa;AACjE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAE5B,EAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,KAAK,CAAC,CAAA;AACjD,EAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AACrB;AAKA,eAAsB,sBAAsB,QAAA,EAAmC;AAC7E,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,IAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,CAAO,QAAQ,CAAA;AACpC,IAAA,MAAM,aAAa,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,IAAI,CAAA;AAC7D,IAAA,MAAM,YAAY,KAAA,CAAM,IAAA,CAAK,IAAI,UAAA,CAAW,UAAU,CAAC,CAAA;AACvD,IAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,SAAS,CAAC,CAAA;AACrD,IAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AAAA,EACrB,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,MAAM,mCAAmC,CAAA;AAAA,EACrD;AACF;AAKO,SAAS,aAAA,GAAwB;AACtC,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,EAAE,CAAA;AAC/B,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,KAAK,CAAC,CAAA;AACjD,EAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AACrB;;;AC5CA,IAAM,QAAA,GAA2D;AAAA,EAC/D,SAAA,EAAW,CAAC,gBAAA,EAAkB,WAAW,CAAA;AAAA,EACzC,SAAA,EAAW,CAAC,gBAAA,EAAkB,WAAW,CAAA;AAAA,EACzC,UAAA,EAAY,CAAC,iBAAA,EAAmB,YAAY;AAC9C,CAAA;AAEO,SAAS,YAAY,IAAA,EAAiC;AAC3D,EAAA,IAAI;AACF,IAAA,MAAM,CAAA,GAAI,OAAO,UAAA,KAAe,WAAA,GAAe,UAAA,GAAyC,IAAA;AACxF,IAAA,MAAM,GAAA,GAAM,CAAA,EAAG,OAAA,IAAW,OAAQ,CAAA,CAAE,QAAoC,GAAA,KAAQ,QAAA,GAC3E,CAAA,CAAE,OAAA,CAAoC,GAAA,GACvC,IAAA;AACJ,IAAA,IAAI,GAAA,EAAK;AACP,MAAA,KAAA,MAAW,OAAO,IAAA,EAAM;AACtB,QAAA,MAAM,CAAA,GAAI,IAAI,GAAG,CAAA;AACjB,QAAA,IAAI,CAAA,IAAK,IAAA,IAAQ,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK,EAAG,OAAO,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK;AAAA,MAC3D;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,GAAO,OAAO,qQAAA,KAAgB,WAAA,GAAe,SAAkD,GAAM,KAAA,CAAA;AAC3G,IAAA,IAAI,IAAA,EAAM;AACR,MAAA,KAAA,MAAW,OAAO,IAAA,EAAM;AACtB,QAAA,MAAM,CAAA,GAAI,KAAK,GAAG,CAAA;AAClB,QAAA,IAAI,CAAA,IAAK,IAAA,IAAQ,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK,EAAG,OAAO,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK;AAAA,MAC3D;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,EAAA;AACT;AAEA,IAAM,qBAAA,GAAwB,CAAC,YAAA,EAAc,4BAAA,EAA8B,kBAAkB,eAAA,EAAiB,eAAA,EAAiB,cAAA,EAAgB,iBAAA,EAAmB,gBAAgB,CAAA;AAElL,SAAS,kBAAA,GAAoD;AAC3D,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,EAAA,MAAM,CAAA,GAAI,MAAA;AACV,EAAA,MAAM,GAAA,GAAM,CAAA,CAAE,eAAA,IAAmB,CAAA,CAAE,cAAA;AACnC,EAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,UAAU,OAAO,IAAA;AAC5C,EAAA,KAAA,MAAW,aAAa,qBAAA,EAAuB;AAC7C,IAAA,IAAI,aAAa,GAAA,EAAK;AACpB,MAAA,MAAM,IAAI,MAAM,wDAAwD,CAAA;AAAA,IAC1E;AAAA,EACF;AACA,EAAA,MAAM,MAA8B,EAAC;AACrC,EAAA,MAAM,GAAA,GAA8B;AAAA,IAClC,QAAA,EAAU,WAAA;AAAA,IACV,QAAA,EAAU,WAAA;AAAA,IACV,UAAA,EAAY;AAAA,GACd;AACA,EAAA,KAAA,MAAW,CAAC,MAAA,EAAQ,MAAM,KAAK,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA,EAAG;AAClD,IAAA,MAAM,CAAA,GAAI,IAAI,MAAM,CAAA;AACpB,IAAA,IAAI,CAAA,IAAK,IAAA,IAAQ,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,CAAE,IAAA,EAAK,EAAG,GAAA,CAAI,MAAM,CAAA,GAAI,CAAA,CAAE,IAAA,EAAK;AAAA,EAC3E;AACA,EAAA,OAAO,MAAA,CAAO,IAAA,CAAK,GAAG,CAAA,CAAE,SAAS,GAAA,GAAM,IAAA;AACzC;AAEO,SAAS,aAAA,GAAwC;AACtD,EAAA,MAAM,UAAkC,EAAC;AACzC,EAAA,KAAA,MAAW,CAAC,GAAA,EAAK,OAAO,KAAK,MAAA,CAAO,OAAA,CAAQ,QAAQ,CAAA,EAAG;AACrD,IAAA,MAAM,CAAA,GAAI,YAAY,OAAO,CAAA;AAC7B,IAAA,IAAI,CAAA,EAAI,OAAA,CAAmC,GAAG,CAAA,GAAI,CAAA;AAAA,EACpD;AACA,EAAA,OAAO,OAAA;AACT;AAEO,SAAS,gBAAA,GAAkD;AAChE,EAAA,MAAM,MAAM,kBAAA,EAAmB;AAC/B,EAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,EAAA,OAAO,GAAA;AACT;ACzEA,IAAM,MAAA,GAASC,MAAE,MAAA,CAAO;AAAA,EACtB,WAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,GAAG,uBAAuB,CAAA;AAAA,EACpD,WAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,GAAG,uBAAuB,CAAA;AAAA,EACpD,YAAYA,KAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,GAAG,wBAAwB;AACxD,CAAC,CAAA;AAIM,SAAS,eAAe,IAAA,EAA8B;AAC3D,EAAA,OAAO,MAAA,CAAO,MAAM,IAAI,CAAA;AAC1B;;;ACUO,IAAM,oBAAA,GAAuB,CAAC,gCAAA,EAAkC,mBAAA,EAAqB,mBAAmB,gBAAgB,CAAA;AAGxH,IAAM,mBAAA,GAAsB,CAAC,WAAA,EAAa,WAAA,EAAa,YAAY,CAAA;;;AC1BnE,IAAM,eAAA,GAAkB;AAAA,EAC7B,MAAA,EAAQ,sBAAA;AAAA,EACR,aAAA,EAAe,MAAA;AAAA,EACf,qBAAA,EAAuB,MAAA;AAAA,EACvB,gBAAA,EAAkB,oBAAA;AAAA,EAClB,kBAAA,EAAoB;AACtB;AAEO,IAAM,kBAAA,GAAqB;AAE3B,IAAMC,aAAAA,GAAe;AAAA,EAC1B,aAAA,EAAe,GAAG,kBAAkB,CAAA,eAAA,CAAA;AAAA,EACpC,QAAA,EAAU,GAAG,kBAAkB,CAAA,SAAA,CAAA;AAAA,EAC/B,WAAA,EAAa,GAAG,kBAAkB,CAAA,YAAA,CAAA;AAAA,EAClC,QAAA,EAAU,GAAG,kBAAkB,CAAA,SAAA,CAAA;AAAA,EAC/B,YAAA,EAAc,GAAG,kBAAkB,CAAA,aAAA,CAAA;AAAA,EACnC,KAAA,EAAO,GAAG,kBAAkB,CAAA,KAAA,CAAA;AAAA,EAC5B,WAAA,EAAa,GAAG,kBAAkB,CAAA,YAAA,CAAA;AAAA,EAClC,YAAA,EAAc,GAAG,kBAAkB,CAAA,aAAA,CAAA;AAAA,EACnC,SAAA,EAAW,GAAG,kBAAkB,CAAA,UAAA;AAClC;AAE8B,eAAA,CAAgB;AACvC,IAAM,wBAAwB,eAAA,CAAgB,aAAA;AAC9C,IAAM,gCAAgC,eAAA,CAAgB,qBAAA;AACtD,IAAM,2BAA2B,eAAA,CAAgB,gBAAA;AACjD,IAAM,6BAA6B,eAAA,CAAgB,kBAAA;;;AC6B1D,IAAM,iBAAA,GAAoC;AAAA,EACxC,8BAAA,EAAgC,+BAAA;AAAA,EAChC,iBAAA,EAAmB,wBAAA;AAAA,EACnB,eAAA,EAAiB,wBAAA;AAAA,EACjB,cAAA,EAAgB;AAClB,CAAA;AAEA,SAAS,MAAM,GAAA,EAAmC;AAChD,EAAA,MAAM,IAAI,WAAA,CAAY,CAAC,QAAQ,GAAG,CAAA,CAAA,EAAI,GAAG,CAAC,CAAA;AAC1C,EAAA,OAAQ,CAAA,IAAK,EAAE,IAAA,EAAK,GAAK,EAAE,IAAA,EAAK,GAAI,kBAAkB,GAAG,CAAA;AAC3D;AAEO,IAAM,eAAA,GAAkC,OAAO,MAAA,CAAO;AAAA,EAC3D,8BAAA,EAAgC,MAAM,gCAAgC,CAAA;AAAA,EACtE,iBAAA,EAAmB,MAAM,mBAAmB,CAAA;AAAA,EAC5C,eAAA,EAAiB,MAAM,iBAAiB,CAAA;AAAA,EACxC,cAAA,EAAgB,MAAM,gBAAgB;AACxC,CAAC,CAAA;AAMM,IAAM,uBAAA,GAAyC,OAAO,MAAA,CAAO;AAAA,EAClE,SAAA,EAAW,QAAA;AAAA,EACX,SAAA,EAAW,sCAAA;AAAA,EACX,UAAA,EAAY;AACd,CAAC,CAAA;AAEM,SAAS,kBAAkB,MAAA,EAA8E;AAC9G,EAAA,IAAI,CAAC,MAAA,EAAQ,OAAO,EAAC;AACrB,EAAA,MAAM,SAAiC,EAAC;AACxC,EAAA,KAAA,MAAW,OAAO,mBAAA,EAAqB;AACrC,IAAA,MAAM,KAAA,GAAQ,OAAO,GAAG,CAAA;AACxB,IAAA,IAAI,KAAA,IAAS,IAAA,IAAQ,OAAO,KAAA,KAAU,QAAA,EAAU;AAC9C,MAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,MAAA,IAAI,OAAA,EAAS,MAAA,CAAO,GAAuB,CAAA,GAAI,OAAA;AAAA,IACjD;AAAA,EACF;AACA,EAAA,OAAO,MAAA;AACT;CAE6D;AAAA,EAC3D,GAAG,eAAA;AAAA,EACH,GAAG;AACL;AAQA,IAAI,mBAA2C,EAAC;AAChD,IAAI,yBAAiD,EAAC;AAEtD,SAAS,YAAA,CAAa,SAAwB,OAAA,EAAuE;AACnH,EAAA,IAAI,GAAA,GAAqB,EAAE,GAAG,IAAA,EAAK;AACnC,EAAA,KAAA,MAAW,OAAO,OAAA,EAAS;AACzB,IAAA,IAAI,CAAC,GAAA,EAAK;AACV,IAAA,KAAA,MAAW,GAAA,IAAO,MAAA,CAAO,IAAA,CAAK,GAAG,CAAA,EAA8B;AAC7D,MAAA,MAAM,KAAA,GAAQ,IAAI,GAAG,CAAA;AACrB,MAAA,IAAI,KAAA,IAAS,IAAA,IAAQ,MAAA,CAAO,KAAK,EAAE,IAAA,EAAK,KAAM,EAAA,EAAI,GAAA,CAAI,GAAG,CAAA,GAAI,MAAA,CAAO,KAAK,EAAE,IAAA,EAAK;AAAA,IAClF;AAAA,EACF;AACA,EAAA,OAAO,GAAA;AACT;AAEA,SAAS,0BAA0B,MAAA,EAAiD;AAClF,EAAA,IAAI,CAAC,MAAA,EAAQ;AACb,EAAA,KAAA,MAAW,OAAO,oBAAA,EAAsB;AACtC,IAAA,IAAI,OAAO,GAAG,CAAA,KAAM,QAAW,MAAM,IAAI,MAAM,wDAAwD,CAAA;AAAA,EACzG;AACF;AAEA,IAAM,gBAAA,GAAmB,IAAI,GAAA,CAAY,oBAAyC,CAAA;AAClF,IAAM,oBAAA,GAA4D;AAAA,EAChE,QAAA,EAAU,WAAA;AAAA,EACV,QAAA,EAAU,WAAA;AAAA,EACV,UAAA,EAAY;AACd,CAAA;AAEA,SAAS,yBAAyB,MAAA,EAAiE;AACjG,EAAA,IAAI,CAAC,QAAQ,OAAO,MAAA;AACpB,EAAA,MAAM,WAAmC,EAAC;AAC1C,EAAA,KAAA,MAAW,CAAC,GAAA,EAAK,GAAG,KAAK,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,EAAG;AAC/C,IAAA,IAAI,OAAO,IAAA,EAAM;AACjB,IAAA,IAAI,gBAAA,CAAiB,GAAA,CAAI,GAAG,CAAA,EAAG;AAC/B,IAAA,MAAM,OAAA,GAAU,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,EAAK;AACjC,IAAA,IAAI,CAAC,OAAA,EAAS;AACd,IAAA,MAAM,MAAA,GAAS,oBAAA,CAAqB,GAAG,CAAA,IAAK,GAAA;AAC5C,IAAA,QAAA,CAAS,MAAM,CAAA,GAAI,OAAA;AAAA,EACrB;AACA,EAAA,MAAM,MAAA,GAAS,kBAAkB,QAAQ,CAAA;AACzC,EAAA,OAAO,MAAA,CAAO,IAAA,CAAK,MAAM,CAAA,CAAE,SAAS,MAAA,GAAS,MAAA;AAC/C;AAMO,SAAS,cAAc,SAAA,EAAgE;AAC5F,EAAA,yBAAA,CAA0B,gBAAoD,CAAA;AAC9E,EAAA,yBAAA,CAA0B,SAAS,CAAA;AACnC,EAAA,MAAM,YAAY,gBAAA,EAAiB;AACnC,EAAA,MAAM,SAAS,aAAA,EAAc;AAC7B,EAAA,MAAM,aAAA,GAAgB,YAAA;AAAA,IACpB,uBAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA,IAAa,MAAA;AAAA,IACb,gBAAA;AAAA,IACA,yBAAyB,SAAS;AAAA,GACpC;AACA,EAAA,MAAM,gBAAA,GAAmB,eAAe,aAAa,CAAA;AACrD,EAAA,OAAO,EAAE,GAAG,eAAA,EAAiB,GAAG,gBAAA,EAAiB;AACnD;AAEO,SAAS,SAAA,GAA4C;AAC1D,EAAA,OAAO,aAAA,EAAc;AACvB;AAEO,SAAS,UAAU,SAAA,EAAqC;AAC7D,EAAA,yBAAA,CAA0B,SAAS,CAAA;AACnC,EAAA,MAAM,SAAA,GAAY,yBAAyB,SAAS,CAAA;AACpD,EAAA,IAAI,WAAW,gBAAA,GAAmB,EAAE,GAAG,gBAAA,EAAkB,GAAG,SAAA,EAAU;AACtE,EAAA,MAAM,EAAE,QAAA,EAAU,WAAA,EAAY,GAAI,SAAA;AAClC,EAAA,IAAI,QAAA,IAAY,IAAA,IAAQ,QAAA,CAAS,IAAA,EAAK,KAAM,EAAA,EAAI,sBAAA,GAAyB,EAAE,GAAG,sBAAA,EAAwB,QAAA,EAAU,QAAA,CAAS,MAAK,EAAE;AAChI,EAAA,IAAI,WAAA,IAAe,IAAA,IAAQ,WAAA,CAAY,IAAA,EAAK,KAAM,EAAA,EAAI,sBAAA,GAAyB,EAAE,GAAG,sBAAA,EAAwB,WAAA,EAAa,WAAA,CAAY,MAAK,EAAE;AAC9I;AAMO,SAAS,oBAAA,GAA6B;AAC3C,EAAA,gBAAA,GAAmB,EAAC;AACpB,EAAA,sBAAA,GAAyB,EAAC;AAC5B;AAMA,SAAS,iBAAA,GAA4B;AACnC,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,EAAA;AAC1C,EAAA,MAAM,CAAA,GAAI,MAAA;AACV,EAAA,MAAM,GAAA,GAAM,CAAA,CAAE,eAAA,IAAmB,CAAA,CAAE,cAAA;AACnC,EAAA,MAAM,KAAK,GAAA,EAAK,QAAA;AAChB,EAAA,IAAI,EAAA,IAAM,IAAA,IAAQ,OAAO,EAAA,KAAO,QAAA,IAAY,GAAG,IAAA,EAAK,EAAG,OAAO,EAAA,CAAG,IAAA,EAAK;AACtE,EAAA,MAAM,QAAA,GAAW,OAAO,QAAA,CAAS,QAAA;AACjC,EAAA,MAAM,WAAW,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA,CAAE,OAAO,OAAO,CAAA;AACnD,EAAA,MAAM,eAAe,CAAC,YAAA,EAAc,YAAY,cAAA,EAAgB,kBAAA,EAAoB,sBAAsB,oBAAoB,CAAA;AAC9H,EAAA,IAAI,QAAA,CAAS,SAAS,CAAA,IAAK,CAAC,aAAa,QAAA,CAAS,QAAA,CAAS,CAAC,CAAC,CAAA,EAAG;AAC9D,IAAA,IAAI,IAAA,GAAO,GAAA,GAAM,QAAA,CAAS,CAAC,CAAA;AAC3B,IAAA,IAAI,IAAA,CAAK,SAAS,GAAG,CAAA,SAAU,IAAA,CAAK,KAAA,CAAM,GAAG,EAAE,CAAA;AAC/C,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,EAAA;AACT;AAEO,SAAS,WAAA,GAAsB;AACpC,EAAA,IAAI,uBAAuB,QAAA,IAAY,IAAA,IAAQ,uBAAuB,QAAA,KAAa,EAAA,SAAW,sBAAA,CAAuB,QAAA;AACrH,EAAA,OAAO,iBAAA,EAAkB;AAC3B;AAMO,SAASC,eAAAA,GAAyB;AACvC,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,IAAA,OAAO,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,SAAA,CAAA;AAAA,EAClC;AACA,EAAA,OAAO,WAAA,CAAY,CAAC,mBAAA,EAAqB,cAAc,CAAC,CAAA,IAAK,gCAAA;AAC/D;AAEO,SAAS,gBAAA,GAA4B;AAC1C,EAAA,OAAO,kBAAiB,KAAM,IAAA,IAAQ,OAAO,IAAA,CAAK,gBAAgB,EAAE,MAAA,GAAS,CAAA;AAC/E;AAMO,IAAM,MAAA,GAAS;AAAA,EACpB,6BAAA,GAAwC;AACtC,IAAA,OAAO,WAAU,CAAE,8BAAA;AAAA,EACrB,CAAA;AAAA,EACA,iBAAA,GAA4B;AAC1B,IAAA,OAAO,WAAU,CAAE,iBAAA;AAAA,EACrB,CAAA;AAAA,EACA,gBAAA,GAA2B;AACzB,IAAA,OAAO,WAAU,CAAE,eAAA;AAAA,EACrB,CAAA;AAAA,EACA,gBAAA,GAA2B;AACzB,IAAA,OAAO,WAAU,CAAE,cAAA;AAAA,EACrB,CAAA;AAAA,EACA,WAAA,GAAsB;AACpB,IAAA,OAAO,WAAU,CAAE,SAAA;AAAA,EACrB,CAAA;AAAA,EACA,WAAA,GAAsB;AACpB,IAAA,OAAO,WAAU,CAAE,SAAA;AAAA,EACrB,CAAA;AAAA,EACA,aAAA,GAAwB;AACtB,IAAA,OAAO,WAAU,CAAE,UAAA;AAAA,EACrB,CAAA;AAAA,EACA,cAAA,GAAyB;AACvB,IAAA,OAAOA,eAAAA,EAAe;AAAA,EACxB,CAAA;AAAA,EACA,WAAA,GAAsB;AACpB,IAAA,OAAO,WAAA,EAAY;AAAA,EACrB,CAAA;AAAA,EACA,gBAAA,GAA4B;AAC1B,IAAA,OAAO,gBAAA,EAAiB;AAAA,EAC1B,CAAA;AAAA,EACA,MAAA,GAA6B;AAC3B,IAAA,MAAM,IAAI,SAAA,EAAU;AACpB,IAAA,OAAO;AAAA,MACL,4BAA4B,CAAA,CAAE,8BAAA;AAAA,MAC9B,gBAAgB,CAAA,CAAE,iBAAA;AAAA,MAClB,eAAe,CAAA,CAAE,eAAA;AAAA,MACjB,eAAe,CAAA,CAAE,cAAA;AAAA,MACjB,UAAU,CAAA,CAAE,SAAA;AAAA,MACZ,UAAU,CAAA,CAAE,SAAA;AAAA,MACZ,YAAY,CAAA,CAAE,UAAA;AAAA,MACd,aAAaA,eAAAA,EAAe;AAAA,MAC5B,UAAU,WAAA;AAAY,KACxB;AAAA,EACF;AACF;CAEkC;AAAA,EAChC,eAAA,EAAiB,OAAO,gBAAA,EAAiB;AAAA,EACzC,SAAA,EAAW,OAAO,WAAA,EAAY;AAAA,EAC9B,SAAA,EAAW,OAAO,WAAA,EAAY;AAAA,EAC9B,UAAA,EAAY,OAAO,aAAA;AACrB;AAMO,SAAS,YAAA,GAA0C;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAO,gBAAA,EAAiB;AAC9C,EAAA,MAAM,QAAA,GAAW,OAAO,WAAA,EAAY;AACpC,EAAA,MAAM,QAAA,GAAW,OAAO,WAAA,EAAY;AACpC,EAAA,MAAM,WAAA,GAAc,OAAO,cAAA,EAAe;AAC1C,EAAA,IAAI;AACF,IAAA,IAAI,IAAI,aAAa,CAAA;AACrB,IAAA,IAAI,IAAI,WAAW,CAAA;AAAA,EACrB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,OAAA,CAAQ,QAAQ,IAAI,CAAA;AAAA,EAC7B;AACA,EAAA,OAAO,QAAQ,OAAA,CAAQ;AAAA,IACrB,aAAA,EAAe,cAAc,IAAA,EAAK;AAAA,IAClC,QAAA,EAAU,SAAS,IAAA,EAAK;AAAA,IACxB,WAAA,EAAa,YAAY,IAAA,EAAK;AAAA,IAC9B,QAAA,EAAU,SAAS,IAAA;AAAK,GACzB,CAAA;AACH;AAEO,SAAS,gBAAA,GAAqC;AACnD,EAAA,MAAM,aAAA,GAAgB,OAAO,gBAAA,EAAiB;AAC9C,EAAA,MAAM,QAAA,GAAW,OAAO,WAAA,EAAY;AACpC,EAAA,MAAM,QAAA,GAAW,OAAO,WAAA,EAAY;AACpC,EAAA,MAAM,WAAA,GAAc,OAAO,cAAA,EAAe;AAC1C,EAAA,IAAI;AACF,IAAA,IAAI,IAAI,aAAa,CAAA;AACrB,IAAA,IAAI,IAAI,WAAW,CAAA;AAAA,EACrB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO;AAAA,IACL,aAAA,EAAe,cAAc,IAAA,EAAK;AAAA,IAClC,QAAA,EAAU,SAAS,IAAA,EAAK;AAAA,IACxB,WAAA,EAAa,YAAY,IAAA,EAAK;AAAA,IAC9B,QAAA,EAAU,SAAS,IAAA;AAAK,GAC1B;AACF;AAEO,SAAS,cAAA,GAA0B;AACxC,EAAA,OAAO,kBAAiB,KAAM,IAAA;AAChC;;;AC5UO,SAAS,YAAY,IAAA,EAAuB;AACjD,EAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,QAAA,EAAU;AACrC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,SAAA,GAAY,iEAAA;AAClB,EAAA,OAAO,SAAA,CAAU,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,CAAA;AACnC;AAOO,SAAS,iBAAiB,QAAA,EAA2E;AAC1G,EAAA,IAAI,CAAC,QAAA,IAAY,QAAA,CAAS,IAAA,OAAW,EAAA,EAAI;AACvC,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,WAAA,CAAY,QAAQ,CAAA,EAAG;AAC1B,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,SAAS,IAAA,EAAK;AACzB;;;ACtBO,SAASC,YAAAA,GAAuB;AACrC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,QAAA,GAAW,OAAA,GACb,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAA,GACnC,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,CAAO,QAAA,CAAS,QAAA,GAAW,EAAA;AAChE,EAAA,OAAO,YAAkB,QAAQ,CAAA;AACnC;AAEO,SAAS,gBAAA,GAAkC;AAChD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAC9C,IAAA,OAAO,uBAAA,CAAwB,GAAA,EAAK,OAAA,CAAQ,cAAA,EAAgB,YAAY,aAAa,CAAA;AAAA,EACvF;AACA,EAAA,OAAO,sBAAA,EAAuB;AAChC;AAEA,SAAS,sBAAA,GAAwC;AAC/C,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,OAAO,aAAA,EAAc;AAC/D,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,cAAc,CAAC,CAAA;AAC/D,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AAC7C,MAAA,IAAI,YAAY,SAAA,EAAW,IAAA,IAAQ,OAAO,WAAA,CAAY,UAAU,IAAA,EAAK;AAAA,IACvE;AACA,IAAA,MAAM,MAAA,GAAS,UAAA,CAAW,aAAA,CAAc,YAAY,CAAC,CAAA;AACrD,IAAA,IAAI,MAAA,EAAQ,IAAA,EAAK,EAAG,OAAO,OAAO,IAAA,EAAK;AACvC,IAAA,MAAM,SAAA,GAAY,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AAC5D,IAAA,MAAM,CAAA,GAAI,SAAA,CAAU,GAAA,CAAI,GAAG,CAAA;AAC3B,IAAA,IAAI,CAAA,EAAG,IAAA,EAAK,EAAG,OAAO,EAAE,IAAA,EAAK;AAC7B,IAAA,MAAM,QAAA,GAAW,OAAO,QAAA,CAAS,QAAA;AACjC,IAAA,MAAM,KAAA,GAAQ,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA;AAChC,IAAA,IAAI,MAAM,MAAA,IAAU,CAAA,IAAK,KAAA,CAAM,CAAC,KAAK,KAAA,CAAM,CAAC,CAAA,CAAE,WAAA,OAAkB,YAAA,EAAc,OAAO,KAAA,CAAM,CAAC,EAAE,IAAA,EAAK;AACnG,IAAA,OAAO,OAAO,aAAA,EAAc;AAAA,EAC9B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,OAAO,aAAA,EAAc;AAAA,EAC9B;AACF;AAEO,SAAS,aAAA,GAAyB;AACvC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,SAAS,OAAO,oBAAA,CAAqB,OAAA,CAAQ,WAAA,CAAY,eAAe,CAAA;AAC5E,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,KAAA;AAC1C,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AACzD,EAAA,OAAO,OAAO,GAAA,CAAI,MAAM,CAAA,IAAK,MAAA,CAAO,IAAI,OAAO,CAAA;AACjD;;;AC1DO,IAAM,cAAA,GAAiB;AAAA,EAC5B,aAAA,EAAe,eAAA;AAAA,EACf,aAAA,EAAe,eAAA;AAAA,EACf,YAAA,EAAc,cAAA;AAAA,EACd,gBAAA,EAAkB,kBAAA;AAAA,EAClB,eAAA,EAAiB,iBAAA;AAAA,EACjB,qBAAA,EAAuB,uBAAA;AAAA,EACvB,oBAAA,EAAsB,sBAAA;AAAA,EACtB,eAAA,EAAiB,iBAAA;AAAA,EACjB,gBAAA,EAAkB,kBAAA;AAAA,EAClB,wBAAA,EAA0B,0BAAA;AAAA,EAC1B,kBAAA,EAAoB;AACtB;AAgBA,IAAI,SAAA,uBAA6B,GAAA,EAAI;AAErC,SAAS,YAAY,KAAA,EAA6C;AAChE,EAAA,IAAI,GAAA,GAAM,SAAA,CAAU,GAAA,CAAI,KAAK,CAAA;AAC7B,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,GAAA,uBAAU,GAAA,EAAI;AACd,IAAA,SAAA,CAAU,GAAA,CAAI,OAAO,GAAG,CAAA;AAAA,EAC1B;AACA,EAAA,OAAO,GAAA;AACT;AAEA,SAAS,mBAAA,GAA6C;AACpD,EAAA,IAAI,GAAA,GAAM,SAAA,CAAU,GAAA,CAAI,GAAG,CAAA;AAC3B,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,GAAA,uBAAU,GAAA,EAAI;AACd,IAAA,SAAA,CAAU,GAAA,CAAI,KAAK,GAAG,CAAA;AAAA,EACxB;AACA,EAAA,OAAO,GAAA;AACT;AAEO,SAAS,aAAA,CAAc,OAAsB,OAAA,EAAkC;AACpF,EAAA,MAAM,QAAA,GAAW,YAAY,KAAK,CAAA;AAClC,EAAA,MAAM,WAAW,mBAAA,EAAoB;AACrC,EAAA,MAAM,CAAA,GAAI,WAAW,EAAC;AACtB,EAAA,QAAA,CAAS,OAAA,CAAQ,CAAC,EAAA,KAAO;AACvB,IAAA,IAAI;AACF,MAAA,EAAA,CAAG,CAAC,CAAA;AAAA,IACN,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF,CAAC,CAAA;AACD,EAAA,QAAA,CAAS,OAAA,CAAQ,CAAC,EAAA,KAAO;AACvB,IAAA,IAAI;AACF,MAAA,EAAA,CAAG,EAAE,GAAG,CAAA,EAAG,KAAA,EAAO,CAAA;AAAA,IACpB,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF,CAAC,CAAA;AACH;AAEO,SAAS,kBAAA,CACd,OACA,OAAA,EACY;AACZ,EAAA,MAAM,MAAM,KAAA,KAAU,GAAA,GAAM,mBAAA,EAAoB,GAAI,YAAY,KAAK,CAAA;AACrE,EAAA,GAAA,CAAI,IAAI,OAAO,CAAA;AACf,EAAA,OAAO,MAAM,GAAA,CAAI,MAAA,CAAO,OAAO,CAAA;AACjC;;;ACzEA,IAAM,qBAAA,GAAwB,CAAA;AAC9B,IAAM,YAAY,EAAA,GAAK,GAAA;AAEvB,IAAI,aAAA,GAAgB,CAAA;AACpB,IAAI,eAAA,GAAkB,CAAA;AA2Bf,SAAS,sBAAA,GAA+B;AAC7C,EAAA,aAAA,GAAgB,CAAA;AAChB,EAAA,eAAA,GAAkB,CAAA;AACpB;AAEO,SAAS,yBAAA,CAA0B,cAAsB,qBAAA,EAAgC;AAC9F,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,IAAI,GAAA,GAAM,kBAAkB,SAAA,EAAW;AACrC,IAAA,aAAA,GAAgB,CAAA;AAChB,IAAA,eAAA,GAAkB,GAAA;AAAA,EACpB;AACA,EAAA,IAAI,iBAAiB,WAAA,EAAa;AAChC,IAAA,aAAA,CAAc,eAAe,kBAAA,EAAoB;AAAA,MAC/C,OAAA,EAAS,2BAA2B,WAAW,CAAA,UAAA;AAAA,KAChD,CAAA;AACD,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,aAAA,EAAA;AACA,EAAA,OAAO,IAAA;AACT;;;AC3BO,SAAS,kBAAkB,MAAA,EAA4B;AAC5D,EAAA,MAAM,UAAA,GAAa,gBAAA,CAAiB,MAAA,CAAO,QAAQ,CAAA;AACnD,EAAA,IAAI,CAAC,WAAW,OAAA,EAAS;AACvB,IAAA,MAAA,CAAO,KAAK,6BAAA,EAA+B,EAAE,QAAA,EAAU,MAAA,CAAO,UAAU,CAAA;AAAA,EAC1E;AAEA,EAAA,UAAA,CAAW,YAAA,CAAa,aAAA,EAAe,MAAA,CAAO,UAAU,CAAA;AACxD,EAAA,UAAA,CAAW,YAAA,CAAa,QAAA,EAAU,MAAA,CAAO,MAAA,CAAO,QAAQ,CAAA;AAExD,EAAA,UAAA,CAAW,YAAA,CAAa,WAAA,EAAa,MAAA,CAAO,cAAA,EAAgB,CAAA;AAC5D,EAAA,UAAA,CAAW,YAAA,CAAa,QAAA,EAAU,MAAA,CAAO,QAAQ,CAAA;AACjD,EAAA,IAAI,OAAO,SAAA,EAAW;AACpB,IAAA,UAAA,CAAW,YAAA,CAAa,SAAA,EAAW,MAAA,CAAO,SAAS,CAAA;AAAA,EACrD;AACF;AAEA,eAAsB,iBAAiB,MAAA,EAAqC;AAC1E,EAAA,IAAI;AACF,IAAA,MAAA,CAAO,KAAK,qCAAqC,CAAA;AAEjD,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,IAAI,KAAA,IAAS,CAAC,oBAAA,EAAqB,EAAG;AACpC,MAAA,MAAA,CAAO,MAAM,gDAAgD,CAAA;AAC7D,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,eAAc,EAAG;AACnB,MAAA,MAAA,CAAO,MAAM,yEAAyE,CAAA;AACtF,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,kBAAiB,EAAG;AACtB,MAAA,IAAI,eAAA,CAAgB,GAAI,CAAA,EAAG;AACzB,QAAA,MAAA,CAAO,KAAK,wDAAwD,CAAA;AACpE,QAAA,cAAA,EAAe;AAAA,MACjB,CAAA,MAAO;AACL,QAAA,MAAA,CAAO,MAAM,qEAAqE,CAAA;AAClF,QAAA;AAAA,MACF;AAAA,IACF;AAEA,IAAA,YAAA,EAAa;AAEb,IAAA,IACE,CAAC,MAAA,EAAQ,UAAA,IACT,CAAC,MAAA,CAAO,QAAQ,QAAA,IAChB,CAAC,MAAA,CAAO,MAAA,EAAQ,WAAA,EAChB;AACA,MAAA,MAAM,IAAI,MAAM,4CAA4C,CAAA;AAAA,IAC9D;AAEA,IAAA,iBAAA,CAAkB,MAAM,CAAA;AAExB,IAAA,MAAM,eAAe,oBAAA,EAAqB;AAC1C,IAAA,MAAM,aAAA,GAAgB,MAAM,qBAAA,CAAsB,YAAY,CAAA;AAC9D,IAAA,MAAM,QAAQ,aAAA,EAAc;AAE5B,IAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,IAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,IAAA,UAAA,CAAW,YAAA,CAAa,cAAc,YAAY,CAAA;AAClD,IAAA,UAAA,CAAW,YAAA,CAAa,OAAO,KAAK,CAAA;AAEpC,IAAA,MAAM,OAAA,GAAU,qBAAA,CAAsB,MAAA,EAAQ,aAAA,EAAe,KAAK,CAAA;AAElE,IAAA,IACE,CAAC,OAAA,IACD,EAAE,OAAA,CAAQ,UAAA,CAAW,SAAS,CAAA,IAAK,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,CAAA,EAChE;AACA,MAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,IACvD;AAEA,IAAA,IAAI,CAAC,2BAA0B,EAAG;AAChC,MAAA,MAAA,CAAO,KAAK,0DAA0D,CAAA;AACtE,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,MAAA,CAAO,KAAK,qCAAqC,CAAA;AACjD,IAAA,aAAA,CAAc,eAAe,aAAA,EAAe,EAAE,SAAA,EAAW,MAAA,CAAO,WAAW,CAAA;AAE3E,IAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,IAAA,IAAI,OAAA,EAAS,OAAA,CAAQ,WAAA,CAAY,QAAA,CAAS,OAAO,CAAA;AAAA,SAAA,IACxC,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAA,CAAS,QAAQ,OAAO,CAAA;AAAA,EACzE,SAAS,KAAA,EAAO;AACd,IAAA,cAAA,EAAe;AACf,IAAA,MAAA,CAAO,MAAM,8BAAA,EAAgC;AAAA,MAC3C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AACF;AAEA,SAAS,qBAAA,CACP,MAAA,EACA,aAAA,EACA,KAAA,EACQ;AACR,EAAA,IAAIA,cAAY,EAAG;AACjB,IAAA,MAAA,CAAO,MAAM,4BAAA,EAA8B;AAAA,MACzC,YAAY,MAAA,CAAO,UAAA;AAAA,MACnB,QAAA,EAAU,OAAO,MAAA,CAAO,QAAA;AAAA,MACxB,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,MAC3B,MAAA,EAAQ,OAAO,MAAA,CAAO;AAAA,KACvB,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,YAAA,CAAa,QAAQ,CAAA;AACvD,EAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,YAAA,CAAa,QAAQ,CAAA;AAEvD,EAAA,MAAM,aAAA,GAAgB,kBAAkB,MAAA,CAAO,QAAA;AAC/C,EAAA,MAAM,aAAA,GAAgB,cAAA,IAAkB,MAAA,CAAO,MAAA,CAAO,QAAA;AAEtD,EAAA,MAAM,gBAAA,GAAmB,OAAO,cAAA,EAAe;AAE/C,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,IACjC,SAAA,EAAW,UAAU,aAAa,CAAA,CAAA;AAAA,IAClC,SAAA,EAAW,aAAA;AAAA,IACX,YAAA,EAAc,gBAAA;AAAA,IACd,aAAA,EAAe,qBAAA;AAAA,IACf,KAAA,EAAO,OAAO,MAAA,CAAO,MAAA;AAAA,IACrB,KAAA;AAAA,IACA,cAAA,EAAgB,aAAA;AAAA,IAChB,qBAAA,EAAuB;AAAA,GACxB,CAAA;AAED,EAAA,OAAO,GAAG,MAAA,CAAO,UAAU,CAAA,mBAAA,EAAsB,MAAA,CAAO,UAAU,CAAA,CAAA;AACpE;;;AC/HA,SAAS,YAAY,SAAA,EAAgC;AACnD,EAAA,MAAM,SAAA,GAAY,UAAU,UAAA,IAAc,IAAA;AAC1C,EAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA,GAAY,GAAA;AAE3C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,OAAA,CAAQ,aAAA,CAAc;AAAA,MACpB,aAAa,SAAA,CAAU,YAAA;AAAA,MACvB,cAAc,SAAA,CAAU,aAAA;AAAA,MACxB;AAAA,KACD,CAAA;AAAA,EACH;AACA,EAAA,UAAA,CAAW,YAAA,CAAa,WAAA,EAAa,SAAA,CAAU,YAAY,CAAA;AAC3D,EAAA,UAAA,CAAW,YAAA,CAAa,YAAA,EAAc,SAAA,CAAU,aAAa,CAAA;AAC7D,EAAA,UAAA,CAAW,YAAA,CAAa,SAAA,EAAW,SAAA,CAAU,QAAA,EAAU,CAAA;AAEvD,EAAA,IAAIA,cAAY,EAAG;AACjB,IAAA,MAAA,CAAO,MAAM,4BAAA,EAA8B;AAAA,MACzC,SAAA,EAAW,IAAI,IAAA,CAAK,SAAS,EAAE,WAAA,EAAY;AAAA,MAC3C;AAAA,KACD,CAAA;AAAA,EACH,CAAA,MAAO;AACL,IAAA,MAAA,CAAO,KAAK,4BAA4B,CAAA;AAAA,EAC1C;AACF;AAEA,eAAsB,sBAAsB,MAAA,EAAqD;AAC/F,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,IAAA,EAAM,YAAA,EAAc,QAAA,EAAU,aAAY,GAAI,MAAA;AACtD,IAAA,MAAM,cAAA,GAAiB,OAAO,iBAAA,EAAkB;AAChD,IAAA,MAAM,QAAA,GAAW,GAAG,cAAc,CAAA,YAAA,CAAA;AAElC,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,wBAAA;AAAA,MACZ,IAAA;AAAA,MACA,SAAA,EAAW,UAAU,QAAQ,CAAA,CAAA;AAAA,MAC7B,YAAA,EAAc,WAAA;AAAA,MACd,aAAA,EAAe;AAAA,KAChB,CAAA;AAED,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,EAAU;AAAA,MACrC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,mCAAA,EAAoC;AAAA,MAC/D,IAAA,EAAM,KAAK,QAAA;AAAS,KACrB,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,YAAA,GAAe,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AAC3D,MAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,QACpC,QAAQ,QAAA,CAAS,MAAA;AAAA,QACjB,YAAY,QAAA,CAAS,UAAA;AAAA,QACrB,YAAA;AAAA,QACA,UAAA,EAAY;AAAA,OACb,CAAA;AACD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,0BAA0B,QAAA,CAAS,MAAM,IAAI,QAAA,CAAS,UAAU,GAAG,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,CAAE,SAAS,CAAA,GAAA,EAAM,IAAA,CAAK,UAAU,YAAY,CAAC,KAAK,EAAE,CAAA;AAAA,OACjJ;AAAA,IACF;AAEA,IAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,EAAK;AAEvC,IAAA,IAAI,CAAC,UAAU,YAAA,IAAgB,CAAC,UAAU,aAAA,IAAiB,CAAC,UAAU,UAAA,EAAY;AAChF,MAAA,MAAA,CAAO,MAAM,iCAAiC,CAAA;AAC9C,MAAA,MAAM,IAAI,MAAM,wBAAwB,CAAA;AAAA,IAC1C;AAEA,IAAA,WAAA,CAAY,SAAS,CAAA;AACrB,IAAA,OAAO,SAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,SAAA,GAAY,KAAA,YAAiB,KAAA,IAAS,KAAA,CAAM,IAAA,KAAS,YAAA;AAC3D,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,MAAA,CAAO,KAAK,iFAAiF,CAAA;AAC7F,MAAA,MAAM,gBAAgB,cAAA,EAAqB;AAC3C,MAAA,IAAI,aAAA,IAAiB,CAAC,oBAAA,EAAqB,EAAG;AAC5C,QAAA,OAAO;AAAA,UACL,YAAA,EAAc,aAAA;AAAA,UACd,aAAA,EAAe,iBAAgB,IAAK,EAAA;AAAA,UACpC,UAAA,EAAY;AAAA,SACd;AAAA,MACF;AACA,MAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,IACvD;AACA,IAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,MACpC,SAAS,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC/D,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AACF;AAEA,IAAI,cAAA,GAAyC,IAAA;AAE7C,eAAsB,kBAAA,GAAsC;AAC1D,EAAA,IAAI,gBAAgB,OAAO,cAAA;AAE3B,EAAA,cAAA,GAAA,CAAkB,YAA6B;AAC7C,IAAA,IAAI;AACF,MAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,MAAA,MAAM,WAAW,WAAA,EAAY;AAC7B,MAAA,MAAM,WAAW,WAAA,EAAY;AAE7B,MAAA,IAAI,CAAC,YAAA,IAAgB,CAAC,QAAA,IAAY,CAAC,QAAA,EAAU;AAC3C,QAAA,MAAA,CAAO,MAAM,6CAA6C,CAAA;AAC1D,QAAA,MAAM,IAAI,MAAM,6CAA6C,CAAA;AAAA,MAC/D;AAEA,MAAA,MAAM,cAAA,GAAiB,OAAO,iBAAA,EAAkB;AAChD,MAAA,MAAM,QAAA,GAAW,GAAG,cAAc,CAAA,cAAA,CAAA;AAElC,MAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,QAC/B,UAAA,EAAY,0BAAA;AAAA,QACZ,aAAA,EAAe,YAAA;AAAA,QACf,WAAW,QAAA,CAAS,UAAA,CAAW,SAAS,CAAA,GAAI,QAAA,GAAW,UAAU,QAAQ,CAAA,CAAA;AAAA,QACzE,SAAA,EAAW;AAAA,OACZ,CAAA;AAED,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,EAAU;AAAA,QACrC,MAAA,EAAQ,MAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,cAAA,EAAgB,mCAAA;AAAA,UAChB,UAAA,EAAY,QAAA;AAAA,UACZ,QAAA,EAAU;AAAA,SACZ;AAAA,QACA,IAAA,EAAM,KAAK,QAAA;AAAS,OACrB,CAAA;AAED,MAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,QAAA,MAAM,YAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AAC5D,QAAA,MAAM,0BACJ,QAAA,CAAS,MAAA,KAAW,OACnB,YAAA,EAAc,KAAA,KAAU,mBACxB,OAAO,YAAA,EAAc,sBAAsB,QAAA,KACzC,YAAA,CAAa,kBAAkB,QAAA,CAAS,SAAS,KAAK,YAAA,CAAa,iBAAA,CAAkB,SAAS,SAAS,CAAA,CAAA;AAE5G,QAAA,IAAI,uBAAA,EAAyB;AAC3B,UAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,UAAA,aAAA,CAAc,aAAa,WAAW,CAAA;AACtC,UAAA,aAAA,CAAc,aAAa,SAAS,CAAA;AACpC,UAAA,aAAA,CAAc,eAAe,oBAAA,EAAsB;AAAA,YACjD,KAAA,EAAO,kCAAA;AAAA,YACP,SAAS,MAAA,CAAO,YAAA,EAAc,iBAAA,IAAqB,YAAA,EAAc,SAAS,sBAAsB;AAAA,WACjG,CAAA;AAAA,QACH;AAEA,QAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB;AAAA,UACnC,QAAQ,QAAA,CAAS,MAAA;AAAA,UACjB,YAAY,QAAA,CAAS,UAAA;AAAA,UACrB,YAAA;AAAA,UACA,UAAA,EAAY;AAAA,SACb,CAAA;AACD,QAAA,MAAM,IAAI,KAAA;AAAA,UACR,yBAAyB,QAAA,CAAS,MAAM,IAAI,QAAA,CAAS,UAAU,GAAG,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,CAAE,SAAS,CAAA,GAAA,EAAM,IAAA,CAAK,UAAU,YAAY,CAAC,KAAK,EAAE,CAAA;AAAA,SAChJ;AAAA,MACF;AAEA,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,EAAK;AAEvC,MAAA,IAAI,CAAC,SAAA,CAAU,YAAA,IAAgB,CAAC,UAAU,aAAA,EAAe;AACvD,QAAA,MAAA,CAAO,MAAM,yCAAyC,CAAA;AACtD,QAAA,MAAM,IAAI,MAAM,gCAAgC,CAAA;AAAA,MAClD;AAEA,MAAA,WAAA,CAAY,SAAS,CAAA;AACrB,MAAA,aAAA,CAAc,eAAe,qBAAqB,CAAA;AAClD,MAAA,OAAO,SAAA,CAAU,YAAA;AAAA,IACnB,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,iBAAiB,KAAA,EAAO;AAC1B,QAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB,EAAE,OAAA,EAAS,KAAA,CAAM,SAAS,CAAA;AAC/D,QAAA,aAAA,CAAc,eAAe,oBAAA,EAAsB,EAAE,KAAA,EAAO,KAAA,CAAM,SAAS,CAAA;AAAA,MAC7E;AACA,MAAA,MAAM,KAAA;AAAA,IACR,CAAA,SAAE;AACA,MAAA,cAAA,GAAiB,IAAA;AAAA,IACnB;AAAA,EACF,CAAA,GAAG;AAEH,EAAA,OAAO,cAAA;AACT;AC1KA,SAAS,WAAA,GAAuB;AAC9B,EAAA,OAAO,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AAC7D;AAEA,SAAS,YAAA,GAAwB;AAC/B,EAAA,OAAO,oBAAA,EAAqB;AAC9B;AAEA,SAAS,cAAA,GAAuB;AAC9B,EAAA,qBAAA,EAAsB;AACxB;AAEA,SAAS,aAAA,GAAsB;AAC7B,EAAA,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAA,EAAG,MAAM,CAAA;AACtD,EAAA,uBAAA,EAAwB;AAC1B;AAEA,SAAS,eAAA,GAAwB;AAC/B,EAAA,uBAAA,EAAwB;AACxB,EAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACnD;AAEA,IAAI,UAAA,GAAa,KAAA;AAEjB,SAAS,QAAA,GAAiB;AACxB,EAAA,IAAI,UAAA,EAAY;AAChB,EAAA,IAAI,cAAa,EAAG;AACpB,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,KAAA,GAAQ,OAAA,GACV,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,MAAM,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAQ,CAAA,CAAA,GAC3F,OAAO,MAAA,KAAW,WAAA,GAAc,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA,CAAA,GAAK,GAAA;AAC9F,EAAA,IAAI,OAAA,EAAS,OAAA,CAAQ,WAAA,CAAY,QAAA,CAAS,KAAK,CAAA;AAAA,OAAA,IACtC,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAA,CAAS,QAAQ,KAAK,CAAA;AACrE,EAAA,UAAA,GAAa,IAAA;AACf;AAEA,SAAS,YAAA,GAAqB;AAC5B,EAAA,IAAI,UAAA,EAAY;AAChB,EAAA,IAAI,cAAa,EAAG;AACpB,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,KAAA,GAAQ,OAAA,GACV,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,MAAM,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAQ,CAAA,CAAA,GAC3F,OAAO,MAAA,KAAW,WAAA,GAAc,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA,CAAA,GAAK,GAAA;AAC9F,EAAA,IAAI,OAAA,EAAS,OAAA,CAAQ,WAAA,CAAY,YAAA,CAAa,KAAK,CAAA;AAAA,OAAA,IAC1C,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAQ,YAAA,CAAa,EAAC,EAAG,OAAO,QAAA,KAAa,WAAA,GAAc,QAAA,CAAS,KAAA,GAAQ,IAAI,KAAK,CAAA;AACpI,EAAA,UAAA,GAAa,IAAA;AACf;AAEA,SAAS,iBAAA,GAA0B;AACjC,EAAA,aAAA,CAAc,aAAA,CAAc,aAAa,CAAC,CAAA;AAC1C,EAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,EAAA,cAAA,EAAe;AACjB;AAEA,eAAsB,cAAA,GAAmC;AACvD,EAAA,IAAI,aAAY,EAAG;AACjB,IAAA,MAAA,CAAO,MAAM,8EAA8E,CAAA;AAC3F,IAAA,IAAI,eAAc,EAAG;AACnB,MAAA,IAAI,CAAC,YAAA,EAAa,EAAG,YAAA,EAAa;AAAA,IACpC;AACA,IAAA,cAAA,EAAe;AACf,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,cAAa,EAAG;AAClB,IAAA,MAAA,CAAO,MAAM,kEAAkE,CAAA;AAC/E,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,UAAA,CAAW,aAAA,CAAc,aAAa,CAAC,MAAM,MAAA,EAAQ;AACvD,IAAA,MAAA,CAAO,KAAK,oEAA+D,CAAA;AAC3E,IAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,IAAA,IAAI,WAAW,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAQ,YAAA,EAAa;AAAA,SAAA,IAC/D,OAAO,MAAA,KAAW,WAAA,IAAe,MAAA,CAAO,QAAA,CAAS,QAAQ,YAAA,EAAa;AAC/E,IAAA,iBAAA,EAAkB;AAClB,IAAA,eAAA,EAAgB;AAChB,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,kBAAkB,YAAA,EAAa;AACrC,EAAA,IAAI,gBAAA,GAAkC,IAAA;AACtC,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,cAAc,CAAC,CAAA;AAC/D,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AAC7C,MAAA,gBAAA,GAAmB,YAAY,SAAA,IAAa,IAAA;AAAA,IAC9C;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,IAAI,CAAC,kBAAkB,gBAAA,GAAmB,eAAA;AAE1C,EAAA,IAAI,gBAAA,IAAoB,eAAA,IAAmB,gBAAA,KAAqB,eAAA,EAAiB;AAC/E,IAAA,MAAA,CAAO,KAAK,8DAA8D,CAAA;AAC1E,IAAA,eAAA,EAAgB;AAChB,IAAA,iBAAA,EAAkB;AAClB,IAAA,eAAA,EAAgB;AAChB,IAAA,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAA,EAAG,MAAM,CAAA;AACnD,IAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAG,gBAAgB,CAAA;AAC5D,IAAA,YAAA,CAAa,gBAAgB,CAAA;AAC7B,IAAA,IAAI,aAAA,IAAiB,YAAA,EAAa;AAClC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,aAAA,EAAc,EAAG,OAAO,KAAA;AAE7B,EAAA,cAAA,EAAe;AACf,EAAA,cAAA,EAAe;AACf,EAAA,UAAA,GAAa,KAAA;AAEb,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,cAAA,EAAe,EAAG,WAAA,CAAY,aAAA,EAAc,CAAE,MAAA,KAAW,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,EAAA,CAAA;AACjI,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAM,CAAA;AACzC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,GAAA,CAAI,MAAM,CAAA;AAC9B,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AAChC,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AAEhC,IAAA,IAAI,KAAA,IAAS,CAAC,IAAA,IAAQ,CAAC,KAAA,EAAO;AAC5B,MAAA,MAAA,CAAO,MAAM,+BAAA,EAAiC,EAAE,KAAA,EAAO,IAAA,EAAM,OAAO,CAAA;AACpE,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,MAAM,cAAc,QAAA,EAAS;AAC7B,IAAA,IAAI,CAAC,WAAA,IAAe,WAAA,KAAgB,KAAA,EAAO;AACzC,MAAA,MAAM,0BAA0B,gBAAA,EAAiB;AACjD,MAAA,IAAI,wBAAA,GAA0C,IAAA;AAC9C,MAAA,IAAI;AACF,QAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,cAAc,CAAC,CAAA;AAC/D,QAAA,IAAI,cAAA,EAAgB;AAClB,UAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AAC7C,UAAA,wBAAA,GAA2B,YAAY,SAAA,IAAa,IAAA;AAAA,QACtD;AAAA,MACF,CAAA,CAAA,MAAQ;AAAA,MAER;AACA,MAAA,MAAM,gBAAA,GAAmB,uBAAA,IAA2B,wBAAA,IAA4B,uBAAA,KAA4B,wBAAA;AAC5G,MAAA,IAAI,gBAAA,EAAkB;AACpB,QAAA,MAAA,CAAO,KAAK,wFAAwF,CAAA;AAAA,MACtG,CAAA,MAAO;AACL,QAAA,MAAA,CAAO,MAAM,6CAA6C,CAAA;AAAA,MAC5D;AACA,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAG,MAAM,CAAA;AAClD,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAA,CAAO,MAAM,uBAAuB,CAAA;AACpC,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,MAAM,WAAW,WAAA,EAAY;AAC7B,IAAA,MAAM,cAAc,cAAA,EAAe;AACnC,IAAA,MAAM,WAAW,WAAA,EAAY;AAE7B,IAAA,IAAI,CAAC,QAAA,IAAY,CAAC,WAAA,IAAe,CAAC,QAAA,EAAU;AAC1C,MAAA,MAAA,CAAO,MAAM,sCAAsC,CAAA;AACnD,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAGA,IAAA,MAAM,gBAAgB,cAAA,EAAe;AACrC,IAAA,IAAI,aAAA,IAAiB,CAAC,oBAAA,EAAqB,EAAG;AAC5C,MAAA,MAAA,CAAO,MAAM,qDAAqD,CAAA;AAClE,MAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,MAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,MAAA,iBAAA,EAAkB;AAClB,MAAA,aAAA,EAAc;AACd,MAAA,QAAA,EAAS;AACT,MAAA,sBAAA,EAAuB;AACvB,MAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAM,SAAA,GAAY,MAAM,qBAAA,CAAsB;AAAA,MAC5C,IAAA;AAAA,MACA,YAAA;AAAA,MACA,QAAA;AAAA,MACA,WAAA;AAAA,MACA;AAAA,KACD,CAAA;AAED,IAAA,IAAI,CAAC,WAAW,YAAA,EAAc;AAC5B,MAAA,MAAA,CAAO,MAAM,yCAAyC,CAAA;AACtD,MAAA,eAAA,EAAgB;AAChB,MAAA,iBAAA,EAAkB;AAClB,MAAA,YAAA,EAAa;AACb,MAAA,aAAA,CAAc,cAAA,CAAe,eAAA,EAAiB,EAAE,OAAA,EAAS,4BAA4B,CAAA;AACrF,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,IAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,IAAA,iBAAA,EAAkB;AAClB,IAAA,aAAA,EAAc;AACd,IAAA,QAAA,EAAS;AAET,IAAA,MAAA,CAAO,KAAK,uCAAuC,CAAA;AACnD,IAAA,sBAAA,EAAuB;AACvB,IAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,IAAA,OAAO,IAAA;AAAA,EACT,SAAS,GAAA,EAAK;AACZ,IAAA,IAAIC,sBAAA,CAAM,YAAA,CAAa,GAAG,CAAA,EAAG;AAC3B,MAAA,MAAM,MAAA,GAAS,IAAI,QAAA,EAAU,MAAA;AAC7B,MAAA,MAAM,YAAA,GAAe,IAAI,QAAA,EAAU,IAAA;AACnC,MAAA,MAAM,YAAY,YAAA,EAAc,KAAA;AAChC,MAAA,MAAM,gBAAA,GAAmB,YAAA,EAAc,iBAAA,IAAqB,YAAA,EAAc,OAAA,IAAW,EAAA;AAErF,MAAA,IACE,MAAA,KAAW,OACX,SAAA,KAAc,eAAA,KACb,OAAO,gBAAgB,CAAA,CAAE,SAAS,cAAc,CAAA,IAChD,OAAO,gBAAgB,CAAA,CAAE,SAAS,gBAAgB,CAAA,IAClD,OAAO,gBAAgB,CAAA,CAAE,QAAA,CAAS,uBAAuB,CAAA,CAAA,EAC1D;AACA,QAAA,MAAMC,iBAAgB,cAAA,EAAe;AACrC,QAAA,MAAMC,WAAAA,GAAaD,cAAAA,IAAiB,CAAC,oBAAA,EAAqB;AAC1D,QAAA,IAAIC,WAAAA,EAAY;AACd,UAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,UAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,UAAA,iBAAA,EAAkB;AAClB,UAAA,aAAA,EAAc;AACd,UAAA,YAAA,EAAa;AACb,UAAA,MAAA,CAAO,KAAK,6EAA6E,CAAA;AACzF,UAAA,sBAAA,EAAuB;AACvB,UAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF;AAEA,MAAA,aAAA,CAAc,eAAe,eAAA,EAAiB;AAAA,QAC5C,OAAO,GAAA,CAAI,OAAA;AAAA,QACX,OAAA,EAAS,YAAA,EAAc,iBAAA,IAAqB,GAAA,CAAI;AAAA,OACjD,CAAA;AACD,MAAA,MAAA,CAAO,MAAM,qCAAA,EAAuC;AAAA,QAClD,MAAA;AAAA,QACA,UAAA,EAAY,IAAI,QAAA,EAAU,UAAA;AAAA,QAC1B,YAAA,EAAc,IAAI,QAAA,EAAU,IAAA;AAAA,QAC5B,SAAS,GAAA,CAAI,OAAA;AAAA,QACb,GAAA,EAAK,IAAI,MAAA,EAAQ;AAAA,OAClB,CAAA;AAAA,IACH,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,QACpC,OAAO,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,OAAO,GAAG;AAAA,OACvD,CAAA;AAAA,IACH;AAEA,IAAA,iBAAA,EAAkB;AAClB,IAAA,MAAM,gBAAgB,cAAA,EAAe;AACrC,IAAA,MAAM,UAAA,GAAa,aAAA,IAAiB,CAAC,oBAAA,EAAqB;AAC1D,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,sBAAA,EAAuB;AACvB,MAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,aAAA,CAAc,eAAe,eAAA,EAAiB;AAAA,MAC5C,OAAO,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,OAAO,GAAG;AAAA,KACvD,CAAA;AACD,IAAA,eAAA,EAAgB;AAChB,IAAA,IAAI,aAAA,IAAiB,YAAA,EAAa;AAClC,IAAA,OAAO,KAAA;AAAA,EACT;AACF;;;ACtTA,IAAM,cAAA,GAAiB,IAAI,EAAA,GAAK,GAAA;AASzB,IAAM,oBAAN,MAAwB;AAAA,EAK7B,WAAA,CAAY,QAAgB,cAAA,EAAgB;AAJ5C,IAAA,IAAA,CAAiB,KAAA,uBAAY,GAAA,EAAwB;AACrD,IAAA,IAAA,CAAiB,QAAA,uBAAe,GAAA,EAA0C;AAIxE,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA,EAEA,IAAI,SAAA,EAAwC;AAC1C,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,SAAS,CAAA;AACtC,IAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AACnB,IAAA,IAAI,IAAA,CAAK,GAAA,EAAI,IAAK,KAAA,CAAM,SAAA,EAAW;AACjC,MAAA,IAAA,CAAK,KAAA,CAAM,OAAO,SAAS,CAAA;AAC3B,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,OAAO,KAAA,CAAM,MAAA;AAAA,EACf;AAAA,EAEA,GAAA,CAAI,WAAmB,MAAA,EAA4B;AACjD,IAAA,IAAA,CAAK,KAAA,CAAM,IAAI,SAAA,EAAW;AAAA,MACxB,MAAA;AAAA,MACA,SAAA,EAAW,IAAA,CAAK,GAAA,EAAI,GAAI,IAAA,CAAK;AAAA,KAC9B,CAAA;AAAA,EACH;AAAA,EAEA,WAAW,SAAA,EAA0B;AACnC,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,IAAA,CAAK,KAAA,CAAM,OAAO,SAAS,CAAA;AAC3B,MAAA,IAAA,CAAK,QAAA,CAAS,OAAO,SAAS,CAAA;AAAA,IAChC,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,MAAM,KAAA,EAAM;AACjB,MAAA,IAAA,CAAK,SAAS,KAAA,EAAM;AAAA,IACtB;AAAA,EACF;AAAA,EAEA,MAAM,YAAA,CACJ,SAAA,EACA,QAAA,EAC8B;AAC9B,IAAA,IAAI,CAAC,SAAA,IAAa,CAAC,SAAA,CAAU,IAAA,IAAQ,OAAO,IAAA;AAE5C,IAAA,MAAM,GAAA,GAAM,UAAU,IAAA,EAAK;AAC3B,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC3B,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAA,CAAO,KAAA,CAAM,0BAAA,EAA4B,EAAE,SAAA,EAAW,KAAK,CAAA;AAC3D,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,GAAG,CAAA;AACtC,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,MAAA,CAAO,KAAA,CAAM,sCAAA,EAAwC,EAAE,SAAA,EAAW,KAAK,CAAA;AACvE,MAAA,OAAO,QAAA;AAAA,IACT;AAEA,IAAA,MAAM,WAAW,YAA0C;AACzD,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,MAAM,QAAA,CAAS,GAAG,CAAA;AACjC,QAAA,IAAI,MAAA,EAAQ,IAAA,CAAK,GAAA,CAAI,GAAA,EAAK,MAAM,CAAA;AAChC,QAAA,OAAO,MAAA;AAAA,MACT,CAAA,SAAE;AACA,QAAA,IAAA,CAAK,QAAA,CAAS,OAAO,GAAG,CAAA;AAAA,MAC1B;AAAA,IACF,CAAA,GAAG;AAEH,IAAA,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,GAAA,EAAK,OAAO,CAAA;AAC9B,IAAA,OAAO,OAAA;AAAA,EACT;AACF,CAAA;;;ACvEA,IAAM,wBAAA,GAA2B,IAAI,iBAAA,EAAkB;AAEhD,SAAS,uBAAA,CACd,KACA,MAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,cAAc,CAAC,CAAA;AAC/D,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AAC7C,MAAA,IAAI,YAAY,SAAA,EAAW,IAAA,IAAQ,OAAO,WAAA,CAAY,UAAU,IAAA,EAAK;AACrE,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,uBAAA,CAAwB,GAAA,EAAK,MAAA,EAAQ,UAAA,EAAY,aAAa,CAAA;AACvE;AAEA,SAAS,cAAA,GAAgD;AACvD,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,cAAc,CAAC,CAAA;AAC/D,IAAA,IAAI,CAAC,gBAAgB,OAAO,IAAA;AAE5B,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AACxC,IAAA,IAAI,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,IAAY,mBAAmB,MAAA,EAAQ;AACrE,MAAA,OAAQ,MAAA,CAAmC,aAAA;AAAA,IAC7C;AACA,IAAA,OAAO,MAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,aAAA,CAAc,aAAA,CAAc,cAAc,CAAC,CAAA;AAC3C,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,SAAS,oBAAA,CACP,YAAA,EACA,WAAA,EACA,SAAA,EACc;AACd,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,WAAA,CAAY,QAAA,IAAY,YAAA,CAAa,QAAA;AAAA,IAC/C,YAAY,YAAA,CAAa,UAAA;AAAA,IACzB,SAAA,EAAW,aAAa,YAAA,CAAa,SAAA;AAAA,IACrC,MAAA,EAAQ;AAAA,MACN,QAAA,EAAU,WAAA,CAAY,QAAA,IAAY,YAAA,CAAa,MAAA,CAAO,QAAA;AAAA,MACtD,WAAA,EAAa,aAAa,MAAA,CAAO,WAAA;AAAA,MACjC,MAAA,EAAQ,aAAa,MAAA,CAAO;AAAA;AAC9B,GACF;AACF;AAEA,eAAe,wBAAA,GAAyD;AACtE,EAAA,MAAM,SAAA,GAAY,MAAM,YAAA,EAAa;AACrC,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,OAAO;AAAA,IACL,UAAU,SAAA,CAAU,QAAA;AAAA,IACpB,YAAY,SAAA,CAAU,aAAA;AAAA,IACtB,MAAA,EAAQ;AAAA,MACN,UAAU,SAAA,CAAU,QAAA;AAAA,MACpB,aAAa,SAAA,CAAU,WAAA;AAAA,MACvB,MAAA,EAAQ;AAAA;AACV,GACF;AACF;AAEA,eAAsB,mBAAA,CACpB,WACA,cAAA,EAC8B;AAC9B,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AAEvB,EAAA,MAAM,cAAc,cAAA,EAAe;AACnC,EAAA,IAAI,YAAA,GAAoC,IAAA;AACxC,EAAA,IAAI,WAAA,GAAc,KAAA;AAElB,EAAA,YAAA,GAAe,MAAM,cAAA,CAAe,OAAA,CAAQ,SAAS,CAAA;AACrD,EAAA,WAAA,GAAc,CAAC,CAAC,YAAA;AAEhB,EAAA,IAAI,CAAC,YAAA,EAAc;AACjB,IAAA,YAAA,GAAe,MAAM,wBAAA,EAAyB;AAAA,EAChD;AACA,EAAA,IAAI,CAAC,cAAc,OAAO,IAAA;AAE1B,EAAA,IAAI,CAAC,eAAe,WAAA,EAAa;AAC/B,IAAA,MAAM,YAAA,GAAe,oBAAA,CAAqB,YAAA,EAAc,WAAA,EAAa,SAAS,CAAA;AAC9E,IAAA,aAAA,CAAc,aAAA,CAAc,cAAc,CAAC,CAAA;AAC3C,IAAA,MAAA,CAAO,KAAK,8CAA8C,CAAA;AAC1D,IAAA,OAAO,YAAA;AAAA,EACT;AAEA,EAAA,aAAA,CAAc,aAAA,CAAc,cAAc,CAAC,CAAA;AAE3C,EAAA,OAAO;AAAA,IACL,GAAG,YAAA;AAAA,IACH,SAAA,EAAW,aAAa,YAAA,CAAa;AAAA,GACvC;AACF;AAEA,eAAsB,yBAAA,CACpB,WACA,cAAA,EAC8B;AAC9B,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,OAAO,wBAAA,CAAyB,YAAA;AAAA,IAAa,SAAA;AAAA,IAAW,CAAC,GAAA,KACvD,mBAAA,CAAoB,GAAA,EAAK,cAAc;AAAA,GACzC;AACF;;;AC3GO,IAAM,iBAAN,MAA0C;AAAA,EAC/C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,WAAA,EAAa,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,aAAA,EAAc;AAE/C,IAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,MAAA,MAAM,cAAA,EAAe;AACrB,MAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,QAAA,GAAA,CAAI,KAAK,6DAA6D,CAAA;AACtE,QAAA,MAAM,IAAI,MAAA,EAAO;AACjB,QAAA,WAAA,CAAY,SAAS,CAAA,EAAG,CAAA,CAAE,MAAM,CAAA,EAAG,CAAA,CAAE,QAAQ,CAAA,CAAE,CAAA;AAC/C,QAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,MAC3B;AAAA,IACF;AAEA,IAAA,cAAA,EAAe;AAEf,IAAA,MAAM,SAAA,GAAY,uBAAA,CAAwB,MAAA,EAAO,EAAG,QAAQ,cAAc,CAAA;AAC1E,IAAA,IAAI,CAAC,SAAA,EAAW,OAAO,EAAE,WAAW,IAAA,EAAK;AAEzC,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,GAAA,CAAI,KAAA,CAAM,iDAAA,EAAmD,EAAE,SAAA,EAAW,CAAA;AAC1E,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,wCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;ACtCO,IAAM,eAAN,MAAwC;AAAA,EAC7C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,WAAA,EAAa,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,aAAA,EAAc;AAE/C,IAAA,cAAA,EAAe;AAEf,IAAA,MAAM,OAAA,GAAU,MAAM,cAAA,EAAe;AACrC,IAAA,IAAI,OAAA,EAAS;AACX,MAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,QAAA,IAAI,oBAAA,EAAqB,EAAG,OAAO,EAAE,WAAW,IAAA,EAAK;AACrD,QAAA,MAAM,IAAI,MAAA,EAAO;AACjB,QAAA,WAAA,CAAY,SAAS,CAAA,EAAG,CAAA,CAAE,MAAM,CAAA,EAAG,CAAA,CAAE,QAAQ,CAAA,CAAE,CAAA;AAC/C,QAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,MAC3B;AACA,MAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,IAC3B;AACA,IAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,MAAA,MAAM,IAAI,MAAA,EAAO;AACjB,MAAA,WAAA,CAAY,SAAS,CAAA,EAAG,CAAA,CAAE,MAAM,CAAA,EAAG,CAAA,CAAE,QAAQ,CAAA,CAAE,CAAA;AAAA,IACjD;AACA,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC3BO,IAAM,oBAAN,MAA6C;AAAA,EAClD,MAAM,QAAQ,QAAA,EAA4C;AACxD,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;ACLA,IAAI,aAAA,GAAmC,IAAA;AAEhC,SAAS,oBAAA,GAA0C;AACxD,EAAA,OAAO,aAAA;AACT;AAEO,SAAS,qBAAqB,MAAA,EAAiC;AACpE,EAAA,aAAA,GAAgB,MAAA;AAClB;;;ACGA,eAAsB,sBAAA,GAA0C;AAC9D,EAAA,MAAM,SAAS,oBAAA,EAAqB;AACpC,EAAA,IAAI,MAAA,EAAQ;AACV,IAAA,IAAI;AACF,MAAA,OAAO,MAAM,OAAO,cAAA,EAAe;AAAA,IACrC,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AAEA,EAAA,MAAM,QAAQ,cAAA,EAAqB;AACnC,EAAA,IAAI,KAAA,IAAS,CAAC,oBAAA,EAAqB,EAAG,OAAO,KAAA;AAE7C,EAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,EAAA,IAAI,CAAC,YAAA,EAAc;AACjB,IAAA,MAAA,CAAO,MAAM,mDAAmD,CAAA;AAChE,IAAA,MAAM,IAAI,MAAM,kCAAkC,CAAA;AAAA,EACpD;AAEA,EAAA,OAAO,MAAM,kBAAA,EAA2B;AAC1C;AAEO,SAASC,eAAAA,GAAgC;AAC9C,EAAA,OAAO,cAAA,EAAqB;AAC9B;;;AC5BO,IAAM,cAAN,MAAuC;AAAA,EAC5C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACxB,IAAA,MAAM,MAAA,GAAS,MAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAEvD,IAAA,GAAA,CAAI,MAAM,yCAAyC,CAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,cAAA,GAAiB,MAAM,sBAAA,EAAuB;AACpD,MAAA,IAAI,cAAA,EAAgB;AAClB,QAAA,MAAA,CAAO,MAAM,kDAAkD,CAAA;AAC/D,QAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,MAC3B;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,KAAK,kDAAA,EAAoD;AAAA,QAC9D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,OAC7D,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,SAAA,GAAY,uBAAA,CAAwB,MAAA,EAAO,EAAG,QAAQ,cAAc,CAAA;AAC1E,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,0BAAA;AAAA,QACA,IAAI,MAAM,oBAAoB;AAAA,OAChC;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,wCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC5CO,IAAM,mBAAN,MAA4C;AAAA,EACjD,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,WAAA,EAAa,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,aAAA,EAAc;AAE/C,IAAA,MAAM,YAAA,GAAe,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAC/D,IAAA,GAAA,CAAI,IAAA,CAAK,+CAAA,EAAiD,EAAE,YAAA,EAAc,CAAA;AAC1E,IAAA,aAAA,CAAc,eAAe,eAAA,EAAiB,EAAE,SAAA,EAAW,YAAA,IAAgB,QAAW,CAAA;AAEtF,IAAA,aAAA,CAAc,aAAA,CAAc,iBAAiB,CAAC,CAAA;AAC9C,IAAA,aAAA,CAAc,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAE7C,IAAA,MAAM,YAAY,YAAA,IAAgB,uBAAA,CAAwB,MAAA,EAAO,EAAG,QAAQ,cAAc,CAAA;AAC1F,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,uCAAA;AAAA,QACA,IAAI,MAAM,iCAAiC;AAAA,OAC7C;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,qDAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC9BO,IAAM,YAAN,MAAqC;AAAA,EAC1C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACxB,IAAA,MAAM,MAAA,GAAS,MAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAEvD,IAAA,MAAM,iBAAA,GAAoB,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AAC9E,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,IAAI,iBAAA,IAAqB,CAAC,KAAA,EAAO;AAC/B,MAAA,GAAA,CAAI,KAAK,2FAA2F,CAAA;AACpG,MAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,MAAA,uBAAA,EAAwB;AAAA,IAC1B;AAEA,IAAA,MAAM,gBAAA,GAAmB,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAC,CAAA,KAAM,MAAA;AACzE,IAAA,IAAI,gBAAA,EAAkB,aAAA,CAAc,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAEnE,IAAA,MAAM,SAAA,GAAY,uBAAA,CAAwB,MAAA,EAAO,EAAG,QAAQ,cAAc,CAAA;AAC1E,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,0BAAA;AAAA,QACA,IAAI,MAAM,oBAAoB;AAAA,OAChC;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,wCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC7CA,IAAM,cAAA,GAAiB,IAAI,cAAA,EAAe;AAC1C,IAAM,YAAA,GAAe,IAAI,YAAA,EAAa;AACtC,IAAM,iBAAA,GAAoB,IAAI,iBAAA,EAAkB;AAChD,IAAM,WAAA,GAAc,IAAI,WAAA,EAAY;AACpC,IAAM,gBAAA,GAAmB,IAAI,gBAAA,EAAiB;AAC9C,IAAM,SAAA,GAAY,IAAI,SAAA,EAAU;AAEzB,SAAS,gBAAgB,KAAA,EAAsC;AACpE,EAAA,QAAQ,KAAA;AAAO,IACb,KAAA,aAAA;AACE,MAAA,OAAO,cAAA;AAAA,IACT,KAAA,qBAAA;AACE,MAAA,OAAO,YAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,iBAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,WAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,gBAAA;AAAA,IACT,KAAA,gBAAA;AAAA,IACA,KAAA,cAAA;AAAA,IACA,KAAA,YAAA;AAAA,IACA,KAAA,OAAA;AAAA,IACA;AACE,MAAA,OAAO,SAAA;AAAA;AAEb;;;ACVA,SAAS,mBAAA,GAAsB;AAC7B,EAAA,OAAO,CAAC,MAAA,KAAmB,UAAA,CAAW,aAAA,CAAc,MAAM,CAAC,CAAA;AAC7D;AAEA,eAAsB,YAAA,GAA8B;AAClD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAA,CAAO,IAAA;AAAA,MACL;AAAA,KACF;AACA,IAAA;AAAA,EACF;AAEA,EAAA,IAAI,uBAAsB,EAAG;AAC3B,IAAA,MAAA,CAAO,MAAM,wDAAwD,CAAA;AACrE,IAAA;AAAA,EACF;AAEA,EAAA,sBAAA,EAAuB;AAEvB,EAAA,IAAI;AACF,IAAA,YAAA,CAAa,IAAI,CAAA;AAEjB,IAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAC9C,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,MAAM,UAAU,oBAAA,EAAqB;AACrC,IAAA,MAAM,aAAA,GAAgB,CAAC,EAAE,KAAA,IAAS,CAAC,OAAA,CAAA;AACnC,IAAA,MAAM,QAAA,GAAW,CAAC,CAAC,KAAA;AACnB,IAAA,MAAM,eAAA,GAAkB,CAAC,CAAC,eAAA,EAAgB;AAE1C,IAAA,MAAM,QAAQ,yBAAA,CAA0B;AAAA,MACtC,GAAA;AAAA,MACA,YAAY,mBAAA,EAAoB;AAAA,MAChC,aAAA,EAAe,oBAAA;AAAA,MACf,aAAA;AAAA,MACA,QAAA;AAAA,MACA,eAAA;AAAA,MACA,cAAA,EAAgB;AAAA,KACjB,CAAA;AAED,IAAA,aAAA,CAAc,cAAA,CAAe,wBAAA,EAA0B,EAAE,KAAA,EAAwB,CAAA;AAEjF,IAAA,MAAM,IAAA,GAAO,gBAAgB,KAAK,CAAA;AAClC,IAAA,MAAM,OAAA,GAAuB,EAAE,OAAA,EAAS,GAAA,EAAK,KAAA,EAAM;AACnD,IAAA,MAAM,IAAA,CAAK,QAAQ,OAAO,CAAA;AAAA,EAC5B,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,KAAA,YAAiB,gBAAgB,MAAM,KAAA;AAC3C,IAAA,MAAM,IAAI,cAAA,EAAe;AACzB,IAAA,CAAC,CAAA,EAAG,MAAA,IAAU,MAAA,EAAQ,KAAA,CAAM,kBAAA,EAAoB;AAAA,MAC9C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,oBAAA,CAAqB,OAAO,sCAAsC;AAAA,KACpE;AAAA,EACF,CAAA,SAAE;AACA,IAAA,wBAAA,EAAyB;AAAA,EAC3B;AACF;;;ACjFA,IAAI,sBAAA,GAA8D,IAAA;AAE3D,SAAS,0BAA0B,EAAA,EAA+C;AACvF,EAAA,sBAAA,GAAyB,EAAA;AAC3B;AAEO,SAAS,yBAAA,GAAiE;AAC/E,EAAA,OAAO,sBAAA;AACT;;;ACLA,eAAe,aAAA,GAA+B;AAC5C,EAAA,MAAM,SAAS,oBAAA,EAAqB;AACpC,EAAA,IAAI,MAAA,EAAQ;AACV,IAAA,MAAM,OAAO,IAAA,EAAK;AAClB,IAAA;AAAA,EACF;AACA,EAAA,MAAM,YAAA,EAAa;AACrB;AAEA,yBAAA,CAA0B,MAAM,eAAe,CAAA;AAE/C,eAAsB,SAAA,GAA2B;AAC/C,EAAA,OAAO,aAAA,EAAc;AACvB;;;AChBO,IAAM,YAAA,GAAe;AAAA,EAC1B,WAAA,EAAa,0BAAA;AAAA,EACb,YAAA,EAAc;AAChB,CAAA;;;ACOA,IAAI,UAAA,GAAa,KAAA;AACjB,IAAI,kBAAA,GAA6B,EAAA;AACjC,IAAI,aAAA,uBAAyC,GAAA,EAAI;AACjD,IAAI,aAAA,GAAuD,IAAA;AAE3D,SAAS,iBAAA,GAA4B;AACnC,EAAA,IAAI;AACF,IAAA,OAAO,SAAS,MAAA,IAAU,EAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAA;AAAA,EACT;AACF;AAEA,SAAS,cAAA,GAA2B;AAClC,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,OAAO,OAAA,CACJ,GAAA,CAAI,CAAC,MAAA,KAAW;AACf,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,OAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAAA,IACtE,CAAC,CAAA,CACA,MAAA,CAAO,CAAC,IAAA,KAAS,IAAA,CAAK,SAAS,CAAC,CAAA;AAAA,EACrC,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAC;AAAA,EACV;AACF;AAEA,SAAS,YAAA,GAAoC;AAC3C,EAAA,MAAM,SAAA,uBAAgB,GAAA,EAAoB;AAC1C,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,IAAI,QAAQ,CAAA,CAAA,EAAI;AACd,QAAA,MAAM,OAAO,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,EAAE,IAAA,EAAK;AAC7C,QAAA,MAAM,QAAQ,MAAA,CAAO,SAAA,CAAU,KAAA,GAAQ,CAAC,EAAE,IAAA,EAAK;AAC/C,QAAA,IAAI,KAAK,MAAA,GAAS,CAAA,EAAG,SAAA,CAAU,GAAA,CAAI,MAAM,KAAK,CAAA;AAAA,MAChD;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,SAAA;AACT;AAEA,SAAS,mBAAA,GAA+B;AACtC,EAAA,IAAI;AACF,IAAA,MAAM,kBAAkB,iBAAA,EAAkB;AAC1C,IAAA,MAAM,mBAAmB,YAAA,EAAa;AACtC,IAAA,MAAM,iBAAiB,cAAA,EAAe;AAEtC,IAAA,IAAI,kBAAA,IAAsB,CAAC,eAAA,EAAiB;AAC1C,MAAA,MAAA,CAAO,KAAK,8BAA8B,CAAA;AAC1C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,aAAA,CAAc,OAAO,CAAA,EAAG;AAC1B,MAAA,MAAM,eAAA,GAAkB;AAAA,QACtB,YAAA,CAAa,WAAA;AAAA,QACb,YAAA,CAAa,YAAA;AAAA,QACb,aAAA;AAAA,QACA,0BAAA;AAAA,QACA,2BAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA;AAAA,OACF;AAEA,MAAA,MAAM,qBAA+B,EAAC;AACtC,MAAA,KAAA,MAAW,CAAC,UAAU,CAAA,IAAK,aAAA,EAAe;AACxC,QAAA,MAAM,eAAe,eAAA,CAAgB,IAAA;AAAA,UAAK,CAAC,aACzC,UAAA,CAAW,WAAA,GAAc,QAAA,CAAS,QAAA,CAAS,aAAa;AAAA,SAC1D;AACA,QAAA,IAAI,YAAA,IAAgB,CAAC,gBAAA,CAAiB,GAAA,CAAI,UAAU,CAAA,EAAG;AACrD,UAAA,kBAAA,CAAmB,KAAK,UAAU,CAAA;AAAA,QACpC;AAAA,MACF;AACA,MAAA,IAAI,kBAAA,CAAmB,SAAS,CAAA,EAAG;AACjC,QAAA,MAAA,CAAO,KAAK,+BAAA,EAAiC;AAAA,UAC3C,cAAA,EAAgB,kBAAA;AAAA,UAChB,qBAAqB,aAAA,CAAc,IAAA;AAAA,UACnC,oBAAoB,gBAAA,CAAiB;AAAA,SACtC,CAAA;AACD,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,mBAAA,GACJ,cAAc,GAAA,CAAI,YAAA,CAAa,WAAW,CAAA,IAC1C,aAAA,CAAc,IAAI,0BAA0B,CAAA;AAC9C,MAAA,MAAM,mBAAA,GACJ,iBAAiB,GAAA,CAAI,YAAA,CAAa,WAAW,CAAA,IAC7C,gBAAA,CAAiB,IAAI,0BAA0B,CAAA;AACjD,MAAA,IAAI,mBAAA,IAAuB,CAAC,mBAAA,EAAqB;AAC/C,QAAA,MAAA,CAAO,KAAK,kDAAkD,CAAA;AAC9D,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,oBAAA,GACJ,cAAc,GAAA,CAAI,YAAA,CAAa,YAAY,CAAA,IAC3C,aAAA,CAAc,IAAI,2BAA2B,CAAA;AAC/C,MAAA,MAAM,oBAAA,GACJ,iBAAiB,GAAA,CAAI,YAAA,CAAa,YAAY,CAAA,IAC9C,gBAAA,CAAiB,IAAI,2BAA2B,CAAA;AAClD,MAAA,IAAI,oBAAA,IAAwB,CAAC,oBAAA,EAAsB;AACjD,QAAA,MAAA,CAAO,KAAK,mDAAmD,CAAA;AAC/D,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,IACE,aAAA,CAAc,OAAO,gBAAA,CAAiB,IAAA,IACtC,cAAc,IAAA,GAAO,gBAAA,CAAiB,QAAQ,CAAA,EAC9C;AACA,QAAA,MAAM,iBAA2B,EAAC;AAClC,QAAA,KAAA,MAAW,CAAC,UAAU,CAAA,IAAK,aAAA,EAAe;AACxC,UAAA,IAAI,CAAC,gBAAA,CAAiB,GAAA,CAAI,UAAU,CAAA,EAAG,cAAA,CAAe,KAAK,UAAU,CAAA;AAAA,QACvE;AACA,QAAA,MAAM,0BAA0B,cAAA,CAAe,MAAA;AAAA,UAAO,CAAC,SACrD,eAAA,CAAgB,IAAA;AAAA,YAAK,CAAC,aACpB,IAAA,CAAK,WAAA,GAAc,QAAA,CAAS,QAAA,CAAS,aAAa;AAAA;AACpD,SACF,CAAE,MAAA;AACF,QAAA,IAAI,0BAA0B,CAAA,EAAG;AAC/B,UAAA,MAAA,CAAO,KAAK,6CAAA,EAA+C;AAAA,YACzD,cAAA;AAAA,YACA,gBAAA,EAAkB,uBAAA;AAAA,YAClB,eAAe,aAAA,CAAc,IAAA;AAAA,YAC7B,cAAc,gBAAA,CAAiB;AAAA,WAChC,CAAA;AACD,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAEA,IAAA,kBAAA,GAAqB,eAAA;AACrB,IAAA,aAAA,GAAgB,IAAI,IAAI,gBAAgB,CAAA;AACxC,IAAA,OAAO,KAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,wBAAA,EAA0B;AAAA,MACpC,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,SAAS,oBAAA,GAA6B;AACpC,EAAA,IAAI;AACF,IAAA,MAAA,CAAO,KAAK,sEAAsE,CAAA;AAElF,IAAA,MAAM,aAAA,GAAgB,UAAA,CAAW,aAAA,CAAc,aAAa,CAAC,CAAA,KAAM,MAAA;AACnE,IAAA,MAAM,gBAAA,GAAmB,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AAC7E,IAAA,IAAI,iBAAiB,gBAAA,EAAkB;AACrC,MAAA,MAAA,CAAO,KAAA;AAAA,QACL;AAAA,OACF;AACA,MAAA;AAAA,IACF;AAEA,IAAA,gBAAA,EAAiB;AAEjB,IAAA,IAAI;AACF,MAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,QAAA,MAAM,aAAa,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,aAAA,CAAc,aAAa,CAAC,CAAA;AAC3E,QAAA,MAAM,wBAAA,GAA2B,OAAO,YAAA,CAAa,OAAA;AAAA,UACnD,cAAc,oBAAoB;AAAA,SACpC;AACA,QAAA,uBAAA,EAAwB;AACxB,QAAA,IAAI,UAAA,KAAe,MAAA;AACjB,UAAA,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,aAAA,CAAc,aAAa,GAAG,MAAM,CAAA;AAClE,QAAA,IAAI,wBAAA,KAA6B,MAAA;AAC/B,UAAA,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,aAAA,CAAc,oBAAoB,GAAG,MAAM,CAAA;AAAA,MAC3E,CAAA,MAAO;AACL,QAAA,uBAAA,EAAwB;AAAA,MAC1B;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,KAAK,gCAAA,EAAkC;AAAA,QAC5C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,OAC7D,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,KAAK,yBAAA,EAA0B;AACrC,IAAA,IAAI,EAAA,EAAI;AACN,MAAA,OAAA,CAAQ,QAAQ,EAAA,EAAI,CAAA,CAAE,KAAA,CAAM,CAAC,KAAA,KAAU;AACrC,QAAA,MAAA,CAAO,MAAM,mDAAA,EAAqD;AAAA,UAChE,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,SAC7D,CAAA;AAAA,MACH,CAAC,CAAA;AAAA,IACH;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,gCAAA,EAAkC;AAAA,MAC7C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AACF;AAEO,SAAS,kBAAA,GAA2B;AACzC,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,MAAA,CAAO,MAAM,gCAAgC,CAAA;AAC7C,IAAA;AAAA,EACF;AAEA,EAAA,UAAA,GAAa,IAAA;AACb,EAAA,kBAAA,GAAqB,iBAAA,EAAkB;AACvC,EAAA,aAAA,GAAgB,YAAA,EAAa;AAE7B,EAAA,MAAM,iBAAiB,cAAA,EAAe;AACtC,EAAA,MAAM,cAAc,cAAA,CAAe,MAAA;AAAA,IACjC,CAAC,IAAA,KACC,IAAA,CAAK,aAAY,CAAE,QAAA,CAAS,aAAa,CAAA,IACzC,IAAA,CAAK,WAAA,EAAY,CAAE,SAAS,MAAM,CAAA,IAClC,KAAK,WAAA,EAAY,CAAE,SAAS,OAAO;AAAA,GACvC;AACA,EAAA,MAAA,CAAO,MAAM,wBAAA,EAA0B;AAAA,IACrC,oBAAoB,cAAA,CAAe,MAAA;AAAA,IACnC,iBAAiB,WAAA,CAAY,MAAA;AAAA,IAC7B,WAAA;AAAA,IACA,UAAA,EAAY;AAAA,GACb,CAAA;AAED,EAAA,aAAA,GAAgB,YAAY,YAAY;AACtC,IAAA,MAAM,gBAAA,GACJ,OAAO,MAAA,KAAW,WAAA,IAClB,MAAA,CAAO,aAAa,OAAA,CAAQ,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AACvE,IAAA,IAAI,gBAAA,EAAkB;AACpB,MAAA,MAAA,CAAO,MAAM,6DAA6D,CAAA;AAC1E,MAAA,kBAAA,GAAqB,iBAAA,EAAkB;AACvC,MAAA,aAAA,GAAgB,YAAA,EAAa;AAC7B,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,iBAAiB,mBAAA,EAAoB;AAC3C,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAA,CAAO,KAAK,4CAA4C,CAAA;AACxD,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,aAAA,CAAc,aAAa,CAAA;AAC3B,QAAA,aAAA,GAAgB,IAAA;AAAA,MAClB;AACA,MAAA,UAAA,GAAa,KAAA;AAEb,MAAA,IAAI;AACF,QAAA,MAAM,oBAAA,EAAqB;AAAA,MAC7B,SAAS,KAAA,EAAO;AACd,QAAA,MAAA,CAAO,MAAM,sDAAA,EAAwD;AAAA,UACnE,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,SAC7D,CAAA;AAAA,MACH,CAAA,SAAE;AACA,QAAA,cAAA,CAAe,MAAM;AACnB,UAAA,IAAI,CAAC,YAAY,kBAAA,EAAmB;AAAA,QACtC,CAAC,CAAA;AAAA,MACH;AAAA,IACF;AAAA,EACF,GAAG,GAAI,CAAA;AAEP,EAAA,MAAA,CAAO,KAAK,yDAAyD,CAAA;AACvE;AAEO,SAAS,iBAAA,GAA0B;AACxC,EAAA,UAAA,GAAa,KAAA;AACb,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,aAAA,CAAc,aAAa,CAAA;AAC3B,IAAA,aAAA,GAAgB,IAAA;AAAA,EAClB;AACA,EAAA,kBAAA,GAAqB,EAAA;AACrB,EAAA,MAAA,CAAO,MAAM,wBAAwB,CAAA;AACvC;AAEO,SAAS,kBAAA,GAA2B;AACzC,EAAA,kBAAA,GAAqB,iBAAA,EAAkB;AACvC,EAAA,aAAA,GAAgB,YAAA,EAAa;AAC7B,EAAA,MAAM,iBAAiB,cAAA,EAAe;AACtC,EAAA,MAAM,cAAc,cAAA,CAAe,MAAA;AAAA,IACjC,CAAC,IAAA,KACC,IAAA,CAAK,aAAY,CAAE,QAAA,CAAS,aAAa,CAAA,IACzC,IAAA,CAAK,WAAA,EAAY,CAAE,SAAS,MAAM,CAAA,IAClC,KAAK,WAAA,EAAY,CAAE,SAAS,OAAO;AAAA,GACvC;AACA,EAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB;AAAA,IACnC,oBAAoB,cAAA,CAAe,MAAA;AAAA,IACnC,iBAAiB,WAAA,CAAY,MAAA;AAAA,IAC7B;AAAA,GACD,CAAA;AACH;ACvNO,SAAS,kBAAA,GAA2B;AAMzC,EAAA,MAAM,GAAA,GAAM,MAAA;AACZ,EAAA,MAAM,aAAa,GAAA,CAAI,sCAAA;AACvB,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,aAAA,CAAc,UAAU,CAAA;AACxB,IAAA,OAAO,GAAA,CAAI,sCAAA;AAAA,EACb;AACF;;;AC7EO,SAAS,kBAAA,GAA2B;AACzC,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AAEzC,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,MAAM,IAAA,GAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,KAAA,CAAM,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAEtE,MAAA,IAAI,CAAC,IAAA,EAAM;AAGX,MAAA,QAAA,CAAS,MAAA,GAAS,GAAG,IAAI,CAAA,8CAAA,CAAA;AAGzB,MAAA,QAAA,CAAS,SAAS,CAAA,EAAG,IAAI,CAAA,sDAAA,EAAyD,MAAA,CAAO,SAAS,QAAQ,CAAA,CAAA;AAAA,IAC5G;AAEA,IAAA,MAAA,CAAO,MAAM,2CAA2C,CAAA;AAAA,EAC1D,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,gCAAA,EAAkC;AAAA,MAC5C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AACF;;;ACnBA,SAAS,QAAA,CAAS,SAAiB,IAAA,EAAsB;AACvD,EAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,OAAO,CAAA;AAC3B,EAAA,MAAM,iBAAiB,IAAA,CAAK,UAAA,CAAW,GAAG,CAAA,GAAI,IAAA,GAAO,IAAI,IAAI,CAAA,CAAA;AAC7D,EAAA,GAAA,CAAI,WAAW,GAAA,CAAI,QAAA,CAAS,SAAS,GAAG,CAAA,GACpC,GAAG,GAAA,CAAI,QAAQ,GAAG,cAAA,CAAe,KAAA,CAAM,CAAC,CAAC,CAAA,CAAA,GACzC,GAAG,GAAA,CAAI,QAAQ,GAAG,cAAc,CAAA,CAAA;AACpC,EAAA,OAAO,IAAI,QAAA,EAAS;AACtB;AAQA,eAAe,iBAAiB,SAAA,EAG7B;AACD,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,EAAW;AAAA,MACtC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB,mCAAA;AAAA,QAChB,kBAAA,EAAoB,gBAAA;AAAA,QACpB,MAAA,EAAQ;AAAA,OACV;AAAA,MACA,WAAA,EAAa;AAAA,KACd,CAAA;AACD,IAAA,MAAM,IAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACpD,IAAA,MAAA,CAAO,IAAA,CAAK,+BAAA,EAAiC,EAAE,QAAA,EAAU,MAAM,CAAA;AAC/D,IAAA,IAAI,SAAS,IAAA,CAAK,OAAA,KAAY,IAAA,IAAQ,IAAA,CAAK,WAAW,IAAA,CAAA,EAAO;AAC3D,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,QAAA,EAAU,IAAA,EAAK;AAAA,IACzC;AACA,IAAA,MAAA,CAAO,IAAA,CAAK,uCAAA,EAAyC,EAAE,QAAA,EAAU,MAAM,CAAA;AACvE,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,IAAA,EAAK;AAAA,EAC1C,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,gCAAA,EAAkC;AAAA,MAC7C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,EAAW;AAAA,QACtC,MAAA,EAAQ,KAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,kBAAA,EAAoB,gBAAA;AAAA,UACpB,MAAA,EAAQ;AAAA,SACV;AAAA,QACA,WAAA,EAAa;AAAA,OACd,CAAA;AACD,MAAA,MAAM,IAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACpD,MAAA,MAAA,CAAO,IAAA,CAAK,8BAAA,EAAgC,EAAE,QAAA,EAAU,MAAM,CAAA;AAC9D,MAAA,IAAI,SAAS,IAAA,CAAK,OAAA,KAAY,IAAA,IAAQ,IAAA,CAAK,WAAW,IAAA,CAAA,EAAO;AAC3D,QAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,QAAA,EAAU,IAAA,EAAK;AAAA,MACzC;AACA,MAAA,MAAA,CAAO,IAAA,CAAK,sCAAA,EAAwC,EAAE,QAAA,EAAU,MAAM,CAAA;AACtE,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,IAAA,EAAK;AAAA,IAC1C,SAAS,QAAA,EAAU;AACjB,MAAA,MAAA,CAAO,KAAK,0CAAA,EAA4C;AAAA,QACtD,WAAW,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK,CAAA;AAAA,QAChE,UAAU,QAAA,YAAoB,KAAA,GAAQ,QAAA,CAAS,OAAA,GAAU,OAAO,QAAQ;AAAA,OACzE,CAAA;AACD,MAAA,OAAO,EAAE,SAAS,KAAA,EAAM;AAAA,IAC1B;AAAA,EACF;AACF;AAEA,SAAS,yBAAA,GAAkC;AACzC,EAAA,MAAA,CAAO,MAAM,iCAAiC,CAAA;AAC9C,EAAA,kBAAA,EAAmB;AACnB,EAAA,eAAA,EAAgB;AAChB,EAAA,MAAA,CAAO,KAAK,gCAAgC,CAAA;AAC9C;AAEA,eAAsB,OAAO,SAAA,EAI1B;AACD,EAAA,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAA,EAAG,MAAM,CAAA;AACtD,EAAA,UAAA,CAAW,aAAA,CAAc,aAAa,CAAA,EAAG,MAAM,CAAA;AAC/C,EAAA,IAAI,SAAA,EAAW,MAAK,EAAG,UAAA,CAAW,cAAc,sBAAsB,CAAA,EAAG,SAAA,CAAU,IAAA,EAAM,CAAA;AAEzF,EAAA,IAAI,UAAA,CAAW,aAAA,CAAc,mBAAmB,CAAC,MAAM,MAAA,EAAQ;AAC7D,IAAA,MAAA,CAAO,MAAM,2DAAsD,CAAA;AACnE,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,OAAA,EAAS,6BAAA,EAA8B;AAAA,EACjE;AAEA,EAAA,UAAA,CAAW,aAAA,CAAc,mBAAmB,CAAA,EAAG,MAAM,CAAA;AAErD,EAAA,IAAI;AACF,IAAA,kBAAA,EAAmB;AACnB,IAAA,iBAAA,EAAkB;AAElB,IAAA,MAAM,cAAA,GAAiB,OAAO,iBAAA,EAAkB;AAChD,IAAA,IAAI,mBAAA,GAAsB,KAAA;AAC1B,IAAA,IAAI,cAAA;AAEJ,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,SAAA,GAAY,QAAA,CAAS,cAAA,EAAgB,gBAAgB,CAAA;AAC3D,MAAA,MAAA,CAAO,IAAA,CAAK,4BAAA,EAA8B,EAAE,SAAA,EAAW,CAAA;AACvD,MAAA,MAAM,YAAA,GAAe,MAAM,gBAAA,CAAiB,SAAS,CAAA;AACrD,MAAA,mBAAA,GAAsB,YAAA,CAAa,OAAA;AACnC,MAAA,cAAA,GAAiB,YAAA,CAAa,QAAA;AAAA,IAChC;AAEA,IAAA,yBAAA,EAA0B;AAE1B,IAAA,MAAM,kBAAA,GAAqB,UAAA,CAAW,aAAA,CAAc,sBAAsB,CAAC,CAAA;AAC3E,IAAA,IAAI,kBAAA,EAAoB;AACtB,MAAA,UAAA,CAAW,aAAA,CAAc,cAAc,CAAA,EAAG,IAAA,CAAK,UAAU,EAAE,SAAA,EAAW,kBAAA,EAAoB,CAAC,CAAA;AAC3F,MAAA,aAAA,CAAc,aAAA,CAAc,sBAAsB,CAAC,CAAA;AAAA,IACrD;AAEA,IAAA,kBAAA,EAAmB;AACnB,IAAA,aAAA,CAAc,aAAA,CAAc,mBAAmB,CAAC,CAAA;AAEhD,IAAA,MAAA,CAAO,KAAK,0EAAA,EAAuE;AAAA,MACjF,mBAAA;AAAA,MACA;AAAA,KACD,CAAA;AACD,IAAA,aAAA,CAAc,eAAe,gBAAA,EAAkB;AAAA,MAC7C,OAAA,EAAS,sBAAsB,uBAAA,GAA0B;AAAA,KAC1D,CAAA;AAED,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,IAAA;AAAA,MACT,OAAA,EAAS,mBAAA,GACL,cAAA,EAAgB,OAAA,IAAW,mEAAA,GAC3B,2EAAA;AAAA,MACJ;AAAA,KACF;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,4BAAA,EAA8B;AAAA,MACzC,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,yBAAA,EAA0B;AAE1B,IAAA,MAAM,kBAAA,GAAqB,UAAA,CAAW,aAAA,CAAc,sBAAsB,CAAC,CAAA;AAC3E,IAAA,IAAI,kBAAA,EAAoB;AACtB,MAAA,UAAA,CAAW,aAAA,CAAc,cAAc,CAAA,EAAG,IAAA,CAAK,UAAU,EAAE,SAAA,EAAW,kBAAA,EAAoB,CAAC,CAAA;AAC3F,MAAA,aAAA,CAAc,aAAA,CAAc,sBAAsB,CAAC,CAAA;AAAA,IACrD;AACA,IAAA,aAAA,CAAc,aAAA,CAAc,mBAAmB,CAAC,CAAA;AAEhD,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,IAAA;AAAA,MACT,OAAA,EAAS;AAAA,KACX;AAAA,EACF;AACF;ACrKO,IAAM,WAAA,GAAcC,oBAA4C,MAAS,CAAA;AAEzE,SAAS,cAAA,GAAmC;AACjD,EAAA,MAAM,OAAA,GAAUC,iBAAW,WAAW,CAAA;AACtC,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,MAAM,iDAAiD,CAAA;AAAA,EACnE;AACA,EAAA,OAAO,OAAA;AACT;;;ACFA,IAAM,eAAA,uBAAsB,GAAA,EAA0C;AACtE,IAAMC,kBAAiB,eAAA,CAAgB,MAAA;AAEvC,SAAS,wBAAA,GAAmC;AAC1C,EAAA,IAAI,IAAA,GAAO,OAAO,6BAAA,EAA8B;AAChD,EAAA,IAAI,OAAO,WAAW,WAAA,KAAgB,CAAC,QAAQ,IAAA,CAAK,UAAA,CAAW,GAAG,CAAA,CAAA,EAAI;AACpE,IAAA,IAAA,GAAO,MAAA,CAAO,QAAA,CAAS,MAAA,IAAU,IAAA,IAAQ,MAAA,CAAA;AAAA,EAC3C;AACA,EAAA,OAAO,IAAA;AACT;AAEA,IAAM,kBAAA,GAAqB,SAAA;AAE3B,SAAS,mBAAmB,UAAA,EAA4B;AACtD,EAAA,MAAM,6BAA6B,wBAAA,EAAyB;AAC5D,EAAA,MAAM,IAAA,GAAO,0BAAA,CAA2B,OAAA,CAAQ,eAAA,EAAiB,EAAE,CAAA,IAAK,0BAAA;AACxE,EAAA,OAAO,CAAA,EAAG,IAAI,CAAA,sCAAA,EAAyC,kBAAA,CAAmB,UAAU,CAAC,CAAA,CAAA;AACvF;AAsBA,eAAsB,cAAc,SAAA,EAAiD;AACnF,EAAA,IAAI,CAAC,SAAA,IAAa,SAAA,CAAU,IAAA,OAAW,EAAA,EAAI;AACzC,IAAA,MAAA,CAAO,MAAM,kDAAkD,CAAA;AAC/D,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,UAAA,GAAa,UAAU,IAAA,EAAK;AAClC,EAAA,MAAM,UAAA,GAAa,iBAAiB,UAAU,CAAA,CAAA;AAC9C,EAAA,IAAI,eAAA,CAAgB,GAAA,CAAI,UAAU,CAAA,EAAG;AACnC,IAAA,MAAA,CAAO,KAAA,CAAM,sCAAA,EAAwC,EAAE,UAAA,EAAY,CAAA;AACnE,IAAA,OAAO,eAAA,CAAgB,IAAI,UAAU,CAAA;AAAA,EACvC;AAEA,EAAA,MAAA,CAAO,IAAA,CAAK,4BAAA,EAA8B,EAAE,UAAA,EAAY,CAAA;AAExD,EAAA,MAAM,kBAAkB,YAA0C;AAChE,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAM,mBAAmB,UAAU,CAAA;AACzC,MAAA,MAAA,CAAO,KAAA,CAAM,oBAAA,EAAsB,EAAE,GAAA,EAAK,CAAA;AAE1C,MAAA,IAAI,IAAA;AACJ,MAAA,IAAI;AACF,QAAA,MAAM,WAAW,MAAM,KAAA,CAAM,KAAK,EAAE,MAAA,EAAQ,OAAO,CAAA;AACnD,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI,MAAM,IAAI,KAAA,CAAM,CAAA,KAAA,EAAQ,QAAA,CAAS,MAAM,CAAA,CAAE,CAAA;AAC3D,QAAA,IAAA,GAAQ,MAAM,SAAS,IAAA,EAAK;AAC5B,QAAA,MAAA,CAAO,KAAA,CAAM,uBAAA,EAAyB,EAAE,UAAA,EAAY,CAAA;AAAA,MACtD,SAAS,KAAA,EAAO;AACd,QAAA,MAAA,CAAO,IAAA,CAAK,iBAAA,EAAmB,EAAE,UAAA,EAAY,OAAO,CAAA;AACpD,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,UAAU,OAAO,IAAA;AAE9C,MAAA,MAAM,GAAA,GAAM,IAAA;AACZ,MAAA,IAAI,CAAC,GAAA,CAAI,OAAA,IAAW,CAAC,GAAA,CAAI,MAAM,OAAO,IAAA;AAEtC,MAAA,MAAM,SAAS,GAAA,CAAI,IAAA;AACnB,MAAA,IAAI,CAAC,MAAA,CAAO,EAAA,IAAM,CAAC,MAAA,CAAO,YAAY,OAAO,IAAA;AAE7C,MAAA,MAAM,UAAA,GAAa,OAAO,gBAAA,EAAiB;AAC3C,MAAA,MAAM,WAAA,GAAc,OAAO,cAAA,EAAe;AAC1C,MAAA,IAAI,CAAC,UAAA,IAAc,CAAC,WAAA,EAAa,OAAO,IAAA;AAExC,MAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,UAAA,CAAW,UAAA,CAAW,kBAAkB,CAAA,GACxE,MAAA,CAAO,UAAA,GACP,CAAA,EAAG,kBAAkB,CAAA,EAAG,MAAA,CAAO,UAAU,CAAA,CAAA;AAE7C,MAAA,MAAM,MAAA,GAAuB;AAAA,QAC3B,UAAU,MAAA,CAAO,EAAA;AAAA,QACjB,UAAA;AAAA,QACA,SAAA,EAAW,UAAA;AAAA,QACX,MAAA,EAAQ;AAAA,UACN,UAAU,MAAA,CAAO,UAAA;AAAA,UACjB,UAAA,EAAY,oBAAA;AAAA,UACZ,WAAA;AAAA,UACA,MAAA,EAAQA;AAAA;AACV,OACF;AACA,MAAA,MAAA,CAAO,KAAA,CAAM,wBAAA,EAA0B,EAAE,UAAA,EAAY,CAAA;AACrD,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,IAAA,CAAK,mCAAA,EAAqC,EAAE,UAAA,EAAY,OAAO,CAAA;AACtE,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,SAAE;AACA,MAAA,eAAA,CAAgB,OAAO,UAAU,CAAA;AAAA,IACnC;AAAA,EACF,CAAA,GAAG;AAEH,EAAA,eAAA,CAAgB,GAAA,CAAI,YAAY,cAAc,CAAA;AAC9C,EAAA,OAAO,cAAA;AACT;;;AC7GO,SAAS,mBAAA,GAA8B;AAC5C,EAAA,OAAO;AAAA,IACL,IAAA,CAAK,SAAiB,IAAA,EAAgC;AACpD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,IAAA,CAAK,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACtE,CAAA;AAAA,IACA,IAAA,CAAK,SAAiB,IAAA,EAAgC;AACpD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,IAAA,CAAK,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACtE,CAAA;AAAA,IACA,KAAA,CAAM,SAAiB,IAAA,EAAgC;AACrD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,KAAA,CAAM,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACvE,CAAA;AAAA,IACA,KAAA,CAAM,SAAiB,IAAA,EAAgC;AACrD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,KAAA,CAAM,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACvE;AAAA,GACF;AACF;AAEO,SAAS,wBAAA,GAAwC;AACtD,EAAA,OAAO;AAAA,IACL,aAAA,GAA4B;AAC1B,MAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,QAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,MAAA,EAAQ,EAAA,EAAI,UAAU,GAAA,EAAK,MAAA,EAAQ,EAAA,EAAI,QAAA,EAAU,EAAA,EAAG;AAAA,MACzE;AACA,MAAA,MAAM,CAAA,GAAI,MAAA;AACV,MAAA,MAAM,MAAM,CAAA,CAAE,QAAA;AACd,MAAA,OAAO;AAAA,QACL,MAAM,GAAA,CAAI,IAAA;AAAA,QACV,QAAQ,GAAA,CAAI,MAAA;AAAA,QACZ,UAAU,GAAA,CAAI,QAAA;AAAA,QACd,QAAQ,GAAA,CAAI,MAAA;AAAA,QACZ,UAAU,GAAA,CAAI;AAAA,OAChB;AAAA,IACF,CAAA;AAAA,IACA,SAAS,GAAA,EAAmB;AAC1B,MAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAA,CAAS,QAAQ,GAAG,CAAA;AAAA,IAChE,CAAA;AAAA,IACA,aAAa,GAAA,EAAmB;AAC9B,MAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,MAAA,IAAI;AACF,QAAA,MAAM,KAAA,GAAQ,OAAO,QAAA,KAAa,WAAA,GAAc,SAAS,KAAA,GAAQ,EAAA;AACjE,QAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,OAAO,GAAG,CAAA;AAAA,MAC5C,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,GACF;AACF;AAGO,SAAS,oBAAA,GAAuC;AACrD,EAAA,OAAO;AAAA,IACL,aAAA,EAAe,MAAM,MAAA,CAAO,iBAAA,EAAkB;AAAA,IAC9C,gBAAA,EAAkB,MAAM,MAAA,CAAO,gBAAA,EAAiB;AAAA,IAChD,cAAA,EAAgB,MAAM,MAAA,CAAO,cAAA,EAAe;AAAA,IAC5C,WAAA,EAAa,MAAM,MAAA,CAAO,WAAA,EAAY;AAAA,IACtC,WAAA,EAAa,MAAM,MAAA,CAAO,WAAA,EAAY;AAAA,IACtC,aAAA,EAAe,MAAM,MAAA,CAAO,aAAA,EAAc;AAAA,IAC1C,WAAA,EAAa,MAAM,MAAA,CAAO,WAAA;AAAY,GACxC;AACF;AAEO,SAAS,oBAAA,GAAuC;AACrD,EAAA,OAAO,EAAE,OAAA,EAAS,CAAC,SAAA,KAAsB,aAAA,CAAc,SAAS,CAAA,EAAE;AACpE;AAEO,SAAS,0BAAA,GAA4C;AAC1D,EAAA,OAAO;AAAA,IACL,YAAA,GAAqB;AACnB,MAAA,IAAI,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,WAAW,WAAA,EAAa;AACtE,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,QAAA,OAAA,CAAQ,OAAA,CAAQ,CAAC,MAAA,KAAW;AAC1B,UAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,UAAA,MAAM,IAAA,GAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAC1E,UAAA,QAAA,CAAS,MAAA,GAAS,GAAG,IAAI,CAAA,8CAAA,CAAA;AACzB,UAAA,MAAM,MAAA,GAAS,OAAO,QAAA,CAAS,QAAA;AAC/B,UAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AAC9B,UAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG;AACpB,YAAA,MAAM,eAAe,GAAA,GAAM,KAAA,CAAM,MAAM,CAAA,CAAE,CAAA,CAAE,KAAK,GAAG,CAAA;AACnD,YAAA,QAAA,CAAS,MAAA,GAAS,CAAA,EAAG,IAAI,CAAA,sDAAA,EAAyD,YAAY,CAAA,CAAA;AAAA,UAChG;AAAA,QACF,CAAC,CAAA;AAAA,MACH,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,GACF;AACF;;;ACpFO,SAAS,wBAAA,GAAyC;AACvD,EAAA,OAAO;AAAA,IACL,MAAM,SAAS,YAAA,EAA2C;AACxD,MAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,MAAA,MAAM,iBAAiB,YAAY,CAAA;AAAA,IACrC,CAAA;AAAA,IAEA,MAAM,cAAA,GAAmC;AACvC,MAAA,OAAO,cAAA,EAAe;AAAA,IACxB,CAAA;AAAA,IAEA,MAAM,OAAA,GAA2B;AAC/B,MAAA,OAAO,kBAAA,EAAmB;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,OAAO,OAAA,EAAiD;AAC5D,MAAA,MAAM,MAAA,CAAc,SAAS,SAAS,CAAA;AAAA,IACxC;AAAA,GACF;AACF;;;ACzBO,SAAS,cAAA,GAGd;AACA,EAAA,MAAMC,UAAAA,uBAAgB,GAAA,EAAuB;AAE7C,EAAA,OAAO;AAAA,IACL,UAAU,QAAA,EAAyC;AACjD,MAAAA,UAAAA,CAAU,IAAI,QAAQ,CAAA;AACtB,MAAA,OAAO,MAAMA,UAAAA,CAAU,MAAA,CAAO,QAAQ,CAAA;AAAA,IACxC,CAAA;AAAA,IACA,KAAK,KAAA,EAA8B;AACjC,MAAAA,UAAAA,CAAU,OAAA,CAAQ,CAAC,EAAA,KAAO;AACxB,QAAA,IAAI;AACF,UAAA,EAAA,CAAG,KAAK,CAAA;AAAA,QACV,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF,CAAC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACXA,SAAS,WAAA,CAAY,GAAoB,CAAA,EAA6B;AACpE,EAAA,OACE,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,IACf,EAAE,WAAA,KAAgB,CAAA,CAAE,WAAA,IACpB,CAAA,CAAE,SAAA,KAAc,CAAA,CAAE,SAAA,IAClB,CAAA,CAAE,UAAU,CAAA,CAAE,KAAA;AAElB;AAEA,SAAS,YAAY,MAAA,EAA2C;AAC9D,EAAA,cAAA,CAAe,MAAM,CAAA;AACrB,EAAA,MAAM,cAAc,cAAA,EAAe;AACnC,EAAA,MAAM,YAAY,YAAA,EAAa;AAC/B,EAAA,MAAM,UAAU,oBAAA,EAAqB;AAErC,EAAA,IAAI,WAAA,IAAe,CAAC,OAAA,EAAS;AAC3B,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,eAAA;AAAA,MACR,WAAA;AAAA,MACA,SAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AACA,EAAA,IAAI,eAAe,OAAA,EAAS;AAC1B,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,OAAA;AAAA,MACR,WAAA;AAAA,MACA,SAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AACA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,iBAAA;AAAA,IACR,WAAA,EAAa,IAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,KAAA,EAAO;AAAA,GACT;AACF;AAEO,SAAS,iBAAiB,MAAA,EAAsC;AACrE,EAAA,MAAM,eAAe,MAAA,CAAO,MAAA,CAAO,EAAE,GAAG,QAAQ,CAAA;AAChD,EAAA,MAAM,MAAM,cAAA,EAAe;AAC3B,EAAA,IAAI,gBAAA,GAA2C,IAAA;AAC/C,EAAA,MAAM,QAAA,GAAW,YAAA,CAAa,QAAA,IAAY,wBAAA,EAAyB;AAEnE,EAAA,MAAM,YAAY,MAAY;AAC5B,IAAA,MAAM,IAAA,GAAO,YAAY,YAAY,CAAA;AACrC,IAAA,IAAI,gBAAA,KAAqB,IAAA,IAAQ,WAAA,CAAY,gBAAA,EAAkB,IAAI,CAAA,EAAG;AACtE,IAAA,gBAAA,GAAmB,IAAA;AACnB,IAAA,GAAA,CAAI,KAAK,IAAI,CAAA;AAAA,EACf,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,MAAM,IAAA,GAAsB;AAC1B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gCAAgC,CAAA;AAC1D,MAAA,MAAM,YAAA,EAAa;AACnB,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gDAAgD,CAAA;AAC1E,MAAA,MAAM,YAAA,EAAa;AACnB,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,OAAO,OAAA,EAAiD;AAC5D,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,eAAe,CAAA;AACzC,MAAA,MAAM,QAAA,CAAS,OAAO,OAAO,CAAA;AAC7B,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,OAAA,GAA2B;AAC/B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gBAAgB,CAAA;AAC1C,MAAA,IAAI;AACF,QAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,OAAA,EAAQ;AACrC,QAAA,SAAA,EAAU;AACV,QAAA,OAAO,KAAA;AAAA,MACT,SAAS,CAAA,EAAG;AACV,QAAA,SAAA,EAAU;AACV,QAAA,MAAM,CAAA;AAAA,MACR;AAAA,IACF,CAAA;AAAA,IAEA,MAAM,cAAA,GAAkC;AACtC,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,OAAO,sBAAA,EAAuB;AAAA,IAChC,CAAA;AAAA,IAEA,MAAM,cAAA,GAAmC;AACvC,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,uBAAuB,CAAA;AACjD,MAAA,MAAM,OAAA,GAAU,MAAM,QAAA,CAAS,cAAA,EAAe;AAC9C,MAAA,SAAA,EAAU;AACV,MAAA,OAAO,OAAA;AAAA,IACT,CAAA;AAAA,IAEA,UAAU,QAAA,EAAU;AAClB,MAAA,OAAO,GAAA,CAAI,UAAU,QAAQ,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,QAAA,GAA4B;AAC1B,MAAA,OAAO,YAAY,YAAY,CAAA;AAAA,IACjC;AAAA,GACF;AACF;ACnEO,SAAS,YAAA,CAAa;AAAA,EAC3B,QAAA;AAAA,EACA,QAAA,GAAW,IAAA;AAAA,EACX,UAAA;AAAA,EACA,KAAA,GAAQ,EAAA;AAAA,EACR;AACF,CAAA,EAAyC;AACvC,EAAA,MAAM,iBAAA,GAAoB,UAAA,IAAc,MAAA,CAAO,aAAA,EAAc;AAC7D,EAAA,MAAM,SAAA,GAAYC,aAAA;AAAA,IAChB,OAAO,EAAE,QAAA,EAAU,qBAAqB,EAAA,EAAI,KAAA,EAAO,SAAS,EAAA,EAAG,CAAA;AAAA,IAC/D,CAAC,mBAAmB,KAAK;AAAA,GAC3B;AACA,EAAA,MAAM,UAAA,GAAaC,aAAO,KAAK,CAAA;AAC/B,EAAA,MAAM,SAAA,GAAYA,aAA0B,IAAI,CAAA;AAEhD,EAAAC,qBAAA,CAAgB,MAAM;AACpB,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,SAAA,CAAa,EAAE,UAAA,EAAY,UAAA,EAAY,CAAA;AAAA,IACzC;AACA,IAAA,OAAO,MAAM;AACX,MAAA,oBAAA,EAAqB;AAAA,IACvB,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,UAAU,CAAC,CAAA;AAEf,EAAAA,qBAAA,CAAgB,MAAM;AACpB,IAAA,mBAAA,CAAoB,qBAAqB,EAAE,CAAA;AAC3C,IAAA,MAAM,UACJ,cAAA,KAAmB,MAAA,IAAa,mBAAmB,IAAA,GAC/C,cAAA,GACA,kCAAkC,SAAS,CAAA;AACjD,IAAA,iBAAA,CAAkB,SAAS,SAAS,CAAA;AACpC,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,cAAA,EAAgB,OAAA;AAAA,MAChB,gBAAA,EAAkB,SAAA;AAAA,MAClB,QAAQ,mBAAA,EAAoB;AAAA,MAC5B,aAAa,wBAAA,EAAyB;AAAA,MACtC,gBAAgB,oBAAA,EAAqB;AAAA,MACrC,gBAAgB,oBAAA,EAAqB;AAAA,MACrC,cAAc,0BAAA;AAA2B,KAC3C;AACA,IAAA,cAAA,CAAe,OAAO,CAAA;AACtB,IAAA,SAAA,CAAU,OAAA,GAAU,iBAAiB,OAAO,CAAA;AAC5C,IAAA,oBAAA,CAAqB,UAAU,OAAO,CAAA;AACtC,IAAA,OAAO,MAAM;AACX,MAAA,oBAAA,CAAqB,IAAI,CAAA;AACzB,MAAA,SAAA,CAAU,OAAA,GAAU,IAAA;AACpB,MAAA,cAAA,CAAe,IAAI,CAAA;AACnB,MAAA,iBAAA,CAAkB,MAAM,EAAE,QAAA,EAAU,EAAA,EAAI,KAAA,EAAO,IAAI,CAAA;AACnD,MAAA,mBAAA,CAAoB,EAAE,CAAA;AAAA,IACxB,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,iBAAA,EAAmB,KAAA,EAAO,cAAc,CAAC,CAAA;AAG7C,EAAAC,eAAA,CAAU,MAAM;AACd,IAAA,MAAMC,kBAAAA,GAAoB,UAAA,IAAc,MAAA,CAAO,aAAA,EAAc;AAE7D,IAAA,MAAA,CAAO,MAAM,oCAAA,EAAsC;AAAA,MACjD,YAAY,UAAA,IAAc,gBAAA;AAAA,MAC1B,OAAO,KAAA,IAAS,EAAA;AAAA,MAChB,iBAAA,EAAAA;AAAA,KACD,CAAA;AAED,IAAA,IAAIA,kBAAAA,EAAmB;AACrB,MAAA,MAAM,iBAAA,GAAoB,UAAA,CAAW,aAAA,CAAc,YAAY,CAAC,CAAA;AAChE,MAAA,MAAM,gBAAA,GAAmB,qBAAqB,iBAAA,KAAsBA,kBAAAA;AAEpE,MAAA,IAAI,gBAAA,EAAkB;AACpB,QAAA,MAAA,CAAO,MAAM,uCAAA,EAAyC,EAAE,UAAU,iBAAA,EAAmB,IAAA,EAAMA,oBAAmB,CAAA;AAE9G,QAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,UAAA,MAAM,UAAA,GAAa,OAAO,QAAA,CAAS,IAAA;AACnC,UAAA,MAAM,aAAa,UAAA,CAAW,QAAA,CAAS,OAAO,CAAA,IAAK,UAAA,CAAW,SAAS,QAAQ,CAAA;AAC/E,UAAA,IAAI,UAAA,EAAY;AACd,YAAA,MAAMC,SAAAA,GAAW,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,OAAO,QAAA,CAAS,QAAA;AAC1D,YAAA,MAAA,CAAO,QAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,OAAOA,SAAQ,CAAA;AAAA,UAC1D;AAAA,QACF;AAEA,QAAA,aAAA,CAAc,aAAA,CAAc,cAAc,CAAC,CAAA;AAC3C,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAC5C,QAAA,aAAA,CAAc,aAAA,CAAc,YAAY,CAAC,CAAA;AACzC,QAAA,aAAA,CAAc,aAAA,CAAc,UAAU,CAAC,CAAA;AACvC,QAAA,aAAA,CAAc,aAAA,CAAc,OAAO,CAAC,CAAA;AACpC,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAC5C,QAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,QAAA,uBAAA,EAAwB;AACxB,QAAA,cAAA,EAAe;AACf,QAAA,aAAA,CAAc,aAAA,CAAc,WAAW,CAAC,CAAA;AACxC,QAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,UAAA,MAAA,CAAO,YAAA,CAAa,UAAA,CAAW,aAAA,CAAc,aAAa,CAAC,CAAA;AAC3D,UAAA,MAAA,CAAO,YAAA,CAAa,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA;AAAA,QACpE;AAEA,QAAA,UAAA,CAAW,aAAA,CAAc,eAAe,CAAA,EAAG,MAAM,CAAA;AACjD,QAAA,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAA,EAAG,MAAM,CAAA;AACnD,QAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAGD,kBAAiB,CAAA;AAE7D,QAAA,QAAA,CAAS;AAAA,UACP,eAAA,EAAiB,KAAA;AAAA,UACjB,WAAA,EAAa,IAAA;AAAA,UACb,SAAA,EAAW,IAAA;AAAA,UACX,KAAA,EAAO;AAAA,SACR,CAAA;AAAA,MACH,WAAW,iBAAA,EAAmB;AAC5B,QAAA,MAAA,CAAO,KAAA,CAAM,oCAAA,EAAsC,EAAE,SAAA,EAAWA,oBAAmB,CAAA;AAAA,MACrF;AAGA,MAAA,UAAA,CAAW,aAAA,CAAc,cAAc,CAAA,EAAG,IAAA,CAAK,UAAU,EAAE,SAAA,EAAWA,kBAAAA,EAAmB,CAAC,CAAA;AAC1F,MAAA,UAAA,CAAW,aAAA,CAAc,YAAY,CAAA,EAAGA,kBAAiB,CAAA;AAAA,IAC3D,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,MAAM,0CAA0C,CAAA;AAAA,IACzD;AAAA,EACF,CAAA,EAAG,CAAC,UAAA,EAAY,KAAK,CAAC,CAAA;AAEtB,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAIE,cAAA,CAAoB;AAAA,IAC5C,eAAA,EAAiB,KAAA;AAAA,IACjB,WAAA,EAAa,IAAA;AAAA,IACb,SAAA,EAAW,QAAA;AAAA,IACX,KAAA,EAAO;AAAA,GACR,CAAA;AAKD,EAAA,MAAM,aAAA,GAAgBC,kBAAY,MAAM;AACtC,IAAA,IAAI;AACF,MAAA,MAAM,SAAS,SAAA,CAAU,OAAA;AACzB,MAAA,IAAI,aAAA;AACJ,MAAA,IAAI,WAAA;AACJ,MAAA,IAAI,KAAA,GAAuB,IAAA;AAE3B,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAM,CAAA,GAAI,OAAO,QAAA,EAAS;AAC1B,QAAA,aAAA,GAAgB,CAAA,CAAE,MAAA,KAAW,eAAA,IAAmB,CAAC,CAAC,CAAA,CAAE,WAAA;AACpD,QAAA,WAAA,GAAc,CAAA,CAAE,WAAA;AAChB,QAAA,KAAA,GAAQ,CAAA,CAAE,KAAA;AAAA,MACZ,CAAA,MAAO;AACL,QAAA,WAAA,GAAc,cAAA,EAAqB;AACnC,QAAA,aAAA,GAAgB,CAAC,CAAC,WAAA,IAAe,CAAC,oBAAA,EAAqB;AAAA,MACzD;AAEA,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,aAAA;AAAA,QACjB,WAAA;AAAA,QACA,SAAA,EAAW,KAAA;AAAA,QACX;AAAA,OACD,CAAA;AAED,MAAA,IAAI,aAAA,EAAe;AAAA,MACnB,CAAA,MAAO;AACL,QAAA,kBAAA,EAAmB;AACnB,QAAA,iBAAA,EAAkB;AAAA,MACpB;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAClB,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,KAAA;AAAA,QACjB,WAAA,EAAa,IAAA;AAAA,QACb,SAAA,EAAW,KAAA;AAAA,QACX,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,OACjD,CAAA;AAAA,IACH;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAML,EAAAJ,eAAA,CAAU,MAAM;AACd,IAAA,IAAI,CAAC,QAAA,EAAU;AAEf,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAC,CAAA,KAAM,MAAA;AACxE,IAAA,MAAM,YAAA,GAAe,UAAA,CAAW,aAAA,CAAc,eAAe,CAAC,CAAA,KAAM,MAAA;AACpE,IAAA,IAAI,CAAC,cAAA,IAAkB,CAAC,YAAA,EAAc;AAEtC,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,SAAS,YAAY;AACzB,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,CAAU,SAAS,IAAA,EAAK;AAC9B,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,aAAA,EAAc;AAAA,QAChB;AAAA,MACF,CAAA,SAAE;AACA,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAAA,MAC9C;AAAA,IACF,CAAA;AAEA,IAAA,MAAA,EAAO;AAEP,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AAAA,IACd,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,QAAA,EAAU,UAAA,EAAY,aAAa,CAAC,CAAA;AAKxC,EAAAA,eAAA,CAAU,MAAM;AACd,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,OAAM,CAAE,CAAA;AAClD,MAAA;AAAA,IACF;AACA,IAAA,IAAI,WAAW,OAAA,EAAS;AACxB,IAAA,UAAA,CAAW,OAAA,GAAU,IAAA;AAErB,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,OAAO,YAAY;AACvB,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,CAAU,SAAS,IAAA,EAAK;AAC9B,QAAA,IAAI,CAAC,WAAW,aAAA,EAAc;AAAA,MAChC,SAAS,KAAA,EAAO;AACd,QAAA,kBAAA,EAAmB;AACnB,QAAA,iBAAA,EAAkB;AAClB,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,QAAA,CAAS;AAAA,YACP,eAAA,EAAiB,KAAA;AAAA,YACjB,WAAA,EAAa,IAAA;AAAA,YACb,SAAA,EAAW,KAAA;AAAA,YACX,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,WACjD,CAAA;AAAA,QACH;AAAA,MACF;AAAA,IACF,CAAA;AAEA,IAAA,IAAA,EAAK;AAEL,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AACZ,MAAA,UAAA,CAAW,OAAA,GAAU,KAAA;AACrB,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAAA,IACpB,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,QAAA,EAAU,aAAa,CAAC,CAAA;AAK5B,EAAA,MAAM,KAAA,GAAQI,kBAAY,YAAY;AACpC,IAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,MAAK,CAAE,CAAA;AACjD,IAAA,MAAM,SAAA,CAAU,SAAS,KAAA,EAAM;AAC/B,IAAA,aAAA,EAAc;AAAA,EAChB,CAAA,EAAG,CAAC,aAAa,CAAC,CAAA;AAKlB,EAAA,MAAMC,OAAAA,GAASD,kBAAY,YAAY;AACrC,IAAA,kBAAA,EAAmB;AACnB,IAAA,iBAAA,EAAkB;AAClB,IAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,MAAK,CAAE,CAAA;AAEjD,IAAA,IAAI;AACF,MAAA,MAAM,UAAU,OAAA,EAAS,MAAA,CAAO,EAAE,SAAA,EAAW,YAAY,CAAA;AACzD,MAAA,kBAAA,EAAmB;AAAA,IACrB,CAAA,SAAE;AACA,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAClB,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,KAAA;AAAA,QACjB,WAAA,EAAa,IAAA;AAAA,QACb,SAAA,EAAW,KAAA;AAAA,QACX,KAAA,EAAO;AAAA,OACR,CAAA;AAAA,IACH;AAAA,EACF,CAAA,EAAG,CAAC,UAAU,CAAC,CAAA;AAKf,EAAA,MAAM,YAAA,GAAeA,kBAAY,YAA6B;AAC5D,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAY,MAAM,SAAA,CAAU,OAAA,EAAS,SAAQ,IAAM,EAAA;AACzD,MAAA,aAAA,EAAc;AACd,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAMC,OAAAA,EAAO;AACb,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF,CAAA,EAAG,CAAC,aAAA,EAAeA,OAAM,CAAC,CAAA;AAK1B,EAAA,MAAM,mBAAA,GAAsBD,kBAAY,YAA6B;AACnE,IAAA,IAAI;AACF,MAAA,MAAM,KAAA,GAAQ,MAAM,SAAA,CAAU,OAAA,EAAS,cAAA,EAAe;AACtD,MAAA,IAAI,CAAC,KAAA,EAAO,MAAM,IAAI,MAAM,mBAAmB,CAAA;AAC/C,MAAA,aAAA,EAAc;AACd,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAMC,OAAAA,EAAO;AACb,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF,CAAA,EAAG,CAAC,aAAA,EAAeA,OAAM,CAAC,CAAA;AAK1B,EAAA,MAAM,SAAA,GAAYD,iBAAA,CAAY,CAAC,WAAA,KAA8B;AAC3D,IAAA,QAAA,CAAS;AAAA,MACP,eAAA,EAAiB,IAAA;AAAA,MACjB,WAAA;AAAA,MACA,SAAA,EAAW,KAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,MAAM,YAAA,GAAeP,aAAA;AAAA,IACnB,OAAO;AAAA,MACL,GAAG,KAAA;AAAA,MACH,KAAA;AAAA,MACA,MAAA,EAAAQ,OAAAA;AAAA,MACA,YAAA;AAAA,MACA,cAAA,EAAgB,mBAAA;AAAA,MAChB;AAAA,KACF,CAAA;AAAA,IACA,CAAC,KAAA,EAAO,KAAA,EAAOA,OAAAA,EAAQ,YAAA,EAAc,qBAAqB,SAAS;AAAA,GACrE;AAEA,EAAA,sCACG,WAAA,CAAY,QAAA,EAAZ,EAAqB,KAAA,EAAO,cAC1B,QAAA,EACH,CAAA;AAEJ;AC5XA,IAAM,mBAAA,GAAsB,aAAA;AAUrB,SAAS,YAAA,CAAa;AAAA,EAC3B,SAAA,GAAY,QAAA;AAAA,EACZ,WAAA,GAAc,YAAA;AAAA,EACd,QAAA,GAAW;AACb,CAAA,EAAyC;AACvC,EAAA,MAAM,EAAE,SAAA,EAAU,GAAI,cAAA,EAAe;AACrC,EAAA,MAAM,UAAA,GAAaP,aAAO,KAAK,CAAA;AAC/B,EAAA,MAAM,CAAC,MAAA,EAAQ,SAAS,CAAA,GAAIK,eAAsB,MAAM,CAAA;AACxD,EAAA,MAAM,CAAC,OAAA,EAAS,UAAU,CAAA,GAAIA,eAAiB,EAAE,CAAA;AAEjD,EAAAH,gBAAU,MAAM;AACd,IAAA,IAAI,WAAW,OAAA,EAAS;AACxB,IAAA,UAAA,CAAW,OAAA,GAAU,IAAA;AAErB,IAAA,MAAM,SAAA,GAAY,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AAC5D,IAAA,MAAM,oBAAoB,SAAA,CAAU,GAAA,CAAI,MAAM,CAAA,IAAK,SAAA,CAAU,IAAI,OAAO,CAAA;AAExE,IAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,MAAA,MAAA,CAAO,QAAA,CAAS,OAAA,CAAQ,SAAA,IAAa,QAAQ,CAAA;AAC7C,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,GAAA,CAAI,OAAO,CAAA;AACnC,IAAA,MAAM,gBAAA,GAAmB,SAAA,CAAU,GAAA,CAAI,mBAAmB,CAAA;AAC1D,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,SAAA,CAAU,OAAO,CAAA;AACjB,MAAA,UAAA,CAAW,CAAA,EAAG,KAAK,CAAA,EAAA,EAAK,gBAAA,IAAoB,sBAAsB,CAAA,CAAE,CAAA;AACpE,MAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,KAAA,EAAO,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AACjG,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,cAAc,YAAY;AAC9B,MAAA,SAAA,CAAU,SAAS,CAAA;AACnB,MAAA,UAAA,CAAW,uBAAuB,CAAA;AAGlC,MAAA,MAAM,OAAA,GAAU,MAAM,cAAA,EAAe;AAErC,MAAA,IAAI,OAAA,EAAS;AACX,QAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,QAAA,IAAI,KAAA,YAAiB,KAAK,CAAA;AAC1B,QAAA,SAAA,CAAU,SAAS,CAAA;AACnB,QAAA,UAAA,CAAW,2CAA2C,CAAA;AACtD,QAAA,MAAA,CAAO,QAAA,CAAS,QAAQ,WAAW,CAAA;AAAA,MACrC,CAAA,MAAO;AACL,QAAA,SAAA,CAAU,OAAO,CAAA;AACjB,QAAA,UAAA,CAAW,0CAA0C,CAAA;AACrD,QAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,KAAA,EAAO,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AAAA,MACnG;AAAA,IACF,CAAA;AAEA,IAAA,WAAA,EAAY;AAAA,EACd,GAAG,CAAC,QAAA,EAAU,SAAA,EAAW,WAAA,EAAa,SAAS,CAAC,CAAA;AAEhD,EAAA,MAAM,cAAA,GAAsC;AAAA,IAC1C,SAAA,EAAW,OAAA;AAAA,IACX,OAAA,EAAS,MAAA;AAAA,IACT,aAAA,EAAe,QAAA;AAAA,IACf,UAAA,EAAY,QAAA;AAAA,IACZ,cAAA,EAAgB,QAAA;AAAA,IAChB,OAAA,EAAS,EAAA;AAAA,IACT,UAAA,EAAY,wDAAA;AAAA,IACZ,SAAA,EAAW;AAAA,GACb;AAEA,EAAA,MAAM,UAAA,GAAkC;AAAA,IACtC,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,SAAA;AAAA,IACV,UAAA,EAAY,GAAA;AAAA,IACZ,KAAA,EAAO,SAAA;AAAA,IACP,YAAA,EAAc;AAAA,GAChB;AAEA,EAAA,MAAM,YAAA,GAAoC;AAAA,IACxC,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,WAAA;AAAA,IACV,KAAA,EAAO,MAAA;AAAA,IACP,UAAA,EAAY,GAAA;AAAA,IACZ,QAAA,EAAU;AAAA,GACZ;AAEA,EAAA,MAAM,aAAA,GAAqC;AAAA,IACzC,SAAA,EAAW,EAAA;AAAA,IACX,OAAA,EAAS,WAAA;AAAA,IACT,eAAA,EAAiB,SAAA;AAAA,IACjB,MAAA,EAAQ,mBAAA;AAAA,IACR,YAAA,EAAc,CAAA;AAAA,IACd,KAAA,EAAO,SAAA;AAAA,IACP,QAAA,EAAU,UAAA;AAAA,IACV,QAAA,EAAU;AAAA,GACZ;AAEA,EAAA,MAAM,cAAA,GAAsC;AAAA,IAC1C,SAAA,EAAW,EAAA;AAAA,IACX,QAAA,EAAU,UAAA;AAAA,IACV,KAAA,EAAO,SAAA;AAAA,IACP,cAAA,EAAgB,MAAA;AAAA,IAChB,MAAA,EAAQ;AAAA,GACV;AAEA,EAAA,MAAM,YAAA,GAAoC;AAAA,IACxC,KAAA,EAAO,EAAA;AAAA,IACP,MAAA,EAAQ,EAAA;AAAA,IACR,MAAA,EAAQ,mBAAA;AAAA,IACR,cAAA,EAAgB,SAAA;AAAA,IAChB,YAAA,EAAc,KAAA;AAAA,IACd,SAAA,EAAW,yCAAA;AAAA,IACX,YAAA,EAAc;AAAA,GAChB;AAEA,EAAA,MAAM,eAAA,GAAuC;AAAA,IAC3C,QAAA,EAAU,UAAA;AAAA,IACV,GAAA,EAAK,EAAA;AAAA,IACL,IAAA,EAAM,KAAA;AAAA,IACN,SAAA,EAAW,kBAAA;AAAA,IACX,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,UAAA;AAAA,IACV,UAAA,EAAY,GAAA;AAAA,IACZ,KAAA,EAAO,SAAA;AAAA,IACP,aAAA,EAAe;AAAA,GACjB;AAEA,EAAA,uBACEM,eAAA,CAAC,SAAI,KAAA,EAAO,EAAE,GAAG,cAAA,EAAgB,QAAA,EAAU,YAAW,EACpD,QAAA,EAAA;AAAA,oBAAAC,cAAAA,CAAC,WAAO,QAAA,EAAA,CAAA,mEAAA,CAAA,EAAsE,CAAA;AAAA,oBAC9EA,cAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,iBAAkB,QAAA,EAAA,mBAAA,EAAoB,CAAA;AAAA,IAC/C,MAAA,KAAW,6BACVD,eAAA,CAAAE,mBAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAD,cAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,YAAA,EAAc,eAAW,IAAA,EAAC,CAAA;AAAA,sBACtCA,cAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,YAAY,QAAA,EAAA,mBAAA,EAAiB,CAAA;AAAA,sBACxCA,cAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,+CAAA,EAA6C;AAAA,KAAA,EACvE,CAAA;AAAA,IAED,MAAA,KAAW,6BACVD,eAAA,CAAAE,mBAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAD,cAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,UAAA,EAAY,QAAA,EAAA,wBAAA,EAAsB,CAAA;AAAA,sBAC7CA,cAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,sBAAA,EAAoB;AAAA,KAAA,EAC9C,CAAA;AAAA,IAED,MAAA,KAAW,2BACVD,eAAA,CAAAE,mBAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAD,cAAAA,CAAC,QAAG,KAAA,EAAO,EAAE,GAAG,UAAA,EAAY,KAAA,EAAO,SAAA,EAAU,EAAG,QAAA,EAAA,uBAAA,EAAqB,CAAA;AAAA,sBACrEA,cAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,eAAgB,QAAA,EAAA,OAAA,EAAQ,CAAA;AAAA,sBACpCA,cAAAA;AAAA,QAAC,GAAA;AAAA,QAAA;AAAA,UACC,IAAA,EAAM,SAAA;AAAA,UACN,KAAA,EAAO,cAAA;AAAA,UACP,OAAA,EAAS,CAAC,CAAA,KAAM;AACd,YAAA,CAAA,CAAE,cAAA,EAAe;AACjB,YAAA,MAAA,CAAO,SAAS,IAAA,GAAO,SAAA;AAAA,UACzB,CAAA;AAAA,UACD,QAAA,EAAA;AAAA;AAAA;AAED,KAAA,EACF,CAAA;AAAA,IAED,MAAA,KAAW,0BACVD,eAAA,CAAAE,mBAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAD,cAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,YAAA,EAAc,eAAW,IAAA,EAAC,CAAA;AAAA,sBACtCA,cAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,YAAY,QAAA,EAAA,uBAAA,EAAqB,CAAA;AAAA,sBAC5CA,cAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,4BAAA,EAA0B;AAAA,KAAA,EACpD;AAAA,GAAA,EAEJ,CAAA;AAEJ;;;ACxKO,SAAS,OAAA,GAA4B;AAC1C,EAAA,OAAO,cAAA,EAAe;AACxB;ACJO,SAAS,cAAA,CAAe;AAAA,EAC7B,QAAA;AAAA,EACA,QAAA,GAAW,IAAA;AAAA,EACX,SAAA,GAAY;AACd,CAAA,EAA2C;AACzC,EAAA,MAAM,EAAE,eAAA,EAAiB,cAAA,EAAAf,eAAAA,EAAgB,KAAA,KAAU,OAAA,EAAQ;AAC3D,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAIW,eAAS,KAAK,CAAA;AACxC,EAAA,MAAM,iBAAA,GAAoBL,aAAO,KAAK,CAAA;AAEtC,EAAAE,gBAAU,MAAM;AACd,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,MAAM,YAAY;AACtB,MAAA,IAAI,eAAA,EAAiB;AACnB,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,IAAI,CAAA;AAC7B,QAAA;AAAA,MACF;AAEA,MAAA,IAAI;AACF,QAAA,MAAMR,eAAAA,EAAe;AACrB,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,IAAI,CAAA;AAAA,MAC/B,CAAA,CAAA,MAAQ;AACN,QAAA,IAAI,SAAA,IAAa,CAAC,iBAAA,CAAkB,OAAA,EAAS;AAC3C,UAAA,iBAAA,CAAkB,OAAA,GAAU,IAAA;AAC5B,UAAA,MAAM,KAAA,EAAM;AAAA,QACd;AACA,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,KAAK,CAAA;AAAA,MAChC;AAAA,IACF,CAAA;AAEA,IAAA,GAAA,EAAI;AAEJ,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AAAA,IACd,CAAA;AAAA,EACF,GAAG,CAAC,SAAA,EAAWA,eAAAA,EAAgB,eAAA,EAAiB,KAAK,CAAC,CAAA;AAEtD,EAAA,IAAI,CAAC,KAAA,IAAS,CAAC,eAAA,EAAiB;AAC9B,IAAA,uBAAOe,cAAAA,CAAAC,mBAAAA,EAAA,EAAG,QAAA,EAAA,QAAA,EAAS,CAAA;AAAA,EACrB;AAEA,EAAA,uBAAOD,cAAAA,CAAAC,mBAAAA,EAAA,EAAG,QAAA,EAAS,CAAA;AACrB;AClCO,SAAS,WAAA,GAAiC;AAC/C,EAAA,MAAM,CAAC,SAAA,EAAW,YAAY,CAAA,GAAIL,eAAS,KAAK,CAAA;AAChD,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAIA,eAAwB,IAAI,CAAA;AAGtD,EAAA,MAAM,aAAA,GAAgBL,aAAO,KAAK,CAAA;AAGlC,EAAA,MAAM,UAAA,GAAaA,aAAO,IAAI,CAAA;AAE9B,EAAAE,gBAAU,MAAM;AACd,IAAA,OAAO,MAAM;AACX,MAAA,UAAA,CAAW,OAAA,GAAU,KAAA;AAAA,IACvB,CAAA;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,MAAM,IAAA,GAAOI,kBAAY,YAAY;AAEnC,IAAA,IAAI,cAAc,OAAA,EAAS;AACzB,MAAA;AAAA,IACF;AAEA,IAAA,aAAA,CAAc,OAAA,GAAU,IAAA;AAExB,IAAA,IAAI,WAAW,OAAA,EAAS;AACtB,MAAA,YAAA,CAAa,IAAI,CAAA;AACjB,MAAA,QAAA,CAAS,IAAI,CAAA;AAAA,IACf;AAEA,IAAA,IAAI;AAEF,MAAA,MAAM,SAAA,EAAU;AAAA,IAClB,SAAS,GAAA,EAAK;AACZ,MAAA,IAAI,WAAW,OAAA,EAAS;AACtB,QAAA,QAAA;AAAA,UACE,GAAA,YAAe,KAAA,GACX,GAAA,CAAI,OAAA,GACJ;AAAA,SACN;AAAA,MACF;AAAA,IACF,CAAA,SAAE;AACA,MAAA,aAAA,CAAc,OAAA,GAAU,KAAA;AAExB,MAAA,IAAI,WAAW,OAAA,EAAS;AACtB,QAAA,YAAA,CAAa,KAAK,CAAA;AAAA,MACpB;AAAA,IACF;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,OAAOP,aAAAA;AAAA,IACL,OAAO,EAAE,SAAA,EAAW,KAAA,EAAO,IAAA,EAAK,CAAA;AAAA,IAChC,CAAC,SAAA,EAAW,KAAA,EAAO,IAAI;AAAA,GACzB;AACF","file":"index.js","sourcesContent":["/**\r\n * Runtime context: single get/set for auth runtime.\r\n * Core reads from here; host (e.g. React layer) sets before any core code runs.\r\n */\r\n\r\nimport type { AuthRuntime } from './types';\r\n\r\nlet currentRuntime: AuthRuntime | null = null;\r\n\r\nexport function setAuthRuntime(runtime: AuthRuntime | null): void {\r\n currentRuntime = runtime;\r\n}\r\n\r\nexport function getAuthRuntime(): AuthRuntime | null {\r\n return currentRuntime;\r\n}\r\n\r\n/** Returns runtime or throws if not set (use in core when runtime is required). */\r\nexport function requireAuthRuntime(): AuthRuntime {\r\n const r = currentRuntime;\r\n if (!r) {\r\n throw new Error(\r\n '[tenneo-auth] Auth runtime not set. Wrap your app with AuthProvider (or setAuthRuntime) before using auth.'\r\n );\r\n }\r\n return r;\r\n}\r\n","/**\r\n * Pure domain logic for tenant key extraction and callback URL detection.\r\n * No window/document; no I/O. Single source of truth for tenant/callback helpers.\r\n */\r\n\r\n/** Minimal URL shape required for tenant/callback logic. */\r\nexport interface UrlLike {\r\n search: string;\r\n hostname: string;\r\n}\r\n\r\n/** Minimal config shape required for tenant extraction. */\r\nexport interface ConfigProviderLike {\r\n getClientCode(): string;\r\n getTenantId(): string;\r\n}\r\n\r\nexport function isLocalhost(hostname: string): boolean {\r\n return (\r\n hostname === 'localhost' ||\r\n hostname === '127.0.0.1' ||\r\n hostname === '[::1]' ||\r\n hostname.startsWith('192.168.') ||\r\n hostname.startsWith('10.') ||\r\n hostname.endsWith('.local')\r\n );\r\n}\r\n\r\nfunction extractTenantKeyFromDomain(\r\n urlOrHostname: string,\r\n config: ConfigProviderLike\r\n): string | null {\r\n try {\r\n let hostname: string;\r\n if (urlOrHostname.startsWith('http://') || urlOrHostname.startsWith('https://')) {\r\n try {\r\n const url = new URL(urlOrHostname);\r\n hostname = url.hostname;\r\n } catch {\r\n hostname = urlOrHostname.replace(/^https?:\\/\\//, '').split('/')[0];\r\n }\r\n } else {\r\n hostname = urlOrHostname;\r\n }\r\n const parts = hostname.split('.');\r\n if (parts.length < 2) return config.getClientCode();\r\n const tenantKey = parts[0];\r\n if (!tenantKey || tenantKey.trim() === '') return config.getClientCode();\r\n if (tenantKey.trim().toLowerCase() === 'productlms') return config.getClientCode();\r\n return tenantKey.trim();\r\n } catch {\r\n return config.getClientCode();\r\n }\r\n}\r\n\r\n/**\r\n * Extracts tenant key from URL + storage + config. Pure; no window usage.\r\n */\r\nexport function extractTenantKeyFromUrl(\r\n url: UrlLike,\r\n config: ConfigProviderLike,\r\n getStorage: (key: string) => string | null,\r\n getKey?: (suffix: string) => string\r\n): string | null {\r\n try {\r\n const propsConfigKey = getKey ? getKey('props_config') : 'tenneo_auth_props_config';\r\n const propsConfigStr = getStorage(propsConfigKey);\r\n if (propsConfigStr) {\r\n try {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n if (propsConfig.tenantKey?.trim()) return propsConfig.tenantKey.trim();\r\n } catch {\r\n // continue\r\n }\r\n }\r\n const tenantKeyStorageKey = getKey ? getKey('tenant_key') : 'tenneo_auth_tenant_key';\r\n const storedTenantKey = getStorage(tenantKeyStorageKey);\r\n if (storedTenantKey?.trim()) return storedTenantKey.trim();\r\n\r\n const urlParams = new URLSearchParams(url.search);\r\n const tenantKeyFromQuery = urlParams.get('t');\r\n if (tenantKeyFromQuery?.trim()) {\r\n const hostnameParts = url.hostname.split('.');\r\n const baseDomain = hostnameParts.length >= 2\r\n ? hostnameParts.slice(-2).join('.')\r\n : url.hostname;\r\n const simulatedHostname = `${tenantKeyFromQuery.trim()}.${baseDomain}`;\r\n const key = extractTenantKeyFromDomain(simulatedHostname, config);\r\n if (key) return key;\r\n return tenantKeyFromQuery.trim();\r\n }\r\n\r\n const keyFromHost = extractTenantKeyFromDomain(url.hostname, config);\r\n if (keyFromHost) return keyFromHost;\r\n\r\n const clientCode = config.getClientCode();\r\n if (clientCode?.trim()) return clientCode.trim();\r\n const tenantId = config.getTenantId();\r\n if (tenantId?.trim()) return tenantId.trim();\r\n return config.getClientCode();\r\n } catch {\r\n const clientCode = config.getClientCode();\r\n if (clientCode?.trim()) return clientCode.trim();\r\n return config.getTenantId() || config.getClientCode();\r\n }\r\n}\r\n\r\n/** Returns true if URL has code and state (OAuth callback). */\r\nexport function isCallbackUrlFromUrl(url: UrlLike): boolean {\r\n const params = new URLSearchParams(url.search);\r\n return params.has('code') && params.has('state');\r\n}\r\n","/**\r\n * Dynamic storage key prefix by tenant code.\r\n * When tenant code is set, prefix is `${normalizedTenantCode}_auth_`; otherwise `tenneo_auth_`.\r\n */\r\n\r\nconst DEFAULT_PREFIX = 'tenneo_auth_';\r\n\r\nlet currentPrefix = DEFAULT_PREFIX;\r\n\r\nexport function getStorageKeyPrefix(): string {\r\n return currentPrefix;\r\n}\r\n\r\n/**\r\n * Normalize tenant code for use in storage keys (alphanumeric + underscore only).\r\n */\r\nfunction normalizeTenantCode(tenantCode: string): string {\r\n const trimmed = tenantCode.trim();\r\n if (!trimmed) return '';\r\n return trimmed.replace(/[^a-zA-Z0-9_]/g, '_').toLowerCase();\r\n}\r\n\r\n/**\r\n * Set the storage key prefix from tenant code.\r\n * Call when tenant is known (e.g. from AuthProvider). Empty string resets to default.\r\n */\r\nexport function setStorageKeyPrefix(tenantCode: string): void {\r\n const normalized = normalizeTenantCode(tenantCode);\r\n currentPrefix = normalized ? `${normalized}_auth_` : DEFAULT_PREFIX;\r\n}\r\n\r\n/**\r\n * Build full storage key for a suffix using the current prefix.\r\n */\r\nexport function getStorageKey(suffix: string): string {\r\n return getStorageKeyPrefix() + suffix;\r\n}\r\n","/**\r\n * Storage key namespacing: auth_${tenantId}_${appId}_*\r\n * Backward compatibility: when both tenantId and appId are empty, use dynamic prefix (from tenant code).\r\n */\r\n\r\nimport type { StorageNamespace } from './types';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\n/**\r\n * Builds a namespaced storage key.\r\n * - When tenantId and appId are both falsy: returns getStorageKeyPrefix() + suffix (tenant-code-based or default).\r\n * - Otherwise: returns auth_${tenantId}_${appId}_${suffix}.\r\n */\r\nexport function buildStorageKey(\r\n ns: StorageNamespace,\r\n suffix: string\r\n): string {\r\n const { tenantId, appId } = ns;\r\n if (!tenantId && !appId) {\r\n return `${getStorageKeyPrefix()}${suffix}`;\r\n }\r\n const tid = tenantId || '';\r\n const aid = appId || '';\r\n return `auth_${tid}_${aid}_${suffix}`;\r\n}\r\n\r\n/** Suffixes used for token keys (same as legacy STORAGE_KEYS without prefix). */\r\nexport const TOKEN_KEY_SUFFIXES = {\r\n accessToken: 'access_token',\r\n refreshToken: 'refresh_token',\r\n expiresAt: 'expires_at',\r\n} as const;\r\n\r\n/** Suffixes for config/flow keys (aligned with existing tenneo_auth_* keys). */\r\nexport const CONFIG_KEY_SUFFIXES = {\r\n authServerUrl: 'auth_server_url',\r\n clientId: 'client_id',\r\n redirectUri: 'redirect_uri',\r\n tenantId: 'tenant_id',\r\n tenantKey: 'tenant_key',\r\n codeVerifier: 'code_verifier',\r\n state: 'state',\r\n callbackProcessed: 'callback_processed',\r\n callbackProcessing: 'callback_processing',\r\n callbackAttempted: 'callback_attempted',\r\n flowInProgress: 'flow_in_progress',\r\n flowTimestamp: 'flow_timestamp',\r\n logoutProcessing: 'logout_processing',\r\n propsConfig: 'props_config',\r\n propsChanged: 'props_changed',\r\n tenantSwitched: 'tenant_switched',\r\n newTenantKey: 'new_tenant_key',\r\n stateMismatch: 'state_mismatch',\r\n bootstrapInProgress: 'bootstrap_in_progress',\r\n bootstrapTimestamp: 'bootstrap_timestamp',\r\n callbackHandled: 'callback_handled',\r\n idToken: 'id_token',\r\n} as const;\r\n","/**\r\n * Storage context: current adapter and namespace.\r\n * Can be set via setStorageContext (legacy) or setAuthRuntime (full runtime).\r\n * No window/document usage.\r\n */\r\n\r\nimport type { StorageAdapter, StorageNamespace } from './types';\r\nimport { getAuthRuntime } from '../runtime/context';\r\n\r\nlet currentAdapter: StorageAdapter | null = null;\r\nlet currentNamespace: StorageNamespace = { tenantId: '', appId: '' };\r\n\r\nexport function setStorageContext(\r\n adapter: StorageAdapter | null,\r\n namespace: Partial<StorageNamespace> = {}\r\n): void {\r\n currentAdapter = adapter;\r\n currentNamespace = {\r\n tenantId: namespace.tenantId ?? '',\r\n appId: namespace.appId ?? '',\r\n };\r\n}\r\n\r\nexport function getStorageAdapter(): StorageAdapter | null {\r\n const runtime = getAuthRuntime();\r\n if (runtime?.storageAdapter) return runtime.storageAdapter;\r\n return currentAdapter;\r\n}\r\n\r\nexport function getStorageNamespace(): StorageNamespace {\r\n const runtime = getAuthRuntime();\r\n if (runtime?.storageNamespace) return { ...runtime.storageNamespace };\r\n return { ...currentNamespace };\r\n}\r\n","/**\r\n * In-memory storage adapter. SSR-safe; no window/document usage.\r\n * Default for server-side or when no persistent storage is desired.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { buildStorageKey, TOKEN_KEY_SUFFIXES } from './namespace';\r\n\r\nexport function createMemoryStorageAdapter(\r\n namespace: StorageNamespace\r\n): StorageAdapter {\r\n const store = new Map<string, string>();\r\n\r\n const getTokensSync = (): AuthTokens | null => {\r\n const accessToken = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken)) ?? null;\r\n const refreshToken = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken)) ?? null;\r\n const expiresAtStr = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt)) ?? null;\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n };\r\n\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n return getTokensSync();\r\n },\r\n getTokensSync,\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n },\r\n setTokensSync(tokens: AuthTokens): void {\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n clearTokensSync(): void {\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n return store.get(key) ?? null;\r\n },\r\n getItemSync(key: string): string | null {\r\n return store.get(key) ?? null;\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n store.set(key, value);\r\n },\r\n setItemSync(key: string, value: string): void {\r\n store.set(key, value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n store.delete(key);\r\n },\r\n removeItemSync(key: string): void {\r\n store.delete(key);\r\n },\r\n\r\n async clear(): Promise<void> {\r\n store.clear();\r\n },\r\n clearSync(): void {\r\n store.clear();\r\n },\r\n };\r\n}\r\n","/**\r\n * Session storage adapter with namespaced keys. SSR-safe: guards all\r\n * window/sessionStorage access with typeof window !== 'undefined'.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { buildStorageKey, TOKEN_KEY_SUFFIXES } from './namespace';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\nfunction getSessionStorage(): Storage | null {\r\n if (typeof window === 'undefined') return null;\r\n try {\r\n return window.sessionStorage;\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nexport function createSecureSessionStorageAdapter(\r\n namespace: StorageNamespace\r\n): StorageAdapter {\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n return getTokensSyncImpl(namespace);\r\n },\r\n getTokensSync(): AuthTokens | null {\r\n return getTokensSyncImpl(namespace);\r\n },\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n setTokensSyncImpl(namespace, tokens);\r\n },\r\n setTokensSync(tokens: AuthTokens): void {\r\n setTokensSyncImpl(namespace, tokens);\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n clearTokensSyncImpl(namespace);\r\n },\r\n clearTokensSync(): void {\r\n clearTokensSyncImpl(namespace);\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n return getItemSyncImpl(key);\r\n },\r\n getItemSync(key: string): string | null {\r\n return getItemSyncImpl(key);\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n setItemSyncImpl(key, value);\r\n },\r\n setItemSync(key: string, value: string): void {\r\n setItemSyncImpl(key, value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n removeItemSyncImpl(key);\r\n },\r\n removeItemSync(key: string): void {\r\n removeItemSyncImpl(key);\r\n },\r\n\r\n async clear(): Promise<void> {\r\n clearSyncImpl(namespace);\r\n },\r\n clearSync(): void {\r\n clearSyncImpl(namespace);\r\n },\r\n };\r\n}\r\n\r\nfunction getTokensSyncImpl(ns: StorageNamespace): AuthTokens | null {\r\n const storage = getSessionStorage();\r\n if (!storage) return null;\r\n try {\r\n const accessToken = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken));\r\n const refreshToken = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken));\r\n const expiresAtStr = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt));\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nfunction setTokensSyncImpl(ns: StorageNamespace, tokens: AuthTokens): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction clearTokensSyncImpl(ns: StorageNamespace): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken));\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken));\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction getItemSyncImpl(key: string): string | null {\r\n const storage = getSessionStorage();\r\n if (!storage) return null;\r\n try {\r\n return storage.getItem(key);\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nfunction setItemSyncImpl(key: string, value: string): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.setItem(key, value);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction removeItemSyncImpl(key: string): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.removeItem(key);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction clearSyncImpl(ns: StorageNamespace): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n const prefix = ns.tenantId || ns.appId\r\n ? `auth_${ns.tenantId || ''}_${ns.appId || ''}_`\r\n : getStorageKeyPrefix();\r\n const keys: string[] = [];\r\n for (let i = 0; i < storage.length; i++) {\r\n const key = storage.key(i);\r\n if (key && key.startsWith(prefix)) keys.push(key);\r\n }\r\n keys.forEach((k) => storage.removeItem(k));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n","/**\r\n * Cookie-based storage adapter (HttpOnly-compatible abstraction).\r\n * Tokens are stored in cookies; config/flow flags use cookies or fallback.\r\n * SSR-safe: all document/window access guarded with typeof window !== 'undefined'.\r\n *\r\n * Note: True HttpOnly cookies must be set by the server. This adapter uses\r\n * document.cookie for client-readable tokens when running in the browser,\r\n * and can be replaced by a server-backed implementation for HttpOnly.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { TOKEN_KEY_SUFFIXES, CONFIG_KEY_SUFFIXES } from './namespace';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\nconst DEFAULT_COOKIE_OPTIONS = {\r\n path: '/',\r\n sameSite: 'lax' as const,\r\n maxAge: 60 * 60 * 24 * 7, // 7 days for refresh token\r\n};\r\n\r\nfunction getDocument(): Document | null {\r\n if (typeof document === 'undefined') return null;\r\n return document;\r\n}\r\n\r\nfunction getCookie(name: string): string | null {\r\n const doc = getDocument();\r\n if (!doc || !doc.cookie) return null;\r\n const match = doc.cookie.match(new RegExp('(^| )' + name + '=([^;]+)'));\r\n return match ? decodeURIComponent(match[2]) : null;\r\n}\r\n\r\nfunction setCookie(\r\n name: string,\r\n value: string,\r\n options: { path?: string; sameSite?: 'lax' | 'strict' | 'none'; maxAge?: number } = {}\r\n): void {\r\n const doc = getDocument();\r\n if (!doc) return;\r\n const { path = '/', sameSite = 'lax', maxAge } = { ...DEFAULT_COOKIE_OPTIONS, ...options };\r\n let cookie = `${encodeURIComponent(name)}=${encodeURIComponent(value)};path=${path};SameSite=${sameSite}`;\r\n if (maxAge != null) cookie += `;max-age=${maxAge}`;\r\n doc.cookie = cookie;\r\n}\r\n\r\nfunction deleteCookie(name: string): void {\r\n const doc = getDocument();\r\n if (!doc) return;\r\n doc.cookie = `${encodeURIComponent(name)}=;path=/;max-age=0`;\r\n}\r\n\r\nexport function createCookieStorageAdapter(\r\n namespace: StorageNamespace,\r\n options?: { cookiePrefix?: string }\r\n): StorageAdapter {\r\n const prefix = options?.cookiePrefix ?? 'auth';\r\n const keyPrefix = namespace.tenantId || namespace.appId\r\n ? `auth_${namespace.tenantId || ''}_${namespace.appId || ''}_`\r\n : getStorageKeyPrefix();\r\n\r\n const cookieName = (suffix: string) =>\r\n `${prefix}_${namespace.tenantId || 't'}_${namespace.appId || 'a'}_${suffix}`.replace(/[^a-zA-Z0-9_]/g, '_');\r\n\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n const accessToken = getCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken));\r\n const refreshToken = getCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken));\r\n const expiresAtStr = getCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt));\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n },\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken, { maxAge: 60 * 60 });\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken, { maxAge: 60 * 60 * 24 * 7 });\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt), { maxAge: 60 * 60 * 24 });\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken));\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken));\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n return getCookie(cookieName(name));\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n setCookie(cookieName(name), value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n deleteCookie(cookieName(name));\r\n },\r\n\r\n async clear(): Promise<void> {\r\n const suffixes = Object.values(TOKEN_KEY_SUFFIXES);\r\n suffixes.forEach((s) => deleteCookie(cookieName(s)));\r\n Object.values(CONFIG_KEY_SUFFIXES).forEach((suffix) => deleteCookie(cookieName(suffix)));\r\n },\r\n };\r\n}\r\n","/**\r\n * Storage API: adapter-based get/set/clear. No direct window/sessionStorage.\r\n * Keys use dynamic prefix from tenant code (see prefix.ts).\r\n */\r\n\r\nimport type { StorageKeys } from '../../domain/auth-state';\r\nimport { getStorageAdapter, getStorageNamespace } from './context';\r\nimport { buildStorageKey } from './namespace';\r\nimport { getAuthRuntime } from '../runtime/context';\r\nimport { getStorageKeyPrefix, getStorageKey } from './prefix';\r\n\r\nconst KEY_SUFFIXES = {\r\n authServerUrl: 'auth_server_url',\r\n clientId: 'client_id',\r\n redirectUri: 'redirect_uri',\r\n tenantId: 'tenant_id',\r\n tenantKey: 'tenant_key',\r\n codeVerifier: 'code_verifier',\r\n state: 'state',\r\n accessToken: 'access_token',\r\n refreshToken: 'refresh_token',\r\n expiresAt: 'expires_at',\r\n} as const;\r\n\r\nexport const STORAGE_KEYS: StorageKeys = {\r\n get authServerUrl() { return getStorageKey(KEY_SUFFIXES.authServerUrl); },\r\n get clientId() { return getStorageKey(KEY_SUFFIXES.clientId); },\r\n get redirectUri() { return getStorageKey(KEY_SUFFIXES.redirectUri); },\r\n get tenantId() { return getStorageKey(KEY_SUFFIXES.tenantId); },\r\n get tenantKey() { return getStorageKey(KEY_SUFFIXES.tenantKey); },\r\n get codeVerifier() { return getStorageKey(KEY_SUFFIXES.codeVerifier); },\r\n get state() { return getStorageKey(KEY_SUFFIXES.state); },\r\n get accessToken() { return getStorageKey(KEY_SUFFIXES.accessToken); },\r\n get refreshToken() { return getStorageKey(KEY_SUFFIXES.refreshToken); },\r\n get expiresAt() { return getStorageKey(KEY_SUFFIXES.expiresAt); },\r\n} as const;\r\n\r\nfunction keyToSuffix(key: string): string {\r\n const prefix = getStorageKeyPrefix();\r\n return key.startsWith(prefix) ? key.slice(prefix.length) : key;\r\n}\r\n\r\nexport function setStorage(key: string, value: string): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.setItemSync) return;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n adapter.setItemSync(buildStorageKey(ns, suffix), value);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function getStorage(key: string): string | null {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.getItemSync) return null;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n return adapter.getItemSync(buildStorageKey(ns, suffix));\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nexport function removeStorage(key: string): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.removeItemSync) return;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n adapter.removeItemSync(buildStorageKey(ns, suffix));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function clearAuthStorage(): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.clearSync) return;\r\n try {\r\n adapter.clearTokensSync?.();\r\n adapter.clearSync();\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function clearAuthSessionStorage(): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.clearSync) return;\r\n try {\r\n adapter.clearTokensSync?.();\r\n adapter.clearSync();\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function clearAllCookies(): void {\r\n const runtime = getAuthRuntime();\r\n try {\r\n runtime?.clearCookies?.clearCookies();\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function clearAllStorage(): void {\r\n const forceLogin = getStorage(getStorageKey('force_login'));\r\n const logoutInProgress = getStorage(getStorageKey('logout_in_progress'));\r\n const preservedTenantKey = getStorage(getStorageKey('preserved_tenant_key'));\r\n\r\n clearAuthSessionStorage();\r\n clearAuthStorage();\r\n\r\n if (forceLogin === 'true') setStorage(getStorageKey('force_login'), 'true');\r\n if (logoutInProgress === 'true') setStorage(getStorageKey('logout_in_progress'), 'true');\r\n if (preservedTenantKey) setStorage(getStorageKey('preserved_tenant_key'), preservedTenantKey);\r\n\r\n clearAllCookies();\r\n}\r\n\r\nexport function getAccessToken(): string | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.accessToken ?? null;\r\n }\r\n return getStorage(STORAGE_KEYS.accessToken);\r\n}\r\n\r\nexport function getRefreshToken(): string | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.refreshToken ?? null;\r\n }\r\n return getStorage(STORAGE_KEYS.refreshToken);\r\n}\r\n\r\nexport function getExpiresAt(): number | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.expiresAt ?? null;\r\n }\r\n const expiresAt = getStorage(STORAGE_KEYS.expiresAt);\r\n if (!expiresAt) return null;\r\n const timestamp = parseInt(expiresAt, 10);\r\n return isNaN(timestamp) ? null : timestamp;\r\n}\r\n\r\nexport function isAccessTokenExpired(): boolean {\r\n const expiresAt = getExpiresAt();\r\n if (!expiresAt) return true;\r\n const buffer = 60 * 1000;\r\n return Date.now() >= expiresAt - buffer;\r\n}\r\n\r\nexport function getAuthServerUrl(): string | null {\r\n return getStorage(STORAGE_KEYS.authServerUrl);\r\n}\r\nexport function getClientId(): string | null {\r\n return getStorage(STORAGE_KEYS.clientId);\r\n}\r\nexport function getRedirectUri(): string | null {\r\n return getStorage(STORAGE_KEYS.redirectUri);\r\n}\r\nexport function getTenantId(): string | null {\r\n return getStorage(STORAGE_KEYS.tenantId);\r\n}\r\nexport function getCodeVerifier(): string | null {\r\n return getStorage(STORAGE_KEYS.codeVerifier);\r\n}\r\nexport function getState(): string | null {\r\n return getStorage(STORAGE_KEYS.state);\r\n}\r\nexport function getTenantKey(): string | null {\r\n return getStorage(STORAGE_KEYS.tenantKey);\r\n}\r\nexport function setTenantKey(tenantKey: string): void {\r\n setStorage(STORAGE_KEYS.tenantKey, tenantKey);\r\n}\r\n","/**\r\n * Logger utility for consistent logging across the plugin\r\n */\r\n\r\ntype LogLevel = 'info' | 'warn' | 'error' | 'debug';\r\n\r\n/**\r\n * Checks if we're in development mode (localhost/local network)\r\n */\r\nfunction isDev(): boolean {\r\n if (typeof window === 'undefined') {\r\n return false;\r\n }\r\n const hostname = window.location.hostname;\r\n return (\r\n hostname === 'localhost' ||\r\n hostname === '127.0.0.1' ||\r\n hostname === '[::1]' ||\r\n hostname.startsWith('192.168.') ||\r\n hostname.startsWith('10.') ||\r\n hostname.endsWith('.local')\r\n );\r\n}\r\n\r\nclass Logger {\r\n private prefix = '[tenneo-auth-gateway-plugin]';\r\n\r\n private log(level: LogLevel, message: string, data?: unknown): void {\r\n const timestamp = new Date().toISOString();\r\n const logMessage = `${this.prefix} [${timestamp}] [${level.toUpperCase()}] ${message}`;\r\n\r\n switch (level) {\r\n case 'info':\r\n console.log(logMessage, data || '');\r\n break;\r\n case 'warn':\r\n console.warn(logMessage, data || '');\r\n break;\r\n case 'error':\r\n console.error(logMessage, data || '');\r\n break;\r\n case 'debug':\r\n if (isDev()) {\r\n console.debug(logMessage, data || '');\r\n }\r\n break;\r\n }\r\n }\r\n\r\n info(message: string, data?: unknown): void {\r\n this.log('info', message, data);\r\n }\r\n\r\n warn(message: string, data?: unknown): void {\r\n this.log('warn', message, data);\r\n }\r\n\r\n error(message: string, data?: unknown): void {\r\n this.log('error', message, data);\r\n }\r\n\r\n debug(message: string, data?: unknown): void {\r\n this.log('debug', message, data);\r\n }\r\n}\r\n\r\nexport const logger = new Logger();\r\n\r\n","/**\r\n * Security and error utilities for authentication.\r\n * Domain layer: sanitized errors and HTTPS enforcement.\r\n */\r\n\r\nimport { logger } from '../utils/logger';\r\n\r\nfunction isLocalhostHostname(hostname: string): boolean {\r\n return hostname === 'localhost' || hostname === '127.0.0.1' ||\r\n hostname.startsWith('192.168.') || hostname.startsWith('10.') || hostname.startsWith('172.16.');\r\n}\r\n\r\nfunction isDev(): boolean {\r\n if (typeof window === 'undefined') return false;\r\n return isLocalhostHostname(window.location.hostname);\r\n}\r\n\r\nexport function enforceHttps(allowLocalhost: boolean = true): void {\r\n if (typeof window === 'undefined') return;\r\n\r\n const isLocalhostWindow = window.location.hostname === 'localhost' ||\r\n window.location.hostname === '127.0.0.1' ||\r\n window.location.hostname.startsWith('192.168.') ||\r\n window.location.hostname.startsWith('10.') ||\r\n window.location.hostname.startsWith('172.16.');\r\n\r\n const isHttps = window.location.protocol === 'https:';\r\n const isHttp = window.location.protocol === 'http:';\r\n\r\n if (allowLocalhost && isLocalhostWindow && isHttp) {\r\n logger.debug('HTTP allowed on localhost for development');\r\n return;\r\n }\r\n\r\n if (isHttp && !isLocalhostWindow) {\r\n const error = new Error('HTTPS is required for authentication. Please use HTTPS to access this application.');\r\n logger.error('HTTPS enforcement failed', {\r\n protocol: window.location.protocol,\r\n hostname: window.location.hostname,\r\n });\r\n throw error;\r\n }\r\n\r\n logger.debug('HTTPS check passed', { protocol: window.location.protocol });\r\n}\r\n\r\nexport function sanitizeErrorMessage(error: unknown, genericMessage: string): string {\r\n if (isDev()) {\r\n if (error instanceof Error) return error.message;\r\n return String(error);\r\n }\r\n return genericMessage;\r\n}\r\n\r\nexport class SanitizedError extends Error {\r\n public readonly code: string;\r\n public readonly originalMessage?: string;\r\n\r\n constructor(code: string, genericMessage: string, originalError?: unknown) {\r\n super(genericMessage);\r\n this.name = 'SanitizedError';\r\n this.code = code;\r\n if (isDev() && originalError instanceof Error) {\r\n this.originalMessage = originalError.message;\r\n }\r\n }\r\n}\r\n","/**\r\n * Auth lifecycle state machine (domain layer).\r\n * Pure: no I/O, no infrastructure. Used by application to decide which flow to run.\r\n */\r\n\r\nimport type { UrlLike } from './tenant';\r\n\r\n/** Storage reader: (keySuffix) => value. Used for persistence-critical flags only. */\r\nexport type StorageReader = (keySuffix: string) => string | null;\r\n\r\nexport enum AuthLifecycleState {\r\n INITIALIZING = 'INITIALIZING',\r\n FORCE_LOGIN = 'FORCE_LOGIN',\r\n PROCESSING_CALLBACK = 'PROCESSING_CALLBACK',\r\n AUTHENTICATED = 'AUTHENTICATED',\r\n TOKEN_EXPIRED = 'TOKEN_EXPIRED',\r\n TENANT_SWITCH = 'TENANT_SWITCH',\r\n LOGIN_REQUIRED = 'LOGIN_REQUIRED',\r\n LOGGED_OUT = 'LOGGED_OUT',\r\n ERROR = 'ERROR',\r\n}\r\n\r\nexport interface ResolveStateInput {\r\n url: UrlLike;\r\n getStorage: StorageReader;\r\n isCallbackUrl: (url: UrlLike) => boolean;\r\n hasValidToken: boolean;\r\n hasToken: boolean;\r\n hasRefreshToken: boolean;\r\n isTokenExpired: boolean;\r\n}\r\n\r\n/**\r\n * Resolves the current auth lifecycle state from URL, storage flags, and token state.\r\n * Pure function: no side effects, no async.\r\n */\r\nexport function resolveAuthLifecycleState(input: ResolveStateInput): AuthLifecycleState {\r\n const {\r\n url,\r\n getStorage,\r\n isCallbackUrl,\r\n hasValidToken,\r\n hasToken,\r\n hasRefreshToken,\r\n isTokenExpired,\r\n } = input;\r\n\r\n const forceLogin = getStorage('force_login') === 'true';\r\n const callbackProcessed = getStorage('callback_processed') === 'true';\r\n const tenantSwitched = getStorage('tenant_switched') === 'true';\r\n\r\n if (forceLogin) return AuthLifecycleState.FORCE_LOGIN;\r\n if (isCallbackUrl(url)) return AuthLifecycleState.PROCESSING_CALLBACK;\r\n if (hasValidToken) return AuthLifecycleState.AUTHENTICATED;\r\n if (callbackProcessed && !hasToken) return AuthLifecycleState.LOGIN_REQUIRED;\r\n if (hasToken && isTokenExpired && hasRefreshToken) return AuthLifecycleState.TOKEN_EXPIRED;\r\n if (hasToken && isTokenExpired && !hasRefreshToken) return AuthLifecycleState.LOGIN_REQUIRED;\r\n if (tenantSwitched) return AuthLifecycleState.TENANT_SWITCH;\r\n\r\n return AuthLifecycleState.LOGIN_REQUIRED;\r\n}\r\n","/**\r\n * In-memory runtime state for bootstrap and flow control.\r\n * Single source of truth for bootstrap_in_progress, callback_processing, flow_in_progress.\r\n * Re-exports flow-flag API for internal use (replaces utils/flow-flags).\r\n */\r\n\r\nconst BOOTSTRAP_STALE_MS = 5000;\r\n\r\nlet bootstrapInProgress = false;\r\nlet bootstrapTimestamp = 0;\r\n\r\nlet callbackProcessing = false;\r\n\r\nlet flowInProgress = false;\r\nlet flowTimestamp = 0;\r\n\r\nexport function isBootstrapInProgress(): boolean {\r\n if (!bootstrapInProgress) return false;\r\n if (!bootstrapTimestamp) return true;\r\n return Date.now() - bootstrapTimestamp < BOOTSTRAP_STALE_MS;\r\n}\r\n\r\nexport function setBootstrapInProgress(): void {\r\n bootstrapInProgress = true;\r\n bootstrapTimestamp = Date.now();\r\n}\r\n\r\nexport function clearBootstrapInProgress(): void {\r\n bootstrapInProgress = false;\r\n bootstrapTimestamp = 0;\r\n}\r\n\r\nexport function isCallbackProcessing(): boolean {\r\n return callbackProcessing;\r\n}\r\n\r\nexport function setCallbackProcessing(): void {\r\n callbackProcessing = true;\r\n}\r\n\r\nexport function clearCallbackProcessing(): void {\r\n callbackProcessing = false;\r\n}\r\n\r\nexport function isFlowInProgress(): boolean {\r\n return flowInProgress;\r\n}\r\n\r\nexport function getFlowTimestamp(): number | null {\r\n return flowTimestamp || null;\r\n}\r\n\r\nexport function setFlowInProgress(): void {\r\n flowInProgress = true;\r\n flowTimestamp = Date.now();\r\n}\r\n\r\nexport function clearFlowInProgress(): void {\r\n flowInProgress = false;\r\n flowTimestamp = 0;\r\n}\r\n\r\nexport function isFlowFlagStale(thresholdMs: number = 3000): boolean {\r\n if (!flowTimestamp) return true;\r\n return Date.now() - flowTimestamp > thresholdMs;\r\n}\r\n\r\n/** Flow-flag API (clear/set/query). Used by flows and strategy. */\r\nexport function clearFlowFlags(): void {\r\n clearFlowInProgress();\r\n}\r\n\r\nexport function setFlowFlags(): void {\r\n setFlowInProgress();\r\n}\r\n","/**\r\n * PKCE (Proof Key for Code Exchange) utilities\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\n/**\r\n * Generates a random code verifier for PKCE\r\n * @param length Length of the code verifier (default: 128)\r\n * @returns Base64URL-encoded random string\r\n */\r\nexport function generateCodeVerifier(length: number = 128): string {\r\n const array = new Uint8Array(length);\r\n crypto.getRandomValues(array);\r\n\r\n const base64 = btoa(String.fromCharCode(...array));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n}\r\n\r\n/**\r\n * Generates code challenge from code verifier using SHA-256\r\n */\r\nexport async function generateCodeChallenge(verifier: string): Promise<string> {\r\n try {\r\n const encoder = new TextEncoder();\r\n const data = encoder.encode(verifier);\r\n const hashBuffer = await crypto.subtle.digest('SHA-256', data);\r\n const hashArray = Array.from(new Uint8Array(hashBuffer));\r\n const base64 = btoa(String.fromCharCode(...hashArray));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n } catch {\r\n throw new Error('Failed to generate code challenge');\r\n }\r\n}\r\n\r\n/**\r\n * Generates a random state parameter for OAuth flow\r\n */\r\nexport function generateState(): string {\r\n const array = new Uint8Array(32);\r\n crypto.getRandomValues(array);\r\n const base64 = btoa(String.fromCharCode(...array));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n}\r\n","/**\r\n * Env + window config loader. SSR-safe.\r\n * Single source of truth: .env (VITE_* or same name). Window can override for dev.\r\n */\r\n\r\nimport type { RuntimeConfig } from './types';\r\n\r\nconst ENV_KEYS: Record<keyof RuntimeConfig, readonly string[]> = {\r\n CLIENT_ID: ['VITE_CLIENT_ID', 'CLIENT_ID'],\r\n TENANT_ID: ['VITE_TENANT_ID', 'TENANT_ID'],\r\n CLIENTCODE: ['VITE_CLIENTCODE', 'CLIENTCODE'],\r\n};\r\n\r\nexport function getEnvValue(keys: readonly string[]): string {\r\n try {\r\n const g = typeof globalThis !== 'undefined' ? (globalThis as Record<string, unknown>) : null;\r\n const env = g?.process && typeof (g.process as Record<string, unknown>).env === 'object'\r\n ? (g.process as Record<string, unknown>).env as Record<string, unknown>\r\n : null;\r\n if (env) {\r\n for (const key of keys) {\r\n const v = env[key];\r\n if (v != null && String(v).trim()) return String(v).trim();\r\n }\r\n }\r\n } catch {\r\n // ignore\r\n }\r\n try {\r\n const meta = typeof import.meta !== 'undefined' ? (import.meta as { env?: Record<string, unknown> }).env : undefined;\r\n if (meta) {\r\n for (const key of keys) {\r\n const v = meta[key];\r\n if (v != null && String(v).trim()) return String(v).trim();\r\n }\r\n }\r\n } catch {\r\n // ignore\r\n }\r\n return '';\r\n}\r\n\r\nconst FORBIDDEN_WINDOW_KEYS = ['apiBaseUrl', 'apiTenantResolutionBaseUrl', 'apiAuthBaseUrl', 'authServerUrl', 'defaultDomain', 'API_BASE_URL', 'AUTH_SERVER_URL', 'DEFAULT_DOMAIN'] as const;\r\n\r\nfunction getWindowConfigRaw(): Record<string, string> | null {\r\n if (typeof window === 'undefined') return null;\r\n const w = window as Window & { __AUTH_CONFIG__?: Record<string, unknown>; __APP_CONFIG__?: Record<string, unknown> };\r\n const raw = w.__AUTH_CONFIG__ ?? w.__APP_CONFIG__;\r\n if (!raw || typeof raw !== 'object') return null;\r\n for (const forbidden of FORBIDDEN_WINDOW_KEYS) {\r\n if (forbidden in raw) {\r\n throw new Error('Attempted to override protected internal configuration');\r\n }\r\n }\r\n const out: Record<string, string> = {};\r\n const map: Record<string, string> = {\r\n clientId: 'CLIENT_ID',\r\n tenantId: 'TENANT_ID',\r\n clientcode: 'CLIENTCODE',\r\n };\r\n for (const [winKey, sdkKey] of Object.entries(map)) {\r\n const v = raw[winKey];\r\n if (v != null && typeof v === 'string' && v.trim()) out[sdkKey] = v.trim();\r\n }\r\n return Object.keys(out).length ? out : null;\r\n}\r\n\r\nexport function loadEnvConfig(): Partial<RuntimeConfig> {\r\n const partial: Partial<RuntimeConfig> = {};\r\n for (const [key, envKeys] of Object.entries(ENV_KEYS)) {\r\n const v = getEnvValue(envKeys);\r\n if (v) (partial as Record<string, string>)[key] = v;\r\n }\r\n return partial;\r\n}\r\n\r\nexport function loadWindowConfig(): Partial<RuntimeConfig> | null {\r\n const raw = getWindowConfigRaw();\r\n if (!raw) return null;\r\n return raw as Partial<RuntimeConfig>;\r\n}\r\n","/**\r\n * Zod validation for runtime config (CLIENT_ID, TENANT_ID, CLIENTCODE).\r\n */\r\n\r\nimport { z } from 'zod';\r\nimport type { RuntimeConfig } from './types';\r\n\r\nconst schema = z.object({\r\n CLIENT_ID: z.string().min(1, 'CLIENT_ID is required'),\r\n TENANT_ID: z.string().min(1, 'TENANT_ID is required'),\r\n CLIENTCODE: z.string().min(1, 'CLIENTCODE is required'),\r\n});\r\n\r\nexport type RuntimeConfigSchema = z.infer<typeof schema>;\r\n\r\nexport function validateConfig(data: unknown): RuntimeConfig {\r\n return schema.parse(data) as RuntimeConfig;\r\n}\r\n\r\nexport function safeValidateConfig(data: unknown): z.SafeParseReturnType<unknown, RuntimeConfig> {\r\n return schema.safeParse(data) as z.SafeParseReturnType<unknown, RuntimeConfig>;\r\n}\r\n\r\nexport { schema as sdkConfigSchema };\r\n","/**\r\n * Configuration types.\r\n * Internal: non-overridable (from .env). Runtime: overridable (env + window + setConfig).\r\n *\r\n * BASE URL SEPARATION (mandatory — do not mix):\r\n * - API_TENANT_RESOLUTION_BASE_URL: Tenant resolution only.\r\n * - API_AUTH_BASE_URL: Token operations only (exchange, refresh, logout).\r\n * - AUTH_SERVER_URL: OpenID Connect authorization redirect only.\r\n */\r\n\r\nexport interface InternalConfig {\r\n API_TENANT_RESOLUTION_BASE_URL: string;\r\n API_AUTH_BASE_URL: string;\r\n AUTH_SERVER_URL: string;\r\n DEFAULT_DOMAIN: string;\r\n}\r\n\r\n/** Single source of truth: .env (VITE_CLIENT_ID, VITE_TENANT_ID, VITE_CLIENTCODE). */\r\nexport interface RuntimeConfig {\r\n CLIENT_ID: string;\r\n TENANT_ID: string;\r\n CLIENTCODE: string;\r\n}\r\n\r\nexport type ResolvedConfig = InternalConfig & RuntimeConfig;\r\nexport type SDKConfig = ResolvedConfig;\r\n\r\nexport const INTERNAL_CONFIG_KEYS = ['API_TENANT_RESOLUTION_BASE_URL', 'API_AUTH_BASE_URL', 'AUTH_SERVER_URL', 'DEFAULT_DOMAIN'] as const;\r\nexport type InternalConfigKey = (typeof INTERNAL_CONFIG_KEYS)[number];\r\n\r\nexport const RUNTIME_CONFIG_KEYS = ['CLIENT_ID', 'TENANT_ID', 'CLIENTCODE'] as const;\r\nexport type RuntimeConfigKey = (typeof RUNTIME_CONFIG_KEYS)[number];\r\n\r\nexport interface RuntimeConfigOverrides {\r\n basePath?: string;\r\n redirectUri?: string;\r\n}\r\n\r\nexport type HostConfigOverride = Partial<RuntimeConfig> & Partial<RuntimeConfigOverrides>;\r\n\r\n/** Window __APP_CONFIG__ / __AUTH_CONFIG__ shape (clientId, tenantId, clientcode only). */\r\nexport interface HostRuntimeConfig {\r\n clientId?: string;\r\n tenantId?: string;\r\n clientcode?: string;\r\n}\r\n\r\n/** Full resolved config output (internal URLs + runtime + derived redirectUri, basePath). */\r\nexport interface ResolvedHostConfig {\r\n apiTenantResolutionBaseUrl: string;\r\n apiAuthBaseUrl: string;\r\n authServerUrl: string;\r\n defaultDomain: string;\r\n clientId: string;\r\n tenantId: string;\r\n clientCode: string;\r\n redirectUri: string;\r\n basePath: string;\r\n}\r\n","/**\r\n * OAuth constants and storage keys. No config resolution — pure constants.\r\n */\r\n\r\nexport const OAUTH_CONSTANTS = {\r\n SCOPES: 'openid profile email',\r\n RESPONSE_TYPE: 'code',\r\n CODE_CHALLENGE_METHOD: 'S256',\r\n TOKEN_GRANT_TYPE: 'authorization_code',\r\n REFRESH_GRANT_TYPE: 'refresh_token',\r\n} as const;\r\n\r\nexport const STORAGE_KEY_PREFIX = 'tenneo_auth_';\r\n\r\nexport const STORAGE_KEYS = {\r\n authServerUrl: `${STORAGE_KEY_PREFIX}auth_server_url`,\r\n clientId: `${STORAGE_KEY_PREFIX}client_id`,\r\n redirectUri: `${STORAGE_KEY_PREFIX}redirect_uri`,\r\n tenantId: `${STORAGE_KEY_PREFIX}tenant_id`,\r\n codeVerifier: `${STORAGE_KEY_PREFIX}code_verifier`,\r\n state: `${STORAGE_KEY_PREFIX}state`,\r\n accessToken: `${STORAGE_KEY_PREFIX}access_token`,\r\n refreshToken: `${STORAGE_KEY_PREFIX}refresh_token`,\r\n expiresAt: `${STORAGE_KEY_PREFIX}expires_at`,\r\n} as const;\r\n\r\nexport const DEFAULT_SCOPES = OAUTH_CONSTANTS.SCOPES;\r\nexport const DEFAULT_RESPONSE_TYPE = OAUTH_CONSTANTS.RESPONSE_TYPE;\r\nexport const DEFAULT_CODE_CHALLENGE_METHOD = OAUTH_CONSTANTS.CODE_CHALLENGE_METHOD;\r\nexport const DEFAULT_TOKEN_GRANT_TYPE = OAUTH_CONSTANTS.TOKEN_GRANT_TYPE;\r\nexport const DEFAULT_REFRESH_GRANT_TYPE = OAUTH_CONSTANTS.REFRESH_GRANT_TYPE;\r\n","/**\r\n * Config: resolver + public Config facade.\r\n * Resolution order: runtime overrides > window > env > defaults.\r\n * Single source of truth: .env (see .env.example).\r\n */\r\n\r\nimport { getEnvValue, loadEnvConfig, loadWindowConfig } from './env';\r\nimport { validateConfig } from './schema';\r\nimport type {\r\n InternalConfig,\r\n RuntimeConfig,\r\n RuntimeConfigKey,\r\n RuntimeConfigOverrides,\r\n HostConfigOverride,\r\n HostRuntimeConfig,\r\n ResolvedHostConfig,\r\n} from './types';\r\nimport { INTERNAL_CONFIG_KEYS, RUNTIME_CONFIG_KEYS } from './types';\r\nimport { STORAGE_KEY_PREFIX, OAUTH_CONSTANTS, STORAGE_KEYS } from './constants';\r\nimport type { EnvConfig } from '../domain/auth-state';\r\n\r\n// Re-export types and schema/env/constants\r\nexport type {\r\n SDKConfig,\r\n ResolvedConfig,\r\n InternalConfig,\r\n RuntimeConfig,\r\n HostConfigOverride,\r\n HostRuntimeConfig,\r\n ResolvedHostConfig,\r\n RuntimeConfigOverrides,\r\n} from './types';\r\nexport { INTERNAL_CONFIG_KEYS, RUNTIME_CONFIG_KEYS } from './types';\r\nexport { validateConfig, safeValidateConfig, sdkConfigSchema } from './schema';\r\nexport { loadEnvConfig, loadWindowConfig, getEnvValue } from './env';\r\nexport {\r\n OAUTH_CONSTANTS,\r\n STORAGE_KEYS,\r\n STORAGE_KEY_PREFIX,\r\n DEFAULT_SCOPES,\r\n DEFAULT_RESPONSE_TYPE,\r\n DEFAULT_CODE_CHALLENGE_METHOD,\r\n DEFAULT_TOKEN_GRANT_TYPE,\r\n DEFAULT_REFRESH_GRANT_TYPE,\r\n} from './constants';\r\n\r\ndeclare global {\r\n interface Window {\r\n __APP_CONFIG__?: HostRuntimeConfig | { [key: string]: unknown };\r\n __AUTH_CONFIG__?: HostRuntimeConfig | { [key: string]: unknown };\r\n }\r\n}\r\n\r\n// ---------------------------------------------------------------------------\r\n// Internal config (from .env; non-overridable)\r\n// Single source: .env (VITE_*). Change URLs only here or in .env — rest of app uses Config getters.\r\n// ---------------------------------------------------------------------------\r\n\r\n/** Fallback when .env is not set. Prefer setting .env so no code change needed per environment. */\r\nconst INTERNAL_DEFAULTS: InternalConfig = {\r\n API_TENANT_RESOLUTION_BASE_URL: 'https://localhost:5020/api/v1',\r\n API_AUTH_BASE_URL: 'https://localhost:5001',\r\n AUTH_SERVER_URL: 'https://localhost:5001',\r\n DEFAULT_DOMAIN: 'https://localhost:5001',\r\n};\r\n\r\nfunction envOr(key: keyof InternalConfig): string {\r\n const v = getEnvValue([`VITE_${key}`, key]);\r\n return (v && v.trim()) ? v.trim() : INTERNAL_DEFAULTS[key];\r\n}\r\n\r\nexport const INTERNAL_CONFIG: InternalConfig = Object.freeze({\r\n API_TENANT_RESOLUTION_BASE_URL: envOr('API_TENANT_RESOLUTION_BASE_URL'),\r\n API_AUTH_BASE_URL: envOr('API_AUTH_BASE_URL'),\r\n AUTH_SERVER_URL: envOr('AUTH_SERVER_URL'),\r\n DEFAULT_DOMAIN: envOr('DEFAULT_DOMAIN'),\r\n});\r\n\r\n// ---------------------------------------------------------------------------\r\n// Runtime defaults and picker\r\n// ---------------------------------------------------------------------------\r\n\r\nexport const RUNTIME_CONFIG_DEFAULTS: RuntimeConfig = Object.freeze({\r\n CLIENT_ID: 'tenneo',\r\n TENANT_ID: '00000000-0000-0000-0000-000000000001',\r\n CLIENTCODE: 'productlms',\r\n});\r\n\r\nexport function pickRuntimeConfig(source?: Partial<Record<string, string | undefined>>): Partial<RuntimeConfig> {\r\n if (!source) return {};\r\n const picked: Partial<RuntimeConfig> = {};\r\n for (const key of RUNTIME_CONFIG_KEYS) {\r\n const value = source[key];\r\n if (value != null && typeof value === 'string') {\r\n const trimmed = value.trim();\r\n if (trimmed) picked[key as RuntimeConfigKey] = trimmed;\r\n }\r\n }\r\n return picked;\r\n}\r\n\r\nexport const defaultConfig: InternalConfig & RuntimeConfig = {\r\n ...INTERNAL_CONFIG,\r\n ...RUNTIME_CONFIG_DEFAULTS,\r\n};\r\n\r\nexport { defaultConfig as FALLBACK_CONFIG };\r\n\r\n// ---------------------------------------------------------------------------\r\n// Resolver state\r\n// ---------------------------------------------------------------------------\r\n\r\nlet runtimeOverrides: Partial<RuntimeConfig> = {};\r\nlet runtimeConfigOverrides: RuntimeConfigOverrides = {};\r\n\r\nfunction mergeRuntime(base: RuntimeConfig, ...sources: (Partial<RuntimeConfig> | null | undefined)[]): RuntimeConfig {\r\n let out: RuntimeConfig = { ...base };\r\n for (const src of sources) {\r\n if (!src) continue;\r\n for (const key of Object.keys(src) as (keyof RuntimeConfig)[]) {\r\n const value = src[key];\r\n if (value != null && String(value).trim() !== '') out[key] = String(value).trim();\r\n }\r\n }\r\n return out;\r\n}\r\n\r\nfunction assertNoInternalOverrides(source?: Partial<Record<string, unknown>>): void {\r\n if (!source) return;\r\n for (const key of INTERNAL_CONFIG_KEYS) {\r\n if (source[key] !== undefined) throw new Error('Attempted to override protected internal configuration');\r\n }\r\n}\r\n\r\nconst INTERNAL_KEY_SET = new Set<string>(INTERNAL_CONFIG_KEYS as readonly string[]);\r\nconst HOST_TO_RUNTIME_KEYS: Record<string, keyof RuntimeConfig> = {\r\n clientId: 'CLIENT_ID',\r\n tenantId: 'TENANT_ID',\r\n clientcode: 'CLIENTCODE',\r\n};\r\n\r\nfunction sanitizeRuntimeOverrides(source?: HostConfigOverride): Partial<RuntimeConfig> | undefined {\r\n if (!source) return undefined;\r\n const filtered: Record<string, string> = {};\r\n for (const [key, raw] of Object.entries(source)) {\r\n if (raw == null) continue;\r\n if (INTERNAL_KEY_SET.has(key)) continue;\r\n const trimmed = String(raw).trim();\r\n if (!trimmed) continue;\r\n const sdkKey = HOST_TO_RUNTIME_KEYS[key] ?? key;\r\n filtered[sdkKey] = trimmed;\r\n }\r\n const picked = pickRuntimeConfig(filtered);\r\n return Object.keys(picked).length ? picked : undefined;\r\n}\r\n\r\n// ---------------------------------------------------------------------------\r\n// Public resolver API\r\n// ---------------------------------------------------------------------------\r\n\r\nexport function resolveConfig(overrides?: HostConfigOverride): InternalConfig & RuntimeConfig {\r\n assertNoInternalOverrides(runtimeOverrides as Partial<Record<string, unknown>>);\r\n assertNoInternalOverrides(overrides);\r\n const windowCfg = loadWindowConfig();\r\n const envCfg = loadEnvConfig();\r\n const mergedRuntime = mergeRuntime(\r\n RUNTIME_CONFIG_DEFAULTS,\r\n envCfg,\r\n windowCfg ?? undefined,\r\n runtimeOverrides,\r\n sanitizeRuntimeOverrides(overrides)\r\n );\r\n const validatedRuntime = validateConfig(mergedRuntime);\r\n return { ...INTERNAL_CONFIG, ...validatedRuntime };\r\n}\r\n\r\nexport function getConfig(): InternalConfig & RuntimeConfig {\r\n return resolveConfig();\r\n}\r\n\r\nexport function setConfig(overrides: HostConfigOverride): void {\r\n assertNoInternalOverrides(overrides);\r\n const sanitized = sanitizeRuntimeOverrides(overrides);\r\n if (sanitized) runtimeOverrides = { ...runtimeOverrides, ...sanitized };\r\n const { basePath, redirectUri } = overrides;\r\n if (basePath != null && basePath.trim() !== '') runtimeConfigOverrides = { ...runtimeConfigOverrides, basePath: basePath.trim() };\r\n if (redirectUri != null && redirectUri.trim() !== '') runtimeConfigOverrides = { ...runtimeConfigOverrides, redirectUri: redirectUri.trim() };\r\n}\r\n\r\nexport function setRuntimeConfigOverrides(overrides: RuntimeConfigOverrides): void {\r\n runtimeConfigOverrides = { ...runtimeConfigOverrides, ...overrides };\r\n}\r\n\r\nexport function clearConfigOverrides(): void {\r\n runtimeOverrides = {};\r\n runtimeConfigOverrides = {};\r\n}\r\n\r\n// ---------------------------------------------------------------------------\r\n// Derived: basePath, redirectUri\r\n// ---------------------------------------------------------------------------\r\n\r\nfunction getWindowBasePath(): string {\r\n if (typeof window === 'undefined') return '';\r\n const w = window as Window & { __AUTH_CONFIG__?: { basePath?: string }; __APP_CONFIG__?: { basePath?: string } };\r\n const raw = w.__AUTH_CONFIG__ ?? w.__APP_CONFIG__;\r\n const bp = raw?.basePath;\r\n if (bp != null && typeof bp === 'string' && bp.trim()) return bp.trim();\r\n const pathname = window.location.pathname;\r\n const segments = pathname.split('/').filter(Boolean);\r\n const commonRoutes = ['dashboards', 'callback', 'confirmation', 'client-confirmed', 'client-provisioned', 'approval-completed'];\r\n if (segments.length > 0 && !commonRoutes.includes(segments[0])) {\r\n let base = '/' + segments[0];\r\n if (base.endsWith('/')) base = base.slice(0, -1);\r\n return base;\r\n }\r\n return '';\r\n}\r\n\r\nexport function getBasePath(): string {\r\n if (runtimeConfigOverrides.basePath != null && runtimeConfigOverrides.basePath !== '') return runtimeConfigOverrides.basePath;\r\n return getWindowBasePath();\r\n}\r\n\r\n/**\r\n * Static redirect URI: always host + '/callback'.\r\n * In browser uses current origin; for SSR uses env or default.\r\n */\r\nexport function getRedirectUri(): string {\r\n if (typeof window !== 'undefined') {\r\n return `${window.location.origin}/callback`;\r\n }\r\n return getEnvValue(['VITE_REDIRECT_URI', 'REDIRECT_URI']) || 'http://localhost:5173/callback';\r\n}\r\n\r\nexport function hasRuntimeConfig(): boolean {\r\n return loadWindowConfig() !== null || Object.keys(runtimeOverrides).length > 0;\r\n}\r\n\r\n// ---------------------------------------------------------------------------\r\n// Public Config facade\r\n// ---------------------------------------------------------------------------\r\n\r\nexport const Config = {\r\n getApiTenantResolutionBaseUrl(): string {\r\n return getConfig().API_TENANT_RESOLUTION_BASE_URL;\r\n },\r\n getApiAuthBaseUrl(): string {\r\n return getConfig().API_AUTH_BASE_URL;\r\n },\r\n getAuthServerUrl(): string {\r\n return getConfig().AUTH_SERVER_URL;\r\n },\r\n getDefaultDomain(): string {\r\n return getConfig().DEFAULT_DOMAIN;\r\n },\r\n getClientId(): string {\r\n return getConfig().CLIENT_ID;\r\n },\r\n getTenantId(): string {\r\n return getConfig().TENANT_ID;\r\n },\r\n getClientCode(): string {\r\n return getConfig().CLIENTCODE;\r\n },\r\n getRedirectUri(): string {\r\n return getRedirectUri();\r\n },\r\n getBasePath(): string {\r\n return getBasePath();\r\n },\r\n hasRuntimeConfig(): boolean {\r\n return hasRuntimeConfig();\r\n },\r\n getAll(): ResolvedHostConfig {\r\n const c = getConfig();\r\n return {\r\n apiTenantResolutionBaseUrl: c.API_TENANT_RESOLUTION_BASE_URL,\r\n apiAuthBaseUrl: c.API_AUTH_BASE_URL,\r\n authServerUrl: c.AUTH_SERVER_URL,\r\n defaultDomain: c.DEFAULT_DOMAIN,\r\n clientId: c.CLIENT_ID,\r\n tenantId: c.TENANT_ID,\r\n clientCode: c.CLIENTCODE,\r\n redirectUri: getRedirectUri(),\r\n basePath: getBasePath(),\r\n };\r\n },\r\n} as const;\r\n\r\nexport const DEFAULT_ENV_CONFIG = {\r\n AUTH_SERVER_URL: Config.getAuthServerUrl(),\r\n CLIENT_ID: Config.getClientId(),\r\n TENANT_ID: Config.getTenantId(),\r\n CLIENTCODE: Config.getClientCode(),\r\n};\r\n\r\n// ---------------------------------------------------------------------------\r\n// Env config for bootstrap (validated shape)\r\n// ---------------------------------------------------------------------------\r\n\r\nexport function getEnvConfig(): Promise<EnvConfig | null> {\r\n const authServerUrl = Config.getAuthServerUrl();\r\n const clientId = Config.getClientId();\r\n const tenantId = Config.getTenantId();\r\n const redirectUri = Config.getRedirectUri();\r\n try {\r\n new URL(authServerUrl);\r\n new URL(redirectUri);\r\n } catch {\r\n return Promise.resolve(null);\r\n }\r\n return Promise.resolve({\r\n authServerUrl: authServerUrl.trim(),\r\n clientId: clientId.trim(),\r\n redirectUri: redirectUri.trim(),\r\n tenantId: tenantId.trim(),\r\n });\r\n}\r\n\r\nexport function getEnvConfigSync(): EnvConfig | null {\r\n const authServerUrl = Config.getAuthServerUrl();\r\n const clientId = Config.getClientId();\r\n const tenantId = Config.getTenantId();\r\n const redirectUri = Config.getRedirectUri();\r\n try {\r\n new URL(authServerUrl);\r\n new URL(redirectUri);\r\n } catch {\r\n return null;\r\n }\r\n return {\r\n authServerUrl: authServerUrl.trim(),\r\n clientId: clientId.trim(),\r\n redirectUri: redirectUri.trim(),\r\n tenantId: tenantId.trim(),\r\n };\r\n}\r\n\r\nexport function hasEnvFallback(): boolean {\r\n return getEnvConfigSync() !== null;\r\n}\r\n","/**\r\n * Validation utilities\r\n */\r\n\r\n/**\r\n * Validates if a string is a valid GUID format\r\n * @param guid GUID string to validate\r\n * @returns True if valid GUID format, false otherwise\r\n */\r\nexport function isValidGuid(guid: string): boolean {\r\n if (!guid || typeof guid !== 'string') {\r\n return false;\r\n }\r\n \r\n const guidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;\r\n return guidRegex.test(guid.trim());\r\n}\r\n\r\n/**\r\n * Validates tenant ID (must be a valid GUID)\r\n * @param tenantId Tenant ID to validate\r\n * @returns Validation result with isValid flag and error message\r\n */\r\nexport function validateTenantId(tenantId: string | null | undefined): { isValid: boolean; error?: string } {\r\n if (!tenantId || tenantId.trim() === '') {\r\n return {\r\n isValid: false,\r\n error: 'Tenant ID is required',\r\n };\r\n }\r\n \r\n if (!isValidGuid(tenantId)) {\r\n return {\r\n isValid: false,\r\n error: 'Tenant ID must be a valid GUID format (00000000-0000-0000-0000-000000000001)',\r\n };\r\n }\r\n \r\n return { isValid: true };\r\n}\r\n\r\n","/**\r\n * Runtime-backed facade for domain tenant/callback helpers.\r\n * Provides extractTenantKey(), isCallbackUrl(), isLocalhost() for public API and internal use.\r\n * Uses runtime when set; falls back to window for backward compatibility.\r\n */\r\n\r\nimport { Config } from '../config';\r\nimport { getStorage, getStorageKey } from '../infrastructure/storage/index';\r\nimport { getAuthRuntime } from '../infrastructure/runtime/context';\r\nimport {\r\n isLocalhost as domainIsLocalhost,\r\n extractTenantKeyFromUrl,\r\n isCallbackUrlFromUrl,\r\n} from '../domain/tenant';\r\n\r\nexport { isCallbackUrlFromUrl } from '../domain/tenant';\r\n\r\nexport function isLocalhost(): boolean {\r\n const runtime = getAuthRuntime();\r\n const hostname = runtime\r\n ? runtime.urlProvider.getCurrentUrl().hostname\r\n : (typeof window !== 'undefined' ? window.location.hostname : '');\r\n return domainIsLocalhost(hostname);\r\n}\r\n\r\nexport function extractTenantKey(): string | null {\r\n const runtime = getAuthRuntime();\r\n if (runtime) {\r\n const url = runtime.urlProvider.getCurrentUrl();\r\n return extractTenantKeyFromUrl(url, runtime.configProvider, getStorage, getStorageKey);\r\n }\r\n return extractTenantKeyLegacy();\r\n}\r\n\r\nfunction extractTenantKeyLegacy(): string | null {\r\n if (typeof window === 'undefined') return Config.getClientCode();\r\n try {\r\n const propsConfigStr = getStorage(getStorageKey('props_config'));\r\n if (propsConfigStr) {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n if (propsConfig.tenantKey?.trim()) return propsConfig.tenantKey.trim();\r\n }\r\n const stored = getStorage(getStorageKey('tenant_key'));\r\n if (stored?.trim()) return stored.trim();\r\n const urlParams = new URLSearchParams(window.location.search);\r\n const t = urlParams.get('t');\r\n if (t?.trim()) return t.trim();\r\n const hostname = window.location.hostname;\r\n const parts = hostname.split('.');\r\n if (parts.length >= 2 && parts[0] && parts[0].toLowerCase() !== 'productlms') return parts[0].trim();\r\n return Config.getClientCode();\r\n } catch {\r\n return Config.getClientCode();\r\n }\r\n}\r\n\r\nexport function isCallbackUrl(): boolean {\r\n const runtime = getAuthRuntime();\r\n if (runtime) return isCallbackUrlFromUrl(runtime.urlProvider.getCurrentUrl());\r\n if (typeof window === 'undefined') return false;\r\n const params = new URLSearchParams(window.location.search);\r\n return params.has('code') && params.has('state');\r\n}\r\n","/**\r\n * Structured auth event emitter for observability and audit.\r\n */\r\n\r\nexport const AuthEventNames = {\r\n LOGIN_STARTED: 'LOGIN_STARTED',\r\n LOGIN_SUCCESS: 'LOGIN_SUCCESS',\r\n LOGIN_FAILED: 'LOGIN_FAILED',\r\n CALLBACK_SUCCESS: 'CALLBACK_SUCCESS',\r\n CALLBACK_FAILED: 'CALLBACK_FAILED',\r\n TOKEN_REFRESH_SUCCESS: 'TOKEN_REFRESH_SUCCESS',\r\n TOKEN_REFRESH_FAILED: 'TOKEN_REFRESH_FAILED',\r\n TENANT_SWITCHED: 'TENANT_SWITCHED',\r\n LOGOUT_COMPLETED: 'LOGOUT_COMPLETED',\r\n BOOTSTRAP_STATE_DETECTED: 'BOOTSTRAP_STATE_DETECTED',\r\n REDIRECT_LOOP_RISK: 'REDIRECT_LOOP_RISK',\r\n} as const;\r\n\r\nexport type AuthEventName = (typeof AuthEventNames)[keyof typeof AuthEventNames];\r\n\r\nexport interface AuthEventPayload {\r\n state?: string;\r\n tenantKey?: string;\r\n error?: string;\r\n message?: string;\r\n [key: string]: unknown;\r\n}\r\n\r\nexport type AuthEventHandler = (payload?: AuthEventPayload) => void;\r\n\r\ntype ListenerMap = Map<AuthEventName | '*', Set<AuthEventHandler>>;\r\n\r\nlet listeners: ListenerMap = new Map();\r\n\r\nfunction getHandlers(event: AuthEventName): Set<AuthEventHandler> {\r\n let set = listeners.get(event);\r\n if (!set) {\r\n set = new Set();\r\n listeners.set(event, set);\r\n }\r\n return set;\r\n}\r\n\r\nfunction getWildcardHandlers(): Set<AuthEventHandler> {\r\n let set = listeners.get('*');\r\n if (!set) {\r\n set = new Set();\r\n listeners.set('*', set);\r\n }\r\n return set;\r\n}\r\n\r\nexport function emitAuthEvent(event: AuthEventName, payload?: AuthEventPayload): void {\r\n const handlers = getHandlers(event);\r\n const wildcard = getWildcardHandlers();\r\n const p = payload ?? {};\r\n handlers.forEach((fn) => {\r\n try {\r\n fn(p);\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n wildcard.forEach((fn) => {\r\n try {\r\n fn({ ...p, event });\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n}\r\n\r\nexport function subscribeAuthEvent(\r\n event: AuthEventName | '*',\r\n handler: AuthEventHandler\r\n): () => void {\r\n const set = event === '*' ? getWildcardHandlers() : getHandlers(event);\r\n set.add(handler);\r\n return () => set.delete(handler);\r\n}\r\n\r\nexport function resetAuthEventListeners(): void {\r\n listeners = new Map();\r\n}\r\n","/**\r\n * Redirect loop protection: limit consecutive redirect attempts to IdP.\r\n */\r\n\r\nimport { emitAuthEvent, AuthEventNames } from '../events/AuthEvents';\r\n\r\nconst DEFAULT_MAX_REDIRECTS = 5;\r\nconst WINDOW_MS = 60 * 1000;\r\n\r\nlet redirectCount = 0;\r\nlet firstRedirectAt = 0;\r\n\r\nexport const MAX_REDIRECT_ATTEMPTS = DEFAULT_MAX_REDIRECTS;\r\n\r\nexport function getRedirectAttemptCount(): number {\r\n return redirectCount;\r\n}\r\n\r\nexport function incrementRedirectAttempt(): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n redirectCount++;\r\n return redirectCount <= DEFAULT_MAX_REDIRECTS;\r\n}\r\n\r\nexport function shouldAllowRedirect(maxAttempts: number = DEFAULT_MAX_REDIRECTS): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n return redirectCount < maxAttempts;\r\n}\r\n\r\nexport function resetRedirectLoopGuard(): void {\r\n redirectCount = 0;\r\n firstRedirectAt = 0;\r\n}\r\n\r\nexport function checkAndIncrementRedirect(maxAttempts: number = DEFAULT_MAX_REDIRECTS): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n if (redirectCount >= maxAttempts) {\r\n emitAuthEvent(AuthEventNames.REDIRECT_LOOP_RISK, {\r\n message: `Redirect attempt limit (${maxAttempts}) exceeded`,\r\n });\r\n return false;\r\n }\r\n redirectCount++;\r\n return true;\r\n}\r\n","/**\r\n * OAuth authorization flow implementation\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\nimport {\r\n setStorage,\r\n getStorage,\r\n removeStorage,\r\n STORAGE_KEYS,\r\n getStorageKey,\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n} from '../../infrastructure/storage/index';\r\nimport { getAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport { generateCodeVerifier, generateCodeChallenge, generateState } from './pkce';\r\nimport {\r\n Config,\r\n DEFAULT_CODE_CHALLENGE_METHOD,\r\n DEFAULT_RESPONSE_TYPE,\r\n} from '../../config';\r\nimport { validateTenantId } from '../../utils/validation';\r\nimport { logger } from '../../utils/logger';\r\nimport { isLocalhost, isCallbackUrl } from '../../application/domain-facade';\r\nimport { clearFlowFlags, setFlowFlags, isFlowInProgress, isFlowFlagStale } from '../../application/lifecycle-state';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { checkAndIncrementRedirect } from '../../application/security/redirectLoopGuard';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\n\r\nexport function storeTenantConfig(config: TenantConfig): void {\r\n const validation = validateTenantId(config.tenantId);\r\n if (!validation.isValid) {\r\n logger.warn('Tenant ID validation failed', { tenantId: config.tenantId });\r\n }\r\n\r\n setStorage(STORAGE_KEYS.authServerUrl, config.authServer);\r\n setStorage(STORAGE_KEYS.clientId, config.client.clientId);\r\n // Static redirect URI: always host + '/callback'\r\n setStorage(STORAGE_KEYS.redirectUri, Config.getRedirectUri());\r\n setStorage(STORAGE_KEYS.tenantId, config.tenantId);\r\n if (config.tenantKey) {\r\n setStorage(STORAGE_KEYS.tenantKey, config.tenantKey);\r\n }\r\n}\r\n\r\nexport async function initiateAuthFlow(config: TenantConfig): Promise<void> {\r\n try {\r\n logger.info('Initiating OAuth authorization flow');\r\n\r\n const token = getAccessToken();\r\n if (token && !isAccessTokenExpired()) {\r\n logger.debug('Valid token already exists, skipping auth flow');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n if (isCallbackUrl()) {\r\n logger.debug('Callback URL detected - clearing flow flag to allow callback processing');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n if (isFlowInProgress()) {\r\n if (isFlowFlagStale(3000)) {\r\n logger.info('Stale auth flow flag detected, clearing and proceeding');\r\n clearFlowFlags();\r\n } else {\r\n logger.debug('Auth flow already in progress (recent), skipping duplicate redirect');\r\n return;\r\n }\r\n }\r\n\r\n setFlowFlags();\r\n\r\n if (\r\n !config?.authServer ||\r\n !config.client?.clientId ||\r\n !config.client?.redirectUri\r\n ) {\r\n throw new Error('Invalid tenant configuration for auth flow');\r\n }\r\n\r\n storeTenantConfig(config);\r\n\r\n const codeVerifier = generateCodeVerifier();\r\n const codeChallenge = await generateCodeChallenge(codeVerifier);\r\n const state = generateState();\r\n\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n setStorage(STORAGE_KEYS.codeVerifier, codeVerifier);\r\n setStorage(STORAGE_KEYS.state, state);\r\n\r\n const authUrl = buildAuthorizationUrl(config, codeChallenge, state);\r\n\r\n if (\r\n !authUrl ||\r\n !(authUrl.startsWith('http://') || authUrl.startsWith('https://'))\r\n ) {\r\n throw new Error('Invalid authorization URL generated');\r\n }\r\n\r\n if (!checkAndIncrementRedirect()) {\r\n logger.warn('Redirect loop protection: max redirect attempts exceeded');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n logger.info('Redirecting to authorization server');\r\n emitAuthEvent(AuthEventNames.LOGIN_STARTED, { tenantKey: config.tenantKey });\r\n\r\n const runtime = getAuthRuntime();\r\n if (runtime) runtime.urlProvider.redirect(authUrl);\r\n else if (typeof window !== 'undefined') window.location.replace(authUrl);\r\n } catch (error) {\r\n clearFlowFlags();\r\n logger.error('Failed to initiate auth flow', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n throw error;\r\n }\r\n}\r\n\r\nfunction buildAuthorizationUrl(\r\n config: TenantConfig,\r\n codeChallenge: string,\r\n state: string,\r\n): string {\r\n if (isLocalhost()) {\r\n logger.debug('Building authorization URL', {\r\n authServer: config.authServer,\r\n clientId: config.client.clientId,\r\n redirectUri: config.client.redirectUri,\r\n scopes: config.client.scopes,\r\n });\r\n }\r\n\r\n const storedTenantId = getStorage(STORAGE_KEYS.tenantId);\r\n const storedClientId = getStorage(STORAGE_KEYS.clientId);\r\n\r\n const tenantIdToUse = storedTenantId || config.tenantId;\r\n const clientIdToUse = storedClientId || config.client.clientId;\r\n // Static redirect URI: always host + '/callback'\r\n const redirectUriToUse = Config.getRedirectUri();\r\n\r\n const params = new URLSearchParams({\r\n client_id: `public-${clientIdToUse}`,\r\n tenant_id: tenantIdToUse,\r\n redirect_uri: redirectUriToUse,\r\n response_type: DEFAULT_RESPONSE_TYPE,\r\n scope: config.client.scopes,\r\n state,\r\n code_challenge: codeChallenge,\r\n code_challenge_method: DEFAULT_CODE_CHALLENGE_METHOD,\r\n });\r\n\r\n return `${config.authServer}/connect/authorize?${params.toString()}`;\r\n}\r\n\r\nexport function isAuthenticated(): boolean {\r\n const token = getAccessToken();\r\n return !!token && !isAccessTokenExpired();\r\n}\r\n","/**\r\n * OAuth2 PKCE token exchange and refresh.\r\n * Strategy-owned implementation; uses API_AUTH_BASE_URL only.\r\n */\r\n\r\nimport {\r\n setStorage,\r\n getStorageAdapter,\r\n removeStorage,\r\n STORAGE_KEYS,\r\n getRefreshToken,\r\n getClientId,\r\n getTenantId,\r\n isAccessTokenExpired,\r\n getAccessToken as getStoredAccessToken,\r\n} from '../../infrastructure/storage/index';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { Config, DEFAULT_TOKEN_GRANT_TYPE, DEFAULT_REFRESH_GRANT_TYPE } from '../../config';\r\nimport { logger } from '../../utils/logger';\r\nimport { isLocalhost } from '../../application/domain-facade';\r\nimport type { TokenResponse } from '../../domain/auth-state';\r\n\r\nexport interface ExchangeTokenParams {\r\n code: string;\r\n codeVerifier: string;\r\n clientId: string;\r\n redirectUri: string;\r\n tenantId: string;\r\n}\r\n\r\nfunction storeTokens(tokenData: TokenResponse): void {\r\n const expiresIn = tokenData.expires_in || 3600;\r\n const expiresAt = Date.now() + expiresIn * 1000;\r\n\r\n const adapter = getStorageAdapter();\r\n if (adapter?.setTokensSync) {\r\n adapter.setTokensSync({\r\n accessToken: tokenData.access_token,\r\n refreshToken: tokenData.refresh_token,\r\n expiresAt,\r\n });\r\n }\r\n setStorage(STORAGE_KEYS.accessToken, tokenData.access_token);\r\n setStorage(STORAGE_KEYS.refreshToken, tokenData.refresh_token);\r\n setStorage(STORAGE_KEYS.expiresAt, expiresAt.toString());\r\n\r\n if (isLocalhost()) {\r\n logger.debug('Tokens stored successfully', {\r\n expiresAt: new Date(expiresAt).toISOString(),\r\n expiresIn,\r\n });\r\n } else {\r\n logger.info('Tokens stored successfully');\r\n }\r\n}\r\n\r\nexport async function exchangeCodeForTokens(params: ExchangeTokenParams): Promise<TokenResponse> {\r\n try {\r\n const { code, codeVerifier, clientId, redirectUri } = params;\r\n const apiAuthBaseUrl = Config.getApiAuthBaseUrl();\r\n const tokenUrl = `${apiAuthBaseUrl}/oauth/token`;\r\n\r\n const body = new URLSearchParams({\r\n grant_type: DEFAULT_TOKEN_GRANT_TYPE,\r\n code,\r\n client_id: `public-${clientId}`,\r\n redirect_uri: redirectUri,\r\n code_verifier: codeVerifier,\r\n });\r\n\r\n const response = await fetch(tokenUrl, {\r\n method: 'POST',\r\n headers: { 'Content-Type': 'application/x-www-form-urlencoded' },\r\n body: body.toString(),\r\n });\r\n\r\n if (!response.ok) {\r\n const responseData = await response.json().catch(() => ({}));\r\n logger.error('Token exchange failed', {\r\n status: response.status,\r\n statusText: response.statusText,\r\n responseData,\r\n requestUrl: tokenUrl,\r\n });\r\n throw new Error(\r\n `Token exchange failed: ${response.status} ${response.statusText}${Object.keys(responseData).length ? ` - ${JSON.stringify(responseData)}` : ''}`\r\n );\r\n }\r\n\r\n const tokenData = (await response.json()) as TokenResponse;\r\n\r\n if (!tokenData.access_token || !tokenData.refresh_token || !tokenData.expires_in) {\r\n logger.error('Invalid token response received');\r\n throw new Error('Invalid token response');\r\n }\r\n\r\n storeTokens(tokenData);\r\n return tokenData;\r\n } catch (error) {\r\n const isAborted = error instanceof Error && error.name === 'AbortError';\r\n if (isAborted) {\r\n logger.warn('Token exchange request canceled (likely due to navigation or component unmount)');\r\n const existingToken = getStoredAccessToken();\r\n if (existingToken && !isAccessTokenExpired()) {\r\n return {\r\n access_token: existingToken,\r\n refresh_token: getRefreshToken() || '',\r\n expires_in: 3600,\r\n } as TokenResponse;\r\n }\r\n throw new Error('Token exchange request was canceled');\r\n }\r\n logger.error('Token exchange failed', {\r\n message: error instanceof Error ? error.message : String(error),\r\n });\r\n throw error;\r\n }\r\n}\r\n\r\nlet refreshPromise: Promise<string> | null = null;\r\n\r\nexport async function refreshAccessToken(): Promise<string> {\r\n if (refreshPromise) return refreshPromise;\r\n\r\n refreshPromise = (async (): Promise<string> => {\r\n try {\r\n const refreshToken = getRefreshToken();\r\n const clientId = getClientId();\r\n const tenantId = getTenantId();\r\n\r\n if (!refreshToken || !clientId || !tenantId) {\r\n logger.error('Token refresh failed: missing required data');\r\n throw new Error('Cannot refresh token: missing required data');\r\n }\r\n\r\n const apiAuthBaseUrl = Config.getApiAuthBaseUrl();\r\n const tokenUrl = `${apiAuthBaseUrl}/oauth/refresh`;\r\n\r\n const body = new URLSearchParams({\r\n grant_type: DEFAULT_REFRESH_GRANT_TYPE,\r\n refresh_token: refreshToken,\r\n client_id: clientId.startsWith('public-') ? clientId : `public-${clientId}`,\r\n tenant_id: tenantId,\r\n });\r\n\r\n const response = await fetch(tokenUrl, {\r\n method: 'POST',\r\n headers: {\r\n 'Content-Type': 'application/x-www-form-urlencoded',\r\n '__tenant': tenantId,\r\n 'Accept': '*/*',\r\n },\r\n body: body.toString(),\r\n });\r\n\r\n if (!response.ok) {\r\n const responseData = (await response.json().catch(() => ({}))) as Record<string, unknown>;\r\n const isExpiredOrInvalidGrant =\r\n response.status === 401 ||\r\n (responseData?.error === 'invalid_grant') ||\r\n (typeof responseData?.error_description === 'string' &&\r\n (responseData.error_description.includes('expired') || responseData.error_description.includes('invalid')));\r\n\r\n if (isExpiredOrInvalidGrant) {\r\n removeStorage(STORAGE_KEYS.refreshToken);\r\n removeStorage(STORAGE_KEYS.accessToken);\r\n removeStorage(STORAGE_KEYS.expiresAt);\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_FAILED, {\r\n error: 'Refresh token expired or invalid',\r\n message: String(responseData?.error_description ?? responseData?.error ?? 'Token refresh failed'),\r\n });\r\n }\r\n\r\n logger.error('Token refresh failed', {\r\n status: response.status,\r\n statusText: response.statusText,\r\n responseData,\r\n requestUrl: tokenUrl,\r\n });\r\n throw new Error(\r\n `Token refresh failed: ${response.status} ${response.statusText}${Object.keys(responseData).length ? ` - ${JSON.stringify(responseData)}` : ''}`\r\n );\r\n }\r\n\r\n const tokenData = (await response.json()) as TokenResponse;\r\n\r\n if (!tokenData.access_token || !tokenData.refresh_token) {\r\n logger.error('Invalid refresh token response received');\r\n throw new Error('Invalid refresh token response');\r\n }\r\n\r\n storeTokens(tokenData);\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_SUCCESS);\r\n return tokenData.access_token;\r\n } catch (error) {\r\n if (error instanceof Error) {\r\n logger.error('Token refresh failed', { message: error.message });\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_FAILED, { error: error.message });\r\n }\r\n throw error;\r\n } finally {\r\n refreshPromise = null;\r\n }\r\n })();\r\n\r\n return refreshPromise;\r\n}\r\n","/**\r\n * OAuth callback handling\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\nimport {\r\n getState,\r\n getCodeVerifier,\r\n getClientId,\r\n getRedirectUri,\r\n getTenantId,\r\n removeStorage,\r\n getStorage,\r\n setStorage,\r\n STORAGE_KEYS,\r\n getStorageKey,\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n getTenantKey,\r\n setTenantKey,\r\n clearAllStorage,\r\n} from '../../infrastructure/storage/index';\r\nimport { exchangeCodeForTokens } from './token-exchange';\r\nimport { isCallbackUrl, extractTenantKey } from '../../application/domain-facade';\r\nimport { logger } from '../../utils/logger';\r\nimport { clearFlowFlags } from '../../application/lifecycle-state';\r\nimport { getAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport {\r\n isCallbackProcessing,\r\n setCallbackProcessing,\r\n clearCallbackProcessing,\r\n} from '../../application/lifecycle-state';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { resetRedirectLoopGuard } from '../../application/security/redirectLoopGuard';\r\nimport axios from 'axios';\r\n\r\nfunction isProcessed(): boolean {\r\n return getStorage(getStorageKey('callback_processed')) === 'true';\r\n}\r\n\r\nfunction isProcessing(): boolean {\r\n return isCallbackProcessing();\r\n}\r\n\r\nfunction markProcessing(): void {\r\n setCallbackProcessing();\r\n}\r\n\r\nfunction markProcessed(): void {\r\n setStorage(getStorageKey('callback_processed'), 'true');\r\n clearCallbackProcessing();\r\n}\r\n\r\nfunction clearProcessing(): void {\r\n clearCallbackProcessing();\r\n removeStorage(getStorageKey('callback_processed'));\r\n}\r\n\r\nlet urlCleaned = false;\r\n\r\nfunction cleanUrl(): void {\r\n if (urlCleaned) return;\r\n if (isProcessing()) return;\r\n const runtime = getAuthRuntime();\r\n const clean = runtime\r\n ? `${runtime.urlProvider.getCurrentUrl().origin}${runtime.urlProvider.getCurrentUrl().pathname}`\r\n : (typeof window !== 'undefined' ? `${window.location.origin}${window.location.pathname}` : '/');\r\n if (runtime) runtime.urlProvider.redirect(clean);\r\n else if (typeof window !== 'undefined') window.location.replace(clean);\r\n urlCleaned = true;\r\n}\r\n\r\nfunction cleanUrlSoft(): void {\r\n if (urlCleaned) return;\r\n if (isProcessing()) return;\r\n const runtime = getAuthRuntime();\r\n const clean = runtime\r\n ? `${runtime.urlProvider.getCurrentUrl().origin}${runtime.urlProvider.getCurrentUrl().pathname}`\r\n : (typeof window !== 'undefined' ? `${window.location.origin}${window.location.pathname}` : '/');\r\n if (runtime) runtime.urlProvider.replaceState(clean);\r\n else if (typeof window !== 'undefined') window.history.replaceState({}, typeof document !== 'undefined' ? document.title : '', clean);\r\n urlCleaned = true;\r\n}\r\n\r\nfunction clearAllAuthFlags(): void {\r\n removeStorage(getStorageKey('force_login'));\r\n removeStorage(getStorageKey('logout_in_progress'));\r\n clearFlowFlags();\r\n}\r\n\r\nexport async function handleCallback(): Promise<boolean> {\r\n if (isProcessed()) {\r\n logger.debug('Callback already processed in this session - preventing duplicate processing');\r\n if (isCallbackUrl()) {\r\n if (!isProcessing()) cleanUrlSoft();\r\n }\r\n clearFlowFlags();\r\n return true;\r\n }\r\n\r\n if (isProcessing()) {\r\n logger.debug('Callback processing already in progress - waiting for completion');\r\n return true;\r\n }\r\n\r\n if (getStorage(getStorageKey('force_login')) === 'true') {\r\n logger.info('Force-login flag present → callback skipped (logout occurred)');\r\n const runtime = getAuthRuntime();\r\n if (runtime && runtime.urlProvider.getCurrentUrl().search) cleanUrlSoft();\r\n else if (typeof window !== 'undefined' && window.location.search) cleanUrlSoft();\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n return false;\r\n }\r\n\r\n const storedTenantKey = getTenantKey();\r\n let currentTenantKey: string | null = null;\r\n try {\r\n const propsConfigStr = getStorage(getStorageKey('props_config'));\r\n if (propsConfigStr) {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n currentTenantKey = propsConfig.tenantKey || null;\r\n }\r\n } catch {\r\n // fallback below\r\n }\r\n if (!currentTenantKey) currentTenantKey = storedTenantKey;\r\n\r\n if (currentTenantKey && storedTenantKey && currentTenantKey !== storedTenantKey) {\r\n logger.info('TenantKey changed - bypassing callback, starting fresh login');\r\n clearAllStorage();\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n setStorage(getStorageKey('tenant_switched'), 'true');\r\n setStorage(getStorageKey('new_tenant_key'), currentTenantKey);\r\n setTenantKey(currentTenantKey);\r\n if (isCallbackUrl()) cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n if (!isCallbackUrl()) return false;\r\n\r\n markProcessing();\r\n clearFlowFlags();\r\n urlCleaned = false;\r\n\r\n try {\r\n const search = getAuthRuntime()?.urlProvider.getCurrentUrl().search ?? (typeof window !== 'undefined' ? window.location.search : '');\r\n const params = new URLSearchParams(search);\r\n const code = params.get('code');\r\n const state = params.get('state');\r\n const error = params.get('error');\r\n\r\n if (error || !code || !state) {\r\n logger.error('Invalid OAuth callback params', { error, code, state });\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n markProcessed();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n const storedState = getState();\r\n if (!storedState || storedState !== state) {\r\n const currentTenantKeyFromUrl = extractTenantKey();\r\n let storedTenantKeyFromProps: string | null = null;\r\n try {\r\n const propsConfigStr = getStorage(getStorageKey('props_config'));\r\n if (propsConfigStr) {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n storedTenantKeyFromProps = propsConfig.tenantKey || null;\r\n }\r\n } catch {\r\n // ignore\r\n }\r\n const tenantKeyChanged = currentTenantKeyFromUrl && storedTenantKeyFromProps && currentTenantKeyFromUrl !== storedTenantKeyFromProps;\r\n if (tenantKeyChanged) {\r\n logger.info('OAuth state mismatch due to tenantKey change - expected behavior, starting fresh login');\r\n } else {\r\n logger.error('OAuth state mismatch - redirecting to login');\r\n }\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n markProcessed();\r\n cleanUrlSoft();\r\n setStorage(getStorageKey('state_mismatch'), 'true');\r\n return false;\r\n }\r\n\r\n const codeVerifier = getCodeVerifier();\r\n if (!codeVerifier) {\r\n logger.error('Missing PKCE verifier');\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n markProcessed();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n const clientId = getClientId();\r\n const redirectUri = getRedirectUri();\r\n const tenantId = getTenantId();\r\n\r\n if (!clientId || !redirectUri || !tenantId) {\r\n logger.error('Missing OAuth config during callback');\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n markProcessed();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n // Best practice: skip exchange if we already have a valid token (avoids duplicate / \"code already used\")\r\n const existingToken = getAccessToken();\r\n if (existingToken && !isAccessTokenExpired()) {\r\n logger.debug('Valid token already exists - skipping code exchange');\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrl();\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n\r\n const tokenData = await exchangeCodeForTokens({\r\n code,\r\n codeVerifier,\r\n clientId,\r\n redirectUri,\r\n tenantId,\r\n });\r\n\r\n if (!tokenData?.access_token) {\r\n logger.error('Token exchange returned no access token');\r\n clearProcessing();\r\n clearAllAuthFlags();\r\n cleanUrlSoft();\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, { message: 'No access token returned' });\r\n return false;\r\n }\r\n\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrl();\r\n\r\n logger.info('OAuth callback processed successfully');\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n } catch (err) {\r\n if (axios.isAxiosError(err)) {\r\n const status = err.response?.status;\r\n const responseData = err.response?.data as { error?: string; error_description?: string; details?: string } | undefined;\r\n const errorCode = responseData?.error;\r\n const errorDescription = responseData?.error_description || responseData?.details || '';\r\n\r\n if (\r\n status === 400 &&\r\n errorCode === 'invalid_grant' &&\r\n (String(errorDescription).includes('already used') ||\r\n String(errorDescription).includes('Code not found') ||\r\n String(errorDescription).includes('expired, already used'))\r\n ) {\r\n const existingToken = getAccessToken();\r\n const tokenValid = existingToken && !isAccessTokenExpired();\r\n if (tokenValid) {\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrlSoft();\r\n logger.info('OAuth callback processed successfully (code already used, but token exists)');\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n }\r\n\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, {\r\n error: err.message,\r\n message: responseData?.error_description ?? err.message,\r\n });\r\n logger.error('OAuth callback failed (Axios error)', {\r\n status,\r\n statusText: err.response?.statusText,\r\n responseData: err.response?.data,\r\n message: err.message,\r\n url: err.config?.url,\r\n });\r\n } else {\r\n logger.error('OAuth callback failed', {\r\n error: err instanceof Error ? err.message : String(err),\r\n });\r\n }\r\n\r\n clearAllAuthFlags();\r\n const existingToken = getAccessToken();\r\n const tokenValid = existingToken && !isAccessTokenExpired();\r\n if (tokenValid) {\r\n markProcessed();\r\n cleanUrlSoft();\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, {\r\n error: err instanceof Error ? err.message : String(err),\r\n });\r\n clearProcessing();\r\n if (isCallbackUrl()) cleanUrlSoft();\r\n return false;\r\n }\r\n}\r\n","/**\r\n * Tenant config cache with TTL and in-flight request deduplication.\r\n */\r\n\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { logger } from '../../utils/logger';\r\n\r\nconst DEFAULT_TTL_MS = 5 * 60 * 1000; // 5 minutes\r\n\r\nexport type TenantConfigResolver = (tenantKey: string) => Promise<TenantConfig | null>;\r\n\r\ninterface CacheEntry {\r\n config: TenantConfig;\r\n expiresAt: number;\r\n}\r\n\r\nexport class TenantConfigCache {\r\n private readonly cache = new Map<string, CacheEntry>();\r\n private readonly inFlight = new Map<string, Promise<TenantConfig | null>>();\r\n private readonly ttlMs: number;\r\n\r\n constructor(ttlMs: number = DEFAULT_TTL_MS) {\r\n this.ttlMs = ttlMs;\r\n }\r\n\r\n get(tenantKey: string): TenantConfig | null {\r\n const entry = this.cache.get(tenantKey);\r\n if (!entry) return null;\r\n if (Date.now() >= entry.expiresAt) {\r\n this.cache.delete(tenantKey);\r\n return null;\r\n }\r\n return entry.config;\r\n }\r\n\r\n set(tenantKey: string, config: TenantConfig): void {\r\n this.cache.set(tenantKey, {\r\n config,\r\n expiresAt: Date.now() + this.ttlMs,\r\n });\r\n }\r\n\r\n invalidate(tenantKey?: string): void {\r\n if (tenantKey) {\r\n this.cache.delete(tenantKey);\r\n this.inFlight.delete(tenantKey);\r\n } else {\r\n this.cache.clear();\r\n this.inFlight.clear();\r\n }\r\n }\r\n\r\n async getOrResolve(\r\n tenantKey: string,\r\n resolver: TenantConfigResolver\r\n ): Promise<TenantConfig | null> {\r\n if (!tenantKey || !tenantKey.trim()) return null;\r\n\r\n const key = tenantKey.trim();\r\n const cached = this.get(key);\r\n if (cached) {\r\n logger.debug('Tenant config from cache', { tenantKey: key });\r\n return cached;\r\n }\r\n\r\n const existing = this.inFlight.get(key);\r\n if (existing) {\r\n logger.debug('Tenant resolution reused (in-flight)', { tenantKey: key });\r\n return existing;\r\n }\r\n\r\n const promise = (async (): Promise<TenantConfig | null> => {\r\n try {\r\n const config = await resolver(key);\r\n if (config) this.set(key, config);\r\n return config;\r\n } finally {\r\n this.inFlight.delete(key);\r\n }\r\n })();\r\n\r\n this.inFlight.set(key, promise);\r\n return promise;\r\n }\r\n}\r\n","/**\r\n * Tenant resolution helpers: API + ENV fallback + props merge.\r\n * Uses TenantConfigCache for TTL and deduplication.\r\n */\r\n\r\nimport { extractTenantKeyFromUrl } from '../../domain/tenant';\r\nimport { getEnvConfig } from '../../config';\r\nimport { getStorage, removeStorage, getStorageKey } from '../storage/index';\r\nimport { logger } from '../../utils/logger';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport type { ConfigProvider, TenantResolver, CurrentUrl } from '../runtime/types';\r\nimport { TenantConfigCache } from './TenantConfigCache';\r\n\r\nconst defaultTenantConfigCache = new TenantConfigCache();\r\n\r\nexport function getTenantKeyFromRuntime(\r\n url: CurrentUrl,\r\n config: ConfigProvider\r\n): string | null {\r\n try {\r\n const propsConfigStr = getStorage(getStorageKey('props_config'));\r\n if (propsConfigStr) {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n if (propsConfig.tenantKey?.trim()) return propsConfig.tenantKey.trim();\r\n return null;\r\n }\r\n } catch {\r\n // continue to URL extraction\r\n }\r\n return extractTenantKeyFromUrl(url, config, getStorage, getStorageKey);\r\n}\r\n\r\nfunction getPropsConfig(): Record<string, string> | null {\r\n try {\r\n const propsConfigStr = getStorage(getStorageKey('props_config'));\r\n if (!propsConfigStr) return null;\r\n\r\n const parsed = JSON.parse(propsConfigStr);\r\n if (parsed && typeof parsed === 'object' && 'authServerUrl' in parsed) {\r\n delete (parsed as Record<string, unknown>).authServerUrl;\r\n }\r\n return parsed;\r\n } catch {\r\n removeStorage(getStorageKey('props_config'));\r\n return null;\r\n }\r\n}\r\n\r\nfunction mergeConfigWithProps(\r\n apiEnvConfig: TenantConfig,\r\n propsConfig: Record<string, string>,\r\n tenantKey: string | null\r\n): TenantConfig {\r\n return {\r\n tenantId: propsConfig.tenantId || apiEnvConfig.tenantId,\r\n authServer: apiEnvConfig.authServer,\r\n tenantKey: tenantKey || apiEnvConfig.tenantKey,\r\n client: {\r\n clientId: propsConfig.clientId || apiEnvConfig.client.clientId,\r\n redirectUri: apiEnvConfig.client.redirectUri,\r\n scopes: apiEnvConfig.client.scopes,\r\n },\r\n };\r\n}\r\n\r\nasync function buildTenantConfigFromEnv(): Promise<TenantConfig | null> {\r\n const envConfig = await getEnvConfig();\r\n if (!envConfig) return null;\r\n return {\r\n tenantId: envConfig.tenantId,\r\n authServer: envConfig.authServerUrl,\r\n client: {\r\n clientId: envConfig.clientId,\r\n redirectUri: envConfig.redirectUri,\r\n scopes: 'openid profile email',\r\n },\r\n };\r\n}\r\n\r\nexport async function resolveTenantConfig(\r\n tenantKey: string | null,\r\n tenantResolver: TenantResolver\r\n): Promise<TenantConfig | null> {\r\n if (!tenantKey) return null;\r\n\r\n const propsConfig = getPropsConfig();\r\n let apiEnvConfig: TenantConfig | null = null;\r\n let apiResolved = false;\r\n\r\n apiEnvConfig = await tenantResolver.resolve(tenantKey);\r\n apiResolved = !!apiEnvConfig;\r\n\r\n if (!apiEnvConfig) {\r\n apiEnvConfig = await buildTenantConfigFromEnv();\r\n }\r\n if (!apiEnvConfig) return null;\r\n\r\n if (!apiResolved && propsConfig) {\r\n const mergedConfig = mergeConfigWithProps(apiEnvConfig, propsConfig, tenantKey);\r\n removeStorage(getStorageKey('props_config'));\r\n logger.info('Merged props config with ENV fallback config');\r\n return mergedConfig;\r\n }\r\n\r\n removeStorage(getStorageKey('props_config'));\r\n\r\n return {\r\n ...apiEnvConfig,\r\n tenantKey: tenantKey || apiEnvConfig.tenantKey,\r\n };\r\n}\r\n\r\nexport async function resolveTenantConfigCached(\r\n tenantKey: string | null,\r\n tenantResolver: TenantResolver\r\n): Promise<TenantConfig | null> {\r\n if (!tenantKey) return null;\r\n return defaultTenantConfigCache.getOrResolve(tenantKey, (key) =>\r\n resolveTenantConfig(key, tenantResolver)\r\n );\r\n}\r\n\r\nexport function getTenantConfigCache(): TenantConfigCache {\r\n return defaultTenantConfigCache;\r\n}\r\n","/**\r\n * Force login flow: after logout, clear callback URL if needed, resolve tenant, initiate auth.\r\n */\r\n\r\nimport { isCallbackUrlFromUrl } from '../../domain/tenant';\r\nimport { clearFlowFlags } from '../lifecycle-state';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { handleCallback } from '../../strategies/oauth2-pkce/callback';\r\nimport { getTenantKeyFromRuntime, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class ForceLoginFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { urlProvider, logger: log } = runtime;\r\n const getUrl = () => urlProvider.getCurrentUrl();\r\n\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n await handleCallback();\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n log.warn('Callback URL still present after cleanup, forcing URL clean');\r\n const u = getUrl();\r\n urlProvider.redirect(`${u.origin}${u.pathname}`);\r\n return { completed: true };\r\n }\r\n }\r\n\r\n clearFlowFlags();\r\n\r\n const tenantKey = getTenantKeyFromRuntime(getUrl(), runtime.configProvider);\r\n if (!tenantKey) return { completed: true };\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n log.error('Tenant config resolution failed for force login', { tenantKey });\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Callback flow: run callback handling (validate state/code, exchange or skip, clean URL).\r\n */\r\n\r\nimport { clearFlowFlags, isCallbackProcessing } from '../lifecycle-state';\r\nimport { handleCallback } from '../../strategies/oauth2-pkce/callback';\r\nimport { isCallbackUrlFromUrl } from '../../domain/tenant';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class CallbackFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { urlProvider, logger: log } = runtime;\r\n const getUrl = () => urlProvider.getCurrentUrl();\r\n\r\n clearFlowFlags();\r\n\r\n const handled = await handleCallback();\r\n if (handled) {\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n if (isCallbackProcessing()) return { completed: true };\r\n const u = getUrl();\r\n urlProvider.redirect(`${u.origin}${u.pathname}`);\r\n return { completed: true };\r\n }\r\n return { completed: true };\r\n }\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n const u = getUrl();\r\n urlProvider.redirect(`${u.origin}${u.pathname}`);\r\n }\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Authenticated flow: valid token exists, no action needed.\r\n */\r\n\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class AuthenticatedFlow implements IAuthFlow {\r\n async execute(_context: FlowContext): Promise<FlowResult> {\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Default auth engine ref for backward compatibility.\r\n */\r\n\r\nimport type { AuthEngine } from './types';\r\n\r\nlet defaultEngine: AuthEngine | null = null;\r\n\r\nexport function getDefaultAuthEngine(): AuthEngine | null {\r\n return defaultEngine;\r\n}\r\n\r\nexport function setDefaultAuthEngine(engine: AuthEngine | null): void {\r\n defaultEngine = engine;\r\n}\r\n","/**\r\n * Token API: facades for public API.\r\n * ensureValidAccessToken delegates to default engine when set; otherwise uses strategy refresh.\r\n */\r\n\r\nimport {\r\n getRefreshToken,\r\n isAccessTokenExpired,\r\n getAccessToken as getStoredAccessToken,\r\n} from '../infrastructure/storage/index';\r\nimport { getDefaultAuthEngine } from './engine/defaultEngine';\r\nimport { logger } from '../utils/logger';\r\nimport { refreshAccessToken as strategyRefreshAccessToken } from '../strategies/oauth2-pkce/token-exchange';\r\n\r\nexport { refreshAccessToken } from '../strategies/oauth2-pkce/token-exchange';\r\nexport type { ExchangeTokenParams } from '../strategies/oauth2-pkce/token-exchange';\r\n\r\nexport async function ensureValidAccessToken(): Promise<string> {\r\n const engine = getDefaultAuthEngine();\r\n if (engine) {\r\n try {\r\n return await engine.getAccessToken();\r\n } catch {\r\n // Fall through to strategy refresh\r\n }\r\n }\r\n\r\n const token = getStoredAccessToken();\r\n if (token && !isAccessTokenExpired()) return token;\r\n\r\n const refreshToken = getRefreshToken();\r\n if (!refreshToken) {\r\n logger.debug('No refresh token - cannot refresh; login required');\r\n throw new Error('No refresh token; login required');\r\n }\r\n\r\n return await strategyRefreshAccessToken();\r\n}\r\n\r\nexport function getAccessToken(): string | null {\r\n return getStoredAccessToken();\r\n}\r\n","/**\r\n * Refresh flow: ensureValidAccessToken (refresh only); on failure fall through to login required.\r\n */\r\n\r\nimport { ensureValidAccessToken } from '../token';\r\nimport { logger } from '../../utils/logger';\r\nimport { getTenantKeyFromRuntime, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { setTenantKey } from '../../infrastructure/storage/index';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class RefreshFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { logger: log } = runtime;\r\n const getUrl = () => runtime.urlProvider.getCurrentUrl();\r\n\r\n log.debug('Token expired, attempting to refresh...');\r\n\r\n try {\r\n const refreshedToken = await ensureValidAccessToken();\r\n if (refreshedToken) {\r\n logger.debug('Token refreshed successfully, bootstrap complete');\r\n return { completed: true };\r\n }\r\n } catch (error) {\r\n logger.warn('Token refresh failed, will trigger new auth flow', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n const tenantKey = getTenantKeyFromRuntime(getUrl(), runtime.configProvider);\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant',\r\n new Error('Tenant key missing')\r\n );\r\n }\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Tenant switch flow: resolve new tenant, set tenant key, store config, initiate auth.\r\n */\r\n\r\nimport { getStorage, removeStorage, getStorageKey, setTenantKey } from '../../infrastructure/storage/index';\r\nimport { getTenantKeyFromRuntime, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { emitAuthEvent, AuthEventNames } from '../events/AuthEvents';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class TenantSwitchFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { urlProvider, logger: log } = runtime;\r\n const getUrl = () => urlProvider.getCurrentUrl();\r\n\r\n const newTenantKey = getStorage(getStorageKey('new_tenant_key'));\r\n log.info('Tenant switch detected - starting fresh login', { newTenantKey });\r\n emitAuthEvent(AuthEventNames.TENANT_SWITCHED, { tenantKey: newTenantKey ?? undefined });\r\n\r\n removeStorage(getStorageKey('tenant_switched'));\r\n removeStorage(getStorageKey('new_tenant_key'));\r\n\r\n const tenantKey = newTenantKey || getTenantKeyFromRuntime(getUrl(), runtime.configProvider);\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant after switch',\r\n new Error('Tenant key missing after switch')\r\n );\r\n }\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration after switch',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Normal login flow: resolve tenant, store config, initiate auth.\r\n */\r\n\r\nimport {\r\n getStorage,\r\n removeStorage,\r\n getStorageKey,\r\n setTenantKey,\r\n getAccessToken,\r\n} from '../../infrastructure/storage/index';\r\nimport { clearCallbackProcessing } from '../lifecycle-state';\r\nimport { getTenantKeyFromRuntime, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class LoginFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { logger: log } = runtime;\r\n const getUrl = () => runtime.urlProvider.getCurrentUrl();\r\n\r\n const callbackProcessed = getStorage(getStorageKey('callback_processed')) === 'true';\r\n const token = getAccessToken();\r\n if (callbackProcessed && !token) {\r\n log.warn('Callback processed but token still not available - clearing flag and allowing fresh login');\r\n removeStorage(getStorageKey('callback_processed'));\r\n clearCallbackProcessing();\r\n }\r\n\r\n const wasStateMismatch = getStorage(getStorageKey('state_mismatch')) === 'true';\r\n if (wasStateMismatch) removeStorage(getStorageKey('state_mismatch'));\r\n\r\n const tenantKey = getTenantKeyFromRuntime(getUrl(), runtime.configProvider);\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant',\r\n new Error('Tenant key missing')\r\n );\r\n }\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Returns the flow instance for a given auth lifecycle state.\r\n */\r\n\r\nimport { AuthLifecycleState } from '../../domain/auth-lifecycle';\r\nimport type { IAuthFlow } from './types';\r\nimport { ForceLoginFlow } from './ForceLoginFlow';\r\nimport { CallbackFlow } from './CallbackFlow';\r\nimport { AuthenticatedFlow } from './AuthenticatedFlow';\r\nimport { RefreshFlow } from './RefreshFlow';\r\nimport { TenantSwitchFlow } from './TenantSwitchFlow';\r\nimport { LoginFlow } from './LoginFlow';\r\n\r\nconst forceLoginFlow = new ForceLoginFlow();\r\nconst callbackFlow = new CallbackFlow();\r\nconst authenticatedFlow = new AuthenticatedFlow();\r\nconst refreshFlow = new RefreshFlow();\r\nconst tenantSwitchFlow = new TenantSwitchFlow();\r\nconst loginFlow = new LoginFlow();\r\n\r\nexport function getFlowForState(state: AuthLifecycleState): IAuthFlow {\r\n switch (state) {\r\n case AuthLifecycleState.FORCE_LOGIN:\r\n return forceLoginFlow;\r\n case AuthLifecycleState.PROCESSING_CALLBACK:\r\n return callbackFlow;\r\n case AuthLifecycleState.AUTHENTICATED:\r\n return authenticatedFlow;\r\n case AuthLifecycleState.TOKEN_EXPIRED:\r\n return refreshFlow;\r\n case AuthLifecycleState.TENANT_SWITCH:\r\n return tenantSwitchFlow;\r\n case AuthLifecycleState.LOGIN_REQUIRED:\r\n case AuthLifecycleState.INITIALIZING:\r\n case AuthLifecycleState.LOGGED_OUT:\r\n case AuthLifecycleState.ERROR:\r\n default:\r\n return loginFlow;\r\n }\r\n}\r\n","/**\r\n * Internal bootstrap execution: state resolution + single flow.\r\n */\r\n\r\nimport { getAuthRuntime } from '../infrastructure/runtime/context';\r\nimport { isCallbackUrlFromUrl } from '../domain/tenant';\r\nimport {\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n getStorage,\r\n getStorageKey,\r\n getRefreshToken,\r\n} from '../infrastructure/storage/index';\r\nimport {\r\n enforceHttps,\r\n sanitizeErrorMessage,\r\n SanitizedError,\r\n} from '../utils/security';\r\nimport { logger } from '../utils/logger';\r\nimport { resolveAuthLifecycleState } from '../domain/auth-lifecycle';\r\nimport {\r\n isBootstrapInProgress,\r\n setBootstrapInProgress,\r\n clearBootstrapInProgress,\r\n} from './lifecycle-state';\r\nimport { getFlowForState } from './flows/getFlowForState';\r\nimport type { FlowContext } from './flows/types';\r\nimport { emitAuthEvent, AuthEventNames } from './events/AuthEvents';\r\n\r\nfunction createStorageReader() {\r\n return (suffix: string) => getStorage(getStorageKey(suffix));\r\n}\r\n\r\nexport async function runBootstrap(): Promise<void> {\r\n const runtime = getAuthRuntime();\r\n if (!runtime) {\r\n logger.warn(\r\n 'Auth runtime not set; skipping bootstrap. Set runtime via AuthProvider or setAuthRuntime().'\r\n );\r\n return;\r\n }\r\n\r\n if (isBootstrapInProgress()) {\r\n logger.debug('Bootstrap already in progress - skipping duplicate run');\r\n return;\r\n }\r\n\r\n setBootstrapInProgress();\r\n\r\n try {\r\n enforceHttps(true);\r\n\r\n const url = runtime.urlProvider.getCurrentUrl();\r\n const token = getAccessToken();\r\n const expired = isAccessTokenExpired();\r\n const hasValidToken = !!(token && !expired);\r\n const hasToken = !!token;\r\n const hasRefreshToken = !!getRefreshToken();\r\n\r\n const state = resolveAuthLifecycleState({\r\n url,\r\n getStorage: createStorageReader(),\r\n isCallbackUrl: isCallbackUrlFromUrl,\r\n hasValidToken,\r\n hasToken,\r\n hasRefreshToken,\r\n isTokenExpired: expired,\r\n });\r\n\r\n emitAuthEvent(AuthEventNames.BOOTSTRAP_STATE_DETECTED, { state: state as string });\r\n\r\n const flow = getFlowForState(state);\r\n const context: FlowContext = { runtime, url, state };\r\n await flow.execute(context);\r\n } catch (error) {\r\n if (error instanceof SanitizedError) throw error;\r\n const r = getAuthRuntime();\r\n (r?.logger ?? logger).error('Bootstrap failed', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n throw new Error(\r\n sanitizeErrorMessage(error, 'Authentication initialization failed')\r\n );\r\n } finally {\r\n clearBootstrapInProgress();\r\n }\r\n}\r\n","/**\r\n * Session-cleared callback for watchers (cookie/storage).\r\n * Application layer sets this to bootstrap so infrastructure does not depend on application.\r\n */\r\n\r\nlet sessionClearedCallback: (() => void | Promise<void>) | null = null;\r\n\r\nexport function setSessionClearedCallback(cb: (() => void | Promise<void>) | null): void {\r\n sessionClearedCallback = cb;\r\n}\r\n\r\nexport function getSessionClearedCallback(): (() => void | Promise<void>) | null {\r\n return sessionClearedCallback;\r\n}\r\n","/**\r\n * Public bootstrap API. Delegates to default engine.init() when set; otherwise runs runBootstrap().\r\n */\r\n\r\nimport { runBootstrap } from './run-bootstrap';\r\nimport { getDefaultAuthEngine } from './engine/defaultEngine';\r\nimport { setSessionClearedCallback } from '../infrastructure/watchers/callbacks';\r\n\r\nasync function bootstrapImpl(): Promise<void> {\r\n const engine = getDefaultAuthEngine();\r\n if (engine) {\r\n await engine.init();\r\n return;\r\n }\r\n await runBootstrap();\r\n}\r\n\r\nsetSessionClearedCallback(() => bootstrapImpl());\r\n\r\nexport async function bootstrap(): Promise<void> {\r\n return bootstrapImpl();\r\n}\r\n","/**\r\n * Cookie-based authentication utilities\r\n * Strategy layer: cookie auth (cookie names used by cookie-watcher).\r\n */\r\n\r\nexport const COOKIE_NAMES = {\r\n accessToken: 'tenneo_auth_access_token',\r\n refreshToken: 'tenneo_auth_refresh_token',\r\n} as const;\r\n","/**\r\n * Cookie watcher to detect cookie deletion and clear session.\r\n * Infrastructure layer: uses storage and callback; application sets callback to bootstrap.\r\n */\r\n\r\nimport {\r\n clearAuthStorage,\r\n clearAuthSessionStorage,\r\n getStorage,\r\n getStorageKey,\r\n} from '../storage/index';\r\nimport { getSessionClearedCallback } from './callbacks';\r\nimport { logger } from '../../utils/logger';\r\nimport { COOKIE_NAMES } from '../../strategies/cookie/cookie-auth';\r\n\r\nlet isWatching = false;\r\nlet lastCookieSnapshot: string = '';\r\nlet lastCookieMap: Map<string, string> = new Map();\r\nlet watchInterval: ReturnType<typeof setInterval> | null = null;\r\n\r\nfunction getCookieSnapshot(): string {\r\n try {\r\n return document.cookie || '';\r\n } catch {\r\n return '';\r\n }\r\n}\r\n\r\nfunction getCookieNames(): string[] {\r\n try {\r\n const cookies = document.cookie.split(';');\r\n return cookies\r\n .map((cookie) => {\r\n const eqPos = cookie.indexOf('=');\r\n return eqPos > -1 ? cookie.substring(0, eqPos).trim() : cookie.trim();\r\n })\r\n .filter((name) => name.length > 0);\r\n } catch {\r\n return [];\r\n }\r\n}\r\n\r\nfunction getCookieMap(): Map<string, string> {\r\n const cookieMap = new Map<string, string>();\r\n try {\r\n const cookies = document.cookie.split(';');\r\n for (const cookie of cookies) {\r\n const eqPos = cookie.indexOf('=');\r\n if (eqPos > -1) {\r\n const name = cookie.substring(0, eqPos).trim();\r\n const value = cookie.substring(eqPos + 1).trim();\r\n if (name.length > 0) cookieMap.set(name, value);\r\n }\r\n }\r\n } catch {\r\n // Silent fail\r\n }\r\n return cookieMap;\r\n}\r\n\r\nfunction checkCookiesDeleted(): boolean {\r\n try {\r\n const currentSnapshot = getCookieSnapshot();\r\n const currentCookieMap = getCookieMap();\r\n const currentCookies = getCookieNames();\r\n\r\n if (lastCookieSnapshot && !currentSnapshot) {\r\n logger.info('All cookies deleted detected');\r\n return true;\r\n }\r\n\r\n if (lastCookieMap.size > 0) {\r\n const authCookieNames = [\r\n COOKIE_NAMES.accessToken,\r\n COOKIE_NAMES.refreshToken,\r\n 'tenneo_auth',\r\n 'tenneo_auth_access_token',\r\n 'tenneo_auth_refresh_token',\r\n 'auth',\r\n 'session',\r\n 'token',\r\n ];\r\n\r\n const deletedAuthCookies: string[] = [];\r\n for (const [cookieName] of lastCookieMap) {\r\n const isAuthCookie = authCookieNames.some((authName) =>\r\n cookieName.toLowerCase().includes(authName.toLowerCase())\r\n );\r\n if (isAuthCookie && !currentCookieMap.has(cookieName)) {\r\n deletedAuthCookies.push(cookieName);\r\n }\r\n }\r\n if (deletedAuthCookies.length > 0) {\r\n logger.info('Auth cookies deleted detected', {\r\n deletedCookies: deletedAuthCookies,\r\n previousCookieCount: lastCookieMap.size,\r\n currentCookieCount: currentCookieMap.size,\r\n });\r\n return true;\r\n }\r\n\r\n const hadTenneoAuthAccess =\r\n lastCookieMap.has(COOKIE_NAMES.accessToken) ||\r\n lastCookieMap.has('tenneo_auth_access_token');\r\n const hasTenneoAuthAccess =\r\n currentCookieMap.has(COOKIE_NAMES.accessToken) ||\r\n currentCookieMap.has('tenneo_auth_access_token');\r\n if (hadTenneoAuthAccess && !hasTenneoAuthAccess) {\r\n logger.info('tenneo auth access token cookie deleted detected');\r\n return true;\r\n }\r\n\r\n const hadTenneoAuthRefresh =\r\n lastCookieMap.has(COOKIE_NAMES.refreshToken) ||\r\n lastCookieMap.has('tenneo_auth_refresh_token');\r\n const hasTenneoAuthRefresh =\r\n currentCookieMap.has(COOKIE_NAMES.refreshToken) ||\r\n currentCookieMap.has('tenneo_auth_refresh_token');\r\n if (hadTenneoAuthRefresh && !hasTenneoAuthRefresh) {\r\n logger.info('tenneo auth refresh token cookie deleted detected');\r\n return true;\r\n }\r\n\r\n if (\r\n lastCookieMap.size > currentCookieMap.size &&\r\n lastCookieMap.size - currentCookieMap.size >= 1\r\n ) {\r\n const deletedCookies: string[] = [];\r\n for (const [cookieName] of lastCookieMap) {\r\n if (!currentCookieMap.has(cookieName)) deletedCookies.push(cookieName);\r\n }\r\n const deletedAuthCookiesCount = deletedCookies.filter((name) =>\r\n authCookieNames.some((authName) =>\r\n name.toLowerCase().includes(authName.toLowerCase())\r\n )\r\n ).length;\r\n if (deletedAuthCookiesCount > 0) {\r\n logger.info('Auth cookies deleted detected (count-based)', {\r\n deletedCookies,\r\n deletedAuthCount: deletedAuthCookiesCount,\r\n previousCount: lastCookieMap.size,\r\n currentCount: currentCookieMap.size,\r\n });\r\n return true;\r\n }\r\n }\r\n }\r\n\r\n lastCookieSnapshot = currentSnapshot;\r\n lastCookieMap = new Map(currentCookieMap);\r\n return false;\r\n } catch (error) {\r\n logger.warn('Error checking cookies', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n return false;\r\n }\r\n}\r\n\r\nfunction handleCookieDeletion(): void {\r\n try {\r\n logger.info('Cookies deleted detected - clearing session and redirecting to login');\r\n\r\n const forceLoginSet = getStorage(getStorageKey('force_login')) === 'true';\r\n const logoutInProgress = getStorage(getStorageKey('logout_in_progress')) === 'true';\r\n if (forceLoginSet || logoutInProgress) {\r\n logger.debug(\r\n 'Force login or logout in progress - skipping bootstrap from cookie watcher (avoids duplicate by-code API call)'\r\n );\r\n return;\r\n }\r\n\r\n clearAuthStorage();\r\n\r\n try {\r\n if (typeof window !== 'undefined') {\r\n const forceLogin = window.localStorage.getItem(getStorageKey('force_login'));\r\n const logoutInProgressPreserve = window.localStorage.getItem(\r\n getStorageKey('logout_in_progress')\r\n );\r\n clearAuthSessionStorage();\r\n if (forceLogin === 'true')\r\n window.localStorage.setItem(getStorageKey('force_login'), 'true');\r\n if (logoutInProgressPreserve === 'true')\r\n window.localStorage.setItem(getStorageKey('logout_in_progress'), 'true');\r\n } else {\r\n clearAuthSessionStorage();\r\n }\r\n } catch (error) {\r\n logger.warn('Failed to clear sessionStorage', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after cookie deletion', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n });\r\n }\r\n } catch (error) {\r\n logger.error('Error handling cookie deletion', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n}\r\n\r\nexport function startCookieWatcher(): void {\r\n if (isWatching) {\r\n logger.debug('Cookie watcher already running');\r\n return;\r\n }\r\n\r\n isWatching = true;\r\n lastCookieSnapshot = getCookieSnapshot();\r\n lastCookieMap = getCookieMap();\r\n\r\n const initialCookies = getCookieNames();\r\n const authCookies = initialCookies.filter(\r\n (name) =>\r\n name.toLowerCase().includes('tenneo_auth') ||\r\n name.toLowerCase().includes('auth') ||\r\n name.toLowerCase().includes('token')\r\n );\r\n logger.debug('Cookie watcher started', {\r\n initialCookieCount: initialCookies.length,\r\n authCookieCount: authCookies.length,\r\n authCookies,\r\n allCookies: initialCookies,\r\n });\r\n\r\n watchInterval = setInterval(async () => {\r\n const logoutInProgress =\r\n typeof window !== 'undefined' &&\r\n window.localStorage.getItem(getStorageKey('logout_in_progress')) === 'true';\r\n if (logoutInProgress) {\r\n logger.debug('Logout detected. Cookie watcher will not trigger bootstrap.');\r\n lastCookieSnapshot = getCookieSnapshot();\r\n lastCookieMap = getCookieMap();\r\n return;\r\n }\r\n\r\n const cookiesDeleted = checkCookiesDeleted();\r\n if (cookiesDeleted) {\r\n logger.info('Cookies deleted detected by cookie watcher');\r\n if (watchInterval) {\r\n clearInterval(watchInterval);\r\n watchInterval = null;\r\n }\r\n isWatching = false;\r\n\r\n try {\r\n await handleCookieDeletion();\r\n } catch (error) {\r\n logger.error('Error handling cookie deletion, will restart watcher', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n } finally {\r\n queueMicrotask(() => {\r\n if (!isWatching) startCookieWatcher();\r\n });\r\n }\r\n }\r\n }, 1000);\r\n\r\n logger.info('Cookie watcher started - monitoring for cookie deletion');\r\n}\r\n\r\nexport function stopCookieWatcher(): void {\r\n isWatching = false;\r\n if (watchInterval) {\r\n clearInterval(watchInterval);\r\n watchInterval = null;\r\n }\r\n lastCookieSnapshot = '';\r\n logger.debug('Cookie watcher stopped');\r\n}\r\n\r\nexport function resetCookieWatcher(): void {\r\n lastCookieSnapshot = getCookieSnapshot();\r\n lastCookieMap = getCookieMap();\r\n const currentCookies = getCookieNames();\r\n const authCookies = currentCookies.filter(\r\n (name) =>\r\n name.toLowerCase().includes('tenneo_auth') ||\r\n name.toLowerCase().includes('auth') ||\r\n name.toLowerCase().includes('token')\r\n );\r\n logger.debug('Cookie watcher reset', {\r\n currentCookieCount: currentCookies.length,\r\n authCookieCount: authCookies.length,\r\n authCookies,\r\n });\r\n}\r\n","/**\r\n * Storage watcher to detect manual storage clears and restart auth flow.\r\n * Infrastructure layer: uses storage and callback; application sets callback to bootstrap.\r\n */\r\n\r\nimport { STORAGE_KEYS, getStorage, getStorageKey } from '../storage/index';\r\nimport { getSessionClearedCallback } from './callbacks';\r\nimport { logger } from '../../utils/logger';\r\n\r\nlet isWatching = false;\r\nlet lastStorageCheck: string | null = null;\r\nlet storageEventListener: ((event: StorageEvent) => void) | null = null;\r\n\r\nfunction checkStorageCleared(): boolean {\r\n try {\r\n const hasAnyAuthData = Object.values(STORAGE_KEYS).some(\r\n (key: string) => getStorage(key) !== null\r\n );\r\n if (lastStorageCheck === 'had_data' && !hasAnyAuthData) return true;\r\n lastStorageCheck = hasAnyAuthData ? 'had_data' : 'no_data';\r\n return false;\r\n } catch {\r\n return false;\r\n }\r\n}\r\n\r\nfunction handleStorageEvent(event: StorageEvent): void {\r\n if (typeof window !== 'undefined' && event.storageArea === window.sessionStorage) {\r\n const wasCleared = checkStorageCleared();\r\n if (wasCleared) {\r\n logger.info('Detected manual sessionStorage clear! Redirecting to login...');\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after manual clear', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n });\r\n }\r\n }\r\n }\r\n}\r\n\r\nexport function startStorageWatcher(): void {\r\n if (isWatching) return;\r\n\r\n isWatching = true;\r\n checkStorageCleared();\r\n\r\n storageEventListener = handleStorageEvent;\r\n window.addEventListener('storage', storageEventListener);\r\n\r\n const pollInterval = setInterval(() => {\r\n const logoutInProgress =\r\n typeof window !== 'undefined' &&\r\n window.localStorage.getItem(getStorageKey('logout_in_progress')) === 'true';\r\n if (logoutInProgress) {\r\n logger.debug('Logout detected. Storage watcher will not trigger bootstrap.');\r\n return;\r\n }\r\n\r\n const wasCleared = checkStorageCleared();\r\n if (wasCleared) {\r\n logger.info('Detected manual sessionStorage clear (polling)! Redirecting to login...');\r\n clearInterval(pollInterval);\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after manual clear', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n if (!isWatching) startStorageWatcher();\r\n });\r\n }\r\n }\r\n }, 1000);\r\n\r\n (window as unknown as { __tenneo_auth_storage_watcher_interval?: ReturnType<typeof setInterval> }).__tenneo_auth_storage_watcher_interval = pollInterval;\r\n}\r\n\r\nexport function stopStorageWatcher(): void {\r\n isWatching = false;\r\n if (storageEventListener) {\r\n window.removeEventListener('storage', storageEventListener);\r\n storageEventListener = null;\r\n }\r\n const win = window as unknown as { __tenneo_auth_storage_watcher_interval?: ReturnType<typeof setInterval> };\r\n const intervalId = win.__tenneo_auth_storage_watcher_interval;\r\n if (intervalId) {\r\n clearInterval(intervalId);\r\n delete win.__tenneo_auth_storage_watcher_interval;\r\n }\r\n}\r\n","/**\r\n * Shared cookie utilities\r\n * \r\n * SINGLE SOURCE OF TRUTH for cookie clearing\r\n * Prevents duplicate code across logout, storage-watcher, etc.\r\n */\r\n\r\nimport { logger } from './logger';\r\n\r\n/**\r\n * Best-effort removal of non-HttpOnly cookies\r\n * HttpOnly cookies MUST be cleared by server\r\n * \r\n * This function is idempotent - safe to call multiple times\r\n */\r\nexport function clearClientCookies(): void {\r\n try {\r\n const cookies = document.cookie.split(';');\r\n\r\n for (const cookie of cookies) {\r\n const eqPos = cookie.indexOf('=');\r\n const name = eqPos > -1 ? cookie.slice(0, eqPos).trim() : cookie.trim();\r\n\r\n if (!name) continue;\r\n\r\n // Remove cookie for current path\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;\r\n\r\n // Remove cookie for current domain\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=${window.location.hostname}`;\r\n }\r\n\r\n logger.debug('Client-side cookies cleared (best-effort)');\r\n } catch (error) {\r\n logger.warn('Failed to clear client cookies', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n}\r\n","/**\r\n * Logout functionality.\r\n * Sets force_login, clears auth storage; does not redirect (bootstrap handles that).\r\n */\r\n\r\nimport {\r\n clearAllStorage,\r\n getStorage,\r\n removeStorage,\r\n setStorage,\r\n getStorageKey,\r\n} from '../infrastructure/storage/index';\r\nimport { emitAuthEvent, AuthEventNames } from './events/AuthEvents';\r\nimport { stopStorageWatcher } from '../infrastructure/watchers';\r\nimport { stopCookieWatcher, resetCookieWatcher } from '../infrastructure/watchers';\r\nimport { logger } from '../utils/logger';\r\nimport { Config } from '../config';\r\nimport { clearClientCookies } from '../utils/cookies';\r\n\r\nfunction buildUrl(baseUrl: string, path: string): string {\r\n const url = new URL(baseUrl);\r\n const normalizedPath = path.startsWith('/') ? path : `/${path}`;\r\n url.pathname = url.pathname.endsWith('/')\r\n ? `${url.pathname}${normalizedPath.slice(1)}`\r\n : `${url.pathname}${normalizedPath}`;\r\n return url.toString();\r\n}\r\n\r\ninterface LogoutResponse {\r\n success?: boolean;\r\n message?: string;\r\n logout?: boolean;\r\n}\r\n\r\nasync function callServerLogout(logoutUrl: string): Promise<{\r\n success: boolean;\r\n response?: LogoutResponse;\r\n}> {\r\n try {\r\n const response = await fetch(logoutUrl, {\r\n method: 'POST',\r\n headers: {\r\n 'Content-Type': 'application/x-www-form-urlencoded',\r\n 'X-Requested-With': 'XMLHttpRequest',\r\n Accept: 'application/json',\r\n },\r\n credentials: 'include',\r\n });\r\n const data = (await response.json().catch(() => ({}))) as LogoutResponse;\r\n logger.info('Server logout response (POST)', { response: data });\r\n if (data && (data.success === true || data.logout === true)) {\r\n return { success: true, response: data };\r\n }\r\n logger.warn('Server logout response invalid (POST)', { response: data });\r\n return { success: false, response: data };\r\n } catch (error) {\r\n logger.debug('POST logout failed, trying GET', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n try {\r\n const response = await fetch(logoutUrl, {\r\n method: 'GET',\r\n headers: {\r\n 'X-Requested-With': 'XMLHttpRequest',\r\n Accept: 'application/json',\r\n },\r\n credentials: 'include',\r\n });\r\n const data = (await response.json().catch(() => ({}))) as LogoutResponse;\r\n logger.info('Server logout response (GET)', { response: data });\r\n if (data && (data.success === true || data.logout === true)) {\r\n return { success: true, response: data };\r\n }\r\n logger.warn('Server logout response invalid (GET)', { response: data });\r\n return { success: false, response: data };\r\n } catch (getError) {\r\n logger.warn('Server logout failed (both POST and GET)', {\r\n postError: error instanceof Error ? error.message : String(error),\r\n getError: getError instanceof Error ? getError.message : String(getError),\r\n });\r\n return { success: false };\r\n }\r\n }\r\n}\r\n\r\nfunction performLocalLogoutCleanup(): void {\r\n logger.debug('Performing local logout cleanup');\r\n clearClientCookies();\r\n clearAllStorage();\r\n logger.info('Local logout cleanup completed');\r\n}\r\n\r\nexport async function logout(tenantKey?: string): Promise<{\r\n success: boolean;\r\n message: string;\r\n serverResponse?: LogoutResponse;\r\n}> {\r\n setStorage(getStorageKey('logout_in_progress'), 'true');\r\n setStorage(getStorageKey('force_login'), 'true');\r\n if (tenantKey?.trim()) setStorage(getStorageKey('preserved_tenant_key'), tenantKey.trim());\r\n\r\n if (getStorage(getStorageKey('logout_processing')) === 'true') {\r\n logger.debug('Logout already in progress – skipping duplicate call');\r\n return { success: true, message: 'Logout already in progress.' };\r\n }\r\n\r\n setStorage(getStorageKey('logout_processing'), 'true');\r\n\r\n try {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n\r\n const apiAuthBaseUrl = Config.getApiAuthBaseUrl();\r\n let serverLogoutSuccess = false;\r\n let serverResponse: LogoutResponse | undefined;\r\n\r\n if (apiAuthBaseUrl) {\r\n const logoutUrl = buildUrl(apiAuthBaseUrl, 'account/logout');\r\n logger.info('Calling auth server logout', { logoutUrl });\r\n const logoutResult = await callServerLogout(logoutUrl);\r\n serverLogoutSuccess = logoutResult.success;\r\n serverResponse = logoutResult.response;\r\n }\r\n\r\n performLocalLogoutCleanup();\r\n\r\n const preservedTenantKey = getStorage(getStorageKey('preserved_tenant_key'));\r\n if (preservedTenantKey) {\r\n setStorage(getStorageKey('props_config'), JSON.stringify({ tenantKey: preservedTenantKey }));\r\n removeStorage(getStorageKey('preserved_tenant_key'));\r\n }\r\n\r\n resetCookieWatcher();\r\n removeStorage(getStorageKey('logout_processing'));\r\n\r\n logger.info('Logout completed – flags set, storage cleared, fresh login required', {\r\n serverLogoutSuccess,\r\n serverResponse,\r\n });\r\n emitAuthEvent(AuthEventNames.LOGOUT_COMPLETED, {\r\n message: serverLogoutSuccess ? 'Server logout success' : 'Local logout only',\r\n });\r\n\r\n return {\r\n success: true,\r\n message: serverLogoutSuccess\r\n ? serverResponse?.message || 'Logout successful. Session cookies cleared. Fresh login required.'\r\n : 'Logged out locally. Fresh login required (server logout may have failed).',\r\n serverResponse,\r\n };\r\n } catch (error) {\r\n logger.error('Logout failed unexpectedly', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n performLocalLogoutCleanup();\r\n\r\n const preservedTenantKey = getStorage(getStorageKey('preserved_tenant_key'));\r\n if (preservedTenantKey) {\r\n setStorage(getStorageKey('props_config'), JSON.stringify({ tenantKey: preservedTenantKey }));\r\n removeStorage(getStorageKey('preserved_tenant_key'));\r\n }\r\n removeStorage(getStorageKey('logout_processing'));\r\n\r\n return {\r\n success: true,\r\n message: 'Logged out locally due to an error. Fresh login required.',\r\n };\r\n }\r\n}\r\n","import { createContext, useContext } from 'react';\r\nimport type { AuthContextValue } from '../domain/auth-state';\r\n\r\nexport const AuthContext = createContext<AuthContextValue | undefined>(undefined);\r\n\r\nexport function useAuthContext(): AuthContextValue {\r\n const context = useContext(AuthContext);\r\n if (!context) {\r\n throw new Error('useAuthContext must be used within AuthProvider');\r\n }\r\n return context;\r\n}\r\n","/**\r\n * Tenant resolution API client.\r\n * Resolves tenant configuration via GET /api/tenant/v1/public/tenants/by-code/{tenantCode}.\r\n */\r\n\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { Config, OAUTH_CONSTANTS } from '../../config';\r\nimport { logger } from '../../utils/logger';\r\n\r\nconst ongoingRequests = new Map<string, Promise<TenantConfig | null>>();\r\nconst DEFAULT_SCOPES = OAUTH_CONSTANTS.SCOPES;\r\n\r\nfunction getResolvedTenantBaseUrl(): string {\r\n let base = Config.getApiTenantResolutionBaseUrl();\r\n if (typeof window !== 'undefined' && (!base || base.startsWith('/'))) {\r\n base = window.location.origin + (base || '/api');\r\n }\r\n return base;\r\n}\r\n\r\nconst PUBLIC_CODE_PREFIX = 'public-';\r\n\r\nfunction getTenantByCodeUrl(tenantCode: string): string {\r\n const apiTenantResolutionBaseUrl = getResolvedTenantBaseUrl();\r\n const base = apiTenantResolutionBaseUrl.replace(/\\/api\\/v1\\/?$/, '') || apiTenantResolutionBaseUrl;\r\n return `${base}/api/tenant/v1/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;\r\n}\r\n\r\ninterface TenantData {\r\n id: string;\r\n clientCode: string;\r\n legalName?: string;\r\n redirectUri?: string;\r\n displayName?: string;\r\n domain?: string;\r\n isDomainVerified?: boolean;\r\n status?: string;\r\n onboardedAt?: Record<string, unknown> | string;\r\n}\r\n\r\ninterface TenantByCodeResponse {\r\n success: boolean;\r\n message: string | null;\r\n data: TenantData | null;\r\n errors: unknown[] | null;\r\n errorCode: string | null;\r\n}\r\n\r\nexport async function resolveTenant(tenantKey: string): Promise<TenantConfig | null> {\r\n if (!tenantKey || tenantKey.trim() === '') {\r\n logger.debug('tenantKey is empty or invalid, skipping API call');\r\n return null;\r\n }\r\n\r\n const tenantCode = tenantKey.trim();\r\n const requestKey = `resolveTenant:${tenantCode}`;\r\n if (ongoingRequests.has(requestKey)) {\r\n logger.debug('Tenant resolution reused (in-flight)', { tenantCode });\r\n return ongoingRequests.get(requestKey)!;\r\n }\r\n\r\n logger.info('Tenant resolution API call', { tenantCode });\r\n\r\n const requestPromise = (async (): Promise<TenantConfig | null> => {\r\n try {\r\n const url = getTenantByCodeUrl(tenantCode);\r\n logger.debug('GET tenant by-code', { url });\r\n\r\n let data: unknown;\r\n try {\r\n const response = await fetch(url, { method: 'GET' });\r\n if (!response.ok) throw new Error(`HTTP ${response.status}`);\r\n data = (await response.json()) as TenantByCodeResponse;\r\n logger.debug('API response received', { tenantCode });\r\n } catch (error) {\r\n logger.warn('API call failed', { tenantCode, error });\r\n return null;\r\n }\r\n\r\n if (!data || typeof data !== 'object') return null;\r\n\r\n const res = data as TenantByCodeResponse;\r\n if (!res.success || !res.data) return null;\r\n\r\n const tenant = res.data;\r\n if (!tenant.id || !tenant.clientCode) return null;\r\n\r\n const authServer = Config.getAuthServerUrl();\r\n const redirectUri = Config.getRedirectUri();\r\n if (!authServer || !redirectUri) return null;\r\n\r\n const clientCodeWithPrefix = tenant.clientCode.startsWith(PUBLIC_CODE_PREFIX)\r\n ? tenant.clientCode\r\n : `${PUBLIC_CODE_PREFIX}${tenant.clientCode}`;\r\n\r\n const config: TenantConfig = {\r\n tenantId: tenant.id,\r\n authServer,\r\n tenantKey: tenantCode,\r\n client: {\r\n clientId: tenant.clientCode,\r\n clientCode: clientCodeWithPrefix,\r\n redirectUri,\r\n scopes: DEFAULT_SCOPES,\r\n },\r\n };\r\n logger.debug('Resolved tenant config', { tenantCode });\r\n return config;\r\n } catch (error) {\r\n logger.warn('Unexpected error resolving tenant', { tenantCode, error });\r\n return null;\r\n } finally {\r\n ongoingRequests.delete(requestKey);\r\n }\r\n })();\r\n\r\n ongoingRequests.set(requestKey, requestPromise);\r\n return requestPromise;\r\n}\r\n","/**\r\n * Browser implementations of runtime interfaces.\r\n * Only used when running in a browser; core has no dependency on this module.\r\n */\r\n\r\nimport type { Logger, UrlProvider, CurrentUrl, ConfigProvider, CookieClearer, TenantResolver } from '../infrastructure/runtime/types';\r\nimport { Config } from '../config';\r\nimport { resolveTenant } from '../infrastructure/tenant/tenant.api';\r\n\r\nexport function createConsoleLogger(): Logger {\r\n return {\r\n info(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.info(message, meta ?? '');\r\n },\r\n warn(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.warn(message, meta ?? '');\r\n },\r\n error(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.error(message, meta ?? '');\r\n },\r\n debug(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.debug(message, meta ?? '');\r\n },\r\n };\r\n}\r\n\r\nexport function createBrowserUrlProvider(): UrlProvider {\r\n return {\r\n getCurrentUrl(): CurrentUrl {\r\n if (typeof window === 'undefined') {\r\n return { href: '', origin: '', pathname: '/', search: '', hostname: '' };\r\n }\r\n const w = window;\r\n const loc = w.location;\r\n return {\r\n href: loc.href,\r\n origin: loc.origin,\r\n pathname: loc.pathname,\r\n search: loc.search,\r\n hostname: loc.hostname,\r\n };\r\n },\r\n redirect(url: string): void {\r\n if (typeof window !== 'undefined') window.location.replace(url);\r\n },\r\n replaceState(url: string): void {\r\n if (typeof window === 'undefined') return;\r\n try {\r\n const title = typeof document !== 'undefined' ? document.title : '';\r\n window.history.replaceState({}, title, url);\r\n } catch {\r\n // ignore\r\n }\r\n },\r\n };\r\n}\r\n\r\n/** ConfigProvider backed by existing Config (which may use window.__APP_CONFIG__). */\r\nexport function createConfigProvider(): ConfigProvider {\r\n return {\r\n getApiBaseUrl: () => Config.getApiAuthBaseUrl(),\r\n getAuthServerUrl: () => Config.getAuthServerUrl(),\r\n getRedirectUri: () => Config.getRedirectUri(),\r\n getClientId: () => Config.getClientId(),\r\n getTenantId: () => Config.getTenantId(),\r\n getClientCode: () => Config.getClientCode(),\r\n getBasePath: () => Config.getBasePath(),\r\n };\r\n}\r\n\r\nexport function createTenantResolver(): TenantResolver {\r\n return { resolve: (tenantKey: string) => resolveTenant(tenantKey) };\r\n}\r\n\r\nexport function createBrowserCookieClearer(): CookieClearer {\r\n return {\r\n clearCookies(): void {\r\n if (typeof document === 'undefined' || typeof window === 'undefined') return;\r\n try {\r\n const cookies = document.cookie.split(';');\r\n cookies.forEach((cookie) => {\r\n const eqPos = cookie.indexOf('=');\r\n const name = eqPos > -1 ? cookie.substring(0, eqPos).trim() : cookie.trim();\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;\r\n const domain = window.location.hostname;\r\n const parts = domain.split('.');\r\n if (parts.length > 1) {\r\n const parentDomain = '.' + parts.slice(-2).join('.');\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=${parentDomain}`;\r\n }\r\n });\r\n } catch {\r\n // silent\r\n }\r\n },\r\n };\r\n}\r\n","/**\r\n * OAuth2 PKCE implementation of AuthStrategy.\r\n * Wraps initiateAuthFlow, handleCallback, refreshAccessToken, and logout.\r\n */\r\n\r\nimport type { AuthStrategy } from '../../strategies/auth-strategy.interface';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { storeTenantConfig, initiateAuthFlow } from './oauth';\r\nimport { handleCallback } from './callback';\r\nimport { refreshAccessToken } from './token-exchange';\r\nimport { logout as performLogout } from '../../application/logout';\r\n\r\nexport function createOAuth2PkceStrategy(): AuthStrategy {\r\n return {\r\n async initiate(tenantConfig: TenantConfig): Promise<void> {\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n },\r\n\r\n async handleCallback(): Promise<boolean> {\r\n return handleCallback();\r\n },\r\n\r\n async refresh(): Promise<string> {\r\n return refreshAccessToken();\r\n },\r\n\r\n async logout(options?: { tenantKey?: string }): Promise<void> {\r\n await performLogout(options?.tenantKey);\r\n },\r\n };\r\n}\r\n","/**\r\n * Simple EventBus for engine state updates.\r\n */\r\n\r\nimport type { AuthEngineState, AuthStateListener } from './types';\r\n\r\nexport function createEventBus(): {\r\n subscribe(listener: AuthStateListener): () => void;\r\n emit(state: AuthEngineState): void;\r\n} {\r\n const listeners = new Set<AuthStateListener>();\r\n\r\n return {\r\n subscribe(listener: AuthStateListener): () => void {\r\n listeners.add(listener);\r\n return () => listeners.delete(listener);\r\n },\r\n emit(state: AuthEngineState): void {\r\n listeners.forEach((fn) => {\r\n try {\r\n fn(state);\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n },\r\n };\r\n}\r\n","/**\r\n * Creates the auth engine. No React, no direct browser usage.\r\n */\r\n\r\nimport { setAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport { runBootstrap } from '../run-bootstrap';\r\nimport { createOAuth2PkceStrategy } from '../../strategies/oauth2-pkce/OAuth2PkceStrategy';\r\nimport { ensureValidAccessToken } from '../token';\r\nimport {\r\n getAccessToken,\r\n getExpiresAt,\r\n isAccessTokenExpired,\r\n} from '../../infrastructure/storage/index';\r\nimport { createEventBus } from './eventBus';\r\nimport type { AuthEngine, AuthEngineConfig, AuthEngineState } from './types';\r\n\r\nfunction stateEquals(a: AuthEngineState, b: AuthEngineState): boolean {\r\n return (\r\n a.status === b.status &&\r\n a.accessToken === b.accessToken &&\r\n a.expiresAt === b.expiresAt &&\r\n a.error === b.error\r\n );\r\n}\r\n\r\nfunction deriveState(config: AuthEngineConfig): AuthEngineState {\r\n setAuthRuntime(config);\r\n const accessToken = getAccessToken();\r\n const expiresAt = getExpiresAt();\r\n const expired = isAccessTokenExpired();\r\n\r\n if (accessToken && !expired) {\r\n return {\r\n status: 'authenticated',\r\n accessToken,\r\n expiresAt,\r\n error: null,\r\n };\r\n }\r\n if (accessToken && expired) {\r\n return {\r\n status: 'error',\r\n accessToken,\r\n expiresAt,\r\n error: 'Token expired',\r\n };\r\n }\r\n return {\r\n status: 'unauthenticated',\r\n accessToken: null,\r\n expiresAt: null,\r\n error: null,\r\n };\r\n}\r\n\r\nexport function createAuthEngine(config: AuthEngineConfig): AuthEngine {\r\n const frozenConfig = Object.freeze({ ...config }) as AuthEngineConfig;\r\n const bus = createEventBus();\r\n let lastEmittedState: AuthEngineState | null = null;\r\n const strategy = frozenConfig.strategy ?? createOAuth2PkceStrategy();\r\n\r\n const emitState = (): void => {\r\n const next = deriveState(frozenConfig);\r\n if (lastEmittedState !== null && stateEquals(lastEmittedState, next)) return;\r\n lastEmittedState = next;\r\n bus.emit(next);\r\n };\r\n\r\n return {\r\n async init(): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine init: running bootstrap');\r\n await runBootstrap();\r\n emitState();\r\n },\r\n\r\n async login(): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine login: running bootstrap (may redirect)');\r\n await runBootstrap();\r\n emitState();\r\n },\r\n\r\n async logout(options?: { tenantKey?: string }): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine logout');\r\n await strategy.logout(options);\r\n emitState();\r\n },\r\n\r\n async refresh(): Promise<string> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine refresh');\r\n try {\r\n const token = await strategy.refresh();\r\n emitState();\r\n return token;\r\n } catch (e) {\r\n emitState();\r\n throw e;\r\n }\r\n },\r\n\r\n async getAccessToken(): Promise<string> {\r\n setAuthRuntime(frozenConfig);\r\n return ensureValidAccessToken();\r\n },\r\n\r\n async handleCallback(): Promise<boolean> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine handleCallback');\r\n const handled = await strategy.handleCallback();\r\n emitState();\r\n return handled;\r\n },\r\n\r\n subscribe(listener) {\r\n return bus.subscribe(listener);\r\n },\r\n\r\n getState(): AuthEngineState {\r\n return deriveState(frozenConfig);\r\n },\r\n };\r\n}\r\n","/**\n * React Context Provider for authentication state (FINAL)\n */\n\nimport React, { useState, useEffect, useLayoutEffect, useCallback, useMemo, useRef } from 'react';\nimport {\n getAccessToken as getStoredAccessToken,\n isAccessTokenExpired,\n} from '../infrastructure/storage/index';\nimport {\n startStorageWatcher,\n stopStorageWatcher,\n} from '../infrastructure/watchers';\nimport {\n startCookieWatcher,\n stopCookieWatcher,\n resetCookieWatcher,\n} from '../infrastructure/watchers';\nimport type { AuthContextValue, AuthState } from '../domain/auth-state';\nimport { AuthContext, useAuthContext } from './AuthContext';\nimport { Config, setConfig as setSDKConfig, clearConfigOverrides } from '../config';\nimport {\n setStorageContext,\n createSecureSessionStorageAdapter,\n setStorageKeyPrefix,\n getStorageKey,\n type StorageAdapter,\n} from '../infrastructure/storage/index';\nimport { setAuthRuntime } from '../infrastructure/runtime/context';\nimport {\n createConsoleLogger,\n createBrowserUrlProvider,\n createConfigProvider,\n createTenantResolver,\n createBrowserCookieClearer,\n} from '../browser/adapters';\nimport { getStorage, setStorage, removeStorage } from '../infrastructure/storage/index';\nimport { clearFlowFlags, clearCallbackProcessing } from '../application/lifecycle-state';\nimport { createAuthEngine } from '../application/engine/createEngine';\nimport { setDefaultAuthEngine } from '../application/engine/defaultEngine';\nimport type { AuthEngine } from '../application/engine/types';\nimport { logger } from '../utils/logger';\n\ninterface AuthProviderProps {\n children: React.ReactNode;\n autoInit?: boolean;\n /** Tenant code from host app (used to resolve tenant via GET /api/tenant/v1/public/tenants/by-code/{tenantCode}). */\n tenantCode?: string;\n /** App id for storage namespacing (auth_${tenantId}_${appId}_*). */\n appId?: string;\n /** Optional storage adapter; default is SecureSessionStorageAdapter with namespacing. */\n storageAdapter?: StorageAdapter | null;\n}\n\n/**\n * AuthProvider – UI-facing auth state only\n */\nexport function AuthProvider({\n children,\n autoInit = true,\n tenantCode,\n appId = '',\n storageAdapter,\n}: AuthProviderProps): React.JSX.Element {\n const resolvedTenantKey = tenantCode ?? Config.getClientCode();\n const namespace = useMemo(\n () => ({ tenantId: resolvedTenantKey ?? '', appId: appId ?? '' }),\n [resolvedTenantKey, appId]\n );\n const initRanRef = useRef(false);\n const engineRef = useRef<AuthEngine | null>(null);\n\n useLayoutEffect(() => {\n if (tenantCode) {\n setSDKConfig({ CLIENTCODE: tenantCode });\n }\n return () => {\n clearConfigOverrides();\n };\n }, [tenantCode]);\n\n useLayoutEffect(() => {\n setStorageKeyPrefix(resolvedTenantKey ?? '');\n const adapter =\n storageAdapter !== undefined && storageAdapter !== null\n ? storageAdapter\n : createSecureSessionStorageAdapter(namespace);\n setStorageContext(adapter, namespace);\n const runtime = {\n storageAdapter: adapter,\n storageNamespace: namespace,\n logger: createConsoleLogger(),\n urlProvider: createBrowserUrlProvider(),\n configProvider: createConfigProvider(),\n tenantResolver: createTenantResolver(),\n clearCookies: createBrowserCookieClearer(),\n };\n setAuthRuntime(runtime);\n engineRef.current = createAuthEngine(runtime);\n setDefaultAuthEngine(engineRef.current);\n return () => {\n setDefaultAuthEngine(null);\n engineRef.current = null;\n setAuthRuntime(null);\n setStorageContext(null, { tenantId: '', appId: '' });\n setStorageKeyPrefix('');\n };\n }, [resolvedTenantKey, appId, storageAdapter]);\n\n // Store tenantCode in sessionStorage so bootstrap can resolve tenant via API (by-code)\n useEffect(() => {\n const resolvedTenantKey = tenantCode ?? Config.getClientCode();\n\n logger.debug('[AuthProvider] Props from host app', {\n tenantCode: tenantCode ?? '(not provided)',\n appId: appId ?? '',\n resolvedTenantKey,\n });\n\n if (resolvedTenantKey) {\n const previousTenantKey = getStorage(getStorageKey('tenant_key'));\n const tenantKeyChanged = previousTenantKey && previousTenantKey !== resolvedTenantKey;\n\n if (tenantKeyChanged) {\n logger.debug('[AuthProvider] Tenant switch detected', { previous: previousTenantKey, next: resolvedTenantKey });\n\n if (typeof window !== 'undefined') {\n const currentUrl = window.location.href;\n const isCallback = currentUrl.includes('code=') || currentUrl.includes('state=');\n if (isCallback) {\n const cleanUrl = window.location.origin + window.location.pathname;\n window.history.replaceState({}, document.title, cleanUrl);\n }\n }\n\n removeStorage(getStorageKey('access_token'));\n removeStorage(getStorageKey('refresh_token'));\n removeStorage(getStorageKey('expires_at'));\n removeStorage(getStorageKey('id_token'));\n removeStorage(getStorageKey('state'));\n removeStorage(getStorageKey('code_verifier'));\n removeStorage(getStorageKey('callback_processed'));\n clearCallbackProcessing();\n clearFlowFlags();\n removeStorage(getStorageKey('tenant_id'));\n if (typeof window !== 'undefined') {\n window.localStorage.removeItem(getStorageKey('force_login'));\n window.localStorage.removeItem(getStorageKey('logout_in_progress'));\n }\n\n setStorage(getStorageKey('props_changed'), 'true');\n setStorage(getStorageKey('tenant_switched'), 'true');\n setStorage(getStorageKey('new_tenant_key'), resolvedTenantKey);\n\n setState({\n isAuthenticated: false,\n accessToken: null,\n isLoading: true,\n error: null,\n });\n } else if (previousTenantKey) {\n logger.debug('[AuthProvider] TenantKey unchanged', { tenantKey: resolvedTenantKey });\n }\n\n // Only tenantCode from host; tenantId and clientId come from tenant API\n setStorage(getStorageKey('props_config'), JSON.stringify({ tenantKey: resolvedTenantKey }));\n setStorage(getStorageKey('tenant_key'), resolvedTenantKey);\n } else {\n logger.debug('[AuthProvider] No tenant code determined');\n }\n }, [tenantCode, appId]);\n\n const [state, setState] = useState<AuthState>({\n isAuthenticated: false,\n accessToken: null,\n isLoading: autoInit,\n error: null,\n });\n\n /**\n * Sync auth state from engine (or storage when engine not yet ready)\n */\n const syncAuthState = useCallback(() => {\n try {\n const engine = engineRef.current;\n let authenticated: boolean;\n let accessToken: string | null;\n let error: string | null = null;\n\n if (engine) {\n const s = engine.getState();\n authenticated = s.status === 'authenticated' && !!s.accessToken;\n accessToken = s.accessToken;\n error = s.error;\n } else {\n accessToken = getStoredAccessToken();\n authenticated = !!accessToken && !isAccessTokenExpired();\n }\n\n setState({\n isAuthenticated: authenticated,\n accessToken,\n isLoading: false,\n error,\n });\n\n if (authenticated) {\n } else {\n stopStorageWatcher();\n stopCookieWatcher();\n }\n } catch (error) {\n stopStorageWatcher();\n stopCookieWatcher();\n setState({\n isAuthenticated: false,\n accessToken: null,\n isLoading: false,\n error: error instanceof Error ? error.message : 'Unknown error',\n });\n }\n }, []);\n\n /**\n * Re-bootstrap when props change indicates tenant switch or config update.\n * This ensures tenantKey changes actually trigger a fresh resolve + login.\n */\n useEffect(() => {\n if (!autoInit) return;\n\n const tenantSwitched = getStorage(getStorageKey('tenant_switched')) === 'true';\n const propsChanged = getStorage(getStorageKey('props_changed')) === 'true';\n if (!tenantSwitched && !propsChanged) return;\n\n let cancelled = false;\n\n const reinit = async () => {\n try {\n await engineRef.current?.init();\n if (!cancelled) {\n syncAuthState();\n }\n } finally {\n removeStorage(getStorageKey('props_changed'));\n }\n };\n\n reinit();\n\n return () => {\n cancelled = true;\n };\n }, [autoInit, tenantCode, syncAuthState]);\n\n /**\n * Bootstrap auth on mount (once). initRanRef avoids double run in React StrictMode.\n */\n useEffect(() => {\n if (!autoInit) {\n setState((prev) => ({ ...prev, isLoading: false }));\n return;\n }\n if (initRanRef.current) return;\n initRanRef.current = true;\n\n let cancelled = false;\n\n const init = async () => {\n try {\n await engineRef.current?.init();\n if (!cancelled) syncAuthState();\n } catch (error) {\n stopStorageWatcher();\n stopCookieWatcher();\n if (!cancelled) {\n setState({\n isAuthenticated: false,\n accessToken: null,\n isLoading: false,\n error: error instanceof Error ? error.message : 'Authentication initialization failed',\n });\n }\n }\n };\n\n init();\n\n return () => {\n cancelled = true;\n initRanRef.current = false;\n stopStorageWatcher();\n stopCookieWatcher();\n };\n }, [autoInit, syncAuthState]);\n\n /**\n * Explicit login (user action)\n */\n const login = useCallback(async () => {\n setState((prev) => ({ ...prev, isLoading: true }));\n await engineRef.current?.login();\n syncAuthState();\n }, [syncAuthState]);\n\n /**\n * Logout – HARD RESET\n */\n const logout = useCallback(async () => {\n stopStorageWatcher();\n stopCookieWatcher();\n setState((prev) => ({ ...prev, isLoading: true }));\n\n try {\n await engineRef.current?.logout({ tenantKey: tenantCode });\n resetCookieWatcher();\n } finally {\n stopStorageWatcher();\n stopCookieWatcher();\n setState({\n isAuthenticated: false,\n accessToken: null,\n isLoading: false,\n error: null,\n });\n }\n }, [tenantCode]);\n\n /**\n * Refresh token explicitly\n */\n const refreshToken = useCallback(async (): Promise<string> => {\n try {\n const newToken = (await engineRef.current?.refresh()) ?? '';\n syncAuthState();\n return newToken;\n } catch (error) {\n await logout();\n throw error;\n }\n }, [syncAuthState, logout]);\n\n /**\n * Get access token (auto-refresh)\n */\n const getValidAccessToken = useCallback(async (): Promise<string> => {\n try {\n const token = await engineRef.current?.getAccessToken();\n if (!token) throw new Error('Not authenticated');\n syncAuthState();\n return token;\n } catch (error) {\n await logout();\n throw error;\n }\n }, [syncAuthState, logout]);\n\n /**\n * Set access token in memory/context (used by AuthCallback)\n */\n const setTokens = useCallback((accessToken: string): void => {\n setState({\n isAuthenticated: true,\n accessToken,\n isLoading: false,\n error: null,\n });\n }, []);\n\n const contextValue = useMemo<AuthContextValue>(\n () => ({\n ...state,\n login,\n logout,\n refreshToken,\n getAccessToken: getValidAccessToken,\n setTokens,\n }),\n [state, login, logout, refreshToken, getValidAccessToken, setTokens]\n );\n\n return (\n <AuthContext.Provider value={contextValue}>\n {children}\n </AuthContext.Provider>\n );\n}\n\nexport { useAuthContext };\n","import React, { useEffect, useRef, useState } from 'react';\r\nimport { getStorage, getStorageKey, getAccessToken } from '../infrastructure/storage/index';\r\nimport { useAuthContext } from '../context/AuthProvider';\r\nimport { handleCallback } from '../strategies/oauth2-pkce/callback';\r\n\r\nconst PLUGIN_DISPLAY_NAME = 'Tenneo Auth';\r\n\r\ntype StatusState = 'idle' | 'loading' | 'success' | 'error';\r\n\r\ninterface AuthCallbackProps {\r\n loginPath?: string;\r\n successPath?: string;\r\n homePath?: string;\r\n}\r\n\r\nexport function AuthCallback({\r\n loginPath = '/login',\r\n successPath = '/dashboard',\r\n homePath = '/',\r\n}: AuthCallbackProps): React.JSX.Element {\r\n const { setTokens } = useAuthContext();\r\n const handledRef = useRef(false);\r\n const [status, setStatus] = useState<StatusState>('idle');\r\n const [message, setMessage] = useState<string>('');\r\n\r\n useEffect(() => {\r\n if (handledRef.current) return;\r\n handledRef.current = true;\r\n\r\n const urlParams = new URLSearchParams(window.location.search);\r\n const hasCallbackParams = urlParams.has('code') || urlParams.has('error');\r\n\r\n if (!hasCallbackParams) {\r\n window.location.replace(loginPath || homePath);\r\n return;\r\n }\r\n\r\n const error = urlParams.get('error');\r\n const errorDescription = urlParams.get('error_description');\r\n if (error) {\r\n setStatus('error');\r\n setMessage(`${error}: ${errorDescription || 'Authorization failed'}`);\r\n window.history.replaceState({}, document.title, window.location.origin + window.location.pathname);\r\n return;\r\n }\r\n\r\n const runCallback = async () => {\r\n setStatus('loading');\r\n setMessage('Completing sign-in...');\r\n\r\n // Single source of truth: handleCallback() does validation + exchangeCodeForTokens once\r\n const handled = await handleCallback();\r\n\r\n if (handled) {\r\n const token = getAccessToken();\r\n if (token) setTokens(token);\r\n setStatus('success');\r\n setMessage('Authentication successful. Redirecting...');\r\n window.location.replace(successPath);\r\n } else {\r\n setStatus('error');\r\n setMessage('Authentication failed. Please try again.');\r\n window.history.replaceState({}, document.title, window.location.origin + window.location.pathname);\r\n }\r\n };\r\n\r\n runCallback();\r\n }, [homePath, loginPath, successPath, setTokens]);\r\n\r\n const containerStyle: React.CSSProperties = {\r\n minHeight: '200px',\r\n display: 'flex',\r\n flexDirection: 'column',\r\n alignItems: 'center',\r\n justifyContent: 'center',\r\n padding: 32,\r\n fontFamily: 'system-ui, -apple-system, Segoe UI, Roboto, sans-serif',\r\n textAlign: 'center',\r\n };\r\n\r\n const titleStyle: React.CSSProperties = {\r\n margin: 0,\r\n fontSize: '1.25rem',\r\n fontWeight: 600,\r\n color: '#1a1a1a',\r\n marginBottom: 8,\r\n };\r\n\r\n const messageStyle: React.CSSProperties = {\r\n margin: 0,\r\n fontSize: '0.9375rem',\r\n color: '#555',\r\n lineHeight: 1.5,\r\n maxWidth: 360,\r\n };\r\n\r\n const errorBoxStyle: React.CSSProperties = {\r\n marginTop: 16,\r\n padding: '12px 16px',\r\n backgroundColor: '#fef2f2',\r\n border: '1px solid #fecaca',\r\n borderRadius: 8,\r\n color: '#991b1b',\r\n fontSize: '0.875rem',\r\n maxWidth: 360,\r\n };\r\n\r\n const retryLinkStyle: React.CSSProperties = {\r\n marginTop: 16,\r\n fontSize: '0.875rem',\r\n color: '#2563eb',\r\n textDecoration: 'none',\r\n cursor: 'pointer',\r\n };\r\n\r\n const spinnerStyle: React.CSSProperties = {\r\n width: 28,\r\n height: 28,\r\n border: '3px solid #e5e7eb',\r\n borderTopColor: '#2563eb',\r\n borderRadius: '50%',\r\n animation: 'auth-callback-spin 0.8s linear infinite',\r\n marginBottom: 16,\r\n };\r\n\r\n const pluginNameStyle: React.CSSProperties = {\r\n position: 'absolute',\r\n top: 24,\r\n left: '50%',\r\n transform: 'translateX(-50%)',\r\n margin: 0,\r\n fontSize: '0.875rem',\r\n fontWeight: 600,\r\n color: '#6b7280',\r\n letterSpacing: '0.02em',\r\n };\r\n\r\n return (\r\n <div style={{ ...containerStyle, position: 'relative' }}>\r\n <style>{`@keyframes auth-callback-spin { to { transform: rotate(360deg); } }`}</style>\r\n <p style={pluginNameStyle}>{PLUGIN_DISPLAY_NAME}</p>\r\n {status === 'loading' && (\r\n <>\r\n <div style={spinnerStyle} aria-hidden />\r\n <h2 style={titleStyle}>Signing you in...</h2>\r\n <p style={messageStyle}>Please wait while we complete authentication.</p>\r\n </>\r\n )}\r\n {status === 'success' && (\r\n <>\r\n <h2 style={titleStyle}>Signed in successfully</h2>\r\n <p style={messageStyle}>Redirecting you now.</p>\r\n </>\r\n )}\r\n {status === 'error' && (\r\n <>\r\n <h2 style={{ ...titleStyle, color: '#991b1b' }}>Authentication failed</h2>\r\n <div style={errorBoxStyle}>{message}</div>\r\n <a\r\n href={loginPath}\r\n style={retryLinkStyle}\r\n onClick={(e) => {\r\n e.preventDefault();\r\n window.location.href = loginPath;\r\n }}\r\n >\r\n Try again\r\n </a>\r\n </>\r\n )}\r\n {status === 'idle' && (\r\n <>\r\n <div style={spinnerStyle} aria-hidden />\r\n <h2 style={titleStyle}>Preparing callback...</h2>\r\n <p style={messageStyle}>Setting up authentication.</p>\r\n </>\r\n )}\r\n </div>\r\n );\r\n}\r\n","/**\r\n * useAuth hook for accessing authentication state and methods\r\n */\r\n\r\nimport { useAuthContext } from '../context/AuthProvider';\r\nimport type { AuthContextValue } from '../domain/auth-state';\r\n\r\n/**\r\n * Hook to access authentication state and methods\r\n * @returns Authentication context value\r\n */\r\nexport function useAuth(): AuthContextValue {\r\n return useAuthContext();\r\n}\r\n\r\n","import React, { useEffect, useRef, useState } from 'react';\r\nimport { useAuth } from '../hooks/useAuth';\r\n\r\ninterface ProtectedRouteProps {\r\n children: React.ReactNode;\r\n fallback?: React.ReactNode;\r\n autoLogin?: boolean;\r\n}\r\n\r\nexport function ProtectedRoute({\r\n children,\r\n fallback = null,\r\n autoLogin = true,\r\n}: ProtectedRouteProps): React.JSX.Element {\r\n const { isAuthenticated, getAccessToken, login } = useAuth();\r\n const [ready, setReady] = useState(false);\r\n const loginTriggeredRef = useRef(false);\r\n\r\n useEffect(() => {\r\n let cancelled = false;\r\n\r\n const run = async () => {\r\n if (isAuthenticated) {\r\n if (!cancelled) setReady(true);\r\n return;\r\n }\r\n\r\n try {\r\n await getAccessToken();\r\n if (!cancelled) setReady(true);\r\n } catch {\r\n if (autoLogin && !loginTriggeredRef.current) {\r\n loginTriggeredRef.current = true;\r\n await login();\r\n }\r\n if (!cancelled) setReady(false);\r\n }\r\n };\r\n\r\n run();\r\n\r\n return () => {\r\n cancelled = true;\r\n };\r\n }, [autoLogin, getAccessToken, isAuthenticated, login]);\r\n\r\n if (!ready || !isAuthenticated) {\r\n return <>{fallback}</>;\r\n }\r\n\r\n return <>{children}</>;\r\n}\r\n","/**\r\n * useAuthInit hook\r\n * \r\n * RULES:\r\n * - Only prevents parallel init calls\r\n * - Does NOT block based on flags (bootstrap handles that)\r\n */\r\n\r\nimport { useRef, useState, useCallback, useEffect, useMemo } from 'react';\r\nimport { bootstrap } from '../application/bootstrap';\r\n\r\ninterface UseAuthInitResult {\r\n isLoading: boolean;\r\n error: string | null;\r\n init: () => Promise<void>;\r\n}\r\n\r\nexport function useAuthInit(): UseAuthInitResult {\r\n const [isLoading, setIsLoading] = useState(false);\r\n const [error, setError] = useState<string | null>(null);\r\n\r\n // Prevent parallel init calls\r\n const inProgressRef = useRef(false);\r\n\r\n // Prevent setState after unmount\r\n const mountedRef = useRef(true);\r\n\r\n useEffect(() => {\r\n return () => {\r\n mountedRef.current = false;\r\n };\r\n }, []);\r\n\r\n const init = useCallback(async () => {\r\n // Prevent duplicate init calls\r\n if (inProgressRef.current) {\r\n return;\r\n }\r\n\r\n inProgressRef.current = true;\r\n\r\n if (mountedRef.current) {\r\n setIsLoading(true);\r\n setError(null);\r\n }\r\n\r\n try {\r\n // Bootstrap handles all decision logic (force login, callback, etc.)\r\n await bootstrap();\r\n } catch (err) {\r\n if (mountedRef.current) {\r\n setError(\r\n err instanceof Error\r\n ? err.message\r\n : 'Authentication initialization failed',\r\n );\r\n }\r\n } finally {\r\n inProgressRef.current = false;\r\n\r\n if (mountedRef.current) {\r\n setIsLoading(false);\r\n }\r\n }\r\n }, []);\r\n\r\n return useMemo(\r\n () => ({ isLoading, error, init }),\r\n [isLoading, error, init]\r\n );\r\n}\r\n"]}
1
+ {"version":3,"sources":["../src/infrastructure/runtime/context.ts","../src/domain/tenant.ts","../src/infrastructure/storage/prefix.ts","../src/infrastructure/storage/namespace.ts","../src/infrastructure/storage/context.ts","../src/infrastructure/storage/memory-adapter.ts","../src/infrastructure/storage/session-adapter.ts","../src/infrastructure/storage/cookie-adapter.ts","../src/infrastructure/storage/api.ts","../src/utils/logger.ts","../src/domain/errors.ts","../src/domain/auth-lifecycle.ts","../src/application/lifecycle-state.ts","../src/strategies/oauth2-pkce/pkce.ts","../src/config/env.ts","../src/config/schema.ts","../src/config/types.ts","../src/config/constants.ts","../src/config/index.ts","../src/utils/validation.ts","../src/application/domain-facade.ts","../src/application/events/AuthEvents.ts","../src/application/security/redirectLoopGuard.ts","../src/strategies/oauth2-pkce/oauth.ts","../src/strategies/oauth2-pkce/token-exchange.ts","../src/strategies/oauth2-pkce/callback.ts","../src/infrastructure/tenant/TenantConfigCache.ts","../src/infrastructure/tenant/tenantResolution.ts","../src/application/flows/ForceLoginFlow.ts","../src/application/flows/CallbackFlow.ts","../src/application/flows/AuthenticatedFlow.ts","../src/application/engine/defaultEngine.ts","../src/application/token.ts","../src/application/flows/RefreshFlow.ts","../src/application/flows/TenantSwitchFlow.ts","../src/application/flows/LoginFlow.ts","../src/application/flows/getFlowForState.ts","../src/application/run-bootstrap.ts","../src/infrastructure/watchers/callbacks.ts","../src/application/bootstrap.ts","../src/strategies/cookie/cookie-auth.ts","../src/infrastructure/watchers/cookie-watcher.ts","../src/infrastructure/watchers/storage-watcher.ts","../src/utils/cookies.ts","../src/application/logout.ts","../src/context/AuthContext.tsx","../src/infrastructure/tenant/tenant.api.ts","../src/browser/adapters.ts","../src/strategies/oauth2-pkce/OAuth2PkceStrategy.ts","../src/application/engine/eventBus.ts","../src/application/engine/createEngine.ts","../src/context/AuthProvider.tsx","../src/components/AuthCallback.tsx","../src/hooks/useAuth.ts","../src/components/ProtectedRoute.tsx","../src/hooks/useAuthInit.ts"],"names":["getStorage","isDev","isCallbackUrl","z","STORAGE_KEYS","getRedirectUri","isLocalhost","axios","existingToken","tokenValid","getAccessToken","createContext","useContext","DEFAULT_SCOPES","listeners","useMemo","useRef","useLayoutEffect","useEffect","resolvedTenantKey","cleanUrl","useState","useCallback","logout","jsxs","jsx","Fragment"],"mappings":";;;;;;;;;;;;;AAOA,IAAI,cAAA,GAAqC,IAAA;AAElC,SAAS,eAAe,OAAA,EAAmC;AAChE,EAAA,cAAA,GAAiB,OAAA;AACnB;AAEO,SAAS,cAAA,GAAqC;AACnD,EAAA,OAAO,cAAA;AACT;;;ACEO,SAAS,YAAY,QAAA,EAA2B;AACrD,EAAA,OACE,aAAa,WAAA,IACb,QAAA,KAAa,WAAA,IACb,QAAA,KAAa,WACb,QAAA,CAAS,UAAA,CAAW,UAAU,CAAA,IAC9B,SAAS,UAAA,CAAW,KAAK,CAAA,IACzB,QAAA,CAAS,SAAS,QAAQ,CAAA;AAE9B;AAEA,SAAS,0BAAA,CACP,eACA,MAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,IAAI,QAAA;AACJ,IAAA,IAAI,cAAc,UAAA,CAAW,SAAS,KAAK,aAAA,CAAc,UAAA,CAAW,UAAU,CAAA,EAAG;AAC/E,MAAA,IAAI;AACF,QAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,aAAa,CAAA;AACjC,QAAA,QAAA,GAAW,GAAA,CAAI,QAAA;AAAA,MACjB,CAAA,CAAA,MAAQ;AACN,QAAA,QAAA,GAAW,aAAA,CAAc,QAAQ,cAAA,EAAgB,EAAE,EAAE,KAAA,CAAM,GAAG,EAAE,CAAC,CAAA;AAAA,MACnE;AAAA,IACF,CAAA,MAAO;AACL,MAAA,QAAA,GAAW,aAAA;AAAA,IACb;AACA,IAAA,MAAM,KAAA,GAAQ,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA;AAChC,IAAA,IAAI,KAAA,CAAM,MAAA,GAAS,CAAA,EAAG,OAAO,OAAO,aAAA,EAAc;AAClD,IAAA,MAAM,SAAA,GAAY,MAAM,CAAC,CAAA;AACzB,IAAA,IAAI,CAAC,aAAa,SAAA,CAAU,IAAA,OAAW,EAAA,EAAI,OAAO,OAAO,aAAA,EAAc;AACvE,IAAA,IAAI,SAAA,CAAU,MAAK,CAAE,WAAA,OAAkB,YAAA,EAAc,OAAO,OAAO,aAAA,EAAc;AACjF,IAAA,OAAO,UAAU,IAAA,EAAK;AAAA,EACxB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,OAAO,aAAA,EAAc;AAAA,EAC9B;AACF;AAKO,SAAS,uBAAA,CACd,GAAA,EACA,MAAA,EACAA,WAAAA,EACA,MAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,MAAA,GAAS,MAAA,CAAO,cAAc,CAAA,GAAI,0BAAA;AACzD,IAAA,MAAM,cAAA,GAAiBA,YAAW,cAAc,CAAA;AAChD,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,IAAI;AACF,QAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AAC7C,QAAA,IAAI,YAAY,SAAA,EAAW,IAAA,IAAQ,OAAO,WAAA,CAAY,UAAU,IAAA,EAAK;AAAA,MACvE,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AACA,IAAA,MAAM,mBAAA,GAAsB,MAAA,GAAS,MAAA,CAAO,YAAY,CAAA,GAAI,wBAAA;AAC5D,IAAA,MAAM,eAAA,GAAkBA,YAAW,mBAAmB,CAAA;AACtD,IAAA,IAAI,eAAA,EAAiB,IAAA,EAAK,EAAG,OAAO,gBAAgB,IAAA,EAAK;AAEzD,IAAA,MAAM,SAAA,GAAY,IAAI,eAAA,CAAgB,GAAA,CAAI,MAAM,CAAA;AAChD,IAAA,MAAM,kBAAA,GAAqB,SAAA,CAAU,GAAA,CAAI,GAAG,CAAA;AAC5C,IAAA,IAAI,kBAAA,EAAoB,MAAK,EAAG;AAC9B,MAAA,MAAM,aAAA,GAAgB,GAAA,CAAI,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA;AAC5C,MAAA,MAAM,UAAA,GAAa,aAAA,CAAc,MAAA,IAAU,CAAA,GACvC,aAAA,CAAc,KAAA,CAAM,CAAA,CAAE,CAAA,CAAE,IAAA,CAAK,GAAG,CAAA,GAChC,GAAA,CAAI,QAAA;AACR,MAAA,MAAM,oBAAoB,CAAA,EAAG,kBAAA,CAAmB,IAAA,EAAM,IAAI,UAAU,CAAA,CAAA;AACpE,MAAA,MAAM,GAAA,GAAM,0BAAA,CAA2B,iBAAA,EAAmB,MAAM,CAAA;AAChE,MAAA,IAAI,KAAK,OAAO,GAAA;AAChB,MAAA,OAAO,mBAAmB,IAAA,EAAK;AAAA,IACjC;AAEA,IAAA,MAAM,WAAA,GAAc,0BAAA,CAA2B,GAAA,CAAI,QAAA,EAAU,MAAM,CAAA;AACnE,IAAA,IAAI,aAAa,OAAO,WAAA;AAExB,IAAA,MAAM,UAAA,GAAa,OAAO,aAAA,EAAc;AACxC,IAAA,IAAI,UAAA,EAAY,IAAA,EAAK,EAAG,OAAO,WAAW,IAAA,EAAK;AAC/C,IAAA,MAAM,QAAA,GAAW,OAAO,WAAA,EAAY;AACpC,IAAA,IAAI,QAAA,EAAU,IAAA,EAAK,EAAG,OAAO,SAAS,IAAA,EAAK;AAC3C,IAAA,OAAO,OAAO,aAAA,EAAc;AAAA,EAC9B,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,UAAA,GAAa,OAAO,aAAA,EAAc;AACxC,IAAA,IAAI,UAAA,EAAY,IAAA,EAAK,EAAG,OAAO,WAAW,IAAA,EAAK;AAC/C,IAAA,OAAO,MAAA,CAAO,WAAA,EAAY,IAAK,MAAA,CAAO,aAAA,EAAc;AAAA,EACtD;AACF;AAGO,SAAS,qBAAqB,GAAA,EAAuB;AAC1D,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,GAAA,CAAI,MAAM,CAAA;AAC7C,EAAA,OAAO,OAAO,GAAA,CAAI,MAAM,CAAA,IAAK,MAAA,CAAO,IAAI,OAAO,CAAA;AACjD;;;AC1GA,IAAM,cAAA,GAAiB,cAAA;AAEvB,IAAI,aAAA,GAAgB,cAAA;AAEb,SAAS,mBAAA,GAA8B;AAC5C,EAAA,OAAO,aAAA;AACT;AAKA,SAAS,oBAAoB,UAAA,EAA4B;AACvD,EAAA,MAAM,OAAA,GAAU,WAAW,IAAA,EAAK;AAChC,EAAA,IAAI,CAAC,SAAS,OAAO,EAAA;AACrB,EAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,gBAAA,EAAkB,GAAG,EAAE,WAAA,EAAY;AAC5D;AAMO,SAAS,oBAAoB,UAAA,EAA0B;AAC5D,EAAA,MAAM,UAAA,GAAa,oBAAoB,UAAU,CAAA;AACjD,EAAA,aAAA,GAAgB,UAAA,GAAa,CAAA,EAAG,UAAU,CAAA,MAAA,CAAA,GAAW,cAAA;AACvD;AAKO,SAAS,cAAc,MAAA,EAAwB;AACpD,EAAA,OAAO,qBAAoB,GAAI,MAAA;AACjC;;;ACvBO,SAAS,eAAA,CACd,IACA,MAAA,EACQ;AACR,EAAA,MAAM,EAAE,QAAA,EAAU,KAAA,EAAM,GAAI,EAAA;AAC5B,EAAA,IAAI,CAAC,QAAA,IAAY,CAAC,KAAA,EAAO;AACvB,IAAA,OAAO,CAAA,EAAG,mBAAA,EAAqB,CAAA,EAAG,MAAM,CAAA,CAAA;AAAA,EAC1C;AACA,EAAA,MAAM,MAAM,QAAA,IAAY,EAAA;AACxB,EAAA,MAAM,MAAM,KAAA,IAAS,EAAA;AACrB,EAAA,OAAO,CAAA,KAAA,EAAQ,GAAG,CAAA,CAAA,EAAI,GAAG,IAAI,MAAM,CAAA,CAAA;AACrC;AAGO,IAAM,kBAAA,GAAqB;AAAA,EAChC,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,SAAA,EAAW;AACb,CAAA;AAGO,IAAM,mBAAA,GAAsB;AAAA,EACjC,aAAA,EAAe,iBAAA;AAAA,EACf,QAAA,EAAU,WAAA;AAAA,EACV,WAAA,EAAa,cAAA;AAAA,EACb,QAAA,EAAU,WAAA;AAAA,EACV,SAAA,EAAW,YAAA;AAAA,EACX,YAAA,EAAc,eAAA;AAAA,EACd,KAAA,EAAO,OAAA;AAAA,EACP,iBAAA,EAAmB,oBAAA;AAAA,EACnB,kBAAA,EAAoB,qBAAA;AAAA,EACpB,iBAAA,EAAmB,oBAAA;AAAA,EACnB,cAAA,EAAgB,kBAAA;AAAA,EAChB,aAAA,EAAe,gBAAA;AAAA,EACf,gBAAA,EAAkB,mBAAA;AAAA,EAClB,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,cAAA,EAAgB,iBAAA;AAAA,EAChB,YAAA,EAAc,gBAAA;AAAA,EACd,aAAA,EAAe,gBAAA;AAAA,EACf,mBAAA,EAAqB,uBAAA;AAAA,EACrB,kBAAA,EAAoB,qBAAA;AAAA,EACpB,eAAA,EAAiB,kBAAA;AAAA,EACjB,OAAA,EAAS;AACX,CAAA;;;AChDA,IAAI,cAAA,GAAwC,IAAA;AAC5C,IAAI,gBAAA,GAAqC,EAAE,QAAA,EAAU,EAAA,EAAI,OAAO,EAAA,EAAG;AAE5D,SAAS,iBAAA,CACd,OAAA,EACA,SAAA,GAAuC,EAAC,EAClC;AACN,EAAA,cAAA,GAAiB,OAAA;AACjB,EAAA,gBAAA,GAAmB;AAAA,IACjB,QAAA,EAAU,UAAU,QAAA,IAAY,EAAA;AAAA,IAChC,KAAA,EAAO,UAAU,KAAA,IAAS;AAAA,GAC5B;AACF;AAEO,SAAS,iBAAA,GAA2C;AACzD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,OAAA,EAAS,cAAA,EAAgB,OAAO,OAAA,CAAQ,cAAA;AAC5C,EAAA,OAAO,cAAA;AACT;AAEO,SAAS,mBAAA,GAAwC;AACtD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,SAAS,gBAAA,EAAkB,OAAO,EAAE,GAAG,QAAQ,gBAAA,EAAiB;AACpE,EAAA,OAAO,EAAE,GAAG,gBAAA,EAAiB;AAC/B;;;ACzBO,SAAS,2BACd,SAAA,EACgB;AAChB,EAAA,MAAM,KAAA,uBAAY,GAAA,EAAoB;AAEtC,EAAA,MAAM,gBAAgB,MAAyB;AAC7C,IAAA,MAAM,WAAA,GAAc,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA,IAAK,IAAA;AAC7F,IAAA,MAAM,YAAA,GAAe,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA,IAAK,IAAA;AAC/F,IAAA,MAAM,YAAA,GAAe,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA,IAAK,IAAA;AAC5F,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,IAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,IAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,IAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,EAChD,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,OAAO,aAAA,EAAc;AAAA,IACvB,CAAA;AAAA,IACA,aAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACxF,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AAC1F,MAAA,KAAA,CAAM,GAAA,CAAI,gBAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,IAC9F,CAAA;AAAA,IACA,cAAc,MAAA,EAA0B;AACtC,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACxF,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AAC1F,MAAA,KAAA,CAAM,GAAA,CAAI,gBAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,IAC9F,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvE,CAAA;AAAA,IACA,eAAA,GAAwB;AACtB,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvE,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,OAAO,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,IAC3B,CAAA;AAAA,IACA,YAAY,GAAA,EAA4B;AACtC,MAAA,OAAO,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,IAC3B,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,KAAA,CAAM,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,IACtB,CAAA;AAAA,IACA,WAAA,CAAY,KAAa,KAAA,EAAqB;AAC5C,MAAA,KAAA,CAAM,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,IACtB,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,IAClB,CAAA;AAAA,IACA,eAAe,GAAA,EAAmB;AAChC,MAAA,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,IAClB,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,KAAA,CAAM,KAAA,EAAM;AAAA,IACd,CAAA;AAAA,IACA,SAAA,GAAkB;AAChB,MAAA,KAAA,CAAM,KAAA,EAAM;AAAA,IACd;AAAA,GACF;AACF;;;ACtEA,SAAS,iBAAA,GAAoC;AAC3C,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,EAAA,IAAI;AACF,IAAA,OAAO,MAAA,CAAO,cAAA;AAAA,EAChB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEO,SAAS,kCACd,SAAA,EACgB;AAChB,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,OAAO,kBAAkB,SAAS,CAAA;AAAA,IACpC,CAAA;AAAA,IACA,aAAA,GAAmC;AACjC,MAAA,OAAO,kBAAkB,SAAS,CAAA;AAAA,IACpC,CAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,iBAAA,CAAkB,WAAW,MAAM,CAAA;AAAA,IACrC,CAAA;AAAA,IACA,cAAc,MAAA,EAA0B;AACtC,MAAA,iBAAA,CAAkB,WAAW,MAAM,CAAA;AAAA,IACrC,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,mBAAA,CAAoB,SAAS,CAAA;AAAA,IAC/B,CAAA;AAAA,IACA,eAAA,GAAwB;AACtB,MAAA,mBAAA,CAAoB,SAAS,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,OAAO,gBAAgB,GAAG,CAAA;AAAA,IAC5B,CAAA;AAAA,IACA,YAAY,GAAA,EAA4B;AACtC,MAAA,OAAO,gBAAgB,GAAG,CAAA;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,eAAA,CAAgB,KAAK,KAAK,CAAA;AAAA,IAC5B,CAAA;AAAA,IACA,WAAA,CAAY,KAAa,KAAA,EAAqB;AAC5C,MAAA,eAAA,CAAgB,KAAK,KAAK,CAAA;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,kBAAA,CAAmB,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA,IACA,eAAe,GAAA,EAAmB;AAChC,MAAA,kBAAA,CAAmB,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,aAAA,CAAc,SAAS,CAAA;AAAA,IACzB,CAAA;AAAA,IACA,SAAA,GAAkB;AAChB,MAAA,aAAA,CAAc,SAAS,CAAA;AAAA,IACzB;AAAA,GACF;AACF;AAEA,SAAS,kBAAkB,EAAA,EAAyC;AAClE,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AACrB,EAAA,IAAI;AACF,IAAA,MAAM,cAAc,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvF,IAAA,MAAM,eAAe,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACzF,IAAA,MAAM,eAAe,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAC,CAAA;AACtF,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,IAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,IAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,IAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,EAChD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,SAAS,iBAAA,CAAkB,IAAsB,MAAA,EAA0B;AACzE,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,QAAQ,eAAA,CAAgB,EAAA,EAAI,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACvF,IAAA,OAAA,CAAQ,QAAQ,eAAA,CAAgB,EAAA,EAAI,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AACzF,IAAA,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,EAC7F,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,oBAAoB,EAAA,EAA4B;AACvD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACtE,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACvE,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,EACtE,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,gBAAgB,GAAA,EAA4B;AACnD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AACrB,EAAA,IAAI;AACF,IAAA,OAAO,OAAA,CAAQ,QAAQ,GAAG,CAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,SAAS,eAAA,CAAgB,KAAa,KAAA,EAAqB;AACzD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,mBAAmB,GAAA,EAAmB;AAC7C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,WAAW,GAAG,CAAA;AAAA,EACxB,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,cAAc,EAAA,EAA4B;AACjD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,EAAA,CAAG,QAAA,IAAY,EAAA,CAAG,QAC7B,CAAA,KAAA,EAAQ,EAAA,CAAG,QAAA,IAAY,EAAE,CAAA,CAAA,EAAI,EAAA,CAAG,KAAA,IAAS,EAAE,MAC3C,mBAAA,EAAoB;AACxB,IAAA,MAAM,OAAiB,EAAC;AACxB,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,OAAA,CAAQ,QAAQ,CAAA,EAAA,EAAK;AACvC,MAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,GAAA,CAAI,CAAC,CAAA;AACzB,MAAA,IAAI,OAAO,GAAA,CAAI,UAAA,CAAW,MAAM,CAAA,EAAG,IAAA,CAAK,KAAK,GAAG,CAAA;AAAA,IAClD;AACA,IAAA,IAAA,CAAK,QAAQ,CAAC,CAAA,KAAM,OAAA,CAAQ,UAAA,CAAW,CAAC,CAAC,CAAA;AAAA,EAC3C,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;;;ACjJA,IAAM,sBAAA,GAAyB;AAAA,EAC7B,IAAA,EAAM,GAAA;AAAA,EACN,QAAA,EAAU,KAAA;AAAA,EACV,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK;AAAA;AACzB,CAAA;AAEA,SAAS,WAAA,GAA+B;AACtC,EAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAC5C,EAAA,OAAO,QAAA;AACT;AAEA,SAAS,UAAU,IAAA,EAA6B;AAC9C,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,IAAO,CAAC,GAAA,CAAI,QAAQ,OAAO,IAAA;AAChC,EAAA,MAAM,KAAA,GAAQ,IAAI,MAAA,CAAO,KAAA,CAAM,IAAI,MAAA,CAAO,OAAA,GAAU,IAAA,GAAO,UAAU,CAAC,CAAA;AACtE,EAAA,OAAO,KAAA,GAAQ,kBAAA,CAAmB,KAAA,CAAM,CAAC,CAAC,CAAA,GAAI,IAAA;AAChD;AAEA,SAAS,SAAA,CACP,IAAA,EACA,KAAA,EACA,OAAA,GAAoF,EAAC,EAC/E;AACN,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,EAAK;AACV,EAAA,MAAM,EAAE,IAAA,GAAO,GAAA,EAAK,QAAA,GAAW,KAAA,EAAO,MAAA,EAAO,GAAI,EAAE,GAAG,sBAAA,EAAwB,GAAG,OAAA,EAAQ;AACzF,EAAA,IAAI,MAAA,GAAS,CAAA,EAAG,kBAAA,CAAmB,IAAI,CAAC,CAAA,CAAA,EAAI,kBAAA,CAAmB,KAAK,CAAC,CAAA,MAAA,EAAS,IAAI,CAAA,UAAA,EAAa,QAAQ,CAAA,CAAA;AACvG,EAAA,IAAI,MAAA,IAAU,IAAA,EAAM,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AAChD,EAAA,GAAA,CAAI,MAAA,GAAS,MAAA;AACf;AAEA,SAAS,aAAa,IAAA,EAAoB;AACxC,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,EAAK;AACV,EAAA,GAAA,CAAI,MAAA,GAAS,CAAA,EAAG,kBAAA,CAAmB,IAAI,CAAC,CAAA,kBAAA,CAAA;AAC1C;AAEO,SAAS,0BAAA,CACd,WACA,OAAA,EACgB;AAChB,EAAA,MAAM,MAAA,GAAS,SAAS,YAAA,IAAgB,MAAA;AACxC,EAAA,MAAM,SAAA,GAAY,SAAA,CAAU,QAAA,IAAY,SAAA,CAAU,QAC9C,CAAA,KAAA,EAAQ,SAAA,CAAU,QAAA,IAAY,EAAE,CAAA,CAAA,EAAI,SAAA,CAAU,KAAA,IAAS,EAAE,MACzD,mBAAA,EAAoB;AAExB,EAAA,MAAM,aAAa,CAAC,MAAA,KAClB,GAAG,MAAM,CAAA,CAAA,EAAI,UAAU,QAAA,IAAY,GAAG,CAAA,CAAA,EAAI,SAAA,CAAU,SAAS,GAAG,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA,CAAG,OAAA,CAAQ,kBAAkB,GAAG,CAAA;AAE5G,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,MAAM,WAAA,GAAc,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACxE,MAAA,MAAM,YAAA,GAAe,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AAC1E,MAAA,MAAM,YAAA,GAAe,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AACvE,MAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,MAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,MAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,MAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,IAChD,CAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAA,EAAG,MAAA,CAAO,aAAa,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,EAAI,CAAA;AAC7F,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAA,EAAG,MAAA,CAAO,YAAA,EAAc,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,CAAA,EAAG,CAAA;AACxG,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAA,EAAG,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,IAAI,CAAA;AAAA,IACxG,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvD,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxD,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvD,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,OAAO,SAAA,CAAU,UAAA,CAAW,IAAI,CAAC,CAAA;AAAA,IACnC,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,SAAA,CAAU,UAAA,CAAW,IAAI,CAAA,EAAG,KAAK,CAAA;AAAA,IACnC,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,YAAA,CAAa,UAAA,CAAW,IAAI,CAAC,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,MAAM,QAAA,GAAW,MAAA,CAAO,MAAA,CAAO,kBAAkB,CAAA;AACjD,MAAA,QAAA,CAAS,QAAQ,CAAC,CAAA,KAAM,aAAa,UAAA,CAAW,CAAC,CAAC,CAAC,CAAA;AACnD,MAAA,MAAA,CAAO,MAAA,CAAO,mBAAmB,CAAA,CAAE,OAAA,CAAQ,CAAC,WAAW,YAAA,CAAa,UAAA,CAAW,MAAM,CAAC,CAAC,CAAA;AAAA,IACzF;AAAA,GACF;AACF;;;AChGA,IAAM,YAAA,GAAe;AAAA,EACnB,aAAA,EAAe,iBAAA;AAAA,EACf,QAAA,EAAU,WAAA;AAAA,EACV,WAAA,EAAa,cAAA;AAAA,EACb,QAAA,EAAU,WAAA;AAAA,EACV,SAAA,EAAW,YAAA;AAAA,EACX,YAAA,EAAc,eAAA;AAAA,EACd,KAAA,EAAO,OAAA;AAAA,EACP,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,SAAA,EAAW;AACb,CAAA;AAEO,IAAM,YAAA,GAA4B;AAAA,EACvC,IAAI,aAAA,GAAgB;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,aAAa,CAAA;AAAA,EAAG,CAAA;AAAA,EACxE,IAAI,QAAA,GAAW;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,QAAQ,CAAA;AAAA,EAAG,CAAA;AAAA,EAC9D,IAAI,WAAA,GAAc;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,WAAW,CAAA;AAAA,EAAG,CAAA;AAAA,EACpE,IAAI,QAAA,GAAW;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,QAAQ,CAAA;AAAA,EAAG,CAAA;AAAA,EAC9D,IAAI,SAAA,GAAY;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,SAAS,CAAA;AAAA,EAAG,CAAA;AAAA,EAChE,IAAI,YAAA,GAAe;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,YAAY,CAAA;AAAA,EAAG,CAAA;AAAA,EACtE,IAAI,KAAA,GAAQ;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,KAAK,CAAA;AAAA,EAAG,CAAA;AAAA,EACxD,IAAI,WAAA,GAAc;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,WAAW,CAAA;AAAA,EAAG,CAAA;AAAA,EACpE,IAAI,YAAA,GAAe;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,YAAY,CAAA;AAAA,EAAG,CAAA;AAAA,EACtE,IAAI,SAAA,GAAY;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,SAAS,CAAA;AAAA,EAAG;AAClE,CAAA;AAEA,SAAS,YAAY,GAAA,EAAqB;AACxC,EAAA,MAAM,SAAS,mBAAA,EAAoB;AACnC,EAAA,OAAO,GAAA,CAAI,WAAW,MAAM,CAAA,GAAI,IAAI,KAAA,CAAM,MAAA,CAAO,MAAM,CAAA,GAAI,GAAA;AAC7D;AAEO,SAAS,UAAA,CAAW,KAAa,KAAA,EAAqB;AAC3D,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,WAAA,EAAa;AAC3B,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,WAAA,CAAY,eAAA,CAAgB,EAAA,EAAI,MAAM,GAAG,KAAK,CAAA;AAAA,EACxD,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,WAAW,GAAA,EAA4B;AACrD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS,WAAA,EAAa,OAAO,IAAA;AAClC,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAO,OAAA,CAAQ,WAAA,CAAY,eAAA,CAAgB,EAAA,EAAI,MAAM,CAAC,CAAA;AAAA,EACxD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEO,SAAS,cAAc,GAAA,EAAmB;AAC/C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,cAAA,EAAgB;AAC9B,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,cAAA,CAAe,eAAA,CAAgB,EAAA,EAAI,MAAM,CAAC,CAAA;AAAA,EACpD,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,gBAAA,GAAyB;AACvC,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,SAAA,EAAW;AACzB,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,eAAA,IAAkB;AAC1B,IAAA,OAAA,CAAQ,SAAA,EAAU;AAAA,EACpB,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,uBAAA,GAAgC;AAC9C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,SAAA,EAAW;AACzB,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,eAAA,IAAkB;AAC1B,IAAA,OAAA,CAAQ,SAAA,EAAU;AAAA,EACpB,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,eAAA,GAAwB;AACtC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI;AACF,IAAA,OAAA,EAAS,cAAc,YAAA,EAAa;AAAA,EACtC,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAMO,SAAS,sBAAA,GAA+B;AAC7C,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,EAAA,IAAI;AACF,IAAA,MAAA,CAAO,cAAc,KAAA,EAAM;AAAA,EAC7B,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,IAAI;AACF,IAAA,MAAA,CAAO,gBAAgB,KAAA,EAAM;AAAA,EAC/B,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,eAAA,GAAwB;AACtC,EAAA,MAAM,UAAA,GAAa,UAAA,CAAW,aAAA,CAAc,aAAa,CAAC,CAAA;AAC1D,EAAA,MAAM,gBAAA,GAAmB,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACvE,EAAA,MAAM,kBAAA,GAAqB,UAAA,CAAW,aAAA,CAAc,sBAAsB,CAAC,CAAA;AAE3E,EAAA,uBAAA,EAAwB;AACxB,EAAA,gBAAA,EAAiB;AACjB,EAAA,sBAAA,EAAuB;AAEvB,EAAA,IAAI,eAAe,MAAA,EAAQ,UAAA,CAAW,aAAA,CAAc,aAAa,GAAG,MAAM,CAAA;AAC1E,EAAA,IAAI,qBAAqB,MAAA,EAAQ,UAAA,CAAW,aAAA,CAAc,oBAAoB,GAAG,MAAM,CAAA;AACvF,EAAA,IAAI,kBAAA,EAAoB,UAAA,CAAW,aAAA,CAAc,sBAAsB,GAAG,kBAAkB,CAAA;AAE5F,EAAA,eAAA,EAAgB;AAClB;AAEO,SAAS,cAAA,GAAgC;AAC9C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,WAAA,IAAe,IAAA;AAAA,EAC3B;AACA,EAAA,OAAO,UAAA,CAAW,aAAa,WAAW,CAAA;AAC5C;AAEO,SAAS,eAAA,GAAiC;AAC/C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,YAAA,IAAgB,IAAA;AAAA,EAC5B;AACA,EAAA,OAAO,UAAA,CAAW,aAAa,YAAY,CAAA;AAC7C;AAEO,SAAS,YAAA,GAA8B;AAC5C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,SAAA,IAAa,IAAA;AAAA,EACzB;AACA,EAAA,MAAM,SAAA,GAAY,UAAA,CAAW,YAAA,CAAa,SAAS,CAAA;AACnD,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,MAAM,SAAA,GAAY,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA;AACxC,EAAA,OAAO,KAAA,CAAM,SAAS,CAAA,GAAI,IAAA,GAAO,SAAA;AACnC;AAEO,SAAS,oBAAA,GAAgC;AAC9C,EAAA,MAAM,YAAY,YAAA,EAAa;AAC/B,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,MAAM,SAAS,EAAA,GAAK,GAAA;AACpB,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,IAAK,SAAA,GAAY,MAAA;AACnC;AAKO,SAAS,WAAA,GAA6B;AAC3C,EAAA,OAAO,UAAA,CAAW,aAAa,QAAQ,CAAA;AACzC;AACO,SAAS,cAAA,GAAgC;AAC9C,EAAA,OAAO,UAAA,CAAW,aAAa,WAAW,CAAA;AAC5C;AACO,SAAS,WAAA,GAA6B;AAC3C,EAAA,OAAO,UAAA,CAAW,aAAa,QAAQ,CAAA;AACzC;AACO,SAAS,eAAA,GAAiC;AAC/C,EAAA,OAAO,UAAA,CAAW,aAAa,YAAY,CAAA;AAC7C;AACO,SAAS,QAAA,GAA0B;AACxC,EAAA,OAAO,UAAA,CAAW,aAAa,KAAK,CAAA;AACtC;AACO,SAAS,YAAA,GAA8B;AAC5C,EAAA,OAAO,UAAA,CAAW,aAAa,SAAS,CAAA;AAC1C;AACO,SAAS,aAAa,SAAA,EAAyB;AACpD,EAAA,UAAA,CAAW,YAAA,CAAa,WAAW,SAAS,CAAA;AAC9C;;;AClMA,SAAS,KAAA,GAAiB;AACxB,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,MAAM,QAAA,GAAW,OAAO,QAAA,CAAS,QAAA;AACjC,EAAA,OACE,aAAa,WAAA,IACb,QAAA,KAAa,WAAA,IACb,QAAA,KAAa,WACb,QAAA,CAAS,UAAA,CAAW,UAAU,CAAA,IAC9B,SAAS,UAAA,CAAW,KAAK,CAAA,IACzB,QAAA,CAAS,SAAS,QAAQ,CAAA;AAE9B;AAEA,IAAM,SAAN,MAAa;AAAA,EAAb,WAAA,GAAA;AACE,IAAA,IAAA,CAAQ,MAAA,GAAS,8BAAA;AAAA,EAAA;AAAA,EAET,GAAA,CAAI,KAAA,EAAiB,OAAA,EAAiB,IAAA,EAAsB;AAClE,IAAA,MAAM,SAAA,GAAA,iBAAY,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AACzC,IAAA,MAAM,UAAA,GAAa,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,EAAA,EAAK,SAAS,CAAA,GAAA,EAAM,KAAA,CAAM,WAAA,EAAa,CAAA,EAAA,EAAK,OAAO,CAAA,CAAA;AAEpF,IAAA,QAAQ,KAAA;AAAO,MACb,KAAK,MAAA;AACH,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AAClC,QAAA;AAAA,MACF,KAAK,MAAA;AACH,QAAA,OAAA,CAAQ,IAAA,CAAK,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AACnC,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,OAAA,CAAQ,KAAA,CAAM,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AACpC,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,IAAI,OAAM,EAAG;AACX,UAAA,OAAA,CAAQ,KAAA,CAAM,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AAAA,QACtC;AACA,QAAA;AAAA;AACJ,EACF;AAAA,EAEA,IAAA,CAAK,SAAiB,IAAA,EAAsB;AAC1C,IAAA,IAAA,CAAK,GAAA,CAAI,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,IAAA,CAAK,SAAiB,IAAA,EAAsB;AAC1C,IAAA,IAAA,CAAK,GAAA,CAAI,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,KAAA,CAAM,SAAiB,IAAA,EAAsB;AAC3C,IAAA,IAAA,CAAK,GAAA,CAAI,OAAA,EAAS,OAAA,EAAS,IAAI,CAAA;AAAA,EACjC;AAAA,EAEA,KAAA,CAAM,SAAiB,IAAA,EAAsB;AAC3C,IAAA,IAAA,CAAK,GAAA,CAAI,OAAA,EAAS,OAAA,EAAS,IAAI,CAAA;AAAA,EACjC;AACF,CAAA;AAEO,IAAM,MAAA,GAAS,IAAI,MAAA,EAAO;;;AC3DjC,SAAS,oBAAoB,QAAA,EAA2B;AACtD,EAAA,OAAO,QAAA,KAAa,WAAA,IAAe,QAAA,KAAa,WAAA,IAC9C,SAAS,UAAA,CAAW,UAAU,CAAA,IAAK,QAAA,CAAS,UAAA,CAAW,KAAK,CAAA,IAAK,QAAA,CAAS,WAAW,SAAS,CAAA;AAClG;AAEA,SAASC,MAAAA,GAAiB;AACxB,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,KAAA;AAC1C,EAAA,OAAO,mBAAA,CAAoB,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AACrD;AAEO,SAAS,YAAA,CAAa,iBAA0B,IAAA,EAAY;AACjE,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAEnC,EAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,QAAA,CAAS,QAAA,KAAa,WAAA,IACrD,OAAO,QAAA,CAAS,QAAA,KAAa,WAAA,IAC7B,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,WAAW,UAAU,CAAA,IAC9C,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,UAAA,CAAW,KAAK,CAAA,IACzC,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,UAAA,CAAW,SAAS,CAAA;AAG/C,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAA,KAAa,OAAA;AAE5C,EAAA,IAAI,cAAA,IAAkB,qBAAqB,MAAA,EAAQ;AACjD,IAAA,MAAA,CAAO,MAAM,2CAA2C,CAAA;AACxD,IAAA;AAAA,EACF;AAEA,EAAA,IAAI,MAAA,IAAU,CAAC,iBAAA,EAAmB;AAChC,IAAA,MAAM,KAAA,GAAQ,IAAI,KAAA,CAAM,oFAAoF,CAAA;AAC5G,IAAA,MAAA,CAAO,MAAM,0BAAA,EAA4B;AAAA,MACvC,QAAA,EAAU,OAAO,QAAA,CAAS,QAAA;AAAA,MAC1B,QAAA,EAAU,OAAO,QAAA,CAAS;AAAA,KAC3B,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AAEA,EAAA,MAAA,CAAO,MAAM,oBAAA,EAAsB,EAAE,UAAU,MAAA,CAAO,QAAA,CAAS,UAAU,CAAA;AAC3E;AAEO,SAAS,oBAAA,CAAqB,OAAgB,cAAA,EAAgC;AACnF,EAAA,IAAIA,QAAM,EAAG;AACX,IAAA,IAAI,KAAA,YAAiB,KAAA,EAAO,OAAO,KAAA,CAAM,OAAA;AACzC,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AACA,EAAA,OAAO,cAAA;AACT;AAEO,IAAM,cAAA,GAAN,cAA6B,KAAA,CAAM;AAAA,EAIxC,WAAA,CAAY,IAAA,EAAc,cAAA,EAAwB,aAAA,EAAyB;AACzE,IAAA,KAAA,CAAM,cAAc,CAAA;AACpB,IAAA,IAAA,CAAK,IAAA,GAAO,gBAAA;AACZ,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AACZ,IAAA,IAAIA,MAAAA,EAAM,IAAK,aAAA,YAAyB,KAAA,EAAO;AAC7C,MAAA,IAAA,CAAK,kBAAkB,aAAA,CAAc,OAAA;AAAA,IACvC;AAAA,EACF;AACF;;;AC9BO,SAAS,0BAA0B,KAAA,EAA8C;AACtF,EAAA,MAAM;AAAA,IACJ,GAAA;AAAA,IACA,UAAA,EAAAD,WAAAA;AAAA,IACA,aAAA,EAAAE,cAAAA;AAAA,IACA,aAAA;AAAA,IACA,QAAA;AAAA,IACA,eAAA;AAAA,IACA;AAAA,GACF,GAAI,KAAA;AAEJ,EAAA,MAAM,UAAA,GAAaF,WAAAA,CAAW,aAAa,CAAA,KAAM,MAAA;AACjD,EAAA,MAAM,iBAAA,GAAoBA,WAAAA,CAAW,oBAAoB,CAAA,KAAM,MAAA;AAC/D,EAAA,MAAM,cAAA,GAAiBA,WAAAA,CAAW,iBAAiB,CAAA,KAAM,MAAA;AAEzD,EAAA,IAAI,YAAY,OAAO,aAAA;AACvB,EAAA,IAAIE,cAAAA,CAAc,GAAG,CAAA,EAAG,OAAO,qBAAA;AAC/B,EAAA,IAAI,eAAe,OAAO,eAAA;AAC1B,EAAA,IAAI,iBAAA,IAAqB,CAAC,QAAA,EAAU,OAAO,gBAAA;AAC3C,EAAA,IAAI,QAAA,IAAY,cAAA,IAAkB,eAAA,EAAiB,OAAO,eAAA;AAC1D,EAAA,IAAI,QAAA,IAAY,cAAA,IAAkB,CAAC,eAAA,EAAiB,OAAO,gBAAA;AAC3D,EAAA,IAAI,gBAAgB,OAAO,eAAA;AAE3B,EAAA,OAAO,gBAAA;AACT;;;ACtDA,IAAM,kBAAA,GAAqB,GAAA;AAE3B,IAAI,mBAAA,GAAsB,KAAA;AAC1B,IAAI,kBAAA,GAAqB,CAAA;AAEzB,IAAI,kBAAA,GAAqB,KAAA;AAEzB,IAAI,cAAA,GAAiB,KAAA;AACrB,IAAI,aAAA,GAAgB,CAAA;AAEb,SAAS,qBAAA,GAAiC;AAC/C,EAAA,IAAI,CAAC,qBAAqB,OAAO,KAAA;AACjC,EAAA,IAAI,CAAC,oBAAoB,OAAO,IAAA;AAChC,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,GAAI,kBAAA,GAAqB,kBAAA;AAC3C;AAEO,SAAS,sBAAA,GAA+B;AAC7C,EAAA,mBAAA,GAAsB,IAAA;AACtB,EAAA,kBAAA,GAAqB,KAAK,GAAA,EAAI;AAChC;AAEO,SAAS,wBAAA,GAAiC;AAC/C,EAAA,mBAAA,GAAsB,KAAA;AACtB,EAAA,kBAAA,GAAqB,CAAA;AACvB;AAEO,SAAS,oBAAA,GAAgC;AAC9C,EAAA,OAAO,kBAAA;AACT;AAEO,SAAS,qBAAA,GAA8B;AAC5C,EAAA,kBAAA,GAAqB,IAAA;AACvB;AAEO,SAAS,uBAAA,GAAgC;AAC9C,EAAA,kBAAA,GAAqB,KAAA;AACvB;AAEO,SAAS,gBAAA,GAA4B;AAC1C,EAAA,OAAO,cAAA;AACT;AAMO,SAAS,iBAAA,GAA0B;AACxC,EAAA,cAAA,GAAiB,IAAA;AACjB,EAAA,aAAA,GAAgB,KAAK,GAAA,EAAI;AAC3B;AAEO,SAAS,mBAAA,GAA4B;AAC1C,EAAA,cAAA,GAAiB,KAAA;AACjB,EAAA,aAAA,GAAgB,CAAA;AAClB;AAEO,SAAS,eAAA,CAAgB,cAAsB,GAAA,EAAe;AACnE,EAAA,IAAI,CAAC,eAAe,OAAO,IAAA;AAC3B,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,GAAI,aAAA,GAAgB,WAAA;AACtC;AAGO,SAAS,cAAA,GAAuB;AACrC,EAAA,mBAAA,EAAoB;AACtB;AAEO,SAAS,YAAA,GAAqB;AACnC,EAAA,iBAAA,EAAkB;AACpB;;;AChEO,SAAS,oBAAA,CAAqB,SAAiB,GAAA,EAAa;AACjE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAE5B,EAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,KAAK,CAAC,CAAA;AACjD,EAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AACrB;AAKA,eAAsB,sBAAsB,QAAA,EAAmC;AAC7E,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,IAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,CAAO,QAAQ,CAAA;AACpC,IAAA,MAAM,aAAa,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,IAAI,CAAA;AAC7D,IAAA,MAAM,YAAY,KAAA,CAAM,IAAA,CAAK,IAAI,UAAA,CAAW,UAAU,CAAC,CAAA;AACvD,IAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,SAAS,CAAC,CAAA;AACrD,IAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AAAA,EACrB,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,MAAM,mCAAmC,CAAA;AAAA,EACrD;AACF;AAKO,SAAS,aAAA,GAAwB;AACtC,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,EAAE,CAAA;AAC/B,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,KAAK,CAAC,CAAA;AACjD,EAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AACrB;;;AC5CA,IAAM,QAAA,GAA2D;AAAA,EAC/D,SAAA,EAAW,CAAC,gBAAA,EAAkB,WAAW,CAAA;AAAA,EACzC,SAAA,EAAW,CAAC,gBAAA,EAAkB,WAAW,CAAA;AAAA,EACzC,UAAA,EAAY,CAAC,iBAAA,EAAmB,YAAY;AAC9C,CAAA;AAEO,SAAS,YAAY,IAAA,EAAiC;AAC3D,EAAA,IAAI;AACF,IAAA,MAAM,CAAA,GAAI,OAAO,UAAA,KAAe,WAAA,GAAe,UAAA,GAAyC,IAAA;AACxF,IAAA,MAAM,GAAA,GAAM,CAAA,EAAG,OAAA,IAAW,OAAQ,CAAA,CAAE,QAAoC,GAAA,KAAQ,QAAA,GAC3E,CAAA,CAAE,OAAA,CAAoC,GAAA,GACvC,IAAA;AACJ,IAAA,IAAI,GAAA,EAAK;AACP,MAAA,KAAA,MAAW,OAAO,IAAA,EAAM;AACtB,QAAA,MAAM,CAAA,GAAI,IAAI,GAAG,CAAA;AACjB,QAAA,IAAI,CAAA,IAAK,IAAA,IAAQ,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK,EAAG,OAAO,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK;AAAA,MAC3D;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,GAAO,OAAO,qQAAA,KAAgB,WAAA,GAAe,SAAkD,GAAM,KAAA,CAAA;AAC3G,IAAA,IAAI,IAAA,EAAM;AACR,MAAA,KAAA,MAAW,OAAO,IAAA,EAAM;AACtB,QAAA,MAAM,CAAA,GAAI,KAAK,GAAG,CAAA;AAClB,QAAA,IAAI,CAAA,IAAK,IAAA,IAAQ,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK,EAAG,OAAO,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK;AAAA,MAC3D;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,EAAA;AACT;AAEA,IAAM,qBAAA,GAAwB,CAAC,YAAA,EAAc,4BAAA,EAA8B,kBAAkB,eAAA,EAAiB,eAAA,EAAiB,cAAA,EAAgB,iBAAA,EAAmB,gBAAgB,CAAA;AAElL,SAAS,kBAAA,GAAoD;AAC3D,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,EAAA,MAAM,CAAA,GAAI,MAAA;AACV,EAAA,MAAM,GAAA,GAAM,CAAA,CAAE,eAAA,IAAmB,CAAA,CAAE,cAAA;AACnC,EAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,UAAU,OAAO,IAAA;AAC5C,EAAA,KAAA,MAAW,aAAa,qBAAA,EAAuB;AAC7C,IAAA,IAAI,aAAa,GAAA,EAAK;AACpB,MAAA,MAAM,IAAI,MAAM,wDAAwD,CAAA;AAAA,IAC1E;AAAA,EACF;AACA,EAAA,MAAM,MAA8B,EAAC;AACrC,EAAA,MAAM,GAAA,GAA8B;AAAA,IAClC,QAAA,EAAU,WAAA;AAAA,IACV,QAAA,EAAU,WAAA;AAAA,IACV,UAAA,EAAY;AAAA,GACd;AACA,EAAA,KAAA,MAAW,CAAC,MAAA,EAAQ,MAAM,KAAK,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA,EAAG;AAClD,IAAA,MAAM,CAAA,GAAI,IAAI,MAAM,CAAA;AACpB,IAAA,IAAI,CAAA,IAAK,IAAA,IAAQ,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,CAAE,IAAA,EAAK,EAAG,GAAA,CAAI,MAAM,CAAA,GAAI,CAAA,CAAE,IAAA,EAAK;AAAA,EAC3E;AACA,EAAA,OAAO,MAAA,CAAO,IAAA,CAAK,GAAG,CAAA,CAAE,SAAS,GAAA,GAAM,IAAA;AACzC;AAEO,SAAS,aAAA,GAAwC;AACtD,EAAA,MAAM,UAAkC,EAAC;AACzC,EAAA,KAAA,MAAW,CAAC,GAAA,EAAK,OAAO,KAAK,MAAA,CAAO,OAAA,CAAQ,QAAQ,CAAA,EAAG;AACrD,IAAA,MAAM,CAAA,GAAI,YAAY,OAAO,CAAA;AAC7B,IAAA,IAAI,CAAA,EAAI,OAAA,CAAmC,GAAG,CAAA,GAAI,CAAA;AAAA,EACpD;AACA,EAAA,OAAO,OAAA;AACT;AAEO,SAAS,gBAAA,GAAkD;AAChE,EAAA,MAAM,MAAM,kBAAA,EAAmB;AAC/B,EAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,EAAA,OAAO,GAAA;AACT;ACzEA,IAAM,MAAA,GAASC,MAAE,MAAA,CAAO;AAAA,EACtB,WAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,GAAG,uBAAuB,CAAA;AAAA,EACpD,WAAWA,KAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,GAAG,uBAAuB,CAAA;AAAA,EACpD,YAAYA,KAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,GAAG,wBAAwB;AACxD,CAAC,CAAA;AAIM,SAAS,eAAe,IAAA,EAA8B;AAC3D,EAAA,OAAO,MAAA,CAAO,MAAM,IAAI,CAAA;AAC1B;;;ACUO,IAAM,oBAAA,GAAuB,CAAC,gCAAA,EAAkC,mBAAA,EAAqB,mBAAmB,gBAAgB,CAAA;AAGxH,IAAM,mBAAA,GAAsB,CAAC,WAAA,EAAa,WAAA,EAAa,YAAY,CAAA;;;AC1BnE,IAAM,eAAA,GAAkB;AAAA,EAC7B,MAAA,EAAQ,sBAAA;AAAA,EACR,aAAA,EAAe,MAAA;AAAA,EACf,qBAAA,EAAuB,MAAA;AAAA,EACvB,gBAAA,EAAkB,oBAAA;AAAA,EAClB,kBAAA,EAAoB;AACtB;AAEO,IAAM,kBAAA,GAAqB;AAE3B,IAAMC,aAAAA,GAAe;AAAA,EAC1B,aAAA,EAAe,GAAG,kBAAkB,CAAA,eAAA,CAAA;AAAA,EACpC,QAAA,EAAU,GAAG,kBAAkB,CAAA,SAAA,CAAA;AAAA,EAC/B,WAAA,EAAa,GAAG,kBAAkB,CAAA,YAAA,CAAA;AAAA,EAClC,QAAA,EAAU,GAAG,kBAAkB,CAAA,SAAA,CAAA;AAAA,EAC/B,YAAA,EAAc,GAAG,kBAAkB,CAAA,aAAA,CAAA;AAAA,EACnC,KAAA,EAAO,GAAG,kBAAkB,CAAA,KAAA,CAAA;AAAA,EAC5B,WAAA,EAAa,GAAG,kBAAkB,CAAA,YAAA,CAAA;AAAA,EAClC,YAAA,EAAc,GAAG,kBAAkB,CAAA,aAAA,CAAA;AAAA,EACnC,SAAA,EAAW,GAAG,kBAAkB,CAAA,UAAA;AAClC;AAE8B,eAAA,CAAgB;AACvC,IAAM,wBAAwB,eAAA,CAAgB,aAAA;AAC9C,IAAM,gCAAgC,eAAA,CAAgB,qBAAA;AACtD,IAAM,2BAA2B,eAAA,CAAgB,gBAAA;AACjD,IAAM,6BAA6B,eAAA,CAAgB,kBAAA;;;AC6B1D,IAAM,iBAAA,GAAoC;AAAA,EACxC,8BAAA,EAAgC,+BAAA;AAAA,EAChC,iBAAA,EAAmB,wBAAA;AAAA,EACnB,eAAA,EAAiB,wBAAA;AAAA,EACjB,cAAA,EAAgB;AAClB,CAAA;AAEA,SAAS,MAAM,GAAA,EAAmC;AAChD,EAAA,MAAM,IAAI,WAAA,CAAY,CAAC,QAAQ,GAAG,CAAA,CAAA,EAAI,GAAG,CAAC,CAAA;AAC1C,EAAA,OAAQ,CAAA,IAAK,EAAE,IAAA,EAAK,GAAK,EAAE,IAAA,EAAK,GAAI,kBAAkB,GAAG,CAAA;AAC3D;AAEO,IAAM,eAAA,GAAkC,OAAO,MAAA,CAAO;AAAA,EAC3D,8BAAA,EAAgC,MAAM,gCAAgC,CAAA;AAAA,EACtE,iBAAA,EAAmB,MAAM,mBAAmB,CAAA;AAAA,EAC5C,eAAA,EAAiB,MAAM,iBAAiB,CAAA;AAAA,EACxC,cAAA,EAAgB,MAAM,gBAAgB;AACxC,CAAC,CAAA;AAMM,IAAM,uBAAA,GAAyC,OAAO,MAAA,CAAO;AAAA,EAClE,SAAA,EAAW,QAAA;AAAA,EACX,SAAA,EAAW,sCAAA;AAAA,EACX,UAAA,EAAY;AACd,CAAC,CAAA;AAEM,SAAS,kBAAkB,MAAA,EAA8E;AAC9G,EAAA,IAAI,CAAC,MAAA,EAAQ,OAAO,EAAC;AACrB,EAAA,MAAM,SAAiC,EAAC;AACxC,EAAA,KAAA,MAAW,OAAO,mBAAA,EAAqB;AACrC,IAAA,MAAM,KAAA,GAAQ,OAAO,GAAG,CAAA;AACxB,IAAA,IAAI,KAAA,IAAS,IAAA,IAAQ,OAAO,KAAA,KAAU,QAAA,EAAU;AAC9C,MAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,MAAA,IAAI,OAAA,EAAS,MAAA,CAAO,GAAuB,CAAA,GAAI,OAAA;AAAA,IACjD;AAAA,EACF;AACA,EAAA,OAAO,MAAA;AACT;CAE6D;AAAA,EAC3D,GAAG,eAAA;AAAA,EACH,GAAG;AACL;AAQA,IAAI,mBAA2C,EAAC;AAChD,IAAI,yBAAiD,EAAC;AAEtD,SAAS,YAAA,CAAa,SAAwB,OAAA,EAAuE;AACnH,EAAA,IAAI,GAAA,GAAqB,EAAE,GAAG,IAAA,EAAK;AACnC,EAAA,KAAA,MAAW,OAAO,OAAA,EAAS;AACzB,IAAA,IAAI,CAAC,GAAA,EAAK;AACV,IAAA,KAAA,MAAW,GAAA,IAAO,MAAA,CAAO,IAAA,CAAK,GAAG,CAAA,EAA8B;AAC7D,MAAA,MAAM,KAAA,GAAQ,IAAI,GAAG,CAAA;AACrB,MAAA,IAAI,KAAA,IAAS,IAAA,IAAQ,MAAA,CAAO,KAAK,EAAE,IAAA,EAAK,KAAM,EAAA,EAAI,GAAA,CAAI,GAAG,CAAA,GAAI,MAAA,CAAO,KAAK,EAAE,IAAA,EAAK;AAAA,IAClF;AAAA,EACF;AACA,EAAA,OAAO,GAAA;AACT;AAEA,SAAS,0BAA0B,MAAA,EAAiD;AAClF,EAAA,IAAI,CAAC,MAAA,EAAQ;AACb,EAAA,KAAA,MAAW,OAAO,oBAAA,EAAsB;AACtC,IAAA,IAAI,OAAO,GAAG,CAAA,KAAM,QAAW,MAAM,IAAI,MAAM,wDAAwD,CAAA;AAAA,EACzG;AACF;AAEA,IAAM,gBAAA,GAAmB,IAAI,GAAA,CAAY,oBAAyC,CAAA;AAClF,IAAM,oBAAA,GAA4D;AAAA,EAChE,QAAA,EAAU,WAAA;AAAA,EACV,QAAA,EAAU,WAAA;AAAA,EACV,UAAA,EAAY;AACd,CAAA;AAEA,SAAS,yBAAyB,MAAA,EAAiE;AACjG,EAAA,IAAI,CAAC,QAAQ,OAAO,MAAA;AACpB,EAAA,MAAM,WAAmC,EAAC;AAC1C,EAAA,KAAA,MAAW,CAAC,GAAA,EAAK,GAAG,KAAK,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,EAAG;AAC/C,IAAA,IAAI,OAAO,IAAA,EAAM;AACjB,IAAA,IAAI,gBAAA,CAAiB,GAAA,CAAI,GAAG,CAAA,EAAG;AAC/B,IAAA,MAAM,OAAA,GAAU,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,EAAK;AACjC,IAAA,IAAI,CAAC,OAAA,EAAS;AACd,IAAA,MAAM,MAAA,GAAS,oBAAA,CAAqB,GAAG,CAAA,IAAK,GAAA;AAC5C,IAAA,QAAA,CAAS,MAAM,CAAA,GAAI,OAAA;AAAA,EACrB;AACA,EAAA,MAAM,MAAA,GAAS,kBAAkB,QAAQ,CAAA;AACzC,EAAA,OAAO,MAAA,CAAO,IAAA,CAAK,MAAM,CAAA,CAAE,SAAS,MAAA,GAAS,MAAA;AAC/C;AAMO,SAAS,cAAc,SAAA,EAAgE;AAC5F,EAAA,yBAAA,CAA0B,gBAAoD,CAAA;AAC9E,EAAA,yBAAA,CAA0B,SAAS,CAAA;AACnC,EAAA,MAAM,YAAY,gBAAA,EAAiB;AACnC,EAAA,MAAM,SAAS,aAAA,EAAc;AAC7B,EAAA,MAAM,aAAA,GAAgB,YAAA;AAAA,IACpB,uBAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA,IAAa,MAAA;AAAA,IACb,gBAAA;AAAA,IACA,yBAAyB,SAAS;AAAA,GACpC;AACA,EAAA,MAAM,gBAAA,GAAmB,eAAe,aAAa,CAAA;AACrD,EAAA,OAAO,EAAE,GAAG,eAAA,EAAiB,GAAG,gBAAA,EAAiB;AACnD;AAEO,SAAS,SAAA,GAA4C;AAC1D,EAAA,OAAO,aAAA,EAAc;AACvB;AAEO,SAAS,UAAU,SAAA,EAAqC;AAC7D,EAAA,yBAAA,CAA0B,SAAS,CAAA;AACnC,EAAA,MAAM,SAAA,GAAY,yBAAyB,SAAS,CAAA;AACpD,EAAA,IAAI,WAAW,gBAAA,GAAmB,EAAE,GAAG,gBAAA,EAAkB,GAAG,SAAA,EAAU;AACtE,EAAA,MAAM,EAAE,QAAA,EAAU,WAAA,EAAY,GAAI,SAAA;AAClC,EAAA,IAAI,QAAA,IAAY,IAAA,IAAQ,QAAA,CAAS,IAAA,EAAK,KAAM,EAAA,EAAI,sBAAA,GAAyB,EAAE,GAAG,sBAAA,EAAwB,QAAA,EAAU,QAAA,CAAS,MAAK,EAAE;AAChI,EAAA,IAAI,WAAA,IAAe,IAAA,IAAQ,WAAA,CAAY,IAAA,EAAK,KAAM,EAAA,EAAI,sBAAA,GAAyB,EAAE,GAAG,sBAAA,EAAwB,WAAA,EAAa,WAAA,CAAY,MAAK,EAAE;AAC9I;AAMO,SAAS,oBAAA,GAA6B;AAC3C,EAAA,gBAAA,GAAmB,EAAC;AACpB,EAAA,sBAAA,GAAyB,EAAC;AAC5B;AAMA,SAAS,iBAAA,GAA4B;AACnC,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,EAAA;AAC1C,EAAA,MAAM,CAAA,GAAI,MAAA;AACV,EAAA,MAAM,GAAA,GAAM,CAAA,CAAE,eAAA,IAAmB,CAAA,CAAE,cAAA;AACnC,EAAA,MAAM,KAAK,GAAA,EAAK,QAAA;AAChB,EAAA,IAAI,EAAA,IAAM,IAAA,IAAQ,OAAO,EAAA,KAAO,QAAA,IAAY,GAAG,IAAA,EAAK,EAAG,OAAO,EAAA,CAAG,IAAA,EAAK;AACtE,EAAA,MAAM,QAAA,GAAW,OAAO,QAAA,CAAS,QAAA;AACjC,EAAA,MAAM,WAAW,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA,CAAE,OAAO,OAAO,CAAA;AACnD,EAAA,MAAM,eAAe,CAAC,YAAA,EAAc,YAAY,cAAA,EAAgB,kBAAA,EAAoB,sBAAsB,oBAAoB,CAAA;AAC9H,EAAA,IAAI,QAAA,CAAS,SAAS,CAAA,IAAK,CAAC,aAAa,QAAA,CAAS,QAAA,CAAS,CAAC,CAAC,CAAA,EAAG;AAC9D,IAAA,IAAI,IAAA,GAAO,GAAA,GAAM,QAAA,CAAS,CAAC,CAAA;AAC3B,IAAA,IAAI,IAAA,CAAK,SAAS,GAAG,CAAA,SAAU,IAAA,CAAK,KAAA,CAAM,GAAG,EAAE,CAAA;AAC/C,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,EAAA;AACT;AAEO,SAAS,WAAA,GAAsB;AACpC,EAAA,IAAI,uBAAuB,QAAA,IAAY,IAAA,IAAQ,uBAAuB,QAAA,KAAa,EAAA,SAAW,sBAAA,CAAuB,QAAA;AACrH,EAAA,OAAO,iBAAA,EAAkB;AAC3B;AAMO,SAASC,eAAAA,GAAyB;AACvC,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,IAAA,OAAO,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,SAAA,CAAA;AAAA,EAClC;AACA,EAAA,OAAO,WAAA,CAAY,CAAC,mBAAA,EAAqB,cAAc,CAAC,CAAA,IAAK,gCAAA;AAC/D;AAEO,SAAS,gBAAA,GAA4B;AAC1C,EAAA,OAAO,kBAAiB,KAAM,IAAA,IAAQ,OAAO,IAAA,CAAK,gBAAgB,EAAE,MAAA,GAAS,CAAA;AAC/E;AAMO,IAAM,MAAA,GAAS;AAAA,EACpB,6BAAA,GAAwC;AACtC,IAAA,OAAO,WAAU,CAAE,8BAAA;AAAA,EACrB,CAAA;AAAA,EACA,iBAAA,GAA4B;AAC1B,IAAA,OAAO,WAAU,CAAE,iBAAA;AAAA,EACrB,CAAA;AAAA,EACA,gBAAA,GAA2B;AACzB,IAAA,OAAO,WAAU,CAAE,eAAA;AAAA,EACrB,CAAA;AAAA,EACA,gBAAA,GAA2B;AACzB,IAAA,OAAO,WAAU,CAAE,cAAA;AAAA,EACrB,CAAA;AAAA,EACA,WAAA,GAAsB;AACpB,IAAA,OAAO,WAAU,CAAE,SAAA;AAAA,EACrB,CAAA;AAAA,EACA,WAAA,GAAsB;AACpB,IAAA,OAAO,WAAU,CAAE,SAAA;AAAA,EACrB,CAAA;AAAA,EACA,aAAA,GAAwB;AACtB,IAAA,OAAO,WAAU,CAAE,UAAA;AAAA,EACrB,CAAA;AAAA,EACA,cAAA,GAAyB;AACvB,IAAA,OAAOA,eAAAA,EAAe;AAAA,EACxB,CAAA;AAAA,EACA,WAAA,GAAsB;AACpB,IAAA,OAAO,WAAA,EAAY;AAAA,EACrB,CAAA;AAAA,EACA,gBAAA,GAA4B;AAC1B,IAAA,OAAO,gBAAA,EAAiB;AAAA,EAC1B,CAAA;AAAA,EACA,MAAA,GAA6B;AAC3B,IAAA,MAAM,IAAI,SAAA,EAAU;AACpB,IAAA,OAAO;AAAA,MACL,4BAA4B,CAAA,CAAE,8BAAA;AAAA,MAC9B,gBAAgB,CAAA,CAAE,iBAAA;AAAA,MAClB,eAAe,CAAA,CAAE,eAAA;AAAA,MACjB,eAAe,CAAA,CAAE,cAAA;AAAA,MACjB,UAAU,CAAA,CAAE,SAAA;AAAA,MACZ,UAAU,CAAA,CAAE,SAAA;AAAA,MACZ,YAAY,CAAA,CAAE,UAAA;AAAA,MACd,aAAaA,eAAAA,EAAe;AAAA,MAC5B,UAAU,WAAA;AAAY,KACxB;AAAA,EACF;AACF;CAEkC;AAAA,EAChC,eAAA,EAAiB,OAAO,gBAAA,EAAiB;AAAA,EACzC,SAAA,EAAW,OAAO,WAAA,EAAY;AAAA,EAC9B,SAAA,EAAW,OAAO,WAAA,EAAY;AAAA,EAC9B,UAAA,EAAY,OAAO,aAAA;AACrB;AAMO,SAAS,YAAA,GAA0C;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAO,gBAAA,EAAiB;AAC9C,EAAA,MAAM,QAAA,GAAW,OAAO,WAAA,EAAY;AACpC,EAAA,MAAM,QAAA,GAAW,OAAO,WAAA,EAAY;AACpC,EAAA,MAAM,WAAA,GAAc,OAAO,cAAA,EAAe;AAC1C,EAAA,IAAI;AACF,IAAA,IAAI,IAAI,aAAa,CAAA;AACrB,IAAA,IAAI,IAAI,WAAW,CAAA;AAAA,EACrB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,OAAA,CAAQ,QAAQ,IAAI,CAAA;AAAA,EAC7B;AACA,EAAA,OAAO,QAAQ,OAAA,CAAQ;AAAA,IACrB,aAAA,EAAe,cAAc,IAAA,EAAK;AAAA,IAClC,QAAA,EAAU,SAAS,IAAA,EAAK;AAAA,IACxB,WAAA,EAAa,YAAY,IAAA,EAAK;AAAA,IAC9B,QAAA,EAAU,SAAS,IAAA;AAAK,GACzB,CAAA;AACH;AAEO,SAAS,gBAAA,GAAqC;AACnD,EAAA,MAAM,aAAA,GAAgB,OAAO,gBAAA,EAAiB;AAC9C,EAAA,MAAM,QAAA,GAAW,OAAO,WAAA,EAAY;AACpC,EAAA,MAAM,QAAA,GAAW,OAAO,WAAA,EAAY;AACpC,EAAA,MAAM,WAAA,GAAc,OAAO,cAAA,EAAe;AAC1C,EAAA,IAAI;AACF,IAAA,IAAI,IAAI,aAAa,CAAA;AACrB,IAAA,IAAI,IAAI,WAAW,CAAA;AAAA,EACrB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO;AAAA,IACL,aAAA,EAAe,cAAc,IAAA,EAAK;AAAA,IAClC,QAAA,EAAU,SAAS,IAAA,EAAK;AAAA,IACxB,WAAA,EAAa,YAAY,IAAA,EAAK;AAAA,IAC9B,QAAA,EAAU,SAAS,IAAA;AAAK,GAC1B;AACF;AAEO,SAAS,cAAA,GAA0B;AACxC,EAAA,OAAO,kBAAiB,KAAM,IAAA;AAChC;;;AC5UO,SAAS,YAAY,IAAA,EAAuB;AACjD,EAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,QAAA,EAAU;AACrC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,SAAA,GAAY,iEAAA;AAClB,EAAA,OAAO,SAAA,CAAU,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,CAAA;AACnC;AAOO,SAAS,iBAAiB,QAAA,EAA2E;AAC1G,EAAA,IAAI,CAAC,QAAA,IAAY,QAAA,CAAS,IAAA,OAAW,EAAA,EAAI;AACvC,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,WAAA,CAAY,QAAQ,CAAA,EAAG;AAC1B,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,SAAS,IAAA,EAAK;AACzB;;;ACtBO,SAASC,YAAAA,GAAuB;AACrC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,QAAA,GAAW,OAAA,GACb,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAA,GACnC,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,CAAO,QAAA,CAAS,QAAA,GAAW,EAAA;AAChE,EAAA,OAAO,YAAkB,QAAQ,CAAA;AACnC;AAEO,SAAS,gBAAA,GAAkC;AAChD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAC9C,IAAA,OAAO,uBAAA,CAAwB,GAAA,EAAK,OAAA,CAAQ,cAAA,EAAgB,YAAY,aAAa,CAAA;AAAA,EACvF;AACA,EAAA,OAAO,sBAAA,EAAuB;AAChC;AAEA,SAAS,sBAAA,GAAwC;AAC/C,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,OAAO,aAAA,EAAc;AAC/D,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,cAAc,CAAC,CAAA;AAC/D,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AAC7C,MAAA,IAAI,YAAY,SAAA,EAAW,IAAA,IAAQ,OAAO,WAAA,CAAY,UAAU,IAAA,EAAK;AAAA,IACvE;AACA,IAAA,MAAM,MAAA,GAAS,UAAA,CAAW,aAAA,CAAc,YAAY,CAAC,CAAA;AACrD,IAAA,IAAI,MAAA,EAAQ,IAAA,EAAK,EAAG,OAAO,OAAO,IAAA,EAAK;AACvC,IAAA,MAAM,SAAA,GAAY,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AAC5D,IAAA,MAAM,CAAA,GAAI,SAAA,CAAU,GAAA,CAAI,GAAG,CAAA;AAC3B,IAAA,IAAI,CAAA,EAAG,IAAA,EAAK,EAAG,OAAO,EAAE,IAAA,EAAK;AAC7B,IAAA,MAAM,QAAA,GAAW,OAAO,QAAA,CAAS,QAAA;AACjC,IAAA,MAAM,KAAA,GAAQ,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA;AAChC,IAAA,IAAI,MAAM,MAAA,IAAU,CAAA,IAAK,KAAA,CAAM,CAAC,KAAK,KAAA,CAAM,CAAC,CAAA,CAAE,WAAA,OAAkB,YAAA,EAAc,OAAO,KAAA,CAAM,CAAC,EAAE,IAAA,EAAK;AACnG,IAAA,OAAO,OAAO,aAAA,EAAc;AAAA,EAC9B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,OAAO,aAAA,EAAc;AAAA,EAC9B;AACF;AAEO,SAAS,aAAA,GAAyB;AACvC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,SAAS,OAAO,oBAAA,CAAqB,OAAA,CAAQ,WAAA,CAAY,eAAe,CAAA;AAC5E,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,KAAA;AAC1C,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AACzD,EAAA,OAAO,OAAO,GAAA,CAAI,MAAM,CAAA,IAAK,MAAA,CAAO,IAAI,OAAO,CAAA;AACjD;;;AC1DO,IAAM,cAAA,GAAiB;AAAA,EAC5B,aAAA,EAAe,eAAA;AAAA,EACf,aAAA,EAAe,eAAA;AAAA,EACf,YAAA,EAAc,cAAA;AAAA,EACd,gBAAA,EAAkB,kBAAA;AAAA,EAClB,eAAA,EAAiB,iBAAA;AAAA,EACjB,qBAAA,EAAuB,uBAAA;AAAA,EACvB,oBAAA,EAAsB,sBAAA;AAAA,EACtB,eAAA,EAAiB,iBAAA;AAAA,EACjB,gBAAA,EAAkB,kBAAA;AAAA,EAClB,wBAAA,EAA0B,0BAAA;AAAA,EAC1B,kBAAA,EAAoB;AACtB;AAgBA,IAAI,SAAA,uBAA6B,GAAA,EAAI;AAErC,SAAS,YAAY,KAAA,EAA6C;AAChE,EAAA,IAAI,GAAA,GAAM,SAAA,CAAU,GAAA,CAAI,KAAK,CAAA;AAC7B,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,GAAA,uBAAU,GAAA,EAAI;AACd,IAAA,SAAA,CAAU,GAAA,CAAI,OAAO,GAAG,CAAA;AAAA,EAC1B;AACA,EAAA,OAAO,GAAA;AACT;AAEA,SAAS,mBAAA,GAA6C;AACpD,EAAA,IAAI,GAAA,GAAM,SAAA,CAAU,GAAA,CAAI,GAAG,CAAA;AAC3B,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,GAAA,uBAAU,GAAA,EAAI;AACd,IAAA,SAAA,CAAU,GAAA,CAAI,KAAK,GAAG,CAAA;AAAA,EACxB;AACA,EAAA,OAAO,GAAA;AACT;AAEO,SAAS,aAAA,CAAc,OAAsB,OAAA,EAAkC;AACpF,EAAA,MAAM,QAAA,GAAW,YAAY,KAAK,CAAA;AAClC,EAAA,MAAM,WAAW,mBAAA,EAAoB;AACrC,EAAA,MAAM,CAAA,GAAI,WAAW,EAAC;AACtB,EAAA,QAAA,CAAS,OAAA,CAAQ,CAAC,EAAA,KAAO;AACvB,IAAA,IAAI;AACF,MAAA,EAAA,CAAG,CAAC,CAAA;AAAA,IACN,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF,CAAC,CAAA;AACD,EAAA,QAAA,CAAS,OAAA,CAAQ,CAAC,EAAA,KAAO;AACvB,IAAA,IAAI;AACF,MAAA,EAAA,CAAG,EAAE,GAAG,CAAA,EAAG,KAAA,EAAO,CAAA;AAAA,IACpB,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF,CAAC,CAAA;AACH;AAEO,SAAS,kBAAA,CACd,OACA,OAAA,EACY;AACZ,EAAA,MAAM,MAAM,KAAA,KAAU,GAAA,GAAM,mBAAA,EAAoB,GAAI,YAAY,KAAK,CAAA;AACrE,EAAA,GAAA,CAAI,IAAI,OAAO,CAAA;AACf,EAAA,OAAO,MAAM,GAAA,CAAI,MAAA,CAAO,OAAO,CAAA;AACjC;;;ACzEA,IAAM,qBAAA,GAAwB,CAAA;AAC9B,IAAM,YAAY,EAAA,GAAK,GAAA;AAEvB,IAAI,aAAA,GAAgB,CAAA;AACpB,IAAI,eAAA,GAAkB,CAAA;AA2Bf,SAAS,sBAAA,GAA+B;AAC7C,EAAA,aAAA,GAAgB,CAAA;AAChB,EAAA,eAAA,GAAkB,CAAA;AACpB;AAEO,SAAS,yBAAA,CAA0B,cAAsB,qBAAA,EAAgC;AAC9F,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,IAAI,GAAA,GAAM,kBAAkB,SAAA,EAAW;AACrC,IAAA,aAAA,GAAgB,CAAA;AAChB,IAAA,eAAA,GAAkB,GAAA;AAAA,EACpB;AACA,EAAA,IAAI,iBAAiB,WAAA,EAAa;AAChC,IAAA,aAAA,CAAc,eAAe,kBAAA,EAAoB;AAAA,MAC/C,OAAA,EAAS,2BAA2B,WAAW,CAAA,UAAA;AAAA,KAChD,CAAA;AACD,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,aAAA,EAAA;AACA,EAAA,OAAO,IAAA;AACT;;;AC3BO,SAAS,kBAAkB,MAAA,EAA4B;AAC5D,EAAA,MAAM,UAAA,GAAa,gBAAA,CAAiB,MAAA,CAAO,QAAQ,CAAA;AACnD,EAAA,IAAI,CAAC,WAAW,OAAA,EAAS;AACvB,IAAA,MAAA,CAAO,KAAK,6BAAA,EAA+B,EAAE,QAAA,EAAU,MAAA,CAAO,UAAU,CAAA;AAAA,EAC1E;AAEA,EAAA,UAAA,CAAW,YAAA,CAAa,aAAA,EAAe,MAAA,CAAO,UAAU,CAAA;AACxD,EAAA,UAAA,CAAW,YAAA,CAAa,QAAA,EAAU,MAAA,CAAO,MAAA,CAAO,QAAQ,CAAA;AAExD,EAAA,UAAA,CAAW,YAAA,CAAa,WAAA,EAAa,MAAA,CAAO,cAAA,EAAgB,CAAA;AAC5D,EAAA,UAAA,CAAW,YAAA,CAAa,QAAA,EAAU,MAAA,CAAO,QAAQ,CAAA;AACjD,EAAA,IAAI,OAAO,SAAA,EAAW;AACpB,IAAA,UAAA,CAAW,YAAA,CAAa,SAAA,EAAW,MAAA,CAAO,SAAS,CAAA;AAAA,EACrD;AACF;AAEA,eAAsB,iBAAiB,MAAA,EAAqC;AAC1E,EAAA,IAAI;AACF,IAAA,MAAA,CAAO,KAAK,qCAAqC,CAAA;AAEjD,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,IAAI,KAAA,IAAS,CAAC,oBAAA,EAAqB,EAAG;AACpC,MAAA,MAAA,CAAO,MAAM,gDAAgD,CAAA;AAC7D,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,eAAc,EAAG;AACnB,MAAA,MAAA,CAAO,MAAM,yEAAyE,CAAA;AACtF,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,kBAAiB,EAAG;AACtB,MAAA,IAAI,eAAA,CAAgB,GAAI,CAAA,EAAG;AACzB,QAAA,MAAA,CAAO,KAAK,wDAAwD,CAAA;AACpE,QAAA,cAAA,EAAe;AAAA,MACjB,CAAA,MAAO;AACL,QAAA,MAAA,CAAO,MAAM,qEAAqE,CAAA;AAClF,QAAA;AAAA,MACF;AAAA,IACF;AAEA,IAAA,YAAA,EAAa;AAEb,IAAA,IACE,CAAC,MAAA,EAAQ,UAAA,IACT,CAAC,MAAA,CAAO,QAAQ,QAAA,IAChB,CAAC,MAAA,CAAO,MAAA,EAAQ,WAAA,EAChB;AACA,MAAA,MAAM,IAAI,MAAM,4CAA4C,CAAA;AAAA,IAC9D;AAEA,IAAA,iBAAA,CAAkB,MAAM,CAAA;AAExB,IAAA,MAAM,eAAe,oBAAA,EAAqB;AAC1C,IAAA,MAAM,aAAA,GAAgB,MAAM,qBAAA,CAAsB,YAAY,CAAA;AAC9D,IAAA,MAAM,QAAQ,aAAA,EAAc;AAE5B,IAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,IAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,IAAA,UAAA,CAAW,YAAA,CAAa,cAAc,YAAY,CAAA;AAClD,IAAA,UAAA,CAAW,YAAA,CAAa,OAAO,KAAK,CAAA;AAEpC,IAAA,MAAM,OAAA,GAAU,qBAAA,CAAsB,MAAA,EAAQ,aAAA,EAAe,KAAK,CAAA;AAElE,IAAA,IACE,CAAC,OAAA,IACD,EAAE,OAAA,CAAQ,UAAA,CAAW,SAAS,CAAA,IAAK,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,CAAA,EAChE;AACA,MAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,IACvD;AAEA,IAAA,IAAI,CAAC,2BAA0B,EAAG;AAChC,MAAA,MAAA,CAAO,KAAK,0DAA0D,CAAA;AACtE,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,MAAA,CAAO,KAAK,qCAAqC,CAAA;AACjD,IAAA,aAAA,CAAc,eAAe,aAAA,EAAe,EAAE,SAAA,EAAW,MAAA,CAAO,WAAW,CAAA;AAE3E,IAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,IAAA,IAAI,OAAA,EAAS,OAAA,CAAQ,WAAA,CAAY,QAAA,CAAS,OAAO,CAAA;AAAA,SAAA,IACxC,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAA,CAAS,QAAQ,OAAO,CAAA;AAAA,EACzE,SAAS,KAAA,EAAO;AACd,IAAA,cAAA,EAAe;AACf,IAAA,MAAA,CAAO,MAAM,8BAAA,EAAgC;AAAA,MAC3C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AACF;AAEA,SAAS,qBAAA,CACP,MAAA,EACA,aAAA,EACA,KAAA,EACQ;AACR,EAAA,IAAIA,cAAY,EAAG;AACjB,IAAA,MAAA,CAAO,MAAM,4BAAA,EAA8B;AAAA,MACzC,YAAY,MAAA,CAAO,UAAA;AAAA,MACnB,QAAA,EAAU,OAAO,MAAA,CAAO,QAAA;AAAA,MACxB,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,MAC3B,MAAA,EAAQ,OAAO,MAAA,CAAO;AAAA,KACvB,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,YAAA,CAAa,QAAQ,CAAA;AACvD,EAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,YAAA,CAAa,QAAQ,CAAA;AAEvD,EAAA,MAAM,aAAA,GAAgB,kBAAkB,MAAA,CAAO,QAAA;AAC/C,EAAA,MAAM,aAAA,GAAgB,cAAA,IAAkB,MAAA,CAAO,MAAA,CAAO,QAAA;AAEtD,EAAA,MAAM,gBAAA,GAAmB,OAAO,cAAA,EAAe;AAE/C,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,IACjC,SAAA,EAAW,UAAU,aAAa,CAAA,CAAA;AAAA,IAClC,SAAA,EAAW,aAAA;AAAA,IACX,YAAA,EAAc,gBAAA;AAAA,IACd,aAAA,EAAe,qBAAA;AAAA,IACf,KAAA,EAAO,OAAO,MAAA,CAAO,MAAA;AAAA,IACrB,KAAA;AAAA,IACA,cAAA,EAAgB,aAAA;AAAA,IAChB,qBAAA,EAAuB;AAAA,GACxB,CAAA;AAED,EAAA,OAAO,GAAG,MAAA,CAAO,UAAU,CAAA,mBAAA,EAAsB,MAAA,CAAO,UAAU,CAAA,CAAA;AACpE;;;AC/HA,SAAS,YAAY,SAAA,EAAgC;AACnD,EAAA,MAAM,SAAA,GAAY,UAAU,UAAA,IAAc,IAAA;AAC1C,EAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA,GAAY,GAAA;AAE3C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,OAAA,CAAQ,aAAA,CAAc;AAAA,MACpB,aAAa,SAAA,CAAU,YAAA;AAAA,MACvB,cAAc,SAAA,CAAU,aAAA;AAAA,MACxB;AAAA,KACD,CAAA;AAAA,EACH;AACA,EAAA,UAAA,CAAW,YAAA,CAAa,WAAA,EAAa,SAAA,CAAU,YAAY,CAAA;AAC3D,EAAA,UAAA,CAAW,YAAA,CAAa,YAAA,EAAc,SAAA,CAAU,aAAa,CAAA;AAC7D,EAAA,UAAA,CAAW,YAAA,CAAa,SAAA,EAAW,SAAA,CAAU,QAAA,EAAU,CAAA;AAEvD,EAAA,IAAIA,cAAY,EAAG;AACjB,IAAA,MAAA,CAAO,MAAM,4BAAA,EAA8B;AAAA,MACzC,SAAA,EAAW,IAAI,IAAA,CAAK,SAAS,EAAE,WAAA,EAAY;AAAA,MAC3C;AAAA,KACD,CAAA;AAAA,EACH,CAAA,MAAO;AACL,IAAA,MAAA,CAAO,KAAK,4BAA4B,CAAA;AAAA,EAC1C;AACF;AAEA,eAAsB,sBAAsB,MAAA,EAAqD;AAC/F,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,IAAA,EAAM,YAAA,EAAc,QAAA,EAAU,aAAY,GAAI,MAAA;AACtD,IAAA,MAAM,cAAA,GAAiB,OAAO,iBAAA,EAAkB;AAChD,IAAA,MAAM,QAAA,GAAW,GAAG,cAAc,CAAA,YAAA,CAAA;AAElC,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,wBAAA;AAAA,MACZ,IAAA;AAAA,MACA,SAAA,EAAW,UAAU,QAAQ,CAAA,CAAA;AAAA,MAC7B,YAAA,EAAc,WAAA;AAAA,MACd,aAAA,EAAe;AAAA,KAChB,CAAA;AAED,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,EAAU;AAAA,MACrC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,mCAAA,EAAoC;AAAA,MAC/D,IAAA,EAAM,KAAK,QAAA;AAAS,KACrB,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,YAAA,GAAe,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AAC3D,MAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,QACpC,QAAQ,QAAA,CAAS,MAAA;AAAA,QACjB,YAAY,QAAA,CAAS,UAAA;AAAA,QACrB,YAAA;AAAA,QACA,UAAA,EAAY;AAAA,OACb,CAAA;AACD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,0BAA0B,QAAA,CAAS,MAAM,IAAI,QAAA,CAAS,UAAU,GAAG,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,CAAE,SAAS,CAAA,GAAA,EAAM,IAAA,CAAK,UAAU,YAAY,CAAC,KAAK,EAAE,CAAA;AAAA,OACjJ;AAAA,IACF;AAEA,IAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,EAAK;AAEvC,IAAA,IAAI,CAAC,UAAU,YAAA,IAAgB,CAAC,UAAU,aAAA,IAAiB,CAAC,UAAU,UAAA,EAAY;AAChF,MAAA,MAAA,CAAO,MAAM,iCAAiC,CAAA;AAC9C,MAAA,MAAM,IAAI,MAAM,wBAAwB,CAAA;AAAA,IAC1C;AAEA,IAAA,WAAA,CAAY,SAAS,CAAA;AACrB,IAAA,OAAO,SAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,SAAA,GAAY,KAAA,YAAiB,KAAA,IAAS,KAAA,CAAM,IAAA,KAAS,YAAA;AAC3D,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,MAAA,CAAO,KAAK,iFAAiF,CAAA;AAC7F,MAAA,MAAM,gBAAgB,cAAA,EAAqB;AAC3C,MAAA,IAAI,aAAA,IAAiB,CAAC,oBAAA,EAAqB,EAAG;AAC5C,QAAA,OAAO;AAAA,UACL,YAAA,EAAc,aAAA;AAAA,UACd,aAAA,EAAe,iBAAgB,IAAK,EAAA;AAAA,UACpC,UAAA,EAAY;AAAA,SACd;AAAA,MACF;AACA,MAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,IACvD;AACA,IAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,MACpC,SAAS,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC/D,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AACF;AAEA,IAAI,cAAA,GAAyC,IAAA;AAE7C,eAAsB,kBAAA,GAAsC;AAC1D,EAAA,IAAI,gBAAgB,OAAO,cAAA;AAE3B,EAAA,cAAA,GAAA,CAAkB,YAA6B;AAC7C,IAAA,IAAI;AACF,MAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,MAAA,MAAM,WAAW,WAAA,EAAY;AAC7B,MAAA,MAAM,WAAW,WAAA,EAAY;AAE7B,MAAA,MAAA,CAAO,MAAM,gCAAA,EAAkC;AAAA,QAC7C,eAAA,EAAiB,CAAC,CAAC,YAAA;AAAA,QACnB,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,IAAI,CAAC,YAAA,IAAgB,CAAC,QAAA,IAAY,CAAC,QAAA,EAAU;AAC3C,QAAA,MAAA,CAAO,MAAM,6CAAA,EAA+C;AAAA,UAC1D,eAAA,EAAiB,CAAC,CAAC,YAAA;AAAA,UACnB,WAAA,EAAa,CAAC,CAAC,QAAA;AAAA,UACf,WAAA,EAAa,CAAC,CAAC;AAAA,SAChB,CAAA;AACD,QAAA,MAAM,IAAI,MAAM,6CAA6C,CAAA;AAAA,MAC/D;AAEA,MAAA,MAAM,cAAA,GAAiB,OAAO,iBAAA,EAAkB;AAChD,MAAA,MAAM,QAAA,GAAW,GAAG,cAAc,CAAA,cAAA,CAAA;AAElC,MAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,QAC/B,UAAA,EAAY,0BAAA;AAAA,QACZ,aAAA,EAAe,YAAA;AAAA,QACf,WAAW,QAAA,CAAS,UAAA,CAAW,SAAS,CAAA,GAAI,QAAA,GAAW,UAAU,QAAQ,CAAA,CAAA;AAAA,QACzE,SAAA,EAAW;AAAA,OACZ,CAAA;AAED,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,EAAU;AAAA,QACrC,MAAA,EAAQ,MAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,cAAA,EAAgB,mCAAA;AAAA,UAChB,QAAA,EAAU;AAAA,SACZ;AAAA,QACA,IAAA,EAAM,KAAK,QAAA;AAAS,OACrB,CAAA;AAED,MAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,QAAA,MAAM,YAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AAC5D,QAAA,MAAM,0BACJ,QAAA,CAAS,MAAA,KAAW,OACnB,YAAA,EAAc,KAAA,KAAU,mBACxB,OAAO,YAAA,EAAc,sBAAsB,QAAA,KACzC,YAAA,CAAa,kBAAkB,QAAA,CAAS,SAAS,KAAK,YAAA,CAAa,iBAAA,CAAkB,SAAS,SAAS,CAAA,CAAA;AAE5G,QAAA,IAAI,uBAAA,EAAyB;AAC3B,UAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,UAAA,aAAA,CAAc,aAAa,WAAW,CAAA;AACtC,UAAA,aAAA,CAAc,aAAa,SAAS,CAAA;AACpC,UAAA,aAAA,CAAc,eAAe,oBAAA,EAAsB;AAAA,YACjD,KAAA,EAAO,kCAAA;AAAA,YACP,SAAS,MAAA,CAAO,YAAA,EAAc,iBAAA,IAAqB,YAAA,EAAc,SAAS,sBAAsB;AAAA,WACjG,CAAA;AAAA,QACH;AAEA,QAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB;AAAA,UACnC,QAAQ,QAAA,CAAS,MAAA;AAAA,UACjB,YAAY,QAAA,CAAS,UAAA;AAAA,UACrB,YAAA;AAAA,UACA,UAAA,EAAY;AAAA,SACb,CAAA;AACD,QAAA,MAAM,IAAI,KAAA;AAAA,UACR,yBAAyB,QAAA,CAAS,MAAM,IAAI,QAAA,CAAS,UAAU,GAAG,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,CAAE,SAAS,CAAA,GAAA,EAAM,IAAA,CAAK,UAAU,YAAY,CAAC,KAAK,EAAE,CAAA;AAAA,SAChJ;AAAA,MACF;AAEA,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,EAAK;AAEvC,MAAA,IAAI,CAAC,SAAA,CAAU,YAAA,IAAgB,CAAC,UAAU,aAAA,EAAe;AACvD,QAAA,MAAA,CAAO,MAAM,yCAAyC,CAAA;AACtD,QAAA,MAAM,IAAI,MAAM,gCAAgC,CAAA;AAAA,MAClD;AAEA,MAAA,WAAA,CAAY,SAAS,CAAA;AACrB,MAAA,aAAA,CAAc,eAAe,qBAAqB,CAAA;AAClD,MAAA,OAAO,SAAA,CAAU,YAAA;AAAA,IACnB,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,iBAAiB,KAAA,EAAO;AAC1B,QAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB,EAAE,OAAA,EAAS,KAAA,CAAM,SAAS,CAAA;AAC/D,QAAA,aAAA,CAAc,eAAe,oBAAA,EAAsB,EAAE,KAAA,EAAO,KAAA,CAAM,SAAS,CAAA;AAAA,MAC7E;AACA,MAAA,MAAM,KAAA;AAAA,IACR,CAAA,SAAE;AACA,MAAA,cAAA,GAAiB,IAAA;AAAA,IACnB;AAAA,EACF,CAAA,GAAG;AAEH,EAAA,OAAO,cAAA;AACT;ACnLA,SAAS,WAAA,GAAuB;AAC9B,EAAA,OAAO,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AAC7D;AAEA,SAAS,YAAA,GAAwB;AAC/B,EAAA,OAAO,oBAAA,EAAqB;AAC9B;AAEA,SAAS,cAAA,GAAuB;AAC9B,EAAA,qBAAA,EAAsB;AACxB;AAEA,SAAS,aAAA,GAAsB;AAC7B,EAAA,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAA,EAAG,MAAM,CAAA;AACtD,EAAA,uBAAA,EAAwB;AAC1B;AAEA,SAAS,eAAA,GAAwB;AAC/B,EAAA,uBAAA,EAAwB;AACxB,EAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACnD;AAEA,IAAI,UAAA,GAAa,KAAA;AAEjB,SAAS,QAAA,GAAiB;AACxB,EAAA,IAAI,UAAA,EAAY;AAChB,EAAA,IAAI,cAAa,EAAG;AACpB,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,KAAA,GAAQ,OAAA,GACV,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,MAAM,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAQ,CAAA,CAAA,GAC3F,OAAO,MAAA,KAAW,WAAA,GAAc,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA,CAAA,GAAK,GAAA;AAC9F,EAAA,IAAI,OAAA,EAAS,OAAA,CAAQ,WAAA,CAAY,QAAA,CAAS,KAAK,CAAA;AAAA,OAAA,IACtC,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAA,CAAS,QAAQ,KAAK,CAAA;AACrE,EAAA,UAAA,GAAa,IAAA;AACf;AAEA,SAAS,YAAA,GAAqB;AAC5B,EAAA,IAAI,UAAA,EAAY;AAChB,EAAA,IAAI,cAAa,EAAG;AACpB,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,KAAA,GAAQ,OAAA,GACV,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,MAAM,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAQ,CAAA,CAAA,GAC3F,OAAO,MAAA,KAAW,WAAA,GAAc,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA,CAAA,GAAK,GAAA;AAC9F,EAAA,IAAI,OAAA,EAAS,OAAA,CAAQ,WAAA,CAAY,YAAA,CAAa,KAAK,CAAA;AAAA,OAAA,IAC1C,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAQ,YAAA,CAAa,EAAC,EAAG,OAAO,QAAA,KAAa,WAAA,GAAc,QAAA,CAAS,KAAA,GAAQ,IAAI,KAAK,CAAA;AACpI,EAAA,UAAA,GAAa,IAAA;AACf;AAEA,SAAS,iBAAA,GAA0B;AACjC,EAAA,aAAA,CAAc,aAAA,CAAc,aAAa,CAAC,CAAA;AAC1C,EAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,EAAA,cAAA,EAAe;AACjB;AAEA,eAAsB,cAAA,GAAmC;AACvD,EAAA,IAAI,aAAY,EAAG;AACjB,IAAA,MAAA,CAAO,MAAM,8EAA8E,CAAA;AAC3F,IAAA,IAAI,eAAc,EAAG;AACnB,MAAA,IAAI,CAAC,YAAA,EAAa,EAAG,YAAA,EAAa;AAAA,IACpC;AACA,IAAA,cAAA,EAAe;AACf,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,cAAa,EAAG;AAClB,IAAA,MAAA,CAAO,MAAM,kEAAkE,CAAA;AAC/E,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,UAAA,CAAW,aAAA,CAAc,aAAa,CAAC,MAAM,MAAA,EAAQ;AACvD,IAAA,MAAA,CAAO,KAAK,oEAA+D,CAAA;AAC3E,IAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,IAAA,IAAI,WAAW,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAQ,YAAA,EAAa;AAAA,SAAA,IAC/D,OAAO,MAAA,KAAW,WAAA,IAAe,MAAA,CAAO,QAAA,CAAS,QAAQ,YAAA,EAAa;AAC/E,IAAA,iBAAA,EAAkB;AAClB,IAAA,eAAA,EAAgB;AAChB,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,kBAAkB,YAAA,EAAa;AACrC,EAAA,IAAI,gBAAA,GAAkC,IAAA;AACtC,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,cAAc,CAAC,CAAA;AAC/D,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AAC7C,MAAA,gBAAA,GAAmB,YAAY,SAAA,IAAa,IAAA;AAAA,IAC9C;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,IAAI,CAAC,kBAAkB,gBAAA,GAAmB,eAAA;AAE1C,EAAA,IAAI,gBAAA,IAAoB,eAAA,IAAmB,gBAAA,KAAqB,eAAA,EAAiB;AAC/E,IAAA,MAAA,CAAO,KAAK,8DAA8D,CAAA;AAC1E,IAAA,eAAA,EAAgB;AAChB,IAAA,iBAAA,EAAkB;AAClB,IAAA,eAAA,EAAgB;AAChB,IAAA,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAA,EAAG,MAAM,CAAA;AACnD,IAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAG,gBAAgB,CAAA;AAC5D,IAAA,YAAA,CAAa,gBAAgB,CAAA;AAC7B,IAAA,IAAI,aAAA,IAAiB,YAAA,EAAa;AAClC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,aAAA,EAAc,EAAG,OAAO,KAAA;AAE7B,EAAA,cAAA,EAAe;AACf,EAAA,cAAA,EAAe;AACf,EAAA,UAAA,GAAa,KAAA;AAEb,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,cAAA,EAAe,EAAG,WAAA,CAAY,aAAA,EAAc,CAAE,MAAA,KAAW,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,EAAA,CAAA;AACjI,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAM,CAAA;AACzC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,GAAA,CAAI,MAAM,CAAA;AAC9B,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AAChC,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AAEhC,IAAA,IAAI,KAAA,IAAS,CAAC,IAAA,IAAQ,CAAC,KAAA,EAAO;AAC5B,MAAA,MAAA,CAAO,MAAM,+BAAA,EAAiC,EAAE,KAAA,EAAO,IAAA,EAAM,OAAO,CAAA;AACpE,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,MAAM,cAAc,QAAA,EAAS;AAC7B,IAAA,IAAI,CAAC,WAAA,IAAe,WAAA,KAAgB,KAAA,EAAO;AACzC,MAAA,MAAM,0BAA0B,gBAAA,EAAiB;AACjD,MAAA,IAAI,wBAAA,GAA0C,IAAA;AAC9C,MAAA,IAAI;AACF,QAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,cAAc,CAAC,CAAA;AAC/D,QAAA,IAAI,cAAA,EAAgB;AAClB,UAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AAC7C,UAAA,wBAAA,GAA2B,YAAY,SAAA,IAAa,IAAA;AAAA,QACtD;AAAA,MACF,CAAA,CAAA,MAAQ;AAAA,MAER;AACA,MAAA,MAAM,gBAAA,GAAmB,uBAAA,IAA2B,wBAAA,IAA4B,uBAAA,KAA4B,wBAAA;AAC5G,MAAA,IAAI,gBAAA,EAAkB;AACpB,QAAA,MAAA,CAAO,KAAK,wFAAwF,CAAA;AAAA,MACtG,CAAA,MAAO;AACL,QAAA,MAAA,CAAO,MAAM,6CAA6C,CAAA;AAAA,MAC5D;AACA,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAG,MAAM,CAAA;AAClD,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAA,CAAO,MAAM,uBAAuB,CAAA;AACpC,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,MAAM,WAAW,WAAA,EAAY;AAC7B,IAAA,MAAM,cAAc,cAAA,EAAe;AACnC,IAAA,MAAM,WAAW,WAAA,EAAY;AAE7B,IAAA,IAAI,CAAC,QAAA,IAAY,CAAC,WAAA,IAAe,CAAC,QAAA,EAAU;AAC1C,MAAA,MAAA,CAAO,MAAM,sCAAsC,CAAA;AACnD,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAGA,IAAA,MAAM,gBAAgB,cAAA,EAAe;AACrC,IAAA,IAAI,aAAA,IAAiB,CAAC,oBAAA,EAAqB,EAAG;AAC5C,MAAA,MAAA,CAAO,MAAM,qDAAqD,CAAA;AAClE,MAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,MAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,MAAA,iBAAA,EAAkB;AAClB,MAAA,aAAA,EAAc;AACd,MAAA,QAAA,EAAS;AACT,MAAA,sBAAA,EAAuB;AACvB,MAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAM,SAAA,GAAY,MAAM,qBAAA,CAAsB;AAAA,MAC5C,IAAA;AAAA,MACA,YAAA;AAAA,MACA,QAAA;AAAA,MACA,WAAA;AAAA,MACA;AAAA,KACD,CAAA;AAED,IAAA,IAAI,CAAC,WAAW,YAAA,EAAc;AAC5B,MAAA,MAAA,CAAO,MAAM,yCAAyC,CAAA;AACtD,MAAA,eAAA,EAAgB;AAChB,MAAA,iBAAA,EAAkB;AAClB,MAAA,YAAA,EAAa;AACb,MAAA,aAAA,CAAc,cAAA,CAAe,eAAA,EAAiB,EAAE,OAAA,EAAS,4BAA4B,CAAA;AACrF,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,IAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,IAAA,iBAAA,EAAkB;AAClB,IAAA,aAAA,EAAc;AACd,IAAA,QAAA,EAAS;AAET,IAAA,MAAA,CAAO,KAAK,uCAAuC,CAAA;AACnD,IAAA,sBAAA,EAAuB;AACvB,IAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,IAAA,OAAO,IAAA;AAAA,EACT,SAAS,GAAA,EAAK;AACZ,IAAA,IAAIC,sBAAA,CAAM,YAAA,CAAa,GAAG,CAAA,EAAG;AAC3B,MAAA,MAAM,MAAA,GAAS,IAAI,QAAA,EAAU,MAAA;AAC7B,MAAA,MAAM,YAAA,GAAe,IAAI,QAAA,EAAU,IAAA;AACnC,MAAA,MAAM,YAAY,YAAA,EAAc,KAAA;AAChC,MAAA,MAAM,gBAAA,GAAmB,YAAA,EAAc,iBAAA,IAAqB,YAAA,EAAc,OAAA,IAAW,EAAA;AAErF,MAAA,IACE,MAAA,KAAW,OACX,SAAA,KAAc,eAAA,KACb,OAAO,gBAAgB,CAAA,CAAE,SAAS,cAAc,CAAA,IAChD,OAAO,gBAAgB,CAAA,CAAE,SAAS,gBAAgB,CAAA,IAClD,OAAO,gBAAgB,CAAA,CAAE,QAAA,CAAS,uBAAuB,CAAA,CAAA,EAC1D;AACA,QAAA,MAAMC,iBAAgB,cAAA,EAAe;AACrC,QAAA,MAAMC,WAAAA,GAAaD,cAAAA,IAAiB,CAAC,oBAAA,EAAqB;AAC1D,QAAA,IAAIC,WAAAA,EAAY;AACd,UAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,UAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,UAAA,iBAAA,EAAkB;AAClB,UAAA,aAAA,EAAc;AACd,UAAA,YAAA,EAAa;AACb,UAAA,MAAA,CAAO,KAAK,6EAA6E,CAAA;AACzF,UAAA,sBAAA,EAAuB;AACvB,UAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF;AAEA,MAAA,aAAA,CAAc,eAAe,eAAA,EAAiB;AAAA,QAC5C,OAAO,GAAA,CAAI,OAAA;AAAA,QACX,OAAA,EAAS,YAAA,EAAc,iBAAA,IAAqB,GAAA,CAAI;AAAA,OACjD,CAAA;AACD,MAAA,MAAA,CAAO,MAAM,qCAAA,EAAuC;AAAA,QAClD,MAAA;AAAA,QACA,UAAA,EAAY,IAAI,QAAA,EAAU,UAAA;AAAA,QAC1B,YAAA,EAAc,IAAI,QAAA,EAAU,IAAA;AAAA,QAC5B,SAAS,GAAA,CAAI,OAAA;AAAA,QACb,GAAA,EAAK,IAAI,MAAA,EAAQ;AAAA,OAClB,CAAA;AAAA,IACH,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,QACpC,OAAO,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,OAAO,GAAG;AAAA,OACvD,CAAA;AAAA,IACH;AAEA,IAAA,iBAAA,EAAkB;AAClB,IAAA,MAAM,gBAAgB,cAAA,EAAe;AACrC,IAAA,MAAM,UAAA,GAAa,aAAA,IAAiB,CAAC,oBAAA,EAAqB;AAC1D,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,sBAAA,EAAuB;AACvB,MAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,aAAA,CAAc,eAAe,eAAA,EAAiB;AAAA,MAC5C,OAAO,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,OAAO,GAAG;AAAA,KACvD,CAAA;AACD,IAAA,eAAA,EAAgB;AAChB,IAAA,IAAI,aAAA,IAAiB,YAAA,EAAa;AAClC,IAAA,OAAO,KAAA;AAAA,EACT;AACF;;;ACtTA,IAAM,cAAA,GAAiB,IAAI,EAAA,GAAK,GAAA;AASzB,IAAM,oBAAN,MAAwB;AAAA,EAK7B,WAAA,CAAY,QAAgB,cAAA,EAAgB;AAJ5C,IAAA,IAAA,CAAiB,KAAA,uBAAY,GAAA,EAAwB;AACrD,IAAA,IAAA,CAAiB,QAAA,uBAAe,GAAA,EAA0C;AAIxE,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA,EAEA,IAAI,SAAA,EAAwC;AAC1C,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,SAAS,CAAA;AACtC,IAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AACnB,IAAA,IAAI,IAAA,CAAK,GAAA,EAAI,IAAK,KAAA,CAAM,SAAA,EAAW;AACjC,MAAA,IAAA,CAAK,KAAA,CAAM,OAAO,SAAS,CAAA;AAC3B,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,OAAO,KAAA,CAAM,MAAA;AAAA,EACf;AAAA,EAEA,GAAA,CAAI,WAAmB,MAAA,EAA4B;AACjD,IAAA,IAAA,CAAK,KAAA,CAAM,IAAI,SAAA,EAAW;AAAA,MACxB,MAAA;AAAA,MACA,SAAA,EAAW,IAAA,CAAK,GAAA,EAAI,GAAI,IAAA,CAAK;AAAA,KAC9B,CAAA;AAAA,EACH;AAAA,EAEA,WAAW,SAAA,EAA0B;AACnC,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,IAAA,CAAK,KAAA,CAAM,OAAO,SAAS,CAAA;AAC3B,MAAA,IAAA,CAAK,QAAA,CAAS,OAAO,SAAS,CAAA;AAAA,IAChC,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,MAAM,KAAA,EAAM;AACjB,MAAA,IAAA,CAAK,SAAS,KAAA,EAAM;AAAA,IACtB;AAAA,EACF;AAAA,EAEA,MAAM,YAAA,CACJ,SAAA,EACA,QAAA,EAC8B;AAC9B,IAAA,IAAI,CAAC,SAAA,IAAa,CAAC,SAAA,CAAU,IAAA,IAAQ,OAAO,IAAA;AAE5C,IAAA,MAAM,GAAA,GAAM,UAAU,IAAA,EAAK;AAC3B,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC3B,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAA,CAAO,KAAA,CAAM,0BAAA,EAA4B,EAAE,SAAA,EAAW,KAAK,CAAA;AAC3D,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,GAAG,CAAA;AACtC,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,MAAA,CAAO,KAAA,CAAM,sCAAA,EAAwC,EAAE,SAAA,EAAW,KAAK,CAAA;AACvE,MAAA,OAAO,QAAA;AAAA,IACT;AAEA,IAAA,MAAM,WAAW,YAA0C;AACzD,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,MAAM,QAAA,CAAS,GAAG,CAAA;AACjC,QAAA,IAAI,MAAA,EAAQ,IAAA,CAAK,GAAA,CAAI,GAAA,EAAK,MAAM,CAAA;AAChC,QAAA,OAAO,MAAA;AAAA,MACT,CAAA,SAAE;AACA,QAAA,IAAA,CAAK,QAAA,CAAS,OAAO,GAAG,CAAA;AAAA,MAC1B;AAAA,IACF,CAAA,GAAG;AAEH,IAAA,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,GAAA,EAAK,OAAO,CAAA;AAC9B,IAAA,OAAO,OAAA;AAAA,EACT;AACF,CAAA;;;ACvEA,IAAM,wBAAA,GAA2B,IAAI,iBAAA,EAAkB;AAEhD,SAAS,uBAAA,CACd,KACA,MAAA,EACe;AACf,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,cAAc,CAAC,CAAA;AAC/D,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AAC7C,MAAA,IAAI,YAAY,SAAA,EAAW,IAAA,IAAQ,OAAO,WAAA,CAAY,UAAU,IAAA,EAAK;AACrE,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,uBAAA,CAAwB,GAAA,EAAK,MAAA,EAAQ,UAAA,EAAY,aAAa,CAAA;AACvE;AAEA,SAAS,cAAA,GAAgD;AACvD,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,cAAc,CAAC,CAAA;AAC/D,IAAA,IAAI,CAAC,gBAAgB,OAAO,IAAA;AAE5B,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AACxC,IAAA,IAAI,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,IAAY,mBAAmB,MAAA,EAAQ;AACrE,MAAA,OAAQ,MAAA,CAAmC,aAAA;AAAA,IAC7C;AACA,IAAA,OAAO,MAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,aAAA,CAAc,aAAA,CAAc,cAAc,CAAC,CAAA;AAC3C,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,SAAS,oBAAA,CACP,YAAA,EACA,WAAA,EACA,SAAA,EACc;AACd,EAAA,OAAO;AAAA,IACL,QAAA,EAAU,WAAA,CAAY,QAAA,IAAY,YAAA,CAAa,QAAA;AAAA,IAC/C,YAAY,YAAA,CAAa,UAAA;AAAA,IACzB,SAAA,EAAW,aAAa,YAAA,CAAa,SAAA;AAAA,IACrC,MAAA,EAAQ;AAAA,MACN,QAAA,EAAU,WAAA,CAAY,QAAA,IAAY,YAAA,CAAa,MAAA,CAAO,QAAA;AAAA,MACtD,WAAA,EAAa,aAAa,MAAA,CAAO,WAAA;AAAA,MACjC,MAAA,EAAQ,aAAa,MAAA,CAAO;AAAA;AAC9B,GACF;AACF;AAEA,eAAe,wBAAA,GAAyD;AACtE,EAAA,MAAM,SAAA,GAAY,MAAM,YAAA,EAAa;AACrC,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,OAAO;AAAA,IACL,UAAU,SAAA,CAAU,QAAA;AAAA,IACpB,YAAY,SAAA,CAAU,aAAA;AAAA,IACtB,MAAA,EAAQ;AAAA,MACN,UAAU,SAAA,CAAU,QAAA;AAAA,MACpB,aAAa,SAAA,CAAU,WAAA;AAAA,MACvB,MAAA,EAAQ;AAAA;AACV,GACF;AACF;AAEA,eAAsB,mBAAA,CACpB,WACA,cAAA,EAC8B;AAC9B,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AAEvB,EAAA,MAAM,cAAc,cAAA,EAAe;AACnC,EAAA,IAAI,YAAA,GAAoC,IAAA;AACxC,EAAA,IAAI,WAAA,GAAc,KAAA;AAElB,EAAA,YAAA,GAAe,MAAM,cAAA,CAAe,OAAA,CAAQ,SAAS,CAAA;AACrD,EAAA,WAAA,GAAc,CAAC,CAAC,YAAA;AAEhB,EAAA,IAAI,CAAC,YAAA,EAAc;AACjB,IAAA,YAAA,GAAe,MAAM,wBAAA,EAAyB;AAAA,EAChD;AACA,EAAA,IAAI,CAAC,cAAc,OAAO,IAAA;AAE1B,EAAA,IAAI,CAAC,eAAe,WAAA,EAAa;AAC/B,IAAA,MAAM,YAAA,GAAe,oBAAA,CAAqB,YAAA,EAAc,WAAA,EAAa,SAAS,CAAA;AAC9E,IAAA,aAAA,CAAc,aAAA,CAAc,cAAc,CAAC,CAAA;AAC3C,IAAA,MAAA,CAAO,KAAK,8CAA8C,CAAA;AAC1D,IAAA,OAAO,YAAA;AAAA,EACT;AAEA,EAAA,aAAA,CAAc,aAAA,CAAc,cAAc,CAAC,CAAA;AAE3C,EAAA,OAAO;AAAA,IACL,GAAG,YAAA;AAAA,IACH,SAAA,EAAW,aAAa,YAAA,CAAa;AAAA,GACvC;AACF;AAEA,eAAsB,yBAAA,CACpB,WACA,cAAA,EAC8B;AAC9B,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,OAAO,wBAAA,CAAyB,YAAA;AAAA,IAAa,SAAA;AAAA,IAAW,CAAC,GAAA,KACvD,mBAAA,CAAoB,GAAA,EAAK,cAAc;AAAA,GACzC;AACF;;;AC3GO,IAAM,iBAAN,MAA0C;AAAA,EAC/C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,WAAA,EAAa,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,aAAA,EAAc;AAE/C,IAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,MAAA,MAAM,cAAA,EAAe;AACrB,MAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,QAAA,GAAA,CAAI,KAAK,6DAA6D,CAAA;AACtE,QAAA,MAAM,IAAI,MAAA,EAAO;AACjB,QAAA,WAAA,CAAY,SAAS,CAAA,EAAG,CAAA,CAAE,MAAM,CAAA,EAAG,CAAA,CAAE,QAAQ,CAAA,CAAE,CAAA;AAC/C,QAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,MAC3B;AAAA,IACF;AAEA,IAAA,cAAA,EAAe;AAEf,IAAA,MAAM,SAAA,GAAY,uBAAA,CAAwB,MAAA,EAAO,EAAG,QAAQ,cAAc,CAAA;AAC1E,IAAA,IAAI,CAAC,SAAA,EAAW,OAAO,EAAE,WAAW,IAAA,EAAK;AAEzC,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,GAAA,CAAI,KAAA,CAAM,iDAAA,EAAmD,EAAE,SAAA,EAAW,CAAA;AAC1E,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,wCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;ACtCO,IAAM,eAAN,MAAwC;AAAA,EAC7C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,WAAA,EAAa,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,aAAA,EAAc;AAE/C,IAAA,cAAA,EAAe;AAEf,IAAA,MAAM,OAAA,GAAU,MAAM,cAAA,EAAe;AACrC,IAAA,IAAI,OAAA,EAAS;AACX,MAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,QAAA,IAAI,oBAAA,EAAqB,EAAG,OAAO,EAAE,WAAW,IAAA,EAAK;AACrD,QAAA,MAAM,IAAI,MAAA,EAAO;AACjB,QAAA,WAAA,CAAY,SAAS,CAAA,EAAG,CAAA,CAAE,MAAM,CAAA,EAAG,CAAA,CAAE,QAAQ,CAAA,CAAE,CAAA;AAC/C,QAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,MAC3B;AACA,MAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,IAC3B;AACA,IAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,MAAA,MAAM,IAAI,MAAA,EAAO;AACjB,MAAA,WAAA,CAAY,SAAS,CAAA,EAAG,CAAA,CAAE,MAAM,CAAA,EAAG,CAAA,CAAE,QAAQ,CAAA,CAAE,CAAA;AAAA,IACjD;AACA,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC3BO,IAAM,oBAAN,MAA6C;AAAA,EAClD,MAAM,QAAQ,QAAA,EAA4C;AACxD,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;ACLA,IAAI,aAAA,GAAmC,IAAA;AAEhC,SAAS,oBAAA,GAA0C;AACxD,EAAA,OAAO,aAAA;AACT;AAEO,SAAS,qBAAqB,MAAA,EAAiC;AACpE,EAAA,aAAA,GAAgB,MAAA;AAClB;;;ACGA,eAAsB,sBAAA,GAA0C;AAC9D,EAAA,MAAM,SAAS,oBAAA,EAAqB;AACpC,EAAA,IAAI,MAAA,EAAQ;AACV,IAAA,IAAI;AACF,MAAA,OAAO,MAAM,OAAO,cAAA,EAAe;AAAA,IACrC,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AAEA,EAAA,MAAM,QAAQ,cAAA,EAAqB;AACnC,EAAA,IAAI,KAAA,IAAS,CAAC,oBAAA,EAAqB,EAAG,OAAO,KAAA;AAE7C,EAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,EAAA,IAAI,CAAC,YAAA,EAAc;AACjB,IAAA,MAAA,CAAO,MAAM,mDAAmD,CAAA;AAChE,IAAA,MAAM,IAAI,MAAM,kCAAkC,CAAA;AAAA,EACpD;AAEA,EAAA,OAAO,MAAM,kBAAA,EAA2B;AAC1C;AAEO,SAASC,eAAAA,GAAgC;AAC9C,EAAA,OAAO,cAAA,EAAqB;AAC9B;;;AC5BO,IAAM,cAAN,MAAuC;AAAA,EAC5C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACxB,IAAA,MAAM,MAAA,GAAS,MAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAEvD,IAAA,GAAA,CAAI,MAAM,yCAAyC,CAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,cAAA,GAAiB,MAAM,sBAAA,EAAuB;AACpD,MAAA,IAAI,cAAA,EAAgB;AAClB,QAAA,MAAA,CAAO,MAAM,kDAAkD,CAAA;AAC/D,QAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,MAC3B;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,KAAK,kDAAA,EAAoD;AAAA,QAC9D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,OAC7D,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,SAAA,GAAY,uBAAA,CAAwB,MAAA,EAAO,EAAG,QAAQ,cAAc,CAAA;AAC1E,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,0BAAA;AAAA,QACA,IAAI,MAAM,oBAAoB;AAAA,OAChC;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,wCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC5CO,IAAM,mBAAN,MAA4C;AAAA,EACjD,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,WAAA,EAAa,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,aAAA,EAAc;AAE/C,IAAA,MAAM,YAAA,GAAe,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAC/D,IAAA,GAAA,CAAI,IAAA,CAAK,+CAAA,EAAiD,EAAE,YAAA,EAAc,CAAA;AAC1E,IAAA,aAAA,CAAc,eAAe,eAAA,EAAiB,EAAE,SAAA,EAAW,YAAA,IAAgB,QAAW,CAAA;AAEtF,IAAA,aAAA,CAAc,aAAA,CAAc,iBAAiB,CAAC,CAAA;AAC9C,IAAA,aAAA,CAAc,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAE7C,IAAA,MAAM,YAAY,YAAA,IAAgB,uBAAA,CAAwB,MAAA,EAAO,EAAG,QAAQ,cAAc,CAAA;AAC1F,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,uCAAA;AAAA,QACA,IAAI,MAAM,iCAAiC;AAAA,OAC7C;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,qDAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC9BO,IAAM,YAAN,MAAqC;AAAA,EAC1C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACxB,IAAA,MAAM,MAAA,GAAS,MAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAEvD,IAAA,MAAM,iBAAA,GAAoB,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AAC9E,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,IAAI,iBAAA,IAAqB,CAAC,KAAA,EAAO;AAC/B,MAAA,GAAA,CAAI,KAAK,2FAA2F,CAAA;AACpG,MAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,MAAA,uBAAA,EAAwB;AAAA,IAC1B;AAEA,IAAA,MAAM,gBAAA,GAAmB,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAC,CAAA,KAAM,MAAA;AACzE,IAAA,IAAI,gBAAA,EAAkB,aAAA,CAAc,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAEnE,IAAA,MAAM,SAAA,GAAY,uBAAA,CAAwB,MAAA,EAAO,EAAG,QAAQ,cAAc,CAAA;AAC1E,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,0BAAA;AAAA,QACA,IAAI,MAAM,oBAAoB;AAAA,OAChC;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,wCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC7CA,IAAM,cAAA,GAAiB,IAAI,cAAA,EAAe;AAC1C,IAAM,YAAA,GAAe,IAAI,YAAA,EAAa;AACtC,IAAM,iBAAA,GAAoB,IAAI,iBAAA,EAAkB;AAChD,IAAM,WAAA,GAAc,IAAI,WAAA,EAAY;AACpC,IAAM,gBAAA,GAAmB,IAAI,gBAAA,EAAiB;AAC9C,IAAM,SAAA,GAAY,IAAI,SAAA,EAAU;AAEzB,SAAS,gBAAgB,KAAA,EAAsC;AACpE,EAAA,QAAQ,KAAA;AAAO,IACb,KAAA,aAAA;AACE,MAAA,OAAO,cAAA;AAAA,IACT,KAAA,qBAAA;AACE,MAAA,OAAO,YAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,iBAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,WAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,gBAAA;AAAA,IACT,KAAA,gBAAA;AAAA,IACA,KAAA,cAAA;AAAA,IACA,KAAA,YAAA;AAAA,IACA,KAAA,OAAA;AAAA,IACA;AACE,MAAA,OAAO,SAAA;AAAA;AAEb;;;ACVA,SAAS,mBAAA,GAAsB;AAC7B,EAAA,OAAO,CAAC,MAAA,KAAmB,UAAA,CAAW,aAAA,CAAc,MAAM,CAAC,CAAA;AAC7D;AAEA,eAAsB,YAAA,GAA8B;AAClD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAA,CAAO,IAAA;AAAA,MACL;AAAA,KACF;AACA,IAAA;AAAA,EACF;AAEA,EAAA,IAAI,uBAAsB,EAAG;AAC3B,IAAA,MAAA,CAAO,MAAM,wDAAwD,CAAA;AACrE,IAAA;AAAA,EACF;AAEA,EAAA,sBAAA,EAAuB;AAEvB,EAAA,IAAI;AACF,IAAA,YAAA,CAAa,IAAI,CAAA;AAEjB,IAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAC9C,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,MAAM,UAAU,oBAAA,EAAqB;AACrC,IAAA,MAAM,aAAA,GAAgB,CAAC,EAAE,KAAA,IAAS,CAAC,OAAA,CAAA;AACnC,IAAA,MAAM,QAAA,GAAW,CAAC,CAAC,KAAA;AACnB,IAAA,MAAM,eAAA,GAAkB,CAAC,CAAC,eAAA,EAAgB;AAE1C,IAAA,MAAM,QAAQ,yBAAA,CAA0B;AAAA,MACtC,GAAA;AAAA,MACA,YAAY,mBAAA,EAAoB;AAAA,MAChC,aAAA,EAAe,oBAAA;AAAA,MACf,aAAA;AAAA,MACA,QAAA;AAAA,MACA,eAAA;AAAA,MACA,cAAA,EAAgB;AAAA,KACjB,CAAA;AAED,IAAA,aAAA,CAAc,cAAA,CAAe,wBAAA,EAA0B,EAAE,KAAA,EAAwB,CAAA;AAEjF,IAAA,MAAM,IAAA,GAAO,gBAAgB,KAAK,CAAA;AAClC,IAAA,MAAM,OAAA,GAAuB,EAAE,OAAA,EAAS,GAAA,EAAK,KAAA,EAAM;AACnD,IAAA,MAAM,IAAA,CAAK,QAAQ,OAAO,CAAA;AAAA,EAC5B,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,KAAA,YAAiB,gBAAgB,MAAM,KAAA;AAC3C,IAAA,MAAM,IAAI,cAAA,EAAe;AACzB,IAAA,CAAC,CAAA,EAAG,MAAA,IAAU,MAAA,EAAQ,KAAA,CAAM,kBAAA,EAAoB;AAAA,MAC9C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,oBAAA,CAAqB,OAAO,sCAAsC;AAAA,KACpE;AAAA,EACF,CAAA,SAAE;AACA,IAAA,wBAAA,EAAyB;AAAA,EAC3B;AACF;;;ACjFA,IAAI,sBAAA,GAA8D,IAAA;AAE3D,SAAS,0BAA0B,EAAA,EAA+C;AACvF,EAAA,sBAAA,GAAyB,EAAA;AAC3B;AAEO,SAAS,yBAAA,GAAiE;AAC/E,EAAA,OAAO,sBAAA;AACT;;;ACLA,eAAe,aAAA,GAA+B;AAC5C,EAAA,MAAM,SAAS,oBAAA,EAAqB;AACpC,EAAA,IAAI,MAAA,EAAQ;AACV,IAAA,MAAM,OAAO,IAAA,EAAK;AAClB,IAAA;AAAA,EACF;AACA,EAAA,MAAM,YAAA,EAAa;AACrB;AAEA,yBAAA,CAA0B,MAAM,eAAe,CAAA;AAE/C,eAAsB,SAAA,GAA2B;AAC/C,EAAA,OAAO,aAAA,EAAc;AACvB;;;AChBO,IAAM,YAAA,GAAe;AAAA,EAC1B,WAAA,EAAa,0BAAA;AAAA,EACb,YAAA,EAAc;AAChB,CAAA;;;ACOA,IAAI,UAAA,GAAa,KAAA;AACjB,IAAI,kBAAA,GAA6B,EAAA;AACjC,IAAI,aAAA,uBAAyC,GAAA,EAAI;AACjD,IAAI,aAAA,GAAuD,IAAA;AAE3D,SAAS,iBAAA,GAA4B;AACnC,EAAA,IAAI;AACF,IAAA,OAAO,SAAS,MAAA,IAAU,EAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAA;AAAA,EACT;AACF;AAEA,SAAS,cAAA,GAA2B;AAClC,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,OAAO,OAAA,CACJ,GAAA,CAAI,CAAC,MAAA,KAAW;AACf,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,OAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAAA,IACtE,CAAC,CAAA,CACA,MAAA,CAAO,CAAC,IAAA,KAAS,IAAA,CAAK,SAAS,CAAC,CAAA;AAAA,EACrC,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAC;AAAA,EACV;AACF;AAEA,SAAS,YAAA,GAAoC;AAC3C,EAAA,MAAM,SAAA,uBAAgB,GAAA,EAAoB;AAC1C,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,IAAI,QAAQ,CAAA,CAAA,EAAI;AACd,QAAA,MAAM,OAAO,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,EAAE,IAAA,EAAK;AAC7C,QAAA,MAAM,QAAQ,MAAA,CAAO,SAAA,CAAU,KAAA,GAAQ,CAAC,EAAE,IAAA,EAAK;AAC/C,QAAA,IAAI,KAAK,MAAA,GAAS,CAAA,EAAG,SAAA,CAAU,GAAA,CAAI,MAAM,KAAK,CAAA;AAAA,MAChD;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,SAAA;AACT;AAEA,SAAS,mBAAA,GAA+B;AACtC,EAAA,IAAI;AACF,IAAA,MAAM,kBAAkB,iBAAA,EAAkB;AAC1C,IAAA,MAAM,mBAAmB,YAAA,EAAa;AACtC,IAAA,MAAM,iBAAiB,cAAA,EAAe;AAEtC,IAAA,IAAI,kBAAA,IAAsB,CAAC,eAAA,EAAiB;AAC1C,MAAA,MAAA,CAAO,KAAK,8BAA8B,CAAA;AAC1C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,aAAA,CAAc,OAAO,CAAA,EAAG;AAC1B,MAAA,MAAM,eAAA,GAAkB;AAAA,QACtB,YAAA,CAAa,WAAA;AAAA,QACb,YAAA,CAAa,YAAA;AAAA,QACb,aAAA;AAAA,QACA,0BAAA;AAAA,QACA,2BAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA;AAAA,OACF;AAEA,MAAA,MAAM,qBAA+B,EAAC;AACtC,MAAA,KAAA,MAAW,CAAC,UAAU,CAAA,IAAK,aAAA,EAAe;AACxC,QAAA,MAAM,eAAe,eAAA,CAAgB,IAAA;AAAA,UAAK,CAAC,aACzC,UAAA,CAAW,WAAA,GAAc,QAAA,CAAS,QAAA,CAAS,aAAa;AAAA,SAC1D;AACA,QAAA,IAAI,YAAA,IAAgB,CAAC,gBAAA,CAAiB,GAAA,CAAI,UAAU,CAAA,EAAG;AACrD,UAAA,kBAAA,CAAmB,KAAK,UAAU,CAAA;AAAA,QACpC;AAAA,MACF;AACA,MAAA,IAAI,kBAAA,CAAmB,SAAS,CAAA,EAAG;AACjC,QAAA,MAAA,CAAO,KAAK,+BAAA,EAAiC;AAAA,UAC3C,cAAA,EAAgB,kBAAA;AAAA,UAChB,qBAAqB,aAAA,CAAc,IAAA;AAAA,UACnC,oBAAoB,gBAAA,CAAiB;AAAA,SACtC,CAAA;AACD,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,mBAAA,GACJ,cAAc,GAAA,CAAI,YAAA,CAAa,WAAW,CAAA,IAC1C,aAAA,CAAc,IAAI,0BAA0B,CAAA;AAC9C,MAAA,MAAM,mBAAA,GACJ,iBAAiB,GAAA,CAAI,YAAA,CAAa,WAAW,CAAA,IAC7C,gBAAA,CAAiB,IAAI,0BAA0B,CAAA;AACjD,MAAA,IAAI,mBAAA,IAAuB,CAAC,mBAAA,EAAqB;AAC/C,QAAA,MAAA,CAAO,KAAK,kDAAkD,CAAA;AAC9D,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,oBAAA,GACJ,cAAc,GAAA,CAAI,YAAA,CAAa,YAAY,CAAA,IAC3C,aAAA,CAAc,IAAI,2BAA2B,CAAA;AAC/C,MAAA,MAAM,oBAAA,GACJ,iBAAiB,GAAA,CAAI,YAAA,CAAa,YAAY,CAAA,IAC9C,gBAAA,CAAiB,IAAI,2BAA2B,CAAA;AAClD,MAAA,IAAI,oBAAA,IAAwB,CAAC,oBAAA,EAAsB;AACjD,QAAA,MAAA,CAAO,KAAK,mDAAmD,CAAA;AAC/D,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,IACE,aAAA,CAAc,OAAO,gBAAA,CAAiB,IAAA,IACtC,cAAc,IAAA,GAAO,gBAAA,CAAiB,QAAQ,CAAA,EAC9C;AACA,QAAA,MAAM,iBAA2B,EAAC;AAClC,QAAA,KAAA,MAAW,CAAC,UAAU,CAAA,IAAK,aAAA,EAAe;AACxC,UAAA,IAAI,CAAC,gBAAA,CAAiB,GAAA,CAAI,UAAU,CAAA,EAAG,cAAA,CAAe,KAAK,UAAU,CAAA;AAAA,QACvE;AACA,QAAA,MAAM,0BAA0B,cAAA,CAAe,MAAA;AAAA,UAAO,CAAC,SACrD,eAAA,CAAgB,IAAA;AAAA,YAAK,CAAC,aACpB,IAAA,CAAK,WAAA,GAAc,QAAA,CAAS,QAAA,CAAS,aAAa;AAAA;AACpD,SACF,CAAE,MAAA;AACF,QAAA,IAAI,0BAA0B,CAAA,EAAG;AAC/B,UAAA,MAAA,CAAO,KAAK,6CAAA,EAA+C;AAAA,YACzD,cAAA;AAAA,YACA,gBAAA,EAAkB,uBAAA;AAAA,YAClB,eAAe,aAAA,CAAc,IAAA;AAAA,YAC7B,cAAc,gBAAA,CAAiB;AAAA,WAChC,CAAA;AACD,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAEA,IAAA,kBAAA,GAAqB,eAAA;AACrB,IAAA,aAAA,GAAgB,IAAI,IAAI,gBAAgB,CAAA;AACxC,IAAA,OAAO,KAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,wBAAA,EAA0B;AAAA,MACpC,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,SAAS,oBAAA,GAA6B;AACpC,EAAA,IAAI;AACF,IAAA,MAAA,CAAO,KAAK,sEAAsE,CAAA;AAElF,IAAA,MAAM,aAAA,GAAgB,UAAA,CAAW,aAAA,CAAc,aAAa,CAAC,CAAA,KAAM,MAAA;AACnE,IAAA,MAAM,gBAAA,GAAmB,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AAC7E,IAAA,IAAI,iBAAiB,gBAAA,EAAkB;AACrC,MAAA,MAAA,CAAO,KAAA;AAAA,QACL;AAAA,OACF;AACA,MAAA;AAAA,IACF;AAEA,IAAA,gBAAA,EAAiB;AAEjB,IAAA,IAAI;AACF,MAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,QAAA,MAAM,aAAa,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,aAAA,CAAc,aAAa,CAAC,CAAA;AAC3E,QAAA,MAAM,wBAAA,GAA2B,OAAO,YAAA,CAAa,OAAA;AAAA,UACnD,cAAc,oBAAoB;AAAA,SACpC;AACA,QAAA,uBAAA,EAAwB;AACxB,QAAA,IAAI,UAAA,KAAe,MAAA;AACjB,UAAA,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,aAAA,CAAc,aAAa,GAAG,MAAM,CAAA;AAClE,QAAA,IAAI,wBAAA,KAA6B,MAAA;AAC/B,UAAA,MAAA,CAAO,YAAA,CAAa,OAAA,CAAQ,aAAA,CAAc,oBAAoB,GAAG,MAAM,CAAA;AAAA,MAC3E,CAAA,MAAO;AACL,QAAA,uBAAA,EAAwB;AAAA,MAC1B;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,KAAK,gCAAA,EAAkC;AAAA,QAC5C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,OAC7D,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,KAAK,yBAAA,EAA0B;AACrC,IAAA,IAAI,EAAA,EAAI;AACN,MAAA,OAAA,CAAQ,QAAQ,EAAA,EAAI,CAAA,CAAE,KAAA,CAAM,CAAC,KAAA,KAAU;AACrC,QAAA,MAAA,CAAO,MAAM,mDAAA,EAAqD;AAAA,UAChE,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,SAC7D,CAAA;AAAA,MACH,CAAC,CAAA;AAAA,IACH;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,gCAAA,EAAkC;AAAA,MAC7C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AACF;AAEO,SAAS,kBAAA,GAA2B;AACzC,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,MAAA,CAAO,MAAM,gCAAgC,CAAA;AAC7C,IAAA;AAAA,EACF;AAEA,EAAA,UAAA,GAAa,IAAA;AACb,EAAA,kBAAA,GAAqB,iBAAA,EAAkB;AACvC,EAAA,aAAA,GAAgB,YAAA,EAAa;AAE7B,EAAA,MAAM,iBAAiB,cAAA,EAAe;AACtC,EAAA,MAAM,cAAc,cAAA,CAAe,MAAA;AAAA,IACjC,CAAC,IAAA,KACC,IAAA,CAAK,aAAY,CAAE,QAAA,CAAS,aAAa,CAAA,IACzC,IAAA,CAAK,WAAA,EAAY,CAAE,SAAS,MAAM,CAAA,IAClC,KAAK,WAAA,EAAY,CAAE,SAAS,OAAO;AAAA,GACvC;AACA,EAAA,MAAA,CAAO,MAAM,wBAAA,EAA0B;AAAA,IACrC,oBAAoB,cAAA,CAAe,MAAA;AAAA,IACnC,iBAAiB,WAAA,CAAY,MAAA;AAAA,IAC7B,WAAA;AAAA,IACA,UAAA,EAAY;AAAA,GACb,CAAA;AAED,EAAA,aAAA,GAAgB,YAAY,YAAY;AACtC,IAAA,MAAM,gBAAA,GACJ,OAAO,MAAA,KAAW,WAAA,IAClB,MAAA,CAAO,aAAa,OAAA,CAAQ,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AACvE,IAAA,IAAI,gBAAA,EAAkB;AACpB,MAAA,MAAA,CAAO,MAAM,6DAA6D,CAAA;AAC1E,MAAA,kBAAA,GAAqB,iBAAA,EAAkB;AACvC,MAAA,aAAA,GAAgB,YAAA,EAAa;AAC7B,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,iBAAiB,mBAAA,EAAoB;AAC3C,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAA,CAAO,KAAK,4CAA4C,CAAA;AACxD,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,aAAA,CAAc,aAAa,CAAA;AAC3B,QAAA,aAAA,GAAgB,IAAA;AAAA,MAClB;AACA,MAAA,UAAA,GAAa,KAAA;AAEb,MAAA,IAAI;AACF,QAAA,MAAM,oBAAA,EAAqB;AAAA,MAC7B,SAAS,KAAA,EAAO;AACd,QAAA,MAAA,CAAO,MAAM,sDAAA,EAAwD;AAAA,UACnE,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,SAC7D,CAAA;AAAA,MACH,CAAA,SAAE;AACA,QAAA,cAAA,CAAe,MAAM;AACnB,UAAA,IAAI,CAAC,YAAY,kBAAA,EAAmB;AAAA,QACtC,CAAC,CAAA;AAAA,MACH;AAAA,IACF;AAAA,EACF,GAAG,GAAI,CAAA;AAEP,EAAA,MAAA,CAAO,KAAK,yDAAyD,CAAA;AACvE;AAEO,SAAS,iBAAA,GAA0B;AACxC,EAAA,UAAA,GAAa,KAAA;AACb,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,aAAA,CAAc,aAAa,CAAA;AAC3B,IAAA,aAAA,GAAgB,IAAA;AAAA,EAClB;AACA,EAAA,kBAAA,GAAqB,EAAA;AACrB,EAAA,MAAA,CAAO,MAAM,wBAAwB,CAAA;AACvC;AAEO,SAAS,kBAAA,GAA2B;AACzC,EAAA,kBAAA,GAAqB,iBAAA,EAAkB;AACvC,EAAA,aAAA,GAAgB,YAAA,EAAa;AAC7B,EAAA,MAAM,iBAAiB,cAAA,EAAe;AACtC,EAAA,MAAM,cAAc,cAAA,CAAe,MAAA;AAAA,IACjC,CAAC,IAAA,KACC,IAAA,CAAK,aAAY,CAAE,QAAA,CAAS,aAAa,CAAA,IACzC,IAAA,CAAK,WAAA,EAAY,CAAE,SAAS,MAAM,CAAA,IAClC,KAAK,WAAA,EAAY,CAAE,SAAS,OAAO;AAAA,GACvC;AACA,EAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB;AAAA,IACnC,oBAAoB,cAAA,CAAe,MAAA;AAAA,IACnC,iBAAiB,WAAA,CAAY,MAAA;AAAA,IAC7B;AAAA,GACD,CAAA;AACH;ACvNO,SAAS,kBAAA,GAA2B;AAMzC,EAAA,MAAM,GAAA,GAAM,MAAA;AACZ,EAAA,MAAM,aAAa,GAAA,CAAI,sCAAA;AACvB,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,aAAA,CAAc,UAAU,CAAA;AACxB,IAAA,OAAO,GAAA,CAAI,sCAAA;AAAA,EACb;AACF;;;AC7EO,SAAS,kBAAA,GAA2B;AACzC,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,WAAW,WAAA,EAAa;AAEtE,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,MAAM,QAAA,GAAW,OAAO,QAAA,CAAS,QAAA;AACjC,IAAA,MAAM,YAAY,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA,CAAE,OAAO,OAAO,CAAA;AAEpD,IAAA,MAAM,YAAA,GAAyB,CAAC,QAAQ,CAAA;AACxC,IAAA,IAAI,SAAA,CAAU,SAAS,CAAA,EAAG;AAExB,MAAA,KAAA,IAAS,IAAI,SAAA,CAAU,MAAA,GAAS,CAAA,EAAG,CAAA,IAAK,GAAG,CAAA,EAAA,EAAK;AAC9C,QAAA,MAAM,SAAS,GAAA,GAAM,SAAA,CAAU,MAAM,CAAC,CAAA,CAAE,KAAK,GAAG,CAAA;AAChD,QAAA,IAAI,CAAC,YAAA,CAAa,QAAA,CAAS,MAAM,CAAA,EAAG,YAAA,CAAa,KAAK,MAAM,CAAA;AAAA,MAC9D;AAAA,IACF;AAEA,IAAA,MAAM,UAAA,GAAa,CAAC,GAAA,EAAK,MAAA,CAAO,SAAS,QAAA,IAAY,GAAG,CAAA,CAAE,MAAA,CAAO,OAAO,CAAA;AAExE,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,MAAM,IAAA,GAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,KAAA,CAAM,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAEtE,MAAA,IAAI,CAAC,IAAA,EAAM;AAEX,MAAA,KAAA,MAAW,QAAQ,UAAA,EAAY;AAE7B,QAAA,QAAA,CAAS,MAAA,GAAS,CAAA,EAAG,IAAI,CAAA,6CAAA,EAAgD,IAAI,CAAA,CAAA;AAE7E,QAAA,KAAA,MAAW,UAAU,YAAA,EAAc;AACjC,UAAA,QAAA,CAAS,SAAS,CAAA,EAAG,IAAI,CAAA,6CAAA,EAAgD,IAAI,WAAW,MAAM,CAAA,CAAA;AAAA,QAChG;AAAA,MACF;AAAA,IACF;AAEA,IAAA,MAAA,CAAO,MAAM,2CAA2C,CAAA;AAAA,EAC1D,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,gCAAA,EAAkC;AAAA,MAC5C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AACF;;;ACpCA,SAAS,QAAA,CAAS,SAAiB,IAAA,EAAsB;AACvD,EAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,OAAO,CAAA;AAC3B,EAAA,MAAM,iBAAiB,IAAA,CAAK,UAAA,CAAW,GAAG,CAAA,GAAI,IAAA,GAAO,IAAI,IAAI,CAAA,CAAA;AAC7D,EAAA,GAAA,CAAI,WAAW,GAAA,CAAI,QAAA,CAAS,SAAS,GAAG,CAAA,GACpC,GAAG,GAAA,CAAI,QAAQ,GAAG,cAAA,CAAe,KAAA,CAAM,CAAC,CAAC,CAAA,CAAA,GACzC,GAAG,GAAA,CAAI,QAAQ,GAAG,cAAc,CAAA,CAAA;AACpC,EAAA,OAAO,IAAI,QAAA,EAAS;AACtB;AAQA,eAAe,iBAAiB,SAAA,EAG7B;AACD,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,EAAW;AAAA,MACtC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS;AAAA,QACP,cAAA,EAAgB,mCAAA;AAAA,QAChB,kBAAA,EAAoB,gBAAA;AAAA,QACpB,MAAA,EAAQ;AAAA,OACV;AAAA,MACA,WAAA,EAAa;AAAA,KACd,CAAA;AACD,IAAA,MAAM,IAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACpD,IAAA,MAAA,CAAO,IAAA,CAAK,+BAAA,EAAiC,EAAE,QAAA,EAAU,MAAM,CAAA;AAC/D,IAAA,IAAI,SAAS,IAAA,CAAK,OAAA,KAAY,IAAA,IAAQ,IAAA,CAAK,WAAW,IAAA,CAAA,EAAO;AAC3D,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,QAAA,EAAU,IAAA,EAAK;AAAA,IACzC;AACA,IAAA,MAAA,CAAO,IAAA,CAAK,uCAAA,EAAyC,EAAE,QAAA,EAAU,MAAM,CAAA;AACvE,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,IAAA,EAAK;AAAA,EAC1C,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,gCAAA,EAAkC;AAAA,MAC7C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,EAAW;AAAA,QACtC,MAAA,EAAQ,KAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,kBAAA,EAAoB,gBAAA;AAAA,UACpB,MAAA,EAAQ;AAAA,SACV;AAAA,QACA,WAAA,EAAa;AAAA,OACd,CAAA;AACD,MAAA,MAAM,IAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACpD,MAAA,MAAA,CAAO,IAAA,CAAK,8BAAA,EAAgC,EAAE,QAAA,EAAU,MAAM,CAAA;AAC9D,MAAA,IAAI,SAAS,IAAA,CAAK,OAAA,KAAY,IAAA,IAAQ,IAAA,CAAK,WAAW,IAAA,CAAA,EAAO;AAC3D,QAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,QAAA,EAAU,IAAA,EAAK;AAAA,MACzC;AACA,MAAA,MAAA,CAAO,IAAA,CAAK,sCAAA,EAAwC,EAAE,QAAA,EAAU,MAAM,CAAA;AACtE,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,IAAA,EAAK;AAAA,IAC1C,SAAS,QAAA,EAAU;AACjB,MAAA,MAAA,CAAO,KAAK,0CAAA,EAA4C;AAAA,QACtD,WAAW,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK,CAAA;AAAA,QAChE,UAAU,QAAA,YAAoB,KAAA,GAAQ,QAAA,CAAS,OAAA,GAAU,OAAO,QAAQ;AAAA,OACzE,CAAA;AACD,MAAA,OAAO,EAAE,SAAS,KAAA,EAAM;AAAA,IAC1B;AAAA,EACF;AACF;AAEA,SAAS,yBAAA,GAAkC;AACzC,EAAA,MAAA,CAAO,MAAM,iCAAiC,CAAA;AAC9C,EAAA,IAAI;AACF,IAAA,cAAA,EAAe,EAAG,cAAc,YAAA,EAAa;AAAA,EAC/C,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,yCAAA,EAA2C;AAAA,MACtD,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AACA,EAAA,kBAAA,EAAmB;AACnB,EAAA,eAAA,EAAgB;AAChB,EAAA,MAAA,CAAO,KAAK,gCAAgC,CAAA;AAC9C;AAEA,eAAsB,OAAO,SAAA,EAI1B;AACD,EAAA,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAA,EAAG,MAAM,CAAA;AACtD,EAAA,UAAA,CAAW,aAAA,CAAc,aAAa,CAAA,EAAG,MAAM,CAAA;AAC/C,EAAA,IAAI,SAAA,EAAW,MAAK,EAAG,UAAA,CAAW,cAAc,sBAAsB,CAAA,EAAG,SAAA,CAAU,IAAA,EAAM,CAAA;AAEzF,EAAA,IAAI,UAAA,CAAW,aAAA,CAAc,mBAAmB,CAAC,MAAM,MAAA,EAAQ;AAC7D,IAAA,MAAA,CAAO,MAAM,2DAAsD,CAAA;AACnE,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,OAAA,EAAS,6BAAA,EAA8B;AAAA,EACjE;AAEA,EAAA,UAAA,CAAW,aAAA,CAAc,mBAAmB,CAAA,EAAG,MAAM,CAAA;AAErD,EAAA,IAAI;AACF,IAAA,kBAAA,EAAmB;AACnB,IAAA,iBAAA,EAAkB;AAElB,IAAA,MAAM,cAAA,GAAiB,OAAO,iBAAA,EAAkB;AAChD,IAAA,IAAI,mBAAA,GAAsB,KAAA;AAC1B,IAAA,IAAI,cAAA;AAEJ,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,SAAA,GAAY,QAAA,CAAS,cAAA,EAAgB,gBAAgB,CAAA;AAC3D,MAAA,MAAA,CAAO,IAAA,CAAK,4BAAA,EAA8B,EAAE,SAAA,EAAW,CAAA;AACvD,MAAA,MAAM,YAAA,GAAe,MAAM,gBAAA,CAAiB,SAAS,CAAA;AACrD,MAAA,mBAAA,GAAsB,YAAA,CAAa,OAAA;AACnC,MAAA,cAAA,GAAiB,YAAA,CAAa,QAAA;AAAA,IAChC;AAEA,IAAA,yBAAA,EAA0B;AAE1B,IAAA,MAAM,kBAAA,GAAqB,UAAA,CAAW,aAAA,CAAc,sBAAsB,CAAC,CAAA;AAC3E,IAAA,IAAI,kBAAA,EAAoB;AACtB,MAAA,UAAA,CAAW,aAAA,CAAc,cAAc,CAAA,EAAG,IAAA,CAAK,UAAU,EAAE,SAAA,EAAW,kBAAA,EAAoB,CAAC,CAAA;AAC3F,MAAA,aAAA,CAAc,aAAA,CAAc,sBAAsB,CAAC,CAAA;AAAA,IACrD;AAEA,IAAA,kBAAA,EAAmB;AACnB,IAAA,aAAA,CAAc,aAAA,CAAc,mBAAmB,CAAC,CAAA;AAEhD,IAAA,MAAA,CAAO,KAAK,0EAAA,EAAuE;AAAA,MACjF,mBAAA;AAAA,MACA;AAAA,KACD,CAAA;AACD,IAAA,aAAA,CAAc,eAAe,gBAAA,EAAkB;AAAA,MAC7C,OAAA,EAAS,sBAAsB,uBAAA,GAA0B;AAAA,KAC1D,CAAA;AAED,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,IAAA;AAAA,MACT,OAAA,EAAS,mBAAA,GACL,cAAA,EAAgB,OAAA,IAAW,mEAAA,GAC3B,2EAAA;AAAA,MACJ;AAAA,KACF;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,4BAAA,EAA8B;AAAA,MACzC,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,yBAAA,EAA0B;AAE1B,IAAA,MAAM,kBAAA,GAAqB,UAAA,CAAW,aAAA,CAAc,sBAAsB,CAAC,CAAA;AAC3E,IAAA,IAAI,kBAAA,EAAoB;AACtB,MAAA,UAAA,CAAW,aAAA,CAAc,cAAc,CAAA,EAAG,IAAA,CAAK,UAAU,EAAE,SAAA,EAAW,kBAAA,EAAoB,CAAC,CAAA;AAC3F,MAAA,aAAA,CAAc,aAAA,CAAc,sBAAsB,CAAC,CAAA;AAAA,IACrD;AACA,IAAA,aAAA,CAAc,aAAA,CAAc,mBAAmB,CAAC,CAAA;AAEhD,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,IAAA;AAAA,MACT,OAAA,EAAS;AAAA,KACX;AAAA,EACF;AACF;AC7KO,IAAM,WAAA,GAAcC,oBAA4C,MAAS,CAAA;AAEzE,SAAS,cAAA,GAAmC;AACjD,EAAA,MAAM,OAAA,GAAUC,iBAAW,WAAW,CAAA;AACtC,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,MAAM,iDAAiD,CAAA;AAAA,EACnE;AACA,EAAA,OAAO,OAAA;AACT;;;ACFA,IAAM,eAAA,uBAAsB,GAAA,EAA0C;AACtE,IAAMC,kBAAiB,eAAA,CAAgB,MAAA;AAEvC,SAAS,wBAAA,GAAmC;AAC1C,EAAA,IAAI,IAAA,GAAO,OAAO,6BAAA,EAA8B;AAChD,EAAA,IAAI,OAAO,WAAW,WAAA,KAAgB,CAAC,QAAQ,IAAA,CAAK,UAAA,CAAW,GAAG,CAAA,CAAA,EAAI;AACpE,IAAA,IAAA,GAAO,MAAA,CAAO,QAAA,CAAS,MAAA,IAAU,IAAA,IAAQ,MAAA,CAAA;AAAA,EAC3C;AACA,EAAA,OAAO,IAAA;AACT;AAEA,IAAM,kBAAA,GAAqB,SAAA;AAE3B,SAAS,mBAAmB,UAAA,EAA4B;AACtD,EAAA,MAAM,6BAA6B,wBAAA,EAAyB;AAC5D,EAAA,MAAM,IAAA,GAAO,0BAAA,CAA2B,OAAA,CAAQ,eAAA,EAAiB,EAAE,CAAA,IAAK,0BAAA;AACxE,EAAA,OAAO,CAAA,EAAG,IAAI,CAAA,sCAAA,EAAyC,kBAAA,CAAmB,UAAU,CAAC,CAAA,CAAA;AACvF;AAsBA,eAAsB,cAAc,SAAA,EAAiD;AACnF,EAAA,IAAI,CAAC,SAAA,IAAa,SAAA,CAAU,IAAA,OAAW,EAAA,EAAI;AACzC,IAAA,MAAA,CAAO,MAAM,kDAAkD,CAAA;AAC/D,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,UAAA,GAAa,UAAU,IAAA,EAAK;AAClC,EAAA,MAAM,UAAA,GAAa,iBAAiB,UAAU,CAAA,CAAA;AAC9C,EAAA,IAAI,eAAA,CAAgB,GAAA,CAAI,UAAU,CAAA,EAAG;AACnC,IAAA,MAAA,CAAO,KAAA,CAAM,sCAAA,EAAwC,EAAE,UAAA,EAAY,CAAA;AACnE,IAAA,OAAO,eAAA,CAAgB,IAAI,UAAU,CAAA;AAAA,EACvC;AAEA,EAAA,MAAA,CAAO,IAAA,CAAK,4BAAA,EAA8B,EAAE,UAAA,EAAY,CAAA;AAExD,EAAA,MAAM,kBAAkB,YAA0C;AAChE,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAM,mBAAmB,UAAU,CAAA;AACzC,MAAA,MAAA,CAAO,KAAA,CAAM,oBAAA,EAAsB,EAAE,GAAA,EAAK,CAAA;AAE1C,MAAA,IAAI,IAAA;AACJ,MAAA,IAAI;AACF,QAAA,MAAM,WAAW,MAAM,KAAA,CAAM,KAAK,EAAE,MAAA,EAAQ,OAAO,CAAA;AACnD,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI,MAAM,IAAI,KAAA,CAAM,CAAA,KAAA,EAAQ,QAAA,CAAS,MAAM,CAAA,CAAE,CAAA;AAC3D,QAAA,IAAA,GAAQ,MAAM,SAAS,IAAA,EAAK;AAC5B,QAAA,MAAA,CAAO,KAAA,CAAM,uBAAA,EAAyB,EAAE,UAAA,EAAY,CAAA;AAAA,MACtD,SAAS,KAAA,EAAO;AACd,QAAA,MAAA,CAAO,IAAA,CAAK,iBAAA,EAAmB,EAAE,UAAA,EAAY,OAAO,CAAA;AACpD,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,UAAU,OAAO,IAAA;AAE9C,MAAA,MAAM,GAAA,GAAM,IAAA;AACZ,MAAA,IAAI,CAAC,GAAA,CAAI,OAAA,IAAW,CAAC,GAAA,CAAI,MAAM,OAAO,IAAA;AAEtC,MAAA,MAAM,SAAS,GAAA,CAAI,IAAA;AACnB,MAAA,IAAI,CAAC,MAAA,CAAO,EAAA,IAAM,CAAC,MAAA,CAAO,YAAY,OAAO,IAAA;AAE7C,MAAA,MAAM,UAAA,GAAa,OAAO,gBAAA,EAAiB;AAC3C,MAAA,MAAM,WAAA,GAAc,OAAO,cAAA,EAAe;AAC1C,MAAA,IAAI,CAAC,UAAA,IAAc,CAAC,WAAA,EAAa,OAAO,IAAA;AAExC,MAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,UAAA,CAAW,UAAA,CAAW,kBAAkB,CAAA,GACxE,MAAA,CAAO,UAAA,GACP,CAAA,EAAG,kBAAkB,CAAA,EAAG,MAAA,CAAO,UAAU,CAAA,CAAA;AAE7C,MAAA,MAAM,MAAA,GAAuB;AAAA,QAC3B,UAAU,MAAA,CAAO,EAAA;AAAA,QACjB,UAAA;AAAA,QACA,SAAA,EAAW,UAAA;AAAA,QACX,MAAA,EAAQ;AAAA,UACN,UAAU,MAAA,CAAO,UAAA;AAAA,UACjB,UAAA,EAAY,oBAAA;AAAA,UACZ,WAAA;AAAA,UACA,MAAA,EAAQA;AAAA;AACV,OACF;AACA,MAAA,MAAA,CAAO,KAAA,CAAM,wBAAA,EAA0B,EAAE,UAAA,EAAY,CAAA;AACrD,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,IAAA,CAAK,mCAAA,EAAqC,EAAE,UAAA,EAAY,OAAO,CAAA;AACtE,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,SAAE;AACA,MAAA,eAAA,CAAgB,OAAO,UAAU,CAAA;AAAA,IACnC;AAAA,EACF,CAAA,GAAG;AAEH,EAAA,eAAA,CAAgB,GAAA,CAAI,YAAY,cAAc,CAAA;AAC9C,EAAA,OAAO,cAAA;AACT;;;AC7GO,SAAS,mBAAA,GAA8B;AAC5C,EAAA,OAAO;AAAA,IACL,IAAA,CAAK,SAAiB,IAAA,EAAgC;AACpD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,IAAA,CAAK,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACtE,CAAA;AAAA,IACA,IAAA,CAAK,SAAiB,IAAA,EAAgC;AACpD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,IAAA,CAAK,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACtE,CAAA;AAAA,IACA,KAAA,CAAM,SAAiB,IAAA,EAAgC;AACrD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,KAAA,CAAM,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACvE,CAAA;AAAA,IACA,KAAA,CAAM,SAAiB,IAAA,EAAgC;AACrD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,KAAA,CAAM,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACvE;AAAA,GACF;AACF;AAEO,SAAS,wBAAA,GAAwC;AACtD,EAAA,OAAO;AAAA,IACL,aAAA,GAA4B;AAC1B,MAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,QAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,MAAA,EAAQ,EAAA,EAAI,UAAU,GAAA,EAAK,MAAA,EAAQ,EAAA,EAAI,QAAA,EAAU,EAAA,EAAG;AAAA,MACzE;AACA,MAAA,MAAM,CAAA,GAAI,MAAA;AACV,MAAA,MAAM,MAAM,CAAA,CAAE,QAAA;AACd,MAAA,OAAO;AAAA,QACL,MAAM,GAAA,CAAI,IAAA;AAAA,QACV,QAAQ,GAAA,CAAI,MAAA;AAAA,QACZ,UAAU,GAAA,CAAI,QAAA;AAAA,QACd,QAAQ,GAAA,CAAI,MAAA;AAAA,QACZ,UAAU,GAAA,CAAI;AAAA,OAChB;AAAA,IACF,CAAA;AAAA,IACA,SAAS,GAAA,EAAmB;AAC1B,MAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAA,CAAS,QAAQ,GAAG,CAAA;AAAA,IAChE,CAAA;AAAA,IACA,aAAa,GAAA,EAAmB;AAC9B,MAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,MAAA,IAAI;AACF,QAAA,MAAM,KAAA,GAAQ,OAAO,QAAA,KAAa,WAAA,GAAc,SAAS,KAAA,GAAQ,EAAA;AACjE,QAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,OAAO,GAAG,CAAA;AAAA,MAC5C,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,GACF;AACF;AAGO,SAAS,oBAAA,GAAuC;AACrD,EAAA,OAAO;AAAA,IACL,aAAA,EAAe,MAAM,MAAA,CAAO,iBAAA,EAAkB;AAAA,IAC9C,gBAAA,EAAkB,MAAM,MAAA,CAAO,gBAAA,EAAiB;AAAA,IAChD,cAAA,EAAgB,MAAM,MAAA,CAAO,cAAA,EAAe;AAAA,IAC5C,WAAA,EAAa,MAAM,MAAA,CAAO,WAAA,EAAY;AAAA,IACtC,WAAA,EAAa,MAAM,MAAA,CAAO,WAAA,EAAY;AAAA,IACtC,aAAA,EAAe,MAAM,MAAA,CAAO,aAAA,EAAc;AAAA,IAC1C,WAAA,EAAa,MAAM,MAAA,CAAO,WAAA;AAAY,GACxC;AACF;AAEO,SAAS,oBAAA,GAAuC;AACrD,EAAA,OAAO,EAAE,OAAA,EAAS,CAAC,SAAA,KAAsB,aAAA,CAAc,SAAS,CAAA,EAAE;AACpE;AAEO,SAAS,0BAAA,GAA4C;AAC1D,EAAA,OAAO;AAAA,IACL,YAAA,GAAqB;AACnB,MAAA,IAAI,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,WAAW,WAAA,EAAa;AACtE,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,QAAA,OAAA,CAAQ,OAAA,CAAQ,CAAC,MAAA,KAAW;AAC1B,UAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,UAAA,MAAM,IAAA,GAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAC1E,UAAA,QAAA,CAAS,MAAA,GAAS,GAAG,IAAI,CAAA,8CAAA,CAAA;AACzB,UAAA,MAAM,MAAA,GAAS,OAAO,QAAA,CAAS,QAAA;AAC/B,UAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AAC9B,UAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG;AACpB,YAAA,MAAM,eAAe,GAAA,GAAM,KAAA,CAAM,MAAM,CAAA,CAAE,CAAA,CAAE,KAAK,GAAG,CAAA;AACnD,YAAA,QAAA,CAAS,MAAA,GAAS,CAAA,EAAG,IAAI,CAAA,sDAAA,EAAyD,YAAY,CAAA,CAAA;AAAA,UAChG;AAAA,QACF,CAAC,CAAA;AAAA,MACH,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,GACF;AACF;;;ACpFO,SAAS,wBAAA,GAAyC;AACvD,EAAA,OAAO;AAAA,IACL,MAAM,SAAS,YAAA,EAA2C;AACxD,MAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,MAAA,MAAM,iBAAiB,YAAY,CAAA;AAAA,IACrC,CAAA;AAAA,IAEA,MAAM,cAAA,GAAmC;AACvC,MAAA,OAAO,cAAA,EAAe;AAAA,IACxB,CAAA;AAAA,IAEA,MAAM,OAAA,GAA2B;AAC/B,MAAA,OAAO,kBAAA,EAAmB;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,OAAO,OAAA,EAAiD;AAC5D,MAAA,MAAM,MAAA,CAAc,SAAS,SAAS,CAAA;AAAA,IACxC;AAAA,GACF;AACF;;;ACzBO,SAAS,cAAA,GAGd;AACA,EAAA,MAAMC,UAAAA,uBAAgB,GAAA,EAAuB;AAE7C,EAAA,OAAO;AAAA,IACL,UAAU,QAAA,EAAyC;AACjD,MAAAA,UAAAA,CAAU,IAAI,QAAQ,CAAA;AACtB,MAAA,OAAO,MAAMA,UAAAA,CAAU,MAAA,CAAO,QAAQ,CAAA;AAAA,IACxC,CAAA;AAAA,IACA,KAAK,KAAA,EAA8B;AACjC,MAAAA,UAAAA,CAAU,OAAA,CAAQ,CAAC,EAAA,KAAO;AACxB,QAAA,IAAI;AACF,UAAA,EAAA,CAAG,KAAK,CAAA;AAAA,QACV,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF,CAAC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACXA,SAAS,WAAA,CAAY,GAAoB,CAAA,EAA6B;AACpE,EAAA,OACE,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,IACf,EAAE,WAAA,KAAgB,CAAA,CAAE,WAAA,IACpB,CAAA,CAAE,SAAA,KAAc,CAAA,CAAE,SAAA,IAClB,CAAA,CAAE,UAAU,CAAA,CAAE,KAAA;AAElB;AAEA,SAAS,YAAY,MAAA,EAA2C;AAC9D,EAAA,cAAA,CAAe,MAAM,CAAA;AACrB,EAAA,MAAM,cAAc,cAAA,EAAe;AACnC,EAAA,MAAM,YAAY,YAAA,EAAa;AAC/B,EAAA,MAAM,UAAU,oBAAA,EAAqB;AAErC,EAAA,IAAI,WAAA,IAAe,CAAC,OAAA,EAAS;AAC3B,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,eAAA;AAAA,MACR,WAAA;AAAA,MACA,SAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AACA,EAAA,IAAI,eAAe,OAAA,EAAS;AAC1B,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,OAAA;AAAA,MACR,WAAA;AAAA,MACA,SAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AACA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,iBAAA;AAAA,IACR,WAAA,EAAa,IAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,KAAA,EAAO;AAAA,GACT;AACF;AAEO,SAAS,iBAAiB,MAAA,EAAsC;AACrE,EAAA,MAAM,eAAe,MAAA,CAAO,MAAA,CAAO,EAAE,GAAG,QAAQ,CAAA;AAChD,EAAA,MAAM,MAAM,cAAA,EAAe;AAC3B,EAAA,IAAI,gBAAA,GAA2C,IAAA;AAC/C,EAAA,MAAM,QAAA,GAAW,YAAA,CAAa,QAAA,IAAY,wBAAA,EAAyB;AAEnE,EAAA,MAAM,YAAY,MAAY;AAC5B,IAAA,MAAM,IAAA,GAAO,YAAY,YAAY,CAAA;AACrC,IAAA,IAAI,gBAAA,KAAqB,IAAA,IAAQ,WAAA,CAAY,gBAAA,EAAkB,IAAI,CAAA,EAAG;AACtE,IAAA,gBAAA,GAAmB,IAAA;AACnB,IAAA,GAAA,CAAI,KAAK,IAAI,CAAA;AAAA,EACf,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,MAAM,IAAA,GAAsB;AAC1B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gCAAgC,CAAA;AAC1D,MAAA,MAAM,YAAA,EAAa;AACnB,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gDAAgD,CAAA;AAC1E,MAAA,MAAM,YAAA,EAAa;AACnB,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,OAAO,OAAA,EAAiD;AAC5D,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,eAAe,CAAA;AACzC,MAAA,MAAM,QAAA,CAAS,OAAO,OAAO,CAAA;AAC7B,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,OAAA,GAA2B;AAC/B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gBAAgB,CAAA;AAC1C,MAAA,IAAI;AACF,QAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,OAAA,EAAQ;AACrC,QAAA,SAAA,EAAU;AACV,QAAA,OAAO,KAAA;AAAA,MACT,SAAS,CAAA,EAAG;AACV,QAAA,SAAA,EAAU;AACV,QAAA,MAAM,CAAA;AAAA,MACR;AAAA,IACF,CAAA;AAAA,IAEA,MAAM,cAAA,GAAkC;AACtC,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,OAAO,sBAAA,EAAuB;AAAA,IAChC,CAAA;AAAA,IAEA,MAAM,cAAA,GAAmC;AACvC,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,uBAAuB,CAAA;AACjD,MAAA,MAAM,OAAA,GAAU,MAAM,QAAA,CAAS,cAAA,EAAe;AAC9C,MAAA,SAAA,EAAU;AACV,MAAA,OAAO,OAAA;AAAA,IACT,CAAA;AAAA,IAEA,UAAU,QAAA,EAAU;AAClB,MAAA,OAAO,GAAA,CAAI,UAAU,QAAQ,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,QAAA,GAA4B;AAC1B,MAAA,OAAO,YAAY,YAAY,CAAA;AAAA,IACjC;AAAA,GACF;AACF;ACnEO,SAAS,YAAA,CAAa;AAAA,EAC3B,QAAA;AAAA,EACA,QAAA,GAAW,IAAA;AAAA,EACX,UAAA;AAAA,EACA,KAAA,GAAQ,EAAA;AAAA,EACR;AACF,CAAA,EAAyC;AACvC,EAAA,MAAM,iBAAA,GAAoB,UAAA,IAAc,MAAA,CAAO,aAAA,EAAc;AAC7D,EAAA,MAAM,SAAA,GAAYC,aAAA;AAAA,IAChB,OAAO,EAAE,QAAA,EAAU,qBAAqB,EAAA,EAAI,KAAA,EAAO,SAAS,EAAA,EAAG,CAAA;AAAA,IAC/D,CAAC,mBAAmB,KAAK;AAAA,GAC3B;AACA,EAAA,MAAM,UAAA,GAAaC,aAAO,KAAK,CAAA;AAC/B,EAAA,MAAM,SAAA,GAAYA,aAA0B,IAAI,CAAA;AAEhD,EAAAC,qBAAA,CAAgB,MAAM;AACpB,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,SAAA,CAAa,EAAE,UAAA,EAAY,UAAA,EAAY,CAAA;AAAA,IACzC;AACA,IAAA,OAAO,MAAM;AACX,MAAA,oBAAA,EAAqB;AAAA,IACvB,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,UAAU,CAAC,CAAA;AAEf,EAAAA,qBAAA,CAAgB,MAAM;AACpB,IAAA,mBAAA,CAAoB,qBAAqB,EAAE,CAAA;AAC3C,IAAA,MAAM,UACJ,cAAA,KAAmB,MAAA,IAAa,mBAAmB,IAAA,GAC/C,cAAA,GACA,kCAAkC,SAAS,CAAA;AACjD,IAAA,iBAAA,CAAkB,SAAS,SAAS,CAAA;AACpC,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,cAAA,EAAgB,OAAA;AAAA,MAChB,gBAAA,EAAkB,SAAA;AAAA,MAClB,QAAQ,mBAAA,EAAoB;AAAA,MAC5B,aAAa,wBAAA,EAAyB;AAAA,MACtC,gBAAgB,oBAAA,EAAqB;AAAA,MACrC,gBAAgB,oBAAA,EAAqB;AAAA,MACrC,cAAc,0BAAA;AAA2B,KAC3C;AACA,IAAA,cAAA,CAAe,OAAO,CAAA;AACtB,IAAA,SAAA,CAAU,OAAA,GAAU,iBAAiB,OAAO,CAAA;AAC5C,IAAA,oBAAA,CAAqB,UAAU,OAAO,CAAA;AACtC,IAAA,OAAO,MAAM;AACX,MAAA,oBAAA,CAAqB,IAAI,CAAA;AACzB,MAAA,SAAA,CAAU,OAAA,GAAU,IAAA;AACpB,MAAA,cAAA,CAAe,IAAI,CAAA;AACnB,MAAA,iBAAA,CAAkB,MAAM,EAAE,QAAA,EAAU,EAAA,EAAI,KAAA,EAAO,IAAI,CAAA;AACnD,MAAA,mBAAA,CAAoB,EAAE,CAAA;AAAA,IACxB,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,iBAAA,EAAmB,KAAA,EAAO,cAAc,CAAC,CAAA;AAG7C,EAAAC,eAAA,CAAU,MAAM;AACd,IAAA,MAAMC,kBAAAA,GAAoB,UAAA,IAAc,MAAA,CAAO,aAAA,EAAc;AAE7D,IAAA,MAAA,CAAO,MAAM,oCAAA,EAAsC;AAAA,MACjD,YAAY,UAAA,IAAc,gBAAA;AAAA,MAC1B,OAAO,KAAA,IAAS,EAAA;AAAA,MAChB,iBAAA,EAAAA;AAAA,KACD,CAAA;AAED,IAAA,IAAIA,kBAAAA,EAAmB;AACrB,MAAA,MAAM,iBAAA,GAAoB,UAAA,CAAW,aAAA,CAAc,YAAY,CAAC,CAAA;AAChE,MAAA,MAAM,gBAAA,GAAmB,qBAAqB,iBAAA,KAAsBA,kBAAAA;AAEpE,MAAA,IAAI,gBAAA,EAAkB;AACpB,QAAA,MAAA,CAAO,MAAM,uCAAA,EAAyC,EAAE,UAAU,iBAAA,EAAmB,IAAA,EAAMA,oBAAmB,CAAA;AAE9G,QAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,UAAA,MAAM,UAAA,GAAa,OAAO,QAAA,CAAS,IAAA;AACnC,UAAA,MAAM,aAAa,UAAA,CAAW,QAAA,CAAS,OAAO,CAAA,IAAK,UAAA,CAAW,SAAS,QAAQ,CAAA;AAC/E,UAAA,IAAI,UAAA,EAAY;AACd,YAAA,MAAMC,SAAAA,GAAW,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,OAAO,QAAA,CAAS,QAAA;AAC1D,YAAA,MAAA,CAAO,QAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,OAAOA,SAAQ,CAAA;AAAA,UAC1D;AAAA,QACF;AAEA,QAAA,aAAA,CAAc,aAAA,CAAc,cAAc,CAAC,CAAA;AAC3C,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAC5C,QAAA,aAAA,CAAc,aAAA,CAAc,YAAY,CAAC,CAAA;AACzC,QAAA,aAAA,CAAc,aAAA,CAAc,UAAU,CAAC,CAAA;AACvC,QAAA,aAAA,CAAc,aAAA,CAAc,OAAO,CAAC,CAAA;AACpC,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAC5C,QAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,QAAA,uBAAA,EAAwB;AACxB,QAAA,cAAA,EAAe;AACf,QAAA,aAAA,CAAc,aAAA,CAAc,WAAW,CAAC,CAAA;AACxC,QAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,UAAA,MAAA,CAAO,YAAA,CAAa,UAAA,CAAW,aAAA,CAAc,aAAa,CAAC,CAAA;AAC3D,UAAA,MAAA,CAAO,YAAA,CAAa,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA;AAAA,QACpE;AAEA,QAAA,UAAA,CAAW,aAAA,CAAc,eAAe,CAAA,EAAG,MAAM,CAAA;AACjD,QAAA,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAA,EAAG,MAAM,CAAA;AACnD,QAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAGD,kBAAiB,CAAA;AAE7D,QAAA,QAAA,CAAS;AAAA,UACP,eAAA,EAAiB,KAAA;AAAA,UACjB,WAAA,EAAa,IAAA;AAAA,UACb,SAAA,EAAW,IAAA;AAAA,UACX,KAAA,EAAO;AAAA,SACR,CAAA;AAAA,MACH,WAAW,iBAAA,EAAmB;AAC5B,QAAA,MAAA,CAAO,KAAA,CAAM,oCAAA,EAAsC,EAAE,SAAA,EAAWA,oBAAmB,CAAA;AAAA,MACrF;AAGA,MAAA,UAAA,CAAW,aAAA,CAAc,cAAc,CAAA,EAAG,IAAA,CAAK,UAAU,EAAE,SAAA,EAAWA,kBAAAA,EAAmB,CAAC,CAAA;AAC1F,MAAA,UAAA,CAAW,aAAA,CAAc,YAAY,CAAA,EAAGA,kBAAiB,CAAA;AAAA,IAC3D,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,MAAM,0CAA0C,CAAA;AAAA,IACzD;AAAA,EACF,CAAA,EAAG,CAAC,UAAA,EAAY,KAAK,CAAC,CAAA;AAEtB,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAIE,cAAA,CAAoB;AAAA,IAC5C,eAAA,EAAiB,KAAA;AAAA,IACjB,WAAA,EAAa,IAAA;AAAA,IACb,SAAA,EAAW,QAAA;AAAA,IACX,KAAA,EAAO;AAAA,GACR,CAAA;AAKD,EAAA,MAAM,aAAA,GAAgBC,kBAAY,MAAM;AACtC,IAAA,IAAI;AACF,MAAA,MAAM,SAAS,SAAA,CAAU,OAAA;AACzB,MAAA,IAAI,aAAA;AACJ,MAAA,IAAI,WAAA;AACJ,MAAA,IAAI,KAAA,GAAuB,IAAA;AAE3B,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAM,CAAA,GAAI,OAAO,QAAA,EAAS;AAC1B,QAAA,aAAA,GAAgB,CAAA,CAAE,MAAA,KAAW,eAAA,IAAmB,CAAC,CAAC,CAAA,CAAE,WAAA;AACpD,QAAA,WAAA,GAAc,CAAA,CAAE,WAAA;AAChB,QAAA,KAAA,GAAQ,CAAA,CAAE,KAAA;AAAA,MACZ,CAAA,MAAO;AACL,QAAA,WAAA,GAAc,cAAA,EAAqB;AACnC,QAAA,aAAA,GAAgB,CAAC,CAAC,WAAA,IAAe,CAAC,oBAAA,EAAqB;AAAA,MACzD;AAEA,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,aAAA;AAAA,QACjB,WAAA;AAAA,QACA,SAAA,EAAW,KAAA;AAAA,QACX;AAAA,OACD,CAAA;AAED,MAAA,IAAI,aAAA,EAAe;AAAA,MACnB,CAAA,MAAO;AACL,QAAA,kBAAA,EAAmB;AACnB,QAAA,iBAAA,EAAkB;AAAA,MACpB;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAClB,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,KAAA;AAAA,QACjB,WAAA,EAAa,IAAA;AAAA,QACb,SAAA,EAAW,KAAA;AAAA,QACX,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,OACjD,CAAA;AAAA,IACH;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAML,EAAAJ,eAAA,CAAU,MAAM;AACd,IAAA,IAAI,CAAC,QAAA,EAAU;AAEf,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAC,CAAA,KAAM,MAAA;AACxE,IAAA,MAAM,YAAA,GAAe,UAAA,CAAW,aAAA,CAAc,eAAe,CAAC,CAAA,KAAM,MAAA;AACpE,IAAA,IAAI,CAAC,cAAA,IAAkB,CAAC,YAAA,EAAc;AAEtC,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,SAAS,YAAY;AACzB,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,CAAU,SAAS,IAAA,EAAK;AAC9B,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,aAAA,EAAc;AAAA,QAChB;AAAA,MACF,CAAA,SAAE;AACA,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAAA,MAC9C;AAAA,IACF,CAAA;AAEA,IAAA,MAAA,EAAO;AAEP,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AAAA,IACd,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,QAAA,EAAU,UAAA,EAAY,aAAa,CAAC,CAAA;AAKxC,EAAAA,eAAA,CAAU,MAAM;AACd,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,OAAM,CAAE,CAAA;AAClD,MAAA;AAAA,IACF;AACA,IAAA,IAAI,WAAW,OAAA,EAAS;AACxB,IAAA,UAAA,CAAW,OAAA,GAAU,IAAA;AAErB,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,OAAO,YAAY;AACvB,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,CAAU,SAAS,IAAA,EAAK;AAC9B,QAAA,IAAI,CAAC,WAAW,aAAA,EAAc;AAAA,MAChC,SAAS,KAAA,EAAO;AACd,QAAA,kBAAA,EAAmB;AACnB,QAAA,iBAAA,EAAkB;AAClB,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,QAAA,CAAS;AAAA,YACP,eAAA,EAAiB,KAAA;AAAA,YACjB,WAAA,EAAa,IAAA;AAAA,YACb,SAAA,EAAW,KAAA;AAAA,YACX,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,WACjD,CAAA;AAAA,QACH;AAAA,MACF;AAAA,IACF,CAAA;AAEA,IAAA,IAAA,EAAK;AAEL,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AACZ,MAAA,UAAA,CAAW,OAAA,GAAU,KAAA;AACrB,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAAA,IACpB,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,QAAA,EAAU,aAAa,CAAC,CAAA;AAK5B,EAAA,MAAM,KAAA,GAAQI,kBAAY,YAAY;AACpC,IAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,MAAK,CAAE,CAAA;AACjD,IAAA,MAAM,SAAA,CAAU,SAAS,KAAA,EAAM;AAC/B,IAAA,aAAA,EAAc;AAAA,EAChB,CAAA,EAAG,CAAC,aAAa,CAAC,CAAA;AAKlB,EAAA,MAAMC,OAAAA,GAASD,kBAAY,YAAY;AACrC,IAAA,kBAAA,EAAmB;AACnB,IAAA,iBAAA,EAAkB;AAClB,IAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,MAAK,CAAE,CAAA;AAEjD,IAAA,IAAI;AACF,MAAA,MAAM,UAAU,OAAA,EAAS,MAAA,CAAO,EAAE,SAAA,EAAW,YAAY,CAAA;AACzD,MAAA,kBAAA,EAAmB;AAAA,IACrB,CAAA,SAAE;AACA,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAClB,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,KAAA;AAAA,QACjB,WAAA,EAAa,IAAA;AAAA,QACb,SAAA,EAAW,KAAA;AAAA,QACX,KAAA,EAAO;AAAA,OACR,CAAA;AAAA,IACH;AAAA,EACF,CAAA,EAAG,CAAC,UAAU,CAAC,CAAA;AAKf,EAAA,MAAM,YAAA,GAAeA,kBAAY,YAA6B;AAC5D,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAY,MAAM,SAAA,CAAU,OAAA,EAAS,SAAQ,IAAM,EAAA;AACzD,MAAA,aAAA,EAAc;AACd,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAMC,OAAAA,EAAO;AACb,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF,CAAA,EAAG,CAAC,aAAA,EAAeA,OAAM,CAAC,CAAA;AAK1B,EAAA,MAAM,mBAAA,GAAsBD,kBAAY,YAA6B;AACnE,IAAA,IAAI;AACF,MAAA,MAAM,KAAA,GAAQ,MAAM,SAAA,CAAU,OAAA,EAAS,cAAA,EAAe;AACtD,MAAA,IAAI,CAAC,KAAA,EAAO,MAAM,IAAI,MAAM,mBAAmB,CAAA;AAC/C,MAAA,aAAA,EAAc;AACd,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAMC,OAAAA,EAAO;AACb,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF,CAAA,EAAG,CAAC,aAAA,EAAeA,OAAM,CAAC,CAAA;AAK1B,EAAA,MAAM,SAAA,GAAYD,iBAAA,CAAY,CAAC,WAAA,KAA8B;AAC3D,IAAA,QAAA,CAAS;AAAA,MACP,eAAA,EAAiB,IAAA;AAAA,MACjB,WAAA;AAAA,MACA,SAAA,EAAW,KAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,MAAM,YAAA,GAAeP,aAAA;AAAA,IACnB,OAAO;AAAA,MACL,GAAG,KAAA;AAAA,MACH,KAAA;AAAA,MACA,MAAA,EAAAQ,OAAAA;AAAA,MACA,YAAA;AAAA,MACA,cAAA,EAAgB,mBAAA;AAAA,MAChB;AAAA,KACF,CAAA;AAAA,IACA,CAAC,KAAA,EAAO,KAAA,EAAOA,OAAAA,EAAQ,YAAA,EAAc,qBAAqB,SAAS;AAAA,GACrE;AAEA,EAAA,sCACG,WAAA,CAAY,QAAA,EAAZ,EAAqB,KAAA,EAAO,cAC1B,QAAA,EACH,CAAA;AAEJ;AC5XA,IAAM,mBAAA,GAAsB,aAAA;AAUrB,SAAS,YAAA,CAAa;AAAA,EAC3B,SAAA,GAAY,QAAA;AAAA,EACZ,WAAA,GAAc,YAAA;AAAA,EACd,QAAA,GAAW;AACb,CAAA,EAAyC;AACvC,EAAA,MAAM,EAAE,SAAA,EAAU,GAAI,cAAA,EAAe;AACrC,EAAA,MAAM,UAAA,GAAaP,aAAO,KAAK,CAAA;AAC/B,EAAA,MAAM,CAAC,MAAA,EAAQ,SAAS,CAAA,GAAIK,eAAsB,MAAM,CAAA;AACxD,EAAA,MAAM,CAAC,OAAA,EAAS,UAAU,CAAA,GAAIA,eAAiB,EAAE,CAAA;AAEjD,EAAAH,gBAAU,MAAM;AACd,IAAA,IAAI,WAAW,OAAA,EAAS;AACxB,IAAA,UAAA,CAAW,OAAA,GAAU,IAAA;AAErB,IAAA,MAAM,SAAA,GAAY,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AAC5D,IAAA,MAAM,oBAAoB,SAAA,CAAU,GAAA,CAAI,MAAM,CAAA,IAAK,SAAA,CAAU,IAAI,OAAO,CAAA;AAExE,IAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,MAAA,MAAA,CAAO,QAAA,CAAS,OAAA,CAAQ,SAAA,IAAa,QAAQ,CAAA;AAC7C,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,GAAA,CAAI,OAAO,CAAA;AACnC,IAAA,MAAM,gBAAA,GAAmB,SAAA,CAAU,GAAA,CAAI,mBAAmB,CAAA;AAC1D,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,SAAA,CAAU,OAAO,CAAA;AACjB,MAAA,UAAA,CAAW,CAAA,EAAG,KAAK,CAAA,EAAA,EAAK,gBAAA,IAAoB,sBAAsB,CAAA,CAAE,CAAA;AACpE,MAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,KAAA,EAAO,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AACjG,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,cAAc,YAAY;AAC9B,MAAA,SAAA,CAAU,SAAS,CAAA;AACnB,MAAA,UAAA,CAAW,uBAAuB,CAAA;AAGlC,MAAA,MAAM,OAAA,GAAU,MAAM,cAAA,EAAe;AAErC,MAAA,IAAI,OAAA,EAAS;AACX,QAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,QAAA,IAAI,KAAA,YAAiB,KAAK,CAAA;AAC1B,QAAA,SAAA,CAAU,SAAS,CAAA;AACnB,QAAA,UAAA,CAAW,2CAA2C,CAAA;AACtD,QAAA,MAAA,CAAO,QAAA,CAAS,QAAQ,WAAW,CAAA;AAAA,MACrC,CAAA,MAAO;AACL,QAAA,SAAA,CAAU,OAAO,CAAA;AACjB,QAAA,UAAA,CAAW,0CAA0C,CAAA;AACrD,QAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,KAAA,EAAO,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AAAA,MACnG;AAAA,IACF,CAAA;AAEA,IAAA,WAAA,EAAY;AAAA,EACd,GAAG,CAAC,QAAA,EAAU,SAAA,EAAW,WAAA,EAAa,SAAS,CAAC,CAAA;AAEhD,EAAA,MAAM,cAAA,GAAsC;AAAA,IAC1C,SAAA,EAAW,OAAA;AAAA,IACX,OAAA,EAAS,MAAA;AAAA,IACT,aAAA,EAAe,QAAA;AAAA,IACf,UAAA,EAAY,QAAA;AAAA,IACZ,cAAA,EAAgB,QAAA;AAAA,IAChB,OAAA,EAAS,EAAA;AAAA,IACT,UAAA,EAAY,wDAAA;AAAA,IACZ,SAAA,EAAW;AAAA,GACb;AAEA,EAAA,MAAM,UAAA,GAAkC;AAAA,IACtC,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,SAAA;AAAA,IACV,UAAA,EAAY,GAAA;AAAA,IACZ,KAAA,EAAO,SAAA;AAAA,IACP,YAAA,EAAc;AAAA,GAChB;AAEA,EAAA,MAAM,YAAA,GAAoC;AAAA,IACxC,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,WAAA;AAAA,IACV,KAAA,EAAO,MAAA;AAAA,IACP,UAAA,EAAY,GAAA;AAAA,IACZ,QAAA,EAAU;AAAA,GACZ;AAEA,EAAA,MAAM,aAAA,GAAqC;AAAA,IACzC,SAAA,EAAW,EAAA;AAAA,IACX,OAAA,EAAS,WAAA;AAAA,IACT,eAAA,EAAiB,SAAA;AAAA,IACjB,MAAA,EAAQ,mBAAA;AAAA,IACR,YAAA,EAAc,CAAA;AAAA,IACd,KAAA,EAAO,SAAA;AAAA,IACP,QAAA,EAAU,UAAA;AAAA,IACV,QAAA,EAAU;AAAA,GACZ;AAEA,EAAA,MAAM,cAAA,GAAsC;AAAA,IAC1C,SAAA,EAAW,EAAA;AAAA,IACX,QAAA,EAAU,UAAA;AAAA,IACV,KAAA,EAAO,SAAA;AAAA,IACP,cAAA,EAAgB,MAAA;AAAA,IAChB,MAAA,EAAQ;AAAA,GACV;AAEA,EAAA,MAAM,YAAA,GAAoC;AAAA,IACxC,KAAA,EAAO,EAAA;AAAA,IACP,MAAA,EAAQ,EAAA;AAAA,IACR,MAAA,EAAQ,mBAAA;AAAA,IACR,cAAA,EAAgB,SAAA;AAAA,IAChB,YAAA,EAAc,KAAA;AAAA,IACd,SAAA,EAAW,yCAAA;AAAA,IACX,YAAA,EAAc;AAAA,GAChB;AAEA,EAAA,MAAM,eAAA,GAAuC;AAAA,IAC3C,QAAA,EAAU,UAAA;AAAA,IACV,GAAA,EAAK,EAAA;AAAA,IACL,IAAA,EAAM,KAAA;AAAA,IACN,SAAA,EAAW,kBAAA;AAAA,IACX,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,UAAA;AAAA,IACV,UAAA,EAAY,GAAA;AAAA,IACZ,KAAA,EAAO,SAAA;AAAA,IACP,aAAA,EAAe;AAAA,GACjB;AAEA,EAAA,uBACEM,eAAA,CAAC,SAAI,KAAA,EAAO,EAAE,GAAG,cAAA,EAAgB,QAAA,EAAU,YAAW,EACpD,QAAA,EAAA;AAAA,oBAAAC,cAAAA,CAAC,WAAO,QAAA,EAAA,CAAA,mEAAA,CAAA,EAAsE,CAAA;AAAA,oBAC9EA,cAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,iBAAkB,QAAA,EAAA,mBAAA,EAAoB,CAAA;AAAA,IAC/C,MAAA,KAAW,6BACVD,eAAA,CAAAE,mBAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAD,cAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,YAAA,EAAc,eAAW,IAAA,EAAC,CAAA;AAAA,sBACtCA,cAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,YAAY,QAAA,EAAA,mBAAA,EAAiB,CAAA;AAAA,sBACxCA,cAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,+CAAA,EAA6C;AAAA,KAAA,EACvE,CAAA;AAAA,IAED,MAAA,KAAW,6BACVD,eAAA,CAAAE,mBAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAD,cAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,UAAA,EAAY,QAAA,EAAA,wBAAA,EAAsB,CAAA;AAAA,sBAC7CA,cAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,sBAAA,EAAoB;AAAA,KAAA,EAC9C,CAAA;AAAA,IAED,MAAA,KAAW,2BACVD,eAAA,CAAAE,mBAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAD,cAAAA,CAAC,QAAG,KAAA,EAAO,EAAE,GAAG,UAAA,EAAY,KAAA,EAAO,SAAA,EAAU,EAAG,QAAA,EAAA,uBAAA,EAAqB,CAAA;AAAA,sBACrEA,cAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,eAAgB,QAAA,EAAA,OAAA,EAAQ,CAAA;AAAA,sBACpCA,cAAAA;AAAA,QAAC,GAAA;AAAA,QAAA;AAAA,UACC,IAAA,EAAM,SAAA;AAAA,UACN,KAAA,EAAO,cAAA;AAAA,UACP,OAAA,EAAS,CAAC,CAAA,KAAM;AACd,YAAA,CAAA,CAAE,cAAA,EAAe;AACjB,YAAA,MAAA,CAAO,SAAS,IAAA,GAAO,SAAA;AAAA,UACzB,CAAA;AAAA,UACD,QAAA,EAAA;AAAA;AAAA;AAED,KAAA,EACF,CAAA;AAAA,IAED,MAAA,KAAW,0BACVD,eAAA,CAAAE,mBAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAD,cAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,YAAA,EAAc,eAAW,IAAA,EAAC,CAAA;AAAA,sBACtCA,cAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,YAAY,QAAA,EAAA,uBAAA,EAAqB,CAAA;AAAA,sBAC5CA,cAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,4BAAA,EAA0B;AAAA,KAAA,EACpD;AAAA,GAAA,EAEJ,CAAA;AAEJ;;;ACxKO,SAAS,OAAA,GAA4B;AAC1C,EAAA,OAAO,cAAA,EAAe;AACxB;ACJO,SAAS,cAAA,CAAe;AAAA,EAC7B,QAAA;AAAA,EACA,QAAA,GAAW,IAAA;AAAA,EACX,SAAA,GAAY;AACd,CAAA,EAA2C;AACzC,EAAA,MAAM,EAAE,eAAA,EAAiB,cAAA,EAAAf,eAAAA,EAAgB,KAAA,KAAU,OAAA,EAAQ;AAC3D,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAIW,eAAS,KAAK,CAAA;AACxC,EAAA,MAAM,iBAAA,GAAoBL,aAAO,KAAK,CAAA;AAEtC,EAAAE,gBAAU,MAAM;AACd,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,MAAM,YAAY;AACtB,MAAA,IAAI,eAAA,EAAiB;AACnB,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,IAAI,CAAA;AAC7B,QAAA;AAAA,MACF;AAEA,MAAA,IAAI;AACF,QAAA,MAAMR,eAAAA,EAAe;AACrB,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,IAAI,CAAA;AAAA,MAC/B,CAAA,CAAA,MAAQ;AACN,QAAA,IAAI,SAAA,IAAa,CAAC,iBAAA,CAAkB,OAAA,EAAS;AAC3C,UAAA,iBAAA,CAAkB,OAAA,GAAU,IAAA;AAC5B,UAAA,MAAM,KAAA,EAAM;AAAA,QACd;AACA,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,KAAK,CAAA;AAAA,MAChC;AAAA,IACF,CAAA;AAEA,IAAA,GAAA,EAAI;AAEJ,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AAAA,IACd,CAAA;AAAA,EACF,GAAG,CAAC,SAAA,EAAWA,eAAAA,EAAgB,eAAA,EAAiB,KAAK,CAAC,CAAA;AAEtD,EAAA,IAAI,CAAC,KAAA,IAAS,CAAC,eAAA,EAAiB;AAC9B,IAAA,uBAAOe,cAAAA,CAAAC,mBAAAA,EAAA,EAAG,QAAA,EAAA,QAAA,EAAS,CAAA;AAAA,EACrB;AAEA,EAAA,uBAAOD,cAAAA,CAAAC,mBAAAA,EAAA,EAAG,QAAA,EAAS,CAAA;AACrB;AClCO,SAAS,WAAA,GAAiC;AAC/C,EAAA,MAAM,CAAC,SAAA,EAAW,YAAY,CAAA,GAAIL,eAAS,KAAK,CAAA;AAChD,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAIA,eAAwB,IAAI,CAAA;AAGtD,EAAA,MAAM,aAAA,GAAgBL,aAAO,KAAK,CAAA;AAGlC,EAAA,MAAM,UAAA,GAAaA,aAAO,IAAI,CAAA;AAE9B,EAAAE,gBAAU,MAAM;AACd,IAAA,OAAO,MAAM;AACX,MAAA,UAAA,CAAW,OAAA,GAAU,KAAA;AAAA,IACvB,CAAA;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,MAAM,IAAA,GAAOI,kBAAY,YAAY;AAEnC,IAAA,IAAI,cAAc,OAAA,EAAS;AACzB,MAAA;AAAA,IACF;AAEA,IAAA,aAAA,CAAc,OAAA,GAAU,IAAA;AAExB,IAAA,IAAI,WAAW,OAAA,EAAS;AACtB,MAAA,YAAA,CAAa,IAAI,CAAA;AACjB,MAAA,QAAA,CAAS,IAAI,CAAA;AAAA,IACf;AAEA,IAAA,IAAI;AAEF,MAAA,MAAM,SAAA,EAAU;AAAA,IAClB,SAAS,GAAA,EAAK;AACZ,MAAA,IAAI,WAAW,OAAA,EAAS;AACtB,QAAA,QAAA;AAAA,UACE,GAAA,YAAe,KAAA,GACX,GAAA,CAAI,OAAA,GACJ;AAAA,SACN;AAAA,MACF;AAAA,IACF,CAAA,SAAE;AACA,MAAA,aAAA,CAAc,OAAA,GAAU,KAAA;AAExB,MAAA,IAAI,WAAW,OAAA,EAAS;AACtB,QAAA,YAAA,CAAa,KAAK,CAAA;AAAA,MACpB;AAAA,IACF;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,OAAOP,aAAAA;AAAA,IACL,OAAO,EAAE,SAAA,EAAW,KAAA,EAAO,IAAA,EAAK,CAAA;AAAA,IAChC,CAAC,SAAA,EAAW,KAAA,EAAO,IAAI;AAAA,GACzB;AACF","file":"index.js","sourcesContent":["/**\r\n * Runtime context: single get/set for auth runtime.\r\n * Core reads from here; host (e.g. React layer) sets before any core code runs.\r\n */\r\n\r\nimport type { AuthRuntime } from './types';\r\n\r\nlet currentRuntime: AuthRuntime | null = null;\r\n\r\nexport function setAuthRuntime(runtime: AuthRuntime | null): void {\r\n currentRuntime = runtime;\r\n}\r\n\r\nexport function getAuthRuntime(): AuthRuntime | null {\r\n return currentRuntime;\r\n}\r\n\r\n/** Returns runtime or throws if not set (use in core when runtime is required). */\r\nexport function requireAuthRuntime(): AuthRuntime {\r\n const r = currentRuntime;\r\n if (!r) {\r\n throw new Error(\r\n '[tenneo-auth] Auth runtime not set. Wrap your app with AuthProvider (or setAuthRuntime) before using auth.'\r\n );\r\n }\r\n return r;\r\n}\r\n","/**\r\n * Pure domain logic for tenant key extraction and callback URL detection.\r\n * No window/document; no I/O. Single source of truth for tenant/callback helpers.\r\n */\r\n\r\n/** Minimal URL shape required for tenant/callback logic. */\r\nexport interface UrlLike {\r\n search: string;\r\n hostname: string;\r\n}\r\n\r\n/** Minimal config shape required for tenant extraction. */\r\nexport interface ConfigProviderLike {\r\n getClientCode(): string;\r\n getTenantId(): string;\r\n}\r\n\r\nexport function isLocalhost(hostname: string): boolean {\r\n return (\r\n hostname === 'localhost' ||\r\n hostname === '127.0.0.1' ||\r\n hostname === '[::1]' ||\r\n hostname.startsWith('192.168.') ||\r\n hostname.startsWith('10.') ||\r\n hostname.endsWith('.local')\r\n );\r\n}\r\n\r\nfunction extractTenantKeyFromDomain(\r\n urlOrHostname: string,\r\n config: ConfigProviderLike\r\n): string | null {\r\n try {\r\n let hostname: string;\r\n if (urlOrHostname.startsWith('http://') || urlOrHostname.startsWith('https://')) {\r\n try {\r\n const url = new URL(urlOrHostname);\r\n hostname = url.hostname;\r\n } catch {\r\n hostname = urlOrHostname.replace(/^https?:\\/\\//, '').split('/')[0];\r\n }\r\n } else {\r\n hostname = urlOrHostname;\r\n }\r\n const parts = hostname.split('.');\r\n if (parts.length < 2) return config.getClientCode();\r\n const tenantKey = parts[0];\r\n if (!tenantKey || tenantKey.trim() === '') return config.getClientCode();\r\n if (tenantKey.trim().toLowerCase() === 'productlms') return config.getClientCode();\r\n return tenantKey.trim();\r\n } catch {\r\n return config.getClientCode();\r\n }\r\n}\r\n\r\n/**\r\n * Extracts tenant key from URL + storage + config. Pure; no window usage.\r\n */\r\nexport function extractTenantKeyFromUrl(\r\n url: UrlLike,\r\n config: ConfigProviderLike,\r\n getStorage: (key: string) => string | null,\r\n getKey?: (suffix: string) => string\r\n): string | null {\r\n try {\r\n const propsConfigKey = getKey ? getKey('props_config') : 'tenneo_auth_props_config';\r\n const propsConfigStr = getStorage(propsConfigKey);\r\n if (propsConfigStr) {\r\n try {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n if (propsConfig.tenantKey?.trim()) return propsConfig.tenantKey.trim();\r\n } catch {\r\n // continue\r\n }\r\n }\r\n const tenantKeyStorageKey = getKey ? getKey('tenant_key') : 'tenneo_auth_tenant_key';\r\n const storedTenantKey = getStorage(tenantKeyStorageKey);\r\n if (storedTenantKey?.trim()) return storedTenantKey.trim();\r\n\r\n const urlParams = new URLSearchParams(url.search);\r\n const tenantKeyFromQuery = urlParams.get('t');\r\n if (tenantKeyFromQuery?.trim()) {\r\n const hostnameParts = url.hostname.split('.');\r\n const baseDomain = hostnameParts.length >= 2\r\n ? hostnameParts.slice(-2).join('.')\r\n : url.hostname;\r\n const simulatedHostname = `${tenantKeyFromQuery.trim()}.${baseDomain}`;\r\n const key = extractTenantKeyFromDomain(simulatedHostname, config);\r\n if (key) return key;\r\n return tenantKeyFromQuery.trim();\r\n }\r\n\r\n const keyFromHost = extractTenantKeyFromDomain(url.hostname, config);\r\n if (keyFromHost) return keyFromHost;\r\n\r\n const clientCode = config.getClientCode();\r\n if (clientCode?.trim()) return clientCode.trim();\r\n const tenantId = config.getTenantId();\r\n if (tenantId?.trim()) return tenantId.trim();\r\n return config.getClientCode();\r\n } catch {\r\n const clientCode = config.getClientCode();\r\n if (clientCode?.trim()) return clientCode.trim();\r\n return config.getTenantId() || config.getClientCode();\r\n }\r\n}\r\n\r\n/** Returns true if URL has code and state (OAuth callback). */\r\nexport function isCallbackUrlFromUrl(url: UrlLike): boolean {\r\n const params = new URLSearchParams(url.search);\r\n return params.has('code') && params.has('state');\r\n}\r\n","/**\r\n * Dynamic storage key prefix by tenant code.\r\n * When tenant code is set, prefix is `${normalizedTenantCode}_auth_`; otherwise `tenneo_auth_`.\r\n */\r\n\r\nconst DEFAULT_PREFIX = 'tenneo_auth_';\r\n\r\nlet currentPrefix = DEFAULT_PREFIX;\r\n\r\nexport function getStorageKeyPrefix(): string {\r\n return currentPrefix;\r\n}\r\n\r\n/**\r\n * Normalize tenant code for use in storage keys (alphanumeric + underscore only).\r\n */\r\nfunction normalizeTenantCode(tenantCode: string): string {\r\n const trimmed = tenantCode.trim();\r\n if (!trimmed) return '';\r\n return trimmed.replace(/[^a-zA-Z0-9_]/g, '_').toLowerCase();\r\n}\r\n\r\n/**\r\n * Set the storage key prefix from tenant code.\r\n * Call when tenant is known (e.g. from AuthProvider). Empty string resets to default.\r\n */\r\nexport function setStorageKeyPrefix(tenantCode: string): void {\r\n const normalized = normalizeTenantCode(tenantCode);\r\n currentPrefix = normalized ? `${normalized}_auth_` : DEFAULT_PREFIX;\r\n}\r\n\r\n/**\r\n * Build full storage key for a suffix using the current prefix.\r\n */\r\nexport function getStorageKey(suffix: string): string {\r\n return getStorageKeyPrefix() + suffix;\r\n}\r\n","/**\r\n * Storage key namespacing: auth_${tenantId}_${appId}_*\r\n * Backward compatibility: when both tenantId and appId are empty, use dynamic prefix (from tenant code).\r\n */\r\n\r\nimport type { StorageNamespace } from './types';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\n/**\r\n * Builds a namespaced storage key.\r\n * - When tenantId and appId are both falsy: returns getStorageKeyPrefix() + suffix (tenant-code-based or default).\r\n * - Otherwise: returns auth_${tenantId}_${appId}_${suffix}.\r\n */\r\nexport function buildStorageKey(\r\n ns: StorageNamespace,\r\n suffix: string\r\n): string {\r\n const { tenantId, appId } = ns;\r\n if (!tenantId && !appId) {\r\n return `${getStorageKeyPrefix()}${suffix}`;\r\n }\r\n const tid = tenantId || '';\r\n const aid = appId || '';\r\n return `auth_${tid}_${aid}_${suffix}`;\r\n}\r\n\r\n/** Suffixes used for token keys (same as legacy STORAGE_KEYS without prefix). */\r\nexport const TOKEN_KEY_SUFFIXES = {\r\n accessToken: 'access_token',\r\n refreshToken: 'refresh_token',\r\n expiresAt: 'expires_at',\r\n} as const;\r\n\r\n/** Suffixes for config/flow keys (aligned with existing tenneo_auth_* keys). */\r\nexport const CONFIG_KEY_SUFFIXES = {\r\n authServerUrl: 'auth_server_url',\r\n clientId: 'client_id',\r\n redirectUri: 'redirect_uri',\r\n tenantId: 'tenant_id',\r\n tenantKey: 'tenant_key',\r\n codeVerifier: 'code_verifier',\r\n state: 'state',\r\n callbackProcessed: 'callback_processed',\r\n callbackProcessing: 'callback_processing',\r\n callbackAttempted: 'callback_attempted',\r\n flowInProgress: 'flow_in_progress',\r\n flowTimestamp: 'flow_timestamp',\r\n logoutProcessing: 'logout_processing',\r\n propsConfig: 'props_config',\r\n propsChanged: 'props_changed',\r\n tenantSwitched: 'tenant_switched',\r\n newTenantKey: 'new_tenant_key',\r\n stateMismatch: 'state_mismatch',\r\n bootstrapInProgress: 'bootstrap_in_progress',\r\n bootstrapTimestamp: 'bootstrap_timestamp',\r\n callbackHandled: 'callback_handled',\r\n idToken: 'id_token',\r\n} as const;\r\n","/**\r\n * Storage context: current adapter and namespace.\r\n * Can be set via setStorageContext (legacy) or setAuthRuntime (full runtime).\r\n * No window/document usage.\r\n */\r\n\r\nimport type { StorageAdapter, StorageNamespace } from './types';\r\nimport { getAuthRuntime } from '../runtime/context';\r\n\r\nlet currentAdapter: StorageAdapter | null = null;\r\nlet currentNamespace: StorageNamespace = { tenantId: '', appId: '' };\r\n\r\nexport function setStorageContext(\r\n adapter: StorageAdapter | null,\r\n namespace: Partial<StorageNamespace> = {}\r\n): void {\r\n currentAdapter = adapter;\r\n currentNamespace = {\r\n tenantId: namespace.tenantId ?? '',\r\n appId: namespace.appId ?? '',\r\n };\r\n}\r\n\r\nexport function getStorageAdapter(): StorageAdapter | null {\r\n const runtime = getAuthRuntime();\r\n if (runtime?.storageAdapter) return runtime.storageAdapter;\r\n return currentAdapter;\r\n}\r\n\r\nexport function getStorageNamespace(): StorageNamespace {\r\n const runtime = getAuthRuntime();\r\n if (runtime?.storageNamespace) return { ...runtime.storageNamespace };\r\n return { ...currentNamespace };\r\n}\r\n","/**\r\n * In-memory storage adapter. SSR-safe; no window/document usage.\r\n * Default for server-side or when no persistent storage is desired.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { buildStorageKey, TOKEN_KEY_SUFFIXES } from './namespace';\r\n\r\nexport function createMemoryStorageAdapter(\r\n namespace: StorageNamespace\r\n): StorageAdapter {\r\n const store = new Map<string, string>();\r\n\r\n const getTokensSync = (): AuthTokens | null => {\r\n const accessToken = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken)) ?? null;\r\n const refreshToken = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken)) ?? null;\r\n const expiresAtStr = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt)) ?? null;\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n };\r\n\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n return getTokensSync();\r\n },\r\n getTokensSync,\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n },\r\n setTokensSync(tokens: AuthTokens): void {\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n clearTokensSync(): void {\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n return store.get(key) ?? null;\r\n },\r\n getItemSync(key: string): string | null {\r\n return store.get(key) ?? null;\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n store.set(key, value);\r\n },\r\n setItemSync(key: string, value: string): void {\r\n store.set(key, value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n store.delete(key);\r\n },\r\n removeItemSync(key: string): void {\r\n store.delete(key);\r\n },\r\n\r\n async clear(): Promise<void> {\r\n store.clear();\r\n },\r\n clearSync(): void {\r\n store.clear();\r\n },\r\n };\r\n}\r\n","/**\r\n * Session storage adapter with namespaced keys. SSR-safe: guards all\r\n * window/sessionStorage access with typeof window !== 'undefined'.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { buildStorageKey, TOKEN_KEY_SUFFIXES } from './namespace';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\nfunction getSessionStorage(): Storage | null {\r\n if (typeof window === 'undefined') return null;\r\n try {\r\n return window.sessionStorage;\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nexport function createSecureSessionStorageAdapter(\r\n namespace: StorageNamespace\r\n): StorageAdapter {\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n return getTokensSyncImpl(namespace);\r\n },\r\n getTokensSync(): AuthTokens | null {\r\n return getTokensSyncImpl(namespace);\r\n },\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n setTokensSyncImpl(namespace, tokens);\r\n },\r\n setTokensSync(tokens: AuthTokens): void {\r\n setTokensSyncImpl(namespace, tokens);\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n clearTokensSyncImpl(namespace);\r\n },\r\n clearTokensSync(): void {\r\n clearTokensSyncImpl(namespace);\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n return getItemSyncImpl(key);\r\n },\r\n getItemSync(key: string): string | null {\r\n return getItemSyncImpl(key);\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n setItemSyncImpl(key, value);\r\n },\r\n setItemSync(key: string, value: string): void {\r\n setItemSyncImpl(key, value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n removeItemSyncImpl(key);\r\n },\r\n removeItemSync(key: string): void {\r\n removeItemSyncImpl(key);\r\n },\r\n\r\n async clear(): Promise<void> {\r\n clearSyncImpl(namespace);\r\n },\r\n clearSync(): void {\r\n clearSyncImpl(namespace);\r\n },\r\n };\r\n}\r\n\r\nfunction getTokensSyncImpl(ns: StorageNamespace): AuthTokens | null {\r\n const storage = getSessionStorage();\r\n if (!storage) return null;\r\n try {\r\n const accessToken = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken));\r\n const refreshToken = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken));\r\n const expiresAtStr = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt));\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nfunction setTokensSyncImpl(ns: StorageNamespace, tokens: AuthTokens): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction clearTokensSyncImpl(ns: StorageNamespace): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken));\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken));\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction getItemSyncImpl(key: string): string | null {\r\n const storage = getSessionStorage();\r\n if (!storage) return null;\r\n try {\r\n return storage.getItem(key);\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nfunction setItemSyncImpl(key: string, value: string): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.setItem(key, value);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction removeItemSyncImpl(key: string): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.removeItem(key);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction clearSyncImpl(ns: StorageNamespace): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n const prefix = ns.tenantId || ns.appId\r\n ? `auth_${ns.tenantId || ''}_${ns.appId || ''}_`\r\n : getStorageKeyPrefix();\r\n const keys: string[] = [];\r\n for (let i = 0; i < storage.length; i++) {\r\n const key = storage.key(i);\r\n if (key && key.startsWith(prefix)) keys.push(key);\r\n }\r\n keys.forEach((k) => storage.removeItem(k));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n","/**\r\n * Cookie-based storage adapter (HttpOnly-compatible abstraction).\r\n * Tokens are stored in cookies; config/flow flags use cookies or fallback.\r\n * SSR-safe: all document/window access guarded with typeof window !== 'undefined'.\r\n *\r\n * Note: True HttpOnly cookies must be set by the server. This adapter uses\r\n * document.cookie for client-readable tokens when running in the browser,\r\n * and can be replaced by a server-backed implementation for HttpOnly.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { TOKEN_KEY_SUFFIXES, CONFIG_KEY_SUFFIXES } from './namespace';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\nconst DEFAULT_COOKIE_OPTIONS = {\r\n path: '/',\r\n sameSite: 'lax' as const,\r\n maxAge: 60 * 60 * 24 * 7, // 7 days for refresh token\r\n};\r\n\r\nfunction getDocument(): Document | null {\r\n if (typeof document === 'undefined') return null;\r\n return document;\r\n}\r\n\r\nfunction getCookie(name: string): string | null {\r\n const doc = getDocument();\r\n if (!doc || !doc.cookie) return null;\r\n const match = doc.cookie.match(new RegExp('(^| )' + name + '=([^;]+)'));\r\n return match ? decodeURIComponent(match[2]) : null;\r\n}\r\n\r\nfunction setCookie(\r\n name: string,\r\n value: string,\r\n options: { path?: string; sameSite?: 'lax' | 'strict' | 'none'; maxAge?: number } = {}\r\n): void {\r\n const doc = getDocument();\r\n if (!doc) return;\r\n const { path = '/', sameSite = 'lax', maxAge } = { ...DEFAULT_COOKIE_OPTIONS, ...options };\r\n let cookie = `${encodeURIComponent(name)}=${encodeURIComponent(value)};path=${path};SameSite=${sameSite}`;\r\n if (maxAge != null) cookie += `;max-age=${maxAge}`;\r\n doc.cookie = cookie;\r\n}\r\n\r\nfunction deleteCookie(name: string): void {\r\n const doc = getDocument();\r\n if (!doc) return;\r\n doc.cookie = `${encodeURIComponent(name)}=;path=/;max-age=0`;\r\n}\r\n\r\nexport function createCookieStorageAdapter(\r\n namespace: StorageNamespace,\r\n options?: { cookiePrefix?: string }\r\n): StorageAdapter {\r\n const prefix = options?.cookiePrefix ?? 'auth';\r\n const keyPrefix = namespace.tenantId || namespace.appId\r\n ? `auth_${namespace.tenantId || ''}_${namespace.appId || ''}_`\r\n : getStorageKeyPrefix();\r\n\r\n const cookieName = (suffix: string) =>\r\n `${prefix}_${namespace.tenantId || 't'}_${namespace.appId || 'a'}_${suffix}`.replace(/[^a-zA-Z0-9_]/g, '_');\r\n\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n const accessToken = getCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken));\r\n const refreshToken = getCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken));\r\n const expiresAtStr = getCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt));\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n },\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken, { maxAge: 60 * 60 });\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken, { maxAge: 60 * 60 * 24 * 7 });\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt), { maxAge: 60 * 60 * 24 });\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken));\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken));\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n return getCookie(cookieName(name));\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n setCookie(cookieName(name), value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n deleteCookie(cookieName(name));\r\n },\r\n\r\n async clear(): Promise<void> {\r\n const suffixes = Object.values(TOKEN_KEY_SUFFIXES);\r\n suffixes.forEach((s) => deleteCookie(cookieName(s)));\r\n Object.values(CONFIG_KEY_SUFFIXES).forEach((suffix) => deleteCookie(cookieName(suffix)));\r\n },\r\n };\r\n}\r\n","/**\r\n * Storage API: adapter-based get/set/clear. No direct window/sessionStorage.\r\n * Keys use dynamic prefix from tenant code (see prefix.ts).\r\n */\r\n\r\nimport type { StorageKeys } from '../../domain/auth-state';\r\nimport { getStorageAdapter, getStorageNamespace } from './context';\r\nimport { buildStorageKey } from './namespace';\r\nimport { getAuthRuntime } from '../runtime/context';\r\nimport { getStorageKeyPrefix, getStorageKey } from './prefix';\r\n\r\nconst KEY_SUFFIXES = {\r\n authServerUrl: 'auth_server_url',\r\n clientId: 'client_id',\r\n redirectUri: 'redirect_uri',\r\n tenantId: 'tenant_id',\r\n tenantKey: 'tenant_key',\r\n codeVerifier: 'code_verifier',\r\n state: 'state',\r\n accessToken: 'access_token',\r\n refreshToken: 'refresh_token',\r\n expiresAt: 'expires_at',\r\n} as const;\r\n\r\nexport const STORAGE_KEYS: StorageKeys = {\r\n get authServerUrl() { return getStorageKey(KEY_SUFFIXES.authServerUrl); },\r\n get clientId() { return getStorageKey(KEY_SUFFIXES.clientId); },\r\n get redirectUri() { return getStorageKey(KEY_SUFFIXES.redirectUri); },\r\n get tenantId() { return getStorageKey(KEY_SUFFIXES.tenantId); },\r\n get tenantKey() { return getStorageKey(KEY_SUFFIXES.tenantKey); },\r\n get codeVerifier() { return getStorageKey(KEY_SUFFIXES.codeVerifier); },\r\n get state() { return getStorageKey(KEY_SUFFIXES.state); },\r\n get accessToken() { return getStorageKey(KEY_SUFFIXES.accessToken); },\r\n get refreshToken() { return getStorageKey(KEY_SUFFIXES.refreshToken); },\r\n get expiresAt() { return getStorageKey(KEY_SUFFIXES.expiresAt); },\r\n} as const;\r\n\r\nfunction keyToSuffix(key: string): string {\r\n const prefix = getStorageKeyPrefix();\r\n return key.startsWith(prefix) ? key.slice(prefix.length) : key;\r\n}\r\n\r\nexport function setStorage(key: string, value: string): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.setItemSync) return;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n adapter.setItemSync(buildStorageKey(ns, suffix), value);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function getStorage(key: string): string | null {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.getItemSync) return null;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n return adapter.getItemSync(buildStorageKey(ns, suffix));\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nexport function removeStorage(key: string): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.removeItemSync) return;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n adapter.removeItemSync(buildStorageKey(ns, suffix));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function clearAuthStorage(): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.clearSync) return;\r\n try {\r\n adapter.clearTokensSync?.();\r\n adapter.clearSync();\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function clearAuthSessionStorage(): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.clearSync) return;\r\n try {\r\n adapter.clearTokensSync?.();\r\n adapter.clearSync();\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function clearAllCookies(): void {\r\n const runtime = getAuthRuntime();\r\n try {\r\n runtime?.clearCookies?.clearCookies();\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\n/**\r\n * Clears entire browser localStorage and sessionStorage.\r\n * Used on logout to clear all application storage. SSR-safe.\r\n */\r\nexport function clearAllBrowserStorage(): void {\r\n if (typeof window === 'undefined') return;\r\n try {\r\n window.localStorage?.clear();\r\n } catch {\r\n // Silent fail\r\n }\r\n try {\r\n window.sessionStorage?.clear();\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function clearAllStorage(): void {\r\n const forceLogin = getStorage(getStorageKey('force_login'));\r\n const logoutInProgress = getStorage(getStorageKey('logout_in_progress'));\r\n const preservedTenantKey = getStorage(getStorageKey('preserved_tenant_key'));\r\n\r\n clearAuthSessionStorage();\r\n clearAuthStorage();\r\n clearAllBrowserStorage();\r\n\r\n if (forceLogin === 'true') setStorage(getStorageKey('force_login'), 'true');\r\n if (logoutInProgress === 'true') setStorage(getStorageKey('logout_in_progress'), 'true');\r\n if (preservedTenantKey) setStorage(getStorageKey('preserved_tenant_key'), preservedTenantKey);\r\n\r\n clearAllCookies();\r\n}\r\n\r\nexport function getAccessToken(): string | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.accessToken ?? null;\r\n }\r\n return getStorage(STORAGE_KEYS.accessToken);\r\n}\r\n\r\nexport function getRefreshToken(): string | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.refreshToken ?? null;\r\n }\r\n return getStorage(STORAGE_KEYS.refreshToken);\r\n}\r\n\r\nexport function getExpiresAt(): number | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.expiresAt ?? null;\r\n }\r\n const expiresAt = getStorage(STORAGE_KEYS.expiresAt);\r\n if (!expiresAt) return null;\r\n const timestamp = parseInt(expiresAt, 10);\r\n return isNaN(timestamp) ? null : timestamp;\r\n}\r\n\r\nexport function isAccessTokenExpired(): boolean {\r\n const expiresAt = getExpiresAt();\r\n if (!expiresAt) return true;\r\n const buffer = 60 * 1000;\r\n return Date.now() >= expiresAt - buffer;\r\n}\r\n\r\nexport function getAuthServerUrl(): string | null {\r\n return getStorage(STORAGE_KEYS.authServerUrl);\r\n}\r\nexport function getClientId(): string | null {\r\n return getStorage(STORAGE_KEYS.clientId);\r\n}\r\nexport function getRedirectUri(): string | null {\r\n return getStorage(STORAGE_KEYS.redirectUri);\r\n}\r\nexport function getTenantId(): string | null {\r\n return getStorage(STORAGE_KEYS.tenantId);\r\n}\r\nexport function getCodeVerifier(): string | null {\r\n return getStorage(STORAGE_KEYS.codeVerifier);\r\n}\r\nexport function getState(): string | null {\r\n return getStorage(STORAGE_KEYS.state);\r\n}\r\nexport function getTenantKey(): string | null {\r\n return getStorage(STORAGE_KEYS.tenantKey);\r\n}\r\nexport function setTenantKey(tenantKey: string): void {\r\n setStorage(STORAGE_KEYS.tenantKey, tenantKey);\r\n}\r\n","/**\r\n * Logger utility for consistent logging across the plugin\r\n */\r\n\r\ntype LogLevel = 'info' | 'warn' | 'error' | 'debug';\r\n\r\n/**\r\n * Checks if we're in development mode (localhost/local network)\r\n */\r\nfunction isDev(): boolean {\r\n if (typeof window === 'undefined') {\r\n return false;\r\n }\r\n const hostname = window.location.hostname;\r\n return (\r\n hostname === 'localhost' ||\r\n hostname === '127.0.0.1' ||\r\n hostname === '[::1]' ||\r\n hostname.startsWith('192.168.') ||\r\n hostname.startsWith('10.') ||\r\n hostname.endsWith('.local')\r\n );\r\n}\r\n\r\nclass Logger {\r\n private prefix = '[tenneo-auth-gateway-plugin]';\r\n\r\n private log(level: LogLevel, message: string, data?: unknown): void {\r\n const timestamp = new Date().toISOString();\r\n const logMessage = `${this.prefix} [${timestamp}] [${level.toUpperCase()}] ${message}`;\r\n\r\n switch (level) {\r\n case 'info':\r\n console.log(logMessage, data || '');\r\n break;\r\n case 'warn':\r\n console.warn(logMessage, data || '');\r\n break;\r\n case 'error':\r\n console.error(logMessage, data || '');\r\n break;\r\n case 'debug':\r\n if (isDev()) {\r\n console.debug(logMessage, data || '');\r\n }\r\n break;\r\n }\r\n }\r\n\r\n info(message: string, data?: unknown): void {\r\n this.log('info', message, data);\r\n }\r\n\r\n warn(message: string, data?: unknown): void {\r\n this.log('warn', message, data);\r\n }\r\n\r\n error(message: string, data?: unknown): void {\r\n this.log('error', message, data);\r\n }\r\n\r\n debug(message: string, data?: unknown): void {\r\n this.log('debug', message, data);\r\n }\r\n}\r\n\r\nexport const logger = new Logger();\r\n\r\n","/**\r\n * Security and error utilities for authentication.\r\n * Domain layer: sanitized errors and HTTPS enforcement.\r\n */\r\n\r\nimport { logger } from '../utils/logger';\r\n\r\nfunction isLocalhostHostname(hostname: string): boolean {\r\n return hostname === 'localhost' || hostname === '127.0.0.1' ||\r\n hostname.startsWith('192.168.') || hostname.startsWith('10.') || hostname.startsWith('172.16.');\r\n}\r\n\r\nfunction isDev(): boolean {\r\n if (typeof window === 'undefined') return false;\r\n return isLocalhostHostname(window.location.hostname);\r\n}\r\n\r\nexport function enforceHttps(allowLocalhost: boolean = true): void {\r\n if (typeof window === 'undefined') return;\r\n\r\n const isLocalhostWindow = window.location.hostname === 'localhost' ||\r\n window.location.hostname === '127.0.0.1' ||\r\n window.location.hostname.startsWith('192.168.') ||\r\n window.location.hostname.startsWith('10.') ||\r\n window.location.hostname.startsWith('172.16.');\r\n\r\n const isHttps = window.location.protocol === 'https:';\r\n const isHttp = window.location.protocol === 'http:';\r\n\r\n if (allowLocalhost && isLocalhostWindow && isHttp) {\r\n logger.debug('HTTP allowed on localhost for development');\r\n return;\r\n }\r\n\r\n if (isHttp && !isLocalhostWindow) {\r\n const error = new Error('HTTPS is required for authentication. Please use HTTPS to access this application.');\r\n logger.error('HTTPS enforcement failed', {\r\n protocol: window.location.protocol,\r\n hostname: window.location.hostname,\r\n });\r\n throw error;\r\n }\r\n\r\n logger.debug('HTTPS check passed', { protocol: window.location.protocol });\r\n}\r\n\r\nexport function sanitizeErrorMessage(error: unknown, genericMessage: string): string {\r\n if (isDev()) {\r\n if (error instanceof Error) return error.message;\r\n return String(error);\r\n }\r\n return genericMessage;\r\n}\r\n\r\nexport class SanitizedError extends Error {\r\n public readonly code: string;\r\n public readonly originalMessage?: string;\r\n\r\n constructor(code: string, genericMessage: string, originalError?: unknown) {\r\n super(genericMessage);\r\n this.name = 'SanitizedError';\r\n this.code = code;\r\n if (isDev() && originalError instanceof Error) {\r\n this.originalMessage = originalError.message;\r\n }\r\n }\r\n}\r\n","/**\r\n * Auth lifecycle state machine (domain layer).\r\n * Pure: no I/O, no infrastructure. Used by application to decide which flow to run.\r\n */\r\n\r\nimport type { UrlLike } from './tenant';\r\n\r\n/** Storage reader: (keySuffix) => value. Used for persistence-critical flags only. */\r\nexport type StorageReader = (keySuffix: string) => string | null;\r\n\r\nexport enum AuthLifecycleState {\r\n INITIALIZING = 'INITIALIZING',\r\n FORCE_LOGIN = 'FORCE_LOGIN',\r\n PROCESSING_CALLBACK = 'PROCESSING_CALLBACK',\r\n AUTHENTICATED = 'AUTHENTICATED',\r\n TOKEN_EXPIRED = 'TOKEN_EXPIRED',\r\n TENANT_SWITCH = 'TENANT_SWITCH',\r\n LOGIN_REQUIRED = 'LOGIN_REQUIRED',\r\n LOGGED_OUT = 'LOGGED_OUT',\r\n ERROR = 'ERROR',\r\n}\r\n\r\nexport interface ResolveStateInput {\r\n url: UrlLike;\r\n getStorage: StorageReader;\r\n isCallbackUrl: (url: UrlLike) => boolean;\r\n hasValidToken: boolean;\r\n hasToken: boolean;\r\n hasRefreshToken: boolean;\r\n isTokenExpired: boolean;\r\n}\r\n\r\n/**\r\n * Resolves the current auth lifecycle state from URL, storage flags, and token state.\r\n * Pure function: no side effects, no async.\r\n */\r\nexport function resolveAuthLifecycleState(input: ResolveStateInput): AuthLifecycleState {\r\n const {\r\n url,\r\n getStorage,\r\n isCallbackUrl,\r\n hasValidToken,\r\n hasToken,\r\n hasRefreshToken,\r\n isTokenExpired,\r\n } = input;\r\n\r\n const forceLogin = getStorage('force_login') === 'true';\r\n const callbackProcessed = getStorage('callback_processed') === 'true';\r\n const tenantSwitched = getStorage('tenant_switched') === 'true';\r\n\r\n if (forceLogin) return AuthLifecycleState.FORCE_LOGIN;\r\n if (isCallbackUrl(url)) return AuthLifecycleState.PROCESSING_CALLBACK;\r\n if (hasValidToken) return AuthLifecycleState.AUTHENTICATED;\r\n if (callbackProcessed && !hasToken) return AuthLifecycleState.LOGIN_REQUIRED;\r\n if (hasToken && isTokenExpired && hasRefreshToken) return AuthLifecycleState.TOKEN_EXPIRED;\r\n if (hasToken && isTokenExpired && !hasRefreshToken) return AuthLifecycleState.LOGIN_REQUIRED;\r\n if (tenantSwitched) return AuthLifecycleState.TENANT_SWITCH;\r\n\r\n return AuthLifecycleState.LOGIN_REQUIRED;\r\n}\r\n","/**\r\n * In-memory runtime state for bootstrap and flow control.\r\n * Single source of truth for bootstrap_in_progress, callback_processing, flow_in_progress.\r\n * Re-exports flow-flag API for internal use (replaces utils/flow-flags).\r\n */\r\n\r\nconst BOOTSTRAP_STALE_MS = 5000;\r\n\r\nlet bootstrapInProgress = false;\r\nlet bootstrapTimestamp = 0;\r\n\r\nlet callbackProcessing = false;\r\n\r\nlet flowInProgress = false;\r\nlet flowTimestamp = 0;\r\n\r\nexport function isBootstrapInProgress(): boolean {\r\n if (!bootstrapInProgress) return false;\r\n if (!bootstrapTimestamp) return true;\r\n return Date.now() - bootstrapTimestamp < BOOTSTRAP_STALE_MS;\r\n}\r\n\r\nexport function setBootstrapInProgress(): void {\r\n bootstrapInProgress = true;\r\n bootstrapTimestamp = Date.now();\r\n}\r\n\r\nexport function clearBootstrapInProgress(): void {\r\n bootstrapInProgress = false;\r\n bootstrapTimestamp = 0;\r\n}\r\n\r\nexport function isCallbackProcessing(): boolean {\r\n return callbackProcessing;\r\n}\r\n\r\nexport function setCallbackProcessing(): void {\r\n callbackProcessing = true;\r\n}\r\n\r\nexport function clearCallbackProcessing(): void {\r\n callbackProcessing = false;\r\n}\r\n\r\nexport function isFlowInProgress(): boolean {\r\n return flowInProgress;\r\n}\r\n\r\nexport function getFlowTimestamp(): number | null {\r\n return flowTimestamp || null;\r\n}\r\n\r\nexport function setFlowInProgress(): void {\r\n flowInProgress = true;\r\n flowTimestamp = Date.now();\r\n}\r\n\r\nexport function clearFlowInProgress(): void {\r\n flowInProgress = false;\r\n flowTimestamp = 0;\r\n}\r\n\r\nexport function isFlowFlagStale(thresholdMs: number = 3000): boolean {\r\n if (!flowTimestamp) return true;\r\n return Date.now() - flowTimestamp > thresholdMs;\r\n}\r\n\r\n/** Flow-flag API (clear/set/query). Used by flows and strategy. */\r\nexport function clearFlowFlags(): void {\r\n clearFlowInProgress();\r\n}\r\n\r\nexport function setFlowFlags(): void {\r\n setFlowInProgress();\r\n}\r\n","/**\r\n * PKCE (Proof Key for Code Exchange) utilities\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\n/**\r\n * Generates a random code verifier for PKCE\r\n * @param length Length of the code verifier (default: 128)\r\n * @returns Base64URL-encoded random string\r\n */\r\nexport function generateCodeVerifier(length: number = 128): string {\r\n const array = new Uint8Array(length);\r\n crypto.getRandomValues(array);\r\n\r\n const base64 = btoa(String.fromCharCode(...array));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n}\r\n\r\n/**\r\n * Generates code challenge from code verifier using SHA-256\r\n */\r\nexport async function generateCodeChallenge(verifier: string): Promise<string> {\r\n try {\r\n const encoder = new TextEncoder();\r\n const data = encoder.encode(verifier);\r\n const hashBuffer = await crypto.subtle.digest('SHA-256', data);\r\n const hashArray = Array.from(new Uint8Array(hashBuffer));\r\n const base64 = btoa(String.fromCharCode(...hashArray));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n } catch {\r\n throw new Error('Failed to generate code challenge');\r\n }\r\n}\r\n\r\n/**\r\n * Generates a random state parameter for OAuth flow\r\n */\r\nexport function generateState(): string {\r\n const array = new Uint8Array(32);\r\n crypto.getRandomValues(array);\r\n const base64 = btoa(String.fromCharCode(...array));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n}\r\n","/**\r\n * Env + window config loader. SSR-safe.\r\n * Single source of truth: .env (VITE_* or same name). Window can override for dev.\r\n */\r\n\r\nimport type { RuntimeConfig } from './types';\r\n\r\nconst ENV_KEYS: Record<keyof RuntimeConfig, readonly string[]> = {\r\n CLIENT_ID: ['VITE_CLIENT_ID', 'CLIENT_ID'],\r\n TENANT_ID: ['VITE_TENANT_ID', 'TENANT_ID'],\r\n CLIENTCODE: ['VITE_CLIENTCODE', 'CLIENTCODE'],\r\n};\r\n\r\nexport function getEnvValue(keys: readonly string[]): string {\r\n try {\r\n const g = typeof globalThis !== 'undefined' ? (globalThis as Record<string, unknown>) : null;\r\n const env = g?.process && typeof (g.process as Record<string, unknown>).env === 'object'\r\n ? (g.process as Record<string, unknown>).env as Record<string, unknown>\r\n : null;\r\n if (env) {\r\n for (const key of keys) {\r\n const v = env[key];\r\n if (v != null && String(v).trim()) return String(v).trim();\r\n }\r\n }\r\n } catch {\r\n // ignore\r\n }\r\n try {\r\n const meta = typeof import.meta !== 'undefined' ? (import.meta as { env?: Record<string, unknown> }).env : undefined;\r\n if (meta) {\r\n for (const key of keys) {\r\n const v = meta[key];\r\n if (v != null && String(v).trim()) return String(v).trim();\r\n }\r\n }\r\n } catch {\r\n // ignore\r\n }\r\n return '';\r\n}\r\n\r\nconst FORBIDDEN_WINDOW_KEYS = ['apiBaseUrl', 'apiTenantResolutionBaseUrl', 'apiAuthBaseUrl', 'authServerUrl', 'defaultDomain', 'API_BASE_URL', 'AUTH_SERVER_URL', 'DEFAULT_DOMAIN'] as const;\r\n\r\nfunction getWindowConfigRaw(): Record<string, string> | null {\r\n if (typeof window === 'undefined') return null;\r\n const w = window as Window & { __AUTH_CONFIG__?: Record<string, unknown>; __APP_CONFIG__?: Record<string, unknown> };\r\n const raw = w.__AUTH_CONFIG__ ?? w.__APP_CONFIG__;\r\n if (!raw || typeof raw !== 'object') return null;\r\n for (const forbidden of FORBIDDEN_WINDOW_KEYS) {\r\n if (forbidden in raw) {\r\n throw new Error('Attempted to override protected internal configuration');\r\n }\r\n }\r\n const out: Record<string, string> = {};\r\n const map: Record<string, string> = {\r\n clientId: 'CLIENT_ID',\r\n tenantId: 'TENANT_ID',\r\n clientcode: 'CLIENTCODE',\r\n };\r\n for (const [winKey, sdkKey] of Object.entries(map)) {\r\n const v = raw[winKey];\r\n if (v != null && typeof v === 'string' && v.trim()) out[sdkKey] = v.trim();\r\n }\r\n return Object.keys(out).length ? out : null;\r\n}\r\n\r\nexport function loadEnvConfig(): Partial<RuntimeConfig> {\r\n const partial: Partial<RuntimeConfig> = {};\r\n for (const [key, envKeys] of Object.entries(ENV_KEYS)) {\r\n const v = getEnvValue(envKeys);\r\n if (v) (partial as Record<string, string>)[key] = v;\r\n }\r\n return partial;\r\n}\r\n\r\nexport function loadWindowConfig(): Partial<RuntimeConfig> | null {\r\n const raw = getWindowConfigRaw();\r\n if (!raw) return null;\r\n return raw as Partial<RuntimeConfig>;\r\n}\r\n","/**\r\n * Zod validation for runtime config (CLIENT_ID, TENANT_ID, CLIENTCODE).\r\n */\r\n\r\nimport { z } from 'zod';\r\nimport type { RuntimeConfig } from './types';\r\n\r\nconst schema = z.object({\r\n CLIENT_ID: z.string().min(1, 'CLIENT_ID is required'),\r\n TENANT_ID: z.string().min(1, 'TENANT_ID is required'),\r\n CLIENTCODE: z.string().min(1, 'CLIENTCODE is required'),\r\n});\r\n\r\nexport type RuntimeConfigSchema = z.infer<typeof schema>;\r\n\r\nexport function validateConfig(data: unknown): RuntimeConfig {\r\n return schema.parse(data) as RuntimeConfig;\r\n}\r\n\r\nexport function safeValidateConfig(data: unknown): z.SafeParseReturnType<unknown, RuntimeConfig> {\r\n return schema.safeParse(data) as z.SafeParseReturnType<unknown, RuntimeConfig>;\r\n}\r\n\r\nexport { schema as sdkConfigSchema };\r\n","/**\r\n * Configuration types.\r\n * Internal: non-overridable (from .env). Runtime: overridable (env + window + setConfig).\r\n *\r\n * BASE URL SEPARATION (mandatory — do not mix):\r\n * - API_TENANT_RESOLUTION_BASE_URL: Tenant resolution only.\r\n * - API_AUTH_BASE_URL: Token operations only (exchange, refresh, logout).\r\n * - AUTH_SERVER_URL: OpenID Connect authorization redirect only.\r\n */\r\n\r\nexport interface InternalConfig {\r\n API_TENANT_RESOLUTION_BASE_URL: string;\r\n API_AUTH_BASE_URL: string;\r\n AUTH_SERVER_URL: string;\r\n DEFAULT_DOMAIN: string;\r\n}\r\n\r\n/** Single source of truth: .env (VITE_CLIENT_ID, VITE_TENANT_ID, VITE_CLIENTCODE). */\r\nexport interface RuntimeConfig {\r\n CLIENT_ID: string;\r\n TENANT_ID: string;\r\n CLIENTCODE: string;\r\n}\r\n\r\nexport type ResolvedConfig = InternalConfig & RuntimeConfig;\r\nexport type SDKConfig = ResolvedConfig;\r\n\r\nexport const INTERNAL_CONFIG_KEYS = ['API_TENANT_RESOLUTION_BASE_URL', 'API_AUTH_BASE_URL', 'AUTH_SERVER_URL', 'DEFAULT_DOMAIN'] as const;\r\nexport type InternalConfigKey = (typeof INTERNAL_CONFIG_KEYS)[number];\r\n\r\nexport const RUNTIME_CONFIG_KEYS = ['CLIENT_ID', 'TENANT_ID', 'CLIENTCODE'] as const;\r\nexport type RuntimeConfigKey = (typeof RUNTIME_CONFIG_KEYS)[number];\r\n\r\nexport interface RuntimeConfigOverrides {\r\n basePath?: string;\r\n redirectUri?: string;\r\n}\r\n\r\nexport type HostConfigOverride = Partial<RuntimeConfig> & Partial<RuntimeConfigOverrides>;\r\n\r\n/** Window __APP_CONFIG__ / __AUTH_CONFIG__ shape (clientId, tenantId, clientcode only). */\r\nexport interface HostRuntimeConfig {\r\n clientId?: string;\r\n tenantId?: string;\r\n clientcode?: string;\r\n}\r\n\r\n/** Full resolved config output (internal URLs + runtime + derived redirectUri, basePath). */\r\nexport interface ResolvedHostConfig {\r\n apiTenantResolutionBaseUrl: string;\r\n apiAuthBaseUrl: string;\r\n authServerUrl: string;\r\n defaultDomain: string;\r\n clientId: string;\r\n tenantId: string;\r\n clientCode: string;\r\n redirectUri: string;\r\n basePath: string;\r\n}\r\n","/**\r\n * OAuth constants and storage keys. No config resolution — pure constants.\r\n */\r\n\r\nexport const OAUTH_CONSTANTS = {\r\n SCOPES: 'openid profile email',\r\n RESPONSE_TYPE: 'code',\r\n CODE_CHALLENGE_METHOD: 'S256',\r\n TOKEN_GRANT_TYPE: 'authorization_code',\r\n REFRESH_GRANT_TYPE: 'refresh_token',\r\n} as const;\r\n\r\nexport const STORAGE_KEY_PREFIX = 'tenneo_auth_';\r\n\r\nexport const STORAGE_KEYS = {\r\n authServerUrl: `${STORAGE_KEY_PREFIX}auth_server_url`,\r\n clientId: `${STORAGE_KEY_PREFIX}client_id`,\r\n redirectUri: `${STORAGE_KEY_PREFIX}redirect_uri`,\r\n tenantId: `${STORAGE_KEY_PREFIX}tenant_id`,\r\n codeVerifier: `${STORAGE_KEY_PREFIX}code_verifier`,\r\n state: `${STORAGE_KEY_PREFIX}state`,\r\n accessToken: `${STORAGE_KEY_PREFIX}access_token`,\r\n refreshToken: `${STORAGE_KEY_PREFIX}refresh_token`,\r\n expiresAt: `${STORAGE_KEY_PREFIX}expires_at`,\r\n} as const;\r\n\r\nexport const DEFAULT_SCOPES = OAUTH_CONSTANTS.SCOPES;\r\nexport const DEFAULT_RESPONSE_TYPE = OAUTH_CONSTANTS.RESPONSE_TYPE;\r\nexport const DEFAULT_CODE_CHALLENGE_METHOD = OAUTH_CONSTANTS.CODE_CHALLENGE_METHOD;\r\nexport const DEFAULT_TOKEN_GRANT_TYPE = OAUTH_CONSTANTS.TOKEN_GRANT_TYPE;\r\nexport const DEFAULT_REFRESH_GRANT_TYPE = OAUTH_CONSTANTS.REFRESH_GRANT_TYPE;\r\n","/**\r\n * Config: resolver + public Config facade.\r\n * Resolution order: runtime overrides > window > env > defaults.\r\n * Single source of truth: .env (see .env.example).\r\n */\r\n\r\nimport { getEnvValue, loadEnvConfig, loadWindowConfig } from './env';\r\nimport { validateConfig } from './schema';\r\nimport type {\r\n InternalConfig,\r\n RuntimeConfig,\r\n RuntimeConfigKey,\r\n RuntimeConfigOverrides,\r\n HostConfigOverride,\r\n HostRuntimeConfig,\r\n ResolvedHostConfig,\r\n} from './types';\r\nimport { INTERNAL_CONFIG_KEYS, RUNTIME_CONFIG_KEYS } from './types';\r\nimport { STORAGE_KEY_PREFIX, OAUTH_CONSTANTS, STORAGE_KEYS } from './constants';\r\nimport type { EnvConfig } from '../domain/auth-state';\r\n\r\n// Re-export types and schema/env/constants\r\nexport type {\r\n SDKConfig,\r\n ResolvedConfig,\r\n InternalConfig,\r\n RuntimeConfig,\r\n HostConfigOverride,\r\n HostRuntimeConfig,\r\n ResolvedHostConfig,\r\n RuntimeConfigOverrides,\r\n} from './types';\r\nexport { INTERNAL_CONFIG_KEYS, RUNTIME_CONFIG_KEYS } from './types';\r\nexport { validateConfig, safeValidateConfig, sdkConfigSchema } from './schema';\r\nexport { loadEnvConfig, loadWindowConfig, getEnvValue } from './env';\r\nexport {\r\n OAUTH_CONSTANTS,\r\n STORAGE_KEYS,\r\n STORAGE_KEY_PREFIX,\r\n DEFAULT_SCOPES,\r\n DEFAULT_RESPONSE_TYPE,\r\n DEFAULT_CODE_CHALLENGE_METHOD,\r\n DEFAULT_TOKEN_GRANT_TYPE,\r\n DEFAULT_REFRESH_GRANT_TYPE,\r\n} from './constants';\r\n\r\ndeclare global {\r\n interface Window {\r\n __APP_CONFIG__?: HostRuntimeConfig | { [key: string]: unknown };\r\n __AUTH_CONFIG__?: HostRuntimeConfig | { [key: string]: unknown };\r\n }\r\n}\r\n\r\n// ---------------------------------------------------------------------------\r\n// Internal config (from .env; non-overridable)\r\n// Single source: .env (VITE_*). Change URLs only here or in .env — rest of app uses Config getters.\r\n// ---------------------------------------------------------------------------\r\n\r\n/** Fallback when .env is not set. Prefer setting .env so no code change needed per environment. */\r\nconst INTERNAL_DEFAULTS: InternalConfig = {\r\n API_TENANT_RESOLUTION_BASE_URL: 'https://localhost:5020/api/v1',\r\n API_AUTH_BASE_URL: 'https://localhost:5001',\r\n AUTH_SERVER_URL: 'https://localhost:5001',\r\n DEFAULT_DOMAIN: 'https://localhost:5001',\r\n};\r\n\r\nfunction envOr(key: keyof InternalConfig): string {\r\n const v = getEnvValue([`VITE_${key}`, key]);\r\n return (v && v.trim()) ? v.trim() : INTERNAL_DEFAULTS[key];\r\n}\r\n\r\nexport const INTERNAL_CONFIG: InternalConfig = Object.freeze({\r\n API_TENANT_RESOLUTION_BASE_URL: envOr('API_TENANT_RESOLUTION_BASE_URL'),\r\n API_AUTH_BASE_URL: envOr('API_AUTH_BASE_URL'),\r\n AUTH_SERVER_URL: envOr('AUTH_SERVER_URL'),\r\n DEFAULT_DOMAIN: envOr('DEFAULT_DOMAIN'),\r\n});\r\n\r\n// ---------------------------------------------------------------------------\r\n// Runtime defaults and picker\r\n// ---------------------------------------------------------------------------\r\n\r\nexport const RUNTIME_CONFIG_DEFAULTS: RuntimeConfig = Object.freeze({\r\n CLIENT_ID: 'tenneo',\r\n TENANT_ID: '00000000-0000-0000-0000-000000000001',\r\n CLIENTCODE: 'productlms',\r\n});\r\n\r\nexport function pickRuntimeConfig(source?: Partial<Record<string, string | undefined>>): Partial<RuntimeConfig> {\r\n if (!source) return {};\r\n const picked: Partial<RuntimeConfig> = {};\r\n for (const key of RUNTIME_CONFIG_KEYS) {\r\n const value = source[key];\r\n if (value != null && typeof value === 'string') {\r\n const trimmed = value.trim();\r\n if (trimmed) picked[key as RuntimeConfigKey] = trimmed;\r\n }\r\n }\r\n return picked;\r\n}\r\n\r\nexport const defaultConfig: InternalConfig & RuntimeConfig = {\r\n ...INTERNAL_CONFIG,\r\n ...RUNTIME_CONFIG_DEFAULTS,\r\n};\r\n\r\nexport { defaultConfig as FALLBACK_CONFIG };\r\n\r\n// ---------------------------------------------------------------------------\r\n// Resolver state\r\n// ---------------------------------------------------------------------------\r\n\r\nlet runtimeOverrides: Partial<RuntimeConfig> = {};\r\nlet runtimeConfigOverrides: RuntimeConfigOverrides = {};\r\n\r\nfunction mergeRuntime(base: RuntimeConfig, ...sources: (Partial<RuntimeConfig> | null | undefined)[]): RuntimeConfig {\r\n let out: RuntimeConfig = { ...base };\r\n for (const src of sources) {\r\n if (!src) continue;\r\n for (const key of Object.keys(src) as (keyof RuntimeConfig)[]) {\r\n const value = src[key];\r\n if (value != null && String(value).trim() !== '') out[key] = String(value).trim();\r\n }\r\n }\r\n return out;\r\n}\r\n\r\nfunction assertNoInternalOverrides(source?: Partial<Record<string, unknown>>): void {\r\n if (!source) return;\r\n for (const key of INTERNAL_CONFIG_KEYS) {\r\n if (source[key] !== undefined) throw new Error('Attempted to override protected internal configuration');\r\n }\r\n}\r\n\r\nconst INTERNAL_KEY_SET = new Set<string>(INTERNAL_CONFIG_KEYS as readonly string[]);\r\nconst HOST_TO_RUNTIME_KEYS: Record<string, keyof RuntimeConfig> = {\r\n clientId: 'CLIENT_ID',\r\n tenantId: 'TENANT_ID',\r\n clientcode: 'CLIENTCODE',\r\n};\r\n\r\nfunction sanitizeRuntimeOverrides(source?: HostConfigOverride): Partial<RuntimeConfig> | undefined {\r\n if (!source) return undefined;\r\n const filtered: Record<string, string> = {};\r\n for (const [key, raw] of Object.entries(source)) {\r\n if (raw == null) continue;\r\n if (INTERNAL_KEY_SET.has(key)) continue;\r\n const trimmed = String(raw).trim();\r\n if (!trimmed) continue;\r\n const sdkKey = HOST_TO_RUNTIME_KEYS[key] ?? key;\r\n filtered[sdkKey] = trimmed;\r\n }\r\n const picked = pickRuntimeConfig(filtered);\r\n return Object.keys(picked).length ? picked : undefined;\r\n}\r\n\r\n// ---------------------------------------------------------------------------\r\n// Public resolver API\r\n// ---------------------------------------------------------------------------\r\n\r\nexport function resolveConfig(overrides?: HostConfigOverride): InternalConfig & RuntimeConfig {\r\n assertNoInternalOverrides(runtimeOverrides as Partial<Record<string, unknown>>);\r\n assertNoInternalOverrides(overrides);\r\n const windowCfg = loadWindowConfig();\r\n const envCfg = loadEnvConfig();\r\n const mergedRuntime = mergeRuntime(\r\n RUNTIME_CONFIG_DEFAULTS,\r\n envCfg,\r\n windowCfg ?? undefined,\r\n runtimeOverrides,\r\n sanitizeRuntimeOverrides(overrides)\r\n );\r\n const validatedRuntime = validateConfig(mergedRuntime);\r\n return { ...INTERNAL_CONFIG, ...validatedRuntime };\r\n}\r\n\r\nexport function getConfig(): InternalConfig & RuntimeConfig {\r\n return resolveConfig();\r\n}\r\n\r\nexport function setConfig(overrides: HostConfigOverride): void {\r\n assertNoInternalOverrides(overrides);\r\n const sanitized = sanitizeRuntimeOverrides(overrides);\r\n if (sanitized) runtimeOverrides = { ...runtimeOverrides, ...sanitized };\r\n const { basePath, redirectUri } = overrides;\r\n if (basePath != null && basePath.trim() !== '') runtimeConfigOverrides = { ...runtimeConfigOverrides, basePath: basePath.trim() };\r\n if (redirectUri != null && redirectUri.trim() !== '') runtimeConfigOverrides = { ...runtimeConfigOverrides, redirectUri: redirectUri.trim() };\r\n}\r\n\r\nexport function setRuntimeConfigOverrides(overrides: RuntimeConfigOverrides): void {\r\n runtimeConfigOverrides = { ...runtimeConfigOverrides, ...overrides };\r\n}\r\n\r\nexport function clearConfigOverrides(): void {\r\n runtimeOverrides = {};\r\n runtimeConfigOverrides = {};\r\n}\r\n\r\n// ---------------------------------------------------------------------------\r\n// Derived: basePath, redirectUri\r\n// ---------------------------------------------------------------------------\r\n\r\nfunction getWindowBasePath(): string {\r\n if (typeof window === 'undefined') return '';\r\n const w = window as Window & { __AUTH_CONFIG__?: { basePath?: string }; __APP_CONFIG__?: { basePath?: string } };\r\n const raw = w.__AUTH_CONFIG__ ?? w.__APP_CONFIG__;\r\n const bp = raw?.basePath;\r\n if (bp != null && typeof bp === 'string' && bp.trim()) return bp.trim();\r\n const pathname = window.location.pathname;\r\n const segments = pathname.split('/').filter(Boolean);\r\n const commonRoutes = ['dashboards', 'callback', 'confirmation', 'client-confirmed', 'client-provisioned', 'approval-completed'];\r\n if (segments.length > 0 && !commonRoutes.includes(segments[0])) {\r\n let base = '/' + segments[0];\r\n if (base.endsWith('/')) base = base.slice(0, -1);\r\n return base;\r\n }\r\n return '';\r\n}\r\n\r\nexport function getBasePath(): string {\r\n if (runtimeConfigOverrides.basePath != null && runtimeConfigOverrides.basePath !== '') return runtimeConfigOverrides.basePath;\r\n return getWindowBasePath();\r\n}\r\n\r\n/**\r\n * Static redirect URI: always host + '/callback'.\r\n * In browser uses current origin; for SSR uses env or default.\r\n */\r\nexport function getRedirectUri(): string {\r\n if (typeof window !== 'undefined') {\r\n return `${window.location.origin}/callback`;\r\n }\r\n return getEnvValue(['VITE_REDIRECT_URI', 'REDIRECT_URI']) || 'http://localhost:5173/callback';\r\n}\r\n\r\nexport function hasRuntimeConfig(): boolean {\r\n return loadWindowConfig() !== null || Object.keys(runtimeOverrides).length > 0;\r\n}\r\n\r\n// ---------------------------------------------------------------------------\r\n// Public Config facade\r\n// ---------------------------------------------------------------------------\r\n\r\nexport const Config = {\r\n getApiTenantResolutionBaseUrl(): string {\r\n return getConfig().API_TENANT_RESOLUTION_BASE_URL;\r\n },\r\n getApiAuthBaseUrl(): string {\r\n return getConfig().API_AUTH_BASE_URL;\r\n },\r\n getAuthServerUrl(): string {\r\n return getConfig().AUTH_SERVER_URL;\r\n },\r\n getDefaultDomain(): string {\r\n return getConfig().DEFAULT_DOMAIN;\r\n },\r\n getClientId(): string {\r\n return getConfig().CLIENT_ID;\r\n },\r\n getTenantId(): string {\r\n return getConfig().TENANT_ID;\r\n },\r\n getClientCode(): string {\r\n return getConfig().CLIENTCODE;\r\n },\r\n getRedirectUri(): string {\r\n return getRedirectUri();\r\n },\r\n getBasePath(): string {\r\n return getBasePath();\r\n },\r\n hasRuntimeConfig(): boolean {\r\n return hasRuntimeConfig();\r\n },\r\n getAll(): ResolvedHostConfig {\r\n const c = getConfig();\r\n return {\r\n apiTenantResolutionBaseUrl: c.API_TENANT_RESOLUTION_BASE_URL,\r\n apiAuthBaseUrl: c.API_AUTH_BASE_URL,\r\n authServerUrl: c.AUTH_SERVER_URL,\r\n defaultDomain: c.DEFAULT_DOMAIN,\r\n clientId: c.CLIENT_ID,\r\n tenantId: c.TENANT_ID,\r\n clientCode: c.CLIENTCODE,\r\n redirectUri: getRedirectUri(),\r\n basePath: getBasePath(),\r\n };\r\n },\r\n} as const;\r\n\r\nexport const DEFAULT_ENV_CONFIG = {\r\n AUTH_SERVER_URL: Config.getAuthServerUrl(),\r\n CLIENT_ID: Config.getClientId(),\r\n TENANT_ID: Config.getTenantId(),\r\n CLIENTCODE: Config.getClientCode(),\r\n};\r\n\r\n// ---------------------------------------------------------------------------\r\n// Env config for bootstrap (validated shape)\r\n// ---------------------------------------------------------------------------\r\n\r\nexport function getEnvConfig(): Promise<EnvConfig | null> {\r\n const authServerUrl = Config.getAuthServerUrl();\r\n const clientId = Config.getClientId();\r\n const tenantId = Config.getTenantId();\r\n const redirectUri = Config.getRedirectUri();\r\n try {\r\n new URL(authServerUrl);\r\n new URL(redirectUri);\r\n } catch {\r\n return Promise.resolve(null);\r\n }\r\n return Promise.resolve({\r\n authServerUrl: authServerUrl.trim(),\r\n clientId: clientId.trim(),\r\n redirectUri: redirectUri.trim(),\r\n tenantId: tenantId.trim(),\r\n });\r\n}\r\n\r\nexport function getEnvConfigSync(): EnvConfig | null {\r\n const authServerUrl = Config.getAuthServerUrl();\r\n const clientId = Config.getClientId();\r\n const tenantId = Config.getTenantId();\r\n const redirectUri = Config.getRedirectUri();\r\n try {\r\n new URL(authServerUrl);\r\n new URL(redirectUri);\r\n } catch {\r\n return null;\r\n }\r\n return {\r\n authServerUrl: authServerUrl.trim(),\r\n clientId: clientId.trim(),\r\n redirectUri: redirectUri.trim(),\r\n tenantId: tenantId.trim(),\r\n };\r\n}\r\n\r\nexport function hasEnvFallback(): boolean {\r\n return getEnvConfigSync() !== null;\r\n}\r\n","/**\r\n * Validation utilities\r\n */\r\n\r\n/**\r\n * Validates if a string is a valid GUID format\r\n * @param guid GUID string to validate\r\n * @returns True if valid GUID format, false otherwise\r\n */\r\nexport function isValidGuid(guid: string): boolean {\r\n if (!guid || typeof guid !== 'string') {\r\n return false;\r\n }\r\n \r\n const guidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;\r\n return guidRegex.test(guid.trim());\r\n}\r\n\r\n/**\r\n * Validates tenant ID (must be a valid GUID)\r\n * @param tenantId Tenant ID to validate\r\n * @returns Validation result with isValid flag and error message\r\n */\r\nexport function validateTenantId(tenantId: string | null | undefined): { isValid: boolean; error?: string } {\r\n if (!tenantId || tenantId.trim() === '') {\r\n return {\r\n isValid: false,\r\n error: 'Tenant ID is required',\r\n };\r\n }\r\n \r\n if (!isValidGuid(tenantId)) {\r\n return {\r\n isValid: false,\r\n error: 'Tenant ID must be a valid GUID format (00000000-0000-0000-0000-000000000001)',\r\n };\r\n }\r\n \r\n return { isValid: true };\r\n}\r\n\r\n","/**\r\n * Runtime-backed facade for domain tenant/callback helpers.\r\n * Provides extractTenantKey(), isCallbackUrl(), isLocalhost() for public API and internal use.\r\n * Uses runtime when set; falls back to window for backward compatibility.\r\n */\r\n\r\nimport { Config } from '../config';\r\nimport { getStorage, getStorageKey } from '../infrastructure/storage/index';\r\nimport { getAuthRuntime } from '../infrastructure/runtime/context';\r\nimport {\r\n isLocalhost as domainIsLocalhost,\r\n extractTenantKeyFromUrl,\r\n isCallbackUrlFromUrl,\r\n} from '../domain/tenant';\r\n\r\nexport { isCallbackUrlFromUrl } from '../domain/tenant';\r\n\r\nexport function isLocalhost(): boolean {\r\n const runtime = getAuthRuntime();\r\n const hostname = runtime\r\n ? runtime.urlProvider.getCurrentUrl().hostname\r\n : (typeof window !== 'undefined' ? window.location.hostname : '');\r\n return domainIsLocalhost(hostname);\r\n}\r\n\r\nexport function extractTenantKey(): string | null {\r\n const runtime = getAuthRuntime();\r\n if (runtime) {\r\n const url = runtime.urlProvider.getCurrentUrl();\r\n return extractTenantKeyFromUrl(url, runtime.configProvider, getStorage, getStorageKey);\r\n }\r\n return extractTenantKeyLegacy();\r\n}\r\n\r\nfunction extractTenantKeyLegacy(): string | null {\r\n if (typeof window === 'undefined') return Config.getClientCode();\r\n try {\r\n const propsConfigStr = getStorage(getStorageKey('props_config'));\r\n if (propsConfigStr) {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n if (propsConfig.tenantKey?.trim()) return propsConfig.tenantKey.trim();\r\n }\r\n const stored = getStorage(getStorageKey('tenant_key'));\r\n if (stored?.trim()) return stored.trim();\r\n const urlParams = new URLSearchParams(window.location.search);\r\n const t = urlParams.get('t');\r\n if (t?.trim()) return t.trim();\r\n const hostname = window.location.hostname;\r\n const parts = hostname.split('.');\r\n if (parts.length >= 2 && parts[0] && parts[0].toLowerCase() !== 'productlms') return parts[0].trim();\r\n return Config.getClientCode();\r\n } catch {\r\n return Config.getClientCode();\r\n }\r\n}\r\n\r\nexport function isCallbackUrl(): boolean {\r\n const runtime = getAuthRuntime();\r\n if (runtime) return isCallbackUrlFromUrl(runtime.urlProvider.getCurrentUrl());\r\n if (typeof window === 'undefined') return false;\r\n const params = new URLSearchParams(window.location.search);\r\n return params.has('code') && params.has('state');\r\n}\r\n","/**\r\n * Structured auth event emitter for observability and audit.\r\n */\r\n\r\nexport const AuthEventNames = {\r\n LOGIN_STARTED: 'LOGIN_STARTED',\r\n LOGIN_SUCCESS: 'LOGIN_SUCCESS',\r\n LOGIN_FAILED: 'LOGIN_FAILED',\r\n CALLBACK_SUCCESS: 'CALLBACK_SUCCESS',\r\n CALLBACK_FAILED: 'CALLBACK_FAILED',\r\n TOKEN_REFRESH_SUCCESS: 'TOKEN_REFRESH_SUCCESS',\r\n TOKEN_REFRESH_FAILED: 'TOKEN_REFRESH_FAILED',\r\n TENANT_SWITCHED: 'TENANT_SWITCHED',\r\n LOGOUT_COMPLETED: 'LOGOUT_COMPLETED',\r\n BOOTSTRAP_STATE_DETECTED: 'BOOTSTRAP_STATE_DETECTED',\r\n REDIRECT_LOOP_RISK: 'REDIRECT_LOOP_RISK',\r\n} as const;\r\n\r\nexport type AuthEventName = (typeof AuthEventNames)[keyof typeof AuthEventNames];\r\n\r\nexport interface AuthEventPayload {\r\n state?: string;\r\n tenantKey?: string;\r\n error?: string;\r\n message?: string;\r\n [key: string]: unknown;\r\n}\r\n\r\nexport type AuthEventHandler = (payload?: AuthEventPayload) => void;\r\n\r\ntype ListenerMap = Map<AuthEventName | '*', Set<AuthEventHandler>>;\r\n\r\nlet listeners: ListenerMap = new Map();\r\n\r\nfunction getHandlers(event: AuthEventName): Set<AuthEventHandler> {\r\n let set = listeners.get(event);\r\n if (!set) {\r\n set = new Set();\r\n listeners.set(event, set);\r\n }\r\n return set;\r\n}\r\n\r\nfunction getWildcardHandlers(): Set<AuthEventHandler> {\r\n let set = listeners.get('*');\r\n if (!set) {\r\n set = new Set();\r\n listeners.set('*', set);\r\n }\r\n return set;\r\n}\r\n\r\nexport function emitAuthEvent(event: AuthEventName, payload?: AuthEventPayload): void {\r\n const handlers = getHandlers(event);\r\n const wildcard = getWildcardHandlers();\r\n const p = payload ?? {};\r\n handlers.forEach((fn) => {\r\n try {\r\n fn(p);\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n wildcard.forEach((fn) => {\r\n try {\r\n fn({ ...p, event });\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n}\r\n\r\nexport function subscribeAuthEvent(\r\n event: AuthEventName | '*',\r\n handler: AuthEventHandler\r\n): () => void {\r\n const set = event === '*' ? getWildcardHandlers() : getHandlers(event);\r\n set.add(handler);\r\n return () => set.delete(handler);\r\n}\r\n\r\nexport function resetAuthEventListeners(): void {\r\n listeners = new Map();\r\n}\r\n","/**\r\n * Redirect loop protection: limit consecutive redirect attempts to IdP.\r\n */\r\n\r\nimport { emitAuthEvent, AuthEventNames } from '../events/AuthEvents';\r\n\r\nconst DEFAULT_MAX_REDIRECTS = 5;\r\nconst WINDOW_MS = 60 * 1000;\r\n\r\nlet redirectCount = 0;\r\nlet firstRedirectAt = 0;\r\n\r\nexport const MAX_REDIRECT_ATTEMPTS = DEFAULT_MAX_REDIRECTS;\r\n\r\nexport function getRedirectAttemptCount(): number {\r\n return redirectCount;\r\n}\r\n\r\nexport function incrementRedirectAttempt(): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n redirectCount++;\r\n return redirectCount <= DEFAULT_MAX_REDIRECTS;\r\n}\r\n\r\nexport function shouldAllowRedirect(maxAttempts: number = DEFAULT_MAX_REDIRECTS): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n return redirectCount < maxAttempts;\r\n}\r\n\r\nexport function resetRedirectLoopGuard(): void {\r\n redirectCount = 0;\r\n firstRedirectAt = 0;\r\n}\r\n\r\nexport function checkAndIncrementRedirect(maxAttempts: number = DEFAULT_MAX_REDIRECTS): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n if (redirectCount >= maxAttempts) {\r\n emitAuthEvent(AuthEventNames.REDIRECT_LOOP_RISK, {\r\n message: `Redirect attempt limit (${maxAttempts}) exceeded`,\r\n });\r\n return false;\r\n }\r\n redirectCount++;\r\n return true;\r\n}\r\n","/**\r\n * OAuth authorization flow implementation\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\nimport {\r\n setStorage,\r\n getStorage,\r\n removeStorage,\r\n STORAGE_KEYS,\r\n getStorageKey,\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n} from '../../infrastructure/storage/index';\r\nimport { getAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport { generateCodeVerifier, generateCodeChallenge, generateState } from './pkce';\r\nimport {\r\n Config,\r\n DEFAULT_CODE_CHALLENGE_METHOD,\r\n DEFAULT_RESPONSE_TYPE,\r\n} from '../../config';\r\nimport { validateTenantId } from '../../utils/validation';\r\nimport { logger } from '../../utils/logger';\r\nimport { isLocalhost, isCallbackUrl } from '../../application/domain-facade';\r\nimport { clearFlowFlags, setFlowFlags, isFlowInProgress, isFlowFlagStale } from '../../application/lifecycle-state';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { checkAndIncrementRedirect } from '../../application/security/redirectLoopGuard';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\n\r\nexport function storeTenantConfig(config: TenantConfig): void {\r\n const validation = validateTenantId(config.tenantId);\r\n if (!validation.isValid) {\r\n logger.warn('Tenant ID validation failed', { tenantId: config.tenantId });\r\n }\r\n\r\n setStorage(STORAGE_KEYS.authServerUrl, config.authServer);\r\n setStorage(STORAGE_KEYS.clientId, config.client.clientId);\r\n // Static redirect URI: always host + '/callback'\r\n setStorage(STORAGE_KEYS.redirectUri, Config.getRedirectUri());\r\n setStorage(STORAGE_KEYS.tenantId, config.tenantId);\r\n if (config.tenantKey) {\r\n setStorage(STORAGE_KEYS.tenantKey, config.tenantKey);\r\n }\r\n}\r\n\r\nexport async function initiateAuthFlow(config: TenantConfig): Promise<void> {\r\n try {\r\n logger.info('Initiating OAuth authorization flow');\r\n\r\n const token = getAccessToken();\r\n if (token && !isAccessTokenExpired()) {\r\n logger.debug('Valid token already exists, skipping auth flow');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n if (isCallbackUrl()) {\r\n logger.debug('Callback URL detected - clearing flow flag to allow callback processing');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n if (isFlowInProgress()) {\r\n if (isFlowFlagStale(3000)) {\r\n logger.info('Stale auth flow flag detected, clearing and proceeding');\r\n clearFlowFlags();\r\n } else {\r\n logger.debug('Auth flow already in progress (recent), skipping duplicate redirect');\r\n return;\r\n }\r\n }\r\n\r\n setFlowFlags();\r\n\r\n if (\r\n !config?.authServer ||\r\n !config.client?.clientId ||\r\n !config.client?.redirectUri\r\n ) {\r\n throw new Error('Invalid tenant configuration for auth flow');\r\n }\r\n\r\n storeTenantConfig(config);\r\n\r\n const codeVerifier = generateCodeVerifier();\r\n const codeChallenge = await generateCodeChallenge(codeVerifier);\r\n const state = generateState();\r\n\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n setStorage(STORAGE_KEYS.codeVerifier, codeVerifier);\r\n setStorage(STORAGE_KEYS.state, state);\r\n\r\n const authUrl = buildAuthorizationUrl(config, codeChallenge, state);\r\n\r\n if (\r\n !authUrl ||\r\n !(authUrl.startsWith('http://') || authUrl.startsWith('https://'))\r\n ) {\r\n throw new Error('Invalid authorization URL generated');\r\n }\r\n\r\n if (!checkAndIncrementRedirect()) {\r\n logger.warn('Redirect loop protection: max redirect attempts exceeded');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n logger.info('Redirecting to authorization server');\r\n emitAuthEvent(AuthEventNames.LOGIN_STARTED, { tenantKey: config.tenantKey });\r\n\r\n const runtime = getAuthRuntime();\r\n if (runtime) runtime.urlProvider.redirect(authUrl);\r\n else if (typeof window !== 'undefined') window.location.replace(authUrl);\r\n } catch (error) {\r\n clearFlowFlags();\r\n logger.error('Failed to initiate auth flow', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n throw error;\r\n }\r\n}\r\n\r\nfunction buildAuthorizationUrl(\r\n config: TenantConfig,\r\n codeChallenge: string,\r\n state: string,\r\n): string {\r\n if (isLocalhost()) {\r\n logger.debug('Building authorization URL', {\r\n authServer: config.authServer,\r\n clientId: config.client.clientId,\r\n redirectUri: config.client.redirectUri,\r\n scopes: config.client.scopes,\r\n });\r\n }\r\n\r\n const storedTenantId = getStorage(STORAGE_KEYS.tenantId);\r\n const storedClientId = getStorage(STORAGE_KEYS.clientId);\r\n\r\n const tenantIdToUse = storedTenantId || config.tenantId;\r\n const clientIdToUse = storedClientId || config.client.clientId;\r\n // Static redirect URI: always host + '/callback'\r\n const redirectUriToUse = Config.getRedirectUri();\r\n\r\n const params = new URLSearchParams({\r\n client_id: `public-${clientIdToUse}`,\r\n tenant_id: tenantIdToUse,\r\n redirect_uri: redirectUriToUse,\r\n response_type: DEFAULT_RESPONSE_TYPE,\r\n scope: config.client.scopes,\r\n state,\r\n code_challenge: codeChallenge,\r\n code_challenge_method: DEFAULT_CODE_CHALLENGE_METHOD,\r\n });\r\n\r\n return `${config.authServer}/connect/authorize?${params.toString()}`;\r\n}\r\n\r\nexport function isAuthenticated(): boolean {\r\n const token = getAccessToken();\r\n return !!token && !isAccessTokenExpired();\r\n}\r\n","/**\r\n * OAuth2 PKCE token exchange and refresh.\r\n * Strategy-owned implementation; uses API_AUTH_BASE_URL only.\r\n */\r\n\r\nimport {\r\n setStorage,\r\n getStorageAdapter,\r\n removeStorage,\r\n STORAGE_KEYS,\r\n getRefreshToken,\r\n getClientId,\r\n getTenantId,\r\n isAccessTokenExpired,\r\n getAccessToken as getStoredAccessToken,\r\n} from '../../infrastructure/storage/index';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { Config, DEFAULT_TOKEN_GRANT_TYPE, DEFAULT_REFRESH_GRANT_TYPE } from '../../config';\r\nimport { logger } from '../../utils/logger';\r\nimport { isLocalhost } from '../../application/domain-facade';\r\nimport type { TokenResponse } from '../../domain/auth-state';\r\n\r\nexport interface ExchangeTokenParams {\r\n code: string;\r\n codeVerifier: string;\r\n clientId: string;\r\n redirectUri: string;\r\n tenantId: string;\r\n}\r\n\r\nfunction storeTokens(tokenData: TokenResponse): void {\r\n const expiresIn = tokenData.expires_in || 3600;\r\n const expiresAt = Date.now() + expiresIn * 1000;\r\n\r\n const adapter = getStorageAdapter();\r\n if (adapter?.setTokensSync) {\r\n adapter.setTokensSync({\r\n accessToken: tokenData.access_token,\r\n refreshToken: tokenData.refresh_token,\r\n expiresAt,\r\n });\r\n }\r\n setStorage(STORAGE_KEYS.accessToken, tokenData.access_token);\r\n setStorage(STORAGE_KEYS.refreshToken, tokenData.refresh_token);\r\n setStorage(STORAGE_KEYS.expiresAt, expiresAt.toString());\r\n\r\n if (isLocalhost()) {\r\n logger.debug('Tokens stored successfully', {\r\n expiresAt: new Date(expiresAt).toISOString(),\r\n expiresIn,\r\n });\r\n } else {\r\n logger.info('Tokens stored successfully');\r\n }\r\n}\r\n\r\nexport async function exchangeCodeForTokens(params: ExchangeTokenParams): Promise<TokenResponse> {\r\n try {\r\n const { code, codeVerifier, clientId, redirectUri } = params;\r\n const apiAuthBaseUrl = Config.getApiAuthBaseUrl();\r\n const tokenUrl = `${apiAuthBaseUrl}/oauth/token`;\r\n\r\n const body = new URLSearchParams({\r\n grant_type: DEFAULT_TOKEN_GRANT_TYPE,\r\n code,\r\n client_id: `public-${clientId}`,\r\n redirect_uri: redirectUri,\r\n code_verifier: codeVerifier,\r\n });\r\n\r\n const response = await fetch(tokenUrl, {\r\n method: 'POST',\r\n headers: { 'Content-Type': 'application/x-www-form-urlencoded' },\r\n body: body.toString(),\r\n });\r\n\r\n if (!response.ok) {\r\n const responseData = await response.json().catch(() => ({}));\r\n logger.error('Token exchange failed', {\r\n status: response.status,\r\n statusText: response.statusText,\r\n responseData,\r\n requestUrl: tokenUrl,\r\n });\r\n throw new Error(\r\n `Token exchange failed: ${response.status} ${response.statusText}${Object.keys(responseData).length ? ` - ${JSON.stringify(responseData)}` : ''}`\r\n );\r\n }\r\n\r\n const tokenData = (await response.json()) as TokenResponse;\r\n\r\n if (!tokenData.access_token || !tokenData.refresh_token || !tokenData.expires_in) {\r\n logger.error('Invalid token response received');\r\n throw new Error('Invalid token response');\r\n }\r\n\r\n storeTokens(tokenData);\r\n return tokenData;\r\n } catch (error) {\r\n const isAborted = error instanceof Error && error.name === 'AbortError';\r\n if (isAborted) {\r\n logger.warn('Token exchange request canceled (likely due to navigation or component unmount)');\r\n const existingToken = getStoredAccessToken();\r\n if (existingToken && !isAccessTokenExpired()) {\r\n return {\r\n access_token: existingToken,\r\n refresh_token: getRefreshToken() || '',\r\n expires_in: 3600,\r\n } as TokenResponse;\r\n }\r\n throw new Error('Token exchange request was canceled');\r\n }\r\n logger.error('Token exchange failed', {\r\n message: error instanceof Error ? error.message : String(error),\r\n });\r\n throw error;\r\n }\r\n}\r\n\r\nlet refreshPromise: Promise<string> | null = null;\r\n\r\nexport async function refreshAccessToken(): Promise<string> {\r\n if (refreshPromise) return refreshPromise;\r\n\r\n refreshPromise = (async (): Promise<string> => {\r\n try {\r\n const refreshToken = getRefreshToken();\r\n const clientId = getClientId();\r\n const tenantId = getTenantId();\r\n\r\n logger.debug('Token refresh - collected data', {\r\n hasRefreshToken: !!refreshToken,\r\n clientId,\r\n tenantId,\r\n });\r\n\r\n if (!refreshToken || !clientId || !tenantId) {\r\n logger.error('Token refresh failed: missing required data', {\r\n hasRefreshToken: !!refreshToken,\r\n hasClientId: !!clientId,\r\n hasTenantId: !!tenantId,\r\n });\r\n throw new Error('Cannot refresh token: missing required data');\r\n }\r\n\r\n const apiAuthBaseUrl = Config.getApiAuthBaseUrl();\r\n const tokenUrl = `${apiAuthBaseUrl}/oauth/refresh`;\r\n\r\n const body = new URLSearchParams({\r\n grant_type: DEFAULT_REFRESH_GRANT_TYPE,\r\n refresh_token: refreshToken,\r\n client_id: clientId.startsWith('public-') ? clientId : `public-${clientId}`,\r\n tenant_id: tenantId,\r\n });\r\n\r\n const response = await fetch(tokenUrl, {\r\n method: 'POST',\r\n headers: {\r\n 'Content-Type': 'application/x-www-form-urlencoded',\r\n 'Accept': 'application/json',\r\n },\r\n body: body.toString(),\r\n });\r\n\r\n if (!response.ok) {\r\n const responseData = (await response.json().catch(() => ({}))) as Record<string, unknown>;\r\n const isExpiredOrInvalidGrant =\r\n response.status === 401 ||\r\n (responseData?.error === 'invalid_grant') ||\r\n (typeof responseData?.error_description === 'string' &&\r\n (responseData.error_description.includes('expired') || responseData.error_description.includes('invalid')));\r\n\r\n if (isExpiredOrInvalidGrant) {\r\n removeStorage(STORAGE_KEYS.refreshToken);\r\n removeStorage(STORAGE_KEYS.accessToken);\r\n removeStorage(STORAGE_KEYS.expiresAt);\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_FAILED, {\r\n error: 'Refresh token expired or invalid',\r\n message: String(responseData?.error_description ?? responseData?.error ?? 'Token refresh failed'),\r\n });\r\n }\r\n\r\n logger.error('Token refresh failed', {\r\n status: response.status,\r\n statusText: response.statusText,\r\n responseData,\r\n requestUrl: tokenUrl,\r\n });\r\n throw new Error(\r\n `Token refresh failed: ${response.status} ${response.statusText}${Object.keys(responseData).length ? ` - ${JSON.stringify(responseData)}` : ''}`\r\n );\r\n }\r\n\r\n const tokenData = (await response.json()) as TokenResponse;\r\n\r\n if (!tokenData.access_token || !tokenData.refresh_token) {\r\n logger.error('Invalid refresh token response received');\r\n throw new Error('Invalid refresh token response');\r\n }\r\n\r\n storeTokens(tokenData);\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_SUCCESS);\r\n return tokenData.access_token;\r\n } catch (error) {\r\n if (error instanceof Error) {\r\n logger.error('Token refresh failed', { message: error.message });\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_FAILED, { error: error.message });\r\n }\r\n throw error;\r\n } finally {\r\n refreshPromise = null;\r\n }\r\n })();\r\n\r\n return refreshPromise;\r\n}\r\n","/**\r\n * OAuth callback handling\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\nimport {\r\n getState,\r\n getCodeVerifier,\r\n getClientId,\r\n getRedirectUri,\r\n getTenantId,\r\n removeStorage,\r\n getStorage,\r\n setStorage,\r\n STORAGE_KEYS,\r\n getStorageKey,\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n getTenantKey,\r\n setTenantKey,\r\n clearAllStorage,\r\n} from '../../infrastructure/storage/index';\r\nimport { exchangeCodeForTokens } from './token-exchange';\r\nimport { isCallbackUrl, extractTenantKey } from '../../application/domain-facade';\r\nimport { logger } from '../../utils/logger';\r\nimport { clearFlowFlags } from '../../application/lifecycle-state';\r\nimport { getAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport {\r\n isCallbackProcessing,\r\n setCallbackProcessing,\r\n clearCallbackProcessing,\r\n} from '../../application/lifecycle-state';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { resetRedirectLoopGuard } from '../../application/security/redirectLoopGuard';\r\nimport axios from 'axios';\r\n\r\nfunction isProcessed(): boolean {\r\n return getStorage(getStorageKey('callback_processed')) === 'true';\r\n}\r\n\r\nfunction isProcessing(): boolean {\r\n return isCallbackProcessing();\r\n}\r\n\r\nfunction markProcessing(): void {\r\n setCallbackProcessing();\r\n}\r\n\r\nfunction markProcessed(): void {\r\n setStorage(getStorageKey('callback_processed'), 'true');\r\n clearCallbackProcessing();\r\n}\r\n\r\nfunction clearProcessing(): void {\r\n clearCallbackProcessing();\r\n removeStorage(getStorageKey('callback_processed'));\r\n}\r\n\r\nlet urlCleaned = false;\r\n\r\nfunction cleanUrl(): void {\r\n if (urlCleaned) return;\r\n if (isProcessing()) return;\r\n const runtime = getAuthRuntime();\r\n const clean = runtime\r\n ? `${runtime.urlProvider.getCurrentUrl().origin}${runtime.urlProvider.getCurrentUrl().pathname}`\r\n : (typeof window !== 'undefined' ? `${window.location.origin}${window.location.pathname}` : '/');\r\n if (runtime) runtime.urlProvider.redirect(clean);\r\n else if (typeof window !== 'undefined') window.location.replace(clean);\r\n urlCleaned = true;\r\n}\r\n\r\nfunction cleanUrlSoft(): void {\r\n if (urlCleaned) return;\r\n if (isProcessing()) return;\r\n const runtime = getAuthRuntime();\r\n const clean = runtime\r\n ? `${runtime.urlProvider.getCurrentUrl().origin}${runtime.urlProvider.getCurrentUrl().pathname}`\r\n : (typeof window !== 'undefined' ? `${window.location.origin}${window.location.pathname}` : '/');\r\n if (runtime) runtime.urlProvider.replaceState(clean);\r\n else if (typeof window !== 'undefined') window.history.replaceState({}, typeof document !== 'undefined' ? document.title : '', clean);\r\n urlCleaned = true;\r\n}\r\n\r\nfunction clearAllAuthFlags(): void {\r\n removeStorage(getStorageKey('force_login'));\r\n removeStorage(getStorageKey('logout_in_progress'));\r\n clearFlowFlags();\r\n}\r\n\r\nexport async function handleCallback(): Promise<boolean> {\r\n if (isProcessed()) {\r\n logger.debug('Callback already processed in this session - preventing duplicate processing');\r\n if (isCallbackUrl()) {\r\n if (!isProcessing()) cleanUrlSoft();\r\n }\r\n clearFlowFlags();\r\n return true;\r\n }\r\n\r\n if (isProcessing()) {\r\n logger.debug('Callback processing already in progress - waiting for completion');\r\n return true;\r\n }\r\n\r\n if (getStorage(getStorageKey('force_login')) === 'true') {\r\n logger.info('Force-login flag present → callback skipped (logout occurred)');\r\n const runtime = getAuthRuntime();\r\n if (runtime && runtime.urlProvider.getCurrentUrl().search) cleanUrlSoft();\r\n else if (typeof window !== 'undefined' && window.location.search) cleanUrlSoft();\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n return false;\r\n }\r\n\r\n const storedTenantKey = getTenantKey();\r\n let currentTenantKey: string | null = null;\r\n try {\r\n const propsConfigStr = getStorage(getStorageKey('props_config'));\r\n if (propsConfigStr) {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n currentTenantKey = propsConfig.tenantKey || null;\r\n }\r\n } catch {\r\n // fallback below\r\n }\r\n if (!currentTenantKey) currentTenantKey = storedTenantKey;\r\n\r\n if (currentTenantKey && storedTenantKey && currentTenantKey !== storedTenantKey) {\r\n logger.info('TenantKey changed - bypassing callback, starting fresh login');\r\n clearAllStorage();\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n setStorage(getStorageKey('tenant_switched'), 'true');\r\n setStorage(getStorageKey('new_tenant_key'), currentTenantKey);\r\n setTenantKey(currentTenantKey);\r\n if (isCallbackUrl()) cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n if (!isCallbackUrl()) return false;\r\n\r\n markProcessing();\r\n clearFlowFlags();\r\n urlCleaned = false;\r\n\r\n try {\r\n const search = getAuthRuntime()?.urlProvider.getCurrentUrl().search ?? (typeof window !== 'undefined' ? window.location.search : '');\r\n const params = new URLSearchParams(search);\r\n const code = params.get('code');\r\n const state = params.get('state');\r\n const error = params.get('error');\r\n\r\n if (error || !code || !state) {\r\n logger.error('Invalid OAuth callback params', { error, code, state });\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n markProcessed();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n const storedState = getState();\r\n if (!storedState || storedState !== state) {\r\n const currentTenantKeyFromUrl = extractTenantKey();\r\n let storedTenantKeyFromProps: string | null = null;\r\n try {\r\n const propsConfigStr = getStorage(getStorageKey('props_config'));\r\n if (propsConfigStr) {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n storedTenantKeyFromProps = propsConfig.tenantKey || null;\r\n }\r\n } catch {\r\n // ignore\r\n }\r\n const tenantKeyChanged = currentTenantKeyFromUrl && storedTenantKeyFromProps && currentTenantKeyFromUrl !== storedTenantKeyFromProps;\r\n if (tenantKeyChanged) {\r\n logger.info('OAuth state mismatch due to tenantKey change - expected behavior, starting fresh login');\r\n } else {\r\n logger.error('OAuth state mismatch - redirecting to login');\r\n }\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n markProcessed();\r\n cleanUrlSoft();\r\n setStorage(getStorageKey('state_mismatch'), 'true');\r\n return false;\r\n }\r\n\r\n const codeVerifier = getCodeVerifier();\r\n if (!codeVerifier) {\r\n logger.error('Missing PKCE verifier');\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n markProcessed();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n const clientId = getClientId();\r\n const redirectUri = getRedirectUri();\r\n const tenantId = getTenantId();\r\n\r\n if (!clientId || !redirectUri || !tenantId) {\r\n logger.error('Missing OAuth config during callback');\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n markProcessed();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n // Best practice: skip exchange if we already have a valid token (avoids duplicate / \"code already used\")\r\n const existingToken = getAccessToken();\r\n if (existingToken && !isAccessTokenExpired()) {\r\n logger.debug('Valid token already exists - skipping code exchange');\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrl();\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n\r\n const tokenData = await exchangeCodeForTokens({\r\n code,\r\n codeVerifier,\r\n clientId,\r\n redirectUri,\r\n tenantId,\r\n });\r\n\r\n if (!tokenData?.access_token) {\r\n logger.error('Token exchange returned no access token');\r\n clearProcessing();\r\n clearAllAuthFlags();\r\n cleanUrlSoft();\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, { message: 'No access token returned' });\r\n return false;\r\n }\r\n\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrl();\r\n\r\n logger.info('OAuth callback processed successfully');\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n } catch (err) {\r\n if (axios.isAxiosError(err)) {\r\n const status = err.response?.status;\r\n const responseData = err.response?.data as { error?: string; error_description?: string; details?: string } | undefined;\r\n const errorCode = responseData?.error;\r\n const errorDescription = responseData?.error_description || responseData?.details || '';\r\n\r\n if (\r\n status === 400 &&\r\n errorCode === 'invalid_grant' &&\r\n (String(errorDescription).includes('already used') ||\r\n String(errorDescription).includes('Code not found') ||\r\n String(errorDescription).includes('expired, already used'))\r\n ) {\r\n const existingToken = getAccessToken();\r\n const tokenValid = existingToken && !isAccessTokenExpired();\r\n if (tokenValid) {\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrlSoft();\r\n logger.info('OAuth callback processed successfully (code already used, but token exists)');\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n }\r\n\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, {\r\n error: err.message,\r\n message: responseData?.error_description ?? err.message,\r\n });\r\n logger.error('OAuth callback failed (Axios error)', {\r\n status,\r\n statusText: err.response?.statusText,\r\n responseData: err.response?.data,\r\n message: err.message,\r\n url: err.config?.url,\r\n });\r\n } else {\r\n logger.error('OAuth callback failed', {\r\n error: err instanceof Error ? err.message : String(err),\r\n });\r\n }\r\n\r\n clearAllAuthFlags();\r\n const existingToken = getAccessToken();\r\n const tokenValid = existingToken && !isAccessTokenExpired();\r\n if (tokenValid) {\r\n markProcessed();\r\n cleanUrlSoft();\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, {\r\n error: err instanceof Error ? err.message : String(err),\r\n });\r\n clearProcessing();\r\n if (isCallbackUrl()) cleanUrlSoft();\r\n return false;\r\n }\r\n}\r\n","/**\r\n * Tenant config cache with TTL and in-flight request deduplication.\r\n */\r\n\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { logger } from '../../utils/logger';\r\n\r\nconst DEFAULT_TTL_MS = 5 * 60 * 1000; // 5 minutes\r\n\r\nexport type TenantConfigResolver = (tenantKey: string) => Promise<TenantConfig | null>;\r\n\r\ninterface CacheEntry {\r\n config: TenantConfig;\r\n expiresAt: number;\r\n}\r\n\r\nexport class TenantConfigCache {\r\n private readonly cache = new Map<string, CacheEntry>();\r\n private readonly inFlight = new Map<string, Promise<TenantConfig | null>>();\r\n private readonly ttlMs: number;\r\n\r\n constructor(ttlMs: number = DEFAULT_TTL_MS) {\r\n this.ttlMs = ttlMs;\r\n }\r\n\r\n get(tenantKey: string): TenantConfig | null {\r\n const entry = this.cache.get(tenantKey);\r\n if (!entry) return null;\r\n if (Date.now() >= entry.expiresAt) {\r\n this.cache.delete(tenantKey);\r\n return null;\r\n }\r\n return entry.config;\r\n }\r\n\r\n set(tenantKey: string, config: TenantConfig): void {\r\n this.cache.set(tenantKey, {\r\n config,\r\n expiresAt: Date.now() + this.ttlMs,\r\n });\r\n }\r\n\r\n invalidate(tenantKey?: string): void {\r\n if (tenantKey) {\r\n this.cache.delete(tenantKey);\r\n this.inFlight.delete(tenantKey);\r\n } else {\r\n this.cache.clear();\r\n this.inFlight.clear();\r\n }\r\n }\r\n\r\n async getOrResolve(\r\n tenantKey: string,\r\n resolver: TenantConfigResolver\r\n ): Promise<TenantConfig | null> {\r\n if (!tenantKey || !tenantKey.trim()) return null;\r\n\r\n const key = tenantKey.trim();\r\n const cached = this.get(key);\r\n if (cached) {\r\n logger.debug('Tenant config from cache', { tenantKey: key });\r\n return cached;\r\n }\r\n\r\n const existing = this.inFlight.get(key);\r\n if (existing) {\r\n logger.debug('Tenant resolution reused (in-flight)', { tenantKey: key });\r\n return existing;\r\n }\r\n\r\n const promise = (async (): Promise<TenantConfig | null> => {\r\n try {\r\n const config = await resolver(key);\r\n if (config) this.set(key, config);\r\n return config;\r\n } finally {\r\n this.inFlight.delete(key);\r\n }\r\n })();\r\n\r\n this.inFlight.set(key, promise);\r\n return promise;\r\n }\r\n}\r\n","/**\r\n * Tenant resolution helpers: API + ENV fallback + props merge.\r\n * Uses TenantConfigCache for TTL and deduplication.\r\n */\r\n\r\nimport { extractTenantKeyFromUrl } from '../../domain/tenant';\r\nimport { getEnvConfig } from '../../config';\r\nimport { getStorage, removeStorage, getStorageKey } from '../storage/index';\r\nimport { logger } from '../../utils/logger';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport type { ConfigProvider, TenantResolver, CurrentUrl } from '../runtime/types';\r\nimport { TenantConfigCache } from './TenantConfigCache';\r\n\r\nconst defaultTenantConfigCache = new TenantConfigCache();\r\n\r\nexport function getTenantKeyFromRuntime(\r\n url: CurrentUrl,\r\n config: ConfigProvider\r\n): string | null {\r\n try {\r\n const propsConfigStr = getStorage(getStorageKey('props_config'));\r\n if (propsConfigStr) {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n if (propsConfig.tenantKey?.trim()) return propsConfig.tenantKey.trim();\r\n return null;\r\n }\r\n } catch {\r\n // continue to URL extraction\r\n }\r\n return extractTenantKeyFromUrl(url, config, getStorage, getStorageKey);\r\n}\r\n\r\nfunction getPropsConfig(): Record<string, string> | null {\r\n try {\r\n const propsConfigStr = getStorage(getStorageKey('props_config'));\r\n if (!propsConfigStr) return null;\r\n\r\n const parsed = JSON.parse(propsConfigStr);\r\n if (parsed && typeof parsed === 'object' && 'authServerUrl' in parsed) {\r\n delete (parsed as Record<string, unknown>).authServerUrl;\r\n }\r\n return parsed;\r\n } catch {\r\n removeStorage(getStorageKey('props_config'));\r\n return null;\r\n }\r\n}\r\n\r\nfunction mergeConfigWithProps(\r\n apiEnvConfig: TenantConfig,\r\n propsConfig: Record<string, string>,\r\n tenantKey: string | null\r\n): TenantConfig {\r\n return {\r\n tenantId: propsConfig.tenantId || apiEnvConfig.tenantId,\r\n authServer: apiEnvConfig.authServer,\r\n tenantKey: tenantKey || apiEnvConfig.tenantKey,\r\n client: {\r\n clientId: propsConfig.clientId || apiEnvConfig.client.clientId,\r\n redirectUri: apiEnvConfig.client.redirectUri,\r\n scopes: apiEnvConfig.client.scopes,\r\n },\r\n };\r\n}\r\n\r\nasync function buildTenantConfigFromEnv(): Promise<TenantConfig | null> {\r\n const envConfig = await getEnvConfig();\r\n if (!envConfig) return null;\r\n return {\r\n tenantId: envConfig.tenantId,\r\n authServer: envConfig.authServerUrl,\r\n client: {\r\n clientId: envConfig.clientId,\r\n redirectUri: envConfig.redirectUri,\r\n scopes: 'openid profile email',\r\n },\r\n };\r\n}\r\n\r\nexport async function resolveTenantConfig(\r\n tenantKey: string | null,\r\n tenantResolver: TenantResolver\r\n): Promise<TenantConfig | null> {\r\n if (!tenantKey) return null;\r\n\r\n const propsConfig = getPropsConfig();\r\n let apiEnvConfig: TenantConfig | null = null;\r\n let apiResolved = false;\r\n\r\n apiEnvConfig = await tenantResolver.resolve(tenantKey);\r\n apiResolved = !!apiEnvConfig;\r\n\r\n if (!apiEnvConfig) {\r\n apiEnvConfig = await buildTenantConfigFromEnv();\r\n }\r\n if (!apiEnvConfig) return null;\r\n\r\n if (!apiResolved && propsConfig) {\r\n const mergedConfig = mergeConfigWithProps(apiEnvConfig, propsConfig, tenantKey);\r\n removeStorage(getStorageKey('props_config'));\r\n logger.info('Merged props config with ENV fallback config');\r\n return mergedConfig;\r\n }\r\n\r\n removeStorage(getStorageKey('props_config'));\r\n\r\n return {\r\n ...apiEnvConfig,\r\n tenantKey: tenantKey || apiEnvConfig.tenantKey,\r\n };\r\n}\r\n\r\nexport async function resolveTenantConfigCached(\r\n tenantKey: string | null,\r\n tenantResolver: TenantResolver\r\n): Promise<TenantConfig | null> {\r\n if (!tenantKey) return null;\r\n return defaultTenantConfigCache.getOrResolve(tenantKey, (key) =>\r\n resolveTenantConfig(key, tenantResolver)\r\n );\r\n}\r\n\r\nexport function getTenantConfigCache(): TenantConfigCache {\r\n return defaultTenantConfigCache;\r\n}\r\n","/**\r\n * Force login flow: after logout, clear callback URL if needed, resolve tenant, initiate auth.\r\n */\r\n\r\nimport { isCallbackUrlFromUrl } from '../../domain/tenant';\r\nimport { clearFlowFlags } from '../lifecycle-state';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { handleCallback } from '../../strategies/oauth2-pkce/callback';\r\nimport { getTenantKeyFromRuntime, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class ForceLoginFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { urlProvider, logger: log } = runtime;\r\n const getUrl = () => urlProvider.getCurrentUrl();\r\n\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n await handleCallback();\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n log.warn('Callback URL still present after cleanup, forcing URL clean');\r\n const u = getUrl();\r\n urlProvider.redirect(`${u.origin}${u.pathname}`);\r\n return { completed: true };\r\n }\r\n }\r\n\r\n clearFlowFlags();\r\n\r\n const tenantKey = getTenantKeyFromRuntime(getUrl(), runtime.configProvider);\r\n if (!tenantKey) return { completed: true };\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n log.error('Tenant config resolution failed for force login', { tenantKey });\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Callback flow: run callback handling (validate state/code, exchange or skip, clean URL).\r\n */\r\n\r\nimport { clearFlowFlags, isCallbackProcessing } from '../lifecycle-state';\r\nimport { handleCallback } from '../../strategies/oauth2-pkce/callback';\r\nimport { isCallbackUrlFromUrl } from '../../domain/tenant';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class CallbackFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { urlProvider, logger: log } = runtime;\r\n const getUrl = () => urlProvider.getCurrentUrl();\r\n\r\n clearFlowFlags();\r\n\r\n const handled = await handleCallback();\r\n if (handled) {\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n if (isCallbackProcessing()) return { completed: true };\r\n const u = getUrl();\r\n urlProvider.redirect(`${u.origin}${u.pathname}`);\r\n return { completed: true };\r\n }\r\n return { completed: true };\r\n }\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n const u = getUrl();\r\n urlProvider.redirect(`${u.origin}${u.pathname}`);\r\n }\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Authenticated flow: valid token exists, no action needed.\r\n */\r\n\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class AuthenticatedFlow implements IAuthFlow {\r\n async execute(_context: FlowContext): Promise<FlowResult> {\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Default auth engine ref for backward compatibility.\r\n */\r\n\r\nimport type { AuthEngine } from './types';\r\n\r\nlet defaultEngine: AuthEngine | null = null;\r\n\r\nexport function getDefaultAuthEngine(): AuthEngine | null {\r\n return defaultEngine;\r\n}\r\n\r\nexport function setDefaultAuthEngine(engine: AuthEngine | null): void {\r\n defaultEngine = engine;\r\n}\r\n","/**\r\n * Token API: facades for public API.\r\n * ensureValidAccessToken delegates to default engine when set; otherwise uses strategy refresh.\r\n */\r\n\r\nimport {\r\n getRefreshToken,\r\n isAccessTokenExpired,\r\n getAccessToken as getStoredAccessToken,\r\n} from '../infrastructure/storage/index';\r\nimport { getDefaultAuthEngine } from './engine/defaultEngine';\r\nimport { logger } from '../utils/logger';\r\nimport { refreshAccessToken as strategyRefreshAccessToken } from '../strategies/oauth2-pkce/token-exchange';\r\n\r\nexport { refreshAccessToken } from '../strategies/oauth2-pkce/token-exchange';\r\nexport type { ExchangeTokenParams } from '../strategies/oauth2-pkce/token-exchange';\r\n\r\nexport async function ensureValidAccessToken(): Promise<string> {\r\n const engine = getDefaultAuthEngine();\r\n if (engine) {\r\n try {\r\n return await engine.getAccessToken();\r\n } catch {\r\n // Fall through to strategy refresh\r\n }\r\n }\r\n\r\n const token = getStoredAccessToken();\r\n if (token && !isAccessTokenExpired()) return token;\r\n\r\n const refreshToken = getRefreshToken();\r\n if (!refreshToken) {\r\n logger.debug('No refresh token - cannot refresh; login required');\r\n throw new Error('No refresh token; login required');\r\n }\r\n\r\n return await strategyRefreshAccessToken();\r\n}\r\n\r\nexport function getAccessToken(): string | null {\r\n return getStoredAccessToken();\r\n}\r\n","/**\r\n * Refresh flow: ensureValidAccessToken (refresh only); on failure fall through to login required.\r\n */\r\n\r\nimport { ensureValidAccessToken } from '../token';\r\nimport { logger } from '../../utils/logger';\r\nimport { getTenantKeyFromRuntime, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { setTenantKey } from '../../infrastructure/storage/index';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class RefreshFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { logger: log } = runtime;\r\n const getUrl = () => runtime.urlProvider.getCurrentUrl();\r\n\r\n log.debug('Token expired, attempting to refresh...');\r\n\r\n try {\r\n const refreshedToken = await ensureValidAccessToken();\r\n if (refreshedToken) {\r\n logger.debug('Token refreshed successfully, bootstrap complete');\r\n return { completed: true };\r\n }\r\n } catch (error) {\r\n logger.warn('Token refresh failed, will trigger new auth flow', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n const tenantKey = getTenantKeyFromRuntime(getUrl(), runtime.configProvider);\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant',\r\n new Error('Tenant key missing')\r\n );\r\n }\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Tenant switch flow: resolve new tenant, set tenant key, store config, initiate auth.\r\n */\r\n\r\nimport { getStorage, removeStorage, getStorageKey, setTenantKey } from '../../infrastructure/storage/index';\r\nimport { getTenantKeyFromRuntime, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { emitAuthEvent, AuthEventNames } from '../events/AuthEvents';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class TenantSwitchFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { urlProvider, logger: log } = runtime;\r\n const getUrl = () => urlProvider.getCurrentUrl();\r\n\r\n const newTenantKey = getStorage(getStorageKey('new_tenant_key'));\r\n log.info('Tenant switch detected - starting fresh login', { newTenantKey });\r\n emitAuthEvent(AuthEventNames.TENANT_SWITCHED, { tenantKey: newTenantKey ?? undefined });\r\n\r\n removeStorage(getStorageKey('tenant_switched'));\r\n removeStorage(getStorageKey('new_tenant_key'));\r\n\r\n const tenantKey = newTenantKey || getTenantKeyFromRuntime(getUrl(), runtime.configProvider);\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant after switch',\r\n new Error('Tenant key missing after switch')\r\n );\r\n }\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration after switch',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Normal login flow: resolve tenant, store config, initiate auth.\r\n */\r\n\r\nimport {\r\n getStorage,\r\n removeStorage,\r\n getStorageKey,\r\n setTenantKey,\r\n getAccessToken,\r\n} from '../../infrastructure/storage/index';\r\nimport { clearCallbackProcessing } from '../lifecycle-state';\r\nimport { getTenantKeyFromRuntime, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class LoginFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { logger: log } = runtime;\r\n const getUrl = () => runtime.urlProvider.getCurrentUrl();\r\n\r\n const callbackProcessed = getStorage(getStorageKey('callback_processed')) === 'true';\r\n const token = getAccessToken();\r\n if (callbackProcessed && !token) {\r\n log.warn('Callback processed but token still not available - clearing flag and allowing fresh login');\r\n removeStorage(getStorageKey('callback_processed'));\r\n clearCallbackProcessing();\r\n }\r\n\r\n const wasStateMismatch = getStorage(getStorageKey('state_mismatch')) === 'true';\r\n if (wasStateMismatch) removeStorage(getStorageKey('state_mismatch'));\r\n\r\n const tenantKey = getTenantKeyFromRuntime(getUrl(), runtime.configProvider);\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant',\r\n new Error('Tenant key missing')\r\n );\r\n }\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Returns the flow instance for a given auth lifecycle state.\r\n */\r\n\r\nimport { AuthLifecycleState } from '../../domain/auth-lifecycle';\r\nimport type { IAuthFlow } from './types';\r\nimport { ForceLoginFlow } from './ForceLoginFlow';\r\nimport { CallbackFlow } from './CallbackFlow';\r\nimport { AuthenticatedFlow } from './AuthenticatedFlow';\r\nimport { RefreshFlow } from './RefreshFlow';\r\nimport { TenantSwitchFlow } from './TenantSwitchFlow';\r\nimport { LoginFlow } from './LoginFlow';\r\n\r\nconst forceLoginFlow = new ForceLoginFlow();\r\nconst callbackFlow = new CallbackFlow();\r\nconst authenticatedFlow = new AuthenticatedFlow();\r\nconst refreshFlow = new RefreshFlow();\r\nconst tenantSwitchFlow = new TenantSwitchFlow();\r\nconst loginFlow = new LoginFlow();\r\n\r\nexport function getFlowForState(state: AuthLifecycleState): IAuthFlow {\r\n switch (state) {\r\n case AuthLifecycleState.FORCE_LOGIN:\r\n return forceLoginFlow;\r\n case AuthLifecycleState.PROCESSING_CALLBACK:\r\n return callbackFlow;\r\n case AuthLifecycleState.AUTHENTICATED:\r\n return authenticatedFlow;\r\n case AuthLifecycleState.TOKEN_EXPIRED:\r\n return refreshFlow;\r\n case AuthLifecycleState.TENANT_SWITCH:\r\n return tenantSwitchFlow;\r\n case AuthLifecycleState.LOGIN_REQUIRED:\r\n case AuthLifecycleState.INITIALIZING:\r\n case AuthLifecycleState.LOGGED_OUT:\r\n case AuthLifecycleState.ERROR:\r\n default:\r\n return loginFlow;\r\n }\r\n}\r\n","/**\r\n * Internal bootstrap execution: state resolution + single flow.\r\n */\r\n\r\nimport { getAuthRuntime } from '../infrastructure/runtime/context';\r\nimport { isCallbackUrlFromUrl } from '../domain/tenant';\r\nimport {\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n getStorage,\r\n getStorageKey,\r\n getRefreshToken,\r\n} from '../infrastructure/storage/index';\r\nimport {\r\n enforceHttps,\r\n sanitizeErrorMessage,\r\n SanitizedError,\r\n} from '../utils/security';\r\nimport { logger } from '../utils/logger';\r\nimport { resolveAuthLifecycleState } from '../domain/auth-lifecycle';\r\nimport {\r\n isBootstrapInProgress,\r\n setBootstrapInProgress,\r\n clearBootstrapInProgress,\r\n} from './lifecycle-state';\r\nimport { getFlowForState } from './flows/getFlowForState';\r\nimport type { FlowContext } from './flows/types';\r\nimport { emitAuthEvent, AuthEventNames } from './events/AuthEvents';\r\n\r\nfunction createStorageReader() {\r\n return (suffix: string) => getStorage(getStorageKey(suffix));\r\n}\r\n\r\nexport async function runBootstrap(): Promise<void> {\r\n const runtime = getAuthRuntime();\r\n if (!runtime) {\r\n logger.warn(\r\n 'Auth runtime not set; skipping bootstrap. Set runtime via AuthProvider or setAuthRuntime().'\r\n );\r\n return;\r\n }\r\n\r\n if (isBootstrapInProgress()) {\r\n logger.debug('Bootstrap already in progress - skipping duplicate run');\r\n return;\r\n }\r\n\r\n setBootstrapInProgress();\r\n\r\n try {\r\n enforceHttps(true);\r\n\r\n const url = runtime.urlProvider.getCurrentUrl();\r\n const token = getAccessToken();\r\n const expired = isAccessTokenExpired();\r\n const hasValidToken = !!(token && !expired);\r\n const hasToken = !!token;\r\n const hasRefreshToken = !!getRefreshToken();\r\n\r\n const state = resolveAuthLifecycleState({\r\n url,\r\n getStorage: createStorageReader(),\r\n isCallbackUrl: isCallbackUrlFromUrl,\r\n hasValidToken,\r\n hasToken,\r\n hasRefreshToken,\r\n isTokenExpired: expired,\r\n });\r\n\r\n emitAuthEvent(AuthEventNames.BOOTSTRAP_STATE_DETECTED, { state: state as string });\r\n\r\n const flow = getFlowForState(state);\r\n const context: FlowContext = { runtime, url, state };\r\n await flow.execute(context);\r\n } catch (error) {\r\n if (error instanceof SanitizedError) throw error;\r\n const r = getAuthRuntime();\r\n (r?.logger ?? logger).error('Bootstrap failed', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n throw new Error(\r\n sanitizeErrorMessage(error, 'Authentication initialization failed')\r\n );\r\n } finally {\r\n clearBootstrapInProgress();\r\n }\r\n}\r\n","/**\r\n * Session-cleared callback for watchers (cookie/storage).\r\n * Application layer sets this to bootstrap so infrastructure does not depend on application.\r\n */\r\n\r\nlet sessionClearedCallback: (() => void | Promise<void>) | null = null;\r\n\r\nexport function setSessionClearedCallback(cb: (() => void | Promise<void>) | null): void {\r\n sessionClearedCallback = cb;\r\n}\r\n\r\nexport function getSessionClearedCallback(): (() => void | Promise<void>) | null {\r\n return sessionClearedCallback;\r\n}\r\n","/**\r\n * Public bootstrap API. Delegates to default engine.init() when set; otherwise runs runBootstrap().\r\n */\r\n\r\nimport { runBootstrap } from './run-bootstrap';\r\nimport { getDefaultAuthEngine } from './engine/defaultEngine';\r\nimport { setSessionClearedCallback } from '../infrastructure/watchers/callbacks';\r\n\r\nasync function bootstrapImpl(): Promise<void> {\r\n const engine = getDefaultAuthEngine();\r\n if (engine) {\r\n await engine.init();\r\n return;\r\n }\r\n await runBootstrap();\r\n}\r\n\r\nsetSessionClearedCallback(() => bootstrapImpl());\r\n\r\nexport async function bootstrap(): Promise<void> {\r\n return bootstrapImpl();\r\n}\r\n","/**\r\n * Cookie-based authentication utilities\r\n * Strategy layer: cookie auth (cookie names used by cookie-watcher).\r\n */\r\n\r\nexport const COOKIE_NAMES = {\r\n accessToken: 'tenneo_auth_access_token',\r\n refreshToken: 'tenneo_auth_refresh_token',\r\n} as const;\r\n","/**\r\n * Cookie watcher to detect cookie deletion and clear session.\r\n * Infrastructure layer: uses storage and callback; application sets callback to bootstrap.\r\n */\r\n\r\nimport {\r\n clearAuthStorage,\r\n clearAuthSessionStorage,\r\n getStorage,\r\n getStorageKey,\r\n} from '../storage/index';\r\nimport { getSessionClearedCallback } from './callbacks';\r\nimport { logger } from '../../utils/logger';\r\nimport { COOKIE_NAMES } from '../../strategies/cookie/cookie-auth';\r\n\r\nlet isWatching = false;\r\nlet lastCookieSnapshot: string = '';\r\nlet lastCookieMap: Map<string, string> = new Map();\r\nlet watchInterval: ReturnType<typeof setInterval> | null = null;\r\n\r\nfunction getCookieSnapshot(): string {\r\n try {\r\n return document.cookie || '';\r\n } catch {\r\n return '';\r\n }\r\n}\r\n\r\nfunction getCookieNames(): string[] {\r\n try {\r\n const cookies = document.cookie.split(';');\r\n return cookies\r\n .map((cookie) => {\r\n const eqPos = cookie.indexOf('=');\r\n return eqPos > -1 ? cookie.substring(0, eqPos).trim() : cookie.trim();\r\n })\r\n .filter((name) => name.length > 0);\r\n } catch {\r\n return [];\r\n }\r\n}\r\n\r\nfunction getCookieMap(): Map<string, string> {\r\n const cookieMap = new Map<string, string>();\r\n try {\r\n const cookies = document.cookie.split(';');\r\n for (const cookie of cookies) {\r\n const eqPos = cookie.indexOf('=');\r\n if (eqPos > -1) {\r\n const name = cookie.substring(0, eqPos).trim();\r\n const value = cookie.substring(eqPos + 1).trim();\r\n if (name.length > 0) cookieMap.set(name, value);\r\n }\r\n }\r\n } catch {\r\n // Silent fail\r\n }\r\n return cookieMap;\r\n}\r\n\r\nfunction checkCookiesDeleted(): boolean {\r\n try {\r\n const currentSnapshot = getCookieSnapshot();\r\n const currentCookieMap = getCookieMap();\r\n const currentCookies = getCookieNames();\r\n\r\n if (lastCookieSnapshot && !currentSnapshot) {\r\n logger.info('All cookies deleted detected');\r\n return true;\r\n }\r\n\r\n if (lastCookieMap.size > 0) {\r\n const authCookieNames = [\r\n COOKIE_NAMES.accessToken,\r\n COOKIE_NAMES.refreshToken,\r\n 'tenneo_auth',\r\n 'tenneo_auth_access_token',\r\n 'tenneo_auth_refresh_token',\r\n 'auth',\r\n 'session',\r\n 'token',\r\n ];\r\n\r\n const deletedAuthCookies: string[] = [];\r\n for (const [cookieName] of lastCookieMap) {\r\n const isAuthCookie = authCookieNames.some((authName) =>\r\n cookieName.toLowerCase().includes(authName.toLowerCase())\r\n );\r\n if (isAuthCookie && !currentCookieMap.has(cookieName)) {\r\n deletedAuthCookies.push(cookieName);\r\n }\r\n }\r\n if (deletedAuthCookies.length > 0) {\r\n logger.info('Auth cookies deleted detected', {\r\n deletedCookies: deletedAuthCookies,\r\n previousCookieCount: lastCookieMap.size,\r\n currentCookieCount: currentCookieMap.size,\r\n });\r\n return true;\r\n }\r\n\r\n const hadTenneoAuthAccess =\r\n lastCookieMap.has(COOKIE_NAMES.accessToken) ||\r\n lastCookieMap.has('tenneo_auth_access_token');\r\n const hasTenneoAuthAccess =\r\n currentCookieMap.has(COOKIE_NAMES.accessToken) ||\r\n currentCookieMap.has('tenneo_auth_access_token');\r\n if (hadTenneoAuthAccess && !hasTenneoAuthAccess) {\r\n logger.info('tenneo auth access token cookie deleted detected');\r\n return true;\r\n }\r\n\r\n const hadTenneoAuthRefresh =\r\n lastCookieMap.has(COOKIE_NAMES.refreshToken) ||\r\n lastCookieMap.has('tenneo_auth_refresh_token');\r\n const hasTenneoAuthRefresh =\r\n currentCookieMap.has(COOKIE_NAMES.refreshToken) ||\r\n currentCookieMap.has('tenneo_auth_refresh_token');\r\n if (hadTenneoAuthRefresh && !hasTenneoAuthRefresh) {\r\n logger.info('tenneo auth refresh token cookie deleted detected');\r\n return true;\r\n }\r\n\r\n if (\r\n lastCookieMap.size > currentCookieMap.size &&\r\n lastCookieMap.size - currentCookieMap.size >= 1\r\n ) {\r\n const deletedCookies: string[] = [];\r\n for (const [cookieName] of lastCookieMap) {\r\n if (!currentCookieMap.has(cookieName)) deletedCookies.push(cookieName);\r\n }\r\n const deletedAuthCookiesCount = deletedCookies.filter((name) =>\r\n authCookieNames.some((authName) =>\r\n name.toLowerCase().includes(authName.toLowerCase())\r\n )\r\n ).length;\r\n if (deletedAuthCookiesCount > 0) {\r\n logger.info('Auth cookies deleted detected (count-based)', {\r\n deletedCookies,\r\n deletedAuthCount: deletedAuthCookiesCount,\r\n previousCount: lastCookieMap.size,\r\n currentCount: currentCookieMap.size,\r\n });\r\n return true;\r\n }\r\n }\r\n }\r\n\r\n lastCookieSnapshot = currentSnapshot;\r\n lastCookieMap = new Map(currentCookieMap);\r\n return false;\r\n } catch (error) {\r\n logger.warn('Error checking cookies', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n return false;\r\n }\r\n}\r\n\r\nfunction handleCookieDeletion(): void {\r\n try {\r\n logger.info('Cookies deleted detected - clearing session and redirecting to login');\r\n\r\n const forceLoginSet = getStorage(getStorageKey('force_login')) === 'true';\r\n const logoutInProgress = getStorage(getStorageKey('logout_in_progress')) === 'true';\r\n if (forceLoginSet || logoutInProgress) {\r\n logger.debug(\r\n 'Force login or logout in progress - skipping bootstrap from cookie watcher (avoids duplicate by-code API call)'\r\n );\r\n return;\r\n }\r\n\r\n clearAuthStorage();\r\n\r\n try {\r\n if (typeof window !== 'undefined') {\r\n const forceLogin = window.localStorage.getItem(getStorageKey('force_login'));\r\n const logoutInProgressPreserve = window.localStorage.getItem(\r\n getStorageKey('logout_in_progress')\r\n );\r\n clearAuthSessionStorage();\r\n if (forceLogin === 'true')\r\n window.localStorage.setItem(getStorageKey('force_login'), 'true');\r\n if (logoutInProgressPreserve === 'true')\r\n window.localStorage.setItem(getStorageKey('logout_in_progress'), 'true');\r\n } else {\r\n clearAuthSessionStorage();\r\n }\r\n } catch (error) {\r\n logger.warn('Failed to clear sessionStorage', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after cookie deletion', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n });\r\n }\r\n } catch (error) {\r\n logger.error('Error handling cookie deletion', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n}\r\n\r\nexport function startCookieWatcher(): void {\r\n if (isWatching) {\r\n logger.debug('Cookie watcher already running');\r\n return;\r\n }\r\n\r\n isWatching = true;\r\n lastCookieSnapshot = getCookieSnapshot();\r\n lastCookieMap = getCookieMap();\r\n\r\n const initialCookies = getCookieNames();\r\n const authCookies = initialCookies.filter(\r\n (name) =>\r\n name.toLowerCase().includes('tenneo_auth') ||\r\n name.toLowerCase().includes('auth') ||\r\n name.toLowerCase().includes('token')\r\n );\r\n logger.debug('Cookie watcher started', {\r\n initialCookieCount: initialCookies.length,\r\n authCookieCount: authCookies.length,\r\n authCookies,\r\n allCookies: initialCookies,\r\n });\r\n\r\n watchInterval = setInterval(async () => {\r\n const logoutInProgress =\r\n typeof window !== 'undefined' &&\r\n window.localStorage.getItem(getStorageKey('logout_in_progress')) === 'true';\r\n if (logoutInProgress) {\r\n logger.debug('Logout detected. Cookie watcher will not trigger bootstrap.');\r\n lastCookieSnapshot = getCookieSnapshot();\r\n lastCookieMap = getCookieMap();\r\n return;\r\n }\r\n\r\n const cookiesDeleted = checkCookiesDeleted();\r\n if (cookiesDeleted) {\r\n logger.info('Cookies deleted detected by cookie watcher');\r\n if (watchInterval) {\r\n clearInterval(watchInterval);\r\n watchInterval = null;\r\n }\r\n isWatching = false;\r\n\r\n try {\r\n await handleCookieDeletion();\r\n } catch (error) {\r\n logger.error('Error handling cookie deletion, will restart watcher', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n } finally {\r\n queueMicrotask(() => {\r\n if (!isWatching) startCookieWatcher();\r\n });\r\n }\r\n }\r\n }, 1000);\r\n\r\n logger.info('Cookie watcher started - monitoring for cookie deletion');\r\n}\r\n\r\nexport function stopCookieWatcher(): void {\r\n isWatching = false;\r\n if (watchInterval) {\r\n clearInterval(watchInterval);\r\n watchInterval = null;\r\n }\r\n lastCookieSnapshot = '';\r\n logger.debug('Cookie watcher stopped');\r\n}\r\n\r\nexport function resetCookieWatcher(): void {\r\n lastCookieSnapshot = getCookieSnapshot();\r\n lastCookieMap = getCookieMap();\r\n const currentCookies = getCookieNames();\r\n const authCookies = currentCookies.filter(\r\n (name) =>\r\n name.toLowerCase().includes('tenneo_auth') ||\r\n name.toLowerCase().includes('auth') ||\r\n name.toLowerCase().includes('token')\r\n );\r\n logger.debug('Cookie watcher reset', {\r\n currentCookieCount: currentCookies.length,\r\n authCookieCount: authCookies.length,\r\n authCookies,\r\n });\r\n}\r\n","/**\r\n * Storage watcher to detect manual storage clears and restart auth flow.\r\n * Infrastructure layer: uses storage and callback; application sets callback to bootstrap.\r\n */\r\n\r\nimport { STORAGE_KEYS, getStorage, getStorageKey } from '../storage/index';\r\nimport { getSessionClearedCallback } from './callbacks';\r\nimport { logger } from '../../utils/logger';\r\n\r\nlet isWatching = false;\r\nlet lastStorageCheck: string | null = null;\r\nlet storageEventListener: ((event: StorageEvent) => void) | null = null;\r\n\r\nfunction checkStorageCleared(): boolean {\r\n try {\r\n const hasAnyAuthData = Object.values(STORAGE_KEYS).some(\r\n (key: string) => getStorage(key) !== null\r\n );\r\n if (lastStorageCheck === 'had_data' && !hasAnyAuthData) return true;\r\n lastStorageCheck = hasAnyAuthData ? 'had_data' : 'no_data';\r\n return false;\r\n } catch {\r\n return false;\r\n }\r\n}\r\n\r\nfunction handleStorageEvent(event: StorageEvent): void {\r\n if (typeof window !== 'undefined' && event.storageArea === window.sessionStorage) {\r\n const wasCleared = checkStorageCleared();\r\n if (wasCleared) {\r\n logger.info('Detected manual sessionStorage clear! Redirecting to login...');\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after manual clear', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n });\r\n }\r\n }\r\n }\r\n}\r\n\r\nexport function startStorageWatcher(): void {\r\n if (isWatching) return;\r\n\r\n isWatching = true;\r\n checkStorageCleared();\r\n\r\n storageEventListener = handleStorageEvent;\r\n window.addEventListener('storage', storageEventListener);\r\n\r\n const pollInterval = setInterval(() => {\r\n const logoutInProgress =\r\n typeof window !== 'undefined' &&\r\n window.localStorage.getItem(getStorageKey('logout_in_progress')) === 'true';\r\n if (logoutInProgress) {\r\n logger.debug('Logout detected. Storage watcher will not trigger bootstrap.');\r\n return;\r\n }\r\n\r\n const wasCleared = checkStorageCleared();\r\n if (wasCleared) {\r\n logger.info('Detected manual sessionStorage clear (polling)! Redirecting to login...');\r\n clearInterval(pollInterval);\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after manual clear', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n if (!isWatching) startStorageWatcher();\r\n });\r\n }\r\n }\r\n }, 1000);\r\n\r\n (window as unknown as { __tenneo_auth_storage_watcher_interval?: ReturnType<typeof setInterval> }).__tenneo_auth_storage_watcher_interval = pollInterval;\r\n}\r\n\r\nexport function stopStorageWatcher(): void {\r\n isWatching = false;\r\n if (storageEventListener) {\r\n window.removeEventListener('storage', storageEventListener);\r\n storageEventListener = null;\r\n }\r\n const win = window as unknown as { __tenneo_auth_storage_watcher_interval?: ReturnType<typeof setInterval> };\r\n const intervalId = win.__tenneo_auth_storage_watcher_interval;\r\n if (intervalId) {\r\n clearInterval(intervalId);\r\n delete win.__tenneo_auth_storage_watcher_interval;\r\n }\r\n}\r\n","/**\r\n * Shared cookie utilities\r\n * \r\n * SINGLE SOURCE OF TRUTH for cookie clearing\r\n * Prevents duplicate code across logout, storage-watcher, etc.\r\n */\r\n\r\nimport { logger } from './logger';\r\n\r\n/**\r\n * Best-effort removal of non-HttpOnly cookies\r\n * HttpOnly cookies MUST be cleared by server\r\n * \r\n * This function is idempotent - safe to call multiple times\r\n */\r\nexport function clearClientCookies(): void {\r\n try {\r\n if (typeof document === 'undefined' || typeof window === 'undefined') return;\r\n\r\n const cookies = document.cookie.split(';');\r\n const hostname = window.location.hostname;\r\n const hostParts = hostname.split('.').filter(Boolean);\r\n\r\n const domainsToTry: string[] = [hostname];\r\n if (hostParts.length > 1) {\r\n // Try progressively broader parent domains (e.g. a.b.c.com -> .c.com, .b.c.com)\r\n for (let i = hostParts.length - 2; i >= 0; i--) {\r\n const parent = '.' + hostParts.slice(i).join('.');\r\n if (!domainsToTry.includes(parent)) domainsToTry.push(parent);\r\n }\r\n }\r\n\r\n const pathsToTry = ['/', window.location.pathname || '/'].filter(Boolean);\r\n\r\n for (const cookie of cookies) {\r\n const eqPos = cookie.indexOf('=');\r\n const name = eqPos > -1 ? cookie.slice(0, eqPos).trim() : cookie.trim();\r\n\r\n if (!name) continue;\r\n\r\n for (const path of pathsToTry) {\r\n // No domain attribute (current host)\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path}`;\r\n // With domain attribute (host + parent domains)\r\n for (const domain of domainsToTry) {\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path};domain=${domain}`;\r\n }\r\n }\r\n }\r\n\r\n logger.debug('Client-side cookies cleared (best-effort)');\r\n } catch (error) {\r\n logger.warn('Failed to clear client cookies', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n}\r\n","/**\r\n * Logout functionality.\r\n * Sets force_login, clears auth storage; does not redirect (bootstrap handles that).\r\n */\r\n\r\nimport {\r\n clearAllStorage,\r\n getStorage,\r\n removeStorage,\r\n setStorage,\r\n getStorageKey,\r\n} from '../infrastructure/storage/index';\r\nimport { emitAuthEvent, AuthEventNames } from './events/AuthEvents';\r\nimport { stopStorageWatcher } from '../infrastructure/watchers';\r\nimport { stopCookieWatcher, resetCookieWatcher } from '../infrastructure/watchers';\r\nimport { logger } from '../utils/logger';\r\nimport { Config } from '../config';\r\nimport { clearClientCookies } from '../utils/cookies';\r\nimport { getAuthRuntime } from '../infrastructure/runtime/context';\r\n\r\nfunction buildUrl(baseUrl: string, path: string): string {\r\n const url = new URL(baseUrl);\r\n const normalizedPath = path.startsWith('/') ? path : `/${path}`;\r\n url.pathname = url.pathname.endsWith('/')\r\n ? `${url.pathname}${normalizedPath.slice(1)}`\r\n : `${url.pathname}${normalizedPath}`;\r\n return url.toString();\r\n}\r\n\r\ninterface LogoutResponse {\r\n success?: boolean;\r\n message?: string;\r\n logout?: boolean;\r\n}\r\n\r\nasync function callServerLogout(logoutUrl: string): Promise<{\r\n success: boolean;\r\n response?: LogoutResponse;\r\n}> {\r\n try {\r\n const response = await fetch(logoutUrl, {\r\n method: 'POST',\r\n headers: {\r\n 'Content-Type': 'application/x-www-form-urlencoded',\r\n 'X-Requested-With': 'XMLHttpRequest',\r\n Accept: 'application/json',\r\n },\r\n credentials: 'include',\r\n });\r\n const data = (await response.json().catch(() => ({}))) as LogoutResponse;\r\n logger.info('Server logout response (POST)', { response: data });\r\n if (data && (data.success === true || data.logout === true)) {\r\n return { success: true, response: data };\r\n }\r\n logger.warn('Server logout response invalid (POST)', { response: data });\r\n return { success: false, response: data };\r\n } catch (error) {\r\n logger.debug('POST logout failed, trying GET', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n try {\r\n const response = await fetch(logoutUrl, {\r\n method: 'GET',\r\n headers: {\r\n 'X-Requested-With': 'XMLHttpRequest',\r\n Accept: 'application/json',\r\n },\r\n credentials: 'include',\r\n });\r\n const data = (await response.json().catch(() => ({}))) as LogoutResponse;\r\n logger.info('Server logout response (GET)', { response: data });\r\n if (data && (data.success === true || data.logout === true)) {\r\n return { success: true, response: data };\r\n }\r\n logger.warn('Server logout response invalid (GET)', { response: data });\r\n return { success: false, response: data };\r\n } catch (getError) {\r\n logger.warn('Server logout failed (both POST and GET)', {\r\n postError: error instanceof Error ? error.message : String(error),\r\n getError: getError instanceof Error ? getError.message : String(getError),\r\n });\r\n return { success: false };\r\n }\r\n }\r\n}\r\n\r\nfunction performLocalLogoutCleanup(): void {\r\n logger.debug('Performing local logout cleanup');\r\n try {\r\n getAuthRuntime()?.clearCookies?.clearCookies();\r\n } catch (error) {\r\n logger.debug('Runtime cookie clearer failed (ignored)', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n clearClientCookies();\r\n clearAllStorage();\r\n logger.info('Local logout cleanup completed');\r\n}\r\n\r\nexport async function logout(tenantKey?: string): Promise<{\r\n success: boolean;\r\n message: string;\r\n serverResponse?: LogoutResponse;\r\n}> {\r\n setStorage(getStorageKey('logout_in_progress'), 'true');\r\n setStorage(getStorageKey('force_login'), 'true');\r\n if (tenantKey?.trim()) setStorage(getStorageKey('preserved_tenant_key'), tenantKey.trim());\r\n\r\n if (getStorage(getStorageKey('logout_processing')) === 'true') {\r\n logger.debug('Logout already in progress – skipping duplicate call');\r\n return { success: true, message: 'Logout already in progress.' };\r\n }\r\n\r\n setStorage(getStorageKey('logout_processing'), 'true');\r\n\r\n try {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n\r\n const apiAuthBaseUrl = Config.getApiAuthBaseUrl();\r\n let serverLogoutSuccess = false;\r\n let serverResponse: LogoutResponse | undefined;\r\n\r\n if (apiAuthBaseUrl) {\r\n const logoutUrl = buildUrl(apiAuthBaseUrl, 'account/logout');\r\n logger.info('Calling auth server logout', { logoutUrl });\r\n const logoutResult = await callServerLogout(logoutUrl);\r\n serverLogoutSuccess = logoutResult.success;\r\n serverResponse = logoutResult.response;\r\n }\r\n\r\n performLocalLogoutCleanup();\r\n\r\n const preservedTenantKey = getStorage(getStorageKey('preserved_tenant_key'));\r\n if (preservedTenantKey) {\r\n setStorage(getStorageKey('props_config'), JSON.stringify({ tenantKey: preservedTenantKey }));\r\n removeStorage(getStorageKey('preserved_tenant_key'));\r\n }\r\n\r\n resetCookieWatcher();\r\n removeStorage(getStorageKey('logout_processing'));\r\n\r\n logger.info('Logout completed – flags set, storage cleared, fresh login required', {\r\n serverLogoutSuccess,\r\n serverResponse,\r\n });\r\n emitAuthEvent(AuthEventNames.LOGOUT_COMPLETED, {\r\n message: serverLogoutSuccess ? 'Server logout success' : 'Local logout only',\r\n });\r\n\r\n return {\r\n success: true,\r\n message: serverLogoutSuccess\r\n ? serverResponse?.message || 'Logout successful. Session cookies cleared. Fresh login required.'\r\n : 'Logged out locally. Fresh login required (server logout may have failed).',\r\n serverResponse,\r\n };\r\n } catch (error) {\r\n logger.error('Logout failed unexpectedly', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n performLocalLogoutCleanup();\r\n\r\n const preservedTenantKey = getStorage(getStorageKey('preserved_tenant_key'));\r\n if (preservedTenantKey) {\r\n setStorage(getStorageKey('props_config'), JSON.stringify({ tenantKey: preservedTenantKey }));\r\n removeStorage(getStorageKey('preserved_tenant_key'));\r\n }\r\n removeStorage(getStorageKey('logout_processing'));\r\n\r\n return {\r\n success: true,\r\n message: 'Logged out locally due to an error. Fresh login required.',\r\n };\r\n }\r\n}\r\n","import { createContext, useContext } from 'react';\r\nimport type { AuthContextValue } from '../domain/auth-state';\r\n\r\nexport const AuthContext = createContext<AuthContextValue | undefined>(undefined);\r\n\r\nexport function useAuthContext(): AuthContextValue {\r\n const context = useContext(AuthContext);\r\n if (!context) {\r\n throw new Error('useAuthContext must be used within AuthProvider');\r\n }\r\n return context;\r\n}\r\n","/**\r\n * Tenant resolution API client.\r\n * Resolves tenant configuration via GET /api/tenant/v1/public/tenants/by-code/{tenantCode}.\r\n */\r\n\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { Config, OAUTH_CONSTANTS } from '../../config';\r\nimport { logger } from '../../utils/logger';\r\n\r\nconst ongoingRequests = new Map<string, Promise<TenantConfig | null>>();\r\nconst DEFAULT_SCOPES = OAUTH_CONSTANTS.SCOPES;\r\n\r\nfunction getResolvedTenantBaseUrl(): string {\r\n let base = Config.getApiTenantResolutionBaseUrl();\r\n if (typeof window !== 'undefined' && (!base || base.startsWith('/'))) {\r\n base = window.location.origin + (base || '/api');\r\n }\r\n return base;\r\n}\r\n\r\nconst PUBLIC_CODE_PREFIX = 'public-';\r\n\r\nfunction getTenantByCodeUrl(tenantCode: string): string {\r\n const apiTenantResolutionBaseUrl = getResolvedTenantBaseUrl();\r\n const base = apiTenantResolutionBaseUrl.replace(/\\/api\\/v1\\/?$/, '') || apiTenantResolutionBaseUrl;\r\n return `${base}/api/v1/tenant/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;\r\n}\r\n\r\ninterface TenantData {\r\n id: string;\r\n clientCode: string;\r\n legalName?: string;\r\n redirectUri?: string;\r\n displayName?: string;\r\n domain?: string;\r\n isDomainVerified?: boolean;\r\n status?: string;\r\n onboardedAt?: Record<string, unknown> | string;\r\n}\r\n\r\ninterface TenantByCodeResponse {\r\n success: boolean;\r\n message: string | null;\r\n data: TenantData | null;\r\n errors: unknown[] | null;\r\n errorCode: string | null;\r\n}\r\n\r\nexport async function resolveTenant(tenantKey: string): Promise<TenantConfig | null> {\r\n if (!tenantKey || tenantKey.trim() === '') {\r\n logger.debug('tenantKey is empty or invalid, skipping API call');\r\n return null;\r\n }\r\n\r\n const tenantCode = tenantKey.trim();\r\n const requestKey = `resolveTenant:${tenantCode}`;\r\n if (ongoingRequests.has(requestKey)) {\r\n logger.debug('Tenant resolution reused (in-flight)', { tenantCode });\r\n return ongoingRequests.get(requestKey)!;\r\n }\r\n\r\n logger.info('Tenant resolution API call', { tenantCode });\r\n\r\n const requestPromise = (async (): Promise<TenantConfig | null> => {\r\n try {\r\n const url = getTenantByCodeUrl(tenantCode);\r\n logger.debug('GET tenant by-code', { url });\r\n\r\n let data: unknown;\r\n try {\r\n const response = await fetch(url, { method: 'GET' });\r\n if (!response.ok) throw new Error(`HTTP ${response.status}`);\r\n data = (await response.json()) as TenantByCodeResponse;\r\n logger.debug('API response received', { tenantCode });\r\n } catch (error) {\r\n logger.warn('API call failed', { tenantCode, error });\r\n return null;\r\n }\r\n\r\n if (!data || typeof data !== 'object') return null;\r\n\r\n const res = data as TenantByCodeResponse;\r\n if (!res.success || !res.data) return null;\r\n\r\n const tenant = res.data;\r\n if (!tenant.id || !tenant.clientCode) return null;\r\n\r\n const authServer = Config.getAuthServerUrl();\r\n const redirectUri = Config.getRedirectUri();\r\n if (!authServer || !redirectUri) return null;\r\n\r\n const clientCodeWithPrefix = tenant.clientCode.startsWith(PUBLIC_CODE_PREFIX)\r\n ? tenant.clientCode\r\n : `${PUBLIC_CODE_PREFIX}${tenant.clientCode}`;\r\n\r\n const config: TenantConfig = {\r\n tenantId: tenant.id,\r\n authServer,\r\n tenantKey: tenantCode,\r\n client: {\r\n clientId: tenant.clientCode,\r\n clientCode: clientCodeWithPrefix,\r\n redirectUri,\r\n scopes: DEFAULT_SCOPES,\r\n },\r\n };\r\n logger.debug('Resolved tenant config', { tenantCode });\r\n return config;\r\n } catch (error) {\r\n logger.warn('Unexpected error resolving tenant', { tenantCode, error });\r\n return null;\r\n } finally {\r\n ongoingRequests.delete(requestKey);\r\n }\r\n })();\r\n\r\n ongoingRequests.set(requestKey, requestPromise);\r\n return requestPromise;\r\n}\r\n","/**\r\n * Browser implementations of runtime interfaces.\r\n * Only used when running in a browser; core has no dependency on this module.\r\n */\r\n\r\nimport type { Logger, UrlProvider, CurrentUrl, ConfigProvider, CookieClearer, TenantResolver } from '../infrastructure/runtime/types';\r\nimport { Config } from '../config';\r\nimport { resolveTenant } from '../infrastructure/tenant/tenant.api';\r\n\r\nexport function createConsoleLogger(): Logger {\r\n return {\r\n info(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.info(message, meta ?? '');\r\n },\r\n warn(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.warn(message, meta ?? '');\r\n },\r\n error(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.error(message, meta ?? '');\r\n },\r\n debug(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.debug(message, meta ?? '');\r\n },\r\n };\r\n}\r\n\r\nexport function createBrowserUrlProvider(): UrlProvider {\r\n return {\r\n getCurrentUrl(): CurrentUrl {\r\n if (typeof window === 'undefined') {\r\n return { href: '', origin: '', pathname: '/', search: '', hostname: '' };\r\n }\r\n const w = window;\r\n const loc = w.location;\r\n return {\r\n href: loc.href,\r\n origin: loc.origin,\r\n pathname: loc.pathname,\r\n search: loc.search,\r\n hostname: loc.hostname,\r\n };\r\n },\r\n redirect(url: string): void {\r\n if (typeof window !== 'undefined') window.location.replace(url);\r\n },\r\n replaceState(url: string): void {\r\n if (typeof window === 'undefined') return;\r\n try {\r\n const title = typeof document !== 'undefined' ? document.title : '';\r\n window.history.replaceState({}, title, url);\r\n } catch {\r\n // ignore\r\n }\r\n },\r\n };\r\n}\r\n\r\n/** ConfigProvider backed by existing Config (which may use window.__APP_CONFIG__). */\r\nexport function createConfigProvider(): ConfigProvider {\r\n return {\r\n getApiBaseUrl: () => Config.getApiAuthBaseUrl(),\r\n getAuthServerUrl: () => Config.getAuthServerUrl(),\r\n getRedirectUri: () => Config.getRedirectUri(),\r\n getClientId: () => Config.getClientId(),\r\n getTenantId: () => Config.getTenantId(),\r\n getClientCode: () => Config.getClientCode(),\r\n getBasePath: () => Config.getBasePath(),\r\n };\r\n}\r\n\r\nexport function createTenantResolver(): TenantResolver {\r\n return { resolve: (tenantKey: string) => resolveTenant(tenantKey) };\r\n}\r\n\r\nexport function createBrowserCookieClearer(): CookieClearer {\r\n return {\r\n clearCookies(): void {\r\n if (typeof document === 'undefined' || typeof window === 'undefined') return;\r\n try {\r\n const cookies = document.cookie.split(';');\r\n cookies.forEach((cookie) => {\r\n const eqPos = cookie.indexOf('=');\r\n const name = eqPos > -1 ? cookie.substring(0, eqPos).trim() : cookie.trim();\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;\r\n const domain = window.location.hostname;\r\n const parts = domain.split('.');\r\n if (parts.length > 1) {\r\n const parentDomain = '.' + parts.slice(-2).join('.');\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=${parentDomain}`;\r\n }\r\n });\r\n } catch {\r\n // silent\r\n }\r\n },\r\n };\r\n}\r\n","/**\r\n * OAuth2 PKCE implementation of AuthStrategy.\r\n * Wraps initiateAuthFlow, handleCallback, refreshAccessToken, and logout.\r\n */\r\n\r\nimport type { AuthStrategy } from '../../strategies/auth-strategy.interface';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { storeTenantConfig, initiateAuthFlow } from './oauth';\r\nimport { handleCallback } from './callback';\r\nimport { refreshAccessToken } from './token-exchange';\r\nimport { logout as performLogout } from '../../application/logout';\r\n\r\nexport function createOAuth2PkceStrategy(): AuthStrategy {\r\n return {\r\n async initiate(tenantConfig: TenantConfig): Promise<void> {\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n },\r\n\r\n async handleCallback(): Promise<boolean> {\r\n return handleCallback();\r\n },\r\n\r\n async refresh(): Promise<string> {\r\n return refreshAccessToken();\r\n },\r\n\r\n async logout(options?: { tenantKey?: string }): Promise<void> {\r\n await performLogout(options?.tenantKey);\r\n },\r\n };\r\n}\r\n","/**\r\n * Simple EventBus for engine state updates.\r\n */\r\n\r\nimport type { AuthEngineState, AuthStateListener } from './types';\r\n\r\nexport function createEventBus(): {\r\n subscribe(listener: AuthStateListener): () => void;\r\n emit(state: AuthEngineState): void;\r\n} {\r\n const listeners = new Set<AuthStateListener>();\r\n\r\n return {\r\n subscribe(listener: AuthStateListener): () => void {\r\n listeners.add(listener);\r\n return () => listeners.delete(listener);\r\n },\r\n emit(state: AuthEngineState): void {\r\n listeners.forEach((fn) => {\r\n try {\r\n fn(state);\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n },\r\n };\r\n}\r\n","/**\r\n * Creates the auth engine. No React, no direct browser usage.\r\n */\r\n\r\nimport { setAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport { runBootstrap } from '../run-bootstrap';\r\nimport { createOAuth2PkceStrategy } from '../../strategies/oauth2-pkce/OAuth2PkceStrategy';\r\nimport { ensureValidAccessToken } from '../token';\r\nimport {\r\n getAccessToken,\r\n getExpiresAt,\r\n isAccessTokenExpired,\r\n} from '../../infrastructure/storage/index';\r\nimport { createEventBus } from './eventBus';\r\nimport type { AuthEngine, AuthEngineConfig, AuthEngineState } from './types';\r\n\r\nfunction stateEquals(a: AuthEngineState, b: AuthEngineState): boolean {\r\n return (\r\n a.status === b.status &&\r\n a.accessToken === b.accessToken &&\r\n a.expiresAt === b.expiresAt &&\r\n a.error === b.error\r\n );\r\n}\r\n\r\nfunction deriveState(config: AuthEngineConfig): AuthEngineState {\r\n setAuthRuntime(config);\r\n const accessToken = getAccessToken();\r\n const expiresAt = getExpiresAt();\r\n const expired = isAccessTokenExpired();\r\n\r\n if (accessToken && !expired) {\r\n return {\r\n status: 'authenticated',\r\n accessToken,\r\n expiresAt,\r\n error: null,\r\n };\r\n }\r\n if (accessToken && expired) {\r\n return {\r\n status: 'error',\r\n accessToken,\r\n expiresAt,\r\n error: 'Token expired',\r\n };\r\n }\r\n return {\r\n status: 'unauthenticated',\r\n accessToken: null,\r\n expiresAt: null,\r\n error: null,\r\n };\r\n}\r\n\r\nexport function createAuthEngine(config: AuthEngineConfig): AuthEngine {\r\n const frozenConfig = Object.freeze({ ...config }) as AuthEngineConfig;\r\n const bus = createEventBus();\r\n let lastEmittedState: AuthEngineState | null = null;\r\n const strategy = frozenConfig.strategy ?? createOAuth2PkceStrategy();\r\n\r\n const emitState = (): void => {\r\n const next = deriveState(frozenConfig);\r\n if (lastEmittedState !== null && stateEquals(lastEmittedState, next)) return;\r\n lastEmittedState = next;\r\n bus.emit(next);\r\n };\r\n\r\n return {\r\n async init(): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine init: running bootstrap');\r\n await runBootstrap();\r\n emitState();\r\n },\r\n\r\n async login(): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine login: running bootstrap (may redirect)');\r\n await runBootstrap();\r\n emitState();\r\n },\r\n\r\n async logout(options?: { tenantKey?: string }): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine logout');\r\n await strategy.logout(options);\r\n emitState();\r\n },\r\n\r\n async refresh(): Promise<string> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine refresh');\r\n try {\r\n const token = await strategy.refresh();\r\n emitState();\r\n return token;\r\n } catch (e) {\r\n emitState();\r\n throw e;\r\n }\r\n },\r\n\r\n async getAccessToken(): Promise<string> {\r\n setAuthRuntime(frozenConfig);\r\n return ensureValidAccessToken();\r\n },\r\n\r\n async handleCallback(): Promise<boolean> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine handleCallback');\r\n const handled = await strategy.handleCallback();\r\n emitState();\r\n return handled;\r\n },\r\n\r\n subscribe(listener) {\r\n return bus.subscribe(listener);\r\n },\r\n\r\n getState(): AuthEngineState {\r\n return deriveState(frozenConfig);\r\n },\r\n };\r\n}\r\n","/**\n * React Context Provider for authentication state (FINAL)\n */\n\nimport React, { useState, useEffect, useLayoutEffect, useCallback, useMemo, useRef } from 'react';\nimport {\n getAccessToken as getStoredAccessToken,\n isAccessTokenExpired,\n} from '../infrastructure/storage/index';\nimport {\n startStorageWatcher,\n stopStorageWatcher,\n} from '../infrastructure/watchers';\nimport {\n startCookieWatcher,\n stopCookieWatcher,\n resetCookieWatcher,\n} from '../infrastructure/watchers';\nimport type { AuthContextValue, AuthState } from '../domain/auth-state';\nimport { AuthContext, useAuthContext } from './AuthContext';\nimport { Config, setConfig as setSDKConfig, clearConfigOverrides } from '../config';\nimport {\n setStorageContext,\n createSecureSessionStorageAdapter,\n setStorageKeyPrefix,\n getStorageKey,\n type StorageAdapter,\n} from '../infrastructure/storage/index';\nimport { setAuthRuntime } from '../infrastructure/runtime/context';\nimport {\n createConsoleLogger,\n createBrowserUrlProvider,\n createConfigProvider,\n createTenantResolver,\n createBrowserCookieClearer,\n} from '../browser/adapters';\nimport { getStorage, setStorage, removeStorage } from '../infrastructure/storage/index';\nimport { clearFlowFlags, clearCallbackProcessing } from '../application/lifecycle-state';\nimport { createAuthEngine } from '../application/engine/createEngine';\nimport { setDefaultAuthEngine } from '../application/engine/defaultEngine';\nimport type { AuthEngine } from '../application/engine/types';\nimport { logger } from '../utils/logger';\n\ninterface AuthProviderProps {\n children: React.ReactNode;\n autoInit?: boolean;\n /** Tenant code from host app (used to resolve tenant via GET /api/tenant/v1/public/tenants/by-code/{tenantCode}). */\n tenantCode?: string;\n /** App id for storage namespacing (auth_${tenantId}_${appId}_*). */\n appId?: string;\n /** Optional storage adapter; default is SecureSessionStorageAdapter with namespacing. */\n storageAdapter?: StorageAdapter | null;\n}\n\n/**\n * AuthProvider – UI-facing auth state only\n */\nexport function AuthProvider({\n children,\n autoInit = true,\n tenantCode,\n appId = '',\n storageAdapter,\n}: AuthProviderProps): React.JSX.Element {\n const resolvedTenantKey = tenantCode ?? Config.getClientCode();\n const namespace = useMemo(\n () => ({ tenantId: resolvedTenantKey ?? '', appId: appId ?? '' }),\n [resolvedTenantKey, appId]\n );\n const initRanRef = useRef(false);\n const engineRef = useRef<AuthEngine | null>(null);\n\n useLayoutEffect(() => {\n if (tenantCode) {\n setSDKConfig({ CLIENTCODE: tenantCode });\n }\n return () => {\n clearConfigOverrides();\n };\n }, [tenantCode]);\n\n useLayoutEffect(() => {\n setStorageKeyPrefix(resolvedTenantKey ?? '');\n const adapter =\n storageAdapter !== undefined && storageAdapter !== null\n ? storageAdapter\n : createSecureSessionStorageAdapter(namespace);\n setStorageContext(adapter, namespace);\n const runtime = {\n storageAdapter: adapter,\n storageNamespace: namespace,\n logger: createConsoleLogger(),\n urlProvider: createBrowserUrlProvider(),\n configProvider: createConfigProvider(),\n tenantResolver: createTenantResolver(),\n clearCookies: createBrowserCookieClearer(),\n };\n setAuthRuntime(runtime);\n engineRef.current = createAuthEngine(runtime);\n setDefaultAuthEngine(engineRef.current);\n return () => {\n setDefaultAuthEngine(null);\n engineRef.current = null;\n setAuthRuntime(null);\n setStorageContext(null, { tenantId: '', appId: '' });\n setStorageKeyPrefix('');\n };\n }, [resolvedTenantKey, appId, storageAdapter]);\n\n // Store tenantCode in sessionStorage so bootstrap can resolve tenant via API (by-code)\n useEffect(() => {\n const resolvedTenantKey = tenantCode ?? Config.getClientCode();\n\n logger.debug('[AuthProvider] Props from host app', {\n tenantCode: tenantCode ?? '(not provided)',\n appId: appId ?? '',\n resolvedTenantKey,\n });\n\n if (resolvedTenantKey) {\n const previousTenantKey = getStorage(getStorageKey('tenant_key'));\n const tenantKeyChanged = previousTenantKey && previousTenantKey !== resolvedTenantKey;\n\n if (tenantKeyChanged) {\n logger.debug('[AuthProvider] Tenant switch detected', { previous: previousTenantKey, next: resolvedTenantKey });\n\n if (typeof window !== 'undefined') {\n const currentUrl = window.location.href;\n const isCallback = currentUrl.includes('code=') || currentUrl.includes('state=');\n if (isCallback) {\n const cleanUrl = window.location.origin + window.location.pathname;\n window.history.replaceState({}, document.title, cleanUrl);\n }\n }\n\n removeStorage(getStorageKey('access_token'));\n removeStorage(getStorageKey('refresh_token'));\n removeStorage(getStorageKey('expires_at'));\n removeStorage(getStorageKey('id_token'));\n removeStorage(getStorageKey('state'));\n removeStorage(getStorageKey('code_verifier'));\n removeStorage(getStorageKey('callback_processed'));\n clearCallbackProcessing();\n clearFlowFlags();\n removeStorage(getStorageKey('tenant_id'));\n if (typeof window !== 'undefined') {\n window.localStorage.removeItem(getStorageKey('force_login'));\n window.localStorage.removeItem(getStorageKey('logout_in_progress'));\n }\n\n setStorage(getStorageKey('props_changed'), 'true');\n setStorage(getStorageKey('tenant_switched'), 'true');\n setStorage(getStorageKey('new_tenant_key'), resolvedTenantKey);\n\n setState({\n isAuthenticated: false,\n accessToken: null,\n isLoading: true,\n error: null,\n });\n } else if (previousTenantKey) {\n logger.debug('[AuthProvider] TenantKey unchanged', { tenantKey: resolvedTenantKey });\n }\n\n // Only tenantCode from host; tenantId and clientId come from tenant API\n setStorage(getStorageKey('props_config'), JSON.stringify({ tenantKey: resolvedTenantKey }));\n setStorage(getStorageKey('tenant_key'), resolvedTenantKey);\n } else {\n logger.debug('[AuthProvider] No tenant code determined');\n }\n }, [tenantCode, appId]);\n\n const [state, setState] = useState<AuthState>({\n isAuthenticated: false,\n accessToken: null,\n isLoading: autoInit,\n error: null,\n });\n\n /**\n * Sync auth state from engine (or storage when engine not yet ready)\n */\n const syncAuthState = useCallback(() => {\n try {\n const engine = engineRef.current;\n let authenticated: boolean;\n let accessToken: string | null;\n let error: string | null = null;\n\n if (engine) {\n const s = engine.getState();\n authenticated = s.status === 'authenticated' && !!s.accessToken;\n accessToken = s.accessToken;\n error = s.error;\n } else {\n accessToken = getStoredAccessToken();\n authenticated = !!accessToken && !isAccessTokenExpired();\n }\n\n setState({\n isAuthenticated: authenticated,\n accessToken,\n isLoading: false,\n error,\n });\n\n if (authenticated) {\n } else {\n stopStorageWatcher();\n stopCookieWatcher();\n }\n } catch (error) {\n stopStorageWatcher();\n stopCookieWatcher();\n setState({\n isAuthenticated: false,\n accessToken: null,\n isLoading: false,\n error: error instanceof Error ? error.message : 'Unknown error',\n });\n }\n }, []);\n\n /**\n * Re-bootstrap when props change indicates tenant switch or config update.\n * This ensures tenantKey changes actually trigger a fresh resolve + login.\n */\n useEffect(() => {\n if (!autoInit) return;\n\n const tenantSwitched = getStorage(getStorageKey('tenant_switched')) === 'true';\n const propsChanged = getStorage(getStorageKey('props_changed')) === 'true';\n if (!tenantSwitched && !propsChanged) return;\n\n let cancelled = false;\n\n const reinit = async () => {\n try {\n await engineRef.current?.init();\n if (!cancelled) {\n syncAuthState();\n }\n } finally {\n removeStorage(getStorageKey('props_changed'));\n }\n };\n\n reinit();\n\n return () => {\n cancelled = true;\n };\n }, [autoInit, tenantCode, syncAuthState]);\n\n /**\n * Bootstrap auth on mount (once). initRanRef avoids double run in React StrictMode.\n */\n useEffect(() => {\n if (!autoInit) {\n setState((prev) => ({ ...prev, isLoading: false }));\n return;\n }\n if (initRanRef.current) return;\n initRanRef.current = true;\n\n let cancelled = false;\n\n const init = async () => {\n try {\n await engineRef.current?.init();\n if (!cancelled) syncAuthState();\n } catch (error) {\n stopStorageWatcher();\n stopCookieWatcher();\n if (!cancelled) {\n setState({\n isAuthenticated: false,\n accessToken: null,\n isLoading: false,\n error: error instanceof Error ? error.message : 'Authentication initialization failed',\n });\n }\n }\n };\n\n init();\n\n return () => {\n cancelled = true;\n initRanRef.current = false;\n stopStorageWatcher();\n stopCookieWatcher();\n };\n }, [autoInit, syncAuthState]);\n\n /**\n * Explicit login (user action)\n */\n const login = useCallback(async () => {\n setState((prev) => ({ ...prev, isLoading: true }));\n await engineRef.current?.login();\n syncAuthState();\n }, [syncAuthState]);\n\n /**\n * Logout – HARD RESET\n */\n const logout = useCallback(async () => {\n stopStorageWatcher();\n stopCookieWatcher();\n setState((prev) => ({ ...prev, isLoading: true }));\n\n try {\n await engineRef.current?.logout({ tenantKey: tenantCode });\n resetCookieWatcher();\n } finally {\n stopStorageWatcher();\n stopCookieWatcher();\n setState({\n isAuthenticated: false,\n accessToken: null,\n isLoading: false,\n error: null,\n });\n }\n }, [tenantCode]);\n\n /**\n * Refresh token explicitly\n */\n const refreshToken = useCallback(async (): Promise<string> => {\n try {\n const newToken = (await engineRef.current?.refresh()) ?? '';\n syncAuthState();\n return newToken;\n } catch (error) {\n await logout();\n throw error;\n }\n }, [syncAuthState, logout]);\n\n /**\n * Get access token (auto-refresh)\n */\n const getValidAccessToken = useCallback(async (): Promise<string> => {\n try {\n const token = await engineRef.current?.getAccessToken();\n if (!token) throw new Error('Not authenticated');\n syncAuthState();\n return token;\n } catch (error) {\n await logout();\n throw error;\n }\n }, [syncAuthState, logout]);\n\n /**\n * Set access token in memory/context (used by AuthCallback)\n */\n const setTokens = useCallback((accessToken: string): void => {\n setState({\n isAuthenticated: true,\n accessToken,\n isLoading: false,\n error: null,\n });\n }, []);\n\n const contextValue = useMemo<AuthContextValue>(\n () => ({\n ...state,\n login,\n logout,\n refreshToken,\n getAccessToken: getValidAccessToken,\n setTokens,\n }),\n [state, login, logout, refreshToken, getValidAccessToken, setTokens]\n );\n\n return (\n <AuthContext.Provider value={contextValue}>\n {children}\n </AuthContext.Provider>\n );\n}\n\nexport { useAuthContext };\n","import React, { useEffect, useRef, useState } from 'react';\r\nimport { getStorage, getStorageKey, getAccessToken } from '../infrastructure/storage/index';\r\nimport { useAuthContext } from '../context/AuthProvider';\r\nimport { handleCallback } from '../strategies/oauth2-pkce/callback';\r\n\r\nconst PLUGIN_DISPLAY_NAME = 'Tenneo Auth';\r\n\r\ntype StatusState = 'idle' | 'loading' | 'success' | 'error';\r\n\r\ninterface AuthCallbackProps {\r\n loginPath?: string;\r\n successPath?: string;\r\n homePath?: string;\r\n}\r\n\r\nexport function AuthCallback({\r\n loginPath = '/login',\r\n successPath = '/dashboard',\r\n homePath = '/',\r\n}: AuthCallbackProps): React.JSX.Element {\r\n const { setTokens } = useAuthContext();\r\n const handledRef = useRef(false);\r\n const [status, setStatus] = useState<StatusState>('idle');\r\n const [message, setMessage] = useState<string>('');\r\n\r\n useEffect(() => {\r\n if (handledRef.current) return;\r\n handledRef.current = true;\r\n\r\n const urlParams = new URLSearchParams(window.location.search);\r\n const hasCallbackParams = urlParams.has('code') || urlParams.has('error');\r\n\r\n if (!hasCallbackParams) {\r\n window.location.replace(loginPath || homePath);\r\n return;\r\n }\r\n\r\n const error = urlParams.get('error');\r\n const errorDescription = urlParams.get('error_description');\r\n if (error) {\r\n setStatus('error');\r\n setMessage(`${error}: ${errorDescription || 'Authorization failed'}`);\r\n window.history.replaceState({}, document.title, window.location.origin + window.location.pathname);\r\n return;\r\n }\r\n\r\n const runCallback = async () => {\r\n setStatus('loading');\r\n setMessage('Completing sign-in...');\r\n\r\n // Single source of truth: handleCallback() does validation + exchangeCodeForTokens once\r\n const handled = await handleCallback();\r\n\r\n if (handled) {\r\n const token = getAccessToken();\r\n if (token) setTokens(token);\r\n setStatus('success');\r\n setMessage('Authentication successful. Redirecting...');\r\n window.location.replace(successPath);\r\n } else {\r\n setStatus('error');\r\n setMessage('Authentication failed. Please try again.');\r\n window.history.replaceState({}, document.title, window.location.origin + window.location.pathname);\r\n }\r\n };\r\n\r\n runCallback();\r\n }, [homePath, loginPath, successPath, setTokens]);\r\n\r\n const containerStyle: React.CSSProperties = {\r\n minHeight: '200px',\r\n display: 'flex',\r\n flexDirection: 'column',\r\n alignItems: 'center',\r\n justifyContent: 'center',\r\n padding: 32,\r\n fontFamily: 'system-ui, -apple-system, Segoe UI, Roboto, sans-serif',\r\n textAlign: 'center',\r\n };\r\n\r\n const titleStyle: React.CSSProperties = {\r\n margin: 0,\r\n fontSize: '1.25rem',\r\n fontWeight: 600,\r\n color: '#1a1a1a',\r\n marginBottom: 8,\r\n };\r\n\r\n const messageStyle: React.CSSProperties = {\r\n margin: 0,\r\n fontSize: '0.9375rem',\r\n color: '#555',\r\n lineHeight: 1.5,\r\n maxWidth: 360,\r\n };\r\n\r\n const errorBoxStyle: React.CSSProperties = {\r\n marginTop: 16,\r\n padding: '12px 16px',\r\n backgroundColor: '#fef2f2',\r\n border: '1px solid #fecaca',\r\n borderRadius: 8,\r\n color: '#991b1b',\r\n fontSize: '0.875rem',\r\n maxWidth: 360,\r\n };\r\n\r\n const retryLinkStyle: React.CSSProperties = {\r\n marginTop: 16,\r\n fontSize: '0.875rem',\r\n color: '#2563eb',\r\n textDecoration: 'none',\r\n cursor: 'pointer',\r\n };\r\n\r\n const spinnerStyle: React.CSSProperties = {\r\n width: 28,\r\n height: 28,\r\n border: '3px solid #e5e7eb',\r\n borderTopColor: '#2563eb',\r\n borderRadius: '50%',\r\n animation: 'auth-callback-spin 0.8s linear infinite',\r\n marginBottom: 16,\r\n };\r\n\r\n const pluginNameStyle: React.CSSProperties = {\r\n position: 'absolute',\r\n top: 24,\r\n left: '50%',\r\n transform: 'translateX(-50%)',\r\n margin: 0,\r\n fontSize: '0.875rem',\r\n fontWeight: 600,\r\n color: '#6b7280',\r\n letterSpacing: '0.02em',\r\n };\r\n\r\n return (\r\n <div style={{ ...containerStyle, position: 'relative' }}>\r\n <style>{`@keyframes auth-callback-spin { to { transform: rotate(360deg); } }`}</style>\r\n <p style={pluginNameStyle}>{PLUGIN_DISPLAY_NAME}</p>\r\n {status === 'loading' && (\r\n <>\r\n <div style={spinnerStyle} aria-hidden />\r\n <h2 style={titleStyle}>Signing you in...</h2>\r\n <p style={messageStyle}>Please wait while we complete authentication.</p>\r\n </>\r\n )}\r\n {status === 'success' && (\r\n <>\r\n <h2 style={titleStyle}>Signed in successfully</h2>\r\n <p style={messageStyle}>Redirecting you now.</p>\r\n </>\r\n )}\r\n {status === 'error' && (\r\n <>\r\n <h2 style={{ ...titleStyle, color: '#991b1b' }}>Authentication failed</h2>\r\n <div style={errorBoxStyle}>{message}</div>\r\n <a\r\n href={loginPath}\r\n style={retryLinkStyle}\r\n onClick={(e) => {\r\n e.preventDefault();\r\n window.location.href = loginPath;\r\n }}\r\n >\r\n Try again\r\n </a>\r\n </>\r\n )}\r\n {status === 'idle' && (\r\n <>\r\n <div style={spinnerStyle} aria-hidden />\r\n <h2 style={titleStyle}>Preparing callback...</h2>\r\n <p style={messageStyle}>Setting up authentication.</p>\r\n </>\r\n )}\r\n </div>\r\n );\r\n}\r\n","/**\r\n * useAuth hook for accessing authentication state and methods\r\n */\r\n\r\nimport { useAuthContext } from '../context/AuthProvider';\r\nimport type { AuthContextValue } from '../domain/auth-state';\r\n\r\n/**\r\n * Hook to access authentication state and methods\r\n * @returns Authentication context value\r\n */\r\nexport function useAuth(): AuthContextValue {\r\n return useAuthContext();\r\n}\r\n\r\n","import React, { useEffect, useRef, useState } from 'react';\r\nimport { useAuth } from '../hooks/useAuth';\r\n\r\ninterface ProtectedRouteProps {\r\n children: React.ReactNode;\r\n fallback?: React.ReactNode;\r\n autoLogin?: boolean;\r\n}\r\n\r\nexport function ProtectedRoute({\r\n children,\r\n fallback = null,\r\n autoLogin = true,\r\n}: ProtectedRouteProps): React.JSX.Element {\r\n const { isAuthenticated, getAccessToken, login } = useAuth();\r\n const [ready, setReady] = useState(false);\r\n const loginTriggeredRef = useRef(false);\r\n\r\n useEffect(() => {\r\n let cancelled = false;\r\n\r\n const run = async () => {\r\n if (isAuthenticated) {\r\n if (!cancelled) setReady(true);\r\n return;\r\n }\r\n\r\n try {\r\n await getAccessToken();\r\n if (!cancelled) setReady(true);\r\n } catch {\r\n if (autoLogin && !loginTriggeredRef.current) {\r\n loginTriggeredRef.current = true;\r\n await login();\r\n }\r\n if (!cancelled) setReady(false);\r\n }\r\n };\r\n\r\n run();\r\n\r\n return () => {\r\n cancelled = true;\r\n };\r\n }, [autoLogin, getAccessToken, isAuthenticated, login]);\r\n\r\n if (!ready || !isAuthenticated) {\r\n return <>{fallback}</>;\r\n }\r\n\r\n return <>{children}</>;\r\n}\r\n","/**\r\n * useAuthInit hook\r\n * \r\n * RULES:\r\n * - Only prevents parallel init calls\r\n * - Does NOT block based on flags (bootstrap handles that)\r\n */\r\n\r\nimport { useRef, useState, useCallback, useEffect, useMemo } from 'react';\r\nimport { bootstrap } from '../application/bootstrap';\r\n\r\ninterface UseAuthInitResult {\r\n isLoading: boolean;\r\n error: string | null;\r\n init: () => Promise<void>;\r\n}\r\n\r\nexport function useAuthInit(): UseAuthInitResult {\r\n const [isLoading, setIsLoading] = useState(false);\r\n const [error, setError] = useState<string | null>(null);\r\n\r\n // Prevent parallel init calls\r\n const inProgressRef = useRef(false);\r\n\r\n // Prevent setState after unmount\r\n const mountedRef = useRef(true);\r\n\r\n useEffect(() => {\r\n return () => {\r\n mountedRef.current = false;\r\n };\r\n }, []);\r\n\r\n const init = useCallback(async () => {\r\n // Prevent duplicate init calls\r\n if (inProgressRef.current) {\r\n return;\r\n }\r\n\r\n inProgressRef.current = true;\r\n\r\n if (mountedRef.current) {\r\n setIsLoading(true);\r\n setError(null);\r\n }\r\n\r\n try {\r\n // Bootstrap handles all decision logic (force login, callback, etc.)\r\n await bootstrap();\r\n } catch (err) {\r\n if (mountedRef.current) {\r\n setError(\r\n err instanceof Error\r\n ? err.message\r\n : 'Authentication initialization failed',\r\n );\r\n }\r\n } finally {\r\n inProgressRef.current = false;\r\n\r\n if (mountedRef.current) {\r\n setIsLoading(false);\r\n }\r\n }\r\n }, []);\r\n\r\n return useMemo(\r\n () => ({ isLoading, error, init }),\r\n [isLoading, error, init]\r\n );\r\n}\r\n"]}