* Constructor for the PublicClientApplication used to instantiate the PublicClientApplication object
*
* Important attributes in the Configuration object for auth are:
* - clientID: the application ID of your application. You can obtain one by registering your application with our Application registration portal : https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredAppsPreview
* - authority: the authority URL for your application.
* - redirect_uri: the uri of your application registered in the portal.
*
* In Azure AD, authority is a URL indicating the Azure active directory that MSAL uses to obtain tokens.
* It is of the form https://login.microsoftonline.com/{Enter_the_Tenant_Info_Here}
* If your application supports Accounts in one organizational directory, replace "Enter_the_Tenant_Info_Here" value with the Tenant Id or Tenant name (for example, contoso.microsoft.com).
* If your application supports Accounts in any organizational directory, replace "Enter_the_Tenant_Info_Here" value with organizations.
* If your application supports Accounts in any organizational directory and personal Microsoft accounts, replace "Enter_the_Tenant_Info_Here" value with common.
* To restrict support to Personal Microsoft accounts only, replace "Enter_the_Tenant_Info_Here" value with consumers.
*
* In Azure B2C, authority is of the form https://{instance}/tfp/{tenant}/{policyName}/
* Full B2C functionality will be available in this library in future versions.
*
* @param configuration Object for the MSAL PublicClientApplication instance
*/
constructor(configuration:Configuration);
/**
* Initializer function to perform async startup tasks such as connecting to WAM extension
*/
initialize():Promise<void>;
/**
* Event handler function which allows users to fire events after the PublicClientApplication object
* has loaded during redirect flows. This should be invoked on all page loads involved in redirect
* auth flows.
* @param hash Hash to process. Defaults to the current value of window.location.hash. Only needs to be provided explicitly if the response to be handled is not contained in the current value.
* @returns Token response or null. If the return value is null, then no auth redirect was detected.
* Use when you want to obtain an access_token for your API by redirecting the user's browser window to the authorization endpoint. This function redirects
* the page, so any code that follows this function will not execute.
*
* IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current
* browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
varClientApplication=/** @class */(function(){
/**
* @constructor
* Constructor for the PublicClientApplication used to instantiate the PublicClientApplication object
*
* Important attributes in the Configuration object for auth are:
* - clientID: the application ID of your application. You can obtain one by registering your application with our Application registration portal : https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredAppsPreview
* - authority: the authority URL for your application.
* - redirect_uri: the uri of your application registered in the portal.
*
* In Azure AD, authority is a URL indicating the Azure active directory that MSAL uses to obtain tokens.
* It is of the form https://login.microsoftonline.com/{Enter_the_Tenant_Info_Here}
* If your application supports Accounts in one organizational directory, replace "Enter_the_Tenant_Info_Here" value with the Tenant Id or Tenant name (for example, contoso.microsoft.com).
* If your application supports Accounts in any organizational directory, replace "Enter_the_Tenant_Info_Here" value with organizations.
* If your application supports Accounts in any organizational directory and personal Microsoft accounts, replace "Enter_the_Tenant_Info_Here" value with common.
* To restrict support to Personal Microsoft accounts only, replace "Enter_the_Tenant_Info_Here" value with consumers.
*
* In Azure B2C, authority is of the form https://{instance}/tfp/{tenant}/{policyName}/
* Full B2C functionality will be available in this library in future versions.
*
* @param configuration Object for the MSAL PublicClientApplication instance
*/
functionClientApplication(configuration){
/*
* If loaded in an environment where window is not available,
* set internal flag to false so that further requests fail.
* This is to support server-side rendering environments.
* Event handler function which allows users to fire events after the PublicClientApplication object
* has loaded during redirect flows. This should be invoked on all page loads involved in redirect
* auth flows.
* @param hash Hash to process. Defaults to the current value of window.location.hash. Only needs to be provided explicitly if the response to be handled is not contained in the current value.
* @returns Token response or null. If the return value is null, then no auth redirect was detected.
this.logger.verbose("handleRedirectPromise has been called previously, returning the result from the first call");
}
return[2/*return*/,response];
}
this.logger.verbose("handleRedirectPromise returns null, not browser environment");
return[2/*return*/,null];
});
});
};
/**
* Use when you want to obtain an access_token for your API by redirecting the user's browser window to the authorization endpoint. This function redirects
* the page, so any code that follows this function will not execute.
*
* IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current
* browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
{"version":3,"file":"ClientApplication.js","sources":["../../src/app/ClientApplication.ts"],"sourcesContent":["/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport { CryptoOps } from \"../crypto/CryptoOps\";\nimport { StringUtils, InteractionRequiredAuthError, AccountInfo, Constants, INetworkModule, AuthenticationResult, Logger, CommonSilentFlowRequest, ICrypto, DEFAULT_CRYPTO_IMPLEMENTATION, AuthError, PerformanceEvents, PerformanceCallbackFunction, StubPerformanceClient, IPerformanceClient, BaseAuthRequest, PromptValue, ClientAuthError } from \"@azure/msal-common\";\nimport { BrowserCacheManager, DEFAULT_BROWSER_CACHE_MANAGER } from \"../cache/BrowserCacheManager\";\nimport { BrowserConfiguration, buildConfiguration, CacheOptions, Configuration } from \"../config/Configuration\";\nimport { InteractionType, ApiId, BrowserCacheLocation, WrapperSKU, TemporaryCacheKeys, CacheLookupPolicy } from \"../utils/BrowserConstants\";\nimport { BrowserUtils } from \"../utils/BrowserUtils\";\nimport { RedirectRequest } from \"../request/RedirectRequest\";\nimport { PopupRequest } from \"../request/PopupRequest\";\nimport { SsoSilentRequest } from \"../request/SsoSilentRequest\";\nimport { version, name } from \"../packageMetadata\";\nimport { EventCallbackFunction } from \"../event/EventMessage\";\nimport { EventType } from \"../event/EventType\";\nimport { EndSessionRequest } from \"../request/EndSessionRequest\";\nimport { BrowserConfigurationAuthError } from \"../error/BrowserConfigurationAuthError\";\nimport { EndSessionPopupRequest } from \"../request/EndSessionPopupRequest\";\nimport { INavigationClient } from \"../navigation/INavigationClient\";\nimport { EventHandler } from \"../event/EventHandler\";\nimport { PopupClient } from \"../interaction_client/PopupClient\";\nimport { RedirectClient } from \"../interaction_client/RedirectClient\";\nimport { SilentIframeClient } from \"../interaction_client/SilentIframeClient\";\nimport { SilentRefreshClient } from \"../interaction_client/SilentRefreshClient\";\nimport { TokenCache } from \"../cache/TokenCache\";\nimport { ITokenCache } from \"../cache/ITokenCache\";\nimport { NativeInteractionClient } from \"../interaction_client/NativeInteractionClient\";\nimport { NativeMessageHandler } from \"../broker/nativeBroker/NativeMessageHandler\";\nimport { SilentRequest } from \"../request/SilentRequest\";\nimport { NativeAuthError } from \"../error/NativeAuthError\";\nimport { SilentCacheClient } from \"../interaction_client/SilentCacheClient\";\nimport { SilentAuthCodeClient } from \"../interaction_client/SilentAuthCodeClient\";\nimport { BrowserAuthError } from \"../error/BrowserAuthError\";\nimport { AuthorizationCodeRequest } from \"../request/AuthorizationCodeRequest\";\nimport { NativeTokenRequest } from \"../broker/nativeBroker/NativeRequest\";\nimport { BrowserPerformanceClient } from \"../telemetry/BrowserPerformanceClient\";\n\nexport abstract class ClientApplication {\n\n // Crypto interface implementation\n protected readonly browserCrypto: ICrypto;\n\n // Storage interface implementation\n protected readonly browserStorage: BrowserCacheManager;\n\n // Native Cache in memory storage implementation\n protected readonly nativeInternalStorage: BrowserCacheManager;\n\n // Network interface implementation\n protected readonly networkClient: INetworkModule;\n\n // Navigation interface implementation\n protected navigationClient: INavigationClient;\n\n // Input configuration by developer/user\n protected config: BrowserConfiguration;\n\n // Token cache implementation\n private tokenCache: TokenCache;\n\n // Logger\n protected logger: Logger;\n\n // Flag to indicate if in browser environment\n protected isBrowserEnvironment: boolean;\n\n protected eventHandler: EventHandler;\n\n // Redirect Response Object\n protected redirectResponse: Map<string, Promise<AuthenticationResult | null>>;\n\n // Native Extension Provider\n protected nativeExtensionProvider: NativeMessageHandler | undefined;\n\n // Hybrid auth code responses\n private hybridAuthCodeResponses: Map<string, Promise<AuthenticationResult>>;\n\n // Performance telemetry client\n protected performanceClient: IPerformanceClient;\n\n // Flag representing whether or not the initialize API has been called and completed\n protected initialized: boolean;\n\n /**\n * @constructor\n * Constructor for the PublicClientApplication used to instantiate the PublicClientApplication object\n *\n * Important attributes in the Configuration object for auth are:\n * - clientID: the application ID of your application. You can obtain one by registering your application with our Application registration portal : https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredAppsPreview\n * - authority: the authority URL for your application.\n * - redirect_uri: the uri of your application registered in the portal.\n *\n * In Azure AD, authority is a URL indicating the Azure active directory that MSAL uses to obtain tokens.\n * It is of the form https://login.microsoftonline.com/{Enter_the_Tenant_Info_Here}\n * If your application supports Accounts in one organizational directory, replace \"Enter_the_Tenant_Info_Here\" value with the Tenant Id or Tenant name (for example, contoso.microsoft.com).\n * If your application supports Accounts in any organizational directory, replace \"Enter_the_Tenant_Info_Here\" value with organizations.\n * If your application supports Accounts in any organizational directory and personal Microsoft accounts, replace \"Enter_the_Tenant_Info_Here\" value with common.\n * To restrict support to Personal Microsoft accounts only, replace \"Enter_the_Tenant_Info_Here\" value with consumers.\n *\n * In Azure B2C, authority is of the form https://{instance}/tfp/{tenant}/{policyName}/\n * Full B2C functionality will be available in this library in future versions.\n *\n * @param configuration Object for the MSAL PublicClientApplication instance\n */\n constructor(configuration: Configuration) {\n /*\n * If loaded in an environment where window is not available,\n * set internal flag to false so that further requests fail.\n * This is to support server-side rendering environments.\n */\n this.isBrowserEnvironment = typeof window !== \"undefined\";\n // Set the configuration.\n this.config = buildConfiguration(configuration, this.isBrowserEnvironment);\n this.initialized = false;\n\n // Initialize logger\n this.logger = new Logger(this.config.system.loggerOptions, name, version);\n\n // Initialize the network module class.\n this.networkClient = this.config.system.networkClient;\n\n // Initialize the navigation client class.\n this.navigationClient = this.config.system.navigationClient;\n\n // Initialize redirectResponse Map\n this.redirectResponse = new Map();\n\n // Initial hybrid spa map\n this.hybridAuthCodeResponses = new Map();\n\n // Initialize performance client\n this.performanceClient = this.isBrowserEnvironment ?\n new BrowserPerformanceClient(this.config.auth.clientId, this.config.auth.authority, this.logger, name, version, this.config.telemetry.application, this.config.system.cryptoOptions) :\n new StubPerformanceClient(this.config.auth.clientId, this.config.auth.authority, this.logger, name, version, this.config.telemetry.application);\n\n // Initialize the crypto class.\n this.browserCrypto = this.isBrowserEnvironment ? new CryptoOps(this.logger, this.performanceClient, this.config.system.cryptoOptions) : DEFAULT_CRYPTO_IMPLEMENTATION;\n\n this.eventHandler = new EventHandler(this.logger, this.browserCrypto);\n\n // Initialize the browser storage class.\n this.browserStorage = this.isBrowserEnvironment ?\n new BrowserCacheManager(this.config.auth.clientId, this.config.cache, this.browserCrypto, this.logger) :\n DEFAULT_BROWSER_CACHE_MANAGER(this.config.auth.clientId, this.logger);\n\n // initialize in memory storage for native flows\n const nativeCacheOptions: Required<CacheOptions> = {\n cacheLocation: BrowserCacheLocation.MemoryStorage,\n storeAuthStateInCookie: false,\n secureCookies: false\n };\n this.nativeInternalStorage = new BrowserCacheManager(this.config.auth.clientId, nativeCacheOptions, this.browserCrypto, this.logger);\n\n // Initialize the token cache\n this.tokenCache = new TokenCache(this.config, this.browserStorage, this.logger, this.browserCrypto);\n }\n\n /**\n * Initializer function to perform async startup tasks such as connecting to WAM extension\n */\n async initialize(): Promise<void> {\n this.logger.trace(\"initialize called\");\n if (this.initialized) {\n this.logger.info(\"initialize has already been called, exiting early.\");\n return;\n }\n this.eventHandler.emitEvent(EventType.INITIALIZE_START);\n if (this.config.system.allowNativeBroker) {\n try {\n this.nativeExtensionProvider = await NativeMessageHandler.createProvider(this.logger, this.config.system.nativeBrokerHandshakeTimeout);\n } catch (e) {\n this.logger.verbose(e);\n }\n }\n this.initialized = true;\n this.eventHandler.emitEvent(EventType.INITIALIZE_END);\n }\n\n // #region Redirect Flow\n\n /**\n * Event handler function which allows users to fire events after the PublicClientApplication object\n * has loaded during redirect flows. This should be invoked on all page loads involved in redirect\n * auth flows.\n * @param hash Hash to process. Defaults to the current value of window.location.hash. Only needs to be provided explicitly if the response to be handled is not contained in the current value.\n * @returns Token response or null. If the return value is null, then no auth redirect was detected.\n */\n async handleRedirectPromise(hash?: string): Promise<AuthenticationResult | null> {\n this.logger.verbose(\"handleRedirectPromise called\");\n // Block token acquisition before initialize has been called if native brokering is enabled\n BrowserUtils.blockNativeBrokerCalledBeforeInitialized(this.config.system.allowNativeBroker, this.initialized);\n\n const loggedInAccounts = this.getAllAccounts();\n if (this.isBrowserEnvironment) {\n /**\n * Store the promise on the PublicClientApplication instance if this is the first invocation of handleRedirectPromise,\n * otherwise return the promise from the first invocation. Prevents race conditions when handleRedirectPromise is called\n * several times concurrently.\n */\n const redirectResponseKey = hash || Constants.EMPTY_STRING;\n let response = this.redirectResponse.get(redirectResponseKey);\n if (typeof response === \"undefined\") {\n this.eventHandler.emitEvent(EventType.HANDLE_REDIRECT_START, InteractionType.Redirect);\n this.logger.verbose(\"handleRedirectPromise has been called for the first time, storing the promise\");\n\n const request: NativeTokenRequest | null = this.browserStorage.getCachedNativeRequest();\n let redirectResponse: Promise<AuthenticationResult | null>;\n if (request && NativeMessageHandler.isNativeAvailable(this.config, this.logger, this.nativeExtensionProvider) && this.nativeExtensionProvider && !hash) {\n this.logger.trace(\"handleRedirectPromise - acquiring token from native platform\");\n const nativeClient = new NativeInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.handleRedirectPromise, this.performanceClient, this.nativeExtensionProvider, request.accountId, this.nativeInternalStorage, request.correlationId);\n redirectResponse = nativeClient.handleRedirectPromise();\n } else {\n this.logger.trace(\"handleRedirectPromise - acquiring token from web flow\");\n const correlationId = this.browserStorage.getTemporaryCache(TemporaryCacheKeys.CORRELATION_ID, true) || Constants.EMPTY_STRING;\n const redirectClient = this.createRedirectClient(correlationId);\n redirectResponse = redirectClient.handleRedirectPromise(hash);\n }\n\n response = redirectResponse.then((result: AuthenticationResult | null) => {\n if (result) {\n // Emit login event if number of accounts change\n\n const isLoggingIn = loggedInAccounts.length < this.getAllAccounts().length;\n if (isLoggingIn) {\n this.eventHandler.emitEvent(EventType.LOGIN_SUCCESS, InteractionType.Redirect, result);\n this.logger.verbose(\"handleRedirectResponse returned result, login success\");\n } else {\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_SUCCESS, InteractionType.Redirect, result);\n this.logger.verbose(\"handleRedirectResponse returned result, acquire token success\");\n }\n }\n this.eventHandler.emitEvent(EventType.HANDLE_REDIRECT_END, InteractionType.Redirect);\n\n return result;\n }).catch((e) => {\n // Emit login event if there is an account\n if (loggedInAccounts.length > 0) {\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_FAILURE, InteractionType.Redirect, null, e);\n } else {\n this.eventHandler.emitEvent(EventType.LOGIN_FAILURE, InteractionType.Redirect, null, e);\n }\n this.eventHandler.emitEvent(EventType.HANDLE_REDIRECT_END, InteractionType.Redirect);\n\n throw e;\n });\n this.redirectResponse.set(redirectResponseKey, response);\n } else {\n this.logger.verbose(\"handleRedirectPromise has been called previously, returning the result from the first call\");\n }\n\n return response;\n }\n this.logger.verbose(\"handleRedirectPromise returns null, not browser environment\");\n return null;\n }\n\n /**\n * Use when you want to obtain an access_token for your API by redirecting the user's browser window to the authorization endpoint. This function redirects\n * the page, so any code that follows this function will not execute.\n *\n * IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current\n * browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.\n *\n * @param request\n */\n async acquireTokenRedirect(request: RedirectRequest): Promise<void> {\n // Preflight request\n const correlationId = this.getRequestCorrelationId(request);\n this.logger.verbose(\"acquireTokenRedirect called\", correlationId);\n this.preflightBrowserEnvironmentCheck(InteractionType.Redirect);\n\n // If logged in, emit acquire token events\n const isLoggedIn = this.getAllAccounts().length > 0;\n if (isLoggedIn) {\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, InteractionType.Redirect, request);\n } else {\n this.eventHandler.emitEvent(EventType.LOGIN_START, InteractionType.Redirect, request);\n }\n\n let result: Promise<void>;\n\n if (this.nativeExtensionProvider && this.canUseNative(request)) {\n const nativeClient = new NativeInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.acquireTokenRedirect, this.performanceClient, this.nativeExtensionProvider, this.getNativeAccountId(request), this.nativeInternalStorage, request.correlationId);\n result = nativeClient.acquireTokenRedirect(request).catch((e: AuthError) => {\n if (e instanceof NativeAuthError && e.isFatal()) {\n this.nativeExtensionProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt\n const redirectClient = this.createRedirectClient(request.correlationId);\n return redirectClient.acquireToken(request);\n } else if (e instanceof InteractionRequiredAuthError) {\n this.logger.verbose(\"acquireTokenRedirect - Resolving interaction required error thrown by native broker by falling back to web flow\");\n const redirectClient = this.createRedirectClient(request.correlationId);\n return redirectClient.acquireToken(request);\n }\n this.browserStorage.setInteractionInProgress(false);\n throw e;\n });\n } else {\n const redirectClient = this.createRedirectClient(request.correlationId);\n result = redirectClient.acquireToken(request);\n }\n\n return result.catch((e) => {\n // If logged in, emit acquire token events\n if (isLoggedIn) {\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_FAILURE, InteractionType.Redirect, null, e);\n } else {\n this.eventHandler.emitEvent(EventType.LOGIN_FAILURE, InteractionType.Redirect, null, e);\n }\n throw e;\n });\n }\n\n // #endregion\n\n // #region Popup Flow\n\n /**\n * Use when you want to obtain an access_token for your API via opening a popup window in the user's browser\n *\n * @param request\n *\n * @returns A promise that is fulfilled when this function has completed, or rejected if an error was raised.\n */\n acquireTokenPopup(request: PopupRequest): Promise<AuthenticationResult> {\n const correlationId = this.getRequestCorrelationId(request);\n const atPopupMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenPopup, correlationId);\n\n try {\n this.logger.verbose(\"acquireTokenPopup called\", correlationId);\n this.preflightBrowserEnvironmentCheck(InteractionType.Popup);\n } catch (e) {\n // Since this function is syncronous we need to reject\n return Promise.reject(e);\n }\n\n // If logged in, emit acquire token events\n const loggedInAccounts = this.getAllAccounts();\n if (loggedInAccounts.length > 0) {\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, InteractionType.Popup, request);\n } else {\n this.eventHandler.emitEvent(EventType.LOGIN_START, InteractionType.Popup, request);\n }\n\n let result: Promise<AuthenticationResult>;\n\n if (this.canUseNative(request)) {\n result = this.acquireTokenNative(request, ApiId.acquireTokenPopup).then((response) => {\n this.browserStorage.setInteractionInProgress(false);\n atPopupMeasurement.endMeasurement({\n success: true,\n isNativeBroker: true,\n requestId: response.requestId\n });\n atPopupMeasurement.flushMeasurement();\n return response;\n }).catch((e: AuthError) => {\n if (e instanceof NativeAuthError && e.isFatal()) {\n this.nativeExtensionProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt\n const popupClient = this.createPopupClient(request.correlationId);\n return popupClient.acquireToken(request);\n } else if (e instanceof InteractionRequiredAuthError) {\n this.logger.verbose(\"acquireTokenPopup - Resolving interaction required error thrown by native broker by falling back to web flow\");\n const popupClient = this.createPopupClient(request.correlationId);\n return popupClient.acquireToken(request);\n }\n this.browserStorage.setInteractionInProgress(false);\n throw e;\n });\n } else {\n const popupClient = this.createPopupClient(request.correlationId);\n result = popupClient.acquireToken(request);\n }\n\n return result.then((result) => {\n\n /*\n * If logged in, emit acquire token events\n */\n const isLoggingIn = loggedInAccounts.length < this.getAllAccounts().length;\n if (isLoggingIn) {\n this.eventHandler.emitEvent(EventType.LOGIN_SUCCESS, InteractionType.Popup, result);\n } else {\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_SUCCESS, InteractionType.Popup, result);\n }\n\n atPopupMeasurement.addStaticFields({\n accessTokenSize: result.accessToken.length,\n idTokenSize: result.idToken.length\n });\n atPopupMeasurement.endMeasurement({\n success: true,\n requestId: result.requestId\n });\n\n atPopupMeasurement.flushMeasurement();\n return result;\n }).catch((e: AuthError) => {\n if (loggedInAccounts.length > 0) {\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_FAILURE, InteractionType.Popup, null, e);\n } else {\n this.eventHandler.emitEvent(EventType.LOGIN_FAILURE, InteractionType.Popup, null, e);\n }\n\n atPopupMeasurement.endMeasurement({\n errorCode: e.errorCode,\n subErrorCode: e.subError,\n success: false\n });\n atPopupMeasurement.flushMeasurement();\n\n // Since this function is syncronous we need to reject\n return Promise.reject(e);\n });\n }\n\n // #endregion\n\n // #region Silent Flow\n\n /**\n * This function uses a hidden iframe to fetch an authorization code from the eSTS. There are cases where this may not work:\n * - Any browser using a form of Intelligent Tracking Prevention\n * - If there is not an established session with the service\n *\n * In these cases, the request must be done inside a popup or full frame redirect.\n *\n * For the cases where interaction is required, you cannot send a request with prompt=none.\n *\n * If your refresh token has expired, you can use this function to fetch a new set of tokens silently as long as\n * you session on the server still exists.\n * @param request {@link SsoSilentRequest}\n *\n * @returns A promise that is fulfilled when this function has completed, or rejected if an error was raised.\n */\n async ssoSilent(request: SsoSilentRequest): Promise<AuthenticationResult> {\n const correlationId = this.getRequestCorrelationId(request);\n const validRequest = {\n ...request,\n // will be PromptValue.NONE or PromptValue.NO_SESSION\n prompt: request.prompt,\n correlationId: correlationId\n };\n this.preflightBrowserEnvironmentCheck(InteractionType.Silent);\n const ssoSilentMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.SsoSilent, correlationId);\n this.logger.verbose(\"ssoSilent called\", correlationId);\n this.eventHandler.emitEvent(EventType.SSO_SILENT_START, InteractionType.Silent, validRequest);\n\n let result: Promise<AuthenticationResult>;\n\n if (this.canUseNative(validRequest)) {\n result = this.acquireTokenNative(validRequest, ApiId.ssoSilent).catch((e: AuthError) => {\n // If native token acquisition fails for availability reasons fallback to standard flow\n if (e instanceof NativeAuthError && e.isFatal()) {\n this.nativeExtensionProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt\n const silentIframeClient = this.createSilentIframeClient(validRequest.correlationId);\n return silentIframeClient.acquireToken(validRequest);\n }\n throw e;\n });\n } else {\n const silentIframeClient = this.createSilentIframeClient(validRequest.correlationId);\n result = silentIframeClient.acquireToken(validRequest);\n }\n\n return result.then((response) => {\n this.eventHandler.emitEvent(EventType.SSO_SILENT_SUCCESS, InteractionType.Silent, response);\n ssoSilentMeasurement.addStaticFields({\n accessTokenSize: response.accessToken.length,\n idTokenSize: response.idToken.length\n });\n ssoSilentMeasurement.endMeasurement({\n success: true,\n isNativeBroker: response.fromNativeBroker,\n requestId: response.requestId\n });\n ssoSilentMeasurement.flushMeasurement();\n return response;\n }).catch((e: AuthError) => {\n this.eventHandler.emitEvent(EventType.SSO_SILENT_FAILURE, InteractionType.Silent, null, e);\n ssoSilentMeasurement.endMeasurement({\n errorCode: e.errorCode,\n subErrorCode: e.subError,\n success: false\n });\n ssoSilentMeasurement.flushMeasurement();\n throw e;\n });\n }\n\n /**\n * This function redeems an authorization code (passed as code) from the eSTS token endpoint.\n * This authorization code should be acquired server-side using a confidential client to acquire a spa_code.\n * This API is not indended for normal authorization code acquisition and redemption.\n *\n * Redemption of this authorization code will not require PKCE, as it was acquired by a confidential client.\n *\n * @param request {@link AuthorizationCodeRequest}\n * @returns A promise that is fulfilled when this function has completed, or rejected if an error was raised.\n */\n async acquireTokenByCode(request: AuthorizationCodeRequest): Promise<AuthenticationResult> {\n const correlationId = this.getRequestCorrelationId(request);\n this.preflightBrowserEnvironmentCheck(InteractionType.Silent);\n this.logger.trace(\"acquireTokenByCode called\", correlationId);\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_BY_CODE_START, InteractionType.Silent, request);\n const atbcMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenByCode, request.correlationId);\n\n try {\n if (request.code) {\n const hybridAuthCode = request.code;\n let response = this.hybridAuthCodeResponses.get(hybridAuthCode);\n if (!response) {\n this.logger.verbose(\"Initiating new acquireTokenByCode request\", correlationId);\n response = this.acquireTokenByCodeAsync({\n ...request,\n correlationId\n })\n .then((result: AuthenticationResult) => {\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_BY_CODE_SUCCESS, InteractionType.Silent, result);\n this.hybridAuthCodeResponses.delete(hybridAuthCode);\n atbcMeasurement.addStaticFields({\n accessTokenSize: result.accessToken.length,\n idTokenSize: result.idToken.length\n });\n atbcMeasurement.endMeasurement({\n success: true,\n isNativeBroker: result.fromNativeBroker,\n requestId: result.requestId\n });\n atbcMeasurement.flushMeasurement();\n return result;\n })\n .catch((error: AuthError) => {\n this.hybridAuthCodeResponses.delete(hybridAuthCode);\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_BY_CODE_FAILURE, InteractionType.Silent, null, error);\n atbcMeasurement.endMeasurement({\n errorCode: error.errorCode,\n subErrorCode: error.subError,\n success: false\n });\n atbcMeasurement.flushMeasurement();\n throw error;\n });\n this.hybridAuthCodeResponses.set(hybridAuthCode, response);\n } else {\n this.logger.verbose(\"Existing acquireTokenByCode request found\", request.correlationId);\n atbcMeasurement.endMeasurement({\n success: true\n });\n atbcMeasurement.discardMeasurement();\n }\n return response;\n } else if (request.nativeAccountId) {\n if (this.canUseNative(request, request.nativeAccountId)) {\n return this.acquireTokenNative(request, ApiId.acquireTokenByCode, request.nativeAccountId).catch((e: AuthError) => {\n // If native token acquisition fails for availability reasons fallback to standard flow\n if (e instanceof NativeAuthError && e.isFatal()) {\n this.nativeExtensionProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt\n }\n throw e;\n });\n } else {\n throw BrowserAuthError.createUnableToAcquireTokenFromNativePlatformError();\n }\n } else {\n throw BrowserAuthError.createAuthCodeOrNativeAccountIdRequiredError();\n }\n\n } catch (e) {\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_BY_CODE_FAILURE, InteractionType.Silent, null, e);\n atbcMeasurement.endMeasurement({\n errorCode: e instanceof AuthError && e.errorCode || undefined,\n subErrorCode: e instanceof AuthError && e.subError || undefined,\n success: false\n });\n throw e;\n }\n }\n\n /**\n * Creates a SilentAuthCodeClient to redeem an authorization code.\n * @param request\n * @returns Result of the operation to redeem the authorization code\n */\n private async acquireTokenByCodeAsync(request: AuthorizationCodeRequest): Promise<AuthenticationResult> {\n this.logger.trace(\"acquireTokenByCodeAsync called\", request.correlationId);\n const silentAuthCodeClient = this.createSilentAuthCodeClient(request.correlationId);\n const silentTokenResult = await silentAuthCodeClient.acquireToken(request);\n return silentTokenResult;\n }\n\n /**\n * Attempt to acquire an access token from the cache\n * @param silentCacheClient SilentCacheClient\n * @param commonRequest CommonSilentFlowRequest\n * @param silentRequest SilentRequest\n * @returns A promise that, when resolved, returns the access token\n */\n protected async acquireTokenFromCache(\n silentCacheClient: SilentCacheClient,\n commonRequest: CommonSilentFlowRequest,\n silentRequest: SilentRequest\n ): Promise<AuthenticationResult> {\n switch(silentRequest.cacheLookupPolicy) {\n case CacheLookupPolicy.Default:\n case CacheLookupPolicy.AccessToken:\n case CacheLookupPolicy.AccessTokenAndRefreshToken:\n return silentCacheClient.acquireToken(commonRequest);\n default:\n throw ClientAuthError.createRefreshRequiredError();\n }\n }\n\n /**\n * Attempt to acquire an access token via a refresh token\n * @param commonRequest CommonSilentFlowRequest\n * @param silentRequest SilentRequest\n * @returns A promise that, when resolved, returns the access token\n */\n protected async acquireTokenByRefreshToken(\n commonRequest: CommonSilentFlowRequest,\n silentRequest: SilentRequest\n ): Promise<AuthenticationResult> {\n switch(silentRequest.cacheLookupPolicy) {\n case CacheLookupPolicy.Default:\n case CacheLookupPolicy.AccessTokenAndRefreshToken:\n case CacheLookupPolicy.RefreshToken:\n case CacheLookupPolicy.RefreshTokenAndNetwork:\n const silentRefreshClient = this.createSilentRefreshClient(commonRequest.correlationId);\n return silentRefreshClient.acquireToken(commonRequest);\n default:\n throw ClientAuthError.createRefreshRequiredError();\n }\n }\n\n /**\n * Attempt to acquire an access token via an iframe\n * @param request CommonSilentFlowRequest\n * @returns A promise that, when resolved, returns the access token\n */\n protected async acquireTokenBySilentIframe(\n request: CommonSilentFlowRequest\n ): Promise<AuthenticationResult> {\n const silentIframeClient = this.createSilentIframeClient(request.correlationId);\n return silentIframeClient.acquireToken(request);\n }\n\n // #endregion\n\n // #region Logout\n\n /**\n * Deprecated logout function. Use logoutRedirect or logoutPopup instead\n * @param logoutRequest\n * @deprecated\n */\n async logout(logoutRequest?: EndSessionRequest): Promise<void> {\n const correlationId = this.getRequestCorrelationId(logoutRequest);\n this.logger.warning(\"logout API is deprecated and will be removed in msal-browser v3.0.0. Use logoutRedirect instead.\", correlationId);\n return this.logoutRedirect({\n correlationId,\n ...logoutRequest\n });\n }\n\n /**\n * Use to log out the current user, and redirect the user to the postLogoutRedirectUri.\n * Default behaviour is to redirect the user to `window.location.href`.\n * @param logoutRequest\n */\n async logoutRedirect(logoutRequest?: EndSessionRequest): Promise<void> {\n const correlationId = this.getRequestCorrelationId(logoutRequest);\n this.preflightBrowserEnvironmentCheck(InteractionType.Redirect);\n\n const redirectClient = this.createRedirectClient(correlationId);\n return redirectClient.logout(logoutRequest);\n }\n\n /**\n * Clears local cache for the current user then opens a popup window prompting the user to sign-out of the server\n * @param logoutRequest\n */\n logoutPopup(logoutRequest?: EndSessionPopupRequest): Promise<void> {\n try {\n const correlationId = this.getRequestCorrelationId(logoutRequest);\n this.preflightBrowserEnvironmentCheck(InteractionType.Popup);\n const popupClient = this.createPopupClient(correlationId);\n return popupClient.logout(logoutRequest);\n } catch (e) {\n // Since this function is syncronous we need to reject\n return Promise.reject(e);\n }\n }\n\n // #endregion\n\n // #region Account APIs\n\n /**\n * Returns all accounts that MSAL currently has data for.\n * (the account object is created at the time of successful login)\n * or empty array when no accounts are found\n * @returns Array of account objects in cache\n */\n getAllAccounts(): AccountInfo[] {\n this.logger.verbose(\"getAllAccounts called\");\n return this.isBrowserEnvironment ? this.browserStorage.getAllAccounts() : [];\n }\n\n /**\n * Returns the signed in account matching username.\n * (the account object is created at the time of successful login)\n * or null when no matching account is found.\n * This API is provided for convenience but getAccountById should be used for best reliability\n * @param userName\n * @returns The account object stored in MSAL\n */\n getAccountByUsername(userName: string): AccountInfo | null {\n const allAccounts = this.getAllAccounts();\n if (!StringUtils.isEmpty(userName) && allAccounts && allAccounts.length) {\n this.logger.verbose(\"Account matching username found, returning\");\n this.logger.verbosePii(`Returning signed-in accounts matching username: ${userName}`);\n return allAccounts.filter(accountObj => accountObj.username.toLowerCase() === userName.toLowerCase())[0] || null;\n } else {\n this.logger.verbose(\"getAccountByUsername: No matching account found, returning null\");\n return null;\n }\n }\n\n /**\n * Returns the signed in account matching homeAccountId.\n * (the account object is created at the time of successful login)\n * or null when no matching account is found\n * @param homeAccountId\n * @returns The account object stored in MSAL\n */\n getAccountByHomeId(homeAccountId: string): AccountInfo | null {\n const allAccounts = this.getAllAccounts();\n if (!StringUtils.isEmpty(homeAccountId) && allAccounts && allAccounts.length) {\n this.logger.verbose(\"Account matching homeAccountId found, returning\");\n this.logger.verbosePii(`Returning signed-in accounts matching homeAccountId: ${homeAccountId}`);\n return allAccounts.filter(accountObj => accountObj.homeAccountId === homeAccountId)[0] || null;\n } else {\n this.logger.verbose(\"getAccountByHomeId: No matching account found, returning null\");\n return null;\n }\n }\n\n /**\n * Returns the signed in account matching localAccountId.\n * (the account object is created at the time of successful login)\n * or null when no matching account is found\n * @param localAccountId\n * @returns The account object stored in MSAL\n */\n getAccountByLocalId(localAccountId: string): AccountInfo | null {\n const allAccounts = this.getAllAccounts();\n if (!StringUtils.isEmpty(localAccountId) && allAccounts && allAccounts.length) {\n this.logger.verbose(\"Account matching localAccountId found, returning\");\n this.logger.verbosePii(`Returning signed-in accounts matching localAccountId: ${localAccountId}`);\n return allAccounts.filter(accountObj => accountObj.localAccountId === localAccountId)[0] || null;\n } else {\n this.logger.verbose(\"getAccountByLocalId: No matching account found, returning null\");\n return null;\n }\n }\n\n /**\n * Sets the account to use as the active account. If no account is passed to the acquireToken APIs, then MSAL will use this active account.\n * @param account\n */\n setActiveAccount(account: AccountInfo | null): void {\n this.browserStorage.setActiveAccount(account);\n }\n\n /**\n * Gets the currently active account\n */\n getActiveAccount(): AccountInfo | null {\n return this.browserStorage.getActiveAccount();\n }\n\n // #endregion\n\n // #region Helpers\n\n /**\n * Helper to validate app environment before making an auth request\n *\n * @protected\n * @param {InteractionType} interactionType What kind of interaction is being used\n * @param {boolean} [setInteractionInProgress=true] Whether to set interaction in progress temp cache flag\n */\n protected preflightBrowserEnvironmentCheck(interactionType: InteractionType, setInteractionInProgress: boolean = true): void {\n this.logger.verbose(\"preflightBrowserEnvironmentCheck started\");\n // Block request if not in browser environment\n BrowserUtils.blockNonBrowserEnvironment(this.isBrowserEnvironment);\n\n // Block redirects if in an iframe\n BrowserUtils.blockRedirectInIframe(interactionType, this.config.system.allowRedirectInIframe);\n\n // Block auth requests inside a hidden iframe\n BrowserUtils.blockReloadInHiddenIframes();\n\n // Block redirectUri opened in a popup from calling MSAL APIs\n BrowserUtils.blockAcquireTokenInPopups();\n\n // Block token acquisition before initialize has been called if native brokering is enabled\n BrowserUtils.blockNativeBrokerCalledBeforeInitialized(this.config.system.allowNativeBroker, this.initialized);\n\n // Block redirects if memory storage is enabled but storeAuthStateInCookie is not\n if (interactionType === InteractionType.Redirect &&\n this.config.cache.cacheLocation === BrowserCacheLocation.MemoryStorage &&\n !this.config.cache.storeAuthStateInCookie) {\n throw BrowserConfigurationAuthError.createInMemoryRedirectUnavailableError();\n }\n\n if (interactionType === InteractionType.Redirect || interactionType === InteractionType.Popup) {\n this.preflightInteractiveRequest(setInteractionInProgress);\n }\n }\n\n /**\n * Preflight check for interactive requests\n *\n * @protected\n * @param {boolean} setInteractionInProgress Whether to set interaction in progress temp cache flag\n */\n protected preflightInteractiveRequest(setInteractionInProgress: boolean): void {\n this.logger.verbose(\"preflightInteractiveRequest called, validating app environment\");\n // block the reload if it occurred inside a hidden iframe\n BrowserUtils.blockReloadInHiddenIframes();\n\n // Set interaction in progress temporary cache or throw if alread set.\n if (setInteractionInProgress) {\n this.browserStorage.setInteractionInProgress(true);\n }\n }\n\n /**\n * Acquire a token from native device (e.g. WAM)\n * @param request\n */\n protected async acquireTokenNative(request: PopupRequest | SilentRequest | SsoSilentRequest, apiId: ApiId, accountId?: string): Promise<AuthenticationResult> {\n this.logger.trace(\"acquireTokenNative called\");\n if (!this.nativeExtensionProvider) {\n throw BrowserAuthError.createNativeConnectionNotEstablishedError();\n }\n\n const nativeClient = new NativeInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, apiId, this.performanceClient, this.nativeExtensionProvider, accountId || this.getNativeAccountId(request), this.nativeInternalStorage, request.correlationId);\n\n return nativeClient.acquireToken(request);\n }\n\n /**\n * Returns boolean indicating if this request can use the native broker\n * @param request\n */\n protected canUseNative(request: RedirectRequest | PopupRequest | SsoSilentRequest, accountId?: string): boolean {\n this.logger.trace(\"canUseNative called\");\n if (!NativeMessageHandler.isNativeAvailable(this.config, this.logger, this.nativeExtensionProvider, request.authenticationScheme)) {\n this.logger.trace(\"canUseNative: isNativeAvailable returned false, returning false\");\n return false;\n }\n\n if (request.prompt) {\n switch (request.prompt) {\n case PromptValue.NONE:\n case PromptValue.CONSENT:\n case PromptValue.LOGIN:\n this.logger.trace(\"canUseNative: prompt is compatible with native flow\");\n break;\n default:\n this.logger.trace(`canUseNative: prompt = ${request.prompt} is not compatible with native flow, returning false`);\n return false;\n }\n }\n\n if (!accountId && !this.getNativeAccountId(request)) {\n this.logger.trace(\"canUseNative: nativeAccountId is not available, returning false\");\n return false;\n }\n\n return true;\n }\n\n /**\n * Get the native accountId from the account\n * @param request\n * @returns\n */\n protected getNativeAccountId(request: RedirectRequest | PopupRequest | SsoSilentRequest): string {\n const account = request.account || this.browserStorage.getAccountInfoByHints(request.loginHint, request.sid) || this.getActiveAccount();\n\n return account && account.nativeAccountId || \"\";\n }\n\n /**\n * Returns new instance of the Popup Interaction Client\n * @param correlationId\n */\n protected createPopupClient(correlationId?: string): PopupClient {\n return new PopupClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, this.performanceClient, this.nativeInternalStorage, this.nativeExtensionProvider, correlationId);\n }\n\n /**\n * Returns new instance of the Redirect Interaction Client\n * @param correlationId\n */\n protected createRedirectClient(correlationId?: string): RedirectClient {\n return new RedirectClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, this.performanceClient, this.nativeInternalStorage, this.nativeExtensionProvider, correlationId);\n }\n\n /**\n * Returns new instance of the Silent Iframe Interaction Client\n * @param correlationId\n */\n protected createSilentIframeClient(correlationId?: string): SilentIframeClient {\n return new SilentIframeClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.ssoSilent, this.performanceClient, this.nativeInternalStorage, this.nativeExtensionProvider, correlationId);\n }\n\n /**\n * Returns new instance of the Silent Cache Interaction Client\n */\n protected createSilentCacheClient(correlationId?: string): SilentCacheClient {\n return new SilentCacheClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, this.performanceClient, this.nativeExtensionProvider, correlationId);\n }\n\n /**\n * Returns new instance of the Silent Refresh Interaction Client\n */\n protected createSilentRefreshClient(correlationId?: string): SilentRefreshClient {\n return new SilentRefreshClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, this.performanceClient, this.nativeExtensionProvider, correlationId);\n }\n\n /**\n * Returns new instance of the Silent AuthCode Interaction Client\n */\n protected createSilentAuthCodeClient(correlationId?: string): SilentAuthCodeClient {\n return new SilentAuthCodeClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.acquireTokenByCode, this.performanceClient, this.nativeExtensionProvider, correlationId);\n }\n\n /**\n * Adds event callbacks to array\n * @param callback\n */\n addEventCallback(callback: EventCallbackFunction): string | null {\n return this.eventHandler.addEventCallback(callback);\n }\n\n /**\n * Removes callback with provided id from callback array\n * @param callbackId\n */\n removeEventCallback(callbackId: string): void {\n this.eventHandler.removeEventCallback(callbackId);\n }\n\n /**\n * Registers a callback to receive performance events.\n *\n * @param {PerformanceCallbackFunction} callback\n * @returns {string}\n */\n addPerformanceCallback(callback: PerformanceCallbackFunction): string {\n return this.performanceClient.addPerformanceCallback(callback);\n }\n\n /**\n * Removes a callback registered with addPerformanceCallback.\n *\n * @param {string} callbackId\n * @returns {boolean}\n */\n removePerformanceCallback(callbackId: string): boolean {\n return this.performanceClient.removePerformanceCallback(callbackId);\n }\n\n /**\n * Adds event listener that emits an event when a user account is added or removed from localstorage in a different browser tab or window\n */\n enableAccountStorageEvents(): void {\n this.eventHandler.enableAccountStorageEvents();\n }\n\n /**\n * Removes event listener that emits an event when a user account is added or removed from localstorage in a different browser tab or window\n */\n disableAccountStorageEvents(): void {\n this.eventHandler.disableAccountStorageEvents();\n }\n\n /**\n * Gets the token cache for the application.\n */\n getTokenCache(): ITokenCache {\n return this.tokenCache;\n }\n\n /**\n * Returns the logger instance\n */\n getLogger(): Logger {\n return this.logger;\n }\n\n /**\n * Replaces the default logger set in configurations with new Logger with new configurations\n * @param logger Logger instance\n */\n setLogger(logger: Logger): void {\n this.logger = logger;\n }\n\n /**\n * Called by wrapper libraries (Angular & React) to set SKU and Version passed down to telemetry, logger, etc.\n * @param sku\n * @param version\n */\n initializeWrapperLibrary(sku: WrapperSKU, version: string): void {\n // Validate the SKU passed in is one we expect\n this.browserStorage.setWrapperMetadata(sku, version);\n }\n\n /**\n * Sets navigation client\n * @param navigationClient\n */\n setNavigationClient(navigationClient: INavigationClient): void {\n this.navigationClient = navigationClient;\n }\n\n /**\n * Returns the configuration object\n */\n getConfiguration(): BrowserConfiguration {\n return this.config;\n }\n\n /**\n * Generates a correlation id for a request if none is provided.\n *\n * @protected\n * @param {?Partial<BaseAuthRequest>} [request]\n * @returns {string}\n */\n protected getRequestCorrelationId(request?: Partial<BaseAuthRequest>): string {\n if (request?.correlationId) {\n return request.correlationId;\n }\n\n if (this.isBrowserEnvironment) {\n return this.browserCrypto.createNewGuid();\n }\n\n /*\n * Included for fallback for non-browser environments,\n * and to ensure this method always returns a string.\n */\n return Constants.EMPTY_STRING;\n }\n\n // #endregion\n}\n"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;IA0GI,2BAAY,aAA4B;;;;;;QAMpC,IAAI,CAAC,oBAAoB,GAAG,OAAO,MAAM,KAAK,WAAW,CAAC;;QAE1D,IAAI,CAAC,MAAM,GAAG,kBAAkB,CAAC,aAAa,EAAE,IAAI,CAAC,oBAAoB,CAAC,CAAC;QAC3E,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;;QAGzB,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;;QAG1E,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;;QAGtD,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC;;QAG5D,IAAI,CAAC,gBAAgB,GAAG,IAAI,GAAG,EAAE,CAAC;;QAGlC,IAAI,CAAC,uBAAuB,GAAG,IAAI,GAAG,EAAE,CAAC;;QAGzC,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,oBAAoB;YAC9C,IAAI,wBAAwB,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;YACpL,IAAI,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;;QAGpJ,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,oBAAoB,GAAG,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,6BAA6B,CAAC;QAEtK,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;;QAGtE,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,oBAAoB;YAC3C,IAAI,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC;YACtG,6BAA6B,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;;QAG1E,IAAM,kBAAkB,GAA2B;YAC/C,aAAa,EAAE,oBAAoB,CAAC,aAAa;YACjD,sBAAsB,EAAE,KAAK;YAC7B,aAAa,EAAE,KAAK;SACvB,CAAC;QACF,IAAI,CAAC,qBAAqB,GAAG,IAAI,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,kBAAkB,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;;QAGrI,IAAI,CAAC,UAAU,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;KACvG;;;;IAKK,sCAAU,GAAhB;;;;;;wBACI,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;wBACvC,IAAI,IAAI,CAAC,WAAW,EAAE;4BAClB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;4BACvE,sBAAO;yBACV;wBACD,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;6BACpD,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAApC,wBAAoC;;;;wBAEhC,KAAA,IAAI,CAAA;wBAA2B,qBAAM,oBAAoB,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,4BAA4B,CAAC,EAAA;;wBAAtI,GAAK,uBAAuB,GAAG,SAAuG,CAAC;;;;wBAEvI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAC,CAAC,CAAC;;;wBAG/B,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;wBACxB,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;;;;;KACzD;;;;;;;;;IAWK,iDAAqB,GAA3B,UAA4B,IAAa;;;;;gBACrC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,8BAA8B,CAAC,CAAC;;gBAEpD,YAAY,CAAC,wCAAwC,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;gBAExG,gBAAgB,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;gBAC/C,IAAI,IAAI,CAAC,oBAAoB,EAAE;oBAMrB,mBAAmB,GAAG,IAAI,IAAI,SAAS,CAAC,YAAY,CAAC;oBACvD,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;oBAC9D,IAAI,OAAO,QAAQ,KAAK,WAAW,EAAE;wBACjC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,qBAAqB,EAAE,eAAe,CAAC,QAAQ,CAAC,CAAC;wBACvF,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,+EAA+E,CAAC,CAAC;wBAE/F,OAAO,GAA8B,IAAI,CAAC,cAAc,CAAC,sBAAsB,EAAE,CAAC;wBACpF,gBAAgB,SAAsC,CAAC;wBAC3D,IAAI,OAAO,IAAI,oBAAoB,CAAC,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,IAAI,CAAC,uBAAuB,IAAI,CAAC,IAAI,EAAE;4BACpJ,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8DAA8D,CAAC,CAAC;4BAC5E,YAAY,GAAG,IAAI,uBAAuB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,gBAAgB,EAAE,KAAK,CAAC,qBAAqB,EAAE,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,uBAAuB,EAAE,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,qBAAqB,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;4BACvT,gBAAgB,GAAG,YAAY,CAAC,qBAAqB,EAAE,CAAC;yBAC3D;6BAAM;4BACH,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uDAAuD,CAAC,CAAC;4BACrE,aAAa,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,cAAc,EAAE,IAAI,CAAC,IAAI,SAAS,CAAC,YAAY,CAAC;4BACzH,cAAc,GAAG,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAC;4BAChE,gBAAgB,GAAG,cAAc,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;yBACjE;wBAED,QAAQ,GAAG,gBAAgB,CAAC,IAAI,CAAC,UAAC,MAAmC;4BACjE,IAAI,MAAM,EAAE;;gCAGR,IAAM,WAAW,GAAG,gBAAgB,CAAC,MAAM,GAAG,KAAI,CAAC,cAAc,EAAE,CAAC,MAAM,CAAC;gCAC3E,IAAI,WAAW,EAAE;oCACb,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,aAAa,EAAE,eAAe,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;oCACvF,KAAI,CAAC,MAAM,CAAC,OAAO,CAAC,uDAAuD,CAAC,CAAC;iCAChF;qCAAM;oCACH,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,qBAAqB,EAAE,eAAe,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;oCAC/F,KAAI,CAAC,MAAM,CAAC,OAAO,CAAC,+DAA+D,CAAC,CAAC;iCACxF;6BACJ;4BACD,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,mBAAmB,EAAE,eAAe,CAAC,QAAQ,CAAC,CAAC;4BAErF,OAAO,MAAM,CAAC;yBACjB,CAAC,CAAC,KAAK,CAAC,UAAC,CAAC;;4BAEP,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE;gCAC7B,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,qBAAqB,EAAE,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;6BACnG;iCAAM;gCACH,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,aAAa,EAAE,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;6BAC3F;4BACD,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,mBAAmB,EAAE,eAAe,CAAC,QAAQ,CAAC,CAAC;4BAErF,MAAM,CAAC,CAAC;yBACX,CAAC,CAAC;wBACH,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,mBAAmB,EAAE,QAAQ,CAAC,CAAC;qBAC5D;yBAAM;wBACH,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,4FAA4F,CAAC,CAAC;qBACrH;oBAED,sBAAO,QAAQ,EAAC;iBACnB;gBACD,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,6DAA6D,CAAC,CAAC;gBACnF,sBAAO,IAAI,EAAC;;;KACf;;;;;;;;;;IAWK,gDAAoB,GAA1B,UAA2B,OAAwB;;;;;gBAEzC,aAAa,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;gBAC5D,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,6BAA6B,EAAE,aAAa,CAAC,CAAC;gBAClE,IAAI,CAAC,gCAAgC,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;gBAG1D,UAAU,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;gBACpD,IAAI,UAAU,EAAE;oBACZ,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,mBAAmB,EAAE,eAAe,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;iBACjG;qBAAM;oBACH,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,WAAW,EAAE,eAAe,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;iBACzF;gBAID,IAAI,IAAI,CAAC,uBAAuB,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE;oBACtD,YAAY,GAAG,IAAI,uBAAuB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,gBAAgB,EAAE,KAAK,CAAC,oBAAoB,EAAE,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,uBAAuB,EAAE,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,qBAAqB,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;oBACrU,MAAM,GAAG,YAAY,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,UAAC,CAAY;wBACnE,IAAI,CAAC,YAAY,eAAe,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;4BAC7C,KAAI,CAAC,uBAAuB,GAAG,SAAS,CAAC;4BACzC,IAAM,cAAc,GAAG,KAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;4BACxE,OAAO,cAAc,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;yBAC/C;6BAAM,IAAI,CAAC,YAAY,4BAA4B,EAAE;4BAClD,KAAI,CAAC,MAAM,CAAC,OAAO,CAAC,iHAAiH,CAAC,CAAC;4BACvI,IAAM,cAAc,GAAG,KAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;4BACxE,OAAO,cAAc,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;yBAC/C;wBACD,KAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,KAAK,CAAC,CAAC;wBACpD,MAAM,CAAC,CAAC;qBACX,CAAC,CAAC;iBACN;qBAAM;oBACG,cAAc,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;oBACxE,MAAM,GAAG,cAAc,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;iBACjD;gBAED,sBAAO,MAAM,CAAC,KAAK,CAAC,UAAC,CAAC;;wBAElB,IAAI,UAAU,EAAE;4BACZ,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,qBAAqB,EAAE,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;yBACnG;6BAAM;4BACH,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,aAAa,EAAE,eAAe,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;yBAC3F;wBACD,MAAM,CAAC,CAAC;qBACX,CAAC,EAAC;;;KACN;;;;;;;;;;IAaD,6CAAiB,GAAjB,UAAkB,OAAqB;QAAvC,iBA0FC;QAzFG,IAAM,aAAa,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;QAC5D,IAAM,kBAAkB,GAAG,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;QAEvH,IAAI;YACA,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,0BAA0B,EAAE,aAAa,CAAC,CAAC;YAC/D,IAAI,CAAC,gCAAgC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;SAChE;QAAC,OAAO,CAAC,EAAE;;YAER,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;SAC5B;;QAGD,IAAM,gBAAgB,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAC/C,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE;YAC7B,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,mBAAmB,EAAE,eAAe,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;SAC9F;aAAM;YACH,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,WAAW,EAAE,eAAe,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;SACtF;QAED,IAAI,MAAqC,CAAC;QAE1C,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE;YAC5B,MAAM,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,UAAC,QAAQ;gBAC7E,KAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,KAAK,CAAC,CAAC;gBACpD,kBAAkB,CAAC,cAAc,CAAC;oBAC9B,OAAO,EAAE,IAAI;oBACb,cAAc,EAAE,IAAI;oBACpB,SAAS,EAAE,QAAQ,CAAC,SAAS;iBAChC,CAAC,CAAC;gBACH,kBAAkB,CAAC,gBAAgB,EAAE,CAAC;gBACtC,OAAO,QAAQ,CAAC;aACnB,CAAC,CAAC,KAAK,CAAC,UAAC,CAAY;gBAClB,IAAI,CAAC,YAAY,eAAe,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;oBAC7C,KAAI,CAAC,uBAAuB,GAAG,SAAS,CAAC;oBACzC,IAAM,WAAW,GAAG,KAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;oBAClE,OAAO,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;iBAC5C;qBAAM,IAAI,CAAC,YAAY,4BAA4B,EAAE;oBAClD,KAAI,CAAC,MAAM,CAAC,OAAO,CAAC,8GAA8G,CAAC,CAAC;oBACpI,IAAM,WAAW,GAAG,KAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;oBAClE,OAAO,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;iBAC5C;gBACD,KAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,KAAK,CAAC,CAAC;gBACpD,MAAM,CAAC,CAAC;aACX,CAAC,CAAC;SACN;aAAM;YACH,IAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YAClE,MAAM,GAAG,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;SAC9C;QAED,OAAO,MAAM,CAAC,IAAI,CAAC,UAAC,MAAM;;;;YAKtB,IAAM,WAAW,GAAG,gBAAgB,CAAC,MAAM,GAAG,KAAI,CAAC,cAAc,EAAE,CAAC,MAAM,CAAC;YAC3E,IAAI,WAAW,EAAE;gBACb,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,aAAa,EAAE,eAAe,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;aACvF;iBAAM;gBACH,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,qBAAqB,EAAE,eAAe,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;aAC/F;YAED,kBAAkB,CAAC,eAAe,CAAC;gBAC/B,eAAe,EAAE,MAAM,CAAC,WAAW,CAAC,MAAM;gBAC1C,WAAW,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM;aACrC,CAAC,CAAC;YACH,kBAAkB,CAAC,cAAc,CAAC;gBAC9B,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,MAAM,CAAC,SAAS;aAC9B,CAAC,CAAC;YAEH,kBAAkB,CAAC,gBAAgB,EAAE,CAAC;YACtC,OAAO,MAAM,CAAC;SACjB,CAAC,CAAC,KAAK,CAAC,UAAC,CAAY;YAClB,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE;gBAC7B,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,qBAAqB,EAAE,eAAe,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;aAChG;iBAAM;gBACH,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,aAAa,EAAE,eAAe,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;aACxF;YAED,kBAAkB,CAAC,cAAc,CAAC;gBAC9B,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,YAAY,EAAE,CAAC,CAAC,QAAQ;gBACxB,OAAO,EAAE,KAAK;aACjB,CAAC,CAAC;YACH,kBAAkB,CAAC,gBAAgB,EAAE,CAAC;;YAGtC,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;SAC5B,CAAC,CAAC;KACN;;;;;;;;;;;;;;;;;;IAqBK,qCAAS,GAAf,UAAgB,OAAyB;;;;;gBAC/B,aAAa,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;gBACtD,YAAY,yBACX,OAAO;;oBAEV,MAAM,EAAE,OAAO,CAAC,MAAM,EACtB,aAAa,EAAE,aAAa,GAC/B,CAAC;gBACF,IAAI,CAAC,gCAAgC,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;gBACxD,oBAAoB,GAAG,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;gBACjH,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,kBAAkB,EAAE,aAAa,CAAC,CAAC;gBACvD,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,gBAAgB,EAAE,eAAe,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;gBAI9F,IAAI,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,EAAE;oBACjC,MAAM,GAAG,IAAI,CAAC,kBAAkB,CAAC,YAAY,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,UAAC,CAAY;;wBAE/E,IAAI,CAAC,YAAY,eAAe,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;4BAC7C,KAAI,CAAC,uBAAuB,GAAG,SAAS,CAAC;4BACzC,IAAM,kBAAkB,GAAG,KAAI,CAAC,wBAAwB,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;4BACrF,OAAO,kBAAkB,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;yBACxD;wBACD,MAAM,CAAC,CAAC;qBACX,CAAC,CAAC;iBACN;qBAAM;oBACG,kBAAkB,GAAG,IAAI,CAAC,wBAAwB,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;oBACrF,MAAM,GAAG,kBAAkB,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;iBAC1D;gBAED,sBAAO,MAAM,CAAC,IAAI,CAAC,UAAC,QAAQ;wBACxB,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,kBAAkB,EAAE,eAAe,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;wBAC5F,oBAAoB,CAAC,eAAe,CAAC;4BACjC,eAAe,EAAE,QAAQ,CAAC,WAAW,CAAC,MAAM;4BAC5C,WAAW,EAAE,QAAQ,CAAC,OAAO,CAAC,MAAM;yBACvC,CAAC,CAAC;wBACH,oBAAoB,CAAC,cAAc,CAAC;4BAChC,OAAO,EAAE,IAAI;4BACb,cAAc,EAAE,QAAQ,CAAC,gBAAgB;4BACzC,SAAS,EAAE,QAAQ,CAAC,SAAS;yBAChC,CAAC,CAAC;wBACH,oBAAoB,CAAC,gBAAgB,EAAE,CAAC;wBACxC,OAAO,QAAQ,CAAC;qBACnB,CAAC,CAAC,KAAK,CAAC,UAAC,CAAY;wBAClB,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,kBAAkB,EAAE,eAAe,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;wBAC3F,oBAAoB,CAAC,cAAc,CAAC;4BAChC,SAAS,EAAE,CAAC,CAAC,SAAS;4BACtB,YAAY,EAAE,CAAC,CAAC,QAAQ;4BACxB,OAAO,EAAE,KAAK;yBACjB,CAAC,CAAC;wBACH,oBAAoB,CAAC,gBAAgB,EAAE,CAAC;wBACxC,MAAM,CAAC,CAAC;qBACX,CAAC,EAAC;;;KACN;;;;;;;;;;;IAYK,8CAAkB,GAAxB,UAAyB,OAAiC;;;;;gBAChD,aAAa,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;gBAC5D,IAAI,CAAC,gCAAgC,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;gBAC9D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,aAAa,CAAC,CAAC;gBAC9D,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,2BAA2B,EAAE,eAAe,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAC9F,eAAe,GAAG,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,kBAAkB,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;gBAE7H,IAAI;oBACA,IAAI,OAAO,CAAC,IAAI,EAAE;wBACR,mBAAiB,OAAO,CAAC,IAAI,CAAC;wBAChC,QAAQ,GAAG,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,gBAAc,CAAC,CAAC;wBAChE,IAAI,CAAC,QAAQ,EAAE;4BACX,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,2CAA2C,EAAE,aAAa,CAAC,CAAC;4BAChF,QAAQ,GAAG,IAAI,CAAC,uBAAuB,uBAChC,OAAO,KACV,aAAa,eAAA,IACf;iCACG,IAAI,CAAC,UAAC,MAA4B;gCAC/B,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,6BAA6B,EAAE,eAAe,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;gCACrG,KAAI,CAAC,uBAAuB,CAAC,MAAM,CAAC,gBAAc,CAAC,CAAC;gCACpD,eAAe,CAAC,eAAe,CAAC;oCAC5B,eAAe,EAAE,MAAM,CAAC,WAAW,CAAC,MAAM;oCAC1C,WAAW,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM;iCACrC,CAAC,CAAC;gCACH,eAAe,CAAC,cAAc,CAAC;oCAC3B,OAAO,EAAE,IAAI;oCACb,cAAc,EAAE,MAAM,CAAC,gBAAgB;oCACvC,SAAS,EAAE,MAAM,CAAC,SAAS;iCAC9B,CAAC,CAAC;gCACH,eAAe,CAAC,gBAAgB,EAAE,CAAC;gCACnC,OAAO,MAAM,CAAC;6BACjB,CAAC;iCACD,KAAK,CAAC,UAAC,KAAgB;gCACpB,KAAI,CAAC,uBAAuB,CAAC,MAAM,CAAC,gBAAc,CAAC,CAAC;gCACpD,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,6BAA6B,EAAE,eAAe,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;gCAC1G,eAAe,CAAC,cAAc,CAAC;oCAC3B,SAAS,EAAE,KAAK,CAAC,SAAS;oCAC1B,YAAY,EAAE,KAAK,CAAC,QAAQ;oCAC5B,OAAO,EAAE,KAAK;iCACjB,CAAC,CAAC;gCACH,eAAe,CAAC,gBAAgB,EAAE,CAAC;gCACnC,MAAM,KAAK,CAAC;6BACf,CAAC,CAAC;4BACP,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,gBAAc,EAAE,QAAQ,CAAC,CAAC;yBAC9D;6BAAM;4BACH,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,2CAA2C,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;4BACxF,eAAe,CAAC,cAAc,CAAC;gCAC3B,OAAO,EAAE,IAAI;6BAChB,CAAC,CAAC;4BACH,eAAe,CAAC,kBAAkB,EAAE,CAAC;yBACxC;wBACD,sBAAO,QAAQ,EAAC;qBACnB;yBAAM,IAAI,OAAO,CAAC,eAAe,EAAE;wBAChC,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,eAAe,CAAC,EAAE;4BACrD,sBAAO,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,KAAK,CAAC,kBAAkB,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC,KAAK,CAAC,UAAC,CAAY;;oCAE1G,IAAI,CAAC,YAAY,eAAe,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;wCAC7C,KAAI,CAAC,uBAAuB,GAAG,SAAS,CAAC;qCAC5C;oCACD,MAAM,CAAC,CAAC;iCACX,CAAC,EAAC;yBACN;6BAAM;4BACH,MAAM,gBAAgB,CAAC,iDAAiD,EAAE,CAAC;yBAC9E;qBACJ;yBAAM;wBACH,MAAM,gBAAgB,CAAC,4CAA4C,EAAE,CAAC;qBACzE;iBAEJ;gBAAC,OAAO,CAAC,EAAE;oBACR,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,6BAA6B,EAAE,eAAe,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;oBACtG,eAAe,CAAC,cAAc,CAAC;wBAC3B,SAAS,EAAE,CAAC,YAAY,SAAS,IAAI,CAAC,CAAC,SAAS,IAAI,SAAS;wBAC7D,YAAY,EAAE,CAAC,YAAY,SAAS,IAAI,CAAC,CAAC,QAAQ,IAAI,SAAS;wBAC/D,OAAO,EAAE,KAAK;qBACjB,CAAC,CAAC;oBACH,MAAM,CAAC,CAAC;iBACX;;;;KACJ;;;;;;IAOa,mDAAuB,GAArC,UAAsC,OAAiC;;;;;;wBACnE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;wBACrE,oBAAoB,GAAG,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;wBAC1D,qBAAM,oBAAoB,CAAC,YAAY,CAAC,OAAO,CAAC,EAAA;;wBAApE,iBAAiB,GAAG,SAAgD;wBAC1E,sBAAO,iBAAiB,EAAC;;;;KAC5B;;;;;;;;IASe,iDAAqB,GAArC,UACI,iBAAoC,EACpC,aAAsC,EACtC,aAA4B;;;gBAE5B,QAAO,aAAa,CAAC,iBAAiB;oBAClC,KAAK,iBAAiB,CAAC,OAAO,CAAC;oBAC/B,KAAK,iBAAiB,CAAC,WAAW,CAAC;oBACnC,KAAK,iBAAiB,CAAC,0BAA0B;wBAC7C,sBAAO,iBAAiB,CAAC,YAAY,CAAC,aAAa,CAAC,EAAC;oBACzD;wBACI,MAAM,eAAe,CAAC,0BAA0B,EAAE,CAAC;iBAC1D;;;;KACJ;;;;;;;IAQe,sDAA0B,GAA1C,UACI,aAAsC,EACtC,aAA4B;;;;gBAE5B,QAAO,aAAa,CAAC,iBAAiB;oBAClC,KAAK,iBAAiB,CAAC,OAAO,CAAC;oBAC/B,KAAK,iBAAiB,CAAC,0BAA0B,CAAC;oBAClD,KAAK,iBAAiB,CAAC,YAAY,CAAC;oBACpC,KAAK,iBAAiB,CAAC,sBAAsB;wBACnC,mBAAmB,GAAG,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;wBACxF,sBAAO,mBAAmB,CAAC,YAAY,CAAC,aAAa,CAAC,EAAC;oBAC3D;wBACI,MAAM,eAAe,CAAC,0BAA0B,EAAE,CAAC;iBAC1D;;;;KACJ;;;;;;IAOe,sDAA0B,GAA1C,UACI,OAAgC;;;;gBAE1B,kBAAkB,GAAG,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;gBAChF,sBAAO,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,EAAC;;;KACnD;;;;;;;;IAWK,kCAAM,GAAZ,UAAa,aAAiC;;;;gBACpC,aAAa,GAAG,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;gBAClE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,kGAAkG,EAAE,aAAa,CAAC,CAAC;gBACvI,sBAAO,IAAI,CAAC,cAAc,YACtB,aAAa,eAAA,IACV,aAAa,EAClB,EAAC;;;KACN;;;;;;IAOK,0CAAc,GAApB,UAAqB,aAAiC;;;;gBAC5C,aAAa,GAAG,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;gBAClE,IAAI,CAAC,gCAAgC,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;gBAE1D,cAAc,GAAG,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAC;gBAChE,sBAAO,cAAc,CAAC,MAAM,CAAC,aAAa,CAAC,EAAC;;;KAC/C;;;;;IAMD,uCAAW,GAAX,UAAY,aAAsC;QAC9C,IAAI;YACA,IAAM,aAAa,GAAG,IAAI,CAAC,uBAAuB,CAAC,aAAa,CAAC,CAAC;YAClE,IAAI,CAAC,gCAAgC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;YAC7D,IAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,CAAC;YAC1D,OAAO,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;SAC5C;QAAC,OAAO,CAAC,EAAE;;YAER,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;SAC5B;KACJ;;;;;;;;;IAYD,0CAAc,GAAd;QACI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC,oBAAoB,GAAG,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,GAAG,EAAE,CAAC;KAChF;;;;;;;;;IAUD,gDAAoB,GAApB,UAAqB,QAAgB;QACjC,IAAM,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,WAAW,IAAI,WAAW,CAAC,MAAM,EAAE;YACrE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,4CAA4C,CAAC,CAAC;YAClE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,qDAAmD,QAAU,CAAC,CAAC;YACtF,OAAO,WAAW,CAAC,MAAM,CAAC,UAAA,UAAU,IAAI,OAAA,UAAU,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,QAAQ,CAAC,WAAW,EAAE,GAAA,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;SACpH;aAAM;YACH,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,iEAAiE,CAAC,CAAC;YACvF,OAAO,IAAI,CAAC;SACf;KACJ;;;;;;;;IASD,8CAAkB,GAAlB,UAAmB,aAAqB;QACpC,IAAM,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,WAAW,IAAI,WAAW,CAAC,MAAM,EAAE;YAC1E,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,iDAAiD,CAAC,CAAC;YACvE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,0DAAwD,aAAe,CAAC,CAAC;YAChG,OAAO,WAAW,CAAC,MAAM,CAAC,UAAA,UAAU,IAAI,OAAA,UAAU,CAAC,aAAa,KAAK,aAAa,GAAA,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;SAClG;aAAM;YACH,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,+DAA+D,CAAC,CAAC;YACrF,OAAO,IAAI,CAAC;SACf;KACJ;;;;;;;;IASD,+CAAmB,GAAnB,UAAoB,cAAsB;QACtC,IAAM,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,WAAW,IAAI,WAAW,CAAC,MAAM,EAAE;YAC3E,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,kDAAkD,CAAC,CAAC;YACxE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,2DAAyD,cAAgB,CAAC,CAAC;YAClG,OAAO,WAAW,CAAC,MAAM,CAAC,UAAA,UAAU,IAAI,OAAA,UAAU,CAAC,cAAc,KAAK,cAAc,GAAA,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;SACpG;aAAM;YACH,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,gEAAgE,CAAC,CAAC;YACtF,OAAO,IAAI,CAAC;SACf;KACJ;;;;;IAMD,4CAAgB,GAAhB,UAAiB,OAA2B;QACxC,IAAI,CAAC,cAAc,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;KACjD;;;;IAKD,4CAAgB,GAAhB;QACI,OAAO,IAAI,CAAC,cAAc,CAAC,gBAAgB,EAAE,CAAC;KACjD;;;;;;;;;;IAaS,4DAAgC,GAA1C,UAA2C,eAAgC,EAAE,wBAAwC;QAAxC,yCAAA,EAAA,+BAAwC;QACjH,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,0CAA0C,CAAC,CAAC;;QAEhE,YAAY,CAAC,0BAA0B,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;;QAGnE,YAAY,CAAC,qBAAqB,CAAC,eAAe,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;;QAG9F,YAAY,CAAC,0BAA0B,EAAE,CAAC;;QAG1C,YAAY,CAAC,yBAAyB,EAAE,CAAC;;QAGzC,YAAY,CAAC,wCAAwC,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,iBAAiB,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;;QAG9G,IAAI,eAAe,KAAK,eAAe,CAAC,QAAQ;YAC5C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,aAAa,KAAK,oBAAoB,CAAC,aAAa;YACtE,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,EAAE;YAC3C,MAAM,6BAA6B,CAAC,sCAAsC,EAAE,CAAC;SAChF;QAED,IAAI,eAAe,KAAK,eAAe,CAAC,QAAQ,IAAI,eAAe,KAAK,eAAe,CAAC,KAAK,EAAE;YAC3F,IAAI,CAAC,2BAA2B,CAAC,wBAAwB,CAAC,CAAC;SAC9D;KACJ;;;;;;;IAQS,uDAA2B,GAArC,UAAsC,wBAAiC;QACnE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,gEAAgE,CAAC,CAAC;;QAEtF,YAAY,CAAC,0BAA0B,EAAE,CAAC;;QAG1C,IAAI,wBAAwB,EAAE;YAC1B,IAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;SACtD;KACJ;;;;;IAMe,8CAAkB,GAAlC,UAAmC,OAAwD,EAAE,KAAY,EAAE,SAAkB;;;;gBACzH,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;gBAC/C,IAAI,CAAC,IAAI,CAAC,uBAAuB,EAAE;oBAC/B,MAAM,gBAAgB,CAAC,yCAAyC,EAAE,CAAC;iBACtE;gBAEK,YAAY,GAAG,IAAI,uBAAuB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,gBAAgB,EAAE,KAAK,EAAE,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,uBAAuB,EAAE,SAAS,IAAI,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,qBAAqB,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;gBAE7T,sBAAO,YAAY,CAAC,YAAY,CAAC,OAAO,CAAC,EAAC;;;KAC7C;;;;;IAMS,wCAAY,GAAtB,UAAuB,OAA0D,EAAE,SAAkB;QACjG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,IAAI,CAAC,oBAAoB,CAAC,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,uBAAuB,EAAE,OAAO,CAAC,oBAAoB,CAAC,EAAE;YAC/H,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;YACrF,OAAO,KAAK,CAAC;SAChB;QAED,IAAI,OAAO,CAAC,MAAM,EAAE;YAChB,QAAQ,OAAO,CAAC,MAAM;gBAClB,KAAK,WAAW,CAAC,IAAI,CAAC;gBACtB,KAAK,WAAW,CAAC,OAAO,CAAC;gBACzB,KAAK,WAAW,CAAC,KAAK;oBAClB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;oBACzE,MAAM;gBACV;oBACI,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA0B,OAAO,CAAC,MAAM,yDAAsD,CAAC,CAAC;oBAClH,OAAO,KAAK,CAAC;aACpB;SACJ;QAED,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,EAAE;YACjD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;YACrF,OAAO,KAAK,CAAC;SAChB;QAED,OAAO,IAAI,CAAC;KACf;;;;;;IAOS,8CAAkB,GAA5B,UAA6B,OAA0D;QACnF,IAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,cAAc,CAAC,qBAAqB,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAExI,OAAO,OAAO,IAAI,OAAO,CAAC,eAAe,IAAI,EAAE,CAAC;KACnD;;;;;IAMS,6CAAiB,GAA3B,UAA4B,aAAsB;QAC9C,OAAO,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,qBAAqB,EAAE,IAAI,CAAC,uBAAuB,EAAE,aAAa,CAAC,CAAC;KACxO;;;;;IAMS,gDAAoB,GAA9B,UAA+B,aAAsB;QACjD,OAAO,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,qBAAqB,EAAE,IAAI,CAAC,uBAAuB,EAAE,aAAa,CAAC,CAAC;KAC3O;;;;;IAMS,oDAAwB,GAAlC,UAAmC,aAAsB;QACrD,OAAO,IAAI,kBAAkB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,gBAAgB,EAAE,KAAK,CAAC,SAAS,EAAE,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,qBAAqB,EAAE,IAAI,CAAC,uBAAuB,EAAE,aAAa,CAAC,CAAC;KAChQ;;;;IAKS,mDAAuB,GAAjC,UAAkC,aAAsB;QACpD,OAAO,IAAI,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,uBAAuB,EAAE,aAAa,CAAC,CAAC;KAClN;;;;IAKS,qDAAyB,GAAnC,UAAoC,aAAsB;QACtD,OAAO,IAAI,mBAAmB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,uBAAuB,EAAE,aAAa,CAAC,CAAC;KACpN;;;;IAKS,sDAA0B,GAApC,UAAqC,aAAsB;QACvD,OAAO,IAAI,oBAAoB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,gBAAgB,EAAE,KAAK,CAAC,kBAAkB,EAAE,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,uBAAuB,EAAE,aAAa,CAAC,CAAC;KAC/O;;;;;IAMD,4CAAgB,GAAhB,UAAiB,QAA+B;QAC5C,OAAO,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;KACvD;;;;;IAMD,+CAAmB,GAAnB,UAAoB,UAAkB;QAClC,IAAI,CAAC,YAAY,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;KACrD;;;;;;;IAQD,kDAAsB,GAAtB,UAAuB,QAAqC;QACxD,OAAO,IAAI,CAAC,iBAAiB,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;KAClE;;;;;;;IAQD,qDAAyB,GAAzB,UAA0B,UAAkB;QACxC,OAAO,IAAI,CAAC,iBAAiB,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAC;KACvE;;;;IAKD,sDAA0B,GAA1B;QACI,IAAI,CAAC,YAAY,CAAC,0BAA0B,EAAE,CAAC;KAClD;;;;IAKD,uDAA2B,GAA3B;QACI,IAAI,CAAC,YAAY,CAAC,2BAA2B,EAAE,CAAC;KACnD;;;;IAKD,yCAAa,GAAb;QACI,OAAO,IAAI,CAAC,UAAU,CAAC;KAC1B;;;;IAKD,qCAAS,GAAT;QACI,OAAO,IAAI,CAAC,MAAM,CAAC;KACtB;;;;;IAMD,qCAAS,GAAT,UAAU,MAAc;QACpB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;KACxB;;;;;;IAOD,oDAAwB,GAAxB,UAAyB,GAAe,EAAE,OAAe;;QAErD,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;KACxD;;;;;IAMD,+CAAmB,GAAnB,UAAoB,gBAAmC;QACnD,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;KAC5C;;;;IAKD,4CAAgB,GAAhB;QACI,OAAO,IAAI,CAAC,MAAM,CAAC;KACtB;;;;;;;;IASS,mDAAuB,GAAjC,UAAkC,OAAkC;QAChE,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,EAAE;YACxB,OAAO,OAAO,CAAC,aAAa,CAAC;SAChC;QAED,IAAI,IAAI,CAAC,oBAAoB,EAAE;YAC3B,OAAO,IAAI,CAAC,aAAa,CAAC,aAAa,EAAE,CAAC;SAC7C;;;;;QAMD,OAAO,SAAS,CAAC,YAAY,CAAC;KACjC;IAGL,wBAAC;AAAD,CAAC;;;;"}
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* The PublicClientApplication class is the object exposed by the library to perform authentication and authorization functions in Single Page Applications
* to obtain JWT tokens as described in the OAuth 2.0 Authorization Code Flow with PKCE specification.
* Constructor for the PublicClientApplication used to instantiate the PublicClientApplication object
*
* Important attributes in the Configuration object for auth are:
* - clientID: the application ID of your application. You can obtain one by registering your application with our Application registration portal : https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredAppsPreview
* - authority: the authority URL for your application.
* - redirect_uri: the uri of your application registered in the portal.
*
* In Azure AD, authority is a URL indicating the Azure active directory that MSAL uses to obtain tokens.
* It is of the form https://login.microsoftonline.com/{Enter_the_Tenant_Info_Here}
* If your application supports Accounts in one organizational directory, replace "Enter_the_Tenant_Info_Here" value with the Tenant Id or Tenant name (for example, contoso.microsoft.com).
* If your application supports Accounts in any organizational directory, replace "Enter_the_Tenant_Info_Here" value with organizations.
* If your application supports Accounts in any organizational directory and personal Microsoft accounts, replace "Enter_the_Tenant_Info_Here" value with common.
* To restrict support to Personal Microsoft accounts only, replace "Enter_the_Tenant_Info_Here" value with consumers.
*
* In Azure B2C, authority is of the form https://{instance}/tfp/{tenant}/{policyName}/
* Full B2C functionality will be available in this library in future versions.
*
* @param configuration object for the MSAL PublicClientApplication instance
*/
functionPublicClientApplication(configuration){
var_this=_super.call(this,configuration)||this;
_this.activeSilentTokenRequests=newMap();
return_this;
}
/**
* Use when initiating the login process by redirecting the user's browser to the authorization endpoint. This function redirects the page, so
* any code that follows this function will not execute.
*
* IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current
* browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
* Silently acquire an access token for a given set of scopes. Returns currently processing promise if parallel requests are made.
*
* @param {@link (SilentRequest:type)}
* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call",correlationId);
atsMeasurement.endMeasurement({
success:true
});
// Discard measurements for memoized calls, as they are usually only a couple of ms and will artificially deflate metrics
atsMeasurement.discardMeasurement();
return[2/*return*/,cachedResponse];
}
});
});
};
/**
* Silently acquire an access token for a given set of scopes. Will use cached token if available, otherwise will attempt to acquire a new token from the network via refresh token.
* @param {@link (SilentRequest:type)}
* @param {@link (AccountInfo:type)}
* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse}
{"version":3,"file":"PublicClientApplication.js","sources":["../../src/app/PublicClientApplication.ts"],"sourcesContent":["/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport { AccountInfo, AuthenticationResult, Constants, RequestThumbprint, AuthError, PerformanceEvents, ServerError, InteractionRequiredAuthError } from \"@azure/msal-common\";\nimport { Configuration } from \"../config/Configuration\";\nimport { DEFAULT_REQUEST, InteractionType, ApiId, CacheLookupPolicy, BrowserConstants } from \"../utils/BrowserConstants\";\nimport { IPublicClientApplication } from \"./IPublicClientApplication\";\nimport { RedirectRequest } from \"../request/RedirectRequest\";\nimport { PopupRequest } from \"../request/PopupRequest\";\nimport { ClientApplication } from \"./ClientApplication\";\nimport { SilentRequest } from \"../request/SilentRequest\";\nimport { EventType } from \"../event/EventType\";\nimport { BrowserAuthError } from \"../error/BrowserAuthError\";\nimport { NativeAuthError } from \"../error/NativeAuthError\";\nimport { NativeMessageHandler } from \"../broker/nativeBroker/NativeMessageHandler\";\nimport { BrowserUtils } from \"../utils/BrowserUtils\";\n\n/**\n * The PublicClientApplication class is the object exposed by the library to perform authentication and authorization functions in Single Page Applications\n * to obtain JWT tokens as described in the OAuth 2.0 Authorization Code Flow with PKCE specification.\n */\nexport class PublicClientApplication extends ClientApplication implements IPublicClientApplication {\n\n // Active requests\n private activeSilentTokenRequests: Map<string, Promise<AuthenticationResult>>;\n\n /**\n * @constructor\n * Constructor for the PublicClientApplication used to instantiate the PublicClientApplication object\n *\n * Important attributes in the Configuration object for auth are:\n * - clientID: the application ID of your application. You can obtain one by registering your application with our Application registration portal : https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredAppsPreview\n * - authority: the authority URL for your application.\n * - redirect_uri: the uri of your application registered in the portal.\n *\n * In Azure AD, authority is a URL indicating the Azure active directory that MSAL uses to obtain tokens.\n * It is of the form https://login.microsoftonline.com/{Enter_the_Tenant_Info_Here}\n * If your application supports Accounts in one organizational directory, replace \"Enter_the_Tenant_Info_Here\" value with the Tenant Id or Tenant name (for example, contoso.microsoft.com).\n * If your application supports Accounts in any organizational directory, replace \"Enter_the_Tenant_Info_Here\" value with organizations.\n * If your application supports Accounts in any organizational directory and personal Microsoft accounts, replace \"Enter_the_Tenant_Info_Here\" value with common.\n * To restrict support to Personal Microsoft accounts only, replace \"Enter_the_Tenant_Info_Here\" value with consumers.\n *\n * In Azure B2C, authority is of the form https://{instance}/tfp/{tenant}/{policyName}/\n * Full B2C functionality will be available in this library in future versions.\n *\n * @param configuration object for the MSAL PublicClientApplication instance\n */\n constructor(configuration: Configuration) {\n super(configuration);\n\n this.activeSilentTokenRequests = new Map();\n }\n\n /**\n * Use when initiating the login process by redirecting the user's browser to the authorization endpoint. This function redirects the page, so\n * any code that follows this function will not execute.\n *\n * IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current\n * browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.\n *\n * @param request\n */\n async loginRedirect(request?: RedirectRequest): Promise<void> {\n const correlationId: string = this.getRequestCorrelationId(request);\n this.logger.verbose(\"loginRedirect called\", correlationId);\n return this.acquireTokenRedirect({\n correlationId,\n ...(request || DEFAULT_REQUEST)\n });\n }\n\n /**\n * Use when initiating the login process via opening a popup window in the user's browser\n *\n * @param request\n *\n * @returns A promise that is fulfilled when this function has completed, or rejected if an error was raised.\n */\n loginPopup(request?: PopupRequest): Promise<AuthenticationResult> {\n const correlationId: string = this.getRequestCorrelationId(request);\n this.logger.verbose(\"loginPopup called\", correlationId);\n return this.acquireTokenPopup({\n correlationId,\n ...(request || DEFAULT_REQUEST)\n });\n }\n\n /**\n * Silently acquire an access token for a given set of scopes. Returns currently processing promise if parallel requests are made.\n *\n * @param {@link (SilentRequest:type)}\n * @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object\n */\n async acquireTokenSilent(request: SilentRequest): Promise<AuthenticationResult> {\n const correlationId = this.getRequestCorrelationId(request);\n const atsMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenSilent, correlationId);\n atsMeasurement.addStaticFields({\n cacheLookupPolicy: request.cacheLookupPolicy\n });\n \n this.preflightBrowserEnvironmentCheck(InteractionType.Silent);\n this.logger.verbose(\"acquireTokenSilent called\", correlationId);\n\n const account = request.account || this.getActiveAccount();\n if (!account) {\n throw BrowserAuthError.createNoAccountError();\n }\n\n const thumbprint: RequestThumbprint = {\n clientId: this.config.auth.clientId,\n authority: request.authority || Constants.EMPTY_STRING,\n scopes: request.scopes,\n homeAccountIdentifier: account.homeAccountId,\n claims: request.claims,\n authenticationScheme: request.authenticationScheme,\n resourceRequestMethod: request.resourceRequestMethod,\n resourceRequestUri: request.resourceRequestUri,\n shrClaims: request.shrClaims,\n sshKid: request.sshKid\n };\n const silentRequestKey = JSON.stringify(thumbprint);\n\n const cachedResponse = this.activeSilentTokenRequests.get(silentRequestKey);\n if (typeof cachedResponse === \"undefined\") {\n this.logger.verbose(\"acquireTokenSilent called for the first time, storing active request\", correlationId);\n\n const response = this.acquireTokenSilentAsync({\n ...request,\n correlationId\n }, account)\n .then((result) => {\n this.activeSilentTokenRequests.delete(silentRequestKey);\n atsMeasurement.addStaticFields({\n accessTokenSize: result.accessToken.length,\n idTokenSize: result.idToken.length\n });\n atsMeasurement.endMeasurement({\n success: true,\n fromCache: result.fromCache,\n isNativeBroker: result.fromNativeBroker,\n requestId: result.requestId\n });\n atsMeasurement.flushMeasurement();\n return result;\n })\n .catch((error: AuthError) => {\n this.activeSilentTokenRequests.delete(silentRequestKey);\n atsMeasurement.endMeasurement({\n errorCode: error.errorCode,\n subErrorCode: error.subError,\n success: false\n });\n atsMeasurement.flushMeasurement();\n throw error;\n });\n this.activeSilentTokenRequests.set(silentRequestKey, response);\n return response;\n } else {\n this.logger.verbose(\"acquireTokenSilent has been called previously, returning the result from the first call\", correlationId);\n atsMeasurement.endMeasurement({\n success: true\n });\n // Discard measurements for memoized calls, as they are usually only a couple of ms and will artificially deflate metrics\n atsMeasurement.discardMeasurement();\n return cachedResponse;\n }\n }\n\n /**\n * Silently acquire an access token for a given set of scopes. Will use cached token if available, otherwise will attempt to acquire a new token from the network via refresh token.\n * @param {@link (SilentRequest:type)}\n * @param {@link (AccountInfo:type)}\n * @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} \n */\n protected async acquireTokenSilentAsync(request: SilentRequest, account: AccountInfo): Promise<AuthenticationResult>{\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_START, InteractionType.Silent, request);\n const astsAsyncMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenSilentAsync, request.correlationId);\n\n let result: Promise<AuthenticationResult>;\n if (NativeMessageHandler.isNativeAvailable(this.config, this.logger, this.nativeExtensionProvider, request.authenticationScheme) && account.nativeAccountId) {\n this.logger.verbose(\"acquireTokenSilent - attempting to acquire token from native platform\");\n const silentRequest: SilentRequest = {\n ...request,\n account\n };\n result = this.acquireTokenNative(silentRequest, ApiId.acquireTokenSilent_silentFlow).catch(async (e: AuthError) => {\n // If native token acquisition fails for availability reasons fallback to web flow\n if (e instanceof NativeAuthError && e.isFatal()) {\n this.logger.verbose(\"acquireTokenSilent - native platform unavailable, falling back to web flow\");\n this.nativeExtensionProvider = undefined; // Prevent future requests from continuing to attempt \n\n // Cache will not contain tokens, given that previous WAM requests succeeded. Skip cache and RT renewal and go straight to iframe renewal\n const silentIframeClient = this.createSilentIframeClient(request.correlationId);\n return silentIframeClient.acquireToken(request);\n }\n throw e;\n }); \n } else {\n this.logger.verbose(\"acquireTokenSilent - attempting to acquire token from web flow\");\n\n const silentCacheClient = this.createSilentCacheClient(request.correlationId);\n const silentRequest = await silentCacheClient.initializeSilentRequest(request, account);\n \n const requestWithCLP = {\n ...request,\n // set the request's CacheLookupPolicy to Default if it was not optionally passed in\n cacheLookupPolicy: request.cacheLookupPolicy || CacheLookupPolicy.Default\n };\n\n result = this.acquireTokenFromCache(silentCacheClient, silentRequest, requestWithCLP).catch((cacheError: AuthError) => {\n if (requestWithCLP.cacheLookupPolicy === CacheLookupPolicy.AccessToken) {\n throw cacheError;\n }\n\n // block the reload if it occurred inside a hidden iframe\n BrowserUtils.blockReloadInHiddenIframes();\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_NETWORK_START, InteractionType.Silent, silentRequest);\n\n return this.acquireTokenByRefreshToken(silentRequest, requestWithCLP).catch((refreshTokenError: AuthError) => {\n const isServerError = refreshTokenError instanceof ServerError;\n const isInteractionRequiredError = refreshTokenError instanceof InteractionRequiredAuthError;\n const isInvalidGrantError = (refreshTokenError.errorCode === BrowserConstants.INVALID_GRANT_ERROR);\n\n if ((!isServerError ||\n !isInvalidGrantError ||\n isInteractionRequiredError ||\n requestWithCLP.cacheLookupPolicy === CacheLookupPolicy.AccessTokenAndRefreshToken ||\n requestWithCLP.cacheLookupPolicy === CacheLookupPolicy.RefreshToken)\n && (requestWithCLP.cacheLookupPolicy !== CacheLookupPolicy.Skip)\n ) {\n throw refreshTokenError;\n }\n \n this.logger.verbose(\"Refresh token expired/invalid or CacheLookupPolicy is set to Skip, attempting acquire token by iframe.\", request.correlationId);\n return this.acquireTokenBySilentIframe(silentRequest);\n });\n });\n }\n\n return result.then((response) => {\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_SUCCESS, InteractionType.Silent, response);\n astsAsyncMeasurement.endMeasurement({\n success: true,\n fromCache: response.fromCache,\n isNativeBroker: response.fromNativeBroker,\n requestId: response.requestId\n });\n return response;\n }).catch((tokenRenewalError: AuthError) => {\n this.eventHandler.emitEvent(EventType.ACQUIRE_TOKEN_FAILURE, InteractionType.Silent, null, tokenRenewalError);\n astsAsyncMeasurement.endMeasurement({\n errorCode: tokenRenewalError.errorCode,\n subErrorCode: tokenRenewalError.subError,\n success: false\n });\n throw tokenRenewalError;\n });\n }\n}\n"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;;AAmBA;;;;;IAI6C,2CAAiB;;;;;;;;;;;;;;;;;;;;;;IA0B1D,iCAAY,aAA4B;QAAxC,YACI,kBAAM,aAAa,CAAC,SAGvB;QADG,KAAI,CAAC,yBAAyB,GAAG,IAAI,GAAG,EAAE,CAAC;;KAC9C;;;;;;;;;;IAWK,+CAAa,GAAnB,UAAoB,OAAyB;;;;gBACnC,aAAa,GAAW,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;gBACpE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,sBAAsB,EAAE,aAAa,CAAC,CAAC;gBAC3D,sBAAO,IAAI,CAAC,oBAAoB,YAC5B,aAAa,eAAA,KACT,OAAO,IAAI,eAAe,GAChC,EAAC;;;KACN;;;;;;;;IASD,4CAAU,GAAV,UAAW,OAAsB;QAC7B,IAAM,aAAa,GAAW,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;QACpE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,mBAAmB,EAAE,aAAa,CAAC,CAAC;QACxD,OAAO,IAAI,CAAC,iBAAiB,YACzB,aAAa,eAAA,KACT,OAAO,IAAI,eAAe,GAChC,CAAC;KACN;;;;;;;IAQK,oDAAkB,GAAxB,UAAyB,OAAsB;;;;;gBACrC,aAAa,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;gBACtD,cAAc,GAAG,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,kBAAkB,EAAE,aAAa,CAAC,CAAC;gBACpH,cAAc,CAAC,eAAe,CAAC;oBAC3B,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;iBAC/C,CAAC,CAAC;gBAEH,IAAI,CAAC,gCAAgC,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;gBAC9D,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,2BAA2B,EAAE,aAAa,CAAC,CAAC;gBAE1D,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBAC3D,IAAI,CAAC,OAAO,EAAE;oBACV,MAAM,gBAAgB,CAAC,oBAAoB,EAAE,CAAC;iBACjD;gBAEK,UAAU,GAAsB;oBAClC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ;oBACnC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,SAAS,CAAC,YAAY;oBACtD,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,qBAAqB,EAAE,OAAO,CAAC,aAAa;oBAC5C,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,qBAAqB,EAAE,OAAO,CAAC,qBAAqB;oBACpD,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;oBAC9C,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,MAAM,EAAE,OAAO,CAAC,MAAM;iBACzB,CAAC;gBACI,gBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;gBAE9C,cAAc,GAAG,IAAI,CAAC,yBAAyB,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;gBAC5E,IAAI,OAAO,cAAc,KAAK,WAAW,EAAE;oBACvC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,sEAAsE,EAAE,aAAa,CAAC,CAAC;oBAErG,QAAQ,GAAG,IAAI,CAAC,uBAAuB,uBACtC,OAAO,KACV,aAAa,eAAA,KACd,OAAO,CAAC;yBACN,IAAI,CAAC,UAAC,MAAM;wBACT,KAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;wBACxD,cAAc,CAAC,eAAe,CAAC;4BAC3B,eAAe,EAAE,MAAM,CAAC,WAAW,CAAC,MAAM;4BAC1C,WAAW,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM;yBACrC,CAAC,CAAC;wBACH,cAAc,CAAC,cAAc,CAAC;4BAC1B,OAAO,EAAE,IAAI;4BACb,SAAS,EAAE,MAAM,CAAC,SAAS;4BAC3B,cAAc,EAAE,MAAM,CAAC,gBAAgB;4BACvC,SAAS,EAAE,MAAM,CAAC,SAAS;yBAC9B,CAAC,CAAC;wBACH,cAAc,CAAC,gBAAgB,EAAE,CAAC;wBAClC,OAAO,MAAM,CAAC;qBACjB,CAAC;yBACD,KAAK,CAAC,UAAC,KAAgB;wBACpB,KAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;wBACxD,cAAc,CAAC,cAAc,CAAC;4BAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;4BAC1B,YAAY,EAAE,KAAK,CAAC,QAAQ;4BAC5B,OAAO,EAAE,KAAK;yBACjB,CAAC,CAAC;wBACH,cAAc,CAAC,gBAAgB,EAAE,CAAC;wBAClC,MAAM,KAAK,CAAC;qBACf,CAAC,CAAC;oBACP,IAAI,CAAC,yBAAyB,CAAC,GAAG,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAC;oBAC/D,sBAAO,QAAQ,EAAC;iBACnB;qBAAM;oBACH,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,yFAAyF,EAAE,aAAa,CAAC,CAAC;oBAC9H,cAAc,CAAC,cAAc,CAAC;wBAC1B,OAAO,EAAE,IAAI;qBAChB,CAAC,CAAC;;oBAEH,cAAc,CAAC,kBAAkB,EAAE,CAAC;oBACpC,sBAAO,cAAc,EAAC;iBACzB;;;KACJ;;;;;;;IAQe,yDAAuB,GAAvC,UAAwC,OAAsB,EAAE,OAAoB;;;;;;;wBAChF,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,mBAAmB,EAAE,eAAe,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;wBACtF,oBAAoB,GAAG,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,uBAAuB,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;8BAGnI,oBAAoB,CAAC,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,uBAAuB,EAAE,OAAO,CAAC,oBAAoB,CAAC,IAAI,OAAO,CAAC,eAAe,CAAA,EAAvJ,wBAAuJ;wBACvJ,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,uEAAuE,CAAC,CAAC;wBACvF,aAAa,yBACZ,OAAO,KACV,OAAO,SAAA,GACV,CAAC;wBACF,MAAM,GAAG,IAAI,CAAC,kBAAkB,CAAC,aAAa,EAAE,KAAK,CAAC,6BAA6B,CAAC,CAAC,KAAK,CAAC,UAAO,CAAY;;;;gCAE1G,IAAI,CAAC,YAAY,eAAe,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;oCAC7C,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,4EAA4E,CAAC,CAAC;oCAClG,IAAI,CAAC,uBAAuB,GAAG,SAAS,CAAC;oCAGnC,kBAAkB,GAAG,IAAI,CAAC,wBAAwB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;oCAChF,sBAAO,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,EAAC;iCACnD;gCACD,MAAM,CAAC,CAAC;;6BACX,CAAC,CAAC;;;wBAEH,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,gEAAgE,CAAC,CAAC;wBAEhF,iBAAiB,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;wBACxD,qBAAM,iBAAiB,CAAC,uBAAuB,CAAC,OAAO,EAAE,OAAO,CAAC,EAAA;;wBAAjF,kBAAgB,SAAiE;wBAEjF,yCACC,OAAO;;4BAEV,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,OAAO,GAC5E,CAAC;wBAEF,MAAM,GAAG,IAAI,CAAC,qBAAqB,CAAC,iBAAiB,EAAE,eAAa,EAAE,gBAAc,CAAC,CAAC,KAAK,CAAC,UAAC,UAAqB;4BAC9G,IAAI,gBAAc,CAAC,iBAAiB,KAAK,iBAAiB,CAAC,WAAW,EAAE;gCACpE,MAAM,UAAU,CAAC;6BACpB;;4BAGD,YAAY,CAAC,0BAA0B,EAAE,CAAC;4BAC1C,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,2BAA2B,EAAE,eAAe,CAAC,MAAM,EAAE,eAAa,CAAC,CAAC;4BAE1G,OAAO,KAAI,CAAC,0BAA0B,CAAC,eAAa,EAAE,gBAAc,CAAC,CAAC,KAAK,CAAC,UAAC,iBAA4B;gCACrG,IAAM,aAAa,GAAG,iBAAiB,YAAY,WAAW,CAAC;gCAC/D,IAAM,0BAA0B,GAAG,iBAAiB,YAAY,4BAA4B,CAAC;gCAC7F,IAAM,mBAAmB,IAAI,iBAAiB,CAAC,SAAS,KAAK,gBAAgB,CAAC,mBAAmB,CAAC,CAAC;gCAEnG,IAAI,CAAC,CAAC,aAAa;oCACf,CAAC,mBAAmB;oCACpB,0BAA0B;oCAC1B,gBAAc,CAAC,iBAAiB,KAAK,iBAAiB,CAAC,0BAA0B;oCACjF,gBAAc,CAAC,iBAAiB,KAAK,iBAAiB,CAAC,YAAY;wCAC/D,gBAAc,CAAC,iBAAiB,KAAK,iBAAiB,CAAC,IAAI,CAAC,EAClE;oCACE,MAAM,iBAAiB,CAAC;iCAC3B;gCAED,KAAI,CAAC,MAAM,CAAC,OAAO,CAAC,wGAAwG,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;gCACrJ,OAAO,KAAI,CAAC,0BAA0B,CAAC,eAAa,CAAC,CAAC;6BACzD,CAAC,CAAC;yBACN,CAAC,CAAC;;4BAGP,sBAAO,MAAM,CAAC,IAAI,CAAC,UAAC,QAAQ;4BACxB,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,qBAAqB,EAAE,eAAe,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;4BAC/F,oBAAoB,CAAC,cAAc,CAAC;gCAChC,OAAO,EAAE,IAAI;gCACb,SAAS,EAAE,QAAQ,CAAC,SAAS;gCAC7B,cAAc,EAAE,QAAQ,CAAC,gBAAgB;gCACzC,SAAS,EAAE,QAAQ,CAAC,SAAS;6BAChC,CAAC,CAAC;4BACH,OAAO,QAAQ,CAAC;yBACnB,CAAC,CAAC,KAAK,CAAC,UAAC,iBAA4B;4BAClC,KAAI,CAAC,YAAY,CAAC,SAAS,CAAC,SAAS,CAAC,qBAAqB,EAAE,eAAe,CAAC,MAAM,EAAE,IAAI,EAAE,iBAAiB,CAAC,CAAC;4BAC9G,oBAAoB,CAAC,cAAc,CAAC;gCAChC,SAAS,EAAE,iBAAiB,CAAC,SAAS;gCACtC,YAAY,EAAE,iBAAiB,CAAC,QAAQ;gCACxC,OAAO,EAAE,KAAK;6BACjB,CAAC,CAAC;4BACH,MAAM,iBAAiB,CAAC;yBAC3B,CAAC,EAAC;;;;KACN;IACL,8BAAC;AAAD,CA7OA,CAA6C,iBAAiB;;;;"}
