npm - xypriss - Versions diffs - 2.3.3 → 2.3.5 - Mend

xypriss 2.3.3 → 2.3.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (105) hide show

package/dist/esm/src/server/utils/trustProxy.js ADDED Viewed

@@ -0,0 +1,444 @@
+import { isIP } from 'net';
+/**
+ * Advanced Trust Proxy Implementation for XyPriss
+ *
+ * Supports Express-like trust proxy configurations including:
+ * - Boolean values (true/false)
+ * - String values ('loopback', 'linklocal', 'uniquelocal')
+ * - CIDR notation ('192.168.0.0/16')
+ * - IP addresses ('127.0.0.1')
+ * - Arrays of the above
+ * - Custom functions
+ */
+/**
+ * Predefined network ranges
+ */
+const PREDEFINED_RANGES = {
+    loopback: ["127.0.0.0/8", "::1/128"],
+    linklocal: ["169.254.0.0/16", "fe80::/10"],
+    uniquelocal: ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "fc00::/7"],
+};
+class TrustProxy {
+    constructor(config) {
+        this.trustProxyFn = this.createTrustProxyFunction(config);
+    }
+    /**
+     * Validate and normalize IP address string
+     */
+    normalizeIP(ip) {
+        if (!ip || typeof ip !== "string")
+            return null;
+        const trimmed = ip.trim();
+        if (!trimmed)
+            return null;
+        // Handle IPv4-mapped IPv6 addresses (::ffff:192.168.1.1)
+        if (trimmed.startsWith("::ffff:") && trimmed.includes(".")) {
+            const ipv4Part = trimmed.substring(7);
+            if (isIP(ipv4Part) === 4) {
+                return ipv4Part;
+            }
+        }
+        // Validate it's a proper IP
+        const ipVersion = isIP(trimmed);
+        if (ipVersion === 0)
+            return null;
+        return trimmed;
+    }
+    /**
+     * Convert IPv4 address to number for comparison
+     */
+    ipv4ToNumber(ip) {
+        try {
+            const parts = ip.split(".");
+            if (parts.length !== 4)
+                return null;
+            const nums = parts.map((p) => {
+                const num = parseInt(p, 10);
+                if (isNaN(num) || num < 0 || num > 255)
+                    throw new Error("Invalid octet");
+                return num;
+            });
+            return (nums[0] << 24) + (nums[1] << 16) + (nums[2] << 8) + nums[3];
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Check if IPv4 address is in CIDR range
+     */
+    isIPv4InCIDR(ip, cidr) {
+        try {
+            const parts = cidr.split("/");
+            if (parts.length !== 2)
+                return false;
+            const [network, prefixLength] = parts;
+            const prefixLen = parseInt(prefixLength, 10);
+            if (isNaN(prefixLen) || prefixLen < 0 || prefixLen > 32)
+                return false;
+            const ipNum = this.ipv4ToNumber(ip);
+            const networkNum = this.ipv4ToNumber(network);
+            if (ipNum === null || networkNum === null)
+                return false;
+            // Handle edge cases
+            if (prefixLen === 0)
+                return true; // 0.0.0.0/0 matches everything
+            if (prefixLen === 32)
+                return ipNum === networkNum; // Exact match
+            const mask = (0xffffffff << (32 - prefixLen)) >>> 0;
+            return (ipNum & mask) === (networkNum & mask);
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Expand IPv6 address to full form
+     */
+    expandIPv6(ip) {
+        try {
+            if (!ip.includes(":"))
+                return null;
+            // Handle :: compression
+            if (ip.includes("::")) {
+                const parts = ip.split("::");
+                if (parts.length > 2)
+                    return null; // Invalid: multiple ::
+                const left = parts[0] ? parts[0].split(":") : [];
+                const right = parts[1] ? parts[1].split(":") : [];
+                const missing = 8 - left.length - right.length;
+                if (missing < 0)
+                    return null; // Too many parts
+                const middle = Array(missing).fill("0000");
+                const allParts = [...left, ...middle, ...right];
+                // Pad each part to 4 hex digits
+                return allParts.map((p) => p.padStart(4, "0")).join(":");
+            }
+            // No compression
+            const parts = ip.split(":");
+            if (parts.length !== 8)
+                return null;
+            return parts.map((p) => p.padStart(4, "0")).join(":");
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Convert IPv6 address to BigInt for comparison
+     */
+    ipv6ToBigInt(ip) {
+        try {
+            const expanded = this.expandIPv6(ip);
+            if (!expanded)
+                return null;
+            const parts = expanded.split(":");
+            if (parts.length !== 8)
+                return null;
+            let result = 0n;
+            for (let i = 0; i < 8; i++) {
+                const val = parseInt(parts[i], 16);
+                if (isNaN(val) || val < 0 || val > 0xffff)
+                    return null;
+                result = (result << 16n) + BigInt(val);
+            }
+            return result;
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Check if IPv6 address is in CIDR range
+     */
+    isIPv6InCIDR(ip, cidr) {
+        try {
+            const parts = cidr.split("/");
+            if (parts.length !== 2)
+                return false;
+            const [network, prefixLength] = parts;
+            const prefixLen = parseInt(prefixLength, 10);
+            if (isNaN(prefixLen) || prefixLen < 0 || prefixLen > 128)
+                return false;
+            const ipNum = this.ipv6ToBigInt(ip);
+            const networkNum = this.ipv6ToBigInt(network);
+            if (ipNum === null || networkNum === null)
+                return false;
+            // Handle edge cases
+            if (prefixLen === 0)
+                return true; // ::/0 matches everything
+            if (prefixLen === 128)
+                return ipNum === networkNum; // Exact match
+            const mask = (BigInt(2) ** BigInt(128) - BigInt(1)) <<
+                BigInt(128 - prefixLen);
+            return (ipNum & mask) === (networkNum & mask);
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Check if IP address is in CIDR range
+     */
+    isIPInCIDR(ip, cidr) {
+        if (!ip || !cidr)
+            return false;
+        const ipVersion = isIP(ip);
+        if (ipVersion === 0)
+            return false;
+        // Determine CIDR type
+        const isCIDRv4 = cidr.includes(".") && cidr.includes("/");
+        const isCIDRv6 = cidr.includes(":") && cidr.includes("/");
+        if (ipVersion === 4 && isCIDRv4) {
+            return this.isIPv4InCIDR(ip, cidr);
+        }
+        else if (ipVersion === 6 && isCIDRv6) {
+            return this.isIPv6InCIDR(ip, cidr);
+        }
+        return false;
+    }
+    /**
+     * Check if IP matches a single trust proxy rule
+     */
+    matchesTrustRule(ip, rule) {
+        if (!ip || !rule)
+            return false;
+        try {
+            // Handle predefined ranges
+            if (rule in PREDEFINED_RANGES) {
+                const ranges = PREDEFINED_RANGES[rule];
+                return ranges.some((range) => this.isIPInCIDR(ip, range));
+            }
+            // Handle CIDR notation
+            if (rule.includes("/")) {
+                return this.isIPInCIDR(ip, rule);
+            }
+            // Handle exact IP match (normalize both for comparison)
+            const normalizedIP = this.normalizeIP(ip);
+            const normalizedRule = this.normalizeIP(rule);
+            if (!normalizedIP || !normalizedRule)
+                return false;
+            return normalizedIP === normalizedRule;
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Create a trust proxy function from configuration
+     */
+    createTrustProxyFunction(config) {
+        // Handle boolean values
+        if (typeof config === "boolean") {
+            return () => config;
+        }
+        // Handle number values (trust first N hops)
+        if (typeof config === "number") {
+            if (!Number.isInteger(config) || config < 0) {
+                throw new Error("Trust proxy number must be a non-negative integer");
+            }
+            return (_ip, hopIndex) => hopIndex < config;
+        }
+        // Handle function values
+        if (typeof config === "function") {
+            return (ip, hopIndex) => {
+                try {
+                    return Boolean(config(ip, hopIndex));
+                }
+                catch {
+                    return false; // Safe default on function error
+                }
+            };
+        }
+        // Handle string values
+        if (typeof config === "string") {
+            const trimmed = config.trim();
+            if (!trimmed)
+                return () => false;
+            return (ip) => this.matchesTrustRule(ip, trimmed);
+        }
+        // Handle array values
+        if (Array.isArray(config)) {
+            const validRules = config.filter((rule) => typeof rule === "string" && rule.trim());
+            if (validRules.length === 0)
+                return () => false;
+            return (ip) => validRules.some((rule) => this.matchesTrustRule(ip, rule));
+        }
+        // Default: don't trust
+        return () => false;
+    }
+    /**
+     * Safely parse X-Forwarded-For header
+     */
+    parseForwardedFor(header) {
+        if (!header)
+            return [];
+        // Handle array form (shouldn't happen but be defensive)
+        const headerStr = Array.isArray(header) ? header.join(",") : header;
+        if (typeof headerStr !== "string")
+            return [];
+        return headerStr
+            .split(",")
+            .map((ip) => this.normalizeIP(ip))
+            .filter((ip) => ip !== null);
+    }
+    /**
+     * Get remote address with fallback
+     */
+    getRemoteAddress(req) {
+        const remoteAddr = req.socket?.remoteAddress;
+        if (!remoteAddr)
+            return "127.0.0.1";
+        const normalized = this.normalizeIP(remoteAddr);
+        return normalized || "127.0.0.1";
+    }
+    /**
+     * Extract client IP considering trust proxy configuration
+     */
+    extractClientIP(req) {
+        try {
+            const forwardedFor = req.headers["x-forwarded-for"];
+            const ips = this.parseForwardedFor(forwardedFor);
+            if (ips.length === 0) {
+                // No forwarded headers, return direct connection IP
+                return this.getRemoteAddress(req);
+            }
+            // Start from the rightmost IP (closest to server) and work backwards
+            const directIP = this.getRemoteAddress(req);
+            let trustedIP = directIP;
+            // Process IPs from right to left (closest to server first)
+            for (let i = ips.length - 1; i >= 0; i--) {
+                const hopIndex = ips.length - 1 - i;
+                const currentIP = ips[i];
+                // Check if we trust this hop
+                if (this.trustProxyFn(trustedIP, hopIndex)) {
+                    trustedIP = currentIP;
+                }
+                else {
+                    // Stop at first untrusted hop
+                    break;
+                }
+            }
+            return trustedIP;
+        }
+        catch {
+            // On any error, return the direct connection IP as safe default
+            return this.getRemoteAddress(req);
+        }
+    }
+    /**
+     * Extract all IPs in the proxy chain
+     */
+    extractProxyChain(req) {
+        try {
+            const forwardedFor = req.headers["x-forwarded-for"];
+            const ips = this.parseForwardedFor(forwardedFor);
+            const directIP = this.getRemoteAddress(req);
+            if (ips.length === 0) {
+                return [directIP];
+            }
+            const trustedIPs = [directIP];
+            // Process IPs from right to left
+            for (let i = ips.length - 1; i >= 0; i--) {
+                const hopIndex = ips.length - 1 - i;
+                const currentIP = ips[i];
+                const previousIP = trustedIPs[trustedIPs.length - 1];
+                if (this.trustProxyFn(previousIP, hopIndex)) {
+                    trustedIPs.push(currentIP);
+                }
+                else {
+                    break;
+                }
+            }
+            return trustedIPs.reverse(); // Return in client -> server order
+        }
+        catch {
+            return [this.getRemoteAddress(req)];
+        }
+    }
+    /**
+     * Determine if connection is secure based on trust proxy
+     */
+    isSecureConnection(req) {
+        try {
+            // Check if we have a direct TLS connection
+            const socket = req.socket;
+            if (socket?.encrypted === true) {
+                return true;
+            }
+            // Check X-Forwarded-Proto header if we trust the proxy
+            const forwardedProto = req.headers["x-forwarded-proto"];
+            if (!forwardedProto)
+                return false;
+            const directIP = this.getRemoteAddress(req);
+            if (!this.trustProxyFn(directIP, 0))
+                return false;
+            // Handle both string and array forms
+            const protoStr = Array.isArray(forwardedProto)
+                ? forwardedProto[0]
+                : forwardedProto;
+            if (typeof protoStr !== "string")
+                return false;
+            // Take first value if comma-separated
+            const proto = protoStr.split(",")[0].trim().toLowerCase();
+            return proto === "https";
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Get protocol considering trust proxy
+     */
+    getProtocol(req) {
+        return this.isSecureConnection(req) ? "https" : "http";
+    }
+    /**
+     * Get hostname considering trust proxy
+     */
+    getHostname(req) {
+        try {
+            const directIP = this.getRemoteAddress(req);
+            // Check X-Forwarded-Host if we trust the proxy
+            const forwardedHost = req.headers["x-forwarded-host"];
+            if (forwardedHost && this.trustProxyFn(directIP, 0)) {
+                const hostStr = Array.isArray(forwardedHost)
+                    ? forwardedHost[0]
+                    : forwardedHost;
+                if (typeof hostStr === "string" && hostStr.trim()) {
+                    // Take first host if comma-separated, remove port
+                    const hostname = hostStr.split(",")[0].trim().split(":")[0];
+                    if (hostname)
+                        return hostname;
+                }
+            }
+            // Fallback to Host header
+            const host = req.headers.host;
+            if (host && typeof host === "string") {
+                const hostname = host.split(":")[0];
+                if (hostname)
+                    return hostname;
+            }
+            return "localhost";
+        }
+        catch {
+            return "localhost";
+        }
+    }
+    /**
+     * Validate trust proxy configuration
+     */
+    static validate(config) {
+        try {
+            new TrustProxy(config);
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+}
+export { TrustProxy };
+//# sourceMappingURL=trustProxy.js.map

package/dist/esm/src/server/utils/trustProxy.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"trustProxy.js","sources":["../../../../../src/server/utils/trustProxy.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;;;;;;;;AAUG;AAYH;;AAEG;AACH,MAAM,iBAAiB,GAAG;AACtB,IAAA,QAAQ,EAAE,CAAC,aAAa,EAAE,SAAS,CAAC;AACpC,IAAA,SAAS,EAAE,CAAC,gBAAgB,EAAE,WAAW,CAAC;IAC1C,WAAW,EAAE,CAAC,YAAY,EAAE,eAAe,EAAE,gBAAgB,EAAE,UAAU,CAAC;CACpE,CAAC;MAEE,UAAU,CAAA;AAGnB,IAAA,WAAA,CAAY,MAAuB,EAAA;QAC/B,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC;KAC7D;AAED;;AAEG;AACK,IAAA,WAAW,CAAC,EAAU,EAAA;AAC1B,QAAA,IAAI,CAAC,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ;AAAE,YAAA,OAAO,IAAI,CAAC;AAE/C,QAAA,MAAM,OAAO,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC;AAC1B,QAAA,IAAI,CAAC,OAAO;AAAE,YAAA,OAAO,IAAI,CAAC;;AAG1B,QAAA,IAAI,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;YACxD,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;AACtC,YAAA,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;AACtB,gBAAA,OAAO,QAAQ,CAAC;aACnB;SACJ;;AAGD,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC;QAChC,IAAI,SAAS,KAAK,CAAC;AAAE,YAAA,OAAO,IAAI,CAAC;AAEjC,QAAA,OAAO,OAAO,CAAC;KAClB;AAED;;AAEG;AACK,IAAA,YAAY,CAAC,EAAU,EAAA;AAC3B,QAAA,IAAI;YACA,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC5B,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,IAAI,CAAC;YAEpC,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,KAAI;gBACzB,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC5B,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,GAAG,GAAG,GAAG;AAClC,oBAAA,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;AACrC,gBAAA,OAAO,GAAG,CAAC;AACf,aAAC,CAAC,CAAC;AAEH,YAAA,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;SACvE;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,IAAI,CAAC;SACf;KACJ;AAED;;AAEG;IACK,YAAY,CAAC,EAAU,EAAE,IAAY,EAAA;AACzC,QAAA,IAAI;YACA,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC9B,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,KAAK,CAAC;AAErC,YAAA,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,KAAK,CAAC;YACtC,MAAM,SAAS,GAAG,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;YAE7C,IAAI,KAAK,CAAC,SAAS,CAAC,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,EAAE;AACnD,gBAAA,OAAO,KAAK,CAAC;YAEjB,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;YACpC,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;AAE9C,YAAA,IAAI,KAAK,KAAK,IAAI,IAAI,UAAU,KAAK,IAAI;AAAE,gBAAA,OAAO,KAAK,CAAC;;YAGxD,IAAI,SAAS,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;YACjC,IAAI,SAAS,KAAK,EAAE;AAAE,gBAAA,OAAO,KAAK,KAAK,UAAU,CAAC;AAElD,YAAA,MAAM,IAAI,GAAG,CAAC,UAAU,KAAK,EAAE,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;YAEpD,OAAO,CAAC,KAAK,GAAG,IAAI,OAAO,UAAU,GAAG,IAAI,CAAC,CAAC;SACjD;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,KAAK,CAAC;SAChB;KACJ;AAED;;AAEG;AACK,IAAA,UAAU,CAAC,EAAU,EAAA;AACzB,QAAA,IAAI;AACA,YAAA,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC;AAAE,gBAAA,OAAO,IAAI,CAAC;;AAGnC,YAAA,IAAI,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE;gBACnB,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AAC7B,gBAAA,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;oBAAE,OAAO,IAAI,CAAC;gBAElC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;gBACjD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;gBAClD,MAAM,OAAO,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;gBAE/C,IAAI,OAAO,GAAG,CAAC;oBAAE,OAAO,IAAI,CAAC;gBAE7B,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC3C,gBAAA,MAAM,QAAQ,GAAG,CAAC,GAAG,IAAI,EAAE,GAAG,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC;;gBAGhD,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;aAC5D;;YAGD,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC5B,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,IAAI,CAAC;YAEpC,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;SACzD;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,IAAI,CAAC;SACf;KACJ;AAED;;AAEG;AACK,IAAA,YAAY,CAAC,EAAU,EAAA;AAC3B,QAAA,IAAI;YACA,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;AACrC,YAAA,IAAI,CAAC,QAAQ;AAAE,gBAAA,OAAO,IAAI,CAAC;YAE3B,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAClC,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,IAAI,CAAC;YAEpC,IAAI,MAAM,GAAG,EAAE,CAAC;AAEhB,YAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;gBACxB,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACnC,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,GAAG,GAAG,MAAM;AAAE,oBAAA,OAAO,IAAI,CAAC;gBACvD,MAAM,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC;aAC1C;AAED,YAAA,OAAO,MAAM,CAAC;SACjB;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,IAAI,CAAC;SACf;KACJ;AAED;;AAEG;IACK,YAAY,CAAC,EAAU,EAAE,IAAY,EAAA;AACzC,QAAA,IAAI;YACA,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC9B,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,KAAK,CAAC;AAErC,YAAA,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,KAAK,CAAC;YACtC,MAAM,SAAS,GAAG,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;YAE7C,IAAI,KAAK,CAAC,SAAS,CAAC,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,GAAG;AACpD,gBAAA,OAAO,KAAK,CAAC;YAEjB,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;YACpC,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;AAE9C,YAAA,IAAI,KAAK,KAAK,IAAI,IAAI,UAAU,KAAK,IAAI;AAAE,gBAAA,OAAO,KAAK,CAAC;;YAGxD,IAAI,SAAS,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;YACjC,IAAI,SAAS,KAAK,GAAG;AAAE,gBAAA,OAAO,KAAK,KAAK,UAAU,CAAC;AAEnD,YAAA,MAAM,IAAI,GACN,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;AACrC,gBAAA,MAAM,CAAC,GAAG,GAAG,SAAS,CAAC,CAAC;YAE5B,OAAO,CAAC,KAAK,GAAG,IAAI,OAAO,UAAU,GAAG,IAAI,CAAC,CAAC;SACjD;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,KAAK,CAAC;SAChB;KACJ;AAED;;AAEG;IACK,UAAU,CAAC,EAAU,EAAE,IAAY,EAAA;AACvC,QAAA,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI;AAAE,YAAA,OAAO,KAAK,CAAC;AAE/B,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3B,IAAI,SAAS,KAAK,CAAC;AAAE,YAAA,OAAO,KAAK,CAAC;;AAGlC,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AAC1D,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AAE1D,QAAA,IAAI,SAAS,KAAK,CAAC,IAAI,QAAQ,EAAE;YAC7B,OAAO,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;SACtC;AAAM,aAAA,IAAI,SAAS,KAAK,CAAC,IAAI,QAAQ,EAAE;YACpC,OAAO,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;SACtC;AAED,QAAA,OAAO,KAAK,CAAC;KAChB;AAED;;AAEG;IACK,gBAAgB,CAAC,EAAU,EAAE,IAAY,EAAA;AAC7C,QAAA,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI;AAAE,YAAA,OAAO,KAAK,CAAC;AAE/B,QAAA,IAAI;;AAEA,YAAA,IAAI,IAAI,IAAI,iBAAiB,EAAE;AAC3B,gBAAA,MAAM,MAAM,GACR,iBAAiB,CAAC,IAAsC,CAAC,CAAC;AAC9D,gBAAA,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC;aAC7D;;AAGD,YAAA,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;gBACpB,OAAO,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;aACpC;;YAGD,MAAM,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;YAC1C,MAAM,cAAc,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;AAE9C,YAAA,IAAI,CAAC,YAAY,IAAI,CAAC,cAAc;AAAE,gBAAA,OAAO,KAAK,CAAC;YAEnD,OAAO,YAAY,KAAK,cAAc,CAAC;SAC1C;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,KAAK,CAAC;SAChB;KACJ;AAED;;AAEG;AACK,IAAA,wBAAwB,CAC5B,MAAuB,EAAA;;AAGvB,QAAA,IAAI,OAAO,MAAM,KAAK,SAAS,EAAE;AAC7B,YAAA,OAAO,MAAM,MAAM,CAAC;SACvB;;AAGD,QAAA,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE;AAC5B,YAAA,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC,EAAE;AACzC,gBAAA,MAAM,IAAI,KAAK,CACX,mDAAmD,CACtD,CAAC;aACL;YACD,OAAO,CAAC,GAAW,EAAE,QAAgB,KAAK,QAAQ,GAAG,MAAM,CAAC;SAC/D;;AAGD,QAAA,IAAI,OAAO,MAAM,KAAK,UAAU,EAAE;AAC9B,YAAA,OAAO,CAAC,EAAU,EAAE,QAAgB,KAAI;AACpC,gBAAA,IAAI;oBACA,OAAO,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAC;iBACxC;AAAC,gBAAA,MAAM;oBACJ,OAAO,KAAK,CAAC;iBAChB;AACL,aAAC,CAAC;SACL;;AAGD,QAAA,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE;AAC5B,YAAA,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;AAC9B,YAAA,IAAI,CAAC,OAAO;AAAE,gBAAA,OAAO,MAAM,KAAK,CAAC;AACjC,YAAA,OAAO,CAAC,EAAU,KAAK,IAAI,CAAC,gBAAgB,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;SAC7D;;AAGD,QAAA,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;YACvB,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAC5B,CAAC,IAAI,KAAK,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,IAAI,EAAE,CACpD,CAAC;AACF,YAAA,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,MAAM,KAAK,CAAC;YAEhD,OAAO,CAAC,EAAU,KACd,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,gBAAgB,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC;SAClE;;AAGD,QAAA,OAAO,MAAM,KAAK,CAAC;KACtB;AAED;;AAEG;AACK,IAAA,iBAAiB,CAAC,MAAqC,EAAA;AAC3D,QAAA,IAAI,CAAC,MAAM;AAAE,YAAA,OAAO,EAAE,CAAC;;QAGvB,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;QAEpE,IAAI,OAAO,SAAS,KAAK,QAAQ;AAAE,YAAA,OAAO,EAAE,CAAC;AAE7C,QAAA,OAAO,SAAS;aACX,KAAK,CAAC,GAAG,CAAC;AACV,aAAA,GAAG,CAAC,CAAC,EAAE,KAAK,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;aACjC,MAAM,CAAC,CAAC,EAAE,KAAmB,EAAE,KAAK,IAAI,CAAC,CAAC;KAClD;AAED;;AAEG;AACK,IAAA,gBAAgB,CAAC,GAAoB,EAAA;AACzC,QAAA,MAAM,UAAU,GAAG,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC;AAC7C,QAAA,IAAI,CAAC,UAAU;AAAE,YAAA,OAAO,WAAW,CAAC;QAEpC,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QAChD,OAAO,UAAU,IAAI,WAAW,CAAC;KACpC;AAED;;AAEG;AACI,IAAA,eAAe,CAAC,GAAoB,EAAA;AACvC,QAAA,IAAI;YACA,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;YACpD,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,CAAC;AAEjD,YAAA,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;;AAElB,gBAAA,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;aACrC;;YAGD,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,SAAS,GAAG,QAAQ,CAAC;;AAGzB,YAAA,KAAK,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;gBACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,gBAAA,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;;gBAGzB,IAAI,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;oBACxC,SAAS,GAAG,SAAS,CAAC;iBACzB;qBAAM;;oBAEH,MAAM;iBACT;aACJ;AAED,YAAA,OAAO,SAAS,CAAC;SACpB;AAAC,QAAA,MAAM;;AAEJ,YAAA,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;SACrC;KACJ;AAED;;AAEG;AACI,IAAA,iBAAiB,CAAC,GAAoB,EAAA;AACzC,QAAA,IAAI;YACA,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;YACpD,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,CAAC;YACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;AAE5C,YAAA,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;gBAClB,OAAO,CAAC,QAAQ,CAAC,CAAC;aACrB;AAED,YAAA,MAAM,UAAU,GAAa,CAAC,QAAQ,CAAC,CAAC;;AAGxC,YAAA,KAAK,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;gBACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,gBAAA,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;gBACzB,MAAM,UAAU,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;gBAErD,IAAI,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,QAAQ,CAAC,EAAE;AACzC,oBAAA,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;iBAC9B;qBAAM;oBACH,MAAM;iBACT;aACJ;AAED,YAAA,OAAO,UAAU,CAAC,OAAO,EAAE,CAAC;SAC/B;AAAC,QAAA,MAAM;YACJ,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;SACvC;KACJ;AAED;;AAEG;AACI,IAAA,kBAAkB,CAAC,GAAoB,EAAA;AAC1C,QAAA,IAAI;;AAEA,YAAA,MAAM,MAAM,GAAG,GAAG,CAAC,MAAa,CAAC;AACjC,YAAA,IAAI,MAAM,EAAE,SAAS,KAAK,IAAI,EAAE;AAC5B,gBAAA,OAAO,IAAI,CAAC;aACf;;YAGD,MAAM,cAAc,GAAG,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;AACxD,YAAA,IAAI,CAAC,cAAc;AAAE,gBAAA,OAAO,KAAK,CAAC;YAElC,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC;AAAE,gBAAA,OAAO,KAAK,CAAC;;AAGlD,YAAA,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC;AAC1C,kBAAE,cAAc,CAAC,CAAC,CAAC;kBACjB,cAAc,CAAC;YACrB,IAAI,OAAO,QAAQ,KAAK,QAAQ;AAAE,gBAAA,OAAO,KAAK,CAAC;;AAG/C,YAAA,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAC1D,OAAO,KAAK,KAAK,OAAO,CAAC;SAC5B;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,KAAK,CAAC;SAChB;KACJ;AAED;;AAEG;AACI,IAAA,WAAW,CAAC,GAAoB,EAAA;AACnC,QAAA,OAAO,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,GAAG,OAAO,GAAG,MAAM,CAAC;KAC1D;AAED;;AAEG;AACI,IAAA,WAAW,CAAC,GAAoB,EAAA;AACnC,QAAA,IAAI;YACA,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;;YAG5C,MAAM,aAAa,GAAG,GAAG,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;YACtD,IAAI,aAAa,IAAI,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC,EAAE;AACjD,gBAAA,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC;AACxC,sBAAE,aAAa,CAAC,CAAC,CAAC;sBAChB,aAAa,CAAC;gBACpB,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,IAAI,EAAE,EAAE;;oBAE/C,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5D,oBAAA,IAAI,QAAQ;AAAE,wBAAA,OAAO,QAAQ,CAAC;iBACjC;aACJ;;AAGD,YAAA,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC;AAC9B,YAAA,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;gBAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AACpC,gBAAA,IAAI,QAAQ;AAAE,oBAAA,OAAO,QAAQ,CAAC;aACjC;AAED,YAAA,OAAO,WAAW,CAAC;SACtB;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,WAAW,CAAC;SACtB;KACJ;AAED;;AAEG;IACI,OAAO,QAAQ,CAAC,MAAuB,EAAA;AAC1C,QAAA,IAAI;AACA,YAAA,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;AACvB,YAAA,OAAO,IAAI,CAAC;SACf;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,KAAK,CAAC;SAChB;KACJ;AACJ;;;;"}

package/dist/esm/src/server/utils/wildcardMatcher.js ADDED Viewed

@@ -0,0 +1,88 @@
+/**
+ * Wildcard pattern matching utility for CORS origins
+ *
+ * Supports patterns like:
+ * - "localhost:*" matches "localhost:3000", "localhost:8080", etc.
+ * - "*.example.com" matches "api.example.com", "app.example.com", etc.
+ * - "127.0.0.1:*" matches "127.0.0.1:3000", "127.0.0.1:8080", etc.
+ * - "::1:*" matches "::1:3000", "::1:8080", etc.
+ */
+/**
+ * Converts a wildcard pattern to a regular expression
+ * @param pattern - The wildcard pattern (e.g., "localhost:*", "*.example.com")
+ * @returns RegExp object for matching
+ */
+function patternToRegex(pattern) {
+    // Escape special regex characters except for *
+    const escaped = pattern
+        .replace(/[.+?^${}()|[\]\\]/g, '\\$&') // Escape special chars
+        .replace(/\*/g, '.*'); // Replace * with .*
+    // Ensure exact match with ^ and $
+    return new RegExp(`^${escaped}$`, 'i'); // Case insensitive
+}
+/**
+ * Checks if an origin matches a wildcard pattern
+ * @param origin - The origin to check (e.g., "http://localhost:3000")
+ * @param pattern - The wildcard pattern (e.g., "localhost:*")
+ * @returns true if the origin matches the pattern
+ */
+function matchesWildcardPattern(origin, pattern) {
+    // Handle exact matches first (no wildcards)
+    if (!pattern.includes('*')) {
+        return origin === pattern || origin.includes(pattern);
+    }
+    // Extract the host:port part from the origin URL
+    let originHost;
+    try {
+        const url = new URL(origin);
+        originHost = url.host; // This includes both hostname and port
+        // Special handling for default ports
+        if (url.protocol === 'https:' && url.port === '' && url.hostname === 'localhost') {
+            originHost = 'localhost:443';
+        }
+        else if (url.protocol === 'http:' && url.port === '' && url.hostname === 'localhost') {
+            originHost = 'localhost:80';
+        }
+        // Handle IPv6 addresses - remove brackets for pattern matching
+        if (url.hostname.startsWith('[') && url.hostname.endsWith(']')) {
+            const ipv6Host = url.hostname.slice(1, -1); // Remove brackets
+            originHost = url.port ? `${ipv6Host}:${url.port}` : ipv6Host;
+        }
+    }
+    catch {
+        // If it's not a valid URL, treat it as a host:port string
+        originHost = origin;
+    }
+    const regex = patternToRegex(pattern);
+    return regex.test(originHost);
+}
+/**
+ * Checks if an origin is allowed based on an array of patterns
+ * @param origin - The origin to check
+ * @param allowedOrigins - Array of allowed origins (can include wildcards)
+ * @returns true if the origin is allowed
+ */
+function isOriginAllowed(origin, allowedOrigins) {
+    if (!origin || !allowedOrigins || allowedOrigins.length === 0) {
+        return false;
+    }
+    return allowedOrigins.some(pattern => matchesWildcardPattern(origin, pattern));
+}
+/**
+ * Creates a CORS origin function that supports wildcard patterns
+ * @param allowedOrigins - Array of allowed origins (can include wildcards)
+ * @returns Function compatible with cors middleware
+ */
+function createWildcardOriginFunction(allowedOrigins) {
+    return (origin, callback) => {
+        // Allow requests with no origin (like mobile apps or curl requests)
+        if (!origin) {
+            return callback(null, true);
+        }
+        const allowed = isOriginAllowed(origin, allowedOrigins);
+        callback(null, allowed);
+    };
+}
+export { createWildcardOriginFunction, isOriginAllowed, matchesWildcardPattern };
+//# sourceMappingURL=wildcardMatcher.js.map

package/dist/esm/src/server/utils/wildcardMatcher.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"wildcardMatcher.js","sources":["../../../../../src/server/utils/wildcardMatcher.ts"],"sourcesContent":[null],"names":[],"mappings":"AAAA;;;;;;;;AAQG;AAEH;;;;AAIG;AACH,SAAS,cAAc,CAAC,OAAe,EAAA;;IAEnC,MAAM,OAAO,GAAG,OAAO;AAClB,SAAA,OAAO,CAAC,oBAAoB,EAAE,MAAM,CAAC;AACrC,SAAA,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;;IAG1B,OAAO,IAAI,MAAM,CAAC,CAAI,CAAA,EAAA,OAAO,CAAG,CAAA,CAAA,EAAE,GAAG,CAAC,CAAC;AAC3C,CAAC;AAED;;;;;AAKG;AACa,SAAA,sBAAsB,CAAC,MAAc,EAAE,OAAe,EAAA;;IAElE,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;QACxB,OAAO,MAAM,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;KACzD;;AAGD,IAAA,IAAI,UAAkB,CAAC;AACvB,IAAA,IAAI;AACA,QAAA,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;AAC5B,QAAA,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC;;AAGtB,QAAA,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,KAAK,EAAE,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE;YAC9E,UAAU,GAAG,eAAe,CAAC;SAChC;AAAM,aAAA,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,IAAI,GAAG,CAAC,IAAI,KAAK,EAAE,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE;YACpF,UAAU,GAAG,cAAc,CAAC;SAC/B;;AAGD,QAAA,IAAI,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;AAC5D,YAAA,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAC3C,YAAA,UAAU,GAAG,GAAG,CAAC,IAAI,GAAG,CAAG,EAAA,QAAQ,CAAI,CAAA,EAAA,GAAG,CAAC,IAAI,CAAA,CAAE,GAAG,QAAQ,CAAC;SAChE;KACJ;AAAC,IAAA,MAAM;;QAEJ,UAAU,GAAG,MAAM,CAAC;KACvB;AAED,IAAA,MAAM,KAAK,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;AACtC,IAAA,OAAO,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;AAClC,CAAC;AAED;;;;;AAKG;AACa,SAAA,eAAe,CAAC,MAAc,EAAE,cAAwB,EAAA;AACpE,IAAA,IAAI,CAAC,MAAM,IAAI,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE;AAC3D,QAAA,OAAO,KAAK,CAAC;KAChB;AAED,IAAA,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,IAAI,sBAAsB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;AACnF,CAAC;AAED;;;;AAIG;AACG,SAAU,4BAA4B,CAAC,cAAwB,EAAA;AACjE,IAAA,OAAO,CAAC,MAA0B,EAAE,QAAsD,KAAI;;QAE1F,IAAI,CAAC,MAAM,EAAE;AACT,YAAA,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;SAC/B;QAED,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;AACxD,QAAA,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AAC5B,KAAC,CAAC;AACN;;;;"}