tenneo-auth-plugin 1.0.3 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/infrastructure/runtime/context.ts","../src/domain/tenant.ts","../src/infrastructure/storage/prefix.ts","../src/infrastructure/storage/namespace.ts","../src/infrastructure/storage/context.ts","../src/infrastructure/storage/memory-adapter.ts","../src/infrastructure/storage/session-adapter.ts","../src/infrastructure/storage/cookie-adapter.ts","../src/infrastructure/storage/kv.ts","../src/infrastructure/storage/api.ts","../src/utils/logger.ts","../src/config/resolver-core.ts","../src/config/host-fields.ts","../src/domain/errors.ts","../src/domain/auth-lifecycle.ts","../src/application/lifecycle-state.ts","../src/application/events/AuthEvents.ts","../src/config/constants.ts","../src/config/index.ts","../src/infrastructure/tenant/TenantConfigCache.ts","../src/infrastructure/tenant/tenantResolution.ts","../src/application/domain-facade.ts","../src/strategies/oauth2-pkce/token-exchange.ts","../src/strategies/oauth2-pkce/pkce.ts","../src/utils/validation.ts","../src/application/security/redirectLoopGuard.ts","../src/strategies/oauth2-pkce/oauth.ts","../src/strategies/oauth2-pkce/callback.ts","../src/application/flows/CallbackFlow.ts","../src/application/flows/AuthenticatedFlow.ts","../src/application/engine/defaultEngine.ts","../src/application/token.ts","../src/application/flows/RefreshFlow.ts","../src/application/flows/TenantSwitchFlow.ts","../src/application/flows/LoginFlow.ts","../src/application/flows/getFlowForState.ts","../src/application/run-bootstrap.ts","../src/infrastructure/watchers/callbacks.ts","../src/application/bootstrap.ts","../src/infrastructure/watchers/watcher-guard.ts","../src/strategies/cookie/cookie-auth.ts","../src/infrastructure/watchers/cookie-watcher.ts","../src/infrastructure/watchers/storage-watcher.ts","../src/utils/cookies.ts","../src/application/logout.ts","../src/context/AuthContext.tsx","../src/infrastructure/tenant/tenant.api.ts","../src/browser/adapters.ts","../src/strategies/oauth2-pkce/OAuth2PkceStrategy.ts","../src/application/engine/eventBus.ts","../src/application/engine/createEngine.ts","../src/context/AuthProvider.tsx","../src/components/AuthCallback.tsx","../src/hooks/useAuth.ts","../src/components/ProtectedRoute.tsx","../src/hooks/useAuthInit.ts"],"names":["trim","isDev","getStorage","isCallbackUrl","STORAGE_KEYS","getAuthConfig","getRedirectUri","isLocalhost","existingToken","tokenValid","getAccessToken","isWatching","DEFAULT_SCOPES","listeners","resolvedTenantKey","logout","useRef","useState","useEffect","jsx","Fragment","useCallback","useMemo"],"mappings":";;;;;AAOA,IAAI,cAAA,GAAqC,IAAA;AAElC,SAAS,eAAe,OAAA,EAAmC;AAChE,EAAA,cAAA,GAAiB,OAAA;AACnB;AAEO,SAAS,cAAA,GAAqC;AACnD,EAAA,OAAO,cAAA;AACT;;;ACCO,SAAS,YAAY,QAAA,EAA2B;AACrD,EAAA,OACE,aAAa,WAAA,IACb,QAAA,KAAa,WAAA,IACb,QAAA,KAAa,WACb,QAAA,CAAS,UAAA,CAAW,UAAU,CAAA,IAC9B,SAAS,UAAA,CAAW,KAAK,CAAA,IACzB,QAAA,CAAS,SAAS,QAAQ,CAAA;AAE9B;AAkEO,SAAS,qBAAqB,GAAA,EAAuB;AAC1D,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,GAAA,CAAI,MAAM,CAAA;AAC7C,EAAA,OAAO,OAAO,GAAA,CAAI,MAAM,CAAA,IAAK,MAAA,CAAO,IAAI,OAAO,CAAA;AACjD;;;ACzFA,IAAM,cAAA,GAAiB,cAAA;AAEvB,IAAI,aAAA,GAAgB,cAAA;AAEb,SAAS,mBAAA,GAA8B;AAC5C,EAAA,OAAO,aAAA;AACT;AAKA,SAAS,oBAAoB,UAAA,EAA4B;AACvD,EAAA,MAAM,OAAA,GAAU,WAAW,IAAA,EAAK;AAChC,EAAA,IAAI,CAAC,SAAS,OAAO,EAAA;AACrB,EAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,gBAAA,EAAkB,GAAG,EAAE,WAAA,EAAY;AAC5D;AAMO,SAAS,oBAAoB,UAAA,EAA0B;AAC5D,EAAA,MAAM,UAAA,GAAa,oBAAoB,UAAU,CAAA;AACjD,EAAA,aAAA,GAAgB,UAAA,GAAa,CAAA,EAAG,UAAU,CAAA,MAAA,CAAA,GAAW,cAAA;AACvD;AAKO,SAAS,cAAc,MAAA,EAAwB;AACpD,EAAA,OAAO,qBAAoB,GAAI,MAAA;AACjC;;;ACvBO,SAAS,eAAA,CACd,IACA,MAAA,EACQ;AACR,EAAA,MAAM,EAAE,QAAA,EAAU,KAAA,EAAM,GAAI,EAAA;AAC5B,EAAA,IAAI,CAAC,QAAA,IAAY,CAAC,KAAA,EAAO;AACvB,IAAA,OAAO,CAAA,EAAG,mBAAA,EAAqB,CAAA,EAAG,MAAM,CAAA,CAAA;AAAA,EAC1C;AACA,EAAA,MAAM,MAAM,QAAA,IAAY,EAAA;AACxB,EAAA,MAAM,MAAM,KAAA,IAAS,EAAA;AACrB,EAAA,OAAO,CAAA,KAAA,EAAQ,GAAG,CAAA,CAAA,EAAI,GAAG,IAAI,MAAM,CAAA,CAAA;AACrC;AAGO,IAAM,kBAAA,GAAqB;AAAA,EAChC,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,SAAA,EAAW;AACb,CAAA;AAGO,IAAM,mBAAA,GAAsB;AAAA,EACjC,aAAA,EAAe,iBAAA;AAAA,EACf,QAAA,EAAU,WAAA;AAAA,EACV,WAAA,EAAa,cAAA;AAAA,EACb,QAAA,EAAU,WAAA;AAAA,EACV,SAAA,EAAW,YAAA;AAAA,EACX,YAAA,EAAc,eAAA;AAAA,EACd,KAAA,EAAO,OAAA;AAAA,EACP,iBAAA,EAAmB,oBAAA;AAAA,EACnB,kBAAA,EAAoB,qBAAA;AAAA,EACpB,iBAAA,EAAmB,oBAAA;AAAA,EACnB,cAAA,EAAgB,kBAAA;AAAA,EAChB,aAAA,EAAe,gBAAA;AAAA,EACf,gBAAA,EAAkB,mBAAA;AAAA,EAClB,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,cAAA,EAAgB,iBAAA;AAAA,EAChB,YAAA,EAAc,gBAAA;AAAA,EACd,aAAA,EAAe,gBAAA;AAAA,EACf,mBAAA,EAAqB,uBAAA;AAAA,EACrB,kBAAA,EAAoB,qBAAA;AAAA,EACpB,eAAA,EAAiB;AACnB,CAAA;;;AC/CA,IAAI,cAAA,GAAwC,IAAA;AAC5C,IAAI,gBAAA,GAAqC,EAAE,QAAA,EAAU,EAAA,EAAI,OAAO,EAAA,EAAG;AAE5D,SAAS,iBAAA,CACd,OAAA,EACA,SAAA,GAAuC,EAAC,EAClC;AACN,EAAA,cAAA,GAAiB,OAAA;AACjB,EAAA,gBAAA,GAAmB;AAAA,IACjB,QAAA,EAAU,UAAU,QAAA,IAAY,EAAA;AAAA,IAChC,KAAA,EAAO,UAAU,KAAA,IAAS;AAAA,GAC5B;AACF;AAEO,SAAS,iBAAA,GAA2C;AACzD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,OAAA,EAAS,cAAA,EAAgB,OAAO,OAAA,CAAQ,cAAA;AAC5C,EAAA,OAAO,cAAA;AACT;AAEO,SAAS,mBAAA,GAAwC;AACtD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,SAAS,gBAAA,EAAkB,OAAO,EAAE,GAAG,QAAQ,gBAAA,EAAiB;AACpE,EAAA,OAAO,EAAE,GAAG,gBAAA,EAAiB;AAC/B;;;ACzBO,SAAS,2BACd,SAAA,EACgB;AAChB,EAAA,MAAM,KAAA,uBAAY,GAAA,EAAoB;AAEtC,EAAA,MAAM,gBAAgB,MAAyB;AAC7C,IAAA,MAAM,WAAA,GAAc,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA,IAAK,IAAA;AAC7F,IAAA,MAAM,YAAA,GAAe,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA,IAAK,IAAA;AAC/F,IAAA,MAAM,YAAA,GAAe,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA,IAAK,IAAA;AAC5F,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,IAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,IAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,IAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,EAChD,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,OAAO,aAAA,EAAc;AAAA,IACvB,CAAA;AAAA,IACA,aAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACxF,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AAC1F,MAAA,KAAA,CAAM,GAAA,CAAI,gBAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,IAC9F,CAAA;AAAA,IACA,cAAc,MAAA,EAA0B;AACtC,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACxF,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AAC1F,MAAA,KAAA,CAAM,GAAA,CAAI,gBAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,IAC9F,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvE,CAAA;AAAA,IACA,eAAA,GAAwB;AACtB,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvE,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,OAAO,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,IAC3B,CAAA;AAAA,IACA,YAAY,GAAA,EAA4B;AACtC,MAAA,OAAO,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,IAC3B,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,KAAA,CAAM,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,IACtB,CAAA;AAAA,IACA,WAAA,CAAY,KAAa,KAAA,EAAqB;AAC5C,MAAA,KAAA,CAAM,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,IACtB,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,IAClB,CAAA;AAAA,IACA,eAAe,GAAA,EAAmB;AAChC,MAAA,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,IAClB,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,KAAA,CAAM,KAAA,EAAM;AAAA,IACd,CAAA;AAAA,IACA,SAAA,GAAkB;AAChB,MAAA,KAAA,CAAM,KAAA,EAAM;AAAA,IACd;AAAA,GACF;AACF;;;ACtEA,SAAS,iBAAA,GAAoC;AAC3C,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,EAAA,IAAI;AACF,IAAA,OAAO,MAAA,CAAO,cAAA;AAAA,EAChB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEO,SAAS,kCACd,SAAA,EACgB;AAChB,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,OAAO,kBAAkB,SAAS,CAAA;AAAA,IACpC,CAAA;AAAA,IACA,aAAA,GAAmC;AACjC,MAAA,OAAO,kBAAkB,SAAS,CAAA;AAAA,IACpC,CAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,iBAAA,CAAkB,WAAW,MAAM,CAAA;AAAA,IACrC,CAAA;AAAA,IACA,cAAc,MAAA,EAA0B;AACtC,MAAA,iBAAA,CAAkB,WAAW,MAAM,CAAA;AAAA,IACrC,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,mBAAA,CAAoB,SAAS,CAAA;AAAA,IAC/B,CAAA;AAAA,IACA,eAAA,GAAwB;AACtB,MAAA,mBAAA,CAAoB,SAAS,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,OAAO,gBAAgB,GAAG,CAAA;AAAA,IAC5B,CAAA;AAAA,IACA,YAAY,GAAA,EAA4B;AACtC,MAAA,OAAO,gBAAgB,GAAG,CAAA;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,eAAA,CAAgB,KAAK,KAAK,CAAA;AAAA,IAC5B,CAAA;AAAA,IACA,WAAA,CAAY,KAAa,KAAA,EAAqB;AAC5C,MAAA,eAAA,CAAgB,KAAK,KAAK,CAAA;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,kBAAA,CAAmB,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA,IACA,eAAe,GAAA,EAAmB;AAChC,MAAA,kBAAA,CAAmB,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,aAAA,CAAc,SAAS,CAAA;AAAA,IACzB,CAAA;AAAA,IACA,SAAA,GAAkB;AAChB,MAAA,aAAA,CAAc,SAAS,CAAA;AAAA,IACzB;AAAA,GACF;AACF;AAEA,SAAS,kBAAkB,EAAA,EAAyC;AAClE,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AACrB,EAAA,IAAI;AACF,IAAA,MAAM,cAAc,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvF,IAAA,MAAM,eAAe,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACzF,IAAA,MAAM,eAAe,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAC,CAAA;AACtF,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,IAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,IAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,IAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,EAChD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,SAAS,iBAAA,CAAkB,IAAsB,MAAA,EAA0B;AACzE,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,QAAQ,eAAA,CAAgB,EAAA,EAAI,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACvF,IAAA,OAAA,CAAQ,QAAQ,eAAA,CAAgB,EAAA,EAAI,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AACzF,IAAA,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,EAC7F,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,oBAAoB,EAAA,EAA4B;AACvD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACtE,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACvE,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,EACtE,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,gBAAgB,GAAA,EAA4B;AACnD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AACrB,EAAA,IAAI;AACF,IAAA,OAAO,OAAA,CAAQ,QAAQ,GAAG,CAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,SAAS,eAAA,CAAgB,KAAa,KAAA,EAAqB;AACzD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,mBAAmB,GAAA,EAAmB;AAC7C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,WAAW,GAAG,CAAA;AAAA,EACxB,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,cAAc,EAAA,EAA4B;AACjD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,EAAA,CAAG,QAAA,IAAY,EAAA,CAAG,QAC7B,CAAA,KAAA,EAAQ,EAAA,CAAG,QAAA,IAAY,EAAE,CAAA,CAAA,EAAI,EAAA,CAAG,KAAA,IAAS,EAAE,MAC3C,mBAAA,EAAoB;AACxB,IAAA,MAAM,OAAiB,EAAC;AACxB,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,OAAA,CAAQ,QAAQ,CAAA,EAAA,EAAK;AACvC,MAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,GAAA,CAAI,CAAC,CAAA;AACzB,MAAA,IAAI,OAAO,GAAA,CAAI,UAAA,CAAW,MAAM,CAAA,EAAG,IAAA,CAAK,KAAK,GAAG,CAAA;AAAA,IAClD;AACA,IAAA,IAAA,CAAK,QAAQ,CAAC,CAAA,KAAM,OAAA,CAAQ,UAAA,CAAW,CAAC,CAAC,CAAA;AAAA,EAC3C,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;;;ACjJA,IAAM,sBAAA,GAAyB;AAAA,EAC7B,IAAA,EAAM,GAAA;AAAA,EACN,QAAA,EAAU,KAAA;AAAA,EACV,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK;AAAA;AACzB,CAAA;AAEA,SAAS,WAAA,GAA+B;AACtC,EAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAC5C,EAAA,OAAO,QAAA;AACT;AAEA,SAAS,UAAU,IAAA,EAA6B;AAC9C,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,IAAO,CAAC,GAAA,CAAI,QAAQ,OAAO,IAAA;AAChC,EAAA,MAAM,KAAA,GAAQ,IAAI,MAAA,CAAO,KAAA,CAAM,IAAI,MAAA,CAAO,OAAA,GAAU,IAAA,GAAO,UAAU,CAAC,CAAA;AACtE,EAAA,OAAO,KAAA,GAAQ,kBAAA,CAAmB,KAAA,CAAM,CAAC,CAAC,CAAA,GAAI,IAAA;AAChD;AAEA,SAAS,SAAA,CACP,IAAA,EACA,KAAA,EACA,OAAA,GAAoF,EAAC,EAC/E;AACN,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,EAAK;AACV,EAAA,MAAM,EAAE,IAAA,GAAO,GAAA,EAAK,QAAA,GAAW,KAAA,EAAO,MAAA,EAAO,GAAI,EAAE,GAAG,sBAAA,EAAwB,GAAG,OAAA,EAAQ;AACzF,EAAA,IAAI,MAAA,GAAS,CAAA,EAAG,kBAAA,CAAmB,IAAI,CAAC,CAAA,CAAA,EAAI,kBAAA,CAAmB,KAAK,CAAC,CAAA,MAAA,EAAS,IAAI,CAAA,UAAA,EAAa,QAAQ,CAAA,CAAA;AACvG,EAAA,IAAI,MAAA,IAAU,IAAA,EAAM,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AAChD,EAAA,GAAA,CAAI,MAAA,GAAS,MAAA;AACf;AAEA,SAAS,aAAa,IAAA,EAAoB;AACxC,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,EAAK;AACV,EAAA,GAAA,CAAI,MAAA,GAAS,CAAA,EAAG,kBAAA,CAAmB,IAAI,CAAC,CAAA,kBAAA,CAAA;AAC1C;AAEO,SAAS,0BAAA,CACd,WACA,OAAA,EACgB;AAChB,EAAA,MAAM,MAAA,GAAS,SAAS,YAAA,IAAgB,MAAA;AACxC,EAAA,MAAM,SAAA,GAAY,SAAA,CAAU,QAAA,IAAY,SAAA,CAAU,QAC9C,CAAA,KAAA,EAAQ,SAAA,CAAU,QAAA,IAAY,EAAE,CAAA,CAAA,EAAI,SAAA,CAAU,KAAA,IAAS,EAAE,MACzD,mBAAA,EAAoB;AAExB,EAAA,MAAM,aAAa,CAAC,MAAA,KAClB,GAAG,MAAM,CAAA,CAAA,EAAI,UAAU,QAAA,IAAY,GAAG,CAAA,CAAA,EAAI,SAAA,CAAU,SAAS,GAAG,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA,CAAG,OAAA,CAAQ,kBAAkB,GAAG,CAAA;AAE5G,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,MAAM,WAAA,GAAc,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACxE,MAAA,MAAM,YAAA,GAAe,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AAC1E,MAAA,MAAM,YAAA,GAAe,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AACvE,MAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,MAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,MAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,MAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,IAChD,CAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAA,EAAG,MAAA,CAAO,aAAa,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,EAAI,CAAA;AAC7F,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAA,EAAG,MAAA,CAAO,YAAA,EAAc,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,CAAA,EAAG,CAAA;AACxG,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAA,EAAG,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,IAAI,CAAA;AAAA,IACxG,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvD,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxD,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvD,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,OAAO,SAAA,CAAU,UAAA,CAAW,IAAI,CAAC,CAAA;AAAA,IACnC,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,SAAA,CAAU,UAAA,CAAW,IAAI,CAAA,EAAG,KAAK,CAAA;AAAA,IACnC,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,YAAA,CAAa,UAAA,CAAW,IAAI,CAAC,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,MAAM,QAAA,GAAW,MAAA,CAAO,MAAA,CAAO,kBAAkB,CAAA;AACjD,MAAA,QAAA,CAAS,QAAQ,CAAC,CAAA,KAAM,aAAa,UAAA,CAAW,CAAC,CAAC,CAAC,CAAA;AACnD,MAAA,MAAA,CAAO,MAAA,CAAO,mBAAmB,CAAA,CAAE,OAAA,CAAQ,CAAC,WAAW,YAAA,CAAa,UAAA,CAAW,MAAM,CAAC,CAAC,CAAA;AAAA,IACzF;AAAA,GACF;AACF;;;AChGA,SAAS,YAAY,GAAA,EAAqB;AACxC,EAAA,MAAM,SAAS,mBAAA,EAAoB;AACnC,EAAA,OAAO,GAAA,CAAI,WAAW,MAAM,CAAA,GAAI,IAAI,KAAA,CAAM,MAAA,CAAO,MAAM,CAAA,GAAI,GAAA;AAC7D;AAEO,SAAS,UAAA,CAAW,KAAa,KAAA,EAAqB;AAC3D,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,WAAA,EAAa;AAC3B,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,WAAA,CAAY,eAAA,CAAgB,EAAA,EAAI,MAAM,GAAG,KAAK,CAAA;AAAA,EACxD,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,WAAW,GAAA,EAA4B;AACrD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS,WAAA,EAAa,OAAO,IAAA;AAClC,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAO,OAAA,CAAQ,WAAA,CAAY,eAAA,CAAgB,EAAA,EAAI,MAAM,CAAC,CAAA;AAAA,EACxD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEO,SAAS,cAAc,GAAA,EAAmB;AAC/C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,cAAA,EAAgB;AAC9B,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,cAAA,CAAe,eAAA,CAAgB,EAAA,EAAI,MAAM,CAAC,CAAA;AAAA,EACpD,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;;;ACpCA,IAAM,YAAA,GAAe;AAAA,EACnB,SAAA,EAAW,YAAA;AAAA,EACX,YAAA,EAAc,eAAA;AAAA,EACd,KAAA,EAAO,OAAA;AAAA,EACP,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,SAAA,EAAW;AACb,CAAA;AAEO,IAAM,YAAA,GAA4B;AAAA,EACvC,IAAI,SAAA,GAAY;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,SAAS,CAAA;AAAA,EAAG,CAAA;AAAA,EAChE,IAAI,YAAA,GAAe;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,YAAY,CAAA;AAAA,EAAG,CAAA;AAAA,EACtE,IAAI,KAAA,GAAQ;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,KAAK,CAAA;AAAA,EAAG,CAAA;AAAA,EACxD,IAAI,WAAA,GAAc;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,WAAW,CAAA;AAAA,EAAG,CAAA;AAAA,EACpE,IAAI,YAAA,GAAe;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,YAAY,CAAA;AAAA,EAAG,CAAA;AAAA,EACtE,IAAI,SAAA,GAAY;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,SAAS,CAAA;AAAA,EAAG;AAClE,CAAA;AAEO,SAAS,gBAAA,GAAyB;AAEvC,EAAA,MAAM,WAAA,GAAc;AAAA,IAClB,YAAA,CAAa,WAAA;AAAA,IACb,YAAA,CAAa,YAAA;AAAA,IACb,YAAA,CAAa,SAAA;AAAA,IACb,YAAA,CAAa,YAAA;AAAA,IACb,YAAA,CAAa,KAAA;AAAA,IACb,cAAc,oBAAoB,CAAA;AAAA,IAClC,cAAc,cAAc,CAAA;AAAA,IAC5B,cAAc,iBAAiB,CAAA;AAAA,IAC/B,cAAc,gBAAgB,CAAA;AAAA,IAC9B,cAAc,sBAAsB;AAAA,GACtC;AACA,EAAA,KAAA,MAAW,GAAA,IAAO,WAAA,EAAa,aAAA,CAAc,GAAG,CAAA;AAClD;AAEO,SAAS,uBAAA,GAAgC;AAC9C,EAAA,gBAAA,EAAiB;AACnB;AAEO,SAAS,eAAA,GAAwB;AACtC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI;AACF,IAAA,OAAA,EAAS,cAAc,YAAA,EAAa;AAAA,EACtC,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,eAAA,GAAwB;AACtC,EAAA,gBAAA,EAAiB;AACjB,EAAA,eAAA,EAAgB;AAClB;AAEO,SAAS,cAAA,GAAgC;AAC9C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,WAAA,IAAe,IAAA;AAAA,EAC3B;AACA,EAAA,OAAO,UAAA,CAAW,aAAa,WAAW,CAAA;AAC5C;AAEO,SAAS,eAAA,GAAiC;AAC/C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,YAAA,IAAgB,IAAA;AAAA,EAC5B;AACA,EAAA,OAAO,UAAA,CAAW,aAAa,YAAY,CAAA;AAC7C;AAEO,SAAS,YAAA,GAA8B;AAC5C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,SAAA,IAAa,IAAA;AAAA,EACzB;AACA,EAAA,MAAM,SAAA,GAAY,UAAA,CAAW,YAAA,CAAa,SAAS,CAAA;AACnD,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,MAAM,SAAA,GAAY,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA;AACxC,EAAA,OAAO,KAAA,CAAM,SAAS,CAAA,GAAI,IAAA,GAAO,SAAA;AACnC;AAEO,SAAS,oBAAA,GAAgC;AAC9C,EAAA,MAAM,YAAY,YAAA,EAAa;AAC/B,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,MAAM,SAAS,EAAA,GAAK,GAAA;AACpB,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,IAAK,SAAA,GAAY,MAAA;AACnC;AAEO,SAAS,eAAA,GAAiC;AAC/C,EAAA,OAAO,UAAA,CAAW,aAAa,YAAY,CAAA;AAC7C;AACO,SAAS,QAAA,GAA0B;AACxC,EAAA,OAAO,UAAA,CAAW,aAAa,KAAK,CAAA;AACtC;AACO,SAAS,YAAA,GAA8B;AAC5C,EAAA,OAAO,UAAA,CAAW,aAAa,SAAS,CAAA;AAC1C;AACO,SAAS,aAAa,SAAA,EAAyB;AACpD,EAAA,UAAA,CAAW,YAAA,CAAa,WAAW,SAAS,CAAA;AAC9C;;;AC1GA,SAAS,KAAA,GAAiB;AACxB,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,MAAM,QAAA,GAAW,OAAO,QAAA,CAAS,QAAA;AACjC,EAAA,OACE,aAAa,WAAA,IACb,QAAA,KAAa,WAAA,IACb,QAAA,KAAa,WACb,QAAA,CAAS,UAAA,CAAW,UAAU,CAAA,IAC9B,SAAS,UAAA,CAAW,KAAK,CAAA,IACzB,QAAA,CAAS,SAAS,QAAQ,CAAA;AAE9B;AAEA,IAAM,SAAN,MAAa;AAAA,EAAb,WAAA,GAAA;AACE,IAAA,IAAA,CAAQ,MAAA,GAAS,8BAAA;AAAA,EAAA;AAAA,EAET,GAAA,CAAI,KAAA,EAAiB,OAAA,EAAiB,IAAA,EAAsB;AAClE,IAAA,MAAM,SAAA,GAAA,iBAAY,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AACzC,IAAA,MAAM,UAAA,GAAa,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,EAAA,EAAK,SAAS,CAAA,GAAA,EAAM,KAAA,CAAM,WAAA,EAAa,CAAA,EAAA,EAAK,OAAO,CAAA,CAAA;AAEpF,IAAA,QAAQ,KAAA;AAAO,MACb,KAAK,MAAA;AACH,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AAClC,QAAA;AAAA,MACF,KAAK,MAAA;AACH,QAAA,OAAA,CAAQ,IAAA,CAAK,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AACnC,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,OAAA,CAAQ,KAAA,CAAM,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AACpC,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,IAAI,OAAM,EAAG;AACX,UAAA,OAAA,CAAQ,KAAA,CAAM,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AAAA,QACtC;AACA,QAAA;AAAA;AACJ,EACF;AAAA,EAEA,IAAA,CAAK,SAAiB,IAAA,EAAsB;AAC1C,IAAA,IAAA,CAAK,GAAA,CAAI,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,IAAA,CAAK,SAAiB,IAAA,EAAsB;AAC1C,IAAA,IAAA,CAAK,GAAA,CAAI,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,KAAA,CAAM,SAAiB,IAAA,EAAsB;AAC3C,IAAA,IAAA,CAAK,GAAA,CAAI,OAAA,EAAS,OAAA,EAAS,IAAI,CAAA;AAAA,EACjC;AAAA,EAEA,KAAA,CAAM,SAAiB,IAAA,EAAsB;AAC3C,IAAA,IAAA,CAAK,GAAA,CAAI,OAAA,EAAS,OAAA,EAAS,IAAI,CAAA;AAAA,EACjC;AACF,CAAA;AAEO,IAAM,MAAA,GAAS,IAAI,MAAA,EAAO;;;AC/CjC,IAAI,iBAA4B,EAAC;AAGjC,IAAI,kBAAA,GAA2E,IAAA;AAE/E,IAAM,YAAA,GAAe,4BAAA;AACrB,IAAM,QAAA,GAAW,+BAAA;AAEV,SAAS,UAAU,SAAA,EAAqC;AAC7D,EAAA,cAAA,GAAiB,EAAE,GAAG,cAAA,EAAgB,GAAG,SAAA,EAAU;AACrD;AAEO,SAAS,oBAAA,GAA6B;AAC3C,EAAA,cAAA,GAAiB,EAAC;AACpB;AAEO,SAAS,sBACd,EAAA,EACM;AACN,EAAA,kBAAA,GAAqB,EAAA;AACvB;AAEA,SAAS,cAAA,GAA4B;AACnC,EAAA,MAAM,MAAiB,EAAC;AACxB,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,MAAA,CAAO,oBAAA,EAAsB;AAChE,MAAA,MAAA,CAAO,MAAA,CAAO,GAAA,EAAK,MAAA,CAAO,oBAAoB,CAAA;AAAA,IAChD;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,IAAI;AACF,IAAA,MAAM,eAAe,kBAAA,IAAqB;AAC1C,IAAA,IAAI,YAAA,IAAgB,OAAO,YAAA,KAAiB,QAAA,EAAU;AACpD,MAAA,MAAA,CAAO,MAAA,CAAO,KAAK,YAAY,CAAA;AAAA,IACjC;AAAA,EACF,SAAS,CAAA,EAAG;AACV,IAAA,MAAA,CAAO,KAAK,mCAAA,EAAqC;AAAA,MAC/C,OAAO,CAAA,YAAa,KAAA,GAAQ,CAAA,CAAE,OAAA,GAAU,OAAO,CAAC;AAAA,KACjD,CAAA;AAAA,EACH;AACA,EAAA,OAAO,GAAA;AACT;AAEA,SAAS,sBAAA,GAAoC;AAC3C,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,UAAA,CAAW,aAAA,CAAc,aAAa,CAAC,CAAA;AACnD,IAAA,IAAI,CAAC,GAAA,EAAK,OAAO,EAAC;AAClB,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAC7B,IAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,SAAiB,EAAC;AACnD,IAAA,MAAM,EAAE,CAAC,YAAY,GAAG,EAAA,EAAI,CAAC,QAAQ,GAAG,EAAA,EAAI,GAAG,IAAA,EAAK,GAAI,MAAA;AAExD,IAAA,IAAI,CAAC,IAAA,CAAK,QAAA,IAAY,OAAO,IAAA,CAAK,cAAc,QAAA,IAAY,IAAA,CAAK,SAAA,CAAU,IAAA,EAAK,EAAG;AACjF,MAAA,IAAA,CAAK,QAAA,GAAW,IAAA,CAAK,SAAA,CAAU,IAAA,EAAK;AAAA,IACtC;AACA,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAC;AAAA,EACV;AACF;AAMO,SAAS,iBAAiB,SAAA,EAA2C;AAC1E,EAAA,MAAM,SAAS,sBAAA,EAAuB;AACtC,EAAA,MAAM,SAAS,cAAA,EAAe;AAC9B,EAAA,OAAO;AAAA,IACL,GAAG,MAAA;AAAA,IACH,GAAG,MAAA;AAAA,IACH,GAAG,cAAA;AAAA,IACH,GAAI,aAAa;AAAC,GACpB;AACF;AAcA,SAAS,eAAe,CAAA,EAAgC;AACtD,EAAA,IAAI,CAAA,IAAK,MAAM,OAAO,MAAA;AACtB,EAAA,MAAM,CAAA,GAAI,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK;AACzB,EAAA,OAAO,CAAA,IAAK,MAAA;AACd;AAKO,SAAS,sBAAsB,SAAA,EAAgD;AACpF,EAAA,MAAM,SAAS,sBAAA,EAAuB;AACtC,EAAA,MAAM,SAAS,cAAA,EAAe;AAC9B,EAAA,MAAM,MAAA,GAAuD;AAAA,IAC3D,EAAE,GAAA,EAAK,eAAA,EAAiB,GAAA,EAAK,MAAA,EAAO;AAAA,IACpC,EAAE,GAAA,EAAK,aAAA,EAAe,GAAA,EAAK,MAAA,EAAO;AAAA,IAClC,EAAE,GAAA,EAAK,QAAA,EAAU,GAAA,EAAK,cAAA;AAAe,GACvC;AACA,EAAA,IAAI,SAAA,IAAa,MAAA,CAAO,IAAA,CAAK,SAAS,EAAE,MAAA,EAAQ;AAC9C,IAAA,MAAA,CAAO,KAAK,EAAE,GAAA,EAAK,UAAA,EAAY,GAAA,EAAK,WAAW,CAAA;AAAA,EACjD;AAEA,EAAA,MAAM,IAAA,GAAO,CAAC,GAAA,KAAwD;AACpE,IAAA,KAAA,IAAS,IAAI,MAAA,CAAO,MAAA,GAAS,CAAA,EAAG,CAAA,IAAK,GAAG,CAAA,EAAA,EAAK;AAC3C,MAAA,MAAM,IAAI,cAAA,CAAe,MAAA,CAAO,CAAC,CAAA,CAAE,GAAA,CAAI,GAAG,CAAC,CAAA;AAC3C,MAAA,IAAI,CAAA,KAAM,MAAA,EAAW,OAAO,MAAA,CAAO,CAAC,CAAA,CAAE,GAAA;AAAA,IACxC;AACA,IAAA,OAAO,MAAA;AAAA,EACT,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,UAAA,EAAY,IAAA,CAAK,YAAY,CAAA,IAAK,KAAK,WAAW,CAAA;AAAA,IAClD,SAAA,EAAW,IAAA,CAAK,WAAW,CAAA,IAAK,KAAK,YAAY,CAAA;AAAA,IACjD,UAAA,EAAY,KAAK,YAAY,CAAA;AAAA,IAC7B,aAAA,EAAe,KAAK,eAAe,CAAA;AAAA,IACnC,WAAA,EAAa,KAAK,aAAa,CAAA;AAAA,IAC/B,UAAA,EAAY,KAAK,YAAY,CAAA;AAAA,IAC7B,QAAA,EAAU,KAAK,UAAU,CAAA;AAAA,IACzB,QAAA,EAAU,KAAK,UAAU,CAAA;AAAA,IACzB,KAAA,EAAO,KAAK,OAAO;AAAA,GACrB;AACF;AAEO,SAAS,uBAAuB,SAAA,EAAwC;AAC7E,EAAA,MAAM,GAAA,GAAM,iBAAiB,SAAS,CAAA;AACtC,EAAA,MAAM,CAAA,GACJ,cAAA,CAAe,GAAA,CAAI,UAAU,CAAA,IAC7B,cAAA,CAAe,GAAA,CAAI,SAAS,CAAA,IAC5B,cAAA,CAAe,GAAA,CAAI,UAAU,CAAA,IAC7B,EAAA;AACF,EAAA,OAAO,CAAA;AACT;AAGO,IAAM,qBAAA,GAAwB;AAErC,SAAS,KAAK,CAAA,EAAoB;AAChC,EAAA,OAAO,KAAK,IAAA,GAAO,EAAA,GAAK,MAAA,CAAO,CAAC,EAAE,IAAA,EAAK;AACzC;AAEO,SAAS,iBAAiB,GAAA,EAAgC;AAC/D,EAAA,MAAM,MAAA,GAAS,EAAE,GAAG,GAAA,EAAI;AACxB,EAAA,IAAI,CAAC,MAAA,CAAO,UAAA,IAAc,MAAA,CAAO,SAAA,EAAW;AAC1C,IAAA,MAAA,CAAO,aAAa,MAAA,CAAO,SAAA;AAAA,EAC7B;AACA,EAAA,MAAM,WAAW,IAAA,CAAK,MAAA,CAAO,QAAQ,CAAA,IAAK,IAAA,CAAK,OAAO,UAAU,CAAA;AAEhE,EAAA,OAAO;AAAA,IACL,UAAA,EAAY,IAAA,CAAK,MAAA,CAAO,UAAU,CAAA;AAAA,IAClC,aAAA,EAAe,IAAA,CAAK,MAAA,CAAO,aAAa,CAAA;AAAA,IACxC,aAAa,IAAA,CAAK,MAAA,CAAO,WAAW,CAAA,IAAK,IAAA,CAAK,OAAO,WAAW,CAAA;AAAA,IAChE,UAAA,EAAY,IAAA,CAAK,MAAA,CAAO,UAAU,CAAA;AAAA,IAClC,UAAA,EAAY,IAAA,CAAK,MAAA,CAAO,UAAU,CAAA;AAAA,IAClC,KAAA,EAAO,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA;AAAA,IACxB,QAAA;AAAA,IACA,QAAA,EAAU,IAAA,CAAK,MAAA,CAAO,QAAQ;AAAA,GAChC;AACF;AAQO,IAAM,eAAA,GAAN,cAA8B,KAAA,CAAM;AAAA,EAGzC,WAAA,CAAY,SAAmB,OAAA,EAAkB;AAC/C,IAAA,KAAA;AAAA,MACE,OAAA,IACE,CAAA,mDAAA,EAAsD,OAAA,CAAQ,IAAA,CAAK,IAAI,CAAC,CAAA,0IAAA;AAAA,KAE5E;AAPF,IAAA,IAAA,CAAS,IAAA,GAAO,qBAAA;AAQd,IAAA,IAAA,CAAK,IAAA,GAAO,iBAAA;AACZ,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AAAA,EACjB;AACF;AAEO,SAAS,cAAc,SAAA,EAAgD;AAC5E,EAAA,OAAO,gBAAA,CAAiB,gBAAA,CAAiB,SAAS,CAAC,CAAA;AACrD;AAEO,SAAS,cAAc,OAAA,EAAgD;AAC5E,EAAA,MAAM,QAAA,GAAW,gBAAA,CAAiB,gBAAA,CAAiB,OAAA,EAAS,SAAS,CAAC,CAAA;AACtE,EAAA,IAAI,SAAS,MAAA,EAAQ;AACnB,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,IAAI,CAAC,QAAA,CAAS,aAAA,EAAe,OAAA,CAAQ,KAAK,eAAe,CAAA;AACzD,IAAA,IAAI,CAAC,QAAA,CAAS,WAAA,EAAa,OAAA,CAAQ,KAAK,aAAa,CAAA;AACrD,IAAA,IAAI,CAAC,QAAA,CAAS,UAAA,EAAY,OAAA,CAAQ,KAAK,sBAAsB,CAAA;AAC7D,IAAA,IAAI,OAAA,CAAQ,MAAA,EAAQ,MAAM,IAAI,gBAAgB,OAAO,CAAA;AAAA,EACvD;AACA,EAAA,OAAO,QAAA;AACT;AASO,SAAS,6BAAA,GAAsC;AACpD,EAAA,MAAM,IAAI,gBAAA,EAAiB;AAC3B,EAAA,MAAM,QAA4B,EAAC;AACnC,EAAA,MAAM,IAAA,GAAO;AAAA,IACX,YAAA;AAAA,IACA,eAAA;AAAA,IACA,aAAA;AAAA,IACA,aAAA;AAAA,IACA,YAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,UAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,KAAA,MAAW,KAAK,IAAA,EAAM;AACpB,IAAA,MAAM,CAAA,GAAI,EAAE,CAAC,CAAA;AACb,IAAA,IAAI,KAAK,IAAA,IAAQ,MAAA,CAAO,CAAC,CAAA,CAAE,MAAK,EAAG;AACjC,MAAC,MAAiC,CAAC,CAAA,GAAI,MAAA,CAAO,CAAC,EAAE,IAAA,EAAK;AAAA,IACxD;AAAA,EACF;AACA,EAAA,IAAI,OAAO,IAAA,CAAK,KAAK,CAAA,CAAE,MAAA,uBAA6B,KAAK,CAAA;AAC3D;AAEO,SAAS,qBAAqB,OAAA,EAAmC;AACtE,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,cAAc,aAAa,CAAA;AACvC,IAAA,MAAM,GAAA,GAAM,WAAW,GAAG,CAAA;AAC1B,IAAA,IAAI,WAAoC,EAAC;AACzC,IAAA,IAAI;AACF,MAAA,IAAI,GAAA,EAAK,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAAA,IACpC,CAAA,CAAA,MAAQ;AACN,MAAA,QAAA,GAAW,EAAC;AAAA,IACd;AACA,IAAA,MAAM,IAAA,GAAO;AAAA,MACX,GAAG,QAAA;AAAA,MACH,GAAG,OAAA;AAAA,MACH,CAAC,YAAY,GAAG,IAAA;AAAA,MAChB,CAAC,QAAQ,GAAA,iBAAG,IAAI,IAAA,IAAO,WAAA;AAAY,KACrC;AACA,IAAA,UAAA,CAAW,GAAA,EAAK,IAAA,CAAK,SAAA,CAAU,IAAI,CAAC,CAAA;AACpC,IAAA,MAAA,CAAO,MAAM,wDAAA,EAA0D;AAAA,MACrE,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,OAAO;AAAA,KAC1B,CAAA;AAAA,EACH,SAAS,CAAA,EAAG;AACV,IAAA,MAAA,CAAO,KAAK,4CAAA,EAA8C;AAAA,MACxD,OAAO,CAAA,YAAa,KAAA,GAAQ,CAAA,CAAE,OAAA,GAAU,OAAO,CAAC;AAAA,KACjD,CAAA;AAAA,EACH;AACF;AAKO,SAAS,UAAA,CAAW,QAA4B,IAAA,EAA6C;AAClG,EAAA,SAAA,CAAU,MAAM,CAAA;AAChB,EAAA,MAAA,CAAO,KAAK,mDAAA,EAAgD;AAAA,IAC1D,gBAAA,EAAkB,MAAM,gBAAA,KAAqB,KAAA;AAAA,IAC7C,UAAA,EAAY,MAAA,CAAO,UAAA,IAAc,MAAA,CAAO,SAAA,IAAa;AAAA,GACtD,CAAA;AACD,EAAA,IAAI,IAAA,EAAM,qBAAqB,KAAA,EAAO;AACpC,IAAA,oBAAA,CAAqB,MAAM,CAAA;AAAA,EAC7B;AACF;AAEO,SAAS,wBAAA,CAAyB,SAAiB,SAAA,EAAsC;AAC9F,EAAA,MAAM,OAAA,GAAU,sBAAsB,SAAS,CAAA;AAC/C,EAAA,MAAA,CAAO,KAAA,CAAM,CAAA,SAAA,EAAY,OAAO,CAAA,CAAA,EAAI;AAAA,IAClC,YAAA,EAAc,OAAA;AAAA,IACd,mBAAA,EAAqB,sBAAA,CAAuB,SAAS,CAAA,IAAK,SAAA;AAAA,IAC1D,gBAAA,EAAkB,CAAC,CAAC,gBAAA,CAAiB,SAAS,CAAA,CAAE,aAAA;AAAA,IAChD,cAAA,EAAgB,CAAC,CAAC,gBAAA,CAAiB,SAAS,CAAA,CAAE;AAAA,GAC/C,CAAA;AACH;;;ACvSA,SAASA,MAAK,CAAA,EAA2B;AACvC,EAAA,IAAI,CAAA,IAAK,MAAM,OAAO,IAAA;AACtB,EAAA,MAAM,CAAA,GAAI,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK;AACzB,EAAA,OAAO,CAAA,IAAK,IAAA;AACd;AAMA,SAAS,6BAA6B,GAAA,EAAmC;AACvE,EAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,EAAA,IAAI,CAAA,GAAI,IAAI,IAAA,EAAK;AACjB,EAAA,IAAI,CAAC,GAAG,OAAO,IAAA;AACf,EAAA,IAAI,CAAA,CAAE,WAAA,EAAY,CAAE,UAAA,CAAW,SAAS,CAAA,EAAG;AACzC,IAAA,CAAA,GAAI,CAAA,CAAE,KAAA,CAAM,SAAA,CAAU,MAAM,EAAE,IAAA,EAAK;AAAA,EACrC;AACA,EAAA,OAAO,CAAA,IAAK,IAAA;AACd;AAOO,SAAS,WAAA,GAA6B;AAC3C,EAAA,MAAM,IAAI,gBAAA,EAAiB;AAC3B,EAAA,MAAM,MAAA,GAAS,4BAAA,CAA6BA,KAAAA,CAAK,CAAA,CAAE,QAAQ,CAAC,CAAA;AAC5D,EAAA,IAAI,QAAQ,OAAO,MAAA;AACnB,EAAA,OAAO,4BAAA,CAA6BA,KAAAA,CAAK,CAAA,CAAE,UAAU,CAAC,CAAA;AACxD;AAGO,SAAS,mCAAmC,GAAA,EAA+C;AAChG,EAAA,OAAO,4BAAA,CAA6BA,KAAAA,CAAK,GAAG,CAAC,CAAA;AAC/C;AAEO,SAAS,cAAA,GAAgC;AAC9C,EAAA,MAAM,IAAI,gBAAA,EAAiB;AAC3B,EAAA,OAAOA,MAAK,CAAA,CAAE,WAAW,CAAA,IAAKA,KAAAA,CAAK,EAAE,WAAW,CAAA;AAClD;AAEO,SAAS,WAAA,GAA6B;AAC3C,EAAA,OAAOA,KAAAA,CAAK,gBAAA,EAAiB,CAAE,QAAQ,CAAA;AACzC;;;AC5CA,SAAS,oBAAoB,QAAA,EAA2B;AACtD,EAAA,OAAO,QAAA,KAAa,WAAA,IAAe,QAAA,KAAa,WAAA,IAC9C,SAAS,UAAA,CAAW,UAAU,CAAA,IAAK,QAAA,CAAS,UAAA,CAAW,KAAK,CAAA,IAAK,QAAA,CAAS,WAAW,SAAS,CAAA;AAClG;AAEA,SAASC,MAAAA,GAAiB;AACxB,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,KAAA;AAC1C,EAAA,OAAO,mBAAA,CAAoB,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AACrD;AAEO,SAAS,YAAA,CAAa,iBAA0B,IAAA,EAAY;AACjE,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAEnC,EAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,QAAA,CAAS,QAAA,KAAa,WAAA,IACrD,OAAO,QAAA,CAAS,QAAA,KAAa,WAAA,IAC7B,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,WAAW,UAAU,CAAA,IAC9C,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,UAAA,CAAW,KAAK,CAAA,IACzC,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,UAAA,CAAW,SAAS,CAAA;AAG/C,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAA,KAAa,OAAA;AAE5C,EAAA,IAAI,cAAA,IAAkB,qBAAqB,MAAA,EAAQ;AACjD,IAAA,MAAA,CAAO,MAAM,2CAA2C,CAAA;AACxD,IAAA;AAAA,EACF;AAEA,EAAA,IAAI,MAAA,IAAU,CAAC,iBAAA,EAAmB;AAChC,IAAA,MAAM,KAAA,GAAQ,IAAI,KAAA,CAAM,oFAAoF,CAAA;AAC5G,IAAA,MAAA,CAAO,MAAM,0BAAA,EAA4B;AAAA,MACvC,QAAA,EAAU,OAAO,QAAA,CAAS,QAAA;AAAA,MAC1B,QAAA,EAAU,OAAO,QAAA,CAAS;AAAA,KAC3B,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AAEA,EAAA,MAAA,CAAO,MAAM,oBAAA,EAAsB,EAAE,UAAU,MAAA,CAAO,QAAA,CAAS,UAAU,CAAA;AAC3E;AAEO,SAAS,oBAAA,CAAqB,OAAgB,cAAA,EAAgC;AACnF,EAAA,IAAIA,QAAM,EAAG;AACX,IAAA,IAAI,KAAA,YAAiB,KAAA,EAAO,OAAO,KAAA,CAAM,OAAA;AACzC,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AACA,EAAA,OAAO,cAAA;AACT;AAEO,IAAM,cAAA,GAAN,cAA6B,KAAA,CAAM;AAAA,EAIxC,WAAA,CAAY,IAAA,EAAc,cAAA,EAAwB,aAAA,EAAyB;AACzE,IAAA,KAAA,CAAM,cAAc,CAAA;AACpB,IAAA,IAAA,CAAK,IAAA,GAAO,gBAAA;AACZ,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AACZ,IAAA,IAAIA,MAAAA,EAAM,IAAK,aAAA,YAAyB,KAAA,EAAO;AAC7C,MAAA,IAAA,CAAK,kBAAkB,aAAA,CAAc,OAAA;AAAA,IACvC;AAAA,EACF;AACF;;;AC/BO,SAAS,0BAA0B,KAAA,EAA8C;AACtF,EAAA,MAAM;AAAA,IACJ,GAAA;AAAA,IACA,UAAA,EAAAC,WAAAA;AAAA,IACA,aAAA,EAAAC,cAAAA;AAAA,IACA,aAAA;AAAA,IACA,QAAA;AAAA,IACA,eAAA;AAAA,IACA;AAAA,GACF,GAAI,KAAA;AAEJ,EAAA,MAAM,iBAAA,GAAoBD,WAAAA,CAAW,oBAAoB,CAAA,KAAM,MAAA;AAC/D,EAAA,MAAM,cAAA,GAAiBA,WAAAA,CAAW,iBAAiB,CAAA,KAAM,MAAA;AAEzD,EAAA,IAAIC,cAAAA,CAAc,GAAG,CAAA,EAAG,OAAO,qBAAA;AAC/B,EAAA,IAAI,eAAe,OAAO,eAAA;AAC1B,EAAA,IAAI,iBAAA,IAAqB,CAAC,QAAA,EAAU,OAAO,gBAAA;AAC3C,EAAA,IAAI,QAAA,IAAY,cAAA,IAAkB,eAAA,EAAiB,OAAO,eAAA;AAC1D,EAAA,IAAI,QAAA,IAAY,cAAA,IAAkB,CAAC,eAAA,EAAiB,OAAO,gBAAA;AAC3D,EAAA,IAAI,gBAAgB,OAAO,eAAA;AAE3B,EAAA,OAAO,gBAAA;AACT;;;ACnDA,IAAM,kBAAA,GAAqB,GAAA;AAE3B,IAAI,mBAAA,GAAsB,KAAA;AAC1B,IAAI,kBAAA,GAAqB,CAAA;AAEzB,IAAI,kBAAA,GAAqB,KAAA;AAEzB,IAAI,cAAA,GAAiB,KAAA;AACrB,IAAI,aAAA,GAAgB,CAAA;AAEb,SAAS,qBAAA,GAAiC;AAC/C,EAAA,IAAI,CAAC,qBAAqB,OAAO,KAAA;AACjC,EAAA,IAAI,CAAC,oBAAoB,OAAO,IAAA;AAChC,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,GAAI,kBAAA,GAAqB,kBAAA;AAC3C;AAEO,SAAS,sBAAA,GAA+B;AAC7C,EAAA,mBAAA,GAAsB,IAAA;AACtB,EAAA,kBAAA,GAAqB,KAAK,GAAA,EAAI;AAChC;AAEO,SAAS,wBAAA,GAAiC;AAC/C,EAAA,mBAAA,GAAsB,KAAA;AACtB,EAAA,kBAAA,GAAqB,CAAA;AACvB;AAEO,SAAS,oBAAA,GAAgC;AAC9C,EAAA,OAAO,kBAAA;AACT;AAEO,SAAS,qBAAA,GAA8B;AAC5C,EAAA,kBAAA,GAAqB,IAAA;AACvB;AAEO,SAAS,uBAAA,GAAgC;AAC9C,EAAA,kBAAA,GAAqB,KAAA;AACvB;AAEO,SAAS,gBAAA,GAA4B;AAC1C,EAAA,OAAO,cAAA;AACT;AAMO,SAAS,iBAAA,GAA0B;AACxC,EAAA,cAAA,GAAiB,IAAA;AACjB,EAAA,aAAA,GAAgB,KAAK,GAAA,EAAI;AAC3B;AAEO,SAAS,mBAAA,GAA4B;AAC1C,EAAA,cAAA,GAAiB,KAAA;AACjB,EAAA,aAAA,GAAgB,CAAA;AAClB;AAEO,SAAS,eAAA,CAAgB,cAAsB,GAAA,EAAe;AACnE,EAAA,IAAI,CAAC,eAAe,OAAO,IAAA;AAC3B,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,GAAI,aAAA,GAAgB,WAAA;AACtC;AAGO,SAAS,cAAA,GAAuB;AACrC,EAAA,mBAAA,EAAoB;AACtB;AAEO,SAAS,YAAA,GAAqB;AACnC,EAAA,iBAAA,EAAkB;AACpB;;;ACtEO,IAAM,cAAA,GAAiB;AAAA,EAC5B,aAAA,EAAe,eAAA;AAAA,EACf,aAAA,EAAe,eAAA;AAAA,EACf,YAAA,EAAc,cAAA;AAAA,EACd,gBAAA,EAAkB,kBAAA;AAAA,EAClB,eAAA,EAAiB,iBAAA;AAAA,EACjB,qBAAA,EAAuB,uBAAA;AAAA,EACvB,oBAAA,EAAsB,sBAAA;AAAA,EACtB,eAAA,EAAiB,iBAAA;AAAA,EACjB,gBAAA,EAAkB,kBAAA;AAAA,EAClB,wBAAA,EAA0B,0BAAA;AAAA,EAC1B,kBAAA,EAAoB;AACtB;AAgBA,IAAI,SAAA,uBAA6B,GAAA,EAAI;AAErC,SAAS,YAAY,KAAA,EAA6C;AAChE,EAAA,IAAI,GAAA,GAAM,SAAA,CAAU,GAAA,CAAI,KAAK,CAAA;AAC7B,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,GAAA,uBAAU,GAAA,EAAI;AACd,IAAA,SAAA,CAAU,GAAA,CAAI,OAAO,GAAG,CAAA;AAAA,EAC1B;AACA,EAAA,OAAO,GAAA;AACT;AAEA,SAAS,mBAAA,GAA6C;AACpD,EAAA,IAAI,GAAA,GAAM,SAAA,CAAU,GAAA,CAAI,GAAG,CAAA;AAC3B,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,GAAA,uBAAU,GAAA,EAAI;AACd,IAAA,SAAA,CAAU,GAAA,CAAI,KAAK,GAAG,CAAA;AAAA,EACxB;AACA,EAAA,OAAO,GAAA;AACT;AAEO,SAAS,aAAA,CAAc,OAAsB,OAAA,EAAkC;AACpF,EAAA,MAAM,QAAA,GAAW,YAAY,KAAK,CAAA;AAClC,EAAA,MAAM,WAAW,mBAAA,EAAoB;AACrC,EAAA,MAAM,CAAA,GAAI,WAAW,EAAC;AACtB,EAAA,QAAA,CAAS,OAAA,CAAQ,CAAC,EAAA,KAAO;AACvB,IAAA,IAAI;AACF,MAAA,EAAA,CAAG,CAAC,CAAA;AAAA,IACN,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF,CAAC,CAAA;AACD,EAAA,QAAA,CAAS,OAAA,CAAQ,CAAC,EAAA,KAAO;AACvB,IAAA,IAAI;AACF,MAAA,EAAA,CAAG,EAAE,GAAG,CAAA,EAAG,KAAA,EAAO,CAAA;AAAA,IACpB,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF,CAAC,CAAA;AACH;AAEO,SAAS,kBAAA,CACd,OACA,OAAA,EACY;AACZ,EAAA,MAAM,MAAM,KAAA,KAAU,GAAA,GAAM,mBAAA,EAAoB,GAAI,YAAY,KAAK,CAAA;AACrE,EAAA,GAAA,CAAI,IAAI,OAAO,CAAA;AACf,EAAA,OAAO,MAAM,GAAA,CAAI,MAAA,CAAO,OAAO,CAAA;AACjC;;;AC3EO,IAAM,eAAA,GAAkB;AAAA,EAC7B,MAAA,EAAQ,sBAAA;AAAA,EACR,aAAA,EAAe,MAAA;AAAA,EACf,qBAAA,EAAuB,MAAA;AAAA,EACvB,gBAAA,EAAkB,oBAAA;AAAA,EAClB,kBAAA,EAAoB;AACtB;AAEO,IAAM,kBAAA,GAAqB;AAE3B,IAAMC,aAAAA,GAAe;AAAA,EAC1B,aAAA,EAAe,GAAG,kBAAkB,CAAA,eAAA,CAAA;AAAA,EACpC,QAAA,EAAU,GAAG,kBAAkB,CAAA,SAAA,CAAA;AAAA,EAC/B,WAAA,EAAa,GAAG,kBAAkB,CAAA,YAAA,CAAA;AAAA,EAClC,QAAA,EAAU,GAAG,kBAAkB,CAAA,SAAA,CAAA;AAAA,EAC/B,YAAA,EAAc,GAAG,kBAAkB,CAAA,aAAA,CAAA;AAAA,EACnC,KAAA,EAAO,GAAG,kBAAkB,CAAA,KAAA,CAAA;AAAA,EAC5B,WAAA,EAAa,GAAG,kBAAkB,CAAA,YAAA,CAAA;AAAA,EAClC,YAAA,EAAc,GAAG,kBAAkB,CAAA,aAAA,CAAA;AAAA,EACnC,SAAA,EAAW,GAAG,kBAAkB,CAAA,UAAA;AAClC;AAE8B,eAAA,CAAgB;AACvC,IAAM,wBAAwB,eAAA,CAAgB,aAAA;AAC9C,IAAM,gCAAgC,eAAA,CAAgB,qBAAA;AACtD,IAAM,2BAA2B,eAAA,CAAgB,gBAAA;AACjD,IAAM,6BAA6B,eAAA,CAAgB,kBAAA;;;AC2BnD,SAASC,eAAc,OAAA,EAA0E;AACtG,EAAA,OAAO,cAAsB,OAAO,CAAA;AACtC;AAGO,SAAS,kBAAkB,SAAA,EAAgD;AAChF,EAAA,OAAO,aAAA,CAAsB,EAAE,MAAA,EAAQ,IAAA,EAAM,WAAW,CAAA;AAC1D;AAEO,SAAS,SAAA,GAA4B;AAC1C,EAAA,OAAO,aAAA,EAAc;AACvB;AAEO,SAASC,eAAAA,GAAyB;AACvC,EAAA,MAAM,MAAM,aAAA,EAAc;AAC1B,EAAA,IAAI,GAAA,CAAI,WAAA,EAAa,OAAO,GAAA,CAAI,WAAA;AAChC,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,SAAoB,CAAA,EAAG,MAAA,CAAO,SAAS,MAAM,CAAA,SAAA,CAAA;AACnE,EAAA,OAAO,EAAA;AACT;AAOO,IAAM,MAAA,GAAS;AAAA,EACpB,aAAA,GAAwB;AACtB,IAAA,OAAO,eAAc,CAAE,UAAA;AAAA,EACzB,CAAA;AAAA,EAEA,gBAAA,GAA2B;AACzB,IAAA,OAAO,eAAc,CAAE,aAAA;AAAA,EACzB,CAAA;AAAA,EAEA,aAAA,GAAwB;AACtB,IAAA,OAAO,eAAc,CAAE,UAAA;AAAA,EACzB,CAAA;AAAA,EAEA,cAAA,GAAyB;AACvB,IAAA,OAAOA,eAAAA,EAAe;AAAA,EACxB,CAAA;AAAA,EAEA,MAAA,GAAyB;AACvB,IAAA,OAAO,aAAA,EAAc;AAAA,EACvB;AACF;AAKO,SAAS,wBAAA,CAAyB,WAAmB,IAAA,EAA6C;AACvG,EAAA,MAAM,CAAA,GAAI,UAAU,IAAA,EAAK;AACzB,EAAA,IAAI,CAAC,CAAA,EAAG;AACR,EAAA,SAAA,CAAU,EAAE,UAAA,EAAY,CAAA,EAAG,SAAA,EAAW,GAAG,CAAA;AACzC,EAAA,wBAAA,CAAyB,4BAA4B,EAAE,UAAA,EAAY,CAAA,EAAG,SAAA,EAAW,GAAG,CAAA;AACpF,EAAA,IAAI,IAAA,EAAM,qBAAqB,KAAA,EAAO;AACpC,IAAA,oBAAA,CAAqB,EAAE,UAAA,EAAY,CAAA,EAAG,SAAA,EAAW,GAAG,CAAA;AAAA,EACtD;AACF;;;AC5GA,IAAM,cAAA,GAAiB,IAAI,EAAA,GAAK,GAAA;AASzB,IAAM,oBAAN,MAAwB;AAAA,EAK7B,WAAA,CAAY,QAAgB,cAAA,EAAgB;AAJ5C,IAAA,IAAA,CAAiB,KAAA,uBAAY,GAAA,EAAwB;AACrD,IAAA,IAAA,CAAiB,QAAA,uBAAe,GAAA,EAA0C;AAIxE,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA,EAEA,IAAI,SAAA,EAAwC;AAC1C,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,SAAS,CAAA;AACtC,IAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AACnB,IAAA,IAAI,IAAA,CAAK,GAAA,EAAI,IAAK,KAAA,CAAM,SAAA,EAAW;AACjC,MAAA,IAAA,CAAK,KAAA,CAAM,OAAO,SAAS,CAAA;AAC3B,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,OAAO,KAAA,CAAM,MAAA;AAAA,EACf;AAAA,EAEA,GAAA,CAAI,WAAmB,MAAA,EAA4B;AACjD,IAAA,IAAA,CAAK,KAAA,CAAM,IAAI,SAAA,EAAW;AAAA,MACxB,MAAA;AAAA,MACA,SAAA,EAAW,IAAA,CAAK,GAAA,EAAI,GAAI,IAAA,CAAK;AAAA,KAC9B,CAAA;AAAA,EACH;AAAA,EAEA,WAAW,SAAA,EAA0B;AACnC,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,IAAA,CAAK,KAAA,CAAM,OAAO,SAAS,CAAA;AAC3B,MAAA,IAAA,CAAK,QAAA,CAAS,OAAO,SAAS,CAAA;AAAA,IAChC,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,MAAM,KAAA,EAAM;AACjB,MAAA,IAAA,CAAK,SAAS,KAAA,EAAM;AAAA,IACtB;AAAA,EACF;AAAA,EAEA,MAAM,YAAA,CACJ,SAAA,EACA,QAAA,EAC8B;AAC9B,IAAA,IAAI,CAAC,SAAA,IAAa,CAAC,SAAA,CAAU,IAAA,IAAQ,OAAO,IAAA;AAE5C,IAAA,MAAM,GAAA,GAAM,UAAU,IAAA,EAAK;AAC3B,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC3B,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAA,CAAO,KAAA,CAAM,0BAAA,EAA4B,EAAE,SAAA,EAAW,KAAK,CAAA;AAC3D,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,GAAG,CAAA;AACtC,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,MAAA,CAAO,KAAA,CAAM,sCAAA,EAAwC,EAAE,SAAA,EAAW,KAAK,CAAA;AACvE,MAAA,OAAO,QAAA;AAAA,IACT;AAEA,IAAA,MAAM,WAAW,YAA0C;AACzD,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,MAAM,QAAA,CAAS,GAAG,CAAA;AACjC,QAAA,IAAI,MAAA,EAAQ,IAAA,CAAK,GAAA,CAAI,GAAA,EAAK,MAAM,CAAA;AAChC,QAAA,OAAO,MAAA;AAAA,MACT,CAAA,SAAE;AACA,QAAA,IAAA,CAAK,QAAA,CAAS,OAAO,GAAG,CAAA;AAAA,MAC1B;AAAA,IACF,CAAA,GAAG;AAEH,IAAA,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,GAAA,EAAK,OAAO,CAAA;AAC9B,IAAA,OAAO,OAAA;AAAA,EACT;AACF,CAAA;;;ACtEA,IAAM,wBAAA,GAA2B,IAAI,iBAAA,EAAkB;AAMvD,SAAS,kBAAA,GAA8C;AACrD,EAAA,MAAM,cAAA,GAAiB,cAAc,cAAc,CAAA;AACnD,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,WAAW,cAAc,CAAA;AAChD,IAAA,IAAI,CAAC,gBAAgB,OAAO,IAAA;AAC5B,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AACxC,IAAA,OAAO,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,GAAW,MAAA,GAAS,IAAA;AAAA,EACzD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,SAAE;AACA,IAAA,aAAA,CAAc,cAAc,CAAA;AAAA,EAC9B;AACF;AAEA,SAAS,kBAAkB,KAAA,EAA+B;AACxD,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,IAAA;AACtC,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,OAAO,UAAU,OAAA,GAAU,IAAA;AAC7B;AAEO,SAAS,gBAAA,GAAkC;AAChD,EAAA,MAAM,cAAc,kBAAA,EAAmB;AACvC,EAAA,MAAM,eAAA,GAAkB,iBAAA,CAAkB,WAAA,EAAa,SAAS,CAAA;AAChE,EAAA,IAAI,eAAA,EAAiB;AACnB,IAAA,MAAA,CAAO,KAAA,CAAM,4CAAA,EAA8C,EAAE,SAAA,EAAW,iBAAiB,CAAA;AACzF,IAAA,OAAO,eAAA;AAAA,EACT;AAEA,EAAA,MAAM,QAAA,GAAW,iBAAA,CAAkB,sBAAA,EAAwB,CAAA;AAC3D,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,MAAA,CAAO,KAAA,CAAM,mDAAA,EAAqD,EAAE,SAAA,EAAW,UAAU,CAAA;AACzF,IAAA,OAAO,QAAA;AAAA,EACT;AAEA,EAAA,MAAA,CAAO,KAAK,oEAAoE,CAAA;AAChF,EAAA,OAAO,IAAA;AACT;AAEA,eAAsB,mBAAA,CACpB,WACA,cAAA,EAC8B;AAC9B,EAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,SAAS,CAAA;AACvD,EAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AACtB,EAAA,OAAO,EAAE,GAAG,QAAA,EAAU,SAAA,EAAU;AAClC;AAEA,eAAsB,yBAAA,CACpB,WACA,cAAA,EAC8B;AAC9B,EAAA,OAAO,wBAAA,CAAyB,YAAA;AAAA,IAAa,SAAA;AAAA,IAAW,CAAC,GAAA,KACvD,mBAAA,CAAoB,GAAA,EAAK,cAAc;AAAA,GACzC;AACF;;;AC3DO,SAASC,YAAAA,GAAuB;AACrC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,QAAA,GAAW,OAAA,GACb,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAA,GACnC,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,CAAO,QAAA,CAAS,QAAA,GAAW,EAAA;AAChE,EAAA,OAAO,YAAkB,QAAQ,CAAA;AACnC;AAEO,SAAS,gBAAA,GAAkC;AAChD,EAAA,OAAO,gBAAA,EAAiB;AAC1B;AAEO,SAAS,aAAA,GAAyB;AACvC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,SAAS,OAAO,oBAAA,CAAqB,OAAA,CAAQ,WAAA,CAAY,eAAe,CAAA;AAC5E,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,KAAA;AAC1C,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AACzD,EAAA,OAAO,OAAO,GAAA,CAAI,MAAM,CAAA,IAAK,MAAA,CAAO,IAAI,OAAO,CAAA;AACjD;;;ACHA,SAAS,YAAY,SAAA,EAAgC;AACnD,EAAA,MAAM,SAAA,GAAY,UAAU,UAAA,IAAc,IAAA;AAC1C,EAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA,GAAY,GAAA;AAE3C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,OAAA,CAAQ,aAAA,CAAc;AAAA,MACpB,aAAa,SAAA,CAAU,YAAA;AAAA,MACvB,cAAc,SAAA,CAAU,aAAA;AAAA,MACxB;AAAA,KACD,CAAA;AAAA,EACH;AACA,EAAA,UAAA,CAAW,YAAA,CAAa,WAAA,EAAa,SAAA,CAAU,YAAY,CAAA;AAC3D,EAAA,UAAA,CAAW,YAAA,CAAa,YAAA,EAAc,SAAA,CAAU,aAAa,CAAA;AAC7D,EAAA,UAAA,CAAW,YAAA,CAAa,SAAA,EAAW,SAAA,CAAU,QAAA,EAAU,CAAA;AAEvD,EAAA,IAAIA,cAAY,EAAG;AACjB,IAAA,MAAA,CAAO,MAAM,4BAAA,EAA8B;AAAA,MACzC,SAAA,EAAW,IAAI,IAAA,CAAK,SAAS,EAAE,WAAA,EAAY;AAAA,MAC3C;AAAA,KACD,CAAA;AAAA,EACH,CAAA,MAAO;AACL,IAAA,MAAA,CAAO,KAAK,4BAA4B,CAAA;AAAA,EAC1C;AACF;AAEA,eAAsB,sBAAsB,MAAA,EAAqD;AAC/F,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,IAAA,EAAM,YAAA,EAAc,QAAA,EAAU,aAAY,GAAI,MAAA;AACtD,IAAA,MAAM,cAAA,GAAiB,OAAO,gBAAA,EAAiB;AAC/C,IAAA,MAAM,QAAA,GAAW,GAAG,cAAc,CAAA,YAAA,CAAA;AAElC,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,wBAAA;AAAA,MACZ,IAAA;AAAA,MACA,SAAA,EAAW,UAAU,QAAQ,CAAA,CAAA;AAAA,MAC7B,YAAA,EAAc,WAAA;AAAA,MACd,aAAA,EAAe;AAAA,KAChB,CAAA;AAED,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,EAAU;AAAA,MACrC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,mCAAA,EAAoC;AAAA,MAC/D,IAAA,EAAM,KAAK,QAAA;AAAS,KACrB,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,YAAA,GAAe,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AAC3D,MAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,QACpC,QAAQ,QAAA,CAAS,MAAA;AAAA,QACjB,YAAY,QAAA,CAAS,UAAA;AAAA,QACrB,YAAA;AAAA,QACA,UAAA,EAAY;AAAA,OACb,CAAA;AACD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,0BAA0B,QAAA,CAAS,MAAM,IAAI,QAAA,CAAS,UAAU,GAAG,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,CAAE,SAAS,CAAA,GAAA,EAAM,IAAA,CAAK,UAAU,YAAY,CAAC,KAAK,EAAE,CAAA;AAAA,OACjJ;AAAA,IACF;AAEA,IAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,EAAK;AAEvC,IAAA,IAAI,CAAC,UAAU,YAAA,IAAgB,CAAC,UAAU,aAAA,IAAiB,CAAC,UAAU,UAAA,EAAY;AAChF,MAAA,MAAA,CAAO,MAAM,iCAAiC,CAAA;AAC9C,MAAA,MAAM,IAAI,MAAM,wBAAwB,CAAA;AAAA,IAC1C;AAEA,IAAA,WAAA,CAAY,SAAS,CAAA;AACrB,IAAA,OAAO,SAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,SAAA,GAAY,KAAA,YAAiB,KAAA,IAAS,KAAA,CAAM,IAAA,KAAS,YAAA;AAC3D,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,MAAA,CAAO,KAAK,iFAAiF,CAAA;AAC7F,MAAA,MAAM,gBAAgB,cAAA,EAAqB;AAC3C,MAAA,IAAI,aAAA,IAAiB,CAAC,oBAAA,EAAqB,EAAG;AAC5C,QAAA,OAAO;AAAA,UACL,YAAA,EAAc,aAAA;AAAA,UACd,aAAA,EAAe,iBAAgB,IAAK,EAAA;AAAA,UACpC,UAAA,EAAY;AAAA,SACd;AAAA,MACF;AACA,MAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,IACvD;AACA,IAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,MACpC,SAAS,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC/D,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AACF;AAEA,IAAI,cAAA,GAAyC,IAAA;AAE7C,eAAsB,kBAAA,GAAsC;AAC1D,EAAA,IAAI,gBAAgB,OAAO,cAAA;AAE3B,EAAA,cAAA,GAAA,CAAkB,YAA6B;AAC7C,IAAA,IAAI;AACF,MAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,MAAA,MAAM,WAAW,WAAA,EAAY;AAC7B,MAAA,MAAM,WAAW,WAAA,EAAY;AAE7B,MAAA,MAAA,CAAO,MAAM,gCAAA,EAAkC;AAAA,QAC7C,eAAA,EAAiB,CAAC,CAAC,YAAA;AAAA,QACnB,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,IAAI,CAAC,YAAA,IAAgB,CAAC,QAAA,IAAY,CAAC,QAAA,EAAU;AAC3C,QAAA,MAAA,CAAO,MAAM,6CAAA,EAA+C;AAAA,UAC1D,eAAA,EAAiB,CAAC,CAAC,YAAA;AAAA,UACnB,WAAA,EAAa,CAAC,CAAC,QAAA;AAAA,UACf,WAAA,EAAa,CAAC,CAAC;AAAA,SAChB,CAAA;AACD,QAAA,MAAM,IAAI,MAAM,6CAA6C,CAAA;AAAA,MAC/D;AAEA,MAAA,MAAM,cAAA,GAAiB,OAAO,aAAA,EAAc;AAC5C,MAAA,MAAM,QAAA,GAAW,GAAG,cAAc,CAAA,cAAA,CAAA;AAElC,MAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,QAC/B,UAAA,EAAY,0BAAA;AAAA,QACZ,aAAA,EAAe,YAAA;AAAA,QACf,WAAW,QAAA,CAAS,UAAA,CAAW,SAAS,CAAA,GAAI,QAAA,GAAW,UAAU,QAAQ,CAAA,CAAA;AAAA,QACzE,SAAA,EAAW;AAAA,OACZ,CAAA;AAED,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,EAAU;AAAA,QACrC,MAAA,EAAQ,MAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,cAAA,EAAgB,mCAAA;AAAA,UAChB,QAAA,EAAU;AAAA,SACZ;AAAA,QACA,IAAA,EAAM,KAAK,QAAA;AAAS,OACrB,CAAA;AAED,MAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,QAAA,MAAM,YAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AAC5D,QAAA,MAAM,0BACJ,QAAA,CAAS,MAAA,KAAW,OACnB,YAAA,EAAc,KAAA,KAAU,mBACxB,OAAO,YAAA,EAAc,sBAAsB,QAAA,KACzC,YAAA,CAAa,kBAAkB,QAAA,CAAS,SAAS,KAAK,YAAA,CAAa,iBAAA,CAAkB,SAAS,SAAS,CAAA,CAAA;AAE5G,QAAA,IAAI,uBAAA,EAAyB;AAC3B,UAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,UAAA,aAAA,CAAc,aAAa,WAAW,CAAA;AACtC,UAAA,aAAA,CAAc,aAAa,SAAS,CAAA;AACpC,UAAA,aAAA,CAAc,eAAe,oBAAA,EAAsB;AAAA,YACjD,KAAA,EAAO,kCAAA;AAAA,YACP,SAAS,MAAA,CAAO,YAAA,EAAc,iBAAA,IAAqB,YAAA,EAAc,SAAS,sBAAsB;AAAA,WACjG,CAAA;AAAA,QACH;AAEA,QAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB;AAAA,UACnC,QAAQ,QAAA,CAAS,MAAA;AAAA,UACjB,YAAY,QAAA,CAAS,UAAA;AAAA,UACrB,YAAA;AAAA,UACA,UAAA,EAAY;AAAA,SACb,CAAA;AACD,QAAA,MAAM,IAAI,KAAA;AAAA,UACR,yBAAyB,QAAA,CAAS,MAAM,IAAI,QAAA,CAAS,UAAU,GAAG,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,CAAE,SAAS,CAAA,GAAA,EAAM,IAAA,CAAK,UAAU,YAAY,CAAC,KAAK,EAAE,CAAA;AAAA,SAChJ;AAAA,MACF;AAEA,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,EAAK;AAEvC,MAAA,IAAI,CAAC,SAAA,CAAU,YAAA,IAAgB,CAAC,UAAU,aAAA,EAAe;AACvD,QAAA,MAAA,CAAO,MAAM,yCAAyC,CAAA;AACtD,QAAA,MAAM,IAAI,MAAM,gCAAgC,CAAA;AAAA,MAClD;AAEA,MAAA,WAAA,CAAY,SAAS,CAAA;AACrB,MAAA,aAAA,CAAc,eAAe,qBAAqB,CAAA;AAClD,MAAA,OAAO,SAAA,CAAU,YAAA;AAAA,IACnB,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,iBAAiB,KAAA,EAAO;AAC1B,QAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB,EAAE,OAAA,EAAS,KAAA,CAAM,SAAS,CAAA;AAC/D,QAAA,aAAA,CAAc,eAAe,oBAAA,EAAsB,EAAE,KAAA,EAAO,KAAA,CAAM,SAAS,CAAA;AAAA,MAC7E;AACA,MAAA,MAAM,KAAA;AAAA,IACR,CAAA,SAAE;AACA,MAAA,cAAA,GAAiB,IAAA;AAAA,IACnB;AAAA,EACF,CAAA,GAAG;AAEH,EAAA,OAAO,cAAA;AACT;;;AC7MO,SAAS,oBAAA,CAAqB,SAAiB,GAAA,EAAa;AACjE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAE5B,EAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,KAAK,CAAC,CAAA;AACjD,EAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AACrB;AAKA,eAAsB,sBAAsB,QAAA,EAAmC;AAC7E,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,IAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,CAAO,QAAQ,CAAA;AACpC,IAAA,MAAM,aAAa,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,IAAI,CAAA;AAC7D,IAAA,MAAM,YAAY,KAAA,CAAM,IAAA,CAAK,IAAI,UAAA,CAAW,UAAU,CAAC,CAAA;AACvD,IAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,SAAS,CAAC,CAAA;AACrD,IAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AAAA,EACrB,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,MAAM,mCAAmC,CAAA;AAAA,EACrD;AACF;AAKO,SAAS,aAAA,GAAwB;AACtC,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,EAAE,CAAA;AAC/B,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,KAAK,CAAC,CAAA;AACjD,EAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AACrB;;;AC1CO,SAAS,YAAY,IAAA,EAAuB;AACjD,EAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,QAAA,EAAU;AACrC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,SAAA,GAAY,iEAAA;AAClB,EAAA,OAAO,SAAA,CAAU,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,CAAA;AACnC;AAOO,SAAS,iBAAiB,QAAA,EAA2E;AAC1G,EAAA,IAAI,CAAC,QAAA,IAAY,QAAA,CAAS,IAAA,OAAW,EAAA,EAAI;AACvC,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,WAAA,CAAY,QAAQ,CAAA,EAAG;AAC1B,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,SAAS,IAAA,EAAK;AACzB;;;ACjCA,IAAM,qBAAA,GAAwB,CAAA;AAC9B,IAAM,YAAY,EAAA,GAAK,GAAA;AAEvB,IAAI,aAAA,GAAgB,CAAA;AACpB,IAAI,eAAA,GAAkB,CAAA;AA2Bf,SAAS,sBAAA,GAA+B;AAC7C,EAAA,aAAA,GAAgB,CAAA;AAChB,EAAA,eAAA,GAAkB,CAAA;AACpB;AAEO,SAAS,yBAAA,CAA0B,cAAsB,qBAAA,EAAgC;AAC9F,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,IAAI,GAAA,GAAM,kBAAkB,SAAA,EAAW;AACrC,IAAA,aAAA,GAAgB,CAAA;AAChB,IAAA,eAAA,GAAkB,GAAA;AAAA,EACpB;AACA,EAAA,IAAI,iBAAiB,WAAA,EAAa;AAChC,IAAA,aAAA,CAAc,eAAe,kBAAA,EAAoB;AAAA,MAC/C,OAAA,EAAS,2BAA2B,WAAW,CAAA,UAAA;AAAA,KAChD,CAAA;AACD,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,aAAA,EAAA;AACA,EAAA,OAAO,IAAA;AACT;;;ACrBO,SAAS,kBAAkB,MAAA,EAA4B;AAC5D,EAAA,MAAM,UAAA,GAAa,gBAAA,CAAiB,MAAA,CAAO,QAAQ,CAAA;AACnD,EAAA,IAAI,CAAC,WAAW,OAAA,EAAS;AACvB,IAAA,MAAA,CAAO,KAAK,6BAAA,EAA+B,EAAE,QAAA,EAAU,MAAA,CAAO,UAAU,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,gBAAA,EAAiB,IAAK,MAAA,CAAO,UAAA;AAC9D,EAAA,MAAM,kBAAA,GAAqB,OAAO,cAAA,EAAe;AACjD,EAAA,oBAAA,CAAqB;AAAA,IACnB,aAAA,EAAe,iBAAA;AAAA,IACf,QAAA,EAAU,OAAO,MAAA,CAAO,QAAA;AAAA,IACxB,UAAA,EAAY,MAAA,CAAO,MAAA,CAAO,UAAA,IAAc,OAAO,MAAA,CAAO,QAAA;AAAA,IACtD,WAAA,EAAa,kBAAA;AAAA,IACb,WAAA,EAAa,kBAAA;AAAA,IACb,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,SAAA,EAAW,OAAO,SAAA,IAAa,EAAA;AAAA,IAC/B,UAAA,EAAY,OAAO,SAAA,IAAa;AAAA,GACjC,CAAA;AACD,EAAA,IAAI,OAAO,SAAA,EAAW;AACpB,IAAA,UAAA,CAAW,YAAA,CAAa,SAAA,EAAW,MAAA,CAAO,SAAS,CAAA;AAAA,EACrD;AACF;AAEA,eAAsB,iBAAiB,MAAA,EAAqC;AAC1E,EAAA,IAAI;AACF,IAAA,MAAA,CAAO,KAAK,qCAAqC,CAAA;AAEjD,IAAA,MAAM,mBAAA,GAAsB,OAAO,gBAAA,EAAiB;AACpD,IAAA,MAAM,uBAAuB,mBAAA,IAAuB,MAAA,EAAQ,cAAc,EAAA,EAAI,OAAA,CAAQ,QAAQ,EAAE,CAAA;AAChG,IAAA,MAAM,oBAAA,GAAuB,OAAO,cAAA,EAAe;AACnD,IAAA,MAAM,iBAAA,GAAoB,QAAQ,QAAA,IAAY,EAAA;AAC9C,IAAA,MAAM,iBAAA,GAAoB,MAAA,EAAQ,MAAA,EAAQ,QAAA,IAAY,EAAA;AAEtD,IAAA,MAAA,CAAO,MAAM,oCAAA,EAAsC;AAAA,MACjD,mBAAA,EAAqB,sBAAsB,YAAA,GAAe,SAAA;AAAA,MAC1D,mBAAA;AAAA,MACA,oBAAA;AAAA,MACA,iBAAA;AAAA,MACA,iBAAA;AAAA,MACA,MAAA,EAAQ,QAAQ,MAAA,EAAQ,MAAA;AAAA,MACxB,UAAA,EAAY,CAAC,CAAC,cAAA;AAAe,KAC9B,CAAA;AAED,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,IAAI,KAAA,IAAS,CAAC,oBAAA,EAAqB,EAAG;AACpC,MAAA,MAAA,CAAO,MAAM,gDAAgD,CAAA;AAC7D,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,eAAc,EAAG;AACnB,MAAA,MAAA,CAAO,MAAM,yEAAyE,CAAA;AACtF,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,kBAAiB,EAAG;AACtB,MAAA,IAAI,eAAA,CAAgB,GAAI,CAAA,EAAG;AACzB,QAAA,MAAA,CAAO,KAAK,wDAAwD,CAAA;AACpE,QAAA,cAAA,EAAe;AAAA,MACjB,CAAA,MAAO;AACL,QAAA,MAAA,CAAO,MAAM,qEAAqE,CAAA;AAClF,QAAA;AAAA,MACF;AAAA,IACF;AAEA,IAAA,YAAA,EAAa;AAEb,IAAA,IACE,EAAE,MAAA,CAAO,gBAAA,EAAiB,IAAK,MAAA,EAAQ,UAAA,CAAA,IACvC,CAAC,MAAA,CAAO,MAAA,EAAQ,QAAA,IAChB,CAAC,MAAA,CAAO,QAAQ,WAAA,EAChB;AACA,MAAA,MAAA,CAAO,MAAM,mDAAA,EAAqD;AAAA,QAChE,mBAAA;AAAA,QACA,QAAA,EAAU,QAAQ,MAAA,EAAQ,QAAA;AAAA,QAC1B,wBAAA,EAA0B,QAAQ,MAAA,EAAQ,WAAA;AAAA,QAC1C;AAAA,OACD,CAAA;AACD,MAAA,MAAM,IAAI,MAAM,4CAA4C,CAAA;AAAA,IAC9D;AAEA,IAAA,iBAAA,CAAkB,MAAM,CAAA;AAExB,IAAA,MAAA,CAAO,MAAM,0DAA0D,CAAA;AAEvE,IAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,IAAA,aAAA,CAAc,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAC7C,IAAA,uBAAA,EAAwB;AAExB,IAAA,MAAM,eAAe,oBAAA,EAAqB;AAC1C,IAAA,MAAM,aAAA,GAAgB,MAAM,qBAAA,CAAsB,YAAY,CAAA;AAC9D,IAAA,MAAM,QAAQ,aAAA,EAAc;AAE5B,IAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,IAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,IAAA,UAAA,CAAW,YAAA,CAAa,cAAc,YAAY,CAAA;AAClD,IAAA,UAAA,CAAW,YAAA,CAAa,OAAO,KAAK,CAAA;AAEpC,IAAA,MAAM,OAAA,GAAU,qBAAA,CAAsB,MAAA,EAAQ,aAAA,EAAe,KAAK,CAAA;AAClE,IAAA,MAAA,CAAO,MAAM,4CAAA,EAA8C;AAAA,MACzD,mBAAA;AAAA,MACA,SAAA,EAAW,OAAA,EAAS,KAAA,CAAM,CAAA,EAAG,EAAE;AAAA,KAChC,CAAA;AAED,IAAA,IACE,CAAC,OAAA,IACD,EAAE,OAAA,CAAQ,UAAA,CAAW,SAAS,CAAA,IAAK,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,CAAA,EAChE;AACA,MAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,IACvD;AAEA,IAAA,IAAI,CAAC,2BAA0B,EAAG;AAChC,MAAA,MAAA,CAAO,KAAK,0DAA0D,CAAA;AACtE,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,MAAA,CAAO,KAAK,qCAAqC,CAAA;AACjD,IAAA,aAAA,CAAc,eAAe,aAAA,EAAe,EAAE,SAAA,EAAW,MAAA,CAAO,WAAW,CAAA;AAE3E,IAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,IAAA,IAAI,OAAA,EAAS;AACX,MAAA,MAAA,CAAO,MAAM,8DAA8D,CAAA;AAC3E,MAAA,OAAA,CAAQ,WAAA,CAAY,SAAS,OAAO,CAAA;AAAA,IACtC,CAAA,MAAA,IAAW,OAAO,MAAA,KAAW,WAAA,EAAa;AACxC,MAAA,MAAA,CAAO,MAAM,yDAAyD,CAAA;AACtE,MAAA,MAAA,CAAO,QAAA,CAAS,QAAQ,OAAO,CAAA;AAAA,IACjC,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,KAAA,CAAM,8DAAA,EAAgE,EAAE,OAAA,EAAS,CAAA;AAAA,IAC1F;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,cAAA,EAAe;AACf,IAAA,MAAA,CAAO,MAAM,8BAAA,EAAgC;AAAA,MAC3C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AACF;AAEA,SAAS,qBAAA,CACP,MAAA,EACA,aAAA,EACA,KAAA,EACQ;AACR,EAAA,MAAM,cAAA,GAAA,CAAkB,OAAO,gBAAA,EAAiB,IAAK,OAAO,UAAA,IAAc,EAAA,EAAI,OAAA,CAAQ,MAAA,EAAQ,EAAE,CAAA;AAChG,EAAA,IAAIA,cAAY,EAAG;AACjB,IAAA,MAAA,CAAO,MAAM,4BAAA,EAA8B;AAAA,MACzC,UAAA,EAAY,cAAA;AAAA,MACZ,QAAA,EAAU,OAAO,MAAA,CAAO,QAAA;AAAA,MACxB,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,MAC3B,MAAA,EAAQ,OAAO,MAAA,CAAO;AAAA,KACvB,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,gBAAgB,MAAA,CAAO,QAAA;AAC7B,EAAA,MAAM,aAAA,GAAgB,OAAO,MAAA,CAAO,QAAA;AAEpC,EAAA,MAAM,gBAAA,GAAmB,OAAO,cAAA,EAAe;AAE/C,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,IACjC,SAAA,EAAW,UAAU,aAAa,CAAA,CAAA;AAAA,IAClC,SAAA,EAAW,aAAA;AAAA,IACX,YAAA,EAAc,gBAAA;AAAA,IACd,aAAA,EAAe,qBAAA;AAAA,IACf,KAAA,EAAO,OAAO,MAAA,CAAO,MAAA;AAAA,IACrB,KAAA;AAAA,IACA,cAAA,EAAgB,aAAA;AAAA,IAChB,qBAAA,EAAuB;AAAA,GACxB,CAAA;AAED,EAAA,OAAO,CAAA,EAAG,cAAc,CAAA,mBAAA,EAAsB,MAAA,CAAO,UAAU,CAAA,CAAA;AACjE;ACxKA,SAAS,WAAA,GAAuB;AAC9B,EAAA,OAAO,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AAC7D;AAEA,SAAS,YAAA,GAAwB;AAC/B,EAAA,OAAO,oBAAA,EAAqB;AAC9B;AAEA,SAAS,cAAA,GAAuB;AAC9B,EAAA,qBAAA,EAAsB;AACxB;AAEA,SAAS,aAAA,GAAsB;AAC7B,EAAA,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAA,EAAG,MAAM,CAAA;AACtD,EAAA,uBAAA,EAAwB;AAC1B;AAEA,SAAS,eAAA,GAAwB;AAC/B,EAAA,uBAAA,EAAwB;AACxB,EAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACnD;AAEA,IAAI,UAAA,GAAa,KAAA;AAcjB,SAAS,YAAA,GAAqB;AAC5B,EAAA,IAAI,UAAA,EAAY;AAChB,EAAA,IAAI,cAAa,EAAG;AACpB,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,KAAA,GAAQ,OAAA,GACV,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,MAAM,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAQ,CAAA,CAAA,GAC3F,OAAO,MAAA,KAAW,WAAA,GAAc,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA,CAAA,GAAK,GAAA;AAC9F,EAAA,IAAI,OAAA,EAAS,OAAA,CAAQ,WAAA,CAAY,YAAA,CAAa,KAAK,CAAA;AAAA,OAAA,IAC1C,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAQ,YAAA,CAAa,EAAC,EAAG,OAAO,QAAA,KAAa,WAAA,GAAc,QAAA,CAAS,KAAA,GAAQ,IAAI,KAAK,CAAA;AACpI,EAAA,UAAA,GAAa,IAAA;AACf;AAEA,SAAS,iBAAA,GAA0B;AACjC,EAAA,cAAA,EAAe;AACjB;AAMA,eAAe,+BAAA,GAIL;AACR,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,aAAa,gBAAA,EAAiB,IAAK,YAAA,EAAa,IAAK,IAAI,IAAA,EAAK;AACpE,EAAA,IAAI,CAAC,OAAA,EAAS,cAAA,IAAkB,CAAC,SAAA,EAAW;AAC1C,IAAA,MAAA,CAAO,MAAM,gFAAA,EAA6E;AAAA,MACxF,WAAA,EAAa,CAAC,CAAC,OAAA,EAAS,cAAA;AAAA,MACxB,WAAW,SAAA,IAAa;AAAA,KACzB,CAAA;AACD,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,IAAI;AACF,IAAA,MAAM,EAAA,GAAK,MAAM,OAAA,CAAQ,cAAA,CAAe,QAAQ,SAAS,CAAA;AACzD,IAAA,IAAI,CAAC,EAAA,EAAI,MAAA,EAAQ,QAAA,IAAY,CAAC,GAAG,QAAA,EAAU;AACzC,MAAA,MAAA,CAAO,KAAK,6EAAA,EAA+E;AAAA,QACzF;AAAA,OACD,CAAA;AACD,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,iBAAA,CAAkB,EAAE,CAAA;AACpB,IAAA,OAAO;AAAA,MACL,QAAA,EAAU,EAAA,CAAG,MAAA,CAAO,QAAA,CAAS,MAAK,IAAK,IAAA;AAAA,MACvC,aAAa,EAAA,CAAG,MAAA,CAAO,WAAA,EAAa,IAAA,MAAU,cAAA,EAAe;AAAA,MAC7D,QAAA,EAAU,EAAA,CAAG,QAAA,CAAS,IAAA,EAAK,IAAK;AAAA,KAClC;AAAA,EACF,SAAS,CAAA,EAAG;AACV,IAAA,MAAA,CAAO,KAAK,4DAAA,EAA8D;AAAA,MACxE,SAAA;AAAA,MACA,OAAO,CAAA,YAAa,KAAA,GAAQ,CAAA,CAAE,OAAA,GAAU,OAAO,CAAC;AAAA,KACjD,CAAA;AACD,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,eAAsB,cAAA,GAAmC;AACvD,EAAA,MAAM,aAAA,GAAgB,cAAA,EAAe,EAAG,WAAA,CAAY,eAAc,CAAE,MAAA;AACpE,EAAA,MAAM,eAAe,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,CAAO,SAAS,MAAA,GAAS,EAAA;AAC9E,EAAA,MAAA,CAAO,MAAM,mCAAA,EAAqC;AAAA,IAChD,aAAa,WAAA,EAAY;AAAA,IACzB,cAAc,YAAA,EAAa;AAAA,IAC3B,eAAe,aAAA,EAAc;AAAA,IAC7B,eAAe,aAAA,IAAiB,QAAA;AAAA,IAChC,cAAc,YAAA,IAAgB;AAAA,GAC/B,CAAA;AAED,EAAA,IAAI,aAAY,EAAG;AACjB,IAAA,MAAA,CAAO,KAAK,mDAAmD,CAAA;AAC/D,IAAA,IAAI,eAAc,EAAG;AACnB,MAAA,IAAI,CAAC,YAAA,EAAa,EAAG,YAAA,EAAa;AAAA,IACpC;AACA,IAAA,cAAA,EAAe;AACf,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,cAAa,EAAG;AAClB,IAAA,MAAA,CAAO,KAAK,gEAAgE,CAAA;AAC5E,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,kBAAkB,YAAA,EAAa;AACrC,EAAA,MAAM,gBAAA,GAAmB,kBAAiB,IAAK,eAAA;AAE/C,EAAA,IAAI,gBAAA,IAAoB,eAAA,IAAmB,gBAAA,KAAqB,eAAA,EAAiB;AAC/E,IAAA,MAAA,CAAO,KAAK,2DAAA,EAA6D;AAAA,MACvE,gBAAA;AAAA,MACA;AAAA,KACD,CAAA;AACD,IAAA,eAAA,EAAgB;AAChB,IAAA,iBAAA,EAAkB;AAClB,IAAA,eAAA,EAAgB;AAChB,IAAA,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAA,EAAG,MAAM,CAAA;AACnD,IAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAG,gBAAgB,CAAA;AAC5D,IAAA,YAAA,CAAa,gBAAgB,CAAA;AAC7B,IAAA,IAAI,aAAA,IAAiB,YAAA,EAAa;AAClC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,eAAc,EAAG;AACpB,IAAA,MAAA,CAAO,KAAK,gDAAgD,CAAA;AAC5D,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,cAAA,EAAe;AACf,EAAA,cAAA,EAAe;AACf,EAAA,UAAA,GAAa,KAAA;AAEb,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,cAAA,EAAe,EAAG,WAAA,CAAY,aAAA,EAAc,CAAE,MAAA,KAAW,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,EAAA,CAAA;AACjI,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAM,CAAA;AACzC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,GAAA,CAAI,MAAM,CAAA;AAC9B,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AAChC,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AAEhC,IAAA,IAAI,KAAA,IAAS,CAAC,IAAA,IAAQ,CAAC,KAAA,EAAO;AAC5B,MAAA,MAAA,CAAO,MAAM,sDAAA,EAAwD,EAAE,KAAA,EAAO,IAAA,EAAM,OAAO,CAAA;AAC3F,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,MAAM,cAAc,QAAA,EAAS;AAC7B,IAAA,IAAI,CAAC,WAAA,IAAe,WAAA,KAAgB,KAAA,EAAO;AACzC,MAAA,MAAM,0BAA0B,gBAAA,EAAiB;AACjD,MAAA,MAAM,oBAAoB,gBAAA,EAAiB;AAC3C,MAAA,MAAM,gBAAA,GAAmB,uBAAA,IAA2B,iBAAA,IAAqB,uBAAA,KAA4B,iBAAA;AACrG,MAAA,IAAI,gBAAA,EAAkB;AACpB,QAAA,MAAA,CAAO,KAAK,gEAAgE,CAAA;AAAA,MAC9E,CAAA,MAAO;AACL,QAAA,MAAA,CAAO,MAAM,oEAAoE,CAAA;AAAA,MACnF;AACA,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,YAAA,EAAa;AACb,MAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAG,MAAM,CAAA;AAClD,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAA,CAAO,MAAM,8CAA8C,CAAA;AAC3D,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,IAAI,WAAW,WAAA,EAAY;AAC3B,IAAA,IAAI,cAAc,cAAA,EAAe;AACjC,IAAA,IAAI,WAAW,WAAA,EAAY;AAE3B,IAAA,IAAI,CAAC,QAAA,IAAY,CAAC,WAAA,IAAe,CAAC,QAAA,EAAU;AAC1C,MAAA,MAAA,CAAO,KAAK,wEAAA,EAAqE;AAAA,QAC/E,WAAA,EAAa,CAAC,CAAC,QAAA;AAAA,QACf,cAAA,EAAgB,CAAC,CAAC,WAAA;AAAA,QAClB,WAAA,EAAa,CAAC,CAAC;AAAA,OAChB,CAAA;AACD,MAAA,MAAM,SAAA,GAAY,MAAM,+BAAA,EAAgC;AACxD,MAAA,IAAI,SAAA,EAAW;AACb,QAAA,IAAI,CAAC,WAAA,EAAa,WAAA,GAAc,SAAA,CAAU,WAAA;AAC1C,QAAA,IAAI,CAAC,QAAA,EAAU,QAAA,GAAW,SAAA,CAAU,QAAA;AAEpC,QAAA,QAAA,GACE,WAAA,EAAY,IAAK,kCAAA,CAAmC,SAAA,CAAU,QAAQ,CAAA,IAAK,IAAA;AAAA,MAC/E;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,QAAA,IAAY,CAAC,WAAA,IAAe,CAAC,QAAA,EAAU;AAC1C,MAAA,MAAA,CAAO,MAAM,6DAAA,EAA+D;AAAA,QAC1E,WAAA,EAAa,CAAC,CAAC,QAAA;AAAA,QACf,cAAA,EAAgB,CAAC,CAAC,WAAA;AAAA,QAClB,WAAA,EAAa,CAAC,CAAC;AAAA,OAChB,CAAA;AACD,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAGA,IAAA,MAAM,gBAAgB,cAAA,EAAe;AACrC,IAAA,IAAI,aAAA,IAAiB,CAAC,oBAAA,EAAqB,EAAG;AAC5C,MAAA,MAAA,CAAO,KAAK,4EAA4E,CAAA;AACxF,MAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,MAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,MAAA,iBAAA,EAAkB;AAClB,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,sBAAA,EAAuB;AACvB,MAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAA,CAAO,KAAK,oCAAoC,CAAA;AAChD,IAAA,MAAM,SAAA,GAAY,MAAM,qBAAA,CAAsB;AAAA,MAC5C,IAAA;AAAA,MACA,YAAA;AAAA,MACA,QAAA;AAAA,MACA,WAAA;AAAA,MACA;AAAA,KACD,CAAA;AAED,IAAA,IAAI,CAAC,WAAW,YAAA,EAAc;AAC5B,MAAA,MAAA,CAAO,MAAM,yCAAyC,CAAA;AACtD,MAAA,eAAA,EAAgB;AAChB,MAAA,iBAAA,EAAkB;AAClB,MAAA,YAAA,EAAa;AACb,MAAA,aAAA,CAAc,cAAA,CAAe,eAAA,EAAiB,EAAE,OAAA,EAAS,4BAA4B,CAAA;AACrF,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,IAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,IAAA,iBAAA,EAAkB;AAClB,IAAA,aAAA,EAAc;AACd,IAAA,YAAA,EAAa;AAEb,IAAA,MAAA,CAAO,KAAK,uCAAuC,CAAA;AACnD,IAAA,sBAAA,EAAuB;AACvB,IAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,IAAA,OAAO,IAAA;AAAA,EACT,SAAS,GAAA,EAAK;AACZ,IAAA,IAAI,KAAA,CAAM,YAAA,CAAa,GAAG,CAAA,EAAG;AAC3B,MAAA,MAAM,MAAA,GAAS,IAAI,QAAA,EAAU,MAAA;AAC7B,MAAA,MAAM,YAAA,GAAe,IAAI,QAAA,EAAU,IAAA;AACnC,MAAA,MAAM,YAAY,YAAA,EAAc,KAAA;AAChC,MAAA,MAAM,gBAAA,GAAmB,YAAA,EAAc,iBAAA,IAAqB,YAAA,EAAc,OAAA,IAAW,EAAA;AAErF,MAAA,IACE,MAAA,KAAW,OACX,SAAA,KAAc,eAAA,KACb,OAAO,gBAAgB,CAAA,CAAE,SAAS,cAAc,CAAA,IAChD,OAAO,gBAAgB,CAAA,CAAE,SAAS,gBAAgB,CAAA,IAClD,OAAO,gBAAgB,CAAA,CAAE,QAAA,CAAS,uBAAuB,CAAA,CAAA,EAC1D;AACA,QAAA,MAAMC,iBAAgB,cAAA,EAAe;AACrC,QAAA,MAAMC,WAAAA,GAAaD,cAAAA,IAAiB,CAAC,oBAAA,EAAqB;AAC1D,QAAA,IAAIC,WAAAA,EAAY;AACd,UAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,UAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,UAAA,iBAAA,EAAkB;AAClB,UAAA,aAAA,EAAc;AACd,UAAA,YAAA,EAAa;AACb,UAAA,MAAA,CAAO,KAAK,6EAA6E,CAAA;AACzF,UAAA,sBAAA,EAAuB;AACvB,UAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF;AAEA,MAAA,aAAA,CAAc,eAAe,eAAA,EAAiB;AAAA,QAC5C,OAAO,GAAA,CAAI,OAAA;AAAA,QACX,OAAA,EAAS,YAAA,EAAc,iBAAA,IAAqB,GAAA,CAAI;AAAA,OACjD,CAAA;AACD,MAAA,MAAA,CAAO,MAAM,qCAAA,EAAuC;AAAA,QAClD,MAAA;AAAA,QACA,UAAA,EAAY,IAAI,QAAA,EAAU,UAAA;AAAA,QAC1B,YAAA,EAAc,IAAI,QAAA,EAAU,IAAA;AAAA,QAC5B,SAAS,GAAA,CAAI,OAAA;AAAA,QACb,GAAA,EAAK,IAAI,MAAA,EAAQ;AAAA,OAClB,CAAA;AAAA,IACH,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,QACpC,OAAO,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,OAAO,GAAG;AAAA,OACvD,CAAA;AAAA,IACH;AAEA,IAAA,iBAAA,EAAkB;AAClB,IAAA,MAAM,gBAAgB,cAAA,EAAe;AACrC,IAAA,MAAM,UAAA,GAAa,aAAA,IAAiB,CAAC,oBAAA,EAAqB;AAC1D,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,sBAAA,EAAuB;AACvB,MAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,aAAA,CAAc,eAAe,eAAA,EAAiB;AAAA,MAC5C,OAAO,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,OAAO,GAAG;AAAA,KACvD,CAAA;AACD,IAAA,eAAA,EAAgB;AAChB,IAAA,IAAI,aAAA,IAAiB,YAAA,EAAa;AAClC,IAAA,OAAO,KAAA;AAAA,EACT;AACF;;;ACjWO,IAAM,eAAN,MAAwC;AAAA,EAC7C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,WAAA,EAAa,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,aAAA,EAAc;AAE/C,IAAA,cAAA,EAAe;AAEf,IAAA,MAAM,OAAA,GAAU,MAAM,cAAA,EAAe;AACrC,IAAA,IAAI,OAAA,EAAS;AACX,MAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,QAAA,IAAI,oBAAA,EAAqB,EAAG,OAAO,EAAE,WAAW,IAAA,EAAK;AACrD,QAAA,MAAM,IAAI,MAAA,EAAO;AACjB,QAAA,WAAA,CAAY,SAAS,CAAA,EAAG,CAAA,CAAE,MAAM,CAAA,EAAG,CAAA,CAAE,QAAQ,CAAA,CAAE,CAAA;AAC/C,QAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,MAC3B;AACA,MAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,IAC3B;AACA,IAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,MAAA,MAAM,IAAI,MAAA,EAAO;AACjB,MAAA,WAAA,CAAY,SAAS,CAAA,EAAG,CAAA,CAAE,MAAM,CAAA,EAAG,CAAA,CAAE,QAAQ,CAAA,CAAE,CAAA;AAAA,IACjD;AACA,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC3BO,IAAM,oBAAN,MAA6C;AAAA,EAClD,MAAM,QAAQ,QAAA,EAA4C;AACxD,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;ACLA,IAAI,aAAA,GAAmC,IAAA;AAEhC,SAAS,oBAAA,GAA0C;AACxD,EAAA,OAAO,aAAA;AACT;AAEO,SAAS,qBAAqB,MAAA,EAAiC;AACpE,EAAA,aAAA,GAAgB,MAAA;AAClB;;;ACIA,IAAI,gBAAA,GAAmB,CAAA;AACvB,IAAM,0BAAA,GAA6B,GAAA;AAEnC,eAAsB,sBAAA,GAA0C;AAC9D,EAAA,MAAM,SAAS,oBAAA,EAAqB;AACpC,EAAA,IAAI,MAAA,EAAQ;AACV,IAAA,IAAI;AACF,MAAA,OAAO,MAAM,OAAO,cAAA,EAAe;AAAA,IACrC,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AAEA,EAAA,MAAM,QAAQ,cAAA,EAAqB;AACnC,EAAA,IAAI,KAAA,IAAS,CAAC,oBAAA,EAAqB,EAAG,OAAO,KAAA;AAE7C,EAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,EAAA,IAAI,CAAC,YAAA,EAAc;AACjB,IAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,IAAA,IAAI,GAAA,GAAM,oBAAoB,0BAAA,EAA4B;AACxD,MAAA,gBAAA,GAAmB,GAAA;AACnB,MAAA,MAAA,CAAO,MAAM,mDAAmD,CAAA;AAAA,IAClE;AACA,IAAA,MAAM,IAAI,MAAM,kCAAkC,CAAA;AAAA,EACpD;AAEA,EAAA,OAAO,MAAM,kBAAA,EAA2B;AAC1C;AAEO,SAASC,eAAAA,GAAgC;AAC9C,EAAA,OAAO,cAAA,EAAqB;AAC9B;;;ACpCO,IAAM,cAAN,MAAuC;AAAA,EAC5C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACxB,IAAA,MAAM,MAAA,GAAS,MAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAEvD,IAAA,GAAA,CAAI,MAAM,yCAAyC,CAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,cAAA,GAAiB,MAAM,sBAAA,EAAuB;AACpD,MAAA,IAAI,cAAA,EAAgB;AAClB,QAAA,MAAA,CAAO,MAAM,kDAAkD,CAAA;AAC/D,QAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,MAC3B;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,KAAK,kDAAA,EAAoD;AAAA,QAC9D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,OAC7D,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,YAAY,gBAAA,EAAiB;AAEnC,IAAA,GAAA,CAAI,MAAM,mCAAA,EAAqC;AAAA,MAC7C,WAAW,SAAA,IAAa,QAAA;AAAA,MACxB,MAAA,EAAQ,YAAY,UAAA,GAAa;AAAA,KAClC,CAAA;AAED,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,0BAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,2CAAA,EAA8C,MAAA,EAAO,CAAE,IAAI,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,wCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;ACjDO,IAAM,mBAAN,MAA4C;AAAA,EACjD,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,WAAA,EAAa,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,aAAA,EAAc;AAE/C,IAAA,MAAM,YAAA,GAAe,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAC/D,IAAA,GAAA,CAAI,IAAA,CAAK,+CAAA,EAAiD,EAAE,YAAA,EAAc,CAAA;AAC1E,IAAA,aAAA,CAAc,eAAe,eAAA,EAAiB,EAAE,SAAA,EAAW,YAAA,IAAgB,QAAW,CAAA;AAEtF,IAAA,aAAA,CAAc,aAAA,CAAc,iBAAiB,CAAC,CAAA;AAC9C,IAAA,aAAA,CAAc,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAE7C,IAAA,MAAM,SAAA,GAAA,CAAa,YAAA,IAAgB,gBAAA,EAAiB,GAAI,MAAK,IAAK,IAAA;AAElE,IAAA,GAAA,CAAI,MAAM,wCAAA,EAA0C;AAAA,MAClD,WAAW,SAAA,IAAa,QAAA;AAAA,MACxB,kBAAkB,YAAA,IAAgB,QAAA;AAAA,MAClC,MAAA,EAAQ,YAAA,GAAe,gBAAA,GAAmB,SAAA,GAAY,UAAA,GAAa;AAAA,KACpE,CAAA;AAED,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,uCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,uCAAA,EAA0C,MAAA,EAAO,CAAE,IAAI,CAAA,CAAE;AAAA,OACrE;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,qDAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAGA,IAAA,IAAI;AACF,MAAA,MAAM,MAAML,cAAAA,EAAc;AAC1B,MAAA,oBAAA,CAAqB;AAAA,QACnB,YAAY,GAAA,CAAI,UAAA;AAAA,QAChB,eAAe,GAAA,CAAI,aAAA;AAAA,QACnB,aAAa,GAAA,CAAI,WAAA;AAAA,QACjB,OAAO,GAAA,CAAI,KAAA;AAAA,QACX,UAAA,EAAY,YAAA,CAAa,MAAA,EAAQ,UAAA,IAAc,IAAI,UAAA,IAAc,EAAA;AAAA,QACjE,QAAA,EAAU,GAAA,CAAI,QAAA,IAAY,YAAA,CAAa,MAAA,EAAQ,QAAA;AAAA,QAC/C,QAAA,EAAU,YAAA,CAAa,QAAA,IAAY,GAAA,CAAI,QAAA;AAAA,QACvC,SAAA;AAAA,QACA,UAAA,EAAY;AAAA,OACb,CAAA;AAAA,IACH,CAAA,CAAA,MAAQ;AAAA,IAER;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;ACxDO,IAAM,YAAN,MAAqC;AAAA,EAC1C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACxB,IAAA,MAAM,MAAA,GAAS,MAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AACvD,IAAA,MAAM,MAAM,MAAA,EAAO;AACnB,IAAA,GAAA,CAAI,KAAA,CAAM,mBAAA,EAAqB,EAAE,GAAA,EAAK,GAAA,CAAI,IAAA,EAAM,QAAA,EAAU,GAAA,CAAI,QAAA,EAAU,MAAA,EAAQ,GAAA,CAAI,MAAA,EAAQ,CAAA;AAE5F,IAAA,MAAM,iBAAA,GAAoB,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AAC9E,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,IAAI,iBAAA,IAAqB,CAAC,KAAA,EAAO;AAC/B,MAAA,GAAA,CAAI,KAAK,2FAA2F,CAAA;AACpG,MAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,MAAA,uBAAA,EAAwB;AAAA,IAC1B;AAEA,IAAA,MAAM,gBAAA,GAAmB,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAC,CAAA,KAAM,MAAA;AACzE,IAAA,IAAI,gBAAA,EAAkB,aAAA,CAAc,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAEnE,IAAA,MAAM,YAAY,gBAAA,EAAiB;AAEnC,IAAA,GAAA,CAAI,MAAM,iCAAA,EAAmC;AAAA,MAC3C,WAAW,SAAA,IAAa,QAAA;AAAA,MACxB,MAAA,EAAQ,YAAY,UAAA,GAAa;AAAA,KAClC,CAAA;AACD,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,0BAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,yCAAA,EAA4C,GAAA,CAAI,IAAI,CAAA,CAAE;AAAA,OAClE;AAAA,IACF;AAEA,IAAA,GAAA,CAAI,KAAA,CAAM,qCAAA,EAAuC,EAAE,SAAA,EAAW,CAAA;AAC9D,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,GAAA,CAAI,MAAM,oCAAA,EAAsC;AAAA,MAC9C,EAAA,EAAI,CAAC,CAAC,YAAA;AAAA,MACN,UAAU,YAAA,EAAc,QAAA;AAAA,MACxB,UAAA,EAAY,YAAA,EAAc,UAAA,GAAa,OAAA,GAAU,SAAA;AAAA,MACjD,QAAA,EAAU,cAAc,MAAA,EAAQ,QAAA;AAAA,MAChC,WAAA,EAAa,cAAc,MAAA,EAAQ;AAAA,KACpC,CAAA;AACD,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,wCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,GAAA,CAAI,MAAM,wDAAwD,CAAA;AAClE,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,GAAA,CAAI,MAAM,0DAA0D,CAAA;AACpE,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC/DA,IAAM,YAAA,GAAe,IAAI,YAAA,EAAa;AACtC,IAAM,iBAAA,GAAoB,IAAI,iBAAA,EAAkB;AAChD,IAAM,WAAA,GAAc,IAAI,WAAA,EAAY;AACpC,IAAM,gBAAA,GAAmB,IAAI,gBAAA,EAAiB;AAC9C,IAAM,SAAA,GAAY,IAAI,SAAA,EAAU;AAEzB,SAAS,gBAAgB,KAAA,EAAsC;AACpE,EAAA,QAAQ,KAAA;AAAO,IACb,KAAA,qBAAA;AACE,MAAA,OAAO,YAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,iBAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,WAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,gBAAA;AAAA,IACT,KAAA,gBAAA;AAAA,IACA,KAAA,cAAA;AAAA,IACA,KAAA,YAAA;AAAA,IACA,KAAA,OAAA;AAAA,IACA;AACE,MAAA,OAAO,SAAA;AAAA;AAEb;;;ACNA,SAAS,mBAAA,GAAsB;AAC7B,EAAA,OAAO,CAAC,MAAA,KAAmB,UAAA,CAAW,aAAA,CAAc,MAAM,CAAC,CAAA;AAC7D;AAEA,eAAsB,YAAA,GAA8B;AAClD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAA,CAAO,IAAA;AAAA,MACL;AAAA,KACF;AACA,IAAA;AAAA,EACF;AAEA,EAAA,IAAI,uBAAsB,EAAG;AAC3B,IAAA,MAAA,CAAO,MAAM,wDAAwD,CAAA;AACrE,IAAA;AAAA,EACF;AAEA,EAAA,sBAAA,EAAuB;AAEvB,EAAA,IAAI;AACF,IAAA,YAAA,CAAa,IAAI,CAAA;AAEjB,IAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAC9C,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,MAAM,UAAU,oBAAA,EAAqB;AACrC,IAAA,MAAM,aAAA,GAAgB,CAAC,EAAE,KAAA,IAAS,CAAC,OAAA,CAAA;AACnC,IAAA,MAAM,QAAA,GAAW,CAAC,CAAC,KAAA;AACnB,IAAA,MAAM,eAAA,GAAkB,CAAC,CAAC,eAAA,EAAgB;AAE1C,IAAA,MAAM,QAAQ,yBAAA,CAA0B;AAAA,MACtC,GAAA;AAAA,MACA,YAAY,mBAAA,EAAoB;AAAA,MAChC,aAAA,EAAe,oBAAA;AAAA,MACf,aAAA;AAAA,MACA,QAAA;AAAA,MACA,eAAA;AAAA,MACA,cAAA,EAAgB;AAAA,KACjB,CAAA;AAED,IAAA,aAAA,CAAc,cAAA,CAAe,wBAAA,EAA0B,EAAE,KAAA,EAAwB,CAAA;AAEjF,IAAA,MAAM,IAAA,GAAO,gBAAgB,KAAK,CAAA;AAClC,IAAA,MAAM,OAAA,GAAuB,EAAE,OAAA,EAAS,GAAA,EAAK,KAAA,EAAM;AACnD,IAAA,MAAM,IAAA,CAAK,QAAQ,OAAO,CAAA;AAAA,EAC5B,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,KAAA,YAAiB,gBAAgB,MAAM,KAAA;AAC3C,IAAA,MAAM,IAAI,cAAA,EAAe;AACzB,IAAA,CAAC,CAAA,EAAG,MAAA,IAAU,MAAA,EAAQ,KAAA,CAAM,kBAAA,EAAoB;AAAA,MAC9C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,oBAAA,CAAqB,OAAO,sCAAsC;AAAA,KACpE;AAAA,EACF,CAAA,SAAE;AACA,IAAA,wBAAA,EAAyB;AAAA,EAC3B;AACF;;;ACjFA,IAAI,sBAAA,GAA8D,IAAA;AAE3D,SAAS,0BAA0B,EAAA,EAA+C;AACvF,EAAA,sBAAA,GAAyB,EAAA;AAC3B;AAEO,SAAS,yBAAA,GAAiE;AAC/E,EAAA,OAAO,sBAAA;AACT;;;ACLA,eAAe,aAAA,GAA+B;AAC5C,EAAA,MAAM,SAAS,oBAAA,EAAqB;AACpC,EAAA,IAAI,MAAA,EAAQ;AACV,IAAA,MAAM,OAAO,IAAA,EAAK;AAClB,IAAA;AAAA,EACF;AACA,EAAA,MAAM,YAAA,EAAa;AACrB;AAEA,yBAAA,CAA0B,MAAM,eAAe,CAAA;AAE/C,eAAsB,SAAA,GAA2B;AAC/C,EAAA,OAAO,aAAA,EAAc;AACvB;;;AChBA,IAAI,SAAA,GAAY,KAAA;AAChB,IAAI,UAAA,GAAa,CAAA;AAEV,SAAS,eAAA,GAA0B;AACxC,EAAA,SAAA,GAAY,IAAA;AACZ,EAAA,UAAA,IAAc,CAAA;AACd,EAAA,OAAO,UAAA;AACT;AAEO,SAAS,eAAe,WAAA,EAA4B;AACzD,EAAA,IAAI,WAAA,KAAgB,MAAA,IAAa,WAAA,KAAgB,UAAA,EAAY;AAC7D,EAAA,SAAA,GAAY,KAAA;AACd;AAEO,SAAS,oBAAA,GAAgC;AAC9C,EAAA,OAAO,SAAA;AACT;;;AChBO,IAAM,YAAA,GAAe;AAAA,EAC1B,WAAA,EAAa,0BAAA;AAAA,EACb,YAAA,EAAc;AAChB,CAAA;;;ACMA,IAAI,UAAA,GAAa,KAAA;AACjB,IAAI,kBAAA,GAA6B,EAAA;AACjC,IAAI,aAAA,uBAAyC,GAAA,EAAI;AACjD,IAAI,aAAA,GAAuD,IAAA;AAE3D,SAAS,iBAAA,GAA4B;AACnC,EAAA,IAAI;AACF,IAAA,OAAO,SAAS,MAAA,IAAU,EAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAA;AAAA,EACT;AACF;AAEA,SAAS,cAAA,GAA2B;AAClC,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,OAAO,OAAA,CACJ,GAAA,CAAI,CAAC,MAAA,KAAW;AACf,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,OAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAAA,IACtE,CAAC,CAAA,CACA,MAAA,CAAO,CAAC,IAAA,KAAS,IAAA,CAAK,SAAS,CAAC,CAAA;AAAA,EACrC,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAC;AAAA,EACV;AACF;AAEA,SAAS,YAAA,GAAoC;AAC3C,EAAA,MAAM,SAAA,uBAAgB,GAAA,EAAoB;AAC1C,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,IAAI,QAAQ,CAAA,CAAA,EAAI;AACd,QAAA,MAAM,OAAO,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,EAAE,IAAA,EAAK;AAC7C,QAAA,MAAM,QAAQ,MAAA,CAAO,SAAA,CAAU,KAAA,GAAQ,CAAC,EAAE,IAAA,EAAK;AAC/C,QAAA,IAAI,KAAK,MAAA,GAAS,CAAA,EAAG,SAAA,CAAU,GAAA,CAAI,MAAM,KAAK,CAAA;AAAA,MAChD;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,SAAA;AACT;AAEA,SAAS,mBAAA,GAA+B;AACtC,EAAA,IAAI;AACF,IAAA,MAAM,kBAAkB,iBAAA,EAAkB;AAC1C,IAAA,MAAM,mBAAmB,YAAA,EAAa;AACtC,IAAA,MAAM,iBAAiB,cAAA,EAAe;AAEtC,IAAA,IAAI,kBAAA,IAAsB,CAAC,eAAA,EAAiB;AAC1C,MAAA,MAAA,CAAO,KAAK,8BAA8B,CAAA;AAC1C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,aAAA,CAAc,OAAO,CAAA,EAAG;AAC1B,MAAA,MAAM,eAAA,GAAkB;AAAA,QACtB,YAAA,CAAa,WAAA;AAAA,QACb,YAAA,CAAa,YAAA;AAAA,QACb,aAAA;AAAA,QACA,0BAAA;AAAA,QACA,2BAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA;AAAA,OACF;AAEA,MAAA,MAAM,qBAA+B,EAAC;AACtC,MAAA,KAAA,MAAW,CAAC,UAAU,CAAA,IAAK,aAAA,EAAe;AACxC,QAAA,MAAM,eAAe,eAAA,CAAgB,IAAA;AAAA,UAAK,CAAC,aACzC,UAAA,CAAW,WAAA,GAAc,QAAA,CAAS,QAAA,CAAS,aAAa;AAAA,SAC1D;AACA,QAAA,IAAI,YAAA,IAAgB,CAAC,gBAAA,CAAiB,GAAA,CAAI,UAAU,CAAA,EAAG;AACrD,UAAA,kBAAA,CAAmB,KAAK,UAAU,CAAA;AAAA,QACpC;AAAA,MACF;AACA,MAAA,IAAI,kBAAA,CAAmB,SAAS,CAAA,EAAG;AACjC,QAAA,MAAA,CAAO,KAAK,+BAAA,EAAiC;AAAA,UAC3C,cAAA,EAAgB,kBAAA;AAAA,UAChB,qBAAqB,aAAA,CAAc,IAAA;AAAA,UACnC,oBAAoB,gBAAA,CAAiB;AAAA,SACtC,CAAA;AACD,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,mBAAA,GACJ,cAAc,GAAA,CAAI,YAAA,CAAa,WAAW,CAAA,IAC1C,aAAA,CAAc,IAAI,0BAA0B,CAAA;AAC9C,MAAA,MAAM,mBAAA,GACJ,iBAAiB,GAAA,CAAI,YAAA,CAAa,WAAW,CAAA,IAC7C,gBAAA,CAAiB,IAAI,0BAA0B,CAAA;AACjD,MAAA,IAAI,mBAAA,IAAuB,CAAC,mBAAA,EAAqB;AAC/C,QAAA,MAAA,CAAO,KAAK,kDAAkD,CAAA;AAC9D,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,oBAAA,GACJ,cAAc,GAAA,CAAI,YAAA,CAAa,YAAY,CAAA,IAC3C,aAAA,CAAc,IAAI,2BAA2B,CAAA;AAC/C,MAAA,MAAM,oBAAA,GACJ,iBAAiB,GAAA,CAAI,YAAA,CAAa,YAAY,CAAA,IAC9C,gBAAA,CAAiB,IAAI,2BAA2B,CAAA;AAClD,MAAA,IAAI,oBAAA,IAAwB,CAAC,oBAAA,EAAsB;AACjD,QAAA,MAAA,CAAO,KAAK,mDAAmD,CAAA;AAC/D,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,IACE,aAAA,CAAc,OAAO,gBAAA,CAAiB,IAAA,IACtC,cAAc,IAAA,GAAO,gBAAA,CAAiB,QAAQ,CAAA,EAC9C;AACA,QAAA,MAAM,iBAA2B,EAAC;AAClC,QAAA,KAAA,MAAW,CAAC,UAAU,CAAA,IAAK,aAAA,EAAe;AACxC,UAAA,IAAI,CAAC,gBAAA,CAAiB,GAAA,CAAI,UAAU,CAAA,EAAG,cAAA,CAAe,KAAK,UAAU,CAAA;AAAA,QACvE;AACA,QAAA,MAAM,0BAA0B,cAAA,CAAe,MAAA;AAAA,UAAO,CAAC,SACrD,eAAA,CAAgB,IAAA;AAAA,YAAK,CAAC,aACpB,IAAA,CAAK,WAAA,GAAc,QAAA,CAAS,QAAA,CAAS,aAAa;AAAA;AACpD,SACF,CAAE,MAAA;AACF,QAAA,IAAI,0BAA0B,CAAA,EAAG;AAC/B,UAAA,MAAA,CAAO,KAAK,6CAAA,EAA+C;AAAA,YACzD,cAAA;AAAA,YACA,gBAAA,EAAkB,uBAAA;AAAA,YAClB,eAAe,aAAA,CAAc,IAAA;AAAA,YAC7B,cAAc,gBAAA,CAAiB;AAAA,WAChC,CAAA;AACD,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAEA,IAAA,kBAAA,GAAqB,eAAA;AACrB,IAAA,aAAA,GAAgB,IAAI,IAAI,gBAAgB,CAAA;AACxC,IAAA,OAAO,KAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,wBAAA,EAA0B;AAAA,MACpC,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,SAAS,oBAAA,GAA6B;AACpC,EAAA,IAAI,sBAAqB,EAAG;AAC1B,IAAA,MAAA,CAAO,MAAM,6EAAwE,CAAA;AACrF,IAAA;AAAA,EACF;AACA,EAAA,IAAI;AACF,IAAA,MAAA,CAAO,KAAK,sEAAsE,CAAA;AAElF,IAAA,gBAAA,EAAiB;AACjB,IAAA,uBAAA,EAAwB;AAExB,IAAA,MAAM,KAAK,yBAAA,EAA0B;AACrC,IAAA,IAAI,EAAA,EAAI;AACN,MAAA,OAAA,CAAQ,QAAQ,EAAA,EAAI,CAAA,CAAE,KAAA,CAAM,CAAC,KAAA,KAAU;AACrC,QAAA,MAAA,CAAO,MAAM,mDAAA,EAAqD;AAAA,UAChE,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,SAC7D,CAAA;AAAA,MACH,CAAC,CAAA;AAAA,IACH;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,gCAAA,EAAkC;AAAA,MAC7C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AACF;AAEO,SAAS,kBAAA,GAA2B;AACzC,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,MAAA,CAAO,MAAM,gCAAgC,CAAA;AAC7C,IAAA;AAAA,EACF;AAEA,EAAA,UAAA,GAAa,IAAA;AACb,EAAA,kBAAA,GAAqB,iBAAA,EAAkB;AACvC,EAAA,aAAA,GAAgB,YAAA,EAAa;AAE7B,EAAA,MAAM,iBAAiB,cAAA,EAAe;AACtC,EAAA,MAAM,cAAc,cAAA,CAAe,MAAA;AAAA,IACjC,CAAC,IAAA,KACC,IAAA,CAAK,aAAY,CAAE,QAAA,CAAS,aAAa,CAAA,IACzC,IAAA,CAAK,WAAA,EAAY,CAAE,SAAS,MAAM,CAAA,IAClC,KAAK,WAAA,EAAY,CAAE,SAAS,OAAO;AAAA,GACvC;AACA,EAAA,MAAA,CAAO,MAAM,wBAAA,EAA0B;AAAA,IACrC,oBAAoB,cAAA,CAAe,MAAA;AAAA,IACnC,iBAAiB,WAAA,CAAY,MAAA;AAAA,IAC7B,WAAA;AAAA,IACA,UAAA,EAAY;AAAA,GACb,CAAA;AAED,EAAA,aAAA,GAAgB,YAAY,YAAY;AACtC,IAAA,IAAI,sBAAqB,EAAG;AAC5B,IAAA,MAAM,iBAAiB,mBAAA,EAAoB;AAC3C,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAA,CAAO,KAAK,4CAA4C,CAAA;AACxD,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,aAAA,CAAc,aAAa,CAAA;AAC3B,QAAA,aAAA,GAAgB,IAAA;AAAA,MAClB;AACA,MAAA,UAAA,GAAa,KAAA;AAEb,MAAA,IAAI;AACF,QAAA,MAAM,oBAAA,EAAqB;AAAA,MAC7B,SAAS,KAAA,EAAO;AACd,QAAA,MAAA,CAAO,MAAM,sDAAA,EAAwD;AAAA,UACnE,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,SAC7D,CAAA;AAAA,MACH,CAAA,SAAE;AACA,QAAA,cAAA,CAAe,MAAM;AACnB,UAAA,IAAI,CAAC,YAAY,kBAAA,EAAmB;AAAA,QACtC,CAAC,CAAA;AAAA,MACH;AAAA,IACF;AAAA,EACF,GAAG,GAAI,CAAA;AAEP,EAAA,MAAA,CAAO,KAAK,yDAAyD,CAAA;AACvE;AAEO,SAAS,iBAAA,GAA0B;AACxC,EAAA,UAAA,GAAa,KAAA;AACb,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,aAAA,CAAc,aAAa,CAAA;AAC3B,IAAA,aAAA,GAAgB,IAAA;AAAA,EAClB;AACA,EAAA,kBAAA,GAAqB,EAAA;AACrB,EAAA,MAAA,CAAO,MAAM,wBAAwB,CAAA;AACvC;AAEO,SAAS,kBAAA,GAA2B;AACzC,EAAA,kBAAA,GAAqB,iBAAA,EAAkB;AACvC,EAAA,aAAA,GAAgB,YAAA,EAAa;AAC7B,EAAA,MAAM,iBAAiB,cAAA,EAAe;AACtC,EAAA,MAAM,cAAc,cAAA,CAAe,MAAA;AAAA,IACjC,CAAC,IAAA,KACC,IAAA,CAAK,aAAY,CAAE,QAAA,CAAS,aAAa,CAAA,IACzC,IAAA,CAAK,WAAA,EAAY,CAAE,SAAS,MAAM,CAAA,IAClC,KAAK,WAAA,EAAY,CAAE,SAAS,OAAO;AAAA,GACvC;AACA,EAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB;AAAA,IACnC,oBAAoB,cAAA,CAAe,MAAA;AAAA,IACnC,iBAAiB,WAAA,CAAY,MAAA;AAAA,IAC7B;AAAA,GACD,CAAA;AACH;;;AC3PA,IAAIM,WAAAA,GAAa,KAAA;AACjB,IAAI,gBAAA,GAAkC,IAAA;AACtC,IAAI,oBAAA,GAA+D,IAAA;AAEnE,SAAS,mBAAA,GAA+B;AACtC,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,MAAA,CAAO,MAAA,CAAO,YAAY,CAAA,CAAE,IAAA;AAAA,MACjD,CAAC,GAAA,KAAgB,UAAA,CAAW,GAAG,CAAA,KAAM;AAAA,KACvC;AACA,IAAA,IAAI,gBAAA,KAAqB,UAAA,IAAc,CAAC,cAAA,EAAgB,OAAO,IAAA;AAC/D,IAAA,gBAAA,GAAmB,iBAAiB,UAAA,GAAa,SAAA;AACjD,IAAA,OAAO,KAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,SAAS,mBAAmB,KAAA,EAA2B;AACrD,EAAA,IAAI,sBAAqB,EAAG;AAC5B,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,KAAA,CAAM,WAAA,KAAgB,OAAO,cAAA,EAAgB;AAChF,IAAA,MAAM,aAAa,mBAAA,EAAoB;AACvC,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,IAAI,sBAAqB,EAAG;AAC5B,MAAA,MAAA,CAAO,KAAK,+DAA+D,CAAA;AAC3E,MAAA,MAAM,KAAK,yBAAA,EAA0B;AACrC,MAAA,IAAI,EAAA,EAAI;AACN,QAAA,OAAA,CAAQ,QAAQ,EAAA,EAAI,CAAA,CAAE,KAAA,CAAM,CAAC,KAAA,KAAU;AACrC,UAAA,MAAA,CAAO,MAAM,gDAAA,EAAkD;AAAA,YAC7D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,WAC7D,CAAA;AAAA,QACH,CAAC,CAAA;AAAA,MACH;AAAA,IACF;AAAA,EACF;AACF;AAEO,SAAS,mBAAA,GAA4B;AAC1C,EAAA,IAAIA,WAAAA,EAAY;AAEhB,EAAAA,WAAAA,GAAa,IAAA;AACb,EAAA,mBAAA,EAAoB;AAEpB,EAAA,oBAAA,GAAuB,kBAAA;AACvB,EAAA,MAAA,CAAO,gBAAA,CAAiB,WAAW,oBAAoB,CAAA;AAEvD,EAAA,MAAM,YAAA,GAAe,YAAY,MAAM;AACrC,IAAA,IAAI,sBAAqB,EAAG;AAC5B,IAAA,MAAM,aAAa,mBAAA,EAAoB;AACvC,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,IAAI,sBAAqB,EAAG;AAC5B,MAAA,MAAA,CAAO,KAAK,yEAAyE,CAAA;AACrF,MAAA,aAAA,CAAc,YAAY,CAAA;AAC1B,MAAA,MAAM,KAAK,yBAAA,EAA0B;AACrC,MAAA,IAAI,EAAA,EAAI;AACN,QAAA,OAAA,CAAQ,QAAQ,EAAA,EAAI,CAAA,CAAE,KAAA,CAAM,CAAC,KAAA,KAAU;AACrC,UAAA,MAAA,CAAO,MAAM,gDAAA,EAAkD;AAAA,YAC7D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,WAC7D,CAAA;AACD,UAAA,IAAI,CAACA,aAAY,mBAAA,EAAoB;AAAA,QACvC,CAAC,CAAA;AAAA,MACH;AAAA,IACF;AAAA,EACF,GAAG,GAAI,CAAA;AAEP,EAAC,OAAkG,sCAAA,GAAyC,YAAA;AAC9I;AAEO,SAAS,kBAAA,GAA2B;AACzC,EAAAA,WAAAA,GAAa,KAAA;AACb,EAAA,IAAI,oBAAA,EAAsB;AACxB,IAAA,MAAA,CAAO,mBAAA,CAAoB,WAAW,oBAAoB,CAAA;AAC1D,IAAA,oBAAA,GAAuB,IAAA;AAAA,EACzB;AACA,EAAA,MAAM,GAAA,GAAM,MAAA;AACZ,EAAA,MAAM,aAAa,GAAA,CAAI,sCAAA;AACvB,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,aAAA,CAAc,UAAU,CAAA;AACxB,IAAA,OAAO,GAAA,CAAI,sCAAA;AAAA,EACb;AACF;;;AC1EO,SAAS,kBAAA,GAA2B;AACzC,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,WAAW,WAAA,EAAa;AAEtE,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,MAAM,QAAA,GAAW,OAAO,QAAA,CAAS,QAAA;AACjC,IAAA,MAAM,YAAY,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA,CAAE,OAAO,OAAO,CAAA;AAEpD,IAAA,MAAM,YAAA,GAAyB,CAAC,QAAQ,CAAA;AACxC,IAAA,IAAI,SAAA,CAAU,SAAS,CAAA,EAAG;AAExB,MAAA,KAAA,IAAS,IAAI,SAAA,CAAU,MAAA,GAAS,CAAA,EAAG,CAAA,IAAK,GAAG,CAAA,EAAA,EAAK;AAC9C,QAAA,MAAM,SAAS,GAAA,GAAM,SAAA,CAAU,MAAM,CAAC,CAAA,CAAE,KAAK,GAAG,CAAA;AAChD,QAAA,IAAI,CAAC,YAAA,CAAa,QAAA,CAAS,MAAM,CAAA,EAAG,YAAA,CAAa,KAAK,MAAM,CAAA;AAAA,MAC9D;AAAA,IACF;AAEA,IAAA,MAAM,UAAA,GAAa,CAAC,GAAA,EAAK,MAAA,CAAO,SAAS,QAAA,IAAY,GAAG,CAAA,CAAE,MAAA,CAAO,OAAO,CAAA;AAExE,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,MAAM,IAAA,GAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,KAAA,CAAM,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAEtE,MAAA,IAAI,CAAC,IAAA,EAAM;AAEX,MAAA,KAAA,MAAW,QAAQ,UAAA,EAAY;AAE7B,QAAA,QAAA,CAAS,MAAA,GAAS,CAAA,EAAG,IAAI,CAAA,6CAAA,EAAgD,IAAI,CAAA,CAAA;AAE7E,QAAA,KAAA,MAAW,UAAU,YAAA,EAAc;AACjC,UAAA,QAAA,CAAS,SAAS,CAAA,EAAG,IAAI,CAAA,6CAAA,EAAgD,IAAI,WAAW,MAAM,CAAA,CAAA;AAAA,QAChG;AAAA,MACF;AAAA,IACF;AAEA,IAAA,MAAA,CAAO,MAAM,2CAA2C,CAAA;AAAA,EAC1D,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,gCAAA,EAAkC;AAAA,MAC5C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AACF;;;ACvBA,SAAS,QAAA,CAAS,SAAiB,IAAA,EAAsB;AACvD,EAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,OAAO,CAAA;AAC3B,EAAA,MAAM,iBAAiB,IAAA,CAAK,UAAA,CAAW,GAAG,CAAA,GAAI,IAAA,GAAO,IAAI,IAAI,CAAA,CAAA;AAC7D,EAAA,GAAA,CAAI,WAAW,GAAA,CAAI,QAAA,CAAS,SAAS,GAAG,CAAA,GACpC,GAAG,GAAA,CAAI,QAAQ,GAAG,cAAA,CAAe,KAAA,CAAM,CAAC,CAAC,CAAA,CAAA,GACzC,GAAG,GAAA,CAAI,QAAQ,GAAG,cAAc,CAAA,CAAA;AACpC,EAAA,OAAO,IAAI,QAAA,EAAS;AACtB;AAQA,SAAS,YAAA,GAA8B;AACrC,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAE5C,IAAA,MAAM,IAAA,GAAO,QAAA,CAAS,aAAA,CAA+B,yBAAyB,CAAA;AAC9E,IAAA,IAAI,IAAA,EAAM,OAAA,EAAS,OAAO,IAAA,CAAK,OAAA;AAE/B,IAAA,MAAM,KAAA,GAAQ,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,+BAA+B,CAAA;AACnE,IAAA,IAAI,KAAA,EAAO,OAAO,kBAAA,CAAmB,KAAA,CAAM,CAAC,CAAC,CAAA;AAE7C,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAKA,eAAe,iBAAiB,SAAA,EAG7B;AACD,EAAA,MAAM,YAAY,YAAA,EAAa;AAE/B,EAAA,MAAM,OAAA,GAAkC;AAAA,IACtC,kBAAA,EAAoB,gBAAA;AAAA,IACpB,MAAA,EAAQ,uBAAA;AAAA,IACR,cAAA,EAAgB;AAAA,GAClB;AAEA,EAAA,IAAI,SAAA,EAAW;AACb,IAAA,OAAA,CAAQ,cAAc,CAAA,GAAI,SAAA;AAAA,EAC5B;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,EAAW;AAAA,MACtC,MAAA,EAAQ,MAAA;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,OAAA;AAAA,MACA,WAAA,EAAa,SAAA;AAAA,MACb,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAA,CAAO,KAAK,mCAAA,EAAqC;AAAA,QAC/C,QAAQ,QAAA,CAAS,MAAA;AAAA,QACjB,YAAY,QAAA,CAAS;AAAA,OACtB,CAAA;AACD,MAAA,OAAO,EAAE,SAAS,KAAA,EAAM;AAAA,IAC1B;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA,IAAK,EAAA;AAC5D,IAAA,IAAI,CAAC,WAAA,CAAY,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAC7C,MAAA,MAAA,CAAO,KAAK,8CAAA,EAAgD;AAAA,QAC1D,QAAQ,QAAA,CAAS;AAAA,OAClB,CAAA;AACD,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,UAAU,EAAE,OAAA,EAAS,MAAK,EAAE;AAAA,IACtD;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,IAAI,OAAuB,EAAC;AAC5B,IAAA,IAAI,IAAA,EAAM,MAAK,EAAG;AAChB,MAAA,IAAI;AACF,QAAA,IAAA,GAAO,IAAA,CAAK,MAAM,IAAI,CAAA;AAAA,MACxB,CAAA,CAAA,MAAQ;AACN,QAAA,MAAA,CAAO,KAAK,+DAA+D,CAAA;AAC3E,QAAA,OAAO,EAAE,SAAS,KAAA,EAAM;AAAA,MAC1B;AAAA,IACF;AACA,IAAA,MAAA,CAAO,IAAA,CAAK,iCAAA,EAAmC,EAAE,QAAA,EAAU,MAAM,CAAA;AAEjE,IAAA,IAAI,SAAS,IAAA,CAAK,OAAA,KAAY,IAAA,IAAQ,IAAA,CAAK,WAAW,IAAA,CAAA,EAAO;AAC3D,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,QAAA,EAAU,IAAA,EAAK;AAAA,IACzC;AAEA,IAAA,IAAI,CAAC,IAAA,IAAQ,IAAA,CAAK,IAAA,OAAW,EAAA,EAAI;AAC/B,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,UAAU,EAAE,OAAA,EAAS,MAAK,EAAE;AAAA,IACtD;AAEA,IAAA,MAAA,CAAO,IAAA,CAAK,iDAAA,EAAmD,EAAE,QAAA,EAAU,MAAM,CAAA;AACjF,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,IAAA,EAAK;AAAA,EAC1C,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,uCAAA,EAAyC;AAAA,MACnD,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,OAAO,EAAE,SAAS,KAAA,EAAM;AAAA,EAC1B;AACF;AAEA,SAAS,yBAAA,GAAkC;AACzC,EAAA,MAAA,CAAO,MAAM,gDAAgD,CAAA;AAE7D,EAAA,IAAI;AACF,IAAA,cAAA,EAAe,EAAG,cAAc,YAAA,EAAa;AAAA,EAC/C,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,kDAAA,EAAoD;AAAA,MAC/D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,kBAAA,EAAmB;AAEnB,EAAA,IAAI;AACF,IAAA,gBAAA,EAAiB;AAAA,EACnB,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,kCAAA,EAAoC;AAAA,MAC9C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,MAAA,CAAO,KAAK,kCAAkC,CAAA;AAChD;AAEA,SAAS,iBAAA,GAA6B;AACpC,EAAA,MAAM,QAAA,GAAW,cAAc,aAAa,CAAA;AAC5C,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,MAAM,YAAA,GAAe,WAAW,QAAQ,CAAA;AAExC,EAAA,IAAI,YAAA,EAAc;AAChB,IAAA,MAAM,QAAA,GAAW,OAAO,YAAY,CAAA;AACpC,IAAA,IAAI,CAAC,MAAA,CAAO,KAAA,CAAM,QAAQ,CAAA,IAAK,GAAA,GAAM,WAAW,GAAA,EAAM;AACpD,MAAA,MAAA,CAAO,MAAM,0DAAA,EAAuD;AAAA,QAClE,GAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,UAAA,CAAW,QAAA,EAAU,MAAA,CAAO,GAAG,CAAC,CAAA;AAChC,EAAA,OAAO,IAAA;AACT;AAEA,SAAS,iBAAA,GAA0B;AACjC,EAAA,IAAI;AACF,IAAA,aAAA,CAAc,aAAA,CAAc,aAAa,CAAC,CAAA;AAAA,EAC5C,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAQA,IAAI,cAAA,GAA+C,IAAA;AAEnD,eAAe,kBAAkB,SAAA,EAA2C;AAC1E,EAAA,MAAM,MAAM,eAAA,EAAgB;AAC5B,EAAA,MAAA,CAAO,IAAA,CAAK,sCAAA,EAAwC,EAAE,UAAA,EAAY,KAAK,CAAA;AAEvE,EAAA,kBAAA,EAAmB;AACnB,EAAA,iBAAA,EAAkB;AAElB,EAAA,IAAI,CAAC,mBAAkB,EAAG;AACxB,IAAA,cAAA,CAAe,GAAG,CAAA;AAClB,IAAA,MAAA,CAAO,MAAM,kDAA6C,CAAA;AAC1D,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,OAAA,EAAS,4CAAA,EAA6C;AAAA,EAChF;AAEA,EAAA,IAAI,mBAAA,GAAsB,KAAA;AAC1B,EAAA,IAAI,cAAA;AAEJ,EAAA,IAAI;AACF,IAAA,IAAI,SAAA,EAAW,MAAK,EAAG;AACrB,MAAA,wBAAA,CAAyB,UAAU,IAAA,EAAK,EAAG,EAAE,gBAAA,EAAkB,MAAM,CAAA;AACrE,MAAA,MAAA,CAAO,KAAK,oDAAA,EAAsD;AAAA,QAChE,SAAA,EAAW,UAAU,IAAA;AAAK,OAC3B,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,aAAaN,cAAAA,EAAc;AACjC,IAAA,MAAM,iBAAiB,UAAA,CAAW,aAAA;AAElC,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,SAAA,GAAY,QAAA,CAAS,cAAA,EAAgB,gBAAgB,CAAA;AAC3D,MAAA,MAAA,CAAO,IAAA,CAAK,4CAAA,EAA8C,EAAE,SAAA,EAAW,CAAA;AAEvE,MAAA,MAAM,YAAA,GAAe,MAAM,gBAAA,CAAiB,SAAS,CAAA;AACrD,MAAA,mBAAA,GAAsB,YAAA,CAAa,OAAA;AACnC,MAAA,cAAA,GAAiB,YAAA,CAAa,QAAA;AAE9B,MAAA,IAAI,CAAC,mBAAA,EAAqB;AACxB,QAAA,MAAA,CAAO,KAAK,qFAAA,EAAkF;AAAA,UAC5F,SAAA;AAAA,UACA;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,KAAK,yDAAoD,CAAA;AAAA,IAClE;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,gDAAA,EAAkD;AAAA,MAC7D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,IAAI;AACF,IAAA,yBAAA,EAA0B;AAAA,EAC5B,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,8BAAA,EAAgC;AAAA,MAC3C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,IAAI;AACF,IAAA,6BAAA,EAA8B;AAC9B,IAAA,MAAA,CAAO,MAAM,gFAAgF,CAAA;AAAA,EAC/F,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,2CAAA,EAA6C;AAAA,MACvD,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,IAAI;AACF,IAAA,kBAAA,EAAmB;AACnB,IAAA,mBAAA,EAAoB;AACpB,IAAA,MAAA,CAAO,KAAK,6BAA6B,CAAA;AAAA,EAC3C,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,iCAAA,EAAmC;AAAA,MAC7C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,iBAAA,EAAkB;AAClB,EAAA,cAAA,CAAe,GAAG,CAAA;AAClB,EAAA,MAAA,CAAO,IAAA,CAAK,8BAAA,EAAgC,EAAE,mBAAA,EAAqB,CAAA;AAEnE,EAAA,aAAA,CAAc,eAAe,gBAAA,EAAkB;AAAA,IAC7C,mBAAA;AAAA,IACA,WAAW,SAAA,EAAW,IAAA,EAAK,IAAKA,cAAAA,GAAgB,UAAA,IAAc,MAAA;AAAA,IAC9D,OAAA,EAAS,sBAAsB,uBAAA,GAA0B;AAAA,GAC1D,CAAA;AAED,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,IAAA;AAAA,IACT,OAAA,EAAS,mBAAA,GACL,cAAA,EAAgB,OAAA,IAAW,0CAAA,GAC3B,2EAAA;AAAA,IACJ;AAAA,GACF;AACF;AAKA,eAAsB,OAAO,SAAA,EAA2C;AACtE,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,MAAA,CAAO,MAAM,2CAA2C,CAAA;AACxD,IAAA,OAAO,cAAA;AAAA,EACT;AAEA,EAAA,cAAA,GAAiB,iBAAA,CAAkB,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM;AAC1D,IAAA,cAAA,GAAiB,IAAA;AAAA,EACnB,CAAC,CAAA;AAED,EAAA,OAAO,cAAA;AACT;ACjTO,IAAM,WAAA,GAAc,cAA4C,MAAS,CAAA;AAEzE,SAAS,cAAA,GAAmC;AACjD,EAAA,MAAM,OAAA,GAAU,WAAW,WAAW,CAAA;AACtC,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,MAAM,iDAAiD,CAAA;AAAA,EACnE;AACA,EAAA,OAAO,OAAA;AACT;;;ACFA,IAAM,eAAA,uBAAsB,GAAA,EAA0C;AACtE,IAAMO,kBAAiB,eAAA,CAAgB,MAAA;AAEvC,SAAS,wBAAA,GAAmC;AAC1C,EAAA,IAAI,IAAA,GAAO,OAAO,aAAA,EAAc;AAChC,EAAA,IAAI,OAAO,WAAW,WAAA,KAAgB,CAAC,QAAQ,IAAA,CAAK,UAAA,CAAW,GAAG,CAAA,CAAA,EAAI;AACpE,IAAA,IAAA,GAAO,MAAA,CAAO,QAAA,CAAS,MAAA,IAAU,IAAA,IAAQ,EAAA,CAAA;AAAA,EAC3C;AACA,EAAA,OAAO,IAAA;AACT;AAEA,IAAM,kBAAA,GAAqB,SAAA;AAE3B,SAAS,mBAAmB,UAAA,EAA4B;AACtD,EAAA,MAAM,6BAA6B,wBAAA,EAAyB;AAC5D,EAAA,MAAM,QAAQ,0BAAA,IAA8B,EAAA,EAAI,OAAA,CAAQ,oBAAA,EAAsB,EAAE,CAAA,IAAK,0BAAA;AACrF,EAAA,OAAO,CAAA,EAAG,IAAI,CAAA,sCAAA,EAAyC,kBAAA,CAAmB,UAAU,CAAC,CAAA,CAAA;AACvF;AAsBA,eAAsB,cAAc,SAAA,EAAiD;AACnF,EAAA,IAAI,CAAC,SAAA,IAAa,SAAA,CAAU,IAAA,OAAW,EAAA,EAAI;AACzC,IAAA,MAAA,CAAO,MAAM,kDAAkD,CAAA;AAC/D,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,UAAA,GAAa,UAAU,IAAA,EAAK;AAClC,EAAA,MAAM,UAAA,GAAa,iBAAiB,UAAU,CAAA,CAAA;AAC9C,EAAA,IAAI,eAAA,CAAgB,GAAA,CAAI,UAAU,CAAA,EAAG;AACnC,IAAA,MAAA,CAAO,KAAA,CAAM,sCAAA,EAAwC,EAAE,UAAA,EAAY,CAAA;AACnE,IAAA,OAAO,eAAA,CAAgB,IAAI,UAAU,CAAA;AAAA,EACvC;AAEA,EAAA,MAAA,CAAO,IAAA,CAAK,4BAAA,EAA8B,EAAE,UAAA,EAAY,CAAA;AAExD,EAAA,MAAM,kBAAkB,YAA0C;AAChE,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAM,mBAAmB,UAAU,CAAA;AACzC,MAAA,MAAA,CAAO,KAAA,CAAM,oBAAA,EAAsB,EAAE,GAAA,EAAK,CAAA;AAE1C,MAAA,IAAI,IAAA;AACJ,MAAA,IAAI;AACF,QAAA,MAAM,WAAW,MAAM,KAAA,CAAM,KAAK,EAAE,MAAA,EAAQ,OAAO,CAAA;AACnD,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI,MAAM,IAAI,KAAA,CAAM,CAAA,KAAA,EAAQ,QAAA,CAAS,MAAM,CAAA,CAAE,CAAA;AAC3D,QAAA,IAAA,GAAQ,MAAM,SAAS,IAAA,EAAK;AAC5B,QAAA,MAAA,CAAO,KAAA,CAAM,uBAAA,EAAyB,EAAE,UAAA,EAAY,CAAA;AAAA,MACtD,SAAS,KAAA,EAAO;AACd,QAAA,MAAA,CAAO,IAAA,CAAK,iBAAA,EAAmB,EAAE,UAAA,EAAY,OAAO,CAAA;AACpD,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,UAAU,OAAO,IAAA;AAE9C,MAAA,MAAM,GAAA,GAAM,IAAA;AACZ,MAAA,IAAI,CAAC,GAAA,CAAI,OAAA,IAAW,CAAC,GAAA,CAAI,MAAM,OAAO,IAAA;AAEtC,MAAA,MAAM,SAAS,GAAA,CAAI,IAAA;AACnB,MAAA,IAAI,CAAC,MAAA,CAAO,EAAA,IAAM,CAAC,MAAA,CAAO,YAAY,OAAO,IAAA;AAE7C,MAAA,MAAM,UAAA,GAAa,OAAO,gBAAA,EAAiB;AAC3C,MAAA,MAAM,WAAA,GAAc,OAAO,cAAA,EAAe;AAC1C,MAAA,IAAI,CAAC,UAAA,IAAc,CAAC,WAAA,EAAa;AAC/B,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,UAAA,CAAW,UAAA,CAAW,kBAAkB,CAAA,GACxE,MAAA,CAAO,UAAA,GACP,CAAA,EAAG,kBAAkB,CAAA,EAAG,MAAA,CAAO,UAAU,CAAA,CAAA;AAG7C,MAAA,MAAM,MAAA,GAAuB;AAAA,QAC3B,UAAU,MAAA,CAAO,EAAA;AAAA,QACjB,UAAA;AAAA,QACA,SAAA,EAAW,UAAA;AAAA,QACX,MAAA,EAAQ;AAAA,UACN,UAAU,MAAA,CAAO,UAAA;AAAA,UACjB,UAAA,EAAY,oBAAA;AAAA,UACZ,WAAA;AAAA,UACA,MAAA,EAAQA;AAAA;AACV,OACF;AACA,MAAA,MAAA,CAAO,KAAA,CAAM,wBAAA,EAA0B,EAAE,UAAA,EAAY,CAAA;AACrD,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,IAAA,CAAK,mCAAA,EAAqC,EAAE,UAAA,EAAY,OAAO,CAAA;AACtE,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,SAAE;AACA,MAAA,eAAA,CAAgB,OAAO,UAAU,CAAA;AAAA,IACnC;AAAA,EACF,CAAA,GAAG;AAEH,EAAA,eAAA,CAAgB,GAAA,CAAI,YAAY,cAAc,CAAA;AAC9C,EAAA,OAAO,cAAA;AACT;;;AChHO,SAAS,mBAAA,GAA8B;AAC5C,EAAA,OAAO;AAAA,IACL,IAAA,CAAK,SAAiB,IAAA,EAAgC;AACpD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,IAAA,CAAK,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACtE,CAAA;AAAA,IACA,IAAA,CAAK,SAAiB,IAAA,EAAgC;AACpD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,IAAA,CAAK,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACtE,CAAA;AAAA,IACA,KAAA,CAAM,SAAiB,IAAA,EAAgC;AACrD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,KAAA,CAAM,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACvE,CAAA;AAAA,IACA,KAAA,CAAM,SAAiB,IAAA,EAAgC;AACrD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,KAAA,CAAM,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACvE;AAAA,GACF;AACF;AAEO,SAAS,wBAAA,GAAwC;AACtD,EAAA,OAAO;AAAA,IACL,aAAA,GAA4B;AAC1B,MAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,QAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,MAAA,EAAQ,EAAA,EAAI,UAAU,GAAA,EAAK,MAAA,EAAQ,EAAA,EAAI,QAAA,EAAU,EAAA,EAAG;AAAA,MACzE;AACA,MAAA,MAAM,CAAA,GAAI,MAAA;AACV,MAAA,MAAM,MAAM,CAAA,CAAE,QAAA;AACd,MAAA,OAAO;AAAA,QACL,MAAM,GAAA,CAAI,IAAA;AAAA,QACV,QAAQ,GAAA,CAAI,MAAA;AAAA,QACZ,UAAU,GAAA,CAAI,QAAA;AAAA,QACd,QAAQ,GAAA,CAAI,MAAA;AAAA,QACZ,UAAU,GAAA,CAAI;AAAA,OAChB;AAAA,IACF,CAAA;AAAA,IACA,SAAS,GAAA,EAAmB;AAC1B,MAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAA,CAAS,QAAQ,GAAG,CAAA;AAAA,IAChE,CAAA;AAAA,IACA,aAAa,GAAA,EAAmB;AAC9B,MAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,MAAA,IAAI;AACF,QAAA,MAAM,KAAA,GAAQ,OAAO,QAAA,KAAa,WAAA,GAAc,SAAS,KAAA,GAAQ,EAAA;AACjE,QAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,OAAO,GAAG,CAAA;AAAA,MAC5C,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,GACF;AACF;AAGO,SAAS,oBAAA,GAAuC;AACrD,EAAA,OAAO;AAAA,IACL,aAAA,EAAe,MAAM,MAAA,CAAO,aAAA,EAAc;AAAA,IAC1C,gBAAA,EAAkB,MAAM,MAAA,CAAO,gBAAA,EAAiB;AAAA,IAChD,cAAA,EAAgB,MAAM,MAAA,CAAO,cAAA,EAAe;AAAA,IAC5C,aAAA,EAAe,MAAM,MAAA,CAAO,aAAA;AAAc,GAE5C;AACF;AAEO,SAAS,oBAAA,GAAuC;AACrD,EAAA,OAAO,EAAE,OAAA,EAAS,CAAC,SAAA,KAAsB,aAAA,CAAc,SAAS,CAAA,EAAE;AACpE;AAEO,SAAS,0BAAA,GAA4C;AAC1D,EAAA,OAAO;AAAA,IACL,YAAA,GAAqB;AACnB,MAAA,IAAI,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,WAAW,WAAA,EAAa;AACtE,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,QAAA,OAAA,CAAQ,OAAA,CAAQ,CAAC,MAAA,KAAW;AAC1B,UAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,UAAA,MAAM,IAAA,GAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAC1E,UAAA,QAAA,CAAS,MAAA,GAAS,GAAG,IAAI,CAAA,8CAAA,CAAA;AACzB,UAAA,MAAM,MAAA,GAAS,OAAO,QAAA,CAAS,QAAA;AAC/B,UAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AAC9B,UAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG;AACpB,YAAA,MAAM,eAAe,GAAA,GAAM,KAAA,CAAM,MAAM,CAAA,CAAE,CAAA,CAAE,KAAK,GAAG,CAAA;AACnD,YAAA,QAAA,CAAS,MAAA,GAAS,CAAA,EAAG,IAAI,CAAA,sDAAA,EAAyD,YAAY,CAAA,CAAA;AAAA,UAChG;AAAA,QACF,CAAC,CAAA;AAAA,MACH,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,GACF;AACF;;;AClFO,SAAS,wBAAA,GAAyC;AACvD,EAAA,OAAO;AAAA,IACL,MAAM,SAAS,YAAA,EAA2C;AACxD,MAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,MAAA,MAAM,iBAAiB,YAAY,CAAA;AAAA,IACrC,CAAA;AAAA,IAEA,MAAM,cAAA,GAAmC;AACvC,MAAA,OAAO,cAAA,EAAe;AAAA,IACxB,CAAA;AAAA,IAEA,MAAM,OAAA,GAA2B;AAC/B,MAAA,OAAO,kBAAA,EAAmB;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,OAAO,OAAA,EAAiD;AAC5D,MAAA,MAAM,MAAA,CAAc,SAAS,SAAS,CAAA;AAAA,IACxC;AAAA,GACF;AACF;;;ACzBO,SAAS,cAAA,GAGd;AACA,EAAA,MAAMC,UAAAA,uBAAgB,GAAA,EAAuB;AAE7C,EAAA,OAAO;AAAA,IACL,UAAU,QAAA,EAAyC;AACjD,MAAAA,UAAAA,CAAU,IAAI,QAAQ,CAAA;AACtB,MAAA,OAAO,MAAMA,UAAAA,CAAU,MAAA,CAAO,QAAQ,CAAA;AAAA,IACxC,CAAA;AAAA,IACA,KAAK,KAAA,EAA8B;AACjC,MAAAA,UAAAA,CAAU,OAAA,CAAQ,CAAC,EAAA,KAAO;AACxB,QAAA,IAAI;AACF,UAAA,EAAA,CAAG,KAAK,CAAA;AAAA,QACV,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF,CAAC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACXA,SAAS,WAAA,CAAY,GAAoB,CAAA,EAA6B;AACpE,EAAA,OACE,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,IACf,EAAE,WAAA,KAAgB,CAAA,CAAE,WAAA,IACpB,CAAA,CAAE,SAAA,KAAc,CAAA,CAAE,SAAA,IAClB,CAAA,CAAE,UAAU,CAAA,CAAE,KAAA;AAElB;AAEA,SAAS,YAAY,MAAA,EAA2C;AAC9D,EAAA,cAAA,CAAe,MAAM,CAAA;AACrB,EAAA,MAAM,cAAc,cAAA,EAAe;AACnC,EAAA,MAAM,YAAY,YAAA,EAAa;AAC/B,EAAA,MAAM,UAAU,oBAAA,EAAqB;AAErC,EAAA,IAAI,WAAA,IAAe,CAAC,OAAA,EAAS;AAC3B,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,eAAA;AAAA,MACR,WAAA;AAAA,MACA,SAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AACA,EAAA,IAAI,eAAe,OAAA,EAAS;AAC1B,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,OAAA;AAAA,MACR,WAAA;AAAA,MACA,SAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AACA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,iBAAA;AAAA,IACR,WAAA,EAAa,IAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,KAAA,EAAO;AAAA,GACT;AACF;AAEO,SAAS,iBAAiB,MAAA,EAAsC;AACrE,EAAA,MAAM,eAAe,MAAA,CAAO,MAAA,CAAO,EAAE,GAAG,QAAQ,CAAA;AAChD,EAAA,MAAM,MAAM,cAAA,EAAe;AAC3B,EAAA,IAAI,gBAAA,GAA2C,IAAA;AAC/C,EAAA,MAAM,QAAA,GAAW,YAAA,CAAa,QAAA,IAAY,wBAAA,EAAyB;AAEnE,EAAA,MAAM,YAAY,MAAY;AAC5B,IAAA,MAAM,IAAA,GAAO,YAAY,YAAY,CAAA;AACrC,IAAA,IAAI,gBAAA,KAAqB,IAAA,IAAQ,WAAA,CAAY,gBAAA,EAAkB,IAAI,CAAA,EAAG;AACtE,IAAA,gBAAA,GAAmB,IAAA;AACnB,IAAA,GAAA,CAAI,KAAK,IAAI,CAAA;AAAA,EACf,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,MAAM,IAAA,GAAsB;AAC1B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gCAAgC,CAAA;AAC1D,MAAA,MAAM,YAAA,EAAa;AACnB,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gDAAgD,CAAA;AAC1E,MAAA,MAAM,YAAA,EAAa;AACnB,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,OAAO,OAAA,EAAiD;AAC5D,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,eAAe,CAAA;AACzC,MAAA,MAAM,QAAA,CAAS,OAAO,OAAO,CAAA;AAC7B,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,OAAA,GAA2B;AAC/B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gBAAgB,CAAA;AAC1C,MAAA,IAAI;AACF,QAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,OAAA,EAAQ;AACrC,QAAA,SAAA,EAAU;AACV,QAAA,OAAO,KAAA;AAAA,MACT,SAAS,CAAA,EAAG;AACV,QAAA,SAAA,EAAU;AACV,QAAA,MAAM,CAAA;AAAA,MACR;AAAA,IACF,CAAA;AAAA,IAEA,MAAM,cAAA,GAAkC;AACtC,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,OAAO,sBAAA,EAAuB;AAAA,IAChC,CAAA;AAAA,IAEA,MAAM,cAAA,GAAmC;AACvC,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,uBAAuB,CAAA;AACjD,MAAA,MAAM,OAAA,GAAU,MAAM,QAAA,CAAS,cAAA,EAAe;AAC9C,MAAA,SAAA,EAAU;AACV,MAAA,OAAO,OAAA;AAAA,IACT,CAAA;AAAA,IAEA,UAAU,QAAA,EAAU;AAClB,MAAA,OAAO,GAAA,CAAI,UAAU,QAAQ,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,QAAA,GAA4B;AAC1B,MAAA,OAAO,YAAY,YAAY,CAAA;AAAA,IACjC;AAAA,GACF;AACF;ACpDO,SAAS,YAAA,CAAa;AAAA,EAC3B,QAAA;AAAA,EACA,QAAA,GAAW,IAAA;AAAA,EACX,MAAA;AAAA,EACA,UAAA;AAAA,EACA,UAAA;AAAA,EACA,aAAA;AAAA,EACA,WAAA;AAAA,EACA,KAAA,GAAQ,EAAA;AAAA,EACR;AACF,CAAA,EAAyC;AACvC,EAAA,MAAM,gBAAA,GAAmB,cAAc,MAAA,EAAQ,UAAA;AAC/C,EAAA,MAAM,gBAAA,GAAmB,cAAc,MAAA,EAAQ,UAAA;AAC/C,EAAA,MAAM,mBAAA,GAAsB,iBAAiB,MAAA,EAAQ,aAAA;AACrD,EAAA,MAAM,iBAAA,GAAoB,eAAe,MAAA,EAAQ,WAAA;AACjD,EAAA,MAAM,iBAAA,GAAoB,gBAAA,IAAoB,MAAA,CAAO,aAAA,EAAc;AACnE,EAAA,MAAM,SAAA,GAAY,OAAA;AAAA,IAChB,OAAO,EAAE,QAAA,EAAU,qBAAqB,EAAA,EAAI,KAAA,EAAO,SAAS,EAAA,EAAG,CAAA;AAAA,IAC/D,CAAC,mBAAmB,KAAK;AAAA,GAC3B;AACA,EAAA,MAAM,UAAA,GAAa,OAAO,KAAK,CAAA;AAC/B,EAAA,MAAM,SAAA,GAAY,OAA0B,IAAI,CAAA;AAEhD,EAAA,eAAA,CAAgB,MAAM;AACpB,IAAA,MAAA,CAAO,MAAM,kCAAA,EAAoC;AAAA,MAC/C,YAAY,gBAAA,IAAoB,gBAAA;AAAA,MAChC,UAAA,EAAY,mBAAmB,gBAAA,GAAmB,SAAA;AAAA,MAClD,aAAA,EAAe,sBAAsB,mBAAA,GAAsB,SAAA;AAAA,MAC3D,WAAA,EAAa,oBAAoB,iBAAA,GAAoB;AAAA,KACtD,CAAA;AACD,IAAA,IAAI,CAAC,mBAAA,IAAuB,CAAC,mBAAA,CAAoB,MAAK,EAAG;AACvD,MAAA,MAAA,CAAO,KAAK,sDAAsD,CAAA;AAAA,IACpE;AACA,IAAA,IAAI,CAAC,iBAAA,IAAqB,CAAC,iBAAA,CAAkB,MAAK,EAAG;AACnD,MAAA,MAAA,CAAO,KAAK,oDAAoD,CAAA;AAAA,IAClE;AACA,IAAA,SAAA,CAAa;AAAA,MACX,GAAI,mBAAmB,EAAE,UAAA,EAAY,kBAAkB,SAAA,EAAW,gBAAA,KAAqB,EAAC;AAAA,MACxF,GAAI,gBAAA,GAAmB,EAAE,UAAA,EAAY,gBAAA,KAAqB,EAAC;AAAA,MAC3D,GAAI,mBAAA,GAAsB,EAAE,aAAA,EAAe,mBAAA,KAAwB,EAAC;AAAA,MACpE,GAAI,iBAAA,GAAoB,EAAE,WAAA,EAAa,iBAAA,KAAsB;AAAC,KAC/D,CAAA;AACD,IAAA,wBAAA,CAAyB,iCAAiC,CAAA;AAC1D,IAAA,OAAO,MAAM;AACX,MAAA,oBAAA,EAAqB;AAAA,IACvB,CAAA;AAAA,EACF,GAAG,CAAC,gBAAA,EAAkB,gBAAA,EAAkB,mBAAA,EAAqB,iBAAiB,CAAC,CAAA;AAG/E,EAAA,SAAA,CAAU,MAAM;AACd,IAAA,IAAI;AACF,MAAA,oBAAA,CAAqB;AAAA,QACnB,YAAY,gBAAA,IAAoB,EAAA;AAAA,QAChC,WAAW,gBAAA,IAAoB,EAAA;AAAA,QAC/B,OAAO,KAAA,IAAS,EAAA;AAAA,QAChB,YAAY,gBAAA,IAAoB,EAAA;AAAA,QAChC,eAAe,mBAAA,IAAuB,EAAA;AAAA,QACtC,aAAa,iBAAA,IAAqB;AAAA,OACnC,CAAA;AAAA,IACH,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF,GAAG,CAAC,gBAAA,EAAkB,kBAAkB,mBAAA,EAAqB,iBAAA,EAAmB,KAAK,CAAC,CAAA;AAEtF,EAAA,eAAA,CAAgB,MAAM;AACpB,IAAA,mBAAA,CAAoB,qBAAqB,EAAE,CAAA;AAC3C,IAAA,MAAM,UACJ,cAAA,KAAmB,MAAA,IAAa,mBAAmB,IAAA,GAC/C,cAAA,GACA,kCAAkC,SAAS,CAAA;AACjD,IAAA,iBAAA,CAAkB,SAAS,SAAS,CAAA;AACpC,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,cAAA,EAAgB,OAAA;AAAA,MAChB,gBAAA,EAAkB,SAAA;AAAA,MAClB,QAAQ,mBAAA,EAAoB;AAAA,MAC5B,aAAa,wBAAA,EAAyB;AAAA,MACtC,gBAAgB,oBAAA,EAAqB;AAAA,MACrC,gBAAgB,oBAAA,EAAqB;AAAA,MACrC,cAAc,0BAAA;AAA2B,KAC3C;AACA,IAAA,cAAA,CAAe,OAAO,CAAA;AACtB,IAAA,SAAA,CAAU,OAAA,GAAU,iBAAiB,OAAO,CAAA;AAC5C,IAAA,oBAAA,CAAqB,UAAU,OAAO,CAAA;AACtC,IAAA,OAAO,MAAM;AACX,MAAA,oBAAA,CAAqB,IAAI,CAAA;AACzB,MAAA,SAAA,CAAU,OAAA,GAAU,IAAA;AACpB,MAAA,cAAA,CAAe,IAAI,CAAA;AACnB,MAAA,iBAAA,CAAkB,MAAM,EAAE,QAAA,EAAU,EAAA,EAAI,KAAA,EAAO,IAAI,CAAA;AACnD,MAAA,mBAAA,CAAoB,EAAE,CAAA;AAAA,IACxB,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,iBAAA,EAAmB,KAAA,EAAO,cAAc,CAAC,CAAA;AAG7C,EAAA,SAAA,CAAU,MAAM;AACd,IAAA,MAAMC,kBAAAA,GAAoB,gBAAA,IAAoB,MAAA,CAAO,aAAA,EAAc;AAEnE,IAAA,MAAA,CAAO,MAAM,oCAAA,EAAsC;AAAA,MACjD,YAAY,gBAAA,IAAoB,gBAAA;AAAA,MAChC,OAAO,KAAA,IAAS,EAAA;AAAA,MAChB,iBAAA,EAAAA;AAAA,KACD,CAAA;AAED,IAAA,IAAIA,kBAAAA,EAAmB;AACrB,MAAA,MAAM,iBAAA,GAAoB,UAAA,CAAW,aAAA,CAAc,YAAY,CAAC,CAAA;AAChE,MAAA,MAAM,gBAAA,GAAmB,qBAAqB,iBAAA,KAAsBA,kBAAAA;AAEpE,MAAA,IAAI,gBAAA,EAAkB;AACpB,QAAA,MAAA,CAAO,MAAM,uCAAA,EAAyC,EAAE,UAAU,iBAAA,EAAmB,IAAA,EAAMA,oBAAmB,CAAA;AAE9G,QAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,UAAA,MAAM,UAAA,GAAa,OAAO,QAAA,CAAS,IAAA;AACnC,UAAA,MAAM,aAAa,UAAA,CAAW,QAAA,CAAS,OAAO,CAAA,IAAK,UAAA,CAAW,SAAS,QAAQ,CAAA;AAC/E,UAAA,IAAI,UAAA,EAAY;AACd,YAAA,MAAM,QAAA,GAAW,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,OAAO,QAAA,CAAS,QAAA;AAC1D,YAAA,MAAA,CAAO,QAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,OAAO,QAAQ,CAAA;AAAA,UAC1D;AAAA,QACF;AAEA,QAAA,aAAA,CAAc,aAAA,CAAc,cAAc,CAAC,CAAA;AAC3C,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAC5C,QAAA,aAAA,CAAc,aAAA,CAAc,YAAY,CAAC,CAAA;AACzC,QAAA,aAAA,CAAc,aAAA,CAAc,OAAO,CAAC,CAAA;AACpC,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAC5C,QAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,QAAA,uBAAA,EAAwB;AACxB,QAAA,cAAA,EAAe;AAEf,QAAA,UAAA,CAAW,aAAA,CAAc,eAAe,CAAA,EAAG,MAAM,CAAA;AACjD,QAAA,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAA,EAAG,MAAM,CAAA;AACnD,QAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAGA,kBAAiB,CAAA;AAE7D,QAAA,QAAA,CAAS;AAAA,UACP,eAAA,EAAiB,KAAA;AAAA,UACjB,WAAA,EAAa,IAAA;AAAA,UACb,SAAA,EAAW,IAAA;AAAA,UACX,KAAA,EAAO;AAAA,SACR,CAAA;AAAA,MACH,WAAW,iBAAA,EAAmB;AAC5B,QAAA,MAAA,CAAO,KAAA,CAAM,oCAAA,EAAsC,EAAE,SAAA,EAAWA,oBAAmB,CAAA;AAAA,MACrF;AAEA,MAAA,IAAI;AACF,QAAA,oBAAA,CAAqB;AAAA,UACnB,SAAA,EAAWA,kBAAAA;AAAA,UACX,UAAA,EAAYA;AAAA,SACb,CAAA;AACD,QAAA,wBAAA,CAAyB,yCAAA,EAA2C;AAAA,UAClE,UAAA,EAAYA,kBAAAA;AAAA,UACZ,SAAA,EAAWA;AAAA,SACZ,CAAA;AAAA,MACH,CAAA,CAAA,MAAQ;AAAA,MAER;AACA,MAAA,UAAA,CAAW,aAAA,CAAc,YAAY,CAAA,EAAGA,kBAAiB,CAAA;AAAA,IAC3D,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,MAAM,0CAA0C,CAAA;AAAA,IACzD;AAAA,EACF,CAAA,EAAG,CAAC,gBAAA,EAAkB,KAAK,CAAC,CAAA;AAE5B,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAI,QAAA,CAAoB;AAAA,IAC5C,eAAA,EAAiB,KAAA;AAAA,IACjB,WAAA,EAAa,IAAA;AAAA,IACb,SAAA,EAAW,QAAA;AAAA,IACX,KAAA,EAAO;AAAA,GACR,CAAA;AAKD,EAAA,MAAM,aAAA,GAAgB,YAAY,MAAM;AACtC,IAAA,IAAI;AACF,MAAA,MAAM,SAAS,SAAA,CAAU,OAAA;AACzB,MAAA,IAAI,aAAA;AACJ,MAAA,IAAI,WAAA;AACJ,MAAA,IAAI,KAAA,GAAuB,IAAA;AAE3B,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAM,CAAA,GAAI,OAAO,QAAA,EAAS;AAC1B,QAAA,aAAA,GAAgB,CAAA,CAAE,MAAA,KAAW,eAAA,IAAmB,CAAC,CAAC,CAAA,CAAE,WAAA;AACpD,QAAA,WAAA,GAAc,CAAA,CAAE,WAAA;AAChB,QAAA,KAAA,GAAQ,CAAA,CAAE,KAAA;AAAA,MACZ,CAAA,MAAO;AACL,QAAA,WAAA,GAAc,cAAA,EAAqB;AACnC,QAAA,aAAA,GAAgB,CAAC,CAAC,WAAA,IAAe,CAAC,oBAAA,EAAqB;AAAA,MACzD;AAEA,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,aAAA;AAAA,QACjB,WAAA;AAAA,QACA,SAAA,EAAW,KAAA;AAAA,QACX;AAAA,OACD,CAAA;AAED,MAAA,IAAI,aAAA,EAAe;AAAA,MACnB,CAAA,MAAO;AACL,QAAA,kBAAA,EAAmB;AACnB,QAAA,iBAAA,EAAkB;AAAA,MACpB;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAClB,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,KAAA;AAAA,QACjB,WAAA,EAAa,IAAA;AAAA,QACb,SAAA,EAAW,KAAA;AAAA,QACX,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,OACjD,CAAA;AAAA,IACH;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAML,EAAA,SAAA,CAAU,MAAM;AACd,IAAA,IAAI,CAAC,QAAA,EAAU;AAEf,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAC,CAAA,KAAM,MAAA;AACxE,IAAA,MAAM,YAAA,GAAe,UAAA,CAAW,aAAA,CAAc,eAAe,CAAC,CAAA,KAAM,MAAA;AACpE,IAAA,IAAI,CAAC,cAAA,IAAkB,CAAC,YAAA,EAAc;AAEtC,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,SAAS,YAAY;AACzB,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,CAAU,SAAS,IAAA,EAAK;AAC9B,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,aAAA,EAAc;AAAA,QAChB;AAAA,MACF,CAAA,SAAE;AACA,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAAA,MAC9C;AAAA,IACF,CAAA;AAEA,IAAA,MAAA,EAAO;AAEP,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AAAA,IACd,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,QAAA,EAAU,gBAAA,EAAkB,aAAa,CAAC,CAAA;AAK9C,EAAA,SAAA,CAAU,MAAM;AACd,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,OAAM,CAAE,CAAA;AAClD,MAAA;AAAA,IACF;AACA,IAAA,IAAI,WAAW,OAAA,EAAS;AACxB,IAAA,UAAA,CAAW,OAAA,GAAU,IAAA;AAErB,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,OAAO,YAAY;AACvB,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,CAAU,SAAS,IAAA,EAAK;AAC9B,QAAA,IAAI,CAAC,WAAW,aAAA,EAAc;AAAA,MAChC,SAAS,KAAA,EAAO;AACd,QAAA,kBAAA,EAAmB;AACnB,QAAA,iBAAA,EAAkB;AAClB,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,QAAA,CAAS;AAAA,YACP,eAAA,EAAiB,KAAA;AAAA,YACjB,WAAA,EAAa,IAAA;AAAA,YACb,SAAA,EAAW,KAAA;AAAA,YACX,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,WACjD,CAAA;AAAA,QACH;AAAA,MACF;AAAA,IACF,CAAA;AAEA,IAAA,IAAA,EAAK;AAEL,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AACZ,MAAA,UAAA,CAAW,OAAA,GAAU,KAAA;AACrB,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAAA,IACpB,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,QAAA,EAAU,aAAa,CAAC,CAAA;AAK5B,EAAA,MAAM,KAAA,GAAQ,YAAY,YAAY;AACpC,IAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,MAAK,CAAE,CAAA;AACjD,IAAA,MAAM,SAAA,CAAU,SAAS,KAAA,EAAM;AAC/B,IAAA,aAAA,EAAc;AAAA,EAChB,CAAA,EAAG,CAAC,aAAa,CAAC,CAAA;AAKlB,EAAA,MAAMC,OAAAA,GAAS,YAAY,YAAY;AACrC,IAAA,kBAAA,EAAmB;AACnB,IAAA,iBAAA,EAAkB;AAClB,IAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,MAAK,CAAE,CAAA;AAEjD,IAAA,IAAI;AACF,MAAA,MAAM,UAAU,OAAA,EAAS,MAAA,CAAO,EAAE,SAAA,EAAW,kBAAkB,CAAA;AAC/D,MAAA,kBAAA,EAAmB;AAAA,IACrB,CAAA,SAAE;AACA,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAClB,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,KAAA;AAAA,QACjB,WAAA,EAAa,IAAA;AAAA,QACb,SAAA,EAAW,KAAA;AAAA,QACX,KAAA,EAAO;AAAA,OACR,CAAA;AAAA,IACH;AAAA,EACF,CAAA,EAAG,CAAC,gBAAgB,CAAC,CAAA;AAKrB,EAAA,MAAM,YAAA,GAAe,YAAY,YAA6B;AAC5D,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAY,MAAM,SAAA,CAAU,OAAA,EAAS,SAAQ,IAAM,EAAA;AACzD,MAAA,aAAA,EAAc;AACd,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAMA,OAAAA,EAAO;AACb,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF,CAAA,EAAG,CAAC,aAAA,EAAeA,OAAM,CAAC,CAAA;AAK1B,EAAA,MAAM,mBAAA,GAAsB,YAAY,YAA6B;AACnE,IAAA,IAAI;AACF,MAAA,MAAM,KAAA,GAAQ,MAAM,SAAA,CAAU,OAAA,EAAS,cAAA,EAAe;AACtD,MAAA,IAAI,CAAC,KAAA,EAAO,MAAM,IAAI,MAAM,mBAAmB,CAAA;AAC/C,MAAA,aAAA,EAAc;AACd,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAMA,OAAAA,EAAO;AACb,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF,CAAA,EAAG,CAAC,aAAA,EAAeA,OAAM,CAAC,CAAA;AAK1B,EAAA,MAAM,SAAA,GAAY,WAAA,CAAY,CAAC,WAAA,KAA8B;AAC3D,IAAA,QAAA,CAAS;AAAA,MACP,eAAA,EAAiB,IAAA;AAAA,MACjB,WAAA;AAAA,MACA,SAAA,EAAW,KAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,MAAM,YAAA,GAAe,OAAA;AAAA,IACnB,OAAO;AAAA,MACL,GAAG,KAAA;AAAA,MACH,KAAA;AAAA,MACA,MAAA,EAAAA,OAAAA;AAAA,MACA,YAAA;AAAA,MACA,cAAA,EAAgB,mBAAA;AAAA,MAChB;AAAA,KACF,CAAA;AAAA,IACA,CAAC,KAAA,EAAO,KAAA,EAAOA,OAAAA,EAAQ,YAAA,EAAc,qBAAqB,SAAS;AAAA,GACrE;AAEA,EAAA,2BACG,WAAA,CAAY,QAAA,EAAZ,EAAqB,KAAA,EAAO,cAC1B,QAAA,EACH,CAAA;AAEJ;ACvbA,IAAM,mBAAA,GAAsB,aAAA;AAUrB,SAAS,YAAA,CAAa;AAAA,EAC3B,SAAA,GAAY,QAAA;AAAA,EACZ,WAAA,GAAc,YAAA;AAAA,EACd,QAAA,GAAW;AACb,CAAA,EAAyC;AACvC,EAAA,MAAM,EAAE,SAAA,EAAU,GAAI,cAAA,EAAe;AACrC,EAAA,MAAM,UAAA,GAAaC,OAAO,KAAK,CAAA;AAC/B,EAAA,MAAM,CAAC,MAAA,EAAQ,SAAS,CAAA,GAAIC,SAAsB,MAAM,CAAA;AACxD,EAAA,MAAM,CAAC,OAAA,EAAS,UAAU,CAAA,GAAIA,SAAiB,EAAE,CAAA;AAEjD,EAAAC,UAAU,MAAM;AACd,IAAA,IAAI,WAAW,OAAA,EAAS;AACxB,IAAA,UAAA,CAAW,OAAA,GAAU,IAAA;AAErB,IAAA,MAAM,SAAA,GAAY,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AAC5D,IAAA,MAAM,oBAAoB,SAAA,CAAU,GAAA,CAAI,MAAM,CAAA,IAAK,SAAA,CAAU,IAAI,OAAO,CAAA;AAExE,IAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,MAAA,MAAA,CAAO,QAAA,CAAS,OAAA,CAAQ,SAAA,IAAa,QAAQ,CAAA;AAC7C,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,GAAA,CAAI,OAAO,CAAA;AACnC,IAAA,MAAM,gBAAA,GAAmB,SAAA,CAAU,GAAA,CAAI,mBAAmB,CAAA;AAC1D,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,SAAA,CAAU,OAAO,CAAA;AACjB,MAAA,UAAA,CAAW,CAAA,EAAG,KAAK,CAAA,EAAA,EAAK,gBAAA,IAAoB,sBAAsB,CAAA,CAAE,CAAA;AACpE,MAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,KAAA,EAAO,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AACjG,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,cAAc,YAAY;AAC9B,MAAA,SAAA,CAAU,SAAS,CAAA;AACnB,MAAA,UAAA,CAAW,uBAAuB,CAAA;AAGlC,MAAA,MAAM,OAAA,GAAU,MAAM,cAAA,EAAe;AAErC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,SAAA,CAAU,OAAO,CAAA;AACjB,QAAA,UAAA,CAAW,0CAA0C,CAAA;AACrD,QAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,KAAA,EAAO,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AACjG,QAAA;AAAA,MACF;AAMA,MAAA,MAAM,SAAA,GAAY,KAAK,GAAA,EAAI;AAC3B,MAAA,MAAM,WAAA,GAAc,GAAA;AAGpB,MAAA,OAAO,IAAA,EAAM;AACX,QAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,QAAA,IAAI,KAAA,EAAO;AACT,UAAA,SAAA,CAAU,KAAK,CAAA;AACf,UAAA,SAAA,CAAU,SAAS,CAAA;AACnB,UAAA,UAAA,CAAW,2CAA2C,CAAA;AACtD,UAAA,MAAA,CAAO,QAAA,CAAS,QAAQ,WAAW,CAAA;AACnC,UAAA;AAAA,QACF;AAEA,QAAA,IAAI,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA,GAAY,WAAA,EAAa;AAC1C,QAAA,MAAM,IAAI,OAAA,CAAQ,CAAC,MAAM,UAAA,CAAW,CAAA,EAAG,GAAG,CAAC,CAAA;AAAA,MAC7C;AAEA,MAAA,SAAA,CAAU,OAAO,CAAA;AACjB,MAAA,UAAA,CAAW,oDAAoD,CAAA;AAC/D,MAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,KAAA,EAAO,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AAAA,IACnG,CAAA;AAEA,IAAA,WAAA,EAAY;AAAA,EACd,GAAG,CAAC,QAAA,EAAU,SAAA,EAAW,WAAA,EAAa,SAAS,CAAC,CAAA;AAEhD,EAAA,MAAM,cAAA,GAAsC;AAAA,IAC1C,SAAA,EAAW,OAAA;AAAA,IACX,OAAA,EAAS,MAAA;AAAA,IACT,aAAA,EAAe,QAAA;AAAA,IACf,UAAA,EAAY,QAAA;AAAA,IACZ,cAAA,EAAgB,QAAA;AAAA,IAChB,OAAA,EAAS,EAAA;AAAA,IACT,UAAA,EAAY,wDAAA;AAAA,IACZ,SAAA,EAAW;AAAA,GACb;AAEA,EAAA,MAAM,UAAA,GAAkC;AAAA,IACtC,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,SAAA;AAAA,IACV,UAAA,EAAY,GAAA;AAAA,IACZ,KAAA,EAAO,SAAA;AAAA,IACP,YAAA,EAAc;AAAA,GAChB;AAEA,EAAA,MAAM,YAAA,GAAoC;AAAA,IACxC,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,WAAA;AAAA,IACV,KAAA,EAAO,MAAA;AAAA,IACP,UAAA,EAAY,GAAA;AAAA,IACZ,QAAA,EAAU;AAAA,GACZ;AAEA,EAAA,MAAM,aAAA,GAAqC;AAAA,IACzC,SAAA,EAAW,EAAA;AAAA,IACX,OAAA,EAAS,WAAA;AAAA,IACT,eAAA,EAAiB,SAAA;AAAA,IACjB,MAAA,EAAQ,mBAAA;AAAA,IACR,YAAA,EAAc,CAAA;AAAA,IACd,KAAA,EAAO,SAAA;AAAA,IACP,QAAA,EAAU,UAAA;AAAA,IACV,QAAA,EAAU;AAAA,GACZ;AAEA,EAAA,MAAM,cAAA,GAAsC;AAAA,IAC1C,SAAA,EAAW,EAAA;AAAA,IACX,QAAA,EAAU,UAAA;AAAA,IACV,KAAA,EAAO,SAAA;AAAA,IACP,cAAA,EAAgB,MAAA;AAAA,IAChB,MAAA,EAAQ;AAAA,GACV;AAEA,EAAA,MAAM,YAAA,GAAoC;AAAA,IACxC,KAAA,EAAO,EAAA;AAAA,IACP,MAAA,EAAQ,EAAA;AAAA,IACR,MAAA,EAAQ,mBAAA;AAAA,IACR,cAAA,EAAgB,SAAA;AAAA,IAChB,YAAA,EAAc,KAAA;AAAA,IACd,SAAA,EAAW,yCAAA;AAAA,IACX,YAAA,EAAc;AAAA,GAChB;AAEA,EAAA,MAAM,eAAA,GAAuC;AAAA,IAC3C,QAAA,EAAU,UAAA;AAAA,IACV,GAAA,EAAK,EAAA;AAAA,IACL,IAAA,EAAM,KAAA;AAAA,IACN,SAAA,EAAW,kBAAA;AAAA,IACX,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,UAAA;AAAA,IACV,UAAA,EAAY,GAAA;AAAA,IACZ,KAAA,EAAO,SAAA;AAAA,IACP,aAAA,EAAe;AAAA,GACjB;AAEA,EAAA,uBACE,IAAA,CAAC,SAAI,KAAA,EAAO,EAAE,GAAG,cAAA,EAAgB,QAAA,EAAU,YAAW,EACpD,QAAA,EAAA;AAAA,oBAAAC,GAAAA,CAAC,WAAO,QAAA,EAAA,CAAA,mEAAA,CAAA,EAAsE,CAAA;AAAA,oBAC9EA,GAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,iBAAkB,QAAA,EAAA,mBAAA,EAAoB,CAAA;AAAA,IAC/C,MAAA,KAAW,6BACV,IAAA,CAAA,QAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAA,GAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,YAAA,EAAc,eAAW,IAAA,EAAC,CAAA;AAAA,sBACtCA,GAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,YAAY,QAAA,EAAA,mBAAA,EAAiB,CAAA;AAAA,sBACxCA,GAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,+CAAA,EAA6C;AAAA,KAAA,EACvE,CAAA;AAAA,IAED,MAAA,KAAW,6BACV,IAAA,CAAA,QAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAA,GAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,UAAA,EAAY,QAAA,EAAA,wBAAA,EAAsB,CAAA;AAAA,sBAC7CA,GAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,sBAAA,EAAoB;AAAA,KAAA,EAC9C,CAAA;AAAA,IAED,MAAA,KAAW,2BACV,IAAA,CAAA,QAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAA,GAAAA,CAAC,QAAG,KAAA,EAAO,EAAE,GAAG,UAAA,EAAY,KAAA,EAAO,SAAA,EAAU,EAAG,QAAA,EAAA,uBAAA,EAAqB,CAAA;AAAA,sBACrEA,GAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,eAAgB,QAAA,EAAA,OAAA,EAAQ,CAAA;AAAA,sBACpCA,GAAAA;AAAA,QAAC,GAAA;AAAA,QAAA;AAAA,UACC,IAAA,EAAM,SAAA;AAAA,UACN,KAAA,EAAO,cAAA;AAAA,UACP,OAAA,EAAS,CAAC,CAAA,KAAM;AACd,YAAA,CAAA,CAAE,cAAA,EAAe;AACjB,YAAA,MAAA,CAAO,SAAS,IAAA,GAAO,SAAA;AAAA,UACzB,CAAA;AAAA,UACD,QAAA,EAAA;AAAA;AAAA;AAED,KAAA,EACF,CAAA;AAAA,IAED,MAAA,KAAW,0BACV,IAAA,CAAA,QAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAA,GAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,YAAA,EAAc,eAAW,IAAA,EAAC,CAAA;AAAA,sBACtCA,GAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,YAAY,QAAA,EAAA,uBAAA,EAAqB,CAAA;AAAA,sBAC5CA,GAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,4BAAA,EAA0B;AAAA,KAAA,EACpD;AAAA,GAAA,EAEJ,CAAA;AAEJ;;;AC7LO,SAAS,OAAA,GAA4B;AAC1C,EAAA,OAAO,cAAA,EAAe;AACxB;ACJO,SAAS,cAAA,CAAe;AAAA,EAC7B,QAAA;AAAA,EACA,QAAA,GAAW,IAAA;AAAA,EACX,SAAA,GAAY;AACd,CAAA,EAA2C;AACzC,EAAA,MAAM,EAAE,eAAA,EAAiB,cAAA,EAAAT,eAAAA,EAAgB,KAAA,KAAU,OAAA,EAAQ;AAC3D,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAIO,SAAS,KAAK,CAAA;AACxC,EAAA,MAAM,iBAAA,GAAoBD,OAAO,KAAK,CAAA;AAEtC,EAAAE,UAAU,MAAM;AACd,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,MAAM,YAAY;AACtB,MAAA,IAAI,eAAA,EAAiB;AACnB,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,IAAI,CAAA;AAC7B,QAAA;AAAA,MACF;AAEA,MAAA,IAAI;AACF,QAAA,MAAMR,eAAAA,EAAe;AACrB,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,IAAI,CAAA;AAAA,MAC/B,CAAA,CAAA,MAAQ;AACN,QAAA,IAAI,SAAA,IAAa,CAAC,iBAAA,CAAkB,OAAA,EAAS;AAC3C,UAAA,iBAAA,CAAkB,OAAA,GAAU,IAAA;AAC5B,UAAA,MAAM,KAAA,EAAM;AAAA,QACd;AACA,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,KAAK,CAAA;AAAA,MAChC;AAAA,IACF,CAAA;AAEA,IAAA,GAAA,EAAI;AAEJ,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AAAA,IACd,CAAA;AAAA,EACF,GAAG,CAAC,SAAA,EAAWA,eAAAA,EAAgB,eAAA,EAAiB,KAAK,CAAC,CAAA;AAEtD,EAAA,IAAI,CAAC,KAAA,IAAS,CAAC,eAAA,EAAiB;AAC9B,IAAA,uBAAOS,GAAAA,CAAAC,QAAAA,EAAA,EAAG,QAAA,EAAA,QAAA,EAAS,CAAA;AAAA,EACrB;AAEA,EAAA,uBAAOD,GAAAA,CAAAC,QAAAA,EAAA,EAAG,QAAA,EAAS,CAAA;AACrB;AClCO,SAAS,WAAA,GAAiC;AAC/C,EAAA,MAAM,CAAC,SAAA,EAAW,YAAY,CAAA,GAAIH,SAAS,KAAK,CAAA;AAChD,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAIA,SAAwB,IAAI,CAAA;AAGtD,EAAA,MAAM,aAAA,GAAgBD,OAAO,KAAK,CAAA;AAGlC,EAAA,MAAM,UAAA,GAAaA,OAAO,IAAI,CAAA;AAE9B,EAAAE,UAAU,MAAM;AACd,IAAA,OAAO,MAAM;AACX,MAAA,UAAA,CAAW,OAAA,GAAU,KAAA;AAAA,IACvB,CAAA;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,MAAM,IAAA,GAAOG,YAAY,YAAY;AAEnC,IAAA,IAAI,cAAc,OAAA,EAAS;AACzB,MAAA;AAAA,IACF;AAEA,IAAA,aAAA,CAAc,OAAA,GAAU,IAAA;AAExB,IAAA,IAAI,WAAW,OAAA,EAAS;AACtB,MAAA,YAAA,CAAa,IAAI,CAAA;AACjB,MAAA,QAAA,CAAS,IAAI,CAAA;AAAA,IACf;AAEA,IAAA,IAAI;AAEF,MAAA,MAAM,SAAA,EAAU;AAAA,IAClB,SAAS,GAAA,EAAK;AACZ,MAAA,IAAI,WAAW,OAAA,EAAS;AACtB,QAAA,QAAA;AAAA,UACE,GAAA,YAAe,KAAA,GACX,GAAA,CAAI,OAAA,GACJ;AAAA,SACN;AAAA,MACF;AAAA,IACF,CAAA,SAAE;AACA,MAAA,aAAA,CAAc,OAAA,GAAU,KAAA;AAExB,MAAA,IAAI,WAAW,OAAA,EAAS;AACtB,QAAA,YAAA,CAAa,KAAK,CAAA;AAAA,MACpB;AAAA,IACF;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,OAAOC,OAAAA;AAAA,IACL,OAAO,EAAE,SAAA,EAAW,KAAA,EAAO,IAAA,EAAK,CAAA;AAAA,IAChC,CAAC,SAAA,EAAW,KAAA,EAAO,IAAI;AAAA,GACzB;AACF","file":"index.mjs","sourcesContent":["/**\r\n * Runtime context: single get/set for auth runtime.\r\n * Core reads from here; host (e.g. React layer) sets before any core code runs.\r\n */\r\n\r\nimport type { AuthRuntime } from './types';\r\n\r\nlet currentRuntime: AuthRuntime | null = null;\r\n\r\nexport function setAuthRuntime(runtime: AuthRuntime | null): void {\r\n currentRuntime = runtime;\r\n}\r\n\r\nexport function getAuthRuntime(): AuthRuntime | null {\r\n return currentRuntime;\r\n}\r\n\r\n/** Returns runtime or throws if not set (use in core when runtime is required). */\r\nexport function requireAuthRuntime(): AuthRuntime {\r\n const r = currentRuntime;\r\n if (!r) {\r\n throw new Error(\r\n '[tenneo-auth] Auth runtime not set. Wrap your app with AuthProvider (or setAuthRuntime) before using auth.'\r\n );\r\n }\r\n return r;\r\n}\r\n","/**\r\n * Pure domain logic for tenant key extraction and callback URL detection.\r\n * No window/document; no I/O. Single source of truth for tenant/callback helpers.\r\n */\r\n\r\n/** Minimal URL shape required for tenant/callback logic. */\r\nexport interface UrlLike {\r\n search: string;\r\n hostname: string;\r\n}\r\n\r\n/** Minimal config shape required for tenant extraction. */\r\nexport interface ConfigProviderLike {\r\n getClientCode(): string;\r\n}\r\n\r\nexport function isLocalhost(hostname: string): boolean {\r\n return (\r\n hostname === 'localhost' ||\r\n hostname === '127.0.0.1' ||\r\n hostname === '[::1]' ||\r\n hostname.startsWith('192.168.') ||\r\n hostname.startsWith('10.') ||\r\n hostname.endsWith('.local')\r\n );\r\n}\r\n\r\nfunction extractTenantKeyFromDomain(\r\n urlOrHostname: string,\r\n config: ConfigProviderLike\r\n): string | null {\r\n try {\r\n let hostname: string;\r\n if (urlOrHostname.startsWith('http://') || urlOrHostname.startsWith('https://')) {\r\n try {\r\n const url = new URL(urlOrHostname);\r\n hostname = url.hostname;\r\n } catch {\r\n hostname = urlOrHostname.replace(/^https?:\\/\\//, '').split('/')[0];\r\n }\r\n } else {\r\n hostname = urlOrHostname;\r\n }\r\n const parts = hostname.split('.');\r\n if (parts.length < 2) return config.getClientCode();\r\n const tenantKey = parts[0];\r\n if (!tenantKey || tenantKey.trim() === '') return config.getClientCode();\r\n if (tenantKey.trim().toLowerCase() === 'productlms') return config.getClientCode();\r\n return tenantKey.trim();\r\n } catch {\r\n return config.getClientCode();\r\n }\r\n}\r\n\r\n/**\r\n * Extracts tenant key from URL + storage + config. Pure; no window usage.\r\n */\r\nexport function extractTenantKeyFromUrl(\r\n url: UrlLike,\r\n config: ConfigProviderLike,\r\n getStorage: (key: string) => string | null,\r\n getKey?: (suffix: string) => string\r\n): string | null {\r\n void url;\r\n void config;\r\n const propsConfigKey = getKey ? getKey('props_config') : 'tenneo_auth_props_config';\r\n const hostConfigKey = getKey ? getKey('host_config') : 'tenneo_auth_host_config';\r\n\r\n try {\r\n const propsConfigStr = getStorage(propsConfigKey);\r\n if (propsConfigStr) {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n if (propsConfig.tenantKey?.trim()) return propsConfig.tenantKey.trim();\r\n }\r\n } catch {\r\n // continue\r\n }\r\n\r\n try {\r\n const hostConfigStr = getStorage(hostConfigKey);\r\n if (!hostConfigStr) return null;\r\n const hostConfig = JSON.parse(hostConfigStr) as { tenantKey?: string };\r\n if (hostConfig.tenantKey?.trim()) return hostConfig.tenantKey.trim();\r\n } catch {\r\n // continue\r\n }\r\n\r\n return null;\r\n}\r\n\r\n/** Returns true if URL has code and state (OAuth callback). */\r\nexport function isCallbackUrlFromUrl(url: UrlLike): boolean {\r\n const params = new URLSearchParams(url.search);\r\n return params.has('code') && params.has('state');\r\n}\r\n","/**\r\n * Dynamic storage key prefix by tenant code.\r\n * When tenant code is set, prefix is `${normalizedTenantCode}_auth_`; otherwise `tenneo_auth_`.\r\n */\r\n\r\nconst DEFAULT_PREFIX = 'tenneo_auth_';\r\n\r\nlet currentPrefix = DEFAULT_PREFIX;\r\n\r\nexport function getStorageKeyPrefix(): string {\r\n return currentPrefix;\r\n}\r\n\r\n/**\r\n * Normalize tenant code for use in storage keys (alphanumeric + underscore only).\r\n */\r\nfunction normalizeTenantCode(tenantCode: string): string {\r\n const trimmed = tenantCode.trim();\r\n if (!trimmed) return '';\r\n return trimmed.replace(/[^a-zA-Z0-9_]/g, '_').toLowerCase();\r\n}\r\n\r\n/**\r\n * Set the storage key prefix from tenant code.\r\n * Call when tenant is known (e.g. from AuthProvider). Empty string resets to default.\r\n */\r\nexport function setStorageKeyPrefix(tenantCode: string): void {\r\n const normalized = normalizeTenantCode(tenantCode);\r\n currentPrefix = normalized ? `${normalized}_auth_` : DEFAULT_PREFIX;\r\n}\r\n\r\n/**\r\n * Build full storage key for a suffix using the current prefix.\r\n */\r\nexport function getStorageKey(suffix: string): string {\r\n return getStorageKeyPrefix() + suffix;\r\n}\r\n","/**\r\n * Storage key namespacing: auth_${tenantId}_${appId}_*\r\n * Backward compatibility: when both tenantId and appId are empty, use dynamic prefix (from tenant code).\r\n */\r\n\r\nimport type { StorageNamespace } from './types';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\n/**\r\n * Builds a namespaced storage key.\r\n * - When tenantId and appId are both falsy: returns getStorageKeyPrefix() + suffix (tenant-code-based or default).\r\n * - Otherwise: returns auth_${tenantId}_${appId}_${suffix}.\r\n */\r\nexport function buildStorageKey(\r\n ns: StorageNamespace,\r\n suffix: string\r\n): string {\r\n const { tenantId, appId } = ns;\r\n if (!tenantId && !appId) {\r\n return `${getStorageKeyPrefix()}${suffix}`;\r\n }\r\n const tid = tenantId || '';\r\n const aid = appId || '';\r\n return `auth_${tid}_${aid}_${suffix}`;\r\n}\r\n\r\n/** Suffixes used for token keys (same as legacy STORAGE_KEYS without prefix). */\r\nexport const TOKEN_KEY_SUFFIXES = {\r\n accessToken: 'access_token',\r\n refreshToken: 'refresh_token',\r\n expiresAt: 'expires_at',\r\n} as const;\r\n\r\n/** Suffixes for config/flow keys (aligned with existing tenneo_auth_* keys). */\r\nexport const CONFIG_KEY_SUFFIXES = {\r\n authServerUrl: 'auth_server_url',\r\n clientId: 'client_id',\r\n redirectUri: 'redirect_uri',\r\n tenantId: 'tenant_id',\r\n tenantKey: 'tenant_key',\r\n codeVerifier: 'code_verifier',\r\n state: 'state',\r\n callbackProcessed: 'callback_processed',\r\n callbackProcessing: 'callback_processing',\r\n callbackAttempted: 'callback_attempted',\r\n flowInProgress: 'flow_in_progress',\r\n flowTimestamp: 'flow_timestamp',\r\n logoutProcessing: 'logout_processing',\r\n propsConfig: 'props_config',\r\n propsChanged: 'props_changed',\r\n tenantSwitched: 'tenant_switched',\r\n newTenantKey: 'new_tenant_key',\r\n stateMismatch: 'state_mismatch',\r\n bootstrapInProgress: 'bootstrap_in_progress',\r\n bootstrapTimestamp: 'bootstrap_timestamp',\r\n callbackHandled: 'callback_handled',\r\n} as const;\r\n","/**\r\n * Storage context: current adapter and namespace.\r\n * Can be set via setStorageContext (legacy) or setAuthRuntime (full runtime).\r\n * No window/document usage.\r\n */\r\n\r\nimport type { StorageAdapter, StorageNamespace } from './types';\r\nimport { getAuthRuntime } from '../runtime/context';\r\n\r\nlet currentAdapter: StorageAdapter | null = null;\r\nlet currentNamespace: StorageNamespace = { tenantId: '', appId: '' };\r\n\r\nexport function setStorageContext(\r\n adapter: StorageAdapter | null,\r\n namespace: Partial<StorageNamespace> = {}\r\n): void {\r\n currentAdapter = adapter;\r\n currentNamespace = {\r\n tenantId: namespace.tenantId ?? '',\r\n appId: namespace.appId ?? '',\r\n };\r\n}\r\n\r\nexport function getStorageAdapter(): StorageAdapter | null {\r\n const runtime = getAuthRuntime();\r\n if (runtime?.storageAdapter) return runtime.storageAdapter;\r\n return currentAdapter;\r\n}\r\n\r\nexport function getStorageNamespace(): StorageNamespace {\r\n const runtime = getAuthRuntime();\r\n if (runtime?.storageNamespace) return { ...runtime.storageNamespace };\r\n return { ...currentNamespace };\r\n}\r\n","/**\r\n * In-memory storage adapter. SSR-safe; no window/document usage.\r\n * Default for server-side or when no persistent storage is desired.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { buildStorageKey, TOKEN_KEY_SUFFIXES } from './namespace';\r\n\r\nexport function createMemoryStorageAdapter(\r\n namespace: StorageNamespace\r\n): StorageAdapter {\r\n const store = new Map<string, string>();\r\n\r\n const getTokensSync = (): AuthTokens | null => {\r\n const accessToken = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken)) ?? null;\r\n const refreshToken = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken)) ?? null;\r\n const expiresAtStr = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt)) ?? null;\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n };\r\n\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n return getTokensSync();\r\n },\r\n getTokensSync,\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n },\r\n setTokensSync(tokens: AuthTokens): void {\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n clearTokensSync(): void {\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n return store.get(key) ?? null;\r\n },\r\n getItemSync(key: string): string | null {\r\n return store.get(key) ?? null;\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n store.set(key, value);\r\n },\r\n setItemSync(key: string, value: string): void {\r\n store.set(key, value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n store.delete(key);\r\n },\r\n removeItemSync(key: string): void {\r\n store.delete(key);\r\n },\r\n\r\n async clear(): Promise<void> {\r\n store.clear();\r\n },\r\n clearSync(): void {\r\n store.clear();\r\n },\r\n };\r\n}\r\n","/**\r\n * Session storage adapter with namespaced keys. SSR-safe: guards all\r\n * window/sessionStorage access with typeof window !== 'undefined'.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { buildStorageKey, TOKEN_KEY_SUFFIXES } from './namespace';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\nfunction getSessionStorage(): Storage | null {\r\n if (typeof window === 'undefined') return null;\r\n try {\r\n return window.sessionStorage;\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nexport function createSecureSessionStorageAdapter(\r\n namespace: StorageNamespace\r\n): StorageAdapter {\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n return getTokensSyncImpl(namespace);\r\n },\r\n getTokensSync(): AuthTokens | null {\r\n return getTokensSyncImpl(namespace);\r\n },\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n setTokensSyncImpl(namespace, tokens);\r\n },\r\n setTokensSync(tokens: AuthTokens): void {\r\n setTokensSyncImpl(namespace, tokens);\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n clearTokensSyncImpl(namespace);\r\n },\r\n clearTokensSync(): void {\r\n clearTokensSyncImpl(namespace);\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n return getItemSyncImpl(key);\r\n },\r\n getItemSync(key: string): string | null {\r\n return getItemSyncImpl(key);\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n setItemSyncImpl(key, value);\r\n },\r\n setItemSync(key: string, value: string): void {\r\n setItemSyncImpl(key, value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n removeItemSyncImpl(key);\r\n },\r\n removeItemSync(key: string): void {\r\n removeItemSyncImpl(key);\r\n },\r\n\r\n async clear(): Promise<void> {\r\n clearSyncImpl(namespace);\r\n },\r\n clearSync(): void {\r\n clearSyncImpl(namespace);\r\n },\r\n };\r\n}\r\n\r\nfunction getTokensSyncImpl(ns: StorageNamespace): AuthTokens | null {\r\n const storage = getSessionStorage();\r\n if (!storage) return null;\r\n try {\r\n const accessToken = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken));\r\n const refreshToken = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken));\r\n const expiresAtStr = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt));\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nfunction setTokensSyncImpl(ns: StorageNamespace, tokens: AuthTokens): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction clearTokensSyncImpl(ns: StorageNamespace): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken));\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken));\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction getItemSyncImpl(key: string): string | null {\r\n const storage = getSessionStorage();\r\n if (!storage) return null;\r\n try {\r\n return storage.getItem(key);\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nfunction setItemSyncImpl(key: string, value: string): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.setItem(key, value);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction removeItemSyncImpl(key: string): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.removeItem(key);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction clearSyncImpl(ns: StorageNamespace): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n const prefix = ns.tenantId || ns.appId\r\n ? `auth_${ns.tenantId || ''}_${ns.appId || ''}_`\r\n : getStorageKeyPrefix();\r\n const keys: string[] = [];\r\n for (let i = 0; i < storage.length; i++) {\r\n const key = storage.key(i);\r\n if (key && key.startsWith(prefix)) keys.push(key);\r\n }\r\n keys.forEach((k) => storage.removeItem(k));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n","/**\r\n * Cookie-based storage adapter (HttpOnly-compatible abstraction).\r\n * Tokens are stored in cookies; config/flow flags use cookies or fallback.\r\n * SSR-safe: all document/window access guarded with typeof window !== 'undefined'.\r\n *\r\n * Note: True HttpOnly cookies must be set by the server. This adapter uses\r\n * document.cookie for client-readable tokens when running in the browser,\r\n * and can be replaced by a server-backed implementation for HttpOnly.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { TOKEN_KEY_SUFFIXES, CONFIG_KEY_SUFFIXES } from './namespace';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\nconst DEFAULT_COOKIE_OPTIONS = {\r\n path: '/',\r\n sameSite: 'lax' as const,\r\n maxAge: 60 * 60 * 24 * 7, // 7 days for refresh token\r\n};\r\n\r\nfunction getDocument(): Document | null {\r\n if (typeof document === 'undefined') return null;\r\n return document;\r\n}\r\n\r\nfunction getCookie(name: string): string | null {\r\n const doc = getDocument();\r\n if (!doc || !doc.cookie) return null;\r\n const match = doc.cookie.match(new RegExp('(^| )' + name + '=([^;]+)'));\r\n return match ? decodeURIComponent(match[2]) : null;\r\n}\r\n\r\nfunction setCookie(\r\n name: string,\r\n value: string,\r\n options: { path?: string; sameSite?: 'lax' | 'strict' | 'none'; maxAge?: number } = {}\r\n): void {\r\n const doc = getDocument();\r\n if (!doc) return;\r\n const { path = '/', sameSite = 'lax', maxAge } = { ...DEFAULT_COOKIE_OPTIONS, ...options };\r\n let cookie = `${encodeURIComponent(name)}=${encodeURIComponent(value)};path=${path};SameSite=${sameSite}`;\r\n if (maxAge != null) cookie += `;max-age=${maxAge}`;\r\n doc.cookie = cookie;\r\n}\r\n\r\nfunction deleteCookie(name: string): void {\r\n const doc = getDocument();\r\n if (!doc) return;\r\n doc.cookie = `${encodeURIComponent(name)}=;path=/;max-age=0`;\r\n}\r\n\r\nexport function createCookieStorageAdapter(\r\n namespace: StorageNamespace,\r\n options?: { cookiePrefix?: string }\r\n): StorageAdapter {\r\n const prefix = options?.cookiePrefix ?? 'auth';\r\n const keyPrefix = namespace.tenantId || namespace.appId\r\n ? `auth_${namespace.tenantId || ''}_${namespace.appId || ''}_`\r\n : getStorageKeyPrefix();\r\n\r\n const cookieName = (suffix: string) =>\r\n `${prefix}_${namespace.tenantId || 't'}_${namespace.appId || 'a'}_${suffix}`.replace(/[^a-zA-Z0-9_]/g, '_');\r\n\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n const accessToken = getCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken));\r\n const refreshToken = getCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken));\r\n const expiresAtStr = getCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt));\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n },\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken, { maxAge: 60 * 60 });\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken, { maxAge: 60 * 60 * 24 * 7 });\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt), { maxAge: 60 * 60 * 24 });\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken));\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken));\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n return getCookie(cookieName(name));\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n setCookie(cookieName(name), value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n deleteCookie(cookieName(name));\r\n },\r\n\r\n async clear(): Promise<void> {\r\n const suffixes = Object.values(TOKEN_KEY_SUFFIXES);\r\n suffixes.forEach((s) => deleteCookie(cookieName(s)));\r\n Object.values(CONFIG_KEY_SUFFIXES).forEach((suffix) => deleteCookie(cookieName(suffix)));\r\n },\r\n };\r\n}\r\n","/**\r\n * Low-level storage get/set/remove only (adapter + namespace).\r\n * Safe for config resolution to import without circular dependency on config.\r\n */\r\n\r\nimport { getStorageAdapter, getStorageNamespace } from './context';\r\nimport { buildStorageKey } from './namespace';\r\nimport { getStorageKeyPrefix, getStorageKey } from './prefix';\r\n\r\nexport { getStorageKey };\r\n\r\nfunction keyToSuffix(key: string): string {\r\n const prefix = getStorageKeyPrefix();\r\n return key.startsWith(prefix) ? key.slice(prefix.length) : key;\r\n}\r\n\r\nexport function setStorage(key: string, value: string): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.setItemSync) return;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n adapter.setItemSync(buildStorageKey(ns, suffix), value);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function getStorage(key: string): string | null {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.getItemSync) return null;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n return adapter.getItemSync(buildStorageKey(ns, suffix));\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nexport function removeStorage(key: string): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.removeItemSync) return;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n adapter.removeItemSync(buildStorageKey(ns, suffix));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n","/**\r\n * Storage API: adapter-based get/set/clear. No direct window/sessionStorage.\r\n * Keys use dynamic prefix from tenant code (see prefix.ts).\r\n */\r\n\r\nimport type { StorageKeys } from '../../domain/auth-state';\r\nimport { getStorageAdapter, getStorageNamespace } from './context';\r\nimport { buildStorageKey } from './namespace';\r\nimport { getAuthRuntime } from '../runtime/context';\r\nimport { getStorageKeyPrefix, getStorageKey } from './prefix';\r\nimport { getStorage, setStorage, removeStorage } from './kv';\r\n\r\nexport { setStorage, getStorage, removeStorage, getStorageKey } from './kv';\r\n\r\nconst KEY_SUFFIXES = {\r\n tenantKey: 'tenant_key',\r\n codeVerifier: 'code_verifier',\r\n state: 'state',\r\n accessToken: 'access_token',\r\n refreshToken: 'refresh_token',\r\n expiresAt: 'expires_at',\r\n} as const;\r\n\r\nexport const STORAGE_KEYS: StorageKeys = {\r\n get tenantKey() { return getStorageKey(KEY_SUFFIXES.tenantKey); },\r\n get codeVerifier() { return getStorageKey(KEY_SUFFIXES.codeVerifier); },\r\n get state() { return getStorageKey(KEY_SUFFIXES.state); },\r\n get accessToken() { return getStorageKey(KEY_SUFFIXES.accessToken); },\r\n get refreshToken() { return getStorageKey(KEY_SUFFIXES.refreshToken); },\r\n get expiresAt() { return getStorageKey(KEY_SUFFIXES.expiresAt); },\r\n} as const;\r\n\r\nexport function clearAuthStorage(): void {\r\n // Session + transition keys only. host_config is cache-only and managed by config layer.\r\n const keysToClear = [\r\n STORAGE_KEYS.accessToken,\r\n STORAGE_KEYS.refreshToken,\r\n STORAGE_KEYS.expiresAt,\r\n STORAGE_KEYS.codeVerifier,\r\n STORAGE_KEYS.state,\r\n getStorageKey('callback_processed'),\r\n getStorageKey('props_config'),\r\n getStorageKey('tenant_switched'),\r\n getStorageKey('new_tenant_key'),\r\n getStorageKey('preserved_tenant_key'),\r\n ];\r\n for (const key of keysToClear) removeStorage(key);\r\n}\r\n\r\nexport function clearAuthSessionStorage(): void {\r\n clearAuthStorage();\r\n}\r\n\r\nexport function clearAllCookies(): void {\r\n const runtime = getAuthRuntime();\r\n try {\r\n runtime?.clearCookies?.clearCookies();\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function clearAllStorage(): void {\r\n clearAuthStorage();\r\n clearAllCookies();\r\n}\r\n\r\nexport function getAccessToken(): string | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.accessToken ?? null;\r\n }\r\n return getStorage(STORAGE_KEYS.accessToken);\r\n}\r\n\r\nexport function getRefreshToken(): string | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.refreshToken ?? null;\r\n }\r\n return getStorage(STORAGE_KEYS.refreshToken);\r\n}\r\n\r\nexport function getExpiresAt(): number | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.expiresAt ?? null;\r\n }\r\n const expiresAt = getStorage(STORAGE_KEYS.expiresAt);\r\n if (!expiresAt) return null;\r\n const timestamp = parseInt(expiresAt, 10);\r\n return isNaN(timestamp) ? null : timestamp;\r\n}\r\n\r\nexport function isAccessTokenExpired(): boolean {\r\n const expiresAt = getExpiresAt();\r\n if (!expiresAt) return true;\r\n const buffer = 60 * 1000;\r\n return Date.now() >= expiresAt - buffer;\r\n}\r\n\r\nexport function getCodeVerifier(): string | null {\r\n return getStorage(STORAGE_KEYS.codeVerifier);\r\n}\r\nexport function getState(): string | null {\r\n return getStorage(STORAGE_KEYS.state);\r\n}\r\nexport function getTenantKey(): string | null {\r\n return getStorage(STORAGE_KEYS.tenantKey);\r\n}\r\nexport function setTenantKey(tenantKey: string): void {\r\n setStorage(STORAGE_KEYS.tenantKey, tenantKey);\r\n}\r\n","/**\r\n * Logger utility for consistent logging across the plugin\r\n */\r\n\r\ntype LogLevel = 'info' | 'warn' | 'error' | 'debug';\r\n\r\n/**\r\n * Checks if we're in development mode (localhost/local network)\r\n */\r\nfunction isDev(): boolean {\r\n if (typeof window === 'undefined') {\r\n return false;\r\n }\r\n const hostname = window.location.hostname;\r\n return (\r\n hostname === 'localhost' ||\r\n hostname === '127.0.0.1' ||\r\n hostname === '[::1]' ||\r\n hostname.startsWith('192.168.') ||\r\n hostname.startsWith('10.') ||\r\n hostname.endsWith('.local')\r\n );\r\n}\r\n\r\nclass Logger {\r\n private prefix = '[tenneo-auth-gateway-plugin]';\r\n\r\n private log(level: LogLevel, message: string, data?: unknown): void {\r\n const timestamp = new Date().toISOString();\r\n const logMessage = `${this.prefix} [${timestamp}] [${level.toUpperCase()}] ${message}`;\r\n\r\n switch (level) {\r\n case 'info':\r\n console.log(logMessage, data || '');\r\n break;\r\n case 'warn':\r\n console.warn(logMessage, data || '');\r\n break;\r\n case 'error':\r\n console.error(logMessage, data || '');\r\n break;\r\n case 'debug':\r\n if (isDev()) {\r\n console.debug(logMessage, data || '');\r\n }\r\n break;\r\n }\r\n }\r\n\r\n info(message: string, data?: unknown): void {\r\n this.log('info', message, data);\r\n }\r\n\r\n warn(message: string, data?: unknown): void {\r\n this.log('warn', message, data);\r\n }\r\n\r\n error(message: string, data?: unknown): void {\r\n this.log('error', message, data);\r\n }\r\n\r\n debug(message: string, data?: unknown): void {\r\n this.log('debug', message, data);\r\n }\r\n}\r\n\r\nexport const logger = new Logger();\r\n\r\n","/**\r\n * Host-aware config resolution: memory → host bridge (window / provider) → storage cache (fallback).\r\n * Does not import application/storage barrel to avoid circular deps — uses storage/kv only.\r\n */\r\n\r\nimport type { HostConfigOverride, SDKConfig, ResolvedConfig } from './types';\r\nimport { getStorage, setStorage } from '../infrastructure/storage/kv';\r\nimport { getStorageKey } from '../infrastructure/storage/prefix';\r\nimport { logger } from '../utils/logger';\r\n\r\nexport type ConfigLayerSource = 'override' | 'memory' | 'host_bridge' | 'storage_cache';\r\n\r\ndeclare global {\r\n interface Window {\r\n /** Optional host-injected auth config (runtime). Lowest priority vs setConfig memory, above storage cache. */\r\n __TENNEO_AUTH_HOST__?: Partial<SDKConfig>;\r\n }\r\n}\r\n\r\nlet inMemoryConfig: SDKConfig = {};\r\n\r\n/** Imperative host hook (e.g. non-React shell). Merged after window, before memory. */\r\nlet hostConfigProvider: (() => Partial<SDKConfig> | null | undefined) | null = null;\r\n\r\nconst CACHE_MARKER = '__tenneo_host_config_cache';\r\nconst CACHE_AT = '__tenneo_host_config_cache_at';\r\n\r\nexport function setConfig(overrides: HostConfigOverride): void {\r\n inMemoryConfig = { ...inMemoryConfig, ...overrides };\r\n}\r\n\r\nexport function clearConfigOverrides(): void {\r\n inMemoryConfig = {};\r\n}\r\n\r\nexport function setHostConfigProvider(\r\n fn: (() => Partial<SDKConfig> | null | undefined) | null\r\n): void {\r\n hostConfigProvider = fn;\r\n}\r\n\r\nfunction readHostBridge(): SDKConfig {\r\n const out: SDKConfig = {};\r\n try {\r\n if (typeof window !== 'undefined' && window.__TENNEO_AUTH_HOST__) {\r\n Object.assign(out, window.__TENNEO_AUTH_HOST__);\r\n }\r\n } catch {\r\n // ignore\r\n }\r\n try {\r\n const fromProvider = hostConfigProvider?.();\r\n if (fromProvider && typeof fromProvider === 'object') {\r\n Object.assign(out, fromProvider);\r\n }\r\n } catch (e) {\r\n logger.warn('[config] hostConfigProvider threw', {\r\n error: e instanceof Error ? e.message : String(e),\r\n });\r\n }\r\n return out;\r\n}\r\n\r\nfunction readStorageConfigCache(): SDKConfig {\r\n try {\r\n const raw = getStorage(getStorageKey('host_config'));\r\n if (!raw) return {};\r\n const parsed = JSON.parse(raw) as Record<string, unknown>;\r\n if (!parsed || typeof parsed !== 'object') return {};\r\n const { [CACHE_MARKER]: _m, [CACHE_AT]: _t, ...rest } = parsed;\r\n // Backward compatibility / API payloads that used snake_case in JSON\r\n if (!rest.clientId && typeof rest.client_id === 'string' && rest.client_id.trim()) {\r\n rest.clientId = rest.client_id.trim();\r\n }\r\n return rest as SDKConfig;\r\n } catch {\r\n return {};\r\n }\r\n}\r\n\r\n/**\r\n * Merge order (later wins): storage cache → host bridge → memory → overrides.\r\n * So: runtime memory is authoritative; storage is only a bootstrap fallback.\r\n */\r\nexport function resolveSDKConfig(overrides?: HostConfigOverride): SDKConfig {\r\n const stored = readStorageConfigCache();\r\n const bridge = readHostBridge();\r\n return {\r\n ...stored,\r\n ...bridge,\r\n ...inMemoryConfig,\r\n ...(overrides ?? {}),\r\n };\r\n}\r\n\r\nexport interface FieldSourceMap {\r\n tenantCode?: ConfigLayerSource;\r\n tenantKey?: ConfigLayerSource;\r\n apiBaseUrl?: ConfigLayerSource;\r\n authServerUrl?: ConfigLayerSource;\r\n callbackUrl?: ConfigLayerSource;\r\n clientCode?: ConfigLayerSource;\r\n clientId?: ConfigLayerSource;\r\n tenantId?: ConfigLayerSource;\r\n appId?: ConfigLayerSource;\r\n}\r\n\r\nfunction nonEmptyString(v: unknown): string | undefined {\r\n if (v == null) return undefined;\r\n const s = String(v).trim();\r\n return s || undefined;\r\n}\r\n\r\n/**\r\n * Per-field source for debugging (first layer that supplied a non-empty value).\r\n */\r\nexport function getConfigFieldSources(overrides?: HostConfigOverride): FieldSourceMap {\r\n const stored = readStorageConfigCache();\r\n const bridge = readHostBridge();\r\n const layers: { src: ConfigLayerSource; cfg: SDKConfig }[] = [\r\n { src: 'storage_cache', cfg: stored },\r\n { src: 'host_bridge', cfg: bridge },\r\n { src: 'memory', cfg: inMemoryConfig },\r\n ];\r\n if (overrides && Object.keys(overrides).length) {\r\n layers.push({ src: 'override', cfg: overrides });\r\n }\r\n\r\n const pick = (key: keyof SDKConfig): ConfigLayerSource | undefined => {\r\n for (let i = layers.length - 1; i >= 0; i--) {\r\n const v = nonEmptyString(layers[i].cfg[key]);\r\n if (v !== undefined) return layers[i].src;\r\n }\r\n return undefined;\r\n };\r\n\r\n return {\r\n tenantCode: pick('tenantCode') ?? pick('tenantKey'),\r\n tenantKey: pick('tenantKey') ?? pick('tenantCode'),\r\n apiBaseUrl: pick('apiBaseUrl'),\r\n authServerUrl: pick('authServerUrl'),\r\n callbackUrl: pick('callbackUrl'),\r\n clientCode: pick('clientCode'),\r\n clientId: pick('clientId'),\r\n tenantId: pick('tenantId'),\r\n appId: pick('appId'),\r\n };\r\n}\r\n\r\nexport function getEffectiveTenantCode(overrides?: HostConfigOverride): string {\r\n const cfg = resolveSDKConfig(overrides);\r\n const t =\r\n nonEmptyString(cfg.tenantCode) ??\r\n nonEmptyString(cfg.tenantKey) ??\r\n nonEmptyString(cfg.clientCode) ??\r\n '';\r\n return t;\r\n}\r\n\r\n/** @alias getEffectiveTenantCode — tenant_key / tenant_code / clientCode from resolved config */\r\nexport const getEffectiveTenantKey = getEffectiveTenantCode;\r\n\r\nfunction trim(v: unknown): string {\r\n return v == null ? '' : String(v).trim();\r\n}\r\n\r\nexport function toResolvedConfig(cfg: SDKConfig): ResolvedConfig {\r\n const merged = { ...cfg };\r\n if (!merged.tenantCode && merged.tenantKey) {\r\n merged.tenantCode = merged.tenantKey;\r\n }\r\n const clientId = trim(merged.clientId) || trim(merged.clientCode);\r\n\r\n return {\r\n apiBaseUrl: trim(merged.apiBaseUrl),\r\n authServerUrl: trim(merged.authServerUrl),\r\n callbackUrl: trim(merged.callbackUrl) || trim(merged.redirectUri),\r\n clientCode: trim(merged.clientCode),\r\n tenantCode: trim(merged.tenantCode),\r\n appId: trim(merged.appId),\r\n clientId,\r\n tenantId: trim(merged.tenantId),\r\n };\r\n}\r\n\r\nexport interface GetAuthConfigOptions {\r\n /** When true, throws if required OAuth / tenant fields are missing. */\r\n strict?: boolean;\r\n overrides?: HostConfigOverride;\r\n}\r\n\r\nexport class AuthConfigError extends Error {\r\n readonly code = 'AUTH_CONFIG_MISSING';\r\n readonly missing: string[];\r\n constructor(missing: string[], message?: string) {\r\n super(\r\n message ??\r\n `[tenneo-auth] Missing required auth configuration: ${missing.join(', ')}. ` +\r\n 'Provide authServerUrl, callbackUrl (redirectUri), and tenant_key/tenant_code via AuthProvider/initPlugin or window.__TENNEO_AUTH_HOST__.'\r\n );\r\n this.name = 'AuthConfigError';\r\n this.missing = missing;\r\n }\r\n}\r\n\r\nexport function resolveConfig(overrides?: HostConfigOverride): ResolvedConfig {\r\n return toResolvedConfig(resolveSDKConfig(overrides));\r\n}\r\n\r\nexport function getAuthConfig(options?: GetAuthConfigOptions): ResolvedConfig {\r\n const resolved = toResolvedConfig(resolveSDKConfig(options?.overrides));\r\n if (options?.strict) {\r\n const missing: string[] = [];\r\n if (!resolved.authServerUrl) missing.push('authServerUrl');\r\n if (!resolved.callbackUrl) missing.push('callbackUrl');\r\n if (!resolved.tenantCode) missing.push('tenantCode|tenantKey');\r\n if (missing.length) throw new AuthConfigError(missing);\r\n }\r\n return resolved;\r\n}\r\n\r\n/**\r\n * Persist a non-authoritative copy for early readers (bootstrap before React).\r\n * Never use as sole source of truth — memory/host win at resolve time.\r\n */\r\n/**\r\n * After logout or host-driven updates: persist a cache snapshot from current resolved SDK config (non-empty fields only).\r\n */\r\nexport function syncHostConfigCacheFromMemory(): void {\r\n const c = resolveSDKConfig();\r\n const patch: HostConfigOverride = {};\r\n const keys = [\r\n 'apiBaseUrl',\r\n 'authServerUrl',\r\n 'callbackUrl',\r\n 'redirectUri',\r\n 'tenantCode',\r\n 'tenantKey',\r\n 'clientCode',\r\n 'clientId',\r\n 'tenantId',\r\n 'appId',\r\n 'basePath',\r\n ] as const;\r\n for (const k of keys) {\r\n const v = c[k];\r\n if (v != null && String(v).trim()) {\r\n (patch as Record<string, string>)[k] = String(v).trim();\r\n }\r\n }\r\n if (Object.keys(patch).length) writeHostConfigCache(patch);\r\n}\r\n\r\nexport function writeHostConfigCache(partial: HostConfigOverride): void {\r\n try {\r\n const key = getStorageKey('host_config');\r\n const raw = getStorage(key);\r\n let existing: Record<string, unknown> = {};\r\n try {\r\n if (raw) existing = JSON.parse(raw) as Record<string, unknown>;\r\n } catch {\r\n existing = {};\r\n }\r\n const next = {\r\n ...existing,\r\n ...partial,\r\n [CACHE_MARKER]: true,\r\n [CACHE_AT]: new Date().toISOString(),\r\n };\r\n setStorage(key, JSON.stringify(next));\r\n logger.debug('[config] host_config cache updated (non-authoritative)', {\r\n keys: Object.keys(partial),\r\n });\r\n } catch (e) {\r\n logger.warn('[config] Failed to write host_config cache', {\r\n error: e instanceof Error ? e.message : String(e),\r\n });\r\n }\r\n}\r\n\r\n/**\r\n * Host entrypoint: merge into memory and optionally refresh storage cache.\r\n */\r\nexport function initPlugin(config: HostConfigOverride, opts?: { syncStorageCache?: boolean }): void {\r\n setConfig(config);\r\n logger.info('[config] initPlugin — runtime config updated', {\r\n syncStorageCache: opts?.syncStorageCache !== false,\r\n tenantCode: config.tenantCode ?? config.tenantKey ?? '(none)',\r\n });\r\n if (opts?.syncStorageCache !== false) {\r\n writeHostConfigCache(config);\r\n }\r\n}\r\n\r\nexport function logConfigResolutionDebug(context: string, overrides?: HostConfigOverride): void {\r\n const sources = getConfigFieldSources(overrides);\r\n logger.debug(`[config] ${context}`, {\r\n fieldSources: sources,\r\n effectiveTenantCode: getEffectiveTenantCode(overrides) || '(empty)',\r\n hasAuthServerUrl: !!resolveSDKConfig(overrides).authServerUrl,\r\n hasCallbackUrl: !!resolveSDKConfig(overrides).callbackUrl,\r\n });\r\n}\r\n","/**\r\n * OAuth-related config readers backed by full config resolution (memory → host → cache).\r\n * Re-exported from infrastructure/storage for backward compatibility.\r\n */\r\n\r\nimport { resolveSDKConfig } from './resolver-core';\r\n\r\nfunction trim(v: unknown): string | null {\r\n if (v == null) return null;\r\n const s = String(v).trim();\r\n return s || null;\r\n}\r\n\r\n/**\r\n * Token endpoint uses `public-${clientId}`; stored values may already include `public-`\r\n * (e.g. only clientCode persisted). Strip one `public-` prefix so we never send `public-public-...`.\r\n */\r\nfunction oauthClientIdForTokenRequest(raw: string | null): string | null {\r\n if (!raw) return null;\r\n let s = raw.trim();\r\n if (!s) return null;\r\n if (s.toLowerCase().startsWith('public-')) {\r\n s = s.slice('public-'.length).trim();\r\n }\r\n return s || null;\r\n}\r\n\r\n/** Full resolution: memory → host bridge → storage cache (OAuth / API fields). */\r\nexport function getAuthServerUrl(): string | null {\r\n return trim(resolveSDKConfig().authServerUrl);\r\n}\r\n\r\nexport function getClientId(): string | null {\r\n const c = resolveSDKConfig();\r\n const fromId = oauthClientIdForTokenRequest(trim(c.clientId));\r\n if (fromId) return fromId;\r\n return oauthClientIdForTokenRequest(trim(c.clientCode));\r\n}\r\n\r\n/** Use when reading client id from tenant API / recovery path (same rules as getClientId). */\r\nexport function normalizeClientIdForOAuthTokenBody(raw: string | null | undefined): string | null {\r\n return oauthClientIdForTokenRequest(trim(raw));\r\n}\r\n\r\nexport function getRedirectUri(): string | null {\r\n const c = resolveSDKConfig();\r\n return trim(c.callbackUrl) ?? trim(c.redirectUri);\r\n}\r\n\r\nexport function getTenantId(): string | null {\r\n return trim(resolveSDKConfig().tenantId);\r\n}\r\n","/**\r\n * Security and error utilities for authentication.\r\n * Domain layer: sanitized errors and HTTPS enforcement.\r\n */\r\n\r\nimport { logger } from '../utils/logger';\r\n\r\nfunction isLocalhostHostname(hostname: string): boolean {\r\n return hostname === 'localhost' || hostname === '127.0.0.1' ||\r\n hostname.startsWith('192.168.') || hostname.startsWith('10.') || hostname.startsWith('172.16.');\r\n}\r\n\r\nfunction isDev(): boolean {\r\n if (typeof window === 'undefined') return false;\r\n return isLocalhostHostname(window.location.hostname);\r\n}\r\n\r\nexport function enforceHttps(allowLocalhost: boolean = true): void {\r\n if (typeof window === 'undefined') return;\r\n\r\n const isLocalhostWindow = window.location.hostname === 'localhost' ||\r\n window.location.hostname === '127.0.0.1' ||\r\n window.location.hostname.startsWith('192.168.') ||\r\n window.location.hostname.startsWith('10.') ||\r\n window.location.hostname.startsWith('172.16.');\r\n\r\n const isHttps = window.location.protocol === 'https:';\r\n const isHttp = window.location.protocol === 'http:';\r\n\r\n if (allowLocalhost && isLocalhostWindow && isHttp) {\r\n logger.debug('HTTP allowed on localhost for development');\r\n return;\r\n }\r\n\r\n if (isHttp && !isLocalhostWindow) {\r\n const error = new Error('HTTPS is required for authentication. Please use HTTPS to access this application.');\r\n logger.error('HTTPS enforcement failed', {\r\n protocol: window.location.protocol,\r\n hostname: window.location.hostname,\r\n });\r\n throw error;\r\n }\r\n\r\n logger.debug('HTTPS check passed', { protocol: window.location.protocol });\r\n}\r\n\r\nexport function sanitizeErrorMessage(error: unknown, genericMessage: string): string {\r\n if (isDev()) {\r\n if (error instanceof Error) return error.message;\r\n return String(error);\r\n }\r\n return genericMessage;\r\n}\r\n\r\nexport class SanitizedError extends Error {\r\n public readonly code: string;\r\n public readonly originalMessage?: string;\r\n\r\n constructor(code: string, genericMessage: string, originalError?: unknown) {\r\n super(genericMessage);\r\n this.name = 'SanitizedError';\r\n this.code = code;\r\n if (isDev() && originalError instanceof Error) {\r\n this.originalMessage = originalError.message;\r\n }\r\n }\r\n}\r\n","/**\r\n * Auth lifecycle state machine (domain layer).\r\n * Pure: no I/O, no infrastructure. Used by application to decide which flow to run.\r\n */\r\n\r\nimport type { UrlLike } from './tenant';\r\n\r\n/** Storage reader: (keySuffix) => value. Used for persistence-critical flags only. */\r\nexport type StorageReader = (keySuffix: string) => string | null;\r\n\r\nexport enum AuthLifecycleState {\r\n INITIALIZING = 'INITIALIZING',\r\n PROCESSING_CALLBACK = 'PROCESSING_CALLBACK',\r\n AUTHENTICATED = 'AUTHENTICATED',\r\n TOKEN_EXPIRED = 'TOKEN_EXPIRED',\r\n TENANT_SWITCH = 'TENANT_SWITCH',\r\n LOGIN_REQUIRED = 'LOGIN_REQUIRED',\r\n LOGGED_OUT = 'LOGGED_OUT',\r\n ERROR = 'ERROR',\r\n}\r\n\r\nexport interface ResolveStateInput {\r\n url: UrlLike;\r\n getStorage: StorageReader;\r\n isCallbackUrl: (url: UrlLike) => boolean;\r\n hasValidToken: boolean;\r\n hasToken: boolean;\r\n hasRefreshToken: boolean;\r\n isTokenExpired: boolean;\r\n}\r\n\r\n/**\r\n * Resolves the current auth lifecycle state from URL, storage flags, and token state.\r\n * Pure function: no side effects, no async.\r\n */\r\nexport function resolveAuthLifecycleState(input: ResolveStateInput): AuthLifecycleState {\r\n const {\r\n url,\r\n getStorage,\r\n isCallbackUrl,\r\n hasValidToken,\r\n hasToken,\r\n hasRefreshToken,\r\n isTokenExpired,\r\n } = input;\r\n\r\n const callbackProcessed = getStorage('callback_processed') === 'true';\r\n const tenantSwitched = getStorage('tenant_switched') === 'true';\r\n\r\n if (isCallbackUrl(url)) return AuthLifecycleState.PROCESSING_CALLBACK;\r\n if (hasValidToken) return AuthLifecycleState.AUTHENTICATED;\r\n if (callbackProcessed && !hasToken) return AuthLifecycleState.LOGIN_REQUIRED;\r\n if (hasToken && isTokenExpired && hasRefreshToken) return AuthLifecycleState.TOKEN_EXPIRED;\r\n if (hasToken && isTokenExpired && !hasRefreshToken) return AuthLifecycleState.LOGIN_REQUIRED;\r\n if (tenantSwitched) return AuthLifecycleState.TENANT_SWITCH;\r\n\r\n return AuthLifecycleState.LOGIN_REQUIRED;\r\n}\r\n","/**\r\n * In-memory runtime state for bootstrap and flow control.\r\n * Single source of truth for bootstrap_in_progress, callback_processing, flow_in_progress.\r\n * Re-exports flow-flag API for internal use (replaces utils/flow-flags).\r\n */\r\n\r\nconst BOOTSTRAP_STALE_MS = 5000;\r\n\r\nlet bootstrapInProgress = false;\r\nlet bootstrapTimestamp = 0;\r\n\r\nlet callbackProcessing = false;\r\n\r\nlet flowInProgress = false;\r\nlet flowTimestamp = 0;\r\n\r\nexport function isBootstrapInProgress(): boolean {\r\n if (!bootstrapInProgress) return false;\r\n if (!bootstrapTimestamp) return true;\r\n return Date.now() - bootstrapTimestamp < BOOTSTRAP_STALE_MS;\r\n}\r\n\r\nexport function setBootstrapInProgress(): void {\r\n bootstrapInProgress = true;\r\n bootstrapTimestamp = Date.now();\r\n}\r\n\r\nexport function clearBootstrapInProgress(): void {\r\n bootstrapInProgress = false;\r\n bootstrapTimestamp = 0;\r\n}\r\n\r\nexport function isCallbackProcessing(): boolean {\r\n return callbackProcessing;\r\n}\r\n\r\nexport function setCallbackProcessing(): void {\r\n callbackProcessing = true;\r\n}\r\n\r\nexport function clearCallbackProcessing(): void {\r\n callbackProcessing = false;\r\n}\r\n\r\nexport function isFlowInProgress(): boolean {\r\n return flowInProgress;\r\n}\r\n\r\nexport function getFlowTimestamp(): number | null {\r\n return flowTimestamp || null;\r\n}\r\n\r\nexport function setFlowInProgress(): void {\r\n flowInProgress = true;\r\n flowTimestamp = Date.now();\r\n}\r\n\r\nexport function clearFlowInProgress(): void {\r\n flowInProgress = false;\r\n flowTimestamp = 0;\r\n}\r\n\r\nexport function isFlowFlagStale(thresholdMs: number = 3000): boolean {\r\n if (!flowTimestamp) return true;\r\n return Date.now() - flowTimestamp > thresholdMs;\r\n}\r\n\r\n/** Flow-flag API (clear/set/query). Used by flows and strategy. */\r\nexport function clearFlowFlags(): void {\r\n clearFlowInProgress();\r\n}\r\n\r\nexport function setFlowFlags(): void {\r\n setFlowInProgress();\r\n}\r\n","/**\r\n * Structured auth event emitter for observability and audit.\r\n */\r\n\r\nexport const AuthEventNames = {\r\n LOGIN_STARTED: 'LOGIN_STARTED',\r\n LOGIN_SUCCESS: 'LOGIN_SUCCESS',\r\n LOGIN_FAILED: 'LOGIN_FAILED',\r\n CALLBACK_SUCCESS: 'CALLBACK_SUCCESS',\r\n CALLBACK_FAILED: 'CALLBACK_FAILED',\r\n TOKEN_REFRESH_SUCCESS: 'TOKEN_REFRESH_SUCCESS',\r\n TOKEN_REFRESH_FAILED: 'TOKEN_REFRESH_FAILED',\r\n TENANT_SWITCHED: 'TENANT_SWITCHED',\r\n LOGOUT_COMPLETED: 'LOGOUT_COMPLETED',\r\n BOOTSTRAP_STATE_DETECTED: 'BOOTSTRAP_STATE_DETECTED',\r\n REDIRECT_LOOP_RISK: 'REDIRECT_LOOP_RISK',\r\n} as const;\r\n\r\nexport type AuthEventName = (typeof AuthEventNames)[keyof typeof AuthEventNames];\r\n\r\nexport interface AuthEventPayload {\r\n state?: string;\r\n tenantKey?: string;\r\n error?: string;\r\n message?: string;\r\n [key: string]: unknown;\r\n}\r\n\r\nexport type AuthEventHandler = (payload?: AuthEventPayload) => void;\r\n\r\ntype ListenerMap = Map<AuthEventName | '*', Set<AuthEventHandler>>;\r\n\r\nlet listeners: ListenerMap = new Map();\r\n\r\nfunction getHandlers(event: AuthEventName): Set<AuthEventHandler> {\r\n let set = listeners.get(event);\r\n if (!set) {\r\n set = new Set();\r\n listeners.set(event, set);\r\n }\r\n return set;\r\n}\r\n\r\nfunction getWildcardHandlers(): Set<AuthEventHandler> {\r\n let set = listeners.get('*');\r\n if (!set) {\r\n set = new Set();\r\n listeners.set('*', set);\r\n }\r\n return set;\r\n}\r\n\r\nexport function emitAuthEvent(event: AuthEventName, payload?: AuthEventPayload): void {\r\n const handlers = getHandlers(event);\r\n const wildcard = getWildcardHandlers();\r\n const p = payload ?? {};\r\n handlers.forEach((fn) => {\r\n try {\r\n fn(p);\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n wildcard.forEach((fn) => {\r\n try {\r\n fn({ ...p, event });\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n}\r\n\r\nexport function subscribeAuthEvent(\r\n event: AuthEventName | '*',\r\n handler: AuthEventHandler\r\n): () => void {\r\n const set = event === '*' ? getWildcardHandlers() : getHandlers(event);\r\n set.add(handler);\r\n return () => set.delete(handler);\r\n}\r\n\r\nexport function resetAuthEventListeners(): void {\r\n listeners = new Map();\r\n}\r\n","/**\r\n * OAuth constants and storage keys. No config resolution — pure constants.\r\n */\r\n\r\nexport const OAUTH_CONSTANTS = {\r\n SCOPES: 'openid profile email',\r\n RESPONSE_TYPE: 'code',\r\n CODE_CHALLENGE_METHOD: 'S256',\r\n TOKEN_GRANT_TYPE: 'authorization_code',\r\n REFRESH_GRANT_TYPE: 'refresh_token',\r\n} as const;\r\n\r\nexport const STORAGE_KEY_PREFIX = 'tenneo_auth_';\r\n\r\nexport const STORAGE_KEYS = {\r\n authServerUrl: `${STORAGE_KEY_PREFIX}auth_server_url`,\r\n clientId: `${STORAGE_KEY_PREFIX}client_id`,\r\n redirectUri: `${STORAGE_KEY_PREFIX}redirect_uri`,\r\n tenantId: `${STORAGE_KEY_PREFIX}tenant_id`,\r\n codeVerifier: `${STORAGE_KEY_PREFIX}code_verifier`,\r\n state: `${STORAGE_KEY_PREFIX}state`,\r\n accessToken: `${STORAGE_KEY_PREFIX}access_token`,\r\n refreshToken: `${STORAGE_KEY_PREFIX}refresh_token`,\r\n expiresAt: `${STORAGE_KEY_PREFIX}expires_at`,\r\n} as const;\r\n\r\nexport const DEFAULT_SCOPES = OAUTH_CONSTANTS.SCOPES;\r\nexport const DEFAULT_RESPONSE_TYPE = OAUTH_CONSTANTS.RESPONSE_TYPE;\r\nexport const DEFAULT_CODE_CHALLENGE_METHOD = OAUTH_CONSTANTS.CODE_CHALLENGE_METHOD;\r\nexport const DEFAULT_TOKEN_GRANT_TYPE = OAUTH_CONSTANTS.TOKEN_GRANT_TYPE;\r\nexport const DEFAULT_REFRESH_GRANT_TYPE = OAUTH_CONSTANTS.REFRESH_GRANT_TYPE;\r\n","/**\r\n * Host-driven auth configuration.\r\n *\r\n * Resolution priority (later spread wins — highest priority last):\r\n * storage cache → host bridge → in-memory → explicit overrides.\r\n * Effective authority: runtime memory / host injection; storage is cache-only fallback.\r\n */\r\n\r\nimport type { HostConfigOverride, ResolvedConfig } from './types';\r\nimport { OAUTH_CONSTANTS, STORAGE_KEYS, STORAGE_KEY_PREFIX } from './constants';\r\nimport {\r\n AuthConfigError,\r\n resolveSDKConfig,\r\n resolveConfig,\r\n getAuthConfig as getAuthConfigInternal,\r\n getConfigFieldSources,\r\n getEffectiveTenantCode,\r\n getEffectiveTenantKey,\r\n setConfig,\r\n clearConfigOverrides,\r\n setHostConfigProvider,\r\n writeHostConfigCache,\r\n syncHostConfigCacheFromMemory,\r\n initPlugin,\r\n logConfigResolutionDebug,\r\n} from './resolver-core';\r\n\r\nexport type { SDKConfig, ResolvedConfig, HostConfigOverride, ResolvedHostConfig } from './types';\r\nexport {\r\n OAUTH_CONSTANTS,\r\n STORAGE_KEYS,\r\n STORAGE_KEY_PREFIX,\r\n DEFAULT_SCOPES,\r\n DEFAULT_RESPONSE_TYPE,\r\n DEFAULT_CODE_CHALLENGE_METHOD,\r\n DEFAULT_TOKEN_GRANT_TYPE,\r\n DEFAULT_REFRESH_GRANT_TYPE,\r\n} from './constants';\r\n\r\nexport type { ConfigLayerSource, FieldSourceMap, GetAuthConfigOptions } from './resolver-core';\r\nexport {\r\n AuthConfigError,\r\n resolveSDKConfig,\r\n resolveConfig,\r\n getConfigFieldSources,\r\n getEffectiveTenantCode,\r\n getEffectiveTenantKey,\r\n setConfig,\r\n clearConfigOverrides,\r\n setHostConfigProvider,\r\n writeHostConfigCache,\r\n syncHostConfigCacheFromMemory,\r\n initPlugin,\r\n logConfigResolutionDebug,\r\n};\r\n\r\n/** Resolved config; pass `{ strict: true }` to fail fast if OAuth fields are missing. */\r\nexport function getAuthConfig(options?: import('./resolver-core').GetAuthConfigOptions): ResolvedConfig {\r\n return getAuthConfigInternal(options);\r\n}\r\n\r\n/** Fail fast when authServerUrl, callbackUrl, or tenant are missing. */\r\nexport function requireAuthConfig(overrides?: HostConfigOverride): ResolvedConfig {\r\n return getAuthConfigInternal({ strict: true, overrides });\r\n}\r\n\r\nexport function getConfig(): ResolvedConfig {\r\n return resolveConfig();\r\n}\r\n\r\nexport function getRedirectUri(): string {\r\n const cfg = resolveConfig();\r\n if (cfg.callbackUrl) return cfg.callbackUrl;\r\n if (typeof window !== 'undefined') return `${window.location.origin}/callback`;\r\n return '';\r\n}\r\n\r\nexport function hasRuntimeConfig(): boolean {\r\n const c = resolveConfig();\r\n return !!(c.apiBaseUrl || c.authServerUrl || c.callbackUrl || c.clientCode || c.tenantCode);\r\n}\r\n\r\nexport const Config = {\r\n getApiBaseUrl(): string {\r\n return resolveConfig().apiBaseUrl;\r\n },\r\n\r\n getAuthServerUrl(): string {\r\n return resolveConfig().authServerUrl;\r\n },\r\n\r\n getClientCode(): string {\r\n return resolveConfig().clientCode;\r\n },\r\n\r\n getRedirectUri(): string {\r\n return getRedirectUri();\r\n },\r\n\r\n getAll(): ResolvedConfig {\r\n return resolveConfig();\r\n },\r\n} as const;\r\n\r\n/**\r\n * Apply tenant switch in runtime config (memory + optional cache). Does not read stale snapshots.\r\n */\r\nexport function applyRuntimeTenantSwitch(tenantKey: string, opts?: { syncStorageCache?: boolean }): void {\r\n const t = tenantKey.trim();\r\n if (!t) return;\r\n setConfig({ tenantCode: t, tenantKey: t });\r\n logConfigResolutionDebug('applyRuntimeTenantSwitch', { tenantCode: t, tenantKey: t });\r\n if (opts?.syncStorageCache !== false) {\r\n writeHostConfigCache({ tenantCode: t, tenantKey: t });\r\n }\r\n}\r\n","/**\r\n * Tenant config cache with TTL and in-flight request deduplication.\r\n */\r\n\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { logger } from '../../utils/logger';\r\n\r\nconst DEFAULT_TTL_MS = 5 * 60 * 1000; // 5 minutes\r\n\r\nexport type TenantConfigResolver = (tenantKey: string) => Promise<TenantConfig | null>;\r\n\r\ninterface CacheEntry {\r\n config: TenantConfig;\r\n expiresAt: number;\r\n}\r\n\r\nexport class TenantConfigCache {\r\n private readonly cache = new Map<string, CacheEntry>();\r\n private readonly inFlight = new Map<string, Promise<TenantConfig | null>>();\r\n private readonly ttlMs: number;\r\n\r\n constructor(ttlMs: number = DEFAULT_TTL_MS) {\r\n this.ttlMs = ttlMs;\r\n }\r\n\r\n get(tenantKey: string): TenantConfig | null {\r\n const entry = this.cache.get(tenantKey);\r\n if (!entry) return null;\r\n if (Date.now() >= entry.expiresAt) {\r\n this.cache.delete(tenantKey);\r\n return null;\r\n }\r\n return entry.config;\r\n }\r\n\r\n set(tenantKey: string, config: TenantConfig): void {\r\n this.cache.set(tenantKey, {\r\n config,\r\n expiresAt: Date.now() + this.ttlMs,\r\n });\r\n }\r\n\r\n invalidate(tenantKey?: string): void {\r\n if (tenantKey) {\r\n this.cache.delete(tenantKey);\r\n this.inFlight.delete(tenantKey);\r\n } else {\r\n this.cache.clear();\r\n this.inFlight.clear();\r\n }\r\n }\r\n\r\n async getOrResolve(\r\n tenantKey: string,\r\n resolver: TenantConfigResolver\r\n ): Promise<TenantConfig | null> {\r\n if (!tenantKey || !tenantKey.trim()) return null;\r\n\r\n const key = tenantKey.trim();\r\n const cached = this.get(key);\r\n if (cached) {\r\n logger.debug('Tenant config from cache', { tenantKey: key });\r\n return cached;\r\n }\r\n\r\n const existing = this.inFlight.get(key);\r\n if (existing) {\r\n logger.debug('Tenant resolution reused (in-flight)', { tenantKey: key });\r\n return existing;\r\n }\r\n\r\n const promise = (async (): Promise<TenantConfig | null> => {\r\n try {\r\n const config = await resolver(key);\r\n if (config) this.set(key, config);\r\n return config;\r\n } finally {\r\n this.inFlight.delete(key);\r\n }\r\n })();\r\n\r\n this.inFlight.set(key, promise);\r\n return promise;\r\n }\r\n}\r\n","/**\r\n * Tenant resolution helpers: API + ENV fallback + props merge.\r\n * Uses TenantConfigCache for TTL and deduplication.\r\n *\r\n * Tenant key order: transient props_config → effective runtime/host config (memory/bridge/cache).\r\n */\r\n\r\nimport { getStorage, removeStorage, getStorageKey } from '../storage/index';\r\nimport { logger } from '../../utils/logger';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport type { TenantResolver } from '../runtime/types';\r\nimport { TenantConfigCache } from './TenantConfigCache';\r\nimport { getEffectiveTenantCode } from '../../config/resolver-core';\r\n\r\nconst defaultTenantConfigCache = new TenantConfigCache();\r\n\r\ninterface PropsConfigShape {\r\n tenantKey?: string;\r\n}\r\n\r\nfunction consumePropsConfig(): PropsConfigShape | null {\r\n const propsConfigKey = getStorageKey('props_config');\r\n try {\r\n const propsConfigStr = getStorage(propsConfigKey);\r\n if (!propsConfigStr) return null;\r\n const parsed = JSON.parse(propsConfigStr) as PropsConfigShape;\r\n return parsed && typeof parsed === 'object' ? parsed : null;\r\n } catch {\r\n return null;\r\n } finally {\r\n removeStorage(propsConfigKey);\r\n }\r\n}\r\n\r\nfunction validateTenantKey(value: unknown): string | null {\r\n if (typeof value !== 'string') return null;\r\n const trimmed = value.trim();\r\n return trimmed ? trimmed : null;\r\n}\r\n\r\nexport function resolveTenantKey(): string | null {\r\n const propsConfig = consumePropsConfig();\r\n const tenantFromProps = validateTenantKey(propsConfig?.tenantKey);\r\n if (tenantFromProps) {\r\n logger.debug('[tenant] Resolved tenant from props_config', { tenantKey: tenantFromProps });\r\n return tenantFromProps;\r\n }\r\n\r\n const fromHost = validateTenantKey(getEffectiveTenantCode());\r\n if (fromHost) {\r\n logger.debug('[tenant] Resolved tenant from host/runtime config', { tenantKey: fromHost });\r\n return fromHost;\r\n }\r\n\r\n logger.warn('[tenant] Unable to resolve tenant key (props + host/runtime empty)');\r\n return null;\r\n}\r\n\r\nexport async function resolveTenantConfig(\r\n tenantKey: string,\r\n tenantResolver: TenantResolver\r\n): Promise<TenantConfig | null> {\r\n const resolved = await tenantResolver.resolve(tenantKey);\r\n if (!resolved) return null;\r\n return { ...resolved, tenantKey };\r\n}\r\n\r\nexport async function resolveTenantConfigCached(\r\n tenantKey: string,\r\n tenantResolver: TenantResolver\r\n): Promise<TenantConfig | null> {\r\n return defaultTenantConfigCache.getOrResolve(tenantKey, (key) =>\r\n resolveTenantConfig(key, tenantResolver)\r\n );\r\n}\r\n\r\nexport function getTenantConfigCache(): TenantConfigCache {\r\n return defaultTenantConfigCache;\r\n}\r\n","/**\r\n * Runtime-backed facade for domain tenant/callback helpers.\r\n * Provides extractTenantKey(), isCallbackUrl(), isLocalhost() for public API and internal use.\r\n * Uses runtime when set; falls back to window for backward compatibility.\r\n */\r\n\r\nimport { getAuthRuntime } from '../infrastructure/runtime/context';\r\nimport { resolveTenantKey } from '../infrastructure/tenant/tenantResolution';\r\nimport {\r\n isLocalhost as domainIsLocalhost,\r\n isCallbackUrlFromUrl,\r\n} from '../domain/tenant';\r\n\r\nexport { isCallbackUrlFromUrl } from '../domain/tenant';\r\n\r\nexport function isLocalhost(): boolean {\r\n const runtime = getAuthRuntime();\r\n const hostname = runtime\r\n ? runtime.urlProvider.getCurrentUrl().hostname\r\n : (typeof window !== 'undefined' ? window.location.hostname : '');\r\n return domainIsLocalhost(hostname);\r\n}\r\n\r\nexport function extractTenantKey(): string | null {\r\n return resolveTenantKey();\r\n}\r\n\r\nexport function isCallbackUrl(): boolean {\r\n const runtime = getAuthRuntime();\r\n if (runtime) return isCallbackUrlFromUrl(runtime.urlProvider.getCurrentUrl());\r\n if (typeof window === 'undefined') return false;\r\n const params = new URLSearchParams(window.location.search);\r\n return params.has('code') && params.has('state');\r\n}\r\n","/**\r\n * OAuth2 PKCE token exchange and refresh.\r\n * Strategy-owned implementation; uses API_AUTH_BASE_URL only.\r\n */\r\n\r\nimport {\r\n setStorage,\r\n getStorageAdapter,\r\n removeStorage,\r\n STORAGE_KEYS,\r\n getRefreshToken,\r\n getClientId,\r\n getTenantId,\r\n isAccessTokenExpired,\r\n getAccessToken as getStoredAccessToken,\r\n} from '../../infrastructure/storage/index';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { Config, DEFAULT_TOKEN_GRANT_TYPE, DEFAULT_REFRESH_GRANT_TYPE } from '../../config';\r\nimport { logger } from '../../utils/logger';\r\nimport { isLocalhost } from '../../application/domain-facade';\r\nimport type { TokenResponse } from '../../domain/auth-state';\r\n\r\nexport interface ExchangeTokenParams {\r\n code: string;\r\n codeVerifier: string;\r\n clientId: string;\r\n redirectUri: string;\r\n tenantId: string;\r\n}\r\n\r\nfunction storeTokens(tokenData: TokenResponse): void {\r\n const expiresIn = tokenData.expires_in || 3600;\r\n const expiresAt = Date.now() + expiresIn * 1000;\r\n\r\n const adapter = getStorageAdapter();\r\n if (adapter?.setTokensSync) {\r\n adapter.setTokensSync({\r\n accessToken: tokenData.access_token,\r\n refreshToken: tokenData.refresh_token,\r\n expiresAt,\r\n });\r\n }\r\n setStorage(STORAGE_KEYS.accessToken, tokenData.access_token);\r\n setStorage(STORAGE_KEYS.refreshToken, tokenData.refresh_token);\r\n setStorage(STORAGE_KEYS.expiresAt, expiresAt.toString());\r\n\r\n if (isLocalhost()) {\r\n logger.debug('Tokens stored successfully', {\r\n expiresAt: new Date(expiresAt).toISOString(),\r\n expiresIn,\r\n });\r\n } else {\r\n logger.info('Tokens stored successfully');\r\n }\r\n}\r\n\r\nexport async function exchangeCodeForTokens(params: ExchangeTokenParams): Promise<TokenResponse> {\r\n try {\r\n const { code, codeVerifier, clientId, redirectUri } = params;\r\n const apiAuthBaseUrl = Config.getAuthServerUrl();\r\n const tokenUrl = `${apiAuthBaseUrl}/oauth/token`;\r\n\r\n const body = new URLSearchParams({\r\n grant_type: DEFAULT_TOKEN_GRANT_TYPE,\r\n code,\r\n client_id: `public-${clientId}`,\r\n redirect_uri: redirectUri,\r\n code_verifier: codeVerifier,\r\n });\r\n\r\n const response = await fetch(tokenUrl, {\r\n method: 'POST',\r\n headers: { 'Content-Type': 'application/x-www-form-urlencoded' },\r\n body: body.toString(),\r\n });\r\n\r\n if (!response.ok) {\r\n const responseData = await response.json().catch(() => ({}));\r\n logger.error('Token exchange failed', {\r\n status: response.status,\r\n statusText: response.statusText,\r\n responseData,\r\n requestUrl: tokenUrl,\r\n });\r\n throw new Error(\r\n `Token exchange failed: ${response.status} ${response.statusText}${Object.keys(responseData).length ? ` - ${JSON.stringify(responseData)}` : ''}`\r\n );\r\n }\r\n\r\n const tokenData = (await response.json()) as TokenResponse;\r\n\r\n if (!tokenData.access_token || !tokenData.refresh_token || !tokenData.expires_in) {\r\n logger.error('Invalid token response received');\r\n throw new Error('Invalid token response');\r\n }\r\n\r\n storeTokens(tokenData);\r\n return tokenData;\r\n } catch (error) {\r\n const isAborted = error instanceof Error && error.name === 'AbortError';\r\n if (isAborted) {\r\n logger.warn('Token exchange request canceled (likely due to navigation or component unmount)');\r\n const existingToken = getStoredAccessToken();\r\n if (existingToken && !isAccessTokenExpired()) {\r\n return {\r\n access_token: existingToken,\r\n refresh_token: getRefreshToken() || '',\r\n expires_in: 3600,\r\n } as TokenResponse;\r\n }\r\n throw new Error('Token exchange request was canceled');\r\n }\r\n logger.error('Token exchange failed', {\r\n message: error instanceof Error ? error.message : String(error),\r\n });\r\n throw error;\r\n }\r\n}\r\n\r\nlet refreshPromise: Promise<string> | null = null;\r\n\r\nexport async function refreshAccessToken(): Promise<string> {\r\n if (refreshPromise) return refreshPromise;\r\n\r\n refreshPromise = (async (): Promise<string> => {\r\n try {\r\n const refreshToken = getRefreshToken();\r\n const clientId = getClientId();\r\n const tenantId = getTenantId();\r\n\r\n logger.debug('Token refresh - collected data', {\r\n hasRefreshToken: !!refreshToken,\r\n clientId,\r\n tenantId,\r\n });\r\n\r\n if (!refreshToken || !clientId || !tenantId) {\r\n logger.error('Token refresh failed: missing required data', {\r\n hasRefreshToken: !!refreshToken,\r\n hasClientId: !!clientId,\r\n hasTenantId: !!tenantId,\r\n });\r\n throw new Error('Cannot refresh token: missing required data');\r\n }\r\n\r\n const apiAuthBaseUrl = Config.getApiBaseUrl();\r\n const tokenUrl = `${apiAuthBaseUrl}/oauth/refresh`;\r\n\r\n const body = new URLSearchParams({\r\n grant_type: DEFAULT_REFRESH_GRANT_TYPE,\r\n refresh_token: refreshToken,\r\n client_id: clientId.startsWith('public-') ? clientId : `public-${clientId}`,\r\n tenant_id: tenantId,\r\n });\r\n\r\n const response = await fetch(tokenUrl, {\r\n method: 'POST',\r\n headers: {\r\n 'Content-Type': 'application/x-www-form-urlencoded',\r\n 'Accept': 'application/json',\r\n },\r\n body: body.toString(),\r\n });\r\n\r\n if (!response.ok) {\r\n const responseData = (await response.json().catch(() => ({}))) as Record<string, unknown>;\r\n const isExpiredOrInvalidGrant =\r\n response.status === 401 ||\r\n (responseData?.error === 'invalid_grant') ||\r\n (typeof responseData?.error_description === 'string' &&\r\n (responseData.error_description.includes('expired') || responseData.error_description.includes('invalid')));\r\n\r\n if (isExpiredOrInvalidGrant) {\r\n removeStorage(STORAGE_KEYS.refreshToken);\r\n removeStorage(STORAGE_KEYS.accessToken);\r\n removeStorage(STORAGE_KEYS.expiresAt);\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_FAILED, {\r\n error: 'Refresh token expired or invalid',\r\n message: String(responseData?.error_description ?? responseData?.error ?? 'Token refresh failed'),\r\n });\r\n }\r\n\r\n logger.error('Token refresh failed', {\r\n status: response.status,\r\n statusText: response.statusText,\r\n responseData,\r\n requestUrl: tokenUrl,\r\n });\r\n throw new Error(\r\n `Token refresh failed: ${response.status} ${response.statusText}${Object.keys(responseData).length ? ` - ${JSON.stringify(responseData)}` : ''}`\r\n );\r\n }\r\n\r\n const tokenData = (await response.json()) as TokenResponse;\r\n\r\n if (!tokenData.access_token || !tokenData.refresh_token) {\r\n logger.error('Invalid refresh token response received');\r\n throw new Error('Invalid refresh token response');\r\n }\r\n\r\n storeTokens(tokenData);\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_SUCCESS);\r\n return tokenData.access_token;\r\n } catch (error) {\r\n if (error instanceof Error) {\r\n logger.error('Token refresh failed', { message: error.message });\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_FAILED, { error: error.message });\r\n }\r\n throw error;\r\n } finally {\r\n refreshPromise = null;\r\n }\r\n })();\r\n\r\n return refreshPromise;\r\n}\r\n","/**\r\n * PKCE (Proof Key for Code Exchange) utilities\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\n/**\r\n * Generates a random code verifier for PKCE\r\n * @param length Length of the code verifier (default: 128)\r\n * @returns Base64URL-encoded random string\r\n */\r\nexport function generateCodeVerifier(length: number = 128): string {\r\n const array = new Uint8Array(length);\r\n crypto.getRandomValues(array);\r\n\r\n const base64 = btoa(String.fromCharCode(...array));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n}\r\n\r\n/**\r\n * Generates code challenge from code verifier using SHA-256\r\n */\r\nexport async function generateCodeChallenge(verifier: string): Promise<string> {\r\n try {\r\n const encoder = new TextEncoder();\r\n const data = encoder.encode(verifier);\r\n const hashBuffer = await crypto.subtle.digest('SHA-256', data);\r\n const hashArray = Array.from(new Uint8Array(hashBuffer));\r\n const base64 = btoa(String.fromCharCode(...hashArray));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n } catch {\r\n throw new Error('Failed to generate code challenge');\r\n }\r\n}\r\n\r\n/**\r\n * Generates a random state parameter for OAuth flow\r\n */\r\nexport function generateState(): string {\r\n const array = new Uint8Array(32);\r\n crypto.getRandomValues(array);\r\n const base64 = btoa(String.fromCharCode(...array));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n}\r\n","/**\r\n * Validation utilities\r\n */\r\n\r\n/**\r\n * Validates if a string is a valid GUID format\r\n * @param guid GUID string to validate\r\n * @returns True if valid GUID format, false otherwise\r\n */\r\nexport function isValidGuid(guid: string): boolean {\r\n if (!guid || typeof guid !== 'string') {\r\n return false;\r\n }\r\n \r\n const guidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;\r\n return guidRegex.test(guid.trim());\r\n}\r\n\r\n/**\r\n * Validates tenant ID (must be a valid GUID)\r\n * @param tenantId Tenant ID to validate\r\n * @returns Validation result with isValid flag and error message\r\n */\r\nexport function validateTenantId(tenantId: string | null | undefined): { isValid: boolean; error?: string } {\r\n if (!tenantId || tenantId.trim() === '') {\r\n return {\r\n isValid: false,\r\n error: 'Tenant ID is required',\r\n };\r\n }\r\n \r\n if (!isValidGuid(tenantId)) {\r\n return {\r\n isValid: false,\r\n error: 'Tenant ID must be a valid GUID format (00000000-0000-0000-0000-000000000001)',\r\n };\r\n }\r\n \r\n return { isValid: true };\r\n}\r\n\r\n","/**\r\n * Redirect loop protection: limit consecutive redirect attempts to IdP.\r\n */\r\n\r\nimport { emitAuthEvent, AuthEventNames } from '../events/AuthEvents';\r\n\r\nconst DEFAULT_MAX_REDIRECTS = 5;\r\nconst WINDOW_MS = 60 * 1000;\r\n\r\nlet redirectCount = 0;\r\nlet firstRedirectAt = 0;\r\n\r\nexport const MAX_REDIRECT_ATTEMPTS = DEFAULT_MAX_REDIRECTS;\r\n\r\nexport function getRedirectAttemptCount(): number {\r\n return redirectCount;\r\n}\r\n\r\nexport function incrementRedirectAttempt(): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n redirectCount++;\r\n return redirectCount <= DEFAULT_MAX_REDIRECTS;\r\n}\r\n\r\nexport function shouldAllowRedirect(maxAttempts: number = DEFAULT_MAX_REDIRECTS): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n return redirectCount < maxAttempts;\r\n}\r\n\r\nexport function resetRedirectLoopGuard(): void {\r\n redirectCount = 0;\r\n firstRedirectAt = 0;\r\n}\r\n\r\nexport function checkAndIncrementRedirect(maxAttempts: number = DEFAULT_MAX_REDIRECTS): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n if (redirectCount >= maxAttempts) {\r\n emitAuthEvent(AuthEventNames.REDIRECT_LOOP_RISK, {\r\n message: `Redirect attempt limit (${maxAttempts}) exceeded`,\r\n });\r\n return false;\r\n }\r\n redirectCount++;\r\n return true;\r\n}\r\n","/**\r\n * OAuth authorization flow implementation\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\nimport {\r\n setStorage,\r\n removeStorage,\r\n STORAGE_KEYS,\r\n getStorageKey,\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n} from '../../infrastructure/storage/index';\r\nimport { getAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport { generateCodeVerifier, generateCodeChallenge, generateState } from './pkce';\r\nimport {\r\n Config,\r\n DEFAULT_CODE_CHALLENGE_METHOD,\r\n DEFAULT_RESPONSE_TYPE,\r\n writeHostConfigCache,\r\n} from '../../config';\r\nimport { validateTenantId } from '../../utils/validation';\r\nimport { logger } from '../../utils/logger';\r\nimport { isLocalhost, isCallbackUrl } from '../../application/domain-facade';\r\nimport {\r\n clearFlowFlags,\r\n setFlowFlags,\r\n isFlowInProgress,\r\n isFlowFlagStale,\r\n clearCallbackProcessing,\r\n} from '../../application/lifecycle-state';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { checkAndIncrementRedirect } from '../../application/security/redirectLoopGuard';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\n\r\nexport function storeTenantConfig(config: TenantConfig): void {\r\n const validation = validateTenantId(config.tenantId);\r\n if (!validation.isValid) {\r\n logger.warn('Tenant ID validation failed', { tenantId: config.tenantId });\r\n }\r\n\r\n const authServerToStore = Config.getAuthServerUrl() || config.authServer;\r\n const redirectUriToStore = Config.getRedirectUri();\r\n writeHostConfigCache({\r\n authServerUrl: authServerToStore,\r\n clientId: config.client.clientId,\r\n clientCode: config.client.clientCode ?? config.client.clientId,\r\n redirectUri: redirectUriToStore,\r\n callbackUrl: redirectUriToStore,\r\n tenantId: config.tenantId,\r\n tenantKey: config.tenantKey ?? '',\r\n tenantCode: config.tenantKey ?? '',\r\n });\r\n if (config.tenantKey) {\r\n setStorage(STORAGE_KEYS.tenantKey, config.tenantKey);\r\n }\r\n}\r\n\r\nexport async function initiateAuthFlow(config: TenantConfig): Promise<void> {\r\n try {\r\n logger.info('Initiating OAuth authorization flow');\r\n\r\n const authServerFromProps = Config.getAuthServerUrl();\r\n const authServerEffective = (authServerFromProps || config?.authServer || '').replace(/\\/+$/, '');\r\n const redirectUriEffective = Config.getRedirectUri();\r\n const tenantIdEffective = config?.tenantId || '';\r\n const clientIdEffective = config?.client?.clientId || '';\r\n\r\n logger.debug('[initiateAuthFlow] Resolved inputs', {\r\n authServerFromProps: authServerFromProps ? '(provided)' : '(empty)',\r\n authServerEffective,\r\n redirectUriEffective,\r\n tenantIdEffective,\r\n clientIdEffective,\r\n scopes: config?.client?.scopes,\r\n hasRuntime: !!getAuthRuntime(),\r\n });\r\n\r\n const token = getAccessToken();\r\n if (token && !isAccessTokenExpired()) {\r\n logger.debug('Valid token already exists, skipping auth flow');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n if (isCallbackUrl()) {\r\n logger.debug('Callback URL detected - clearing flow flag to allow callback processing');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n if (isFlowInProgress()) {\r\n if (isFlowFlagStale(3000)) {\r\n logger.info('Stale auth flow flag detected, clearing and proceeding');\r\n clearFlowFlags();\r\n } else {\r\n logger.debug('Auth flow already in progress (recent), skipping duplicate redirect');\r\n return;\r\n }\r\n }\r\n\r\n setFlowFlags();\r\n\r\n if (\r\n !(Config.getAuthServerUrl() || config?.authServer) ||\r\n !config.client?.clientId ||\r\n !config.client?.redirectUri\r\n ) {\r\n logger.error('[initiateAuthFlow] Missing required tenant config', {\r\n authServerEffective,\r\n clientId: config?.client?.clientId,\r\n redirectUriFromTenantApi: config?.client?.redirectUri,\r\n redirectUriEffective,\r\n });\r\n throw new Error('Invalid tenant configuration for auth flow');\r\n }\r\n\r\n storeTenantConfig(config);\r\n\r\n logger.debug('[initiateAuthFlow] Stored tenant config, generating PKCE');\r\n // Fresh login attempt must not be blocked by stale callback markers.\r\n removeStorage(getStorageKey('callback_processed'));\r\n removeStorage(getStorageKey('state_mismatch'));\r\n clearCallbackProcessing();\r\n\r\n const codeVerifier = generateCodeVerifier();\r\n const codeChallenge = await generateCodeChallenge(codeVerifier);\r\n const state = generateState();\r\n\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n setStorage(STORAGE_KEYS.codeVerifier, codeVerifier);\r\n setStorage(STORAGE_KEYS.state, state);\r\n\r\n const authUrl = buildAuthorizationUrl(config, codeChallenge, state);\r\n logger.debug('[initiateAuthFlow] Built authorization URL', {\r\n authServerEffective,\r\n urlPrefix: authUrl?.slice(0, 80),\r\n });\r\n\r\n if (\r\n !authUrl ||\r\n !(authUrl.startsWith('http://') || authUrl.startsWith('https://'))\r\n ) {\r\n throw new Error('Invalid authorization URL generated');\r\n }\r\n\r\n if (!checkAndIncrementRedirect()) {\r\n logger.warn('Redirect loop protection: max redirect attempts exceeded');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n logger.info('Redirecting to authorization server');\r\n emitAuthEvent(AuthEventNames.LOGIN_STARTED, { tenantKey: config.tenantKey });\r\n\r\n const runtime = getAuthRuntime();\r\n if (runtime) {\r\n logger.debug('[initiateAuthFlow] Redirect via runtime.urlProvider.redirect');\r\n runtime.urlProvider.redirect(authUrl);\r\n } else if (typeof window !== 'undefined') {\r\n logger.debug('[initiateAuthFlow] Redirect via window.location.replace');\r\n window.location.replace(authUrl);\r\n } else {\r\n logger.error('[initiateAuthFlow] No runtime and no window; cannot redirect', { authUrl });\r\n }\r\n } catch (error) {\r\n clearFlowFlags();\r\n logger.error('Failed to initiate auth flow', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n throw error;\r\n }\r\n}\r\n\r\nfunction buildAuthorizationUrl(\r\n config: TenantConfig,\r\n codeChallenge: string,\r\n state: string,\r\n): string {\r\n const authServerBase = (Config.getAuthServerUrl() || config.authServer || '').replace(/\\/+$/, '');\r\n if (isLocalhost()) {\r\n logger.debug('Building authorization URL', {\r\n authServer: authServerBase,\r\n clientId: config.client.clientId,\r\n redirectUri: config.client.redirectUri,\r\n scopes: config.client.scopes,\r\n });\r\n }\r\n\r\n const tenantIdToUse = config.tenantId;\r\n const clientIdToUse = config.client.clientId;\r\n // Static redirect URI: always host + '/callback'\r\n const redirectUriToUse = Config.getRedirectUri();\r\n\r\n const params = new URLSearchParams({\r\n client_id: `public-${clientIdToUse}`,\r\n tenant_id: tenantIdToUse,\r\n redirect_uri: redirectUriToUse,\r\n response_type: DEFAULT_RESPONSE_TYPE,\r\n scope: config.client.scopes,\r\n state,\r\n code_challenge: codeChallenge,\r\n code_challenge_method: DEFAULT_CODE_CHALLENGE_METHOD,\r\n });\r\n\r\n return `${authServerBase}/connect/authorize?${params.toString()}`;\r\n}\r\n\r\nexport function isAuthenticated(): boolean {\r\n const token = getAccessToken();\r\n return !!token && !isAccessTokenExpired();\r\n}\r\n","/**\r\n * OAuth callback handling\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\nimport {\r\n getState,\r\n getCodeVerifier,\r\n getClientId,\r\n getRedirectUri,\r\n getTenantId,\r\n removeStorage,\r\n getStorage,\r\n setStorage,\r\n STORAGE_KEYS,\r\n getStorageKey,\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n getTenantKey,\r\n setTenantKey,\r\n clearAllStorage,\r\n} from '../../infrastructure/storage/index';\r\nimport { normalizeClientIdForOAuthTokenBody } from '../../config/host-fields';\r\nimport { exchangeCodeForTokens } from './token-exchange';\r\nimport { storeTenantConfig } from './oauth';\r\nimport { isCallbackUrl, extractTenantKey } from '../../application/domain-facade';\r\nimport { logger } from '../../utils/logger';\r\nimport { clearFlowFlags } from '../../application/lifecycle-state';\r\nimport { resolveTenantKey } from '../../infrastructure/tenant/tenantResolution';\r\nimport { getAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport {\r\n isCallbackProcessing,\r\n setCallbackProcessing,\r\n clearCallbackProcessing,\r\n} from '../../application/lifecycle-state';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { resetRedirectLoopGuard } from '../../application/security/redirectLoopGuard';\r\nimport axios from 'axios';\r\n\r\nfunction isProcessed(): boolean {\r\n return getStorage(getStorageKey('callback_processed')) === 'true';\r\n}\r\n\r\nfunction isProcessing(): boolean {\r\n return isCallbackProcessing();\r\n}\r\n\r\nfunction markProcessing(): void {\r\n setCallbackProcessing();\r\n}\r\n\r\nfunction markProcessed(): void {\r\n setStorage(getStorageKey('callback_processed'), 'true');\r\n clearCallbackProcessing();\r\n}\r\n\r\nfunction clearProcessing(): void {\r\n clearCallbackProcessing();\r\n removeStorage(getStorageKey('callback_processed'));\r\n}\r\n\r\nlet urlCleaned = false;\r\n\r\nfunction cleanUrl(): void {\r\n if (urlCleaned) return;\r\n if (isProcessing()) return;\r\n const runtime = getAuthRuntime();\r\n const clean = runtime\r\n ? `${runtime.urlProvider.getCurrentUrl().origin}${runtime.urlProvider.getCurrentUrl().pathname}`\r\n : (typeof window !== 'undefined' ? `${window.location.origin}${window.location.pathname}` : '/');\r\n if (runtime) runtime.urlProvider.redirect(clean);\r\n else if (typeof window !== 'undefined') window.location.replace(clean);\r\n urlCleaned = true;\r\n}\r\n\r\nfunction cleanUrlSoft(): void {\r\n if (urlCleaned) return;\r\n if (isProcessing()) return;\r\n const runtime = getAuthRuntime();\r\n const clean = runtime\r\n ? `${runtime.urlProvider.getCurrentUrl().origin}${runtime.urlProvider.getCurrentUrl().pathname}`\r\n : (typeof window !== 'undefined' ? `${window.location.origin}${window.location.pathname}` : '/');\r\n if (runtime) runtime.urlProvider.replaceState(clean);\r\n else if (typeof window !== 'undefined') window.history.replaceState({}, typeof document !== 'undefined' ? document.title : '', clean);\r\n urlCleaned = true;\r\n}\r\n\r\nfunction clearAllAuthFlags(): void {\r\n clearFlowFlags();\r\n}\r\n\r\n/**\r\n * When host_config is missing clientId (wrong storage prefix, partial cache, etc.) but we still\r\n * have tenant + PKCE, re-resolve tenant and persist OAuth fields before token exchange.\r\n */\r\nasync function tryRecoverOAuthConfigFromTenant(): Promise<{\r\n clientId: string | null;\r\n redirectUri: string | null;\r\n tenantId: string | null;\r\n} | null> {\r\n const runtime = getAuthRuntime();\r\n const tenantKey = (resolveTenantKey() ?? getTenantKey() ?? '').trim();\r\n if (!runtime?.tenantResolver || !tenantKey) {\r\n logger.debug('[Callback] OAuth config recovery skipped — no tenantResolver or tenantKey', {\r\n hasResolver: !!runtime?.tenantResolver,\r\n tenantKey: tenantKey || '(empty)',\r\n });\r\n return null;\r\n }\r\n try {\r\n const tc = await runtime.tenantResolver.resolve(tenantKey);\r\n if (!tc?.client?.clientId || !tc.tenantId) {\r\n logger.warn('[Callback] OAuth config recovery: tenant resolve missing client or tenantId', {\r\n tenantKey,\r\n });\r\n return null;\r\n }\r\n storeTenantConfig(tc);\r\n return {\r\n clientId: tc.client.clientId.trim() || null,\r\n redirectUri: tc.client.redirectUri?.trim() || getRedirectUri(),\r\n tenantId: tc.tenantId.trim() || null,\r\n };\r\n } catch (e) {\r\n logger.warn('[Callback] OAuth config recovery: tenant re-resolve failed', {\r\n tenantKey,\r\n error: e instanceof Error ? e.message : String(e),\r\n });\r\n return null;\r\n }\r\n}\r\n\r\nexport async function handleCallback(): Promise<boolean> {\r\n const runtimeSearch = getAuthRuntime()?.urlProvider.getCurrentUrl().search;\r\n const windowSearch = typeof window !== 'undefined' ? window.location.search : '';\r\n logger.debug('[Callback] handleCallback invoked', {\r\n isProcessed: isProcessed(),\r\n isProcessing: isProcessing(),\r\n isCallbackUrl: isCallbackUrl(),\r\n runtimeSearch: runtimeSearch ?? '(none)',\r\n windowSearch: windowSearch || '(none)',\r\n });\r\n\r\n if (isProcessed()) {\r\n logger.warn('[Callback] Early exit: callback already processed');\r\n if (isCallbackUrl()) {\r\n if (!isProcessing()) cleanUrlSoft();\r\n }\r\n clearFlowFlags();\r\n return true;\r\n }\r\n\r\n if (isProcessing()) {\r\n logger.warn('[Callback] Early exit: callback processing already in progress');\r\n return true;\r\n }\r\n\r\n const storedTenantKey = getTenantKey();\r\n const currentTenantKey = resolveTenantKey() ?? storedTenantKey;\r\n\r\n if (currentTenantKey && storedTenantKey && currentTenantKey !== storedTenantKey) {\r\n logger.warn('[Callback] Early exit: tenant key changed before exchange', {\r\n currentTenantKey,\r\n storedTenantKey,\r\n });\r\n clearAllStorage();\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n setStorage(getStorageKey('tenant_switched'), 'true');\r\n setStorage(getStorageKey('new_tenant_key'), currentTenantKey);\r\n setTenantKey(currentTenantKey);\r\n if (isCallbackUrl()) cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n if (!isCallbackUrl()) {\r\n logger.warn('[Callback] Early exit: URL is not callback URL');\r\n return false;\r\n }\r\n\r\n markProcessing();\r\n clearFlowFlags();\r\n urlCleaned = false;\r\n\r\n try {\r\n const search = getAuthRuntime()?.urlProvider.getCurrentUrl().search ?? (typeof window !== 'undefined' ? window.location.search : '');\r\n const params = new URLSearchParams(search);\r\n const code = params.get('code');\r\n const state = params.get('state');\r\n const error = params.get('error');\r\n\r\n if (error || !code || !state) {\r\n logger.error('[Callback] Early exit: invalid OAuth callback params', { error, code, state });\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n const storedState = getState();\r\n if (!storedState || storedState !== state) {\r\n const currentTenantKeyFromUrl = extractTenantKey();\r\n const resolvedTenantKey = resolveTenantKey();\r\n const tenantKeyChanged = currentTenantKeyFromUrl && resolvedTenantKey && currentTenantKeyFromUrl !== resolvedTenantKey;\r\n if (tenantKeyChanged) {\r\n logger.warn('[Callback] Early exit: state mismatch due to tenant key change');\r\n } else {\r\n logger.error('[Callback] Early exit: OAuth state mismatch - redirecting to login');\r\n }\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n cleanUrlSoft();\r\n setStorage(getStorageKey('state_mismatch'), 'true');\r\n return false;\r\n }\r\n\r\n const codeVerifier = getCodeVerifier();\r\n if (!codeVerifier) {\r\n logger.error('[Callback] Early exit: missing PKCE verifier');\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n let clientId = getClientId();\r\n let redirectUri = getRedirectUri();\r\n let tenantId = getTenantId();\r\n\r\n if (!clientId || !redirectUri || !tenantId) {\r\n logger.warn('[Callback] OAuth config incomplete — attempting tenant re-resolve', {\r\n hasClientId: !!clientId,\r\n hasRedirectUri: !!redirectUri,\r\n hasTenantId: !!tenantId,\r\n });\r\n const recovered = await tryRecoverOAuthConfigFromTenant();\r\n if (recovered) {\r\n if (!redirectUri) redirectUri = recovered.redirectUri;\r\n if (!tenantId) tenantId = recovered.tenantId;\r\n // Prefer normalized reader after storeTenantConfig refreshed host_config\r\n clientId =\r\n getClientId() ?? normalizeClientIdForOAuthTokenBody(recovered.clientId) ?? null;\r\n }\r\n }\r\n\r\n if (!clientId || !redirectUri || !tenantId) {\r\n logger.error('[Callback] Early exit: missing OAuth config during callback', {\r\n hasClientId: !!clientId,\r\n hasRedirectUri: !!redirectUri,\r\n hasTenantId: !!tenantId,\r\n });\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n // Best practice: skip exchange if we already have a valid token (avoids duplicate / \"code already used\")\r\n const existingToken = getAccessToken();\r\n if (existingToken && !isAccessTokenExpired()) {\r\n logger.warn('[Callback] Early exit: valid token already exists - skipping code exchange');\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrlSoft();\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n\r\n logger.info('[Callback] Entering token exchange');\r\n const tokenData = await exchangeCodeForTokens({\r\n code,\r\n codeVerifier,\r\n clientId,\r\n redirectUri,\r\n tenantId,\r\n });\r\n\r\n if (!tokenData?.access_token) {\r\n logger.error('Token exchange returned no access token');\r\n clearProcessing();\r\n clearAllAuthFlags();\r\n cleanUrlSoft();\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, { message: 'No access token returned' });\r\n return false;\r\n }\r\n\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrlSoft();\r\n\r\n logger.info('OAuth callback processed successfully');\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n } catch (err) {\r\n if (axios.isAxiosError(err)) {\r\n const status = err.response?.status;\r\n const responseData = err.response?.data as { error?: string; error_description?: string; details?: string } | undefined;\r\n const errorCode = responseData?.error;\r\n const errorDescription = responseData?.error_description || responseData?.details || '';\r\n\r\n if (\r\n status === 400 &&\r\n errorCode === 'invalid_grant' &&\r\n (String(errorDescription).includes('already used') ||\r\n String(errorDescription).includes('Code not found') ||\r\n String(errorDescription).includes('expired, already used'))\r\n ) {\r\n const existingToken = getAccessToken();\r\n const tokenValid = existingToken && !isAccessTokenExpired();\r\n if (tokenValid) {\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrlSoft();\r\n logger.info('OAuth callback processed successfully (code already used, but token exists)');\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n }\r\n\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, {\r\n error: err.message,\r\n message: responseData?.error_description ?? err.message,\r\n });\r\n logger.error('OAuth callback failed (Axios error)', {\r\n status,\r\n statusText: err.response?.statusText,\r\n responseData: err.response?.data,\r\n message: err.message,\r\n url: err.config?.url,\r\n });\r\n } else {\r\n logger.error('OAuth callback failed', {\r\n error: err instanceof Error ? err.message : String(err),\r\n });\r\n }\r\n\r\n clearAllAuthFlags();\r\n const existingToken = getAccessToken();\r\n const tokenValid = existingToken && !isAccessTokenExpired();\r\n if (tokenValid) {\r\n markProcessed();\r\n cleanUrlSoft();\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, {\r\n error: err instanceof Error ? err.message : String(err),\r\n });\r\n clearProcessing();\r\n if (isCallbackUrl()) cleanUrlSoft();\r\n return false;\r\n }\r\n}\r\n","/**\r\n * Callback flow: run callback handling (validate state/code, exchange or skip, clean URL).\r\n */\r\n\r\nimport { clearFlowFlags, isCallbackProcessing } from '../lifecycle-state';\r\nimport { handleCallback } from '../../strategies/oauth2-pkce/callback';\r\nimport { isCallbackUrlFromUrl } from '../../domain/tenant';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class CallbackFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { urlProvider, logger: log } = runtime;\r\n const getUrl = () => urlProvider.getCurrentUrl();\r\n\r\n clearFlowFlags();\r\n\r\n const handled = await handleCallback();\r\n if (handled) {\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n if (isCallbackProcessing()) return { completed: true };\r\n const u = getUrl();\r\n urlProvider.redirect(`${u.origin}${u.pathname}`);\r\n return { completed: true };\r\n }\r\n return { completed: true };\r\n }\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n const u = getUrl();\r\n urlProvider.redirect(`${u.origin}${u.pathname}`);\r\n }\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Authenticated flow: valid token exists, no action needed.\r\n */\r\n\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class AuthenticatedFlow implements IAuthFlow {\r\n async execute(_context: FlowContext): Promise<FlowResult> {\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Default auth engine ref for backward compatibility.\r\n */\r\n\r\nimport type { AuthEngine } from './types';\r\n\r\nlet defaultEngine: AuthEngine | null = null;\r\n\r\nexport function getDefaultAuthEngine(): AuthEngine | null {\r\n return defaultEngine;\r\n}\r\n\r\nexport function setDefaultAuthEngine(engine: AuthEngine | null): void {\r\n defaultEngine = engine;\r\n}\r\n","/**\r\n * Token API: facades for public API.\r\n * ensureValidAccessToken delegates to default engine when set; otherwise uses strategy refresh.\r\n */\r\n\r\nimport {\r\n getRefreshToken,\r\n isAccessTokenExpired,\r\n getAccessToken as getStoredAccessToken,\r\n} from '../infrastructure/storage/index';\r\nimport { getDefaultAuthEngine } from './engine/defaultEngine';\r\nimport { logger } from '../utils/logger';\r\nimport { refreshAccessToken as strategyRefreshAccessToken } from '../strategies/oauth2-pkce/token-exchange';\r\n\r\nexport { refreshAccessToken } from '../strategies/oauth2-pkce/token-exchange';\r\nexport type { ExchangeTokenParams } from '../strategies/oauth2-pkce/token-exchange';\r\n\r\n/** Throttle \"No refresh token\" log to once per 5s to avoid console spam after logout. */\r\nlet lastNoRefreshLog = 0;\r\nconst NO_REFRESH_LOG_INTERVAL_MS = 5000;\r\n\r\nexport async function ensureValidAccessToken(): Promise<string> {\r\n const engine = getDefaultAuthEngine();\r\n if (engine) {\r\n try {\r\n return await engine.getAccessToken();\r\n } catch {\r\n // Fall through to strategy refresh\r\n }\r\n }\r\n\r\n const token = getStoredAccessToken();\r\n if (token && !isAccessTokenExpired()) return token;\r\n\r\n const refreshToken = getRefreshToken();\r\n if (!refreshToken) {\r\n const now = Date.now();\r\n if (now - lastNoRefreshLog >= NO_REFRESH_LOG_INTERVAL_MS) {\r\n lastNoRefreshLog = now;\r\n logger.debug('No refresh token - cannot refresh; login required');\r\n }\r\n throw new Error('No refresh token; login required');\r\n }\r\n\r\n return await strategyRefreshAccessToken();\r\n}\r\n\r\nexport function getAccessToken(): string | null {\r\n return getStoredAccessToken();\r\n}\r\n","/**\r\n * Refresh flow: ensureValidAccessToken (refresh only); on failure fall through to login required.\r\n */\r\n\r\nimport { ensureValidAccessToken } from '../token';\r\nimport { logger } from '../../utils/logger';\r\nimport { resolveTenantKey, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { setTenantKey } from '../../infrastructure/storage/index';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class RefreshFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { logger: log } = runtime;\r\n const getUrl = () => runtime.urlProvider.getCurrentUrl();\r\n\r\n log.debug('Token expired, attempting to refresh...');\r\n\r\n try {\r\n const refreshedToken = await ensureValidAccessToken();\r\n if (refreshedToken) {\r\n logger.debug('Token refreshed successfully, bootstrap complete');\r\n return { completed: true };\r\n }\r\n } catch (error) {\r\n logger.warn('Token refresh failed, will trigger new auth flow', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n const tenantKey = resolveTenantKey();\r\n\r\n log.debug('[RefreshFlow] Tenant key resolved', {\r\n tenantKey: tenantKey ?? '(null)',\r\n source: tenantKey ? 'resolved' : 'none',\r\n });\r\n\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant',\r\n new Error(`Tenant key missing for refresh flow at url=${getUrl().href}`)\r\n );\r\n }\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Tenant switch flow: resolve new tenant, set tenant key, store config, initiate auth.\r\n */\r\n\r\nimport { getStorage, removeStorage, getStorageKey, setTenantKey } from '../../infrastructure/storage/index';\r\nimport { resolveTenantKey, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { emitAuthEvent, AuthEventNames } from '../events/AuthEvents';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport { getAuthConfig, writeHostConfigCache } from '../../config';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class TenantSwitchFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { urlProvider, logger: log } = runtime;\r\n const getUrl = () => urlProvider.getCurrentUrl();\r\n\r\n const newTenantKey = getStorage(getStorageKey('new_tenant_key'));\r\n log.info('Tenant switch detected - starting fresh login', { newTenantKey });\r\n emitAuthEvent(AuthEventNames.TENANT_SWITCHED, { tenantKey: newTenantKey ?? undefined });\r\n\r\n removeStorage(getStorageKey('tenant_switched'));\r\n removeStorage(getStorageKey('new_tenant_key'));\r\n\r\n const tenantKey = (newTenantKey || resolveTenantKey())?.trim() || null;\r\n\r\n log.debug('[TenantSwitchFlow] Tenant key resolved', {\r\n tenantKey: tenantKey ?? '(null)',\r\n fromNewTenantKey: newTenantKey ?? '(null)',\r\n source: newTenantKey ? 'new_tenant_key' : tenantKey ? 'resolved' : 'none',\r\n });\r\n\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant after switch',\r\n new Error(`Tenant key missing after switch at url=${getUrl().href}`)\r\n );\r\n }\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration after switch',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n // Cache only — runtime config remains source of truth via AuthProvider / setConfig.\r\n try {\r\n const cfg = getAuthConfig();\r\n writeHostConfigCache({\r\n apiBaseUrl: cfg.apiBaseUrl,\r\n authServerUrl: cfg.authServerUrl,\r\n callbackUrl: cfg.callbackUrl,\r\n appId: cfg.appId,\r\n clientCode: tenantConfig.client?.clientCode ?? cfg.clientCode ?? '',\r\n clientId: cfg.clientId || tenantConfig.client?.clientId,\r\n tenantId: tenantConfig.tenantId ?? cfg.tenantId,\r\n tenantKey,\r\n tenantCode: tenantKey,\r\n });\r\n } catch {\r\n // non-blocking\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Normal login flow: resolve tenant, store config, initiate auth.\r\n */\r\n\r\nimport {\r\n getStorage,\r\n removeStorage,\r\n getStorageKey,\r\n setTenantKey,\r\n getAccessToken,\r\n} from '../../infrastructure/storage/index';\r\nimport { clearCallbackProcessing } from '../lifecycle-state';\r\nimport { resolveTenantKey, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class LoginFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { logger: log } = runtime;\r\n const getUrl = () => runtime.urlProvider.getCurrentUrl();\r\n const url = getUrl();\r\n log.debug('[LoginFlow] Start', { url: url.href, pathname: url.pathname, search: url.search });\r\n\r\n const callbackProcessed = getStorage(getStorageKey('callback_processed')) === 'true';\r\n const token = getAccessToken();\r\n if (callbackProcessed && !token) {\r\n log.warn('Callback processed but token still not available - clearing flag and allowing fresh login');\r\n removeStorage(getStorageKey('callback_processed'));\r\n clearCallbackProcessing();\r\n }\r\n\r\n const wasStateMismatch = getStorage(getStorageKey('state_mismatch')) === 'true';\r\n if (wasStateMismatch) removeStorage(getStorageKey('state_mismatch'));\r\n\r\n const tenantKey = resolveTenantKey();\r\n\r\n log.debug('[LoginFlow] Tenant key resolved', {\r\n tenantKey: tenantKey ?? '(null)',\r\n source: tenantKey ? 'resolved' : 'none',\r\n });\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant',\r\n new Error(`Tenant key missing for login flow at url=${url.href}`)\r\n );\r\n }\r\n\r\n log.debug('[LoginFlow] Resolving tenant config', { tenantKey });\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n log.debug('[LoginFlow] Tenant config resolved', {\r\n ok: !!tenantConfig,\r\n tenantId: tenantConfig?.tenantId,\r\n authServer: tenantConfig?.authServer ? '(set)' : '(empty)',\r\n clientId: tenantConfig?.client?.clientId,\r\n redirectUri: tenantConfig?.client?.redirectUri,\r\n });\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n log.debug('[LoginFlow] Stored tenant config, initiating auth flow');\r\n await initiateAuthFlow(tenantConfig);\r\n log.debug('[LoginFlow] Auth flow initiated (redirect should happen)');\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Returns the flow instance for a given auth lifecycle state.\r\n */\r\n\r\nimport { AuthLifecycleState } from '../../domain/auth-lifecycle';\r\nimport type { IAuthFlow } from './types';\r\nimport { CallbackFlow } from './CallbackFlow';\r\nimport { AuthenticatedFlow } from './AuthenticatedFlow';\r\nimport { RefreshFlow } from './RefreshFlow';\r\nimport { TenantSwitchFlow } from './TenantSwitchFlow';\r\nimport { LoginFlow } from './LoginFlow';\r\n\r\nconst callbackFlow = new CallbackFlow();\r\nconst authenticatedFlow = new AuthenticatedFlow();\r\nconst refreshFlow = new RefreshFlow();\r\nconst tenantSwitchFlow = new TenantSwitchFlow();\r\nconst loginFlow = new LoginFlow();\r\n\r\nexport function getFlowForState(state: AuthLifecycleState): IAuthFlow {\r\n switch (state) {\r\n case AuthLifecycleState.PROCESSING_CALLBACK:\r\n return callbackFlow;\r\n case AuthLifecycleState.AUTHENTICATED:\r\n return authenticatedFlow;\r\n case AuthLifecycleState.TOKEN_EXPIRED:\r\n return refreshFlow;\r\n case AuthLifecycleState.TENANT_SWITCH:\r\n return tenantSwitchFlow;\r\n case AuthLifecycleState.LOGIN_REQUIRED:\r\n case AuthLifecycleState.INITIALIZING:\r\n case AuthLifecycleState.LOGGED_OUT:\r\n case AuthLifecycleState.ERROR:\r\n default:\r\n return loginFlow;\r\n }\r\n}\r\n","/**\r\n * Internal bootstrap execution: state resolution + single flow.\r\n */\r\n\r\nimport { getAuthRuntime } from '../infrastructure/runtime/context';\r\nimport { isCallbackUrlFromUrl } from '../domain/tenant';\r\nimport {\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n getStorage,\r\n getStorageKey,\r\n getRefreshToken,\r\n} from '../infrastructure/storage/index';\r\nimport {\r\n enforceHttps,\r\n sanitizeErrorMessage,\r\n SanitizedError,\r\n} from '../utils/security';\r\nimport { logger } from '../utils/logger';\r\nimport { resolveAuthLifecycleState } from '../domain/auth-lifecycle';\r\nimport {\r\n isBootstrapInProgress,\r\n setBootstrapInProgress,\r\n clearBootstrapInProgress,\r\n} from './lifecycle-state';\r\nimport { getFlowForState } from './flows/getFlowForState';\r\nimport type { FlowContext } from './flows/types';\r\nimport { emitAuthEvent, AuthEventNames } from './events/AuthEvents';\r\n\r\nfunction createStorageReader() {\r\n return (suffix: string) => getStorage(getStorageKey(suffix));\r\n}\r\n\r\nexport async function runBootstrap(): Promise<void> {\r\n const runtime = getAuthRuntime();\r\n if (!runtime) {\r\n logger.warn(\r\n 'Auth runtime not set; skipping bootstrap. Set runtime via AuthProvider or setAuthRuntime().'\r\n );\r\n return;\r\n }\r\n\r\n if (isBootstrapInProgress()) {\r\n logger.debug('Bootstrap already in progress - skipping duplicate run');\r\n return;\r\n }\r\n\r\n setBootstrapInProgress();\r\n\r\n try {\r\n enforceHttps(true);\r\n\r\n const url = runtime.urlProvider.getCurrentUrl();\r\n const token = getAccessToken();\r\n const expired = isAccessTokenExpired();\r\n const hasValidToken = !!(token && !expired);\r\n const hasToken = !!token;\r\n const hasRefreshToken = !!getRefreshToken();\r\n\r\n const state = resolveAuthLifecycleState({\r\n url,\r\n getStorage: createStorageReader(),\r\n isCallbackUrl: isCallbackUrlFromUrl,\r\n hasValidToken,\r\n hasToken,\r\n hasRefreshToken,\r\n isTokenExpired: expired,\r\n });\r\n\r\n emitAuthEvent(AuthEventNames.BOOTSTRAP_STATE_DETECTED, { state: state as string });\r\n\r\n const flow = getFlowForState(state);\r\n const context: FlowContext = { runtime, url, state };\r\n await flow.execute(context);\r\n } catch (error) {\r\n if (error instanceof SanitizedError) throw error;\r\n const r = getAuthRuntime();\r\n (r?.logger ?? logger).error('Bootstrap failed', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n throw new Error(\r\n sanitizeErrorMessage(error, 'Authentication initialization failed')\r\n );\r\n } finally {\r\n clearBootstrapInProgress();\r\n }\r\n}\r\n","/**\r\n * Session-cleared callback for watchers (cookie/storage).\r\n * Application layer sets this to bootstrap so infrastructure does not depend on application.\r\n */\r\n\r\nlet sessionClearedCallback: (() => void | Promise<void>) | null = null;\r\n\r\nexport function setSessionClearedCallback(cb: (() => void | Promise<void>) | null): void {\r\n sessionClearedCallback = cb;\r\n}\r\n\r\nexport function getSessionClearedCallback(): (() => void | Promise<void>) | null {\r\n return sessionClearedCallback;\r\n}\r\n","/**\r\n * Public bootstrap API. Delegates to default engine.init() when set; otherwise runs runBootstrap().\r\n */\r\n\r\nimport { runBootstrap } from './run-bootstrap';\r\nimport { getDefaultAuthEngine } from './engine/defaultEngine';\r\nimport { setSessionClearedCallback } from '../infrastructure/watchers/callbacks';\r\n\r\nasync function bootstrapImpl(): Promise<void> {\r\n const engine = getDefaultAuthEngine();\r\n if (engine) {\r\n await engine.init();\r\n return;\r\n }\r\n await runBootstrap();\r\n}\r\n\r\nsetSessionClearedCallback(() => bootstrapImpl());\r\n\r\nexport async function bootstrap(): Promise<void> {\r\n return bootstrapImpl();\r\n}\r\n","/**\r\n * Suppress watcher side effects during intentional auth teardown (e.g. logout).\r\n * Deterministic: set before storage/cookie mutation, clear after cleanup completes.\r\n */\r\n\r\nlet suspended = false;\r\nlet generation = 0;\r\n\r\nexport function suspendWatchers(): number {\r\n suspended = true;\r\n generation += 1;\r\n return generation;\r\n}\r\n\r\nexport function resumeWatchers(expectedGen?: number): void {\r\n if (expectedGen !== undefined && expectedGen !== generation) return;\r\n suspended = false;\r\n}\r\n\r\nexport function areWatchersSuspended(): boolean {\r\n return suspended;\r\n}\r\n\r\nexport function getWatcherGeneration(): number {\r\n return generation;\r\n}\r\n","/**\r\n * Cookie-based authentication utilities\r\n * Strategy layer: cookie auth (cookie names used by cookie-watcher).\r\n */\r\n\r\nexport const COOKIE_NAMES = {\r\n accessToken: 'tenneo_auth_access_token',\r\n refreshToken: 'tenneo_auth_refresh_token',\r\n} as const;\r\n","/**\r\n * Cookie watcher to detect cookie deletion and clear session.\r\n * Infrastructure layer: uses storage and callback; application sets callback to bootstrap.\r\n */\r\n\r\nimport {\r\n clearAuthStorage,\r\n clearAuthSessionStorage,\r\n} from '../storage/index';\r\nimport { getSessionClearedCallback } from './callbacks';\r\nimport { areWatchersSuspended } from './watcher-guard';\r\nimport { logger } from '../../utils/logger';\r\nimport { COOKIE_NAMES } from '../../strategies/cookie/cookie-auth';\r\n\r\nlet isWatching = false;\r\nlet lastCookieSnapshot: string = '';\r\nlet lastCookieMap: Map<string, string> = new Map();\r\nlet watchInterval: ReturnType<typeof setInterval> | null = null;\r\n\r\nfunction getCookieSnapshot(): string {\r\n try {\r\n return document.cookie || '';\r\n } catch {\r\n return '';\r\n }\r\n}\r\n\r\nfunction getCookieNames(): string[] {\r\n try {\r\n const cookies = document.cookie.split(';');\r\n return cookies\r\n .map((cookie) => {\r\n const eqPos = cookie.indexOf('=');\r\n return eqPos > -1 ? cookie.substring(0, eqPos).trim() : cookie.trim();\r\n })\r\n .filter((name) => name.length > 0);\r\n } catch {\r\n return [];\r\n }\r\n}\r\n\r\nfunction getCookieMap(): Map<string, string> {\r\n const cookieMap = new Map<string, string>();\r\n try {\r\n const cookies = document.cookie.split(';');\r\n for (const cookie of cookies) {\r\n const eqPos = cookie.indexOf('=');\r\n if (eqPos > -1) {\r\n const name = cookie.substring(0, eqPos).trim();\r\n const value = cookie.substring(eqPos + 1).trim();\r\n if (name.length > 0) cookieMap.set(name, value);\r\n }\r\n }\r\n } catch {\r\n // Silent fail\r\n }\r\n return cookieMap;\r\n}\r\n\r\nfunction checkCookiesDeleted(): boolean {\r\n try {\r\n const currentSnapshot = getCookieSnapshot();\r\n const currentCookieMap = getCookieMap();\r\n const currentCookies = getCookieNames();\r\n\r\n if (lastCookieSnapshot && !currentSnapshot) {\r\n logger.info('All cookies deleted detected');\r\n return true;\r\n }\r\n\r\n if (lastCookieMap.size > 0) {\r\n const authCookieNames = [\r\n COOKIE_NAMES.accessToken,\r\n COOKIE_NAMES.refreshToken,\r\n 'tenneo_auth',\r\n 'tenneo_auth_access_token',\r\n 'tenneo_auth_refresh_token',\r\n 'auth',\r\n 'session',\r\n 'token',\r\n ];\r\n\r\n const deletedAuthCookies: string[] = [];\r\n for (const [cookieName] of lastCookieMap) {\r\n const isAuthCookie = authCookieNames.some((authName) =>\r\n cookieName.toLowerCase().includes(authName.toLowerCase())\r\n );\r\n if (isAuthCookie && !currentCookieMap.has(cookieName)) {\r\n deletedAuthCookies.push(cookieName);\r\n }\r\n }\r\n if (deletedAuthCookies.length > 0) {\r\n logger.info('Auth cookies deleted detected', {\r\n deletedCookies: deletedAuthCookies,\r\n previousCookieCount: lastCookieMap.size,\r\n currentCookieCount: currentCookieMap.size,\r\n });\r\n return true;\r\n }\r\n\r\n const hadTenneoAuthAccess =\r\n lastCookieMap.has(COOKIE_NAMES.accessToken) ||\r\n lastCookieMap.has('tenneo_auth_access_token');\r\n const hasTenneoAuthAccess =\r\n currentCookieMap.has(COOKIE_NAMES.accessToken) ||\r\n currentCookieMap.has('tenneo_auth_access_token');\r\n if (hadTenneoAuthAccess && !hasTenneoAuthAccess) {\r\n logger.info('tenneo auth access token cookie deleted detected');\r\n return true;\r\n }\r\n\r\n const hadTenneoAuthRefresh =\r\n lastCookieMap.has(COOKIE_NAMES.refreshToken) ||\r\n lastCookieMap.has('tenneo_auth_refresh_token');\r\n const hasTenneoAuthRefresh =\r\n currentCookieMap.has(COOKIE_NAMES.refreshToken) ||\r\n currentCookieMap.has('tenneo_auth_refresh_token');\r\n if (hadTenneoAuthRefresh && !hasTenneoAuthRefresh) {\r\n logger.info('tenneo auth refresh token cookie deleted detected');\r\n return true;\r\n }\r\n\r\n if (\r\n lastCookieMap.size > currentCookieMap.size &&\r\n lastCookieMap.size - currentCookieMap.size >= 1\r\n ) {\r\n const deletedCookies: string[] = [];\r\n for (const [cookieName] of lastCookieMap) {\r\n if (!currentCookieMap.has(cookieName)) deletedCookies.push(cookieName);\r\n }\r\n const deletedAuthCookiesCount = deletedCookies.filter((name) =>\r\n authCookieNames.some((authName) =>\r\n name.toLowerCase().includes(authName.toLowerCase())\r\n )\r\n ).length;\r\n if (deletedAuthCookiesCount > 0) {\r\n logger.info('Auth cookies deleted detected (count-based)', {\r\n deletedCookies,\r\n deletedAuthCount: deletedAuthCookiesCount,\r\n previousCount: lastCookieMap.size,\r\n currentCount: currentCookieMap.size,\r\n });\r\n return true;\r\n }\r\n }\r\n }\r\n\r\n lastCookieSnapshot = currentSnapshot;\r\n lastCookieMap = new Map(currentCookieMap);\r\n return false;\r\n } catch (error) {\r\n logger.warn('Error checking cookies', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n return false;\r\n }\r\n}\r\n\r\nfunction handleCookieDeletion(): void {\r\n if (areWatchersSuspended()) {\r\n logger.debug('Cookie deletion handler skipped — watchers suspended (logout/teardown)');\r\n return;\r\n }\r\n try {\r\n logger.info('Cookies deleted detected - clearing session and redirecting to login');\r\n\r\n clearAuthStorage();\r\n clearAuthSessionStorage();\r\n\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after cookie deletion', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n });\r\n }\r\n } catch (error) {\r\n logger.error('Error handling cookie deletion', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n}\r\n\r\nexport function startCookieWatcher(): void {\r\n if (isWatching) {\r\n logger.debug('Cookie watcher already running');\r\n return;\r\n }\r\n\r\n isWatching = true;\r\n lastCookieSnapshot = getCookieSnapshot();\r\n lastCookieMap = getCookieMap();\r\n\r\n const initialCookies = getCookieNames();\r\n const authCookies = initialCookies.filter(\r\n (name) =>\r\n name.toLowerCase().includes('tenneo_auth') ||\r\n name.toLowerCase().includes('auth') ||\r\n name.toLowerCase().includes('token')\r\n );\r\n logger.debug('Cookie watcher started', {\r\n initialCookieCount: initialCookies.length,\r\n authCookieCount: authCookies.length,\r\n authCookies,\r\n allCookies: initialCookies,\r\n });\r\n\r\n watchInterval = setInterval(async () => {\r\n if (areWatchersSuspended()) return;\r\n const cookiesDeleted = checkCookiesDeleted();\r\n if (cookiesDeleted) {\r\n logger.info('Cookies deleted detected by cookie watcher');\r\n if (watchInterval) {\r\n clearInterval(watchInterval);\r\n watchInterval = null;\r\n }\r\n isWatching = false;\r\n\r\n try {\r\n await handleCookieDeletion();\r\n } catch (error) {\r\n logger.error('Error handling cookie deletion, will restart watcher', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n } finally {\r\n queueMicrotask(() => {\r\n if (!isWatching) startCookieWatcher();\r\n });\r\n }\r\n }\r\n }, 1000);\r\n\r\n logger.info('Cookie watcher started - monitoring for cookie deletion');\r\n}\r\n\r\nexport function stopCookieWatcher(): void {\r\n isWatching = false;\r\n if (watchInterval) {\r\n clearInterval(watchInterval);\r\n watchInterval = null;\r\n }\r\n lastCookieSnapshot = '';\r\n logger.debug('Cookie watcher stopped');\r\n}\r\n\r\nexport function resetCookieWatcher(): void {\r\n lastCookieSnapshot = getCookieSnapshot();\r\n lastCookieMap = getCookieMap();\r\n const currentCookies = getCookieNames();\r\n const authCookies = currentCookies.filter(\r\n (name) =>\r\n name.toLowerCase().includes('tenneo_auth') ||\r\n name.toLowerCase().includes('auth') ||\r\n name.toLowerCase().includes('token')\r\n );\r\n logger.debug('Cookie watcher reset', {\r\n currentCookieCount: currentCookies.length,\r\n authCookieCount: authCookies.length,\r\n authCookies,\r\n });\r\n}\r\n","/**\r\n * Storage watcher to detect manual storage clears and restart auth flow.\r\n * Infrastructure layer: uses storage and callback; application sets callback to bootstrap.\r\n */\r\n\r\nimport { STORAGE_KEYS, getStorage } from '../storage/index';\r\nimport { getSessionClearedCallback } from './callbacks';\r\nimport { areWatchersSuspended } from './watcher-guard';\r\nimport { logger } from '../../utils/logger';\r\n\r\nlet isWatching = false;\r\nlet lastStorageCheck: string | null = null;\r\nlet storageEventListener: ((event: StorageEvent) => void) | null = null;\r\n\r\nfunction checkStorageCleared(): boolean {\r\n try {\r\n const hasAnyAuthData = Object.values(STORAGE_KEYS).some(\r\n (key: string) => getStorage(key) !== null\r\n );\r\n if (lastStorageCheck === 'had_data' && !hasAnyAuthData) return true;\r\n lastStorageCheck = hasAnyAuthData ? 'had_data' : 'no_data';\r\n return false;\r\n } catch {\r\n return false;\r\n }\r\n}\r\n\r\nfunction handleStorageEvent(event: StorageEvent): void {\r\n if (areWatchersSuspended()) return;\r\n if (typeof window !== 'undefined' && event.storageArea === window.sessionStorage) {\r\n const wasCleared = checkStorageCleared();\r\n if (wasCleared) {\r\n if (areWatchersSuspended()) return;\r\n logger.info('Detected manual sessionStorage clear! Redirecting to login...');\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after manual clear', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n });\r\n }\r\n }\r\n }\r\n}\r\n\r\nexport function startStorageWatcher(): void {\r\n if (isWatching) return;\r\n\r\n isWatching = true;\r\n checkStorageCleared();\r\n\r\n storageEventListener = handleStorageEvent;\r\n window.addEventListener('storage', storageEventListener);\r\n\r\n const pollInterval = setInterval(() => {\r\n if (areWatchersSuspended()) return;\r\n const wasCleared = checkStorageCleared();\r\n if (wasCleared) {\r\n if (areWatchersSuspended()) return;\r\n logger.info('Detected manual sessionStorage clear (polling)! Redirecting to login...');\r\n clearInterval(pollInterval);\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after manual clear', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n if (!isWatching) startStorageWatcher();\r\n });\r\n }\r\n }\r\n }, 1000);\r\n\r\n (window as unknown as { __tenneo_auth_storage_watcher_interval?: ReturnType<typeof setInterval> }).__tenneo_auth_storage_watcher_interval = pollInterval;\r\n}\r\n\r\nexport function stopStorageWatcher(): void {\r\n isWatching = false;\r\n if (storageEventListener) {\r\n window.removeEventListener('storage', storageEventListener);\r\n storageEventListener = null;\r\n }\r\n const win = window as unknown as { __tenneo_auth_storage_watcher_interval?: ReturnType<typeof setInterval> };\r\n const intervalId = win.__tenneo_auth_storage_watcher_interval;\r\n if (intervalId) {\r\n clearInterval(intervalId);\r\n delete win.__tenneo_auth_storage_watcher_interval;\r\n }\r\n}\r\n","/**\r\n * Shared cookie utilities\r\n * \r\n * SINGLE SOURCE OF TRUTH for cookie clearing\r\n * Prevents duplicate code across logout, storage-watcher, etc.\r\n */\r\n\r\nimport { logger } from './logger';\r\n\r\n/**\r\n * Best-effort removal of non-HttpOnly cookies\r\n * HttpOnly cookies MUST be cleared by server\r\n * \r\n * This function is idempotent - safe to call multiple times\r\n */\r\nexport function clearClientCookies(): void {\r\n try {\r\n if (typeof document === 'undefined' || typeof window === 'undefined') return;\r\n\r\n const cookies = document.cookie.split(';');\r\n const hostname = window.location.hostname;\r\n const hostParts = hostname.split('.').filter(Boolean);\r\n\r\n const domainsToTry: string[] = [hostname];\r\n if (hostParts.length > 1) {\r\n // Try progressively broader parent domains (e.g. a.b.c.com -> .c.com, .b.c.com)\r\n for (let i = hostParts.length - 2; i >= 0; i--) {\r\n const parent = '.' + hostParts.slice(i).join('.');\r\n if (!domainsToTry.includes(parent)) domainsToTry.push(parent);\r\n }\r\n }\r\n\r\n const pathsToTry = ['/', window.location.pathname || '/'].filter(Boolean);\r\n\r\n for (const cookie of cookies) {\r\n const eqPos = cookie.indexOf('=');\r\n const name = eqPos > -1 ? cookie.slice(0, eqPos).trim() : cookie.trim();\r\n\r\n if (!name) continue;\r\n\r\n for (const path of pathsToTry) {\r\n // No domain attribute (current host)\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path}`;\r\n // With domain attribute (host + parent domains)\r\n for (const domain of domainsToTry) {\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path};domain=${domain}`;\r\n }\r\n }\r\n }\r\n\r\n logger.debug('Client-side cookies cleared (best-effort)');\r\n } catch (error) {\r\n logger.warn('Failed to clear client cookies', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n}\r\n","/**\r\n * Logout: idempotent, host-driven config, no fragile host_config snapshot/restore.\r\n *\r\n * - Watchers suspended during teardown to avoid bootstrap races\r\n * - Server logout: POST only (no unsafe GET fallback)\r\n * - Local state always cleared even if server fails\r\n * - Storage cache refreshed from current runtime config (memory/host), never a stale snapshot\r\n */\r\n\r\nimport {\r\n clearAuthStorage,\r\n getStorage,\r\n removeStorage,\r\n setStorage,\r\n getStorageKey,\r\n} from '../infrastructure/storage/index';\r\nimport { emitAuthEvent, AuthEventNames } from './events/AuthEvents';\r\nimport {\r\n startStorageWatcher,\r\n stopStorageWatcher,\r\n suspendWatchers,\r\n resumeWatchers,\r\n} from '../infrastructure/watchers';\r\nimport { stopCookieWatcher, resetCookieWatcher } from '../infrastructure/watchers';\r\nimport { logger } from '../utils/logger';\r\nimport {\r\n getAuthConfig,\r\n applyRuntimeTenantSwitch,\r\n syncHostConfigCacheFromMemory,\r\n} from '../config';\r\nimport { clearClientCookies } from '../utils/cookies';\r\nimport { getAuthRuntime } from '../infrastructure/runtime/context';\r\n\r\nfunction buildUrl(baseUrl: string, path: string): string {\r\n const url = new URL(baseUrl);\r\n const normalizedPath = path.startsWith('/') ? path : `/${path}`;\r\n url.pathname = url.pathname.endsWith('/')\r\n ? `${url.pathname}${normalizedPath.slice(1)}`\r\n : `${url.pathname}${normalizedPath}`;\r\n return url.toString();\r\n}\r\n\r\ninterface LogoutResponse {\r\n success?: boolean;\r\n message?: string;\r\n logout?: boolean;\r\n}\r\n\r\nfunction getCsrfToken(): string | null {\r\n try {\r\n if (typeof document === 'undefined') return null;\r\n\r\n const meta = document.querySelector<HTMLMetaElement>('meta[name=\"csrf-token\"]');\r\n if (meta?.content) return meta.content;\r\n\r\n const match = document.cookie.match(/(?:^|;\\s*)XSRF-TOKEN=([^;]+)/i);\r\n if (match) return decodeURIComponent(match[1]);\r\n\r\n return null;\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\n/**\r\n * Server logout — POST only. Treats empty/204 responses as success when HTTP ok.\r\n */\r\nasync function callServerLogout(logoutUrl: string): Promise<{\r\n success: boolean;\r\n response?: LogoutResponse;\r\n}> {\r\n const csrfToken = getCsrfToken();\r\n\r\n const headers: Record<string, string> = {\r\n 'X-Requested-With': 'XMLHttpRequest',\r\n Accept: 'application/json, */*',\r\n 'Content-Type': 'application/x-www-form-urlencoded',\r\n };\r\n\r\n if (csrfToken) {\r\n headers['X-CSRF-Token'] = csrfToken;\r\n }\r\n\r\n try {\r\n const response = await fetch(logoutUrl, {\r\n method: 'POST',\r\n mode: 'cors',\r\n headers,\r\n credentials: 'include',\r\n body: '',\r\n });\r\n\r\n if (!response.ok) {\r\n logger.warn('[logout] Server logout HTTP error', {\r\n status: response.status,\r\n statusText: response.statusText,\r\n });\r\n return { success: false };\r\n }\r\n\r\n const contentType = response.headers.get('content-type') || '';\r\n if (!contentType.includes('application/json')) {\r\n logger.info('[logout] Server logout: OK without JSON body', {\r\n status: response.status,\r\n });\r\n return { success: true, response: { success: true } };\r\n }\r\n\r\n const text = await response.text();\r\n let data: LogoutResponse = {};\r\n if (text?.trim()) {\r\n try {\r\n data = JSON.parse(text) as LogoutResponse;\r\n } catch {\r\n logger.warn('[logout] Server returned non-JSON body with JSON content-type');\r\n return { success: false };\r\n }\r\n }\r\n logger.info('[logout] Server logout response', { response: data });\r\n\r\n if (data && (data.success === true || data.logout === true)) {\r\n return { success: true, response: data };\r\n }\r\n\r\n if (!text || text.trim() === '') {\r\n return { success: true, response: { success: true } };\r\n }\r\n\r\n logger.warn('[logout] Server logout: unexpected JSON payload', { response: data });\r\n return { success: false, response: data };\r\n } catch (error) {\r\n logger.warn('[logout] Server logout request failed', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n return { success: false };\r\n }\r\n}\r\n\r\nfunction performLocalLogoutCleanup(): void {\r\n logger.debug('[logout] Local cleanup: cookies + auth storage');\r\n\r\n try {\r\n getAuthRuntime()?.clearCookies?.clearCookies();\r\n } catch (error) {\r\n logger.debug('[logout] Runtime cookie clearer failed (ignored)', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n clearClientCookies();\r\n\r\n try {\r\n clearAuthStorage();\r\n } catch (error) {\r\n logger.warn('[logout] clearAuthStorage failed', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n logger.info('[logout] Local cleanup completed');\r\n}\r\n\r\nfunction acquireLogoutLock(): boolean {\r\n const LOCK_KEY = getStorageKey('logout_lock');\r\n const now = Date.now();\r\n const existingLock = getStorage(LOCK_KEY);\r\n\r\n if (existingLock) {\r\n const lockTime = Number(existingLock);\r\n if (!Number.isNaN(lockTime) && now - lockTime < 5000) {\r\n logger.debug('[logout] Lock active — duplicate tab logout skipped', {\r\n now,\r\n lockTime,\r\n });\r\n return false;\r\n }\r\n }\r\n\r\n setStorage(LOCK_KEY, String(now));\r\n return true;\r\n}\r\n\r\nfunction releaseLogoutLock(): void {\r\n try {\r\n removeStorage(getStorageKey('logout_lock'));\r\n } catch {\r\n // ignore\r\n }\r\n}\r\n\r\nexport type LogoutResult = {\r\n success: boolean;\r\n message: string;\r\n serverResponse?: LogoutResponse;\r\n};\r\n\r\nlet logoutInFlight: Promise<LogoutResult> | null = null;\r\n\r\nasync function runLogoutPipeline(tenantKey?: string): Promise<LogoutResult> {\r\n const gen = suspendWatchers();\r\n logger.info('[logout] Lifecycle: suspend watchers', { generation: gen });\r\n\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n\r\n if (!acquireLogoutLock()) {\r\n resumeWatchers(gen);\r\n logger.debug('[logout] Lifecycle: resume (skipped — lock)');\r\n return { success: true, message: 'Logout already in progress in another tab.' };\r\n }\r\n\r\n let serverLogoutSuccess = false;\r\n let serverResponse: LogoutResponse | undefined;\r\n\r\n try {\r\n if (tenantKey?.trim()) {\r\n applyRuntimeTenantSwitch(tenantKey.trim(), { syncStorageCache: true });\r\n logger.info('[logout] Runtime tenant applied for logout context', {\r\n tenantKey: tenantKey.trim(),\r\n });\r\n }\r\n\r\n const authConfig = getAuthConfig();\r\n const apiAuthBaseUrl = authConfig.authServerUrl;\r\n\r\n if (apiAuthBaseUrl) {\r\n const logoutUrl = buildUrl(apiAuthBaseUrl, 'account/logout');\r\n logger.info('[logout] Calling auth server logout (POST)', { logoutUrl });\r\n\r\n const logoutResult = await callServerLogout(logoutUrl);\r\n serverLogoutSuccess = logoutResult.success;\r\n serverResponse = logoutResult.response;\r\n\r\n if (!serverLogoutSuccess) {\r\n logger.warn('[logout] Server logout did not confirm success — clearing local session anyway', {\r\n logoutUrl,\r\n serverResponse,\r\n });\r\n }\r\n } else {\r\n logger.warn('[logout] authServerUrl missing — local logout only');\r\n }\r\n } catch (error) {\r\n logger.error('[logout] Unexpected error before local cleanup', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n try {\r\n performLocalLogoutCleanup();\r\n } catch (error) {\r\n logger.error('[logout] Local cleanup threw', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n try {\r\n syncHostConfigCacheFromMemory();\r\n logger.debug('[logout] host_config cache refreshed from runtime (not restored from snapshot)');\r\n } catch (error) {\r\n logger.warn('[logout] Failed to sync host config cache', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n try {\r\n resetCookieWatcher();\r\n startStorageWatcher();\r\n logger.info('[logout] Watchers restarted');\r\n } catch (error) {\r\n logger.warn('[logout] Watcher restart failed', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n releaseLogoutLock();\r\n resumeWatchers(gen);\r\n logger.info('[logout] Lifecycle: complete', { serverLogoutSuccess });\r\n\r\n emitAuthEvent(AuthEventNames.LOGOUT_COMPLETED, {\r\n serverLogoutSuccess,\r\n tenantKey: tenantKey?.trim() || getAuthConfig().tenantCode || undefined,\r\n message: serverLogoutSuccess ? 'Server logout success' : 'Local logout (server may be pending)',\r\n });\r\n\r\n return {\r\n success: true,\r\n message: serverLogoutSuccess\r\n ? serverResponse?.message || 'Logout successful. Fresh login required.'\r\n : 'Logged out locally. Fresh login required (server logout may have failed).',\r\n serverResponse,\r\n };\r\n}\r\n\r\n/**\r\n * Idempotent logout: coalesces concurrent calls in the same JS realm; cross-tab deduped via short lock.\r\n */\r\nexport async function logout(tenantKey?: string): Promise<LogoutResult> {\r\n if (logoutInFlight) {\r\n logger.debug('[logout] Coalescing with in-flight logout');\r\n return logoutInFlight;\r\n }\r\n\r\n logoutInFlight = runLogoutPipeline(tenantKey).finally(() => {\r\n logoutInFlight = null;\r\n });\r\n\r\n return logoutInFlight;\r\n}\r\n","import { createContext, useContext } from 'react';\r\nimport type { AuthContextValue } from '../domain/auth-state';\r\n\r\nexport const AuthContext = createContext<AuthContextValue | undefined>(undefined);\r\n\r\nexport function useAuthContext(): AuthContextValue {\r\n const context = useContext(AuthContext);\r\n if (!context) {\r\n throw new Error('useAuthContext must be used within AuthProvider');\r\n }\r\n return context;\r\n}\r\n","/**\r\n * Tenant resolution API client.\r\n * Resolves tenant configuration via GET /api/tenant/v1/public/tenants/by-code/{tenantCode}.\r\n */\r\n\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { Config, OAUTH_CONSTANTS } from '../../config';\r\nimport { logger } from '../../utils/logger';\r\n\r\nconst ongoingRequests = new Map<string, Promise<TenantConfig | null>>();\r\nconst DEFAULT_SCOPES = OAUTH_CONSTANTS.SCOPES;\r\n\r\nfunction getResolvedTenantBaseUrl(): string {\r\n let base = Config.getApiBaseUrl();\r\n if (typeof window !== 'undefined' && (!base || base.startsWith('/'))) {\r\n base = window.location.origin + (base || '');\r\n }\r\n return base;\r\n}\r\n\r\nconst PUBLIC_CODE_PREFIX = 'public-';\r\n\r\nfunction getTenantByCodeUrl(tenantCode: string): string {\r\n const apiTenantResolutionBaseUrl = getResolvedTenantBaseUrl();\r\n const base = (apiTenantResolutionBaseUrl || '').replace(/\\/api(?:\\/v1)?\\/?$/, '') || apiTenantResolutionBaseUrl;\r\n return `${base}/api/v1/tenant/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;\r\n}\r\n\r\ninterface TenantData {\r\n id: string;\r\n clientCode: string;\r\n legalName?: string;\r\n redirectUri?: string;\r\n displayName?: string;\r\n domain?: string;\r\n isDomainVerified?: boolean;\r\n status?: string;\r\n onboardedAt?: Record<string, unknown> | string;\r\n}\r\n\r\ninterface TenantByCodeResponse {\r\n success: boolean;\r\n message: string | null;\r\n data: TenantData | null;\r\n errors: unknown[] | null;\r\n errorCode: string | null;\r\n}\r\n\r\nexport async function resolveTenant(tenantKey: string): Promise<TenantConfig | null> {\r\n if (!tenantKey || tenantKey.trim() === '') {\r\n logger.debug('tenantKey is empty or invalid, skipping API call');\r\n return null;\r\n }\r\n\r\n const tenantCode = tenantKey.trim();\r\n const requestKey = `resolveTenant:${tenantCode}`;\r\n if (ongoingRequests.has(requestKey)) {\r\n logger.debug('Tenant resolution reused (in-flight)', { tenantCode });\r\n return ongoingRequests.get(requestKey)!;\r\n }\r\n\r\n logger.info('Tenant resolution API call', { tenantCode });\r\n\r\n const requestPromise = (async (): Promise<TenantConfig | null> => {\r\n try {\r\n const url = getTenantByCodeUrl(tenantCode);\r\n logger.debug('GET tenant by-code', { url });\r\n\r\n let data: unknown;\r\n try {\r\n const response = await fetch(url, { method: 'GET' });\r\n if (!response.ok) throw new Error(`HTTP ${response.status}`);\r\n data = (await response.json()) as TenantByCodeResponse;\r\n logger.debug('API response received', { tenantCode });\r\n } catch (error) {\r\n logger.warn('API call failed', { tenantCode, error });\r\n return null;\r\n }\r\n\r\n if (!data || typeof data !== 'object') return null;\r\n\r\n const res = data as TenantByCodeResponse;\r\n if (!res.success || !res.data) return null;\r\n\r\n const tenant = res.data;\r\n if (!tenant.id || !tenant.clientCode) return null;\r\n\r\n const authServer = Config.getAuthServerUrl();\r\n const redirectUri = Config.getRedirectUri();\r\n if (!authServer || !redirectUri) {\r\n return null;\r\n }\r\n\r\n const clientCodeWithPrefix = tenant.clientCode.startsWith(PUBLIC_CODE_PREFIX)\r\n ? tenant.clientCode\r\n : `${PUBLIC_CODE_PREFIX}${tenant.clientCode}`;\r\n\r\n \r\n const config: TenantConfig = {\r\n tenantId: tenant.id,\r\n authServer,\r\n tenantKey: tenantCode,\r\n client: {\r\n clientId: tenant.clientCode,\r\n clientCode: clientCodeWithPrefix,\r\n redirectUri,\r\n scopes: DEFAULT_SCOPES,\r\n },\r\n };\r\n logger.debug('Resolved tenant config', { tenantCode });\r\n return config;\r\n } catch (error) {\r\n logger.warn('Unexpected error resolving tenant', { tenantCode, error });\r\n return null;\r\n } finally {\r\n ongoingRequests.delete(requestKey);\r\n }\r\n })();\r\n\r\n ongoingRequests.set(requestKey, requestPromise);\r\n return requestPromise;\r\n}\r\n","/**\r\n * Browser implementations of runtime interfaces.\r\n * Only used when running in a browser; core has no dependency on this module.\r\n */\r\n\r\nimport type { Logger, UrlProvider, CurrentUrl, ConfigProvider, CookieClearer, TenantResolver } from '../infrastructure/runtime/types';\r\nimport { Config } from '../config';\r\nimport { resolveTenant } from '../infrastructure/tenant/tenant.api';\r\n\r\nexport function createConsoleLogger(): Logger {\r\n return {\r\n info(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.info(message, meta ?? '');\r\n },\r\n warn(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.warn(message, meta ?? '');\r\n },\r\n error(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.error(message, meta ?? '');\r\n },\r\n debug(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.debug(message, meta ?? '');\r\n },\r\n };\r\n}\r\n\r\nexport function createBrowserUrlProvider(): UrlProvider {\r\n return {\r\n getCurrentUrl(): CurrentUrl {\r\n if (typeof window === 'undefined') {\r\n return { href: '', origin: '', pathname: '/', search: '', hostname: '' };\r\n }\r\n const w = window;\r\n const loc = w.location;\r\n return {\r\n href: loc.href,\r\n origin: loc.origin,\r\n pathname: loc.pathname,\r\n search: loc.search,\r\n hostname: loc.hostname,\r\n };\r\n },\r\n redirect(url: string): void {\r\n if (typeof window !== 'undefined') window.location.replace(url);\r\n },\r\n replaceState(url: string): void {\r\n if (typeof window === 'undefined') return;\r\n try {\r\n const title = typeof document !== 'undefined' ? document.title : '';\r\n window.history.replaceState({}, title, url);\r\n } catch {\r\n // ignore\r\n }\r\n },\r\n };\r\n}\r\n\r\n/** ConfigProvider backed by existing Config (which may use window.__APP_CONFIG__). */\r\nexport function createConfigProvider(): ConfigProvider {\r\n return {\r\n getApiBaseUrl: () => Config.getApiBaseUrl(),\r\n getAuthServerUrl: () => Config.getAuthServerUrl(),\r\n getRedirectUri: () => Config.getRedirectUri(),\r\n getClientCode: () => Config.getClientCode()\r\n \r\n };\r\n}\r\n\r\nexport function createTenantResolver(): TenantResolver {\r\n return { resolve: (tenantKey: string) => resolveTenant(tenantKey) };\r\n}\r\n\r\nexport function createBrowserCookieClearer(): CookieClearer {\r\n return {\r\n clearCookies(): void {\r\n if (typeof document === 'undefined' || typeof window === 'undefined') return;\r\n try {\r\n const cookies = document.cookie.split(';');\r\n cookies.forEach((cookie) => {\r\n const eqPos = cookie.indexOf('=');\r\n const name = eqPos > -1 ? cookie.substring(0, eqPos).trim() : cookie.trim();\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;\r\n const domain = window.location.hostname;\r\n const parts = domain.split('.');\r\n if (parts.length > 1) {\r\n const parentDomain = '.' + parts.slice(-2).join('.');\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=${parentDomain}`;\r\n }\r\n });\r\n } catch {\r\n // silent\r\n }\r\n },\r\n };\r\n}\r\n","/**\r\n * OAuth2 PKCE implementation of AuthStrategy.\r\n * Wraps initiateAuthFlow, handleCallback, refreshAccessToken, and logout.\r\n */\r\n\r\nimport type { AuthStrategy } from '../../strategies/auth-strategy.interface';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { storeTenantConfig, initiateAuthFlow } from './oauth';\r\nimport { handleCallback } from './callback';\r\nimport { refreshAccessToken } from './token-exchange';\r\nimport { logout as performLogout } from '../../application/logout';\r\n\r\nexport function createOAuth2PkceStrategy(): AuthStrategy {\r\n return {\r\n async initiate(tenantConfig: TenantConfig): Promise<void> {\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n },\r\n\r\n async handleCallback(): Promise<boolean> {\r\n return handleCallback();\r\n },\r\n\r\n async refresh(): Promise<string> {\r\n return refreshAccessToken();\r\n },\r\n\r\n async logout(options?: { tenantKey?: string }): Promise<void> {\r\n await performLogout(options?.tenantKey);\r\n },\r\n };\r\n}\r\n","/**\r\n * Simple EventBus for engine state updates.\r\n */\r\n\r\nimport type { AuthEngineState, AuthStateListener } from './types';\r\n\r\nexport function createEventBus(): {\r\n subscribe(listener: AuthStateListener): () => void;\r\n emit(state: AuthEngineState): void;\r\n} {\r\n const listeners = new Set<AuthStateListener>();\r\n\r\n return {\r\n subscribe(listener: AuthStateListener): () => void {\r\n listeners.add(listener);\r\n return () => listeners.delete(listener);\r\n },\r\n emit(state: AuthEngineState): void {\r\n listeners.forEach((fn) => {\r\n try {\r\n fn(state);\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n },\r\n };\r\n}\r\n","/**\r\n * Creates the auth engine. No React, no direct browser usage.\r\n */\r\n\r\nimport { setAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport { runBootstrap } from '../run-bootstrap';\r\nimport { createOAuth2PkceStrategy } from '../../strategies/oauth2-pkce/OAuth2PkceStrategy';\r\nimport { ensureValidAccessToken } from '../token';\r\nimport {\r\n getAccessToken,\r\n getExpiresAt,\r\n isAccessTokenExpired,\r\n} from '../../infrastructure/storage/index';\r\nimport { createEventBus } from './eventBus';\r\nimport type { AuthEngine, AuthEngineConfig, AuthEngineState } from './types';\r\n\r\nfunction stateEquals(a: AuthEngineState, b: AuthEngineState): boolean {\r\n return (\r\n a.status === b.status &&\r\n a.accessToken === b.accessToken &&\r\n a.expiresAt === b.expiresAt &&\r\n a.error === b.error\r\n );\r\n}\r\n\r\nfunction deriveState(config: AuthEngineConfig): AuthEngineState {\r\n setAuthRuntime(config);\r\n const accessToken = getAccessToken();\r\n const expiresAt = getExpiresAt();\r\n const expired = isAccessTokenExpired();\r\n\r\n if (accessToken && !expired) {\r\n return {\r\n status: 'authenticated',\r\n accessToken,\r\n expiresAt,\r\n error: null,\r\n };\r\n }\r\n if (accessToken && expired) {\r\n return {\r\n status: 'error',\r\n accessToken,\r\n expiresAt,\r\n error: 'Token expired',\r\n };\r\n }\r\n return {\r\n status: 'unauthenticated',\r\n accessToken: null,\r\n expiresAt: null,\r\n error: null,\r\n };\r\n}\r\n\r\nexport function createAuthEngine(config: AuthEngineConfig): AuthEngine {\r\n const frozenConfig = Object.freeze({ ...config }) as AuthEngineConfig;\r\n const bus = createEventBus();\r\n let lastEmittedState: AuthEngineState | null = null;\r\n const strategy = frozenConfig.strategy ?? createOAuth2PkceStrategy();\r\n\r\n const emitState = (): void => {\r\n const next = deriveState(frozenConfig);\r\n if (lastEmittedState !== null && stateEquals(lastEmittedState, next)) return;\r\n lastEmittedState = next;\r\n bus.emit(next);\r\n };\r\n\r\n return {\r\n async init(): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine init: running bootstrap');\r\n await runBootstrap();\r\n emitState();\r\n },\r\n\r\n async login(): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine login: running bootstrap (may redirect)');\r\n await runBootstrap();\r\n emitState();\r\n },\r\n\r\n async logout(options?: { tenantKey?: string }): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine logout');\r\n await strategy.logout(options);\r\n emitState();\r\n },\r\n\r\n async refresh(): Promise<string> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine refresh');\r\n try {\r\n const token = await strategy.refresh();\r\n emitState();\r\n return token;\r\n } catch (e) {\r\n emitState();\r\n throw e;\r\n }\r\n },\r\n\r\n async getAccessToken(): Promise<string> {\r\n setAuthRuntime(frozenConfig);\r\n return ensureValidAccessToken();\r\n },\r\n\r\n async handleCallback(): Promise<boolean> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine handleCallback');\r\n const handled = await strategy.handleCallback();\r\n emitState();\r\n return handled;\r\n },\r\n\r\n subscribe(listener) {\r\n return bus.subscribe(listener);\r\n },\r\n\r\n getState(): AuthEngineState {\r\n return deriveState(frozenConfig);\r\n },\r\n };\r\n}\r\n","/**\r\n * React Context Provider for authentication state (FINAL)\r\n */\r\n\r\nimport React, { useState, useEffect, useLayoutEffect, useCallback, useMemo, useRef } from 'react';\r\nimport {\r\n getAccessToken as getStoredAccessToken,\r\n isAccessTokenExpired,\r\n} from '../infrastructure/storage/index';\r\nimport {\r\n startStorageWatcher,\r\n stopStorageWatcher,\r\n} from '../infrastructure/watchers';\r\nimport {\r\n startCookieWatcher,\r\n stopCookieWatcher,\r\n resetCookieWatcher,\r\n} from '../infrastructure/watchers';\r\nimport type { AuthContextValue, AuthState } from '../domain/auth-state';\r\nimport { AuthContext, useAuthContext } from './AuthContext';\r\nimport {\r\n Config,\r\n setConfig as setSDKConfig,\r\n clearConfigOverrides,\r\n writeHostConfigCache,\r\n logConfigResolutionDebug,\r\n} from '../config';\r\nimport type { SDKConfig } from '../config';\r\nimport {\r\n setStorageContext,\r\n createSecureSessionStorageAdapter,\r\n setStorageKeyPrefix,\r\n getStorageKey,\r\n type StorageAdapter,\r\n} from '../infrastructure/storage/index';\r\nimport { setAuthRuntime } from '../infrastructure/runtime/context';\r\nimport {\r\n createConsoleLogger,\r\n createBrowserUrlProvider,\r\n createConfigProvider,\r\n createTenantResolver,\r\n createBrowserCookieClearer,\r\n} from '../browser/adapters';\r\nimport { getStorage, setStorage, removeStorage } from '../infrastructure/storage/index';\r\nimport { clearFlowFlags, clearCallbackProcessing } from '../application/lifecycle-state';\r\nimport { createAuthEngine } from '../application/engine/createEngine';\r\nimport { setDefaultAuthEngine } from '../application/engine/defaultEngine';\r\nimport type { AuthEngine } from '../application/engine/types';\r\nimport { logger } from '../utils/logger';\r\n\r\ninterface AuthProviderProps {\r\n children: React.ReactNode;\r\n autoInit?: boolean;\r\n /** Optional config object from host app (alternative to passing individual props). */\r\n config?: SDKConfig;\r\n /** Tenant code from host app (used to resolve tenant via GET /api/tenant/v1/public/tenants/by-code/{tenantCode}). */\r\n tenantCode?: string;\r\n /** Tenant resolution base URL (host app). */\r\n apiBaseUrl?: string;\r\n /** Authorization server URL (host app). */\r\n authServerUrl?: string;\r\n /** Callback/redirect URL (host app). */\r\n callbackUrl?: string;\r\n /** App id for storage namespacing (auth_${tenantId}_${appId}_*). */\r\n appId?: string;\r\n /** Optional storage adapter; default is SecureSessionStorageAdapter with namespacing. */\r\n storageAdapter?: StorageAdapter | null;\r\n}\r\n\r\n/**\r\n * AuthProvider – UI-facing auth state only\r\n */\r\nexport function AuthProvider({\r\n children,\r\n autoInit = true,\r\n config,\r\n tenantCode,\r\n apiBaseUrl,\r\n authServerUrl,\r\n callbackUrl,\r\n appId = '',\r\n storageAdapter,\r\n}: AuthProviderProps): React.JSX.Element {\r\n const mergedTenantCode = tenantCode ?? config?.tenantCode;\r\n const mergedApiBaseUrl = apiBaseUrl ?? config?.apiBaseUrl;\r\n const mergedAuthServerUrl = authServerUrl ?? config?.authServerUrl;\r\n const mergedCallbackUrl = callbackUrl ?? config?.callbackUrl;\r\n const resolvedTenantKey = mergedTenantCode ?? Config.getClientCode();\r\n const namespace = useMemo(\r\n () => ({ tenantId: resolvedTenantKey ?? '', appId: appId ?? '' }),\r\n [resolvedTenantKey, appId]\r\n );\r\n const initRanRef = useRef(false);\r\n const engineRef = useRef<AuthEngine | null>(null);\r\n\r\n useLayoutEffect(() => {\r\n logger.debug('[AuthProvider] Host config props', {\r\n tenantCode: mergedTenantCode ?? '(not provided)',\r\n apiBaseUrl: mergedApiBaseUrl ? mergedApiBaseUrl : '(empty)',\r\n authServerUrl: mergedAuthServerUrl ? mergedAuthServerUrl : '(empty)',\r\n callbackUrl: mergedCallbackUrl ? mergedCallbackUrl : '(empty)',\r\n });\r\n if (!mergedAuthServerUrl || !mergedAuthServerUrl.trim()) {\r\n logger.warn('[AuthProvider] authServerUrl missing from host props');\r\n }\r\n if (!mergedCallbackUrl || !mergedCallbackUrl.trim()) {\r\n logger.warn('[AuthProvider] callbackUrl missing from host props');\r\n }\r\n setSDKConfig({\r\n ...(mergedTenantCode ? { tenantCode: mergedTenantCode, tenantKey: mergedTenantCode } : {}),\r\n ...(mergedApiBaseUrl ? { apiBaseUrl: mergedApiBaseUrl } : {}),\r\n ...(mergedAuthServerUrl ? { authServerUrl: mergedAuthServerUrl } : {}),\r\n ...(mergedCallbackUrl ? { callbackUrl: mergedCallbackUrl } : {}),\r\n });\r\n logConfigResolutionDebug('AuthProvider host props applied');\r\n return () => {\r\n clearConfigOverrides();\r\n };\r\n }, [mergedTenantCode, mergedApiBaseUrl, mergedAuthServerUrl, mergedCallbackUrl]);\r\n\r\n // Non-authoritative cache for early readers (bootstrap before full React tree).\r\n useEffect(() => {\r\n try {\r\n writeHostConfigCache({\r\n tenantCode: mergedTenantCode ?? '',\r\n tenantKey: mergedTenantCode ?? '',\r\n appId: appId ?? '',\r\n apiBaseUrl: mergedApiBaseUrl ?? '',\r\n authServerUrl: mergedAuthServerUrl ?? '',\r\n callbackUrl: mergedCallbackUrl ?? '',\r\n });\r\n } catch {\r\n // ignore\r\n }\r\n }, [mergedTenantCode, mergedApiBaseUrl, mergedAuthServerUrl, mergedCallbackUrl, appId]);\r\n\r\n useLayoutEffect(() => {\r\n setStorageKeyPrefix(resolvedTenantKey ?? '');\r\n const adapter =\r\n storageAdapter !== undefined && storageAdapter !== null\r\n ? storageAdapter\r\n : createSecureSessionStorageAdapter(namespace);\r\n setStorageContext(adapter, namespace);\r\n const runtime = {\r\n storageAdapter: adapter,\r\n storageNamespace: namespace,\r\n logger: createConsoleLogger(),\r\n urlProvider: createBrowserUrlProvider(),\r\n configProvider: createConfigProvider(),\r\n tenantResolver: createTenantResolver(),\r\n clearCookies: createBrowserCookieClearer(),\r\n };\r\n setAuthRuntime(runtime);\r\n engineRef.current = createAuthEngine(runtime);\r\n setDefaultAuthEngine(engineRef.current);\r\n return () => {\r\n setDefaultAuthEngine(null);\r\n engineRef.current = null;\r\n setAuthRuntime(null);\r\n setStorageContext(null, { tenantId: '', appId: '' });\r\n setStorageKeyPrefix('');\r\n };\r\n }, [resolvedTenantKey, appId, storageAdapter]);\r\n\r\n // Store tenantCode in sessionStorage so bootstrap can resolve tenant via API (by-code)\r\n useEffect(() => {\r\n const resolvedTenantKey = mergedTenantCode ?? Config.getClientCode();\r\n\r\n logger.debug('[AuthProvider] Props from host app', {\r\n tenantCode: mergedTenantCode ?? '(not provided)',\r\n appId: appId ?? '',\r\n resolvedTenantKey,\r\n });\r\n\r\n if (resolvedTenantKey) {\r\n const previousTenantKey = getStorage(getStorageKey('tenant_key'));\r\n const tenantKeyChanged = previousTenantKey && previousTenantKey !== resolvedTenantKey;\r\n\r\n if (tenantKeyChanged) {\r\n logger.debug('[AuthProvider] Tenant switch detected', { previous: previousTenantKey, next: resolvedTenantKey });\r\n\r\n if (typeof window !== 'undefined') {\r\n const currentUrl = window.location.href;\r\n const isCallback = currentUrl.includes('code=') || currentUrl.includes('state=');\r\n if (isCallback) {\r\n const cleanUrl = window.location.origin + window.location.pathname;\r\n window.history.replaceState({}, document.title, cleanUrl);\r\n }\r\n }\r\n\r\n removeStorage(getStorageKey('access_token'));\r\n removeStorage(getStorageKey('refresh_token'));\r\n removeStorage(getStorageKey('expires_at'));\r\n removeStorage(getStorageKey('state'));\r\n removeStorage(getStorageKey('code_verifier'));\r\n removeStorage(getStorageKey('callback_processed'));\r\n clearCallbackProcessing();\r\n clearFlowFlags();\r\n\r\n setStorage(getStorageKey('props_changed'), 'true');\r\n setStorage(getStorageKey('tenant_switched'), 'true');\r\n setStorage(getStorageKey('new_tenant_key'), resolvedTenantKey);\r\n\r\n setState({\r\n isAuthenticated: false,\r\n accessToken: null,\r\n isLoading: true,\r\n error: null,\r\n });\r\n } else if (previousTenantKey) {\r\n logger.debug('[AuthProvider] TenantKey unchanged', { tenantKey: resolvedTenantKey });\r\n }\r\n\r\n try {\r\n writeHostConfigCache({\r\n tenantKey: resolvedTenantKey,\r\n tenantCode: resolvedTenantKey,\r\n });\r\n logConfigResolutionDebug('AuthProvider tenant key synced to cache', {\r\n tenantCode: resolvedTenantKey,\r\n tenantKey: resolvedTenantKey,\r\n });\r\n } catch {\r\n // ignore\r\n }\r\n setStorage(getStorageKey('tenant_key'), resolvedTenantKey);\r\n } else {\r\n logger.debug('[AuthProvider] No tenant code determined');\r\n }\r\n }, [mergedTenantCode, appId]);\r\n\r\n const [state, setState] = useState<AuthState>({\r\n isAuthenticated: false,\r\n accessToken: null,\r\n isLoading: autoInit,\r\n error: null,\r\n });\r\n\r\n /**\r\n * Sync auth state from engine (or storage when engine not yet ready)\r\n */\r\n const syncAuthState = useCallback(() => {\r\n try {\r\n const engine = engineRef.current;\r\n let authenticated: boolean;\r\n let accessToken: string | null;\r\n let error: string | null = null;\r\n\r\n if (engine) {\r\n const s = engine.getState();\r\n authenticated = s.status === 'authenticated' && !!s.accessToken;\r\n accessToken = s.accessToken;\r\n error = s.error;\r\n } else {\r\n accessToken = getStoredAccessToken();\r\n authenticated = !!accessToken && !isAccessTokenExpired();\r\n }\r\n\r\n setState({\r\n isAuthenticated: authenticated,\r\n accessToken,\r\n isLoading: false,\r\n error,\r\n });\r\n\r\n if (authenticated) {\r\n } else {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n }\r\n } catch (error) {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n setState({\r\n isAuthenticated: false,\r\n accessToken: null,\r\n isLoading: false,\r\n error: error instanceof Error ? error.message : 'Unknown error',\r\n });\r\n }\r\n }, []);\r\n\r\n /**\r\n * Re-bootstrap when props change indicates tenant switch or config update.\r\n * This ensures tenantKey changes actually trigger a fresh resolve + login.\r\n */\r\n useEffect(() => {\r\n if (!autoInit) return;\r\n\r\n const tenantSwitched = getStorage(getStorageKey('tenant_switched')) === 'true';\r\n const propsChanged = getStorage(getStorageKey('props_changed')) === 'true';\r\n if (!tenantSwitched && !propsChanged) return;\r\n\r\n let cancelled = false;\r\n\r\n const reinit = async () => {\r\n try {\r\n await engineRef.current?.init();\r\n if (!cancelled) {\r\n syncAuthState();\r\n }\r\n } finally {\r\n removeStorage(getStorageKey('props_changed'));\r\n }\r\n };\r\n\r\n reinit();\r\n\r\n return () => {\r\n cancelled = true;\r\n };\r\n }, [autoInit, mergedTenantCode, syncAuthState]);\r\n\r\n /**\r\n * Bootstrap auth on mount (once). initRanRef avoids double run in React StrictMode.\r\n */\r\n useEffect(() => {\r\n if (!autoInit) {\r\n setState((prev) => ({ ...prev, isLoading: false }));\r\n return;\r\n }\r\n if (initRanRef.current) return;\r\n initRanRef.current = true;\r\n\r\n let cancelled = false;\r\n\r\n const init = async () => {\r\n try {\r\n await engineRef.current?.init();\r\n if (!cancelled) syncAuthState();\r\n } catch (error) {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n if (!cancelled) {\r\n setState({\r\n isAuthenticated: false,\r\n accessToken: null,\r\n isLoading: false,\r\n error: error instanceof Error ? error.message : 'Authentication initialization failed',\r\n });\r\n }\r\n }\r\n };\r\n\r\n init();\r\n\r\n return () => {\r\n cancelled = true;\r\n initRanRef.current = false;\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n };\r\n }, [autoInit, syncAuthState]);\r\n\r\n /**\r\n * Explicit login (user action)\r\n */\r\n const login = useCallback(async () => {\r\n setState((prev) => ({ ...prev, isLoading: true }));\r\n await engineRef.current?.login();\r\n syncAuthState();\r\n }, [syncAuthState]);\r\n\r\n /**\r\n * Logout – HARD RESET\r\n */\r\n const logout = useCallback(async () => {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n setState((prev) => ({ ...prev, isLoading: true }));\r\n\r\n try {\r\n await engineRef.current?.logout({ tenantKey: mergedTenantCode });\r\n resetCookieWatcher();\r\n } finally {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n setState({\r\n isAuthenticated: false,\r\n accessToken: null,\r\n isLoading: false,\r\n error: null,\r\n });\r\n }\r\n }, [mergedTenantCode]);\r\n\r\n /**\r\n * Refresh token explicitly\r\n */\r\n const refreshToken = useCallback(async (): Promise<string> => {\r\n try {\r\n const newToken = (await engineRef.current?.refresh()) ?? '';\r\n syncAuthState();\r\n return newToken;\r\n } catch (error) {\r\n await logout();\r\n throw error;\r\n }\r\n }, [syncAuthState, logout]);\r\n\r\n /**\r\n * Get access token (auto-refresh)\r\n */\r\n const getValidAccessToken = useCallback(async (): Promise<string> => {\r\n try {\r\n const token = await engineRef.current?.getAccessToken();\r\n if (!token) throw new Error('Not authenticated');\r\n syncAuthState();\r\n return token;\r\n } catch (error) {\r\n await logout();\r\n throw error;\r\n }\r\n }, [syncAuthState, logout]);\r\n\r\n /**\r\n * Set access token in memory/context (used by AuthCallback)\r\n */\r\n const setTokens = useCallback((accessToken: string): void => {\r\n setState({\r\n isAuthenticated: true,\r\n accessToken,\r\n isLoading: false,\r\n error: null,\r\n });\r\n }, []);\r\n\r\n const contextValue = useMemo<AuthContextValue>(\r\n () => ({\r\n ...state,\r\n login,\r\n logout,\r\n refreshToken,\r\n getAccessToken: getValidAccessToken,\r\n setTokens,\r\n }),\r\n [state, login, logout, refreshToken, getValidAccessToken, setTokens]\r\n );\r\n\r\n return (\r\n <AuthContext.Provider value={contextValue}>\r\n {children}\r\n </AuthContext.Provider>\r\n );\r\n}\r\n\r\nexport { useAuthContext };\r\n","import React, { useEffect, useRef, useState } from 'react';\r\nimport { getStorage, getStorageKey, getAccessToken } from '../infrastructure/storage/index';\r\nimport { useAuthContext } from '../context/AuthProvider';\r\nimport { handleCallback } from '../strategies/oauth2-pkce/callback';\r\n\r\nconst PLUGIN_DISPLAY_NAME = 'Tenneo Auth';\r\n\r\ntype StatusState = 'idle' | 'loading' | 'success' | 'error';\r\n\r\ninterface AuthCallbackProps {\r\n loginPath?: string;\r\n successPath?: string;\r\n homePath?: string;\r\n}\r\n\r\nexport function AuthCallback({\r\n loginPath = '/login',\r\n successPath = '/dashboard',\r\n homePath = '/',\r\n}: AuthCallbackProps): React.JSX.Element {\r\n const { setTokens } = useAuthContext();\r\n const handledRef = useRef(false);\r\n const [status, setStatus] = useState<StatusState>('idle');\r\n const [message, setMessage] = useState<string>('');\r\n\r\n useEffect(() => {\r\n if (handledRef.current) return;\r\n handledRef.current = true;\r\n\r\n const urlParams = new URLSearchParams(window.location.search);\r\n const hasCallbackParams = urlParams.has('code') || urlParams.has('error');\r\n\r\n if (!hasCallbackParams) {\r\n window.location.replace(loginPath || homePath);\r\n return;\r\n }\r\n\r\n const error = urlParams.get('error');\r\n const errorDescription = urlParams.get('error_description');\r\n if (error) {\r\n setStatus('error');\r\n setMessage(`${error}: ${errorDescription || 'Authorization failed'}`);\r\n window.history.replaceState({}, document.title, window.location.origin + window.location.pathname);\r\n return;\r\n }\r\n\r\n const runCallback = async () => {\r\n setStatus('loading');\r\n setMessage('Completing sign-in...');\r\n\r\n // Single source of truth: handleCallback() does validation + exchangeCodeForTokens once\r\n const handled = await handleCallback();\r\n\r\n if (!handled) {\r\n setStatus('error');\r\n setMessage('Authentication failed. Please try again.');\r\n window.history.replaceState({}, document.title, window.location.origin + window.location.pathname);\r\n return;\r\n }\r\n\r\n // Important:\r\n // handleCallback() may return `true` during an in-flight callback processing\r\n // (e.g. a second mount/rerender). In that case token might not yet be stored.\r\n // Redirect only once we actually have a token.\r\n const startedAt = Date.now();\r\n const MAX_WAIT_MS = 5000;\r\n\r\n // eslint-disable-next-line no-constant-condition\r\n while (true) {\r\n const token = getAccessToken();\r\n if (token) {\r\n setTokens(token);\r\n setStatus('success');\r\n setMessage('Authentication successful. Redirecting...');\r\n window.location.replace(successPath);\r\n return;\r\n }\r\n\r\n if (Date.now() - startedAt > MAX_WAIT_MS) break;\r\n await new Promise((r) => setTimeout(r, 200));\r\n }\r\n\r\n setStatus('error');\r\n setMessage('Authentication did not complete. Please try again.');\r\n window.history.replaceState({}, document.title, window.location.origin + window.location.pathname);\r\n };\r\n\r\n runCallback();\r\n }, [homePath, loginPath, successPath, setTokens]);\r\n\r\n const containerStyle: React.CSSProperties = {\r\n minHeight: '200px',\r\n display: 'flex',\r\n flexDirection: 'column',\r\n alignItems: 'center',\r\n justifyContent: 'center',\r\n padding: 32,\r\n fontFamily: 'system-ui, -apple-system, Segoe UI, Roboto, sans-serif',\r\n textAlign: 'center',\r\n };\r\n\r\n const titleStyle: React.CSSProperties = {\r\n margin: 0,\r\n fontSize: '1.25rem',\r\n fontWeight: 600,\r\n color: '#1a1a1a',\r\n marginBottom: 8,\r\n };\r\n\r\n const messageStyle: React.CSSProperties = {\r\n margin: 0,\r\n fontSize: '0.9375rem',\r\n color: '#555',\r\n lineHeight: 1.5,\r\n maxWidth: 360,\r\n };\r\n\r\n const errorBoxStyle: React.CSSProperties = {\r\n marginTop: 16,\r\n padding: '12px 16px',\r\n backgroundColor: '#fef2f2',\r\n border: '1px solid #fecaca',\r\n borderRadius: 8,\r\n color: '#991b1b',\r\n fontSize: '0.875rem',\r\n maxWidth: 360,\r\n };\r\n\r\n const retryLinkStyle: React.CSSProperties = {\r\n marginTop: 16,\r\n fontSize: '0.875rem',\r\n color: '#2563eb',\r\n textDecoration: 'none',\r\n cursor: 'pointer',\r\n };\r\n\r\n const spinnerStyle: React.CSSProperties = {\r\n width: 28,\r\n height: 28,\r\n border: '3px solid #e5e7eb',\r\n borderTopColor: '#2563eb',\r\n borderRadius: '50%',\r\n animation: 'auth-callback-spin 0.8s linear infinite',\r\n marginBottom: 16,\r\n };\r\n\r\n const pluginNameStyle: React.CSSProperties = {\r\n position: 'absolute',\r\n top: 24,\r\n left: '50%',\r\n transform: 'translateX(-50%)',\r\n margin: 0,\r\n fontSize: '0.875rem',\r\n fontWeight: 600,\r\n color: '#6b7280',\r\n letterSpacing: '0.02em',\r\n };\r\n\r\n return (\r\n <div style={{ ...containerStyle, position: 'relative' }}>\r\n <style>{`@keyframes auth-callback-spin { to { transform: rotate(360deg); } }`}</style>\r\n <p style={pluginNameStyle}>{PLUGIN_DISPLAY_NAME}</p>\r\n {status === 'loading' && (\r\n <>\r\n <div style={spinnerStyle} aria-hidden />\r\n <h2 style={titleStyle}>Signing you in...</h2>\r\n <p style={messageStyle}>Please wait while we complete authentication.</p>\r\n </>\r\n )}\r\n {status === 'success' && (\r\n <>\r\n <h2 style={titleStyle}>Signed in successfully</h2>\r\n <p style={messageStyle}>Redirecting you now.</p>\r\n </>\r\n )}\r\n {status === 'error' && (\r\n <>\r\n <h2 style={{ ...titleStyle, color: '#991b1b' }}>Authentication failed</h2>\r\n <div style={errorBoxStyle}>{message}</div>\r\n <a\r\n href={loginPath}\r\n style={retryLinkStyle}\r\n onClick={(e) => {\r\n e.preventDefault();\r\n window.location.href = loginPath;\r\n }}\r\n >\r\n Try again\r\n </a>\r\n </>\r\n )}\r\n {status === 'idle' && (\r\n <>\r\n <div style={spinnerStyle} aria-hidden />\r\n <h2 style={titleStyle}>Preparing callback...</h2>\r\n <p style={messageStyle}>Setting up authentication.</p>\r\n </>\r\n )}\r\n </div>\r\n );\r\n}\r\n","/**\r\n * useAuth hook for accessing authentication state and methods\r\n */\r\n\r\nimport { useAuthContext } from '../context/AuthProvider';\r\nimport type { AuthContextValue } from '../domain/auth-state';\r\n\r\n/**\r\n * Hook to access authentication state and methods\r\n * @returns Authentication context value\r\n */\r\nexport function useAuth(): AuthContextValue {\r\n return useAuthContext();\r\n}\r\n\r\n","import React, { useEffect, useRef, useState } from 'react';\r\nimport { useAuth } from '../hooks/useAuth';\r\n\r\ninterface ProtectedRouteProps {\r\n children: React.ReactNode;\r\n fallback?: React.ReactNode;\r\n autoLogin?: boolean;\r\n}\r\n\r\nexport function ProtectedRoute({\r\n children,\r\n fallback = null,\r\n autoLogin = true,\r\n}: ProtectedRouteProps): React.JSX.Element {\r\n const { isAuthenticated, getAccessToken, login } = useAuth();\r\n const [ready, setReady] = useState(false);\r\n const loginTriggeredRef = useRef(false);\r\n\r\n useEffect(() => {\r\n let cancelled = false;\r\n\r\n const run = async () => {\r\n if (isAuthenticated) {\r\n if (!cancelled) setReady(true);\r\n return;\r\n }\r\n\r\n try {\r\n await getAccessToken();\r\n if (!cancelled) setReady(true);\r\n } catch {\r\n if (autoLogin && !loginTriggeredRef.current) {\r\n loginTriggeredRef.current = true;\r\n await login();\r\n }\r\n if (!cancelled) setReady(false);\r\n }\r\n };\r\n\r\n run();\r\n\r\n return () => {\r\n cancelled = true;\r\n };\r\n }, [autoLogin, getAccessToken, isAuthenticated, login]);\r\n\r\n if (!ready || !isAuthenticated) {\r\n return <>{fallback}</>;\r\n }\r\n\r\n return <>{children}</>;\r\n}\r\n","/**\r\n * useAuthInit hook\r\n * \r\n * RULES:\r\n * - Only prevents parallel init calls\r\n * - Does NOT block based on flags (bootstrap handles that)\r\n */\r\n\r\nimport { useRef, useState, useCallback, useEffect, useMemo } from 'react';\r\nimport { bootstrap } from '../application/bootstrap';\r\n\r\ninterface UseAuthInitResult {\r\n isLoading: boolean;\r\n error: string | null;\r\n init: () => Promise<void>;\r\n}\r\n\r\nexport function useAuthInit(): UseAuthInitResult {\r\n const [isLoading, setIsLoading] = useState(false);\r\n const [error, setError] = useState<string | null>(null);\r\n\r\n // Prevent parallel init calls\r\n const inProgressRef = useRef(false);\r\n\r\n // Prevent setState after unmount\r\n const mountedRef = useRef(true);\r\n\r\n useEffect(() => {\r\n return () => {\r\n mountedRef.current = false;\r\n };\r\n }, []);\r\n\r\n const init = useCallback(async () => {\r\n // Prevent duplicate init calls\r\n if (inProgressRef.current) {\r\n return;\r\n }\r\n\r\n inProgressRef.current = true;\r\n\r\n if (mountedRef.current) {\r\n setIsLoading(true);\r\n setError(null);\r\n }\r\n\r\n try {\r\n // Bootstrap handles all decision logic (force login, callback, etc.)\r\n await bootstrap();\r\n } catch (err) {\r\n if (mountedRef.current) {\r\n setError(\r\n err instanceof Error\r\n ? err.message\r\n : 'Authentication initialization failed',\r\n );\r\n }\r\n } finally {\r\n inProgressRef.current = false;\r\n\r\n if (mountedRef.current) {\r\n setIsLoading(false);\r\n }\r\n }\r\n }, []);\r\n\r\n return useMemo(\r\n () => ({ isLoading, error, init }),\r\n [isLoading, error, init]\r\n );\r\n}\r\n"]}
1
+ {"version":3,"sources":["../src/infrastructure/runtime/context.ts","../src/domain/tenant.ts","../src/infrastructure/storage/prefix.ts","../src/infrastructure/storage/namespace.ts","../src/infrastructure/storage/context.ts","../src/infrastructure/storage/memory-adapter.ts","../src/infrastructure/storage/session-adapter.ts","../src/infrastructure/storage/cookie-adapter.ts","../src/infrastructure/storage/kv.ts","../src/infrastructure/storage/api.ts","../src/utils/logger.ts","../src/config/resolver-core.ts","../src/config/host-fields.ts","../src/domain/errors.ts","../src/domain/auth-lifecycle.ts","../src/application/lifecycle-state.ts","../src/application/events/AuthEvents.ts","../src/config/constants.ts","../src/config/index.ts","../src/infrastructure/tenant/TenantConfigCache.ts","../src/infrastructure/tenant/tenantResolution.ts","../src/application/domain-facade.ts","../src/strategies/oauth2-pkce/token-exchange.ts","../src/strategies/oauth2-pkce/pkce.ts","../src/utils/validation.ts","../src/application/security/redirectLoopGuard.ts","../src/strategies/oauth2-pkce/oauth.ts","../src/strategies/oauth2-pkce/callback.ts","../src/application/flows/CallbackFlow.ts","../src/application/flows/AuthenticatedFlow.ts","../src/application/engine/defaultEngine.ts","../src/application/token.ts","../src/application/flows/RefreshFlow.ts","../src/application/flows/TenantSwitchFlow.ts","../src/application/flows/LoginFlow.ts","../src/application/flows/getFlowForState.ts","../src/application/run-bootstrap.ts","../src/infrastructure/watchers/callbacks.ts","../src/application/bootstrap.ts","../src/infrastructure/watchers/watcher-guard.ts","../src/strategies/cookie/cookie-auth.ts","../src/infrastructure/watchers/cookie-watcher.ts","../src/infrastructure/watchers/storage-watcher.ts","../src/utils/cookies.ts","../src/application/logout.ts","../src/context/AuthContext.tsx","../src/infrastructure/tenant/tenant.api.ts","../src/browser/adapters.ts","../src/strategies/oauth2-pkce/OAuth2PkceStrategy.ts","../src/application/engine/eventBus.ts","../src/application/engine/createEngine.ts","../src/context/AuthProvider.tsx","../src/components/AuthCallback.tsx","../src/hooks/useAuth.ts","../src/components/ProtectedRoute.tsx","../src/hooks/useAuthInit.ts"],"names":["trim","isDev","getStorage","isCallbackUrl","STORAGE_KEYS","getAuthConfig","getRedirectUri","isLocalhost","existingToken","tokenValid","getAccessToken","isWatching","DEFAULT_SCOPES","listeners","resolvedTenantKey","logout","useRef","useState","useEffect","jsx","Fragment","useCallback","useMemo"],"mappings":";;;;;AAOA,IAAI,cAAA,GAAqC,IAAA;AAElC,SAAS,eAAe,OAAA,EAAmC;AAChE,EAAA,cAAA,GAAiB,OAAA;AACnB;AAEO,SAAS,cAAA,GAAqC;AACnD,EAAA,OAAO,cAAA;AACT;;;ACCO,SAAS,YAAY,QAAA,EAA2B;AACrD,EAAA,OACE,aAAa,WAAA,IACb,QAAA,KAAa,WAAA,IACb,QAAA,KAAa,WACb,QAAA,CAAS,UAAA,CAAW,UAAU,CAAA,IAC9B,SAAS,UAAA,CAAW,KAAK,CAAA,IACzB,QAAA,CAAS,SAAS,QAAQ,CAAA;AAE9B;AAkEO,SAAS,qBAAqB,GAAA,EAAuB;AAC1D,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,GAAA,CAAI,MAAM,CAAA;AAC7C,EAAA,OAAO,OAAO,GAAA,CAAI,MAAM,CAAA,IAAK,MAAA,CAAO,IAAI,OAAO,CAAA;AACjD;;;ACzFA,IAAM,cAAA,GAAiB,cAAA;AAEvB,IAAI,aAAA,GAAgB,cAAA;AAEb,SAAS,mBAAA,GAA8B;AAC5C,EAAA,OAAO,aAAA;AACT;AAKA,SAAS,oBAAoB,UAAA,EAA4B;AACvD,EAAA,MAAM,OAAA,GAAU,WAAW,IAAA,EAAK;AAChC,EAAA,IAAI,CAAC,SAAS,OAAO,EAAA;AACrB,EAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,gBAAA,EAAkB,GAAG,EAAE,WAAA,EAAY;AAC5D;AAMO,SAAS,oBAAoB,UAAA,EAA0B;AAC5D,EAAA,MAAM,UAAA,GAAa,oBAAoB,UAAU,CAAA;AACjD,EAAA,aAAA,GAAgB,UAAA,GAAa,CAAA,EAAG,UAAU,CAAA,MAAA,CAAA,GAAW,cAAA;AACvD;AAKO,SAAS,cAAc,MAAA,EAAwB;AACpD,EAAA,OAAO,qBAAoB,GAAI,MAAA;AACjC;;;ACvBO,SAAS,eAAA,CACd,IACA,MAAA,EACQ;AACR,EAAA,MAAM,EAAE,QAAA,EAAU,KAAA,EAAM,GAAI,EAAA;AAC5B,EAAA,IAAI,CAAC,QAAA,IAAY,CAAC,KAAA,EAAO;AACvB,IAAA,OAAO,CAAA,EAAG,mBAAA,EAAqB,CAAA,EAAG,MAAM,CAAA,CAAA;AAAA,EAC1C;AACA,EAAA,MAAM,MAAM,QAAA,IAAY,EAAA;AACxB,EAAA,MAAM,MAAM,KAAA,IAAS,EAAA;AACrB,EAAA,OAAO,CAAA,KAAA,EAAQ,GAAG,CAAA,CAAA,EAAI,GAAG,IAAI,MAAM,CAAA,CAAA;AACrC;AAGO,IAAM,kBAAA,GAAqB;AAAA,EAChC,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,SAAA,EAAW;AACb,CAAA;AAGO,IAAM,mBAAA,GAAsB;AAAA,EACjC,aAAA,EAAe,iBAAA;AAAA,EACf,QAAA,EAAU,WAAA;AAAA,EACV,WAAA,EAAa,cAAA;AAAA,EACb,QAAA,EAAU,WAAA;AAAA,EACV,SAAA,EAAW,YAAA;AAAA,EACX,YAAA,EAAc,eAAA;AAAA,EACd,KAAA,EAAO,OAAA;AAAA,EACP,iBAAA,EAAmB,oBAAA;AAAA,EACnB,kBAAA,EAAoB,qBAAA;AAAA,EACpB,iBAAA,EAAmB,oBAAA;AAAA,EACnB,cAAA,EAAgB,kBAAA;AAAA,EAChB,aAAA,EAAe,gBAAA;AAAA,EACf,gBAAA,EAAkB,mBAAA;AAAA,EAClB,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,cAAA,EAAgB,iBAAA;AAAA,EAChB,YAAA,EAAc,gBAAA;AAAA,EACd,aAAA,EAAe,gBAAA;AAAA,EACf,mBAAA,EAAqB,uBAAA;AAAA,EACrB,kBAAA,EAAoB,qBAAA;AAAA,EACpB,eAAA,EAAiB;AACnB,CAAA;;;AC/CA,IAAI,cAAA,GAAwC,IAAA;AAC5C,IAAI,gBAAA,GAAqC,EAAE,QAAA,EAAU,EAAA,EAAI,OAAO,EAAA,EAAG;AAE5D,SAAS,iBAAA,CACd,OAAA,EACA,SAAA,GAAuC,EAAC,EAClC;AACN,EAAA,cAAA,GAAiB,OAAA;AACjB,EAAA,gBAAA,GAAmB;AAAA,IACjB,QAAA,EAAU,UAAU,QAAA,IAAY,EAAA;AAAA,IAChC,KAAA,EAAO,UAAU,KAAA,IAAS;AAAA,GAC5B;AACF;AAEO,SAAS,iBAAA,GAA2C;AACzD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,OAAA,EAAS,cAAA,EAAgB,OAAO,OAAA,CAAQ,cAAA;AAC5C,EAAA,OAAO,cAAA;AACT;AAEO,SAAS,mBAAA,GAAwC;AACtD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,SAAS,gBAAA,EAAkB,OAAO,EAAE,GAAG,QAAQ,gBAAA,EAAiB;AACpE,EAAA,OAAO,EAAE,GAAG,gBAAA,EAAiB;AAC/B;;;ACzBO,SAAS,2BACd,SAAA,EACgB;AAChB,EAAA,MAAM,KAAA,uBAAY,GAAA,EAAoB;AAEtC,EAAA,MAAM,gBAAgB,MAAyB;AAC7C,IAAA,MAAM,WAAA,GAAc,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA,IAAK,IAAA;AAC7F,IAAA,MAAM,YAAA,GAAe,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA,IAAK,IAAA;AAC/F,IAAA,MAAM,YAAA,GAAe,MAAM,GAAA,CAAI,eAAA,CAAgB,WAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA,IAAK,IAAA;AAC5F,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,IAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,IAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,IAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,EAChD,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,OAAO,aAAA,EAAc;AAAA,IACvB,CAAA;AAAA,IACA,aAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACxF,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AAC1F,MAAA,KAAA,CAAM,GAAA,CAAI,gBAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,IAC9F,CAAA;AAAA,IACA,cAAc,MAAA,EAA0B;AACtC,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACxF,MAAA,KAAA,CAAM,IAAI,eAAA,CAAgB,SAAA,EAAW,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AAC1F,MAAA,KAAA,CAAM,GAAA,CAAI,gBAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,IAC9F,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvE,CAAA;AAAA,IACA,eAAA,GAAwB;AACtB,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxE,MAAA,KAAA,CAAM,MAAA,CAAO,eAAA,CAAgB,SAAA,EAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvE,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,OAAO,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,IAC3B,CAAA;AAAA,IACA,YAAY,GAAA,EAA4B;AACtC,MAAA,OAAO,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,IAC3B,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,KAAA,CAAM,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,IACtB,CAAA;AAAA,IACA,WAAA,CAAY,KAAa,KAAA,EAAqB;AAC5C,MAAA,KAAA,CAAM,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,IACtB,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,IAClB,CAAA;AAAA,IACA,eAAe,GAAA,EAAmB;AAChC,MAAA,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,IAClB,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,KAAA,CAAM,KAAA,EAAM;AAAA,IACd,CAAA;AAAA,IACA,SAAA,GAAkB;AAChB,MAAA,KAAA,CAAM,KAAA,EAAM;AAAA,IACd;AAAA,GACF;AACF;;;ACtEA,SAAS,iBAAA,GAAoC;AAC3C,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,EAAA,IAAI;AACF,IAAA,OAAO,MAAA,CAAO,cAAA;AAAA,EAChB,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEO,SAAS,kCACd,SAAA,EACgB;AAChB,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,OAAO,kBAAkB,SAAS,CAAA;AAAA,IACpC,CAAA;AAAA,IACA,aAAA,GAAmC;AACjC,MAAA,OAAO,kBAAkB,SAAS,CAAA;AAAA,IACpC,CAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,iBAAA,CAAkB,WAAW,MAAM,CAAA;AAAA,IACrC,CAAA;AAAA,IACA,cAAc,MAAA,EAA0B;AACtC,MAAA,iBAAA,CAAkB,WAAW,MAAM,CAAA;AAAA,IACrC,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,mBAAA,CAAoB,SAAS,CAAA;AAAA,IAC/B,CAAA;AAAA,IACA,eAAA,GAAwB;AACtB,MAAA,mBAAA,CAAoB,SAAS,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,OAAO,gBAAgB,GAAG,CAAA;AAAA,IAC5B,CAAA;AAAA,IACA,YAAY,GAAA,EAA4B;AACtC,MAAA,OAAO,gBAAgB,GAAG,CAAA;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,eAAA,CAAgB,KAAK,KAAK,CAAA;AAAA,IAC5B,CAAA;AAAA,IACA,WAAA,CAAY,KAAa,KAAA,EAAqB;AAC5C,MAAA,eAAA,CAAgB,KAAK,KAAK,CAAA;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,kBAAA,CAAmB,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA,IACA,eAAe,GAAA,EAAmB;AAChC,MAAA,kBAAA,CAAmB,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,aAAA,CAAc,SAAS,CAAA;AAAA,IACzB,CAAA;AAAA,IACA,SAAA,GAAkB;AAChB,MAAA,aAAA,CAAc,SAAS,CAAA;AAAA,IACzB;AAAA,GACF;AACF;AAEA,SAAS,kBAAkB,EAAA,EAAyC;AAClE,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AACrB,EAAA,IAAI;AACF,IAAA,MAAM,cAAc,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvF,IAAA,MAAM,eAAe,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACzF,IAAA,MAAM,eAAe,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAC,CAAA;AACtF,IAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,IAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,IAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,IAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,EAChD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,SAAS,iBAAA,CAAkB,IAAsB,MAAA,EAA0B;AACzE,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,QAAQ,eAAA,CAAgB,EAAA,EAAI,mBAAmB,WAAW,CAAA,EAAG,OAAO,WAAW,CAAA;AACvF,IAAA,OAAA,CAAQ,QAAQ,eAAA,CAAgB,EAAA,EAAI,mBAAmB,YAAY,CAAA,EAAG,OAAO,YAAY,CAAA;AACzF,IAAA,OAAA,CAAQ,OAAA,CAAQ,gBAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAC,CAAA;AAAA,EAC7F,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,oBAAoB,EAAA,EAA4B;AACvD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACtE,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACvE,IAAA,OAAA,CAAQ,UAAA,CAAW,eAAA,CAAgB,EAAA,EAAI,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,EACtE,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,gBAAgB,GAAA,EAA4B;AACnD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,OAAO,IAAA;AACrB,EAAA,IAAI;AACF,IAAA,OAAO,OAAA,CAAQ,QAAQ,GAAG,CAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,SAAS,eAAA,CAAgB,KAAa,KAAA,EAAqB;AACzD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,mBAAmB,GAAA,EAAmB;AAC7C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,WAAW,GAAG,CAAA;AAAA,EACxB,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEA,SAAS,cAAc,EAAA,EAA4B;AACjD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS;AACd,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,EAAA,CAAG,QAAA,IAAY,EAAA,CAAG,QAC7B,CAAA,KAAA,EAAQ,EAAA,CAAG,QAAA,IAAY,EAAE,CAAA,CAAA,EAAI,EAAA,CAAG,KAAA,IAAS,EAAE,MAC3C,mBAAA,EAAoB;AACxB,IAAA,MAAM,OAAiB,EAAC;AACxB,IAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,OAAA,CAAQ,QAAQ,CAAA,EAAA,EAAK;AACvC,MAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,GAAA,CAAI,CAAC,CAAA;AACzB,MAAA,IAAI,OAAO,GAAA,CAAI,UAAA,CAAW,MAAM,CAAA,EAAG,IAAA,CAAK,KAAK,GAAG,CAAA;AAAA,IAClD;AACA,IAAA,IAAA,CAAK,QAAQ,CAAC,CAAA,KAAM,OAAA,CAAQ,UAAA,CAAW,CAAC,CAAC,CAAA;AAAA,EAC3C,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;;;ACjJA,IAAM,sBAAA,GAAyB;AAAA,EAC7B,IAAA,EAAM,GAAA;AAAA,EACN,QAAA,EAAU,KAAA;AAAA,EACV,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK;AAAA;AACzB,CAAA;AAEA,SAAS,WAAA,GAA+B;AACtC,EAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAC5C,EAAA,OAAO,QAAA;AACT;AAEA,SAAS,UAAU,IAAA,EAA6B;AAC9C,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,IAAO,CAAC,GAAA,CAAI,QAAQ,OAAO,IAAA;AAChC,EAAA,MAAM,KAAA,GAAQ,IAAI,MAAA,CAAO,KAAA,CAAM,IAAI,MAAA,CAAO,OAAA,GAAU,IAAA,GAAO,UAAU,CAAC,CAAA;AACtE,EAAA,OAAO,KAAA,GAAQ,kBAAA,CAAmB,KAAA,CAAM,CAAC,CAAC,CAAA,GAAI,IAAA;AAChD;AAEA,SAAS,SAAA,CACP,IAAA,EACA,KAAA,EACA,OAAA,GAAoF,EAAC,EAC/E;AACN,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,EAAK;AACV,EAAA,MAAM,EAAE,IAAA,GAAO,GAAA,EAAK,QAAA,GAAW,KAAA,EAAO,MAAA,EAAO,GAAI,EAAE,GAAG,sBAAA,EAAwB,GAAG,OAAA,EAAQ;AACzF,EAAA,IAAI,MAAA,GAAS,CAAA,EAAG,kBAAA,CAAmB,IAAI,CAAC,CAAA,CAAA,EAAI,kBAAA,CAAmB,KAAK,CAAC,CAAA,MAAA,EAAS,IAAI,CAAA,UAAA,EAAa,QAAQ,CAAA,CAAA;AACvG,EAAA,IAAI,MAAA,IAAU,IAAA,EAAM,MAAA,IAAU,CAAA,SAAA,EAAY,MAAM,CAAA,CAAA;AAChD,EAAA,GAAA,CAAI,MAAA,GAAS,MAAA;AACf;AAEA,SAAS,aAAa,IAAA,EAAoB;AACxC,EAAA,MAAM,MAAM,WAAA,EAAY;AACxB,EAAA,IAAI,CAAC,GAAA,EAAK;AACV,EAAA,GAAA,CAAI,MAAA,GAAS,CAAA,EAAG,kBAAA,CAAmB,IAAI,CAAC,CAAA,kBAAA,CAAA;AAC1C;AAEO,SAAS,0BAAA,CACd,WACA,OAAA,EACgB;AAChB,EAAA,MAAM,MAAA,GAAS,SAAS,YAAA,IAAgB,MAAA;AACxC,EAAA,MAAM,SAAA,GAAY,SAAA,CAAU,QAAA,IAAY,SAAA,CAAU,QAC9C,CAAA,KAAA,EAAQ,SAAA,CAAU,QAAA,IAAY,EAAE,CAAA,CAAA,EAAI,SAAA,CAAU,KAAA,IAAS,EAAE,MACzD,mBAAA,EAAoB;AAExB,EAAA,MAAM,aAAa,CAAC,MAAA,KAClB,GAAG,MAAM,CAAA,CAAA,EAAI,UAAU,QAAA,IAAY,GAAG,CAAA,CAAA,EAAI,SAAA,CAAU,SAAS,GAAG,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA,CAAG,OAAA,CAAQ,kBAAkB,GAAG,CAAA;AAE5G,EAAA,OAAO;AAAA,IACL,MAAM,SAAA,GAAwC;AAC5C,MAAA,MAAM,WAAA,GAAc,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACxE,MAAA,MAAM,YAAA,GAAe,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AAC1E,MAAA,MAAM,YAAA,GAAe,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AACvE,MAAA,IAAI,CAAC,WAAA,IAAe,CAAC,YAAA,IAAgB,CAAC,cAAc,OAAO,IAAA;AAC3D,MAAA,MAAM,SAAA,GAAY,QAAA,CAAS,YAAA,EAAc,EAAE,CAAA;AAC3C,MAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG,OAAO,IAAA;AAC7B,MAAA,OAAO,EAAE,WAAA,EAAa,YAAA,EAAc,SAAA,EAAU;AAAA,IAChD,CAAA;AAAA,IAEA,MAAM,UAAU,MAAA,EAAmC;AACjD,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAA,EAAG,MAAA,CAAO,aAAa,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,EAAI,CAAA;AAC7F,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAA,EAAG,MAAA,CAAO,YAAA,EAAc,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,CAAA,EAAG,CAAA;AACxG,MAAA,SAAA,CAAU,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAA,EAAG,MAAA,CAAO,MAAA,CAAO,SAAS,CAAA,EAAG,EAAE,MAAA,EAAQ,EAAA,GAAK,EAAA,GAAK,IAAI,CAAA;AAAA,IACxG,CAAA;AAAA,IAEA,MAAM,WAAA,GAA6B;AACjC,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,WAAW,CAAC,CAAA;AACvD,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,YAAY,CAAC,CAAA;AACxD,MAAA,YAAA,CAAa,UAAA,CAAW,kBAAA,CAAmB,SAAS,CAAC,CAAA;AAAA,IACvD,CAAA;AAAA,IAEA,MAAM,QAAQ,GAAA,EAAqC;AACjD,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,OAAO,SAAA,CAAU,UAAA,CAAW,IAAI,CAAC,CAAA;AAAA,IACnC,CAAA;AAAA,IAEA,MAAM,OAAA,CAAQ,GAAA,EAAa,KAAA,EAA8B;AACvD,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,SAAA,CAAU,UAAA,CAAW,IAAI,CAAA,EAAG,KAAK,CAAA;AAAA,IACnC,CAAA;AAAA,IAEA,MAAM,WAAW,GAAA,EAA4B;AAC3C,MAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,SAAS,IAAI,GAAA,CAAI,KAAA,CAAM,SAAA,CAAU,MAAM,CAAA,GAAI,GAAA;AACvE,MAAA,YAAA,CAAa,UAAA,CAAW,IAAI,CAAC,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,MAAM,QAAA,GAAW,MAAA,CAAO,MAAA,CAAO,kBAAkB,CAAA;AACjD,MAAA,QAAA,CAAS,QAAQ,CAAC,CAAA,KAAM,aAAa,UAAA,CAAW,CAAC,CAAC,CAAC,CAAA;AACnD,MAAA,MAAA,CAAO,MAAA,CAAO,mBAAmB,CAAA,CAAE,OAAA,CAAQ,CAAC,WAAW,YAAA,CAAa,UAAA,CAAW,MAAM,CAAC,CAAC,CAAA;AAAA,IACzF;AAAA,GACF;AACF;;;AChGA,SAAS,YAAY,GAAA,EAAqB;AACxC,EAAA,MAAM,SAAS,mBAAA,EAAoB;AACnC,EAAA,OAAO,GAAA,CAAI,WAAW,MAAM,CAAA,GAAI,IAAI,KAAA,CAAM,MAAA,CAAO,MAAM,CAAA,GAAI,GAAA;AAC7D;AAEO,SAAS,UAAA,CAAW,KAAa,KAAA,EAAqB;AAC3D,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,WAAA,EAAa;AAC3B,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,WAAA,CAAY,eAAA,CAAgB,EAAA,EAAI,MAAM,GAAG,KAAK,CAAA;AAAA,EACxD,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,WAAW,GAAA,EAA4B;AACrD,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,OAAA,EAAS,WAAA,EAAa,OAAO,IAAA;AAClC,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAO,OAAA,CAAQ,WAAA,CAAY,eAAA,CAAgB,EAAA,EAAI,MAAM,CAAC,CAAA;AAAA,EACxD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEO,SAAS,cAAc,GAAA,EAAmB;AAC/C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,CAAC,SAAS,cAAA,EAAgB;AAC9B,EAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,EAAA,MAAM,MAAA,GAAS,YAAY,GAAG,CAAA;AAC9B,EAAA,IAAI;AACF,IAAA,OAAA,CAAQ,cAAA,CAAe,eAAA,CAAgB,EAAA,EAAI,MAAM,CAAC,CAAA;AAAA,EACpD,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;;;ACpCA,IAAM,YAAA,GAAe;AAAA,EACnB,SAAA,EAAW,YAAA;AAAA,EACX,YAAA,EAAc,eAAA;AAAA,EACd,KAAA,EAAO,OAAA;AAAA,EACP,WAAA,EAAa,cAAA;AAAA,EACb,YAAA,EAAc,eAAA;AAAA,EACd,SAAA,EAAW;AACb,CAAA;AAEO,IAAM,YAAA,GAA4B;AAAA,EACvC,IAAI,SAAA,GAAY;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,SAAS,CAAA;AAAA,EAAG,CAAA;AAAA,EAChE,IAAI,YAAA,GAAe;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,YAAY,CAAA;AAAA,EAAG,CAAA;AAAA,EACtE,IAAI,KAAA,GAAQ;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,KAAK,CAAA;AAAA,EAAG,CAAA;AAAA,EACxD,IAAI,WAAA,GAAc;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,WAAW,CAAA;AAAA,EAAG,CAAA;AAAA,EACpE,IAAI,YAAA,GAAe;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,YAAY,CAAA;AAAA,EAAG,CAAA;AAAA,EACtE,IAAI,SAAA,GAAY;AAAE,IAAA,OAAO,aAAA,CAAc,aAAa,SAAS,CAAA;AAAA,EAAG;AAClE,CAAA;AAEO,SAAS,gBAAA,GAAyB;AAEvC,EAAA,MAAM,WAAA,GAAc;AAAA,IAClB,YAAA,CAAa,WAAA;AAAA,IACb,YAAA,CAAa,YAAA;AAAA,IACb,YAAA,CAAa,SAAA;AAAA,IACb,YAAA,CAAa,YAAA;AAAA,IACb,YAAA,CAAa,KAAA;AAAA,IACb,cAAc,oBAAoB,CAAA;AAAA,IAClC,cAAc,cAAc,CAAA;AAAA,IAC5B,cAAc,iBAAiB,CAAA;AAAA,IAC/B,cAAc,gBAAgB,CAAA;AAAA,IAC9B,cAAc,sBAAsB;AAAA,GACtC;AACA,EAAA,KAAA,MAAW,GAAA,IAAO,WAAA,EAAa,aAAA,CAAc,GAAG,CAAA;AAClD;AAEO,SAAS,uBAAA,GAAgC;AAC9C,EAAA,gBAAA,EAAiB;AACnB;AAEO,SAAS,eAAA,GAAwB;AACtC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI;AACF,IAAA,OAAA,EAAS,cAAc,YAAA,EAAa;AAAA,EACtC,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAEO,SAAS,eAAA,GAAwB;AACtC,EAAA,gBAAA,EAAiB;AACjB,EAAA,eAAA,EAAgB;AAClB;AAEO,SAAS,cAAA,GAAgC;AAC9C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,WAAA,IAAe,IAAA;AAAA,EAC3B;AACA,EAAA,OAAO,UAAA,CAAW,aAAa,WAAW,CAAA;AAC5C;AAEO,SAAS,eAAA,GAAiC;AAC/C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,YAAA,IAAgB,IAAA;AAAA,EAC5B;AACA,EAAA,OAAO,UAAA,CAAW,aAAa,YAAY,CAAA;AAC7C;AAEO,SAAS,YAAA,GAA8B;AAC5C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,MAAM,CAAA,GAAI,QAAQ,aAAA,EAAc;AAChC,IAAA,OAAO,GAAG,SAAA,IAAa,IAAA;AAAA,EACzB;AACA,EAAA,MAAM,SAAA,GAAY,UAAA,CAAW,YAAA,CAAa,SAAS,CAAA;AACnD,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,MAAM,SAAA,GAAY,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA;AACxC,EAAA,OAAO,KAAA,CAAM,SAAS,CAAA,GAAI,IAAA,GAAO,SAAA;AACnC;AAEO,SAAS,oBAAA,GAAgC;AAC9C,EAAA,MAAM,YAAY,YAAA,EAAa;AAC/B,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AACvB,EAAA,MAAM,SAAS,EAAA,GAAK,GAAA;AACpB,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,IAAK,SAAA,GAAY,MAAA;AACnC;AAEO,SAAS,eAAA,GAAiC;AAC/C,EAAA,OAAO,UAAA,CAAW,aAAa,YAAY,CAAA;AAC7C;AACO,SAAS,QAAA,GAA0B;AACxC,EAAA,OAAO,UAAA,CAAW,aAAa,KAAK,CAAA;AACtC;AACO,SAAS,YAAA,GAA8B;AAC5C,EAAA,OAAO,UAAA,CAAW,aAAa,SAAS,CAAA;AAC1C;AACO,SAAS,aAAa,SAAA,EAAyB;AACpD,EAAA,UAAA,CAAW,YAAA,CAAa,WAAW,SAAS,CAAA;AAC9C;;;AC1GA,SAAS,KAAA,GAAiB;AACxB,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,MAAM,QAAA,GAAW,OAAO,QAAA,CAAS,QAAA;AACjC,EAAA,OACE,aAAa,WAAA,IACb,QAAA,KAAa,WAAA,IACb,QAAA,KAAa,WACb,QAAA,CAAS,UAAA,CAAW,UAAU,CAAA,IAC9B,SAAS,UAAA,CAAW,KAAK,CAAA,IACzB,QAAA,CAAS,SAAS,QAAQ,CAAA;AAE9B;AAEA,IAAM,SAAN,MAAa;AAAA,EAAb,WAAA,GAAA;AACE,IAAA,IAAA,CAAQ,MAAA,GAAS,8BAAA;AAAA,EAAA;AAAA,EAET,GAAA,CAAI,KAAA,EAAiB,OAAA,EAAiB,IAAA,EAAsB;AAClE,IAAA,MAAM,SAAA,GAAA,iBAAY,IAAI,IAAA,EAAK,EAAE,WAAA,EAAY;AACzC,IAAA,MAAM,UAAA,GAAa,CAAA,EAAG,IAAA,CAAK,MAAM,CAAA,EAAA,EAAK,SAAS,CAAA,GAAA,EAAM,KAAA,CAAM,WAAA,EAAa,CAAA,EAAA,EAAK,OAAO,CAAA,CAAA;AAEpF,IAAA,QAAQ,KAAA;AAAO,MACb,KAAK,MAAA;AACH,QAAA,OAAA,CAAQ,GAAA,CAAI,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AAClC,QAAA;AAAA,MACF,KAAK,MAAA;AACH,QAAA,OAAA,CAAQ,IAAA,CAAK,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AACnC,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,OAAA,CAAQ,KAAA,CAAM,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AACpC,QAAA;AAAA,MACF,KAAK,OAAA;AACH,QAAA,IAAI,OAAM,EAAG;AACX,UAAA,OAAA,CAAQ,KAAA,CAAM,UAAA,EAAY,IAAA,IAAQ,EAAE,CAAA;AAAA,QACtC;AACA,QAAA;AAAA;AACJ,EACF;AAAA,EAEA,IAAA,CAAK,SAAiB,IAAA,EAAsB;AAC1C,IAAA,IAAA,CAAK,GAAA,CAAI,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,IAAA,CAAK,SAAiB,IAAA,EAAsB;AAC1C,IAAA,IAAA,CAAK,GAAA,CAAI,MAAA,EAAQ,OAAA,EAAS,IAAI,CAAA;AAAA,EAChC;AAAA,EAEA,KAAA,CAAM,SAAiB,IAAA,EAAsB;AAC3C,IAAA,IAAA,CAAK,GAAA,CAAI,OAAA,EAAS,OAAA,EAAS,IAAI,CAAA;AAAA,EACjC;AAAA,EAEA,KAAA,CAAM,SAAiB,IAAA,EAAsB;AAC3C,IAAA,IAAA,CAAK,GAAA,CAAI,OAAA,EAAS,OAAA,EAAS,IAAI,CAAA;AAAA,EACjC;AACF,CAAA;AAEO,IAAM,MAAA,GAAS,IAAI,MAAA,EAAO;;;AC/CjC,IAAI,iBAA4B,EAAC;AAGjC,IAAI,kBAAA,GAA2E,IAAA;AAE/E,IAAM,YAAA,GAAe,4BAAA;AACrB,IAAM,QAAA,GAAW,+BAAA;AAEV,SAAS,UAAU,SAAA,EAAqC;AAC7D,EAAA,cAAA,GAAiB,EAAE,GAAG,cAAA,EAAgB,GAAG,SAAA,EAAU;AACrD;AAEO,SAAS,oBAAA,GAA6B;AAC3C,EAAA,cAAA,GAAiB,EAAC;AACpB;AAEO,SAAS,sBACd,EAAA,EACM;AACN,EAAA,kBAAA,GAAqB,EAAA;AACvB;AAEA,SAAS,cAAA,GAA4B;AACnC,EAAA,MAAM,MAAiB,EAAC;AACxB,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,MAAA,CAAO,oBAAA,EAAsB;AAChE,MAAA,MAAA,CAAO,MAAA,CAAO,GAAA,EAAK,MAAA,CAAO,oBAAoB,CAAA;AAAA,IAChD;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,IAAI;AACF,IAAA,MAAM,eAAe,kBAAA,IAAqB;AAC1C,IAAA,IAAI,YAAA,IAAgB,OAAO,YAAA,KAAiB,QAAA,EAAU;AACpD,MAAA,MAAA,CAAO,MAAA,CAAO,KAAK,YAAY,CAAA;AAAA,IACjC;AAAA,EACF,SAAS,CAAA,EAAG;AACV,IAAA,MAAA,CAAO,KAAK,mCAAA,EAAqC;AAAA,MAC/C,OAAO,CAAA,YAAa,KAAA,GAAQ,CAAA,CAAE,OAAA,GAAU,OAAO,CAAC;AAAA,KACjD,CAAA;AAAA,EACH;AACA,EAAA,OAAO,GAAA;AACT;AAEA,SAAS,sBAAA,GAAoC;AAC3C,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,UAAA,CAAW,aAAA,CAAc,aAAa,CAAC,CAAA;AACnD,IAAA,IAAI,CAAC,GAAA,EAAK,OAAO,EAAC;AAClB,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAC7B,IAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,SAAiB,EAAC;AACnD,IAAA,MAAM,EAAE,CAAC,YAAY,GAAG,EAAA,EAAI,CAAC,QAAQ,GAAG,EAAA,EAAI,GAAG,IAAA,EAAK,GAAI,MAAA;AAExD,IAAA,IAAI,CAAC,IAAA,CAAK,QAAA,IAAY,OAAO,IAAA,CAAK,cAAc,QAAA,IAAY,IAAA,CAAK,SAAA,CAAU,IAAA,EAAK,EAAG;AACjF,MAAA,IAAA,CAAK,QAAA,GAAW,IAAA,CAAK,SAAA,CAAU,IAAA,EAAK;AAAA,IACtC;AACA,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAC;AAAA,EACV;AACF;AAMO,SAAS,iBAAiB,SAAA,EAA2C;AAC1E,EAAA,MAAM,SAAS,sBAAA,EAAuB;AACtC,EAAA,MAAM,SAAS,cAAA,EAAe;AAC9B,EAAA,OAAO;AAAA,IACL,GAAG,MAAA;AAAA,IACH,GAAG,MAAA;AAAA,IACH,GAAG,cAAA;AAAA,IACH,GAAI,aAAa;AAAC,GACpB;AACF;AAcA,SAAS,eAAe,CAAA,EAAgC;AACtD,EAAA,IAAI,CAAA,IAAK,MAAM,OAAO,MAAA;AACtB,EAAA,MAAM,CAAA,GAAI,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK;AACzB,EAAA,OAAO,CAAA,IAAK,MAAA;AACd;AAKO,SAAS,sBAAsB,SAAA,EAAgD;AACpF,EAAA,MAAM,SAAS,sBAAA,EAAuB;AACtC,EAAA,MAAM,SAAS,cAAA,EAAe;AAC9B,EAAA,MAAM,MAAA,GAAuD;AAAA,IAC3D,EAAE,GAAA,EAAK,eAAA,EAAiB,GAAA,EAAK,MAAA,EAAO;AAAA,IACpC,EAAE,GAAA,EAAK,aAAA,EAAe,GAAA,EAAK,MAAA,EAAO;AAAA,IAClC,EAAE,GAAA,EAAK,QAAA,EAAU,GAAA,EAAK,cAAA;AAAe,GACvC;AACA,EAAA,IAAI,SAAA,IAAa,MAAA,CAAO,IAAA,CAAK,SAAS,EAAE,MAAA,EAAQ;AAC9C,IAAA,MAAA,CAAO,KAAK,EAAE,GAAA,EAAK,UAAA,EAAY,GAAA,EAAK,WAAW,CAAA;AAAA,EACjD;AAEA,EAAA,MAAM,IAAA,GAAO,CAAC,GAAA,KAAwD;AACpE,IAAA,KAAA,IAAS,IAAI,MAAA,CAAO,MAAA,GAAS,CAAA,EAAG,CAAA,IAAK,GAAG,CAAA,EAAA,EAAK;AAC3C,MAAA,MAAM,IAAI,cAAA,CAAe,MAAA,CAAO,CAAC,CAAA,CAAE,GAAA,CAAI,GAAG,CAAC,CAAA;AAC3C,MAAA,IAAI,CAAA,KAAM,MAAA,EAAW,OAAO,MAAA,CAAO,CAAC,CAAA,CAAE,GAAA;AAAA,IACxC;AACA,IAAA,OAAO,MAAA;AAAA,EACT,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,UAAA,EAAY,IAAA,CAAK,YAAY,CAAA,IAAK,KAAK,WAAW,CAAA;AAAA,IAClD,SAAA,EAAW,IAAA,CAAK,WAAW,CAAA,IAAK,KAAK,YAAY,CAAA;AAAA,IACjD,UAAA,EAAY,KAAK,YAAY,CAAA;AAAA,IAC7B,aAAA,EAAe,KAAK,eAAe,CAAA;AAAA,IACnC,WAAA,EAAa,KAAK,aAAa,CAAA;AAAA,IAC/B,UAAA,EAAY,KAAK,YAAY,CAAA;AAAA,IAC7B,QAAA,EAAU,KAAK,UAAU,CAAA;AAAA,IACzB,QAAA,EAAU,KAAK,UAAU,CAAA;AAAA,IACzB,KAAA,EAAO,KAAK,OAAO;AAAA,GACrB;AACF;AAEO,SAAS,uBAAuB,SAAA,EAAwC;AAC7E,EAAA,MAAM,GAAA,GAAM,iBAAiB,SAAS,CAAA;AACtC,EAAA,MAAM,CAAA,GACJ,cAAA,CAAe,GAAA,CAAI,UAAU,CAAA,IAC7B,cAAA,CAAe,GAAA,CAAI,SAAS,CAAA,IAC5B,cAAA,CAAe,GAAA,CAAI,UAAU,CAAA,IAC7B,EAAA;AACF,EAAA,OAAO,CAAA;AACT;AAGO,IAAM,qBAAA,GAAwB;AAErC,SAAS,KAAK,CAAA,EAAoB;AAChC,EAAA,OAAO,KAAK,IAAA,GAAO,EAAA,GAAK,MAAA,CAAO,CAAC,EAAE,IAAA,EAAK;AACzC;AAEO,SAAS,iBAAiB,GAAA,EAAgC;AAC/D,EAAA,MAAM,MAAA,GAAS,EAAE,GAAG,GAAA,EAAI;AACxB,EAAA,IAAI,CAAC,MAAA,CAAO,UAAA,IAAc,MAAA,CAAO,SAAA,EAAW;AAC1C,IAAA,MAAA,CAAO,aAAa,MAAA,CAAO,SAAA;AAAA,EAC7B;AACA,EAAA,MAAM,WAAW,IAAA,CAAK,MAAA,CAAO,QAAQ,CAAA,IAAK,IAAA,CAAK,OAAO,UAAU,CAAA;AAEhE,EAAA,OAAO;AAAA,IACL,UAAA,EAAY,IAAA,CAAK,MAAA,CAAO,UAAU,CAAA;AAAA,IAClC,aAAA,EAAe,IAAA,CAAK,MAAA,CAAO,aAAa,CAAA;AAAA,IACxC,aAAa,IAAA,CAAK,MAAA,CAAO,WAAW,CAAA,IAAK,IAAA,CAAK,OAAO,WAAW,CAAA;AAAA,IAChE,UAAA,EAAY,IAAA,CAAK,MAAA,CAAO,UAAU,CAAA;AAAA,IAClC,UAAA,EAAY,IAAA,CAAK,MAAA,CAAO,UAAU,CAAA;AAAA,IAClC,KAAA,EAAO,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA;AAAA,IACxB,QAAA;AAAA,IACA,QAAA,EAAU,IAAA,CAAK,MAAA,CAAO,QAAQ;AAAA,GAChC;AACF;AAQO,IAAM,eAAA,GAAN,cAA8B,KAAA,CAAM;AAAA,EAGzC,WAAA,CAAY,SAAmB,OAAA,EAAkB;AAC/C,IAAA,KAAA;AAAA,MACE,OAAA,IACE,CAAA,mDAAA,EAAsD,OAAA,CAAQ,IAAA,CAAK,IAAI,CAAC,CAAA,0IAAA;AAAA,KAE5E;AAPF,IAAA,IAAA,CAAS,IAAA,GAAO,qBAAA;AAQd,IAAA,IAAA,CAAK,IAAA,GAAO,iBAAA;AACZ,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA;AAAA,EACjB;AACF;AAEO,SAAS,cAAc,SAAA,EAAgD;AAC5E,EAAA,OAAO,gBAAA,CAAiB,gBAAA,CAAiB,SAAS,CAAC,CAAA;AACrD;AAEO,SAAS,cAAc,OAAA,EAAgD;AAC5E,EAAA,MAAM,QAAA,GAAW,gBAAA,CAAiB,gBAAA,CAAiB,OAAA,EAAS,SAAS,CAAC,CAAA;AACtE,EAAA,IAAI,SAAS,MAAA,EAAQ;AACnB,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,IAAI,CAAC,QAAA,CAAS,aAAA,EAAe,OAAA,CAAQ,KAAK,eAAe,CAAA;AACzD,IAAA,IAAI,CAAC,QAAA,CAAS,WAAA,EAAa,OAAA,CAAQ,KAAK,aAAa,CAAA;AACrD,IAAA,IAAI,CAAC,QAAA,CAAS,UAAA,EAAY,OAAA,CAAQ,KAAK,sBAAsB,CAAA;AAC7D,IAAA,IAAI,OAAA,CAAQ,MAAA,EAAQ,MAAM,IAAI,gBAAgB,OAAO,CAAA;AAAA,EACvD;AACA,EAAA,OAAO,QAAA;AACT;AASO,SAAS,6BAAA,GAAsC;AACpD,EAAA,MAAM,IAAI,gBAAA,EAAiB;AAC3B,EAAA,MAAM,QAA4B,EAAC;AACnC,EAAA,MAAM,IAAA,GAAO;AAAA,IACX,YAAA;AAAA,IACA,eAAA;AAAA,IACA,aAAA;AAAA,IACA,aAAA;AAAA,IACA,YAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,UAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,KAAA,MAAW,KAAK,IAAA,EAAM;AACpB,IAAA,MAAM,CAAA,GAAI,EAAE,CAAC,CAAA;AACb,IAAA,IAAI,KAAK,IAAA,IAAQ,MAAA,CAAO,CAAC,CAAA,CAAE,MAAK,EAAG;AACjC,MAAC,MAAiC,CAAC,CAAA,GAAI,MAAA,CAAO,CAAC,EAAE,IAAA,EAAK;AAAA,IACxD;AAAA,EACF;AACA,EAAA,IAAI,OAAO,IAAA,CAAK,KAAK,CAAA,CAAE,MAAA,uBAA6B,KAAK,CAAA;AAC3D;AAEO,SAAS,qBAAqB,OAAA,EAAmC;AACtE,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,cAAc,aAAa,CAAA;AACvC,IAAA,MAAM,GAAA,GAAM,WAAW,GAAG,CAAA;AAC1B,IAAA,IAAI,WAAoC,EAAC;AACzC,IAAA,IAAI;AACF,MAAA,IAAI,GAAA,EAAK,QAAA,GAAW,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAAA,IACpC,CAAA,CAAA,MAAQ;AACN,MAAA,QAAA,GAAW,EAAC;AAAA,IACd;AACA,IAAA,MAAM,IAAA,GAAO;AAAA,MACX,GAAG,QAAA;AAAA,MACH,GAAG,OAAA;AAAA,MACH,CAAC,YAAY,GAAG,IAAA;AAAA,MAChB,CAAC,QAAQ,GAAA,iBAAG,IAAI,IAAA,IAAO,WAAA;AAAY,KACrC;AACA,IAAA,UAAA,CAAW,GAAA,EAAK,IAAA,CAAK,SAAA,CAAU,IAAI,CAAC,CAAA;AACpC,IAAA,MAAA,CAAO,MAAM,wDAAA,EAA0D;AAAA,MACrE,IAAA,EAAM,MAAA,CAAO,IAAA,CAAK,OAAO;AAAA,KAC1B,CAAA;AAAA,EACH,SAAS,CAAA,EAAG;AACV,IAAA,MAAA,CAAO,KAAK,4CAAA,EAA8C;AAAA,MACxD,OAAO,CAAA,YAAa,KAAA,GAAQ,CAAA,CAAE,OAAA,GAAU,OAAO,CAAC;AAAA,KACjD,CAAA;AAAA,EACH;AACF;AAKO,SAAS,UAAA,CAAW,QAA4B,IAAA,EAA6C;AAClG,EAAA,SAAA,CAAU,MAAM,CAAA;AAChB,EAAA,MAAA,CAAO,KAAK,mDAAA,EAAgD;AAAA,IAC1D,gBAAA,EAAkB,MAAM,gBAAA,KAAqB,KAAA;AAAA,IAC7C,UAAA,EAAY,MAAA,CAAO,UAAA,IAAc,MAAA,CAAO,SAAA,IAAa;AAAA,GACtD,CAAA;AACD,EAAA,IAAI,IAAA,EAAM,qBAAqB,KAAA,EAAO;AACpC,IAAA,oBAAA,CAAqB,MAAM,CAAA;AAAA,EAC7B;AACF;AAEO,SAAS,wBAAA,CAAyB,SAAiB,SAAA,EAAsC;AAC9F,EAAA,MAAM,OAAA,GAAU,sBAAsB,SAAS,CAAA;AAC/C,EAAA,MAAA,CAAO,KAAA,CAAM,CAAA,SAAA,EAAY,OAAO,CAAA,CAAA,EAAI;AAAA,IAClC,YAAA,EAAc,OAAA;AAAA,IACd,mBAAA,EAAqB,sBAAA,CAAuB,SAAS,CAAA,IAAK,SAAA;AAAA,IAC1D,gBAAA,EAAkB,CAAC,CAAC,gBAAA,CAAiB,SAAS,CAAA,CAAE,aAAA;AAAA,IAChD,cAAA,EAAgB,CAAC,CAAC,gBAAA,CAAiB,SAAS,CAAA,CAAE;AAAA,GAC/C,CAAA;AACH;;;ACvSA,SAASA,MAAK,CAAA,EAA2B;AACvC,EAAA,IAAI,CAAA,IAAK,MAAM,OAAO,IAAA;AACtB,EAAA,MAAM,CAAA,GAAI,MAAA,CAAO,CAAC,CAAA,CAAE,IAAA,EAAK;AACzB,EAAA,OAAO,CAAA,IAAK,IAAA;AACd;AAMA,SAAS,6BAA6B,GAAA,EAAmC;AACvE,EAAA,IAAI,CAAC,KAAK,OAAO,IAAA;AACjB,EAAA,IAAI,CAAA,GAAI,IAAI,IAAA,EAAK;AACjB,EAAA,IAAI,CAAC,GAAG,OAAO,IAAA;AACf,EAAA,IAAI,CAAA,CAAE,WAAA,EAAY,CAAE,UAAA,CAAW,SAAS,CAAA,EAAG;AACzC,IAAA,CAAA,GAAI,CAAA,CAAE,KAAA,CAAM,SAAA,CAAU,MAAM,EAAE,IAAA,EAAK;AAAA,EACrC;AACA,EAAA,OAAO,CAAA,IAAK,IAAA;AACd;AAOO,SAAS,WAAA,GAA6B;AAC3C,EAAA,MAAM,IAAI,gBAAA,EAAiB;AAC3B,EAAA,MAAM,MAAA,GAAS,4BAAA,CAA6BA,KAAAA,CAAK,CAAA,CAAE,QAAQ,CAAC,CAAA;AAC5D,EAAA,IAAI,QAAQ,OAAO,MAAA;AACnB,EAAA,OAAO,4BAAA,CAA6BA,KAAAA,CAAK,CAAA,CAAE,UAAU,CAAC,CAAA;AACxD;AAGO,SAAS,mCAAmC,GAAA,EAA+C;AAChG,EAAA,OAAO,4BAAA,CAA6BA,KAAAA,CAAK,GAAG,CAAC,CAAA;AAC/C;AAEO,SAAS,cAAA,GAAgC;AAC9C,EAAA,MAAM,IAAI,gBAAA,EAAiB;AAC3B,EAAA,OAAOA,MAAK,CAAA,CAAE,WAAW,CAAA,IAAKA,KAAAA,CAAK,EAAE,WAAW,CAAA;AAClD;AAEO,SAAS,WAAA,GAA6B;AAC3C,EAAA,OAAOA,KAAAA,CAAK,gBAAA,EAAiB,CAAE,QAAQ,CAAA;AACzC;;;AC5CA,SAAS,oBAAoB,QAAA,EAA2B;AACtD,EAAA,OAAO,QAAA,KAAa,WAAA,IAAe,QAAA,KAAa,WAAA,IAC9C,SAAS,UAAA,CAAW,UAAU,CAAA,IAAK,QAAA,CAAS,UAAA,CAAW,KAAK,CAAA,IAAK,QAAA,CAAS,WAAW,SAAS,CAAA;AAClG;AAEA,SAASC,MAAAA,GAAiB;AACxB,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,KAAA;AAC1C,EAAA,OAAO,mBAAA,CAAoB,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AACrD;AAEO,SAAS,YAAA,CAAa,iBAA0B,IAAA,EAAY;AACjE,EAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AAEnC,EAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,QAAA,CAAS,QAAA,KAAa,WAAA,IACrD,OAAO,QAAA,CAAS,QAAA,KAAa,WAAA,IAC7B,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,WAAW,UAAU,CAAA,IAC9C,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,UAAA,CAAW,KAAK,CAAA,IACzC,MAAA,CAAO,QAAA,CAAS,QAAA,CAAS,UAAA,CAAW,SAAS,CAAA;AAG/C,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAA,KAAa,OAAA;AAE5C,EAAA,IAAI,cAAA,IAAkB,qBAAqB,MAAA,EAAQ;AACjD,IAAA,MAAA,CAAO,MAAM,2CAA2C,CAAA;AACxD,IAAA;AAAA,EACF;AAEA,EAAA,IAAI,MAAA,IAAU,CAAC,iBAAA,EAAmB;AAChC,IAAA,MAAM,KAAA,GAAQ,IAAI,KAAA,CAAM,oFAAoF,CAAA;AAC5G,IAAA,MAAA,CAAO,MAAM,0BAAA,EAA4B;AAAA,MACvC,QAAA,EAAU,OAAO,QAAA,CAAS,QAAA;AAAA,MAC1B,QAAA,EAAU,OAAO,QAAA,CAAS;AAAA,KAC3B,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AAEA,EAAA,MAAA,CAAO,MAAM,oBAAA,EAAsB,EAAE,UAAU,MAAA,CAAO,QAAA,CAAS,UAAU,CAAA;AAC3E;AAEO,SAAS,oBAAA,CAAqB,OAAgB,cAAA,EAAgC;AACnF,EAAA,IAAIA,QAAM,EAAG;AACX,IAAA,IAAI,KAAA,YAAiB,KAAA,EAAO,OAAO,KAAA,CAAM,OAAA;AACzC,IAAA,OAAO,OAAO,KAAK,CAAA;AAAA,EACrB;AACA,EAAA,OAAO,cAAA;AACT;AAEO,IAAM,cAAA,GAAN,cAA6B,KAAA,CAAM;AAAA,EAIxC,WAAA,CAAY,IAAA,EAAc,cAAA,EAAwB,aAAA,EAAyB;AACzE,IAAA,KAAA,CAAM,cAAc,CAAA;AACpB,IAAA,IAAA,CAAK,IAAA,GAAO,gBAAA;AACZ,IAAA,IAAA,CAAK,IAAA,GAAO,IAAA;AACZ,IAAA,IAAIA,MAAAA,EAAM,IAAK,aAAA,YAAyB,KAAA,EAAO;AAC7C,MAAA,IAAA,CAAK,kBAAkB,aAAA,CAAc,OAAA;AAAA,IACvC;AAAA,EACF;AACF;;;AC/BO,SAAS,0BAA0B,KAAA,EAA8C;AACtF,EAAA,MAAM;AAAA,IACJ,GAAA;AAAA,IACA,UAAA,EAAAC,WAAAA;AAAA,IACA,aAAA,EAAAC,cAAAA;AAAA,IACA,aAAA;AAAA,IACA,QAAA;AAAA,IACA,eAAA;AAAA,IACA;AAAA,GACF,GAAI,KAAA;AAEJ,EAAA,MAAM,iBAAA,GAAoBD,WAAAA,CAAW,oBAAoB,CAAA,KAAM,MAAA;AAC/D,EAAA,MAAM,cAAA,GAAiBA,WAAAA,CAAW,iBAAiB,CAAA,KAAM,MAAA;AAEzD,EAAA,IAAIC,cAAAA,CAAc,GAAG,CAAA,EAAG,OAAO,qBAAA;AAC/B,EAAA,IAAI,eAAe,OAAO,eAAA;AAC1B,EAAA,IAAI,iBAAA,IAAqB,CAAC,QAAA,EAAU,OAAO,gBAAA;AAC3C,EAAA,IAAI,QAAA,IAAY,cAAA,IAAkB,eAAA,EAAiB,OAAO,eAAA;AAC1D,EAAA,IAAI,QAAA,IAAY,cAAA,IAAkB,CAAC,eAAA,EAAiB,OAAO,gBAAA;AAC3D,EAAA,IAAI,gBAAgB,OAAO,eAAA;AAE3B,EAAA,OAAO,gBAAA;AACT;;;ACnDA,IAAM,kBAAA,GAAqB,GAAA;AAE3B,IAAI,mBAAA,GAAsB,KAAA;AAC1B,IAAI,kBAAA,GAAqB,CAAA;AAEzB,IAAI,kBAAA,GAAqB,KAAA;AAEzB,IAAI,cAAA,GAAiB,KAAA;AACrB,IAAI,aAAA,GAAgB,CAAA;AAEb,SAAS,qBAAA,GAAiC;AAC/C,EAAA,IAAI,CAAC,qBAAqB,OAAO,KAAA;AACjC,EAAA,IAAI,CAAC,oBAAoB,OAAO,IAAA;AAChC,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,GAAI,kBAAA,GAAqB,kBAAA;AAC3C;AAEO,SAAS,sBAAA,GAA+B;AAC7C,EAAA,mBAAA,GAAsB,IAAA;AACtB,EAAA,kBAAA,GAAqB,KAAK,GAAA,EAAI;AAChC;AAEO,SAAS,wBAAA,GAAiC;AAC/C,EAAA,mBAAA,GAAsB,KAAA;AACtB,EAAA,kBAAA,GAAqB,CAAA;AACvB;AAEO,SAAS,oBAAA,GAAgC;AAC9C,EAAA,OAAO,kBAAA;AACT;AAEO,SAAS,qBAAA,GAA8B;AAC5C,EAAA,kBAAA,GAAqB,IAAA;AACvB;AAEO,SAAS,uBAAA,GAAgC;AAC9C,EAAA,kBAAA,GAAqB,KAAA;AACvB;AAEO,SAAS,gBAAA,GAA4B;AAC1C,EAAA,OAAO,cAAA;AACT;AAMO,SAAS,iBAAA,GAA0B;AACxC,EAAA,cAAA,GAAiB,IAAA;AACjB,EAAA,aAAA,GAAgB,KAAK,GAAA,EAAI;AAC3B;AAEO,SAAS,mBAAA,GAA4B;AAC1C,EAAA,cAAA,GAAiB,KAAA;AACjB,EAAA,aAAA,GAAgB,CAAA;AAClB;AAEO,SAAS,eAAA,CAAgB,cAAsB,GAAA,EAAe;AACnE,EAAA,IAAI,CAAC,eAAe,OAAO,IAAA;AAC3B,EAAA,OAAO,IAAA,CAAK,GAAA,EAAI,GAAI,aAAA,GAAgB,WAAA;AACtC;AAGO,SAAS,cAAA,GAAuB;AACrC,EAAA,mBAAA,EAAoB;AACtB;AAEO,SAAS,YAAA,GAAqB;AACnC,EAAA,iBAAA,EAAkB;AACpB;;;ACtEO,IAAM,cAAA,GAAiB;AAAA,EAC5B,aAAA,EAAe,eAAA;AAAA,EACf,aAAA,EAAe,eAAA;AAAA,EACf,YAAA,EAAc,cAAA;AAAA,EACd,gBAAA,EAAkB,kBAAA;AAAA,EAClB,eAAA,EAAiB,iBAAA;AAAA,EACjB,qBAAA,EAAuB,uBAAA;AAAA,EACvB,oBAAA,EAAsB,sBAAA;AAAA,EACtB,eAAA,EAAiB,iBAAA;AAAA,EACjB,gBAAA,EAAkB,kBAAA;AAAA,EAClB,wBAAA,EAA0B,0BAAA;AAAA,EAC1B,kBAAA,EAAoB;AACtB;AAgBA,IAAI,SAAA,uBAA6B,GAAA,EAAI;AAErC,SAAS,YAAY,KAAA,EAA6C;AAChE,EAAA,IAAI,GAAA,GAAM,SAAA,CAAU,GAAA,CAAI,KAAK,CAAA;AAC7B,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,GAAA,uBAAU,GAAA,EAAI;AACd,IAAA,SAAA,CAAU,GAAA,CAAI,OAAO,GAAG,CAAA;AAAA,EAC1B;AACA,EAAA,OAAO,GAAA;AACT;AAEA,SAAS,mBAAA,GAA6C;AACpD,EAAA,IAAI,GAAA,GAAM,SAAA,CAAU,GAAA,CAAI,GAAG,CAAA;AAC3B,EAAA,IAAI,CAAC,GAAA,EAAK;AACR,IAAA,GAAA,uBAAU,GAAA,EAAI;AACd,IAAA,SAAA,CAAU,GAAA,CAAI,KAAK,GAAG,CAAA;AAAA,EACxB;AACA,EAAA,OAAO,GAAA;AACT;AAEO,SAAS,aAAA,CAAc,OAAsB,OAAA,EAAkC;AACpF,EAAA,MAAM,QAAA,GAAW,YAAY,KAAK,CAAA;AAClC,EAAA,MAAM,WAAW,mBAAA,EAAoB;AACrC,EAAA,MAAM,CAAA,GAAI,WAAW,EAAC;AACtB,EAAA,QAAA,CAAS,OAAA,CAAQ,CAAC,EAAA,KAAO;AACvB,IAAA,IAAI;AACF,MAAA,EAAA,CAAG,CAAC,CAAA;AAAA,IACN,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF,CAAC,CAAA;AACD,EAAA,QAAA,CAAS,OAAA,CAAQ,CAAC,EAAA,KAAO;AACvB,IAAA,IAAI;AACF,MAAA,EAAA,CAAG,EAAE,GAAG,CAAA,EAAG,KAAA,EAAO,CAAA;AAAA,IACpB,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF,CAAC,CAAA;AACH;AAEO,SAAS,kBAAA,CACd,OACA,OAAA,EACY;AACZ,EAAA,MAAM,MAAM,KAAA,KAAU,GAAA,GAAM,mBAAA,EAAoB,GAAI,YAAY,KAAK,CAAA;AACrE,EAAA,GAAA,CAAI,IAAI,OAAO,CAAA;AACf,EAAA,OAAO,MAAM,GAAA,CAAI,MAAA,CAAO,OAAO,CAAA;AACjC;;;AC3EO,IAAM,eAAA,GAAkB;AAAA,EAC7B,MAAA,EAAQ,sBAAA;AAAA,EACR,aAAA,EAAe,MAAA;AAAA,EACf,qBAAA,EAAuB,MAAA;AAAA,EACvB,gBAAA,EAAkB,oBAAA;AAAA,EAClB,kBAAA,EAAoB;AACtB;AAEO,IAAM,kBAAA,GAAqB;AAE3B,IAAMC,aAAAA,GAAe;AAAA,EAC1B,aAAA,EAAe,GAAG,kBAAkB,CAAA,eAAA,CAAA;AAAA,EACpC,QAAA,EAAU,GAAG,kBAAkB,CAAA,SAAA,CAAA;AAAA,EAC/B,WAAA,EAAa,GAAG,kBAAkB,CAAA,YAAA,CAAA;AAAA,EAClC,QAAA,EAAU,GAAG,kBAAkB,CAAA,SAAA,CAAA;AAAA,EAC/B,YAAA,EAAc,GAAG,kBAAkB,CAAA,aAAA,CAAA;AAAA,EACnC,KAAA,EAAO,GAAG,kBAAkB,CAAA,KAAA,CAAA;AAAA,EAC5B,WAAA,EAAa,GAAG,kBAAkB,CAAA,YAAA,CAAA;AAAA,EAClC,YAAA,EAAc,GAAG,kBAAkB,CAAA,aAAA,CAAA;AAAA,EACnC,SAAA,EAAW,GAAG,kBAAkB,CAAA,UAAA;AAClC;AAE8B,eAAA,CAAgB;AACvC,IAAM,wBAAwB,eAAA,CAAgB,aAAA;AAC9C,IAAM,gCAAgC,eAAA,CAAgB,qBAAA;AACtD,IAAM,2BAA2B,eAAA,CAAgB,gBAAA;AACjD,IAAM,6BAA6B,eAAA,CAAgB,kBAAA;;;AC2BnD,SAASC,eAAc,OAAA,EAA0E;AACtG,EAAA,OAAO,cAAsB,OAAO,CAAA;AACtC;AAGO,SAAS,kBAAkB,SAAA,EAAgD;AAChF,EAAA,OAAO,aAAA,CAAsB,EAAE,MAAA,EAAQ,IAAA,EAAM,WAAW,CAAA;AAC1D;AAEO,SAAS,SAAA,GAA4B;AAC1C,EAAA,OAAO,aAAA,EAAc;AACvB;AAEO,SAASC,eAAAA,GAAyB;AACvC,EAAA,MAAM,MAAM,aAAA,EAAc;AAC1B,EAAA,IAAI,GAAA,CAAI,WAAA,EAAa,OAAO,GAAA,CAAI,WAAA;AAChC,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,SAAoB,CAAA,EAAG,MAAA,CAAO,SAAS,MAAM,CAAA,SAAA,CAAA;AACnE,EAAA,OAAO,EAAA;AACT;AAOO,IAAM,MAAA,GAAS;AAAA,EACpB,aAAA,GAAwB;AACtB,IAAA,OAAO,eAAc,CAAE,UAAA;AAAA,EACzB,CAAA;AAAA,EAEA,gBAAA,GAA2B;AACzB,IAAA,OAAO,eAAc,CAAE,aAAA;AAAA,EACzB,CAAA;AAAA,EAEA,aAAA,GAAwB;AACtB,IAAA,OAAO,eAAc,CAAE,UAAA;AAAA,EACzB,CAAA;AAAA,EAEA,cAAA,GAAyB;AACvB,IAAA,OAAOA,eAAAA,EAAe;AAAA,EACxB,CAAA;AAAA,EAEA,MAAA,GAAyB;AACvB,IAAA,OAAO,aAAA,EAAc;AAAA,EACvB;AACF;AAKO,SAAS,wBAAA,CAAyB,WAAmB,IAAA,EAA6C;AACvG,EAAA,MAAM,CAAA,GAAI,UAAU,IAAA,EAAK;AACzB,EAAA,IAAI,CAAC,CAAA,EAAG;AACR,EAAA,SAAA,CAAU,EAAE,UAAA,EAAY,CAAA,EAAG,SAAA,EAAW,GAAG,CAAA;AACzC,EAAA,wBAAA,CAAyB,4BAA4B,EAAE,UAAA,EAAY,CAAA,EAAG,SAAA,EAAW,GAAG,CAAA;AACpF,EAAA,IAAI,IAAA,EAAM,qBAAqB,KAAA,EAAO;AACpC,IAAA,oBAAA,CAAqB,EAAE,UAAA,EAAY,CAAA,EAAG,SAAA,EAAW,GAAG,CAAA;AAAA,EACtD;AACF;;;AC5GA,IAAM,cAAA,GAAiB,IAAI,EAAA,GAAK,GAAA;AASzB,IAAM,oBAAN,MAAwB;AAAA,EAK7B,WAAA,CAAY,QAAgB,cAAA,EAAgB;AAJ5C,IAAA,IAAA,CAAiB,KAAA,uBAAY,GAAA,EAAwB;AACrD,IAAA,IAAA,CAAiB,QAAA,uBAAe,GAAA,EAA0C;AAIxE,IAAA,IAAA,CAAK,KAAA,GAAQ,KAAA;AAAA,EACf;AAAA,EAEA,IAAI,SAAA,EAAwC;AAC1C,IAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,SAAS,CAAA;AACtC,IAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AACnB,IAAA,IAAI,IAAA,CAAK,GAAA,EAAI,IAAK,KAAA,CAAM,SAAA,EAAW;AACjC,MAAA,IAAA,CAAK,KAAA,CAAM,OAAO,SAAS,CAAA;AAC3B,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,OAAO,KAAA,CAAM,MAAA;AAAA,EACf;AAAA,EAEA,GAAA,CAAI,WAAmB,MAAA,EAA4B;AACjD,IAAA,IAAA,CAAK,KAAA,CAAM,IAAI,SAAA,EAAW;AAAA,MACxB,MAAA;AAAA,MACA,SAAA,EAAW,IAAA,CAAK,GAAA,EAAI,GAAI,IAAA,CAAK;AAAA,KAC9B,CAAA;AAAA,EACH;AAAA,EAEA,WAAW,SAAA,EAA0B;AACnC,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,IAAA,CAAK,KAAA,CAAM,OAAO,SAAS,CAAA;AAC3B,MAAA,IAAA,CAAK,QAAA,CAAS,OAAO,SAAS,CAAA;AAAA,IAChC,CAAA,MAAO;AACL,MAAA,IAAA,CAAK,MAAM,KAAA,EAAM;AACjB,MAAA,IAAA,CAAK,SAAS,KAAA,EAAM;AAAA,IACtB;AAAA,EACF;AAAA,EAEA,MAAM,YAAA,CACJ,SAAA,EACA,QAAA,EAC8B;AAC9B,IAAA,IAAI,CAAC,SAAA,IAAa,CAAC,SAAA,CAAU,IAAA,IAAQ,OAAO,IAAA;AAE5C,IAAA,MAAM,GAAA,GAAM,UAAU,IAAA,EAAK;AAC3B,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,GAAA,CAAI,GAAG,CAAA;AAC3B,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAA,CAAO,KAAA,CAAM,0BAAA,EAA4B,EAAE,SAAA,EAAW,KAAK,CAAA;AAC3D,MAAA,OAAO,MAAA;AAAA,IACT;AAEA,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,GAAG,CAAA;AACtC,IAAA,IAAI,QAAA,EAAU;AACZ,MAAA,MAAA,CAAO,KAAA,CAAM,sCAAA,EAAwC,EAAE,SAAA,EAAW,KAAK,CAAA;AACvE,MAAA,OAAO,QAAA;AAAA,IACT;AAEA,IAAA,MAAM,WAAW,YAA0C;AACzD,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,MAAM,QAAA,CAAS,GAAG,CAAA;AACjC,QAAA,IAAI,MAAA,EAAQ,IAAA,CAAK,GAAA,CAAI,GAAA,EAAK,MAAM,CAAA;AAChC,QAAA,OAAO,MAAA;AAAA,MACT,CAAA,SAAE;AACA,QAAA,IAAA,CAAK,QAAA,CAAS,OAAO,GAAG,CAAA;AAAA,MAC1B;AAAA,IACF,CAAA,GAAG;AAEH,IAAA,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,GAAA,EAAK,OAAO,CAAA;AAC9B,IAAA,OAAO,OAAA;AAAA,EACT;AACF,CAAA;;;ACtEA,IAAM,wBAAA,GAA2B,IAAI,iBAAA,EAAkB;AAMvD,SAAS,kBAAA,GAA8C;AACrD,EAAA,MAAM,cAAA,GAAiB,cAAc,cAAc,CAAA;AACnD,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,WAAW,cAAc,CAAA;AAChD,IAAA,IAAI,CAAC,gBAAgB,OAAO,IAAA;AAC5B,IAAA,MAAM,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,cAAc,CAAA;AACxC,IAAA,OAAO,MAAA,IAAU,OAAO,MAAA,KAAW,QAAA,GAAW,MAAA,GAAS,IAAA;AAAA,EACzD,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,SAAE;AACA,IAAA,aAAA,CAAc,cAAc,CAAA;AAAA,EAC9B;AACF;AAEA,SAAS,kBAAkB,KAAA,EAA+B;AACxD,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,IAAA;AACtC,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,EAAK;AAC3B,EAAA,OAAO,UAAU,OAAA,GAAU,IAAA;AAC7B;AAEO,SAAS,gBAAA,GAAkC;AAChD,EAAA,MAAM,cAAc,kBAAA,EAAmB;AACvC,EAAA,MAAM,eAAA,GAAkB,iBAAA,CAAkB,WAAA,EAAa,SAAS,CAAA;AAChE,EAAA,IAAI,eAAA,EAAiB;AACnB,IAAA,MAAA,CAAO,KAAA,CAAM,4CAAA,EAA8C,EAAE,SAAA,EAAW,iBAAiB,CAAA;AACzF,IAAA,OAAO,eAAA;AAAA,EACT;AAEA,EAAA,MAAM,QAAA,GAAW,iBAAA,CAAkB,sBAAA,EAAwB,CAAA;AAC3D,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,MAAA,CAAO,KAAA,CAAM,mDAAA,EAAqD,EAAE,SAAA,EAAW,UAAU,CAAA;AACzF,IAAA,OAAO,QAAA;AAAA,EACT;AAEA,EAAA,MAAA,CAAO,KAAK,oEAAoE,CAAA;AAChF,EAAA,OAAO,IAAA;AACT;AAEA,eAAsB,mBAAA,CACpB,WACA,cAAA,EAC8B;AAC9B,EAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,SAAS,CAAA;AACvD,EAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AACtB,EAAA,OAAO,EAAE,GAAG,QAAA,EAAU,SAAA,EAAU;AAClC;AAEA,eAAsB,yBAAA,CACpB,WACA,cAAA,EAC8B;AAC9B,EAAA,OAAO,wBAAA,CAAyB,YAAA;AAAA,IAAa,SAAA;AAAA,IAAW,CAAC,GAAA,KACvD,mBAAA,CAAoB,GAAA,EAAK,cAAc;AAAA,GACzC;AACF;;;AC3DO,SAASC,YAAAA,GAAuB;AACrC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,QAAA,GAAW,OAAA,GACb,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAA,GACnC,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,CAAO,QAAA,CAAS,QAAA,GAAW,EAAA;AAChE,EAAA,OAAO,YAAkB,QAAQ,CAAA;AACnC;AAEO,SAAS,gBAAA,GAAkC;AAChD,EAAA,OAAO,gBAAA,EAAiB;AAC1B;AAEO,SAAS,aAAA,GAAyB;AACvC,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,SAAS,OAAO,oBAAA,CAAqB,OAAA,CAAQ,WAAA,CAAY,eAAe,CAAA;AAC5E,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,KAAA;AAC1C,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AACzD,EAAA,OAAO,OAAO,GAAA,CAAI,MAAM,CAAA,IAAK,MAAA,CAAO,IAAI,OAAO,CAAA;AACjD;;;ACHA,SAAS,YAAY,SAAA,EAAgC;AACnD,EAAA,MAAM,SAAA,GAAY,UAAU,UAAA,IAAc,IAAA;AAC1C,EAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA,GAAY,GAAA;AAE3C,EAAA,MAAM,UAAU,iBAAA,EAAkB;AAClC,EAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,IAAA,OAAA,CAAQ,aAAA,CAAc;AAAA,MACpB,aAAa,SAAA,CAAU,YAAA;AAAA,MACvB,cAAc,SAAA,CAAU,aAAA;AAAA,MACxB;AAAA,KACD,CAAA;AAAA,EACH;AACA,EAAA,UAAA,CAAW,YAAA,CAAa,WAAA,EAAa,SAAA,CAAU,YAAY,CAAA;AAC3D,EAAA,UAAA,CAAW,YAAA,CAAa,YAAA,EAAc,SAAA,CAAU,aAAa,CAAA;AAC7D,EAAA,UAAA,CAAW,YAAA,CAAa,SAAA,EAAW,SAAA,CAAU,QAAA,EAAU,CAAA;AAEvD,EAAA,IAAIA,cAAY,EAAG;AACjB,IAAA,MAAA,CAAO,MAAM,4BAAA,EAA8B;AAAA,MACzC,SAAA,EAAW,IAAI,IAAA,CAAK,SAAS,EAAE,WAAA,EAAY;AAAA,MAC3C;AAAA,KACD,CAAA;AAAA,EACH,CAAA,MAAO;AACL,IAAA,MAAA,CAAO,KAAK,4BAA4B,CAAA;AAAA,EAC1C;AACF;AAEA,eAAsB,sBAAsB,MAAA,EAAqD;AAC/F,EAAA,IAAI;AACF,IAAA,MAAM,EAAE,IAAA,EAAM,YAAA,EAAc,QAAA,EAAU,aAAY,GAAI,MAAA;AACtD,IAAA,MAAM,cAAA,GAAiB,OAAO,gBAAA,EAAiB;AAC/C,IAAA,MAAM,QAAA,GAAW,GAAG,cAAc,CAAA,YAAA,CAAA;AAElC,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,UAAA,EAAY,wBAAA;AAAA,MACZ,IAAA;AAAA,MACA,SAAA,EAAW,UAAU,QAAQ,CAAA,CAAA;AAAA,MAC7B,YAAA,EAAc,WAAA;AAAA,MACd,aAAA,EAAe;AAAA,KAChB,CAAA;AAED,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,EAAU;AAAA,MACrC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,mCAAA,EAAoC;AAAA,MAC/D,IAAA,EAAM,KAAK,QAAA;AAAS,KACrB,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,YAAA,GAAe,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AAC3D,MAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,QACpC,QAAQ,QAAA,CAAS,MAAA;AAAA,QACjB,YAAY,QAAA,CAAS,UAAA;AAAA,QACrB,YAAA;AAAA,QACA,UAAA,EAAY;AAAA,OACb,CAAA;AACD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,0BAA0B,QAAA,CAAS,MAAM,IAAI,QAAA,CAAS,UAAU,GAAG,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,CAAE,SAAS,CAAA,GAAA,EAAM,IAAA,CAAK,UAAU,YAAY,CAAC,KAAK,EAAE,CAAA;AAAA,OACjJ;AAAA,IACF;AAEA,IAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,EAAK;AAEvC,IAAA,IAAI,CAAC,UAAU,YAAA,IAAgB,CAAC,UAAU,aAAA,IAAiB,CAAC,UAAU,UAAA,EAAY;AAChF,MAAA,MAAA,CAAO,MAAM,iCAAiC,CAAA;AAC9C,MAAA,MAAM,IAAI,MAAM,wBAAwB,CAAA;AAAA,IAC1C;AAEA,IAAA,WAAA,CAAY,SAAS,CAAA;AACrB,IAAA,OAAO,SAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,MAAM,SAAA,GAAY,KAAA,YAAiB,KAAA,IAAS,KAAA,CAAM,IAAA,KAAS,YAAA;AAC3D,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,MAAA,CAAO,KAAK,iFAAiF,CAAA;AAC7F,MAAA,MAAM,gBAAgB,cAAA,EAAqB;AAC3C,MAAA,IAAI,aAAA,IAAiB,CAAC,oBAAA,EAAqB,EAAG;AAC5C,QAAA,OAAO;AAAA,UACL,YAAA,EAAc,aAAA;AAAA,UACd,aAAA,EAAe,iBAAgB,IAAK,EAAA;AAAA,UACpC,UAAA,EAAY;AAAA,SACd;AAAA,MACF;AACA,MAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,IACvD;AACA,IAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,MACpC,SAAS,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC/D,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AACF;AAEA,IAAI,cAAA,GAAyC,IAAA;AAE7C,eAAsB,kBAAA,GAAsC;AAC1D,EAAA,IAAI,gBAAgB,OAAO,cAAA;AAE3B,EAAA,cAAA,GAAA,CAAkB,YAA6B;AAC7C,IAAA,IAAI;AACF,MAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,MAAA,MAAM,WAAW,WAAA,EAAY;AAC7B,MAAA,MAAM,WAAW,WAAA,EAAY;AAE7B,MAAA,MAAA,CAAO,MAAM,gCAAA,EAAkC;AAAA,QAC7C,eAAA,EAAiB,CAAC,CAAC,YAAA;AAAA,QACnB,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,IAAI,CAAC,YAAA,IAAgB,CAAC,QAAA,IAAY,CAAC,QAAA,EAAU;AAC3C,QAAA,MAAA,CAAO,MAAM,6CAAA,EAA+C;AAAA,UAC1D,eAAA,EAAiB,CAAC,CAAC,YAAA;AAAA,UACnB,WAAA,EAAa,CAAC,CAAC,QAAA;AAAA,UACf,WAAA,EAAa,CAAC,CAAC;AAAA,SAChB,CAAA;AACD,QAAA,MAAM,IAAI,MAAM,6CAA6C,CAAA;AAAA,MAC/D;AAEA,MAAA,MAAM,cAAA,GAAiB,OAAO,gBAAA,EAAiB;AAC/C,MAAA,MAAM,QAAA,GAAW,GAAG,cAAc,CAAA,cAAA,CAAA;AAElC,MAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,QAC/B,UAAA,EAAY,0BAAA;AAAA,QACZ,aAAA,EAAe,YAAA;AAAA,QACf,WAAW,QAAA,CAAS,UAAA,CAAW,SAAS,CAAA,GAAI,QAAA,GAAW,UAAU,QAAQ,CAAA,CAAA;AAAA,QACzE,SAAA,EAAW;AAAA,OACZ,CAAA;AAED,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,QAAA,EAAU;AAAA,QACrC,MAAA,EAAQ,MAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,cAAA,EAAgB,mCAAA;AAAA,UAChB,QAAA,EAAU;AAAA,SACZ;AAAA,QACA,IAAA,EAAM,KAAK,QAAA;AAAS,OACrB,CAAA;AAED,MAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,QAAA,MAAM,YAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AAC5D,QAAA,MAAM,0BACJ,QAAA,CAAS,MAAA,KAAW,OACnB,YAAA,EAAc,KAAA,KAAU,mBACxB,OAAO,YAAA,EAAc,sBAAsB,QAAA,KACzC,YAAA,CAAa,kBAAkB,QAAA,CAAS,SAAS,KAAK,YAAA,CAAa,iBAAA,CAAkB,SAAS,SAAS,CAAA,CAAA;AAE5G,QAAA,IAAI,uBAAA,EAAyB;AAC3B,UAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,UAAA,aAAA,CAAc,aAAa,WAAW,CAAA;AACtC,UAAA,aAAA,CAAc,aAAa,SAAS,CAAA;AACpC,UAAA,aAAA,CAAc,eAAe,oBAAA,EAAsB;AAAA,YACjD,KAAA,EAAO,kCAAA;AAAA,YACP,SAAS,MAAA,CAAO,YAAA,EAAc,iBAAA,IAAqB,YAAA,EAAc,SAAS,sBAAsB;AAAA,WACjG,CAAA;AAAA,QACH;AAEA,QAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB;AAAA,UACnC,QAAQ,QAAA,CAAS,MAAA;AAAA,UACjB,YAAY,QAAA,CAAS,UAAA;AAAA,UACrB,YAAA;AAAA,UACA,UAAA,EAAY;AAAA,SACb,CAAA;AACD,QAAA,MAAM,IAAI,KAAA;AAAA,UACR,yBAAyB,QAAA,CAAS,MAAM,IAAI,QAAA,CAAS,UAAU,GAAG,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,CAAE,SAAS,CAAA,GAAA,EAAM,IAAA,CAAK,UAAU,YAAY,CAAC,KAAK,EAAE,CAAA;AAAA,SAChJ;AAAA,MACF;AAEA,MAAA,MAAM,SAAA,GAAa,MAAM,QAAA,CAAS,IAAA,EAAK;AAEvC,MAAA,IAAI,CAAC,SAAA,CAAU,YAAA,IAAgB,CAAC,UAAU,aAAA,EAAe;AACvD,QAAA,MAAA,CAAO,MAAM,yCAAyC,CAAA;AACtD,QAAA,MAAM,IAAI,MAAM,gCAAgC,CAAA;AAAA,MAClD;AAEA,MAAA,WAAA,CAAY,SAAS,CAAA;AACrB,MAAA,aAAA,CAAc,eAAe,qBAAqB,CAAA;AAClD,MAAA,OAAO,SAAA,CAAU,YAAA;AAAA,IACnB,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,iBAAiB,KAAA,EAAO;AAC1B,QAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB,EAAE,OAAA,EAAS,KAAA,CAAM,SAAS,CAAA;AAC/D,QAAA,aAAA,CAAc,eAAe,oBAAA,EAAsB,EAAE,KAAA,EAAO,KAAA,CAAM,SAAS,CAAA;AAAA,MAC7E;AACA,MAAA,MAAM,KAAA;AAAA,IACR,CAAA,SAAE;AACA,MAAA,cAAA,GAAiB,IAAA;AAAA,IACnB;AAAA,EACF,CAAA,GAAG;AAEH,EAAA,OAAO,cAAA;AACT;;;AC7MO,SAAS,oBAAA,CAAqB,SAAiB,GAAA,EAAa;AACjE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAE5B,EAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,KAAK,CAAC,CAAA;AACjD,EAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AACrB;AAKA,eAAsB,sBAAsB,QAAA,EAAmC;AAC7E,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,IAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,CAAO,QAAQ,CAAA;AACpC,IAAA,MAAM,aAAa,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,IAAI,CAAA;AAC7D,IAAA,MAAM,YAAY,KAAA,CAAM,IAAA,CAAK,IAAI,UAAA,CAAW,UAAU,CAAC,CAAA;AACvD,IAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,SAAS,CAAC,CAAA;AACrD,IAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AAAA,EACrB,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,MAAM,mCAAmC,CAAA;AAAA,EACrD;AACF;AAKO,SAAS,aAAA,GAAwB;AACtC,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,EAAE,CAAA;AAC/B,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,MAAM,SAAS,IAAA,CAAK,MAAA,CAAO,YAAA,CAAa,GAAG,KAAK,CAAC,CAAA;AACjD,EAAA,OAAO,MAAA,CACJ,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAA;AACrB;;;AC1CO,SAAS,YAAY,IAAA,EAAuB;AACjD,EAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,QAAA,EAAU;AACrC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,MAAM,SAAA,GAAY,iEAAA;AAClB,EAAA,OAAO,SAAA,CAAU,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM,CAAA;AACnC;AAOO,SAAS,iBAAiB,QAAA,EAA2E;AAC1G,EAAA,IAAI,CAAC,QAAA,IAAY,QAAA,CAAS,IAAA,OAAW,EAAA,EAAI;AACvC,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,WAAA,CAAY,QAAQ,CAAA,EAAG;AAC1B,IAAA,OAAO;AAAA,MACL,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AAEA,EAAA,OAAO,EAAE,SAAS,IAAA,EAAK;AACzB;;;ACjCA,IAAM,qBAAA,GAAwB,CAAA;AAC9B,IAAM,YAAY,EAAA,GAAK,GAAA;AAEvB,IAAI,aAAA,GAAgB,CAAA;AACpB,IAAI,eAAA,GAAkB,CAAA;AA2Bf,SAAS,sBAAA,GAA+B;AAC7C,EAAA,aAAA,GAAgB,CAAA;AAChB,EAAA,eAAA,GAAkB,CAAA;AACpB;AAEO,SAAS,yBAAA,CAA0B,cAAsB,qBAAA,EAAgC;AAC9F,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,IAAI,GAAA,GAAM,kBAAkB,SAAA,EAAW;AACrC,IAAA,aAAA,GAAgB,CAAA;AAChB,IAAA,eAAA,GAAkB,GAAA;AAAA,EACpB;AACA,EAAA,IAAI,iBAAiB,WAAA,EAAa;AAChC,IAAA,aAAA,CAAc,eAAe,kBAAA,EAAoB;AAAA,MAC/C,OAAA,EAAS,2BAA2B,WAAW,CAAA,UAAA;AAAA,KAChD,CAAA;AACD,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,aAAA,EAAA;AACA,EAAA,OAAO,IAAA;AACT;;;ACrBO,SAAS,kBAAkB,MAAA,EAA4B;AAC5D,EAAA,MAAM,UAAA,GAAa,gBAAA,CAAiB,MAAA,CAAO,QAAQ,CAAA;AACnD,EAAA,IAAI,CAAC,WAAW,OAAA,EAAS;AACvB,IAAA,MAAA,CAAO,KAAK,6BAAA,EAA+B,EAAE,QAAA,EAAU,MAAA,CAAO,UAAU,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,gBAAA,EAAiB,IAAK,MAAA,CAAO,UAAA;AAC9D,EAAA,MAAM,kBAAA,GAAqB,OAAO,cAAA,EAAe;AACjD,EAAA,oBAAA,CAAqB;AAAA,IACnB,aAAA,EAAe,iBAAA;AAAA,IACf,QAAA,EAAU,OAAO,MAAA,CAAO,QAAA;AAAA,IACxB,UAAA,EAAY,MAAA,CAAO,MAAA,CAAO,UAAA,IAAc,OAAO,MAAA,CAAO,QAAA;AAAA,IACtD,WAAA,EAAa,kBAAA;AAAA,IACb,WAAA,EAAa,kBAAA;AAAA,IACb,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,SAAA,EAAW,OAAO,SAAA,IAAa,EAAA;AAAA,IAC/B,UAAA,EAAY,OAAO,SAAA,IAAa;AAAA,GACjC,CAAA;AACD,EAAA,IAAI,OAAO,SAAA,EAAW;AACpB,IAAA,UAAA,CAAW,YAAA,CAAa,SAAA,EAAW,MAAA,CAAO,SAAS,CAAA;AAAA,EACrD;AACF;AAEA,eAAsB,iBAAiB,MAAA,EAAqC;AAC1E,EAAA,IAAI;AACF,IAAA,MAAA,CAAO,KAAK,qCAAqC,CAAA;AAEjD,IAAA,MAAM,mBAAA,GAAsB,OAAO,gBAAA,EAAiB;AACpD,IAAA,MAAM,uBAAuB,mBAAA,IAAuB,MAAA,EAAQ,cAAc,EAAA,EAAI,OAAA,CAAQ,QAAQ,EAAE,CAAA;AAChG,IAAA,MAAM,oBAAA,GAAuB,OAAO,cAAA,EAAe;AACnD,IAAA,MAAM,iBAAA,GAAoB,QAAQ,QAAA,IAAY,EAAA;AAC9C,IAAA,MAAM,iBAAA,GAAoB,MAAA,EAAQ,MAAA,EAAQ,QAAA,IAAY,EAAA;AAEtD,IAAA,MAAA,CAAO,MAAM,oCAAA,EAAsC;AAAA,MACjD,mBAAA,EAAqB,sBAAsB,YAAA,GAAe,SAAA;AAAA,MAC1D,mBAAA;AAAA,MACA,oBAAA;AAAA,MACA,iBAAA;AAAA,MACA,iBAAA;AAAA,MACA,MAAA,EAAQ,QAAQ,MAAA,EAAQ,MAAA;AAAA,MACxB,UAAA,EAAY,CAAC,CAAC,cAAA;AAAe,KAC9B,CAAA;AAID,IAAA,MAAA,CAAO,KAAK,4CAAA,EAA8C;AAAA,MACxD,qBAAqB,mBAAA,IAAuB,IAAA;AAAA,MAC5C,mBAAA;AAAA,MACA,oBAAA;AAAA,MACA,QAAA,EAAU,iBAAA;AAAA,MACV,SAAA,EAAY,OAAkC,SAAA,IAAa,IAAA;AAAA,MAC3D;AAAA,KACD,CAAA;AAED,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,IAAI,KAAA,IAAS,CAAC,oBAAA,EAAqB,EAAG;AACpC,MAAA,MAAA,CAAO,MAAM,gDAAgD,CAAA;AAC7D,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,eAAc,EAAG;AACnB,MAAA,MAAA,CAAO,MAAM,yEAAyE,CAAA;AACtF,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,IAAI,kBAAiB,EAAG;AACtB,MAAA,IAAI,eAAA,CAAgB,GAAI,CAAA,EAAG;AACzB,QAAA,MAAA,CAAO,KAAK,wDAAwD,CAAA;AACpE,QAAA,cAAA,EAAe;AAAA,MACjB,CAAA,MAAO;AACL,QAAA,MAAA,CAAO,MAAM,qEAAqE,CAAA;AAClF,QAAA;AAAA,MACF;AAAA,IACF;AAEA,IAAA,YAAA,EAAa;AAEb,IAAA,IACE,EAAE,MAAA,CAAO,gBAAA,EAAiB,IAAK,MAAA,EAAQ,UAAA,CAAA,IACvC,CAAC,MAAA,CAAO,MAAA,EAAQ,QAAA,IAChB,CAAC,MAAA,CAAO,QAAQ,WAAA,EAChB;AACA,MAAA,MAAA,CAAO,MAAM,mDAAA,EAAqD;AAAA,QAChE,mBAAA;AAAA,QACA,QAAA,EAAU,QAAQ,MAAA,EAAQ,QAAA;AAAA,QAC1B,wBAAA,EAA0B,QAAQ,MAAA,EAAQ,WAAA;AAAA,QAC1C;AAAA,OACD,CAAA;AACD,MAAA,MAAM,IAAI,MAAM,4CAA4C,CAAA;AAAA,IAC9D;AAEA,IAAA,iBAAA,CAAkB,MAAM,CAAA;AAExB,IAAA,MAAA,CAAO,MAAM,0DAA0D,CAAA;AAEvE,IAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,IAAA,aAAA,CAAc,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAC7C,IAAA,uBAAA,EAAwB;AAExB,IAAA,MAAM,eAAe,oBAAA,EAAqB;AAC1C,IAAA,MAAM,aAAA,GAAgB,MAAM,qBAAA,CAAsB,YAAY,CAAA;AAC9D,IAAA,MAAM,QAAQ,aAAA,EAAc;AAE5B,IAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,IAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,IAAA,UAAA,CAAW,YAAA,CAAa,cAAc,YAAY,CAAA;AAClD,IAAA,UAAA,CAAW,YAAA,CAAa,OAAO,KAAK,CAAA;AAEpC,IAAA,MAAM,OAAA,GAAU,qBAAA,CAAsB,MAAA,EAAQ,aAAA,EAAe,KAAK,CAAA;AAClE,IAAA,MAAA,CAAO,MAAM,4CAAA,EAA8C;AAAA,MACzD,mBAAA;AAAA,MACA,SAAA,EAAW,OAAA,EAAS,KAAA,CAAM,CAAA,EAAG,EAAE;AAAA,KAChC,CAAA;AAED,IAAA,IACE,CAAC,OAAA,IACD,EAAE,OAAA,CAAQ,UAAA,CAAW,SAAS,CAAA,IAAK,OAAA,CAAQ,UAAA,CAAW,UAAU,CAAA,CAAA,EAChE;AACA,MAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,IACvD;AAEA,IAAA,IAAI,CAAC,2BAA0B,EAAG;AAChC,MAAA,MAAA,CAAO,KAAK,0DAA0D,CAAA;AACtE,MAAA,cAAA,EAAe;AACf,MAAA;AAAA,IACF;AAEA,IAAA,MAAA,CAAO,KAAK,qCAAqC,CAAA;AACjD,IAAA,aAAA,CAAc,eAAe,aAAA,EAAe,EAAE,SAAA,EAAW,MAAA,CAAO,WAAW,CAAA;AAE3E,IAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,IAAA,IAAI,OAAA,EAAS;AACX,MAAA,MAAA,CAAO,MAAM,8DAA8D,CAAA;AAC3E,MAAA,OAAA,CAAQ,WAAA,CAAY,SAAS,OAAO,CAAA;AAAA,IACtC,CAAA,MAAA,IAAW,OAAO,MAAA,KAAW,WAAA,EAAa;AACxC,MAAA,MAAA,CAAO,MAAM,yDAAyD,CAAA;AACtE,MAAA,MAAA,CAAO,QAAA,CAAS,QAAQ,OAAO,CAAA;AAAA,IACjC,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,KAAA,CAAM,8DAAA,EAAgE,EAAE,OAAA,EAAS,CAAA;AAAA,IAC1F;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,cAAA,EAAe;AACf,IAAA,MAAA,CAAO,MAAM,8BAAA,EAAgC;AAAA,MAC3C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,MAAM,KAAA;AAAA,EACR;AACF;AAEA,SAAS,qBAAA,CACP,MAAA,EACA,aAAA,EACA,KAAA,EACQ;AACR,EAAA,MAAM,cAAA,GAAA,CAAkB,OAAO,gBAAA,EAAiB,IAAK,OAAO,UAAA,IAAc,EAAA,EAAI,OAAA,CAAQ,MAAA,EAAQ,EAAE,CAAA;AAChG,EAAA,IAAIA,cAAY,EAAG;AACjB,IAAA,MAAA,CAAO,MAAM,4BAAA,EAA8B;AAAA,MACzC,UAAA,EAAY,cAAA;AAAA,MACZ,QAAA,EAAU,OAAO,MAAA,CAAO,QAAA;AAAA,MACxB,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,MAC3B,MAAA,EAAQ,OAAO,MAAA,CAAO;AAAA,KACvB,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,gBAAgB,MAAA,CAAO,QAAA;AAC7B,EAAA,MAAM,aAAA,GAAgB,OAAO,MAAA,CAAO,QAAA;AAEpC,EAAA,MAAM,gBAAA,GAAmB,OAAO,cAAA,EAAe;AAE/C,EAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,IACjC,SAAA,EAAW,UAAU,aAAa,CAAA,CAAA;AAAA,IAClC,SAAA,EAAW,aAAA;AAAA,IACX,YAAA,EAAc,gBAAA;AAAA,IACd,aAAA,EAAe,qBAAA;AAAA,IACf,KAAA,EAAO,OAAO,MAAA,CAAO,MAAA;AAAA,IACrB,KAAA;AAAA,IACA,cAAA,EAAgB,aAAA;AAAA,IAChB,qBAAA,EAAuB;AAAA,GACxB,CAAA;AAED,EAAA,OAAO,CAAA,EAAG,cAAc,CAAA,mBAAA,EAAsB,MAAA,CAAO,UAAU,CAAA,CAAA;AACjE;ACnLA,SAAS,WAAA,GAAuB;AAC9B,EAAA,OAAO,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AAC7D;AAEA,SAAS,YAAA,GAAwB;AAC/B,EAAA,OAAO,oBAAA,EAAqB;AAC9B;AAEA,SAAS,cAAA,GAAuB;AAC9B,EAAA,qBAAA,EAAsB;AACxB;AAEA,SAAS,aAAA,GAAsB;AAC7B,EAAA,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAA,EAAG,MAAM,CAAA;AACtD,EAAA,uBAAA,EAAwB;AAC1B;AAEA,SAAS,eAAA,GAAwB;AAC/B,EAAA,uBAAA,EAAwB;AACxB,EAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACnD;AAEA,IAAI,UAAA,GAAa,KAAA;AAcjB,SAAS,YAAA,GAAqB;AAC5B,EAAA,IAAI,UAAA,EAAY;AAChB,EAAA,IAAI,cAAa,EAAG;AACpB,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,KAAA,GAAQ,OAAA,GACV,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,MAAM,CAAA,EAAG,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc,CAAE,QAAQ,CAAA,CAAA,GAC3F,OAAO,MAAA,KAAW,WAAA,GAAc,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA,CAAA,GAAK,GAAA;AAC9F,EAAA,IAAI,OAAA,EAAS,OAAA,CAAQ,WAAA,CAAY,YAAA,CAAa,KAAK,CAAA;AAAA,OAAA,IAC1C,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAQ,YAAA,CAAa,EAAC,EAAG,OAAO,QAAA,KAAa,WAAA,GAAc,QAAA,CAAS,KAAA,GAAQ,IAAI,KAAK,CAAA;AACpI,EAAA,UAAA,GAAa,IAAA;AACf;AAEA,SAAS,iBAAA,GAA0B;AACjC,EAAA,cAAA,EAAe;AACjB;AAMA,eAAe,+BAAA,GAIL;AACR,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,MAAM,aAAa,gBAAA,EAAiB,IAAK,YAAA,EAAa,IAAK,IAAI,IAAA,EAAK;AACpE,EAAA,IAAI,CAAC,OAAA,EAAS,cAAA,IAAkB,CAAC,SAAA,EAAW;AAC1C,IAAA,MAAA,CAAO,MAAM,gFAAA,EAA6E;AAAA,MACxF,WAAA,EAAa,CAAC,CAAC,OAAA,EAAS,cAAA;AAAA,MACxB,WAAW,SAAA,IAAa;AAAA,KACzB,CAAA;AACD,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,IAAI;AACF,IAAA,MAAM,EAAA,GAAK,MAAM,OAAA,CAAQ,cAAA,CAAe,QAAQ,SAAS,CAAA;AACzD,IAAA,IAAI,CAAC,EAAA,EAAI,MAAA,EAAQ,QAAA,IAAY,CAAC,GAAG,QAAA,EAAU;AACzC,MAAA,MAAA,CAAO,KAAK,6EAAA,EAA+E;AAAA,QACzF;AAAA,OACD,CAAA;AACD,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,iBAAA,CAAkB,EAAE,CAAA;AACpB,IAAA,OAAO;AAAA,MACL,QAAA,EAAU,EAAA,CAAG,MAAA,CAAO,QAAA,CAAS,MAAK,IAAK,IAAA;AAAA,MACvC,aAAa,EAAA,CAAG,MAAA,CAAO,WAAA,EAAa,IAAA,MAAU,cAAA,EAAe;AAAA,MAC7D,QAAA,EAAU,EAAA,CAAG,QAAA,CAAS,IAAA,EAAK,IAAK;AAAA,KAClC;AAAA,EACF,SAAS,CAAA,EAAG;AACV,IAAA,MAAA,CAAO,KAAK,4DAAA,EAA8D;AAAA,MACxE,SAAA;AAAA,MACA,OAAO,CAAA,YAAa,KAAA,GAAQ,CAAA,CAAE,OAAA,GAAU,OAAO,CAAC;AAAA,KACjD,CAAA;AACD,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEA,eAAsB,cAAA,GAAmC;AACvD,EAAA,MAAM,aAAA,GAAgB,cAAA,EAAe,EAAG,WAAA,CAAY,eAAc,CAAE,MAAA;AACpE,EAAA,MAAM,eAAe,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,CAAO,SAAS,MAAA,GAAS,EAAA;AAC9E,EAAA,MAAA,CAAO,MAAM,mCAAA,EAAqC;AAAA,IAChD,aAAa,WAAA,EAAY;AAAA,IACzB,cAAc,YAAA,EAAa;AAAA,IAC3B,eAAe,aAAA,EAAc;AAAA,IAC7B,eAAe,aAAA,IAAiB,QAAA;AAAA,IAChC,cAAc,YAAA,IAAgB;AAAA,GAC/B,CAAA;AAED,EAAA,IAAI,aAAY,EAAG;AACjB,IAAA,MAAA,CAAO,KAAK,mDAAmD,CAAA;AAC/D,IAAA,IAAI,eAAc,EAAG;AACnB,MAAA,IAAI,CAAC,YAAA,EAAa,EAAG,YAAA,EAAa;AAAA,IACpC;AACA,IAAA,cAAA,EAAe;AACf,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,cAAa,EAAG;AAClB,IAAA,MAAA,CAAO,KAAK,gEAAgE,CAAA;AAC5E,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,kBAAkB,YAAA,EAAa;AACrC,EAAA,MAAM,gBAAA,GAAmB,kBAAiB,IAAK,eAAA;AAE/C,EAAA,IAAI,gBAAA,IAAoB,eAAA,IAAmB,gBAAA,KAAqB,eAAA,EAAiB;AAC/E,IAAA,MAAA,CAAO,KAAK,2DAAA,EAA6D;AAAA,MACvE,gBAAA;AAAA,MACA;AAAA,KACD,CAAA;AACD,IAAA,eAAA,EAAgB;AAChB,IAAA,iBAAA,EAAkB;AAClB,IAAA,eAAA,EAAgB;AAChB,IAAA,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAA,EAAG,MAAM,CAAA;AACnD,IAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAG,gBAAgB,CAAA;AAC5D,IAAA,YAAA,CAAa,gBAAgB,CAAA;AAC7B,IAAA,IAAI,aAAA,IAAiB,YAAA,EAAa;AAClC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,eAAc,EAAG;AACpB,IAAA,MAAA,CAAO,KAAK,gDAAgD,CAAA;AAC5D,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,cAAA,EAAe;AACf,EAAA,cAAA,EAAe;AACf,EAAA,UAAA,GAAa,KAAA;AAEb,EAAA,IAAI;AACF,IAAA,MAAM,MAAA,GAAS,cAAA,EAAe,EAAG,WAAA,CAAY,aAAA,EAAc,CAAE,MAAA,KAAW,OAAO,MAAA,KAAW,WAAA,GAAc,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,EAAA,CAAA;AACjI,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAM,CAAA;AACzC,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,GAAA,CAAI,MAAM,CAAA;AAC9B,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AAChC,IAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AAEhC,IAAA,IAAI,KAAA,IAAS,CAAC,IAAA,IAAQ,CAAC,KAAA,EAAO;AAC5B,MAAA,MAAA,CAAO,MAAM,sDAAA,EAAwD,EAAE,KAAA,EAAO,IAAA,EAAM,OAAO,CAAA;AAC3F,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,MAAM,cAAc,QAAA,EAAS;AAC7B,IAAA,IAAI,CAAC,WAAA,IAAe,WAAA,KAAgB,KAAA,EAAO;AACzC,MAAA,MAAM,0BAA0B,gBAAA,EAAiB;AACjD,MAAA,MAAM,oBAAoB,gBAAA,EAAiB;AAC3C,MAAA,MAAM,gBAAA,GAAmB,uBAAA,IAA2B,iBAAA,IAAqB,uBAAA,KAA4B,iBAAA;AACrG,MAAA,IAAI,gBAAA,EAAkB;AACpB,QAAA,MAAA,CAAO,KAAK,gEAAgE,CAAA;AAAA,MAC9E,CAAA,MAAO;AACL,QAAA,MAAA,CAAO,MAAM,oEAAoE,CAAA;AAAA,MACnF;AACA,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,YAAA,EAAa;AACb,MAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAG,MAAM,CAAA;AAClD,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAA,CAAO,MAAM,8CAA8C,CAAA;AAC3D,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,IAAI,WAAW,WAAA,EAAY;AAC3B,IAAA,IAAI,cAAc,cAAA,EAAe;AACjC,IAAA,IAAI,WAAW,WAAA,EAAY;AAE3B,IAAA,IAAI,CAAC,QAAA,IAAY,CAAC,WAAA,IAAe,CAAC,QAAA,EAAU;AAC1C,MAAA,MAAA,CAAO,KAAK,wEAAA,EAAqE;AAAA,QAC/E,WAAA,EAAa,CAAC,CAAC,QAAA;AAAA,QACf,cAAA,EAAgB,CAAC,CAAC,WAAA;AAAA,QAClB,WAAA,EAAa,CAAC,CAAC;AAAA,OAChB,CAAA;AACD,MAAA,MAAM,SAAA,GAAY,MAAM,+BAAA,EAAgC;AACxD,MAAA,IAAI,SAAA,EAAW;AACb,QAAA,IAAI,CAAC,WAAA,EAAa,WAAA,GAAc,SAAA,CAAU,WAAA;AAC1C,QAAA,IAAI,CAAC,QAAA,EAAU,QAAA,GAAW,SAAA,CAAU,QAAA;AAEpC,QAAA,QAAA,GACE,WAAA,EAAY,IAAK,kCAAA,CAAmC,SAAA,CAAU,QAAQ,CAAA,IAAK,IAAA;AAAA,MAC/E;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,QAAA,IAAY,CAAC,WAAA,IAAe,CAAC,QAAA,EAAU;AAC1C,MAAA,MAAA,CAAO,MAAM,6DAAA,EAA+D;AAAA,QAC1E,WAAA,EAAa,CAAC,CAAC,QAAA;AAAA,QACf,cAAA,EAAgB,CAAC,CAAC,WAAA;AAAA,QAClB,WAAA,EAAa,CAAC,CAAC;AAAA,OAChB,CAAA;AACD,MAAA,iBAAA,EAAkB;AAClB,MAAA,eAAA,EAAgB;AAChB,MAAA,YAAA,EAAa;AACb,MAAA,OAAO,KAAA;AAAA,IACT;AAGA,IAAA,MAAM,gBAAgB,cAAA,EAAe;AACrC,IAAA,IAAI,aAAA,IAAiB,CAAC,oBAAA,EAAqB,EAAG;AAC5C,MAAA,MAAA,CAAO,KAAK,4EAA4E,CAAA;AACxF,MAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,MAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,MAAA,iBAAA,EAAkB;AAClB,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,sBAAA,EAAuB;AACvB,MAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAA,CAAO,KAAK,oCAAoC,CAAA;AAChD,IAAA,MAAM,SAAA,GAAY,MAAM,qBAAA,CAAsB;AAAA,MAC5C,IAAA;AAAA,MACA,YAAA;AAAA,MACA,QAAA;AAAA,MACA,WAAA;AAAA,MACA;AAAA,KACD,CAAA;AAED,IAAA,IAAI,CAAC,WAAW,YAAA,EAAc;AAC5B,MAAA,MAAA,CAAO,MAAM,yCAAyC,CAAA;AACtD,MAAA,eAAA,EAAgB;AAChB,MAAA,iBAAA,EAAkB;AAClB,MAAA,YAAA,EAAa;AACb,MAAA,aAAA,CAAc,cAAA,CAAe,eAAA,EAAiB,EAAE,OAAA,EAAS,4BAA4B,CAAA;AACrF,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,IAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,IAAA,iBAAA,EAAkB;AAClB,IAAA,aAAA,EAAc;AACd,IAAA,YAAA,EAAa;AAEb,IAAA,MAAA,CAAO,KAAK,uCAAuC,CAAA;AACnD,IAAA,sBAAA,EAAuB;AACvB,IAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,IAAA,OAAO,IAAA;AAAA,EACT,SAAS,GAAA,EAAK;AACZ,IAAA,IAAI,KAAA,CAAM,YAAA,CAAa,GAAG,CAAA,EAAG;AAC3B,MAAA,MAAM,MAAA,GAAS,IAAI,QAAA,EAAU,MAAA;AAC7B,MAAA,MAAM,YAAA,GAAe,IAAI,QAAA,EAAU,IAAA;AACnC,MAAA,MAAM,YAAY,YAAA,EAAc,KAAA;AAChC,MAAA,MAAM,gBAAA,GAAmB,YAAA,EAAc,iBAAA,IAAqB,YAAA,EAAc,OAAA,IAAW,EAAA;AAErF,MAAA,IACE,MAAA,KAAW,OACX,SAAA,KAAc,eAAA,KACb,OAAO,gBAAgB,CAAA,CAAE,SAAS,cAAc,CAAA,IAChD,OAAO,gBAAgB,CAAA,CAAE,SAAS,gBAAgB,CAAA,IAClD,OAAO,gBAAgB,CAAA,CAAE,QAAA,CAAS,uBAAuB,CAAA,CAAA,EAC1D;AACA,QAAA,MAAMC,iBAAgB,cAAA,EAAe;AACrC,QAAA,MAAMC,WAAAA,GAAaD,cAAAA,IAAiB,CAAC,oBAAA,EAAqB;AAC1D,QAAA,IAAIC,WAAAA,EAAY;AACd,UAAA,aAAA,CAAc,aAAa,YAAY,CAAA;AACvC,UAAA,aAAA,CAAc,aAAa,KAAK,CAAA;AAChC,UAAA,iBAAA,EAAkB;AAClB,UAAA,aAAA,EAAc;AACd,UAAA,YAAA,EAAa;AACb,UAAA,MAAA,CAAO,KAAK,6EAA6E,CAAA;AACzF,UAAA,sBAAA,EAAuB;AACvB,UAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF;AAEA,MAAA,aAAA,CAAc,eAAe,eAAA,EAAiB;AAAA,QAC5C,OAAO,GAAA,CAAI,OAAA;AAAA,QACX,OAAA,EAAS,YAAA,EAAc,iBAAA,IAAqB,GAAA,CAAI;AAAA,OACjD,CAAA;AACD,MAAA,MAAA,CAAO,MAAM,qCAAA,EAAuC;AAAA,QAClD,MAAA;AAAA,QACA,UAAA,EAAY,IAAI,QAAA,EAAU,UAAA;AAAA,QAC1B,YAAA,EAAc,IAAI,QAAA,EAAU,IAAA;AAAA,QAC5B,SAAS,GAAA,CAAI,OAAA;AAAA,QACb,GAAA,EAAK,IAAI,MAAA,EAAQ;AAAA,OAClB,CAAA;AAAA,IACH,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,MAAM,uBAAA,EAAyB;AAAA,QACpC,OAAO,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,OAAO,GAAG;AAAA,OACvD,CAAA;AAAA,IACH;AAEA,IAAA,iBAAA,EAAkB;AAClB,IAAA,MAAM,gBAAgB,cAAA,EAAe;AACrC,IAAA,MAAM,UAAA,GAAa,aAAA,IAAiB,CAAC,oBAAA,EAAqB;AAC1D,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,aAAA,EAAc;AACd,MAAA,YAAA,EAAa;AACb,MAAA,sBAAA,EAAuB;AACvB,MAAA,aAAA,CAAc,eAAe,gBAAgB,CAAA;AAC7C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,aAAA,CAAc,eAAe,eAAA,EAAiB;AAAA,MAC5C,OAAO,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU,OAAO,GAAG;AAAA,KACvD,CAAA;AACD,IAAA,eAAA,EAAgB;AAChB,IAAA,IAAI,aAAA,IAAiB,YAAA,EAAa;AAClC,IAAA,OAAO,KAAA;AAAA,EACT;AACF;;;ACjWO,IAAM,eAAN,MAAwC;AAAA,EAC7C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,WAAA,EAAa,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,aAAA,EAAc;AAE/C,IAAA,cAAA,EAAe;AAEf,IAAA,MAAM,OAAA,GAAU,MAAM,cAAA,EAAe;AACrC,IAAA,IAAI,OAAA,EAAS;AACX,MAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,QAAA,IAAI,oBAAA,EAAqB,EAAG,OAAO,EAAE,WAAW,IAAA,EAAK;AACrD,QAAA,MAAM,IAAI,MAAA,EAAO;AACjB,QAAA,WAAA,CAAY,SAAS,CAAA,EAAG,CAAA,CAAE,MAAM,CAAA,EAAG,CAAA,CAAE,QAAQ,CAAA,CAAE,CAAA;AAC/C,QAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,MAC3B;AACA,MAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,IAC3B;AACA,IAAA,IAAI,oBAAA,CAAqB,MAAA,EAAQ,CAAA,EAAG;AAClC,MAAA,MAAM,IAAI,MAAA,EAAO;AACjB,MAAA,WAAA,CAAY,SAAS,CAAA,EAAG,CAAA,CAAE,MAAM,CAAA,EAAG,CAAA,CAAE,QAAQ,CAAA,CAAE,CAAA;AAAA,IACjD;AACA,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC3BO,IAAM,oBAAN,MAA6C;AAAA,EAClD,MAAM,QAAQ,QAAA,EAA4C;AACxD,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;ACLA,IAAI,aAAA,GAAmC,IAAA;AAEhC,SAAS,oBAAA,GAA0C;AACxD,EAAA,OAAO,aAAA;AACT;AAEO,SAAS,qBAAqB,MAAA,EAAiC;AACpE,EAAA,aAAA,GAAgB,MAAA;AAClB;;;ACIA,IAAI,gBAAA,GAAmB,CAAA;AACvB,IAAM,0BAAA,GAA6B,GAAA;AAEnC,eAAsB,sBAAA,GAA0C;AAC9D,EAAA,MAAM,SAAS,oBAAA,EAAqB;AACpC,EAAA,IAAI,MAAA,EAAQ;AACV,IAAA,IAAI;AACF,MAAA,OAAO,MAAM,OAAO,cAAA,EAAe;AAAA,IACrC,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AAEA,EAAA,MAAM,QAAQ,cAAA,EAAqB;AACnC,EAAA,IAAI,KAAA,IAAS,CAAC,oBAAA,EAAqB,EAAG,OAAO,KAAA;AAE7C,EAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,EAAA,IAAI,CAAC,YAAA,EAAc;AACjB,IAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,IAAA,IAAI,GAAA,GAAM,oBAAoB,0BAAA,EAA4B;AACxD,MAAA,gBAAA,GAAmB,GAAA;AACnB,MAAA,MAAA,CAAO,MAAM,mDAAmD,CAAA;AAAA,IAClE;AACA,IAAA,MAAM,IAAI,MAAM,kCAAkC,CAAA;AAAA,EACpD;AAEA,EAAA,OAAO,MAAM,kBAAA,EAA2B;AAC1C;AAEO,SAASC,eAAAA,GAAgC;AAC9C,EAAA,OAAO,cAAA,EAAqB;AAC9B;;;ACpCO,IAAM,cAAN,MAAuC;AAAA,EAC5C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACxB,IAAA,MAAM,MAAA,GAAS,MAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAEvD,IAAA,GAAA,CAAI,MAAM,yCAAyC,CAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,cAAA,GAAiB,MAAM,sBAAA,EAAuB;AACpD,MAAA,IAAI,cAAA,EAAgB;AAClB,QAAA,MAAA,CAAO,MAAM,kDAAkD,CAAA;AAC/D,QAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,MAC3B;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,KAAK,kDAAA,EAAoD;AAAA,QAC9D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,OAC7D,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,YAAY,gBAAA,EAAiB;AAEnC,IAAA,GAAA,CAAI,MAAM,mCAAA,EAAqC;AAAA,MAC7C,WAAW,SAAA,IAAa,QAAA;AAAA,MACxB,MAAA,EAAQ,YAAY,UAAA,GAAa;AAAA,KAClC,CAAA;AAED,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,0BAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,2CAAA,EAA8C,MAAA,EAAO,CAAE,IAAI,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,wCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;ACjDO,IAAM,mBAAN,MAA4C;AAAA,EACjD,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,WAAA,EAAa,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACrC,IAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,aAAA,EAAc;AAE/C,IAAA,MAAM,YAAA,GAAe,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAC/D,IAAA,GAAA,CAAI,IAAA,CAAK,+CAAA,EAAiD,EAAE,YAAA,EAAc,CAAA;AAC1E,IAAA,aAAA,CAAc,eAAe,eAAA,EAAiB,EAAE,SAAA,EAAW,YAAA,IAAgB,QAAW,CAAA;AAEtF,IAAA,aAAA,CAAc,aAAA,CAAc,iBAAiB,CAAC,CAAA;AAC9C,IAAA,aAAA,CAAc,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAE7C,IAAA,MAAM,SAAA,GAAA,CAAa,YAAA,IAAgB,gBAAA,EAAiB,GAAI,MAAK,IAAK,IAAA;AAElE,IAAA,GAAA,CAAI,MAAM,wCAAA,EAA0C;AAAA,MAClD,WAAW,SAAA,IAAa,QAAA;AAAA,MACxB,kBAAkB,YAAA,IAAgB,QAAA;AAAA,MAClC,MAAA,EAAQ,YAAA,GAAe,gBAAA,GAAmB,SAAA,GAAY,UAAA,GAAa;AAAA,KACpE,CAAA;AAED,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,uCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,uCAAA,EAA0C,MAAA,EAAO,CAAE,IAAI,CAAA,CAAE;AAAA,OACrE;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,qDAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAGA,IAAA,IAAI;AACF,MAAA,MAAM,MAAML,cAAAA,EAAc;AAC1B,MAAA,oBAAA,CAAqB;AAAA,QACnB,YAAY,GAAA,CAAI,UAAA;AAAA,QAChB,eAAe,GAAA,CAAI,aAAA;AAAA,QACnB,aAAa,GAAA,CAAI,WAAA;AAAA,QACjB,OAAO,GAAA,CAAI,KAAA;AAAA,QACX,UAAA,EAAY,YAAA,CAAa,MAAA,EAAQ,UAAA,IAAc,IAAI,UAAA,IAAc,EAAA;AAAA,QACjE,QAAA,EAAU,GAAA,CAAI,QAAA,IAAY,YAAA,CAAa,MAAA,EAAQ,QAAA;AAAA,QAC/C,QAAA,EAAU,YAAA,CAAa,QAAA,IAAY,GAAA,CAAI,QAAA;AAAA,QACvC,SAAA;AAAA,QACA,UAAA,EAAY;AAAA,OACb,CAAA;AAAA,IACH,CAAA,CAAA,MAAQ;AAAA,IAER;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;ACxDO,IAAM,YAAN,MAAqC;AAAA,EAC1C,MAAM,QAAQ,OAAA,EAA2C;AACvD,IAAA,MAAM,EAAE,SAAQ,GAAI,OAAA;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,GAAA,EAAI,GAAI,OAAA;AACxB,IAAA,MAAM,MAAA,GAAS,MAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AACvD,IAAA,MAAM,MAAM,MAAA,EAAO;AACnB,IAAA,GAAA,CAAI,KAAA,CAAM,mBAAA,EAAqB,EAAE,GAAA,EAAK,GAAA,CAAI,IAAA,EAAM,QAAA,EAAU,GAAA,CAAI,QAAA,EAAU,MAAA,EAAQ,GAAA,CAAI,MAAA,EAAQ,CAAA;AAE5F,IAAA,MAAM,iBAAA,GAAoB,UAAA,CAAW,aAAA,CAAc,oBAAoB,CAAC,CAAA,KAAM,MAAA;AAC9E,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,IAAI,iBAAA,IAAqB,CAAC,KAAA,EAAO;AAC/B,MAAA,GAAA,CAAI,KAAK,2FAA2F,CAAA;AACpG,MAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,MAAA,uBAAA,EAAwB;AAAA,IAC1B;AAEA,IAAA,MAAM,gBAAA,GAAmB,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAC,CAAA,KAAM,MAAA;AACzE,IAAA,IAAI,gBAAA,EAAkB,aAAA,CAAc,aAAA,CAAc,gBAAgB,CAAC,CAAA;AAEnE,IAAA,MAAM,YAAY,gBAAA,EAAiB;AAEnC,IAAA,GAAA,CAAI,MAAM,iCAAA,EAAmC;AAAA,MAC3C,WAAW,SAAA,IAAa,QAAA;AAAA,MACxB,MAAA,EAAQ,YAAY,UAAA,GAAa;AAAA,KAClC,CAAA;AACD,IAAA,IAAI,CAAC,SAAA,EAAW;AACd,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,8BAAA;AAAA,QACA,0BAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,yCAAA,EAA4C,GAAA,CAAI,IAAI,CAAA,CAAE;AAAA,OAClE;AAAA,IACF;AAEA,IAAA,GAAA,CAAI,KAAA,CAAM,qCAAA,EAAuC,EAAE,SAAA,EAAW,CAAA;AAC9D,IAAA,MAAM,YAAA,GAAe,MAAM,yBAAA,CAA0B,SAAA,EAAW,QAAQ,cAAc,CAAA;AACtF,IAAA,GAAA,CAAI,MAAM,oCAAA,EAAsC;AAAA,MAC9C,EAAA,EAAI,CAAC,CAAC,YAAA;AAAA,MACN,UAAU,YAAA,EAAc,QAAA;AAAA,MACxB,UAAA,EAAY,YAAA,EAAc,UAAA,GAAa,OAAA,GAAU,SAAA;AAAA,MACjD,QAAA,EAAU,cAAc,MAAA,EAAQ,QAAA;AAAA,MAChC,WAAA,EAAa,cAAc,MAAA,EAAQ;AAAA,KACpC,CAAA;AACD,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,MAAM,IAAI,cAAA;AAAA,QACR,iCAAA;AAAA,QACA,wCAAA;AAAA,QACA,IAAI,KAAA,CAAM,CAAA,+CAAA,EAAkD,SAAS,CAAA,CAAE;AAAA,OACzE;AAAA,IACF;AAEA,IAAA,YAAA,CAAa,SAAS,CAAA;AACtB,IAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,IAAA,GAAA,CAAI,MAAM,wDAAwD,CAAA;AAClE,IAAA,MAAM,iBAAiB,YAAY,CAAA;AACnC,IAAA,GAAA,CAAI,MAAM,0DAA0D,CAAA;AACpE,IAAA,OAAO,EAAE,WAAW,IAAA,EAAK;AAAA,EAC3B;AACF,CAAA;;;AC/DA,IAAM,YAAA,GAAe,IAAI,YAAA,EAAa;AACtC,IAAM,iBAAA,GAAoB,IAAI,iBAAA,EAAkB;AAChD,IAAM,WAAA,GAAc,IAAI,WAAA,EAAY;AACpC,IAAM,gBAAA,GAAmB,IAAI,gBAAA,EAAiB;AAC9C,IAAM,SAAA,GAAY,IAAI,SAAA,EAAU;AAEzB,SAAS,gBAAgB,KAAA,EAAsC;AACpE,EAAA,QAAQ,KAAA;AAAO,IACb,KAAA,qBAAA;AACE,MAAA,OAAO,YAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,iBAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,WAAA;AAAA,IACT,KAAA,eAAA;AACE,MAAA,OAAO,gBAAA;AAAA,IACT,KAAA,gBAAA;AAAA,IACA,KAAA,cAAA;AAAA,IACA,KAAA,YAAA;AAAA,IACA,KAAA,OAAA;AAAA,IACA;AACE,MAAA,OAAO,SAAA;AAAA;AAEb;;;ACNA,SAAS,mBAAA,GAAsB;AAC7B,EAAA,OAAO,CAAC,MAAA,KAAmB,UAAA,CAAW,aAAA,CAAc,MAAM,CAAC,CAAA;AAC7D;AAEA,eAAsB,YAAA,GAA8B;AAClD,EAAA,MAAM,UAAU,cAAA,EAAe;AAC/B,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAA,CAAO,IAAA;AAAA,MACL;AAAA,KACF;AACA,IAAA;AAAA,EACF;AAEA,EAAA,IAAI,uBAAsB,EAAG;AAC3B,IAAA,MAAA,CAAO,MAAM,wDAAwD,CAAA;AACrE,IAAA;AAAA,EACF;AAEA,EAAA,sBAAA,EAAuB;AAEvB,EAAA,IAAI;AACF,IAAA,YAAA,CAAa,IAAI,CAAA;AAEjB,IAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,WAAA,CAAY,aAAA,EAAc;AAC9C,IAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,IAAA,MAAM,UAAU,oBAAA,EAAqB;AACrC,IAAA,MAAM,aAAA,GAAgB,CAAC,EAAE,KAAA,IAAS,CAAC,OAAA,CAAA;AACnC,IAAA,MAAM,QAAA,GAAW,CAAC,CAAC,KAAA;AACnB,IAAA,MAAM,eAAA,GAAkB,CAAC,CAAC,eAAA,EAAgB;AAE1C,IAAA,MAAM,QAAQ,yBAAA,CAA0B;AAAA,MACtC,GAAA;AAAA,MACA,YAAY,mBAAA,EAAoB;AAAA,MAChC,aAAA,EAAe,oBAAA;AAAA,MACf,aAAA;AAAA,MACA,QAAA;AAAA,MACA,eAAA;AAAA,MACA,cAAA,EAAgB;AAAA,KACjB,CAAA;AAED,IAAA,aAAA,CAAc,cAAA,CAAe,wBAAA,EAA0B,EAAE,KAAA,EAAwB,CAAA;AAEjF,IAAA,MAAM,IAAA,GAAO,gBAAgB,KAAK,CAAA;AAClC,IAAA,MAAM,OAAA,GAAuB,EAAE,OAAA,EAAS,GAAA,EAAK,KAAA,EAAM;AACnD,IAAA,MAAM,IAAA,CAAK,QAAQ,OAAO,CAAA;AAAA,EAC5B,SAAS,KAAA,EAAO;AACd,IAAA,IAAI,KAAA,YAAiB,gBAAgB,MAAM,KAAA;AAC3C,IAAA,MAAM,IAAI,cAAA,EAAe;AACzB,IAAA,CAAC,CAAA,EAAG,MAAA,IAAU,MAAA,EAAQ,KAAA,CAAM,kBAAA,EAAoB;AAAA,MAC9C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,oBAAA,CAAqB,OAAO,sCAAsC;AAAA,KACpE;AAAA,EACF,CAAA,SAAE;AACA,IAAA,wBAAA,EAAyB;AAAA,EAC3B;AACF;;;ACjFA,IAAI,sBAAA,GAA8D,IAAA;AAE3D,SAAS,0BAA0B,EAAA,EAA+C;AACvF,EAAA,sBAAA,GAAyB,EAAA;AAC3B;AAEO,SAAS,yBAAA,GAAiE;AAC/E,EAAA,OAAO,sBAAA;AACT;;;ACLA,eAAe,aAAA,GAA+B;AAC5C,EAAA,MAAM,SAAS,oBAAA,EAAqB;AACpC,EAAA,IAAI,MAAA,EAAQ;AACV,IAAA,MAAM,OAAO,IAAA,EAAK;AAClB,IAAA;AAAA,EACF;AACA,EAAA,MAAM,YAAA,EAAa;AACrB;AAEA,yBAAA,CAA0B,MAAM,eAAe,CAAA;AAE/C,eAAsB,SAAA,GAA2B;AAC/C,EAAA,OAAO,aAAA,EAAc;AACvB;;;AChBA,IAAI,SAAA,GAAY,KAAA;AAChB,IAAI,UAAA,GAAa,CAAA;AAEV,SAAS,eAAA,GAA0B;AACxC,EAAA,SAAA,GAAY,IAAA;AACZ,EAAA,UAAA,IAAc,CAAA;AACd,EAAA,OAAO,UAAA;AACT;AAEO,SAAS,eAAe,WAAA,EAA4B;AACzD,EAAA,IAAI,WAAA,KAAgB,MAAA,IAAa,WAAA,KAAgB,UAAA,EAAY;AAC7D,EAAA,SAAA,GAAY,KAAA;AACd;AAEO,SAAS,oBAAA,GAAgC;AAC9C,EAAA,OAAO,SAAA;AACT;;;AChBO,IAAM,YAAA,GAAe;AAAA,EAC1B,WAAA,EAAa,0BAAA;AAAA,EACb,YAAA,EAAc;AAChB,CAAA;;;ACMA,IAAI,UAAA,GAAa,KAAA;AACjB,IAAI,kBAAA,GAA6B,EAAA;AACjC,IAAI,aAAA,uBAAyC,GAAA,EAAI;AACjD,IAAI,aAAA,GAAuD,IAAA;AAE3D,SAAS,iBAAA,GAA4B;AACnC,EAAA,IAAI;AACF,IAAA,OAAO,SAAS,MAAA,IAAU,EAAA;AAAA,EAC5B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAA;AAAA,EACT;AACF;AAEA,SAAS,cAAA,GAA2B;AAClC,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,OAAO,OAAA,CACJ,GAAA,CAAI,CAAC,MAAA,KAAW;AACf,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,OAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAAA,IACtE,CAAC,CAAA,CACA,MAAA,CAAO,CAAC,IAAA,KAAS,IAAA,CAAK,SAAS,CAAC,CAAA;AAAA,EACrC,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAC;AAAA,EACV;AACF;AAEA,SAAS,YAAA,GAAoC;AAC3C,EAAA,MAAM,SAAA,uBAAgB,GAAA,EAAoB;AAC1C,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,IAAI,QAAQ,CAAA,CAAA,EAAI;AACd,QAAA,MAAM,OAAO,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,EAAE,IAAA,EAAK;AAC7C,QAAA,MAAM,QAAQ,MAAA,CAAO,SAAA,CAAU,KAAA,GAAQ,CAAC,EAAE,IAAA,EAAK;AAC/C,QAAA,IAAI,KAAK,MAAA,GAAS,CAAA,EAAG,SAAA,CAAU,GAAA,CAAI,MAAM,KAAK,CAAA;AAAA,MAChD;AAAA,IACF;AAAA,EACF,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,SAAA;AACT;AAEA,SAAS,mBAAA,GAA+B;AACtC,EAAA,IAAI;AACF,IAAA,MAAM,kBAAkB,iBAAA,EAAkB;AAC1C,IAAA,MAAM,mBAAmB,YAAA,EAAa;AACtC,IAAA,MAAM,iBAAiB,cAAA,EAAe;AAEtC,IAAA,IAAI,kBAAA,IAAsB,CAAC,eAAA,EAAiB;AAC1C,MAAA,MAAA,CAAO,KAAK,8BAA8B,CAAA;AAC1C,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,aAAA,CAAc,OAAO,CAAA,EAAG;AAC1B,MAAA,MAAM,eAAA,GAAkB;AAAA,QACtB,YAAA,CAAa,WAAA;AAAA,QACb,YAAA,CAAa,YAAA;AAAA,QACb,aAAA;AAAA,QACA,0BAAA;AAAA,QACA,2BAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA;AAAA,OACF;AAEA,MAAA,MAAM,qBAA+B,EAAC;AACtC,MAAA,KAAA,MAAW,CAAC,UAAU,CAAA,IAAK,aAAA,EAAe;AACxC,QAAA,MAAM,eAAe,eAAA,CAAgB,IAAA;AAAA,UAAK,CAAC,aACzC,UAAA,CAAW,WAAA,GAAc,QAAA,CAAS,QAAA,CAAS,aAAa;AAAA,SAC1D;AACA,QAAA,IAAI,YAAA,IAAgB,CAAC,gBAAA,CAAiB,GAAA,CAAI,UAAU,CAAA,EAAG;AACrD,UAAA,kBAAA,CAAmB,KAAK,UAAU,CAAA;AAAA,QACpC;AAAA,MACF;AACA,MAAA,IAAI,kBAAA,CAAmB,SAAS,CAAA,EAAG;AACjC,QAAA,MAAA,CAAO,KAAK,+BAAA,EAAiC;AAAA,UAC3C,cAAA,EAAgB,kBAAA;AAAA,UAChB,qBAAqB,aAAA,CAAc,IAAA;AAAA,UACnC,oBAAoB,gBAAA,CAAiB;AAAA,SACtC,CAAA;AACD,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,mBAAA,GACJ,cAAc,GAAA,CAAI,YAAA,CAAa,WAAW,CAAA,IAC1C,aAAA,CAAc,IAAI,0BAA0B,CAAA;AAC9C,MAAA,MAAM,mBAAA,GACJ,iBAAiB,GAAA,CAAI,YAAA,CAAa,WAAW,CAAA,IAC7C,gBAAA,CAAiB,IAAI,0BAA0B,CAAA;AACjD,MAAA,IAAI,mBAAA,IAAuB,CAAC,mBAAA,EAAqB;AAC/C,QAAA,MAAA,CAAO,KAAK,kDAAkD,CAAA;AAC9D,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,oBAAA,GACJ,cAAc,GAAA,CAAI,YAAA,CAAa,YAAY,CAAA,IAC3C,aAAA,CAAc,IAAI,2BAA2B,CAAA;AAC/C,MAAA,MAAM,oBAAA,GACJ,iBAAiB,GAAA,CAAI,YAAA,CAAa,YAAY,CAAA,IAC9C,gBAAA,CAAiB,IAAI,2BAA2B,CAAA;AAClD,MAAA,IAAI,oBAAA,IAAwB,CAAC,oBAAA,EAAsB;AACjD,QAAA,MAAA,CAAO,KAAK,mDAAmD,CAAA;AAC/D,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,IACE,aAAA,CAAc,OAAO,gBAAA,CAAiB,IAAA,IACtC,cAAc,IAAA,GAAO,gBAAA,CAAiB,QAAQ,CAAA,EAC9C;AACA,QAAA,MAAM,iBAA2B,EAAC;AAClC,QAAA,KAAA,MAAW,CAAC,UAAU,CAAA,IAAK,aAAA,EAAe;AACxC,UAAA,IAAI,CAAC,gBAAA,CAAiB,GAAA,CAAI,UAAU,CAAA,EAAG,cAAA,CAAe,KAAK,UAAU,CAAA;AAAA,QACvE;AACA,QAAA,MAAM,0BAA0B,cAAA,CAAe,MAAA;AAAA,UAAO,CAAC,SACrD,eAAA,CAAgB,IAAA;AAAA,YAAK,CAAC,aACpB,IAAA,CAAK,WAAA,GAAc,QAAA,CAAS,QAAA,CAAS,aAAa;AAAA;AACpD,SACF,CAAE,MAAA;AACF,QAAA,IAAI,0BAA0B,CAAA,EAAG;AAC/B,UAAA,MAAA,CAAO,KAAK,6CAAA,EAA+C;AAAA,YACzD,cAAA;AAAA,YACA,gBAAA,EAAkB,uBAAA;AAAA,YAClB,eAAe,aAAA,CAAc,IAAA;AAAA,YAC7B,cAAc,gBAAA,CAAiB;AAAA,WAChC,CAAA;AACD,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAEA,IAAA,kBAAA,GAAqB,eAAA;AACrB,IAAA,aAAA,GAAgB,IAAI,IAAI,gBAAgB,CAAA;AACxC,IAAA,OAAO,KAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,wBAAA,EAA0B;AAAA,MACpC,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,SAAS,oBAAA,GAA6B;AACpC,EAAA,IAAI,sBAAqB,EAAG;AAC1B,IAAA,MAAA,CAAO,MAAM,6EAAwE,CAAA;AACrF,IAAA;AAAA,EACF;AACA,EAAA,IAAI;AACF,IAAA,MAAA,CAAO,KAAK,sEAAsE,CAAA;AAElF,IAAA,gBAAA,EAAiB;AACjB,IAAA,uBAAA,EAAwB;AAExB,IAAA,MAAM,KAAK,yBAAA,EAA0B;AACrC,IAAA,IAAI,EAAA,EAAI;AACN,MAAA,OAAA,CAAQ,QAAQ,EAAA,EAAI,CAAA,CAAE,KAAA,CAAM,CAAC,KAAA,KAAU;AACrC,QAAA,MAAA,CAAO,MAAM,mDAAA,EAAqD;AAAA,UAChE,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,SAC7D,CAAA;AAAA,MACH,CAAC,CAAA;AAAA,IACH;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,gCAAA,EAAkC;AAAA,MAC7C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AACF;AAEO,SAAS,kBAAA,GAA2B;AACzC,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,MAAA,CAAO,MAAM,gCAAgC,CAAA;AAC7C,IAAA;AAAA,EACF;AAEA,EAAA,UAAA,GAAa,IAAA;AACb,EAAA,kBAAA,GAAqB,iBAAA,EAAkB;AACvC,EAAA,aAAA,GAAgB,YAAA,EAAa;AAE7B,EAAA,MAAM,iBAAiB,cAAA,EAAe;AACtC,EAAA,MAAM,cAAc,cAAA,CAAe,MAAA;AAAA,IACjC,CAAC,IAAA,KACC,IAAA,CAAK,aAAY,CAAE,QAAA,CAAS,aAAa,CAAA,IACzC,IAAA,CAAK,WAAA,EAAY,CAAE,SAAS,MAAM,CAAA,IAClC,KAAK,WAAA,EAAY,CAAE,SAAS,OAAO;AAAA,GACvC;AACA,EAAA,MAAA,CAAO,MAAM,wBAAA,EAA0B;AAAA,IACrC,oBAAoB,cAAA,CAAe,MAAA;AAAA,IACnC,iBAAiB,WAAA,CAAY,MAAA;AAAA,IAC7B,WAAA;AAAA,IACA,UAAA,EAAY;AAAA,GACb,CAAA;AAED,EAAA,aAAA,GAAgB,YAAY,YAAY;AACtC,IAAA,IAAI,sBAAqB,EAAG;AAC5B,IAAA,MAAM,iBAAiB,mBAAA,EAAoB;AAC3C,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAA,CAAO,KAAK,4CAA4C,CAAA;AACxD,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,aAAA,CAAc,aAAa,CAAA;AAC3B,QAAA,aAAA,GAAgB,IAAA;AAAA,MAClB;AACA,MAAA,UAAA,GAAa,KAAA;AAEb,MAAA,IAAI;AACF,QAAA,MAAM,oBAAA,EAAqB;AAAA,MAC7B,SAAS,KAAA,EAAO;AACd,QAAA,MAAA,CAAO,MAAM,sDAAA,EAAwD;AAAA,UACnE,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,SAC7D,CAAA;AAAA,MACH,CAAA,SAAE;AACA,QAAA,cAAA,CAAe,MAAM;AACnB,UAAA,IAAI,CAAC,YAAY,kBAAA,EAAmB;AAAA,QACtC,CAAC,CAAA;AAAA,MACH;AAAA,IACF;AAAA,EACF,GAAG,GAAI,CAAA;AAEP,EAAA,MAAA,CAAO,KAAK,yDAAyD,CAAA;AACvE;AAEO,SAAS,iBAAA,GAA0B;AACxC,EAAA,UAAA,GAAa,KAAA;AACb,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,aAAA,CAAc,aAAa,CAAA;AAC3B,IAAA,aAAA,GAAgB,IAAA;AAAA,EAClB;AACA,EAAA,kBAAA,GAAqB,EAAA;AACrB,EAAA,MAAA,CAAO,MAAM,wBAAwB,CAAA;AACvC;AAEO,SAAS,kBAAA,GAA2B;AACzC,EAAA,kBAAA,GAAqB,iBAAA,EAAkB;AACvC,EAAA,aAAA,GAAgB,YAAA,EAAa;AAC7B,EAAA,MAAM,iBAAiB,cAAA,EAAe;AACtC,EAAA,MAAM,cAAc,cAAA,CAAe,MAAA;AAAA,IACjC,CAAC,IAAA,KACC,IAAA,CAAK,aAAY,CAAE,QAAA,CAAS,aAAa,CAAA,IACzC,IAAA,CAAK,WAAA,EAAY,CAAE,SAAS,MAAM,CAAA,IAClC,KAAK,WAAA,EAAY,CAAE,SAAS,OAAO;AAAA,GACvC;AACA,EAAA,MAAA,CAAO,MAAM,sBAAA,EAAwB;AAAA,IACnC,oBAAoB,cAAA,CAAe,MAAA;AAAA,IACnC,iBAAiB,WAAA,CAAY,MAAA;AAAA,IAC7B;AAAA,GACD,CAAA;AACH;;;AC3PA,IAAIM,WAAAA,GAAa,KAAA;AACjB,IAAI,gBAAA,GAAkC,IAAA;AACtC,IAAI,oBAAA,GAA+D,IAAA;AAEnE,SAAS,mBAAA,GAA+B;AACtC,EAAA,IAAI;AACF,IAAA,MAAM,cAAA,GAAiB,MAAA,CAAO,MAAA,CAAO,YAAY,CAAA,CAAE,IAAA;AAAA,MACjD,CAAC,GAAA,KAAgB,UAAA,CAAW,GAAG,CAAA,KAAM;AAAA,KACvC;AACA,IAAA,IAAI,gBAAA,KAAqB,UAAA,IAAc,CAAC,cAAA,EAAgB,OAAO,IAAA;AAC/D,IAAA,gBAAA,GAAmB,iBAAiB,UAAA,GAAa,SAAA;AACjD,IAAA,OAAO,KAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAEA,SAAS,mBAAmB,KAAA,EAA2B;AACrD,EAAA,IAAI,sBAAqB,EAAG;AAC5B,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,KAAA,CAAM,WAAA,KAAgB,OAAO,cAAA,EAAgB;AAChF,IAAA,MAAM,aAAa,mBAAA,EAAoB;AACvC,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,IAAI,sBAAqB,EAAG;AAC5B,MAAA,MAAA,CAAO,KAAK,+DAA+D,CAAA;AAC3E,MAAA,MAAM,KAAK,yBAAA,EAA0B;AACrC,MAAA,IAAI,EAAA,EAAI;AACN,QAAA,OAAA,CAAQ,QAAQ,EAAA,EAAI,CAAA,CAAE,KAAA,CAAM,CAAC,KAAA,KAAU;AACrC,UAAA,MAAA,CAAO,MAAM,gDAAA,EAAkD;AAAA,YAC7D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,WAC7D,CAAA;AAAA,QACH,CAAC,CAAA;AAAA,MACH;AAAA,IACF;AAAA,EACF;AACF;AAEO,SAAS,mBAAA,GAA4B;AAC1C,EAAA,IAAIA,WAAAA,EAAY;AAEhB,EAAAA,WAAAA,GAAa,IAAA;AACb,EAAA,mBAAA,EAAoB;AAEpB,EAAA,oBAAA,GAAuB,kBAAA;AACvB,EAAA,MAAA,CAAO,gBAAA,CAAiB,WAAW,oBAAoB,CAAA;AAEvD,EAAA,MAAM,YAAA,GAAe,YAAY,MAAM;AACrC,IAAA,IAAI,sBAAqB,EAAG;AAC5B,IAAA,MAAM,aAAa,mBAAA,EAAoB;AACvC,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,IAAI,sBAAqB,EAAG;AAC5B,MAAA,MAAA,CAAO,KAAK,yEAAyE,CAAA;AACrF,MAAA,aAAA,CAAc,YAAY,CAAA;AAC1B,MAAA,MAAM,KAAK,yBAAA,EAA0B;AACrC,MAAA,IAAI,EAAA,EAAI;AACN,QAAA,OAAA,CAAQ,QAAQ,EAAA,EAAI,CAAA,CAAE,KAAA,CAAM,CAAC,KAAA,KAAU;AACrC,UAAA,MAAA,CAAO,MAAM,gDAAA,EAAkD;AAAA,YAC7D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,WAC7D,CAAA;AACD,UAAA,IAAI,CAACA,aAAY,mBAAA,EAAoB;AAAA,QACvC,CAAC,CAAA;AAAA,MACH;AAAA,IACF;AAAA,EACF,GAAG,GAAI,CAAA;AAEP,EAAC,OAAkG,sCAAA,GAAyC,YAAA;AAC9I;AAEO,SAAS,kBAAA,GAA2B;AACzC,EAAAA,WAAAA,GAAa,KAAA;AACb,EAAA,IAAI,oBAAA,EAAsB;AACxB,IAAA,MAAA,CAAO,mBAAA,CAAoB,WAAW,oBAAoB,CAAA;AAC1D,IAAA,oBAAA,GAAuB,IAAA;AAAA,EACzB;AACA,EAAA,MAAM,GAAA,GAAM,MAAA;AACZ,EAAA,MAAM,aAAa,GAAA,CAAI,sCAAA;AACvB,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,aAAA,CAAc,UAAU,CAAA;AACxB,IAAA,OAAO,GAAA,CAAI,sCAAA;AAAA,EACb;AACF;;;AC1EO,SAAS,kBAAA,GAA2B;AACzC,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,WAAW,WAAA,EAAa;AAEtE,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,MAAM,QAAA,GAAW,OAAO,QAAA,CAAS,QAAA;AACjC,IAAA,MAAM,YAAY,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA,CAAE,OAAO,OAAO,CAAA;AAEpD,IAAA,MAAM,YAAA,GAAyB,CAAC,QAAQ,CAAA;AACxC,IAAA,IAAI,SAAA,CAAU,SAAS,CAAA,EAAG;AAExB,MAAA,KAAA,IAAS,IAAI,SAAA,CAAU,MAAA,GAAS,CAAA,EAAG,CAAA,IAAK,GAAG,CAAA,EAAA,EAAK;AAC9C,QAAA,MAAM,SAAS,GAAA,GAAM,SAAA,CAAU,MAAM,CAAC,CAAA,CAAE,KAAK,GAAG,CAAA;AAChD,QAAA,IAAI,CAAC,YAAA,CAAa,QAAA,CAAS,MAAM,CAAA,EAAG,YAAA,CAAa,KAAK,MAAM,CAAA;AAAA,MAC9D;AAAA,IACF;AAEA,IAAA,MAAM,UAAA,GAAa,CAAC,GAAA,EAAK,MAAA,CAAO,SAAS,QAAA,IAAY,GAAG,CAAA,CAAE,MAAA,CAAO,OAAO,CAAA;AAExE,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,MAAA,MAAM,IAAA,GAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,KAAA,CAAM,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAEtE,MAAA,IAAI,CAAC,IAAA,EAAM;AAEX,MAAA,KAAA,MAAW,QAAQ,UAAA,EAAY;AAE7B,QAAA,QAAA,CAAS,MAAA,GAAS,CAAA,EAAG,IAAI,CAAA,6CAAA,EAAgD,IAAI,CAAA,CAAA;AAE7E,QAAA,KAAA,MAAW,UAAU,YAAA,EAAc;AACjC,UAAA,QAAA,CAAS,SAAS,CAAA,EAAG,IAAI,CAAA,6CAAA,EAAgD,IAAI,WAAW,MAAM,CAAA,CAAA;AAAA,QAChG;AAAA,MACF;AAAA,IACF;AAEA,IAAA,MAAA,CAAO,MAAM,2CAA2C,CAAA;AAAA,EAC1D,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,gCAAA,EAAkC;AAAA,MAC5C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AACF;;;ACvBA,SAAS,QAAA,CAAS,SAAiB,IAAA,EAAsB;AACvD,EAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,OAAO,CAAA;AAC3B,EAAA,MAAM,iBAAiB,IAAA,CAAK,UAAA,CAAW,GAAG,CAAA,GAAI,IAAA,GAAO,IAAI,IAAI,CAAA,CAAA;AAC7D,EAAA,GAAA,CAAI,WAAW,GAAA,CAAI,QAAA,CAAS,SAAS,GAAG,CAAA,GACpC,GAAG,GAAA,CAAI,QAAQ,GAAG,cAAA,CAAe,KAAA,CAAM,CAAC,CAAC,CAAA,CAAA,GACzC,GAAG,GAAA,CAAI,QAAQ,GAAG,cAAc,CAAA,CAAA;AACpC,EAAA,OAAO,IAAI,QAAA,EAAS;AACtB;AAQA,SAAS,YAAA,GAA8B;AACrC,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAE5C,IAAA,MAAM,IAAA,GAAO,QAAA,CAAS,aAAA,CAA+B,yBAAyB,CAAA;AAC9E,IAAA,IAAI,IAAA,EAAM,OAAA,EAAS,OAAO,IAAA,CAAK,OAAA;AAE/B,IAAA,MAAM,KAAA,GAAQ,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,+BAA+B,CAAA;AACnE,IAAA,IAAI,KAAA,EAAO,OAAO,kBAAA,CAAmB,KAAA,CAAM,CAAC,CAAC,CAAA;AAE7C,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAKA,eAAe,iBAAiB,SAAA,EAG7B;AACD,EAAA,MAAM,YAAY,YAAA,EAAa;AAE/B,EAAA,MAAM,OAAA,GAAkC;AAAA,IACtC,kBAAA,EAAoB,gBAAA;AAAA,IACpB,MAAA,EAAQ,uBAAA;AAAA,IACR,cAAA,EAAgB;AAAA,GAClB;AAEA,EAAA,IAAI,SAAA,EAAW;AACb,IAAA,OAAA,CAAQ,cAAc,CAAA,GAAI,SAAA;AAAA,EAC5B;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,EAAW;AAAA,MACtC,MAAA,EAAQ,MAAA;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,OAAA;AAAA,MACA,WAAA,EAAa,SAAA;AAAA,MACb,IAAA,EAAM;AAAA,KACP,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAA,CAAO,KAAK,mCAAA,EAAqC;AAAA,QAC/C,QAAQ,QAAA,CAAS,MAAA;AAAA,QACjB,YAAY,QAAA,CAAS;AAAA,OACtB,CAAA;AACD,MAAA,OAAO,EAAE,SAAS,KAAA,EAAM;AAAA,IAC1B;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA,IAAK,EAAA;AAC5D,IAAA,IAAI,CAAC,WAAA,CAAY,QAAA,CAAS,kBAAkB,CAAA,EAAG;AAC7C,MAAA,MAAA,CAAO,KAAK,8CAAA,EAAgD;AAAA,QAC1D,QAAQ,QAAA,CAAS;AAAA,OAClB,CAAA;AACD,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,UAAU,EAAE,OAAA,EAAS,MAAK,EAAE;AAAA,IACtD;AAEA,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,IAAI,OAAuB,EAAC;AAC5B,IAAA,IAAI,IAAA,EAAM,MAAK,EAAG;AAChB,MAAA,IAAI;AACF,QAAA,IAAA,GAAO,IAAA,CAAK,MAAM,IAAI,CAAA;AAAA,MACxB,CAAA,CAAA,MAAQ;AACN,QAAA,MAAA,CAAO,KAAK,+DAA+D,CAAA;AAC3E,QAAA,OAAO,EAAE,SAAS,KAAA,EAAM;AAAA,MAC1B;AAAA,IACF;AACA,IAAA,MAAA,CAAO,IAAA,CAAK,iCAAA,EAAmC,EAAE,QAAA,EAAU,MAAM,CAAA;AAEjE,IAAA,IAAI,SAAS,IAAA,CAAK,OAAA,KAAY,IAAA,IAAQ,IAAA,CAAK,WAAW,IAAA,CAAA,EAAO;AAC3D,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,QAAA,EAAU,IAAA,EAAK;AAAA,IACzC;AAEA,IAAA,IAAI,CAAC,IAAA,IAAQ,IAAA,CAAK,IAAA,OAAW,EAAA,EAAI;AAC/B,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,UAAU,EAAE,OAAA,EAAS,MAAK,EAAE;AAAA,IACtD;AAEA,IAAA,MAAA,CAAO,IAAA,CAAK,iDAAA,EAAmD,EAAE,QAAA,EAAU,MAAM,CAAA;AACjF,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,IAAA,EAAK;AAAA,EAC1C,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,uCAAA,EAAyC;AAAA,MACnD,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AACD,IAAA,OAAO,EAAE,SAAS,KAAA,EAAM;AAAA,EAC1B;AACF;AAEA,SAAS,yBAAA,GAAkC;AACzC,EAAA,MAAA,CAAO,MAAM,gDAAgD,CAAA;AAE7D,EAAA,IAAI;AACF,IAAA,cAAA,EAAe,EAAG,cAAc,YAAA,EAAa;AAAA,EAC/C,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,kDAAA,EAAoD;AAAA,MAC/D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,kBAAA,EAAmB;AAEnB,EAAA,IAAI;AACF,IAAA,gBAAA,EAAiB;AAAA,EACnB,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,kCAAA,EAAoC;AAAA,MAC9C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,MAAA,CAAO,KAAK,kCAAkC,CAAA;AAChD;AAEA,SAAS,iBAAA,GAA6B;AACpC,EAAA,MAAM,QAAA,GAAW,cAAc,aAAa,CAAA;AAC5C,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,MAAM,YAAA,GAAe,WAAW,QAAQ,CAAA;AAExC,EAAA,IAAI,YAAA,EAAc;AAChB,IAAA,MAAM,QAAA,GAAW,OAAO,YAAY,CAAA;AACpC,IAAA,IAAI,CAAC,MAAA,CAAO,KAAA,CAAM,QAAQ,CAAA,IAAK,GAAA,GAAM,WAAW,GAAA,EAAM;AACpD,MAAA,MAAA,CAAO,MAAM,0DAAA,EAAuD;AAAA,QAClE,GAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,UAAA,CAAW,QAAA,EAAU,MAAA,CAAO,GAAG,CAAC,CAAA;AAChC,EAAA,OAAO,IAAA;AACT;AAEA,SAAS,iBAAA,GAA0B;AACjC,EAAA,IAAI;AACF,IAAA,aAAA,CAAc,aAAA,CAAc,aAAa,CAAC,CAAA;AAAA,EAC5C,CAAA,CAAA,MAAQ;AAAA,EAER;AACF;AAQA,IAAI,cAAA,GAA+C,IAAA;AAEnD,eAAe,kBAAkB,SAAA,EAA2C;AAC1E,EAAA,MAAM,MAAM,eAAA,EAAgB;AAC5B,EAAA,MAAA,CAAO,IAAA,CAAK,sCAAA,EAAwC,EAAE,UAAA,EAAY,KAAK,CAAA;AAEvE,EAAA,kBAAA,EAAmB;AACnB,EAAA,iBAAA,EAAkB;AAElB,EAAA,IAAI,CAAC,mBAAkB,EAAG;AACxB,IAAA,cAAA,CAAe,GAAG,CAAA;AAClB,IAAA,MAAA,CAAO,MAAM,kDAA6C,CAAA;AAC1D,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,OAAA,EAAS,4CAAA,EAA6C;AAAA,EAChF;AAEA,EAAA,IAAI,mBAAA,GAAsB,KAAA;AAC1B,EAAA,IAAI,cAAA;AAEJ,EAAA,IAAI;AACF,IAAA,IAAI,SAAA,EAAW,MAAK,EAAG;AACrB,MAAA,wBAAA,CAAyB,UAAU,IAAA,EAAK,EAAG,EAAE,gBAAA,EAAkB,MAAM,CAAA;AACrE,MAAA,MAAA,CAAO,KAAK,oDAAA,EAAsD;AAAA,QAChE,SAAA,EAAW,UAAU,IAAA;AAAK,OAC3B,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,aAAaN,cAAAA,EAAc;AACjC,IAAA,MAAM,iBAAiB,UAAA,CAAW,aAAA;AAElC,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,SAAA,GAAY,QAAA,CAAS,cAAA,EAAgB,gBAAgB,CAAA;AAC3D,MAAA,MAAA,CAAO,IAAA,CAAK,4CAAA,EAA8C,EAAE,SAAA,EAAW,CAAA;AAEvE,MAAA,MAAM,YAAA,GAAe,MAAM,gBAAA,CAAiB,SAAS,CAAA;AACrD,MAAA,mBAAA,GAAsB,YAAA,CAAa,OAAA;AACnC,MAAA,cAAA,GAAiB,YAAA,CAAa,QAAA;AAE9B,MAAA,IAAI,CAAC,mBAAA,EAAqB;AACxB,QAAA,MAAA,CAAO,KAAK,qFAAA,EAAkF;AAAA,UAC5F,SAAA;AAAA,UACA;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,KAAK,yDAAoD,CAAA;AAAA,IAClE;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,gDAAA,EAAkD;AAAA,MAC7D,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,IAAI;AACF,IAAA,yBAAA,EAA0B;AAAA,EAC5B,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,MAAM,8BAAA,EAAgC;AAAA,MAC3C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,IAAI;AACF,IAAA,6BAAA,EAA8B;AAC9B,IAAA,MAAA,CAAO,MAAM,gFAAgF,CAAA;AAAA,EAC/F,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,2CAAA,EAA6C;AAAA,MACvD,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,IAAI;AACF,IAAA,kBAAA,EAAmB;AACnB,IAAA,mBAAA,EAAoB;AACpB,IAAA,MAAA,CAAO,KAAK,6BAA6B,CAAA;AAAA,EAC3C,SAAS,KAAA,EAAO;AACd,IAAA,MAAA,CAAO,KAAK,iCAAA,EAAmC;AAAA,MAC7C,OAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KAC7D,CAAA;AAAA,EACH;AAEA,EAAA,iBAAA,EAAkB;AAClB,EAAA,cAAA,CAAe,GAAG,CAAA;AAClB,EAAA,MAAA,CAAO,IAAA,CAAK,8BAAA,EAAgC,EAAE,mBAAA,EAAqB,CAAA;AAEnE,EAAA,aAAA,CAAc,eAAe,gBAAA,EAAkB;AAAA,IAC7C,mBAAA;AAAA,IACA,WAAW,SAAA,EAAW,IAAA,EAAK,IAAKA,cAAAA,GAAgB,UAAA,IAAc,MAAA;AAAA,IAC9D,OAAA,EAAS,sBAAsB,uBAAA,GAA0B;AAAA,GAC1D,CAAA;AAED,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,IAAA;AAAA,IACT,OAAA,EAAS,mBAAA,GACL,cAAA,EAAgB,OAAA,IAAW,0CAAA,GAC3B,2EAAA;AAAA,IACJ;AAAA,GACF;AACF;AAKA,eAAsB,OAAO,SAAA,EAA2C;AACtE,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,MAAA,CAAO,MAAM,2CAA2C,CAAA;AACxD,IAAA,OAAO,cAAA;AAAA,EACT;AAEA,EAAA,cAAA,GAAiB,iBAAA,CAAkB,SAAS,CAAA,CAAE,OAAA,CAAQ,MAAM;AAC1D,IAAA,cAAA,GAAiB,IAAA;AAAA,EACnB,CAAC,CAAA;AAED,EAAA,OAAO,cAAA;AACT;ACjTO,IAAM,WAAA,GAAc,cAA4C,MAAS,CAAA;AAEzE,SAAS,cAAA,GAAmC;AACjD,EAAA,MAAM,OAAA,GAAU,WAAW,WAAW,CAAA;AACtC,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAI,MAAM,iDAAiD,CAAA;AAAA,EACnE;AACA,EAAA,OAAO,OAAA;AACT;;;ACFA,IAAM,eAAA,uBAAsB,GAAA,EAA0C;AACtE,IAAMO,kBAAiB,eAAA,CAAgB,MAAA;AAEvC,SAAS,wBAAA,GAAmC;AAC1C,EAAA,IAAI,IAAA,GAAO,OAAO,aAAA,EAAc;AAChC,EAAA,IAAI,OAAO,WAAW,WAAA,KAAgB,CAAC,QAAQ,IAAA,CAAK,UAAA,CAAW,GAAG,CAAA,CAAA,EAAI;AACpE,IAAA,IAAA,GAAO,MAAA,CAAO,QAAA,CAAS,MAAA,IAAU,IAAA,IAAQ,EAAA,CAAA;AAAA,EAC3C;AACA,EAAA,OAAO,IAAA;AACT;AAEA,IAAM,kBAAA,GAAqB,SAAA;AAE3B,SAAS,mBAAmB,UAAA,EAA4B;AACtD,EAAA,MAAM,6BAA6B,wBAAA,EAAyB;AAC5D,EAAA,MAAM,QAAQ,0BAAA,IAA8B,EAAA,EAAI,OAAA,CAAQ,oBAAA,EAAsB,EAAE,CAAA,IAAK,0BAAA;AACrF,EAAA,OAAO,CAAA,EAAG,IAAI,CAAA,sCAAA,EAAyC,kBAAA,CAAmB,UAAU,CAAC,CAAA,CAAA;AACvF;AAsBA,eAAsB,cAAc,SAAA,EAAiD;AACnF,EAAA,IAAI,CAAC,SAAA,IAAa,SAAA,CAAU,IAAA,OAAW,EAAA,EAAI;AACzC,IAAA,MAAA,CAAO,MAAM,kDAAkD,CAAA;AAC/D,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,UAAA,GAAa,UAAU,IAAA,EAAK;AAClC,EAAA,MAAM,UAAA,GAAa,iBAAiB,UAAU,CAAA,CAAA;AAC9C,EAAA,IAAI,eAAA,CAAgB,GAAA,CAAI,UAAU,CAAA,EAAG;AACnC,IAAA,MAAA,CAAO,KAAA,CAAM,sCAAA,EAAwC,EAAE,UAAA,EAAY,CAAA;AACnE,IAAA,OAAO,eAAA,CAAgB,IAAI,UAAU,CAAA;AAAA,EACvC;AAEA,EAAA,MAAA,CAAO,IAAA,CAAK,4BAAA,EAA8B,EAAE,UAAA,EAAY,CAAA;AAExD,EAAA,MAAM,kBAAkB,YAA0C;AAChE,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAM,mBAAmB,UAAU,CAAA;AACzC,MAAA,MAAA,CAAO,KAAA,CAAM,oBAAA,EAAsB,EAAE,GAAA,EAAK,CAAA;AAE1C,MAAA,IAAI,IAAA;AACJ,MAAA,IAAI;AACF,QAAA,MAAM,WAAW,MAAM,KAAA,CAAM,KAAK,EAAE,MAAA,EAAQ,OAAO,CAAA;AACnD,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI,MAAM,IAAI,KAAA,CAAM,CAAA,KAAA,EAAQ,QAAA,CAAS,MAAM,CAAA,CAAE,CAAA;AAC3D,QAAA,IAAA,GAAQ,MAAM,SAAS,IAAA,EAAK;AAC5B,QAAA,MAAA,CAAO,KAAA,CAAM,uBAAA,EAAyB,EAAE,UAAA,EAAY,CAAA;AAAA,MACtD,SAAS,KAAA,EAAO;AACd,QAAA,MAAA,CAAO,IAAA,CAAK,iBAAA,EAAmB,EAAE,UAAA,EAAY,OAAO,CAAA;AACpD,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,IAAA,KAAS,UAAU,OAAO,IAAA;AAE9C,MAAA,MAAM,GAAA,GAAM,IAAA;AACZ,MAAA,IAAI,CAAC,GAAA,CAAI,OAAA,IAAW,CAAC,GAAA,CAAI,MAAM,OAAO,IAAA;AAEtC,MAAA,MAAM,SAAS,GAAA,CAAI,IAAA;AACnB,MAAA,IAAI,CAAC,MAAA,CAAO,EAAA,IAAM,CAAC,MAAA,CAAO,YAAY,OAAO,IAAA;AAE7C,MAAA,MAAM,UAAA,GAAa,OAAO,gBAAA,EAAiB;AAC3C,MAAA,MAAM,WAAA,GAAc,OAAO,cAAA,EAAe;AAC1C,MAAA,IAAI,CAAC,UAAA,IAAc,CAAC,WAAA,EAAa;AAC/B,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,UAAA,CAAW,UAAA,CAAW,kBAAkB,CAAA,GACxE,MAAA,CAAO,UAAA,GACP,CAAA,EAAG,kBAAkB,CAAA,EAAG,MAAA,CAAO,UAAU,CAAA,CAAA;AAG7C,MAAA,MAAM,MAAA,GAAuB;AAAA,QAC3B,UAAU,MAAA,CAAO,EAAA;AAAA,QACjB,UAAA;AAAA,QACA,SAAA,EAAW,UAAA;AAAA,QACX,MAAA,EAAQ;AAAA,UACN,UAAU,MAAA,CAAO,UAAA;AAAA,UACjB,UAAA,EAAY,oBAAA;AAAA,UACZ,WAAA;AAAA,UACA,MAAA,EAAQA;AAAA;AACV,OACF;AACA,MAAA,MAAA,CAAO,KAAA,CAAM,wBAAA,EAA0B,EAAE,UAAA,EAAY,CAAA;AACrD,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAA,CAAO,IAAA,CAAK,mCAAA,EAAqC,EAAE,UAAA,EAAY,OAAO,CAAA;AACtE,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,SAAE;AACA,MAAA,eAAA,CAAgB,OAAO,UAAU,CAAA;AAAA,IACnC;AAAA,EACF,CAAA,GAAG;AAEH,EAAA,eAAA,CAAgB,GAAA,CAAI,YAAY,cAAc,CAAA;AAC9C,EAAA,OAAO,cAAA;AACT;;;AChHO,SAAS,mBAAA,GAA8B;AAC5C,EAAA,OAAO;AAAA,IACL,IAAA,CAAK,SAAiB,IAAA,EAAgC;AACpD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,IAAA,CAAK,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACtE,CAAA;AAAA,IACA,IAAA,CAAK,SAAiB,IAAA,EAAgC;AACpD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,IAAA,CAAK,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACtE,CAAA;AAAA,IACA,KAAA,CAAM,SAAiB,IAAA,EAAgC;AACrD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,KAAA,CAAM,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACvE,CAAA;AAAA,IACA,KAAA,CAAM,SAAiB,IAAA,EAAgC;AACrD,MAAA,IAAI,OAAO,OAAA,KAAY,WAAA,UAAqB,KAAA,CAAM,OAAA,EAAS,QAAQ,EAAE,CAAA;AAAA,IACvE;AAAA,GACF;AACF;AAEO,SAAS,wBAAA,GAAwC;AACtD,EAAA,OAAO;AAAA,IACL,aAAA,GAA4B;AAC1B,MAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,QAAA,OAAO,EAAE,IAAA,EAAM,EAAA,EAAI,MAAA,EAAQ,EAAA,EAAI,UAAU,GAAA,EAAK,MAAA,EAAQ,EAAA,EAAI,QAAA,EAAU,EAAA,EAAG;AAAA,MACzE;AACA,MAAA,MAAM,CAAA,GAAI,MAAA;AACV,MAAA,MAAM,MAAM,CAAA,CAAE,QAAA;AACd,MAAA,OAAO;AAAA,QACL,MAAM,GAAA,CAAI,IAAA;AAAA,QACV,QAAQ,GAAA,CAAI,MAAA;AAAA,QACZ,UAAU,GAAA,CAAI,QAAA;AAAA,QACd,QAAQ,GAAA,CAAI,MAAA;AAAA,QACZ,UAAU,GAAA,CAAI;AAAA,OAChB;AAAA,IACF,CAAA;AAAA,IACA,SAAS,GAAA,EAAmB;AAC1B,MAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,MAAA,CAAO,QAAA,CAAS,QAAQ,GAAG,CAAA;AAAA,IAChE,CAAA;AAAA,IACA,aAAa,GAAA,EAAmB;AAC9B,MAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,MAAA,IAAI;AACF,QAAA,MAAM,KAAA,GAAQ,OAAO,QAAA,KAAa,WAAA,GAAc,SAAS,KAAA,GAAQ,EAAA;AACjE,QAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,OAAO,GAAG,CAAA;AAAA,MAC5C,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,GACF;AACF;AAGO,SAAS,oBAAA,GAAuC;AACrD,EAAA,OAAO;AAAA,IACL,aAAA,EAAe,MAAM,MAAA,CAAO,aAAA,EAAc;AAAA,IAC1C,gBAAA,EAAkB,MAAM,MAAA,CAAO,gBAAA,EAAiB;AAAA,IAChD,cAAA,EAAgB,MAAM,MAAA,CAAO,cAAA,EAAe;AAAA,IAC5C,aAAA,EAAe,MAAM,MAAA,CAAO,aAAA;AAAc,GAE5C;AACF;AAEO,SAAS,oBAAA,GAAuC;AACrD,EAAA,OAAO,EAAE,OAAA,EAAS,CAAC,SAAA,KAAsB,aAAA,CAAc,SAAS,CAAA,EAAE;AACpE;AAEO,SAAS,0BAAA,GAA4C;AAC1D,EAAA,OAAO;AAAA,IACL,YAAA,GAAqB;AACnB,MAAA,IAAI,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,WAAW,WAAA,EAAa;AACtE,MAAA,IAAI;AACF,QAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,QAAA,OAAA,CAAQ,OAAA,CAAQ,CAAC,MAAA,KAAW;AAC1B,UAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA;AAChC,UAAA,MAAM,IAAA,GAAO,KAAA,GAAQ,CAAA,CAAA,GAAK,MAAA,CAAO,SAAA,CAAU,CAAA,EAAG,KAAK,CAAA,CAAE,IAAA,EAAK,GAAI,MAAA,CAAO,IAAA,EAAK;AAC1E,UAAA,QAAA,CAAS,MAAA,GAAS,GAAG,IAAI,CAAA,8CAAA,CAAA;AACzB,UAAA,MAAM,MAAA,GAAS,OAAO,QAAA,CAAS,QAAA;AAC/B,UAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AAC9B,UAAA,IAAI,KAAA,CAAM,SAAS,CAAA,EAAG;AACpB,YAAA,MAAM,eAAe,GAAA,GAAM,KAAA,CAAM,MAAM,CAAA,CAAE,CAAA,CAAE,KAAK,GAAG,CAAA;AACnD,YAAA,QAAA,CAAS,MAAA,GAAS,CAAA,EAAG,IAAI,CAAA,sDAAA,EAAyD,YAAY,CAAA,CAAA;AAAA,UAChG;AAAA,QACF,CAAC,CAAA;AAAA,MACH,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,GACF;AACF;;;AClFO,SAAS,wBAAA,GAAyC;AACvD,EAAA,OAAO;AAAA,IACL,MAAM,SAAS,YAAA,EAA2C;AACxD,MAAA,iBAAA,CAAkB,YAAY,CAAA;AAC9B,MAAA,MAAM,iBAAiB,YAAY,CAAA;AAAA,IACrC,CAAA;AAAA,IAEA,MAAM,cAAA,GAAmC;AACvC,MAAA,OAAO,cAAA,EAAe;AAAA,IACxB,CAAA;AAAA,IAEA,MAAM,OAAA,GAA2B;AAC/B,MAAA,OAAO,kBAAA,EAAmB;AAAA,IAC5B,CAAA;AAAA,IAEA,MAAM,OAAO,OAAA,EAAiD;AAC5D,MAAA,MAAM,MAAA,CAAc,SAAS,SAAS,CAAA;AAAA,IACxC;AAAA,GACF;AACF;;;ACzBO,SAAS,cAAA,GAGd;AACA,EAAA,MAAMC,UAAAA,uBAAgB,GAAA,EAAuB;AAE7C,EAAA,OAAO;AAAA,IACL,UAAU,QAAA,EAAyC;AACjD,MAAAA,UAAAA,CAAU,IAAI,QAAQ,CAAA;AACtB,MAAA,OAAO,MAAMA,UAAAA,CAAU,MAAA,CAAO,QAAQ,CAAA;AAAA,IACxC,CAAA;AAAA,IACA,KAAK,KAAA,EAA8B;AACjC,MAAAA,UAAAA,CAAU,OAAA,CAAQ,CAAC,EAAA,KAAO;AACxB,QAAA,IAAI;AACF,UAAA,EAAA,CAAG,KAAK,CAAA;AAAA,QACV,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF,CAAC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACXA,SAAS,WAAA,CAAY,GAAoB,CAAA,EAA6B;AACpE,EAAA,OACE,CAAA,CAAE,MAAA,KAAW,CAAA,CAAE,MAAA,IACf,EAAE,WAAA,KAAgB,CAAA,CAAE,WAAA,IACpB,CAAA,CAAE,SAAA,KAAc,CAAA,CAAE,SAAA,IAClB,CAAA,CAAE,UAAU,CAAA,CAAE,KAAA;AAElB;AAEA,SAAS,YAAY,MAAA,EAA2C;AAC9D,EAAA,cAAA,CAAe,MAAM,CAAA;AACrB,EAAA,MAAM,cAAc,cAAA,EAAe;AACnC,EAAA,MAAM,YAAY,YAAA,EAAa;AAC/B,EAAA,MAAM,UAAU,oBAAA,EAAqB;AAErC,EAAA,IAAI,WAAA,IAAe,CAAC,OAAA,EAAS;AAC3B,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,eAAA;AAAA,MACR,WAAA;AAAA,MACA,SAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AACA,EAAA,IAAI,eAAe,OAAA,EAAS;AAC1B,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,OAAA;AAAA,MACR,WAAA;AAAA,MACA,SAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACT;AAAA,EACF;AACA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ,iBAAA;AAAA,IACR,WAAA,EAAa,IAAA;AAAA,IACb,SAAA,EAAW,IAAA;AAAA,IACX,KAAA,EAAO;AAAA,GACT;AACF;AAEO,SAAS,iBAAiB,MAAA,EAAsC;AACrE,EAAA,MAAM,eAAe,MAAA,CAAO,MAAA,CAAO,EAAE,GAAG,QAAQ,CAAA;AAChD,EAAA,MAAM,MAAM,cAAA,EAAe;AAC3B,EAAA,IAAI,gBAAA,GAA2C,IAAA;AAC/C,EAAA,MAAM,QAAA,GAAW,YAAA,CAAa,QAAA,IAAY,wBAAA,EAAyB;AAEnE,EAAA,MAAM,YAAY,MAAY;AAC5B,IAAA,MAAM,IAAA,GAAO,YAAY,YAAY,CAAA;AACrC,IAAA,IAAI,gBAAA,KAAqB,IAAA,IAAQ,WAAA,CAAY,gBAAA,EAAkB,IAAI,CAAA,EAAG;AACtE,IAAA,gBAAA,GAAmB,IAAA;AACnB,IAAA,GAAA,CAAI,KAAK,IAAI,CAAA;AAAA,EACf,CAAA;AAEA,EAAA,OAAO;AAAA,IACL,MAAM,IAAA,GAAsB;AAC1B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gCAAgC,CAAA;AAC1D,MAAA,MAAM,YAAA,EAAa;AACnB,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,KAAA,GAAuB;AAC3B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gDAAgD,CAAA;AAC1E,MAAA,MAAM,YAAA,EAAa;AACnB,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,OAAO,OAAA,EAAiD;AAC5D,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,eAAe,CAAA;AACzC,MAAA,MAAM,QAAA,CAAS,OAAO,OAAO,CAAA;AAC7B,MAAA,SAAA,EAAU;AAAA,IACZ,CAAA;AAAA,IAEA,MAAM,OAAA,GAA2B;AAC/B,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,gBAAgB,CAAA;AAC1C,MAAA,IAAI;AACF,QAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,OAAA,EAAQ;AACrC,QAAA,SAAA,EAAU;AACV,QAAA,OAAO,KAAA;AAAA,MACT,SAAS,CAAA,EAAG;AACV,QAAA,SAAA,EAAU;AACV,QAAA,MAAM,CAAA;AAAA,MACR;AAAA,IACF,CAAA;AAAA,IAEA,MAAM,cAAA,GAAkC;AACtC,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,OAAO,sBAAA,EAAuB;AAAA,IAChC,CAAA;AAAA,IAEA,MAAM,cAAA,GAAmC;AACvC,MAAA,cAAA,CAAe,YAAY,CAAA;AAC3B,MAAA,YAAA,CAAa,MAAA,CAAO,MAAM,uBAAuB,CAAA;AACjD,MAAA,MAAM,OAAA,GAAU,MAAM,QAAA,CAAS,cAAA,EAAe;AAC9C,MAAA,SAAA,EAAU;AACV,MAAA,OAAO,OAAA;AAAA,IACT,CAAA;AAAA,IAEA,UAAU,QAAA,EAAU;AAClB,MAAA,OAAO,GAAA,CAAI,UAAU,QAAQ,CAAA;AAAA,IAC/B,CAAA;AAAA,IAEA,QAAA,GAA4B;AAC1B,MAAA,OAAO,YAAY,YAAY,CAAA;AAAA,IACjC;AAAA,GACF;AACF;ACpDO,SAAS,YAAA,CAAa;AAAA,EAC3B,QAAA;AAAA,EACA,QAAA,GAAW,IAAA;AAAA,EACX,MAAA;AAAA,EACA,UAAA;AAAA,EACA,UAAA;AAAA,EACA,aAAA;AAAA,EACA,WAAA;AAAA,EACA,KAAA,GAAQ,EAAA;AAAA,EACR;AACF,CAAA,EAAyC;AACvC,EAAA,MAAM,gBAAA,GAAmB,cAAc,MAAA,EAAQ,UAAA;AAC/C,EAAA,MAAM,gBAAA,GAAmB,cAAc,MAAA,EAAQ,UAAA;AAC/C,EAAA,MAAM,mBAAA,GAAsB,iBAAiB,MAAA,EAAQ,aAAA;AACrD,EAAA,MAAM,iBAAA,GAAoB,eAAe,MAAA,EAAQ,WAAA;AACjD,EAAA,MAAM,iBAAA,GAAoB,gBAAA,IAAoB,MAAA,CAAO,aAAA,EAAc;AACnE,EAAA,MAAM,SAAA,GAAY,OAAA;AAAA,IAChB,OAAO,EAAE,QAAA,EAAU,qBAAqB,EAAA,EAAI,KAAA,EAAO,SAAS,EAAA,EAAG,CAAA;AAAA,IAC/D,CAAC,mBAAmB,KAAK;AAAA,GAC3B;AACA,EAAA,MAAM,UAAA,GAAa,OAAO,KAAK,CAAA;AAC/B,EAAA,MAAM,SAAA,GAAY,OAA0B,IAAI,CAAA;AAEhD,EAAA,eAAA,CAAgB,MAAM;AACpB,IAAA,MAAA,CAAO,MAAM,kCAAA,EAAoC;AAAA,MAC/C,YAAY,gBAAA,IAAoB,gBAAA;AAAA,MAChC,UAAA,EAAY,mBAAmB,gBAAA,GAAmB,SAAA;AAAA,MAClD,aAAA,EAAe,sBAAsB,mBAAA,GAAsB,SAAA;AAAA,MAC3D,WAAA,EAAa,oBAAoB,iBAAA,GAAoB;AAAA,KACtD,CAAA;AACD,IAAA,IAAI,CAAC,mBAAA,IAAuB,CAAC,mBAAA,CAAoB,MAAK,EAAG;AACvD,MAAA,MAAA,CAAO,KAAK,sDAAsD,CAAA;AAAA,IACpE;AACA,IAAA,IAAI,CAAC,iBAAA,IAAqB,CAAC,iBAAA,CAAkB,MAAK,EAAG;AACnD,MAAA,MAAA,CAAO,KAAK,oDAAoD,CAAA;AAAA,IAClE;AACA,IAAA,SAAA,CAAa;AAAA,MACX,GAAI,mBAAmB,EAAE,UAAA,EAAY,kBAAkB,SAAA,EAAW,gBAAA,KAAqB,EAAC;AAAA,MACxF,GAAI,gBAAA,GAAmB,EAAE,UAAA,EAAY,gBAAA,KAAqB,EAAC;AAAA,MAC3D,GAAI,mBAAA,GAAsB,EAAE,aAAA,EAAe,mBAAA,KAAwB,EAAC;AAAA,MACpE,GAAI,iBAAA,GAAoB,EAAE,WAAA,EAAa,iBAAA,KAAsB;AAAC,KAC/D,CAAA;AACD,IAAA,wBAAA,CAAyB,iCAAiC,CAAA;AAC1D,IAAA,OAAO,MAAM;AACX,MAAA,oBAAA,EAAqB;AAAA,IACvB,CAAA;AAAA,EACF,GAAG,CAAC,gBAAA,EAAkB,gBAAA,EAAkB,mBAAA,EAAqB,iBAAiB,CAAC,CAAA;AAG/E,EAAA,SAAA,CAAU,MAAM;AACd,IAAA,IAAI;AACF,MAAA,oBAAA,CAAqB;AAAA,QACnB,YAAY,gBAAA,IAAoB,EAAA;AAAA,QAChC,WAAW,gBAAA,IAAoB,EAAA;AAAA,QAC/B,OAAO,KAAA,IAAS,EAAA;AAAA,QAChB,YAAY,gBAAA,IAAoB,EAAA;AAAA,QAChC,eAAe,mBAAA,IAAuB,EAAA;AAAA,QACtC,aAAa,iBAAA,IAAqB;AAAA,OACnC,CAAA;AAAA,IACH,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF,GAAG,CAAC,gBAAA,EAAkB,kBAAkB,mBAAA,EAAqB,iBAAA,EAAmB,KAAK,CAAC,CAAA;AAEtF,EAAA,eAAA,CAAgB,MAAM;AACpB,IAAA,mBAAA,CAAoB,qBAAqB,EAAE,CAAA;AAC3C,IAAA,MAAM,UACJ,cAAA,KAAmB,MAAA,IAAa,mBAAmB,IAAA,GAC/C,cAAA,GACA,kCAAkC,SAAS,CAAA;AACjD,IAAA,iBAAA,CAAkB,SAAS,SAAS,CAAA;AACpC,IAAA,MAAM,OAAA,GAAU;AAAA,MACd,cAAA,EAAgB,OAAA;AAAA,MAChB,gBAAA,EAAkB,SAAA;AAAA,MAClB,QAAQ,mBAAA,EAAoB;AAAA,MAC5B,aAAa,wBAAA,EAAyB;AAAA,MACtC,gBAAgB,oBAAA,EAAqB;AAAA,MACrC,gBAAgB,oBAAA,EAAqB;AAAA,MACrC,cAAc,0BAAA;AAA2B,KAC3C;AACA,IAAA,cAAA,CAAe,OAAO,CAAA;AACtB,IAAA,SAAA,CAAU,OAAA,GAAU,iBAAiB,OAAO,CAAA;AAC5C,IAAA,oBAAA,CAAqB,UAAU,OAAO,CAAA;AACtC,IAAA,OAAO,MAAM;AACX,MAAA,oBAAA,CAAqB,IAAI,CAAA;AACzB,MAAA,SAAA,CAAU,OAAA,GAAU,IAAA;AACpB,MAAA,cAAA,CAAe,IAAI,CAAA;AACnB,MAAA,iBAAA,CAAkB,MAAM,EAAE,QAAA,EAAU,EAAA,EAAI,KAAA,EAAO,IAAI,CAAA;AACnD,MAAA,mBAAA,CAAoB,EAAE,CAAA;AAAA,IACxB,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,iBAAA,EAAmB,KAAA,EAAO,cAAc,CAAC,CAAA;AAG7C,EAAA,SAAA,CAAU,MAAM;AACd,IAAA,MAAMC,kBAAAA,GAAoB,gBAAA,IAAoB,MAAA,CAAO,aAAA,EAAc;AAEnE,IAAA,MAAA,CAAO,MAAM,oCAAA,EAAsC;AAAA,MACjD,YAAY,gBAAA,IAAoB,gBAAA;AAAA,MAChC,OAAO,KAAA,IAAS,EAAA;AAAA,MAChB,iBAAA,EAAAA;AAAA,KACD,CAAA;AAED,IAAA,IAAIA,kBAAAA,EAAmB;AACrB,MAAA,MAAM,iBAAA,GAAoB,UAAA,CAAW,aAAA,CAAc,YAAY,CAAC,CAAA;AAChE,MAAA,MAAM,gBAAA,GAAmB,qBAAqB,iBAAA,KAAsBA,kBAAAA;AAEpE,MAAA,IAAI,gBAAA,EAAkB;AACpB,QAAA,MAAA,CAAO,MAAM,uCAAA,EAAyC,EAAE,UAAU,iBAAA,EAAmB,IAAA,EAAMA,oBAAmB,CAAA;AAE9G,QAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,UAAA,MAAM,UAAA,GAAa,OAAO,QAAA,CAAS,IAAA;AACnC,UAAA,MAAM,aAAa,UAAA,CAAW,QAAA,CAAS,OAAO,CAAA,IAAK,UAAA,CAAW,SAAS,QAAQ,CAAA;AAC/E,UAAA,IAAI,UAAA,EAAY;AACd,YAAA,MAAM,QAAA,GAAW,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,OAAO,QAAA,CAAS,QAAA;AAC1D,YAAA,MAAA,CAAO,QAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,OAAO,QAAQ,CAAA;AAAA,UAC1D;AAAA,QACF;AAEA,QAAA,aAAA,CAAc,aAAA,CAAc,cAAc,CAAC,CAAA;AAC3C,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAC5C,QAAA,aAAA,CAAc,aAAA,CAAc,YAAY,CAAC,CAAA;AACzC,QAAA,aAAA,CAAc,aAAA,CAAc,OAAO,CAAC,CAAA;AACpC,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAC5C,QAAA,aAAA,CAAc,aAAA,CAAc,oBAAoB,CAAC,CAAA;AACjD,QAAA,uBAAA,EAAwB;AACxB,QAAA,cAAA,EAAe;AAEf,QAAA,UAAA,CAAW,aAAA,CAAc,eAAe,CAAA,EAAG,MAAM,CAAA;AACjD,QAAA,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAA,EAAG,MAAM,CAAA;AACnD,QAAA,UAAA,CAAW,aAAA,CAAc,gBAAgB,CAAA,EAAGA,kBAAiB,CAAA;AAE7D,QAAA,QAAA,CAAS;AAAA,UACP,eAAA,EAAiB,KAAA;AAAA,UACjB,WAAA,EAAa,IAAA;AAAA,UACb,SAAA,EAAW,IAAA;AAAA,UACX,KAAA,EAAO;AAAA,SACR,CAAA;AAAA,MACH,WAAW,iBAAA,EAAmB;AAC5B,QAAA,MAAA,CAAO,KAAA,CAAM,oCAAA,EAAsC,EAAE,SAAA,EAAWA,oBAAmB,CAAA;AAAA,MACrF;AAEA,MAAA,IAAI;AACF,QAAA,oBAAA,CAAqB;AAAA,UACnB,SAAA,EAAWA,kBAAAA;AAAA,UACX,UAAA,EAAYA;AAAA,SACb,CAAA;AACD,QAAA,wBAAA,CAAyB,yCAAA,EAA2C;AAAA,UAClE,UAAA,EAAYA,kBAAAA;AAAA,UACZ,SAAA,EAAWA;AAAA,SACZ,CAAA;AAAA,MACH,CAAA,CAAA,MAAQ;AAAA,MAER;AACA,MAAA,UAAA,CAAW,aAAA,CAAc,YAAY,CAAA,EAAGA,kBAAiB,CAAA;AAAA,IAC3D,CAAA,MAAO;AACL,MAAA,MAAA,CAAO,MAAM,0CAA0C,CAAA;AAAA,IACzD;AAAA,EACF,CAAA,EAAG,CAAC,gBAAA,EAAkB,KAAK,CAAC,CAAA;AAE5B,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAI,QAAA,CAAoB;AAAA,IAC5C,eAAA,EAAiB,KAAA;AAAA,IACjB,WAAA,EAAa,IAAA;AAAA,IACb,SAAA,EAAW,QAAA;AAAA,IACX,KAAA,EAAO;AAAA,GACR,CAAA;AAKD,EAAA,MAAM,aAAA,GAAgB,YAAY,MAAM;AACtC,IAAA,IAAI;AACF,MAAA,MAAM,SAAS,SAAA,CAAU,OAAA;AACzB,MAAA,IAAI,aAAA;AACJ,MAAA,IAAI,WAAA;AACJ,MAAA,IAAI,KAAA,GAAuB,IAAA;AAE3B,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAM,CAAA,GAAI,OAAO,QAAA,EAAS;AAC1B,QAAA,aAAA,GAAgB,CAAA,CAAE,MAAA,KAAW,eAAA,IAAmB,CAAC,CAAC,CAAA,CAAE,WAAA;AACpD,QAAA,WAAA,GAAc,CAAA,CAAE,WAAA;AAChB,QAAA,KAAA,GAAQ,CAAA,CAAE,KAAA;AAAA,MACZ,CAAA,MAAO;AACL,QAAA,WAAA,GAAc,cAAA,EAAqB;AACnC,QAAA,aAAA,GAAgB,CAAC,CAAC,WAAA,IAAe,CAAC,oBAAA,EAAqB;AAAA,MACzD;AAEA,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,aAAA;AAAA,QACjB,WAAA;AAAA,QACA,SAAA,EAAW,KAAA;AAAA,QACX;AAAA,OACD,CAAA;AAED,MAAA,IAAI,aAAA,EAAe;AAAA,MACnB,CAAA,MAAO;AACL,QAAA,kBAAA,EAAmB;AACnB,QAAA,iBAAA,EAAkB;AAAA,MACpB;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAClB,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,KAAA;AAAA,QACjB,WAAA,EAAa,IAAA;AAAA,QACb,SAAA,EAAW,KAAA;AAAA,QACX,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,OACjD,CAAA;AAAA,IACH;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAML,EAAA,SAAA,CAAU,MAAM;AACd,IAAA,IAAI,CAAC,QAAA,EAAU;AAEf,IAAA,MAAM,cAAA,GAAiB,UAAA,CAAW,aAAA,CAAc,iBAAiB,CAAC,CAAA,KAAM,MAAA;AACxE,IAAA,MAAM,YAAA,GAAe,UAAA,CAAW,aAAA,CAAc,eAAe,CAAC,CAAA,KAAM,MAAA;AACpE,IAAA,IAAI,CAAC,cAAA,IAAkB,CAAC,YAAA,EAAc;AAEtC,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,SAAS,YAAY;AACzB,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,CAAU,SAAS,IAAA,EAAK;AAC9B,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,aAAA,EAAc;AAAA,QAChB;AAAA,MACF,CAAA,SAAE;AACA,QAAA,aAAA,CAAc,aAAA,CAAc,eAAe,CAAC,CAAA;AAAA,MAC9C;AAAA,IACF,CAAA;AAEA,IAAA,MAAA,EAAO;AAEP,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AAAA,IACd,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,QAAA,EAAU,gBAAA,EAAkB,aAAa,CAAC,CAAA;AAK9C,EAAA,SAAA,CAAU,MAAM;AACd,IAAA,IAAI,CAAC,QAAA,EAAU;AACb,MAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,OAAM,CAAE,CAAA;AAClD,MAAA;AAAA,IACF;AACA,IAAA,IAAI,WAAW,OAAA,EAAS;AACxB,IAAA,UAAA,CAAW,OAAA,GAAU,IAAA;AAErB,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,OAAO,YAAY;AACvB,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,CAAU,SAAS,IAAA,EAAK;AAC9B,QAAA,IAAI,CAAC,WAAW,aAAA,EAAc;AAAA,MAChC,SAAS,KAAA,EAAO;AACd,QAAA,kBAAA,EAAmB;AACnB,QAAA,iBAAA,EAAkB;AAClB,QAAA,IAAI,CAAC,SAAA,EAAW;AACd,UAAA,QAAA,CAAS;AAAA,YACP,eAAA,EAAiB,KAAA;AAAA,YACjB,WAAA,EAAa,IAAA;AAAA,YACb,SAAA,EAAW,KAAA;AAAA,YACX,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,WACjD,CAAA;AAAA,QACH;AAAA,MACF;AAAA,IACF,CAAA;AAEA,IAAA,IAAA,EAAK;AAEL,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AACZ,MAAA,UAAA,CAAW,OAAA,GAAU,KAAA;AACrB,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAAA,IACpB,CAAA;AAAA,EACF,CAAA,EAAG,CAAC,QAAA,EAAU,aAAa,CAAC,CAAA;AAK5B,EAAA,MAAM,KAAA,GAAQ,YAAY,YAAY;AACpC,IAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,MAAK,CAAE,CAAA;AACjD,IAAA,MAAM,SAAA,CAAU,SAAS,KAAA,EAAM;AAC/B,IAAA,aAAA,EAAc;AAAA,EAChB,CAAA,EAAG,CAAC,aAAa,CAAC,CAAA;AAKlB,EAAA,MAAMC,OAAAA,GAAS,YAAY,YAAY;AACrC,IAAA,kBAAA,EAAmB;AACnB,IAAA,iBAAA,EAAkB;AAClB,IAAA,QAAA,CAAS,CAAC,IAAA,MAAU,EAAE,GAAG,IAAA,EAAM,SAAA,EAAW,MAAK,CAAE,CAAA;AAEjD,IAAA,IAAI;AACF,MAAA,MAAM,UAAU,OAAA,EAAS,MAAA,CAAO,EAAE,SAAA,EAAW,kBAAkB,CAAA;AAC/D,MAAA,kBAAA,EAAmB;AAAA,IACrB,CAAA,SAAE;AACA,MAAA,kBAAA,EAAmB;AACnB,MAAA,iBAAA,EAAkB;AAClB,MAAA,QAAA,CAAS;AAAA,QACP,eAAA,EAAiB,KAAA;AAAA,QACjB,WAAA,EAAa,IAAA;AAAA,QACb,SAAA,EAAW,KAAA;AAAA,QACX,KAAA,EAAO;AAAA,OACR,CAAA;AAAA,IACH;AAAA,EACF,CAAA,EAAG,CAAC,gBAAgB,CAAC,CAAA;AAKrB,EAAA,MAAM,YAAA,GAAe,YAAY,YAA6B;AAC5D,IAAA,IAAI;AACF,MAAA,MAAM,QAAA,GAAY,MAAM,SAAA,CAAU,OAAA,EAAS,SAAQ,IAAM,EAAA;AACzD,MAAA,aAAA,EAAc;AACd,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAMA,OAAAA,EAAO;AACb,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF,CAAA,EAAG,CAAC,aAAA,EAAeA,OAAM,CAAC,CAAA;AAK1B,EAAA,MAAM,mBAAA,GAAsB,YAAY,YAA6B;AACnE,IAAA,IAAI;AACF,MAAA,MAAM,KAAA,GAAQ,MAAM,SAAA,CAAU,OAAA,EAAS,cAAA,EAAe;AACtD,MAAA,IAAI,CAAC,KAAA,EAAO,MAAM,IAAI,MAAM,mBAAmB,CAAA;AAC/C,MAAA,aAAA,EAAc;AACd,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,MAAMA,OAAAA,EAAO;AACb,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF,CAAA,EAAG,CAAC,aAAA,EAAeA,OAAM,CAAC,CAAA;AAK1B,EAAA,MAAM,SAAA,GAAY,WAAA,CAAY,CAAC,WAAA,KAA8B;AAC3D,IAAA,QAAA,CAAS;AAAA,MACP,eAAA,EAAiB,IAAA;AAAA,MACjB,WAAA;AAAA,MACA,SAAA,EAAW,KAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,MAAM,YAAA,GAAe,OAAA;AAAA,IACnB,OAAO;AAAA,MACL,GAAG,KAAA;AAAA,MACH,KAAA;AAAA,MACA,MAAA,EAAAA,OAAAA;AAAA,MACA,YAAA;AAAA,MACA,cAAA,EAAgB,mBAAA;AAAA,MAChB;AAAA,KACF,CAAA;AAAA,IACA,CAAC,KAAA,EAAO,KAAA,EAAOA,OAAAA,EAAQ,YAAA,EAAc,qBAAqB,SAAS;AAAA,GACrE;AAEA,EAAA,2BACG,WAAA,CAAY,QAAA,EAAZ,EAAqB,KAAA,EAAO,cAC1B,QAAA,EACH,CAAA;AAEJ;ACvbA,IAAM,mBAAA,GAAsB,aAAA;AAUrB,SAAS,YAAA,CAAa;AAAA,EAC3B,SAAA,GAAY,QAAA;AAAA,EACZ,WAAA,GAAc,YAAA;AAAA,EACd,QAAA,GAAW;AACb,CAAA,EAAyC;AACvC,EAAA,MAAM,EAAE,SAAA,EAAU,GAAI,cAAA,EAAe;AACrC,EAAA,MAAM,UAAA,GAAaC,OAAO,KAAK,CAAA;AAC/B,EAAA,MAAM,CAAC,MAAA,EAAQ,SAAS,CAAA,GAAIC,SAAsB,MAAM,CAAA;AACxD,EAAA,MAAM,CAAC,OAAA,EAAS,UAAU,CAAA,GAAIA,SAAiB,EAAE,CAAA;AAEjD,EAAAC,UAAU,MAAM;AACd,IAAA,IAAI,WAAW,OAAA,EAAS;AACxB,IAAA,UAAA,CAAW,OAAA,GAAU,IAAA;AAErB,IAAA,MAAM,SAAA,GAAY,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AAC5D,IAAA,MAAM,oBAAoB,SAAA,CAAU,GAAA,CAAI,MAAM,CAAA,IAAK,SAAA,CAAU,IAAI,OAAO,CAAA;AAExE,IAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,MAAA,MAAA,CAAO,QAAA,CAAS,OAAA,CAAQ,SAAA,IAAa,QAAQ,CAAA;AAC7C,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,GAAA,CAAI,OAAO,CAAA;AACnC,IAAA,MAAM,gBAAA,GAAmB,SAAA,CAAU,GAAA,CAAI,mBAAmB,CAAA;AAC1D,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,SAAA,CAAU,OAAO,CAAA;AACjB,MAAA,UAAA,CAAW,CAAA,EAAG,KAAK,CAAA,EAAA,EAAK,gBAAA,IAAoB,sBAAsB,CAAA,CAAE,CAAA;AACpE,MAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,KAAA,EAAO,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AACjG,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,cAAc,YAAY;AAC9B,MAAA,SAAA,CAAU,SAAS,CAAA;AACnB,MAAA,UAAA,CAAW,uBAAuB,CAAA;AAGlC,MAAA,MAAM,OAAA,GAAU,MAAM,cAAA,EAAe;AAErC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,SAAA,CAAU,OAAO,CAAA;AACjB,QAAA,UAAA,CAAW,0CAA0C,CAAA;AACrD,QAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,KAAA,EAAO,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AACjG,QAAA;AAAA,MACF;AAMA,MAAA,MAAM,SAAA,GAAY,KAAK,GAAA,EAAI;AAC3B,MAAA,MAAM,WAAA,GAAc,GAAA;AAGpB,MAAA,OAAO,IAAA,EAAM;AACX,QAAA,MAAM,QAAQ,cAAA,EAAe;AAC7B,QAAA,IAAI,KAAA,EAAO;AACT,UAAA,SAAA,CAAU,KAAK,CAAA;AACf,UAAA,SAAA,CAAU,SAAS,CAAA;AACnB,UAAA,UAAA,CAAW,2CAA2C,CAAA;AACtD,UAAA,MAAA,CAAO,QAAA,CAAS,QAAQ,WAAW,CAAA;AACnC,UAAA;AAAA,QACF;AAEA,QAAA,IAAI,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA,GAAY,WAAA,EAAa;AAC1C,QAAA,MAAM,IAAI,OAAA,CAAQ,CAAC,MAAM,UAAA,CAAW,CAAA,EAAG,GAAG,CAAC,CAAA;AAAA,MAC7C;AAEA,MAAA,SAAA,CAAU,OAAO,CAAA;AACjB,MAAA,UAAA,CAAW,oDAAoD,CAAA;AAC/D,MAAA,MAAA,CAAO,OAAA,CAAQ,YAAA,CAAa,EAAC,EAAG,QAAA,CAAS,KAAA,EAAO,MAAA,CAAO,QAAA,CAAS,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAQ,CAAA;AAAA,IACnG,CAAA;AAEA,IAAA,WAAA,EAAY;AAAA,EACd,GAAG,CAAC,QAAA,EAAU,SAAA,EAAW,WAAA,EAAa,SAAS,CAAC,CAAA;AAEhD,EAAA,MAAM,cAAA,GAAsC;AAAA,IAC1C,SAAA,EAAW,OAAA;AAAA,IACX,OAAA,EAAS,MAAA;AAAA,IACT,aAAA,EAAe,QAAA;AAAA,IACf,UAAA,EAAY,QAAA;AAAA,IACZ,cAAA,EAAgB,QAAA;AAAA,IAChB,OAAA,EAAS,EAAA;AAAA,IACT,UAAA,EAAY,wDAAA;AAAA,IACZ,SAAA,EAAW;AAAA,GACb;AAEA,EAAA,MAAM,UAAA,GAAkC;AAAA,IACtC,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,SAAA;AAAA,IACV,UAAA,EAAY,GAAA;AAAA,IACZ,KAAA,EAAO,SAAA;AAAA,IACP,YAAA,EAAc;AAAA,GAChB;AAEA,EAAA,MAAM,YAAA,GAAoC;AAAA,IACxC,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,WAAA;AAAA,IACV,KAAA,EAAO,MAAA;AAAA,IACP,UAAA,EAAY,GAAA;AAAA,IACZ,QAAA,EAAU;AAAA,GACZ;AAEA,EAAA,MAAM,aAAA,GAAqC;AAAA,IACzC,SAAA,EAAW,EAAA;AAAA,IACX,OAAA,EAAS,WAAA;AAAA,IACT,eAAA,EAAiB,SAAA;AAAA,IACjB,MAAA,EAAQ,mBAAA;AAAA,IACR,YAAA,EAAc,CAAA;AAAA,IACd,KAAA,EAAO,SAAA;AAAA,IACP,QAAA,EAAU,UAAA;AAAA,IACV,QAAA,EAAU;AAAA,GACZ;AAEA,EAAA,MAAM,cAAA,GAAsC;AAAA,IAC1C,SAAA,EAAW,EAAA;AAAA,IACX,QAAA,EAAU,UAAA;AAAA,IACV,KAAA,EAAO,SAAA;AAAA,IACP,cAAA,EAAgB,MAAA;AAAA,IAChB,MAAA,EAAQ;AAAA,GACV;AAEA,EAAA,MAAM,YAAA,GAAoC;AAAA,IACxC,KAAA,EAAO,EAAA;AAAA,IACP,MAAA,EAAQ,EAAA;AAAA,IACR,MAAA,EAAQ,mBAAA;AAAA,IACR,cAAA,EAAgB,SAAA;AAAA,IAChB,YAAA,EAAc,KAAA;AAAA,IACd,SAAA,EAAW,yCAAA;AAAA,IACX,YAAA,EAAc;AAAA,GAChB;AAEA,EAAA,MAAM,eAAA,GAAuC;AAAA,IAC3C,QAAA,EAAU,UAAA;AAAA,IACV,GAAA,EAAK,EAAA;AAAA,IACL,IAAA,EAAM,KAAA;AAAA,IACN,SAAA,EAAW,kBAAA;AAAA,IACX,MAAA,EAAQ,CAAA;AAAA,IACR,QAAA,EAAU,UAAA;AAAA,IACV,UAAA,EAAY,GAAA;AAAA,IACZ,KAAA,EAAO,SAAA;AAAA,IACP,aAAA,EAAe;AAAA,GACjB;AAEA,EAAA,uBACE,IAAA,CAAC,SAAI,KAAA,EAAO,EAAE,GAAG,cAAA,EAAgB,QAAA,EAAU,YAAW,EACpD,QAAA,EAAA;AAAA,oBAAAC,GAAAA,CAAC,WAAO,QAAA,EAAA,CAAA,mEAAA,CAAA,EAAsE,CAAA;AAAA,oBAC9EA,GAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,iBAAkB,QAAA,EAAA,mBAAA,EAAoB,CAAA;AAAA,IAC/C,MAAA,KAAW,6BACV,IAAA,CAAA,QAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAA,GAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,YAAA,EAAc,eAAW,IAAA,EAAC,CAAA;AAAA,sBACtCA,GAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,YAAY,QAAA,EAAA,mBAAA,EAAiB,CAAA;AAAA,sBACxCA,GAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,+CAAA,EAA6C;AAAA,KAAA,EACvE,CAAA;AAAA,IAED,MAAA,KAAW,6BACV,IAAA,CAAA,QAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAA,GAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,UAAA,EAAY,QAAA,EAAA,wBAAA,EAAsB,CAAA;AAAA,sBAC7CA,GAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,sBAAA,EAAoB;AAAA,KAAA,EAC9C,CAAA;AAAA,IAED,MAAA,KAAW,2BACV,IAAA,CAAA,QAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAA,GAAAA,CAAC,QAAG,KAAA,EAAO,EAAE,GAAG,UAAA,EAAY,KAAA,EAAO,SAAA,EAAU,EAAG,QAAA,EAAA,uBAAA,EAAqB,CAAA;AAAA,sBACrEA,GAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,eAAgB,QAAA,EAAA,OAAA,EAAQ,CAAA;AAAA,sBACpCA,GAAAA;AAAA,QAAC,GAAA;AAAA,QAAA;AAAA,UACC,IAAA,EAAM,SAAA;AAAA,UACN,KAAA,EAAO,cAAA;AAAA,UACP,OAAA,EAAS,CAAC,CAAA,KAAM;AACd,YAAA,CAAA,CAAE,cAAA,EAAe;AACjB,YAAA,MAAA,CAAO,SAAS,IAAA,GAAO,SAAA;AAAA,UACzB,CAAA;AAAA,UACD,QAAA,EAAA;AAAA;AAAA;AAED,KAAA,EACF,CAAA;AAAA,IAED,MAAA,KAAW,0BACV,IAAA,CAAA,QAAA,EAAA,EACE,QAAA,EAAA;AAAA,sBAAAA,GAAAA,CAAC,KAAA,EAAA,EAAI,KAAA,EAAO,YAAA,EAAc,eAAW,IAAA,EAAC,CAAA;AAAA,sBACtCA,GAAAA,CAAC,IAAA,EAAA,EAAG,KAAA,EAAO,YAAY,QAAA,EAAA,uBAAA,EAAqB,CAAA;AAAA,sBAC5CA,GAAAA,CAAC,GAAA,EAAA,EAAE,KAAA,EAAO,cAAc,QAAA,EAAA,4BAAA,EAA0B;AAAA,KAAA,EACpD;AAAA,GAAA,EAEJ,CAAA;AAEJ;;;AC7LO,SAAS,OAAA,GAA4B;AAC1C,EAAA,OAAO,cAAA,EAAe;AACxB;ACJO,SAAS,cAAA,CAAe;AAAA,EAC7B,QAAA;AAAA,EACA,QAAA,GAAW,IAAA;AAAA,EACX,SAAA,GAAY;AACd,CAAA,EAA2C;AACzC,EAAA,MAAM,EAAE,eAAA,EAAiB,cAAA,EAAAT,eAAAA,EAAgB,KAAA,KAAU,OAAA,EAAQ;AAC3D,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAIO,SAAS,KAAK,CAAA;AACxC,EAAA,MAAM,iBAAA,GAAoBD,OAAO,KAAK,CAAA;AAEtC,EAAAE,UAAU,MAAM;AACd,IAAA,IAAI,SAAA,GAAY,KAAA;AAEhB,IAAA,MAAM,MAAM,YAAY;AACtB,MAAA,IAAI,eAAA,EAAiB;AACnB,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,IAAI,CAAA;AAC7B,QAAA;AAAA,MACF;AAEA,MAAA,IAAI;AACF,QAAA,MAAMR,eAAAA,EAAe;AACrB,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,IAAI,CAAA;AAAA,MAC/B,CAAA,CAAA,MAAQ;AACN,QAAA,IAAI,SAAA,IAAa,CAAC,iBAAA,CAAkB,OAAA,EAAS;AAC3C,UAAA,iBAAA,CAAkB,OAAA,GAAU,IAAA;AAC5B,UAAA,MAAM,KAAA,EAAM;AAAA,QACd;AACA,QAAA,IAAI,CAAC,SAAA,EAAW,QAAA,CAAS,KAAK,CAAA;AAAA,MAChC;AAAA,IACF,CAAA;AAEA,IAAA,GAAA,EAAI;AAEJ,IAAA,OAAO,MAAM;AACX,MAAA,SAAA,GAAY,IAAA;AAAA,IACd,CAAA;AAAA,EACF,GAAG,CAAC,SAAA,EAAWA,eAAAA,EAAgB,eAAA,EAAiB,KAAK,CAAC,CAAA;AAEtD,EAAA,IAAI,CAAC,KAAA,IAAS,CAAC,eAAA,EAAiB;AAC9B,IAAA,uBAAOS,GAAAA,CAAAC,QAAAA,EAAA,EAAG,QAAA,EAAA,QAAA,EAAS,CAAA;AAAA,EACrB;AAEA,EAAA,uBAAOD,GAAAA,CAAAC,QAAAA,EAAA,EAAG,QAAA,EAAS,CAAA;AACrB;AClCO,SAAS,WAAA,GAAiC;AAC/C,EAAA,MAAM,CAAC,SAAA,EAAW,YAAY,CAAA,GAAIH,SAAS,KAAK,CAAA;AAChD,EAAA,MAAM,CAAC,KAAA,EAAO,QAAQ,CAAA,GAAIA,SAAwB,IAAI,CAAA;AAGtD,EAAA,MAAM,aAAA,GAAgBD,OAAO,KAAK,CAAA;AAGlC,EAAA,MAAM,UAAA,GAAaA,OAAO,IAAI,CAAA;AAE9B,EAAAE,UAAU,MAAM;AACd,IAAA,OAAO,MAAM;AACX,MAAA,UAAA,CAAW,OAAA,GAAU,KAAA;AAAA,IACvB,CAAA;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,MAAM,IAAA,GAAOG,YAAY,YAAY;AAEnC,IAAA,IAAI,cAAc,OAAA,EAAS;AACzB,MAAA;AAAA,IACF;AAEA,IAAA,aAAA,CAAc,OAAA,GAAU,IAAA;AAExB,IAAA,IAAI,WAAW,OAAA,EAAS;AACtB,MAAA,YAAA,CAAa,IAAI,CAAA;AACjB,MAAA,QAAA,CAAS,IAAI,CAAA;AAAA,IACf;AAEA,IAAA,IAAI;AAEF,MAAA,MAAM,SAAA,EAAU;AAAA,IAClB,SAAS,GAAA,EAAK;AACZ,MAAA,IAAI,WAAW,OAAA,EAAS;AACtB,QAAA,QAAA;AAAA,UACE,GAAA,YAAe,KAAA,GACX,GAAA,CAAI,OAAA,GACJ;AAAA,SACN;AAAA,MACF;AAAA,IACF,CAAA,SAAE;AACA,MAAA,aAAA,CAAc,OAAA,GAAU,KAAA;AAExB,MAAA,IAAI,WAAW,OAAA,EAAS;AACtB,QAAA,YAAA,CAAa,KAAK,CAAA;AAAA,MACpB;AAAA,IACF;AAAA,EACF,CAAA,EAAG,EAAE,CAAA;AAEL,EAAA,OAAOC,OAAAA;AAAA,IACL,OAAO,EAAE,SAAA,EAAW,KAAA,EAAO,IAAA,EAAK,CAAA;AAAA,IAChC,CAAC,SAAA,EAAW,KAAA,EAAO,IAAI;AAAA,GACzB;AACF","file":"index.mjs","sourcesContent":["/**\r\n * Runtime context: single get/set for auth runtime.\r\n * Core reads from here; host (e.g. React layer) sets before any core code runs.\r\n */\r\n\r\nimport type { AuthRuntime } from './types';\r\n\r\nlet currentRuntime: AuthRuntime | null = null;\r\n\r\nexport function setAuthRuntime(runtime: AuthRuntime | null): void {\r\n currentRuntime = runtime;\r\n}\r\n\r\nexport function getAuthRuntime(): AuthRuntime | null {\r\n return currentRuntime;\r\n}\r\n\r\n/** Returns runtime or throws if not set (use in core when runtime is required). */\r\nexport function requireAuthRuntime(): AuthRuntime {\r\n const r = currentRuntime;\r\n if (!r) {\r\n throw new Error(\r\n '[tenneo-auth] Auth runtime not set. Wrap your app with AuthProvider (or setAuthRuntime) before using auth.'\r\n );\r\n }\r\n return r;\r\n}\r\n","/**\r\n * Pure domain logic for tenant key extraction and callback URL detection.\r\n * No window/document; no I/O. Single source of truth for tenant/callback helpers.\r\n */\r\n\r\n/** Minimal URL shape required for tenant/callback logic. */\r\nexport interface UrlLike {\r\n search: string;\r\n hostname: string;\r\n}\r\n\r\n/** Minimal config shape required for tenant extraction. */\r\nexport interface ConfigProviderLike {\r\n getClientCode(): string;\r\n}\r\n\r\nexport function isLocalhost(hostname: string): boolean {\r\n return (\r\n hostname === 'localhost' ||\r\n hostname === '127.0.0.1' ||\r\n hostname === '[::1]' ||\r\n hostname.startsWith('192.168.') ||\r\n hostname.startsWith('10.') ||\r\n hostname.endsWith('.local')\r\n );\r\n}\r\n\r\nfunction extractTenantKeyFromDomain(\r\n urlOrHostname: string,\r\n config: ConfigProviderLike\r\n): string | null {\r\n try {\r\n let hostname: string;\r\n if (urlOrHostname.startsWith('http://') || urlOrHostname.startsWith('https://')) {\r\n try {\r\n const url = new URL(urlOrHostname);\r\n hostname = url.hostname;\r\n } catch {\r\n hostname = urlOrHostname.replace(/^https?:\\/\\//, '').split('/')[0];\r\n }\r\n } else {\r\n hostname = urlOrHostname;\r\n }\r\n const parts = hostname.split('.');\r\n if (parts.length < 2) return config.getClientCode();\r\n const tenantKey = parts[0];\r\n if (!tenantKey || tenantKey.trim() === '') return config.getClientCode();\r\n if (tenantKey.trim().toLowerCase() === 'productlms') return config.getClientCode();\r\n return tenantKey.trim();\r\n } catch {\r\n return config.getClientCode();\r\n }\r\n}\r\n\r\n/**\r\n * Extracts tenant key from URL + storage + config. Pure; no window usage.\r\n */\r\nexport function extractTenantKeyFromUrl(\r\n url: UrlLike,\r\n config: ConfigProviderLike,\r\n getStorage: (key: string) => string | null,\r\n getKey?: (suffix: string) => string\r\n): string | null {\r\n void url;\r\n void config;\r\n const propsConfigKey = getKey ? getKey('props_config') : 'tenneo_auth_props_config';\r\n const hostConfigKey = getKey ? getKey('host_config') : 'tenneo_auth_host_config';\r\n\r\n try {\r\n const propsConfigStr = getStorage(propsConfigKey);\r\n if (propsConfigStr) {\r\n const propsConfig = JSON.parse(propsConfigStr) as { tenantKey?: string };\r\n if (propsConfig.tenantKey?.trim()) return propsConfig.tenantKey.trim();\r\n }\r\n } catch {\r\n // continue\r\n }\r\n\r\n try {\r\n const hostConfigStr = getStorage(hostConfigKey);\r\n if (!hostConfigStr) return null;\r\n const hostConfig = JSON.parse(hostConfigStr) as { tenantKey?: string };\r\n if (hostConfig.tenantKey?.trim()) return hostConfig.tenantKey.trim();\r\n } catch {\r\n // continue\r\n }\r\n\r\n return null;\r\n}\r\n\r\n/** Returns true if URL has code and state (OAuth callback). */\r\nexport function isCallbackUrlFromUrl(url: UrlLike): boolean {\r\n const params = new URLSearchParams(url.search);\r\n return params.has('code') && params.has('state');\r\n}\r\n","/**\r\n * Dynamic storage key prefix by tenant code.\r\n * When tenant code is set, prefix is `${normalizedTenantCode}_auth_`; otherwise `tenneo_auth_`.\r\n */\r\n\r\nconst DEFAULT_PREFIX = 'tenneo_auth_';\r\n\r\nlet currentPrefix = DEFAULT_PREFIX;\r\n\r\nexport function getStorageKeyPrefix(): string {\r\n return currentPrefix;\r\n}\r\n\r\n/**\r\n * Normalize tenant code for use in storage keys (alphanumeric + underscore only).\r\n */\r\nfunction normalizeTenantCode(tenantCode: string): string {\r\n const trimmed = tenantCode.trim();\r\n if (!trimmed) return '';\r\n return trimmed.replace(/[^a-zA-Z0-9_]/g, '_').toLowerCase();\r\n}\r\n\r\n/**\r\n * Set the storage key prefix from tenant code.\r\n * Call when tenant is known (e.g. from AuthProvider). Empty string resets to default.\r\n */\r\nexport function setStorageKeyPrefix(tenantCode: string): void {\r\n const normalized = normalizeTenantCode(tenantCode);\r\n currentPrefix = normalized ? `${normalized}_auth_` : DEFAULT_PREFIX;\r\n}\r\n\r\n/**\r\n * Build full storage key for a suffix using the current prefix.\r\n */\r\nexport function getStorageKey(suffix: string): string {\r\n return getStorageKeyPrefix() + suffix;\r\n}\r\n","/**\r\n * Storage key namespacing: auth_${tenantId}_${appId}_*\r\n * Backward compatibility: when both tenantId and appId are empty, use dynamic prefix (from tenant code).\r\n */\r\n\r\nimport type { StorageNamespace } from './types';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\n/**\r\n * Builds a namespaced storage key.\r\n * - When tenantId and appId are both falsy: returns getStorageKeyPrefix() + suffix (tenant-code-based or default).\r\n * - Otherwise: returns auth_${tenantId}_${appId}_${suffix}.\r\n */\r\nexport function buildStorageKey(\r\n ns: StorageNamespace,\r\n suffix: string\r\n): string {\r\n const { tenantId, appId } = ns;\r\n if (!tenantId && !appId) {\r\n return `${getStorageKeyPrefix()}${suffix}`;\r\n }\r\n const tid = tenantId || '';\r\n const aid = appId || '';\r\n return `auth_${tid}_${aid}_${suffix}`;\r\n}\r\n\r\n/** Suffixes used for token keys (same as legacy STORAGE_KEYS without prefix). */\r\nexport const TOKEN_KEY_SUFFIXES = {\r\n accessToken: 'access_token',\r\n refreshToken: 'refresh_token',\r\n expiresAt: 'expires_at',\r\n} as const;\r\n\r\n/** Suffixes for config/flow keys (aligned with existing tenneo_auth_* keys). */\r\nexport const CONFIG_KEY_SUFFIXES = {\r\n authServerUrl: 'auth_server_url',\r\n clientId: 'client_id',\r\n redirectUri: 'redirect_uri',\r\n tenantId: 'tenant_id',\r\n tenantKey: 'tenant_key',\r\n codeVerifier: 'code_verifier',\r\n state: 'state',\r\n callbackProcessed: 'callback_processed',\r\n callbackProcessing: 'callback_processing',\r\n callbackAttempted: 'callback_attempted',\r\n flowInProgress: 'flow_in_progress',\r\n flowTimestamp: 'flow_timestamp',\r\n logoutProcessing: 'logout_processing',\r\n propsConfig: 'props_config',\r\n propsChanged: 'props_changed',\r\n tenantSwitched: 'tenant_switched',\r\n newTenantKey: 'new_tenant_key',\r\n stateMismatch: 'state_mismatch',\r\n bootstrapInProgress: 'bootstrap_in_progress',\r\n bootstrapTimestamp: 'bootstrap_timestamp',\r\n callbackHandled: 'callback_handled',\r\n} as const;\r\n","/**\r\n * Storage context: current adapter and namespace.\r\n * Can be set via setStorageContext (legacy) or setAuthRuntime (full runtime).\r\n * No window/document usage.\r\n */\r\n\r\nimport type { StorageAdapter, StorageNamespace } from './types';\r\nimport { getAuthRuntime } from '../runtime/context';\r\n\r\nlet currentAdapter: StorageAdapter | null = null;\r\nlet currentNamespace: StorageNamespace = { tenantId: '', appId: '' };\r\n\r\nexport function setStorageContext(\r\n adapter: StorageAdapter | null,\r\n namespace: Partial<StorageNamespace> = {}\r\n): void {\r\n currentAdapter = adapter;\r\n currentNamespace = {\r\n tenantId: namespace.tenantId ?? '',\r\n appId: namespace.appId ?? '',\r\n };\r\n}\r\n\r\nexport function getStorageAdapter(): StorageAdapter | null {\r\n const runtime = getAuthRuntime();\r\n if (runtime?.storageAdapter) return runtime.storageAdapter;\r\n return currentAdapter;\r\n}\r\n\r\nexport function getStorageNamespace(): StorageNamespace {\r\n const runtime = getAuthRuntime();\r\n if (runtime?.storageNamespace) return { ...runtime.storageNamespace };\r\n return { ...currentNamespace };\r\n}\r\n","/**\r\n * In-memory storage adapter. SSR-safe; no window/document usage.\r\n * Default for server-side or when no persistent storage is desired.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { buildStorageKey, TOKEN_KEY_SUFFIXES } from './namespace';\r\n\r\nexport function createMemoryStorageAdapter(\r\n namespace: StorageNamespace\r\n): StorageAdapter {\r\n const store = new Map<string, string>();\r\n\r\n const getTokensSync = (): AuthTokens | null => {\r\n const accessToken = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken)) ?? null;\r\n const refreshToken = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken)) ?? null;\r\n const expiresAtStr = store.get(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt)) ?? null;\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n };\r\n\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n return getTokensSync();\r\n },\r\n getTokensSync,\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n },\r\n setTokensSync(tokens: AuthTokens): void {\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n store.set(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n clearTokensSync(): void {\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.accessToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.refreshToken));\r\n store.delete(buildStorageKey(namespace, TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n return store.get(key) ?? null;\r\n },\r\n getItemSync(key: string): string | null {\r\n return store.get(key) ?? null;\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n store.set(key, value);\r\n },\r\n setItemSync(key: string, value: string): void {\r\n store.set(key, value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n store.delete(key);\r\n },\r\n removeItemSync(key: string): void {\r\n store.delete(key);\r\n },\r\n\r\n async clear(): Promise<void> {\r\n store.clear();\r\n },\r\n clearSync(): void {\r\n store.clear();\r\n },\r\n };\r\n}\r\n","/**\r\n * Session storage adapter with namespaced keys. SSR-safe: guards all\r\n * window/sessionStorage access with typeof window !== 'undefined'.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { buildStorageKey, TOKEN_KEY_SUFFIXES } from './namespace';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\nfunction getSessionStorage(): Storage | null {\r\n if (typeof window === 'undefined') return null;\r\n try {\r\n return window.sessionStorage;\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nexport function createSecureSessionStorageAdapter(\r\n namespace: StorageNamespace\r\n): StorageAdapter {\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n return getTokensSyncImpl(namespace);\r\n },\r\n getTokensSync(): AuthTokens | null {\r\n return getTokensSyncImpl(namespace);\r\n },\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n setTokensSyncImpl(namespace, tokens);\r\n },\r\n setTokensSync(tokens: AuthTokens): void {\r\n setTokensSyncImpl(namespace, tokens);\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n clearTokensSyncImpl(namespace);\r\n },\r\n clearTokensSync(): void {\r\n clearTokensSyncImpl(namespace);\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n return getItemSyncImpl(key);\r\n },\r\n getItemSync(key: string): string | null {\r\n return getItemSyncImpl(key);\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n setItemSyncImpl(key, value);\r\n },\r\n setItemSync(key: string, value: string): void {\r\n setItemSyncImpl(key, value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n removeItemSyncImpl(key);\r\n },\r\n removeItemSync(key: string): void {\r\n removeItemSyncImpl(key);\r\n },\r\n\r\n async clear(): Promise<void> {\r\n clearSyncImpl(namespace);\r\n },\r\n clearSync(): void {\r\n clearSyncImpl(namespace);\r\n },\r\n };\r\n}\r\n\r\nfunction getTokensSyncImpl(ns: StorageNamespace): AuthTokens | null {\r\n const storage = getSessionStorage();\r\n if (!storage) return null;\r\n try {\r\n const accessToken = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken));\r\n const refreshToken = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken));\r\n const expiresAtStr = storage.getItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt));\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nfunction setTokensSyncImpl(ns: StorageNamespace, tokens: AuthTokens): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken);\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken);\r\n storage.setItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction clearTokensSyncImpl(ns: StorageNamespace): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.accessToken));\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.refreshToken));\r\n storage.removeItem(buildStorageKey(ns, TOKEN_KEY_SUFFIXES.expiresAt));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction getItemSyncImpl(key: string): string | null {\r\n const storage = getSessionStorage();\r\n if (!storage) return null;\r\n try {\r\n return storage.getItem(key);\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nfunction setItemSyncImpl(key: string, value: string): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.setItem(key, value);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction removeItemSyncImpl(key: string): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n storage.removeItem(key);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nfunction clearSyncImpl(ns: StorageNamespace): void {\r\n const storage = getSessionStorage();\r\n if (!storage) return;\r\n try {\r\n const prefix = ns.tenantId || ns.appId\r\n ? `auth_${ns.tenantId || ''}_${ns.appId || ''}_`\r\n : getStorageKeyPrefix();\r\n const keys: string[] = [];\r\n for (let i = 0; i < storage.length; i++) {\r\n const key = storage.key(i);\r\n if (key && key.startsWith(prefix)) keys.push(key);\r\n }\r\n keys.forEach((k) => storage.removeItem(k));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n","/**\r\n * Cookie-based storage adapter (HttpOnly-compatible abstraction).\r\n * Tokens are stored in cookies; config/flow flags use cookies or fallback.\r\n * SSR-safe: all document/window access guarded with typeof window !== 'undefined'.\r\n *\r\n * Note: True HttpOnly cookies must be set by the server. This adapter uses\r\n * document.cookie for client-readable tokens when running in the browser,\r\n * and can be replaced by a server-backed implementation for HttpOnly.\r\n */\r\n\r\nimport type { AuthTokens, StorageAdapter, StorageNamespace } from './types';\r\nimport { TOKEN_KEY_SUFFIXES, CONFIG_KEY_SUFFIXES } from './namespace';\r\nimport { getStorageKeyPrefix } from './prefix';\r\n\r\nconst DEFAULT_COOKIE_OPTIONS = {\r\n path: '/',\r\n sameSite: 'lax' as const,\r\n maxAge: 60 * 60 * 24 * 7, // 7 days for refresh token\r\n};\r\n\r\nfunction getDocument(): Document | null {\r\n if (typeof document === 'undefined') return null;\r\n return document;\r\n}\r\n\r\nfunction getCookie(name: string): string | null {\r\n const doc = getDocument();\r\n if (!doc || !doc.cookie) return null;\r\n const match = doc.cookie.match(new RegExp('(^| )' + name + '=([^;]+)'));\r\n return match ? decodeURIComponent(match[2]) : null;\r\n}\r\n\r\nfunction setCookie(\r\n name: string,\r\n value: string,\r\n options: { path?: string; sameSite?: 'lax' | 'strict' | 'none'; maxAge?: number } = {}\r\n): void {\r\n const doc = getDocument();\r\n if (!doc) return;\r\n const { path = '/', sameSite = 'lax', maxAge } = { ...DEFAULT_COOKIE_OPTIONS, ...options };\r\n let cookie = `${encodeURIComponent(name)}=${encodeURIComponent(value)};path=${path};SameSite=${sameSite}`;\r\n if (maxAge != null) cookie += `;max-age=${maxAge}`;\r\n doc.cookie = cookie;\r\n}\r\n\r\nfunction deleteCookie(name: string): void {\r\n const doc = getDocument();\r\n if (!doc) return;\r\n doc.cookie = `${encodeURIComponent(name)}=;path=/;max-age=0`;\r\n}\r\n\r\nexport function createCookieStorageAdapter(\r\n namespace: StorageNamespace,\r\n options?: { cookiePrefix?: string }\r\n): StorageAdapter {\r\n const prefix = options?.cookiePrefix ?? 'auth';\r\n const keyPrefix = namespace.tenantId || namespace.appId\r\n ? `auth_${namespace.tenantId || ''}_${namespace.appId || ''}_`\r\n : getStorageKeyPrefix();\r\n\r\n const cookieName = (suffix: string) =>\r\n `${prefix}_${namespace.tenantId || 't'}_${namespace.appId || 'a'}_${suffix}`.replace(/[^a-zA-Z0-9_]/g, '_');\r\n\r\n return {\r\n async getTokens(): Promise<AuthTokens | null> {\r\n const accessToken = getCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken));\r\n const refreshToken = getCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken));\r\n const expiresAtStr = getCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt));\r\n if (!accessToken || !refreshToken || !expiresAtStr) return null;\r\n const expiresAt = parseInt(expiresAtStr, 10);\r\n if (isNaN(expiresAt)) return null;\r\n return { accessToken, refreshToken, expiresAt };\r\n },\r\n\r\n async setTokens(tokens: AuthTokens): Promise<void> {\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken), tokens.accessToken, { maxAge: 60 * 60 });\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken), tokens.refreshToken, { maxAge: 60 * 60 * 24 * 7 });\r\n setCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt), String(tokens.expiresAt), { maxAge: 60 * 60 * 24 });\r\n },\r\n\r\n async clearTokens(): Promise<void> {\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.accessToken));\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.refreshToken));\r\n deleteCookie(cookieName(TOKEN_KEY_SUFFIXES.expiresAt));\r\n },\r\n\r\n async getItem(key: string): Promise<string | null> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n return getCookie(cookieName(name));\r\n },\r\n\r\n async setItem(key: string, value: string): Promise<void> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n setCookie(cookieName(name), value);\r\n },\r\n\r\n async removeItem(key: string): Promise<void> {\r\n const name = key.startsWith(keyPrefix) ? key.slice(keyPrefix.length) : key;\r\n deleteCookie(cookieName(name));\r\n },\r\n\r\n async clear(): Promise<void> {\r\n const suffixes = Object.values(TOKEN_KEY_SUFFIXES);\r\n suffixes.forEach((s) => deleteCookie(cookieName(s)));\r\n Object.values(CONFIG_KEY_SUFFIXES).forEach((suffix) => deleteCookie(cookieName(suffix)));\r\n },\r\n };\r\n}\r\n","/**\r\n * Low-level storage get/set/remove only (adapter + namespace).\r\n * Safe for config resolution to import without circular dependency on config.\r\n */\r\n\r\nimport { getStorageAdapter, getStorageNamespace } from './context';\r\nimport { buildStorageKey } from './namespace';\r\nimport { getStorageKeyPrefix, getStorageKey } from './prefix';\r\n\r\nexport { getStorageKey };\r\n\r\nfunction keyToSuffix(key: string): string {\r\n const prefix = getStorageKeyPrefix();\r\n return key.startsWith(prefix) ? key.slice(prefix.length) : key;\r\n}\r\n\r\nexport function setStorage(key: string, value: string): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.setItemSync) return;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n adapter.setItemSync(buildStorageKey(ns, suffix), value);\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function getStorage(key: string): string | null {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.getItemSync) return null;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n return adapter.getItemSync(buildStorageKey(ns, suffix));\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\nexport function removeStorage(key: string): void {\r\n const adapter = getStorageAdapter();\r\n if (!adapter?.removeItemSync) return;\r\n const ns = getStorageNamespace();\r\n const suffix = keyToSuffix(key);\r\n try {\r\n adapter.removeItemSync(buildStorageKey(ns, suffix));\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n","/**\r\n * Storage API: adapter-based get/set/clear. No direct window/sessionStorage.\r\n * Keys use dynamic prefix from tenant code (see prefix.ts).\r\n */\r\n\r\nimport type { StorageKeys } from '../../domain/auth-state';\r\nimport { getStorageAdapter, getStorageNamespace } from './context';\r\nimport { buildStorageKey } from './namespace';\r\nimport { getAuthRuntime } from '../runtime/context';\r\nimport { getStorageKeyPrefix, getStorageKey } from './prefix';\r\nimport { getStorage, setStorage, removeStorage } from './kv';\r\n\r\nexport { setStorage, getStorage, removeStorage, getStorageKey } from './kv';\r\n\r\nconst KEY_SUFFIXES = {\r\n tenantKey: 'tenant_key',\r\n codeVerifier: 'code_verifier',\r\n state: 'state',\r\n accessToken: 'access_token',\r\n refreshToken: 'refresh_token',\r\n expiresAt: 'expires_at',\r\n} as const;\r\n\r\nexport const STORAGE_KEYS: StorageKeys = {\r\n get tenantKey() { return getStorageKey(KEY_SUFFIXES.tenantKey); },\r\n get codeVerifier() { return getStorageKey(KEY_SUFFIXES.codeVerifier); },\r\n get state() { return getStorageKey(KEY_SUFFIXES.state); },\r\n get accessToken() { return getStorageKey(KEY_SUFFIXES.accessToken); },\r\n get refreshToken() { return getStorageKey(KEY_SUFFIXES.refreshToken); },\r\n get expiresAt() { return getStorageKey(KEY_SUFFIXES.expiresAt); },\r\n} as const;\r\n\r\nexport function clearAuthStorage(): void {\r\n // Session + transition keys only. host_config is cache-only and managed by config layer.\r\n const keysToClear = [\r\n STORAGE_KEYS.accessToken,\r\n STORAGE_KEYS.refreshToken,\r\n STORAGE_KEYS.expiresAt,\r\n STORAGE_KEYS.codeVerifier,\r\n STORAGE_KEYS.state,\r\n getStorageKey('callback_processed'),\r\n getStorageKey('props_config'),\r\n getStorageKey('tenant_switched'),\r\n getStorageKey('new_tenant_key'),\r\n getStorageKey('preserved_tenant_key'),\r\n ];\r\n for (const key of keysToClear) removeStorage(key);\r\n}\r\n\r\nexport function clearAuthSessionStorage(): void {\r\n clearAuthStorage();\r\n}\r\n\r\nexport function clearAllCookies(): void {\r\n const runtime = getAuthRuntime();\r\n try {\r\n runtime?.clearCookies?.clearCookies();\r\n } catch {\r\n // Silent fail\r\n }\r\n}\r\n\r\nexport function clearAllStorage(): void {\r\n clearAuthStorage();\r\n clearAllCookies();\r\n}\r\n\r\nexport function getAccessToken(): string | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.accessToken ?? null;\r\n }\r\n return getStorage(STORAGE_KEYS.accessToken);\r\n}\r\n\r\nexport function getRefreshToken(): string | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.refreshToken ?? null;\r\n }\r\n return getStorage(STORAGE_KEYS.refreshToken);\r\n}\r\n\r\nexport function getExpiresAt(): number | null {\r\n const adapter = getStorageAdapter();\r\n if (adapter?.getTokensSync) {\r\n const t = adapter.getTokensSync();\r\n return t?.expiresAt ?? null;\r\n }\r\n const expiresAt = getStorage(STORAGE_KEYS.expiresAt);\r\n if (!expiresAt) return null;\r\n const timestamp = parseInt(expiresAt, 10);\r\n return isNaN(timestamp) ? null : timestamp;\r\n}\r\n\r\nexport function isAccessTokenExpired(): boolean {\r\n const expiresAt = getExpiresAt();\r\n if (!expiresAt) return true;\r\n const buffer = 60 * 1000;\r\n return Date.now() >= expiresAt - buffer;\r\n}\r\n\r\nexport function getCodeVerifier(): string | null {\r\n return getStorage(STORAGE_KEYS.codeVerifier);\r\n}\r\nexport function getState(): string | null {\r\n return getStorage(STORAGE_KEYS.state);\r\n}\r\nexport function getTenantKey(): string | null {\r\n return getStorage(STORAGE_KEYS.tenantKey);\r\n}\r\nexport function setTenantKey(tenantKey: string): void {\r\n setStorage(STORAGE_KEYS.tenantKey, tenantKey);\r\n}\r\n","/**\r\n * Logger utility for consistent logging across the plugin\r\n */\r\n\r\ntype LogLevel = 'info' | 'warn' | 'error' | 'debug';\r\n\r\n/**\r\n * Checks if we're in development mode (localhost/local network)\r\n */\r\nfunction isDev(): boolean {\r\n if (typeof window === 'undefined') {\r\n return false;\r\n }\r\n const hostname = window.location.hostname;\r\n return (\r\n hostname === 'localhost' ||\r\n hostname === '127.0.0.1' ||\r\n hostname === '[::1]' ||\r\n hostname.startsWith('192.168.') ||\r\n hostname.startsWith('10.') ||\r\n hostname.endsWith('.local')\r\n );\r\n}\r\n\r\nclass Logger {\r\n private prefix = '[tenneo-auth-gateway-plugin]';\r\n\r\n private log(level: LogLevel, message: string, data?: unknown): void {\r\n const timestamp = new Date().toISOString();\r\n const logMessage = `${this.prefix} [${timestamp}] [${level.toUpperCase()}] ${message}`;\r\n\r\n switch (level) {\r\n case 'info':\r\n console.log(logMessage, data || '');\r\n break;\r\n case 'warn':\r\n console.warn(logMessage, data || '');\r\n break;\r\n case 'error':\r\n console.error(logMessage, data || '');\r\n break;\r\n case 'debug':\r\n if (isDev()) {\r\n console.debug(logMessage, data || '');\r\n }\r\n break;\r\n }\r\n }\r\n\r\n info(message: string, data?: unknown): void {\r\n this.log('info', message, data);\r\n }\r\n\r\n warn(message: string, data?: unknown): void {\r\n this.log('warn', message, data);\r\n }\r\n\r\n error(message: string, data?: unknown): void {\r\n this.log('error', message, data);\r\n }\r\n\r\n debug(message: string, data?: unknown): void {\r\n this.log('debug', message, data);\r\n }\r\n}\r\n\r\nexport const logger = new Logger();\r\n\r\n","/**\r\n * Host-aware config resolution: memory → host bridge (window / provider) → storage cache (fallback).\r\n * Does not import application/storage barrel to avoid circular deps — uses storage/kv only.\r\n */\r\n\r\nimport type { HostConfigOverride, SDKConfig, ResolvedConfig } from './types';\r\nimport { getStorage, setStorage } from '../infrastructure/storage/kv';\r\nimport { getStorageKey } from '../infrastructure/storage/prefix';\r\nimport { logger } from '../utils/logger';\r\n\r\nexport type ConfigLayerSource = 'override' | 'memory' | 'host_bridge' | 'storage_cache';\r\n\r\ndeclare global {\r\n interface Window {\r\n /** Optional host-injected auth config (runtime). Lowest priority vs setConfig memory, above storage cache. */\r\n __TENNEO_AUTH_HOST__?: Partial<SDKConfig>;\r\n }\r\n}\r\n\r\nlet inMemoryConfig: SDKConfig = {};\r\n\r\n/** Imperative host hook (e.g. non-React shell). Merged after window, before memory. */\r\nlet hostConfigProvider: (() => Partial<SDKConfig> | null | undefined) | null = null;\r\n\r\nconst CACHE_MARKER = '__tenneo_host_config_cache';\r\nconst CACHE_AT = '__tenneo_host_config_cache_at';\r\n\r\nexport function setConfig(overrides: HostConfigOverride): void {\r\n inMemoryConfig = { ...inMemoryConfig, ...overrides };\r\n}\r\n\r\nexport function clearConfigOverrides(): void {\r\n inMemoryConfig = {};\r\n}\r\n\r\nexport function setHostConfigProvider(\r\n fn: (() => Partial<SDKConfig> | null | undefined) | null\r\n): void {\r\n hostConfigProvider = fn;\r\n}\r\n\r\nfunction readHostBridge(): SDKConfig {\r\n const out: SDKConfig = {};\r\n try {\r\n if (typeof window !== 'undefined' && window.__TENNEO_AUTH_HOST__) {\r\n Object.assign(out, window.__TENNEO_AUTH_HOST__);\r\n }\r\n } catch {\r\n // ignore\r\n }\r\n try {\r\n const fromProvider = hostConfigProvider?.();\r\n if (fromProvider && typeof fromProvider === 'object') {\r\n Object.assign(out, fromProvider);\r\n }\r\n } catch (e) {\r\n logger.warn('[config] hostConfigProvider threw', {\r\n error: e instanceof Error ? e.message : String(e),\r\n });\r\n }\r\n return out;\r\n}\r\n\r\nfunction readStorageConfigCache(): SDKConfig {\r\n try {\r\n const raw = getStorage(getStorageKey('host_config'));\r\n if (!raw) return {};\r\n const parsed = JSON.parse(raw) as Record<string, unknown>;\r\n if (!parsed || typeof parsed !== 'object') return {};\r\n const { [CACHE_MARKER]: _m, [CACHE_AT]: _t, ...rest } = parsed;\r\n // Backward compatibility / API payloads that used snake_case in JSON\r\n if (!rest.clientId && typeof rest.client_id === 'string' && rest.client_id.trim()) {\r\n rest.clientId = rest.client_id.trim();\r\n }\r\n return rest as SDKConfig;\r\n } catch {\r\n return {};\r\n }\r\n}\r\n\r\n/**\r\n * Merge order (later wins): storage cache → host bridge → memory → overrides.\r\n * So: runtime memory is authoritative; storage is only a bootstrap fallback.\r\n */\r\nexport function resolveSDKConfig(overrides?: HostConfigOverride): SDKConfig {\r\n const stored = readStorageConfigCache();\r\n const bridge = readHostBridge();\r\n return {\r\n ...stored,\r\n ...bridge,\r\n ...inMemoryConfig,\r\n ...(overrides ?? {}),\r\n };\r\n}\r\n\r\nexport interface FieldSourceMap {\r\n tenantCode?: ConfigLayerSource;\r\n tenantKey?: ConfigLayerSource;\r\n apiBaseUrl?: ConfigLayerSource;\r\n authServerUrl?: ConfigLayerSource;\r\n callbackUrl?: ConfigLayerSource;\r\n clientCode?: ConfigLayerSource;\r\n clientId?: ConfigLayerSource;\r\n tenantId?: ConfigLayerSource;\r\n appId?: ConfigLayerSource;\r\n}\r\n\r\nfunction nonEmptyString(v: unknown): string | undefined {\r\n if (v == null) return undefined;\r\n const s = String(v).trim();\r\n return s || undefined;\r\n}\r\n\r\n/**\r\n * Per-field source for debugging (first layer that supplied a non-empty value).\r\n */\r\nexport function getConfigFieldSources(overrides?: HostConfigOverride): FieldSourceMap {\r\n const stored = readStorageConfigCache();\r\n const bridge = readHostBridge();\r\n const layers: { src: ConfigLayerSource; cfg: SDKConfig }[] = [\r\n { src: 'storage_cache', cfg: stored },\r\n { src: 'host_bridge', cfg: bridge },\r\n { src: 'memory', cfg: inMemoryConfig },\r\n ];\r\n if (overrides && Object.keys(overrides).length) {\r\n layers.push({ src: 'override', cfg: overrides });\r\n }\r\n\r\n const pick = (key: keyof SDKConfig): ConfigLayerSource | undefined => {\r\n for (let i = layers.length - 1; i >= 0; i--) {\r\n const v = nonEmptyString(layers[i].cfg[key]);\r\n if (v !== undefined) return layers[i].src;\r\n }\r\n return undefined;\r\n };\r\n\r\n return {\r\n tenantCode: pick('tenantCode') ?? pick('tenantKey'),\r\n tenantKey: pick('tenantKey') ?? pick('tenantCode'),\r\n apiBaseUrl: pick('apiBaseUrl'),\r\n authServerUrl: pick('authServerUrl'),\r\n callbackUrl: pick('callbackUrl'),\r\n clientCode: pick('clientCode'),\r\n clientId: pick('clientId'),\r\n tenantId: pick('tenantId'),\r\n appId: pick('appId'),\r\n };\r\n}\r\n\r\nexport function getEffectiveTenantCode(overrides?: HostConfigOverride): string {\r\n const cfg = resolveSDKConfig(overrides);\r\n const t =\r\n nonEmptyString(cfg.tenantCode) ??\r\n nonEmptyString(cfg.tenantKey) ??\r\n nonEmptyString(cfg.clientCode) ??\r\n '';\r\n return t;\r\n}\r\n\r\n/** @alias getEffectiveTenantCode — tenant_key / tenant_code / clientCode from resolved config */\r\nexport const getEffectiveTenantKey = getEffectiveTenantCode;\r\n\r\nfunction trim(v: unknown): string {\r\n return v == null ? '' : String(v).trim();\r\n}\r\n\r\nexport function toResolvedConfig(cfg: SDKConfig): ResolvedConfig {\r\n const merged = { ...cfg };\r\n if (!merged.tenantCode && merged.tenantKey) {\r\n merged.tenantCode = merged.tenantKey;\r\n }\r\n const clientId = trim(merged.clientId) || trim(merged.clientCode);\r\n\r\n return {\r\n apiBaseUrl: trim(merged.apiBaseUrl),\r\n authServerUrl: trim(merged.authServerUrl),\r\n callbackUrl: trim(merged.callbackUrl) || trim(merged.redirectUri),\r\n clientCode: trim(merged.clientCode),\r\n tenantCode: trim(merged.tenantCode),\r\n appId: trim(merged.appId),\r\n clientId,\r\n tenantId: trim(merged.tenantId),\r\n };\r\n}\r\n\r\nexport interface GetAuthConfigOptions {\r\n /** When true, throws if required OAuth / tenant fields are missing. */\r\n strict?: boolean;\r\n overrides?: HostConfigOverride;\r\n}\r\n\r\nexport class AuthConfigError extends Error {\r\n readonly code = 'AUTH_CONFIG_MISSING';\r\n readonly missing: string[];\r\n constructor(missing: string[], message?: string) {\r\n super(\r\n message ??\r\n `[tenneo-auth] Missing required auth configuration: ${missing.join(', ')}. ` +\r\n 'Provide authServerUrl, callbackUrl (redirectUri), and tenant_key/tenant_code via AuthProvider/initPlugin or window.__TENNEO_AUTH_HOST__.'\r\n );\r\n this.name = 'AuthConfigError';\r\n this.missing = missing;\r\n }\r\n}\r\n\r\nexport function resolveConfig(overrides?: HostConfigOverride): ResolvedConfig {\r\n return toResolvedConfig(resolveSDKConfig(overrides));\r\n}\r\n\r\nexport function getAuthConfig(options?: GetAuthConfigOptions): ResolvedConfig {\r\n const resolved = toResolvedConfig(resolveSDKConfig(options?.overrides));\r\n if (options?.strict) {\r\n const missing: string[] = [];\r\n if (!resolved.authServerUrl) missing.push('authServerUrl');\r\n if (!resolved.callbackUrl) missing.push('callbackUrl');\r\n if (!resolved.tenantCode) missing.push('tenantCode|tenantKey');\r\n if (missing.length) throw new AuthConfigError(missing);\r\n }\r\n return resolved;\r\n}\r\n\r\n/**\r\n * Persist a non-authoritative copy for early readers (bootstrap before React).\r\n * Never use as sole source of truth — memory/host win at resolve time.\r\n */\r\n/**\r\n * After logout or host-driven updates: persist a cache snapshot from current resolved SDK config (non-empty fields only).\r\n */\r\nexport function syncHostConfigCacheFromMemory(): void {\r\n const c = resolveSDKConfig();\r\n const patch: HostConfigOverride = {};\r\n const keys = [\r\n 'apiBaseUrl',\r\n 'authServerUrl',\r\n 'callbackUrl',\r\n 'redirectUri',\r\n 'tenantCode',\r\n 'tenantKey',\r\n 'clientCode',\r\n 'clientId',\r\n 'tenantId',\r\n 'appId',\r\n 'basePath',\r\n ] as const;\r\n for (const k of keys) {\r\n const v = c[k];\r\n if (v != null && String(v).trim()) {\r\n (patch as Record<string, string>)[k] = String(v).trim();\r\n }\r\n }\r\n if (Object.keys(patch).length) writeHostConfigCache(patch);\r\n}\r\n\r\nexport function writeHostConfigCache(partial: HostConfigOverride): void {\r\n try {\r\n const key = getStorageKey('host_config');\r\n const raw = getStorage(key);\r\n let existing: Record<string, unknown> = {};\r\n try {\r\n if (raw) existing = JSON.parse(raw) as Record<string, unknown>;\r\n } catch {\r\n existing = {};\r\n }\r\n const next = {\r\n ...existing,\r\n ...partial,\r\n [CACHE_MARKER]: true,\r\n [CACHE_AT]: new Date().toISOString(),\r\n };\r\n setStorage(key, JSON.stringify(next));\r\n logger.debug('[config] host_config cache updated (non-authoritative)', {\r\n keys: Object.keys(partial),\r\n });\r\n } catch (e) {\r\n logger.warn('[config] Failed to write host_config cache', {\r\n error: e instanceof Error ? e.message : String(e),\r\n });\r\n }\r\n}\r\n\r\n/**\r\n * Host entrypoint: merge into memory and optionally refresh storage cache.\r\n */\r\nexport function initPlugin(config: HostConfigOverride, opts?: { syncStorageCache?: boolean }): void {\r\n setConfig(config);\r\n logger.info('[config] initPlugin — runtime config updated', {\r\n syncStorageCache: opts?.syncStorageCache !== false,\r\n tenantCode: config.tenantCode ?? config.tenantKey ?? '(none)',\r\n });\r\n if (opts?.syncStorageCache !== false) {\r\n writeHostConfigCache(config);\r\n }\r\n}\r\n\r\nexport function logConfigResolutionDebug(context: string, overrides?: HostConfigOverride): void {\r\n const sources = getConfigFieldSources(overrides);\r\n logger.debug(`[config] ${context}`, {\r\n fieldSources: sources,\r\n effectiveTenantCode: getEffectiveTenantCode(overrides) || '(empty)',\r\n hasAuthServerUrl: !!resolveSDKConfig(overrides).authServerUrl,\r\n hasCallbackUrl: !!resolveSDKConfig(overrides).callbackUrl,\r\n });\r\n}\r\n","/**\r\n * OAuth-related config readers backed by full config resolution (memory → host → cache).\r\n * Re-exported from infrastructure/storage for backward compatibility.\r\n */\r\n\r\nimport { resolveSDKConfig } from './resolver-core';\r\n\r\nfunction trim(v: unknown): string | null {\r\n if (v == null) return null;\r\n const s = String(v).trim();\r\n return s || null;\r\n}\r\n\r\n/**\r\n * Token endpoint uses `public-${clientId}`; stored values may already include `public-`\r\n * (e.g. only clientCode persisted). Strip one `public-` prefix so we never send `public-public-...`.\r\n */\r\nfunction oauthClientIdForTokenRequest(raw: string | null): string | null {\r\n if (!raw) return null;\r\n let s = raw.trim();\r\n if (!s) return null;\r\n if (s.toLowerCase().startsWith('public-')) {\r\n s = s.slice('public-'.length).trim();\r\n }\r\n return s || null;\r\n}\r\n\r\n/** Full resolution: memory → host bridge → storage cache (OAuth / API fields). */\r\nexport function getAuthServerUrl(): string | null {\r\n return trim(resolveSDKConfig().authServerUrl);\r\n}\r\n\r\nexport function getClientId(): string | null {\r\n const c = resolveSDKConfig();\r\n const fromId = oauthClientIdForTokenRequest(trim(c.clientId));\r\n if (fromId) return fromId;\r\n return oauthClientIdForTokenRequest(trim(c.clientCode));\r\n}\r\n\r\n/** Use when reading client id from tenant API / recovery path (same rules as getClientId). */\r\nexport function normalizeClientIdForOAuthTokenBody(raw: string | null | undefined): string | null {\r\n return oauthClientIdForTokenRequest(trim(raw));\r\n}\r\n\r\nexport function getRedirectUri(): string | null {\r\n const c = resolveSDKConfig();\r\n return trim(c.callbackUrl) ?? trim(c.redirectUri);\r\n}\r\n\r\nexport function getTenantId(): string | null {\r\n return trim(resolveSDKConfig().tenantId);\r\n}\r\n","/**\r\n * Security and error utilities for authentication.\r\n * Domain layer: sanitized errors and HTTPS enforcement.\r\n */\r\n\r\nimport { logger } from '../utils/logger';\r\n\r\nfunction isLocalhostHostname(hostname: string): boolean {\r\n return hostname === 'localhost' || hostname === '127.0.0.1' ||\r\n hostname.startsWith('192.168.') || hostname.startsWith('10.') || hostname.startsWith('172.16.');\r\n}\r\n\r\nfunction isDev(): boolean {\r\n if (typeof window === 'undefined') return false;\r\n return isLocalhostHostname(window.location.hostname);\r\n}\r\n\r\nexport function enforceHttps(allowLocalhost: boolean = true): void {\r\n if (typeof window === 'undefined') return;\r\n\r\n const isLocalhostWindow = window.location.hostname === 'localhost' ||\r\n window.location.hostname === '127.0.0.1' ||\r\n window.location.hostname.startsWith('192.168.') ||\r\n window.location.hostname.startsWith('10.') ||\r\n window.location.hostname.startsWith('172.16.');\r\n\r\n const isHttps = window.location.protocol === 'https:';\r\n const isHttp = window.location.protocol === 'http:';\r\n\r\n if (allowLocalhost && isLocalhostWindow && isHttp) {\r\n logger.debug('HTTP allowed on localhost for development');\r\n return;\r\n }\r\n\r\n if (isHttp && !isLocalhostWindow) {\r\n const error = new Error('HTTPS is required for authentication. Please use HTTPS to access this application.');\r\n logger.error('HTTPS enforcement failed', {\r\n protocol: window.location.protocol,\r\n hostname: window.location.hostname,\r\n });\r\n throw error;\r\n }\r\n\r\n logger.debug('HTTPS check passed', { protocol: window.location.protocol });\r\n}\r\n\r\nexport function sanitizeErrorMessage(error: unknown, genericMessage: string): string {\r\n if (isDev()) {\r\n if (error instanceof Error) return error.message;\r\n return String(error);\r\n }\r\n return genericMessage;\r\n}\r\n\r\nexport class SanitizedError extends Error {\r\n public readonly code: string;\r\n public readonly originalMessage?: string;\r\n\r\n constructor(code: string, genericMessage: string, originalError?: unknown) {\r\n super(genericMessage);\r\n this.name = 'SanitizedError';\r\n this.code = code;\r\n if (isDev() && originalError instanceof Error) {\r\n this.originalMessage = originalError.message;\r\n }\r\n }\r\n}\r\n","/**\r\n * Auth lifecycle state machine (domain layer).\r\n * Pure: no I/O, no infrastructure. Used by application to decide which flow to run.\r\n */\r\n\r\nimport type { UrlLike } from './tenant';\r\n\r\n/** Storage reader: (keySuffix) => value. Used for persistence-critical flags only. */\r\nexport type StorageReader = (keySuffix: string) => string | null;\r\n\r\nexport enum AuthLifecycleState {\r\n INITIALIZING = 'INITIALIZING',\r\n PROCESSING_CALLBACK = 'PROCESSING_CALLBACK',\r\n AUTHENTICATED = 'AUTHENTICATED',\r\n TOKEN_EXPIRED = 'TOKEN_EXPIRED',\r\n TENANT_SWITCH = 'TENANT_SWITCH',\r\n LOGIN_REQUIRED = 'LOGIN_REQUIRED',\r\n LOGGED_OUT = 'LOGGED_OUT',\r\n ERROR = 'ERROR',\r\n}\r\n\r\nexport interface ResolveStateInput {\r\n url: UrlLike;\r\n getStorage: StorageReader;\r\n isCallbackUrl: (url: UrlLike) => boolean;\r\n hasValidToken: boolean;\r\n hasToken: boolean;\r\n hasRefreshToken: boolean;\r\n isTokenExpired: boolean;\r\n}\r\n\r\n/**\r\n * Resolves the current auth lifecycle state from URL, storage flags, and token state.\r\n * Pure function: no side effects, no async.\r\n */\r\nexport function resolveAuthLifecycleState(input: ResolveStateInput): AuthLifecycleState {\r\n const {\r\n url,\r\n getStorage,\r\n isCallbackUrl,\r\n hasValidToken,\r\n hasToken,\r\n hasRefreshToken,\r\n isTokenExpired,\r\n } = input;\r\n\r\n const callbackProcessed = getStorage('callback_processed') === 'true';\r\n const tenantSwitched = getStorage('tenant_switched') === 'true';\r\n\r\n if (isCallbackUrl(url)) return AuthLifecycleState.PROCESSING_CALLBACK;\r\n if (hasValidToken) return AuthLifecycleState.AUTHENTICATED;\r\n if (callbackProcessed && !hasToken) return AuthLifecycleState.LOGIN_REQUIRED;\r\n if (hasToken && isTokenExpired && hasRefreshToken) return AuthLifecycleState.TOKEN_EXPIRED;\r\n if (hasToken && isTokenExpired && !hasRefreshToken) return AuthLifecycleState.LOGIN_REQUIRED;\r\n if (tenantSwitched) return AuthLifecycleState.TENANT_SWITCH;\r\n\r\n return AuthLifecycleState.LOGIN_REQUIRED;\r\n}\r\n","/**\r\n * In-memory runtime state for bootstrap and flow control.\r\n * Single source of truth for bootstrap_in_progress, callback_processing, flow_in_progress.\r\n * Re-exports flow-flag API for internal use (replaces utils/flow-flags).\r\n */\r\n\r\nconst BOOTSTRAP_STALE_MS = 5000;\r\n\r\nlet bootstrapInProgress = false;\r\nlet bootstrapTimestamp = 0;\r\n\r\nlet callbackProcessing = false;\r\n\r\nlet flowInProgress = false;\r\nlet flowTimestamp = 0;\r\n\r\nexport function isBootstrapInProgress(): boolean {\r\n if (!bootstrapInProgress) return false;\r\n if (!bootstrapTimestamp) return true;\r\n return Date.now() - bootstrapTimestamp < BOOTSTRAP_STALE_MS;\r\n}\r\n\r\nexport function setBootstrapInProgress(): void {\r\n bootstrapInProgress = true;\r\n bootstrapTimestamp = Date.now();\r\n}\r\n\r\nexport function clearBootstrapInProgress(): void {\r\n bootstrapInProgress = false;\r\n bootstrapTimestamp = 0;\r\n}\r\n\r\nexport function isCallbackProcessing(): boolean {\r\n return callbackProcessing;\r\n}\r\n\r\nexport function setCallbackProcessing(): void {\r\n callbackProcessing = true;\r\n}\r\n\r\nexport function clearCallbackProcessing(): void {\r\n callbackProcessing = false;\r\n}\r\n\r\nexport function isFlowInProgress(): boolean {\r\n return flowInProgress;\r\n}\r\n\r\nexport function getFlowTimestamp(): number | null {\r\n return flowTimestamp || null;\r\n}\r\n\r\nexport function setFlowInProgress(): void {\r\n flowInProgress = true;\r\n flowTimestamp = Date.now();\r\n}\r\n\r\nexport function clearFlowInProgress(): void {\r\n flowInProgress = false;\r\n flowTimestamp = 0;\r\n}\r\n\r\nexport function isFlowFlagStale(thresholdMs: number = 3000): boolean {\r\n if (!flowTimestamp) return true;\r\n return Date.now() - flowTimestamp > thresholdMs;\r\n}\r\n\r\n/** Flow-flag API (clear/set/query). Used by flows and strategy. */\r\nexport function clearFlowFlags(): void {\r\n clearFlowInProgress();\r\n}\r\n\r\nexport function setFlowFlags(): void {\r\n setFlowInProgress();\r\n}\r\n","/**\r\n * Structured auth event emitter for observability and audit.\r\n */\r\n\r\nexport const AuthEventNames = {\r\n LOGIN_STARTED: 'LOGIN_STARTED',\r\n LOGIN_SUCCESS: 'LOGIN_SUCCESS',\r\n LOGIN_FAILED: 'LOGIN_FAILED',\r\n CALLBACK_SUCCESS: 'CALLBACK_SUCCESS',\r\n CALLBACK_FAILED: 'CALLBACK_FAILED',\r\n TOKEN_REFRESH_SUCCESS: 'TOKEN_REFRESH_SUCCESS',\r\n TOKEN_REFRESH_FAILED: 'TOKEN_REFRESH_FAILED',\r\n TENANT_SWITCHED: 'TENANT_SWITCHED',\r\n LOGOUT_COMPLETED: 'LOGOUT_COMPLETED',\r\n BOOTSTRAP_STATE_DETECTED: 'BOOTSTRAP_STATE_DETECTED',\r\n REDIRECT_LOOP_RISK: 'REDIRECT_LOOP_RISK',\r\n} as const;\r\n\r\nexport type AuthEventName = (typeof AuthEventNames)[keyof typeof AuthEventNames];\r\n\r\nexport interface AuthEventPayload {\r\n state?: string;\r\n tenantKey?: string;\r\n error?: string;\r\n message?: string;\r\n [key: string]: unknown;\r\n}\r\n\r\nexport type AuthEventHandler = (payload?: AuthEventPayload) => void;\r\n\r\ntype ListenerMap = Map<AuthEventName | '*', Set<AuthEventHandler>>;\r\n\r\nlet listeners: ListenerMap = new Map();\r\n\r\nfunction getHandlers(event: AuthEventName): Set<AuthEventHandler> {\r\n let set = listeners.get(event);\r\n if (!set) {\r\n set = new Set();\r\n listeners.set(event, set);\r\n }\r\n return set;\r\n}\r\n\r\nfunction getWildcardHandlers(): Set<AuthEventHandler> {\r\n let set = listeners.get('*');\r\n if (!set) {\r\n set = new Set();\r\n listeners.set('*', set);\r\n }\r\n return set;\r\n}\r\n\r\nexport function emitAuthEvent(event: AuthEventName, payload?: AuthEventPayload): void {\r\n const handlers = getHandlers(event);\r\n const wildcard = getWildcardHandlers();\r\n const p = payload ?? {};\r\n handlers.forEach((fn) => {\r\n try {\r\n fn(p);\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n wildcard.forEach((fn) => {\r\n try {\r\n fn({ ...p, event });\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n}\r\n\r\nexport function subscribeAuthEvent(\r\n event: AuthEventName | '*',\r\n handler: AuthEventHandler\r\n): () => void {\r\n const set = event === '*' ? getWildcardHandlers() : getHandlers(event);\r\n set.add(handler);\r\n return () => set.delete(handler);\r\n}\r\n\r\nexport function resetAuthEventListeners(): void {\r\n listeners = new Map();\r\n}\r\n","/**\r\n * OAuth constants and storage keys. No config resolution — pure constants.\r\n */\r\n\r\nexport const OAUTH_CONSTANTS = {\r\n SCOPES: 'openid profile email',\r\n RESPONSE_TYPE: 'code',\r\n CODE_CHALLENGE_METHOD: 'S256',\r\n TOKEN_GRANT_TYPE: 'authorization_code',\r\n REFRESH_GRANT_TYPE: 'refresh_token',\r\n} as const;\r\n\r\nexport const STORAGE_KEY_PREFIX = 'tenneo_auth_';\r\n\r\nexport const STORAGE_KEYS = {\r\n authServerUrl: `${STORAGE_KEY_PREFIX}auth_server_url`,\r\n clientId: `${STORAGE_KEY_PREFIX}client_id`,\r\n redirectUri: `${STORAGE_KEY_PREFIX}redirect_uri`,\r\n tenantId: `${STORAGE_KEY_PREFIX}tenant_id`,\r\n codeVerifier: `${STORAGE_KEY_PREFIX}code_verifier`,\r\n state: `${STORAGE_KEY_PREFIX}state`,\r\n accessToken: `${STORAGE_KEY_PREFIX}access_token`,\r\n refreshToken: `${STORAGE_KEY_PREFIX}refresh_token`,\r\n expiresAt: `${STORAGE_KEY_PREFIX}expires_at`,\r\n} as const;\r\n\r\nexport const DEFAULT_SCOPES = OAUTH_CONSTANTS.SCOPES;\r\nexport const DEFAULT_RESPONSE_TYPE = OAUTH_CONSTANTS.RESPONSE_TYPE;\r\nexport const DEFAULT_CODE_CHALLENGE_METHOD = OAUTH_CONSTANTS.CODE_CHALLENGE_METHOD;\r\nexport const DEFAULT_TOKEN_GRANT_TYPE = OAUTH_CONSTANTS.TOKEN_GRANT_TYPE;\r\nexport const DEFAULT_REFRESH_GRANT_TYPE = OAUTH_CONSTANTS.REFRESH_GRANT_TYPE;\r\n","/**\r\n * Host-driven auth configuration.\r\n *\r\n * Resolution priority (later spread wins — highest priority last):\r\n * storage cache → host bridge → in-memory → explicit overrides.\r\n * Effective authority: runtime memory / host injection; storage is cache-only fallback.\r\n */\r\n\r\nimport type { HostConfigOverride, ResolvedConfig } from './types';\r\nimport { OAUTH_CONSTANTS, STORAGE_KEYS, STORAGE_KEY_PREFIX } from './constants';\r\nimport {\r\n AuthConfigError,\r\n resolveSDKConfig,\r\n resolveConfig,\r\n getAuthConfig as getAuthConfigInternal,\r\n getConfigFieldSources,\r\n getEffectiveTenantCode,\r\n getEffectiveTenantKey,\r\n setConfig,\r\n clearConfigOverrides,\r\n setHostConfigProvider,\r\n writeHostConfigCache,\r\n syncHostConfigCacheFromMemory,\r\n initPlugin,\r\n logConfigResolutionDebug,\r\n} from './resolver-core';\r\n\r\nexport type { SDKConfig, ResolvedConfig, HostConfigOverride, ResolvedHostConfig } from './types';\r\nexport {\r\n OAUTH_CONSTANTS,\r\n STORAGE_KEYS,\r\n STORAGE_KEY_PREFIX,\r\n DEFAULT_SCOPES,\r\n DEFAULT_RESPONSE_TYPE,\r\n DEFAULT_CODE_CHALLENGE_METHOD,\r\n DEFAULT_TOKEN_GRANT_TYPE,\r\n DEFAULT_REFRESH_GRANT_TYPE,\r\n} from './constants';\r\n\r\nexport type { ConfigLayerSource, FieldSourceMap, GetAuthConfigOptions } from './resolver-core';\r\nexport {\r\n AuthConfigError,\r\n resolveSDKConfig,\r\n resolveConfig,\r\n getConfigFieldSources,\r\n getEffectiveTenantCode,\r\n getEffectiveTenantKey,\r\n setConfig,\r\n clearConfigOverrides,\r\n setHostConfigProvider,\r\n writeHostConfigCache,\r\n syncHostConfigCacheFromMemory,\r\n initPlugin,\r\n logConfigResolutionDebug,\r\n};\r\n\r\n/** Resolved config; pass `{ strict: true }` to fail fast if OAuth fields are missing. */\r\nexport function getAuthConfig(options?: import('./resolver-core').GetAuthConfigOptions): ResolvedConfig {\r\n return getAuthConfigInternal(options);\r\n}\r\n\r\n/** Fail fast when authServerUrl, callbackUrl, or tenant are missing. */\r\nexport function requireAuthConfig(overrides?: HostConfigOverride): ResolvedConfig {\r\n return getAuthConfigInternal({ strict: true, overrides });\r\n}\r\n\r\nexport function getConfig(): ResolvedConfig {\r\n return resolveConfig();\r\n}\r\n\r\nexport function getRedirectUri(): string {\r\n const cfg = resolveConfig();\r\n if (cfg.callbackUrl) return cfg.callbackUrl;\r\n if (typeof window !== 'undefined') return `${window.location.origin}/callback`;\r\n return '';\r\n}\r\n\r\nexport function hasRuntimeConfig(): boolean {\r\n const c = resolveConfig();\r\n return !!(c.apiBaseUrl || c.authServerUrl || c.callbackUrl || c.clientCode || c.tenantCode);\r\n}\r\n\r\nexport const Config = {\r\n getApiBaseUrl(): string {\r\n return resolveConfig().apiBaseUrl;\r\n },\r\n\r\n getAuthServerUrl(): string {\r\n return resolveConfig().authServerUrl;\r\n },\r\n\r\n getClientCode(): string {\r\n return resolveConfig().clientCode;\r\n },\r\n\r\n getRedirectUri(): string {\r\n return getRedirectUri();\r\n },\r\n\r\n getAll(): ResolvedConfig {\r\n return resolveConfig();\r\n },\r\n} as const;\r\n\r\n/**\r\n * Apply tenant switch in runtime config (memory + optional cache). Does not read stale snapshots.\r\n */\r\nexport function applyRuntimeTenantSwitch(tenantKey: string, opts?: { syncStorageCache?: boolean }): void {\r\n const t = tenantKey.trim();\r\n if (!t) return;\r\n setConfig({ tenantCode: t, tenantKey: t });\r\n logConfigResolutionDebug('applyRuntimeTenantSwitch', { tenantCode: t, tenantKey: t });\r\n if (opts?.syncStorageCache !== false) {\r\n writeHostConfigCache({ tenantCode: t, tenantKey: t });\r\n }\r\n}\r\n","/**\r\n * Tenant config cache with TTL and in-flight request deduplication.\r\n */\r\n\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { logger } from '../../utils/logger';\r\n\r\nconst DEFAULT_TTL_MS = 5 * 60 * 1000; // 5 minutes\r\n\r\nexport type TenantConfigResolver = (tenantKey: string) => Promise<TenantConfig | null>;\r\n\r\ninterface CacheEntry {\r\n config: TenantConfig;\r\n expiresAt: number;\r\n}\r\n\r\nexport class TenantConfigCache {\r\n private readonly cache = new Map<string, CacheEntry>();\r\n private readonly inFlight = new Map<string, Promise<TenantConfig | null>>();\r\n private readonly ttlMs: number;\r\n\r\n constructor(ttlMs: number = DEFAULT_TTL_MS) {\r\n this.ttlMs = ttlMs;\r\n }\r\n\r\n get(tenantKey: string): TenantConfig | null {\r\n const entry = this.cache.get(tenantKey);\r\n if (!entry) return null;\r\n if (Date.now() >= entry.expiresAt) {\r\n this.cache.delete(tenantKey);\r\n return null;\r\n }\r\n return entry.config;\r\n }\r\n\r\n set(tenantKey: string, config: TenantConfig): void {\r\n this.cache.set(tenantKey, {\r\n config,\r\n expiresAt: Date.now() + this.ttlMs,\r\n });\r\n }\r\n\r\n invalidate(tenantKey?: string): void {\r\n if (tenantKey) {\r\n this.cache.delete(tenantKey);\r\n this.inFlight.delete(tenantKey);\r\n } else {\r\n this.cache.clear();\r\n this.inFlight.clear();\r\n }\r\n }\r\n\r\n async getOrResolve(\r\n tenantKey: string,\r\n resolver: TenantConfigResolver\r\n ): Promise<TenantConfig | null> {\r\n if (!tenantKey || !tenantKey.trim()) return null;\r\n\r\n const key = tenantKey.trim();\r\n const cached = this.get(key);\r\n if (cached) {\r\n logger.debug('Tenant config from cache', { tenantKey: key });\r\n return cached;\r\n }\r\n\r\n const existing = this.inFlight.get(key);\r\n if (existing) {\r\n logger.debug('Tenant resolution reused (in-flight)', { tenantKey: key });\r\n return existing;\r\n }\r\n\r\n const promise = (async (): Promise<TenantConfig | null> => {\r\n try {\r\n const config = await resolver(key);\r\n if (config) this.set(key, config);\r\n return config;\r\n } finally {\r\n this.inFlight.delete(key);\r\n }\r\n })();\r\n\r\n this.inFlight.set(key, promise);\r\n return promise;\r\n }\r\n}\r\n","/**\r\n * Tenant resolution helpers: API + ENV fallback + props merge.\r\n * Uses TenantConfigCache for TTL and deduplication.\r\n *\r\n * Tenant key order: transient props_config → effective runtime/host config (memory/bridge/cache).\r\n */\r\n\r\nimport { getStorage, removeStorage, getStorageKey } from '../storage/index';\r\nimport { logger } from '../../utils/logger';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport type { TenantResolver } from '../runtime/types';\r\nimport { TenantConfigCache } from './TenantConfigCache';\r\nimport { getEffectiveTenantCode } from '../../config/resolver-core';\r\n\r\nconst defaultTenantConfigCache = new TenantConfigCache();\r\n\r\ninterface PropsConfigShape {\r\n tenantKey?: string;\r\n}\r\n\r\nfunction consumePropsConfig(): PropsConfigShape | null {\r\n const propsConfigKey = getStorageKey('props_config');\r\n try {\r\n const propsConfigStr = getStorage(propsConfigKey);\r\n if (!propsConfigStr) return null;\r\n const parsed = JSON.parse(propsConfigStr) as PropsConfigShape;\r\n return parsed && typeof parsed === 'object' ? parsed : null;\r\n } catch {\r\n return null;\r\n } finally {\r\n removeStorage(propsConfigKey);\r\n }\r\n}\r\n\r\nfunction validateTenantKey(value: unknown): string | null {\r\n if (typeof value !== 'string') return null;\r\n const trimmed = value.trim();\r\n return trimmed ? trimmed : null;\r\n}\r\n\r\nexport function resolveTenantKey(): string | null {\r\n const propsConfig = consumePropsConfig();\r\n const tenantFromProps = validateTenantKey(propsConfig?.tenantKey);\r\n if (tenantFromProps) {\r\n logger.debug('[tenant] Resolved tenant from props_config', { tenantKey: tenantFromProps });\r\n return tenantFromProps;\r\n }\r\n\r\n const fromHost = validateTenantKey(getEffectiveTenantCode());\r\n if (fromHost) {\r\n logger.debug('[tenant] Resolved tenant from host/runtime config', { tenantKey: fromHost });\r\n return fromHost;\r\n }\r\n\r\n logger.warn('[tenant] Unable to resolve tenant key (props + host/runtime empty)');\r\n return null;\r\n}\r\n\r\nexport async function resolveTenantConfig(\r\n tenantKey: string,\r\n tenantResolver: TenantResolver\r\n): Promise<TenantConfig | null> {\r\n const resolved = await tenantResolver.resolve(tenantKey);\r\n if (!resolved) return null;\r\n return { ...resolved, tenantKey };\r\n}\r\n\r\nexport async function resolveTenantConfigCached(\r\n tenantKey: string,\r\n tenantResolver: TenantResolver\r\n): Promise<TenantConfig | null> {\r\n return defaultTenantConfigCache.getOrResolve(tenantKey, (key) =>\r\n resolveTenantConfig(key, tenantResolver)\r\n );\r\n}\r\n\r\nexport function getTenantConfigCache(): TenantConfigCache {\r\n return defaultTenantConfigCache;\r\n}\r\n","/**\r\n * Runtime-backed facade for domain tenant/callback helpers.\r\n * Provides extractTenantKey(), isCallbackUrl(), isLocalhost() for public API and internal use.\r\n * Uses runtime when set; falls back to window for backward compatibility.\r\n */\r\n\r\nimport { getAuthRuntime } from '../infrastructure/runtime/context';\r\nimport { resolveTenantKey } from '../infrastructure/tenant/tenantResolution';\r\nimport {\r\n isLocalhost as domainIsLocalhost,\r\n isCallbackUrlFromUrl,\r\n} from '../domain/tenant';\r\n\r\nexport { isCallbackUrlFromUrl } from '../domain/tenant';\r\n\r\nexport function isLocalhost(): boolean {\r\n const runtime = getAuthRuntime();\r\n const hostname = runtime\r\n ? runtime.urlProvider.getCurrentUrl().hostname\r\n : (typeof window !== 'undefined' ? window.location.hostname : '');\r\n return domainIsLocalhost(hostname);\r\n}\r\n\r\nexport function extractTenantKey(): string | null {\r\n return resolveTenantKey();\r\n}\r\n\r\nexport function isCallbackUrl(): boolean {\r\n const runtime = getAuthRuntime();\r\n if (runtime) return isCallbackUrlFromUrl(runtime.urlProvider.getCurrentUrl());\r\n if (typeof window === 'undefined') return false;\r\n const params = new URLSearchParams(window.location.search);\r\n return params.has('code') && params.has('state');\r\n}\r\n","/**\r\n * OAuth2 PKCE token exchange and refresh.\r\n * Strategy-owned implementation; uses API_AUTH_BASE_URL only.\r\n */\r\n\r\nimport {\r\n setStorage,\r\n getStorageAdapter,\r\n removeStorage,\r\n STORAGE_KEYS,\r\n getRefreshToken,\r\n getClientId,\r\n getTenantId,\r\n isAccessTokenExpired,\r\n getAccessToken as getStoredAccessToken,\r\n} from '../../infrastructure/storage/index';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { Config, DEFAULT_TOKEN_GRANT_TYPE, DEFAULT_REFRESH_GRANT_TYPE } from '../../config';\r\nimport { logger } from '../../utils/logger';\r\nimport { isLocalhost } from '../../application/domain-facade';\r\nimport type { TokenResponse } from '../../domain/auth-state';\r\n\r\nexport interface ExchangeTokenParams {\r\n code: string;\r\n codeVerifier: string;\r\n clientId: string;\r\n redirectUri: string;\r\n tenantId: string;\r\n}\r\n\r\nfunction storeTokens(tokenData: TokenResponse): void {\r\n const expiresIn = tokenData.expires_in || 3600;\r\n const expiresAt = Date.now() + expiresIn * 1000;\r\n\r\n const adapter = getStorageAdapter();\r\n if (adapter?.setTokensSync) {\r\n adapter.setTokensSync({\r\n accessToken: tokenData.access_token,\r\n refreshToken: tokenData.refresh_token,\r\n expiresAt,\r\n });\r\n }\r\n setStorage(STORAGE_KEYS.accessToken, tokenData.access_token);\r\n setStorage(STORAGE_KEYS.refreshToken, tokenData.refresh_token);\r\n setStorage(STORAGE_KEYS.expiresAt, expiresAt.toString());\r\n\r\n if (isLocalhost()) {\r\n logger.debug('Tokens stored successfully', {\r\n expiresAt: new Date(expiresAt).toISOString(),\r\n expiresIn,\r\n });\r\n } else {\r\n logger.info('Tokens stored successfully');\r\n }\r\n}\r\n\r\nexport async function exchangeCodeForTokens(params: ExchangeTokenParams): Promise<TokenResponse> {\r\n try {\r\n const { code, codeVerifier, clientId, redirectUri } = params;\r\n const apiAuthBaseUrl = Config.getAuthServerUrl();\r\n const tokenUrl = `${apiAuthBaseUrl}/oauth/token`;\r\n\r\n const body = new URLSearchParams({\r\n grant_type: DEFAULT_TOKEN_GRANT_TYPE,\r\n code,\r\n client_id: `public-${clientId}`,\r\n redirect_uri: redirectUri,\r\n code_verifier: codeVerifier,\r\n });\r\n\r\n const response = await fetch(tokenUrl, {\r\n method: 'POST',\r\n headers: { 'Content-Type': 'application/x-www-form-urlencoded' },\r\n body: body.toString(),\r\n });\r\n\r\n if (!response.ok) {\r\n const responseData = await response.json().catch(() => ({}));\r\n logger.error('Token exchange failed', {\r\n status: response.status,\r\n statusText: response.statusText,\r\n responseData,\r\n requestUrl: tokenUrl,\r\n });\r\n throw new Error(\r\n `Token exchange failed: ${response.status} ${response.statusText}${Object.keys(responseData).length ? ` - ${JSON.stringify(responseData)}` : ''}`\r\n );\r\n }\r\n\r\n const tokenData = (await response.json()) as TokenResponse;\r\n\r\n if (!tokenData.access_token || !tokenData.refresh_token || !tokenData.expires_in) {\r\n logger.error('Invalid token response received');\r\n throw new Error('Invalid token response');\r\n }\r\n\r\n storeTokens(tokenData);\r\n return tokenData;\r\n } catch (error) {\r\n const isAborted = error instanceof Error && error.name === 'AbortError';\r\n if (isAborted) {\r\n logger.warn('Token exchange request canceled (likely due to navigation or component unmount)');\r\n const existingToken = getStoredAccessToken();\r\n if (existingToken && !isAccessTokenExpired()) {\r\n return {\r\n access_token: existingToken,\r\n refresh_token: getRefreshToken() || '',\r\n expires_in: 3600,\r\n } as TokenResponse;\r\n }\r\n throw new Error('Token exchange request was canceled');\r\n }\r\n logger.error('Token exchange failed', {\r\n message: error instanceof Error ? error.message : String(error),\r\n });\r\n throw error;\r\n }\r\n}\r\n\r\nlet refreshPromise: Promise<string> | null = null;\r\n\r\nexport async function refreshAccessToken(): Promise<string> {\r\n if (refreshPromise) return refreshPromise;\r\n\r\n refreshPromise = (async (): Promise<string> => {\r\n try {\r\n const refreshToken = getRefreshToken();\r\n const clientId = getClientId();\r\n const tenantId = getTenantId();\r\n\r\n logger.debug('Token refresh - collected data', {\r\n hasRefreshToken: !!refreshToken,\r\n clientId,\r\n tenantId,\r\n });\r\n\r\n if (!refreshToken || !clientId || !tenantId) {\r\n logger.error('Token refresh failed: missing required data', {\r\n hasRefreshToken: !!refreshToken,\r\n hasClientId: !!clientId,\r\n hasTenantId: !!tenantId,\r\n });\r\n throw new Error('Cannot refresh token: missing required data');\r\n }\r\n\r\n const apiAuthBaseUrl = Config.getAuthServerUrl();\r\n const tokenUrl = `${apiAuthBaseUrl}/oauth/refresh`;\r\n\r\n const body = new URLSearchParams({\r\n grant_type: DEFAULT_REFRESH_GRANT_TYPE,\r\n refresh_token: refreshToken,\r\n client_id: clientId.startsWith('public-') ? clientId : `public-${clientId}`,\r\n tenant_id: tenantId,\r\n });\r\n\r\n const response = await fetch(tokenUrl, {\r\n method: 'POST',\r\n headers: {\r\n 'Content-Type': 'application/x-www-form-urlencoded',\r\n 'Accept': 'application/json',\r\n },\r\n body: body.toString(),\r\n });\r\n\r\n if (!response.ok) {\r\n const responseData = (await response.json().catch(() => ({}))) as Record<string, unknown>;\r\n const isExpiredOrInvalidGrant =\r\n response.status === 401 ||\r\n (responseData?.error === 'invalid_grant') ||\r\n (typeof responseData?.error_description === 'string' &&\r\n (responseData.error_description.includes('expired') || responseData.error_description.includes('invalid')));\r\n\r\n if (isExpiredOrInvalidGrant) {\r\n removeStorage(STORAGE_KEYS.refreshToken);\r\n removeStorage(STORAGE_KEYS.accessToken);\r\n removeStorage(STORAGE_KEYS.expiresAt);\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_FAILED, {\r\n error: 'Refresh token expired or invalid',\r\n message: String(responseData?.error_description ?? responseData?.error ?? 'Token refresh failed'),\r\n });\r\n }\r\n\r\n logger.error('Token refresh failed', {\r\n status: response.status,\r\n statusText: response.statusText,\r\n responseData,\r\n requestUrl: tokenUrl,\r\n });\r\n throw new Error(\r\n `Token refresh failed: ${response.status} ${response.statusText}${Object.keys(responseData).length ? ` - ${JSON.stringify(responseData)}` : ''}`\r\n );\r\n }\r\n\r\n const tokenData = (await response.json()) as TokenResponse;\r\n\r\n if (!tokenData.access_token || !tokenData.refresh_token) {\r\n logger.error('Invalid refresh token response received');\r\n throw new Error('Invalid refresh token response');\r\n }\r\n\r\n storeTokens(tokenData);\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_SUCCESS);\r\n return tokenData.access_token;\r\n } catch (error) {\r\n if (error instanceof Error) {\r\n logger.error('Token refresh failed', { message: error.message });\r\n emitAuthEvent(AuthEventNames.TOKEN_REFRESH_FAILED, { error: error.message });\r\n }\r\n throw error;\r\n } finally {\r\n refreshPromise = null;\r\n }\r\n })();\r\n\r\n return refreshPromise;\r\n}\r\n","/**\r\n * PKCE (Proof Key for Code Exchange) utilities\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\n/**\r\n * Generates a random code verifier for PKCE\r\n * @param length Length of the code verifier (default: 128)\r\n * @returns Base64URL-encoded random string\r\n */\r\nexport function generateCodeVerifier(length: number = 128): string {\r\n const array = new Uint8Array(length);\r\n crypto.getRandomValues(array);\r\n\r\n const base64 = btoa(String.fromCharCode(...array));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n}\r\n\r\n/**\r\n * Generates code challenge from code verifier using SHA-256\r\n */\r\nexport async function generateCodeChallenge(verifier: string): Promise<string> {\r\n try {\r\n const encoder = new TextEncoder();\r\n const data = encoder.encode(verifier);\r\n const hashBuffer = await crypto.subtle.digest('SHA-256', data);\r\n const hashArray = Array.from(new Uint8Array(hashBuffer));\r\n const base64 = btoa(String.fromCharCode(...hashArray));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n } catch {\r\n throw new Error('Failed to generate code challenge');\r\n }\r\n}\r\n\r\n/**\r\n * Generates a random state parameter for OAuth flow\r\n */\r\nexport function generateState(): string {\r\n const array = new Uint8Array(32);\r\n crypto.getRandomValues(array);\r\n const base64 = btoa(String.fromCharCode(...array));\r\n return base64\r\n .replace(/\\+/g, '-')\r\n .replace(/\\//g, '_')\r\n .replace(/=/g, '');\r\n}\r\n","/**\r\n * Validation utilities\r\n */\r\n\r\n/**\r\n * Validates if a string is a valid GUID format\r\n * @param guid GUID string to validate\r\n * @returns True if valid GUID format, false otherwise\r\n */\r\nexport function isValidGuid(guid: string): boolean {\r\n if (!guid || typeof guid !== 'string') {\r\n return false;\r\n }\r\n \r\n const guidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;\r\n return guidRegex.test(guid.trim());\r\n}\r\n\r\n/**\r\n * Validates tenant ID (must be a valid GUID)\r\n * @param tenantId Tenant ID to validate\r\n * @returns Validation result with isValid flag and error message\r\n */\r\nexport function validateTenantId(tenantId: string | null | undefined): { isValid: boolean; error?: string } {\r\n if (!tenantId || tenantId.trim() === '') {\r\n return {\r\n isValid: false,\r\n error: 'Tenant ID is required',\r\n };\r\n }\r\n \r\n if (!isValidGuid(tenantId)) {\r\n return {\r\n isValid: false,\r\n error: 'Tenant ID must be a valid GUID format (00000000-0000-0000-0000-000000000001)',\r\n };\r\n }\r\n \r\n return { isValid: true };\r\n}\r\n\r\n","/**\r\n * Redirect loop protection: limit consecutive redirect attempts to IdP.\r\n */\r\n\r\nimport { emitAuthEvent, AuthEventNames } from '../events/AuthEvents';\r\n\r\nconst DEFAULT_MAX_REDIRECTS = 5;\r\nconst WINDOW_MS = 60 * 1000;\r\n\r\nlet redirectCount = 0;\r\nlet firstRedirectAt = 0;\r\n\r\nexport const MAX_REDIRECT_ATTEMPTS = DEFAULT_MAX_REDIRECTS;\r\n\r\nexport function getRedirectAttemptCount(): number {\r\n return redirectCount;\r\n}\r\n\r\nexport function incrementRedirectAttempt(): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n redirectCount++;\r\n return redirectCount <= DEFAULT_MAX_REDIRECTS;\r\n}\r\n\r\nexport function shouldAllowRedirect(maxAttempts: number = DEFAULT_MAX_REDIRECTS): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n return redirectCount < maxAttempts;\r\n}\r\n\r\nexport function resetRedirectLoopGuard(): void {\r\n redirectCount = 0;\r\n firstRedirectAt = 0;\r\n}\r\n\r\nexport function checkAndIncrementRedirect(maxAttempts: number = DEFAULT_MAX_REDIRECTS): boolean {\r\n const now = Date.now();\r\n if (now - firstRedirectAt > WINDOW_MS) {\r\n redirectCount = 0;\r\n firstRedirectAt = now;\r\n }\r\n if (redirectCount >= maxAttempts) {\r\n emitAuthEvent(AuthEventNames.REDIRECT_LOOP_RISK, {\r\n message: `Redirect attempt limit (${maxAttempts}) exceeded`,\r\n });\r\n return false;\r\n }\r\n redirectCount++;\r\n return true;\r\n}\r\n","/**\r\n * OAuth authorization flow implementation\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\nimport {\r\n setStorage,\r\n removeStorage,\r\n STORAGE_KEYS,\r\n getStorageKey,\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n} from '../../infrastructure/storage/index';\r\nimport { getAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport { generateCodeVerifier, generateCodeChallenge, generateState } from './pkce';\r\nimport {\r\n Config,\r\n DEFAULT_CODE_CHALLENGE_METHOD,\r\n DEFAULT_RESPONSE_TYPE,\r\n writeHostConfigCache,\r\n} from '../../config';\r\nimport { validateTenantId } from '../../utils/validation';\r\nimport { logger } from '../../utils/logger';\r\nimport { isLocalhost, isCallbackUrl } from '../../application/domain-facade';\r\nimport {\r\n clearFlowFlags,\r\n setFlowFlags,\r\n isFlowInProgress,\r\n isFlowFlagStale,\r\n clearCallbackProcessing,\r\n} from '../../application/lifecycle-state';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { checkAndIncrementRedirect } from '../../application/security/redirectLoopGuard';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\n\r\nexport function storeTenantConfig(config: TenantConfig): void {\r\n const validation = validateTenantId(config.tenantId);\r\n if (!validation.isValid) {\r\n logger.warn('Tenant ID validation failed', { tenantId: config.tenantId });\r\n }\r\n\r\n const authServerToStore = Config.getAuthServerUrl() || config.authServer;\r\n const redirectUriToStore = Config.getRedirectUri();\r\n writeHostConfigCache({\r\n authServerUrl: authServerToStore,\r\n clientId: config.client.clientId,\r\n clientCode: config.client.clientCode ?? config.client.clientId,\r\n redirectUri: redirectUriToStore,\r\n callbackUrl: redirectUriToStore,\r\n tenantId: config.tenantId,\r\n tenantKey: config.tenantKey ?? '',\r\n tenantCode: config.tenantKey ?? '',\r\n });\r\n if (config.tenantKey) {\r\n setStorage(STORAGE_KEYS.tenantKey, config.tenantKey);\r\n }\r\n}\r\n\r\nexport async function initiateAuthFlow(config: TenantConfig): Promise<void> {\r\n try {\r\n logger.info('Initiating OAuth authorization flow');\r\n\r\n const authServerFromProps = Config.getAuthServerUrl();\r\n const authServerEffective = (authServerFromProps || config?.authServer || '').replace(/\\/+$/, '');\r\n const redirectUriEffective = Config.getRedirectUri();\r\n const tenantIdEffective = config?.tenantId || '';\r\n const clientIdEffective = config?.client?.clientId || '';\r\n\r\n logger.debug('[initiateAuthFlow] Resolved inputs', {\r\n authServerFromProps: authServerFromProps ? '(provided)' : '(empty)',\r\n authServerEffective,\r\n redirectUriEffective,\r\n tenantIdEffective,\r\n clientIdEffective,\r\n scopes: config?.client?.scopes,\r\n hasRuntime: !!getAuthRuntime(),\r\n });\r\n\r\n // High-signal troubleshooting: confirm the exact `authServerUrl` used for OAuth redirects.\r\n // (URLs are non-sensitive, safe to log in debug for integration issues.)\r\n logger.info('[initiateAuthFlow] authServerUrl for OAuth', {\r\n authServerFromProps: authServerFromProps || null,\r\n authServerEffective,\r\n redirectUriEffective,\r\n tenantId: tenantIdEffective,\r\n tenantKey: (config as { tenantKey?: string }).tenantKey ?? null,\r\n clientIdEffective,\r\n });\r\n\r\n const token = getAccessToken();\r\n if (token && !isAccessTokenExpired()) {\r\n logger.debug('Valid token already exists, skipping auth flow');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n if (isCallbackUrl()) {\r\n logger.debug('Callback URL detected - clearing flow flag to allow callback processing');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n if (isFlowInProgress()) {\r\n if (isFlowFlagStale(3000)) {\r\n logger.info('Stale auth flow flag detected, clearing and proceeding');\r\n clearFlowFlags();\r\n } else {\r\n logger.debug('Auth flow already in progress (recent), skipping duplicate redirect');\r\n return;\r\n }\r\n }\r\n\r\n setFlowFlags();\r\n\r\n if (\r\n !(Config.getAuthServerUrl() || config?.authServer) ||\r\n !config.client?.clientId ||\r\n !config.client?.redirectUri\r\n ) {\r\n logger.error('[initiateAuthFlow] Missing required tenant config', {\r\n authServerEffective,\r\n clientId: config?.client?.clientId,\r\n redirectUriFromTenantApi: config?.client?.redirectUri,\r\n redirectUriEffective,\r\n });\r\n throw new Error('Invalid tenant configuration for auth flow');\r\n }\r\n\r\n storeTenantConfig(config);\r\n\r\n logger.debug('[initiateAuthFlow] Stored tenant config, generating PKCE');\r\n // Fresh login attempt must not be blocked by stale callback markers.\r\n removeStorage(getStorageKey('callback_processed'));\r\n removeStorage(getStorageKey('state_mismatch'));\r\n clearCallbackProcessing();\r\n\r\n const codeVerifier = generateCodeVerifier();\r\n const codeChallenge = await generateCodeChallenge(codeVerifier);\r\n const state = generateState();\r\n\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n setStorage(STORAGE_KEYS.codeVerifier, codeVerifier);\r\n setStorage(STORAGE_KEYS.state, state);\r\n\r\n const authUrl = buildAuthorizationUrl(config, codeChallenge, state);\r\n logger.debug('[initiateAuthFlow] Built authorization URL', {\r\n authServerEffective,\r\n urlPrefix: authUrl?.slice(0, 80),\r\n });\r\n\r\n if (\r\n !authUrl ||\r\n !(authUrl.startsWith('http://') || authUrl.startsWith('https://'))\r\n ) {\r\n throw new Error('Invalid authorization URL generated');\r\n }\r\n\r\n if (!checkAndIncrementRedirect()) {\r\n logger.warn('Redirect loop protection: max redirect attempts exceeded');\r\n clearFlowFlags();\r\n return;\r\n }\r\n\r\n logger.info('Redirecting to authorization server');\r\n emitAuthEvent(AuthEventNames.LOGIN_STARTED, { tenantKey: config.tenantKey });\r\n\r\n const runtime = getAuthRuntime();\r\n if (runtime) {\r\n logger.debug('[initiateAuthFlow] Redirect via runtime.urlProvider.redirect');\r\n runtime.urlProvider.redirect(authUrl);\r\n } else if (typeof window !== 'undefined') {\r\n logger.debug('[initiateAuthFlow] Redirect via window.location.replace');\r\n window.location.replace(authUrl);\r\n } else {\r\n logger.error('[initiateAuthFlow] No runtime and no window; cannot redirect', { authUrl });\r\n }\r\n } catch (error) {\r\n clearFlowFlags();\r\n logger.error('Failed to initiate auth flow', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n throw error;\r\n }\r\n}\r\n\r\nfunction buildAuthorizationUrl(\r\n config: TenantConfig,\r\n codeChallenge: string,\r\n state: string,\r\n): string {\r\n const authServerBase = (Config.getAuthServerUrl() || config.authServer || '').replace(/\\/+$/, '');\r\n if (isLocalhost()) {\r\n logger.debug('Building authorization URL', {\r\n authServer: authServerBase,\r\n clientId: config.client.clientId,\r\n redirectUri: config.client.redirectUri,\r\n scopes: config.client.scopes,\r\n });\r\n }\r\n\r\n const tenantIdToUse = config.tenantId;\r\n const clientIdToUse = config.client.clientId;\r\n // Static redirect URI: always host + '/callback'\r\n const redirectUriToUse = Config.getRedirectUri();\r\n\r\n const params = new URLSearchParams({\r\n client_id: `public-${clientIdToUse}`,\r\n tenant_id: tenantIdToUse,\r\n redirect_uri: redirectUriToUse,\r\n response_type: DEFAULT_RESPONSE_TYPE,\r\n scope: config.client.scopes,\r\n state,\r\n code_challenge: codeChallenge,\r\n code_challenge_method: DEFAULT_CODE_CHALLENGE_METHOD,\r\n });\r\n\r\n return `${authServerBase}/connect/authorize?${params.toString()}`;\r\n}\r\n\r\nexport function isAuthenticated(): boolean {\r\n const token = getAccessToken();\r\n return !!token && !isAccessTokenExpired();\r\n}\r\n","/**\r\n * OAuth callback handling\r\n * Strategy layer: OAuth2 PKCE\r\n */\r\n\r\nimport {\r\n getState,\r\n getCodeVerifier,\r\n getClientId,\r\n getRedirectUri,\r\n getTenantId,\r\n removeStorage,\r\n getStorage,\r\n setStorage,\r\n STORAGE_KEYS,\r\n getStorageKey,\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n getTenantKey,\r\n setTenantKey,\r\n clearAllStorage,\r\n} from '../../infrastructure/storage/index';\r\nimport { normalizeClientIdForOAuthTokenBody } from '../../config/host-fields';\r\nimport { exchangeCodeForTokens } from './token-exchange';\r\nimport { storeTenantConfig } from './oauth';\r\nimport { isCallbackUrl, extractTenantKey } from '../../application/domain-facade';\r\nimport { logger } from '../../utils/logger';\r\nimport { clearFlowFlags } from '../../application/lifecycle-state';\r\nimport { resolveTenantKey } from '../../infrastructure/tenant/tenantResolution';\r\nimport { getAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport {\r\n isCallbackProcessing,\r\n setCallbackProcessing,\r\n clearCallbackProcessing,\r\n} from '../../application/lifecycle-state';\r\nimport { emitAuthEvent, AuthEventNames } from '../../application/events/AuthEvents';\r\nimport { resetRedirectLoopGuard } from '../../application/security/redirectLoopGuard';\r\nimport axios from 'axios';\r\n\r\nfunction isProcessed(): boolean {\r\n return getStorage(getStorageKey('callback_processed')) === 'true';\r\n}\r\n\r\nfunction isProcessing(): boolean {\r\n return isCallbackProcessing();\r\n}\r\n\r\nfunction markProcessing(): void {\r\n setCallbackProcessing();\r\n}\r\n\r\nfunction markProcessed(): void {\r\n setStorage(getStorageKey('callback_processed'), 'true');\r\n clearCallbackProcessing();\r\n}\r\n\r\nfunction clearProcessing(): void {\r\n clearCallbackProcessing();\r\n removeStorage(getStorageKey('callback_processed'));\r\n}\r\n\r\nlet urlCleaned = false;\r\n\r\nfunction cleanUrl(): void {\r\n if (urlCleaned) return;\r\n if (isProcessing()) return;\r\n const runtime = getAuthRuntime();\r\n const clean = runtime\r\n ? `${runtime.urlProvider.getCurrentUrl().origin}${runtime.urlProvider.getCurrentUrl().pathname}`\r\n : (typeof window !== 'undefined' ? `${window.location.origin}${window.location.pathname}` : '/');\r\n if (runtime) runtime.urlProvider.redirect(clean);\r\n else if (typeof window !== 'undefined') window.location.replace(clean);\r\n urlCleaned = true;\r\n}\r\n\r\nfunction cleanUrlSoft(): void {\r\n if (urlCleaned) return;\r\n if (isProcessing()) return;\r\n const runtime = getAuthRuntime();\r\n const clean = runtime\r\n ? `${runtime.urlProvider.getCurrentUrl().origin}${runtime.urlProvider.getCurrentUrl().pathname}`\r\n : (typeof window !== 'undefined' ? `${window.location.origin}${window.location.pathname}` : '/');\r\n if (runtime) runtime.urlProvider.replaceState(clean);\r\n else if (typeof window !== 'undefined') window.history.replaceState({}, typeof document !== 'undefined' ? document.title : '', clean);\r\n urlCleaned = true;\r\n}\r\n\r\nfunction clearAllAuthFlags(): void {\r\n clearFlowFlags();\r\n}\r\n\r\n/**\r\n * When host_config is missing clientId (wrong storage prefix, partial cache, etc.) but we still\r\n * have tenant + PKCE, re-resolve tenant and persist OAuth fields before token exchange.\r\n */\r\nasync function tryRecoverOAuthConfigFromTenant(): Promise<{\r\n clientId: string | null;\r\n redirectUri: string | null;\r\n tenantId: string | null;\r\n} | null> {\r\n const runtime = getAuthRuntime();\r\n const tenantKey = (resolveTenantKey() ?? getTenantKey() ?? '').trim();\r\n if (!runtime?.tenantResolver || !tenantKey) {\r\n logger.debug('[Callback] OAuth config recovery skipped — no tenantResolver or tenantKey', {\r\n hasResolver: !!runtime?.tenantResolver,\r\n tenantKey: tenantKey || '(empty)',\r\n });\r\n return null;\r\n }\r\n try {\r\n const tc = await runtime.tenantResolver.resolve(tenantKey);\r\n if (!tc?.client?.clientId || !tc.tenantId) {\r\n logger.warn('[Callback] OAuth config recovery: tenant resolve missing client or tenantId', {\r\n tenantKey,\r\n });\r\n return null;\r\n }\r\n storeTenantConfig(tc);\r\n return {\r\n clientId: tc.client.clientId.trim() || null,\r\n redirectUri: tc.client.redirectUri?.trim() || getRedirectUri(),\r\n tenantId: tc.tenantId.trim() || null,\r\n };\r\n } catch (e) {\r\n logger.warn('[Callback] OAuth config recovery: tenant re-resolve failed', {\r\n tenantKey,\r\n error: e instanceof Error ? e.message : String(e),\r\n });\r\n return null;\r\n }\r\n}\r\n\r\nexport async function handleCallback(): Promise<boolean> {\r\n const runtimeSearch = getAuthRuntime()?.urlProvider.getCurrentUrl().search;\r\n const windowSearch = typeof window !== 'undefined' ? window.location.search : '';\r\n logger.debug('[Callback] handleCallback invoked', {\r\n isProcessed: isProcessed(),\r\n isProcessing: isProcessing(),\r\n isCallbackUrl: isCallbackUrl(),\r\n runtimeSearch: runtimeSearch ?? '(none)',\r\n windowSearch: windowSearch || '(none)',\r\n });\r\n\r\n if (isProcessed()) {\r\n logger.warn('[Callback] Early exit: callback already processed');\r\n if (isCallbackUrl()) {\r\n if (!isProcessing()) cleanUrlSoft();\r\n }\r\n clearFlowFlags();\r\n return true;\r\n }\r\n\r\n if (isProcessing()) {\r\n logger.warn('[Callback] Early exit: callback processing already in progress');\r\n return true;\r\n }\r\n\r\n const storedTenantKey = getTenantKey();\r\n const currentTenantKey = resolveTenantKey() ?? storedTenantKey;\r\n\r\n if (currentTenantKey && storedTenantKey && currentTenantKey !== storedTenantKey) {\r\n logger.warn('[Callback] Early exit: tenant key changed before exchange', {\r\n currentTenantKey,\r\n storedTenantKey,\r\n });\r\n clearAllStorage();\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n setStorage(getStorageKey('tenant_switched'), 'true');\r\n setStorage(getStorageKey('new_tenant_key'), currentTenantKey);\r\n setTenantKey(currentTenantKey);\r\n if (isCallbackUrl()) cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n if (!isCallbackUrl()) {\r\n logger.warn('[Callback] Early exit: URL is not callback URL');\r\n return false;\r\n }\r\n\r\n markProcessing();\r\n clearFlowFlags();\r\n urlCleaned = false;\r\n\r\n try {\r\n const search = getAuthRuntime()?.urlProvider.getCurrentUrl().search ?? (typeof window !== 'undefined' ? window.location.search : '');\r\n const params = new URLSearchParams(search);\r\n const code = params.get('code');\r\n const state = params.get('state');\r\n const error = params.get('error');\r\n\r\n if (error || !code || !state) {\r\n logger.error('[Callback] Early exit: invalid OAuth callback params', { error, code, state });\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n const storedState = getState();\r\n if (!storedState || storedState !== state) {\r\n const currentTenantKeyFromUrl = extractTenantKey();\r\n const resolvedTenantKey = resolveTenantKey();\r\n const tenantKeyChanged = currentTenantKeyFromUrl && resolvedTenantKey && currentTenantKeyFromUrl !== resolvedTenantKey;\r\n if (tenantKeyChanged) {\r\n logger.warn('[Callback] Early exit: state mismatch due to tenant key change');\r\n } else {\r\n logger.error('[Callback] Early exit: OAuth state mismatch - redirecting to login');\r\n }\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n cleanUrlSoft();\r\n setStorage(getStorageKey('state_mismatch'), 'true');\r\n return false;\r\n }\r\n\r\n const codeVerifier = getCodeVerifier();\r\n if (!codeVerifier) {\r\n logger.error('[Callback] Early exit: missing PKCE verifier');\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n let clientId = getClientId();\r\n let redirectUri = getRedirectUri();\r\n let tenantId = getTenantId();\r\n\r\n if (!clientId || !redirectUri || !tenantId) {\r\n logger.warn('[Callback] OAuth config incomplete — attempting tenant re-resolve', {\r\n hasClientId: !!clientId,\r\n hasRedirectUri: !!redirectUri,\r\n hasTenantId: !!tenantId,\r\n });\r\n const recovered = await tryRecoverOAuthConfigFromTenant();\r\n if (recovered) {\r\n if (!redirectUri) redirectUri = recovered.redirectUri;\r\n if (!tenantId) tenantId = recovered.tenantId;\r\n // Prefer normalized reader after storeTenantConfig refreshed host_config\r\n clientId =\r\n getClientId() ?? normalizeClientIdForOAuthTokenBody(recovered.clientId) ?? null;\r\n }\r\n }\r\n\r\n if (!clientId || !redirectUri || !tenantId) {\r\n logger.error('[Callback] Early exit: missing OAuth config during callback', {\r\n hasClientId: !!clientId,\r\n hasRedirectUri: !!redirectUri,\r\n hasTenantId: !!tenantId,\r\n });\r\n clearAllAuthFlags();\r\n clearProcessing();\r\n cleanUrlSoft();\r\n return false;\r\n }\r\n\r\n // Best practice: skip exchange if we already have a valid token (avoids duplicate / \"code already used\")\r\n const existingToken = getAccessToken();\r\n if (existingToken && !isAccessTokenExpired()) {\r\n logger.warn('[Callback] Early exit: valid token already exists - skipping code exchange');\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrlSoft();\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n\r\n logger.info('[Callback] Entering token exchange');\r\n const tokenData = await exchangeCodeForTokens({\r\n code,\r\n codeVerifier,\r\n clientId,\r\n redirectUri,\r\n tenantId,\r\n });\r\n\r\n if (!tokenData?.access_token) {\r\n logger.error('Token exchange returned no access token');\r\n clearProcessing();\r\n clearAllAuthFlags();\r\n cleanUrlSoft();\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, { message: 'No access token returned' });\r\n return false;\r\n }\r\n\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrlSoft();\r\n\r\n logger.info('OAuth callback processed successfully');\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n } catch (err) {\r\n if (axios.isAxiosError(err)) {\r\n const status = err.response?.status;\r\n const responseData = err.response?.data as { error?: string; error_description?: string; details?: string } | undefined;\r\n const errorCode = responseData?.error;\r\n const errorDescription = responseData?.error_description || responseData?.details || '';\r\n\r\n if (\r\n status === 400 &&\r\n errorCode === 'invalid_grant' &&\r\n (String(errorDescription).includes('already used') ||\r\n String(errorDescription).includes('Code not found') ||\r\n String(errorDescription).includes('expired, already used'))\r\n ) {\r\n const existingToken = getAccessToken();\r\n const tokenValid = existingToken && !isAccessTokenExpired();\r\n if (tokenValid) {\r\n removeStorage(STORAGE_KEYS.codeVerifier);\r\n removeStorage(STORAGE_KEYS.state);\r\n clearAllAuthFlags();\r\n markProcessed();\r\n cleanUrlSoft();\r\n logger.info('OAuth callback processed successfully (code already used, but token exists)');\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n }\r\n\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, {\r\n error: err.message,\r\n message: responseData?.error_description ?? err.message,\r\n });\r\n logger.error('OAuth callback failed (Axios error)', {\r\n status,\r\n statusText: err.response?.statusText,\r\n responseData: err.response?.data,\r\n message: err.message,\r\n url: err.config?.url,\r\n });\r\n } else {\r\n logger.error('OAuth callback failed', {\r\n error: err instanceof Error ? err.message : String(err),\r\n });\r\n }\r\n\r\n clearAllAuthFlags();\r\n const existingToken = getAccessToken();\r\n const tokenValid = existingToken && !isAccessTokenExpired();\r\n if (tokenValid) {\r\n markProcessed();\r\n cleanUrlSoft();\r\n resetRedirectLoopGuard();\r\n emitAuthEvent(AuthEventNames.CALLBACK_SUCCESS);\r\n return true;\r\n }\r\n\r\n emitAuthEvent(AuthEventNames.CALLBACK_FAILED, {\r\n error: err instanceof Error ? err.message : String(err),\r\n });\r\n clearProcessing();\r\n if (isCallbackUrl()) cleanUrlSoft();\r\n return false;\r\n }\r\n}\r\n","/**\r\n * Callback flow: run callback handling (validate state/code, exchange or skip, clean URL).\r\n */\r\n\r\nimport { clearFlowFlags, isCallbackProcessing } from '../lifecycle-state';\r\nimport { handleCallback } from '../../strategies/oauth2-pkce/callback';\r\nimport { isCallbackUrlFromUrl } from '../../domain/tenant';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class CallbackFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { urlProvider, logger: log } = runtime;\r\n const getUrl = () => urlProvider.getCurrentUrl();\r\n\r\n clearFlowFlags();\r\n\r\n const handled = await handleCallback();\r\n if (handled) {\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n if (isCallbackProcessing()) return { completed: true };\r\n const u = getUrl();\r\n urlProvider.redirect(`${u.origin}${u.pathname}`);\r\n return { completed: true };\r\n }\r\n return { completed: true };\r\n }\r\n if (isCallbackUrlFromUrl(getUrl())) {\r\n const u = getUrl();\r\n urlProvider.redirect(`${u.origin}${u.pathname}`);\r\n }\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Authenticated flow: valid token exists, no action needed.\r\n */\r\n\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class AuthenticatedFlow implements IAuthFlow {\r\n async execute(_context: FlowContext): Promise<FlowResult> {\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Default auth engine ref for backward compatibility.\r\n */\r\n\r\nimport type { AuthEngine } from './types';\r\n\r\nlet defaultEngine: AuthEngine | null = null;\r\n\r\nexport function getDefaultAuthEngine(): AuthEngine | null {\r\n return defaultEngine;\r\n}\r\n\r\nexport function setDefaultAuthEngine(engine: AuthEngine | null): void {\r\n defaultEngine = engine;\r\n}\r\n","/**\r\n * Token API: facades for public API.\r\n * ensureValidAccessToken delegates to default engine when set; otherwise uses strategy refresh.\r\n */\r\n\r\nimport {\r\n getRefreshToken,\r\n isAccessTokenExpired,\r\n getAccessToken as getStoredAccessToken,\r\n} from '../infrastructure/storage/index';\r\nimport { getDefaultAuthEngine } from './engine/defaultEngine';\r\nimport { logger } from '../utils/logger';\r\nimport { refreshAccessToken as strategyRefreshAccessToken } from '../strategies/oauth2-pkce/token-exchange';\r\n\r\nexport { refreshAccessToken } from '../strategies/oauth2-pkce/token-exchange';\r\nexport type { ExchangeTokenParams } from '../strategies/oauth2-pkce/token-exchange';\r\n\r\n/** Throttle \"No refresh token\" log to once per 5s to avoid console spam after logout. */\r\nlet lastNoRefreshLog = 0;\r\nconst NO_REFRESH_LOG_INTERVAL_MS = 5000;\r\n\r\nexport async function ensureValidAccessToken(): Promise<string> {\r\n const engine = getDefaultAuthEngine();\r\n if (engine) {\r\n try {\r\n return await engine.getAccessToken();\r\n } catch {\r\n // Fall through to strategy refresh\r\n }\r\n }\r\n\r\n const token = getStoredAccessToken();\r\n if (token && !isAccessTokenExpired()) return token;\r\n\r\n const refreshToken = getRefreshToken();\r\n if (!refreshToken) {\r\n const now = Date.now();\r\n if (now - lastNoRefreshLog >= NO_REFRESH_LOG_INTERVAL_MS) {\r\n lastNoRefreshLog = now;\r\n logger.debug('No refresh token - cannot refresh; login required');\r\n }\r\n throw new Error('No refresh token; login required');\r\n }\r\n\r\n return await strategyRefreshAccessToken();\r\n}\r\n\r\nexport function getAccessToken(): string | null {\r\n return getStoredAccessToken();\r\n}\r\n","/**\r\n * Refresh flow: ensureValidAccessToken (refresh only); on failure fall through to login required.\r\n */\r\n\r\nimport { ensureValidAccessToken } from '../token';\r\nimport { logger } from '../../utils/logger';\r\nimport { resolveTenantKey, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { setTenantKey } from '../../infrastructure/storage/index';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class RefreshFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { logger: log } = runtime;\r\n const getUrl = () => runtime.urlProvider.getCurrentUrl();\r\n\r\n log.debug('Token expired, attempting to refresh...');\r\n\r\n try {\r\n const refreshedToken = await ensureValidAccessToken();\r\n if (refreshedToken) {\r\n logger.debug('Token refreshed successfully, bootstrap complete');\r\n return { completed: true };\r\n }\r\n } catch (error) {\r\n logger.warn('Token refresh failed, will trigger new auth flow', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n const tenantKey = resolveTenantKey();\r\n\r\n log.debug('[RefreshFlow] Tenant key resolved', {\r\n tenantKey: tenantKey ?? '(null)',\r\n source: tenantKey ? 'resolved' : 'none',\r\n });\r\n\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant',\r\n new Error(`Tenant key missing for refresh flow at url=${getUrl().href}`)\r\n );\r\n }\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Tenant switch flow: resolve new tenant, set tenant key, store config, initiate auth.\r\n */\r\n\r\nimport { getStorage, removeStorage, getStorageKey, setTenantKey } from '../../infrastructure/storage/index';\r\nimport { resolveTenantKey, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { emitAuthEvent, AuthEventNames } from '../events/AuthEvents';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport { getAuthConfig, writeHostConfigCache } from '../../config';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class TenantSwitchFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { urlProvider, logger: log } = runtime;\r\n const getUrl = () => urlProvider.getCurrentUrl();\r\n\r\n const newTenantKey = getStorage(getStorageKey('new_tenant_key'));\r\n log.info('Tenant switch detected - starting fresh login', { newTenantKey });\r\n emitAuthEvent(AuthEventNames.TENANT_SWITCHED, { tenantKey: newTenantKey ?? undefined });\r\n\r\n removeStorage(getStorageKey('tenant_switched'));\r\n removeStorage(getStorageKey('new_tenant_key'));\r\n\r\n const tenantKey = (newTenantKey || resolveTenantKey())?.trim() || null;\r\n\r\n log.debug('[TenantSwitchFlow] Tenant key resolved', {\r\n tenantKey: tenantKey ?? '(null)',\r\n fromNewTenantKey: newTenantKey ?? '(null)',\r\n source: newTenantKey ? 'new_tenant_key' : tenantKey ? 'resolved' : 'none',\r\n });\r\n\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant after switch',\r\n new Error(`Tenant key missing after switch at url=${getUrl().href}`)\r\n );\r\n }\r\n\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration after switch',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n // Cache only — runtime config remains source of truth via AuthProvider / setConfig.\r\n try {\r\n const cfg = getAuthConfig();\r\n writeHostConfigCache({\r\n apiBaseUrl: cfg.apiBaseUrl,\r\n authServerUrl: cfg.authServerUrl,\r\n callbackUrl: cfg.callbackUrl,\r\n appId: cfg.appId,\r\n clientCode: tenantConfig.client?.clientCode ?? cfg.clientCode ?? '',\r\n clientId: cfg.clientId || tenantConfig.client?.clientId,\r\n tenantId: tenantConfig.tenantId ?? cfg.tenantId,\r\n tenantKey,\r\n tenantCode: tenantKey,\r\n });\r\n } catch {\r\n // non-blocking\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Normal login flow: resolve tenant, store config, initiate auth.\r\n */\r\n\r\nimport {\r\n getStorage,\r\n removeStorage,\r\n getStorageKey,\r\n setTenantKey,\r\n getAccessToken,\r\n} from '../../infrastructure/storage/index';\r\nimport { clearCallbackProcessing } from '../lifecycle-state';\r\nimport { resolveTenantKey, resolveTenantConfigCached } from '../../infrastructure/tenant/tenantResolution';\r\nimport { storeTenantConfig, initiateAuthFlow } from '../../strategies/oauth2-pkce/oauth';\r\nimport { SanitizedError } from '../../utils/security';\r\nimport type { FlowContext, FlowResult } from './types';\r\nimport type { IAuthFlow } from './types';\r\n\r\nexport class LoginFlow implements IAuthFlow {\r\n async execute(context: FlowContext): Promise<FlowResult> {\r\n const { runtime } = context;\r\n const { logger: log } = runtime;\r\n const getUrl = () => runtime.urlProvider.getCurrentUrl();\r\n const url = getUrl();\r\n log.debug('[LoginFlow] Start', { url: url.href, pathname: url.pathname, search: url.search });\r\n\r\n const callbackProcessed = getStorage(getStorageKey('callback_processed')) === 'true';\r\n const token = getAccessToken();\r\n if (callbackProcessed && !token) {\r\n log.warn('Callback processed but token still not available - clearing flag and allowing fresh login');\r\n removeStorage(getStorageKey('callback_processed'));\r\n clearCallbackProcessing();\r\n }\r\n\r\n const wasStateMismatch = getStorage(getStorageKey('state_mismatch')) === 'true';\r\n if (wasStateMismatch) removeStorage(getStorageKey('state_mismatch'));\r\n\r\n const tenantKey = resolveTenantKey();\r\n\r\n log.debug('[LoginFlow] Tenant key resolved', {\r\n tenantKey: tenantKey ?? '(null)',\r\n source: tenantKey ? 'resolved' : 'none',\r\n });\r\n if (!tenantKey) {\r\n throw new SanitizedError(\r\n 'TENANT_KEY_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant',\r\n new Error(`Tenant key missing for login flow at url=${url.href}`)\r\n );\r\n }\r\n\r\n log.debug('[LoginFlow] Resolving tenant config', { tenantKey });\r\n const tenantConfig = await resolveTenantConfigCached(tenantKey, runtime.tenantResolver);\r\n log.debug('[LoginFlow] Tenant config resolved', {\r\n ok: !!tenantConfig,\r\n tenantId: tenantConfig?.tenantId,\r\n authServer: tenantConfig?.authServer ? '(set)' : '(empty)',\r\n clientId: tenantConfig?.client?.clientId,\r\n redirectUri: tenantConfig?.client?.redirectUri,\r\n });\r\n if (!tenantConfig) {\r\n throw new SanitizedError(\r\n 'TENANT_CONFIG_RESOLUTION_FAILED',\r\n 'Unable to resolve tenant configuration',\r\n new Error(`Tenant config resolution failed for tenantKey: ${tenantKey}`)\r\n );\r\n }\r\n\r\n setTenantKey(tenantKey);\r\n storeTenantConfig(tenantConfig);\r\n log.debug('[LoginFlow] Stored tenant config, initiating auth flow');\r\n await initiateAuthFlow(tenantConfig);\r\n log.debug('[LoginFlow] Auth flow initiated (redirect should happen)');\r\n return { completed: true };\r\n }\r\n}\r\n","/**\r\n * Returns the flow instance for a given auth lifecycle state.\r\n */\r\n\r\nimport { AuthLifecycleState } from '../../domain/auth-lifecycle';\r\nimport type { IAuthFlow } from './types';\r\nimport { CallbackFlow } from './CallbackFlow';\r\nimport { AuthenticatedFlow } from './AuthenticatedFlow';\r\nimport { RefreshFlow } from './RefreshFlow';\r\nimport { TenantSwitchFlow } from './TenantSwitchFlow';\r\nimport { LoginFlow } from './LoginFlow';\r\n\r\nconst callbackFlow = new CallbackFlow();\r\nconst authenticatedFlow = new AuthenticatedFlow();\r\nconst refreshFlow = new RefreshFlow();\r\nconst tenantSwitchFlow = new TenantSwitchFlow();\r\nconst loginFlow = new LoginFlow();\r\n\r\nexport function getFlowForState(state: AuthLifecycleState): IAuthFlow {\r\n switch (state) {\r\n case AuthLifecycleState.PROCESSING_CALLBACK:\r\n return callbackFlow;\r\n case AuthLifecycleState.AUTHENTICATED:\r\n return authenticatedFlow;\r\n case AuthLifecycleState.TOKEN_EXPIRED:\r\n return refreshFlow;\r\n case AuthLifecycleState.TENANT_SWITCH:\r\n return tenantSwitchFlow;\r\n case AuthLifecycleState.LOGIN_REQUIRED:\r\n case AuthLifecycleState.INITIALIZING:\r\n case AuthLifecycleState.LOGGED_OUT:\r\n case AuthLifecycleState.ERROR:\r\n default:\r\n return loginFlow;\r\n }\r\n}\r\n","/**\r\n * Internal bootstrap execution: state resolution + single flow.\r\n */\r\n\r\nimport { getAuthRuntime } from '../infrastructure/runtime/context';\r\nimport { isCallbackUrlFromUrl } from '../domain/tenant';\r\nimport {\r\n getAccessToken,\r\n isAccessTokenExpired,\r\n getStorage,\r\n getStorageKey,\r\n getRefreshToken,\r\n} from '../infrastructure/storage/index';\r\nimport {\r\n enforceHttps,\r\n sanitizeErrorMessage,\r\n SanitizedError,\r\n} from '../utils/security';\r\nimport { logger } from '../utils/logger';\r\nimport { resolveAuthLifecycleState } from '../domain/auth-lifecycle';\r\nimport {\r\n isBootstrapInProgress,\r\n setBootstrapInProgress,\r\n clearBootstrapInProgress,\r\n} from './lifecycle-state';\r\nimport { getFlowForState } from './flows/getFlowForState';\r\nimport type { FlowContext } from './flows/types';\r\nimport { emitAuthEvent, AuthEventNames } from './events/AuthEvents';\r\n\r\nfunction createStorageReader() {\r\n return (suffix: string) => getStorage(getStorageKey(suffix));\r\n}\r\n\r\nexport async function runBootstrap(): Promise<void> {\r\n const runtime = getAuthRuntime();\r\n if (!runtime) {\r\n logger.warn(\r\n 'Auth runtime not set; skipping bootstrap. Set runtime via AuthProvider or setAuthRuntime().'\r\n );\r\n return;\r\n }\r\n\r\n if (isBootstrapInProgress()) {\r\n logger.debug('Bootstrap already in progress - skipping duplicate run');\r\n return;\r\n }\r\n\r\n setBootstrapInProgress();\r\n\r\n try {\r\n enforceHttps(true);\r\n\r\n const url = runtime.urlProvider.getCurrentUrl();\r\n const token = getAccessToken();\r\n const expired = isAccessTokenExpired();\r\n const hasValidToken = !!(token && !expired);\r\n const hasToken = !!token;\r\n const hasRefreshToken = !!getRefreshToken();\r\n\r\n const state = resolveAuthLifecycleState({\r\n url,\r\n getStorage: createStorageReader(),\r\n isCallbackUrl: isCallbackUrlFromUrl,\r\n hasValidToken,\r\n hasToken,\r\n hasRefreshToken,\r\n isTokenExpired: expired,\r\n });\r\n\r\n emitAuthEvent(AuthEventNames.BOOTSTRAP_STATE_DETECTED, { state: state as string });\r\n\r\n const flow = getFlowForState(state);\r\n const context: FlowContext = { runtime, url, state };\r\n await flow.execute(context);\r\n } catch (error) {\r\n if (error instanceof SanitizedError) throw error;\r\n const r = getAuthRuntime();\r\n (r?.logger ?? logger).error('Bootstrap failed', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n throw new Error(\r\n sanitizeErrorMessage(error, 'Authentication initialization failed')\r\n );\r\n } finally {\r\n clearBootstrapInProgress();\r\n }\r\n}\r\n","/**\r\n * Session-cleared callback for watchers (cookie/storage).\r\n * Application layer sets this to bootstrap so infrastructure does not depend on application.\r\n */\r\n\r\nlet sessionClearedCallback: (() => void | Promise<void>) | null = null;\r\n\r\nexport function setSessionClearedCallback(cb: (() => void | Promise<void>) | null): void {\r\n sessionClearedCallback = cb;\r\n}\r\n\r\nexport function getSessionClearedCallback(): (() => void | Promise<void>) | null {\r\n return sessionClearedCallback;\r\n}\r\n","/**\r\n * Public bootstrap API. Delegates to default engine.init() when set; otherwise runs runBootstrap().\r\n */\r\n\r\nimport { runBootstrap } from './run-bootstrap';\r\nimport { getDefaultAuthEngine } from './engine/defaultEngine';\r\nimport { setSessionClearedCallback } from '../infrastructure/watchers/callbacks';\r\n\r\nasync function bootstrapImpl(): Promise<void> {\r\n const engine = getDefaultAuthEngine();\r\n if (engine) {\r\n await engine.init();\r\n return;\r\n }\r\n await runBootstrap();\r\n}\r\n\r\nsetSessionClearedCallback(() => bootstrapImpl());\r\n\r\nexport async function bootstrap(): Promise<void> {\r\n return bootstrapImpl();\r\n}\r\n","/**\r\n * Suppress watcher side effects during intentional auth teardown (e.g. logout).\r\n * Deterministic: set before storage/cookie mutation, clear after cleanup completes.\r\n */\r\n\r\nlet suspended = false;\r\nlet generation = 0;\r\n\r\nexport function suspendWatchers(): number {\r\n suspended = true;\r\n generation += 1;\r\n return generation;\r\n}\r\n\r\nexport function resumeWatchers(expectedGen?: number): void {\r\n if (expectedGen !== undefined && expectedGen !== generation) return;\r\n suspended = false;\r\n}\r\n\r\nexport function areWatchersSuspended(): boolean {\r\n return suspended;\r\n}\r\n\r\nexport function getWatcherGeneration(): number {\r\n return generation;\r\n}\r\n","/**\r\n * Cookie-based authentication utilities\r\n * Strategy layer: cookie auth (cookie names used by cookie-watcher).\r\n */\r\n\r\nexport const COOKIE_NAMES = {\r\n accessToken: 'tenneo_auth_access_token',\r\n refreshToken: 'tenneo_auth_refresh_token',\r\n} as const;\r\n","/**\r\n * Cookie watcher to detect cookie deletion and clear session.\r\n * Infrastructure layer: uses storage and callback; application sets callback to bootstrap.\r\n */\r\n\r\nimport {\r\n clearAuthStorage,\r\n clearAuthSessionStorage,\r\n} from '../storage/index';\r\nimport { getSessionClearedCallback } from './callbacks';\r\nimport { areWatchersSuspended } from './watcher-guard';\r\nimport { logger } from '../../utils/logger';\r\nimport { COOKIE_NAMES } from '../../strategies/cookie/cookie-auth';\r\n\r\nlet isWatching = false;\r\nlet lastCookieSnapshot: string = '';\r\nlet lastCookieMap: Map<string, string> = new Map();\r\nlet watchInterval: ReturnType<typeof setInterval> | null = null;\r\n\r\nfunction getCookieSnapshot(): string {\r\n try {\r\n return document.cookie || '';\r\n } catch {\r\n return '';\r\n }\r\n}\r\n\r\nfunction getCookieNames(): string[] {\r\n try {\r\n const cookies = document.cookie.split(';');\r\n return cookies\r\n .map((cookie) => {\r\n const eqPos = cookie.indexOf('=');\r\n return eqPos > -1 ? cookie.substring(0, eqPos).trim() : cookie.trim();\r\n })\r\n .filter((name) => name.length > 0);\r\n } catch {\r\n return [];\r\n }\r\n}\r\n\r\nfunction getCookieMap(): Map<string, string> {\r\n const cookieMap = new Map<string, string>();\r\n try {\r\n const cookies = document.cookie.split(';');\r\n for (const cookie of cookies) {\r\n const eqPos = cookie.indexOf('=');\r\n if (eqPos > -1) {\r\n const name = cookie.substring(0, eqPos).trim();\r\n const value = cookie.substring(eqPos + 1).trim();\r\n if (name.length > 0) cookieMap.set(name, value);\r\n }\r\n }\r\n } catch {\r\n // Silent fail\r\n }\r\n return cookieMap;\r\n}\r\n\r\nfunction checkCookiesDeleted(): boolean {\r\n try {\r\n const currentSnapshot = getCookieSnapshot();\r\n const currentCookieMap = getCookieMap();\r\n const currentCookies = getCookieNames();\r\n\r\n if (lastCookieSnapshot && !currentSnapshot) {\r\n logger.info('All cookies deleted detected');\r\n return true;\r\n }\r\n\r\n if (lastCookieMap.size > 0) {\r\n const authCookieNames = [\r\n COOKIE_NAMES.accessToken,\r\n COOKIE_NAMES.refreshToken,\r\n 'tenneo_auth',\r\n 'tenneo_auth_access_token',\r\n 'tenneo_auth_refresh_token',\r\n 'auth',\r\n 'session',\r\n 'token',\r\n ];\r\n\r\n const deletedAuthCookies: string[] = [];\r\n for (const [cookieName] of lastCookieMap) {\r\n const isAuthCookie = authCookieNames.some((authName) =>\r\n cookieName.toLowerCase().includes(authName.toLowerCase())\r\n );\r\n if (isAuthCookie && !currentCookieMap.has(cookieName)) {\r\n deletedAuthCookies.push(cookieName);\r\n }\r\n }\r\n if (deletedAuthCookies.length > 0) {\r\n logger.info('Auth cookies deleted detected', {\r\n deletedCookies: deletedAuthCookies,\r\n previousCookieCount: lastCookieMap.size,\r\n currentCookieCount: currentCookieMap.size,\r\n });\r\n return true;\r\n }\r\n\r\n const hadTenneoAuthAccess =\r\n lastCookieMap.has(COOKIE_NAMES.accessToken) ||\r\n lastCookieMap.has('tenneo_auth_access_token');\r\n const hasTenneoAuthAccess =\r\n currentCookieMap.has(COOKIE_NAMES.accessToken) ||\r\n currentCookieMap.has('tenneo_auth_access_token');\r\n if (hadTenneoAuthAccess && !hasTenneoAuthAccess) {\r\n logger.info('tenneo auth access token cookie deleted detected');\r\n return true;\r\n }\r\n\r\n const hadTenneoAuthRefresh =\r\n lastCookieMap.has(COOKIE_NAMES.refreshToken) ||\r\n lastCookieMap.has('tenneo_auth_refresh_token');\r\n const hasTenneoAuthRefresh =\r\n currentCookieMap.has(COOKIE_NAMES.refreshToken) ||\r\n currentCookieMap.has('tenneo_auth_refresh_token');\r\n if (hadTenneoAuthRefresh && !hasTenneoAuthRefresh) {\r\n logger.info('tenneo auth refresh token cookie deleted detected');\r\n return true;\r\n }\r\n\r\n if (\r\n lastCookieMap.size > currentCookieMap.size &&\r\n lastCookieMap.size - currentCookieMap.size >= 1\r\n ) {\r\n const deletedCookies: string[] = [];\r\n for (const [cookieName] of lastCookieMap) {\r\n if (!currentCookieMap.has(cookieName)) deletedCookies.push(cookieName);\r\n }\r\n const deletedAuthCookiesCount = deletedCookies.filter((name) =>\r\n authCookieNames.some((authName) =>\r\n name.toLowerCase().includes(authName.toLowerCase())\r\n )\r\n ).length;\r\n if (deletedAuthCookiesCount > 0) {\r\n logger.info('Auth cookies deleted detected (count-based)', {\r\n deletedCookies,\r\n deletedAuthCount: deletedAuthCookiesCount,\r\n previousCount: lastCookieMap.size,\r\n currentCount: currentCookieMap.size,\r\n });\r\n return true;\r\n }\r\n }\r\n }\r\n\r\n lastCookieSnapshot = currentSnapshot;\r\n lastCookieMap = new Map(currentCookieMap);\r\n return false;\r\n } catch (error) {\r\n logger.warn('Error checking cookies', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n return false;\r\n }\r\n}\r\n\r\nfunction handleCookieDeletion(): void {\r\n if (areWatchersSuspended()) {\r\n logger.debug('Cookie deletion handler skipped — watchers suspended (logout/teardown)');\r\n return;\r\n }\r\n try {\r\n logger.info('Cookies deleted detected - clearing session and redirecting to login');\r\n\r\n clearAuthStorage();\r\n clearAuthSessionStorage();\r\n\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after cookie deletion', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n });\r\n }\r\n } catch (error) {\r\n logger.error('Error handling cookie deletion', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n}\r\n\r\nexport function startCookieWatcher(): void {\r\n if (isWatching) {\r\n logger.debug('Cookie watcher already running');\r\n return;\r\n }\r\n\r\n isWatching = true;\r\n lastCookieSnapshot = getCookieSnapshot();\r\n lastCookieMap = getCookieMap();\r\n\r\n const initialCookies = getCookieNames();\r\n const authCookies = initialCookies.filter(\r\n (name) =>\r\n name.toLowerCase().includes('tenneo_auth') ||\r\n name.toLowerCase().includes('auth') ||\r\n name.toLowerCase().includes('token')\r\n );\r\n logger.debug('Cookie watcher started', {\r\n initialCookieCount: initialCookies.length,\r\n authCookieCount: authCookies.length,\r\n authCookies,\r\n allCookies: initialCookies,\r\n });\r\n\r\n watchInterval = setInterval(async () => {\r\n if (areWatchersSuspended()) return;\r\n const cookiesDeleted = checkCookiesDeleted();\r\n if (cookiesDeleted) {\r\n logger.info('Cookies deleted detected by cookie watcher');\r\n if (watchInterval) {\r\n clearInterval(watchInterval);\r\n watchInterval = null;\r\n }\r\n isWatching = false;\r\n\r\n try {\r\n await handleCookieDeletion();\r\n } catch (error) {\r\n logger.error('Error handling cookie deletion, will restart watcher', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n } finally {\r\n queueMicrotask(() => {\r\n if (!isWatching) startCookieWatcher();\r\n });\r\n }\r\n }\r\n }, 1000);\r\n\r\n logger.info('Cookie watcher started - monitoring for cookie deletion');\r\n}\r\n\r\nexport function stopCookieWatcher(): void {\r\n isWatching = false;\r\n if (watchInterval) {\r\n clearInterval(watchInterval);\r\n watchInterval = null;\r\n }\r\n lastCookieSnapshot = '';\r\n logger.debug('Cookie watcher stopped');\r\n}\r\n\r\nexport function resetCookieWatcher(): void {\r\n lastCookieSnapshot = getCookieSnapshot();\r\n lastCookieMap = getCookieMap();\r\n const currentCookies = getCookieNames();\r\n const authCookies = currentCookies.filter(\r\n (name) =>\r\n name.toLowerCase().includes('tenneo_auth') ||\r\n name.toLowerCase().includes('auth') ||\r\n name.toLowerCase().includes('token')\r\n );\r\n logger.debug('Cookie watcher reset', {\r\n currentCookieCount: currentCookies.length,\r\n authCookieCount: authCookies.length,\r\n authCookies,\r\n });\r\n}\r\n","/**\r\n * Storage watcher to detect manual storage clears and restart auth flow.\r\n * Infrastructure layer: uses storage and callback; application sets callback to bootstrap.\r\n */\r\n\r\nimport { STORAGE_KEYS, getStorage } from '../storage/index';\r\nimport { getSessionClearedCallback } from './callbacks';\r\nimport { areWatchersSuspended } from './watcher-guard';\r\nimport { logger } from '../../utils/logger';\r\n\r\nlet isWatching = false;\r\nlet lastStorageCheck: string | null = null;\r\nlet storageEventListener: ((event: StorageEvent) => void) | null = null;\r\n\r\nfunction checkStorageCleared(): boolean {\r\n try {\r\n const hasAnyAuthData = Object.values(STORAGE_KEYS).some(\r\n (key: string) => getStorage(key) !== null\r\n );\r\n if (lastStorageCheck === 'had_data' && !hasAnyAuthData) return true;\r\n lastStorageCheck = hasAnyAuthData ? 'had_data' : 'no_data';\r\n return false;\r\n } catch {\r\n return false;\r\n }\r\n}\r\n\r\nfunction handleStorageEvent(event: StorageEvent): void {\r\n if (areWatchersSuspended()) return;\r\n if (typeof window !== 'undefined' && event.storageArea === window.sessionStorage) {\r\n const wasCleared = checkStorageCleared();\r\n if (wasCleared) {\r\n if (areWatchersSuspended()) return;\r\n logger.info('Detected manual sessionStorage clear! Redirecting to login...');\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after manual clear', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n });\r\n }\r\n }\r\n }\r\n}\r\n\r\nexport function startStorageWatcher(): void {\r\n if (isWatching) return;\r\n\r\n isWatching = true;\r\n checkStorageCleared();\r\n\r\n storageEventListener = handleStorageEvent;\r\n window.addEventListener('storage', storageEventListener);\r\n\r\n const pollInterval = setInterval(() => {\r\n if (areWatchersSuspended()) return;\r\n const wasCleared = checkStorageCleared();\r\n if (wasCleared) {\r\n if (areWatchersSuspended()) return;\r\n logger.info('Detected manual sessionStorage clear (polling)! Redirecting to login...');\r\n clearInterval(pollInterval);\r\n const cb = getSessionClearedCallback();\r\n if (cb) {\r\n Promise.resolve(cb()).catch((error) => {\r\n logger.error('Failed to redirect to login after manual clear', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n if (!isWatching) startStorageWatcher();\r\n });\r\n }\r\n }\r\n }, 1000);\r\n\r\n (window as unknown as { __tenneo_auth_storage_watcher_interval?: ReturnType<typeof setInterval> }).__tenneo_auth_storage_watcher_interval = pollInterval;\r\n}\r\n\r\nexport function stopStorageWatcher(): void {\r\n isWatching = false;\r\n if (storageEventListener) {\r\n window.removeEventListener('storage', storageEventListener);\r\n storageEventListener = null;\r\n }\r\n const win = window as unknown as { __tenneo_auth_storage_watcher_interval?: ReturnType<typeof setInterval> };\r\n const intervalId = win.__tenneo_auth_storage_watcher_interval;\r\n if (intervalId) {\r\n clearInterval(intervalId);\r\n delete win.__tenneo_auth_storage_watcher_interval;\r\n }\r\n}\r\n","/**\r\n * Shared cookie utilities\r\n * \r\n * SINGLE SOURCE OF TRUTH for cookie clearing\r\n * Prevents duplicate code across logout, storage-watcher, etc.\r\n */\r\n\r\nimport { logger } from './logger';\r\n\r\n/**\r\n * Best-effort removal of non-HttpOnly cookies\r\n * HttpOnly cookies MUST be cleared by server\r\n * \r\n * This function is idempotent - safe to call multiple times\r\n */\r\nexport function clearClientCookies(): void {\r\n try {\r\n if (typeof document === 'undefined' || typeof window === 'undefined') return;\r\n\r\n const cookies = document.cookie.split(';');\r\n const hostname = window.location.hostname;\r\n const hostParts = hostname.split('.').filter(Boolean);\r\n\r\n const domainsToTry: string[] = [hostname];\r\n if (hostParts.length > 1) {\r\n // Try progressively broader parent domains (e.g. a.b.c.com -> .c.com, .b.c.com)\r\n for (let i = hostParts.length - 2; i >= 0; i--) {\r\n const parent = '.' + hostParts.slice(i).join('.');\r\n if (!domainsToTry.includes(parent)) domainsToTry.push(parent);\r\n }\r\n }\r\n\r\n const pathsToTry = ['/', window.location.pathname || '/'].filter(Boolean);\r\n\r\n for (const cookie of cookies) {\r\n const eqPos = cookie.indexOf('=');\r\n const name = eqPos > -1 ? cookie.slice(0, eqPos).trim() : cookie.trim();\r\n\r\n if (!name) continue;\r\n\r\n for (const path of pathsToTry) {\r\n // No domain attribute (current host)\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path}`;\r\n // With domain attribute (host + parent domains)\r\n for (const domain of domainsToTry) {\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=${path};domain=${domain}`;\r\n }\r\n }\r\n }\r\n\r\n logger.debug('Client-side cookies cleared (best-effort)');\r\n } catch (error) {\r\n logger.warn('Failed to clear client cookies', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n}\r\n","/**\r\n * Logout: idempotent, host-driven config, no fragile host_config snapshot/restore.\r\n *\r\n * - Watchers suspended during teardown to avoid bootstrap races\r\n * - Server logout: POST only (no unsafe GET fallback)\r\n * - Local state always cleared even if server fails\r\n * - Storage cache refreshed from current runtime config (memory/host), never a stale snapshot\r\n */\r\n\r\nimport {\r\n clearAuthStorage,\r\n getStorage,\r\n removeStorage,\r\n setStorage,\r\n getStorageKey,\r\n} from '../infrastructure/storage/index';\r\nimport { emitAuthEvent, AuthEventNames } from './events/AuthEvents';\r\nimport {\r\n startStorageWatcher,\r\n stopStorageWatcher,\r\n suspendWatchers,\r\n resumeWatchers,\r\n} from '../infrastructure/watchers';\r\nimport { stopCookieWatcher, resetCookieWatcher } from '../infrastructure/watchers';\r\nimport { logger } from '../utils/logger';\r\nimport {\r\n getAuthConfig,\r\n applyRuntimeTenantSwitch,\r\n syncHostConfigCacheFromMemory,\r\n} from '../config';\r\nimport { clearClientCookies } from '../utils/cookies';\r\nimport { getAuthRuntime } from '../infrastructure/runtime/context';\r\n\r\nfunction buildUrl(baseUrl: string, path: string): string {\r\n const url = new URL(baseUrl);\r\n const normalizedPath = path.startsWith('/') ? path : `/${path}`;\r\n url.pathname = url.pathname.endsWith('/')\r\n ? `${url.pathname}${normalizedPath.slice(1)}`\r\n : `${url.pathname}${normalizedPath}`;\r\n return url.toString();\r\n}\r\n\r\ninterface LogoutResponse {\r\n success?: boolean;\r\n message?: string;\r\n logout?: boolean;\r\n}\r\n\r\nfunction getCsrfToken(): string | null {\r\n try {\r\n if (typeof document === 'undefined') return null;\r\n\r\n const meta = document.querySelector<HTMLMetaElement>('meta[name=\"csrf-token\"]');\r\n if (meta?.content) return meta.content;\r\n\r\n const match = document.cookie.match(/(?:^|;\\s*)XSRF-TOKEN=([^;]+)/i);\r\n if (match) return decodeURIComponent(match[1]);\r\n\r\n return null;\r\n } catch {\r\n return null;\r\n }\r\n}\r\n\r\n/**\r\n * Server logout — POST only. Treats empty/204 responses as success when HTTP ok.\r\n */\r\nasync function callServerLogout(logoutUrl: string): Promise<{\r\n success: boolean;\r\n response?: LogoutResponse;\r\n}> {\r\n const csrfToken = getCsrfToken();\r\n\r\n const headers: Record<string, string> = {\r\n 'X-Requested-With': 'XMLHttpRequest',\r\n Accept: 'application/json, */*',\r\n 'Content-Type': 'application/x-www-form-urlencoded',\r\n };\r\n\r\n if (csrfToken) {\r\n headers['X-CSRF-Token'] = csrfToken;\r\n }\r\n\r\n try {\r\n const response = await fetch(logoutUrl, {\r\n method: 'POST',\r\n mode: 'cors',\r\n headers,\r\n credentials: 'include',\r\n body: '',\r\n });\r\n\r\n if (!response.ok) {\r\n logger.warn('[logout] Server logout HTTP error', {\r\n status: response.status,\r\n statusText: response.statusText,\r\n });\r\n return { success: false };\r\n }\r\n\r\n const contentType = response.headers.get('content-type') || '';\r\n if (!contentType.includes('application/json')) {\r\n logger.info('[logout] Server logout: OK without JSON body', {\r\n status: response.status,\r\n });\r\n return { success: true, response: { success: true } };\r\n }\r\n\r\n const text = await response.text();\r\n let data: LogoutResponse = {};\r\n if (text?.trim()) {\r\n try {\r\n data = JSON.parse(text) as LogoutResponse;\r\n } catch {\r\n logger.warn('[logout] Server returned non-JSON body with JSON content-type');\r\n return { success: false };\r\n }\r\n }\r\n logger.info('[logout] Server logout response', { response: data });\r\n\r\n if (data && (data.success === true || data.logout === true)) {\r\n return { success: true, response: data };\r\n }\r\n\r\n if (!text || text.trim() === '') {\r\n return { success: true, response: { success: true } };\r\n }\r\n\r\n logger.warn('[logout] Server logout: unexpected JSON payload', { response: data });\r\n return { success: false, response: data };\r\n } catch (error) {\r\n logger.warn('[logout] Server logout request failed', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n return { success: false };\r\n }\r\n}\r\n\r\nfunction performLocalLogoutCleanup(): void {\r\n logger.debug('[logout] Local cleanup: cookies + auth storage');\r\n\r\n try {\r\n getAuthRuntime()?.clearCookies?.clearCookies();\r\n } catch (error) {\r\n logger.debug('[logout] Runtime cookie clearer failed (ignored)', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n clearClientCookies();\r\n\r\n try {\r\n clearAuthStorage();\r\n } catch (error) {\r\n logger.warn('[logout] clearAuthStorage failed', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n logger.info('[logout] Local cleanup completed');\r\n}\r\n\r\nfunction acquireLogoutLock(): boolean {\r\n const LOCK_KEY = getStorageKey('logout_lock');\r\n const now = Date.now();\r\n const existingLock = getStorage(LOCK_KEY);\r\n\r\n if (existingLock) {\r\n const lockTime = Number(existingLock);\r\n if (!Number.isNaN(lockTime) && now - lockTime < 5000) {\r\n logger.debug('[logout] Lock active — duplicate tab logout skipped', {\r\n now,\r\n lockTime,\r\n });\r\n return false;\r\n }\r\n }\r\n\r\n setStorage(LOCK_KEY, String(now));\r\n return true;\r\n}\r\n\r\nfunction releaseLogoutLock(): void {\r\n try {\r\n removeStorage(getStorageKey('logout_lock'));\r\n } catch {\r\n // ignore\r\n }\r\n}\r\n\r\nexport type LogoutResult = {\r\n success: boolean;\r\n message: string;\r\n serverResponse?: LogoutResponse;\r\n};\r\n\r\nlet logoutInFlight: Promise<LogoutResult> | null = null;\r\n\r\nasync function runLogoutPipeline(tenantKey?: string): Promise<LogoutResult> {\r\n const gen = suspendWatchers();\r\n logger.info('[logout] Lifecycle: suspend watchers', { generation: gen });\r\n\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n\r\n if (!acquireLogoutLock()) {\r\n resumeWatchers(gen);\r\n logger.debug('[logout] Lifecycle: resume (skipped — lock)');\r\n return { success: true, message: 'Logout already in progress in another tab.' };\r\n }\r\n\r\n let serverLogoutSuccess = false;\r\n let serverResponse: LogoutResponse | undefined;\r\n\r\n try {\r\n if (tenantKey?.trim()) {\r\n applyRuntimeTenantSwitch(tenantKey.trim(), { syncStorageCache: true });\r\n logger.info('[logout] Runtime tenant applied for logout context', {\r\n tenantKey: tenantKey.trim(),\r\n });\r\n }\r\n\r\n const authConfig = getAuthConfig();\r\n const apiAuthBaseUrl = authConfig.authServerUrl;\r\n\r\n if (apiAuthBaseUrl) {\r\n const logoutUrl = buildUrl(apiAuthBaseUrl, 'account/logout');\r\n logger.info('[logout] Calling auth server logout (POST)', { logoutUrl });\r\n\r\n const logoutResult = await callServerLogout(logoutUrl);\r\n serverLogoutSuccess = logoutResult.success;\r\n serverResponse = logoutResult.response;\r\n\r\n if (!serverLogoutSuccess) {\r\n logger.warn('[logout] Server logout did not confirm success — clearing local session anyway', {\r\n logoutUrl,\r\n serverResponse,\r\n });\r\n }\r\n } else {\r\n logger.warn('[logout] authServerUrl missing — local logout only');\r\n }\r\n } catch (error) {\r\n logger.error('[logout] Unexpected error before local cleanup', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n try {\r\n performLocalLogoutCleanup();\r\n } catch (error) {\r\n logger.error('[logout] Local cleanup threw', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n try {\r\n syncHostConfigCacheFromMemory();\r\n logger.debug('[logout] host_config cache refreshed from runtime (not restored from snapshot)');\r\n } catch (error) {\r\n logger.warn('[logout] Failed to sync host config cache', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n try {\r\n resetCookieWatcher();\r\n startStorageWatcher();\r\n logger.info('[logout] Watchers restarted');\r\n } catch (error) {\r\n logger.warn('[logout] Watcher restart failed', {\r\n error: error instanceof Error ? error.message : String(error),\r\n });\r\n }\r\n\r\n releaseLogoutLock();\r\n resumeWatchers(gen);\r\n logger.info('[logout] Lifecycle: complete', { serverLogoutSuccess });\r\n\r\n emitAuthEvent(AuthEventNames.LOGOUT_COMPLETED, {\r\n serverLogoutSuccess,\r\n tenantKey: tenantKey?.trim() || getAuthConfig().tenantCode || undefined,\r\n message: serverLogoutSuccess ? 'Server logout success' : 'Local logout (server may be pending)',\r\n });\r\n\r\n return {\r\n success: true,\r\n message: serverLogoutSuccess\r\n ? serverResponse?.message || 'Logout successful. Fresh login required.'\r\n : 'Logged out locally. Fresh login required (server logout may have failed).',\r\n serverResponse,\r\n };\r\n}\r\n\r\n/**\r\n * Idempotent logout: coalesces concurrent calls in the same JS realm; cross-tab deduped via short lock.\r\n */\r\nexport async function logout(tenantKey?: string): Promise<LogoutResult> {\r\n if (logoutInFlight) {\r\n logger.debug('[logout] Coalescing with in-flight logout');\r\n return logoutInFlight;\r\n }\r\n\r\n logoutInFlight = runLogoutPipeline(tenantKey).finally(() => {\r\n logoutInFlight = null;\r\n });\r\n\r\n return logoutInFlight;\r\n}\r\n","import { createContext, useContext } from 'react';\r\nimport type { AuthContextValue } from '../domain/auth-state';\r\n\r\nexport const AuthContext = createContext<AuthContextValue | undefined>(undefined);\r\n\r\nexport function useAuthContext(): AuthContextValue {\r\n const context = useContext(AuthContext);\r\n if (!context) {\r\n throw new Error('useAuthContext must be used within AuthProvider');\r\n }\r\n return context;\r\n}\r\n","/**\r\n * Tenant resolution API client.\r\n * Resolves tenant configuration via GET /api/tenant/v1/public/tenants/by-code/{tenantCode}.\r\n */\r\n\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { Config, OAUTH_CONSTANTS } from '../../config';\r\nimport { logger } from '../../utils/logger';\r\n\r\nconst ongoingRequests = new Map<string, Promise<TenantConfig | null>>();\r\nconst DEFAULT_SCOPES = OAUTH_CONSTANTS.SCOPES;\r\n\r\nfunction getResolvedTenantBaseUrl(): string {\r\n let base = Config.getApiBaseUrl();\r\n if (typeof window !== 'undefined' && (!base || base.startsWith('/'))) {\r\n base = window.location.origin + (base || '');\r\n }\r\n return base;\r\n}\r\n\r\nconst PUBLIC_CODE_PREFIX = 'public-';\r\n\r\nfunction getTenantByCodeUrl(tenantCode: string): string {\r\n const apiTenantResolutionBaseUrl = getResolvedTenantBaseUrl();\r\n const base = (apiTenantResolutionBaseUrl || '').replace(/\\/api(?:\\/v1)?\\/?$/, '') || apiTenantResolutionBaseUrl;\r\n return `${base}/api/v1/tenant/public/tenants/by-code/${encodeURIComponent(tenantCode)}`;\r\n}\r\n\r\ninterface TenantData {\r\n id: string;\r\n clientCode: string;\r\n legalName?: string;\r\n redirectUri?: string;\r\n displayName?: string;\r\n domain?: string;\r\n isDomainVerified?: boolean;\r\n status?: string;\r\n onboardedAt?: Record<string, unknown> | string;\r\n}\r\n\r\ninterface TenantByCodeResponse {\r\n success: boolean;\r\n message: string | null;\r\n data: TenantData | null;\r\n errors: unknown[] | null;\r\n errorCode: string | null;\r\n}\r\n\r\nexport async function resolveTenant(tenantKey: string): Promise<TenantConfig | null> {\r\n if (!tenantKey || tenantKey.trim() === '') {\r\n logger.debug('tenantKey is empty or invalid, skipping API call');\r\n return null;\r\n }\r\n\r\n const tenantCode = tenantKey.trim();\r\n const requestKey = `resolveTenant:${tenantCode}`;\r\n if (ongoingRequests.has(requestKey)) {\r\n logger.debug('Tenant resolution reused (in-flight)', { tenantCode });\r\n return ongoingRequests.get(requestKey)!;\r\n }\r\n\r\n logger.info('Tenant resolution API call', { tenantCode });\r\n\r\n const requestPromise = (async (): Promise<TenantConfig | null> => {\r\n try {\r\n const url = getTenantByCodeUrl(tenantCode);\r\n logger.debug('GET tenant by-code', { url });\r\n\r\n let data: unknown;\r\n try {\r\n const response = await fetch(url, { method: 'GET' });\r\n if (!response.ok) throw new Error(`HTTP ${response.status}`);\r\n data = (await response.json()) as TenantByCodeResponse;\r\n logger.debug('API response received', { tenantCode });\r\n } catch (error) {\r\n logger.warn('API call failed', { tenantCode, error });\r\n return null;\r\n }\r\n\r\n if (!data || typeof data !== 'object') return null;\r\n\r\n const res = data as TenantByCodeResponse;\r\n if (!res.success || !res.data) return null;\r\n\r\n const tenant = res.data;\r\n if (!tenant.id || !tenant.clientCode) return null;\r\n\r\n const authServer = Config.getAuthServerUrl();\r\n const redirectUri = Config.getRedirectUri();\r\n if (!authServer || !redirectUri) {\r\n return null;\r\n }\r\n\r\n const clientCodeWithPrefix = tenant.clientCode.startsWith(PUBLIC_CODE_PREFIX)\r\n ? tenant.clientCode\r\n : `${PUBLIC_CODE_PREFIX}${tenant.clientCode}`;\r\n\r\n \r\n const config: TenantConfig = {\r\n tenantId: tenant.id,\r\n authServer,\r\n tenantKey: tenantCode,\r\n client: {\r\n clientId: tenant.clientCode,\r\n clientCode: clientCodeWithPrefix,\r\n redirectUri,\r\n scopes: DEFAULT_SCOPES,\r\n },\r\n };\r\n logger.debug('Resolved tenant config', { tenantCode });\r\n return config;\r\n } catch (error) {\r\n logger.warn('Unexpected error resolving tenant', { tenantCode, error });\r\n return null;\r\n } finally {\r\n ongoingRequests.delete(requestKey);\r\n }\r\n })();\r\n\r\n ongoingRequests.set(requestKey, requestPromise);\r\n return requestPromise;\r\n}\r\n","/**\r\n * Browser implementations of runtime interfaces.\r\n * Only used when running in a browser; core has no dependency on this module.\r\n */\r\n\r\nimport type { Logger, UrlProvider, CurrentUrl, ConfigProvider, CookieClearer, TenantResolver } from '../infrastructure/runtime/types';\r\nimport { Config } from '../config';\r\nimport { resolveTenant } from '../infrastructure/tenant/tenant.api';\r\n\r\nexport function createConsoleLogger(): Logger {\r\n return {\r\n info(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.info(message, meta ?? '');\r\n },\r\n warn(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.warn(message, meta ?? '');\r\n },\r\n error(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.error(message, meta ?? '');\r\n },\r\n debug(message: string, meta?: Record<string, unknown>) {\r\n if (typeof console !== 'undefined') console.debug(message, meta ?? '');\r\n },\r\n };\r\n}\r\n\r\nexport function createBrowserUrlProvider(): UrlProvider {\r\n return {\r\n getCurrentUrl(): CurrentUrl {\r\n if (typeof window === 'undefined') {\r\n return { href: '', origin: '', pathname: '/', search: '', hostname: '' };\r\n }\r\n const w = window;\r\n const loc = w.location;\r\n return {\r\n href: loc.href,\r\n origin: loc.origin,\r\n pathname: loc.pathname,\r\n search: loc.search,\r\n hostname: loc.hostname,\r\n };\r\n },\r\n redirect(url: string): void {\r\n if (typeof window !== 'undefined') window.location.replace(url);\r\n },\r\n replaceState(url: string): void {\r\n if (typeof window === 'undefined') return;\r\n try {\r\n const title = typeof document !== 'undefined' ? document.title : '';\r\n window.history.replaceState({}, title, url);\r\n } catch {\r\n // ignore\r\n }\r\n },\r\n };\r\n}\r\n\r\n/** ConfigProvider backed by existing Config (which may use window.__APP_CONFIG__). */\r\nexport function createConfigProvider(): ConfigProvider {\r\n return {\r\n getApiBaseUrl: () => Config.getApiBaseUrl(),\r\n getAuthServerUrl: () => Config.getAuthServerUrl(),\r\n getRedirectUri: () => Config.getRedirectUri(),\r\n getClientCode: () => Config.getClientCode()\r\n \r\n };\r\n}\r\n\r\nexport function createTenantResolver(): TenantResolver {\r\n return { resolve: (tenantKey: string) => resolveTenant(tenantKey) };\r\n}\r\n\r\nexport function createBrowserCookieClearer(): CookieClearer {\r\n return {\r\n clearCookies(): void {\r\n if (typeof document === 'undefined' || typeof window === 'undefined') return;\r\n try {\r\n const cookies = document.cookie.split(';');\r\n cookies.forEach((cookie) => {\r\n const eqPos = cookie.indexOf('=');\r\n const name = eqPos > -1 ? cookie.substring(0, eqPos).trim() : cookie.trim();\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/`;\r\n const domain = window.location.hostname;\r\n const parts = domain.split('.');\r\n if (parts.length > 1) {\r\n const parentDomain = '.' + parts.slice(-2).join('.');\r\n document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;path=/;domain=${parentDomain}`;\r\n }\r\n });\r\n } catch {\r\n // silent\r\n }\r\n },\r\n };\r\n}\r\n","/**\r\n * OAuth2 PKCE implementation of AuthStrategy.\r\n * Wraps initiateAuthFlow, handleCallback, refreshAccessToken, and logout.\r\n */\r\n\r\nimport type { AuthStrategy } from '../../strategies/auth-strategy.interface';\r\nimport type { TenantConfig } from '../../domain/auth-state';\r\nimport { storeTenantConfig, initiateAuthFlow } from './oauth';\r\nimport { handleCallback } from './callback';\r\nimport { refreshAccessToken } from './token-exchange';\r\nimport { logout as performLogout } from '../../application/logout';\r\n\r\nexport function createOAuth2PkceStrategy(): AuthStrategy {\r\n return {\r\n async initiate(tenantConfig: TenantConfig): Promise<void> {\r\n storeTenantConfig(tenantConfig);\r\n await initiateAuthFlow(tenantConfig);\r\n },\r\n\r\n async handleCallback(): Promise<boolean> {\r\n return handleCallback();\r\n },\r\n\r\n async refresh(): Promise<string> {\r\n return refreshAccessToken();\r\n },\r\n\r\n async logout(options?: { tenantKey?: string }): Promise<void> {\r\n await performLogout(options?.tenantKey);\r\n },\r\n };\r\n}\r\n","/**\r\n * Simple EventBus for engine state updates.\r\n */\r\n\r\nimport type { AuthEngineState, AuthStateListener } from './types';\r\n\r\nexport function createEventBus(): {\r\n subscribe(listener: AuthStateListener): () => void;\r\n emit(state: AuthEngineState): void;\r\n} {\r\n const listeners = new Set<AuthStateListener>();\r\n\r\n return {\r\n subscribe(listener: AuthStateListener): () => void {\r\n listeners.add(listener);\r\n return () => listeners.delete(listener);\r\n },\r\n emit(state: AuthEngineState): void {\r\n listeners.forEach((fn) => {\r\n try {\r\n fn(state);\r\n } catch {\r\n // ignore\r\n }\r\n });\r\n },\r\n };\r\n}\r\n","/**\r\n * Creates the auth engine. No React, no direct browser usage.\r\n */\r\n\r\nimport { setAuthRuntime } from '../../infrastructure/runtime/context';\r\nimport { runBootstrap } from '../run-bootstrap';\r\nimport { createOAuth2PkceStrategy } from '../../strategies/oauth2-pkce/OAuth2PkceStrategy';\r\nimport { ensureValidAccessToken } from '../token';\r\nimport {\r\n getAccessToken,\r\n getExpiresAt,\r\n isAccessTokenExpired,\r\n} from '../../infrastructure/storage/index';\r\nimport { createEventBus } from './eventBus';\r\nimport type { AuthEngine, AuthEngineConfig, AuthEngineState } from './types';\r\n\r\nfunction stateEquals(a: AuthEngineState, b: AuthEngineState): boolean {\r\n return (\r\n a.status === b.status &&\r\n a.accessToken === b.accessToken &&\r\n a.expiresAt === b.expiresAt &&\r\n a.error === b.error\r\n );\r\n}\r\n\r\nfunction deriveState(config: AuthEngineConfig): AuthEngineState {\r\n setAuthRuntime(config);\r\n const accessToken = getAccessToken();\r\n const expiresAt = getExpiresAt();\r\n const expired = isAccessTokenExpired();\r\n\r\n if (accessToken && !expired) {\r\n return {\r\n status: 'authenticated',\r\n accessToken,\r\n expiresAt,\r\n error: null,\r\n };\r\n }\r\n if (accessToken && expired) {\r\n return {\r\n status: 'error',\r\n accessToken,\r\n expiresAt,\r\n error: 'Token expired',\r\n };\r\n }\r\n return {\r\n status: 'unauthenticated',\r\n accessToken: null,\r\n expiresAt: null,\r\n error: null,\r\n };\r\n}\r\n\r\nexport function createAuthEngine(config: AuthEngineConfig): AuthEngine {\r\n const frozenConfig = Object.freeze({ ...config }) as AuthEngineConfig;\r\n const bus = createEventBus();\r\n let lastEmittedState: AuthEngineState | null = null;\r\n const strategy = frozenConfig.strategy ?? createOAuth2PkceStrategy();\r\n\r\n const emitState = (): void => {\r\n const next = deriveState(frozenConfig);\r\n if (lastEmittedState !== null && stateEquals(lastEmittedState, next)) return;\r\n lastEmittedState = next;\r\n bus.emit(next);\r\n };\r\n\r\n return {\r\n async init(): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine init: running bootstrap');\r\n await runBootstrap();\r\n emitState();\r\n },\r\n\r\n async login(): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine login: running bootstrap (may redirect)');\r\n await runBootstrap();\r\n emitState();\r\n },\r\n\r\n async logout(options?: { tenantKey?: string }): Promise<void> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine logout');\r\n await strategy.logout(options);\r\n emitState();\r\n },\r\n\r\n async refresh(): Promise<string> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine refresh');\r\n try {\r\n const token = await strategy.refresh();\r\n emitState();\r\n return token;\r\n } catch (e) {\r\n emitState();\r\n throw e;\r\n }\r\n },\r\n\r\n async getAccessToken(): Promise<string> {\r\n setAuthRuntime(frozenConfig);\r\n return ensureValidAccessToken();\r\n },\r\n\r\n async handleCallback(): Promise<boolean> {\r\n setAuthRuntime(frozenConfig);\r\n frozenConfig.logger.debug('Engine handleCallback');\r\n const handled = await strategy.handleCallback();\r\n emitState();\r\n return handled;\r\n },\r\n\r\n subscribe(listener) {\r\n return bus.subscribe(listener);\r\n },\r\n\r\n getState(): AuthEngineState {\r\n return deriveState(frozenConfig);\r\n },\r\n };\r\n}\r\n","/**\r\n * React Context Provider for authentication state (FINAL)\r\n */\r\n\r\nimport React, { useState, useEffect, useLayoutEffect, useCallback, useMemo, useRef } from 'react';\r\nimport {\r\n getAccessToken as getStoredAccessToken,\r\n isAccessTokenExpired,\r\n} from '../infrastructure/storage/index';\r\nimport {\r\n startStorageWatcher,\r\n stopStorageWatcher,\r\n} from '../infrastructure/watchers';\r\nimport {\r\n startCookieWatcher,\r\n stopCookieWatcher,\r\n resetCookieWatcher,\r\n} from '../infrastructure/watchers';\r\nimport type { AuthContextValue, AuthState } from '../domain/auth-state';\r\nimport { AuthContext, useAuthContext } from './AuthContext';\r\nimport {\r\n Config,\r\n setConfig as setSDKConfig,\r\n clearConfigOverrides,\r\n writeHostConfigCache,\r\n logConfigResolutionDebug,\r\n} from '../config';\r\nimport type { SDKConfig } from '../config';\r\nimport {\r\n setStorageContext,\r\n createSecureSessionStorageAdapter,\r\n setStorageKeyPrefix,\r\n getStorageKey,\r\n type StorageAdapter,\r\n} from '../infrastructure/storage/index';\r\nimport { setAuthRuntime } from '../infrastructure/runtime/context';\r\nimport {\r\n createConsoleLogger,\r\n createBrowserUrlProvider,\r\n createConfigProvider,\r\n createTenantResolver,\r\n createBrowserCookieClearer,\r\n} from '../browser/adapters';\r\nimport { getStorage, setStorage, removeStorage } from '../infrastructure/storage/index';\r\nimport { clearFlowFlags, clearCallbackProcessing } from '../application/lifecycle-state';\r\nimport { createAuthEngine } from '../application/engine/createEngine';\r\nimport { setDefaultAuthEngine } from '../application/engine/defaultEngine';\r\nimport type { AuthEngine } from '../application/engine/types';\r\nimport { logger } from '../utils/logger';\r\n\r\ninterface AuthProviderProps {\r\n children: React.ReactNode;\r\n autoInit?: boolean;\r\n /** Optional config object from host app (alternative to passing individual props). */\r\n config?: SDKConfig;\r\n /** Tenant code from host app (used to resolve tenant via GET /api/tenant/v1/public/tenants/by-code/{tenantCode}). */\r\n tenantCode?: string;\r\n /** Tenant resolution base URL (host app). */\r\n apiBaseUrl?: string;\r\n /** Authorization server URL (host app). */\r\n authServerUrl?: string;\r\n /** Callback/redirect URL (host app). */\r\n callbackUrl?: string;\r\n /** App id for storage namespacing (auth_${tenantId}_${appId}_*). */\r\n appId?: string;\r\n /** Optional storage adapter; default is SecureSessionStorageAdapter with namespacing. */\r\n storageAdapter?: StorageAdapter | null;\r\n}\r\n\r\n/**\r\n * AuthProvider – UI-facing auth state only\r\n */\r\nexport function AuthProvider({\r\n children,\r\n autoInit = true,\r\n config,\r\n tenantCode,\r\n apiBaseUrl,\r\n authServerUrl,\r\n callbackUrl,\r\n appId = '',\r\n storageAdapter,\r\n}: AuthProviderProps): React.JSX.Element {\r\n const mergedTenantCode = tenantCode ?? config?.tenantCode;\r\n const mergedApiBaseUrl = apiBaseUrl ?? config?.apiBaseUrl;\r\n const mergedAuthServerUrl = authServerUrl ?? config?.authServerUrl;\r\n const mergedCallbackUrl = callbackUrl ?? config?.callbackUrl;\r\n const resolvedTenantKey = mergedTenantCode ?? Config.getClientCode();\r\n const namespace = useMemo(\r\n () => ({ tenantId: resolvedTenantKey ?? '', appId: appId ?? '' }),\r\n [resolvedTenantKey, appId]\r\n );\r\n const initRanRef = useRef(false);\r\n const engineRef = useRef<AuthEngine | null>(null);\r\n\r\n useLayoutEffect(() => {\r\n logger.debug('[AuthProvider] Host config props', {\r\n tenantCode: mergedTenantCode ?? '(not provided)',\r\n apiBaseUrl: mergedApiBaseUrl ? mergedApiBaseUrl : '(empty)',\r\n authServerUrl: mergedAuthServerUrl ? mergedAuthServerUrl : '(empty)',\r\n callbackUrl: mergedCallbackUrl ? mergedCallbackUrl : '(empty)',\r\n });\r\n if (!mergedAuthServerUrl || !mergedAuthServerUrl.trim()) {\r\n logger.warn('[AuthProvider] authServerUrl missing from host props');\r\n }\r\n if (!mergedCallbackUrl || !mergedCallbackUrl.trim()) {\r\n logger.warn('[AuthProvider] callbackUrl missing from host props');\r\n }\r\n setSDKConfig({\r\n ...(mergedTenantCode ? { tenantCode: mergedTenantCode, tenantKey: mergedTenantCode } : {}),\r\n ...(mergedApiBaseUrl ? { apiBaseUrl: mergedApiBaseUrl } : {}),\r\n ...(mergedAuthServerUrl ? { authServerUrl: mergedAuthServerUrl } : {}),\r\n ...(mergedCallbackUrl ? { callbackUrl: mergedCallbackUrl } : {}),\r\n });\r\n logConfigResolutionDebug('AuthProvider host props applied');\r\n return () => {\r\n clearConfigOverrides();\r\n };\r\n }, [mergedTenantCode, mergedApiBaseUrl, mergedAuthServerUrl, mergedCallbackUrl]);\r\n\r\n // Non-authoritative cache for early readers (bootstrap before full React tree).\r\n useEffect(() => {\r\n try {\r\n writeHostConfigCache({\r\n tenantCode: mergedTenantCode ?? '',\r\n tenantKey: mergedTenantCode ?? '',\r\n appId: appId ?? '',\r\n apiBaseUrl: mergedApiBaseUrl ?? '',\r\n authServerUrl: mergedAuthServerUrl ?? '',\r\n callbackUrl: mergedCallbackUrl ?? '',\r\n });\r\n } catch {\r\n // ignore\r\n }\r\n }, [mergedTenantCode, mergedApiBaseUrl, mergedAuthServerUrl, mergedCallbackUrl, appId]);\r\n\r\n useLayoutEffect(() => {\r\n setStorageKeyPrefix(resolvedTenantKey ?? '');\r\n const adapter =\r\n storageAdapter !== undefined && storageAdapter !== null\r\n ? storageAdapter\r\n : createSecureSessionStorageAdapter(namespace);\r\n setStorageContext(adapter, namespace);\r\n const runtime = {\r\n storageAdapter: adapter,\r\n storageNamespace: namespace,\r\n logger: createConsoleLogger(),\r\n urlProvider: createBrowserUrlProvider(),\r\n configProvider: createConfigProvider(),\r\n tenantResolver: createTenantResolver(),\r\n clearCookies: createBrowserCookieClearer(),\r\n };\r\n setAuthRuntime(runtime);\r\n engineRef.current = createAuthEngine(runtime);\r\n setDefaultAuthEngine(engineRef.current);\r\n return () => {\r\n setDefaultAuthEngine(null);\r\n engineRef.current = null;\r\n setAuthRuntime(null);\r\n setStorageContext(null, { tenantId: '', appId: '' });\r\n setStorageKeyPrefix('');\r\n };\r\n }, [resolvedTenantKey, appId, storageAdapter]);\r\n\r\n // Store tenantCode in sessionStorage so bootstrap can resolve tenant via API (by-code)\r\n useEffect(() => {\r\n const resolvedTenantKey = mergedTenantCode ?? Config.getClientCode();\r\n\r\n logger.debug('[AuthProvider] Props from host app', {\r\n tenantCode: mergedTenantCode ?? '(not provided)',\r\n appId: appId ?? '',\r\n resolvedTenantKey,\r\n });\r\n\r\n if (resolvedTenantKey) {\r\n const previousTenantKey = getStorage(getStorageKey('tenant_key'));\r\n const tenantKeyChanged = previousTenantKey && previousTenantKey !== resolvedTenantKey;\r\n\r\n if (tenantKeyChanged) {\r\n logger.debug('[AuthProvider] Tenant switch detected', { previous: previousTenantKey, next: resolvedTenantKey });\r\n\r\n if (typeof window !== 'undefined') {\r\n const currentUrl = window.location.href;\r\n const isCallback = currentUrl.includes('code=') || currentUrl.includes('state=');\r\n if (isCallback) {\r\n const cleanUrl = window.location.origin + window.location.pathname;\r\n window.history.replaceState({}, document.title, cleanUrl);\r\n }\r\n }\r\n\r\n removeStorage(getStorageKey('access_token'));\r\n removeStorage(getStorageKey('refresh_token'));\r\n removeStorage(getStorageKey('expires_at'));\r\n removeStorage(getStorageKey('state'));\r\n removeStorage(getStorageKey('code_verifier'));\r\n removeStorage(getStorageKey('callback_processed'));\r\n clearCallbackProcessing();\r\n clearFlowFlags();\r\n\r\n setStorage(getStorageKey('props_changed'), 'true');\r\n setStorage(getStorageKey('tenant_switched'), 'true');\r\n setStorage(getStorageKey('new_tenant_key'), resolvedTenantKey);\r\n\r\n setState({\r\n isAuthenticated: false,\r\n accessToken: null,\r\n isLoading: true,\r\n error: null,\r\n });\r\n } else if (previousTenantKey) {\r\n logger.debug('[AuthProvider] TenantKey unchanged', { tenantKey: resolvedTenantKey });\r\n }\r\n\r\n try {\r\n writeHostConfigCache({\r\n tenantKey: resolvedTenantKey,\r\n tenantCode: resolvedTenantKey,\r\n });\r\n logConfigResolutionDebug('AuthProvider tenant key synced to cache', {\r\n tenantCode: resolvedTenantKey,\r\n tenantKey: resolvedTenantKey,\r\n });\r\n } catch {\r\n // ignore\r\n }\r\n setStorage(getStorageKey('tenant_key'), resolvedTenantKey);\r\n } else {\r\n logger.debug('[AuthProvider] No tenant code determined');\r\n }\r\n }, [mergedTenantCode, appId]);\r\n\r\n const [state, setState] = useState<AuthState>({\r\n isAuthenticated: false,\r\n accessToken: null,\r\n isLoading: autoInit,\r\n error: null,\r\n });\r\n\r\n /**\r\n * Sync auth state from engine (or storage when engine not yet ready)\r\n */\r\n const syncAuthState = useCallback(() => {\r\n try {\r\n const engine = engineRef.current;\r\n let authenticated: boolean;\r\n let accessToken: string | null;\r\n let error: string | null = null;\r\n\r\n if (engine) {\r\n const s = engine.getState();\r\n authenticated = s.status === 'authenticated' && !!s.accessToken;\r\n accessToken = s.accessToken;\r\n error = s.error;\r\n } else {\r\n accessToken = getStoredAccessToken();\r\n authenticated = !!accessToken && !isAccessTokenExpired();\r\n }\r\n\r\n setState({\r\n isAuthenticated: authenticated,\r\n accessToken,\r\n isLoading: false,\r\n error,\r\n });\r\n\r\n if (authenticated) {\r\n } else {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n }\r\n } catch (error) {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n setState({\r\n isAuthenticated: false,\r\n accessToken: null,\r\n isLoading: false,\r\n error: error instanceof Error ? error.message : 'Unknown error',\r\n });\r\n }\r\n }, []);\r\n\r\n /**\r\n * Re-bootstrap when props change indicates tenant switch or config update.\r\n * This ensures tenantKey changes actually trigger a fresh resolve + login.\r\n */\r\n useEffect(() => {\r\n if (!autoInit) return;\r\n\r\n const tenantSwitched = getStorage(getStorageKey('tenant_switched')) === 'true';\r\n const propsChanged = getStorage(getStorageKey('props_changed')) === 'true';\r\n if (!tenantSwitched && !propsChanged) return;\r\n\r\n let cancelled = false;\r\n\r\n const reinit = async () => {\r\n try {\r\n await engineRef.current?.init();\r\n if (!cancelled) {\r\n syncAuthState();\r\n }\r\n } finally {\r\n removeStorage(getStorageKey('props_changed'));\r\n }\r\n };\r\n\r\n reinit();\r\n\r\n return () => {\r\n cancelled = true;\r\n };\r\n }, [autoInit, mergedTenantCode, syncAuthState]);\r\n\r\n /**\r\n * Bootstrap auth on mount (once). initRanRef avoids double run in React StrictMode.\r\n */\r\n useEffect(() => {\r\n if (!autoInit) {\r\n setState((prev) => ({ ...prev, isLoading: false }));\r\n return;\r\n }\r\n if (initRanRef.current) return;\r\n initRanRef.current = true;\r\n\r\n let cancelled = false;\r\n\r\n const init = async () => {\r\n try {\r\n await engineRef.current?.init();\r\n if (!cancelled) syncAuthState();\r\n } catch (error) {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n if (!cancelled) {\r\n setState({\r\n isAuthenticated: false,\r\n accessToken: null,\r\n isLoading: false,\r\n error: error instanceof Error ? error.message : 'Authentication initialization failed',\r\n });\r\n }\r\n }\r\n };\r\n\r\n init();\r\n\r\n return () => {\r\n cancelled = true;\r\n initRanRef.current = false;\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n };\r\n }, [autoInit, syncAuthState]);\r\n\r\n /**\r\n * Explicit login (user action)\r\n */\r\n const login = useCallback(async () => {\r\n setState((prev) => ({ ...prev, isLoading: true }));\r\n await engineRef.current?.login();\r\n syncAuthState();\r\n }, [syncAuthState]);\r\n\r\n /**\r\n * Logout – HARD RESET\r\n */\r\n const logout = useCallback(async () => {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n setState((prev) => ({ ...prev, isLoading: true }));\r\n\r\n try {\r\n await engineRef.current?.logout({ tenantKey: mergedTenantCode });\r\n resetCookieWatcher();\r\n } finally {\r\n stopStorageWatcher();\r\n stopCookieWatcher();\r\n setState({\r\n isAuthenticated: false,\r\n accessToken: null,\r\n isLoading: false,\r\n error: null,\r\n });\r\n }\r\n }, [mergedTenantCode]);\r\n\r\n /**\r\n * Refresh token explicitly\r\n */\r\n const refreshToken = useCallback(async (): Promise<string> => {\r\n try {\r\n const newToken = (await engineRef.current?.refresh()) ?? '';\r\n syncAuthState();\r\n return newToken;\r\n } catch (error) {\r\n await logout();\r\n throw error;\r\n }\r\n }, [syncAuthState, logout]);\r\n\r\n /**\r\n * Get access token (auto-refresh)\r\n */\r\n const getValidAccessToken = useCallback(async (): Promise<string> => {\r\n try {\r\n const token = await engineRef.current?.getAccessToken();\r\n if (!token) throw new Error('Not authenticated');\r\n syncAuthState();\r\n return token;\r\n } catch (error) {\r\n await logout();\r\n throw error;\r\n }\r\n }, [syncAuthState, logout]);\r\n\r\n /**\r\n * Set access token in memory/context (used by AuthCallback)\r\n */\r\n const setTokens = useCallback((accessToken: string): void => {\r\n setState({\r\n isAuthenticated: true,\r\n accessToken,\r\n isLoading: false,\r\n error: null,\r\n });\r\n }, []);\r\n\r\n const contextValue = useMemo<AuthContextValue>(\r\n () => ({\r\n ...state,\r\n login,\r\n logout,\r\n refreshToken,\r\n getAccessToken: getValidAccessToken,\r\n setTokens,\r\n }),\r\n [state, login, logout, refreshToken, getValidAccessToken, setTokens]\r\n );\r\n\r\n return (\r\n <AuthContext.Provider value={contextValue}>\r\n {children}\r\n </AuthContext.Provider>\r\n );\r\n}\r\n\r\nexport { useAuthContext };\r\n","import React, { useEffect, useRef, useState } from 'react';\r\nimport { getStorage, getStorageKey, getAccessToken } from '../infrastructure/storage/index';\r\nimport { useAuthContext } from '../context/AuthProvider';\r\nimport { handleCallback } from '../strategies/oauth2-pkce/callback';\r\n\r\nconst PLUGIN_DISPLAY_NAME = 'Tenneo Auth';\r\n\r\ntype StatusState = 'idle' | 'loading' | 'success' | 'error';\r\n\r\ninterface AuthCallbackProps {\r\n loginPath?: string;\r\n successPath?: string;\r\n homePath?: string;\r\n}\r\n\r\nexport function AuthCallback({\r\n loginPath = '/login',\r\n successPath = '/dashboard',\r\n homePath = '/',\r\n}: AuthCallbackProps): React.JSX.Element {\r\n const { setTokens } = useAuthContext();\r\n const handledRef = useRef(false);\r\n const [status, setStatus] = useState<StatusState>('idle');\r\n const [message, setMessage] = useState<string>('');\r\n\r\n useEffect(() => {\r\n if (handledRef.current) return;\r\n handledRef.current = true;\r\n\r\n const urlParams = new URLSearchParams(window.location.search);\r\n const hasCallbackParams = urlParams.has('code') || urlParams.has('error');\r\n\r\n if (!hasCallbackParams) {\r\n window.location.replace(loginPath || homePath);\r\n return;\r\n }\r\n\r\n const error = urlParams.get('error');\r\n const errorDescription = urlParams.get('error_description');\r\n if (error) {\r\n setStatus('error');\r\n setMessage(`${error}: ${errorDescription || 'Authorization failed'}`);\r\n window.history.replaceState({}, document.title, window.location.origin + window.location.pathname);\r\n return;\r\n }\r\n\r\n const runCallback = async () => {\r\n setStatus('loading');\r\n setMessage('Completing sign-in...');\r\n\r\n // Single source of truth: handleCallback() does validation + exchangeCodeForTokens once\r\n const handled = await handleCallback();\r\n\r\n if (!handled) {\r\n setStatus('error');\r\n setMessage('Authentication failed. Please try again.');\r\n window.history.replaceState({}, document.title, window.location.origin + window.location.pathname);\r\n return;\r\n }\r\n\r\n // Important:\r\n // handleCallback() may return `true` during an in-flight callback processing\r\n // (e.g. a second mount/rerender). In that case token might not yet be stored.\r\n // Redirect only once we actually have a token.\r\n const startedAt = Date.now();\r\n const MAX_WAIT_MS = 5000;\r\n\r\n // eslint-disable-next-line no-constant-condition\r\n while (true) {\r\n const token = getAccessToken();\r\n if (token) {\r\n setTokens(token);\r\n setStatus('success');\r\n setMessage('Authentication successful. Redirecting...');\r\n window.location.replace(successPath);\r\n return;\r\n }\r\n\r\n if (Date.now() - startedAt > MAX_WAIT_MS) break;\r\n await new Promise((r) => setTimeout(r, 200));\r\n }\r\n\r\n setStatus('error');\r\n setMessage('Authentication did not complete. Please try again.');\r\n window.history.replaceState({}, document.title, window.location.origin + window.location.pathname);\r\n };\r\n\r\n runCallback();\r\n }, [homePath, loginPath, successPath, setTokens]);\r\n\r\n const containerStyle: React.CSSProperties = {\r\n minHeight: '200px',\r\n display: 'flex',\r\n flexDirection: 'column',\r\n alignItems: 'center',\r\n justifyContent: 'center',\r\n padding: 32,\r\n fontFamily: 'system-ui, -apple-system, Segoe UI, Roboto, sans-serif',\r\n textAlign: 'center',\r\n };\r\n\r\n const titleStyle: React.CSSProperties = {\r\n margin: 0,\r\n fontSize: '1.25rem',\r\n fontWeight: 600,\r\n color: '#1a1a1a',\r\n marginBottom: 8,\r\n };\r\n\r\n const messageStyle: React.CSSProperties = {\r\n margin: 0,\r\n fontSize: '0.9375rem',\r\n color: '#555',\r\n lineHeight: 1.5,\r\n maxWidth: 360,\r\n };\r\n\r\n const errorBoxStyle: React.CSSProperties = {\r\n marginTop: 16,\r\n padding: '12px 16px',\r\n backgroundColor: '#fef2f2',\r\n border: '1px solid #fecaca',\r\n borderRadius: 8,\r\n color: '#991b1b',\r\n fontSize: '0.875rem',\r\n maxWidth: 360,\r\n };\r\n\r\n const retryLinkStyle: React.CSSProperties = {\r\n marginTop: 16,\r\n fontSize: '0.875rem',\r\n color: '#2563eb',\r\n textDecoration: 'none',\r\n cursor: 'pointer',\r\n };\r\n\r\n const spinnerStyle: React.CSSProperties = {\r\n width: 28,\r\n height: 28,\r\n border: '3px solid #e5e7eb',\r\n borderTopColor: '#2563eb',\r\n borderRadius: '50%',\r\n animation: 'auth-callback-spin 0.8s linear infinite',\r\n marginBottom: 16,\r\n };\r\n\r\n const pluginNameStyle: React.CSSProperties = {\r\n position: 'absolute',\r\n top: 24,\r\n left: '50%',\r\n transform: 'translateX(-50%)',\r\n margin: 0,\r\n fontSize: '0.875rem',\r\n fontWeight: 600,\r\n color: '#6b7280',\r\n letterSpacing: '0.02em',\r\n };\r\n\r\n return (\r\n <div style={{ ...containerStyle, position: 'relative' }}>\r\n <style>{`@keyframes auth-callback-spin { to { transform: rotate(360deg); } }`}</style>\r\n <p style={pluginNameStyle}>{PLUGIN_DISPLAY_NAME}</p>\r\n {status === 'loading' && (\r\n <>\r\n <div style={spinnerStyle} aria-hidden />\r\n <h2 style={titleStyle}>Signing you in...</h2>\r\n <p style={messageStyle}>Please wait while we complete authentication.</p>\r\n </>\r\n )}\r\n {status === 'success' && (\r\n <>\r\n <h2 style={titleStyle}>Signed in successfully</h2>\r\n <p style={messageStyle}>Redirecting you now.</p>\r\n </>\r\n )}\r\n {status === 'error' && (\r\n <>\r\n <h2 style={{ ...titleStyle, color: '#991b1b' }}>Authentication failed</h2>\r\n <div style={errorBoxStyle}>{message}</div>\r\n <a\r\n href={loginPath}\r\n style={retryLinkStyle}\r\n onClick={(e) => {\r\n e.preventDefault();\r\n window.location.href = loginPath;\r\n }}\r\n >\r\n Try again\r\n </a>\r\n </>\r\n )}\r\n {status === 'idle' && (\r\n <>\r\n <div style={spinnerStyle} aria-hidden />\r\n <h2 style={titleStyle}>Preparing callback...</h2>\r\n <p style={messageStyle}>Setting up authentication.</p>\r\n </>\r\n )}\r\n </div>\r\n );\r\n}\r\n","/**\r\n * useAuth hook for accessing authentication state and methods\r\n */\r\n\r\nimport { useAuthContext } from '../context/AuthProvider';\r\nimport type { AuthContextValue } from '../domain/auth-state';\r\n\r\n/**\r\n * Hook to access authentication state and methods\r\n * @returns Authentication context value\r\n */\r\nexport function useAuth(): AuthContextValue {\r\n return useAuthContext();\r\n}\r\n\r\n","import React, { useEffect, useRef, useState } from 'react';\r\nimport { useAuth } from '../hooks/useAuth';\r\n\r\ninterface ProtectedRouteProps {\r\n children: React.ReactNode;\r\n fallback?: React.ReactNode;\r\n autoLogin?: boolean;\r\n}\r\n\r\nexport function ProtectedRoute({\r\n children,\r\n fallback = null,\r\n autoLogin = true,\r\n}: ProtectedRouteProps): React.JSX.Element {\r\n const { isAuthenticated, getAccessToken, login } = useAuth();\r\n const [ready, setReady] = useState(false);\r\n const loginTriggeredRef = useRef(false);\r\n\r\n useEffect(() => {\r\n let cancelled = false;\r\n\r\n const run = async () => {\r\n if (isAuthenticated) {\r\n if (!cancelled) setReady(true);\r\n return;\r\n }\r\n\r\n try {\r\n await getAccessToken();\r\n if (!cancelled) setReady(true);\r\n } catch {\r\n if (autoLogin && !loginTriggeredRef.current) {\r\n loginTriggeredRef.current = true;\r\n await login();\r\n }\r\n if (!cancelled) setReady(false);\r\n }\r\n };\r\n\r\n run();\r\n\r\n return () => {\r\n cancelled = true;\r\n };\r\n }, [autoLogin, getAccessToken, isAuthenticated, login]);\r\n\r\n if (!ready || !isAuthenticated) {\r\n return <>{fallback}</>;\r\n }\r\n\r\n return <>{children}</>;\r\n}\r\n","/**\r\n * useAuthInit hook\r\n * \r\n * RULES:\r\n * - Only prevents parallel init calls\r\n * - Does NOT block based on flags (bootstrap handles that)\r\n */\r\n\r\nimport { useRef, useState, useCallback, useEffect, useMemo } from 'react';\r\nimport { bootstrap } from '../application/bootstrap';\r\n\r\ninterface UseAuthInitResult {\r\n isLoading: boolean;\r\n error: string | null;\r\n init: () => Promise<void>;\r\n}\r\n\r\nexport function useAuthInit(): UseAuthInitResult {\r\n const [isLoading, setIsLoading] = useState(false);\r\n const [error, setError] = useState<string | null>(null);\r\n\r\n // Prevent parallel init calls\r\n const inProgressRef = useRef(false);\r\n\r\n // Prevent setState after unmount\r\n const mountedRef = useRef(true);\r\n\r\n useEffect(() => {\r\n return () => {\r\n mountedRef.current = false;\r\n };\r\n }, []);\r\n\r\n const init = useCallback(async () => {\r\n // Prevent duplicate init calls\r\n if (inProgressRef.current) {\r\n return;\r\n }\r\n\r\n inProgressRef.current = true;\r\n\r\n if (mountedRef.current) {\r\n setIsLoading(true);\r\n setError(null);\r\n }\r\n\r\n try {\r\n // Bootstrap handles all decision logic (force login, callback, etc.)\r\n await bootstrap();\r\n } catch (err) {\r\n if (mountedRef.current) {\r\n setError(\r\n err instanceof Error\r\n ? err.message\r\n : 'Authentication initialization failed',\r\n );\r\n }\r\n } finally {\r\n inProgressRef.current = false;\r\n\r\n if (mountedRef.current) {\r\n setIsLoading(false);\r\n }\r\n }\r\n }, []);\r\n\r\n return useMemo(\r\n () => ({ isLoading, error, init }),\r\n [isLoading, error, init]\r\n );\r\n}\r\n"]}