diff --git a/.gitignore b/.gitignore index b1d8e28..7a0edd9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,4 @@ node_modules -dist coverage ### VisualStudioCode Patch ### diff --git a/README.md b/README.md index 6d0cdca..bcbc8e1 100644 --- a/README.md +++ b/README.md @@ -1,135 +1,98 @@ -# solid-logic +# solid-logic-jss -[Solid logo] +[![MIT license](https://img.shields.io/github/license/JavaScriptSolidServer/solid-logic-jss)](LICENSE) -[![MIT license](https://img.shields.io/github/license/solidos/solidos)](https://github.com/solidos/solidos/blob/main/LICENSE.md) +**Core Solid logic with minimal solid-oidc authentication (JSS variant)** +A fork of [solid-logic](https://github.com/solidos/solid-logic) that replaces `@inrupt/solid-client-authn-browser` with the minimal [solid-oidc](https://github.com/JavaScriptSolidServer/solid-oidc) library. -Core business logic of SolidOS which can be used for any webapp as well. +## Why This Fork? +| Aspect | solid-logic (original) | solid-logic-jss | +|--------|------------------------|-----------------| +| Auth library | @inrupt/solid-client-authn-browser (~150KB) | solid-oidc (~20KB) | +| Auth code | Compiled/minified | 584 lines, readable | +| Dependencies | Many | Minimal | -# Usage - -## 📦 Install via npm +## Installation ```sh -npm install solid-logic rdflib +npm install solid-logic-jss rdflib ``` -> **Important**: `rdflib` is a peer dependency - you must install it separately. +> **Note**: `rdflib` is a peer dependency. -### Import in your project (ESM/TypeScript) +## Usage ```js -import { solidLogicSingleton, store, authn } from 'solid-logic'; - -// Example usage -console.log('Current user:', authn.currentUser()); -``` - -## 🌐 Use directly in a browser - -Both UMD and ESM bundles externalize rdflib to keep bundle sizes small and avoid version conflicts. +import { solidLogicSingleton, store, authn, authSession } from 'solid-logic-jss' -## Available Files +// Check current user +console.log('Current user:', authn.currentUser()) -| Format | File | Usage | Global Variable | -|--------|------|-------|----------------| -| UMD | `dist/solid-logic.js` | Development | `window.SolidLogic` | -| UMD | `dist/solid-logic.min.js` | Production | `window.SolidLogic` | -| ESM | `dist/solid-logic.esm.js` | Development | Import only | -| ESM | `dist/solid-logic.esm.min.js` | Production | Import only | +// Login +await authSession.login({ + oidcIssuer: 'https://solidcommunity.net', + redirectUrl: window.location.href +}) -### UMD Bundle (Script Tags) - -**⚠️ Important**: Load rdflib **before** solid-logic or you'll get `$rdf is not defined` errors. - -```html - - - - - - - +// Make authenticated requests +const response = await authSession.fetch('https://pod.example/private/data.ttl') ``` -### ESM Bundle (Native Modules) +## Browser Usage (ESM) ```html ``` -### ESM with Import Maps (Recommended) +## API Compatibility -```html - - -``` +- `authSession.info.webId` - Current user's WebID +- `authSession.info.isLoggedIn` - Login status +- `authSession.login(options)` - Initiate login +- `authSession.logout()` - Log out +- `authSession.fetch(url, init)` - Authenticated fetch +- `authSession.handleIncomingRedirect(options)` - Handle OIDC redirect +- `authSession.events.on(event, callback)` - Session events ## Common Exports ```js -import { - solidLogicSingleton, // Complete singleton instance - store, // RDF store - authn, // Authentication logic - authSession, // Authentication session - ACL_LINK, // ACL constants - getSuggestedIssuers, // Identity provider suggestions - createTypeIndexLogic, // Type index functionality - // Error classes - UnauthorizedError, - NotFoundError, - FetchError -} from 'solid-logic'; +import { + solidLogicSingleton, // Complete singleton instance + store, // RDF store + authn, // Authentication logic + authSession, // Authentication session + ACL_LINK, // ACL constants + // Error classes + UnauthorizedError, + NotFoundError, + FetchError +} from 'solid-logic-jss' ``` -# How to develop - -Check the scripts in the `package.json` for build, watch, lint and test. - -# Used stack - -* TypeScript + Babel -* Jest -* ESLint -* Webpack +## Related -# How to release +- [solid-oidc](https://github.com/JavaScriptSolidServer/solid-oidc) - Minimal OIDC client +- [solid-logic](https://github.com/solidos/solid-logic) - Original library +- [JavaScriptSolidServer](https://github.com/JavaScriptSolidServer) - JSS ecosystem -Change version and push directly to main. This will trigger the npm release latest script in CI. +## Credits -# History +- Original [solid-logic](https://github.com/solidos/solid-logic) by SolidOS team +- [solid-oidc](https://github.com/JavaScriptSolidServer/solid-oidc) based on work by [uvdsl](https://github.com/uvdsl) -Solid-logic was a move to separate business logic from UI functionality so that people using different UI frameworks could use logic code. +## License -It was created when the "chat with me" feature was built. We needed to share logic between chat-pane and profile-pane (which was part of solid-panes back then I think) due to that feature. The whole idea of it is to separate core solid logic from UI components, to make logic reusable, e.g. by other UI libraries or even non web apps like CLI tools etc. +MIT diff --git a/dist/acl/aclLogic.d.ts b/dist/acl/aclLogic.d.ts new file mode 100644 index 0000000..04666f4 --- /dev/null +++ b/dist/acl/aclLogic.d.ts @@ -0,0 +1,5 @@ +import { NamedNode } from 'rdflib'; +import { AclLogic } from '../types'; +export declare const ACL_LINK: NamedNode; +export declare function createAclLogic(store: any): AclLogic; +//# sourceMappingURL=aclLogic.d.ts.map \ No newline at end of file diff --git a/dist/acl/aclLogic.d.ts.map b/dist/acl/aclLogic.d.ts.map new file mode 100644 index 0000000..5ef4e7e --- /dev/null +++ b/dist/acl/aclLogic.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"aclLogic.d.ts","sourceRoot":"","sources":["../../src/acl/aclLogic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAS,SAAS,EAA6B,MAAM,QAAQ,CAAA;AACpE,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAA;AAInC,eAAO,MAAM,QAAQ,WAEpB,CAAA;AAED,wBAAgB,cAAc,CAAC,KAAK,KAAA,GAAG,QAAQ,CAiJ9C"} \ No newline at end of file diff --git a/dist/acl/aclLogic.js b/dist/acl/aclLogic.js new file mode 100644 index 0000000..d3d881b --- /dev/null +++ b/dist/acl/aclLogic.js @@ -0,0 +1,117 @@ +import { graph, Namespace, serialize, sym } from 'rdflib'; +import { ns as namespace } from '../util/ns'; +export const ACL_LINK = sym('http://www.iana.org/assignments/link-relations/acl'); +export function createAclLogic(store) { + const ns = namespace; + async function findAclDocUrl(url) { + await store.fetcher.load(url); + const docNode = store.any(url, ACL_LINK); + if (!docNode) { + throw new Error(`No ACL link discovered for ${url}`); + } + return docNode.value; + } + /** + * Simple Access Control + * + * This function sets up a simple default ACL for a resource, with + * RWC for the owner, and a specified access (default none) for the public. + * In all cases owner has read write control. + * Parameter lists modes allowed to public + * + * @param options + * @param options.public eg ['Read', 'Write'] + * + * @returns Resolves with aclDoc uri on successful write + */ + function setACLUserPublic(docURI, me, options) { + const aclDoc = store.any(store.sym(docURI), ACL_LINK); + return Promise.resolve() + .then(() => { + if (aclDoc) { + return aclDoc; + } + return fetchACLRel(docURI).catch(err => { + throw new Error(`Error fetching rel=ACL header for ${docURI}: ${err}`); + }); + }) + .then(aclDoc => { + const aclText = genACLText(docURI, me, aclDoc.uri, options); + if (!store.fetcher) { + throw new Error('Cannot PUT this, store has no fetcher'); + } + return store.fetcher + .webOperation('PUT', aclDoc.uri, { + data: aclText, + contentType: 'text/turtle' + }) + .then(result => { + if (!result.ok) { + throw new Error('Error writing ACL text: ' + result.error); + } + return aclDoc; + }); + }); + } + /** + * @param docURI + * @returns + */ + function fetchACLRel(docURI) { + const fetcher = store.fetcher; + if (!fetcher) { + throw new Error('Cannot fetch ACL rel, store has no fetcher'); + } + return fetcher.load(docURI).then(result => { + if (!result.ok) { + throw new Error('fetchACLRel: While loading:' + result.error); + } + const aclDoc = store.any(store.sym(docURI), ACL_LINK); + if (!aclDoc) { + throw new Error('fetchACLRel: No Link rel=ACL header for ' + docURI); + } + return aclDoc; + }); + } + /** + * @param docURI + * @param me + * @param aclURI + * @param options + * + * @returns Serialized ACL + */ + function genACLText(docURI, me, aclURI, options = {}) { + const optPublic = options.public || []; + const g = graph(); + const auth = Namespace('http://www.w3.org/ns/auth/acl#'); + let a = g.sym(`${aclURI}#a1`); + const acl = g.sym(aclURI); + const doc = g.sym(docURI); + g.add(a, ns.rdf('type'), auth('Authorization'), acl); + g.add(a, auth('accessTo'), doc, acl); + if (options.defaultForNew) { + g.add(a, auth('default'), doc, acl); + } + g.add(a, auth('agent'), me, acl); + g.add(a, auth('mode'), auth('Read'), acl); + g.add(a, auth('mode'), auth('Write'), acl); + g.add(a, auth('mode'), auth('Control'), acl); + if (optPublic.length) { + a = g.sym(`${aclURI}#a2`); + g.add(a, ns.rdf('type'), auth('Authorization'), acl); + g.add(a, auth('accessTo'), doc, acl); + g.add(a, auth('agentClass'), ns.foaf('Agent'), acl); + for (let p = 0; p < optPublic.length; p++) { + g.add(a, auth('mode'), auth(optPublic[p]), acl); // Like 'Read' etc + } + } + return serialize(acl, g, aclURI); + } + return { + findAclDocUrl, + setACLUserPublic, + genACLText + }; +} +//# sourceMappingURL=aclLogic.js.map \ No newline at end of file diff --git a/dist/acl/aclLogic.js.map b/dist/acl/aclLogic.js.map new file mode 100644 index 0000000..ccca0bd --- /dev/null +++ b/dist/acl/aclLogic.js.map @@ -0,0 +1 @@ +{"version":3,"file":"aclLogic.js","sourceRoot":"","sources":["../../src/acl/aclLogic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAa,SAAS,EAAE,SAAS,EAAE,GAAG,EAAE,MAAM,QAAQ,CAAA;AAEpE,OAAO,EAAE,EAAE,IAAI,SAAS,EAAE,MAAM,YAAY,CAAA;AAG5C,MAAM,CAAC,MAAM,QAAQ,GAAG,GAAG,CACvB,oDAAoD,CACvD,CAAA;AAED,MAAM,UAAU,cAAc,CAAC,KAAK;IAEhC,MAAM,EAAE,GAAG,SAAS,CAAA;IAEpB,KAAK,UAAU,aAAa,CAAC,GAAc;QACvC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAC7B,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QACxC,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,EAAE,CAAC,CAAA;QACxD,CAAC;QACD,OAAO,OAAO,CAAC,KAAK,CAAA;IACxB,CAAC;IACD;;;;;;;;;;;;OAYG;IACH,SAAS,gBAAgB,CACzB,MAAc,EACd,EAAa,EACb,OAGC;QAED,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CACpB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EACjB,QAAQ,CACX,CAAA;QAED,OAAO,OAAO,CAAC,OAAO,EAAE;aACnB,IAAI,CAAC,GAAG,EAAE;YACX,IAAI,MAAM,EAAE,CAAC;gBACT,OAAO,MAAmB,CAAA;YAC9B,CAAC;YAED,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;gBACnC,MAAM,IAAI,KAAK,CAAC,qCAAqC,MAAM,KAAK,GAAG,EAAE,CAAC,CAAA;YAC1E,CAAC,CAAC,CAAA;QACF,CAAC,CAAC;aACD,IAAI,CAAC,MAAM,CAAC,EAAE;YACf,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;YAC3D,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAA;YAC5D,CAAC;YACD,OAAO,KAAK,CAAC,OAAO;iBACf,YAAY,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,EAAE;gBACjC,IAAI,EAAE,OAAO;gBACb,WAAW,EAAE,aAAa;aACzB,CAAC;iBACD,IAAI,CAAC,MAAM,CAAC,EAAE;gBACf,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;oBACb,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,MAAM,CAAC,KAAK,CAAC,CAAA;gBAC9D,CAAC;gBAED,OAAO,MAAM,CAAA;YACb,CAAC,CAAC,CAAA;QACN,CAAC,CAAC,CAAA;IACN,CAAC;IAED;;;OAGG;IACH,SAAS,WAAW,CAAE,MAAc;QAChC,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAA;QAC7B,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACtC,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,6BAA6B,GAAI,MAAc,CAAC,KAAK,CAAC,CAAA;YAC1E,CAAC;YAED,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CACxB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EACjB,QAAQ,CACP,CAAA;YAED,IAAI,CAAC,MAAM,EAAE,CAAC;gBACd,MAAM,IAAI,KAAK,CAAC,0CAA0C,GAAG,MAAM,CAAC,CAAA;YACpE,CAAC;YAED,OAAO,MAAmB,CAAA;QAC9B,CAAC,CAAC,CAAA;IACN,CAAC;IAED;;;;;;;OAOG;IACH,SAAS,UAAU,CACnB,MAAc,EACd,EAAa,EACb,MAAc,EACd,UAGQ,EAAE;QAEN,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,IAAI,EAAE,CAAA;QACtC,MAAM,CAAC,GAAG,KAAK,EAAE,CAAA;QACjB,MAAM,IAAI,GAAG,SAAS,CAAC,gCAAgC,CAAC,CAAA;QACxD,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,KAAK,CAAC,CAAA;QAC7B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QACzB,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QACzB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,eAAe,CAAC,EAAE,GAAG,CAAC,CAAA;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;QACpC,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;YACxB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;QACvC,CAAC;QACD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,CAAA;QAChC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,CAAA;QACzC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC,CAAA;QAC1C,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,CAAC,CAAA;QAE5C,IAAI,SAAS,CAAC,MAAM,EAAE,CAAC;YACnB,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,KAAK,CAAC,CAAA;YACzB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,eAAe,CAAC,EAAE,GAAG,CAAC,CAAA;YACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;YACpC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC,CAAA;YACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC5C,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAA,CAAC,kBAAkB;YAClE,CAAC;QACL,CAAC;QACD,OAAO,SAAS,CAAC,GAAG,EAAE,CAAC,EAAE,MAAM,CAAC,CAAA;IACpC,CAAC;IACD,OAAO;QACH,aAAa;QACb,gBAAgB;QAChB,UAAU;KACb,CAAA;AACL,CAAC"} \ No newline at end of file diff --git a/dist/authSession/authSession.d.ts b/dist/authSession/authSession.d.ts new file mode 100644 index 0000000..32a73ba --- /dev/null +++ b/dist/authSession/authSession.d.ts @@ -0,0 +1,3 @@ +import { Session } from './solidOidcAdapter'; +export declare const authSession: Session; +//# sourceMappingURL=authSession.d.ts.map \ No newline at end of file diff --git a/dist/authSession/authSession.d.ts.map b/dist/authSession/authSession.d.ts.map new file mode 100644 index 0000000..08832ee --- /dev/null +++ b/dist/authSession/authSession.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"authSession.d.ts","sourceRoot":"","sources":["../../src/authSession/authSession.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA;AAE5C,eAAO,MAAM,WAAW,SAAgB,CAAA"} \ No newline at end of file diff --git a/dist/authSession/authSession.js b/dist/authSession/authSession.js new file mode 100644 index 0000000..578866c --- /dev/null +++ b/dist/authSession/authSession.js @@ -0,0 +1,3 @@ +import { Session } from './solidOidcAdapter'; +export const authSession = new Session(); +//# sourceMappingURL=authSession.js.map \ No newline at end of file diff --git a/dist/authSession/authSession.js.map b/dist/authSession/authSession.js.map new file mode 100644 index 0000000..98d03ce --- /dev/null +++ b/dist/authSession/authSession.js.map @@ -0,0 +1 @@ +{"version":3,"file":"authSession.js","sourceRoot":"","sources":["../../src/authSession/authSession.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA;AAE5C,MAAM,CAAC,MAAM,WAAW,GAAG,IAAI,OAAO,EAAE,CAAA"} \ No newline at end of file diff --git a/dist/authSession/solidOidcAdapter.d.ts b/dist/authSession/solidOidcAdapter.d.ts new file mode 100644 index 0000000..cb2c04a --- /dev/null +++ b/dist/authSession/solidOidcAdapter.d.ts @@ -0,0 +1,94 @@ +/** + * Adapter to make solid-oidc compatible with @inrupt/solid-client-authn-browser API + * + * This provides a drop-in replacement for the Inrupt Session class using the minimal + * solid-oidc library from JavaScriptSolidServer. + * + * @see https://github.com/JavaScriptSolidServer/solid-oidc + */ +/** + * Event names compatible with @inrupt/solid-client-authn-browser + */ +export declare const EVENTS: { + readonly SESSION_RESTORED: "sessionRestore"; + readonly LOGIN: "login"; + readonly LOGOUT: "logout"; + readonly SESSION_EXPIRED: "sessionExpired"; + readonly ERROR: "error"; +}; +/** + * Callback type for event listeners + */ +type EventCallback = (...args: any[]) => void; +/** + * Simple event emitter for compatibility with Inrupt's session.events API + */ +declare class EventEmitter { + private listeners; + on(event: string, callback: EventCallback): void; + off(event: string, callback: EventCallback): void; + emit(event: string, ...args: unknown[]): void; +} +/** + * Session info interface compatible with Inrupt + */ +export interface SessionInfo { + isLoggedIn: boolean; + webId?: string; + sessionId?: string; + expirationDate?: number; +} +/** + * Options for handleIncomingRedirect + */ +export interface HandleRedirectOptions { + restorePreviousSession?: boolean; + url?: string; +} +/** + * Options for login + */ +export interface LoginOptions { + oidcIssuer: string; + redirectUrl: string; + clientId?: string; + clientName?: string; + tokenType?: string; +} +/** + * Session class that wraps solid-oidc to provide @inrupt/solid-client-authn-browser compatible API + */ +export declare class Session { + private _session; + private _events; + private _sessionId; + constructor(options?: { + clientId?: string; + }); + /** + * Event emitter for session events + */ + get events(): EventEmitter; + /** + * Session information + */ + get info(): SessionInfo; + /** + * Handle incoming redirect from identity provider + */ + handleIncomingRedirect(options?: HandleRedirectOptions | string): Promise; + /** + * Initiate login flow + */ + login(options: LoginOptions): Promise; + /** + * Log out and clear session + */ + logout(): Promise; + /** + * Make authenticated fetch request + */ + fetch(url: RequestInfo | URL, init?: RequestInit): Promise; +} +export default Session; +//# sourceMappingURL=solidOidcAdapter.d.ts.map \ No newline at end of file diff --git a/dist/authSession/solidOidcAdapter.d.ts.map b/dist/authSession/solidOidcAdapter.d.ts.map new file mode 100644 index 0000000..a5460e0 --- /dev/null +++ b/dist/authSession/solidOidcAdapter.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"solidOidcAdapter.d.ts","sourceRoot":"","sources":["../../src/authSession/solidOidcAdapter.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAOH;;GAEG;AACH,eAAO,MAAM,MAAM;;;;;;CAMT,CAAA;AAEV;;GAEG;AACH,KAAK,aAAa,GAAG,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,IAAI,CAAA;AAE7C;;GAEG;AACH,cAAM,YAAY;IAChB,OAAO,CAAC,SAAS,CAA6C;IAE9D,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,GAAG,IAAI;IAOhD,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,GAAG,IAAI;IAIjD,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI;CAG9C;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,OAAO,CAAA;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,cAAc,CAAC,EAAE,MAAM,CAAA;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,sBAAsB,CAAC,EAAE,OAAO,CAAA;IAChC,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,MAAM,CAAA;IAClB,WAAW,EAAE,MAAM,CAAA;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AAED;;GAEG;AACH,qBAAa,OAAO;IAClB,OAAO,CAAC,QAAQ,CAAkB;IAClC,OAAO,CAAC,OAAO,CAAc;IAC7B,OAAO,CAAC,UAAU,CAAQ;gBAEd,OAAO,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE;IAqB3C;;OAEG;IACH,IAAI,MAAM,IAAI,YAAY,CAEzB;IAED;;OAEG;IACH,IAAI,IAAI,IAAI,WAAW,CAStB;IAED;;OAEG;IACG,sBAAsB,CAAC,OAAO,CAAC,EAAE,qBAAqB,GAAG,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;IA0BxG;;OAEG;IACG,KAAK,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAKjD;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAI7B;;OAEG;IACG,KAAK,CAAC,GAAG,EAAE,WAAW,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;CAG3E;AAED,eAAe,OAAO,CAAA"} \ No newline at end of file diff --git a/dist/authSession/solidOidcAdapter.js b/dist/authSession/solidOidcAdapter.js new file mode 100644 index 0000000..436b729 --- /dev/null +++ b/dist/authSession/solidOidcAdapter.js @@ -0,0 +1,135 @@ +/** + * Adapter to make solid-oidc compatible with @inrupt/solid-client-authn-browser API + * + * This provides a drop-in replacement for the Inrupt Session class using the minimal + * solid-oidc library from JavaScriptSolidServer. + * + * @see https://github.com/JavaScriptSolidServer/solid-oidc + */ +import { Session as SolidOidcSession, SessionDatabase } from 'solid-oidc'; +/** + * Event names compatible with @inrupt/solid-client-authn-browser + */ +export const EVENTS = { + SESSION_RESTORED: 'sessionRestore', + LOGIN: 'login', + LOGOUT: 'logout', + SESSION_EXPIRED: 'sessionExpired', + ERROR: 'error' +}; +/** + * Simple event emitter for compatibility with Inrupt's session.events API + */ +class EventEmitter { + constructor() { + this.listeners = new Map(); + } + on(event, callback) { + if (!this.listeners.has(event)) { + this.listeners.set(event, new Set()); + } + this.listeners.get(event).add(callback); + } + off(event, callback) { + var _a; + (_a = this.listeners.get(event)) === null || _a === void 0 ? void 0 : _a.delete(callback); + } + emit(event, ...args) { + var _a; + (_a = this.listeners.get(event)) === null || _a === void 0 ? void 0 : _a.forEach(cb => cb(...args)); + } +} +/** + * Session class that wraps solid-oidc to provide @inrupt/solid-client-authn-browser compatible API + */ +export class Session { + constructor(options) { + this._session = new SolidOidcSession({ + clientId: options === null || options === void 0 ? void 0 : options.clientId, + database: new SessionDatabase(), + onStateChange: (event) => { + const detail = event.detail; + if (detail === null || detail === void 0 ? void 0 : detail.isActive) { + this._events.emit(EVENTS.LOGIN); + this._events.emit(EVENTS.SESSION_RESTORED, window.location.href); + } + else { + this._events.emit(EVENTS.LOGOUT); + } + }, + onExpiration: () => { + this._events.emit(EVENTS.SESSION_EXPIRED); + } + }); + this._events = new EventEmitter(); + this._sessionId = crypto.randomUUID(); + } + /** + * Event emitter for session events + */ + get events() { + return this._events; + } + /** + * Session information + */ + get info() { + var _a; + return { + isLoggedIn: this._session.isActive, + webId: (_a = this._session.webId) !== null && _a !== void 0 ? _a : undefined, + sessionId: this._sessionId, + expirationDate: this._session.isActive + ? Date.now() + (this._session.getExpiresIn() * 1000) + : undefined + }; + } + /** + * Handle incoming redirect from identity provider + */ + async handleIncomingRedirect(options) { + // Handle string URL (legacy API) + const opts = typeof options === 'string' + ? { url: options } + : options !== null && options !== void 0 ? options : {}; + try { + // First handle any redirect from login + await this._session.handleRedirectFromLogin(); + // If not logged in and restorePreviousSession is true, try to restore + if (!this._session.isActive && opts.restorePreviousSession !== false) { + try { + await this._session.restore(); + } + catch { + // No session to restore, that's okay + } + } + return this.info; + } + catch (error) { + this._events.emit(EVENTS.ERROR, error); + return undefined; + } + } + /** + * Initiate login flow + */ + async login(options) { + const redirectUrl = options.redirectUrl || window.location.href; + await this._session.login(options.oidcIssuer, redirectUrl); + } + /** + * Log out and clear session + */ + async logout() { + await this._session.logout(); + } + /** + * Make authenticated fetch request + */ + async fetch(url, init) { + return this._session.authFetch(url, init); + } +} +export default Session; +//# sourceMappingURL=solidOidcAdapter.js.map \ No newline at end of file diff --git a/dist/authSession/solidOidcAdapter.js.map b/dist/authSession/solidOidcAdapter.js.map new file mode 100644 index 0000000..c535874 --- /dev/null +++ b/dist/authSession/solidOidcAdapter.js.map @@ -0,0 +1 @@ +{"version":3,"file":"solidOidcAdapter.js","sourceRoot":"","sources":["../../src/authSession/solidOidcAdapter.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EACL,OAAO,IAAI,gBAAgB,EAC3B,eAAe,EAChB,MAAM,YAAY,CAAA;AAEnB;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG;IACpB,gBAAgB,EAAE,gBAAgB;IAClC,KAAK,EAAE,OAAO;IACd,MAAM,EAAE,QAAQ;IAChB,eAAe,EAAE,gBAAgB;IACjC,KAAK,EAAE,OAAO;CACN,CAAA;AAOV;;GAEG;AACH,MAAM,YAAY;IAAlB;QACU,cAAS,GAAoC,IAAI,GAAG,EAAE,CAAA;IAgBhE,CAAC;IAdC,EAAE,CAAC,KAAa,EAAE,QAAuB;QACvC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,GAAG,EAAE,CAAC,CAAA;QACtC,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;IAC1C,CAAC;IAED,GAAG,CAAC,KAAa,EAAE,QAAuB;;QACxC,MAAA,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,MAAM,CAAC,QAAQ,CAAC,CAAA;IAC7C,CAAC;IAED,IAAI,CAAC,KAAa,EAAE,GAAG,IAAe;;QACpC,MAAA,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAA;IACvD,CAAC;CACF;AA+BD;;GAEG;AACH,MAAM,OAAO,OAAO;IAKlB,YAAY,OAA+B;QACzC,IAAI,CAAC,QAAQ,GAAG,IAAI,gBAAgB,CAAC;YACnC,QAAQ,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ;YAC3B,QAAQ,EAAE,IAAI,eAAe,EAAE;YAC/B,aAAa,EAAE,CAAC,KAAK,EAAE,EAAE;gBACvB,MAAM,MAAM,GAAI,KAAqB,CAAC,MAAM,CAAA;gBAC5C,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,QAAQ,EAAE,CAAC;oBACrB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;oBAC/B,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;gBAClE,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;gBAClC,CAAC;YACH,CAAC;YACD,YAAY,EAAE,GAAG,EAAE;gBACjB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAA;YAC3C,CAAC;SACF,CAAC,CAAA;QACF,IAAI,CAAC,OAAO,GAAG,IAAI,YAAY,EAAE,CAAA;QACjC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;IACvC,CAAC;IAED;;OAEG;IACH,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO,CAAA;IACrB,CAAC;IAED;;OAEG;IACH,IAAI,IAAI;;QACN,OAAO;YACL,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ;YAClC,KAAK,EAAE,MAAA,IAAI,CAAC,QAAQ,CAAC,KAAK,mCAAI,SAAS;YACvC,SAAS,EAAE,IAAI,CAAC,UAAU;YAC1B,cAAc,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ;gBACpC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC;gBACpD,CAAC,CAAC,SAAS;SACd,CAAA;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,sBAAsB,CAAC,OAAwC;QACnE,iCAAiC;QACjC,MAAM,IAAI,GAA0B,OAAO,OAAO,KAAK,QAAQ;YAC7D,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE;YAClB,CAAC,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAA;QAEjB,IAAI,CAAC;YACH,uCAAuC;YACvC,MAAM,IAAI,CAAC,QAAQ,CAAC,uBAAuB,EAAE,CAAA;YAE7C,sEAAsE;YACtE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,IAAI,IAAI,CAAC,sBAAsB,KAAK,KAAK,EAAE,CAAC;gBACrE,IAAI,CAAC;oBACH,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAA;gBAC/B,CAAC;gBAAC,MAAM,CAAC;oBACP,qCAAqC;gBACvC,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC,IAAI,CAAA;QAClB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;YACtC,OAAO,SAAS,CAAA;QAClB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,OAAqB;QAC/B,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAA;QAC/D,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,EAAE,WAAW,CAAC,CAAA;IAC5D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAA;IAC9B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,GAAsB,EAAE,IAAkB;QACpD,OAAO,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,GAAa,EAAE,IAAI,CAAC,CAAA;IACrD,CAAC;CACF;AAED,eAAe,OAAO,CAAA"} \ No newline at end of file diff --git a/dist/authn/SolidAuthnLogic.d.ts b/dist/authn/SolidAuthnLogic.d.ts new file mode 100644 index 0000000..03140f9 --- /dev/null +++ b/dist/authn/SolidAuthnLogic.d.ts @@ -0,0 +1,33 @@ +import { NamedNode } from 'rdflib'; +import { Session } from '../authSession/solidOidcAdapter'; +import { AuthenticationContext, AuthnLogic } from '../types'; +export declare class SolidAuthnLogic implements AuthnLogic { + private session; + constructor(solidAuthSession: Session); + get authSession(): Session; + currentUser(): NamedNode | null; + /** + * Retrieves currently logged in webId from either + * defaultTestUser or SolidAuth + * Also activates a session after login + * @param [setUserCallback] Optional callback + * @returns Resolves with webId uri, if no callback provided + */ + checkUser(setUserCallback?: (me: NamedNode | null) => T): Promise; + /** + * Saves `webId` in `context.me` + * @param webId + * @param context + * + * @returns Returns the WebID, after setting it + */ + saveUser(webId: NamedNode | string | null, context?: AuthenticationContext): NamedNode | null; + /** + * @returns {Promise} Resolves with WebID URI or null + */ + webIdFromSession(session?: { + webId?: string; + isLoggedIn: boolean; + }): string | null; +} +//# sourceMappingURL=SolidAuthnLogic.d.ts.map \ No newline at end of file diff --git a/dist/authn/SolidAuthnLogic.d.ts.map b/dist/authn/SolidAuthnLogic.d.ts.map new file mode 100644 index 0000000..be4343d --- /dev/null +++ b/dist/authn/SolidAuthnLogic.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"SolidAuthnLogic.d.ts","sourceRoot":"","sources":["../../src/authn/SolidAuthnLogic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAa,SAAS,EAAO,MAAM,QAAQ,CAAA;AAGlD,OAAO,EAAU,OAAO,EAAE,MAAM,iCAAiC,CAAA;AACjE,OAAO,EAAE,qBAAqB,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAE5D,qBAAa,eAAgB,YAAW,UAAU;IAChD,OAAO,CAAC,OAAO,CAAS;gBAEZ,gBAAgB,EAAE,OAAO;IAKrC,IAAI,WAAW,IAAG,OAAO,CAAwB;IAEjD,WAAW,IAAI,SAAS,GAAG,IAAI;IAW/B;;;;;;OAMG;IACG,SAAS,CAAC,CAAC,EACf,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,SAAS,GAAG,IAAI,KAAK,CAAC,GAC5C,OAAO,CAAC,SAAS,GAAG,CAAC,GAAG,IAAI,CAAC;IA2DhC;;;;;;OAMG;IACH,QAAQ,CACN,KAAK,EAAE,SAAS,GAAG,MAAM,GAAG,IAAI,EAChC,OAAO,CAAC,EAAE,qBAAqB,GAC9B,SAAS,GAAG,IAAI;IAanB;;OAEG;IACH,gBAAgB,CAAE,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,OAAO,CAAA;KAAE,GAAG,MAAM,GAAG,IAAI;CAKpF"} \ No newline at end of file diff --git a/dist/authn/SolidAuthnLogic.js b/dist/authn/SolidAuthnLogic.js new file mode 100644 index 0000000..03975c8 --- /dev/null +++ b/dist/authn/SolidAuthnLogic.js @@ -0,0 +1,109 @@ +import { namedNode, sym } from 'rdflib'; +import { appContext, offlineTestID } from './authUtil'; +import * as debug from '../util/debug'; +import { EVENTS } from '../authSession/solidOidcAdapter'; +export class SolidAuthnLogic { + constructor(solidAuthSession) { + this.session = solidAuthSession; + } + // we created authSession getter because we want to access it as authn.authSession externally + get authSession() { return this.session; } + currentUser() { + const app = appContext(); + if (app.viewingNoAuthPage) { + return sym(app.webId); + } + if (this && this.session && this.session.info && this.session.info.webId && this.session.info.isLoggedIn) { + return sym(this.session.info.webId); + } + return offlineTestID(); // null unless testing + } + /** + * Retrieves currently logged in webId from either + * defaultTestUser or SolidAuth + * Also activates a session after login + * @param [setUserCallback] Optional callback + * @returns Resolves with webId uri, if no callback provided + */ + async checkUser(setUserCallback) { + // Save hash for "restorePreviousSession" + const preLoginRedirectHash = new URL(window.location.href).hash; + if (preLoginRedirectHash) { + window.localStorage.setItem('preLoginRedirectHash', preLoginRedirectHash); + } + this.session.events.on(EVENTS.SESSION_RESTORED, (url) => { + debug.log(`Session restored to ${url}`); + if (document.location.toString() !== url) + history.replaceState(null, '', url); + }); + /** + * Handle a successful authentication redirect + */ + const redirectUrl = new URL(window.location.href); + redirectUrl.hash = ''; + await this.session + .handleIncomingRedirect({ + restorePreviousSession: true, + url: redirectUrl.href + }); + // Check to see if a hash was stored in local storage + const postLoginRedirectHash = window.localStorage.getItem('preLoginRedirectHash'); + if (postLoginRedirectHash) { + const curUrl = new URL(window.location.href); + if (curUrl.hash !== postLoginRedirectHash) { + if (history.pushState) { + // debug.log('Setting window.location.has using pushState') + history.pushState(null, document.title, postLoginRedirectHash); + } + else { + // debug.warn('Setting window.location.has using location.hash') + location.hash = postLoginRedirectHash; + } + curUrl.hash = postLoginRedirectHash; + } + // See https://stackoverflow.com/questions/3870057/how-can-i-update-window-location-hash-without-jumping-the-document + // window.location.href = curUrl.toString()// @@ See https://developer.mozilla.org/en-US/docs/Web/API/Window/location + window.localStorage.setItem('preLoginRedirectHash', ''); + } + // Check to see if already logged in / have the WebID + let me = offlineTestID(); + if (me) { + return Promise.resolve(setUserCallback ? setUserCallback(me) : me); + } + const webId = this.webIdFromSession(this.session.info); + if (webId) { + me = this.saveUser(webId); + } + if (me) { + debug.log(`(Logged in as ${me} by authentication)`); + } + return Promise.resolve(setUserCallback ? setUserCallback(me) : me); + } + /** + * Saves `webId` in `context.me` + * @param webId + * @param context + * + * @returns Returns the WebID, after setting it + */ + saveUser(webId, context) { + let webIdUri; + if (webId) { + webIdUri = (typeof webId === 'string') ? webId : webId.uri; + const me = namedNode(webIdUri); + if (context) { + context.me = me; + } + return me; + } + return null; + } + /** + * @returns {Promise} Resolves with WebID URI or null + */ + webIdFromSession(session) { + const webId = (session === null || session === void 0 ? void 0 : session.webId) && session.isLoggedIn ? session.webId : null; + return webId; + } +} +//# sourceMappingURL=SolidAuthnLogic.js.map \ No newline at end of file diff --git a/dist/authn/SolidAuthnLogic.js.map b/dist/authn/SolidAuthnLogic.js.map new file mode 100644 index 0000000..f673158 --- /dev/null +++ b/dist/authn/SolidAuthnLogic.js.map @@ -0,0 +1 @@ +{"version":3,"file":"SolidAuthnLogic.js","sourceRoot":"","sources":["../../src/authn/SolidAuthnLogic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAa,GAAG,EAAE,MAAM,QAAQ,CAAA;AAClD,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AACtD,OAAO,KAAK,KAAK,MAAM,eAAe,CAAA;AACtC,OAAO,EAAE,MAAM,EAAW,MAAM,iCAAiC,CAAA;AAGjE,MAAM,OAAO,eAAe;IAG1B,YAAY,gBAAyB;QACnC,IAAI,CAAC,OAAO,GAAG,gBAAgB,CAAA;IACjC,CAAC;IAED,6FAA6F;IAC7F,IAAI,WAAW,KAAa,OAAO,IAAI,CAAC,OAAO,CAAA,CAAC,CAAC;IAEjD,WAAW;QACT,MAAM,GAAG,GAAG,UAAU,EAAE,CAAA;QACxB,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;YAC1B,OAAO,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QACvB,CAAC;QACD,IAAI,IAAI,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACzG,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QACrC,CAAC;QACD,OAAO,aAAa,EAAE,CAAA,CAAC,sBAAsB;IAC/C,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,SAAS,CACb,eAA6C;QAE7C,yCAAyC;QACzC,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAA;QAC/D,IAAI,oBAAoB,EAAE,CAAC;YACzB,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,sBAAsB,EAAE,oBAAoB,CAAC,CAAA;QAC3E,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC,GAAG,EAAE,EAAE;YACtD,KAAK,CAAC,GAAG,CAAC,uBAAuB,GAAG,EAAE,CAAC,CAAA;YACvC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,KAAK,GAAG;gBAAE,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,GAAa,CAAC,CAAA;QACzF,CAAC,CAAC,CAAA;QAEF;;WAEG;QACH,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;QACjD,WAAW,CAAC,IAAI,GAAG,EAAE,CAAA;QACrB,MAAM,IAAI,CAAC,OAAO;aACf,sBAAsB,CAAC;YACtB,sBAAsB,EAAE,IAAI;YAC5B,GAAG,EAAE,WAAW,CAAC,IAAI;SACtB,CAAC,CAAA;QAEJ,qDAAqD;QACrD,MAAM,qBAAqB,GAAG,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAA;QACjF,IAAI,qBAAqB,EAAE,CAAC;YAC1B,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;YAC5C,IAAI,MAAM,CAAC,IAAI,KAAK,qBAAqB,EAAE,CAAC;gBAC1C,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;oBACtB,2DAA2D;oBAC3D,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,EAAE,qBAAqB,CAAC,CAAA;gBAChE,CAAC;qBAAM,CAAC;oBACN,gEAAgE;oBAChE,QAAQ,CAAC,IAAI,GAAG,qBAAqB,CAAA;gBACvC,CAAC;gBACD,MAAM,CAAC,IAAI,GAAG,qBAAqB,CAAA;YACrC,CAAC;YACD,qHAAqH;YACrH,qHAAqH;YACrH,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,sBAAsB,EAAE,EAAE,CAAC,CAAA;QACzD,CAAC;QAED,qDAAqD;QACrD,IAAI,EAAE,GAAG,aAAa,EAAE,CAAA;QACxB,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;QACpE,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;QACtD,IAAI,KAAK,EAAE,CAAC;YACV,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;QAC3B,CAAC;QAED,IAAI,EAAE,EAAE,CAAC;YACP,KAAK,CAAC,GAAG,CAAC,iBAAiB,EAAE,qBAAqB,CAAC,CAAA;QACrD,CAAC;QAED,OAAO,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;IACpE,CAAC;IAED;;;;;;OAMG;IACH,QAAQ,CACN,KAAgC,EAChC,OAA+B;QAE/B,IAAI,QAAgB,CAAA;QACpB,IAAI,KAAK,EAAE,CAAC;YACV,QAAQ,GAAG,CAAC,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAA;YAC1D,MAAM,EAAE,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAA;YAC9B,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,EAAE,GAAG,EAAE,CAAA;YACjB,CAAC;YACD,OAAO,EAAE,CAAA;QACX,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAE,OAAiD;QACjE,MAAM,KAAK,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,KAAI,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAA;QACzE,OAAO,KAAK,CAAA;IACd,CAAC;CAEF"} \ No newline at end of file diff --git a/dist/authn/authUtil.d.ts b/dist/authn/authUtil.d.ts new file mode 100644 index 0000000..6964808 --- /dev/null +++ b/dist/authn/authUtil.d.ts @@ -0,0 +1,17 @@ +import { NamedNode } from 'rdflib'; +/** + * find a user or app's context as set in window.SolidAppContext + * this is a const, not a function, because we have problems to jest mock it otherwise + * see: https://github.com/facebook/jest/issues/936#issuecomment-545080082 for more + * @return {any} - an appContext object + */ +export declare const appContext: () => any; +/** + * Returns `sym($SolidTestEnvironment.username)` if + * `$SolidTestEnvironment.username` is defined as a global + * or + * returns testID defined in the HTML page + * @returns {NamedNode|null} + */ +export declare function offlineTestID(): NamedNode | null; +//# sourceMappingURL=authUtil.d.ts.map \ No newline at end of file diff --git a/dist/authn/authUtil.d.ts.map b/dist/authn/authUtil.d.ts.map new file mode 100644 index 0000000..e2c8b79 --- /dev/null +++ b/dist/authn/authUtil.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"authUtil.d.ts","sourceRoot":"","sources":["../../src/authn/authUtil.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAO,MAAM,QAAQ,CAAA;AAGvC;;;;;GAKG;AACH,eAAO,MAAM,UAAU,QAAM,GAuB5B,CAAA;AAED;;;;;;GAMG;AACH,wBAAgB,aAAa,IAAK,SAAS,GAAG,IAAI,CAyBjD"} \ No newline at end of file diff --git a/dist/authn/authUtil.js b/dist/authn/authUtil.js new file mode 100644 index 0000000..c5b03e8 --- /dev/null +++ b/dist/authn/authUtil.js @@ -0,0 +1,64 @@ +import { sym } from 'rdflib'; +import * as debug from '../util/debug'; +/** + * find a user or app's context as set in window.SolidAppContext + * this is a const, not a function, because we have problems to jest mock it otherwise + * see: https://github.com/facebook/jest/issues/936#issuecomment-545080082 for more + * @return {any} - an appContext object + */ +export const appContext = () => { + let { SolidAppContext } = window; + SolidAppContext || (SolidAppContext = {}); + SolidAppContext.viewingNoAuthPage = false; + if (SolidAppContext.noAuth && window.document) { + const currentPage = window.document.location.href; + if (currentPage.startsWith(SolidAppContext.noAuth)) { + SolidAppContext.viewingNoAuthPage = true; + const params = new URLSearchParams(window.document.location.search); + if (params) { + let viewedPage = SolidAppContext.viewedPage = params.get('uri') || null; + if (viewedPage) { + viewedPage = decodeURI(viewedPage); + if (!viewedPage.startsWith(SolidAppContext.noAuth)) { + const ary = viewedPage.split(/\//); + SolidAppContext.idp = ary[0] + '//' + ary[2]; + SolidAppContext.viewingNoAuthPage = false; + } + } + } + } + } + return SolidAppContext; +}; +/** + * Returns `sym($SolidTestEnvironment.username)` if + * `$SolidTestEnvironment.username` is defined as a global + * or + * returns testID defined in the HTML page + * @returns {NamedNode|null} + */ +export function offlineTestID() { + const { $SolidTestEnvironment } = window; + if (typeof $SolidTestEnvironment !== 'undefined' && + $SolidTestEnvironment.username) { + // Test setup + debug.log('Assuming the user is ' + $SolidTestEnvironment.username); + return sym($SolidTestEnvironment.username); + } + // hack that makes SolidOS work in offline mode by adding the webId directly in html + // example usage: https://github.com/solidos/mashlib/blob/29b8b53c46bf02e0e219f0bacd51b0e9951001dd/test/contact/local.html#L37 + if (typeof document !== 'undefined' && + document.location && + ('' + document.location).slice(0, 16) === 'http://localhost') { + const div = document.getElementById('appTarget'); + if (!div) + return null; + const id = div.getAttribute('testID'); + if (!id) + return null; + debug.log('Assuming user is ' + id); + return sym(id); + } + return null; +} +//# sourceMappingURL=authUtil.js.map \ No newline at end of file diff --git a/dist/authn/authUtil.js.map b/dist/authn/authUtil.js.map new file mode 100644 index 0000000..60ca1ae --- /dev/null +++ b/dist/authn/authUtil.js.map @@ -0,0 +1 @@ +{"version":3,"file":"authUtil.js","sourceRoot":"","sources":["../../src/authn/authUtil.ts"],"names":[],"mappings":"AAAA,OAAO,EAAa,GAAG,EAAE,MAAM,QAAQ,CAAA;AACvC,OAAO,KAAK,KAAK,MAAM,eAAe,CAAA;AAEtC;;;;;GAKG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,GAAO,EAAE;IAC/B,IAAI,EAAE,eAAe,EAAE,GAAQ,MAAM,CAAA;IACrC,eAAe,KAAf,eAAe,GAAK,EAAE,EAAA;IACtB,eAAe,CAAC,iBAAiB,GAAG,KAAK,CAAA;IACzC,IAAI,eAAe,CAAC,MAAM,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QAC5C,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAA;QACjD,IAAI,WAAW,CAAC,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;YACrD,eAAe,CAAC,iBAAiB,GAAG,IAAI,CAAA;YACxC,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;YACnE,IAAI,MAAM,EAAE,CAAC;gBACT,IAAI,UAAU,GAAG,eAAe,CAAC,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,IAAI,CAAA;gBACvE,IAAI,UAAU,EAAE,CAAC;oBACjB,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC,CAAA;oBAClC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;wBACjD,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;wBAClC,eAAe,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAA;wBAC5C,eAAe,CAAC,iBAAiB,GAAG,KAAK,CAAA;oBAC7C,CAAC;gBACD,CAAC;YACL,CAAC;QACD,CAAC;IACL,CAAC;IACD,OAAO,eAAe,CAAA;AAC1B,CAAC,CAAA;AAED;;;;;;GAMG;AACH,MAAM,UAAU,aAAa;IACzB,MAAM,EAAE,qBAAqB,EAAE,GAAQ,MAAM,CAAA;IAC7C,IACE,OAAO,qBAAqB,KAAK,WAAW;QAC5C,qBAAqB,CAAC,QAAQ,EAC9B,CAAC;QACD,aAAa;QACb,KAAK,CAAC,GAAG,CAAC,uBAAuB,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAA;QACnE,OAAO,GAAG,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAA;IAC5C,CAAC;IACD,oFAAoF;IACpF,8HAA8H;IAC9H,IACE,OAAO,QAAQ,KAAK,WAAW;QAC/B,QAAQ,CAAC,QAAQ;QACjB,CAAC,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,kBAAkB,EAC5D,CAAC;QACD,MAAM,GAAG,GAAG,QAAQ,CAAC,cAAc,CAAC,WAAW,CAAC,CAAA;QAChD,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAA;QACrB,MAAM,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAA;QACrC,IAAI,CAAC,EAAE;YAAE,OAAO,IAAI,CAAA;QACpB,KAAK,CAAC,GAAG,CAAC,mBAAmB,GAAG,EAAE,CAAC,CAAA;QACnC,OAAO,GAAG,CAAC,EAAE,CAAC,CAAA;IAChB,CAAC;IACD,OAAO,IAAI,CAAA;AACf,CAAC"} \ No newline at end of file diff --git a/dist/chat/chatLogic.d.ts b/dist/chat/chatLogic.d.ts new file mode 100644 index 0000000..6f95348 --- /dev/null +++ b/dist/chat/chatLogic.d.ts @@ -0,0 +1,3 @@ +import { ChatLogic } from '../types'; +export declare function createChatLogic(store: any, profileLogic: any): ChatLogic; +//# sourceMappingURL=chatLogic.d.ts.map \ No newline at end of file diff --git a/dist/chat/chatLogic.d.ts.map b/dist/chat/chatLogic.d.ts.map new file mode 100644 index 0000000..5921df6 --- /dev/null +++ b/dist/chat/chatLogic.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"chatLogic.d.ts","sourceRoot":"","sources":["../../src/chat/chatLogic.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAA4C,MAAM,UAAU,CAAA;AAM9E,wBAAgB,eAAe,CAAC,KAAK,KAAA,EAAE,YAAY,KAAA,GAAG,SAAS,CAyN9D"} \ No newline at end of file diff --git a/dist/chat/chatLogic.js b/dist/chat/chatLogic.js new file mode 100644 index 0000000..ba1ba31 --- /dev/null +++ b/dist/chat/chatLogic.js @@ -0,0 +1,157 @@ +import { NamedNode, st, term } from 'rdflib'; +import { ns as namespace } from '../util/ns'; +import { determineChatContainer, newThing } from '../util/utils'; +const CHAT_LOCATION_IN_CONTAINER = 'index.ttl#this'; +export function createChatLogic(store, profileLogic) { + const ns = namespace; + async function setAcl(chatContainer, me, invitee) { + // Some servers don't present a Link http response header + // if the container doesn't exist yet, so refetch the container + // now that it has been created: + await store.fetcher.load(chatContainer); + // FIXME: check the Why value on this quad: + const chatAclDoc = store.any(chatContainer, new NamedNode('http://www.iana.org/assignments/link-relations/acl')); + if (!chatAclDoc) { + throw new Error('Chat ACL doc not found!'); + } + const aclBody = ` + @prefix acl: . + <#owner> + a acl:Authorization; + acl:agent <${me.value}>; + acl:accessTo <.>; + acl:default <.>; + acl:mode + acl:Read, acl:Write, acl:Control. + <#invitee> + a acl:Authorization; + acl:agent <${invitee.value}>; + acl:accessTo <.>; + acl:default <.>; + acl:mode + acl:Read, acl:Append. + `; + await store.fetcher.webOperation('PUT', chatAclDoc.value, { + data: aclBody, + contentType: 'text/turtle', + }); + } + async function addToPrivateTypeIndex(chatThing, me) { + // Add to private type index + const privateTypeIndex = store.any(me, ns.solid('privateTypeIndex')); + if (!privateTypeIndex) { + throw new Error('Private type index not found!'); + } + await store.fetcher.load(privateTypeIndex); + const reg = newThing(privateTypeIndex); + const ins = [ + st(reg, ns.rdf('type'), ns.solid('TypeRegistration'), privateTypeIndex.doc()), + st(reg, ns.solid('forClass'), ns.meeting('LongChat'), privateTypeIndex.doc()), + st(reg, ns.solid('instance'), chatThing, privateTypeIndex.doc()), + ]; + await new Promise((resolve, reject) => { + store.updater.update([], ins, function (_uri, ok, errm) { + if (!ok) { + reject(new Error(errm)); + } + else { + resolve(null); + } + }); + }); + } + async function findChat(invitee) { + const me = await profileLogic.loadMe(); + const podRoot = await profileLogic.getPodRoot(me); + const chatContainer = determineChatContainer(invitee, podRoot); + let exists = true; + try { + await store.fetcher.load(new NamedNode(chatContainer.value + 'index.ttl#this')); + } + catch (e) { + exists = false; + } + return { me, chatContainer, exists }; + } + async function createChatThing(chatContainer, me) { + const created = await mintNew({ + me, + newBase: chatContainer.value, + }); + return created.newInstance; + } + function mintNew(newPaneOptions) { + const kb = store; + const updater = kb.updater; + if (newPaneOptions.me && !newPaneOptions.me.uri) { + throw new Error('chat mintNew: Invalid userid ' + newPaneOptions.me); + } + const newInstance = (newPaneOptions.newInstance = + newPaneOptions.newInstance || + kb.sym(newPaneOptions.newBase + CHAT_LOCATION_IN_CONTAINER)); + const newChatDoc = newInstance.doc(); + kb.add(newInstance, ns.rdf('type'), ns.meeting('LongChat'), newChatDoc); + kb.add(newInstance, ns.dc('title'), 'Chat channel', newChatDoc); + kb.add(newInstance, ns.dc('created'), term(new Date(Date.now())), newChatDoc); + if (newPaneOptions.me) { + kb.add(newInstance, ns.dc('author'), newPaneOptions.me, newChatDoc); + } + return new Promise(function (resolve, reject) { + updater === null || updater === void 0 ? void 0 : updater.put(newChatDoc, kb.statementsMatching(undefined, undefined, undefined, newChatDoc), 'text/turtle', function (uri2, ok, message) { + if (ok) { + resolve({ + ...newPaneOptions, + newInstance, + }); + } + else { + reject(new Error('FAILED to save new chat channel at: ' + uri2 + ' : ' + message)); + } + }); + }); + } + /** + * Find (and optionally create) an individual chat between the current user and the given invitee + * @param invitee - The person to chat with + * @param createIfMissing - Whether the chat should be created, if missing + * @returns null if missing, or a node referring to an already existing chat, or the newly created chat + */ + async function getChat(invitee, createIfMissing = true) { + const { me, chatContainer, exists } = await findChat(invitee); + if (exists) { + return new NamedNode(chatContainer.value + CHAT_LOCATION_IN_CONTAINER); + } + if (createIfMissing) { + const chatThing = await createChatThing(chatContainer, me); + await sendInvite(invitee, chatThing); + await setAcl(chatContainer, me, invitee); + await addToPrivateTypeIndex(chatThing, me); + return chatThing; + } + return null; + } + async function sendInvite(invitee, chatThing) { + var _a; + await store.fetcher.load(invitee.doc()); + const inviteeInbox = store.any(invitee, ns.ldp('inbox'), undefined, invitee.doc()); + if (!inviteeInbox) { + throw new Error(`Invitee inbox not found! ${invitee.value}`); + } + const inviteBody = ` + <> a ; + ${ns.rdf('seeAlso')} <${chatThing.value}> . + `; + const inviteResponse = await ((_a = store.fetcher) === null || _a === void 0 ? void 0 : _a.webOperation('POST', inviteeInbox.value, { + data: inviteBody, + contentType: 'text/turtle', + })); + const locationStr = inviteResponse === null || inviteResponse === void 0 ? void 0 : inviteResponse.headers.get('location'); + if (!locationStr) { + throw new Error(`Invite sending returned a ${inviteResponse === null || inviteResponse === void 0 ? void 0 : inviteResponse.status}`); + } + } + return { + setAcl, addToPrivateTypeIndex, findChat, createChatThing, getChat, sendInvite, mintNew + }; +} +//# sourceMappingURL=chatLogic.js.map \ No newline at end of file diff --git a/dist/chat/chatLogic.js.map b/dist/chat/chatLogic.js.map new file mode 100644 index 0000000..66e50d2 --- /dev/null +++ b/dist/chat/chatLogic.js.map @@ -0,0 +1 @@ +{"version":3,"file":"chatLogic.js","sourceRoot":"","sources":["../../src/chat/chatLogic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAQ,EAAE,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAElD,OAAO,EAAE,EAAE,IAAI,SAAS,EAAE,MAAM,YAAY,CAAA;AAC5C,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AAEhE,MAAM,0BAA0B,GAAG,gBAAgB,CAAA;AAEnD,MAAM,UAAU,eAAe,CAAC,KAAK,EAAE,YAAY;IAC/C,MAAM,EAAE,GAAG,SAAS,CAAA;IAEpB,KAAK,UAAU,MAAM,CACjB,aAAwB,EACxB,EAAa,EACb,OAAkB;QAElB,yDAAyD;QACzD,+DAA+D;QAC/D,gCAAgC;QAChC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;QAEvC,2CAA2C;QAC3C,MAAM,UAAU,GAAG,KAAK,CAAC,GAAG,CACxB,aAAa,EACb,IAAI,SAAS,CAAC,oDAAoD,CAAC,CACtE,CAAA;QACD,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;QAC9C,CAAC;QAED,MAAM,OAAO,GAAG;;;;yBAIC,EAAE,CAAC,KAAK;;;;;;;yBAOR,OAAO,CAAC,KAAK;;;;;aAKzB,CAAA;QACL,MAAM,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE;YACtD,IAAI,EAAE,OAAO;YACb,WAAW,EAAE,aAAa;SAC7B,CAAC,CAAA;IACN,CAAC;IAED,KAAK,UAAU,qBAAqB,CAAC,SAAS,EAAE,EAAE;QAC9C,4BAA4B;QAC5B,MAAM,gBAAgB,GAAG,KAAK,CAAC,GAAG,CAC9B,EAAE,EACF,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,CACX,CAAA;QACrB,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;QACpD,CAAC;QACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;QAC1C,MAAM,GAAG,GAAG,QAAQ,CAAC,gBAAgB,CAAC,CAAA;QACtC,MAAM,GAAG,GAAG;YACR,EAAE,CACE,GAAG,EACH,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EACd,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAC5B,gBAAgB,CAAC,GAAG,EAAE,CACzB;YACD,EAAE,CACE,GAAG,EACH,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EACpB,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC,EACtB,gBAAgB,CAAC,GAAG,EAAE,CACzB;YACD,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,SAAS,EAAE,gBAAgB,CAAC,GAAG,EAAE,CAAC;SACnE,CAAA;QACD,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAClC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,UAAU,IAAI,EAAE,EAAE,EAAE,IAAI;gBAClD,IAAI,CAAC,EAAE,EAAE,CAAC;oBACN,MAAM,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAA;gBAC3B,CAAC;qBAAM,CAAC;oBACJ,OAAO,CAAC,IAAI,CAAC,CAAA;gBACjB,CAAC;YACL,CAAC,CAAC,CAAA;QACN,CAAC,CAAC,CAAA;IACN,CAAC;IAED,KAAK,UAAU,QAAQ,CAAC,OAAkB;QACtC,MAAM,EAAE,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE,CAAA;QACtC,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,aAAa,GAAG,sBAAsB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;QAC9D,IAAI,MAAM,GAAG,IAAI,CAAA;QACjB,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CACpB,IAAI,SAAS,CAAC,aAAa,CAAC,KAAK,GAAG,gBAAgB,CAAC,CACxD,CAAA;QACL,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACT,MAAM,GAAG,KAAK,CAAA;QAClB,CAAC;QACD,OAAO,EAAE,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,CAAA;IACxC,CAAC;IAED,KAAK,UAAU,eAAe,CAC1B,aAAwB,EACxB,EAAa;QAEb,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC;YAC1B,EAAE;YACF,OAAO,EAAE,aAAa,CAAC,KAAK;SAC/B,CAAC,CAAA;QACF,OAAO,OAAO,CAAC,WAAW,CAAA;IAC9B,CAAC;IAED,SAAS,OAAO,CAAC,cAA8B;QAC3C,MAAM,EAAE,GAAG,KAAK,CAAA;QAChB,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,CAAA;QAC1B,IAAI,cAAc,CAAC,EAAE,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,gCAAgC,GAAG,cAAc,CAAC,EAAE,CAAC,CAAA;QACzE,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,cAAc,CAAC,WAAW;YAC3C,cAAc,CAAC,WAAW;gBAC1B,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,OAAO,GAAG,0BAA0B,CAAC,CAAC,CAAA;QAChE,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,CAAA;QAEpC,EAAE,CAAC,GAAG,CACF,WAAW,EACX,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EACd,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC,EACtB,UAAU,CACb,CAAA;QACD,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,cAAc,EAAE,UAAU,CAAC,CAAA;QAC/D,EAAE,CAAC,GAAG,CACF,WAAW,EACX,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,EAChB,IAAI,CAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAChC,UAAU,CACb,CAAA;QACD,IAAI,cAAc,CAAC,EAAE,EAAE,CAAC;YACpB,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,cAAc,CAAC,EAAE,EAAE,UAAU,CAAC,CAAA;QACvE,CAAC;QAED,OAAO,IAAI,OAAO,CAAC,UAAU,OAAO,EAAE,MAAM;YACxC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,CACR,UAAU,EACV,EAAE,CAAC,kBAAkB,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,EAClE,aAAa,EACb,UAAU,IAAI,EAAE,EAAE,EAAE,OAAO;gBACvB,IAAI,EAAE,EAAE,CAAC;oBACL,OAAO,CAAC;wBACJ,GAAG,cAAc;wBACjB,WAAW;qBACd,CAAC,CAAA;gBACN,CAAC;qBAAM,CAAC;oBACJ,MAAM,CACF,IAAI,KAAK,CACL,sCAAsC,GAAG,IAAI,GAAG,KAAK,GAAG,OAAO,CAClE,CACJ,CAAA;gBACL,CAAC;YACL,CAAC,CACJ,CAAA;QACL,CAAC,CAAC,CAAA;IACN,CAAC;IAED;;;;;OAKG;IACH,KAAK,UAAU,OAAO,CAClB,OAAkB,EAClB,eAAe,GAAG,IAAI;QAEtB,MAAM,EAAE,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,CAAA;QAC7D,IAAI,MAAM,EAAE,CAAC;YACT,OAAO,IAAI,SAAS,CAAC,aAAa,CAAC,KAAK,GAAG,0BAA0B,CAAC,CAAA;QAC1E,CAAC;QAED,IAAI,eAAe,EAAE,CAAC;YAClB,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,aAAa,EAAE,EAAE,CAAC,CAAA;YAC1D,MAAM,UAAU,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;YACpC,MAAM,MAAM,CAAC,aAAa,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;YACxC,MAAM,qBAAqB,CAAC,SAAS,EAAE,EAAE,CAAC,CAAA;YAC1C,OAAO,SAAS,CAAA;QACpB,CAAC;QACD,OAAO,IAAI,CAAA;IACf,CAAC;IAED,KAAK,UAAU,UAAU,CAAC,OAAkB,EAAE,SAAoB;;QAC9D,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAA;QACvC,MAAM,YAAY,GAAG,KAAK,CAAC,GAAG,CAC1B,OAAO,EACP,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EACf,SAAS,EACT,OAAO,CAAC,GAAG,EAAE,CAChB,CAAA;QACD,IAAI,CAAC,YAAY,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,CAAC,KAAK,EAAE,CAAC,CAAA;QAChE,CAAC;QACD,MAAM,UAAU,GAAG;;UAEjB,EAAE,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,SAAS,CAAC,KAAK;SACtC,CAAA;QAED,MAAM,cAAc,GAAG,MAAM,CAAA,MAAA,KAAK,CAAC,OAAO,0CAAE,YAAY,CACpD,MAAM,EACN,YAAY,CAAC,KAAK,EAClB;YACI,IAAI,EAAE,UAAU;YAChB,WAAW,EAAE,aAAa;SAC7B,CACJ,CAAA,CAAA;QACD,MAAM,WAAW,GAAG,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAC3D,IAAI,CAAC,WAAW,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,6BAA6B,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,MAAM,EAAE,CAAC,CAAA;QAC1E,CAAC;IACL,CAAC;IACD,OAAO;QACH,MAAM,EAAE,qBAAqB,EAAE,QAAQ,EAAE,eAAe,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO;KACzF,CAAA;AACL,CAAC"} \ No newline at end of file diff --git a/dist/inbox/inboxLogic.d.ts b/dist/inbox/inboxLogic.d.ts new file mode 100644 index 0000000..62c2118 --- /dev/null +++ b/dist/inbox/inboxLogic.d.ts @@ -0,0 +1,3 @@ +import { InboxLogic } from '../types'; +export declare function createInboxLogic(store: any, profileLogic: any, utilityLogic: any, containerLogic: any, aclLogic: any): InboxLogic; +//# sourceMappingURL=inboxLogic.d.ts.map \ No newline at end of file diff --git a/dist/inbox/inboxLogic.d.ts.map b/dist/inbox/inboxLogic.d.ts.map new file mode 100644 index 0000000..fa39137 --- /dev/null +++ b/dist/inbox/inboxLogic.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"inboxLogic.d.ts","sourceRoot":"","sources":["../../src/inbox/inboxLogic.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAGrC,wBAAgB,gBAAgB,CAAC,KAAK,KAAA,EAAE,YAAY,KAAA,EAAE,YAAY,KAAA,EAAE,cAAc,KAAA,EAAE,QAAQ,KAAA,GAAG,UAAU,CAqDxG"} \ No newline at end of file diff --git a/dist/inbox/inboxLogic.js b/dist/inbox/inboxLogic.js new file mode 100644 index 0000000..edf2370 --- /dev/null +++ b/dist/inbox/inboxLogic.js @@ -0,0 +1,51 @@ +import { getArchiveUrl } from '../util/utils'; +export function createInboxLogic(store, profileLogic, utilityLogic, containerLogic, aclLogic) { + async function createInboxFor(peerWebId, nick) { + const myWebId = await profileLogic.loadMe(); + const podRoot = await profileLogic.getPodRoot(myWebId); + const ourInbox = `${podRoot.value}p2p-inboxes/${encodeURIComponent(nick)}/`; + await containerLogic.createContainer(ourInbox); + // const aclDocUrl = await aclLogic.findAclDocUrl(ourInbox); + await utilityLogic.setSinglePeerAccess({ + ownerWebId: myWebId.value, + peerWebId, + accessToModes: 'acl:Append', + target: ourInbox + }); + return ourInbox; + } + async function getNewMessages(user) { + if (!user) { + user = await profileLogic.loadMe(); + } + const inbox = await profileLogic.getMainInbox(user); + const urls = await containerLogic.getContainerMembers(inbox); + return urls.filter(url => !containerLogic.isContainer(url)); + } + async function markAsRead(url, date) { + const downloaded = await store.fetcher._fetch(url); + if (downloaded.status !== 200) { + throw new Error(`Not OK! ${url}`); + } + const archiveUrl = getArchiveUrl(url, date); + const options = { + method: 'PUT', + body: await downloaded.text(), + headers: [ + ['Content-Type', downloaded.headers.get('Content-Type') || 'application/octet-stream'] + ] + }; + const uploaded = await store.fetcher._fetch(archiveUrl, options); + if (uploaded.status.toString()[0] === '2') { + await store.fetcher._fetch(url, { + method: 'DELETE' + }); + } + } + return { + createInboxFor, + getNewMessages, + markAsRead + }; +} +//# sourceMappingURL=inboxLogic.js.map \ No newline at end of file diff --git a/dist/inbox/inboxLogic.js.map b/dist/inbox/inboxLogic.js.map new file mode 100644 index 0000000..a2aa1a7 --- /dev/null +++ b/dist/inbox/inboxLogic.js.map @@ -0,0 +1 @@ +{"version":3,"file":"inboxLogic.js","sourceRoot":"","sources":["../../src/inbox/inboxLogic.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAE7C,MAAM,UAAU,gBAAgB,CAAC,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,cAAc,EAAE,QAAQ;IAExF,KAAK,UAAU,cAAc,CAAC,SAAiB,EAAE,IAAY;QAC3D,MAAM,OAAO,GAAc,MAAM,YAAY,CAAC,MAAM,EAAE,CAAA;QACtD,MAAM,OAAO,GAAc,MAAM,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC,CAAA;QACjE,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,KAAK,eAAe,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAA;QAC3E,MAAM,cAAc,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAA;QAC9C,4DAA4D;QAC5D,MAAM,YAAY,CAAC,mBAAmB,CAAC;YACrC,UAAU,EAAE,OAAO,CAAC,KAAK;YACzB,SAAS;YACT,aAAa,EAAE,YAAY;YAC3B,MAAM,EAAE,QAAQ;SACjB,CAAC,CAAA;QACF,OAAO,QAAQ,CAAA;IACnB,CAAC;IAED,KAAK,UAAU,cAAc,CACzB,IAAgB;QAEhB,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAI,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE,CAAA;QACpC,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC,CAAA;QACnD,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAA;QAC5D,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAA;IAC/D,CAAC;IAED,KAAK,UAAU,UAAU,CAAC,GAAW,EAAE,IAAU;QAC/C,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;QAClD,IAAI,UAAU,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,WAAW,GAAG,EAAE,CAAC,CAAA;QACnC,CAAC;QACD,MAAM,UAAU,GAAG,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;QAC3C,MAAM,OAAO,GAAG;YACd,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,MAAM,UAAU,CAAC,IAAI,EAAE;YAC7B,OAAO,EAAE;gBACP,CAAC,cAAc,EAAE,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,0BAA0B,CAAC;aACvF;SACF,CAAA;QACD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;QAChE,IAAI,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YAC1C,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE;gBAC9B,MAAM,EAAE,QAAQ;aACjB,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IACD,OAAO;QACL,cAAc;QACd,cAAc;QACd,UAAU;KACX,CAAA;AACH,CAAC"} \ No newline at end of file diff --git a/dist/index.d.ts b/dist/index.d.ts new file mode 100644 index 0000000..0fd9978 --- /dev/null +++ b/dist/index.d.ts @@ -0,0 +1,13 @@ +import { solidLogicSingleton } from './logic/solidLogicSingleton'; +declare const authn: import("./types").AuthnLogic; +declare const authSession: import("./authSession/solidOidcAdapter").Session; +declare const store: import("rdflib").LiveStore; +export { ACL_LINK } from './acl/aclLogic'; +export { offlineTestID, appContext } from './authn/authUtil'; +export { getSuggestedIssuers } from './issuer/issuerLogic'; +export { createTypeIndexLogic } from './typeIndex/typeIndexLogic'; +export type { AppDetails, SolidNamespace, AuthenticationContext, SolidLogic, ChatLogic } from './types'; +export { UnauthorizedError, CrossOriginForbiddenError, SameOriginForbiddenError, NotFoundError, FetchError, NotEditableError, WebOperationError } from './logic/CustomError'; +export { solidLogicSingleton, // solidLogicSingleton is exported entirely because it is used in solid-panes +store, authn, authSession }; +//# sourceMappingURL=index.d.ts.map \ No newline at end of file diff --git a/dist/index.d.ts.map b/dist/index.d.ts.map new file mode 100644 index 0000000..e9d049a --- /dev/null +++ b/dist/index.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAA;AAEjE,QAAA,MAAM,KAAK,8BAA4B,CAAA;AACvC,QAAA,MAAM,WAAW,kDAAwC,CAAA;AACzD,QAAA,MAAM,KAAK,4BAA4B,CAAA;AAEvC,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AACzC,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAA;AAC1D,OAAO,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAA;AACjE,YAAY,EAAE,UAAU,EAAE,cAAc,EAAE,qBAAqB,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAA;AACvG,OAAO,EAAE,iBAAiB,EAAE,yBAAyB,EAAE,wBAAwB,EAAE,aAAa,EAAE,UAAU,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AAE5K,OAAO,EACL,mBAAmB,EAAE,6EAA6E;AAClG,KAAK,EACL,KAAK,EACL,WAAW,EACZ,CAAA"} \ No newline at end of file diff --git a/dist/index.js b/dist/index.js new file mode 100644 index 0000000..b10eafa --- /dev/null +++ b/dist/index.js @@ -0,0 +1,14 @@ +// Make these variables directly accessible as it is what you need most of the time +// This also makes these variable globaly accesible in mashlib +import { solidLogicSingleton } from './logic/solidLogicSingleton'; +const authn = solidLogicSingleton.authn; +const authSession = solidLogicSingleton.authn.authSession; +const store = solidLogicSingleton.store; +export { ACL_LINK } from './acl/aclLogic'; +export { offlineTestID, appContext } from './authn/authUtil'; +export { getSuggestedIssuers } from './issuer/issuerLogic'; +export { createTypeIndexLogic } from './typeIndex/typeIndexLogic'; +export { UnauthorizedError, CrossOriginForbiddenError, SameOriginForbiddenError, NotFoundError, FetchError, NotEditableError, WebOperationError } from './logic/CustomError'; +export { solidLogicSingleton, // solidLogicSingleton is exported entirely because it is used in solid-panes +store, authn, authSession }; +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/dist/index.js.map b/dist/index.js.map new file mode 100644 index 0000000..661e105 --- /dev/null +++ b/dist/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,mFAAmF;AACnF,8DAA8D;AAC9D,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAA;AAEjE,MAAM,KAAK,GAAG,mBAAmB,CAAC,KAAK,CAAA;AACvC,MAAM,WAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,WAAW,CAAA;AACzD,MAAM,KAAK,GAAG,mBAAmB,CAAC,KAAK,CAAA;AAEvC,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AACzC,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAA;AAC1D,OAAO,EAAE,oBAAoB,EAAE,MAAM,4BAA4B,CAAA;AAEjE,OAAO,EAAE,iBAAiB,EAAE,yBAAyB,EAAE,wBAAwB,EAAE,aAAa,EAAE,UAAU,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAA;AAE5K,OAAO,EACL,mBAAmB,EAAE,6EAA6E;AAClG,KAAK,EACL,KAAK,EACL,WAAW,EACZ,CAAA"} \ No newline at end of file diff --git a/dist/issuer/issuerLogic.d.ts b/dist/issuer/issuerLogic.d.ts new file mode 100644 index 0000000..6eb7ef8 --- /dev/null +++ b/dist/issuer/issuerLogic.d.ts @@ -0,0 +1,8 @@ +/** + * @returns - A list of suggested OIDC issuers + */ +export declare function getSuggestedIssuers(): { + name: string; + uri: string; +}[]; +//# sourceMappingURL=issuerLogic.d.ts.map \ No newline at end of file diff --git a/dist/issuer/issuerLogic.d.ts.map b/dist/issuer/issuerLogic.d.ts.map new file mode 100644 index 0000000..ddba782 --- /dev/null +++ b/dist/issuer/issuerLogic.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"issuerLogic.d.ts","sourceRoot":"","sources":["../../src/issuer/issuerLogic.ts"],"names":[],"mappings":"AAmBA;;GAEG;AACH,wBAAgB,mBAAmB,IAAK;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,EAAE,CAYpE"} \ No newline at end of file diff --git a/dist/issuer/issuerLogic.js b/dist/issuer/issuerLogic.js new file mode 100644 index 0000000..680e17e --- /dev/null +++ b/dist/issuer/issuerLogic.js @@ -0,0 +1,37 @@ +const DEFAULT_ISSUERS = [ + { + name: 'Solid Community', + uri: 'https://solidcommunity.net' + }, + { + name: 'Solid Web', + uri: 'https://solidweb.org' + }, + { + name: 'Solid Web ME', + uri: 'https://solidweb.me' + }, + { + name: 'Inrupt.com', + uri: 'https://login.inrupt.com' + } +]; +/** + * @returns - A list of suggested OIDC issuers + */ +export function getSuggestedIssuers() { + // Suggest a default list of OIDC issuers + const issuers = [...DEFAULT_ISSUERS]; + // Suggest the current host if not already included + const { host, origin } = new URL(location.href); + const hosts = issuers.map(({ uri }) => new URL(uri).host); + if (!hosts.includes(host) && !hosts.some(existing => isSubdomainOf(host, existing))) { + issuers.unshift({ name: host, uri: origin }); + } + return issuers; +} +function isSubdomainOf(subdomain, domain) { + const dot = subdomain.length - domain.length - 1; + return dot > 0 && subdomain[dot] === '.' && subdomain.endsWith(domain); +} +//# sourceMappingURL=issuerLogic.js.map \ No newline at end of file diff --git a/dist/issuer/issuerLogic.js.map b/dist/issuer/issuerLogic.js.map new file mode 100644 index 0000000..7a9ff6a --- /dev/null +++ b/dist/issuer/issuerLogic.js.map @@ -0,0 +1 @@ +{"version":3,"file":"issuerLogic.js","sourceRoot":"","sources":["../../src/issuer/issuerLogic.ts"],"names":[],"mappings":"AAAA,MAAM,eAAe,GAAG;IACtB;QACE,IAAI,EAAE,iBAAiB;QACvB,GAAG,EAAE,4BAA4B;KAClC;IACD;QACE,IAAI,EAAE,WAAW;QACjB,GAAG,EAAE,sBAAsB;KAC5B;IACD;QACE,IAAI,EAAE,cAAc;QACpB,GAAG,EAAE,qBAAqB;KAC3B;IACD;QACE,IAAI,EAAE,YAAY;QAClB,GAAG,EAAE,0BAA0B;KAChC;CACF,CAAA;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB;IAC/B,yCAAyC;IACzC,MAAM,OAAO,GAAG,CAAC,GAAG,eAAe,CAAC,CAAA;IAEpC,mDAAmD;IACnD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;IAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAA;IACzD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC,EAAE,CAAC;QACpF,OAAO,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC,CAAA;IAC9C,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAEH,SAAS,aAAa,CAAE,SAAiB,EAAE,MAAc;IACrD,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,CAAA;IAChD,OAAO,GAAG,GAAG,CAAC,IAAI,SAAS,CAAC,GAAG,CAAC,KAAK,GAAG,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;AAC1E,CAAC"} \ No newline at end of file diff --git a/dist/logic/CustomError.d.ts b/dist/logic/CustomError.d.ts new file mode 100644 index 0000000..7290c43 --- /dev/null +++ b/dist/logic/CustomError.d.ts @@ -0,0 +1,21 @@ +declare class CustomError extends Error { + constructor(message?: string); +} +export declare class UnauthorizedError extends CustomError { +} +export declare class CrossOriginForbiddenError extends CustomError { +} +export declare class SameOriginForbiddenError extends CustomError { +} +export declare class NotFoundError extends CustomError { +} +export declare class NotEditableError extends CustomError { +} +export declare class WebOperationError extends CustomError { +} +export declare class FetchError extends CustomError { + status: number; + constructor(status: number, message?: string); +} +export {}; +//# sourceMappingURL=CustomError.d.ts.map \ No newline at end of file diff --git a/dist/logic/CustomError.d.ts.map b/dist/logic/CustomError.d.ts.map new file mode 100644 index 0000000..dade129 --- /dev/null +++ b/dist/logic/CustomError.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"CustomError.d.ts","sourceRoot":"","sources":["../../src/logic/CustomError.ts"],"names":[],"mappings":"AAAA,cAAM,WAAY,SAAQ,KAAK;gBACf,OAAO,CAAC,EAAE,MAAM;CAM/B;AAED,qBAAa,iBAAkB,SAAQ,WAAW;CAAG;AAErD,qBAAa,yBAA0B,SAAQ,WAAW;CAAG;AAE7D,qBAAa,wBAAyB,SAAQ,WAAW;CAAG;AAE5D,qBAAa,aAAc,SAAQ,WAAW;CAAG;AAEjD,qBAAa,gBAAiB,SAAQ,WAAW;CAAI;AAErD,qBAAa,iBAAkB,SAAQ,WAAW;CAAG;AAErD,qBAAa,UAAW,SAAQ,WAAW;IACvC,MAAM,EAAE,MAAM,CAAA;gBAEF,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM;CAI/C"} \ No newline at end of file diff --git a/dist/logic/CustomError.js b/dist/logic/CustomError.js new file mode 100644 index 0000000..c1d0ea2 --- /dev/null +++ b/dist/logic/CustomError.js @@ -0,0 +1,27 @@ +class CustomError extends Error { + constructor(message) { + super(message); + // see: typescriptlang.org/docs/handbook/release-notes/typescript-2-2.html + Object.setPrototypeOf(this, new.target.prototype); // restore prototype chain + this.name = new.target.name; // stack traces display correctly now + } +} +export class UnauthorizedError extends CustomError { +} +export class CrossOriginForbiddenError extends CustomError { +} +export class SameOriginForbiddenError extends CustomError { +} +export class NotFoundError extends CustomError { +} +export class NotEditableError extends CustomError { +} +export class WebOperationError extends CustomError { +} +export class FetchError extends CustomError { + constructor(status, message) { + super(message); + this.status = status; + } +} +//# sourceMappingURL=CustomError.js.map \ No newline at end of file diff --git a/dist/logic/CustomError.js.map b/dist/logic/CustomError.js.map new file mode 100644 index 0000000..484523f --- /dev/null +++ b/dist/logic/CustomError.js.map @@ -0,0 +1 @@ +{"version":3,"file":"CustomError.js","sourceRoot":"","sources":["../../src/logic/CustomError.ts"],"names":[],"mappings":"AAAA,MAAM,WAAY,SAAQ,KAAK;IAC3B,YAAY,OAAgB;QACxB,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,0EAA0E;QAC1E,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA,CAAC,0BAA0B;QAC5E,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAA,CAAC,qCAAqC;IACrE,CAAC;CACJ;AAED,MAAM,OAAO,iBAAkB,SAAQ,WAAW;CAAG;AAErD,MAAM,OAAO,yBAA0B,SAAQ,WAAW;CAAG;AAE7D,MAAM,OAAO,wBAAyB,SAAQ,WAAW;CAAG;AAE5D,MAAM,OAAO,aAAc,SAAQ,WAAW;CAAG;AAEjD,MAAM,OAAO,gBAAiB,SAAQ,WAAW;CAAI;AAErD,MAAM,OAAO,iBAAkB,SAAQ,WAAW;CAAG;AAErD,MAAM,OAAO,UAAW,SAAQ,WAAW;IAGvC,YAAY,MAAc,EAAE,OAAgB;QACxC,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACxB,CAAC;CACJ"} \ No newline at end of file diff --git a/dist/logic/solidLogic.d.ts b/dist/logic/solidLogic.d.ts new file mode 100644 index 0000000..8f0a6a5 --- /dev/null +++ b/dist/logic/solidLogic.d.ts @@ -0,0 +1,6 @@ +import { Session } from '../authSession/solidOidcAdapter'; +import { SolidLogic } from '../types'; +export declare function createSolidLogic(specialFetch: { + fetch: (url: any, requestInit: any) => any; +}, session: Session): SolidLogic; +//# sourceMappingURL=solidLogic.d.ts.map \ No newline at end of file diff --git a/dist/logic/solidLogic.d.ts.map b/dist/logic/solidLogic.d.ts.map new file mode 100644 index 0000000..2f03860 --- /dev/null +++ b/dist/logic/solidLogic.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"solidLogic.d.ts","sourceRoot":"","sources":["../../src/logic/solidLogic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,iCAAiC,CAAA;AAWzD,OAAO,EAAc,UAAU,EAAE,MAAM,UAAU,CAAA;AAQjD,wBAAgB,gBAAgB,CAAC,YAAY,EAAE;IAAE,KAAK,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,WAAW,EAAE,GAAG,KAAK,GAAG,CAAA;CAAE,EAAE,OAAO,EAAE,OAAO,GAAG,UAAU,CAuD3H"} \ No newline at end of file diff --git a/dist/logic/solidLogic.js b/dist/logic/solidLogic.js new file mode 100644 index 0000000..159a844 --- /dev/null +++ b/dist/logic/solidLogic.js @@ -0,0 +1,64 @@ +import * as rdf from 'rdflib'; +import { createAclLogic } from '../acl/aclLogic'; +import { SolidAuthnLogic } from '../authn/SolidAuthnLogic'; +import { createChatLogic } from '../chat/chatLogic'; +import { createInboxLogic } from '../inbox/inboxLogic'; +import { createProfileLogic } from '../profile/profileLogic'; +import { createTypeIndexLogic } from '../typeIndex/typeIndexLogic'; +import { createContainerLogic } from '../util/containerLogic'; +import { createUtilityLogic } from '../util/utilityLogic'; +import * as debug from '../util/debug'; +/* +** It is important to distinquish `fetch`, a function provided by the browser +** and `Fetcher`, a helper object for the rdflib Store which turns it +** into a `ConnectedStore` or a `LiveStore`. A Fetcher object is +** available at store.fetcher, and `fetch` function at `store.fetcher._fetch`, +*/ +export function createSolidLogic(specialFetch, session) { + debug.log('SolidLogic: Unique instance created. There should only be one of these.'); + const store = rdf.graph(); + rdf.fetcher(store, { fetch: specialFetch.fetch }); // Attach a web I/O module, store.fetcher + store.updater = new rdf.UpdateManager(store); // Add real-time live updates store.updater + store.features = []; // disable automatic node merging on store load + const authn = new SolidAuthnLogic(session); + const acl = createAclLogic(store); + const containerLogic = createContainerLogic(store); + const utilityLogic = createUtilityLogic(store, acl, containerLogic); + const profile = createProfileLogic(store, authn, utilityLogic); + const chat = createChatLogic(store, profile); + const inbox = createInboxLogic(store, profile, utilityLogic, containerLogic, acl); + const typeIndex = createTypeIndexLogic(store, authn, profile, utilityLogic); + debug.log('SolidAuthnLogic initialized'); + function load(doc) { + return store.fetcher.load(doc); + } + // @@@@ use the one in rdflib.js when it is available and delete this + function updatePromise(del, ins = []) { + return new Promise((resolve, reject) => { + store.updater.update(del, ins, function (_uri, ok, errorBody) { + if (!ok) { + reject(new Error(errorBody)); + } + else { + resolve(); + } + }); // callback + }); // promise + } + function clearStore() { + store.statements.slice().forEach(store.remove.bind(store)); + } + return { + store, + authn, + acl, + inbox, + chat, + profile, + typeIndex, + load, + updatePromise, + clearStore + }; +} +//# sourceMappingURL=solidLogic.js.map \ No newline at end of file diff --git a/dist/logic/solidLogic.js.map b/dist/logic/solidLogic.js.map new file mode 100644 index 0000000..024c0b6 --- /dev/null +++ b/dist/logic/solidLogic.js.map @@ -0,0 +1 @@ +{"version":3,"file":"solidLogic.js","sourceRoot":"","sources":["../../src/logic/solidLogic.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,QAAQ,CAAA;AAE7B,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AAChD,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAA;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAA;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,6BAA6B,CAAA;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAA;AAC7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AAEzD,OAAO,KAAK,KAAK,MAAM,eAAe,CAAA;AACtC;;;;;EAKE;AACF,MAAM,UAAU,gBAAgB,CAAC,YAA4D,EAAE,OAAgB;IAE3G,KAAK,CAAC,GAAG,CAAC,0EAA0E,CAAC,CAAA;IACrF,MAAM,KAAK,GAAc,GAAG,CAAC,KAAK,EAAe,CAAA;IACjD,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,EAAC,KAAK,EAAE,YAAY,CAAC,KAAK,EAAC,CAAC,CAAA,CAAC,yCAAyC;IACzF,KAAK,CAAC,OAAO,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,KAAK,CAAC,CAAA,CAAC,2CAA2C;IACxF,KAAK,CAAC,QAAQ,GAAG,EAAE,CAAA,CAAC,+CAA+C;IAEnE,MAAM,KAAK,GAAe,IAAI,eAAe,CAAC,OAAO,CAAC,CAAA;IAEtD,MAAM,GAAG,GAAG,cAAc,CAAC,KAAK,CAAC,CAAA;IACjC,MAAM,cAAc,GAAG,oBAAoB,CAAC,KAAK,CAAC,CAAA;IAClD,MAAM,YAAY,GAAG,kBAAkB,CAAC,KAAK,EAAE,GAAG,EAAE,cAAc,CAAC,CAAA;IACnE,MAAM,OAAO,GAAG,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,YAAY,CAAC,CAAA;IAC9D,MAAM,IAAI,GAAG,eAAe,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;IAC5C,MAAM,KAAK,GAAG,gBAAgB,CAAC,KAAK,EAAE,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,GAAG,CAAC,CAAA;IACjF,MAAM,SAAS,GAAG,oBAAoB,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,YAAY,CAAC,CAAA;IAC3E,KAAK,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAA;IAExC,SAAS,IAAI,CAAC,GAAqC;QAC/C,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAClC,CAAC;IAED,qEAAqE;IACrE,SAAS,aAAa,CAClB,GAAqB,EACrB,MAAwB,EAAE;QAE1B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACvC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,IAAI,EAAE,EAAE,EAAE,SAAS;gBACxD,IAAI,CAAC,EAAE,EAAE,CAAC;oBACV,MAAM,CAAC,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC,CAAA;gBAC5B,CAAC;qBAAM,CAAC;oBACR,OAAO,EAAE,CAAA;gBACT,CAAC;YACL,CAAC,CAAC,CAAA,CAAC,WAAW;QACd,CAAC,CAAC,CAAA,CAAC,UAAU;IACjB,CAAC;IAED,SAAS,UAAU;QACf,KAAK,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAA;IAC9D,CAAC;IAED,OAAO;QACH,KAAK;QACL,KAAK;QACL,GAAG;QACH,KAAK;QACL,IAAI;QACJ,OAAO;QACP,SAAS;QACT,IAAI;QACJ,aAAa;QACb,UAAU;KACb,CAAA;AACL,CAAC"} \ No newline at end of file diff --git a/dist/logic/solidLogicSingleton.d.ts b/dist/logic/solidLogicSingleton.d.ts new file mode 100644 index 0000000..91bf75b --- /dev/null +++ b/dist/logic/solidLogicSingleton.d.ts @@ -0,0 +1,4 @@ +import { SolidLogic } from '../types'; +declare const solidLogicSingleton: SolidLogic; +export { solidLogicSingleton }; +//# sourceMappingURL=solidLogicSingleton.d.ts.map \ No newline at end of file diff --git a/dist/logic/solidLogicSingleton.d.ts.map b/dist/logic/solidLogicSingleton.d.ts.map new file mode 100644 index 0000000..7c60be0 --- /dev/null +++ b/dist/logic/solidLogicSingleton.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"solidLogicSingleton.d.ts","sourceRoot":"","sources":["../../src/logic/solidLogicSingleton.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAiCrC,QAAA,MAAM,mBAAmB,YAAyB,CAAA;AAElD,OAAO,EAAE,mBAAmB,EAAE,CAAA"} \ No newline at end of file diff --git a/dist/logic/solidLogicSingleton.js b/dist/logic/solidLogicSingleton.js new file mode 100644 index 0000000..b4d3153 --- /dev/null +++ b/dist/logic/solidLogicSingleton.js @@ -0,0 +1,31 @@ +import * as debug from '../util/debug'; +import { authSession } from '../authSession/authSession'; +import { createSolidLogic } from './solidLogic'; +const _fetch = async (url, requestInit) => { + const omitCreds = requestInit && requestInit.credentials && requestInit.credentials == 'omit'; + if (authSession.info.webId && !omitCreds) { // see https://github.com/solidos/solidos/issues/114 + // In fact fetch should respect credentials omit itself + return authSession.fetch(url, requestInit); + } + else { + return window.fetch(url, requestInit); + } +}; +// Global singleton pattern to ensure unique store across library versions +const SINGLETON_SYMBOL = Symbol.for('solid-logic-singleton'); +const globalTarget = (typeof window !== 'undefined' ? window : global); +function getOrCreateSingleton() { + if (!globalTarget[SINGLETON_SYMBOL]) { + debug.log('SolidLogic: Creating new global singleton instance.'); + globalTarget[SINGLETON_SYMBOL] = createSolidLogic({ fetch: _fetch }, authSession); + debug.log('Unique quadstore initialized.'); + } + else { + debug.log('SolidLogic: Using existing global singleton instance.'); + } + return globalTarget[SINGLETON_SYMBOL]; +} +//this const makes solidLogicSingleton global accessible in mashlib +const solidLogicSingleton = getOrCreateSingleton(); +export { solidLogicSingleton }; +//# sourceMappingURL=solidLogicSingleton.js.map \ No newline at end of file diff --git a/dist/logic/solidLogicSingleton.js.map b/dist/logic/solidLogicSingleton.js.map new file mode 100644 index 0000000..1fcbdf7 --- /dev/null +++ b/dist/logic/solidLogicSingleton.js.map @@ -0,0 +1 @@ +{"version":3,"file":"solidLogicSingleton.js","sourceRoot":"","sources":["../../src/logic/solidLogicSingleton.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,MAAM,eAAe,CAAA;AACtC,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAG/C,MAAM,MAAM,GAAG,KAAK,EAAE,GAAG,EAAE,WAAW,EAAE,EAAE;IACtC,MAAM,SAAS,GAAG,WAAW,IAAI,WAAW,CAAC,WAAW,IAAI,WAAW,CAAC,WAAW,IAAI,MAAM,CAAA;IAC7F,IAAI,WAAW,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,oDAAoD;QAC5F,uDAAuD;QACvD,OAAO,WAAW,CAAC,KAAK,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;IAC9C,CAAC;SAAM,CAAC;QACJ,OAAO,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;IACzC,CAAC;AACL,CAAC,CAAA;AAED,0EAA0E;AAC1E,MAAM,gBAAgB,GAAG,MAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAA;AAO5D,MAAM,YAAY,GAAG,CAAC,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAwB,CAAA;AAE7F,SAAS,oBAAoB;IACzB,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAClC,KAAK,CAAC,GAAG,CAAC,qDAAqD,CAAC,CAAA;QAChE,YAAY,CAAC,gBAAgB,CAAC,GAAG,gBAAgB,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,WAAW,CAAC,CAAA;QACjF,KAAK,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAA;IAC9C,CAAC;SAAM,CAAC;QACJ,KAAK,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAA;IACtE,CAAC;IACD,OAAO,YAAY,CAAC,gBAAgB,CAAE,CAAA;AAC1C,CAAC;AACD,mEAAmE;AACnE,MAAM,mBAAmB,GAAG,oBAAoB,EAAE,CAAA;AAElD,OAAO,EAAE,mBAAmB,EAAE,CAAA"} \ No newline at end of file diff --git a/dist/profile/profileLogic.d.ts b/dist/profile/profileLogic.d.ts new file mode 100644 index 0000000..3f2e781 --- /dev/null +++ b/dist/profile/profileLogic.d.ts @@ -0,0 +1,3 @@ +import { ProfileLogic } from '../types'; +export declare function createProfileLogic(store: any, authn: any, utilityLogic: any): ProfileLogic; +//# sourceMappingURL=profileLogic.d.ts.map \ No newline at end of file diff --git a/dist/profile/profileLogic.d.ts.map b/dist/profile/profileLogic.d.ts.map new file mode 100644 index 0000000..465d7ce --- /dev/null +++ b/dist/profile/profileLogic.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"profileLogic.d.ts","sourceRoot":"","sources":["../../src/profile/profileLogic.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAA;AAEvC,wBAAgB,kBAAkB,CAAC,KAAK,KAAA,EAAE,KAAK,KAAA,EAAE,YAAY,KAAA,GAAG,YAAY,CAoH3E"} \ No newline at end of file diff --git a/dist/profile/profileLogic.js b/dist/profile/profileLogic.js new file mode 100644 index 0000000..37a1c58 --- /dev/null +++ b/dist/profile/profileLogic.js @@ -0,0 +1,128 @@ +import { CrossOriginForbiddenError, FetchError, NotEditableError, SameOriginForbiddenError, UnauthorizedError, WebOperationError } from '../logic/CustomError'; +import * as debug from '../util/debug'; +import { ns as namespace } from '../util/ns'; +import { differentOrigin, suggestPreferencesFile } from '../util/utils'; +export function createProfileLogic(store, authn, utilityLogic) { + const ns = namespace; + /** + * loads the preference without throwing errors - if it can create it it does so. + * remark: it still throws error if it cannot load profile. + * @param user + * @returns undefined if preferenceFile cannot be returned or NamedNode if it can find it or create it + */ + async function silencedLoadPreferences(user) { + try { + return await loadPreferences(user); + } + catch (err) { + return undefined; + } + } + /** + * loads the preference without returning different errors if it cannot create or load it. + * remark: it also throws error if it cannot load profile. + * @param user + * @returns undefined if preferenceFile cannot be an Error or NamedNode if it can find it or create it + */ + async function loadPreferences(user) { + await loadProfile(user); + const possiblePreferencesFile = suggestPreferencesFile(user); + let preferencesFile; + try { + preferencesFile = await utilityLogic.followOrCreateLink(user, ns.space('preferencesFile'), possiblePreferencesFile, user.doc()); + } + catch (err) { + const message = `User ${user} has no pointer in profile to preferences file.`; + debug.warn(message); + // we are listing the possible errors + if (err instanceof NotEditableError) { + throw err; + } + if (err instanceof WebOperationError) { + throw err; + } + if (err instanceof UnauthorizedError) { + throw err; + } + if (err instanceof CrossOriginForbiddenError) { + throw err; + } + if (err instanceof SameOriginForbiddenError) { + throw err; + } + if (err instanceof FetchError) { + throw err; + } + throw err; + } + try { + await store.fetcher.load(preferencesFile); + } + catch (err) { // Maybe a permission problem or origin problem + const msg = `Unable to load preference of user ${user}: ${err}`; + debug.warn(msg); + if (err.response.status === 401) { + throw new UnauthorizedError(); + } + if (err.response.status === 403) { + if (differentOrigin(preferencesFile)) { + throw new CrossOriginForbiddenError(); + } + throw new SameOriginForbiddenError(); + } + /*if (err.response.status === 404) { + throw new NotFoundError(); + }*/ + throw new Error(msg); + } + return preferencesFile; + } + async function loadProfile(user) { + if (!user) { + throw new Error('loadProfile: no user given.'); + } + try { + await store.fetcher.load(user.doc()); + } + catch (err) { + throw new Error(`Unable to load profile of user ${user}: ${err}`); + } + return user.doc(); + } + async function loadMe() { + const me = authn.currentUser(); + if (me === null) { + throw new Error('Current user not found! Not logged in?'); + } + await store.fetcher.load(me.doc()); + return me; + } + function getPodRoot(user) { + const podRoot = findStorage(user); + if (!podRoot) { + throw new Error('User pod root not found!'); + } + return podRoot; + } + async function getMainInbox(user) { + await store.fetcher.load(user); + const mainInbox = store.any(user, ns.ldp('inbox'), undefined, user.doc()); + if (!mainInbox) { + throw new Error('User main inbox not found!'); + } + return mainInbox; + } + function findStorage(me) { + return store.any(me, ns.space('storage'), undefined, me.doc()); + } + return { + loadMe, + getPodRoot, + getMainInbox, + findStorage, + loadPreferences, + loadProfile, + silencedLoadPreferences + }; +} +//# sourceMappingURL=profileLogic.js.map \ No newline at end of file diff --git a/dist/profile/profileLogic.js.map b/dist/profile/profileLogic.js.map new file mode 100644 index 0000000..0958fcf --- /dev/null +++ b/dist/profile/profileLogic.js.map @@ -0,0 +1 @@ +{"version":3,"file":"profileLogic.js","sourceRoot":"","sources":["../../src/profile/profileLogic.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,yBAAyB,EAAE,UAAU,EAAE,gBAAgB,EAAE,wBAAwB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AAC9J,OAAO,KAAK,KAAK,MAAM,eAAe,CAAA;AACtC,OAAO,EAAE,EAAE,IAAI,SAAS,EAAE,MAAM,YAAY,CAAA;AAC5C,OAAO,EAAE,eAAe,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAA;AAGvE,MAAM,UAAU,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,YAAY;IACzD,MAAM,EAAE,GAAG,SAAS,CAAA;IAEpB;;;;;OAKG;IACH,KAAK,UAAU,uBAAuB,CAAC,IAAe;QAClD,IAAI,CAAC;YACD,OAAO,MAAM,eAAe,CAAC,IAAI,CAAC,CAAA;QACtC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,OAAO,SAAS,CAAA;QACpB,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,UAAU,eAAe,CAAE,IAAe;QAC3C,MAAM,WAAW,CAAC,IAAI,CAAC,CAAA;QAEvB,MAAM,uBAAuB,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAA;QAC5D,IAAI,eAAe,CAAA;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,iBAAiB,CAAc,EAAE,uBAAuB,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAA;QAChJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,QAAQ,IAAI,iDAAiD,CAAA;YAC7E,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;YACnB,qCAAqC;YACrC,IAAI,GAAG,YAAY,gBAAgB,EAAE,CAAC;gBAAC,MAAM,GAAG,CAAA;YAAC,CAAC;YAClD,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAAC,MAAM,GAAG,CAAA;YAAC,CAAC;YACnD,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAAC,MAAM,GAAG,CAAA;YAAC,CAAC;YACnD,IAAI,GAAG,YAAY,yBAAyB,EAAE,CAAC;gBAAC,MAAM,GAAG,CAAA;YAAC,CAAC;YAC3D,IAAI,GAAG,YAAY,wBAAwB,EAAE,CAAC;gBAAC,MAAM,GAAG,CAAA;YAAC,CAAC;YAC1D,IAAI,GAAG,YAAY,UAAU,EAAE,CAAC;gBAAC,MAAM,GAAG,CAAA;YAAC,CAAC;YAC5C,MAAM,GAAG,CAAA;QACb,CAAC;QAED,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,eAA4B,CAAC,CAAA;QAC1D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC,CAAC,+CAA+C;YAC3D,MAAM,GAAG,GAAG,qCAAqC,IAAI,KAAK,GAAG,EAAE,CAAA;YAC/D,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YACf,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC9B,MAAM,IAAI,iBAAiB,EAAE,CAAA;YACjC,CAAC;YACD,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC9B,IAAI,eAAe,CAAC,eAAe,CAAC,EAAE,CAAC;oBACvC,MAAM,IAAI,yBAAyB,EAAE,CAAA;gBACrC,CAAC;gBACD,MAAM,IAAI,wBAAwB,EAAE,CAAA;YACxC,CAAC;YACD;;eAEG;YACH,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,CAAA;QACxB,CAAC;QACD,OAAO,eAA4B,CAAA;IACvC,CAAC;IAED,KAAK,UAAU,WAAW,CAAE,IAAe;QACvC,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;QAClD,CAAC;QACD,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAA;QACxC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,kCAAkC,IAAI,KAAK,GAAG,EAAE,CAAC,CAAA;QACrE,CAAC;QACD,OAAO,IAAI,CAAC,GAAG,EAAE,CAAA;IACrB,CAAC;IAED,KAAK,UAAU,MAAM;QACjB,MAAM,EAAE,GAAG,KAAK,CAAC,WAAW,EAAE,CAAA;QAC9B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAA;QAC7D,CAAC;QACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAA;QAClC,OAAO,EAAE,CAAA;IACb,CAAC;IAED,SAAS,UAAU,CAAC,IAAe;QAC/B,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,CAAA;QACjC,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;QAC/C,CAAC;QACD,OAAO,OAAoB,CAAA;IAC/B,CAAC;IAED,KAAK,UAAU,YAAY,CAAC,IAAe;QACvC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC9B,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAA;QACzE,IAAI,CAAC,SAAS,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAA;QACjD,CAAC;QACD,OAAO,SAAsB,CAAA;IACjC,CAAC;IAED,SAAS,WAAW,CAAC,EAAa;QAC9B,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAA;IAClE,CAAC;IAED,OAAO;QACH,MAAM;QACN,UAAU;QACV,YAAY;QACZ,WAAW;QACX,eAAe;QACf,WAAW;QACX,uBAAuB;KAC1B,CAAA;AACL,CAAC"} \ No newline at end of file diff --git a/dist/solid-logic.esm.js b/dist/solid-logic.esm.js new file mode 100644 index 0000000..f4125bd --- /dev/null +++ b/dist/solid-logic.esm.js @@ -0,0 +1,4175 @@ +import * as __WEBPACK_EXTERNAL_MODULE_rdflib__ from "rdflib"; +/******/ var __webpack_modules__ = ({ + +/***/ 386 +(module) { + +/** + * Provides a way to access commonly used namespaces + * + * Usage: + * + * ``` + * const $rdf = require('rdflib'); //or any other RDF/JS-compatible library + * const ns = require('solid-namespace')($rdf); + * const store = $rdf.graph(); + * + * let me = ...; + * let name = store.any(me, ns.vcard(‘fn’)) || store.any(me, ns.foaf(‘name’)); + * ``` + * @module vocab + */ +const aliases = { + acl: 'http://www.w3.org/ns/auth/acl#', + arg: 'http://www.w3.org/ns/pim/arg#', + as: 'https://www.w3.org/ns/activitystreams#', + bookmark: 'http://www.w3.org/2002/01/bookmark#', + cal: 'http://www.w3.org/2002/12/cal/ical#', + cco: 'http://www.ontologyrepository.com/CommonCoreOntologies/', + cert: 'http://www.w3.org/ns/auth/cert#', + contact: 'http://www.w3.org/2000/10/swap/pim/contact#', + dc: 'http://purl.org/dc/elements/1.1/', + dct: 'http://purl.org/dc/terms/', + doap: 'http://usefulinc.com/ns/doap#', + foaf: 'http://xmlns.com/foaf/0.1/', + geo: 'http://www.w3.org/2003/01/geo/wgs84_pos#', + gpx: 'http://www.w3.org/ns/pim/gpx#', + gr: 'http://purl.org/goodrelations/v1#', + http: 'http://www.w3.org/2007/ont/http#', + httph: 'http://www.w3.org/2007/ont/httph#', + icalTZ: 'http://www.w3.org/2002/12/cal/icaltzd#', // Beware: not cal: + ldp: 'http://www.w3.org/ns/ldp#', + link: 'http://www.w3.org/2007/ont/link#', + log: 'http://www.w3.org/2000/10/swap/log#', + meeting: 'http://www.w3.org/ns/pim/meeting#', + mo: 'http://purl.org/ontology/mo/', + org: 'http://www.w3.org/ns/org#', + owl: 'http://www.w3.org/2002/07/owl#', + pad: 'http://www.w3.org/ns/pim/pad#', + patch: 'http://www.w3.org/ns/pim/patch#', + prov: 'http://www.w3.org/ns/prov#', + pto: 'http://www.productontology.org/id/', + qu: 'http://www.w3.org/2000/10/swap/pim/qif#', + trip: 'http://www.w3.org/ns/pim/trip#', + rdf: 'http://www.w3.org/1999/02/22-rdf-syntax-ns#', + rdfs: 'http://www.w3.org/2000/01/rdf-schema#', + rss: 'http://purl.org/rss/1.0/', + sched: 'http://www.w3.org/ns/pim/schedule#', + schema: 'http://schema.org/', // @@ beware confusion with documents no 303 + sioc: 'http://rdfs.org/sioc/ns#', + skos: 'http://www.w3.org/2004/02/skos/core#', + solid: 'http://www.w3.org/ns/solid/terms#', + space: 'http://www.w3.org/ns/pim/space#', + stat: 'http://www.w3.org/ns/posix/stat#', + tab: 'http://www.w3.org/2007/ont/link#', + tabont: 'http://www.w3.org/2007/ont/link#', + ui: 'http://www.w3.org/ns/ui#', + vann: 'http://purl.org/vocab/vann/', + vcard: 'http://www.w3.org/2006/vcard/ns#', + wf: 'http://www.w3.org/2005/01/wf/flow#', + xsd: 'http://www.w3.org/2001/XMLSchema#', +} + +/** + * @param [rdflib] {RDF} Optional RDF Library (such as rdflib.js or rdf-ext) to inject + */ +function vocab (rdf = { namedNode: u => u }) { + const namespaces = {} + for (const alias in aliases) { + const expansion = aliases[alias] + namespaces[alias] = function (localName = '') { + return rdf.namedNode(expansion + localName) + } + }; + + return namespaces +}; + +module.exports = vocab + + +/***/ } + +/******/ }); +/************************************************************************/ +/******/ // The module cache +/******/ var __webpack_module_cache__ = {}; +/******/ +/******/ // The require function +/******/ function __webpack_require__(moduleId) { +/******/ // Check if module is in cache +/******/ var cachedModule = __webpack_module_cache__[moduleId]; +/******/ if (cachedModule !== undefined) { +/******/ return cachedModule.exports; +/******/ } +/******/ // Create a new module (and put it into the cache) +/******/ var module = __webpack_module_cache__[moduleId] = { +/******/ // no module.id needed +/******/ // no module.loaded needed +/******/ exports: {} +/******/ }; +/******/ +/******/ // Execute the module function +/******/ __webpack_modules__[moduleId](module, module.exports, __webpack_require__); +/******/ +/******/ // Return the exports of the module +/******/ return module.exports; +/******/ } +/******/ +/************************************************************************/ +/******/ /* webpack/runtime/compat get default export */ +/******/ (() => { +/******/ // getDefaultExport function for compatibility with non-harmony modules +/******/ __webpack_require__.n = (module) => { +/******/ var getter = module && module.__esModule ? +/******/ () => (module['default']) : +/******/ () => (module); +/******/ __webpack_require__.d(getter, { a: getter }); +/******/ return getter; +/******/ }; +/******/ })(); +/******/ +/******/ /* webpack/runtime/define property getters */ +/******/ (() => { +/******/ // define getter functions for harmony exports +/******/ __webpack_require__.d = (exports, definition) => { +/******/ for(var key in definition) { +/******/ if(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) { +/******/ Object.defineProperty(exports, key, { enumerable: true, get: definition[key] }); +/******/ } +/******/ } +/******/ }; +/******/ })(); +/******/ +/******/ /* webpack/runtime/global */ +/******/ (() => { +/******/ __webpack_require__.g = (function() { +/******/ if (typeof globalThis === 'object') return globalThis; +/******/ try { +/******/ return this || new Function('return this')(); +/******/ } catch (e) { +/******/ if (typeof window === 'object') return window; +/******/ } +/******/ })(); +/******/ })(); +/******/ +/******/ /* webpack/runtime/hasOwnProperty shorthand */ +/******/ (() => { +/******/ __webpack_require__.o = (obj, prop) => (Object.prototype.hasOwnProperty.call(obj, prop)) +/******/ })(); +/******/ +/************************************************************************/ +var __webpack_exports__ = {}; + +;// ./src/util/debug.ts +function log(...args) { + console.log(...args); +} +function warn(...args) { + console.warn(...args); +} +function error(...args) { + console.error(...args); +} +function trace(...args) { + console.trace(...args); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/webcrypto.js +/* harmony default export */ const webcrypto = (crypto); +const isCryptoKey = (key) => key instanceof CryptoKey; + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/invalid_key_input.js +function message(msg, actual, ...types) { + types = types.filter(Boolean); + if (types.length > 2) { + const last = types.pop(); + msg += `one of type ${types.join(', ')}, or ${last}.`; + } + else if (types.length === 2) { + msg += `one of type ${types[0]} or ${types[1]}.`; + } + else { + msg += `of type ${types[0]}.`; + } + if (actual == null) { + msg += ` Received ${actual}`; + } + else if (typeof actual === 'function' && actual.name) { + msg += ` Received function ${actual.name}`; + } + else if (typeof actual === 'object' && actual != null) { + if (actual.constructor?.name) { + msg += ` Received an instance of ${actual.constructor.name}`; + } + } + return msg; +} +/* harmony default export */ const invalid_key_input = ((actual, ...types) => { + return message('Key must be ', actual, ...types); +}); +function withAlg(alg, actual, ...types) { + return message(`Key for the ${alg} algorithm must be `, actual, ...types); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/buffer_utils.js + +const encoder = new TextEncoder(); +const decoder = new TextDecoder(); +const MAX_INT32 = (/* unused pure expression or super */ null && (2 ** 32)); +function concat(...buffers) { + const size = buffers.reduce((acc, { length }) => acc + length, 0); + const buf = new Uint8Array(size); + let i = 0; + for (const buffer of buffers) { + buf.set(buffer, i); + i += buffer.length; + } + return buf; +} +function p2s(alg, p2sInput) { + return concat(encoder.encode(alg), new Uint8Array([0]), p2sInput); +} +function writeUInt32BE(buf, value, offset) { + if (value < 0 || value >= MAX_INT32) { + throw new RangeError(`value must be >= 0 and <= ${MAX_INT32 - 1}. Received ${value}`); + } + buf.set([value >>> 24, value >>> 16, value >>> 8, value & 0xff], offset); +} +function uint64be(value) { + const high = Math.floor(value / MAX_INT32); + const low = value % MAX_INT32; + const buf = new Uint8Array(8); + writeUInt32BE(buf, high, 0); + writeUInt32BE(buf, low, 4); + return buf; +} +function uint32be(value) { + const buf = new Uint8Array(4); + writeUInt32BE(buf, value); + return buf; +} +function lengthAndInput(input) { + return concat(uint32be(input.length), input); +} +async function concatKdf(secret, bits, value) { + const iterations = Math.ceil((bits >> 3) / 32); + const res = new Uint8Array(iterations * 32); + for (let iter = 0; iter < iterations; iter++) { + const buf = new Uint8Array(4 + secret.length + value.length); + buf.set(uint32be(iter + 1)); + buf.set(secret, 4); + buf.set(value, 4 + secret.length); + res.set(await digest('sha256', buf), iter * 32); + } + return res.slice(0, bits >> 3); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/base64url.js + +const encodeBase64 = (input) => { + let unencoded = input; + if (typeof unencoded === 'string') { + unencoded = encoder.encode(unencoded); + } + const CHUNK_SIZE = 0x8000; + const arr = []; + for (let i = 0; i < unencoded.length; i += CHUNK_SIZE) { + arr.push(String.fromCharCode.apply(null, unencoded.subarray(i, i + CHUNK_SIZE))); + } + return btoa(arr.join('')); +}; +const encode = (input) => { + return encodeBase64(input).replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_'); +}; +const decodeBase64 = (encoded) => { + const binary = atob(encoded); + const bytes = new Uint8Array(binary.length); + for (let i = 0; i < binary.length; i++) { + bytes[i] = binary.charCodeAt(i); + } + return bytes; +}; +const decode = (input) => { + let encoded = input; + if (encoded instanceof Uint8Array) { + encoded = decoder.decode(encoded); + } + encoded = encoded.replace(/-/g, '+').replace(/_/g, '/').replace(/\s/g, ''); + try { + return decodeBase64(encoded); + } + catch { + throw new TypeError('The input to be decoded is not correctly encoded.'); + } +}; + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/is_key_like.js + +/* harmony default export */ const is_key_like = ((key) => { + if (isCryptoKey(key)) { + return true; + } + return key?.[Symbol.toStringTag] === 'KeyObject'; +}); +const types = ['CryptoKey']; + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/key_to_jwk.js + + + + +const keyToJWK = async (key) => { + if (key instanceof Uint8Array) { + return { + kty: 'oct', + k: encode(key), + }; + } + if (!isCryptoKey(key)) { + throw new TypeError(invalid_key_input(key, ...types, 'Uint8Array')); + } + if (!key.extractable) { + throw new TypeError('non-extractable CryptoKey cannot be exported as a JWK'); + } + const { ext, key_ops, alg, use, ...jwk } = await webcrypto.subtle.exportKey('jwk', key); + return jwk; +}; +/* harmony default export */ const key_to_jwk = (keyToJWK); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/key/export.js + + + +async function exportSPKI(key) { + return exportPublic(key); +} +async function exportPKCS8(key) { + return exportPrivate(key); +} +async function exportJWK(key) { + return key_to_jwk(key); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/util/errors.js +class JOSEError extends Error { + constructor(message, options) { + super(message, options); + this.code = 'ERR_JOSE_GENERIC'; + this.name = this.constructor.name; + Error.captureStackTrace?.(this, this.constructor); + } +} +JOSEError.code = 'ERR_JOSE_GENERIC'; +class JWTClaimValidationFailed extends JOSEError { + constructor(message, payload, claim = 'unspecified', reason = 'unspecified') { + super(message, { cause: { claim, reason, payload } }); + this.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED'; + this.claim = claim; + this.reason = reason; + this.payload = payload; + } +} +JWTClaimValidationFailed.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED'; +class JWTExpired extends JOSEError { + constructor(message, payload, claim = 'unspecified', reason = 'unspecified') { + super(message, { cause: { claim, reason, payload } }); + this.code = 'ERR_JWT_EXPIRED'; + this.claim = claim; + this.reason = reason; + this.payload = payload; + } +} +JWTExpired.code = 'ERR_JWT_EXPIRED'; +class JOSEAlgNotAllowed extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JOSE_ALG_NOT_ALLOWED'; + } +} +JOSEAlgNotAllowed.code = 'ERR_JOSE_ALG_NOT_ALLOWED'; +class errors_JOSENotSupported extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JOSE_NOT_SUPPORTED'; + } +} +errors_JOSENotSupported.code = 'ERR_JOSE_NOT_SUPPORTED'; +class JWEDecryptionFailed extends JOSEError { + constructor(message = 'decryption operation failed', options) { + super(message, options); + this.code = 'ERR_JWE_DECRYPTION_FAILED'; + } +} +JWEDecryptionFailed.code = 'ERR_JWE_DECRYPTION_FAILED'; +class JWEInvalid extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JWE_INVALID'; + } +} +JWEInvalid.code = 'ERR_JWE_INVALID'; +class JWSInvalid extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JWS_INVALID'; + } +} +JWSInvalid.code = 'ERR_JWS_INVALID'; +class JWTInvalid extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JWT_INVALID'; + } +} +JWTInvalid.code = 'ERR_JWT_INVALID'; +class JWKInvalid extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JWK_INVALID'; + } +} +JWKInvalid.code = 'ERR_JWK_INVALID'; +class JWKSInvalid extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JWKS_INVALID'; + } +} +JWKSInvalid.code = 'ERR_JWKS_INVALID'; +class JWKSNoMatchingKey extends JOSEError { + constructor(message = 'no applicable key found in the JSON Web Key Set', options) { + super(message, options); + this.code = 'ERR_JWKS_NO_MATCHING_KEY'; + } +} +JWKSNoMatchingKey.code = 'ERR_JWKS_NO_MATCHING_KEY'; +class JWKSMultipleMatchingKeys extends JOSEError { + constructor(message = 'multiple matching keys found in the JSON Web Key Set', options) { + super(message, options); + this.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS'; + } +} +Symbol.asyncIterator; +JWKSMultipleMatchingKeys.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS'; +class JWKSTimeout extends JOSEError { + constructor(message = 'request timed out', options) { + super(message, options); + this.code = 'ERR_JWKS_TIMEOUT'; + } +} +JWKSTimeout.code = 'ERR_JWKS_TIMEOUT'; +class JWSSignatureVerificationFailed extends JOSEError { + constructor(message = 'signature verification failed', options) { + super(message, options); + this.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED'; + } +} +JWSSignatureVerificationFailed.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED'; + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/subtle_dsa.js + +function subtleDsa(alg, algorithm) { + const hash = `SHA-${alg.slice(-3)}`; + switch (alg) { + case 'HS256': + case 'HS384': + case 'HS512': + return { hash, name: 'HMAC' }; + case 'PS256': + case 'PS384': + case 'PS512': + return { hash, name: 'RSA-PSS', saltLength: alg.slice(-3) >> 3 }; + case 'RS256': + case 'RS384': + case 'RS512': + return { hash, name: 'RSASSA-PKCS1-v1_5' }; + case 'ES256': + case 'ES384': + case 'ES512': + return { hash, name: 'ECDSA', namedCurve: algorithm.namedCurve }; + case 'Ed25519': + return { name: 'Ed25519' }; + case 'EdDSA': + return { name: algorithm.name }; + default: + throw new errors_JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`); + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/check_key_length.js +/* harmony default export */ const check_key_length = ((alg, key) => { + if (alg.startsWith('RS') || alg.startsWith('PS')) { + const { modulusLength } = key.algorithm; + if (typeof modulusLength !== 'number' || modulusLength < 2048) { + throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`); + } + } +}); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/crypto_key.js +function unusable(name, prop = 'algorithm.name') { + return new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`); +} +function isAlgorithm(algorithm, name) { + return algorithm.name === name; +} +function getHashLength(hash) { + return parseInt(hash.name.slice(4), 10); +} +function getNamedCurve(alg) { + switch (alg) { + case 'ES256': + return 'P-256'; + case 'ES384': + return 'P-384'; + case 'ES512': + return 'P-521'; + default: + throw new Error('unreachable'); + } +} +function checkUsage(key, usages) { + if (usages.length && !usages.some((expected) => key.usages.includes(expected))) { + let msg = 'CryptoKey does not support this operation, its usages must include '; + if (usages.length > 2) { + const last = usages.pop(); + msg += `one of ${usages.join(', ')}, or ${last}.`; + } + else if (usages.length === 2) { + msg += `one of ${usages[0]} or ${usages[1]}.`; + } + else { + msg += `${usages[0]}.`; + } + throw new TypeError(msg); + } +} +function checkSigCryptoKey(key, alg, ...usages) { + switch (alg) { + case 'HS256': + case 'HS384': + case 'HS512': { + if (!isAlgorithm(key.algorithm, 'HMAC')) + throw unusable('HMAC'); + const expected = parseInt(alg.slice(2), 10); + const actual = getHashLength(key.algorithm.hash); + if (actual !== expected) + throw unusable(`SHA-${expected}`, 'algorithm.hash'); + break; + } + case 'RS256': + case 'RS384': + case 'RS512': { + if (!isAlgorithm(key.algorithm, 'RSASSA-PKCS1-v1_5')) + throw unusable('RSASSA-PKCS1-v1_5'); + const expected = parseInt(alg.slice(2), 10); + const actual = getHashLength(key.algorithm.hash); + if (actual !== expected) + throw unusable(`SHA-${expected}`, 'algorithm.hash'); + break; + } + case 'PS256': + case 'PS384': + case 'PS512': { + if (!isAlgorithm(key.algorithm, 'RSA-PSS')) + throw unusable('RSA-PSS'); + const expected = parseInt(alg.slice(2), 10); + const actual = getHashLength(key.algorithm.hash); + if (actual !== expected) + throw unusable(`SHA-${expected}`, 'algorithm.hash'); + break; + } + case 'EdDSA': { + if (key.algorithm.name !== 'Ed25519' && key.algorithm.name !== 'Ed448') { + throw unusable('Ed25519 or Ed448'); + } + break; + } + case 'Ed25519': { + if (!isAlgorithm(key.algorithm, 'Ed25519')) + throw unusable('Ed25519'); + break; + } + case 'ES256': + case 'ES384': + case 'ES512': { + if (!isAlgorithm(key.algorithm, 'ECDSA')) + throw unusable('ECDSA'); + const expected = getNamedCurve(alg); + const actual = key.algorithm.namedCurve; + if (actual !== expected) + throw unusable(expected, 'algorithm.namedCurve'); + break; + } + default: + throw new TypeError('CryptoKey does not support this operation'); + } + checkUsage(key, usages); +} +function checkEncCryptoKey(key, alg, ...usages) { + switch (alg) { + case 'A128GCM': + case 'A192GCM': + case 'A256GCM': { + if (!isAlgorithm(key.algorithm, 'AES-GCM')) + throw unusable('AES-GCM'); + const expected = parseInt(alg.slice(1, 4), 10); + const actual = key.algorithm.length; + if (actual !== expected) + throw unusable(expected, 'algorithm.length'); + break; + } + case 'A128KW': + case 'A192KW': + case 'A256KW': { + if (!isAlgorithm(key.algorithm, 'AES-KW')) + throw unusable('AES-KW'); + const expected = parseInt(alg.slice(1, 4), 10); + const actual = key.algorithm.length; + if (actual !== expected) + throw unusable(expected, 'algorithm.length'); + break; + } + case 'ECDH': { + switch (key.algorithm.name) { + case 'ECDH': + case 'X25519': + case 'X448': + break; + default: + throw unusable('ECDH, X25519, or X448'); + } + break; + } + case 'PBES2-HS256+A128KW': + case 'PBES2-HS384+A192KW': + case 'PBES2-HS512+A256KW': + if (!isAlgorithm(key.algorithm, 'PBKDF2')) + throw unusable('PBKDF2'); + break; + case 'RSA-OAEP': + case 'RSA-OAEP-256': + case 'RSA-OAEP-384': + case 'RSA-OAEP-512': { + if (!isAlgorithm(key.algorithm, 'RSA-OAEP')) + throw unusable('RSA-OAEP'); + const expected = parseInt(alg.slice(9), 10) || 1; + const actual = getHashLength(key.algorithm.hash); + if (actual !== expected) + throw unusable(`SHA-${expected}`, 'algorithm.hash'); + break; + } + default: + throw new TypeError('CryptoKey does not support this operation'); + } + checkUsage(key, usages); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_object.js +function isObjectLike(value) { + return typeof value === 'object' && value !== null; +} +function isObject(input) { + if (!isObjectLike(input) || Object.prototype.toString.call(input) !== '[object Object]') { + return false; + } + if (Object.getPrototypeOf(input) === null) { + return true; + } + let proto = input; + while (Object.getPrototypeOf(proto) !== null) { + proto = Object.getPrototypeOf(proto); + } + return Object.getPrototypeOf(input) === proto; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_jwk.js + +function isJWK(key) { + return isObject(key) && typeof key.kty === 'string'; +} +function isPrivateJWK(key) { + return key.kty !== 'oct' && typeof key.d === 'string'; +} +function isPublicJWK(key) { + return key.kty !== 'oct' && typeof key.d === 'undefined'; +} +function isSecretJWK(key) { + return isJWK(key) && key.kty === 'oct' && typeof key.k === 'string'; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/jwk_to_key.js + + +function subtleMapping(jwk) { + let algorithm; + let keyUsages; + switch (jwk.kty) { + case 'RSA': { + switch (jwk.alg) { + case 'PS256': + case 'PS384': + case 'PS512': + algorithm = { name: 'RSA-PSS', hash: `SHA-${jwk.alg.slice(-3)}` }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'RS256': + case 'RS384': + case 'RS512': + algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${jwk.alg.slice(-3)}` }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'RSA-OAEP': + case 'RSA-OAEP-256': + case 'RSA-OAEP-384': + case 'RSA-OAEP-512': + algorithm = { + name: 'RSA-OAEP', + hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`, + }; + keyUsages = jwk.d ? ['decrypt', 'unwrapKey'] : ['encrypt', 'wrapKey']; + break; + default: + throw new errors_JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value'); + } + break; + } + case 'EC': { + switch (jwk.alg) { + case 'ES256': + algorithm = { name: 'ECDSA', namedCurve: 'P-256' }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'ES384': + algorithm = { name: 'ECDSA', namedCurve: 'P-384' }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'ES512': + algorithm = { name: 'ECDSA', namedCurve: 'P-521' }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'ECDH-ES': + case 'ECDH-ES+A128KW': + case 'ECDH-ES+A192KW': + case 'ECDH-ES+A256KW': + algorithm = { name: 'ECDH', namedCurve: jwk.crv }; + keyUsages = jwk.d ? ['deriveBits'] : []; + break; + default: + throw new errors_JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value'); + } + break; + } + case 'OKP': { + switch (jwk.alg) { + case 'Ed25519': + algorithm = { name: 'Ed25519' }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'EdDSA': + algorithm = { name: jwk.crv }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'ECDH-ES': + case 'ECDH-ES+A128KW': + case 'ECDH-ES+A192KW': + case 'ECDH-ES+A256KW': + algorithm = { name: jwk.crv }; + keyUsages = jwk.d ? ['deriveBits'] : []; + break; + default: + throw new errors_JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value'); + } + break; + } + default: + throw new errors_JOSENotSupported('Invalid or unsupported JWK "kty" (Key Type) Parameter value'); + } + return { algorithm, keyUsages }; +} +const parse = async (jwk) => { + if (!jwk.alg) { + throw new TypeError('"alg" argument is required when "jwk.alg" is not present'); + } + const { algorithm, keyUsages } = subtleMapping(jwk); + const rest = [ + algorithm, + jwk.ext ?? false, + jwk.key_ops ?? keyUsages, + ]; + const keyData = { ...jwk }; + delete keyData.alg; + delete keyData.use; + return webcrypto.subtle.importKey('jwk', keyData, ...rest); +}; +/* harmony default export */ const jwk_to_key = (parse); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/normalize_key.js + + + +const exportKeyValue = (k) => decode(k); +let privCache; +let pubCache; +const isKeyObject = (key) => { + return key?.[Symbol.toStringTag] === 'KeyObject'; +}; +const importAndCache = async (cache, key, jwk, alg, freeze = false) => { + let cached = cache.get(key); + if (cached?.[alg]) { + return cached[alg]; + } + const cryptoKey = await jwk_to_key({ ...jwk, alg }); + if (freeze) + Object.freeze(key); + if (!cached) { + cache.set(key, { [alg]: cryptoKey }); + } + else { + cached[alg] = cryptoKey; + } + return cryptoKey; +}; +const normalizePublicKey = (key, alg) => { + if (isKeyObject(key)) { + let jwk = key.export({ format: 'jwk' }); + delete jwk.d; + delete jwk.dp; + delete jwk.dq; + delete jwk.p; + delete jwk.q; + delete jwk.qi; + if (jwk.k) { + return exportKeyValue(jwk.k); + } + pubCache || (pubCache = new WeakMap()); + return importAndCache(pubCache, key, jwk, alg); + } + if (isJWK(key)) { + if (key.k) + return decode(key.k); + pubCache || (pubCache = new WeakMap()); + const cryptoKey = importAndCache(pubCache, key, key, alg, true); + return cryptoKey; + } + return key; +}; +const normalizePrivateKey = (key, alg) => { + if (isKeyObject(key)) { + let jwk = key.export({ format: 'jwk' }); + if (jwk.k) { + return exportKeyValue(jwk.k); + } + privCache || (privCache = new WeakMap()); + return importAndCache(privCache, key, jwk, alg); + } + if (isJWK(key)) { + if (key.k) + return decode(key.k); + privCache || (privCache = new WeakMap()); + const cryptoKey = importAndCache(privCache, key, key, alg, true); + return cryptoKey; + } + return key; +}; +/* harmony default export */ const normalize_key = ({ normalizePublicKey, normalizePrivateKey }); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/get_sign_verify_key.js + + + + + +async function getCryptoKey(alg, key, usage) { + if (usage === 'sign') { + key = await normalize_key.normalizePrivateKey(key, alg); + } + if (usage === 'verify') { + key = await normalize_key.normalizePublicKey(key, alg); + } + if (isCryptoKey(key)) { + checkSigCryptoKey(key, alg, usage); + return key; + } + if (key instanceof Uint8Array) { + if (!alg.startsWith('HS')) { + throw new TypeError(invalid_key_input(key, ...types)); + } + return webcrypto.subtle.importKey('raw', key, { hash: `SHA-${alg.slice(-3)}`, name: 'HMAC' }, false, [usage]); + } + throw new TypeError(invalid_key_input(key, ...types, 'Uint8Array', 'JSON Web Key')); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/sign.js + + + + +const sign = async (alg, key, data) => { + const cryptoKey = await getCryptoKey(alg, key, 'sign'); + check_key_length(alg, cryptoKey); + const signature = await webcrypto.subtle.sign(subtleDsa(alg, cryptoKey.algorithm), cryptoKey, data); + return new Uint8Array(signature); +}; +/* harmony default export */ const runtime_sign = (sign); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_disjoint.js +const isDisjoint = (...headers) => { + const sources = headers.filter(Boolean); + if (sources.length === 0 || sources.length === 1) { + return true; + } + let acc; + for (const header of sources) { + const parameters = Object.keys(header); + if (!acc || acc.size === 0) { + acc = new Set(parameters); + continue; + } + for (const parameter of parameters) { + if (acc.has(parameter)) { + return false; + } + acc.add(parameter); + } + } + return true; +}; +/* harmony default export */ const is_disjoint = (isDisjoint); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/check_key_type.js + + + +const tag = (key) => key?.[Symbol.toStringTag]; +const jwkMatchesOp = (alg, key, usage) => { + if (key.use !== undefined && key.use !== 'sig') { + throw new TypeError('Invalid key for this operation, when present its use must be sig'); + } + if (key.key_ops !== undefined && key.key_ops.includes?.(usage) !== true) { + throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${usage}`); + } + if (key.alg !== undefined && key.alg !== alg) { + throw new TypeError(`Invalid key for this operation, when present its alg must be ${alg}`); + } + return true; +}; +const symmetricTypeCheck = (alg, key, usage, allowJwk) => { + if (key instanceof Uint8Array) + return; + if (allowJwk && isJWK(key)) { + if (isSecretJWK(key) && jwkMatchesOp(alg, key, usage)) + return; + throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present`); + } + if (!is_key_like(key)) { + throw new TypeError(withAlg(alg, key, ...types, 'Uint8Array', allowJwk ? 'JSON Web Key' : null)); + } + if (key.type !== 'secret') { + throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type "secret"`); + } +}; +const asymmetricTypeCheck = (alg, key, usage, allowJwk) => { + if (allowJwk && isJWK(key)) { + switch (usage) { + case 'sign': + if (isPrivateJWK(key) && jwkMatchesOp(alg, key, usage)) + return; + throw new TypeError(`JSON Web Key for this operation be a private JWK`); + case 'verify': + if (isPublicJWK(key) && jwkMatchesOp(alg, key, usage)) + return; + throw new TypeError(`JSON Web Key for this operation be a public JWK`); + } + } + if (!is_key_like(key)) { + throw new TypeError(withAlg(alg, key, ...types, allowJwk ? 'JSON Web Key' : null)); + } + if (key.type === 'secret') { + throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type "secret"`); + } + if (usage === 'sign' && key.type === 'public') { + throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type "private"`); + } + if (usage === 'decrypt' && key.type === 'public') { + throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type "private"`); + } + if (key.algorithm && usage === 'verify' && key.type === 'private') { + throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type "public"`); + } + if (key.algorithm && usage === 'encrypt' && key.type === 'private') { + throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type "public"`); + } +}; +function checkKeyType(allowJwk, alg, key, usage) { + const symmetric = alg.startsWith('HS') || + alg === 'dir' || + alg.startsWith('PBES2') || + /^A\d{3}(?:GCM)?KW$/.test(alg); + if (symmetric) { + symmetricTypeCheck(alg, key, usage, allowJwk); + } + else { + asymmetricTypeCheck(alg, key, usage, allowJwk); + } +} +/* harmony default export */ const check_key_type = (checkKeyType.bind(undefined, false)); +const checkKeyTypeWithJwk = checkKeyType.bind(undefined, true); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_crit.js + +function validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) { + if (joseHeader.crit !== undefined && protectedHeader?.crit === undefined) { + throw new Err('"crit" (Critical) Header Parameter MUST be integrity protected'); + } + if (!protectedHeader || protectedHeader.crit === undefined) { + return new Set(); + } + if (!Array.isArray(protectedHeader.crit) || + protectedHeader.crit.length === 0 || + protectedHeader.crit.some((input) => typeof input !== 'string' || input.length === 0)) { + throw new Err('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present'); + } + let recognized; + if (recognizedOption !== undefined) { + recognized = new Map([...Object.entries(recognizedOption), ...recognizedDefault.entries()]); + } + else { + recognized = recognizedDefault; + } + for (const parameter of protectedHeader.crit) { + if (!recognized.has(parameter)) { + throw new errors_JOSENotSupported(`Extension Header Parameter "${parameter}" is not recognized`); + } + if (joseHeader[parameter] === undefined) { + throw new Err(`Extension Header Parameter "${parameter}" is missing`); + } + if (recognized.get(parameter) && protectedHeader[parameter] === undefined) { + throw new Err(`Extension Header Parameter "${parameter}" MUST be integrity protected`); + } + } + return new Set(protectedHeader.crit); +} +/* harmony default export */ const validate_crit = (validateCrit); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/sign.js + + + + + + + +class FlattenedSign { + constructor(payload) { + if (!(payload instanceof Uint8Array)) { + throw new TypeError('payload must be an instance of Uint8Array'); + } + this._payload = payload; + } + setProtectedHeader(protectedHeader) { + if (this._protectedHeader) { + throw new TypeError('setProtectedHeader can only be called once'); + } + this._protectedHeader = protectedHeader; + return this; + } + setUnprotectedHeader(unprotectedHeader) { + if (this._unprotectedHeader) { + throw new TypeError('setUnprotectedHeader can only be called once'); + } + this._unprotectedHeader = unprotectedHeader; + return this; + } + async sign(key, options) { + if (!this._protectedHeader && !this._unprotectedHeader) { + throw new JWSInvalid('either setProtectedHeader or setUnprotectedHeader must be called before #sign()'); + } + if (!is_disjoint(this._protectedHeader, this._unprotectedHeader)) { + throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint'); + } + const joseHeader = { + ...this._protectedHeader, + ...this._unprotectedHeader, + }; + const extensions = validate_crit(JWSInvalid, new Map([['b64', true]]), options?.crit, this._protectedHeader, joseHeader); + let b64 = true; + if (extensions.has('b64')) { + b64 = this._protectedHeader.b64; + if (typeof b64 !== 'boolean') { + throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean'); + } + } + const { alg } = joseHeader; + if (typeof alg !== 'string' || !alg) { + throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid'); + } + checkKeyTypeWithJwk(alg, key, 'sign'); + let payload = this._payload; + if (b64) { + payload = encoder.encode(encode(payload)); + } + let protectedHeader; + if (this._protectedHeader) { + protectedHeader = encoder.encode(encode(JSON.stringify(this._protectedHeader))); + } + else { + protectedHeader = encoder.encode(''); + } + const data = concat(protectedHeader, encoder.encode('.'), payload); + const signature = await runtime_sign(alg, key, data); + const jws = { + signature: encode(signature), + payload: '', + }; + if (b64) { + jws.payload = decoder.decode(payload); + } + if (this._unprotectedHeader) { + jws.header = this._unprotectedHeader; + } + if (this._protectedHeader) { + jws.protected = decoder.decode(protectedHeader); + } + return jws; + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/sign.js + +class CompactSign { + constructor(payload) { + this._flattened = new FlattenedSign(payload); + } + setProtectedHeader(protectedHeader) { + this._flattened.setProtectedHeader(protectedHeader); + return this; + } + async sign(key, options) { + const jws = await this._flattened.sign(key, options); + if (jws.payload === undefined) { + throw new TypeError('use the flattened module for creating JWS with b64: false'); + } + return `${jws.protected}.${jws.payload}.${jws.signature}`; + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/epoch.js +/* harmony default export */ const epoch = ((date) => Math.floor(date.getTime() / 1000)); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/secs.js +const minute = 60; +const hour = minute * 60; +const day = hour * 24; +const week = day * 7; +const year = day * 365.25; +const REGEX = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i; +/* harmony default export */ const secs = ((str) => { + const matched = REGEX.exec(str); + if (!matched || (matched[4] && matched[1])) { + throw new TypeError('Invalid time period format'); + } + const value = parseFloat(matched[2]); + const unit = matched[3].toLowerCase(); + let numericDate; + switch (unit) { + case 'sec': + case 'secs': + case 'second': + case 'seconds': + case 's': + numericDate = Math.round(value); + break; + case 'minute': + case 'minutes': + case 'min': + case 'mins': + case 'm': + numericDate = Math.round(value * minute); + break; + case 'hour': + case 'hours': + case 'hr': + case 'hrs': + case 'h': + numericDate = Math.round(value * hour); + break; + case 'day': + case 'days': + case 'd': + numericDate = Math.round(value * day); + break; + case 'week': + case 'weeks': + case 'w': + numericDate = Math.round(value * week); + break; + default: + numericDate = Math.round(value * year); + break; + } + if (matched[1] === '-' || matched[4] === 'ago') { + return -numericDate; + } + return numericDate; +}); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/produce.js + + + +function validateInput(label, input) { + if (!Number.isFinite(input)) { + throw new TypeError(`Invalid ${label} input`); + } + return input; +} +class ProduceJWT { + constructor(payload = {}) { + if (!isObject(payload)) { + throw new TypeError('JWT Claims Set MUST be an object'); + } + this._payload = payload; + } + setIssuer(issuer) { + this._payload = { ...this._payload, iss: issuer }; + return this; + } + setSubject(subject) { + this._payload = { ...this._payload, sub: subject }; + return this; + } + setAudience(audience) { + this._payload = { ...this._payload, aud: audience }; + return this; + } + setJti(jwtId) { + this._payload = { ...this._payload, jti: jwtId }; + return this; + } + setNotBefore(input) { + if (typeof input === 'number') { + this._payload = { ...this._payload, nbf: validateInput('setNotBefore', input) }; + } + else if (input instanceof Date) { + this._payload = { ...this._payload, nbf: validateInput('setNotBefore', epoch(input)) }; + } + else { + this._payload = { ...this._payload, nbf: epoch(new Date()) + secs(input) }; + } + return this; + } + setExpirationTime(input) { + if (typeof input === 'number') { + this._payload = { ...this._payload, exp: validateInput('setExpirationTime', input) }; + } + else if (input instanceof Date) { + this._payload = { ...this._payload, exp: validateInput('setExpirationTime', epoch(input)) }; + } + else { + this._payload = { ...this._payload, exp: epoch(new Date()) + secs(input) }; + } + return this; + } + setIssuedAt(input) { + if (typeof input === 'undefined') { + this._payload = { ...this._payload, iat: epoch(new Date()) }; + } + else if (input instanceof Date) { + this._payload = { ...this._payload, iat: validateInput('setIssuedAt', epoch(input)) }; + } + else if (typeof input === 'string') { + this._payload = { + ...this._payload, + iat: validateInput('setIssuedAt', epoch(new Date()) + secs(input)), + }; + } + else { + this._payload = { ...this._payload, iat: validateInput('setIssuedAt', input) }; + } + return this; + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/sign.js + + + + +class SignJWT extends ProduceJWT { + setProtectedHeader(protectedHeader) { + this._protectedHeader = protectedHeader; + return this; + } + async sign(key, options) { + const sig = new CompactSign(encoder.encode(JSON.stringify(this._payload))); + sig.setProtectedHeader(this._protectedHeader); + if (Array.isArray(this._protectedHeader?.crit) && + this._protectedHeader.crit.includes('b64') && + this._protectedHeader.b64 === false) { + throw new JWTInvalid('JWTs MUST NOT use unencoded payload'); + } + return sig.sign(key, options); + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/fetch_jwks.js + +const fetchJwks = async (url, timeout, options) => { + let controller; + let id; + let timedOut = false; + if (typeof AbortController === 'function') { + controller = new AbortController(); + id = setTimeout(() => { + timedOut = true; + controller.abort(); + }, timeout); + } + const response = await fetch(url.href, { + signal: controller ? controller.signal : undefined, + redirect: 'manual', + headers: options.headers, + }).catch((err) => { + if (timedOut) + throw new JWKSTimeout(); + throw err; + }); + if (id !== undefined) + clearTimeout(id); + if (response.status !== 200) { + throw new JOSEError('Expected 200 OK from the JSON Web Key Set HTTP response'); + } + try { + return await response.json(); + } + catch { + throw new JOSEError('Failed to parse the JSON Web Key Set HTTP response as JSON'); + } +}; +/* harmony default export */ const fetch_jwks = (fetchJwks); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/key/import.js + + + + + +async function importSPKI(spki, alg, options) { + if (typeof spki !== 'string' || spki.indexOf('-----BEGIN PUBLIC KEY-----') !== 0) { + throw new TypeError('"spki" must be SPKI formatted string'); + } + return fromSPKI(spki, alg, options); +} +async function importX509(x509, alg, options) { + if (typeof x509 !== 'string' || x509.indexOf('-----BEGIN CERTIFICATE-----') !== 0) { + throw new TypeError('"x509" must be X.509 formatted string'); + } + return fromX509(x509, alg, options); +} +async function importPKCS8(pkcs8, alg, options) { + if (typeof pkcs8 !== 'string' || pkcs8.indexOf('-----BEGIN PRIVATE KEY-----') !== 0) { + throw new TypeError('"pkcs8" must be PKCS#8 formatted string'); + } + return fromPKCS8(pkcs8, alg, options); +} +async function importJWK(jwk, alg) { + if (!isObject(jwk)) { + throw new TypeError('JWK must be an object'); + } + alg || (alg = jwk.alg); + switch (jwk.kty) { + case 'oct': + if (typeof jwk.k !== 'string' || !jwk.k) { + throw new TypeError('missing "k" (Key Value) Parameter value'); + } + return decode(jwk.k); + case 'RSA': + if ('oth' in jwk && jwk.oth !== undefined) { + throw new errors_JOSENotSupported('RSA JWK "oth" (Other Primes Info) Parameter value is not supported'); + } + case 'EC': + case 'OKP': + return jwk_to_key({ ...jwk, alg }); + default: + throw new errors_JOSENotSupported('Unsupported "kty" (Key Type) Parameter value'); + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/local.js + + + +function getKtyFromAlg(alg) { + switch (typeof alg === 'string' && alg.slice(0, 2)) { + case 'RS': + case 'PS': + return 'RSA'; + case 'ES': + return 'EC'; + case 'Ed': + return 'OKP'; + default: + throw new errors_JOSENotSupported('Unsupported "alg" value for a JSON Web Key Set'); + } +} +function isJWKSLike(jwks) { + return (jwks && + typeof jwks === 'object' && + Array.isArray(jwks.keys) && + jwks.keys.every(isJWKLike)); +} +function isJWKLike(key) { + return isObject(key); +} +function clone(obj) { + if (typeof structuredClone === 'function') { + return structuredClone(obj); + } + return JSON.parse(JSON.stringify(obj)); +} +class LocalJWKSet { + constructor(jwks) { + this._cached = new WeakMap(); + if (!isJWKSLike(jwks)) { + throw new JWKSInvalid('JSON Web Key Set malformed'); + } + this._jwks = clone(jwks); + } + async getKey(protectedHeader, token) { + const { alg, kid } = { ...protectedHeader, ...token?.header }; + const kty = getKtyFromAlg(alg); + const candidates = this._jwks.keys.filter((jwk) => { + let candidate = kty === jwk.kty; + if (candidate && typeof kid === 'string') { + candidate = kid === jwk.kid; + } + if (candidate && typeof jwk.alg === 'string') { + candidate = alg === jwk.alg; + } + if (candidate && typeof jwk.use === 'string') { + candidate = jwk.use === 'sig'; + } + if (candidate && Array.isArray(jwk.key_ops)) { + candidate = jwk.key_ops.includes('verify'); + } + if (candidate) { + switch (alg) { + case 'ES256': + candidate = jwk.crv === 'P-256'; + break; + case 'ES256K': + candidate = jwk.crv === 'secp256k1'; + break; + case 'ES384': + candidate = jwk.crv === 'P-384'; + break; + case 'ES512': + candidate = jwk.crv === 'P-521'; + break; + case 'Ed25519': + candidate = jwk.crv === 'Ed25519'; + break; + case 'EdDSA': + candidate = jwk.crv === 'Ed25519' || jwk.crv === 'Ed448'; + break; + } + } + return candidate; + }); + const { 0: jwk, length } = candidates; + if (length === 0) { + throw new JWKSNoMatchingKey(); + } + if (length !== 1) { + const error = new JWKSMultipleMatchingKeys(); + const { _cached } = this; + error[Symbol.asyncIterator] = async function* () { + for (const jwk of candidates) { + try { + yield await importWithAlgCache(_cached, jwk, alg); + } + catch { } + } + }; + throw error; + } + return importWithAlgCache(this._cached, jwk, alg); + } +} +async function importWithAlgCache(cache, jwk, alg) { + const cached = cache.get(jwk) || cache.set(jwk, {}).get(jwk); + if (cached[alg] === undefined) { + const key = await importJWK({ ...jwk, ext: true }, alg); + if (key instanceof Uint8Array || key.type !== 'public') { + throw new JWKSInvalid('JSON Web Key Set members must be public keys'); + } + cached[alg] = key; + } + return cached[alg]; +} +function createLocalJWKSet(jwks) { + const set = new LocalJWKSet(jwks); + const localJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token); + Object.defineProperties(localJWKSet, { + jwks: { + value: () => clone(set._jwks), + enumerable: true, + configurable: false, + writable: false, + }, + }); + return localJWKSet; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/remote.js + + + + +function isCloudflareWorkers() { + return (typeof WebSocketPair !== 'undefined' || + (typeof navigator !== 'undefined' && navigator.userAgent === 'Cloudflare-Workers') || + (typeof EdgeRuntime !== 'undefined' && EdgeRuntime === 'vercel')); +} +let USER_AGENT; +if (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) { + const NAME = 'jose'; + const VERSION = 'v5.10.0'; + USER_AGENT = `${NAME}/${VERSION}`; +} +const jwksCache = Symbol(); +function isFreshJwksCache(input, cacheMaxAge) { + if (typeof input !== 'object' || input === null) { + return false; + } + if (!('uat' in input) || typeof input.uat !== 'number' || Date.now() - input.uat >= cacheMaxAge) { + return false; + } + if (!('jwks' in input) || + !isObject(input.jwks) || + !Array.isArray(input.jwks.keys) || + !Array.prototype.every.call(input.jwks.keys, isObject)) { + return false; + } + return true; +} +class RemoteJWKSet { + constructor(url, options) { + if (!(url instanceof URL)) { + throw new TypeError('url must be an instance of URL'); + } + this._url = new URL(url.href); + this._options = { agent: options?.agent, headers: options?.headers }; + this._timeoutDuration = + typeof options?.timeoutDuration === 'number' ? options?.timeoutDuration : 5000; + this._cooldownDuration = + typeof options?.cooldownDuration === 'number' ? options?.cooldownDuration : 30000; + this._cacheMaxAge = typeof options?.cacheMaxAge === 'number' ? options?.cacheMaxAge : 600000; + if (options?.[jwksCache] !== undefined) { + this._cache = options?.[jwksCache]; + if (isFreshJwksCache(options?.[jwksCache], this._cacheMaxAge)) { + this._jwksTimestamp = this._cache.uat; + this._local = createLocalJWKSet(this._cache.jwks); + } + } + } + coolingDown() { + return typeof this._jwksTimestamp === 'number' + ? Date.now() < this._jwksTimestamp + this._cooldownDuration + : false; + } + fresh() { + return typeof this._jwksTimestamp === 'number' + ? Date.now() < this._jwksTimestamp + this._cacheMaxAge + : false; + } + async getKey(protectedHeader, token) { + if (!this._local || !this.fresh()) { + await this.reload(); + } + try { + return await this._local(protectedHeader, token); + } + catch (err) { + if (err instanceof JWKSNoMatchingKey) { + if (this.coolingDown() === false) { + await this.reload(); + return this._local(protectedHeader, token); + } + } + throw err; + } + } + async reload() { + if (this._pendingFetch && isCloudflareWorkers()) { + this._pendingFetch = undefined; + } + const headers = new Headers(this._options.headers); + if (USER_AGENT && !headers.has('User-Agent')) { + headers.set('User-Agent', USER_AGENT); + this._options.headers = Object.fromEntries(headers.entries()); + } + this._pendingFetch || (this._pendingFetch = fetch_jwks(this._url, this._timeoutDuration, this._options) + .then((json) => { + this._local = createLocalJWKSet(json); + if (this._cache) { + this._cache.uat = Date.now(); + this._cache.jwks = json; + } + this._jwksTimestamp = Date.now(); + this._pendingFetch = undefined; + }) + .catch((err) => { + this._pendingFetch = undefined; + throw err; + })); + await this._pendingFetch; + } +} +function createRemoteJWKSet(url, options) { + const set = new RemoteJWKSet(url, options); + const remoteJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token); + Object.defineProperties(remoteJWKSet, { + coolingDown: { + get: () => set.coolingDown(), + enumerable: true, + configurable: false, + }, + fresh: { + get: () => set.fresh(), + enumerable: true, + configurable: false, + }, + reload: { + value: () => set.reload(), + enumerable: true, + configurable: false, + writable: false, + }, + reloading: { + get: () => !!set._pendingFetch, + enumerable: true, + configurable: false, + }, + jwks: { + value: () => set._local?.jwks(), + enumerable: true, + configurable: false, + writable: false, + }, + }); + return remoteJWKSet; +} +const experimental_jwksCache = (/* unused pure expression or super */ null && (jwksCache)); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/verify.js + + + + +const verify = async (alg, key, signature, data) => { + const cryptoKey = await getCryptoKey(alg, key, 'verify'); + check_key_length(alg, cryptoKey); + const algorithm = subtleDsa(alg, cryptoKey.algorithm); + try { + return await webcrypto.subtle.verify(algorithm, cryptoKey, signature, data); + } + catch { + return false; + } +}; +/* harmony default export */ const runtime_verify = (verify); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_algorithms.js +const validateAlgorithms = (option, algorithms) => { + if (algorithms !== undefined && + (!Array.isArray(algorithms) || algorithms.some((s) => typeof s !== 'string'))) { + throw new TypeError(`"${option}" option must be an array of strings`); + } + if (!algorithms) { + return undefined; + } + return new Set(algorithms); +}; +/* harmony default export */ const validate_algorithms = (validateAlgorithms); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/verify.js + + + + + + + + + + + +async function flattenedVerify(jws, key, options) { + if (!isObject(jws)) { + throw new JWSInvalid('Flattened JWS must be an object'); + } + if (jws.protected === undefined && jws.header === undefined) { + throw new JWSInvalid('Flattened JWS must have either of the "protected" or "header" members'); + } + if (jws.protected !== undefined && typeof jws.protected !== 'string') { + throw new JWSInvalid('JWS Protected Header incorrect type'); + } + if (jws.payload === undefined) { + throw new JWSInvalid('JWS Payload missing'); + } + if (typeof jws.signature !== 'string') { + throw new JWSInvalid('JWS Signature missing or incorrect type'); + } + if (jws.header !== undefined && !isObject(jws.header)) { + throw new JWSInvalid('JWS Unprotected Header incorrect type'); + } + let parsedProt = {}; + if (jws.protected) { + try { + const protectedHeader = decode(jws.protected); + parsedProt = JSON.parse(decoder.decode(protectedHeader)); + } + catch { + throw new JWSInvalid('JWS Protected Header is invalid'); + } + } + if (!is_disjoint(parsedProt, jws.header)) { + throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint'); + } + const joseHeader = { + ...parsedProt, + ...jws.header, + }; + const extensions = validate_crit(JWSInvalid, new Map([['b64', true]]), options?.crit, parsedProt, joseHeader); + let b64 = true; + if (extensions.has('b64')) { + b64 = parsedProt.b64; + if (typeof b64 !== 'boolean') { + throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean'); + } + } + const { alg } = joseHeader; + if (typeof alg !== 'string' || !alg) { + throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid'); + } + const algorithms = options && validate_algorithms('algorithms', options.algorithms); + if (algorithms && !algorithms.has(alg)) { + throw new JOSEAlgNotAllowed('"alg" (Algorithm) Header Parameter value not allowed'); + } + if (b64) { + if (typeof jws.payload !== 'string') { + throw new JWSInvalid('JWS Payload must be a string'); + } + } + else if (typeof jws.payload !== 'string' && !(jws.payload instanceof Uint8Array)) { + throw new JWSInvalid('JWS Payload must be a string or an Uint8Array instance'); + } + let resolvedKey = false; + if (typeof key === 'function') { + key = await key(parsedProt, jws); + resolvedKey = true; + checkKeyTypeWithJwk(alg, key, 'verify'); + if (isJWK(key)) { + key = await importJWK(key, alg); + } + } + else { + checkKeyTypeWithJwk(alg, key, 'verify'); + } + const data = concat(encoder.encode(jws.protected ?? ''), encoder.encode('.'), typeof jws.payload === 'string' ? encoder.encode(jws.payload) : jws.payload); + let signature; + try { + signature = decode(jws.signature); + } + catch { + throw new JWSInvalid('Failed to base64url decode the signature'); + } + const verified = await runtime_verify(alg, key, signature, data); + if (!verified) { + throw new JWSSignatureVerificationFailed(); + } + let payload; + if (b64) { + try { + payload = decode(jws.payload); + } + catch { + throw new JWSInvalid('Failed to base64url decode the payload'); + } + } + else if (typeof jws.payload === 'string') { + payload = encoder.encode(jws.payload); + } + else { + payload = jws.payload; + } + const result = { payload }; + if (jws.protected !== undefined) { + result.protectedHeader = parsedProt; + } + if (jws.header !== undefined) { + result.unprotectedHeader = jws.header; + } + if (resolvedKey) { + return { ...result, key }; + } + return result; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/verify.js + + + +async function compactVerify(jws, key, options) { + if (jws instanceof Uint8Array) { + jws = decoder.decode(jws); + } + if (typeof jws !== 'string') { + throw new JWSInvalid('Compact JWS must be a string or Uint8Array'); + } + const { 0: protectedHeader, 1: payload, 2: signature, length } = jws.split('.'); + if (length !== 3) { + throw new JWSInvalid('Invalid Compact JWS'); + } + const verified = await flattenedVerify({ payload, protected: protectedHeader, signature }, key, options); + const result = { payload: verified.payload, protectedHeader: verified.protectedHeader }; + if (typeof key === 'function') { + return { ...result, key: verified.key }; + } + return result; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/jwt_claims_set.js + + + + + +const normalizeTyp = (value) => value.toLowerCase().replace(/^application\//, ''); +const checkAudiencePresence = (audPayload, audOption) => { + if (typeof audPayload === 'string') { + return audOption.includes(audPayload); + } + if (Array.isArray(audPayload)) { + return audOption.some(Set.prototype.has.bind(new Set(audPayload))); + } + return false; +}; +/* harmony default export */ const jwt_claims_set = ((protectedHeader, encodedPayload, options = {}) => { + let payload; + try { + payload = JSON.parse(decoder.decode(encodedPayload)); + } + catch { + } + if (!isObject(payload)) { + throw new JWTInvalid('JWT Claims Set must be a top-level JSON object'); + } + const { typ } = options; + if (typ && + (typeof protectedHeader.typ !== 'string' || + normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) { + throw new JWTClaimValidationFailed('unexpected "typ" JWT header value', payload, 'typ', 'check_failed'); + } + const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options; + const presenceCheck = [...requiredClaims]; + if (maxTokenAge !== undefined) + presenceCheck.push('iat'); + if (audience !== undefined) + presenceCheck.push('aud'); + if (subject !== undefined) + presenceCheck.push('sub'); + if (issuer !== undefined) + presenceCheck.push('iss'); + for (const claim of new Set(presenceCheck.reverse())) { + if (!(claim in payload)) { + throw new JWTClaimValidationFailed(`missing required "${claim}" claim`, payload, claim, 'missing'); + } + } + if (issuer && + !(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) { + throw new JWTClaimValidationFailed('unexpected "iss" claim value', payload, 'iss', 'check_failed'); + } + if (subject && payload.sub !== subject) { + throw new JWTClaimValidationFailed('unexpected "sub" claim value', payload, 'sub', 'check_failed'); + } + if (audience && + !checkAudiencePresence(payload.aud, typeof audience === 'string' ? [audience] : audience)) { + throw new JWTClaimValidationFailed('unexpected "aud" claim value', payload, 'aud', 'check_failed'); + } + let tolerance; + switch (typeof options.clockTolerance) { + case 'string': + tolerance = secs(options.clockTolerance); + break; + case 'number': + tolerance = options.clockTolerance; + break; + case 'undefined': + tolerance = 0; + break; + default: + throw new TypeError('Invalid clockTolerance option type'); + } + const { currentDate } = options; + const now = epoch(currentDate || new Date()); + if ((payload.iat !== undefined || maxTokenAge) && typeof payload.iat !== 'number') { + throw new JWTClaimValidationFailed('"iat" claim must be a number', payload, 'iat', 'invalid'); + } + if (payload.nbf !== undefined) { + if (typeof payload.nbf !== 'number') { + throw new JWTClaimValidationFailed('"nbf" claim must be a number', payload, 'nbf', 'invalid'); + } + if (payload.nbf > now + tolerance) { + throw new JWTClaimValidationFailed('"nbf" claim timestamp check failed', payload, 'nbf', 'check_failed'); + } + } + if (payload.exp !== undefined) { + if (typeof payload.exp !== 'number') { + throw new JWTClaimValidationFailed('"exp" claim must be a number', payload, 'exp', 'invalid'); + } + if (payload.exp <= now - tolerance) { + throw new JWTExpired('"exp" claim timestamp check failed', payload, 'exp', 'check_failed'); + } + } + if (maxTokenAge) { + const age = now - payload.iat; + const max = typeof maxTokenAge === 'number' ? maxTokenAge : secs(maxTokenAge); + if (age - tolerance > max) { + throw new JWTExpired('"iat" claim timestamp check failed (too far in the past)', payload, 'iat', 'check_failed'); + } + if (age < 0 - tolerance) { + throw new JWTClaimValidationFailed('"iat" claim timestamp check failed (it should be in the past)', payload, 'iat', 'check_failed'); + } + } + return payload; +}); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/verify.js + + + +async function jwtVerify(jwt, key, options) { + const verified = await compactVerify(jwt, key, options); + if (verified.protectedHeader.crit?.includes('b64') && verified.protectedHeader.b64 === false) { + throw new JWTInvalid('JWTs MUST NOT use unencoded payload'); + } + const payload = jwt_claims_set(verified.protectedHeader, verified.payload, options); + const result = { payload, protectedHeader: verified.protectedHeader }; + if (typeof key === 'function') { + return { ...result, key: verified.key }; + } + return result; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/digest.js + +const digest_digest = async (algorithm, data) => { + const subtleDigest = `SHA-${algorithm.slice(-3)}`; + return new Uint8Array(await webcrypto.subtle.digest(subtleDigest, data)); +}; +/* harmony default export */ const runtime_digest = (digest_digest); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwk/thumbprint.js + + + + + +const check = (value, description) => { + if (typeof value !== 'string' || !value) { + throw new JWKInvalid(`${description} missing or invalid`); + } +}; +async function calculateJwkThumbprint(jwk, digestAlgorithm) { + if (!isObject(jwk)) { + throw new TypeError('JWK must be an object'); + } + digestAlgorithm ?? (digestAlgorithm = 'sha256'); + if (digestAlgorithm !== 'sha256' && + digestAlgorithm !== 'sha384' && + digestAlgorithm !== 'sha512') { + throw new TypeError('digestAlgorithm must one of "sha256", "sha384", or "sha512"'); + } + let components; + switch (jwk.kty) { + case 'EC': + check(jwk.crv, '"crv" (Curve) Parameter'); + check(jwk.x, '"x" (X Coordinate) Parameter'); + check(jwk.y, '"y" (Y Coordinate) Parameter'); + components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x, y: jwk.y }; + break; + case 'OKP': + check(jwk.crv, '"crv" (Subtype of Key Pair) Parameter'); + check(jwk.x, '"x" (Public Key) Parameter'); + components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x }; + break; + case 'RSA': + check(jwk.e, '"e" (Exponent) Parameter'); + check(jwk.n, '"n" (Modulus) Parameter'); + components = { e: jwk.e, kty: jwk.kty, n: jwk.n }; + break; + case 'oct': + check(jwk.k, '"k" (Key Value) Parameter'); + components = { k: jwk.k, kty: jwk.kty }; + break; + default: + throw new errors_JOSENotSupported('"kty" (Key Type) Parameter missing or unsupported'); + } + const data = encoder.encode(JSON.stringify(components)); + return encode(await runtime_digest(digestAlgorithm, data)); +} +async function calculateJwkThumbprintUri(jwk, digestAlgorithm) { + digestAlgorithm ?? (digestAlgorithm = 'sha256'); + const thumbprint = await calculateJwkThumbprint(jwk, digestAlgorithm); + return `urn:ietf:params:oauth:jwk-thumbprint:sha-${digestAlgorithm.slice(-3)}:${thumbprint}`; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/generate.js + + + +async function generateSecret(alg, options) { + let length; + let algorithm; + let keyUsages; + switch (alg) { + case 'HS256': + case 'HS384': + case 'HS512': + length = parseInt(alg.slice(-3), 10); + algorithm = { name: 'HMAC', hash: `SHA-${length}`, length }; + keyUsages = ['sign', 'verify']; + break; + case 'A128CBC-HS256': + case 'A192CBC-HS384': + case 'A256CBC-HS512': + length = parseInt(alg.slice(-3), 10); + return random(new Uint8Array(length >> 3)); + case 'A128KW': + case 'A192KW': + case 'A256KW': + length = parseInt(alg.slice(1, 4), 10); + algorithm = { name: 'AES-KW', length }; + keyUsages = ['wrapKey', 'unwrapKey']; + break; + case 'A128GCMKW': + case 'A192GCMKW': + case 'A256GCMKW': + case 'A128GCM': + case 'A192GCM': + case 'A256GCM': + length = parseInt(alg.slice(1, 4), 10); + algorithm = { name: 'AES-GCM', length }; + keyUsages = ['encrypt', 'decrypt']; + break; + default: + throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value'); + } + return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages); +} +function getModulusLengthOption(options) { + const modulusLength = options?.modulusLength ?? 2048; + if (typeof modulusLength !== 'number' || modulusLength < 2048) { + throw new errors_JOSENotSupported('Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used'); + } + return modulusLength; +} +async function generateKeyPair(alg, options) { + let algorithm; + let keyUsages; + switch (alg) { + case 'PS256': + case 'PS384': + case 'PS512': + algorithm = { + name: 'RSA-PSS', + hash: `SHA-${alg.slice(-3)}`, + publicExponent: new Uint8Array([0x01, 0x00, 0x01]), + modulusLength: getModulusLengthOption(options), + }; + keyUsages = ['sign', 'verify']; + break; + case 'RS256': + case 'RS384': + case 'RS512': + algorithm = { + name: 'RSASSA-PKCS1-v1_5', + hash: `SHA-${alg.slice(-3)}`, + publicExponent: new Uint8Array([0x01, 0x00, 0x01]), + modulusLength: getModulusLengthOption(options), + }; + keyUsages = ['sign', 'verify']; + break; + case 'RSA-OAEP': + case 'RSA-OAEP-256': + case 'RSA-OAEP-384': + case 'RSA-OAEP-512': + algorithm = { + name: 'RSA-OAEP', + hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`, + publicExponent: new Uint8Array([0x01, 0x00, 0x01]), + modulusLength: getModulusLengthOption(options), + }; + keyUsages = ['decrypt', 'unwrapKey', 'encrypt', 'wrapKey']; + break; + case 'ES256': + algorithm = { name: 'ECDSA', namedCurve: 'P-256' }; + keyUsages = ['sign', 'verify']; + break; + case 'ES384': + algorithm = { name: 'ECDSA', namedCurve: 'P-384' }; + keyUsages = ['sign', 'verify']; + break; + case 'ES512': + algorithm = { name: 'ECDSA', namedCurve: 'P-521' }; + keyUsages = ['sign', 'verify']; + break; + case 'Ed25519': + algorithm = { name: 'Ed25519' }; + keyUsages = ['sign', 'verify']; + break; + case 'EdDSA': { + keyUsages = ['sign', 'verify']; + const crv = options?.crv ?? 'Ed25519'; + switch (crv) { + case 'Ed25519': + case 'Ed448': + algorithm = { name: crv }; + break; + default: + throw new errors_JOSENotSupported('Invalid or unsupported crv option provided'); + } + break; + } + case 'ECDH-ES': + case 'ECDH-ES+A128KW': + case 'ECDH-ES+A192KW': + case 'ECDH-ES+A256KW': { + keyUsages = ['deriveKey', 'deriveBits']; + const crv = options?.crv ?? 'P-256'; + switch (crv) { + case 'P-256': + case 'P-384': + case 'P-521': { + algorithm = { name: 'ECDH', namedCurve: crv }; + break; + } + case 'X25519': + case 'X448': + algorithm = { name: crv }; + break; + default: + throw new errors_JOSENotSupported('Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448'); + } + break; + } + default: + throw new errors_JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value'); + } + return webcrypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/key/generate_key_pair.js + +async function generate_key_pair_generateKeyPair(alg, options) { + return generateKeyPair(alg, options); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/util/base64url.js + +const base64url_encode = encode; +const base64url_decode = decode; + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/util/decode_jwt.js + + + + +function decodeJwt(jwt) { + if (typeof jwt !== 'string') + throw new JWTInvalid('JWTs must use Compact JWS serialization, JWT must be a string'); + const { 1: payload, length } = jwt.split('.'); + if (length === 5) + throw new JWTInvalid('Only JWTs using Compact JWS serialization can be decoded'); + if (length !== 3) + throw new JWTInvalid('Invalid JWT'); + if (!payload) + throw new JWTInvalid('JWTs must contain a payload'); + let decoded; + try { + decoded = base64url_decode(payload); + } + catch { + throw new JWTInvalid('Failed to base64url decode the payload'); + } + let result; + try { + result = JSON.parse(decoder.decode(decoded)); + } + catch { + throw new JWTInvalid('Failed to parse the decoded payload as JSON'); + } + if (!isObject(result)) + throw new JWTInvalid('Invalid JWT Claims Set'); + return result; +} + +;// ./node_modules/solid-oidc/solid-oidc.js +/** + * solid-oidc.js - Minimal Solid-OIDC client for browsers + * + * A zero-build, single-file Solid-OIDC authentication library. + * + * @license MIT + * @author JavaScriptSolidServer + * @see https://github.com/JavaScriptSolidServer/solid-oidc + * + * Based on solid-oidc-client-browser by uvdsl (Christoph Braun) + * @see https://github.com/uvdsl/solid-oidc-client-browser + * + * Implements: + * - RFC 6749 - OAuth 2.0 + * - RFC 7636 - PKCE + * - RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification + * - RFC 9449 - DPoP (Demonstration of Proof-of-Possession) + * - Solid-OIDC Specification + */ + + + +// ============================================================================ +// Session Events +// ============================================================================ + +const SessionEvents = { + STATE_CHANGE: 'sessionStateChange', + EXPIRATION_WARNING: 'sessionExpirationWarning', + EXPIRATION: 'sessionExpiration' +} + +// ============================================================================ +// Session Database Interface (IndexedDB Implementation) +// ============================================================================ + +class SessionDatabase { + constructor(dbName = 'solid-oidc', storeName = 'session', dbVersion = 1) { + this.dbName = dbName + this.storeName = storeName + this.dbVersion = dbVersion + this.db = null + } + + async init() { + return new Promise((resolve, reject) => { + const request = indexedDB.open(this.dbName, this.dbVersion) + request.onerror = () => reject(new Error(`Database error: ${request.error}`)) + request.onsuccess = () => { + this.db = request.result + resolve(this) + } + request.onupgradeneeded = (event) => { + const db = event.target.result + if (!db.objectStoreNames.contains(this.storeName)) { + db.createObjectStore(this.storeName) + } + } + }) + } + + async setItem(id, value) { + if (!this.db) await this.init() + return new Promise((resolve, reject) => { + const tx = this.db.transaction(this.storeName, 'readwrite') + tx.oncomplete = () => resolve() + tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`)) + tx.objectStore(this.storeName).put(value, id) + }) + } + + async getItem(id) { + if (!this.db) await this.init() + return new Promise((resolve, reject) => { + const tx = this.db.transaction(this.storeName, 'readonly') + tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`)) + const request = tx.objectStore(this.storeName).get(id) + request.onsuccess = () => resolve(request.result || null) + }) + } + + async deleteItem(id) { + if (!this.db) await this.init() + return new Promise((resolve, reject) => { + const tx = this.db.transaction(this.storeName, 'readwrite') + tx.oncomplete = () => resolve() + tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`)) + tx.objectStore(this.storeName).delete(id) + }) + } + + async clear() { + if (!this.db) await this.init() + return new Promise((resolve, reject) => { + const tx = this.db.transaction(this.storeName, 'readwrite') + tx.oncomplete = () => resolve() + tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`)) + tx.objectStore(this.storeName).clear() + }) + } + + close() { + if (this.db) { + this.db.close() + this.db = null + } + } +} + +// ============================================================================ +// PKCE Helper (RFC 7636) +// ============================================================================ + +async function generatePKCE() { + const verifier = crypto.randomUUID() + '-' + crypto.randomUUID() + const digest = new Uint8Array( + await crypto.subtle.digest('SHA-256', new TextEncoder().encode(verifier)) + ) + const challenge = btoa(String.fromCharCode(...digest)) + .replace(/\+/g, '-') + .replace(/\//g, '_') + .replace(/=+$/, '') + return { verifier, challenge } +} + +// ============================================================================ +// DPoP Helper (RFC 9449) +// ============================================================================ + +async function createDPoPToken(keyPair, htu, htm, ath = null) { + const publicJwk = await exportJWK(keyPair.publicKey) + const payload = { htu, htm } + if (ath) payload.ath = ath + + return new SignJWT(payload) + .setIssuedAt() + .setJti(crypto.randomUUID()) + .setProtectedHeader({ alg: 'ES256', typ: 'dpop+jwt', jwk: publicJwk }) + .sign(keyPair.privateKey) +} + +async function computeAth(accessToken) { + const data = new TextEncoder().encode(accessToken) + const hashBuffer = await crypto.subtle.digest('SHA-256', data) + const hashArray = Array.from(new Uint8Array(hashBuffer)) + return btoa(String.fromCharCode(...hashArray)) + .replace(/\+/g, '-') + .replace(/\//g, '_') + .replace(/=+$/, '') +} + +// ============================================================================ +// OIDC Discovery +// ============================================================================ + +async function discoverOIDC(idp) { + const origin = new URL(idp).origin + const response = await fetch(`${origin}/.well-known/openid-configuration`) + if (!response.ok) throw new Error(`OIDC discovery failed: ${response.status}`) + return response.json() +} + +// ============================================================================ +// Dynamic Client Registration +// ============================================================================ + +async function registerClient(registrationEndpoint, redirectUris) { + const response = await fetch(registrationEndpoint, { + method: 'POST', + headers: { 'Content-Type': 'application/json' }, + body: JSON.stringify({ + application_type: 'web', + redirect_uris: redirectUris, + token_endpoint_auth_method: 'none', + grant_types: ['authorization_code', 'refresh_token'], + response_types: ['code'], + scope: 'openid offline_access webid' + }) + }) + if (!response.ok) throw new Error(`Client registration failed: ${response.status}`) + return response.json() +} + +// ============================================================================ +// Token Request +// ============================================================================ + +async function requestTokens(tokenEndpoint, params, keyPair) { + const dpop = await createDPoPToken(keyPair, tokenEndpoint, 'POST') + const response = await fetch(tokenEndpoint, { + method: 'POST', + headers: { + 'Content-Type': 'application/x-www-form-urlencoded', + 'DPoP': dpop + }, + body: new URLSearchParams(params) + }) + if (!response.ok) throw new Error(`Token request failed: ${response.status}`) + return response.json() +} + +// ============================================================================ +// Token Validation +// ============================================================================ + +async function validateAccessToken(accessToken, jwksUri, issuer, clientId, keyPair) { + const jwks = createRemoteJWKSet(new URL(jwksUri)) + const { payload } = await jwtVerify(accessToken, jwks, { + issuer, + audience: 'solid' + }) + + // Verify DPoP binding + const thumbprint = await calculateJwkThumbprint(await exportJWK(keyPair.publicKey)) + if (payload.cnf?.jkt !== thumbprint) { + throw new Error('DPoP thumbprint mismatch') + } + + // Verify client_id + if (payload.client_id !== clientId) { + throw new Error('client_id mismatch') + } + + return payload +} + +// ============================================================================ +// Refresh Token Grant +// ============================================================================ + +async function refreshTokens(database) { + await database.init() + + const [refreshToken, tokenEndpoint, clientId, keyPair] = await Promise.all([ + database.getItem('refresh_token'), + database.getItem('token_endpoint'), + database.getItem('client_id'), + database.getItem('dpop_keypair') + ]) + + if (!refreshToken || !tokenEndpoint || !clientId || !keyPair) { + throw new Error('Missing refresh data') + } + + const tokens = await requestTokens(tokenEndpoint, { + grant_type: 'refresh_token', + refresh_token: refreshToken, + client_id: clientId + }, keyPair) + + // Persist new refresh token if provided + if (tokens.refresh_token) { + await database.setItem('refresh_token', tokens.refresh_token) + } + + database.close() + return { ...tokens, dpop_key_pair: keyPair } +} + +// ============================================================================ +// Main Session Class +// ============================================================================ + +class solid_oidc_Session extends EventTarget { + constructor(options = {}) { + super() + this.clientId = options.clientId || null + this.database = options.database || new SessionDatabase() + this.onStateChange = options.onStateChange || null + this.onExpirationWarning = options.onExpirationWarning || null + this.onExpiration = options.onExpiration || null + + // Internal state + this._isActive = false + this._webId = null + this._exp = null + this._ath = null + this._tokens = null + this._idpDetails = null + this._refreshPromise = null + + // Set up event listeners + if (this.onStateChange) { + this.addEventListener(SessionEvents.STATE_CHANGE, this.onStateChange) + } + if (this.onExpirationWarning) { + this.addEventListener(SessionEvents.EXPIRATION_WARNING, this.onExpirationWarning) + } + if (this.onExpiration) { + this.addEventListener(SessionEvents.EXPIRATION, this.onExpiration) + } + } + + // ========================================================================== + // Public API + // ========================================================================== + + get isActive() { return this._isActive } + get webId() { return this._webId } + + isExpired() { + if (!this._exp) return true + return Math.floor(Date.now() / 1000) >= this._exp + } + + getExpiresIn() { + if (!this._exp) return -1 + return this._exp - Math.floor(Date.now() / 1000) + } + + /** + * Redirect user to identity provider for login + */ + async login(idp, redirectUri) { + // Sanitize redirect URI (RFC 6749 Section 3.1.2) + const redirectUrl = new URL(redirectUri) + const sanitizedRedirect = redirectUrl.origin + redirectUrl.pathname + redirectUrl.search + + // OIDC Discovery + const config = await discoverOIDC(idp) + + // RFC 9207: Verify issuer + const issuer = config.issuer + const trimSlash = (s) => s.endsWith('/') ? s.slice(0, -1) : s + if (trimSlash(idp) !== trimSlash(issuer)) { + throw new Error(`Issuer mismatch: ${issuer} !== ${idp}`) + } + + // Store IDP details + sessionStorage.setItem('solid_oidc_idp', issuer) + sessionStorage.setItem('solid_oidc_token_endpoint', config.token_endpoint) + sessionStorage.setItem('solid_oidc_jwks_uri', config.jwks_uri) + + // Get or register client_id + let clientId = this.clientId + if (!clientId) { + const registration = await registerClient(config.registration_endpoint, [sanitizedRedirect]) + clientId = registration.client_id + sessionStorage.setItem('solid_oidc_client_id', clientId) + } + + // PKCE (RFC 7636) + const pkce = await generatePKCE() + sessionStorage.setItem('solid_oidc_pkce_verifier', pkce.verifier) + + // CSRF token + const csrfToken = crypto.randomUUID() + sessionStorage.setItem('solid_oidc_csrf', csrfToken) + + // Build authorization URL + const authUrl = new URL(config.authorization_endpoint) + authUrl.searchParams.set('response_type', 'code') + authUrl.searchParams.set('redirect_uri', sanitizedRedirect) + authUrl.searchParams.set('scope', 'openid offline_access webid') + authUrl.searchParams.set('client_id', clientId) + authUrl.searchParams.set('code_challenge_method', 'S256') + authUrl.searchParams.set('code_challenge', pkce.challenge) + authUrl.searchParams.set('state', csrfToken) + authUrl.searchParams.set('prompt', 'consent') + + // Redirect to IDP + window.location.href = authUrl.toString() + } + + /** + * Handle redirect from identity provider after login + */ + async handleRedirectFromLogin() { + const url = new URL(window.location.href) + const code = url.searchParams.get('code') + + // No code = not a redirect, nothing to do + if (!code) return + + // RFC 9207: Verify issuer + const idp = sessionStorage.getItem('solid_oidc_idp') + const iss = url.searchParams.get('iss') + if (!idp || iss !== idp) { + throw new Error(`Issuer mismatch: ${iss} !== ${idp}`) + } + + // RFC 6749: Verify CSRF token + const csrf = sessionStorage.getItem('solid_oidc_csrf') + if (url.searchParams.get('state') !== csrf) { + throw new Error('CSRF token mismatch') + } + + // Clean URL + url.searchParams.delete('code') + url.searchParams.delete('iss') + url.searchParams.delete('state') + window.history.replaceState({}, document.title, url.toString()) + + // Get stored values + const pkceVerifier = sessionStorage.getItem('solid_oidc_pkce_verifier') + const tokenEndpoint = sessionStorage.getItem('solid_oidc_token_endpoint') + const jwksUri = sessionStorage.getItem('solid_oidc_jwks_uri') + const clientId = this.clientId || sessionStorage.getItem('solid_oidc_client_id') + + if (!pkceVerifier || !tokenEndpoint || !clientId) { + throw new Error('Missing session data') + } + + // Generate DPoP key pair + const keyPair = await generate_key_pair_generateKeyPair('ES256') + + // Exchange code for tokens + const tokens = await requestTokens(tokenEndpoint, { + grant_type: 'authorization_code', + code, + code_verifier: pkceVerifier, + redirect_uri: url.origin + url.pathname, + client_id: clientId + }, keyPair) + + // Validate access token + await validateAccessToken(tokens.access_token, jwksUri, idp, clientId, keyPair) + + // Store IDP details + this._idpDetails = { idp, jwksUri, tokenEndpoint } + + // Persist for refresh + await this.database.init() + await Promise.all([ + this.database.setItem('idp', idp), + this.database.setItem('jwks_uri', jwksUri), + this.database.setItem('token_endpoint', tokenEndpoint), + this.database.setItem('client_id', clientId), + this.database.setItem('dpop_keypair', keyPair), + this.database.setItem('refresh_token', tokens.refresh_token) + ]) + this.database.close() + + // Clean session storage + sessionStorage.removeItem('solid_oidc_idp') + sessionStorage.removeItem('solid_oidc_token_endpoint') + sessionStorage.removeItem('solid_oidc_jwks_uri') + sessionStorage.removeItem('solid_oidc_client_id') + sessionStorage.removeItem('solid_oidc_pkce_verifier') + sessionStorage.removeItem('solid_oidc_csrf') + + // Update session state + await this._setTokens({ ...tokens, dpop_key_pair: keyPair }) + this._dispatchStateChange() + } + + /** + * Restore session using stored refresh token + */ + async restore() { + if (this._refreshPromise) return this._refreshPromise + + this._refreshPromise = (async () => { + try { + const tokens = await refreshTokens(this.database) + await this._setTokens(tokens) + this._dispatchStateChange() + } catch (error) { + if (this._isActive) { + if (!this.isExpired()) { + this._dispatchExpirationWarning() + } else { + this._dispatchExpiration() + } + } + throw error + } finally { + this._refreshPromise = null + } + })() + + return this._refreshPromise + } + + /** + * Log out and clear all session data + */ + async logout() { + this._isActive = false + this._webId = null + this._exp = null + this._ath = null + this._tokens = null + this._idpDetails = null + + await this.database.init() + await this.database.clear() + this.database.close() + + this._dispatchStateChange() + } + + /** + * Make authenticated fetch request with DPoP + */ + async authFetch(input, init = {}) { + // No session = regular fetch + if (!this._isActive) { + return fetch(input, init) + } + + // Refresh if expired + if (this.isExpired()) { + await this.restore() + } + + // Parse request + let url, method, headers + if (input instanceof Request) { + url = new URL(input.url) + method = init.method || input.method || 'GET' + headers = new Headers(input.headers) + } else { + url = new URL(input.toString()) + method = init.method || 'GET' + headers = init.headers ? new Headers(init.headers) : new Headers() + } + + // Create DPoP proof + const dpop = await createDPoPToken( + this._tokens.dpop_key_pair, + `${url.origin}${url.pathname}`, + method.toUpperCase(), + this._ath + ) + + // Set auth headers + headers.set('DPoP', dpop) + headers.set('Authorization', `DPoP ${this._tokens.access_token}`) + + // Make request + if (input instanceof Request) { + return fetch(new Request(input, { ...init, headers })) + } + return fetch(url, { ...init, headers }) + } + + // ========================================================================== + // Internal Methods + // ========================================================================== + + async _setTokens(tokens) { + this._tokens = tokens + + const decoded = decodeJwt(tokens.access_token) + if (!decoded.webid) throw new Error('Missing webid claim') + if (!decoded.exp) throw new Error('Missing exp claim') + + this._ath = await computeAth(tokens.access_token) + this._webId = decoded.webid + this._exp = decoded.exp + this._isActive = true + } + + _dispatchStateChange() { + this.dispatchEvent(new CustomEvent(SessionEvents.STATE_CHANGE, { + detail: { isActive: this._isActive, webId: this._webId } + })) + } + + _dispatchExpirationWarning() { + this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION_WARNING, { + detail: { expires_in: this.getExpiresIn() } + })) + } + + _dispatchExpiration() { + this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION)) + } +} + +// ============================================================================ +// Default Export +// ============================================================================ + +/* harmony default export */ const solid_oidc = ((/* unused pure expression or super */ null && (solid_oidc_Session))); + +;// ./src/authSession/solidOidcAdapter.ts +/** + * Adapter to make solid-oidc compatible with @inrupt/solid-client-authn-browser API + * + * This provides a drop-in replacement for the Inrupt Session class using the minimal + * solid-oidc library from JavaScriptSolidServer. + * + * @see https://github.com/JavaScriptSolidServer/solid-oidc + */ + +/** + * Event names compatible with @inrupt/solid-client-authn-browser + */ +const EVENTS = { + SESSION_RESTORED: 'sessionRestore', + LOGIN: 'login', + LOGOUT: 'logout', + SESSION_EXPIRED: 'sessionExpired', + ERROR: 'error' +}; +/** + * Simple event emitter for compatibility with Inrupt's session.events API + */ +class EventEmitter { + constructor() { + this.listeners = new Map(); + } + on(event, callback) { + if (!this.listeners.has(event)) { + this.listeners.set(event, new Set()); + } + this.listeners.get(event).add(callback); + } + off(event, callback) { + var _a; + (_a = this.listeners.get(event)) === null || _a === void 0 ? void 0 : _a.delete(callback); + } + emit(event, ...args) { + var _a; + (_a = this.listeners.get(event)) === null || _a === void 0 ? void 0 : _a.forEach(cb => cb(...args)); + } +} +/** + * Session class that wraps solid-oidc to provide @inrupt/solid-client-authn-browser compatible API + */ +class Session { + constructor(options) { + this._session = new solid_oidc_Session({ + clientId: options === null || options === void 0 ? void 0 : options.clientId, + database: new SessionDatabase(), + onStateChange: (event) => { + const detail = event.detail; + if (detail === null || detail === void 0 ? void 0 : detail.isActive) { + this._events.emit(EVENTS.LOGIN); + this._events.emit(EVENTS.SESSION_RESTORED, window.location.href); + } + else { + this._events.emit(EVENTS.LOGOUT); + } + }, + onExpiration: () => { + this._events.emit(EVENTS.SESSION_EXPIRED); + } + }); + this._events = new EventEmitter(); + this._sessionId = crypto.randomUUID(); + } + /** + * Event emitter for session events + */ + get events() { + return this._events; + } + /** + * Session information + */ + get info() { + var _a; + return { + isLoggedIn: this._session.isActive, + webId: (_a = this._session.webId) !== null && _a !== void 0 ? _a : undefined, + sessionId: this._sessionId, + expirationDate: this._session.isActive + ? Date.now() + (this._session.getExpiresIn() * 1000) + : undefined + }; + } + /** + * Handle incoming redirect from identity provider + */ + async handleIncomingRedirect(options) { + // Handle string URL (legacy API) + const opts = typeof options === 'string' + ? { url: options } + : options !== null && options !== void 0 ? options : {}; + try { + // First handle any redirect from login + await this._session.handleRedirectFromLogin(); + // If not logged in and restorePreviousSession is true, try to restore + if (!this._session.isActive && opts.restorePreviousSession !== false) { + try { + await this._session.restore(); + } + catch { + // No session to restore, that's okay + } + } + return this.info; + } + catch (error) { + this._events.emit(EVENTS.ERROR, error); + return undefined; + } + } + /** + * Initiate login flow + */ + async login(options) { + const redirectUrl = options.redirectUrl || window.location.href; + await this._session.login(options.oidcIssuer, redirectUrl); + } + /** + * Log out and clear session + */ + async logout() { + await this._session.logout(); + } + /** + * Make authenticated fetch request + */ + async fetch(url, init) { + return this._session.authFetch(url, init); + } +} +/* harmony default export */ const solidOidcAdapter = ((/* unused pure expression or super */ null && (Session))); + +;// ./src/authSession/authSession.ts + +const authSession = new Session(); + +;// external "rdflib" +const external_rdflib_namespaceObject = __WEBPACK_EXTERNAL_MODULE_rdflib__; +// EXTERNAL MODULE: ./node_modules/solid-namespace/index.js +var solid_namespace = __webpack_require__(386); +var solid_namespace_default = /*#__PURE__*/__webpack_require__.n(solid_namespace); +;// ./src/util/ns.ts +// Namespaces we commonly use and have common prefixes for around Solid + // Delegate to this which takes RDFlib as param. + +const ns_ns = solid_namespace_default()(external_rdflib_namespaceObject); + +;// ./src/acl/aclLogic.ts + + +const ACL_LINK = (0,external_rdflib_namespaceObject.sym)('http://www.iana.org/assignments/link-relations/acl'); +function createAclLogic(store) { + const ns = ns_ns; + async function findAclDocUrl(url) { + await store.fetcher.load(url); + const docNode = store.any(url, ACL_LINK); + if (!docNode) { + throw new Error(`No ACL link discovered for ${url}`); + } + return docNode.value; + } + /** + * Simple Access Control + * + * This function sets up a simple default ACL for a resource, with + * RWC for the owner, and a specified access (default none) for the public. + * In all cases owner has read write control. + * Parameter lists modes allowed to public + * + * @param options + * @param options.public eg ['Read', 'Write'] + * + * @returns Resolves with aclDoc uri on successful write + */ + function setACLUserPublic(docURI, me, options) { + const aclDoc = store.any(store.sym(docURI), ACL_LINK); + return Promise.resolve() + .then(() => { + if (aclDoc) { + return aclDoc; + } + return fetchACLRel(docURI).catch(err => { + throw new Error(`Error fetching rel=ACL header for ${docURI}: ${err}`); + }); + }) + .then(aclDoc => { + const aclText = genACLText(docURI, me, aclDoc.uri, options); + if (!store.fetcher) { + throw new Error('Cannot PUT this, store has no fetcher'); + } + return store.fetcher + .webOperation('PUT', aclDoc.uri, { + data: aclText, + contentType: 'text/turtle' + }) + .then(result => { + if (!result.ok) { + throw new Error('Error writing ACL text: ' + result.error); + } + return aclDoc; + }); + }); + } + /** + * @param docURI + * @returns + */ + function fetchACLRel(docURI) { + const fetcher = store.fetcher; + if (!fetcher) { + throw new Error('Cannot fetch ACL rel, store has no fetcher'); + } + return fetcher.load(docURI).then(result => { + if (!result.ok) { + throw new Error('fetchACLRel: While loading:' + result.error); + } + const aclDoc = store.any(store.sym(docURI), ACL_LINK); + if (!aclDoc) { + throw new Error('fetchACLRel: No Link rel=ACL header for ' + docURI); + } + return aclDoc; + }); + } + /** + * @param docURI + * @param me + * @param aclURI + * @param options + * + * @returns Serialized ACL + */ + function genACLText(docURI, me, aclURI, options = {}) { + const optPublic = options.public || []; + const g = (0,external_rdflib_namespaceObject.graph)(); + const auth = (0,external_rdflib_namespaceObject.Namespace)('http://www.w3.org/ns/auth/acl#'); + let a = g.sym(`${aclURI}#a1`); + const acl = g.sym(aclURI); + const doc = g.sym(docURI); + g.add(a, ns.rdf('type'), auth('Authorization'), acl); + g.add(a, auth('accessTo'), doc, acl); + if (options.defaultForNew) { + g.add(a, auth('default'), doc, acl); + } + g.add(a, auth('agent'), me, acl); + g.add(a, auth('mode'), auth('Read'), acl); + g.add(a, auth('mode'), auth('Write'), acl); + g.add(a, auth('mode'), auth('Control'), acl); + if (optPublic.length) { + a = g.sym(`${aclURI}#a2`); + g.add(a, ns.rdf('type'), auth('Authorization'), acl); + g.add(a, auth('accessTo'), doc, acl); + g.add(a, auth('agentClass'), ns.foaf('Agent'), acl); + for (let p = 0; p < optPublic.length; p++) { + g.add(a, auth('mode'), auth(optPublic[p]), acl); // Like 'Read' etc + } + } + return (0,external_rdflib_namespaceObject.serialize)(acl, g, aclURI); + } + return { + findAclDocUrl, + setACLUserPublic, + genACLText + }; +} + +;// ./src/authn/authUtil.ts + + +/** + * find a user or app's context as set in window.SolidAppContext + * this is a const, not a function, because we have problems to jest mock it otherwise + * see: https://github.com/facebook/jest/issues/936#issuecomment-545080082 for more + * @return {any} - an appContext object + */ +const appContext = () => { + let { SolidAppContext } = window; + SolidAppContext || (SolidAppContext = {}); + SolidAppContext.viewingNoAuthPage = false; + if (SolidAppContext.noAuth && window.document) { + const currentPage = window.document.location.href; + if (currentPage.startsWith(SolidAppContext.noAuth)) { + SolidAppContext.viewingNoAuthPage = true; + const params = new URLSearchParams(window.document.location.search); + if (params) { + let viewedPage = SolidAppContext.viewedPage = params.get('uri') || null; + if (viewedPage) { + viewedPage = decodeURI(viewedPage); + if (!viewedPage.startsWith(SolidAppContext.noAuth)) { + const ary = viewedPage.split(/\//); + SolidAppContext.idp = ary[0] + '//' + ary[2]; + SolidAppContext.viewingNoAuthPage = false; + } + } + } + } + } + return SolidAppContext; +}; +/** + * Returns `sym($SolidTestEnvironment.username)` if + * `$SolidTestEnvironment.username` is defined as a global + * or + * returns testID defined in the HTML page + * @returns {NamedNode|null} + */ +function offlineTestID() { + const { $SolidTestEnvironment } = window; + if (typeof $SolidTestEnvironment !== 'undefined' && + $SolidTestEnvironment.username) { + // Test setup + log('Assuming the user is ' + $SolidTestEnvironment.username); + return (0,external_rdflib_namespaceObject.sym)($SolidTestEnvironment.username); + } + // hack that makes SolidOS work in offline mode by adding the webId directly in html + // example usage: https://github.com/solidos/mashlib/blob/29b8b53c46bf02e0e219f0bacd51b0e9951001dd/test/contact/local.html#L37 + if (typeof document !== 'undefined' && + document.location && + ('' + document.location).slice(0, 16) === 'http://localhost') { + const div = document.getElementById('appTarget'); + if (!div) + return null; + const id = div.getAttribute('testID'); + if (!id) + return null; + log('Assuming user is ' + id); + return (0,external_rdflib_namespaceObject.sym)(id); + } + return null; +} + +;// ./src/authn/SolidAuthnLogic.ts + + + + +class SolidAuthnLogic { + constructor(solidAuthSession) { + this.session = solidAuthSession; + } + // we created authSession getter because we want to access it as authn.authSession externally + get authSession() { return this.session; } + currentUser() { + const app = appContext(); + if (app.viewingNoAuthPage) { + return (0,external_rdflib_namespaceObject.sym)(app.webId); + } + if (this && this.session && this.session.info && this.session.info.webId && this.session.info.isLoggedIn) { + return (0,external_rdflib_namespaceObject.sym)(this.session.info.webId); + } + return offlineTestID(); // null unless testing + } + /** + * Retrieves currently logged in webId from either + * defaultTestUser or SolidAuth + * Also activates a session after login + * @param [setUserCallback] Optional callback + * @returns Resolves with webId uri, if no callback provided + */ + async checkUser(setUserCallback) { + // Save hash for "restorePreviousSession" + const preLoginRedirectHash = new URL(window.location.href).hash; + if (preLoginRedirectHash) { + window.localStorage.setItem('preLoginRedirectHash', preLoginRedirectHash); + } + this.session.events.on(EVENTS.SESSION_RESTORED, (url) => { + log(`Session restored to ${url}`); + if (document.location.toString() !== url) + history.replaceState(null, '', url); + }); + /** + * Handle a successful authentication redirect + */ + const redirectUrl = new URL(window.location.href); + redirectUrl.hash = ''; + await this.session + .handleIncomingRedirect({ + restorePreviousSession: true, + url: redirectUrl.href + }); + // Check to see if a hash was stored in local storage + const postLoginRedirectHash = window.localStorage.getItem('preLoginRedirectHash'); + if (postLoginRedirectHash) { + const curUrl = new URL(window.location.href); + if (curUrl.hash !== postLoginRedirectHash) { + if (history.pushState) { + // debug.log('Setting window.location.has using pushState') + history.pushState(null, document.title, postLoginRedirectHash); + } + else { + // debug.warn('Setting window.location.has using location.hash') + location.hash = postLoginRedirectHash; + } + curUrl.hash = postLoginRedirectHash; + } + // See https://stackoverflow.com/questions/3870057/how-can-i-update-window-location-hash-without-jumping-the-document + // window.location.href = curUrl.toString()// @@ See https://developer.mozilla.org/en-US/docs/Web/API/Window/location + window.localStorage.setItem('preLoginRedirectHash', ''); + } + // Check to see if already logged in / have the WebID + let me = offlineTestID(); + if (me) { + return Promise.resolve(setUserCallback ? setUserCallback(me) : me); + } + const webId = this.webIdFromSession(this.session.info); + if (webId) { + me = this.saveUser(webId); + } + if (me) { + log(`(Logged in as ${me} by authentication)`); + } + return Promise.resolve(setUserCallback ? setUserCallback(me) : me); + } + /** + * Saves `webId` in `context.me` + * @param webId + * @param context + * + * @returns Returns the WebID, after setting it + */ + saveUser(webId, context) { + let webIdUri; + if (webId) { + webIdUri = (typeof webId === 'string') ? webId : webId.uri; + const me = (0,external_rdflib_namespaceObject.namedNode)(webIdUri); + if (context) { + context.me = me; + } + return me; + } + return null; + } + /** + * @returns {Promise} Resolves with WebID URI or null + */ + webIdFromSession(session) { + const webId = (session === null || session === void 0 ? void 0 : session.webId) && session.isLoggedIn ? session.webId : null; + return webId; + } +} + +;// ./src/util/utils.ts + +function newThing(doc) { + return (0,external_rdflib_namespaceObject.sym)(doc.uri + '#' + 'id' + ('' + Date.now())); +} +function uniqueNodes(arr) { + const uris = arr.map(x => x.uri); + const set = new Set(uris); + const uris2 = Array.from(set); + const arr2 = uris2.map(u => new NamedNode(u)); + return arr2; // Array.from(new Set(arr.map(x => x.uri))).map(u => sym(u)) +} +function getArchiveUrl(baseUrl, date) { + const year = date.getUTCFullYear(); + const month = ('0' + (date.getUTCMonth() + 1)).slice(-2); + const day = ('0' + (date.getUTCDate())).slice(-2); + const parts = baseUrl.split('/'); + const filename = parts[parts.length - 1]; + return new URL(`./archive/${year}/${month}/${day}/${filename}`, baseUrl).toString(); +} +function differentOrigin(doc) { + if (!doc) { + return true; + } + return (`${window.location.origin}/` !== new URL(doc.value).origin); +} +function suggestPreferencesFile(me) { + const stripped = me.uri.replace('/profile/', '/').replace('/public/', '/'); + // const stripped = me.uri.replace(\/[p|P]rofile/\g, '/').replace(\/[p|P]ublic/\g, '/') + const folderURI = stripped.split('/').slice(0, -1).join('/') + '/Settings/'; + const fileURI = folderURI + 'Preferences.ttl'; + return (0,external_rdflib_namespaceObject.sym)(fileURI); +} +function determineChatContainer(invitee, podRoot) { + // Create chat + // See https://gitter.im/solid/chat-app?at=5f3c800f855be416a23ae74a + const chatContainerStr = new URL(`IndividualChats/${new URL(invitee.value).host}/`, podRoot.value).toString(); + return new external_rdflib_namespaceObject.NamedNode(chatContainerStr); +} + +;// ./src/chat/chatLogic.ts + + + +const CHAT_LOCATION_IN_CONTAINER = 'index.ttl#this'; +function createChatLogic(store, profileLogic) { + const ns = ns_ns; + async function setAcl(chatContainer, me, invitee) { + // Some servers don't present a Link http response header + // if the container doesn't exist yet, so refetch the container + // now that it has been created: + await store.fetcher.load(chatContainer); + // FIXME: check the Why value on this quad: + const chatAclDoc = store.any(chatContainer, new external_rdflib_namespaceObject.NamedNode('http://www.iana.org/assignments/link-relations/acl')); + if (!chatAclDoc) { + throw new Error('Chat ACL doc not found!'); + } + const aclBody = ` + @prefix acl: . + <#owner> + a acl:Authorization; + acl:agent <${me.value}>; + acl:accessTo <.>; + acl:default <.>; + acl:mode + acl:Read, acl:Write, acl:Control. + <#invitee> + a acl:Authorization; + acl:agent <${invitee.value}>; + acl:accessTo <.>; + acl:default <.>; + acl:mode + acl:Read, acl:Append. + `; + await store.fetcher.webOperation('PUT', chatAclDoc.value, { + data: aclBody, + contentType: 'text/turtle', + }); + } + async function addToPrivateTypeIndex(chatThing, me) { + // Add to private type index + const privateTypeIndex = store.any(me, ns.solid('privateTypeIndex')); + if (!privateTypeIndex) { + throw new Error('Private type index not found!'); + } + await store.fetcher.load(privateTypeIndex); + const reg = newThing(privateTypeIndex); + const ins = [ + (0,external_rdflib_namespaceObject.st)(reg, ns.rdf('type'), ns.solid('TypeRegistration'), privateTypeIndex.doc()), + (0,external_rdflib_namespaceObject.st)(reg, ns.solid('forClass'), ns.meeting('LongChat'), privateTypeIndex.doc()), + (0,external_rdflib_namespaceObject.st)(reg, ns.solid('instance'), chatThing, privateTypeIndex.doc()), + ]; + await new Promise((resolve, reject) => { + store.updater.update([], ins, function (_uri, ok, errm) { + if (!ok) { + reject(new Error(errm)); + } + else { + resolve(null); + } + }); + }); + } + async function findChat(invitee) { + const me = await profileLogic.loadMe(); + const podRoot = await profileLogic.getPodRoot(me); + const chatContainer = determineChatContainer(invitee, podRoot); + let exists = true; + try { + await store.fetcher.load(new external_rdflib_namespaceObject.NamedNode(chatContainer.value + 'index.ttl#this')); + } + catch (e) { + exists = false; + } + return { me, chatContainer, exists }; + } + async function createChatThing(chatContainer, me) { + const created = await mintNew({ + me, + newBase: chatContainer.value, + }); + return created.newInstance; + } + function mintNew(newPaneOptions) { + const kb = store; + const updater = kb.updater; + if (newPaneOptions.me && !newPaneOptions.me.uri) { + throw new Error('chat mintNew: Invalid userid ' + newPaneOptions.me); + } + const newInstance = (newPaneOptions.newInstance = + newPaneOptions.newInstance || + kb.sym(newPaneOptions.newBase + CHAT_LOCATION_IN_CONTAINER)); + const newChatDoc = newInstance.doc(); + kb.add(newInstance, ns.rdf('type'), ns.meeting('LongChat'), newChatDoc); + kb.add(newInstance, ns.dc('title'), 'Chat channel', newChatDoc); + kb.add(newInstance, ns.dc('created'), (0,external_rdflib_namespaceObject.term)(new Date(Date.now())), newChatDoc); + if (newPaneOptions.me) { + kb.add(newInstance, ns.dc('author'), newPaneOptions.me, newChatDoc); + } + return new Promise(function (resolve, reject) { + updater === null || updater === void 0 ? void 0 : updater.put(newChatDoc, kb.statementsMatching(undefined, undefined, undefined, newChatDoc), 'text/turtle', function (uri2, ok, message) { + if (ok) { + resolve({ + ...newPaneOptions, + newInstance, + }); + } + else { + reject(new Error('FAILED to save new chat channel at: ' + uri2 + ' : ' + message)); + } + }); + }); + } + /** + * Find (and optionally create) an individual chat between the current user and the given invitee + * @param invitee - The person to chat with + * @param createIfMissing - Whether the chat should be created, if missing + * @returns null if missing, or a node referring to an already existing chat, or the newly created chat + */ + async function getChat(invitee, createIfMissing = true) { + const { me, chatContainer, exists } = await findChat(invitee); + if (exists) { + return new external_rdflib_namespaceObject.NamedNode(chatContainer.value + CHAT_LOCATION_IN_CONTAINER); + } + if (createIfMissing) { + const chatThing = await createChatThing(chatContainer, me); + await sendInvite(invitee, chatThing); + await setAcl(chatContainer, me, invitee); + await addToPrivateTypeIndex(chatThing, me); + return chatThing; + } + return null; + } + async function sendInvite(invitee, chatThing) { + var _a; + await store.fetcher.load(invitee.doc()); + const inviteeInbox = store.any(invitee, ns.ldp('inbox'), undefined, invitee.doc()); + if (!inviteeInbox) { + throw new Error(`Invitee inbox not found! ${invitee.value}`); + } + const inviteBody = ` + <> a ; + ${ns.rdf('seeAlso')} <${chatThing.value}> . + `; + const inviteResponse = await ((_a = store.fetcher) === null || _a === void 0 ? void 0 : _a.webOperation('POST', inviteeInbox.value, { + data: inviteBody, + contentType: 'text/turtle', + })); + const locationStr = inviteResponse === null || inviteResponse === void 0 ? void 0 : inviteResponse.headers.get('location'); + if (!locationStr) { + throw new Error(`Invite sending returned a ${inviteResponse === null || inviteResponse === void 0 ? void 0 : inviteResponse.status}`); + } + } + return { + setAcl, addToPrivateTypeIndex, findChat, createChatThing, getChat, sendInvite, mintNew + }; +} + +;// ./src/inbox/inboxLogic.ts + +function createInboxLogic(store, profileLogic, utilityLogic, containerLogic, aclLogic) { + async function createInboxFor(peerWebId, nick) { + const myWebId = await profileLogic.loadMe(); + const podRoot = await profileLogic.getPodRoot(myWebId); + const ourInbox = `${podRoot.value}p2p-inboxes/${encodeURIComponent(nick)}/`; + await containerLogic.createContainer(ourInbox); + // const aclDocUrl = await aclLogic.findAclDocUrl(ourInbox); + await utilityLogic.setSinglePeerAccess({ + ownerWebId: myWebId.value, + peerWebId, + accessToModes: 'acl:Append', + target: ourInbox + }); + return ourInbox; + } + async function getNewMessages(user) { + if (!user) { + user = await profileLogic.loadMe(); + } + const inbox = await profileLogic.getMainInbox(user); + const urls = await containerLogic.getContainerMembers(inbox); + return urls.filter(url => !containerLogic.isContainer(url)); + } + async function markAsRead(url, date) { + const downloaded = await store.fetcher._fetch(url); + if (downloaded.status !== 200) { + throw new Error(`Not OK! ${url}`); + } + const archiveUrl = getArchiveUrl(url, date); + const options = { + method: 'PUT', + body: await downloaded.text(), + headers: [ + ['Content-Type', downloaded.headers.get('Content-Type') || 'application/octet-stream'] + ] + }; + const uploaded = await store.fetcher._fetch(archiveUrl, options); + if (uploaded.status.toString()[0] === '2') { + await store.fetcher._fetch(url, { + method: 'DELETE' + }); + } + } + return { + createInboxFor, + getNewMessages, + markAsRead + }; +} + +;// ./src/logic/CustomError.ts +class CustomError extends Error { + constructor(message) { + super(message); + // see: typescriptlang.org/docs/handbook/release-notes/typescript-2-2.html + Object.setPrototypeOf(this, new.target.prototype); // restore prototype chain + this.name = new.target.name; // stack traces display correctly now + } +} +class UnauthorizedError extends CustomError { +} +class CrossOriginForbiddenError extends CustomError { +} +class SameOriginForbiddenError extends CustomError { +} +class NotFoundError extends CustomError { +} +class NotEditableError extends CustomError { +} +class WebOperationError extends CustomError { +} +class FetchError extends CustomError { + constructor(status, message) { + super(message); + this.status = status; + } +} + +;// ./src/profile/profileLogic.ts + + + + +function createProfileLogic(store, authn, utilityLogic) { + const ns = ns_ns; + /** + * loads the preference without throwing errors - if it can create it it does so. + * remark: it still throws error if it cannot load profile. + * @param user + * @returns undefined if preferenceFile cannot be returned or NamedNode if it can find it or create it + */ + async function silencedLoadPreferences(user) { + try { + return await loadPreferences(user); + } + catch (err) { + return undefined; + } + } + /** + * loads the preference without returning different errors if it cannot create or load it. + * remark: it also throws error if it cannot load profile. + * @param user + * @returns undefined if preferenceFile cannot be an Error or NamedNode if it can find it or create it + */ + async function loadPreferences(user) { + await loadProfile(user); + const possiblePreferencesFile = suggestPreferencesFile(user); + let preferencesFile; + try { + preferencesFile = await utilityLogic.followOrCreateLink(user, ns.space('preferencesFile'), possiblePreferencesFile, user.doc()); + } + catch (err) { + const message = `User ${user} has no pointer in profile to preferences file.`; + warn(message); + // we are listing the possible errors + if (err instanceof NotEditableError) { + throw err; + } + if (err instanceof WebOperationError) { + throw err; + } + if (err instanceof UnauthorizedError) { + throw err; + } + if (err instanceof CrossOriginForbiddenError) { + throw err; + } + if (err instanceof SameOriginForbiddenError) { + throw err; + } + if (err instanceof FetchError) { + throw err; + } + throw err; + } + try { + await store.fetcher.load(preferencesFile); + } + catch (err) { // Maybe a permission problem or origin problem + const msg = `Unable to load preference of user ${user}: ${err}`; + warn(msg); + if (err.response.status === 401) { + throw new UnauthorizedError(); + } + if (err.response.status === 403) { + if (differentOrigin(preferencesFile)) { + throw new CrossOriginForbiddenError(); + } + throw new SameOriginForbiddenError(); + } + /*if (err.response.status === 404) { + throw new NotFoundError(); + }*/ + throw new Error(msg); + } + return preferencesFile; + } + async function loadProfile(user) { + if (!user) { + throw new Error('loadProfile: no user given.'); + } + try { + await store.fetcher.load(user.doc()); + } + catch (err) { + throw new Error(`Unable to load profile of user ${user}: ${err}`); + } + return user.doc(); + } + async function loadMe() { + const me = authn.currentUser(); + if (me === null) { + throw new Error('Current user not found! Not logged in?'); + } + await store.fetcher.load(me.doc()); + return me; + } + function getPodRoot(user) { + const podRoot = findStorage(user); + if (!podRoot) { + throw new Error('User pod root not found!'); + } + return podRoot; + } + async function getMainInbox(user) { + await store.fetcher.load(user); + const mainInbox = store.any(user, ns.ldp('inbox'), undefined, user.doc()); + if (!mainInbox) { + throw new Error('User main inbox not found!'); + } + return mainInbox; + } + function findStorage(me) { + return store.any(me, ns.space('storage'), undefined, me.doc()); + } + return { + loadMe, + getPodRoot, + getMainInbox, + findStorage, + loadPreferences, + loadProfile, + silencedLoadPreferences + }; +} + +;// ./src/typeIndex/typeIndexLogic.ts + + + + +function createTypeIndexLogic(store, authn, profileLogic, utilityLogic) { + const ns = ns_ns; + function getRegistrations(instance, theClass) { + return store + .each(undefined, ns.solid('instance'), instance) + .filter((r) => { + return store.holds(r, ns.solid('forClass'), theClass); + }); + } + async function loadTypeIndexesFor(user) { + if (!user) + throw new Error('loadTypeIndexesFor: No user given'); + const profile = await profileLogic.loadProfile(user); + const suggestion = suggestPublicTypeIndex(user); + let publicTypeIndex; + try { + publicTypeIndex = await utilityLogic.followOrCreateLink(user, ns.solid('publicTypeIndex'), suggestion, profile); + } + catch (err) { + const message = `User ${user} has no pointer in profile to publicTypeIndex file.`; + warn(message); + } + const publicScopes = publicTypeIndex ? [{ label: 'public', index: publicTypeIndex, agent: user }] : []; + let preferencesFile; + try { + preferencesFile = await profileLogic.silencedLoadPreferences(user); + } + catch (err) { + preferencesFile = null; + } + let privateScopes; + if (preferencesFile) { // watch out - can be in either as spec was not clear. Legacy is profile. + // If there is a legacy one linked from the profile, use that. + // Otherwiae use or make one linked from Preferences + const suggestedPrivateTypeIndex = suggestPrivateTypeIndex(preferencesFile); + let privateTypeIndex; + try { + privateTypeIndex = store.any(user, ns.solid('privateTypeIndex'), undefined, profile) || + await utilityLogic.followOrCreateLink(user, ns.solid('privateTypeIndex'), suggestedPrivateTypeIndex, preferencesFile); + } + catch (err) { + const message = `User ${user} has no pointer in preference file to privateTypeIndex file.`; + warn(message); + } + privateScopes = privateTypeIndex ? [{ label: 'private', index: privateTypeIndex, agent: user }] : []; + } + else { + privateScopes = []; + } + const scopes = publicScopes.concat(privateScopes); + if (scopes.length === 0) + return scopes; + const files = scopes.map(scope => scope.index); + try { + await store.fetcher.load(files); + } + catch (err) { + warn('Problems loading type index: ', err); + } + return scopes; + } + async function loadCommunityTypeIndexes(user) { + let preferencesFile; + try { + preferencesFile = await profileLogic.silencedLoadPreferences(user); + } + catch (err) { + const message = `User ${user} has no pointer in profile to preferences file.`; + warn(message); + } + if (preferencesFile) { // For now, pick up communities as simple links from the preferences file. + const communities = store.each(user, ns.solid('community'), undefined, preferencesFile).concat(store.each(user, ns.solid('community'), undefined, user.doc())); + let result = []; + for (const org of communities) { + result = result.concat(await loadTypeIndexesFor(org)); + } + return result; + } + return []; // No communities + } + async function loadAllTypeIndexes(user) { + return (await loadTypeIndexesFor(user)).concat((await loadCommunityTypeIndexes(user)).flat()); + } + async function getScopedAppInstances(klass, user) { + const scopes = await loadAllTypeIndexes(user); + let scopedApps = []; + for (const scope of scopes) { + const scopedApps0 = await getScopedAppsFromIndex(scope, klass); + scopedApps = scopedApps.concat(scopedApps0); + } + return scopedApps; + } + // This is the function signature which used to be in solid-ui/logic + // Recommended to use getScopedAppInstances instead as it provides more information. + // + async function getAppInstances(klass) { + const user = authn.currentUser(); + if (!user) + throw new Error('getAppInstances: Must be logged in to find apps.'); + const scopedAppInstances = await getScopedAppInstances(klass, user); + return scopedAppInstances.map(scoped => scoped.instance); + } + function suggestPublicTypeIndex(me) { + var _a; + return (0,external_rdflib_namespaceObject.sym)(((_a = me.doc().dir()) === null || _a === void 0 ? void 0 : _a.uri) + 'publicTypeIndex.ttl'); + } + // Note this one is based off the pref file not the profile + function suggestPrivateTypeIndex(preferencesFile) { + var _a; + return (0,external_rdflib_namespaceObject.sym)(((_a = preferencesFile.doc().dir()) === null || _a === void 0 ? void 0 : _a.uri) + 'privateTypeIndex.ttl'); + } + /* + * Register a new app in a type index + * used in chat in bookmark.js (solid-ui) + * Returns the registration object if successful else null + */ + async function registerInTypeIndex(instance, index, theClass) { + const registration = newThing(index); + const ins = [ + // See https://github.com/solid/solid/blob/main/proposals/data-discovery.md + (0,external_rdflib_namespaceObject.st)(registration, ns.rdf('type'), ns.solid('TypeRegistration'), index), + (0,external_rdflib_namespaceObject.st)(registration, ns.solid('forClass'), theClass, index), + (0,external_rdflib_namespaceObject.st)(registration, ns.solid('instance'), instance, index) + ]; + try { + await store.updater.update([], ins); + } + catch (err) { + const msg = `Unable to register ${instance} in index ${index}: ${err}`; + console.warn(msg); + return null; + } + return registration; + } + async function deleteTypeIndexRegistration(item) { + const reg = store.the(null, ns.solid('instance'), item.instance, item.scope.index); + if (!reg) + throw new Error(`deleteTypeIndexRegistration: No registration found for ${item.instance}`); + const statements = store.statementsMatching(reg, null, null, item.scope.index); + await store.updater.update(statements, []); + } + async function getScopedAppsFromIndex(scope, theClass) { + const index = scope.index; + const results = []; + const registrations = store.statementsMatching(null, ns.solid('instance'), null, index) + .concat(store.statementsMatching(null, ns.solid('instanceContainer'), null, index)) + .map(st => st.subject); + for (const reg of registrations) { + const klass = store.any(reg, ns.solid('forClass'), null, index); + if (!theClass || klass.sameTerm(theClass)) { + const instances = store.each(reg, ns.solid('instance'), null, index); + for (const instance of instances) { + results.push({ instance, type: klass, scope }); + } + const containers = store.each(reg, ns.solid('instanceContainer'), null, index); + for (const instance of containers) { + await store.fetcher.load(instance); + results.push({ instance: (0,external_rdflib_namespaceObject.sym)(instance.value), type: klass, scope }); + } + } + } + return results; + } + return { + registerInTypeIndex, + getRegistrations, + loadTypeIndexesFor, + loadCommunityTypeIndexes, + loadAllTypeIndexes, + getScopedAppInstances, + getAppInstances, + suggestPublicTypeIndex, + suggestPrivateTypeIndex, + deleteTypeIndexRegistration, + getScopedAppsFromIndex + }; +} + +;// ./src/util/containerLogic.ts + +/** + * Container-related class + */ +function createContainerLogic(store) { + function getContainerElements(containerNode) { + return store + .statementsMatching(containerNode, (0,external_rdflib_namespaceObject.sym)('http://www.w3.org/ns/ldp#contains'), undefined) + .map((st) => st.object); + } + function isContainer(url) { + const nodeToString = url.value; + return nodeToString.charAt(nodeToString.length - 1) === '/'; + } + async function createContainer(url) { + const stringToNode = (0,external_rdflib_namespaceObject.sym)(url); + if (!isContainer(stringToNode)) { + throw new Error(`Not a container URL ${url}`); + } + // Copied from https://github.com/solidos/solid-crud-tests/blob/v3.1.0/test/surface/create-container.test.ts#L56-L64 + const result = await store.fetcher._fetch(url, { + method: 'PUT', + headers: { + 'Content-Type': 'text/turtle', + 'If-None-Match': '*', + Link: '; rel="type"', // See https://github.com/solidos/node-solid-server/issues/1465 + }, + body: ' ', // work around https://github.com/michielbdejong/community-server/issues/4#issuecomment-776222863 + }); + if (result.status.toString()[0] !== '2') { + throw new Error(`Not OK: got ${result.status} response while creating container at ${url}`); + } + } + async function getContainerMembers(containerUrl) { + await store.fetcher.load(containerUrl); + return getContainerElements(containerUrl); + } + return { + isContainer, + createContainer, + getContainerElements, + getContainerMembers + }; +} + +;// ./src/util/utilityLogic.ts + + + + +function createUtilityLogic(store, aclLogic, containerLogic) { + async function recursiveDelete(containerNode) { + try { + if (containerLogic.isContainer(containerNode)) { + const aclDocUrl = await aclLogic.findAclDocUrl(containerNode); + await store.fetcher._fetch(aclDocUrl, { method: 'DELETE' }); + const containerMembers = await containerLogic.getContainerMembers(containerNode); + await Promise.all(containerMembers.map((url) => recursiveDelete(url))); + } + const nodeToStringHere = containerNode.value; + return store.fetcher._fetch(nodeToStringHere, { method: 'DELETE' }); + } + catch (e) { + log(`Please manually remove ${containerNode.value} from your system.`, e); + } + } + /** + * Create a resource if it really does not exist + * Be absolutely sure something does not exist before creating a new empty file + * as otherwise existing could be deleted. + * @param doc {NamedNode} - The resource + */ + async function loadOrCreateIfNotExists(doc) { + let response; + try { + response = await store.fetcher.load(doc); + } + catch (err) { + if (err.response.status === 404) { + try { + await store.fetcher.webOperation('PUT', doc, { data: '', contentType: 'text/turtle' }); + } + catch (err) { + const msg = 'createIfNotExists: PUT FAILED: ' + doc + ': ' + err; + throw new WebOperationError(msg); + } + await store.fetcher.load(doc); + } + else { + if (err.response.status === 401) { + throw new UnauthorizedError(); + } + if (err.response.status === 403) { + if (differentOrigin(doc)) { + throw new CrossOriginForbiddenError(); + } + throw new SameOriginForbiddenError(); + } + const msg = 'createIfNotExists doc load error NOT 404: ' + doc + ': ' + err; + throw new FetchError(err.status, err.message + msg); + } + } + return response; + } + /* Follow link from this doc to another thing, or else make a new link + ** + ** @returns existing object, or creates it if non existent + */ + async function followOrCreateLink(subject, predicate, object, doc) { + await store.fetcher.load(doc); + const result = store.any(subject, predicate, null, doc); + if (result) + return result; + if (!store.updater.editable(doc)) { + const msg = `followOrCreateLink: cannot edit ${doc.value}`; + warn(msg); + throw new NotEditableError(msg); + } + try { + await store.updater.update([], [(0,external_rdflib_namespaceObject.st)(subject, predicate, object, doc)]); + } + catch (err) { + const msg = `followOrCreateLink: Error making link in ${doc} to ${object}: ${err}`; + warn(msg); + throw new WebOperationError(err); + } + try { + await loadOrCreateIfNotExists(object); + // store.fetcher.webOperation('PUT', object, { data: '', contentType: 'text/turtle'}) + } + catch (err) { + warn(`followOrCreateLink: Error loading or saving new linked document: ${object}: ${err}`); + throw err; + } + return object; + } + // Copied from https://github.com/solidos/web-access-control-tests/blob/v3.0.0/test/surface/delete.test.ts#L5 + async function setSinglePeerAccess(options) { + let str = [ + '@prefix acl: .', + '', + `<#alice> a acl:Authorization;\n acl:agent <${options.ownerWebId}>;`, + ` acl:accessTo <${options.target}>;`, + ` acl:default <${options.target}>;`, + ' acl:mode acl:Read, acl:Write, acl:Control.', + '' + ].join('\n'); + if (options.accessToModes) { + str += [ + '<#bobAccessTo> a acl:Authorization;', + ` acl:agent <${options.peerWebId}>;`, + ` acl:accessTo <${options.target}>;`, + ` acl:mode ${options.accessToModes}.`, + '' + ].join('\n'); + } + if (options.defaultModes) { + str += [ + '<#bobDefault> a acl:Authorization;', + ` acl:agent <${options.peerWebId}>;`, + ` acl:default <${options.target}>;`, + ` acl:mode ${options.defaultModes}.`, + '' + ].join('\n'); + } + const aclDocUrl = await aclLogic.findAclDocUrl((0,external_rdflib_namespaceObject.sym)(options.target)); + return store.fetcher._fetch(aclDocUrl, { + method: 'PUT', + body: str, + headers: [ + ['Content-Type', 'text/turtle'] + ] + }); + } + async function createEmptyRdfDoc(doc, comment) { + await store.fetcher.webOperation('PUT', doc.uri, { + data: `# ${new Date()} ${comment} + `, + contentType: 'text/turtle', + }); + } + return { + recursiveDelete, + setSinglePeerAccess, + createEmptyRdfDoc, + followOrCreateLink, + loadOrCreateIfNotExists + }; +} + +;// ./src/logic/solidLogic.ts + + + + + + + + + + +/* +** It is important to distinquish `fetch`, a function provided by the browser +** and `Fetcher`, a helper object for the rdflib Store which turns it +** into a `ConnectedStore` or a `LiveStore`. A Fetcher object is +** available at store.fetcher, and `fetch` function at `store.fetcher._fetch`, +*/ +function createSolidLogic(specialFetch, session) { + log('SolidLogic: Unique instance created. There should only be one of these.'); + const store = external_rdflib_namespaceObject.graph(); + external_rdflib_namespaceObject.fetcher(store, { fetch: specialFetch.fetch }); // Attach a web I/O module, store.fetcher + store.updater = new external_rdflib_namespaceObject.UpdateManager(store); // Add real-time live updates store.updater + store.features = []; // disable automatic node merging on store load + const authn = new SolidAuthnLogic(session); + const acl = createAclLogic(store); + const containerLogic = createContainerLogic(store); + const utilityLogic = createUtilityLogic(store, acl, containerLogic); + const profile = createProfileLogic(store, authn, utilityLogic); + const chat = createChatLogic(store, profile); + const inbox = createInboxLogic(store, profile, utilityLogic, containerLogic, acl); + const typeIndex = createTypeIndexLogic(store, authn, profile, utilityLogic); + log('SolidAuthnLogic initialized'); + function load(doc) { + return store.fetcher.load(doc); + } + // @@@@ use the one in rdflib.js when it is available and delete this + function updatePromise(del, ins = []) { + return new Promise((resolve, reject) => { + store.updater.update(del, ins, function (_uri, ok, errorBody) { + if (!ok) { + reject(new Error(errorBody)); + } + else { + resolve(); + } + }); // callback + }); // promise + } + function clearStore() { + store.statements.slice().forEach(store.remove.bind(store)); + } + return { + store, + authn, + acl, + inbox, + chat, + profile, + typeIndex, + load, + updatePromise, + clearStore + }; +} + +;// ./src/logic/solidLogicSingleton.ts + + + +const _fetch = async (url, requestInit) => { + const omitCreds = requestInit && requestInit.credentials && requestInit.credentials == 'omit'; + if (authSession.info.webId && !omitCreds) { // see https://github.com/solidos/solidos/issues/114 + // In fact fetch should respect credentials omit itself + return authSession.fetch(url, requestInit); + } + else { + return window.fetch(url, requestInit); + } +}; +// Global singleton pattern to ensure unique store across library versions +const SINGLETON_SYMBOL = Symbol.for('solid-logic-singleton'); +const globalTarget = (typeof window !== 'undefined' ? window : __webpack_require__.g); +function getOrCreateSingleton() { + if (!globalTarget[SINGLETON_SYMBOL]) { + log('SolidLogic: Creating new global singleton instance.'); + globalTarget[SINGLETON_SYMBOL] = createSolidLogic({ fetch: _fetch }, authSession); + log('Unique quadstore initialized.'); + } + else { + log('SolidLogic: Using existing global singleton instance.'); + } + return globalTarget[SINGLETON_SYMBOL]; +} +//this const makes solidLogicSingleton global accessible in mashlib +const solidLogicSingleton = getOrCreateSingleton(); + + +;// ./src/issuer/issuerLogic.ts +const DEFAULT_ISSUERS = [ + { + name: 'Solid Community', + uri: 'https://solidcommunity.net' + }, + { + name: 'Solid Web', + uri: 'https://solidweb.org' + }, + { + name: 'Solid Web ME', + uri: 'https://solidweb.me' + }, + { + name: 'Inrupt.com', + uri: 'https://login.inrupt.com' + } +]; +/** + * @returns - A list of suggested OIDC issuers + */ +function getSuggestedIssuers() { + // Suggest a default list of OIDC issuers + const issuers = [...DEFAULT_ISSUERS]; + // Suggest the current host if not already included + const { host, origin } = new URL(location.href); + const hosts = issuers.map(({ uri }) => new URL(uri).host); + if (!hosts.includes(host) && !hosts.some(existing => isSubdomainOf(host, existing))) { + issuers.unshift({ name: host, uri: origin }); + } + return issuers; +} +function isSubdomainOf(subdomain, domain) { + const dot = subdomain.length - domain.length - 1; + return dot > 0 && subdomain[dot] === '.' && subdomain.endsWith(domain); +} + +;// ./src/index.ts +// Make these variables directly accessible as it is what you need most of the time +// This also makes these variable globaly accesible in mashlib + +const authn = solidLogicSingleton.authn; +const src_authSession = solidLogicSingleton.authn.authSession; +const store = solidLogicSingleton.store; + + + + + + + +export { ACL_LINK, CrossOriginForbiddenError, FetchError, NotEditableError, NotFoundError, SameOriginForbiddenError, UnauthorizedError, WebOperationError, appContext, src_authSession as authSession, authn, createTypeIndexLogic, getSuggestedIssuers, offlineTestID, solidLogicSingleton, store }; + +//# sourceMappingURL=solid-logic.esm.js.map \ No newline at end of file diff --git a/dist/solid-logic.esm.js.map b/dist/solid-logic.esm.js.map new file mode 100644 index 0000000..cd1cf7f --- /dev/null +++ b/dist/solid-logic.esm.js.map @@ -0,0 +1 @@ +{"version":3,"file":"solid-logic.esm.js","mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA,qCAAqC;AACrC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA,oBAAoB,KAAK;AACzB;AACA,wBAAwB,mBAAmB;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;;AAEA;;;;;;;SCjFA;SACA;;SAEA;SACA;SACA;SACA;SACA;SACA;SACA;SACA;SACA;SACA;SACA;SACA;SACA;;SAEA;SACA;;SAEA;SACA;SACA;;;;;UCtBA;UACA;UACA;UACA;UACA;UACA,iCAAiC,WAAW;UAC5C;UACA,E;;;;;UCPA;UACA;UACA;UACA;UACA,yCAAyC,wCAAwC;UACjF;UACA;UACA,E;;;;;UCPA;UACA;UACA;UACA;UACA,GAAG;UACH;UACA;UACA,CAAC,I;;;;;UCPD,wF;;;;;;;ACCO,SAAS,GAAG,CAAC,GAAG,IAAW;IAChC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;AACtB,CAAC;AAEM,SAAS,IAAI,CAAC,GAAG,IAAW;IACjC,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;AACvB,CAAC;AAEM,SAAS,KAAK,CAAC,GAAG,IAAW;IAClC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;AACxB,CAAC;AAEM,SAAS,KAAK,CAAC,GAAG,IAAW;IAClC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;AACxB,CAAC;;;ACfD,gDAAe,MAAM,EAAC;AACf;;;ACDP;AACA;AACA;AACA;AACA,8BAA8B,iBAAiB,OAAO,KAAK;AAC3D;AACA;AACA,8BAA8B,UAAU,KAAK,SAAS;AACtD;AACA;AACA,0BAA0B,SAAS;AACnC;AACA;AACA,4BAA4B,OAAO;AACnC;AACA;AACA,qCAAqC,YAAY;AACjD;AACA;AACA;AACA,+CAA+C,wBAAwB;AACvE;AACA;AACA;AACA;AACA,wDAAe;AACf;AACA,CAAC,EAAC;AACK;AACP,kCAAkC,KAAK;AACvC;;;AC9B0C;AACnC;AACA;AACP,kBAAkB,uDAAO;AAClB;AACP,wCAAwC,QAAQ;AAChD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA,0DAA0D,cAAc,aAAa,MAAM;AAC3F;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACO;AACP;AACA;AACO;AACP;AACA;AACA,uBAAuB,mBAAmB;AAC1C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AClD0D;AACnD;AACP;AACA;AACA,oBAAoB,OAAO;AAC3B;AACA;AACA;AACA,oBAAoB,sBAAsB;AAC1C;AACA;AACA;AACA;AACO;AACP;AACA;AACO;AACP;AACA;AACA,oBAAoB,mBAAmB;AACvC;AACA;AACA;AACA;AACO;AACP;AACA;AACA,kBAAkB,OAAO;AACzB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;ACpC6C;AAC7C,kDAAe;AACf,QAAQ,WAAW;AACnB;AACA;AACA;AACA,CAAC,EAAC;AACK;;;ACP8C;AACK;AACL;AACZ;AACzC;AACA;AACA;AACA;AACA,eAAe,MAAS;AACxB;AACA;AACA,SAAS,WAAW;AACpB,4BAA4B,iBAAe,SAAS,KAAK;AACzD;AACA;AACA;AACA;AACA,YAAY,iCAAiC,QAAQ,SAAM;AAC3D;AACA;AACA,iDAAe,QAAQ,EAAC;;;ACpBoC;AACE;AACd;AACzC;AACP;AACA;AACO;AACP;AACA;AACO;AACP,WAAW,UAAQ;AACnB;;;ACXO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA,yBAAyB,SAAS,0BAA0B;AAC5D;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA,yBAAyB,SAAS,0BAA0B;AAC5D;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO,MAAM,uBAAgB;AAC7B;AACA;AACA;AACA;AACA;AACA,uBAAgB;AACT;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;;;ACjHqD;AACtC;AACf,wBAAwB,cAAc;AACtC;AACA;AACA;AACA;AACA,qBAAqB;AACrB;AACA;AACA;AACA,qBAAqB;AACrB;AACA;AACA;AACA,qBAAqB;AACrB;AACA;AACA;AACA,qBAAqB;AACrB;AACA,qBAAqB;AACrB;AACA,qBAAqB;AACrB;AACA,sBAAsB,uBAAgB,QAAQ,KAAK;AACnD;AACA;;;AC3BA,uDAAe;AACf;AACA,gBAAgB,gBAAgB;AAChC;AACA,mCAAmC,KAAK;AACxC;AACA;AACA,CAAC,EAAC;;;ACPF;AACA,2EAA2E,MAAM,UAAU,KAAK;AAChG;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,6BAA6B,kBAAkB,OAAO,KAAK;AAC3D;AACA;AACA,6BAA6B,WAAW,KAAK,UAAU;AACvD;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sCAAsC,SAAS;AAC/C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sCAAsC,SAAS;AAC/C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sCAAsC,SAAS;AAC/C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sCAAsC,SAAS;AAC/C;AACA;AACA;AACA;AACA;AACA;AACA;;;AC5JA;AACA;AACA;AACe;AACf;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;ACfsC;AAC/B;AACP,WAAW,QAAQ;AACnB;AACO;AACP;AACA;AACO;AACP;AACA;AACO;AACP;AACA;;;ACZoC;AACiB;AACrD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC,8BAA8B,kBAAkB;AAClF;AACA;AACA;AACA;AACA;AACA,kCAAkC,wCAAwC,kBAAkB;AAC5F;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,qCAAqC,qCAAqC;AAC1E;AACA;AACA;AACA;AACA,8BAA8B,uBAAgB;AAC9C;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA,8BAA8B,uBAAgB;AAC9C;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA,8BAA8B,uBAAgB;AAC9C;AACA;AACA;AACA;AACA,sBAAsB,uBAAgB;AACtC;AACA,aAAa;AACb;AACA;AACA;AACA;AACA;AACA,YAAY,uBAAuB;AACnC;AACA;AACA;AACA;AACA;AACA,sBAAsB;AACtB;AACA;AACA,WAAW,SAAM;AACjB;AACA,iDAAe,KAAK,EAAC;;;ACvGoB;AACD;AACA;AACxC,8BAA8B,MAAM;AACpC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,4BAA4B,UAAS,GAAG,aAAa;AACrD;AACA;AACA;AACA,yBAAyB,kBAAkB;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,+BAA+B,eAAe;AAC9C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,QAAQ,KAAK;AACb;AACA,mBAAmB,MAAM;AACzB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,+BAA+B,eAAe;AAC9C;AACA;AACA;AACA;AACA;AACA;AACA,QAAQ,KAAK;AACb;AACA,mBAAmB,MAAM;AACzB;AACA;AACA;AACA;AACA;AACA;AACA,oDAAe,EAAE,yCAAyC,EAAC;;;ACnEN;AACI;AACC;AACjB;AACE;AAC5B;AACf;AACA,oBAAoB,aAAS;AAC7B;AACA;AACA,oBAAoB,aAAS;AAC7B;AACA,QAAQ,WAAW;AACnB,QAAQ,iBAAiB;AACzB;AACA;AACA;AACA;AACA,gCAAgC,iBAAe,SAAS,KAAK;AAC7D;AACA,eAAe,SAAM,gCAAgC,aAAa,cAAc,iBAAiB;AACjG;AACA,wBAAwB,iBAAe,SAAS,KAAK;AACrD;;;ACvB8C;AACV;AACe;AACD;AAClD;AACA,4BAA4B,YAAU;AACtC,IAAI,gBAAc;AAClB,4BAA4B,SAAM,aAAa,SAAe;AAC9D;AACA;AACA,mDAAe,IAAI,EAAC;;;ACVpB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kDAAe,UAAU,EAAC;;;ACrB0C;AACP;AAC1B;AACnC;AACA;AACA;AACA;AACA;AACA;AACA,qGAAqG,MAAM;AAC3G;AACA;AACA,4FAA4F,IAAI;AAChG;AACA;AACA;AACA;AACA;AACA;AACA,oBAAoB,KAAS;AAC7B,YAAY,WAAe;AAC3B;AACA;AACA;AACA,SAAS,WAAS;AAClB,4BAA4B,OAAe,cAAc,KAAK;AAC9D;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA;AACA,oBAAoB,KAAS;AAC7B;AACA;AACA,oBAAoB,YAAgB;AACpC;AACA;AACA;AACA,oBAAoB,WAAe;AACnC;AACA;AACA;AACA;AACA,SAAS,WAAS;AAClB,4BAA4B,OAAe,cAAc,KAAK;AAC9D;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA;AACA;AACA;AACA;AACA,cAAc,EAAE;AAChB;AACA;AACA;AACA;AACA;AACA;AACA;AACA,qDAAe,mCAAmC,EAAC;AAC5C;;;AC5E8C;AACrD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sBAAsB,uBAAgB,gCAAgC,UAAU;AAChF;AACA;AACA,yDAAyD,UAAU;AACnE;AACA;AACA,yDAAyD,UAAU;AACnE;AACA;AACA;AACA;AACA,oDAAe,YAAY,EAAC;;;ACjCqC;AACxB;AACS;AACA;AACmB;AACH;AACZ;AAC/C;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sBAAsB,UAAU;AAChC;AACA,aAAa,WAAU;AACvB,sBAAsB,UAAU;AAChC;AACA;AACA;AACA;AACA;AACA,2BAA2B,aAAY,CAAC,UAAU;AAClD;AACA;AACA;AACA;AACA,0BAA0B,UAAU;AACpC;AACA;AACA,gBAAgB,MAAM;AACtB;AACA,sBAAsB,UAAU;AAChC;AACA,QAAQ,mBAAmB;AAC3B;AACA;AACA,sBAAsB,OAAO,QAAQ,MAAS;AAC9C;AACA;AACA;AACA,8BAA8B,OAAO,QAAQ,MAAS;AACtD;AACA;AACA,8BAA8B,OAAO;AACrC;AACA,qBAAqB,MAAM,kBAAkB,OAAO;AACpD,gCAAgC,YAAI;AACpC;AACA,uBAAuB,MAAS;AAChC;AACA;AACA;AACA,0BAA0B,OAAO;AACjC;AACA;AACA;AACA;AACA;AACA,4BAA4B,OAAO;AACnC;AACA;AACA;AACA;;;AChFqD;AAC9C;AACP;AACA,8BAA8B,aAAa;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kBAAkB,cAAc,GAAG,YAAY,GAAG,cAAc;AAChE;AACA;;;AChBA,4CAAe,2CAA2C,EAAC;;;ACA3D;AACA;AACA;AACA;AACA;AACA;AACA,2CAAe;AACf;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,CAAC,EAAC;;;ACtDkC;AACO;AACT;AAClC;AACA;AACA,uCAAuC,OAAO;AAC9C;AACA;AACA;AACO;AACP,4BAA4B;AAC5B,aAAa,QAAQ;AACrB;AACA;AACA;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA;AACA,8BAA8B;AAC9B;AACA;AACA,8BAA8B,qDAAqD,KAAK;AACxF;AACA;AACA,8BAA8B,uBAAuB,KAAK,eAAe,IAAI;AAC7E;AACA;AACA;AACA;AACA;AACA,8BAA8B;AAC9B;AACA;AACA,8BAA8B,0DAA0D,KAAK;AAC7F;AACA;AACA,8BAA8B,uBAAuB,KAAK,eAAe,IAAI;AAC7E;AACA;AACA;AACA;AACA;AACA,8BAA8B,uBAAuB,KAAK;AAC1D;AACA;AACA,8BAA8B,oDAAoD,KAAK;AACvF;AACA;AACA;AACA;AACA,kDAAkD,KAAK,eAAe,IAAI;AAC1E;AACA;AACA;AACA,8BAA8B;AAC9B;AACA;AACA;AACA;;;AC1EqD;AACN;AACE;AACP;AACnC,sBAAsB,UAAU;AACvC;AACA;AACA;AACA;AACA;AACA,wBAAwB,WAAW,CAAC,OAAO;AAC3C;AACA;AACA;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA;AACA;;;ACnB2D;AAC3D;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA;AACA;AACA,KAAK;AACL;AACA,sBAAsB,WAAW;AACjC;AACA,KAAK;AACL;AACA;AACA;AACA,kBAAkB,SAAS;AAC3B;AACA;AACA;AACA;AACA;AACA,kBAAkB,SAAS;AAC3B;AACA;AACA,iDAAe,SAAS,EAAC;;;ACjC2C;AACD;AAChB;AACE;AACV;AACpC;AACP;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACO;AACP,SAAS,QAAQ;AACjB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,mBAAmB,MAAe;AAClC;AACA;AACA,0BAA0B,uBAAgB;AAC1C;AACA;AACA;AACA,mBAAmB,UAAW,GAAG,aAAa;AAC9C;AACA,sBAAsB,uBAAgB;AACtC;AACA;;;AC5C6C;AACmE;AACrE;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sBAAsB,uBAAgB;AACtC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,WAAW,QAAQ;AACnB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sBAAsB,WAAW;AACjC;AACA;AACA;AACA;AACA,gBAAgB,WAAW,IAAI;AAC/B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS;AACT,gBAAgB,iBAAiB;AACjC;AACA,sBAAsB,iBAAiB;AACvC;AACA;AACA,8BAA8B,wBAAwB;AACtD,oBAAoB,UAAU;AAC9B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sDAAsD;AACtD;AACA,0BAA0B,SAAS,GAAG,mBAAmB;AACzD;AACA,sBAAsB,WAAW;AACjC;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS;AACT,KAAK;AACL;AACA;;;AC3HiD;AACK;AACP;AACJ;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,oBAAoB,KAAK,GAAG,QAAQ;AACpC;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,QAAQ;AACjB;AACA,qDAAqD,QAAQ;AAC7D;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,8BAA8B,iBAAiB;AAC/C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,+BAA+B,iBAAiB;AAChD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,oDAAoD,UAAS;AAC7D;AACA,0BAA0B,iBAAiB;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA;AACA;AACA,SAAS;AACT,KAAK;AACL;AACA;AACO,+BAA+B,yDAAS;;;AC1ID;AACV;AACe;AACC;AACpD;AACA,4BAA4B,YAAY;AACxC,IAAI,gBAAc;AAClB,sBAAsB,SAAe;AACrC;AACA,qBAAqB,SAAM;AAC3B;AACA;AACA;AACA;AACA;AACA,qDAAe,MAAM,EAAC;;;ACftB;AACA;AACA;AACA,gCAAgC,OAAO;AACvC;AACA;AACA;AACA;AACA;AACA;AACA,0DAAe,kBAAkB,EAAC;;;ACV+B;AACpB;AACwD;AAChC;AACnB;AACJ;AACoB;AACZ;AACY;AACtB;AACI;AACzC;AACP,SAAS,QAAQ;AACjB,kBAAkB,UAAU;AAC5B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA,qCAAqC,QAAQ;AAC7C,kBAAkB,UAAU;AAC5B;AACA;AACA;AACA;AACA,oCAAoC,MAAS;AAC7C,oCAAoC,OAAO;AAC3C;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA,SAAS,WAAU;AACnB,kBAAkB,UAAU;AAC5B;AACA;AACA;AACA;AACA;AACA,uBAAuB,aAAY,CAAC,UAAU;AAC9C;AACA;AACA;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA,YAAY,MAAM;AAClB;AACA,kBAAkB,UAAU;AAC5B;AACA,kCAAkC,mBAAkB;AACpD;AACA,kBAAkB,iBAAiB;AACnC;AACA;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA;AACA;AACA;AACA,QAAQ,mBAAmB;AAC3B,YAAY,KAAK;AACjB,wBAAwB,SAAS;AACjC;AACA;AACA;AACA,QAAQ,mBAAmB;AAC3B;AACA,iBAAiB,MAAM,CAAC,OAAO,8BAA8B,OAAO,gDAAgD,OAAO;AAC3H;AACA;AACA,oBAAoB,MAAS;AAC7B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA,2BAA2B,cAAM;AACjC;AACA,kBAAkB,8BAA8B;AAChD;AACA;AACA;AACA;AACA,sBAAsB,MAAS;AAC/B;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA;AACA,kBAAkB,OAAO;AACzB;AACA;AACA;AACA;AACA,qBAAqB;AACrB;AACA;AACA;AACA;AACA;AACA;AACA;AACA,iBAAiB;AACjB;AACA;AACA;;;ACzHyD;AACP;AACE;AAC7C;AACP;AACA,cAAc,OAAO;AACrB;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA,YAAY,uDAAuD;AACnE;AACA,kBAAkB,UAAU;AAC5B;AACA,2BAA2B,eAAe,GAAG,gDAAgD;AAC7F,qBAAqB;AACrB;AACA,iBAAiB;AACjB;AACA;AACA;;;ACpBqF;AACzC;AACb;AACF;AACS;AACtC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,qDAAe,8CAA8C;AAC7D;AACA;AACA,6BAA6B,OAAO;AACpC;AACA;AACA;AACA,SAAS,QAAQ;AACjB,kBAAkB,UAAU;AAC5B;AACA,YAAY,MAAM;AAClB;AACA;AACA;AACA,kBAAkB,wBAAwB;AAC1C;AACA,YAAY,8DAA8D;AAC1E;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sBAAsB,wBAAwB,sBAAsB,MAAM;AAC1E;AACA;AACA;AACA;AACA,kBAAkB,wBAAwB;AAC1C;AACA;AACA,kBAAkB,wBAAwB;AAC1C;AACA;AACA;AACA,kBAAkB,wBAAwB;AAC1C;AACA;AACA;AACA;AACA,wBAAwB,IAAI;AAC5B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,YAAY,cAAc;AAC1B,gBAAgB,KAAK;AACrB;AACA,kBAAkB,wBAAwB;AAC1C;AACA;AACA;AACA,sBAAsB,wBAAwB;AAC9C;AACA;AACA,sBAAsB,wBAAwB;AAC9C;AACA;AACA;AACA;AACA,sBAAsB,wBAAwB;AAC9C;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA;AACA;AACA,oEAAoE,IAAI;AACxE;AACA,sBAAsB,UAAU;AAChC;AACA;AACA,sBAAsB,wBAAwB;AAC9C;AACA;AACA;AACA,CAAC,EAAC;;;ACvGuD;AACP;AACH;AACxC;AACP,2BAA2B,aAAa;AACxC;AACA,kBAAkB,UAAU;AAC5B;AACA,oBAAoB,cAAU;AAC9B,qBAAqB;AACrB;AACA,iBAAiB;AACjB;AACA;AACA;;;ACdoC;AACpC,MAAM,aAAM;AACZ,gCAAgC,oBAAoB;AACpD,gCAAgC,SAAM;AACtC;AACA,qDAAe,aAAM,EAAC;;;ACLoB;AACoB;AACG;AAChB;AACN;AAC3C;AACA;AACA,kBAAkB,UAAU,IAAI,aAAa;AAC7C;AACA;AACO;AACP,SAAS,QAAQ;AACjB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,2BAA2B;AAC3B;AACA;AACA;AACA;AACA,2BAA2B;AAC3B;AACA;AACA;AACA;AACA,2BAA2B;AAC3B;AACA;AACA;AACA,2BAA2B;AAC3B;AACA;AACA,sBAAsB,uBAAgB;AACtC;AACA,iBAAiB,OAAO;AACxB,WAAW,MAAS,OAAO,cAAM;AACjC;AACO;AACP;AACA;AACA,uDAAuD,0BAA0B,GAAG,WAAW;AAC/F;;;ACpDoC;AACiB;AACpB;AAC1B;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,0BAA0B,2BAA2B,OAAO;AAC5D;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kBAAkB,uBAAgB;AAClC;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,6BAA6B,cAAc;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,6BAA6B,cAAc;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,6BAA6B,iCAAiC;AAC9D;AACA;AACA;AACA;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA,8BAA8B,uBAAgB;AAC9C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA,8BAA8B,uBAAgB;AAC9C;AACA;AACA;AACA;AACA,sBAAsB,uBAAgB;AACtC;AACA,WAAW,SAAM;AACjB;;;AC9IqE;AAC9D,eAAe,iCAAe;AACrC,WAAW,eAAQ;AACnB;;;ACHqD;AAC9C,MAAM,gBAAM,GAAG,MAAgB;AAC/B,MAAM,gBAAM,GAAG,MAAgB;;;ACFe;AACJ;AACN;AACF;AAClC;AACP;AACA,kBAAkB,UAAU;AAC5B,YAAY,qBAAqB;AACjC;AACA,kBAAkB,UAAU;AAC5B;AACA,kBAAkB,UAAU;AAC5B;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA,kBAAkB,gBAAS;AAC3B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA;AACA,4BAA4B,OAAO;AACnC;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA,SAAS,QAAQ;AACjB,kBAAkB,UAAU;AAC5B;AACA;;;AC/BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAUa;;AAEb;AACA;AACA;;AAEO;AACP;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEO;AACP;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA,kEAAkE,cAAc;AAChF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,KAAK;AACL;;AAEA;AACA;AACA;AACA;AACA;AACA,gEAAgE,SAAS;AACzE;AACA,KAAK;AACL;;AAEA;AACA;AACA;AACA;AACA,gEAAgE,SAAS;AACzE;AACA;AACA,KAAK;AACL;;AAEA;AACA;AACA;AACA;AACA;AACA,gEAAgE,SAAS;AACzE;AACA,KAAK;AACL;;AAEA;AACA;AACA;AACA;AACA;AACA,gEAAgE,SAAS;AACzE;AACA,KAAK;AACL;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,WAAW;AACX;;AAEA;AACA;AACA;;AAEA;AACA,0BAA0B,SAAS;AACnC,oBAAoB;AACpB;;AAEA,aAAa,OAAO;AACpB;AACA;AACA,0BAA0B,+CAA+C;AACzE;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA,kCAAkC,OAAO;AACzC,8DAA8D,gBAAgB;AAC9E;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA,eAAe,oCAAoC;AACnD;AACA;AACA;AACA;AACA;AACA;AACA;AACA,KAAK;AACL,GAAG;AACH,mEAAmE,gBAAgB;AACnF;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,KAAK;AACL;AACA,GAAG;AACH,6DAA6D,gBAAgB;AAC7E;AACA;;AAEA;AACA;AACA;;AAEA;AACA,eAAe,kBAAkB;AACjC,UAAU,UAAU,QAAQ,SAAS;AACrC;AACA;AACA,GAAG;;AAEH;AACA,2BAA2B,sBAAsB,OAAO,SAAS;AACjE;AACA;AACA;;AAEA;AACA;AACA;AACA;;AAEA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA,GAAG;;AAEH;AACA;AACA;AACA;;AAEA;AACA,WAAW;AACX;;AAEA;AACA;AACA;;AAEO,MAAM,kBAAO;AACpB,0BAA0B;AAC1B;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA,mBAAmB;AACnB,gBAAgB;;AAEhB;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;;AAEA;AACA;AACA;AACA;AACA,0CAA0C,QAAQ,MAAM,IAAI;AAC5D;;AAEA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;;AAEA;AACA;AACA;AACA;AACA,0CAA0C,KAAK,MAAM,IAAI;AACzD;;AAEA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA,kCAAkC;;AAElC;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA,0BAA0B,iCAAe;;AAEzC;AACA;AACA;AACA;AACA;AACA;AACA;AACA,KAAK;;AAEL;AACA;;AAEA;AACA,yBAAyB;;AAEzB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA,4BAA4B,mCAAmC;AAC/D;AACA;;AAEA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA,QAAQ;AACR;AACA;AACA;AACA,YAAY;AACZ;AACA;AACA;AACA;AACA,QAAQ;AACR;AACA;AACA,KAAK;;AAEL;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;;AAEA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,MAAM;AACN;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA,SAAS,WAAW,EAAE,aAAa;AACnC;AACA;AACA;;AAEA;AACA;AACA,yCAAyC,0BAA0B;;AAEnE;AACA;AACA,wCAAwC,kBAAkB;AAC1D;AACA,wBAAwB,kBAAkB;AAC1C;;AAEA;AACA;AACA;;AAEA;AACA;;AAEA,oBAAoB,SAAS;AAC7B;AACA;;AAEA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA,gBAAgB;AAChB,KAAK;AACL;;AAEA;AACA;AACA,gBAAgB;AAChB,KAAK;AACL;;AAEA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA,iDAAe,kEAAO;;;ACvkBtB;;;;;;;GAOG;AAKgB;AAEnB;;GAEG;AACI,MAAM,MAAM,GAAG;IACpB,gBAAgB,EAAE,gBAAgB;IAClC,KAAK,EAAE,OAAO;IACd,MAAM,EAAE,QAAQ;IAChB,eAAe,EAAE,gBAAgB;IACjC,KAAK,EAAE,OAAO;CACN;AAOV;;GAEG;AACH,MAAM,YAAY;IAAlB;QACU,cAAS,GAAoC,IAAI,GAAG,EAAE;IAgBhE,CAAC;IAdC,EAAE,CAAC,KAAa,EAAE,QAAuB;QACvC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,GAAG,EAAE,CAAC;QACtC,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,GAAG,CAAC,QAAQ,CAAC;IAC1C,CAAC;IAED,GAAG,CAAC,KAAa,EAAE,QAAuB;;QACxC,UAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,MAAM,CAAC,QAAQ,CAAC;IAC7C,CAAC;IAED,IAAI,CAAC,KAAa,EAAE,GAAG,IAAe;;QACpC,UAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;IACvD,CAAC;CACF;AA+BD;;GAEG;AACI,MAAM,OAAO;IAKlB,YAAY,OAA+B;QACzC,IAAI,CAAC,QAAQ,GAAG,IAAI,kBAAgB,CAAC;YACnC,QAAQ,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ;YAC3B,QAAQ,EAAE,IAAI,eAAe,EAAE;YAC/B,aAAa,EAAE,CAAC,KAAK,EAAE,EAAE;gBACvB,MAAM,MAAM,GAAI,KAAqB,CAAC,MAAM;gBAC5C,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,QAAQ,EAAE,CAAC;oBACrB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;oBAC/B,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAClE,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;gBAClC,CAAC;YACH,CAAC;YACD,YAAY,EAAE,GAAG,EAAE;gBACjB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;YAC3C,CAAC;SACF,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,IAAI,YAAY,EAAE;QACjC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,EAAE;IACvC,CAAC;IAED;;OAEG;IACH,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO;IACrB,CAAC;IAED;;OAEG;IACH,IAAI,IAAI;;QACN,OAAO;YACL,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ;YAClC,KAAK,EAAE,UAAI,CAAC,QAAQ,CAAC,KAAK,mCAAI,SAAS;YACvC,SAAS,EAAE,IAAI,CAAC,UAAU;YAC1B,cAAc,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ;gBACpC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC;gBACpD,CAAC,CAAC,SAAS;SACd;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,sBAAsB,CAAC,OAAwC;QACnE,iCAAiC;QACjC,MAAM,IAAI,GAA0B,OAAO,OAAO,KAAK,QAAQ;YAC7D,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE;YAClB,CAAC,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE;QAEjB,IAAI,CAAC;YACH,uCAAuC;YACvC,MAAM,IAAI,CAAC,QAAQ,CAAC,uBAAuB,EAAE;YAE7C,sEAAsE;YACtE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,IAAI,IAAI,CAAC,sBAAsB,KAAK,KAAK,EAAE,CAAC;gBACrE,IAAI,CAAC;oBACH,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE;gBAC/B,CAAC;gBAAC,MAAM,CAAC;oBACP,qCAAqC;gBACvC,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC,IAAI;QAClB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC;YACtC,OAAO,SAAS;QAClB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,OAAqB;QAC/B,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI;QAC/D,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,EAAE,WAAW,CAAC;IAC5D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE;IAC9B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,GAAsB,EAAE,IAAkB;QACpD,OAAO,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,GAAa,EAAE,IAAI,CAAC;IACrD,CAAC;CACF;AAED,uDAAe,uDAAO;;;ACvLsB;AAErC,MAAM,WAAW,GAAG,IAAI,OAAO,EAAE;;;ACFxC,MAAM,+BAA4B,sC;;;;;ACAlC,uEAAuE;AAC3B,CAAC,gDAAgD;AAC/D;AAEvB,MAAM,KAAE,GAAG,yBAAc,CAAC,+BAAI,CAAC;;;ACJ8B;AAExB;AAGrC,MAAM,QAAQ,GAAG,uCAAG,CACvB,oDAAoD,CACvD;AAEM,SAAS,cAAc,CAAC,KAAK;IAEhC,MAAM,EAAE,GAAG,KAAS;IAEpB,KAAK,UAAU,aAAa,CAAC,GAAc;QACvC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;QAC7B,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC;QACxC,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,EAAE,CAAC;QACxD,CAAC;QACD,OAAO,OAAO,CAAC,KAAK;IACxB,CAAC;IACD;;;;;;;;;;;;OAYG;IACH,SAAS,gBAAgB,CACzB,MAAc,EACd,EAAa,EACb,OAGC;QAED,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CACpB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EACjB,QAAQ,CACX;QAED,OAAO,OAAO,CAAC,OAAO,EAAE;aACnB,IAAI,CAAC,GAAG,EAAE;YACX,IAAI,MAAM,EAAE,CAAC;gBACT,OAAO,MAAmB;YAC9B,CAAC;YAED,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;gBACnC,MAAM,IAAI,KAAK,CAAC,qCAAqC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC1E,CAAC,CAAC;QACF,CAAC,CAAC;aACD,IAAI,CAAC,MAAM,CAAC,EAAE;YACf,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC;YAC3D,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC;YAC5D,CAAC;YACD,OAAO,KAAK,CAAC,OAAO;iBACf,YAAY,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,EAAE;gBACjC,IAAI,EAAE,OAAO;gBACb,WAAW,EAAE,aAAa;aACzB,CAAC;iBACD,IAAI,CAAC,MAAM,CAAC,EAAE;gBACf,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;oBACb,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,MAAM,CAAC,KAAK,CAAC;gBAC9D,CAAC;gBAED,OAAO,MAAM;YACb,CAAC,CAAC;QACN,CAAC,CAAC;IACN,CAAC;IAED;;;OAGG;IACH,SAAS,WAAW,CAAE,MAAc;QAChC,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO;QAC7B,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC;QACjE,CAAC;QAED,OAAO,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACtC,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,6BAA6B,GAAI,MAAc,CAAC,KAAK,CAAC;YAC1E,CAAC;YAED,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CACxB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EACjB,QAAQ,CACP;YAED,IAAI,CAAC,MAAM,EAAE,CAAC;gBACd,MAAM,IAAI,KAAK,CAAC,0CAA0C,GAAG,MAAM,CAAC;YACpE,CAAC;YAED,OAAO,MAAmB;QAC9B,CAAC,CAAC;IACN,CAAC;IAED;;;;;;;OAOG;IACH,SAAS,UAAU,CACnB,MAAc,EACd,EAAa,EACb,MAAc,EACd,UAGQ,EAAE;QAEN,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,IAAI,EAAE;QACtC,MAAM,CAAC,GAAG,yCAAK,EAAE;QACjB,MAAM,IAAI,GAAG,6CAAS,CAAC,gCAAgC,CAAC;QACxD,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,KAAK,CAAC;QAC7B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;QACzB,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;QACzB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,eAAe,CAAC,EAAE,GAAG,CAAC;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC;QACpC,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;YACxB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC;QACvC,CAAC;QACD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC;QAChC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC;QACzC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC;QAC1C,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,CAAC;QAE5C,IAAI,SAAS,CAAC,MAAM,EAAE,CAAC;YACnB,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,KAAK,CAAC;YACzB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,eAAe,CAAC,EAAE,GAAG,CAAC;YACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC;YACpC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC;YACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC5C,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,EAAC,kBAAkB;YAClE,CAAC;QACL,CAAC;QACD,OAAO,6CAAS,CAAC,GAAG,EAAE,CAAC,EAAE,MAAM,CAAC;IACpC,CAAC;IACD,OAAO;QACH,aAAa;QACb,gBAAgB;QAChB,UAAU;KACb;AACL,CAAC;;;AC1JsC;AACD;AAEtC;;;;;GAKG;AACI,MAAM,UAAU,GAAG,GAAO,EAAE;IAC/B,IAAI,EAAE,eAAe,EAAE,GAAQ,MAAM;IACrC,eAAe,KAAf,eAAe,GAAK,EAAE;IACtB,eAAe,CAAC,iBAAiB,GAAG,KAAK;IACzC,IAAI,eAAe,CAAC,MAAM,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QAC5C,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI;QACjD,IAAI,WAAW,CAAC,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;YACrD,eAAe,CAAC,iBAAiB,GAAG,IAAI;YACxC,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;YACnE,IAAI,MAAM,EAAE,CAAC;gBACT,IAAI,UAAU,GAAG,eAAe,CAAC,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,IAAI;gBACvE,IAAI,UAAU,EAAE,CAAC;oBACjB,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC;oBAClC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;wBACjD,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC;wBAClC,eAAe,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC;wBAC5C,eAAe,CAAC,iBAAiB,GAAG,KAAK;oBAC7C,CAAC;gBACD,CAAC;YACL,CAAC;QACD,CAAC;IACL,CAAC;IACD,OAAO,eAAe;AAC1B,CAAC;AAED;;;;;;GAMG;AACI,SAAS,aAAa;IACzB,MAAM,EAAE,qBAAqB,EAAE,GAAQ,MAAM;IAC7C,IACE,OAAO,qBAAqB,KAAK,WAAW;QAC5C,qBAAqB,CAAC,QAAQ,EAC9B,CAAC;QACD,aAAa;QACb,GAAS,CAAC,uBAAuB,GAAG,qBAAqB,CAAC,QAAQ,CAAC;QACnE,OAAO,uCAAG,CAAC,qBAAqB,CAAC,QAAQ,CAAC;IAC5C,CAAC;IACD,oFAAoF;IACpF,8HAA8H;IAC9H,IACE,OAAO,QAAQ,KAAK,WAAW;QAC/B,QAAQ,CAAC,QAAQ;QACjB,CAAC,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,kBAAkB,EAC5D,CAAC;QACD,MAAM,GAAG,GAAG,QAAQ,CAAC,cAAc,CAAC,WAAW,CAAC;QAChD,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI;QACrB,MAAM,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,QAAQ,CAAC;QACrC,IAAI,CAAC,EAAE;YAAE,OAAO,IAAI;QACpB,GAAS,CAAC,mBAAmB,GAAG,EAAE,CAAC;QACnC,OAAO,uCAAG,CAAC,EAAE,CAAC;IAChB,CAAC;IACD,OAAO,IAAI;AACf,CAAC;;;AClEiD;AACI;AAChB;AAC2B;AAG1D,MAAM,eAAe;IAG1B,YAAY,gBAAyB;QACnC,IAAI,CAAC,OAAO,GAAG,gBAAgB;IACjC,CAAC;IAED,6FAA6F;IAC7F,IAAI,WAAW,KAAa,OAAO,IAAI,CAAC,OAAO,EAAC,CAAC;IAEjD,WAAW;QACT,MAAM,GAAG,GAAG,UAAU,EAAE;QACxB,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;YAC1B,OAAO,uCAAG,CAAC,GAAG,CAAC,KAAK,CAAC;QACvB,CAAC;QACD,IAAI,IAAI,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACzG,OAAO,uCAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;QACrC,CAAC;QACD,OAAO,aAAa,EAAE,EAAC,sBAAsB;IAC/C,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,SAAS,CACb,eAA6C;QAE7C,yCAAyC;QACzC,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI;QAC/D,IAAI,oBAAoB,EAAE,CAAC;YACzB,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,sBAAsB,EAAE,oBAAoB,CAAC;QAC3E,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC,GAAG,EAAE,EAAE;YACtD,GAAS,CAAC,uBAAuB,GAAG,EAAE,CAAC;YACvC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,KAAK,GAAG;gBAAE,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,GAAa,CAAC;QACzF,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;QACjD,WAAW,CAAC,IAAI,GAAG,EAAE;QACrB,MAAM,IAAI,CAAC,OAAO;aACf,sBAAsB,CAAC;YACtB,sBAAsB,EAAE,IAAI;YAC5B,GAAG,EAAE,WAAW,CAAC,IAAI;SACtB,CAAC;QAEJ,qDAAqD;QACrD,MAAM,qBAAqB,GAAG,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,sBAAsB,CAAC;QACjF,IAAI,qBAAqB,EAAE,CAAC;YAC1B,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YAC5C,IAAI,MAAM,CAAC,IAAI,KAAK,qBAAqB,EAAE,CAAC;gBAC1C,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;oBACtB,2DAA2D;oBAC3D,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,EAAE,qBAAqB,CAAC;gBAChE,CAAC;qBAAM,CAAC;oBACN,gEAAgE;oBAChE,QAAQ,CAAC,IAAI,GAAG,qBAAqB;gBACvC,CAAC;gBACD,MAAM,CAAC,IAAI,GAAG,qBAAqB;YACrC,CAAC;YACD,qHAAqH;YACrH,qHAAqH;YACrH,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,sBAAsB,EAAE,EAAE,CAAC;QACzD,CAAC;QAED,qDAAqD;QACrD,IAAI,EAAE,GAAG,aAAa,EAAE;QACxB,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACpE,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;QACtD,IAAI,KAAK,EAAE,CAAC;YACV,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QAC3B,CAAC;QAED,IAAI,EAAE,EAAE,CAAC;YACP,GAAS,CAAC,iBAAiB,EAAE,qBAAqB,CAAC;QACrD,CAAC;QAED,OAAO,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACpE,CAAC;IAED;;;;;;OAMG;IACH,QAAQ,CACN,KAAgC,EAChC,OAA+B;QAE/B,IAAI,QAAgB;QACpB,IAAI,KAAK,EAAE,CAAC;YACV,QAAQ,GAAG,CAAC,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG;YAC1D,MAAM,EAAE,GAAG,6CAAS,CAAC,QAAQ,CAAC;YAC9B,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,EAAE,GAAG,EAAE;YACjB,CAAC;YACD,OAAO,EAAE;QACX,CAAC;QACD,OAAO,IAAI;IACb,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAE,OAAiD;QACjE,MAAM,KAAK,GAAG,QAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,KAAI,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI;QACzE,OAAO,KAAK;IACd,CAAC;CAEF;;;AC9HsC;AAEhC,SAAS,QAAQ,CAAC,GAAc;IACnC,OAAO,uCAAG,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,IAAI,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;AACxD,CAAC;AAEM,SAAS,WAAW,CAAE,GAAgB;IACzC,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;IAChC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC;IACzB,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC;IAC7B,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC;IAC7C,OAAO,IAAI,EAAC,4DAA4D;AAC5E,CAAC;AAEM,SAAS,aAAa,CAAC,OAAe,EAAE,IAAU;IACrD,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE;IAClC,MAAM,KAAK,GAAG,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,GAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC;IAChC,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAE,CAAC,CAAE;IACxC,OAAO,IAAI,GAAG,CAAC,aAAa,IAAI,IAAI,KAAK,IAAI,GAAG,IAAI,QAAQ,EAAE,EAAE,OAAO,CAAC,CAAC,QAAQ,EAAE;AACvF,CAAC;AAEM,SAAS,eAAe,CAAC,GAAG;IAC/B,IAAI,CAAC,GAAG,EAAE,CAAC;QACP,OAAO,IAAI;IACf,CAAC;IACD,OAAO,CACH,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,KAAK,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,CAC7D;AACL,CAAC;AAEM,SAAS,sBAAsB,CAAE,EAAY;IAChD,MAAM,QAAQ,GAAG,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,UAAU,EAAE,GAAG,CAAC;IAC1E,uFAAuF;IACvF,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,YAAY;IAC1E,MAAM,OAAO,GAAG,SAAS,GAAG,iBAAiB;IAC7C,OAAO,uCAAG,CAAC,OAAO,CAAC;AACvB,CAAC;AAEM,SAAS,sBAAsB,CAClC,OAAkB,EAClB,OAAkB;IAElB,cAAc;IACd,mEAAmE;IACnE,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAC5B,mBAAmB,IAAI,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,EACjD,OAAO,CAAC,KAAK,CAChB,CAAC,QAAQ,EAAE;IACZ,OAAO,IAAI,yCAAS,CAAC,gBAAgB,CAAC;AAC1C,CAAC;;;ACnDiD;AAEN;AACoB;AAEhE,MAAM,0BAA0B,GAAG,gBAAgB;AAE5C,SAAS,eAAe,CAAC,KAAK,EAAE,YAAY;IAC/C,MAAM,EAAE,GAAG,KAAS;IAEpB,KAAK,UAAU,MAAM,CACjB,aAAwB,EACxB,EAAa,EACb,OAAkB;QAElB,yDAAyD;QACzD,+DAA+D;QAC/D,gCAAgC;QAChC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC;QAEvC,2CAA2C;QAC3C,MAAM,UAAU,GAAG,KAAK,CAAC,GAAG,CACxB,aAAa,EACb,IAAI,yCAAS,CAAC,oDAAoD,CAAC,CACtE;QACD,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC;QAC9C,CAAC;QAED,MAAM,OAAO,GAAG;;;;yBAIC,EAAE,CAAC,KAAK;;;;;;;yBAOR,OAAO,CAAC,KAAK;;;;;aAKzB;QACL,MAAM,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE;YACtD,IAAI,EAAE,OAAO;YACb,WAAW,EAAE,aAAa;SAC7B,CAAC;IACN,CAAC;IAED,KAAK,UAAU,qBAAqB,CAAC,SAAS,EAAE,EAAE;QAC9C,4BAA4B;QAC5B,MAAM,gBAAgB,GAAG,KAAK,CAAC,GAAG,CAC9B,EAAE,EACF,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,CACX;QACrB,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC;QACpD,CAAC;QACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC;QAC1C,MAAM,GAAG,GAAG,QAAQ,CAAC,gBAAgB,CAAC;QACtC,MAAM,GAAG,GAAG;YACR,sCAAE,CACE,GAAG,EACH,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EACd,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAC5B,gBAAgB,CAAC,GAAG,EAAE,CACzB;YACD,sCAAE,CACE,GAAG,EACH,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EACpB,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC,EACtB,gBAAgB,CAAC,GAAG,EAAE,CACzB;YACD,sCAAE,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,SAAS,EAAE,gBAAgB,CAAC,GAAG,EAAE,CAAC;SACnE;QACD,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAClC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,UAAU,IAAI,EAAE,EAAE,EAAE,IAAI;gBAClD,IAAI,CAAC,EAAE,EAAE,CAAC;oBACN,MAAM,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC3B,CAAC;qBAAM,CAAC;oBACJ,OAAO,CAAC,IAAI,CAAC;gBACjB,CAAC;YACL,CAAC,CAAC;QACN,CAAC,CAAC;IACN,CAAC;IAED,KAAK,UAAU,QAAQ,CAAC,OAAkB;QACtC,MAAM,EAAE,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE;QACtC,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,EAAE,CAAC;QACjD,MAAM,aAAa,GAAG,sBAAsB,CAAC,OAAO,EAAE,OAAO,CAAC;QAC9D,IAAI,MAAM,GAAG,IAAI;QACjB,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CACpB,IAAI,yCAAS,CAAC,aAAa,CAAC,KAAK,GAAG,gBAAgB,CAAC,CACxD;QACL,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACT,MAAM,GAAG,KAAK;QAClB,CAAC;QACD,OAAO,EAAE,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE;IACxC,CAAC;IAED,KAAK,UAAU,eAAe,CAC1B,aAAwB,EACxB,EAAa;QAEb,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC;YAC1B,EAAE;YACF,OAAO,EAAE,aAAa,CAAC,KAAK;SAC/B,CAAC;QACF,OAAO,OAAO,CAAC,WAAW;IAC9B,CAAC;IAED,SAAS,OAAO,CAAC,cAA8B;QAC3C,MAAM,EAAE,GAAG,KAAK;QAChB,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO;QAC1B,IAAI,cAAc,CAAC,EAAE,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,gCAAgC,GAAG,cAAc,CAAC,EAAE,CAAC;QACzE,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,cAAc,CAAC,WAAW;YAC3C,cAAc,CAAC,WAAW;gBAC1B,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,OAAO,GAAG,0BAA0B,CAAC,CAAC;QAChE,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE;QAEpC,EAAE,CAAC,GAAG,CACF,WAAW,EACX,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EACd,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC,EACtB,UAAU,CACb;QACD,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,cAAc,EAAE,UAAU,CAAC;QAC/D,EAAE,CAAC,GAAG,CACF,WAAW,EACX,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,EAChB,wCAAI,CAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAChC,UAAU,CACb;QACD,IAAI,cAAc,CAAC,EAAE,EAAE,CAAC;YACpB,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,cAAc,CAAC,EAAE,EAAE,UAAU,CAAC;QACvE,CAAC;QAED,OAAO,IAAI,OAAO,CAAC,UAAU,OAAO,EAAE,MAAM;YACxC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,CACR,UAAU,EACV,EAAE,CAAC,kBAAkB,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,EAClE,aAAa,EACb,UAAU,IAAI,EAAE,EAAE,EAAE,OAAO;gBACvB,IAAI,EAAE,EAAE,CAAC;oBACL,OAAO,CAAC;wBACJ,GAAG,cAAc;wBACjB,WAAW;qBACd,CAAC;gBACN,CAAC;qBAAM,CAAC;oBACJ,MAAM,CACF,IAAI,KAAK,CACL,sCAAsC,GAAG,IAAI,GAAG,KAAK,GAAG,OAAO,CAClE,CACJ;gBACL,CAAC;YACL,CAAC,CACJ;QACL,CAAC,CAAC;IACN,CAAC;IAED;;;;;OAKG;IACH,KAAK,UAAU,OAAO,CAClB,OAAkB,EAClB,eAAe,GAAG,IAAI;QAEtB,MAAM,EAAE,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QAC7D,IAAI,MAAM,EAAE,CAAC;YACT,OAAO,IAAI,yCAAS,CAAC,aAAa,CAAC,KAAK,GAAG,0BAA0B,CAAC;QAC1E,CAAC;QAED,IAAI,eAAe,EAAE,CAAC;YAClB,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,aAAa,EAAE,EAAE,CAAC;YAC1D,MAAM,UAAU,CAAC,OAAO,EAAE,SAAS,CAAC;YACpC,MAAM,MAAM,CAAC,aAAa,EAAE,EAAE,EAAE,OAAO,CAAC;YACxC,MAAM,qBAAqB,CAAC,SAAS,EAAE,EAAE,CAAC;YAC1C,OAAO,SAAS;QACpB,CAAC;QACD,OAAO,IAAI;IACf,CAAC;IAED,KAAK,UAAU,UAAU,CAAC,OAAkB,EAAE,SAAoB;;QAC9D,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACvC,MAAM,YAAY,GAAG,KAAK,CAAC,GAAG,CAC1B,OAAO,EACP,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EACf,SAAS,EACT,OAAO,CAAC,GAAG,EAAE,CAChB;QACD,IAAI,CAAC,YAAY,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,CAAC,KAAK,EAAE,CAAC;QAChE,CAAC;QACD,MAAM,UAAU,GAAG;;UAEjB,EAAE,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,SAAS,CAAC,KAAK;SACtC;QAED,MAAM,cAAc,GAAG,MAAM,YAAK,CAAC,OAAO,0CAAE,YAAY,CACpD,MAAM,EACN,YAAY,CAAC,KAAK,EAClB;YACI,IAAI,EAAE,UAAU;YAChB,WAAW,EAAE,aAAa;SAC7B,CACJ;QACD,MAAM,WAAW,GAAG,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;QAC3D,IAAI,CAAC,WAAW,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,6BAA6B,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,MAAM,EAAE,CAAC;QAC1E,CAAC;IACL,CAAC;IACD,OAAO;QACH,MAAM,EAAE,qBAAqB,EAAE,QAAQ,EAAE,eAAe,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO;KACzF;AACL,CAAC;;;AC9N4C;AAEtC,SAAS,gBAAgB,CAAC,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,cAAc,EAAE,QAAQ;IAExF,KAAK,UAAU,cAAc,CAAC,SAAiB,EAAE,IAAY;QAC3D,MAAM,OAAO,GAAc,MAAM,YAAY,CAAC,MAAM,EAAE;QACtD,MAAM,OAAO,GAAc,MAAM,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC;QACjE,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,KAAK,eAAe,kBAAkB,CAAC,IAAI,CAAC,GAAG;QAC3E,MAAM,cAAc,CAAC,eAAe,CAAC,QAAQ,CAAC;QAC9C,4DAA4D;QAC5D,MAAM,YAAY,CAAC,mBAAmB,CAAC;YACrC,UAAU,EAAE,OAAO,CAAC,KAAK;YACzB,SAAS;YACT,aAAa,EAAE,YAAY;YAC3B,MAAM,EAAE,QAAQ;SACjB,CAAC;QACF,OAAO,QAAQ;IACnB,CAAC;IAED,KAAK,UAAU,cAAc,CACzB,IAAgB;QAEhB,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAI,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE;QACpC,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC;QACnD,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,mBAAmB,CAAC,KAAK,CAAC;QAC5D,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IAC/D,CAAC;IAED,KAAK,UAAU,UAAU,CAAC,GAAW,EAAE,IAAU;QAC/C,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC;QAClD,IAAI,UAAU,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,WAAW,GAAG,EAAE,CAAC;QACnC,CAAC;QACD,MAAM,UAAU,GAAG,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC;QAC3C,MAAM,OAAO,GAAG;YACd,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,MAAM,UAAU,CAAC,IAAI,EAAE;YAC7B,OAAO,EAAE;gBACP,CAAC,cAAc,EAAE,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,0BAA0B,CAAC;aACvF;SACF;QACD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC;QAChE,IAAI,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YAC1C,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE;gBAC9B,MAAM,EAAE,QAAQ;aACjB,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO;QACL,cAAc;QACd,cAAc;QACd,UAAU;KACX;AACH,CAAC;;;ACzDD,MAAM,WAAY,SAAQ,KAAK;IAC3B,YAAY,OAAgB;QACxB,KAAK,CAAC,OAAO,CAAC;QACd,0EAA0E;QAC1E,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,EAAC,0BAA0B;QAC5E,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAC,qCAAqC;IACrE,CAAC;CACJ;AAEM,MAAM,iBAAkB,SAAQ,WAAW;CAAG;AAE9C,MAAM,yBAA0B,SAAQ,WAAW;CAAG;AAEtD,MAAM,wBAAyB,SAAQ,WAAW;CAAG;AAErD,MAAM,aAAc,SAAQ,WAAW;CAAG;AAE1C,MAAM,gBAAiB,SAAQ,WAAW;CAAI;AAE9C,MAAM,iBAAkB,SAAQ,WAAW;CAAG;AAE9C,MAAM,UAAW,SAAQ,WAAW;IAGvC,YAAY,MAAc,EAAE,OAAgB;QACxC,KAAK,CAAC,OAAO,CAAC;QACd,IAAI,CAAC,MAAM,GAAG,MAAM;IACxB,CAAC;CACJ;;;AC3B6J;AACxH;AACM;AAC2B;AAGhE,SAAS,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,YAAY;IACzD,MAAM,EAAE,GAAG,KAAS;IAEpB;;;;;OAKG;IACH,KAAK,UAAU,uBAAuB,CAAC,IAAe;QAClD,IAAI,CAAC;YACD,OAAO,MAAM,eAAe,CAAC,IAAI,CAAC;QACtC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,OAAO,SAAS;QACpB,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,UAAU,eAAe,CAAE,IAAe;QAC3C,MAAM,WAAW,CAAC,IAAI,CAAC;QAEvB,MAAM,uBAAuB,GAAG,sBAAsB,CAAC,IAAI,CAAC;QAC5D,IAAI,eAAe;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,iBAAiB,CAAc,EAAE,uBAAuB,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QAChJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,QAAQ,IAAI,iDAAiD;YAC7E,IAAU,CAAC,OAAO,CAAC;YACnB,qCAAqC;YACrC,IAAI,GAAG,YAAY,gBAAgB,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YAClD,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YACnD,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YACnD,IAAI,GAAG,YAAY,yBAAyB,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YAC3D,IAAI,GAAG,YAAY,wBAAwB,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YAC1D,IAAI,GAAG,YAAY,UAAU,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YAC5C,MAAM,GAAG;QACb,CAAC;QAED,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,eAA4B,CAAC;QAC1D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC,CAAC,+CAA+C;YAC3D,MAAM,GAAG,GAAG,qCAAqC,IAAI,KAAK,GAAG,EAAE;YAC/D,IAAU,CAAC,GAAG,CAAC;YACf,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC9B,MAAM,IAAI,iBAAiB,EAAE;YACjC,CAAC;YACD,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC9B,IAAI,eAAe,CAAC,eAAe,CAAC,EAAE,CAAC;oBACvC,MAAM,IAAI,yBAAyB,EAAE;gBACrC,CAAC;gBACD,MAAM,IAAI,wBAAwB,EAAE;YACxC,CAAC;YACD;;eAEG;YACH,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC;QACxB,CAAC;QACD,OAAO,eAA4B;IACvC,CAAC;IAED,KAAK,UAAU,WAAW,CAAE,IAAe;QACvC,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC;QAClD,CAAC;QACD,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;QACxC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,kCAAkC,IAAI,KAAK,GAAG,EAAE,CAAC;QACrE,CAAC;QACD,OAAO,IAAI,CAAC,GAAG,EAAE;IACrB,CAAC;IAED,KAAK,UAAU,MAAM;QACjB,MAAM,EAAE,GAAG,KAAK,CAAC,WAAW,EAAE;QAC9B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC;QAC7D,CAAC;QACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC;QAClC,OAAO,EAAE;IACb,CAAC;IAED,SAAS,UAAU,CAAC,IAAe;QAC/B,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC;QACjC,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC;QAC/C,CAAC;QACD,OAAO,OAAoB;IAC/B,CAAC;IAED,KAAK,UAAU,YAAY,CAAC,IAAe;QACvC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;QAC9B,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QACzE,IAAI,CAAC,SAAS,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC;QACjD,CAAC;QACD,OAAO,SAAsB;IACjC,CAAC;IAED,SAAS,WAAW,CAAC,EAAa;QAC9B,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC;IAClE,CAAC;IAED,OAAO;QACH,MAAM;QACN,UAAU;QACV,YAAY;QACZ,WAAW;QACX,eAAe;QACf,WAAW;QACX,uBAAuB;KAC1B;AACL,CAAC;;;AC3H0C;AAEL;AACM;AACJ;AAEjC,SAAS,oBAAoB,CAAC,KAAK,EAAE,KAAK,EAAE,YAAY,EAAE,YAAY;IACzE,MAAM,EAAE,GAAG,KAAS;IAEpB,SAAS,gBAAgB,CAAC,QAAQ,EAAE,QAAQ;QACxC,OAAO,KAAK;aACP,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC;aAC/C,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YACV,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC;QACzD,CAAC,CAAC;IACV,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,IAAe;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC;QAC/D,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,WAAW,CAAC,IAAI,CAAC;QAEpD,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,CAAC;QAC/C,IAAI,eAAe;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,iBAAiB,CAAc,EAAE,UAAU,EAAE,OAAO,CAAC;QAChI,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,QAAQ,IAAI,qDAAqD;YACjF,IAAU,CAAC,OAAO,CAAC;QACvB,CAAC;QACD,MAAM,YAAY,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,eAA4B,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE;QAEnH,IAAI,eAAe;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,uBAAuB,CAAC,IAAI,CAAC;QACtE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,eAAe,GAAG,IAAI;QAC1B,CAAC;QAED,IAAI,aAAa;QACjB,IAAI,eAAe,EAAE,CAAC,CAAC,0EAA0E;YAC7F,8DAA8D;YAC9D,oDAAoD;YACpD,MAAM,yBAAyB,GAAG,uBAAuB,CAAC,eAAe,CAAC;YAC1E,IAAI,gBAAgB;YACpB,IAAI,CAAC;gBACD,gBAAgB,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC;oBAChF,MAAM,YAAY,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAc,EAAE,yBAAyB,EAAE,eAAe,CAAC;YACtI,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACf,MAAM,OAAO,GAAG,QAAQ,IAAI,8DAA8D;gBAC1F,IAAU,CAAC,OAAO,CAAC;YACvB,CAAC;YACD,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,gBAA6B,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE;QACrH,CAAC;aAAM,CAAC;YACJ,aAAa,GAAG,EAAE;QACtB,CAAC;QACD,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,aAAa,CAAC;QACjD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,MAAM;QACtC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC;QAC9C,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;QACnC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,IAAU,CAAC,+BAA+B,EAAE,GAAG,CAAC;QACpD,CAAC;QACD,OAAO,MAAM;IACjB,CAAC;IAED,KAAK,UAAU,wBAAwB,CAAC,IAAe;QACnD,IAAI,eAAe;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,uBAAuB,CAAC,IAAI,CAAC;QACtE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,QAAQ,IAAI,iDAAiD;YAC7E,IAAU,CAAC,OAAO,CAAC;QACvB,CAAC;QACD,IAAI,eAAe,EAAE,CAAC,CAAC,0EAA0E;YAC7F,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,eAA4B,CAAC,CAAC,MAAM,CACvG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAe,CAAC,CAC9E;YACD,IAAI,MAAM,GAAG,EAAE;YACf,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;gBAC5B,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,kBAAkB,CAAC,GAAgB,CAAQ,CAAC;YAC7E,CAAC;YACD,OAAO,MAAM;QACjB,CAAC;QACD,OAAO,EAAE,EAAC,iBAAiB;IAC/B,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,IAAe;QAC7C,OAAO,CAAC,MAAM,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,wBAAwB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACjG,CAAC;IAED,KAAK,UAAU,qBAAqB,CAAC,KAAgB,EAAE,IAAe;QAClE,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC;QAC7C,IAAI,UAAU,GAAG,EAAE;QACnB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC,KAAK,EAAE,KAAK,CAAQ;YACrE,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC;QAC/C,CAAC;QACD,OAAO,UAAU;IACrB,CAAC;IAED,oEAAoE;IACpE,oFAAoF;IACpF,EAAE;IACF,KAAK,UAAU,eAAe,CAAC,KAAgB;QAC3C,MAAM,IAAI,GAAG,KAAK,CAAC,WAAW,EAAE;QAChC,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC;QAC9E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,KAAK,EAAE,IAAI,CAAC;QACnE,OAAO,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC;IAC5D,CAAC;IAED,SAAS,sBAAsB,CAAC,EAAa;;QACzC,OAAO,uCAAG,CAAC,SAAE,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,0CAAE,GAAG,IAAG,qBAAqB,CAAC;IAC3D,CAAC;IACD,2DAA2D;IAE3D,SAAS,uBAAuB,CAAC,eAA0B;;QACvD,OAAO,uCAAG,CAAC,sBAAe,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,0CAAE,GAAG,IAAG,sBAAsB,CAAC;IACzE,CAAC;IAED;;;;MAIE;IACF,KAAK,UAAU,mBAAmB,CAC9B,QAAmB,EACnB,KAAgB,EAChB,QAAmB;QAGnB,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC;QACpC,MAAM,GAAG,GAAG;YACR,2EAA2E;YAC3E,sCAAE,CAAC,YAAY,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,KAAK,CAAC;YACrE,sCAAE,CAAC,YAAY,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC;YACvD,sCAAE,CAAC,YAAY,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC;SAC1D;QACD,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC;QACvC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,sBAAsB,QAAQ,aAAa,KAAK,KAAK,GAAG,EAAE;YACtE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;YACjB,OAAO,IAAI;QACf,CAAC;QACD,OAAO,YAAY;IACvB,CAAC;IAED,KAAK,UAAU,2BAA2B,CAAC,IAAI;QAC3C,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAc;QAC/F,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,0DAA0D,IAAI,CAAC,QAAQ,EAAE,CAAC;QACpG,MAAM,UAAU,GAAG,KAAK,CAAC,kBAAkB,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;QAC9E,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;IAC9C,CAAC;IAED,KAAK,UAAU,sBAAsB,CAAC,KAAqB,EAAE,QAA0B;QACnF,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK;QACzB,MAAM,OAAO,GAAgB,EAAE;QAC/B,MAAM,aAAa,GAAG,KAAK,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC;aAClF,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;aAClF,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC;QAC1B,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC;YAC/D,IAAI,CAAC,QAAQ,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1C,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC;gBACpE,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;oBACjC,OAAO,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;gBAChD,CAAC;gBACD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC;gBAC9E,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;oBAChC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;oBAClC,OAAO,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,uCAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,KAAK,EAAG,KAAK,EAAE,CAAC;gBACxE,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,OAAO;IAClB,CAAC;IAED,OAAO;QACH,mBAAmB;QACnB,gBAAgB;QAChB,kBAAkB;QAClB,wBAAwB;QACxB,kBAAkB;QAClB,qBAAqB;QACrB,eAAe;QACf,sBAAsB;QACtB,uBAAuB;QACvB,2BAA2B;QAC3B,sBAAsB;KACzB;AACL,CAAC;;;AC/LiD;AAElD;;GAEG;AACI,SAAS,oBAAoB,CAAC,KAAK;IAEtC,SAAS,oBAAoB,CAAC,aAAwB;QAClD,OAAO,KAAK;aACP,kBAAkB,CACf,aAAa,EACb,uCAAG,CAAC,mCAAmC,CAAC,EACxC,SAAS,CACZ;aACA,GAAG,CAAC,CAAC,EAAa,EAAE,EAAE,CAAC,EAAE,CAAC,MAAmB,CAAC;IACvD,CAAC;IAED,SAAS,WAAW,CAAC,GAAc;QAC/B,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK;QAC9B,OAAO,YAAY,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,GAAG;IAC/D,CAAC;IAED,KAAK,UAAU,eAAe,CAAC,GAAW;QACtC,MAAM,YAAY,GAAG,uCAAG,CAAC,GAAG,CAAC;QAC7B,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,EAAE,CAAC;QACjD,CAAC;QACD,oHAAoH;QACpH,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACL,cAAc,EAAE,aAAa;gBAC7B,eAAe,EAAE,GAAG;gBACpB,IAAI,EAAE,uDAAuD,EAAE,+DAA+D;aACjI;YACD,IAAI,EAAE,GAAG,EAAE,iGAAiG;SAC/G,CAAC;QACF,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,eAAe,MAAM,CAAC,MAAM,yCAAyC,GAAG,EAAE,CAAC;QAC/F,CAAC;IACL,CAAC;IAED,KAAK,UAAU,mBAAmB,CAAC,YAAuB;QACtD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC;QACtC,OAAO,oBAAoB,CAAC,YAAY,CAAC;IAC7C,CAAC;IACD,OAAO;QACH,WAAW;QACX,eAAe;QACf,oBAAoB;QACpB,mBAAmB;KACtB;AACL,CAAC;;;ACpD0C;AACmH;AACxH;AACG;AAElC,SAAS,kBAAkB,CAAC,KAAK,EAAE,QAAQ,EAAE,cAAc;IAEhE,KAAK,UAAU,eAAe,CAAC,aAAwB;QACnD,IAAI,CAAC;YACH,IAAI,cAAc,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;gBAC9C,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,aAAa,CAAC,aAAa,CAAC;gBAC7D,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;gBAC3D,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC,mBAAmB,CAAC,aAAa,CAAC;gBAChF,MAAM,OAAO,CAAC,GAAG,CACf,gBAAgB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CACpD;YACH,CAAC;YACD,MAAM,gBAAgB,GAAG,aAAa,CAAC,KAAK;YAC5C,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,gBAAgB,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;QACrE,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAS,CAAC,0BAA0B,aAAa,CAAC,KAAK,oBAAoB,EAAE,CAAC,CAAC;QACjF,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,UAAU,uBAAuB,CAAC,GAAc;QACnD,IAAI,QAAQ;QACZ,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;QAC1C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAChC,IAAI,CAAC;oBACH,MAAM,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,WAAW,EAAE,aAAa,EAAE,CAAC;gBACxF,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,MAAM,GAAG,GAAG,iCAAiC,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG;oBAChE,MAAM,IAAI,iBAAiB,CAAC,GAAG,CAAC;gBAClC,CAAC;gBACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;YAC/B,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAChC,MAAM,IAAI,iBAAiB,EAAE;gBAC/B,CAAC;gBACD,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAChC,IAAI,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC;wBACzB,MAAM,IAAI,yBAAyB,EAAE;oBACvC,CAAC;oBACD,MAAM,IAAI,wBAAwB,EAAE;gBACtC,CAAC;gBACD,MAAM,GAAG,GAAG,6CAA6C,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG;gBAC5E,MAAM,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC;YACrD,CAAC;QACH,CAAC;QACD,OAAO,QAAQ;IACjB,CAAC;IAED;;;MAGE;IACF,KAAK,UAAU,kBAAkB,CAAC,OAAkB,EAAE,SAAoB,EACxE,MAAiB,EAAE,GAAc;QAEjC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;QAC7B,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,CAAC;QAEvD,IAAI,MAAM;YAAE,OAAO,MAAmB;QACtC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACjC,MAAM,GAAG,GAAG,mCAAmC,GAAG,CAAC,KAAK,EAAE;YAC1D,IAAU,CAAC,GAAG,CAAC;YACf,MAAM,IAAI,gBAAgB,CAAC,GAAG,CAAC;QACjC,CAAC;QACD,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,sCAAE,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;QACvE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,4CAA4C,GAAG,OAAO,MAAM,KAAK,GAAG,EAAE;YAClF,IAAU,CAAC,GAAG,CAAC;YACf,MAAM,IAAI,iBAAiB,CAAC,GAAG,CAAC;QAClC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,uBAAuB,CAAC,MAAM,CAAC;YACrC,qFAAqF;QACvF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAU,CAAC,oEAAoE,MAAM,KAAK,GAAG,EAAE,CAAC;YAChG,MAAM,GAAG;QACX,CAAC;QACD,OAAO,MAAM;IACf,CAAC;IAED,6GAA6G;IAC7G,KAAK,UAAU,mBAAmB,CAAC,OAMlC;QACC,IAAI,GAAG,GAAG;YACR,gDAAgD;YAChD,EAAE;YACF,+CAA+C,OAAO,CAAC,UAAU,IAAI;YACrE,mBAAmB,OAAO,CAAC,MAAM,IAAI;YACrC,kBAAkB,OAAO,CAAC,MAAM,IAAI;YACpC,8CAA8C;YAC9C,EAAE;SACH,CAAC,IAAI,CAAC,IAAI,CAAC;QACZ,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;YAC1B,GAAG,IAAI;gBACL,qCAAqC;gBACrC,gBAAgB,OAAO,CAAC,SAAS,IAAI;gBACrC,mBAAmB,OAAO,CAAC,MAAM,IAAI;gBACrC,cAAc,OAAO,CAAC,aAAa,GAAG;gBACtC,EAAE;aACH,CAAC,IAAI,CAAC,IAAI,CAAC;QACd,CAAC;QACD,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;YACzB,GAAG,IAAI;gBACL,oCAAoC;gBACpC,gBAAgB,OAAO,CAAC,SAAS,IAAI;gBACrC,kBAAkB,OAAO,CAAC,MAAM,IAAI;gBACpC,cAAc,OAAO,CAAC,YAAY,GAAG;gBACrC,EAAE;aACH,CAAC,IAAI,CAAC,IAAI,CAAC;QACd,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,aAAa,CAAC,uCAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACnE,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE;YACrC,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,GAAG;YACT,OAAO,EAAE;gBACP,CAAC,cAAc,EAAE,aAAa,CAAC;aAChC;SACF,CAAC;IACJ,CAAC;IAED,KAAK,UAAU,iBAAiB,CAAC,GAAc,EAAE,OAAe;QAC9D,MAAM,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,GAAG,EAAE;YAC/C,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,IAAI,OAAO;GACnC;YACG,WAAW,EAAE,aAAa;SAC3B,CAAC;IACJ,CAAC;IAED,OAAO;QACL,eAAe;QACf,mBAAmB;QACnB,iBAAiB;QACjB,kBAAkB;QAClB,uBAAuB;KACxB;AACH,CAAC;;;ACzJ4B;AAEmB;AACU;AACP;AACG;AACM;AACM;AACL;AACJ;AAEnB;AACtC;;;;;EAKE;AACK,SAAS,gBAAgB,CAAC,YAA4D,EAAE,OAAgB;IAE3G,GAAS,CAAC,0EAA0E,CAAC;IACrF,MAAM,KAAK,GAAc,qCAAS,EAAe;IACjD,uCAAW,CAAC,KAAK,EAAE,EAAC,KAAK,EAAE,YAAY,CAAC,KAAK,EAAC,CAAC,EAAC,yCAAyC;IACzF,KAAK,CAAC,OAAO,GAAG,IAAI,6CAAiB,CAAC,KAAK,CAAC,EAAC,2CAA2C;IACxF,KAAK,CAAC,QAAQ,GAAG,EAAE,EAAC,+CAA+C;IAEnE,MAAM,KAAK,GAAe,IAAI,eAAe,CAAC,OAAO,CAAC;IAEtD,MAAM,GAAG,GAAG,cAAc,CAAC,KAAK,CAAC;IACjC,MAAM,cAAc,GAAG,oBAAoB,CAAC,KAAK,CAAC;IAClD,MAAM,YAAY,GAAG,kBAAkB,CAAC,KAAK,EAAE,GAAG,EAAE,cAAc,CAAC;IACnE,MAAM,OAAO,GAAG,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,YAAY,CAAC;IAC9D,MAAM,IAAI,GAAG,eAAe,CAAC,KAAK,EAAE,OAAO,CAAC;IAC5C,MAAM,KAAK,GAAG,gBAAgB,CAAC,KAAK,EAAE,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,GAAG,CAAC;IACjF,MAAM,SAAS,GAAG,oBAAoB,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,YAAY,CAAC;IAC3E,GAAS,CAAC,6BAA6B,CAAC;IAExC,SAAS,IAAI,CAAC,GAAqC;QAC/C,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;IAClC,CAAC;IAED,qEAAqE;IACrE,SAAS,aAAa,CAClB,GAAqB,EACrB,MAAwB,EAAE;QAE1B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACvC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,IAAI,EAAE,EAAE,EAAE,SAAS;gBACxD,IAAI,CAAC,EAAE,EAAE,CAAC;oBACV,MAAM,CAAC,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC;gBAC5B,CAAC;qBAAM,CAAC;oBACR,OAAO,EAAE;gBACT,CAAC;YACL,CAAC,CAAC,EAAC,WAAW;QACd,CAAC,CAAC,EAAC,UAAU;IACjB,CAAC;IAED,SAAS,UAAU;QACf,KAAK,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO;QACH,KAAK;QACL,KAAK;QACL,GAAG;QACH,KAAK;QACL,IAAI;QACJ,OAAO;QACP,SAAS;QACT,IAAI;QACJ,aAAa;QACb,UAAU;KACb;AACL,CAAC;;;AC1EqC;AACkB;AACT;AAG/C,MAAM,MAAM,GAAG,KAAK,EAAE,GAAG,EAAE,WAAW,EAAE,EAAE;IACtC,MAAM,SAAS,GAAG,WAAW,IAAI,WAAW,CAAC,WAAW,IAAI,WAAW,CAAC,WAAW,IAAI,MAAM;IAC7F,IAAI,WAAW,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,oDAAoD;QAC5F,uDAAuD;QACvD,OAAO,WAAW,CAAC,KAAK,CAAC,GAAG,EAAE,WAAW,CAAC;IAC9C,CAAC;SAAM,CAAC;QACJ,OAAO,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,WAAW,CAAC;IACzC,CAAC;AACL,CAAC;AAED,0EAA0E;AAC1E,MAAM,gBAAgB,GAAG,MAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC;AAO5D,MAAM,YAAY,GAAG,CAAC,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,qBAAM,CAAwB;AAE7F,SAAS,oBAAoB;IACzB,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAClC,GAAS,CAAC,qDAAqD,CAAC;QAChE,YAAY,CAAC,gBAAgB,CAAC,GAAG,gBAAgB,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,WAAW,CAAC;QACjF,GAAS,CAAC,+BAA+B,CAAC;IAC9C,CAAC;SAAM,CAAC;QACJ,GAAS,CAAC,uDAAuD,CAAC;IACtE,CAAC;IACD,OAAO,YAAY,CAAC,gBAAgB,CAAE;AAC1C,CAAC;AACD,mEAAmE;AACnE,MAAM,mBAAmB,GAAG,oBAAoB,EAAE;AAEpB;;;ACtC9B,MAAM,eAAe,GAAG;IACtB;QACE,IAAI,EAAE,iBAAiB;QACvB,GAAG,EAAE,4BAA4B;KAClC;IACD;QACE,IAAI,EAAE,WAAW;QACjB,GAAG,EAAE,sBAAsB;KAC5B;IACD;QACE,IAAI,EAAE,cAAc;QACpB,GAAG,EAAE,qBAAqB;KAC3B;IACD;QACE,IAAI,EAAE,YAAY;QAClB,GAAG,EAAE,0BAA0B;KAChC;CACF;AAED;;GAEG;AACI,SAAS,mBAAmB;IAC/B,yCAAyC;IACzC,MAAM,OAAO,GAAG,CAAC,GAAG,eAAe,CAAC;IAEpC,mDAAmD;IACnD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;IACzD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC,EAAE,CAAC;QACpF,OAAO,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;IAC9C,CAAC;IAED,OAAO,OAAO;AAChB,CAAC;AAEH,SAAS,aAAa,CAAE,SAAiB,EAAE,MAAc;IACrD,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC;IAChD,OAAO,GAAG,GAAG,CAAC,IAAI,SAAS,CAAC,GAAG,CAAC,KAAK,GAAG,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;AAC1E,CAAC;;;ACvCD,mFAAmF;AACnF,8DAA8D;AACG;AAEjE,MAAM,KAAK,GAAG,mBAAmB,CAAC,KAAK;AACvC,MAAM,eAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,WAAW;AACzD,MAAM,KAAK,GAAG,mBAAmB,CAAC,KAAK;AAEE;AACmB;AACF;AACO;AAE2G;AAO3K","sources":["webpack://solid-logic-jss/./node_modules/solid-namespace/index.js","webpack://solid-logic-jss/webpack/bootstrap","webpack://solid-logic-jss/webpack/runtime/compat get default export","webpack://solid-logic-jss/webpack/runtime/define property getters","webpack://solid-logic-jss/webpack/runtime/global","webpack://solid-logic-jss/webpack/runtime/hasOwnProperty shorthand","webpack://solid-logic-jss/./src/util/debug.ts","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/webcrypto.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/invalid_key_input.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/buffer_utils.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/base64url.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/is_key_like.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/key_to_jwk.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/export.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/errors.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/subtle_dsa.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/check_key_length.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/crypto_key.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_object.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_jwk.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/jwk_to_key.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/normalize_key.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/get_sign_verify_key.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/sign.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_disjoint.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/check_key_type.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_crit.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/sign.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/sign.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/epoch.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/secs.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/produce.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/sign.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/fetch_jwks.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/import.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/local.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/remote.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/verify.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_algorithms.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/verify.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/verify.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/jwt_claims_set.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/verify.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/digest.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwk/thumbprint.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/generate.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/generate_key_pair.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/base64url.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/decode_jwt.js","webpack://solid-logic-jss/./node_modules/solid-oidc/solid-oidc.js","webpack://solid-logic-jss/./src/authSession/solidOidcAdapter.ts","webpack://solid-logic-jss/./src/authSession/authSession.ts","webpack://solid-logic-jss/external module \"rdflib\"","webpack://solid-logic-jss/./src/util/ns.ts","webpack://solid-logic-jss/./src/acl/aclLogic.ts","webpack://solid-logic-jss/./src/authn/authUtil.ts","webpack://solid-logic-jss/./src/authn/SolidAuthnLogic.ts","webpack://solid-logic-jss/./src/util/utils.ts","webpack://solid-logic-jss/./src/chat/chatLogic.ts","webpack://solid-logic-jss/./src/inbox/inboxLogic.ts","webpack://solid-logic-jss/./src/logic/CustomError.ts","webpack://solid-logic-jss/./src/profile/profileLogic.ts","webpack://solid-logic-jss/./src/typeIndex/typeIndexLogic.ts","webpack://solid-logic-jss/./src/util/containerLogic.ts","webpack://solid-logic-jss/./src/util/utilityLogic.ts","webpack://solid-logic-jss/./src/logic/solidLogic.ts","webpack://solid-logic-jss/./src/logic/solidLogicSingleton.ts","webpack://solid-logic-jss/./src/issuer/issuerLogic.ts","webpack://solid-logic-jss/./src/index.ts"],"sourcesContent":["/**\n * Provides a way to access commonly used namespaces\n *\n * Usage:\n *\n * ```\n * const $rdf = require('rdflib'); //or any other RDF/JS-compatible library\n * const ns = require('solid-namespace')($rdf);\n * const store = $rdf.graph();\n *\n * let me = ...;\n * let name = store.any(me, ns.vcard(‘fn’)) || store.any(me, ns.foaf(‘name’));\n * ```\n * @module vocab\n */\nconst aliases = {\n acl: 'http://www.w3.org/ns/auth/acl#',\n arg: 'http://www.w3.org/ns/pim/arg#',\n as: 'https://www.w3.org/ns/activitystreams#',\n bookmark: 'http://www.w3.org/2002/01/bookmark#',\n cal: 'http://www.w3.org/2002/12/cal/ical#',\n cco: 'http://www.ontologyrepository.com/CommonCoreOntologies/',\n cert: 'http://www.w3.org/ns/auth/cert#',\n contact: 'http://www.w3.org/2000/10/swap/pim/contact#',\n dc: 'http://purl.org/dc/elements/1.1/',\n dct: 'http://purl.org/dc/terms/',\n doap: 'http://usefulinc.com/ns/doap#',\n foaf: 'http://xmlns.com/foaf/0.1/',\n geo: 'http://www.w3.org/2003/01/geo/wgs84_pos#',\n gpx: 'http://www.w3.org/ns/pim/gpx#',\n gr: 'http://purl.org/goodrelations/v1#',\n http: 'http://www.w3.org/2007/ont/http#',\n httph: 'http://www.w3.org/2007/ont/httph#',\n icalTZ: 'http://www.w3.org/2002/12/cal/icaltzd#', // Beware: not cal:\n ldp: 'http://www.w3.org/ns/ldp#',\n link: 'http://www.w3.org/2007/ont/link#',\n log: 'http://www.w3.org/2000/10/swap/log#',\n meeting: 'http://www.w3.org/ns/pim/meeting#',\n mo: 'http://purl.org/ontology/mo/',\n org: 'http://www.w3.org/ns/org#',\n owl: 'http://www.w3.org/2002/07/owl#',\n pad: 'http://www.w3.org/ns/pim/pad#',\n patch: 'http://www.w3.org/ns/pim/patch#',\n prov: 'http://www.w3.org/ns/prov#',\n pto: 'http://www.productontology.org/id/',\n qu: 'http://www.w3.org/2000/10/swap/pim/qif#',\n trip: 'http://www.w3.org/ns/pim/trip#',\n rdf: 'http://www.w3.org/1999/02/22-rdf-syntax-ns#',\n rdfs: 'http://www.w3.org/2000/01/rdf-schema#',\n rss: 'http://purl.org/rss/1.0/',\n sched: 'http://www.w3.org/ns/pim/schedule#',\n schema: 'http://schema.org/', // @@ beware confusion with documents no 303\n sioc: 'http://rdfs.org/sioc/ns#',\n skos: 'http://www.w3.org/2004/02/skos/core#',\n solid: 'http://www.w3.org/ns/solid/terms#',\n space: 'http://www.w3.org/ns/pim/space#',\n stat: 'http://www.w3.org/ns/posix/stat#',\n tab: 'http://www.w3.org/2007/ont/link#',\n tabont: 'http://www.w3.org/2007/ont/link#',\n ui: 'http://www.w3.org/ns/ui#',\n vann: 'http://purl.org/vocab/vann/',\n vcard: 'http://www.w3.org/2006/vcard/ns#',\n wf: 'http://www.w3.org/2005/01/wf/flow#',\n xsd: 'http://www.w3.org/2001/XMLSchema#',\n}\n\n/**\n * @param [rdflib] {RDF} Optional RDF Library (such as rdflib.js or rdf-ext) to inject\n */\nfunction vocab (rdf = { namedNode: u => u }) {\n const namespaces = {}\n for (const alias in aliases) {\n const expansion = aliases[alias]\n namespaces[alias] = function (localName = '') {\n return rdf.namedNode(expansion + localName)\n }\n };\n\n return namespaces\n};\n\nmodule.exports = vocab\n","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\t__webpack_modules__[moduleId](module, module.exports, __webpack_require__);\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","// getDefaultExport function for compatibility with non-harmony modules\n__webpack_require__.n = (module) => {\n\tvar getter = module && module.__esModule ?\n\t\t() => (module['default']) :\n\t\t() => (module);\n\t__webpack_require__.d(getter, { a: getter });\n\treturn getter;\n};","// define getter functions for harmony exports\n__webpack_require__.d = (exports, definition) => {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","__webpack_require__.g = (function() {\n\tif (typeof globalThis === 'object') return globalThis;\n\ttry {\n\t\treturn this || new Function('return this')();\n\t} catch (e) {\n\t\tif (typeof window === 'object') return window;\n\t}\n})();","__webpack_require__.o = (obj, prop) => (Object.prototype.hasOwnProperty.call(obj, prop))","\nexport function log(...args: any[]): void {\n console.log(...args)\n}\n\nexport function warn(...args: any[]): void {\n console.warn(...args)\n}\n\nexport function error(...args: any[]): void {\n console.error(...args)\n}\n\nexport function trace(...args: any[]): void {\n console.trace(...args)\n}\n","export default crypto;\nexport const isCryptoKey = (key) => key instanceof CryptoKey;\n","function message(msg, actual, ...types) {\n types = types.filter(Boolean);\n if (types.length > 2) {\n const last = types.pop();\n msg += `one of type ${types.join(', ')}, or ${last}.`;\n }\n else if (types.length === 2) {\n msg += `one of type ${types[0]} or ${types[1]}.`;\n }\n else {\n msg += `of type ${types[0]}.`;\n }\n if (actual == null) {\n msg += ` Received ${actual}`;\n }\n else if (typeof actual === 'function' && actual.name) {\n msg += ` Received function ${actual.name}`;\n }\n else if (typeof actual === 'object' && actual != null) {\n if (actual.constructor?.name) {\n msg += ` Received an instance of ${actual.constructor.name}`;\n }\n }\n return msg;\n}\nexport default (actual, ...types) => {\n return message('Key must be ', actual, ...types);\n};\nexport function withAlg(alg, actual, ...types) {\n return message(`Key for the ${alg} algorithm must be `, actual, ...types);\n}\n","import digest from '../runtime/digest.js';\nexport const encoder = new TextEncoder();\nexport const decoder = new TextDecoder();\nconst MAX_INT32 = 2 ** 32;\nexport function concat(...buffers) {\n const size = buffers.reduce((acc, { length }) => acc + length, 0);\n const buf = new Uint8Array(size);\n let i = 0;\n for (const buffer of buffers) {\n buf.set(buffer, i);\n i += buffer.length;\n }\n return buf;\n}\nexport function p2s(alg, p2sInput) {\n return concat(encoder.encode(alg), new Uint8Array([0]), p2sInput);\n}\nfunction writeUInt32BE(buf, value, offset) {\n if (value < 0 || value >= MAX_INT32) {\n throw new RangeError(`value must be >= 0 and <= ${MAX_INT32 - 1}. Received ${value}`);\n }\n buf.set([value >>> 24, value >>> 16, value >>> 8, value & 0xff], offset);\n}\nexport function uint64be(value) {\n const high = Math.floor(value / MAX_INT32);\n const low = value % MAX_INT32;\n const buf = new Uint8Array(8);\n writeUInt32BE(buf, high, 0);\n writeUInt32BE(buf, low, 4);\n return buf;\n}\nexport function uint32be(value) {\n const buf = new Uint8Array(4);\n writeUInt32BE(buf, value);\n return buf;\n}\nexport function lengthAndInput(input) {\n return concat(uint32be(input.length), input);\n}\nexport async function concatKdf(secret, bits, value) {\n const iterations = Math.ceil((bits >> 3) / 32);\n const res = new Uint8Array(iterations * 32);\n for (let iter = 0; iter < iterations; iter++) {\n const buf = new Uint8Array(4 + secret.length + value.length);\n buf.set(uint32be(iter + 1));\n buf.set(secret, 4);\n buf.set(value, 4 + secret.length);\n res.set(await digest('sha256', buf), iter * 32);\n }\n return res.slice(0, bits >> 3);\n}\n","import { encoder, decoder } from '../lib/buffer_utils.js';\nexport const encodeBase64 = (input) => {\n let unencoded = input;\n if (typeof unencoded === 'string') {\n unencoded = encoder.encode(unencoded);\n }\n const CHUNK_SIZE = 0x8000;\n const arr = [];\n for (let i = 0; i < unencoded.length; i += CHUNK_SIZE) {\n arr.push(String.fromCharCode.apply(null, unencoded.subarray(i, i + CHUNK_SIZE)));\n }\n return btoa(arr.join(''));\n};\nexport const encode = (input) => {\n return encodeBase64(input).replace(/=/g, '').replace(/\\+/g, '-').replace(/\\//g, '_');\n};\nexport const decodeBase64 = (encoded) => {\n const binary = atob(encoded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n};\nexport const decode = (input) => {\n let encoded = input;\n if (encoded instanceof Uint8Array) {\n encoded = decoder.decode(encoded);\n }\n encoded = encoded.replace(/-/g, '+').replace(/_/g, '/').replace(/\\s/g, '');\n try {\n return decodeBase64(encoded);\n }\n catch {\n throw new TypeError('The input to be decoded is not correctly encoded.');\n }\n};\n","import { isCryptoKey } from './webcrypto.js';\nexport default (key) => {\n if (isCryptoKey(key)) {\n return true;\n }\n return key?.[Symbol.toStringTag] === 'KeyObject';\n};\nexport const types = ['CryptoKey'];\n","import crypto, { isCryptoKey } from './webcrypto.js';\nimport invalidKeyInput from '../lib/invalid_key_input.js';\nimport { encode as base64url } from './base64url.js';\nimport { types } from './is_key_like.js';\nconst keyToJWK = async (key) => {\n if (key instanceof Uint8Array) {\n return {\n kty: 'oct',\n k: base64url(key),\n };\n }\n if (!isCryptoKey(key)) {\n throw new TypeError(invalidKeyInput(key, ...types, 'Uint8Array'));\n }\n if (!key.extractable) {\n throw new TypeError('non-extractable CryptoKey cannot be exported as a JWK');\n }\n const { ext, key_ops, alg, use, ...jwk } = await crypto.subtle.exportKey('jwk', key);\n return jwk;\n};\nexport default keyToJWK;\n","import { toSPKI as exportPublic } from '../runtime/asn1.js';\nimport { toPKCS8 as exportPrivate } from '../runtime/asn1.js';\nimport keyToJWK from '../runtime/key_to_jwk.js';\nexport async function exportSPKI(key) {\n return exportPublic(key);\n}\nexport async function exportPKCS8(key) {\n return exportPrivate(key);\n}\nexport async function exportJWK(key) {\n return keyToJWK(key);\n}\n","export class JOSEError extends Error {\n constructor(message, options) {\n super(message, options);\n this.code = 'ERR_JOSE_GENERIC';\n this.name = this.constructor.name;\n Error.captureStackTrace?.(this, this.constructor);\n }\n}\nJOSEError.code = 'ERR_JOSE_GENERIC';\nexport class JWTClaimValidationFailed extends JOSEError {\n constructor(message, payload, claim = 'unspecified', reason = 'unspecified') {\n super(message, { cause: { claim, reason, payload } });\n this.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED';\n this.claim = claim;\n this.reason = reason;\n this.payload = payload;\n }\n}\nJWTClaimValidationFailed.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED';\nexport class JWTExpired extends JOSEError {\n constructor(message, payload, claim = 'unspecified', reason = 'unspecified') {\n super(message, { cause: { claim, reason, payload } });\n this.code = 'ERR_JWT_EXPIRED';\n this.claim = claim;\n this.reason = reason;\n this.payload = payload;\n }\n}\nJWTExpired.code = 'ERR_JWT_EXPIRED';\nexport class JOSEAlgNotAllowed extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JOSE_ALG_NOT_ALLOWED';\n }\n}\nJOSEAlgNotAllowed.code = 'ERR_JOSE_ALG_NOT_ALLOWED';\nexport class JOSENotSupported extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JOSE_NOT_SUPPORTED';\n }\n}\nJOSENotSupported.code = 'ERR_JOSE_NOT_SUPPORTED';\nexport class JWEDecryptionFailed extends JOSEError {\n constructor(message = 'decryption operation failed', options) {\n super(message, options);\n this.code = 'ERR_JWE_DECRYPTION_FAILED';\n }\n}\nJWEDecryptionFailed.code = 'ERR_JWE_DECRYPTION_FAILED';\nexport class JWEInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWE_INVALID';\n }\n}\nJWEInvalid.code = 'ERR_JWE_INVALID';\nexport class JWSInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWS_INVALID';\n }\n}\nJWSInvalid.code = 'ERR_JWS_INVALID';\nexport class JWTInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWT_INVALID';\n }\n}\nJWTInvalid.code = 'ERR_JWT_INVALID';\nexport class JWKInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWK_INVALID';\n }\n}\nJWKInvalid.code = 'ERR_JWK_INVALID';\nexport class JWKSInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWKS_INVALID';\n }\n}\nJWKSInvalid.code = 'ERR_JWKS_INVALID';\nexport class JWKSNoMatchingKey extends JOSEError {\n constructor(message = 'no applicable key found in the JSON Web Key Set', options) {\n super(message, options);\n this.code = 'ERR_JWKS_NO_MATCHING_KEY';\n }\n}\nJWKSNoMatchingKey.code = 'ERR_JWKS_NO_MATCHING_KEY';\nexport class JWKSMultipleMatchingKeys extends JOSEError {\n constructor(message = 'multiple matching keys found in the JSON Web Key Set', options) {\n super(message, options);\n this.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS';\n }\n}\nSymbol.asyncIterator;\nJWKSMultipleMatchingKeys.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS';\nexport class JWKSTimeout extends JOSEError {\n constructor(message = 'request timed out', options) {\n super(message, options);\n this.code = 'ERR_JWKS_TIMEOUT';\n }\n}\nJWKSTimeout.code = 'ERR_JWKS_TIMEOUT';\nexport class JWSSignatureVerificationFailed extends JOSEError {\n constructor(message = 'signature verification failed', options) {\n super(message, options);\n this.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED';\n }\n}\nJWSSignatureVerificationFailed.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED';\n","import { JOSENotSupported } from '../util/errors.js';\nexport default function subtleDsa(alg, algorithm) {\n const hash = `SHA-${alg.slice(-3)}`;\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512':\n return { hash, name: 'HMAC' };\n case 'PS256':\n case 'PS384':\n case 'PS512':\n return { hash, name: 'RSA-PSS', saltLength: alg.slice(-3) >> 3 };\n case 'RS256':\n case 'RS384':\n case 'RS512':\n return { hash, name: 'RSASSA-PKCS1-v1_5' };\n case 'ES256':\n case 'ES384':\n case 'ES512':\n return { hash, name: 'ECDSA', namedCurve: algorithm.namedCurve };\n case 'Ed25519':\n return { name: 'Ed25519' };\n case 'EdDSA':\n return { name: algorithm.name };\n default:\n throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);\n }\n}\n","export default (alg, key) => {\n if (alg.startsWith('RS') || alg.startsWith('PS')) {\n const { modulusLength } = key.algorithm;\n if (typeof modulusLength !== 'number' || modulusLength < 2048) {\n throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`);\n }\n }\n};\n","function unusable(name, prop = 'algorithm.name') {\n return new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);\n}\nfunction isAlgorithm(algorithm, name) {\n return algorithm.name === name;\n}\nfunction getHashLength(hash) {\n return parseInt(hash.name.slice(4), 10);\n}\nfunction getNamedCurve(alg) {\n switch (alg) {\n case 'ES256':\n return 'P-256';\n case 'ES384':\n return 'P-384';\n case 'ES512':\n return 'P-521';\n default:\n throw new Error('unreachable');\n }\n}\nfunction checkUsage(key, usages) {\n if (usages.length && !usages.some((expected) => key.usages.includes(expected))) {\n let msg = 'CryptoKey does not support this operation, its usages must include ';\n if (usages.length > 2) {\n const last = usages.pop();\n msg += `one of ${usages.join(', ')}, or ${last}.`;\n }\n else if (usages.length === 2) {\n msg += `one of ${usages[0]} or ${usages[1]}.`;\n }\n else {\n msg += `${usages[0]}.`;\n }\n throw new TypeError(msg);\n }\n}\nexport function checkSigCryptoKey(key, alg, ...usages) {\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512': {\n if (!isAlgorithm(key.algorithm, 'HMAC'))\n throw unusable('HMAC');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'RS256':\n case 'RS384':\n case 'RS512': {\n if (!isAlgorithm(key.algorithm, 'RSASSA-PKCS1-v1_5'))\n throw unusable('RSASSA-PKCS1-v1_5');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'PS256':\n case 'PS384':\n case 'PS512': {\n if (!isAlgorithm(key.algorithm, 'RSA-PSS'))\n throw unusable('RSA-PSS');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'EdDSA': {\n if (key.algorithm.name !== 'Ed25519' && key.algorithm.name !== 'Ed448') {\n throw unusable('Ed25519 or Ed448');\n }\n break;\n }\n case 'Ed25519': {\n if (!isAlgorithm(key.algorithm, 'Ed25519'))\n throw unusable('Ed25519');\n break;\n }\n case 'ES256':\n case 'ES384':\n case 'ES512': {\n if (!isAlgorithm(key.algorithm, 'ECDSA'))\n throw unusable('ECDSA');\n const expected = getNamedCurve(alg);\n const actual = key.algorithm.namedCurve;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.namedCurve');\n break;\n }\n default:\n throw new TypeError('CryptoKey does not support this operation');\n }\n checkUsage(key, usages);\n}\nexport function checkEncCryptoKey(key, alg, ...usages) {\n switch (alg) {\n case 'A128GCM':\n case 'A192GCM':\n case 'A256GCM': {\n if (!isAlgorithm(key.algorithm, 'AES-GCM'))\n throw unusable('AES-GCM');\n const expected = parseInt(alg.slice(1, 4), 10);\n const actual = key.algorithm.length;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.length');\n break;\n }\n case 'A128KW':\n case 'A192KW':\n case 'A256KW': {\n if (!isAlgorithm(key.algorithm, 'AES-KW'))\n throw unusable('AES-KW');\n const expected = parseInt(alg.slice(1, 4), 10);\n const actual = key.algorithm.length;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.length');\n break;\n }\n case 'ECDH': {\n switch (key.algorithm.name) {\n case 'ECDH':\n case 'X25519':\n case 'X448':\n break;\n default:\n throw unusable('ECDH, X25519, or X448');\n }\n break;\n }\n case 'PBES2-HS256+A128KW':\n case 'PBES2-HS384+A192KW':\n case 'PBES2-HS512+A256KW':\n if (!isAlgorithm(key.algorithm, 'PBKDF2'))\n throw unusable('PBKDF2');\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512': {\n if (!isAlgorithm(key.algorithm, 'RSA-OAEP'))\n throw unusable('RSA-OAEP');\n const expected = parseInt(alg.slice(9), 10) || 1;\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n default:\n throw new TypeError('CryptoKey does not support this operation');\n }\n checkUsage(key, usages);\n}\n","function isObjectLike(value) {\n return typeof value === 'object' && value !== null;\n}\nexport default function isObject(input) {\n if (!isObjectLike(input) || Object.prototype.toString.call(input) !== '[object Object]') {\n return false;\n }\n if (Object.getPrototypeOf(input) === null) {\n return true;\n }\n let proto = input;\n while (Object.getPrototypeOf(proto) !== null) {\n proto = Object.getPrototypeOf(proto);\n }\n return Object.getPrototypeOf(input) === proto;\n}\n","import isObject from './is_object.js';\nexport function isJWK(key) {\n return isObject(key) && typeof key.kty === 'string';\n}\nexport function isPrivateJWK(key) {\n return key.kty !== 'oct' && typeof key.d === 'string';\n}\nexport function isPublicJWK(key) {\n return key.kty !== 'oct' && typeof key.d === 'undefined';\n}\nexport function isSecretJWK(key) {\n return isJWK(key) && key.kty === 'oct' && typeof key.k === 'string';\n}\n","import crypto from './webcrypto.js';\nimport { JOSENotSupported } from '../util/errors.js';\nfunction subtleMapping(jwk) {\n let algorithm;\n let keyUsages;\n switch (jwk.kty) {\n case 'RSA': {\n switch (jwk.alg) {\n case 'PS256':\n case 'PS384':\n case 'PS512':\n algorithm = { name: 'RSA-PSS', hash: `SHA-${jwk.alg.slice(-3)}` };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'RS256':\n case 'RS384':\n case 'RS512':\n algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${jwk.alg.slice(-3)}` };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512':\n algorithm = {\n name: 'RSA-OAEP',\n hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`,\n };\n keyUsages = jwk.d ? ['decrypt', 'unwrapKey'] : ['encrypt', 'wrapKey'];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n case 'EC': {\n switch (jwk.alg) {\n case 'ES256':\n algorithm = { name: 'ECDSA', namedCurve: 'P-256' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ES384':\n algorithm = { name: 'ECDSA', namedCurve: 'P-384' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ES512':\n algorithm = { name: 'ECDSA', namedCurve: 'P-521' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW':\n algorithm = { name: 'ECDH', namedCurve: jwk.crv };\n keyUsages = jwk.d ? ['deriveBits'] : [];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n case 'OKP': {\n switch (jwk.alg) {\n case 'Ed25519':\n algorithm = { name: 'Ed25519' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'EdDSA':\n algorithm = { name: jwk.crv };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW':\n algorithm = { name: jwk.crv };\n keyUsages = jwk.d ? ['deriveBits'] : [];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"kty\" (Key Type) Parameter value');\n }\n return { algorithm, keyUsages };\n}\nconst parse = async (jwk) => {\n if (!jwk.alg) {\n throw new TypeError('\"alg\" argument is required when \"jwk.alg\" is not present');\n }\n const { algorithm, keyUsages } = subtleMapping(jwk);\n const rest = [\n algorithm,\n jwk.ext ?? false,\n jwk.key_ops ?? keyUsages,\n ];\n const keyData = { ...jwk };\n delete keyData.alg;\n delete keyData.use;\n return crypto.subtle.importKey('jwk', keyData, ...rest);\n};\nexport default parse;\n","import { isJWK } from '../lib/is_jwk.js';\nimport { decode } from './base64url.js';\nimport importJWK from './jwk_to_key.js';\nconst exportKeyValue = (k) => decode(k);\nlet privCache;\nlet pubCache;\nconst isKeyObject = (key) => {\n return key?.[Symbol.toStringTag] === 'KeyObject';\n};\nconst importAndCache = async (cache, key, jwk, alg, freeze = false) => {\n let cached = cache.get(key);\n if (cached?.[alg]) {\n return cached[alg];\n }\n const cryptoKey = await importJWK({ ...jwk, alg });\n if (freeze)\n Object.freeze(key);\n if (!cached) {\n cache.set(key, { [alg]: cryptoKey });\n }\n else {\n cached[alg] = cryptoKey;\n }\n return cryptoKey;\n};\nconst normalizePublicKey = (key, alg) => {\n if (isKeyObject(key)) {\n let jwk = key.export({ format: 'jwk' });\n delete jwk.d;\n delete jwk.dp;\n delete jwk.dq;\n delete jwk.p;\n delete jwk.q;\n delete jwk.qi;\n if (jwk.k) {\n return exportKeyValue(jwk.k);\n }\n pubCache || (pubCache = new WeakMap());\n return importAndCache(pubCache, key, jwk, alg);\n }\n if (isJWK(key)) {\n if (key.k)\n return decode(key.k);\n pubCache || (pubCache = new WeakMap());\n const cryptoKey = importAndCache(pubCache, key, key, alg, true);\n return cryptoKey;\n }\n return key;\n};\nconst normalizePrivateKey = (key, alg) => {\n if (isKeyObject(key)) {\n let jwk = key.export({ format: 'jwk' });\n if (jwk.k) {\n return exportKeyValue(jwk.k);\n }\n privCache || (privCache = new WeakMap());\n return importAndCache(privCache, key, jwk, alg);\n }\n if (isJWK(key)) {\n if (key.k)\n return decode(key.k);\n privCache || (privCache = new WeakMap());\n const cryptoKey = importAndCache(privCache, key, key, alg, true);\n return cryptoKey;\n }\n return key;\n};\nexport default { normalizePublicKey, normalizePrivateKey };\n","import crypto, { isCryptoKey } from './webcrypto.js';\nimport { checkSigCryptoKey } from '../lib/crypto_key.js';\nimport invalidKeyInput from '../lib/invalid_key_input.js';\nimport { types } from './is_key_like.js';\nimport normalize from './normalize_key.js';\nexport default async function getCryptoKey(alg, key, usage) {\n if (usage === 'sign') {\n key = await normalize.normalizePrivateKey(key, alg);\n }\n if (usage === 'verify') {\n key = await normalize.normalizePublicKey(key, alg);\n }\n if (isCryptoKey(key)) {\n checkSigCryptoKey(key, alg, usage);\n return key;\n }\n if (key instanceof Uint8Array) {\n if (!alg.startsWith('HS')) {\n throw new TypeError(invalidKeyInput(key, ...types));\n }\n return crypto.subtle.importKey('raw', key, { hash: `SHA-${alg.slice(-3)}`, name: 'HMAC' }, false, [usage]);\n }\n throw new TypeError(invalidKeyInput(key, ...types, 'Uint8Array', 'JSON Web Key'));\n}\n","import subtleAlgorithm from './subtle_dsa.js';\nimport crypto from './webcrypto.js';\nimport checkKeyLength from './check_key_length.js';\nimport getSignKey from './get_sign_verify_key.js';\nconst sign = async (alg, key, data) => {\n const cryptoKey = await getSignKey(alg, key, 'sign');\n checkKeyLength(alg, cryptoKey);\n const signature = await crypto.subtle.sign(subtleAlgorithm(alg, cryptoKey.algorithm), cryptoKey, data);\n return new Uint8Array(signature);\n};\nexport default sign;\n","const isDisjoint = (...headers) => {\n const sources = headers.filter(Boolean);\n if (sources.length === 0 || sources.length === 1) {\n return true;\n }\n let acc;\n for (const header of sources) {\n const parameters = Object.keys(header);\n if (!acc || acc.size === 0) {\n acc = new Set(parameters);\n continue;\n }\n for (const parameter of parameters) {\n if (acc.has(parameter)) {\n return false;\n }\n acc.add(parameter);\n }\n }\n return true;\n};\nexport default isDisjoint;\n","import { withAlg as invalidKeyInput } from './invalid_key_input.js';\nimport isKeyLike, { types } from '../runtime/is_key_like.js';\nimport * as jwk from './is_jwk.js';\nconst tag = (key) => key?.[Symbol.toStringTag];\nconst jwkMatchesOp = (alg, key, usage) => {\n if (key.use !== undefined && key.use !== 'sig') {\n throw new TypeError('Invalid key for this operation, when present its use must be sig');\n }\n if (key.key_ops !== undefined && key.key_ops.includes?.(usage) !== true) {\n throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${usage}`);\n }\n if (key.alg !== undefined && key.alg !== alg) {\n throw new TypeError(`Invalid key for this operation, when present its alg must be ${alg}`);\n }\n return true;\n};\nconst symmetricTypeCheck = (alg, key, usage, allowJwk) => {\n if (key instanceof Uint8Array)\n return;\n if (allowJwk && jwk.isJWK(key)) {\n if (jwk.isSecretJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK \"kty\" (Key Type) equal to \"oct\" and the JWK \"k\" (Key Value) present`);\n }\n if (!isKeyLike(key)) {\n throw new TypeError(invalidKeyInput(alg, key, ...types, 'Uint8Array', allowJwk ? 'JSON Web Key' : null));\n }\n if (key.type !== 'secret') {\n throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type \"secret\"`);\n }\n};\nconst asymmetricTypeCheck = (alg, key, usage, allowJwk) => {\n if (allowJwk && jwk.isJWK(key)) {\n switch (usage) {\n case 'sign':\n if (jwk.isPrivateJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for this operation be a private JWK`);\n case 'verify':\n if (jwk.isPublicJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for this operation be a public JWK`);\n }\n }\n if (!isKeyLike(key)) {\n throw new TypeError(invalidKeyInput(alg, key, ...types, allowJwk ? 'JSON Web Key' : null));\n }\n if (key.type === 'secret') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type \"secret\"`);\n }\n if (usage === 'sign' && key.type === 'public') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type \"private\"`);\n }\n if (usage === 'decrypt' && key.type === 'public') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type \"private\"`);\n }\n if (key.algorithm && usage === 'verify' && key.type === 'private') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type \"public\"`);\n }\n if (key.algorithm && usage === 'encrypt' && key.type === 'private') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type \"public\"`);\n }\n};\nfunction checkKeyType(allowJwk, alg, key, usage) {\n const symmetric = alg.startsWith('HS') ||\n alg === 'dir' ||\n alg.startsWith('PBES2') ||\n /^A\\d{3}(?:GCM)?KW$/.test(alg);\n if (symmetric) {\n symmetricTypeCheck(alg, key, usage, allowJwk);\n }\n else {\n asymmetricTypeCheck(alg, key, usage, allowJwk);\n }\n}\nexport default checkKeyType.bind(undefined, false);\nexport const checkKeyTypeWithJwk = checkKeyType.bind(undefined, true);\n","import { JOSENotSupported } from '../util/errors.js';\nfunction validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) {\n if (joseHeader.crit !== undefined && protectedHeader?.crit === undefined) {\n throw new Err('\"crit\" (Critical) Header Parameter MUST be integrity protected');\n }\n if (!protectedHeader || protectedHeader.crit === undefined) {\n return new Set();\n }\n if (!Array.isArray(protectedHeader.crit) ||\n protectedHeader.crit.length === 0 ||\n protectedHeader.crit.some((input) => typeof input !== 'string' || input.length === 0)) {\n throw new Err('\"crit\" (Critical) Header Parameter MUST be an array of non-empty strings when present');\n }\n let recognized;\n if (recognizedOption !== undefined) {\n recognized = new Map([...Object.entries(recognizedOption), ...recognizedDefault.entries()]);\n }\n else {\n recognized = recognizedDefault;\n }\n for (const parameter of protectedHeader.crit) {\n if (!recognized.has(parameter)) {\n throw new JOSENotSupported(`Extension Header Parameter \"${parameter}\" is not recognized`);\n }\n if (joseHeader[parameter] === undefined) {\n throw new Err(`Extension Header Parameter \"${parameter}\" is missing`);\n }\n if (recognized.get(parameter) && protectedHeader[parameter] === undefined) {\n throw new Err(`Extension Header Parameter \"${parameter}\" MUST be integrity protected`);\n }\n }\n return new Set(protectedHeader.crit);\n}\nexport default validateCrit;\n","import { encode as base64url } from '../../runtime/base64url.js';\nimport sign from '../../runtime/sign.js';\nimport isDisjoint from '../../lib/is_disjoint.js';\nimport { JWSInvalid } from '../../util/errors.js';\nimport { encoder, decoder, concat } from '../../lib/buffer_utils.js';\nimport { checkKeyTypeWithJwk } from '../../lib/check_key_type.js';\nimport validateCrit from '../../lib/validate_crit.js';\nexport class FlattenedSign {\n constructor(payload) {\n if (!(payload instanceof Uint8Array)) {\n throw new TypeError('payload must be an instance of Uint8Array');\n }\n this._payload = payload;\n }\n setProtectedHeader(protectedHeader) {\n if (this._protectedHeader) {\n throw new TypeError('setProtectedHeader can only be called once');\n }\n this._protectedHeader = protectedHeader;\n return this;\n }\n setUnprotectedHeader(unprotectedHeader) {\n if (this._unprotectedHeader) {\n throw new TypeError('setUnprotectedHeader can only be called once');\n }\n this._unprotectedHeader = unprotectedHeader;\n return this;\n }\n async sign(key, options) {\n if (!this._protectedHeader && !this._unprotectedHeader) {\n throw new JWSInvalid('either setProtectedHeader or setUnprotectedHeader must be called before #sign()');\n }\n if (!isDisjoint(this._protectedHeader, this._unprotectedHeader)) {\n throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');\n }\n const joseHeader = {\n ...this._protectedHeader,\n ...this._unprotectedHeader,\n };\n const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, this._protectedHeader, joseHeader);\n let b64 = true;\n if (extensions.has('b64')) {\n b64 = this._protectedHeader.b64;\n if (typeof b64 !== 'boolean') {\n throw new JWSInvalid('The \"b64\" (base64url-encode payload) Header Parameter must be a boolean');\n }\n }\n const { alg } = joseHeader;\n if (typeof alg !== 'string' || !alg) {\n throw new JWSInvalid('JWS \"alg\" (Algorithm) Header Parameter missing or invalid');\n }\n checkKeyTypeWithJwk(alg, key, 'sign');\n let payload = this._payload;\n if (b64) {\n payload = encoder.encode(base64url(payload));\n }\n let protectedHeader;\n if (this._protectedHeader) {\n protectedHeader = encoder.encode(base64url(JSON.stringify(this._protectedHeader)));\n }\n else {\n protectedHeader = encoder.encode('');\n }\n const data = concat(protectedHeader, encoder.encode('.'), payload);\n const signature = await sign(alg, key, data);\n const jws = {\n signature: base64url(signature),\n payload: '',\n };\n if (b64) {\n jws.payload = decoder.decode(payload);\n }\n if (this._unprotectedHeader) {\n jws.header = this._unprotectedHeader;\n }\n if (this._protectedHeader) {\n jws.protected = decoder.decode(protectedHeader);\n }\n return jws;\n }\n}\n","import { FlattenedSign } from '../flattened/sign.js';\nexport class CompactSign {\n constructor(payload) {\n this._flattened = new FlattenedSign(payload);\n }\n setProtectedHeader(protectedHeader) {\n this._flattened.setProtectedHeader(protectedHeader);\n return this;\n }\n async sign(key, options) {\n const jws = await this._flattened.sign(key, options);\n if (jws.payload === undefined) {\n throw new TypeError('use the flattened module for creating JWS with b64: false');\n }\n return `${jws.protected}.${jws.payload}.${jws.signature}`;\n }\n}\n","export default (date) => Math.floor(date.getTime() / 1000);\n","const minute = 60;\nconst hour = minute * 60;\nconst day = hour * 24;\nconst week = day * 7;\nconst year = day * 365.25;\nconst REGEX = /^(\\+|\\-)? ?(\\d+|\\d+\\.\\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;\nexport default (str) => {\n const matched = REGEX.exec(str);\n if (!matched || (matched[4] && matched[1])) {\n throw new TypeError('Invalid time period format');\n }\n const value = parseFloat(matched[2]);\n const unit = matched[3].toLowerCase();\n let numericDate;\n switch (unit) {\n case 'sec':\n case 'secs':\n case 'second':\n case 'seconds':\n case 's':\n numericDate = Math.round(value);\n break;\n case 'minute':\n case 'minutes':\n case 'min':\n case 'mins':\n case 'm':\n numericDate = Math.round(value * minute);\n break;\n case 'hour':\n case 'hours':\n case 'hr':\n case 'hrs':\n case 'h':\n numericDate = Math.round(value * hour);\n break;\n case 'day':\n case 'days':\n case 'd':\n numericDate = Math.round(value * day);\n break;\n case 'week':\n case 'weeks':\n case 'w':\n numericDate = Math.round(value * week);\n break;\n default:\n numericDate = Math.round(value * year);\n break;\n }\n if (matched[1] === '-' || matched[4] === 'ago') {\n return -numericDate;\n }\n return numericDate;\n};\n","import epoch from '../lib/epoch.js';\nimport isObject from '../lib/is_object.js';\nimport secs from '../lib/secs.js';\nfunction validateInput(label, input) {\n if (!Number.isFinite(input)) {\n throw new TypeError(`Invalid ${label} input`);\n }\n return input;\n}\nexport class ProduceJWT {\n constructor(payload = {}) {\n if (!isObject(payload)) {\n throw new TypeError('JWT Claims Set MUST be an object');\n }\n this._payload = payload;\n }\n setIssuer(issuer) {\n this._payload = { ...this._payload, iss: issuer };\n return this;\n }\n setSubject(subject) {\n this._payload = { ...this._payload, sub: subject };\n return this;\n }\n setAudience(audience) {\n this._payload = { ...this._payload, aud: audience };\n return this;\n }\n setJti(jwtId) {\n this._payload = { ...this._payload, jti: jwtId };\n return this;\n }\n setNotBefore(input) {\n if (typeof input === 'number') {\n this._payload = { ...this._payload, nbf: validateInput('setNotBefore', input) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, nbf: validateInput('setNotBefore', epoch(input)) };\n }\n else {\n this._payload = { ...this._payload, nbf: epoch(new Date()) + secs(input) };\n }\n return this;\n }\n setExpirationTime(input) {\n if (typeof input === 'number') {\n this._payload = { ...this._payload, exp: validateInput('setExpirationTime', input) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, exp: validateInput('setExpirationTime', epoch(input)) };\n }\n else {\n this._payload = { ...this._payload, exp: epoch(new Date()) + secs(input) };\n }\n return this;\n }\n setIssuedAt(input) {\n if (typeof input === 'undefined') {\n this._payload = { ...this._payload, iat: epoch(new Date()) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, iat: validateInput('setIssuedAt', epoch(input)) };\n }\n else if (typeof input === 'string') {\n this._payload = {\n ...this._payload,\n iat: validateInput('setIssuedAt', epoch(new Date()) + secs(input)),\n };\n }\n else {\n this._payload = { ...this._payload, iat: validateInput('setIssuedAt', input) };\n }\n return this;\n }\n}\n","import { CompactSign } from '../jws/compact/sign.js';\nimport { JWTInvalid } from '../util/errors.js';\nimport { encoder } from '../lib/buffer_utils.js';\nimport { ProduceJWT } from './produce.js';\nexport class SignJWT extends ProduceJWT {\n setProtectedHeader(protectedHeader) {\n this._protectedHeader = protectedHeader;\n return this;\n }\n async sign(key, options) {\n const sig = new CompactSign(encoder.encode(JSON.stringify(this._payload)));\n sig.setProtectedHeader(this._protectedHeader);\n if (Array.isArray(this._protectedHeader?.crit) &&\n this._protectedHeader.crit.includes('b64') &&\n this._protectedHeader.b64 === false) {\n throw new JWTInvalid('JWTs MUST NOT use unencoded payload');\n }\n return sig.sign(key, options);\n }\n}\n","import { JOSEError, JWKSTimeout } from '../util/errors.js';\nconst fetchJwks = async (url, timeout, options) => {\n let controller;\n let id;\n let timedOut = false;\n if (typeof AbortController === 'function') {\n controller = new AbortController();\n id = setTimeout(() => {\n timedOut = true;\n controller.abort();\n }, timeout);\n }\n const response = await fetch(url.href, {\n signal: controller ? controller.signal : undefined,\n redirect: 'manual',\n headers: options.headers,\n }).catch((err) => {\n if (timedOut)\n throw new JWKSTimeout();\n throw err;\n });\n if (id !== undefined)\n clearTimeout(id);\n if (response.status !== 200) {\n throw new JOSEError('Expected 200 OK from the JSON Web Key Set HTTP response');\n }\n try {\n return await response.json();\n }\n catch {\n throw new JOSEError('Failed to parse the JSON Web Key Set HTTP response as JSON');\n }\n};\nexport default fetchJwks;\n","import { decode as decodeBase64URL } from '../runtime/base64url.js';\nimport { fromSPKI, fromPKCS8, fromX509 } from '../runtime/asn1.js';\nimport asKeyObject from '../runtime/jwk_to_key.js';\nimport { JOSENotSupported } from '../util/errors.js';\nimport isObject from '../lib/is_object.js';\nexport async function importSPKI(spki, alg, options) {\n if (typeof spki !== 'string' || spki.indexOf('-----BEGIN PUBLIC KEY-----') !== 0) {\n throw new TypeError('\"spki\" must be SPKI formatted string');\n }\n return fromSPKI(spki, alg, options);\n}\nexport async function importX509(x509, alg, options) {\n if (typeof x509 !== 'string' || x509.indexOf('-----BEGIN CERTIFICATE-----') !== 0) {\n throw new TypeError('\"x509\" must be X.509 formatted string');\n }\n return fromX509(x509, alg, options);\n}\nexport async function importPKCS8(pkcs8, alg, options) {\n if (typeof pkcs8 !== 'string' || pkcs8.indexOf('-----BEGIN PRIVATE KEY-----') !== 0) {\n throw new TypeError('\"pkcs8\" must be PKCS#8 formatted string');\n }\n return fromPKCS8(pkcs8, alg, options);\n}\nexport async function importJWK(jwk, alg) {\n if (!isObject(jwk)) {\n throw new TypeError('JWK must be an object');\n }\n alg || (alg = jwk.alg);\n switch (jwk.kty) {\n case 'oct':\n if (typeof jwk.k !== 'string' || !jwk.k) {\n throw new TypeError('missing \"k\" (Key Value) Parameter value');\n }\n return decodeBase64URL(jwk.k);\n case 'RSA':\n if ('oth' in jwk && jwk.oth !== undefined) {\n throw new JOSENotSupported('RSA JWK \"oth\" (Other Primes Info) Parameter value is not supported');\n }\n case 'EC':\n case 'OKP':\n return asKeyObject({ ...jwk, alg });\n default:\n throw new JOSENotSupported('Unsupported \"kty\" (Key Type) Parameter value');\n }\n}\n","import { importJWK } from '../key/import.js';\nimport { JWKSInvalid, JOSENotSupported, JWKSNoMatchingKey, JWKSMultipleMatchingKeys, } from '../util/errors.js';\nimport isObject from '../lib/is_object.js';\nfunction getKtyFromAlg(alg) {\n switch (typeof alg === 'string' && alg.slice(0, 2)) {\n case 'RS':\n case 'PS':\n return 'RSA';\n case 'ES':\n return 'EC';\n case 'Ed':\n return 'OKP';\n default:\n throw new JOSENotSupported('Unsupported \"alg\" value for a JSON Web Key Set');\n }\n}\nfunction isJWKSLike(jwks) {\n return (jwks &&\n typeof jwks === 'object' &&\n Array.isArray(jwks.keys) &&\n jwks.keys.every(isJWKLike));\n}\nfunction isJWKLike(key) {\n return isObject(key);\n}\nfunction clone(obj) {\n if (typeof structuredClone === 'function') {\n return structuredClone(obj);\n }\n return JSON.parse(JSON.stringify(obj));\n}\nclass LocalJWKSet {\n constructor(jwks) {\n this._cached = new WeakMap();\n if (!isJWKSLike(jwks)) {\n throw new JWKSInvalid('JSON Web Key Set malformed');\n }\n this._jwks = clone(jwks);\n }\n async getKey(protectedHeader, token) {\n const { alg, kid } = { ...protectedHeader, ...token?.header };\n const kty = getKtyFromAlg(alg);\n const candidates = this._jwks.keys.filter((jwk) => {\n let candidate = kty === jwk.kty;\n if (candidate && typeof kid === 'string') {\n candidate = kid === jwk.kid;\n }\n if (candidate && typeof jwk.alg === 'string') {\n candidate = alg === jwk.alg;\n }\n if (candidate && typeof jwk.use === 'string') {\n candidate = jwk.use === 'sig';\n }\n if (candidate && Array.isArray(jwk.key_ops)) {\n candidate = jwk.key_ops.includes('verify');\n }\n if (candidate) {\n switch (alg) {\n case 'ES256':\n candidate = jwk.crv === 'P-256';\n break;\n case 'ES256K':\n candidate = jwk.crv === 'secp256k1';\n break;\n case 'ES384':\n candidate = jwk.crv === 'P-384';\n break;\n case 'ES512':\n candidate = jwk.crv === 'P-521';\n break;\n case 'Ed25519':\n candidate = jwk.crv === 'Ed25519';\n break;\n case 'EdDSA':\n candidate = jwk.crv === 'Ed25519' || jwk.crv === 'Ed448';\n break;\n }\n }\n return candidate;\n });\n const { 0: jwk, length } = candidates;\n if (length === 0) {\n throw new JWKSNoMatchingKey();\n }\n if (length !== 1) {\n const error = new JWKSMultipleMatchingKeys();\n const { _cached } = this;\n error[Symbol.asyncIterator] = async function* () {\n for (const jwk of candidates) {\n try {\n yield await importWithAlgCache(_cached, jwk, alg);\n }\n catch { }\n }\n };\n throw error;\n }\n return importWithAlgCache(this._cached, jwk, alg);\n }\n}\nasync function importWithAlgCache(cache, jwk, alg) {\n const cached = cache.get(jwk) || cache.set(jwk, {}).get(jwk);\n if (cached[alg] === undefined) {\n const key = await importJWK({ ...jwk, ext: true }, alg);\n if (key instanceof Uint8Array || key.type !== 'public') {\n throw new JWKSInvalid('JSON Web Key Set members must be public keys');\n }\n cached[alg] = key;\n }\n return cached[alg];\n}\nexport function createLocalJWKSet(jwks) {\n const set = new LocalJWKSet(jwks);\n const localJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);\n Object.defineProperties(localJWKSet, {\n jwks: {\n value: () => clone(set._jwks),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n });\n return localJWKSet;\n}\n","import fetchJwks from '../runtime/fetch_jwks.js';\nimport { JWKSNoMatchingKey } from '../util/errors.js';\nimport { createLocalJWKSet } from './local.js';\nimport isObject from '../lib/is_object.js';\nfunction isCloudflareWorkers() {\n return (typeof WebSocketPair !== 'undefined' ||\n (typeof navigator !== 'undefined' && navigator.userAgent === 'Cloudflare-Workers') ||\n (typeof EdgeRuntime !== 'undefined' && EdgeRuntime === 'vercel'));\n}\nlet USER_AGENT;\nif (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) {\n const NAME = 'jose';\n const VERSION = 'v5.10.0';\n USER_AGENT = `${NAME}/${VERSION}`;\n}\nexport const jwksCache = Symbol();\nfunction isFreshJwksCache(input, cacheMaxAge) {\n if (typeof input !== 'object' || input === null) {\n return false;\n }\n if (!('uat' in input) || typeof input.uat !== 'number' || Date.now() - input.uat >= cacheMaxAge) {\n return false;\n }\n if (!('jwks' in input) ||\n !isObject(input.jwks) ||\n !Array.isArray(input.jwks.keys) ||\n !Array.prototype.every.call(input.jwks.keys, isObject)) {\n return false;\n }\n return true;\n}\nclass RemoteJWKSet {\n constructor(url, options) {\n if (!(url instanceof URL)) {\n throw new TypeError('url must be an instance of URL');\n }\n this._url = new URL(url.href);\n this._options = { agent: options?.agent, headers: options?.headers };\n this._timeoutDuration =\n typeof options?.timeoutDuration === 'number' ? options?.timeoutDuration : 5000;\n this._cooldownDuration =\n typeof options?.cooldownDuration === 'number' ? options?.cooldownDuration : 30000;\n this._cacheMaxAge = typeof options?.cacheMaxAge === 'number' ? options?.cacheMaxAge : 600000;\n if (options?.[jwksCache] !== undefined) {\n this._cache = options?.[jwksCache];\n if (isFreshJwksCache(options?.[jwksCache], this._cacheMaxAge)) {\n this._jwksTimestamp = this._cache.uat;\n this._local = createLocalJWKSet(this._cache.jwks);\n }\n }\n }\n coolingDown() {\n return typeof this._jwksTimestamp === 'number'\n ? Date.now() < this._jwksTimestamp + this._cooldownDuration\n : false;\n }\n fresh() {\n return typeof this._jwksTimestamp === 'number'\n ? Date.now() < this._jwksTimestamp + this._cacheMaxAge\n : false;\n }\n async getKey(protectedHeader, token) {\n if (!this._local || !this.fresh()) {\n await this.reload();\n }\n try {\n return await this._local(protectedHeader, token);\n }\n catch (err) {\n if (err instanceof JWKSNoMatchingKey) {\n if (this.coolingDown() === false) {\n await this.reload();\n return this._local(protectedHeader, token);\n }\n }\n throw err;\n }\n }\n async reload() {\n if (this._pendingFetch && isCloudflareWorkers()) {\n this._pendingFetch = undefined;\n }\n const headers = new Headers(this._options.headers);\n if (USER_AGENT && !headers.has('User-Agent')) {\n headers.set('User-Agent', USER_AGENT);\n this._options.headers = Object.fromEntries(headers.entries());\n }\n this._pendingFetch || (this._pendingFetch = fetchJwks(this._url, this._timeoutDuration, this._options)\n .then((json) => {\n this._local = createLocalJWKSet(json);\n if (this._cache) {\n this._cache.uat = Date.now();\n this._cache.jwks = json;\n }\n this._jwksTimestamp = Date.now();\n this._pendingFetch = undefined;\n })\n .catch((err) => {\n this._pendingFetch = undefined;\n throw err;\n }));\n await this._pendingFetch;\n }\n}\nexport function createRemoteJWKSet(url, options) {\n const set = new RemoteJWKSet(url, options);\n const remoteJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);\n Object.defineProperties(remoteJWKSet, {\n coolingDown: {\n get: () => set.coolingDown(),\n enumerable: true,\n configurable: false,\n },\n fresh: {\n get: () => set.fresh(),\n enumerable: true,\n configurable: false,\n },\n reload: {\n value: () => set.reload(),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n reloading: {\n get: () => !!set._pendingFetch,\n enumerable: true,\n configurable: false,\n },\n jwks: {\n value: () => set._local?.jwks(),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n });\n return remoteJWKSet;\n}\nexport const experimental_jwksCache = jwksCache;\n","import subtleAlgorithm from './subtle_dsa.js';\nimport crypto from './webcrypto.js';\nimport checkKeyLength from './check_key_length.js';\nimport getVerifyKey from './get_sign_verify_key.js';\nconst verify = async (alg, key, signature, data) => {\n const cryptoKey = await getVerifyKey(alg, key, 'verify');\n checkKeyLength(alg, cryptoKey);\n const algorithm = subtleAlgorithm(alg, cryptoKey.algorithm);\n try {\n return await crypto.subtle.verify(algorithm, cryptoKey, signature, data);\n }\n catch {\n return false;\n }\n};\nexport default verify;\n","const validateAlgorithms = (option, algorithms) => {\n if (algorithms !== undefined &&\n (!Array.isArray(algorithms) || algorithms.some((s) => typeof s !== 'string'))) {\n throw new TypeError(`\"${option}\" option must be an array of strings`);\n }\n if (!algorithms) {\n return undefined;\n }\n return new Set(algorithms);\n};\nexport default validateAlgorithms;\n","import { decode as base64url } from '../../runtime/base64url.js';\nimport verify from '../../runtime/verify.js';\nimport { JOSEAlgNotAllowed, JWSInvalid, JWSSignatureVerificationFailed } from '../../util/errors.js';\nimport { concat, encoder, decoder } from '../../lib/buffer_utils.js';\nimport isDisjoint from '../../lib/is_disjoint.js';\nimport isObject from '../../lib/is_object.js';\nimport { checkKeyTypeWithJwk } from '../../lib/check_key_type.js';\nimport validateCrit from '../../lib/validate_crit.js';\nimport validateAlgorithms from '../../lib/validate_algorithms.js';\nimport { isJWK } from '../../lib/is_jwk.js';\nimport { importJWK } from '../../key/import.js';\nexport async function flattenedVerify(jws, key, options) {\n if (!isObject(jws)) {\n throw new JWSInvalid('Flattened JWS must be an object');\n }\n if (jws.protected === undefined && jws.header === undefined) {\n throw new JWSInvalid('Flattened JWS must have either of the \"protected\" or \"header\" members');\n }\n if (jws.protected !== undefined && typeof jws.protected !== 'string') {\n throw new JWSInvalid('JWS Protected Header incorrect type');\n }\n if (jws.payload === undefined) {\n throw new JWSInvalid('JWS Payload missing');\n }\n if (typeof jws.signature !== 'string') {\n throw new JWSInvalid('JWS Signature missing or incorrect type');\n }\n if (jws.header !== undefined && !isObject(jws.header)) {\n throw new JWSInvalid('JWS Unprotected Header incorrect type');\n }\n let parsedProt = {};\n if (jws.protected) {\n try {\n const protectedHeader = base64url(jws.protected);\n parsedProt = JSON.parse(decoder.decode(protectedHeader));\n }\n catch {\n throw new JWSInvalid('JWS Protected Header is invalid');\n }\n }\n if (!isDisjoint(parsedProt, jws.header)) {\n throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');\n }\n const joseHeader = {\n ...parsedProt,\n ...jws.header,\n };\n const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, parsedProt, joseHeader);\n let b64 = true;\n if (extensions.has('b64')) {\n b64 = parsedProt.b64;\n if (typeof b64 !== 'boolean') {\n throw new JWSInvalid('The \"b64\" (base64url-encode payload) Header Parameter must be a boolean');\n }\n }\n const { alg } = joseHeader;\n if (typeof alg !== 'string' || !alg) {\n throw new JWSInvalid('JWS \"alg\" (Algorithm) Header Parameter missing or invalid');\n }\n const algorithms = options && validateAlgorithms('algorithms', options.algorithms);\n if (algorithms && !algorithms.has(alg)) {\n throw new JOSEAlgNotAllowed('\"alg\" (Algorithm) Header Parameter value not allowed');\n }\n if (b64) {\n if (typeof jws.payload !== 'string') {\n throw new JWSInvalid('JWS Payload must be a string');\n }\n }\n else if (typeof jws.payload !== 'string' && !(jws.payload instanceof Uint8Array)) {\n throw new JWSInvalid('JWS Payload must be a string or an Uint8Array instance');\n }\n let resolvedKey = false;\n if (typeof key === 'function') {\n key = await key(parsedProt, jws);\n resolvedKey = true;\n checkKeyTypeWithJwk(alg, key, 'verify');\n if (isJWK(key)) {\n key = await importJWK(key, alg);\n }\n }\n else {\n checkKeyTypeWithJwk(alg, key, 'verify');\n }\n const data = concat(encoder.encode(jws.protected ?? ''), encoder.encode('.'), typeof jws.payload === 'string' ? encoder.encode(jws.payload) : jws.payload);\n let signature;\n try {\n signature = base64url(jws.signature);\n }\n catch {\n throw new JWSInvalid('Failed to base64url decode the signature');\n }\n const verified = await verify(alg, key, signature, data);\n if (!verified) {\n throw new JWSSignatureVerificationFailed();\n }\n let payload;\n if (b64) {\n try {\n payload = base64url(jws.payload);\n }\n catch {\n throw new JWSInvalid('Failed to base64url decode the payload');\n }\n }\n else if (typeof jws.payload === 'string') {\n payload = encoder.encode(jws.payload);\n }\n else {\n payload = jws.payload;\n }\n const result = { payload };\n if (jws.protected !== undefined) {\n result.protectedHeader = parsedProt;\n }\n if (jws.header !== undefined) {\n result.unprotectedHeader = jws.header;\n }\n if (resolvedKey) {\n return { ...result, key };\n }\n return result;\n}\n","import { flattenedVerify } from '../flattened/verify.js';\nimport { JWSInvalid } from '../../util/errors.js';\nimport { decoder } from '../../lib/buffer_utils.js';\nexport async function compactVerify(jws, key, options) {\n if (jws instanceof Uint8Array) {\n jws = decoder.decode(jws);\n }\n if (typeof jws !== 'string') {\n throw new JWSInvalid('Compact JWS must be a string or Uint8Array');\n }\n const { 0: protectedHeader, 1: payload, 2: signature, length } = jws.split('.');\n if (length !== 3) {\n throw new JWSInvalid('Invalid Compact JWS');\n }\n const verified = await flattenedVerify({ payload, protected: protectedHeader, signature }, key, options);\n const result = { payload: verified.payload, protectedHeader: verified.protectedHeader };\n if (typeof key === 'function') {\n return { ...result, key: verified.key };\n }\n return result;\n}\n","import { JWTClaimValidationFailed, JWTExpired, JWTInvalid } from '../util/errors.js';\nimport { decoder } from './buffer_utils.js';\nimport epoch from './epoch.js';\nimport secs from './secs.js';\nimport isObject from './is_object.js';\nconst normalizeTyp = (value) => value.toLowerCase().replace(/^application\\//, '');\nconst checkAudiencePresence = (audPayload, audOption) => {\n if (typeof audPayload === 'string') {\n return audOption.includes(audPayload);\n }\n if (Array.isArray(audPayload)) {\n return audOption.some(Set.prototype.has.bind(new Set(audPayload)));\n }\n return false;\n};\nexport default (protectedHeader, encodedPayload, options = {}) => {\n let payload;\n try {\n payload = JSON.parse(decoder.decode(encodedPayload));\n }\n catch {\n }\n if (!isObject(payload)) {\n throw new JWTInvalid('JWT Claims Set must be a top-level JSON object');\n }\n const { typ } = options;\n if (typ &&\n (typeof protectedHeader.typ !== 'string' ||\n normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) {\n throw new JWTClaimValidationFailed('unexpected \"typ\" JWT header value', payload, 'typ', 'check_failed');\n }\n const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options;\n const presenceCheck = [...requiredClaims];\n if (maxTokenAge !== undefined)\n presenceCheck.push('iat');\n if (audience !== undefined)\n presenceCheck.push('aud');\n if (subject !== undefined)\n presenceCheck.push('sub');\n if (issuer !== undefined)\n presenceCheck.push('iss');\n for (const claim of new Set(presenceCheck.reverse())) {\n if (!(claim in payload)) {\n throw new JWTClaimValidationFailed(`missing required \"${claim}\" claim`, payload, claim, 'missing');\n }\n }\n if (issuer &&\n !(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) {\n throw new JWTClaimValidationFailed('unexpected \"iss\" claim value', payload, 'iss', 'check_failed');\n }\n if (subject && payload.sub !== subject) {\n throw new JWTClaimValidationFailed('unexpected \"sub\" claim value', payload, 'sub', 'check_failed');\n }\n if (audience &&\n !checkAudiencePresence(payload.aud, typeof audience === 'string' ? [audience] : audience)) {\n throw new JWTClaimValidationFailed('unexpected \"aud\" claim value', payload, 'aud', 'check_failed');\n }\n let tolerance;\n switch (typeof options.clockTolerance) {\n case 'string':\n tolerance = secs(options.clockTolerance);\n break;\n case 'number':\n tolerance = options.clockTolerance;\n break;\n case 'undefined':\n tolerance = 0;\n break;\n default:\n throw new TypeError('Invalid clockTolerance option type');\n }\n const { currentDate } = options;\n const now = epoch(currentDate || new Date());\n if ((payload.iat !== undefined || maxTokenAge) && typeof payload.iat !== 'number') {\n throw new JWTClaimValidationFailed('\"iat\" claim must be a number', payload, 'iat', 'invalid');\n }\n if (payload.nbf !== undefined) {\n if (typeof payload.nbf !== 'number') {\n throw new JWTClaimValidationFailed('\"nbf\" claim must be a number', payload, 'nbf', 'invalid');\n }\n if (payload.nbf > now + tolerance) {\n throw new JWTClaimValidationFailed('\"nbf\" claim timestamp check failed', payload, 'nbf', 'check_failed');\n }\n }\n if (payload.exp !== undefined) {\n if (typeof payload.exp !== 'number') {\n throw new JWTClaimValidationFailed('\"exp\" claim must be a number', payload, 'exp', 'invalid');\n }\n if (payload.exp <= now - tolerance) {\n throw new JWTExpired('\"exp\" claim timestamp check failed', payload, 'exp', 'check_failed');\n }\n }\n if (maxTokenAge) {\n const age = now - payload.iat;\n const max = typeof maxTokenAge === 'number' ? maxTokenAge : secs(maxTokenAge);\n if (age - tolerance > max) {\n throw new JWTExpired('\"iat\" claim timestamp check failed (too far in the past)', payload, 'iat', 'check_failed');\n }\n if (age < 0 - tolerance) {\n throw new JWTClaimValidationFailed('\"iat\" claim timestamp check failed (it should be in the past)', payload, 'iat', 'check_failed');\n }\n }\n return payload;\n};\n","import { compactVerify } from '../jws/compact/verify.js';\nimport jwtPayload from '../lib/jwt_claims_set.js';\nimport { JWTInvalid } from '../util/errors.js';\nexport async function jwtVerify(jwt, key, options) {\n const verified = await compactVerify(jwt, key, options);\n if (verified.protectedHeader.crit?.includes('b64') && verified.protectedHeader.b64 === false) {\n throw new JWTInvalid('JWTs MUST NOT use unencoded payload');\n }\n const payload = jwtPayload(verified.protectedHeader, verified.payload, options);\n const result = { payload, protectedHeader: verified.protectedHeader };\n if (typeof key === 'function') {\n return { ...result, key: verified.key };\n }\n return result;\n}\n","import crypto from './webcrypto.js';\nconst digest = async (algorithm, data) => {\n const subtleDigest = `SHA-${algorithm.slice(-3)}`;\n return new Uint8Array(await crypto.subtle.digest(subtleDigest, data));\n};\nexport default digest;\n","import digest from '../runtime/digest.js';\nimport { encode as base64url } from '../runtime/base64url.js';\nimport { JOSENotSupported, JWKInvalid } from '../util/errors.js';\nimport { encoder } from '../lib/buffer_utils.js';\nimport isObject from '../lib/is_object.js';\nconst check = (value, description) => {\n if (typeof value !== 'string' || !value) {\n throw new JWKInvalid(`${description} missing or invalid`);\n }\n};\nexport async function calculateJwkThumbprint(jwk, digestAlgorithm) {\n if (!isObject(jwk)) {\n throw new TypeError('JWK must be an object');\n }\n digestAlgorithm ?? (digestAlgorithm = 'sha256');\n if (digestAlgorithm !== 'sha256' &&\n digestAlgorithm !== 'sha384' &&\n digestAlgorithm !== 'sha512') {\n throw new TypeError('digestAlgorithm must one of \"sha256\", \"sha384\", or \"sha512\"');\n }\n let components;\n switch (jwk.kty) {\n case 'EC':\n check(jwk.crv, '\"crv\" (Curve) Parameter');\n check(jwk.x, '\"x\" (X Coordinate) Parameter');\n check(jwk.y, '\"y\" (Y Coordinate) Parameter');\n components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x, y: jwk.y };\n break;\n case 'OKP':\n check(jwk.crv, '\"crv\" (Subtype of Key Pair) Parameter');\n check(jwk.x, '\"x\" (Public Key) Parameter');\n components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x };\n break;\n case 'RSA':\n check(jwk.e, '\"e\" (Exponent) Parameter');\n check(jwk.n, '\"n\" (Modulus) Parameter');\n components = { e: jwk.e, kty: jwk.kty, n: jwk.n };\n break;\n case 'oct':\n check(jwk.k, '\"k\" (Key Value) Parameter');\n components = { k: jwk.k, kty: jwk.kty };\n break;\n default:\n throw new JOSENotSupported('\"kty\" (Key Type) Parameter missing or unsupported');\n }\n const data = encoder.encode(JSON.stringify(components));\n return base64url(await digest(digestAlgorithm, data));\n}\nexport async function calculateJwkThumbprintUri(jwk, digestAlgorithm) {\n digestAlgorithm ?? (digestAlgorithm = 'sha256');\n const thumbprint = await calculateJwkThumbprint(jwk, digestAlgorithm);\n return `urn:ietf:params:oauth:jwk-thumbprint:sha-${digestAlgorithm.slice(-3)}:${thumbprint}`;\n}\n","import crypto from './webcrypto.js';\nimport { JOSENotSupported } from '../util/errors.js';\nimport random from './random.js';\nexport async function generateSecret(alg, options) {\n let length;\n let algorithm;\n let keyUsages;\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512':\n length = parseInt(alg.slice(-3), 10);\n algorithm = { name: 'HMAC', hash: `SHA-${length}`, length };\n keyUsages = ['sign', 'verify'];\n break;\n case 'A128CBC-HS256':\n case 'A192CBC-HS384':\n case 'A256CBC-HS512':\n length = parseInt(alg.slice(-3), 10);\n return random(new Uint8Array(length >> 3));\n case 'A128KW':\n case 'A192KW':\n case 'A256KW':\n length = parseInt(alg.slice(1, 4), 10);\n algorithm = { name: 'AES-KW', length };\n keyUsages = ['wrapKey', 'unwrapKey'];\n break;\n case 'A128GCMKW':\n case 'A192GCMKW':\n case 'A256GCMKW':\n case 'A128GCM':\n case 'A192GCM':\n case 'A256GCM':\n length = parseInt(alg.slice(1, 4), 10);\n algorithm = { name: 'AES-GCM', length };\n keyUsages = ['encrypt', 'decrypt'];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);\n}\nfunction getModulusLengthOption(options) {\n const modulusLength = options?.modulusLength ?? 2048;\n if (typeof modulusLength !== 'number' || modulusLength < 2048) {\n throw new JOSENotSupported('Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used');\n }\n return modulusLength;\n}\nexport async function generateKeyPair(alg, options) {\n let algorithm;\n let keyUsages;\n switch (alg) {\n case 'PS256':\n case 'PS384':\n case 'PS512':\n algorithm = {\n name: 'RSA-PSS',\n hash: `SHA-${alg.slice(-3)}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['sign', 'verify'];\n break;\n case 'RS256':\n case 'RS384':\n case 'RS512':\n algorithm = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: `SHA-${alg.slice(-3)}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['sign', 'verify'];\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512':\n algorithm = {\n name: 'RSA-OAEP',\n hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['decrypt', 'unwrapKey', 'encrypt', 'wrapKey'];\n break;\n case 'ES256':\n algorithm = { name: 'ECDSA', namedCurve: 'P-256' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'ES384':\n algorithm = { name: 'ECDSA', namedCurve: 'P-384' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'ES512':\n algorithm = { name: 'ECDSA', namedCurve: 'P-521' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'Ed25519':\n algorithm = { name: 'Ed25519' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'EdDSA': {\n keyUsages = ['sign', 'verify'];\n const crv = options?.crv ?? 'Ed25519';\n switch (crv) {\n case 'Ed25519':\n case 'Ed448':\n algorithm = { name: crv };\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported crv option provided');\n }\n break;\n }\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW': {\n keyUsages = ['deriveKey', 'deriveBits'];\n const crv = options?.crv ?? 'P-256';\n switch (crv) {\n case 'P-256':\n case 'P-384':\n case 'P-521': {\n algorithm = { name: 'ECDH', namedCurve: crv };\n break;\n }\n case 'X25519':\n case 'X448':\n algorithm = { name: crv };\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448');\n }\n break;\n }\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);\n}\n","import { generateKeyPair as generate } from '../runtime/generate.js';\nexport async function generateKeyPair(alg, options) {\n return generate(alg, options);\n}\n","import * as base64url from '../runtime/base64url.js';\nexport const encode = base64url.encode;\nexport const decode = base64url.decode;\n","import { decode as base64url } from './base64url.js';\nimport { decoder } from '../lib/buffer_utils.js';\nimport isObject from '../lib/is_object.js';\nimport { JWTInvalid } from './errors.js';\nexport function decodeJwt(jwt) {\n if (typeof jwt !== 'string')\n throw new JWTInvalid('JWTs must use Compact JWS serialization, JWT must be a string');\n const { 1: payload, length } = jwt.split('.');\n if (length === 5)\n throw new JWTInvalid('Only JWTs using Compact JWS serialization can be decoded');\n if (length !== 3)\n throw new JWTInvalid('Invalid JWT');\n if (!payload)\n throw new JWTInvalid('JWTs must contain a payload');\n let decoded;\n try {\n decoded = base64url(payload);\n }\n catch {\n throw new JWTInvalid('Failed to base64url decode the payload');\n }\n let result;\n try {\n result = JSON.parse(decoder.decode(decoded));\n }\n catch {\n throw new JWTInvalid('Failed to parse the decoded payload as JSON');\n }\n if (!isObject(result))\n throw new JWTInvalid('Invalid JWT Claims Set');\n return result;\n}\n","/**\n * solid-oidc.js - Minimal Solid-OIDC client for browsers\n *\n * A zero-build, single-file Solid-OIDC authentication library.\n *\n * @license MIT\n * @author JavaScriptSolidServer\n * @see https://github.com/JavaScriptSolidServer/solid-oidc\n *\n * Based on solid-oidc-client-browser by uvdsl (Christoph Braun)\n * @see https://github.com/uvdsl/solid-oidc-client-browser\n *\n * Implements:\n * - RFC 6749 - OAuth 2.0\n * - RFC 7636 - PKCE\n * - RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification\n * - RFC 9449 - DPoP (Demonstration of Proof-of-Possession)\n * - Solid-OIDC Specification\n */\n\nimport {\n SignJWT,\n generateKeyPair,\n decodeJwt,\n exportJWK,\n createRemoteJWKSet,\n jwtVerify,\n calculateJwkThumbprint\n} from 'jose'\n\n// ============================================================================\n// Session Events\n// ============================================================================\n\nexport const SessionEvents = {\n STATE_CHANGE: 'sessionStateChange',\n EXPIRATION_WARNING: 'sessionExpirationWarning',\n EXPIRATION: 'sessionExpiration'\n}\n\n// ============================================================================\n// Session Database Interface (IndexedDB Implementation)\n// ============================================================================\n\nexport class SessionDatabase {\n constructor(dbName = 'solid-oidc', storeName = 'session', dbVersion = 1) {\n this.dbName = dbName\n this.storeName = storeName\n this.dbVersion = dbVersion\n this.db = null\n }\n\n async init() {\n return new Promise((resolve, reject) => {\n const request = indexedDB.open(this.dbName, this.dbVersion)\n request.onerror = () => reject(new Error(`Database error: ${request.error}`))\n request.onsuccess = () => {\n this.db = request.result\n resolve(this)\n }\n request.onupgradeneeded = (event) => {\n const db = event.target.result\n if (!db.objectStoreNames.contains(this.storeName)) {\n db.createObjectStore(this.storeName)\n }\n }\n })\n }\n\n async setItem(id, value) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).put(value, id)\n })\n }\n\n async getItem(id) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readonly')\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n const request = tx.objectStore(this.storeName).get(id)\n request.onsuccess = () => resolve(request.result || null)\n })\n }\n\n async deleteItem(id) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).delete(id)\n })\n }\n\n async clear() {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).clear()\n })\n }\n\n close() {\n if (this.db) {\n this.db.close()\n this.db = null\n }\n }\n}\n\n// ============================================================================\n// PKCE Helper (RFC 7636)\n// ============================================================================\n\nasync function generatePKCE() {\n const verifier = crypto.randomUUID() + '-' + crypto.randomUUID()\n const digest = new Uint8Array(\n await crypto.subtle.digest('SHA-256', new TextEncoder().encode(verifier))\n )\n const challenge = btoa(String.fromCharCode(...digest))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '')\n return { verifier, challenge }\n}\n\n// ============================================================================\n// DPoP Helper (RFC 9449)\n// ============================================================================\n\nasync function createDPoPToken(keyPair, htu, htm, ath = null) {\n const publicJwk = await exportJWK(keyPair.publicKey)\n const payload = { htu, htm }\n if (ath) payload.ath = ath\n\n return new SignJWT(payload)\n .setIssuedAt()\n .setJti(crypto.randomUUID())\n .setProtectedHeader({ alg: 'ES256', typ: 'dpop+jwt', jwk: publicJwk })\n .sign(keyPair.privateKey)\n}\n\nasync function computeAth(accessToken) {\n const data = new TextEncoder().encode(accessToken)\n const hashBuffer = await crypto.subtle.digest('SHA-256', data)\n const hashArray = Array.from(new Uint8Array(hashBuffer))\n return btoa(String.fromCharCode(...hashArray))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '')\n}\n\n// ============================================================================\n// OIDC Discovery\n// ============================================================================\n\nasync function discoverOIDC(idp) {\n const origin = new URL(idp).origin\n const response = await fetch(`${origin}/.well-known/openid-configuration`)\n if (!response.ok) throw new Error(`OIDC discovery failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Dynamic Client Registration\n// ============================================================================\n\nasync function registerClient(registrationEndpoint, redirectUris) {\n const response = await fetch(registrationEndpoint, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({\n application_type: 'web',\n redirect_uris: redirectUris,\n token_endpoint_auth_method: 'none',\n grant_types: ['authorization_code', 'refresh_token'],\n response_types: ['code'],\n scope: 'openid offline_access webid'\n })\n })\n if (!response.ok) throw new Error(`Client registration failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Token Request\n// ============================================================================\n\nasync function requestTokens(tokenEndpoint, params, keyPair) {\n const dpop = await createDPoPToken(keyPair, tokenEndpoint, 'POST')\n const response = await fetch(tokenEndpoint, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n 'DPoP': dpop\n },\n body: new URLSearchParams(params)\n })\n if (!response.ok) throw new Error(`Token request failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Token Validation\n// ============================================================================\n\nasync function validateAccessToken(accessToken, jwksUri, issuer, clientId, keyPair) {\n const jwks = createRemoteJWKSet(new URL(jwksUri))\n const { payload } = await jwtVerify(accessToken, jwks, {\n issuer,\n audience: 'solid'\n })\n\n // Verify DPoP binding\n const thumbprint = await calculateJwkThumbprint(await exportJWK(keyPair.publicKey))\n if (payload.cnf?.jkt !== thumbprint) {\n throw new Error('DPoP thumbprint mismatch')\n }\n\n // Verify client_id\n if (payload.client_id !== clientId) {\n throw new Error('client_id mismatch')\n }\n\n return payload\n}\n\n// ============================================================================\n// Refresh Token Grant\n// ============================================================================\n\nasync function refreshTokens(database) {\n await database.init()\n\n const [refreshToken, tokenEndpoint, clientId, keyPair] = await Promise.all([\n database.getItem('refresh_token'),\n database.getItem('token_endpoint'),\n database.getItem('client_id'),\n database.getItem('dpop_keypair')\n ])\n\n if (!refreshToken || !tokenEndpoint || !clientId || !keyPair) {\n throw new Error('Missing refresh data')\n }\n\n const tokens = await requestTokens(tokenEndpoint, {\n grant_type: 'refresh_token',\n refresh_token: refreshToken,\n client_id: clientId\n }, keyPair)\n\n // Persist new refresh token if provided\n if (tokens.refresh_token) {\n await database.setItem('refresh_token', tokens.refresh_token)\n }\n\n database.close()\n return { ...tokens, dpop_key_pair: keyPair }\n}\n\n// ============================================================================\n// Main Session Class\n// ============================================================================\n\nexport class Session extends EventTarget {\n constructor(options = {}) {\n super()\n this.clientId = options.clientId || null\n this.database = options.database || new SessionDatabase()\n this.onStateChange = options.onStateChange || null\n this.onExpirationWarning = options.onExpirationWarning || null\n this.onExpiration = options.onExpiration || null\n\n // Internal state\n this._isActive = false\n this._webId = null\n this._exp = null\n this._ath = null\n this._tokens = null\n this._idpDetails = null\n this._refreshPromise = null\n\n // Set up event listeners\n if (this.onStateChange) {\n this.addEventListener(SessionEvents.STATE_CHANGE, this.onStateChange)\n }\n if (this.onExpirationWarning) {\n this.addEventListener(SessionEvents.EXPIRATION_WARNING, this.onExpirationWarning)\n }\n if (this.onExpiration) {\n this.addEventListener(SessionEvents.EXPIRATION, this.onExpiration)\n }\n }\n\n // ==========================================================================\n // Public API\n // ==========================================================================\n\n get isActive() { return this._isActive }\n get webId() { return this._webId }\n\n isExpired() {\n if (!this._exp) return true\n return Math.floor(Date.now() / 1000) >= this._exp\n }\n\n getExpiresIn() {\n if (!this._exp) return -1\n return this._exp - Math.floor(Date.now() / 1000)\n }\n\n /**\n * Redirect user to identity provider for login\n */\n async login(idp, redirectUri) {\n // Sanitize redirect URI (RFC 6749 Section 3.1.2)\n const redirectUrl = new URL(redirectUri)\n const sanitizedRedirect = redirectUrl.origin + redirectUrl.pathname + redirectUrl.search\n\n // OIDC Discovery\n const config = await discoverOIDC(idp)\n\n // RFC 9207: Verify issuer\n const issuer = config.issuer\n const trimSlash = (s) => s.endsWith('/') ? s.slice(0, -1) : s\n if (trimSlash(idp) !== trimSlash(issuer)) {\n throw new Error(`Issuer mismatch: ${issuer} !== ${idp}`)\n }\n\n // Store IDP details\n sessionStorage.setItem('solid_oidc_idp', issuer)\n sessionStorage.setItem('solid_oidc_token_endpoint', config.token_endpoint)\n sessionStorage.setItem('solid_oidc_jwks_uri', config.jwks_uri)\n\n // Get or register client_id\n let clientId = this.clientId\n if (!clientId) {\n const registration = await registerClient(config.registration_endpoint, [sanitizedRedirect])\n clientId = registration.client_id\n sessionStorage.setItem('solid_oidc_client_id', clientId)\n }\n\n // PKCE (RFC 7636)\n const pkce = await generatePKCE()\n sessionStorage.setItem('solid_oidc_pkce_verifier', pkce.verifier)\n\n // CSRF token\n const csrfToken = crypto.randomUUID()\n sessionStorage.setItem('solid_oidc_csrf', csrfToken)\n\n // Build authorization URL\n const authUrl = new URL(config.authorization_endpoint)\n authUrl.searchParams.set('response_type', 'code')\n authUrl.searchParams.set('redirect_uri', sanitizedRedirect)\n authUrl.searchParams.set('scope', 'openid offline_access webid')\n authUrl.searchParams.set('client_id', clientId)\n authUrl.searchParams.set('code_challenge_method', 'S256')\n authUrl.searchParams.set('code_challenge', pkce.challenge)\n authUrl.searchParams.set('state', csrfToken)\n authUrl.searchParams.set('prompt', 'consent')\n\n // Redirect to IDP\n window.location.href = authUrl.toString()\n }\n\n /**\n * Handle redirect from identity provider after login\n */\n async handleRedirectFromLogin() {\n const url = new URL(window.location.href)\n const code = url.searchParams.get('code')\n\n // No code = not a redirect, nothing to do\n if (!code) return\n\n // RFC 9207: Verify issuer\n const idp = sessionStorage.getItem('solid_oidc_idp')\n const iss = url.searchParams.get('iss')\n if (!idp || iss !== idp) {\n throw new Error(`Issuer mismatch: ${iss} !== ${idp}`)\n }\n\n // RFC 6749: Verify CSRF token\n const csrf = sessionStorage.getItem('solid_oidc_csrf')\n if (url.searchParams.get('state') !== csrf) {\n throw new Error('CSRF token mismatch')\n }\n\n // Clean URL\n url.searchParams.delete('code')\n url.searchParams.delete('iss')\n url.searchParams.delete('state')\n window.history.replaceState({}, document.title, url.toString())\n\n // Get stored values\n const pkceVerifier = sessionStorage.getItem('solid_oidc_pkce_verifier')\n const tokenEndpoint = sessionStorage.getItem('solid_oidc_token_endpoint')\n const jwksUri = sessionStorage.getItem('solid_oidc_jwks_uri')\n const clientId = this.clientId || sessionStorage.getItem('solid_oidc_client_id')\n\n if (!pkceVerifier || !tokenEndpoint || !clientId) {\n throw new Error('Missing session data')\n }\n\n // Generate DPoP key pair\n const keyPair = await generateKeyPair('ES256')\n\n // Exchange code for tokens\n const tokens = await requestTokens(tokenEndpoint, {\n grant_type: 'authorization_code',\n code,\n code_verifier: pkceVerifier,\n redirect_uri: url.origin + url.pathname,\n client_id: clientId\n }, keyPair)\n\n // Validate access token\n await validateAccessToken(tokens.access_token, jwksUri, idp, clientId, keyPair)\n\n // Store IDP details\n this._idpDetails = { idp, jwksUri, tokenEndpoint }\n\n // Persist for refresh\n await this.database.init()\n await Promise.all([\n this.database.setItem('idp', idp),\n this.database.setItem('jwks_uri', jwksUri),\n this.database.setItem('token_endpoint', tokenEndpoint),\n this.database.setItem('client_id', clientId),\n this.database.setItem('dpop_keypair', keyPair),\n this.database.setItem('refresh_token', tokens.refresh_token)\n ])\n this.database.close()\n\n // Clean session storage\n sessionStorage.removeItem('solid_oidc_idp')\n sessionStorage.removeItem('solid_oidc_token_endpoint')\n sessionStorage.removeItem('solid_oidc_jwks_uri')\n sessionStorage.removeItem('solid_oidc_client_id')\n sessionStorage.removeItem('solid_oidc_pkce_verifier')\n sessionStorage.removeItem('solid_oidc_csrf')\n\n // Update session state\n await this._setTokens({ ...tokens, dpop_key_pair: keyPair })\n this._dispatchStateChange()\n }\n\n /**\n * Restore session using stored refresh token\n */\n async restore() {\n if (this._refreshPromise) return this._refreshPromise\n\n this._refreshPromise = (async () => {\n try {\n const tokens = await refreshTokens(this.database)\n await this._setTokens(tokens)\n this._dispatchStateChange()\n } catch (error) {\n if (this._isActive) {\n if (!this.isExpired()) {\n this._dispatchExpirationWarning()\n } else {\n this._dispatchExpiration()\n }\n }\n throw error\n } finally {\n this._refreshPromise = null\n }\n })()\n\n return this._refreshPromise\n }\n\n /**\n * Log out and clear all session data\n */\n async logout() {\n this._isActive = false\n this._webId = null\n this._exp = null\n this._ath = null\n this._tokens = null\n this._idpDetails = null\n\n await this.database.init()\n await this.database.clear()\n this.database.close()\n\n this._dispatchStateChange()\n }\n\n /**\n * Make authenticated fetch request with DPoP\n */\n async authFetch(input, init = {}) {\n // No session = regular fetch\n if (!this._isActive) {\n return fetch(input, init)\n }\n\n // Refresh if expired\n if (this.isExpired()) {\n await this.restore()\n }\n\n // Parse request\n let url, method, headers\n if (input instanceof Request) {\n url = new URL(input.url)\n method = init.method || input.method || 'GET'\n headers = new Headers(input.headers)\n } else {\n url = new URL(input.toString())\n method = init.method || 'GET'\n headers = init.headers ? new Headers(init.headers) : new Headers()\n }\n\n // Create DPoP proof\n const dpop = await createDPoPToken(\n this._tokens.dpop_key_pair,\n `${url.origin}${url.pathname}`,\n method.toUpperCase(),\n this._ath\n )\n\n // Set auth headers\n headers.set('DPoP', dpop)\n headers.set('Authorization', `DPoP ${this._tokens.access_token}`)\n\n // Make request\n if (input instanceof Request) {\n return fetch(new Request(input, { ...init, headers }))\n }\n return fetch(url, { ...init, headers })\n }\n\n // ==========================================================================\n // Internal Methods\n // ==========================================================================\n\n async _setTokens(tokens) {\n this._tokens = tokens\n\n const decoded = decodeJwt(tokens.access_token)\n if (!decoded.webid) throw new Error('Missing webid claim')\n if (!decoded.exp) throw new Error('Missing exp claim')\n\n this._ath = await computeAth(tokens.access_token)\n this._webId = decoded.webid\n this._exp = decoded.exp\n this._isActive = true\n }\n\n _dispatchStateChange() {\n this.dispatchEvent(new CustomEvent(SessionEvents.STATE_CHANGE, {\n detail: { isActive: this._isActive, webId: this._webId }\n }))\n }\n\n _dispatchExpirationWarning() {\n this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION_WARNING, {\n detail: { expires_in: this.getExpiresIn() }\n }))\n }\n\n _dispatchExpiration() {\n this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION))\n }\n}\n\n// ============================================================================\n// Default Export\n// ============================================================================\n\nexport default Session\n","/**\n * Adapter to make solid-oidc compatible with @inrupt/solid-client-authn-browser API\n *\n * This provides a drop-in replacement for the Inrupt Session class using the minimal\n * solid-oidc library from JavaScriptSolidServer.\n *\n * @see https://github.com/JavaScriptSolidServer/solid-oidc\n */\n\nimport {\n Session as SolidOidcSession,\n SessionDatabase\n} from 'solid-oidc'\n\n/**\n * Event names compatible with @inrupt/solid-client-authn-browser\n */\nexport const EVENTS = {\n SESSION_RESTORED: 'sessionRestore',\n LOGIN: 'login',\n LOGOUT: 'logout',\n SESSION_EXPIRED: 'sessionExpired',\n ERROR: 'error'\n} as const\n\n/**\n * Callback type for event listeners\n */\ntype EventCallback = (...args: any[]) => void\n\n/**\n * Simple event emitter for compatibility with Inrupt's session.events API\n */\nclass EventEmitter {\n private listeners: Map> = new Map()\n\n on(event: string, callback: EventCallback): void {\n if (!this.listeners.has(event)) {\n this.listeners.set(event, new Set())\n }\n this.listeners.get(event)!.add(callback)\n }\n\n off(event: string, callback: EventCallback): void {\n this.listeners.get(event)?.delete(callback)\n }\n\n emit(event: string, ...args: unknown[]): void {\n this.listeners.get(event)?.forEach(cb => cb(...args))\n }\n}\n\n/**\n * Session info interface compatible with Inrupt\n */\nexport interface SessionInfo {\n isLoggedIn: boolean\n webId?: string\n sessionId?: string\n expirationDate?: number\n}\n\n/**\n * Options for handleIncomingRedirect\n */\nexport interface HandleRedirectOptions {\n restorePreviousSession?: boolean\n url?: string\n}\n\n/**\n * Options for login\n */\nexport interface LoginOptions {\n oidcIssuer: string\n redirectUrl: string\n clientId?: string\n clientName?: string\n tokenType?: string\n}\n\n/**\n * Session class that wraps solid-oidc to provide @inrupt/solid-client-authn-browser compatible API\n */\nexport class Session {\n private _session: SolidOidcSession\n private _events: EventEmitter\n private _sessionId: string\n\n constructor(options?: { clientId?: string }) {\n this._session = new SolidOidcSession({\n clientId: options?.clientId,\n database: new SessionDatabase(),\n onStateChange: (event) => {\n const detail = (event as CustomEvent).detail\n if (detail?.isActive) {\n this._events.emit(EVENTS.LOGIN)\n this._events.emit(EVENTS.SESSION_RESTORED, window.location.href)\n } else {\n this._events.emit(EVENTS.LOGOUT)\n }\n },\n onExpiration: () => {\n this._events.emit(EVENTS.SESSION_EXPIRED)\n }\n })\n this._events = new EventEmitter()\n this._sessionId = crypto.randomUUID()\n }\n\n /**\n * Event emitter for session events\n */\n get events(): EventEmitter {\n return this._events\n }\n\n /**\n * Session information\n */\n get info(): SessionInfo {\n return {\n isLoggedIn: this._session.isActive,\n webId: this._session.webId ?? undefined,\n sessionId: this._sessionId,\n expirationDate: this._session.isActive\n ? Date.now() + (this._session.getExpiresIn() * 1000)\n : undefined\n }\n }\n\n /**\n * Handle incoming redirect from identity provider\n */\n async handleIncomingRedirect(options?: HandleRedirectOptions | string): Promise {\n // Handle string URL (legacy API)\n const opts: HandleRedirectOptions = typeof options === 'string'\n ? { url: options }\n : options ?? {}\n\n try {\n // First handle any redirect from login\n await this._session.handleRedirectFromLogin()\n\n // If not logged in and restorePreviousSession is true, try to restore\n if (!this._session.isActive && opts.restorePreviousSession !== false) {\n try {\n await this._session.restore()\n } catch {\n // No session to restore, that's okay\n }\n }\n\n return this.info\n } catch (error) {\n this._events.emit(EVENTS.ERROR, error)\n return undefined\n }\n }\n\n /**\n * Initiate login flow\n */\n async login(options: LoginOptions): Promise {\n const redirectUrl = options.redirectUrl || window.location.href\n await this._session.login(options.oidcIssuer, redirectUrl)\n }\n\n /**\n * Log out and clear session\n */\n async logout(): Promise {\n await this._session.logout()\n }\n\n /**\n * Make authenticated fetch request\n */\n async fetch(url: RequestInfo | URL, init?: RequestInit): Promise {\n return this._session.authFetch(url as string, init)\n }\n}\n\nexport default Session\n","import { Session } from './solidOidcAdapter'\n\nexport const authSession = new Session()\n","const __WEBPACK_NAMESPACE_OBJECT__ = __WEBPACK_EXTERNAL_MODULE_rdflib__;","// Namespaces we commonly use and have common prefixes for around Solid\nimport solidNamespace from 'solid-namespace' // Delegate to this which takes RDFlib as param.\nimport * as $rdf from 'rdflib'\n\nexport const ns = solidNamespace($rdf)","import { graph, NamedNode, Namespace, serialize, sym } from 'rdflib'\nimport { AclLogic } from '../types'\nimport { ns as namespace } from '../util/ns'\n\n\nexport const ACL_LINK = sym(\n 'http://www.iana.org/assignments/link-relations/acl'\n)\n\nexport function createAclLogic(store): AclLogic {\n\n const ns = namespace\n \n async function findAclDocUrl(url: NamedNode) {\n await store.fetcher.load(url)\n const docNode = store.any(url, ACL_LINK)\n if (!docNode) {\n throw new Error(`No ACL link discovered for ${url}`)\n }\n return docNode.value\n }\n /**\n * Simple Access Control\n *\n * This function sets up a simple default ACL for a resource, with\n * RWC for the owner, and a specified access (default none) for the public.\n * In all cases owner has read write control.\n * Parameter lists modes allowed to public\n *\n * @param options\n * @param options.public eg ['Read', 'Write']\n *\n * @returns Resolves with aclDoc uri on successful write\n */\n function setACLUserPublic ( \n docURI: string,\n me: NamedNode,\n options: {\n defaultForNew?: boolean,\n public?: []\n }\n ): Promise {\n const aclDoc = store.any(\n store.sym(docURI),\n ACL_LINK\n )\n\n return Promise.resolve()\n .then(() => {\n if (aclDoc) {\n return aclDoc as NamedNode\n }\n\n return fetchACLRel(docURI).catch(err => {\n throw new Error(`Error fetching rel=ACL header for ${docURI}: ${err}`)\n })\n })\n .then(aclDoc => {\n const aclText = genACLText(docURI, me, aclDoc.uri, options)\n if (!store.fetcher) {\n throw new Error('Cannot PUT this, store has no fetcher')\n }\n return store.fetcher\n .webOperation('PUT', aclDoc.uri, {\n data: aclText,\n contentType: 'text/turtle'\n })\n .then(result => {\n if (!result.ok) {\n throw new Error('Error writing ACL text: ' + result.error)\n }\n\n return aclDoc\n })\n })\n }\n\n /**\n * @param docURI\n * @returns\n */\n function fetchACLRel (docURI: string): Promise {\n const fetcher = store.fetcher\n if (!fetcher) {\n throw new Error('Cannot fetch ACL rel, store has no fetcher')\n }\n\n return fetcher.load(docURI).then(result => {\n if (!result.ok) {\n throw new Error('fetchACLRel: While loading:' + (result as any).error)\n }\n\n const aclDoc = store.any(\n store.sym(docURI),\n ACL_LINK\n )\n\n if (!aclDoc) {\n throw new Error('fetchACLRel: No Link rel=ACL header for ' + docURI)\n }\n\n return aclDoc as NamedNode\n })\n }\n\n /**\n * @param docURI\n * @param me\n * @param aclURI\n * @param options\n *\n * @returns Serialized ACL\n */\n function genACLText (\n docURI: string,\n me: NamedNode,\n aclURI: string,\n options: {\n defaultForNew?: boolean,\n public?: []\n } = {}\n ): string | undefined {\n const optPublic = options.public || []\n const g = graph()\n const auth = Namespace('http://www.w3.org/ns/auth/acl#')\n let a = g.sym(`${aclURI}#a1`)\n const acl = g.sym(aclURI)\n const doc = g.sym(docURI)\n g.add(a, ns.rdf('type'), auth('Authorization'), acl)\n g.add(a, auth('accessTo'), doc, acl)\n if (options.defaultForNew) {\n g.add(a, auth('default'), doc, acl)\n }\n g.add(a, auth('agent'), me, acl)\n g.add(a, auth('mode'), auth('Read'), acl)\n g.add(a, auth('mode'), auth('Write'), acl)\n g.add(a, auth('mode'), auth('Control'), acl)\n\n if (optPublic.length) {\n a = g.sym(`${aclURI}#a2`)\n g.add(a, ns.rdf('type'), auth('Authorization'), acl)\n g.add(a, auth('accessTo'), doc, acl)\n g.add(a, auth('agentClass'), ns.foaf('Agent'), acl)\n for (let p = 0; p < optPublic.length; p++) {\n g.add(a, auth('mode'), auth(optPublic[p]), acl) // Like 'Read' etc\n }\n }\n return serialize(acl, g, aclURI)\n }\n return {\n findAclDocUrl,\n setACLUserPublic,\n genACLText\n }\n}","import { NamedNode, sym } from 'rdflib'\nimport * as debug from '../util/debug'\n\n/**\n * find a user or app's context as set in window.SolidAppContext\n * this is a const, not a function, because we have problems to jest mock it otherwise\n * see: https://github.com/facebook/jest/issues/936#issuecomment-545080082 for more\n * @return {any} - an appContext object\n */\nexport const appContext = ():any => {\n let { SolidAppContext }: any = window\n SolidAppContext ||= {}\n SolidAppContext.viewingNoAuthPage = false\n if (SolidAppContext.noAuth && window.document) {\n const currentPage = window.document.location.href\n if (currentPage.startsWith(SolidAppContext.noAuth)) {\n SolidAppContext.viewingNoAuthPage = true\n const params = new URLSearchParams(window.document.location.search)\n if (params) {\n let viewedPage = SolidAppContext.viewedPage = params.get('uri') || null\n if (viewedPage) {\n viewedPage = decodeURI(viewedPage)\n if (!viewedPage.startsWith(SolidAppContext.noAuth)) {\n const ary = viewedPage.split(/\\//)\n SolidAppContext.idp = ary[0] + '//' + ary[2]\n SolidAppContext.viewingNoAuthPage = false\n }\n }\n }\n }\n }\n return SolidAppContext\n}\n\n/**\n * Returns `sym($SolidTestEnvironment.username)` if\n * `$SolidTestEnvironment.username` is defined as a global\n * or \n * returns testID defined in the HTML page\n * @returns {NamedNode|null}\n */\nexport function offlineTestID (): NamedNode | null {\n const { $SolidTestEnvironment }: any = window\n if (\n typeof $SolidTestEnvironment !== 'undefined' &&\n $SolidTestEnvironment.username\n ) {\n // Test setup\n debug.log('Assuming the user is ' + $SolidTestEnvironment.username)\n return sym($SolidTestEnvironment.username)\n }\n // hack that makes SolidOS work in offline mode by adding the webId directly in html\n // example usage: https://github.com/solidos/mashlib/blob/29b8b53c46bf02e0e219f0bacd51b0e9951001dd/test/contact/local.html#L37\n if (\n typeof document !== 'undefined' &&\n document.location &&\n ('' + document.location).slice(0, 16) === 'http://localhost'\n ) {\n const div = document.getElementById('appTarget')\n if (!div) return null\n const id = div.getAttribute('testID')\n if (!id) return null\n debug.log('Assuming user is ' + id)\n return sym(id)\n }\n return null\n}\n","import { namedNode, NamedNode, sym } from 'rdflib'\nimport { appContext, offlineTestID } from './authUtil'\nimport * as debug from '../util/debug'\nimport { EVENTS, Session } from '../authSession/solidOidcAdapter'\nimport { AuthenticationContext, AuthnLogic } from '../types'\n\nexport class SolidAuthnLogic implements AuthnLogic {\n private session: Session\n\n constructor(solidAuthSession: Session) {\n this.session = solidAuthSession\n }\n\n // we created authSession getter because we want to access it as authn.authSession externally\n get authSession():Session { return this.session }\n\n currentUser(): NamedNode | null {\n const app = appContext()\n if (app.viewingNoAuthPage) {\n return sym(app.webId)\n }\n if (this && this.session && this.session.info && this.session.info.webId && this.session.info.isLoggedIn) {\n return sym(this.session.info.webId)\n }\n return offlineTestID() // null unless testing\n }\n\n /**\n * Retrieves currently logged in webId from either\n * defaultTestUser or SolidAuth\n * Also activates a session after login\n * @param [setUserCallback] Optional callback\n * @returns Resolves with webId uri, if no callback provided\n */\n async checkUser (\n setUserCallback?: (me: NamedNode | null) => T\n ): Promise {\n // Save hash for \"restorePreviousSession\"\n const preLoginRedirectHash = new URL(window.location.href).hash\n if (preLoginRedirectHash) {\n window.localStorage.setItem('preLoginRedirectHash', preLoginRedirectHash)\n }\n this.session.events.on(EVENTS.SESSION_RESTORED, (url) => {\n debug.log(`Session restored to ${url}`)\n if (document.location.toString() !== url) history.replaceState(null, '', url as string)\n })\n\n /**\n * Handle a successful authentication redirect\n */\n const redirectUrl = new URL(window.location.href)\n redirectUrl.hash = ''\n await this.session\n .handleIncomingRedirect({\n restorePreviousSession: true,\n url: redirectUrl.href\n })\n\n // Check to see if a hash was stored in local storage\n const postLoginRedirectHash = window.localStorage.getItem('preLoginRedirectHash')\n if (postLoginRedirectHash) {\n const curUrl = new URL(window.location.href)\n if (curUrl.hash !== postLoginRedirectHash) {\n if (history.pushState) {\n // debug.log('Setting window.location.has using pushState')\n history.pushState(null, document.title, postLoginRedirectHash)\n } else {\n // debug.warn('Setting window.location.has using location.hash')\n location.hash = postLoginRedirectHash\n }\n curUrl.hash = postLoginRedirectHash\n }\n // See https://stackoverflow.com/questions/3870057/how-can-i-update-window-location-hash-without-jumping-the-document\n // window.location.href = curUrl.toString()// @@ See https://developer.mozilla.org/en-US/docs/Web/API/Window/location\n window.localStorage.setItem('preLoginRedirectHash', '')\n }\n\n // Check to see if already logged in / have the WebID\n let me = offlineTestID()\n if (me) {\n return Promise.resolve(setUserCallback ? setUserCallback(me) : me)\n }\n\n const webId = this.webIdFromSession(this.session.info)\n if (webId) {\n me = this.saveUser(webId)\n }\n\n if (me) {\n debug.log(`(Logged in as ${me} by authentication)`)\n }\n\n return Promise.resolve(setUserCallback ? setUserCallback(me) : me)\n }\n\n /**\n * Saves `webId` in `context.me`\n * @param webId\n * @param context\n *\n * @returns Returns the WebID, after setting it\n */\n saveUser (\n webId: NamedNode | string | null,\n context?: AuthenticationContext\n ): NamedNode | null {\n let webIdUri: string\n if (webId) {\n webIdUri = (typeof webId === 'string') ? webId : webId.uri\n const me = namedNode(webIdUri)\n if (context) {\n context.me = me\n }\n return me\n }\n return null\n }\n\n /**\n * @returns {Promise} Resolves with WebID URI or null\n */\n webIdFromSession (session?: { webId?: string, isLoggedIn: boolean }): string | null {\n const webId = session?.webId && session.isLoggedIn ? session.webId : null\n return webId\n }\n\n}\n","import { NamedNode, sym } from 'rdflib'\n\nexport function newThing(doc: NamedNode): NamedNode {\n return sym(doc.uri + '#' + 'id' + ('' + Date.now()))\n}\n\nexport function uniqueNodes (arr: NamedNode[]): NamedNode[] {\n const uris = arr.map(x => x.uri)\n const set = new Set(uris)\n const uris2 = Array.from(set)\n const arr2 = uris2.map(u => new NamedNode(u))\n return arr2 // Array.from(new Set(arr.map(x => x.uri))).map(u => sym(u))\n}\n\nexport function getArchiveUrl(baseUrl: string, date: Date) {\n const year = date.getUTCFullYear()\n const month = ('0' + (date.getUTCMonth()+1)).slice(-2)\n const day = ('0' + (date.getUTCDate())).slice(-2)\n const parts = baseUrl.split('/')\n const filename = parts[parts.length -1 ]\n return new URL(`./archive/${year}/${month}/${day}/${filename}`, baseUrl).toString()\n}\n\nexport function differentOrigin(doc): boolean {\n if (!doc) {\n return true\n }\n return (\n `${window.location.origin}/` !== new URL(doc.value).origin\n )\n}\n\nexport function suggestPreferencesFile (me:NamedNode) {\n const stripped = me.uri.replace('/profile/', '/').replace('/public/', '/')\n // const stripped = me.uri.replace(\\/[p|P]rofile/\\g, '/').replace(\\/[p|P]ublic/\\g, '/')\n const folderURI = stripped.split('/').slice(0,-1).join('/') + '/Settings/'\n const fileURI = folderURI + 'Preferences.ttl'\n return sym(fileURI)\n}\n\nexport function determineChatContainer(\n invitee: NamedNode,\n podRoot: NamedNode\n): NamedNode {\n // Create chat\n // See https://gitter.im/solid/chat-app?at=5f3c800f855be416a23ae74a\n const chatContainerStr = new URL(\n `IndividualChats/${new URL(invitee.value).host}/`,\n podRoot.value\n ).toString()\n return new NamedNode(chatContainerStr)\n}\n","import { NamedNode, Node, st, term } from 'rdflib'\nimport { ChatLogic, CreatedPaneOptions, NewPaneOptions, Chat } from '../types'\nimport { ns as namespace } from '../util/ns'\nimport { determineChatContainer, newThing } from '../util/utils'\n\nconst CHAT_LOCATION_IN_CONTAINER = 'index.ttl#this'\n\nexport function createChatLogic(store, profileLogic): ChatLogic {\n const ns = namespace\n\n async function setAcl(\n chatContainer: NamedNode,\n me: NamedNode,\n invitee: NamedNode\n ): Promise {\n // Some servers don't present a Link http response header\n // if the container doesn't exist yet, so refetch the container\n // now that it has been created:\n await store.fetcher.load(chatContainer)\n\n // FIXME: check the Why value on this quad:\n const chatAclDoc = store.any(\n chatContainer,\n new NamedNode('http://www.iana.org/assignments/link-relations/acl')\n )\n if (!chatAclDoc) {\n throw new Error('Chat ACL doc not found!')\n }\n\n const aclBody = `\n @prefix acl: .\n <#owner>\n a acl:Authorization;\n acl:agent <${me.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Write, acl:Control.\n <#invitee>\n a acl:Authorization;\n acl:agent <${invitee.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Append.\n `\n await store.fetcher.webOperation('PUT', chatAclDoc.value, {\n data: aclBody,\n contentType: 'text/turtle',\n })\n }\n\n async function addToPrivateTypeIndex(chatThing, me) {\n // Add to private type index\n const privateTypeIndex = store.any(\n me,\n ns.solid('privateTypeIndex')\n ) as NamedNode | null\n if (!privateTypeIndex) {\n throw new Error('Private type index not found!')\n }\n await store.fetcher.load(privateTypeIndex)\n const reg = newThing(privateTypeIndex)\n const ins = [\n st(\n reg,\n ns.rdf('type'),\n ns.solid('TypeRegistration'),\n privateTypeIndex.doc()\n ),\n st(\n reg,\n ns.solid('forClass'),\n ns.meeting('LongChat'),\n privateTypeIndex.doc()\n ),\n st(reg, ns.solid('instance'), chatThing, privateTypeIndex.doc()),\n ]\n await new Promise((resolve, reject) => {\n store.updater.update([], ins, function (_uri, ok, errm) {\n if (!ok) {\n reject(new Error(errm))\n } else {\n resolve(null)\n }\n })\n })\n }\n\n async function findChat(invitee: NamedNode): Promise {\n const me = await profileLogic.loadMe()\n const podRoot = await profileLogic.getPodRoot(me)\n const chatContainer = determineChatContainer(invitee, podRoot)\n let exists = true\n try {\n await store.fetcher.load(\n new NamedNode(chatContainer.value + 'index.ttl#this')\n )\n } catch (e) {\n exists = false\n }\n return { me, chatContainer, exists }\n }\n\n async function createChatThing(\n chatContainer: NamedNode,\n me: NamedNode\n ): Promise {\n const created = await mintNew({\n me,\n newBase: chatContainer.value,\n })\n return created.newInstance\n }\n\n function mintNew(newPaneOptions: NewPaneOptions): Promise {\n const kb = store\n const updater = kb.updater\n if (newPaneOptions.me && !newPaneOptions.me.uri) {\n throw new Error('chat mintNew: Invalid userid ' + newPaneOptions.me)\n }\n\n const newInstance = (newPaneOptions.newInstance =\n newPaneOptions.newInstance ||\n kb.sym(newPaneOptions.newBase + CHAT_LOCATION_IN_CONTAINER))\n const newChatDoc = newInstance.doc()\n\n kb.add(\n newInstance,\n ns.rdf('type'),\n ns.meeting('LongChat'),\n newChatDoc\n )\n kb.add(newInstance, ns.dc('title'), 'Chat channel', newChatDoc)\n kb.add(\n newInstance,\n ns.dc('created'),\n term(new Date(Date.now())),\n newChatDoc\n )\n if (newPaneOptions.me) {\n kb.add(newInstance, ns.dc('author'), newPaneOptions.me, newChatDoc)\n }\n\n return new Promise(function (resolve, reject) {\n updater?.put(\n newChatDoc,\n kb.statementsMatching(undefined, undefined, undefined, newChatDoc),\n 'text/turtle',\n function (uri2, ok, message) {\n if (ok) {\n resolve({\n ...newPaneOptions,\n newInstance,\n })\n } else {\n reject(\n new Error(\n 'FAILED to save new chat channel at: ' + uri2 + ' : ' + message\n )\n )\n }\n }\n )\n })\n }\n\n /**\n * Find (and optionally create) an individual chat between the current user and the given invitee\n * @param invitee - The person to chat with\n * @param createIfMissing - Whether the chat should be created, if missing\n * @returns null if missing, or a node referring to an already existing chat, or the newly created chat\n */\n async function getChat(\n invitee: NamedNode,\n createIfMissing = true\n ): Promise {\n const { me, chatContainer, exists } = await findChat(invitee)\n if (exists) {\n return new NamedNode(chatContainer.value + CHAT_LOCATION_IN_CONTAINER)\n }\n\n if (createIfMissing) {\n const chatThing = await createChatThing(chatContainer, me)\n await sendInvite(invitee, chatThing)\n await setAcl(chatContainer, me, invitee)\n await addToPrivateTypeIndex(chatThing, me)\n return chatThing\n }\n return null\n }\n\n async function sendInvite(invitee: NamedNode, chatThing: NamedNode) {\n await store.fetcher.load(invitee.doc())\n const inviteeInbox = store.any(\n invitee,\n ns.ldp('inbox'),\n undefined,\n invitee.doc()\n )\n if (!inviteeInbox) {\n throw new Error(`Invitee inbox not found! ${invitee.value}`)\n }\n const inviteBody = `\n <> a ;\n ${ns.rdf('seeAlso')} <${chatThing.value}> .\n `\n\n const inviteResponse = await store.fetcher?.webOperation(\n 'POST',\n inviteeInbox.value,\n {\n data: inviteBody,\n contentType: 'text/turtle',\n }\n )\n const locationStr = inviteResponse?.headers.get('location')\n if (!locationStr) {\n throw new Error(`Invite sending returned a ${inviteResponse?.status}`)\n }\n }\n return {\n setAcl, addToPrivateTypeIndex, findChat, createChatThing, getChat, sendInvite, mintNew\n }\n}\n","import { NamedNode } from 'rdflib'\nimport { InboxLogic } from '../types'\nimport { getArchiveUrl } from '../util/utils'\n\nexport function createInboxLogic(store, profileLogic, utilityLogic, containerLogic, aclLogic): InboxLogic {\n\n async function createInboxFor(peerWebId: string, nick: string) {\n const myWebId: NamedNode = await profileLogic.loadMe()\n const podRoot: NamedNode = await profileLogic.getPodRoot(myWebId)\n const ourInbox = `${podRoot.value}p2p-inboxes/${encodeURIComponent(nick)}/`\n await containerLogic.createContainer(ourInbox)\n // const aclDocUrl = await aclLogic.findAclDocUrl(ourInbox);\n await utilityLogic.setSinglePeerAccess({\n ownerWebId: myWebId.value,\n peerWebId,\n accessToModes: 'acl:Append',\n target: ourInbox\n })\n return ourInbox\n }\n\n async function getNewMessages(\n user?: NamedNode\n ): Promise {\n if (!user) {\n user = await profileLogic.loadMe()\n }\n const inbox = await profileLogic.getMainInbox(user)\n const urls = await containerLogic.getContainerMembers(inbox)\n return urls.filter(url => !containerLogic.isContainer(url))\n }\n\n async function markAsRead(url: string, date: Date) {\n const downloaded = await store.fetcher._fetch(url)\n if (downloaded.status !== 200) {\n throw new Error(`Not OK! ${url}`)\n }\n const archiveUrl = getArchiveUrl(url, date)\n const options = {\n method: 'PUT',\n body: await downloaded.text(),\n headers: [\n ['Content-Type', downloaded.headers.get('Content-Type') || 'application/octet-stream']\n ]\n }\n const uploaded = await store.fetcher._fetch(archiveUrl, options)\n if (uploaded.status.toString()[0] === '2') {\n await store.fetcher._fetch(url, {\n method: 'DELETE'\n })\n }\n }\n return {\n createInboxFor,\n getNewMessages,\n markAsRead\n }\n}\n","class CustomError extends Error {\n constructor(message?: string) {\n super(message)\n // see: typescriptlang.org/docs/handbook/release-notes/typescript-2-2.html\n Object.setPrototypeOf(this, new.target.prototype) // restore prototype chain\n this.name = new.target.name // stack traces display correctly now\n }\n}\n\nexport class UnauthorizedError extends CustomError {}\n\nexport class CrossOriginForbiddenError extends CustomError {}\n\nexport class SameOriginForbiddenError extends CustomError {}\n\nexport class NotFoundError extends CustomError {}\n\nexport class NotEditableError extends CustomError { }\n\nexport class WebOperationError extends CustomError {}\n\nexport class FetchError extends CustomError {\n status: number\n\n constructor(status: number, message?: string) {\n super(message)\n this.status = status\n }\n}","import { NamedNode } from 'rdflib'\nimport { CrossOriginForbiddenError, FetchError, NotEditableError, SameOriginForbiddenError, UnauthorizedError, WebOperationError } from '../logic/CustomError'\nimport * as debug from '../util/debug'\nimport { ns as namespace } from '../util/ns'\nimport { differentOrigin, suggestPreferencesFile } from '../util/utils'\nimport { ProfileLogic } from '../types'\n\nexport function createProfileLogic(store, authn, utilityLogic): ProfileLogic {\n const ns = namespace\n\n /**\n * loads the preference without throwing errors - if it can create it it does so.\n * remark: it still throws error if it cannot load profile.\n * @param user\n * @returns undefined if preferenceFile cannot be returned or NamedNode if it can find it or create it\n */\n async function silencedLoadPreferences(user: NamedNode): Promise {\n try {\n return await loadPreferences(user)\n } catch (err) {\n return undefined\n }\n }\n\n /**\n * loads the preference without returning different errors if it cannot create or load it.\n * remark: it also throws error if it cannot load profile.\n * @param user\n * @returns undefined if preferenceFile cannot be an Error or NamedNode if it can find it or create it\n */\n async function loadPreferences (user: NamedNode): Promise {\n await loadProfile(user)\n\n const possiblePreferencesFile = suggestPreferencesFile(user)\n let preferencesFile\n try {\n preferencesFile = await utilityLogic.followOrCreateLink(user, ns.space('preferencesFile') as NamedNode, possiblePreferencesFile, user.doc())\n } catch (err) {\n const message = `User ${user} has no pointer in profile to preferences file.`\n debug.warn(message)\n // we are listing the possible errors\n if (err instanceof NotEditableError) { throw err }\n if (err instanceof WebOperationError) { throw err }\n if (err instanceof UnauthorizedError) { throw err }\n if (err instanceof CrossOriginForbiddenError) { throw err }\n if (err instanceof SameOriginForbiddenError) { throw err }\n if (err instanceof FetchError) { throw err }\n throw err\n }\n\n try {\n await store.fetcher.load(preferencesFile as NamedNode)\n } catch (err) { // Maybe a permission problem or origin problem\n const msg = `Unable to load preference of user ${user}: ${err}`\n debug.warn(msg)\n if (err.response.status === 401) {\n throw new UnauthorizedError()\n }\n if (err.response.status === 403) {\n if (differentOrigin(preferencesFile)) {\n throw new CrossOriginForbiddenError()\n }\n throw new SameOriginForbiddenError()\n }\n /*if (err.response.status === 404) {\n throw new NotFoundError();\n }*/\n throw new Error(msg)\n }\n return preferencesFile as NamedNode\n }\n\n async function loadProfile (user: NamedNode):Promise {\n if (!user) {\n throw new Error('loadProfile: no user given.')\n }\n try {\n await store.fetcher.load(user.doc())\n } catch (err) {\n throw new Error(`Unable to load profile of user ${user}: ${err}`)\n }\n return user.doc()\n }\n\n async function loadMe(): Promise {\n const me = authn.currentUser()\n if (me === null) {\n throw new Error('Current user not found! Not logged in?')\n }\n await store.fetcher.load(me.doc())\n return me\n }\n\n function getPodRoot(user: NamedNode): NamedNode {\n const podRoot = findStorage(user)\n if (!podRoot) {\n throw new Error('User pod root not found!')\n }\n return podRoot as NamedNode\n }\n\n async function getMainInbox(user: NamedNode): Promise {\n await store.fetcher.load(user)\n const mainInbox = store.any(user, ns.ldp('inbox'), undefined, user.doc())\n if (!mainInbox) {\n throw new Error('User main inbox not found!')\n }\n return mainInbox as NamedNode\n }\n\n function findStorage(me: NamedNode) {\n return store.any(me, ns.space('storage'), undefined, me.doc())\n }\n\n return {\n loadMe,\n getPodRoot,\n getMainInbox,\n findStorage,\n loadPreferences,\n loadProfile,\n silencedLoadPreferences\n }\n}\n","import { NamedNode, st, sym } from 'rdflib'\nimport { ScopedApp, TypeIndexLogic, TypeIndexScope } from '../types'\nimport * as debug from '../util/debug'\nimport { ns as namespace } from '../util/ns'\nimport { newThing } from '../util/utils'\n\nexport function createTypeIndexLogic(store, authn, profileLogic, utilityLogic): TypeIndexLogic {\n const ns = namespace\n\n function getRegistrations(instance, theClass) {\n return store\n .each(undefined, ns.solid('instance'), instance)\n .filter((r) => {\n return store.holds(r, ns.solid('forClass'), theClass)\n })\n }\n\n async function loadTypeIndexesFor(user: NamedNode): Promise> {\n if (!user) throw new Error('loadTypeIndexesFor: No user given')\n const profile = await profileLogic.loadProfile(user)\n\n const suggestion = suggestPublicTypeIndex(user)\n let publicTypeIndex\n try {\n publicTypeIndex = await utilityLogic.followOrCreateLink(user, ns.solid('publicTypeIndex') as NamedNode, suggestion, profile)\n } catch (err) {\n const message = `User ${user} has no pointer in profile to publicTypeIndex file.`\n debug.warn(message)\n }\n const publicScopes = publicTypeIndex ? [{ label: 'public', index: publicTypeIndex as NamedNode, agent: user }] : []\n\n let preferencesFile\n try {\n preferencesFile = await profileLogic.silencedLoadPreferences(user)\n } catch (err) {\n preferencesFile = null\n }\n\n let privateScopes\n if (preferencesFile) { // watch out - can be in either as spec was not clear. Legacy is profile.\n // If there is a legacy one linked from the profile, use that.\n // Otherwiae use or make one linked from Preferences\n const suggestedPrivateTypeIndex = suggestPrivateTypeIndex(preferencesFile)\n let privateTypeIndex\n try {\n privateTypeIndex = store.any(user, ns.solid('privateTypeIndex'), undefined, profile) ||\n await utilityLogic.followOrCreateLink(user, ns.solid('privateTypeIndex') as NamedNode, suggestedPrivateTypeIndex, preferencesFile)\n } catch (err) {\n const message = `User ${user} has no pointer in preference file to privateTypeIndex file.`\n debug.warn(message)\n }\n privateScopes = privateTypeIndex ? [{ label: 'private', index: privateTypeIndex as NamedNode, agent: user }] : []\n } else {\n privateScopes = []\n }\n const scopes = publicScopes.concat(privateScopes)\n if (scopes.length === 0) return scopes\n const files = scopes.map(scope => scope.index)\n try {\n await store.fetcher.load(files)\n } catch (err) {\n debug.warn('Problems loading type index: ', err)\n }\n return scopes\n }\n\n async function loadCommunityTypeIndexes(user: NamedNode): Promise {\n let preferencesFile\n try {\n preferencesFile = await profileLogic.silencedLoadPreferences(user)\n } catch (err) {\n const message = `User ${user} has no pointer in profile to preferences file.`\n debug.warn(message)\n }\n if (preferencesFile) { // For now, pick up communities as simple links from the preferences file.\n const communities = store.each(user, ns.solid('community'), undefined, preferencesFile as NamedNode).concat(\n store.each(user, ns.solid('community'), undefined, user.doc() as NamedNode)\n )\n let result = []\n for (const org of communities) {\n result = result.concat(await loadTypeIndexesFor(org as NamedNode) as any)\n }\n return result\n }\n return [] // No communities\n }\n\n async function loadAllTypeIndexes(user: NamedNode) {\n return (await loadTypeIndexesFor(user)).concat((await loadCommunityTypeIndexes(user)).flat())\n }\n\n async function getScopedAppInstances(klass: NamedNode, user: NamedNode): Promise {\n const scopes = await loadAllTypeIndexes(user)\n let scopedApps = []\n for (const scope of scopes) {\n const scopedApps0 = await getScopedAppsFromIndex(scope, klass) as any\n scopedApps = scopedApps.concat(scopedApps0)\n }\n return scopedApps\n }\n\n // This is the function signature which used to be in solid-ui/logic\n // Recommended to use getScopedAppInstances instead as it provides more information.\n //\n async function getAppInstances(klass: NamedNode): Promise {\n const user = authn.currentUser()\n if (!user) throw new Error('getAppInstances: Must be logged in to find apps.')\n const scopedAppInstances = await getScopedAppInstances(klass, user)\n return scopedAppInstances.map(scoped => scoped.instance)\n }\n\n function suggestPublicTypeIndex(me: NamedNode) {\n return sym(me.doc().dir()?.uri + 'publicTypeIndex.ttl')\n }\n // Note this one is based off the pref file not the profile\n\n function suggestPrivateTypeIndex(preferencesFile: NamedNode) {\n return sym(preferencesFile.doc().dir()?.uri + 'privateTypeIndex.ttl')\n }\n\n /*\n * Register a new app in a type index\n * used in chat in bookmark.js (solid-ui)\n * Returns the registration object if successful else null\n */\n async function registerInTypeIndex(\n instance: NamedNode,\n index: NamedNode,\n theClass: NamedNode,\n // agent: NamedNode\n ): Promise {\n const registration = newThing(index)\n const ins = [\n // See https://github.com/solid/solid/blob/main/proposals/data-discovery.md\n st(registration, ns.rdf('type'), ns.solid('TypeRegistration'), index),\n st(registration, ns.solid('forClass'), theClass, index),\n st(registration, ns.solid('instance'), instance, index)\n ]\n try {\n await store.updater.update([], ins)\n } catch (err) {\n const msg = `Unable to register ${instance} in index ${index}: ${err}`\n console.warn(msg)\n return null\n }\n return registration\n }\n\n async function deleteTypeIndexRegistration(item) {\n const reg = store.the(null, ns.solid('instance'), item.instance, item.scope.index) as NamedNode\n if (!reg) throw new Error(`deleteTypeIndexRegistration: No registration found for ${item.instance}`)\n const statements = store.statementsMatching(reg, null, null, item.scope.index)\n await store.updater.update(statements, [])\n }\n\n async function getScopedAppsFromIndex(scope: TypeIndexScope, theClass: NamedNode | null): Promise {\n const index = scope.index\n const results: ScopedApp[] = []\n const registrations = store.statementsMatching(null, ns.solid('instance'), null, index)\n .concat(store.statementsMatching(null, ns.solid('instanceContainer'), null, index))\n .map(st => st.subject)\n for (const reg of registrations) {\n const klass = store.any(reg, ns.solid('forClass'), null, index)\n if (!theClass || klass.sameTerm(theClass)) {\n const instances = store.each(reg, ns.solid('instance'), null, index)\n for (const instance of instances) {\n results.push({ instance, type: klass, scope })\n }\n const containers = store.each(reg, ns.solid('instanceContainer'), null, index)\n for (const instance of containers) {\n await store.fetcher.load(instance)\n results.push({ instance: sym(instance.value), type: klass, scope })\n }\n }\n }\n return results\n }\n\n return {\n registerInTypeIndex,\n getRegistrations,\n loadTypeIndexesFor,\n loadCommunityTypeIndexes,\n loadAllTypeIndexes,\n getScopedAppInstances,\n getAppInstances,\n suggestPublicTypeIndex,\n suggestPrivateTypeIndex,\n deleteTypeIndexRegistration,\n getScopedAppsFromIndex\n }\n}\n","import { NamedNode, Statement, sym } from 'rdflib'\n\n/**\n * Container-related class\n */\nexport function createContainerLogic(store) {\n\n function getContainerElements(containerNode: NamedNode): NamedNode[] {\n return store\n .statementsMatching(\n containerNode,\n sym('http://www.w3.org/ns/ldp#contains'),\n undefined\n )\n .map((st: Statement) => st.object as NamedNode)\n }\n\n function isContainer(url: NamedNode) {\n const nodeToString = url.value\n return nodeToString.charAt(nodeToString.length - 1) === '/'\n }\n\n async function createContainer(url: string) {\n const stringToNode = sym(url)\n if (!isContainer(stringToNode)) {\n throw new Error(`Not a container URL ${url}`)\n }\n // Copied from https://github.com/solidos/solid-crud-tests/blob/v3.1.0/test/surface/create-container.test.ts#L56-L64\n const result = await store.fetcher._fetch(url, {\n method: 'PUT',\n headers: {\n 'Content-Type': 'text/turtle',\n 'If-None-Match': '*',\n Link: '; rel=\"type\"', // See https://github.com/solidos/node-solid-server/issues/1465\n },\n body: ' ', // work around https://github.com/michielbdejong/community-server/issues/4#issuecomment-776222863\n })\n if (result.status.toString()[0] !== '2') {\n throw new Error(`Not OK: got ${result.status} response while creating container at ${url}`)\n }\n }\n\n async function getContainerMembers(containerUrl: NamedNode): Promise {\n await store.fetcher.load(containerUrl)\n return getContainerElements(containerUrl)\n }\n return {\n isContainer,\n createContainer,\n getContainerElements,\n getContainerMembers\n }\n}","import { NamedNode, st, sym } from 'rdflib'\nimport { CrossOriginForbiddenError, FetchError, NotEditableError, SameOriginForbiddenError, UnauthorizedError, WebOperationError } from '../logic/CustomError'\nimport * as debug from '../util/debug'\nimport { differentOrigin } from './utils'\n\nexport function createUtilityLogic(store, aclLogic, containerLogic) {\n\n async function recursiveDelete(containerNode: NamedNode) {\n try {\n if (containerLogic.isContainer(containerNode)) {\n const aclDocUrl = await aclLogic.findAclDocUrl(containerNode)\n await store.fetcher._fetch(aclDocUrl, { method: 'DELETE' })\n const containerMembers = await containerLogic.getContainerMembers(containerNode)\n await Promise.all(\n containerMembers.map((url) => recursiveDelete(url))\n )\n }\n const nodeToStringHere = containerNode.value\n return store.fetcher._fetch(nodeToStringHere, { method: 'DELETE' })\n } catch (e) {\n debug.log(`Please manually remove ${containerNode.value} from your system.`, e)\n }\n }\n\n /**\n * Create a resource if it really does not exist\n * Be absolutely sure something does not exist before creating a new empty file\n * as otherwise existing could be deleted.\n * @param doc {NamedNode} - The resource\n */\n async function loadOrCreateIfNotExists(doc: NamedNode) {\n let response\n try {\n response = await store.fetcher.load(doc)\n } catch (err) {\n if (err.response.status === 404) {\n try {\n await store.fetcher.webOperation('PUT', doc, { data: '', contentType: 'text/turtle' })\n } catch (err) {\n const msg = 'createIfNotExists: PUT FAILED: ' + doc + ': ' + err\n throw new WebOperationError(msg)\n }\n await store.fetcher.load(doc)\n } else {\n if (err.response.status === 401) {\n throw new UnauthorizedError()\n }\n if (err.response.status === 403) {\n if (differentOrigin(doc)) {\n throw new CrossOriginForbiddenError()\n }\n throw new SameOriginForbiddenError()\n }\n const msg = 'createIfNotExists doc load error NOT 404: ' + doc + ': ' + err\n throw new FetchError(err.status, err.message + msg)\n }\n }\n return response\n }\n\n /* Follow link from this doc to another thing, or else make a new link\n **\n ** @returns existing object, or creates it if non existent\n */\n async function followOrCreateLink(subject: NamedNode, predicate: NamedNode,\n object: NamedNode, doc: NamedNode\n ): Promise {\n await store.fetcher.load(doc)\n const result = store.any(subject, predicate, null, doc)\n\n if (result) return result as NamedNode\n if (!store.updater.editable(doc)) {\n const msg = `followOrCreateLink: cannot edit ${doc.value}`\n debug.warn(msg)\n throw new NotEditableError(msg)\n }\n try {\n await store.updater.update([], [st(subject, predicate, object, doc)])\n } catch (err) {\n const msg = `followOrCreateLink: Error making link in ${doc} to ${object}: ${err}`\n debug.warn(msg)\n throw new WebOperationError(err)\n }\n\n try {\n await loadOrCreateIfNotExists(object)\n // store.fetcher.webOperation('PUT', object, { data: '', contentType: 'text/turtle'})\n } catch (err) {\n debug.warn(`followOrCreateLink: Error loading or saving new linked document: ${object}: ${err}`)\n throw err\n }\n return object\n }\n\n // Copied from https://github.com/solidos/web-access-control-tests/blob/v3.0.0/test/surface/delete.test.ts#L5\n async function setSinglePeerAccess(options: {\n ownerWebId: string,\n peerWebId: string,\n accessToModes?: string,\n defaultModes?: string,\n target: string\n }) {\n let str = [\n '@prefix acl: .',\n '',\n `<#alice> a acl:Authorization;\\n acl:agent <${options.ownerWebId}>;`,\n ` acl:accessTo <${options.target}>;`,\n ` acl:default <${options.target}>;`,\n ' acl:mode acl:Read, acl:Write, acl:Control.',\n ''\n ].join('\\n')\n if (options.accessToModes) {\n str += [\n '<#bobAccessTo> a acl:Authorization;',\n ` acl:agent <${options.peerWebId}>;`,\n ` acl:accessTo <${options.target}>;`,\n ` acl:mode ${options.accessToModes}.`,\n ''\n ].join('\\n')\n }\n if (options.defaultModes) {\n str += [\n '<#bobDefault> a acl:Authorization;',\n ` acl:agent <${options.peerWebId}>;`,\n ` acl:default <${options.target}>;`,\n ` acl:mode ${options.defaultModes}.`,\n ''\n ].join('\\n')\n }\n const aclDocUrl = await aclLogic.findAclDocUrl(sym(options.target))\n return store.fetcher._fetch(aclDocUrl, {\n method: 'PUT',\n body: str,\n headers: [\n ['Content-Type', 'text/turtle']\n ]\n })\n }\n\n async function createEmptyRdfDoc(doc: NamedNode, comment: string) {\n await store.fetcher.webOperation('PUT', doc.uri, {\n data: `# ${new Date()} ${comment}\n `,\n contentType: 'text/turtle',\n })\n }\n \n return {\n recursiveDelete,\n setSinglePeerAccess,\n createEmptyRdfDoc,\n followOrCreateLink,\n loadOrCreateIfNotExists\n }\n}\n\n","import { Session } from '../authSession/solidOidcAdapter'\nimport * as rdf from 'rdflib'\nimport { LiveStore, NamedNode, Statement } from 'rdflib'\nimport { createAclLogic } from '../acl/aclLogic'\nimport { SolidAuthnLogic } from '../authn/SolidAuthnLogic'\nimport { createChatLogic } from '../chat/chatLogic'\nimport { createInboxLogic } from '../inbox/inboxLogic'\nimport { createProfileLogic } from '../profile/profileLogic'\nimport { createTypeIndexLogic } from '../typeIndex/typeIndexLogic'\nimport { createContainerLogic } from '../util/containerLogic'\nimport { createUtilityLogic } from '../util/utilityLogic'\nimport { AuthnLogic, SolidLogic } from '../types'\nimport * as debug from '../util/debug'\n/*\n** It is important to distinquish `fetch`, a function provided by the browser\n** and `Fetcher`, a helper object for the rdflib Store which turns it\n** into a `ConnectedStore` or a `LiveStore`. A Fetcher object is\n** available at store.fetcher, and `fetch` function at `store.fetcher._fetch`,\n*/\nexport function createSolidLogic(specialFetch: { fetch: (url: any, requestInit: any) => any }, session: Session): SolidLogic {\n\n debug.log('SolidLogic: Unique instance created. There should only be one of these.')\n const store: LiveStore = rdf.graph() as LiveStore\n rdf.fetcher(store, {fetch: specialFetch.fetch}) // Attach a web I/O module, store.fetcher\n store.updater = new rdf.UpdateManager(store) // Add real-time live updates store.updater\n store.features = [] // disable automatic node merging on store load\n\n const authn: AuthnLogic = new SolidAuthnLogic(session)\n \n const acl = createAclLogic(store)\n const containerLogic = createContainerLogic(store)\n const utilityLogic = createUtilityLogic(store, acl, containerLogic)\n const profile = createProfileLogic(store, authn, utilityLogic)\n const chat = createChatLogic(store, profile)\n const inbox = createInboxLogic(store, profile, utilityLogic, containerLogic, acl)\n const typeIndex = createTypeIndexLogic(store, authn, profile, utilityLogic)\n debug.log('SolidAuthnLogic initialized')\n\n function load(doc: NamedNode | NamedNode[] | string) {\n return store.fetcher.load(doc)\n }\n\n // @@@@ use the one in rdflib.js when it is available and delete this\n function updatePromise(\n del: Array,\n ins: Array = []\n ): Promise {\n return new Promise((resolve, reject) => {\n store.updater.update(del, ins, function (_uri, ok, errorBody) {\n if (!ok) {\n reject(new Error(errorBody))\n } else {\n resolve()\n }\n }) // callback\n }) // promise\n }\n\n function clearStore() {\n store.statements.slice().forEach(store.remove.bind(store))\n }\n\n return {\n store,\n authn,\n acl,\n inbox,\n chat,\n profile,\n typeIndex,\n load,\n updatePromise,\n clearStore\n }\n}\n","import * as debug from '../util/debug'\nimport { authSession } from '../authSession/authSession'\nimport { createSolidLogic } from './solidLogic'\nimport { SolidLogic } from '../types'\n\nconst _fetch = async (url, requestInit) => {\n const omitCreds = requestInit && requestInit.credentials && requestInit.credentials == 'omit'\n if (authSession.info.webId && !omitCreds) { // see https://github.com/solidos/solidos/issues/114\n // In fact fetch should respect credentials omit itself\n return authSession.fetch(url, requestInit)\n } else {\n return window.fetch(url, requestInit)\n }\n}\n\n// Global singleton pattern to ensure unique store across library versions\nconst SINGLETON_SYMBOL = Symbol.for('solid-logic-singleton')\n\n// Type the global object properly with the singleton\ninterface GlobalWithSingleton {\n [SINGLETON_SYMBOL]?: SolidLogic\n}\n\nconst globalTarget = (typeof window !== 'undefined' ? window : global) as GlobalWithSingleton\n\nfunction getOrCreateSingleton(): SolidLogic {\n if (!globalTarget[SINGLETON_SYMBOL]) {\n debug.log('SolidLogic: Creating new global singleton instance.')\n globalTarget[SINGLETON_SYMBOL] = createSolidLogic({ fetch: _fetch }, authSession)\n debug.log('Unique quadstore initialized.')\n } else {\n debug.log('SolidLogic: Using existing global singleton instance.')\n }\n return globalTarget[SINGLETON_SYMBOL]!\n}\n//this const makes solidLogicSingleton global accessible in mashlib\nconst solidLogicSingleton = getOrCreateSingleton()\n\nexport { solidLogicSingleton }","const DEFAULT_ISSUERS = [\n {\n name: 'Solid Community',\n uri: 'https://solidcommunity.net'\n },\n {\n name: 'Solid Web',\n uri: 'https://solidweb.org'\n },\n {\n name: 'Solid Web ME',\n uri: 'https://solidweb.me'\n },\n {\n name: 'Inrupt.com',\n uri: 'https://login.inrupt.com'\n }\n]\n\n/**\n * @returns - A list of suggested OIDC issuers\n */\nexport function getSuggestedIssuers (): { name: string, uri: string }[] {\n // Suggest a default list of OIDC issuers\n const issuers = [...DEFAULT_ISSUERS]\n \n // Suggest the current host if not already included\n const { host, origin } = new URL(location.href)\n const hosts = issuers.map(({ uri }) => new URL(uri).host)\n if (!hosts.includes(host) && !hosts.some(existing => isSubdomainOf(host, existing))) {\n issuers.unshift({ name: host, uri: origin })\n }\n \n return issuers\n }\n \nfunction isSubdomainOf (subdomain: string, domain: string): boolean {\n const dot = subdomain.length - domain.length - 1\n return dot > 0 && subdomain[dot] === '.' && subdomain.endsWith(domain)\n}","// Make these variables directly accessible as it is what you need most of the time\n// This also makes these variable globaly accesible in mashlib\nimport { solidLogicSingleton } from './logic/solidLogicSingleton'\n\nconst authn = solidLogicSingleton.authn\nconst authSession = solidLogicSingleton.authn.authSession\nconst store = solidLogicSingleton.store\n\nexport { ACL_LINK } from './acl/aclLogic'\nexport { offlineTestID, appContext } from './authn/authUtil'\nexport { getSuggestedIssuers } from './issuer/issuerLogic'\nexport { createTypeIndexLogic } from './typeIndex/typeIndexLogic'\nexport type { AppDetails, SolidNamespace, AuthenticationContext, SolidLogic, ChatLogic } from './types'\nexport { UnauthorizedError, CrossOriginForbiddenError, SameOriginForbiddenError, NotFoundError, FetchError, NotEditableError, WebOperationError } from './logic/CustomError'\n\nexport {\n solidLogicSingleton, // solidLogicSingleton is exported entirely because it is used in solid-panes\n store,\n authn,\n authSession\n}\n\n"],"names":[],"ignoreList":[],"sourceRoot":""} \ No newline at end of file diff --git a/dist/solid-logic.esm.min.js b/dist/solid-logic.esm.min.js new file mode 100644 index 0000000..a838d55 --- /dev/null +++ b/dist/solid-logic.esm.min.js @@ -0,0 +1,22 @@ +import*as e from"rdflib";var t={386(e){const t={acl:"http://www.w3.org/ns/auth/acl#",arg:"http://www.w3.org/ns/pim/arg#",as:"https://www.w3.org/ns/activitystreams#",bookmark:"http://www.w3.org/2002/01/bookmark#",cal:"http://www.w3.org/2002/12/cal/ical#",cco:"http://www.ontologyrepository.com/CommonCoreOntologies/",cert:"http://www.w3.org/ns/auth/cert#",contact:"http://www.w3.org/2000/10/swap/pim/contact#",dc:"http://purl.org/dc/elements/1.1/",dct:"http://purl.org/dc/terms/",doap:"http://usefulinc.com/ns/doap#",foaf:"http://xmlns.com/foaf/0.1/",geo:"http://www.w3.org/2003/01/geo/wgs84_pos#",gpx:"http://www.w3.org/ns/pim/gpx#",gr:"http://purl.org/goodrelations/v1#",http:"http://www.w3.org/2007/ont/http#",httph:"http://www.w3.org/2007/ont/httph#",icalTZ:"http://www.w3.org/2002/12/cal/icaltzd#",ldp:"http://www.w3.org/ns/ldp#",link:"http://www.w3.org/2007/ont/link#",log:"http://www.w3.org/2000/10/swap/log#",meeting:"http://www.w3.org/ns/pim/meeting#",mo:"http://purl.org/ontology/mo/",org:"http://www.w3.org/ns/org#",owl:"http://www.w3.org/2002/07/owl#",pad:"http://www.w3.org/ns/pim/pad#",patch:"http://www.w3.org/ns/pim/patch#",prov:"http://www.w3.org/ns/prov#",pto:"http://www.productontology.org/id/",qu:"http://www.w3.org/2000/10/swap/pim/qif#",trip:"http://www.w3.org/ns/pim/trip#",rdf:"http://www.w3.org/1999/02/22-rdf-syntax-ns#",rdfs:"http://www.w3.org/2000/01/rdf-schema#",rss:"http://purl.org/rss/1.0/",sched:"http://www.w3.org/ns/pim/schedule#",schema:"http://schema.org/",sioc:"http://rdfs.org/sioc/ns#",skos:"http://www.w3.org/2004/02/skos/core#",solid:"http://www.w3.org/ns/solid/terms#",space:"http://www.w3.org/ns/pim/space#",stat:"http://www.w3.org/ns/posix/stat#",tab:"http://www.w3.org/2007/ont/link#",tabont:"http://www.w3.org/2007/ont/link#",ui:"http://www.w3.org/ns/ui#",vann:"http://purl.org/vocab/vann/",vcard:"http://www.w3.org/2006/vcard/ns#",wf:"http://www.w3.org/2005/01/wf/flow#",xsd:"http://www.w3.org/2001/XMLSchema#"};e.exports=function(e={namedNode:e=>e}){const r={};for(const n in t){const o=t[n];r[n]=function(t=""){return e.namedNode(o+t)}}return r}}},r={};function n(e){var o=r[e];if(void 0!==o)return o.exports;var a=r[e]={exports:{}};return t[e](a,a.exports,n),a.exports}function o(...e){console.log(...e)}function a(...e){console.warn(...e)}n.n=e=>{var t=e&&e.__esModule?()=>e.default:()=>e;return n.d(t,{a:t}),t},n.d=(e,t)=>{for(var r in t)n.o(t,r)&&!n.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},n.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),n.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t);const s=crypto,i=e=>e instanceof CryptoKey;function c(e,t,...r){if((r=r.filter(Boolean)).length>2){const t=r.pop();e+=`one of type ${r.join(", ")}, or ${t}.`}else 2===r.length?e+=`one of type ${r[0]} or ${r[1]}.`:e+=`of type ${r[0]}.`;return null==t?e+=` Received ${t}`:"function"==typeof t&&t.name?e+=` Received function ${t.name}`:"object"==typeof t&&null!=t&&t.constructor?.name&&(e+=` Received an instance of ${t.constructor.name}`),e}const d=(e,...t)=>c("Key must be ",e,...t);function l(e,t,...r){return c(`Key for the ${e} algorithm must be `,t,...r)}const h=new TextEncoder,u=new TextDecoder;function w(...e){const t=e.reduce((e,{length:t})=>e+t,0),r=new Uint8Array(t);let n=0;for(const t of e)r.set(t,n),n+=t.length;return r}const p=e=>(e=>{let t=e;"string"==typeof t&&(t=h.encode(t));const r=[];for(let e=0;e{let t=e;t instanceof Uint8Array&&(t=u.decode(t)),t=t.replace(/-/g,"+").replace(/_/g,"/").replace(/\s/g,"");try{return(e=>{const t=atob(e),r=new Uint8Array(t.length);for(let e=0;e!!i(e)||"KeyObject"===e?.[Symbol.toStringTag],m=["CryptoKey"],g=async e=>{if(e instanceof Uint8Array)return{kty:"oct",k:p(e)};if(!i(e))throw new TypeError(d(e,...m,"Uint8Array"));if(!e.extractable)throw new TypeError("non-extractable CryptoKey cannot be exported as a JWK");const{ext:t,key_ops:r,alg:n,use:o,...a}=await s.subtle.exportKey("jwk",e);return a};async function b(e){return g(e)}class _ extends Error{constructor(e,t){super(e,t),this.code="ERR_JOSE_GENERIC",this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor)}}_.code="ERR_JOSE_GENERIC";class S extends _{constructor(e,t,r="unspecified",n="unspecified"){super(e,{cause:{claim:r,reason:n,payload:t}}),this.code="ERR_JWT_CLAIM_VALIDATION_FAILED",this.claim=r,this.reason=n,this.payload=t}}S.code="ERR_JWT_CLAIM_VALIDATION_FAILED";class E extends _{constructor(e,t,r="unspecified",n="unspecified"){super(e,{cause:{claim:r,reason:n,payload:t}}),this.code="ERR_JWT_EXPIRED",this.claim=r,this.reason=n,this.payload=t}}E.code="ERR_JWT_EXPIRED";class v extends _{constructor(){super(...arguments),this.code="ERR_JOSE_ALG_NOT_ALLOWED"}}v.code="ERR_JOSE_ALG_NOT_ALLOWED";class k extends _{constructor(){super(...arguments),this.code="ERR_JOSE_NOT_SUPPORTED"}}k.code="ERR_JOSE_NOT_SUPPORTED";(class extends _{constructor(e="decryption operation failed",t){super(e,t),this.code="ERR_JWE_DECRYPTION_FAILED"}}).code="ERR_JWE_DECRYPTION_FAILED";(class extends _{constructor(){super(...arguments),this.code="ERR_JWE_INVALID"}}).code="ERR_JWE_INVALID";class A extends _{constructor(){super(...arguments),this.code="ERR_JWS_INVALID"}}A.code="ERR_JWS_INVALID";class I extends _{constructor(){super(...arguments),this.code="ERR_JWT_INVALID"}}I.code="ERR_JWT_INVALID";class P extends _{constructor(){super(...arguments),this.code="ERR_JWK_INVALID"}}P.code="ERR_JWK_INVALID";class T extends _{constructor(){super(...arguments),this.code="ERR_JWKS_INVALID"}}T.code="ERR_JWKS_INVALID";class x extends _{constructor(e="no applicable key found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_NO_MATCHING_KEY"}}x.code="ERR_JWKS_NO_MATCHING_KEY";class C extends _{constructor(e="multiple matching keys found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS"}}Symbol.asyncIterator,C.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS";class R extends _{constructor(e="request timed out",t){super(e,t),this.code="ERR_JWKS_TIMEOUT"}}R.code="ERR_JWKS_TIMEOUT";class W extends _{constructor(e="signature verification failed",t){super(e,t),this.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED"}}function $(e,t){const r=`SHA-${e.slice(-3)}`;switch(e){case"HS256":case"HS384":case"HS512":return{hash:r,name:"HMAC"};case"PS256":case"PS384":case"PS512":return{hash:r,name:"RSA-PSS",saltLength:e.slice(-3)>>3};case"RS256":case"RS384":case"RS512":return{hash:r,name:"RSASSA-PKCS1-v1_5"};case"ES256":case"ES384":case"ES512":return{hash:r,name:"ECDSA",namedCurve:t.namedCurve};case"Ed25519":return{name:"Ed25519"};case"EdDSA":return{name:t.name};default:throw new k(`alg ${e} is not supported either by JOSE or your javascript runtime`)}}W.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED";const U=(e,t)=>{if(e.startsWith("RS")||e.startsWith("PS")){const{modulusLength:r}=t.algorithm;if("number"!=typeof r||r<2048)throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`)}};function D(e,t="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`)}function O(e,t){return e.name===t}function H(e){return parseInt(e.name.slice(4),10)}function L(e,t){if(t.length&&!t.some(t=>e.usages.includes(t))){let e="CryptoKey does not support this operation, its usages must include ";if(t.length>2){const r=t.pop();e+=`one of ${t.join(", ")}, or ${r}.`}else 2===t.length?e+=`one of ${t[0]} or ${t[1]}.`:e+=`${t[0]}.`;throw new TypeError(e)}}function N(e,t,...r){switch(t){case"HS256":case"HS384":case"HS512":{if(!O(e.algorithm,"HMAC"))throw D("HMAC");const r=parseInt(t.slice(2),10);if(H(e.algorithm.hash)!==r)throw D(`SHA-${r}`,"algorithm.hash");break}case"RS256":case"RS384":case"RS512":{if(!O(e.algorithm,"RSASSA-PKCS1-v1_5"))throw D("RSASSA-PKCS1-v1_5");const r=parseInt(t.slice(2),10);if(H(e.algorithm.hash)!==r)throw D(`SHA-${r}`,"algorithm.hash");break}case"PS256":case"PS384":case"PS512":{if(!O(e.algorithm,"RSA-PSS"))throw D("RSA-PSS");const r=parseInt(t.slice(2),10);if(H(e.algorithm.hash)!==r)throw D(`SHA-${r}`,"algorithm.hash");break}case"EdDSA":if("Ed25519"!==e.algorithm.name&&"Ed448"!==e.algorithm.name)throw D("Ed25519 or Ed448");break;case"Ed25519":if(!O(e.algorithm,"Ed25519"))throw D("Ed25519");break;case"ES256":case"ES384":case"ES512":{if(!O(e.algorithm,"ECDSA"))throw D("ECDSA");const r=function(e){switch(e){case"ES256":return"P-256";case"ES384":return"P-384";case"ES512":return"P-521";default:throw new Error("unreachable")}}(t);if(e.algorithm.namedCurve!==r)throw D(r,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}L(e,r)}function J(e){if("object"!=typeof(t=e)||null===t||"[object Object]"!==Object.prototype.toString.call(e))return!1;var t;if(null===Object.getPrototypeOf(e))return!0;let r=e;for(;null!==Object.getPrototypeOf(r);)r=Object.getPrototypeOf(r);return Object.getPrototypeOf(e)===r}function K(e){return J(e)&&"string"==typeof e.kty}const j=async e=>{if(!e.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');const{algorithm:t,keyUsages:r}=function(e){let t,r;switch(e.kty){case"RSA":switch(e.alg){case"PS256":case"PS384":case"PS512":t={name:"RSA-PSS",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RS256":case"RS384":case"RS512":t={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":t={name:"RSA-OAEP",hash:`SHA-${parseInt(e.alg.slice(-3),10)||1}`},r=e.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"EC":switch(e.alg){case"ES256":t={name:"ECDSA",namedCurve:"P-256"},r=e.d?["sign"]:["verify"];break;case"ES384":t={name:"ECDSA",namedCurve:"P-384"},r=e.d?["sign"]:["verify"];break;case"ES512":t={name:"ECDSA",namedCurve:"P-521"},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:"ECDH",namedCurve:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"OKP":switch(e.alg){case"Ed25519":t={name:"Ed25519"},r=e.d?["sign"]:["verify"];break;case"EdDSA":t={name:e.crv},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;default:throw new k('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return{algorithm:t,keyUsages:r}}(e),n=[t,e.ext??!1,e.key_ops??r],o={...e};return delete o.alg,delete o.use,s.subtle.importKey("jwk",o,...n)},M=e=>f(e);let F,z;const V=e=>"KeyObject"===e?.[Symbol.toStringTag],q=async(e,t,r,n,o=!1)=>{let a=e.get(t);if(a?.[n])return a[n];const s=await j({...r,alg:n});return o&&Object.freeze(t),a?a[n]=s:e.set(t,{[n]:s}),s},B=(e,t)=>{if(V(e)){let r=e.export({format:"jwk"});return delete r.d,delete r.dp,delete r.dq,delete r.p,delete r.q,delete r.qi,r.k?M(r.k):(z||(z=new WeakMap),q(z,e,r,t))}if(K(e)){if(e.k)return f(e.k);z||(z=new WeakMap);return q(z,e,e,t,!0)}return e},G=(e,t)=>{if(V(e)){let r=e.export({format:"jwk"});return r.k?M(r.k):(F||(F=new WeakMap),q(F,e,r,t))}if(K(e)){if(e.k)return f(e.k);F||(F=new WeakMap);return q(F,e,e,t,!0)}return e};async function X(e,t,r){if("sign"===r&&(t=await G(t,e)),"verify"===r&&(t=await B(t,e)),i(t))return N(t,e,r),t;if(t instanceof Uint8Array){if(!e.startsWith("HS"))throw new TypeError(d(t,...m));return s.subtle.importKey("raw",t,{hash:`SHA-${e.slice(-3)}`,name:"HMAC"},!1,[r])}throw new TypeError(d(t,...m,"Uint8Array","JSON Web Key"))}const Y=async(e,t,r)=>{const n=await X(e,t,"sign");U(e,n);const o=await s.subtle.sign($(e,n.algorithm),n,r);return new Uint8Array(o)},Z=(...e)=>{const t=e.filter(Boolean);if(0===t.length||1===t.length)return!0;let r;for(const e of t){const t=Object.keys(e);if(r&&0!==r.size)for(const e of t){if(r.has(e))return!1;r.add(e)}else r=new Set(t)}return!0},Q=e=>e?.[Symbol.toStringTag],ee=(e,t,r)=>{if(void 0!==t.use&&"sig"!==t.use)throw new TypeError("Invalid key for this operation, when present its use must be sig");if(void 0!==t.key_ops&&!0!==t.key_ops.includes?.(r))throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${r}`);if(void 0!==t.alg&&t.alg!==e)throw new TypeError(`Invalid key for this operation, when present its alg must be ${e}`);return!0},te=(e,t,r,n)=>{if(!(t instanceof Uint8Array)){if(n&&K(t)){if(function(e){return K(e)&&"oct"===e.kty&&"string"==typeof e.k}(t)&&ee(e,t,r))return;throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present')}if(!y(t))throw new TypeError(l(e,t,...m,"Uint8Array",n?"JSON Web Key":null));if("secret"!==t.type)throw new TypeError(`${Q(t)} instances for symmetric algorithms must be of type "secret"`)}};function re(e,t,r,n){t.startsWith("HS")||"dir"===t||t.startsWith("PBES2")||/^A\d{3}(?:GCM)?KW$/.test(t)?te(t,r,n,e):((e,t,r,n)=>{if(n&&K(t))switch(r){case"sign":if(function(e){return"oct"!==e.kty&&"string"==typeof e.d}(t)&&ee(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a private JWK");case"verify":if(function(e){return"oct"!==e.kty&&void 0===e.d}(t)&&ee(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a public JWK")}if(!y(t))throw new TypeError(l(e,t,...m,n?"JSON Web Key":null));if("secret"===t.type)throw new TypeError(`${Q(t)} instances for asymmetric algorithms must not be of type "secret"`);if("sign"===r&&"public"===t.type)throw new TypeError(`${Q(t)} instances for asymmetric algorithm signing must be of type "private"`);if("decrypt"===r&&"public"===t.type)throw new TypeError(`${Q(t)} instances for asymmetric algorithm decryption must be of type "private"`);if(t.algorithm&&"verify"===r&&"private"===t.type)throw new TypeError(`${Q(t)} instances for asymmetric algorithm verifying must be of type "public"`);if(t.algorithm&&"encrypt"===r&&"private"===t.type)throw new TypeError(`${Q(t)} instances for asymmetric algorithm encryption must be of type "public"`)})(t,r,n,e)}re.bind(void 0,!1);const ne=re.bind(void 0,!0);const oe=function(e,t,r,n,o){if(void 0!==o.crit&&void 0===n?.crit)throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');if(!n||void 0===n.crit)return new Set;if(!Array.isArray(n.crit)||0===n.crit.length||n.crit.some(e=>"string"!=typeof e||0===e.length))throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let a;a=void 0!==r?new Map([...Object.entries(r),...t.entries()]):t;for(const t of n.crit){if(!a.has(t))throw new k(`Extension Header Parameter "${t}" is not recognized`);if(void 0===o[t])throw new e(`Extension Header Parameter "${t}" is missing`);if(a.get(t)&&void 0===n[t])throw new e(`Extension Header Parameter "${t}" MUST be integrity protected`)}return new Set(n.crit)};class ae{constructor(e){if(!(e instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");this._payload=e}setProtectedHeader(e){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=e,this}setUnprotectedHeader(e){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=e,this}async sign(e,t){if(!this._protectedHeader&&!this._unprotectedHeader)throw new A("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!Z(this._protectedHeader,this._unprotectedHeader))throw new A("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const r={...this._protectedHeader,...this._unprotectedHeader};let n=!0;if(oe(A,new Map([["b64",!0]]),t?.crit,this._protectedHeader,r).has("b64")&&(n=this._protectedHeader.b64,"boolean"!=typeof n))throw new A('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:o}=r;if("string"!=typeof o||!o)throw new A('JWS "alg" (Algorithm) Header Parameter missing or invalid');ne(o,e,"sign");let a,s=this._payload;n&&(s=h.encode(p(s))),a=this._protectedHeader?h.encode(p(JSON.stringify(this._protectedHeader))):h.encode("");const i=w(a,h.encode("."),s),c=await Y(o,e,i),d={signature:p(c),payload:""};return n&&(d.payload=u.decode(s)),this._unprotectedHeader&&(d.header=this._unprotectedHeader),this._protectedHeader&&(d.protected=u.decode(a)),d}}class se{constructor(e){this._flattened=new ae(e)}setProtectedHeader(e){return this._flattened.setProtectedHeader(e),this}async sign(e,t){const r=await this._flattened.sign(e,t);if(void 0===r.payload)throw new TypeError("use the flattened module for creating JWS with b64: false");return`${r.protected}.${r.payload}.${r.signature}`}}const ie=e=>Math.floor(e.getTime()/1e3),ce=86400,de=/^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i,le=e=>{const t=de.exec(e);if(!t||t[4]&&t[1])throw new TypeError("Invalid time period format");const r=parseFloat(t[2]);let n;switch(t[3].toLowerCase()){case"sec":case"secs":case"second":case"seconds":case"s":n=Math.round(r);break;case"minute":case"minutes":case"min":case"mins":case"m":n=Math.round(60*r);break;case"hour":case"hours":case"hr":case"hrs":case"h":n=Math.round(3600*r);break;case"day":case"days":case"d":n=Math.round(r*ce);break;case"week":case"weeks":case"w":n=Math.round(604800*r);break;default:n=Math.round(31557600*r)}return"-"===t[1]||"ago"===t[4]?-n:n};function he(e,t){if(!Number.isFinite(t))throw new TypeError(`Invalid ${e} input`);return t}class ue{constructor(e={}){if(!J(e))throw new TypeError("JWT Claims Set MUST be an object");this._payload=e}setIssuer(e){return this._payload={...this._payload,iss:e},this}setSubject(e){return this._payload={...this._payload,sub:e},this}setAudience(e){return this._payload={...this._payload,aud:e},this}setJti(e){return this._payload={...this._payload,jti:e},this}setNotBefore(e){return"number"==typeof e?this._payload={...this._payload,nbf:he("setNotBefore",e)}:e instanceof Date?this._payload={...this._payload,nbf:he("setNotBefore",ie(e))}:this._payload={...this._payload,nbf:ie(new Date)+le(e)},this}setExpirationTime(e){return"number"==typeof e?this._payload={...this._payload,exp:he("setExpirationTime",e)}:e instanceof Date?this._payload={...this._payload,exp:he("setExpirationTime",ie(e))}:this._payload={...this._payload,exp:ie(new Date)+le(e)},this}setIssuedAt(e){return void 0===e?this._payload={...this._payload,iat:ie(new Date)}:e instanceof Date?this._payload={...this._payload,iat:he("setIssuedAt",ie(e))}:this._payload="string"==typeof e?{...this._payload,iat:he("setIssuedAt",ie(new Date)+le(e))}:{...this._payload,iat:he("setIssuedAt",e)},this}}class we extends ue{setProtectedHeader(e){return this._protectedHeader=e,this}async sign(e,t){const r=new se(h.encode(JSON.stringify(this._payload)));if(r.setProtectedHeader(this._protectedHeader),Array.isArray(this._protectedHeader?.crit)&&this._protectedHeader.crit.includes("b64")&&!1===this._protectedHeader.b64)throw new I("JWTs MUST NOT use unencoded payload");return r.sign(e,t)}}const pe=async(e,t,r)=>{let n,o,a=!1;"function"==typeof AbortController&&(n=new AbortController,o=setTimeout(()=>{a=!0,n.abort()},t));const s=await fetch(e.href,{signal:n?n.signal:void 0,redirect:"manual",headers:r.headers}).catch(e=>{if(a)throw new R;throw e});if(void 0!==o&&clearTimeout(o),200!==s.status)throw new _("Expected 200 OK from the JSON Web Key Set HTTP response");try{return await s.json()}catch{throw new _("Failed to parse the JSON Web Key Set HTTP response as JSON")}};async function fe(e,t){if(!J(e))throw new TypeError("JWK must be an object");switch(t||(t=e.alg),e.kty){case"oct":if("string"!=typeof e.k||!e.k)throw new TypeError('missing "k" (Key Value) Parameter value');return f(e.k);case"RSA":if("oth"in e&&void 0!==e.oth)throw new k('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');case"EC":case"OKP":return j({...e,alg:t});default:throw new k('Unsupported "kty" (Key Type) Parameter value')}}function ye(e){return J(e)}function me(e){return"function"==typeof structuredClone?structuredClone(e):JSON.parse(JSON.stringify(e))}class ge{constructor(e){if(this._cached=new WeakMap,!function(e){return e&&"object"==typeof e&&Array.isArray(e.keys)&&e.keys.every(ye)}(e))throw new T("JSON Web Key Set malformed");this._jwks=me(e)}async getKey(e,t){const{alg:r,kid:n}={...e,...t?.header},o=function(e){switch("string"==typeof e&&e.slice(0,2)){case"RS":case"PS":return"RSA";case"ES":return"EC";case"Ed":return"OKP";default:throw new k('Unsupported "alg" value for a JSON Web Key Set')}}(r),a=this._jwks.keys.filter(e=>{let t=o===e.kty;if(t&&"string"==typeof n&&(t=n===e.kid),t&&"string"==typeof e.alg&&(t=r===e.alg),t&&"string"==typeof e.use&&(t="sig"===e.use),t&&Array.isArray(e.key_ops)&&(t=e.key_ops.includes("verify")),t)switch(r){case"ES256":t="P-256"===e.crv;break;case"ES256K":t="secp256k1"===e.crv;break;case"ES384":t="P-384"===e.crv;break;case"ES512":t="P-521"===e.crv;break;case"Ed25519":t="Ed25519"===e.crv;break;case"EdDSA":t="Ed25519"===e.crv||"Ed448"===e.crv}return t}),{0:s,length:i}=a;if(0===i)throw new x;if(1!==i){const e=new C,{_cached:t}=this;throw e[Symbol.asyncIterator]=async function*(){for(const e of a)try{yield await be(t,e,r)}catch{}},e}return be(this._cached,s,r)}}async function be(e,t,r){const n=e.get(t)||e.set(t,{}).get(t);if(void 0===n[r]){const e=await fe({...t,ext:!0},r);if(e instanceof Uint8Array||"public"!==e.type)throw new T("JSON Web Key Set members must be public keys");n[r]=e}return n[r]}function _e(e){const t=new ge(e),r=async(e,r)=>t.getKey(e,r);return Object.defineProperties(r,{jwks:{value:()=>me(t._jwks),enumerable:!0,configurable:!1,writable:!1}}),r}let Se;if("undefined"==typeof navigator||!navigator.userAgent?.startsWith?.("Mozilla/5.0 ")){Se=`${"jose"}/${"v5.10.0"}`}const Ee=Symbol();class ve{constructor(e,t){if(!(e instanceof URL))throw new TypeError("url must be an instance of URL");var r,n;this._url=new URL(e.href),this._options={agent:t?.agent,headers:t?.headers},this._timeoutDuration="number"==typeof t?.timeoutDuration?t?.timeoutDuration:5e3,this._cooldownDuration="number"==typeof t?.cooldownDuration?t?.cooldownDuration:3e4,this._cacheMaxAge="number"==typeof t?.cacheMaxAge?t?.cacheMaxAge:6e5,void 0!==t?.[Ee]&&(this._cache=t?.[Ee],r=t?.[Ee],n=this._cacheMaxAge,"object"==typeof r&&null!==r&&"uat"in r&&"number"==typeof r.uat&&!(Date.now()-r.uat>=n)&&"jwks"in r&&J(r.jwks)&&Array.isArray(r.jwks.keys)&&Array.prototype.every.call(r.jwks.keys,J)&&(this._jwksTimestamp=this._cache.uat,this._local=_e(this._cache.jwks)))}coolingDown(){return"number"==typeof this._jwksTimestamp&&Date.now(){this._local=_e(e),this._cache&&(this._cache.uat=Date.now(),this._cache.jwks=e),this._jwksTimestamp=Date.now(),this._pendingFetch=void 0}).catch(e=>{throw this._pendingFetch=void 0,e})),await this._pendingFetch}}const ke=async(e,t,r,n)=>{const o=await X(e,t,"verify");U(e,o);const a=$(e,o.algorithm);try{return await s.subtle.verify(a,o,r,n)}catch{return!1}},Ae=(e,t)=>{if(void 0!==t&&(!Array.isArray(t)||t.some(e=>"string"!=typeof e)))throw new TypeError(`"${e}" option must be an array of strings`);if(t)return new Set(t)};async function Ie(e,t,r){if(e instanceof Uint8Array&&(e=u.decode(e)),"string"!=typeof e)throw new A("Compact JWS must be a string or Uint8Array");const{0:n,1:o,2:a,length:s}=e.split(".");if(3!==s)throw new A("Invalid Compact JWS");const i=await async function(e,t,r){if(!J(e))throw new A("Flattened JWS must be an object");if(void 0===e.protected&&void 0===e.header)throw new A('Flattened JWS must have either of the "protected" or "header" members');if(void 0!==e.protected&&"string"!=typeof e.protected)throw new A("JWS Protected Header incorrect type");if(void 0===e.payload)throw new A("JWS Payload missing");if("string"!=typeof e.signature)throw new A("JWS Signature missing or incorrect type");if(void 0!==e.header&&!J(e.header))throw new A("JWS Unprotected Header incorrect type");let n={};if(e.protected)try{const t=f(e.protected);n=JSON.parse(u.decode(t))}catch{throw new A("JWS Protected Header is invalid")}if(!Z(n,e.header))throw new A("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const o={...n,...e.header};let a=!0;if(oe(A,new Map([["b64",!0]]),r?.crit,n,o).has("b64")&&(a=n.b64,"boolean"!=typeof a))throw new A('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:s}=o;if("string"!=typeof s||!s)throw new A('JWS "alg" (Algorithm) Header Parameter missing or invalid');const i=r&&Ae("algorithms",r.algorithms);if(i&&!i.has(s))throw new v('"alg" (Algorithm) Header Parameter value not allowed');if(a){if("string"!=typeof e.payload)throw new A("JWS Payload must be a string")}else if("string"!=typeof e.payload&&!(e.payload instanceof Uint8Array))throw new A("JWS Payload must be a string or an Uint8Array instance");let c=!1;"function"==typeof t?(t=await t(n,e),c=!0,ne(s,t,"verify"),K(t)&&(t=await fe(t,s))):ne(s,t,"verify");const d=w(h.encode(e.protected??""),h.encode("."),"string"==typeof e.payload?h.encode(e.payload):e.payload);let l,p;try{l=f(e.signature)}catch{throw new A("Failed to base64url decode the signature")}if(!await ke(s,t,l,d))throw new W;if(a)try{p=f(e.payload)}catch{throw new A("Failed to base64url decode the payload")}else p="string"==typeof e.payload?h.encode(e.payload):e.payload;const y={payload:p};return void 0!==e.protected&&(y.protectedHeader=n),void 0!==e.header&&(y.unprotectedHeader=e.header),c?{...y,key:t}:y}({payload:o,protected:n,signature:a},t,r),c={payload:i.payload,protectedHeader:i.protectedHeader};return"function"==typeof t?{...c,key:i.key}:c}const Pe=e=>e.toLowerCase().replace(/^application\//,""),Te=(e,t,r={})=>{let n;try{n=JSON.parse(u.decode(t))}catch{}if(!J(n))throw new I("JWT Claims Set must be a top-level JSON object");const{typ:o}=r;if(o&&("string"!=typeof e.typ||Pe(e.typ)!==Pe(o)))throw new S('unexpected "typ" JWT header value',n,"typ","check_failed");const{requiredClaims:a=[],issuer:s,subject:i,audience:c,maxTokenAge:d}=r,l=[...a];void 0!==d&&l.push("iat"),void 0!==c&&l.push("aud"),void 0!==i&&l.push("sub"),void 0!==s&&l.push("iss");for(const e of new Set(l.reverse()))if(!(e in n))throw new S(`missing required "${e}" claim`,n,e,"missing");if(s&&!(Array.isArray(s)?s:[s]).includes(n.iss))throw new S('unexpected "iss" claim value',n,"iss","check_failed");if(i&&n.sub!==i)throw new S('unexpected "sub" claim value',n,"sub","check_failed");if(c&&(h=n.aud,w="string"==typeof c?[c]:c,!("string"==typeof h?w.includes(h):Array.isArray(h)&&w.some(Set.prototype.has.bind(new Set(h))))))throw new S('unexpected "aud" claim value',n,"aud","check_failed");var h,w;let p;switch(typeof r.clockTolerance){case"string":p=le(r.clockTolerance);break;case"number":p=r.clockTolerance;break;case"undefined":p=0;break;default:throw new TypeError("Invalid clockTolerance option type")}const{currentDate:f}=r,y=ie(f||new Date);if((void 0!==n.iat||d)&&"number"!=typeof n.iat)throw new S('"iat" claim must be a number',n,"iat","invalid");if(void 0!==n.nbf){if("number"!=typeof n.nbf)throw new S('"nbf" claim must be a number',n,"nbf","invalid");if(n.nbf>y+p)throw new S('"nbf" claim timestamp check failed',n,"nbf","check_failed")}if(void 0!==n.exp){if("number"!=typeof n.exp)throw new S('"exp" claim must be a number',n,"exp","invalid");if(n.exp<=y-p)throw new E('"exp" claim timestamp check failed',n,"exp","check_failed")}if(d){const e=y-n.iat;if(e-p>("number"==typeof d?d:le(d)))throw new E('"iat" claim timestamp check failed (too far in the past)',n,"iat","check_failed");if(e<0-p)throw new S('"iat" claim timestamp check failed (it should be in the past)',n,"iat","check_failed")}return n};const xe=async(e,t)=>{const r=`SHA-${e.slice(-3)}`;return new Uint8Array(await s.subtle.digest(r,t))},Ce=(e,t)=>{if("string"!=typeof e||!e)throw new P(`${t} missing or invalid`)};async function Re(e,t){if(!J(e))throw new TypeError("JWK must be an object");if(t??(t="sha256"),"sha256"!==t&&"sha384"!==t&&"sha512"!==t)throw new TypeError('digestAlgorithm must one of "sha256", "sha384", or "sha512"');let r;switch(e.kty){case"EC":Ce(e.crv,'"crv" (Curve) Parameter'),Ce(e.x,'"x" (X Coordinate) Parameter'),Ce(e.y,'"y" (Y Coordinate) Parameter'),r={crv:e.crv,kty:e.kty,x:e.x,y:e.y};break;case"OKP":Ce(e.crv,'"crv" (Subtype of Key Pair) Parameter'),Ce(e.x,'"x" (Public Key) Parameter'),r={crv:e.crv,kty:e.kty,x:e.x};break;case"RSA":Ce(e.e,'"e" (Exponent) Parameter'),Ce(e.n,'"n" (Modulus) Parameter'),r={e:e.e,kty:e.kty,n:e.n};break;case"oct":Ce(e.k,'"k" (Key Value) Parameter'),r={k:e.k,kty:e.kty};break;default:throw new k('"kty" (Key Type) Parameter missing or unsupported')}const n=h.encode(JSON.stringify(r));return p(await xe(t,n))}function We(e){const t=e?.modulusLength??2048;if("number"!=typeof t||t<2048)throw new k("Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used");return t}async function $e(e,t){return async function(e,t){let r,n;switch(e){case"PS256":case"PS384":case"PS512":r={name:"RSA-PSS",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:We(t)},n=["sign","verify"];break;case"RS256":case"RS384":case"RS512":r={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:We(t)},n=["sign","verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":r={name:"RSA-OAEP",hash:`SHA-${parseInt(e.slice(-3),10)||1}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:We(t)},n=["decrypt","unwrapKey","encrypt","wrapKey"];break;case"ES256":r={name:"ECDSA",namedCurve:"P-256"},n=["sign","verify"];break;case"ES384":r={name:"ECDSA",namedCurve:"P-384"},n=["sign","verify"];break;case"ES512":r={name:"ECDSA",namedCurve:"P-521"},n=["sign","verify"];break;case"Ed25519":r={name:"Ed25519"},n=["sign","verify"];break;case"EdDSA":{n=["sign","verify"];const e=t?.crv??"Ed25519";switch(e){case"Ed25519":case"Ed448":r={name:e};break;default:throw new k("Invalid or unsupported crv option provided")}break}case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{n=["deriveKey","deriveBits"];const e=t?.crv??"P-256";switch(e){case"P-256":case"P-384":case"P-521":r={name:"ECDH",namedCurve:e};break;case"X25519":case"X448":r={name:e};break;default:throw new k("Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448")}break}default:throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}return s.subtle.generateKey(r,t?.extractable??!1,n)}(e,t)}const Ue=f; +/** + * solid-oidc.js - Minimal Solid-OIDC client for browsers + * + * A zero-build, single-file Solid-OIDC authentication library. + * + * @license MIT + * @author JavaScriptSolidServer + * @see https://github.com/JavaScriptSolidServer/solid-oidc + * + * Based on solid-oidc-client-browser by uvdsl (Christoph Braun) + * @see https://github.com/uvdsl/solid-oidc-client-browser + * + * Implements: + * - RFC 6749 - OAuth 2.0 + * - RFC 7636 - PKCE + * - RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification + * - RFC 9449 - DPoP (Demonstration of Proof-of-Possession) + * - Solid-OIDC Specification + */ +const De="sessionStateChange",Oe="sessionExpirationWarning",He="sessionExpiration";class Le{constructor(e="solid-oidc",t="session",r=1){this.dbName=e,this.storeName=t,this.dbVersion=r,this.db=null}async init(){return new Promise((e,t)=>{const r=indexedDB.open(this.dbName,this.dbVersion);r.onerror=()=>t(new Error(`Database error: ${r.error}`)),r.onsuccess=()=>{this.db=r.result,e(this)},r.onupgradeneeded=e=>{const t=e.target.result;t.objectStoreNames.contains(this.storeName)||t.createObjectStore(this.storeName)}})}async setItem(e,t){return this.db||await this.init(),new Promise((r,n)=>{const o=this.db.transaction(this.storeName,"readwrite");o.oncomplete=()=>r(),o.onerror=()=>n(new Error(`Transaction error: ${o.error}`)),o.objectStore(this.storeName).put(t,e)})}async getItem(e){return this.db||await this.init(),new Promise((t,r)=>{const n=this.db.transaction(this.storeName,"readonly");n.onerror=()=>r(new Error(`Transaction error: ${n.error}`));const o=n.objectStore(this.storeName).get(e);o.onsuccess=()=>t(o.result||null)})}async deleteItem(e){return this.db||await this.init(),new Promise((t,r)=>{const n=this.db.transaction(this.storeName,"readwrite");n.oncomplete=()=>t(),n.onerror=()=>r(new Error(`Transaction error: ${n.error}`)),n.objectStore(this.storeName).delete(e)})}async clear(){return this.db||await this.init(),new Promise((e,t)=>{const r=this.db.transaction(this.storeName,"readwrite");r.oncomplete=()=>e(),r.onerror=()=>t(new Error(`Transaction error: ${r.error}`)),r.objectStore(this.storeName).clear()})}close(){this.db&&(this.db.close(),this.db=null)}}async function Ne(e,t,r,n=null){const o=await b(e.publicKey),a={htu:t,htm:r};return n&&(a.ath=n),new we(a).setIssuedAt().setJti(crypto.randomUUID()).setProtectedHeader({alg:"ES256",typ:"dpop+jwt",jwk:o}).sign(e.privateKey)}async function Je(e,t,r){const n=await Ne(r,e,"POST"),o=await fetch(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",DPoP:n},body:new URLSearchParams(t)});if(!o.ok)throw new Error(`Token request failed: ${o.status}`);return o.json()}async function Ke(e,t,r,n,o){const a=function(e,t){const r=new ve(e,t),n=async(e,t)=>r.getKey(e,t);return Object.defineProperties(n,{coolingDown:{get:()=>r.coolingDown(),enumerable:!0,configurable:!1},fresh:{get:()=>r.fresh(),enumerable:!0,configurable:!1},reload:{value:()=>r.reload(),enumerable:!0,configurable:!1,writable:!1},reloading:{get:()=>!!r._pendingFetch,enumerable:!0,configurable:!1},jwks:{value:()=>r._local?.jwks(),enumerable:!0,configurable:!1,writable:!1}}),n}(new URL(t)),{payload:s}=await async function(e,t,r){const n=await Ie(e,t,r);if(n.protectedHeader.crit?.includes("b64")&&!1===n.protectedHeader.b64)throw new I("JWTs MUST NOT use unencoded payload");const o={payload:Te(n.protectedHeader,n.payload,r),protectedHeader:n.protectedHeader};return"function"==typeof t?{...o,key:n.key}:o}(e,a,{issuer:r,audience:"solid"}),i=await Re(await b(o.publicKey));if(s.cnf?.jkt!==i)throw new Error("DPoP thumbprint mismatch");if(s.client_id!==n)throw new Error("client_id mismatch");return s}class je extends EventTarget{constructor(e={}){super(),this.clientId=e.clientId||null,this.database=e.database||new Le,this.onStateChange=e.onStateChange||null,this.onExpirationWarning=e.onExpirationWarning||null,this.onExpiration=e.onExpiration||null,this._isActive=!1,this._webId=null,this._exp=null,this._ath=null,this._tokens=null,this._idpDetails=null,this._refreshPromise=null,this.onStateChange&&this.addEventListener(De,this.onStateChange),this.onExpirationWarning&&this.addEventListener(Oe,this.onExpirationWarning),this.onExpiration&&this.addEventListener(He,this.onExpiration)}get isActive(){return this._isActive}get webId(){return this._webId}isExpired(){return!this._exp||Math.floor(Date.now()/1e3)>=this._exp}getExpiresIn(){return this._exp?this._exp-Math.floor(Date.now()/1e3):-1}async login(e,t){const r=new URL(t),n=r.origin+r.pathname+r.search,o=await async function(e){const t=new URL(e).origin,r=await fetch(`${t}/.well-known/openid-configuration`);if(!r.ok)throw new Error(`OIDC discovery failed: ${r.status}`);return r.json()}(e),a=o.issuer,s=e=>e.endsWith("/")?e.slice(0,-1):e;if(s(e)!==s(a))throw new Error(`Issuer mismatch: ${a} !== ${e}`);sessionStorage.setItem("solid_oidc_idp",a),sessionStorage.setItem("solid_oidc_token_endpoint",o.token_endpoint),sessionStorage.setItem("solid_oidc_jwks_uri",o.jwks_uri);let i=this.clientId;if(!i){i=(await async function(e,t){const r=await fetch(e,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({application_type:"web",redirect_uris:t,token_endpoint_auth_method:"none",grant_types:["authorization_code","refresh_token"],response_types:["code"],scope:"openid offline_access webid"})});if(!r.ok)throw new Error(`Client registration failed: ${r.status}`);return r.json()}(o.registration_endpoint,[n])).client_id,sessionStorage.setItem("solid_oidc_client_id",i)}const c=await async function(){const e=crypto.randomUUID()+"-"+crypto.randomUUID(),t=new Uint8Array(await crypto.subtle.digest("SHA-256",(new TextEncoder).encode(e)));return{verifier:e,challenge:btoa(String.fromCharCode(...t)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}}();sessionStorage.setItem("solid_oidc_pkce_verifier",c.verifier);const d=crypto.randomUUID();sessionStorage.setItem("solid_oidc_csrf",d);const l=new URL(o.authorization_endpoint);l.searchParams.set("response_type","code"),l.searchParams.set("redirect_uri",n),l.searchParams.set("scope","openid offline_access webid"),l.searchParams.set("client_id",i),l.searchParams.set("code_challenge_method","S256"),l.searchParams.set("code_challenge",c.challenge),l.searchParams.set("state",d),l.searchParams.set("prompt","consent"),window.location.href=l.toString()}async handleRedirectFromLogin(){const e=new URL(window.location.href),t=e.searchParams.get("code");if(!t)return;const r=sessionStorage.getItem("solid_oidc_idp"),n=e.searchParams.get("iss");if(!r||n!==r)throw new Error(`Issuer mismatch: ${n} !== ${r}`);const o=sessionStorage.getItem("solid_oidc_csrf");if(e.searchParams.get("state")!==o)throw new Error("CSRF token mismatch");e.searchParams.delete("code"),e.searchParams.delete("iss"),e.searchParams.delete("state"),window.history.replaceState({},document.title,e.toString());const a=sessionStorage.getItem("solid_oidc_pkce_verifier"),s=sessionStorage.getItem("solid_oidc_token_endpoint"),i=sessionStorage.getItem("solid_oidc_jwks_uri"),c=this.clientId||sessionStorage.getItem("solid_oidc_client_id");if(!a||!s||!c)throw new Error("Missing session data");const d=await $e("ES256"),l=await Je(s,{grant_type:"authorization_code",code:t,code_verifier:a,redirect_uri:e.origin+e.pathname,client_id:c},d);await Ke(l.access_token,i,r,c,d),this._idpDetails={idp:r,jwksUri:i,tokenEndpoint:s},await this.database.init(),await Promise.all([this.database.setItem("idp",r),this.database.setItem("jwks_uri",i),this.database.setItem("token_endpoint",s),this.database.setItem("client_id",c),this.database.setItem("dpop_keypair",d),this.database.setItem("refresh_token",l.refresh_token)]),this.database.close(),sessionStorage.removeItem("solid_oidc_idp"),sessionStorage.removeItem("solid_oidc_token_endpoint"),sessionStorage.removeItem("solid_oidc_jwks_uri"),sessionStorage.removeItem("solid_oidc_client_id"),sessionStorage.removeItem("solid_oidc_pkce_verifier"),sessionStorage.removeItem("solid_oidc_csrf"),await this._setTokens({...l,dpop_key_pair:d}),this._dispatchStateChange()}async restore(){return this._refreshPromise||(this._refreshPromise=(async()=>{try{const e=await async function(e){await e.init();const[t,r,n,o]=await Promise.all([e.getItem("refresh_token"),e.getItem("token_endpoint"),e.getItem("client_id"),e.getItem("dpop_keypair")]);if(!(t&&r&&n&&o))throw new Error("Missing refresh data");const a=await Je(r,{grant_type:"refresh_token",refresh_token:t,client_id:n},o);return a.refresh_token&&await e.setItem("refresh_token",a.refresh_token),e.close(),{...a,dpop_key_pair:o}}(this.database);await this._setTokens(e),this._dispatchStateChange()}catch(e){throw this._isActive&&(this.isExpired()?this._dispatchExpiration():this._dispatchExpirationWarning()),e}finally{this._refreshPromise=null}})()),this._refreshPromise}async logout(){this._isActive=!1,this._webId=null,this._exp=null,this._ath=null,this._tokens=null,this._idpDetails=null,await this.database.init(),await this.database.clear(),this.database.close(),this._dispatchStateChange()}async authFetch(e,t={}){if(!this._isActive)return fetch(e,t);let r,n,o;this.isExpired()&&await this.restore(),e instanceof Request?(r=new URL(e.url),n=t.method||e.method||"GET",o=new Headers(e.headers)):(r=new URL(e.toString()),n=t.method||"GET",o=t.headers?new Headers(t.headers):new Headers);const a=await Ne(this._tokens.dpop_key_pair,`${r.origin}${r.pathname}`,n.toUpperCase(),this._ath);return o.set("DPoP",a),o.set("Authorization",`DPoP ${this._tokens.access_token}`),e instanceof Request?fetch(new Request(e,{...t,headers:o})):fetch(r,{...t,headers:o})}async _setTokens(e){this._tokens=e;const t=function(e){if("string"!=typeof e)throw new I("JWTs must use Compact JWS serialization, JWT must be a string");const{1:t,length:r}=e.split(".");if(5===r)throw new I("Only JWTs using Compact JWS serialization can be decoded");if(3!==r)throw new I("Invalid JWT");if(!t)throw new I("JWTs must contain a payload");let n,o;try{n=Ue(t)}catch{throw new I("Failed to base64url decode the payload")}try{o=JSON.parse(u.decode(n))}catch{throw new I("Failed to parse the decoded payload as JSON")}if(!J(o))throw new I("Invalid JWT Claims Set");return o}(e.access_token);if(!t.webid)throw new Error("Missing webid claim");if(!t.exp)throw new Error("Missing exp claim");this._ath=await async function(e){const t=(new TextEncoder).encode(e),r=await crypto.subtle.digest("SHA-256",t),n=Array.from(new Uint8Array(r));return btoa(String.fromCharCode(...n)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}(e.access_token),this._webId=t.webid,this._exp=t.exp,this._isActive=!0}_dispatchStateChange(){this.dispatchEvent(new CustomEvent(De,{detail:{isActive:this._isActive,webId:this._webId}}))}_dispatchExpirationWarning(){this.dispatchEvent(new CustomEvent(Oe,{detail:{expires_in:this.getExpiresIn()}}))}_dispatchExpiration(){this.dispatchEvent(new CustomEvent(He))}}const Me="sessionRestore",Fe="login",ze="logout",Ve="sessionExpired",qe="error";class Be{constructor(){this.listeners=new Map}on(e,t){this.listeners.has(e)||this.listeners.set(e,new Set),this.listeners.get(e).add(t)}off(e,t){var r;null===(r=this.listeners.get(e))||void 0===r||r.delete(t)}emit(e,...t){var r;null===(r=this.listeners.get(e))||void 0===r||r.forEach(e=>e(...t))}}class Ge{constructor(e){this._session=new je({clientId:null==e?void 0:e.clientId,database:new Le,onStateChange:e=>{const t=e.detail;(null==t?void 0:t.isActive)?(this._events.emit(Fe),this._events.emit(Me,window.location.href)):this._events.emit(ze)},onExpiration:()=>{this._events.emit(Ve)}}),this._events=new Be,this._sessionId=crypto.randomUUID()}get events(){return this._events}get info(){var e;return{isLoggedIn:this._session.isActive,webId:null!==(e=this._session.webId)&&void 0!==e?e:void 0,sessionId:this._sessionId,expirationDate:this._session.isActive?Date.now()+1e3*this._session.getExpiresIn():void 0}}async handleIncomingRedirect(e){const t="string"==typeof e?{url:e}:null!=e?e:{};try{if(await this._session.handleRedirectFromLogin(),!this._session.isActive&&!1!==t.restorePreviousSession)try{await this._session.restore()}catch{}return this.info}catch(e){return void this._events.emit(qe,e)}}async login(e){const t=e.redirectUrl||window.location.href;await this._session.login(e.oidcIssuer,t)}async logout(){await this._session.logout()}async fetch(e,t){return this._session.authFetch(e,t)}}const Xe=new Ge,Ye=e;var Ze=n(386);const Qe=n.n(Ze)()(Ye),et=(0,Ye.sym)("http://www.iana.org/assignments/link-relations/acl");function tt(e){const t=Qe;function r(e,r,n,o={}){const a=o.public||[],s=(0,Ye.graph)(),i=(0,Ye.Namespace)("http://www.w3.org/ns/auth/acl#");let c=s.sym(`${n}#a1`);const d=s.sym(n),l=s.sym(e);if(s.add(c,t.rdf("type"),i("Authorization"),d),s.add(c,i("accessTo"),l,d),o.defaultForNew&&s.add(c,i("default"),l,d),s.add(c,i("agent"),r,d),s.add(c,i("mode"),i("Read"),d),s.add(c,i("mode"),i("Write"),d),s.add(c,i("mode"),i("Control"),d),a.length){c=s.sym(`${n}#a2`),s.add(c,t.rdf("type"),i("Authorization"),d),s.add(c,i("accessTo"),l,d),s.add(c,i("agentClass"),t.foaf("Agent"),d);for(let e=0;ea||function(t){const r=e.fetcher;if(!r)throw new Error("Cannot fetch ACL rel, store has no fetcher");return r.load(t).then(r=>{if(!r.ok)throw new Error("fetchACLRel: While loading:"+r.error);const n=e.any(e.sym(t),et);if(!n)throw new Error("fetchACLRel: No Link rel=ACL header for "+t);return n})}(t).catch(e=>{throw new Error(`Error fetching rel=ACL header for ${t}: ${e}`)})).then(a=>{const s=r(t,n,a.uri,o);if(!e.fetcher)throw new Error("Cannot PUT this, store has no fetcher");return e.fetcher.webOperation("PUT",a.uri,{data:s,contentType:"text/turtle"}).then(e=>{if(!e.ok)throw new Error("Error writing ACL text: "+e.error);return a})})},genACLText:r}}const rt=()=>{let{SolidAppContext:e}=window;if(e||(e={}),e.viewingNoAuthPage=!1,e.noAuth&&window.document){if(window.document.location.href.startsWith(e.noAuth)){e.viewingNoAuthPage=!0;const t=new URLSearchParams(window.document.location.search);if(t){let r=e.viewedPage=t.get("uri")||null;if(r&&(r=decodeURI(r),!r.startsWith(e.noAuth))){const t=r.split(/\//);e.idp=t[0]+"//"+t[2],e.viewingNoAuthPage=!1}}}}return e};function nt(){const{$SolidTestEnvironment:e}=window;if(void 0!==e&&e.username)return o("Assuming the user is "+e.username),(0,Ye.sym)(e.username);if("undefined"!=typeof document&&document.location&&"http://localhost"===(""+document.location).slice(0,16)){const e=document.getElementById("appTarget");if(!e)return null;const t=e.getAttribute("testID");return t?(o("Assuming user is "+t),(0,Ye.sym)(t)):null}return null}class ot{constructor(e){this.session=e}get authSession(){return this.session}currentUser(){const e=rt();return e.viewingNoAuthPage?(0,Ye.sym)(e.webId):this&&this.session&&this.session.info&&this.session.info.webId&&this.session.info.isLoggedIn?(0,Ye.sym)(this.session.info.webId):nt()}async checkUser(e){const t=new URL(window.location.href).hash;t&&window.localStorage.setItem("preLoginRedirectHash",t),this.session.events.on(Me,e=>{o(`Session restored to ${e}`),document.location.toString()!==e&&history.replaceState(null,"",e)});const r=new URL(window.location.href);r.hash="",await this.session.handleIncomingRedirect({restorePreviousSession:!0,url:r.href});const n=window.localStorage.getItem("preLoginRedirectHash");if(n){const e=new URL(window.location.href);e.hash!==n&&(history.pushState?history.pushState(null,document.title,n):location.hash=n,e.hash=n),window.localStorage.setItem("preLoginRedirectHash","")}let a=nt();if(a)return Promise.resolve(e?e(a):a);const s=this.webIdFromSession(this.session.info);return s&&(a=this.saveUser(s)),a&&o(`(Logged in as ${a} by authentication)`),Promise.resolve(e?e(a):a)}saveUser(e,t){let r;if(e){r="string"==typeof e?e:e.uri;const n=(0,Ye.namedNode)(r);return t&&(t.me=n),n}return null}webIdFromSession(e){return(null==e?void 0:e.webId)&&e.isLoggedIn?e.webId:null}}function at(e){return(0,Ye.sym)(e.uri+"#id"+Date.now())}function st(e){return!e||`${window.location.origin}/`!==new URL(e.value).origin}const it="index.ttl#this";function ct(e,t){const r=Qe;async function n(t,r,n){await e.fetcher.load(t);const o=e.any(t,new Ye.NamedNode("http://www.iana.org/assignments/link-relations/acl"));if(!o)throw new Error("Chat ACL doc not found!");const a=`\n @prefix acl: .\n <#owner>\n a acl:Authorization;\n acl:agent <${r.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Write, acl:Control.\n <#invitee>\n a acl:Authorization;\n acl:agent <${n.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Append.\n `;await e.fetcher.webOperation("PUT",o.value,{data:a,contentType:"text/turtle"})}async function o(t,n){const o=e.any(n,r.solid("privateTypeIndex"));if(!o)throw new Error("Private type index not found!");await e.fetcher.load(o);const a=at(o),s=[(0,Ye.st)(a,r.rdf("type"),r.solid("TypeRegistration"),o.doc()),(0,Ye.st)(a,r.solid("forClass"),r.meeting("LongChat"),o.doc()),(0,Ye.st)(a,r.solid("instance"),t,o.doc())];await new Promise((t,r)=>{e.updater.update([],s,function(e,n,o){n?t(null):r(new Error(o))})})}async function a(r){const n=await t.loadMe(),o=function(e,t){const r=new URL(`IndividualChats/${new URL(e.value).host}/`,t.value).toString();return new Ye.NamedNode(r)}(r,await t.getPodRoot(n));let a=!0;try{await e.fetcher.load(new Ye.NamedNode(o.value+"index.ttl#this"))}catch(e){a=!1}return{me:n,chatContainer:o,exists:a}}async function s(e,t){return(await i({me:t,newBase:e.value})).newInstance}function i(t){const n=e,o=n.updater;if(t.me&&!t.me.uri)throw new Error("chat mintNew: Invalid userid "+t.me);const a=t.newInstance=t.newInstance||n.sym(t.newBase+it),s=a.doc();return n.add(a,r.rdf("type"),r.meeting("LongChat"),s),n.add(a,r.dc("title"),"Chat channel",s),n.add(a,r.dc("created"),(0,Ye.term)(new Date(Date.now())),s),t.me&&n.add(a,r.dc("author"),t.me,s),new Promise(function(e,r){null==o||o.put(s,n.statementsMatching(void 0,void 0,void 0,s),"text/turtle",function(n,o,s){o?e({...t,newInstance:a}):r(new Error("FAILED to save new chat channel at: "+n+" : "+s))})})}async function c(t,n){var o;await e.fetcher.load(t.doc());const a=e.any(t,r.ldp("inbox"),void 0,t.doc());if(!a)throw new Error(`Invitee inbox not found! ${t.value}`);const s=`\n <> a ;\n ${r.rdf("seeAlso")} <${n.value}> .\n `,i=await(null===(o=e.fetcher)||void 0===o?void 0:o.webOperation("POST",a.value,{data:s,contentType:"text/turtle"}));if(!(null==i?void 0:i.headers.get("location")))throw new Error(`Invite sending returned a ${null==i?void 0:i.status}`)}return{setAcl:n,addToPrivateTypeIndex:o,findChat:a,createChatThing:s,getChat:async function(e,t=!0){const{me:r,chatContainer:i,exists:d}=await a(e);if(d)return new Ye.NamedNode(i.value+it);if(t){const t=await s(i,r);return await c(e,t),await n(i,r,e),await o(t,r),t}return null},sendInvite:c,mintNew:i}}function dt(e,t,r,n,o){return{createInboxFor:async function(e,o){const a=await t.loadMe(),s=`${(await t.getPodRoot(a)).value}p2p-inboxes/${encodeURIComponent(o)}/`;return await n.createContainer(s),await r.setSinglePeerAccess({ownerWebId:a.value,peerWebId:e,accessToModes:"acl:Append",target:s}),s},getNewMessages:async function(e){e||(e=await t.loadMe());const r=await t.getMainInbox(e);return(await n.getContainerMembers(r)).filter(e=>!n.isContainer(e))},markAsRead:async function(t,r){const n=await e.fetcher._fetch(t);if(200!==n.status)throw new Error(`Not OK! ${t}`);const o=function(e,t){const r=t.getUTCFullYear(),n=("0"+(t.getUTCMonth()+1)).slice(-2),o=("0"+t.getUTCDate()).slice(-2),a=e.split("/"),s=a[a.length-1];return new URL(`./archive/${r}/${n}/${o}/${s}`,e).toString()}(t,r),a={method:"PUT",body:await n.text(),headers:[["Content-Type",n.headers.get("Content-Type")||"application/octet-stream"]]};"2"===(await e.fetcher._fetch(o,a)).status.toString()[0]&&await e.fetcher._fetch(t,{method:"DELETE"})}}}class lt extends Error{constructor(e){super(e),Object.setPrototypeOf(this,new.target.prototype),this.name=new.target.name}}class ht extends lt{}class ut extends lt{}class wt extends lt{}class pt extends lt{}class ft extends lt{}class yt extends lt{}class mt extends lt{constructor(e,t){super(t),this.status=e}}function gt(e,t,r){const n=Qe;async function o(t){await s(t);const o=function(e){const t=e.uri.replace("/profile/","/").replace("/public/","/").split("/").slice(0,-1).join("/")+"/Settings/Preferences.ttl";return(0,Ye.sym)(t)}(t);let i;try{i=await r.followOrCreateLink(t,n.space("preferencesFile"),o,t.doc())}catch(e){if(a(`User ${t} has no pointer in profile to preferences file.`),e instanceof ft)throw e;if(e instanceof yt)throw e;if(e instanceof ht)throw e;if(e instanceof ut)throw e;if(e instanceof wt)throw e;if(e instanceof mt)throw e;throw e}try{await e.fetcher.load(i)}catch(e){const r=`Unable to load preference of user ${t}: ${e}`;if(a(r),401===e.response.status)throw new ht;if(403===e.response.status){if(st(i))throw new ut;throw new wt}throw new Error(r)}return i}async function s(t){if(!t)throw new Error("loadProfile: no user given.");try{await e.fetcher.load(t.doc())}catch(e){throw new Error(`Unable to load profile of user ${t}: ${e}`)}return t.doc()}function i(t){return e.any(t,n.space("storage"),void 0,t.doc())}return{loadMe:async function(){const r=t.currentUser();if(null===r)throw new Error("Current user not found! Not logged in?");return await e.fetcher.load(r.doc()),r},getPodRoot:function(e){const t=i(e);if(!t)throw new Error("User pod root not found!");return t},getMainInbox:async function(t){await e.fetcher.load(t);const r=e.any(t,n.ldp("inbox"),void 0,t.doc());if(!r)throw new Error("User main inbox not found!");return r},findStorage:i,loadPreferences:o,loadProfile:s,silencedLoadPreferences:async function(e){try{return await o(e)}catch(e){return}}}}function bt(e,t,r,n){const o=Qe;async function s(t){if(!t)throw new Error("loadTypeIndexesFor: No user given");const s=await r.loadProfile(t),i=l(t);let c;try{c=await n.followOrCreateLink(t,o.solid("publicTypeIndex"),i,s)}catch(e){a(`User ${t} has no pointer in profile to publicTypeIndex file.`)}const d=c?[{label:"public",index:c,agent:t}]:[];let u,w;try{u=await r.silencedLoadPreferences(t)}catch(e){u=null}if(u){const r=h(u);let i;try{i=e.any(t,o.solid("privateTypeIndex"),void 0,s)||await n.followOrCreateLink(t,o.solid("privateTypeIndex"),r,u)}catch(e){a(`User ${t} has no pointer in preference file to privateTypeIndex file.`)}w=i?[{label:"private",index:i,agent:t}]:[]}else w=[];const p=d.concat(w);if(0===p.length)return p;const f=p.map(e=>e.index);try{await e.fetcher.load(f)}catch(e){a("Problems loading type index: ",e)}return p}async function i(t){let n;try{n=await r.silencedLoadPreferences(t)}catch(e){a(`User ${t} has no pointer in profile to preferences file.`)}if(n){const r=e.each(t,o.solid("community"),void 0,n).concat(e.each(t,o.solid("community"),void 0,t.doc()));let a=[];for(const e of r)a=a.concat(await s(e));return a}return[]}async function c(e){return(await s(e)).concat((await i(e)).flat())}async function d(e,t){const r=await c(t);let n=[];for(const t of r){const r=await u(t,e);n=n.concat(r)}return n}function l(e){var t;return(0,Ye.sym)((null===(t=e.doc().dir())||void 0===t?void 0:t.uri)+"publicTypeIndex.ttl")}function h(e){var t;return(0,Ye.sym)((null===(t=e.doc().dir())||void 0===t?void 0:t.uri)+"privateTypeIndex.ttl")}async function u(t,r){const n=t.index,a=[],s=e.statementsMatching(null,o.solid("instance"),null,n).concat(e.statementsMatching(null,o.solid("instanceContainer"),null,n)).map(e=>e.subject);for(const i of s){const s=e.any(i,o.solid("forClass"),null,n);if(!r||s.sameTerm(r)){const r=e.each(i,o.solid("instance"),null,n);for(const e of r)a.push({instance:e,type:s,scope:t});const c=e.each(i,o.solid("instanceContainer"),null,n);for(const r of c)await e.fetcher.load(r),a.push({instance:(0,Ye.sym)(r.value),type:s,scope:t})}}return a}return{registerInTypeIndex:async function(t,r,n){const a=at(r),s=[(0,Ye.st)(a,o.rdf("type"),o.solid("TypeRegistration"),r),(0,Ye.st)(a,o.solid("forClass"),n,r),(0,Ye.st)(a,o.solid("instance"),t,r)];try{await e.updater.update([],s)}catch(e){const n=`Unable to register ${t} in index ${r}: ${e}`;return console.warn(n),null}return a},getRegistrations:function(t,r){return e.each(void 0,o.solid("instance"),t).filter(t=>e.holds(t,o.solid("forClass"),r))},loadTypeIndexesFor:s,loadCommunityTypeIndexes:i,loadAllTypeIndexes:c,getScopedAppInstances:d,getAppInstances:async function(e){const r=t.currentUser();if(!r)throw new Error("getAppInstances: Must be logged in to find apps.");return(await d(e,r)).map(e=>e.instance)},suggestPublicTypeIndex:l,suggestPrivateTypeIndex:h,deleteTypeIndexRegistration:async function(t){const r=e.the(null,o.solid("instance"),t.instance,t.scope.index);if(!r)throw new Error(`deleteTypeIndexRegistration: No registration found for ${t.instance}`);const n=e.statementsMatching(r,null,null,t.scope.index);await e.updater.update(n,[])},getScopedAppsFromIndex:u}}function _t(e,t){o("SolidLogic: Unique instance created. There should only be one of these.");const r=Ye.graph();Ye.fetcher(r,{fetch:e.fetch}),r.updater=new Ye.UpdateManager(r),r.features=[];const n=new ot(t),s=tt(r),i=function(e){function t(t){return e.statementsMatching(t,(0,Ye.sym)("http://www.w3.org/ns/ldp#contains"),void 0).map(e=>e.object)}function r(e){const t=e.value;return"/"===t.charAt(t.length-1)}return{isContainer:r,createContainer:async function(t){if(!r((0,Ye.sym)(t)))throw new Error(`Not a container URL ${t}`);const n=await e.fetcher._fetch(t,{method:"PUT",headers:{"Content-Type":"text/turtle","If-None-Match":"*",Link:'; rel="type"'},body:" "});if("2"!==n.status.toString()[0])throw new Error(`Not OK: got ${n.status} response while creating container at ${t}`)},getContainerElements:t,getContainerMembers:async function(r){return await e.fetcher.load(r),t(r)}}}(r),c=function(e,t,r){async function n(t){let r;try{r=await e.fetcher.load(t)}catch(r){if(404!==r.response.status){if(401===r.response.status)throw new ht;if(403===r.response.status){if(st(t))throw new ut;throw new wt}const e="createIfNotExists doc load error NOT 404: "+t+": "+r;throw new mt(r.status,r.message+e)}try{await e.fetcher.webOperation("PUT",t,{data:"",contentType:"text/turtle"})}catch(e){throw new yt("createIfNotExists: PUT FAILED: "+t+": "+e)}await e.fetcher.load(t)}return r}return{recursiveDelete:async function n(a){try{if(r.isContainer(a)){const o=await t.findAclDocUrl(a);await e.fetcher._fetch(o,{method:"DELETE"});const s=await r.getContainerMembers(a);await Promise.all(s.map(e=>n(e)))}const o=a.value;return e.fetcher._fetch(o,{method:"DELETE"})}catch(e){o(`Please manually remove ${a.value} from your system.`,e)}},setSinglePeerAccess:async function(r){let n=["@prefix acl: .","",`<#alice> a acl:Authorization;\n acl:agent <${r.ownerWebId}>;`,` acl:accessTo <${r.target}>;`,` acl:default <${r.target}>;`," acl:mode acl:Read, acl:Write, acl:Control.",""].join("\n");r.accessToModes&&(n+=["<#bobAccessTo> a acl:Authorization;",` acl:agent <${r.peerWebId}>;`,` acl:accessTo <${r.target}>;`,` acl:mode ${r.accessToModes}.`,""].join("\n")),r.defaultModes&&(n+=["<#bobDefault> a acl:Authorization;",` acl:agent <${r.peerWebId}>;`,` acl:default <${r.target}>;`,` acl:mode ${r.defaultModes}.`,""].join("\n"));const o=await t.findAclDocUrl((0,Ye.sym)(r.target));return e.fetcher._fetch(o,{method:"PUT",body:n,headers:[["Content-Type","text/turtle"]]})},createEmptyRdfDoc:async function(t,r){await e.fetcher.webOperation("PUT",t.uri,{data:`# ${new Date} ${r}\n `,contentType:"text/turtle"})},followOrCreateLink:async function(t,r,o,s){await e.fetcher.load(s);const i=e.any(t,r,null,s);if(i)return i;if(!e.updater.editable(s)){const e=`followOrCreateLink: cannot edit ${s.value}`;throw a(e),new ft(e)}try{await e.updater.update([],[(0,Ye.st)(t,r,o,s)])}catch(e){throw a(`followOrCreateLink: Error making link in ${s} to ${o}: ${e}`),new yt(e)}try{await n(o)}catch(e){throw a(`followOrCreateLink: Error loading or saving new linked document: ${o}: ${e}`),e}return o},loadOrCreateIfNotExists:n}}(r,s,i),d=gt(r,n,c),l=ct(r,d),h=dt(r,d,c,i),u=bt(r,n,d,c);return o("SolidAuthnLogic initialized"),{store:r,authn:n,acl:s,inbox:h,chat:l,profile:d,typeIndex:u,load:function(e){return r.fetcher.load(e)},updatePromise:function(e,t=[]){return new Promise((n,o)=>{r.updater.update(e,t,function(e,t,r){t?n():o(new Error(r))})})},clearStore:function(){r.statements.slice().forEach(r.remove.bind(r))}}}const St=async(e,t)=>{const r=t&&t.credentials&&"omit"==t.credentials;return Xe.info.webId&&!r?Xe.fetch(e,t):window.fetch(e,t)},Et=Symbol.for("solid-logic-singleton"),vt="undefined"!=typeof window?window:n.g;const kt=(vt[Et]?o("SolidLogic: Using existing global singleton instance."):(o("SolidLogic: Creating new global singleton instance."),vt[Et]=_t({fetch:St},Xe),o("Unique quadstore initialized.")),vt[Et]),At=[{name:"Solid Community",uri:"https://solidcommunity.net"},{name:"Solid Web",uri:"https://solidweb.org"},{name:"Solid Web ME",uri:"https://solidweb.me"},{name:"Inrupt.com",uri:"https://login.inrupt.com"}];function It(){const e=[...At],{host:t,origin:r}=new URL(location.href),n=e.map(({uri:e})=>new URL(e).host);return n.includes(t)||n.some(e=>function(e,t){const r=e.length-t.length-1;return r>0&&"."===e[r]&&e.endsWith(t)}(t,e))||e.unshift({name:t,uri:r}),e}const Pt=kt.authn,Tt=kt.authn.authSession,xt=kt.store;export{et as ACL_LINK,ut as CrossOriginForbiddenError,mt as FetchError,ft as NotEditableError,pt as NotFoundError,wt as SameOriginForbiddenError,ht as UnauthorizedError,yt as WebOperationError,rt as appContext,Tt as authSession,Pt as authn,bt as createTypeIndexLogic,It as getSuggestedIssuers,nt as offlineTestID,kt as solidLogicSingleton,xt as store}; +//# sourceMappingURL=solid-logic.esm.min.js.map \ No newline at end of file diff --git a/dist/solid-logic.esm.min.js.map b/dist/solid-logic.esm.min.js.map new file mode 100644 index 0000000..7a238c9 --- /dev/null +++ b/dist/solid-logic.esm.min.js.map @@ -0,0 +1 @@ +{"version":3,"file":"solid-logic.esm.min.js","mappings":"uCAeA,MAAMA,EAAU,CACdC,IAAK,iCACLC,IAAK,gCACLC,GAAI,yCACJC,SAAU,sCACVC,IAAK,sCACLC,IAAK,0DACLC,KAAM,kCACNC,QAAS,8CACTC,GAAI,mCACJC,IAAK,4BACLC,KAAM,gCACNC,KAAM,6BACNC,IAAK,2CACLC,IAAK,gCACLC,GAAI,oCACJC,KAAM,mCACNC,MAAO,oCACPC,OAAQ,yCACRC,IAAK,4BACLC,KAAM,mCACNC,IAAK,sCACLC,QAAS,oCACTC,GAAI,+BACJC,IAAK,4BACLC,IAAK,iCACLC,IAAK,gCACLC,MAAO,kCACPC,KAAM,6BACNC,IAAK,qCACLC,GAAI,0CACJC,KAAM,iCACNC,IAAK,8CACLC,KAAM,wCACNC,IAAK,2BACLC,MAAO,qCACPC,OAAQ,qBACRC,KAAM,2BACNC,KAAM,uCACNC,MAAO,oCACPC,MAAO,kCACPC,KAAM,mCACNC,IAAK,mCACLC,OAAQ,mCACRC,GAAI,2BACJC,KAAM,8BACNC,MAAO,mCACPC,GAAI,qCACJC,IAAK,qCAkBPC,EAAOC,QAZP,SAAgBlB,EAAM,CAAEmB,UAAWC,GAAKA,IACtC,MAAMC,EAAa,CAAC,EACpB,IAAK,MAAMC,KAAStD,EAAS,CAC3B,MAAMuD,EAAYvD,EAAQsD,GAC1BD,EAAWC,GAAS,SAAUE,EAAY,IACxC,OAAOxB,EAAImB,UAAUI,EAAYC,EACnC,CACF,CAEA,OAAOH,CACT,C,GC9EII,EAA2B,CAAC,EAGhC,SAASC,EAAoBC,GAE5B,IAAIC,EAAeH,EAAyBE,GAC5C,QAAqBE,IAAjBD,EACH,OAAOA,EAAaV,QAGrB,IAAID,EAASQ,EAAyBE,GAAY,CAGjDT,QAAS,CAAC,GAOX,OAHAY,EAAoBH,GAAUV,EAAQA,EAAOC,QAASQ,GAG/CT,EAAOC,OACf,CCrBO,SAAS7B,KAAO0C,GACrBC,QAAQ3C,OAAO0C,EACjB,CAEO,SAASE,KAAQF,GACtBC,QAAQC,QAAQF,EAClB,CCNAL,EAAoBQ,EAAKjB,IACxB,IAAIkB,EAASlB,GAAUA,EAAOmB,WAC7B,IAAOnB,EAAiB,QACxB,IAAM,EAEP,OADAS,EAAoBW,EAAEF,EAAQ,CAAEG,EAAGH,IAC5BA,GCLRT,EAAoBW,EAAI,CAACnB,EAASqB,KACjC,IAAI,IAAIC,KAAOD,EACXb,EAAoBe,EAAEF,EAAYC,KAASd,EAAoBe,EAAEvB,EAASsB,IAC5EE,OAAOC,eAAezB,EAASsB,EAAK,CAAEI,YAAY,EAAMC,IAAKN,EAAWC,MCJ3Ed,EAAoBoB,EAAI,WACvB,GAA0B,iBAAfC,WAAyB,OAAOA,WAC3C,IACC,OAAOC,MAAQ,IAAIC,SAAS,cAAb,EAChB,CAAE,MAAOC,GACR,GAAsB,iBAAXC,OAAqB,OAAOA,MACxC,CACA,CAPuB,GCAxBzB,EAAoBe,EAAI,CAACW,EAAKC,IAAUX,OAAOY,UAAUC,eAAeC,KAAKJ,EAAKC,GCAlF,eACaI,EAAejB,GAAQA,aAAekB,UCDnD,SAASC,EAAQC,EAAKC,KAAWC,GAE7B,IADAA,EAAQA,EAAMC,OAAOC,UACXC,OAAS,EAAG,CAClB,MAAMC,EAAOJ,EAAMK,MACnBP,GAAO,eAAeE,EAAMM,KAAK,aAAaF,IAClD,MAC0B,IAAjBJ,EAAMG,OACXL,GAAO,eAAeE,EAAM,SAASA,EAAM,MAG3CF,GAAO,WAAWE,EAAM,MAa5B,OAXc,MAAVD,EACAD,GAAO,aAAaC,IAEG,mBAAXA,GAAyBA,EAAOQ,KAC5CT,GAAO,sBAAsBC,EAAOQ,OAEb,iBAAXR,GAAiC,MAAVA,GAC/BA,EAAOS,aAAaD,OACpBT,GAAO,4BAA4BC,EAAOS,YAAYD,QAGvDT,CACX,CACA,SAAgBC,KAAWC,IAChBH,EAAQ,eAAgBE,KAAWC,GAEvC,SAASS,EAAQC,EAAKX,KAAWC,GACpC,OAAOH,EAAQ,eAAea,uBAA0BX,KAAWC,EACvE,CC7BO,MAAMW,EAAU,IAAIC,YACdC,EAAU,IAAIC,YAEpB,SAASC,KAAUC,GACtB,MAAMC,EAAOD,EAAQE,OAAO,CAACC,GAAOhB,YAAagB,EAAMhB,EAAQ,GACzDiB,EAAM,IAAIC,WAAWJ,GAC3B,IAAIK,EAAI,EACR,IAAK,MAAMC,KAAUP,EACjBI,EAAII,IAAID,EAAQD,GAChBA,GAAKC,EAAOpB,OAEhB,OAAOiB,CACX,CCZO,MAYMK,EAAUC,GAZK,CAACA,IACzB,IAAIC,EAAYD,EACS,iBAAdC,IACPA,EAAYhB,EAAQc,OAAOE,IAE/B,MACMC,EAAM,GACZ,IAAK,IAAIN,EAAI,EAAGA,EAAIK,EAAUxB,OAAQmB,GAFnB,MAGfM,EAAIC,KAAKC,OAAOC,aAAaC,MAAM,KAAML,EAAUM,SAASX,EAAGA,EAHhD,SAKnB,OAAOY,KAAKN,EAAItB,KAAK,MAGd6B,CAAaT,GAAOU,QAAQ,KAAM,IAAIA,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAUvEC,EAAUX,IACnB,IAAIY,EAAUZ,EACVY,aAAmBjB,aACnBiB,EAAUzB,EAAQwB,OAAOC,IAE7BA,EAAUA,EAAQF,QAAQ,KAAM,KAAKA,QAAQ,KAAM,KAAKA,QAAQ,MAAO,IACvE,IACI,MAfoB,CAACE,IACzB,MAAMC,EAASC,KAAKF,GACdG,EAAQ,IAAIpB,WAAWkB,EAAOpC,QACpC,IAAK,IAAImB,EAAI,EAAGA,EAAIiB,EAAOpC,OAAQmB,IAC/BmB,EAAMnB,GAAKiB,EAAOG,WAAWpB,GAEjC,OAAOmB,GASIE,CAAaL,EACxB,CACA,MACI,MAAM,IAAIM,UAAU,oDACxB,GClCJ,EAAgBlE,KACRiB,EAAYjB,IAGqB,cAA9BA,IAAMmE,OAAOC,aAEX9C,EAAQ,CAAC,aCatB,EAhBiB+C,MAAOrE,IACpB,GAAIA,aAAe2C,WACf,MAAO,CACH2B,IAAK,MACLC,EAAG,EAAUvE,IAGrB,IAAKiB,EAAYjB,GACb,MAAM,IAAIkE,UAAU,EAAgBlE,KAAQsB,EAAO,eAEvD,IAAKtB,EAAIwE,YACL,MAAM,IAAIN,UAAU,yDAExB,MAAM,IAAEO,EAAG,QAAEC,EAAO,IAAE1C,EAAG,IAAE2C,KAAQC,SAAc,EAAOC,OAAOC,UAAU,MAAO9E,GAChF,OAAO4E,GCTJP,eAAeU,EAAU/E,GAC5B,OAAO,EAASA,EACpB,CCXO,MAAMgF,UAAkBC,MAC3B,WAAAnD,CAAYX,EAAS+D,GACjBC,MAAMhE,EAAS+D,GACf1E,KAAK4E,KAAO,mBACZ5E,KAAKqB,KAAOrB,KAAKsB,YAAYD,KAC7BoD,MAAMI,oBAAoB7E,KAAMA,KAAKsB,YACzC,EAEJkD,EAAUI,KAAO,mBACV,MAAME,UAAiCN,EAC1C,WAAAlD,CAAYX,EAASoE,EAASC,EAAQ,cAAeC,EAAS,eAC1DN,MAAMhE,EAAS,CAAEuE,MAAO,CAAEF,QAAOC,SAAQF,aACzC/E,KAAK4E,KAAO,kCACZ5E,KAAKgF,MAAQA,EACbhF,KAAKiF,OAASA,EACdjF,KAAK+E,QAAUA,CACnB,EAEJD,EAAyBF,KAAO,kCACzB,MAAMO,UAAmBX,EAC5B,WAAAlD,CAAYX,EAASoE,EAASC,EAAQ,cAAeC,EAAS,eAC1DN,MAAMhE,EAAS,CAAEuE,MAAO,CAAEF,QAAOC,SAAQF,aACzC/E,KAAK4E,KAAO,kBACZ5E,KAAKgF,MAAQA,EACbhF,KAAKiF,OAASA,EACdjF,KAAK+E,QAAUA,CACnB,EAEJI,EAAWP,KAAO,kBACX,MAAMQ,UAA0BZ,EACnC,WAAAlD,GACIqD,SAASU,WACTrF,KAAK4E,KAAO,0BAChB,EAEJQ,EAAkBR,KAAO,2BAClB,MAAM,UAAyBJ,EAClC,WAAAlD,GACIqD,SAASU,WACTrF,KAAK4E,KAAO,wBAChB,EAEJ,EAAiBA,KAAO,0BACjB,cAAkCJ,EACrC,WAAAlD,CAAYX,EAAU,8BAA+B+D,GACjDC,MAAMhE,EAAS+D,GACf1E,KAAK4E,KAAO,2BAChB,IAEgBA,KAAO,6BACpB,cAAyBJ,EAC5B,WAAAlD,GACIqD,SAASU,WACTrF,KAAK4E,KAAO,iBAChB,IAEOA,KAAO,kBACX,MAAMU,UAAmBd,EAC5B,WAAAlD,GACIqD,SAASU,WACTrF,KAAK4E,KAAO,iBAChB,EAEJU,EAAWV,KAAO,kBACX,MAAMW,UAAmBf,EAC5B,WAAAlD,GACIqD,SAASU,WACTrF,KAAK4E,KAAO,iBAChB,EAEJW,EAAWX,KAAO,kBACX,MAAMY,UAAmBhB,EAC5B,WAAAlD,GACIqD,SAASU,WACTrF,KAAK4E,KAAO,iBAChB,EAEJY,EAAWZ,KAAO,kBACX,MAAMa,UAAoBjB,EAC7B,WAAAlD,GACIqD,SAASU,WACTrF,KAAK4E,KAAO,kBAChB,EAEJa,EAAYb,KAAO,mBACZ,MAAMc,UAA0BlB,EACnC,WAAAlD,CAAYX,EAAU,kDAAmD+D,GACrEC,MAAMhE,EAAS+D,GACf1E,KAAK4E,KAAO,0BAChB,EAEJc,EAAkBd,KAAO,2BAClB,MAAMe,UAAiCnB,EAC1C,WAAAlD,CAAYX,EAAU,uDAAwD+D,GAC1EC,MAAMhE,EAAS+D,GACf1E,KAAK4E,KAAO,iCAChB,EAEJjB,OAAOiC,cACPD,EAAyBf,KAAO,kCACzB,MAAMiB,UAAoBrB,EAC7B,WAAAlD,CAAYX,EAAU,oBAAqB+D,GACvCC,MAAMhE,EAAS+D,GACf1E,KAAK4E,KAAO,kBAChB,EAEJiB,EAAYjB,KAAO,mBACZ,MAAMkB,UAAuCtB,EAChD,WAAAlD,CAAYX,EAAU,gCAAiC+D,GACnDC,MAAMhE,EAAS+D,GACf1E,KAAK4E,KAAO,uCAChB,EC9GW,SAASmB,EAAUvE,EAAKwE,GACnC,MAAMC,EAAO,OAAOzE,EAAI0E,OAAO,KAC/B,OAAQ1E,GACJ,IAAK,QACL,IAAK,QACL,IAAK,QACD,MAAO,CAAEyE,OAAM5E,KAAM,QACzB,IAAK,QACL,IAAK,QACL,IAAK,QACD,MAAO,CAAE4E,OAAM5E,KAAM,UAAW8E,WAAY3E,EAAI0E,OAAO,IAAM,GACjE,IAAK,QACL,IAAK,QACL,IAAK,QACD,MAAO,CAAED,OAAM5E,KAAM,qBACzB,IAAK,QACL,IAAK,QACL,IAAK,QACD,MAAO,CAAE4E,OAAM5E,KAAM,QAAS+E,WAAYJ,EAAUI,YACxD,IAAK,UACD,MAAO,CAAE/E,KAAM,WACnB,IAAK,QACD,MAAO,CAAEA,KAAM2E,EAAU3E,MAC7B,QACI,MAAM,IAAI,EAAiB,OAAOG,gEAE9C,CDsFAsE,EAA+BlB,KAAO,wCEjHtC,SAAgBpD,EAAKhC,KACjB,GAAIgC,EAAI6E,WAAW,OAAS7E,EAAI6E,WAAW,MAAO,CAC9C,MAAM,cAAEC,GAAkB9G,EAAIwG,UAC9B,GAA6B,iBAAlBM,GAA8BA,EAAgB,KACrD,MAAM,IAAI5C,UAAU,GAAGlC,yDAE/B,CACH,ECPD,SAAS+E,EAASlF,EAAMhB,EAAO,kBAC3B,OAAO,IAAIqD,UAAU,kDAAkDrD,aAAgBgB,IAC3F,CACA,SAASmF,EAAYR,EAAW3E,GAC5B,OAAO2E,EAAU3E,OAASA,CAC9B,CACA,SAASoF,EAAcR,GACnB,OAAOS,SAAST,EAAK5E,KAAK6E,MAAM,GAAI,GACxC,CAaA,SAASS,EAAWnH,EAAKoH,GACrB,GAAIA,EAAO3F,SAAW2F,EAAOC,KAAMC,GAAatH,EAAIoH,OAAOG,SAASD,IAAY,CAC5E,IAAIlG,EAAM,sEACV,GAAIgG,EAAO3F,OAAS,EAAG,CACnB,MAAMC,EAAO0F,EAAOzF,MACpBP,GAAO,UAAUgG,EAAOxF,KAAK,aAAaF,IAC9C,MAC2B,IAAlB0F,EAAO3F,OACZL,GAAO,UAAUgG,EAAO,SAASA,EAAO,MAGxChG,GAAO,GAAGgG,EAAO,MAErB,MAAM,IAAIlD,UAAU9C,EACxB,CACJ,CACO,SAASoG,EAAkBxH,EAAKgC,KAAQoF,GAC3C,OAAQpF,GACJ,IAAK,QACL,IAAK,QACL,IAAK,QAAS,CACV,IAAKgF,EAAYhH,EAAIwG,UAAW,QAC5B,MAAMO,EAAS,QACnB,MAAMO,EAAWJ,SAASlF,EAAI0E,MAAM,GAAI,IAExC,GADeO,EAAcjH,EAAIwG,UAAUC,QAC5Ba,EACX,MAAMP,EAAS,OAAOO,IAAY,kBACtC,KACJ,CACA,IAAK,QACL,IAAK,QACL,IAAK,QAAS,CACV,IAAKN,EAAYhH,EAAIwG,UAAW,qBAC5B,MAAMO,EAAS,qBACnB,MAAMO,EAAWJ,SAASlF,EAAI0E,MAAM,GAAI,IAExC,GADeO,EAAcjH,EAAIwG,UAAUC,QAC5Ba,EACX,MAAMP,EAAS,OAAOO,IAAY,kBACtC,KACJ,CACA,IAAK,QACL,IAAK,QACL,IAAK,QAAS,CACV,IAAKN,EAAYhH,EAAIwG,UAAW,WAC5B,MAAMO,EAAS,WACnB,MAAMO,EAAWJ,SAASlF,EAAI0E,MAAM,GAAI,IAExC,GADeO,EAAcjH,EAAIwG,UAAUC,QAC5Ba,EACX,MAAMP,EAAS,OAAOO,IAAY,kBACtC,KACJ,CACA,IAAK,QACD,GAA2B,YAAvBtH,EAAIwG,UAAU3E,MAA6C,UAAvB7B,EAAIwG,UAAU3E,KAClD,MAAMkF,EAAS,oBAEnB,MAEJ,IAAK,UACD,IAAKC,EAAYhH,EAAIwG,UAAW,WAC5B,MAAMO,EAAS,WACnB,MAEJ,IAAK,QACL,IAAK,QACL,IAAK,QAAS,CACV,IAAKC,EAAYhH,EAAIwG,UAAW,SAC5B,MAAMO,EAAS,SACnB,MAAMO,EA/ElB,SAAuBtF,GACnB,OAAQA,GACJ,IAAK,QACD,MAAO,QACX,IAAK,QACD,MAAO,QACX,IAAK,QACD,MAAO,QACX,QACI,MAAM,IAAIiD,MAAM,eAE5B,CAoE6BwC,CAAczF,GAE/B,GADehC,EAAIwG,UAAUI,aACdU,EACX,MAAMP,EAASO,EAAU,wBAC7B,KACJ,CACA,QACI,MAAM,IAAIpD,UAAU,6CAE5BiD,EAAWnH,EAAKoH,EACpB,CC/Fe,SAASM,EAAS1E,GAC7B,GAHwB,iBADN2E,EAIA3E,IAH4B,OAAV2E,GAGkC,oBAA1CzH,OAAOY,UAAU8G,SAAS5G,KAAKgC,GACvD,OAAO,EALf,IAAsB2E,EAOlB,GAAqC,OAAjCzH,OAAO2H,eAAe7E,GACtB,OAAO,EAEX,IAAI8E,EAAQ9E,EACZ,KAAwC,OAAjC9C,OAAO2H,eAAeC,IACzBA,EAAQ5H,OAAO2H,eAAeC,GAElC,OAAO5H,OAAO2H,eAAe7E,KAAW8E,CAC5C,CCdO,SAASC,EAAM/H,GAClB,OAAO0H,EAAS1H,IAA2B,iBAAZA,EAAIsE,GACvC,CCqFA,MAeA,EAfcD,MAAOO,IACjB,IAAKA,EAAI5C,IACL,MAAM,IAAIkC,UAAU,4DAExB,MAAM,UAAEsC,EAAS,UAAEwB,GA1FvB,SAAuBpD,GACnB,IAAI4B,EACAwB,EACJ,OAAQpD,EAAIN,KACR,IAAK,MACD,OAAQM,EAAI5C,KACR,IAAK,QACL,IAAK,QACL,IAAK,QACDwE,EAAY,CAAE3E,KAAM,UAAW4E,KAAM,OAAO7B,EAAI5C,IAAI0E,OAAO,MAC3DsB,EAAYpD,EAAI/E,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,QACL,IAAK,QACL,IAAK,QACD2G,EAAY,CAAE3E,KAAM,oBAAqB4E,KAAM,OAAO7B,EAAI5C,IAAI0E,OAAO,MACrEsB,EAAYpD,EAAI/E,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,WACL,IAAK,eACL,IAAK,eACL,IAAK,eACD2G,EAAY,CACR3E,KAAM,WACN4E,KAAM,OAAOS,SAAStC,EAAI5C,IAAI0E,OAAO,GAAI,KAAO,KAEpDsB,EAAYpD,EAAI/E,EAAI,CAAC,UAAW,aAAe,CAAC,UAAW,WAC3D,MACJ,QACI,MAAM,IAAI,EAAiB,gEAEnC,MAEJ,IAAK,KACD,OAAQ+E,EAAI5C,KACR,IAAK,QACDwE,EAAY,CAAE3E,KAAM,QAAS+E,WAAY,SACzCoB,EAAYpD,EAAI/E,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,QACD2G,EAAY,CAAE3E,KAAM,QAAS+E,WAAY,SACzCoB,EAAYpD,EAAI/E,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,QACD2G,EAAY,CAAE3E,KAAM,QAAS+E,WAAY,SACzCoB,EAAYpD,EAAI/E,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,UACL,IAAK,iBACL,IAAK,iBACL,IAAK,iBACD2G,EAAY,CAAE3E,KAAM,OAAQ+E,WAAYhC,EAAIqD,KAC5CD,EAAYpD,EAAI/E,EAAI,CAAC,cAAgB,GACrC,MACJ,QACI,MAAM,IAAI,EAAiB,gEAEnC,MAEJ,IAAK,MACD,OAAQ+E,EAAI5C,KACR,IAAK,UACDwE,EAAY,CAAE3E,KAAM,WACpBmG,EAAYpD,EAAI/E,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,QACD2G,EAAY,CAAE3E,KAAM+C,EAAIqD,KACxBD,EAAYpD,EAAI/E,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,UACL,IAAK,iBACL,IAAK,iBACL,IAAK,iBACD2G,EAAY,CAAE3E,KAAM+C,EAAIqD,KACxBD,EAAYpD,EAAI/E,EAAI,CAAC,cAAgB,GACrC,MACJ,QACI,MAAM,IAAI,EAAiB,gEAEnC,MAEJ,QACI,MAAM,IAAI,EAAiB,+DAEnC,MAAO,CAAE2G,YAAWwB,YACxB,CAKqCE,CAActD,GACzCuD,EAAO,CACT3B,EACA5B,EAAIH,MAAO,EACXG,EAAIF,SAAWsD,GAEbI,EAAU,IAAKxD,GAGrB,cAFOwD,EAAQpG,WACRoG,EAAQzD,IACR,EAAOE,OAAOwD,UAAU,MAAOD,KAAYD,IClGhDG,EAAkB/D,GAAMZ,EAAOY,GACrC,IAAIgE,EACAC,EACJ,MAAMC,EAAezI,GACoB,cAA9BA,IAAMmE,OAAOC,aAElBsE,EAAiBrE,MAAOsE,EAAO3I,EAAK4E,EAAK5C,EAAK4G,GAAS,KACzD,IAAIC,EAASF,EAAMtI,IAAIL,GACvB,GAAI6I,IAAS7G,GACT,OAAO6G,EAAO7G,GAElB,MAAM8G,QAAkB,EAAU,IAAKlE,EAAK5C,QAS5C,OARI4G,GACA1I,OAAO0I,OAAO5I,GACb6I,EAIDA,EAAO7G,GAAO8G,EAHdH,EAAM7F,IAAI9C,EAAK,CAAE,CAACgC,GAAM8G,IAKrBA,GA4CX,EA1C2B,CAAC9I,EAAKgC,KAC7B,GAAIyG,EAAYzI,GAAM,CAClB,IAAI4E,EAAM5E,EAAI+I,OAAO,CAAEC,OAAQ,QAO/B,cANOpE,EAAI/E,SACJ+E,EAAIqE,UACJrE,EAAIsE,UACJtE,EAAIuE,SACJvE,EAAIwE,SACJxE,EAAIyE,GACPzE,EAAIL,EACG+D,EAAe1D,EAAIL,IAE9BiE,IAAaA,EAAW,IAAIc,SACrBZ,EAAeF,EAAUxI,EAAK4E,EAAK5C,GAC9C,CACA,GAAI+F,EAAM/H,GAAM,CACZ,GAAIA,EAAIuE,EACJ,OAAOZ,EAAO3D,EAAIuE,GACtBiE,IAAaA,EAAW,IAAIc,SAE5B,OADkBZ,EAAeF,EAAUxI,EAAKA,EAAKgC,GAAK,EAE9D,CACA,OAAOhC,GAoBX,EAlB4B,CAACA,EAAKgC,KAC9B,GAAIyG,EAAYzI,GAAM,CAClB,IAAI4E,EAAM5E,EAAI+I,OAAO,CAAEC,OAAQ,QAC/B,OAAIpE,EAAIL,EACG+D,EAAe1D,EAAIL,IAE9BgE,IAAcA,EAAY,IAAIe,SACvBZ,EAAeH,EAAWvI,EAAK4E,EAAK5C,GAC/C,CACA,GAAI+F,EAAM/H,GAAM,CACZ,GAAIA,EAAIuE,EACJ,OAAOZ,EAAO3D,EAAIuE,GACtBgE,IAAcA,EAAY,IAAIe,SAE9B,OADkBZ,EAAeH,EAAWvI,EAAKA,EAAKgC,GAAK,EAE/D,CACA,OAAOhC,GC5DIqE,eAAekF,EAAavH,EAAKhC,EAAKwJ,GAOjD,GANc,SAAVA,IACAxJ,QAAY,EAA8BA,EAAKgC,IAErC,WAAVwH,IACAxJ,QAAY,EAA6BA,EAAKgC,IAE9Cf,EAAYjB,GAEZ,OADAwH,EAAkBxH,EAAKgC,EAAKwH,GACrBxJ,EAEX,GAAIA,aAAe2C,WAAY,CAC3B,IAAKX,EAAI6E,WAAW,MAChB,MAAM,IAAI3C,UAAU,EAAgBlE,KAAQsB,IAEhD,OAAO,EAAOuD,OAAOwD,UAAU,MAAOrI,EAAK,CAAEyG,KAAM,OAAOzE,EAAI0E,OAAO,KAAM7E,KAAM,SAAU,EAAO,CAAC2H,GACvG,CACA,MAAM,IAAItF,UAAU,EAAgBlE,KAAQsB,EAAO,aAAc,gBACrE,CCnBA,MAMA,EANa+C,MAAOrC,EAAKhC,EAAKyJ,KAC1B,MAAMX,QAAkB,EAAW9G,EAAKhC,EAAK,QAC7C,EAAegC,EAAK8G,GACpB,MAAMY,QAAkB,EAAO7E,OAAO8E,KAAK,EAAgB3H,EAAK8G,EAAUtC,WAAYsC,EAAWW,GACjG,OAAO,IAAI9G,WAAW+G,ICa1B,EArBmB,IAAIE,KACnB,MAAMC,EAAUD,EAAQrI,OAAOC,SAC/B,GAAuB,IAAnBqI,EAAQpI,QAAmC,IAAnBoI,EAAQpI,OAChC,OAAO,EAEX,IAAIgB,EACJ,IAAK,MAAMqH,KAAUD,EAAS,CAC1B,MAAME,EAAa7J,OAAO8J,KAAKF,GAC/B,GAAKrH,GAAoB,IAAbA,EAAIF,KAIhB,IAAK,MAAM0H,KAAaF,EAAY,CAChC,GAAItH,EAAIyH,IAAID,GACR,OAAO,EAEXxH,EAAI0H,IAAIF,EACZ,MARIxH,EAAM,IAAI2H,IAAIL,EAStB,CACA,OAAO,GChBLM,EAAOrK,GAAQA,IAAMmE,OAAOC,aAC5BkG,GAAe,CAACtI,EAAKhC,EAAKwJ,KAC5B,QAAgBnK,IAAZW,EAAI2E,KAAiC,QAAZ3E,EAAI2E,IAC7B,MAAM,IAAIT,UAAU,oEAExB,QAAoB7E,IAAhBW,EAAI0E,UAA2D,IAAlC1E,EAAI0E,QAAQ6C,WAAWiC,GACpD,MAAM,IAAItF,UAAU,yEAAyEsF,KAEjG,QAAgBnK,IAAZW,EAAIgC,KAAqBhC,EAAIgC,MAAQA,EACrC,MAAM,IAAIkC,UAAU,gEAAgElC,KAExF,OAAO,GAELuI,GAAqB,CAACvI,EAAKhC,EAAKwJ,EAAOgB,KACzC,KAAIxK,aAAe2C,YAAnB,CAEA,GAAI6H,GAAY,EAAUxK,GAAM,CAC5B,GNVD,SAAqBA,GACxB,OAAO+H,EAAM/H,IAAoB,QAAZA,EAAIsE,KAAkC,iBAAVtE,EAAIuE,CACzD,CMQY,CAAgBvE,IAAQsK,GAAatI,EAAKhC,EAAKwJ,GAC/C,OACJ,MAAM,IAAItF,UAAU,0HACxB,CACA,IAAK,EAAUlE,GACX,MAAM,IAAIkE,UAAU,EAAgBlC,EAAKhC,KAAQsB,EAAO,aAAckJ,EAAW,eAAiB,OAEtG,GAAiB,WAAbxK,EAAIyK,KACJ,MAAM,IAAIvG,UAAU,GAAGmG,EAAIrK,iEAVrB,GA6Cd,SAAS0K,GAAaF,EAAUxI,EAAKhC,EAAKwJ,GACpBxH,EAAI6E,WAAW,OACrB,QAAR7E,GACAA,EAAI6E,WAAW,UACf,qBAAqB8D,KAAK3I,GAE1BuI,GAAmBvI,EAAKhC,EAAKwJ,EAAOgB,GAtChB,EAACxI,EAAKhC,EAAKwJ,EAAOgB,KAC1C,GAAIA,GAAY,EAAUxK,GACtB,OAAQwJ,GACJ,IAAK,OACD,GN/BT,SAAsBxJ,GACzB,MAAmB,QAAZA,EAAIsE,KAAkC,iBAAVtE,EAAIH,CAC3C,CM6BoB,CAAiBG,IAAQsK,GAAatI,EAAKhC,EAAKwJ,GAChD,OACJ,MAAM,IAAItF,UAAU,oDACxB,IAAK,SACD,GNhCT,SAAqBlE,GACxB,MAAmB,QAAZA,EAAIsE,UAAkC,IAAVtE,EAAIH,CAC3C,CM8BoB,CAAgBG,IAAQsK,GAAatI,EAAKhC,EAAKwJ,GAC/C,OACJ,MAAM,IAAItF,UAAU,mDAGhC,IAAK,EAAUlE,GACX,MAAM,IAAIkE,UAAU,EAAgBlC,EAAKhC,KAAQsB,EAAOkJ,EAAW,eAAiB,OAExF,GAAiB,WAAbxK,EAAIyK,KACJ,MAAM,IAAIvG,UAAU,GAAGmG,EAAIrK,uEAE/B,GAAc,SAAVwJ,GAAiC,WAAbxJ,EAAIyK,KACxB,MAAM,IAAIvG,UAAU,GAAGmG,EAAIrK,2EAE/B,GAAc,YAAVwJ,GAAoC,WAAbxJ,EAAIyK,KAC3B,MAAM,IAAIvG,UAAU,GAAGmG,EAAIrK,8EAE/B,GAAIA,EAAIwG,WAAuB,WAAVgD,GAAmC,YAAbxJ,EAAIyK,KAC3C,MAAM,IAAIvG,UAAU,GAAGmG,EAAIrK,4EAE/B,GAAIA,EAAIwG,WAAuB,YAAVgD,GAAoC,YAAbxJ,EAAIyK,KAC5C,MAAM,IAAIvG,UAAU,GAAGmG,EAAIrK,8EAY3B4K,CAAoB5I,EAAKhC,EAAKwJ,EAAOgB,EAE7C,CACeE,GAAaG,UAAKxL,GAAW,GAA5C,MACayL,GAAsBJ,GAAaG,UAAKxL,GAAW,GC3ChE,SAhCA,SAAsB0L,EAAKC,EAAmBC,EAAkBC,EAAiBC,GAC7E,QAAwB9L,IAApB8L,EAAWC,WAAgD/L,IAA1B6L,GAAiBE,KAClD,MAAM,IAAIL,EAAI,kEAElB,IAAKG,QAA4C7L,IAAzB6L,EAAgBE,KACpC,OAAO,IAAIhB,IAEf,IAAKiB,MAAMC,QAAQJ,EAAgBE,OACC,IAAhCF,EAAgBE,KAAK3J,QACrByJ,EAAgBE,KAAK/D,KAAMrE,GAA2B,iBAAVA,GAAuC,IAAjBA,EAAMvB,QACxE,MAAM,IAAIsJ,EAAI,yFAElB,IAAIQ,EAEAA,OADqBlM,IAArB4L,EACa,IAAIO,IAAI,IAAItL,OAAOuL,QAAQR,MAAsBD,EAAkBS,YAGnET,EAEjB,IAAK,MAAMf,KAAaiB,EAAgBE,KAAM,CAC1C,IAAKG,EAAWrB,IAAID,GAChB,MAAM,IAAI,EAAiB,+BAA+BA,wBAE9D,QAA8B5K,IAA1B8L,EAAWlB,GACX,MAAM,IAAIc,EAAI,+BAA+Bd,iBAEjD,GAAIsB,EAAWlL,IAAI4J,SAA6C5K,IAA/B6L,EAAgBjB,GAC7C,MAAM,IAAIc,EAAI,+BAA+Bd,iCAErD,CACA,OAAO,IAAIG,IAAIc,EAAgBE,KACnC,ECzBO,MAAMM,GACT,WAAA5J,CAAYyD,GACR,KAAMA,aAAmB5C,YACrB,MAAM,IAAIuB,UAAU,6CAExB1D,KAAKmL,SAAWpG,CACpB,CACA,kBAAAqG,CAAmBV,GACf,GAAI1K,KAAKqL,iBACL,MAAM,IAAI3H,UAAU,8CAGxB,OADA1D,KAAKqL,iBAAmBX,EACjB1K,IACX,CACA,oBAAAsL,CAAqBC,GACjB,GAAIvL,KAAKwL,mBACL,MAAM,IAAI9H,UAAU,gDAGxB,OADA1D,KAAKwL,mBAAqBD,EACnBvL,IACX,CACA,UAAMmJ,CAAK3J,EAAKkF,GACZ,IAAK1E,KAAKqL,mBAAqBrL,KAAKwL,mBAChC,MAAM,IAAIlG,EAAW,mFAEzB,IAAK,EAAWtF,KAAKqL,iBAAkBrL,KAAKwL,oBACxC,MAAM,IAAIlG,EAAW,6EAEzB,MAAMqF,EAAa,IACZ3K,KAAKqL,oBACLrL,KAAKwL,oBAGZ,IAAIC,GAAM,EACV,GAFmB,GAAanG,EAAY,IAAI0F,IAAI,CAAC,CAAC,OAAO,KAAStG,GAASkG,KAAM5K,KAAKqL,iBAAkBV,GAE7FjB,IAAI,SACf+B,EAAMzL,KAAKqL,iBAAiBI,IACT,kBAARA,GACP,MAAM,IAAInG,EAAW,2EAG7B,MAAM,IAAE9D,GAAQmJ,EAChB,GAAmB,iBAARnJ,IAAqBA,EAC5B,MAAM,IAAI8D,EAAW,6DAEzBgF,GAAoB9I,EAAKhC,EAAK,QAC9B,IAIIkL,EAJA3F,EAAU/E,KAAKmL,SACfM,IACA1G,EAAUtD,EAAQc,OAAO,EAAUwC,KAInC2F,EADA1K,KAAKqL,iBACa5J,EAAQc,OAAO,EAAUmJ,KAAKC,UAAU3L,KAAKqL,oBAG7C5J,EAAQc,OAAO,IAErC,MAAM0G,EAAOpH,EAAO6I,EAAiBjJ,EAAQc,OAAO,KAAMwC,GACpDmE,QAAkB,EAAK1H,EAAKhC,EAAKyJ,GACjC2C,EAAM,CACR1C,UAAW,EAAUA,GACrBnE,QAAS,IAWb,OATI0G,IACAG,EAAI7G,QAAUpD,EAAQwB,OAAO4B,IAE7B/E,KAAKwL,qBACLI,EAAItC,OAAStJ,KAAKwL,oBAElBxL,KAAKqL,mBACLO,EAAIC,UAAYlK,EAAQwB,OAAOuH,IAE5BkB,CACX,EC9EG,MAAME,GACT,WAAAxK,CAAYyD,GACR/E,KAAK+L,WAAa,IAAIb,GAAcnG,EACxC,CACA,kBAAAqG,CAAmBV,GAEf,OADA1K,KAAK+L,WAAWX,mBAAmBV,GAC5B1K,IACX,CACA,UAAMmJ,CAAK3J,EAAKkF,GACZ,MAAMkH,QAAY5L,KAAK+L,WAAW5C,KAAK3J,EAAKkF,GAC5C,QAAoB7F,IAAhB+M,EAAI7G,QACJ,MAAM,IAAIrB,UAAU,6DAExB,MAAO,GAAGkI,EAAIC,aAAaD,EAAI7G,WAAW6G,EAAI1C,WAClD,ECfJ,SAAgB8C,GAASC,KAAKC,MAAMF,EAAKG,UAAY,KCE/CC,GAAMC,MAGNC,GAAQ,oIACd,GAAgBC,IACZ,MAAMC,EAAUF,GAAMG,KAAKF,GAC3B,IAAKC,GAAYA,EAAQ,IAAMA,EAAQ,GACnC,MAAM,IAAI9I,UAAU,8BAExB,MAAMyD,EAAQuF,WAAWF,EAAQ,IAEjC,IAAIG,EACJ,OAFaH,EAAQ,GAAGI,eAGpB,IAAK,MACL,IAAK,OACL,IAAK,SACL,IAAK,UACL,IAAK,IACDD,EAAcV,KAAKY,MAAM1F,GACzB,MACJ,IAAK,SACL,IAAK,UACL,IAAK,MACL,IAAK,OACL,IAAK,IACDwF,EAAcV,KAAKY,MA3BhB,GA2BsB1F,GACzB,MACJ,IAAK,OACL,IAAK,QACL,IAAK,KACL,IAAK,MACL,IAAK,IACDwF,EAAcV,KAAKY,MAjClBC,KAiCwB3F,GACzB,MACJ,IAAK,MACL,IAAK,OACL,IAAK,IACDwF,EAAcV,KAAKY,MAAM1F,EAAQiF,IACjC,MACJ,IAAK,OACL,IAAK,QACL,IAAK,IACDO,EAAcV,KAAKY,MAzClBT,OAyCwBjF,GACzB,MACJ,QACIwF,EAAcV,KAAKY,MA3ClBT,SA2CwBjF,GAGjC,MAAmB,MAAfqF,EAAQ,IAA6B,QAAfA,EAAQ,IACtBG,EAELA,CACV,ECnDD,SAASI,GAAcC,EAAOxK,GAC1B,IAAKyK,OAAOC,SAAS1K,GACjB,MAAM,IAAIkB,UAAU,WAAWsJ,WAEnC,OAAOxK,CACX,CACO,MAAM2K,GACT,WAAA7L,CAAYyD,EAAU,CAAC,GACnB,IAAKmC,EAASnC,GACV,MAAM,IAAIrB,UAAU,oCAExB1D,KAAKmL,SAAWpG,CACpB,CACA,SAAAqI,CAAUC,GAEN,OADArN,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAUmC,IAAKD,GAClCrN,IACX,CACA,UAAAuN,CAAWC,GAEP,OADAxN,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAUsC,IAAKD,GAClCxN,IACX,CACA,WAAA0N,CAAYC,GAER,OADA3N,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAUyC,IAAKD,GAClC3N,IACX,CACA,MAAA6N,CAAOC,GAEH,OADA9N,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAU4C,IAAKD,GAClC9N,IACX,CACA,YAAAgO,CAAaxL,GAUT,MATqB,iBAAVA,EACPxC,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAU8C,IAAKlB,GAAc,eAAgBvK,IAElEA,aAAiB0L,KACtBlO,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAU8C,IAAKlB,GAAc,eAAgBoB,GAAM3L,KAG7ExC,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAU8C,IAAKE,GAAM,IAAID,MAAUE,GAAK5L,IAE/DxC,IACX,CACA,iBAAAqO,CAAkB7L,GAUd,MATqB,iBAAVA,EACPxC,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAUmD,IAAKvB,GAAc,oBAAqBvK,IAEvEA,aAAiB0L,KACtBlO,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAUmD,IAAKvB,GAAc,oBAAqBoB,GAAM3L,KAGlFxC,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAUmD,IAAKH,GAAM,IAAID,MAAUE,GAAK5L,IAE/DxC,IACX,CACA,WAAAuO,CAAY/L,GAgBR,YAfqB,IAAVA,EACPxC,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAUqD,IAAKL,GAAM,IAAID,OAE9C1L,aAAiB0L,KACtBlO,KAAKmL,SAAW,IAAKnL,KAAKmL,SAAUqD,IAAKzB,GAAc,cAAeoB,GAAM3L,KAG5ExC,KAAKmL,SADiB,iBAAV3I,EACI,IACTxC,KAAKmL,SACRqD,IAAKzB,GAAc,cAAeoB,GAAM,IAAID,MAAUE,GAAK5L,KAI/C,IAAKxC,KAAKmL,SAAUqD,IAAKzB,GAAc,cAAevK,IAEnExC,IACX,ECrEG,MAAMyO,WAAgBtB,GACzB,kBAAA/B,CAAmBV,GAEf,OADA1K,KAAKqL,iBAAmBX,EACjB1K,IACX,CACA,UAAMmJ,CAAK3J,EAAKkF,GACZ,MAAMgK,EAAM,IAAI5C,GAAYrK,EAAQc,OAAOmJ,KAAKC,UAAU3L,KAAKmL,YAE/D,GADAuD,EAAItD,mBAAmBpL,KAAKqL,kBACxBR,MAAMC,QAAQ9K,KAAKqL,kBAAkBT,OACrC5K,KAAKqL,iBAAiBT,KAAK7D,SAAS,SACN,IAA9B/G,KAAKqL,iBAAiBI,IACtB,MAAM,IAAIlG,EAAW,uCAEzB,OAAOmJ,EAAIvF,KAAK3J,EAAKkF,EACzB,ECjBJ,MAgCA,GAhCkBb,MAAO8K,EAAKC,EAASlK,KACnC,IAAImK,EACAC,EACAC,GAAW,EACgB,mBAApBC,kBACPH,EAAa,IAAIG,gBACjBF,EAAKG,WAAW,KACZF,GAAW,EACXF,EAAWK,SACZN,IAEP,MAAMO,QAAiBC,MAAMT,EAAIU,KAAM,CACnCC,OAAQT,EAAaA,EAAWS,YAASzQ,EACzC0Q,SAAU,SACVnG,QAAS1E,EAAQ0E,UAClBoG,MAAOC,IACN,GAAIV,EACA,MAAM,IAAIlJ,EACd,MAAM4J,IAIV,QAFW5Q,IAAPiQ,GACAY,aAAaZ,GACO,MAApBK,EAASQ,OACT,MAAM,IAAInL,EAAU,2DAExB,IACI,aAAa2K,EAASS,MAC1B,CACA,MACI,MAAM,IAAIpL,EAAU,6DACxB,GCRGX,eAAegM,GAAUzL,EAAK5C,GACjC,IAAK0F,EAAS9C,GACV,MAAM,IAAIV,UAAU,yBAGxB,OADAlC,IAAQA,EAAM4C,EAAI5C,KACV4C,EAAIN,KACR,IAAK,MACD,GAAqB,iBAAVM,EAAIL,IAAmBK,EAAIL,EAClC,MAAM,IAAIL,UAAU,2CAExB,OAAOP,EAAgBiB,EAAIL,GAC/B,IAAK,MACD,GAAI,QAASK,QAAmBvF,IAAZuF,EAAI0L,IACpB,MAAM,IAAI,EAAiB,sEAEnC,IAAK,KACL,IAAK,MACD,OAAO,EAAY,IAAK1L,EAAK5C,QACjC,QACI,MAAM,IAAI,EAAiB,gDAEvC,CCtBA,SAASuO,GAAUvQ,GACf,OAAO0H,EAAS1H,EACpB,CACA,SAASwQ,GAAM5P,GACX,MAA+B,mBAApB6P,gBACAA,gBAAgB7P,GAEpBsL,KAAKwE,MAAMxE,KAAKC,UAAUvL,GACrC,CACA,MAAM+P,GACF,WAAA7O,CAAY8O,GAER,GADApQ,KAAKqQ,QAAU,IAAIvH,SAjB3B,SAAoBsH,GAChB,OAAQA,GACY,iBAATA,GACPvF,MAAMC,QAAQsF,EAAK5G,OACnB4G,EAAK5G,KAAK8G,MAAMP,GACxB,CAaaQ,CAAWH,GACZ,MAAM,IAAI3K,EAAY,8BAE1BzF,KAAKwQ,MAAQR,GAAMI,EACvB,CACA,YAAMK,CAAO/F,EAAiBgG,GAC1B,MAAM,IAAElP,EAAG,IAAEmP,GAAQ,IAAKjG,KAAoBgG,GAAOpH,QAC/CxF,EAtCd,SAAuBtC,GACnB,OAAuB,iBAARA,GAAoBA,EAAI0E,MAAM,EAAG,IAC5C,IAAK,KACL,IAAK,KACD,MAAO,MACX,IAAK,KACD,MAAO,KACX,IAAK,KACD,MAAO,MACX,QACI,MAAM,IAAI,EAAiB,kDAEvC,CA0BoB0K,CAAcpP,GACpBqP,EAAa7Q,KAAKwQ,MAAMhH,KAAKzI,OAAQqD,IACvC,IAAI0M,EAAYhN,IAAQM,EAAIN,IAa5B,GAZIgN,GAA4B,iBAARH,IACpBG,EAAYH,IAAQvM,EAAIuM,KAExBG,GAAgC,iBAAZ1M,EAAI5C,MACxBsP,EAAYtP,IAAQ4C,EAAI5C,KAExBsP,GAAgC,iBAAZ1M,EAAID,MACxB2M,EAAwB,QAAZ1M,EAAID,KAEhB2M,GAAajG,MAAMC,QAAQ1G,EAAIF,WAC/B4M,EAAY1M,EAAIF,QAAQ6C,SAAS,WAEjC+J,EACA,OAAQtP,GACJ,IAAK,QACDsP,EAAwB,UAAZ1M,EAAIqD,IAChB,MACJ,IAAK,SACDqJ,EAAwB,cAAZ1M,EAAIqD,IAChB,MACJ,IAAK,QACDqJ,EAAwB,UAAZ1M,EAAIqD,IAChB,MACJ,IAAK,QACDqJ,EAAwB,UAAZ1M,EAAIqD,IAChB,MACJ,IAAK,UACDqJ,EAAwB,YAAZ1M,EAAIqD,IAChB,MACJ,IAAK,QACDqJ,EAAwB,YAAZ1M,EAAIqD,KAAiC,UAAZrD,EAAIqD,IAIrD,OAAOqJ,KAEH,EAAG1M,EAAG,OAAEnD,GAAW4P,EAC3B,GAAe,IAAX5P,EACA,MAAM,IAAIyE,EAEd,GAAe,IAAXzE,EAAc,CACd,MAAM8P,EAAQ,IAAIpL,GACZ,QAAE0K,GAAYrQ,KASpB,MARA+Q,EAAMpN,OAAOiC,eAAiB/B,kBAC1B,IAAK,MAAMO,KAAOyM,EACd,gBACgBG,GAAmBX,EAASjM,EAAK5C,EACjD,CACA,MAAQ,CAEhB,EACMuP,CACV,CACA,OAAOC,GAAmBhR,KAAKqQ,QAASjM,EAAK5C,EACjD,EAEJqC,eAAemN,GAAmB7I,EAAO/D,EAAK5C,GAC1C,MAAM6G,EAASF,EAAMtI,IAAIuE,IAAQ+D,EAAM7F,IAAI8B,EAAK,CAAC,GAAGvE,IAAIuE,GACxD,QAAoBvF,IAAhBwJ,EAAO7G,GAAoB,CAC3B,MAAMhC,QAAYqQ,GAAU,IAAKzL,EAAKH,KAAK,GAAQzC,GACnD,GAAIhC,aAAe2C,YAA2B,WAAb3C,EAAIyK,KACjC,MAAM,IAAIxE,EAAY,gDAE1B4C,EAAO7G,GAAOhC,CAClB,CACA,OAAO6I,EAAO7G,EAClB,CACO,SAASyP,GAAkBb,GAC9B,MAAM9N,EAAM,IAAI6N,GAAYC,GACtBc,EAAcrN,MAAO6G,EAAiBgG,IAAUpO,EAAImO,OAAO/F,EAAiBgG,GASlF,OARAhR,OAAOyR,iBAAiBD,EAAa,CACjCd,KAAM,CACFjJ,MAAO,IAAM6I,GAAM1N,EAAIkO,OACvB5Q,YAAY,EACZwR,cAAc,EACdC,UAAU,KAGXH,CACX,CClHA,IAAII,GACJ,GAAyB,oBAAdC,YAA8BA,UAAUC,WAAWnL,aAAa,gBAAiB,CAGxFiL,GAAa,GAFA,UACG,WAEpB,CACO,MAAMG,GAAY9N,SAgBzB,MAAM+N,GACF,WAAApQ,CAAYqN,EAAKjK,GACb,KAAMiK,aAAegD,KACjB,MAAM,IAAIjO,UAAU,kCAlBhC,IAA0BlB,EAAOoP,EAoBzB5R,KAAK6R,KAAO,IAAIF,IAAIhD,EAAIU,MACxBrP,KAAK8R,SAAW,CAAEC,MAAOrN,GAASqN,MAAO3I,QAAS1E,GAAS0E,SAC3DpJ,KAAKgS,iBACmC,iBAA7BtN,GAASuN,gBAA+BvN,GAASuN,gBAAkB,IAC9EjS,KAAKkS,kBACoC,iBAA9BxN,GAASyN,iBAAgCzN,GAASyN,iBAAmB,IAChFnS,KAAKoS,aAA+C,iBAAzB1N,GAASkN,YAA2BlN,GAASkN,YAAc,SACzD/S,IAAzB6F,IAAU+M,MACVzR,KAAKqS,OAAS3N,IAAU+M,IA5BVjP,EA6BOkC,IAAU+M,IA7BVG,EA6BsB5R,KAAKoS,aA5BnC,iBAAV5P,GAAgC,OAAVA,GAG3B,QAASA,GAA+B,iBAAdA,EAAM8P,OAAoBpE,KAAKqE,MAAQ/P,EAAM8P,KAAOV,IAG9E,SAAUpP,GACX0E,EAAS1E,EAAM4N,OACfvF,MAAMC,QAAQtI,EAAM4N,KAAK5G,OACzBqB,MAAMvK,UAAUgQ,MAAM9P,KAAKgC,EAAM4N,KAAK5G,KAAMtC,KAoBrClH,KAAKwS,eAAiBxS,KAAKqS,OAAOC,IAClCtS,KAAKyS,OAASxB,GAAkBjR,KAAKqS,OAAOjC,OAGxD,CACA,WAAAsC,GACI,MAAsC,iBAAxB1S,KAAKwS,gBACbtE,KAAKqE,MAAQvS,KAAKwS,eAAiBxS,KAAKkS,iBAElD,CACA,KAAAS,GACI,MAAsC,iBAAxB3S,KAAKwS,gBACbtE,KAAKqE,MAAQvS,KAAKwS,eAAiBxS,KAAKoS,YAElD,CACA,YAAM3B,CAAO/F,EAAiBgG,GACrB1Q,KAAKyS,QAAWzS,KAAK2S,eAChB3S,KAAK4S,SAEf,IACI,aAAa5S,KAAKyS,OAAO/H,EAAiBgG,EAC9C,CACA,MAAOjB,GACH,GAAIA,aAAe/J,IACY,IAAvB1F,KAAK0S,cAEL,aADM1S,KAAK4S,SACJ5S,KAAKyS,OAAO/H,EAAiBgG,GAG5C,MAAMjB,CACV,CACJ,CACA,YAAMmD,GACE5S,KAAK6S,gBA1EoB,oBAAlBC,eACW,oBAAdvB,WAAqD,uBAAxBA,UAAUC,WACvB,oBAAhBuB,aAA+C,WAAhBA,eAyEnC/S,KAAK6S,mBAAgBhU,GAEzB,MAAMuK,EAAU,IAAI4J,QAAQhT,KAAK8R,SAAS1I,SACtCkI,KAAelI,EAAQM,IAAI,gBAC3BN,EAAQ9G,IAAI,aAAcgP,IAC1BtR,KAAK8R,SAAS1I,QAAU1J,OAAOuT,YAAY7J,EAAQ6B,YAEvDjL,KAAK6S,gBAAkB7S,KAAK6S,cAAgB,GAAU7S,KAAK6R,KAAM7R,KAAKgS,iBAAkBhS,KAAK8R,UACxFoB,KAAMtD,IACP5P,KAAKyS,OAASxB,GAAkBrB,GAC5B5P,KAAKqS,SACLrS,KAAKqS,OAAOC,IAAMpE,KAAKqE,MACvBvS,KAAKqS,OAAOjC,KAAOR,GAEvB5P,KAAKwS,eAAiBtE,KAAKqE,MAC3BvS,KAAK6S,mBAAgBhU,IAEpB2Q,MAAOC,IAER,MADAzP,KAAK6S,mBAAgBhU,EACf4Q,WAEJzP,KAAK6S,aACf,EAoCG,MC3HP,GAXehP,MAAOrC,EAAKhC,EAAK0J,EAAWD,KACvC,MAAMX,QAAkB,EAAa9G,EAAKhC,EAAK,UAC/C,EAAegC,EAAK8G,GACpB,MAAMtC,EAAY,EAAgBxE,EAAK8G,EAAUtC,WACjD,IACI,aAAa,EAAO3B,OAAO8O,OAAOnN,EAAWsC,EAAWY,EAAWD,EACvE,CACA,MACI,OAAO,CACX,GCHJ,GAV2B,CAACmK,EAAQC,KAChC,QAAmBxU,IAAfwU,KACExI,MAAMC,QAAQuI,IAAeA,EAAWxM,KAAMyM,GAAmB,iBAANA,IAC7D,MAAM,IAAI5P,UAAU,IAAI0P,yCAE5B,GAAKC,EAGL,OAAO,IAAIzJ,IAAIyJ,ICLZxP,eAAe0P,GAAc3H,EAAKpM,EAAKkF,GAI1C,GAHIkH,aAAezJ,aACfyJ,EAAMjK,EAAQwB,OAAOyI,IAEN,iBAARA,EACP,MAAM,IAAItG,EAAW,8CAEzB,MAAQ,EAAGoF,EAAiB,EAAG3F,EAAS,EAAGmE,EAAS,OAAEjI,GAAW2K,EAAI4H,MAAM,KAC3E,GAAe,IAAXvS,EACA,MAAM,IAAIqE,EAAW,uBAEzB,MAAMmO,QCHH5P,eAA+B+H,EAAKpM,EAAKkF,GAC5C,IAAKwC,EAAS0E,GACV,MAAM,IAAItG,EAAW,mCAEzB,QAAsBzG,IAAlB+M,EAAIC,gBAA0ChN,IAAf+M,EAAItC,OACnC,MAAM,IAAIhE,EAAW,yEAEzB,QAAsBzG,IAAlB+M,EAAIC,WAAoD,iBAAlBD,EAAIC,UAC1C,MAAM,IAAIvG,EAAW,uCAEzB,QAAoBzG,IAAhB+M,EAAI7G,QACJ,MAAM,IAAIO,EAAW,uBAEzB,GAA6B,iBAAlBsG,EAAI1C,UACX,MAAM,IAAI5D,EAAW,2CAEzB,QAAmBzG,IAAf+M,EAAItC,SAAyBpC,EAAS0E,EAAItC,QAC1C,MAAM,IAAIhE,EAAW,yCAEzB,IAAIoO,EAAa,CAAC,EAClB,GAAI9H,EAAIC,UACJ,IACI,MAAMnB,EAAkB,EAAUkB,EAAIC,WACtC6H,EAAahI,KAAKwE,MAAMvO,EAAQwB,OAAOuH,GAC3C,CACA,MACI,MAAM,IAAIpF,EAAW,kCACzB,CAEJ,IAAK,EAAWoO,EAAY9H,EAAItC,QAC5B,MAAM,IAAIhE,EAAW,6EAEzB,MAAMqF,EAAa,IACZ+I,KACA9H,EAAItC,QAGX,IAAImC,GAAM,EACV,GAFmB,GAAanG,EAAY,IAAI0F,IAAI,CAAC,CAAC,OAAO,KAAStG,GAASkG,KAAM8I,EAAY/I,GAElFjB,IAAI,SACf+B,EAAMiI,EAAWjI,IACE,kBAARA,GACP,MAAM,IAAInG,EAAW,2EAG7B,MAAM,IAAE9D,GAAQmJ,EAChB,GAAmB,iBAARnJ,IAAqBA,EAC5B,MAAM,IAAI8D,EAAW,6DAEzB,MAAM+N,EAAa3O,GAAW,GAAmB,aAAcA,EAAQ2O,YACvE,GAAIA,IAAeA,EAAW3J,IAAIlI,GAC9B,MAAM,IAAI4D,EAAkB,wDAEhC,GAAIqG,GACA,GAA2B,iBAAhBG,EAAI7G,QACX,MAAM,IAAIO,EAAW,qCAGxB,GAA2B,iBAAhBsG,EAAI7G,WAA0B6G,EAAI7G,mBAAmB5C,YACjE,MAAM,IAAImD,EAAW,0DAEzB,IAAIqO,GAAc,EACC,mBAARnU,GACPA,QAAYA,EAAIkU,EAAY9H,GAC5B+H,GAAc,EACdrJ,GAAoB9I,EAAKhC,EAAK,UAC1B+H,EAAM/H,KACNA,QAAYqQ,GAAUrQ,EAAKgC,KAI/B8I,GAAoB9I,EAAKhC,EAAK,UAElC,MAAMyJ,EAAOpH,EAAOJ,EAAQc,OAAOqJ,EAAIC,WAAa,IAAKpK,EAAQc,OAAO,KAA6B,iBAAhBqJ,EAAI7G,QAAuBtD,EAAQc,OAAOqJ,EAAI7G,SAAW6G,EAAI7G,SAClJ,IAAImE,EAWAnE,EAVJ,IACImE,EAAY,EAAU0C,EAAI1C,UAC9B,CACA,MACI,MAAM,IAAI5D,EAAW,2CACzB,CAEA,UADuB,GAAO9D,EAAKhC,EAAK0J,EAAWD,GAE/C,MAAM,IAAInD,EAGd,GAAI2F,EACA,IACI1G,EAAU,EAAU6G,EAAI7G,QAC5B,CACA,MACI,MAAM,IAAIO,EAAW,yCACzB,MAGAP,EAD4B,iBAAhB6G,EAAI7G,QACNtD,EAAQc,OAAOqJ,EAAI7G,SAGnB6G,EAAI7G,QAElB,MAAM6O,EAAS,CAAE7O,WAOjB,YANsBlG,IAAlB+M,EAAIC,YACJ+H,EAAOlJ,gBAAkBgJ,QAEV7U,IAAf+M,EAAItC,SACJsK,EAAOrI,kBAAoBK,EAAItC,QAE/BqK,EACO,IAAKC,EAAQpU,OAEjBoU,CACX,CD3G2BC,CAAgB,CAAE9O,UAAS8G,UAAWnB,EAAiBxB,aAAa1J,EAAKkF,GAC1FkP,EAAS,CAAE7O,QAAS0O,EAAS1O,QAAS2F,gBAAiB+I,EAAS/I,iBACtE,MAAmB,mBAARlL,EACA,IAAKoU,EAAQpU,IAAKiU,EAASjU,KAE/BoU,CACX,CEfA,MAAME,GAAgB3M,GAAUA,EAAMyF,cAAc1J,QAAQ,iBAAkB,IAU9E,IAAgBwH,EAAiBqJ,EAAgBrP,EAAU,CAAC,KACxD,IAAIK,EACJ,IACIA,EAAU2G,KAAKwE,MAAMvO,EAAQwB,OAAO4Q,GACxC,CACA,MACA,CACA,IAAK7M,EAASnC,GACV,MAAM,IAAIQ,EAAW,kDAEzB,MAAM,IAAEyO,GAAQtP,EAChB,GAAIsP,IACgC,iBAAxBtJ,EAAgBsJ,KACpBF,GAAapJ,EAAgBsJ,OAASF,GAAaE,IACvD,MAAM,IAAIlP,EAAyB,oCAAqCC,EAAS,MAAO,gBAE5F,MAAM,eAAEkP,EAAiB,GAAE,OAAE5G,EAAM,QAAEG,EAAO,SAAEG,EAAQ,YAAEuG,GAAgBxP,EAClEyP,EAAgB,IAAIF,QACNpV,IAAhBqV,GACAC,EAAcxR,KAAK,YACN9D,IAAb8O,GACAwG,EAAcxR,KAAK,YACP9D,IAAZ2O,GACA2G,EAAcxR,KAAK,YACR9D,IAAXwO,GACA8G,EAAcxR,KAAK,OACvB,IAAK,MAAMqC,KAAS,IAAI4E,IAAIuK,EAAcC,WACtC,KAAMpP,KAASD,GACX,MAAM,IAAID,EAAyB,qBAAqBE,WAAgBD,EAASC,EAAO,WAGhG,GAAIqI,KACExC,MAAMC,QAAQuC,GAAUA,EAAS,CAACA,IAAStG,SAAShC,EAAQuI,KAC9D,MAAM,IAAIxI,EAAyB,+BAAgCC,EAAS,MAAO,gBAEvF,GAAIyI,GAAWzI,EAAQ0I,MAAQD,EAC3B,MAAM,IAAI1I,EAAyB,+BAAgCC,EAAS,MAAO,gBAEvF,GAAI4I,IA/CuB0G,EAgDAtP,EAAQ6I,IAhDI0G,EAgDqB,iBAAb3G,EAAwB,CAACA,GAAYA,IA/C1D,iBAAf0G,EACAC,EAAUvN,SAASsN,GAE1BxJ,MAAMC,QAAQuJ,IACPC,EAAUzN,KAAK+C,IAAItJ,UAAUoJ,IAAIW,KAAK,IAAIT,IAAIyK,OA4CrD,MAAM,IAAIvP,EAAyB,+BAAgCC,EAAS,MAAO,gBAjD7D,IAACsP,EAAYC,EAmDvC,IAAIC,EACJ,cAAe7P,EAAQ8P,gBACnB,IAAK,SACDD,EAAYnG,GAAK1J,EAAQ8P,gBACzB,MACJ,IAAK,SACDD,EAAY7P,EAAQ8P,eACpB,MACJ,IAAK,YACDD,EAAY,EACZ,MACJ,QACI,MAAM,IAAI7Q,UAAU,sCAE5B,MAAM,YAAE+Q,GAAgB/P,EAClB6N,EAAMpE,GAAMsG,GAAe,IAAIvG,MACrC,SAAqBrP,IAAhBkG,EAAQyJ,KAAqB0F,IAAuC,iBAAhBnP,EAAQyJ,IAC7D,MAAM,IAAI1J,EAAyB,+BAAgCC,EAAS,MAAO,WAEvF,QAAoBlG,IAAhBkG,EAAQkJ,IAAmB,CAC3B,GAA2B,iBAAhBlJ,EAAQkJ,IACf,MAAM,IAAInJ,EAAyB,+BAAgCC,EAAS,MAAO,WAEvF,GAAIA,EAAQkJ,IAAMsE,EAAMgC,EACpB,MAAM,IAAIzP,EAAyB,qCAAsCC,EAAS,MAAO,eAEjG,CACA,QAAoBlG,IAAhBkG,EAAQuJ,IAAmB,CAC3B,GAA2B,iBAAhBvJ,EAAQuJ,IACf,MAAM,IAAIxJ,EAAyB,+BAAgCC,EAAS,MAAO,WAEvF,GAAIA,EAAQuJ,KAAOiE,EAAMgC,EACrB,MAAM,IAAIpP,EAAW,qCAAsCJ,EAAS,MAAO,eAEnF,CACA,GAAImP,EAAa,CACb,MAAMQ,EAAMnC,EAAMxN,EAAQyJ,IAE1B,GAAIkG,EAAMH,GADyB,iBAAhBL,EAA2BA,EAAc9F,GAAK8F,IAE7D,MAAM,IAAI/O,EAAW,2DAA4DJ,EAAS,MAAO,gBAErG,GAAI2P,EAAM,EAAIH,EACV,MAAM,IAAIzP,EAAyB,gEAAiEC,EAAS,MAAO,eAE5H,CACA,OAAOA,CACV,ECtGD,MAIA,GAJelB,MAAOmC,EAAWiD,KAC7B,MAAM0L,EAAe,OAAO3O,EAAUE,OAAO,KAC7C,OAAO,IAAI/D,iBAAiB,EAAOkC,OAAOuQ,OAAOD,EAAc1L,KCE7D4L,GAAQ,CAAC1N,EAAO2N,KAClB,GAAqB,iBAAV3N,IAAuBA,EAC9B,MAAM,IAAI3B,EAAW,GAAGsP,yBAGzBjR,eAAekR,GAAuB3Q,EAAK4Q,GAC9C,IAAK9N,EAAS9C,GACV,MAAM,IAAIV,UAAU,yBAGxB,GADAsR,IAAoBA,EAAkB,UACd,WAApBA,GACoB,WAApBA,GACoB,WAApBA,EACA,MAAM,IAAItR,UAAU,+DAExB,IAAIuR,EACJ,OAAQ7Q,EAAIN,KACR,IAAK,KACD+Q,GAAMzQ,EAAIqD,IAAK,2BACfoN,GAAMzQ,EAAI8Q,EAAG,gCACbL,GAAMzQ,EAAI+Q,EAAG,gCACbF,EAAa,CAAExN,IAAKrD,EAAIqD,IAAK3D,IAAKM,EAAIN,IAAKoR,EAAG9Q,EAAI8Q,EAAGC,EAAG/Q,EAAI+Q,GAC5D,MACJ,IAAK,MACDN,GAAMzQ,EAAIqD,IAAK,yCACfoN,GAAMzQ,EAAI8Q,EAAG,8BACbD,EAAa,CAAExN,IAAKrD,EAAIqD,IAAK3D,IAAKM,EAAIN,IAAKoR,EAAG9Q,EAAI8Q,GAClD,MACJ,IAAK,MACDL,GAAMzQ,EAAIlE,EAAG,4BACb2U,GAAMzQ,EAAIlF,EAAG,2BACb+V,EAAa,CAAE/U,EAAGkE,EAAIlE,EAAG4D,IAAKM,EAAIN,IAAK5E,EAAGkF,EAAIlF,GAC9C,MACJ,IAAK,MACD2V,GAAMzQ,EAAIL,EAAG,6BACbkR,EAAa,CAAElR,EAAGK,EAAIL,EAAGD,IAAKM,EAAIN,KAClC,MACJ,QACI,MAAM,IAAI,EAAiB,qDAEnC,MAAMmF,EAAOxH,EAAQc,OAAOmJ,KAAKC,UAAUsJ,IAC3C,OAAO,QAAgB,GAAOD,EAAiB/L,GACnD,CCLA,SAASmM,GAAuB1Q,GAC5B,MAAM4B,EAAgB5B,GAAS4B,eAAiB,KAChD,GAA6B,iBAAlBA,GAA8BA,EAAgB,KACrD,MAAM,IAAI,EAAiB,+FAE/B,OAAOA,CACX,CC/COzC,eAAe,GAAgBrC,EAAKkD,GACvC,OD+CGb,eAA+BrC,EAAKkD,GACvC,IAAIsB,EACAwB,EACJ,OAAQhG,GACJ,IAAK,QACL,IAAK,QACL,IAAK,QACDwE,EAAY,CACR3E,KAAM,UACN4E,KAAM,OAAOzE,EAAI0E,OAAO,KACxBmP,eAAgB,IAAIlT,WAAW,CAAC,EAAM,EAAM,IAC5CmE,cAAe8O,GAAuB1Q,IAE1C8C,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,QACL,IAAK,QACL,IAAK,QACDxB,EAAY,CACR3E,KAAM,oBACN4E,KAAM,OAAOzE,EAAI0E,OAAO,KACxBmP,eAAgB,IAAIlT,WAAW,CAAC,EAAM,EAAM,IAC5CmE,cAAe8O,GAAuB1Q,IAE1C8C,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,WACL,IAAK,eACL,IAAK,eACL,IAAK,eACDxB,EAAY,CACR3E,KAAM,WACN4E,KAAM,OAAOS,SAASlF,EAAI0E,OAAO,GAAI,KAAO,IAC5CmP,eAAgB,IAAIlT,WAAW,CAAC,EAAM,EAAM,IAC5CmE,cAAe8O,GAAuB1Q,IAE1C8C,EAAY,CAAC,UAAW,YAAa,UAAW,WAChD,MACJ,IAAK,QACDxB,EAAY,CAAE3E,KAAM,QAAS+E,WAAY,SACzCoB,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,QACDxB,EAAY,CAAE3E,KAAM,QAAS+E,WAAY,SACzCoB,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,QACDxB,EAAY,CAAE3E,KAAM,QAAS+E,WAAY,SACzCoB,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,UACDxB,EAAY,CAAE3E,KAAM,WACpBmG,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,QAAS,CACVA,EAAY,CAAC,OAAQ,UACrB,MAAMC,EAAM/C,GAAS+C,KAAO,UAC5B,OAAQA,GACJ,IAAK,UACL,IAAK,QACDzB,EAAY,CAAE3E,KAAMoG,GACpB,MACJ,QACI,MAAM,IAAI,EAAiB,8CAEnC,KACJ,CACA,IAAK,UACL,IAAK,iBACL,IAAK,iBACL,IAAK,iBAAkB,CACnBD,EAAY,CAAC,YAAa,cAC1B,MAAMC,EAAM/C,GAAS+C,KAAO,QAC5B,OAAQA,GACJ,IAAK,QACL,IAAK,QACL,IAAK,QACDzB,EAAY,CAAE3E,KAAM,OAAQ+E,WAAYqB,GACxC,MAEJ,IAAK,SACL,IAAK,OACDzB,EAAY,CAAE3E,KAAMoG,GACpB,MACJ,QACI,MAAM,IAAI,EAAiB,0GAEnC,KACJ,CACA,QACI,MAAM,IAAI,EAAiB,gEAEnC,OAAO,EAAOpD,OAAOiR,YAAYtP,EAAWtB,GAASV,cAAe,EAAOwD,EAC/E,CC5IW,CAAShG,EAAKkD,EACzB,CCFO,MACM,GAAS;;;;;;;;;;;;;;;;;;;;ACgCf,MAAM6Q,GACG,qBADHA,GAES,2BAFTA,GAGC,oBAOP,MAAMC,GACX,WAAAlU,CAAYmU,EAAS,aAAcC,EAAY,UAAWC,EAAY,GACpE3V,KAAKyV,OAASA,EACdzV,KAAK0V,UAAYA,EACjB1V,KAAK2V,UAAYA,EACjB3V,KAAK4V,GAAK,IACZ,CAEA,UAAMC,GACJ,OAAO,IAAIC,QAAQ,CAACC,EAASC,KAC3B,MAAMC,EAAUC,UAAUC,KAAKnW,KAAKyV,OAAQzV,KAAK2V,WACjDM,EAAQG,QAAU,IAAMJ,EAAO,IAAIvR,MAAM,mBAAmBwR,EAAQlF,UACpEkF,EAAQI,UAAY,KAClBrW,KAAK4V,GAAKK,EAAQrC,OAClBmC,EAAQ/V,OAEViW,EAAQK,gBAAmBC,IACzB,MAAMX,EAAKW,EAAMC,OAAO5C,OACnBgC,EAAGa,iBAAiBC,SAAS1W,KAAK0V,YACrCE,EAAGe,kBAAkB3W,KAAK0V,aAIlC,CAEA,aAAMkB,CAAQ9H,EAAI3H,GAEhB,OADKnH,KAAK4V,UAAU5V,KAAK6V,OAClB,IAAIC,QAAQ,CAACC,EAASC,KAC3B,MAAMa,EAAK7W,KAAK4V,GAAGkB,YAAY9W,KAAK0V,UAAW,aAC/CmB,EAAGE,WAAa,IAAMhB,IACtBc,EAAGT,QAAU,IAAMJ,EAAO,IAAIvR,MAAM,sBAAsBoS,EAAG9F,UAC7D8F,EAAGG,YAAYhX,KAAK0V,WAAWuB,IAAI9P,EAAO2H,IAE9C,CAEA,aAAMoI,CAAQpI,GAEZ,OADK9O,KAAK4V,UAAU5V,KAAK6V,OAClB,IAAIC,QAAQ,CAACC,EAASC,KAC3B,MAAMa,EAAK7W,KAAK4V,GAAGkB,YAAY9W,KAAK0V,UAAW,YAC/CmB,EAAGT,QAAU,IAAMJ,EAAO,IAAIvR,MAAM,sBAAsBoS,EAAG9F,UAC7D,MAAMkF,EAAUY,EAAGG,YAAYhX,KAAK0V,WAAW7V,IAAIiP,GACnDmH,EAAQI,UAAY,IAAMN,EAAQE,EAAQrC,QAAU,OAExD,CAEA,gBAAMuD,CAAWrI,GAEf,OADK9O,KAAK4V,UAAU5V,KAAK6V,OAClB,IAAIC,QAAQ,CAACC,EAASC,KAC3B,MAAMa,EAAK7W,KAAK4V,GAAGkB,YAAY9W,KAAK0V,UAAW,aAC/CmB,EAAGE,WAAa,IAAMhB,IACtBc,EAAGT,QAAU,IAAMJ,EAAO,IAAIvR,MAAM,sBAAsBoS,EAAG9F,UAC7D8F,EAAGG,YAAYhX,KAAK0V,WAAW0B,OAAOtI,IAE1C,CAEA,WAAMuI,GAEJ,OADKrX,KAAK4V,UAAU5V,KAAK6V,OAClB,IAAIC,QAAQ,CAACC,EAASC,KAC3B,MAAMa,EAAK7W,KAAK4V,GAAGkB,YAAY9W,KAAK0V,UAAW,aAC/CmB,EAAGE,WAAa,IAAMhB,IACtBc,EAAGT,QAAU,IAAMJ,EAAO,IAAIvR,MAAM,sBAAsBoS,EAAG9F,UAC7D8F,EAAGG,YAAYhX,KAAK0V,WAAW2B,SAEnC,CAEA,KAAAC,GACMtX,KAAK4V,KACP5V,KAAK4V,GAAG0B,QACRtX,KAAK4V,GAAK,KAEd,EAuBF/R,eAAe0T,GAAgBC,EAASC,EAAKC,EAAKC,EAAM,MACtD,MAAMC,QAAkBrT,EAAUiT,EAAQK,WACpC9S,EAAU,CAAE0S,MAAKC,OAGvB,OAFIC,IAAK5S,EAAQ4S,IAAMA,GAEhB,IAAIlJ,GAAQ1J,GAChBwJ,cACAV,OAAOiK,OAAOC,cACd3M,mBAAmB,CAAE5J,IAAK,QAASwS,IAAK,WAAY5P,IAAKwT,IACzDzO,KAAKqO,EAAQQ,WAClB,CAgDAnU,eAAeoU,GAAcC,EAAeC,EAAQX,GAClD,MAAMY,QAAab,GAAgBC,EAASU,EAAe,QACrD/I,QAAiBC,MAAM8I,EAAe,CAC1CG,OAAQ,OACRjP,QAAS,CACP,eAAgB,oCAChB,KAAQgP,GAEVE,KAAM,IAAIC,gBAAgBJ,KAE5B,IAAKhJ,EAASqJ,GAAI,MAAM,IAAI/T,MAAM,yBAAyB0K,EAASQ,UACpE,OAAOR,EAASS,MAClB,CAMA/L,eAAe4U,GAAoBC,EAAaC,EAAStL,EAAQuL,EAAUpB,GACzE,MAAMpH,EX9GD,SAA4BzB,EAAKjK,GACpC,MAAMpC,EAAM,IAAIoP,GAAa/C,EAAKjK,GAC5BmU,EAAehV,MAAO6G,EAAiBgG,IAAUpO,EAAImO,OAAO/F,EAAiBgG,GA8BnF,OA7BAhR,OAAOyR,iBAAiB0H,EAAc,CAClCnG,YAAa,CACT7S,IAAK,IAAMyC,EAAIoQ,cACf9S,YAAY,EACZwR,cAAc,GAElBuB,MAAO,CACH9S,IAAK,IAAMyC,EAAIqQ,QACf/S,YAAY,EACZwR,cAAc,GAElBwB,OAAQ,CACJzL,MAAO,IAAM7E,EAAIsQ,SACjBhT,YAAY,EACZwR,cAAc,EACdC,UAAU,GAEdyH,UAAW,CACPjZ,IAAK,MAAQyC,EAAIuQ,cACjBjT,YAAY,EACZwR,cAAc,GAElBhB,KAAM,CACFjJ,MAAO,IAAM7E,EAAImQ,QAAQrC,OACzBxQ,YAAY,EACZwR,cAAc,EACdC,UAAU,KAGXwH,CACX,CW6EeE,CAAmB,IAAIpH,IAAIgH,KAClC,QAAE5T,SCpNHlB,eAAyBmV,EAAKxZ,EAAKkF,GACtC,MAAM+O,QAAiBF,GAAcyF,EAAKxZ,EAAKkF,GAC/C,GAAI+O,EAAS/I,gBAAgBE,MAAM7D,SAAS,SAA2C,IAAjC0M,EAAS/I,gBAAgBe,IAC3E,MAAM,IAAIlG,EAAW,uCAEzB,MACMqO,EAAS,CAAE7O,QADD,GAAW0O,EAAS/I,gBAAiB+I,EAAS1O,QAASL,GAC7CgG,gBAAiB+I,EAAS/I,iBACpD,MAAmB,mBAARlL,EACA,IAAKoU,EAAQpU,IAAKiU,EAASjU,KAE/BoU,CACX,CDyM4BqF,CAAUP,EAAatI,EAAM,CACrD/C,SACAM,SAAU,UAINuL,QAAmBnE,SAA6BxQ,EAAUiT,EAAQK,YACxE,GAAI9S,EAAQoU,KAAKC,MAAQF,EACvB,MAAM,IAAIzU,MAAM,4BAIlB,GAAIM,EAAQsU,YAAcT,EACxB,MAAM,IAAInU,MAAM,sBAGlB,OAAOM,CACT,CAuCO,MAAM,WAAgBuU,YAC3B,WAAAhY,CAAYoD,EAAU,CAAC,GACrBC,QACA3E,KAAK4Y,SAAWlU,EAAQkU,UAAY,KACpC5Y,KAAKuZ,SAAW7U,EAAQ6U,UAAY,IAAI/D,GACxCxV,KAAKwZ,cAAgB9U,EAAQ8U,eAAiB,KAC9CxZ,KAAKyZ,oBAAsB/U,EAAQ+U,qBAAuB,KAC1DzZ,KAAK0Z,aAAehV,EAAQgV,cAAgB,KAG5C1Z,KAAK2Z,WAAY,EACjB3Z,KAAK4Z,OAAS,KACd5Z,KAAK6Z,KAAO,KACZ7Z,KAAK8Z,KAAO,KACZ9Z,KAAK+Z,QAAU,KACf/Z,KAAKga,YAAc,KACnBha,KAAKia,gBAAkB,KAGnBja,KAAKwZ,eACPxZ,KAAKka,iBAAiB3E,GAA4BvV,KAAKwZ,eAErDxZ,KAAKyZ,qBACPzZ,KAAKka,iBAAiB3E,GAAkCvV,KAAKyZ,qBAE3DzZ,KAAK0Z,cACP1Z,KAAKka,iBAAiB3E,GAA0BvV,KAAK0Z,aAEzD,CAMA,YAAIS,GAAa,OAAOna,KAAK2Z,SAAU,CACvC,SAAIS,GAAU,OAAOpa,KAAK4Z,MAAO,CAEjC,SAAAS,GACE,OAAKra,KAAK6Z,MACH5N,KAAKC,MAAMgC,KAAKqE,MAAQ,MAASvS,KAAK6Z,IAC/C,CAEA,YAAAS,GACE,OAAKta,KAAK6Z,KACH7Z,KAAK6Z,KAAO5N,KAAKC,MAAMgC,KAAKqE,MAAQ,MADnB,CAE1B,CAKA,WAAMgI,CAAMC,EAAKC,GAEf,MAAMC,EAAc,IAAI/I,IAAI8I,GACtBE,EAAoBD,EAAYE,OAASF,EAAYG,SAAWH,EAAYI,OAG5EC,QApKVlX,eAA4B2W,GAC1B,MAAMI,EAAS,IAAIjJ,IAAI6I,GAAKI,OACtBzL,QAAiBC,MAAM,GAAGwL,sCAChC,IAAKzL,EAASqJ,GAAI,MAAM,IAAI/T,MAAM,0BAA0B0K,EAASQ,UACrE,OAAOR,EAASS,MAClB,CA+JyBoL,CAAaR,GAG5BnN,EAAS0N,EAAO1N,OAChB4N,EAAa3H,GAAMA,EAAE4H,SAAS,KAAO5H,EAAEpN,MAAM,GAAI,GAAKoN,EAC5D,GAAI2H,EAAUT,KAASS,EAAU5N,GAC/B,MAAM,IAAI5I,MAAM,oBAAoB4I,SAAcmN,KAIpDW,eAAevE,QAAQ,iBAAkBvJ,GACzC8N,eAAevE,QAAQ,4BAA6BmE,EAAOK,gBAC3DD,eAAevE,QAAQ,sBAAuBmE,EAAOM,UAGrD,IAAIzC,EAAW5Y,KAAK4Y,SACpB,IAAKA,EAAU,CAEbA,SA3KN/U,eAA8ByX,EAAsBC,GAClD,MAAMpM,QAAiBC,MAAMkM,EAAsB,CACjDjD,OAAQ,OACRjP,QAAS,CAAE,eAAgB,oBAC3BkP,KAAM5M,KAAKC,UAAU,CACnB6P,iBAAkB,MAClBC,cAAeF,EACfG,2BAA4B,OAC5BC,YAAa,CAAC,qBAAsB,iBACpCC,eAAgB,CAAC,QACjBC,MAAO,kCAGX,IAAK1M,EAASqJ,GAAI,MAAM,IAAI/T,MAAM,+BAA+B0K,EAASQ,UAC1E,OAAOR,EAASS,MAClB,CA2JiCkM,CAAef,EAAOgB,sBAAuB,CAACpB,KACjDtB,UACxB8B,eAAevE,QAAQ,uBAAwBgC,EACjD,CAGA,MAAMoD,QArOVnY,iBACE,MAAMoY,EAAWnE,OAAOC,aAAe,IAAMD,OAAOC,aAC9CnD,EAAS,IAAIzS,iBACX2V,OAAOzT,OAAOuQ,OAAO,WAAW,IAAIlT,aAAca,OAAO0Z,KAMjE,MAAO,CAAEA,WAAUC,UAJDlZ,KAAKJ,OAAOC,gBAAgB+R,IAC3C1R,QAAQ,MAAO,KACfA,QAAQ,MAAO,KACfA,QAAQ,MAAO,IAEpB,CA2NuBiZ,GACnBhB,eAAevE,QAAQ,2BAA4BoF,EAAKC,UAGxD,MAAMG,EAAYtE,OAAOC,aACzBoD,eAAevE,QAAQ,kBAAmBwF,GAG1C,MAAMC,EAAU,IAAI1K,IAAIoJ,EAAOuB,wBAC/BD,EAAQE,aAAaja,IAAI,gBAAiB,QAC1C+Z,EAAQE,aAAaja,IAAI,eAAgBqY,GACzC0B,EAAQE,aAAaja,IAAI,QAAS,+BAClC+Z,EAAQE,aAAaja,IAAI,YAAasW,GACtCyD,EAAQE,aAAaja,IAAI,wBAAyB,QAClD+Z,EAAQE,aAAaja,IAAI,iBAAkB0Z,EAAKE,WAChDG,EAAQE,aAAaja,IAAI,QAAS8Z,GAClCC,EAAQE,aAAaja,IAAI,SAAU,WAGnCnC,OAAOqc,SAASnN,KAAOgN,EAAQjV,UACjC,CAKA,6BAAMqV,GACJ,MAAM9N,EAAM,IAAIgD,IAAIxR,OAAOqc,SAASnN,MAC9BzK,EAAO+J,EAAI4N,aAAa1c,IAAI,QAGlC,IAAK+E,EAAM,OAGX,MAAM4V,EAAMW,eAAejE,QAAQ,kBAC7B5J,EAAMqB,EAAI4N,aAAa1c,IAAI,OACjC,IAAK2a,GAAOlN,IAAQkN,EAClB,MAAM,IAAI/V,MAAM,oBAAoB6I,SAAWkN,KAIjD,MAAMkC,EAAOvB,eAAejE,QAAQ,mBACpC,GAAIvI,EAAI4N,aAAa1c,IAAI,WAAa6c,EACpC,MAAM,IAAIjY,MAAM,uBAIlBkK,EAAI4N,aAAanF,OAAO,QACxBzI,EAAI4N,aAAanF,OAAO,OACxBzI,EAAI4N,aAAanF,OAAO,SACxBjX,OAAOwc,QAAQC,aAAa,CAAC,EAAGC,SAASC,MAAOnO,EAAIvH,YAGpD,MAAM2V,EAAe5B,eAAejE,QAAQ,4BACtCgB,EAAgBiD,eAAejE,QAAQ,6BACvCyB,EAAUwC,eAAejE,QAAQ,uBACjC0B,EAAW5Y,KAAK4Y,UAAYuC,eAAejE,QAAQ,wBAEzD,IAAK6F,IAAiB7E,IAAkBU,EACtC,MAAM,IAAInU,MAAM,wBAIlB,MAAM+S,QAAgB,GAAgB,SAGhCwF,QAAe/E,GAAcC,EAAe,CAChD+E,WAAY,qBACZrY,OACAsY,cAAeH,EACfI,aAAcxO,EAAIiM,OAASjM,EAAIkM,SAC/BxB,UAAWT,GACVpB,SAGGiB,GAAoBuE,EAAOI,aAAczE,EAAS6B,EAAK5B,EAAUpB,GAGvExX,KAAKga,YAAc,CAAEQ,MAAK7B,UAAST,uBAG7BlY,KAAKuZ,SAAS1D,aACdC,QAAQuH,IAAI,CAChBrd,KAAKuZ,SAAS3C,QAAQ,MAAO4D,GAC7Bxa,KAAKuZ,SAAS3C,QAAQ,WAAY+B,GAClC3Y,KAAKuZ,SAAS3C,QAAQ,iBAAkBsB,GACxClY,KAAKuZ,SAAS3C,QAAQ,YAAagC,GACnC5Y,KAAKuZ,SAAS3C,QAAQ,eAAgBY,GACtCxX,KAAKuZ,SAAS3C,QAAQ,gBAAiBoG,EAAOM,iBAEhDtd,KAAKuZ,SAASjC,QAGd6D,eAAeoC,WAAW,kBAC1BpC,eAAeoC,WAAW,6BAC1BpC,eAAeoC,WAAW,uBAC1BpC,eAAeoC,WAAW,wBAC1BpC,eAAeoC,WAAW,4BAC1BpC,eAAeoC,WAAW,yBAGpBvd,KAAKwd,WAAW,IAAKR,EAAQS,cAAejG,IAClDxX,KAAK0d,sBACP,CAKA,aAAMC,GACJ,OAAI3d,KAAKia,kBAETja,KAAKia,gBAAkB,WACrB,IACE,MAAM+C,QAhOdnZ,eAA6B0V,SACrBA,EAAS1D,OAEf,MAAO+H,EAAc1F,EAAeU,EAAUpB,SAAiB1B,QAAQuH,IAAI,CACzE9D,EAASrC,QAAQ,iBACjBqC,EAASrC,QAAQ,kBACjBqC,EAASrC,QAAQ,aACjBqC,EAASrC,QAAQ,kBAGnB,KAAK0G,GAAiB1F,GAAkBU,GAAapB,GACnD,MAAM,IAAI/S,MAAM,wBAGlB,MAAMuY,QAAe/E,GAAcC,EAAe,CAChD+E,WAAY,gBACZK,cAAeM,EACfvE,UAAWT,GACVpB,GAQH,OALIwF,EAAOM,qBACH/D,EAAS3C,QAAQ,gBAAiBoG,EAAOM,eAGjD/D,EAASjC,QACF,IAAK0F,EAAQS,cAAejG,EACrC,CAqM6BqG,CAAc7d,KAAKuZ,gBAClCvZ,KAAKwd,WAAWR,GACtBhd,KAAK0d,sBACP,CAAE,MAAO3M,GAQP,MAPI/Q,KAAK2Z,YACF3Z,KAAKqa,YAGRra,KAAK8d,sBAFL9d,KAAK+d,8BAKHhN,CACR,CAAE,QACA/Q,KAAKia,gBAAkB,IACzB,CACD,EAjBsB,IAFUja,KAAKia,eAsBxC,CAKA,YAAM+D,GACJhe,KAAK2Z,WAAY,EACjB3Z,KAAK4Z,OAAS,KACd5Z,KAAK6Z,KAAO,KACZ7Z,KAAK8Z,KAAO,KACZ9Z,KAAK+Z,QAAU,KACf/Z,KAAKga,YAAc,WAEbha,KAAKuZ,SAAS1D,aACd7V,KAAKuZ,SAASlC,QACpBrX,KAAKuZ,SAASjC,QAEdtX,KAAK0d,sBACP,CAKA,eAAMO,CAAUzb,EAAOqT,EAAO,CAAC,GAE7B,IAAK7V,KAAK2Z,UACR,OAAOvK,MAAM5M,EAAOqT,GAStB,IAAIlH,EAAK0J,EAAQjP,EALbpJ,KAAKqa,mBACDra,KAAK2d,UAKTnb,aAAiB0b,SACnBvP,EAAM,IAAIgD,IAAInP,EAAMmM,KACpB0J,EAASxC,EAAKwC,QAAU7V,EAAM6V,QAAU,MACxCjP,EAAU,IAAI4J,QAAQxQ,EAAM4G,WAE5BuF,EAAM,IAAIgD,IAAInP,EAAM4E,YACpBiR,EAASxC,EAAKwC,QAAU,MACxBjP,EAAUyM,EAAKzM,QAAU,IAAI4J,QAAQ6C,EAAKzM,SAAW,IAAI4J,SAI3D,MAAMoF,QAAab,GACjBvX,KAAK+Z,QAAQ0D,cACb,GAAG9O,EAAIiM,SAASjM,EAAIkM,WACpBxC,EAAO8F,cACPne,KAAK8Z,MAQP,OAJA1Q,EAAQ9G,IAAI,OAAQ8V,GACpBhP,EAAQ9G,IAAI,gBAAiB,QAAQtC,KAAK+Z,QAAQqD,gBAG9C5a,aAAiB0b,QACZ9O,MAAM,IAAI8O,QAAQ1b,EAAO,IAAKqT,EAAMzM,aAEtCgG,MAAMT,EAAK,IAAKkH,EAAMzM,WAC/B,CAMA,gBAAMoU,CAAWR,GACfhd,KAAK+Z,QAAUiD,EAEf,MAAMoB,EEpiBH,SAAmBpF,GACtB,GAAmB,iBAARA,EACP,MAAM,IAAIzT,EAAW,iEACzB,MAAQ,EAAGR,EAAO,OAAE9D,GAAW+X,EAAIxF,MAAM,KACzC,GAAe,IAAXvS,EACA,MAAM,IAAIsE,EAAW,4DACzB,GAAe,IAAXtE,EACA,MAAM,IAAIsE,EAAW,eACzB,IAAKR,EACD,MAAM,IAAIQ,EAAW,+BACzB,IAAI6Y,EAOAxK,EANJ,IACIwK,EAAU,GAAUrZ,EACxB,CACA,MACI,MAAM,IAAIQ,EAAW,yCACzB,CAEA,IACIqO,EAASlI,KAAKwE,MAAMvO,EAAQwB,OAAOib,GACvC,CACA,MACI,MAAM,IAAI7Y,EAAW,8CACzB,CACA,IAAK2B,EAAS0M,GACV,MAAM,IAAIrO,EAAW,0BACzB,OAAOqO,CACX,CFygBoByK,CAAUrB,EAAOI,cACjC,IAAKgB,EAAQE,MAAO,MAAM,IAAI7Z,MAAM,uBACpC,IAAK2Z,EAAQ9P,IAAK,MAAM,IAAI7J,MAAM,qBAElCzE,KAAK8Z,WAvZTjW,eAA0B6U,GACxB,MAAMzP,GAAO,IAAIvH,aAAca,OAAOmW,GAChC6F,QAAmBzG,OAAOzT,OAAOuQ,OAAO,UAAW3L,GACnDuV,EAAY3T,MAAM4T,KAAK,IAAItc,WAAWoc,IAC5C,OAAOvb,KAAKJ,OAAOC,gBAAgB2b,IAChCtb,QAAQ,MAAO,KACfA,QAAQ,MAAO,KACfA,QAAQ,MAAO,GACpB,CA+YsBwb,CAAW1B,EAAOI,cACpCpd,KAAK4Z,OAASwE,EAAQE,MACtBte,KAAK6Z,KAAOuE,EAAQ9P,IACpBtO,KAAK2Z,WAAY,CACnB,CAEA,oBAAA+D,GACE1d,KAAK2e,cAAc,IAAIC,YAAYrJ,GAA4B,CAC7DsJ,OAAQ,CAAE1E,SAAUna,KAAK2Z,UAAWS,MAAOpa,KAAK4Z,UAEpD,CAEA,0BAAAmE,GACE/d,KAAK2e,cAAc,IAAIC,YAAYrJ,GAAkC,CACnEsJ,OAAQ,CAAEC,WAAY9e,KAAKsa,kBAE/B,CAEA,mBAAAwD,GACE9d,KAAK2e,cAAc,IAAIC,YAAYrJ,IACrC,EAOF,MGtjBawJ,GACO,iBADPA,GAEJ,QAFIA,GAGH,SAHGA,GAIM,iBAJNA,GAKJ,QAWT,MAAMC,GAAN,cACU,KAAAC,UAA6C,IAAIjU,GAgB3D,CAdE,EAAAkU,CAAG3I,EAAe4I,GACXnf,KAAKif,UAAUvV,IAAI6M,IACtBvW,KAAKif,UAAU3c,IAAIiU,EAAO,IAAI3M,KAEhC5J,KAAKif,UAAUpf,IAAI0W,GAAQ5M,IAAIwV,EACjC,CAEA,GAAAC,CAAI7I,EAAe4I,G,MACQ,QAAzB,EAAAnf,KAAKif,UAAUpf,IAAI0W,UAAM,SAAEa,OAAO+H,EACpC,CAEA,IAAAE,CAAK9I,KAAkBxX,G,MACI,QAAzB,EAAAiB,KAAKif,UAAUpf,IAAI0W,UAAM,SAAE+I,QAAQC,GAAMA,KAAMxgB,GACjD,EAmCK,MAAMygB,GAKX,WAAAle,CAAYoD,GACV1E,KAAKyf,SAAW,IAAI,GAAiB,CACnC7G,SAAUlU,aAAO,EAAPA,EAASkU,SACnBW,SAAU,IAAI/D,GACdgE,cAAgBjD,IACd,MAAMsI,EAAUtI,EAAsBsI,QAClCA,aAAM,EAANA,EAAQ1E,WACVna,KAAK0f,QAAQL,KAAKN,IAClB/e,KAAK0f,QAAQL,KAAKN,GAAyB5e,OAAOqc,SAASnN,OAE3DrP,KAAK0f,QAAQL,KAAKN,KAGtBrF,aAAc,KACZ1Z,KAAK0f,QAAQL,KAAKN,OAGtB/e,KAAK0f,QAAU,IAAIV,GACnBhf,KAAK2f,WAAa7H,OAAOC,YAC3B,CAKA,UAAI6H,GACF,OAAO5f,KAAK0f,OACd,CAKA,QAAIG,G,MACF,MAAO,CACLC,WAAY9f,KAAKyf,SAAStF,SAC1BC,MAA0B,QAAnB,EAAApa,KAAKyf,SAASrF,aAAK,aAAIvb,EAC9BkhB,UAAW/f,KAAK2f,WAChBK,eAAgBhgB,KAAKyf,SAAStF,SAC1BjM,KAAKqE,MAAwC,IAA/BvS,KAAKyf,SAASnF,oBAC5Bzb,EAER,CAKA,4BAAMohB,CAAuBvb,GAE3B,MAAMwb,EAAiD,iBAAZxb,EACvC,CAAEiK,IAAKjK,GACPA,QAAAA,EAAW,CAAC,EAEhB,IAKE,SAHM1E,KAAKyf,SAAShD,2BAGfzc,KAAKyf,SAAStF,WAA4C,IAAhC+F,EAAKC,uBAClC,UACQngB,KAAKyf,SAAS9B,SACtB,CAAE,MAEF,CAGF,OAAO3d,KAAK6f,IACd,CAAE,MAAO9O,GAEP,YADA/Q,KAAK0f,QAAQL,KAAKN,GAAchO,EAElC,CACF,CAKA,WAAMwJ,CAAM7V,GACV,MAAMgW,EAAchW,EAAQgW,aAAeva,OAAOqc,SAASnN,WACrDrP,KAAKyf,SAASlF,MAAM7V,EAAQ0b,WAAY1F,EAChD,CAKA,YAAMsD,SACEhe,KAAKyf,SAASzB,QACtB,CAKA,WAAM5O,CAAMT,EAAwBkH,GAClC,OAAO7V,KAAKyf,SAASxB,UAAUtP,EAAekH,EAChD,EAGF,MCrLawK,GAAc,IAAIb,GCFzB,GAA+Bc,E,cCI9B,MAAM,G,OAAK,GAAe,ICCpBC,IAAW,KAAAC,KACpB,sDAGG,SAASC,GAAeC,GAE3B,MAAMC,EAAK,GAsGX,SAASC,EACTC,EACAC,EACAC,EACArc,EAGQ,CAAC,GAEL,MAAMsc,EAAYtc,EAAQuc,QAAU,GAC9BnhB,GAAI,KAAAohB,SACJC,GAAO,KAAAC,WAAU,kCACvB,IAAI9hB,EAAIQ,EAAE0gB,IAAI,GAAGO,QACjB,MAAM9lB,EAAM6E,EAAE0gB,IAAIO,GACZM,EAAMvhB,EAAE0gB,IAAIK,GAWlB,GAVA/gB,EAAE6J,IAAIrK,EAAGqhB,EAAG3jB,IAAI,QAASmkB,EAAK,iBAAkBlmB,GAChD6E,EAAE6J,IAAIrK,EAAG6hB,EAAK,YAAaE,EAAKpmB,GAC5ByJ,EAAQ4c,eACRxhB,EAAE6J,IAAIrK,EAAG6hB,EAAK,WAAYE,EAAKpmB,GAEnC6E,EAAE6J,IAAIrK,EAAG6hB,EAAK,SAAUL,EAAI7lB,GAC5B6E,EAAE6J,IAAIrK,EAAG6hB,EAAK,QAASA,EAAK,QAASlmB,GACrC6E,EAAE6J,IAAIrK,EAAG6hB,EAAK,QAASA,EAAK,SAAUlmB,GACtC6E,EAAE6J,IAAIrK,EAAG6hB,EAAK,QAASA,EAAK,WAAYlmB,GAEpC+lB,EAAU/f,OAAQ,CAClB3B,EAAIQ,EAAE0gB,IAAI,GAAGO,QACbjhB,EAAE6J,IAAIrK,EAAGqhB,EAAG3jB,IAAI,QAASmkB,EAAK,iBAAkBlmB,GAChD6E,EAAE6J,IAAIrK,EAAG6hB,EAAK,YAAaE,EAAKpmB,GAChC6E,EAAE6J,IAAIrK,EAAG6hB,EAAK,cAAeR,EAAG/kB,KAAK,SAAUX,GAC/C,IAAK,IAAI0N,EAAI,EAAGA,EAAIqY,EAAU/f,OAAQ0H,IACtC7I,EAAE6J,IAAIrK,EAAG6hB,EAAK,QAASA,EAAKH,EAAUrY,IAAK1N,EAE/C,CACA,OAAO,KAAAsmB,WAAUtmB,EAAK6E,EAAGihB,EAC7B,CACA,MAAO,CACHS,cAzIJ3d,eAA6B8K,SACnB+R,EAAMe,QAAQC,KAAK/S,GACzB,MAAMgT,EAAUjB,EAAMkB,IAAIjT,EAAK4R,IAC/B,IAAKoB,EACD,MAAM,IAAIld,MAAM,8BAA8BkK,KAElD,OAAOgT,EAAQxa,KACnB,EAmII0a,iBArHJ,SACAhB,EACAC,EACApc,GAKA,MAAMod,EAASpB,EAAMkB,IACjBlB,EAAMF,IAAIK,GACVN,IAGJ,OAAOzK,QAAQC,UACV7C,KAAK,IACF4O,GAgCR,SAAsBjB,GAClB,MAAMY,EAAUf,EAAMe,QACtB,IAAKA,EACD,MAAM,IAAIhd,MAAM,8CAGpB,OAAOgd,EAAQC,KAAKb,GAAQ3N,KAAKU,IAC7B,IAAKA,EAAO4E,GACR,MAAM,IAAI/T,MAAM,8BAAiCmP,EAAe7C,OAGpE,MAAM+Q,EAASpB,EAAMkB,IACrBlB,EAAMF,IAAIK,GACVN,IAGA,IAAKuB,EACL,MAAM,IAAIrd,MAAM,2CAA6Coc,GAG7D,OAAOiB,GAEf,CAlDWC,CAAYlB,GAAQrR,MAAMC,IAC7B,MAAM,IAAIhL,MAAM,qCAAqCoc,MAAWpR,QAGnEyD,KAAK4O,IACN,MAAME,EAAUpB,EAAWC,EAAQC,EAAIgB,EAAOG,IAAKvd,GACnD,IAAKgc,EAAMe,QACP,MAAM,IAAIhd,MAAM,yCAEpB,OAAOic,EAAMe,QACRS,aAAa,MAAOJ,EAAOG,IAAK,CACjChZ,KAAM+Y,EACNG,YAAa,gBAEZjP,KAAKU,IACN,IAAKA,EAAO4E,GACR,MAAM,IAAI/T,MAAM,2BAA6BmP,EAAO7C,OAGxD,OAAO+Q,KAGf,EA6EIlB,aAER,CCjJO,MAAMwB,GAAa,KACtB,IAAI,gBAAEC,GAAyBliB,OAG/B,GAFAkiB,IAAAA,EAAoB,CAAC,GACrBA,EAAgBC,mBAAoB,EAChCD,EAAgBE,QAAUpiB,OAAO0c,SAAU,CAE3C,GADoB1c,OAAO0c,SAASL,SAASnN,KAC7BhJ,WAAWgc,EAAgBE,QAAS,CACpDF,EAAgBC,mBAAoB,EACpC,MAAMnK,EAAS,IAAII,gBAAgBpY,OAAO0c,SAASL,SAAS1B,QAC5D,GAAI3C,EAAQ,CACR,IAAIqK,EAAaH,EAAgBG,WAAarK,EAAOtY,IAAI,QAAU,KACnE,GAAI2iB,IACJA,EAAaC,UAAUD,IAClBA,EAAWnc,WAAWgc,EAAgBE,SAAS,CAChD,MAAMG,EAAMF,EAAWhP,MAAM,MAC7B6O,EAAgB7H,IAAMkI,EAAI,GAAK,KAAOA,EAAI,GAC1CL,EAAgBC,mBAAoB,CACxC,CAEJ,CACA,CACJ,CACA,OAAOD,GAUJ,SAASM,KACZ,MAAM,sBAAEC,GAA+BziB,OACvC,QACmC,IAA1ByiB,GACPA,EAAsBC,SAItB,OADA,EAAU,wBAA0BD,EAAsBC,WACnD,KAAArC,KAAIoC,EAAsBC,UAInC,GACsB,oBAAbhG,UACPA,SAASL,UACiC,sBAAzC,GAAKK,SAASL,UAAUtW,MAAM,EAAG,IAClC,CACA,MAAM4c,EAAMjG,SAASkG,eAAe,aACpC,IAAKD,EAAK,OAAO,KACjB,MAAMhU,EAAKgU,EAAIE,aAAa,UAC5B,OAAKlU,GACL,EAAU,oBAAsBA,IACzB,KAAA0R,KAAI1R,IAFK,IAGlB,CACA,OAAO,IACX,CC5DO,MAAMmU,GAGX,WAAA3hB,CAAY4hB,GACVljB,KAAKmjB,QAAUD,CACjB,CAGA,eAAI7C,GAAwB,OAAOrgB,KAAKmjB,OAAQ,CAEhD,WAAAC,GACE,MAAMC,EAAMjB,KACZ,OAAIiB,EAAIf,mBACC,KAAA9B,KAAI6C,EAAIjJ,OAEbpa,MAAQA,KAAKmjB,SAAWnjB,KAAKmjB,QAAQtD,MAAQ7f,KAAKmjB,QAAQtD,KAAKzF,OAASpa,KAAKmjB,QAAQtD,KAAKC,YACrF,KAAAU,KAAIxgB,KAAKmjB,QAAQtD,KAAKzF,OAExBuI,IACT,CASA,eAAMW,CACJC,GAGA,MAAMC,EAAuB,IAAI7R,IAAIxR,OAAOqc,SAASnN,MAAMpJ,KACvDud,GACFrjB,OAAOsjB,aAAa7M,QAAQ,uBAAwB4M,GAEtDxjB,KAAKmjB,QAAQvD,OAAOV,GAAGH,GAA0BpQ,IAC/C,EAAU,uBAAuBA,KAC7BkO,SAASL,SAASpV,aAAeuH,GAAKgO,QAAQC,aAAa,KAAM,GAAIjO,KAM3E,MAAM+L,EAAc,IAAI/I,IAAIxR,OAAOqc,SAASnN,MAC5CqL,EAAYzU,KAAO,SACbjG,KAAKmjB,QACRlD,uBAAuB,CACtBE,wBAAwB,EACxBxR,IAAK+L,EAAYrL,OAIrB,MAAMqU,EAAwBvjB,OAAOsjB,aAAavM,QAAQ,wBAC1D,GAAIwM,EAAuB,CACzB,MAAMC,EAAS,IAAIhS,IAAIxR,OAAOqc,SAASnN,MACnCsU,EAAO1d,OAASyd,IACd/G,QAAQiH,UAEVjH,QAAQiH,UAAU,KAAM/G,SAASC,MAAO4G,GAGxClH,SAASvW,KAAOyd,EAElBC,EAAO1d,KAAOyd,GAIhBvjB,OAAOsjB,aAAa7M,QAAQ,uBAAwB,GACtD,CAGA,IAAIkK,EAAK6B,KACT,GAAI7B,EACF,OAAOhL,QAAQC,QAAQwN,EAAkBA,EAAgBzC,GAAMA,GAGjE,MAAM1G,EAAQpa,KAAK6jB,iBAAiB7jB,KAAKmjB,QAAQtD,MASjD,OARIzF,IACF0G,EAAK9gB,KAAK8jB,SAAS1J,IAGjB0G,GACF,EAAU,iBAAiBA,wBAGtBhL,QAAQC,QAAQwN,EAAkBA,EAAgBzC,GAAMA,EACjE,CASA,QAAAgD,CACE1J,EACA2J,GAEA,IAAIC,EACJ,GAAI5J,EAAO,CACT4J,EAA6B,iBAAV5J,EAAsBA,EAAQA,EAAM6H,IACvD,MAAMnB,GAAK,KAAA3iB,WAAU6lB,GAIrB,OAHID,IACFA,EAAQjD,GAAKA,GAERA,CACT,CACA,OAAO,IACT,CAKA,gBAAA+C,CAAkBV,GAEhB,OADcA,aAAO,EAAPA,EAAS/I,QAAS+I,EAAQrD,WAAaqD,EAAQ/I,MAAQ,IAEvE,EC1HK,SAAS6J,GAAS5C,GACrB,OAAO,KAAAb,KAAIa,EAAIY,IAAJZ,MAA6BnT,KAAKqE,MACjD,CAmBO,SAAS2R,GAAgB7C,GAC5B,OAAKA,GAID,GAAGlhB,OAAOqc,SAAS5B,YAAc,IAAIjJ,IAAI0P,EAAIla,OAAOyT,MAE5D,CCzBA,MAAMuJ,GAA6B,iBAE5B,SAASC,GAAgB1D,EAAO2D,GACnC,MAAM1D,EAAK,GAEX9c,eAAeygB,EACXC,EACAzD,EACA0D,SAKM9D,EAAMe,QAAQC,KAAK6C,GAGzB,MAAME,EAAa/D,EAAMkB,IACrB2C,EACA,IAAI,GAAAG,UAAU,uDAElB,IAAKD,EACD,MAAM,IAAIhgB,MAAM,2BAGpB,MAAMkgB,EAAU,gJAIC7D,EAAG3Z,mOAOHqd,EAAQrd,wJAMnBuZ,EAAMe,QAAQS,aAAa,MAAOuC,EAAWtd,MAAO,CACtD8B,KAAM0b,EACNxC,YAAa,eAErB,CAEAte,eAAe+gB,EAAsBC,EAAW/D,GAE5C,MAAMgE,EAAmBpE,EAAMkB,IAC3Bd,EACAH,EAAGpjB,MAAM,qBAEb,IAAKunB,EACD,MAAM,IAAIrgB,MAAM,uCAEdic,EAAMe,QAAQC,KAAKoD,GACzB,MAAMC,EAAMd,GAASa,GACfE,EAAM,EACR,KAAAC,IACIF,EACApE,EAAG3jB,IAAI,QACP2jB,EAAGpjB,MAAM,oBACTunB,EAAiBzD,QAErB,KAAA4D,IACIF,EACApE,EAAGpjB,MAAM,YACTojB,EAAGrkB,QAAQ,YACXwoB,EAAiBzD,QAErB,KAAA4D,IAAGF,EAAKpE,EAAGpjB,MAAM,YAAasnB,EAAWC,EAAiBzD,cAExD,IAAIvL,QAAQ,CAACC,EAASC,KACxB0K,EAAMwE,QAAQC,OAAO,GAAIH,EAAK,SAAUI,EAAM5M,EAAI6M,GACzC7M,EAGDzC,EAAQ,MAFRC,EAAO,IAAIvR,MAAM4gB,GAIzB,IAER,CAEAxhB,eAAeyhB,EAASd,GACpB,MAAM1D,QAAWuD,EAAakB,SAExBhB,EDpDP,SACHC,EACAgB,GAIA,MAAMC,EAAmB,IAAI9T,IACzB,mBAAmB,IAAIA,IAAI6S,EAAQrd,OAAOue,QAC1CF,EAAQre,OACVC,WACF,OAAO,IAAI,GAAAsd,UAAUe,EACzB,CCyC8BE,CAAuBnB,QADvBH,EAAauB,WAAW9E,IAE9C,IAAI+E,GAAS,EACb,UACUnF,EAAMe,QAAQC,KAChB,IAAI,GAAAgD,UAAUH,EAAcpd,MAAQ,kBAE5C,CAAE,MAAOjH,GACL2lB,GAAS,CACb,CACA,MAAO,CAAE/E,KAAIyD,gBAAesB,SAChC,CAEAhiB,eAAeiiB,EACXvB,EACAzD,GAMA,aAJsBiF,EAAQ,CAC1BjF,KACAkF,QAASzB,EAAcpd,SAEZ8e,WACnB,CAEA,SAASF,EAAQG,GACb,MAAMC,EAAKzF,EACLwE,EAAUiB,EAAGjB,QACnB,GAAIgB,EAAepF,KAAOoF,EAAepF,GAAGmB,IACxC,MAAM,IAAIxd,MAAM,iCAAmCyhB,EAAepF,IAGtE,MAAMmF,EAAeC,EAAeD,YAChCC,EAAeD,aACfE,EAAG3F,IAAI0F,EAAeF,QAAU7B,IAC9BiC,EAAaH,EAAY5E,MAmB/B,OAjBA8E,EAAGxc,IACCsc,EACAtF,EAAG3jB,IAAI,QACP2jB,EAAGrkB,QAAQ,YACX8pB,GAEJD,EAAGxc,IAAIsc,EAAatF,EAAGllB,GAAG,SAAU,eAAgB2qB,GACpDD,EAAGxc,IACCsc,EACAtF,EAAGllB,GAAG,YACN,KAAA4qB,MAAW,IAAInY,KAAKA,KAAKqE,QACzB6T,GAEAF,EAAepF,IACfqF,EAAGxc,IAAIsc,EAAatF,EAAGllB,GAAG,UAAWyqB,EAAepF,GAAIsF,GAGrD,IAAItQ,QAAQ,SAAUC,EAASC,GAClCkP,SAAAA,EAASjO,IACLmP,EACAD,EAAGG,wBAAmBznB,OAAWA,OAAWA,EAAWunB,GACvD,cACA,SAAUG,EAAM/N,EAAI7X,GACZ6X,EACAzC,EAAQ,IACDmQ,EACHD,gBAGJjQ,EACI,IAAIvR,MACA,uCAAyC8hB,EAAO,MAAQ5lB,GAIxE,EAER,EACJ,CA2BAkD,eAAe2iB,EAAWhC,EAAoBK,G,YACpCnE,EAAMe,QAAQC,KAAK8C,EAAQnD,OACjC,MAAMoF,EAAe/F,EAAMkB,IACvB4C,EACA7D,EAAGxkB,IAAI,cACP0C,EACA2lB,EAAQnD,OAEZ,IAAKoF,EACD,MAAM,IAAIhiB,MAAM,4BAA4B+f,EAAQrd,SAExD,MAAMuf,EAAa,+EAEjB/F,EAAG3jB,IAAI,eAAe6nB,EAAU1d,qBAG5Bwf,QAAoC,QAAb,EAAAjG,EAAMe,eAAO,eAAES,aACxC,OACAuE,EAAatf,MACb,CACI8B,KAAMyd,EACNvE,YAAa,iBAIrB,KADoBwE,aAAc,EAAdA,EAAgBvd,QAAQvJ,IAAI,aAE5C,MAAM,IAAI4E,MAAM,6BAA6BkiB,aAAc,EAAdA,EAAgBhX,SAErE,CACA,MAAO,CACH2U,SAAQM,wBAAuBU,WAAUQ,kBAAiBc,QAjD9D/iB,eACI2gB,EACAqC,GAAkB,GAElB,MAAM,GAAE/F,EAAE,cAAEyD,EAAa,OAAEsB,SAAiBP,EAASd,GACrD,GAAIqB,EACA,OAAO,IAAI,GAAAnB,UAAUH,EAAcpd,MAAQgd,IAG/C,GAAI0C,EAAiB,CACjB,MAAMhC,QAAkBiB,EAAgBvB,EAAezD,GAIvD,aAHM0F,EAAWhC,EAASK,SACpBP,EAAOC,EAAezD,EAAI0D,SAC1BI,EAAsBC,EAAW/D,GAChC+D,CACX,CACA,OAAO,IACX,EAgCuE2B,aAAYT,UAEvF,CC5NO,SAASe,GAAiBpG,EAAO2D,EAAc0C,EAAcC,EAAgBC,GAgDlF,MAAO,CACLC,eA/CArjB,eAA8BsjB,EAAmBC,GAC/C,MAAMC,QAA2BhD,EAAakB,SAExC+B,EAAW,UADgBjD,EAAauB,WAAWyB,IAC7BlgB,oBAAoBogB,mBAAmBH,MASnE,aARMJ,EAAeQ,gBAAgBF,SAE/BP,EAAaU,oBAAoB,CACrCC,WAAYL,EAAQlgB,MACpBggB,YACAQ,cAAe,aACfnR,OAAQ8Q,IAEHA,CACX,EAmCEM,eAjCF/jB,eACIgkB,GAEKA,IACHA,QAAaxD,EAAakB,UAE5B,MAAMuC,QAAczD,EAAa0D,aAAaF,GAE9C,aADmBb,EAAegB,oBAAoBF,IAC1C/mB,OAAO4N,IAAQqY,EAAeiB,YAAYtZ,GAC1D,EAyBEuZ,WAvBFrkB,eAA0B8K,EAAa3C,GACrC,MAAMmc,QAAmBzH,EAAMe,QAAQ2G,OAAOzZ,GAC9C,GAA0B,MAAtBwZ,EAAWxY,OACb,MAAM,IAAIlL,MAAM,WAAWkK,KAE7B,MAAM0Z,EFvBH,SAAuBC,EAAiBtc,GAC3C,MAAMuc,EAAOvc,EAAKwc,iBACZC,GAAS,KAAOzc,EAAK0c,cAAc,IAAIxiB,OAAO,GAC9CkG,GAAO,IAAOJ,EAAK2c,cAAeziB,OAAO,GACzC0iB,EAAQN,EAAQ9U,MAAM,KACtBqV,EAAWD,EAAMA,EAAM3nB,OAAQ,GACrC,OAAO,IAAI0Q,IAAI,aAAa4W,KAAQE,KAASrc,KAAOyc,IAAYP,GAASlhB,UAC7E,CEgBuB0hB,CAAcna,EAAK3C,GAChCtH,EAAU,CACd2T,OAAQ,MACRC,WAAY6P,EAAWY,OACvB3f,QAAS,CACP,CAAC,eAAgB+e,EAAW/e,QAAQvJ,IAAI,iBAAmB,8BAIzB,aADf6gB,EAAMe,QAAQ2G,OAAOC,EAAY3jB,IAC3CiL,OAAOvI,WAAW,UACvBsZ,EAAMe,QAAQ2G,OAAOzZ,EAAK,CAC9B0J,OAAQ,UAGd,EAMF,CCzDA,MAAM2Q,WAAoBvkB,MACtB,WAAAnD,CAAYX,GACRgE,MAAMhE,GAENjB,OAAOupB,eAAejpB,gBAAiBM,WACvCN,KAAKqB,gBAAkBA,IAC3B,EAGG,MAAM6nB,WAA0BF,IAEhC,MAAMG,WAAkCH,IAExC,MAAMI,WAAiCJ,IAEvC,MAAMK,WAAsBL,IAE5B,MAAMM,WAAyBN,IAE/B,MAAMO,WAA0BP,IAEhC,MAAMQ,WAAmBR,GAG5B,WAAA1nB,CAAYqO,EAAgBhP,GACxBgE,MAAMhE,GACNX,KAAK2P,OAASA,CAClB,ECpBG,SAAS8Z,GAAmB/I,EAAOgJ,EAAO3C,GAC7C,MAAMpG,EAAK,GAsBX9c,eAAe8lB,EAAiB9B,SACtB+B,EAAY/B,GAElB,MAAMgC,EJDP,SAAiC/I,GACpC,MAGMgJ,EAHWhJ,EAAGmB,IAAI/e,QAAQ,YAAa,KAAKA,QAAQ,WAAY,KAE3CsQ,MAAM,KAAKtN,MAAM,GAAG,GAAG9E,KAAK,KACvC2oB,4BAChB,OAAO,KAAAvJ,KAAIsJ,EACf,CILwCE,CAAuBnC,GACvD,IAAIoC,EACJ,IACIA,QAAwBlD,EAAamD,mBAAmBrC,EAAMlH,EAAGnjB,MAAM,mBAAiCqsB,EAAyBhC,EAAKxG,MAC1I,CAAE,MAAO5R,GAIL,GAFA,EADgB,QAAQoY,oDAGpBpY,aAAe6Z,GAAoB,MAAM7Z,EAC7C,GAAIA,aAAe8Z,GAAqB,MAAM9Z,EAC9C,GAAIA,aAAeyZ,GAAqB,MAAMzZ,EAC9C,GAAIA,aAAe0Z,GAA6B,MAAM1Z,EACtD,GAAIA,aAAe2Z,GAA4B,MAAM3Z,EACrD,GAAIA,aAAe+Z,GAAc,MAAM/Z,EACvC,MAAMA,CACV,CAEA,UACUiR,EAAMe,QAAQC,KAAKuI,EAC7B,CAAE,MAAOxa,GACL,MAAM7O,EAAM,qCAAqCinB,MAASpY,IAE1D,GADA,EAAW7O,GACiB,MAAxB6O,EAAIN,SAASQ,OACb,MAAM,IAAIuZ,GAEd,GAA4B,MAAxBzZ,EAAIN,SAASQ,OAAgB,CAC7B,GAAIuU,GAAgB+F,GACpB,MAAM,IAAId,GAEV,MAAM,IAAIC,EACd,CAIA,MAAM,IAAI3kB,MAAM7D,EACpB,CACA,OAAOqpB,CACX,CAEApmB,eAAe+lB,EAAa/B,GACxB,IAAKA,EACD,MAAM,IAAIpjB,MAAM,+BAEpB,UACUic,EAAMe,QAAQC,KAAKmG,EAAKxG,MAClC,CAAE,MAAO5R,GACL,MAAM,IAAIhL,MAAM,kCAAkCojB,MAASpY,IAC/D,CACA,OAAOoY,EAAKxG,KAChB,CA4BA,SAAS8I,EAAYrJ,GACjB,OAAOJ,EAAMkB,IAAId,EAAIH,EAAGnjB,MAAM,gBAAYqB,EAAWiiB,EAAGO,MAC5D,CAEA,MAAO,CACHkE,OA/BJ1hB,iBACI,MAAMid,EAAK4I,EAAMtG,cACjB,GAAW,OAAPtC,EACA,MAAM,IAAIrc,MAAM,0CAGpB,aADMic,EAAMe,QAAQC,KAAKZ,EAAGO,OACrBP,CACX,EAyBI8E,WAvBJ,SAAoBiC,GAChB,MAAMrC,EAAU2E,EAAYtC,GAC5B,IAAKrC,EACD,MAAM,IAAI/gB,MAAM,4BAEpB,OAAO+gB,CACX,EAkBIuC,aAhBJlkB,eAA4BgkB,SAClBnH,EAAMe,QAAQC,KAAKmG,GACzB,MAAMuC,EAAY1J,EAAMkB,IAAIiG,EAAMlH,EAAGxkB,IAAI,cAAU0C,EAAWgpB,EAAKxG,OACnE,IAAK+I,EACD,MAAM,IAAI3lB,MAAM,8BAEpB,OAAO2lB,CACX,EAUID,cACAR,kBACAC,cACAS,wBAzGJxmB,eAAuCgkB,GACnC,IACI,aAAa8B,EAAgB9B,EACjC,CAAE,MAAOpY,GACL,MACJ,CACJ,EAqGJ,CCrHO,SAAS6a,GAAqB5J,EAAOgJ,EAAOrF,EAAc0C,GAC7D,MAAMpG,EAAK,GAUX9c,eAAe0mB,EAAmB1C,GAC9B,IAAKA,EAAM,MAAM,IAAIpjB,MAAM,qCAC3B,MAAM+lB,QAAgBnG,EAAauF,YAAY/B,GAEzC4C,EAAaC,EAAuB7C,GAC1C,IAAI8C,EACJ,IACIA,QAAwB5D,EAAamD,mBAAmBrC,EAAMlH,EAAGpjB,MAAM,mBAAiCktB,EAAYD,EACxH,CAAE,MAAO/a,GAEL,EADgB,QAAQoY,uDAE5B,CACA,MAAM+C,EAAeD,EAAkB,CAAC,CAAE3d,MAAO,SAAU6d,MAAOF,EAA8B5Y,MAAO8V,IAAU,GAEjH,IAAIoC,EAOAa,EANJ,IACIb,QAAwB5F,EAAagG,wBAAwBxC,EACjE,CAAE,MAAOpY,GACLwa,EAAkB,IACtB,CAGA,GAAIA,EAAiB,CAGjB,MAAMc,EAA4BC,EAAwBf,GAC1D,IAAInF,EACJ,IACIA,EAAmBpE,EAAMkB,IAAIiG,EAAMlH,EAAGpjB,MAAM,yBAAqBsB,EAAW2rB,UAClEzD,EAAamD,mBAAmBrC,EAAMlH,EAAGpjB,MAAM,oBAAkCwtB,EAA2Bd,EACtH,CAAE,MAAOxa,GAET,EADgB,QAAQoY,gEAE5B,CACAiD,EAAgBhG,EAAmB,CAAC,CAAE9X,MAAO,UAAW6d,MAAO/F,EAA+B/S,MAAO8V,IAAU,EACnH,MACIiD,EAAgB,GAEpB,MAAMG,EAASL,EAAa/oB,OAAOipB,GACnC,GAAsB,IAAlBG,EAAOhqB,OAAc,OAAOgqB,EAChC,MAAMC,EAAQD,EAAOE,IAAItP,GAASA,EAAMgP,OACxC,UACUnK,EAAMe,QAAQC,KAAKwJ,EAC7B,CAAE,MAAOzb,GACL,EAAW,gCAAiCA,EAChD,CACA,OAAOwb,CACX,CAEApnB,eAAeunB,EAAyBvD,GACpC,IAAIoC,EACJ,IACIA,QAAwB5F,EAAagG,wBAAwBxC,EACjE,CAAE,MAAOpY,GAEL,EADgB,QAAQoY,mDAE5B,CACA,GAAIoC,EAAiB,CACjB,MAAMoB,EAAc3K,EAAM4K,KAAKzD,EAAMlH,EAAGpjB,MAAM,kBAAcsB,EAAWorB,GAA8BpoB,OACjG6e,EAAM4K,KAAKzD,EAAMlH,EAAGpjB,MAAM,kBAAcsB,EAAWgpB,EAAKxG,QAE5D,IAAIzN,EAAS,GACb,IAAK,MAAMpX,KAAO6uB,EACdzX,EAASA,EAAO/R,aAAa0oB,EAAmB/tB,IAEpD,OAAOoX,CACX,CACA,MAAO,EACX,CAEA/P,eAAe0nB,EAAmB1D,GAC9B,aAAc0C,EAAmB1C,IAAOhmB,cAAcupB,EAAyBvD,IAAO2D,OAC1F,CAEA3nB,eAAe4nB,EAAsBC,EAAkB7D,GACnD,MAAMoD,QAAeM,EAAmB1D,GACxC,IAAI8D,EAAa,GACjB,IAAK,MAAM9P,KAASoP,EAAQ,CACxB,MAAMW,QAAoBC,EAAuBhQ,EAAO6P,GACxDC,EAAaA,EAAW9pB,OAAO+pB,EACnC,CACA,OAAOD,CACX,CAYA,SAASjB,EAAuB5J,G,MAC5B,OAAO,KAAAN,MAAkB,QAAd,EAAAM,EAAGO,MAAMyK,aAAK,eAAE7J,KAAM,sBACrC,CAGA,SAAS+I,EAAwBf,G,MAC7B,OAAO,KAAAzJ,MAA+B,QAA3B,EAAAyJ,EAAgB5I,MAAMyK,aAAK,eAAE7J,KAAM,uBAClD,CAqCApe,eAAegoB,EAAuBhQ,EAAuBkQ,GACzD,MAAMlB,EAAQhP,EAAMgP,MACdmB,EAAuB,GACvBC,EAAgBvL,EAAM4F,mBAAmB,KAAM3F,EAAGpjB,MAAM,YAAa,KAAMstB,GAC5EhpB,OAAO6e,EAAM4F,mBAAmB,KAAM3F,EAAGpjB,MAAM,qBAAsB,KAAMstB,IAC3EM,IAAIlG,GAAMA,EAAGzX,SAClB,IAAK,MAAMuX,KAAOkH,EAAe,CAC/B,MAAMP,EAAQhL,EAAMkB,IAAImD,EAAKpE,EAAGpjB,MAAM,YAAa,KAAMstB,GACzD,IAAKkB,GAAYL,EAAMQ,SAASH,GAAW,CACzC,MAAMI,EAAYzL,EAAM4K,KAAKvG,EAAKpE,EAAGpjB,MAAM,YAAa,KAAMstB,GAC9D,IAAK,MAAMuB,KAAYD,EACrBH,EAAQrpB,KAAK,CAAEypB,WAAUniB,KAAMyhB,EAAO7P,UAExC,MAAMwQ,EAAa3L,EAAM4K,KAAKvG,EAAKpE,EAAGpjB,MAAM,qBAAsB,KAAMstB,GACxE,IAAK,MAAMuB,KAAYC,QACb3L,EAAMe,QAAQC,KAAK0K,GACzBJ,EAAQrpB,KAAK,CAAEypB,UAAU,KAAA5L,KAAI4L,EAASjlB,OAAQ8C,KAAMyhB,EAAQ7P,SAElE,CACF,CACA,OAAOmQ,CACX,CAEA,MAAO,CACHM,oBAtDJzoB,eACIuoB,EACAvB,EACAkB,GAGA,MAAMQ,EAAetI,GAAS4G,GACxB7F,EAAM,EAER,KAAAC,IAAGsH,EAAc5L,EAAG3jB,IAAI,QAAS2jB,EAAGpjB,MAAM,oBAAqBstB,IAC/D,KAAA5F,IAAGsH,EAAc5L,EAAGpjB,MAAM,YAAawuB,EAAUlB,IACjD,KAAA5F,IAAGsH,EAAc5L,EAAGpjB,MAAM,YAAa6uB,EAAUvB,IAErD,UACUnK,EAAMwE,QAAQC,OAAO,GAAIH,EACnC,CAAE,MAAOvV,GACL,MAAM7O,EAAM,sBAAsBwrB,cAAqBvB,MAAUpb,IAEjE,OADAzQ,QAAQC,KAAK2B,GACN,IACX,CACA,OAAO2rB,CACX,EAkCIC,iBA3KJ,SAA0BJ,EAAUL,GAChC,OAAOrL,EACF4K,UAAKzsB,EAAW8hB,EAAGpjB,MAAM,YAAa6uB,GACtCrrB,OAAQ0rB,GACE/L,EAAMgM,MAAMD,EAAG9L,EAAGpjB,MAAM,YAAawuB,GAExD,EAsKIxB,qBACAa,2BACAG,qBACAE,wBACAkB,gBAjFJ9oB,eAA+B6nB,GAC3B,MAAM7D,EAAO6B,EAAMtG,cACnB,IAAKyE,EAAM,MAAM,IAAIpjB,MAAM,oDAE3B,aADiCgnB,EAAsBC,EAAO7D,IACpCsD,IAAIyB,GAAUA,EAAOR,SACnD,EA6EI1B,yBACAM,0BACA6B,4BAxCJhpB,eAA2CipB,GACvC,MAAM/H,EAAMrE,EAAMqM,IAAI,KAAMpM,EAAGpjB,MAAM,YAAauvB,EAAKV,SAAUU,EAAKjR,MAAMgP,OAC5E,IAAK9F,EAAK,MAAM,IAAItgB,MAAM,0DAA0DqoB,EAAKV,YACzF,MAAMY,EAAatM,EAAM4F,mBAAmBvB,EAAK,KAAM,KAAM+H,EAAKjR,MAAMgP,aAClEnK,EAAMwE,QAAQC,OAAO6H,EAAY,GAC3C,EAoCInB,yBAER,CC5KO,SAASoB,GAAiBC,EAA8D/J,GAE3F,EAAU,4EACV,MAAMzC,EAAmB,WACzB,WAAYA,EAAO,CAACtR,MAAO8d,EAAa9d,QACxCsR,EAAMwE,QAAU,IAAI,iBAAkBxE,GACtCA,EAAMyM,SAAW,GAEjB,MAAMzD,EAAoB,IAAIzG,GAAgBE,GAExCloB,EAAMwlB,GAAeC,GACrBsG,ECzBH,SAA8BtG,GAEjC,SAAS0M,EAAqBC,GAC1B,OAAO3M,EACF4F,mBACG+G,GACA,KAAA7M,KAAI,0CACJ3hB,GAEHssB,IAAKlG,GAAkBA,EAAGqI,OACnC,CAEA,SAASrF,EAAYtZ,GACjB,MAAM4e,EAAe5e,EAAIxH,MACzB,MAAwD,MAAjDomB,EAAaC,OAAOD,EAAatsB,OAAS,EACrD,CA0BA,MAAO,CACHgnB,cACAT,gBA1BJ3jB,eAA+B8K,GAE3B,IAAKsZ,GADgB,KAAAzH,KAAI7R,IAErB,MAAM,IAAIlK,MAAM,uBAAuBkK,KAG3C,MAAMiF,QAAe8M,EAAMe,QAAQ2G,OAAOzZ,EAAK,CAC3C0J,OAAQ,MACRjP,QAAS,CACL,eAAgB,cAChB,gBAAiB,IACjBqkB,KAAM,yDAEVnV,KAAM,MAEV,GAAoC,MAAhC1E,EAAOjE,OAAOvI,WAAW,GACzB,MAAM,IAAI3C,MAAM,eAAemP,EAAOjE,+CAA+ChB,IAE7F,EASIye,uBACApF,oBARJnkB,eAAmC6pB,GAE/B,aADMhN,EAAMe,QAAQC,KAAKgM,GAClBN,EAAqBM,EAChC,EAOJ,CDtB2BC,CAAqBjN,GACtCqG,EE1BH,SAA4BrG,EAAOuG,EAAUD,GAyBlDnjB,eAAe+pB,EAAwBvM,GACrC,IAAIlS,EACJ,IACEA,QAAiBuR,EAAMe,QAAQC,KAAKL,EACtC,CAAE,MAAO5R,GACP,GAA4B,MAAxBA,EAAIN,SAASQ,OAQV,CACL,GAA4B,MAAxBF,EAAIN,SAASQ,OACf,MAAM,IAAIuZ,GAEZ,GAA4B,MAAxBzZ,EAAIN,SAASQ,OAAgB,CAC/B,GAAIuU,GAAgB7C,GAClB,MAAM,IAAI8H,GAEZ,MAAM,IAAIC,EACZ,CACA,MAAMxoB,EAAM,8CAAgDygB,EAAM,KAAO5R,EACzE,MAAM,IAAI+Z,GAAW/Z,EAAIE,OAAQF,EAAI9O,QAAUC,EACjD,CAnBE,UACQ8f,EAAMe,QAAQS,aAAa,MAAOb,EAAK,CAAEpY,KAAM,GAAIkZ,YAAa,eACxE,CAAE,MAAO1S,GAEP,MAAM,IAAI8Z,GADE,kCAAoClI,EAAM,KAAO5R,EAE/D,OACMiR,EAAMe,QAAQC,KAAKL,EAc7B,CACA,OAAOlS,CACT,CAyFA,MAAO,CACL0e,gBA7IFhqB,eAAegqB,EAAgBR,GAC3B,IACE,GAAIrG,EAAeiB,YAAYoF,GAAgB,CAC7C,MAAMS,QAAkB7G,EAASzF,cAAc6L,SACzC3M,EAAMe,QAAQ2G,OAAO0F,EAAW,CAAEzV,OAAQ,WAChD,MAAM0V,QAAyB/G,EAAegB,oBAAoBqF,SAC5DvX,QAAQuH,IACZ0Q,EAAiB5C,IAAKxc,GAAQkf,EAAgBlf,IAElD,CACA,MAAMqf,EAAmBX,EAAclmB,MACvC,OAAOuZ,EAAMe,QAAQ2G,OAAO4F,EAAkB,CAAE3V,OAAQ,UAC1D,CAAE,MAAOnY,GACP,EAAU,0BAA0BmtB,EAAclmB,0BAA2BjH,EAC/E,CACJ,EA+HEunB,oBAtDF5jB,eAAmCa,GAOjC,IAAI6H,EAAM,CACR,iDACA,GACA,+CAA+C7H,EAAQgjB,eACvD,mBAAmBhjB,EAAQ8R,WAC3B,kBAAkB9R,EAAQ8R,WAC1B,+CACA,IACApV,KAAK,MACHsD,EAAQijB,gBACVpb,GAAO,CACL,sCACA,gBAAgB7H,EAAQyiB,cACxB,mBAAmBziB,EAAQ8R,WAC3B,cAAc9R,EAAQijB,iBACtB,IACAvmB,KAAK,OAELsD,EAAQupB,eACV1hB,GAAO,CACL,qCACA,gBAAgB7H,EAAQyiB,cACxB,kBAAkBziB,EAAQ8R,WAC1B,cAAc9R,EAAQupB,gBACtB,IACA7sB,KAAK,OAET,MAAM0sB,QAAkB7G,EAASzF,eAAc,KAAAhB,KAAI9b,EAAQ8R,SAC3D,OAAOkK,EAAMe,QAAQ2G,OAAO0F,EAAW,CACrCzV,OAAQ,MACRC,KAAM/L,EACNnD,QAAS,CACP,CAAC,eAAgB,iBAGvB,EAaE8kB,kBAXFrqB,eAAiCwd,EAAgB8M,SACzCzN,EAAMe,QAAQS,aAAa,MAAOb,EAAIY,IAAK,CAC/ChZ,KAAM,KAAK,IAAIiF,QAAUigB,QAEzBhM,YAAa,eAEjB,EAME+H,mBAvFFrmB,eAAkC2J,EAAoB4gB,EACpDd,EAAmBjM,SAEbX,EAAMe,QAAQC,KAAKL,GACzB,MAAMzN,EAAS8M,EAAMkB,IAAIpU,EAAS4gB,EAAW,KAAM/M,GAEnD,GAAIzN,EAAQ,OAAOA,EACnB,IAAK8M,EAAMwE,QAAQmJ,SAAShN,GAAM,CAChC,MAAMzgB,EAAM,mCAAmCygB,EAAIla,QAEnD,MADA,EAAWvG,GACL,IAAI0oB,GAAiB1oB,EAC7B,CACA,UACQ8f,EAAMwE,QAAQC,OAAO,GAAI,EAAC,KAAAF,IAAGzX,EAAS4gB,EAAWd,EAAQjM,IACjE,CAAE,MAAO5R,GAGP,MADA,EADY,4CAA4C4R,QAAUiM,MAAW7d,KAEvE,IAAI8Z,GAAkB9Z,EAC9B,CAEA,UACQme,EAAwBN,EAEhC,CAAE,MAAO7d,GAEP,MADA,EAAW,oEAAoE6d,MAAW7d,KACpFA,CACR,CACA,OAAO6d,CACT,EA4DEM,0BAEJ,CF3HyBU,CAAmB5N,EAAOzlB,EAAK+rB,GAC9CwD,EAAUf,GAAmB/I,EAAOgJ,EAAO3C,GAC3CwH,EAAOnK,GAAgB1D,EAAO8J,GAC9B1C,EAAQhB,GAAiBpG,EAAO8J,EAASzD,EAAcC,GACvDwH,EAAYlE,GAAqB5J,EAAOgJ,EAAOc,EAASzD,GA2B9D,OA1BA,EAAU,+BA0BH,CACHrG,QACAgJ,QACAzuB,MACA6sB,QACAyG,OACA/D,UACAgE,YACA9M,KAhCJ,SAAcL,GACV,OAAOX,EAAMe,QAAQC,KAAKL,EAC9B,EA+BIoN,cA5BJ,SACIC,EACA1J,EAAwB,IAExB,OAAO,IAAIlP,QAAQ,CAACC,EAASC,KAC7B0K,EAAMwE,QAAQC,OAAOuJ,EAAK1J,EAAK,SAAUI,EAAM5M,EAAImW,GAC1CnW,EAGLzC,IAFAC,EAAO,IAAIvR,MAAMkqB,GAIrB,IAEJ,EAgBIC,WAdJ,WACIlO,EAAMsM,WAAW9mB,QAAQoZ,QAAQoB,EAAMmO,OAAOxkB,KAAKqW,GACvD,EAcJ,CGrEA,MAAM0H,GAASvkB,MAAO8K,EAAKmgB,KACvB,MAAMC,EAAYD,GAAeA,EAAYE,aAA0C,QAA3BF,EAAYE,YACxE,OAAI3O,GAAYR,KAAKzF,QAAU2U,EAEpB1O,GAAYjR,MAAMT,EAAKmgB,GAEvB3uB,OAAOiP,MAAMT,EAAKmgB,IAK3BG,GAAmBtrB,OAAOurB,IAAI,yBAO9BC,GAAkC,oBAAXhvB,OAAyBA,OAAS,EAAAL,EAa/D,MAAMsvB,IAVGD,GAAaF,IAKd,EAAU,0DAJV,EAAU,uDACVE,GAAaF,IAAoBhC,GAAiB,CAAE7d,MAAOgZ,IAAU/H,IACrE,EAAU,kCAIP8O,GAAaF,KCjClBI,GAAkB,CACtB,CACEhuB,KAAM,kBACN4gB,IAAK,8BAEP,CACE5gB,KAAM,YACN4gB,IAAK,wBAEP,CACE5gB,KAAM,eACN4gB,IAAK,uBAEP,CACE5gB,KAAM,aACN4gB,IAAK,6BAOF,SAASqN,KAEZ,MAAMC,EAAU,IAAIF,KAGd,KAAE3J,EAAI,OAAE9K,GAAW,IAAIjJ,IAAI6K,SAASnN,MACpCmgB,EAAQD,EAAQpE,IAAI,EAAGlJ,SAAU,IAAItQ,IAAIsQ,GAAKyD,MAKpD,OAJK8J,EAAMzoB,SAAS2e,IAAU8J,EAAM3oB,KAAK4oB,GAO7C,SAAwBC,EAAmBC,GACvC,MAAMC,EAAMF,EAAUzuB,OAAS0uB,EAAO1uB,OAAS,EAC/C,OAAO2uB,EAAM,GAAwB,MAAnBF,EAAUE,IAAgBF,EAAUxU,SAASyU,EACnE,CAVyDE,CAAcnK,EAAM+J,KACvEF,EAAQO,QAAQ,CAAEzuB,KAAMqkB,EAAMzD,IAAKrH,IAG9B2U,CACT,CC9BF,MAAM7F,GAAQ0F,GAAoB1F,MAC5B,GAAc0F,GAAoB1F,MAAMrJ,YACxCK,GAAQ0O,GAAoB1O,a","sources":["webpack://solid-logic-jss/./node_modules/solid-namespace/index.js","webpack://solid-logic-jss/webpack/bootstrap","webpack://solid-logic-jss/./src/util/debug.ts","webpack://solid-logic-jss/webpack/runtime/compat get default export","webpack://solid-logic-jss/webpack/runtime/define property getters","webpack://solid-logic-jss/webpack/runtime/global","webpack://solid-logic-jss/webpack/runtime/hasOwnProperty shorthand","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/webcrypto.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/invalid_key_input.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/buffer_utils.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/base64url.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/is_key_like.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/key_to_jwk.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/export.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/errors.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/subtle_dsa.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/check_key_length.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/crypto_key.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_object.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_jwk.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/jwk_to_key.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/normalize_key.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/get_sign_verify_key.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/sign.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_disjoint.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/check_key_type.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_crit.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/sign.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/sign.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/epoch.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/secs.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/produce.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/sign.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/fetch_jwks.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/import.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/local.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/remote.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/verify.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_algorithms.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/verify.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/verify.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/jwt_claims_set.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/digest.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwk/thumbprint.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/generate.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/generate_key_pair.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/base64url.js","webpack://solid-logic-jss/./node_modules/solid-oidc/solid-oidc.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/verify.js","webpack://solid-logic-jss/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/decode_jwt.js","webpack://solid-logic-jss/./src/authSession/solidOidcAdapter.ts","webpack://solid-logic-jss/./src/authSession/authSession.ts","webpack://solid-logic-jss/external module \"rdflib\"","webpack://solid-logic-jss/./src/util/ns.ts","webpack://solid-logic-jss/./src/acl/aclLogic.ts","webpack://solid-logic-jss/./src/authn/authUtil.ts","webpack://solid-logic-jss/./src/authn/SolidAuthnLogic.ts","webpack://solid-logic-jss/./src/util/utils.ts","webpack://solid-logic-jss/./src/chat/chatLogic.ts","webpack://solid-logic-jss/./src/inbox/inboxLogic.ts","webpack://solid-logic-jss/./src/logic/CustomError.ts","webpack://solid-logic-jss/./src/profile/profileLogic.ts","webpack://solid-logic-jss/./src/typeIndex/typeIndexLogic.ts","webpack://solid-logic-jss/./src/logic/solidLogic.ts","webpack://solid-logic-jss/./src/util/containerLogic.ts","webpack://solid-logic-jss/./src/util/utilityLogic.ts","webpack://solid-logic-jss/./src/logic/solidLogicSingleton.ts","webpack://solid-logic-jss/./src/issuer/issuerLogic.ts","webpack://solid-logic-jss/./src/index.ts"],"sourcesContent":["/**\n * Provides a way to access commonly used namespaces\n *\n * Usage:\n *\n * ```\n * const $rdf = require('rdflib'); //or any other RDF/JS-compatible library\n * const ns = require('solid-namespace')($rdf);\n * const store = $rdf.graph();\n *\n * let me = ...;\n * let name = store.any(me, ns.vcard(‘fn’)) || store.any(me, ns.foaf(‘name’));\n * ```\n * @module vocab\n */\nconst aliases = {\n acl: 'http://www.w3.org/ns/auth/acl#',\n arg: 'http://www.w3.org/ns/pim/arg#',\n as: 'https://www.w3.org/ns/activitystreams#',\n bookmark: 'http://www.w3.org/2002/01/bookmark#',\n cal: 'http://www.w3.org/2002/12/cal/ical#',\n cco: 'http://www.ontologyrepository.com/CommonCoreOntologies/',\n cert: 'http://www.w3.org/ns/auth/cert#',\n contact: 'http://www.w3.org/2000/10/swap/pim/contact#',\n dc: 'http://purl.org/dc/elements/1.1/',\n dct: 'http://purl.org/dc/terms/',\n doap: 'http://usefulinc.com/ns/doap#',\n foaf: 'http://xmlns.com/foaf/0.1/',\n geo: 'http://www.w3.org/2003/01/geo/wgs84_pos#',\n gpx: 'http://www.w3.org/ns/pim/gpx#',\n gr: 'http://purl.org/goodrelations/v1#',\n http: 'http://www.w3.org/2007/ont/http#',\n httph: 'http://www.w3.org/2007/ont/httph#',\n icalTZ: 'http://www.w3.org/2002/12/cal/icaltzd#', // Beware: not cal:\n ldp: 'http://www.w3.org/ns/ldp#',\n link: 'http://www.w3.org/2007/ont/link#',\n log: 'http://www.w3.org/2000/10/swap/log#',\n meeting: 'http://www.w3.org/ns/pim/meeting#',\n mo: 'http://purl.org/ontology/mo/',\n org: 'http://www.w3.org/ns/org#',\n owl: 'http://www.w3.org/2002/07/owl#',\n pad: 'http://www.w3.org/ns/pim/pad#',\n patch: 'http://www.w3.org/ns/pim/patch#',\n prov: 'http://www.w3.org/ns/prov#',\n pto: 'http://www.productontology.org/id/',\n qu: 'http://www.w3.org/2000/10/swap/pim/qif#',\n trip: 'http://www.w3.org/ns/pim/trip#',\n rdf: 'http://www.w3.org/1999/02/22-rdf-syntax-ns#',\n rdfs: 'http://www.w3.org/2000/01/rdf-schema#',\n rss: 'http://purl.org/rss/1.0/',\n sched: 'http://www.w3.org/ns/pim/schedule#',\n schema: 'http://schema.org/', // @@ beware confusion with documents no 303\n sioc: 'http://rdfs.org/sioc/ns#',\n skos: 'http://www.w3.org/2004/02/skos/core#',\n solid: 'http://www.w3.org/ns/solid/terms#',\n space: 'http://www.w3.org/ns/pim/space#',\n stat: 'http://www.w3.org/ns/posix/stat#',\n tab: 'http://www.w3.org/2007/ont/link#',\n tabont: 'http://www.w3.org/2007/ont/link#',\n ui: 'http://www.w3.org/ns/ui#',\n vann: 'http://purl.org/vocab/vann/',\n vcard: 'http://www.w3.org/2006/vcard/ns#',\n wf: 'http://www.w3.org/2005/01/wf/flow#',\n xsd: 'http://www.w3.org/2001/XMLSchema#',\n}\n\n/**\n * @param [rdflib] {RDF} Optional RDF Library (such as rdflib.js or rdf-ext) to inject\n */\nfunction vocab (rdf = { namedNode: u => u }) {\n const namespaces = {}\n for (const alias in aliases) {\n const expansion = aliases[alias]\n namespaces[alias] = function (localName = '') {\n return rdf.namedNode(expansion + localName)\n }\n };\n\n return namespaces\n};\n\nmodule.exports = vocab\n","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\t__webpack_modules__[moduleId](module, module.exports, __webpack_require__);\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","\nexport function log(...args: any[]): void {\n console.log(...args)\n}\n\nexport function warn(...args: any[]): void {\n console.warn(...args)\n}\n\nexport function error(...args: any[]): void {\n console.error(...args)\n}\n\nexport function trace(...args: any[]): void {\n console.trace(...args)\n}\n","// getDefaultExport function for compatibility with non-harmony modules\n__webpack_require__.n = (module) => {\n\tvar getter = module && module.__esModule ?\n\t\t() => (module['default']) :\n\t\t() => (module);\n\t__webpack_require__.d(getter, { a: getter });\n\treturn getter;\n};","// define getter functions for harmony exports\n__webpack_require__.d = (exports, definition) => {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","__webpack_require__.g = (function() {\n\tif (typeof globalThis === 'object') return globalThis;\n\ttry {\n\t\treturn this || new Function('return this')();\n\t} catch (e) {\n\t\tif (typeof window === 'object') return window;\n\t}\n})();","__webpack_require__.o = (obj, prop) => (Object.prototype.hasOwnProperty.call(obj, prop))","export default crypto;\nexport const isCryptoKey = (key) => key instanceof CryptoKey;\n","function message(msg, actual, ...types) {\n types = types.filter(Boolean);\n if (types.length > 2) {\n const last = types.pop();\n msg += `one of type ${types.join(', ')}, or ${last}.`;\n }\n else if (types.length === 2) {\n msg += `one of type ${types[0]} or ${types[1]}.`;\n }\n else {\n msg += `of type ${types[0]}.`;\n }\n if (actual == null) {\n msg += ` Received ${actual}`;\n }\n else if (typeof actual === 'function' && actual.name) {\n msg += ` Received function ${actual.name}`;\n }\n else if (typeof actual === 'object' && actual != null) {\n if (actual.constructor?.name) {\n msg += ` Received an instance of ${actual.constructor.name}`;\n }\n }\n return msg;\n}\nexport default (actual, ...types) => {\n return message('Key must be ', actual, ...types);\n};\nexport function withAlg(alg, actual, ...types) {\n return message(`Key for the ${alg} algorithm must be `, actual, ...types);\n}\n","import digest from '../runtime/digest.js';\nexport const encoder = new TextEncoder();\nexport const decoder = new TextDecoder();\nconst MAX_INT32 = 2 ** 32;\nexport function concat(...buffers) {\n const size = buffers.reduce((acc, { length }) => acc + length, 0);\n const buf = new Uint8Array(size);\n let i = 0;\n for (const buffer of buffers) {\n buf.set(buffer, i);\n i += buffer.length;\n }\n return buf;\n}\nexport function p2s(alg, p2sInput) {\n return concat(encoder.encode(alg), new Uint8Array([0]), p2sInput);\n}\nfunction writeUInt32BE(buf, value, offset) {\n if (value < 0 || value >= MAX_INT32) {\n throw new RangeError(`value must be >= 0 and <= ${MAX_INT32 - 1}. Received ${value}`);\n }\n buf.set([value >>> 24, value >>> 16, value >>> 8, value & 0xff], offset);\n}\nexport function uint64be(value) {\n const high = Math.floor(value / MAX_INT32);\n const low = value % MAX_INT32;\n const buf = new Uint8Array(8);\n writeUInt32BE(buf, high, 0);\n writeUInt32BE(buf, low, 4);\n return buf;\n}\nexport function uint32be(value) {\n const buf = new Uint8Array(4);\n writeUInt32BE(buf, value);\n return buf;\n}\nexport function lengthAndInput(input) {\n return concat(uint32be(input.length), input);\n}\nexport async function concatKdf(secret, bits, value) {\n const iterations = Math.ceil((bits >> 3) / 32);\n const res = new Uint8Array(iterations * 32);\n for (let iter = 0; iter < iterations; iter++) {\n const buf = new Uint8Array(4 + secret.length + value.length);\n buf.set(uint32be(iter + 1));\n buf.set(secret, 4);\n buf.set(value, 4 + secret.length);\n res.set(await digest('sha256', buf), iter * 32);\n }\n return res.slice(0, bits >> 3);\n}\n","import { encoder, decoder } from '../lib/buffer_utils.js';\nexport const encodeBase64 = (input) => {\n let unencoded = input;\n if (typeof unencoded === 'string') {\n unencoded = encoder.encode(unencoded);\n }\n const CHUNK_SIZE = 0x8000;\n const arr = [];\n for (let i = 0; i < unencoded.length; i += CHUNK_SIZE) {\n arr.push(String.fromCharCode.apply(null, unencoded.subarray(i, i + CHUNK_SIZE)));\n }\n return btoa(arr.join(''));\n};\nexport const encode = (input) => {\n return encodeBase64(input).replace(/=/g, '').replace(/\\+/g, '-').replace(/\\//g, '_');\n};\nexport const decodeBase64 = (encoded) => {\n const binary = atob(encoded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n};\nexport const decode = (input) => {\n let encoded = input;\n if (encoded instanceof Uint8Array) {\n encoded = decoder.decode(encoded);\n }\n encoded = encoded.replace(/-/g, '+').replace(/_/g, '/').replace(/\\s/g, '');\n try {\n return decodeBase64(encoded);\n }\n catch {\n throw new TypeError('The input to be decoded is not correctly encoded.');\n }\n};\n","import { isCryptoKey } from './webcrypto.js';\nexport default (key) => {\n if (isCryptoKey(key)) {\n return true;\n }\n return key?.[Symbol.toStringTag] === 'KeyObject';\n};\nexport const types = ['CryptoKey'];\n","import crypto, { isCryptoKey } from './webcrypto.js';\nimport invalidKeyInput from '../lib/invalid_key_input.js';\nimport { encode as base64url } from './base64url.js';\nimport { types } from './is_key_like.js';\nconst keyToJWK = async (key) => {\n if (key instanceof Uint8Array) {\n return {\n kty: 'oct',\n k: base64url(key),\n };\n }\n if (!isCryptoKey(key)) {\n throw new TypeError(invalidKeyInput(key, ...types, 'Uint8Array'));\n }\n if (!key.extractable) {\n throw new TypeError('non-extractable CryptoKey cannot be exported as a JWK');\n }\n const { ext, key_ops, alg, use, ...jwk } = await crypto.subtle.exportKey('jwk', key);\n return jwk;\n};\nexport default keyToJWK;\n","import { toSPKI as exportPublic } from '../runtime/asn1.js';\nimport { toPKCS8 as exportPrivate } from '../runtime/asn1.js';\nimport keyToJWK from '../runtime/key_to_jwk.js';\nexport async function exportSPKI(key) {\n return exportPublic(key);\n}\nexport async function exportPKCS8(key) {\n return exportPrivate(key);\n}\nexport async function exportJWK(key) {\n return keyToJWK(key);\n}\n","export class JOSEError extends Error {\n constructor(message, options) {\n super(message, options);\n this.code = 'ERR_JOSE_GENERIC';\n this.name = this.constructor.name;\n Error.captureStackTrace?.(this, this.constructor);\n }\n}\nJOSEError.code = 'ERR_JOSE_GENERIC';\nexport class JWTClaimValidationFailed extends JOSEError {\n constructor(message, payload, claim = 'unspecified', reason = 'unspecified') {\n super(message, { cause: { claim, reason, payload } });\n this.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED';\n this.claim = claim;\n this.reason = reason;\n this.payload = payload;\n }\n}\nJWTClaimValidationFailed.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED';\nexport class JWTExpired extends JOSEError {\n constructor(message, payload, claim = 'unspecified', reason = 'unspecified') {\n super(message, { cause: { claim, reason, payload } });\n this.code = 'ERR_JWT_EXPIRED';\n this.claim = claim;\n this.reason = reason;\n this.payload = payload;\n }\n}\nJWTExpired.code = 'ERR_JWT_EXPIRED';\nexport class JOSEAlgNotAllowed extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JOSE_ALG_NOT_ALLOWED';\n }\n}\nJOSEAlgNotAllowed.code = 'ERR_JOSE_ALG_NOT_ALLOWED';\nexport class JOSENotSupported extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JOSE_NOT_SUPPORTED';\n }\n}\nJOSENotSupported.code = 'ERR_JOSE_NOT_SUPPORTED';\nexport class JWEDecryptionFailed extends JOSEError {\n constructor(message = 'decryption operation failed', options) {\n super(message, options);\n this.code = 'ERR_JWE_DECRYPTION_FAILED';\n }\n}\nJWEDecryptionFailed.code = 'ERR_JWE_DECRYPTION_FAILED';\nexport class JWEInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWE_INVALID';\n }\n}\nJWEInvalid.code = 'ERR_JWE_INVALID';\nexport class JWSInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWS_INVALID';\n }\n}\nJWSInvalid.code = 'ERR_JWS_INVALID';\nexport class JWTInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWT_INVALID';\n }\n}\nJWTInvalid.code = 'ERR_JWT_INVALID';\nexport class JWKInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWK_INVALID';\n }\n}\nJWKInvalid.code = 'ERR_JWK_INVALID';\nexport class JWKSInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWKS_INVALID';\n }\n}\nJWKSInvalid.code = 'ERR_JWKS_INVALID';\nexport class JWKSNoMatchingKey extends JOSEError {\n constructor(message = 'no applicable key found in the JSON Web Key Set', options) {\n super(message, options);\n this.code = 'ERR_JWKS_NO_MATCHING_KEY';\n }\n}\nJWKSNoMatchingKey.code = 'ERR_JWKS_NO_MATCHING_KEY';\nexport class JWKSMultipleMatchingKeys extends JOSEError {\n constructor(message = 'multiple matching keys found in the JSON Web Key Set', options) {\n super(message, options);\n this.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS';\n }\n}\nSymbol.asyncIterator;\nJWKSMultipleMatchingKeys.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS';\nexport class JWKSTimeout extends JOSEError {\n constructor(message = 'request timed out', options) {\n super(message, options);\n this.code = 'ERR_JWKS_TIMEOUT';\n }\n}\nJWKSTimeout.code = 'ERR_JWKS_TIMEOUT';\nexport class JWSSignatureVerificationFailed extends JOSEError {\n constructor(message = 'signature verification failed', options) {\n super(message, options);\n this.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED';\n }\n}\nJWSSignatureVerificationFailed.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED';\n","import { JOSENotSupported } from '../util/errors.js';\nexport default function subtleDsa(alg, algorithm) {\n const hash = `SHA-${alg.slice(-3)}`;\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512':\n return { hash, name: 'HMAC' };\n case 'PS256':\n case 'PS384':\n case 'PS512':\n return { hash, name: 'RSA-PSS', saltLength: alg.slice(-3) >> 3 };\n case 'RS256':\n case 'RS384':\n case 'RS512':\n return { hash, name: 'RSASSA-PKCS1-v1_5' };\n case 'ES256':\n case 'ES384':\n case 'ES512':\n return { hash, name: 'ECDSA', namedCurve: algorithm.namedCurve };\n case 'Ed25519':\n return { name: 'Ed25519' };\n case 'EdDSA':\n return { name: algorithm.name };\n default:\n throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);\n }\n}\n","export default (alg, key) => {\n if (alg.startsWith('RS') || alg.startsWith('PS')) {\n const { modulusLength } = key.algorithm;\n if (typeof modulusLength !== 'number' || modulusLength < 2048) {\n throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`);\n }\n }\n};\n","function unusable(name, prop = 'algorithm.name') {\n return new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);\n}\nfunction isAlgorithm(algorithm, name) {\n return algorithm.name === name;\n}\nfunction getHashLength(hash) {\n return parseInt(hash.name.slice(4), 10);\n}\nfunction getNamedCurve(alg) {\n switch (alg) {\n case 'ES256':\n return 'P-256';\n case 'ES384':\n return 'P-384';\n case 'ES512':\n return 'P-521';\n default:\n throw new Error('unreachable');\n }\n}\nfunction checkUsage(key, usages) {\n if (usages.length && !usages.some((expected) => key.usages.includes(expected))) {\n let msg = 'CryptoKey does not support this operation, its usages must include ';\n if (usages.length > 2) {\n const last = usages.pop();\n msg += `one of ${usages.join(', ')}, or ${last}.`;\n }\n else if (usages.length === 2) {\n msg += `one of ${usages[0]} or ${usages[1]}.`;\n }\n else {\n msg += `${usages[0]}.`;\n }\n throw new TypeError(msg);\n }\n}\nexport function checkSigCryptoKey(key, alg, ...usages) {\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512': {\n if (!isAlgorithm(key.algorithm, 'HMAC'))\n throw unusable('HMAC');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'RS256':\n case 'RS384':\n case 'RS512': {\n if (!isAlgorithm(key.algorithm, 'RSASSA-PKCS1-v1_5'))\n throw unusable('RSASSA-PKCS1-v1_5');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'PS256':\n case 'PS384':\n case 'PS512': {\n if (!isAlgorithm(key.algorithm, 'RSA-PSS'))\n throw unusable('RSA-PSS');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'EdDSA': {\n if (key.algorithm.name !== 'Ed25519' && key.algorithm.name !== 'Ed448') {\n throw unusable('Ed25519 or Ed448');\n }\n break;\n }\n case 'Ed25519': {\n if (!isAlgorithm(key.algorithm, 'Ed25519'))\n throw unusable('Ed25519');\n break;\n }\n case 'ES256':\n case 'ES384':\n case 'ES512': {\n if (!isAlgorithm(key.algorithm, 'ECDSA'))\n throw unusable('ECDSA');\n const expected = getNamedCurve(alg);\n const actual = key.algorithm.namedCurve;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.namedCurve');\n break;\n }\n default:\n throw new TypeError('CryptoKey does not support this operation');\n }\n checkUsage(key, usages);\n}\nexport function checkEncCryptoKey(key, alg, ...usages) {\n switch (alg) {\n case 'A128GCM':\n case 'A192GCM':\n case 'A256GCM': {\n if (!isAlgorithm(key.algorithm, 'AES-GCM'))\n throw unusable('AES-GCM');\n const expected = parseInt(alg.slice(1, 4), 10);\n const actual = key.algorithm.length;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.length');\n break;\n }\n case 'A128KW':\n case 'A192KW':\n case 'A256KW': {\n if (!isAlgorithm(key.algorithm, 'AES-KW'))\n throw unusable('AES-KW');\n const expected = parseInt(alg.slice(1, 4), 10);\n const actual = key.algorithm.length;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.length');\n break;\n }\n case 'ECDH': {\n switch (key.algorithm.name) {\n case 'ECDH':\n case 'X25519':\n case 'X448':\n break;\n default:\n throw unusable('ECDH, X25519, or X448');\n }\n break;\n }\n case 'PBES2-HS256+A128KW':\n case 'PBES2-HS384+A192KW':\n case 'PBES2-HS512+A256KW':\n if (!isAlgorithm(key.algorithm, 'PBKDF2'))\n throw unusable('PBKDF2');\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512': {\n if (!isAlgorithm(key.algorithm, 'RSA-OAEP'))\n throw unusable('RSA-OAEP');\n const expected = parseInt(alg.slice(9), 10) || 1;\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n default:\n throw new TypeError('CryptoKey does not support this operation');\n }\n checkUsage(key, usages);\n}\n","function isObjectLike(value) {\n return typeof value === 'object' && value !== null;\n}\nexport default function isObject(input) {\n if (!isObjectLike(input) || Object.prototype.toString.call(input) !== '[object Object]') {\n return false;\n }\n if (Object.getPrototypeOf(input) === null) {\n return true;\n }\n let proto = input;\n while (Object.getPrototypeOf(proto) !== null) {\n proto = Object.getPrototypeOf(proto);\n }\n return Object.getPrototypeOf(input) === proto;\n}\n","import isObject from './is_object.js';\nexport function isJWK(key) {\n return isObject(key) && typeof key.kty === 'string';\n}\nexport function isPrivateJWK(key) {\n return key.kty !== 'oct' && typeof key.d === 'string';\n}\nexport function isPublicJWK(key) {\n return key.kty !== 'oct' && typeof key.d === 'undefined';\n}\nexport function isSecretJWK(key) {\n return isJWK(key) && key.kty === 'oct' && typeof key.k === 'string';\n}\n","import crypto from './webcrypto.js';\nimport { JOSENotSupported } from '../util/errors.js';\nfunction subtleMapping(jwk) {\n let algorithm;\n let keyUsages;\n switch (jwk.kty) {\n case 'RSA': {\n switch (jwk.alg) {\n case 'PS256':\n case 'PS384':\n case 'PS512':\n algorithm = { name: 'RSA-PSS', hash: `SHA-${jwk.alg.slice(-3)}` };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'RS256':\n case 'RS384':\n case 'RS512':\n algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${jwk.alg.slice(-3)}` };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512':\n algorithm = {\n name: 'RSA-OAEP',\n hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`,\n };\n keyUsages = jwk.d ? ['decrypt', 'unwrapKey'] : ['encrypt', 'wrapKey'];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n case 'EC': {\n switch (jwk.alg) {\n case 'ES256':\n algorithm = { name: 'ECDSA', namedCurve: 'P-256' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ES384':\n algorithm = { name: 'ECDSA', namedCurve: 'P-384' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ES512':\n algorithm = { name: 'ECDSA', namedCurve: 'P-521' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW':\n algorithm = { name: 'ECDH', namedCurve: jwk.crv };\n keyUsages = jwk.d ? ['deriveBits'] : [];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n case 'OKP': {\n switch (jwk.alg) {\n case 'Ed25519':\n algorithm = { name: 'Ed25519' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'EdDSA':\n algorithm = { name: jwk.crv };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW':\n algorithm = { name: jwk.crv };\n keyUsages = jwk.d ? ['deriveBits'] : [];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"kty\" (Key Type) Parameter value');\n }\n return { algorithm, keyUsages };\n}\nconst parse = async (jwk) => {\n if (!jwk.alg) {\n throw new TypeError('\"alg\" argument is required when \"jwk.alg\" is not present');\n }\n const { algorithm, keyUsages } = subtleMapping(jwk);\n const rest = [\n algorithm,\n jwk.ext ?? false,\n jwk.key_ops ?? keyUsages,\n ];\n const keyData = { ...jwk };\n delete keyData.alg;\n delete keyData.use;\n return crypto.subtle.importKey('jwk', keyData, ...rest);\n};\nexport default parse;\n","import { isJWK } from '../lib/is_jwk.js';\nimport { decode } from './base64url.js';\nimport importJWK from './jwk_to_key.js';\nconst exportKeyValue = (k) => decode(k);\nlet privCache;\nlet pubCache;\nconst isKeyObject = (key) => {\n return key?.[Symbol.toStringTag] === 'KeyObject';\n};\nconst importAndCache = async (cache, key, jwk, alg, freeze = false) => {\n let cached = cache.get(key);\n if (cached?.[alg]) {\n return cached[alg];\n }\n const cryptoKey = await importJWK({ ...jwk, alg });\n if (freeze)\n Object.freeze(key);\n if (!cached) {\n cache.set(key, { [alg]: cryptoKey });\n }\n else {\n cached[alg] = cryptoKey;\n }\n return cryptoKey;\n};\nconst normalizePublicKey = (key, alg) => {\n if (isKeyObject(key)) {\n let jwk = key.export({ format: 'jwk' });\n delete jwk.d;\n delete jwk.dp;\n delete jwk.dq;\n delete jwk.p;\n delete jwk.q;\n delete jwk.qi;\n if (jwk.k) {\n return exportKeyValue(jwk.k);\n }\n pubCache || (pubCache = new WeakMap());\n return importAndCache(pubCache, key, jwk, alg);\n }\n if (isJWK(key)) {\n if (key.k)\n return decode(key.k);\n pubCache || (pubCache = new WeakMap());\n const cryptoKey = importAndCache(pubCache, key, key, alg, true);\n return cryptoKey;\n }\n return key;\n};\nconst normalizePrivateKey = (key, alg) => {\n if (isKeyObject(key)) {\n let jwk = key.export({ format: 'jwk' });\n if (jwk.k) {\n return exportKeyValue(jwk.k);\n }\n privCache || (privCache = new WeakMap());\n return importAndCache(privCache, key, jwk, alg);\n }\n if (isJWK(key)) {\n if (key.k)\n return decode(key.k);\n privCache || (privCache = new WeakMap());\n const cryptoKey = importAndCache(privCache, key, key, alg, true);\n return cryptoKey;\n }\n return key;\n};\nexport default { normalizePublicKey, normalizePrivateKey };\n","import crypto, { isCryptoKey } from './webcrypto.js';\nimport { checkSigCryptoKey } from '../lib/crypto_key.js';\nimport invalidKeyInput from '../lib/invalid_key_input.js';\nimport { types } from './is_key_like.js';\nimport normalize from './normalize_key.js';\nexport default async function getCryptoKey(alg, key, usage) {\n if (usage === 'sign') {\n key = await normalize.normalizePrivateKey(key, alg);\n }\n if (usage === 'verify') {\n key = await normalize.normalizePublicKey(key, alg);\n }\n if (isCryptoKey(key)) {\n checkSigCryptoKey(key, alg, usage);\n return key;\n }\n if (key instanceof Uint8Array) {\n if (!alg.startsWith('HS')) {\n throw new TypeError(invalidKeyInput(key, ...types));\n }\n return crypto.subtle.importKey('raw', key, { hash: `SHA-${alg.slice(-3)}`, name: 'HMAC' }, false, [usage]);\n }\n throw new TypeError(invalidKeyInput(key, ...types, 'Uint8Array', 'JSON Web Key'));\n}\n","import subtleAlgorithm from './subtle_dsa.js';\nimport crypto from './webcrypto.js';\nimport checkKeyLength from './check_key_length.js';\nimport getSignKey from './get_sign_verify_key.js';\nconst sign = async (alg, key, data) => {\n const cryptoKey = await getSignKey(alg, key, 'sign');\n checkKeyLength(alg, cryptoKey);\n const signature = await crypto.subtle.sign(subtleAlgorithm(alg, cryptoKey.algorithm), cryptoKey, data);\n return new Uint8Array(signature);\n};\nexport default sign;\n","const isDisjoint = (...headers) => {\n const sources = headers.filter(Boolean);\n if (sources.length === 0 || sources.length === 1) {\n return true;\n }\n let acc;\n for (const header of sources) {\n const parameters = Object.keys(header);\n if (!acc || acc.size === 0) {\n acc = new Set(parameters);\n continue;\n }\n for (const parameter of parameters) {\n if (acc.has(parameter)) {\n return false;\n }\n acc.add(parameter);\n }\n }\n return true;\n};\nexport default isDisjoint;\n","import { withAlg as invalidKeyInput } from './invalid_key_input.js';\nimport isKeyLike, { types } from '../runtime/is_key_like.js';\nimport * as jwk from './is_jwk.js';\nconst tag = (key) => key?.[Symbol.toStringTag];\nconst jwkMatchesOp = (alg, key, usage) => {\n if (key.use !== undefined && key.use !== 'sig') {\n throw new TypeError('Invalid key for this operation, when present its use must be sig');\n }\n if (key.key_ops !== undefined && key.key_ops.includes?.(usage) !== true) {\n throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${usage}`);\n }\n if (key.alg !== undefined && key.alg !== alg) {\n throw new TypeError(`Invalid key for this operation, when present its alg must be ${alg}`);\n }\n return true;\n};\nconst symmetricTypeCheck = (alg, key, usage, allowJwk) => {\n if (key instanceof Uint8Array)\n return;\n if (allowJwk && jwk.isJWK(key)) {\n if (jwk.isSecretJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK \"kty\" (Key Type) equal to \"oct\" and the JWK \"k\" (Key Value) present`);\n }\n if (!isKeyLike(key)) {\n throw new TypeError(invalidKeyInput(alg, key, ...types, 'Uint8Array', allowJwk ? 'JSON Web Key' : null));\n }\n if (key.type !== 'secret') {\n throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type \"secret\"`);\n }\n};\nconst asymmetricTypeCheck = (alg, key, usage, allowJwk) => {\n if (allowJwk && jwk.isJWK(key)) {\n switch (usage) {\n case 'sign':\n if (jwk.isPrivateJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for this operation be a private JWK`);\n case 'verify':\n if (jwk.isPublicJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for this operation be a public JWK`);\n }\n }\n if (!isKeyLike(key)) {\n throw new TypeError(invalidKeyInput(alg, key, ...types, allowJwk ? 'JSON Web Key' : null));\n }\n if (key.type === 'secret') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type \"secret\"`);\n }\n if (usage === 'sign' && key.type === 'public') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type \"private\"`);\n }\n if (usage === 'decrypt' && key.type === 'public') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type \"private\"`);\n }\n if (key.algorithm && usage === 'verify' && key.type === 'private') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type \"public\"`);\n }\n if (key.algorithm && usage === 'encrypt' && key.type === 'private') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type \"public\"`);\n }\n};\nfunction checkKeyType(allowJwk, alg, key, usage) {\n const symmetric = alg.startsWith('HS') ||\n alg === 'dir' ||\n alg.startsWith('PBES2') ||\n /^A\\d{3}(?:GCM)?KW$/.test(alg);\n if (symmetric) {\n symmetricTypeCheck(alg, key, usage, allowJwk);\n }\n else {\n asymmetricTypeCheck(alg, key, usage, allowJwk);\n }\n}\nexport default checkKeyType.bind(undefined, false);\nexport const checkKeyTypeWithJwk = checkKeyType.bind(undefined, true);\n","import { JOSENotSupported } from '../util/errors.js';\nfunction validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) {\n if (joseHeader.crit !== undefined && protectedHeader?.crit === undefined) {\n throw new Err('\"crit\" (Critical) Header Parameter MUST be integrity protected');\n }\n if (!protectedHeader || protectedHeader.crit === undefined) {\n return new Set();\n }\n if (!Array.isArray(protectedHeader.crit) ||\n protectedHeader.crit.length === 0 ||\n protectedHeader.crit.some((input) => typeof input !== 'string' || input.length === 0)) {\n throw new Err('\"crit\" (Critical) Header Parameter MUST be an array of non-empty strings when present');\n }\n let recognized;\n if (recognizedOption !== undefined) {\n recognized = new Map([...Object.entries(recognizedOption), ...recognizedDefault.entries()]);\n }\n else {\n recognized = recognizedDefault;\n }\n for (const parameter of protectedHeader.crit) {\n if (!recognized.has(parameter)) {\n throw new JOSENotSupported(`Extension Header Parameter \"${parameter}\" is not recognized`);\n }\n if (joseHeader[parameter] === undefined) {\n throw new Err(`Extension Header Parameter \"${parameter}\" is missing`);\n }\n if (recognized.get(parameter) && protectedHeader[parameter] === undefined) {\n throw new Err(`Extension Header Parameter \"${parameter}\" MUST be integrity protected`);\n }\n }\n return new Set(protectedHeader.crit);\n}\nexport default validateCrit;\n","import { encode as base64url } from '../../runtime/base64url.js';\nimport sign from '../../runtime/sign.js';\nimport isDisjoint from '../../lib/is_disjoint.js';\nimport { JWSInvalid } from '../../util/errors.js';\nimport { encoder, decoder, concat } from '../../lib/buffer_utils.js';\nimport { checkKeyTypeWithJwk } from '../../lib/check_key_type.js';\nimport validateCrit from '../../lib/validate_crit.js';\nexport class FlattenedSign {\n constructor(payload) {\n if (!(payload instanceof Uint8Array)) {\n throw new TypeError('payload must be an instance of Uint8Array');\n }\n this._payload = payload;\n }\n setProtectedHeader(protectedHeader) {\n if (this._protectedHeader) {\n throw new TypeError('setProtectedHeader can only be called once');\n }\n this._protectedHeader = protectedHeader;\n return this;\n }\n setUnprotectedHeader(unprotectedHeader) {\n if (this._unprotectedHeader) {\n throw new TypeError('setUnprotectedHeader can only be called once');\n }\n this._unprotectedHeader = unprotectedHeader;\n return this;\n }\n async sign(key, options) {\n if (!this._protectedHeader && !this._unprotectedHeader) {\n throw new JWSInvalid('either setProtectedHeader or setUnprotectedHeader must be called before #sign()');\n }\n if (!isDisjoint(this._protectedHeader, this._unprotectedHeader)) {\n throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');\n }\n const joseHeader = {\n ...this._protectedHeader,\n ...this._unprotectedHeader,\n };\n const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, this._protectedHeader, joseHeader);\n let b64 = true;\n if (extensions.has('b64')) {\n b64 = this._protectedHeader.b64;\n if (typeof b64 !== 'boolean') {\n throw new JWSInvalid('The \"b64\" (base64url-encode payload) Header Parameter must be a boolean');\n }\n }\n const { alg } = joseHeader;\n if (typeof alg !== 'string' || !alg) {\n throw new JWSInvalid('JWS \"alg\" (Algorithm) Header Parameter missing or invalid');\n }\n checkKeyTypeWithJwk(alg, key, 'sign');\n let payload = this._payload;\n if (b64) {\n payload = encoder.encode(base64url(payload));\n }\n let protectedHeader;\n if (this._protectedHeader) {\n protectedHeader = encoder.encode(base64url(JSON.stringify(this._protectedHeader)));\n }\n else {\n protectedHeader = encoder.encode('');\n }\n const data = concat(protectedHeader, encoder.encode('.'), payload);\n const signature = await sign(alg, key, data);\n const jws = {\n signature: base64url(signature),\n payload: '',\n };\n if (b64) {\n jws.payload = decoder.decode(payload);\n }\n if (this._unprotectedHeader) {\n jws.header = this._unprotectedHeader;\n }\n if (this._protectedHeader) {\n jws.protected = decoder.decode(protectedHeader);\n }\n return jws;\n }\n}\n","import { FlattenedSign } from '../flattened/sign.js';\nexport class CompactSign {\n constructor(payload) {\n this._flattened = new FlattenedSign(payload);\n }\n setProtectedHeader(protectedHeader) {\n this._flattened.setProtectedHeader(protectedHeader);\n return this;\n }\n async sign(key, options) {\n const jws = await this._flattened.sign(key, options);\n if (jws.payload === undefined) {\n throw new TypeError('use the flattened module for creating JWS with b64: false');\n }\n return `${jws.protected}.${jws.payload}.${jws.signature}`;\n }\n}\n","export default (date) => Math.floor(date.getTime() / 1000);\n","const minute = 60;\nconst hour = minute * 60;\nconst day = hour * 24;\nconst week = day * 7;\nconst year = day * 365.25;\nconst REGEX = /^(\\+|\\-)? ?(\\d+|\\d+\\.\\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;\nexport default (str) => {\n const matched = REGEX.exec(str);\n if (!matched || (matched[4] && matched[1])) {\n throw new TypeError('Invalid time period format');\n }\n const value = parseFloat(matched[2]);\n const unit = matched[3].toLowerCase();\n let numericDate;\n switch (unit) {\n case 'sec':\n case 'secs':\n case 'second':\n case 'seconds':\n case 's':\n numericDate = Math.round(value);\n break;\n case 'minute':\n case 'minutes':\n case 'min':\n case 'mins':\n case 'm':\n numericDate = Math.round(value * minute);\n break;\n case 'hour':\n case 'hours':\n case 'hr':\n case 'hrs':\n case 'h':\n numericDate = Math.round(value * hour);\n break;\n case 'day':\n case 'days':\n case 'd':\n numericDate = Math.round(value * day);\n break;\n case 'week':\n case 'weeks':\n case 'w':\n numericDate = Math.round(value * week);\n break;\n default:\n numericDate = Math.round(value * year);\n break;\n }\n if (matched[1] === '-' || matched[4] === 'ago') {\n return -numericDate;\n }\n return numericDate;\n};\n","import epoch from '../lib/epoch.js';\nimport isObject from '../lib/is_object.js';\nimport secs from '../lib/secs.js';\nfunction validateInput(label, input) {\n if (!Number.isFinite(input)) {\n throw new TypeError(`Invalid ${label} input`);\n }\n return input;\n}\nexport class ProduceJWT {\n constructor(payload = {}) {\n if (!isObject(payload)) {\n throw new TypeError('JWT Claims Set MUST be an object');\n }\n this._payload = payload;\n }\n setIssuer(issuer) {\n this._payload = { ...this._payload, iss: issuer };\n return this;\n }\n setSubject(subject) {\n this._payload = { ...this._payload, sub: subject };\n return this;\n }\n setAudience(audience) {\n this._payload = { ...this._payload, aud: audience };\n return this;\n }\n setJti(jwtId) {\n this._payload = { ...this._payload, jti: jwtId };\n return this;\n }\n setNotBefore(input) {\n if (typeof input === 'number') {\n this._payload = { ...this._payload, nbf: validateInput('setNotBefore', input) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, nbf: validateInput('setNotBefore', epoch(input)) };\n }\n else {\n this._payload = { ...this._payload, nbf: epoch(new Date()) + secs(input) };\n }\n return this;\n }\n setExpirationTime(input) {\n if (typeof input === 'number') {\n this._payload = { ...this._payload, exp: validateInput('setExpirationTime', input) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, exp: validateInput('setExpirationTime', epoch(input)) };\n }\n else {\n this._payload = { ...this._payload, exp: epoch(new Date()) + secs(input) };\n }\n return this;\n }\n setIssuedAt(input) {\n if (typeof input === 'undefined') {\n this._payload = { ...this._payload, iat: epoch(new Date()) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, iat: validateInput('setIssuedAt', epoch(input)) };\n }\n else if (typeof input === 'string') {\n this._payload = {\n ...this._payload,\n iat: validateInput('setIssuedAt', epoch(new Date()) + secs(input)),\n };\n }\n else {\n this._payload = { ...this._payload, iat: validateInput('setIssuedAt', input) };\n }\n return this;\n }\n}\n","import { CompactSign } from '../jws/compact/sign.js';\nimport { JWTInvalid } from '../util/errors.js';\nimport { encoder } from '../lib/buffer_utils.js';\nimport { ProduceJWT } from './produce.js';\nexport class SignJWT extends ProduceJWT {\n setProtectedHeader(protectedHeader) {\n this._protectedHeader = protectedHeader;\n return this;\n }\n async sign(key, options) {\n const sig = new CompactSign(encoder.encode(JSON.stringify(this._payload)));\n sig.setProtectedHeader(this._protectedHeader);\n if (Array.isArray(this._protectedHeader?.crit) &&\n this._protectedHeader.crit.includes('b64') &&\n this._protectedHeader.b64 === false) {\n throw new JWTInvalid('JWTs MUST NOT use unencoded payload');\n }\n return sig.sign(key, options);\n }\n}\n","import { JOSEError, JWKSTimeout } from '../util/errors.js';\nconst fetchJwks = async (url, timeout, options) => {\n let controller;\n let id;\n let timedOut = false;\n if (typeof AbortController === 'function') {\n controller = new AbortController();\n id = setTimeout(() => {\n timedOut = true;\n controller.abort();\n }, timeout);\n }\n const response = await fetch(url.href, {\n signal: controller ? controller.signal : undefined,\n redirect: 'manual',\n headers: options.headers,\n }).catch((err) => {\n if (timedOut)\n throw new JWKSTimeout();\n throw err;\n });\n if (id !== undefined)\n clearTimeout(id);\n if (response.status !== 200) {\n throw new JOSEError('Expected 200 OK from the JSON Web Key Set HTTP response');\n }\n try {\n return await response.json();\n }\n catch {\n throw new JOSEError('Failed to parse the JSON Web Key Set HTTP response as JSON');\n }\n};\nexport default fetchJwks;\n","import { decode as decodeBase64URL } from '../runtime/base64url.js';\nimport { fromSPKI, fromPKCS8, fromX509 } from '../runtime/asn1.js';\nimport asKeyObject from '../runtime/jwk_to_key.js';\nimport { JOSENotSupported } from '../util/errors.js';\nimport isObject from '../lib/is_object.js';\nexport async function importSPKI(spki, alg, options) {\n if (typeof spki !== 'string' || spki.indexOf('-----BEGIN PUBLIC KEY-----') !== 0) {\n throw new TypeError('\"spki\" must be SPKI formatted string');\n }\n return fromSPKI(spki, alg, options);\n}\nexport async function importX509(x509, alg, options) {\n if (typeof x509 !== 'string' || x509.indexOf('-----BEGIN CERTIFICATE-----') !== 0) {\n throw new TypeError('\"x509\" must be X.509 formatted string');\n }\n return fromX509(x509, alg, options);\n}\nexport async function importPKCS8(pkcs8, alg, options) {\n if (typeof pkcs8 !== 'string' || pkcs8.indexOf('-----BEGIN PRIVATE KEY-----') !== 0) {\n throw new TypeError('\"pkcs8\" must be PKCS#8 formatted string');\n }\n return fromPKCS8(pkcs8, alg, options);\n}\nexport async function importJWK(jwk, alg) {\n if (!isObject(jwk)) {\n throw new TypeError('JWK must be an object');\n }\n alg || (alg = jwk.alg);\n switch (jwk.kty) {\n case 'oct':\n if (typeof jwk.k !== 'string' || !jwk.k) {\n throw new TypeError('missing \"k\" (Key Value) Parameter value');\n }\n return decodeBase64URL(jwk.k);\n case 'RSA':\n if ('oth' in jwk && jwk.oth !== undefined) {\n throw new JOSENotSupported('RSA JWK \"oth\" (Other Primes Info) Parameter value is not supported');\n }\n case 'EC':\n case 'OKP':\n return asKeyObject({ ...jwk, alg });\n default:\n throw new JOSENotSupported('Unsupported \"kty\" (Key Type) Parameter value');\n }\n}\n","import { importJWK } from '../key/import.js';\nimport { JWKSInvalid, JOSENotSupported, JWKSNoMatchingKey, JWKSMultipleMatchingKeys, } from '../util/errors.js';\nimport isObject from '../lib/is_object.js';\nfunction getKtyFromAlg(alg) {\n switch (typeof alg === 'string' && alg.slice(0, 2)) {\n case 'RS':\n case 'PS':\n return 'RSA';\n case 'ES':\n return 'EC';\n case 'Ed':\n return 'OKP';\n default:\n throw new JOSENotSupported('Unsupported \"alg\" value for a JSON Web Key Set');\n }\n}\nfunction isJWKSLike(jwks) {\n return (jwks &&\n typeof jwks === 'object' &&\n Array.isArray(jwks.keys) &&\n jwks.keys.every(isJWKLike));\n}\nfunction isJWKLike(key) {\n return isObject(key);\n}\nfunction clone(obj) {\n if (typeof structuredClone === 'function') {\n return structuredClone(obj);\n }\n return JSON.parse(JSON.stringify(obj));\n}\nclass LocalJWKSet {\n constructor(jwks) {\n this._cached = new WeakMap();\n if (!isJWKSLike(jwks)) {\n throw new JWKSInvalid('JSON Web Key Set malformed');\n }\n this._jwks = clone(jwks);\n }\n async getKey(protectedHeader, token) {\n const { alg, kid } = { ...protectedHeader, ...token?.header };\n const kty = getKtyFromAlg(alg);\n const candidates = this._jwks.keys.filter((jwk) => {\n let candidate = kty === jwk.kty;\n if (candidate && typeof kid === 'string') {\n candidate = kid === jwk.kid;\n }\n if (candidate && typeof jwk.alg === 'string') {\n candidate = alg === jwk.alg;\n }\n if (candidate && typeof jwk.use === 'string') {\n candidate = jwk.use === 'sig';\n }\n if (candidate && Array.isArray(jwk.key_ops)) {\n candidate = jwk.key_ops.includes('verify');\n }\n if (candidate) {\n switch (alg) {\n case 'ES256':\n candidate = jwk.crv === 'P-256';\n break;\n case 'ES256K':\n candidate = jwk.crv === 'secp256k1';\n break;\n case 'ES384':\n candidate = jwk.crv === 'P-384';\n break;\n case 'ES512':\n candidate = jwk.crv === 'P-521';\n break;\n case 'Ed25519':\n candidate = jwk.crv === 'Ed25519';\n break;\n case 'EdDSA':\n candidate = jwk.crv === 'Ed25519' || jwk.crv === 'Ed448';\n break;\n }\n }\n return candidate;\n });\n const { 0: jwk, length } = candidates;\n if (length === 0) {\n throw new JWKSNoMatchingKey();\n }\n if (length !== 1) {\n const error = new JWKSMultipleMatchingKeys();\n const { _cached } = this;\n error[Symbol.asyncIterator] = async function* () {\n for (const jwk of candidates) {\n try {\n yield await importWithAlgCache(_cached, jwk, alg);\n }\n catch { }\n }\n };\n throw error;\n }\n return importWithAlgCache(this._cached, jwk, alg);\n }\n}\nasync function importWithAlgCache(cache, jwk, alg) {\n const cached = cache.get(jwk) || cache.set(jwk, {}).get(jwk);\n if (cached[alg] === undefined) {\n const key = await importJWK({ ...jwk, ext: true }, alg);\n if (key instanceof Uint8Array || key.type !== 'public') {\n throw new JWKSInvalid('JSON Web Key Set members must be public keys');\n }\n cached[alg] = key;\n }\n return cached[alg];\n}\nexport function createLocalJWKSet(jwks) {\n const set = new LocalJWKSet(jwks);\n const localJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);\n Object.defineProperties(localJWKSet, {\n jwks: {\n value: () => clone(set._jwks),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n });\n return localJWKSet;\n}\n","import fetchJwks from '../runtime/fetch_jwks.js';\nimport { JWKSNoMatchingKey } from '../util/errors.js';\nimport { createLocalJWKSet } from './local.js';\nimport isObject from '../lib/is_object.js';\nfunction isCloudflareWorkers() {\n return (typeof WebSocketPair !== 'undefined' ||\n (typeof navigator !== 'undefined' && navigator.userAgent === 'Cloudflare-Workers') ||\n (typeof EdgeRuntime !== 'undefined' && EdgeRuntime === 'vercel'));\n}\nlet USER_AGENT;\nif (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) {\n const NAME = 'jose';\n const VERSION = 'v5.10.0';\n USER_AGENT = `${NAME}/${VERSION}`;\n}\nexport const jwksCache = Symbol();\nfunction isFreshJwksCache(input, cacheMaxAge) {\n if (typeof input !== 'object' || input === null) {\n return false;\n }\n if (!('uat' in input) || typeof input.uat !== 'number' || Date.now() - input.uat >= cacheMaxAge) {\n return false;\n }\n if (!('jwks' in input) ||\n !isObject(input.jwks) ||\n !Array.isArray(input.jwks.keys) ||\n !Array.prototype.every.call(input.jwks.keys, isObject)) {\n return false;\n }\n return true;\n}\nclass RemoteJWKSet {\n constructor(url, options) {\n if (!(url instanceof URL)) {\n throw new TypeError('url must be an instance of URL');\n }\n this._url = new URL(url.href);\n this._options = { agent: options?.agent, headers: options?.headers };\n this._timeoutDuration =\n typeof options?.timeoutDuration === 'number' ? options?.timeoutDuration : 5000;\n this._cooldownDuration =\n typeof options?.cooldownDuration === 'number' ? options?.cooldownDuration : 30000;\n this._cacheMaxAge = typeof options?.cacheMaxAge === 'number' ? options?.cacheMaxAge : 600000;\n if (options?.[jwksCache] !== undefined) {\n this._cache = options?.[jwksCache];\n if (isFreshJwksCache(options?.[jwksCache], this._cacheMaxAge)) {\n this._jwksTimestamp = this._cache.uat;\n this._local = createLocalJWKSet(this._cache.jwks);\n }\n }\n }\n coolingDown() {\n return typeof this._jwksTimestamp === 'number'\n ? Date.now() < this._jwksTimestamp + this._cooldownDuration\n : false;\n }\n fresh() {\n return typeof this._jwksTimestamp === 'number'\n ? Date.now() < this._jwksTimestamp + this._cacheMaxAge\n : false;\n }\n async getKey(protectedHeader, token) {\n if (!this._local || !this.fresh()) {\n await this.reload();\n }\n try {\n return await this._local(protectedHeader, token);\n }\n catch (err) {\n if (err instanceof JWKSNoMatchingKey) {\n if (this.coolingDown() === false) {\n await this.reload();\n return this._local(protectedHeader, token);\n }\n }\n throw err;\n }\n }\n async reload() {\n if (this._pendingFetch && isCloudflareWorkers()) {\n this._pendingFetch = undefined;\n }\n const headers = new Headers(this._options.headers);\n if (USER_AGENT && !headers.has('User-Agent')) {\n headers.set('User-Agent', USER_AGENT);\n this._options.headers = Object.fromEntries(headers.entries());\n }\n this._pendingFetch || (this._pendingFetch = fetchJwks(this._url, this._timeoutDuration, this._options)\n .then((json) => {\n this._local = createLocalJWKSet(json);\n if (this._cache) {\n this._cache.uat = Date.now();\n this._cache.jwks = json;\n }\n this._jwksTimestamp = Date.now();\n this._pendingFetch = undefined;\n })\n .catch((err) => {\n this._pendingFetch = undefined;\n throw err;\n }));\n await this._pendingFetch;\n }\n}\nexport function createRemoteJWKSet(url, options) {\n const set = new RemoteJWKSet(url, options);\n const remoteJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);\n Object.defineProperties(remoteJWKSet, {\n coolingDown: {\n get: () => set.coolingDown(),\n enumerable: true,\n configurable: false,\n },\n fresh: {\n get: () => set.fresh(),\n enumerable: true,\n configurable: false,\n },\n reload: {\n value: () => set.reload(),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n reloading: {\n get: () => !!set._pendingFetch,\n enumerable: true,\n configurable: false,\n },\n jwks: {\n value: () => set._local?.jwks(),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n });\n return remoteJWKSet;\n}\nexport const experimental_jwksCache = jwksCache;\n","import subtleAlgorithm from './subtle_dsa.js';\nimport crypto from './webcrypto.js';\nimport checkKeyLength from './check_key_length.js';\nimport getVerifyKey from './get_sign_verify_key.js';\nconst verify = async (alg, key, signature, data) => {\n const cryptoKey = await getVerifyKey(alg, key, 'verify');\n checkKeyLength(alg, cryptoKey);\n const algorithm = subtleAlgorithm(alg, cryptoKey.algorithm);\n try {\n return await crypto.subtle.verify(algorithm, cryptoKey, signature, data);\n }\n catch {\n return false;\n }\n};\nexport default verify;\n","const validateAlgorithms = (option, algorithms) => {\n if (algorithms !== undefined &&\n (!Array.isArray(algorithms) || algorithms.some((s) => typeof s !== 'string'))) {\n throw new TypeError(`\"${option}\" option must be an array of strings`);\n }\n if (!algorithms) {\n return undefined;\n }\n return new Set(algorithms);\n};\nexport default validateAlgorithms;\n","import { flattenedVerify } from '../flattened/verify.js';\nimport { JWSInvalid } from '../../util/errors.js';\nimport { decoder } from '../../lib/buffer_utils.js';\nexport async function compactVerify(jws, key, options) {\n if (jws instanceof Uint8Array) {\n jws = decoder.decode(jws);\n }\n if (typeof jws !== 'string') {\n throw new JWSInvalid('Compact JWS must be a string or Uint8Array');\n }\n const { 0: protectedHeader, 1: payload, 2: signature, length } = jws.split('.');\n if (length !== 3) {\n throw new JWSInvalid('Invalid Compact JWS');\n }\n const verified = await flattenedVerify({ payload, protected: protectedHeader, signature }, key, options);\n const result = { payload: verified.payload, protectedHeader: verified.protectedHeader };\n if (typeof key === 'function') {\n return { ...result, key: verified.key };\n }\n return result;\n}\n","import { decode as base64url } from '../../runtime/base64url.js';\nimport verify from '../../runtime/verify.js';\nimport { JOSEAlgNotAllowed, JWSInvalid, JWSSignatureVerificationFailed } from '../../util/errors.js';\nimport { concat, encoder, decoder } from '../../lib/buffer_utils.js';\nimport isDisjoint from '../../lib/is_disjoint.js';\nimport isObject from '../../lib/is_object.js';\nimport { checkKeyTypeWithJwk } from '../../lib/check_key_type.js';\nimport validateCrit from '../../lib/validate_crit.js';\nimport validateAlgorithms from '../../lib/validate_algorithms.js';\nimport { isJWK } from '../../lib/is_jwk.js';\nimport { importJWK } from '../../key/import.js';\nexport async function flattenedVerify(jws, key, options) {\n if (!isObject(jws)) {\n throw new JWSInvalid('Flattened JWS must be an object');\n }\n if (jws.protected === undefined && jws.header === undefined) {\n throw new JWSInvalid('Flattened JWS must have either of the \"protected\" or \"header\" members');\n }\n if (jws.protected !== undefined && typeof jws.protected !== 'string') {\n throw new JWSInvalid('JWS Protected Header incorrect type');\n }\n if (jws.payload === undefined) {\n throw new JWSInvalid('JWS Payload missing');\n }\n if (typeof jws.signature !== 'string') {\n throw new JWSInvalid('JWS Signature missing or incorrect type');\n }\n if (jws.header !== undefined && !isObject(jws.header)) {\n throw new JWSInvalid('JWS Unprotected Header incorrect type');\n }\n let parsedProt = {};\n if (jws.protected) {\n try {\n const protectedHeader = base64url(jws.protected);\n parsedProt = JSON.parse(decoder.decode(protectedHeader));\n }\n catch {\n throw new JWSInvalid('JWS Protected Header is invalid');\n }\n }\n if (!isDisjoint(parsedProt, jws.header)) {\n throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');\n }\n const joseHeader = {\n ...parsedProt,\n ...jws.header,\n };\n const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, parsedProt, joseHeader);\n let b64 = true;\n if (extensions.has('b64')) {\n b64 = parsedProt.b64;\n if (typeof b64 !== 'boolean') {\n throw new JWSInvalid('The \"b64\" (base64url-encode payload) Header Parameter must be a boolean');\n }\n }\n const { alg } = joseHeader;\n if (typeof alg !== 'string' || !alg) {\n throw new JWSInvalid('JWS \"alg\" (Algorithm) Header Parameter missing or invalid');\n }\n const algorithms = options && validateAlgorithms('algorithms', options.algorithms);\n if (algorithms && !algorithms.has(alg)) {\n throw new JOSEAlgNotAllowed('\"alg\" (Algorithm) Header Parameter value not allowed');\n }\n if (b64) {\n if (typeof jws.payload !== 'string') {\n throw new JWSInvalid('JWS Payload must be a string');\n }\n }\n else if (typeof jws.payload !== 'string' && !(jws.payload instanceof Uint8Array)) {\n throw new JWSInvalid('JWS Payload must be a string or an Uint8Array instance');\n }\n let resolvedKey = false;\n if (typeof key === 'function') {\n key = await key(parsedProt, jws);\n resolvedKey = true;\n checkKeyTypeWithJwk(alg, key, 'verify');\n if (isJWK(key)) {\n key = await importJWK(key, alg);\n }\n }\n else {\n checkKeyTypeWithJwk(alg, key, 'verify');\n }\n const data = concat(encoder.encode(jws.protected ?? ''), encoder.encode('.'), typeof jws.payload === 'string' ? encoder.encode(jws.payload) : jws.payload);\n let signature;\n try {\n signature = base64url(jws.signature);\n }\n catch {\n throw new JWSInvalid('Failed to base64url decode the signature');\n }\n const verified = await verify(alg, key, signature, data);\n if (!verified) {\n throw new JWSSignatureVerificationFailed();\n }\n let payload;\n if (b64) {\n try {\n payload = base64url(jws.payload);\n }\n catch {\n throw new JWSInvalid('Failed to base64url decode the payload');\n }\n }\n else if (typeof jws.payload === 'string') {\n payload = encoder.encode(jws.payload);\n }\n else {\n payload = jws.payload;\n }\n const result = { payload };\n if (jws.protected !== undefined) {\n result.protectedHeader = parsedProt;\n }\n if (jws.header !== undefined) {\n result.unprotectedHeader = jws.header;\n }\n if (resolvedKey) {\n return { ...result, key };\n }\n return result;\n}\n","import { JWTClaimValidationFailed, JWTExpired, JWTInvalid } from '../util/errors.js';\nimport { decoder } from './buffer_utils.js';\nimport epoch from './epoch.js';\nimport secs from './secs.js';\nimport isObject from './is_object.js';\nconst normalizeTyp = (value) => value.toLowerCase().replace(/^application\\//, '');\nconst checkAudiencePresence = (audPayload, audOption) => {\n if (typeof audPayload === 'string') {\n return audOption.includes(audPayload);\n }\n if (Array.isArray(audPayload)) {\n return audOption.some(Set.prototype.has.bind(new Set(audPayload)));\n }\n return false;\n};\nexport default (protectedHeader, encodedPayload, options = {}) => {\n let payload;\n try {\n payload = JSON.parse(decoder.decode(encodedPayload));\n }\n catch {\n }\n if (!isObject(payload)) {\n throw new JWTInvalid('JWT Claims Set must be a top-level JSON object');\n }\n const { typ } = options;\n if (typ &&\n (typeof protectedHeader.typ !== 'string' ||\n normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) {\n throw new JWTClaimValidationFailed('unexpected \"typ\" JWT header value', payload, 'typ', 'check_failed');\n }\n const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options;\n const presenceCheck = [...requiredClaims];\n if (maxTokenAge !== undefined)\n presenceCheck.push('iat');\n if (audience !== undefined)\n presenceCheck.push('aud');\n if (subject !== undefined)\n presenceCheck.push('sub');\n if (issuer !== undefined)\n presenceCheck.push('iss');\n for (const claim of new Set(presenceCheck.reverse())) {\n if (!(claim in payload)) {\n throw new JWTClaimValidationFailed(`missing required \"${claim}\" claim`, payload, claim, 'missing');\n }\n }\n if (issuer &&\n !(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) {\n throw new JWTClaimValidationFailed('unexpected \"iss\" claim value', payload, 'iss', 'check_failed');\n }\n if (subject && payload.sub !== subject) {\n throw new JWTClaimValidationFailed('unexpected \"sub\" claim value', payload, 'sub', 'check_failed');\n }\n if (audience &&\n !checkAudiencePresence(payload.aud, typeof audience === 'string' ? [audience] : audience)) {\n throw new JWTClaimValidationFailed('unexpected \"aud\" claim value', payload, 'aud', 'check_failed');\n }\n let tolerance;\n switch (typeof options.clockTolerance) {\n case 'string':\n tolerance = secs(options.clockTolerance);\n break;\n case 'number':\n tolerance = options.clockTolerance;\n break;\n case 'undefined':\n tolerance = 0;\n break;\n default:\n throw new TypeError('Invalid clockTolerance option type');\n }\n const { currentDate } = options;\n const now = epoch(currentDate || new Date());\n if ((payload.iat !== undefined || maxTokenAge) && typeof payload.iat !== 'number') {\n throw new JWTClaimValidationFailed('\"iat\" claim must be a number', payload, 'iat', 'invalid');\n }\n if (payload.nbf !== undefined) {\n if (typeof payload.nbf !== 'number') {\n throw new JWTClaimValidationFailed('\"nbf\" claim must be a number', payload, 'nbf', 'invalid');\n }\n if (payload.nbf > now + tolerance) {\n throw new JWTClaimValidationFailed('\"nbf\" claim timestamp check failed', payload, 'nbf', 'check_failed');\n }\n }\n if (payload.exp !== undefined) {\n if (typeof payload.exp !== 'number') {\n throw new JWTClaimValidationFailed('\"exp\" claim must be a number', payload, 'exp', 'invalid');\n }\n if (payload.exp <= now - tolerance) {\n throw new JWTExpired('\"exp\" claim timestamp check failed', payload, 'exp', 'check_failed');\n }\n }\n if (maxTokenAge) {\n const age = now - payload.iat;\n const max = typeof maxTokenAge === 'number' ? maxTokenAge : secs(maxTokenAge);\n if (age - tolerance > max) {\n throw new JWTExpired('\"iat\" claim timestamp check failed (too far in the past)', payload, 'iat', 'check_failed');\n }\n if (age < 0 - tolerance) {\n throw new JWTClaimValidationFailed('\"iat\" claim timestamp check failed (it should be in the past)', payload, 'iat', 'check_failed');\n }\n }\n return payload;\n};\n","import crypto from './webcrypto.js';\nconst digest = async (algorithm, data) => {\n const subtleDigest = `SHA-${algorithm.slice(-3)}`;\n return new Uint8Array(await crypto.subtle.digest(subtleDigest, data));\n};\nexport default digest;\n","import digest from '../runtime/digest.js';\nimport { encode as base64url } from '../runtime/base64url.js';\nimport { JOSENotSupported, JWKInvalid } from '../util/errors.js';\nimport { encoder } from '../lib/buffer_utils.js';\nimport isObject from '../lib/is_object.js';\nconst check = (value, description) => {\n if (typeof value !== 'string' || !value) {\n throw new JWKInvalid(`${description} missing or invalid`);\n }\n};\nexport async function calculateJwkThumbprint(jwk, digestAlgorithm) {\n if (!isObject(jwk)) {\n throw new TypeError('JWK must be an object');\n }\n digestAlgorithm ?? (digestAlgorithm = 'sha256');\n if (digestAlgorithm !== 'sha256' &&\n digestAlgorithm !== 'sha384' &&\n digestAlgorithm !== 'sha512') {\n throw new TypeError('digestAlgorithm must one of \"sha256\", \"sha384\", or \"sha512\"');\n }\n let components;\n switch (jwk.kty) {\n case 'EC':\n check(jwk.crv, '\"crv\" (Curve) Parameter');\n check(jwk.x, '\"x\" (X Coordinate) Parameter');\n check(jwk.y, '\"y\" (Y Coordinate) Parameter');\n components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x, y: jwk.y };\n break;\n case 'OKP':\n check(jwk.crv, '\"crv\" (Subtype of Key Pair) Parameter');\n check(jwk.x, '\"x\" (Public Key) Parameter');\n components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x };\n break;\n case 'RSA':\n check(jwk.e, '\"e\" (Exponent) Parameter');\n check(jwk.n, '\"n\" (Modulus) Parameter');\n components = { e: jwk.e, kty: jwk.kty, n: jwk.n };\n break;\n case 'oct':\n check(jwk.k, '\"k\" (Key Value) Parameter');\n components = { k: jwk.k, kty: jwk.kty };\n break;\n default:\n throw new JOSENotSupported('\"kty\" (Key Type) Parameter missing or unsupported');\n }\n const data = encoder.encode(JSON.stringify(components));\n return base64url(await digest(digestAlgorithm, data));\n}\nexport async function calculateJwkThumbprintUri(jwk, digestAlgorithm) {\n digestAlgorithm ?? (digestAlgorithm = 'sha256');\n const thumbprint = await calculateJwkThumbprint(jwk, digestAlgorithm);\n return `urn:ietf:params:oauth:jwk-thumbprint:sha-${digestAlgorithm.slice(-3)}:${thumbprint}`;\n}\n","import crypto from './webcrypto.js';\nimport { JOSENotSupported } from '../util/errors.js';\nimport random from './random.js';\nexport async function generateSecret(alg, options) {\n let length;\n let algorithm;\n let keyUsages;\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512':\n length = parseInt(alg.slice(-3), 10);\n algorithm = { name: 'HMAC', hash: `SHA-${length}`, length };\n keyUsages = ['sign', 'verify'];\n break;\n case 'A128CBC-HS256':\n case 'A192CBC-HS384':\n case 'A256CBC-HS512':\n length = parseInt(alg.slice(-3), 10);\n return random(new Uint8Array(length >> 3));\n case 'A128KW':\n case 'A192KW':\n case 'A256KW':\n length = parseInt(alg.slice(1, 4), 10);\n algorithm = { name: 'AES-KW', length };\n keyUsages = ['wrapKey', 'unwrapKey'];\n break;\n case 'A128GCMKW':\n case 'A192GCMKW':\n case 'A256GCMKW':\n case 'A128GCM':\n case 'A192GCM':\n case 'A256GCM':\n length = parseInt(alg.slice(1, 4), 10);\n algorithm = { name: 'AES-GCM', length };\n keyUsages = ['encrypt', 'decrypt'];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);\n}\nfunction getModulusLengthOption(options) {\n const modulusLength = options?.modulusLength ?? 2048;\n if (typeof modulusLength !== 'number' || modulusLength < 2048) {\n throw new JOSENotSupported('Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used');\n }\n return modulusLength;\n}\nexport async function generateKeyPair(alg, options) {\n let algorithm;\n let keyUsages;\n switch (alg) {\n case 'PS256':\n case 'PS384':\n case 'PS512':\n algorithm = {\n name: 'RSA-PSS',\n hash: `SHA-${alg.slice(-3)}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['sign', 'verify'];\n break;\n case 'RS256':\n case 'RS384':\n case 'RS512':\n algorithm = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: `SHA-${alg.slice(-3)}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['sign', 'verify'];\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512':\n algorithm = {\n name: 'RSA-OAEP',\n hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['decrypt', 'unwrapKey', 'encrypt', 'wrapKey'];\n break;\n case 'ES256':\n algorithm = { name: 'ECDSA', namedCurve: 'P-256' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'ES384':\n algorithm = { name: 'ECDSA', namedCurve: 'P-384' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'ES512':\n algorithm = { name: 'ECDSA', namedCurve: 'P-521' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'Ed25519':\n algorithm = { name: 'Ed25519' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'EdDSA': {\n keyUsages = ['sign', 'verify'];\n const crv = options?.crv ?? 'Ed25519';\n switch (crv) {\n case 'Ed25519':\n case 'Ed448':\n algorithm = { name: crv };\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported crv option provided');\n }\n break;\n }\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW': {\n keyUsages = ['deriveKey', 'deriveBits'];\n const crv = options?.crv ?? 'P-256';\n switch (crv) {\n case 'P-256':\n case 'P-384':\n case 'P-521': {\n algorithm = { name: 'ECDH', namedCurve: crv };\n break;\n }\n case 'X25519':\n case 'X448':\n algorithm = { name: crv };\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448');\n }\n break;\n }\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);\n}\n","import { generateKeyPair as generate } from '../runtime/generate.js';\nexport async function generateKeyPair(alg, options) {\n return generate(alg, options);\n}\n","import * as base64url from '../runtime/base64url.js';\nexport const encode = base64url.encode;\nexport const decode = base64url.decode;\n","/**\n * solid-oidc.js - Minimal Solid-OIDC client for browsers\n *\n * A zero-build, single-file Solid-OIDC authentication library.\n *\n * @license MIT\n * @author JavaScriptSolidServer\n * @see https://github.com/JavaScriptSolidServer/solid-oidc\n *\n * Based on solid-oidc-client-browser by uvdsl (Christoph Braun)\n * @see https://github.com/uvdsl/solid-oidc-client-browser\n *\n * Implements:\n * - RFC 6749 - OAuth 2.0\n * - RFC 7636 - PKCE\n * - RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification\n * - RFC 9449 - DPoP (Demonstration of Proof-of-Possession)\n * - Solid-OIDC Specification\n */\n\nimport {\n SignJWT,\n generateKeyPair,\n decodeJwt,\n exportJWK,\n createRemoteJWKSet,\n jwtVerify,\n calculateJwkThumbprint\n} from 'jose'\n\n// ============================================================================\n// Session Events\n// ============================================================================\n\nexport const SessionEvents = {\n STATE_CHANGE: 'sessionStateChange',\n EXPIRATION_WARNING: 'sessionExpirationWarning',\n EXPIRATION: 'sessionExpiration'\n}\n\n// ============================================================================\n// Session Database Interface (IndexedDB Implementation)\n// ============================================================================\n\nexport class SessionDatabase {\n constructor(dbName = 'solid-oidc', storeName = 'session', dbVersion = 1) {\n this.dbName = dbName\n this.storeName = storeName\n this.dbVersion = dbVersion\n this.db = null\n }\n\n async init() {\n return new Promise((resolve, reject) => {\n const request = indexedDB.open(this.dbName, this.dbVersion)\n request.onerror = () => reject(new Error(`Database error: ${request.error}`))\n request.onsuccess = () => {\n this.db = request.result\n resolve(this)\n }\n request.onupgradeneeded = (event) => {\n const db = event.target.result\n if (!db.objectStoreNames.contains(this.storeName)) {\n db.createObjectStore(this.storeName)\n }\n }\n })\n }\n\n async setItem(id, value) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).put(value, id)\n })\n }\n\n async getItem(id) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readonly')\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n const request = tx.objectStore(this.storeName).get(id)\n request.onsuccess = () => resolve(request.result || null)\n })\n }\n\n async deleteItem(id) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).delete(id)\n })\n }\n\n async clear() {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).clear()\n })\n }\n\n close() {\n if (this.db) {\n this.db.close()\n this.db = null\n }\n }\n}\n\n// ============================================================================\n// PKCE Helper (RFC 7636)\n// ============================================================================\n\nasync function generatePKCE() {\n const verifier = crypto.randomUUID() + '-' + crypto.randomUUID()\n const digest = new Uint8Array(\n await crypto.subtle.digest('SHA-256', new TextEncoder().encode(verifier))\n )\n const challenge = btoa(String.fromCharCode(...digest))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '')\n return { verifier, challenge }\n}\n\n// ============================================================================\n// DPoP Helper (RFC 9449)\n// ============================================================================\n\nasync function createDPoPToken(keyPair, htu, htm, ath = null) {\n const publicJwk = await exportJWK(keyPair.publicKey)\n const payload = { htu, htm }\n if (ath) payload.ath = ath\n\n return new SignJWT(payload)\n .setIssuedAt()\n .setJti(crypto.randomUUID())\n .setProtectedHeader({ alg: 'ES256', typ: 'dpop+jwt', jwk: publicJwk })\n .sign(keyPair.privateKey)\n}\n\nasync function computeAth(accessToken) {\n const data = new TextEncoder().encode(accessToken)\n const hashBuffer = await crypto.subtle.digest('SHA-256', data)\n const hashArray = Array.from(new Uint8Array(hashBuffer))\n return btoa(String.fromCharCode(...hashArray))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '')\n}\n\n// ============================================================================\n// OIDC Discovery\n// ============================================================================\n\nasync function discoverOIDC(idp) {\n const origin = new URL(idp).origin\n const response = await fetch(`${origin}/.well-known/openid-configuration`)\n if (!response.ok) throw new Error(`OIDC discovery failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Dynamic Client Registration\n// ============================================================================\n\nasync function registerClient(registrationEndpoint, redirectUris) {\n const response = await fetch(registrationEndpoint, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({\n application_type: 'web',\n redirect_uris: redirectUris,\n token_endpoint_auth_method: 'none',\n grant_types: ['authorization_code', 'refresh_token'],\n response_types: ['code'],\n scope: 'openid offline_access webid'\n })\n })\n if (!response.ok) throw new Error(`Client registration failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Token Request\n// ============================================================================\n\nasync function requestTokens(tokenEndpoint, params, keyPair) {\n const dpop = await createDPoPToken(keyPair, tokenEndpoint, 'POST')\n const response = await fetch(tokenEndpoint, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n 'DPoP': dpop\n },\n body: new URLSearchParams(params)\n })\n if (!response.ok) throw new Error(`Token request failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Token Validation\n// ============================================================================\n\nasync function validateAccessToken(accessToken, jwksUri, issuer, clientId, keyPair) {\n const jwks = createRemoteJWKSet(new URL(jwksUri))\n const { payload } = await jwtVerify(accessToken, jwks, {\n issuer,\n audience: 'solid'\n })\n\n // Verify DPoP binding\n const thumbprint = await calculateJwkThumbprint(await exportJWK(keyPair.publicKey))\n if (payload.cnf?.jkt !== thumbprint) {\n throw new Error('DPoP thumbprint mismatch')\n }\n\n // Verify client_id\n if (payload.client_id !== clientId) {\n throw new Error('client_id mismatch')\n }\n\n return payload\n}\n\n// ============================================================================\n// Refresh Token Grant\n// ============================================================================\n\nasync function refreshTokens(database) {\n await database.init()\n\n const [refreshToken, tokenEndpoint, clientId, keyPair] = await Promise.all([\n database.getItem('refresh_token'),\n database.getItem('token_endpoint'),\n database.getItem('client_id'),\n database.getItem('dpop_keypair')\n ])\n\n if (!refreshToken || !tokenEndpoint || !clientId || !keyPair) {\n throw new Error('Missing refresh data')\n }\n\n const tokens = await requestTokens(tokenEndpoint, {\n grant_type: 'refresh_token',\n refresh_token: refreshToken,\n client_id: clientId\n }, keyPair)\n\n // Persist new refresh token if provided\n if (tokens.refresh_token) {\n await database.setItem('refresh_token', tokens.refresh_token)\n }\n\n database.close()\n return { ...tokens, dpop_key_pair: keyPair }\n}\n\n// ============================================================================\n// Main Session Class\n// ============================================================================\n\nexport class Session extends EventTarget {\n constructor(options = {}) {\n super()\n this.clientId = options.clientId || null\n this.database = options.database || new SessionDatabase()\n this.onStateChange = options.onStateChange || null\n this.onExpirationWarning = options.onExpirationWarning || null\n this.onExpiration = options.onExpiration || null\n\n // Internal state\n this._isActive = false\n this._webId = null\n this._exp = null\n this._ath = null\n this._tokens = null\n this._idpDetails = null\n this._refreshPromise = null\n\n // Set up event listeners\n if (this.onStateChange) {\n this.addEventListener(SessionEvents.STATE_CHANGE, this.onStateChange)\n }\n if (this.onExpirationWarning) {\n this.addEventListener(SessionEvents.EXPIRATION_WARNING, this.onExpirationWarning)\n }\n if (this.onExpiration) {\n this.addEventListener(SessionEvents.EXPIRATION, this.onExpiration)\n }\n }\n\n // ==========================================================================\n // Public API\n // ==========================================================================\n\n get isActive() { return this._isActive }\n get webId() { return this._webId }\n\n isExpired() {\n if (!this._exp) return true\n return Math.floor(Date.now() / 1000) >= this._exp\n }\n\n getExpiresIn() {\n if (!this._exp) return -1\n return this._exp - Math.floor(Date.now() / 1000)\n }\n\n /**\n * Redirect user to identity provider for login\n */\n async login(idp, redirectUri) {\n // Sanitize redirect URI (RFC 6749 Section 3.1.2)\n const redirectUrl = new URL(redirectUri)\n const sanitizedRedirect = redirectUrl.origin + redirectUrl.pathname + redirectUrl.search\n\n // OIDC Discovery\n const config = await discoverOIDC(idp)\n\n // RFC 9207: Verify issuer\n const issuer = config.issuer\n const trimSlash = (s) => s.endsWith('/') ? s.slice(0, -1) : s\n if (trimSlash(idp) !== trimSlash(issuer)) {\n throw new Error(`Issuer mismatch: ${issuer} !== ${idp}`)\n }\n\n // Store IDP details\n sessionStorage.setItem('solid_oidc_idp', issuer)\n sessionStorage.setItem('solid_oidc_token_endpoint', config.token_endpoint)\n sessionStorage.setItem('solid_oidc_jwks_uri', config.jwks_uri)\n\n // Get or register client_id\n let clientId = this.clientId\n if (!clientId) {\n const registration = await registerClient(config.registration_endpoint, [sanitizedRedirect])\n clientId = registration.client_id\n sessionStorage.setItem('solid_oidc_client_id', clientId)\n }\n\n // PKCE (RFC 7636)\n const pkce = await generatePKCE()\n sessionStorage.setItem('solid_oidc_pkce_verifier', pkce.verifier)\n\n // CSRF token\n const csrfToken = crypto.randomUUID()\n sessionStorage.setItem('solid_oidc_csrf', csrfToken)\n\n // Build authorization URL\n const authUrl = new URL(config.authorization_endpoint)\n authUrl.searchParams.set('response_type', 'code')\n authUrl.searchParams.set('redirect_uri', sanitizedRedirect)\n authUrl.searchParams.set('scope', 'openid offline_access webid')\n authUrl.searchParams.set('client_id', clientId)\n authUrl.searchParams.set('code_challenge_method', 'S256')\n authUrl.searchParams.set('code_challenge', pkce.challenge)\n authUrl.searchParams.set('state', csrfToken)\n authUrl.searchParams.set('prompt', 'consent')\n\n // Redirect to IDP\n window.location.href = authUrl.toString()\n }\n\n /**\n * Handle redirect from identity provider after login\n */\n async handleRedirectFromLogin() {\n const url = new URL(window.location.href)\n const code = url.searchParams.get('code')\n\n // No code = not a redirect, nothing to do\n if (!code) return\n\n // RFC 9207: Verify issuer\n const idp = sessionStorage.getItem('solid_oidc_idp')\n const iss = url.searchParams.get('iss')\n if (!idp || iss !== idp) {\n throw new Error(`Issuer mismatch: ${iss} !== ${idp}`)\n }\n\n // RFC 6749: Verify CSRF token\n const csrf = sessionStorage.getItem('solid_oidc_csrf')\n if (url.searchParams.get('state') !== csrf) {\n throw new Error('CSRF token mismatch')\n }\n\n // Clean URL\n url.searchParams.delete('code')\n url.searchParams.delete('iss')\n url.searchParams.delete('state')\n window.history.replaceState({}, document.title, url.toString())\n\n // Get stored values\n const pkceVerifier = sessionStorage.getItem('solid_oidc_pkce_verifier')\n const tokenEndpoint = sessionStorage.getItem('solid_oidc_token_endpoint')\n const jwksUri = sessionStorage.getItem('solid_oidc_jwks_uri')\n const clientId = this.clientId || sessionStorage.getItem('solid_oidc_client_id')\n\n if (!pkceVerifier || !tokenEndpoint || !clientId) {\n throw new Error('Missing session data')\n }\n\n // Generate DPoP key pair\n const keyPair = await generateKeyPair('ES256')\n\n // Exchange code for tokens\n const tokens = await requestTokens(tokenEndpoint, {\n grant_type: 'authorization_code',\n code,\n code_verifier: pkceVerifier,\n redirect_uri: url.origin + url.pathname,\n client_id: clientId\n }, keyPair)\n\n // Validate access token\n await validateAccessToken(tokens.access_token, jwksUri, idp, clientId, keyPair)\n\n // Store IDP details\n this._idpDetails = { idp, jwksUri, tokenEndpoint }\n\n // Persist for refresh\n await this.database.init()\n await Promise.all([\n this.database.setItem('idp', idp),\n this.database.setItem('jwks_uri', jwksUri),\n this.database.setItem('token_endpoint', tokenEndpoint),\n this.database.setItem('client_id', clientId),\n this.database.setItem('dpop_keypair', keyPair),\n this.database.setItem('refresh_token', tokens.refresh_token)\n ])\n this.database.close()\n\n // Clean session storage\n sessionStorage.removeItem('solid_oidc_idp')\n sessionStorage.removeItem('solid_oidc_token_endpoint')\n sessionStorage.removeItem('solid_oidc_jwks_uri')\n sessionStorage.removeItem('solid_oidc_client_id')\n sessionStorage.removeItem('solid_oidc_pkce_verifier')\n sessionStorage.removeItem('solid_oidc_csrf')\n\n // Update session state\n await this._setTokens({ ...tokens, dpop_key_pair: keyPair })\n this._dispatchStateChange()\n }\n\n /**\n * Restore session using stored refresh token\n */\n async restore() {\n if (this._refreshPromise) return this._refreshPromise\n\n this._refreshPromise = (async () => {\n try {\n const tokens = await refreshTokens(this.database)\n await this._setTokens(tokens)\n this._dispatchStateChange()\n } catch (error) {\n if (this._isActive) {\n if (!this.isExpired()) {\n this._dispatchExpirationWarning()\n } else {\n this._dispatchExpiration()\n }\n }\n throw error\n } finally {\n this._refreshPromise = null\n }\n })()\n\n return this._refreshPromise\n }\n\n /**\n * Log out and clear all session data\n */\n async logout() {\n this._isActive = false\n this._webId = null\n this._exp = null\n this._ath = null\n this._tokens = null\n this._idpDetails = null\n\n await this.database.init()\n await this.database.clear()\n this.database.close()\n\n this._dispatchStateChange()\n }\n\n /**\n * Make authenticated fetch request with DPoP\n */\n async authFetch(input, init = {}) {\n // No session = regular fetch\n if (!this._isActive) {\n return fetch(input, init)\n }\n\n // Refresh if expired\n if (this.isExpired()) {\n await this.restore()\n }\n\n // Parse request\n let url, method, headers\n if (input instanceof Request) {\n url = new URL(input.url)\n method = init.method || input.method || 'GET'\n headers = new Headers(input.headers)\n } else {\n url = new URL(input.toString())\n method = init.method || 'GET'\n headers = init.headers ? new Headers(init.headers) : new Headers()\n }\n\n // Create DPoP proof\n const dpop = await createDPoPToken(\n this._tokens.dpop_key_pair,\n `${url.origin}${url.pathname}`,\n method.toUpperCase(),\n this._ath\n )\n\n // Set auth headers\n headers.set('DPoP', dpop)\n headers.set('Authorization', `DPoP ${this._tokens.access_token}`)\n\n // Make request\n if (input instanceof Request) {\n return fetch(new Request(input, { ...init, headers }))\n }\n return fetch(url, { ...init, headers })\n }\n\n // ==========================================================================\n // Internal Methods\n // ==========================================================================\n\n async _setTokens(tokens) {\n this._tokens = tokens\n\n const decoded = decodeJwt(tokens.access_token)\n if (!decoded.webid) throw new Error('Missing webid claim')\n if (!decoded.exp) throw new Error('Missing exp claim')\n\n this._ath = await computeAth(tokens.access_token)\n this._webId = decoded.webid\n this._exp = decoded.exp\n this._isActive = true\n }\n\n _dispatchStateChange() {\n this.dispatchEvent(new CustomEvent(SessionEvents.STATE_CHANGE, {\n detail: { isActive: this._isActive, webId: this._webId }\n }))\n }\n\n _dispatchExpirationWarning() {\n this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION_WARNING, {\n detail: { expires_in: this.getExpiresIn() }\n }))\n }\n\n _dispatchExpiration() {\n this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION))\n }\n}\n\n// ============================================================================\n// Default Export\n// ============================================================================\n\nexport default Session\n","import { compactVerify } from '../jws/compact/verify.js';\nimport jwtPayload from '../lib/jwt_claims_set.js';\nimport { JWTInvalid } from '../util/errors.js';\nexport async function jwtVerify(jwt, key, options) {\n const verified = await compactVerify(jwt, key, options);\n if (verified.protectedHeader.crit?.includes('b64') && verified.protectedHeader.b64 === false) {\n throw new JWTInvalid('JWTs MUST NOT use unencoded payload');\n }\n const payload = jwtPayload(verified.protectedHeader, verified.payload, options);\n const result = { payload, protectedHeader: verified.protectedHeader };\n if (typeof key === 'function') {\n return { ...result, key: verified.key };\n }\n return result;\n}\n","import { decode as base64url } from './base64url.js';\nimport { decoder } from '../lib/buffer_utils.js';\nimport isObject from '../lib/is_object.js';\nimport { JWTInvalid } from './errors.js';\nexport function decodeJwt(jwt) {\n if (typeof jwt !== 'string')\n throw new JWTInvalid('JWTs must use Compact JWS serialization, JWT must be a string');\n const { 1: payload, length } = jwt.split('.');\n if (length === 5)\n throw new JWTInvalid('Only JWTs using Compact JWS serialization can be decoded');\n if (length !== 3)\n throw new JWTInvalid('Invalid JWT');\n if (!payload)\n throw new JWTInvalid('JWTs must contain a payload');\n let decoded;\n try {\n decoded = base64url(payload);\n }\n catch {\n throw new JWTInvalid('Failed to base64url decode the payload');\n }\n let result;\n try {\n result = JSON.parse(decoder.decode(decoded));\n }\n catch {\n throw new JWTInvalid('Failed to parse the decoded payload as JSON');\n }\n if (!isObject(result))\n throw new JWTInvalid('Invalid JWT Claims Set');\n return result;\n}\n","/**\n * Adapter to make solid-oidc compatible with @inrupt/solid-client-authn-browser API\n *\n * This provides a drop-in replacement for the Inrupt Session class using the minimal\n * solid-oidc library from JavaScriptSolidServer.\n *\n * @see https://github.com/JavaScriptSolidServer/solid-oidc\n */\n\nimport {\n Session as SolidOidcSession,\n SessionDatabase\n} from 'solid-oidc'\n\n/**\n * Event names compatible with @inrupt/solid-client-authn-browser\n */\nexport const EVENTS = {\n SESSION_RESTORED: 'sessionRestore',\n LOGIN: 'login',\n LOGOUT: 'logout',\n SESSION_EXPIRED: 'sessionExpired',\n ERROR: 'error'\n} as const\n\n/**\n * Callback type for event listeners\n */\ntype EventCallback = (...args: any[]) => void\n\n/**\n * Simple event emitter for compatibility with Inrupt's session.events API\n */\nclass EventEmitter {\n private listeners: Map> = new Map()\n\n on(event: string, callback: EventCallback): void {\n if (!this.listeners.has(event)) {\n this.listeners.set(event, new Set())\n }\n this.listeners.get(event)!.add(callback)\n }\n\n off(event: string, callback: EventCallback): void {\n this.listeners.get(event)?.delete(callback)\n }\n\n emit(event: string, ...args: unknown[]): void {\n this.listeners.get(event)?.forEach(cb => cb(...args))\n }\n}\n\n/**\n * Session info interface compatible with Inrupt\n */\nexport interface SessionInfo {\n isLoggedIn: boolean\n webId?: string\n sessionId?: string\n expirationDate?: number\n}\n\n/**\n * Options for handleIncomingRedirect\n */\nexport interface HandleRedirectOptions {\n restorePreviousSession?: boolean\n url?: string\n}\n\n/**\n * Options for login\n */\nexport interface LoginOptions {\n oidcIssuer: string\n redirectUrl: string\n clientId?: string\n clientName?: string\n tokenType?: string\n}\n\n/**\n * Session class that wraps solid-oidc to provide @inrupt/solid-client-authn-browser compatible API\n */\nexport class Session {\n private _session: SolidOidcSession\n private _events: EventEmitter\n private _sessionId: string\n\n constructor(options?: { clientId?: string }) {\n this._session = new SolidOidcSession({\n clientId: options?.clientId,\n database: new SessionDatabase(),\n onStateChange: (event) => {\n const detail = (event as CustomEvent).detail\n if (detail?.isActive) {\n this._events.emit(EVENTS.LOGIN)\n this._events.emit(EVENTS.SESSION_RESTORED, window.location.href)\n } else {\n this._events.emit(EVENTS.LOGOUT)\n }\n },\n onExpiration: () => {\n this._events.emit(EVENTS.SESSION_EXPIRED)\n }\n })\n this._events = new EventEmitter()\n this._sessionId = crypto.randomUUID()\n }\n\n /**\n * Event emitter for session events\n */\n get events(): EventEmitter {\n return this._events\n }\n\n /**\n * Session information\n */\n get info(): SessionInfo {\n return {\n isLoggedIn: this._session.isActive,\n webId: this._session.webId ?? undefined,\n sessionId: this._sessionId,\n expirationDate: this._session.isActive\n ? Date.now() + (this._session.getExpiresIn() * 1000)\n : undefined\n }\n }\n\n /**\n * Handle incoming redirect from identity provider\n */\n async handleIncomingRedirect(options?: HandleRedirectOptions | string): Promise {\n // Handle string URL (legacy API)\n const opts: HandleRedirectOptions = typeof options === 'string'\n ? { url: options }\n : options ?? {}\n\n try {\n // First handle any redirect from login\n await this._session.handleRedirectFromLogin()\n\n // If not logged in and restorePreviousSession is true, try to restore\n if (!this._session.isActive && opts.restorePreviousSession !== false) {\n try {\n await this._session.restore()\n } catch {\n // No session to restore, that's okay\n }\n }\n\n return this.info\n } catch (error) {\n this._events.emit(EVENTS.ERROR, error)\n return undefined\n }\n }\n\n /**\n * Initiate login flow\n */\n async login(options: LoginOptions): Promise {\n const redirectUrl = options.redirectUrl || window.location.href\n await this._session.login(options.oidcIssuer, redirectUrl)\n }\n\n /**\n * Log out and clear session\n */\n async logout(): Promise {\n await this._session.logout()\n }\n\n /**\n * Make authenticated fetch request\n */\n async fetch(url: RequestInfo | URL, init?: RequestInit): Promise {\n return this._session.authFetch(url as string, init)\n }\n}\n\nexport default Session\n","import { Session } from './solidOidcAdapter'\n\nexport const authSession = new Session()\n","const __WEBPACK_NAMESPACE_OBJECT__ = __WEBPACK_EXTERNAL_MODULE_rdflib__;","// Namespaces we commonly use and have common prefixes for around Solid\nimport solidNamespace from 'solid-namespace' // Delegate to this which takes RDFlib as param.\nimport * as $rdf from 'rdflib'\n\nexport const ns = solidNamespace($rdf)","import { graph, NamedNode, Namespace, serialize, sym } from 'rdflib'\nimport { AclLogic } from '../types'\nimport { ns as namespace } from '../util/ns'\n\n\nexport const ACL_LINK = sym(\n 'http://www.iana.org/assignments/link-relations/acl'\n)\n\nexport function createAclLogic(store): AclLogic {\n\n const ns = namespace\n \n async function findAclDocUrl(url: NamedNode) {\n await store.fetcher.load(url)\n const docNode = store.any(url, ACL_LINK)\n if (!docNode) {\n throw new Error(`No ACL link discovered for ${url}`)\n }\n return docNode.value\n }\n /**\n * Simple Access Control\n *\n * This function sets up a simple default ACL for a resource, with\n * RWC for the owner, and a specified access (default none) for the public.\n * In all cases owner has read write control.\n * Parameter lists modes allowed to public\n *\n * @param options\n * @param options.public eg ['Read', 'Write']\n *\n * @returns Resolves with aclDoc uri on successful write\n */\n function setACLUserPublic ( \n docURI: string,\n me: NamedNode,\n options: {\n defaultForNew?: boolean,\n public?: []\n }\n ): Promise {\n const aclDoc = store.any(\n store.sym(docURI),\n ACL_LINK\n )\n\n return Promise.resolve()\n .then(() => {\n if (aclDoc) {\n return aclDoc as NamedNode\n }\n\n return fetchACLRel(docURI).catch(err => {\n throw new Error(`Error fetching rel=ACL header for ${docURI}: ${err}`)\n })\n })\n .then(aclDoc => {\n const aclText = genACLText(docURI, me, aclDoc.uri, options)\n if (!store.fetcher) {\n throw new Error('Cannot PUT this, store has no fetcher')\n }\n return store.fetcher\n .webOperation('PUT', aclDoc.uri, {\n data: aclText,\n contentType: 'text/turtle'\n })\n .then(result => {\n if (!result.ok) {\n throw new Error('Error writing ACL text: ' + result.error)\n }\n\n return aclDoc\n })\n })\n }\n\n /**\n * @param docURI\n * @returns\n */\n function fetchACLRel (docURI: string): Promise {\n const fetcher = store.fetcher\n if (!fetcher) {\n throw new Error('Cannot fetch ACL rel, store has no fetcher')\n }\n\n return fetcher.load(docURI).then(result => {\n if (!result.ok) {\n throw new Error('fetchACLRel: While loading:' + (result as any).error)\n }\n\n const aclDoc = store.any(\n store.sym(docURI),\n ACL_LINK\n )\n\n if (!aclDoc) {\n throw new Error('fetchACLRel: No Link rel=ACL header for ' + docURI)\n }\n\n return aclDoc as NamedNode\n })\n }\n\n /**\n * @param docURI\n * @param me\n * @param aclURI\n * @param options\n *\n * @returns Serialized ACL\n */\n function genACLText (\n docURI: string,\n me: NamedNode,\n aclURI: string,\n options: {\n defaultForNew?: boolean,\n public?: []\n } = {}\n ): string | undefined {\n const optPublic = options.public || []\n const g = graph()\n const auth = Namespace('http://www.w3.org/ns/auth/acl#')\n let a = g.sym(`${aclURI}#a1`)\n const acl = g.sym(aclURI)\n const doc = g.sym(docURI)\n g.add(a, ns.rdf('type'), auth('Authorization'), acl)\n g.add(a, auth('accessTo'), doc, acl)\n if (options.defaultForNew) {\n g.add(a, auth('default'), doc, acl)\n }\n g.add(a, auth('agent'), me, acl)\n g.add(a, auth('mode'), auth('Read'), acl)\n g.add(a, auth('mode'), auth('Write'), acl)\n g.add(a, auth('mode'), auth('Control'), acl)\n\n if (optPublic.length) {\n a = g.sym(`${aclURI}#a2`)\n g.add(a, ns.rdf('type'), auth('Authorization'), acl)\n g.add(a, auth('accessTo'), doc, acl)\n g.add(a, auth('agentClass'), ns.foaf('Agent'), acl)\n for (let p = 0; p < optPublic.length; p++) {\n g.add(a, auth('mode'), auth(optPublic[p]), acl) // Like 'Read' etc\n }\n }\n return serialize(acl, g, aclURI)\n }\n return {\n findAclDocUrl,\n setACLUserPublic,\n genACLText\n }\n}","import { NamedNode, sym } from 'rdflib'\nimport * as debug from '../util/debug'\n\n/**\n * find a user or app's context as set in window.SolidAppContext\n * this is a const, not a function, because we have problems to jest mock it otherwise\n * see: https://github.com/facebook/jest/issues/936#issuecomment-545080082 for more\n * @return {any} - an appContext object\n */\nexport const appContext = ():any => {\n let { SolidAppContext }: any = window\n SolidAppContext ||= {}\n SolidAppContext.viewingNoAuthPage = false\n if (SolidAppContext.noAuth && window.document) {\n const currentPage = window.document.location.href\n if (currentPage.startsWith(SolidAppContext.noAuth)) {\n SolidAppContext.viewingNoAuthPage = true\n const params = new URLSearchParams(window.document.location.search)\n if (params) {\n let viewedPage = SolidAppContext.viewedPage = params.get('uri') || null\n if (viewedPage) {\n viewedPage = decodeURI(viewedPage)\n if (!viewedPage.startsWith(SolidAppContext.noAuth)) {\n const ary = viewedPage.split(/\\//)\n SolidAppContext.idp = ary[0] + '//' + ary[2]\n SolidAppContext.viewingNoAuthPage = false\n }\n }\n }\n }\n }\n return SolidAppContext\n}\n\n/**\n * Returns `sym($SolidTestEnvironment.username)` if\n * `$SolidTestEnvironment.username` is defined as a global\n * or \n * returns testID defined in the HTML page\n * @returns {NamedNode|null}\n */\nexport function offlineTestID (): NamedNode | null {\n const { $SolidTestEnvironment }: any = window\n if (\n typeof $SolidTestEnvironment !== 'undefined' &&\n $SolidTestEnvironment.username\n ) {\n // Test setup\n debug.log('Assuming the user is ' + $SolidTestEnvironment.username)\n return sym($SolidTestEnvironment.username)\n }\n // hack that makes SolidOS work in offline mode by adding the webId directly in html\n // example usage: https://github.com/solidos/mashlib/blob/29b8b53c46bf02e0e219f0bacd51b0e9951001dd/test/contact/local.html#L37\n if (\n typeof document !== 'undefined' &&\n document.location &&\n ('' + document.location).slice(0, 16) === 'http://localhost'\n ) {\n const div = document.getElementById('appTarget')\n if (!div) return null\n const id = div.getAttribute('testID')\n if (!id) return null\n debug.log('Assuming user is ' + id)\n return sym(id)\n }\n return null\n}\n","import { namedNode, NamedNode, sym } from 'rdflib'\nimport { appContext, offlineTestID } from './authUtil'\nimport * as debug from '../util/debug'\nimport { EVENTS, Session } from '../authSession/solidOidcAdapter'\nimport { AuthenticationContext, AuthnLogic } from '../types'\n\nexport class SolidAuthnLogic implements AuthnLogic {\n private session: Session\n\n constructor(solidAuthSession: Session) {\n this.session = solidAuthSession\n }\n\n // we created authSession getter because we want to access it as authn.authSession externally\n get authSession():Session { return this.session }\n\n currentUser(): NamedNode | null {\n const app = appContext()\n if (app.viewingNoAuthPage) {\n return sym(app.webId)\n }\n if (this && this.session && this.session.info && this.session.info.webId && this.session.info.isLoggedIn) {\n return sym(this.session.info.webId)\n }\n return offlineTestID() // null unless testing\n }\n\n /**\n * Retrieves currently logged in webId from either\n * defaultTestUser or SolidAuth\n * Also activates a session after login\n * @param [setUserCallback] Optional callback\n * @returns Resolves with webId uri, if no callback provided\n */\n async checkUser (\n setUserCallback?: (me: NamedNode | null) => T\n ): Promise {\n // Save hash for \"restorePreviousSession\"\n const preLoginRedirectHash = new URL(window.location.href).hash\n if (preLoginRedirectHash) {\n window.localStorage.setItem('preLoginRedirectHash', preLoginRedirectHash)\n }\n this.session.events.on(EVENTS.SESSION_RESTORED, (url) => {\n debug.log(`Session restored to ${url}`)\n if (document.location.toString() !== url) history.replaceState(null, '', url as string)\n })\n\n /**\n * Handle a successful authentication redirect\n */\n const redirectUrl = new URL(window.location.href)\n redirectUrl.hash = ''\n await this.session\n .handleIncomingRedirect({\n restorePreviousSession: true,\n url: redirectUrl.href\n })\n\n // Check to see if a hash was stored in local storage\n const postLoginRedirectHash = window.localStorage.getItem('preLoginRedirectHash')\n if (postLoginRedirectHash) {\n const curUrl = new URL(window.location.href)\n if (curUrl.hash !== postLoginRedirectHash) {\n if (history.pushState) {\n // debug.log('Setting window.location.has using pushState')\n history.pushState(null, document.title, postLoginRedirectHash)\n } else {\n // debug.warn('Setting window.location.has using location.hash')\n location.hash = postLoginRedirectHash\n }\n curUrl.hash = postLoginRedirectHash\n }\n // See https://stackoverflow.com/questions/3870057/how-can-i-update-window-location-hash-without-jumping-the-document\n // window.location.href = curUrl.toString()// @@ See https://developer.mozilla.org/en-US/docs/Web/API/Window/location\n window.localStorage.setItem('preLoginRedirectHash', '')\n }\n\n // Check to see if already logged in / have the WebID\n let me = offlineTestID()\n if (me) {\n return Promise.resolve(setUserCallback ? setUserCallback(me) : me)\n }\n\n const webId = this.webIdFromSession(this.session.info)\n if (webId) {\n me = this.saveUser(webId)\n }\n\n if (me) {\n debug.log(`(Logged in as ${me} by authentication)`)\n }\n\n return Promise.resolve(setUserCallback ? setUserCallback(me) : me)\n }\n\n /**\n * Saves `webId` in `context.me`\n * @param webId\n * @param context\n *\n * @returns Returns the WebID, after setting it\n */\n saveUser (\n webId: NamedNode | string | null,\n context?: AuthenticationContext\n ): NamedNode | null {\n let webIdUri: string\n if (webId) {\n webIdUri = (typeof webId === 'string') ? webId : webId.uri\n const me = namedNode(webIdUri)\n if (context) {\n context.me = me\n }\n return me\n }\n return null\n }\n\n /**\n * @returns {Promise} Resolves with WebID URI or null\n */\n webIdFromSession (session?: { webId?: string, isLoggedIn: boolean }): string | null {\n const webId = session?.webId && session.isLoggedIn ? session.webId : null\n return webId\n }\n\n}\n","import { NamedNode, sym } from 'rdflib'\n\nexport function newThing(doc: NamedNode): NamedNode {\n return sym(doc.uri + '#' + 'id' + ('' + Date.now()))\n}\n\nexport function uniqueNodes (arr: NamedNode[]): NamedNode[] {\n const uris = arr.map(x => x.uri)\n const set = new Set(uris)\n const uris2 = Array.from(set)\n const arr2 = uris2.map(u => new NamedNode(u))\n return arr2 // Array.from(new Set(arr.map(x => x.uri))).map(u => sym(u))\n}\n\nexport function getArchiveUrl(baseUrl: string, date: Date) {\n const year = date.getUTCFullYear()\n const month = ('0' + (date.getUTCMonth()+1)).slice(-2)\n const day = ('0' + (date.getUTCDate())).slice(-2)\n const parts = baseUrl.split('/')\n const filename = parts[parts.length -1 ]\n return new URL(`./archive/${year}/${month}/${day}/${filename}`, baseUrl).toString()\n}\n\nexport function differentOrigin(doc): boolean {\n if (!doc) {\n return true\n }\n return (\n `${window.location.origin}/` !== new URL(doc.value).origin\n )\n}\n\nexport function suggestPreferencesFile (me:NamedNode) {\n const stripped = me.uri.replace('/profile/', '/').replace('/public/', '/')\n // const stripped = me.uri.replace(\\/[p|P]rofile/\\g, '/').replace(\\/[p|P]ublic/\\g, '/')\n const folderURI = stripped.split('/').slice(0,-1).join('/') + '/Settings/'\n const fileURI = folderURI + 'Preferences.ttl'\n return sym(fileURI)\n}\n\nexport function determineChatContainer(\n invitee: NamedNode,\n podRoot: NamedNode\n): NamedNode {\n // Create chat\n // See https://gitter.im/solid/chat-app?at=5f3c800f855be416a23ae74a\n const chatContainerStr = new URL(\n `IndividualChats/${new URL(invitee.value).host}/`,\n podRoot.value\n ).toString()\n return new NamedNode(chatContainerStr)\n}\n","import { NamedNode, Node, st, term } from 'rdflib'\nimport { ChatLogic, CreatedPaneOptions, NewPaneOptions, Chat } from '../types'\nimport { ns as namespace } from '../util/ns'\nimport { determineChatContainer, newThing } from '../util/utils'\n\nconst CHAT_LOCATION_IN_CONTAINER = 'index.ttl#this'\n\nexport function createChatLogic(store, profileLogic): ChatLogic {\n const ns = namespace\n\n async function setAcl(\n chatContainer: NamedNode,\n me: NamedNode,\n invitee: NamedNode\n ): Promise {\n // Some servers don't present a Link http response header\n // if the container doesn't exist yet, so refetch the container\n // now that it has been created:\n await store.fetcher.load(chatContainer)\n\n // FIXME: check the Why value on this quad:\n const chatAclDoc = store.any(\n chatContainer,\n new NamedNode('http://www.iana.org/assignments/link-relations/acl')\n )\n if (!chatAclDoc) {\n throw new Error('Chat ACL doc not found!')\n }\n\n const aclBody = `\n @prefix acl: .\n <#owner>\n a acl:Authorization;\n acl:agent <${me.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Write, acl:Control.\n <#invitee>\n a acl:Authorization;\n acl:agent <${invitee.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Append.\n `\n await store.fetcher.webOperation('PUT', chatAclDoc.value, {\n data: aclBody,\n contentType: 'text/turtle',\n })\n }\n\n async function addToPrivateTypeIndex(chatThing, me) {\n // Add to private type index\n const privateTypeIndex = store.any(\n me,\n ns.solid('privateTypeIndex')\n ) as NamedNode | null\n if (!privateTypeIndex) {\n throw new Error('Private type index not found!')\n }\n await store.fetcher.load(privateTypeIndex)\n const reg = newThing(privateTypeIndex)\n const ins = [\n st(\n reg,\n ns.rdf('type'),\n ns.solid('TypeRegistration'),\n privateTypeIndex.doc()\n ),\n st(\n reg,\n ns.solid('forClass'),\n ns.meeting('LongChat'),\n privateTypeIndex.doc()\n ),\n st(reg, ns.solid('instance'), chatThing, privateTypeIndex.doc()),\n ]\n await new Promise((resolve, reject) => {\n store.updater.update([], ins, function (_uri, ok, errm) {\n if (!ok) {\n reject(new Error(errm))\n } else {\n resolve(null)\n }\n })\n })\n }\n\n async function findChat(invitee: NamedNode): Promise {\n const me = await profileLogic.loadMe()\n const podRoot = await profileLogic.getPodRoot(me)\n const chatContainer = determineChatContainer(invitee, podRoot)\n let exists = true\n try {\n await store.fetcher.load(\n new NamedNode(chatContainer.value + 'index.ttl#this')\n )\n } catch (e) {\n exists = false\n }\n return { me, chatContainer, exists }\n }\n\n async function createChatThing(\n chatContainer: NamedNode,\n me: NamedNode\n ): Promise {\n const created = await mintNew({\n me,\n newBase: chatContainer.value,\n })\n return created.newInstance\n }\n\n function mintNew(newPaneOptions: NewPaneOptions): Promise {\n const kb = store\n const updater = kb.updater\n if (newPaneOptions.me && !newPaneOptions.me.uri) {\n throw new Error('chat mintNew: Invalid userid ' + newPaneOptions.me)\n }\n\n const newInstance = (newPaneOptions.newInstance =\n newPaneOptions.newInstance ||\n kb.sym(newPaneOptions.newBase + CHAT_LOCATION_IN_CONTAINER))\n const newChatDoc = newInstance.doc()\n\n kb.add(\n newInstance,\n ns.rdf('type'),\n ns.meeting('LongChat'),\n newChatDoc\n )\n kb.add(newInstance, ns.dc('title'), 'Chat channel', newChatDoc)\n kb.add(\n newInstance,\n ns.dc('created'),\n term(new Date(Date.now())),\n newChatDoc\n )\n if (newPaneOptions.me) {\n kb.add(newInstance, ns.dc('author'), newPaneOptions.me, newChatDoc)\n }\n\n return new Promise(function (resolve, reject) {\n updater?.put(\n newChatDoc,\n kb.statementsMatching(undefined, undefined, undefined, newChatDoc),\n 'text/turtle',\n function (uri2, ok, message) {\n if (ok) {\n resolve({\n ...newPaneOptions,\n newInstance,\n })\n } else {\n reject(\n new Error(\n 'FAILED to save new chat channel at: ' + uri2 + ' : ' + message\n )\n )\n }\n }\n )\n })\n }\n\n /**\n * Find (and optionally create) an individual chat between the current user and the given invitee\n * @param invitee - The person to chat with\n * @param createIfMissing - Whether the chat should be created, if missing\n * @returns null if missing, or a node referring to an already existing chat, or the newly created chat\n */\n async function getChat(\n invitee: NamedNode,\n createIfMissing = true\n ): Promise {\n const { me, chatContainer, exists } = await findChat(invitee)\n if (exists) {\n return new NamedNode(chatContainer.value + CHAT_LOCATION_IN_CONTAINER)\n }\n\n if (createIfMissing) {\n const chatThing = await createChatThing(chatContainer, me)\n await sendInvite(invitee, chatThing)\n await setAcl(chatContainer, me, invitee)\n await addToPrivateTypeIndex(chatThing, me)\n return chatThing\n }\n return null\n }\n\n async function sendInvite(invitee: NamedNode, chatThing: NamedNode) {\n await store.fetcher.load(invitee.doc())\n const inviteeInbox = store.any(\n invitee,\n ns.ldp('inbox'),\n undefined,\n invitee.doc()\n )\n if (!inviteeInbox) {\n throw new Error(`Invitee inbox not found! ${invitee.value}`)\n }\n const inviteBody = `\n <> a ;\n ${ns.rdf('seeAlso')} <${chatThing.value}> .\n `\n\n const inviteResponse = await store.fetcher?.webOperation(\n 'POST',\n inviteeInbox.value,\n {\n data: inviteBody,\n contentType: 'text/turtle',\n }\n )\n const locationStr = inviteResponse?.headers.get('location')\n if (!locationStr) {\n throw new Error(`Invite sending returned a ${inviteResponse?.status}`)\n }\n }\n return {\n setAcl, addToPrivateTypeIndex, findChat, createChatThing, getChat, sendInvite, mintNew\n }\n}\n","import { NamedNode } from 'rdflib'\nimport { InboxLogic } from '../types'\nimport { getArchiveUrl } from '../util/utils'\n\nexport function createInboxLogic(store, profileLogic, utilityLogic, containerLogic, aclLogic): InboxLogic {\n\n async function createInboxFor(peerWebId: string, nick: string) {\n const myWebId: NamedNode = await profileLogic.loadMe()\n const podRoot: NamedNode = await profileLogic.getPodRoot(myWebId)\n const ourInbox = `${podRoot.value}p2p-inboxes/${encodeURIComponent(nick)}/`\n await containerLogic.createContainer(ourInbox)\n // const aclDocUrl = await aclLogic.findAclDocUrl(ourInbox);\n await utilityLogic.setSinglePeerAccess({\n ownerWebId: myWebId.value,\n peerWebId,\n accessToModes: 'acl:Append',\n target: ourInbox\n })\n return ourInbox\n }\n\n async function getNewMessages(\n user?: NamedNode\n ): Promise {\n if (!user) {\n user = await profileLogic.loadMe()\n }\n const inbox = await profileLogic.getMainInbox(user)\n const urls = await containerLogic.getContainerMembers(inbox)\n return urls.filter(url => !containerLogic.isContainer(url))\n }\n\n async function markAsRead(url: string, date: Date) {\n const downloaded = await store.fetcher._fetch(url)\n if (downloaded.status !== 200) {\n throw new Error(`Not OK! ${url}`)\n }\n const archiveUrl = getArchiveUrl(url, date)\n const options = {\n method: 'PUT',\n body: await downloaded.text(),\n headers: [\n ['Content-Type', downloaded.headers.get('Content-Type') || 'application/octet-stream']\n ]\n }\n const uploaded = await store.fetcher._fetch(archiveUrl, options)\n if (uploaded.status.toString()[0] === '2') {\n await store.fetcher._fetch(url, {\n method: 'DELETE'\n })\n }\n }\n return {\n createInboxFor,\n getNewMessages,\n markAsRead\n }\n}\n","class CustomError extends Error {\n constructor(message?: string) {\n super(message)\n // see: typescriptlang.org/docs/handbook/release-notes/typescript-2-2.html\n Object.setPrototypeOf(this, new.target.prototype) // restore prototype chain\n this.name = new.target.name // stack traces display correctly now\n }\n}\n\nexport class UnauthorizedError extends CustomError {}\n\nexport class CrossOriginForbiddenError extends CustomError {}\n\nexport class SameOriginForbiddenError extends CustomError {}\n\nexport class NotFoundError extends CustomError {}\n\nexport class NotEditableError extends CustomError { }\n\nexport class WebOperationError extends CustomError {}\n\nexport class FetchError extends CustomError {\n status: number\n\n constructor(status: number, message?: string) {\n super(message)\n this.status = status\n }\n}","import { NamedNode } from 'rdflib'\nimport { CrossOriginForbiddenError, FetchError, NotEditableError, SameOriginForbiddenError, UnauthorizedError, WebOperationError } from '../logic/CustomError'\nimport * as debug from '../util/debug'\nimport { ns as namespace } from '../util/ns'\nimport { differentOrigin, suggestPreferencesFile } from '../util/utils'\nimport { ProfileLogic } from '../types'\n\nexport function createProfileLogic(store, authn, utilityLogic): ProfileLogic {\n const ns = namespace\n\n /**\n * loads the preference without throwing errors - if it can create it it does so.\n * remark: it still throws error if it cannot load profile.\n * @param user\n * @returns undefined if preferenceFile cannot be returned or NamedNode if it can find it or create it\n */\n async function silencedLoadPreferences(user: NamedNode): Promise {\n try {\n return await loadPreferences(user)\n } catch (err) {\n return undefined\n }\n }\n\n /**\n * loads the preference without returning different errors if it cannot create or load it.\n * remark: it also throws error if it cannot load profile.\n * @param user\n * @returns undefined if preferenceFile cannot be an Error or NamedNode if it can find it or create it\n */\n async function loadPreferences (user: NamedNode): Promise {\n await loadProfile(user)\n\n const possiblePreferencesFile = suggestPreferencesFile(user)\n let preferencesFile\n try {\n preferencesFile = await utilityLogic.followOrCreateLink(user, ns.space('preferencesFile') as NamedNode, possiblePreferencesFile, user.doc())\n } catch (err) {\n const message = `User ${user} has no pointer in profile to preferences file.`\n debug.warn(message)\n // we are listing the possible errors\n if (err instanceof NotEditableError) { throw err }\n if (err instanceof WebOperationError) { throw err }\n if (err instanceof UnauthorizedError) { throw err }\n if (err instanceof CrossOriginForbiddenError) { throw err }\n if (err instanceof SameOriginForbiddenError) { throw err }\n if (err instanceof FetchError) { throw err }\n throw err\n }\n\n try {\n await store.fetcher.load(preferencesFile as NamedNode)\n } catch (err) { // Maybe a permission problem or origin problem\n const msg = `Unable to load preference of user ${user}: ${err}`\n debug.warn(msg)\n if (err.response.status === 401) {\n throw new UnauthorizedError()\n }\n if (err.response.status === 403) {\n if (differentOrigin(preferencesFile)) {\n throw new CrossOriginForbiddenError()\n }\n throw new SameOriginForbiddenError()\n }\n /*if (err.response.status === 404) {\n throw new NotFoundError();\n }*/\n throw new Error(msg)\n }\n return preferencesFile as NamedNode\n }\n\n async function loadProfile (user: NamedNode):Promise {\n if (!user) {\n throw new Error('loadProfile: no user given.')\n }\n try {\n await store.fetcher.load(user.doc())\n } catch (err) {\n throw new Error(`Unable to load profile of user ${user}: ${err}`)\n }\n return user.doc()\n }\n\n async function loadMe(): Promise {\n const me = authn.currentUser()\n if (me === null) {\n throw new Error('Current user not found! Not logged in?')\n }\n await store.fetcher.load(me.doc())\n return me\n }\n\n function getPodRoot(user: NamedNode): NamedNode {\n const podRoot = findStorage(user)\n if (!podRoot) {\n throw new Error('User pod root not found!')\n }\n return podRoot as NamedNode\n }\n\n async function getMainInbox(user: NamedNode): Promise {\n await store.fetcher.load(user)\n const mainInbox = store.any(user, ns.ldp('inbox'), undefined, user.doc())\n if (!mainInbox) {\n throw new Error('User main inbox not found!')\n }\n return mainInbox as NamedNode\n }\n\n function findStorage(me: NamedNode) {\n return store.any(me, ns.space('storage'), undefined, me.doc())\n }\n\n return {\n loadMe,\n getPodRoot,\n getMainInbox,\n findStorage,\n loadPreferences,\n loadProfile,\n silencedLoadPreferences\n }\n}\n","import { NamedNode, st, sym } from 'rdflib'\nimport { ScopedApp, TypeIndexLogic, TypeIndexScope } from '../types'\nimport * as debug from '../util/debug'\nimport { ns as namespace } from '../util/ns'\nimport { newThing } from '../util/utils'\n\nexport function createTypeIndexLogic(store, authn, profileLogic, utilityLogic): TypeIndexLogic {\n const ns = namespace\n\n function getRegistrations(instance, theClass) {\n return store\n .each(undefined, ns.solid('instance'), instance)\n .filter((r) => {\n return store.holds(r, ns.solid('forClass'), theClass)\n })\n }\n\n async function loadTypeIndexesFor(user: NamedNode): Promise> {\n if (!user) throw new Error('loadTypeIndexesFor: No user given')\n const profile = await profileLogic.loadProfile(user)\n\n const suggestion = suggestPublicTypeIndex(user)\n let publicTypeIndex\n try {\n publicTypeIndex = await utilityLogic.followOrCreateLink(user, ns.solid('publicTypeIndex') as NamedNode, suggestion, profile)\n } catch (err) {\n const message = `User ${user} has no pointer in profile to publicTypeIndex file.`\n debug.warn(message)\n }\n const publicScopes = publicTypeIndex ? [{ label: 'public', index: publicTypeIndex as NamedNode, agent: user }] : []\n\n let preferencesFile\n try {\n preferencesFile = await profileLogic.silencedLoadPreferences(user)\n } catch (err) {\n preferencesFile = null\n }\n\n let privateScopes\n if (preferencesFile) { // watch out - can be in either as spec was not clear. Legacy is profile.\n // If there is a legacy one linked from the profile, use that.\n // Otherwiae use or make one linked from Preferences\n const suggestedPrivateTypeIndex = suggestPrivateTypeIndex(preferencesFile)\n let privateTypeIndex\n try {\n privateTypeIndex = store.any(user, ns.solid('privateTypeIndex'), undefined, profile) ||\n await utilityLogic.followOrCreateLink(user, ns.solid('privateTypeIndex') as NamedNode, suggestedPrivateTypeIndex, preferencesFile)\n } catch (err) {\n const message = `User ${user} has no pointer in preference file to privateTypeIndex file.`\n debug.warn(message)\n }\n privateScopes = privateTypeIndex ? [{ label: 'private', index: privateTypeIndex as NamedNode, agent: user }] : []\n } else {\n privateScopes = []\n }\n const scopes = publicScopes.concat(privateScopes)\n if (scopes.length === 0) return scopes\n const files = scopes.map(scope => scope.index)\n try {\n await store.fetcher.load(files)\n } catch (err) {\n debug.warn('Problems loading type index: ', err)\n }\n return scopes\n }\n\n async function loadCommunityTypeIndexes(user: NamedNode): Promise {\n let preferencesFile\n try {\n preferencesFile = await profileLogic.silencedLoadPreferences(user)\n } catch (err) {\n const message = `User ${user} has no pointer in profile to preferences file.`\n debug.warn(message)\n }\n if (preferencesFile) { // For now, pick up communities as simple links from the preferences file.\n const communities = store.each(user, ns.solid('community'), undefined, preferencesFile as NamedNode).concat(\n store.each(user, ns.solid('community'), undefined, user.doc() as NamedNode)\n )\n let result = []\n for (const org of communities) {\n result = result.concat(await loadTypeIndexesFor(org as NamedNode) as any)\n }\n return result\n }\n return [] // No communities\n }\n\n async function loadAllTypeIndexes(user: NamedNode) {\n return (await loadTypeIndexesFor(user)).concat((await loadCommunityTypeIndexes(user)).flat())\n }\n\n async function getScopedAppInstances(klass: NamedNode, user: NamedNode): Promise {\n const scopes = await loadAllTypeIndexes(user)\n let scopedApps = []\n for (const scope of scopes) {\n const scopedApps0 = await getScopedAppsFromIndex(scope, klass) as any\n scopedApps = scopedApps.concat(scopedApps0)\n }\n return scopedApps\n }\n\n // This is the function signature which used to be in solid-ui/logic\n // Recommended to use getScopedAppInstances instead as it provides more information.\n //\n async function getAppInstances(klass: NamedNode): Promise {\n const user = authn.currentUser()\n if (!user) throw new Error('getAppInstances: Must be logged in to find apps.')\n const scopedAppInstances = await getScopedAppInstances(klass, user)\n return scopedAppInstances.map(scoped => scoped.instance)\n }\n\n function suggestPublicTypeIndex(me: NamedNode) {\n return sym(me.doc().dir()?.uri + 'publicTypeIndex.ttl')\n }\n // Note this one is based off the pref file not the profile\n\n function suggestPrivateTypeIndex(preferencesFile: NamedNode) {\n return sym(preferencesFile.doc().dir()?.uri + 'privateTypeIndex.ttl')\n }\n\n /*\n * Register a new app in a type index\n * used in chat in bookmark.js (solid-ui)\n * Returns the registration object if successful else null\n */\n async function registerInTypeIndex(\n instance: NamedNode,\n index: NamedNode,\n theClass: NamedNode,\n // agent: NamedNode\n ): Promise {\n const registration = newThing(index)\n const ins = [\n // See https://github.com/solid/solid/blob/main/proposals/data-discovery.md\n st(registration, ns.rdf('type'), ns.solid('TypeRegistration'), index),\n st(registration, ns.solid('forClass'), theClass, index),\n st(registration, ns.solid('instance'), instance, index)\n ]\n try {\n await store.updater.update([], ins)\n } catch (err) {\n const msg = `Unable to register ${instance} in index ${index}: ${err}`\n console.warn(msg)\n return null\n }\n return registration\n }\n\n async function deleteTypeIndexRegistration(item) {\n const reg = store.the(null, ns.solid('instance'), item.instance, item.scope.index) as NamedNode\n if (!reg) throw new Error(`deleteTypeIndexRegistration: No registration found for ${item.instance}`)\n const statements = store.statementsMatching(reg, null, null, item.scope.index)\n await store.updater.update(statements, [])\n }\n\n async function getScopedAppsFromIndex(scope: TypeIndexScope, theClass: NamedNode | null): Promise {\n const index = scope.index\n const results: ScopedApp[] = []\n const registrations = store.statementsMatching(null, ns.solid('instance'), null, index)\n .concat(store.statementsMatching(null, ns.solid('instanceContainer'), null, index))\n .map(st => st.subject)\n for (const reg of registrations) {\n const klass = store.any(reg, ns.solid('forClass'), null, index)\n if (!theClass || klass.sameTerm(theClass)) {\n const instances = store.each(reg, ns.solid('instance'), null, index)\n for (const instance of instances) {\n results.push({ instance, type: klass, scope })\n }\n const containers = store.each(reg, ns.solid('instanceContainer'), null, index)\n for (const instance of containers) {\n await store.fetcher.load(instance)\n results.push({ instance: sym(instance.value), type: klass, scope })\n }\n }\n }\n return results\n }\n\n return {\n registerInTypeIndex,\n getRegistrations,\n loadTypeIndexesFor,\n loadCommunityTypeIndexes,\n loadAllTypeIndexes,\n getScopedAppInstances,\n getAppInstances,\n suggestPublicTypeIndex,\n suggestPrivateTypeIndex,\n deleteTypeIndexRegistration,\n getScopedAppsFromIndex\n }\n}\n","import { Session } from '../authSession/solidOidcAdapter'\nimport * as rdf from 'rdflib'\nimport { LiveStore, NamedNode, Statement } from 'rdflib'\nimport { createAclLogic } from '../acl/aclLogic'\nimport { SolidAuthnLogic } from '../authn/SolidAuthnLogic'\nimport { createChatLogic } from '../chat/chatLogic'\nimport { createInboxLogic } from '../inbox/inboxLogic'\nimport { createProfileLogic } from '../profile/profileLogic'\nimport { createTypeIndexLogic } from '../typeIndex/typeIndexLogic'\nimport { createContainerLogic } from '../util/containerLogic'\nimport { createUtilityLogic } from '../util/utilityLogic'\nimport { AuthnLogic, SolidLogic } from '../types'\nimport * as debug from '../util/debug'\n/*\n** It is important to distinquish `fetch`, a function provided by the browser\n** and `Fetcher`, a helper object for the rdflib Store which turns it\n** into a `ConnectedStore` or a `LiveStore`. A Fetcher object is\n** available at store.fetcher, and `fetch` function at `store.fetcher._fetch`,\n*/\nexport function createSolidLogic(specialFetch: { fetch: (url: any, requestInit: any) => any }, session: Session): SolidLogic {\n\n debug.log('SolidLogic: Unique instance created. There should only be one of these.')\n const store: LiveStore = rdf.graph() as LiveStore\n rdf.fetcher(store, {fetch: specialFetch.fetch}) // Attach a web I/O module, store.fetcher\n store.updater = new rdf.UpdateManager(store) // Add real-time live updates store.updater\n store.features = [] // disable automatic node merging on store load\n\n const authn: AuthnLogic = new SolidAuthnLogic(session)\n \n const acl = createAclLogic(store)\n const containerLogic = createContainerLogic(store)\n const utilityLogic = createUtilityLogic(store, acl, containerLogic)\n const profile = createProfileLogic(store, authn, utilityLogic)\n const chat = createChatLogic(store, profile)\n const inbox = createInboxLogic(store, profile, utilityLogic, containerLogic, acl)\n const typeIndex = createTypeIndexLogic(store, authn, profile, utilityLogic)\n debug.log('SolidAuthnLogic initialized')\n\n function load(doc: NamedNode | NamedNode[] | string) {\n return store.fetcher.load(doc)\n }\n\n // @@@@ use the one in rdflib.js when it is available and delete this\n function updatePromise(\n del: Array,\n ins: Array = []\n ): Promise {\n return new Promise((resolve, reject) => {\n store.updater.update(del, ins, function (_uri, ok, errorBody) {\n if (!ok) {\n reject(new Error(errorBody))\n } else {\n resolve()\n }\n }) // callback\n }) // promise\n }\n\n function clearStore() {\n store.statements.slice().forEach(store.remove.bind(store))\n }\n\n return {\n store,\n authn,\n acl,\n inbox,\n chat,\n profile,\n typeIndex,\n load,\n updatePromise,\n clearStore\n }\n}\n","import { NamedNode, Statement, sym } from 'rdflib'\n\n/**\n * Container-related class\n */\nexport function createContainerLogic(store) {\n\n function getContainerElements(containerNode: NamedNode): NamedNode[] {\n return store\n .statementsMatching(\n containerNode,\n sym('http://www.w3.org/ns/ldp#contains'),\n undefined\n )\n .map((st: Statement) => st.object as NamedNode)\n }\n\n function isContainer(url: NamedNode) {\n const nodeToString = url.value\n return nodeToString.charAt(nodeToString.length - 1) === '/'\n }\n\n async function createContainer(url: string) {\n const stringToNode = sym(url)\n if (!isContainer(stringToNode)) {\n throw new Error(`Not a container URL ${url}`)\n }\n // Copied from https://github.com/solidos/solid-crud-tests/blob/v3.1.0/test/surface/create-container.test.ts#L56-L64\n const result = await store.fetcher._fetch(url, {\n method: 'PUT',\n headers: {\n 'Content-Type': 'text/turtle',\n 'If-None-Match': '*',\n Link: '; rel=\"type\"', // See https://github.com/solidos/node-solid-server/issues/1465\n },\n body: ' ', // work around https://github.com/michielbdejong/community-server/issues/4#issuecomment-776222863\n })\n if (result.status.toString()[0] !== '2') {\n throw new Error(`Not OK: got ${result.status} response while creating container at ${url}`)\n }\n }\n\n async function getContainerMembers(containerUrl: NamedNode): Promise {\n await store.fetcher.load(containerUrl)\n return getContainerElements(containerUrl)\n }\n return {\n isContainer,\n createContainer,\n getContainerElements,\n getContainerMembers\n }\n}","import { NamedNode, st, sym } from 'rdflib'\nimport { CrossOriginForbiddenError, FetchError, NotEditableError, SameOriginForbiddenError, UnauthorizedError, WebOperationError } from '../logic/CustomError'\nimport * as debug from '../util/debug'\nimport { differentOrigin } from './utils'\n\nexport function createUtilityLogic(store, aclLogic, containerLogic) {\n\n async function recursiveDelete(containerNode: NamedNode) {\n try {\n if (containerLogic.isContainer(containerNode)) {\n const aclDocUrl = await aclLogic.findAclDocUrl(containerNode)\n await store.fetcher._fetch(aclDocUrl, { method: 'DELETE' })\n const containerMembers = await containerLogic.getContainerMembers(containerNode)\n await Promise.all(\n containerMembers.map((url) => recursiveDelete(url))\n )\n }\n const nodeToStringHere = containerNode.value\n return store.fetcher._fetch(nodeToStringHere, { method: 'DELETE' })\n } catch (e) {\n debug.log(`Please manually remove ${containerNode.value} from your system.`, e)\n }\n }\n\n /**\n * Create a resource if it really does not exist\n * Be absolutely sure something does not exist before creating a new empty file\n * as otherwise existing could be deleted.\n * @param doc {NamedNode} - The resource\n */\n async function loadOrCreateIfNotExists(doc: NamedNode) {\n let response\n try {\n response = await store.fetcher.load(doc)\n } catch (err) {\n if (err.response.status === 404) {\n try {\n await store.fetcher.webOperation('PUT', doc, { data: '', contentType: 'text/turtle' })\n } catch (err) {\n const msg = 'createIfNotExists: PUT FAILED: ' + doc + ': ' + err\n throw new WebOperationError(msg)\n }\n await store.fetcher.load(doc)\n } else {\n if (err.response.status === 401) {\n throw new UnauthorizedError()\n }\n if (err.response.status === 403) {\n if (differentOrigin(doc)) {\n throw new CrossOriginForbiddenError()\n }\n throw new SameOriginForbiddenError()\n }\n const msg = 'createIfNotExists doc load error NOT 404: ' + doc + ': ' + err\n throw new FetchError(err.status, err.message + msg)\n }\n }\n return response\n }\n\n /* Follow link from this doc to another thing, or else make a new link\n **\n ** @returns existing object, or creates it if non existent\n */\n async function followOrCreateLink(subject: NamedNode, predicate: NamedNode,\n object: NamedNode, doc: NamedNode\n ): Promise {\n await store.fetcher.load(doc)\n const result = store.any(subject, predicate, null, doc)\n\n if (result) return result as NamedNode\n if (!store.updater.editable(doc)) {\n const msg = `followOrCreateLink: cannot edit ${doc.value}`\n debug.warn(msg)\n throw new NotEditableError(msg)\n }\n try {\n await store.updater.update([], [st(subject, predicate, object, doc)])\n } catch (err) {\n const msg = `followOrCreateLink: Error making link in ${doc} to ${object}: ${err}`\n debug.warn(msg)\n throw new WebOperationError(err)\n }\n\n try {\n await loadOrCreateIfNotExists(object)\n // store.fetcher.webOperation('PUT', object, { data: '', contentType: 'text/turtle'})\n } catch (err) {\n debug.warn(`followOrCreateLink: Error loading or saving new linked document: ${object}: ${err}`)\n throw err\n }\n return object\n }\n\n // Copied from https://github.com/solidos/web-access-control-tests/blob/v3.0.0/test/surface/delete.test.ts#L5\n async function setSinglePeerAccess(options: {\n ownerWebId: string,\n peerWebId: string,\n accessToModes?: string,\n defaultModes?: string,\n target: string\n }) {\n let str = [\n '@prefix acl: .',\n '',\n `<#alice> a acl:Authorization;\\n acl:agent <${options.ownerWebId}>;`,\n ` acl:accessTo <${options.target}>;`,\n ` acl:default <${options.target}>;`,\n ' acl:mode acl:Read, acl:Write, acl:Control.',\n ''\n ].join('\\n')\n if (options.accessToModes) {\n str += [\n '<#bobAccessTo> a acl:Authorization;',\n ` acl:agent <${options.peerWebId}>;`,\n ` acl:accessTo <${options.target}>;`,\n ` acl:mode ${options.accessToModes}.`,\n ''\n ].join('\\n')\n }\n if (options.defaultModes) {\n str += [\n '<#bobDefault> a acl:Authorization;',\n ` acl:agent <${options.peerWebId}>;`,\n ` acl:default <${options.target}>;`,\n ` acl:mode ${options.defaultModes}.`,\n ''\n ].join('\\n')\n }\n const aclDocUrl = await aclLogic.findAclDocUrl(sym(options.target))\n return store.fetcher._fetch(aclDocUrl, {\n method: 'PUT',\n body: str,\n headers: [\n ['Content-Type', 'text/turtle']\n ]\n })\n }\n\n async function createEmptyRdfDoc(doc: NamedNode, comment: string) {\n await store.fetcher.webOperation('PUT', doc.uri, {\n data: `# ${new Date()} ${comment}\n `,\n contentType: 'text/turtle',\n })\n }\n \n return {\n recursiveDelete,\n setSinglePeerAccess,\n createEmptyRdfDoc,\n followOrCreateLink,\n loadOrCreateIfNotExists\n }\n}\n\n","import * as debug from '../util/debug'\nimport { authSession } from '../authSession/authSession'\nimport { createSolidLogic } from './solidLogic'\nimport { SolidLogic } from '../types'\n\nconst _fetch = async (url, requestInit) => {\n const omitCreds = requestInit && requestInit.credentials && requestInit.credentials == 'omit'\n if (authSession.info.webId && !omitCreds) { // see https://github.com/solidos/solidos/issues/114\n // In fact fetch should respect credentials omit itself\n return authSession.fetch(url, requestInit)\n } else {\n return window.fetch(url, requestInit)\n }\n}\n\n// Global singleton pattern to ensure unique store across library versions\nconst SINGLETON_SYMBOL = Symbol.for('solid-logic-singleton')\n\n// Type the global object properly with the singleton\ninterface GlobalWithSingleton {\n [SINGLETON_SYMBOL]?: SolidLogic\n}\n\nconst globalTarget = (typeof window !== 'undefined' ? window : global) as GlobalWithSingleton\n\nfunction getOrCreateSingleton(): SolidLogic {\n if (!globalTarget[SINGLETON_SYMBOL]) {\n debug.log('SolidLogic: Creating new global singleton instance.')\n globalTarget[SINGLETON_SYMBOL] = createSolidLogic({ fetch: _fetch }, authSession)\n debug.log('Unique quadstore initialized.')\n } else {\n debug.log('SolidLogic: Using existing global singleton instance.')\n }\n return globalTarget[SINGLETON_SYMBOL]!\n}\n//this const makes solidLogicSingleton global accessible in mashlib\nconst solidLogicSingleton = getOrCreateSingleton()\n\nexport { solidLogicSingleton }","const DEFAULT_ISSUERS = [\n {\n name: 'Solid Community',\n uri: 'https://solidcommunity.net'\n },\n {\n name: 'Solid Web',\n uri: 'https://solidweb.org'\n },\n {\n name: 'Solid Web ME',\n uri: 'https://solidweb.me'\n },\n {\n name: 'Inrupt.com',\n uri: 'https://login.inrupt.com'\n }\n]\n\n/**\n * @returns - A list of suggested OIDC issuers\n */\nexport function getSuggestedIssuers (): { name: string, uri: string }[] {\n // Suggest a default list of OIDC issuers\n const issuers = [...DEFAULT_ISSUERS]\n \n // Suggest the current host if not already included\n const { host, origin } = new URL(location.href)\n const hosts = issuers.map(({ uri }) => new URL(uri).host)\n if (!hosts.includes(host) && !hosts.some(existing => isSubdomainOf(host, existing))) {\n issuers.unshift({ name: host, uri: origin })\n }\n \n return issuers\n }\n \nfunction isSubdomainOf (subdomain: string, domain: string): boolean {\n const dot = subdomain.length - domain.length - 1\n return dot > 0 && subdomain[dot] === '.' && subdomain.endsWith(domain)\n}","// Make these variables directly accessible as it is what you need most of the time\n// This also makes these variable globaly accesible in mashlib\nimport { solidLogicSingleton } from './logic/solidLogicSingleton'\n\nconst authn = solidLogicSingleton.authn\nconst authSession = solidLogicSingleton.authn.authSession\nconst store = solidLogicSingleton.store\n\nexport { ACL_LINK } from './acl/aclLogic'\nexport { offlineTestID, appContext } from './authn/authUtil'\nexport { getSuggestedIssuers } from './issuer/issuerLogic'\nexport { createTypeIndexLogic } from './typeIndex/typeIndexLogic'\nexport type { AppDetails, SolidNamespace, AuthenticationContext, SolidLogic, ChatLogic } from './types'\nexport { UnauthorizedError, CrossOriginForbiddenError, SameOriginForbiddenError, NotFoundError, FetchError, NotEditableError, WebOperationError } from './logic/CustomError'\n\nexport {\n solidLogicSingleton, // solidLogicSingleton is exported entirely because it is used in solid-panes\n store,\n authn,\n authSession\n}\n\n"],"names":["aliases","acl","arg","as","bookmark","cal","cco","cert","contact","dc","dct","doap","foaf","geo","gpx","gr","http","httph","icalTZ","ldp","link","log","meeting","mo","org","owl","pad","patch","prov","pto","qu","trip","rdf","rdfs","rss","sched","schema","sioc","skos","solid","space","stat","tab","tabont","ui","vann","vcard","wf","xsd","module","exports","namedNode","u","namespaces","alias","expansion","localName","__webpack_module_cache__","__webpack_require__","moduleId","cachedModule","undefined","__webpack_modules__","args","console","warn","n","getter","__esModule","d","a","definition","key","o","Object","defineProperty","enumerable","get","g","globalThis","this","Function","e","window","obj","prop","prototype","hasOwnProperty","call","isCryptoKey","CryptoKey","message","msg","actual","types","filter","Boolean","length","last","pop","join","name","constructor","withAlg","alg","encoder","TextEncoder","decoder","TextDecoder","concat","buffers","size","reduce","acc","buf","Uint8Array","i","buffer","set","encode","input","unencoded","arr","push","String","fromCharCode","apply","subarray","btoa","encodeBase64","replace","decode","encoded","binary","atob","bytes","charCodeAt","decodeBase64","TypeError","Symbol","toStringTag","async","kty","k","extractable","ext","key_ops","use","jwk","subtle","exportKey","exportJWK","JOSEError","Error","options","super","code","captureStackTrace","JWTClaimValidationFailed","payload","claim","reason","cause","JWTExpired","JOSEAlgNotAllowed","arguments","JWSInvalid","JWTInvalid","JWKInvalid","JWKSInvalid","JWKSNoMatchingKey","JWKSMultipleMatchingKeys","asyncIterator","JWKSTimeout","JWSSignatureVerificationFailed","subtleDsa","algorithm","hash","slice","saltLength","namedCurve","startsWith","modulusLength","unusable","isAlgorithm","getHashLength","parseInt","checkUsage","usages","some","expected","includes","checkSigCryptoKey","getNamedCurve","isObject","value","toString","getPrototypeOf","proto","isJWK","keyUsages","crv","subtleMapping","rest","keyData","importKey","exportKeyValue","privCache","pubCache","isKeyObject","importAndCache","cache","freeze","cached","cryptoKey","export","format","dp","dq","p","q","qi","WeakMap","getCryptoKey","usage","data","signature","sign","headers","sources","header","parameters","keys","parameter","has","add","Set","tag","jwkMatchesOp","symmetricTypeCheck","allowJwk","type","checkKeyType","test","asymmetricTypeCheck","bind","checkKeyTypeWithJwk","Err","recognizedDefault","recognizedOption","protectedHeader","joseHeader","crit","Array","isArray","recognized","Map","entries","FlattenedSign","_payload","setProtectedHeader","_protectedHeader","setUnprotectedHeader","unprotectedHeader","_unprotectedHeader","b64","JSON","stringify","jws","protected","CompactSign","_flattened","date","Math","floor","getTime","day","hour","REGEX","str","matched","exec","parseFloat","numericDate","toLowerCase","round","minute","validateInput","label","Number","isFinite","ProduceJWT","setIssuer","issuer","iss","setSubject","subject","sub","setAudience","audience","aud","setJti","jwtId","jti","setNotBefore","nbf","Date","epoch","secs","setExpirationTime","exp","setIssuedAt","iat","SignJWT","sig","url","timeout","controller","id","timedOut","AbortController","setTimeout","abort","response","fetch","href","signal","redirect","catch","err","clearTimeout","status","json","importJWK","oth","isJWKLike","clone","structuredClone","parse","LocalJWKSet","jwks","_cached","every","isJWKSLike","_jwks","getKey","token","kid","getKtyFromAlg","candidates","candidate","error","importWithAlgCache","createLocalJWKSet","localJWKSet","defineProperties","configurable","writable","USER_AGENT","navigator","userAgent","jwksCache","RemoteJWKSet","URL","cacheMaxAge","_url","_options","agent","_timeoutDuration","timeoutDuration","_cooldownDuration","cooldownDuration","_cacheMaxAge","_cache","uat","now","_jwksTimestamp","_local","coolingDown","fresh","reload","_pendingFetch","WebSocketPair","EdgeRuntime","Headers","fromEntries","then","verify","option","algorithms","s","compactVerify","split","verified","parsedProt","resolvedKey","result","flattenedVerify","normalizeTyp","encodedPayload","typ","requiredClaims","maxTokenAge","presenceCheck","reverse","audPayload","audOption","tolerance","clockTolerance","currentDate","age","subtleDigest","digest","check","description","calculateJwkThumbprint","digestAlgorithm","components","x","y","getModulusLengthOption","publicExponent","generateKey","SessionEvents","SessionDatabase","dbName","storeName","dbVersion","db","init","Promise","resolve","reject","request","indexedDB","open","onerror","onsuccess","onupgradeneeded","event","target","objectStoreNames","contains","createObjectStore","setItem","tx","transaction","oncomplete","objectStore","put","getItem","deleteItem","delete","clear","close","createDPoPToken","keyPair","htu","htm","ath","publicJwk","publicKey","crypto","randomUUID","privateKey","requestTokens","tokenEndpoint","params","dpop","method","body","URLSearchParams","ok","validateAccessToken","accessToken","jwksUri","clientId","remoteJWKSet","reloading","createRemoteJWKSet","jwt","jwtVerify","thumbprint","cnf","jkt","client_id","EventTarget","database","onStateChange","onExpirationWarning","onExpiration","_isActive","_webId","_exp","_ath","_tokens","_idpDetails","_refreshPromise","addEventListener","isActive","webId","isExpired","getExpiresIn","login","idp","redirectUri","redirectUrl","sanitizedRedirect","origin","pathname","search","config","discoverOIDC","trimSlash","endsWith","sessionStorage","token_endpoint","jwks_uri","registrationEndpoint","redirectUris","application_type","redirect_uris","token_endpoint_auth_method","grant_types","response_types","scope","registerClient","registration_endpoint","pkce","verifier","challenge","generatePKCE","csrfToken","authUrl","authorization_endpoint","searchParams","location","handleRedirectFromLogin","csrf","history","replaceState","document","title","pkceVerifier","tokens","grant_type","code_verifier","redirect_uri","access_token","all","refresh_token","removeItem","_setTokens","dpop_key_pair","_dispatchStateChange","restore","refreshToken","refreshTokens","_dispatchExpiration","_dispatchExpirationWarning","logout","authFetch","Request","toUpperCase","decoded","decodeJwt","webid","hashBuffer","hashArray","from","computeAth","dispatchEvent","CustomEvent","detail","expires_in","EVENTS","EventEmitter","listeners","on","callback","off","emit","forEach","cb","Session","_session","_events","_sessionId","events","info","isLoggedIn","sessionId","expirationDate","handleIncomingRedirect","opts","restorePreviousSession","oidcIssuer","authSession","__WEBPACK_EXTERNAL_MODULE_rdflib__","ACL_LINK","sym","createAclLogic","store","ns","genACLText","docURI","me","aclURI","optPublic","public","graph","auth","Namespace","doc","defaultForNew","serialize","findAclDocUrl","fetcher","load","docNode","any","setACLUserPublic","aclDoc","fetchACLRel","aclText","uri","webOperation","contentType","appContext","SolidAppContext","viewingNoAuthPage","noAuth","viewedPage","decodeURI","ary","offlineTestID","$SolidTestEnvironment","username","div","getElementById","getAttribute","SolidAuthnLogic","solidAuthSession","session","currentUser","app","checkUser","setUserCallback","preLoginRedirectHash","localStorage","postLoginRedirectHash","curUrl","pushState","webIdFromSession","saveUser","context","webIdUri","newThing","differentOrigin","CHAT_LOCATION_IN_CONTAINER","createChatLogic","profileLogic","setAcl","chatContainer","invitee","chatAclDoc","NamedNode","aclBody","addToPrivateTypeIndex","chatThing","privateTypeIndex","reg","ins","st","updater","update","_uri","errm","findChat","loadMe","podRoot","chatContainerStr","host","determineChatContainer","getPodRoot","exists","createChatThing","mintNew","newBase","newInstance","newPaneOptions","kb","newChatDoc","term","statementsMatching","uri2","sendInvite","inviteeInbox","inviteBody","inviteResponse","getChat","createIfMissing","createInboxLogic","utilityLogic","containerLogic","aclLogic","createInboxFor","peerWebId","nick","myWebId","ourInbox","encodeURIComponent","createContainer","setSinglePeerAccess","ownerWebId","accessToModes","getNewMessages","user","inbox","getMainInbox","getContainerMembers","isContainer","markAsRead","downloaded","_fetch","archiveUrl","baseUrl","year","getUTCFullYear","month","getUTCMonth","getUTCDate","parts","filename","getArchiveUrl","text","CustomError","setPrototypeOf","UnauthorizedError","CrossOriginForbiddenError","SameOriginForbiddenError","NotFoundError","NotEditableError","WebOperationError","FetchError","createProfileLogic","authn","loadPreferences","loadProfile","possiblePreferencesFile","fileURI","folderURI","suggestPreferencesFile","preferencesFile","followOrCreateLink","findStorage","mainInbox","silencedLoadPreferences","createTypeIndexLogic","loadTypeIndexesFor","profile","suggestion","suggestPublicTypeIndex","publicTypeIndex","publicScopes","index","privateScopes","suggestedPrivateTypeIndex","suggestPrivateTypeIndex","scopes","files","map","loadCommunityTypeIndexes","communities","each","loadAllTypeIndexes","flat","getScopedAppInstances","klass","scopedApps","scopedApps0","getScopedAppsFromIndex","dir","theClass","results","registrations","sameTerm","instances","instance","containers","registerInTypeIndex","registration","getRegistrations","r","holds","getAppInstances","scoped","deleteTypeIndexRegistration","item","the","statements","createSolidLogic","specialFetch","features","getContainerElements","containerNode","object","nodeToString","charAt","Link","containerUrl","createContainerLogic","loadOrCreateIfNotExists","recursiveDelete","aclDocUrl","containerMembers","nodeToStringHere","defaultModes","createEmptyRdfDoc","comment","predicate","editable","createUtilityLogic","chat","typeIndex","updatePromise","del","errorBody","clearStore","remove","requestInit","omitCreds","credentials","SINGLETON_SYMBOL","for","globalTarget","solidLogicSingleton","DEFAULT_ISSUERS","getSuggestedIssuers","issuers","hosts","existing","subdomain","domain","dot","isSubdomainOf","unshift"],"ignoreList":[],"sourceRoot":""} \ No newline at end of file diff --git a/dist/solid-logic.js b/dist/solid-logic.js new file mode 100644 index 0000000..fff0e04 --- /dev/null +++ b/dist/solid-logic.js @@ -0,0 +1,4233 @@ +(function webpackUniversalModuleDefinition(root, factory) { + if(typeof exports === 'object' && typeof module === 'object') + module.exports = factory(require("$rdf")); + else if(typeof define === 'function' && define.amd) + define("SolidLogic", ["$rdf"], factory); + else if(typeof exports === 'object') + exports["SolidLogic"] = factory(require("$rdf")); + else + root["SolidLogic"] = factory(root["$rdf"]); +})(this, (__WEBPACK_EXTERNAL_MODULE__264__) => { +return /******/ (() => { // webpackBootstrap +/******/ var __webpack_modules__ = ({ + +/***/ 264 +(module) { + +"use strict"; +module.exports = __WEBPACK_EXTERNAL_MODULE__264__; + +/***/ }, + +/***/ 386 +(module) { + +/** + * Provides a way to access commonly used namespaces + * + * Usage: + * + * ``` + * const $rdf = require('rdflib'); //or any other RDF/JS-compatible library + * const ns = require('solid-namespace')($rdf); + * const store = $rdf.graph(); + * + * let me = ...; + * let name = store.any(me, ns.vcard(‘fn’)) || store.any(me, ns.foaf(‘name’)); + * ``` + * @module vocab + */ +const aliases = { + acl: 'http://www.w3.org/ns/auth/acl#', + arg: 'http://www.w3.org/ns/pim/arg#', + as: 'https://www.w3.org/ns/activitystreams#', + bookmark: 'http://www.w3.org/2002/01/bookmark#', + cal: 'http://www.w3.org/2002/12/cal/ical#', + cco: 'http://www.ontologyrepository.com/CommonCoreOntologies/', + cert: 'http://www.w3.org/ns/auth/cert#', + contact: 'http://www.w3.org/2000/10/swap/pim/contact#', + dc: 'http://purl.org/dc/elements/1.1/', + dct: 'http://purl.org/dc/terms/', + doap: 'http://usefulinc.com/ns/doap#', + foaf: 'http://xmlns.com/foaf/0.1/', + geo: 'http://www.w3.org/2003/01/geo/wgs84_pos#', + gpx: 'http://www.w3.org/ns/pim/gpx#', + gr: 'http://purl.org/goodrelations/v1#', + http: 'http://www.w3.org/2007/ont/http#', + httph: 'http://www.w3.org/2007/ont/httph#', + icalTZ: 'http://www.w3.org/2002/12/cal/icaltzd#', // Beware: not cal: + ldp: 'http://www.w3.org/ns/ldp#', + link: 'http://www.w3.org/2007/ont/link#', + log: 'http://www.w3.org/2000/10/swap/log#', + meeting: 'http://www.w3.org/ns/pim/meeting#', + mo: 'http://purl.org/ontology/mo/', + org: 'http://www.w3.org/ns/org#', + owl: 'http://www.w3.org/2002/07/owl#', + pad: 'http://www.w3.org/ns/pim/pad#', + patch: 'http://www.w3.org/ns/pim/patch#', + prov: 'http://www.w3.org/ns/prov#', + pto: 'http://www.productontology.org/id/', + qu: 'http://www.w3.org/2000/10/swap/pim/qif#', + trip: 'http://www.w3.org/ns/pim/trip#', + rdf: 'http://www.w3.org/1999/02/22-rdf-syntax-ns#', + rdfs: 'http://www.w3.org/2000/01/rdf-schema#', + rss: 'http://purl.org/rss/1.0/', + sched: 'http://www.w3.org/ns/pim/schedule#', + schema: 'http://schema.org/', // @@ beware confusion with documents no 303 + sioc: 'http://rdfs.org/sioc/ns#', + skos: 'http://www.w3.org/2004/02/skos/core#', + solid: 'http://www.w3.org/ns/solid/terms#', + space: 'http://www.w3.org/ns/pim/space#', + stat: 'http://www.w3.org/ns/posix/stat#', + tab: 'http://www.w3.org/2007/ont/link#', + tabont: 'http://www.w3.org/2007/ont/link#', + ui: 'http://www.w3.org/ns/ui#', + vann: 'http://purl.org/vocab/vann/', + vcard: 'http://www.w3.org/2006/vcard/ns#', + wf: 'http://www.w3.org/2005/01/wf/flow#', + xsd: 'http://www.w3.org/2001/XMLSchema#', +} + +/** + * @param [rdflib] {RDF} Optional RDF Library (such as rdflib.js or rdf-ext) to inject + */ +function vocab (rdf = { namedNode: u => u }) { + const namespaces = {} + for (const alias in aliases) { + const expansion = aliases[alias] + namespaces[alias] = function (localName = '') { + return rdf.namedNode(expansion + localName) + } + }; + + return namespaces +}; + +module.exports = vocab + + +/***/ } + +/******/ }); +/************************************************************************/ +/******/ // The module cache +/******/ var __webpack_module_cache__ = {}; +/******/ +/******/ // The require function +/******/ function __webpack_require__(moduleId) { +/******/ // Check if module is in cache +/******/ var cachedModule = __webpack_module_cache__[moduleId]; +/******/ if (cachedModule !== undefined) { +/******/ return cachedModule.exports; +/******/ } +/******/ // Create a new module (and put it into the cache) +/******/ var module = __webpack_module_cache__[moduleId] = { +/******/ // no module.id needed +/******/ // no module.loaded needed +/******/ exports: {} +/******/ }; +/******/ +/******/ // Execute the module function +/******/ __webpack_modules__[moduleId](module, module.exports, __webpack_require__); +/******/ +/******/ // Return the exports of the module +/******/ return module.exports; +/******/ } +/******/ +/************************************************************************/ +/******/ /* webpack/runtime/compat get default export */ +/******/ (() => { +/******/ // getDefaultExport function for compatibility with non-harmony modules +/******/ __webpack_require__.n = (module) => { +/******/ var getter = module && module.__esModule ? +/******/ () => (module['default']) : +/******/ () => (module); +/******/ __webpack_require__.d(getter, { a: getter }); +/******/ return getter; +/******/ }; +/******/ })(); +/******/ +/******/ /* webpack/runtime/define property getters */ +/******/ (() => { +/******/ // define getter functions for harmony exports +/******/ __webpack_require__.d = (exports, definition) => { +/******/ for(var key in definition) { +/******/ if(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) { +/******/ Object.defineProperty(exports, key, { enumerable: true, get: definition[key] }); +/******/ } +/******/ } +/******/ }; +/******/ })(); +/******/ +/******/ /* webpack/runtime/global */ +/******/ (() => { +/******/ __webpack_require__.g = (function() { +/******/ if (typeof globalThis === 'object') return globalThis; +/******/ try { +/******/ return this || new Function('return this')(); +/******/ } catch (e) { +/******/ if (typeof window === 'object') return window; +/******/ } +/******/ })(); +/******/ })(); +/******/ +/******/ /* webpack/runtime/hasOwnProperty shorthand */ +/******/ (() => { +/******/ __webpack_require__.o = (obj, prop) => (Object.prototype.hasOwnProperty.call(obj, prop)) +/******/ })(); +/******/ +/******/ /* webpack/runtime/make namespace object */ +/******/ (() => { +/******/ // define __esModule on exports +/******/ __webpack_require__.r = (exports) => { +/******/ if(typeof Symbol !== 'undefined' && Symbol.toStringTag) { +/******/ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' }); +/******/ } +/******/ Object.defineProperty(exports, '__esModule', { value: true }); +/******/ }; +/******/ })(); +/******/ +/************************************************************************/ +var __webpack_exports__ = {}; +// This entry needs to be wrapped in an IIFE because it needs to be in strict mode. +(() => { +"use strict"; +// ESM COMPAT FLAG +__webpack_require__.r(__webpack_exports__); + +// EXPORTS +__webpack_require__.d(__webpack_exports__, { + ACL_LINK: () => (/* reexport */ ACL_LINK), + CrossOriginForbiddenError: () => (/* reexport */ CrossOriginForbiddenError), + FetchError: () => (/* reexport */ FetchError), + NotEditableError: () => (/* reexport */ NotEditableError), + NotFoundError: () => (/* reexport */ NotFoundError), + SameOriginForbiddenError: () => (/* reexport */ SameOriginForbiddenError), + UnauthorizedError: () => (/* reexport */ UnauthorizedError), + WebOperationError: () => (/* reexport */ WebOperationError), + appContext: () => (/* reexport */ appContext), + authSession: () => (/* binding */ src_authSession), + authn: () => (/* binding */ authn), + createTypeIndexLogic: () => (/* reexport */ createTypeIndexLogic), + getSuggestedIssuers: () => (/* reexport */ getSuggestedIssuers), + offlineTestID: () => (/* reexport */ offlineTestID), + solidLogicSingleton: () => (/* reexport */ solidLogicSingleton), + store: () => (/* binding */ store) +}); + +;// ./src/util/debug.ts +function log(...args) { + console.log(...args); +} +function warn(...args) { + console.warn(...args); +} +function error(...args) { + console.error(...args); +} +function trace(...args) { + console.trace(...args); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/webcrypto.js +/* harmony default export */ const webcrypto = (crypto); +const isCryptoKey = (key) => key instanceof CryptoKey; + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/invalid_key_input.js +function message(msg, actual, ...types) { + types = types.filter(Boolean); + if (types.length > 2) { + const last = types.pop(); + msg += `one of type ${types.join(', ')}, or ${last}.`; + } + else if (types.length === 2) { + msg += `one of type ${types[0]} or ${types[1]}.`; + } + else { + msg += `of type ${types[0]}.`; + } + if (actual == null) { + msg += ` Received ${actual}`; + } + else if (typeof actual === 'function' && actual.name) { + msg += ` Received function ${actual.name}`; + } + else if (typeof actual === 'object' && actual != null) { + if (actual.constructor?.name) { + msg += ` Received an instance of ${actual.constructor.name}`; + } + } + return msg; +} +/* harmony default export */ const invalid_key_input = ((actual, ...types) => { + return message('Key must be ', actual, ...types); +}); +function withAlg(alg, actual, ...types) { + return message(`Key for the ${alg} algorithm must be `, actual, ...types); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/buffer_utils.js + +const encoder = new TextEncoder(); +const decoder = new TextDecoder(); +const MAX_INT32 = (/* unused pure expression or super */ null && (2 ** 32)); +function concat(...buffers) { + const size = buffers.reduce((acc, { length }) => acc + length, 0); + const buf = new Uint8Array(size); + let i = 0; + for (const buffer of buffers) { + buf.set(buffer, i); + i += buffer.length; + } + return buf; +} +function p2s(alg, p2sInput) { + return concat(encoder.encode(alg), new Uint8Array([0]), p2sInput); +} +function writeUInt32BE(buf, value, offset) { + if (value < 0 || value >= MAX_INT32) { + throw new RangeError(`value must be >= 0 and <= ${MAX_INT32 - 1}. Received ${value}`); + } + buf.set([value >>> 24, value >>> 16, value >>> 8, value & 0xff], offset); +} +function uint64be(value) { + const high = Math.floor(value / MAX_INT32); + const low = value % MAX_INT32; + const buf = new Uint8Array(8); + writeUInt32BE(buf, high, 0); + writeUInt32BE(buf, low, 4); + return buf; +} +function uint32be(value) { + const buf = new Uint8Array(4); + writeUInt32BE(buf, value); + return buf; +} +function lengthAndInput(input) { + return concat(uint32be(input.length), input); +} +async function concatKdf(secret, bits, value) { + const iterations = Math.ceil((bits >> 3) / 32); + const res = new Uint8Array(iterations * 32); + for (let iter = 0; iter < iterations; iter++) { + const buf = new Uint8Array(4 + secret.length + value.length); + buf.set(uint32be(iter + 1)); + buf.set(secret, 4); + buf.set(value, 4 + secret.length); + res.set(await digest('sha256', buf), iter * 32); + } + return res.slice(0, bits >> 3); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/base64url.js + +const encodeBase64 = (input) => { + let unencoded = input; + if (typeof unencoded === 'string') { + unencoded = encoder.encode(unencoded); + } + const CHUNK_SIZE = 0x8000; + const arr = []; + for (let i = 0; i < unencoded.length; i += CHUNK_SIZE) { + arr.push(String.fromCharCode.apply(null, unencoded.subarray(i, i + CHUNK_SIZE))); + } + return btoa(arr.join('')); +}; +const encode = (input) => { + return encodeBase64(input).replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_'); +}; +const decodeBase64 = (encoded) => { + const binary = atob(encoded); + const bytes = new Uint8Array(binary.length); + for (let i = 0; i < binary.length; i++) { + bytes[i] = binary.charCodeAt(i); + } + return bytes; +}; +const decode = (input) => { + let encoded = input; + if (encoded instanceof Uint8Array) { + encoded = decoder.decode(encoded); + } + encoded = encoded.replace(/-/g, '+').replace(/_/g, '/').replace(/\s/g, ''); + try { + return decodeBase64(encoded); + } + catch { + throw new TypeError('The input to be decoded is not correctly encoded.'); + } +}; + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/is_key_like.js + +/* harmony default export */ const is_key_like = ((key) => { + if (isCryptoKey(key)) { + return true; + } + return key?.[Symbol.toStringTag] === 'KeyObject'; +}); +const types = ['CryptoKey']; + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/key_to_jwk.js + + + + +const keyToJWK = async (key) => { + if (key instanceof Uint8Array) { + return { + kty: 'oct', + k: encode(key), + }; + } + if (!isCryptoKey(key)) { + throw new TypeError(invalid_key_input(key, ...types, 'Uint8Array')); + } + if (!key.extractable) { + throw new TypeError('non-extractable CryptoKey cannot be exported as a JWK'); + } + const { ext, key_ops, alg, use, ...jwk } = await webcrypto.subtle.exportKey('jwk', key); + return jwk; +}; +/* harmony default export */ const key_to_jwk = (keyToJWK); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/key/export.js + + + +async function exportSPKI(key) { + return exportPublic(key); +} +async function exportPKCS8(key) { + return exportPrivate(key); +} +async function exportJWK(key) { + return key_to_jwk(key); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/util/errors.js +class JOSEError extends Error { + constructor(message, options) { + super(message, options); + this.code = 'ERR_JOSE_GENERIC'; + this.name = this.constructor.name; + Error.captureStackTrace?.(this, this.constructor); + } +} +JOSEError.code = 'ERR_JOSE_GENERIC'; +class JWTClaimValidationFailed extends JOSEError { + constructor(message, payload, claim = 'unspecified', reason = 'unspecified') { + super(message, { cause: { claim, reason, payload } }); + this.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED'; + this.claim = claim; + this.reason = reason; + this.payload = payload; + } +} +JWTClaimValidationFailed.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED'; +class JWTExpired extends JOSEError { + constructor(message, payload, claim = 'unspecified', reason = 'unspecified') { + super(message, { cause: { claim, reason, payload } }); + this.code = 'ERR_JWT_EXPIRED'; + this.claim = claim; + this.reason = reason; + this.payload = payload; + } +} +JWTExpired.code = 'ERR_JWT_EXPIRED'; +class JOSEAlgNotAllowed extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JOSE_ALG_NOT_ALLOWED'; + } +} +JOSEAlgNotAllowed.code = 'ERR_JOSE_ALG_NOT_ALLOWED'; +class errors_JOSENotSupported extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JOSE_NOT_SUPPORTED'; + } +} +errors_JOSENotSupported.code = 'ERR_JOSE_NOT_SUPPORTED'; +class JWEDecryptionFailed extends JOSEError { + constructor(message = 'decryption operation failed', options) { + super(message, options); + this.code = 'ERR_JWE_DECRYPTION_FAILED'; + } +} +JWEDecryptionFailed.code = 'ERR_JWE_DECRYPTION_FAILED'; +class JWEInvalid extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JWE_INVALID'; + } +} +JWEInvalid.code = 'ERR_JWE_INVALID'; +class JWSInvalid extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JWS_INVALID'; + } +} +JWSInvalid.code = 'ERR_JWS_INVALID'; +class JWTInvalid extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JWT_INVALID'; + } +} +JWTInvalid.code = 'ERR_JWT_INVALID'; +class JWKInvalid extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JWK_INVALID'; + } +} +JWKInvalid.code = 'ERR_JWK_INVALID'; +class JWKSInvalid extends JOSEError { + constructor() { + super(...arguments); + this.code = 'ERR_JWKS_INVALID'; + } +} +JWKSInvalid.code = 'ERR_JWKS_INVALID'; +class JWKSNoMatchingKey extends JOSEError { + constructor(message = 'no applicable key found in the JSON Web Key Set', options) { + super(message, options); + this.code = 'ERR_JWKS_NO_MATCHING_KEY'; + } +} +JWKSNoMatchingKey.code = 'ERR_JWKS_NO_MATCHING_KEY'; +class JWKSMultipleMatchingKeys extends JOSEError { + constructor(message = 'multiple matching keys found in the JSON Web Key Set', options) { + super(message, options); + this.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS'; + } +} +Symbol.asyncIterator; +JWKSMultipleMatchingKeys.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS'; +class JWKSTimeout extends JOSEError { + constructor(message = 'request timed out', options) { + super(message, options); + this.code = 'ERR_JWKS_TIMEOUT'; + } +} +JWKSTimeout.code = 'ERR_JWKS_TIMEOUT'; +class JWSSignatureVerificationFailed extends JOSEError { + constructor(message = 'signature verification failed', options) { + super(message, options); + this.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED'; + } +} +JWSSignatureVerificationFailed.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED'; + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/subtle_dsa.js + +function subtleDsa(alg, algorithm) { + const hash = `SHA-${alg.slice(-3)}`; + switch (alg) { + case 'HS256': + case 'HS384': + case 'HS512': + return { hash, name: 'HMAC' }; + case 'PS256': + case 'PS384': + case 'PS512': + return { hash, name: 'RSA-PSS', saltLength: alg.slice(-3) >> 3 }; + case 'RS256': + case 'RS384': + case 'RS512': + return { hash, name: 'RSASSA-PKCS1-v1_5' }; + case 'ES256': + case 'ES384': + case 'ES512': + return { hash, name: 'ECDSA', namedCurve: algorithm.namedCurve }; + case 'Ed25519': + return { name: 'Ed25519' }; + case 'EdDSA': + return { name: algorithm.name }; + default: + throw new errors_JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`); + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/check_key_length.js +/* harmony default export */ const check_key_length = ((alg, key) => { + if (alg.startsWith('RS') || alg.startsWith('PS')) { + const { modulusLength } = key.algorithm; + if (typeof modulusLength !== 'number' || modulusLength < 2048) { + throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`); + } + } +}); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/crypto_key.js +function unusable(name, prop = 'algorithm.name') { + return new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`); +} +function isAlgorithm(algorithm, name) { + return algorithm.name === name; +} +function getHashLength(hash) { + return parseInt(hash.name.slice(4), 10); +} +function getNamedCurve(alg) { + switch (alg) { + case 'ES256': + return 'P-256'; + case 'ES384': + return 'P-384'; + case 'ES512': + return 'P-521'; + default: + throw new Error('unreachable'); + } +} +function checkUsage(key, usages) { + if (usages.length && !usages.some((expected) => key.usages.includes(expected))) { + let msg = 'CryptoKey does not support this operation, its usages must include '; + if (usages.length > 2) { + const last = usages.pop(); + msg += `one of ${usages.join(', ')}, or ${last}.`; + } + else if (usages.length === 2) { + msg += `one of ${usages[0]} or ${usages[1]}.`; + } + else { + msg += `${usages[0]}.`; + } + throw new TypeError(msg); + } +} +function checkSigCryptoKey(key, alg, ...usages) { + switch (alg) { + case 'HS256': + case 'HS384': + case 'HS512': { + if (!isAlgorithm(key.algorithm, 'HMAC')) + throw unusable('HMAC'); + const expected = parseInt(alg.slice(2), 10); + const actual = getHashLength(key.algorithm.hash); + if (actual !== expected) + throw unusable(`SHA-${expected}`, 'algorithm.hash'); + break; + } + case 'RS256': + case 'RS384': + case 'RS512': { + if (!isAlgorithm(key.algorithm, 'RSASSA-PKCS1-v1_5')) + throw unusable('RSASSA-PKCS1-v1_5'); + const expected = parseInt(alg.slice(2), 10); + const actual = getHashLength(key.algorithm.hash); + if (actual !== expected) + throw unusable(`SHA-${expected}`, 'algorithm.hash'); + break; + } + case 'PS256': + case 'PS384': + case 'PS512': { + if (!isAlgorithm(key.algorithm, 'RSA-PSS')) + throw unusable('RSA-PSS'); + const expected = parseInt(alg.slice(2), 10); + const actual = getHashLength(key.algorithm.hash); + if (actual !== expected) + throw unusable(`SHA-${expected}`, 'algorithm.hash'); + break; + } + case 'EdDSA': { + if (key.algorithm.name !== 'Ed25519' && key.algorithm.name !== 'Ed448') { + throw unusable('Ed25519 or Ed448'); + } + break; + } + case 'Ed25519': { + if (!isAlgorithm(key.algorithm, 'Ed25519')) + throw unusable('Ed25519'); + break; + } + case 'ES256': + case 'ES384': + case 'ES512': { + if (!isAlgorithm(key.algorithm, 'ECDSA')) + throw unusable('ECDSA'); + const expected = getNamedCurve(alg); + const actual = key.algorithm.namedCurve; + if (actual !== expected) + throw unusable(expected, 'algorithm.namedCurve'); + break; + } + default: + throw new TypeError('CryptoKey does not support this operation'); + } + checkUsage(key, usages); +} +function checkEncCryptoKey(key, alg, ...usages) { + switch (alg) { + case 'A128GCM': + case 'A192GCM': + case 'A256GCM': { + if (!isAlgorithm(key.algorithm, 'AES-GCM')) + throw unusable('AES-GCM'); + const expected = parseInt(alg.slice(1, 4), 10); + const actual = key.algorithm.length; + if (actual !== expected) + throw unusable(expected, 'algorithm.length'); + break; + } + case 'A128KW': + case 'A192KW': + case 'A256KW': { + if (!isAlgorithm(key.algorithm, 'AES-KW')) + throw unusable('AES-KW'); + const expected = parseInt(alg.slice(1, 4), 10); + const actual = key.algorithm.length; + if (actual !== expected) + throw unusable(expected, 'algorithm.length'); + break; + } + case 'ECDH': { + switch (key.algorithm.name) { + case 'ECDH': + case 'X25519': + case 'X448': + break; + default: + throw unusable('ECDH, X25519, or X448'); + } + break; + } + case 'PBES2-HS256+A128KW': + case 'PBES2-HS384+A192KW': + case 'PBES2-HS512+A256KW': + if (!isAlgorithm(key.algorithm, 'PBKDF2')) + throw unusable('PBKDF2'); + break; + case 'RSA-OAEP': + case 'RSA-OAEP-256': + case 'RSA-OAEP-384': + case 'RSA-OAEP-512': { + if (!isAlgorithm(key.algorithm, 'RSA-OAEP')) + throw unusable('RSA-OAEP'); + const expected = parseInt(alg.slice(9), 10) || 1; + const actual = getHashLength(key.algorithm.hash); + if (actual !== expected) + throw unusable(`SHA-${expected}`, 'algorithm.hash'); + break; + } + default: + throw new TypeError('CryptoKey does not support this operation'); + } + checkUsage(key, usages); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_object.js +function isObjectLike(value) { + return typeof value === 'object' && value !== null; +} +function isObject(input) { + if (!isObjectLike(input) || Object.prototype.toString.call(input) !== '[object Object]') { + return false; + } + if (Object.getPrototypeOf(input) === null) { + return true; + } + let proto = input; + while (Object.getPrototypeOf(proto) !== null) { + proto = Object.getPrototypeOf(proto); + } + return Object.getPrototypeOf(input) === proto; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_jwk.js + +function isJWK(key) { + return isObject(key) && typeof key.kty === 'string'; +} +function isPrivateJWK(key) { + return key.kty !== 'oct' && typeof key.d === 'string'; +} +function isPublicJWK(key) { + return key.kty !== 'oct' && typeof key.d === 'undefined'; +} +function isSecretJWK(key) { + return isJWK(key) && key.kty === 'oct' && typeof key.k === 'string'; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/jwk_to_key.js + + +function subtleMapping(jwk) { + let algorithm; + let keyUsages; + switch (jwk.kty) { + case 'RSA': { + switch (jwk.alg) { + case 'PS256': + case 'PS384': + case 'PS512': + algorithm = { name: 'RSA-PSS', hash: `SHA-${jwk.alg.slice(-3)}` }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'RS256': + case 'RS384': + case 'RS512': + algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${jwk.alg.slice(-3)}` }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'RSA-OAEP': + case 'RSA-OAEP-256': + case 'RSA-OAEP-384': + case 'RSA-OAEP-512': + algorithm = { + name: 'RSA-OAEP', + hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`, + }; + keyUsages = jwk.d ? ['decrypt', 'unwrapKey'] : ['encrypt', 'wrapKey']; + break; + default: + throw new errors_JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value'); + } + break; + } + case 'EC': { + switch (jwk.alg) { + case 'ES256': + algorithm = { name: 'ECDSA', namedCurve: 'P-256' }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'ES384': + algorithm = { name: 'ECDSA', namedCurve: 'P-384' }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'ES512': + algorithm = { name: 'ECDSA', namedCurve: 'P-521' }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'ECDH-ES': + case 'ECDH-ES+A128KW': + case 'ECDH-ES+A192KW': + case 'ECDH-ES+A256KW': + algorithm = { name: 'ECDH', namedCurve: jwk.crv }; + keyUsages = jwk.d ? ['deriveBits'] : []; + break; + default: + throw new errors_JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value'); + } + break; + } + case 'OKP': { + switch (jwk.alg) { + case 'Ed25519': + algorithm = { name: 'Ed25519' }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'EdDSA': + algorithm = { name: jwk.crv }; + keyUsages = jwk.d ? ['sign'] : ['verify']; + break; + case 'ECDH-ES': + case 'ECDH-ES+A128KW': + case 'ECDH-ES+A192KW': + case 'ECDH-ES+A256KW': + algorithm = { name: jwk.crv }; + keyUsages = jwk.d ? ['deriveBits'] : []; + break; + default: + throw new errors_JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value'); + } + break; + } + default: + throw new errors_JOSENotSupported('Invalid or unsupported JWK "kty" (Key Type) Parameter value'); + } + return { algorithm, keyUsages }; +} +const parse = async (jwk) => { + if (!jwk.alg) { + throw new TypeError('"alg" argument is required when "jwk.alg" is not present'); + } + const { algorithm, keyUsages } = subtleMapping(jwk); + const rest = [ + algorithm, + jwk.ext ?? false, + jwk.key_ops ?? keyUsages, + ]; + const keyData = { ...jwk }; + delete keyData.alg; + delete keyData.use; + return webcrypto.subtle.importKey('jwk', keyData, ...rest); +}; +/* harmony default export */ const jwk_to_key = (parse); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/normalize_key.js + + + +const exportKeyValue = (k) => decode(k); +let privCache; +let pubCache; +const isKeyObject = (key) => { + return key?.[Symbol.toStringTag] === 'KeyObject'; +}; +const importAndCache = async (cache, key, jwk, alg, freeze = false) => { + let cached = cache.get(key); + if (cached?.[alg]) { + return cached[alg]; + } + const cryptoKey = await jwk_to_key({ ...jwk, alg }); + if (freeze) + Object.freeze(key); + if (!cached) { + cache.set(key, { [alg]: cryptoKey }); + } + else { + cached[alg] = cryptoKey; + } + return cryptoKey; +}; +const normalizePublicKey = (key, alg) => { + if (isKeyObject(key)) { + let jwk = key.export({ format: 'jwk' }); + delete jwk.d; + delete jwk.dp; + delete jwk.dq; + delete jwk.p; + delete jwk.q; + delete jwk.qi; + if (jwk.k) { + return exportKeyValue(jwk.k); + } + pubCache || (pubCache = new WeakMap()); + return importAndCache(pubCache, key, jwk, alg); + } + if (isJWK(key)) { + if (key.k) + return decode(key.k); + pubCache || (pubCache = new WeakMap()); + const cryptoKey = importAndCache(pubCache, key, key, alg, true); + return cryptoKey; + } + return key; +}; +const normalizePrivateKey = (key, alg) => { + if (isKeyObject(key)) { + let jwk = key.export({ format: 'jwk' }); + if (jwk.k) { + return exportKeyValue(jwk.k); + } + privCache || (privCache = new WeakMap()); + return importAndCache(privCache, key, jwk, alg); + } + if (isJWK(key)) { + if (key.k) + return decode(key.k); + privCache || (privCache = new WeakMap()); + const cryptoKey = importAndCache(privCache, key, key, alg, true); + return cryptoKey; + } + return key; +}; +/* harmony default export */ const normalize_key = ({ normalizePublicKey, normalizePrivateKey }); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/get_sign_verify_key.js + + + + + +async function getCryptoKey(alg, key, usage) { + if (usage === 'sign') { + key = await normalize_key.normalizePrivateKey(key, alg); + } + if (usage === 'verify') { + key = await normalize_key.normalizePublicKey(key, alg); + } + if (isCryptoKey(key)) { + checkSigCryptoKey(key, alg, usage); + return key; + } + if (key instanceof Uint8Array) { + if (!alg.startsWith('HS')) { + throw new TypeError(invalid_key_input(key, ...types)); + } + return webcrypto.subtle.importKey('raw', key, { hash: `SHA-${alg.slice(-3)}`, name: 'HMAC' }, false, [usage]); + } + throw new TypeError(invalid_key_input(key, ...types, 'Uint8Array', 'JSON Web Key')); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/sign.js + + + + +const sign = async (alg, key, data) => { + const cryptoKey = await getCryptoKey(alg, key, 'sign'); + check_key_length(alg, cryptoKey); + const signature = await webcrypto.subtle.sign(subtleDsa(alg, cryptoKey.algorithm), cryptoKey, data); + return new Uint8Array(signature); +}; +/* harmony default export */ const runtime_sign = (sign); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_disjoint.js +const isDisjoint = (...headers) => { + const sources = headers.filter(Boolean); + if (sources.length === 0 || sources.length === 1) { + return true; + } + let acc; + for (const header of sources) { + const parameters = Object.keys(header); + if (!acc || acc.size === 0) { + acc = new Set(parameters); + continue; + } + for (const parameter of parameters) { + if (acc.has(parameter)) { + return false; + } + acc.add(parameter); + } + } + return true; +}; +/* harmony default export */ const is_disjoint = (isDisjoint); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/check_key_type.js + + + +const tag = (key) => key?.[Symbol.toStringTag]; +const jwkMatchesOp = (alg, key, usage) => { + if (key.use !== undefined && key.use !== 'sig') { + throw new TypeError('Invalid key for this operation, when present its use must be sig'); + } + if (key.key_ops !== undefined && key.key_ops.includes?.(usage) !== true) { + throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${usage}`); + } + if (key.alg !== undefined && key.alg !== alg) { + throw new TypeError(`Invalid key for this operation, when present its alg must be ${alg}`); + } + return true; +}; +const symmetricTypeCheck = (alg, key, usage, allowJwk) => { + if (key instanceof Uint8Array) + return; + if (allowJwk && isJWK(key)) { + if (isSecretJWK(key) && jwkMatchesOp(alg, key, usage)) + return; + throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present`); + } + if (!is_key_like(key)) { + throw new TypeError(withAlg(alg, key, ...types, 'Uint8Array', allowJwk ? 'JSON Web Key' : null)); + } + if (key.type !== 'secret') { + throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type "secret"`); + } +}; +const asymmetricTypeCheck = (alg, key, usage, allowJwk) => { + if (allowJwk && isJWK(key)) { + switch (usage) { + case 'sign': + if (isPrivateJWK(key) && jwkMatchesOp(alg, key, usage)) + return; + throw new TypeError(`JSON Web Key for this operation be a private JWK`); + case 'verify': + if (isPublicJWK(key) && jwkMatchesOp(alg, key, usage)) + return; + throw new TypeError(`JSON Web Key for this operation be a public JWK`); + } + } + if (!is_key_like(key)) { + throw new TypeError(withAlg(alg, key, ...types, allowJwk ? 'JSON Web Key' : null)); + } + if (key.type === 'secret') { + throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type "secret"`); + } + if (usage === 'sign' && key.type === 'public') { + throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type "private"`); + } + if (usage === 'decrypt' && key.type === 'public') { + throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type "private"`); + } + if (key.algorithm && usage === 'verify' && key.type === 'private') { + throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type "public"`); + } + if (key.algorithm && usage === 'encrypt' && key.type === 'private') { + throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type "public"`); + } +}; +function checkKeyType(allowJwk, alg, key, usage) { + const symmetric = alg.startsWith('HS') || + alg === 'dir' || + alg.startsWith('PBES2') || + /^A\d{3}(?:GCM)?KW$/.test(alg); + if (symmetric) { + symmetricTypeCheck(alg, key, usage, allowJwk); + } + else { + asymmetricTypeCheck(alg, key, usage, allowJwk); + } +} +/* harmony default export */ const check_key_type = (checkKeyType.bind(undefined, false)); +const checkKeyTypeWithJwk = checkKeyType.bind(undefined, true); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_crit.js + +function validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) { + if (joseHeader.crit !== undefined && protectedHeader?.crit === undefined) { + throw new Err('"crit" (Critical) Header Parameter MUST be integrity protected'); + } + if (!protectedHeader || protectedHeader.crit === undefined) { + return new Set(); + } + if (!Array.isArray(protectedHeader.crit) || + protectedHeader.crit.length === 0 || + protectedHeader.crit.some((input) => typeof input !== 'string' || input.length === 0)) { + throw new Err('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present'); + } + let recognized; + if (recognizedOption !== undefined) { + recognized = new Map([...Object.entries(recognizedOption), ...recognizedDefault.entries()]); + } + else { + recognized = recognizedDefault; + } + for (const parameter of protectedHeader.crit) { + if (!recognized.has(parameter)) { + throw new errors_JOSENotSupported(`Extension Header Parameter "${parameter}" is not recognized`); + } + if (joseHeader[parameter] === undefined) { + throw new Err(`Extension Header Parameter "${parameter}" is missing`); + } + if (recognized.get(parameter) && protectedHeader[parameter] === undefined) { + throw new Err(`Extension Header Parameter "${parameter}" MUST be integrity protected`); + } + } + return new Set(protectedHeader.crit); +} +/* harmony default export */ const validate_crit = (validateCrit); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/sign.js + + + + + + + +class FlattenedSign { + constructor(payload) { + if (!(payload instanceof Uint8Array)) { + throw new TypeError('payload must be an instance of Uint8Array'); + } + this._payload = payload; + } + setProtectedHeader(protectedHeader) { + if (this._protectedHeader) { + throw new TypeError('setProtectedHeader can only be called once'); + } + this._protectedHeader = protectedHeader; + return this; + } + setUnprotectedHeader(unprotectedHeader) { + if (this._unprotectedHeader) { + throw new TypeError('setUnprotectedHeader can only be called once'); + } + this._unprotectedHeader = unprotectedHeader; + return this; + } + async sign(key, options) { + if (!this._protectedHeader && !this._unprotectedHeader) { + throw new JWSInvalid('either setProtectedHeader or setUnprotectedHeader must be called before #sign()'); + } + if (!is_disjoint(this._protectedHeader, this._unprotectedHeader)) { + throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint'); + } + const joseHeader = { + ...this._protectedHeader, + ...this._unprotectedHeader, + }; + const extensions = validate_crit(JWSInvalid, new Map([['b64', true]]), options?.crit, this._protectedHeader, joseHeader); + let b64 = true; + if (extensions.has('b64')) { + b64 = this._protectedHeader.b64; + if (typeof b64 !== 'boolean') { + throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean'); + } + } + const { alg } = joseHeader; + if (typeof alg !== 'string' || !alg) { + throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid'); + } + checkKeyTypeWithJwk(alg, key, 'sign'); + let payload = this._payload; + if (b64) { + payload = encoder.encode(encode(payload)); + } + let protectedHeader; + if (this._protectedHeader) { + protectedHeader = encoder.encode(encode(JSON.stringify(this._protectedHeader))); + } + else { + protectedHeader = encoder.encode(''); + } + const data = concat(protectedHeader, encoder.encode('.'), payload); + const signature = await runtime_sign(alg, key, data); + const jws = { + signature: encode(signature), + payload: '', + }; + if (b64) { + jws.payload = decoder.decode(payload); + } + if (this._unprotectedHeader) { + jws.header = this._unprotectedHeader; + } + if (this._protectedHeader) { + jws.protected = decoder.decode(protectedHeader); + } + return jws; + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/sign.js + +class CompactSign { + constructor(payload) { + this._flattened = new FlattenedSign(payload); + } + setProtectedHeader(protectedHeader) { + this._flattened.setProtectedHeader(protectedHeader); + return this; + } + async sign(key, options) { + const jws = await this._flattened.sign(key, options); + if (jws.payload === undefined) { + throw new TypeError('use the flattened module for creating JWS with b64: false'); + } + return `${jws.protected}.${jws.payload}.${jws.signature}`; + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/epoch.js +/* harmony default export */ const epoch = ((date) => Math.floor(date.getTime() / 1000)); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/secs.js +const minute = 60; +const hour = minute * 60; +const day = hour * 24; +const week = day * 7; +const year = day * 365.25; +const REGEX = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i; +/* harmony default export */ const secs = ((str) => { + const matched = REGEX.exec(str); + if (!matched || (matched[4] && matched[1])) { + throw new TypeError('Invalid time period format'); + } + const value = parseFloat(matched[2]); + const unit = matched[3].toLowerCase(); + let numericDate; + switch (unit) { + case 'sec': + case 'secs': + case 'second': + case 'seconds': + case 's': + numericDate = Math.round(value); + break; + case 'minute': + case 'minutes': + case 'min': + case 'mins': + case 'm': + numericDate = Math.round(value * minute); + break; + case 'hour': + case 'hours': + case 'hr': + case 'hrs': + case 'h': + numericDate = Math.round(value * hour); + break; + case 'day': + case 'days': + case 'd': + numericDate = Math.round(value * day); + break; + case 'week': + case 'weeks': + case 'w': + numericDate = Math.round(value * week); + break; + default: + numericDate = Math.round(value * year); + break; + } + if (matched[1] === '-' || matched[4] === 'ago') { + return -numericDate; + } + return numericDate; +}); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/produce.js + + + +function validateInput(label, input) { + if (!Number.isFinite(input)) { + throw new TypeError(`Invalid ${label} input`); + } + return input; +} +class ProduceJWT { + constructor(payload = {}) { + if (!isObject(payload)) { + throw new TypeError('JWT Claims Set MUST be an object'); + } + this._payload = payload; + } + setIssuer(issuer) { + this._payload = { ...this._payload, iss: issuer }; + return this; + } + setSubject(subject) { + this._payload = { ...this._payload, sub: subject }; + return this; + } + setAudience(audience) { + this._payload = { ...this._payload, aud: audience }; + return this; + } + setJti(jwtId) { + this._payload = { ...this._payload, jti: jwtId }; + return this; + } + setNotBefore(input) { + if (typeof input === 'number') { + this._payload = { ...this._payload, nbf: validateInput('setNotBefore', input) }; + } + else if (input instanceof Date) { + this._payload = { ...this._payload, nbf: validateInput('setNotBefore', epoch(input)) }; + } + else { + this._payload = { ...this._payload, nbf: epoch(new Date()) + secs(input) }; + } + return this; + } + setExpirationTime(input) { + if (typeof input === 'number') { + this._payload = { ...this._payload, exp: validateInput('setExpirationTime', input) }; + } + else if (input instanceof Date) { + this._payload = { ...this._payload, exp: validateInput('setExpirationTime', epoch(input)) }; + } + else { + this._payload = { ...this._payload, exp: epoch(new Date()) + secs(input) }; + } + return this; + } + setIssuedAt(input) { + if (typeof input === 'undefined') { + this._payload = { ...this._payload, iat: epoch(new Date()) }; + } + else if (input instanceof Date) { + this._payload = { ...this._payload, iat: validateInput('setIssuedAt', epoch(input)) }; + } + else if (typeof input === 'string') { + this._payload = { + ...this._payload, + iat: validateInput('setIssuedAt', epoch(new Date()) + secs(input)), + }; + } + else { + this._payload = { ...this._payload, iat: validateInput('setIssuedAt', input) }; + } + return this; + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/sign.js + + + + +class SignJWT extends ProduceJWT { + setProtectedHeader(protectedHeader) { + this._protectedHeader = protectedHeader; + return this; + } + async sign(key, options) { + const sig = new CompactSign(encoder.encode(JSON.stringify(this._payload))); + sig.setProtectedHeader(this._protectedHeader); + if (Array.isArray(this._protectedHeader?.crit) && + this._protectedHeader.crit.includes('b64') && + this._protectedHeader.b64 === false) { + throw new JWTInvalid('JWTs MUST NOT use unencoded payload'); + } + return sig.sign(key, options); + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/fetch_jwks.js + +const fetchJwks = async (url, timeout, options) => { + let controller; + let id; + let timedOut = false; + if (typeof AbortController === 'function') { + controller = new AbortController(); + id = setTimeout(() => { + timedOut = true; + controller.abort(); + }, timeout); + } + const response = await fetch(url.href, { + signal: controller ? controller.signal : undefined, + redirect: 'manual', + headers: options.headers, + }).catch((err) => { + if (timedOut) + throw new JWKSTimeout(); + throw err; + }); + if (id !== undefined) + clearTimeout(id); + if (response.status !== 200) { + throw new JOSEError('Expected 200 OK from the JSON Web Key Set HTTP response'); + } + try { + return await response.json(); + } + catch { + throw new JOSEError('Failed to parse the JSON Web Key Set HTTP response as JSON'); + } +}; +/* harmony default export */ const fetch_jwks = (fetchJwks); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/key/import.js + + + + + +async function importSPKI(spki, alg, options) { + if (typeof spki !== 'string' || spki.indexOf('-----BEGIN PUBLIC KEY-----') !== 0) { + throw new TypeError('"spki" must be SPKI formatted string'); + } + return fromSPKI(spki, alg, options); +} +async function importX509(x509, alg, options) { + if (typeof x509 !== 'string' || x509.indexOf('-----BEGIN CERTIFICATE-----') !== 0) { + throw new TypeError('"x509" must be X.509 formatted string'); + } + return fromX509(x509, alg, options); +} +async function importPKCS8(pkcs8, alg, options) { + if (typeof pkcs8 !== 'string' || pkcs8.indexOf('-----BEGIN PRIVATE KEY-----') !== 0) { + throw new TypeError('"pkcs8" must be PKCS#8 formatted string'); + } + return fromPKCS8(pkcs8, alg, options); +} +async function importJWK(jwk, alg) { + if (!isObject(jwk)) { + throw new TypeError('JWK must be an object'); + } + alg || (alg = jwk.alg); + switch (jwk.kty) { + case 'oct': + if (typeof jwk.k !== 'string' || !jwk.k) { + throw new TypeError('missing "k" (Key Value) Parameter value'); + } + return decode(jwk.k); + case 'RSA': + if ('oth' in jwk && jwk.oth !== undefined) { + throw new errors_JOSENotSupported('RSA JWK "oth" (Other Primes Info) Parameter value is not supported'); + } + case 'EC': + case 'OKP': + return jwk_to_key({ ...jwk, alg }); + default: + throw new errors_JOSENotSupported('Unsupported "kty" (Key Type) Parameter value'); + } +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/local.js + + + +function getKtyFromAlg(alg) { + switch (typeof alg === 'string' && alg.slice(0, 2)) { + case 'RS': + case 'PS': + return 'RSA'; + case 'ES': + return 'EC'; + case 'Ed': + return 'OKP'; + default: + throw new errors_JOSENotSupported('Unsupported "alg" value for a JSON Web Key Set'); + } +} +function isJWKSLike(jwks) { + return (jwks && + typeof jwks === 'object' && + Array.isArray(jwks.keys) && + jwks.keys.every(isJWKLike)); +} +function isJWKLike(key) { + return isObject(key); +} +function clone(obj) { + if (typeof structuredClone === 'function') { + return structuredClone(obj); + } + return JSON.parse(JSON.stringify(obj)); +} +class LocalJWKSet { + constructor(jwks) { + this._cached = new WeakMap(); + if (!isJWKSLike(jwks)) { + throw new JWKSInvalid('JSON Web Key Set malformed'); + } + this._jwks = clone(jwks); + } + async getKey(protectedHeader, token) { + const { alg, kid } = { ...protectedHeader, ...token?.header }; + const kty = getKtyFromAlg(alg); + const candidates = this._jwks.keys.filter((jwk) => { + let candidate = kty === jwk.kty; + if (candidate && typeof kid === 'string') { + candidate = kid === jwk.kid; + } + if (candidate && typeof jwk.alg === 'string') { + candidate = alg === jwk.alg; + } + if (candidate && typeof jwk.use === 'string') { + candidate = jwk.use === 'sig'; + } + if (candidate && Array.isArray(jwk.key_ops)) { + candidate = jwk.key_ops.includes('verify'); + } + if (candidate) { + switch (alg) { + case 'ES256': + candidate = jwk.crv === 'P-256'; + break; + case 'ES256K': + candidate = jwk.crv === 'secp256k1'; + break; + case 'ES384': + candidate = jwk.crv === 'P-384'; + break; + case 'ES512': + candidate = jwk.crv === 'P-521'; + break; + case 'Ed25519': + candidate = jwk.crv === 'Ed25519'; + break; + case 'EdDSA': + candidate = jwk.crv === 'Ed25519' || jwk.crv === 'Ed448'; + break; + } + } + return candidate; + }); + const { 0: jwk, length } = candidates; + if (length === 0) { + throw new JWKSNoMatchingKey(); + } + if (length !== 1) { + const error = new JWKSMultipleMatchingKeys(); + const { _cached } = this; + error[Symbol.asyncIterator] = async function* () { + for (const jwk of candidates) { + try { + yield await importWithAlgCache(_cached, jwk, alg); + } + catch { } + } + }; + throw error; + } + return importWithAlgCache(this._cached, jwk, alg); + } +} +async function importWithAlgCache(cache, jwk, alg) { + const cached = cache.get(jwk) || cache.set(jwk, {}).get(jwk); + if (cached[alg] === undefined) { + const key = await importJWK({ ...jwk, ext: true }, alg); + if (key instanceof Uint8Array || key.type !== 'public') { + throw new JWKSInvalid('JSON Web Key Set members must be public keys'); + } + cached[alg] = key; + } + return cached[alg]; +} +function createLocalJWKSet(jwks) { + const set = new LocalJWKSet(jwks); + const localJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token); + Object.defineProperties(localJWKSet, { + jwks: { + value: () => clone(set._jwks), + enumerable: true, + configurable: false, + writable: false, + }, + }); + return localJWKSet; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/remote.js + + + + +function isCloudflareWorkers() { + return (typeof WebSocketPair !== 'undefined' || + (typeof navigator !== 'undefined' && navigator.userAgent === 'Cloudflare-Workers') || + (typeof EdgeRuntime !== 'undefined' && EdgeRuntime === 'vercel')); +} +let USER_AGENT; +if (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) { + const NAME = 'jose'; + const VERSION = 'v5.10.0'; + USER_AGENT = `${NAME}/${VERSION}`; +} +const jwksCache = Symbol(); +function isFreshJwksCache(input, cacheMaxAge) { + if (typeof input !== 'object' || input === null) { + return false; + } + if (!('uat' in input) || typeof input.uat !== 'number' || Date.now() - input.uat >= cacheMaxAge) { + return false; + } + if (!('jwks' in input) || + !isObject(input.jwks) || + !Array.isArray(input.jwks.keys) || + !Array.prototype.every.call(input.jwks.keys, isObject)) { + return false; + } + return true; +} +class RemoteJWKSet { + constructor(url, options) { + if (!(url instanceof URL)) { + throw new TypeError('url must be an instance of URL'); + } + this._url = new URL(url.href); + this._options = { agent: options?.agent, headers: options?.headers }; + this._timeoutDuration = + typeof options?.timeoutDuration === 'number' ? options?.timeoutDuration : 5000; + this._cooldownDuration = + typeof options?.cooldownDuration === 'number' ? options?.cooldownDuration : 30000; + this._cacheMaxAge = typeof options?.cacheMaxAge === 'number' ? options?.cacheMaxAge : 600000; + if (options?.[jwksCache] !== undefined) { + this._cache = options?.[jwksCache]; + if (isFreshJwksCache(options?.[jwksCache], this._cacheMaxAge)) { + this._jwksTimestamp = this._cache.uat; + this._local = createLocalJWKSet(this._cache.jwks); + } + } + } + coolingDown() { + return typeof this._jwksTimestamp === 'number' + ? Date.now() < this._jwksTimestamp + this._cooldownDuration + : false; + } + fresh() { + return typeof this._jwksTimestamp === 'number' + ? Date.now() < this._jwksTimestamp + this._cacheMaxAge + : false; + } + async getKey(protectedHeader, token) { + if (!this._local || !this.fresh()) { + await this.reload(); + } + try { + return await this._local(protectedHeader, token); + } + catch (err) { + if (err instanceof JWKSNoMatchingKey) { + if (this.coolingDown() === false) { + await this.reload(); + return this._local(protectedHeader, token); + } + } + throw err; + } + } + async reload() { + if (this._pendingFetch && isCloudflareWorkers()) { + this._pendingFetch = undefined; + } + const headers = new Headers(this._options.headers); + if (USER_AGENT && !headers.has('User-Agent')) { + headers.set('User-Agent', USER_AGENT); + this._options.headers = Object.fromEntries(headers.entries()); + } + this._pendingFetch || (this._pendingFetch = fetch_jwks(this._url, this._timeoutDuration, this._options) + .then((json) => { + this._local = createLocalJWKSet(json); + if (this._cache) { + this._cache.uat = Date.now(); + this._cache.jwks = json; + } + this._jwksTimestamp = Date.now(); + this._pendingFetch = undefined; + }) + .catch((err) => { + this._pendingFetch = undefined; + throw err; + })); + await this._pendingFetch; + } +} +function createRemoteJWKSet(url, options) { + const set = new RemoteJWKSet(url, options); + const remoteJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token); + Object.defineProperties(remoteJWKSet, { + coolingDown: { + get: () => set.coolingDown(), + enumerable: true, + configurable: false, + }, + fresh: { + get: () => set.fresh(), + enumerable: true, + configurable: false, + }, + reload: { + value: () => set.reload(), + enumerable: true, + configurable: false, + writable: false, + }, + reloading: { + get: () => !!set._pendingFetch, + enumerable: true, + configurable: false, + }, + jwks: { + value: () => set._local?.jwks(), + enumerable: true, + configurable: false, + writable: false, + }, + }); + return remoteJWKSet; +} +const experimental_jwksCache = (/* unused pure expression or super */ null && (jwksCache)); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/verify.js + + + + +const verify = async (alg, key, signature, data) => { + const cryptoKey = await getCryptoKey(alg, key, 'verify'); + check_key_length(alg, cryptoKey); + const algorithm = subtleDsa(alg, cryptoKey.algorithm); + try { + return await webcrypto.subtle.verify(algorithm, cryptoKey, signature, data); + } + catch { + return false; + } +}; +/* harmony default export */ const runtime_verify = (verify); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_algorithms.js +const validateAlgorithms = (option, algorithms) => { + if (algorithms !== undefined && + (!Array.isArray(algorithms) || algorithms.some((s) => typeof s !== 'string'))) { + throw new TypeError(`"${option}" option must be an array of strings`); + } + if (!algorithms) { + return undefined; + } + return new Set(algorithms); +}; +/* harmony default export */ const validate_algorithms = (validateAlgorithms); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/verify.js + + + + + + + + + + + +async function flattenedVerify(jws, key, options) { + if (!isObject(jws)) { + throw new JWSInvalid('Flattened JWS must be an object'); + } + if (jws.protected === undefined && jws.header === undefined) { + throw new JWSInvalid('Flattened JWS must have either of the "protected" or "header" members'); + } + if (jws.protected !== undefined && typeof jws.protected !== 'string') { + throw new JWSInvalid('JWS Protected Header incorrect type'); + } + if (jws.payload === undefined) { + throw new JWSInvalid('JWS Payload missing'); + } + if (typeof jws.signature !== 'string') { + throw new JWSInvalid('JWS Signature missing or incorrect type'); + } + if (jws.header !== undefined && !isObject(jws.header)) { + throw new JWSInvalid('JWS Unprotected Header incorrect type'); + } + let parsedProt = {}; + if (jws.protected) { + try { + const protectedHeader = decode(jws.protected); + parsedProt = JSON.parse(decoder.decode(protectedHeader)); + } + catch { + throw new JWSInvalid('JWS Protected Header is invalid'); + } + } + if (!is_disjoint(parsedProt, jws.header)) { + throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint'); + } + const joseHeader = { + ...parsedProt, + ...jws.header, + }; + const extensions = validate_crit(JWSInvalid, new Map([['b64', true]]), options?.crit, parsedProt, joseHeader); + let b64 = true; + if (extensions.has('b64')) { + b64 = parsedProt.b64; + if (typeof b64 !== 'boolean') { + throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean'); + } + } + const { alg } = joseHeader; + if (typeof alg !== 'string' || !alg) { + throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid'); + } + const algorithms = options && validate_algorithms('algorithms', options.algorithms); + if (algorithms && !algorithms.has(alg)) { + throw new JOSEAlgNotAllowed('"alg" (Algorithm) Header Parameter value not allowed'); + } + if (b64) { + if (typeof jws.payload !== 'string') { + throw new JWSInvalid('JWS Payload must be a string'); + } + } + else if (typeof jws.payload !== 'string' && !(jws.payload instanceof Uint8Array)) { + throw new JWSInvalid('JWS Payload must be a string or an Uint8Array instance'); + } + let resolvedKey = false; + if (typeof key === 'function') { + key = await key(parsedProt, jws); + resolvedKey = true; + checkKeyTypeWithJwk(alg, key, 'verify'); + if (isJWK(key)) { + key = await importJWK(key, alg); + } + } + else { + checkKeyTypeWithJwk(alg, key, 'verify'); + } + const data = concat(encoder.encode(jws.protected ?? ''), encoder.encode('.'), typeof jws.payload === 'string' ? encoder.encode(jws.payload) : jws.payload); + let signature; + try { + signature = decode(jws.signature); + } + catch { + throw new JWSInvalid('Failed to base64url decode the signature'); + } + const verified = await runtime_verify(alg, key, signature, data); + if (!verified) { + throw new JWSSignatureVerificationFailed(); + } + let payload; + if (b64) { + try { + payload = decode(jws.payload); + } + catch { + throw new JWSInvalid('Failed to base64url decode the payload'); + } + } + else if (typeof jws.payload === 'string') { + payload = encoder.encode(jws.payload); + } + else { + payload = jws.payload; + } + const result = { payload }; + if (jws.protected !== undefined) { + result.protectedHeader = parsedProt; + } + if (jws.header !== undefined) { + result.unprotectedHeader = jws.header; + } + if (resolvedKey) { + return { ...result, key }; + } + return result; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/verify.js + + + +async function compactVerify(jws, key, options) { + if (jws instanceof Uint8Array) { + jws = decoder.decode(jws); + } + if (typeof jws !== 'string') { + throw new JWSInvalid('Compact JWS must be a string or Uint8Array'); + } + const { 0: protectedHeader, 1: payload, 2: signature, length } = jws.split('.'); + if (length !== 3) { + throw new JWSInvalid('Invalid Compact JWS'); + } + const verified = await flattenedVerify({ payload, protected: protectedHeader, signature }, key, options); + const result = { payload: verified.payload, protectedHeader: verified.protectedHeader }; + if (typeof key === 'function') { + return { ...result, key: verified.key }; + } + return result; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/jwt_claims_set.js + + + + + +const normalizeTyp = (value) => value.toLowerCase().replace(/^application\//, ''); +const checkAudiencePresence = (audPayload, audOption) => { + if (typeof audPayload === 'string') { + return audOption.includes(audPayload); + } + if (Array.isArray(audPayload)) { + return audOption.some(Set.prototype.has.bind(new Set(audPayload))); + } + return false; +}; +/* harmony default export */ const jwt_claims_set = ((protectedHeader, encodedPayload, options = {}) => { + let payload; + try { + payload = JSON.parse(decoder.decode(encodedPayload)); + } + catch { + } + if (!isObject(payload)) { + throw new JWTInvalid('JWT Claims Set must be a top-level JSON object'); + } + const { typ } = options; + if (typ && + (typeof protectedHeader.typ !== 'string' || + normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) { + throw new JWTClaimValidationFailed('unexpected "typ" JWT header value', payload, 'typ', 'check_failed'); + } + const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options; + const presenceCheck = [...requiredClaims]; + if (maxTokenAge !== undefined) + presenceCheck.push('iat'); + if (audience !== undefined) + presenceCheck.push('aud'); + if (subject !== undefined) + presenceCheck.push('sub'); + if (issuer !== undefined) + presenceCheck.push('iss'); + for (const claim of new Set(presenceCheck.reverse())) { + if (!(claim in payload)) { + throw new JWTClaimValidationFailed(`missing required "${claim}" claim`, payload, claim, 'missing'); + } + } + if (issuer && + !(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) { + throw new JWTClaimValidationFailed('unexpected "iss" claim value', payload, 'iss', 'check_failed'); + } + if (subject && payload.sub !== subject) { + throw new JWTClaimValidationFailed('unexpected "sub" claim value', payload, 'sub', 'check_failed'); + } + if (audience && + !checkAudiencePresence(payload.aud, typeof audience === 'string' ? [audience] : audience)) { + throw new JWTClaimValidationFailed('unexpected "aud" claim value', payload, 'aud', 'check_failed'); + } + let tolerance; + switch (typeof options.clockTolerance) { + case 'string': + tolerance = secs(options.clockTolerance); + break; + case 'number': + tolerance = options.clockTolerance; + break; + case 'undefined': + tolerance = 0; + break; + default: + throw new TypeError('Invalid clockTolerance option type'); + } + const { currentDate } = options; + const now = epoch(currentDate || new Date()); + if ((payload.iat !== undefined || maxTokenAge) && typeof payload.iat !== 'number') { + throw new JWTClaimValidationFailed('"iat" claim must be a number', payload, 'iat', 'invalid'); + } + if (payload.nbf !== undefined) { + if (typeof payload.nbf !== 'number') { + throw new JWTClaimValidationFailed('"nbf" claim must be a number', payload, 'nbf', 'invalid'); + } + if (payload.nbf > now + tolerance) { + throw new JWTClaimValidationFailed('"nbf" claim timestamp check failed', payload, 'nbf', 'check_failed'); + } + } + if (payload.exp !== undefined) { + if (typeof payload.exp !== 'number') { + throw new JWTClaimValidationFailed('"exp" claim must be a number', payload, 'exp', 'invalid'); + } + if (payload.exp <= now - tolerance) { + throw new JWTExpired('"exp" claim timestamp check failed', payload, 'exp', 'check_failed'); + } + } + if (maxTokenAge) { + const age = now - payload.iat; + const max = typeof maxTokenAge === 'number' ? maxTokenAge : secs(maxTokenAge); + if (age - tolerance > max) { + throw new JWTExpired('"iat" claim timestamp check failed (too far in the past)', payload, 'iat', 'check_failed'); + } + if (age < 0 - tolerance) { + throw new JWTClaimValidationFailed('"iat" claim timestamp check failed (it should be in the past)', payload, 'iat', 'check_failed'); + } + } + return payload; +}); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/verify.js + + + +async function jwtVerify(jwt, key, options) { + const verified = await compactVerify(jwt, key, options); + if (verified.protectedHeader.crit?.includes('b64') && verified.protectedHeader.b64 === false) { + throw new JWTInvalid('JWTs MUST NOT use unencoded payload'); + } + const payload = jwt_claims_set(verified.protectedHeader, verified.payload, options); + const result = { payload, protectedHeader: verified.protectedHeader }; + if (typeof key === 'function') { + return { ...result, key: verified.key }; + } + return result; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/digest.js + +const digest_digest = async (algorithm, data) => { + const subtleDigest = `SHA-${algorithm.slice(-3)}`; + return new Uint8Array(await webcrypto.subtle.digest(subtleDigest, data)); +}; +/* harmony default export */ const runtime_digest = (digest_digest); + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/jwk/thumbprint.js + + + + + +const check = (value, description) => { + if (typeof value !== 'string' || !value) { + throw new JWKInvalid(`${description} missing or invalid`); + } +}; +async function calculateJwkThumbprint(jwk, digestAlgorithm) { + if (!isObject(jwk)) { + throw new TypeError('JWK must be an object'); + } + digestAlgorithm ?? (digestAlgorithm = 'sha256'); + if (digestAlgorithm !== 'sha256' && + digestAlgorithm !== 'sha384' && + digestAlgorithm !== 'sha512') { + throw new TypeError('digestAlgorithm must one of "sha256", "sha384", or "sha512"'); + } + let components; + switch (jwk.kty) { + case 'EC': + check(jwk.crv, '"crv" (Curve) Parameter'); + check(jwk.x, '"x" (X Coordinate) Parameter'); + check(jwk.y, '"y" (Y Coordinate) Parameter'); + components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x, y: jwk.y }; + break; + case 'OKP': + check(jwk.crv, '"crv" (Subtype of Key Pair) Parameter'); + check(jwk.x, '"x" (Public Key) Parameter'); + components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x }; + break; + case 'RSA': + check(jwk.e, '"e" (Exponent) Parameter'); + check(jwk.n, '"n" (Modulus) Parameter'); + components = { e: jwk.e, kty: jwk.kty, n: jwk.n }; + break; + case 'oct': + check(jwk.k, '"k" (Key Value) Parameter'); + components = { k: jwk.k, kty: jwk.kty }; + break; + default: + throw new errors_JOSENotSupported('"kty" (Key Type) Parameter missing or unsupported'); + } + const data = encoder.encode(JSON.stringify(components)); + return encode(await runtime_digest(digestAlgorithm, data)); +} +async function calculateJwkThumbprintUri(jwk, digestAlgorithm) { + digestAlgorithm ?? (digestAlgorithm = 'sha256'); + const thumbprint = await calculateJwkThumbprint(jwk, digestAlgorithm); + return `urn:ietf:params:oauth:jwk-thumbprint:sha-${digestAlgorithm.slice(-3)}:${thumbprint}`; +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/generate.js + + + +async function generateSecret(alg, options) { + let length; + let algorithm; + let keyUsages; + switch (alg) { + case 'HS256': + case 'HS384': + case 'HS512': + length = parseInt(alg.slice(-3), 10); + algorithm = { name: 'HMAC', hash: `SHA-${length}`, length }; + keyUsages = ['sign', 'verify']; + break; + case 'A128CBC-HS256': + case 'A192CBC-HS384': + case 'A256CBC-HS512': + length = parseInt(alg.slice(-3), 10); + return random(new Uint8Array(length >> 3)); + case 'A128KW': + case 'A192KW': + case 'A256KW': + length = parseInt(alg.slice(1, 4), 10); + algorithm = { name: 'AES-KW', length }; + keyUsages = ['wrapKey', 'unwrapKey']; + break; + case 'A128GCMKW': + case 'A192GCMKW': + case 'A256GCMKW': + case 'A128GCM': + case 'A192GCM': + case 'A256GCM': + length = parseInt(alg.slice(1, 4), 10); + algorithm = { name: 'AES-GCM', length }; + keyUsages = ['encrypt', 'decrypt']; + break; + default: + throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value'); + } + return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages); +} +function getModulusLengthOption(options) { + const modulusLength = options?.modulusLength ?? 2048; + if (typeof modulusLength !== 'number' || modulusLength < 2048) { + throw new errors_JOSENotSupported('Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used'); + } + return modulusLength; +} +async function generateKeyPair(alg, options) { + let algorithm; + let keyUsages; + switch (alg) { + case 'PS256': + case 'PS384': + case 'PS512': + algorithm = { + name: 'RSA-PSS', + hash: `SHA-${alg.slice(-3)}`, + publicExponent: new Uint8Array([0x01, 0x00, 0x01]), + modulusLength: getModulusLengthOption(options), + }; + keyUsages = ['sign', 'verify']; + break; + case 'RS256': + case 'RS384': + case 'RS512': + algorithm = { + name: 'RSASSA-PKCS1-v1_5', + hash: `SHA-${alg.slice(-3)}`, + publicExponent: new Uint8Array([0x01, 0x00, 0x01]), + modulusLength: getModulusLengthOption(options), + }; + keyUsages = ['sign', 'verify']; + break; + case 'RSA-OAEP': + case 'RSA-OAEP-256': + case 'RSA-OAEP-384': + case 'RSA-OAEP-512': + algorithm = { + name: 'RSA-OAEP', + hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`, + publicExponent: new Uint8Array([0x01, 0x00, 0x01]), + modulusLength: getModulusLengthOption(options), + }; + keyUsages = ['decrypt', 'unwrapKey', 'encrypt', 'wrapKey']; + break; + case 'ES256': + algorithm = { name: 'ECDSA', namedCurve: 'P-256' }; + keyUsages = ['sign', 'verify']; + break; + case 'ES384': + algorithm = { name: 'ECDSA', namedCurve: 'P-384' }; + keyUsages = ['sign', 'verify']; + break; + case 'ES512': + algorithm = { name: 'ECDSA', namedCurve: 'P-521' }; + keyUsages = ['sign', 'verify']; + break; + case 'Ed25519': + algorithm = { name: 'Ed25519' }; + keyUsages = ['sign', 'verify']; + break; + case 'EdDSA': { + keyUsages = ['sign', 'verify']; + const crv = options?.crv ?? 'Ed25519'; + switch (crv) { + case 'Ed25519': + case 'Ed448': + algorithm = { name: crv }; + break; + default: + throw new errors_JOSENotSupported('Invalid or unsupported crv option provided'); + } + break; + } + case 'ECDH-ES': + case 'ECDH-ES+A128KW': + case 'ECDH-ES+A192KW': + case 'ECDH-ES+A256KW': { + keyUsages = ['deriveKey', 'deriveBits']; + const crv = options?.crv ?? 'P-256'; + switch (crv) { + case 'P-256': + case 'P-384': + case 'P-521': { + algorithm = { name: 'ECDH', namedCurve: crv }; + break; + } + case 'X25519': + case 'X448': + algorithm = { name: crv }; + break; + default: + throw new errors_JOSENotSupported('Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448'); + } + break; + } + default: + throw new errors_JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value'); + } + return webcrypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/key/generate_key_pair.js + +async function generate_key_pair_generateKeyPair(alg, options) { + return generateKeyPair(alg, options); +} + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/util/base64url.js + +const base64url_encode = encode; +const base64url_decode = decode; + +;// ./node_modules/solid-oidc/node_modules/jose/dist/browser/util/decode_jwt.js + + + + +function decodeJwt(jwt) { + if (typeof jwt !== 'string') + throw new JWTInvalid('JWTs must use Compact JWS serialization, JWT must be a string'); + const { 1: payload, length } = jwt.split('.'); + if (length === 5) + throw new JWTInvalid('Only JWTs using Compact JWS serialization can be decoded'); + if (length !== 3) + throw new JWTInvalid('Invalid JWT'); + if (!payload) + throw new JWTInvalid('JWTs must contain a payload'); + let decoded; + try { + decoded = base64url_decode(payload); + } + catch { + throw new JWTInvalid('Failed to base64url decode the payload'); + } + let result; + try { + result = JSON.parse(decoder.decode(decoded)); + } + catch { + throw new JWTInvalid('Failed to parse the decoded payload as JSON'); + } + if (!isObject(result)) + throw new JWTInvalid('Invalid JWT Claims Set'); + return result; +} + +;// ./node_modules/solid-oidc/solid-oidc.js +/** + * solid-oidc.js - Minimal Solid-OIDC client for browsers + * + * A zero-build, single-file Solid-OIDC authentication library. + * + * @license MIT + * @author JavaScriptSolidServer + * @see https://github.com/JavaScriptSolidServer/solid-oidc + * + * Based on solid-oidc-client-browser by uvdsl (Christoph Braun) + * @see https://github.com/uvdsl/solid-oidc-client-browser + * + * Implements: + * - RFC 6749 - OAuth 2.0 + * - RFC 7636 - PKCE + * - RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification + * - RFC 9449 - DPoP (Demonstration of Proof-of-Possession) + * - Solid-OIDC Specification + */ + + + +// ============================================================================ +// Session Events +// ============================================================================ + +const SessionEvents = { + STATE_CHANGE: 'sessionStateChange', + EXPIRATION_WARNING: 'sessionExpirationWarning', + EXPIRATION: 'sessionExpiration' +} + +// ============================================================================ +// Session Database Interface (IndexedDB Implementation) +// ============================================================================ + +class SessionDatabase { + constructor(dbName = 'solid-oidc', storeName = 'session', dbVersion = 1) { + this.dbName = dbName + this.storeName = storeName + this.dbVersion = dbVersion + this.db = null + } + + async init() { + return new Promise((resolve, reject) => { + const request = indexedDB.open(this.dbName, this.dbVersion) + request.onerror = () => reject(new Error(`Database error: ${request.error}`)) + request.onsuccess = () => { + this.db = request.result + resolve(this) + } + request.onupgradeneeded = (event) => { + const db = event.target.result + if (!db.objectStoreNames.contains(this.storeName)) { + db.createObjectStore(this.storeName) + } + } + }) + } + + async setItem(id, value) { + if (!this.db) await this.init() + return new Promise((resolve, reject) => { + const tx = this.db.transaction(this.storeName, 'readwrite') + tx.oncomplete = () => resolve() + tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`)) + tx.objectStore(this.storeName).put(value, id) + }) + } + + async getItem(id) { + if (!this.db) await this.init() + return new Promise((resolve, reject) => { + const tx = this.db.transaction(this.storeName, 'readonly') + tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`)) + const request = tx.objectStore(this.storeName).get(id) + request.onsuccess = () => resolve(request.result || null) + }) + } + + async deleteItem(id) { + if (!this.db) await this.init() + return new Promise((resolve, reject) => { + const tx = this.db.transaction(this.storeName, 'readwrite') + tx.oncomplete = () => resolve() + tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`)) + tx.objectStore(this.storeName).delete(id) + }) + } + + async clear() { + if (!this.db) await this.init() + return new Promise((resolve, reject) => { + const tx = this.db.transaction(this.storeName, 'readwrite') + tx.oncomplete = () => resolve() + tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`)) + tx.objectStore(this.storeName).clear() + }) + } + + close() { + if (this.db) { + this.db.close() + this.db = null + } + } +} + +// ============================================================================ +// PKCE Helper (RFC 7636) +// ============================================================================ + +async function generatePKCE() { + const verifier = crypto.randomUUID() + '-' + crypto.randomUUID() + const digest = new Uint8Array( + await crypto.subtle.digest('SHA-256', new TextEncoder().encode(verifier)) + ) + const challenge = btoa(String.fromCharCode(...digest)) + .replace(/\+/g, '-') + .replace(/\//g, '_') + .replace(/=+$/, '') + return { verifier, challenge } +} + +// ============================================================================ +// DPoP Helper (RFC 9449) +// ============================================================================ + +async function createDPoPToken(keyPair, htu, htm, ath = null) { + const publicJwk = await exportJWK(keyPair.publicKey) + const payload = { htu, htm } + if (ath) payload.ath = ath + + return new SignJWT(payload) + .setIssuedAt() + .setJti(crypto.randomUUID()) + .setProtectedHeader({ alg: 'ES256', typ: 'dpop+jwt', jwk: publicJwk }) + .sign(keyPair.privateKey) +} + +async function computeAth(accessToken) { + const data = new TextEncoder().encode(accessToken) + const hashBuffer = await crypto.subtle.digest('SHA-256', data) + const hashArray = Array.from(new Uint8Array(hashBuffer)) + return btoa(String.fromCharCode(...hashArray)) + .replace(/\+/g, '-') + .replace(/\//g, '_') + .replace(/=+$/, '') +} + +// ============================================================================ +// OIDC Discovery +// ============================================================================ + +async function discoverOIDC(idp) { + const origin = new URL(idp).origin + const response = await fetch(`${origin}/.well-known/openid-configuration`) + if (!response.ok) throw new Error(`OIDC discovery failed: ${response.status}`) + return response.json() +} + +// ============================================================================ +// Dynamic Client Registration +// ============================================================================ + +async function registerClient(registrationEndpoint, redirectUris) { + const response = await fetch(registrationEndpoint, { + method: 'POST', + headers: { 'Content-Type': 'application/json' }, + body: JSON.stringify({ + application_type: 'web', + redirect_uris: redirectUris, + token_endpoint_auth_method: 'none', + grant_types: ['authorization_code', 'refresh_token'], + response_types: ['code'], + scope: 'openid offline_access webid' + }) + }) + if (!response.ok) throw new Error(`Client registration failed: ${response.status}`) + return response.json() +} + +// ============================================================================ +// Token Request +// ============================================================================ + +async function requestTokens(tokenEndpoint, params, keyPair) { + const dpop = await createDPoPToken(keyPair, tokenEndpoint, 'POST') + const response = await fetch(tokenEndpoint, { + method: 'POST', + headers: { + 'Content-Type': 'application/x-www-form-urlencoded', + 'DPoP': dpop + }, + body: new URLSearchParams(params) + }) + if (!response.ok) throw new Error(`Token request failed: ${response.status}`) + return response.json() +} + +// ============================================================================ +// Token Validation +// ============================================================================ + +async function validateAccessToken(accessToken, jwksUri, issuer, clientId, keyPair) { + const jwks = createRemoteJWKSet(new URL(jwksUri)) + const { payload } = await jwtVerify(accessToken, jwks, { + issuer, + audience: 'solid' + }) + + // Verify DPoP binding + const thumbprint = await calculateJwkThumbprint(await exportJWK(keyPair.publicKey)) + if (payload.cnf?.jkt !== thumbprint) { + throw new Error('DPoP thumbprint mismatch') + } + + // Verify client_id + if (payload.client_id !== clientId) { + throw new Error('client_id mismatch') + } + + return payload +} + +// ============================================================================ +// Refresh Token Grant +// ============================================================================ + +async function refreshTokens(database) { + await database.init() + + const [refreshToken, tokenEndpoint, clientId, keyPair] = await Promise.all([ + database.getItem('refresh_token'), + database.getItem('token_endpoint'), + database.getItem('client_id'), + database.getItem('dpop_keypair') + ]) + + if (!refreshToken || !tokenEndpoint || !clientId || !keyPair) { + throw new Error('Missing refresh data') + } + + const tokens = await requestTokens(tokenEndpoint, { + grant_type: 'refresh_token', + refresh_token: refreshToken, + client_id: clientId + }, keyPair) + + // Persist new refresh token if provided + if (tokens.refresh_token) { + await database.setItem('refresh_token', tokens.refresh_token) + } + + database.close() + return { ...tokens, dpop_key_pair: keyPair } +} + +// ============================================================================ +// Main Session Class +// ============================================================================ + +class solid_oidc_Session extends EventTarget { + constructor(options = {}) { + super() + this.clientId = options.clientId || null + this.database = options.database || new SessionDatabase() + this.onStateChange = options.onStateChange || null + this.onExpirationWarning = options.onExpirationWarning || null + this.onExpiration = options.onExpiration || null + + // Internal state + this._isActive = false + this._webId = null + this._exp = null + this._ath = null + this._tokens = null + this._idpDetails = null + this._refreshPromise = null + + // Set up event listeners + if (this.onStateChange) { + this.addEventListener(SessionEvents.STATE_CHANGE, this.onStateChange) + } + if (this.onExpirationWarning) { + this.addEventListener(SessionEvents.EXPIRATION_WARNING, this.onExpirationWarning) + } + if (this.onExpiration) { + this.addEventListener(SessionEvents.EXPIRATION, this.onExpiration) + } + } + + // ========================================================================== + // Public API + // ========================================================================== + + get isActive() { return this._isActive } + get webId() { return this._webId } + + isExpired() { + if (!this._exp) return true + return Math.floor(Date.now() / 1000) >= this._exp + } + + getExpiresIn() { + if (!this._exp) return -1 + return this._exp - Math.floor(Date.now() / 1000) + } + + /** + * Redirect user to identity provider for login + */ + async login(idp, redirectUri) { + // Sanitize redirect URI (RFC 6749 Section 3.1.2) + const redirectUrl = new URL(redirectUri) + const sanitizedRedirect = redirectUrl.origin + redirectUrl.pathname + redirectUrl.search + + // OIDC Discovery + const config = await discoverOIDC(idp) + + // RFC 9207: Verify issuer + const issuer = config.issuer + const trimSlash = (s) => s.endsWith('/') ? s.slice(0, -1) : s + if (trimSlash(idp) !== trimSlash(issuer)) { + throw new Error(`Issuer mismatch: ${issuer} !== ${idp}`) + } + + // Store IDP details + sessionStorage.setItem('solid_oidc_idp', issuer) + sessionStorage.setItem('solid_oidc_token_endpoint', config.token_endpoint) + sessionStorage.setItem('solid_oidc_jwks_uri', config.jwks_uri) + + // Get or register client_id + let clientId = this.clientId + if (!clientId) { + const registration = await registerClient(config.registration_endpoint, [sanitizedRedirect]) + clientId = registration.client_id + sessionStorage.setItem('solid_oidc_client_id', clientId) + } + + // PKCE (RFC 7636) + const pkce = await generatePKCE() + sessionStorage.setItem('solid_oidc_pkce_verifier', pkce.verifier) + + // CSRF token + const csrfToken = crypto.randomUUID() + sessionStorage.setItem('solid_oidc_csrf', csrfToken) + + // Build authorization URL + const authUrl = new URL(config.authorization_endpoint) + authUrl.searchParams.set('response_type', 'code') + authUrl.searchParams.set('redirect_uri', sanitizedRedirect) + authUrl.searchParams.set('scope', 'openid offline_access webid') + authUrl.searchParams.set('client_id', clientId) + authUrl.searchParams.set('code_challenge_method', 'S256') + authUrl.searchParams.set('code_challenge', pkce.challenge) + authUrl.searchParams.set('state', csrfToken) + authUrl.searchParams.set('prompt', 'consent') + + // Redirect to IDP + window.location.href = authUrl.toString() + } + + /** + * Handle redirect from identity provider after login + */ + async handleRedirectFromLogin() { + const url = new URL(window.location.href) + const code = url.searchParams.get('code') + + // No code = not a redirect, nothing to do + if (!code) return + + // RFC 9207: Verify issuer + const idp = sessionStorage.getItem('solid_oidc_idp') + const iss = url.searchParams.get('iss') + if (!idp || iss !== idp) { + throw new Error(`Issuer mismatch: ${iss} !== ${idp}`) + } + + // RFC 6749: Verify CSRF token + const csrf = sessionStorage.getItem('solid_oidc_csrf') + if (url.searchParams.get('state') !== csrf) { + throw new Error('CSRF token mismatch') + } + + // Clean URL + url.searchParams.delete('code') + url.searchParams.delete('iss') + url.searchParams.delete('state') + window.history.replaceState({}, document.title, url.toString()) + + // Get stored values + const pkceVerifier = sessionStorage.getItem('solid_oidc_pkce_verifier') + const tokenEndpoint = sessionStorage.getItem('solid_oidc_token_endpoint') + const jwksUri = sessionStorage.getItem('solid_oidc_jwks_uri') + const clientId = this.clientId || sessionStorage.getItem('solid_oidc_client_id') + + if (!pkceVerifier || !tokenEndpoint || !clientId) { + throw new Error('Missing session data') + } + + // Generate DPoP key pair + const keyPair = await generate_key_pair_generateKeyPair('ES256') + + // Exchange code for tokens + const tokens = await requestTokens(tokenEndpoint, { + grant_type: 'authorization_code', + code, + code_verifier: pkceVerifier, + redirect_uri: url.origin + url.pathname, + client_id: clientId + }, keyPair) + + // Validate access token + await validateAccessToken(tokens.access_token, jwksUri, idp, clientId, keyPair) + + // Store IDP details + this._idpDetails = { idp, jwksUri, tokenEndpoint } + + // Persist for refresh + await this.database.init() + await Promise.all([ + this.database.setItem('idp', idp), + this.database.setItem('jwks_uri', jwksUri), + this.database.setItem('token_endpoint', tokenEndpoint), + this.database.setItem('client_id', clientId), + this.database.setItem('dpop_keypair', keyPair), + this.database.setItem('refresh_token', tokens.refresh_token) + ]) + this.database.close() + + // Clean session storage + sessionStorage.removeItem('solid_oidc_idp') + sessionStorage.removeItem('solid_oidc_token_endpoint') + sessionStorage.removeItem('solid_oidc_jwks_uri') + sessionStorage.removeItem('solid_oidc_client_id') + sessionStorage.removeItem('solid_oidc_pkce_verifier') + sessionStorage.removeItem('solid_oidc_csrf') + + // Update session state + await this._setTokens({ ...tokens, dpop_key_pair: keyPair }) + this._dispatchStateChange() + } + + /** + * Restore session using stored refresh token + */ + async restore() { + if (this._refreshPromise) return this._refreshPromise + + this._refreshPromise = (async () => { + try { + const tokens = await refreshTokens(this.database) + await this._setTokens(tokens) + this._dispatchStateChange() + } catch (error) { + if (this._isActive) { + if (!this.isExpired()) { + this._dispatchExpirationWarning() + } else { + this._dispatchExpiration() + } + } + throw error + } finally { + this._refreshPromise = null + } + })() + + return this._refreshPromise + } + + /** + * Log out and clear all session data + */ + async logout() { + this._isActive = false + this._webId = null + this._exp = null + this._ath = null + this._tokens = null + this._idpDetails = null + + await this.database.init() + await this.database.clear() + this.database.close() + + this._dispatchStateChange() + } + + /** + * Make authenticated fetch request with DPoP + */ + async authFetch(input, init = {}) { + // No session = regular fetch + if (!this._isActive) { + return fetch(input, init) + } + + // Refresh if expired + if (this.isExpired()) { + await this.restore() + } + + // Parse request + let url, method, headers + if (input instanceof Request) { + url = new URL(input.url) + method = init.method || input.method || 'GET' + headers = new Headers(input.headers) + } else { + url = new URL(input.toString()) + method = init.method || 'GET' + headers = init.headers ? new Headers(init.headers) : new Headers() + } + + // Create DPoP proof + const dpop = await createDPoPToken( + this._tokens.dpop_key_pair, + `${url.origin}${url.pathname}`, + method.toUpperCase(), + this._ath + ) + + // Set auth headers + headers.set('DPoP', dpop) + headers.set('Authorization', `DPoP ${this._tokens.access_token}`) + + // Make request + if (input instanceof Request) { + return fetch(new Request(input, { ...init, headers })) + } + return fetch(url, { ...init, headers }) + } + + // ========================================================================== + // Internal Methods + // ========================================================================== + + async _setTokens(tokens) { + this._tokens = tokens + + const decoded = decodeJwt(tokens.access_token) + if (!decoded.webid) throw new Error('Missing webid claim') + if (!decoded.exp) throw new Error('Missing exp claim') + + this._ath = await computeAth(tokens.access_token) + this._webId = decoded.webid + this._exp = decoded.exp + this._isActive = true + } + + _dispatchStateChange() { + this.dispatchEvent(new CustomEvent(SessionEvents.STATE_CHANGE, { + detail: { isActive: this._isActive, webId: this._webId } + })) + } + + _dispatchExpirationWarning() { + this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION_WARNING, { + detail: { expires_in: this.getExpiresIn() } + })) + } + + _dispatchExpiration() { + this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION)) + } +} + +// ============================================================================ +// Default Export +// ============================================================================ + +/* harmony default export */ const solid_oidc = ((/* unused pure expression or super */ null && (solid_oidc_Session))); + +;// ./src/authSession/solidOidcAdapter.ts +/** + * Adapter to make solid-oidc compatible with @inrupt/solid-client-authn-browser API + * + * This provides a drop-in replacement for the Inrupt Session class using the minimal + * solid-oidc library from JavaScriptSolidServer. + * + * @see https://github.com/JavaScriptSolidServer/solid-oidc + */ + +/** + * Event names compatible with @inrupt/solid-client-authn-browser + */ +const EVENTS = { + SESSION_RESTORED: 'sessionRestore', + LOGIN: 'login', + LOGOUT: 'logout', + SESSION_EXPIRED: 'sessionExpired', + ERROR: 'error' +}; +/** + * Simple event emitter for compatibility with Inrupt's session.events API + */ +class EventEmitter { + constructor() { + this.listeners = new Map(); + } + on(event, callback) { + if (!this.listeners.has(event)) { + this.listeners.set(event, new Set()); + } + this.listeners.get(event).add(callback); + } + off(event, callback) { + var _a; + (_a = this.listeners.get(event)) === null || _a === void 0 ? void 0 : _a.delete(callback); + } + emit(event, ...args) { + var _a; + (_a = this.listeners.get(event)) === null || _a === void 0 ? void 0 : _a.forEach(cb => cb(...args)); + } +} +/** + * Session class that wraps solid-oidc to provide @inrupt/solid-client-authn-browser compatible API + */ +class Session { + constructor(options) { + this._session = new solid_oidc_Session({ + clientId: options === null || options === void 0 ? void 0 : options.clientId, + database: new SessionDatabase(), + onStateChange: (event) => { + const detail = event.detail; + if (detail === null || detail === void 0 ? void 0 : detail.isActive) { + this._events.emit(EVENTS.LOGIN); + this._events.emit(EVENTS.SESSION_RESTORED, window.location.href); + } + else { + this._events.emit(EVENTS.LOGOUT); + } + }, + onExpiration: () => { + this._events.emit(EVENTS.SESSION_EXPIRED); + } + }); + this._events = new EventEmitter(); + this._sessionId = crypto.randomUUID(); + } + /** + * Event emitter for session events + */ + get events() { + return this._events; + } + /** + * Session information + */ + get info() { + var _a; + return { + isLoggedIn: this._session.isActive, + webId: (_a = this._session.webId) !== null && _a !== void 0 ? _a : undefined, + sessionId: this._sessionId, + expirationDate: this._session.isActive + ? Date.now() + (this._session.getExpiresIn() * 1000) + : undefined + }; + } + /** + * Handle incoming redirect from identity provider + */ + async handleIncomingRedirect(options) { + // Handle string URL (legacy API) + const opts = typeof options === 'string' + ? { url: options } + : options !== null && options !== void 0 ? options : {}; + try { + // First handle any redirect from login + await this._session.handleRedirectFromLogin(); + // If not logged in and restorePreviousSession is true, try to restore + if (!this._session.isActive && opts.restorePreviousSession !== false) { + try { + await this._session.restore(); + } + catch { + // No session to restore, that's okay + } + } + return this.info; + } + catch (error) { + this._events.emit(EVENTS.ERROR, error); + return undefined; + } + } + /** + * Initiate login flow + */ + async login(options) { + const redirectUrl = options.redirectUrl || window.location.href; + await this._session.login(options.oidcIssuer, redirectUrl); + } + /** + * Log out and clear session + */ + async logout() { + await this._session.logout(); + } + /** + * Make authenticated fetch request + */ + async fetch(url, init) { + return this._session.authFetch(url, init); + } +} +/* harmony default export */ const solidOidcAdapter = ((/* unused pure expression or super */ null && (Session))); + +;// ./src/authSession/authSession.ts + +const authSession = new Session(); + +// EXTERNAL MODULE: external "$rdf" +var external_$rdf_ = __webpack_require__(264); +// EXTERNAL MODULE: ./node_modules/solid-namespace/index.js +var solid_namespace = __webpack_require__(386); +var solid_namespace_default = /*#__PURE__*/__webpack_require__.n(solid_namespace); +;// ./src/util/ns.ts +// Namespaces we commonly use and have common prefixes for around Solid + // Delegate to this which takes RDFlib as param. + +const ns_ns = solid_namespace_default()(external_$rdf_); + +;// ./src/acl/aclLogic.ts + + +const ACL_LINK = (0,external_$rdf_.sym)('http://www.iana.org/assignments/link-relations/acl'); +function createAclLogic(store) { + const ns = ns_ns; + async function findAclDocUrl(url) { + await store.fetcher.load(url); + const docNode = store.any(url, ACL_LINK); + if (!docNode) { + throw new Error(`No ACL link discovered for ${url}`); + } + return docNode.value; + } + /** + * Simple Access Control + * + * This function sets up a simple default ACL for a resource, with + * RWC for the owner, and a specified access (default none) for the public. + * In all cases owner has read write control. + * Parameter lists modes allowed to public + * + * @param options + * @param options.public eg ['Read', 'Write'] + * + * @returns Resolves with aclDoc uri on successful write + */ + function setACLUserPublic(docURI, me, options) { + const aclDoc = store.any(store.sym(docURI), ACL_LINK); + return Promise.resolve() + .then(() => { + if (aclDoc) { + return aclDoc; + } + return fetchACLRel(docURI).catch(err => { + throw new Error(`Error fetching rel=ACL header for ${docURI}: ${err}`); + }); + }) + .then(aclDoc => { + const aclText = genACLText(docURI, me, aclDoc.uri, options); + if (!store.fetcher) { + throw new Error('Cannot PUT this, store has no fetcher'); + } + return store.fetcher + .webOperation('PUT', aclDoc.uri, { + data: aclText, + contentType: 'text/turtle' + }) + .then(result => { + if (!result.ok) { + throw new Error('Error writing ACL text: ' + result.error); + } + return aclDoc; + }); + }); + } + /** + * @param docURI + * @returns + */ + function fetchACLRel(docURI) { + const fetcher = store.fetcher; + if (!fetcher) { + throw new Error('Cannot fetch ACL rel, store has no fetcher'); + } + return fetcher.load(docURI).then(result => { + if (!result.ok) { + throw new Error('fetchACLRel: While loading:' + result.error); + } + const aclDoc = store.any(store.sym(docURI), ACL_LINK); + if (!aclDoc) { + throw new Error('fetchACLRel: No Link rel=ACL header for ' + docURI); + } + return aclDoc; + }); + } + /** + * @param docURI + * @param me + * @param aclURI + * @param options + * + * @returns Serialized ACL + */ + function genACLText(docURI, me, aclURI, options = {}) { + const optPublic = options.public || []; + const g = (0,external_$rdf_.graph)(); + const auth = (0,external_$rdf_.Namespace)('http://www.w3.org/ns/auth/acl#'); + let a = g.sym(`${aclURI}#a1`); + const acl = g.sym(aclURI); + const doc = g.sym(docURI); + g.add(a, ns.rdf('type'), auth('Authorization'), acl); + g.add(a, auth('accessTo'), doc, acl); + if (options.defaultForNew) { + g.add(a, auth('default'), doc, acl); + } + g.add(a, auth('agent'), me, acl); + g.add(a, auth('mode'), auth('Read'), acl); + g.add(a, auth('mode'), auth('Write'), acl); + g.add(a, auth('mode'), auth('Control'), acl); + if (optPublic.length) { + a = g.sym(`${aclURI}#a2`); + g.add(a, ns.rdf('type'), auth('Authorization'), acl); + g.add(a, auth('accessTo'), doc, acl); + g.add(a, auth('agentClass'), ns.foaf('Agent'), acl); + for (let p = 0; p < optPublic.length; p++) { + g.add(a, auth('mode'), auth(optPublic[p]), acl); // Like 'Read' etc + } + } + return (0,external_$rdf_.serialize)(acl, g, aclURI); + } + return { + findAclDocUrl, + setACLUserPublic, + genACLText + }; +} + +;// ./src/authn/authUtil.ts + + +/** + * find a user or app's context as set in window.SolidAppContext + * this is a const, not a function, because we have problems to jest mock it otherwise + * see: https://github.com/facebook/jest/issues/936#issuecomment-545080082 for more + * @return {any} - an appContext object + */ +const appContext = () => { + let { SolidAppContext } = window; + SolidAppContext || (SolidAppContext = {}); + SolidAppContext.viewingNoAuthPage = false; + if (SolidAppContext.noAuth && window.document) { + const currentPage = window.document.location.href; + if (currentPage.startsWith(SolidAppContext.noAuth)) { + SolidAppContext.viewingNoAuthPage = true; + const params = new URLSearchParams(window.document.location.search); + if (params) { + let viewedPage = SolidAppContext.viewedPage = params.get('uri') || null; + if (viewedPage) { + viewedPage = decodeURI(viewedPage); + if (!viewedPage.startsWith(SolidAppContext.noAuth)) { + const ary = viewedPage.split(/\//); + SolidAppContext.idp = ary[0] + '//' + ary[2]; + SolidAppContext.viewingNoAuthPage = false; + } + } + } + } + } + return SolidAppContext; +}; +/** + * Returns `sym($SolidTestEnvironment.username)` if + * `$SolidTestEnvironment.username` is defined as a global + * or + * returns testID defined in the HTML page + * @returns {NamedNode|null} + */ +function offlineTestID() { + const { $SolidTestEnvironment } = window; + if (typeof $SolidTestEnvironment !== 'undefined' && + $SolidTestEnvironment.username) { + // Test setup + log('Assuming the user is ' + $SolidTestEnvironment.username); + return (0,external_$rdf_.sym)($SolidTestEnvironment.username); + } + // hack that makes SolidOS work in offline mode by adding the webId directly in html + // example usage: https://github.com/solidos/mashlib/blob/29b8b53c46bf02e0e219f0bacd51b0e9951001dd/test/contact/local.html#L37 + if (typeof document !== 'undefined' && + document.location && + ('' + document.location).slice(0, 16) === 'http://localhost') { + const div = document.getElementById('appTarget'); + if (!div) + return null; + const id = div.getAttribute('testID'); + if (!id) + return null; + log('Assuming user is ' + id); + return (0,external_$rdf_.sym)(id); + } + return null; +} + +;// ./src/authn/SolidAuthnLogic.ts + + + + +class SolidAuthnLogic { + constructor(solidAuthSession) { + this.session = solidAuthSession; + } + // we created authSession getter because we want to access it as authn.authSession externally + get authSession() { return this.session; } + currentUser() { + const app = appContext(); + if (app.viewingNoAuthPage) { + return (0,external_$rdf_.sym)(app.webId); + } + if (this && this.session && this.session.info && this.session.info.webId && this.session.info.isLoggedIn) { + return (0,external_$rdf_.sym)(this.session.info.webId); + } + return offlineTestID(); // null unless testing + } + /** + * Retrieves currently logged in webId from either + * defaultTestUser or SolidAuth + * Also activates a session after login + * @param [setUserCallback] Optional callback + * @returns Resolves with webId uri, if no callback provided + */ + async checkUser(setUserCallback) { + // Save hash for "restorePreviousSession" + const preLoginRedirectHash = new URL(window.location.href).hash; + if (preLoginRedirectHash) { + window.localStorage.setItem('preLoginRedirectHash', preLoginRedirectHash); + } + this.session.events.on(EVENTS.SESSION_RESTORED, (url) => { + log(`Session restored to ${url}`); + if (document.location.toString() !== url) + history.replaceState(null, '', url); + }); + /** + * Handle a successful authentication redirect + */ + const redirectUrl = new URL(window.location.href); + redirectUrl.hash = ''; + await this.session + .handleIncomingRedirect({ + restorePreviousSession: true, + url: redirectUrl.href + }); + // Check to see if a hash was stored in local storage + const postLoginRedirectHash = window.localStorage.getItem('preLoginRedirectHash'); + if (postLoginRedirectHash) { + const curUrl = new URL(window.location.href); + if (curUrl.hash !== postLoginRedirectHash) { + if (history.pushState) { + // debug.log('Setting window.location.has using pushState') + history.pushState(null, document.title, postLoginRedirectHash); + } + else { + // debug.warn('Setting window.location.has using location.hash') + location.hash = postLoginRedirectHash; + } + curUrl.hash = postLoginRedirectHash; + } + // See https://stackoverflow.com/questions/3870057/how-can-i-update-window-location-hash-without-jumping-the-document + // window.location.href = curUrl.toString()// @@ See https://developer.mozilla.org/en-US/docs/Web/API/Window/location + window.localStorage.setItem('preLoginRedirectHash', ''); + } + // Check to see if already logged in / have the WebID + let me = offlineTestID(); + if (me) { + return Promise.resolve(setUserCallback ? setUserCallback(me) : me); + } + const webId = this.webIdFromSession(this.session.info); + if (webId) { + me = this.saveUser(webId); + } + if (me) { + log(`(Logged in as ${me} by authentication)`); + } + return Promise.resolve(setUserCallback ? setUserCallback(me) : me); + } + /** + * Saves `webId` in `context.me` + * @param webId + * @param context + * + * @returns Returns the WebID, after setting it + */ + saveUser(webId, context) { + let webIdUri; + if (webId) { + webIdUri = (typeof webId === 'string') ? webId : webId.uri; + const me = (0,external_$rdf_.namedNode)(webIdUri); + if (context) { + context.me = me; + } + return me; + } + return null; + } + /** + * @returns {Promise} Resolves with WebID URI or null + */ + webIdFromSession(session) { + const webId = (session === null || session === void 0 ? void 0 : session.webId) && session.isLoggedIn ? session.webId : null; + return webId; + } +} + +;// ./src/util/utils.ts + +function newThing(doc) { + return (0,external_$rdf_.sym)(doc.uri + '#' + 'id' + ('' + Date.now())); +} +function uniqueNodes(arr) { + const uris = arr.map(x => x.uri); + const set = new Set(uris); + const uris2 = Array.from(set); + const arr2 = uris2.map(u => new NamedNode(u)); + return arr2; // Array.from(new Set(arr.map(x => x.uri))).map(u => sym(u)) +} +function getArchiveUrl(baseUrl, date) { + const year = date.getUTCFullYear(); + const month = ('0' + (date.getUTCMonth() + 1)).slice(-2); + const day = ('0' + (date.getUTCDate())).slice(-2); + const parts = baseUrl.split('/'); + const filename = parts[parts.length - 1]; + return new URL(`./archive/${year}/${month}/${day}/${filename}`, baseUrl).toString(); +} +function differentOrigin(doc) { + if (!doc) { + return true; + } + return (`${window.location.origin}/` !== new URL(doc.value).origin); +} +function suggestPreferencesFile(me) { + const stripped = me.uri.replace('/profile/', '/').replace('/public/', '/'); + // const stripped = me.uri.replace(\/[p|P]rofile/\g, '/').replace(\/[p|P]ublic/\g, '/') + const folderURI = stripped.split('/').slice(0, -1).join('/') + '/Settings/'; + const fileURI = folderURI + 'Preferences.ttl'; + return (0,external_$rdf_.sym)(fileURI); +} +function determineChatContainer(invitee, podRoot) { + // Create chat + // See https://gitter.im/solid/chat-app?at=5f3c800f855be416a23ae74a + const chatContainerStr = new URL(`IndividualChats/${new URL(invitee.value).host}/`, podRoot.value).toString(); + return new external_$rdf_.NamedNode(chatContainerStr); +} + +;// ./src/chat/chatLogic.ts + + + +const CHAT_LOCATION_IN_CONTAINER = 'index.ttl#this'; +function createChatLogic(store, profileLogic) { + const ns = ns_ns; + async function setAcl(chatContainer, me, invitee) { + // Some servers don't present a Link http response header + // if the container doesn't exist yet, so refetch the container + // now that it has been created: + await store.fetcher.load(chatContainer); + // FIXME: check the Why value on this quad: + const chatAclDoc = store.any(chatContainer, new external_$rdf_.NamedNode('http://www.iana.org/assignments/link-relations/acl')); + if (!chatAclDoc) { + throw new Error('Chat ACL doc not found!'); + } + const aclBody = ` + @prefix acl: . + <#owner> + a acl:Authorization; + acl:agent <${me.value}>; + acl:accessTo <.>; + acl:default <.>; + acl:mode + acl:Read, acl:Write, acl:Control. + <#invitee> + a acl:Authorization; + acl:agent <${invitee.value}>; + acl:accessTo <.>; + acl:default <.>; + acl:mode + acl:Read, acl:Append. + `; + await store.fetcher.webOperation('PUT', chatAclDoc.value, { + data: aclBody, + contentType: 'text/turtle', + }); + } + async function addToPrivateTypeIndex(chatThing, me) { + // Add to private type index + const privateTypeIndex = store.any(me, ns.solid('privateTypeIndex')); + if (!privateTypeIndex) { + throw new Error('Private type index not found!'); + } + await store.fetcher.load(privateTypeIndex); + const reg = newThing(privateTypeIndex); + const ins = [ + (0,external_$rdf_.st)(reg, ns.rdf('type'), ns.solid('TypeRegistration'), privateTypeIndex.doc()), + (0,external_$rdf_.st)(reg, ns.solid('forClass'), ns.meeting('LongChat'), privateTypeIndex.doc()), + (0,external_$rdf_.st)(reg, ns.solid('instance'), chatThing, privateTypeIndex.doc()), + ]; + await new Promise((resolve, reject) => { + store.updater.update([], ins, function (_uri, ok, errm) { + if (!ok) { + reject(new Error(errm)); + } + else { + resolve(null); + } + }); + }); + } + async function findChat(invitee) { + const me = await profileLogic.loadMe(); + const podRoot = await profileLogic.getPodRoot(me); + const chatContainer = determineChatContainer(invitee, podRoot); + let exists = true; + try { + await store.fetcher.load(new external_$rdf_.NamedNode(chatContainer.value + 'index.ttl#this')); + } + catch (e) { + exists = false; + } + return { me, chatContainer, exists }; + } + async function createChatThing(chatContainer, me) { + const created = await mintNew({ + me, + newBase: chatContainer.value, + }); + return created.newInstance; + } + function mintNew(newPaneOptions) { + const kb = store; + const updater = kb.updater; + if (newPaneOptions.me && !newPaneOptions.me.uri) { + throw new Error('chat mintNew: Invalid userid ' + newPaneOptions.me); + } + const newInstance = (newPaneOptions.newInstance = + newPaneOptions.newInstance || + kb.sym(newPaneOptions.newBase + CHAT_LOCATION_IN_CONTAINER)); + const newChatDoc = newInstance.doc(); + kb.add(newInstance, ns.rdf('type'), ns.meeting('LongChat'), newChatDoc); + kb.add(newInstance, ns.dc('title'), 'Chat channel', newChatDoc); + kb.add(newInstance, ns.dc('created'), (0,external_$rdf_.term)(new Date(Date.now())), newChatDoc); + if (newPaneOptions.me) { + kb.add(newInstance, ns.dc('author'), newPaneOptions.me, newChatDoc); + } + return new Promise(function (resolve, reject) { + updater === null || updater === void 0 ? void 0 : updater.put(newChatDoc, kb.statementsMatching(undefined, undefined, undefined, newChatDoc), 'text/turtle', function (uri2, ok, message) { + if (ok) { + resolve({ + ...newPaneOptions, + newInstance, + }); + } + else { + reject(new Error('FAILED to save new chat channel at: ' + uri2 + ' : ' + message)); + } + }); + }); + } + /** + * Find (and optionally create) an individual chat between the current user and the given invitee + * @param invitee - The person to chat with + * @param createIfMissing - Whether the chat should be created, if missing + * @returns null if missing, or a node referring to an already existing chat, or the newly created chat + */ + async function getChat(invitee, createIfMissing = true) { + const { me, chatContainer, exists } = await findChat(invitee); + if (exists) { + return new external_$rdf_.NamedNode(chatContainer.value + CHAT_LOCATION_IN_CONTAINER); + } + if (createIfMissing) { + const chatThing = await createChatThing(chatContainer, me); + await sendInvite(invitee, chatThing); + await setAcl(chatContainer, me, invitee); + await addToPrivateTypeIndex(chatThing, me); + return chatThing; + } + return null; + } + async function sendInvite(invitee, chatThing) { + var _a; + await store.fetcher.load(invitee.doc()); + const inviteeInbox = store.any(invitee, ns.ldp('inbox'), undefined, invitee.doc()); + if (!inviteeInbox) { + throw new Error(`Invitee inbox not found! ${invitee.value}`); + } + const inviteBody = ` + <> a ; + ${ns.rdf('seeAlso')} <${chatThing.value}> . + `; + const inviteResponse = await ((_a = store.fetcher) === null || _a === void 0 ? void 0 : _a.webOperation('POST', inviteeInbox.value, { + data: inviteBody, + contentType: 'text/turtle', + })); + const locationStr = inviteResponse === null || inviteResponse === void 0 ? void 0 : inviteResponse.headers.get('location'); + if (!locationStr) { + throw new Error(`Invite sending returned a ${inviteResponse === null || inviteResponse === void 0 ? void 0 : inviteResponse.status}`); + } + } + return { + setAcl, addToPrivateTypeIndex, findChat, createChatThing, getChat, sendInvite, mintNew + }; +} + +;// ./src/inbox/inboxLogic.ts + +function createInboxLogic(store, profileLogic, utilityLogic, containerLogic, aclLogic) { + async function createInboxFor(peerWebId, nick) { + const myWebId = await profileLogic.loadMe(); + const podRoot = await profileLogic.getPodRoot(myWebId); + const ourInbox = `${podRoot.value}p2p-inboxes/${encodeURIComponent(nick)}/`; + await containerLogic.createContainer(ourInbox); + // const aclDocUrl = await aclLogic.findAclDocUrl(ourInbox); + await utilityLogic.setSinglePeerAccess({ + ownerWebId: myWebId.value, + peerWebId, + accessToModes: 'acl:Append', + target: ourInbox + }); + return ourInbox; + } + async function getNewMessages(user) { + if (!user) { + user = await profileLogic.loadMe(); + } + const inbox = await profileLogic.getMainInbox(user); + const urls = await containerLogic.getContainerMembers(inbox); + return urls.filter(url => !containerLogic.isContainer(url)); + } + async function markAsRead(url, date) { + const downloaded = await store.fetcher._fetch(url); + if (downloaded.status !== 200) { + throw new Error(`Not OK! ${url}`); + } + const archiveUrl = getArchiveUrl(url, date); + const options = { + method: 'PUT', + body: await downloaded.text(), + headers: [ + ['Content-Type', downloaded.headers.get('Content-Type') || 'application/octet-stream'] + ] + }; + const uploaded = await store.fetcher._fetch(archiveUrl, options); + if (uploaded.status.toString()[0] === '2') { + await store.fetcher._fetch(url, { + method: 'DELETE' + }); + } + } + return { + createInboxFor, + getNewMessages, + markAsRead + }; +} + +;// ./src/logic/CustomError.ts +class CustomError extends Error { + constructor(message) { + super(message); + // see: typescriptlang.org/docs/handbook/release-notes/typescript-2-2.html + Object.setPrototypeOf(this, new.target.prototype); // restore prototype chain + this.name = new.target.name; // stack traces display correctly now + } +} +class UnauthorizedError extends CustomError { +} +class CrossOriginForbiddenError extends CustomError { +} +class SameOriginForbiddenError extends CustomError { +} +class NotFoundError extends CustomError { +} +class NotEditableError extends CustomError { +} +class WebOperationError extends CustomError { +} +class FetchError extends CustomError { + constructor(status, message) { + super(message); + this.status = status; + } +} + +;// ./src/profile/profileLogic.ts + + + + +function createProfileLogic(store, authn, utilityLogic) { + const ns = ns_ns; + /** + * loads the preference without throwing errors - if it can create it it does so. + * remark: it still throws error if it cannot load profile. + * @param user + * @returns undefined if preferenceFile cannot be returned or NamedNode if it can find it or create it + */ + async function silencedLoadPreferences(user) { + try { + return await loadPreferences(user); + } + catch (err) { + return undefined; + } + } + /** + * loads the preference without returning different errors if it cannot create or load it. + * remark: it also throws error if it cannot load profile. + * @param user + * @returns undefined if preferenceFile cannot be an Error or NamedNode if it can find it or create it + */ + async function loadPreferences(user) { + await loadProfile(user); + const possiblePreferencesFile = suggestPreferencesFile(user); + let preferencesFile; + try { + preferencesFile = await utilityLogic.followOrCreateLink(user, ns.space('preferencesFile'), possiblePreferencesFile, user.doc()); + } + catch (err) { + const message = `User ${user} has no pointer in profile to preferences file.`; + warn(message); + // we are listing the possible errors + if (err instanceof NotEditableError) { + throw err; + } + if (err instanceof WebOperationError) { + throw err; + } + if (err instanceof UnauthorizedError) { + throw err; + } + if (err instanceof CrossOriginForbiddenError) { + throw err; + } + if (err instanceof SameOriginForbiddenError) { + throw err; + } + if (err instanceof FetchError) { + throw err; + } + throw err; + } + try { + await store.fetcher.load(preferencesFile); + } + catch (err) { // Maybe a permission problem or origin problem + const msg = `Unable to load preference of user ${user}: ${err}`; + warn(msg); + if (err.response.status === 401) { + throw new UnauthorizedError(); + } + if (err.response.status === 403) { + if (differentOrigin(preferencesFile)) { + throw new CrossOriginForbiddenError(); + } + throw new SameOriginForbiddenError(); + } + /*if (err.response.status === 404) { + throw new NotFoundError(); + }*/ + throw new Error(msg); + } + return preferencesFile; + } + async function loadProfile(user) { + if (!user) { + throw new Error('loadProfile: no user given.'); + } + try { + await store.fetcher.load(user.doc()); + } + catch (err) { + throw new Error(`Unable to load profile of user ${user}: ${err}`); + } + return user.doc(); + } + async function loadMe() { + const me = authn.currentUser(); + if (me === null) { + throw new Error('Current user not found! Not logged in?'); + } + await store.fetcher.load(me.doc()); + return me; + } + function getPodRoot(user) { + const podRoot = findStorage(user); + if (!podRoot) { + throw new Error('User pod root not found!'); + } + return podRoot; + } + async function getMainInbox(user) { + await store.fetcher.load(user); + const mainInbox = store.any(user, ns.ldp('inbox'), undefined, user.doc()); + if (!mainInbox) { + throw new Error('User main inbox not found!'); + } + return mainInbox; + } + function findStorage(me) { + return store.any(me, ns.space('storage'), undefined, me.doc()); + } + return { + loadMe, + getPodRoot, + getMainInbox, + findStorage, + loadPreferences, + loadProfile, + silencedLoadPreferences + }; +} + +;// ./src/typeIndex/typeIndexLogic.ts + + + + +function createTypeIndexLogic(store, authn, profileLogic, utilityLogic) { + const ns = ns_ns; + function getRegistrations(instance, theClass) { + return store + .each(undefined, ns.solid('instance'), instance) + .filter((r) => { + return store.holds(r, ns.solid('forClass'), theClass); + }); + } + async function loadTypeIndexesFor(user) { + if (!user) + throw new Error('loadTypeIndexesFor: No user given'); + const profile = await profileLogic.loadProfile(user); + const suggestion = suggestPublicTypeIndex(user); + let publicTypeIndex; + try { + publicTypeIndex = await utilityLogic.followOrCreateLink(user, ns.solid('publicTypeIndex'), suggestion, profile); + } + catch (err) { + const message = `User ${user} has no pointer in profile to publicTypeIndex file.`; + warn(message); + } + const publicScopes = publicTypeIndex ? [{ label: 'public', index: publicTypeIndex, agent: user }] : []; + let preferencesFile; + try { + preferencesFile = await profileLogic.silencedLoadPreferences(user); + } + catch (err) { + preferencesFile = null; + } + let privateScopes; + if (preferencesFile) { // watch out - can be in either as spec was not clear. Legacy is profile. + // If there is a legacy one linked from the profile, use that. + // Otherwiae use or make one linked from Preferences + const suggestedPrivateTypeIndex = suggestPrivateTypeIndex(preferencesFile); + let privateTypeIndex; + try { + privateTypeIndex = store.any(user, ns.solid('privateTypeIndex'), undefined, profile) || + await utilityLogic.followOrCreateLink(user, ns.solid('privateTypeIndex'), suggestedPrivateTypeIndex, preferencesFile); + } + catch (err) { + const message = `User ${user} has no pointer in preference file to privateTypeIndex file.`; + warn(message); + } + privateScopes = privateTypeIndex ? [{ label: 'private', index: privateTypeIndex, agent: user }] : []; + } + else { + privateScopes = []; + } + const scopes = publicScopes.concat(privateScopes); + if (scopes.length === 0) + return scopes; + const files = scopes.map(scope => scope.index); + try { + await store.fetcher.load(files); + } + catch (err) { + warn('Problems loading type index: ', err); + } + return scopes; + } + async function loadCommunityTypeIndexes(user) { + let preferencesFile; + try { + preferencesFile = await profileLogic.silencedLoadPreferences(user); + } + catch (err) { + const message = `User ${user} has no pointer in profile to preferences file.`; + warn(message); + } + if (preferencesFile) { // For now, pick up communities as simple links from the preferences file. + const communities = store.each(user, ns.solid('community'), undefined, preferencesFile).concat(store.each(user, ns.solid('community'), undefined, user.doc())); + let result = []; + for (const org of communities) { + result = result.concat(await loadTypeIndexesFor(org)); + } + return result; + } + return []; // No communities + } + async function loadAllTypeIndexes(user) { + return (await loadTypeIndexesFor(user)).concat((await loadCommunityTypeIndexes(user)).flat()); + } + async function getScopedAppInstances(klass, user) { + const scopes = await loadAllTypeIndexes(user); + let scopedApps = []; + for (const scope of scopes) { + const scopedApps0 = await getScopedAppsFromIndex(scope, klass); + scopedApps = scopedApps.concat(scopedApps0); + } + return scopedApps; + } + // This is the function signature which used to be in solid-ui/logic + // Recommended to use getScopedAppInstances instead as it provides more information. + // + async function getAppInstances(klass) { + const user = authn.currentUser(); + if (!user) + throw new Error('getAppInstances: Must be logged in to find apps.'); + const scopedAppInstances = await getScopedAppInstances(klass, user); + return scopedAppInstances.map(scoped => scoped.instance); + } + function suggestPublicTypeIndex(me) { + var _a; + return (0,external_$rdf_.sym)(((_a = me.doc().dir()) === null || _a === void 0 ? void 0 : _a.uri) + 'publicTypeIndex.ttl'); + } + // Note this one is based off the pref file not the profile + function suggestPrivateTypeIndex(preferencesFile) { + var _a; + return (0,external_$rdf_.sym)(((_a = preferencesFile.doc().dir()) === null || _a === void 0 ? void 0 : _a.uri) + 'privateTypeIndex.ttl'); + } + /* + * Register a new app in a type index + * used in chat in bookmark.js (solid-ui) + * Returns the registration object if successful else null + */ + async function registerInTypeIndex(instance, index, theClass) { + const registration = newThing(index); + const ins = [ + // See https://github.com/solid/solid/blob/main/proposals/data-discovery.md + (0,external_$rdf_.st)(registration, ns.rdf('type'), ns.solid('TypeRegistration'), index), + (0,external_$rdf_.st)(registration, ns.solid('forClass'), theClass, index), + (0,external_$rdf_.st)(registration, ns.solid('instance'), instance, index) + ]; + try { + await store.updater.update([], ins); + } + catch (err) { + const msg = `Unable to register ${instance} in index ${index}: ${err}`; + console.warn(msg); + return null; + } + return registration; + } + async function deleteTypeIndexRegistration(item) { + const reg = store.the(null, ns.solid('instance'), item.instance, item.scope.index); + if (!reg) + throw new Error(`deleteTypeIndexRegistration: No registration found for ${item.instance}`); + const statements = store.statementsMatching(reg, null, null, item.scope.index); + await store.updater.update(statements, []); + } + async function getScopedAppsFromIndex(scope, theClass) { + const index = scope.index; + const results = []; + const registrations = store.statementsMatching(null, ns.solid('instance'), null, index) + .concat(store.statementsMatching(null, ns.solid('instanceContainer'), null, index)) + .map(st => st.subject); + for (const reg of registrations) { + const klass = store.any(reg, ns.solid('forClass'), null, index); + if (!theClass || klass.sameTerm(theClass)) { + const instances = store.each(reg, ns.solid('instance'), null, index); + for (const instance of instances) { + results.push({ instance, type: klass, scope }); + } + const containers = store.each(reg, ns.solid('instanceContainer'), null, index); + for (const instance of containers) { + await store.fetcher.load(instance); + results.push({ instance: (0,external_$rdf_.sym)(instance.value), type: klass, scope }); + } + } + } + return results; + } + return { + registerInTypeIndex, + getRegistrations, + loadTypeIndexesFor, + loadCommunityTypeIndexes, + loadAllTypeIndexes, + getScopedAppInstances, + getAppInstances, + suggestPublicTypeIndex, + suggestPrivateTypeIndex, + deleteTypeIndexRegistration, + getScopedAppsFromIndex + }; +} + +;// ./src/util/containerLogic.ts + +/** + * Container-related class + */ +function createContainerLogic(store) { + function getContainerElements(containerNode) { + return store + .statementsMatching(containerNode, (0,external_$rdf_.sym)('http://www.w3.org/ns/ldp#contains'), undefined) + .map((st) => st.object); + } + function isContainer(url) { + const nodeToString = url.value; + return nodeToString.charAt(nodeToString.length - 1) === '/'; + } + async function createContainer(url) { + const stringToNode = (0,external_$rdf_.sym)(url); + if (!isContainer(stringToNode)) { + throw new Error(`Not a container URL ${url}`); + } + // Copied from https://github.com/solidos/solid-crud-tests/blob/v3.1.0/test/surface/create-container.test.ts#L56-L64 + const result = await store.fetcher._fetch(url, { + method: 'PUT', + headers: { + 'Content-Type': 'text/turtle', + 'If-None-Match': '*', + Link: '; rel="type"', // See https://github.com/solidos/node-solid-server/issues/1465 + }, + body: ' ', // work around https://github.com/michielbdejong/community-server/issues/4#issuecomment-776222863 + }); + if (result.status.toString()[0] !== '2') { + throw new Error(`Not OK: got ${result.status} response while creating container at ${url}`); + } + } + async function getContainerMembers(containerUrl) { + await store.fetcher.load(containerUrl); + return getContainerElements(containerUrl); + } + return { + isContainer, + createContainer, + getContainerElements, + getContainerMembers + }; +} + +;// ./src/util/utilityLogic.ts + + + + +function createUtilityLogic(store, aclLogic, containerLogic) { + async function recursiveDelete(containerNode) { + try { + if (containerLogic.isContainer(containerNode)) { + const aclDocUrl = await aclLogic.findAclDocUrl(containerNode); + await store.fetcher._fetch(aclDocUrl, { method: 'DELETE' }); + const containerMembers = await containerLogic.getContainerMembers(containerNode); + await Promise.all(containerMembers.map((url) => recursiveDelete(url))); + } + const nodeToStringHere = containerNode.value; + return store.fetcher._fetch(nodeToStringHere, { method: 'DELETE' }); + } + catch (e) { + log(`Please manually remove ${containerNode.value} from your system.`, e); + } + } + /** + * Create a resource if it really does not exist + * Be absolutely sure something does not exist before creating a new empty file + * as otherwise existing could be deleted. + * @param doc {NamedNode} - The resource + */ + async function loadOrCreateIfNotExists(doc) { + let response; + try { + response = await store.fetcher.load(doc); + } + catch (err) { + if (err.response.status === 404) { + try { + await store.fetcher.webOperation('PUT', doc, { data: '', contentType: 'text/turtle' }); + } + catch (err) { + const msg = 'createIfNotExists: PUT FAILED: ' + doc + ': ' + err; + throw new WebOperationError(msg); + } + await store.fetcher.load(doc); + } + else { + if (err.response.status === 401) { + throw new UnauthorizedError(); + } + if (err.response.status === 403) { + if (differentOrigin(doc)) { + throw new CrossOriginForbiddenError(); + } + throw new SameOriginForbiddenError(); + } + const msg = 'createIfNotExists doc load error NOT 404: ' + doc + ': ' + err; + throw new FetchError(err.status, err.message + msg); + } + } + return response; + } + /* Follow link from this doc to another thing, or else make a new link + ** + ** @returns existing object, or creates it if non existent + */ + async function followOrCreateLink(subject, predicate, object, doc) { + await store.fetcher.load(doc); + const result = store.any(subject, predicate, null, doc); + if (result) + return result; + if (!store.updater.editable(doc)) { + const msg = `followOrCreateLink: cannot edit ${doc.value}`; + warn(msg); + throw new NotEditableError(msg); + } + try { + await store.updater.update([], [(0,external_$rdf_.st)(subject, predicate, object, doc)]); + } + catch (err) { + const msg = `followOrCreateLink: Error making link in ${doc} to ${object}: ${err}`; + warn(msg); + throw new WebOperationError(err); + } + try { + await loadOrCreateIfNotExists(object); + // store.fetcher.webOperation('PUT', object, { data: '', contentType: 'text/turtle'}) + } + catch (err) { + warn(`followOrCreateLink: Error loading or saving new linked document: ${object}: ${err}`); + throw err; + } + return object; + } + // Copied from https://github.com/solidos/web-access-control-tests/blob/v3.0.0/test/surface/delete.test.ts#L5 + async function setSinglePeerAccess(options) { + let str = [ + '@prefix acl: .', + '', + `<#alice> a acl:Authorization;\n acl:agent <${options.ownerWebId}>;`, + ` acl:accessTo <${options.target}>;`, + ` acl:default <${options.target}>;`, + ' acl:mode acl:Read, acl:Write, acl:Control.', + '' + ].join('\n'); + if (options.accessToModes) { + str += [ + '<#bobAccessTo> a acl:Authorization;', + ` acl:agent <${options.peerWebId}>;`, + ` acl:accessTo <${options.target}>;`, + ` acl:mode ${options.accessToModes}.`, + '' + ].join('\n'); + } + if (options.defaultModes) { + str += [ + '<#bobDefault> a acl:Authorization;', + ` acl:agent <${options.peerWebId}>;`, + ` acl:default <${options.target}>;`, + ` acl:mode ${options.defaultModes}.`, + '' + ].join('\n'); + } + const aclDocUrl = await aclLogic.findAclDocUrl((0,external_$rdf_.sym)(options.target)); + return store.fetcher._fetch(aclDocUrl, { + method: 'PUT', + body: str, + headers: [ + ['Content-Type', 'text/turtle'] + ] + }); + } + async function createEmptyRdfDoc(doc, comment) { + await store.fetcher.webOperation('PUT', doc.uri, { + data: `# ${new Date()} ${comment} + `, + contentType: 'text/turtle', + }); + } + return { + recursiveDelete, + setSinglePeerAccess, + createEmptyRdfDoc, + followOrCreateLink, + loadOrCreateIfNotExists + }; +} + +;// ./src/logic/solidLogic.ts + + + + + + + + + + +/* +** It is important to distinquish `fetch`, a function provided by the browser +** and `Fetcher`, a helper object for the rdflib Store which turns it +** into a `ConnectedStore` or a `LiveStore`. A Fetcher object is +** available at store.fetcher, and `fetch` function at `store.fetcher._fetch`, +*/ +function createSolidLogic(specialFetch, session) { + log('SolidLogic: Unique instance created. There should only be one of these.'); + const store = external_$rdf_.graph(); + external_$rdf_.fetcher(store, { fetch: specialFetch.fetch }); // Attach a web I/O module, store.fetcher + store.updater = new external_$rdf_.UpdateManager(store); // Add real-time live updates store.updater + store.features = []; // disable automatic node merging on store load + const authn = new SolidAuthnLogic(session); + const acl = createAclLogic(store); + const containerLogic = createContainerLogic(store); + const utilityLogic = createUtilityLogic(store, acl, containerLogic); + const profile = createProfileLogic(store, authn, utilityLogic); + const chat = createChatLogic(store, profile); + const inbox = createInboxLogic(store, profile, utilityLogic, containerLogic, acl); + const typeIndex = createTypeIndexLogic(store, authn, profile, utilityLogic); + log('SolidAuthnLogic initialized'); + function load(doc) { + return store.fetcher.load(doc); + } + // @@@@ use the one in rdflib.js when it is available and delete this + function updatePromise(del, ins = []) { + return new Promise((resolve, reject) => { + store.updater.update(del, ins, function (_uri, ok, errorBody) { + if (!ok) { + reject(new Error(errorBody)); + } + else { + resolve(); + } + }); // callback + }); // promise + } + function clearStore() { + store.statements.slice().forEach(store.remove.bind(store)); + } + return { + store, + authn, + acl, + inbox, + chat, + profile, + typeIndex, + load, + updatePromise, + clearStore + }; +} + +;// ./src/logic/solidLogicSingleton.ts + + + +const _fetch = async (url, requestInit) => { + const omitCreds = requestInit && requestInit.credentials && requestInit.credentials == 'omit'; + if (authSession.info.webId && !omitCreds) { // see https://github.com/solidos/solidos/issues/114 + // In fact fetch should respect credentials omit itself + return authSession.fetch(url, requestInit); + } + else { + return window.fetch(url, requestInit); + } +}; +// Global singleton pattern to ensure unique store across library versions +const SINGLETON_SYMBOL = Symbol.for('solid-logic-singleton'); +const globalTarget = (typeof window !== 'undefined' ? window : __webpack_require__.g); +function getOrCreateSingleton() { + if (!globalTarget[SINGLETON_SYMBOL]) { + log('SolidLogic: Creating new global singleton instance.'); + globalTarget[SINGLETON_SYMBOL] = createSolidLogic({ fetch: _fetch }, authSession); + log('Unique quadstore initialized.'); + } + else { + log('SolidLogic: Using existing global singleton instance.'); + } + return globalTarget[SINGLETON_SYMBOL]; +} +//this const makes solidLogicSingleton global accessible in mashlib +const solidLogicSingleton = getOrCreateSingleton(); + + +;// ./src/issuer/issuerLogic.ts +const DEFAULT_ISSUERS = [ + { + name: 'Solid Community', + uri: 'https://solidcommunity.net' + }, + { + name: 'Solid Web', + uri: 'https://solidweb.org' + }, + { + name: 'Solid Web ME', + uri: 'https://solidweb.me' + }, + { + name: 'Inrupt.com', + uri: 'https://login.inrupt.com' + } +]; +/** + * @returns - A list of suggested OIDC issuers + */ +function getSuggestedIssuers() { + // Suggest a default list of OIDC issuers + const issuers = [...DEFAULT_ISSUERS]; + // Suggest the current host if not already included + const { host, origin } = new URL(location.href); + const hosts = issuers.map(({ uri }) => new URL(uri).host); + if (!hosts.includes(host) && !hosts.some(existing => isSubdomainOf(host, existing))) { + issuers.unshift({ name: host, uri: origin }); + } + return issuers; +} +function isSubdomainOf(subdomain, domain) { + const dot = subdomain.length - domain.length - 1; + return dot > 0 && subdomain[dot] === '.' && subdomain.endsWith(domain); +} + +;// ./src/index.ts +// Make these variables directly accessible as it is what you need most of the time +// This also makes these variable globaly accesible in mashlib + +const authn = solidLogicSingleton.authn; +const src_authSession = solidLogicSingleton.authn.authSession; +const store = solidLogicSingleton.store; + + + + + + + +})(); + +/******/ return __webpack_exports__; +/******/ })() +; +}); +//# sourceMappingURL=solid-logic.js.map \ No newline at end of file diff --git a/dist/solid-logic.js.map b/dist/solid-logic.js.map new file mode 100644 index 0000000..9257d04 --- /dev/null +++ b/dist/solid-logic.js.map @@ -0,0 +1 @@ +{"version":3,"file":"solid-logic.js","mappings":"AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,CAAC;AACD,O;;;;;;;ACVA,kD;;;;;;;ACAA;AACA;AACA;AACA;AACA;AACA;AACA,qCAAqC;AACrC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA,oBAAoB,KAAK;AACzB;AACA,wBAAwB,mBAAmB;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;;AAEA;;;;;;;UCjFA;UACA;;UAEA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;UACA;;UAEA;UACA;;UAEA;UACA;UACA;;;;;WCtBA;WACA;WACA;WACA;WACA;WACA,iCAAiC,WAAW;WAC5C;WACA,E;;;;;WCPA;WACA;WACA;WACA;WACA,yCAAyC,wCAAwC;WACjF;WACA;WACA,E;;;;;WCPA;WACA;WACA;WACA;WACA,GAAG;WACH;WACA;WACA,CAAC,I;;;;;WCPD,wF;;;;;WCAA;WACA;WACA;WACA,uDAAuD,iBAAiB;WACxE;WACA,gDAAgD,aAAa;WAC7D,E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACLO,SAAS,GAAG,CAAC,GAAG,IAAW;IAChC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;AACtB,CAAC;AAEM,SAAS,IAAI,CAAC,GAAG,IAAW;IACjC,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;AACvB,CAAC;AAEM,SAAS,KAAK,CAAC,GAAG,IAAW;IAClC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;AACxB,CAAC;AAEM,SAAS,KAAK,CAAC,GAAG,IAAW;IAClC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC;AACxB,CAAC;;;ACfD,gDAAe,MAAM,EAAC;AACf;;;ACDP;AACA;AACA;AACA;AACA,8BAA8B,iBAAiB,OAAO,KAAK;AAC3D;AACA;AACA,8BAA8B,UAAU,KAAK,SAAS;AACtD;AACA;AACA,0BAA0B,SAAS;AACnC;AACA;AACA,4BAA4B,OAAO;AACnC;AACA;AACA,qCAAqC,YAAY;AACjD;AACA;AACA;AACA,+CAA+C,wBAAwB;AACvE;AACA;AACA;AACA;AACA,wDAAe;AACf;AACA,CAAC,EAAC;AACK;AACP,kCAAkC,KAAK;AACvC;;;AC9B0C;AACnC;AACA;AACP,kBAAkB,uDAAO;AAClB;AACP,wCAAwC,QAAQ;AAChD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA,0DAA0D,cAAc,aAAa,MAAM;AAC3F;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACO;AACP;AACA;AACO;AACP;AACA;AACA,uBAAuB,mBAAmB;AAC1C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AClD0D;AACnD;AACP;AACA;AACA,oBAAoB,OAAO;AAC3B;AACA;AACA;AACA,oBAAoB,sBAAsB;AAC1C;AACA;AACA;AACA;AACO;AACP;AACA;AACO;AACP;AACA;AACA,oBAAoB,mBAAmB;AACvC;AACA;AACA;AACA;AACO;AACP;AACA;AACA,kBAAkB,OAAO;AACzB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;ACpC6C;AAC7C,kDAAe;AACf,QAAQ,WAAW;AACnB;AACA;AACA;AACA,CAAC,EAAC;AACK;;;ACP8C;AACK;AACL;AACZ;AACzC;AACA;AACA;AACA;AACA,eAAe,MAAS;AACxB;AACA;AACA,SAAS,WAAW;AACpB,4BAA4B,iBAAe,SAAS,KAAK;AACzD;AACA;AACA;AACA;AACA,YAAY,iCAAiC,QAAQ,SAAM;AAC3D;AACA;AACA,iDAAe,QAAQ,EAAC;;;ACpBoC;AACE;AACd;AACzC;AACP;AACA;AACO;AACP;AACA;AACO;AACP,WAAW,UAAQ;AACnB;;;ACXO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA,yBAAyB,SAAS,0BAA0B;AAC5D;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA,yBAAyB,SAAS,0BAA0B;AAC5D;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO,MAAM,uBAAgB;AAC7B;AACA;AACA;AACA;AACA;AACA,uBAAgB;AACT;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;;;ACjHqD;AACtC;AACf,wBAAwB,cAAc;AACtC;AACA;AACA;AACA;AACA,qBAAqB;AACrB;AACA;AACA;AACA,qBAAqB;AACrB;AACA;AACA;AACA,qBAAqB;AACrB;AACA;AACA;AACA,qBAAqB;AACrB;AACA,qBAAqB;AACrB;AACA,qBAAqB;AACrB;AACA,sBAAsB,uBAAgB,QAAQ,KAAK;AACnD;AACA;;;AC3BA,uDAAe;AACf;AACA,gBAAgB,gBAAgB;AAChC;AACA,mCAAmC,KAAK;AACxC;AACA;AACA,CAAC,EAAC;;;ACPF;AACA,2EAA2E,MAAM,UAAU,KAAK;AAChG;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,6BAA6B,kBAAkB,OAAO,KAAK;AAC3D;AACA;AACA,6BAA6B,WAAW,KAAK,UAAU;AACvD;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sCAAsC,SAAS;AAC/C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sCAAsC,SAAS;AAC/C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sCAAsC,SAAS;AAC/C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sCAAsC,SAAS;AAC/C;AACA;AACA;AACA;AACA;AACA;AACA;;;AC5JA;AACA;AACA;AACe;AACf;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;ACfsC;AAC/B;AACP,WAAW,QAAQ;AACnB;AACO;AACP;AACA;AACO;AACP;AACA;AACO;AACP;AACA;;;ACZoC;AACiB;AACrD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC,8BAA8B,kBAAkB;AAClF;AACA;AACA;AACA;AACA;AACA,kCAAkC,wCAAwC,kBAAkB;AAC5F;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,qCAAqC,qCAAqC;AAC1E;AACA;AACA;AACA;AACA,8BAA8B,uBAAgB;AAC9C;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA,8BAA8B,uBAAgB;AAC9C;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA,8BAA8B,uBAAgB;AAC9C;AACA;AACA;AACA;AACA,sBAAsB,uBAAgB;AACtC;AACA,aAAa;AACb;AACA;AACA;AACA;AACA;AACA,YAAY,uBAAuB;AACnC;AACA;AACA;AACA;AACA;AACA,sBAAsB;AACtB;AACA;AACA,WAAW,SAAM;AACjB;AACA,iDAAe,KAAK,EAAC;;;ACvGoB;AACD;AACA;AACxC,8BAA8B,MAAM;AACpC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,4BAA4B,UAAS,GAAG,aAAa;AACrD;AACA;AACA;AACA,yBAAyB,kBAAkB;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,+BAA+B,eAAe;AAC9C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,QAAQ,KAAK;AACb;AACA,mBAAmB,MAAM;AACzB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,+BAA+B,eAAe;AAC9C;AACA;AACA;AACA;AACA;AACA;AACA,QAAQ,KAAK;AACb;AACA,mBAAmB,MAAM;AACzB;AACA;AACA;AACA;AACA;AACA;AACA,oDAAe,EAAE,yCAAyC,EAAC;;;ACnEN;AACI;AACC;AACjB;AACE;AAC5B;AACf;AACA,oBAAoB,aAAS;AAC7B;AACA;AACA,oBAAoB,aAAS;AAC7B;AACA,QAAQ,WAAW;AACnB,QAAQ,iBAAiB;AACzB;AACA;AACA;AACA;AACA,gCAAgC,iBAAe,SAAS,KAAK;AAC7D;AACA,eAAe,SAAM,gCAAgC,aAAa,cAAc,iBAAiB;AACjG;AACA,wBAAwB,iBAAe,SAAS,KAAK;AACrD;;;ACvB8C;AACV;AACe;AACD;AAClD;AACA,4BAA4B,YAAU;AACtC,IAAI,gBAAc;AAClB,4BAA4B,SAAM,aAAa,SAAe;AAC9D;AACA;AACA,mDAAe,IAAI,EAAC;;;ACVpB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kDAAe,UAAU,EAAC;;;ACrB0C;AACP;AAC1B;AACnC;AACA;AACA;AACA;AACA;AACA;AACA,qGAAqG,MAAM;AAC3G;AACA;AACA,4FAA4F,IAAI;AAChG;AACA;AACA;AACA;AACA;AACA;AACA,oBAAoB,KAAS;AAC7B,YAAY,WAAe;AAC3B;AACA;AACA;AACA,SAAS,WAAS;AAClB,4BAA4B,OAAe,cAAc,KAAK;AAC9D;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA;AACA,oBAAoB,KAAS;AAC7B;AACA;AACA,oBAAoB,YAAgB;AACpC;AACA;AACA;AACA,oBAAoB,WAAe;AACnC;AACA;AACA;AACA;AACA,SAAS,WAAS;AAClB,4BAA4B,OAAe,cAAc,KAAK;AAC9D;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA,+BAA+B,UAAU;AACzC;AACA;AACA;AACA;AACA;AACA;AACA,cAAc,EAAE;AAChB;AACA;AACA;AACA;AACA;AACA;AACA;AACA,qDAAe,mCAAmC,EAAC;AAC5C;;;AC5E8C;AACrD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sBAAsB,uBAAgB,gCAAgC,UAAU;AAChF;AACA;AACA,yDAAyD,UAAU;AACnE;AACA;AACA,yDAAyD,UAAU;AACnE;AACA;AACA;AACA;AACA,oDAAe,YAAY,EAAC;;;ACjCqC;AACxB;AACS;AACA;AACmB;AACH;AACZ;AAC/C;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sBAAsB,UAAU;AAChC;AACA,aAAa,WAAU;AACvB,sBAAsB,UAAU;AAChC;AACA;AACA;AACA;AACA;AACA,2BAA2B,aAAY,CAAC,UAAU;AAClD;AACA;AACA;AACA;AACA,0BAA0B,UAAU;AACpC;AACA;AACA,gBAAgB,MAAM;AACtB;AACA,sBAAsB,UAAU;AAChC;AACA,QAAQ,mBAAmB;AAC3B;AACA;AACA,sBAAsB,OAAO,QAAQ,MAAS;AAC9C;AACA;AACA;AACA,8BAA8B,OAAO,QAAQ,MAAS;AACtD;AACA;AACA,8BAA8B,OAAO;AACrC;AACA,qBAAqB,MAAM,kBAAkB,OAAO;AACpD,gCAAgC,YAAI;AACpC;AACA,uBAAuB,MAAS;AAChC;AACA;AACA;AACA,0BAA0B,OAAO;AACjC;AACA;AACA;AACA;AACA;AACA,4BAA4B,OAAO;AACnC;AACA;AACA;AACA;;;AChFqD;AAC9C;AACP;AACA,8BAA8B,aAAa;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kBAAkB,cAAc,GAAG,YAAY,GAAG,cAAc;AAChE;AACA;;;AChBA,4CAAe,2CAA2C,EAAC;;;ACA3D;AACA;AACA;AACA;AACA;AACA;AACA,2CAAe;AACf;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,CAAC,EAAC;;;ACtDkC;AACO;AACT;AAClC;AACA;AACA,uCAAuC,OAAO;AAC9C;AACA;AACA;AACO;AACP,4BAA4B;AAC5B,aAAa,QAAQ;AACrB;AACA;AACA;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA;AACA,8BAA8B;AAC9B;AACA;AACA,8BAA8B,qDAAqD,KAAK;AACxF;AACA;AACA,8BAA8B,uBAAuB,KAAK,eAAe,IAAI;AAC7E;AACA;AACA;AACA;AACA;AACA,8BAA8B;AAC9B;AACA;AACA,8BAA8B,0DAA0D,KAAK;AAC7F;AACA;AACA,8BAA8B,uBAAuB,KAAK,eAAe,IAAI;AAC7E;AACA;AACA;AACA;AACA;AACA,8BAA8B,uBAAuB,KAAK;AAC1D;AACA;AACA,8BAA8B,oDAAoD,KAAK;AACvF;AACA;AACA;AACA;AACA,kDAAkD,KAAK,eAAe,IAAI;AAC1E;AACA;AACA;AACA,8BAA8B;AAC9B;AACA;AACA;AACA;;;AC1EqD;AACN;AACE;AACP;AACnC,sBAAsB,UAAU;AACvC;AACA;AACA;AACA;AACA;AACA,wBAAwB,WAAW,CAAC,OAAO;AAC3C;AACA;AACA;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA;AACA;;;ACnB2D;AAC3D;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA;AACA;AACA,KAAK;AACL;AACA,sBAAsB,WAAW;AACjC;AACA,KAAK;AACL;AACA;AACA;AACA,kBAAkB,SAAS;AAC3B;AACA;AACA;AACA;AACA;AACA,kBAAkB,SAAS;AAC3B;AACA;AACA,iDAAe,SAAS,EAAC;;;ACjC2C;AACD;AAChB;AACE;AACV;AACpC;AACP;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACO;AACP,SAAS,QAAQ;AACjB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,mBAAmB,MAAe;AAClC;AACA;AACA,0BAA0B,uBAAgB;AAC1C;AACA;AACA;AACA,mBAAmB,UAAW,GAAG,aAAa;AAC9C;AACA,sBAAsB,uBAAgB;AACtC;AACA;;;AC5C6C;AACmE;AACrE;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sBAAsB,uBAAgB;AACtC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,WAAW,QAAQ;AACnB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sBAAsB,WAAW;AACjC;AACA;AACA;AACA;AACA,gBAAgB,WAAW,IAAI;AAC/B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS;AACT,gBAAgB,iBAAiB;AACjC;AACA,sBAAsB,iBAAiB;AACvC;AACA;AACA,8BAA8B,wBAAwB;AACtD,oBAAoB,UAAU;AAC9B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sDAAsD;AACtD;AACA,0BAA0B,SAAS,GAAG,mBAAmB;AACzD;AACA,sBAAsB,WAAW;AACjC;AACA;AACA;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS;AACT,KAAK;AACL;AACA;;;AC3HiD;AACK;AACP;AACJ;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,oBAAoB,KAAK,GAAG,QAAQ;AACpC;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS,QAAQ;AACjB;AACA,qDAAqD,QAAQ;AAC7D;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,8BAA8B,iBAAiB;AAC/C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,+BAA+B,iBAAiB;AAChD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,oDAAoD,UAAS;AAC7D;AACA,0BAA0B,iBAAiB;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA;AACA,SAAS;AACT;AACA;AACA;AACA;AACA;AACA,SAAS;AACT,KAAK;AACL;AACA;AACO,+BAA+B,yDAAS;;;AC1ID;AACV;AACe;AACC;AACpD;AACA,4BAA4B,YAAY;AACxC,IAAI,gBAAc;AAClB,sBAAsB,SAAe;AACrC;AACA,qBAAqB,SAAM;AAC3B;AACA;AACA;AACA;AACA;AACA,qDAAe,MAAM,EAAC;;;ACftB;AACA;AACA;AACA,gCAAgC,OAAO;AACvC;AACA;AACA;AACA;AACA;AACA;AACA,0DAAe,kBAAkB,EAAC;;;ACV+B;AACpB;AACwD;AAChC;AACnB;AACJ;AACoB;AACZ;AACY;AACtB;AACI;AACzC;AACP,SAAS,QAAQ;AACjB,kBAAkB,UAAU;AAC5B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA,qCAAqC,QAAQ;AAC7C,kBAAkB,UAAU;AAC5B;AACA;AACA;AACA;AACA,oCAAoC,MAAS;AAC7C,oCAAoC,OAAO;AAC3C;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA,SAAS,WAAU;AACnB,kBAAkB,UAAU;AAC5B;AACA;AACA;AACA;AACA;AACA,uBAAuB,aAAY,CAAC,UAAU;AAC9C;AACA;AACA;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA,YAAY,MAAM;AAClB;AACA,kBAAkB,UAAU;AAC5B;AACA,kCAAkC,mBAAkB;AACpD;AACA,kBAAkB,iBAAiB;AACnC;AACA;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA;AACA;AACA;AACA,QAAQ,mBAAmB;AAC3B,YAAY,KAAK;AACjB,wBAAwB,SAAS;AACjC;AACA;AACA;AACA,QAAQ,mBAAmB;AAC3B;AACA,iBAAiB,MAAM,CAAC,OAAO,8BAA8B,OAAO,gDAAgD,OAAO;AAC3H;AACA;AACA,oBAAoB,MAAS;AAC7B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA,2BAA2B,cAAM;AACjC;AACA,kBAAkB,8BAA8B;AAChD;AACA;AACA;AACA;AACA,sBAAsB,MAAS;AAC/B;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA;AACA,kBAAkB,OAAO;AACzB;AACA;AACA;AACA;AACA,qBAAqB;AACrB;AACA;AACA;AACA;AACA;AACA;AACA;AACA,iBAAiB;AACjB;AACA;AACA;;;ACzHyD;AACP;AACE;AAC7C;AACP;AACA,cAAc,OAAO;AACrB;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA,YAAY,uDAAuD;AACnE;AACA,kBAAkB,UAAU;AAC5B;AACA,2BAA2B,eAAe,GAAG,gDAAgD;AAC7F,qBAAqB;AACrB;AACA,iBAAiB;AACjB;AACA;AACA;;;ACpBqF;AACzC;AACb;AACF;AACS;AACtC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,qDAAe,8CAA8C;AAC7D;AACA;AACA,6BAA6B,OAAO;AACpC;AACA;AACA;AACA,SAAS,QAAQ;AACjB,kBAAkB,UAAU;AAC5B;AACA,YAAY,MAAM;AAClB;AACA;AACA;AACA,kBAAkB,wBAAwB;AAC1C;AACA,YAAY,8DAA8D;AAC1E;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,sBAAsB,wBAAwB,sBAAsB,MAAM;AAC1E;AACA;AACA;AACA;AACA,kBAAkB,wBAAwB;AAC1C;AACA;AACA,kBAAkB,wBAAwB;AAC1C;AACA;AACA;AACA,kBAAkB,wBAAwB;AAC1C;AACA;AACA;AACA;AACA,wBAAwB,IAAI;AAC5B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,YAAY,cAAc;AAC1B,gBAAgB,KAAK;AACrB;AACA,kBAAkB,wBAAwB;AAC1C;AACA;AACA;AACA,sBAAsB,wBAAwB;AAC9C;AACA;AACA,sBAAsB,wBAAwB;AAC9C;AACA;AACA;AACA;AACA,sBAAsB,wBAAwB;AAC9C;AACA;AACA,sBAAsB,UAAU;AAChC;AACA;AACA;AACA;AACA,oEAAoE,IAAI;AACxE;AACA,sBAAsB,UAAU;AAChC;AACA;AACA,sBAAsB,wBAAwB;AAC9C;AACA;AACA;AACA,CAAC,EAAC;;;ACvGuD;AACP;AACH;AACxC;AACP,2BAA2B,aAAa;AACxC;AACA,kBAAkB,UAAU;AAC5B;AACA,oBAAoB,cAAU;AAC9B,qBAAqB;AACrB;AACA,iBAAiB;AACjB;AACA;AACA;;;ACdoC;AACpC,MAAM,aAAM;AACZ,gCAAgC,oBAAoB;AACpD,gCAAgC,SAAM;AACtC;AACA,qDAAe,aAAM,EAAC;;;ACLoB;AACoB;AACG;AAChB;AACN;AAC3C;AACA;AACA,kBAAkB,UAAU,IAAI,aAAa;AAC7C;AACA;AACO;AACP,SAAS,QAAQ;AACjB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,2BAA2B;AAC3B;AACA;AACA;AACA;AACA,2BAA2B;AAC3B;AACA;AACA;AACA;AACA,2BAA2B;AAC3B;AACA;AACA;AACA,2BAA2B;AAC3B;AACA;AACA,sBAAsB,uBAAgB;AACtC;AACA,iBAAiB,OAAO;AACxB,WAAW,MAAS,OAAO,cAAM;AACjC;AACO;AACP;AACA;AACA,uDAAuD,0BAA0B,GAAG,WAAW;AAC/F;;;ACpDoC;AACiB;AACpB;AAC1B;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,0BAA0B,2BAA2B,OAAO;AAC5D;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kBAAkB,uBAAgB;AAClC;AACA;AACA;AACO;AACP;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,6BAA6B,cAAc;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,6BAA6B,cAAc;AAC3C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,6BAA6B,iCAAiC;AAC9D;AACA;AACA;AACA;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA,0BAA0B;AAC1B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA,8BAA8B,uBAAgB;AAC9C;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA,8BAA8B,uBAAgB;AAC9C;AACA;AACA;AACA;AACA,sBAAsB,uBAAgB;AACtC;AACA,WAAW,SAAM;AACjB;;;AC9IqE;AAC9D,eAAe,iCAAe;AACrC,WAAW,eAAQ;AACnB;;;ACHqD;AAC9C,MAAM,gBAAM,GAAG,MAAgB;AAC/B,MAAM,gBAAM,GAAG,MAAgB;;;ACFe;AACJ;AACN;AACF;AAClC;AACP;AACA,kBAAkB,UAAU;AAC5B,YAAY,qBAAqB;AACjC;AACA,kBAAkB,UAAU;AAC5B;AACA,kBAAkB,UAAU;AAC5B;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA,kBAAkB,gBAAS;AAC3B;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA;AACA;AACA,4BAA4B,OAAO;AACnC;AACA;AACA,kBAAkB,UAAU;AAC5B;AACA,SAAS,QAAQ;AACjB,kBAAkB,UAAU;AAC5B;AACA;;;AC/BA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAUa;;AAEb;AACA;AACA;;AAEO;AACP;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEO;AACP;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA,kEAAkE,cAAc;AAChF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,KAAK;AACL;;AAEA;AACA;AACA;AACA;AACA;AACA,gEAAgE,SAAS;AACzE;AACA,KAAK;AACL;;AAEA;AACA;AACA;AACA;AACA,gEAAgE,SAAS;AACzE;AACA;AACA,KAAK;AACL;;AAEA;AACA;AACA;AACA;AACA;AACA,gEAAgE,SAAS;AACzE;AACA,KAAK;AACL;;AAEA;AACA;AACA;AACA;AACA;AACA,gEAAgE,SAAS;AACzE;AACA,KAAK;AACL;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,WAAW;AACX;;AAEA;AACA;AACA;;AAEA;AACA,0BAA0B,SAAS;AACnC,oBAAoB;AACpB;;AAEA,aAAa,OAAO;AACpB;AACA;AACA,0BAA0B,+CAA+C;AACzE;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA,kCAAkC,OAAO;AACzC,8DAA8D,gBAAgB;AAC9E;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA,eAAe,oCAAoC;AACnD;AACA;AACA;AACA;AACA;AACA;AACA;AACA,KAAK;AACL,GAAG;AACH,mEAAmE,gBAAgB;AACnF;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,KAAK;AACL;AACA,GAAG;AACH,6DAA6D,gBAAgB;AAC7E;AACA;;AAEA;AACA;AACA;;AAEA;AACA,eAAe,kBAAkB;AACjC,UAAU,UAAU,QAAQ,SAAS;AACrC;AACA;AACA,GAAG;;AAEH;AACA,2BAA2B,sBAAsB,OAAO,SAAS;AACjE;AACA;AACA;;AAEA;AACA;AACA;AACA;;AAEA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA,GAAG;;AAEH;AACA;AACA;AACA;;AAEA;AACA,WAAW;AACX;;AAEA;AACA;AACA;;AAEO,MAAM,kBAAO;AACpB,0BAA0B;AAC1B;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA,mBAAmB;AACnB,gBAAgB;;AAEhB;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;;AAEA;AACA;AACA;AACA;AACA,0CAA0C,QAAQ,MAAM,IAAI;AAC5D;;AAEA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;;AAEA;AACA;AACA;AACA;AACA,0CAA0C,KAAK,MAAM,IAAI;AACzD;;AAEA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA,kCAAkC;;AAElC;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA,0BAA0B,iCAAe;;AAEzC;AACA;AACA;AACA;AACA;AACA;AACA;AACA,KAAK;;AAEL;AACA;;AAEA;AACA,yBAAyB;;AAEzB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA,4BAA4B,mCAAmC;AAC/D;AACA;;AAEA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA,QAAQ;AACR;AACA;AACA;AACA,YAAY;AACZ;AACA;AACA;AACA;AACA,QAAQ;AACR;AACA;AACA,KAAK;;AAEL;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA;AACA;;AAEA;AACA;AACA;AACA,kCAAkC;AAClC;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,MAAM;AACN;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA,SAAS,WAAW,EAAE,aAAa;AACnC;AACA;AACA;;AAEA;AACA;AACA,yCAAyC,0BAA0B;;AAEnE;AACA;AACA,wCAAwC,kBAAkB;AAC1D;AACA,wBAAwB,kBAAkB;AAC1C;;AAEA;AACA;AACA;;AAEA;AACA;;AAEA,oBAAoB,SAAS;AAC7B;AACA;;AAEA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA,gBAAgB;AAChB,KAAK;AACL;;AAEA;AACA;AACA,gBAAgB;AAChB,KAAK;AACL;;AAEA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAEA,iDAAe,kEAAO;;;ACvkBtB;;;;;;;GAOG;AAKgB;AAEnB;;GAEG;AACI,MAAM,MAAM,GAAG;IACpB,gBAAgB,EAAE,gBAAgB;IAClC,KAAK,EAAE,OAAO;IACd,MAAM,EAAE,QAAQ;IAChB,eAAe,EAAE,gBAAgB;IACjC,KAAK,EAAE,OAAO;CACN;AAOV;;GAEG;AACH,MAAM,YAAY;IAAlB;QACU,cAAS,GAAoC,IAAI,GAAG,EAAE;IAgBhE,CAAC;IAdC,EAAE,CAAC,KAAa,EAAE,QAAuB;QACvC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,GAAG,EAAE,CAAC;QACtC,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,GAAG,CAAC,QAAQ,CAAC;IAC1C,CAAC;IAED,GAAG,CAAC,KAAa,EAAE,QAAuB;;QACxC,UAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,MAAM,CAAC,QAAQ,CAAC;IAC7C,CAAC;IAED,IAAI,CAAC,KAAa,EAAE,GAAG,IAAe;;QACpC,UAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,0CAAE,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;IACvD,CAAC;CACF;AA+BD;;GAEG;AACI,MAAM,OAAO;IAKlB,YAAY,OAA+B;QACzC,IAAI,CAAC,QAAQ,GAAG,IAAI,kBAAgB,CAAC;YACnC,QAAQ,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ;YAC3B,QAAQ,EAAE,IAAI,eAAe,EAAE;YAC/B,aAAa,EAAE,CAAC,KAAK,EAAE,EAAE;gBACvB,MAAM,MAAM,GAAI,KAAqB,CAAC,MAAM;gBAC5C,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,QAAQ,EAAE,CAAC;oBACrB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;oBAC/B,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAClE,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;gBAClC,CAAC;YACH,CAAC;YACD,YAAY,EAAE,GAAG,EAAE;gBACjB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;YAC3C,CAAC;SACF,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,IAAI,YAAY,EAAE;QACjC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,EAAE;IACvC,CAAC;IAED;;OAEG;IACH,IAAI,MAAM;QACR,OAAO,IAAI,CAAC,OAAO;IACrB,CAAC;IAED;;OAEG;IACH,IAAI,IAAI;;QACN,OAAO;YACL,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ;YAClC,KAAK,EAAE,UAAI,CAAC,QAAQ,CAAC,KAAK,mCAAI,SAAS;YACvC,SAAS,EAAE,IAAI,CAAC,UAAU;YAC1B,cAAc,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ;gBACpC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,GAAG,IAAI,CAAC;gBACpD,CAAC,CAAC,SAAS;SACd;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,sBAAsB,CAAC,OAAwC;QACnE,iCAAiC;QACjC,MAAM,IAAI,GAA0B,OAAO,OAAO,KAAK,QAAQ;YAC7D,CAAC,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE;YAClB,CAAC,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE;QAEjB,IAAI,CAAC;YACH,uCAAuC;YACvC,MAAM,IAAI,CAAC,QAAQ,CAAC,uBAAuB,EAAE;YAE7C,sEAAsE;YACtE,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,IAAI,IAAI,CAAC,sBAAsB,KAAK,KAAK,EAAE,CAAC;gBACrE,IAAI,CAAC;oBACH,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE;gBAC/B,CAAC;gBAAC,MAAM,CAAC;oBACP,qCAAqC;gBACvC,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC,IAAI;QAClB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC;YACtC,OAAO,SAAS;QAClB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,OAAqB;QAC/B,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI;QAC/D,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,EAAE,WAAW,CAAC;IAC5D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE;IAC9B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,GAAsB,EAAE,IAAkB;QACpD,OAAO,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,GAAa,EAAE,IAAI,CAAC;IACrD,CAAC;CACF;AAED,uDAAe,uDAAO;;;ACvLsB;AAErC,MAAM,WAAW,GAAG,IAAI,OAAO,EAAE;;;;;;;;ACFxC,uEAAuE;AAC3B,CAAC,gDAAgD;AAC/D;AAEvB,MAAM,KAAE,GAAG,yBAAc,CAAC,cAAI,CAAC;;;ACJ8B;AAExB;AAGrC,MAAM,QAAQ,GAAG,sBAAG,CACvB,oDAAoD,CACvD;AAEM,SAAS,cAAc,CAAC,KAAK;IAEhC,MAAM,EAAE,GAAG,KAAS;IAEpB,KAAK,UAAU,aAAa,CAAC,GAAc;QACvC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;QAC7B,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC;QACxC,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,EAAE,CAAC;QACxD,CAAC;QACD,OAAO,OAAO,CAAC,KAAK;IACxB,CAAC;IACD;;;;;;;;;;;;OAYG;IACH,SAAS,gBAAgB,CACzB,MAAc,EACd,EAAa,EACb,OAGC;QAED,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CACpB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EACjB,QAAQ,CACX;QAED,OAAO,OAAO,CAAC,OAAO,EAAE;aACnB,IAAI,CAAC,GAAG,EAAE;YACX,IAAI,MAAM,EAAE,CAAC;gBACT,OAAO,MAAmB;YAC9B,CAAC;YAED,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;gBACnC,MAAM,IAAI,KAAK,CAAC,qCAAqC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC1E,CAAC,CAAC;QACF,CAAC,CAAC;aACD,IAAI,CAAC,MAAM,CAAC,EAAE;YACf,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC;YAC3D,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC;YAC5D,CAAC;YACD,OAAO,KAAK,CAAC,OAAO;iBACf,YAAY,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,EAAE;gBACjC,IAAI,EAAE,OAAO;gBACb,WAAW,EAAE,aAAa;aACzB,CAAC;iBACD,IAAI,CAAC,MAAM,CAAC,EAAE;gBACf,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;oBACb,MAAM,IAAI,KAAK,CAAC,0BAA0B,GAAG,MAAM,CAAC,KAAK,CAAC;gBAC9D,CAAC;gBAED,OAAO,MAAM;YACb,CAAC,CAAC;QACN,CAAC,CAAC;IACN,CAAC;IAED;;;OAGG;IACH,SAAS,WAAW,CAAE,MAAc;QAChC,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO;QAC7B,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC;QACjE,CAAC;QAED,OAAO,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACtC,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CAAC,6BAA6B,GAAI,MAAc,CAAC,KAAK,CAAC;YAC1E,CAAC;YAED,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CACxB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EACjB,QAAQ,CACP;YAED,IAAI,CAAC,MAAM,EAAE,CAAC;gBACd,MAAM,IAAI,KAAK,CAAC,0CAA0C,GAAG,MAAM,CAAC;YACpE,CAAC;YAED,OAAO,MAAmB;QAC9B,CAAC,CAAC;IACN,CAAC;IAED;;;;;;;OAOG;IACH,SAAS,UAAU,CACnB,MAAc,EACd,EAAa,EACb,MAAc,EACd,UAGQ,EAAE;QAEN,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,IAAI,EAAE;QACtC,MAAM,CAAC,GAAG,wBAAK,EAAE;QACjB,MAAM,IAAI,GAAG,4BAAS,CAAC,gCAAgC,CAAC;QACxD,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,KAAK,CAAC;QAC7B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;QACzB,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;QACzB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,eAAe,CAAC,EAAE,GAAG,CAAC;QACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC;QACpC,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;YACxB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC;QACvC,CAAC;QACD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC;QAChC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC;QACzC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC;QAC1C,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,CAAC;QAE5C,IAAI,SAAS,CAAC,MAAM,EAAE,CAAC;YACnB,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,KAAK,CAAC;YACzB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,eAAe,CAAC,EAAE,GAAG,CAAC;YACpD,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC;YACpC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC;YACnD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC5C,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,EAAC,kBAAkB;YAClE,CAAC;QACL,CAAC;QACD,OAAO,4BAAS,CAAC,GAAG,EAAE,CAAC,EAAE,MAAM,CAAC;IACpC,CAAC;IACD,OAAO;QACH,aAAa;QACb,gBAAgB;QAChB,UAAU;KACb;AACL,CAAC;;;AC1JsC;AACD;AAEtC;;;;;GAKG;AACI,MAAM,UAAU,GAAG,GAAO,EAAE;IAC/B,IAAI,EAAE,eAAe,EAAE,GAAQ,MAAM;IACrC,eAAe,KAAf,eAAe,GAAK,EAAE;IACtB,eAAe,CAAC,iBAAiB,GAAG,KAAK;IACzC,IAAI,eAAe,CAAC,MAAM,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QAC5C,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI;QACjD,IAAI,WAAW,CAAC,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;YACrD,eAAe,CAAC,iBAAiB,GAAG,IAAI;YACxC,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;YACnE,IAAI,MAAM,EAAE,CAAC;gBACT,IAAI,UAAU,GAAG,eAAe,CAAC,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,IAAI;gBACvE,IAAI,UAAU,EAAE,CAAC;oBACjB,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC;oBAClC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;wBACjD,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC;wBAClC,eAAe,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC;wBAC5C,eAAe,CAAC,iBAAiB,GAAG,KAAK;oBAC7C,CAAC;gBACD,CAAC;YACL,CAAC;QACD,CAAC;IACL,CAAC;IACD,OAAO,eAAe;AAC1B,CAAC;AAED;;;;;;GAMG;AACI,SAAS,aAAa;IACzB,MAAM,EAAE,qBAAqB,EAAE,GAAQ,MAAM;IAC7C,IACE,OAAO,qBAAqB,KAAK,WAAW;QAC5C,qBAAqB,CAAC,QAAQ,EAC9B,CAAC;QACD,aAAa;QACb,GAAS,CAAC,uBAAuB,GAAG,qBAAqB,CAAC,QAAQ,CAAC;QACnE,OAAO,sBAAG,CAAC,qBAAqB,CAAC,QAAQ,CAAC;IAC5C,CAAC;IACD,oFAAoF;IACpF,8HAA8H;IAC9H,IACE,OAAO,QAAQ,KAAK,WAAW;QAC/B,QAAQ,CAAC,QAAQ;QACjB,CAAC,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,kBAAkB,EAC5D,CAAC;QACD,MAAM,GAAG,GAAG,QAAQ,CAAC,cAAc,CAAC,WAAW,CAAC;QAChD,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI;QACrB,MAAM,EAAE,GAAG,GAAG,CAAC,YAAY,CAAC,QAAQ,CAAC;QACrC,IAAI,CAAC,EAAE;YAAE,OAAO,IAAI;QACpB,GAAS,CAAC,mBAAmB,GAAG,EAAE,CAAC;QACnC,OAAO,sBAAG,CAAC,EAAE,CAAC;IAChB,CAAC;IACD,OAAO,IAAI;AACf,CAAC;;;AClEiD;AACI;AAChB;AAC2B;AAG1D,MAAM,eAAe;IAG1B,YAAY,gBAAyB;QACnC,IAAI,CAAC,OAAO,GAAG,gBAAgB;IACjC,CAAC;IAED,6FAA6F;IAC7F,IAAI,WAAW,KAAa,OAAO,IAAI,CAAC,OAAO,EAAC,CAAC;IAEjD,WAAW;QACT,MAAM,GAAG,GAAG,UAAU,EAAE;QACxB,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;YAC1B,OAAO,sBAAG,CAAC,GAAG,CAAC,KAAK,CAAC;QACvB,CAAC;QACD,IAAI,IAAI,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACzG,OAAO,sBAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;QACrC,CAAC;QACD,OAAO,aAAa,EAAE,EAAC,sBAAsB;IAC/C,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,SAAS,CACb,eAA6C;QAE7C,yCAAyC;QACzC,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI;QAC/D,IAAI,oBAAoB,EAAE,CAAC;YACzB,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,sBAAsB,EAAE,oBAAoB,CAAC;QAC3E,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC,GAAG,EAAE,EAAE;YACtD,GAAS,CAAC,uBAAuB,GAAG,EAAE,CAAC;YACvC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,KAAK,GAAG;gBAAE,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,GAAa,CAAC;QACzF,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;QACjD,WAAW,CAAC,IAAI,GAAG,EAAE;QACrB,MAAM,IAAI,CAAC,OAAO;aACf,sBAAsB,CAAC;YACtB,sBAAsB,EAAE,IAAI;YAC5B,GAAG,EAAE,WAAW,CAAC,IAAI;SACtB,CAAC;QAEJ,qDAAqD;QACrD,MAAM,qBAAqB,GAAG,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,sBAAsB,CAAC;QACjF,IAAI,qBAAqB,EAAE,CAAC;YAC1B,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YAC5C,IAAI,MAAM,CAAC,IAAI,KAAK,qBAAqB,EAAE,CAAC;gBAC1C,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;oBACtB,2DAA2D;oBAC3D,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,QAAQ,CAAC,KAAK,EAAE,qBAAqB,CAAC;gBAChE,CAAC;qBAAM,CAAC;oBACN,gEAAgE;oBAChE,QAAQ,CAAC,IAAI,GAAG,qBAAqB;gBACvC,CAAC;gBACD,MAAM,CAAC,IAAI,GAAG,qBAAqB;YACrC,CAAC;YACD,qHAAqH;YACrH,qHAAqH;YACrH,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,sBAAsB,EAAE,EAAE,CAAC;QACzD,CAAC;QAED,qDAAqD;QACrD,IAAI,EAAE,GAAG,aAAa,EAAE;QACxB,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACpE,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;QACtD,IAAI,KAAK,EAAE,CAAC;YACV,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QAC3B,CAAC;QAED,IAAI,EAAE,EAAE,CAAC;YACP,GAAS,CAAC,iBAAiB,EAAE,qBAAqB,CAAC;QACrD,CAAC;QAED,OAAO,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACpE,CAAC;IAED;;;;;;OAMG;IACH,QAAQ,CACN,KAAgC,EAChC,OAA+B;QAE/B,IAAI,QAAgB;QACpB,IAAI,KAAK,EAAE,CAAC;YACV,QAAQ,GAAG,CAAC,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG;YAC1D,MAAM,EAAE,GAAG,4BAAS,CAAC,QAAQ,CAAC;YAC9B,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,EAAE,GAAG,EAAE;YACjB,CAAC;YACD,OAAO,EAAE;QACX,CAAC;QACD,OAAO,IAAI;IACb,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAE,OAAiD;QACjE,MAAM,KAAK,GAAG,QAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,KAAK,KAAI,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI;QACzE,OAAO,KAAK;IACd,CAAC;CAEF;;;AC9HsC;AAEhC,SAAS,QAAQ,CAAC,GAAc;IACnC,OAAO,sBAAG,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,IAAI,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;AACxD,CAAC;AAEM,SAAS,WAAW,CAAE,GAAgB;IACzC,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;IAChC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC;IACzB,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC;IAC7B,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC;IAC7C,OAAO,IAAI,EAAC,4DAA4D;AAC5E,CAAC;AAEM,SAAS,aAAa,CAAC,OAAe,EAAE,IAAU;IACrD,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE;IAClC,MAAM,KAAK,GAAG,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,GAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC;IAChC,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAE,CAAC,CAAE;IACxC,OAAO,IAAI,GAAG,CAAC,aAAa,IAAI,IAAI,KAAK,IAAI,GAAG,IAAI,QAAQ,EAAE,EAAE,OAAO,CAAC,CAAC,QAAQ,EAAE;AACvF,CAAC;AAEM,SAAS,eAAe,CAAC,GAAG;IAC/B,IAAI,CAAC,GAAG,EAAE,CAAC;QACP,OAAO,IAAI;IACf,CAAC;IACD,OAAO,CACH,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,KAAK,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,CAC7D;AACL,CAAC;AAEM,SAAS,sBAAsB,CAAE,EAAY;IAChD,MAAM,QAAQ,GAAG,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,UAAU,EAAE,GAAG,CAAC;IAC1E,uFAAuF;IACvF,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,YAAY;IAC1E,MAAM,OAAO,GAAG,SAAS,GAAG,iBAAiB;IAC7C,OAAO,sBAAG,CAAC,OAAO,CAAC;AACvB,CAAC;AAEM,SAAS,sBAAsB,CAClC,OAAkB,EAClB,OAAkB;IAElB,cAAc;IACd,mEAAmE;IACnE,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAC5B,mBAAmB,IAAI,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,EACjD,OAAO,CAAC,KAAK,CAChB,CAAC,QAAQ,EAAE;IACZ,OAAO,IAAI,wBAAS,CAAC,gBAAgB,CAAC;AAC1C,CAAC;;;ACnDiD;AAEN;AACoB;AAEhE,MAAM,0BAA0B,GAAG,gBAAgB;AAE5C,SAAS,eAAe,CAAC,KAAK,EAAE,YAAY;IAC/C,MAAM,EAAE,GAAG,KAAS;IAEpB,KAAK,UAAU,MAAM,CACjB,aAAwB,EACxB,EAAa,EACb,OAAkB;QAElB,yDAAyD;QACzD,+DAA+D;QAC/D,gCAAgC;QAChC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC;QAEvC,2CAA2C;QAC3C,MAAM,UAAU,GAAG,KAAK,CAAC,GAAG,CACxB,aAAa,EACb,IAAI,wBAAS,CAAC,oDAAoD,CAAC,CACtE;QACD,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC;QAC9C,CAAC;QAED,MAAM,OAAO,GAAG;;;;yBAIC,EAAE,CAAC,KAAK;;;;;;;yBAOR,OAAO,CAAC,KAAK;;;;;aAKzB;QACL,MAAM,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE;YACtD,IAAI,EAAE,OAAO;YACb,WAAW,EAAE,aAAa;SAC7B,CAAC;IACN,CAAC;IAED,KAAK,UAAU,qBAAqB,CAAC,SAAS,EAAE,EAAE;QAC9C,4BAA4B;QAC5B,MAAM,gBAAgB,GAAG,KAAK,CAAC,GAAG,CAC9B,EAAE,EACF,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,CACX;QACrB,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC;QACpD,CAAC;QACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC;QAC1C,MAAM,GAAG,GAAG,QAAQ,CAAC,gBAAgB,CAAC;QACtC,MAAM,GAAG,GAAG;YACR,qBAAE,CACE,GAAG,EACH,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EACd,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAC5B,gBAAgB,CAAC,GAAG,EAAE,CACzB;YACD,qBAAE,CACE,GAAG,EACH,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EACpB,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC,EACtB,gBAAgB,CAAC,GAAG,EAAE,CACzB;YACD,qBAAE,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,SAAS,EAAE,gBAAgB,CAAC,GAAG,EAAE,CAAC;SACnE;QACD,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAClC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,UAAU,IAAI,EAAE,EAAE,EAAE,IAAI;gBAClD,IAAI,CAAC,EAAE,EAAE,CAAC;oBACN,MAAM,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC3B,CAAC;qBAAM,CAAC;oBACJ,OAAO,CAAC,IAAI,CAAC;gBACjB,CAAC;YACL,CAAC,CAAC;QACN,CAAC,CAAC;IACN,CAAC;IAED,KAAK,UAAU,QAAQ,CAAC,OAAkB;QACtC,MAAM,EAAE,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE;QACtC,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,EAAE,CAAC;QACjD,MAAM,aAAa,GAAG,sBAAsB,CAAC,OAAO,EAAE,OAAO,CAAC;QAC9D,IAAI,MAAM,GAAG,IAAI;QACjB,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CACpB,IAAI,wBAAS,CAAC,aAAa,CAAC,KAAK,GAAG,gBAAgB,CAAC,CACxD;QACL,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACT,MAAM,GAAG,KAAK;QAClB,CAAC;QACD,OAAO,EAAE,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE;IACxC,CAAC;IAED,KAAK,UAAU,eAAe,CAC1B,aAAwB,EACxB,EAAa;QAEb,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC;YAC1B,EAAE;YACF,OAAO,EAAE,aAAa,CAAC,KAAK;SAC/B,CAAC;QACF,OAAO,OAAO,CAAC,WAAW;IAC9B,CAAC;IAED,SAAS,OAAO,CAAC,cAA8B;QAC3C,MAAM,EAAE,GAAG,KAAK;QAChB,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO;QAC1B,IAAI,cAAc,CAAC,EAAE,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,gCAAgC,GAAG,cAAc,CAAC,EAAE,CAAC;QACzE,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,cAAc,CAAC,WAAW;YAC3C,cAAc,CAAC,WAAW;gBAC1B,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,OAAO,GAAG,0BAA0B,CAAC,CAAC;QAChE,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE;QAEpC,EAAE,CAAC,GAAG,CACF,WAAW,EACX,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EACd,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC,EACtB,UAAU,CACb;QACD,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,cAAc,EAAE,UAAU,CAAC;QAC/D,EAAE,CAAC,GAAG,CACF,WAAW,EACX,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,EAChB,uBAAI,CAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAChC,UAAU,CACb;QACD,IAAI,cAAc,CAAC,EAAE,EAAE,CAAC;YACpB,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,cAAc,CAAC,EAAE,EAAE,UAAU,CAAC;QACvE,CAAC;QAED,OAAO,IAAI,OAAO,CAAC,UAAU,OAAO,EAAE,MAAM;YACxC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,CACR,UAAU,EACV,EAAE,CAAC,kBAAkB,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,EAClE,aAAa,EACb,UAAU,IAAI,EAAE,EAAE,EAAE,OAAO;gBACvB,IAAI,EAAE,EAAE,CAAC;oBACL,OAAO,CAAC;wBACJ,GAAG,cAAc;wBACjB,WAAW;qBACd,CAAC;gBACN,CAAC;qBAAM,CAAC;oBACJ,MAAM,CACF,IAAI,KAAK,CACL,sCAAsC,GAAG,IAAI,GAAG,KAAK,GAAG,OAAO,CAClE,CACJ;gBACL,CAAC;YACL,CAAC,CACJ;QACL,CAAC,CAAC;IACN,CAAC;IAED;;;;;OAKG;IACH,KAAK,UAAU,OAAO,CAClB,OAAkB,EAClB,eAAe,GAAG,IAAI;QAEtB,MAAM,EAAE,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC;QAC7D,IAAI,MAAM,EAAE,CAAC;YACT,OAAO,IAAI,wBAAS,CAAC,aAAa,CAAC,KAAK,GAAG,0BAA0B,CAAC;QAC1E,CAAC;QAED,IAAI,eAAe,EAAE,CAAC;YAClB,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,aAAa,EAAE,EAAE,CAAC;YAC1D,MAAM,UAAU,CAAC,OAAO,EAAE,SAAS,CAAC;YACpC,MAAM,MAAM,CAAC,aAAa,EAAE,EAAE,EAAE,OAAO,CAAC;YACxC,MAAM,qBAAqB,CAAC,SAAS,EAAE,EAAE,CAAC;YAC1C,OAAO,SAAS;QACpB,CAAC;QACD,OAAO,IAAI;IACf,CAAC;IAED,KAAK,UAAU,UAAU,CAAC,OAAkB,EAAE,SAAoB;;QAC9D,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACvC,MAAM,YAAY,GAAG,KAAK,CAAC,GAAG,CAC1B,OAAO,EACP,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EACf,SAAS,EACT,OAAO,CAAC,GAAG,EAAE,CAChB;QACD,IAAI,CAAC,YAAY,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,CAAC,KAAK,EAAE,CAAC;QAChE,CAAC;QACD,MAAM,UAAU,GAAG;;UAEjB,EAAE,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,SAAS,CAAC,KAAK;SACtC;QAED,MAAM,cAAc,GAAG,MAAM,YAAK,CAAC,OAAO,0CAAE,YAAY,CACpD,MAAM,EACN,YAAY,CAAC,KAAK,EAClB;YACI,IAAI,EAAE,UAAU;YAChB,WAAW,EAAE,aAAa;SAC7B,CACJ;QACD,MAAM,WAAW,GAAG,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;QAC3D,IAAI,CAAC,WAAW,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,6BAA6B,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,MAAM,EAAE,CAAC;QAC1E,CAAC;IACL,CAAC;IACD,OAAO;QACH,MAAM,EAAE,qBAAqB,EAAE,QAAQ,EAAE,eAAe,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO;KACzF;AACL,CAAC;;;AC9N4C;AAEtC,SAAS,gBAAgB,CAAC,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,cAAc,EAAE,QAAQ;IAExF,KAAK,UAAU,cAAc,CAAC,SAAiB,EAAE,IAAY;QAC3D,MAAM,OAAO,GAAc,MAAM,YAAY,CAAC,MAAM,EAAE;QACtD,MAAM,OAAO,GAAc,MAAM,YAAY,CAAC,UAAU,CAAC,OAAO,CAAC;QACjE,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,KAAK,eAAe,kBAAkB,CAAC,IAAI,CAAC,GAAG;QAC3E,MAAM,cAAc,CAAC,eAAe,CAAC,QAAQ,CAAC;QAC9C,4DAA4D;QAC5D,MAAM,YAAY,CAAC,mBAAmB,CAAC;YACrC,UAAU,EAAE,OAAO,CAAC,KAAK;YACzB,SAAS;YACT,aAAa,EAAE,YAAY;YAC3B,MAAM,EAAE,QAAQ;SACjB,CAAC;QACF,OAAO,QAAQ;IACnB,CAAC;IAED,KAAK,UAAU,cAAc,CACzB,IAAgB;QAEhB,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAI,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE;QACpC,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,YAAY,CAAC,IAAI,CAAC;QACnD,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,mBAAmB,CAAC,KAAK,CAAC;QAC5D,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IAC/D,CAAC;IAED,KAAK,UAAU,UAAU,CAAC,GAAW,EAAE,IAAU;QAC/C,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC;QAClD,IAAI,UAAU,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,WAAW,GAAG,EAAE,CAAC;QACnC,CAAC;QACD,MAAM,UAAU,GAAG,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC;QAC3C,MAAM,OAAO,GAAG;YACd,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,MAAM,UAAU,CAAC,IAAI,EAAE;YAC7B,OAAO,EAAE;gBACP,CAAC,cAAc,EAAE,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,0BAA0B,CAAC;aACvF;SACF;QACD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC;QAChE,IAAI,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YAC1C,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE;gBAC9B,MAAM,EAAE,QAAQ;aACjB,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO;QACL,cAAc;QACd,cAAc;QACd,UAAU;KACX;AACH,CAAC;;;ACzDD,MAAM,WAAY,SAAQ,KAAK;IAC3B,YAAY,OAAgB;QACxB,KAAK,CAAC,OAAO,CAAC;QACd,0EAA0E;QAC1E,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,EAAC,0BAA0B;QAC5E,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,EAAC,qCAAqC;IACrE,CAAC;CACJ;AAEM,MAAM,iBAAkB,SAAQ,WAAW;CAAG;AAE9C,MAAM,yBAA0B,SAAQ,WAAW;CAAG;AAEtD,MAAM,wBAAyB,SAAQ,WAAW;CAAG;AAErD,MAAM,aAAc,SAAQ,WAAW;CAAG;AAE1C,MAAM,gBAAiB,SAAQ,WAAW;CAAI;AAE9C,MAAM,iBAAkB,SAAQ,WAAW;CAAG;AAE9C,MAAM,UAAW,SAAQ,WAAW;IAGvC,YAAY,MAAc,EAAE,OAAgB;QACxC,KAAK,CAAC,OAAO,CAAC;QACd,IAAI,CAAC,MAAM,GAAG,MAAM;IACxB,CAAC;CACJ;;;AC3B6J;AACxH;AACM;AAC2B;AAGhE,SAAS,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,YAAY;IACzD,MAAM,EAAE,GAAG,KAAS;IAEpB;;;;;OAKG;IACH,KAAK,UAAU,uBAAuB,CAAC,IAAe;QAClD,IAAI,CAAC;YACD,OAAO,MAAM,eAAe,CAAC,IAAI,CAAC;QACtC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,OAAO,SAAS;QACpB,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,UAAU,eAAe,CAAE,IAAe;QAC3C,MAAM,WAAW,CAAC,IAAI,CAAC;QAEvB,MAAM,uBAAuB,GAAG,sBAAsB,CAAC,IAAI,CAAC;QAC5D,IAAI,eAAe;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,iBAAiB,CAAc,EAAE,uBAAuB,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QAChJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,QAAQ,IAAI,iDAAiD;YAC7E,IAAU,CAAC,OAAO,CAAC;YACnB,qCAAqC;YACrC,IAAI,GAAG,YAAY,gBAAgB,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YAClD,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YACnD,IAAI,GAAG,YAAY,iBAAiB,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YACnD,IAAI,GAAG,YAAY,yBAAyB,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YAC3D,IAAI,GAAG,YAAY,wBAAwB,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YAC1D,IAAI,GAAG,YAAY,UAAU,EAAE,CAAC;gBAAC,MAAM,GAAG;YAAC,CAAC;YAC5C,MAAM,GAAG;QACb,CAAC;QAED,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,eAA4B,CAAC;QAC1D,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC,CAAC,+CAA+C;YAC3D,MAAM,GAAG,GAAG,qCAAqC,IAAI,KAAK,GAAG,EAAE;YAC/D,IAAU,CAAC,GAAG,CAAC;YACf,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC9B,MAAM,IAAI,iBAAiB,EAAE;YACjC,CAAC;YACD,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC9B,IAAI,eAAe,CAAC,eAAe,CAAC,EAAE,CAAC;oBACvC,MAAM,IAAI,yBAAyB,EAAE;gBACrC,CAAC;gBACD,MAAM,IAAI,wBAAwB,EAAE;YACxC,CAAC;YACD;;eAEG;YACH,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC;QACxB,CAAC;QACD,OAAO,eAA4B;IACvC,CAAC;IAED,KAAK,UAAU,WAAW,CAAE,IAAe;QACvC,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC;QAClD,CAAC;QACD,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;QACxC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,kCAAkC,IAAI,KAAK,GAAG,EAAE,CAAC;QACrE,CAAC;QACD,OAAO,IAAI,CAAC,GAAG,EAAE;IACrB,CAAC;IAED,KAAK,UAAU,MAAM;QACjB,MAAM,EAAE,GAAG,KAAK,CAAC,WAAW,EAAE;QAC9B,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC;QAC7D,CAAC;QACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC;QAClC,OAAO,EAAE;IACb,CAAC;IAED,SAAS,UAAU,CAAC,IAAe;QAC/B,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC;QACjC,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC;QAC/C,CAAC;QACD,OAAO,OAAoB;IAC/B,CAAC;IAED,KAAK,UAAU,YAAY,CAAC,IAAe;QACvC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;QAC9B,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QACzE,IAAI,CAAC,SAAS,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC;QACjD,CAAC;QACD,OAAO,SAAsB;IACjC,CAAC;IAED,SAAS,WAAW,CAAC,EAAa;QAC9B,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC;IAClE,CAAC;IAED,OAAO;QACH,MAAM;QACN,UAAU;QACV,YAAY;QACZ,WAAW;QACX,eAAe;QACf,WAAW;QACX,uBAAuB;KAC1B;AACL,CAAC;;;AC3H0C;AAEL;AACM;AACJ;AAEjC,SAAS,oBAAoB,CAAC,KAAK,EAAE,KAAK,EAAE,YAAY,EAAE,YAAY;IACzE,MAAM,EAAE,GAAG,KAAS;IAEpB,SAAS,gBAAgB,CAAC,QAAQ,EAAE,QAAQ;QACxC,OAAO,KAAK;aACP,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC;aAC/C,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YACV,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC;QACzD,CAAC,CAAC;IACV,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,IAAe;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC;QAC/D,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,WAAW,CAAC,IAAI,CAAC;QAEpD,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,CAAC;QAC/C,IAAI,eAAe;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,iBAAiB,CAAc,EAAE,UAAU,EAAE,OAAO,CAAC;QAChI,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,QAAQ,IAAI,qDAAqD;YACjF,IAAU,CAAC,OAAO,CAAC;QACvB,CAAC;QACD,MAAM,YAAY,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,eAA4B,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE;QAEnH,IAAI,eAAe;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,uBAAuB,CAAC,IAAI,CAAC;QACtE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,eAAe,GAAG,IAAI;QAC1B,CAAC;QAED,IAAI,aAAa;QACjB,IAAI,eAAe,EAAE,CAAC,CAAC,0EAA0E;YAC7F,8DAA8D;YAC9D,oDAAoD;YACpD,MAAM,yBAAyB,GAAG,uBAAuB,CAAC,eAAe,CAAC;YAC1E,IAAI,gBAAgB;YACpB,IAAI,CAAC;gBACD,gBAAgB,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC;oBAChF,MAAM,YAAY,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAc,EAAE,yBAAyB,EAAE,eAAe,CAAC;YACtI,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACf,MAAM,OAAO,GAAG,QAAQ,IAAI,8DAA8D;gBAC1F,IAAU,CAAC,OAAO,CAAC;YACvB,CAAC;YACD,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,gBAA6B,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE;QACrH,CAAC;aAAM,CAAC;YACJ,aAAa,GAAG,EAAE;QACtB,CAAC;QACD,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,aAAa,CAAC;QACjD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,MAAM;QACtC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC;QAC9C,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;QACnC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,IAAU,CAAC,+BAA+B,EAAE,GAAG,CAAC;QACpD,CAAC;QACD,OAAO,MAAM;IACjB,CAAC;IAED,KAAK,UAAU,wBAAwB,CAAC,IAAe;QACnD,IAAI,eAAe;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,uBAAuB,CAAC,IAAI,CAAC;QACtE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,QAAQ,IAAI,iDAAiD;YAC7E,IAAU,CAAC,OAAO,CAAC;QACvB,CAAC;QACD,IAAI,eAAe,EAAE,CAAC,CAAC,0EAA0E;YAC7F,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,eAA4B,CAAC,CAAC,MAAM,CACvG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAe,CAAC,CAC9E;YACD,IAAI,MAAM,GAAG,EAAE;YACf,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;gBAC5B,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,kBAAkB,CAAC,GAAgB,CAAQ,CAAC;YAC7E,CAAC;YACD,OAAO,MAAM;QACjB,CAAC;QACD,OAAO,EAAE,EAAC,iBAAiB;IAC/B,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,IAAe;QAC7C,OAAO,CAAC,MAAM,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,wBAAwB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACjG,CAAC;IAED,KAAK,UAAU,qBAAqB,CAAC,KAAgB,EAAE,IAAe;QAClE,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC;QAC7C,IAAI,UAAU,GAAG,EAAE;QACnB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC,KAAK,EAAE,KAAK,CAAQ;YACrE,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC;QAC/C,CAAC;QACD,OAAO,UAAU;IACrB,CAAC;IAED,oEAAoE;IACpE,oFAAoF;IACpF,EAAE;IACF,KAAK,UAAU,eAAe,CAAC,KAAgB;QAC3C,MAAM,IAAI,GAAG,KAAK,CAAC,WAAW,EAAE;QAChC,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC;QAC9E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,KAAK,EAAE,IAAI,CAAC;QACnE,OAAO,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC;IAC5D,CAAC;IAED,SAAS,sBAAsB,CAAC,EAAa;;QACzC,OAAO,sBAAG,CAAC,SAAE,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,0CAAE,GAAG,IAAG,qBAAqB,CAAC;IAC3D,CAAC;IACD,2DAA2D;IAE3D,SAAS,uBAAuB,CAAC,eAA0B;;QACvD,OAAO,sBAAG,CAAC,sBAAe,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,0CAAE,GAAG,IAAG,sBAAsB,CAAC;IACzE,CAAC;IAED;;;;MAIE;IACF,KAAK,UAAU,mBAAmB,CAC9B,QAAmB,EACnB,KAAgB,EAChB,QAAmB;QAGnB,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC;QACpC,MAAM,GAAG,GAAG;YACR,2EAA2E;YAC3E,qBAAE,CAAC,YAAY,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,KAAK,CAAC;YACrE,qBAAE,CAAC,YAAY,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC;YACvD,qBAAE,CAAC,YAAY,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC;SAC1D;QACD,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC;QACvC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,sBAAsB,QAAQ,aAAa,KAAK,KAAK,GAAG,EAAE;YACtE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;YACjB,OAAO,IAAI;QACf,CAAC;QACD,OAAO,YAAY;IACvB,CAAC;IAED,KAAK,UAAU,2BAA2B,CAAC,IAAI;QAC3C,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAc;QAC/F,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,0DAA0D,IAAI,CAAC,QAAQ,EAAE,CAAC;QACpG,MAAM,UAAU,GAAG,KAAK,CAAC,kBAAkB,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;QAC9E,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;IAC9C,CAAC;IAED,KAAK,UAAU,sBAAsB,CAAC,KAAqB,EAAE,QAA0B;QACnF,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK;QACzB,MAAM,OAAO,GAAgB,EAAE;QAC/B,MAAM,aAAa,GAAG,KAAK,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC;aAClF,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;aAClF,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC;QAC1B,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC;YAC/D,IAAI,CAAC,QAAQ,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1C,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC;gBACpE,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;oBACjC,OAAO,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;gBAChD,CAAC;gBACD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC;gBAC9E,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;oBAChC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;oBAClC,OAAO,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,sBAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,KAAK,EAAG,KAAK,EAAE,CAAC;gBACxE,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,OAAO;IAClB,CAAC;IAED,OAAO;QACH,mBAAmB;QACnB,gBAAgB;QAChB,kBAAkB;QAClB,wBAAwB;QACxB,kBAAkB;QAClB,qBAAqB;QACrB,eAAe;QACf,sBAAsB;QACtB,uBAAuB;QACvB,2BAA2B;QAC3B,sBAAsB;KACzB;AACL,CAAC;;;AC/LiD;AAElD;;GAEG;AACI,SAAS,oBAAoB,CAAC,KAAK;IAEtC,SAAS,oBAAoB,CAAC,aAAwB;QAClD,OAAO,KAAK;aACP,kBAAkB,CACf,aAAa,EACb,sBAAG,CAAC,mCAAmC,CAAC,EACxC,SAAS,CACZ;aACA,GAAG,CAAC,CAAC,EAAa,EAAE,EAAE,CAAC,EAAE,CAAC,MAAmB,CAAC;IACvD,CAAC;IAED,SAAS,WAAW,CAAC,GAAc;QAC/B,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK;QAC9B,OAAO,YAAY,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,GAAG;IAC/D,CAAC;IAED,KAAK,UAAU,eAAe,CAAC,GAAW;QACtC,MAAM,YAAY,GAAG,sBAAG,CAAC,GAAG,CAAC;QAC7B,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,EAAE,CAAC;QACjD,CAAC;QACD,oHAAoH;QACpH,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACL,cAAc,EAAE,aAAa;gBAC7B,eAAe,EAAE,GAAG;gBACpB,IAAI,EAAE,uDAAuD,EAAE,+DAA+D;aACjI;YACD,IAAI,EAAE,GAAG,EAAE,iGAAiG;SAC/G,CAAC;QACF,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,eAAe,MAAM,CAAC,MAAM,yCAAyC,GAAG,EAAE,CAAC;QAC/F,CAAC;IACL,CAAC;IAED,KAAK,UAAU,mBAAmB,CAAC,YAAuB;QACtD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC;QACtC,OAAO,oBAAoB,CAAC,YAAY,CAAC;IAC7C,CAAC;IACD,OAAO;QACH,WAAW;QACX,eAAe;QACf,oBAAoB;QACpB,mBAAmB;KACtB;AACL,CAAC;;;ACpD0C;AACmH;AACxH;AACG;AAElC,SAAS,kBAAkB,CAAC,KAAK,EAAE,QAAQ,EAAE,cAAc;IAEhE,KAAK,UAAU,eAAe,CAAC,aAAwB;QACnD,IAAI,CAAC;YACH,IAAI,cAAc,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;gBAC9C,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,aAAa,CAAC,aAAa,CAAC;gBAC7D,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;gBAC3D,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC,mBAAmB,CAAC,aAAa,CAAC;gBAChF,MAAM,OAAO,CAAC,GAAG,CACf,gBAAgB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CACpD;YACH,CAAC;YACD,MAAM,gBAAgB,GAAG,aAAa,CAAC,KAAK;YAC5C,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,gBAAgB,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;QACrE,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAS,CAAC,0BAA0B,aAAa,CAAC,KAAK,oBAAoB,EAAE,CAAC,CAAC;QACjF,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,UAAU,uBAAuB,CAAC,GAAc;QACnD,IAAI,QAAQ;QACZ,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;QAC1C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAChC,IAAI,CAAC;oBACH,MAAM,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,WAAW,EAAE,aAAa,EAAE,CAAC;gBACxF,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,MAAM,GAAG,GAAG,iCAAiC,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG;oBAChE,MAAM,IAAI,iBAAiB,CAAC,GAAG,CAAC;gBAClC,CAAC;gBACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;YAC/B,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAChC,MAAM,IAAI,iBAAiB,EAAE;gBAC/B,CAAC;gBACD,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAChC,IAAI,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC;wBACzB,MAAM,IAAI,yBAAyB,EAAE;oBACvC,CAAC;oBACD,MAAM,IAAI,wBAAwB,EAAE;gBACtC,CAAC;gBACD,MAAM,GAAG,GAAG,6CAA6C,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG;gBAC5E,MAAM,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC;YACrD,CAAC;QACH,CAAC;QACD,OAAO,QAAQ;IACjB,CAAC;IAED;;;MAGE;IACF,KAAK,UAAU,kBAAkB,CAAC,OAAkB,EAAE,SAAoB,EACxE,MAAiB,EAAE,GAAc;QAEjC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;QAC7B,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,CAAC;QAEvD,IAAI,MAAM;YAAE,OAAO,MAAmB;QACtC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACjC,MAAM,GAAG,GAAG,mCAAmC,GAAG,CAAC,KAAK,EAAE;YAC1D,IAAU,CAAC,GAAG,CAAC;YACf,MAAM,IAAI,gBAAgB,CAAC,GAAG,CAAC;QACjC,CAAC;QACD,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,qBAAE,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;QACvE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,4CAA4C,GAAG,OAAO,MAAM,KAAK,GAAG,EAAE;YAClF,IAAU,CAAC,GAAG,CAAC;YACf,MAAM,IAAI,iBAAiB,CAAC,GAAG,CAAC;QAClC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,uBAAuB,CAAC,MAAM,CAAC;YACrC,qFAAqF;QACvF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAU,CAAC,oEAAoE,MAAM,KAAK,GAAG,EAAE,CAAC;YAChG,MAAM,GAAG;QACX,CAAC;QACD,OAAO,MAAM;IACf,CAAC;IAED,6GAA6G;IAC7G,KAAK,UAAU,mBAAmB,CAAC,OAMlC;QACC,IAAI,GAAG,GAAG;YACR,gDAAgD;YAChD,EAAE;YACF,+CAA+C,OAAO,CAAC,UAAU,IAAI;YACrE,mBAAmB,OAAO,CAAC,MAAM,IAAI;YACrC,kBAAkB,OAAO,CAAC,MAAM,IAAI;YACpC,8CAA8C;YAC9C,EAAE;SACH,CAAC,IAAI,CAAC,IAAI,CAAC;QACZ,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;YAC1B,GAAG,IAAI;gBACL,qCAAqC;gBACrC,gBAAgB,OAAO,CAAC,SAAS,IAAI;gBACrC,mBAAmB,OAAO,CAAC,MAAM,IAAI;gBACrC,cAAc,OAAO,CAAC,aAAa,GAAG;gBACtC,EAAE;aACH,CAAC,IAAI,CAAC,IAAI,CAAC;QACd,CAAC;QACD,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;YACzB,GAAG,IAAI;gBACL,oCAAoC;gBACpC,gBAAgB,OAAO,CAAC,SAAS,IAAI;gBACrC,kBAAkB,OAAO,CAAC,MAAM,IAAI;gBACpC,cAAc,OAAO,CAAC,YAAY,GAAG;gBACrC,EAAE;aACH,CAAC,IAAI,CAAC,IAAI,CAAC;QACd,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,aAAa,CAAC,sBAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACnE,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE;YACrC,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,GAAG;YACT,OAAO,EAAE;gBACP,CAAC,cAAc,EAAE,aAAa,CAAC;aAChC;SACF,CAAC;IACJ,CAAC;IAED,KAAK,UAAU,iBAAiB,CAAC,GAAc,EAAE,OAAe;QAC9D,MAAM,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,GAAG,EAAE;YAC/C,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,IAAI,OAAO;GACnC;YACG,WAAW,EAAE,aAAa;SAC3B,CAAC;IACJ,CAAC;IAED,OAAO;QACL,eAAe;QACf,mBAAmB;QACnB,iBAAiB;QACjB,kBAAkB;QAClB,uBAAuB;KACxB;AACH,CAAC;;;ACzJ4B;AAEmB;AACU;AACP;AACG;AACM;AACM;AACL;AACJ;AAEnB;AACtC;;;;;EAKE;AACK,SAAS,gBAAgB,CAAC,YAA4D,EAAE,OAAgB;IAE3G,GAAS,CAAC,0EAA0E,CAAC;IACrF,MAAM,KAAK,GAAc,oBAAS,EAAe;IACjD,sBAAW,CAAC,KAAK,EAAE,EAAC,KAAK,EAAE,YAAY,CAAC,KAAK,EAAC,CAAC,EAAC,yCAAyC;IACzF,KAAK,CAAC,OAAO,GAAG,IAAI,4BAAiB,CAAC,KAAK,CAAC,EAAC,2CAA2C;IACxF,KAAK,CAAC,QAAQ,GAAG,EAAE,EAAC,+CAA+C;IAEnE,MAAM,KAAK,GAAe,IAAI,eAAe,CAAC,OAAO,CAAC;IAEtD,MAAM,GAAG,GAAG,cAAc,CAAC,KAAK,CAAC;IACjC,MAAM,cAAc,GAAG,oBAAoB,CAAC,KAAK,CAAC;IAClD,MAAM,YAAY,GAAG,kBAAkB,CAAC,KAAK,EAAE,GAAG,EAAE,cAAc,CAAC;IACnE,MAAM,OAAO,GAAG,kBAAkB,CAAC,KAAK,EAAE,KAAK,EAAE,YAAY,CAAC;IAC9D,MAAM,IAAI,GAAG,eAAe,CAAC,KAAK,EAAE,OAAO,CAAC;IAC5C,MAAM,KAAK,GAAG,gBAAgB,CAAC,KAAK,EAAE,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,GAAG,CAAC;IACjF,MAAM,SAAS,GAAG,oBAAoB,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,YAAY,CAAC;IAC3E,GAAS,CAAC,6BAA6B,CAAC;IAExC,SAAS,IAAI,CAAC,GAAqC;QAC/C,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;IAClC,CAAC;IAED,qEAAqE;IACrE,SAAS,aAAa,CAClB,GAAqB,EACrB,MAAwB,EAAE;QAE1B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACvC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,IAAI,EAAE,EAAE,EAAE,SAAS;gBACxD,IAAI,CAAC,EAAE,EAAE,CAAC;oBACV,MAAM,CAAC,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC;gBAC5B,CAAC;qBAAM,CAAC;oBACR,OAAO,EAAE;gBACT,CAAC;YACL,CAAC,CAAC,EAAC,WAAW;QACd,CAAC,CAAC,EAAC,UAAU;IACjB,CAAC;IAED,SAAS,UAAU;QACf,KAAK,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO;QACH,KAAK;QACL,KAAK;QACL,GAAG;QACH,KAAK;QACL,IAAI;QACJ,OAAO;QACP,SAAS;QACT,IAAI;QACJ,aAAa;QACb,UAAU;KACb;AACL,CAAC;;;AC1EqC;AACkB;AACT;AAG/C,MAAM,MAAM,GAAG,KAAK,EAAE,GAAG,EAAE,WAAW,EAAE,EAAE;IACtC,MAAM,SAAS,GAAG,WAAW,IAAI,WAAW,CAAC,WAAW,IAAI,WAAW,CAAC,WAAW,IAAI,MAAM;IAC7F,IAAI,WAAW,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,oDAAoD;QAC5F,uDAAuD;QACvD,OAAO,WAAW,CAAC,KAAK,CAAC,GAAG,EAAE,WAAW,CAAC;IAC9C,CAAC;SAAM,CAAC;QACJ,OAAO,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,WAAW,CAAC;IACzC,CAAC;AACL,CAAC;AAED,0EAA0E;AAC1E,MAAM,gBAAgB,GAAG,MAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC;AAO5D,MAAM,YAAY,GAAG,CAAC,OAAO,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,qBAAM,CAAwB;AAE7F,SAAS,oBAAoB;IACzB,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAClC,GAAS,CAAC,qDAAqD,CAAC;QAChE,YAAY,CAAC,gBAAgB,CAAC,GAAG,gBAAgB,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,WAAW,CAAC;QACjF,GAAS,CAAC,+BAA+B,CAAC;IAC9C,CAAC;SAAM,CAAC;QACJ,GAAS,CAAC,uDAAuD,CAAC;IACtE,CAAC;IACD,OAAO,YAAY,CAAC,gBAAgB,CAAE;AAC1C,CAAC;AACD,mEAAmE;AACnE,MAAM,mBAAmB,GAAG,oBAAoB,EAAE;AAEpB;;;ACtC9B,MAAM,eAAe,GAAG;IACtB;QACE,IAAI,EAAE,iBAAiB;QACvB,GAAG,EAAE,4BAA4B;KAClC;IACD;QACE,IAAI,EAAE,WAAW;QACjB,GAAG,EAAE,sBAAsB;KAC5B;IACD;QACE,IAAI,EAAE,cAAc;QACpB,GAAG,EAAE,qBAAqB;KAC3B;IACD;QACE,IAAI,EAAE,YAAY;QAClB,GAAG,EAAE,0BAA0B;KAChC;CACF;AAED;;GAEG;AACI,SAAS,mBAAmB;IAC/B,yCAAyC;IACzC,MAAM,OAAO,GAAG,CAAC,GAAG,eAAe,CAAC;IAEpC,mDAAmD;IACnD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;IACzD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC,EAAE,CAAC;QACpF,OAAO,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;IAC9C,CAAC;IAED,OAAO,OAAO;AAChB,CAAC;AAEH,SAAS,aAAa,CAAE,SAAiB,EAAE,MAAc;IACrD,MAAM,GAAG,GAAG,SAAS,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC;IAChD,OAAO,GAAG,GAAG,CAAC,IAAI,SAAS,CAAC,GAAG,CAAC,KAAK,GAAG,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;AAC1E,CAAC;;;ACvCD,mFAAmF;AACnF,8DAA8D;AACG;AAEjE,MAAM,KAAK,GAAG,mBAAmB,CAAC,KAAK;AACvC,MAAM,eAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,WAAW;AACzD,MAAM,KAAK,GAAG,mBAAmB,CAAC,KAAK;AAEE;AACmB;AACF;AACO;AAE2G;AAO3K","sources":["webpack://SolidLogic/webpack/universalModuleDefinition","webpack://SolidLogic/external umd \"$rdf\"","webpack://SolidLogic/./node_modules/solid-namespace/index.js","webpack://SolidLogic/webpack/bootstrap","webpack://SolidLogic/webpack/runtime/compat get default export","webpack://SolidLogic/webpack/runtime/define property getters","webpack://SolidLogic/webpack/runtime/global","webpack://SolidLogic/webpack/runtime/hasOwnProperty shorthand","webpack://SolidLogic/webpack/runtime/make namespace object","webpack://SolidLogic/./src/util/debug.ts","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/webcrypto.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/invalid_key_input.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/buffer_utils.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/base64url.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/is_key_like.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/key_to_jwk.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/export.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/errors.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/subtle_dsa.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/check_key_length.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/crypto_key.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_object.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_jwk.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/jwk_to_key.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/normalize_key.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/get_sign_verify_key.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/sign.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_disjoint.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/check_key_type.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_crit.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/sign.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/sign.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/epoch.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/secs.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/produce.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/sign.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/fetch_jwks.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/import.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/local.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/remote.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/verify.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_algorithms.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/verify.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/verify.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/jwt_claims_set.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/verify.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/digest.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwk/thumbprint.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/generate.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/generate_key_pair.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/base64url.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/decode_jwt.js","webpack://SolidLogic/./node_modules/solid-oidc/solid-oidc.js","webpack://SolidLogic/./src/authSession/solidOidcAdapter.ts","webpack://SolidLogic/./src/authSession/authSession.ts","webpack://SolidLogic/./src/util/ns.ts","webpack://SolidLogic/./src/acl/aclLogic.ts","webpack://SolidLogic/./src/authn/authUtil.ts","webpack://SolidLogic/./src/authn/SolidAuthnLogic.ts","webpack://SolidLogic/./src/util/utils.ts","webpack://SolidLogic/./src/chat/chatLogic.ts","webpack://SolidLogic/./src/inbox/inboxLogic.ts","webpack://SolidLogic/./src/logic/CustomError.ts","webpack://SolidLogic/./src/profile/profileLogic.ts","webpack://SolidLogic/./src/typeIndex/typeIndexLogic.ts","webpack://SolidLogic/./src/util/containerLogic.ts","webpack://SolidLogic/./src/util/utilityLogic.ts","webpack://SolidLogic/./src/logic/solidLogic.ts","webpack://SolidLogic/./src/logic/solidLogicSingleton.ts","webpack://SolidLogic/./src/issuer/issuerLogic.ts","webpack://SolidLogic/./src/index.ts"],"sourcesContent":["(function webpackUniversalModuleDefinition(root, factory) {\n\tif(typeof exports === 'object' && typeof module === 'object')\n\t\tmodule.exports = factory(require(\"$rdf\"));\n\telse if(typeof define === 'function' && define.amd)\n\t\tdefine(\"SolidLogic\", [\"$rdf\"], factory);\n\telse if(typeof exports === 'object')\n\t\texports[\"SolidLogic\"] = factory(require(\"$rdf\"));\n\telse\n\t\troot[\"SolidLogic\"] = factory(root[\"$rdf\"]);\n})(this, (__WEBPACK_EXTERNAL_MODULE__264__) => {\nreturn ","module.exports = __WEBPACK_EXTERNAL_MODULE__264__;","/**\n * Provides a way to access commonly used namespaces\n *\n * Usage:\n *\n * ```\n * const $rdf = require('rdflib'); //or any other RDF/JS-compatible library\n * const ns = require('solid-namespace')($rdf);\n * const store = $rdf.graph();\n *\n * let me = ...;\n * let name = store.any(me, ns.vcard(‘fn’)) || store.any(me, ns.foaf(‘name’));\n * ```\n * @module vocab\n */\nconst aliases = {\n acl: 'http://www.w3.org/ns/auth/acl#',\n arg: 'http://www.w3.org/ns/pim/arg#',\n as: 'https://www.w3.org/ns/activitystreams#',\n bookmark: 'http://www.w3.org/2002/01/bookmark#',\n cal: 'http://www.w3.org/2002/12/cal/ical#',\n cco: 'http://www.ontologyrepository.com/CommonCoreOntologies/',\n cert: 'http://www.w3.org/ns/auth/cert#',\n contact: 'http://www.w3.org/2000/10/swap/pim/contact#',\n dc: 'http://purl.org/dc/elements/1.1/',\n dct: 'http://purl.org/dc/terms/',\n doap: 'http://usefulinc.com/ns/doap#',\n foaf: 'http://xmlns.com/foaf/0.1/',\n geo: 'http://www.w3.org/2003/01/geo/wgs84_pos#',\n gpx: 'http://www.w3.org/ns/pim/gpx#',\n gr: 'http://purl.org/goodrelations/v1#',\n http: 'http://www.w3.org/2007/ont/http#',\n httph: 'http://www.w3.org/2007/ont/httph#',\n icalTZ: 'http://www.w3.org/2002/12/cal/icaltzd#', // Beware: not cal:\n ldp: 'http://www.w3.org/ns/ldp#',\n link: 'http://www.w3.org/2007/ont/link#',\n log: 'http://www.w3.org/2000/10/swap/log#',\n meeting: 'http://www.w3.org/ns/pim/meeting#',\n mo: 'http://purl.org/ontology/mo/',\n org: 'http://www.w3.org/ns/org#',\n owl: 'http://www.w3.org/2002/07/owl#',\n pad: 'http://www.w3.org/ns/pim/pad#',\n patch: 'http://www.w3.org/ns/pim/patch#',\n prov: 'http://www.w3.org/ns/prov#',\n pto: 'http://www.productontology.org/id/',\n qu: 'http://www.w3.org/2000/10/swap/pim/qif#',\n trip: 'http://www.w3.org/ns/pim/trip#',\n rdf: 'http://www.w3.org/1999/02/22-rdf-syntax-ns#',\n rdfs: 'http://www.w3.org/2000/01/rdf-schema#',\n rss: 'http://purl.org/rss/1.0/',\n sched: 'http://www.w3.org/ns/pim/schedule#',\n schema: 'http://schema.org/', // @@ beware confusion with documents no 303\n sioc: 'http://rdfs.org/sioc/ns#',\n skos: 'http://www.w3.org/2004/02/skos/core#',\n solid: 'http://www.w3.org/ns/solid/terms#',\n space: 'http://www.w3.org/ns/pim/space#',\n stat: 'http://www.w3.org/ns/posix/stat#',\n tab: 'http://www.w3.org/2007/ont/link#',\n tabont: 'http://www.w3.org/2007/ont/link#',\n ui: 'http://www.w3.org/ns/ui#',\n vann: 'http://purl.org/vocab/vann/',\n vcard: 'http://www.w3.org/2006/vcard/ns#',\n wf: 'http://www.w3.org/2005/01/wf/flow#',\n xsd: 'http://www.w3.org/2001/XMLSchema#',\n}\n\n/**\n * @param [rdflib] {RDF} Optional RDF Library (such as rdflib.js or rdf-ext) to inject\n */\nfunction vocab (rdf = { namedNode: u => u }) {\n const namespaces = {}\n for (const alias in aliases) {\n const expansion = aliases[alias]\n namespaces[alias] = function (localName = '') {\n return rdf.namedNode(expansion + localName)\n }\n };\n\n return namespaces\n};\n\nmodule.exports = vocab\n","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\t__webpack_modules__[moduleId](module, module.exports, __webpack_require__);\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","// getDefaultExport function for compatibility with non-harmony modules\n__webpack_require__.n = (module) => {\n\tvar getter = module && module.__esModule ?\n\t\t() => (module['default']) :\n\t\t() => (module);\n\t__webpack_require__.d(getter, { a: getter });\n\treturn getter;\n};","// define getter functions for harmony exports\n__webpack_require__.d = (exports, definition) => {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","__webpack_require__.g = (function() {\n\tif (typeof globalThis === 'object') return globalThis;\n\ttry {\n\t\treturn this || new Function('return this')();\n\t} catch (e) {\n\t\tif (typeof window === 'object') return window;\n\t}\n})();","__webpack_require__.o = (obj, prop) => (Object.prototype.hasOwnProperty.call(obj, prop))","// define __esModule on exports\n__webpack_require__.r = (exports) => {\n\tif(typeof Symbol !== 'undefined' && Symbol.toStringTag) {\n\t\tObject.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });\n\t}\n\tObject.defineProperty(exports, '__esModule', { value: true });\n};","\nexport function log(...args: any[]): void {\n console.log(...args)\n}\n\nexport function warn(...args: any[]): void {\n console.warn(...args)\n}\n\nexport function error(...args: any[]): void {\n console.error(...args)\n}\n\nexport function trace(...args: any[]): void {\n console.trace(...args)\n}\n","export default crypto;\nexport const isCryptoKey = (key) => key instanceof CryptoKey;\n","function message(msg, actual, ...types) {\n types = types.filter(Boolean);\n if (types.length > 2) {\n const last = types.pop();\n msg += `one of type ${types.join(', ')}, or ${last}.`;\n }\n else if (types.length === 2) {\n msg += `one of type ${types[0]} or ${types[1]}.`;\n }\n else {\n msg += `of type ${types[0]}.`;\n }\n if (actual == null) {\n msg += ` Received ${actual}`;\n }\n else if (typeof actual === 'function' && actual.name) {\n msg += ` Received function ${actual.name}`;\n }\n else if (typeof actual === 'object' && actual != null) {\n if (actual.constructor?.name) {\n msg += ` Received an instance of ${actual.constructor.name}`;\n }\n }\n return msg;\n}\nexport default (actual, ...types) => {\n return message('Key must be ', actual, ...types);\n};\nexport function withAlg(alg, actual, ...types) {\n return message(`Key for the ${alg} algorithm must be `, actual, ...types);\n}\n","import digest from '../runtime/digest.js';\nexport const encoder = new TextEncoder();\nexport const decoder = new TextDecoder();\nconst MAX_INT32 = 2 ** 32;\nexport function concat(...buffers) {\n const size = buffers.reduce((acc, { length }) => acc + length, 0);\n const buf = new Uint8Array(size);\n let i = 0;\n for (const buffer of buffers) {\n buf.set(buffer, i);\n i += buffer.length;\n }\n return buf;\n}\nexport function p2s(alg, p2sInput) {\n return concat(encoder.encode(alg), new Uint8Array([0]), p2sInput);\n}\nfunction writeUInt32BE(buf, value, offset) {\n if (value < 0 || value >= MAX_INT32) {\n throw new RangeError(`value must be >= 0 and <= ${MAX_INT32 - 1}. Received ${value}`);\n }\n buf.set([value >>> 24, value >>> 16, value >>> 8, value & 0xff], offset);\n}\nexport function uint64be(value) {\n const high = Math.floor(value / MAX_INT32);\n const low = value % MAX_INT32;\n const buf = new Uint8Array(8);\n writeUInt32BE(buf, high, 0);\n writeUInt32BE(buf, low, 4);\n return buf;\n}\nexport function uint32be(value) {\n const buf = new Uint8Array(4);\n writeUInt32BE(buf, value);\n return buf;\n}\nexport function lengthAndInput(input) {\n return concat(uint32be(input.length), input);\n}\nexport async function concatKdf(secret, bits, value) {\n const iterations = Math.ceil((bits >> 3) / 32);\n const res = new Uint8Array(iterations * 32);\n for (let iter = 0; iter < iterations; iter++) {\n const buf = new Uint8Array(4 + secret.length + value.length);\n buf.set(uint32be(iter + 1));\n buf.set(secret, 4);\n buf.set(value, 4 + secret.length);\n res.set(await digest('sha256', buf), iter * 32);\n }\n return res.slice(0, bits >> 3);\n}\n","import { encoder, decoder } from '../lib/buffer_utils.js';\nexport const encodeBase64 = (input) => {\n let unencoded = input;\n if (typeof unencoded === 'string') {\n unencoded = encoder.encode(unencoded);\n }\n const CHUNK_SIZE = 0x8000;\n const arr = [];\n for (let i = 0; i < unencoded.length; i += CHUNK_SIZE) {\n arr.push(String.fromCharCode.apply(null, unencoded.subarray(i, i + CHUNK_SIZE)));\n }\n return btoa(arr.join(''));\n};\nexport const encode = (input) => {\n return encodeBase64(input).replace(/=/g, '').replace(/\\+/g, '-').replace(/\\//g, '_');\n};\nexport const decodeBase64 = (encoded) => {\n const binary = atob(encoded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n};\nexport const decode = (input) => {\n let encoded = input;\n if (encoded instanceof Uint8Array) {\n encoded = decoder.decode(encoded);\n }\n encoded = encoded.replace(/-/g, '+').replace(/_/g, '/').replace(/\\s/g, '');\n try {\n return decodeBase64(encoded);\n }\n catch {\n throw new TypeError('The input to be decoded is not correctly encoded.');\n }\n};\n","import { isCryptoKey } from './webcrypto.js';\nexport default (key) => {\n if (isCryptoKey(key)) {\n return true;\n }\n return key?.[Symbol.toStringTag] === 'KeyObject';\n};\nexport const types = ['CryptoKey'];\n","import crypto, { isCryptoKey } from './webcrypto.js';\nimport invalidKeyInput from '../lib/invalid_key_input.js';\nimport { encode as base64url } from './base64url.js';\nimport { types } from './is_key_like.js';\nconst keyToJWK = async (key) => {\n if (key instanceof Uint8Array) {\n return {\n kty: 'oct',\n k: base64url(key),\n };\n }\n if (!isCryptoKey(key)) {\n throw new TypeError(invalidKeyInput(key, ...types, 'Uint8Array'));\n }\n if (!key.extractable) {\n throw new TypeError('non-extractable CryptoKey cannot be exported as a JWK');\n }\n const { ext, key_ops, alg, use, ...jwk } = await crypto.subtle.exportKey('jwk', key);\n return jwk;\n};\nexport default keyToJWK;\n","import { toSPKI as exportPublic } from '../runtime/asn1.js';\nimport { toPKCS8 as exportPrivate } from '../runtime/asn1.js';\nimport keyToJWK from '../runtime/key_to_jwk.js';\nexport async function exportSPKI(key) {\n return exportPublic(key);\n}\nexport async function exportPKCS8(key) {\n return exportPrivate(key);\n}\nexport async function exportJWK(key) {\n return keyToJWK(key);\n}\n","export class JOSEError extends Error {\n constructor(message, options) {\n super(message, options);\n this.code = 'ERR_JOSE_GENERIC';\n this.name = this.constructor.name;\n Error.captureStackTrace?.(this, this.constructor);\n }\n}\nJOSEError.code = 'ERR_JOSE_GENERIC';\nexport class JWTClaimValidationFailed extends JOSEError {\n constructor(message, payload, claim = 'unspecified', reason = 'unspecified') {\n super(message, { cause: { claim, reason, payload } });\n this.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED';\n this.claim = claim;\n this.reason = reason;\n this.payload = payload;\n }\n}\nJWTClaimValidationFailed.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED';\nexport class JWTExpired extends JOSEError {\n constructor(message, payload, claim = 'unspecified', reason = 'unspecified') {\n super(message, { cause: { claim, reason, payload } });\n this.code = 'ERR_JWT_EXPIRED';\n this.claim = claim;\n this.reason = reason;\n this.payload = payload;\n }\n}\nJWTExpired.code = 'ERR_JWT_EXPIRED';\nexport class JOSEAlgNotAllowed extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JOSE_ALG_NOT_ALLOWED';\n }\n}\nJOSEAlgNotAllowed.code = 'ERR_JOSE_ALG_NOT_ALLOWED';\nexport class JOSENotSupported extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JOSE_NOT_SUPPORTED';\n }\n}\nJOSENotSupported.code = 'ERR_JOSE_NOT_SUPPORTED';\nexport class JWEDecryptionFailed extends JOSEError {\n constructor(message = 'decryption operation failed', options) {\n super(message, options);\n this.code = 'ERR_JWE_DECRYPTION_FAILED';\n }\n}\nJWEDecryptionFailed.code = 'ERR_JWE_DECRYPTION_FAILED';\nexport class JWEInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWE_INVALID';\n }\n}\nJWEInvalid.code = 'ERR_JWE_INVALID';\nexport class JWSInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWS_INVALID';\n }\n}\nJWSInvalid.code = 'ERR_JWS_INVALID';\nexport class JWTInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWT_INVALID';\n }\n}\nJWTInvalid.code = 'ERR_JWT_INVALID';\nexport class JWKInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWK_INVALID';\n }\n}\nJWKInvalid.code = 'ERR_JWK_INVALID';\nexport class JWKSInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWKS_INVALID';\n }\n}\nJWKSInvalid.code = 'ERR_JWKS_INVALID';\nexport class JWKSNoMatchingKey extends JOSEError {\n constructor(message = 'no applicable key found in the JSON Web Key Set', options) {\n super(message, options);\n this.code = 'ERR_JWKS_NO_MATCHING_KEY';\n }\n}\nJWKSNoMatchingKey.code = 'ERR_JWKS_NO_MATCHING_KEY';\nexport class JWKSMultipleMatchingKeys extends JOSEError {\n constructor(message = 'multiple matching keys found in the JSON Web Key Set', options) {\n super(message, options);\n this.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS';\n }\n}\nSymbol.asyncIterator;\nJWKSMultipleMatchingKeys.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS';\nexport class JWKSTimeout extends JOSEError {\n constructor(message = 'request timed out', options) {\n super(message, options);\n this.code = 'ERR_JWKS_TIMEOUT';\n }\n}\nJWKSTimeout.code = 'ERR_JWKS_TIMEOUT';\nexport class JWSSignatureVerificationFailed extends JOSEError {\n constructor(message = 'signature verification failed', options) {\n super(message, options);\n this.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED';\n }\n}\nJWSSignatureVerificationFailed.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED';\n","import { JOSENotSupported } from '../util/errors.js';\nexport default function subtleDsa(alg, algorithm) {\n const hash = `SHA-${alg.slice(-3)}`;\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512':\n return { hash, name: 'HMAC' };\n case 'PS256':\n case 'PS384':\n case 'PS512':\n return { hash, name: 'RSA-PSS', saltLength: alg.slice(-3) >> 3 };\n case 'RS256':\n case 'RS384':\n case 'RS512':\n return { hash, name: 'RSASSA-PKCS1-v1_5' };\n case 'ES256':\n case 'ES384':\n case 'ES512':\n return { hash, name: 'ECDSA', namedCurve: algorithm.namedCurve };\n case 'Ed25519':\n return { name: 'Ed25519' };\n case 'EdDSA':\n return { name: algorithm.name };\n default:\n throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);\n }\n}\n","export default (alg, key) => {\n if (alg.startsWith('RS') || alg.startsWith('PS')) {\n const { modulusLength } = key.algorithm;\n if (typeof modulusLength !== 'number' || modulusLength < 2048) {\n throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`);\n }\n }\n};\n","function unusable(name, prop = 'algorithm.name') {\n return new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);\n}\nfunction isAlgorithm(algorithm, name) {\n return algorithm.name === name;\n}\nfunction getHashLength(hash) {\n return parseInt(hash.name.slice(4), 10);\n}\nfunction getNamedCurve(alg) {\n switch (alg) {\n case 'ES256':\n return 'P-256';\n case 'ES384':\n return 'P-384';\n case 'ES512':\n return 'P-521';\n default:\n throw new Error('unreachable');\n }\n}\nfunction checkUsage(key, usages) {\n if (usages.length && !usages.some((expected) => key.usages.includes(expected))) {\n let msg = 'CryptoKey does not support this operation, its usages must include ';\n if (usages.length > 2) {\n const last = usages.pop();\n msg += `one of ${usages.join(', ')}, or ${last}.`;\n }\n else if (usages.length === 2) {\n msg += `one of ${usages[0]} or ${usages[1]}.`;\n }\n else {\n msg += `${usages[0]}.`;\n }\n throw new TypeError(msg);\n }\n}\nexport function checkSigCryptoKey(key, alg, ...usages) {\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512': {\n if (!isAlgorithm(key.algorithm, 'HMAC'))\n throw unusable('HMAC');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'RS256':\n case 'RS384':\n case 'RS512': {\n if (!isAlgorithm(key.algorithm, 'RSASSA-PKCS1-v1_5'))\n throw unusable('RSASSA-PKCS1-v1_5');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'PS256':\n case 'PS384':\n case 'PS512': {\n if (!isAlgorithm(key.algorithm, 'RSA-PSS'))\n throw unusable('RSA-PSS');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'EdDSA': {\n if (key.algorithm.name !== 'Ed25519' && key.algorithm.name !== 'Ed448') {\n throw unusable('Ed25519 or Ed448');\n }\n break;\n }\n case 'Ed25519': {\n if (!isAlgorithm(key.algorithm, 'Ed25519'))\n throw unusable('Ed25519');\n break;\n }\n case 'ES256':\n case 'ES384':\n case 'ES512': {\n if (!isAlgorithm(key.algorithm, 'ECDSA'))\n throw unusable('ECDSA');\n const expected = getNamedCurve(alg);\n const actual = key.algorithm.namedCurve;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.namedCurve');\n break;\n }\n default:\n throw new TypeError('CryptoKey does not support this operation');\n }\n checkUsage(key, usages);\n}\nexport function checkEncCryptoKey(key, alg, ...usages) {\n switch (alg) {\n case 'A128GCM':\n case 'A192GCM':\n case 'A256GCM': {\n if (!isAlgorithm(key.algorithm, 'AES-GCM'))\n throw unusable('AES-GCM');\n const expected = parseInt(alg.slice(1, 4), 10);\n const actual = key.algorithm.length;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.length');\n break;\n }\n case 'A128KW':\n case 'A192KW':\n case 'A256KW': {\n if (!isAlgorithm(key.algorithm, 'AES-KW'))\n throw unusable('AES-KW');\n const expected = parseInt(alg.slice(1, 4), 10);\n const actual = key.algorithm.length;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.length');\n break;\n }\n case 'ECDH': {\n switch (key.algorithm.name) {\n case 'ECDH':\n case 'X25519':\n case 'X448':\n break;\n default:\n throw unusable('ECDH, X25519, or X448');\n }\n break;\n }\n case 'PBES2-HS256+A128KW':\n case 'PBES2-HS384+A192KW':\n case 'PBES2-HS512+A256KW':\n if (!isAlgorithm(key.algorithm, 'PBKDF2'))\n throw unusable('PBKDF2');\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512': {\n if (!isAlgorithm(key.algorithm, 'RSA-OAEP'))\n throw unusable('RSA-OAEP');\n const expected = parseInt(alg.slice(9), 10) || 1;\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n default:\n throw new TypeError('CryptoKey does not support this operation');\n }\n checkUsage(key, usages);\n}\n","function isObjectLike(value) {\n return typeof value === 'object' && value !== null;\n}\nexport default function isObject(input) {\n if (!isObjectLike(input) || Object.prototype.toString.call(input) !== '[object Object]') {\n return false;\n }\n if (Object.getPrototypeOf(input) === null) {\n return true;\n }\n let proto = input;\n while (Object.getPrototypeOf(proto) !== null) {\n proto = Object.getPrototypeOf(proto);\n }\n return Object.getPrototypeOf(input) === proto;\n}\n","import isObject from './is_object.js';\nexport function isJWK(key) {\n return isObject(key) && typeof key.kty === 'string';\n}\nexport function isPrivateJWK(key) {\n return key.kty !== 'oct' && typeof key.d === 'string';\n}\nexport function isPublicJWK(key) {\n return key.kty !== 'oct' && typeof key.d === 'undefined';\n}\nexport function isSecretJWK(key) {\n return isJWK(key) && key.kty === 'oct' && typeof key.k === 'string';\n}\n","import crypto from './webcrypto.js';\nimport { JOSENotSupported } from '../util/errors.js';\nfunction subtleMapping(jwk) {\n let algorithm;\n let keyUsages;\n switch (jwk.kty) {\n case 'RSA': {\n switch (jwk.alg) {\n case 'PS256':\n case 'PS384':\n case 'PS512':\n algorithm = { name: 'RSA-PSS', hash: `SHA-${jwk.alg.slice(-3)}` };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'RS256':\n case 'RS384':\n case 'RS512':\n algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${jwk.alg.slice(-3)}` };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512':\n algorithm = {\n name: 'RSA-OAEP',\n hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`,\n };\n keyUsages = jwk.d ? ['decrypt', 'unwrapKey'] : ['encrypt', 'wrapKey'];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n case 'EC': {\n switch (jwk.alg) {\n case 'ES256':\n algorithm = { name: 'ECDSA', namedCurve: 'P-256' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ES384':\n algorithm = { name: 'ECDSA', namedCurve: 'P-384' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ES512':\n algorithm = { name: 'ECDSA', namedCurve: 'P-521' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW':\n algorithm = { name: 'ECDH', namedCurve: jwk.crv };\n keyUsages = jwk.d ? ['deriveBits'] : [];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n case 'OKP': {\n switch (jwk.alg) {\n case 'Ed25519':\n algorithm = { name: 'Ed25519' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'EdDSA':\n algorithm = { name: jwk.crv };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW':\n algorithm = { name: jwk.crv };\n keyUsages = jwk.d ? ['deriveBits'] : [];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"kty\" (Key Type) Parameter value');\n }\n return { algorithm, keyUsages };\n}\nconst parse = async (jwk) => {\n if (!jwk.alg) {\n throw new TypeError('\"alg\" argument is required when \"jwk.alg\" is not present');\n }\n const { algorithm, keyUsages } = subtleMapping(jwk);\n const rest = [\n algorithm,\n jwk.ext ?? false,\n jwk.key_ops ?? keyUsages,\n ];\n const keyData = { ...jwk };\n delete keyData.alg;\n delete keyData.use;\n return crypto.subtle.importKey('jwk', keyData, ...rest);\n};\nexport default parse;\n","import { isJWK } from '../lib/is_jwk.js';\nimport { decode } from './base64url.js';\nimport importJWK from './jwk_to_key.js';\nconst exportKeyValue = (k) => decode(k);\nlet privCache;\nlet pubCache;\nconst isKeyObject = (key) => {\n return key?.[Symbol.toStringTag] === 'KeyObject';\n};\nconst importAndCache = async (cache, key, jwk, alg, freeze = false) => {\n let cached = cache.get(key);\n if (cached?.[alg]) {\n return cached[alg];\n }\n const cryptoKey = await importJWK({ ...jwk, alg });\n if (freeze)\n Object.freeze(key);\n if (!cached) {\n cache.set(key, { [alg]: cryptoKey });\n }\n else {\n cached[alg] = cryptoKey;\n }\n return cryptoKey;\n};\nconst normalizePublicKey = (key, alg) => {\n if (isKeyObject(key)) {\n let jwk = key.export({ format: 'jwk' });\n delete jwk.d;\n delete jwk.dp;\n delete jwk.dq;\n delete jwk.p;\n delete jwk.q;\n delete jwk.qi;\n if (jwk.k) {\n return exportKeyValue(jwk.k);\n }\n pubCache || (pubCache = new WeakMap());\n return importAndCache(pubCache, key, jwk, alg);\n }\n if (isJWK(key)) {\n if (key.k)\n return decode(key.k);\n pubCache || (pubCache = new WeakMap());\n const cryptoKey = importAndCache(pubCache, key, key, alg, true);\n return cryptoKey;\n }\n return key;\n};\nconst normalizePrivateKey = (key, alg) => {\n if (isKeyObject(key)) {\n let jwk = key.export({ format: 'jwk' });\n if (jwk.k) {\n return exportKeyValue(jwk.k);\n }\n privCache || (privCache = new WeakMap());\n return importAndCache(privCache, key, jwk, alg);\n }\n if (isJWK(key)) {\n if (key.k)\n return decode(key.k);\n privCache || (privCache = new WeakMap());\n const cryptoKey = importAndCache(privCache, key, key, alg, true);\n return cryptoKey;\n }\n return key;\n};\nexport default { normalizePublicKey, normalizePrivateKey };\n","import crypto, { isCryptoKey } from './webcrypto.js';\nimport { checkSigCryptoKey } from '../lib/crypto_key.js';\nimport invalidKeyInput from '../lib/invalid_key_input.js';\nimport { types } from './is_key_like.js';\nimport normalize from './normalize_key.js';\nexport default async function getCryptoKey(alg, key, usage) {\n if (usage === 'sign') {\n key = await normalize.normalizePrivateKey(key, alg);\n }\n if (usage === 'verify') {\n key = await normalize.normalizePublicKey(key, alg);\n }\n if (isCryptoKey(key)) {\n checkSigCryptoKey(key, alg, usage);\n return key;\n }\n if (key instanceof Uint8Array) {\n if (!alg.startsWith('HS')) {\n throw new TypeError(invalidKeyInput(key, ...types));\n }\n return crypto.subtle.importKey('raw', key, { hash: `SHA-${alg.slice(-3)}`, name: 'HMAC' }, false, [usage]);\n }\n throw new TypeError(invalidKeyInput(key, ...types, 'Uint8Array', 'JSON Web Key'));\n}\n","import subtleAlgorithm from './subtle_dsa.js';\nimport crypto from './webcrypto.js';\nimport checkKeyLength from './check_key_length.js';\nimport getSignKey from './get_sign_verify_key.js';\nconst sign = async (alg, key, data) => {\n const cryptoKey = await getSignKey(alg, key, 'sign');\n checkKeyLength(alg, cryptoKey);\n const signature = await crypto.subtle.sign(subtleAlgorithm(alg, cryptoKey.algorithm), cryptoKey, data);\n return new Uint8Array(signature);\n};\nexport default sign;\n","const isDisjoint = (...headers) => {\n const sources = headers.filter(Boolean);\n if (sources.length === 0 || sources.length === 1) {\n return true;\n }\n let acc;\n for (const header of sources) {\n const parameters = Object.keys(header);\n if (!acc || acc.size === 0) {\n acc = new Set(parameters);\n continue;\n }\n for (const parameter of parameters) {\n if (acc.has(parameter)) {\n return false;\n }\n acc.add(parameter);\n }\n }\n return true;\n};\nexport default isDisjoint;\n","import { withAlg as invalidKeyInput } from './invalid_key_input.js';\nimport isKeyLike, { types } from '../runtime/is_key_like.js';\nimport * as jwk from './is_jwk.js';\nconst tag = (key) => key?.[Symbol.toStringTag];\nconst jwkMatchesOp = (alg, key, usage) => {\n if (key.use !== undefined && key.use !== 'sig') {\n throw new TypeError('Invalid key for this operation, when present its use must be sig');\n }\n if (key.key_ops !== undefined && key.key_ops.includes?.(usage) !== true) {\n throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${usage}`);\n }\n if (key.alg !== undefined && key.alg !== alg) {\n throw new TypeError(`Invalid key for this operation, when present its alg must be ${alg}`);\n }\n return true;\n};\nconst symmetricTypeCheck = (alg, key, usage, allowJwk) => {\n if (key instanceof Uint8Array)\n return;\n if (allowJwk && jwk.isJWK(key)) {\n if (jwk.isSecretJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK \"kty\" (Key Type) equal to \"oct\" and the JWK \"k\" (Key Value) present`);\n }\n if (!isKeyLike(key)) {\n throw new TypeError(invalidKeyInput(alg, key, ...types, 'Uint8Array', allowJwk ? 'JSON Web Key' : null));\n }\n if (key.type !== 'secret') {\n throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type \"secret\"`);\n }\n};\nconst asymmetricTypeCheck = (alg, key, usage, allowJwk) => {\n if (allowJwk && jwk.isJWK(key)) {\n switch (usage) {\n case 'sign':\n if (jwk.isPrivateJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for this operation be a private JWK`);\n case 'verify':\n if (jwk.isPublicJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for this operation be a public JWK`);\n }\n }\n if (!isKeyLike(key)) {\n throw new TypeError(invalidKeyInput(alg, key, ...types, allowJwk ? 'JSON Web Key' : null));\n }\n if (key.type === 'secret') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type \"secret\"`);\n }\n if (usage === 'sign' && key.type === 'public') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type \"private\"`);\n }\n if (usage === 'decrypt' && key.type === 'public') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type \"private\"`);\n }\n if (key.algorithm && usage === 'verify' && key.type === 'private') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type \"public\"`);\n }\n if (key.algorithm && usage === 'encrypt' && key.type === 'private') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type \"public\"`);\n }\n};\nfunction checkKeyType(allowJwk, alg, key, usage) {\n const symmetric = alg.startsWith('HS') ||\n alg === 'dir' ||\n alg.startsWith('PBES2') ||\n /^A\\d{3}(?:GCM)?KW$/.test(alg);\n if (symmetric) {\n symmetricTypeCheck(alg, key, usage, allowJwk);\n }\n else {\n asymmetricTypeCheck(alg, key, usage, allowJwk);\n }\n}\nexport default checkKeyType.bind(undefined, false);\nexport const checkKeyTypeWithJwk = checkKeyType.bind(undefined, true);\n","import { JOSENotSupported } from '../util/errors.js';\nfunction validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) {\n if (joseHeader.crit !== undefined && protectedHeader?.crit === undefined) {\n throw new Err('\"crit\" (Critical) Header Parameter MUST be integrity protected');\n }\n if (!protectedHeader || protectedHeader.crit === undefined) {\n return new Set();\n }\n if (!Array.isArray(protectedHeader.crit) ||\n protectedHeader.crit.length === 0 ||\n protectedHeader.crit.some((input) => typeof input !== 'string' || input.length === 0)) {\n throw new Err('\"crit\" (Critical) Header Parameter MUST be an array of non-empty strings when present');\n }\n let recognized;\n if (recognizedOption !== undefined) {\n recognized = new Map([...Object.entries(recognizedOption), ...recognizedDefault.entries()]);\n }\n else {\n recognized = recognizedDefault;\n }\n for (const parameter of protectedHeader.crit) {\n if (!recognized.has(parameter)) {\n throw new JOSENotSupported(`Extension Header Parameter \"${parameter}\" is not recognized`);\n }\n if (joseHeader[parameter] === undefined) {\n throw new Err(`Extension Header Parameter \"${parameter}\" is missing`);\n }\n if (recognized.get(parameter) && protectedHeader[parameter] === undefined) {\n throw new Err(`Extension Header Parameter \"${parameter}\" MUST be integrity protected`);\n }\n }\n return new Set(protectedHeader.crit);\n}\nexport default validateCrit;\n","import { encode as base64url } from '../../runtime/base64url.js';\nimport sign from '../../runtime/sign.js';\nimport isDisjoint from '../../lib/is_disjoint.js';\nimport { JWSInvalid } from '../../util/errors.js';\nimport { encoder, decoder, concat } from '../../lib/buffer_utils.js';\nimport { checkKeyTypeWithJwk } from '../../lib/check_key_type.js';\nimport validateCrit from '../../lib/validate_crit.js';\nexport class FlattenedSign {\n constructor(payload) {\n if (!(payload instanceof Uint8Array)) {\n throw new TypeError('payload must be an instance of Uint8Array');\n }\n this._payload = payload;\n }\n setProtectedHeader(protectedHeader) {\n if (this._protectedHeader) {\n throw new TypeError('setProtectedHeader can only be called once');\n }\n this._protectedHeader = protectedHeader;\n return this;\n }\n setUnprotectedHeader(unprotectedHeader) {\n if (this._unprotectedHeader) {\n throw new TypeError('setUnprotectedHeader can only be called once');\n }\n this._unprotectedHeader = unprotectedHeader;\n return this;\n }\n async sign(key, options) {\n if (!this._protectedHeader && !this._unprotectedHeader) {\n throw new JWSInvalid('either setProtectedHeader or setUnprotectedHeader must be called before #sign()');\n }\n if (!isDisjoint(this._protectedHeader, this._unprotectedHeader)) {\n throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');\n }\n const joseHeader = {\n ...this._protectedHeader,\n ...this._unprotectedHeader,\n };\n const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, this._protectedHeader, joseHeader);\n let b64 = true;\n if (extensions.has('b64')) {\n b64 = this._protectedHeader.b64;\n if (typeof b64 !== 'boolean') {\n throw new JWSInvalid('The \"b64\" (base64url-encode payload) Header Parameter must be a boolean');\n }\n }\n const { alg } = joseHeader;\n if (typeof alg !== 'string' || !alg) {\n throw new JWSInvalid('JWS \"alg\" (Algorithm) Header Parameter missing or invalid');\n }\n checkKeyTypeWithJwk(alg, key, 'sign');\n let payload = this._payload;\n if (b64) {\n payload = encoder.encode(base64url(payload));\n }\n let protectedHeader;\n if (this._protectedHeader) {\n protectedHeader = encoder.encode(base64url(JSON.stringify(this._protectedHeader)));\n }\n else {\n protectedHeader = encoder.encode('');\n }\n const data = concat(protectedHeader, encoder.encode('.'), payload);\n const signature = await sign(alg, key, data);\n const jws = {\n signature: base64url(signature),\n payload: '',\n };\n if (b64) {\n jws.payload = decoder.decode(payload);\n }\n if (this._unprotectedHeader) {\n jws.header = this._unprotectedHeader;\n }\n if (this._protectedHeader) {\n jws.protected = decoder.decode(protectedHeader);\n }\n return jws;\n }\n}\n","import { FlattenedSign } from '../flattened/sign.js';\nexport class CompactSign {\n constructor(payload) {\n this._flattened = new FlattenedSign(payload);\n }\n setProtectedHeader(protectedHeader) {\n this._flattened.setProtectedHeader(protectedHeader);\n return this;\n }\n async sign(key, options) {\n const jws = await this._flattened.sign(key, options);\n if (jws.payload === undefined) {\n throw new TypeError('use the flattened module for creating JWS with b64: false');\n }\n return `${jws.protected}.${jws.payload}.${jws.signature}`;\n }\n}\n","export default (date) => Math.floor(date.getTime() / 1000);\n","const minute = 60;\nconst hour = minute * 60;\nconst day = hour * 24;\nconst week = day * 7;\nconst year = day * 365.25;\nconst REGEX = /^(\\+|\\-)? ?(\\d+|\\d+\\.\\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;\nexport default (str) => {\n const matched = REGEX.exec(str);\n if (!matched || (matched[4] && matched[1])) {\n throw new TypeError('Invalid time period format');\n }\n const value = parseFloat(matched[2]);\n const unit = matched[3].toLowerCase();\n let numericDate;\n switch (unit) {\n case 'sec':\n case 'secs':\n case 'second':\n case 'seconds':\n case 's':\n numericDate = Math.round(value);\n break;\n case 'minute':\n case 'minutes':\n case 'min':\n case 'mins':\n case 'm':\n numericDate = Math.round(value * minute);\n break;\n case 'hour':\n case 'hours':\n case 'hr':\n case 'hrs':\n case 'h':\n numericDate = Math.round(value * hour);\n break;\n case 'day':\n case 'days':\n case 'd':\n numericDate = Math.round(value * day);\n break;\n case 'week':\n case 'weeks':\n case 'w':\n numericDate = Math.round(value * week);\n break;\n default:\n numericDate = Math.round(value * year);\n break;\n }\n if (matched[1] === '-' || matched[4] === 'ago') {\n return -numericDate;\n }\n return numericDate;\n};\n","import epoch from '../lib/epoch.js';\nimport isObject from '../lib/is_object.js';\nimport secs from '../lib/secs.js';\nfunction validateInput(label, input) {\n if (!Number.isFinite(input)) {\n throw new TypeError(`Invalid ${label} input`);\n }\n return input;\n}\nexport class ProduceJWT {\n constructor(payload = {}) {\n if (!isObject(payload)) {\n throw new TypeError('JWT Claims Set MUST be an object');\n }\n this._payload = payload;\n }\n setIssuer(issuer) {\n this._payload = { ...this._payload, iss: issuer };\n return this;\n }\n setSubject(subject) {\n this._payload = { ...this._payload, sub: subject };\n return this;\n }\n setAudience(audience) {\n this._payload = { ...this._payload, aud: audience };\n return this;\n }\n setJti(jwtId) {\n this._payload = { ...this._payload, jti: jwtId };\n return this;\n }\n setNotBefore(input) {\n if (typeof input === 'number') {\n this._payload = { ...this._payload, nbf: validateInput('setNotBefore', input) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, nbf: validateInput('setNotBefore', epoch(input)) };\n }\n else {\n this._payload = { ...this._payload, nbf: epoch(new Date()) + secs(input) };\n }\n return this;\n }\n setExpirationTime(input) {\n if (typeof input === 'number') {\n this._payload = { ...this._payload, exp: validateInput('setExpirationTime', input) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, exp: validateInput('setExpirationTime', epoch(input)) };\n }\n else {\n this._payload = { ...this._payload, exp: epoch(new Date()) + secs(input) };\n }\n return this;\n }\n setIssuedAt(input) {\n if (typeof input === 'undefined') {\n this._payload = { ...this._payload, iat: epoch(new Date()) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, iat: validateInput('setIssuedAt', epoch(input)) };\n }\n else if (typeof input === 'string') {\n this._payload = {\n ...this._payload,\n iat: validateInput('setIssuedAt', epoch(new Date()) + secs(input)),\n };\n }\n else {\n this._payload = { ...this._payload, iat: validateInput('setIssuedAt', input) };\n }\n return this;\n }\n}\n","import { CompactSign } from '../jws/compact/sign.js';\nimport { JWTInvalid } from '../util/errors.js';\nimport { encoder } from '../lib/buffer_utils.js';\nimport { ProduceJWT } from './produce.js';\nexport class SignJWT extends ProduceJWT {\n setProtectedHeader(protectedHeader) {\n this._protectedHeader = protectedHeader;\n return this;\n }\n async sign(key, options) {\n const sig = new CompactSign(encoder.encode(JSON.stringify(this._payload)));\n sig.setProtectedHeader(this._protectedHeader);\n if (Array.isArray(this._protectedHeader?.crit) &&\n this._protectedHeader.crit.includes('b64') &&\n this._protectedHeader.b64 === false) {\n throw new JWTInvalid('JWTs MUST NOT use unencoded payload');\n }\n return sig.sign(key, options);\n }\n}\n","import { JOSEError, JWKSTimeout } from '../util/errors.js';\nconst fetchJwks = async (url, timeout, options) => {\n let controller;\n let id;\n let timedOut = false;\n if (typeof AbortController === 'function') {\n controller = new AbortController();\n id = setTimeout(() => {\n timedOut = true;\n controller.abort();\n }, timeout);\n }\n const response = await fetch(url.href, {\n signal: controller ? controller.signal : undefined,\n redirect: 'manual',\n headers: options.headers,\n }).catch((err) => {\n if (timedOut)\n throw new JWKSTimeout();\n throw err;\n });\n if (id !== undefined)\n clearTimeout(id);\n if (response.status !== 200) {\n throw new JOSEError('Expected 200 OK from the JSON Web Key Set HTTP response');\n }\n try {\n return await response.json();\n }\n catch {\n throw new JOSEError('Failed to parse the JSON Web Key Set HTTP response as JSON');\n }\n};\nexport default fetchJwks;\n","import { decode as decodeBase64URL } from '../runtime/base64url.js';\nimport { fromSPKI, fromPKCS8, fromX509 } from '../runtime/asn1.js';\nimport asKeyObject from '../runtime/jwk_to_key.js';\nimport { JOSENotSupported } from '../util/errors.js';\nimport isObject from '../lib/is_object.js';\nexport async function importSPKI(spki, alg, options) {\n if (typeof spki !== 'string' || spki.indexOf('-----BEGIN PUBLIC KEY-----') !== 0) {\n throw new TypeError('\"spki\" must be SPKI formatted string');\n }\n return fromSPKI(spki, alg, options);\n}\nexport async function importX509(x509, alg, options) {\n if (typeof x509 !== 'string' || x509.indexOf('-----BEGIN CERTIFICATE-----') !== 0) {\n throw new TypeError('\"x509\" must be X.509 formatted string');\n }\n return fromX509(x509, alg, options);\n}\nexport async function importPKCS8(pkcs8, alg, options) {\n if (typeof pkcs8 !== 'string' || pkcs8.indexOf('-----BEGIN PRIVATE KEY-----') !== 0) {\n throw new TypeError('\"pkcs8\" must be PKCS#8 formatted string');\n }\n return fromPKCS8(pkcs8, alg, options);\n}\nexport async function importJWK(jwk, alg) {\n if (!isObject(jwk)) {\n throw new TypeError('JWK must be an object');\n }\n alg || (alg = jwk.alg);\n switch (jwk.kty) {\n case 'oct':\n if (typeof jwk.k !== 'string' || !jwk.k) {\n throw new TypeError('missing \"k\" (Key Value) Parameter value');\n }\n return decodeBase64URL(jwk.k);\n case 'RSA':\n if ('oth' in jwk && jwk.oth !== undefined) {\n throw new JOSENotSupported('RSA JWK \"oth\" (Other Primes Info) Parameter value is not supported');\n }\n case 'EC':\n case 'OKP':\n return asKeyObject({ ...jwk, alg });\n default:\n throw new JOSENotSupported('Unsupported \"kty\" (Key Type) Parameter value');\n }\n}\n","import { importJWK } from '../key/import.js';\nimport { JWKSInvalid, JOSENotSupported, JWKSNoMatchingKey, JWKSMultipleMatchingKeys, } from '../util/errors.js';\nimport isObject from '../lib/is_object.js';\nfunction getKtyFromAlg(alg) {\n switch (typeof alg === 'string' && alg.slice(0, 2)) {\n case 'RS':\n case 'PS':\n return 'RSA';\n case 'ES':\n return 'EC';\n case 'Ed':\n return 'OKP';\n default:\n throw new JOSENotSupported('Unsupported \"alg\" value for a JSON Web Key Set');\n }\n}\nfunction isJWKSLike(jwks) {\n return (jwks &&\n typeof jwks === 'object' &&\n Array.isArray(jwks.keys) &&\n jwks.keys.every(isJWKLike));\n}\nfunction isJWKLike(key) {\n return isObject(key);\n}\nfunction clone(obj) {\n if (typeof structuredClone === 'function') {\n return structuredClone(obj);\n }\n return JSON.parse(JSON.stringify(obj));\n}\nclass LocalJWKSet {\n constructor(jwks) {\n this._cached = new WeakMap();\n if (!isJWKSLike(jwks)) {\n throw new JWKSInvalid('JSON Web Key Set malformed');\n }\n this._jwks = clone(jwks);\n }\n async getKey(protectedHeader, token) {\n const { alg, kid } = { ...protectedHeader, ...token?.header };\n const kty = getKtyFromAlg(alg);\n const candidates = this._jwks.keys.filter((jwk) => {\n let candidate = kty === jwk.kty;\n if (candidate && typeof kid === 'string') {\n candidate = kid === jwk.kid;\n }\n if (candidate && typeof jwk.alg === 'string') {\n candidate = alg === jwk.alg;\n }\n if (candidate && typeof jwk.use === 'string') {\n candidate = jwk.use === 'sig';\n }\n if (candidate && Array.isArray(jwk.key_ops)) {\n candidate = jwk.key_ops.includes('verify');\n }\n if (candidate) {\n switch (alg) {\n case 'ES256':\n candidate = jwk.crv === 'P-256';\n break;\n case 'ES256K':\n candidate = jwk.crv === 'secp256k1';\n break;\n case 'ES384':\n candidate = jwk.crv === 'P-384';\n break;\n case 'ES512':\n candidate = jwk.crv === 'P-521';\n break;\n case 'Ed25519':\n candidate = jwk.crv === 'Ed25519';\n break;\n case 'EdDSA':\n candidate = jwk.crv === 'Ed25519' || jwk.crv === 'Ed448';\n break;\n }\n }\n return candidate;\n });\n const { 0: jwk, length } = candidates;\n if (length === 0) {\n throw new JWKSNoMatchingKey();\n }\n if (length !== 1) {\n const error = new JWKSMultipleMatchingKeys();\n const { _cached } = this;\n error[Symbol.asyncIterator] = async function* () {\n for (const jwk of candidates) {\n try {\n yield await importWithAlgCache(_cached, jwk, alg);\n }\n catch { }\n }\n };\n throw error;\n }\n return importWithAlgCache(this._cached, jwk, alg);\n }\n}\nasync function importWithAlgCache(cache, jwk, alg) {\n const cached = cache.get(jwk) || cache.set(jwk, {}).get(jwk);\n if (cached[alg] === undefined) {\n const key = await importJWK({ ...jwk, ext: true }, alg);\n if (key instanceof Uint8Array || key.type !== 'public') {\n throw new JWKSInvalid('JSON Web Key Set members must be public keys');\n }\n cached[alg] = key;\n }\n return cached[alg];\n}\nexport function createLocalJWKSet(jwks) {\n const set = new LocalJWKSet(jwks);\n const localJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);\n Object.defineProperties(localJWKSet, {\n jwks: {\n value: () => clone(set._jwks),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n });\n return localJWKSet;\n}\n","import fetchJwks from '../runtime/fetch_jwks.js';\nimport { JWKSNoMatchingKey } from '../util/errors.js';\nimport { createLocalJWKSet } from './local.js';\nimport isObject from '../lib/is_object.js';\nfunction isCloudflareWorkers() {\n return (typeof WebSocketPair !== 'undefined' ||\n (typeof navigator !== 'undefined' && navigator.userAgent === 'Cloudflare-Workers') ||\n (typeof EdgeRuntime !== 'undefined' && EdgeRuntime === 'vercel'));\n}\nlet USER_AGENT;\nif (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) {\n const NAME = 'jose';\n const VERSION = 'v5.10.0';\n USER_AGENT = `${NAME}/${VERSION}`;\n}\nexport const jwksCache = Symbol();\nfunction isFreshJwksCache(input, cacheMaxAge) {\n if (typeof input !== 'object' || input === null) {\n return false;\n }\n if (!('uat' in input) || typeof input.uat !== 'number' || Date.now() - input.uat >= cacheMaxAge) {\n return false;\n }\n if (!('jwks' in input) ||\n !isObject(input.jwks) ||\n !Array.isArray(input.jwks.keys) ||\n !Array.prototype.every.call(input.jwks.keys, isObject)) {\n return false;\n }\n return true;\n}\nclass RemoteJWKSet {\n constructor(url, options) {\n if (!(url instanceof URL)) {\n throw new TypeError('url must be an instance of URL');\n }\n this._url = new URL(url.href);\n this._options = { agent: options?.agent, headers: options?.headers };\n this._timeoutDuration =\n typeof options?.timeoutDuration === 'number' ? options?.timeoutDuration : 5000;\n this._cooldownDuration =\n typeof options?.cooldownDuration === 'number' ? options?.cooldownDuration : 30000;\n this._cacheMaxAge = typeof options?.cacheMaxAge === 'number' ? options?.cacheMaxAge : 600000;\n if (options?.[jwksCache] !== undefined) {\n this._cache = options?.[jwksCache];\n if (isFreshJwksCache(options?.[jwksCache], this._cacheMaxAge)) {\n this._jwksTimestamp = this._cache.uat;\n this._local = createLocalJWKSet(this._cache.jwks);\n }\n }\n }\n coolingDown() {\n return typeof this._jwksTimestamp === 'number'\n ? Date.now() < this._jwksTimestamp + this._cooldownDuration\n : false;\n }\n fresh() {\n return typeof this._jwksTimestamp === 'number'\n ? Date.now() < this._jwksTimestamp + this._cacheMaxAge\n : false;\n }\n async getKey(protectedHeader, token) {\n if (!this._local || !this.fresh()) {\n await this.reload();\n }\n try {\n return await this._local(protectedHeader, token);\n }\n catch (err) {\n if (err instanceof JWKSNoMatchingKey) {\n if (this.coolingDown() === false) {\n await this.reload();\n return this._local(protectedHeader, token);\n }\n }\n throw err;\n }\n }\n async reload() {\n if (this._pendingFetch && isCloudflareWorkers()) {\n this._pendingFetch = undefined;\n }\n const headers = new Headers(this._options.headers);\n if (USER_AGENT && !headers.has('User-Agent')) {\n headers.set('User-Agent', USER_AGENT);\n this._options.headers = Object.fromEntries(headers.entries());\n }\n this._pendingFetch || (this._pendingFetch = fetchJwks(this._url, this._timeoutDuration, this._options)\n .then((json) => {\n this._local = createLocalJWKSet(json);\n if (this._cache) {\n this._cache.uat = Date.now();\n this._cache.jwks = json;\n }\n this._jwksTimestamp = Date.now();\n this._pendingFetch = undefined;\n })\n .catch((err) => {\n this._pendingFetch = undefined;\n throw err;\n }));\n await this._pendingFetch;\n }\n}\nexport function createRemoteJWKSet(url, options) {\n const set = new RemoteJWKSet(url, options);\n const remoteJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);\n Object.defineProperties(remoteJWKSet, {\n coolingDown: {\n get: () => set.coolingDown(),\n enumerable: true,\n configurable: false,\n },\n fresh: {\n get: () => set.fresh(),\n enumerable: true,\n configurable: false,\n },\n reload: {\n value: () => set.reload(),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n reloading: {\n get: () => !!set._pendingFetch,\n enumerable: true,\n configurable: false,\n },\n jwks: {\n value: () => set._local?.jwks(),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n });\n return remoteJWKSet;\n}\nexport const experimental_jwksCache = jwksCache;\n","import subtleAlgorithm from './subtle_dsa.js';\nimport crypto from './webcrypto.js';\nimport checkKeyLength from './check_key_length.js';\nimport getVerifyKey from './get_sign_verify_key.js';\nconst verify = async (alg, key, signature, data) => {\n const cryptoKey = await getVerifyKey(alg, key, 'verify');\n checkKeyLength(alg, cryptoKey);\n const algorithm = subtleAlgorithm(alg, cryptoKey.algorithm);\n try {\n return await crypto.subtle.verify(algorithm, cryptoKey, signature, data);\n }\n catch {\n return false;\n }\n};\nexport default verify;\n","const validateAlgorithms = (option, algorithms) => {\n if (algorithms !== undefined &&\n (!Array.isArray(algorithms) || algorithms.some((s) => typeof s !== 'string'))) {\n throw new TypeError(`\"${option}\" option must be an array of strings`);\n }\n if (!algorithms) {\n return undefined;\n }\n return new Set(algorithms);\n};\nexport default validateAlgorithms;\n","import { decode as base64url } from '../../runtime/base64url.js';\nimport verify from '../../runtime/verify.js';\nimport { JOSEAlgNotAllowed, JWSInvalid, JWSSignatureVerificationFailed } from '../../util/errors.js';\nimport { concat, encoder, decoder } from '../../lib/buffer_utils.js';\nimport isDisjoint from '../../lib/is_disjoint.js';\nimport isObject from '../../lib/is_object.js';\nimport { checkKeyTypeWithJwk } from '../../lib/check_key_type.js';\nimport validateCrit from '../../lib/validate_crit.js';\nimport validateAlgorithms from '../../lib/validate_algorithms.js';\nimport { isJWK } from '../../lib/is_jwk.js';\nimport { importJWK } from '../../key/import.js';\nexport async function flattenedVerify(jws, key, options) {\n if (!isObject(jws)) {\n throw new JWSInvalid('Flattened JWS must be an object');\n }\n if (jws.protected === undefined && jws.header === undefined) {\n throw new JWSInvalid('Flattened JWS must have either of the \"protected\" or \"header\" members');\n }\n if (jws.protected !== undefined && typeof jws.protected !== 'string') {\n throw new JWSInvalid('JWS Protected Header incorrect type');\n }\n if (jws.payload === undefined) {\n throw new JWSInvalid('JWS Payload missing');\n }\n if (typeof jws.signature !== 'string') {\n throw new JWSInvalid('JWS Signature missing or incorrect type');\n }\n if (jws.header !== undefined && !isObject(jws.header)) {\n throw new JWSInvalid('JWS Unprotected Header incorrect type');\n }\n let parsedProt = {};\n if (jws.protected) {\n try {\n const protectedHeader = base64url(jws.protected);\n parsedProt = JSON.parse(decoder.decode(protectedHeader));\n }\n catch {\n throw new JWSInvalid('JWS Protected Header is invalid');\n }\n }\n if (!isDisjoint(parsedProt, jws.header)) {\n throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');\n }\n const joseHeader = {\n ...parsedProt,\n ...jws.header,\n };\n const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, parsedProt, joseHeader);\n let b64 = true;\n if (extensions.has('b64')) {\n b64 = parsedProt.b64;\n if (typeof b64 !== 'boolean') {\n throw new JWSInvalid('The \"b64\" (base64url-encode payload) Header Parameter must be a boolean');\n }\n }\n const { alg } = joseHeader;\n if (typeof alg !== 'string' || !alg) {\n throw new JWSInvalid('JWS \"alg\" (Algorithm) Header Parameter missing or invalid');\n }\n const algorithms = options && validateAlgorithms('algorithms', options.algorithms);\n if (algorithms && !algorithms.has(alg)) {\n throw new JOSEAlgNotAllowed('\"alg\" (Algorithm) Header Parameter value not allowed');\n }\n if (b64) {\n if (typeof jws.payload !== 'string') {\n throw new JWSInvalid('JWS Payload must be a string');\n }\n }\n else if (typeof jws.payload !== 'string' && !(jws.payload instanceof Uint8Array)) {\n throw new JWSInvalid('JWS Payload must be a string or an Uint8Array instance');\n }\n let resolvedKey = false;\n if (typeof key === 'function') {\n key = await key(parsedProt, jws);\n resolvedKey = true;\n checkKeyTypeWithJwk(alg, key, 'verify');\n if (isJWK(key)) {\n key = await importJWK(key, alg);\n }\n }\n else {\n checkKeyTypeWithJwk(alg, key, 'verify');\n }\n const data = concat(encoder.encode(jws.protected ?? ''), encoder.encode('.'), typeof jws.payload === 'string' ? encoder.encode(jws.payload) : jws.payload);\n let signature;\n try {\n signature = base64url(jws.signature);\n }\n catch {\n throw new JWSInvalid('Failed to base64url decode the signature');\n }\n const verified = await verify(alg, key, signature, data);\n if (!verified) {\n throw new JWSSignatureVerificationFailed();\n }\n let payload;\n if (b64) {\n try {\n payload = base64url(jws.payload);\n }\n catch {\n throw new JWSInvalid('Failed to base64url decode the payload');\n }\n }\n else if (typeof jws.payload === 'string') {\n payload = encoder.encode(jws.payload);\n }\n else {\n payload = jws.payload;\n }\n const result = { payload };\n if (jws.protected !== undefined) {\n result.protectedHeader = parsedProt;\n }\n if (jws.header !== undefined) {\n result.unprotectedHeader = jws.header;\n }\n if (resolvedKey) {\n return { ...result, key };\n }\n return result;\n}\n","import { flattenedVerify } from '../flattened/verify.js';\nimport { JWSInvalid } from '../../util/errors.js';\nimport { decoder } from '../../lib/buffer_utils.js';\nexport async function compactVerify(jws, key, options) {\n if (jws instanceof Uint8Array) {\n jws = decoder.decode(jws);\n }\n if (typeof jws !== 'string') {\n throw new JWSInvalid('Compact JWS must be a string or Uint8Array');\n }\n const { 0: protectedHeader, 1: payload, 2: signature, length } = jws.split('.');\n if (length !== 3) {\n throw new JWSInvalid('Invalid Compact JWS');\n }\n const verified = await flattenedVerify({ payload, protected: protectedHeader, signature }, key, options);\n const result = { payload: verified.payload, protectedHeader: verified.protectedHeader };\n if (typeof key === 'function') {\n return { ...result, key: verified.key };\n }\n return result;\n}\n","import { JWTClaimValidationFailed, JWTExpired, JWTInvalid } from '../util/errors.js';\nimport { decoder } from './buffer_utils.js';\nimport epoch from './epoch.js';\nimport secs from './secs.js';\nimport isObject from './is_object.js';\nconst normalizeTyp = (value) => value.toLowerCase().replace(/^application\\//, '');\nconst checkAudiencePresence = (audPayload, audOption) => {\n if (typeof audPayload === 'string') {\n return audOption.includes(audPayload);\n }\n if (Array.isArray(audPayload)) {\n return audOption.some(Set.prototype.has.bind(new Set(audPayload)));\n }\n return false;\n};\nexport default (protectedHeader, encodedPayload, options = {}) => {\n let payload;\n try {\n payload = JSON.parse(decoder.decode(encodedPayload));\n }\n catch {\n }\n if (!isObject(payload)) {\n throw new JWTInvalid('JWT Claims Set must be a top-level JSON object');\n }\n const { typ } = options;\n if (typ &&\n (typeof protectedHeader.typ !== 'string' ||\n normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) {\n throw new JWTClaimValidationFailed('unexpected \"typ\" JWT header value', payload, 'typ', 'check_failed');\n }\n const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options;\n const presenceCheck = [...requiredClaims];\n if (maxTokenAge !== undefined)\n presenceCheck.push('iat');\n if (audience !== undefined)\n presenceCheck.push('aud');\n if (subject !== undefined)\n presenceCheck.push('sub');\n if (issuer !== undefined)\n presenceCheck.push('iss');\n for (const claim of new Set(presenceCheck.reverse())) {\n if (!(claim in payload)) {\n throw new JWTClaimValidationFailed(`missing required \"${claim}\" claim`, payload, claim, 'missing');\n }\n }\n if (issuer &&\n !(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) {\n throw new JWTClaimValidationFailed('unexpected \"iss\" claim value', payload, 'iss', 'check_failed');\n }\n if (subject && payload.sub !== subject) {\n throw new JWTClaimValidationFailed('unexpected \"sub\" claim value', payload, 'sub', 'check_failed');\n }\n if (audience &&\n !checkAudiencePresence(payload.aud, typeof audience === 'string' ? [audience] : audience)) {\n throw new JWTClaimValidationFailed('unexpected \"aud\" claim value', payload, 'aud', 'check_failed');\n }\n let tolerance;\n switch (typeof options.clockTolerance) {\n case 'string':\n tolerance = secs(options.clockTolerance);\n break;\n case 'number':\n tolerance = options.clockTolerance;\n break;\n case 'undefined':\n tolerance = 0;\n break;\n default:\n throw new TypeError('Invalid clockTolerance option type');\n }\n const { currentDate } = options;\n const now = epoch(currentDate || new Date());\n if ((payload.iat !== undefined || maxTokenAge) && typeof payload.iat !== 'number') {\n throw new JWTClaimValidationFailed('\"iat\" claim must be a number', payload, 'iat', 'invalid');\n }\n if (payload.nbf !== undefined) {\n if (typeof payload.nbf !== 'number') {\n throw new JWTClaimValidationFailed('\"nbf\" claim must be a number', payload, 'nbf', 'invalid');\n }\n if (payload.nbf > now + tolerance) {\n throw new JWTClaimValidationFailed('\"nbf\" claim timestamp check failed', payload, 'nbf', 'check_failed');\n }\n }\n if (payload.exp !== undefined) {\n if (typeof payload.exp !== 'number') {\n throw new JWTClaimValidationFailed('\"exp\" claim must be a number', payload, 'exp', 'invalid');\n }\n if (payload.exp <= now - tolerance) {\n throw new JWTExpired('\"exp\" claim timestamp check failed', payload, 'exp', 'check_failed');\n }\n }\n if (maxTokenAge) {\n const age = now - payload.iat;\n const max = typeof maxTokenAge === 'number' ? maxTokenAge : secs(maxTokenAge);\n if (age - tolerance > max) {\n throw new JWTExpired('\"iat\" claim timestamp check failed (too far in the past)', payload, 'iat', 'check_failed');\n }\n if (age < 0 - tolerance) {\n throw new JWTClaimValidationFailed('\"iat\" claim timestamp check failed (it should be in the past)', payload, 'iat', 'check_failed');\n }\n }\n return payload;\n};\n","import { compactVerify } from '../jws/compact/verify.js';\nimport jwtPayload from '../lib/jwt_claims_set.js';\nimport { JWTInvalid } from '../util/errors.js';\nexport async function jwtVerify(jwt, key, options) {\n const verified = await compactVerify(jwt, key, options);\n if (verified.protectedHeader.crit?.includes('b64') && verified.protectedHeader.b64 === false) {\n throw new JWTInvalid('JWTs MUST NOT use unencoded payload');\n }\n const payload = jwtPayload(verified.protectedHeader, verified.payload, options);\n const result = { payload, protectedHeader: verified.protectedHeader };\n if (typeof key === 'function') {\n return { ...result, key: verified.key };\n }\n return result;\n}\n","import crypto from './webcrypto.js';\nconst digest = async (algorithm, data) => {\n const subtleDigest = `SHA-${algorithm.slice(-3)}`;\n return new Uint8Array(await crypto.subtle.digest(subtleDigest, data));\n};\nexport default digest;\n","import digest from '../runtime/digest.js';\nimport { encode as base64url } from '../runtime/base64url.js';\nimport { JOSENotSupported, JWKInvalid } from '../util/errors.js';\nimport { encoder } from '../lib/buffer_utils.js';\nimport isObject from '../lib/is_object.js';\nconst check = (value, description) => {\n if (typeof value !== 'string' || !value) {\n throw new JWKInvalid(`${description} missing or invalid`);\n }\n};\nexport async function calculateJwkThumbprint(jwk, digestAlgorithm) {\n if (!isObject(jwk)) {\n throw new TypeError('JWK must be an object');\n }\n digestAlgorithm ?? (digestAlgorithm = 'sha256');\n if (digestAlgorithm !== 'sha256' &&\n digestAlgorithm !== 'sha384' &&\n digestAlgorithm !== 'sha512') {\n throw new TypeError('digestAlgorithm must one of \"sha256\", \"sha384\", or \"sha512\"');\n }\n let components;\n switch (jwk.kty) {\n case 'EC':\n check(jwk.crv, '\"crv\" (Curve) Parameter');\n check(jwk.x, '\"x\" (X Coordinate) Parameter');\n check(jwk.y, '\"y\" (Y Coordinate) Parameter');\n components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x, y: jwk.y };\n break;\n case 'OKP':\n check(jwk.crv, '\"crv\" (Subtype of Key Pair) Parameter');\n check(jwk.x, '\"x\" (Public Key) Parameter');\n components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x };\n break;\n case 'RSA':\n check(jwk.e, '\"e\" (Exponent) Parameter');\n check(jwk.n, '\"n\" (Modulus) Parameter');\n components = { e: jwk.e, kty: jwk.kty, n: jwk.n };\n break;\n case 'oct':\n check(jwk.k, '\"k\" (Key Value) Parameter');\n components = { k: jwk.k, kty: jwk.kty };\n break;\n default:\n throw new JOSENotSupported('\"kty\" (Key Type) Parameter missing or unsupported');\n }\n const data = encoder.encode(JSON.stringify(components));\n return base64url(await digest(digestAlgorithm, data));\n}\nexport async function calculateJwkThumbprintUri(jwk, digestAlgorithm) {\n digestAlgorithm ?? (digestAlgorithm = 'sha256');\n const thumbprint = await calculateJwkThumbprint(jwk, digestAlgorithm);\n return `urn:ietf:params:oauth:jwk-thumbprint:sha-${digestAlgorithm.slice(-3)}:${thumbprint}`;\n}\n","import crypto from './webcrypto.js';\nimport { JOSENotSupported } from '../util/errors.js';\nimport random from './random.js';\nexport async function generateSecret(alg, options) {\n let length;\n let algorithm;\n let keyUsages;\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512':\n length = parseInt(alg.slice(-3), 10);\n algorithm = { name: 'HMAC', hash: `SHA-${length}`, length };\n keyUsages = ['sign', 'verify'];\n break;\n case 'A128CBC-HS256':\n case 'A192CBC-HS384':\n case 'A256CBC-HS512':\n length = parseInt(alg.slice(-3), 10);\n return random(new Uint8Array(length >> 3));\n case 'A128KW':\n case 'A192KW':\n case 'A256KW':\n length = parseInt(alg.slice(1, 4), 10);\n algorithm = { name: 'AES-KW', length };\n keyUsages = ['wrapKey', 'unwrapKey'];\n break;\n case 'A128GCMKW':\n case 'A192GCMKW':\n case 'A256GCMKW':\n case 'A128GCM':\n case 'A192GCM':\n case 'A256GCM':\n length = parseInt(alg.slice(1, 4), 10);\n algorithm = { name: 'AES-GCM', length };\n keyUsages = ['encrypt', 'decrypt'];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);\n}\nfunction getModulusLengthOption(options) {\n const modulusLength = options?.modulusLength ?? 2048;\n if (typeof modulusLength !== 'number' || modulusLength < 2048) {\n throw new JOSENotSupported('Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used');\n }\n return modulusLength;\n}\nexport async function generateKeyPair(alg, options) {\n let algorithm;\n let keyUsages;\n switch (alg) {\n case 'PS256':\n case 'PS384':\n case 'PS512':\n algorithm = {\n name: 'RSA-PSS',\n hash: `SHA-${alg.slice(-3)}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['sign', 'verify'];\n break;\n case 'RS256':\n case 'RS384':\n case 'RS512':\n algorithm = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: `SHA-${alg.slice(-3)}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['sign', 'verify'];\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512':\n algorithm = {\n name: 'RSA-OAEP',\n hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['decrypt', 'unwrapKey', 'encrypt', 'wrapKey'];\n break;\n case 'ES256':\n algorithm = { name: 'ECDSA', namedCurve: 'P-256' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'ES384':\n algorithm = { name: 'ECDSA', namedCurve: 'P-384' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'ES512':\n algorithm = { name: 'ECDSA', namedCurve: 'P-521' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'Ed25519':\n algorithm = { name: 'Ed25519' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'EdDSA': {\n keyUsages = ['sign', 'verify'];\n const crv = options?.crv ?? 'Ed25519';\n switch (crv) {\n case 'Ed25519':\n case 'Ed448':\n algorithm = { name: crv };\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported crv option provided');\n }\n break;\n }\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW': {\n keyUsages = ['deriveKey', 'deriveBits'];\n const crv = options?.crv ?? 'P-256';\n switch (crv) {\n case 'P-256':\n case 'P-384':\n case 'P-521': {\n algorithm = { name: 'ECDH', namedCurve: crv };\n break;\n }\n case 'X25519':\n case 'X448':\n algorithm = { name: crv };\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448');\n }\n break;\n }\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);\n}\n","import { generateKeyPair as generate } from '../runtime/generate.js';\nexport async function generateKeyPair(alg, options) {\n return generate(alg, options);\n}\n","import * as base64url from '../runtime/base64url.js';\nexport const encode = base64url.encode;\nexport const decode = base64url.decode;\n","import { decode as base64url } from './base64url.js';\nimport { decoder } from '../lib/buffer_utils.js';\nimport isObject from '../lib/is_object.js';\nimport { JWTInvalid } from './errors.js';\nexport function decodeJwt(jwt) {\n if (typeof jwt !== 'string')\n throw new JWTInvalid('JWTs must use Compact JWS serialization, JWT must be a string');\n const { 1: payload, length } = jwt.split('.');\n if (length === 5)\n throw new JWTInvalid('Only JWTs using Compact JWS serialization can be decoded');\n if (length !== 3)\n throw new JWTInvalid('Invalid JWT');\n if (!payload)\n throw new JWTInvalid('JWTs must contain a payload');\n let decoded;\n try {\n decoded = base64url(payload);\n }\n catch {\n throw new JWTInvalid('Failed to base64url decode the payload');\n }\n let result;\n try {\n result = JSON.parse(decoder.decode(decoded));\n }\n catch {\n throw new JWTInvalid('Failed to parse the decoded payload as JSON');\n }\n if (!isObject(result))\n throw new JWTInvalid('Invalid JWT Claims Set');\n return result;\n}\n","/**\n * solid-oidc.js - Minimal Solid-OIDC client for browsers\n *\n * A zero-build, single-file Solid-OIDC authentication library.\n *\n * @license MIT\n * @author JavaScriptSolidServer\n * @see https://github.com/JavaScriptSolidServer/solid-oidc\n *\n * Based on solid-oidc-client-browser by uvdsl (Christoph Braun)\n * @see https://github.com/uvdsl/solid-oidc-client-browser\n *\n * Implements:\n * - RFC 6749 - OAuth 2.0\n * - RFC 7636 - PKCE\n * - RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification\n * - RFC 9449 - DPoP (Demonstration of Proof-of-Possession)\n * - Solid-OIDC Specification\n */\n\nimport {\n SignJWT,\n generateKeyPair,\n decodeJwt,\n exportJWK,\n createRemoteJWKSet,\n jwtVerify,\n calculateJwkThumbprint\n} from 'jose'\n\n// ============================================================================\n// Session Events\n// ============================================================================\n\nexport const SessionEvents = {\n STATE_CHANGE: 'sessionStateChange',\n EXPIRATION_WARNING: 'sessionExpirationWarning',\n EXPIRATION: 'sessionExpiration'\n}\n\n// ============================================================================\n// Session Database Interface (IndexedDB Implementation)\n// ============================================================================\n\nexport class SessionDatabase {\n constructor(dbName = 'solid-oidc', storeName = 'session', dbVersion = 1) {\n this.dbName = dbName\n this.storeName = storeName\n this.dbVersion = dbVersion\n this.db = null\n }\n\n async init() {\n return new Promise((resolve, reject) => {\n const request = indexedDB.open(this.dbName, this.dbVersion)\n request.onerror = () => reject(new Error(`Database error: ${request.error}`))\n request.onsuccess = () => {\n this.db = request.result\n resolve(this)\n }\n request.onupgradeneeded = (event) => {\n const db = event.target.result\n if (!db.objectStoreNames.contains(this.storeName)) {\n db.createObjectStore(this.storeName)\n }\n }\n })\n }\n\n async setItem(id, value) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).put(value, id)\n })\n }\n\n async getItem(id) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readonly')\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n const request = tx.objectStore(this.storeName).get(id)\n request.onsuccess = () => resolve(request.result || null)\n })\n }\n\n async deleteItem(id) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).delete(id)\n })\n }\n\n async clear() {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).clear()\n })\n }\n\n close() {\n if (this.db) {\n this.db.close()\n this.db = null\n }\n }\n}\n\n// ============================================================================\n// PKCE Helper (RFC 7636)\n// ============================================================================\n\nasync function generatePKCE() {\n const verifier = crypto.randomUUID() + '-' + crypto.randomUUID()\n const digest = new Uint8Array(\n await crypto.subtle.digest('SHA-256', new TextEncoder().encode(verifier))\n )\n const challenge = btoa(String.fromCharCode(...digest))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '')\n return { verifier, challenge }\n}\n\n// ============================================================================\n// DPoP Helper (RFC 9449)\n// ============================================================================\n\nasync function createDPoPToken(keyPair, htu, htm, ath = null) {\n const publicJwk = await exportJWK(keyPair.publicKey)\n const payload = { htu, htm }\n if (ath) payload.ath = ath\n\n return new SignJWT(payload)\n .setIssuedAt()\n .setJti(crypto.randomUUID())\n .setProtectedHeader({ alg: 'ES256', typ: 'dpop+jwt', jwk: publicJwk })\n .sign(keyPair.privateKey)\n}\n\nasync function computeAth(accessToken) {\n const data = new TextEncoder().encode(accessToken)\n const hashBuffer = await crypto.subtle.digest('SHA-256', data)\n const hashArray = Array.from(new Uint8Array(hashBuffer))\n return btoa(String.fromCharCode(...hashArray))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '')\n}\n\n// ============================================================================\n// OIDC Discovery\n// ============================================================================\n\nasync function discoverOIDC(idp) {\n const origin = new URL(idp).origin\n const response = await fetch(`${origin}/.well-known/openid-configuration`)\n if (!response.ok) throw new Error(`OIDC discovery failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Dynamic Client Registration\n// ============================================================================\n\nasync function registerClient(registrationEndpoint, redirectUris) {\n const response = await fetch(registrationEndpoint, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({\n application_type: 'web',\n redirect_uris: redirectUris,\n token_endpoint_auth_method: 'none',\n grant_types: ['authorization_code', 'refresh_token'],\n response_types: ['code'],\n scope: 'openid offline_access webid'\n })\n })\n if (!response.ok) throw new Error(`Client registration failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Token Request\n// ============================================================================\n\nasync function requestTokens(tokenEndpoint, params, keyPair) {\n const dpop = await createDPoPToken(keyPair, tokenEndpoint, 'POST')\n const response = await fetch(tokenEndpoint, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n 'DPoP': dpop\n },\n body: new URLSearchParams(params)\n })\n if (!response.ok) throw new Error(`Token request failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Token Validation\n// ============================================================================\n\nasync function validateAccessToken(accessToken, jwksUri, issuer, clientId, keyPair) {\n const jwks = createRemoteJWKSet(new URL(jwksUri))\n const { payload } = await jwtVerify(accessToken, jwks, {\n issuer,\n audience: 'solid'\n })\n\n // Verify DPoP binding\n const thumbprint = await calculateJwkThumbprint(await exportJWK(keyPair.publicKey))\n if (payload.cnf?.jkt !== thumbprint) {\n throw new Error('DPoP thumbprint mismatch')\n }\n\n // Verify client_id\n if (payload.client_id !== clientId) {\n throw new Error('client_id mismatch')\n }\n\n return payload\n}\n\n// ============================================================================\n// Refresh Token Grant\n// ============================================================================\n\nasync function refreshTokens(database) {\n await database.init()\n\n const [refreshToken, tokenEndpoint, clientId, keyPair] = await Promise.all([\n database.getItem('refresh_token'),\n database.getItem('token_endpoint'),\n database.getItem('client_id'),\n database.getItem('dpop_keypair')\n ])\n\n if (!refreshToken || !tokenEndpoint || !clientId || !keyPair) {\n throw new Error('Missing refresh data')\n }\n\n const tokens = await requestTokens(tokenEndpoint, {\n grant_type: 'refresh_token',\n refresh_token: refreshToken,\n client_id: clientId\n }, keyPair)\n\n // Persist new refresh token if provided\n if (tokens.refresh_token) {\n await database.setItem('refresh_token', tokens.refresh_token)\n }\n\n database.close()\n return { ...tokens, dpop_key_pair: keyPair }\n}\n\n// ============================================================================\n// Main Session Class\n// ============================================================================\n\nexport class Session extends EventTarget {\n constructor(options = {}) {\n super()\n this.clientId = options.clientId || null\n this.database = options.database || new SessionDatabase()\n this.onStateChange = options.onStateChange || null\n this.onExpirationWarning = options.onExpirationWarning || null\n this.onExpiration = options.onExpiration || null\n\n // Internal state\n this._isActive = false\n this._webId = null\n this._exp = null\n this._ath = null\n this._tokens = null\n this._idpDetails = null\n this._refreshPromise = null\n\n // Set up event listeners\n if (this.onStateChange) {\n this.addEventListener(SessionEvents.STATE_CHANGE, this.onStateChange)\n }\n if (this.onExpirationWarning) {\n this.addEventListener(SessionEvents.EXPIRATION_WARNING, this.onExpirationWarning)\n }\n if (this.onExpiration) {\n this.addEventListener(SessionEvents.EXPIRATION, this.onExpiration)\n }\n }\n\n // ==========================================================================\n // Public API\n // ==========================================================================\n\n get isActive() { return this._isActive }\n get webId() { return this._webId }\n\n isExpired() {\n if (!this._exp) return true\n return Math.floor(Date.now() / 1000) >= this._exp\n }\n\n getExpiresIn() {\n if (!this._exp) return -1\n return this._exp - Math.floor(Date.now() / 1000)\n }\n\n /**\n * Redirect user to identity provider for login\n */\n async login(idp, redirectUri) {\n // Sanitize redirect URI (RFC 6749 Section 3.1.2)\n const redirectUrl = new URL(redirectUri)\n const sanitizedRedirect = redirectUrl.origin + redirectUrl.pathname + redirectUrl.search\n\n // OIDC Discovery\n const config = await discoverOIDC(idp)\n\n // RFC 9207: Verify issuer\n const issuer = config.issuer\n const trimSlash = (s) => s.endsWith('/') ? s.slice(0, -1) : s\n if (trimSlash(idp) !== trimSlash(issuer)) {\n throw new Error(`Issuer mismatch: ${issuer} !== ${idp}`)\n }\n\n // Store IDP details\n sessionStorage.setItem('solid_oidc_idp', issuer)\n sessionStorage.setItem('solid_oidc_token_endpoint', config.token_endpoint)\n sessionStorage.setItem('solid_oidc_jwks_uri', config.jwks_uri)\n\n // Get or register client_id\n let clientId = this.clientId\n if (!clientId) {\n const registration = await registerClient(config.registration_endpoint, [sanitizedRedirect])\n clientId = registration.client_id\n sessionStorage.setItem('solid_oidc_client_id', clientId)\n }\n\n // PKCE (RFC 7636)\n const pkce = await generatePKCE()\n sessionStorage.setItem('solid_oidc_pkce_verifier', pkce.verifier)\n\n // CSRF token\n const csrfToken = crypto.randomUUID()\n sessionStorage.setItem('solid_oidc_csrf', csrfToken)\n\n // Build authorization URL\n const authUrl = new URL(config.authorization_endpoint)\n authUrl.searchParams.set('response_type', 'code')\n authUrl.searchParams.set('redirect_uri', sanitizedRedirect)\n authUrl.searchParams.set('scope', 'openid offline_access webid')\n authUrl.searchParams.set('client_id', clientId)\n authUrl.searchParams.set('code_challenge_method', 'S256')\n authUrl.searchParams.set('code_challenge', pkce.challenge)\n authUrl.searchParams.set('state', csrfToken)\n authUrl.searchParams.set('prompt', 'consent')\n\n // Redirect to IDP\n window.location.href = authUrl.toString()\n }\n\n /**\n * Handle redirect from identity provider after login\n */\n async handleRedirectFromLogin() {\n const url = new URL(window.location.href)\n const code = url.searchParams.get('code')\n\n // No code = not a redirect, nothing to do\n if (!code) return\n\n // RFC 9207: Verify issuer\n const idp = sessionStorage.getItem('solid_oidc_idp')\n const iss = url.searchParams.get('iss')\n if (!idp || iss !== idp) {\n throw new Error(`Issuer mismatch: ${iss} !== ${idp}`)\n }\n\n // RFC 6749: Verify CSRF token\n const csrf = sessionStorage.getItem('solid_oidc_csrf')\n if (url.searchParams.get('state') !== csrf) {\n throw new Error('CSRF token mismatch')\n }\n\n // Clean URL\n url.searchParams.delete('code')\n url.searchParams.delete('iss')\n url.searchParams.delete('state')\n window.history.replaceState({}, document.title, url.toString())\n\n // Get stored values\n const pkceVerifier = sessionStorage.getItem('solid_oidc_pkce_verifier')\n const tokenEndpoint = sessionStorage.getItem('solid_oidc_token_endpoint')\n const jwksUri = sessionStorage.getItem('solid_oidc_jwks_uri')\n const clientId = this.clientId || sessionStorage.getItem('solid_oidc_client_id')\n\n if (!pkceVerifier || !tokenEndpoint || !clientId) {\n throw new Error('Missing session data')\n }\n\n // Generate DPoP key pair\n const keyPair = await generateKeyPair('ES256')\n\n // Exchange code for tokens\n const tokens = await requestTokens(tokenEndpoint, {\n grant_type: 'authorization_code',\n code,\n code_verifier: pkceVerifier,\n redirect_uri: url.origin + url.pathname,\n client_id: clientId\n }, keyPair)\n\n // Validate access token\n await validateAccessToken(tokens.access_token, jwksUri, idp, clientId, keyPair)\n\n // Store IDP details\n this._idpDetails = { idp, jwksUri, tokenEndpoint }\n\n // Persist for refresh\n await this.database.init()\n await Promise.all([\n this.database.setItem('idp', idp),\n this.database.setItem('jwks_uri', jwksUri),\n this.database.setItem('token_endpoint', tokenEndpoint),\n this.database.setItem('client_id', clientId),\n this.database.setItem('dpop_keypair', keyPair),\n this.database.setItem('refresh_token', tokens.refresh_token)\n ])\n this.database.close()\n\n // Clean session storage\n sessionStorage.removeItem('solid_oidc_idp')\n sessionStorage.removeItem('solid_oidc_token_endpoint')\n sessionStorage.removeItem('solid_oidc_jwks_uri')\n sessionStorage.removeItem('solid_oidc_client_id')\n sessionStorage.removeItem('solid_oidc_pkce_verifier')\n sessionStorage.removeItem('solid_oidc_csrf')\n\n // Update session state\n await this._setTokens({ ...tokens, dpop_key_pair: keyPair })\n this._dispatchStateChange()\n }\n\n /**\n * Restore session using stored refresh token\n */\n async restore() {\n if (this._refreshPromise) return this._refreshPromise\n\n this._refreshPromise = (async () => {\n try {\n const tokens = await refreshTokens(this.database)\n await this._setTokens(tokens)\n this._dispatchStateChange()\n } catch (error) {\n if (this._isActive) {\n if (!this.isExpired()) {\n this._dispatchExpirationWarning()\n } else {\n this._dispatchExpiration()\n }\n }\n throw error\n } finally {\n this._refreshPromise = null\n }\n })()\n\n return this._refreshPromise\n }\n\n /**\n * Log out and clear all session data\n */\n async logout() {\n this._isActive = false\n this._webId = null\n this._exp = null\n this._ath = null\n this._tokens = null\n this._idpDetails = null\n\n await this.database.init()\n await this.database.clear()\n this.database.close()\n\n this._dispatchStateChange()\n }\n\n /**\n * Make authenticated fetch request with DPoP\n */\n async authFetch(input, init = {}) {\n // No session = regular fetch\n if (!this._isActive) {\n return fetch(input, init)\n }\n\n // Refresh if expired\n if (this.isExpired()) {\n await this.restore()\n }\n\n // Parse request\n let url, method, headers\n if (input instanceof Request) {\n url = new URL(input.url)\n method = init.method || input.method || 'GET'\n headers = new Headers(input.headers)\n } else {\n url = new URL(input.toString())\n method = init.method || 'GET'\n headers = init.headers ? new Headers(init.headers) : new Headers()\n }\n\n // Create DPoP proof\n const dpop = await createDPoPToken(\n this._tokens.dpop_key_pair,\n `${url.origin}${url.pathname}`,\n method.toUpperCase(),\n this._ath\n )\n\n // Set auth headers\n headers.set('DPoP', dpop)\n headers.set('Authorization', `DPoP ${this._tokens.access_token}`)\n\n // Make request\n if (input instanceof Request) {\n return fetch(new Request(input, { ...init, headers }))\n }\n return fetch(url, { ...init, headers })\n }\n\n // ==========================================================================\n // Internal Methods\n // ==========================================================================\n\n async _setTokens(tokens) {\n this._tokens = tokens\n\n const decoded = decodeJwt(tokens.access_token)\n if (!decoded.webid) throw new Error('Missing webid claim')\n if (!decoded.exp) throw new Error('Missing exp claim')\n\n this._ath = await computeAth(tokens.access_token)\n this._webId = decoded.webid\n this._exp = decoded.exp\n this._isActive = true\n }\n\n _dispatchStateChange() {\n this.dispatchEvent(new CustomEvent(SessionEvents.STATE_CHANGE, {\n detail: { isActive: this._isActive, webId: this._webId }\n }))\n }\n\n _dispatchExpirationWarning() {\n this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION_WARNING, {\n detail: { expires_in: this.getExpiresIn() }\n }))\n }\n\n _dispatchExpiration() {\n this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION))\n }\n}\n\n// ============================================================================\n// Default Export\n// ============================================================================\n\nexport default Session\n","/**\n * Adapter to make solid-oidc compatible with @inrupt/solid-client-authn-browser API\n *\n * This provides a drop-in replacement for the Inrupt Session class using the minimal\n * solid-oidc library from JavaScriptSolidServer.\n *\n * @see https://github.com/JavaScriptSolidServer/solid-oidc\n */\n\nimport {\n Session as SolidOidcSession,\n SessionDatabase\n} from 'solid-oidc'\n\n/**\n * Event names compatible with @inrupt/solid-client-authn-browser\n */\nexport const EVENTS = {\n SESSION_RESTORED: 'sessionRestore',\n LOGIN: 'login',\n LOGOUT: 'logout',\n SESSION_EXPIRED: 'sessionExpired',\n ERROR: 'error'\n} as const\n\n/**\n * Callback type for event listeners\n */\ntype EventCallback = (...args: any[]) => void\n\n/**\n * Simple event emitter for compatibility with Inrupt's session.events API\n */\nclass EventEmitter {\n private listeners: Map> = new Map()\n\n on(event: string, callback: EventCallback): void {\n if (!this.listeners.has(event)) {\n this.listeners.set(event, new Set())\n }\n this.listeners.get(event)!.add(callback)\n }\n\n off(event: string, callback: EventCallback): void {\n this.listeners.get(event)?.delete(callback)\n }\n\n emit(event: string, ...args: unknown[]): void {\n this.listeners.get(event)?.forEach(cb => cb(...args))\n }\n}\n\n/**\n * Session info interface compatible with Inrupt\n */\nexport interface SessionInfo {\n isLoggedIn: boolean\n webId?: string\n sessionId?: string\n expirationDate?: number\n}\n\n/**\n * Options for handleIncomingRedirect\n */\nexport interface HandleRedirectOptions {\n restorePreviousSession?: boolean\n url?: string\n}\n\n/**\n * Options for login\n */\nexport interface LoginOptions {\n oidcIssuer: string\n redirectUrl: string\n clientId?: string\n clientName?: string\n tokenType?: string\n}\n\n/**\n * Session class that wraps solid-oidc to provide @inrupt/solid-client-authn-browser compatible API\n */\nexport class Session {\n private _session: SolidOidcSession\n private _events: EventEmitter\n private _sessionId: string\n\n constructor(options?: { clientId?: string }) {\n this._session = new SolidOidcSession({\n clientId: options?.clientId,\n database: new SessionDatabase(),\n onStateChange: (event) => {\n const detail = (event as CustomEvent).detail\n if (detail?.isActive) {\n this._events.emit(EVENTS.LOGIN)\n this._events.emit(EVENTS.SESSION_RESTORED, window.location.href)\n } else {\n this._events.emit(EVENTS.LOGOUT)\n }\n },\n onExpiration: () => {\n this._events.emit(EVENTS.SESSION_EXPIRED)\n }\n })\n this._events = new EventEmitter()\n this._sessionId = crypto.randomUUID()\n }\n\n /**\n * Event emitter for session events\n */\n get events(): EventEmitter {\n return this._events\n }\n\n /**\n * Session information\n */\n get info(): SessionInfo {\n return {\n isLoggedIn: this._session.isActive,\n webId: this._session.webId ?? undefined,\n sessionId: this._sessionId,\n expirationDate: this._session.isActive\n ? Date.now() + (this._session.getExpiresIn() * 1000)\n : undefined\n }\n }\n\n /**\n * Handle incoming redirect from identity provider\n */\n async handleIncomingRedirect(options?: HandleRedirectOptions | string): Promise {\n // Handle string URL (legacy API)\n const opts: HandleRedirectOptions = typeof options === 'string'\n ? { url: options }\n : options ?? {}\n\n try {\n // First handle any redirect from login\n await this._session.handleRedirectFromLogin()\n\n // If not logged in and restorePreviousSession is true, try to restore\n if (!this._session.isActive && opts.restorePreviousSession !== false) {\n try {\n await this._session.restore()\n } catch {\n // No session to restore, that's okay\n }\n }\n\n return this.info\n } catch (error) {\n this._events.emit(EVENTS.ERROR, error)\n return undefined\n }\n }\n\n /**\n * Initiate login flow\n */\n async login(options: LoginOptions): Promise {\n const redirectUrl = options.redirectUrl || window.location.href\n await this._session.login(options.oidcIssuer, redirectUrl)\n }\n\n /**\n * Log out and clear session\n */\n async logout(): Promise {\n await this._session.logout()\n }\n\n /**\n * Make authenticated fetch request\n */\n async fetch(url: RequestInfo | URL, init?: RequestInit): Promise {\n return this._session.authFetch(url as string, init)\n }\n}\n\nexport default Session\n","import { Session } from './solidOidcAdapter'\n\nexport const authSession = new Session()\n","// Namespaces we commonly use and have common prefixes for around Solid\nimport solidNamespace from 'solid-namespace' // Delegate to this which takes RDFlib as param.\nimport * as $rdf from 'rdflib'\n\nexport const ns = solidNamespace($rdf)","import { graph, NamedNode, Namespace, serialize, sym } from 'rdflib'\nimport { AclLogic } from '../types'\nimport { ns as namespace } from '../util/ns'\n\n\nexport const ACL_LINK = sym(\n 'http://www.iana.org/assignments/link-relations/acl'\n)\n\nexport function createAclLogic(store): AclLogic {\n\n const ns = namespace\n \n async function findAclDocUrl(url: NamedNode) {\n await store.fetcher.load(url)\n const docNode = store.any(url, ACL_LINK)\n if (!docNode) {\n throw new Error(`No ACL link discovered for ${url}`)\n }\n return docNode.value\n }\n /**\n * Simple Access Control\n *\n * This function sets up a simple default ACL for a resource, with\n * RWC for the owner, and a specified access (default none) for the public.\n * In all cases owner has read write control.\n * Parameter lists modes allowed to public\n *\n * @param options\n * @param options.public eg ['Read', 'Write']\n *\n * @returns Resolves with aclDoc uri on successful write\n */\n function setACLUserPublic ( \n docURI: string,\n me: NamedNode,\n options: {\n defaultForNew?: boolean,\n public?: []\n }\n ): Promise {\n const aclDoc = store.any(\n store.sym(docURI),\n ACL_LINK\n )\n\n return Promise.resolve()\n .then(() => {\n if (aclDoc) {\n return aclDoc as NamedNode\n }\n\n return fetchACLRel(docURI).catch(err => {\n throw new Error(`Error fetching rel=ACL header for ${docURI}: ${err}`)\n })\n })\n .then(aclDoc => {\n const aclText = genACLText(docURI, me, aclDoc.uri, options)\n if (!store.fetcher) {\n throw new Error('Cannot PUT this, store has no fetcher')\n }\n return store.fetcher\n .webOperation('PUT', aclDoc.uri, {\n data: aclText,\n contentType: 'text/turtle'\n })\n .then(result => {\n if (!result.ok) {\n throw new Error('Error writing ACL text: ' + result.error)\n }\n\n return aclDoc\n })\n })\n }\n\n /**\n * @param docURI\n * @returns\n */\n function fetchACLRel (docURI: string): Promise {\n const fetcher = store.fetcher\n if (!fetcher) {\n throw new Error('Cannot fetch ACL rel, store has no fetcher')\n }\n\n return fetcher.load(docURI).then(result => {\n if (!result.ok) {\n throw new Error('fetchACLRel: While loading:' + (result as any).error)\n }\n\n const aclDoc = store.any(\n store.sym(docURI),\n ACL_LINK\n )\n\n if (!aclDoc) {\n throw new Error('fetchACLRel: No Link rel=ACL header for ' + docURI)\n }\n\n return aclDoc as NamedNode\n })\n }\n\n /**\n * @param docURI\n * @param me\n * @param aclURI\n * @param options\n *\n * @returns Serialized ACL\n */\n function genACLText (\n docURI: string,\n me: NamedNode,\n aclURI: string,\n options: {\n defaultForNew?: boolean,\n public?: []\n } = {}\n ): string | undefined {\n const optPublic = options.public || []\n const g = graph()\n const auth = Namespace('http://www.w3.org/ns/auth/acl#')\n let a = g.sym(`${aclURI}#a1`)\n const acl = g.sym(aclURI)\n const doc = g.sym(docURI)\n g.add(a, ns.rdf('type'), auth('Authorization'), acl)\n g.add(a, auth('accessTo'), doc, acl)\n if (options.defaultForNew) {\n g.add(a, auth('default'), doc, acl)\n }\n g.add(a, auth('agent'), me, acl)\n g.add(a, auth('mode'), auth('Read'), acl)\n g.add(a, auth('mode'), auth('Write'), acl)\n g.add(a, auth('mode'), auth('Control'), acl)\n\n if (optPublic.length) {\n a = g.sym(`${aclURI}#a2`)\n g.add(a, ns.rdf('type'), auth('Authorization'), acl)\n g.add(a, auth('accessTo'), doc, acl)\n g.add(a, auth('agentClass'), ns.foaf('Agent'), acl)\n for (let p = 0; p < optPublic.length; p++) {\n g.add(a, auth('mode'), auth(optPublic[p]), acl) // Like 'Read' etc\n }\n }\n return serialize(acl, g, aclURI)\n }\n return {\n findAclDocUrl,\n setACLUserPublic,\n genACLText\n }\n}","import { NamedNode, sym } from 'rdflib'\nimport * as debug from '../util/debug'\n\n/**\n * find a user or app's context as set in window.SolidAppContext\n * this is a const, not a function, because we have problems to jest mock it otherwise\n * see: https://github.com/facebook/jest/issues/936#issuecomment-545080082 for more\n * @return {any} - an appContext object\n */\nexport const appContext = ():any => {\n let { SolidAppContext }: any = window\n SolidAppContext ||= {}\n SolidAppContext.viewingNoAuthPage = false\n if (SolidAppContext.noAuth && window.document) {\n const currentPage = window.document.location.href\n if (currentPage.startsWith(SolidAppContext.noAuth)) {\n SolidAppContext.viewingNoAuthPage = true\n const params = new URLSearchParams(window.document.location.search)\n if (params) {\n let viewedPage = SolidAppContext.viewedPage = params.get('uri') || null\n if (viewedPage) {\n viewedPage = decodeURI(viewedPage)\n if (!viewedPage.startsWith(SolidAppContext.noAuth)) {\n const ary = viewedPage.split(/\\//)\n SolidAppContext.idp = ary[0] + '//' + ary[2]\n SolidAppContext.viewingNoAuthPage = false\n }\n }\n }\n }\n }\n return SolidAppContext\n}\n\n/**\n * Returns `sym($SolidTestEnvironment.username)` if\n * `$SolidTestEnvironment.username` is defined as a global\n * or \n * returns testID defined in the HTML page\n * @returns {NamedNode|null}\n */\nexport function offlineTestID (): NamedNode | null {\n const { $SolidTestEnvironment }: any = window\n if (\n typeof $SolidTestEnvironment !== 'undefined' &&\n $SolidTestEnvironment.username\n ) {\n // Test setup\n debug.log('Assuming the user is ' + $SolidTestEnvironment.username)\n return sym($SolidTestEnvironment.username)\n }\n // hack that makes SolidOS work in offline mode by adding the webId directly in html\n // example usage: https://github.com/solidos/mashlib/blob/29b8b53c46bf02e0e219f0bacd51b0e9951001dd/test/contact/local.html#L37\n if (\n typeof document !== 'undefined' &&\n document.location &&\n ('' + document.location).slice(0, 16) === 'http://localhost'\n ) {\n const div = document.getElementById('appTarget')\n if (!div) return null\n const id = div.getAttribute('testID')\n if (!id) return null\n debug.log('Assuming user is ' + id)\n return sym(id)\n }\n return null\n}\n","import { namedNode, NamedNode, sym } from 'rdflib'\nimport { appContext, offlineTestID } from './authUtil'\nimport * as debug from '../util/debug'\nimport { EVENTS, Session } from '../authSession/solidOidcAdapter'\nimport { AuthenticationContext, AuthnLogic } from '../types'\n\nexport class SolidAuthnLogic implements AuthnLogic {\n private session: Session\n\n constructor(solidAuthSession: Session) {\n this.session = solidAuthSession\n }\n\n // we created authSession getter because we want to access it as authn.authSession externally\n get authSession():Session { return this.session }\n\n currentUser(): NamedNode | null {\n const app = appContext()\n if (app.viewingNoAuthPage) {\n return sym(app.webId)\n }\n if (this && this.session && this.session.info && this.session.info.webId && this.session.info.isLoggedIn) {\n return sym(this.session.info.webId)\n }\n return offlineTestID() // null unless testing\n }\n\n /**\n * Retrieves currently logged in webId from either\n * defaultTestUser or SolidAuth\n * Also activates a session after login\n * @param [setUserCallback] Optional callback\n * @returns Resolves with webId uri, if no callback provided\n */\n async checkUser (\n setUserCallback?: (me: NamedNode | null) => T\n ): Promise {\n // Save hash for \"restorePreviousSession\"\n const preLoginRedirectHash = new URL(window.location.href).hash\n if (preLoginRedirectHash) {\n window.localStorage.setItem('preLoginRedirectHash', preLoginRedirectHash)\n }\n this.session.events.on(EVENTS.SESSION_RESTORED, (url) => {\n debug.log(`Session restored to ${url}`)\n if (document.location.toString() !== url) history.replaceState(null, '', url as string)\n })\n\n /**\n * Handle a successful authentication redirect\n */\n const redirectUrl = new URL(window.location.href)\n redirectUrl.hash = ''\n await this.session\n .handleIncomingRedirect({\n restorePreviousSession: true,\n url: redirectUrl.href\n })\n\n // Check to see if a hash was stored in local storage\n const postLoginRedirectHash = window.localStorage.getItem('preLoginRedirectHash')\n if (postLoginRedirectHash) {\n const curUrl = new URL(window.location.href)\n if (curUrl.hash !== postLoginRedirectHash) {\n if (history.pushState) {\n // debug.log('Setting window.location.has using pushState')\n history.pushState(null, document.title, postLoginRedirectHash)\n } else {\n // debug.warn('Setting window.location.has using location.hash')\n location.hash = postLoginRedirectHash\n }\n curUrl.hash = postLoginRedirectHash\n }\n // See https://stackoverflow.com/questions/3870057/how-can-i-update-window-location-hash-without-jumping-the-document\n // window.location.href = curUrl.toString()// @@ See https://developer.mozilla.org/en-US/docs/Web/API/Window/location\n window.localStorage.setItem('preLoginRedirectHash', '')\n }\n\n // Check to see if already logged in / have the WebID\n let me = offlineTestID()\n if (me) {\n return Promise.resolve(setUserCallback ? setUserCallback(me) : me)\n }\n\n const webId = this.webIdFromSession(this.session.info)\n if (webId) {\n me = this.saveUser(webId)\n }\n\n if (me) {\n debug.log(`(Logged in as ${me} by authentication)`)\n }\n\n return Promise.resolve(setUserCallback ? setUserCallback(me) : me)\n }\n\n /**\n * Saves `webId` in `context.me`\n * @param webId\n * @param context\n *\n * @returns Returns the WebID, after setting it\n */\n saveUser (\n webId: NamedNode | string | null,\n context?: AuthenticationContext\n ): NamedNode | null {\n let webIdUri: string\n if (webId) {\n webIdUri = (typeof webId === 'string') ? webId : webId.uri\n const me = namedNode(webIdUri)\n if (context) {\n context.me = me\n }\n return me\n }\n return null\n }\n\n /**\n * @returns {Promise} Resolves with WebID URI or null\n */\n webIdFromSession (session?: { webId?: string, isLoggedIn: boolean }): string | null {\n const webId = session?.webId && session.isLoggedIn ? session.webId : null\n return webId\n }\n\n}\n","import { NamedNode, sym } from 'rdflib'\n\nexport function newThing(doc: NamedNode): NamedNode {\n return sym(doc.uri + '#' + 'id' + ('' + Date.now()))\n}\n\nexport function uniqueNodes (arr: NamedNode[]): NamedNode[] {\n const uris = arr.map(x => x.uri)\n const set = new Set(uris)\n const uris2 = Array.from(set)\n const arr2 = uris2.map(u => new NamedNode(u))\n return arr2 // Array.from(new Set(arr.map(x => x.uri))).map(u => sym(u))\n}\n\nexport function getArchiveUrl(baseUrl: string, date: Date) {\n const year = date.getUTCFullYear()\n const month = ('0' + (date.getUTCMonth()+1)).slice(-2)\n const day = ('0' + (date.getUTCDate())).slice(-2)\n const parts = baseUrl.split('/')\n const filename = parts[parts.length -1 ]\n return new URL(`./archive/${year}/${month}/${day}/${filename}`, baseUrl).toString()\n}\n\nexport function differentOrigin(doc): boolean {\n if (!doc) {\n return true\n }\n return (\n `${window.location.origin}/` !== new URL(doc.value).origin\n )\n}\n\nexport function suggestPreferencesFile (me:NamedNode) {\n const stripped = me.uri.replace('/profile/', '/').replace('/public/', '/')\n // const stripped = me.uri.replace(\\/[p|P]rofile/\\g, '/').replace(\\/[p|P]ublic/\\g, '/')\n const folderURI = stripped.split('/').slice(0,-1).join('/') + '/Settings/'\n const fileURI = folderURI + 'Preferences.ttl'\n return sym(fileURI)\n}\n\nexport function determineChatContainer(\n invitee: NamedNode,\n podRoot: NamedNode\n): NamedNode {\n // Create chat\n // See https://gitter.im/solid/chat-app?at=5f3c800f855be416a23ae74a\n const chatContainerStr = new URL(\n `IndividualChats/${new URL(invitee.value).host}/`,\n podRoot.value\n ).toString()\n return new NamedNode(chatContainerStr)\n}\n","import { NamedNode, Node, st, term } from 'rdflib'\nimport { ChatLogic, CreatedPaneOptions, NewPaneOptions, Chat } from '../types'\nimport { ns as namespace } from '../util/ns'\nimport { determineChatContainer, newThing } from '../util/utils'\n\nconst CHAT_LOCATION_IN_CONTAINER = 'index.ttl#this'\n\nexport function createChatLogic(store, profileLogic): ChatLogic {\n const ns = namespace\n\n async function setAcl(\n chatContainer: NamedNode,\n me: NamedNode,\n invitee: NamedNode\n ): Promise {\n // Some servers don't present a Link http response header\n // if the container doesn't exist yet, so refetch the container\n // now that it has been created:\n await store.fetcher.load(chatContainer)\n\n // FIXME: check the Why value on this quad:\n const chatAclDoc = store.any(\n chatContainer,\n new NamedNode('http://www.iana.org/assignments/link-relations/acl')\n )\n if (!chatAclDoc) {\n throw new Error('Chat ACL doc not found!')\n }\n\n const aclBody = `\n @prefix acl: .\n <#owner>\n a acl:Authorization;\n acl:agent <${me.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Write, acl:Control.\n <#invitee>\n a acl:Authorization;\n acl:agent <${invitee.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Append.\n `\n await store.fetcher.webOperation('PUT', chatAclDoc.value, {\n data: aclBody,\n contentType: 'text/turtle',\n })\n }\n\n async function addToPrivateTypeIndex(chatThing, me) {\n // Add to private type index\n const privateTypeIndex = store.any(\n me,\n ns.solid('privateTypeIndex')\n ) as NamedNode | null\n if (!privateTypeIndex) {\n throw new Error('Private type index not found!')\n }\n await store.fetcher.load(privateTypeIndex)\n const reg = newThing(privateTypeIndex)\n const ins = [\n st(\n reg,\n ns.rdf('type'),\n ns.solid('TypeRegistration'),\n privateTypeIndex.doc()\n ),\n st(\n reg,\n ns.solid('forClass'),\n ns.meeting('LongChat'),\n privateTypeIndex.doc()\n ),\n st(reg, ns.solid('instance'), chatThing, privateTypeIndex.doc()),\n ]\n await new Promise((resolve, reject) => {\n store.updater.update([], ins, function (_uri, ok, errm) {\n if (!ok) {\n reject(new Error(errm))\n } else {\n resolve(null)\n }\n })\n })\n }\n\n async function findChat(invitee: NamedNode): Promise {\n const me = await profileLogic.loadMe()\n const podRoot = await profileLogic.getPodRoot(me)\n const chatContainer = determineChatContainer(invitee, podRoot)\n let exists = true\n try {\n await store.fetcher.load(\n new NamedNode(chatContainer.value + 'index.ttl#this')\n )\n } catch (e) {\n exists = false\n }\n return { me, chatContainer, exists }\n }\n\n async function createChatThing(\n chatContainer: NamedNode,\n me: NamedNode\n ): Promise {\n const created = await mintNew({\n me,\n newBase: chatContainer.value,\n })\n return created.newInstance\n }\n\n function mintNew(newPaneOptions: NewPaneOptions): Promise {\n const kb = store\n const updater = kb.updater\n if (newPaneOptions.me && !newPaneOptions.me.uri) {\n throw new Error('chat mintNew: Invalid userid ' + newPaneOptions.me)\n }\n\n const newInstance = (newPaneOptions.newInstance =\n newPaneOptions.newInstance ||\n kb.sym(newPaneOptions.newBase + CHAT_LOCATION_IN_CONTAINER))\n const newChatDoc = newInstance.doc()\n\n kb.add(\n newInstance,\n ns.rdf('type'),\n ns.meeting('LongChat'),\n newChatDoc\n )\n kb.add(newInstance, ns.dc('title'), 'Chat channel', newChatDoc)\n kb.add(\n newInstance,\n ns.dc('created'),\n term(new Date(Date.now())),\n newChatDoc\n )\n if (newPaneOptions.me) {\n kb.add(newInstance, ns.dc('author'), newPaneOptions.me, newChatDoc)\n }\n\n return new Promise(function (resolve, reject) {\n updater?.put(\n newChatDoc,\n kb.statementsMatching(undefined, undefined, undefined, newChatDoc),\n 'text/turtle',\n function (uri2, ok, message) {\n if (ok) {\n resolve({\n ...newPaneOptions,\n newInstance,\n })\n } else {\n reject(\n new Error(\n 'FAILED to save new chat channel at: ' + uri2 + ' : ' + message\n )\n )\n }\n }\n )\n })\n }\n\n /**\n * Find (and optionally create) an individual chat between the current user and the given invitee\n * @param invitee - The person to chat with\n * @param createIfMissing - Whether the chat should be created, if missing\n * @returns null if missing, or a node referring to an already existing chat, or the newly created chat\n */\n async function getChat(\n invitee: NamedNode,\n createIfMissing = true\n ): Promise {\n const { me, chatContainer, exists } = await findChat(invitee)\n if (exists) {\n return new NamedNode(chatContainer.value + CHAT_LOCATION_IN_CONTAINER)\n }\n\n if (createIfMissing) {\n const chatThing = await createChatThing(chatContainer, me)\n await sendInvite(invitee, chatThing)\n await setAcl(chatContainer, me, invitee)\n await addToPrivateTypeIndex(chatThing, me)\n return chatThing\n }\n return null\n }\n\n async function sendInvite(invitee: NamedNode, chatThing: NamedNode) {\n await store.fetcher.load(invitee.doc())\n const inviteeInbox = store.any(\n invitee,\n ns.ldp('inbox'),\n undefined,\n invitee.doc()\n )\n if (!inviteeInbox) {\n throw new Error(`Invitee inbox not found! ${invitee.value}`)\n }\n const inviteBody = `\n <> a ;\n ${ns.rdf('seeAlso')} <${chatThing.value}> .\n `\n\n const inviteResponse = await store.fetcher?.webOperation(\n 'POST',\n inviteeInbox.value,\n {\n data: inviteBody,\n contentType: 'text/turtle',\n }\n )\n const locationStr = inviteResponse?.headers.get('location')\n if (!locationStr) {\n throw new Error(`Invite sending returned a ${inviteResponse?.status}`)\n }\n }\n return {\n setAcl, addToPrivateTypeIndex, findChat, createChatThing, getChat, sendInvite, mintNew\n }\n}\n","import { NamedNode } from 'rdflib'\nimport { InboxLogic } from '../types'\nimport { getArchiveUrl } from '../util/utils'\n\nexport function createInboxLogic(store, profileLogic, utilityLogic, containerLogic, aclLogic): InboxLogic {\n\n async function createInboxFor(peerWebId: string, nick: string) {\n const myWebId: NamedNode = await profileLogic.loadMe()\n const podRoot: NamedNode = await profileLogic.getPodRoot(myWebId)\n const ourInbox = `${podRoot.value}p2p-inboxes/${encodeURIComponent(nick)}/`\n await containerLogic.createContainer(ourInbox)\n // const aclDocUrl = await aclLogic.findAclDocUrl(ourInbox);\n await utilityLogic.setSinglePeerAccess({\n ownerWebId: myWebId.value,\n peerWebId,\n accessToModes: 'acl:Append',\n target: ourInbox\n })\n return ourInbox\n }\n\n async function getNewMessages(\n user?: NamedNode\n ): Promise {\n if (!user) {\n user = await profileLogic.loadMe()\n }\n const inbox = await profileLogic.getMainInbox(user)\n const urls = await containerLogic.getContainerMembers(inbox)\n return urls.filter(url => !containerLogic.isContainer(url))\n }\n\n async function markAsRead(url: string, date: Date) {\n const downloaded = await store.fetcher._fetch(url)\n if (downloaded.status !== 200) {\n throw new Error(`Not OK! ${url}`)\n }\n const archiveUrl = getArchiveUrl(url, date)\n const options = {\n method: 'PUT',\n body: await downloaded.text(),\n headers: [\n ['Content-Type', downloaded.headers.get('Content-Type') || 'application/octet-stream']\n ]\n }\n const uploaded = await store.fetcher._fetch(archiveUrl, options)\n if (uploaded.status.toString()[0] === '2') {\n await store.fetcher._fetch(url, {\n method: 'DELETE'\n })\n }\n }\n return {\n createInboxFor,\n getNewMessages,\n markAsRead\n }\n}\n","class CustomError extends Error {\n constructor(message?: string) {\n super(message)\n // see: typescriptlang.org/docs/handbook/release-notes/typescript-2-2.html\n Object.setPrototypeOf(this, new.target.prototype) // restore prototype chain\n this.name = new.target.name // stack traces display correctly now\n }\n}\n\nexport class UnauthorizedError extends CustomError {}\n\nexport class CrossOriginForbiddenError extends CustomError {}\n\nexport class SameOriginForbiddenError extends CustomError {}\n\nexport class NotFoundError extends CustomError {}\n\nexport class NotEditableError extends CustomError { }\n\nexport class WebOperationError extends CustomError {}\n\nexport class FetchError extends CustomError {\n status: number\n\n constructor(status: number, message?: string) {\n super(message)\n this.status = status\n }\n}","import { NamedNode } from 'rdflib'\nimport { CrossOriginForbiddenError, FetchError, NotEditableError, SameOriginForbiddenError, UnauthorizedError, WebOperationError } from '../logic/CustomError'\nimport * as debug from '../util/debug'\nimport { ns as namespace } from '../util/ns'\nimport { differentOrigin, suggestPreferencesFile } from '../util/utils'\nimport { ProfileLogic } from '../types'\n\nexport function createProfileLogic(store, authn, utilityLogic): ProfileLogic {\n const ns = namespace\n\n /**\n * loads the preference without throwing errors - if it can create it it does so.\n * remark: it still throws error if it cannot load profile.\n * @param user\n * @returns undefined if preferenceFile cannot be returned or NamedNode if it can find it or create it\n */\n async function silencedLoadPreferences(user: NamedNode): Promise {\n try {\n return await loadPreferences(user)\n } catch (err) {\n return undefined\n }\n }\n\n /**\n * loads the preference without returning different errors if it cannot create or load it.\n * remark: it also throws error if it cannot load profile.\n * @param user\n * @returns undefined if preferenceFile cannot be an Error or NamedNode if it can find it or create it\n */\n async function loadPreferences (user: NamedNode): Promise {\n await loadProfile(user)\n\n const possiblePreferencesFile = suggestPreferencesFile(user)\n let preferencesFile\n try {\n preferencesFile = await utilityLogic.followOrCreateLink(user, ns.space('preferencesFile') as NamedNode, possiblePreferencesFile, user.doc())\n } catch (err) {\n const message = `User ${user} has no pointer in profile to preferences file.`\n debug.warn(message)\n // we are listing the possible errors\n if (err instanceof NotEditableError) { throw err }\n if (err instanceof WebOperationError) { throw err }\n if (err instanceof UnauthorizedError) { throw err }\n if (err instanceof CrossOriginForbiddenError) { throw err }\n if (err instanceof SameOriginForbiddenError) { throw err }\n if (err instanceof FetchError) { throw err }\n throw err\n }\n\n try {\n await store.fetcher.load(preferencesFile as NamedNode)\n } catch (err) { // Maybe a permission problem or origin problem\n const msg = `Unable to load preference of user ${user}: ${err}`\n debug.warn(msg)\n if (err.response.status === 401) {\n throw new UnauthorizedError()\n }\n if (err.response.status === 403) {\n if (differentOrigin(preferencesFile)) {\n throw new CrossOriginForbiddenError()\n }\n throw new SameOriginForbiddenError()\n }\n /*if (err.response.status === 404) {\n throw new NotFoundError();\n }*/\n throw new Error(msg)\n }\n return preferencesFile as NamedNode\n }\n\n async function loadProfile (user: NamedNode):Promise {\n if (!user) {\n throw new Error('loadProfile: no user given.')\n }\n try {\n await store.fetcher.load(user.doc())\n } catch (err) {\n throw new Error(`Unable to load profile of user ${user}: ${err}`)\n }\n return user.doc()\n }\n\n async function loadMe(): Promise {\n const me = authn.currentUser()\n if (me === null) {\n throw new Error('Current user not found! Not logged in?')\n }\n await store.fetcher.load(me.doc())\n return me\n }\n\n function getPodRoot(user: NamedNode): NamedNode {\n const podRoot = findStorage(user)\n if (!podRoot) {\n throw new Error('User pod root not found!')\n }\n return podRoot as NamedNode\n }\n\n async function getMainInbox(user: NamedNode): Promise {\n await store.fetcher.load(user)\n const mainInbox = store.any(user, ns.ldp('inbox'), undefined, user.doc())\n if (!mainInbox) {\n throw new Error('User main inbox not found!')\n }\n return mainInbox as NamedNode\n }\n\n function findStorage(me: NamedNode) {\n return store.any(me, ns.space('storage'), undefined, me.doc())\n }\n\n return {\n loadMe,\n getPodRoot,\n getMainInbox,\n findStorage,\n loadPreferences,\n loadProfile,\n silencedLoadPreferences\n }\n}\n","import { NamedNode, st, sym } from 'rdflib'\nimport { ScopedApp, TypeIndexLogic, TypeIndexScope } from '../types'\nimport * as debug from '../util/debug'\nimport { ns as namespace } from '../util/ns'\nimport { newThing } from '../util/utils'\n\nexport function createTypeIndexLogic(store, authn, profileLogic, utilityLogic): TypeIndexLogic {\n const ns = namespace\n\n function getRegistrations(instance, theClass) {\n return store\n .each(undefined, ns.solid('instance'), instance)\n .filter((r) => {\n return store.holds(r, ns.solid('forClass'), theClass)\n })\n }\n\n async function loadTypeIndexesFor(user: NamedNode): Promise> {\n if (!user) throw new Error('loadTypeIndexesFor: No user given')\n const profile = await profileLogic.loadProfile(user)\n\n const suggestion = suggestPublicTypeIndex(user)\n let publicTypeIndex\n try {\n publicTypeIndex = await utilityLogic.followOrCreateLink(user, ns.solid('publicTypeIndex') as NamedNode, suggestion, profile)\n } catch (err) {\n const message = `User ${user} has no pointer in profile to publicTypeIndex file.`\n debug.warn(message)\n }\n const publicScopes = publicTypeIndex ? [{ label: 'public', index: publicTypeIndex as NamedNode, agent: user }] : []\n\n let preferencesFile\n try {\n preferencesFile = await profileLogic.silencedLoadPreferences(user)\n } catch (err) {\n preferencesFile = null\n }\n\n let privateScopes\n if (preferencesFile) { // watch out - can be in either as spec was not clear. Legacy is profile.\n // If there is a legacy one linked from the profile, use that.\n // Otherwiae use or make one linked from Preferences\n const suggestedPrivateTypeIndex = suggestPrivateTypeIndex(preferencesFile)\n let privateTypeIndex\n try {\n privateTypeIndex = store.any(user, ns.solid('privateTypeIndex'), undefined, profile) ||\n await utilityLogic.followOrCreateLink(user, ns.solid('privateTypeIndex') as NamedNode, suggestedPrivateTypeIndex, preferencesFile)\n } catch (err) {\n const message = `User ${user} has no pointer in preference file to privateTypeIndex file.`\n debug.warn(message)\n }\n privateScopes = privateTypeIndex ? [{ label: 'private', index: privateTypeIndex as NamedNode, agent: user }] : []\n } else {\n privateScopes = []\n }\n const scopes = publicScopes.concat(privateScopes)\n if (scopes.length === 0) return scopes\n const files = scopes.map(scope => scope.index)\n try {\n await store.fetcher.load(files)\n } catch (err) {\n debug.warn('Problems loading type index: ', err)\n }\n return scopes\n }\n\n async function loadCommunityTypeIndexes(user: NamedNode): Promise {\n let preferencesFile\n try {\n preferencesFile = await profileLogic.silencedLoadPreferences(user)\n } catch (err) {\n const message = `User ${user} has no pointer in profile to preferences file.`\n debug.warn(message)\n }\n if (preferencesFile) { // For now, pick up communities as simple links from the preferences file.\n const communities = store.each(user, ns.solid('community'), undefined, preferencesFile as NamedNode).concat(\n store.each(user, ns.solid('community'), undefined, user.doc() as NamedNode)\n )\n let result = []\n for (const org of communities) {\n result = result.concat(await loadTypeIndexesFor(org as NamedNode) as any)\n }\n return result\n }\n return [] // No communities\n }\n\n async function loadAllTypeIndexes(user: NamedNode) {\n return (await loadTypeIndexesFor(user)).concat((await loadCommunityTypeIndexes(user)).flat())\n }\n\n async function getScopedAppInstances(klass: NamedNode, user: NamedNode): Promise {\n const scopes = await loadAllTypeIndexes(user)\n let scopedApps = []\n for (const scope of scopes) {\n const scopedApps0 = await getScopedAppsFromIndex(scope, klass) as any\n scopedApps = scopedApps.concat(scopedApps0)\n }\n return scopedApps\n }\n\n // This is the function signature which used to be in solid-ui/logic\n // Recommended to use getScopedAppInstances instead as it provides more information.\n //\n async function getAppInstances(klass: NamedNode): Promise {\n const user = authn.currentUser()\n if (!user) throw new Error('getAppInstances: Must be logged in to find apps.')\n const scopedAppInstances = await getScopedAppInstances(klass, user)\n return scopedAppInstances.map(scoped => scoped.instance)\n }\n\n function suggestPublicTypeIndex(me: NamedNode) {\n return sym(me.doc().dir()?.uri + 'publicTypeIndex.ttl')\n }\n // Note this one is based off the pref file not the profile\n\n function suggestPrivateTypeIndex(preferencesFile: NamedNode) {\n return sym(preferencesFile.doc().dir()?.uri + 'privateTypeIndex.ttl')\n }\n\n /*\n * Register a new app in a type index\n * used in chat in bookmark.js (solid-ui)\n * Returns the registration object if successful else null\n */\n async function registerInTypeIndex(\n instance: NamedNode,\n index: NamedNode,\n theClass: NamedNode,\n // agent: NamedNode\n ): Promise {\n const registration = newThing(index)\n const ins = [\n // See https://github.com/solid/solid/blob/main/proposals/data-discovery.md\n st(registration, ns.rdf('type'), ns.solid('TypeRegistration'), index),\n st(registration, ns.solid('forClass'), theClass, index),\n st(registration, ns.solid('instance'), instance, index)\n ]\n try {\n await store.updater.update([], ins)\n } catch (err) {\n const msg = `Unable to register ${instance} in index ${index}: ${err}`\n console.warn(msg)\n return null\n }\n return registration\n }\n\n async function deleteTypeIndexRegistration(item) {\n const reg = store.the(null, ns.solid('instance'), item.instance, item.scope.index) as NamedNode\n if (!reg) throw new Error(`deleteTypeIndexRegistration: No registration found for ${item.instance}`)\n const statements = store.statementsMatching(reg, null, null, item.scope.index)\n await store.updater.update(statements, [])\n }\n\n async function getScopedAppsFromIndex(scope: TypeIndexScope, theClass: NamedNode | null): Promise {\n const index = scope.index\n const results: ScopedApp[] = []\n const registrations = store.statementsMatching(null, ns.solid('instance'), null, index)\n .concat(store.statementsMatching(null, ns.solid('instanceContainer'), null, index))\n .map(st => st.subject)\n for (const reg of registrations) {\n const klass = store.any(reg, ns.solid('forClass'), null, index)\n if (!theClass || klass.sameTerm(theClass)) {\n const instances = store.each(reg, ns.solid('instance'), null, index)\n for (const instance of instances) {\n results.push({ instance, type: klass, scope })\n }\n const containers = store.each(reg, ns.solid('instanceContainer'), null, index)\n for (const instance of containers) {\n await store.fetcher.load(instance)\n results.push({ instance: sym(instance.value), type: klass, scope })\n }\n }\n }\n return results\n }\n\n return {\n registerInTypeIndex,\n getRegistrations,\n loadTypeIndexesFor,\n loadCommunityTypeIndexes,\n loadAllTypeIndexes,\n getScopedAppInstances,\n getAppInstances,\n suggestPublicTypeIndex,\n suggestPrivateTypeIndex,\n deleteTypeIndexRegistration,\n getScopedAppsFromIndex\n }\n}\n","import { NamedNode, Statement, sym } from 'rdflib'\n\n/**\n * Container-related class\n */\nexport function createContainerLogic(store) {\n\n function getContainerElements(containerNode: NamedNode): NamedNode[] {\n return store\n .statementsMatching(\n containerNode,\n sym('http://www.w3.org/ns/ldp#contains'),\n undefined\n )\n .map((st: Statement) => st.object as NamedNode)\n }\n\n function isContainer(url: NamedNode) {\n const nodeToString = url.value\n return nodeToString.charAt(nodeToString.length - 1) === '/'\n }\n\n async function createContainer(url: string) {\n const stringToNode = sym(url)\n if (!isContainer(stringToNode)) {\n throw new Error(`Not a container URL ${url}`)\n }\n // Copied from https://github.com/solidos/solid-crud-tests/blob/v3.1.0/test/surface/create-container.test.ts#L56-L64\n const result = await store.fetcher._fetch(url, {\n method: 'PUT',\n headers: {\n 'Content-Type': 'text/turtle',\n 'If-None-Match': '*',\n Link: '; rel=\"type\"', // See https://github.com/solidos/node-solid-server/issues/1465\n },\n body: ' ', // work around https://github.com/michielbdejong/community-server/issues/4#issuecomment-776222863\n })\n if (result.status.toString()[0] !== '2') {\n throw new Error(`Not OK: got ${result.status} response while creating container at ${url}`)\n }\n }\n\n async function getContainerMembers(containerUrl: NamedNode): Promise {\n await store.fetcher.load(containerUrl)\n return getContainerElements(containerUrl)\n }\n return {\n isContainer,\n createContainer,\n getContainerElements,\n getContainerMembers\n }\n}","import { NamedNode, st, sym } from 'rdflib'\nimport { CrossOriginForbiddenError, FetchError, NotEditableError, SameOriginForbiddenError, UnauthorizedError, WebOperationError } from '../logic/CustomError'\nimport * as debug from '../util/debug'\nimport { differentOrigin } from './utils'\n\nexport function createUtilityLogic(store, aclLogic, containerLogic) {\n\n async function recursiveDelete(containerNode: NamedNode) {\n try {\n if (containerLogic.isContainer(containerNode)) {\n const aclDocUrl = await aclLogic.findAclDocUrl(containerNode)\n await store.fetcher._fetch(aclDocUrl, { method: 'DELETE' })\n const containerMembers = await containerLogic.getContainerMembers(containerNode)\n await Promise.all(\n containerMembers.map((url) => recursiveDelete(url))\n )\n }\n const nodeToStringHere = containerNode.value\n return store.fetcher._fetch(nodeToStringHere, { method: 'DELETE' })\n } catch (e) {\n debug.log(`Please manually remove ${containerNode.value} from your system.`, e)\n }\n }\n\n /**\n * Create a resource if it really does not exist\n * Be absolutely sure something does not exist before creating a new empty file\n * as otherwise existing could be deleted.\n * @param doc {NamedNode} - The resource\n */\n async function loadOrCreateIfNotExists(doc: NamedNode) {\n let response\n try {\n response = await store.fetcher.load(doc)\n } catch (err) {\n if (err.response.status === 404) {\n try {\n await store.fetcher.webOperation('PUT', doc, { data: '', contentType: 'text/turtle' })\n } catch (err) {\n const msg = 'createIfNotExists: PUT FAILED: ' + doc + ': ' + err\n throw new WebOperationError(msg)\n }\n await store.fetcher.load(doc)\n } else {\n if (err.response.status === 401) {\n throw new UnauthorizedError()\n }\n if (err.response.status === 403) {\n if (differentOrigin(doc)) {\n throw new CrossOriginForbiddenError()\n }\n throw new SameOriginForbiddenError()\n }\n const msg = 'createIfNotExists doc load error NOT 404: ' + doc + ': ' + err\n throw new FetchError(err.status, err.message + msg)\n }\n }\n return response\n }\n\n /* Follow link from this doc to another thing, or else make a new link\n **\n ** @returns existing object, or creates it if non existent\n */\n async function followOrCreateLink(subject: NamedNode, predicate: NamedNode,\n object: NamedNode, doc: NamedNode\n ): Promise {\n await store.fetcher.load(doc)\n const result = store.any(subject, predicate, null, doc)\n\n if (result) return result as NamedNode\n if (!store.updater.editable(doc)) {\n const msg = `followOrCreateLink: cannot edit ${doc.value}`\n debug.warn(msg)\n throw new NotEditableError(msg)\n }\n try {\n await store.updater.update([], [st(subject, predicate, object, doc)])\n } catch (err) {\n const msg = `followOrCreateLink: Error making link in ${doc} to ${object}: ${err}`\n debug.warn(msg)\n throw new WebOperationError(err)\n }\n\n try {\n await loadOrCreateIfNotExists(object)\n // store.fetcher.webOperation('PUT', object, { data: '', contentType: 'text/turtle'})\n } catch (err) {\n debug.warn(`followOrCreateLink: Error loading or saving new linked document: ${object}: ${err}`)\n throw err\n }\n return object\n }\n\n // Copied from https://github.com/solidos/web-access-control-tests/blob/v3.0.0/test/surface/delete.test.ts#L5\n async function setSinglePeerAccess(options: {\n ownerWebId: string,\n peerWebId: string,\n accessToModes?: string,\n defaultModes?: string,\n target: string\n }) {\n let str = [\n '@prefix acl: .',\n '',\n `<#alice> a acl:Authorization;\\n acl:agent <${options.ownerWebId}>;`,\n ` acl:accessTo <${options.target}>;`,\n ` acl:default <${options.target}>;`,\n ' acl:mode acl:Read, acl:Write, acl:Control.',\n ''\n ].join('\\n')\n if (options.accessToModes) {\n str += [\n '<#bobAccessTo> a acl:Authorization;',\n ` acl:agent <${options.peerWebId}>;`,\n ` acl:accessTo <${options.target}>;`,\n ` acl:mode ${options.accessToModes}.`,\n ''\n ].join('\\n')\n }\n if (options.defaultModes) {\n str += [\n '<#bobDefault> a acl:Authorization;',\n ` acl:agent <${options.peerWebId}>;`,\n ` acl:default <${options.target}>;`,\n ` acl:mode ${options.defaultModes}.`,\n ''\n ].join('\\n')\n }\n const aclDocUrl = await aclLogic.findAclDocUrl(sym(options.target))\n return store.fetcher._fetch(aclDocUrl, {\n method: 'PUT',\n body: str,\n headers: [\n ['Content-Type', 'text/turtle']\n ]\n })\n }\n\n async function createEmptyRdfDoc(doc: NamedNode, comment: string) {\n await store.fetcher.webOperation('PUT', doc.uri, {\n data: `# ${new Date()} ${comment}\n `,\n contentType: 'text/turtle',\n })\n }\n \n return {\n recursiveDelete,\n setSinglePeerAccess,\n createEmptyRdfDoc,\n followOrCreateLink,\n loadOrCreateIfNotExists\n }\n}\n\n","import { Session } from '../authSession/solidOidcAdapter'\nimport * as rdf from 'rdflib'\nimport { LiveStore, NamedNode, Statement } from 'rdflib'\nimport { createAclLogic } from '../acl/aclLogic'\nimport { SolidAuthnLogic } from '../authn/SolidAuthnLogic'\nimport { createChatLogic } from '../chat/chatLogic'\nimport { createInboxLogic } from '../inbox/inboxLogic'\nimport { createProfileLogic } from '../profile/profileLogic'\nimport { createTypeIndexLogic } from '../typeIndex/typeIndexLogic'\nimport { createContainerLogic } from '../util/containerLogic'\nimport { createUtilityLogic } from '../util/utilityLogic'\nimport { AuthnLogic, SolidLogic } from '../types'\nimport * as debug from '../util/debug'\n/*\n** It is important to distinquish `fetch`, a function provided by the browser\n** and `Fetcher`, a helper object for the rdflib Store which turns it\n** into a `ConnectedStore` or a `LiveStore`. A Fetcher object is\n** available at store.fetcher, and `fetch` function at `store.fetcher._fetch`,\n*/\nexport function createSolidLogic(specialFetch: { fetch: (url: any, requestInit: any) => any }, session: Session): SolidLogic {\n\n debug.log('SolidLogic: Unique instance created. There should only be one of these.')\n const store: LiveStore = rdf.graph() as LiveStore\n rdf.fetcher(store, {fetch: specialFetch.fetch}) // Attach a web I/O module, store.fetcher\n store.updater = new rdf.UpdateManager(store) // Add real-time live updates store.updater\n store.features = [] // disable automatic node merging on store load\n\n const authn: AuthnLogic = new SolidAuthnLogic(session)\n \n const acl = createAclLogic(store)\n const containerLogic = createContainerLogic(store)\n const utilityLogic = createUtilityLogic(store, acl, containerLogic)\n const profile = createProfileLogic(store, authn, utilityLogic)\n const chat = createChatLogic(store, profile)\n const inbox = createInboxLogic(store, profile, utilityLogic, containerLogic, acl)\n const typeIndex = createTypeIndexLogic(store, authn, profile, utilityLogic)\n debug.log('SolidAuthnLogic initialized')\n\n function load(doc: NamedNode | NamedNode[] | string) {\n return store.fetcher.load(doc)\n }\n\n // @@@@ use the one in rdflib.js when it is available and delete this\n function updatePromise(\n del: Array,\n ins: Array = []\n ): Promise {\n return new Promise((resolve, reject) => {\n store.updater.update(del, ins, function (_uri, ok, errorBody) {\n if (!ok) {\n reject(new Error(errorBody))\n } else {\n resolve()\n }\n }) // callback\n }) // promise\n }\n\n function clearStore() {\n store.statements.slice().forEach(store.remove.bind(store))\n }\n\n return {\n store,\n authn,\n acl,\n inbox,\n chat,\n profile,\n typeIndex,\n load,\n updatePromise,\n clearStore\n }\n}\n","import * as debug from '../util/debug'\nimport { authSession } from '../authSession/authSession'\nimport { createSolidLogic } from './solidLogic'\nimport { SolidLogic } from '../types'\n\nconst _fetch = async (url, requestInit) => {\n const omitCreds = requestInit && requestInit.credentials && requestInit.credentials == 'omit'\n if (authSession.info.webId && !omitCreds) { // see https://github.com/solidos/solidos/issues/114\n // In fact fetch should respect credentials omit itself\n return authSession.fetch(url, requestInit)\n } else {\n return window.fetch(url, requestInit)\n }\n}\n\n// Global singleton pattern to ensure unique store across library versions\nconst SINGLETON_SYMBOL = Symbol.for('solid-logic-singleton')\n\n// Type the global object properly with the singleton\ninterface GlobalWithSingleton {\n [SINGLETON_SYMBOL]?: SolidLogic\n}\n\nconst globalTarget = (typeof window !== 'undefined' ? window : global) as GlobalWithSingleton\n\nfunction getOrCreateSingleton(): SolidLogic {\n if (!globalTarget[SINGLETON_SYMBOL]) {\n debug.log('SolidLogic: Creating new global singleton instance.')\n globalTarget[SINGLETON_SYMBOL] = createSolidLogic({ fetch: _fetch }, authSession)\n debug.log('Unique quadstore initialized.')\n } else {\n debug.log('SolidLogic: Using existing global singleton instance.')\n }\n return globalTarget[SINGLETON_SYMBOL]!\n}\n//this const makes solidLogicSingleton global accessible in mashlib\nconst solidLogicSingleton = getOrCreateSingleton()\n\nexport { solidLogicSingleton }","const DEFAULT_ISSUERS = [\n {\n name: 'Solid Community',\n uri: 'https://solidcommunity.net'\n },\n {\n name: 'Solid Web',\n uri: 'https://solidweb.org'\n },\n {\n name: 'Solid Web ME',\n uri: 'https://solidweb.me'\n },\n {\n name: 'Inrupt.com',\n uri: 'https://login.inrupt.com'\n }\n]\n\n/**\n * @returns - A list of suggested OIDC issuers\n */\nexport function getSuggestedIssuers (): { name: string, uri: string }[] {\n // Suggest a default list of OIDC issuers\n const issuers = [...DEFAULT_ISSUERS]\n \n // Suggest the current host if not already included\n const { host, origin } = new URL(location.href)\n const hosts = issuers.map(({ uri }) => new URL(uri).host)\n if (!hosts.includes(host) && !hosts.some(existing => isSubdomainOf(host, existing))) {\n issuers.unshift({ name: host, uri: origin })\n }\n \n return issuers\n }\n \nfunction isSubdomainOf (subdomain: string, domain: string): boolean {\n const dot = subdomain.length - domain.length - 1\n return dot > 0 && subdomain[dot] === '.' && subdomain.endsWith(domain)\n}","// Make these variables directly accessible as it is what you need most of the time\n// This also makes these variable globaly accesible in mashlib\nimport { solidLogicSingleton } from './logic/solidLogicSingleton'\n\nconst authn = solidLogicSingleton.authn\nconst authSession = solidLogicSingleton.authn.authSession\nconst store = solidLogicSingleton.store\n\nexport { ACL_LINK } from './acl/aclLogic'\nexport { offlineTestID, appContext } from './authn/authUtil'\nexport { getSuggestedIssuers } from './issuer/issuerLogic'\nexport { createTypeIndexLogic } from './typeIndex/typeIndexLogic'\nexport type { AppDetails, SolidNamespace, AuthenticationContext, SolidLogic, ChatLogic } from './types'\nexport { UnauthorizedError, CrossOriginForbiddenError, SameOriginForbiddenError, NotFoundError, FetchError, NotEditableError, WebOperationError } from './logic/CustomError'\n\nexport {\n solidLogicSingleton, // solidLogicSingleton is exported entirely because it is used in solid-panes\n store,\n authn,\n authSession\n}\n\n"],"names":[],"ignoreList":[],"sourceRoot":""} \ No newline at end of file diff --git a/dist/solid-logic.min.js b/dist/solid-logic.min.js new file mode 100644 index 0000000..732a711 --- /dev/null +++ b/dist/solid-logic.min.js @@ -0,0 +1,22 @@ +!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t(require("$rdf")):"function"==typeof define&&define.amd?define("SolidLogic",["$rdf"],t):"object"==typeof exports?exports.SolidLogic=t(require("$rdf")):e.SolidLogic=t(e.$rdf)}(this,e=>(()=>{var t={264(t){"use strict";t.exports=e},386(e){const t={acl:"http://www.w3.org/ns/auth/acl#",arg:"http://www.w3.org/ns/pim/arg#",as:"https://www.w3.org/ns/activitystreams#",bookmark:"http://www.w3.org/2002/01/bookmark#",cal:"http://www.w3.org/2002/12/cal/ical#",cco:"http://www.ontologyrepository.com/CommonCoreOntologies/",cert:"http://www.w3.org/ns/auth/cert#",contact:"http://www.w3.org/2000/10/swap/pim/contact#",dc:"http://purl.org/dc/elements/1.1/",dct:"http://purl.org/dc/terms/",doap:"http://usefulinc.com/ns/doap#",foaf:"http://xmlns.com/foaf/0.1/",geo:"http://www.w3.org/2003/01/geo/wgs84_pos#",gpx:"http://www.w3.org/ns/pim/gpx#",gr:"http://purl.org/goodrelations/v1#",http:"http://www.w3.org/2007/ont/http#",httph:"http://www.w3.org/2007/ont/httph#",icalTZ:"http://www.w3.org/2002/12/cal/icaltzd#",ldp:"http://www.w3.org/ns/ldp#",link:"http://www.w3.org/2007/ont/link#",log:"http://www.w3.org/2000/10/swap/log#",meeting:"http://www.w3.org/ns/pim/meeting#",mo:"http://purl.org/ontology/mo/",org:"http://www.w3.org/ns/org#",owl:"http://www.w3.org/2002/07/owl#",pad:"http://www.w3.org/ns/pim/pad#",patch:"http://www.w3.org/ns/pim/patch#",prov:"http://www.w3.org/ns/prov#",pto:"http://www.productontology.org/id/",qu:"http://www.w3.org/2000/10/swap/pim/qif#",trip:"http://www.w3.org/ns/pim/trip#",rdf:"http://www.w3.org/1999/02/22-rdf-syntax-ns#",rdfs:"http://www.w3.org/2000/01/rdf-schema#",rss:"http://purl.org/rss/1.0/",sched:"http://www.w3.org/ns/pim/schedule#",schema:"http://schema.org/",sioc:"http://rdfs.org/sioc/ns#",skos:"http://www.w3.org/2004/02/skos/core#",solid:"http://www.w3.org/ns/solid/terms#",space:"http://www.w3.org/ns/pim/space#",stat:"http://www.w3.org/ns/posix/stat#",tab:"http://www.w3.org/2007/ont/link#",tabont:"http://www.w3.org/2007/ont/link#",ui:"http://www.w3.org/ns/ui#",vann:"http://purl.org/vocab/vann/",vcard:"http://www.w3.org/2006/vcard/ns#",wf:"http://www.w3.org/2005/01/wf/flow#",xsd:"http://www.w3.org/2001/XMLSchema#"};e.exports=function(e={namedNode:e=>e}){const r={};for(const n in t){const o=t[n];r[n]=function(t=""){return e.namedNode(o+t)}}return r}}},r={};function n(e){var o=r[e];if(void 0!==o)return o.exports;var s=r[e]={exports:{}};return t[e](s,s.exports,n),s.exports}n.n=e=>{var t=e&&e.__esModule?()=>e.default:()=>e;return n.d(t,{a:t}),t},n.d=(e,t)=>{for(var r in t)n.o(t,r)&&!n.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},n.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),n.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),n.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})};var o={};return(()=>{"use strict";function e(...e){console.log(...e)}function t(...e){console.warn(...e)}n.r(o),n.d(o,{ACL_LINK:()=>Ze,CrossOriginForbiddenError:()=>lt,FetchError:()=>ft,NotEditableError:()=>wt,NotFoundError:()=>ut,SameOriginForbiddenError:()=>ht,UnauthorizedError:()=>dt,WebOperationError:()=>pt,appContext:()=>et,authSession:()=>It,authn:()=>At,createTypeIndexLogic:()=>mt,getSuggestedIssuers:()=>kt,offlineTestID:()=>tt,solidLogicSingleton:()=>Et,store:()=>Pt});const r=crypto,s=e=>e instanceof CryptoKey;function a(e,t,...r){if((r=r.filter(Boolean)).length>2){const t=r.pop();e+=`one of type ${r.join(", ")}, or ${t}.`}else 2===r.length?e+=`one of type ${r[0]} or ${r[1]}.`:e+=`of type ${r[0]}.`;return null==t?e+=` Received ${t}`:"function"==typeof t&&t.name?e+=` Received function ${t.name}`:"object"==typeof t&&null!=t&&t.constructor?.name&&(e+=` Received an instance of ${t.constructor.name}`),e}const i=(e,...t)=>a("Key must be ",e,...t);function c(e,t,...r){return a(`Key for the ${e} algorithm must be `,t,...r)}const d=new TextEncoder,l=new TextDecoder;function h(...e){const t=e.reduce((e,{length:t})=>e+t,0),r=new Uint8Array(t);let n=0;for(const t of e)r.set(t,n),n+=t.length;return r}const u=e=>(e=>{let t=e;"string"==typeof t&&(t=d.encode(t));const r=[];for(let e=0;e{let t=e;t instanceof Uint8Array&&(t=l.decode(t)),t=t.replace(/-/g,"+").replace(/_/g,"/").replace(/\s/g,"");try{return(e=>{const t=atob(e),r=new Uint8Array(t.length);for(let e=0;e!!s(e)||"KeyObject"===e?.[Symbol.toStringTag],f=["CryptoKey"],y=async e=>{if(e instanceof Uint8Array)return{kty:"oct",k:u(e)};if(!s(e))throw new TypeError(i(e,...f,"Uint8Array"));if(!e.extractable)throw new TypeError("non-extractable CryptoKey cannot be exported as a JWK");const{ext:t,key_ops:n,alg:o,use:a,...c}=await r.subtle.exportKey("jwk",e);return c};async function m(e){return y(e)}class g extends Error{constructor(e,t){super(e,t),this.code="ERR_JOSE_GENERIC",this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor)}}g.code="ERR_JOSE_GENERIC";class b extends g{constructor(e,t,r="unspecified",n="unspecified"){super(e,{cause:{claim:r,reason:n,payload:t}}),this.code="ERR_JWT_CLAIM_VALIDATION_FAILED",this.claim=r,this.reason=n,this.payload=t}}b.code="ERR_JWT_CLAIM_VALIDATION_FAILED";class _ extends g{constructor(e,t,r="unspecified",n="unspecified"){super(e,{cause:{claim:r,reason:n,payload:t}}),this.code="ERR_JWT_EXPIRED",this.claim=r,this.reason=n,this.payload=t}}_.code="ERR_JWT_EXPIRED";class S extends g{constructor(){super(...arguments),this.code="ERR_JOSE_ALG_NOT_ALLOWED"}}S.code="ERR_JOSE_ALG_NOT_ALLOWED";class E extends g{constructor(){super(...arguments),this.code="ERR_JOSE_NOT_SUPPORTED"}}E.code="ERR_JOSE_NOT_SUPPORTED";(class extends g{constructor(e="decryption operation failed",t){super(e,t),this.code="ERR_JWE_DECRYPTION_FAILED"}}).code="ERR_JWE_DECRYPTION_FAILED";(class extends g{constructor(){super(...arguments),this.code="ERR_JWE_INVALID"}}).code="ERR_JWE_INVALID";class v extends g{constructor(){super(...arguments),this.code="ERR_JWS_INVALID"}}v.code="ERR_JWS_INVALID";class k extends g{constructor(){super(...arguments),this.code="ERR_JWT_INVALID"}}k.code="ERR_JWT_INVALID";class A extends g{constructor(){super(...arguments),this.code="ERR_JWK_INVALID"}}A.code="ERR_JWK_INVALID";class I extends g{constructor(){super(...arguments),this.code="ERR_JWKS_INVALID"}}I.code="ERR_JWKS_INVALID";class P extends g{constructor(e="no applicable key found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_NO_MATCHING_KEY"}}P.code="ERR_JWKS_NO_MATCHING_KEY";class T extends g{constructor(e="multiple matching keys found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS"}}Symbol.asyncIterator,T.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS";class x extends g{constructor(e="request timed out",t){super(e,t),this.code="ERR_JWKS_TIMEOUT"}}x.code="ERR_JWKS_TIMEOUT";class C extends g{constructor(e="signature verification failed",t){super(e,t),this.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED"}}function R(e,t){const r=`SHA-${e.slice(-3)}`;switch(e){case"HS256":case"HS384":case"HS512":return{hash:r,name:"HMAC"};case"PS256":case"PS384":case"PS512":return{hash:r,name:"RSA-PSS",saltLength:e.slice(-3)>>3};case"RS256":case"RS384":case"RS512":return{hash:r,name:"RSASSA-PKCS1-v1_5"};case"ES256":case"ES384":case"ES512":return{hash:r,name:"ECDSA",namedCurve:t.namedCurve};case"Ed25519":return{name:"Ed25519"};case"EdDSA":return{name:t.name};default:throw new E(`alg ${e} is not supported either by JOSE or your javascript runtime`)}}C.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED";const $=(e,t)=>{if(e.startsWith("RS")||e.startsWith("PS")){const{modulusLength:r}=t.algorithm;if("number"!=typeof r||r<2048)throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`)}};function W(e,t="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`)}function U(e,t){return e.name===t}function O(e){return parseInt(e.name.slice(4),10)}function D(e,t){if(t.length&&!t.some(t=>e.usages.includes(t))){let e="CryptoKey does not support this operation, its usages must include ";if(t.length>2){const r=t.pop();e+=`one of ${t.join(", ")}, or ${r}.`}else 2===t.length?e+=`one of ${t[0]} or ${t[1]}.`:e+=`${t[0]}.`;throw new TypeError(e)}}function L(e,t,...r){switch(t){case"HS256":case"HS384":case"HS512":{if(!U(e.algorithm,"HMAC"))throw W("HMAC");const r=parseInt(t.slice(2),10);if(O(e.algorithm.hash)!==r)throw W(`SHA-${r}`,"algorithm.hash");break}case"RS256":case"RS384":case"RS512":{if(!U(e.algorithm,"RSASSA-PKCS1-v1_5"))throw W("RSASSA-PKCS1-v1_5");const r=parseInt(t.slice(2),10);if(O(e.algorithm.hash)!==r)throw W(`SHA-${r}`,"algorithm.hash");break}case"PS256":case"PS384":case"PS512":{if(!U(e.algorithm,"RSA-PSS"))throw W("RSA-PSS");const r=parseInt(t.slice(2),10);if(O(e.algorithm.hash)!==r)throw W(`SHA-${r}`,"algorithm.hash");break}case"EdDSA":if("Ed25519"!==e.algorithm.name&&"Ed448"!==e.algorithm.name)throw W("Ed25519 or Ed448");break;case"Ed25519":if(!U(e.algorithm,"Ed25519"))throw W("Ed25519");break;case"ES256":case"ES384":case"ES512":{if(!U(e.algorithm,"ECDSA"))throw W("ECDSA");const r=function(e){switch(e){case"ES256":return"P-256";case"ES384":return"P-384";case"ES512":return"P-521";default:throw new Error("unreachable")}}(t);if(e.algorithm.namedCurve!==r)throw W(r,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}D(e,r)}function N(e){if("object"!=typeof(t=e)||null===t||"[object Object]"!==Object.prototype.toString.call(e))return!1;var t;if(null===Object.getPrototypeOf(e))return!0;let r=e;for(;null!==Object.getPrototypeOf(r);)r=Object.getPrototypeOf(r);return Object.getPrototypeOf(e)===r}function H(e){return N(e)&&"string"==typeof e.kty}const J=async e=>{if(!e.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');const{algorithm:t,keyUsages:n}=function(e){let t,r;switch(e.kty){case"RSA":switch(e.alg){case"PS256":case"PS384":case"PS512":t={name:"RSA-PSS",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RS256":case"RS384":case"RS512":t={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":t={name:"RSA-OAEP",hash:`SHA-${parseInt(e.alg.slice(-3),10)||1}`},r=e.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new E('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"EC":switch(e.alg){case"ES256":t={name:"ECDSA",namedCurve:"P-256"},r=e.d?["sign"]:["verify"];break;case"ES384":t={name:"ECDSA",namedCurve:"P-384"},r=e.d?["sign"]:["verify"];break;case"ES512":t={name:"ECDSA",namedCurve:"P-521"},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:"ECDH",namedCurve:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new E('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"OKP":switch(e.alg){case"Ed25519":t={name:"Ed25519"},r=e.d?["sign"]:["verify"];break;case"EdDSA":t={name:e.crv},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new E('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;default:throw new E('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return{algorithm:t,keyUsages:r}}(e),o=[t,e.ext??!1,e.key_ops??n],s={...e};return delete s.alg,delete s.use,r.subtle.importKey("jwk",s,...o)},K=e=>w(e);let j,M;const F=e=>"KeyObject"===e?.[Symbol.toStringTag],z=async(e,t,r,n,o=!1)=>{let s=e.get(t);if(s?.[n])return s[n];const a=await J({...r,alg:n});return o&&Object.freeze(t),s?s[n]=a:e.set(t,{[n]:a}),a},q=(e,t)=>{if(F(e)){let r=e.export({format:"jwk"});return delete r.d,delete r.dp,delete r.dq,delete r.p,delete r.q,delete r.qi,r.k?K(r.k):(M||(M=new WeakMap),z(M,e,r,t))}if(H(e)){if(e.k)return w(e.k);M||(M=new WeakMap);return z(M,e,e,t,!0)}return e},V=(e,t)=>{if(F(e)){let r=e.export({format:"jwk"});return r.k?K(r.k):(j||(j=new WeakMap),z(j,e,r,t))}if(H(e)){if(e.k)return w(e.k);j||(j=new WeakMap);return z(j,e,e,t,!0)}return e};async function B(e,t,n){if("sign"===n&&(t=await V(t,e)),"verify"===n&&(t=await q(t,e)),s(t))return L(t,e,n),t;if(t instanceof Uint8Array){if(!e.startsWith("HS"))throw new TypeError(i(t,...f));return r.subtle.importKey("raw",t,{hash:`SHA-${e.slice(-3)}`,name:"HMAC"},!1,[n])}throw new TypeError(i(t,...f,"Uint8Array","JSON Web Key"))}const G=async(e,t,n)=>{const o=await B(e,t,"sign");$(e,o);const s=await r.subtle.sign(R(e,o.algorithm),o,n);return new Uint8Array(s)},X=(...e)=>{const t=e.filter(Boolean);if(0===t.length||1===t.length)return!0;let r;for(const e of t){const t=Object.keys(e);if(r&&0!==r.size)for(const e of t){if(r.has(e))return!1;r.add(e)}else r=new Set(t)}return!0},Y=e=>e?.[Symbol.toStringTag],Z=(e,t,r)=>{if(void 0!==t.use&&"sig"!==t.use)throw new TypeError("Invalid key for this operation, when present its use must be sig");if(void 0!==t.key_ops&&!0!==t.key_ops.includes?.(r))throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${r}`);if(void 0!==t.alg&&t.alg!==e)throw new TypeError(`Invalid key for this operation, when present its alg must be ${e}`);return!0},Q=(e,t,r,n)=>{if(!(t instanceof Uint8Array)){if(n&&H(t)){if(function(e){return H(e)&&"oct"===e.kty&&"string"==typeof e.k}(t)&&Z(e,t,r))return;throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present')}if(!p(t))throw new TypeError(c(e,t,...f,"Uint8Array",n?"JSON Web Key":null));if("secret"!==t.type)throw new TypeError(`${Y(t)} instances for symmetric algorithms must be of type "secret"`)}};function ee(e,t,r,n){t.startsWith("HS")||"dir"===t||t.startsWith("PBES2")||/^A\d{3}(?:GCM)?KW$/.test(t)?Q(t,r,n,e):((e,t,r,n)=>{if(n&&H(t))switch(r){case"sign":if(function(e){return"oct"!==e.kty&&"string"==typeof e.d}(t)&&Z(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a private JWK");case"verify":if(function(e){return"oct"!==e.kty&&void 0===e.d}(t)&&Z(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a public JWK")}if(!p(t))throw new TypeError(c(e,t,...f,n?"JSON Web Key":null));if("secret"===t.type)throw new TypeError(`${Y(t)} instances for asymmetric algorithms must not be of type "secret"`);if("sign"===r&&"public"===t.type)throw new TypeError(`${Y(t)} instances for asymmetric algorithm signing must be of type "private"`);if("decrypt"===r&&"public"===t.type)throw new TypeError(`${Y(t)} instances for asymmetric algorithm decryption must be of type "private"`);if(t.algorithm&&"verify"===r&&"private"===t.type)throw new TypeError(`${Y(t)} instances for asymmetric algorithm verifying must be of type "public"`);if(t.algorithm&&"encrypt"===r&&"private"===t.type)throw new TypeError(`${Y(t)} instances for asymmetric algorithm encryption must be of type "public"`)})(t,r,n,e)}ee.bind(void 0,!1);const te=ee.bind(void 0,!0);const re=function(e,t,r,n,o){if(void 0!==o.crit&&void 0===n?.crit)throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');if(!n||void 0===n.crit)return new Set;if(!Array.isArray(n.crit)||0===n.crit.length||n.crit.some(e=>"string"!=typeof e||0===e.length))throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let s;s=void 0!==r?new Map([...Object.entries(r),...t.entries()]):t;for(const t of n.crit){if(!s.has(t))throw new E(`Extension Header Parameter "${t}" is not recognized`);if(void 0===o[t])throw new e(`Extension Header Parameter "${t}" is missing`);if(s.get(t)&&void 0===n[t])throw new e(`Extension Header Parameter "${t}" MUST be integrity protected`)}return new Set(n.crit)};class ne{constructor(e){if(!(e instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");this._payload=e}setProtectedHeader(e){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=e,this}setUnprotectedHeader(e){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=e,this}async sign(e,t){if(!this._protectedHeader&&!this._unprotectedHeader)throw new v("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!X(this._protectedHeader,this._unprotectedHeader))throw new v("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const r={...this._protectedHeader,...this._unprotectedHeader};let n=!0;if(re(v,new Map([["b64",!0]]),t?.crit,this._protectedHeader,r).has("b64")&&(n=this._protectedHeader.b64,"boolean"!=typeof n))throw new v('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:o}=r;if("string"!=typeof o||!o)throw new v('JWS "alg" (Algorithm) Header Parameter missing or invalid');te(o,e,"sign");let s,a=this._payload;n&&(a=d.encode(u(a))),s=this._protectedHeader?d.encode(u(JSON.stringify(this._protectedHeader))):d.encode("");const i=h(s,d.encode("."),a),c=await G(o,e,i),w={signature:u(c),payload:""};return n&&(w.payload=l.decode(a)),this._unprotectedHeader&&(w.header=this._unprotectedHeader),this._protectedHeader&&(w.protected=l.decode(s)),w}}class oe{constructor(e){this._flattened=new ne(e)}setProtectedHeader(e){return this._flattened.setProtectedHeader(e),this}async sign(e,t){const r=await this._flattened.sign(e,t);if(void 0===r.payload)throw new TypeError("use the flattened module for creating JWS with b64: false");return`${r.protected}.${r.payload}.${r.signature}`}}const se=e=>Math.floor(e.getTime()/1e3),ae=86400,ie=/^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i,ce=e=>{const t=ie.exec(e);if(!t||t[4]&&t[1])throw new TypeError("Invalid time period format");const r=parseFloat(t[2]);let n;switch(t[3].toLowerCase()){case"sec":case"secs":case"second":case"seconds":case"s":n=Math.round(r);break;case"minute":case"minutes":case"min":case"mins":case"m":n=Math.round(60*r);break;case"hour":case"hours":case"hr":case"hrs":case"h":n=Math.round(3600*r);break;case"day":case"days":case"d":n=Math.round(r*ae);break;case"week":case"weeks":case"w":n=Math.round(604800*r);break;default:n=Math.round(31557600*r)}return"-"===t[1]||"ago"===t[4]?-n:n};function de(e,t){if(!Number.isFinite(t))throw new TypeError(`Invalid ${e} input`);return t}class le{constructor(e={}){if(!N(e))throw new TypeError("JWT Claims Set MUST be an object");this._payload=e}setIssuer(e){return this._payload={...this._payload,iss:e},this}setSubject(e){return this._payload={...this._payload,sub:e},this}setAudience(e){return this._payload={...this._payload,aud:e},this}setJti(e){return this._payload={...this._payload,jti:e},this}setNotBefore(e){return"number"==typeof e?this._payload={...this._payload,nbf:de("setNotBefore",e)}:e instanceof Date?this._payload={...this._payload,nbf:de("setNotBefore",se(e))}:this._payload={...this._payload,nbf:se(new Date)+ce(e)},this}setExpirationTime(e){return"number"==typeof e?this._payload={...this._payload,exp:de("setExpirationTime",e)}:e instanceof Date?this._payload={...this._payload,exp:de("setExpirationTime",se(e))}:this._payload={...this._payload,exp:se(new Date)+ce(e)},this}setIssuedAt(e){return void 0===e?this._payload={...this._payload,iat:se(new Date)}:e instanceof Date?this._payload={...this._payload,iat:de("setIssuedAt",se(e))}:this._payload="string"==typeof e?{...this._payload,iat:de("setIssuedAt",se(new Date)+ce(e))}:{...this._payload,iat:de("setIssuedAt",e)},this}}class he extends le{setProtectedHeader(e){return this._protectedHeader=e,this}async sign(e,t){const r=new oe(d.encode(JSON.stringify(this._payload)));if(r.setProtectedHeader(this._protectedHeader),Array.isArray(this._protectedHeader?.crit)&&this._protectedHeader.crit.includes("b64")&&!1===this._protectedHeader.b64)throw new k("JWTs MUST NOT use unencoded payload");return r.sign(e,t)}}const ue=async(e,t,r)=>{let n,o,s=!1;"function"==typeof AbortController&&(n=new AbortController,o=setTimeout(()=>{s=!0,n.abort()},t));const a=await fetch(e.href,{signal:n?n.signal:void 0,redirect:"manual",headers:r.headers}).catch(e=>{if(s)throw new x;throw e});if(void 0!==o&&clearTimeout(o),200!==a.status)throw new g("Expected 200 OK from the JSON Web Key Set HTTP response");try{return await a.json()}catch{throw new g("Failed to parse the JSON Web Key Set HTTP response as JSON")}};async function we(e,t){if(!N(e))throw new TypeError("JWK must be an object");switch(t||(t=e.alg),e.kty){case"oct":if("string"!=typeof e.k||!e.k)throw new TypeError('missing "k" (Key Value) Parameter value');return w(e.k);case"RSA":if("oth"in e&&void 0!==e.oth)throw new E('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');case"EC":case"OKP":return J({...e,alg:t});default:throw new E('Unsupported "kty" (Key Type) Parameter value')}}function pe(e){return N(e)}function fe(e){return"function"==typeof structuredClone?structuredClone(e):JSON.parse(JSON.stringify(e))}class ye{constructor(e){if(this._cached=new WeakMap,!function(e){return e&&"object"==typeof e&&Array.isArray(e.keys)&&e.keys.every(pe)}(e))throw new I("JSON Web Key Set malformed");this._jwks=fe(e)}async getKey(e,t){const{alg:r,kid:n}={...e,...t?.header},o=function(e){switch("string"==typeof e&&e.slice(0,2)){case"RS":case"PS":return"RSA";case"ES":return"EC";case"Ed":return"OKP";default:throw new E('Unsupported "alg" value for a JSON Web Key Set')}}(r),s=this._jwks.keys.filter(e=>{let t=o===e.kty;if(t&&"string"==typeof n&&(t=n===e.kid),t&&"string"==typeof e.alg&&(t=r===e.alg),t&&"string"==typeof e.use&&(t="sig"===e.use),t&&Array.isArray(e.key_ops)&&(t=e.key_ops.includes("verify")),t)switch(r){case"ES256":t="P-256"===e.crv;break;case"ES256K":t="secp256k1"===e.crv;break;case"ES384":t="P-384"===e.crv;break;case"ES512":t="P-521"===e.crv;break;case"Ed25519":t="Ed25519"===e.crv;break;case"EdDSA":t="Ed25519"===e.crv||"Ed448"===e.crv}return t}),{0:a,length:i}=s;if(0===i)throw new P;if(1!==i){const e=new T,{_cached:t}=this;throw e[Symbol.asyncIterator]=async function*(){for(const e of s)try{yield await me(t,e,r)}catch{}},e}return me(this._cached,a,r)}}async function me(e,t,r){const n=e.get(t)||e.set(t,{}).get(t);if(void 0===n[r]){const e=await we({...t,ext:!0},r);if(e instanceof Uint8Array||"public"!==e.type)throw new I("JSON Web Key Set members must be public keys");n[r]=e}return n[r]}function ge(e){const t=new ye(e),r=async(e,r)=>t.getKey(e,r);return Object.defineProperties(r,{jwks:{value:()=>fe(t._jwks),enumerable:!0,configurable:!1,writable:!1}}),r}let be;if("undefined"==typeof navigator||!navigator.userAgent?.startsWith?.("Mozilla/5.0 ")){be=`${"jose"}/${"v5.10.0"}`}const _e=Symbol();class Se{constructor(e,t){if(!(e instanceof URL))throw new TypeError("url must be an instance of URL");var r,n;this._url=new URL(e.href),this._options={agent:t?.agent,headers:t?.headers},this._timeoutDuration="number"==typeof t?.timeoutDuration?t?.timeoutDuration:5e3,this._cooldownDuration="number"==typeof t?.cooldownDuration?t?.cooldownDuration:3e4,this._cacheMaxAge="number"==typeof t?.cacheMaxAge?t?.cacheMaxAge:6e5,void 0!==t?.[_e]&&(this._cache=t?.[_e],r=t?.[_e],n=this._cacheMaxAge,"object"==typeof r&&null!==r&&"uat"in r&&"number"==typeof r.uat&&!(Date.now()-r.uat>=n)&&"jwks"in r&&N(r.jwks)&&Array.isArray(r.jwks.keys)&&Array.prototype.every.call(r.jwks.keys,N)&&(this._jwksTimestamp=this._cache.uat,this._local=ge(this._cache.jwks)))}coolingDown(){return"number"==typeof this._jwksTimestamp&&Date.now(){this._local=ge(e),this._cache&&(this._cache.uat=Date.now(),this._cache.jwks=e),this._jwksTimestamp=Date.now(),this._pendingFetch=void 0}).catch(e=>{throw this._pendingFetch=void 0,e})),await this._pendingFetch}}const Ee=async(e,t,n,o)=>{const s=await B(e,t,"verify");$(e,s);const a=R(e,s.algorithm);try{return await r.subtle.verify(a,s,n,o)}catch{return!1}},ve=(e,t)=>{if(void 0!==t&&(!Array.isArray(t)||t.some(e=>"string"!=typeof e)))throw new TypeError(`"${e}" option must be an array of strings`);if(t)return new Set(t)};async function ke(e,t,r){if(e instanceof Uint8Array&&(e=l.decode(e)),"string"!=typeof e)throw new v("Compact JWS must be a string or Uint8Array");const{0:n,1:o,2:s,length:a}=e.split(".");if(3!==a)throw new v("Invalid Compact JWS");const i=await async function(e,t,r){if(!N(e))throw new v("Flattened JWS must be an object");if(void 0===e.protected&&void 0===e.header)throw new v('Flattened JWS must have either of the "protected" or "header" members');if(void 0!==e.protected&&"string"!=typeof e.protected)throw new v("JWS Protected Header incorrect type");if(void 0===e.payload)throw new v("JWS Payload missing");if("string"!=typeof e.signature)throw new v("JWS Signature missing or incorrect type");if(void 0!==e.header&&!N(e.header))throw new v("JWS Unprotected Header incorrect type");let n={};if(e.protected)try{const t=w(e.protected);n=JSON.parse(l.decode(t))}catch{throw new v("JWS Protected Header is invalid")}if(!X(n,e.header))throw new v("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const o={...n,...e.header};let s=!0;if(re(v,new Map([["b64",!0]]),r?.crit,n,o).has("b64")&&(s=n.b64,"boolean"!=typeof s))throw new v('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:a}=o;if("string"!=typeof a||!a)throw new v('JWS "alg" (Algorithm) Header Parameter missing or invalid');const i=r&&ve("algorithms",r.algorithms);if(i&&!i.has(a))throw new S('"alg" (Algorithm) Header Parameter value not allowed');if(s){if("string"!=typeof e.payload)throw new v("JWS Payload must be a string")}else if("string"!=typeof e.payload&&!(e.payload instanceof Uint8Array))throw new v("JWS Payload must be a string or an Uint8Array instance");let c=!1;"function"==typeof t?(t=await t(n,e),c=!0,te(a,t,"verify"),H(t)&&(t=await we(t,a))):te(a,t,"verify");const u=h(d.encode(e.protected??""),d.encode("."),"string"==typeof e.payload?d.encode(e.payload):e.payload);let p,f;try{p=w(e.signature)}catch{throw new v("Failed to base64url decode the signature")}if(!await Ee(a,t,p,u))throw new C;if(s)try{f=w(e.payload)}catch{throw new v("Failed to base64url decode the payload")}else f="string"==typeof e.payload?d.encode(e.payload):e.payload;const y={payload:f};return void 0!==e.protected&&(y.protectedHeader=n),void 0!==e.header&&(y.unprotectedHeader=e.header),c?{...y,key:t}:y}({payload:o,protected:n,signature:s},t,r),c={payload:i.payload,protectedHeader:i.protectedHeader};return"function"==typeof t?{...c,key:i.key}:c}const Ae=e=>e.toLowerCase().replace(/^application\//,""),Ie=(e,t,r={})=>{let n;try{n=JSON.parse(l.decode(t))}catch{}if(!N(n))throw new k("JWT Claims Set must be a top-level JSON object");const{typ:o}=r;if(o&&("string"!=typeof e.typ||Ae(e.typ)!==Ae(o)))throw new b('unexpected "typ" JWT header value',n,"typ","check_failed");const{requiredClaims:s=[],issuer:a,subject:i,audience:c,maxTokenAge:d}=r,h=[...s];void 0!==d&&h.push("iat"),void 0!==c&&h.push("aud"),void 0!==i&&h.push("sub"),void 0!==a&&h.push("iss");for(const e of new Set(h.reverse()))if(!(e in n))throw new b(`missing required "${e}" claim`,n,e,"missing");if(a&&!(Array.isArray(a)?a:[a]).includes(n.iss))throw new b('unexpected "iss" claim value',n,"iss","check_failed");if(i&&n.sub!==i)throw new b('unexpected "sub" claim value',n,"sub","check_failed");if(c&&(u=n.aud,w="string"==typeof c?[c]:c,!("string"==typeof u?w.includes(u):Array.isArray(u)&&w.some(Set.prototype.has.bind(new Set(u))))))throw new b('unexpected "aud" claim value',n,"aud","check_failed");var u,w;let p;switch(typeof r.clockTolerance){case"string":p=ce(r.clockTolerance);break;case"number":p=r.clockTolerance;break;case"undefined":p=0;break;default:throw new TypeError("Invalid clockTolerance option type")}const{currentDate:f}=r,y=se(f||new Date);if((void 0!==n.iat||d)&&"number"!=typeof n.iat)throw new b('"iat" claim must be a number',n,"iat","invalid");if(void 0!==n.nbf){if("number"!=typeof n.nbf)throw new b('"nbf" claim must be a number',n,"nbf","invalid");if(n.nbf>y+p)throw new b('"nbf" claim timestamp check failed',n,"nbf","check_failed")}if(void 0!==n.exp){if("number"!=typeof n.exp)throw new b('"exp" claim must be a number',n,"exp","invalid");if(n.exp<=y-p)throw new _('"exp" claim timestamp check failed',n,"exp","check_failed")}if(d){const e=y-n.iat;if(e-p>("number"==typeof d?d:ce(d)))throw new _('"iat" claim timestamp check failed (too far in the past)',n,"iat","check_failed");if(e<0-p)throw new b('"iat" claim timestamp check failed (it should be in the past)',n,"iat","check_failed")}return n};const Pe=async(e,t)=>{const n=`SHA-${e.slice(-3)}`;return new Uint8Array(await r.subtle.digest(n,t))},Te=(e,t)=>{if("string"!=typeof e||!e)throw new A(`${t} missing or invalid`)};async function xe(e,t){if(!N(e))throw new TypeError("JWK must be an object");if(t??(t="sha256"),"sha256"!==t&&"sha384"!==t&&"sha512"!==t)throw new TypeError('digestAlgorithm must one of "sha256", "sha384", or "sha512"');let r;switch(e.kty){case"EC":Te(e.crv,'"crv" (Curve) Parameter'),Te(e.x,'"x" (X Coordinate) Parameter'),Te(e.y,'"y" (Y Coordinate) Parameter'),r={crv:e.crv,kty:e.kty,x:e.x,y:e.y};break;case"OKP":Te(e.crv,'"crv" (Subtype of Key Pair) Parameter'),Te(e.x,'"x" (Public Key) Parameter'),r={crv:e.crv,kty:e.kty,x:e.x};break;case"RSA":Te(e.e,'"e" (Exponent) Parameter'),Te(e.n,'"n" (Modulus) Parameter'),r={e:e.e,kty:e.kty,n:e.n};break;case"oct":Te(e.k,'"k" (Key Value) Parameter'),r={k:e.k,kty:e.kty};break;default:throw new E('"kty" (Key Type) Parameter missing or unsupported')}const n=d.encode(JSON.stringify(r));return u(await Pe(t,n))}function Ce(e){const t=e?.modulusLength??2048;if("number"!=typeof t||t<2048)throw new E("Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used");return t}async function Re(e,t){return async function(e,t){let n,o;switch(e){case"PS256":case"PS384":case"PS512":n={name:"RSA-PSS",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Ce(t)},o=["sign","verify"];break;case"RS256":case"RS384":case"RS512":n={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Ce(t)},o=["sign","verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":n={name:"RSA-OAEP",hash:`SHA-${parseInt(e.slice(-3),10)||1}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Ce(t)},o=["decrypt","unwrapKey","encrypt","wrapKey"];break;case"ES256":n={name:"ECDSA",namedCurve:"P-256"},o=["sign","verify"];break;case"ES384":n={name:"ECDSA",namedCurve:"P-384"},o=["sign","verify"];break;case"ES512":n={name:"ECDSA",namedCurve:"P-521"},o=["sign","verify"];break;case"Ed25519":n={name:"Ed25519"},o=["sign","verify"];break;case"EdDSA":{o=["sign","verify"];const e=t?.crv??"Ed25519";switch(e){case"Ed25519":case"Ed448":n={name:e};break;default:throw new E("Invalid or unsupported crv option provided")}break}case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{o=["deriveKey","deriveBits"];const e=t?.crv??"P-256";switch(e){case"P-256":case"P-384":case"P-521":n={name:"ECDH",namedCurve:e};break;case"X25519":case"X448":n={name:e};break;default:throw new E("Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448")}break}default:throw new E('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}return r.subtle.generateKey(n,t?.extractable??!1,o)}(e,t)}const $e=w; +/** + * solid-oidc.js - Minimal Solid-OIDC client for browsers + * + * A zero-build, single-file Solid-OIDC authentication library. + * + * @license MIT + * @author JavaScriptSolidServer + * @see https://github.com/JavaScriptSolidServer/solid-oidc + * + * Based on solid-oidc-client-browser by uvdsl (Christoph Braun) + * @see https://github.com/uvdsl/solid-oidc-client-browser + * + * Implements: + * - RFC 6749 - OAuth 2.0 + * - RFC 7636 - PKCE + * - RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification + * - RFC 9449 - DPoP (Demonstration of Proof-of-Possession) + * - Solid-OIDC Specification + */ +const We="sessionStateChange",Ue="sessionExpirationWarning",Oe="sessionExpiration";class De{constructor(e="solid-oidc",t="session",r=1){this.dbName=e,this.storeName=t,this.dbVersion=r,this.db=null}async init(){return new Promise((e,t)=>{const r=indexedDB.open(this.dbName,this.dbVersion);r.onerror=()=>t(new Error(`Database error: ${r.error}`)),r.onsuccess=()=>{this.db=r.result,e(this)},r.onupgradeneeded=e=>{const t=e.target.result;t.objectStoreNames.contains(this.storeName)||t.createObjectStore(this.storeName)}})}async setItem(e,t){return this.db||await this.init(),new Promise((r,n)=>{const o=this.db.transaction(this.storeName,"readwrite");o.oncomplete=()=>r(),o.onerror=()=>n(new Error(`Transaction error: ${o.error}`)),o.objectStore(this.storeName).put(t,e)})}async getItem(e){return this.db||await this.init(),new Promise((t,r)=>{const n=this.db.transaction(this.storeName,"readonly");n.onerror=()=>r(new Error(`Transaction error: ${n.error}`));const o=n.objectStore(this.storeName).get(e);o.onsuccess=()=>t(o.result||null)})}async deleteItem(e){return this.db||await this.init(),new Promise((t,r)=>{const n=this.db.transaction(this.storeName,"readwrite");n.oncomplete=()=>t(),n.onerror=()=>r(new Error(`Transaction error: ${n.error}`)),n.objectStore(this.storeName).delete(e)})}async clear(){return this.db||await this.init(),new Promise((e,t)=>{const r=this.db.transaction(this.storeName,"readwrite");r.oncomplete=()=>e(),r.onerror=()=>t(new Error(`Transaction error: ${r.error}`)),r.objectStore(this.storeName).clear()})}close(){this.db&&(this.db.close(),this.db=null)}}async function Le(e,t,r,n=null){const o=await m(e.publicKey),s={htu:t,htm:r};return n&&(s.ath=n),new he(s).setIssuedAt().setJti(crypto.randomUUID()).setProtectedHeader({alg:"ES256",typ:"dpop+jwt",jwk:o}).sign(e.privateKey)}async function Ne(e,t,r){const n=await Le(r,e,"POST"),o=await fetch(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded",DPoP:n},body:new URLSearchParams(t)});if(!o.ok)throw new Error(`Token request failed: ${o.status}`);return o.json()}async function He(e,t,r,n,o){const s=function(e,t){const r=new Se(e,t),n=async(e,t)=>r.getKey(e,t);return Object.defineProperties(n,{coolingDown:{get:()=>r.coolingDown(),enumerable:!0,configurable:!1},fresh:{get:()=>r.fresh(),enumerable:!0,configurable:!1},reload:{value:()=>r.reload(),enumerable:!0,configurable:!1,writable:!1},reloading:{get:()=>!!r._pendingFetch,enumerable:!0,configurable:!1},jwks:{value:()=>r._local?.jwks(),enumerable:!0,configurable:!1,writable:!1}}),n}(new URL(t)),{payload:a}=await async function(e,t,r){const n=await ke(e,t,r);if(n.protectedHeader.crit?.includes("b64")&&!1===n.protectedHeader.b64)throw new k("JWTs MUST NOT use unencoded payload");const o={payload:Ie(n.protectedHeader,n.payload,r),protectedHeader:n.protectedHeader};return"function"==typeof t?{...o,key:n.key}:o}(e,s,{issuer:r,audience:"solid"}),i=await xe(await m(o.publicKey));if(a.cnf?.jkt!==i)throw new Error("DPoP thumbprint mismatch");if(a.client_id!==n)throw new Error("client_id mismatch");return a}class Je extends EventTarget{constructor(e={}){super(),this.clientId=e.clientId||null,this.database=e.database||new De,this.onStateChange=e.onStateChange||null,this.onExpirationWarning=e.onExpirationWarning||null,this.onExpiration=e.onExpiration||null,this._isActive=!1,this._webId=null,this._exp=null,this._ath=null,this._tokens=null,this._idpDetails=null,this._refreshPromise=null,this.onStateChange&&this.addEventListener(We,this.onStateChange),this.onExpirationWarning&&this.addEventListener(Ue,this.onExpirationWarning),this.onExpiration&&this.addEventListener(Oe,this.onExpiration)}get isActive(){return this._isActive}get webId(){return this._webId}isExpired(){return!this._exp||Math.floor(Date.now()/1e3)>=this._exp}getExpiresIn(){return this._exp?this._exp-Math.floor(Date.now()/1e3):-1}async login(e,t){const r=new URL(t),n=r.origin+r.pathname+r.search,o=await async function(e){const t=new URL(e).origin,r=await fetch(`${t}/.well-known/openid-configuration`);if(!r.ok)throw new Error(`OIDC discovery failed: ${r.status}`);return r.json()}(e),s=o.issuer,a=e=>e.endsWith("/")?e.slice(0,-1):e;if(a(e)!==a(s))throw new Error(`Issuer mismatch: ${s} !== ${e}`);sessionStorage.setItem("solid_oidc_idp",s),sessionStorage.setItem("solid_oidc_token_endpoint",o.token_endpoint),sessionStorage.setItem("solid_oidc_jwks_uri",o.jwks_uri);let i=this.clientId;if(!i){i=(await async function(e,t){const r=await fetch(e,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({application_type:"web",redirect_uris:t,token_endpoint_auth_method:"none",grant_types:["authorization_code","refresh_token"],response_types:["code"],scope:"openid offline_access webid"})});if(!r.ok)throw new Error(`Client registration failed: ${r.status}`);return r.json()}(o.registration_endpoint,[n])).client_id,sessionStorage.setItem("solid_oidc_client_id",i)}const c=await async function(){const e=crypto.randomUUID()+"-"+crypto.randomUUID(),t=new Uint8Array(await crypto.subtle.digest("SHA-256",(new TextEncoder).encode(e)));return{verifier:e,challenge:btoa(String.fromCharCode(...t)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}}();sessionStorage.setItem("solid_oidc_pkce_verifier",c.verifier);const d=crypto.randomUUID();sessionStorage.setItem("solid_oidc_csrf",d);const l=new URL(o.authorization_endpoint);l.searchParams.set("response_type","code"),l.searchParams.set("redirect_uri",n),l.searchParams.set("scope","openid offline_access webid"),l.searchParams.set("client_id",i),l.searchParams.set("code_challenge_method","S256"),l.searchParams.set("code_challenge",c.challenge),l.searchParams.set("state",d),l.searchParams.set("prompt","consent"),window.location.href=l.toString()}async handleRedirectFromLogin(){const e=new URL(window.location.href),t=e.searchParams.get("code");if(!t)return;const r=sessionStorage.getItem("solid_oidc_idp"),n=e.searchParams.get("iss");if(!r||n!==r)throw new Error(`Issuer mismatch: ${n} !== ${r}`);const o=sessionStorage.getItem("solid_oidc_csrf");if(e.searchParams.get("state")!==o)throw new Error("CSRF token mismatch");e.searchParams.delete("code"),e.searchParams.delete("iss"),e.searchParams.delete("state"),window.history.replaceState({},document.title,e.toString());const s=sessionStorage.getItem("solid_oidc_pkce_verifier"),a=sessionStorage.getItem("solid_oidc_token_endpoint"),i=sessionStorage.getItem("solid_oidc_jwks_uri"),c=this.clientId||sessionStorage.getItem("solid_oidc_client_id");if(!s||!a||!c)throw new Error("Missing session data");const d=await Re("ES256"),l=await Ne(a,{grant_type:"authorization_code",code:t,code_verifier:s,redirect_uri:e.origin+e.pathname,client_id:c},d);await He(l.access_token,i,r,c,d),this._idpDetails={idp:r,jwksUri:i,tokenEndpoint:a},await this.database.init(),await Promise.all([this.database.setItem("idp",r),this.database.setItem("jwks_uri",i),this.database.setItem("token_endpoint",a),this.database.setItem("client_id",c),this.database.setItem("dpop_keypair",d),this.database.setItem("refresh_token",l.refresh_token)]),this.database.close(),sessionStorage.removeItem("solid_oidc_idp"),sessionStorage.removeItem("solid_oidc_token_endpoint"),sessionStorage.removeItem("solid_oidc_jwks_uri"),sessionStorage.removeItem("solid_oidc_client_id"),sessionStorage.removeItem("solid_oidc_pkce_verifier"),sessionStorage.removeItem("solid_oidc_csrf"),await this._setTokens({...l,dpop_key_pair:d}),this._dispatchStateChange()}async restore(){return this._refreshPromise||(this._refreshPromise=(async()=>{try{const e=await async function(e){await e.init();const[t,r,n,o]=await Promise.all([e.getItem("refresh_token"),e.getItem("token_endpoint"),e.getItem("client_id"),e.getItem("dpop_keypair")]);if(!(t&&r&&n&&o))throw new Error("Missing refresh data");const s=await Ne(r,{grant_type:"refresh_token",refresh_token:t,client_id:n},o);return s.refresh_token&&await e.setItem("refresh_token",s.refresh_token),e.close(),{...s,dpop_key_pair:o}}(this.database);await this._setTokens(e),this._dispatchStateChange()}catch(e){throw this._isActive&&(this.isExpired()?this._dispatchExpiration():this._dispatchExpirationWarning()),e}finally{this._refreshPromise=null}})()),this._refreshPromise}async logout(){this._isActive=!1,this._webId=null,this._exp=null,this._ath=null,this._tokens=null,this._idpDetails=null,await this.database.init(),await this.database.clear(),this.database.close(),this._dispatchStateChange()}async authFetch(e,t={}){if(!this._isActive)return fetch(e,t);let r,n,o;this.isExpired()&&await this.restore(),e instanceof Request?(r=new URL(e.url),n=t.method||e.method||"GET",o=new Headers(e.headers)):(r=new URL(e.toString()),n=t.method||"GET",o=t.headers?new Headers(t.headers):new Headers);const s=await Le(this._tokens.dpop_key_pair,`${r.origin}${r.pathname}`,n.toUpperCase(),this._ath);return o.set("DPoP",s),o.set("Authorization",`DPoP ${this._tokens.access_token}`),e instanceof Request?fetch(new Request(e,{...t,headers:o})):fetch(r,{...t,headers:o})}async _setTokens(e){this._tokens=e;const t=function(e){if("string"!=typeof e)throw new k("JWTs must use Compact JWS serialization, JWT must be a string");const{1:t,length:r}=e.split(".");if(5===r)throw new k("Only JWTs using Compact JWS serialization can be decoded");if(3!==r)throw new k("Invalid JWT");if(!t)throw new k("JWTs must contain a payload");let n,o;try{n=$e(t)}catch{throw new k("Failed to base64url decode the payload")}try{o=JSON.parse(l.decode(n))}catch{throw new k("Failed to parse the decoded payload as JSON")}if(!N(o))throw new k("Invalid JWT Claims Set");return o}(e.access_token);if(!t.webid)throw new Error("Missing webid claim");if(!t.exp)throw new Error("Missing exp claim");this._ath=await async function(e){const t=(new TextEncoder).encode(e),r=await crypto.subtle.digest("SHA-256",t),n=Array.from(new Uint8Array(r));return btoa(String.fromCharCode(...n)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}(e.access_token),this._webId=t.webid,this._exp=t.exp,this._isActive=!0}_dispatchStateChange(){this.dispatchEvent(new CustomEvent(We,{detail:{isActive:this._isActive,webId:this._webId}}))}_dispatchExpirationWarning(){this.dispatchEvent(new CustomEvent(Ue,{detail:{expires_in:this.getExpiresIn()}}))}_dispatchExpiration(){this.dispatchEvent(new CustomEvent(Oe))}}const Ke="sessionRestore",je="login",Me="logout",Fe="sessionExpired",ze="error";class qe{constructor(){this.listeners=new Map}on(e,t){this.listeners.has(e)||this.listeners.set(e,new Set),this.listeners.get(e).add(t)}off(e,t){var r;null===(r=this.listeners.get(e))||void 0===r||r.delete(t)}emit(e,...t){var r;null===(r=this.listeners.get(e))||void 0===r||r.forEach(e=>e(...t))}}class Ve{constructor(e){this._session=new Je({clientId:null==e?void 0:e.clientId,database:new De,onStateChange:e=>{const t=e.detail;(null==t?void 0:t.isActive)?(this._events.emit(je),this._events.emit(Ke,window.location.href)):this._events.emit(Me)},onExpiration:()=>{this._events.emit(Fe)}}),this._events=new qe,this._sessionId=crypto.randomUUID()}get events(){return this._events}get info(){var e;return{isLoggedIn:this._session.isActive,webId:null!==(e=this._session.webId)&&void 0!==e?e:void 0,sessionId:this._sessionId,expirationDate:this._session.isActive?Date.now()+1e3*this._session.getExpiresIn():void 0}}async handleIncomingRedirect(e){const t="string"==typeof e?{url:e}:null!=e?e:{};try{if(await this._session.handleRedirectFromLogin(),!this._session.isActive&&!1!==t.restorePreviousSession)try{await this._session.restore()}catch{}return this.info}catch(e){return void this._events.emit(ze,e)}}async login(e){const t=e.redirectUrl||window.location.href;await this._session.login(e.oidcIssuer,t)}async logout(){await this._session.logout()}async fetch(e,t){return this._session.authFetch(e,t)}}const Be=new Ve;var Ge=n(264),Xe=n(386);const Ye=n.n(Xe)()(Ge),Ze=(0,Ge.sym)("http://www.iana.org/assignments/link-relations/acl");function Qe(e){const t=Ye;function r(e,r,n,o={}){const s=o.public||[],a=(0,Ge.graph)(),i=(0,Ge.Namespace)("http://www.w3.org/ns/auth/acl#");let c=a.sym(`${n}#a1`);const d=a.sym(n),l=a.sym(e);if(a.add(c,t.rdf("type"),i("Authorization"),d),a.add(c,i("accessTo"),l,d),o.defaultForNew&&a.add(c,i("default"),l,d),a.add(c,i("agent"),r,d),a.add(c,i("mode"),i("Read"),d),a.add(c,i("mode"),i("Write"),d),a.add(c,i("mode"),i("Control"),d),s.length){c=a.sym(`${n}#a2`),a.add(c,t.rdf("type"),i("Authorization"),d),a.add(c,i("accessTo"),l,d),a.add(c,i("agentClass"),t.foaf("Agent"),d);for(let e=0;es||function(t){const r=e.fetcher;if(!r)throw new Error("Cannot fetch ACL rel, store has no fetcher");return r.load(t).then(r=>{if(!r.ok)throw new Error("fetchACLRel: While loading:"+r.error);const n=e.any(e.sym(t),Ze);if(!n)throw new Error("fetchACLRel: No Link rel=ACL header for "+t);return n})}(t).catch(e=>{throw new Error(`Error fetching rel=ACL header for ${t}: ${e}`)})).then(s=>{const a=r(t,n,s.uri,o);if(!e.fetcher)throw new Error("Cannot PUT this, store has no fetcher");return e.fetcher.webOperation("PUT",s.uri,{data:a,contentType:"text/turtle"}).then(e=>{if(!e.ok)throw new Error("Error writing ACL text: "+e.error);return s})})},genACLText:r}}const et=()=>{let{SolidAppContext:e}=window;if(e||(e={}),e.viewingNoAuthPage=!1,e.noAuth&&window.document){if(window.document.location.href.startsWith(e.noAuth)){e.viewingNoAuthPage=!0;const t=new URLSearchParams(window.document.location.search);if(t){let r=e.viewedPage=t.get("uri")||null;if(r&&(r=decodeURI(r),!r.startsWith(e.noAuth))){const t=r.split(/\//);e.idp=t[0]+"//"+t[2],e.viewingNoAuthPage=!1}}}}return e};function tt(){const{$SolidTestEnvironment:t}=window;if(void 0!==t&&t.username)return e("Assuming the user is "+t.username),(0,Ge.sym)(t.username);if("undefined"!=typeof document&&document.location&&"http://localhost"===(""+document.location).slice(0,16)){const t=document.getElementById("appTarget");if(!t)return null;const r=t.getAttribute("testID");return r?(e("Assuming user is "+r),(0,Ge.sym)(r)):null}return null}class rt{constructor(e){this.session=e}get authSession(){return this.session}currentUser(){const e=et();return e.viewingNoAuthPage?(0,Ge.sym)(e.webId):this&&this.session&&this.session.info&&this.session.info.webId&&this.session.info.isLoggedIn?(0,Ge.sym)(this.session.info.webId):tt()}async checkUser(t){const r=new URL(window.location.href).hash;r&&window.localStorage.setItem("preLoginRedirectHash",r),this.session.events.on(Ke,t=>{e(`Session restored to ${t}`),document.location.toString()!==t&&history.replaceState(null,"",t)});const n=new URL(window.location.href);n.hash="",await this.session.handleIncomingRedirect({restorePreviousSession:!0,url:n.href});const o=window.localStorage.getItem("preLoginRedirectHash");if(o){const e=new URL(window.location.href);e.hash!==o&&(history.pushState?history.pushState(null,document.title,o):location.hash=o,e.hash=o),window.localStorage.setItem("preLoginRedirectHash","")}let s=tt();if(s)return Promise.resolve(t?t(s):s);const a=this.webIdFromSession(this.session.info);return a&&(s=this.saveUser(a)),s&&e(`(Logged in as ${s} by authentication)`),Promise.resolve(t?t(s):s)}saveUser(e,t){let r;if(e){r="string"==typeof e?e:e.uri;const n=(0,Ge.namedNode)(r);return t&&(t.me=n),n}return null}webIdFromSession(e){return(null==e?void 0:e.webId)&&e.isLoggedIn?e.webId:null}}function nt(e){return(0,Ge.sym)(e.uri+"#id"+Date.now())}function ot(e){return!e||`${window.location.origin}/`!==new URL(e.value).origin}const st="index.ttl#this";function at(e,t){const r=Ye;async function n(t,r,n){await e.fetcher.load(t);const o=e.any(t,new Ge.NamedNode("http://www.iana.org/assignments/link-relations/acl"));if(!o)throw new Error("Chat ACL doc not found!");const s=`\n @prefix acl: .\n <#owner>\n a acl:Authorization;\n acl:agent <${r.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Write, acl:Control.\n <#invitee>\n a acl:Authorization;\n acl:agent <${n.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Append.\n `;await e.fetcher.webOperation("PUT",o.value,{data:s,contentType:"text/turtle"})}async function o(t,n){const o=e.any(n,r.solid("privateTypeIndex"));if(!o)throw new Error("Private type index not found!");await e.fetcher.load(o);const s=nt(o),a=[(0,Ge.st)(s,r.rdf("type"),r.solid("TypeRegistration"),o.doc()),(0,Ge.st)(s,r.solid("forClass"),r.meeting("LongChat"),o.doc()),(0,Ge.st)(s,r.solid("instance"),t,o.doc())];await new Promise((t,r)=>{e.updater.update([],a,function(e,n,o){n?t(null):r(new Error(o))})})}async function s(r){const n=await t.loadMe(),o=function(e,t){const r=new URL(`IndividualChats/${new URL(e.value).host}/`,t.value).toString();return new Ge.NamedNode(r)}(r,await t.getPodRoot(n));let s=!0;try{await e.fetcher.load(new Ge.NamedNode(o.value+"index.ttl#this"))}catch(e){s=!1}return{me:n,chatContainer:o,exists:s}}async function a(e,t){return(await i({me:t,newBase:e.value})).newInstance}function i(t){const n=e,o=n.updater;if(t.me&&!t.me.uri)throw new Error("chat mintNew: Invalid userid "+t.me);const s=t.newInstance=t.newInstance||n.sym(t.newBase+st),a=s.doc();return n.add(s,r.rdf("type"),r.meeting("LongChat"),a),n.add(s,r.dc("title"),"Chat channel",a),n.add(s,r.dc("created"),(0,Ge.term)(new Date(Date.now())),a),t.me&&n.add(s,r.dc("author"),t.me,a),new Promise(function(e,r){null==o||o.put(a,n.statementsMatching(void 0,void 0,void 0,a),"text/turtle",function(n,o,a){o?e({...t,newInstance:s}):r(new Error("FAILED to save new chat channel at: "+n+" : "+a))})})}async function c(t,n){var o;await e.fetcher.load(t.doc());const s=e.any(t,r.ldp("inbox"),void 0,t.doc());if(!s)throw new Error(`Invitee inbox not found! ${t.value}`);const a=`\n <> a ;\n ${r.rdf("seeAlso")} <${n.value}> .\n `,i=await(null===(o=e.fetcher)||void 0===o?void 0:o.webOperation("POST",s.value,{data:a,contentType:"text/turtle"}));if(!(null==i?void 0:i.headers.get("location")))throw new Error(`Invite sending returned a ${null==i?void 0:i.status}`)}return{setAcl:n,addToPrivateTypeIndex:o,findChat:s,createChatThing:a,getChat:async function(e,t=!0){const{me:r,chatContainer:i,exists:d}=await s(e);if(d)return new Ge.NamedNode(i.value+st);if(t){const t=await a(i,r);return await c(e,t),await n(i,r,e),await o(t,r),t}return null},sendInvite:c,mintNew:i}}function it(e,t,r,n,o){return{createInboxFor:async function(e,o){const s=await t.loadMe(),a=`${(await t.getPodRoot(s)).value}p2p-inboxes/${encodeURIComponent(o)}/`;return await n.createContainer(a),await r.setSinglePeerAccess({ownerWebId:s.value,peerWebId:e,accessToModes:"acl:Append",target:a}),a},getNewMessages:async function(e){e||(e=await t.loadMe());const r=await t.getMainInbox(e);return(await n.getContainerMembers(r)).filter(e=>!n.isContainer(e))},markAsRead:async function(t,r){const n=await e.fetcher._fetch(t);if(200!==n.status)throw new Error(`Not OK! ${t}`);const o=function(e,t){const r=t.getUTCFullYear(),n=("0"+(t.getUTCMonth()+1)).slice(-2),o=("0"+t.getUTCDate()).slice(-2),s=e.split("/"),a=s[s.length-1];return new URL(`./archive/${r}/${n}/${o}/${a}`,e).toString()}(t,r),s={method:"PUT",body:await n.text(),headers:[["Content-Type",n.headers.get("Content-Type")||"application/octet-stream"]]};"2"===(await e.fetcher._fetch(o,s)).status.toString()[0]&&await e.fetcher._fetch(t,{method:"DELETE"})}}}class ct extends Error{constructor(e){super(e),Object.setPrototypeOf(this,new.target.prototype),this.name=new.target.name}}class dt extends ct{}class lt extends ct{}class ht extends ct{}class ut extends ct{}class wt extends ct{}class pt extends ct{}class ft extends ct{constructor(e,t){super(t),this.status=e}}function yt(e,r,n){const o=Ye;async function s(r){await a(r);const s=function(e){const t=e.uri.replace("/profile/","/").replace("/public/","/").split("/").slice(0,-1).join("/")+"/Settings/Preferences.ttl";return(0,Ge.sym)(t)}(r);let i;try{i=await n.followOrCreateLink(r,o.space("preferencesFile"),s,r.doc())}catch(e){if(t(`User ${r} has no pointer in profile to preferences file.`),e instanceof wt)throw e;if(e instanceof pt)throw e;if(e instanceof dt)throw e;if(e instanceof lt)throw e;if(e instanceof ht)throw e;if(e instanceof ft)throw e;throw e}try{await e.fetcher.load(i)}catch(e){const n=`Unable to load preference of user ${r}: ${e}`;if(t(n),401===e.response.status)throw new dt;if(403===e.response.status){if(ot(i))throw new lt;throw new ht}throw new Error(n)}return i}async function a(t){if(!t)throw new Error("loadProfile: no user given.");try{await e.fetcher.load(t.doc())}catch(e){throw new Error(`Unable to load profile of user ${t}: ${e}`)}return t.doc()}function i(t){return e.any(t,o.space("storage"),void 0,t.doc())}return{loadMe:async function(){const t=r.currentUser();if(null===t)throw new Error("Current user not found! Not logged in?");return await e.fetcher.load(t.doc()),t},getPodRoot:function(e){const t=i(e);if(!t)throw new Error("User pod root not found!");return t},getMainInbox:async function(t){await e.fetcher.load(t);const r=e.any(t,o.ldp("inbox"),void 0,t.doc());if(!r)throw new Error("User main inbox not found!");return r},findStorage:i,loadPreferences:s,loadProfile:a,silencedLoadPreferences:async function(e){try{return await s(e)}catch(e){return}}}}function mt(e,r,n,o){const s=Ye;async function a(r){if(!r)throw new Error("loadTypeIndexesFor: No user given");const a=await n.loadProfile(r),i=l(r);let c;try{c=await o.followOrCreateLink(r,s.solid("publicTypeIndex"),i,a)}catch(e){t(`User ${r} has no pointer in profile to publicTypeIndex file.`)}const d=c?[{label:"public",index:c,agent:r}]:[];let u,w;try{u=await n.silencedLoadPreferences(r)}catch(e){u=null}if(u){const n=h(u);let i;try{i=e.any(r,s.solid("privateTypeIndex"),void 0,a)||await o.followOrCreateLink(r,s.solid("privateTypeIndex"),n,u)}catch(e){t(`User ${r} has no pointer in preference file to privateTypeIndex file.`)}w=i?[{label:"private",index:i,agent:r}]:[]}else w=[];const p=d.concat(w);if(0===p.length)return p;const f=p.map(e=>e.index);try{await e.fetcher.load(f)}catch(e){t("Problems loading type index: ",e)}return p}async function i(r){let o;try{o=await n.silencedLoadPreferences(r)}catch(e){t(`User ${r} has no pointer in profile to preferences file.`)}if(o){const t=e.each(r,s.solid("community"),void 0,o).concat(e.each(r,s.solid("community"),void 0,r.doc()));let n=[];for(const e of t)n=n.concat(await a(e));return n}return[]}async function c(e){return(await a(e)).concat((await i(e)).flat())}async function d(e,t){const r=await c(t);let n=[];for(const t of r){const r=await u(t,e);n=n.concat(r)}return n}function l(e){var t;return(0,Ge.sym)((null===(t=e.doc().dir())||void 0===t?void 0:t.uri)+"publicTypeIndex.ttl")}function h(e){var t;return(0,Ge.sym)((null===(t=e.doc().dir())||void 0===t?void 0:t.uri)+"privateTypeIndex.ttl")}async function u(t,r){const n=t.index,o=[],a=e.statementsMatching(null,s.solid("instance"),null,n).concat(e.statementsMatching(null,s.solid("instanceContainer"),null,n)).map(e=>e.subject);for(const i of a){const a=e.any(i,s.solid("forClass"),null,n);if(!r||a.sameTerm(r)){const r=e.each(i,s.solid("instance"),null,n);for(const e of r)o.push({instance:e,type:a,scope:t});const c=e.each(i,s.solid("instanceContainer"),null,n);for(const r of c)await e.fetcher.load(r),o.push({instance:(0,Ge.sym)(r.value),type:a,scope:t})}}return o}return{registerInTypeIndex:async function(t,r,n){const o=nt(r),a=[(0,Ge.st)(o,s.rdf("type"),s.solid("TypeRegistration"),r),(0,Ge.st)(o,s.solid("forClass"),n,r),(0,Ge.st)(o,s.solid("instance"),t,r)];try{await e.updater.update([],a)}catch(e){const n=`Unable to register ${t} in index ${r}: ${e}`;return console.warn(n),null}return o},getRegistrations:function(t,r){return e.each(void 0,s.solid("instance"),t).filter(t=>e.holds(t,s.solid("forClass"),r))},loadTypeIndexesFor:a,loadCommunityTypeIndexes:i,loadAllTypeIndexes:c,getScopedAppInstances:d,getAppInstances:async function(e){const t=r.currentUser();if(!t)throw new Error("getAppInstances: Must be logged in to find apps.");return(await d(e,t)).map(e=>e.instance)},suggestPublicTypeIndex:l,suggestPrivateTypeIndex:h,deleteTypeIndexRegistration:async function(t){const r=e.the(null,s.solid("instance"),t.instance,t.scope.index);if(!r)throw new Error(`deleteTypeIndexRegistration: No registration found for ${t.instance}`);const n=e.statementsMatching(r,null,null,t.scope.index);await e.updater.update(n,[])},getScopedAppsFromIndex:u}}function gt(r,n){e("SolidLogic: Unique instance created. There should only be one of these.");const o=Ge.graph();Ge.fetcher(o,{fetch:r.fetch}),o.updater=new Ge.UpdateManager(o),o.features=[];const s=new rt(n),a=Qe(o),i=function(e){function t(t){return e.statementsMatching(t,(0,Ge.sym)("http://www.w3.org/ns/ldp#contains"),void 0).map(e=>e.object)}function r(e){const t=e.value;return"/"===t.charAt(t.length-1)}return{isContainer:r,createContainer:async function(t){if(!r((0,Ge.sym)(t)))throw new Error(`Not a container URL ${t}`);const n=await e.fetcher._fetch(t,{method:"PUT",headers:{"Content-Type":"text/turtle","If-None-Match":"*",Link:'; rel="type"'},body:" "});if("2"!==n.status.toString()[0])throw new Error(`Not OK: got ${n.status} response while creating container at ${t}`)},getContainerElements:t,getContainerMembers:async function(r){return await e.fetcher.load(r),t(r)}}}(o),c=function(r,n,o){async function s(e){let t;try{t=await r.fetcher.load(e)}catch(t){if(404!==t.response.status){if(401===t.response.status)throw new dt;if(403===t.response.status){if(ot(e))throw new lt;throw new ht}const r="createIfNotExists doc load error NOT 404: "+e+": "+t;throw new ft(t.status,t.message+r)}try{await r.fetcher.webOperation("PUT",e,{data:"",contentType:"text/turtle"})}catch(t){throw new pt("createIfNotExists: PUT FAILED: "+e+": "+t)}await r.fetcher.load(e)}return t}return{recursiveDelete:async function t(s){try{if(o.isContainer(s)){const e=await n.findAclDocUrl(s);await r.fetcher._fetch(e,{method:"DELETE"});const a=await o.getContainerMembers(s);await Promise.all(a.map(e=>t(e)))}const e=s.value;return r.fetcher._fetch(e,{method:"DELETE"})}catch(t){e(`Please manually remove ${s.value} from your system.`,t)}},setSinglePeerAccess:async function(e){let t=["@prefix acl: .","",`<#alice> a acl:Authorization;\n acl:agent <${e.ownerWebId}>;`,` acl:accessTo <${e.target}>;`,` acl:default <${e.target}>;`," acl:mode acl:Read, acl:Write, acl:Control.",""].join("\n");e.accessToModes&&(t+=["<#bobAccessTo> a acl:Authorization;",` acl:agent <${e.peerWebId}>;`,` acl:accessTo <${e.target}>;`,` acl:mode ${e.accessToModes}.`,""].join("\n")),e.defaultModes&&(t+=["<#bobDefault> a acl:Authorization;",` acl:agent <${e.peerWebId}>;`,` acl:default <${e.target}>;`,` acl:mode ${e.defaultModes}.`,""].join("\n"));const o=await n.findAclDocUrl((0,Ge.sym)(e.target));return r.fetcher._fetch(o,{method:"PUT",body:t,headers:[["Content-Type","text/turtle"]]})},createEmptyRdfDoc:async function(e,t){await r.fetcher.webOperation("PUT",e.uri,{data:`# ${new Date} ${t}\n `,contentType:"text/turtle"})},followOrCreateLink:async function(e,n,o,a){await r.fetcher.load(a);const i=r.any(e,n,null,a);if(i)return i;if(!r.updater.editable(a)){const e=`followOrCreateLink: cannot edit ${a.value}`;throw t(e),new wt(e)}try{await r.updater.update([],[(0,Ge.st)(e,n,o,a)])}catch(e){throw t(`followOrCreateLink: Error making link in ${a} to ${o}: ${e}`),new pt(e)}try{await s(o)}catch(e){throw t(`followOrCreateLink: Error loading or saving new linked document: ${o}: ${e}`),e}return o},loadOrCreateIfNotExists:s}}(o,a,i),d=yt(o,s,c),l=at(o,d),h=it(o,d,c,i),u=mt(o,s,d,c);return e("SolidAuthnLogic initialized"),{store:o,authn:s,acl:a,inbox:h,chat:l,profile:d,typeIndex:u,load:function(e){return o.fetcher.load(e)},updatePromise:function(e,t=[]){return new Promise((r,n)=>{o.updater.update(e,t,function(e,t,o){t?r():n(new Error(o))})})},clearStore:function(){o.statements.slice().forEach(o.remove.bind(o))}}}const bt=async(e,t)=>{const r=t&&t.credentials&&"omit"==t.credentials;return Be.info.webId&&!r?Be.fetch(e,t):window.fetch(e,t)},_t=Symbol.for("solid-logic-singleton"),St="undefined"!=typeof window?window:n.g;const Et=(St[_t]?e("SolidLogic: Using existing global singleton instance."):(e("SolidLogic: Creating new global singleton instance."),St[_t]=gt({fetch:bt},Be),e("Unique quadstore initialized.")),St[_t]),vt=[{name:"Solid Community",uri:"https://solidcommunity.net"},{name:"Solid Web",uri:"https://solidweb.org"},{name:"Solid Web ME",uri:"https://solidweb.me"},{name:"Inrupt.com",uri:"https://login.inrupt.com"}];function kt(){const e=[...vt],{host:t,origin:r}=new URL(location.href),n=e.map(({uri:e})=>new URL(e).host);return n.includes(t)||n.some(e=>function(e,t){const r=e.length-t.length-1;return r>0&&"."===e[r]&&e.endsWith(t)}(t,e))||e.unshift({name:t,uri:r}),e}const At=Et.authn,It=Et.authn.authSession,Pt=Et.store})(),o})()); +//# sourceMappingURL=solid-logic.min.js.map \ No newline at end of file diff --git a/dist/solid-logic.min.js.map b/dist/solid-logic.min.js.map new file mode 100644 index 0000000..d9398c3 --- /dev/null +++ b/dist/solid-logic.min.js.map @@ -0,0 +1 @@ +{"version":3,"file":"solid-logic.min.js","mappings":"CAAA,SAA2CA,EAAMC,GAC1B,iBAAZC,SAA0C,iBAAXC,OACxCA,OAAOD,QAAUD,EAAQG,QAAQ,SACR,mBAAXC,QAAyBA,OAAOC,IAC9CD,OAAO,aAAc,CAAC,QAASJ,GACL,iBAAZC,QACdA,QAAoB,WAAID,EAAQG,QAAQ,SAExCJ,EAAiB,WAAIC,EAAQD,EAAW,KACzC,CATD,CASGO,KAAOC,G,iCCTVL,EAAOD,QAAUM,C,SCejB,MAAMC,EAAU,CACdC,IAAK,iCACLC,IAAK,gCACLC,GAAI,yCACJC,SAAU,sCACVC,IAAK,sCACLC,IAAK,0DACLC,KAAM,kCACNC,QAAS,8CACTC,GAAI,mCACJC,IAAK,4BACLC,KAAM,gCACNC,KAAM,6BACNC,IAAK,2CACLC,IAAK,gCACLC,GAAI,oCACJC,KAAM,mCACNC,MAAO,oCACPC,OAAQ,yCACRC,IAAK,4BACLC,KAAM,mCACNC,IAAK,sCACLC,QAAS,oCACTC,GAAI,+BACJC,IAAK,4BACLC,IAAK,iCACLC,IAAK,gCACLC,MAAO,kCACPC,KAAM,6BACNC,IAAK,qCACLC,GAAI,0CACJC,KAAM,iCACNC,IAAK,8CACLC,KAAM,wCACNC,IAAK,2BACLC,MAAO,qCACPC,OAAQ,qBACRC,KAAM,2BACNC,KAAM,uCACNC,MAAO,oCACPC,MAAO,kCACPC,KAAM,mCACNC,IAAK,mCACLC,OAAQ,mCACRC,GAAI,2BACJC,KAAM,8BACNC,MAAO,mCACPC,GAAI,qCACJC,IAAK,qCAkBPtD,EAAOD,QAZP,SAAgBuC,EAAM,CAAEiB,UAAWC,GAAKA,IACtC,MAAMC,EAAa,CAAC,EACpB,IAAK,MAAMC,KAASpD,EAAS,CAC3B,MAAMqD,EAAYrD,EAAQoD,GAC1BD,EAAWC,GAAS,SAAUE,EAAY,IACxC,OAAOtB,EAAIiB,UAAUI,EAAYC,EACnC,CACF,CAEA,OAAOH,CACT,C,GC9EII,EAA2B,CAAC,EAGhC,SAASC,EAAoBC,GAE5B,IAAIC,EAAeH,EAAyBE,GAC5C,QAAqBE,IAAjBD,EACH,OAAOA,EAAajE,QAGrB,IAAIC,EAAS6D,EAAyBE,GAAY,CAGjDhE,QAAS,CAAC,GAOX,OAHAmE,EAAoBH,GAAU/D,EAAQA,EAAOD,QAAS+D,GAG/C9D,EAAOD,OACf,CCrBA+D,EAAoBK,EAAKnE,IACxB,IAAIoE,EAASpE,GAAUA,EAAOqE,WAC7B,IAAOrE,EAAiB,QACxB,IAAM,EAEP,OADA8D,EAAoBQ,EAAEF,EAAQ,CAAEG,EAAGH,IAC5BA,GCLRN,EAAoBQ,EAAI,CAACvE,EAASyE,KACjC,IAAI,IAAIC,KAAOD,EACXV,EAAoBY,EAAEF,EAAYC,KAASX,EAAoBY,EAAE3E,EAAS0E,IAC5EE,OAAOC,eAAe7E,EAAS0E,EAAK,CAAEI,YAAY,EAAMC,IAAKN,EAAWC,MCJ3EX,EAAoBiB,EAAI,WACvB,GAA0B,iBAAfC,WAAyB,OAAOA,WAC3C,IACC,OAAO5E,MAAQ,IAAI6E,SAAS,cAAb,EAChB,CAAE,MAAOC,GACR,GAAsB,iBAAXC,OAAqB,OAAOA,MACxC,CACA,CAPuB,GCAxBrB,EAAoBY,EAAI,CAACU,EAAKC,IAAUV,OAAOW,UAAUC,eAAeC,KAAKJ,EAAKC,GCClFvB,EAAoB2B,EAAK1F,IACH,oBAAX2F,QAA0BA,OAAOC,aAC1ChB,OAAOC,eAAe7E,EAAS2F,OAAOC,YAAa,CAAEC,MAAO,WAE7DjB,OAAOC,eAAe7E,EAAS,aAAc,CAAE6F,OAAO,K,kCCJhD,SAASjE,KAAOkE,GACrBC,QAAQnE,OAAOkE,EACjB,CAEO,SAASE,KAAQF,GACtBC,QAAQC,QAAQF,EAClB,C,wXCPA,eACaG,EAAevB,GAAQA,aAAewB,UCDnD,SAASC,EAAQC,EAAKC,KAAWC,GAE7B,IADAA,EAAQA,EAAMC,OAAOC,UACXC,OAAS,EAAG,CAClB,MAAMC,EAAOJ,EAAMK,MACnBP,GAAO,eAAeE,EAAMM,KAAK,aAAaF,IAClD,MAC0B,IAAjBJ,EAAMG,OACXL,GAAO,eAAeE,EAAM,SAASA,EAAM,MAG3CF,GAAO,WAAWE,EAAM,MAa5B,OAXc,MAAVD,EACAD,GAAO,aAAaC,IAEG,mBAAXA,GAAyBA,EAAOQ,KAC5CT,GAAO,sBAAsBC,EAAOQ,OAEb,iBAAXR,GAAiC,MAAVA,GAC/BA,EAAOS,aAAaD,OACpBT,GAAO,4BAA4BC,EAAOS,YAAYD,QAGvDT,CACX,CACA,SAAgBC,KAAWC,IAChBH,EAAQ,eAAgBE,KAAWC,GAEvC,SAASS,EAAQC,EAAKX,KAAWC,GACpC,OAAOH,EAAQ,eAAea,uBAA0BX,KAAWC,EACvE,CC7BO,MAAMW,EAAU,IAAIC,YACdC,EAAU,IAAIC,YAEpB,SAASC,KAAUC,GACtB,MAAMC,EAAOD,EAAQE,OAAO,CAACC,GAAOhB,YAAagB,EAAMhB,EAAQ,GACzDiB,EAAM,IAAIC,WAAWJ,GAC3B,IAAIK,EAAI,EACR,IAAK,MAAMC,KAAUP,EACjBI,EAAII,IAAID,EAAQD,GAChBA,GAAKC,EAAOpB,OAEhB,OAAOiB,CACX,CCZO,MAYMK,EAAUC,GAZK,CAACA,IACzB,IAAIC,EAAYD,EACS,iBAAdC,IACPA,EAAYhB,EAAQc,OAAOE,IAE/B,MACMC,EAAM,GACZ,IAAK,IAAIN,EAAI,EAAGA,EAAIK,EAAUxB,OAAQmB,GAFnB,MAGfM,EAAIC,KAAKC,OAAOC,aAAaC,MAAM,KAAML,EAAUM,SAASX,EAAGA,EAHhD,SAKnB,OAAOY,KAAKN,EAAItB,KAAK,MAGd6B,CAAaT,GAAOU,QAAQ,KAAM,IAAIA,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAUvEC,EAAUX,IACnB,IAAIY,EAAUZ,EACVY,aAAmBjB,aACnBiB,EAAUzB,EAAQwB,OAAOC,IAE7BA,EAAUA,EAAQF,QAAQ,KAAM,KAAKA,QAAQ,KAAM,KAAKA,QAAQ,MAAO,IACvE,IACI,MAfoB,CAACE,IACzB,MAAMC,EAASC,KAAKF,GACdG,EAAQ,IAAIpB,WAAWkB,EAAOpC,QACpC,IAAK,IAAImB,EAAI,EAAGA,EAAIiB,EAAOpC,OAAQmB,IAC/BmB,EAAMnB,GAAKiB,EAAOG,WAAWpB,GAEjC,OAAOmB,GASIE,CAAaL,EACxB,CACA,MACI,MAAM,IAAIM,UAAU,oDACxB,GClCJ,EAAgBxE,KACRuB,EAAYvB,IAGqB,cAA9BA,IAAMiB,OAAOC,aAEXU,EAAQ,CAAC,aCatB,EAhBiB6C,MAAOzE,IACpB,GAAIA,aAAeiD,WACf,MAAO,CACHyB,IAAK,MACLC,EAAG,EAAU3E,IAGrB,IAAKuB,EAAYvB,GACb,MAAM,IAAIwE,UAAU,EAAgBxE,KAAQ4B,EAAO,eAEvD,IAAK5B,EAAI4E,YACL,MAAM,IAAIJ,UAAU,yDAExB,MAAM,IAAEK,EAAG,QAAEC,EAAO,IAAExC,EAAG,IAAEyC,KAAQC,SAAc,EAAOC,OAAOC,UAAU,MAAOlF,GAChF,OAAOgF,GCTJP,eAAeU,EAAUnF,GAC5B,OAAO,EAASA,EACpB,CCXO,MAAMoF,UAAkBC,MAC3B,WAAAjD,CAAYX,EAAS6D,GACjBC,MAAM9D,EAAS6D,GACf3J,KAAK6J,KAAO,mBACZ7J,KAAKwG,KAAOxG,KAAKyG,YAAYD,KAC7BkD,MAAMI,oBAAoB9J,KAAMA,KAAKyG,YACzC,EAEJgD,EAAUI,KAAO,mBACV,MAAME,UAAiCN,EAC1C,WAAAhD,CAAYX,EAASkE,EAASC,EAAQ,cAAeC,EAAS,eAC1DN,MAAM9D,EAAS,CAAEqE,MAAO,CAAEF,QAAOC,SAAQF,aACzChK,KAAK6J,KAAO,kCACZ7J,KAAKiK,MAAQA,EACbjK,KAAKkK,OAASA,EACdlK,KAAKgK,QAAUA,CACnB,EAEJD,EAAyBF,KAAO,kCACzB,MAAMO,UAAmBX,EAC5B,WAAAhD,CAAYX,EAASkE,EAASC,EAAQ,cAAeC,EAAS,eAC1DN,MAAM9D,EAAS,CAAEqE,MAAO,CAAEF,QAAOC,SAAQF,aACzChK,KAAK6J,KAAO,kBACZ7J,KAAKiK,MAAQA,EACbjK,KAAKkK,OAASA,EACdlK,KAAKgK,QAAUA,CACnB,EAEJI,EAAWP,KAAO,kBACX,MAAMQ,UAA0BZ,EACnC,WAAAhD,GACImD,SAASU,WACTtK,KAAK6J,KAAO,0BAChB,EAEJQ,EAAkBR,KAAO,2BAClB,MAAM,UAAyBJ,EAClC,WAAAhD,GACImD,SAASU,WACTtK,KAAK6J,KAAO,wBAChB,EAEJ,EAAiBA,KAAO,0BACjB,cAAkCJ,EACrC,WAAAhD,CAAYX,EAAU,8BAA+B6D,GACjDC,MAAM9D,EAAS6D,GACf3J,KAAK6J,KAAO,2BAChB,IAEgBA,KAAO,6BACpB,cAAyBJ,EAC5B,WAAAhD,GACImD,SAASU,WACTtK,KAAK6J,KAAO,iBAChB,IAEOA,KAAO,kBACX,MAAMU,UAAmBd,EAC5B,WAAAhD,GACImD,SAASU,WACTtK,KAAK6J,KAAO,iBAChB,EAEJU,EAAWV,KAAO,kBACX,MAAMW,UAAmBf,EAC5B,WAAAhD,GACImD,SAASU,WACTtK,KAAK6J,KAAO,iBAChB,EAEJW,EAAWX,KAAO,kBACX,MAAMY,UAAmBhB,EAC5B,WAAAhD,GACImD,SAASU,WACTtK,KAAK6J,KAAO,iBAChB,EAEJY,EAAWZ,KAAO,kBACX,MAAMa,UAAoBjB,EAC7B,WAAAhD,GACImD,SAASU,WACTtK,KAAK6J,KAAO,kBAChB,EAEJa,EAAYb,KAAO,mBACZ,MAAMc,UAA0BlB,EACnC,WAAAhD,CAAYX,EAAU,kDAAmD6D,GACrEC,MAAM9D,EAAS6D,GACf3J,KAAK6J,KAAO,0BAChB,EAEJc,EAAkBd,KAAO,2BAClB,MAAMe,UAAiCnB,EAC1C,WAAAhD,CAAYX,EAAU,uDAAwD6D,GAC1EC,MAAM9D,EAAS6D,GACf3J,KAAK6J,KAAO,iCAChB,EAEJvE,OAAOuF,cACPD,EAAyBf,KAAO,kCACzB,MAAMiB,UAAoBrB,EAC7B,WAAAhD,CAAYX,EAAU,oBAAqB6D,GACvCC,MAAM9D,EAAS6D,GACf3J,KAAK6J,KAAO,kBAChB,EAEJiB,EAAYjB,KAAO,mBACZ,MAAMkB,UAAuCtB,EAChD,WAAAhD,CAAYX,EAAU,gCAAiC6D,GACnDC,MAAM9D,EAAS6D,GACf3J,KAAK6J,KAAO,uCAChB,EC9GW,SAASmB,EAAUrE,EAAKsE,GACnC,MAAMC,EAAO,OAAOvE,EAAIwE,OAAO,KAC/B,OAAQxE,GACJ,IAAK,QACL,IAAK,QACL,IAAK,QACD,MAAO,CAAEuE,OAAM1E,KAAM,QACzB,IAAK,QACL,IAAK,QACL,IAAK,QACD,MAAO,CAAE0E,OAAM1E,KAAM,UAAW4E,WAAYzE,EAAIwE,OAAO,IAAM,GACjE,IAAK,QACL,IAAK,QACL,IAAK,QACD,MAAO,CAAED,OAAM1E,KAAM,qBACzB,IAAK,QACL,IAAK,QACL,IAAK,QACD,MAAO,CAAE0E,OAAM1E,KAAM,QAAS6E,WAAYJ,EAAUI,YACxD,IAAK,UACD,MAAO,CAAE7E,KAAM,WACnB,IAAK,QACD,MAAO,CAAEA,KAAMyE,EAAUzE,MAC7B,QACI,MAAM,IAAI,EAAiB,OAAOG,gEAE9C,CDsFAoE,EAA+BlB,KAAO,wCEjHtC,SAAgBlD,EAAKtC,KACjB,GAAIsC,EAAI2E,WAAW,OAAS3E,EAAI2E,WAAW,MAAO,CAC9C,MAAM,cAAEC,GAAkBlH,EAAI4G,UAC9B,GAA6B,iBAAlBM,GAA8BA,EAAgB,KACrD,MAAM,IAAI1C,UAAU,GAAGlC,yDAE/B,CACH,ECPD,SAAS6E,EAAShF,EAAMvB,EAAO,kBAC3B,OAAO,IAAI4D,UAAU,kDAAkD5D,aAAgBuB,IAC3F,CACA,SAASiF,EAAYR,EAAWzE,GAC5B,OAAOyE,EAAUzE,OAASA,CAC9B,CACA,SAASkF,EAAcR,GACnB,OAAOS,SAAST,EAAK1E,KAAK2E,MAAM,GAAI,GACxC,CAaA,SAASS,EAAWvH,EAAKwH,GACrB,GAAIA,EAAOzF,SAAWyF,EAAOC,KAAMC,GAAa1H,EAAIwH,OAAOG,SAASD,IAAY,CAC5E,IAAIhG,EAAM,sEACV,GAAI8F,EAAOzF,OAAS,EAAG,CACnB,MAAMC,EAAOwF,EAAOvF,MACpBP,GAAO,UAAU8F,EAAOtF,KAAK,aAAaF,IAC9C,MAC2B,IAAlBwF,EAAOzF,OACZL,GAAO,UAAU8F,EAAO,SAASA,EAAO,MAGxC9F,GAAO,GAAG8F,EAAO,MAErB,MAAM,IAAIhD,UAAU9C,EACxB,CACJ,CACO,SAASkG,EAAkB5H,EAAKsC,KAAQkF,GAC3C,OAAQlF,GACJ,IAAK,QACL,IAAK,QACL,IAAK,QAAS,CACV,IAAK8E,EAAYpH,EAAI4G,UAAW,QAC5B,MAAMO,EAAS,QACnB,MAAMO,EAAWJ,SAAShF,EAAIwE,MAAM,GAAI,IAExC,GADeO,EAAcrH,EAAI4G,UAAUC,QAC5Ba,EACX,MAAMP,EAAS,OAAOO,IAAY,kBACtC,KACJ,CACA,IAAK,QACL,IAAK,QACL,IAAK,QAAS,CACV,IAAKN,EAAYpH,EAAI4G,UAAW,qBAC5B,MAAMO,EAAS,qBACnB,MAAMO,EAAWJ,SAAShF,EAAIwE,MAAM,GAAI,IAExC,GADeO,EAAcrH,EAAI4G,UAAUC,QAC5Ba,EACX,MAAMP,EAAS,OAAOO,IAAY,kBACtC,KACJ,CACA,IAAK,QACL,IAAK,QACL,IAAK,QAAS,CACV,IAAKN,EAAYpH,EAAI4G,UAAW,WAC5B,MAAMO,EAAS,WACnB,MAAMO,EAAWJ,SAAShF,EAAIwE,MAAM,GAAI,IAExC,GADeO,EAAcrH,EAAI4G,UAAUC,QAC5Ba,EACX,MAAMP,EAAS,OAAOO,IAAY,kBACtC,KACJ,CACA,IAAK,QACD,GAA2B,YAAvB1H,EAAI4G,UAAUzE,MAA6C,UAAvBnC,EAAI4G,UAAUzE,KAClD,MAAMgF,EAAS,oBAEnB,MAEJ,IAAK,UACD,IAAKC,EAAYpH,EAAI4G,UAAW,WAC5B,MAAMO,EAAS,WACnB,MAEJ,IAAK,QACL,IAAK,QACL,IAAK,QAAS,CACV,IAAKC,EAAYpH,EAAI4G,UAAW,SAC5B,MAAMO,EAAS,SACnB,MAAMO,EA/ElB,SAAuBpF,GACnB,OAAQA,GACJ,IAAK,QACD,MAAO,QACX,IAAK,QACD,MAAO,QACX,IAAK,QACD,MAAO,QACX,QACI,MAAM,IAAI+C,MAAM,eAE5B,CAoE6BwC,CAAcvF,GAE/B,GADetC,EAAI4G,UAAUI,aACdU,EACX,MAAMP,EAASO,EAAU,wBAC7B,KACJ,CACA,QACI,MAAM,IAAIlD,UAAU,6CAE5B+C,EAAWvH,EAAKwH,EACpB,CC/Fe,SAASM,EAASxE,GAC7B,GAHwB,iBADNnC,EAIAmC,IAH4B,OAAVnC,GAGkC,oBAA1CjB,OAAOW,UAAUkH,SAAShH,KAAKuC,GACvD,OAAO,EALf,IAAsBnC,EAOlB,GAAqC,OAAjCjB,OAAO8H,eAAe1E,GACtB,OAAO,EAEX,IAAI2E,EAAQ3E,EACZ,KAAwC,OAAjCpD,OAAO8H,eAAeC,IACzBA,EAAQ/H,OAAO8H,eAAeC,GAElC,OAAO/H,OAAO8H,eAAe1E,KAAW2E,CAC5C,CCdO,SAASC,EAAMlI,GAClB,OAAO8H,EAAS9H,IAA2B,iBAAZA,EAAI0E,GACvC,CCqFA,MAeA,EAfcD,MAAOO,IACjB,IAAKA,EAAI1C,IACL,MAAM,IAAIkC,UAAU,4DAExB,MAAM,UAAEoC,EAAS,UAAEuB,GA1FvB,SAAuBnD,GACnB,IAAI4B,EACAuB,EACJ,OAAQnD,EAAIN,KACR,IAAK,MACD,OAAQM,EAAI1C,KACR,IAAK,QACL,IAAK,QACL,IAAK,QACDsE,EAAY,CAAEzE,KAAM,UAAW0E,KAAM,OAAO7B,EAAI1C,IAAIwE,OAAO,MAC3DqB,EAAYnD,EAAInF,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,QACL,IAAK,QACL,IAAK,QACD+G,EAAY,CAAEzE,KAAM,oBAAqB0E,KAAM,OAAO7B,EAAI1C,IAAIwE,OAAO,MACrEqB,EAAYnD,EAAInF,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,WACL,IAAK,eACL,IAAK,eACL,IAAK,eACD+G,EAAY,CACRzE,KAAM,WACN0E,KAAM,OAAOS,SAAStC,EAAI1C,IAAIwE,OAAO,GAAI,KAAO,KAEpDqB,EAAYnD,EAAInF,EAAI,CAAC,UAAW,aAAe,CAAC,UAAW,WAC3D,MACJ,QACI,MAAM,IAAI,EAAiB,gEAEnC,MAEJ,IAAK,KACD,OAAQmF,EAAI1C,KACR,IAAK,QACDsE,EAAY,CAAEzE,KAAM,QAAS6E,WAAY,SACzCmB,EAAYnD,EAAInF,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,QACD+G,EAAY,CAAEzE,KAAM,QAAS6E,WAAY,SACzCmB,EAAYnD,EAAInF,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,QACD+G,EAAY,CAAEzE,KAAM,QAAS6E,WAAY,SACzCmB,EAAYnD,EAAInF,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,UACL,IAAK,iBACL,IAAK,iBACL,IAAK,iBACD+G,EAAY,CAAEzE,KAAM,OAAQ6E,WAAYhC,EAAIoD,KAC5CD,EAAYnD,EAAInF,EAAI,CAAC,cAAgB,GACrC,MACJ,QACI,MAAM,IAAI,EAAiB,gEAEnC,MAEJ,IAAK,MACD,OAAQmF,EAAI1C,KACR,IAAK,UACDsE,EAAY,CAAEzE,KAAM,WACpBgG,EAAYnD,EAAInF,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,QACD+G,EAAY,CAAEzE,KAAM6C,EAAIoD,KACxBD,EAAYnD,EAAInF,EAAI,CAAC,QAAU,CAAC,UAChC,MACJ,IAAK,UACL,IAAK,iBACL,IAAK,iBACL,IAAK,iBACD+G,EAAY,CAAEzE,KAAM6C,EAAIoD,KACxBD,EAAYnD,EAAInF,EAAI,CAAC,cAAgB,GACrC,MACJ,QACI,MAAM,IAAI,EAAiB,gEAEnC,MAEJ,QACI,MAAM,IAAI,EAAiB,+DAEnC,MAAO,CAAE+G,YAAWuB,YACxB,CAKqCE,CAAcrD,GACzCsD,EAAO,CACT1B,EACA5B,EAAIH,MAAO,EACXG,EAAIF,SAAWqD,GAEbI,EAAU,IAAKvD,GAGrB,cAFOuD,EAAQjG,WACRiG,EAAQxD,IACR,EAAOE,OAAOuD,UAAU,MAAOD,KAAYD,IClGhDG,EAAkB9D,GAAMV,EAAOU,GACrC,IAAI+D,EACAC,EACJ,MAAMC,EAAe5I,GACoB,cAA9BA,IAAMiB,OAAOC,aAElB2H,EAAiBpE,MAAOqE,EAAO9I,EAAKgF,EAAK1C,EAAKyG,GAAS,KACzD,IAAIC,EAASF,EAAMzI,IAAIL,GACvB,GAAIgJ,IAAS1G,GACT,OAAO0G,EAAO1G,GAElB,MAAM2G,QAAkB,EAAU,IAAKjE,EAAK1C,QAS5C,OARIyG,GACA7I,OAAO6I,OAAO/I,GACbgJ,EAIDA,EAAO1G,GAAO2G,EAHdH,EAAM1F,IAAIpD,EAAK,CAAE,CAACsC,GAAM2G,IAKrBA,GA4CX,EA1C2B,CAACjJ,EAAKsC,KAC7B,GAAIsG,EAAY5I,GAAM,CAClB,IAAIgF,EAAMhF,EAAIkJ,OAAO,CAAEC,OAAQ,QAO/B,cANOnE,EAAInF,SACJmF,EAAIoE,UACJpE,EAAIqE,UACJrE,EAAIsE,SACJtE,EAAIuE,SACJvE,EAAIwE,GACPxE,EAAIL,EACG8D,EAAezD,EAAIL,IAE9BgE,IAAaA,EAAW,IAAIc,SACrBZ,EAAeF,EAAU3I,EAAKgF,EAAK1C,GAC9C,CACA,GAAI4F,EAAMlI,GAAM,CACZ,GAAIA,EAAI2E,EACJ,OAAOV,EAAOjE,EAAI2E,GACtBgE,IAAaA,EAAW,IAAIc,SAE5B,OADkBZ,EAAeF,EAAU3I,EAAKA,EAAKsC,GAAK,EAE9D,CACA,OAAOtC,GAoBX,EAlB4B,CAACA,EAAKsC,KAC9B,GAAIsG,EAAY5I,GAAM,CAClB,IAAIgF,EAAMhF,EAAIkJ,OAAO,CAAEC,OAAQ,QAC/B,OAAInE,EAAIL,EACG8D,EAAezD,EAAIL,IAE9B+D,IAAcA,EAAY,IAAIe,SACvBZ,EAAeH,EAAW1I,EAAKgF,EAAK1C,GAC/C,CACA,GAAI4F,EAAMlI,GAAM,CACZ,GAAIA,EAAI2E,EACJ,OAAOV,EAAOjE,EAAI2E,GACtB+D,IAAcA,EAAY,IAAIe,SAE9B,OADkBZ,EAAeH,EAAW1I,EAAKA,EAAKsC,GAAK,EAE/D,CACA,OAAOtC,GC5DIyE,eAAeiF,EAAapH,EAAKtC,EAAK2J,GAOjD,GANc,SAAVA,IACA3J,QAAY,EAA8BA,EAAKsC,IAErC,WAAVqH,IACA3J,QAAY,EAA6BA,EAAKsC,IAE9Cf,EAAYvB,GAEZ,OADA4H,EAAkB5H,EAAKsC,EAAKqH,GACrB3J,EAEX,GAAIA,aAAeiD,WAAY,CAC3B,IAAKX,EAAI2E,WAAW,MAChB,MAAM,IAAIzC,UAAU,EAAgBxE,KAAQ4B,IAEhD,OAAO,EAAOqD,OAAOuD,UAAU,MAAOxI,EAAK,CAAE6G,KAAM,OAAOvE,EAAIwE,OAAO,KAAM3E,KAAM,SAAU,EAAO,CAACwH,GACvG,CACA,MAAM,IAAInF,UAAU,EAAgBxE,KAAQ4B,EAAO,aAAc,gBACrE,CCnBA,MAMA,EANa6C,MAAOnC,EAAKtC,EAAK4J,KAC1B,MAAMX,QAAkB,EAAW3G,EAAKtC,EAAK,QAC7C,EAAesC,EAAK2G,GACpB,MAAMY,QAAkB,EAAO5E,OAAO6E,KAAK,EAAgBxH,EAAK2G,EAAUrC,WAAYqC,EAAWW,GACjG,OAAO,IAAI3G,WAAW4G,ICa1B,EArBmB,IAAIE,KACnB,MAAMC,EAAUD,EAAQlI,OAAOC,SAC/B,GAAuB,IAAnBkI,EAAQjI,QAAmC,IAAnBiI,EAAQjI,OAChC,OAAO,EAEX,IAAIgB,EACJ,IAAK,MAAMkH,KAAUD,EAAS,CAC1B,MAAME,EAAahK,OAAOiK,KAAKF,GAC/B,GAAKlH,GAAoB,IAAbA,EAAIF,KAIhB,IAAK,MAAMuH,KAAaF,EAAY,CAChC,GAAInH,EAAIsH,IAAID,GACR,OAAO,EAEXrH,EAAIuH,IAAIF,EACZ,MARIrH,EAAM,IAAIwH,IAAIL,EAStB,CACA,OAAO,GChBLM,EAAOxK,GAAQA,IAAMiB,OAAOC,aAC5BuJ,EAAe,CAACnI,EAAKtC,EAAK2J,KAC5B,QAAgBnK,IAAZQ,EAAI+E,KAAiC,QAAZ/E,EAAI+E,IAC7B,MAAM,IAAIP,UAAU,oEAExB,QAAoBhF,IAAhBQ,EAAI8E,UAA2D,IAAlC9E,EAAI8E,QAAQ6C,WAAWgC,GACpD,MAAM,IAAInF,UAAU,yEAAyEmF,KAEjG,QAAgBnK,IAAZQ,EAAIsC,KAAqBtC,EAAIsC,MAAQA,EACrC,MAAM,IAAIkC,UAAU,gEAAgElC,KAExF,OAAO,GAELoI,EAAqB,CAACpI,EAAKtC,EAAK2J,EAAOgB,KACzC,KAAI3K,aAAeiD,YAAnB,CAEA,GAAI0H,GAAY,EAAU3K,GAAM,CAC5B,GNVD,SAAqBA,GACxB,OAAOkI,EAAMlI,IAAoB,QAAZA,EAAI0E,KAAkC,iBAAV1E,EAAI2E,CACzD,CMQY,CAAgB3E,IAAQyK,EAAanI,EAAKtC,EAAK2J,GAC/C,OACJ,MAAM,IAAInF,UAAU,0HACxB,CACA,IAAK,EAAUxE,GACX,MAAM,IAAIwE,UAAU,EAAgBlC,EAAKtC,KAAQ4B,EAAO,aAAc+I,EAAW,eAAiB,OAEtG,GAAiB,WAAb3K,EAAI4K,KACJ,MAAM,IAAIpG,UAAU,GAAGgG,EAAIxK,iEAVrB,GA6Cd,SAAS6K,GAAaF,EAAUrI,EAAKtC,EAAK2J,GACpBrH,EAAI2E,WAAW,OACrB,QAAR3E,GACAA,EAAI2E,WAAW,UACf,qBAAqB6D,KAAKxI,GAE1BoI,EAAmBpI,EAAKtC,EAAK2J,EAAOgB,GAtChB,EAACrI,EAAKtC,EAAK2J,EAAOgB,KAC1C,GAAIA,GAAY,EAAU3K,GACtB,OAAQ2J,GACJ,IAAK,OACD,GN/BT,SAAsB3J,GACzB,MAAmB,QAAZA,EAAI0E,KAAkC,iBAAV1E,EAAIH,CAC3C,CM6BoB,CAAiBG,IAAQyK,EAAanI,EAAKtC,EAAK2J,GAChD,OACJ,MAAM,IAAInF,UAAU,oDACxB,IAAK,SACD,GNhCT,SAAqBxE,GACxB,MAAmB,QAAZA,EAAI0E,UAAkC,IAAV1E,EAAIH,CAC3C,CM8BoB,CAAgBG,IAAQyK,EAAanI,EAAKtC,EAAK2J,GAC/C,OACJ,MAAM,IAAInF,UAAU,mDAGhC,IAAK,EAAUxE,GACX,MAAM,IAAIwE,UAAU,EAAgBlC,EAAKtC,KAAQ4B,EAAO+I,EAAW,eAAiB,OAExF,GAAiB,WAAb3K,EAAI4K,KACJ,MAAM,IAAIpG,UAAU,GAAGgG,EAAIxK,uEAE/B,GAAc,SAAV2J,GAAiC,WAAb3J,EAAI4K,KACxB,MAAM,IAAIpG,UAAU,GAAGgG,EAAIxK,2EAE/B,GAAc,YAAV2J,GAAoC,WAAb3J,EAAI4K,KAC3B,MAAM,IAAIpG,UAAU,GAAGgG,EAAIxK,8EAE/B,GAAIA,EAAI4G,WAAuB,WAAV+C,GAAmC,YAAb3J,EAAI4K,KAC3C,MAAM,IAAIpG,UAAU,GAAGgG,EAAIxK,4EAE/B,GAAIA,EAAI4G,WAAuB,YAAV+C,GAAoC,YAAb3J,EAAI4K,KAC5C,MAAM,IAAIpG,UAAU,GAAGgG,EAAIxK,8EAY3B+K,CAAoBzI,EAAKtC,EAAK2J,EAAOgB,EAE7C,CACeE,GAAaG,UAAKxL,GAAW,GAA5C,MACayL,GAAsBJ,GAAaG,UAAKxL,GAAW,GC3ChE,SAhCA,SAAsB0L,EAAKC,EAAmBC,EAAkBC,EAAiBC,GAC7E,QAAwB9L,IAApB8L,EAAWC,WAAgD/L,IAA1B6L,GAAiBE,KAClD,MAAM,IAAIL,EAAI,kEAElB,IAAKG,QAA4C7L,IAAzB6L,EAAgBE,KACpC,OAAO,IAAIhB,IAEf,IAAKiB,MAAMC,QAAQJ,EAAgBE,OACC,IAAhCF,EAAgBE,KAAKxJ,QACrBsJ,EAAgBE,KAAK9D,KAAMnE,GAA2B,iBAAVA,GAAuC,IAAjBA,EAAMvB,QACxE,MAAM,IAAImJ,EAAI,yFAElB,IAAIQ,EAEAA,OADqBlM,IAArB4L,EACa,IAAIO,IAAI,IAAIzL,OAAO0L,QAAQR,MAAsBD,EAAkBS,YAGnET,EAEjB,IAAK,MAAMf,KAAaiB,EAAgBE,KAAM,CAC1C,IAAKG,EAAWrB,IAAID,GAChB,MAAM,IAAI,EAAiB,+BAA+BA,wBAE9D,QAA8B5K,IAA1B8L,EAAWlB,GACX,MAAM,IAAIc,EAAI,+BAA+Bd,iBAEjD,GAAIsB,EAAWrL,IAAI+J,SAA6C5K,IAA/B6L,EAAgBjB,GAC7C,MAAM,IAAIc,EAAI,+BAA+Bd,iCAErD,CACA,OAAO,IAAIG,IAAIc,EAAgBE,KACnC,ECzBO,MAAMM,GACT,WAAAzJ,CAAYuD,GACR,KAAMA,aAAmB1C,YACrB,MAAM,IAAIuB,UAAU,6CAExB7I,KAAKmQ,SAAWnG,CACpB,CACA,kBAAAoG,CAAmBV,GACf,GAAI1P,KAAKqQ,iBACL,MAAM,IAAIxH,UAAU,8CAGxB,OADA7I,KAAKqQ,iBAAmBX,EACjB1P,IACX,CACA,oBAAAsQ,CAAqBC,GACjB,GAAIvQ,KAAKwQ,mBACL,MAAM,IAAI3H,UAAU,gDAGxB,OADA7I,KAAKwQ,mBAAqBD,EACnBvQ,IACX,CACA,UAAMmO,CAAK9J,EAAKsF,GACZ,IAAK3J,KAAKqQ,mBAAqBrQ,KAAKwQ,mBAChC,MAAM,IAAIjG,EAAW,mFAEzB,IAAK,EAAWvK,KAAKqQ,iBAAkBrQ,KAAKwQ,oBACxC,MAAM,IAAIjG,EAAW,6EAEzB,MAAMoF,EAAa,IACZ3P,KAAKqQ,oBACLrQ,KAAKwQ,oBAGZ,IAAIC,GAAM,EACV,GAFmB,GAAalG,EAAY,IAAIyF,IAAI,CAAC,CAAC,OAAO,KAASrG,GAASiG,KAAM5P,KAAKqQ,iBAAkBV,GAE7FjB,IAAI,SACf+B,EAAMzQ,KAAKqQ,iBAAiBI,IACT,kBAARA,GACP,MAAM,IAAIlG,EAAW,2EAG7B,MAAM,IAAE5D,GAAQgJ,EAChB,GAAmB,iBAARhJ,IAAqBA,EAC5B,MAAM,IAAI4D,EAAW,6DAEzB+E,GAAoB3I,EAAKtC,EAAK,QAC9B,IAIIqL,EAJA1F,EAAUhK,KAAKmQ,SACfM,IACAzG,EAAUpD,EAAQc,OAAO,EAAUsC,KAInC0F,EADA1P,KAAKqQ,iBACazJ,EAAQc,OAAO,EAAUgJ,KAAKC,UAAU3Q,KAAKqQ,oBAG7CzJ,EAAQc,OAAO,IAErC,MAAMuG,EAAOjH,EAAO0I,EAAiB9I,EAAQc,OAAO,KAAMsC,GACpDkE,QAAkB,EAAKvH,EAAKtC,EAAK4J,GACjC2C,EAAM,CACR1C,UAAW,EAAUA,GACrBlE,QAAS,IAWb,OATIyG,IACAG,EAAI5G,QAAUlD,EAAQwB,OAAO0B,IAE7BhK,KAAKwQ,qBACLI,EAAItC,OAAStO,KAAKwQ,oBAElBxQ,KAAKqQ,mBACLO,EAAIC,UAAY/J,EAAQwB,OAAOoH,IAE5BkB,CACX,EC9EG,MAAME,GACT,WAAArK,CAAYuD,GACRhK,KAAK+Q,WAAa,IAAIb,GAAclG,EACxC,CACA,kBAAAoG,CAAmBV,GAEf,OADA1P,KAAK+Q,WAAWX,mBAAmBV,GAC5B1P,IACX,CACA,UAAMmO,CAAK9J,EAAKsF,GACZ,MAAMiH,QAAY5Q,KAAK+Q,WAAW5C,KAAK9J,EAAKsF,GAC5C,QAAoB9F,IAAhB+M,EAAI5G,QACJ,MAAM,IAAInB,UAAU,6DAExB,MAAO,GAAG+H,EAAIC,aAAaD,EAAI5G,WAAW4G,EAAI1C,WAClD,ECfJ,SAAgB8C,GAASC,KAAKC,MAAMF,EAAKG,UAAY,KCE/CC,GAAMC,MAGNC,GAAQ,oIACd,GAAgBC,IACZ,MAAMC,EAAUF,GAAMG,KAAKF,GAC3B,IAAKC,GAAYA,EAAQ,IAAMA,EAAQ,GACnC,MAAM,IAAI3I,UAAU,8BAExB,MAAMrD,EAAQkM,WAAWF,EAAQ,IAEjC,IAAIG,EACJ,OAFaH,EAAQ,GAAGI,eAGpB,IAAK,MACL,IAAK,OACL,IAAK,SACL,IAAK,UACL,IAAK,IACDD,EAAcV,KAAKY,MAAMrM,GACzB,MACJ,IAAK,SACL,IAAK,UACL,IAAK,MACL,IAAK,OACL,IAAK,IACDmM,EAAcV,KAAKY,MA3BhB,GA2BsBrM,GACzB,MACJ,IAAK,OACL,IAAK,QACL,IAAK,KACL,IAAK,MACL,IAAK,IACDmM,EAAcV,KAAKY,MAjClBC,KAiCwBtM,GACzB,MACJ,IAAK,MACL,IAAK,OACL,IAAK,IACDmM,EAAcV,KAAKY,MAAMrM,EAAQ4L,IACjC,MACJ,IAAK,OACL,IAAK,QACL,IAAK,IACDO,EAAcV,KAAKY,MAzClBT,OAyCwB5L,GACzB,MACJ,QACImM,EAAcV,KAAKY,MA3ClBT,SA2CwB5L,GAGjC,MAAmB,MAAfgM,EAAQ,IAA6B,QAAfA,EAAQ,IACtBG,EAELA,CACV,ECnDD,SAASI,GAAcC,EAAOrK,GAC1B,IAAKsK,OAAOC,SAASvK,GACjB,MAAM,IAAIkB,UAAU,WAAWmJ,WAEnC,OAAOrK,CACX,CACO,MAAMwK,GACT,WAAA1L,CAAYuD,EAAU,CAAC,GACnB,IAAKmC,EAASnC,GACV,MAAM,IAAInB,UAAU,oCAExB7I,KAAKmQ,SAAWnG,CACpB,CACA,SAAAoI,CAAUC,GAEN,OADArS,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAUmC,IAAKD,GAClCrS,IACX,CACA,UAAAuS,CAAWC,GAEP,OADAxS,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAUsC,IAAKD,GAClCxS,IACX,CACA,WAAA0S,CAAYC,GAER,OADA3S,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAUyC,IAAKD,GAClC3S,IACX,CACA,MAAA6S,CAAOC,GAEH,OADA9S,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAU4C,IAAKD,GAClC9S,IACX,CACA,YAAAgT,CAAarL,GAUT,MATqB,iBAAVA,EACP3H,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAU8C,IAAKlB,GAAc,eAAgBpK,IAElEA,aAAiBuL,KACtBlT,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAU8C,IAAKlB,GAAc,eAAgBoB,GAAMxL,KAG7E3H,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAU8C,IAAKE,GAAM,IAAID,MAAUE,GAAKzL,IAE/D3H,IACX,CACA,iBAAAqT,CAAkB1L,GAUd,MATqB,iBAAVA,EACP3H,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAUmD,IAAKvB,GAAc,oBAAqBpK,IAEvEA,aAAiBuL,KACtBlT,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAUmD,IAAKvB,GAAc,oBAAqBoB,GAAMxL,KAGlF3H,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAUmD,IAAKH,GAAM,IAAID,MAAUE,GAAKzL,IAE/D3H,IACX,CACA,WAAAuT,CAAY5L,GAgBR,YAfqB,IAAVA,EACP3H,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAUqD,IAAKL,GAAM,IAAID,OAE9CvL,aAAiBuL,KACtBlT,KAAKmQ,SAAW,IAAKnQ,KAAKmQ,SAAUqD,IAAKzB,GAAc,cAAeoB,GAAMxL,KAG5E3H,KAAKmQ,SADiB,iBAAVxI,EACI,IACT3H,KAAKmQ,SACRqD,IAAKzB,GAAc,cAAeoB,GAAM,IAAID,MAAUE,GAAKzL,KAI/C,IAAK3H,KAAKmQ,SAAUqD,IAAKzB,GAAc,cAAepK,IAEnE3H,IACX,ECrEG,MAAMyT,WAAgBtB,GACzB,kBAAA/B,CAAmBV,GAEf,OADA1P,KAAKqQ,iBAAmBX,EACjB1P,IACX,CACA,UAAMmO,CAAK9J,EAAKsF,GACZ,MAAM+J,EAAM,IAAI5C,GAAYlK,EAAQc,OAAOgJ,KAAKC,UAAU3Q,KAAKmQ,YAE/D,GADAuD,EAAItD,mBAAmBpQ,KAAKqQ,kBACxBR,MAAMC,QAAQ9P,KAAKqQ,kBAAkBT,OACrC5P,KAAKqQ,iBAAiBT,KAAK5D,SAAS,SACN,IAA9BhM,KAAKqQ,iBAAiBI,IACtB,MAAM,IAAIjG,EAAW,uCAEzB,OAAOkJ,EAAIvF,KAAK9J,EAAKsF,EACzB,ECjBJ,MAgCA,GAhCkBb,MAAO6K,EAAKC,EAASjK,KACnC,IAAIkK,EACAC,EACAC,GAAW,EACgB,mBAApBC,kBACPH,EAAa,IAAIG,gBACjBF,EAAKG,WAAW,KACZF,GAAW,EACXF,EAAWK,SACZN,IAEP,MAAMO,QAAiBC,MAAMT,EAAIU,KAAM,CACnCC,OAAQT,EAAaA,EAAWS,YAASzQ,EACzC0Q,SAAU,SACVnG,QAASzE,EAAQyE,UAClBoG,MAAOC,IACN,GAAIV,EACA,MAAM,IAAIjJ,EACd,MAAM2J,IAIV,QAFW5Q,IAAPiQ,GACAY,aAAaZ,GACO,MAApBK,EAASQ,OACT,MAAM,IAAIlL,EAAU,2DAExB,IACI,aAAa0K,EAASS,MAC1B,CACA,MACI,MAAM,IAAInL,EAAU,6DACxB,GCRGX,eAAe+L,GAAUxL,EAAK1C,GACjC,IAAKwF,EAAS9C,GACV,MAAM,IAAIR,UAAU,yBAGxB,OADAlC,IAAQA,EAAM0C,EAAI1C,KACV0C,EAAIN,KACR,IAAK,MACD,GAAqB,iBAAVM,EAAIL,IAAmBK,EAAIL,EAClC,MAAM,IAAIH,UAAU,2CAExB,OAAOP,EAAgBe,EAAIL,GAC/B,IAAK,MACD,GAAI,QAASK,QAAmBxF,IAAZwF,EAAIyL,IACpB,MAAM,IAAI,EAAiB,sEAEnC,IAAK,KACL,IAAK,MACD,OAAO,EAAY,IAAKzL,EAAK1C,QACjC,QACI,MAAM,IAAI,EAAiB,gDAEvC,CCtBA,SAASoO,GAAU1Q,GACf,OAAO8H,EAAS9H,EACpB,CACA,SAAS2Q,GAAMhQ,GACX,MAA+B,mBAApBiQ,gBACAA,gBAAgBjQ,GAEpB0L,KAAKwE,MAAMxE,KAAKC,UAAU3L,GACrC,CACA,MAAMmQ,GACF,WAAA1O,CAAY2O,GAER,GADApV,KAAKqV,QAAU,IAAIvH,SAjB3B,SAAoBsH,GAChB,OAAQA,GACY,iBAATA,GACPvF,MAAMC,QAAQsF,EAAK5G,OACnB4G,EAAK5G,KAAK8G,MAAMP,GACxB,CAaaQ,CAAWH,GACZ,MAAM,IAAI1K,EAAY,8BAE1B1K,KAAKwV,MAAQR,GAAMI,EACvB,CACA,YAAMK,CAAO/F,EAAiBgG,GAC1B,MAAM,IAAE/O,EAAG,IAAEgP,GAAQ,IAAKjG,KAAoBgG,GAAOpH,QAC/CvF,EAtCd,SAAuBpC,GACnB,OAAuB,iBAARA,GAAoBA,EAAIwE,MAAM,EAAG,IAC5C,IAAK,KACL,IAAK,KACD,MAAO,MACX,IAAK,KACD,MAAO,KACX,IAAK,KACD,MAAO,MACX,QACI,MAAM,IAAI,EAAiB,kDAEvC,CA0BoByK,CAAcjP,GACpBkP,EAAa7V,KAAKwV,MAAMhH,KAAKtI,OAAQmD,IACvC,IAAIyM,EAAY/M,IAAQM,EAAIN,IAa5B,GAZI+M,GAA4B,iBAARH,IACpBG,EAAYH,IAAQtM,EAAIsM,KAExBG,GAAgC,iBAAZzM,EAAI1C,MACxBmP,EAAYnP,IAAQ0C,EAAI1C,KAExBmP,GAAgC,iBAAZzM,EAAID,MACxB0M,EAAwB,QAAZzM,EAAID,KAEhB0M,GAAajG,MAAMC,QAAQzG,EAAIF,WAC/B2M,EAAYzM,EAAIF,QAAQ6C,SAAS,WAEjC8J,EACA,OAAQnP,GACJ,IAAK,QACDmP,EAAwB,UAAZzM,EAAIoD,IAChB,MACJ,IAAK,SACDqJ,EAAwB,cAAZzM,EAAIoD,IAChB,MACJ,IAAK,QACDqJ,EAAwB,UAAZzM,EAAIoD,IAChB,MACJ,IAAK,QACDqJ,EAAwB,UAAZzM,EAAIoD,IAChB,MACJ,IAAK,UACDqJ,EAAwB,YAAZzM,EAAIoD,IAChB,MACJ,IAAK,QACDqJ,EAAwB,YAAZzM,EAAIoD,KAAiC,UAAZpD,EAAIoD,IAIrD,OAAOqJ,KAEH,EAAGzM,EAAG,OAAEjD,GAAWyP,EAC3B,GAAe,IAAXzP,EACA,MAAM,IAAIuE,EAEd,GAAe,IAAXvE,EAAc,CACd,MAAM2P,EAAQ,IAAInL,GACZ,QAAEyK,GAAYrV,KASpB,MARA+V,EAAMzQ,OAAOuF,eAAiB/B,kBAC1B,IAAK,MAAMO,KAAOwM,EACd,gBACgBG,GAAmBX,EAAShM,EAAK1C,EACjD,CACA,MAAQ,CAEhB,EACMoP,CACV,CACA,OAAOC,GAAmBhW,KAAKqV,QAAShM,EAAK1C,EACjD,EAEJmC,eAAekN,GAAmB7I,EAAO9D,EAAK1C,GAC1C,MAAM0G,EAASF,EAAMzI,IAAI2E,IAAQ8D,EAAM1F,IAAI4B,EAAK,CAAC,GAAG3E,IAAI2E,GACxD,QAAoBxF,IAAhBwJ,EAAO1G,GAAoB,CAC3B,MAAMtC,QAAYwQ,GAAU,IAAKxL,EAAKH,KAAK,GAAQvC,GACnD,GAAItC,aAAeiD,YAA2B,WAAbjD,EAAI4K,KACjC,MAAM,IAAIvE,EAAY,gDAE1B2C,EAAO1G,GAAOtC,CAClB,CACA,OAAOgJ,EAAO1G,EAClB,CACO,SAASsP,GAAkBb,GAC9B,MAAM3N,EAAM,IAAI0N,GAAYC,GACtBc,EAAcpN,MAAO4G,EAAiBgG,IAAUjO,EAAIgO,OAAO/F,EAAiBgG,GASlF,OARAnR,OAAO4R,iBAAiBD,EAAa,CACjCd,KAAM,CACF5P,MAAO,IAAMwP,GAAMvN,EAAI+N,OACvB/Q,YAAY,EACZ2R,cAAc,EACdC,UAAU,KAGXH,CACX,CClHA,IAAII,GACJ,GAAyB,oBAAdC,YAA8BA,UAAUC,WAAWlL,aAAa,gBAAiB,CAGxFgL,GAAa,GAFA,UACG,WAEpB,CACO,MAAMG,GAAYnR,SAgBzB,MAAMoR,GACF,WAAAjQ,CAAYkN,EAAKhK,GACb,KAAMgK,aAAegD,KACjB,MAAM,IAAI9N,UAAU,kCAlBhC,IAA0BlB,EAAOiP,EAoBzB5W,KAAK6W,KAAO,IAAIF,IAAIhD,EAAIU,MACxBrU,KAAK8W,SAAW,CAAEC,MAAOpN,GAASoN,MAAO3I,QAASzE,GAASyE,SAC3DpO,KAAKgX,iBACmC,iBAA7BrN,GAASsN,gBAA+BtN,GAASsN,gBAAkB,IAC9EjX,KAAKkX,kBACoC,iBAA9BvN,GAASwN,iBAAgCxN,GAASwN,iBAAmB,IAChFnX,KAAKoX,aAA+C,iBAAzBzN,GAASiN,YAA2BjN,GAASiN,YAAc,SACzD/S,IAAzB8F,IAAU8M,MACVzW,KAAKqX,OAAS1N,IAAU8M,IA5BV9O,EA6BOgC,IAAU8M,IA7BVG,EA6BsB5W,KAAKoX,aA5BnC,iBAAVzP,GAAgC,OAAVA,GAG3B,QAASA,GAA+B,iBAAdA,EAAM2P,OAAoBpE,KAAKqE,MAAQ5P,EAAM2P,KAAOV,IAG9E,SAAUjP,GACXwE,EAASxE,EAAMyN,OACfvF,MAAMC,QAAQnI,EAAMyN,KAAK5G,OACzBqB,MAAM3K,UAAUoQ,MAAMlQ,KAAKuC,EAAMyN,KAAK5G,KAAMrC,KAoBrCnM,KAAKwX,eAAiBxX,KAAKqX,OAAOC,IAClCtX,KAAKyX,OAASxB,GAAkBjW,KAAKqX,OAAOjC,OAGxD,CACA,WAAAsC,GACI,MAAsC,iBAAxB1X,KAAKwX,gBACbtE,KAAKqE,MAAQvX,KAAKwX,eAAiBxX,KAAKkX,iBAElD,CACA,KAAAS,GACI,MAAsC,iBAAxB3X,KAAKwX,gBACbtE,KAAKqE,MAAQvX,KAAKwX,eAAiBxX,KAAKoX,YAElD,CACA,YAAM3B,CAAO/F,EAAiBgG,GACrB1V,KAAKyX,QAAWzX,KAAK2X,eAChB3X,KAAK4X,SAEf,IACI,aAAa5X,KAAKyX,OAAO/H,EAAiBgG,EAC9C,CACA,MAAOjB,GACH,GAAIA,aAAe9J,IACY,IAAvB3K,KAAK0X,cAEL,aADM1X,KAAK4X,SACJ5X,KAAKyX,OAAO/H,EAAiBgG,GAG5C,MAAMjB,CACV,CACJ,CACA,YAAMmD,GACE5X,KAAK6X,gBA1EoB,oBAAlBC,eACW,oBAAdvB,WAAqD,uBAAxBA,UAAUC,WACvB,oBAAhBuB,aAA+C,WAAhBA,eAyEnC/X,KAAK6X,mBAAgBhU,GAEzB,MAAMuK,EAAU,IAAI4J,QAAQhY,KAAK8W,SAAS1I,SACtCkI,KAAelI,EAAQM,IAAI,gBAC3BN,EAAQ3G,IAAI,aAAc6O,IAC1BtW,KAAK8W,SAAS1I,QAAU7J,OAAO0T,YAAY7J,EAAQ6B,YAEvDjQ,KAAK6X,gBAAkB7X,KAAK6X,cAAgB,GAAU7X,KAAK6W,KAAM7W,KAAKgX,iBAAkBhX,KAAK8W,UACxFoB,KAAMtD,IACP5U,KAAKyX,OAASxB,GAAkBrB,GAC5B5U,KAAKqX,SACLrX,KAAKqX,OAAOC,IAAMpE,KAAKqE,MACvBvX,KAAKqX,OAAOjC,KAAOR,GAEvB5U,KAAKwX,eAAiBtE,KAAKqE,MAC3BvX,KAAK6X,mBAAgBhU,IAEpB2Q,MAAOC,IAER,MADAzU,KAAK6X,mBAAgBhU,EACf4Q,WAEJzU,KAAK6X,aACf,EAoCG,MC3HP,GAXe/O,MAAOnC,EAAKtC,EAAK6J,EAAWD,KACvC,MAAMX,QAAkB,EAAa3G,EAAKtC,EAAK,UAC/C,EAAesC,EAAK2G,GACpB,MAAMrC,EAAY,EAAgBtE,EAAK2G,EAAUrC,WACjD,IACI,aAAa,EAAO3B,OAAO6O,OAAOlN,EAAWqC,EAAWY,EAAWD,EACvE,CACA,MACI,OAAO,CACX,GCHJ,GAV2B,CAACmK,EAAQC,KAChC,QAAmBxU,IAAfwU,KACExI,MAAMC,QAAQuI,IAAeA,EAAWvM,KAAMwM,GAAmB,iBAANA,IAC7D,MAAM,IAAIzP,UAAU,IAAIuP,yCAE5B,GAAKC,EAGL,OAAO,IAAIzJ,IAAIyJ,ICLZvP,eAAeyP,GAAc3H,EAAKvM,EAAKsF,GAI1C,GAHIiH,aAAetJ,aACfsJ,EAAM9J,EAAQwB,OAAOsI,IAEN,iBAARA,EACP,MAAM,IAAIrG,EAAW,8CAEzB,MAAQ,EAAGmF,EAAiB,EAAG1F,EAAS,EAAGkE,EAAS,OAAE9H,GAAWwK,EAAI4H,MAAM,KAC3E,GAAe,IAAXpS,EACA,MAAM,IAAImE,EAAW,uBAEzB,MAAMkO,QCHH3P,eAA+B8H,EAAKvM,EAAKsF,GAC5C,IAAKwC,EAASyE,GACV,MAAM,IAAIrG,EAAW,mCAEzB,QAAsB1G,IAAlB+M,EAAIC,gBAA0ChN,IAAf+M,EAAItC,OACnC,MAAM,IAAI/D,EAAW,yEAEzB,QAAsB1G,IAAlB+M,EAAIC,WAAoD,iBAAlBD,EAAIC,UAC1C,MAAM,IAAItG,EAAW,uCAEzB,QAAoB1G,IAAhB+M,EAAI5G,QACJ,MAAM,IAAIO,EAAW,uBAEzB,GAA6B,iBAAlBqG,EAAI1C,UACX,MAAM,IAAI3D,EAAW,2CAEzB,QAAmB1G,IAAf+M,EAAItC,SAAyBnC,EAASyE,EAAItC,QAC1C,MAAM,IAAI/D,EAAW,yCAEzB,IAAImO,EAAa,CAAC,EAClB,GAAI9H,EAAIC,UACJ,IACI,MAAMnB,EAAkB,EAAUkB,EAAIC,WACtC6H,EAAahI,KAAKwE,MAAMpO,EAAQwB,OAAOoH,GAC3C,CACA,MACI,MAAM,IAAInF,EAAW,kCACzB,CAEJ,IAAK,EAAWmO,EAAY9H,EAAItC,QAC5B,MAAM,IAAI/D,EAAW,6EAEzB,MAAMoF,EAAa,IACZ+I,KACA9H,EAAItC,QAGX,IAAImC,GAAM,EACV,GAFmB,GAAalG,EAAY,IAAIyF,IAAI,CAAC,CAAC,OAAO,KAASrG,GAASiG,KAAM8I,EAAY/I,GAElFjB,IAAI,SACf+B,EAAMiI,EAAWjI,IACE,kBAARA,GACP,MAAM,IAAIlG,EAAW,2EAG7B,MAAM,IAAE5D,GAAQgJ,EAChB,GAAmB,iBAARhJ,IAAqBA,EAC5B,MAAM,IAAI4D,EAAW,6DAEzB,MAAM8N,EAAa1O,GAAW,GAAmB,aAAcA,EAAQ0O,YACvE,GAAIA,IAAeA,EAAW3J,IAAI/H,GAC9B,MAAM,IAAI0D,EAAkB,wDAEhC,GAAIoG,GACA,GAA2B,iBAAhBG,EAAI5G,QACX,MAAM,IAAIO,EAAW,qCAGxB,GAA2B,iBAAhBqG,EAAI5G,WAA0B4G,EAAI5G,mBAAmB1C,YACjE,MAAM,IAAIiD,EAAW,0DAEzB,IAAIoO,GAAc,EACC,mBAARtU,GACPA,QAAYA,EAAIqU,EAAY9H,GAC5B+H,GAAc,EACdrJ,GAAoB3I,EAAKtC,EAAK,UAC1BkI,EAAMlI,KACNA,QAAYwQ,GAAUxQ,EAAKsC,KAI/B2I,GAAoB3I,EAAKtC,EAAK,UAElC,MAAM4J,EAAOjH,EAAOJ,EAAQc,OAAOkJ,EAAIC,WAAa,IAAKjK,EAAQc,OAAO,KAA6B,iBAAhBkJ,EAAI5G,QAAuBpD,EAAQc,OAAOkJ,EAAI5G,SAAW4G,EAAI5G,SAClJ,IAAIkE,EAWAlE,EAVJ,IACIkE,EAAY,EAAU0C,EAAI1C,UAC9B,CACA,MACI,MAAM,IAAI3D,EAAW,2CACzB,CAEA,UADuB,GAAO5D,EAAKtC,EAAK6J,EAAWD,GAE/C,MAAM,IAAIlD,EAGd,GAAI0F,EACA,IACIzG,EAAU,EAAU4G,EAAI5G,QAC5B,CACA,MACI,MAAM,IAAIO,EAAW,yCACzB,MAGAP,EAD4B,iBAAhB4G,EAAI5G,QACNpD,EAAQc,OAAOkJ,EAAI5G,SAGnB4G,EAAI5G,QAElB,MAAM4O,EAAS,CAAE5O,WAOjB,YANsBnG,IAAlB+M,EAAIC,YACJ+H,EAAOlJ,gBAAkBgJ,QAEV7U,IAAf+M,EAAItC,SACJsK,EAAOrI,kBAAoBK,EAAItC,QAE/BqK,EACO,IAAKC,EAAQvU,OAEjBuU,CACX,CD3G2BC,CAAgB,CAAE7O,UAAS6G,UAAWnB,EAAiBxB,aAAa7J,EAAKsF,GAC1FiP,EAAS,CAAE5O,QAASyO,EAASzO,QAAS0F,gBAAiB+I,EAAS/I,iBACtE,MAAmB,mBAARrL,EACA,IAAKuU,EAAQvU,IAAKoU,EAASpU,KAE/BuU,CACX,CEfA,MAAME,GAAgBtT,GAAUA,EAAMoM,cAAcvJ,QAAQ,iBAAkB,IAU9E,IAAgBqH,EAAiBqJ,EAAgBpP,EAAU,CAAC,KACxD,IAAIK,EACJ,IACIA,EAAU0G,KAAKwE,MAAMpO,EAAQwB,OAAOyQ,GACxC,CACA,MACA,CACA,IAAK5M,EAASnC,GACV,MAAM,IAAIQ,EAAW,kDAEzB,MAAM,IAAEwO,GAAQrP,EAChB,GAAIqP,IACgC,iBAAxBtJ,EAAgBsJ,KACpBF,GAAapJ,EAAgBsJ,OAASF,GAAaE,IACvD,MAAM,IAAIjP,EAAyB,oCAAqCC,EAAS,MAAO,gBAE5F,MAAM,eAAEiP,EAAiB,GAAE,OAAE5G,EAAM,QAAEG,EAAO,SAAEG,EAAQ,YAAEuG,GAAgBvP,EAClEwP,EAAgB,IAAIF,QACNpV,IAAhBqV,GACAC,EAAcrR,KAAK,YACNjE,IAAb8O,GACAwG,EAAcrR,KAAK,YACPjE,IAAZ2O,GACA2G,EAAcrR,KAAK,YACRjE,IAAXwO,GACA8G,EAAcrR,KAAK,OACvB,IAAK,MAAMmC,KAAS,IAAI2E,IAAIuK,EAAcC,WACtC,KAAMnP,KAASD,GACX,MAAM,IAAID,EAAyB,qBAAqBE,WAAgBD,EAASC,EAAO,WAGhG,GAAIoI,KACExC,MAAMC,QAAQuC,GAAUA,EAAS,CAACA,IAASrG,SAAShC,EAAQsI,KAC9D,MAAM,IAAIvI,EAAyB,+BAAgCC,EAAS,MAAO,gBAEvF,GAAIwI,GAAWxI,EAAQyI,MAAQD,EAC3B,MAAM,IAAIzI,EAAyB,+BAAgCC,EAAS,MAAO,gBAEvF,GAAI2I,IA/CuB0G,EAgDArP,EAAQ4I,IAhDI0G,EAgDqB,iBAAb3G,EAAwB,CAACA,GAAYA,IA/C1D,iBAAf0G,EACAC,EAAUtN,SAASqN,GAE1BxJ,MAAMC,QAAQuJ,IACPC,EAAUxN,KAAK8C,IAAI1J,UAAUwJ,IAAIW,KAAK,IAAIT,IAAIyK,OA4CrD,MAAM,IAAItP,EAAyB,+BAAgCC,EAAS,MAAO,gBAjD7D,IAACqP,EAAYC,EAmDvC,IAAIC,EACJ,cAAe5P,EAAQ6P,gBACnB,IAAK,SACDD,EAAYnG,GAAKzJ,EAAQ6P,gBACzB,MACJ,IAAK,SACDD,EAAY5P,EAAQ6P,eACpB,MACJ,IAAK,YACDD,EAAY,EACZ,MACJ,QACI,MAAM,IAAI1Q,UAAU,sCAE5B,MAAM,YAAE4Q,GAAgB9P,EAClB4N,EAAMpE,GAAMsG,GAAe,IAAIvG,MACrC,SAAqBrP,IAAhBmG,EAAQwJ,KAAqB0F,IAAuC,iBAAhBlP,EAAQwJ,IAC7D,MAAM,IAAIzJ,EAAyB,+BAAgCC,EAAS,MAAO,WAEvF,QAAoBnG,IAAhBmG,EAAQiJ,IAAmB,CAC3B,GAA2B,iBAAhBjJ,EAAQiJ,IACf,MAAM,IAAIlJ,EAAyB,+BAAgCC,EAAS,MAAO,WAEvF,GAAIA,EAAQiJ,IAAMsE,EAAMgC,EACpB,MAAM,IAAIxP,EAAyB,qCAAsCC,EAAS,MAAO,eAEjG,CACA,QAAoBnG,IAAhBmG,EAAQsJ,IAAmB,CAC3B,GAA2B,iBAAhBtJ,EAAQsJ,IACf,MAAM,IAAIvJ,EAAyB,+BAAgCC,EAAS,MAAO,WAEvF,GAAIA,EAAQsJ,KAAOiE,EAAMgC,EACrB,MAAM,IAAInP,EAAW,qCAAsCJ,EAAS,MAAO,eAEnF,CACA,GAAIkP,EAAa,CACb,MAAMQ,EAAMnC,EAAMvN,EAAQwJ,IAE1B,GAAIkG,EAAMH,GADyB,iBAAhBL,EAA2BA,EAAc9F,GAAK8F,IAE7D,MAAM,IAAI9O,EAAW,2DAA4DJ,EAAS,MAAO,gBAErG,GAAI0P,EAAM,EAAIH,EACV,MAAM,IAAIxP,EAAyB,gEAAiEC,EAAS,MAAO,eAE5H,CACA,OAAOA,CACV,ECtGD,MAIA,GAJelB,MAAOmC,EAAWgD,KAC7B,MAAM0L,EAAe,OAAO1O,EAAUE,OAAO,KAC7C,OAAO,IAAI7D,iBAAiB,EAAOgC,OAAOsQ,OAAOD,EAAc1L,KCE7D4L,GAAQ,CAACrU,EAAOsU,KAClB,GAAqB,iBAAVtU,IAAuBA,EAC9B,MAAM,IAAIiF,EAAW,GAAGqP,yBAGzBhR,eAAeiR,GAAuB1Q,EAAK2Q,GAC9C,IAAK7N,EAAS9C,GACV,MAAM,IAAIR,UAAU,yBAGxB,GADAmR,IAAoBA,EAAkB,UACd,WAApBA,GACoB,WAApBA,GACoB,WAApBA,EACA,MAAM,IAAInR,UAAU,+DAExB,IAAIoR,EACJ,OAAQ5Q,EAAIN,KACR,IAAK,KACD8Q,GAAMxQ,EAAIoD,IAAK,2BACfoN,GAAMxQ,EAAI6Q,EAAG,gCACbL,GAAMxQ,EAAI8Q,EAAG,gCACbF,EAAa,CAAExN,IAAKpD,EAAIoD,IAAK1D,IAAKM,EAAIN,IAAKmR,EAAG7Q,EAAI6Q,EAAGC,EAAG9Q,EAAI8Q,GAC5D,MACJ,IAAK,MACDN,GAAMxQ,EAAIoD,IAAK,yCACfoN,GAAMxQ,EAAI6Q,EAAG,8BACbD,EAAa,CAAExN,IAAKpD,EAAIoD,IAAK1D,IAAKM,EAAIN,IAAKmR,EAAG7Q,EAAI6Q,GAClD,MACJ,IAAK,MACDL,GAAMxQ,EAAIvE,EAAG,4BACb+U,GAAMxQ,EAAItF,EAAG,2BACbkW,EAAa,CAAEnV,EAAGuE,EAAIvE,EAAGiE,IAAKM,EAAIN,IAAKhF,EAAGsF,EAAItF,GAC9C,MACJ,IAAK,MACD8V,GAAMxQ,EAAIL,EAAG,6BACbiR,EAAa,CAAEjR,EAAGK,EAAIL,EAAGD,IAAKM,EAAIN,KAClC,MACJ,QACI,MAAM,IAAI,EAAiB,qDAEnC,MAAMkF,EAAOrH,EAAQc,OAAOgJ,KAAKC,UAAUsJ,IAC3C,OAAO,QAAgB,GAAOD,EAAiB/L,GACnD,CCLA,SAASmM,GAAuBzQ,GAC5B,MAAM4B,EAAgB5B,GAAS4B,eAAiB,KAChD,GAA6B,iBAAlBA,GAA8BA,EAAgB,KACrD,MAAM,IAAI,EAAiB,+FAE/B,OAAOA,CACX,CC/COzC,eAAe,GAAgBnC,EAAKgD,GACvC,OD+CGb,eAA+BnC,EAAKgD,GACvC,IAAIsB,EACAuB,EACJ,OAAQ7F,GACJ,IAAK,QACL,IAAK,QACL,IAAK,QACDsE,EAAY,CACRzE,KAAM,UACN0E,KAAM,OAAOvE,EAAIwE,OAAO,KACxBkP,eAAgB,IAAI/S,WAAW,CAAC,EAAM,EAAM,IAC5CiE,cAAe6O,GAAuBzQ,IAE1C6C,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,QACL,IAAK,QACL,IAAK,QACDvB,EAAY,CACRzE,KAAM,oBACN0E,KAAM,OAAOvE,EAAIwE,OAAO,KACxBkP,eAAgB,IAAI/S,WAAW,CAAC,EAAM,EAAM,IAC5CiE,cAAe6O,GAAuBzQ,IAE1C6C,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,WACL,IAAK,eACL,IAAK,eACL,IAAK,eACDvB,EAAY,CACRzE,KAAM,WACN0E,KAAM,OAAOS,SAAShF,EAAIwE,OAAO,GAAI,KAAO,IAC5CkP,eAAgB,IAAI/S,WAAW,CAAC,EAAM,EAAM,IAC5CiE,cAAe6O,GAAuBzQ,IAE1C6C,EAAY,CAAC,UAAW,YAAa,UAAW,WAChD,MACJ,IAAK,QACDvB,EAAY,CAAEzE,KAAM,QAAS6E,WAAY,SACzCmB,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,QACDvB,EAAY,CAAEzE,KAAM,QAAS6E,WAAY,SACzCmB,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,QACDvB,EAAY,CAAEzE,KAAM,QAAS6E,WAAY,SACzCmB,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,UACDvB,EAAY,CAAEzE,KAAM,WACpBgG,EAAY,CAAC,OAAQ,UACrB,MACJ,IAAK,QAAS,CACVA,EAAY,CAAC,OAAQ,UACrB,MAAMC,EAAM9C,GAAS8C,KAAO,UAC5B,OAAQA,GACJ,IAAK,UACL,IAAK,QACDxB,EAAY,CAAEzE,KAAMiG,GACpB,MACJ,QACI,MAAM,IAAI,EAAiB,8CAEnC,KACJ,CACA,IAAK,UACL,IAAK,iBACL,IAAK,iBACL,IAAK,iBAAkB,CACnBD,EAAY,CAAC,YAAa,cAC1B,MAAMC,EAAM9C,GAAS8C,KAAO,QAC5B,OAAQA,GACJ,IAAK,QACL,IAAK,QACL,IAAK,QACDxB,EAAY,CAAEzE,KAAM,OAAQ6E,WAAYoB,GACxC,MAEJ,IAAK,SACL,IAAK,OACDxB,EAAY,CAAEzE,KAAMiG,GACpB,MACJ,QACI,MAAM,IAAI,EAAiB,0GAEnC,KACJ,CACA,QACI,MAAM,IAAI,EAAiB,gEAEnC,OAAO,EAAOnD,OAAOgR,YAAYrP,EAAWtB,GAASV,cAAe,EAAOuD,EAC/E,CC5IW,CAAS7F,EAAKgD,EACzB,CCFO,MACM,GAAS;;;;;;;;;;;;;;;;;;;;ACgCf,MAAM4Q,GACG,qBADHA,GAES,2BAFTA,GAGC,oBAOP,MAAMC,GACX,WAAA/T,CAAYgU,EAAS,aAAcC,EAAY,UAAWC,EAAY,GACpE3a,KAAKya,OAASA,EACdza,KAAK0a,UAAYA,EACjB1a,KAAK2a,UAAYA,EACjB3a,KAAK4a,GAAK,IACZ,CAEA,UAAMC,GACJ,OAAO,IAAIC,QAAQ,CAACC,EAASC,KAC3B,MAAMC,EAAUC,UAAUC,KAAKnb,KAAKya,OAAQza,KAAK2a,WACjDM,EAAQG,QAAU,IAAMJ,EAAO,IAAItR,MAAM,mBAAmBuR,EAAQlF,UACpEkF,EAAQI,UAAY,KAClBrb,KAAK4a,GAAKK,EAAQrC,OAClBmC,EAAQ/a,OAEVib,EAAQK,gBAAmBC,IACzB,MAAMX,EAAKW,EAAMC,OAAO5C,OACnBgC,EAAGa,iBAAiBC,SAAS1b,KAAK0a,YACrCE,EAAGe,kBAAkB3b,KAAK0a,aAIlC,CAEA,aAAMkB,CAAQ9H,EAAItO,GAEhB,OADKxF,KAAK4a,UAAU5a,KAAK6a,OAClB,IAAIC,QAAQ,CAACC,EAASC,KAC3B,MAAMa,EAAK7b,KAAK4a,GAAGkB,YAAY9b,KAAK0a,UAAW,aAC/CmB,EAAGE,WAAa,IAAMhB,IACtBc,EAAGT,QAAU,IAAMJ,EAAO,IAAItR,MAAM,sBAAsBmS,EAAG9F,UAC7D8F,EAAGG,YAAYhc,KAAK0a,WAAWuB,IAAIzW,EAAOsO,IAE9C,CAEA,aAAMoI,CAAQpI,GAEZ,OADK9T,KAAK4a,UAAU5a,KAAK6a,OAClB,IAAIC,QAAQ,CAACC,EAASC,KAC3B,MAAMa,EAAK7b,KAAK4a,GAAGkB,YAAY9b,KAAK0a,UAAW,YAC/CmB,EAAGT,QAAU,IAAMJ,EAAO,IAAItR,MAAM,sBAAsBmS,EAAG9F,UAC7D,MAAMkF,EAAUY,EAAGG,YAAYhc,KAAK0a,WAAWhW,IAAIoP,GACnDmH,EAAQI,UAAY,IAAMN,EAAQE,EAAQrC,QAAU,OAExD,CAEA,gBAAMuD,CAAWrI,GAEf,OADK9T,KAAK4a,UAAU5a,KAAK6a,OAClB,IAAIC,QAAQ,CAACC,EAASC,KAC3B,MAAMa,EAAK7b,KAAK4a,GAAGkB,YAAY9b,KAAK0a,UAAW,aAC/CmB,EAAGE,WAAa,IAAMhB,IACtBc,EAAGT,QAAU,IAAMJ,EAAO,IAAItR,MAAM,sBAAsBmS,EAAG9F,UAC7D8F,EAAGG,YAAYhc,KAAK0a,WAAW0B,OAAOtI,IAE1C,CAEA,WAAMuI,GAEJ,OADKrc,KAAK4a,UAAU5a,KAAK6a,OAClB,IAAIC,QAAQ,CAACC,EAASC,KAC3B,MAAMa,EAAK7b,KAAK4a,GAAGkB,YAAY9b,KAAK0a,UAAW,aAC/CmB,EAAGE,WAAa,IAAMhB,IACtBc,EAAGT,QAAU,IAAMJ,EAAO,IAAItR,MAAM,sBAAsBmS,EAAG9F,UAC7D8F,EAAGG,YAAYhc,KAAK0a,WAAW2B,SAEnC,CAEA,KAAAC,GACMtc,KAAK4a,KACP5a,KAAK4a,GAAG0B,QACRtc,KAAK4a,GAAK,KAEd,EAuBF9R,eAAeyT,GAAgBC,EAASC,EAAKC,EAAKC,EAAM,MACtD,MAAMC,QAAkBpT,EAAUgT,EAAQK,WACpC7S,EAAU,CAAEyS,MAAKC,OAGvB,OAFIC,IAAK3S,EAAQ2S,IAAMA,GAEhB,IAAIlJ,GAAQzJ,GAChBuJ,cACAV,OAAOiK,OAAOC,cACd3M,mBAAmB,CAAEzJ,IAAK,QAASqS,IAAK,WAAY3P,IAAKuT,IACzDzO,KAAKqO,EAAQQ,WAClB,CAgDAlU,eAAemU,GAAcC,EAAeC,EAAQX,GAClD,MAAMY,QAAab,GAAgBC,EAASU,EAAe,QACrD/I,QAAiBC,MAAM8I,EAAe,CAC1CG,OAAQ,OACRjP,QAAS,CACP,eAAgB,oCAChB,KAAQgP,GAEVE,KAAM,IAAIC,gBAAgBJ,KAE5B,IAAKhJ,EAASqJ,GAAI,MAAM,IAAI9T,MAAM,yBAAyByK,EAASQ,UACpE,OAAOR,EAASS,MAClB,CAMA9L,eAAe2U,GAAoBC,EAAaC,EAAStL,EAAQuL,EAAUpB,GACzE,MAAMpH,EX9GD,SAA4BzB,EAAKhK,GACpC,MAAMlC,EAAM,IAAIiP,GAAa/C,EAAKhK,GAC5BkU,EAAe/U,MAAO4G,EAAiBgG,IAAUjO,EAAIgO,OAAO/F,EAAiBgG,GA8BnF,OA7BAnR,OAAO4R,iBAAiB0H,EAAc,CAClCnG,YAAa,CACThT,IAAK,IAAM+C,EAAIiQ,cACfjT,YAAY,EACZ2R,cAAc,GAElBuB,MAAO,CACHjT,IAAK,IAAM+C,EAAIkQ,QACflT,YAAY,EACZ2R,cAAc,GAElBwB,OAAQ,CACJpS,MAAO,IAAMiC,EAAImQ,SACjBnT,YAAY,EACZ2R,cAAc,EACdC,UAAU,GAEdyH,UAAW,CACPpZ,IAAK,MAAQ+C,EAAIoQ,cACjBpT,YAAY,EACZ2R,cAAc,GAElBhB,KAAM,CACF5P,MAAO,IAAMiC,EAAIgQ,QAAQrC,OACzB3Q,YAAY,EACZ2R,cAAc,EACdC,UAAU,KAGXwH,CACX,CW6EeE,CAAmB,IAAIpH,IAAIgH,KAClC,QAAE3T,SCpNHlB,eAAyBkV,EAAK3Z,EAAKsF,GACtC,MAAM8O,QAAiBF,GAAcyF,EAAK3Z,EAAKsF,GAC/C,GAAI8O,EAAS/I,gBAAgBE,MAAM5D,SAAS,SAA2C,IAAjCyM,EAAS/I,gBAAgBe,IAC3E,MAAM,IAAIjG,EAAW,uCAEzB,MACMoO,EAAS,CAAE5O,QADD,GAAWyO,EAAS/I,gBAAiB+I,EAASzO,QAASL,GAC7C+F,gBAAiB+I,EAAS/I,iBACpD,MAAmB,mBAARrL,EACA,IAAKuU,EAAQvU,IAAKoU,EAASpU,KAE/BuU,CACX,CDyM4BqF,CAAUP,EAAatI,EAAM,CACrD/C,SACAM,SAAU,UAINuL,QAAmBnE,SAA6BvQ,EAAUgT,EAAQK,YACxE,GAAI7S,EAAQmU,KAAKC,MAAQF,EACvB,MAAM,IAAIxU,MAAM,4BAIlB,GAAIM,EAAQqU,YAAcT,EACxB,MAAM,IAAIlU,MAAM,sBAGlB,OAAOM,CACT,CAuCO,MAAM,WAAgBsU,YAC3B,WAAA7X,CAAYkD,EAAU,CAAC,GACrBC,QACA5J,KAAK4d,SAAWjU,EAAQiU,UAAY,KACpC5d,KAAKue,SAAW5U,EAAQ4U,UAAY,IAAI/D,GACxCxa,KAAKwe,cAAgB7U,EAAQ6U,eAAiB,KAC9Cxe,KAAKye,oBAAsB9U,EAAQ8U,qBAAuB,KAC1Dze,KAAK0e,aAAe/U,EAAQ+U,cAAgB,KAG5C1e,KAAK2e,WAAY,EACjB3e,KAAK4e,OAAS,KACd5e,KAAK6e,KAAO,KACZ7e,KAAK8e,KAAO,KACZ9e,KAAK+e,QAAU,KACf/e,KAAKgf,YAAc,KACnBhf,KAAKif,gBAAkB,KAGnBjf,KAAKwe,eACPxe,KAAKkf,iBAAiB3E,GAA4Bva,KAAKwe,eAErDxe,KAAKye,qBACPze,KAAKkf,iBAAiB3E,GAAkCva,KAAKye,qBAE3Dze,KAAK0e,cACP1e,KAAKkf,iBAAiB3E,GAA0Bva,KAAK0e,aAEzD,CAMA,YAAIS,GAAa,OAAOnf,KAAK2e,SAAU,CACvC,SAAIS,GAAU,OAAOpf,KAAK4e,MAAO,CAEjC,SAAAS,GACE,OAAKrf,KAAK6e,MACH5N,KAAKC,MAAMgC,KAAKqE,MAAQ,MAASvX,KAAK6e,IAC/C,CAEA,YAAAS,GACE,OAAKtf,KAAK6e,KACH7e,KAAK6e,KAAO5N,KAAKC,MAAMgC,KAAKqE,MAAQ,MADnB,CAE1B,CAKA,WAAMgI,CAAMC,EAAKC,GAEf,MAAMC,EAAc,IAAI/I,IAAI8I,GACtBE,EAAoBD,EAAYE,OAASF,EAAYG,SAAWH,EAAYI,OAG5EC,QApKVjX,eAA4B0W,GAC1B,MAAMI,EAAS,IAAIjJ,IAAI6I,GAAKI,OACtBzL,QAAiBC,MAAM,GAAGwL,sCAChC,IAAKzL,EAASqJ,GAAI,MAAM,IAAI9T,MAAM,0BAA0ByK,EAASQ,UACrE,OAAOR,EAASS,MAClB,CA+JyBoL,CAAaR,GAG5BnN,EAAS0N,EAAO1N,OAChB4N,EAAa3H,GAAMA,EAAE4H,SAAS,KAAO5H,EAAEnN,MAAM,GAAI,GAAKmN,EAC5D,GAAI2H,EAAUT,KAASS,EAAU5N,GAC/B,MAAM,IAAI3I,MAAM,oBAAoB2I,SAAcmN,KAIpDW,eAAevE,QAAQ,iBAAkBvJ,GACzC8N,eAAevE,QAAQ,4BAA6BmE,EAAOK,gBAC3DD,eAAevE,QAAQ,sBAAuBmE,EAAOM,UAGrD,IAAIzC,EAAW5d,KAAK4d,SACpB,IAAKA,EAAU,CAEbA,SA3KN9U,eAA8BwX,EAAsBC,GAClD,MAAMpM,QAAiBC,MAAMkM,EAAsB,CACjDjD,OAAQ,OACRjP,QAAS,CAAE,eAAgB,oBAC3BkP,KAAM5M,KAAKC,UAAU,CACnB6P,iBAAkB,MAClBC,cAAeF,EACfG,2BAA4B,OAC5BC,YAAa,CAAC,qBAAsB,iBACpCC,eAAgB,CAAC,QACjBC,MAAO,kCAGX,IAAK1M,EAASqJ,GAAI,MAAM,IAAI9T,MAAM,+BAA+ByK,EAASQ,UAC1E,OAAOR,EAASS,MAClB,CA2JiCkM,CAAef,EAAOgB,sBAAuB,CAACpB,KACjDtB,UACxB8B,eAAevE,QAAQ,uBAAwBgC,EACjD,CAGA,MAAMoD,QArOVlY,iBACE,MAAMmY,EAAWnE,OAAOC,aAAe,IAAMD,OAAOC,aAC9CnD,EAAS,IAAItS,iBACXwV,OAAOxT,OAAOsQ,OAAO,WAAW,IAAI/S,aAAca,OAAOuZ,KAMjE,MAAO,CAAEA,WAAUC,UAJD/Y,KAAKJ,OAAOC,gBAAgB4R,IAC3CvR,QAAQ,MAAO,KACfA,QAAQ,MAAO,KACfA,QAAQ,MAAO,IAEpB,CA2NuB8Y,GACnBhB,eAAevE,QAAQ,2BAA4BoF,EAAKC,UAGxD,MAAMG,EAAYtE,OAAOC,aACzBoD,eAAevE,QAAQ,kBAAmBwF,GAG1C,MAAMC,EAAU,IAAI1K,IAAIoJ,EAAOuB,wBAC/BD,EAAQE,aAAa9Z,IAAI,gBAAiB,QAC1C4Z,EAAQE,aAAa9Z,IAAI,eAAgBkY,GACzC0B,EAAQE,aAAa9Z,IAAI,QAAS,+BAClC4Z,EAAQE,aAAa9Z,IAAI,YAAamW,GACtCyD,EAAQE,aAAa9Z,IAAI,wBAAyB,QAClD4Z,EAAQE,aAAa9Z,IAAI,iBAAkBuZ,EAAKE,WAChDG,EAAQE,aAAa9Z,IAAI,QAAS2Z,GAClCC,EAAQE,aAAa9Z,IAAI,SAAU,WAGnC1C,OAAOyc,SAASnN,KAAOgN,EAAQjV,UACjC,CAKA,6BAAMqV,GACJ,MAAM9N,EAAM,IAAIgD,IAAI5R,OAAOyc,SAASnN,MAC9BxK,EAAO8J,EAAI4N,aAAa7c,IAAI,QAGlC,IAAKmF,EAAM,OAGX,MAAM2V,EAAMW,eAAejE,QAAQ,kBAC7B5J,EAAMqB,EAAI4N,aAAa7c,IAAI,OACjC,IAAK8a,GAAOlN,IAAQkN,EAClB,MAAM,IAAI9V,MAAM,oBAAoB4I,SAAWkN,KAIjD,MAAMkC,EAAOvB,eAAejE,QAAQ,mBACpC,GAAIvI,EAAI4N,aAAa7c,IAAI,WAAagd,EACpC,MAAM,IAAIhY,MAAM,uBAIlBiK,EAAI4N,aAAanF,OAAO,QACxBzI,EAAI4N,aAAanF,OAAO,OACxBzI,EAAI4N,aAAanF,OAAO,SACxBrX,OAAO4c,QAAQC,aAAa,CAAC,EAAGC,SAASC,MAAOnO,EAAIvH,YAGpD,MAAM2V,EAAe5B,eAAejE,QAAQ,4BACtCgB,EAAgBiD,eAAejE,QAAQ,6BACvCyB,EAAUwC,eAAejE,QAAQ,uBACjC0B,EAAW5d,KAAK4d,UAAYuC,eAAejE,QAAQ,wBAEzD,IAAK6F,IAAiB7E,IAAkBU,EACtC,MAAM,IAAIlU,MAAM,wBAIlB,MAAM8S,QAAgB,GAAgB,SAGhCwF,QAAe/E,GAAcC,EAAe,CAChD+E,WAAY,qBACZpY,OACAqY,cAAeH,EACfI,aAAcxO,EAAIiM,OAASjM,EAAIkM,SAC/BxB,UAAWT,GACVpB,SAGGiB,GAAoBuE,EAAOI,aAAczE,EAAS6B,EAAK5B,EAAUpB,GAGvExc,KAAKgf,YAAc,CAAEQ,MAAK7B,UAAST,uBAG7Bld,KAAKue,SAAS1D,aACdC,QAAQuH,IAAI,CAChBriB,KAAKue,SAAS3C,QAAQ,MAAO4D,GAC7Bxf,KAAKue,SAAS3C,QAAQ,WAAY+B,GAClC3d,KAAKue,SAAS3C,QAAQ,iBAAkBsB,GACxCld,KAAKue,SAAS3C,QAAQ,YAAagC,GACnC5d,KAAKue,SAAS3C,QAAQ,eAAgBY,GACtCxc,KAAKue,SAAS3C,QAAQ,gBAAiBoG,EAAOM,iBAEhDtiB,KAAKue,SAASjC,QAGd6D,eAAeoC,WAAW,kBAC1BpC,eAAeoC,WAAW,6BAC1BpC,eAAeoC,WAAW,uBAC1BpC,eAAeoC,WAAW,wBAC1BpC,eAAeoC,WAAW,4BAC1BpC,eAAeoC,WAAW,yBAGpBviB,KAAKwiB,WAAW,IAAKR,EAAQS,cAAejG,IAClDxc,KAAK0iB,sBACP,CAKA,aAAMC,GACJ,OAAI3iB,KAAKif,kBAETjf,KAAKif,gBAAkB,WACrB,IACE,MAAM+C,QAhOdlZ,eAA6ByV,SACrBA,EAAS1D,OAEf,MAAO+H,EAAc1F,EAAeU,EAAUpB,SAAiB1B,QAAQuH,IAAI,CACzE9D,EAASrC,QAAQ,iBACjBqC,EAASrC,QAAQ,kBACjBqC,EAASrC,QAAQ,aACjBqC,EAASrC,QAAQ,kBAGnB,KAAK0G,GAAiB1F,GAAkBU,GAAapB,GACnD,MAAM,IAAI9S,MAAM,wBAGlB,MAAMsY,QAAe/E,GAAcC,EAAe,CAChD+E,WAAY,gBACZK,cAAeM,EACfvE,UAAWT,GACVpB,GAQH,OALIwF,EAAOM,qBACH/D,EAAS3C,QAAQ,gBAAiBoG,EAAOM,eAGjD/D,EAASjC,QACF,IAAK0F,EAAQS,cAAejG,EACrC,CAqM6BqG,CAAc7iB,KAAKue,gBAClCve,KAAKwiB,WAAWR,GACtBhiB,KAAK0iB,sBACP,CAAE,MAAO3M,GAQP,MAPI/V,KAAK2e,YACF3e,KAAKqf,YAGRrf,KAAK8iB,sBAFL9iB,KAAK+iB,8BAKHhN,CACR,CAAE,QACA/V,KAAKif,gBAAkB,IACzB,CACD,EAjBsB,IAFUjf,KAAKif,eAsBxC,CAKA,YAAM+D,GACJhjB,KAAK2e,WAAY,EACjB3e,KAAK4e,OAAS,KACd5e,KAAK6e,KAAO,KACZ7e,KAAK8e,KAAO,KACZ9e,KAAK+e,QAAU,KACf/e,KAAKgf,YAAc,WAEbhf,KAAKue,SAAS1D,aACd7a,KAAKue,SAASlC,QACpBrc,KAAKue,SAASjC,QAEdtc,KAAK0iB,sBACP,CAKA,eAAMO,CAAUtb,EAAOkT,EAAO,CAAC,GAE7B,IAAK7a,KAAK2e,UACR,OAAOvK,MAAMzM,EAAOkT,GAStB,IAAIlH,EAAK0J,EAAQjP,EALbpO,KAAKqf,mBACDrf,KAAK2iB,UAKThb,aAAiBub,SACnBvP,EAAM,IAAIgD,IAAIhP,EAAMgM,KACpB0J,EAASxC,EAAKwC,QAAU1V,EAAM0V,QAAU,MACxCjP,EAAU,IAAI4J,QAAQrQ,EAAMyG,WAE5BuF,EAAM,IAAIgD,IAAIhP,EAAMyE,YACpBiR,EAASxC,EAAKwC,QAAU,MACxBjP,EAAUyM,EAAKzM,QAAU,IAAI4J,QAAQ6C,EAAKzM,SAAW,IAAI4J,SAI3D,MAAMoF,QAAab,GACjBvc,KAAK+e,QAAQ0D,cACb,GAAG9O,EAAIiM,SAASjM,EAAIkM,WACpBxC,EAAO8F,cACPnjB,KAAK8e,MAQP,OAJA1Q,EAAQ3G,IAAI,OAAQ2V,GACpBhP,EAAQ3G,IAAI,gBAAiB,QAAQzH,KAAK+e,QAAQqD,gBAG9Cza,aAAiBub,QACZ9O,MAAM,IAAI8O,QAAQvb,EAAO,IAAKkT,EAAMzM,aAEtCgG,MAAMT,EAAK,IAAKkH,EAAMzM,WAC/B,CAMA,gBAAMoU,CAAWR,GACfhiB,KAAK+e,QAAUiD,EAEf,MAAMoB,EEpiBH,SAAmBpF,GACtB,GAAmB,iBAARA,EACP,MAAM,IAAIxT,EAAW,iEACzB,MAAQ,EAAGR,EAAO,OAAE5D,GAAW4X,EAAIxF,MAAM,KACzC,GAAe,IAAXpS,EACA,MAAM,IAAIoE,EAAW,4DACzB,GAAe,IAAXpE,EACA,MAAM,IAAIoE,EAAW,eACzB,IAAKR,EACD,MAAM,IAAIQ,EAAW,+BACzB,IAAI4Y,EAOAxK,EANJ,IACIwK,EAAU,GAAUpZ,EACxB,CACA,MACI,MAAM,IAAIQ,EAAW,yCACzB,CAEA,IACIoO,EAASlI,KAAKwE,MAAMpO,EAAQwB,OAAO8a,GACvC,CACA,MACI,MAAM,IAAI5Y,EAAW,8CACzB,CACA,IAAK2B,EAASyM,GACV,MAAM,IAAIpO,EAAW,0BACzB,OAAOoO,CACX,CFygBoByK,CAAUrB,EAAOI,cACjC,IAAKgB,EAAQE,MAAO,MAAM,IAAI5Z,MAAM,uBACpC,IAAK0Z,EAAQ9P,IAAK,MAAM,IAAI5J,MAAM,qBAElC1J,KAAK8e,WAvZThW,eAA0B4U,GACxB,MAAMzP,GAAO,IAAIpH,aAAca,OAAOgW,GAChC6F,QAAmBzG,OAAOxT,OAAOsQ,OAAO,UAAW3L,GACnDuV,EAAY3T,MAAM4T,KAAK,IAAInc,WAAWic,IAC5C,OAAOpb,KAAKJ,OAAOC,gBAAgBwb,IAChCnb,QAAQ,MAAO,KACfA,QAAQ,MAAO,KACfA,QAAQ,MAAO,GACpB,CA+YsBqb,CAAW1B,EAAOI,cACpCpiB,KAAK4e,OAASwE,EAAQE,MACtBtjB,KAAK6e,KAAOuE,EAAQ9P,IACpBtT,KAAK2e,WAAY,CACnB,CAEA,oBAAA+D,GACE1iB,KAAK2jB,cAAc,IAAIC,YAAYrJ,GAA4B,CAC7DsJ,OAAQ,CAAE1E,SAAUnf,KAAK2e,UAAWS,MAAOpf,KAAK4e,UAEpD,CAEA,0BAAAmE,GACE/iB,KAAK2jB,cAAc,IAAIC,YAAYrJ,GAAkC,CACnEsJ,OAAQ,CAAEC,WAAY9jB,KAAKsf,kBAE/B,CAEA,mBAAAwD,GACE9iB,KAAK2jB,cAAc,IAAIC,YAAYrJ,IACrC,EAOF,MGtjBawJ,GACO,iBADPA,GAEJ,QAFIA,GAGH,SAHGA,GAIM,iBAJNA,GAKJ,QAWT,MAAMC,GAAN,cACU,KAAAC,UAA6C,IAAIjU,GAgB3D,CAdE,EAAAkU,CAAG3I,EAAe4I,GACXnkB,KAAKikB,UAAUvV,IAAI6M,IACtBvb,KAAKikB,UAAUxc,IAAI8T,EAAO,IAAI3M,KAEhC5O,KAAKikB,UAAUvf,IAAI6W,GAAQ5M,IAAIwV,EACjC,CAEA,GAAAC,CAAI7I,EAAe4I,G,MACQ,QAAzB,EAAAnkB,KAAKikB,UAAUvf,IAAI6W,UAAM,SAAEa,OAAO+H,EACpC,CAEA,IAAAE,CAAK9I,KAAkB9V,G,MACI,QAAzB,EAAAzF,KAAKikB,UAAUvf,IAAI6W,UAAM,SAAE+I,QAAQC,GAAMA,KAAM9e,GACjD,EAmCK,MAAM+e,GAKX,WAAA/d,CAAYkD,GACV3J,KAAKykB,SAAW,IAAI,GAAiB,CACnC7G,SAAUjU,aAAO,EAAPA,EAASiU,SACnBW,SAAU,IAAI/D,GACdgE,cAAgBjD,IACd,MAAMsI,EAAUtI,EAAsBsI,QAClCA,aAAM,EAANA,EAAQ1E,WACVnf,KAAK0kB,QAAQL,KAAKN,IAClB/jB,KAAK0kB,QAAQL,KAAKN,GAAyBhf,OAAOyc,SAASnN,OAE3DrU,KAAK0kB,QAAQL,KAAKN,KAGtBrF,aAAc,KACZ1e,KAAK0kB,QAAQL,KAAKN,OAGtB/jB,KAAK0kB,QAAU,IAAIV,GACnBhkB,KAAK2kB,WAAa7H,OAAOC,YAC3B,CAKA,UAAI6H,GACF,OAAO5kB,KAAK0kB,OACd,CAKA,QAAIG,G,MACF,MAAO,CACLC,WAAY9kB,KAAKykB,SAAStF,SAC1BC,MAA0B,QAAnB,EAAApf,KAAKykB,SAASrF,aAAK,aAAIvb,EAC9BkhB,UAAW/kB,KAAK2kB,WAChBK,eAAgBhlB,KAAKykB,SAAStF,SAC1BjM,KAAKqE,MAAwC,IAA/BvX,KAAKykB,SAASnF,oBAC5Bzb,EAER,CAKA,4BAAMohB,CAAuBtb,GAE3B,MAAMub,EAAiD,iBAAZvb,EACvC,CAAEgK,IAAKhK,GACPA,QAAAA,EAAW,CAAC,EAEhB,IAKE,SAHM3J,KAAKykB,SAAShD,2BAGfzhB,KAAKykB,SAAStF,WAA4C,IAAhC+F,EAAKC,uBAClC,UACQnlB,KAAKykB,SAAS9B,SACtB,CAAE,MAEF,CAGF,OAAO3iB,KAAK6kB,IACd,CAAE,MAAO9O,GAEP,YADA/V,KAAK0kB,QAAQL,KAAKN,GAAchO,EAElC,CACF,CAKA,WAAMwJ,CAAM5V,GACV,MAAM+V,EAAc/V,EAAQ+V,aAAe3a,OAAOyc,SAASnN,WACrDrU,KAAKykB,SAASlF,MAAM5V,EAAQyb,WAAY1F,EAChD,CAKA,YAAMsD,SACEhjB,KAAKykB,SAASzB,QACtB,CAKA,WAAM5O,CAAMT,EAAwBkH,GAClC,OAAO7a,KAAKykB,SAASxB,UAAUtP,EAAekH,EAChD,EAGF,MCrLawK,GAAc,IAAIb,G,wBCExB,MAAM,G,OAAK,GAAe,ICCpBc,IAAW,KAAAC,KACpB,sDAGG,SAASC,GAAeC,GAE3B,MAAMC,EAAK,GAsGX,SAASC,EACTC,EACAC,EACAC,EACAnc,EAGQ,CAAC,GAEL,MAAMoc,EAAYpc,EAAQqc,QAAU,GAC9BrhB,GAAI,KAAAshB,SACJC,GAAO,KAAAC,WAAU,kCACvB,IAAIhiB,EAAIQ,EAAE4gB,IAAI,GAAGO,QACjB,MAAM3lB,EAAMwE,EAAE4gB,IAAIO,GACZM,EAAMzhB,EAAE4gB,IAAIK,GAWlB,GAVAjhB,EAAEgK,IAAIxK,EAAGuhB,EAAGxjB,IAAI,QAASgkB,EAAK,iBAAkB/lB,GAChDwE,EAAEgK,IAAIxK,EAAG+hB,EAAK,YAAaE,EAAKjmB,GAC5BwJ,EAAQ0c,eACR1hB,EAAEgK,IAAIxK,EAAG+hB,EAAK,WAAYE,EAAKjmB,GAEnCwE,EAAEgK,IAAIxK,EAAG+hB,EAAK,SAAUL,EAAI1lB,GAC5BwE,EAAEgK,IAAIxK,EAAG+hB,EAAK,QAASA,EAAK,QAAS/lB,GACrCwE,EAAEgK,IAAIxK,EAAG+hB,EAAK,QAASA,EAAK,SAAU/lB,GACtCwE,EAAEgK,IAAIxK,EAAG+hB,EAAK,QAASA,EAAK,WAAY/lB,GAEpC4lB,EAAU3f,OAAQ,CAClBjC,EAAIQ,EAAE4gB,IAAI,GAAGO,QACbnhB,EAAEgK,IAAIxK,EAAGuhB,EAAGxjB,IAAI,QAASgkB,EAAK,iBAAkB/lB,GAChDwE,EAAEgK,IAAIxK,EAAG+hB,EAAK,YAAaE,EAAKjmB,GAChCwE,EAAEgK,IAAIxK,EAAG+hB,EAAK,cAAeR,EAAG5kB,KAAK,SAAUX,GAC/C,IAAK,IAAIwN,EAAI,EAAGA,EAAIoY,EAAU3f,OAAQuH,IACtChJ,EAAEgK,IAAIxK,EAAG+hB,EAAK,QAASA,EAAKH,EAAUpY,IAAKxN,EAE/C,CACA,OAAO,KAAAmmB,WAAUnmB,EAAKwE,EAAGmhB,EAC7B,CACA,MAAO,CACHS,cAzIJzd,eAA6B6K,SACnB8R,EAAMe,QAAQC,KAAK9S,GACzB,MAAM+S,EAAUjB,EAAMkB,IAAIhT,EAAK2R,IAC/B,IAAKoB,EACD,MAAM,IAAIhd,MAAM,8BAA8BiK,KAElD,OAAO+S,EAAQlhB,KACnB,EAmIIohB,iBArHJ,SACAhB,EACAC,EACAlc,GAKA,MAAMkd,EAASpB,EAAMkB,IACjBlB,EAAMF,IAAIK,GACVN,IAGJ,OAAOxK,QAAQC,UACV7C,KAAK,IACF2O,GAgCR,SAAsBjB,GAClB,MAAMY,EAAUf,EAAMe,QACtB,IAAKA,EACD,MAAM,IAAI9c,MAAM,8CAGpB,OAAO8c,EAAQC,KAAKb,GAAQ1N,KAAKU,IAC7B,IAAKA,EAAO4E,GACR,MAAM,IAAI9T,MAAM,8BAAiCkP,EAAe7C,OAGpE,MAAM8Q,EAASpB,EAAMkB,IACrBlB,EAAMF,IAAIK,GACVN,IAGA,IAAKuB,EACL,MAAM,IAAInd,MAAM,2CAA6Ckc,GAG7D,OAAOiB,GAEf,CAlDWC,CAAYlB,GAAQpR,MAAMC,IAC7B,MAAM,IAAI/K,MAAM,qCAAqCkc,MAAWnR,QAGnEyD,KAAK2O,IACN,MAAME,EAAUpB,EAAWC,EAAQC,EAAIgB,EAAOG,IAAKrd,GACnD,IAAK8b,EAAMe,QACP,MAAM,IAAI9c,MAAM,yCAEpB,OAAO+b,EAAMe,QACRS,aAAa,MAAOJ,EAAOG,IAAK,CACjC/Y,KAAM8Y,EACNG,YAAa,gBAEZhP,KAAKU,IACN,IAAKA,EAAO4E,GACR,MAAM,IAAI9T,MAAM,2BAA6BkP,EAAO7C,OAGxD,OAAO8Q,KAGf,EA6EIlB,aAER,CCjJO,MAAMwB,GAAa,KACtB,IAAI,gBAAEC,GAAyBriB,OAG/B,GAFAqiB,IAAAA,EAAoB,CAAC,GACrBA,EAAgBC,mBAAoB,EAChCD,EAAgBE,QAAUviB,OAAO8c,SAAU,CAE3C,GADoB9c,OAAO8c,SAASL,SAASnN,KAC7B/I,WAAW8b,EAAgBE,QAAS,CACpDF,EAAgBC,mBAAoB,EACpC,MAAMlK,EAAS,IAAII,gBAAgBxY,OAAO8c,SAASL,SAAS1B,QAC5D,GAAI3C,EAAQ,CACR,IAAIoK,EAAaH,EAAgBG,WAAapK,EAAOzY,IAAI,QAAU,KACnE,GAAI6iB,IACJA,EAAaC,UAAUD,IAClBA,EAAWjc,WAAW8b,EAAgBE,SAAS,CAChD,MAAMG,EAAMF,EAAW/O,MAAM,MAC7B4O,EAAgB5H,IAAMiI,EAAI,GAAK,KAAOA,EAAI,GAC1CL,EAAgBC,mBAAoB,CACxC,CAEJ,CACA,CACJ,CACA,OAAOD,GAUJ,SAASM,KACZ,MAAM,sBAAEC,GAA+B5iB,OACvC,QACmC,IAA1B4iB,GACPA,EAAsBC,SAItB,OADA,EAAU,wBAA0BD,EAAsBC,WACnD,KAAArC,KAAIoC,EAAsBC,UAInC,GACsB,oBAAb/F,UACPA,SAASL,UACiC,sBAAzC,GAAKK,SAASL,UAAUrW,MAAM,EAAG,IAClC,CACA,MAAM0c,EAAMhG,SAASiG,eAAe,aACpC,IAAKD,EAAK,OAAO,KACjB,MAAM/T,EAAK+T,EAAIE,aAAa,UAC5B,OAAKjU,GACL,EAAU,oBAAsBA,IACzB,KAAAyR,KAAIzR,IAFK,IAGlB,CACA,OAAO,IACX,CC5DO,MAAMkU,GAGX,WAAAvhB,CAAYwhB,GACVjoB,KAAKkoB,QAAUD,CACjB,CAGA,eAAI5C,GAAwB,OAAOrlB,KAAKkoB,OAAQ,CAEhD,WAAAC,GACE,MAAMC,EAAMjB,KACZ,OAAIiB,EAAIf,mBACC,KAAA9B,KAAI6C,EAAIhJ,OAEbpf,MAAQA,KAAKkoB,SAAWloB,KAAKkoB,QAAQrD,MAAQ7kB,KAAKkoB,QAAQrD,KAAKzF,OAASpf,KAAKkoB,QAAQrD,KAAKC,YACrF,KAAAS,KAAIvlB,KAAKkoB,QAAQrD,KAAKzF,OAExBsI,IACT,CASA,eAAMW,CACJC,GAGA,MAAMC,EAAuB,IAAI5R,IAAI5R,OAAOyc,SAASnN,MAAMnJ,KACvDqd,GACFxjB,OAAOyjB,aAAa5M,QAAQ,uBAAwB2M,GAEtDvoB,KAAKkoB,QAAQtD,OAAOV,GAAGH,GAA0BpQ,IAC/C,EAAU,uBAAuBA,KAC7BkO,SAASL,SAASpV,aAAeuH,GAAKgO,QAAQC,aAAa,KAAM,GAAIjO,KAM3E,MAAM+L,EAAc,IAAI/I,IAAI5R,OAAOyc,SAASnN,MAC5CqL,EAAYxU,KAAO,SACblL,KAAKkoB,QACRjD,uBAAuB,CACtBE,wBAAwB,EACxBxR,IAAK+L,EAAYrL,OAIrB,MAAMoU,EAAwB1jB,OAAOyjB,aAAatM,QAAQ,wBAC1D,GAAIuM,EAAuB,CACzB,MAAMC,EAAS,IAAI/R,IAAI5R,OAAOyc,SAASnN,MACnCqU,EAAOxd,OAASud,IACd9G,QAAQgH,UAEVhH,QAAQgH,UAAU,KAAM9G,SAASC,MAAO2G,GAGxCjH,SAAStW,KAAOud,EAElBC,EAAOxd,KAAOud,GAIhB1jB,OAAOyjB,aAAa5M,QAAQ,uBAAwB,GACtD,CAGA,IAAIiK,EAAK6B,KACT,GAAI7B,EACF,OAAO/K,QAAQC,QAAQuN,EAAkBA,EAAgBzC,GAAMA,GAGjE,MAAMzG,EAAQpf,KAAK4oB,iBAAiB5oB,KAAKkoB,QAAQrD,MASjD,OARIzF,IACFyG,EAAK7lB,KAAK6oB,SAASzJ,IAGjByG,GACF,EAAU,iBAAiBA,wBAGtB/K,QAAQC,QAAQuN,EAAkBA,EAAgBzC,GAAMA,EACjE,CASA,QAAAgD,CACEzJ,EACA0J,GAEA,IAAIC,EACJ,GAAI3J,EAAO,CACT2J,EAA6B,iBAAV3J,EAAsBA,EAAQA,EAAM4H,IACvD,MAAMnB,GAAK,KAAA1iB,WAAU4lB,GAIrB,OAHID,IACFA,EAAQjD,GAAKA,GAERA,CACT,CACA,OAAO,IACT,CAKA,gBAAA+C,CAAkBV,GAEhB,OADcA,aAAO,EAAPA,EAAS9I,QAAS8I,EAAQpD,WAAaoD,EAAQ9I,MAAQ,IAEvE,EC1HK,SAAS4J,GAAS5C,GACrB,OAAO,KAAAb,KAAIa,EAAIY,IAAJZ,MAA6BlT,KAAKqE,MACjD,CAmBO,SAAS0R,GAAgB7C,GAC5B,OAAKA,GAID,GAAGrhB,OAAOyc,SAAS5B,YAAc,IAAIjJ,IAAIyP,EAAI5gB,OAAOoa,MAE5D,CCzBA,MAAMsJ,GAA6B,iBAE5B,SAASC,GAAgB1D,EAAO2D,GACnC,MAAM1D,EAAK,GAEX5c,eAAeugB,EACXC,EACAzD,EACA0D,SAKM9D,EAAMe,QAAQC,KAAK6C,GAGzB,MAAME,EAAa/D,EAAMkB,IACrB2C,EACA,IAAI,GAAAG,UAAU,uDAElB,IAAKD,EACD,MAAM,IAAI9f,MAAM,2BAGpB,MAAMggB,EAAU,gJAIC7D,EAAGrgB,mOAOH+jB,EAAQ/jB,wJAMnBigB,EAAMe,QAAQS,aAAa,MAAOuC,EAAWhkB,MAAO,CACtDyI,KAAMyb,EACNxC,YAAa,eAErB,CAEApe,eAAe6gB,EAAsBC,EAAW/D,GAE5C,MAAMgE,EAAmBpE,EAAMkB,IAC3Bd,EACAH,EAAGjjB,MAAM,qBAEb,IAAKonB,EACD,MAAM,IAAIngB,MAAM,uCAEd+b,EAAMe,QAAQC,KAAKoD,GACzB,MAAMC,EAAMd,GAASa,GACfE,EAAM,EACR,KAAAC,IACIF,EACApE,EAAGxjB,IAAI,QACPwjB,EAAGjjB,MAAM,oBACTonB,EAAiBzD,QAErB,KAAA4D,IACIF,EACApE,EAAGjjB,MAAM,YACTijB,EAAGlkB,QAAQ,YACXqoB,EAAiBzD,QAErB,KAAA4D,IAAGF,EAAKpE,EAAGjjB,MAAM,YAAamnB,EAAWC,EAAiBzD,cAExD,IAAItL,QAAQ,CAACC,EAASC,KACxByK,EAAMwE,QAAQC,OAAO,GAAIH,EAAK,SAAUI,EAAM3M,EAAI4M,GACzC5M,EAGDzC,EAAQ,MAFRC,EAAO,IAAItR,MAAM0gB,GAIzB,IAER,CAEAthB,eAAeuhB,EAASd,GACpB,MAAM1D,QAAWuD,EAAakB,SAExBhB,EDpDP,SACHC,EACAgB,GAIA,MAAMC,EAAmB,IAAI7T,IACzB,mBAAmB,IAAIA,IAAI4S,EAAQ/jB,OAAOilB,QAC1CF,EAAQ/kB,OACV4G,WACF,OAAO,IAAI,GAAAqd,UAAUe,EACzB,CCyC8BE,CAAuBnB,QADvBH,EAAauB,WAAW9E,IAE9C,IAAI+E,GAAS,EACb,UACUnF,EAAMe,QAAQC,KAChB,IAAI,GAAAgD,UAAUH,EAAc9jB,MAAQ,kBAE5C,CAAE,MAAOV,GACL8lB,GAAS,CACb,CACA,MAAO,CAAE/E,KAAIyD,gBAAesB,SAChC,CAEA9hB,eAAe+hB,EACXvB,EACAzD,GAMA,aAJsBiF,EAAQ,CAC1BjF,KACAkF,QAASzB,EAAc9jB,SAEZwlB,WACnB,CAEA,SAASF,EAAQG,GACb,MAAMC,EAAKzF,EACLwE,EAAUiB,EAAGjB,QACnB,GAAIgB,EAAepF,KAAOoF,EAAepF,GAAGmB,IACxC,MAAM,IAAItd,MAAM,iCAAmCuhB,EAAepF,IAGtE,MAAMmF,EAAeC,EAAeD,YAChCC,EAAeD,aACfE,EAAG3F,IAAI0F,EAAeF,QAAU7B,IAC9BiC,EAAaH,EAAY5E,MAmB/B,OAjBA8E,EAAGvc,IACCqc,EACAtF,EAAGxjB,IAAI,QACPwjB,EAAGlkB,QAAQ,YACX2pB,GAEJD,EAAGvc,IAAIqc,EAAatF,EAAG/kB,GAAG,SAAU,eAAgBwqB,GACpDD,EAAGvc,IACCqc,EACAtF,EAAG/kB,GAAG,YACN,KAAAyqB,MAAW,IAAIlY,KAAKA,KAAKqE,QACzB4T,GAEAF,EAAepF,IACfqF,EAAGvc,IAAIqc,EAAatF,EAAG/kB,GAAG,UAAWsqB,EAAepF,GAAIsF,GAGrD,IAAIrQ,QAAQ,SAAUC,EAASC,GAClCiP,SAAAA,EAAShO,IACLkP,EACAD,EAAGG,wBAAmBxnB,OAAWA,OAAWA,EAAWsnB,GACvD,cACA,SAAUG,EAAM9N,EAAI1X,GACZ0X,EACAzC,EAAQ,IACDkQ,EACHD,gBAGJhQ,EACI,IAAItR,MACA,uCAAyC4hB,EAAO,MAAQxlB,GAIxE,EAER,EACJ,CA2BAgD,eAAeyiB,EAAWhC,EAAoBK,G,YACpCnE,EAAMe,QAAQC,KAAK8C,EAAQnD,OACjC,MAAMoF,EAAe/F,EAAMkB,IACvB4C,EACA7D,EAAGrkB,IAAI,cACPwC,EACA0lB,EAAQnD,OAEZ,IAAKoF,EACD,MAAM,IAAI9hB,MAAM,4BAA4B6f,EAAQ/jB,SAExD,MAAMimB,EAAa,+EAEjB/F,EAAGxjB,IAAI,eAAe0nB,EAAUpkB,qBAG5BkmB,QAAoC,QAAb,EAAAjG,EAAMe,eAAO,eAAES,aACxC,OACAuE,EAAahmB,MACb,CACIyI,KAAMwd,EACNvE,YAAa,iBAIrB,KADoBwE,aAAc,EAAdA,EAAgBtd,QAAQ1J,IAAI,aAE5C,MAAM,IAAIgF,MAAM,6BAA6BgiB,aAAc,EAAdA,EAAgB/W,SAErE,CACA,MAAO,CACH0U,SAAQM,wBAAuBU,WAAUQ,kBAAiBc,QAjD9D7iB,eACIygB,EACAqC,GAAkB,GAElB,MAAM,GAAE/F,EAAE,cAAEyD,EAAa,OAAEsB,SAAiBP,EAASd,GACrD,GAAIqB,EACA,OAAO,IAAI,GAAAnB,UAAUH,EAAc9jB,MAAQ0jB,IAG/C,GAAI0C,EAAiB,CACjB,MAAMhC,QAAkBiB,EAAgBvB,EAAezD,GAIvD,aAHM0F,EAAWhC,EAASK,SACpBP,EAAOC,EAAezD,EAAI0D,SAC1BI,EAAsBC,EAAW/D,GAChC+D,CACX,CACA,OAAO,IACX,EAgCuE2B,aAAYT,UAEvF,CC5NO,SAASe,GAAiBpG,EAAO2D,EAAc0C,EAAcC,EAAgBC,GAgDlF,MAAO,CACLC,eA/CAnjB,eAA8BojB,EAAmBC,GAC/C,MAAMC,QAA2BhD,EAAakB,SAExC+B,EAAW,UADgBjD,EAAauB,WAAWyB,IAC7B5mB,oBAAoB8mB,mBAAmBH,MASnE,aARMJ,EAAeQ,gBAAgBF,SAE/BP,EAAaU,oBAAoB,CACrCC,WAAYL,EAAQ5mB,MACpB0mB,YACAQ,cAAe,aACflR,OAAQ6Q,IAEHA,CACX,EAmCEM,eAjCF7jB,eACI8jB,GAEKA,IACHA,QAAaxD,EAAakB,UAE5B,MAAMuC,QAAczD,EAAa0D,aAAaF,GAE9C,aADmBb,EAAegB,oBAAoBF,IAC1C3mB,OAAOyN,IAAQoY,EAAeiB,YAAYrZ,GAC1D,EAyBEsZ,WAvBFnkB,eAA0B6K,EAAa3C,GACrC,MAAMkc,QAAmBzH,EAAMe,QAAQ2G,OAAOxZ,GAC9C,GAA0B,MAAtBuZ,EAAWvY,OACb,MAAM,IAAIjL,MAAM,WAAWiK,KAE7B,MAAMyZ,EFvBH,SAAuBC,EAAiBrc,GAC3C,MAAMsc,EAAOtc,EAAKuc,iBACZC,GAAS,KAAOxc,EAAKyc,cAAc,IAAItiB,OAAO,GAC9CiG,GAAO,IAAOJ,EAAK0c,cAAeviB,OAAO,GACzCwiB,EAAQN,EAAQ7U,MAAM,KACtBoV,EAAWD,EAAMA,EAAMvnB,OAAQ,GACrC,OAAO,IAAIuQ,IAAI,aAAa2W,KAAQE,KAASpc,KAAOwc,IAAYP,GAASjhB,UAC7E,CEgBuByhB,CAAcla,EAAK3C,GAChCrH,EAAU,CACd0T,OAAQ,MACRC,WAAY4P,EAAWY,OACvB1f,QAAS,CACP,CAAC,eAAgB8e,EAAW9e,QAAQ1J,IAAI,iBAAmB,8BAIzB,aADf+gB,EAAMe,QAAQ2G,OAAOC,EAAYzjB,IAC3CgL,OAAOvI,WAAW,UACvBqZ,EAAMe,QAAQ2G,OAAOxZ,EAAK,CAC9B0J,OAAQ,UAGd,EAMF,CCzDA,MAAM0Q,WAAoBrkB,MACtB,WAAAjD,CAAYX,GACR8D,MAAM9D,GAENvB,OAAOypB,eAAehuB,gBAAiBkF,WACvClF,KAAKwG,gBAAkBA,IAC3B,EAGG,MAAMynB,WAA0BF,IAEhC,MAAMG,WAAkCH,IAExC,MAAMI,WAAiCJ,IAEvC,MAAMK,WAAsBL,IAE5B,MAAMM,WAAyBN,IAE/B,MAAMO,WAA0BP,IAEhC,MAAMQ,WAAmBR,GAG5B,WAAAtnB,CAAYkO,EAAgB7O,GACxB8D,MAAM9D,GACN9F,KAAK2U,OAASA,CAClB,ECpBG,SAAS6Z,GAAmB/I,EAAOgJ,EAAO3C,GAC7C,MAAMpG,EAAK,GAsBX5c,eAAe4lB,EAAiB9B,SACtB+B,EAAY/B,GAElB,MAAMgC,EJDP,SAAiC/I,GACpC,MAGMgJ,EAHWhJ,EAAGmB,IAAI3e,QAAQ,YAAa,KAAKA,QAAQ,WAAY,KAE3CmQ,MAAM,KAAKrN,MAAM,GAAG,GAAG5E,KAAK,KACvCuoB,4BAChB,OAAO,KAAAvJ,KAAIsJ,EACf,CILwCE,CAAuBnC,GACvD,IAAIoC,EACJ,IACIA,QAAwBlD,EAAamD,mBAAmBrC,EAAMlH,EAAGhjB,MAAM,mBAAiCksB,EAAyBhC,EAAKxG,MAC1I,CAAE,MAAO3R,GAIL,GAFA,EADgB,QAAQmY,oDAGpBnY,aAAe4Z,GAAoB,MAAM5Z,EAC7C,GAAIA,aAAe6Z,GAAqB,MAAM7Z,EAC9C,GAAIA,aAAewZ,GAAqB,MAAMxZ,EAC9C,GAAIA,aAAeyZ,GAA6B,MAAMzZ,EACtD,GAAIA,aAAe0Z,GAA4B,MAAM1Z,EACrD,GAAIA,aAAe8Z,GAAc,MAAM9Z,EACvC,MAAMA,CACV,CAEA,UACUgR,EAAMe,QAAQC,KAAKuI,EAC7B,CAAE,MAAOva,GACL,MAAM1O,EAAM,qCAAqC6mB,MAASnY,IAE1D,GADA,EAAW1O,GACiB,MAAxB0O,EAAIN,SAASQ,OACb,MAAM,IAAIsZ,GAEd,GAA4B,MAAxBxZ,EAAIN,SAASQ,OAAgB,CAC7B,GAAIsU,GAAgB+F,GACpB,MAAM,IAAId,GAEV,MAAM,IAAIC,EACd,CAIA,MAAM,IAAIzkB,MAAM3D,EACpB,CACA,OAAOipB,CACX,CAEAlmB,eAAe6lB,EAAa/B,GACxB,IAAKA,EACD,MAAM,IAAIljB,MAAM,+BAEpB,UACU+b,EAAMe,QAAQC,KAAKmG,EAAKxG,MAClC,CAAE,MAAO3R,GACL,MAAM,IAAI/K,MAAM,kCAAkCkjB,MAASnY,IAC/D,CACA,OAAOmY,EAAKxG,KAChB,CA4BA,SAAS8I,EAAYrJ,GACjB,OAAOJ,EAAMkB,IAAId,EAAIH,EAAGhjB,MAAM,gBAAYmB,EAAWgiB,EAAGO,MAC5D,CAEA,MAAO,CACHkE,OA/BJxhB,iBACI,MAAM+c,EAAK4I,EAAMtG,cACjB,GAAW,OAAPtC,EACA,MAAM,IAAInc,MAAM,0CAGpB,aADM+b,EAAMe,QAAQC,KAAKZ,EAAGO,OACrBP,CACX,EAyBI8E,WAvBJ,SAAoBiC,GAChB,MAAMrC,EAAU2E,EAAYtC,GAC5B,IAAKrC,EACD,MAAM,IAAI7gB,MAAM,4BAEpB,OAAO6gB,CACX,EAkBIuC,aAhBJhkB,eAA4B8jB,SAClBnH,EAAMe,QAAQC,KAAKmG,GACzB,MAAMuC,EAAY1J,EAAMkB,IAAIiG,EAAMlH,EAAGrkB,IAAI,cAAUwC,EAAW+oB,EAAKxG,OACnE,IAAK+I,EACD,MAAM,IAAIzlB,MAAM,8BAEpB,OAAOylB,CACX,EAUID,cACAR,kBACAC,cACAS,wBAzGJtmB,eAAuC8jB,GACnC,IACI,aAAa8B,EAAgB9B,EACjC,CAAE,MAAOnY,GACL,MACJ,CACJ,EAqGJ,CCrHO,SAAS4a,GAAqB5J,EAAOgJ,EAAOrF,EAAc0C,GAC7D,MAAMpG,EAAK,GAUX5c,eAAewmB,EAAmB1C,GAC9B,IAAKA,EAAM,MAAM,IAAIljB,MAAM,qCAC3B,MAAM6lB,QAAgBnG,EAAauF,YAAY/B,GAEzC4C,EAAaC,EAAuB7C,GAC1C,IAAI8C,EACJ,IACIA,QAAwB5D,EAAamD,mBAAmBrC,EAAMlH,EAAGjjB,MAAM,mBAAiC+sB,EAAYD,EACxH,CAAE,MAAO9a,GAEL,EADgB,QAAQmY,uDAE5B,CACA,MAAM+C,EAAeD,EAAkB,CAAC,CAAE1d,MAAO,SAAU4d,MAAOF,EAA8B3Y,MAAO6V,IAAU,GAEjH,IAAIoC,EAOAa,EANJ,IACIb,QAAwB5F,EAAagG,wBAAwBxC,EACjE,CAAE,MAAOnY,GACLua,EAAkB,IACtB,CAGA,GAAIA,EAAiB,CAGjB,MAAMc,EAA4BC,EAAwBf,GAC1D,IAAInF,EACJ,IACIA,EAAmBpE,EAAMkB,IAAIiG,EAAMlH,EAAGjjB,MAAM,yBAAqBoB,EAAW0rB,UAClEzD,EAAamD,mBAAmBrC,EAAMlH,EAAGjjB,MAAM,oBAAkCqtB,EAA2Bd,EACtH,CAAE,MAAOva,GAET,EADgB,QAAQmY,gEAE5B,CACAiD,EAAgBhG,EAAmB,CAAC,CAAE7X,MAAO,UAAW4d,MAAO/F,EAA+B9S,MAAO6V,IAAU,EACnH,MACIiD,EAAgB,GAEpB,MAAMG,EAASL,EAAa3oB,OAAO6oB,GACnC,GAAsB,IAAlBG,EAAO5pB,OAAc,OAAO4pB,EAChC,MAAMC,EAAQD,EAAOE,IAAIrP,GAASA,EAAM+O,OACxC,UACUnK,EAAMe,QAAQC,KAAKwJ,EAC7B,CAAE,MAAOxb,GACL,EAAW,gCAAiCA,EAChD,CACA,OAAOub,CACX,CAEAlnB,eAAeqnB,EAAyBvD,GACpC,IAAIoC,EACJ,IACIA,QAAwB5F,EAAagG,wBAAwBxC,EACjE,CAAE,MAAOnY,GAEL,EADgB,QAAQmY,mDAE5B,CACA,GAAIoC,EAAiB,CACjB,MAAMoB,EAAc3K,EAAM4K,KAAKzD,EAAMlH,EAAGjjB,MAAM,kBAAcoB,EAAWmrB,GAA8BhoB,OACjGye,EAAM4K,KAAKzD,EAAMlH,EAAGjjB,MAAM,kBAAcoB,EAAW+oB,EAAKxG,QAE5D,IAAIxN,EAAS,GACb,IAAK,MAAMlX,KAAO0uB,EACdxX,EAASA,EAAO5R,aAAasoB,EAAmB5tB,IAEpD,OAAOkX,CACX,CACA,MAAO,EACX,CAEA9P,eAAewnB,EAAmB1D,GAC9B,aAAc0C,EAAmB1C,IAAO5lB,cAAcmpB,EAAyBvD,IAAO2D,OAC1F,CAEAznB,eAAe0nB,EAAsBC,EAAkB7D,GACnD,MAAMoD,QAAeM,EAAmB1D,GACxC,IAAI8D,EAAa,GACjB,IAAK,MAAM7P,KAASmP,EAAQ,CACxB,MAAMW,QAAoBC,EAAuB/P,EAAO4P,GACxDC,EAAaA,EAAW1pB,OAAO2pB,EACnC,CACA,OAAOD,CACX,CAYA,SAASjB,EAAuB5J,G,MAC5B,OAAO,KAAAN,MAAkB,QAAd,EAAAM,EAAGO,MAAMyK,aAAK,eAAE7J,KAAM,sBACrC,CAGA,SAAS+I,EAAwBf,G,MAC7B,OAAO,KAAAzJ,MAA+B,QAA3B,EAAAyJ,EAAgB5I,MAAMyK,aAAK,eAAE7J,KAAM,uBAClD,CAqCAle,eAAe8nB,EAAuB/P,EAAuBiQ,GACzD,MAAMlB,EAAQ/O,EAAM+O,MACdmB,EAAuB,GACvBC,EAAgBvL,EAAM4F,mBAAmB,KAAM3F,EAAGjjB,MAAM,YAAa,KAAMmtB,GAC5E5oB,OAAOye,EAAM4F,mBAAmB,KAAM3F,EAAGjjB,MAAM,qBAAsB,KAAMmtB,IAC3EM,IAAIlG,GAAMA,EAAGxX,SAClB,IAAK,MAAMsX,KAAOkH,EAAe,CAC/B,MAAMP,EAAQhL,EAAMkB,IAAImD,EAAKpE,EAAGjjB,MAAM,YAAa,KAAMmtB,GACzD,IAAKkB,GAAYL,EAAMQ,SAASH,GAAW,CACzC,MAAMI,EAAYzL,EAAM4K,KAAKvG,EAAKpE,EAAGjjB,MAAM,YAAa,KAAMmtB,GAC9D,IAAK,MAAMuB,KAAYD,EACrBH,EAAQjpB,KAAK,CAAEqpB,WAAUliB,KAAMwhB,EAAO5P,UAExC,MAAMuQ,EAAa3L,EAAM4K,KAAKvG,EAAKpE,EAAGjjB,MAAM,qBAAsB,KAAMmtB,GACxE,IAAK,MAAMuB,KAAYC,QACb3L,EAAMe,QAAQC,KAAK0K,GACzBJ,EAAQjpB,KAAK,CAAEqpB,UAAU,KAAA5L,KAAI4L,EAAS3rB,OAAQyJ,KAAMwhB,EAAQ5P,SAElE,CACF,CACA,OAAOkQ,CACX,CAEA,MAAO,CACHM,oBAtDJvoB,eACIqoB,EACAvB,EACAkB,GAGA,MAAMQ,EAAetI,GAAS4G,GACxB7F,EAAM,EAER,KAAAC,IAAGsH,EAAc5L,EAAGxjB,IAAI,QAASwjB,EAAGjjB,MAAM,oBAAqBmtB,IAC/D,KAAA5F,IAAGsH,EAAc5L,EAAGjjB,MAAM,YAAaquB,EAAUlB,IACjD,KAAA5F,IAAGsH,EAAc5L,EAAGjjB,MAAM,YAAa0uB,EAAUvB,IAErD,UACUnK,EAAMwE,QAAQC,OAAO,GAAIH,EACnC,CAAE,MAAOtV,GACL,MAAM1O,EAAM,sBAAsBorB,cAAqBvB,MAAUnb,IAEjE,OADA/O,QAAQC,KAAKI,GACN,IACX,CACA,OAAOurB,CACX,EAkCIC,iBA3KJ,SAA0BJ,EAAUL,GAChC,OAAOrL,EACF4K,UAAKxsB,EAAW6hB,EAAGjjB,MAAM,YAAa0uB,GACtCjrB,OAAQb,GACEogB,EAAM+L,MAAMnsB,EAAGqgB,EAAGjjB,MAAM,YAAaquB,GAExD,EAsKIxB,qBACAa,2BACAG,qBACAE,wBACAiB,gBAjFJ3oB,eAA+B2nB,GAC3B,MAAM7D,EAAO6B,EAAMtG,cACnB,IAAKyE,EAAM,MAAM,IAAIljB,MAAM,oDAE3B,aADiC8mB,EAAsBC,EAAO7D,IACpCsD,IAAIwB,GAAUA,EAAOP,SACnD,EA6EI1B,yBACAM,0BACA4B,4BAxCJ7oB,eAA2C8oB,GACvC,MAAM9H,EAAMrE,EAAMoM,IAAI,KAAMnM,EAAGjjB,MAAM,YAAamvB,EAAKT,SAAUS,EAAK/Q,MAAM+O,OAC5E,IAAK9F,EAAK,MAAM,IAAIpgB,MAAM,0DAA0DkoB,EAAKT,YACzF,MAAMW,EAAarM,EAAM4F,mBAAmBvB,EAAK,KAAM,KAAM8H,EAAK/Q,MAAM+O,aAClEnK,EAAMwE,QAAQC,OAAO4H,EAAY,GAC3C,EAoCIlB,yBAER,CC5KO,SAASmB,GAAiBC,EAA8D9J,GAE3F,EAAU,4EACV,MAAMzC,EAAmB,WACzB,WAAYA,EAAO,CAACrR,MAAO4d,EAAa5d,QACxCqR,EAAMwE,QAAU,IAAI,iBAAkBxE,GACtCA,EAAMwM,SAAW,GAEjB,MAAMxD,EAAoB,IAAIzG,GAAgBE,GAExC/nB,EAAMqlB,GAAeC,GACrBsG,ECzBH,SAA8BtG,GAEjC,SAASyM,EAAqBC,GAC1B,OAAO1M,EACF4F,mBACG8G,GACA,KAAA5M,KAAI,0CACJ1hB,GAEHqsB,IAAKlG,GAAkBA,EAAGoI,OACnC,CAEA,SAASpF,EAAYrZ,GACjB,MAAM0e,EAAe1e,EAAInO,MACzB,MAAwD,MAAjD6sB,EAAaC,OAAOD,EAAajsB,OAAS,EACrD,CA0BA,MAAO,CACH4mB,cACAT,gBA1BJzjB,eAA+B6K,GAE3B,IAAKqZ,GADgB,KAAAzH,KAAI5R,IAErB,MAAM,IAAIjK,MAAM,uBAAuBiK,KAG3C,MAAMiF,QAAe6M,EAAMe,QAAQ2G,OAAOxZ,EAAK,CAC3C0J,OAAQ,MACRjP,QAAS,CACL,eAAgB,cAChB,gBAAiB,IACjBmkB,KAAM,yDAEVjV,KAAM,MAEV,GAAoC,MAAhC1E,EAAOjE,OAAOvI,WAAW,GACzB,MAAM,IAAI1C,MAAM,eAAekP,EAAOjE,+CAA+ChB,IAE7F,EASIue,uBACAnF,oBARJjkB,eAAmC0pB,GAE/B,aADM/M,EAAMe,QAAQC,KAAK+L,GAClBN,EAAqBM,EAChC,EAOJ,CDtB2BC,CAAqBhN,GACtCqG,EE1BH,SAA4BrG,EAAOuG,EAAUD,GAyBlDjjB,eAAe4pB,EAAwBtM,GACrC,IAAIjS,EACJ,IACEA,QAAiBsR,EAAMe,QAAQC,KAAKL,EACtC,CAAE,MAAO3R,GACP,GAA4B,MAAxBA,EAAIN,SAASQ,OAQV,CACL,GAA4B,MAAxBF,EAAIN,SAASQ,OACf,MAAM,IAAIsZ,GAEZ,GAA4B,MAAxBxZ,EAAIN,SAASQ,OAAgB,CAC/B,GAAIsU,GAAgB7C,GAClB,MAAM,IAAI8H,GAEZ,MAAM,IAAIC,EACZ,CACA,MAAMpoB,EAAM,8CAAgDqgB,EAAM,KAAO3R,EACzE,MAAM,IAAI8Z,GAAW9Z,EAAIE,OAAQF,EAAI3O,QAAUC,EACjD,CAnBE,UACQ0f,EAAMe,QAAQS,aAAa,MAAOb,EAAK,CAAEnY,KAAM,GAAIiZ,YAAa,eACxE,CAAE,MAAOzS,GAEP,MAAM,IAAI6Z,GADE,kCAAoClI,EAAM,KAAO3R,EAE/D,OACMgR,EAAMe,QAAQC,KAAKL,EAc7B,CACA,OAAOjS,CACT,CAyFA,MAAO,CACLwe,gBA7IF7pB,eAAe6pB,EAAgBR,GAC3B,IACE,GAAIpG,EAAeiB,YAAYmF,GAAgB,CAC7C,MAAMS,QAAkB5G,EAASzF,cAAc4L,SACzC1M,EAAMe,QAAQ2G,OAAOyF,EAAW,CAAEvV,OAAQ,WAChD,MAAMwV,QAAyB9G,EAAegB,oBAAoBoF,SAC5DrX,QAAQuH,IACZwQ,EAAiB3C,IAAKvc,GAAQgf,EAAgBhf,IAElD,CACA,MAAMmf,EAAmBX,EAAc3sB,MACvC,OAAOigB,EAAMe,QAAQ2G,OAAO2F,EAAkB,CAAEzV,OAAQ,UAC1D,CAAE,MAAOvY,GACP,EAAU,0BAA0BqtB,EAAc3sB,0BAA2BV,EAC/E,CACJ,EA+HE0nB,oBAtDF1jB,eAAmCa,GAOjC,IAAI4H,EAAM,CACR,iDACA,GACA,+CAA+C5H,EAAQ8iB,eACvD,mBAAmB9iB,EAAQ6R,WAC3B,kBAAkB7R,EAAQ6R,WAC1B,+CACA,IACAjV,KAAK,MACHoD,EAAQ+iB,gBACVnb,GAAO,CACL,sCACA,gBAAgB5H,EAAQuiB,cACxB,mBAAmBviB,EAAQ6R,WAC3B,cAAc7R,EAAQ+iB,iBACtB,IACAnmB,KAAK,OAELoD,EAAQopB,eACVxhB,GAAO,CACL,qCACA,gBAAgB5H,EAAQuiB,cACxB,kBAAkBviB,EAAQ6R,WAC1B,cAAc7R,EAAQopB,gBACtB,IACAxsB,KAAK,OAET,MAAMqsB,QAAkB5G,EAASzF,eAAc,KAAAhB,KAAI5b,EAAQ6R,SAC3D,OAAOiK,EAAMe,QAAQ2G,OAAOyF,EAAW,CACrCvV,OAAQ,MACRC,KAAM/L,EACNnD,QAAS,CACP,CAAC,eAAgB,iBAGvB,EAaE4kB,kBAXFlqB,eAAiCsd,EAAgB6M,SACzCxN,EAAMe,QAAQS,aAAa,MAAOb,EAAIY,IAAK,CAC/C/Y,KAAM,KAAK,IAAIiF,QAAU+f,QAEzB/L,YAAa,eAEjB,EAME+H,mBAvFFnmB,eAAkC0J,EAAoB0gB,EACpDd,EAAmBhM,SAEbX,EAAMe,QAAQC,KAAKL,GACzB,MAAMxN,EAAS6M,EAAMkB,IAAInU,EAAS0gB,EAAW,KAAM9M,GAEnD,GAAIxN,EAAQ,OAAOA,EACnB,IAAK6M,EAAMwE,QAAQkJ,SAAS/M,GAAM,CAChC,MAAMrgB,EAAM,mCAAmCqgB,EAAI5gB,QAEnD,MADA,EAAWO,GACL,IAAIsoB,GAAiBtoB,EAC7B,CACA,UACQ0f,EAAMwE,QAAQC,OAAO,GAAI,EAAC,KAAAF,IAAGxX,EAAS0gB,EAAWd,EAAQhM,IACjE,CAAE,MAAO3R,GAGP,MADA,EADY,4CAA4C2R,QAAUgM,MAAW3d,KAEvE,IAAI6Z,GAAkB7Z,EAC9B,CAEA,UACQie,EAAwBN,EAEhC,CAAE,MAAO3d,GAEP,MADA,EAAW,oEAAoE2d,MAAW3d,KACpFA,CACR,CACA,OAAO2d,CACT,EA4DEM,0BAEJ,CF3HyBU,CAAmB3N,EAAOtlB,EAAK4rB,GAC9CwD,EAAUf,GAAmB/I,EAAOgJ,EAAO3C,GAC3CuH,EAAOlK,GAAgB1D,EAAO8J,GAC9B1C,EAAQhB,GAAiBpG,EAAO8J,EAASzD,EAAcC,GACvDuH,EAAYjE,GAAqB5J,EAAOgJ,EAAOc,EAASzD,GA2B9D,OA1BA,EAAU,+BA0BH,CACHrG,QACAgJ,QACAtuB,MACA0sB,QACAwG,OACA9D,UACA+D,YACA7M,KAhCJ,SAAcL,GACV,OAAOX,EAAMe,QAAQC,KAAKL,EAC9B,EA+BImN,cA5BJ,SACIC,EACAzJ,EAAwB,IAExB,OAAO,IAAIjP,QAAQ,CAACC,EAASC,KAC7ByK,EAAMwE,QAAQC,OAAOsJ,EAAKzJ,EAAK,SAAUI,EAAM3M,EAAIiW,GAC1CjW,EAGLzC,IAFAC,EAAO,IAAItR,MAAM+pB,GAIrB,IAEJ,EAgBIC,WAdJ,WACIjO,EAAMqM,WAAW3mB,QAAQmZ,QAAQmB,EAAMkO,OAAOtkB,KAAKoW,GACvD,EAcJ,CGrEA,MAAM0H,GAASrkB,MAAO6K,EAAKigB,KACvB,MAAMC,EAAYD,GAAeA,EAAYE,aAA0C,QAA3BF,EAAYE,YACxE,OAAIzO,GAAYR,KAAKzF,QAAUyU,EAEpBxO,GAAYjR,MAAMT,EAAKigB,GAEvB7uB,OAAOqP,MAAMT,EAAKigB,IAK3BG,GAAmBzuB,OAAO0uB,IAAI,yBAO9BC,GAAkC,oBAAXlvB,OAAyBA,OAAS,EAAAJ,EAa/D,MAAMuvB,IAVGD,GAAaF,IAKd,EAAU,0DAJV,EAAU,uDACVE,GAAaF,IAAoBhC,GAAiB,CAAE3d,MAAO+Y,IAAU9H,IACrE,EAAU,kCAIP4O,GAAaF,KCjClBI,GAAkB,CACtB,CACE3tB,KAAM,kBACNwgB,IAAK,8BAEP,CACExgB,KAAM,YACNwgB,IAAK,wBAEP,CACExgB,KAAM,eACNwgB,IAAK,uBAEP,CACExgB,KAAM,aACNwgB,IAAK,6BAOF,SAASoN,KAEZ,MAAMC,EAAU,IAAIF,KAGd,KAAE1J,EAAI,OAAE7K,GAAW,IAAIjJ,IAAI6K,SAASnN,MACpCigB,EAAQD,EAAQnE,IAAI,EAAGlJ,SAAU,IAAIrQ,IAAIqQ,GAAKyD,MAKpD,OAJK6J,EAAMtoB,SAASye,IAAU6J,EAAMxoB,KAAKyoB,GAO7C,SAAwBC,EAAmBC,GACvC,MAAMC,EAAMF,EAAUpuB,OAASquB,EAAOruB,OAAS,EAC/C,OAAOsuB,EAAM,GAAwB,MAAnBF,EAAUE,IAAgBF,EAAUtU,SAASuU,EACnE,CAVyDE,CAAclK,EAAM8J,KACvEF,EAAQO,QAAQ,CAAEpuB,KAAMikB,EAAMzD,IAAKpH,IAG9ByU,CACT,CC9BF,MAAM5F,GAAQyF,GAAoBzF,MAC5B,GAAcyF,GAAoBzF,MAAMpJ,YACxCI,GAAQyO,GAAoBzO,K","sources":["webpack://SolidLogic/webpack/universalModuleDefinition","webpack://SolidLogic/external umd \"$rdf\"","webpack://SolidLogic/./node_modules/solid-namespace/index.js","webpack://SolidLogic/webpack/bootstrap","webpack://SolidLogic/webpack/runtime/compat get default export","webpack://SolidLogic/webpack/runtime/define property getters","webpack://SolidLogic/webpack/runtime/global","webpack://SolidLogic/webpack/runtime/hasOwnProperty shorthand","webpack://SolidLogic/webpack/runtime/make namespace object","webpack://SolidLogic/./src/util/debug.ts","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/webcrypto.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/invalid_key_input.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/buffer_utils.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/base64url.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/is_key_like.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/key_to_jwk.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/export.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/errors.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/subtle_dsa.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/check_key_length.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/crypto_key.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_object.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_jwk.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/jwk_to_key.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/normalize_key.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/get_sign_verify_key.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/sign.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/is_disjoint.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/check_key_type.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_crit.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/sign.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/sign.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/epoch.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/secs.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/produce.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/sign.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/fetch_jwks.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/import.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/local.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwks/remote.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/verify.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/validate_algorithms.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/compact/verify.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jws/flattened/verify.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/lib/jwt_claims_set.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/digest.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwk/thumbprint.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/runtime/generate.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/key/generate_key_pair.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/base64url.js","webpack://SolidLogic/./node_modules/solid-oidc/solid-oidc.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/jwt/verify.js","webpack://SolidLogic/./node_modules/solid-oidc/node_modules/jose/dist/browser/util/decode_jwt.js","webpack://SolidLogic/./src/authSession/solidOidcAdapter.ts","webpack://SolidLogic/./src/authSession/authSession.ts","webpack://SolidLogic/./src/util/ns.ts","webpack://SolidLogic/./src/acl/aclLogic.ts","webpack://SolidLogic/./src/authn/authUtil.ts","webpack://SolidLogic/./src/authn/SolidAuthnLogic.ts","webpack://SolidLogic/./src/util/utils.ts","webpack://SolidLogic/./src/chat/chatLogic.ts","webpack://SolidLogic/./src/inbox/inboxLogic.ts","webpack://SolidLogic/./src/logic/CustomError.ts","webpack://SolidLogic/./src/profile/profileLogic.ts","webpack://SolidLogic/./src/typeIndex/typeIndexLogic.ts","webpack://SolidLogic/./src/logic/solidLogic.ts","webpack://SolidLogic/./src/util/containerLogic.ts","webpack://SolidLogic/./src/util/utilityLogic.ts","webpack://SolidLogic/./src/logic/solidLogicSingleton.ts","webpack://SolidLogic/./src/issuer/issuerLogic.ts","webpack://SolidLogic/./src/index.ts"],"sourcesContent":["(function webpackUniversalModuleDefinition(root, factory) {\n\tif(typeof exports === 'object' && typeof module === 'object')\n\t\tmodule.exports = factory(require(\"$rdf\"));\n\telse if(typeof define === 'function' && define.amd)\n\t\tdefine(\"SolidLogic\", [\"$rdf\"], factory);\n\telse if(typeof exports === 'object')\n\t\texports[\"SolidLogic\"] = factory(require(\"$rdf\"));\n\telse\n\t\troot[\"SolidLogic\"] = factory(root[\"$rdf\"]);\n})(this, (__WEBPACK_EXTERNAL_MODULE__264__) => {\nreturn ","module.exports = __WEBPACK_EXTERNAL_MODULE__264__;","/**\n * Provides a way to access commonly used namespaces\n *\n * Usage:\n *\n * ```\n * const $rdf = require('rdflib'); //or any other RDF/JS-compatible library\n * const ns = require('solid-namespace')($rdf);\n * const store = $rdf.graph();\n *\n * let me = ...;\n * let name = store.any(me, ns.vcard(‘fn’)) || store.any(me, ns.foaf(‘name’));\n * ```\n * @module vocab\n */\nconst aliases = {\n acl: 'http://www.w3.org/ns/auth/acl#',\n arg: 'http://www.w3.org/ns/pim/arg#',\n as: 'https://www.w3.org/ns/activitystreams#',\n bookmark: 'http://www.w3.org/2002/01/bookmark#',\n cal: 'http://www.w3.org/2002/12/cal/ical#',\n cco: 'http://www.ontologyrepository.com/CommonCoreOntologies/',\n cert: 'http://www.w3.org/ns/auth/cert#',\n contact: 'http://www.w3.org/2000/10/swap/pim/contact#',\n dc: 'http://purl.org/dc/elements/1.1/',\n dct: 'http://purl.org/dc/terms/',\n doap: 'http://usefulinc.com/ns/doap#',\n foaf: 'http://xmlns.com/foaf/0.1/',\n geo: 'http://www.w3.org/2003/01/geo/wgs84_pos#',\n gpx: 'http://www.w3.org/ns/pim/gpx#',\n gr: 'http://purl.org/goodrelations/v1#',\n http: 'http://www.w3.org/2007/ont/http#',\n httph: 'http://www.w3.org/2007/ont/httph#',\n icalTZ: 'http://www.w3.org/2002/12/cal/icaltzd#', // Beware: not cal:\n ldp: 'http://www.w3.org/ns/ldp#',\n link: 'http://www.w3.org/2007/ont/link#',\n log: 'http://www.w3.org/2000/10/swap/log#',\n meeting: 'http://www.w3.org/ns/pim/meeting#',\n mo: 'http://purl.org/ontology/mo/',\n org: 'http://www.w3.org/ns/org#',\n owl: 'http://www.w3.org/2002/07/owl#',\n pad: 'http://www.w3.org/ns/pim/pad#',\n patch: 'http://www.w3.org/ns/pim/patch#',\n prov: 'http://www.w3.org/ns/prov#',\n pto: 'http://www.productontology.org/id/',\n qu: 'http://www.w3.org/2000/10/swap/pim/qif#',\n trip: 'http://www.w3.org/ns/pim/trip#',\n rdf: 'http://www.w3.org/1999/02/22-rdf-syntax-ns#',\n rdfs: 'http://www.w3.org/2000/01/rdf-schema#',\n rss: 'http://purl.org/rss/1.0/',\n sched: 'http://www.w3.org/ns/pim/schedule#',\n schema: 'http://schema.org/', // @@ beware confusion with documents no 303\n sioc: 'http://rdfs.org/sioc/ns#',\n skos: 'http://www.w3.org/2004/02/skos/core#',\n solid: 'http://www.w3.org/ns/solid/terms#',\n space: 'http://www.w3.org/ns/pim/space#',\n stat: 'http://www.w3.org/ns/posix/stat#',\n tab: 'http://www.w3.org/2007/ont/link#',\n tabont: 'http://www.w3.org/2007/ont/link#',\n ui: 'http://www.w3.org/ns/ui#',\n vann: 'http://purl.org/vocab/vann/',\n vcard: 'http://www.w3.org/2006/vcard/ns#',\n wf: 'http://www.w3.org/2005/01/wf/flow#',\n xsd: 'http://www.w3.org/2001/XMLSchema#',\n}\n\n/**\n * @param [rdflib] {RDF} Optional RDF Library (such as rdflib.js or rdf-ext) to inject\n */\nfunction vocab (rdf = { namedNode: u => u }) {\n const namespaces = {}\n for (const alias in aliases) {\n const expansion = aliases[alias]\n namespaces[alias] = function (localName = '') {\n return rdf.namedNode(expansion + localName)\n }\n };\n\n return namespaces\n};\n\nmodule.exports = vocab\n","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\t// no module.id needed\n\t\t// no module.loaded needed\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\t__webpack_modules__[moduleId](module, module.exports, __webpack_require__);\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n","// getDefaultExport function for compatibility with non-harmony modules\n__webpack_require__.n = (module) => {\n\tvar getter = module && module.__esModule ?\n\t\t() => (module['default']) :\n\t\t() => (module);\n\t__webpack_require__.d(getter, { a: getter });\n\treturn getter;\n};","// define getter functions for harmony exports\n__webpack_require__.d = (exports, definition) => {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","__webpack_require__.g = (function() {\n\tif (typeof globalThis === 'object') return globalThis;\n\ttry {\n\t\treturn this || new Function('return this')();\n\t} catch (e) {\n\t\tif (typeof window === 'object') return window;\n\t}\n})();","__webpack_require__.o = (obj, prop) => (Object.prototype.hasOwnProperty.call(obj, prop))","// define __esModule on exports\n__webpack_require__.r = (exports) => {\n\tif(typeof Symbol !== 'undefined' && Symbol.toStringTag) {\n\t\tObject.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });\n\t}\n\tObject.defineProperty(exports, '__esModule', { value: true });\n};","\nexport function log(...args: any[]): void {\n console.log(...args)\n}\n\nexport function warn(...args: any[]): void {\n console.warn(...args)\n}\n\nexport function error(...args: any[]): void {\n console.error(...args)\n}\n\nexport function trace(...args: any[]): void {\n console.trace(...args)\n}\n","export default crypto;\nexport const isCryptoKey = (key) => key instanceof CryptoKey;\n","function message(msg, actual, ...types) {\n types = types.filter(Boolean);\n if (types.length > 2) {\n const last = types.pop();\n msg += `one of type ${types.join(', ')}, or ${last}.`;\n }\n else if (types.length === 2) {\n msg += `one of type ${types[0]} or ${types[1]}.`;\n }\n else {\n msg += `of type ${types[0]}.`;\n }\n if (actual == null) {\n msg += ` Received ${actual}`;\n }\n else if (typeof actual === 'function' && actual.name) {\n msg += ` Received function ${actual.name}`;\n }\n else if (typeof actual === 'object' && actual != null) {\n if (actual.constructor?.name) {\n msg += ` Received an instance of ${actual.constructor.name}`;\n }\n }\n return msg;\n}\nexport default (actual, ...types) => {\n return message('Key must be ', actual, ...types);\n};\nexport function withAlg(alg, actual, ...types) {\n return message(`Key for the ${alg} algorithm must be `, actual, ...types);\n}\n","import digest from '../runtime/digest.js';\nexport const encoder = new TextEncoder();\nexport const decoder = new TextDecoder();\nconst MAX_INT32 = 2 ** 32;\nexport function concat(...buffers) {\n const size = buffers.reduce((acc, { length }) => acc + length, 0);\n const buf = new Uint8Array(size);\n let i = 0;\n for (const buffer of buffers) {\n buf.set(buffer, i);\n i += buffer.length;\n }\n return buf;\n}\nexport function p2s(alg, p2sInput) {\n return concat(encoder.encode(alg), new Uint8Array([0]), p2sInput);\n}\nfunction writeUInt32BE(buf, value, offset) {\n if (value < 0 || value >= MAX_INT32) {\n throw new RangeError(`value must be >= 0 and <= ${MAX_INT32 - 1}. Received ${value}`);\n }\n buf.set([value >>> 24, value >>> 16, value >>> 8, value & 0xff], offset);\n}\nexport function uint64be(value) {\n const high = Math.floor(value / MAX_INT32);\n const low = value % MAX_INT32;\n const buf = new Uint8Array(8);\n writeUInt32BE(buf, high, 0);\n writeUInt32BE(buf, low, 4);\n return buf;\n}\nexport function uint32be(value) {\n const buf = new Uint8Array(4);\n writeUInt32BE(buf, value);\n return buf;\n}\nexport function lengthAndInput(input) {\n return concat(uint32be(input.length), input);\n}\nexport async function concatKdf(secret, bits, value) {\n const iterations = Math.ceil((bits >> 3) / 32);\n const res = new Uint8Array(iterations * 32);\n for (let iter = 0; iter < iterations; iter++) {\n const buf = new Uint8Array(4 + secret.length + value.length);\n buf.set(uint32be(iter + 1));\n buf.set(secret, 4);\n buf.set(value, 4 + secret.length);\n res.set(await digest('sha256', buf), iter * 32);\n }\n return res.slice(0, bits >> 3);\n}\n","import { encoder, decoder } from '../lib/buffer_utils.js';\nexport const encodeBase64 = (input) => {\n let unencoded = input;\n if (typeof unencoded === 'string') {\n unencoded = encoder.encode(unencoded);\n }\n const CHUNK_SIZE = 0x8000;\n const arr = [];\n for (let i = 0; i < unencoded.length; i += CHUNK_SIZE) {\n arr.push(String.fromCharCode.apply(null, unencoded.subarray(i, i + CHUNK_SIZE)));\n }\n return btoa(arr.join(''));\n};\nexport const encode = (input) => {\n return encodeBase64(input).replace(/=/g, '').replace(/\\+/g, '-').replace(/\\//g, '_');\n};\nexport const decodeBase64 = (encoded) => {\n const binary = atob(encoded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n};\nexport const decode = (input) => {\n let encoded = input;\n if (encoded instanceof Uint8Array) {\n encoded = decoder.decode(encoded);\n }\n encoded = encoded.replace(/-/g, '+').replace(/_/g, '/').replace(/\\s/g, '');\n try {\n return decodeBase64(encoded);\n }\n catch {\n throw new TypeError('The input to be decoded is not correctly encoded.');\n }\n};\n","import { isCryptoKey } from './webcrypto.js';\nexport default (key) => {\n if (isCryptoKey(key)) {\n return true;\n }\n return key?.[Symbol.toStringTag] === 'KeyObject';\n};\nexport const types = ['CryptoKey'];\n","import crypto, { isCryptoKey } from './webcrypto.js';\nimport invalidKeyInput from '../lib/invalid_key_input.js';\nimport { encode as base64url } from './base64url.js';\nimport { types } from './is_key_like.js';\nconst keyToJWK = async (key) => {\n if (key instanceof Uint8Array) {\n return {\n kty: 'oct',\n k: base64url(key),\n };\n }\n if (!isCryptoKey(key)) {\n throw new TypeError(invalidKeyInput(key, ...types, 'Uint8Array'));\n }\n if (!key.extractable) {\n throw new TypeError('non-extractable CryptoKey cannot be exported as a JWK');\n }\n const { ext, key_ops, alg, use, ...jwk } = await crypto.subtle.exportKey('jwk', key);\n return jwk;\n};\nexport default keyToJWK;\n","import { toSPKI as exportPublic } from '../runtime/asn1.js';\nimport { toPKCS8 as exportPrivate } from '../runtime/asn1.js';\nimport keyToJWK from '../runtime/key_to_jwk.js';\nexport async function exportSPKI(key) {\n return exportPublic(key);\n}\nexport async function exportPKCS8(key) {\n return exportPrivate(key);\n}\nexport async function exportJWK(key) {\n return keyToJWK(key);\n}\n","export class JOSEError extends Error {\n constructor(message, options) {\n super(message, options);\n this.code = 'ERR_JOSE_GENERIC';\n this.name = this.constructor.name;\n Error.captureStackTrace?.(this, this.constructor);\n }\n}\nJOSEError.code = 'ERR_JOSE_GENERIC';\nexport class JWTClaimValidationFailed extends JOSEError {\n constructor(message, payload, claim = 'unspecified', reason = 'unspecified') {\n super(message, { cause: { claim, reason, payload } });\n this.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED';\n this.claim = claim;\n this.reason = reason;\n this.payload = payload;\n }\n}\nJWTClaimValidationFailed.code = 'ERR_JWT_CLAIM_VALIDATION_FAILED';\nexport class JWTExpired extends JOSEError {\n constructor(message, payload, claim = 'unspecified', reason = 'unspecified') {\n super(message, { cause: { claim, reason, payload } });\n this.code = 'ERR_JWT_EXPIRED';\n this.claim = claim;\n this.reason = reason;\n this.payload = payload;\n }\n}\nJWTExpired.code = 'ERR_JWT_EXPIRED';\nexport class JOSEAlgNotAllowed extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JOSE_ALG_NOT_ALLOWED';\n }\n}\nJOSEAlgNotAllowed.code = 'ERR_JOSE_ALG_NOT_ALLOWED';\nexport class JOSENotSupported extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JOSE_NOT_SUPPORTED';\n }\n}\nJOSENotSupported.code = 'ERR_JOSE_NOT_SUPPORTED';\nexport class JWEDecryptionFailed extends JOSEError {\n constructor(message = 'decryption operation failed', options) {\n super(message, options);\n this.code = 'ERR_JWE_DECRYPTION_FAILED';\n }\n}\nJWEDecryptionFailed.code = 'ERR_JWE_DECRYPTION_FAILED';\nexport class JWEInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWE_INVALID';\n }\n}\nJWEInvalid.code = 'ERR_JWE_INVALID';\nexport class JWSInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWS_INVALID';\n }\n}\nJWSInvalid.code = 'ERR_JWS_INVALID';\nexport class JWTInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWT_INVALID';\n }\n}\nJWTInvalid.code = 'ERR_JWT_INVALID';\nexport class JWKInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWK_INVALID';\n }\n}\nJWKInvalid.code = 'ERR_JWK_INVALID';\nexport class JWKSInvalid extends JOSEError {\n constructor() {\n super(...arguments);\n this.code = 'ERR_JWKS_INVALID';\n }\n}\nJWKSInvalid.code = 'ERR_JWKS_INVALID';\nexport class JWKSNoMatchingKey extends JOSEError {\n constructor(message = 'no applicable key found in the JSON Web Key Set', options) {\n super(message, options);\n this.code = 'ERR_JWKS_NO_MATCHING_KEY';\n }\n}\nJWKSNoMatchingKey.code = 'ERR_JWKS_NO_MATCHING_KEY';\nexport class JWKSMultipleMatchingKeys extends JOSEError {\n constructor(message = 'multiple matching keys found in the JSON Web Key Set', options) {\n super(message, options);\n this.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS';\n }\n}\nSymbol.asyncIterator;\nJWKSMultipleMatchingKeys.code = 'ERR_JWKS_MULTIPLE_MATCHING_KEYS';\nexport class JWKSTimeout extends JOSEError {\n constructor(message = 'request timed out', options) {\n super(message, options);\n this.code = 'ERR_JWKS_TIMEOUT';\n }\n}\nJWKSTimeout.code = 'ERR_JWKS_TIMEOUT';\nexport class JWSSignatureVerificationFailed extends JOSEError {\n constructor(message = 'signature verification failed', options) {\n super(message, options);\n this.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED';\n }\n}\nJWSSignatureVerificationFailed.code = 'ERR_JWS_SIGNATURE_VERIFICATION_FAILED';\n","import { JOSENotSupported } from '../util/errors.js';\nexport default function subtleDsa(alg, algorithm) {\n const hash = `SHA-${alg.slice(-3)}`;\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512':\n return { hash, name: 'HMAC' };\n case 'PS256':\n case 'PS384':\n case 'PS512':\n return { hash, name: 'RSA-PSS', saltLength: alg.slice(-3) >> 3 };\n case 'RS256':\n case 'RS384':\n case 'RS512':\n return { hash, name: 'RSASSA-PKCS1-v1_5' };\n case 'ES256':\n case 'ES384':\n case 'ES512':\n return { hash, name: 'ECDSA', namedCurve: algorithm.namedCurve };\n case 'Ed25519':\n return { name: 'Ed25519' };\n case 'EdDSA':\n return { name: algorithm.name };\n default:\n throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);\n }\n}\n","export default (alg, key) => {\n if (alg.startsWith('RS') || alg.startsWith('PS')) {\n const { modulusLength } = key.algorithm;\n if (typeof modulusLength !== 'number' || modulusLength < 2048) {\n throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`);\n }\n }\n};\n","function unusable(name, prop = 'algorithm.name') {\n return new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);\n}\nfunction isAlgorithm(algorithm, name) {\n return algorithm.name === name;\n}\nfunction getHashLength(hash) {\n return parseInt(hash.name.slice(4), 10);\n}\nfunction getNamedCurve(alg) {\n switch (alg) {\n case 'ES256':\n return 'P-256';\n case 'ES384':\n return 'P-384';\n case 'ES512':\n return 'P-521';\n default:\n throw new Error('unreachable');\n }\n}\nfunction checkUsage(key, usages) {\n if (usages.length && !usages.some((expected) => key.usages.includes(expected))) {\n let msg = 'CryptoKey does not support this operation, its usages must include ';\n if (usages.length > 2) {\n const last = usages.pop();\n msg += `one of ${usages.join(', ')}, or ${last}.`;\n }\n else if (usages.length === 2) {\n msg += `one of ${usages[0]} or ${usages[1]}.`;\n }\n else {\n msg += `${usages[0]}.`;\n }\n throw new TypeError(msg);\n }\n}\nexport function checkSigCryptoKey(key, alg, ...usages) {\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512': {\n if (!isAlgorithm(key.algorithm, 'HMAC'))\n throw unusable('HMAC');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'RS256':\n case 'RS384':\n case 'RS512': {\n if (!isAlgorithm(key.algorithm, 'RSASSA-PKCS1-v1_5'))\n throw unusable('RSASSA-PKCS1-v1_5');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'PS256':\n case 'PS384':\n case 'PS512': {\n if (!isAlgorithm(key.algorithm, 'RSA-PSS'))\n throw unusable('RSA-PSS');\n const expected = parseInt(alg.slice(2), 10);\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n case 'EdDSA': {\n if (key.algorithm.name !== 'Ed25519' && key.algorithm.name !== 'Ed448') {\n throw unusable('Ed25519 or Ed448');\n }\n break;\n }\n case 'Ed25519': {\n if (!isAlgorithm(key.algorithm, 'Ed25519'))\n throw unusable('Ed25519');\n break;\n }\n case 'ES256':\n case 'ES384':\n case 'ES512': {\n if (!isAlgorithm(key.algorithm, 'ECDSA'))\n throw unusable('ECDSA');\n const expected = getNamedCurve(alg);\n const actual = key.algorithm.namedCurve;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.namedCurve');\n break;\n }\n default:\n throw new TypeError('CryptoKey does not support this operation');\n }\n checkUsage(key, usages);\n}\nexport function checkEncCryptoKey(key, alg, ...usages) {\n switch (alg) {\n case 'A128GCM':\n case 'A192GCM':\n case 'A256GCM': {\n if (!isAlgorithm(key.algorithm, 'AES-GCM'))\n throw unusable('AES-GCM');\n const expected = parseInt(alg.slice(1, 4), 10);\n const actual = key.algorithm.length;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.length');\n break;\n }\n case 'A128KW':\n case 'A192KW':\n case 'A256KW': {\n if (!isAlgorithm(key.algorithm, 'AES-KW'))\n throw unusable('AES-KW');\n const expected = parseInt(alg.slice(1, 4), 10);\n const actual = key.algorithm.length;\n if (actual !== expected)\n throw unusable(expected, 'algorithm.length');\n break;\n }\n case 'ECDH': {\n switch (key.algorithm.name) {\n case 'ECDH':\n case 'X25519':\n case 'X448':\n break;\n default:\n throw unusable('ECDH, X25519, or X448');\n }\n break;\n }\n case 'PBES2-HS256+A128KW':\n case 'PBES2-HS384+A192KW':\n case 'PBES2-HS512+A256KW':\n if (!isAlgorithm(key.algorithm, 'PBKDF2'))\n throw unusable('PBKDF2');\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512': {\n if (!isAlgorithm(key.algorithm, 'RSA-OAEP'))\n throw unusable('RSA-OAEP');\n const expected = parseInt(alg.slice(9), 10) || 1;\n const actual = getHashLength(key.algorithm.hash);\n if (actual !== expected)\n throw unusable(`SHA-${expected}`, 'algorithm.hash');\n break;\n }\n default:\n throw new TypeError('CryptoKey does not support this operation');\n }\n checkUsage(key, usages);\n}\n","function isObjectLike(value) {\n return typeof value === 'object' && value !== null;\n}\nexport default function isObject(input) {\n if (!isObjectLike(input) || Object.prototype.toString.call(input) !== '[object Object]') {\n return false;\n }\n if (Object.getPrototypeOf(input) === null) {\n return true;\n }\n let proto = input;\n while (Object.getPrototypeOf(proto) !== null) {\n proto = Object.getPrototypeOf(proto);\n }\n return Object.getPrototypeOf(input) === proto;\n}\n","import isObject from './is_object.js';\nexport function isJWK(key) {\n return isObject(key) && typeof key.kty === 'string';\n}\nexport function isPrivateJWK(key) {\n return key.kty !== 'oct' && typeof key.d === 'string';\n}\nexport function isPublicJWK(key) {\n return key.kty !== 'oct' && typeof key.d === 'undefined';\n}\nexport function isSecretJWK(key) {\n return isJWK(key) && key.kty === 'oct' && typeof key.k === 'string';\n}\n","import crypto from './webcrypto.js';\nimport { JOSENotSupported } from '../util/errors.js';\nfunction subtleMapping(jwk) {\n let algorithm;\n let keyUsages;\n switch (jwk.kty) {\n case 'RSA': {\n switch (jwk.alg) {\n case 'PS256':\n case 'PS384':\n case 'PS512':\n algorithm = { name: 'RSA-PSS', hash: `SHA-${jwk.alg.slice(-3)}` };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'RS256':\n case 'RS384':\n case 'RS512':\n algorithm = { name: 'RSASSA-PKCS1-v1_5', hash: `SHA-${jwk.alg.slice(-3)}` };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512':\n algorithm = {\n name: 'RSA-OAEP',\n hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`,\n };\n keyUsages = jwk.d ? ['decrypt', 'unwrapKey'] : ['encrypt', 'wrapKey'];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n case 'EC': {\n switch (jwk.alg) {\n case 'ES256':\n algorithm = { name: 'ECDSA', namedCurve: 'P-256' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ES384':\n algorithm = { name: 'ECDSA', namedCurve: 'P-384' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ES512':\n algorithm = { name: 'ECDSA', namedCurve: 'P-521' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW':\n algorithm = { name: 'ECDH', namedCurve: jwk.crv };\n keyUsages = jwk.d ? ['deriveBits'] : [];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n case 'OKP': {\n switch (jwk.alg) {\n case 'Ed25519':\n algorithm = { name: 'Ed25519' };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'EdDSA':\n algorithm = { name: jwk.crv };\n keyUsages = jwk.d ? ['sign'] : ['verify'];\n break;\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW':\n algorithm = { name: jwk.crv };\n keyUsages = jwk.d ? ['deriveBits'] : [];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n break;\n }\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"kty\" (Key Type) Parameter value');\n }\n return { algorithm, keyUsages };\n}\nconst parse = async (jwk) => {\n if (!jwk.alg) {\n throw new TypeError('\"alg\" argument is required when \"jwk.alg\" is not present');\n }\n const { algorithm, keyUsages } = subtleMapping(jwk);\n const rest = [\n algorithm,\n jwk.ext ?? false,\n jwk.key_ops ?? keyUsages,\n ];\n const keyData = { ...jwk };\n delete keyData.alg;\n delete keyData.use;\n return crypto.subtle.importKey('jwk', keyData, ...rest);\n};\nexport default parse;\n","import { isJWK } from '../lib/is_jwk.js';\nimport { decode } from './base64url.js';\nimport importJWK from './jwk_to_key.js';\nconst exportKeyValue = (k) => decode(k);\nlet privCache;\nlet pubCache;\nconst isKeyObject = (key) => {\n return key?.[Symbol.toStringTag] === 'KeyObject';\n};\nconst importAndCache = async (cache, key, jwk, alg, freeze = false) => {\n let cached = cache.get(key);\n if (cached?.[alg]) {\n return cached[alg];\n }\n const cryptoKey = await importJWK({ ...jwk, alg });\n if (freeze)\n Object.freeze(key);\n if (!cached) {\n cache.set(key, { [alg]: cryptoKey });\n }\n else {\n cached[alg] = cryptoKey;\n }\n return cryptoKey;\n};\nconst normalizePublicKey = (key, alg) => {\n if (isKeyObject(key)) {\n let jwk = key.export({ format: 'jwk' });\n delete jwk.d;\n delete jwk.dp;\n delete jwk.dq;\n delete jwk.p;\n delete jwk.q;\n delete jwk.qi;\n if (jwk.k) {\n return exportKeyValue(jwk.k);\n }\n pubCache || (pubCache = new WeakMap());\n return importAndCache(pubCache, key, jwk, alg);\n }\n if (isJWK(key)) {\n if (key.k)\n return decode(key.k);\n pubCache || (pubCache = new WeakMap());\n const cryptoKey = importAndCache(pubCache, key, key, alg, true);\n return cryptoKey;\n }\n return key;\n};\nconst normalizePrivateKey = (key, alg) => {\n if (isKeyObject(key)) {\n let jwk = key.export({ format: 'jwk' });\n if (jwk.k) {\n return exportKeyValue(jwk.k);\n }\n privCache || (privCache = new WeakMap());\n return importAndCache(privCache, key, jwk, alg);\n }\n if (isJWK(key)) {\n if (key.k)\n return decode(key.k);\n privCache || (privCache = new WeakMap());\n const cryptoKey = importAndCache(privCache, key, key, alg, true);\n return cryptoKey;\n }\n return key;\n};\nexport default { normalizePublicKey, normalizePrivateKey };\n","import crypto, { isCryptoKey } from './webcrypto.js';\nimport { checkSigCryptoKey } from '../lib/crypto_key.js';\nimport invalidKeyInput from '../lib/invalid_key_input.js';\nimport { types } from './is_key_like.js';\nimport normalize from './normalize_key.js';\nexport default async function getCryptoKey(alg, key, usage) {\n if (usage === 'sign') {\n key = await normalize.normalizePrivateKey(key, alg);\n }\n if (usage === 'verify') {\n key = await normalize.normalizePublicKey(key, alg);\n }\n if (isCryptoKey(key)) {\n checkSigCryptoKey(key, alg, usage);\n return key;\n }\n if (key instanceof Uint8Array) {\n if (!alg.startsWith('HS')) {\n throw new TypeError(invalidKeyInput(key, ...types));\n }\n return crypto.subtle.importKey('raw', key, { hash: `SHA-${alg.slice(-3)}`, name: 'HMAC' }, false, [usage]);\n }\n throw new TypeError(invalidKeyInput(key, ...types, 'Uint8Array', 'JSON Web Key'));\n}\n","import subtleAlgorithm from './subtle_dsa.js';\nimport crypto from './webcrypto.js';\nimport checkKeyLength from './check_key_length.js';\nimport getSignKey from './get_sign_verify_key.js';\nconst sign = async (alg, key, data) => {\n const cryptoKey = await getSignKey(alg, key, 'sign');\n checkKeyLength(alg, cryptoKey);\n const signature = await crypto.subtle.sign(subtleAlgorithm(alg, cryptoKey.algorithm), cryptoKey, data);\n return new Uint8Array(signature);\n};\nexport default sign;\n","const isDisjoint = (...headers) => {\n const sources = headers.filter(Boolean);\n if (sources.length === 0 || sources.length === 1) {\n return true;\n }\n let acc;\n for (const header of sources) {\n const parameters = Object.keys(header);\n if (!acc || acc.size === 0) {\n acc = new Set(parameters);\n continue;\n }\n for (const parameter of parameters) {\n if (acc.has(parameter)) {\n return false;\n }\n acc.add(parameter);\n }\n }\n return true;\n};\nexport default isDisjoint;\n","import { withAlg as invalidKeyInput } from './invalid_key_input.js';\nimport isKeyLike, { types } from '../runtime/is_key_like.js';\nimport * as jwk from './is_jwk.js';\nconst tag = (key) => key?.[Symbol.toStringTag];\nconst jwkMatchesOp = (alg, key, usage) => {\n if (key.use !== undefined && key.use !== 'sig') {\n throw new TypeError('Invalid key for this operation, when present its use must be sig');\n }\n if (key.key_ops !== undefined && key.key_ops.includes?.(usage) !== true) {\n throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${usage}`);\n }\n if (key.alg !== undefined && key.alg !== alg) {\n throw new TypeError(`Invalid key for this operation, when present its alg must be ${alg}`);\n }\n return true;\n};\nconst symmetricTypeCheck = (alg, key, usage, allowJwk) => {\n if (key instanceof Uint8Array)\n return;\n if (allowJwk && jwk.isJWK(key)) {\n if (jwk.isSecretJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK \"kty\" (Key Type) equal to \"oct\" and the JWK \"k\" (Key Value) present`);\n }\n if (!isKeyLike(key)) {\n throw new TypeError(invalidKeyInput(alg, key, ...types, 'Uint8Array', allowJwk ? 'JSON Web Key' : null));\n }\n if (key.type !== 'secret') {\n throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type \"secret\"`);\n }\n};\nconst asymmetricTypeCheck = (alg, key, usage, allowJwk) => {\n if (allowJwk && jwk.isJWK(key)) {\n switch (usage) {\n case 'sign':\n if (jwk.isPrivateJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for this operation be a private JWK`);\n case 'verify':\n if (jwk.isPublicJWK(key) && jwkMatchesOp(alg, key, usage))\n return;\n throw new TypeError(`JSON Web Key for this operation be a public JWK`);\n }\n }\n if (!isKeyLike(key)) {\n throw new TypeError(invalidKeyInput(alg, key, ...types, allowJwk ? 'JSON Web Key' : null));\n }\n if (key.type === 'secret') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type \"secret\"`);\n }\n if (usage === 'sign' && key.type === 'public') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type \"private\"`);\n }\n if (usage === 'decrypt' && key.type === 'public') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type \"private\"`);\n }\n if (key.algorithm && usage === 'verify' && key.type === 'private') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type \"public\"`);\n }\n if (key.algorithm && usage === 'encrypt' && key.type === 'private') {\n throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type \"public\"`);\n }\n};\nfunction checkKeyType(allowJwk, alg, key, usage) {\n const symmetric = alg.startsWith('HS') ||\n alg === 'dir' ||\n alg.startsWith('PBES2') ||\n /^A\\d{3}(?:GCM)?KW$/.test(alg);\n if (symmetric) {\n symmetricTypeCheck(alg, key, usage, allowJwk);\n }\n else {\n asymmetricTypeCheck(alg, key, usage, allowJwk);\n }\n}\nexport default checkKeyType.bind(undefined, false);\nexport const checkKeyTypeWithJwk = checkKeyType.bind(undefined, true);\n","import { JOSENotSupported } from '../util/errors.js';\nfunction validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) {\n if (joseHeader.crit !== undefined && protectedHeader?.crit === undefined) {\n throw new Err('\"crit\" (Critical) Header Parameter MUST be integrity protected');\n }\n if (!protectedHeader || protectedHeader.crit === undefined) {\n return new Set();\n }\n if (!Array.isArray(protectedHeader.crit) ||\n protectedHeader.crit.length === 0 ||\n protectedHeader.crit.some((input) => typeof input !== 'string' || input.length === 0)) {\n throw new Err('\"crit\" (Critical) Header Parameter MUST be an array of non-empty strings when present');\n }\n let recognized;\n if (recognizedOption !== undefined) {\n recognized = new Map([...Object.entries(recognizedOption), ...recognizedDefault.entries()]);\n }\n else {\n recognized = recognizedDefault;\n }\n for (const parameter of protectedHeader.crit) {\n if (!recognized.has(parameter)) {\n throw new JOSENotSupported(`Extension Header Parameter \"${parameter}\" is not recognized`);\n }\n if (joseHeader[parameter] === undefined) {\n throw new Err(`Extension Header Parameter \"${parameter}\" is missing`);\n }\n if (recognized.get(parameter) && protectedHeader[parameter] === undefined) {\n throw new Err(`Extension Header Parameter \"${parameter}\" MUST be integrity protected`);\n }\n }\n return new Set(protectedHeader.crit);\n}\nexport default validateCrit;\n","import { encode as base64url } from '../../runtime/base64url.js';\nimport sign from '../../runtime/sign.js';\nimport isDisjoint from '../../lib/is_disjoint.js';\nimport { JWSInvalid } from '../../util/errors.js';\nimport { encoder, decoder, concat } from '../../lib/buffer_utils.js';\nimport { checkKeyTypeWithJwk } from '../../lib/check_key_type.js';\nimport validateCrit from '../../lib/validate_crit.js';\nexport class FlattenedSign {\n constructor(payload) {\n if (!(payload instanceof Uint8Array)) {\n throw new TypeError('payload must be an instance of Uint8Array');\n }\n this._payload = payload;\n }\n setProtectedHeader(protectedHeader) {\n if (this._protectedHeader) {\n throw new TypeError('setProtectedHeader can only be called once');\n }\n this._protectedHeader = protectedHeader;\n return this;\n }\n setUnprotectedHeader(unprotectedHeader) {\n if (this._unprotectedHeader) {\n throw new TypeError('setUnprotectedHeader can only be called once');\n }\n this._unprotectedHeader = unprotectedHeader;\n return this;\n }\n async sign(key, options) {\n if (!this._protectedHeader && !this._unprotectedHeader) {\n throw new JWSInvalid('either setProtectedHeader or setUnprotectedHeader must be called before #sign()');\n }\n if (!isDisjoint(this._protectedHeader, this._unprotectedHeader)) {\n throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');\n }\n const joseHeader = {\n ...this._protectedHeader,\n ...this._unprotectedHeader,\n };\n const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, this._protectedHeader, joseHeader);\n let b64 = true;\n if (extensions.has('b64')) {\n b64 = this._protectedHeader.b64;\n if (typeof b64 !== 'boolean') {\n throw new JWSInvalid('The \"b64\" (base64url-encode payload) Header Parameter must be a boolean');\n }\n }\n const { alg } = joseHeader;\n if (typeof alg !== 'string' || !alg) {\n throw new JWSInvalid('JWS \"alg\" (Algorithm) Header Parameter missing or invalid');\n }\n checkKeyTypeWithJwk(alg, key, 'sign');\n let payload = this._payload;\n if (b64) {\n payload = encoder.encode(base64url(payload));\n }\n let protectedHeader;\n if (this._protectedHeader) {\n protectedHeader = encoder.encode(base64url(JSON.stringify(this._protectedHeader)));\n }\n else {\n protectedHeader = encoder.encode('');\n }\n const data = concat(protectedHeader, encoder.encode('.'), payload);\n const signature = await sign(alg, key, data);\n const jws = {\n signature: base64url(signature),\n payload: '',\n };\n if (b64) {\n jws.payload = decoder.decode(payload);\n }\n if (this._unprotectedHeader) {\n jws.header = this._unprotectedHeader;\n }\n if (this._protectedHeader) {\n jws.protected = decoder.decode(protectedHeader);\n }\n return jws;\n }\n}\n","import { FlattenedSign } from '../flattened/sign.js';\nexport class CompactSign {\n constructor(payload) {\n this._flattened = new FlattenedSign(payload);\n }\n setProtectedHeader(protectedHeader) {\n this._flattened.setProtectedHeader(protectedHeader);\n return this;\n }\n async sign(key, options) {\n const jws = await this._flattened.sign(key, options);\n if (jws.payload === undefined) {\n throw new TypeError('use the flattened module for creating JWS with b64: false');\n }\n return `${jws.protected}.${jws.payload}.${jws.signature}`;\n }\n}\n","export default (date) => Math.floor(date.getTime() / 1000);\n","const minute = 60;\nconst hour = minute * 60;\nconst day = hour * 24;\nconst week = day * 7;\nconst year = day * 365.25;\nconst REGEX = /^(\\+|\\-)? ?(\\d+|\\d+\\.\\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;\nexport default (str) => {\n const matched = REGEX.exec(str);\n if (!matched || (matched[4] && matched[1])) {\n throw new TypeError('Invalid time period format');\n }\n const value = parseFloat(matched[2]);\n const unit = matched[3].toLowerCase();\n let numericDate;\n switch (unit) {\n case 'sec':\n case 'secs':\n case 'second':\n case 'seconds':\n case 's':\n numericDate = Math.round(value);\n break;\n case 'minute':\n case 'minutes':\n case 'min':\n case 'mins':\n case 'm':\n numericDate = Math.round(value * minute);\n break;\n case 'hour':\n case 'hours':\n case 'hr':\n case 'hrs':\n case 'h':\n numericDate = Math.round(value * hour);\n break;\n case 'day':\n case 'days':\n case 'd':\n numericDate = Math.round(value * day);\n break;\n case 'week':\n case 'weeks':\n case 'w':\n numericDate = Math.round(value * week);\n break;\n default:\n numericDate = Math.round(value * year);\n break;\n }\n if (matched[1] === '-' || matched[4] === 'ago') {\n return -numericDate;\n }\n return numericDate;\n};\n","import epoch from '../lib/epoch.js';\nimport isObject from '../lib/is_object.js';\nimport secs from '../lib/secs.js';\nfunction validateInput(label, input) {\n if (!Number.isFinite(input)) {\n throw new TypeError(`Invalid ${label} input`);\n }\n return input;\n}\nexport class ProduceJWT {\n constructor(payload = {}) {\n if (!isObject(payload)) {\n throw new TypeError('JWT Claims Set MUST be an object');\n }\n this._payload = payload;\n }\n setIssuer(issuer) {\n this._payload = { ...this._payload, iss: issuer };\n return this;\n }\n setSubject(subject) {\n this._payload = { ...this._payload, sub: subject };\n return this;\n }\n setAudience(audience) {\n this._payload = { ...this._payload, aud: audience };\n return this;\n }\n setJti(jwtId) {\n this._payload = { ...this._payload, jti: jwtId };\n return this;\n }\n setNotBefore(input) {\n if (typeof input === 'number') {\n this._payload = { ...this._payload, nbf: validateInput('setNotBefore', input) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, nbf: validateInput('setNotBefore', epoch(input)) };\n }\n else {\n this._payload = { ...this._payload, nbf: epoch(new Date()) + secs(input) };\n }\n return this;\n }\n setExpirationTime(input) {\n if (typeof input === 'number') {\n this._payload = { ...this._payload, exp: validateInput('setExpirationTime', input) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, exp: validateInput('setExpirationTime', epoch(input)) };\n }\n else {\n this._payload = { ...this._payload, exp: epoch(new Date()) + secs(input) };\n }\n return this;\n }\n setIssuedAt(input) {\n if (typeof input === 'undefined') {\n this._payload = { ...this._payload, iat: epoch(new Date()) };\n }\n else if (input instanceof Date) {\n this._payload = { ...this._payload, iat: validateInput('setIssuedAt', epoch(input)) };\n }\n else if (typeof input === 'string') {\n this._payload = {\n ...this._payload,\n iat: validateInput('setIssuedAt', epoch(new Date()) + secs(input)),\n };\n }\n else {\n this._payload = { ...this._payload, iat: validateInput('setIssuedAt', input) };\n }\n return this;\n }\n}\n","import { CompactSign } from '../jws/compact/sign.js';\nimport { JWTInvalid } from '../util/errors.js';\nimport { encoder } from '../lib/buffer_utils.js';\nimport { ProduceJWT } from './produce.js';\nexport class SignJWT extends ProduceJWT {\n setProtectedHeader(protectedHeader) {\n this._protectedHeader = protectedHeader;\n return this;\n }\n async sign(key, options) {\n const sig = new CompactSign(encoder.encode(JSON.stringify(this._payload)));\n sig.setProtectedHeader(this._protectedHeader);\n if (Array.isArray(this._protectedHeader?.crit) &&\n this._protectedHeader.crit.includes('b64') &&\n this._protectedHeader.b64 === false) {\n throw new JWTInvalid('JWTs MUST NOT use unencoded payload');\n }\n return sig.sign(key, options);\n }\n}\n","import { JOSEError, JWKSTimeout } from '../util/errors.js';\nconst fetchJwks = async (url, timeout, options) => {\n let controller;\n let id;\n let timedOut = false;\n if (typeof AbortController === 'function') {\n controller = new AbortController();\n id = setTimeout(() => {\n timedOut = true;\n controller.abort();\n }, timeout);\n }\n const response = await fetch(url.href, {\n signal: controller ? controller.signal : undefined,\n redirect: 'manual',\n headers: options.headers,\n }).catch((err) => {\n if (timedOut)\n throw new JWKSTimeout();\n throw err;\n });\n if (id !== undefined)\n clearTimeout(id);\n if (response.status !== 200) {\n throw new JOSEError('Expected 200 OK from the JSON Web Key Set HTTP response');\n }\n try {\n return await response.json();\n }\n catch {\n throw new JOSEError('Failed to parse the JSON Web Key Set HTTP response as JSON');\n }\n};\nexport default fetchJwks;\n","import { decode as decodeBase64URL } from '../runtime/base64url.js';\nimport { fromSPKI, fromPKCS8, fromX509 } from '../runtime/asn1.js';\nimport asKeyObject from '../runtime/jwk_to_key.js';\nimport { JOSENotSupported } from '../util/errors.js';\nimport isObject from '../lib/is_object.js';\nexport async function importSPKI(spki, alg, options) {\n if (typeof spki !== 'string' || spki.indexOf('-----BEGIN PUBLIC KEY-----') !== 0) {\n throw new TypeError('\"spki\" must be SPKI formatted string');\n }\n return fromSPKI(spki, alg, options);\n}\nexport async function importX509(x509, alg, options) {\n if (typeof x509 !== 'string' || x509.indexOf('-----BEGIN CERTIFICATE-----') !== 0) {\n throw new TypeError('\"x509\" must be X.509 formatted string');\n }\n return fromX509(x509, alg, options);\n}\nexport async function importPKCS8(pkcs8, alg, options) {\n if (typeof pkcs8 !== 'string' || pkcs8.indexOf('-----BEGIN PRIVATE KEY-----') !== 0) {\n throw new TypeError('\"pkcs8\" must be PKCS#8 formatted string');\n }\n return fromPKCS8(pkcs8, alg, options);\n}\nexport async function importJWK(jwk, alg) {\n if (!isObject(jwk)) {\n throw new TypeError('JWK must be an object');\n }\n alg || (alg = jwk.alg);\n switch (jwk.kty) {\n case 'oct':\n if (typeof jwk.k !== 'string' || !jwk.k) {\n throw new TypeError('missing \"k\" (Key Value) Parameter value');\n }\n return decodeBase64URL(jwk.k);\n case 'RSA':\n if ('oth' in jwk && jwk.oth !== undefined) {\n throw new JOSENotSupported('RSA JWK \"oth\" (Other Primes Info) Parameter value is not supported');\n }\n case 'EC':\n case 'OKP':\n return asKeyObject({ ...jwk, alg });\n default:\n throw new JOSENotSupported('Unsupported \"kty\" (Key Type) Parameter value');\n }\n}\n","import { importJWK } from '../key/import.js';\nimport { JWKSInvalid, JOSENotSupported, JWKSNoMatchingKey, JWKSMultipleMatchingKeys, } from '../util/errors.js';\nimport isObject from '../lib/is_object.js';\nfunction getKtyFromAlg(alg) {\n switch (typeof alg === 'string' && alg.slice(0, 2)) {\n case 'RS':\n case 'PS':\n return 'RSA';\n case 'ES':\n return 'EC';\n case 'Ed':\n return 'OKP';\n default:\n throw new JOSENotSupported('Unsupported \"alg\" value for a JSON Web Key Set');\n }\n}\nfunction isJWKSLike(jwks) {\n return (jwks &&\n typeof jwks === 'object' &&\n Array.isArray(jwks.keys) &&\n jwks.keys.every(isJWKLike));\n}\nfunction isJWKLike(key) {\n return isObject(key);\n}\nfunction clone(obj) {\n if (typeof structuredClone === 'function') {\n return structuredClone(obj);\n }\n return JSON.parse(JSON.stringify(obj));\n}\nclass LocalJWKSet {\n constructor(jwks) {\n this._cached = new WeakMap();\n if (!isJWKSLike(jwks)) {\n throw new JWKSInvalid('JSON Web Key Set malformed');\n }\n this._jwks = clone(jwks);\n }\n async getKey(protectedHeader, token) {\n const { alg, kid } = { ...protectedHeader, ...token?.header };\n const kty = getKtyFromAlg(alg);\n const candidates = this._jwks.keys.filter((jwk) => {\n let candidate = kty === jwk.kty;\n if (candidate && typeof kid === 'string') {\n candidate = kid === jwk.kid;\n }\n if (candidate && typeof jwk.alg === 'string') {\n candidate = alg === jwk.alg;\n }\n if (candidate && typeof jwk.use === 'string') {\n candidate = jwk.use === 'sig';\n }\n if (candidate && Array.isArray(jwk.key_ops)) {\n candidate = jwk.key_ops.includes('verify');\n }\n if (candidate) {\n switch (alg) {\n case 'ES256':\n candidate = jwk.crv === 'P-256';\n break;\n case 'ES256K':\n candidate = jwk.crv === 'secp256k1';\n break;\n case 'ES384':\n candidate = jwk.crv === 'P-384';\n break;\n case 'ES512':\n candidate = jwk.crv === 'P-521';\n break;\n case 'Ed25519':\n candidate = jwk.crv === 'Ed25519';\n break;\n case 'EdDSA':\n candidate = jwk.crv === 'Ed25519' || jwk.crv === 'Ed448';\n break;\n }\n }\n return candidate;\n });\n const { 0: jwk, length } = candidates;\n if (length === 0) {\n throw new JWKSNoMatchingKey();\n }\n if (length !== 1) {\n const error = new JWKSMultipleMatchingKeys();\n const { _cached } = this;\n error[Symbol.asyncIterator] = async function* () {\n for (const jwk of candidates) {\n try {\n yield await importWithAlgCache(_cached, jwk, alg);\n }\n catch { }\n }\n };\n throw error;\n }\n return importWithAlgCache(this._cached, jwk, alg);\n }\n}\nasync function importWithAlgCache(cache, jwk, alg) {\n const cached = cache.get(jwk) || cache.set(jwk, {}).get(jwk);\n if (cached[alg] === undefined) {\n const key = await importJWK({ ...jwk, ext: true }, alg);\n if (key instanceof Uint8Array || key.type !== 'public') {\n throw new JWKSInvalid('JSON Web Key Set members must be public keys');\n }\n cached[alg] = key;\n }\n return cached[alg];\n}\nexport function createLocalJWKSet(jwks) {\n const set = new LocalJWKSet(jwks);\n const localJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);\n Object.defineProperties(localJWKSet, {\n jwks: {\n value: () => clone(set._jwks),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n });\n return localJWKSet;\n}\n","import fetchJwks from '../runtime/fetch_jwks.js';\nimport { JWKSNoMatchingKey } from '../util/errors.js';\nimport { createLocalJWKSet } from './local.js';\nimport isObject from '../lib/is_object.js';\nfunction isCloudflareWorkers() {\n return (typeof WebSocketPair !== 'undefined' ||\n (typeof navigator !== 'undefined' && navigator.userAgent === 'Cloudflare-Workers') ||\n (typeof EdgeRuntime !== 'undefined' && EdgeRuntime === 'vercel'));\n}\nlet USER_AGENT;\nif (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) {\n const NAME = 'jose';\n const VERSION = 'v5.10.0';\n USER_AGENT = `${NAME}/${VERSION}`;\n}\nexport const jwksCache = Symbol();\nfunction isFreshJwksCache(input, cacheMaxAge) {\n if (typeof input !== 'object' || input === null) {\n return false;\n }\n if (!('uat' in input) || typeof input.uat !== 'number' || Date.now() - input.uat >= cacheMaxAge) {\n return false;\n }\n if (!('jwks' in input) ||\n !isObject(input.jwks) ||\n !Array.isArray(input.jwks.keys) ||\n !Array.prototype.every.call(input.jwks.keys, isObject)) {\n return false;\n }\n return true;\n}\nclass RemoteJWKSet {\n constructor(url, options) {\n if (!(url instanceof URL)) {\n throw new TypeError('url must be an instance of URL');\n }\n this._url = new URL(url.href);\n this._options = { agent: options?.agent, headers: options?.headers };\n this._timeoutDuration =\n typeof options?.timeoutDuration === 'number' ? options?.timeoutDuration : 5000;\n this._cooldownDuration =\n typeof options?.cooldownDuration === 'number' ? options?.cooldownDuration : 30000;\n this._cacheMaxAge = typeof options?.cacheMaxAge === 'number' ? options?.cacheMaxAge : 600000;\n if (options?.[jwksCache] !== undefined) {\n this._cache = options?.[jwksCache];\n if (isFreshJwksCache(options?.[jwksCache], this._cacheMaxAge)) {\n this._jwksTimestamp = this._cache.uat;\n this._local = createLocalJWKSet(this._cache.jwks);\n }\n }\n }\n coolingDown() {\n return typeof this._jwksTimestamp === 'number'\n ? Date.now() < this._jwksTimestamp + this._cooldownDuration\n : false;\n }\n fresh() {\n return typeof this._jwksTimestamp === 'number'\n ? Date.now() < this._jwksTimestamp + this._cacheMaxAge\n : false;\n }\n async getKey(protectedHeader, token) {\n if (!this._local || !this.fresh()) {\n await this.reload();\n }\n try {\n return await this._local(protectedHeader, token);\n }\n catch (err) {\n if (err instanceof JWKSNoMatchingKey) {\n if (this.coolingDown() === false) {\n await this.reload();\n return this._local(protectedHeader, token);\n }\n }\n throw err;\n }\n }\n async reload() {\n if (this._pendingFetch && isCloudflareWorkers()) {\n this._pendingFetch = undefined;\n }\n const headers = new Headers(this._options.headers);\n if (USER_AGENT && !headers.has('User-Agent')) {\n headers.set('User-Agent', USER_AGENT);\n this._options.headers = Object.fromEntries(headers.entries());\n }\n this._pendingFetch || (this._pendingFetch = fetchJwks(this._url, this._timeoutDuration, this._options)\n .then((json) => {\n this._local = createLocalJWKSet(json);\n if (this._cache) {\n this._cache.uat = Date.now();\n this._cache.jwks = json;\n }\n this._jwksTimestamp = Date.now();\n this._pendingFetch = undefined;\n })\n .catch((err) => {\n this._pendingFetch = undefined;\n throw err;\n }));\n await this._pendingFetch;\n }\n}\nexport function createRemoteJWKSet(url, options) {\n const set = new RemoteJWKSet(url, options);\n const remoteJWKSet = async (protectedHeader, token) => set.getKey(protectedHeader, token);\n Object.defineProperties(remoteJWKSet, {\n coolingDown: {\n get: () => set.coolingDown(),\n enumerable: true,\n configurable: false,\n },\n fresh: {\n get: () => set.fresh(),\n enumerable: true,\n configurable: false,\n },\n reload: {\n value: () => set.reload(),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n reloading: {\n get: () => !!set._pendingFetch,\n enumerable: true,\n configurable: false,\n },\n jwks: {\n value: () => set._local?.jwks(),\n enumerable: true,\n configurable: false,\n writable: false,\n },\n });\n return remoteJWKSet;\n}\nexport const experimental_jwksCache = jwksCache;\n","import subtleAlgorithm from './subtle_dsa.js';\nimport crypto from './webcrypto.js';\nimport checkKeyLength from './check_key_length.js';\nimport getVerifyKey from './get_sign_verify_key.js';\nconst verify = async (alg, key, signature, data) => {\n const cryptoKey = await getVerifyKey(alg, key, 'verify');\n checkKeyLength(alg, cryptoKey);\n const algorithm = subtleAlgorithm(alg, cryptoKey.algorithm);\n try {\n return await crypto.subtle.verify(algorithm, cryptoKey, signature, data);\n }\n catch {\n return false;\n }\n};\nexport default verify;\n","const validateAlgorithms = (option, algorithms) => {\n if (algorithms !== undefined &&\n (!Array.isArray(algorithms) || algorithms.some((s) => typeof s !== 'string'))) {\n throw new TypeError(`\"${option}\" option must be an array of strings`);\n }\n if (!algorithms) {\n return undefined;\n }\n return new Set(algorithms);\n};\nexport default validateAlgorithms;\n","import { flattenedVerify } from '../flattened/verify.js';\nimport { JWSInvalid } from '../../util/errors.js';\nimport { decoder } from '../../lib/buffer_utils.js';\nexport async function compactVerify(jws, key, options) {\n if (jws instanceof Uint8Array) {\n jws = decoder.decode(jws);\n }\n if (typeof jws !== 'string') {\n throw new JWSInvalid('Compact JWS must be a string or Uint8Array');\n }\n const { 0: protectedHeader, 1: payload, 2: signature, length } = jws.split('.');\n if (length !== 3) {\n throw new JWSInvalid('Invalid Compact JWS');\n }\n const verified = await flattenedVerify({ payload, protected: protectedHeader, signature }, key, options);\n const result = { payload: verified.payload, protectedHeader: verified.protectedHeader };\n if (typeof key === 'function') {\n return { ...result, key: verified.key };\n }\n return result;\n}\n","import { decode as base64url } from '../../runtime/base64url.js';\nimport verify from '../../runtime/verify.js';\nimport { JOSEAlgNotAllowed, JWSInvalid, JWSSignatureVerificationFailed } from '../../util/errors.js';\nimport { concat, encoder, decoder } from '../../lib/buffer_utils.js';\nimport isDisjoint from '../../lib/is_disjoint.js';\nimport isObject from '../../lib/is_object.js';\nimport { checkKeyTypeWithJwk } from '../../lib/check_key_type.js';\nimport validateCrit from '../../lib/validate_crit.js';\nimport validateAlgorithms from '../../lib/validate_algorithms.js';\nimport { isJWK } from '../../lib/is_jwk.js';\nimport { importJWK } from '../../key/import.js';\nexport async function flattenedVerify(jws, key, options) {\n if (!isObject(jws)) {\n throw new JWSInvalid('Flattened JWS must be an object');\n }\n if (jws.protected === undefined && jws.header === undefined) {\n throw new JWSInvalid('Flattened JWS must have either of the \"protected\" or \"header\" members');\n }\n if (jws.protected !== undefined && typeof jws.protected !== 'string') {\n throw new JWSInvalid('JWS Protected Header incorrect type');\n }\n if (jws.payload === undefined) {\n throw new JWSInvalid('JWS Payload missing');\n }\n if (typeof jws.signature !== 'string') {\n throw new JWSInvalid('JWS Signature missing or incorrect type');\n }\n if (jws.header !== undefined && !isObject(jws.header)) {\n throw new JWSInvalid('JWS Unprotected Header incorrect type');\n }\n let parsedProt = {};\n if (jws.protected) {\n try {\n const protectedHeader = base64url(jws.protected);\n parsedProt = JSON.parse(decoder.decode(protectedHeader));\n }\n catch {\n throw new JWSInvalid('JWS Protected Header is invalid');\n }\n }\n if (!isDisjoint(parsedProt, jws.header)) {\n throw new JWSInvalid('JWS Protected and JWS Unprotected Header Parameter names must be disjoint');\n }\n const joseHeader = {\n ...parsedProt,\n ...jws.header,\n };\n const extensions = validateCrit(JWSInvalid, new Map([['b64', true]]), options?.crit, parsedProt, joseHeader);\n let b64 = true;\n if (extensions.has('b64')) {\n b64 = parsedProt.b64;\n if (typeof b64 !== 'boolean') {\n throw new JWSInvalid('The \"b64\" (base64url-encode payload) Header Parameter must be a boolean');\n }\n }\n const { alg } = joseHeader;\n if (typeof alg !== 'string' || !alg) {\n throw new JWSInvalid('JWS \"alg\" (Algorithm) Header Parameter missing or invalid');\n }\n const algorithms = options && validateAlgorithms('algorithms', options.algorithms);\n if (algorithms && !algorithms.has(alg)) {\n throw new JOSEAlgNotAllowed('\"alg\" (Algorithm) Header Parameter value not allowed');\n }\n if (b64) {\n if (typeof jws.payload !== 'string') {\n throw new JWSInvalid('JWS Payload must be a string');\n }\n }\n else if (typeof jws.payload !== 'string' && !(jws.payload instanceof Uint8Array)) {\n throw new JWSInvalid('JWS Payload must be a string or an Uint8Array instance');\n }\n let resolvedKey = false;\n if (typeof key === 'function') {\n key = await key(parsedProt, jws);\n resolvedKey = true;\n checkKeyTypeWithJwk(alg, key, 'verify');\n if (isJWK(key)) {\n key = await importJWK(key, alg);\n }\n }\n else {\n checkKeyTypeWithJwk(alg, key, 'verify');\n }\n const data = concat(encoder.encode(jws.protected ?? ''), encoder.encode('.'), typeof jws.payload === 'string' ? encoder.encode(jws.payload) : jws.payload);\n let signature;\n try {\n signature = base64url(jws.signature);\n }\n catch {\n throw new JWSInvalid('Failed to base64url decode the signature');\n }\n const verified = await verify(alg, key, signature, data);\n if (!verified) {\n throw new JWSSignatureVerificationFailed();\n }\n let payload;\n if (b64) {\n try {\n payload = base64url(jws.payload);\n }\n catch {\n throw new JWSInvalid('Failed to base64url decode the payload');\n }\n }\n else if (typeof jws.payload === 'string') {\n payload = encoder.encode(jws.payload);\n }\n else {\n payload = jws.payload;\n }\n const result = { payload };\n if (jws.protected !== undefined) {\n result.protectedHeader = parsedProt;\n }\n if (jws.header !== undefined) {\n result.unprotectedHeader = jws.header;\n }\n if (resolvedKey) {\n return { ...result, key };\n }\n return result;\n}\n","import { JWTClaimValidationFailed, JWTExpired, JWTInvalid } from '../util/errors.js';\nimport { decoder } from './buffer_utils.js';\nimport epoch from './epoch.js';\nimport secs from './secs.js';\nimport isObject from './is_object.js';\nconst normalizeTyp = (value) => value.toLowerCase().replace(/^application\\//, '');\nconst checkAudiencePresence = (audPayload, audOption) => {\n if (typeof audPayload === 'string') {\n return audOption.includes(audPayload);\n }\n if (Array.isArray(audPayload)) {\n return audOption.some(Set.prototype.has.bind(new Set(audPayload)));\n }\n return false;\n};\nexport default (protectedHeader, encodedPayload, options = {}) => {\n let payload;\n try {\n payload = JSON.parse(decoder.decode(encodedPayload));\n }\n catch {\n }\n if (!isObject(payload)) {\n throw new JWTInvalid('JWT Claims Set must be a top-level JSON object');\n }\n const { typ } = options;\n if (typ &&\n (typeof protectedHeader.typ !== 'string' ||\n normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) {\n throw new JWTClaimValidationFailed('unexpected \"typ\" JWT header value', payload, 'typ', 'check_failed');\n }\n const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options;\n const presenceCheck = [...requiredClaims];\n if (maxTokenAge !== undefined)\n presenceCheck.push('iat');\n if (audience !== undefined)\n presenceCheck.push('aud');\n if (subject !== undefined)\n presenceCheck.push('sub');\n if (issuer !== undefined)\n presenceCheck.push('iss');\n for (const claim of new Set(presenceCheck.reverse())) {\n if (!(claim in payload)) {\n throw new JWTClaimValidationFailed(`missing required \"${claim}\" claim`, payload, claim, 'missing');\n }\n }\n if (issuer &&\n !(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) {\n throw new JWTClaimValidationFailed('unexpected \"iss\" claim value', payload, 'iss', 'check_failed');\n }\n if (subject && payload.sub !== subject) {\n throw new JWTClaimValidationFailed('unexpected \"sub\" claim value', payload, 'sub', 'check_failed');\n }\n if (audience &&\n !checkAudiencePresence(payload.aud, typeof audience === 'string' ? [audience] : audience)) {\n throw new JWTClaimValidationFailed('unexpected \"aud\" claim value', payload, 'aud', 'check_failed');\n }\n let tolerance;\n switch (typeof options.clockTolerance) {\n case 'string':\n tolerance = secs(options.clockTolerance);\n break;\n case 'number':\n tolerance = options.clockTolerance;\n break;\n case 'undefined':\n tolerance = 0;\n break;\n default:\n throw new TypeError('Invalid clockTolerance option type');\n }\n const { currentDate } = options;\n const now = epoch(currentDate || new Date());\n if ((payload.iat !== undefined || maxTokenAge) && typeof payload.iat !== 'number') {\n throw new JWTClaimValidationFailed('\"iat\" claim must be a number', payload, 'iat', 'invalid');\n }\n if (payload.nbf !== undefined) {\n if (typeof payload.nbf !== 'number') {\n throw new JWTClaimValidationFailed('\"nbf\" claim must be a number', payload, 'nbf', 'invalid');\n }\n if (payload.nbf > now + tolerance) {\n throw new JWTClaimValidationFailed('\"nbf\" claim timestamp check failed', payload, 'nbf', 'check_failed');\n }\n }\n if (payload.exp !== undefined) {\n if (typeof payload.exp !== 'number') {\n throw new JWTClaimValidationFailed('\"exp\" claim must be a number', payload, 'exp', 'invalid');\n }\n if (payload.exp <= now - tolerance) {\n throw new JWTExpired('\"exp\" claim timestamp check failed', payload, 'exp', 'check_failed');\n }\n }\n if (maxTokenAge) {\n const age = now - payload.iat;\n const max = typeof maxTokenAge === 'number' ? maxTokenAge : secs(maxTokenAge);\n if (age - tolerance > max) {\n throw new JWTExpired('\"iat\" claim timestamp check failed (too far in the past)', payload, 'iat', 'check_failed');\n }\n if (age < 0 - tolerance) {\n throw new JWTClaimValidationFailed('\"iat\" claim timestamp check failed (it should be in the past)', payload, 'iat', 'check_failed');\n }\n }\n return payload;\n};\n","import crypto from './webcrypto.js';\nconst digest = async (algorithm, data) => {\n const subtleDigest = `SHA-${algorithm.slice(-3)}`;\n return new Uint8Array(await crypto.subtle.digest(subtleDigest, data));\n};\nexport default digest;\n","import digest from '../runtime/digest.js';\nimport { encode as base64url } from '../runtime/base64url.js';\nimport { JOSENotSupported, JWKInvalid } from '../util/errors.js';\nimport { encoder } from '../lib/buffer_utils.js';\nimport isObject from '../lib/is_object.js';\nconst check = (value, description) => {\n if (typeof value !== 'string' || !value) {\n throw new JWKInvalid(`${description} missing or invalid`);\n }\n};\nexport async function calculateJwkThumbprint(jwk, digestAlgorithm) {\n if (!isObject(jwk)) {\n throw new TypeError('JWK must be an object');\n }\n digestAlgorithm ?? (digestAlgorithm = 'sha256');\n if (digestAlgorithm !== 'sha256' &&\n digestAlgorithm !== 'sha384' &&\n digestAlgorithm !== 'sha512') {\n throw new TypeError('digestAlgorithm must one of \"sha256\", \"sha384\", or \"sha512\"');\n }\n let components;\n switch (jwk.kty) {\n case 'EC':\n check(jwk.crv, '\"crv\" (Curve) Parameter');\n check(jwk.x, '\"x\" (X Coordinate) Parameter');\n check(jwk.y, '\"y\" (Y Coordinate) Parameter');\n components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x, y: jwk.y };\n break;\n case 'OKP':\n check(jwk.crv, '\"crv\" (Subtype of Key Pair) Parameter');\n check(jwk.x, '\"x\" (Public Key) Parameter');\n components = { crv: jwk.crv, kty: jwk.kty, x: jwk.x };\n break;\n case 'RSA':\n check(jwk.e, '\"e\" (Exponent) Parameter');\n check(jwk.n, '\"n\" (Modulus) Parameter');\n components = { e: jwk.e, kty: jwk.kty, n: jwk.n };\n break;\n case 'oct':\n check(jwk.k, '\"k\" (Key Value) Parameter');\n components = { k: jwk.k, kty: jwk.kty };\n break;\n default:\n throw new JOSENotSupported('\"kty\" (Key Type) Parameter missing or unsupported');\n }\n const data = encoder.encode(JSON.stringify(components));\n return base64url(await digest(digestAlgorithm, data));\n}\nexport async function calculateJwkThumbprintUri(jwk, digestAlgorithm) {\n digestAlgorithm ?? (digestAlgorithm = 'sha256');\n const thumbprint = await calculateJwkThumbprint(jwk, digestAlgorithm);\n return `urn:ietf:params:oauth:jwk-thumbprint:sha-${digestAlgorithm.slice(-3)}:${thumbprint}`;\n}\n","import crypto from './webcrypto.js';\nimport { JOSENotSupported } from '../util/errors.js';\nimport random from './random.js';\nexport async function generateSecret(alg, options) {\n let length;\n let algorithm;\n let keyUsages;\n switch (alg) {\n case 'HS256':\n case 'HS384':\n case 'HS512':\n length = parseInt(alg.slice(-3), 10);\n algorithm = { name: 'HMAC', hash: `SHA-${length}`, length };\n keyUsages = ['sign', 'verify'];\n break;\n case 'A128CBC-HS256':\n case 'A192CBC-HS384':\n case 'A256CBC-HS512':\n length = parseInt(alg.slice(-3), 10);\n return random(new Uint8Array(length >> 3));\n case 'A128KW':\n case 'A192KW':\n case 'A256KW':\n length = parseInt(alg.slice(1, 4), 10);\n algorithm = { name: 'AES-KW', length };\n keyUsages = ['wrapKey', 'unwrapKey'];\n break;\n case 'A128GCMKW':\n case 'A192GCMKW':\n case 'A256GCMKW':\n case 'A128GCM':\n case 'A192GCM':\n case 'A256GCM':\n length = parseInt(alg.slice(1, 4), 10);\n algorithm = { name: 'AES-GCM', length };\n keyUsages = ['encrypt', 'decrypt'];\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);\n}\nfunction getModulusLengthOption(options) {\n const modulusLength = options?.modulusLength ?? 2048;\n if (typeof modulusLength !== 'number' || modulusLength < 2048) {\n throw new JOSENotSupported('Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used');\n }\n return modulusLength;\n}\nexport async function generateKeyPair(alg, options) {\n let algorithm;\n let keyUsages;\n switch (alg) {\n case 'PS256':\n case 'PS384':\n case 'PS512':\n algorithm = {\n name: 'RSA-PSS',\n hash: `SHA-${alg.slice(-3)}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['sign', 'verify'];\n break;\n case 'RS256':\n case 'RS384':\n case 'RS512':\n algorithm = {\n name: 'RSASSA-PKCS1-v1_5',\n hash: `SHA-${alg.slice(-3)}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['sign', 'verify'];\n break;\n case 'RSA-OAEP':\n case 'RSA-OAEP-256':\n case 'RSA-OAEP-384':\n case 'RSA-OAEP-512':\n algorithm = {\n name: 'RSA-OAEP',\n hash: `SHA-${parseInt(alg.slice(-3), 10) || 1}`,\n publicExponent: new Uint8Array([0x01, 0x00, 0x01]),\n modulusLength: getModulusLengthOption(options),\n };\n keyUsages = ['decrypt', 'unwrapKey', 'encrypt', 'wrapKey'];\n break;\n case 'ES256':\n algorithm = { name: 'ECDSA', namedCurve: 'P-256' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'ES384':\n algorithm = { name: 'ECDSA', namedCurve: 'P-384' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'ES512':\n algorithm = { name: 'ECDSA', namedCurve: 'P-521' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'Ed25519':\n algorithm = { name: 'Ed25519' };\n keyUsages = ['sign', 'verify'];\n break;\n case 'EdDSA': {\n keyUsages = ['sign', 'verify'];\n const crv = options?.crv ?? 'Ed25519';\n switch (crv) {\n case 'Ed25519':\n case 'Ed448':\n algorithm = { name: crv };\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported crv option provided');\n }\n break;\n }\n case 'ECDH-ES':\n case 'ECDH-ES+A128KW':\n case 'ECDH-ES+A192KW':\n case 'ECDH-ES+A256KW': {\n keyUsages = ['deriveKey', 'deriveBits'];\n const crv = options?.crv ?? 'P-256';\n switch (crv) {\n case 'P-256':\n case 'P-384':\n case 'P-521': {\n algorithm = { name: 'ECDH', namedCurve: crv };\n break;\n }\n case 'X25519':\n case 'X448':\n algorithm = { name: crv };\n break;\n default:\n throw new JOSENotSupported('Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448');\n }\n break;\n }\n default:\n throw new JOSENotSupported('Invalid or unsupported JWK \"alg\" (Algorithm) Parameter value');\n }\n return crypto.subtle.generateKey(algorithm, options?.extractable ?? false, keyUsages);\n}\n","import { generateKeyPair as generate } from '../runtime/generate.js';\nexport async function generateKeyPair(alg, options) {\n return generate(alg, options);\n}\n","import * as base64url from '../runtime/base64url.js';\nexport const encode = base64url.encode;\nexport const decode = base64url.decode;\n","/**\n * solid-oidc.js - Minimal Solid-OIDC client for browsers\n *\n * A zero-build, single-file Solid-OIDC authentication library.\n *\n * @license MIT\n * @author JavaScriptSolidServer\n * @see https://github.com/JavaScriptSolidServer/solid-oidc\n *\n * Based on solid-oidc-client-browser by uvdsl (Christoph Braun)\n * @see https://github.com/uvdsl/solid-oidc-client-browser\n *\n * Implements:\n * - RFC 6749 - OAuth 2.0\n * - RFC 7636 - PKCE\n * - RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification\n * - RFC 9449 - DPoP (Demonstration of Proof-of-Possession)\n * - Solid-OIDC Specification\n */\n\nimport {\n SignJWT,\n generateKeyPair,\n decodeJwt,\n exportJWK,\n createRemoteJWKSet,\n jwtVerify,\n calculateJwkThumbprint\n} from 'jose'\n\n// ============================================================================\n// Session Events\n// ============================================================================\n\nexport const SessionEvents = {\n STATE_CHANGE: 'sessionStateChange',\n EXPIRATION_WARNING: 'sessionExpirationWarning',\n EXPIRATION: 'sessionExpiration'\n}\n\n// ============================================================================\n// Session Database Interface (IndexedDB Implementation)\n// ============================================================================\n\nexport class SessionDatabase {\n constructor(dbName = 'solid-oidc', storeName = 'session', dbVersion = 1) {\n this.dbName = dbName\n this.storeName = storeName\n this.dbVersion = dbVersion\n this.db = null\n }\n\n async init() {\n return new Promise((resolve, reject) => {\n const request = indexedDB.open(this.dbName, this.dbVersion)\n request.onerror = () => reject(new Error(`Database error: ${request.error}`))\n request.onsuccess = () => {\n this.db = request.result\n resolve(this)\n }\n request.onupgradeneeded = (event) => {\n const db = event.target.result\n if (!db.objectStoreNames.contains(this.storeName)) {\n db.createObjectStore(this.storeName)\n }\n }\n })\n }\n\n async setItem(id, value) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).put(value, id)\n })\n }\n\n async getItem(id) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readonly')\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n const request = tx.objectStore(this.storeName).get(id)\n request.onsuccess = () => resolve(request.result || null)\n })\n }\n\n async deleteItem(id) {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).delete(id)\n })\n }\n\n async clear() {\n if (!this.db) await this.init()\n return new Promise((resolve, reject) => {\n const tx = this.db.transaction(this.storeName, 'readwrite')\n tx.oncomplete = () => resolve()\n tx.onerror = () => reject(new Error(`Transaction error: ${tx.error}`))\n tx.objectStore(this.storeName).clear()\n })\n }\n\n close() {\n if (this.db) {\n this.db.close()\n this.db = null\n }\n }\n}\n\n// ============================================================================\n// PKCE Helper (RFC 7636)\n// ============================================================================\n\nasync function generatePKCE() {\n const verifier = crypto.randomUUID() + '-' + crypto.randomUUID()\n const digest = new Uint8Array(\n await crypto.subtle.digest('SHA-256', new TextEncoder().encode(verifier))\n )\n const challenge = btoa(String.fromCharCode(...digest))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '')\n return { verifier, challenge }\n}\n\n// ============================================================================\n// DPoP Helper (RFC 9449)\n// ============================================================================\n\nasync function createDPoPToken(keyPair, htu, htm, ath = null) {\n const publicJwk = await exportJWK(keyPair.publicKey)\n const payload = { htu, htm }\n if (ath) payload.ath = ath\n\n return new SignJWT(payload)\n .setIssuedAt()\n .setJti(crypto.randomUUID())\n .setProtectedHeader({ alg: 'ES256', typ: 'dpop+jwt', jwk: publicJwk })\n .sign(keyPair.privateKey)\n}\n\nasync function computeAth(accessToken) {\n const data = new TextEncoder().encode(accessToken)\n const hashBuffer = await crypto.subtle.digest('SHA-256', data)\n const hashArray = Array.from(new Uint8Array(hashBuffer))\n return btoa(String.fromCharCode(...hashArray))\n .replace(/\\+/g, '-')\n .replace(/\\//g, '_')\n .replace(/=+$/, '')\n}\n\n// ============================================================================\n// OIDC Discovery\n// ============================================================================\n\nasync function discoverOIDC(idp) {\n const origin = new URL(idp).origin\n const response = await fetch(`${origin}/.well-known/openid-configuration`)\n if (!response.ok) throw new Error(`OIDC discovery failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Dynamic Client Registration\n// ============================================================================\n\nasync function registerClient(registrationEndpoint, redirectUris) {\n const response = await fetch(registrationEndpoint, {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({\n application_type: 'web',\n redirect_uris: redirectUris,\n token_endpoint_auth_method: 'none',\n grant_types: ['authorization_code', 'refresh_token'],\n response_types: ['code'],\n scope: 'openid offline_access webid'\n })\n })\n if (!response.ok) throw new Error(`Client registration failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Token Request\n// ============================================================================\n\nasync function requestTokens(tokenEndpoint, params, keyPair) {\n const dpop = await createDPoPToken(keyPair, tokenEndpoint, 'POST')\n const response = await fetch(tokenEndpoint, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-www-form-urlencoded',\n 'DPoP': dpop\n },\n body: new URLSearchParams(params)\n })\n if (!response.ok) throw new Error(`Token request failed: ${response.status}`)\n return response.json()\n}\n\n// ============================================================================\n// Token Validation\n// ============================================================================\n\nasync function validateAccessToken(accessToken, jwksUri, issuer, clientId, keyPair) {\n const jwks = createRemoteJWKSet(new URL(jwksUri))\n const { payload } = await jwtVerify(accessToken, jwks, {\n issuer,\n audience: 'solid'\n })\n\n // Verify DPoP binding\n const thumbprint = await calculateJwkThumbprint(await exportJWK(keyPair.publicKey))\n if (payload.cnf?.jkt !== thumbprint) {\n throw new Error('DPoP thumbprint mismatch')\n }\n\n // Verify client_id\n if (payload.client_id !== clientId) {\n throw new Error('client_id mismatch')\n }\n\n return payload\n}\n\n// ============================================================================\n// Refresh Token Grant\n// ============================================================================\n\nasync function refreshTokens(database) {\n await database.init()\n\n const [refreshToken, tokenEndpoint, clientId, keyPair] = await Promise.all([\n database.getItem('refresh_token'),\n database.getItem('token_endpoint'),\n database.getItem('client_id'),\n database.getItem('dpop_keypair')\n ])\n\n if (!refreshToken || !tokenEndpoint || !clientId || !keyPair) {\n throw new Error('Missing refresh data')\n }\n\n const tokens = await requestTokens(tokenEndpoint, {\n grant_type: 'refresh_token',\n refresh_token: refreshToken,\n client_id: clientId\n }, keyPair)\n\n // Persist new refresh token if provided\n if (tokens.refresh_token) {\n await database.setItem('refresh_token', tokens.refresh_token)\n }\n\n database.close()\n return { ...tokens, dpop_key_pair: keyPair }\n}\n\n// ============================================================================\n// Main Session Class\n// ============================================================================\n\nexport class Session extends EventTarget {\n constructor(options = {}) {\n super()\n this.clientId = options.clientId || null\n this.database = options.database || new SessionDatabase()\n this.onStateChange = options.onStateChange || null\n this.onExpirationWarning = options.onExpirationWarning || null\n this.onExpiration = options.onExpiration || null\n\n // Internal state\n this._isActive = false\n this._webId = null\n this._exp = null\n this._ath = null\n this._tokens = null\n this._idpDetails = null\n this._refreshPromise = null\n\n // Set up event listeners\n if (this.onStateChange) {\n this.addEventListener(SessionEvents.STATE_CHANGE, this.onStateChange)\n }\n if (this.onExpirationWarning) {\n this.addEventListener(SessionEvents.EXPIRATION_WARNING, this.onExpirationWarning)\n }\n if (this.onExpiration) {\n this.addEventListener(SessionEvents.EXPIRATION, this.onExpiration)\n }\n }\n\n // ==========================================================================\n // Public API\n // ==========================================================================\n\n get isActive() { return this._isActive }\n get webId() { return this._webId }\n\n isExpired() {\n if (!this._exp) return true\n return Math.floor(Date.now() / 1000) >= this._exp\n }\n\n getExpiresIn() {\n if (!this._exp) return -1\n return this._exp - Math.floor(Date.now() / 1000)\n }\n\n /**\n * Redirect user to identity provider for login\n */\n async login(idp, redirectUri) {\n // Sanitize redirect URI (RFC 6749 Section 3.1.2)\n const redirectUrl = new URL(redirectUri)\n const sanitizedRedirect = redirectUrl.origin + redirectUrl.pathname + redirectUrl.search\n\n // OIDC Discovery\n const config = await discoverOIDC(idp)\n\n // RFC 9207: Verify issuer\n const issuer = config.issuer\n const trimSlash = (s) => s.endsWith('/') ? s.slice(0, -1) : s\n if (trimSlash(idp) !== trimSlash(issuer)) {\n throw new Error(`Issuer mismatch: ${issuer} !== ${idp}`)\n }\n\n // Store IDP details\n sessionStorage.setItem('solid_oidc_idp', issuer)\n sessionStorage.setItem('solid_oidc_token_endpoint', config.token_endpoint)\n sessionStorage.setItem('solid_oidc_jwks_uri', config.jwks_uri)\n\n // Get or register client_id\n let clientId = this.clientId\n if (!clientId) {\n const registration = await registerClient(config.registration_endpoint, [sanitizedRedirect])\n clientId = registration.client_id\n sessionStorage.setItem('solid_oidc_client_id', clientId)\n }\n\n // PKCE (RFC 7636)\n const pkce = await generatePKCE()\n sessionStorage.setItem('solid_oidc_pkce_verifier', pkce.verifier)\n\n // CSRF token\n const csrfToken = crypto.randomUUID()\n sessionStorage.setItem('solid_oidc_csrf', csrfToken)\n\n // Build authorization URL\n const authUrl = new URL(config.authorization_endpoint)\n authUrl.searchParams.set('response_type', 'code')\n authUrl.searchParams.set('redirect_uri', sanitizedRedirect)\n authUrl.searchParams.set('scope', 'openid offline_access webid')\n authUrl.searchParams.set('client_id', clientId)\n authUrl.searchParams.set('code_challenge_method', 'S256')\n authUrl.searchParams.set('code_challenge', pkce.challenge)\n authUrl.searchParams.set('state', csrfToken)\n authUrl.searchParams.set('prompt', 'consent')\n\n // Redirect to IDP\n window.location.href = authUrl.toString()\n }\n\n /**\n * Handle redirect from identity provider after login\n */\n async handleRedirectFromLogin() {\n const url = new URL(window.location.href)\n const code = url.searchParams.get('code')\n\n // No code = not a redirect, nothing to do\n if (!code) return\n\n // RFC 9207: Verify issuer\n const idp = sessionStorage.getItem('solid_oidc_idp')\n const iss = url.searchParams.get('iss')\n if (!idp || iss !== idp) {\n throw new Error(`Issuer mismatch: ${iss} !== ${idp}`)\n }\n\n // RFC 6749: Verify CSRF token\n const csrf = sessionStorage.getItem('solid_oidc_csrf')\n if (url.searchParams.get('state') !== csrf) {\n throw new Error('CSRF token mismatch')\n }\n\n // Clean URL\n url.searchParams.delete('code')\n url.searchParams.delete('iss')\n url.searchParams.delete('state')\n window.history.replaceState({}, document.title, url.toString())\n\n // Get stored values\n const pkceVerifier = sessionStorage.getItem('solid_oidc_pkce_verifier')\n const tokenEndpoint = sessionStorage.getItem('solid_oidc_token_endpoint')\n const jwksUri = sessionStorage.getItem('solid_oidc_jwks_uri')\n const clientId = this.clientId || sessionStorage.getItem('solid_oidc_client_id')\n\n if (!pkceVerifier || !tokenEndpoint || !clientId) {\n throw new Error('Missing session data')\n }\n\n // Generate DPoP key pair\n const keyPair = await generateKeyPair('ES256')\n\n // Exchange code for tokens\n const tokens = await requestTokens(tokenEndpoint, {\n grant_type: 'authorization_code',\n code,\n code_verifier: pkceVerifier,\n redirect_uri: url.origin + url.pathname,\n client_id: clientId\n }, keyPair)\n\n // Validate access token\n await validateAccessToken(tokens.access_token, jwksUri, idp, clientId, keyPair)\n\n // Store IDP details\n this._idpDetails = { idp, jwksUri, tokenEndpoint }\n\n // Persist for refresh\n await this.database.init()\n await Promise.all([\n this.database.setItem('idp', idp),\n this.database.setItem('jwks_uri', jwksUri),\n this.database.setItem('token_endpoint', tokenEndpoint),\n this.database.setItem('client_id', clientId),\n this.database.setItem('dpop_keypair', keyPair),\n this.database.setItem('refresh_token', tokens.refresh_token)\n ])\n this.database.close()\n\n // Clean session storage\n sessionStorage.removeItem('solid_oidc_idp')\n sessionStorage.removeItem('solid_oidc_token_endpoint')\n sessionStorage.removeItem('solid_oidc_jwks_uri')\n sessionStorage.removeItem('solid_oidc_client_id')\n sessionStorage.removeItem('solid_oidc_pkce_verifier')\n sessionStorage.removeItem('solid_oidc_csrf')\n\n // Update session state\n await this._setTokens({ ...tokens, dpop_key_pair: keyPair })\n this._dispatchStateChange()\n }\n\n /**\n * Restore session using stored refresh token\n */\n async restore() {\n if (this._refreshPromise) return this._refreshPromise\n\n this._refreshPromise = (async () => {\n try {\n const tokens = await refreshTokens(this.database)\n await this._setTokens(tokens)\n this._dispatchStateChange()\n } catch (error) {\n if (this._isActive) {\n if (!this.isExpired()) {\n this._dispatchExpirationWarning()\n } else {\n this._dispatchExpiration()\n }\n }\n throw error\n } finally {\n this._refreshPromise = null\n }\n })()\n\n return this._refreshPromise\n }\n\n /**\n * Log out and clear all session data\n */\n async logout() {\n this._isActive = false\n this._webId = null\n this._exp = null\n this._ath = null\n this._tokens = null\n this._idpDetails = null\n\n await this.database.init()\n await this.database.clear()\n this.database.close()\n\n this._dispatchStateChange()\n }\n\n /**\n * Make authenticated fetch request with DPoP\n */\n async authFetch(input, init = {}) {\n // No session = regular fetch\n if (!this._isActive) {\n return fetch(input, init)\n }\n\n // Refresh if expired\n if (this.isExpired()) {\n await this.restore()\n }\n\n // Parse request\n let url, method, headers\n if (input instanceof Request) {\n url = new URL(input.url)\n method = init.method || input.method || 'GET'\n headers = new Headers(input.headers)\n } else {\n url = new URL(input.toString())\n method = init.method || 'GET'\n headers = init.headers ? new Headers(init.headers) : new Headers()\n }\n\n // Create DPoP proof\n const dpop = await createDPoPToken(\n this._tokens.dpop_key_pair,\n `${url.origin}${url.pathname}`,\n method.toUpperCase(),\n this._ath\n )\n\n // Set auth headers\n headers.set('DPoP', dpop)\n headers.set('Authorization', `DPoP ${this._tokens.access_token}`)\n\n // Make request\n if (input instanceof Request) {\n return fetch(new Request(input, { ...init, headers }))\n }\n return fetch(url, { ...init, headers })\n }\n\n // ==========================================================================\n // Internal Methods\n // ==========================================================================\n\n async _setTokens(tokens) {\n this._tokens = tokens\n\n const decoded = decodeJwt(tokens.access_token)\n if (!decoded.webid) throw new Error('Missing webid claim')\n if (!decoded.exp) throw new Error('Missing exp claim')\n\n this._ath = await computeAth(tokens.access_token)\n this._webId = decoded.webid\n this._exp = decoded.exp\n this._isActive = true\n }\n\n _dispatchStateChange() {\n this.dispatchEvent(new CustomEvent(SessionEvents.STATE_CHANGE, {\n detail: { isActive: this._isActive, webId: this._webId }\n }))\n }\n\n _dispatchExpirationWarning() {\n this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION_WARNING, {\n detail: { expires_in: this.getExpiresIn() }\n }))\n }\n\n _dispatchExpiration() {\n this.dispatchEvent(new CustomEvent(SessionEvents.EXPIRATION))\n }\n}\n\n// ============================================================================\n// Default Export\n// ============================================================================\n\nexport default Session\n","import { compactVerify } from '../jws/compact/verify.js';\nimport jwtPayload from '../lib/jwt_claims_set.js';\nimport { JWTInvalid } from '../util/errors.js';\nexport async function jwtVerify(jwt, key, options) {\n const verified = await compactVerify(jwt, key, options);\n if (verified.protectedHeader.crit?.includes('b64') && verified.protectedHeader.b64 === false) {\n throw new JWTInvalid('JWTs MUST NOT use unencoded payload');\n }\n const payload = jwtPayload(verified.protectedHeader, verified.payload, options);\n const result = { payload, protectedHeader: verified.protectedHeader };\n if (typeof key === 'function') {\n return { ...result, key: verified.key };\n }\n return result;\n}\n","import { decode as base64url } from './base64url.js';\nimport { decoder } from '../lib/buffer_utils.js';\nimport isObject from '../lib/is_object.js';\nimport { JWTInvalid } from './errors.js';\nexport function decodeJwt(jwt) {\n if (typeof jwt !== 'string')\n throw new JWTInvalid('JWTs must use Compact JWS serialization, JWT must be a string');\n const { 1: payload, length } = jwt.split('.');\n if (length === 5)\n throw new JWTInvalid('Only JWTs using Compact JWS serialization can be decoded');\n if (length !== 3)\n throw new JWTInvalid('Invalid JWT');\n if (!payload)\n throw new JWTInvalid('JWTs must contain a payload');\n let decoded;\n try {\n decoded = base64url(payload);\n }\n catch {\n throw new JWTInvalid('Failed to base64url decode the payload');\n }\n let result;\n try {\n result = JSON.parse(decoder.decode(decoded));\n }\n catch {\n throw new JWTInvalid('Failed to parse the decoded payload as JSON');\n }\n if (!isObject(result))\n throw new JWTInvalid('Invalid JWT Claims Set');\n return result;\n}\n","/**\n * Adapter to make solid-oidc compatible with @inrupt/solid-client-authn-browser API\n *\n * This provides a drop-in replacement for the Inrupt Session class using the minimal\n * solid-oidc library from JavaScriptSolidServer.\n *\n * @see https://github.com/JavaScriptSolidServer/solid-oidc\n */\n\nimport {\n Session as SolidOidcSession,\n SessionDatabase\n} from 'solid-oidc'\n\n/**\n * Event names compatible with @inrupt/solid-client-authn-browser\n */\nexport const EVENTS = {\n SESSION_RESTORED: 'sessionRestore',\n LOGIN: 'login',\n LOGOUT: 'logout',\n SESSION_EXPIRED: 'sessionExpired',\n ERROR: 'error'\n} as const\n\n/**\n * Callback type for event listeners\n */\ntype EventCallback = (...args: any[]) => void\n\n/**\n * Simple event emitter for compatibility with Inrupt's session.events API\n */\nclass EventEmitter {\n private listeners: Map> = new Map()\n\n on(event: string, callback: EventCallback): void {\n if (!this.listeners.has(event)) {\n this.listeners.set(event, new Set())\n }\n this.listeners.get(event)!.add(callback)\n }\n\n off(event: string, callback: EventCallback): void {\n this.listeners.get(event)?.delete(callback)\n }\n\n emit(event: string, ...args: unknown[]): void {\n this.listeners.get(event)?.forEach(cb => cb(...args))\n }\n}\n\n/**\n * Session info interface compatible with Inrupt\n */\nexport interface SessionInfo {\n isLoggedIn: boolean\n webId?: string\n sessionId?: string\n expirationDate?: number\n}\n\n/**\n * Options for handleIncomingRedirect\n */\nexport interface HandleRedirectOptions {\n restorePreviousSession?: boolean\n url?: string\n}\n\n/**\n * Options for login\n */\nexport interface LoginOptions {\n oidcIssuer: string\n redirectUrl: string\n clientId?: string\n clientName?: string\n tokenType?: string\n}\n\n/**\n * Session class that wraps solid-oidc to provide @inrupt/solid-client-authn-browser compatible API\n */\nexport class Session {\n private _session: SolidOidcSession\n private _events: EventEmitter\n private _sessionId: string\n\n constructor(options?: { clientId?: string }) {\n this._session = new SolidOidcSession({\n clientId: options?.clientId,\n database: new SessionDatabase(),\n onStateChange: (event) => {\n const detail = (event as CustomEvent).detail\n if (detail?.isActive) {\n this._events.emit(EVENTS.LOGIN)\n this._events.emit(EVENTS.SESSION_RESTORED, window.location.href)\n } else {\n this._events.emit(EVENTS.LOGOUT)\n }\n },\n onExpiration: () => {\n this._events.emit(EVENTS.SESSION_EXPIRED)\n }\n })\n this._events = new EventEmitter()\n this._sessionId = crypto.randomUUID()\n }\n\n /**\n * Event emitter for session events\n */\n get events(): EventEmitter {\n return this._events\n }\n\n /**\n * Session information\n */\n get info(): SessionInfo {\n return {\n isLoggedIn: this._session.isActive,\n webId: this._session.webId ?? undefined,\n sessionId: this._sessionId,\n expirationDate: this._session.isActive\n ? Date.now() + (this._session.getExpiresIn() * 1000)\n : undefined\n }\n }\n\n /**\n * Handle incoming redirect from identity provider\n */\n async handleIncomingRedirect(options?: HandleRedirectOptions | string): Promise {\n // Handle string URL (legacy API)\n const opts: HandleRedirectOptions = typeof options === 'string'\n ? { url: options }\n : options ?? {}\n\n try {\n // First handle any redirect from login\n await this._session.handleRedirectFromLogin()\n\n // If not logged in and restorePreviousSession is true, try to restore\n if (!this._session.isActive && opts.restorePreviousSession !== false) {\n try {\n await this._session.restore()\n } catch {\n // No session to restore, that's okay\n }\n }\n\n return this.info\n } catch (error) {\n this._events.emit(EVENTS.ERROR, error)\n return undefined\n }\n }\n\n /**\n * Initiate login flow\n */\n async login(options: LoginOptions): Promise {\n const redirectUrl = options.redirectUrl || window.location.href\n await this._session.login(options.oidcIssuer, redirectUrl)\n }\n\n /**\n * Log out and clear session\n */\n async logout(): Promise {\n await this._session.logout()\n }\n\n /**\n * Make authenticated fetch request\n */\n async fetch(url: RequestInfo | URL, init?: RequestInit): Promise {\n return this._session.authFetch(url as string, init)\n }\n}\n\nexport default Session\n","import { Session } from './solidOidcAdapter'\n\nexport const authSession = new Session()\n","// Namespaces we commonly use and have common prefixes for around Solid\nimport solidNamespace from 'solid-namespace' // Delegate to this which takes RDFlib as param.\nimport * as $rdf from 'rdflib'\n\nexport const ns = solidNamespace($rdf)","import { graph, NamedNode, Namespace, serialize, sym } from 'rdflib'\nimport { AclLogic } from '../types'\nimport { ns as namespace } from '../util/ns'\n\n\nexport const ACL_LINK = sym(\n 'http://www.iana.org/assignments/link-relations/acl'\n)\n\nexport function createAclLogic(store): AclLogic {\n\n const ns = namespace\n \n async function findAclDocUrl(url: NamedNode) {\n await store.fetcher.load(url)\n const docNode = store.any(url, ACL_LINK)\n if (!docNode) {\n throw new Error(`No ACL link discovered for ${url}`)\n }\n return docNode.value\n }\n /**\n * Simple Access Control\n *\n * This function sets up a simple default ACL for a resource, with\n * RWC for the owner, and a specified access (default none) for the public.\n * In all cases owner has read write control.\n * Parameter lists modes allowed to public\n *\n * @param options\n * @param options.public eg ['Read', 'Write']\n *\n * @returns Resolves with aclDoc uri on successful write\n */\n function setACLUserPublic ( \n docURI: string,\n me: NamedNode,\n options: {\n defaultForNew?: boolean,\n public?: []\n }\n ): Promise {\n const aclDoc = store.any(\n store.sym(docURI),\n ACL_LINK\n )\n\n return Promise.resolve()\n .then(() => {\n if (aclDoc) {\n return aclDoc as NamedNode\n }\n\n return fetchACLRel(docURI).catch(err => {\n throw new Error(`Error fetching rel=ACL header for ${docURI}: ${err}`)\n })\n })\n .then(aclDoc => {\n const aclText = genACLText(docURI, me, aclDoc.uri, options)\n if (!store.fetcher) {\n throw new Error('Cannot PUT this, store has no fetcher')\n }\n return store.fetcher\n .webOperation('PUT', aclDoc.uri, {\n data: aclText,\n contentType: 'text/turtle'\n })\n .then(result => {\n if (!result.ok) {\n throw new Error('Error writing ACL text: ' + result.error)\n }\n\n return aclDoc\n })\n })\n }\n\n /**\n * @param docURI\n * @returns\n */\n function fetchACLRel (docURI: string): Promise {\n const fetcher = store.fetcher\n if (!fetcher) {\n throw new Error('Cannot fetch ACL rel, store has no fetcher')\n }\n\n return fetcher.load(docURI).then(result => {\n if (!result.ok) {\n throw new Error('fetchACLRel: While loading:' + (result as any).error)\n }\n\n const aclDoc = store.any(\n store.sym(docURI),\n ACL_LINK\n )\n\n if (!aclDoc) {\n throw new Error('fetchACLRel: No Link rel=ACL header for ' + docURI)\n }\n\n return aclDoc as NamedNode\n })\n }\n\n /**\n * @param docURI\n * @param me\n * @param aclURI\n * @param options\n *\n * @returns Serialized ACL\n */\n function genACLText (\n docURI: string,\n me: NamedNode,\n aclURI: string,\n options: {\n defaultForNew?: boolean,\n public?: []\n } = {}\n ): string | undefined {\n const optPublic = options.public || []\n const g = graph()\n const auth = Namespace('http://www.w3.org/ns/auth/acl#')\n let a = g.sym(`${aclURI}#a1`)\n const acl = g.sym(aclURI)\n const doc = g.sym(docURI)\n g.add(a, ns.rdf('type'), auth('Authorization'), acl)\n g.add(a, auth('accessTo'), doc, acl)\n if (options.defaultForNew) {\n g.add(a, auth('default'), doc, acl)\n }\n g.add(a, auth('agent'), me, acl)\n g.add(a, auth('mode'), auth('Read'), acl)\n g.add(a, auth('mode'), auth('Write'), acl)\n g.add(a, auth('mode'), auth('Control'), acl)\n\n if (optPublic.length) {\n a = g.sym(`${aclURI}#a2`)\n g.add(a, ns.rdf('type'), auth('Authorization'), acl)\n g.add(a, auth('accessTo'), doc, acl)\n g.add(a, auth('agentClass'), ns.foaf('Agent'), acl)\n for (let p = 0; p < optPublic.length; p++) {\n g.add(a, auth('mode'), auth(optPublic[p]), acl) // Like 'Read' etc\n }\n }\n return serialize(acl, g, aclURI)\n }\n return {\n findAclDocUrl,\n setACLUserPublic,\n genACLText\n }\n}","import { NamedNode, sym } from 'rdflib'\nimport * as debug from '../util/debug'\n\n/**\n * find a user or app's context as set in window.SolidAppContext\n * this is a const, not a function, because we have problems to jest mock it otherwise\n * see: https://github.com/facebook/jest/issues/936#issuecomment-545080082 for more\n * @return {any} - an appContext object\n */\nexport const appContext = ():any => {\n let { SolidAppContext }: any = window\n SolidAppContext ||= {}\n SolidAppContext.viewingNoAuthPage = false\n if (SolidAppContext.noAuth && window.document) {\n const currentPage = window.document.location.href\n if (currentPage.startsWith(SolidAppContext.noAuth)) {\n SolidAppContext.viewingNoAuthPage = true\n const params = new URLSearchParams(window.document.location.search)\n if (params) {\n let viewedPage = SolidAppContext.viewedPage = params.get('uri') || null\n if (viewedPage) {\n viewedPage = decodeURI(viewedPage)\n if (!viewedPage.startsWith(SolidAppContext.noAuth)) {\n const ary = viewedPage.split(/\\//)\n SolidAppContext.idp = ary[0] + '//' + ary[2]\n SolidAppContext.viewingNoAuthPage = false\n }\n }\n }\n }\n }\n return SolidAppContext\n}\n\n/**\n * Returns `sym($SolidTestEnvironment.username)` if\n * `$SolidTestEnvironment.username` is defined as a global\n * or \n * returns testID defined in the HTML page\n * @returns {NamedNode|null}\n */\nexport function offlineTestID (): NamedNode | null {\n const { $SolidTestEnvironment }: any = window\n if (\n typeof $SolidTestEnvironment !== 'undefined' &&\n $SolidTestEnvironment.username\n ) {\n // Test setup\n debug.log('Assuming the user is ' + $SolidTestEnvironment.username)\n return sym($SolidTestEnvironment.username)\n }\n // hack that makes SolidOS work in offline mode by adding the webId directly in html\n // example usage: https://github.com/solidos/mashlib/blob/29b8b53c46bf02e0e219f0bacd51b0e9951001dd/test/contact/local.html#L37\n if (\n typeof document !== 'undefined' &&\n document.location &&\n ('' + document.location).slice(0, 16) === 'http://localhost'\n ) {\n const div = document.getElementById('appTarget')\n if (!div) return null\n const id = div.getAttribute('testID')\n if (!id) return null\n debug.log('Assuming user is ' + id)\n return sym(id)\n }\n return null\n}\n","import { namedNode, NamedNode, sym } from 'rdflib'\nimport { appContext, offlineTestID } from './authUtil'\nimport * as debug from '../util/debug'\nimport { EVENTS, Session } from '../authSession/solidOidcAdapter'\nimport { AuthenticationContext, AuthnLogic } from '../types'\n\nexport class SolidAuthnLogic implements AuthnLogic {\n private session: Session\n\n constructor(solidAuthSession: Session) {\n this.session = solidAuthSession\n }\n\n // we created authSession getter because we want to access it as authn.authSession externally\n get authSession():Session { return this.session }\n\n currentUser(): NamedNode | null {\n const app = appContext()\n if (app.viewingNoAuthPage) {\n return sym(app.webId)\n }\n if (this && this.session && this.session.info && this.session.info.webId && this.session.info.isLoggedIn) {\n return sym(this.session.info.webId)\n }\n return offlineTestID() // null unless testing\n }\n\n /**\n * Retrieves currently logged in webId from either\n * defaultTestUser or SolidAuth\n * Also activates a session after login\n * @param [setUserCallback] Optional callback\n * @returns Resolves with webId uri, if no callback provided\n */\n async checkUser (\n setUserCallback?: (me: NamedNode | null) => T\n ): Promise {\n // Save hash for \"restorePreviousSession\"\n const preLoginRedirectHash = new URL(window.location.href).hash\n if (preLoginRedirectHash) {\n window.localStorage.setItem('preLoginRedirectHash', preLoginRedirectHash)\n }\n this.session.events.on(EVENTS.SESSION_RESTORED, (url) => {\n debug.log(`Session restored to ${url}`)\n if (document.location.toString() !== url) history.replaceState(null, '', url as string)\n })\n\n /**\n * Handle a successful authentication redirect\n */\n const redirectUrl = new URL(window.location.href)\n redirectUrl.hash = ''\n await this.session\n .handleIncomingRedirect({\n restorePreviousSession: true,\n url: redirectUrl.href\n })\n\n // Check to see if a hash was stored in local storage\n const postLoginRedirectHash = window.localStorage.getItem('preLoginRedirectHash')\n if (postLoginRedirectHash) {\n const curUrl = new URL(window.location.href)\n if (curUrl.hash !== postLoginRedirectHash) {\n if (history.pushState) {\n // debug.log('Setting window.location.has using pushState')\n history.pushState(null, document.title, postLoginRedirectHash)\n } else {\n // debug.warn('Setting window.location.has using location.hash')\n location.hash = postLoginRedirectHash\n }\n curUrl.hash = postLoginRedirectHash\n }\n // See https://stackoverflow.com/questions/3870057/how-can-i-update-window-location-hash-without-jumping-the-document\n // window.location.href = curUrl.toString()// @@ See https://developer.mozilla.org/en-US/docs/Web/API/Window/location\n window.localStorage.setItem('preLoginRedirectHash', '')\n }\n\n // Check to see if already logged in / have the WebID\n let me = offlineTestID()\n if (me) {\n return Promise.resolve(setUserCallback ? setUserCallback(me) : me)\n }\n\n const webId = this.webIdFromSession(this.session.info)\n if (webId) {\n me = this.saveUser(webId)\n }\n\n if (me) {\n debug.log(`(Logged in as ${me} by authentication)`)\n }\n\n return Promise.resolve(setUserCallback ? setUserCallback(me) : me)\n }\n\n /**\n * Saves `webId` in `context.me`\n * @param webId\n * @param context\n *\n * @returns Returns the WebID, after setting it\n */\n saveUser (\n webId: NamedNode | string | null,\n context?: AuthenticationContext\n ): NamedNode | null {\n let webIdUri: string\n if (webId) {\n webIdUri = (typeof webId === 'string') ? webId : webId.uri\n const me = namedNode(webIdUri)\n if (context) {\n context.me = me\n }\n return me\n }\n return null\n }\n\n /**\n * @returns {Promise} Resolves with WebID URI or null\n */\n webIdFromSession (session?: { webId?: string, isLoggedIn: boolean }): string | null {\n const webId = session?.webId && session.isLoggedIn ? session.webId : null\n return webId\n }\n\n}\n","import { NamedNode, sym } from 'rdflib'\n\nexport function newThing(doc: NamedNode): NamedNode {\n return sym(doc.uri + '#' + 'id' + ('' + Date.now()))\n}\n\nexport function uniqueNodes (arr: NamedNode[]): NamedNode[] {\n const uris = arr.map(x => x.uri)\n const set = new Set(uris)\n const uris2 = Array.from(set)\n const arr2 = uris2.map(u => new NamedNode(u))\n return arr2 // Array.from(new Set(arr.map(x => x.uri))).map(u => sym(u))\n}\n\nexport function getArchiveUrl(baseUrl: string, date: Date) {\n const year = date.getUTCFullYear()\n const month = ('0' + (date.getUTCMonth()+1)).slice(-2)\n const day = ('0' + (date.getUTCDate())).slice(-2)\n const parts = baseUrl.split('/')\n const filename = parts[parts.length -1 ]\n return new URL(`./archive/${year}/${month}/${day}/${filename}`, baseUrl).toString()\n}\n\nexport function differentOrigin(doc): boolean {\n if (!doc) {\n return true\n }\n return (\n `${window.location.origin}/` !== new URL(doc.value).origin\n )\n}\n\nexport function suggestPreferencesFile (me:NamedNode) {\n const stripped = me.uri.replace('/profile/', '/').replace('/public/', '/')\n // const stripped = me.uri.replace(\\/[p|P]rofile/\\g, '/').replace(\\/[p|P]ublic/\\g, '/')\n const folderURI = stripped.split('/').slice(0,-1).join('/') + '/Settings/'\n const fileURI = folderURI + 'Preferences.ttl'\n return sym(fileURI)\n}\n\nexport function determineChatContainer(\n invitee: NamedNode,\n podRoot: NamedNode\n): NamedNode {\n // Create chat\n // See https://gitter.im/solid/chat-app?at=5f3c800f855be416a23ae74a\n const chatContainerStr = new URL(\n `IndividualChats/${new URL(invitee.value).host}/`,\n podRoot.value\n ).toString()\n return new NamedNode(chatContainerStr)\n}\n","import { NamedNode, Node, st, term } from 'rdflib'\nimport { ChatLogic, CreatedPaneOptions, NewPaneOptions, Chat } from '../types'\nimport { ns as namespace } from '../util/ns'\nimport { determineChatContainer, newThing } from '../util/utils'\n\nconst CHAT_LOCATION_IN_CONTAINER = 'index.ttl#this'\n\nexport function createChatLogic(store, profileLogic): ChatLogic {\n const ns = namespace\n\n async function setAcl(\n chatContainer: NamedNode,\n me: NamedNode,\n invitee: NamedNode\n ): Promise {\n // Some servers don't present a Link http response header\n // if the container doesn't exist yet, so refetch the container\n // now that it has been created:\n await store.fetcher.load(chatContainer)\n\n // FIXME: check the Why value on this quad:\n const chatAclDoc = store.any(\n chatContainer,\n new NamedNode('http://www.iana.org/assignments/link-relations/acl')\n )\n if (!chatAclDoc) {\n throw new Error('Chat ACL doc not found!')\n }\n\n const aclBody = `\n @prefix acl: .\n <#owner>\n a acl:Authorization;\n acl:agent <${me.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Write, acl:Control.\n <#invitee>\n a acl:Authorization;\n acl:agent <${invitee.value}>;\n acl:accessTo <.>;\n acl:default <.>;\n acl:mode\n acl:Read, acl:Append.\n `\n await store.fetcher.webOperation('PUT', chatAclDoc.value, {\n data: aclBody,\n contentType: 'text/turtle',\n })\n }\n\n async function addToPrivateTypeIndex(chatThing, me) {\n // Add to private type index\n const privateTypeIndex = store.any(\n me,\n ns.solid('privateTypeIndex')\n ) as NamedNode | null\n if (!privateTypeIndex) {\n throw new Error('Private type index not found!')\n }\n await store.fetcher.load(privateTypeIndex)\n const reg = newThing(privateTypeIndex)\n const ins = [\n st(\n reg,\n ns.rdf('type'),\n ns.solid('TypeRegistration'),\n privateTypeIndex.doc()\n ),\n st(\n reg,\n ns.solid('forClass'),\n ns.meeting('LongChat'),\n privateTypeIndex.doc()\n ),\n st(reg, ns.solid('instance'), chatThing, privateTypeIndex.doc()),\n ]\n await new Promise((resolve, reject) => {\n store.updater.update([], ins, function (_uri, ok, errm) {\n if (!ok) {\n reject(new Error(errm))\n } else {\n resolve(null)\n }\n })\n })\n }\n\n async function findChat(invitee: NamedNode): Promise {\n const me = await profileLogic.loadMe()\n const podRoot = await profileLogic.getPodRoot(me)\n const chatContainer = determineChatContainer(invitee, podRoot)\n let exists = true\n try {\n await store.fetcher.load(\n new NamedNode(chatContainer.value + 'index.ttl#this')\n )\n } catch (e) {\n exists = false\n }\n return { me, chatContainer, exists }\n }\n\n async function createChatThing(\n chatContainer: NamedNode,\n me: NamedNode\n ): Promise {\n const created = await mintNew({\n me,\n newBase: chatContainer.value,\n })\n return created.newInstance\n }\n\n function mintNew(newPaneOptions: NewPaneOptions): Promise {\n const kb = store\n const updater = kb.updater\n if (newPaneOptions.me && !newPaneOptions.me.uri) {\n throw new Error('chat mintNew: Invalid userid ' + newPaneOptions.me)\n }\n\n const newInstance = (newPaneOptions.newInstance =\n newPaneOptions.newInstance ||\n kb.sym(newPaneOptions.newBase + CHAT_LOCATION_IN_CONTAINER))\n const newChatDoc = newInstance.doc()\n\n kb.add(\n newInstance,\n ns.rdf('type'),\n ns.meeting('LongChat'),\n newChatDoc\n )\n kb.add(newInstance, ns.dc('title'), 'Chat channel', newChatDoc)\n kb.add(\n newInstance,\n ns.dc('created'),\n term(new Date(Date.now())),\n newChatDoc\n )\n if (newPaneOptions.me) {\n kb.add(newInstance, ns.dc('author'), newPaneOptions.me, newChatDoc)\n }\n\n return new Promise(function (resolve, reject) {\n updater?.put(\n newChatDoc,\n kb.statementsMatching(undefined, undefined, undefined, newChatDoc),\n 'text/turtle',\n function (uri2, ok, message) {\n if (ok) {\n resolve({\n ...newPaneOptions,\n newInstance,\n })\n } else {\n reject(\n new Error(\n 'FAILED to save new chat channel at: ' + uri2 + ' : ' + message\n )\n )\n }\n }\n )\n })\n }\n\n /**\n * Find (and optionally create) an individual chat between the current user and the given invitee\n * @param invitee - The person to chat with\n * @param createIfMissing - Whether the chat should be created, if missing\n * @returns null if missing, or a node referring to an already existing chat, or the newly created chat\n */\n async function getChat(\n invitee: NamedNode,\n createIfMissing = true\n ): Promise {\n const { me, chatContainer, exists } = await findChat(invitee)\n if (exists) {\n return new NamedNode(chatContainer.value + CHAT_LOCATION_IN_CONTAINER)\n }\n\n if (createIfMissing) {\n const chatThing = await createChatThing(chatContainer, me)\n await sendInvite(invitee, chatThing)\n await setAcl(chatContainer, me, invitee)\n await addToPrivateTypeIndex(chatThing, me)\n return chatThing\n }\n return null\n }\n\n async function sendInvite(invitee: NamedNode, chatThing: NamedNode) {\n await store.fetcher.load(invitee.doc())\n const inviteeInbox = store.any(\n invitee,\n ns.ldp('inbox'),\n undefined,\n invitee.doc()\n )\n if (!inviteeInbox) {\n throw new Error(`Invitee inbox not found! ${invitee.value}`)\n }\n const inviteBody = `\n <> a ;\n ${ns.rdf('seeAlso')} <${chatThing.value}> .\n `\n\n const inviteResponse = await store.fetcher?.webOperation(\n 'POST',\n inviteeInbox.value,\n {\n data: inviteBody,\n contentType: 'text/turtle',\n }\n )\n const locationStr = inviteResponse?.headers.get('location')\n if (!locationStr) {\n throw new Error(`Invite sending returned a ${inviteResponse?.status}`)\n }\n }\n return {\n setAcl, addToPrivateTypeIndex, findChat, createChatThing, getChat, sendInvite, mintNew\n }\n}\n","import { NamedNode } from 'rdflib'\nimport { InboxLogic } from '../types'\nimport { getArchiveUrl } from '../util/utils'\n\nexport function createInboxLogic(store, profileLogic, utilityLogic, containerLogic, aclLogic): InboxLogic {\n\n async function createInboxFor(peerWebId: string, nick: string) {\n const myWebId: NamedNode = await profileLogic.loadMe()\n const podRoot: NamedNode = await profileLogic.getPodRoot(myWebId)\n const ourInbox = `${podRoot.value}p2p-inboxes/${encodeURIComponent(nick)}/`\n await containerLogic.createContainer(ourInbox)\n // const aclDocUrl = await aclLogic.findAclDocUrl(ourInbox);\n await utilityLogic.setSinglePeerAccess({\n ownerWebId: myWebId.value,\n peerWebId,\n accessToModes: 'acl:Append',\n target: ourInbox\n })\n return ourInbox\n }\n\n async function getNewMessages(\n user?: NamedNode\n ): Promise {\n if (!user) {\n user = await profileLogic.loadMe()\n }\n const inbox = await profileLogic.getMainInbox(user)\n const urls = await containerLogic.getContainerMembers(inbox)\n return urls.filter(url => !containerLogic.isContainer(url))\n }\n\n async function markAsRead(url: string, date: Date) {\n const downloaded = await store.fetcher._fetch(url)\n if (downloaded.status !== 200) {\n throw new Error(`Not OK! ${url}`)\n }\n const archiveUrl = getArchiveUrl(url, date)\n const options = {\n method: 'PUT',\n body: await downloaded.text(),\n headers: [\n ['Content-Type', downloaded.headers.get('Content-Type') || 'application/octet-stream']\n ]\n }\n const uploaded = await store.fetcher._fetch(archiveUrl, options)\n if (uploaded.status.toString()[0] === '2') {\n await store.fetcher._fetch(url, {\n method: 'DELETE'\n })\n }\n }\n return {\n createInboxFor,\n getNewMessages,\n markAsRead\n }\n}\n","class CustomError extends Error {\n constructor(message?: string) {\n super(message)\n // see: typescriptlang.org/docs/handbook/release-notes/typescript-2-2.html\n Object.setPrototypeOf(this, new.target.prototype) // restore prototype chain\n this.name = new.target.name // stack traces display correctly now\n }\n}\n\nexport class UnauthorizedError extends CustomError {}\n\nexport class CrossOriginForbiddenError extends CustomError {}\n\nexport class SameOriginForbiddenError extends CustomError {}\n\nexport class NotFoundError extends CustomError {}\n\nexport class NotEditableError extends CustomError { }\n\nexport class WebOperationError extends CustomError {}\n\nexport class FetchError extends CustomError {\n status: number\n\n constructor(status: number, message?: string) {\n super(message)\n this.status = status\n }\n}","import { NamedNode } from 'rdflib'\nimport { CrossOriginForbiddenError, FetchError, NotEditableError, SameOriginForbiddenError, UnauthorizedError, WebOperationError } from '../logic/CustomError'\nimport * as debug from '../util/debug'\nimport { ns as namespace } from '../util/ns'\nimport { differentOrigin, suggestPreferencesFile } from '../util/utils'\nimport { ProfileLogic } from '../types'\n\nexport function createProfileLogic(store, authn, utilityLogic): ProfileLogic {\n const ns = namespace\n\n /**\n * loads the preference without throwing errors - if it can create it it does so.\n * remark: it still throws error if it cannot load profile.\n * @param user\n * @returns undefined if preferenceFile cannot be returned or NamedNode if it can find it or create it\n */\n async function silencedLoadPreferences(user: NamedNode): Promise {\n try {\n return await loadPreferences(user)\n } catch (err) {\n return undefined\n }\n }\n\n /**\n * loads the preference without returning different errors if it cannot create or load it.\n * remark: it also throws error if it cannot load profile.\n * @param user\n * @returns undefined if preferenceFile cannot be an Error or NamedNode if it can find it or create it\n */\n async function loadPreferences (user: NamedNode): Promise {\n await loadProfile(user)\n\n const possiblePreferencesFile = suggestPreferencesFile(user)\n let preferencesFile\n try {\n preferencesFile = await utilityLogic.followOrCreateLink(user, ns.space('preferencesFile') as NamedNode, possiblePreferencesFile, user.doc())\n } catch (err) {\n const message = `User ${user} has no pointer in profile to preferences file.`\n debug.warn(message)\n // we are listing the possible errors\n if (err instanceof NotEditableError) { throw err }\n if (err instanceof WebOperationError) { throw err }\n if (err instanceof UnauthorizedError) { throw err }\n if (err instanceof CrossOriginForbiddenError) { throw err }\n if (err instanceof SameOriginForbiddenError) { throw err }\n if (err instanceof FetchError) { throw err }\n throw err\n }\n\n try {\n await store.fetcher.load(preferencesFile as NamedNode)\n } catch (err) { // Maybe a permission problem or origin problem\n const msg = `Unable to load preference of user ${user}: ${err}`\n debug.warn(msg)\n if (err.response.status === 401) {\n throw new UnauthorizedError()\n }\n if (err.response.status === 403) {\n if (differentOrigin(preferencesFile)) {\n throw new CrossOriginForbiddenError()\n }\n throw new SameOriginForbiddenError()\n }\n /*if (err.response.status === 404) {\n throw new NotFoundError();\n }*/\n throw new Error(msg)\n }\n return preferencesFile as NamedNode\n }\n\n async function loadProfile (user: NamedNode):Promise {\n if (!user) {\n throw new Error('loadProfile: no user given.')\n }\n try {\n await store.fetcher.load(user.doc())\n } catch (err) {\n throw new Error(`Unable to load profile of user ${user}: ${err}`)\n }\n return user.doc()\n }\n\n async function loadMe(): Promise {\n const me = authn.currentUser()\n if (me === null) {\n throw new Error('Current user not found! Not logged in?')\n }\n await store.fetcher.load(me.doc())\n return me\n }\n\n function getPodRoot(user: NamedNode): NamedNode {\n const podRoot = findStorage(user)\n if (!podRoot) {\n throw new Error('User pod root not found!')\n }\n return podRoot as NamedNode\n }\n\n async function getMainInbox(user: NamedNode): Promise {\n await store.fetcher.load(user)\n const mainInbox = store.any(user, ns.ldp('inbox'), undefined, user.doc())\n if (!mainInbox) {\n throw new Error('User main inbox not found!')\n }\n return mainInbox as NamedNode\n }\n\n function findStorage(me: NamedNode) {\n return store.any(me, ns.space('storage'), undefined, me.doc())\n }\n\n return {\n loadMe,\n getPodRoot,\n getMainInbox,\n findStorage,\n loadPreferences,\n loadProfile,\n silencedLoadPreferences\n }\n}\n","import { NamedNode, st, sym } from 'rdflib'\nimport { ScopedApp, TypeIndexLogic, TypeIndexScope } from '../types'\nimport * as debug from '../util/debug'\nimport { ns as namespace } from '../util/ns'\nimport { newThing } from '../util/utils'\n\nexport function createTypeIndexLogic(store, authn, profileLogic, utilityLogic): TypeIndexLogic {\n const ns = namespace\n\n function getRegistrations(instance, theClass) {\n return store\n .each(undefined, ns.solid('instance'), instance)\n .filter((r) => {\n return store.holds(r, ns.solid('forClass'), theClass)\n })\n }\n\n async function loadTypeIndexesFor(user: NamedNode): Promise> {\n if (!user) throw new Error('loadTypeIndexesFor: No user given')\n const profile = await profileLogic.loadProfile(user)\n\n const suggestion = suggestPublicTypeIndex(user)\n let publicTypeIndex\n try {\n publicTypeIndex = await utilityLogic.followOrCreateLink(user, ns.solid('publicTypeIndex') as NamedNode, suggestion, profile)\n } catch (err) {\n const message = `User ${user} has no pointer in profile to publicTypeIndex file.`\n debug.warn(message)\n }\n const publicScopes = publicTypeIndex ? [{ label: 'public', index: publicTypeIndex as NamedNode, agent: user }] : []\n\n let preferencesFile\n try {\n preferencesFile = await profileLogic.silencedLoadPreferences(user)\n } catch (err) {\n preferencesFile = null\n }\n\n let privateScopes\n if (preferencesFile) { // watch out - can be in either as spec was not clear. Legacy is profile.\n // If there is a legacy one linked from the profile, use that.\n // Otherwiae use or make one linked from Preferences\n const suggestedPrivateTypeIndex = suggestPrivateTypeIndex(preferencesFile)\n let privateTypeIndex\n try {\n privateTypeIndex = store.any(user, ns.solid('privateTypeIndex'), undefined, profile) ||\n await utilityLogic.followOrCreateLink(user, ns.solid('privateTypeIndex') as NamedNode, suggestedPrivateTypeIndex, preferencesFile)\n } catch (err) {\n const message = `User ${user} has no pointer in preference file to privateTypeIndex file.`\n debug.warn(message)\n }\n privateScopes = privateTypeIndex ? [{ label: 'private', index: privateTypeIndex as NamedNode, agent: user }] : []\n } else {\n privateScopes = []\n }\n const scopes = publicScopes.concat(privateScopes)\n if (scopes.length === 0) return scopes\n const files = scopes.map(scope => scope.index)\n try {\n await store.fetcher.load(files)\n } catch (err) {\n debug.warn('Problems loading type index: ', err)\n }\n return scopes\n }\n\n async function loadCommunityTypeIndexes(user: NamedNode): Promise {\n let preferencesFile\n try {\n preferencesFile = await profileLogic.silencedLoadPreferences(user)\n } catch (err) {\n const message = `User ${user} has no pointer in profile to preferences file.`\n debug.warn(message)\n }\n if (preferencesFile) { // For now, pick up communities as simple links from the preferences file.\n const communities = store.each(user, ns.solid('community'), undefined, preferencesFile as NamedNode).concat(\n store.each(user, ns.solid('community'), undefined, user.doc() as NamedNode)\n )\n let result = []\n for (const org of communities) {\n result = result.concat(await loadTypeIndexesFor(org as NamedNode) as any)\n }\n return result\n }\n return [] // No communities\n }\n\n async function loadAllTypeIndexes(user: NamedNode) {\n return (await loadTypeIndexesFor(user)).concat((await loadCommunityTypeIndexes(user)).flat())\n }\n\n async function getScopedAppInstances(klass: NamedNode, user: NamedNode): Promise {\n const scopes = await loadAllTypeIndexes(user)\n let scopedApps = []\n for (const scope of scopes) {\n const scopedApps0 = await getScopedAppsFromIndex(scope, klass) as any\n scopedApps = scopedApps.concat(scopedApps0)\n }\n return scopedApps\n }\n\n // This is the function signature which used to be in solid-ui/logic\n // Recommended to use getScopedAppInstances instead as it provides more information.\n //\n async function getAppInstances(klass: NamedNode): Promise {\n const user = authn.currentUser()\n if (!user) throw new Error('getAppInstances: Must be logged in to find apps.')\n const scopedAppInstances = await getScopedAppInstances(klass, user)\n return scopedAppInstances.map(scoped => scoped.instance)\n }\n\n function suggestPublicTypeIndex(me: NamedNode) {\n return sym(me.doc().dir()?.uri + 'publicTypeIndex.ttl')\n }\n // Note this one is based off the pref file not the profile\n\n function suggestPrivateTypeIndex(preferencesFile: NamedNode) {\n return sym(preferencesFile.doc().dir()?.uri + 'privateTypeIndex.ttl')\n }\n\n /*\n * Register a new app in a type index\n * used in chat in bookmark.js (solid-ui)\n * Returns the registration object if successful else null\n */\n async function registerInTypeIndex(\n instance: NamedNode,\n index: NamedNode,\n theClass: NamedNode,\n // agent: NamedNode\n ): Promise {\n const registration = newThing(index)\n const ins = [\n // See https://github.com/solid/solid/blob/main/proposals/data-discovery.md\n st(registration, ns.rdf('type'), ns.solid('TypeRegistration'), index),\n st(registration, ns.solid('forClass'), theClass, index),\n st(registration, ns.solid('instance'), instance, index)\n ]\n try {\n await store.updater.update([], ins)\n } catch (err) {\n const msg = `Unable to register ${instance} in index ${index}: ${err}`\n console.warn(msg)\n return null\n }\n return registration\n }\n\n async function deleteTypeIndexRegistration(item) {\n const reg = store.the(null, ns.solid('instance'), item.instance, item.scope.index) as NamedNode\n if (!reg) throw new Error(`deleteTypeIndexRegistration: No registration found for ${item.instance}`)\n const statements = store.statementsMatching(reg, null, null, item.scope.index)\n await store.updater.update(statements, [])\n }\n\n async function getScopedAppsFromIndex(scope: TypeIndexScope, theClass: NamedNode | null): Promise {\n const index = scope.index\n const results: ScopedApp[] = []\n const registrations = store.statementsMatching(null, ns.solid('instance'), null, index)\n .concat(store.statementsMatching(null, ns.solid('instanceContainer'), null, index))\n .map(st => st.subject)\n for (const reg of registrations) {\n const klass = store.any(reg, ns.solid('forClass'), null, index)\n if (!theClass || klass.sameTerm(theClass)) {\n const instances = store.each(reg, ns.solid('instance'), null, index)\n for (const instance of instances) {\n results.push({ instance, type: klass, scope })\n }\n const containers = store.each(reg, ns.solid('instanceContainer'), null, index)\n for (const instance of containers) {\n await store.fetcher.load(instance)\n results.push({ instance: sym(instance.value), type: klass, scope })\n }\n }\n }\n return results\n }\n\n return {\n registerInTypeIndex,\n getRegistrations,\n loadTypeIndexesFor,\n loadCommunityTypeIndexes,\n loadAllTypeIndexes,\n getScopedAppInstances,\n getAppInstances,\n suggestPublicTypeIndex,\n suggestPrivateTypeIndex,\n deleteTypeIndexRegistration,\n getScopedAppsFromIndex\n }\n}\n","import { Session } from '../authSession/solidOidcAdapter'\nimport * as rdf from 'rdflib'\nimport { LiveStore, NamedNode, Statement } from 'rdflib'\nimport { createAclLogic } from '../acl/aclLogic'\nimport { SolidAuthnLogic } from '../authn/SolidAuthnLogic'\nimport { createChatLogic } from '../chat/chatLogic'\nimport { createInboxLogic } from '../inbox/inboxLogic'\nimport { createProfileLogic } from '../profile/profileLogic'\nimport { createTypeIndexLogic } from '../typeIndex/typeIndexLogic'\nimport { createContainerLogic } from '../util/containerLogic'\nimport { createUtilityLogic } from '../util/utilityLogic'\nimport { AuthnLogic, SolidLogic } from '../types'\nimport * as debug from '../util/debug'\n/*\n** It is important to distinquish `fetch`, a function provided by the browser\n** and `Fetcher`, a helper object for the rdflib Store which turns it\n** into a `ConnectedStore` or a `LiveStore`. A Fetcher object is\n** available at store.fetcher, and `fetch` function at `store.fetcher._fetch`,\n*/\nexport function createSolidLogic(specialFetch: { fetch: (url: any, requestInit: any) => any }, session: Session): SolidLogic {\n\n debug.log('SolidLogic: Unique instance created. There should only be one of these.')\n const store: LiveStore = rdf.graph() as LiveStore\n rdf.fetcher(store, {fetch: specialFetch.fetch}) // Attach a web I/O module, store.fetcher\n store.updater = new rdf.UpdateManager(store) // Add real-time live updates store.updater\n store.features = [] // disable automatic node merging on store load\n\n const authn: AuthnLogic = new SolidAuthnLogic(session)\n \n const acl = createAclLogic(store)\n const containerLogic = createContainerLogic(store)\n const utilityLogic = createUtilityLogic(store, acl, containerLogic)\n const profile = createProfileLogic(store, authn, utilityLogic)\n const chat = createChatLogic(store, profile)\n const inbox = createInboxLogic(store, profile, utilityLogic, containerLogic, acl)\n const typeIndex = createTypeIndexLogic(store, authn, profile, utilityLogic)\n debug.log('SolidAuthnLogic initialized')\n\n function load(doc: NamedNode | NamedNode[] | string) {\n return store.fetcher.load(doc)\n }\n\n // @@@@ use the one in rdflib.js when it is available and delete this\n function updatePromise(\n del: Array,\n ins: Array = []\n ): Promise {\n return new Promise((resolve, reject) => {\n store.updater.update(del, ins, function (_uri, ok, errorBody) {\n if (!ok) {\n reject(new Error(errorBody))\n } else {\n resolve()\n }\n }) // callback\n }) // promise\n }\n\n function clearStore() {\n store.statements.slice().forEach(store.remove.bind(store))\n }\n\n return {\n store,\n authn,\n acl,\n inbox,\n chat,\n profile,\n typeIndex,\n load,\n updatePromise,\n clearStore\n }\n}\n","import { NamedNode, Statement, sym } from 'rdflib'\n\n/**\n * Container-related class\n */\nexport function createContainerLogic(store) {\n\n function getContainerElements(containerNode: NamedNode): NamedNode[] {\n return store\n .statementsMatching(\n containerNode,\n sym('http://www.w3.org/ns/ldp#contains'),\n undefined\n )\n .map((st: Statement) => st.object as NamedNode)\n }\n\n function isContainer(url: NamedNode) {\n const nodeToString = url.value\n return nodeToString.charAt(nodeToString.length - 1) === '/'\n }\n\n async function createContainer(url: string) {\n const stringToNode = sym(url)\n if (!isContainer(stringToNode)) {\n throw new Error(`Not a container URL ${url}`)\n }\n // Copied from https://github.com/solidos/solid-crud-tests/blob/v3.1.0/test/surface/create-container.test.ts#L56-L64\n const result = await store.fetcher._fetch(url, {\n method: 'PUT',\n headers: {\n 'Content-Type': 'text/turtle',\n 'If-None-Match': '*',\n Link: '; rel=\"type\"', // See https://github.com/solidos/node-solid-server/issues/1465\n },\n body: ' ', // work around https://github.com/michielbdejong/community-server/issues/4#issuecomment-776222863\n })\n if (result.status.toString()[0] !== '2') {\n throw new Error(`Not OK: got ${result.status} response while creating container at ${url}`)\n }\n }\n\n async function getContainerMembers(containerUrl: NamedNode): Promise {\n await store.fetcher.load(containerUrl)\n return getContainerElements(containerUrl)\n }\n return {\n isContainer,\n createContainer,\n getContainerElements,\n getContainerMembers\n }\n}","import { NamedNode, st, sym } from 'rdflib'\nimport { CrossOriginForbiddenError, FetchError, NotEditableError, SameOriginForbiddenError, UnauthorizedError, WebOperationError } from '../logic/CustomError'\nimport * as debug from '../util/debug'\nimport { differentOrigin } from './utils'\n\nexport function createUtilityLogic(store, aclLogic, containerLogic) {\n\n async function recursiveDelete(containerNode: NamedNode) {\n try {\n if (containerLogic.isContainer(containerNode)) {\n const aclDocUrl = await aclLogic.findAclDocUrl(containerNode)\n await store.fetcher._fetch(aclDocUrl, { method: 'DELETE' })\n const containerMembers = await containerLogic.getContainerMembers(containerNode)\n await Promise.all(\n containerMembers.map((url) => recursiveDelete(url))\n )\n }\n const nodeToStringHere = containerNode.value\n return store.fetcher._fetch(nodeToStringHere, { method: 'DELETE' })\n } catch (e) {\n debug.log(`Please manually remove ${containerNode.value} from your system.`, e)\n }\n }\n\n /**\n * Create a resource if it really does not exist\n * Be absolutely sure something does not exist before creating a new empty file\n * as otherwise existing could be deleted.\n * @param doc {NamedNode} - The resource\n */\n async function loadOrCreateIfNotExists(doc: NamedNode) {\n let response\n try {\n response = await store.fetcher.load(doc)\n } catch (err) {\n if (err.response.status === 404) {\n try {\n await store.fetcher.webOperation('PUT', doc, { data: '', contentType: 'text/turtle' })\n } catch (err) {\n const msg = 'createIfNotExists: PUT FAILED: ' + doc + ': ' + err\n throw new WebOperationError(msg)\n }\n await store.fetcher.load(doc)\n } else {\n if (err.response.status === 401) {\n throw new UnauthorizedError()\n }\n if (err.response.status === 403) {\n if (differentOrigin(doc)) {\n throw new CrossOriginForbiddenError()\n }\n throw new SameOriginForbiddenError()\n }\n const msg = 'createIfNotExists doc load error NOT 404: ' + doc + ': ' + err\n throw new FetchError(err.status, err.message + msg)\n }\n }\n return response\n }\n\n /* Follow link from this doc to another thing, or else make a new link\n **\n ** @returns existing object, or creates it if non existent\n */\n async function followOrCreateLink(subject: NamedNode, predicate: NamedNode,\n object: NamedNode, doc: NamedNode\n ): Promise {\n await store.fetcher.load(doc)\n const result = store.any(subject, predicate, null, doc)\n\n if (result) return result as NamedNode\n if (!store.updater.editable(doc)) {\n const msg = `followOrCreateLink: cannot edit ${doc.value}`\n debug.warn(msg)\n throw new NotEditableError(msg)\n }\n try {\n await store.updater.update([], [st(subject, predicate, object, doc)])\n } catch (err) {\n const msg = `followOrCreateLink: Error making link in ${doc} to ${object}: ${err}`\n debug.warn(msg)\n throw new WebOperationError(err)\n }\n\n try {\n await loadOrCreateIfNotExists(object)\n // store.fetcher.webOperation('PUT', object, { data: '', contentType: 'text/turtle'})\n } catch (err) {\n debug.warn(`followOrCreateLink: Error loading or saving new linked document: ${object}: ${err}`)\n throw err\n }\n return object\n }\n\n // Copied from https://github.com/solidos/web-access-control-tests/blob/v3.0.0/test/surface/delete.test.ts#L5\n async function setSinglePeerAccess(options: {\n ownerWebId: string,\n peerWebId: string,\n accessToModes?: string,\n defaultModes?: string,\n target: string\n }) {\n let str = [\n '@prefix acl: .',\n '',\n `<#alice> a acl:Authorization;\\n acl:agent <${options.ownerWebId}>;`,\n ` acl:accessTo <${options.target}>;`,\n ` acl:default <${options.target}>;`,\n ' acl:mode acl:Read, acl:Write, acl:Control.',\n ''\n ].join('\\n')\n if (options.accessToModes) {\n str += [\n '<#bobAccessTo> a acl:Authorization;',\n ` acl:agent <${options.peerWebId}>;`,\n ` acl:accessTo <${options.target}>;`,\n ` acl:mode ${options.accessToModes}.`,\n ''\n ].join('\\n')\n }\n if (options.defaultModes) {\n str += [\n '<#bobDefault> a acl:Authorization;',\n ` acl:agent <${options.peerWebId}>;`,\n ` acl:default <${options.target}>;`,\n ` acl:mode ${options.defaultModes}.`,\n ''\n ].join('\\n')\n }\n const aclDocUrl = await aclLogic.findAclDocUrl(sym(options.target))\n return store.fetcher._fetch(aclDocUrl, {\n method: 'PUT',\n body: str,\n headers: [\n ['Content-Type', 'text/turtle']\n ]\n })\n }\n\n async function createEmptyRdfDoc(doc: NamedNode, comment: string) {\n await store.fetcher.webOperation('PUT', doc.uri, {\n data: `# ${new Date()} ${comment}\n `,\n contentType: 'text/turtle',\n })\n }\n \n return {\n recursiveDelete,\n setSinglePeerAccess,\n createEmptyRdfDoc,\n followOrCreateLink,\n loadOrCreateIfNotExists\n }\n}\n\n","import * as debug from '../util/debug'\nimport { authSession } from '../authSession/authSession'\nimport { createSolidLogic } from './solidLogic'\nimport { SolidLogic } from '../types'\n\nconst _fetch = async (url, requestInit) => {\n const omitCreds = requestInit && requestInit.credentials && requestInit.credentials == 'omit'\n if (authSession.info.webId && !omitCreds) { // see https://github.com/solidos/solidos/issues/114\n // In fact fetch should respect credentials omit itself\n return authSession.fetch(url, requestInit)\n } else {\n return window.fetch(url, requestInit)\n }\n}\n\n// Global singleton pattern to ensure unique store across library versions\nconst SINGLETON_SYMBOL = Symbol.for('solid-logic-singleton')\n\n// Type the global object properly with the singleton\ninterface GlobalWithSingleton {\n [SINGLETON_SYMBOL]?: SolidLogic\n}\n\nconst globalTarget = (typeof window !== 'undefined' ? window : global) as GlobalWithSingleton\n\nfunction getOrCreateSingleton(): SolidLogic {\n if (!globalTarget[SINGLETON_SYMBOL]) {\n debug.log('SolidLogic: Creating new global singleton instance.')\n globalTarget[SINGLETON_SYMBOL] = createSolidLogic({ fetch: _fetch }, authSession)\n debug.log('Unique quadstore initialized.')\n } else {\n debug.log('SolidLogic: Using existing global singleton instance.')\n }\n return globalTarget[SINGLETON_SYMBOL]!\n}\n//this const makes solidLogicSingleton global accessible in mashlib\nconst solidLogicSingleton = getOrCreateSingleton()\n\nexport { solidLogicSingleton }","const DEFAULT_ISSUERS = [\n {\n name: 'Solid Community',\n uri: 'https://solidcommunity.net'\n },\n {\n name: 'Solid Web',\n uri: 'https://solidweb.org'\n },\n {\n name: 'Solid Web ME',\n uri: 'https://solidweb.me'\n },\n {\n name: 'Inrupt.com',\n uri: 'https://login.inrupt.com'\n }\n]\n\n/**\n * @returns - A list of suggested OIDC issuers\n */\nexport function getSuggestedIssuers (): { name: string, uri: string }[] {\n // Suggest a default list of OIDC issuers\n const issuers = [...DEFAULT_ISSUERS]\n \n // Suggest the current host if not already included\n const { host, origin } = new URL(location.href)\n const hosts = issuers.map(({ uri }) => new URL(uri).host)\n if (!hosts.includes(host) && !hosts.some(existing => isSubdomainOf(host, existing))) {\n issuers.unshift({ name: host, uri: origin })\n }\n \n return issuers\n }\n \nfunction isSubdomainOf (subdomain: string, domain: string): boolean {\n const dot = subdomain.length - domain.length - 1\n return dot > 0 && subdomain[dot] === '.' && subdomain.endsWith(domain)\n}","// Make these variables directly accessible as it is what you need most of the time\n// This also makes these variable globaly accesible in mashlib\nimport { solidLogicSingleton } from './logic/solidLogicSingleton'\n\nconst authn = solidLogicSingleton.authn\nconst authSession = solidLogicSingleton.authn.authSession\nconst store = solidLogicSingleton.store\n\nexport { ACL_LINK } from './acl/aclLogic'\nexport { offlineTestID, appContext } from './authn/authUtil'\nexport { getSuggestedIssuers } from './issuer/issuerLogic'\nexport { createTypeIndexLogic } from './typeIndex/typeIndexLogic'\nexport type { AppDetails, SolidNamespace, AuthenticationContext, SolidLogic, ChatLogic } from './types'\nexport { UnauthorizedError, CrossOriginForbiddenError, SameOriginForbiddenError, NotFoundError, FetchError, NotEditableError, WebOperationError } from './logic/CustomError'\n\nexport {\n solidLogicSingleton, // solidLogicSingleton is exported entirely because it is used in solid-panes\n store,\n authn,\n authSession\n}\n\n"],"names":["root","factory","exports","module","require","define","amd","this","__WEBPACK_EXTERNAL_MODULE__264__","aliases","acl","arg","as","bookmark","cal","cco","cert","contact","dc","dct","doap","foaf","geo","gpx","gr","http","httph","icalTZ","ldp","link","log","meeting","mo","org","owl","pad","patch","prov","pto","qu","trip","rdf","rdfs","rss","sched","schema","sioc","skos","solid","space","stat","tab","tabont","ui","vann","vcard","wf","xsd","namedNode","u","namespaces","alias","expansion","localName","__webpack_module_cache__","__webpack_require__","moduleId","cachedModule","undefined","__webpack_modules__","n","getter","__esModule","d","a","definition","key","o","Object","defineProperty","enumerable","get","g","globalThis","Function","e","window","obj","prop","prototype","hasOwnProperty","call","r","Symbol","toStringTag","value","args","console","warn","isCryptoKey","CryptoKey","message","msg","actual","types","filter","Boolean","length","last","pop","join","name","constructor","withAlg","alg","encoder","TextEncoder","decoder","TextDecoder","concat","buffers","size","reduce","acc","buf","Uint8Array","i","buffer","set","encode","input","unencoded","arr","push","String","fromCharCode","apply","subarray","btoa","encodeBase64","replace","decode","encoded","binary","atob","bytes","charCodeAt","decodeBase64","TypeError","async","kty","k","extractable","ext","key_ops","use","jwk","subtle","exportKey","exportJWK","JOSEError","Error","options","super","code","captureStackTrace","JWTClaimValidationFailed","payload","claim","reason","cause","JWTExpired","JOSEAlgNotAllowed","arguments","JWSInvalid","JWTInvalid","JWKInvalid","JWKSInvalid","JWKSNoMatchingKey","JWKSMultipleMatchingKeys","asyncIterator","JWKSTimeout","JWSSignatureVerificationFailed","subtleDsa","algorithm","hash","slice","saltLength","namedCurve","startsWith","modulusLength","unusable","isAlgorithm","getHashLength","parseInt","checkUsage","usages","some","expected","includes","checkSigCryptoKey","getNamedCurve","isObject","toString","getPrototypeOf","proto","isJWK","keyUsages","crv","subtleMapping","rest","keyData","importKey","exportKeyValue","privCache","pubCache","isKeyObject","importAndCache","cache","freeze","cached","cryptoKey","export","format","dp","dq","p","q","qi","WeakMap","getCryptoKey","usage","data","signature","sign","headers","sources","header","parameters","keys","parameter","has","add","Set","tag","jwkMatchesOp","symmetricTypeCheck","allowJwk","type","checkKeyType","test","asymmetricTypeCheck","bind","checkKeyTypeWithJwk","Err","recognizedDefault","recognizedOption","protectedHeader","joseHeader","crit","Array","isArray","recognized","Map","entries","FlattenedSign","_payload","setProtectedHeader","_protectedHeader","setUnprotectedHeader","unprotectedHeader","_unprotectedHeader","b64","JSON","stringify","jws","protected","CompactSign","_flattened","date","Math","floor","getTime","day","hour","REGEX","str","matched","exec","parseFloat","numericDate","toLowerCase","round","minute","validateInput","label","Number","isFinite","ProduceJWT","setIssuer","issuer","iss","setSubject","subject","sub","setAudience","audience","aud","setJti","jwtId","jti","setNotBefore","nbf","Date","epoch","secs","setExpirationTime","exp","setIssuedAt","iat","SignJWT","sig","url","timeout","controller","id","timedOut","AbortController","setTimeout","abort","response","fetch","href","signal","redirect","catch","err","clearTimeout","status","json","importJWK","oth","isJWKLike","clone","structuredClone","parse","LocalJWKSet","jwks","_cached","every","isJWKSLike","_jwks","getKey","token","kid","getKtyFromAlg","candidates","candidate","error","importWithAlgCache","createLocalJWKSet","localJWKSet","defineProperties","configurable","writable","USER_AGENT","navigator","userAgent","jwksCache","RemoteJWKSet","URL","cacheMaxAge","_url","_options","agent","_timeoutDuration","timeoutDuration","_cooldownDuration","cooldownDuration","_cacheMaxAge","_cache","uat","now","_jwksTimestamp","_local","coolingDown","fresh","reload","_pendingFetch","WebSocketPair","EdgeRuntime","Headers","fromEntries","then","verify","option","algorithms","s","compactVerify","split","verified","parsedProt","resolvedKey","result","flattenedVerify","normalizeTyp","encodedPayload","typ","requiredClaims","maxTokenAge","presenceCheck","reverse","audPayload","audOption","tolerance","clockTolerance","currentDate","age","subtleDigest","digest","check","description","calculateJwkThumbprint","digestAlgorithm","components","x","y","getModulusLengthOption","publicExponent","generateKey","SessionEvents","SessionDatabase","dbName","storeName","dbVersion","db","init","Promise","resolve","reject","request","indexedDB","open","onerror","onsuccess","onupgradeneeded","event","target","objectStoreNames","contains","createObjectStore","setItem","tx","transaction","oncomplete","objectStore","put","getItem","deleteItem","delete","clear","close","createDPoPToken","keyPair","htu","htm","ath","publicJwk","publicKey","crypto","randomUUID","privateKey","requestTokens","tokenEndpoint","params","dpop","method","body","URLSearchParams","ok","validateAccessToken","accessToken","jwksUri","clientId","remoteJWKSet","reloading","createRemoteJWKSet","jwt","jwtVerify","thumbprint","cnf","jkt","client_id","EventTarget","database","onStateChange","onExpirationWarning","onExpiration","_isActive","_webId","_exp","_ath","_tokens","_idpDetails","_refreshPromise","addEventListener","isActive","webId","isExpired","getExpiresIn","login","idp","redirectUri","redirectUrl","sanitizedRedirect","origin","pathname","search","config","discoverOIDC","trimSlash","endsWith","sessionStorage","token_endpoint","jwks_uri","registrationEndpoint","redirectUris","application_type","redirect_uris","token_endpoint_auth_method","grant_types","response_types","scope","registerClient","registration_endpoint","pkce","verifier","challenge","generatePKCE","csrfToken","authUrl","authorization_endpoint","searchParams","location","handleRedirectFromLogin","csrf","history","replaceState","document","title","pkceVerifier","tokens","grant_type","code_verifier","redirect_uri","access_token","all","refresh_token","removeItem","_setTokens","dpop_key_pair","_dispatchStateChange","restore","refreshToken","refreshTokens","_dispatchExpiration","_dispatchExpirationWarning","logout","authFetch","Request","toUpperCase","decoded","decodeJwt","webid","hashBuffer","hashArray","from","computeAth","dispatchEvent","CustomEvent","detail","expires_in","EVENTS","EventEmitter","listeners","on","callback","off","emit","forEach","cb","Session","_session","_events","_sessionId","events","info","isLoggedIn","sessionId","expirationDate","handleIncomingRedirect","opts","restorePreviousSession","oidcIssuer","authSession","ACL_LINK","sym","createAclLogic","store","ns","genACLText","docURI","me","aclURI","optPublic","public","graph","auth","Namespace","doc","defaultForNew","serialize","findAclDocUrl","fetcher","load","docNode","any","setACLUserPublic","aclDoc","fetchACLRel","aclText","uri","webOperation","contentType","appContext","SolidAppContext","viewingNoAuthPage","noAuth","viewedPage","decodeURI","ary","offlineTestID","$SolidTestEnvironment","username","div","getElementById","getAttribute","SolidAuthnLogic","solidAuthSession","session","currentUser","app","checkUser","setUserCallback","preLoginRedirectHash","localStorage","postLoginRedirectHash","curUrl","pushState","webIdFromSession","saveUser","context","webIdUri","newThing","differentOrigin","CHAT_LOCATION_IN_CONTAINER","createChatLogic","profileLogic","setAcl","chatContainer","invitee","chatAclDoc","NamedNode","aclBody","addToPrivateTypeIndex","chatThing","privateTypeIndex","reg","ins","st","updater","update","_uri","errm","findChat","loadMe","podRoot","chatContainerStr","host","determineChatContainer","getPodRoot","exists","createChatThing","mintNew","newBase","newInstance","newPaneOptions","kb","newChatDoc","term","statementsMatching","uri2","sendInvite","inviteeInbox","inviteBody","inviteResponse","getChat","createIfMissing","createInboxLogic","utilityLogic","containerLogic","aclLogic","createInboxFor","peerWebId","nick","myWebId","ourInbox","encodeURIComponent","createContainer","setSinglePeerAccess","ownerWebId","accessToModes","getNewMessages","user","inbox","getMainInbox","getContainerMembers","isContainer","markAsRead","downloaded","_fetch","archiveUrl","baseUrl","year","getUTCFullYear","month","getUTCMonth","getUTCDate","parts","filename","getArchiveUrl","text","CustomError","setPrototypeOf","UnauthorizedError","CrossOriginForbiddenError","SameOriginForbiddenError","NotFoundError","NotEditableError","WebOperationError","FetchError","createProfileLogic","authn","loadPreferences","loadProfile","possiblePreferencesFile","fileURI","folderURI","suggestPreferencesFile","preferencesFile","followOrCreateLink","findStorage","mainInbox","silencedLoadPreferences","createTypeIndexLogic","loadTypeIndexesFor","profile","suggestion","suggestPublicTypeIndex","publicTypeIndex","publicScopes","index","privateScopes","suggestedPrivateTypeIndex","suggestPrivateTypeIndex","scopes","files","map","loadCommunityTypeIndexes","communities","each","loadAllTypeIndexes","flat","getScopedAppInstances","klass","scopedApps","scopedApps0","getScopedAppsFromIndex","dir","theClass","results","registrations","sameTerm","instances","instance","containers","registerInTypeIndex","registration","getRegistrations","holds","getAppInstances","scoped","deleteTypeIndexRegistration","item","the","statements","createSolidLogic","specialFetch","features","getContainerElements","containerNode","object","nodeToString","charAt","Link","containerUrl","createContainerLogic","loadOrCreateIfNotExists","recursiveDelete","aclDocUrl","containerMembers","nodeToStringHere","defaultModes","createEmptyRdfDoc","comment","predicate","editable","createUtilityLogic","chat","typeIndex","updatePromise","del","errorBody","clearStore","remove","requestInit","omitCreds","credentials","SINGLETON_SYMBOL","for","globalTarget","solidLogicSingleton","DEFAULT_ISSUERS","getSuggestedIssuers","issuers","hosts","existing","subdomain","domain","dot","isSubdomainOf","unshift"],"ignoreList":[],"sourceRoot":""} \ No newline at end of file diff --git a/dist/typeIndex/typeIndexLogic.d.ts b/dist/typeIndex/typeIndexLogic.d.ts new file mode 100644 index 0000000..3da9eab --- /dev/null +++ b/dist/typeIndex/typeIndexLogic.d.ts @@ -0,0 +1,3 @@ +import { TypeIndexLogic } from '../types'; +export declare function createTypeIndexLogic(store: any, authn: any, profileLogic: any, utilityLogic: any): TypeIndexLogic; +//# sourceMappingURL=typeIndexLogic.d.ts.map \ No newline at end of file diff --git a/dist/typeIndex/typeIndexLogic.d.ts.map b/dist/typeIndex/typeIndexLogic.d.ts.map new file mode 100644 index 0000000..df4ac7b --- /dev/null +++ b/dist/typeIndex/typeIndexLogic.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"typeIndexLogic.d.ts","sourceRoot":"","sources":["../../src/typeIndex/typeIndexLogic.ts"],"names":[],"mappings":"AACA,OAAO,EAAa,cAAc,EAAkB,MAAM,UAAU,CAAA;AAKpE,wBAAgB,oBAAoB,CAAC,KAAK,KAAA,EAAE,KAAK,KAAA,EAAE,YAAY,KAAA,EAAE,YAAY,KAAA,GAAG,cAAc,CAyL7F"} \ No newline at end of file diff --git a/dist/typeIndex/typeIndexLogic.js b/dist/typeIndex/typeIndexLogic.js new file mode 100644 index 0000000..8f48c38 --- /dev/null +++ b/dist/typeIndex/typeIndexLogic.js @@ -0,0 +1,182 @@ +import { st, sym } from 'rdflib'; +import * as debug from '../util/debug'; +import { ns as namespace } from '../util/ns'; +import { newThing } from '../util/utils'; +export function createTypeIndexLogic(store, authn, profileLogic, utilityLogic) { + const ns = namespace; + function getRegistrations(instance, theClass) { + return store + .each(undefined, ns.solid('instance'), instance) + .filter((r) => { + return store.holds(r, ns.solid('forClass'), theClass); + }); + } + async function loadTypeIndexesFor(user) { + if (!user) + throw new Error('loadTypeIndexesFor: No user given'); + const profile = await profileLogic.loadProfile(user); + const suggestion = suggestPublicTypeIndex(user); + let publicTypeIndex; + try { + publicTypeIndex = await utilityLogic.followOrCreateLink(user, ns.solid('publicTypeIndex'), suggestion, profile); + } + catch (err) { + const message = `User ${user} has no pointer in profile to publicTypeIndex file.`; + debug.warn(message); + } + const publicScopes = publicTypeIndex ? [{ label: 'public', index: publicTypeIndex, agent: user }] : []; + let preferencesFile; + try { + preferencesFile = await profileLogic.silencedLoadPreferences(user); + } + catch (err) { + preferencesFile = null; + } + let privateScopes; + if (preferencesFile) { // watch out - can be in either as spec was not clear. Legacy is profile. + // If there is a legacy one linked from the profile, use that. + // Otherwiae use or make one linked from Preferences + const suggestedPrivateTypeIndex = suggestPrivateTypeIndex(preferencesFile); + let privateTypeIndex; + try { + privateTypeIndex = store.any(user, ns.solid('privateTypeIndex'), undefined, profile) || + await utilityLogic.followOrCreateLink(user, ns.solid('privateTypeIndex'), suggestedPrivateTypeIndex, preferencesFile); + } + catch (err) { + const message = `User ${user} has no pointer in preference file to privateTypeIndex file.`; + debug.warn(message); + } + privateScopes = privateTypeIndex ? [{ label: 'private', index: privateTypeIndex, agent: user }] : []; + } + else { + privateScopes = []; + } + const scopes = publicScopes.concat(privateScopes); + if (scopes.length === 0) + return scopes; + const files = scopes.map(scope => scope.index); + try { + await store.fetcher.load(files); + } + catch (err) { + debug.warn('Problems loading type index: ', err); + } + return scopes; + } + async function loadCommunityTypeIndexes(user) { + let preferencesFile; + try { + preferencesFile = await profileLogic.silencedLoadPreferences(user); + } + catch (err) { + const message = `User ${user} has no pointer in profile to preferences file.`; + debug.warn(message); + } + if (preferencesFile) { // For now, pick up communities as simple links from the preferences file. + const communities = store.each(user, ns.solid('community'), undefined, preferencesFile).concat(store.each(user, ns.solid('community'), undefined, user.doc())); + let result = []; + for (const org of communities) { + result = result.concat(await loadTypeIndexesFor(org)); + } + return result; + } + return []; // No communities + } + async function loadAllTypeIndexes(user) { + return (await loadTypeIndexesFor(user)).concat((await loadCommunityTypeIndexes(user)).flat()); + } + async function getScopedAppInstances(klass, user) { + const scopes = await loadAllTypeIndexes(user); + let scopedApps = []; + for (const scope of scopes) { + const scopedApps0 = await getScopedAppsFromIndex(scope, klass); + scopedApps = scopedApps.concat(scopedApps0); + } + return scopedApps; + } + // This is the function signature which used to be in solid-ui/logic + // Recommended to use getScopedAppInstances instead as it provides more information. + // + async function getAppInstances(klass) { + const user = authn.currentUser(); + if (!user) + throw new Error('getAppInstances: Must be logged in to find apps.'); + const scopedAppInstances = await getScopedAppInstances(klass, user); + return scopedAppInstances.map(scoped => scoped.instance); + } + function suggestPublicTypeIndex(me) { + var _a; + return sym(((_a = me.doc().dir()) === null || _a === void 0 ? void 0 : _a.uri) + 'publicTypeIndex.ttl'); + } + // Note this one is based off the pref file not the profile + function suggestPrivateTypeIndex(preferencesFile) { + var _a; + return sym(((_a = preferencesFile.doc().dir()) === null || _a === void 0 ? void 0 : _a.uri) + 'privateTypeIndex.ttl'); + } + /* + * Register a new app in a type index + * used in chat in bookmark.js (solid-ui) + * Returns the registration object if successful else null + */ + async function registerInTypeIndex(instance, index, theClass) { + const registration = newThing(index); + const ins = [ + // See https://github.com/solid/solid/blob/main/proposals/data-discovery.md + st(registration, ns.rdf('type'), ns.solid('TypeRegistration'), index), + st(registration, ns.solid('forClass'), theClass, index), + st(registration, ns.solid('instance'), instance, index) + ]; + try { + await store.updater.update([], ins); + } + catch (err) { + const msg = `Unable to register ${instance} in index ${index}: ${err}`; + console.warn(msg); + return null; + } + return registration; + } + async function deleteTypeIndexRegistration(item) { + const reg = store.the(null, ns.solid('instance'), item.instance, item.scope.index); + if (!reg) + throw new Error(`deleteTypeIndexRegistration: No registration found for ${item.instance}`); + const statements = store.statementsMatching(reg, null, null, item.scope.index); + await store.updater.update(statements, []); + } + async function getScopedAppsFromIndex(scope, theClass) { + const index = scope.index; + const results = []; + const registrations = store.statementsMatching(null, ns.solid('instance'), null, index) + .concat(store.statementsMatching(null, ns.solid('instanceContainer'), null, index)) + .map(st => st.subject); + for (const reg of registrations) { + const klass = store.any(reg, ns.solid('forClass'), null, index); + if (!theClass || klass.sameTerm(theClass)) { + const instances = store.each(reg, ns.solid('instance'), null, index); + for (const instance of instances) { + results.push({ instance, type: klass, scope }); + } + const containers = store.each(reg, ns.solid('instanceContainer'), null, index); + for (const instance of containers) { + await store.fetcher.load(instance); + results.push({ instance: sym(instance.value), type: klass, scope }); + } + } + } + return results; + } + return { + registerInTypeIndex, + getRegistrations, + loadTypeIndexesFor, + loadCommunityTypeIndexes, + loadAllTypeIndexes, + getScopedAppInstances, + getAppInstances, + suggestPublicTypeIndex, + suggestPrivateTypeIndex, + deleteTypeIndexRegistration, + getScopedAppsFromIndex + }; +} +//# sourceMappingURL=typeIndexLogic.js.map \ No newline at end of file diff --git a/dist/typeIndex/typeIndexLogic.js.map b/dist/typeIndex/typeIndexLogic.js.map new file mode 100644 index 0000000..267e859 --- /dev/null +++ b/dist/typeIndex/typeIndexLogic.js.map @@ -0,0 +1 @@ +{"version":3,"file":"typeIndexLogic.js","sourceRoot":"","sources":["../../src/typeIndex/typeIndexLogic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAa,EAAE,EAAE,GAAG,EAAE,MAAM,QAAQ,CAAA;AAE3C,OAAO,KAAK,KAAK,MAAM,eAAe,CAAA;AACtC,OAAO,EAAE,EAAE,IAAI,SAAS,EAAE,MAAM,YAAY,CAAA;AAC5C,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AAExC,MAAM,UAAU,oBAAoB,CAAC,KAAK,EAAE,KAAK,EAAE,YAAY,EAAE,YAAY;IACzE,MAAM,EAAE,GAAG,SAAS,CAAA;IAEpB,SAAS,gBAAgB,CAAC,QAAQ,EAAE,QAAQ;QACxC,OAAO,KAAK;aACP,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC;aAC/C,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YACV,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,CAAC,CAAA;QACzD,CAAC,CAAC,CAAA;IACV,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,IAAe;QAC7C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAA;QAC/D,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,WAAW,CAAC,IAAI,CAAC,CAAA;QAEpD,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAA;QAC/C,IAAI,eAAe,CAAA;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,iBAAiB,CAAc,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;QAChI,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,QAAQ,IAAI,qDAAqD,CAAA;YACjF,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACvB,CAAC;QACD,MAAM,YAAY,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,eAA4B,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;QAEnH,IAAI,eAAe,CAAA;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QACtE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,eAAe,GAAG,IAAI,CAAA;QAC1B,CAAC;QAED,IAAI,aAAa,CAAA;QACjB,IAAI,eAAe,EAAE,CAAC,CAAC,0EAA0E;YAC7F,8DAA8D;YAC9D,oDAAoD;YACpD,MAAM,yBAAyB,GAAG,uBAAuB,CAAC,eAAe,CAAC,CAAA;YAC1E,IAAI,gBAAgB,CAAA;YACpB,IAAI,CAAC;gBACD,gBAAgB,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC;oBAChF,MAAM,YAAY,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAc,EAAE,yBAAyB,EAAE,eAAe,CAAC,CAAA;YACtI,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACf,MAAM,OAAO,GAAG,QAAQ,IAAI,8DAA8D,CAAA;gBAC1F,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;YACvB,CAAC;YACD,aAAa,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,gBAA6B,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;QACrH,CAAC;aAAM,CAAC;YACJ,aAAa,GAAG,EAAE,CAAA;QACtB,CAAC;QACD,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QACjD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,MAAM,CAAA;QACtC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;QAC9C,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QACnC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,KAAK,CAAC,IAAI,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAA;QACpD,CAAC;QACD,OAAO,MAAM,CAAA;IACjB,CAAC;IAED,KAAK,UAAU,wBAAwB,CAAC,IAAe;QACnD,IAAI,eAAe,CAAA;QACnB,IAAI,CAAC;YACD,eAAe,GAAG,MAAM,YAAY,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;QACtE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,QAAQ,IAAI,iDAAiD,CAAA;YAC7E,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACvB,CAAC;QACD,IAAI,eAAe,EAAE,CAAC,CAAC,0EAA0E;YAC7F,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,eAA4B,CAAC,CAAC,MAAM,CACvG,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAe,CAAC,CAC9E,CAAA;YACD,IAAI,MAAM,GAAG,EAAE,CAAA;YACf,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;gBAC5B,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,kBAAkB,CAAC,GAAgB,CAAQ,CAAC,CAAA;YAC7E,CAAC;YACD,OAAO,MAAM,CAAA;QACjB,CAAC;QACD,OAAO,EAAE,CAAA,CAAC,iBAAiB;IAC/B,CAAC;IAED,KAAK,UAAU,kBAAkB,CAAC,IAAe;QAC7C,OAAO,CAAC,MAAM,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,wBAAwB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAA;IACjG,CAAC;IAED,KAAK,UAAU,qBAAqB,CAAC,KAAgB,EAAE,IAAe;QAClE,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,CAAA;QAC7C,IAAI,UAAU,GAAG,EAAE,CAAA;QACnB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAAC,KAAK,EAAE,KAAK,CAAQ,CAAA;YACrE,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAA;QAC/C,CAAC;QACD,OAAO,UAAU,CAAA;IACrB,CAAC;IAED,oEAAoE;IACpE,oFAAoF;IACpF,EAAE;IACF,KAAK,UAAU,eAAe,CAAC,KAAgB;QAC3C,MAAM,IAAI,GAAG,KAAK,CAAC,WAAW,EAAE,CAAA;QAChC,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAA;QAC9E,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACnE,OAAO,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;IAC5D,CAAC;IAED,SAAS,sBAAsB,CAAC,EAAa;;QACzC,OAAO,GAAG,CAAC,CAAA,MAAA,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,0CAAE,GAAG,IAAG,qBAAqB,CAAC,CAAA;IAC3D,CAAC;IACD,2DAA2D;IAE3D,SAAS,uBAAuB,CAAC,eAA0B;;QACvD,OAAO,GAAG,CAAC,CAAA,MAAA,eAAe,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,0CAAE,GAAG,IAAG,sBAAsB,CAAC,CAAA;IACzE,CAAC;IAED;;;;MAIE;IACF,KAAK,UAAU,mBAAmB,CAC9B,QAAmB,EACnB,KAAgB,EAChB,QAAmB;QAGnB,MAAM,YAAY,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;QACpC,MAAM,GAAG,GAAG;YACR,2EAA2E;YAC3E,EAAE,CAAC,YAAY,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,KAAK,CAAC;YACrE,EAAE,CAAC,YAAY,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC;YACvD,EAAE,CAAC,YAAY,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC;SAC1D,CAAA;QACD,IAAI,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,GAAG,CAAC,CAAA;QACvC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,sBAAsB,QAAQ,aAAa,KAAK,KAAK,GAAG,EAAE,CAAA;YACtE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YACjB,OAAO,IAAI,CAAA;QACf,CAAC;QACD,OAAO,YAAY,CAAA;IACvB,CAAC;IAED,KAAK,UAAU,2BAA2B,CAAC,IAAI;QAC3C,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAc,CAAA;QAC/F,IAAI,CAAC,GAAG;YAAE,MAAM,IAAI,KAAK,CAAC,0DAA0D,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAA;QACpG,MAAM,UAAU,GAAG,KAAK,CAAC,kBAAkB,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;QAC9E,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC,CAAA;IAC9C,CAAC;IAED,KAAK,UAAU,sBAAsB,CAAC,KAAqB,EAAE,QAA0B;QACnF,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAA;QACzB,MAAM,OAAO,GAAgB,EAAE,CAAA;QAC/B,MAAM,aAAa,GAAG,KAAK,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC;aAClF,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;aAClF,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,OAAO,CAAC,CAAA;QAC1B,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAA;YAC/D,IAAI,CAAC,QAAQ,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1C,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAA;gBACpE,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;oBACjC,OAAO,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAA;gBAChD,CAAC;gBACD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAA;gBAC9E,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;oBAChC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;oBAClC,OAAO,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,IAAI,EAAE,KAAK,EAAG,KAAK,EAAE,CAAC,CAAA;gBACxE,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,OAAO,CAAA;IAClB,CAAC;IAED,OAAO;QACH,mBAAmB;QACnB,gBAAgB;QAChB,kBAAkB;QAClB,wBAAwB;QACxB,kBAAkB;QAClB,qBAAqB;QACrB,eAAe;QACf,sBAAsB;QACtB,uBAAuB;QACvB,2BAA2B;QAC3B,sBAAsB;KACzB,CAAA;AACL,CAAC"} \ No newline at end of file diff --git a/dist/types.d.ts b/dist/types.d.ts new file mode 100644 index 0000000..679ce3c --- /dev/null +++ b/dist/types.d.ts @@ -0,0 +1,113 @@ +import { Session } from './authSession/solidOidcAdapter'; +import { LiveStore, NamedNode, Statement } from 'rdflib'; +export type AppDetails = { + noun: string; + appPathSegment: string; +}; +export type AuthenticationContext = { + containers?: Array; + div?: HTMLElement; + dom?: HTMLDocument; + index?: { + [key: string]: Array; + }; + instances?: Array; + me?: NamedNode | null; + noun?: string; + preferencesFile?: NamedNode; + preferencesFileError?: string; + publicProfile?: NamedNode; + statusArea?: HTMLElement; +}; +export interface AuthnLogic { + authSession: Session; + currentUser: () => NamedNode | null; + checkUser: (setUserCallback?: (me: NamedNode | null) => T) => Promise; + saveUser: (webId: NamedNode | string | null, context?: AuthenticationContext) => NamedNode | null; +} +export interface SolidNamespace { + [key: string]: (term: string) => NamedNode; +} +export type TypeIndexScope = { + label: string; + index: NamedNode; + agent: NamedNode; +}; +export type ScopedApp = { + instance: NamedNode; + type: NamedNode; + scope: TypeIndexScope; +}; +export interface NewPaneOptions { + me?: NamedNode; + newInstance?: NamedNode; + newBase: string; +} +export interface CreatedPaneOptions { + newInstance: NamedNode; +} +export interface ChatLogic { + setAcl: (chatContainer: NamedNode, me: NamedNode, invitee: NamedNode) => Promise; + addToPrivateTypeIndex: (chatThing: any, me: any) => void | Promise; + findChat: (invitee: NamedNode) => Promise; + createChatThing: (chatContainer: NamedNode, me: NamedNode) => Promise; + mintNew: (newPaneOptions: NewPaneOptions) => Promise; + getChat: (invitee: NamedNode, boolean: any) => Promise; + sendInvite: (invitee: NamedNode, chatThing: NamedNode) => void; +} +export interface Chat { + me: NamedNode; + chatContainer: NamedNode; + exists: boolean; +} +export interface ProfileLogic { + silencedLoadPreferences: (user: NamedNode) => Promise; + loadPreferences: (user: NamedNode) => Promise; + loadProfile: (user: NamedNode) => Promise; + loadMe: () => Promise; + getPodRoot: (user: NamedNode) => NamedNode; + getMainInbox: (user: NamedNode) => Promise; + findStorage: (me: NamedNode) => Node | null; +} +export interface AclLogic { + findAclDocUrl: (url: NamedNode) => Promise; + setACLUserPublic: (docURI: string, me: NamedNode, options: { + defaultForNew?: boolean; + public?: []; + }) => Promise; + genACLText: (docURI: string, me: NamedNode, aclURI: string, options: { + defaultForNew?: boolean; + public?: []; + }) => string | undefined; +} +export interface InboxLogic { + createInboxFor: (peerWebId: string, nick: string) => Promise; + getNewMessages: (user?: NamedNode) => Promise; + markAsRead: (url: string, date: Date) => void; +} +export interface TypeIndexLogic { + getRegistrations: (instance: any, theClass: any) => Node[]; + loadTypeIndexesFor: (user: NamedNode) => Promise>; + loadCommunityTypeIndexes: (user: NamedNode) => Promise; + loadAllTypeIndexes: (user: NamedNode) => Promise>; + getScopedAppInstances: (klass: NamedNode, user: NamedNode) => Promise; + getAppInstances: (klass: NamedNode) => Promise; + suggestPublicTypeIndex: (me: NamedNode) => NamedNode; + suggestPrivateTypeIndex: (preferencesFile: NamedNode) => NamedNode; + registerInTypeIndex: (instance: NamedNode, index: NamedNode, theClass: NamedNode) => Promise; + deleteTypeIndexRegistration: (item: any) => Promise; + getScopedAppsFromIndex: (scope: TypeIndexScope, theClass: NamedNode | null) => Promise; +} +export interface SolidLogic { + store: LiveStore; + authn: AuthnLogic; + acl: AclLogic; + profile: ProfileLogic; + inbox: InboxLogic; + typeIndex: TypeIndexLogic; + chat: ChatLogic; + load: (doc: NamedNode | NamedNode[] | string) => void; + updatePromise: (del: Array, ins: Array) => Promise; + clearStore: () => void; +} +//# sourceMappingURL=types.d.ts.map \ No newline at end of file diff --git a/dist/types.d.ts.map b/dist/types.d.ts.map new file mode 100644 index 0000000..83e9d9a --- /dev/null +++ b/dist/types.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,gCAAgC,CAAA;AACxD,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAA;AAExD,MAAM,MAAM,UAAU,GAAG;IACrB,IAAI,EAAE,MAAM,CAAA;IACZ,cAAc,EAAE,MAAM,CAAA;CACzB,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAChC,UAAU,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAA;IAC7B,GAAG,CAAC,EAAE,WAAW,CAAA;IACjB,GAAG,CAAC,EAAE,YAAY,CAAA;IAClB,KAAK,CAAC,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,KAAK,CAAC,SAAS,CAAC,CAAA;KAAE,CAAA;IAC3C,SAAS,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,CAAA;IAC5B,EAAE,CAAC,EAAE,SAAS,GAAG,IAAI,CAAA;IACrB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,eAAe,CAAC,EAAE,SAAS,CAAA;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAA;IAC7B,aAAa,CAAC,EAAE,SAAS,CAAA;IACzB,UAAU,CAAC,EAAE,WAAW,CAAA;CAC3B,CAAA;AAED,MAAM,WAAW,UAAU;IACvB,WAAW,EAAE,OAAO,CAAA;IACpB,WAAW,EAAE,MAAM,SAAS,GAAG,IAAI,CAAA;IACnC,SAAS,EAAE,CAAC,CAAC,EAAE,eAAe,CAAC,EAAE,CAAC,EAAE,EAAE,SAAS,GAAG,IAAI,KAAK,CAAC,KAAK,OAAO,CAAC,SAAS,GAAG,CAAC,GAAG,IAAI,CAAC,CAAA;IAC9F,QAAQ,EAAE,CAAC,KAAK,EAAE,SAAS,GAAG,MAAM,GAAG,IAAI,EACvC,OAAO,CAAC,EAAE,qBAAqB,KAAK,SAAS,GAAG,IAAI,CAAA;CAC3D;AAED,MAAM,WAAW,cAAc;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,CAAC,IAAI,EAAE,MAAM,KAAK,SAAS,CAAA;CAC7C;AAED,MAAM,MAAM,cAAc,GAAG;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,SAAS,CAAC;IAAC,KAAK,EAAE,SAAS,CAAA;CAAE,CAAA;AAClF,MAAM,MAAM,SAAS,GAAG;IAAE,QAAQ,EAAE,SAAS,CAAC;IAAC,IAAI,EAAE,SAAS,CAAC;IAAC,KAAK,EAAE,cAAc,CAAA;CAAE,CAAA;AAEvF,MAAM,WAAW,cAAc;IAC3B,EAAE,CAAC,EAAE,SAAS,CAAC;IACf,WAAW,CAAC,EAAE,SAAS,CAAC;IACxB,OAAO,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACnC,WAAW,EAAE,SAAS,CAAC;CACtB;AAED,MAAM,WAAW,SAAS;IACtB,MAAM,EAAE,CAAC,aAAa,EAAE,SAAS,EAAE,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACvF,qBAAqB,EAAE,CAAC,SAAS,KAAA,EAAE,EAAE,KAAA,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/D,QAAQ,EAAE,CAAC,OAAO,EAAE,SAAS,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAChD,eAAe,EAAE,CAAC,aAAa,EAAE,SAAS,EAAE,EAAE,EAAE,SAAS,KAAK,OAAO,CAAC,SAAS,CAAC,CAAC;IACjF,OAAO,EAAE,CAAC,cAAc,EAAE,cAAc,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACzE,OAAO,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,KAAA,KAAK,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IACpE,UAAU,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,KAAK,IAAI,CAAA;CACjE;AAED,MAAM,WAAW,IAAI;IACjB,EAAE,EAAE,SAAS,CAAC;IACd,aAAa,EAAE,SAAS,CAAC;IACzB,MAAM,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,YAAY;IACzB,uBAAuB,EAAE,CAAC,IAAI,EAAE,SAAS,KAAK,OAAO,CAAC,SAAS,GAAG,SAAS,CAAC,CAAC;IAC7E,eAAe,EAAE,CAAC,IAAI,EAAE,SAAS,KAAK,OAAO,CAAC,SAAS,CAAC,CAAC;IACzD,WAAW,EAAE,CAAC,IAAI,EAAE,SAAS,KAAK,OAAO,CAAC,SAAS,CAAC,CAAC;IACrD,MAAM,EAAE,MAAM,OAAO,CAAC,SAAS,CAAC,CAAC;IACjC,UAAU,EAAE,CAAC,IAAI,EAAE,SAAS,KAAK,SAAS,CAAC;IAC3C,YAAY,EAAE,CAAC,IAAI,EAAE,SAAS,KAAK,OAAO,CAAC,SAAS,CAAC,CAAC;IACtD,WAAW,EAAE,CAAC,EAAE,EAAE,SAAS,KAAK,IAAI,GAAG,IAAI,CAAA;CAC9C;AAED,MAAM,WAAW,QAAQ;IACrB,aAAa,EAAE,CAAC,GAAG,EAAE,SAAS,KAAK,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAAC;IAC/D,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE,SAAS,EAC5C,OAAO,EAAE;QACL,aAAa,CAAC,EAAE,OAAO,CAAC;QACxB,MAAM,CAAC,EAAE,EAAE,CAAA;KACd,KACA,OAAO,CAAC,SAAS,CAAC,CAAC;IACxB,UAAU,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EACtD,OAAO,EAAE;QACL,aAAa,CAAC,EAAE,OAAO,CAAC;QACxB,MAAM,CAAC,EAAE,EAAE,CAAA;KACd,KACA,MAAM,GAAG,SAAS,CAAA;CAC1B;AAED,MAAM,WAAW,UAAU;IACvB,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IACrE,cAAc,EAAE,CAAC,IAAI,CAAC,EAAE,SAAS,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;IAC3D,UAAU,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,KAAK,IAAI,CAAA;CAChD;AAED,MAAM,WAAW,cAAc;IAC3B,gBAAgB,EAAE,CAAC,QAAQ,KAAA,EAAE,QAAQ,KAAA,KAAK,IAAI,EAAE,CAAC;IACjD,kBAAkB,EAAE,CAAC,IAAI,EAAE,SAAS,KAAK,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC;IACxE,wBAAwB,EAAE,CAAC,IAAI,EAAE,SAAS,KAAK,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;IAC3E,kBAAkB,EAAE,CAAC,IAAI,EAAE,SAAS,KAAK,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC;IACxE,qBAAqB,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;IACnF,eAAe,EAAE,CAAC,KAAK,EAAE,SAAS,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;IAC5D,sBAAsB,EAAE,CAAC,EAAE,EAAE,SAAS,KAAK,SAAS,CAAC;IACrD,uBAAuB,EAAE,CAAC,eAAe,EAAE,SAAS,KAAK,SAAS,CAAC;IACnE,mBAAmB,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,KAAK,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;IAC/G,2BAA2B,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,IAAI,CAAC,CAAA;IACzD,sBAAsB,EAAE,CAAC,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,SAAS,GAAG,IAAI,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC,CAAA;CACtG;AAED,MAAM,WAAW,UAAU;IACvB,KAAK,EAAE,SAAS,CAAC;IACjB,KAAK,EAAE,UAAU,CAAC;IAClB,GAAG,EAAE,QAAQ,CAAC;IACd,OAAO,EAAE,YAAY,CAAC;IACtB,KAAK,EAAE,UAAU,CAAC;IAClB,SAAS,EAAE,cAAc,CAAC;IAC1B,IAAI,EAAE,SAAS,CAAC;IAChB,IAAI,EAAE,CAAC,GAAG,EAAE,SAAS,GAAG,SAAS,EAAE,GAAG,MAAM,KAAK,IAAI,CAAC;IACtD,aAAa,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC,SAAS,CAAC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/E,UAAU,EAAE,MAAM,IAAI,CAAA;CACzB"} \ No newline at end of file diff --git a/dist/types.js b/dist/types.js new file mode 100644 index 0000000..718fd38 --- /dev/null +++ b/dist/types.js @@ -0,0 +1,2 @@ +export {}; +//# sourceMappingURL=types.js.map \ No newline at end of file diff --git a/dist/types.js.map b/dist/types.js.map new file mode 100644 index 0000000..c768b79 --- /dev/null +++ b/dist/types.js.map @@ -0,0 +1 @@ +{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""} \ No newline at end of file diff --git a/dist/util/containerLogic.d.ts b/dist/util/containerLogic.d.ts new file mode 100644 index 0000000..cf6fd84 --- /dev/null +++ b/dist/util/containerLogic.d.ts @@ -0,0 +1,11 @@ +import { NamedNode } from 'rdflib'; +/** + * Container-related class + */ +export declare function createContainerLogic(store: any): { + isContainer: (url: NamedNode) => boolean; + createContainer: (url: string) => Promise; + getContainerElements: (containerNode: NamedNode) => NamedNode[]; + getContainerMembers: (containerUrl: NamedNode) => Promise; +}; +//# sourceMappingURL=containerLogic.d.ts.map \ No newline at end of file diff --git a/dist/util/containerLogic.d.ts.map b/dist/util/containerLogic.d.ts.map new file mode 100644 index 0000000..9320e1a --- /dev/null +++ b/dist/util/containerLogic.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"containerLogic.d.ts","sourceRoot":"","sources":["../../src/util/containerLogic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAkB,MAAM,QAAQ,CAAA;AAElD;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,KAAA;uBAYZ,SAAS;2BAKC,MAAM;0CAfG,SAAS,KAAG,SAAS,EAAE;wCAmCnB,SAAS,KAAG,OAAO,CAAC,SAAS,EAAE,CAAC;EAUpF"} \ No newline at end of file diff --git a/dist/util/containerLogic.js b/dist/util/containerLogic.js new file mode 100644 index 0000000..8e68519 --- /dev/null +++ b/dist/util/containerLogic.js @@ -0,0 +1,45 @@ +import { sym } from 'rdflib'; +/** + * Container-related class + */ +export function createContainerLogic(store) { + function getContainerElements(containerNode) { + return store + .statementsMatching(containerNode, sym('http://www.w3.org/ns/ldp#contains'), undefined) + .map((st) => st.object); + } + function isContainer(url) { + const nodeToString = url.value; + return nodeToString.charAt(nodeToString.length - 1) === '/'; + } + async function createContainer(url) { + const stringToNode = sym(url); + if (!isContainer(stringToNode)) { + throw new Error(`Not a container URL ${url}`); + } + // Copied from https://github.com/solidos/solid-crud-tests/blob/v3.1.0/test/surface/create-container.test.ts#L56-L64 + const result = await store.fetcher._fetch(url, { + method: 'PUT', + headers: { + 'Content-Type': 'text/turtle', + 'If-None-Match': '*', + Link: '; rel="type"', // See https://github.com/solidos/node-solid-server/issues/1465 + }, + body: ' ', // work around https://github.com/michielbdejong/community-server/issues/4#issuecomment-776222863 + }); + if (result.status.toString()[0] !== '2') { + throw new Error(`Not OK: got ${result.status} response while creating container at ${url}`); + } + } + async function getContainerMembers(containerUrl) { + await store.fetcher.load(containerUrl); + return getContainerElements(containerUrl); + } + return { + isContainer, + createContainer, + getContainerElements, + getContainerMembers + }; +} +//# sourceMappingURL=containerLogic.js.map \ No newline at end of file diff --git a/dist/util/containerLogic.js.map b/dist/util/containerLogic.js.map new file mode 100644 index 0000000..bba5db1 --- /dev/null +++ b/dist/util/containerLogic.js.map @@ -0,0 +1 @@ +{"version":3,"file":"containerLogic.js","sourceRoot":"","sources":["../../src/util/containerLogic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAwB,GAAG,EAAE,MAAM,QAAQ,CAAA;AAElD;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,KAAK;IAEtC,SAAS,oBAAoB,CAAC,aAAwB;QAClD,OAAO,KAAK;aACP,kBAAkB,CACf,aAAa,EACb,GAAG,CAAC,mCAAmC,CAAC,EACxC,SAAS,CACZ;aACA,GAAG,CAAC,CAAC,EAAa,EAAE,EAAE,CAAC,EAAE,CAAC,MAAmB,CAAC,CAAA;IACvD,CAAC;IAED,SAAS,WAAW,CAAC,GAAc;QAC/B,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK,CAAA;QAC9B,OAAO,YAAY,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,GAAG,CAAA;IAC/D,CAAC;IAED,KAAK,UAAU,eAAe,CAAC,GAAW;QACtC,MAAM,YAAY,GAAG,GAAG,CAAC,GAAG,CAAC,CAAA;QAC7B,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,uBAAuB,GAAG,EAAE,CAAC,CAAA;QACjD,CAAC;QACD,oHAAoH;QACpH,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE;YAC3C,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACL,cAAc,EAAE,aAAa;gBAC7B,eAAe,EAAE,GAAG;gBACpB,IAAI,EAAE,uDAAuD,EAAE,+DAA+D;aACjI;YACD,IAAI,EAAE,GAAG,EAAE,iGAAiG;SAC/G,CAAC,CAAA;QACF,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,eAAe,MAAM,CAAC,MAAM,yCAAyC,GAAG,EAAE,CAAC,CAAA;QAC/F,CAAC;IACL,CAAC;IAED,KAAK,UAAU,mBAAmB,CAAC,YAAuB;QACtD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QACtC,OAAO,oBAAoB,CAAC,YAAY,CAAC,CAAA;IAC7C,CAAC;IACD,OAAO;QACH,WAAW;QACX,eAAe;QACf,oBAAoB;QACpB,mBAAmB;KACtB,CAAA;AACL,CAAC"} \ No newline at end of file diff --git a/dist/util/debug.d.ts b/dist/util/debug.d.ts new file mode 100644 index 0000000..567ab32 --- /dev/null +++ b/dist/util/debug.d.ts @@ -0,0 +1,5 @@ +export declare function log(...args: any[]): void; +export declare function warn(...args: any[]): void; +export declare function error(...args: any[]): void; +export declare function trace(...args: any[]): void; +//# sourceMappingURL=debug.d.ts.map \ No newline at end of file diff --git a/dist/util/debug.d.ts.map b/dist/util/debug.d.ts.map new file mode 100644 index 0000000..2da4efb --- /dev/null +++ b/dist/util/debug.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"debug.d.ts","sourceRoot":"","sources":["../../src/util/debug.ts"],"names":[],"mappings":"AACA,wBAAgB,GAAG,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAExC;AAED,wBAAgB,IAAI,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAEzC;AAED,wBAAgB,KAAK,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAE1C;AAED,wBAAgB,KAAK,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAE1C"} \ No newline at end of file diff --git a/dist/util/debug.js b/dist/util/debug.js new file mode 100644 index 0000000..b470d77 --- /dev/null +++ b/dist/util/debug.js @@ -0,0 +1,13 @@ +export function log(...args) { + console.log(...args); +} +export function warn(...args) { + console.warn(...args); +} +export function error(...args) { + console.error(...args); +} +export function trace(...args) { + console.trace(...args); +} +//# sourceMappingURL=debug.js.map \ No newline at end of file diff --git a/dist/util/debug.js.map b/dist/util/debug.js.map new file mode 100644 index 0000000..bfb89ad --- /dev/null +++ b/dist/util/debug.js.map @@ -0,0 +1 @@ +{"version":3,"file":"debug.js","sourceRoot":"","sources":["../../src/util/debug.ts"],"names":[],"mappings":"AACA,MAAM,UAAU,GAAG,CAAC,GAAG,IAAW;IAChC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,CAAA;AACtB,CAAC;AAED,MAAM,UAAU,IAAI,CAAC,GAAG,IAAW;IACjC,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,CAAA;AACvB,CAAC;AAED,MAAM,UAAU,KAAK,CAAC,GAAG,IAAW;IAClC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAA;AACxB,CAAC;AAED,MAAM,UAAU,KAAK,CAAC,GAAG,IAAW;IAClC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAA;AACxB,CAAC"} \ No newline at end of file diff --git a/dist/util/ns.d.ts b/dist/util/ns.d.ts new file mode 100644 index 0000000..7fc7976 --- /dev/null +++ b/dist/util/ns.d.ts @@ -0,0 +1,2 @@ +export declare const ns: any; +//# sourceMappingURL=ns.d.ts.map \ No newline at end of file diff --git a/dist/util/ns.d.ts.map b/dist/util/ns.d.ts.map new file mode 100644 index 0000000..069add2 --- /dev/null +++ b/dist/util/ns.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"ns.d.ts","sourceRoot":"","sources":["../../src/util/ns.ts"],"names":[],"mappings":"AAIA,eAAO,MAAM,EAAE,KAAuB,CAAA"} \ No newline at end of file diff --git a/dist/util/ns.js b/dist/util/ns.js new file mode 100644 index 0000000..4dae873 --- /dev/null +++ b/dist/util/ns.js @@ -0,0 +1,5 @@ +// Namespaces we commonly use and have common prefixes for around Solid +import solidNamespace from 'solid-namespace'; // Delegate to this which takes RDFlib as param. +import * as $rdf from 'rdflib'; +export const ns = solidNamespace($rdf); +//# sourceMappingURL=ns.js.map \ No newline at end of file diff --git a/dist/util/ns.js.map b/dist/util/ns.js.map new file mode 100644 index 0000000..9d888f1 --- /dev/null +++ b/dist/util/ns.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ns.js","sourceRoot":"","sources":["../../src/util/ns.ts"],"names":[],"mappings":"AAAA,uEAAuE;AACvE,OAAO,cAAc,MAAM,iBAAiB,CAAA,CAAC,gDAAgD;AAC7F,OAAO,KAAK,IAAI,MAAM,QAAQ,CAAA;AAE9B,MAAM,CAAC,MAAM,EAAE,GAAG,cAAc,CAAC,IAAI,CAAC,CAAA"} \ No newline at end of file diff --git a/dist/util/utilityLogic.d.ts b/dist/util/utilityLogic.d.ts new file mode 100644 index 0000000..01170e8 --- /dev/null +++ b/dist/util/utilityLogic.d.ts @@ -0,0 +1,15 @@ +import { NamedNode } from 'rdflib'; +export declare function createUtilityLogic(store: any, aclLogic: any, containerLogic: any): { + recursiveDelete: (containerNode: NamedNode) => Promise; + setSinglePeerAccess: (options: { + ownerWebId: string; + peerWebId: string; + accessToModes?: string; + defaultModes?: string; + target: string; + }) => Promise; + createEmptyRdfDoc: (doc: NamedNode, comment: string) => Promise; + followOrCreateLink: (subject: NamedNode, predicate: NamedNode, object: NamedNode, doc: NamedNode) => Promise; + loadOrCreateIfNotExists: (doc: NamedNode) => Promise; +}; +//# sourceMappingURL=utilityLogic.d.ts.map \ No newline at end of file diff --git a/dist/util/utilityLogic.d.ts.map b/dist/util/utilityLogic.d.ts.map new file mode 100644 index 0000000..ae968c1 --- /dev/null +++ b/dist/util/utilityLogic.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"utilityLogic.d.ts","sourceRoot":"","sources":["../../src/util/utilityLogic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAW,MAAM,QAAQ,CAAA;AAK3C,wBAAgB,kBAAkB,CAAC,KAAK,KAAA,EAAE,QAAQ,KAAA,EAAE,cAAc,KAAA;qCAElB,SAAS;mCAwFX;QAC1C,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,EAAE,MAAM,CAAC;QAClB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,MAAM,EAAE,MAAM,CAAA;KACf;6BAsCqC,SAAS,WAAW,MAAM;kCA3ErB,SAAS,aAAa,SAAS,UAChE,SAAS,OAAO,SAAS,KAChC,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;mCApCgB,SAAS;EA4HtD"} \ No newline at end of file diff --git a/dist/util/utilityLogic.js b/dist/util/utilityLogic.js new file mode 100644 index 0000000..1e7ae43 --- /dev/null +++ b/dist/util/utilityLogic.js @@ -0,0 +1,144 @@ +import { st, sym } from 'rdflib'; +import { CrossOriginForbiddenError, FetchError, NotEditableError, SameOriginForbiddenError, UnauthorizedError, WebOperationError } from '../logic/CustomError'; +import * as debug from '../util/debug'; +import { differentOrigin } from './utils'; +export function createUtilityLogic(store, aclLogic, containerLogic) { + async function recursiveDelete(containerNode) { + try { + if (containerLogic.isContainer(containerNode)) { + const aclDocUrl = await aclLogic.findAclDocUrl(containerNode); + await store.fetcher._fetch(aclDocUrl, { method: 'DELETE' }); + const containerMembers = await containerLogic.getContainerMembers(containerNode); + await Promise.all(containerMembers.map((url) => recursiveDelete(url))); + } + const nodeToStringHere = containerNode.value; + return store.fetcher._fetch(nodeToStringHere, { method: 'DELETE' }); + } + catch (e) { + debug.log(`Please manually remove ${containerNode.value} from your system.`, e); + } + } + /** + * Create a resource if it really does not exist + * Be absolutely sure something does not exist before creating a new empty file + * as otherwise existing could be deleted. + * @param doc {NamedNode} - The resource + */ + async function loadOrCreateIfNotExists(doc) { + let response; + try { + response = await store.fetcher.load(doc); + } + catch (err) { + if (err.response.status === 404) { + try { + await store.fetcher.webOperation('PUT', doc, { data: '', contentType: 'text/turtle' }); + } + catch (err) { + const msg = 'createIfNotExists: PUT FAILED: ' + doc + ': ' + err; + throw new WebOperationError(msg); + } + await store.fetcher.load(doc); + } + else { + if (err.response.status === 401) { + throw new UnauthorizedError(); + } + if (err.response.status === 403) { + if (differentOrigin(doc)) { + throw new CrossOriginForbiddenError(); + } + throw new SameOriginForbiddenError(); + } + const msg = 'createIfNotExists doc load error NOT 404: ' + doc + ': ' + err; + throw new FetchError(err.status, err.message + msg); + } + } + return response; + } + /* Follow link from this doc to another thing, or else make a new link + ** + ** @returns existing object, or creates it if non existent + */ + async function followOrCreateLink(subject, predicate, object, doc) { + await store.fetcher.load(doc); + const result = store.any(subject, predicate, null, doc); + if (result) + return result; + if (!store.updater.editable(doc)) { + const msg = `followOrCreateLink: cannot edit ${doc.value}`; + debug.warn(msg); + throw new NotEditableError(msg); + } + try { + await store.updater.update([], [st(subject, predicate, object, doc)]); + } + catch (err) { + const msg = `followOrCreateLink: Error making link in ${doc} to ${object}: ${err}`; + debug.warn(msg); + throw new WebOperationError(err); + } + try { + await loadOrCreateIfNotExists(object); + // store.fetcher.webOperation('PUT', object, { data: '', contentType: 'text/turtle'}) + } + catch (err) { + debug.warn(`followOrCreateLink: Error loading or saving new linked document: ${object}: ${err}`); + throw err; + } + return object; + } + // Copied from https://github.com/solidos/web-access-control-tests/blob/v3.0.0/test/surface/delete.test.ts#L5 + async function setSinglePeerAccess(options) { + let str = [ + '@prefix acl: .', + '', + `<#alice> a acl:Authorization;\n acl:agent <${options.ownerWebId}>;`, + ` acl:accessTo <${options.target}>;`, + ` acl:default <${options.target}>;`, + ' acl:mode acl:Read, acl:Write, acl:Control.', + '' + ].join('\n'); + if (options.accessToModes) { + str += [ + '<#bobAccessTo> a acl:Authorization;', + ` acl:agent <${options.peerWebId}>;`, + ` acl:accessTo <${options.target}>;`, + ` acl:mode ${options.accessToModes}.`, + '' + ].join('\n'); + } + if (options.defaultModes) { + str += [ + '<#bobDefault> a acl:Authorization;', + ` acl:agent <${options.peerWebId}>;`, + ` acl:default <${options.target}>;`, + ` acl:mode ${options.defaultModes}.`, + '' + ].join('\n'); + } + const aclDocUrl = await aclLogic.findAclDocUrl(sym(options.target)); + return store.fetcher._fetch(aclDocUrl, { + method: 'PUT', + body: str, + headers: [ + ['Content-Type', 'text/turtle'] + ] + }); + } + async function createEmptyRdfDoc(doc, comment) { + await store.fetcher.webOperation('PUT', doc.uri, { + data: `# ${new Date()} ${comment} + `, + contentType: 'text/turtle', + }); + } + return { + recursiveDelete, + setSinglePeerAccess, + createEmptyRdfDoc, + followOrCreateLink, + loadOrCreateIfNotExists + }; +} +//# sourceMappingURL=utilityLogic.js.map \ No newline at end of file diff --git a/dist/util/utilityLogic.js.map b/dist/util/utilityLogic.js.map new file mode 100644 index 0000000..e6cf2d5 --- /dev/null +++ b/dist/util/utilityLogic.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utilityLogic.js","sourceRoot":"","sources":["../../src/util/utilityLogic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAa,EAAE,EAAE,GAAG,EAAE,MAAM,QAAQ,CAAA;AAC3C,OAAO,EAAE,yBAAyB,EAAE,UAAU,EAAE,gBAAgB,EAAE,wBAAwB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AAC9J,OAAO,KAAK,KAAK,MAAM,eAAe,CAAA;AACtC,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAA;AAEzC,MAAM,UAAU,kBAAkB,CAAC,KAAK,EAAE,QAAQ,EAAE,cAAc;IAEhE,KAAK,UAAU,eAAe,CAAC,aAAwB;QACnD,IAAI,CAAC;YACH,IAAI,cAAc,CAAC,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;gBAC9C,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,aAAa,CAAC,aAAa,CAAC,CAAA;gBAC7D,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAA;gBAC3D,MAAM,gBAAgB,GAAG,MAAM,cAAc,CAAC,mBAAmB,CAAC,aAAa,CAAC,CAAA;gBAChF,MAAM,OAAO,CAAC,GAAG,CACf,gBAAgB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CACpD,CAAA;YACH,CAAC;YACD,MAAM,gBAAgB,GAAG,aAAa,CAAC,KAAK,CAAA;YAC5C,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,gBAAgB,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAA;QACrE,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,KAAK,CAAC,GAAG,CAAC,0BAA0B,aAAa,CAAC,KAAK,oBAAoB,EAAE,CAAC,CAAC,CAAA;QACjF,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,UAAU,uBAAuB,CAAC,GAAc;QACnD,IAAI,QAAQ,CAAA;QACZ,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAC1C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAChC,IAAI,CAAC;oBACH,MAAM,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,WAAW,EAAE,aAAa,EAAE,CAAC,CAAA;gBACxF,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,MAAM,GAAG,GAAG,iCAAiC,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG,CAAA;oBAChE,MAAM,IAAI,iBAAiB,CAAC,GAAG,CAAC,CAAA;gBAClC,CAAC;gBACD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAC/B,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAChC,MAAM,IAAI,iBAAiB,EAAE,CAAA;gBAC/B,CAAC;gBACD,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAChC,IAAI,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC;wBACzB,MAAM,IAAI,yBAAyB,EAAE,CAAA;oBACvC,CAAC;oBACD,MAAM,IAAI,wBAAwB,EAAE,CAAA;gBACtC,CAAC;gBACD,MAAM,GAAG,GAAG,6CAA6C,GAAG,GAAG,GAAG,IAAI,GAAG,GAAG,CAAA;gBAC5E,MAAM,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,OAAO,GAAG,GAAG,CAAC,CAAA;YACrD,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED;;;MAGE;IACF,KAAK,UAAU,kBAAkB,CAAC,OAAkB,EAAE,SAAoB,EACxE,MAAiB,EAAE,GAAc;QAEjC,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;QAC7B,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,CAAC,CAAA;QAEvD,IAAI,MAAM;YAAE,OAAO,MAAmB,CAAA;QACtC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACjC,MAAM,GAAG,GAAG,mCAAmC,GAAG,CAAC,KAAK,EAAE,CAAA;YAC1D,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YACf,MAAM,IAAI,gBAAgB,CAAC,GAAG,CAAC,CAAA;QACjC,CAAC;QACD,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,CAAA;QACvE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,4CAA4C,GAAG,OAAO,MAAM,KAAK,GAAG,EAAE,CAAA;YAClF,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YACf,MAAM,IAAI,iBAAiB,CAAC,GAAG,CAAC,CAAA;QAClC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,uBAAuB,CAAC,MAAM,CAAC,CAAA;YACrC,qFAAqF;QACvF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,KAAK,CAAC,IAAI,CAAC,oEAAoE,MAAM,KAAK,GAAG,EAAE,CAAC,CAAA;YAChG,MAAM,GAAG,CAAA;QACX,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED,6GAA6G;IAC7G,KAAK,UAAU,mBAAmB,CAAC,OAMlC;QACC,IAAI,GAAG,GAAG;YACR,gDAAgD;YAChD,EAAE;YACF,+CAA+C,OAAO,CAAC,UAAU,IAAI;YACrE,mBAAmB,OAAO,CAAC,MAAM,IAAI;YACrC,kBAAkB,OAAO,CAAC,MAAM,IAAI;YACpC,8CAA8C;YAC9C,EAAE;SACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACZ,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;YAC1B,GAAG,IAAI;gBACL,qCAAqC;gBACrC,gBAAgB,OAAO,CAAC,SAAS,IAAI;gBACrC,mBAAmB,OAAO,CAAC,MAAM,IAAI;gBACrC,cAAc,OAAO,CAAC,aAAa,GAAG;gBACtC,EAAE;aACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACd,CAAC;QACD,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;YACzB,GAAG,IAAI;gBACL,oCAAoC;gBACpC,gBAAgB,OAAO,CAAC,SAAS,IAAI;gBACrC,kBAAkB,OAAO,CAAC,MAAM,IAAI;gBACpC,cAAc,OAAO,CAAC,YAAY,GAAG;gBACrC,EAAE;aACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACd,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAA;QACnE,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE;YACrC,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,GAAG;YACT,OAAO,EAAE;gBACP,CAAC,cAAc,EAAE,aAAa,CAAC;aAChC;SACF,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,UAAU,iBAAiB,CAAC,GAAc,EAAE,OAAe;QAC9D,MAAM,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,GAAG,EAAE;YAC/C,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,IAAI,OAAO;GACnC;YACG,WAAW,EAAE,aAAa;SAC3B,CAAC,CAAA;IACJ,CAAC;IAED,OAAO;QACL,eAAe;QACf,mBAAmB;QACnB,iBAAiB;QACjB,kBAAkB;QAClB,uBAAuB;KACxB,CAAA;AACH,CAAC"} \ No newline at end of file diff --git a/dist/util/utils.d.ts b/dist/util/utils.d.ts new file mode 100644 index 0000000..1920f8a --- /dev/null +++ b/dist/util/utils.d.ts @@ -0,0 +1,8 @@ +import { NamedNode } from 'rdflib'; +export declare function newThing(doc: NamedNode): NamedNode; +export declare function uniqueNodes(arr: NamedNode[]): NamedNode[]; +export declare function getArchiveUrl(baseUrl: string, date: Date): string; +export declare function differentOrigin(doc: any): boolean; +export declare function suggestPreferencesFile(me: NamedNode): NamedNode; +export declare function determineChatContainer(invitee: NamedNode, podRoot: NamedNode): NamedNode; +//# sourceMappingURL=utils.d.ts.map \ No newline at end of file diff --git a/dist/util/utils.d.ts.map b/dist/util/utils.d.ts.map new file mode 100644 index 0000000..6bbf3f2 --- /dev/null +++ b/dist/util/utils.d.ts.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/util/utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAO,MAAM,QAAQ,CAAA;AAEvC,wBAAgB,QAAQ,CAAC,GAAG,EAAE,SAAS,GAAG,SAAS,CAElD;AAED,wBAAgB,WAAW,CAAE,GAAG,EAAE,SAAS,EAAE,GAAG,SAAS,EAAE,CAM1D;AAED,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,UAOxD;AAED,wBAAgB,eAAe,CAAC,GAAG,KAAA,GAAG,OAAO,CAO5C;AAED,wBAAgB,sBAAsB,CAAE,EAAE,EAAC,SAAS,aAMnD;AAED,wBAAgB,sBAAsB,CAClC,OAAO,EAAE,SAAS,EAClB,OAAO,EAAE,SAAS,GACnB,SAAS,CAQX"} \ No newline at end of file diff --git a/dist/util/utils.js b/dist/util/utils.js new file mode 100644 index 0000000..f6d2c02 --- /dev/null +++ b/dist/util/utils.js @@ -0,0 +1,39 @@ +import { NamedNode, sym } from 'rdflib'; +export function newThing(doc) { + return sym(doc.uri + '#' + 'id' + ('' + Date.now())); +} +export function uniqueNodes(arr) { + const uris = arr.map(x => x.uri); + const set = new Set(uris); + const uris2 = Array.from(set); + const arr2 = uris2.map(u => new NamedNode(u)); + return arr2; // Array.from(new Set(arr.map(x => x.uri))).map(u => sym(u)) +} +export function getArchiveUrl(baseUrl, date) { + const year = date.getUTCFullYear(); + const month = ('0' + (date.getUTCMonth() + 1)).slice(-2); + const day = ('0' + (date.getUTCDate())).slice(-2); + const parts = baseUrl.split('/'); + const filename = parts[parts.length - 1]; + return new URL(`./archive/${year}/${month}/${day}/${filename}`, baseUrl).toString(); +} +export function differentOrigin(doc) { + if (!doc) { + return true; + } + return (`${window.location.origin}/` !== new URL(doc.value).origin); +} +export function suggestPreferencesFile(me) { + const stripped = me.uri.replace('/profile/', '/').replace('/public/', '/'); + // const stripped = me.uri.replace(\/[p|P]rofile/\g, '/').replace(\/[p|P]ublic/\g, '/') + const folderURI = stripped.split('/').slice(0, -1).join('/') + '/Settings/'; + const fileURI = folderURI + 'Preferences.ttl'; + return sym(fileURI); +} +export function determineChatContainer(invitee, podRoot) { + // Create chat + // See https://gitter.im/solid/chat-app?at=5f3c800f855be416a23ae74a + const chatContainerStr = new URL(`IndividualChats/${new URL(invitee.value).host}/`, podRoot.value).toString(); + return new NamedNode(chatContainerStr); +} +//# sourceMappingURL=utils.js.map \ No newline at end of file diff --git a/dist/util/utils.js.map b/dist/util/utils.js.map new file mode 100644 index 0000000..0acb4b3 --- /dev/null +++ b/dist/util/utils.js.map @@ -0,0 +1 @@ +{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/util/utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,GAAG,EAAE,MAAM,QAAQ,CAAA;AAEvC,MAAM,UAAU,QAAQ,CAAC,GAAc;IACnC,OAAO,GAAG,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,IAAI,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAA;AACxD,CAAC;AAED,MAAM,UAAU,WAAW,CAAE,GAAgB;IACzC,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IAChC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,CAAA;IACzB,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAC7B,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,CAAA;IAC7C,OAAO,IAAI,CAAA,CAAC,4DAA4D;AAC5E,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,OAAe,EAAE,IAAU;IACrD,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAA;IAClC,MAAM,KAAK,GAAG,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,GAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IACtD,MAAM,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAChC,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAE,CAAC,CAAE,CAAA;IACxC,OAAO,IAAI,GAAG,CAAC,aAAa,IAAI,IAAI,KAAK,IAAI,GAAG,IAAI,QAAQ,EAAE,EAAE,OAAO,CAAC,CAAC,QAAQ,EAAE,CAAA;AACvF,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,GAAG;IAC/B,IAAI,CAAC,GAAG,EAAE,CAAC;QACP,OAAO,IAAI,CAAA;IACf,CAAC;IACD,OAAO,CACH,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,KAAK,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,CAC7D,CAAA;AACL,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAE,EAAY;IAChD,MAAM,QAAQ,GAAG,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,UAAU,EAAE,GAAG,CAAC,CAAA;IAC1E,uFAAuF;IACvF,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,YAAY,CAAA;IAC1E,MAAM,OAAO,GAAG,SAAS,GAAG,iBAAiB,CAAA;IAC7C,OAAO,GAAG,CAAC,OAAO,CAAC,CAAA;AACvB,CAAC;AAED,MAAM,UAAU,sBAAsB,CAClC,OAAkB,EAClB,OAAkB;IAElB,cAAc;IACd,mEAAmE;IACnE,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAC5B,mBAAmB,IAAI,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,EACjD,OAAO,CAAC,KAAK,CAChB,CAAC,QAAQ,EAAE,CAAA;IACZ,OAAO,IAAI,SAAS,CAAC,gBAAgB,CAAC,CAAA;AAC1C,CAAC"} \ No newline at end of file diff --git a/dist/versionInfo.js b/dist/versionInfo.js new file mode 100644 index 0000000..5783f89 --- /dev/null +++ b/dist/versionInfo.js @@ -0,0 +1,36 @@ +export default { + buildTime: '2026-01-18T06:40:00Z', + commit: '77a6fee34118445f8db921916ad7d451507837d5', + npmInfo: { + 'solid-logic-jss': '4.1.1', + 'npm': '11.5.1', + 'node': '24.5.0', + 'acorn': '8.15.0', + 'ada': '3.2.6', + 'amaro': '1.1.1', + 'ares': '1.34.5', + 'brotli': '1.1.0', + 'cjs_module_lexer': '2.1.0', + 'cldr': '47.0', + 'icu': '77.1', + 'llhttp': '9.3.0', + 'modules': '137', + 'napi': '10', + 'nbytes': '0.1.1', + 'ncrypto': '0.0.1', + 'nghttp2': '1.66.0', + 'openssl': '3.5.1', + 'simdjson': '3.13.0', + 'simdutf': '6.4.0', + 'sqlite': '3.50.3', + 'tz': '2025b', + 'undici': '7.12.0', + 'unicode': '16.0', + 'uv': '1.51.0', + 'uvwasi': '0.0.21', + 'v8': '13.6.233.10-node.21', + 'zlib': '1.3.1-470d3a2', + 'zstd': '1.5.7', + } +}; +//# sourceMappingURL=versionInfo.js.map \ No newline at end of file diff --git a/dist/versionInfo.js.map b/dist/versionInfo.js.map new file mode 100644 index 0000000..3d11426 --- /dev/null +++ b/dist/versionInfo.js.map @@ -0,0 +1 @@ +{"version":3,"file":"versionInfo.js","sourceRoot":"","sources":["../src/versionInfo.ts"],"names":[],"mappings":"AAAA,eAAe;IACb,SAAS,EAAE,sBAAsB;IACjC,MAAM,EAAE,0CAA0C;IAClD,OAAO,EAAE;QACP,iBAAiB,EAAE,OAAO;QAC1B,KAAK,EAAE,QAAQ;QACf,MAAM,EAAE,QAAQ;QAChB,OAAO,EAAE,QAAQ;QACjB,KAAK,EAAE,OAAO;QACd,OAAO,EAAE,OAAO;QAChB,MAAM,EAAE,QAAQ;QAChB,QAAQ,EAAE,OAAO;QACjB,kBAAkB,EAAE,OAAO;QAC3B,MAAM,EAAE,MAAM;QACd,KAAK,EAAE,MAAM;QACb,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,KAAK;QAChB,MAAM,EAAE,IAAI;QACZ,QAAQ,EAAE,OAAO;QACjB,SAAS,EAAE,OAAO;QAClB,SAAS,EAAE,QAAQ;QACnB,SAAS,EAAE,OAAO;QAClB,UAAU,EAAE,QAAQ;QACpB,SAAS,EAAE,OAAO;QAClB,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,MAAM;QACjB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,qBAAqB;QAC3B,MAAM,EAAE,eAAe;QACvB,MAAM,EAAE,OAAO;KAChB;CACF,CAAA"} \ No newline at end of file diff --git a/jest.config.mjs b/jest.config.mjs index 6574372..2d6fff5 100644 --- a/jest.config.mjs +++ b/jest.config.mjs @@ -8,6 +8,14 @@ export default { customExportConditions: ['node'], }, testPathIgnorePatterns: ['/node_modules/', '/dist/'], + // Transform ESM packages (solid-oidc and jose) + transformIgnorePatterns: [ + '/node_modules/(?!(solid-oidc|jose)/)', + ], + // Map CDN imports to npm packages for testing + moduleNameMapper: { + '^https://esm\\.sh/jose@5$': 'jose', + }, transform: { '^.+\\.[tj]sx?$': ['babel-jest', { configFile: './babel.config.mjs' }], }, diff --git a/package-lock.json b/package-lock.json index 62fe982..a19894f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,16 +1,16 @@ { - "name": "solid-logic", - "version": "4.0.1", + "name": "solid-logic-jss", + "version": "4.1.1", "lockfileVersion": 3, "requires": true, "packages": { "": { - "name": "solid-logic", - "version": "4.0.1", + "name": "solid-logic-jss", + "version": "4.1.1", "license": "MIT", "dependencies": { - "@inrupt/solid-client-authn-browser": "^3.1.0", - "solid-namespace": "^0.5.4" + "solid-namespace": "^0.5.4", + "solid-oidc": "github:JavaScriptSolidServer/solid-oidc" }, "devDependencies": { "@babel/core": "^7.28.4", @@ -26,6 +26,8 @@ "jest": "^30.2.0", "jest-environment-jsdom": "^30.0.2", "jest-fetch-mock": "^3.0.3", + "jose": "^6.1.3", + "rdflib": "github:JavaScriptSolidServer/rdflib.js", "terser-webpack-plugin": "^5.3.14", "ts-loader": "^9.5.4", "tslib": "^2.8.1", @@ -34,7 +36,7 @@ "webpack-cli": "^6.0.1" }, "peerDependencies": { - "rdflib": "^2.3.0" + "rdflib": "github:JavaScriptSolidServer/rdflib.js" } }, "node_modules/@asamuzakjp/css-color": { @@ -59,13 +61,13 @@ "license": "ISC" }, "node_modules/@babel/code-frame": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", - "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.28.6.tgz", + "integrity": "sha512-JYgintcMjRiCvS8mMECzaEn+m3PfoQiyqukOMCCVQtoJGYJw8j/8LBJEiqkHLkfwCcs74E3pbAUFNg7d9VNJ+Q==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-validator-identifier": "^7.27.1", + "@babel/helper-validator-identifier": "^7.28.5", "js-tokens": "^4.0.0", "picocolors": "^1.1.1" }, @@ -74,9 +76,9 @@ } }, "node_modules/@babel/compat-data": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.28.5.tgz", - "integrity": "sha512-6uFXyCayocRbqhZOB+6XcuZbkMNimwfVGFji8CTZnCzOHVGvDqzvitu1re2AU5LROliz7eQPhB8CpAMvnx9EjA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/compat-data/-/compat-data-7.28.6.tgz", + "integrity": "sha512-2lfu57JtzctfIrcGMz992hyLlByuzgIk58+hhGCxjKZ3rWI82NnVLjXcaTqkI2NvlcvOskZaiZ5kjUALo3Lpxg==", "dev": true, "license": "MIT", "engines": { @@ -84,22 +86,21 @@ } }, "node_modules/@babel/core": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.28.5.tgz", - "integrity": "sha512-e7jT4DxYvIDLk1ZHmU/m/mB19rex9sv0c2ftBtjSBv+kVM/902eh0fINUzD7UwLLNR+jU585GxUJ8/EBfAM5fw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.28.6.tgz", + "integrity": "sha512-H3mcG6ZDLTlYfaSNi0iOKkigqMFvkTKlGUYlD8GW7nNOYRrevuA46iTypPyv+06V3fEmvvazfntkBU34L0azAw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { - "@babel/code-frame": "^7.27.1", - "@babel/generator": "^7.28.5", - "@babel/helper-compilation-targets": "^7.27.2", - "@babel/helper-module-transforms": "^7.28.3", - "@babel/helpers": "^7.28.4", - "@babel/parser": "^7.28.5", - "@babel/template": "^7.27.2", - "@babel/traverse": "^7.28.5", - "@babel/types": "^7.28.5", + "@babel/code-frame": "^7.28.6", + "@babel/generator": "^7.28.6", + "@babel/helper-compilation-targets": "^7.28.6", + "@babel/helper-module-transforms": "^7.28.6", + "@babel/helpers": "^7.28.6", + "@babel/parser": "^7.28.6", + "@babel/template": "^7.28.6", + "@babel/traverse": "^7.28.6", + "@babel/types": "^7.28.6", "@jridgewell/remapping": "^2.3.5", "convert-source-map": "^2.0.0", "debug": "^4.1.0", @@ -116,14 +117,14 @@ } }, "node_modules/@babel/generator": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.28.5.tgz", - "integrity": "sha512-3EwLFhZ38J4VyIP6WNtt2kUdW9dokXA9Cr4IVIFHuCpZ3H8/YFOl5JjZHisrn1fATPBmKKqXzDFvh9fUwHz6CQ==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/generator/-/generator-7.28.6.tgz", + "integrity": "sha512-lOoVRwADj8hjf7al89tvQ2a1lf53Z+7tiXMgpZJL3maQPDxh0DgLMN62B2MKUOFcoodBHLMbDM6WAbKgNy5Suw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/parser": "^7.28.5", - "@babel/types": "^7.28.5", + "@babel/parser": "^7.28.6", + "@babel/types": "^7.28.6", "@jridgewell/gen-mapping": "^0.3.12", "@jridgewell/trace-mapping": "^0.3.28", "jsesc": "^3.0.2" @@ -146,13 +147,13 @@ } }, "node_modules/@babel/helper-compilation-targets": { - "version": "7.27.2", - "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.27.2.tgz", - "integrity": "sha512-2+1thGUUWWjLTYTHZWK1n8Yga0ijBz1XAhUXcKy81rd5g6yh7hGqMp45v7cadSbEHc9G3OTv45SyneRN3ps4DQ==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/helper-compilation-targets/-/helper-compilation-targets-7.28.6.tgz", + "integrity": "sha512-JYtls3hqi15fcx5GaSNL7SCTJ2MNmjrkHXg4FSpOA/grxK8KwyZ5bubHsCq8FXCkua6xhuaaBit+3b7+VZRfcA==", "dev": true, "license": "MIT", "dependencies": { - "@babel/compat-data": "^7.27.2", + "@babel/compat-data": "^7.28.6", "@babel/helper-validator-option": "^7.27.1", "browserslist": "^4.24.0", "lru-cache": "^5.1.1", @@ -163,18 +164,18 @@ } }, "node_modules/@babel/helper-create-class-features-plugin": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.28.5.tgz", - "integrity": "sha512-q3WC4JfdODypvxArsJQROfupPBq9+lMwjKq7C33GhbFYJsufD0yd/ziwD+hJucLeWsnFPWZjsU2DNFqBPE7jwQ==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.28.6.tgz", + "integrity": "sha512-dTOdvsjnG3xNT9Y0AUg1wAl38y+4Rl4sf9caSQZOXdNqVn+H+HbbJ4IyyHaIqNR6SW9oJpA/RuRjsjCw2IdIow==", "dev": true, "license": "MIT", "dependencies": { "@babel/helper-annotate-as-pure": "^7.27.3", "@babel/helper-member-expression-to-functions": "^7.28.5", "@babel/helper-optimise-call-expression": "^7.27.1", - "@babel/helper-replace-supers": "^7.27.1", + "@babel/helper-replace-supers": "^7.28.6", "@babel/helper-skip-transparent-expression-wrappers": "^7.27.1", - "@babel/traverse": "^7.28.5", + "@babel/traverse": "^7.28.6", "semver": "^6.3.1" }, "engines": { @@ -244,29 +245,29 @@ } }, "node_modules/@babel/helper-module-imports": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.27.1.tgz", - "integrity": "sha512-0gSFWUPNXNopqtIPQvlD5WgXYI5GY2kP2cCvoT8kczjbfcfuIljTbcWrulD1CIPIX2gt1wghbDy08yE1p+/r3w==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/helper-module-imports/-/helper-module-imports-7.28.6.tgz", + "integrity": "sha512-l5XkZK7r7wa9LucGw9LwZyyCUscb4x37JWTPz7swwFE/0FMQAGpiWUZn8u9DzkSBWEcK25jmvubfpw2dnAMdbw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/traverse": "^7.27.1", - "@babel/types": "^7.27.1" + "@babel/traverse": "^7.28.6", + "@babel/types": "^7.28.6" }, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/helper-module-transforms": { - "version": "7.28.3", - "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.28.3.tgz", - "integrity": "sha512-gytXUbs8k2sXS9PnQptz5o0QnpLL51SwASIORY6XaBKF88nsOT0Zw9szLqlSGQDP/4TljBAD5y98p2U1fqkdsw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/helper-module-transforms/-/helper-module-transforms-7.28.6.tgz", + "integrity": "sha512-67oXFAYr2cDLDVGLXTEABjdBJZ6drElUSI7WKp70NrpyISso3plG9SAGEF6y7zbha/wOzUByWWTJvEDVNIUGcA==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-module-imports": "^7.27.1", - "@babel/helper-validator-identifier": "^7.27.1", - "@babel/traverse": "^7.28.3" + "@babel/helper-module-imports": "^7.28.6", + "@babel/helper-validator-identifier": "^7.28.5", + "@babel/traverse": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -289,9 +290,9 @@ } }, "node_modules/@babel/helper-plugin-utils": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.27.1.tgz", - "integrity": "sha512-1gn1Up5YXka3YYAHGKpbideQ5Yjf1tDa9qYcgysz+cNCXukyLl6DjPXhD3VRwSb8c0J9tA4b2+rHEZtc6R0tlw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/helper-plugin-utils/-/helper-plugin-utils-7.28.6.tgz", + "integrity": "sha512-S9gzZ/bz83GRysI7gAD4wPT/AI3uCnY+9xn+Mx/KPs2JwHJIz1W8PZkg2cqyt3RNOBM8ejcXhV6y8Og7ly/Dug==", "dev": true, "license": "MIT", "engines": { @@ -317,15 +318,15 @@ } }, "node_modules/@babel/helper-replace-supers": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.27.1.tgz", - "integrity": "sha512-7EHz6qDZc8RYS5ElPoShMheWvEgERonFCs7IAonWLLUTXW59DP14bCZt89/GKyreYn8g3S83m21FelHKbeDCKA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/helper-replace-supers/-/helper-replace-supers-7.28.6.tgz", + "integrity": "sha512-mq8e+laIk94/yFec3DxSjCRD2Z0TAjhVbEJY3UQrlwVo15Lmt7C2wAUbK4bjnTs4APkwsYLTahXRraQXhb1WCg==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-member-expression-to-functions": "^7.27.1", + "@babel/helper-member-expression-to-functions": "^7.28.5", "@babel/helper-optimise-call-expression": "^7.27.1", - "@babel/traverse": "^7.27.1" + "@babel/traverse": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -379,42 +380,42 @@ } }, "node_modules/@babel/helper-wrap-function": { - "version": "7.28.3", - "resolved": "https://registry.npmjs.org/@babel/helper-wrap-function/-/helper-wrap-function-7.28.3.tgz", - "integrity": "sha512-zdf983tNfLZFletc0RRXYrHrucBEg95NIFMkn6K9dbeMYnsgHaSBGcQqdsCSStG2PYwRre0Qc2NNSCXbG+xc6g==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/helper-wrap-function/-/helper-wrap-function-7.28.6.tgz", + "integrity": "sha512-z+PwLziMNBeSQJonizz2AGnndLsP2DeGHIxDAn+wdHOGuo4Fo1x1HBPPXeE9TAOPHNNWQKCSlA2VZyYyyibDnQ==", "dev": true, "license": "MIT", "dependencies": { - "@babel/template": "^7.27.2", - "@babel/traverse": "^7.28.3", - "@babel/types": "^7.28.2" + "@babel/template": "^7.28.6", + "@babel/traverse": "^7.28.6", + "@babel/types": "^7.28.6" }, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/helpers": { - "version": "7.28.4", - "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.28.4.tgz", - "integrity": "sha512-HFN59MmQXGHVyYadKLVumYsA9dBFun/ldYxipEjzA4196jpLZd8UjEEBLkbEkvfYreDqJhZxYAWFPtrfhNpj4w==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.28.6.tgz", + "integrity": "sha512-xOBvwq86HHdB7WUDTfKfT/Vuxh7gElQ+Sfti2Cy6yIWNW05P8iUslOVcZ4/sKbE+/jQaukQAdz/gf3724kYdqw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/template": "^7.27.2", - "@babel/types": "^7.28.4" + "@babel/template": "^7.28.6", + "@babel/types": "^7.28.6" }, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/parser": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.28.5.tgz", - "integrity": "sha512-KKBU1VGYR7ORr3At5HAtUQ+TV3SzRCXmA/8OdDZiLDBIZxVyzXuztPjfLd3BV1PRAQGCMWWSHYhL0F8d5uHBDQ==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.28.6.tgz", + "integrity": "sha512-TeR9zWR18BvbfPmGbLampPMW+uW1NZnJlRuuHso8i87QZNq2JRF9i6RgxRqtEq+wQGsS19NNTWr2duhnE49mfQ==", "dev": true, "license": "MIT", "dependencies": { - "@babel/types": "^7.28.5" + "@babel/types": "^7.28.6" }, "bin": { "parser": "bin/babel-parser.js" @@ -491,14 +492,14 @@ } }, "node_modules/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly": { - "version": "7.28.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly/-/plugin-bugfix-v8-static-class-fields-redefine-readonly-7.28.3.tgz", - "integrity": "sha512-b6YTX108evsvE4YgWyQ921ZAFFQm3Bn+CA3+ZXlNVnPhx+UfsVURoPjfGAPCjBgrqo30yX/C2nZGX96DxvR9Iw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly/-/plugin-bugfix-v8-static-class-fields-redefine-readonly-7.28.6.tgz", + "integrity": "sha512-a0aBScVTlNaiUe35UtfxAN7A/tehvvG4/ByO6+46VPKTRSlfnAFsgKy0FUh+qAkQrDTmhDkT+IBOKlOoMUxQ0g==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1", - "@babel/traverse": "^7.28.3" + "@babel/helper-plugin-utils": "^7.28.6", + "@babel/traverse": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -576,13 +577,13 @@ } }, "node_modules/@babel/plugin-syntax-import-assertions": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-assertions/-/plugin-syntax-import-assertions-7.27.1.tgz", - "integrity": "sha512-UT/Jrhw57xg4ILHLFnzFpPDlMbcdEicaAtjPQpbj9wa8T4r5KVWCimHcL/460g8Ht0DMxDyjsLgiWSkVjnwPFg==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-assertions/-/plugin-syntax-import-assertions-7.28.6.tgz", + "integrity": "sha512-pSJUpFHdx9z5nqTSirOCMtYVP2wFgoWhP0p3g8ONK/4IHhLIBd0B9NYqAvIUAhq+OkhO4VM1tENCt0cjlsNShw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -592,13 +593,13 @@ } }, "node_modules/@babel/plugin-syntax-import-attributes": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-attributes/-/plugin-syntax-import-attributes-7.27.1.tgz", - "integrity": "sha512-oFT0FrKHgF53f4vOsZGi2Hh3I35PfSmVs4IBFLFj4dnafP+hIWDLg3VyKmUHfLoLHlyxY4C7DGtmHuJgn+IGww==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-import-attributes/-/plugin-syntax-import-attributes-7.28.6.tgz", + "integrity": "sha512-jiLC0ma9XkQT3TKJ9uYvlakm66Pamywo+qwL+oL8HJOvc6TWdZXVfhqJr8CCzbSGUAbDOzlGHJC1U+vRfLQDvw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -634,13 +635,13 @@ } }, "node_modules/@babel/plugin-syntax-jsx": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.27.1.tgz", - "integrity": "sha512-y8YTNIeKoyhGd9O0Jiyzyyqk8gdjnumGTQPsz0xOZOQ2RmkVJeZ1vmmfIvFEKqucBG6axJGBZDE/7iI5suUI/w==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-jsx/-/plugin-syntax-jsx-7.28.6.tgz", + "integrity": "sha512-wgEmr06G6sIpqr8YDwA2dSRTE3bJ+V0IfpzfSY3Lfgd7YWOaAdlykvJi13ZKBt8cZHfgH1IXN+CL656W3uUa4w==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -760,13 +761,13 @@ } }, "node_modules/@babel/plugin-syntax-typescript": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.27.1.tgz", - "integrity": "sha512-xfYCBMxveHrRMnAWl1ZlPXOZjzkN82THFvLhQhFXFt81Z5HnN+EtUkZhv/zcKpmT3fzmWZB0ywiBrbC3vogbwQ==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-syntax-typescript/-/plugin-syntax-typescript-7.28.6.tgz", + "integrity": "sha512-+nDNmQye7nlnuuHDboPbGm00Vqg3oO8niRRL27/4LYHUsHYh0zJ1xWOz0uRwNFmM1Avzk8wZbc6rdiYhomzv/A==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -809,15 +810,15 @@ } }, "node_modules/@babel/plugin-transform-async-generator-functions": { - "version": "7.28.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-async-generator-functions/-/plugin-transform-async-generator-functions-7.28.0.tgz", - "integrity": "sha512-BEOdvX4+M765icNPZeidyADIvQ1m1gmunXufXxvRESy/jNNyfovIqUyE7MVgGBjWktCoJlzvFA1To2O4ymIO3Q==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-async-generator-functions/-/plugin-transform-async-generator-functions-7.28.6.tgz", + "integrity": "sha512-9knsChgsMzBV5Yh3kkhrZNxH3oCYAfMBkNNaVN4cP2RVlFPe8wYdwwcnOsAbkdDoV9UjFtOXWrWB52M8W4jNeA==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1", + "@babel/helper-plugin-utils": "^7.28.6", "@babel/helper-remap-async-to-generator": "^7.27.1", - "@babel/traverse": "^7.28.0" + "@babel/traverse": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -827,14 +828,14 @@ } }, "node_modules/@babel/plugin-transform-async-to-generator": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-async-to-generator/-/plugin-transform-async-to-generator-7.27.1.tgz", - "integrity": "sha512-NREkZsZVJS4xmTr8qzE5y8AfIPqsdQfRuUiLRTEzb7Qii8iFWCyDKaUV2c0rCuh4ljDZ98ALHP/PetiBV2nddA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-async-to-generator/-/plugin-transform-async-to-generator-7.28.6.tgz", + "integrity": "sha512-ilTRcmbuXjsMmcZ3HASTe4caH5Tpo93PkTxF9oG2VZsSWsahydmcEHhix9Ik122RcTnZnUzPbmux4wh1swfv7g==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-module-imports": "^7.27.1", - "@babel/helper-plugin-utils": "^7.27.1", + "@babel/helper-module-imports": "^7.28.6", + "@babel/helper-plugin-utils": "^7.28.6", "@babel/helper-remap-async-to-generator": "^7.27.1" }, "engines": { @@ -861,13 +862,13 @@ } }, "node_modules/@babel/plugin-transform-block-scoping": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.28.5.tgz", - "integrity": "sha512-45DmULpySVvmq9Pj3X9B+62Xe+DJGov27QravQJU1LLcapR6/10i+gYVAucGGJpHBp5mYxIMK4nDAT/QDLr47g==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.28.6.tgz", + "integrity": "sha512-tt/7wOtBmwHPNMPu7ax4pdPz6shjFrmHDghvNC+FG9Qvj7D6mJcoRQIF5dy4njmxR941l6rgtvfSB2zX3VlUIw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -877,14 +878,14 @@ } }, "node_modules/@babel/plugin-transform-class-properties": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-class-properties/-/plugin-transform-class-properties-7.27.1.tgz", - "integrity": "sha512-D0VcalChDMtuRvJIu3U/fwWjf8ZMykz5iZsg77Nuj821vCKI3zCyRLwRdWbsuJ/uRwZhZ002QtCqIkwC/ZkvbA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-class-properties/-/plugin-transform-class-properties-7.28.6.tgz", + "integrity": "sha512-dY2wS3I2G7D697VHndN91TJr8/AAfXQNt5ynCTI/MpxMsSzHp+52uNivYT5wCPax3whc47DR8Ba7cmlQMg24bw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-create-class-features-plugin": "^7.27.1", - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-create-class-features-plugin": "^7.28.6", + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -894,14 +895,14 @@ } }, "node_modules/@babel/plugin-transform-class-static-block": { - "version": "7.28.3", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-class-static-block/-/plugin-transform-class-static-block-7.28.3.tgz", - "integrity": "sha512-LtPXlBbRoc4Njl/oh1CeD/3jC+atytbnf/UqLoqTDcEYGUPj022+rvfkbDYieUrSj3CaV4yHDByPE+T2HwfsJg==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-class-static-block/-/plugin-transform-class-static-block-7.28.6.tgz", + "integrity": "sha512-rfQ++ghVwTWTqQ7w8qyDxL1XGihjBss4CmTgGRCTAC9RIbhVpyp4fOeZtta0Lbf+dTNIVJer6ych2ibHwkZqsQ==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-create-class-features-plugin": "^7.28.3", - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-create-class-features-plugin": "^7.28.6", + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -911,18 +912,18 @@ } }, "node_modules/@babel/plugin-transform-classes": { - "version": "7.28.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-classes/-/plugin-transform-classes-7.28.4.tgz", - "integrity": "sha512-cFOlhIYPBv/iBoc+KS3M6et2XPtbT2HiCRfBXWtfpc9OAyostldxIf9YAYB6ypURBBbx+Qv6nyrLzASfJe+hBA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-classes/-/plugin-transform-classes-7.28.6.tgz", + "integrity": "sha512-EF5KONAqC5zAqT783iMGuM2ZtmEBy+mJMOKl2BCvPZ2lVrwvXnB6o+OBWCS+CoeCCpVRF2sA2RBKUxvT8tQT5Q==", "dev": true, "license": "MIT", "dependencies": { "@babel/helper-annotate-as-pure": "^7.27.3", - "@babel/helper-compilation-targets": "^7.27.2", + "@babel/helper-compilation-targets": "^7.28.6", "@babel/helper-globals": "^7.28.0", - "@babel/helper-plugin-utils": "^7.27.1", - "@babel/helper-replace-supers": "^7.27.1", - "@babel/traverse": "^7.28.4" + "@babel/helper-plugin-utils": "^7.28.6", + "@babel/helper-replace-supers": "^7.28.6", + "@babel/traverse": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -932,14 +933,14 @@ } }, "node_modules/@babel/plugin-transform-computed-properties": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-computed-properties/-/plugin-transform-computed-properties-7.27.1.tgz", - "integrity": "sha512-lj9PGWvMTVksbWiDT2tW68zGS/cyo4AkZ/QTp0sQT0mjPopCmrSkzxeXkznjqBxzDI6TclZhOJbBmbBLjuOZUw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-computed-properties/-/plugin-transform-computed-properties-7.28.6.tgz", + "integrity": "sha512-bcc3k0ijhHbc2lEfpFHgx7eYw9KNXqOerKWfzbxEHUGKnS3sz9C4CNL9OiFN1297bDNfUiSO7DaLzbvHQQQ1BQ==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1", - "@babel/template": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6", + "@babel/template": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -966,14 +967,14 @@ } }, "node_modules/@babel/plugin-transform-dotall-regex": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-dotall-regex/-/plugin-transform-dotall-regex-7.27.1.tgz", - "integrity": "sha512-gEbkDVGRvjj7+T1ivxrfgygpT7GUd4vmODtYpbs0gZATdkX8/iSnOtZSxiZnsgm1YjTgjI6VKBGSJJevkrclzw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-dotall-regex/-/plugin-transform-dotall-regex-7.28.6.tgz", + "integrity": "sha512-SljjowuNKB7q5Oayv4FoPzeB74g3QgLt8IVJw9ADvWy3QnUb/01aw8I4AVv8wYnPvQz2GDDZ/g3GhcNyDBI4Bg==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-create-regexp-features-plugin": "^7.27.1", - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-create-regexp-features-plugin": "^7.28.5", + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -999,14 +1000,14 @@ } }, "node_modules/@babel/plugin-transform-duplicate-named-capturing-groups-regex": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-duplicate-named-capturing-groups-regex/-/plugin-transform-duplicate-named-capturing-groups-regex-7.27.1.tgz", - "integrity": "sha512-hkGcueTEzuhB30B3eJCbCYeCaaEQOmQR0AdvzpD4LoN0GXMWzzGSuRrxR2xTnCrvNbVwK9N6/jQ92GSLfiZWoQ==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-duplicate-named-capturing-groups-regex/-/plugin-transform-duplicate-named-capturing-groups-regex-7.28.6.tgz", + "integrity": "sha512-5suVoXjC14lUN6ZL9OLKIHCNVWCrqGqlmEp/ixdXjvgnEl/kauLvvMO/Xw9NyMc95Joj1AeLVPVMvibBgSoFlA==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-create-regexp-features-plugin": "^7.27.1", - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-create-regexp-features-plugin": "^7.28.5", + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1032,14 +1033,14 @@ } }, "node_modules/@babel/plugin-transform-explicit-resource-management": { - "version": "7.28.0", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-explicit-resource-management/-/plugin-transform-explicit-resource-management-7.28.0.tgz", - "integrity": "sha512-K8nhUcn3f6iB+P3gwCv/no7OdzOZQcKchW6N389V6PD8NUWKZHzndOd9sPDVbMoBsbmjMqlB4L9fm+fEFNVlwQ==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-explicit-resource-management/-/plugin-transform-explicit-resource-management-7.28.6.tgz", + "integrity": "sha512-Iao5Konzx2b6g7EPqTy40UZbcdXE126tTxVFr/nAIj+WItNxjKSYTEw3RC+A2/ZetmdJsgueL1KhaMCQHkLPIg==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1", - "@babel/plugin-transform-destructuring": "^7.28.0" + "@babel/helper-plugin-utils": "^7.28.6", + "@babel/plugin-transform-destructuring": "^7.28.5" }, "engines": { "node": ">=6.9.0" @@ -1049,13 +1050,13 @@ } }, "node_modules/@babel/plugin-transform-exponentiation-operator": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-exponentiation-operator/-/plugin-transform-exponentiation-operator-7.28.5.tgz", - "integrity": "sha512-D4WIMaFtwa2NizOp+dnoFjRez/ClKiC2BqqImwKd1X28nqBtZEyCYJ2ozQrrzlxAFrcrjxo39S6khe9RNDlGzw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-exponentiation-operator/-/plugin-transform-exponentiation-operator-7.28.6.tgz", + "integrity": "sha512-WitabqiGjV/vJ0aPOLSFfNY1u9U3R7W36B03r5I2KoNix+a3sOhJ3pKFB3R5It9/UiK78NiO0KE9P21cMhlPkw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1116,13 +1117,13 @@ } }, "node_modules/@babel/plugin-transform-json-strings": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-json-strings/-/plugin-transform-json-strings-7.27.1.tgz", - "integrity": "sha512-6WVLVJiTjqcQauBhn1LkICsR2H+zm62I3h9faTDKt1qP4jn2o72tSvqMwtGFKGTpojce0gJs+76eZ2uCHRZh0Q==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-json-strings/-/plugin-transform-json-strings-7.28.6.tgz", + "integrity": "sha512-Nr+hEN+0geQkzhbdgQVPoqr47lZbm+5fCUmO70722xJZd0Mvb59+33QLImGj6F+DkK3xgDi1YVysP8whD6FQAw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1148,13 +1149,13 @@ } }, "node_modules/@babel/plugin-transform-logical-assignment-operators": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-logical-assignment-operators/-/plugin-transform-logical-assignment-operators-7.28.5.tgz", - "integrity": "sha512-axUuqnUTBuXyHGcJEVVh9pORaN6wC5bYfE7FGzPiaWa3syib9m7g+/IT/4VgCOe2Upef43PHzeAvcrVek6QuuA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-logical-assignment-operators/-/plugin-transform-logical-assignment-operators-7.28.6.tgz", + "integrity": "sha512-+anKKair6gpi8VsM/95kmomGNMD0eLz1NQ8+Pfw5sAwWH9fGYXT50E55ZpV0pHUHWf6IUTWPM+f/7AAff+wr9A==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1197,14 +1198,14 @@ } }, "node_modules/@babel/plugin-transform-modules-commonjs": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.27.1.tgz", - "integrity": "sha512-OJguuwlTYlN0gBZFRPqwOGNWssZjfIUdS7HMYtN8c1KmwpwHFBwTeFZrg9XZa+DFTitWOW5iTAG7tyCUPsCCyw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.28.6.tgz", + "integrity": "sha512-jppVbf8IV9iWWwWTQIxJMAJCWBuuKx71475wHwYytrRGQ2CWiDvYlADQno3tcYpS/T2UUWFQp3nVtYfK/YBQrA==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-module-transforms": "^7.27.1", - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-module-transforms": "^7.28.6", + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1283,13 +1284,13 @@ } }, "node_modules/@babel/plugin-transform-nullish-coalescing-operator": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-nullish-coalescing-operator/-/plugin-transform-nullish-coalescing-operator-7.27.1.tgz", - "integrity": "sha512-aGZh6xMo6q9vq1JGcw58lZ1Z0+i0xB2x0XaauNIUXd6O1xXc3RwoWEBlsTQrY4KQ9Jf0s5rgD6SiNkaUdJegTA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-nullish-coalescing-operator/-/plugin-transform-nullish-coalescing-operator-7.28.6.tgz", + "integrity": "sha512-3wKbRgmzYbw24mDJXT7N+ADXw8BC/imU9yo9c9X9NKaLF1fW+e5H1U5QjMUBe4Qo4Ox/o++IyUkl1sVCLgevKg==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1299,13 +1300,13 @@ } }, "node_modules/@babel/plugin-transform-numeric-separator": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-numeric-separator/-/plugin-transform-numeric-separator-7.27.1.tgz", - "integrity": "sha512-fdPKAcujuvEChxDBJ5c+0BTaS6revLV7CJL08e4m3de8qJfNIuCc2nc7XJYOjBoTMJeqSmwXJ0ypE14RCjLwaw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-numeric-separator/-/plugin-transform-numeric-separator-7.28.6.tgz", + "integrity": "sha512-SJR8hPynj8outz+SlStQSwvziMN4+Bq99it4tMIf5/Caq+3iOc0JtKyse8puvyXkk3eFRIA5ID/XfunGgO5i6w==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1315,17 +1316,17 @@ } }, "node_modules/@babel/plugin-transform-object-rest-spread": { - "version": "7.28.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-object-rest-spread/-/plugin-transform-object-rest-spread-7.28.4.tgz", - "integrity": "sha512-373KA2HQzKhQCYiRVIRr+3MjpCObqzDlyrM6u4I201wL8Mp2wHf7uB8GhDwis03k2ti8Zr65Zyyqs1xOxUF/Ew==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-object-rest-spread/-/plugin-transform-object-rest-spread-7.28.6.tgz", + "integrity": "sha512-5rh+JR4JBC4pGkXLAcYdLHZjXudVxWMXbB6u6+E9lRL5TrGVbHt1TjxGbZ8CkmYw9zjkB7jutzOROArsqtncEA==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-compilation-targets": "^7.27.2", - "@babel/helper-plugin-utils": "^7.27.1", - "@babel/plugin-transform-destructuring": "^7.28.0", + "@babel/helper-compilation-targets": "^7.28.6", + "@babel/helper-plugin-utils": "^7.28.6", + "@babel/plugin-transform-destructuring": "^7.28.5", "@babel/plugin-transform-parameters": "^7.27.7", - "@babel/traverse": "^7.28.4" + "@babel/traverse": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1352,13 +1353,13 @@ } }, "node_modules/@babel/plugin-transform-optional-catch-binding": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-optional-catch-binding/-/plugin-transform-optional-catch-binding-7.27.1.tgz", - "integrity": "sha512-txEAEKzYrHEX4xSZN4kJ+OfKXFVSWKB2ZxM9dpcE3wT7smwkNmXo5ORRlVzMVdJbD+Q8ILTgSD7959uj+3Dm3Q==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-optional-catch-binding/-/plugin-transform-optional-catch-binding-7.28.6.tgz", + "integrity": "sha512-R8ja/Pyrv0OGAvAXQhSTmWyPJPml+0TMqXlO5w+AsMEiwb2fg3WkOvob7UxFSL3OIttFSGSRFKQsOhJ/X6HQdQ==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1368,13 +1369,13 @@ } }, "node_modules/@babel/plugin-transform-optional-chaining": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-optional-chaining/-/plugin-transform-optional-chaining-7.28.5.tgz", - "integrity": "sha512-N6fut9IZlPnjPwgiQkXNhb+cT8wQKFlJNqcZkWlcTqkcqx6/kU4ynGmLFoa4LViBSirn05YAwk+sQBbPfxtYzQ==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-optional-chaining/-/plugin-transform-optional-chaining-7.28.6.tgz", + "integrity": "sha512-A4zobikRGJTsX9uqVFdafzGkqD30t26ck2LmOzAuLL8b2x6k3TIqRiT2xVvA9fNmFeTX484VpsdgmKNA0bS23w==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1", + "@babel/helper-plugin-utils": "^7.28.6", "@babel/helper-skip-transparent-expression-wrappers": "^7.27.1" }, "engines": { @@ -1401,14 +1402,14 @@ } }, "node_modules/@babel/plugin-transform-private-methods": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-private-methods/-/plugin-transform-private-methods-7.27.1.tgz", - "integrity": "sha512-10FVt+X55AjRAYI9BrdISN9/AQWHqldOeZDUoLyif1Kn05a56xVBXb8ZouL8pZ9jem8QpXaOt8TS7RHUIS+GPA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-private-methods/-/plugin-transform-private-methods-7.28.6.tgz", + "integrity": "sha512-piiuapX9CRv7+0st8lmuUlRSmX6mBcVeNQ1b4AYzJxfCMuBfB0vBXDiGSmm03pKJw1v6cZ8KSeM+oUnM6yAExg==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-create-class-features-plugin": "^7.27.1", - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-create-class-features-plugin": "^7.28.6", + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1418,15 +1419,15 @@ } }, "node_modules/@babel/plugin-transform-private-property-in-object": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-private-property-in-object/-/plugin-transform-private-property-in-object-7.27.1.tgz", - "integrity": "sha512-5J+IhqTi1XPa0DXF83jYOaARrX+41gOewWbkPyjMNRDqgOCqdffGh8L3f/Ek5utaEBZExjSAzcyjmV9SSAWObQ==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-private-property-in-object/-/plugin-transform-private-property-in-object-7.28.6.tgz", + "integrity": "sha512-b97jvNSOb5+ehyQmBpmhOCiUC5oVK4PMnpRvO7+ymFBoqYjeDHIU9jnrNUuwHOiL9RpGDoKBpSViarV+BU+eVA==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-annotate-as-pure": "^7.27.1", - "@babel/helper-create-class-features-plugin": "^7.27.1", - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-annotate-as-pure": "^7.27.3", + "@babel/helper-create-class-features-plugin": "^7.28.6", + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1452,13 +1453,13 @@ } }, "node_modules/@babel/plugin-transform-regenerator": { - "version": "7.28.4", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-regenerator/-/plugin-transform-regenerator-7.28.4.tgz", - "integrity": "sha512-+ZEdQlBoRg9m2NnzvEeLgtvBMO4tkFBw5SQIUgLICgTrumLoU7lr+Oghi6km2PFj+dbUt2u1oby2w3BDO9YQnA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-regenerator/-/plugin-transform-regenerator-7.28.6.tgz", + "integrity": "sha512-eZhoEZHYQLL5uc1gS5e9/oTknS0sSSAtd5TkKMUp3J+S/CaUjagc0kOUPsEbDmMeva0nC3WWl4SxVY6+OBuxfw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1468,14 +1469,14 @@ } }, "node_modules/@babel/plugin-transform-regexp-modifiers": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-regexp-modifiers/-/plugin-transform-regexp-modifiers-7.27.1.tgz", - "integrity": "sha512-TtEciroaiODtXvLZv4rmfMhkCv8jx3wgKpL68PuiPh2M4fvz5jhsA7697N1gMvkvr/JTF13DrFYyEbY9U7cVPA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-regexp-modifiers/-/plugin-transform-regexp-modifiers-7.28.6.tgz", + "integrity": "sha512-QGWAepm9qxpaIs7UM9FvUSnCGlb8Ua1RhyM4/veAxLwt3gMat/LSGrZixyuj4I6+Kn9iwvqCyPTtbdxanYoWYg==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-create-regexp-features-plugin": "^7.27.1", - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-create-regexp-features-plugin": "^7.28.5", + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1517,13 +1518,13 @@ } }, "node_modules/@babel/plugin-transform-spread": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-spread/-/plugin-transform-spread-7.27.1.tgz", - "integrity": "sha512-kpb3HUqaILBJcRFVhFUs6Trdd4mkrzcGXss+6/mxUd273PfbWqSDHRzMT2234gIg2QYfAjvXLSquP1xECSg09Q==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-spread/-/plugin-transform-spread-7.28.6.tgz", + "integrity": "sha512-9U4QObUC0FtJl05AsUcodau/RWDytrU6uKgkxu09mLR9HLDAtUMoPuuskm5huQsoktmsYpI+bGmq+iapDcriKA==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-plugin-utils": "^7.27.1", + "@babel/helper-plugin-utils": "^7.28.6", "@babel/helper-skip-transparent-expression-wrappers": "^7.27.1" }, "engines": { @@ -1582,17 +1583,17 @@ } }, "node_modules/@babel/plugin-transform-typescript": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-typescript/-/plugin-transform-typescript-7.28.5.tgz", - "integrity": "sha512-x2Qa+v/CuEoX7Dr31iAfr0IhInrVOWZU/2vJMJ00FOR/2nM0BcBEclpaf9sWCDc+v5e9dMrhSH8/atq/kX7+bA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-typescript/-/plugin-transform-typescript-7.28.6.tgz", + "integrity": "sha512-0YWL2RFxOqEm9Efk5PvreamxPME8OyY0wM5wh5lHjF+VtVhdneCWGzZeSqzOfiobVqQaNCd2z0tQvnI9DaPWPw==", "dev": true, "license": "MIT", "dependencies": { "@babel/helper-annotate-as-pure": "^7.27.3", - "@babel/helper-create-class-features-plugin": "^7.28.5", - "@babel/helper-plugin-utils": "^7.27.1", + "@babel/helper-create-class-features-plugin": "^7.28.6", + "@babel/helper-plugin-utils": "^7.28.6", "@babel/helper-skip-transparent-expression-wrappers": "^7.27.1", - "@babel/plugin-syntax-typescript": "^7.27.1" + "@babel/plugin-syntax-typescript": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1618,14 +1619,14 @@ } }, "node_modules/@babel/plugin-transform-unicode-property-regex": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-unicode-property-regex/-/plugin-transform-unicode-property-regex-7.27.1.tgz", - "integrity": "sha512-uW20S39PnaTImxp39O5qFlHLS9LJEmANjMG7SxIhap8rCHqu0Ik+tLEPX5DKmHn6CsWQ7j3lix2tFOa5YtL12Q==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-unicode-property-regex/-/plugin-transform-unicode-property-regex-7.28.6.tgz", + "integrity": "sha512-4Wlbdl/sIZjzi/8St0evF0gEZrgOswVO6aOzqxh1kDZOl9WmLrHq2HtGhnOJZmHZYKP8WZ1MDLCt5DAWwRo57A==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-create-regexp-features-plugin": "^7.27.1", - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-create-regexp-features-plugin": "^7.28.5", + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1652,14 +1653,14 @@ } }, "node_modules/@babel/plugin-transform-unicode-sets-regex": { - "version": "7.27.1", - "resolved": "https://registry.npmjs.org/@babel/plugin-transform-unicode-sets-regex/-/plugin-transform-unicode-sets-regex-7.27.1.tgz", - "integrity": "sha512-EtkOujbc4cgvb0mlpQefi4NTPBzhSIevblFevACNLUspmrALgmEBdL/XfnyyITfd8fKBZrZys92zOWcik7j9Tw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/plugin-transform-unicode-sets-regex/-/plugin-transform-unicode-sets-regex-7.28.6.tgz", + "integrity": "sha512-/wHc/paTUmsDYN7SZkpWxogTOBNnlx7nBQYfy6JJlCT7G3mVhltk3e++N7zV0XfgGsrqBxd4rJQt9H16I21Y1Q==", "dev": true, "license": "MIT", "dependencies": { - "@babel/helper-create-regexp-features-plugin": "^7.27.1", - "@babel/helper-plugin-utils": "^7.27.1" + "@babel/helper-create-regexp-features-plugin": "^7.28.5", + "@babel/helper-plugin-utils": "^7.28.6" }, "engines": { "node": ">=6.9.0" @@ -1669,76 +1670,76 @@ } }, "node_modules/@babel/preset-env": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.28.5.tgz", - "integrity": "sha512-S36mOoi1Sb6Fz98fBfE+UZSpYw5mJm0NUHtIKrOuNcqeFauy1J6dIvXm2KRVKobOSaGq4t/hBXdN4HGU3wL9Wg==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/preset-env/-/preset-env-7.28.6.tgz", + "integrity": "sha512-GaTI4nXDrs7l0qaJ6Rg06dtOXTBCG6TMDB44zbqofCIC4PqC7SEvmFFtpxzCDw9W5aJ7RKVshgXTLvLdBFV/qw==", "dev": true, "license": "MIT", "dependencies": { - "@babel/compat-data": "^7.28.5", - "@babel/helper-compilation-targets": "^7.27.2", - "@babel/helper-plugin-utils": "^7.27.1", + "@babel/compat-data": "^7.28.6", + "@babel/helper-compilation-targets": "^7.28.6", + "@babel/helper-plugin-utils": "^7.28.6", "@babel/helper-validator-option": "^7.27.1", "@babel/plugin-bugfix-firefox-class-in-computed-class-key": "^7.28.5", "@babel/plugin-bugfix-safari-class-field-initializer-scope": "^7.27.1", "@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression": "^7.27.1", "@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining": "^7.27.1", - "@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly": "^7.28.3", + "@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly": "^7.28.6", "@babel/plugin-proposal-private-property-in-object": "7.21.0-placeholder-for-preset-env.2", - "@babel/plugin-syntax-import-assertions": "^7.27.1", - "@babel/plugin-syntax-import-attributes": "^7.27.1", + "@babel/plugin-syntax-import-assertions": "^7.28.6", + "@babel/plugin-syntax-import-attributes": "^7.28.6", "@babel/plugin-syntax-unicode-sets-regex": "^7.18.6", "@babel/plugin-transform-arrow-functions": "^7.27.1", - "@babel/plugin-transform-async-generator-functions": "^7.28.0", - "@babel/plugin-transform-async-to-generator": "^7.27.1", + "@babel/plugin-transform-async-generator-functions": "^7.28.6", + "@babel/plugin-transform-async-to-generator": "^7.28.6", "@babel/plugin-transform-block-scoped-functions": "^7.27.1", - "@babel/plugin-transform-block-scoping": "^7.28.5", - "@babel/plugin-transform-class-properties": "^7.27.1", - "@babel/plugin-transform-class-static-block": "^7.28.3", - "@babel/plugin-transform-classes": "^7.28.4", - "@babel/plugin-transform-computed-properties": "^7.27.1", + "@babel/plugin-transform-block-scoping": "^7.28.6", + "@babel/plugin-transform-class-properties": "^7.28.6", + "@babel/plugin-transform-class-static-block": "^7.28.6", + "@babel/plugin-transform-classes": "^7.28.6", + "@babel/plugin-transform-computed-properties": "^7.28.6", "@babel/plugin-transform-destructuring": "^7.28.5", - "@babel/plugin-transform-dotall-regex": "^7.27.1", + "@babel/plugin-transform-dotall-regex": "^7.28.6", "@babel/plugin-transform-duplicate-keys": "^7.27.1", - "@babel/plugin-transform-duplicate-named-capturing-groups-regex": "^7.27.1", + "@babel/plugin-transform-duplicate-named-capturing-groups-regex": "^7.28.6", "@babel/plugin-transform-dynamic-import": "^7.27.1", - "@babel/plugin-transform-explicit-resource-management": "^7.28.0", - "@babel/plugin-transform-exponentiation-operator": "^7.28.5", + "@babel/plugin-transform-explicit-resource-management": "^7.28.6", + "@babel/plugin-transform-exponentiation-operator": "^7.28.6", "@babel/plugin-transform-export-namespace-from": "^7.27.1", "@babel/plugin-transform-for-of": "^7.27.1", "@babel/plugin-transform-function-name": "^7.27.1", - "@babel/plugin-transform-json-strings": "^7.27.1", + "@babel/plugin-transform-json-strings": "^7.28.6", "@babel/plugin-transform-literals": "^7.27.1", - "@babel/plugin-transform-logical-assignment-operators": "^7.28.5", + "@babel/plugin-transform-logical-assignment-operators": "^7.28.6", "@babel/plugin-transform-member-expression-literals": "^7.27.1", "@babel/plugin-transform-modules-amd": "^7.27.1", - "@babel/plugin-transform-modules-commonjs": "^7.27.1", + "@babel/plugin-transform-modules-commonjs": "^7.28.6", "@babel/plugin-transform-modules-systemjs": "^7.28.5", "@babel/plugin-transform-modules-umd": "^7.27.1", "@babel/plugin-transform-named-capturing-groups-regex": "^7.27.1", "@babel/plugin-transform-new-target": "^7.27.1", - "@babel/plugin-transform-nullish-coalescing-operator": "^7.27.1", - "@babel/plugin-transform-numeric-separator": "^7.27.1", - "@babel/plugin-transform-object-rest-spread": "^7.28.4", + "@babel/plugin-transform-nullish-coalescing-operator": "^7.28.6", + "@babel/plugin-transform-numeric-separator": "^7.28.6", + "@babel/plugin-transform-object-rest-spread": "^7.28.6", "@babel/plugin-transform-object-super": "^7.27.1", - "@babel/plugin-transform-optional-catch-binding": "^7.27.1", - "@babel/plugin-transform-optional-chaining": "^7.28.5", + "@babel/plugin-transform-optional-catch-binding": "^7.28.6", + "@babel/plugin-transform-optional-chaining": "^7.28.6", "@babel/plugin-transform-parameters": "^7.27.7", - "@babel/plugin-transform-private-methods": "^7.27.1", - "@babel/plugin-transform-private-property-in-object": "^7.27.1", + "@babel/plugin-transform-private-methods": "^7.28.6", + "@babel/plugin-transform-private-property-in-object": "^7.28.6", "@babel/plugin-transform-property-literals": "^7.27.1", - "@babel/plugin-transform-regenerator": "^7.28.4", - "@babel/plugin-transform-regexp-modifiers": "^7.27.1", + "@babel/plugin-transform-regenerator": "^7.28.6", + "@babel/plugin-transform-regexp-modifiers": "^7.28.6", "@babel/plugin-transform-reserved-words": "^7.27.1", "@babel/plugin-transform-shorthand-properties": "^7.27.1", - "@babel/plugin-transform-spread": "^7.27.1", + "@babel/plugin-transform-spread": "^7.28.6", "@babel/plugin-transform-sticky-regex": "^7.27.1", "@babel/plugin-transform-template-literals": "^7.27.1", "@babel/plugin-transform-typeof-symbol": "^7.27.1", "@babel/plugin-transform-unicode-escapes": "^7.27.1", - "@babel/plugin-transform-unicode-property-regex": "^7.27.1", + "@babel/plugin-transform-unicode-property-regex": "^7.28.6", "@babel/plugin-transform-unicode-regex": "^7.27.1", - "@babel/plugin-transform-unicode-sets-regex": "^7.27.1", + "@babel/plugin-transform-unicode-sets-regex": "^7.28.6", "@babel/preset-modules": "0.1.6-no-external-plugins", "babel-plugin-polyfill-corejs2": "^0.4.14", "babel-plugin-polyfill-corejs3": "^0.13.0", @@ -1789,42 +1790,43 @@ } }, "node_modules/@babel/runtime": { - "version": "7.28.4", - "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.28.4.tgz", - "integrity": "sha512-Q/N6JNWvIvPnLDvjlE1OUBLPQHH6l3CltCEsHIujp45zQUSSh8K+gHnaEX45yAT1nyngnINhvWtzN+Nb9D8RAQ==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.28.6.tgz", + "integrity": "sha512-05WQkdpL9COIMz4LjTxGpPNCdlpyimKppYNoJ5Di5EUObifl8t4tuLuUBBZEpoLYOmfvIWrsp9fCl0HoPRVTdA==", + "dev": true, "license": "MIT", "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/template": { - "version": "7.27.2", - "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.27.2.tgz", - "integrity": "sha512-LPDZ85aEJyYSd18/DkjNh4/y1ntkE5KwUHWTiqgRxruuZL2F1yuHligVHLvcHY2vMHXttKFpJn6LwfI7cw7ODw==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.28.6.tgz", + "integrity": "sha512-YA6Ma2KsCdGb+WC6UpBVFJGXL58MDA6oyONbjyF/+5sBgxY/dwkhLogbMT2GXXyU84/IhRw/2D1Os1B/giz+BQ==", "dev": true, "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.27.1", - "@babel/parser": "^7.27.2", - "@babel/types": "^7.27.1" + "@babel/code-frame": "^7.28.6", + "@babel/parser": "^7.28.6", + "@babel/types": "^7.28.6" }, "engines": { "node": ">=6.9.0" } }, "node_modules/@babel/traverse": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.28.5.tgz", - "integrity": "sha512-TCCj4t55U90khlYkVV/0TfkJkAkUg3jZFA3Neb7unZT8CPok7iiRfaX0F+WnqWqt7OxhOn0uBKXCw4lbL8W0aQ==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/traverse/-/traverse-7.28.6.tgz", + "integrity": "sha512-fgWX62k02qtjqdSNTAGxmKYY/7FSL9WAS1o2Hu5+I5m9T0yxZzr4cnrfXQ/MX0rIifthCSs6FKTlzYbJcPtMNg==", "dev": true, "license": "MIT", "dependencies": { - "@babel/code-frame": "^7.27.1", - "@babel/generator": "^7.28.5", + "@babel/code-frame": "^7.28.6", + "@babel/generator": "^7.28.6", "@babel/helper-globals": "^7.28.0", - "@babel/parser": "^7.28.5", - "@babel/template": "^7.27.2", - "@babel/types": "^7.28.5", + "@babel/parser": "^7.28.6", + "@babel/template": "^7.28.6", + "@babel/types": "^7.28.6", "debug": "^4.3.1" }, "engines": { @@ -1832,9 +1834,9 @@ } }, "node_modules/@babel/types": { - "version": "7.28.5", - "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.28.5.tgz", - "integrity": "sha512-qQ5m48eI/MFLQ5PxQj4PFaprjyCTLI37ElWMmNs0K8Lk3dVeOdNpB3ks8jc7yM5CDmVC73eMVk/trk3fgmrUpA==", + "version": "7.28.6", + "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.28.6.tgz", + "integrity": "sha512-0ZrskXVEHSWIqZM/sQZ4EV3jZJXRkio/WCxaqKZP1g//CEWEPSfeZFcms4XeKBCHU0ZKnIkdJeU/kF+eRp5lBg==", "dev": true, "license": "MIT", "dependencies": { @@ -1940,7 +1942,6 @@ } ], "license": "MIT", - "peer": true, "engines": { "node": ">=18" }, @@ -1964,25 +1965,10 @@ } ], "license": "MIT", - "peer": true, "engines": { "node": ">=18" } }, - "node_modules/@digitalbazaar/http-client": { - "version": "3.4.1", - "resolved": "https://registry.npmjs.org/@digitalbazaar/http-client/-/http-client-3.4.1.tgz", - "integrity": "sha512-Ahk1N+s7urkgj7WvvUND5f8GiWEPfUw0D41hdElaqLgu8wZScI8gdI0q+qWw5N1d35x7GCRH2uk9mi+Uzo9M3g==", - "license": "BSD-3-Clause", - "dependencies": { - "ky": "^0.33.3", - "ky-universal": "^0.11.0", - "undici": "^5.21.2" - }, - "engines": { - "node": ">=14.0" - } - }, "node_modules/@discoveryjs/json-ext": { "version": "0.6.3", "resolved": "https://registry.npmjs.org/@discoveryjs/json-ext/-/json-ext-0.6.3.tgz", @@ -1994,9 +1980,9 @@ } }, "node_modules/@emnapi/core": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@emnapi/core/-/core-1.7.1.tgz", - "integrity": "sha512-o1uhUASyo921r2XtHYOHy7gdkGLge8ghBEQHMWmyJFoXlpU58kIrhhN3w26lpQb6dspetweapMn2CSNwQ8I4wg==", + "version": "1.8.1", + "resolved": "https://registry.npmjs.org/@emnapi/core/-/core-1.8.1.tgz", + "integrity": "sha512-AvT9QFpxK0Zd8J0jopedNm+w/2fIzvtPKPjqyw9jwvBaReTTqPBk9Hixaz7KbjimP+QNz605/XnjFcDAL2pqBg==", "dev": true, "license": "MIT", "optional": true, @@ -2006,9 +1992,9 @@ } }, "node_modules/@emnapi/runtime": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-1.7.1.tgz", - "integrity": "sha512-PVtJr5CmLwYAU9PZDMITZoR5iAOShYREoR45EyyLrbntV50mdePTgUn4AmOw90Ifcj+x2kRjdzr1HP3RrNiHGA==", + "version": "1.8.1", + "resolved": "https://registry.npmjs.org/@emnapi/runtime/-/runtime-1.8.1.tgz", + "integrity": "sha512-mehfKSMWjjNol8659Z8KxEMrdSJDDot5SXMq00dM8BN4o+CLNXQ0xH2V7EchNHV4RmbZLmmPdEaXZc5H2FXmDg==", "dev": true, "license": "MIT", "optional": true, @@ -2028,9 +2014,9 @@ } }, "node_modules/@eslint-community/eslint-utils": { - "version": "4.9.0", - "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.9.0.tgz", - "integrity": "sha512-ayVFHdtZ+hsq1t2Dy24wCmGXGe4q9Gu3smhLYALJrr473ZH27MsnSL+LKUlimp4BWJqMDMLmPpx/Q9R3OAlL4g==", + "version": "4.9.1", + "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.9.1.tgz", + "integrity": "sha512-phrYmNiYppR7znFEdqgfWHXR6NCkZEK7hwWDHZUjit/2/U0r6XvkDl0SYnoM51Hq7FhCGdLDT6zxCCOY1hexsQ==", "dev": true, "license": "MIT", "dependencies": { @@ -2135,9 +2121,9 @@ } }, "node_modules/@eslint/eslintrc": { - "version": "3.3.1", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.3.1.tgz", - "integrity": "sha512-gtF186CXhIl1p4pJNGZw8Yc6RlshoePRvE0X91oPGb3vZ8pM3qOS9W9NGPat9LziaBV7XrJWGylNQXkGcnM3IQ==", + "version": "3.3.3", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.3.3.tgz", + "integrity": "sha512-Kr+LPIUVKz2qkx1HAMH8q1q6azbqBAsXJUxBl/ODDuVPX45Z9DfwB8tPjTi6nNZ8BuM3nbJxC5zCAg5elnBUTQ==", "dev": true, "license": "MIT", "dependencies": { @@ -2147,7 +2133,7 @@ "globals": "^14.0.0", "ignore": "^5.2.0", "import-fresh": "^3.2.1", - "js-yaml": "^4.1.0", + "js-yaml": "^4.1.1", "minimatch": "^3.1.2", "strip-json-comments": "^3.1.1" }, @@ -2239,24 +2225,6 @@ "node": "^18.18.0 || ^20.9.0 || >=21.1.0" } }, - "node_modules/@fastify/busboy": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/@fastify/busboy/-/busboy-2.1.1.tgz", - "integrity": "sha512-vBZP4NlzfOlerQTnba4aqZoMhE/a9HY7HRqoOPaETQcSQuWEIyZMHGfVu6w9wGtGK5fED5qRs2DteVCjOH60sA==", - "license": "MIT", - "engines": { - "node": ">=14" - } - }, - "node_modules/@frogcat/ttl2jsonld": { - "version": "0.0.10", - "resolved": "https://registry.npmjs.org/@frogcat/ttl2jsonld/-/ttl2jsonld-0.0.10.tgz", - "integrity": "sha512-0NLM96V3ziZkkOlhixSZiXe8CzewECVNtSj04s2hW2e65SgzQPzM12VWSovuRIy+2UJA2Bjkf9405yrty9tgcg==", - "license": "MIT", - "bin": { - "ttl2jsonld": "bin/cli.js" - } - }, "node_modules/@humanfs/core": { "version": "0.19.1", "resolved": "https://registry.npmjs.org/@humanfs/core/-/core-0.19.1.tgz", @@ -2309,58 +2277,6 @@ "url": "https://github.com/sponsors/nzakas" } }, - "node_modules/@inrupt/oidc-client": { - "version": "1.11.6", - "resolved": "https://registry.npmjs.org/@inrupt/oidc-client/-/oidc-client-1.11.6.tgz", - "integrity": "sha512-1rCTk1T6pdm/7gKozutZutk7jwmYBADlnkGGoI5ypke099NOCa5KFXjkQpbjsps0PRkKZ+0EaR70XN5+xqmViA==", - "license": "Apache-2.0", - "dependencies": { - "acorn": "^7.4.1", - "base64-js": "^1.5.1", - "core-js": "^3.8.3", - "crypto-js": "^4.0.0", - "serialize-javascript": "^4.0.0" - } - }, - "node_modules/@inrupt/oidc-client-ext": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/@inrupt/oidc-client-ext/-/oidc-client-ext-3.1.1.tgz", - "integrity": "sha512-vftKD2u5nufZTFkdUDMS3Uxj5xNQwArP11OFaALFkq6/3RwCAhe3lwOv8hNzL7Scv98T+KbAErBM0TwGGrS69g==", - "license": "MIT", - "dependencies": { - "@inrupt/oidc-client": "^1.11.6", - "@inrupt/solid-client-authn-core": "^3.1.1", - "jose": "^5.1.3", - "uuid": "^11.1.0" - } - }, - "node_modules/@inrupt/solid-client-authn-browser": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/@inrupt/solid-client-authn-browser/-/solid-client-authn-browser-3.1.1.tgz", - "integrity": "sha512-Wd7TREmvdhTp+Sk88ei3hlg54sG1fNqkkPkuS+2tDBkcsXaViRQAEugVyh5pWRkd1xSFKrEzftb7UYEG4mJ0CQ==", - "license": "MIT", - "dependencies": { - "@inrupt/oidc-client-ext": "^3.1.1", - "@inrupt/solid-client-authn-core": "^3.1.1", - "events": "^3.3.0", - "jose": "^5.1.3", - "uuid": "^11.1.0" - } - }, - "node_modules/@inrupt/solid-client-authn-core": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/@inrupt/solid-client-authn-core/-/solid-client-authn-core-3.1.1.tgz", - "integrity": "sha512-1oDSQCh/pVtPlTyvLQ2uwHo+hpLJF7izg82tjB+Ge8jqGYwkQyId0BrfncpCk//uJXxgRIcfAQp2MhXYbZo80Q==", - "license": "MIT", - "dependencies": { - "events": "^3.3.0", - "jose": "^5.1.3", - "uuid": "^11.1.0" - }, - "engines": { - "node": "^20.0.0 || ^22.0.0" - } - }, "node_modules/@isaacs/cliui": { "version": "8.0.2", "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz", @@ -2379,91 +2295,6 @@ "node": ">=12" } }, - "node_modules/@isaacs/cliui/node_modules/ansi-regex": { - "version": "6.2.2", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.2.2.tgz", - "integrity": "sha512-Bq3SmSpyFHaWjPk8If9yc6svM8c56dB5BAtW4Qbw5jHTwwXXcTLoRMkpDJp6VL0XzlWaCHTXrkFURMYmD0sLqg==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-regex?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/ansi-styles": { - "version": "6.2.3", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.3.tgz", - "integrity": "sha512-4Dj6M28JB+oAH8kFkTLUo+a2jwOFkuqb3yucU0CANcRRUbxS0cP0nZYCGjcc3BNXwRIsUVmDGgzawme7zvJHvg==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/ansi-styles?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/emoji-regex": { - "version": "9.2.2", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", - "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==", - "dev": true, - "license": "MIT" - }, - "node_modules/@isaacs/cliui/node_modules/string-width": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", - "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", - "dev": true, - "license": "MIT", - "dependencies": { - "eastasianwidth": "^0.2.0", - "emoji-regex": "^9.2.2", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/@isaacs/cliui/node_modules/strip-ansi": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.2.tgz", - "integrity": "sha512-gmBGslpoQJtgnMAvOVqGZpEz9dyoKTCzy2nfz/n8aIFhN/jCE/rCmcxabB6jOOHV+0WNnylOxaxBQPSvcWklhA==", - "dev": true, - "license": "MIT", - "dependencies": { - "ansi-regex": "^6.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/strip-ansi?sponsor=1" - } - }, - "node_modules/@isaacs/cliui/node_modules/wrap-ansi": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", - "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", - "dev": true, - "license": "MIT", - "dependencies": { - "ansi-styles": "^6.1.0", - "string-width": "^5.0.1", - "strip-ansi": "^7.0.1" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/chalk/wrap-ansi?sponsor=1" - } - }, "node_modules/@istanbuljs/load-nyc-config": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", @@ -2795,27 +2626,6 @@ } } }, - "node_modules/@jest/reporters/node_modules/glob": { - "version": "10.5.0", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.5.0.tgz", - "integrity": "sha512-DfXN8DfhJ7NH3Oe7cFmu3NCu1wKbkReJ8TorzSAFbSKrlNaQSKfIzqYqVY8zlbs2NLBbWpRiU52GX2PbaBVNkg==", - "dev": true, - "license": "ISC", - "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - }, - "bin": { - "glob": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/@jest/schemas": { "version": "30.0.5", "resolved": "https://registry.npmjs.org/@jest/schemas/-/schemas-30.0.5.tgz", @@ -3040,6 +2850,7 @@ "version": "2.0.1", "resolved": "https://registry.npmjs.org/@rdfjs/types/-/types-2.0.1.tgz", "integrity": "sha512-uyAzpugX7KekAXAHq26m3JlUIZJOC0uSBhpnefGV5i15bevDyyejoB7I+9MKeUrzXD8OOUI3+4FeV1wwQr5ihA==", + "dev": true, "license": "MIT", "dependencies": { "@types/node": "*" @@ -3053,9 +2864,9 @@ "license": "MIT" }, "node_modules/@sinclair/typebox": { - "version": "0.34.41", - "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.41.tgz", - "integrity": "sha512-6gS8pZzSXdyRHTIqoqSVknxolr1kzfy4/CeDnrzsVz8TTIWUbOBr6gnzOmTYJ3eXQNh4IYHIGi5aIL7sOZ2G/g==", + "version": "0.34.47", + "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.47.tgz", + "integrity": "sha512-ZGIBQ+XDvO5JQku9wmwtabcVTHJsgSWAHYtVuM9pBNNR5E88v6Jcj/llpmsjivig5X8A8HHOb4/mbEKPS5EvAw==", "dev": true, "license": "MIT" }, @@ -3229,9 +3040,10 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "24.10.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-24.10.1.tgz", - "integrity": "sha512-GNWcUTRBgIRJD5zj+Tq0fKOJ5XZajIiBroOF0yvj2bSU1WvNdYS/dn9UxwsujGW4JX06dnHyjV2y9rRaybH0iQ==", + "version": "25.0.9", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.0.9.tgz", + "integrity": "sha512-/rpCXHlCWeqClNBwUhDcusJxXYDjZTyE8v5oTO7WbL8eij2nKhUeU89/6xgjU7N4/Vh3He0BtyhJdQbDyhiXAw==", + "dev": true, "license": "MIT", "dependencies": { "undici-types": "~7.16.0" @@ -3269,17 +3081,17 @@ "license": "MIT" }, "node_modules/@typescript-eslint/parser": { - "version": "8.51.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.51.0.tgz", - "integrity": "sha512-3xP4XzzDNQOIqBMWogftkwxhg5oMKApqY0BAflmLZiFYHqyhSOxv/cd/zPQLTcCXr4AkaKb25joocY0BD1WC6A==", + "version": "8.53.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.53.0.tgz", + "integrity": "sha512-npiaib8XzbjtzS2N4HlqPvlpxpmZ14FjSJrteZpPxGUaYPlvhzlzUZ4mZyABo0EFrOWnvyd0Xxroq//hKhtAWg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/scope-manager": "8.51.0", - "@typescript-eslint/types": "8.51.0", - "@typescript-eslint/typescript-estree": "8.51.0", - "@typescript-eslint/visitor-keys": "8.51.0", - "debug": "^4.3.4" + "@typescript-eslint/scope-manager": "8.53.0", + "@typescript-eslint/types": "8.53.0", + "@typescript-eslint/typescript-estree": "8.53.0", + "@typescript-eslint/visitor-keys": "8.53.0", + "debug": "^4.4.3" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3294,15 +3106,15 @@ } }, "node_modules/@typescript-eslint/project-service": { - "version": "8.51.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.51.0.tgz", - "integrity": "sha512-Luv/GafO07Z7HpiI7qeEW5NW8HUtZI/fo/kE0YbtQEFpJRUuR0ajcWfCE5bnMvL7QQFrmT/odMe8QZww8X2nfQ==", + "version": "8.53.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.53.0.tgz", + "integrity": "sha512-Bl6Gdr7NqkqIP5yP9z1JU///Nmes4Eose6L1HwpuVHwScgDPPuEWbUVhvlZmb8hy0vX9syLk5EGNL700WcBlbg==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/tsconfig-utils": "^8.51.0", - "@typescript-eslint/types": "^8.51.0", - "debug": "^4.3.4" + "@typescript-eslint/tsconfig-utils": "^8.53.0", + "@typescript-eslint/types": "^8.53.0", + "debug": "^4.4.3" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3316,14 +3128,14 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "8.51.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.51.0.tgz", - "integrity": "sha512-JhhJDVwsSx4hiOEQPeajGhCWgBMBwVkxC/Pet53EpBVs7zHHtayKefw1jtPaNRXpI9RA2uocdmpdfE7T+NrizA==", + "version": "8.53.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.53.0.tgz", + "integrity": "sha512-kWNj3l01eOGSdVBnfAF2K1BTh06WS0Yet6JUgb9Cmkqaz3Jlu0fdVUjj9UI8gPidBWSMqDIglmEXifSgDT/D0g==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.51.0", - "@typescript-eslint/visitor-keys": "8.51.0" + "@typescript-eslint/types": "8.53.0", + "@typescript-eslint/visitor-keys": "8.53.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3334,9 +3146,9 @@ } }, "node_modules/@typescript-eslint/tsconfig-utils": { - "version": "8.51.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.51.0.tgz", - "integrity": "sha512-Qi5bSy/vuHeWyir2C8u/uqGMIlIDu8fuiYWv48ZGlZ/k+PRPHtaAu7erpc7p5bzw2WNNSniuxoMSO4Ar6V9OXw==", + "version": "8.53.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/tsconfig-utils/-/tsconfig-utils-8.53.0.tgz", + "integrity": "sha512-K6Sc0R5GIG6dNoPdOooQ+KtvT5KCKAvTcY8h2rIuul19vxH5OTQk7ArKkd4yTzkw66WnNY0kPPzzcmWA+XRmiA==", "dev": true, "license": "MIT", "engines": { @@ -3351,9 +3163,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "8.51.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.51.0.tgz", - "integrity": "sha512-TizAvWYFM6sSscmEakjY3sPqGwxZRSywSsPEiuZF6d5GmGD9Gvlsv0f6N8FvAAA0CD06l3rIcWNbsN1e5F/9Ag==", + "version": "8.53.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.53.0.tgz", + "integrity": "sha512-Bmh9KX31Vlxa13+PqPvt4RzKRN1XORYSLlAE+sO1i28NkisGbTtSLFVB3l7PWdHtR3E0mVMuC7JilWJ99m2HxQ==", "dev": true, "license": "MIT", "engines": { @@ -3365,21 +3177,21 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "8.51.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.51.0.tgz", - "integrity": "sha512-1qNjGqFRmlq0VW5iVlcyHBbCjPB7y6SxpBkrbhNWMy/65ZoncXCEPJxkRZL8McrseNH6lFhaxCIaX+vBuFnRng==", + "version": "8.53.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.53.0.tgz", + "integrity": "sha512-pw0c0Gdo7Z4xOG987u3nJ8akL9093yEEKv8QTJ+Bhkghj1xyj8cgPaavlr9rq8h7+s6plUJ4QJYw2gCZodqmGw==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/project-service": "8.51.0", - "@typescript-eslint/tsconfig-utils": "8.51.0", - "@typescript-eslint/types": "8.51.0", - "@typescript-eslint/visitor-keys": "8.51.0", - "debug": "^4.3.4", - "minimatch": "^9.0.4", - "semver": "^7.6.0", + "@typescript-eslint/project-service": "8.53.0", + "@typescript-eslint/tsconfig-utils": "8.53.0", + "@typescript-eslint/types": "8.53.0", + "@typescript-eslint/visitor-keys": "8.53.0", + "debug": "^4.4.3", + "minimatch": "^9.0.5", + "semver": "^7.7.3", "tinyglobby": "^0.2.15", - "ts-api-utils": "^2.2.0" + "ts-api-utils": "^2.4.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -3406,13 +3218,13 @@ } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "8.51.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.51.0.tgz", - "integrity": "sha512-mM/JRQOzhVN1ykejrvwnBRV3+7yTKK8tVANVN3o1O0t0v7o+jqdVu9crPy5Y9dov15TJk/FTIgoUGHrTOVL3Zg==", + "version": "8.53.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.53.0.tgz", + "integrity": "sha512-LZ2NqIHFhvFwxG0qZeLL9DvdNAHPGCY5dIRwBhyYeU+LfLhcStE1ImjsuTG/WaVh3XysGaeLW8Rqq7cGkPCFvw==", "dev": true, "license": "MIT", "dependencies": { - "@typescript-eslint/types": "8.51.0", + "@typescript-eslint/types": "8.53.0", "eslint-visitor-keys": "^4.2.1" }, "engines": { @@ -3907,15 +3719,6 @@ } } }, - "node_modules/@xmldom/xmldom": { - "version": "0.8.11", - "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.11.tgz", - "integrity": "sha512-cQzWCtO6C8TQiYl1ruKNn2U6Ao4o4WBBcbL61yJl84x+j5sOWWFU9X7DpND8XZG3daDppSsigMdfAIl2upQBRw==", - "license": "MIT", - "engines": { - "node": ">=10.0.0" - } - }, "node_modules/@xtuc/ieee754": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/@xtuc/ieee754/-/ieee754-1.2.0.tgz", @@ -3930,24 +3733,12 @@ "dev": true, "license": "Apache-2.0" }, - "node_modules/abort-controller": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/abort-controller/-/abort-controller-3.0.0.tgz", - "integrity": "sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==", - "license": "MIT", - "dependencies": { - "event-target-shim": "^5.0.0" - }, - "engines": { - "node": ">=6.5" - } - }, "node_modules/acorn": { - "version": "7.4.1", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", - "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz", + "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", + "dev": true, "license": "MIT", - "peer": true, "bin": { "acorn": "bin/acorn" }, @@ -3955,6 +3746,19 @@ "node": ">=0.4.0" } }, + "node_modules/acorn-import-phases": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/acorn-import-phases/-/acorn-import-phases-1.0.4.tgz", + "integrity": "sha512-wKmbr/DDiIXzEOiWrTTUcDm24kQ2vGfZQvM2fwg2vXqR5uW6aapr7ObPtj1th32b9u90/Pf4AItvdTh42fBmVQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=10.13.0" + }, + "peerDependencies": { + "acorn": "^8.14.0" + } + }, "node_modules/acorn-jsx": { "version": "5.3.2", "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz", @@ -4051,13 +3855,16 @@ } }, "node_modules/ansi-regex": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", - "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "version": "6.2.2", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.2.2.tgz", + "integrity": "sha512-Bq3SmSpyFHaWjPk8If9yc6svM8c56dB5BAtW4Qbw5jHTwwXXcTLoRMkpDJp6VL0XzlWaCHTXrkFURMYmD0sLqg==", "dev": true, "license": "MIT", "engines": { - "node": ">=8" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/chalk/ansi-regex?sponsor=1" } }, "node_modules/ansi-styles": { @@ -4413,30 +4220,10 @@ "dev": true, "license": "MIT" }, - "node_modules/base64-js": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", - "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ], - "license": "MIT" - }, "node_modules/baseline-browser-mapping": { - "version": "2.9.11", - "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.9.11.tgz", - "integrity": "sha512-Sg0xJUNDU1sJNGdfGWhVHX0kkZ+HWcvmVymJbj6NSgZZmW/8S9Y2HQ5euytnIgakgxN6papOAWiwDo1ctFDcoQ==", + "version": "2.9.15", + "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.9.15.tgz", + "integrity": "sha512-kX8h7K2srmDyYnXRIppo4AH/wYgzWVCs+eKr3RusRSQ5PvRYoEFmR/I0PbdTjKFAoKqp5+kbxnNTFO9jOfSVJg==", "dev": true, "license": "Apache-2.0", "bin": { @@ -4486,7 +4273,6 @@ } ], "license": "MIT", - "peer": true, "dependencies": { "baseline-browser-mapping": "^2.9.0", "caniuse-lite": "^1.0.30001759", @@ -4511,30 +4297,6 @@ "node-int64": "^0.4.0" } }, - "node_modules/buffer": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz", - "integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ], - "license": "MIT", - "dependencies": { - "base64-js": "^1.3.1", - "ieee754": "^1.2.1" - } - }, "node_modules/buffer-from": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", @@ -4613,9 +4375,9 @@ } }, "node_modules/caniuse-lite": { - "version": "1.0.30001761", - "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001761.tgz", - "integrity": "sha512-JF9ptu1vP2coz98+5051jZ4PwQgd2ni8A+gYSN7EA7dPKIMf0pDlSUxhdmVOaV3/fYK5uWBkgSXJaRLr4+3A6g==", + "version": "1.0.30001764", + "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001764.tgz", + "integrity": "sha512-9JGuzl2M+vPL+pz70gtMF9sHdMFbY9FJaQBi186cHKH3pSzDvzoUJUPV6fqiKIMyXbud9ZLg4F3Yza1vJ1+93g==", "dev": true, "funding": [ { @@ -4633,12 +4395,6 @@ ], "license": "CC-BY-4.0" }, - "node_modules/canonicalize": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/canonicalize/-/canonicalize-1.0.8.tgz", - "integrity": "sha512-0CNTVCLZggSh7bc5VkX5WWPWO+cyZbNd07IHIsSXLia/eAq+r836hgk+8BKoEh7949Mda87VUOitx5OddVj64A==", - "license": "Apache-2.0" - }, "node_modules/chalk": { "version": "4.1.2", "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", @@ -4693,9 +4449,9 @@ } }, "node_modules/cjs-module-lexer": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-2.1.1.tgz", - "integrity": "sha512-+CmxIZ/L2vNcEfvNtLdU0ZQ6mbq3FZnwAP2PPTiKP+1QOoKwlKlPgb8UKV0Dds7QVaMnHm+FwSft2VB0s/SLjQ==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/cjs-module-lexer/-/cjs-module-lexer-2.2.0.tgz", + "integrity": "sha512-4bHTS2YuzUvtoLjdy+98ykbNB5jS0+07EvFNXerqZQJ89F7DI6ET7OQo/HJuW6K0aVsKA9hj9/RVb2kQVOrPDQ==", "dev": true, "license": "MIT" }, @@ -4714,6 +4470,69 @@ "node": ">=12" } }, + "node_modules/cliui/node_modules/ansi-regex": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=8" + } + }, + "node_modules/cliui/node_modules/emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true, + "license": "MIT" + }, + "node_modules/cliui/node_modules/string-width": { + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dev": true, + "license": "MIT", + "dependencies": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/cliui/node_modules/strip-ansi": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dev": true, + "license": "MIT", + "dependencies": { + "ansi-regex": "^5.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/cliui/node_modules/wrap-ansi": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "dev": true, + "license": "MIT", + "dependencies": { + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/wrap-ansi?sponsor=1" + } + }, "node_modules/clone-deep": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/clone-deep/-/clone-deep-4.0.1.tgz", @@ -4795,25 +4614,14 @@ "dev": true, "license": "MIT" }, - "node_modules/core-js": { - "version": "3.46.0", - "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.46.0.tgz", - "integrity": "sha512-vDMm9B0xnqqZ8uSBpZ8sNtRtOdmfShrvT6h2TuQGLs0Is+cR0DYbj/KWP6ALVNbWPpqA/qPLoOuppJN07humpA==", - "hasInstallScript": true, - "license": "MIT", - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/core-js" - } - }, "node_modules/core-js-compat": { - "version": "3.46.0", - "resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.46.0.tgz", - "integrity": "sha512-p9hObIIEENxSV8xIu+V68JjSeARg6UVMG5mR+JEUguG3sI6MsiS1njz2jHmyJDvA+8jX/sytkBHup6kxhM9law==", + "version": "3.47.0", + "resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.47.0.tgz", + "integrity": "sha512-IGfuznZ/n7Kp9+nypamBhvwdwLsW6KC8IOaURw2doAK5e98AG3acVLdh0woOnEqCfUtS+Vu882JE4k/DAm3ItQ==", "dev": true, "license": "MIT", "dependencies": { - "browserslist": "^4.26.3" + "browserslist": "^4.28.0" }, "funding": { "type": "opencollective", @@ -4824,6 +4632,7 @@ "version": "3.2.0", "resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.2.0.tgz", "integrity": "sha512-Q+xVJLoGOeIMXZmbUK4HYk+69cQH6LudR0Vu/pRm2YlU/hDV9CiS0gKUMaWY5f2NeUH9C1nV3bsTlCo0FsTV1Q==", + "dev": true, "license": "MIT", "dependencies": { "node-fetch": "^2.7.0" @@ -4844,12 +4653,6 @@ "node": ">= 8" } }, - "node_modules/crypto-js": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.2.0.tgz", - "integrity": "sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==", - "license": "MIT" - }, "node_modules/cssstyle": { "version": "4.6.0", "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-4.6.0.tgz", @@ -4864,15 +4667,6 @@ "node": ">=18" } }, - "node_modules/data-uri-to-buffer": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-4.0.1.tgz", - "integrity": "sha512-0R9ikRb668HB7QDxT1vkpuUBtqc53YyAwMwGeUFKRojY/NWKvdZ+9UYtRfGmhqNbRkTSVpMbmyhXipFFv2cb/A==", - "license": "MIT", - "engines": { - "node": ">= 12" - } - }, "node_modules/data-urls": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-5.0.0.tgz", @@ -4967,9 +4761,9 @@ "license": "MIT" }, "node_modules/dedent": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.7.0.tgz", - "integrity": "sha512-HGFtf8yhuhGhqO07SV79tRp+br4MnbdjeVxotpn1QBl30pcLLCQjX5b2295ll0fv8RKDKsmWYrl05usHM9CewQ==", + "version": "1.7.1", + "resolved": "https://registry.npmjs.org/dedent/-/dedent-1.7.1.tgz", + "integrity": "sha512-9JmrhGZpOlEgOLdQgSm0zxFaYoQon408V1v49aqTWuXENVlnCuY9JBZcXZiCsZQWDjTm5Qf/nIvAy77mXDAjEg==", "dev": true, "license": "MIT", "peerDependencies": { @@ -5100,16 +4894,16 @@ } }, "node_modules/emoji-regex": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", - "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "version": "9.2.2", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz", + "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==", "dev": true, "license": "MIT" }, "node_modules/enhanced-resolve": { - "version": "5.18.3", - "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.18.3.tgz", - "integrity": "sha512-d4lC8xfavMeBjzGr2vECC3fsGXziXZQyJxD868h2M/mBI3PwAuODxAkLkq5HYuvrPYcUtiLzsTo8U3PgX3Ocww==", + "version": "5.18.4", + "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.18.4.tgz", + "integrity": "sha512-LgQMM4WXU3QI+SYgEc2liRgznaD5ojbmY3sb8LxyguVkIg5FxdpTkvk72te2R38/TGKxH634oLxXRGY6d7AP+Q==", "dev": true, "license": "MIT", "dependencies": { @@ -5134,9 +4928,9 @@ } }, "node_modules/envinfo": { - "version": "7.20.0", - "resolved": "https://registry.npmjs.org/envinfo/-/envinfo-7.20.0.tgz", - "integrity": "sha512-+zUomDcLXsVkQ37vUqWBvQwLaLlj8eZPSi61llaEFAVBY5mhcXdaSw1pSJVl4yTYD5g/gEfpNl28YYk4IPvrrg==", + "version": "7.21.0", + "resolved": "https://registry.npmjs.org/envinfo/-/envinfo-7.21.0.tgz", + "integrity": "sha512-Lw7I8Zp5YKHFCXL7+Dz95g4CcbMEpgvqZNNq3AmlT5XAV6CgAAk6gyAMqn2zjw08K9BHfcNuKrMiCPLByGafow==", "dev": true, "license": "MIT", "bin": { @@ -5157,9 +4951,9 @@ } }, "node_modules/es-abstract": { - "version": "1.24.0", - "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.24.0.tgz", - "integrity": "sha512-WSzPgsdLtTcQwm4CROfS5ju2Wa1QQcVeT37jFjYzdFz1r9ahadC8B8/a4qxJxM+09F18iumCdRmlr96ZYkQvEg==", + "version": "1.24.1", + "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.24.1.tgz", + "integrity": "sha512-zHXBLhP+QehSSbsS9Pt23Gg964240DPd6QCf8WpkqEXxQ7fhdZzYsocOr5u7apWonsS5EjZDmTF+/slGMyasvw==", "dev": true, "license": "MIT", "dependencies": { @@ -5341,7 +5135,6 @@ "integrity": "sha512-LEyamqS7W5HB3ujJyvi0HQK/dtVINZvd5mAAp9eT5S/ujByGjiZLCzPcHVzuXbpJDJF/cxwHlfceVUDZ2lnSTw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@eslint-community/eslint-utils": "^4.8.0", "@eslint-community/regexpp": "^4.12.1", @@ -5602,19 +5395,6 @@ "url": "https://opencollective.com/eslint" } }, - "node_modules/espree/node_modules/acorn": { - "version": "8.15.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz", - "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", - "dev": true, - "license": "MIT", - "bin": { - "acorn": "bin/acorn" - }, - "engines": { - "node": ">=0.4.0" - } - }, "node_modules/esprima": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", @@ -5630,9 +5410,9 @@ } }, "node_modules/esquery": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.6.0.tgz", - "integrity": "sha512-ca9pw9fomFcKPvFLXhBKUK90ZvGibiGOvRJNbjljY7s7uq/5YO4BOzcYtJqExdx99rF6aAcnRxHmcUHcz6sQsg==", + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.7.0.tgz", + "integrity": "sha512-Ap6G0WQwcU/LHsvLwON1fAQX9Zp0A2Y6Y/cJBl9r/JbW90Zyg4/zbG6zzKa2OTALELarYHmKu0GhpM5EO+7T0g==", "dev": true, "license": "BSD-3-Clause", "dependencies": { @@ -5675,19 +5455,11 @@ "node": ">=0.10.0" } }, - "node_modules/event-target-shim": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/event-target-shim/-/event-target-shim-5.0.1.tgz", - "integrity": "sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ==", - "license": "MIT", - "engines": { - "node": ">=6" - } - }, "node_modules/events": { "version": "3.3.0", "resolved": "https://registry.npmjs.org/events/-/events-3.3.0.tgz", "integrity": "sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==", + "dev": true, "license": "MIT", "engines": { "node": ">=0.8.x" @@ -5717,6 +5489,13 @@ "url": "https://github.com/sindresorhus/execa?sponsor=1" } }, + "node_modules/execa/node_modules/signal-exit": { + "version": "3.0.7", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", + "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "dev": true, + "license": "ISC" + }, "node_modules/exit-x": { "version": "0.2.2", "resolved": "https://registry.npmjs.org/exit-x/-/exit-x-0.2.2.tgz", @@ -5803,29 +5582,6 @@ "bser": "2.1.1" } }, - "node_modules/fetch-blob": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/fetch-blob/-/fetch-blob-3.2.0.tgz", - "integrity": "sha512-7yAQpD2UMJzLi1Dqv7qFYnPbaPx7ZfFK6PiIxQ4PfkGPyNyl2Ugx+a/umUonmKqjhM4DnfbMvdX6otXq83soQQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/jimmywarting" - }, - { - "type": "paypal", - "url": "https://paypal.me/jimmywarting" - } - ], - "license": "MIT", - "dependencies": { - "node-domexception": "^1.0.0", - "web-streams-polyfill": "^3.0.3" - }, - "engines": { - "node": "^12.20 || >= 14.13" - } - }, "node_modules/file-entry-cache": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-8.0.0.tgz", @@ -5933,31 +5689,6 @@ "url": "https://github.com/sponsors/isaacs" } }, - "node_modules/foreground-child/node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "dev": true, - "license": "ISC", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, - "node_modules/formdata-polyfill": { - "version": "4.0.10", - "resolved": "https://registry.npmjs.org/formdata-polyfill/-/formdata-polyfill-4.0.10.tgz", - "integrity": "sha512-buewHzMvYL29jdeQTVILecSaZKnt/RJWjoZCF5OW60Z67/GmSLBkOFM7qh1PI3zFNtJbaZL5eQu1vLfazOwj4g==", - "license": "MIT", - "dependencies": { - "fetch-blob": "^3.1.2" - }, - "engines": { - "node": ">=12.20.0" - } - }, "node_modules/fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", @@ -6132,22 +5863,21 @@ } }, "node_modules/glob": { - "version": "7.2.3", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", - "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", - "deprecated": "Glob versions prior to v9 are no longer supported", + "version": "10.5.0", + "resolved": "https://registry.npmjs.org/glob/-/glob-10.5.0.tgz", + "integrity": "sha512-DfXN8DfhJ7NH3Oe7cFmu3NCu1wKbkReJ8TorzSAFbSKrlNaQSKfIzqYqVY8zlbs2NLBbWpRiU52GX2PbaBVNkg==", "dev": true, "license": "ISC", "dependencies": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.1.1", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" + "foreground-child": "^3.1.0", + "jackspeak": "^3.1.2", + "minimatch": "^9.0.4", + "minipass": "^7.1.2", + "package-json-from-dist": "^1.0.0", + "path-scurry": "^1.11.1" }, - "engines": { - "node": "*" + "bin": { + "glob": "dist/esm/bin.mjs" }, "funding": { "url": "https://github.com/sponsors/isaacs" @@ -6173,41 +5903,17 @@ "dev": true, "license": "BSD-2-Clause" }, - "node_modules/glob/node_modules/brace-expansion": { - "version": "1.1.12", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", - "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", + "node_modules/globals": { + "version": "14.0.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-14.0.0.tgz", + "integrity": "sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ==", "dev": true, "license": "MIT", - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/glob/node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", - "dev": true, - "license": "ISC", - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/globals": { - "version": "14.0.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-14.0.0.tgz", - "integrity": "sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=18" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" + "engines": { + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, "node_modules/globalthis": { @@ -6412,26 +6118,6 @@ "node": ">=0.10.0" } }, - "node_modules/ieee754": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", - "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ], - "license": "BSD-3-Clause" - }, "node_modules/ignore": { "version": "5.3.2", "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.2.tgz", @@ -7278,27 +6964,6 @@ } } }, - "node_modules/jest-config/node_modules/glob": { - "version": "10.5.0", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.5.0.tgz", - "integrity": "sha512-DfXN8DfhJ7NH3Oe7cFmu3NCu1wKbkReJ8TorzSAFbSKrlNaQSKfIzqYqVY8zlbs2NLBbWpRiU52GX2PbaBVNkg==", - "dev": true, - "license": "ISC", - "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - }, - "bin": { - "glob": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/jest-diff": { "version": "30.2.0", "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.2.0.tgz", @@ -7621,27 +7286,6 @@ "node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0" } }, - "node_modules/jest-runtime/node_modules/glob": { - "version": "10.5.0", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.5.0.tgz", - "integrity": "sha512-DfXN8DfhJ7NH3Oe7cFmu3NCu1wKbkReJ8TorzSAFbSKrlNaQSKfIzqYqVY8zlbs2NLBbWpRiU52GX2PbaBVNkg==", - "dev": true, - "license": "ISC", - "dependencies": { - "foreground-child": "^3.1.0", - "jackspeak": "^3.1.2", - "minimatch": "^9.0.4", - "minipass": "^7.1.2", - "package-json-from-dist": "^1.0.0", - "path-scurry": "^1.11.1" - }, - "bin": { - "glob": "dist/esm/bin.mjs" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/jest-snapshot": { "version": "30.2.0", "resolved": "https://registry.npmjs.org/jest-snapshot/-/jest-snapshot-30.2.0.tgz", @@ -7804,9 +7448,10 @@ } }, "node_modules/jose": { - "version": "5.10.0", - "resolved": "https://registry.npmjs.org/jose/-/jose-5.10.0.tgz", - "integrity": "sha512-s+3Al/p9g32Iq+oqXxkW//7jk2Vig6FF1CFqzVXoTUXt2qz89YWbL+OwS17NFYEvxC35n0FKeGO2LGYSxeM2Gg==", + "version": "6.1.3", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.1.3.tgz", + "integrity": "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ==", + "dev": true, "license": "MIT", "funding": { "url": "https://github.com/sponsors/panva" @@ -7839,7 +7484,6 @@ "integrity": "sha512-Cvc9WUhxSMEo4McES3P7oK3QaXldCfNWp7pl2NNeiIFlCoLr3kfq9kb1fxftiwk1FLV7CvpvDfonxtzUDeSOPg==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "cssstyle": "^4.2.1", "data-urls": "^5.0.0", @@ -7928,39 +7572,6 @@ "node": ">=6" } }, - "node_modules/jsonld": { - "version": "8.3.3", - "resolved": "https://registry.npmjs.org/jsonld/-/jsonld-8.3.3.tgz", - "integrity": "sha512-9YcilrF+dLfg9NTEof/mJLMtbdX1RJ8dbWtJgE00cMOIohb1lIyJl710vFiTaiHTl6ZYODJuBd32xFvUhmv3kg==", - "license": "BSD-3-Clause", - "dependencies": { - "@digitalbazaar/http-client": "^3.4.1", - "canonicalize": "^1.0.1", - "lru-cache": "^6.0.0", - "rdf-canonize": "^3.4.0" - }, - "engines": { - "node": ">=14" - } - }, - "node_modules/jsonld/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "license": "ISC", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/jsonld/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", - "license": "ISC" - }, "node_modules/keyv": { "version": "4.5.4", "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz", @@ -7981,62 +7592,6 @@ "node": ">=0.10.0" } }, - "node_modules/ky": { - "version": "0.33.3", - "resolved": "https://registry.npmjs.org/ky/-/ky-0.33.3.tgz", - "integrity": "sha512-CasD9OCEQSFIam2U8efFK81Yeg8vNMTBUqtMOHlrcWQHqUX3HeCl9Dr31u4toV7emlH8Mymk5+9p0lL6mKb/Xw==", - "license": "MIT", - "peer": true, - "engines": { - "node": ">=14.16" - }, - "funding": { - "url": "https://github.com/sindresorhus/ky?sponsor=1" - } - }, - "node_modules/ky-universal": { - "version": "0.11.0", - "resolved": "https://registry.npmjs.org/ky-universal/-/ky-universal-0.11.0.tgz", - "integrity": "sha512-65KyweaWvk+uKKkCrfAf+xqN2/epw1IJDtlyCPxYffFCMR8u1sp2U65NtWpnozYfZxQ6IUzIlvUcw+hQ82U2Xw==", - "license": "MIT", - "dependencies": { - "abort-controller": "^3.0.0", - "node-fetch": "^3.2.10" - }, - "engines": { - "node": ">=14.16" - }, - "funding": { - "url": "https://github.com/sindresorhus/ky-universal?sponsor=1" - }, - "peerDependencies": { - "ky": ">=0.31.4", - "web-streams-polyfill": ">=3.2.1" - }, - "peerDependenciesMeta": { - "web-streams-polyfill": { - "optional": true - } - } - }, - "node_modules/ky-universal/node_modules/node-fetch": { - "version": "3.3.2", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-3.3.2.tgz", - "integrity": "sha512-dRB78srN/l6gqWulah9SrxeYnxeddIG30+GOqK/9OlLVyLg3HPnr6SqOWTWOXKRwC2eGYCkZ59NNuSgvSrpgOA==", - "license": "MIT", - "dependencies": { - "data-uri-to-buffer": "^4.0.0", - "fetch-blob": "^3.1.4", - "formdata-polyfill": "^4.0.10" - }, - "engines": { - "node": "^12.20.0 || ^14.13.1 || >=16.0.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/node-fetch" - } - }, "node_modules/leven": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/leven/-/leven-3.1.0.tgz", @@ -8268,19 +7823,6 @@ "dev": true, "license": "MIT" }, - "node_modules/n3": { - "version": "1.26.0", - "resolved": "https://registry.npmjs.org/n3/-/n3-1.26.0.tgz", - "integrity": "sha512-SQknS0ua90rN+3RHuk8BeIqeYyqIH/+ecViZxX08jR4j6MugqWRjtONl3uANG/crWXnOM2WIqBJtjIhVYFha+w==", - "license": "MIT", - "dependencies": { - "buffer": "^6.0.3", - "readable-stream": "^4.0.0" - }, - "engines": { - "node": ">=12.0" - } - }, "node_modules/napi-postinstall": { "version": "0.3.4", "resolved": "https://registry.npmjs.org/napi-postinstall/-/napi-postinstall-0.3.4.tgz", @@ -8311,30 +7853,11 @@ "dev": true, "license": "MIT" }, - "node_modules/node-domexception": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/node-domexception/-/node-domexception-1.0.0.tgz", - "integrity": "sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==", - "deprecated": "Use your platform's native DOMException instead", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/jimmywarting" - }, - { - "type": "github", - "url": "https://paypal.me/jimmywarting" - } - ], - "license": "MIT", - "engines": { - "node": ">=10.5.0" - } - }, "node_modules/node-fetch": { "version": "2.7.0", "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz", "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==", + "dev": true, "license": "MIT", "dependencies": { "whatwg-url": "^5.0.0" @@ -8355,18 +7878,21 @@ "version": "0.0.3", "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz", "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==", + "dev": true, "license": "MIT" }, "node_modules/node-fetch/node_modules/webidl-conversions": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ==", + "dev": true, "license": "BSD-2-Clause" }, "node_modules/node-fetch/node_modules/whatwg-url": { "version": "5.0.0", "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz", "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==", + "dev": true, "license": "MIT", "dependencies": { "tr46": "~0.0.3", @@ -8411,9 +7937,9 @@ } }, "node_modules/nwsapi": { - "version": "2.2.22", - "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.22.tgz", - "integrity": "sha512-ujSMe1OWVn55euT1ihwCI1ZcAaAU3nxUiDwfDQldc51ZXaB9m2AyOn6/jh1BLe2t/G8xd6uKG1UBF2aZJeg2SQ==", + "version": "2.2.23", + "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.23.tgz", + "integrity": "sha512-7wfH4sLbt4M0gCDzGE6vzQBo0bfTKjU7Sfpqy/7gs1qBfYz2vEJH6vXcBKpO3+6Yu1telwd0t9HpyOoLEQQbIQ==", "dev": true, "license": "MIT" }, @@ -8878,15 +8404,6 @@ "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/process": { - "version": "0.11.10", - "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz", - "integrity": "sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A==", - "license": "MIT", - "engines": { - "node": ">= 0.6.0" - } - }, "node_modules/promise-polyfill": { "version": "8.3.0", "resolved": "https://registry.npmjs.org/promise-polyfill/-/promise-polyfill-8.3.0.tgz", @@ -8925,38 +8442,37 @@ "version": "2.1.0", "resolved": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz", "integrity": "sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==", + "dev": true, "license": "MIT", "dependencies": { "safe-buffer": "^5.1.0" } }, - "node_modules/rdf-canonize": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/rdf-canonize/-/rdf-canonize-3.4.0.tgz", - "integrity": "sha512-fUeWjrkOO0t1rg7B2fdyDTvngj+9RlUyL92vOdiB7c0FPguWVsniIMjEtHH+meLBO9rzkUlUzBVXgWrjI8P9LA==", - "license": "BSD-3-Clause", - "dependencies": { - "setimmediate": "^1.0.5" - }, - "engines": { - "node": ">=12" - } - }, "node_modules/rdflib": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/rdflib/-/rdflib-2.3.0.tgz", - "integrity": "sha512-Md241rzw8XgGZYfHaQi5SunvaxOVUgjCVTcY4DHZpAkrNPrk93DGoexo6RgulymiR1DkCHRi8C8+Ab+0QmpcYg==", + "version": "2.3.5", + "resolved": "git+ssh://git@github.com/JavaScriptSolidServer/rdflib.js.git#e7d16daf268d044736ba3233757ddaca0d43620d", + "dev": true, "license": "MIT", - "peer": true, "dependencies": { - "@babel/runtime": "^7.26.9", - "@frogcat/ttl2jsonld": "^0.0.10", + "@babel/runtime": "^7.28.4", "@rdfjs/types": "^2.0.1", - "@xmldom/xmldom": "^0.8.10", - "cross-fetch": "^3.2.0", - "jsonld": "^8.3.3", - "n3": "^1.23.1", "solid-namespace": "^0.5.4" + }, + "peerDependencies": { + "@frogcat/ttl2jsonld": "^0.0.10", + "@xmldom/xmldom": "^0.8.11", + "jsonld": "^9.0.0" + }, + "peerDependenciesMeta": { + "@frogcat/ttl2jsonld": { + "optional": true + }, + "@xmldom/xmldom": { + "optional": true + }, + "jsonld": { + "optional": true + } } }, "node_modules/react-is": { @@ -8966,22 +8482,6 @@ "dev": true, "license": "MIT" }, - "node_modules/readable-stream": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-4.7.0.tgz", - "integrity": "sha512-oIGGmcpTLwPga8Bn6/Z75SVaH1z5dUut2ibSyAMVhmUggWpmDn2dapB0n7f8nwaSiRtepAsfJyfXIO5DCVAODg==", - "license": "MIT", - "dependencies": { - "abort-controller": "^3.0.0", - "buffer": "^6.0.3", - "events": "^3.3.0", - "process": "^0.11.10", - "string_decoder": "^1.3.0" - }, - "engines": { - "node": "^12.22.0 || ^14.17.0 || >=16.0.0" - } - }, "node_modules/rechoir": { "version": "0.8.0", "resolved": "https://registry.npmjs.org/rechoir/-/rechoir-0.8.0.tgz", @@ -9192,6 +8692,7 @@ "version": "5.2.1", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", + "dev": true, "funding": [ { "type": "github", @@ -9289,7 +8790,6 @@ "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "fast-deep-equal": "^3.1.3", "fast-uri": "^3.0.1", @@ -9332,9 +8832,10 @@ } }, "node_modules/serialize-javascript": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-4.0.0.tgz", - "integrity": "sha512-GaNA54380uFefWghODBWEGisLZFj00nS5ACs6yHa9nLqlLpVLO8ChDGeKRjZnV4Nh4n0Qi7nhYZD/9fCPzEqkw==", + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.2.tgz", + "integrity": "sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g==", + "dev": true, "license": "BSD-3-Clause", "dependencies": { "randombytes": "^2.1.0" @@ -9389,12 +8890,6 @@ "node": ">= 0.4" } }, - "node_modules/setimmediate": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/setimmediate/-/setimmediate-1.0.5.tgz", - "integrity": "sha512-MATJdZp8sLqDl/68LfQmbP8zKPLQNV6BIZoIgrscFDQ+RsvK/BxeDQOgyxKKoh0y/8h3BqVFnCqQ/gd+reiIXA==", - "license": "MIT" - }, "node_modules/shallow-clone": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/shallow-clone/-/shallow-clone-3.0.1.tgz", @@ -9508,11 +9003,17 @@ } }, "node_modules/signal-exit": { - "version": "3.0.7", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", - "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==", + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", + "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", "dev": true, - "license": "ISC" + "license": "ISC", + "engines": { + "node": ">=14" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } }, "node_modules/slash": { "version": "3.0.0", @@ -9530,6 +9031,26 @@ "integrity": "sha512-oPAv8xIg2MOLz069JRdvsSbYCpQN+umPJJ9LBFPzCrYuSw+dW4TMUOTDxTWS5xy+B3XN4+Fx3iIS5Jm8abm4Mg==", "license": "MIT" }, + "node_modules/solid-oidc": { + "version": "0.0.4", + "resolved": "git+ssh://git@github.com/JavaScriptSolidServer/solid-oidc.git#fe7d838f37255ed02f6bb2ac6bece6ee941d19b0", + "license": "MIT", + "dependencies": { + "jose": "^5.9.6" + }, + "engines": { + "node": ">=14" + } + }, + "node_modules/solid-oidc/node_modules/jose": { + "version": "5.10.0", + "resolved": "https://registry.npmjs.org/jose/-/jose-5.10.0.tgz", + "integrity": "sha512-s+3Al/p9g32Iq+oqXxkW//7jk2Vig6FF1CFqzVXoTUXt2qz89YWbL+OwS17NFYEvxC35n0FKeGO2LGYSxeM2Gg==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/panva" + } + }, "node_modules/source-map": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", @@ -9595,15 +9116,6 @@ "node": ">= 0.4" } }, - "node_modules/string_decoder": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", - "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", - "license": "MIT", - "dependencies": { - "safe-buffer": "~5.2.0" - } - }, "node_modules/string-length": { "version": "4.0.2", "resolved": "https://registry.npmjs.org/string-length/-/string-length-4.0.2.tgz", @@ -9618,39 +9130,95 @@ "node": ">=10" } }, - "node_modules/string-width": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "node_modules/string-length/node_modules/ansi-regex": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", "dev": true, "license": "MIT", - "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" - }, "engines": { "node": ">=8" } }, - "node_modules/string-width-cjs": { - "name": "string-width", - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", - "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "node_modules/string-length/node_modules/strip-ansi": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", "dev": true, "license": "MIT", "dependencies": { - "emoji-regex": "^8.0.0", - "is-fullwidth-code-point": "^3.0.0", - "strip-ansi": "^6.0.1" + "ansi-regex": "^5.0.1" }, "engines": { "node": ">=8" } }, - "node_modules/string.prototype.trim": { - "version": "1.2.10", + "node_modules/string-width": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz", + "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==", + "dev": true, + "license": "MIT", + "dependencies": { + "eastasianwidth": "^0.2.0", + "emoji-regex": "^9.2.2", + "strip-ansi": "^7.0.1" + }, + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/string-width-cjs": { + "name": "string-width", + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dev": true, + "license": "MIT", + "dependencies": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/string-width-cjs/node_modules/ansi-regex": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=8" + } + }, + "node_modules/string-width-cjs/node_modules/emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true, + "license": "MIT" + }, + "node_modules/string-width-cjs/node_modules/strip-ansi": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dev": true, + "license": "MIT", + "dependencies": { + "ansi-regex": "^5.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/string.prototype.trim": { + "version": "1.2.10", "resolved": "https://registry.npmjs.org/string.prototype.trim/-/string.prototype.trim-1.2.10.tgz", "integrity": "sha512-Rs66F0P/1kedk5lyYyH9uBzuiI/kNRmwJAR9quK6VOtIpZ2G+hMZd+HQbbv25MgCA6gEffoMZYxlTod4WcdrKA==", "dev": true, @@ -9709,16 +9277,19 @@ } }, "node_modules/strip-ansi": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", - "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "version": "7.1.2", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.2.tgz", + "integrity": "sha512-gmBGslpoQJtgnMAvOVqGZpEz9dyoKTCzy2nfz/n8aIFhN/jCE/rCmcxabB6jOOHV+0WNnylOxaxBQPSvcWklhA==", "dev": true, "license": "MIT", "dependencies": { - "ansi-regex": "^5.0.1" + "ansi-regex": "^6.0.1" }, "engines": { - "node": ">=8" + "node": ">=12" + }, + "funding": { + "url": "https://github.com/chalk/strip-ansi?sponsor=1" } }, "node_modules/strip-ansi-cjs": { @@ -9735,6 +9306,16 @@ "node": ">=8" } }, + "node_modules/strip-ansi-cjs/node_modules/ansi-regex": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=8" + } + }, "node_modules/strip-bom": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-4.0.0.tgz", @@ -9802,9 +9383,9 @@ "license": "MIT" }, "node_modules/synckit": { - "version": "0.11.11", - "resolved": "https://registry.npmjs.org/synckit/-/synckit-0.11.11.tgz", - "integrity": "sha512-MeQTA1r0litLUf0Rp/iisCaL8761lKAZHaimlbGK4j0HysC4PLfqygQj9srcs0m2RdtDYnF8UuYyKpbjHYp7Jw==", + "version": "0.11.12", + "resolved": "https://registry.npmjs.org/synckit/-/synckit-0.11.12.tgz", + "integrity": "sha512-Bh7QjT8/SuKUIfObSXNHNSK6WHo6J1tHCqJsuaFDP7gP0fkzSfTxI8y85JrppZ0h8l0maIgc2tfuZQ6/t3GtnQ==", "dev": true, "license": "MIT", "dependencies": { @@ -9832,9 +9413,9 @@ } }, "node_modules/terser": { - "version": "5.44.1", - "resolved": "https://registry.npmjs.org/terser/-/terser-5.44.1.tgz", - "integrity": "sha512-t/R3R/n0MSwnnazuPpPNVO60LX0SKL45pyl9YlvxIdkH0Of7D5qM2EVe+yASRIlY5pZ73nclYJfNANGWPwFDZw==", + "version": "5.46.0", + "resolved": "https://registry.npmjs.org/terser/-/terser-5.46.0.tgz", + "integrity": "sha512-jTwoImyr/QbOWFFso3YoU3ik0jBBDJ6JTOQiy/J2YxVJdZCc+5u7skhNwiOR3FQIygFqVUPHl7qbbxtjW2K3Qg==", "dev": true, "license": "BSD-2-Clause", "dependencies": { @@ -9900,16 +9481,6 @@ "node": ">= 10.13.0" } }, - "node_modules/terser-webpack-plugin/node_modules/serialize-javascript": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.2.tgz", - "integrity": "sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g==", - "dev": true, - "license": "BSD-3-Clause", - "dependencies": { - "randombytes": "^2.1.0" - } - }, "node_modules/terser-webpack-plugin/node_modules/supports-color": { "version": "8.1.1", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", @@ -9926,19 +9497,6 @@ "url": "https://github.com/chalk/supports-color?sponsor=1" } }, - "node_modules/terser/node_modules/acorn": { - "version": "8.15.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz", - "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", - "dev": true, - "license": "MIT", - "bin": { - "acorn": "bin/acorn" - }, - "engines": { - "node": ">=0.4.0" - } - }, "node_modules/terser/node_modules/source-map-support": { "version": "0.5.21", "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.21.tgz", @@ -9976,6 +9534,28 @@ "concat-map": "0.0.1" } }, + "node_modules/test-exclude/node_modules/glob": { + "version": "7.2.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz", + "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==", + "deprecated": "Glob versions prior to v9 are no longer supported", + "dev": true, + "license": "ISC", + "dependencies": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.1.1", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + }, + "engines": { + "node": "*" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" + } + }, "node_modules/test-exclude/node_modules/minimatch": { "version": "3.1.2", "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", @@ -10030,7 +9610,6 @@ "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==", "dev": true, "license": "MIT", - "peer": true, "engines": { "node": ">=12" }, @@ -10105,9 +9684,9 @@ } }, "node_modules/ts-api-utils": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.3.0.tgz", - "integrity": "sha512-6eg3Y9SF7SsAvGzRHQvvc1skDAhwI4YQ32ui1scxD1Ccr0G5qIIbUBT3pFTKX8kmWIQClHobtUdNuaBgwdfdWg==", + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/ts-api-utils/-/ts-api-utils-2.4.0.tgz", + "integrity": "sha512-3TaVTaAv2gTiMB35i3FiGJaRfwb3Pyn/j3m/bfAvGe8FB7CF6u+LMYqYlDh7reQf7UNvoTvdfAqHGmPGOSsPmA==", "dev": true, "license": "MIT", "engines": { @@ -10324,7 +9903,6 @@ "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==", "dev": true, "license": "Apache-2.0", - "peer": true, "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" @@ -10352,22 +9930,11 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/undici": { - "version": "5.29.0", - "resolved": "https://registry.npmjs.org/undici/-/undici-5.29.0.tgz", - "integrity": "sha512-raqeBD6NQK4SkWhQzeYKd1KmIG6dllBOTt55Rmkt4HtI9mwdWtJljnrXjAFUBLTSN67HWrOIZ3EPF4kjUw80Bg==", - "license": "MIT", - "dependencies": { - "@fastify/busboy": "^2.0.0" - }, - "engines": { - "node": ">=14.0" - } - }, "node_modules/undici-types": { "version": "7.16.0", "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.16.0.tgz", "integrity": "sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw==", + "dev": true, "license": "MIT" }, "node_modules/unicode-canonical-property-names-ecmascript": { @@ -10490,19 +10057,6 @@ "punycode": "^2.1.0" } }, - "node_modules/uuid": { - "version": "11.1.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-11.1.0.tgz", - "integrity": "sha512-0/A9rDy9P7cJ+8w1c9WD9V//9Wj15Ce2MPz8Ri6032usz+NfePxx5AcN3bN+r6ZL6jEo066/yNYB3tn4pQEx+A==", - "funding": [ - "https://github.com/sponsors/broofa", - "https://github.com/sponsors/ctavan" - ], - "license": "MIT", - "bin": { - "uuid": "dist/esm/bin/uuid" - } - }, "node_modules/v8-to-istanbul": { "version": "9.3.0", "resolved": "https://registry.npmjs.org/v8-to-istanbul/-/v8-to-istanbul-9.3.0.tgz", @@ -10542,9 +10096,9 @@ } }, "node_modules/watchpack": { - "version": "2.4.4", - "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.4.tgz", - "integrity": "sha512-c5EGNOiyxxV5qmTtAB7rbiXxi1ooX1pQKMLX/MIabJjRA0SJBQOjKF+KSVfHkr9U1cADPon0mRiVe/riyaiDUA==", + "version": "2.5.1", + "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.5.1.tgz", + "integrity": "sha512-Zn5uXdcFNIA1+1Ei5McRd+iRzfhENPCe7LeABkJtNulSxjma+l7ltNx55BWZkRlwRnpOgHqxnjyaDgJnNXnqzg==", "dev": true, "license": "MIT", "dependencies": { @@ -10555,15 +10109,6 @@ "node": ">=10.13.0" } }, - "node_modules/web-streams-polyfill": { - "version": "3.3.3", - "resolved": "https://registry.npmjs.org/web-streams-polyfill/-/web-streams-polyfill-3.3.3.tgz", - "integrity": "sha512-d2JWLCivmZYTSIoge9MsgFCZrt571BikcWGYkjC1khllbTeDlGqZ2D8vD8E/lJa8WGWbb7Plm8/XJYV7IJHZZw==", - "license": "MIT", - "engines": { - "node": ">= 8" - } - }, "node_modules/webidl-conversions": { "version": "7.0.0", "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-7.0.0.tgz", @@ -10580,7 +10125,6 @@ "integrity": "sha512-Qphch25abbMNtekmEGJmeRUhLDbe+QfiWTiqpKYkpCOWY64v9eyl+KRRLmqOFA2AvKPpc9DC6+u2n76tQLBoaA==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@types/eslint-scope": "^3.7.7", "@types/estree": "^1.0.8", @@ -10630,7 +10174,6 @@ "integrity": "sha512-MfwFQ6SfwinsUVi0rNJm7rHZ31GyTcpVE5pgVA3hwFRb7COD4TzjUUwhGWKfO50+xdc2MQPuEBBJoqIMGt3JDw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@discoveryjs/json-ext": "^0.6.1", "@webpack-cli/configtest": "^3.0.1", @@ -10703,33 +10246,6 @@ "node": ">=10.13.0" } }, - "node_modules/webpack/node_modules/acorn": { - "version": "8.15.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz", - "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", - "dev": true, - "license": "MIT", - "peer": true, - "bin": { - "acorn": "bin/acorn" - }, - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/webpack/node_modules/acorn-import-phases": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/acorn-import-phases/-/acorn-import-phases-1.0.4.tgz", - "integrity": "sha512-wKmbr/DDiIXzEOiWrTTUcDm24kQ2vGfZQvM2fwg2vXqR5uW6aapr7ObPtj1th32b9u90/Pf4AItvdTh42fBmVQ==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=10.13.0" - }, - "peerDependencies": { - "acorn": "^8.14.0" - } - }, "node_modules/webpack/node_modules/eslint-scope": { "version": "5.1.1", "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz", @@ -10758,6 +10274,7 @@ "version": "3.1.1", "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-3.1.1.tgz", "integrity": "sha512-6qN4hJdMwfYBtE3YBTTHhoeuUrDBPZmbQaxWAqSALV/MeEnR5z1xd8UKud2RAkFoPkmB+hli1TZSnyi84xz1vQ==", + "deprecated": "Use @exodus/bytes instead for a more spec-conformant and faster implementation", "dev": true, "license": "MIT", "dependencies": { @@ -10875,9 +10392,9 @@ } }, "node_modules/which-typed-array": { - "version": "1.1.19", - "resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.19.tgz", - "integrity": "sha512-rEvr90Bck4WZt9HHFC4DJMsjvu7x+r6bImz0/BrbWb7A2djJ8hnZMrWnHo9F8ssv0OMErasDhftrfROTyqSDrw==", + "version": "1.1.20", + "resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.20.tgz", + "integrity": "sha512-LYfpUkmqwl0h9A2HL09Mms427Q1RZWuOHsukfVcKRq9q95iQxdw0ix1JQrqbcDR9PH1QDwf5Qo8OZb5lksZ8Xg==", "dev": true, "license": "MIT", "dependencies": { @@ -10914,18 +10431,18 @@ } }, "node_modules/wrap-ansi": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", - "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz", + "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==", "dev": true, "license": "MIT", "dependencies": { - "ansi-styles": "^4.0.0", - "string-width": "^4.1.0", - "strip-ansi": "^6.0.0" + "ansi-styles": "^6.1.0", + "string-width": "^5.0.1", + "strip-ansi": "^7.0.1" }, "engines": { - "node": ">=10" + "node": ">=12" }, "funding": { "url": "https://github.com/chalk/wrap-ansi?sponsor=1" @@ -10950,6 +10467,64 @@ "url": "https://github.com/chalk/wrap-ansi?sponsor=1" } }, + "node_modules/wrap-ansi-cjs/node_modules/ansi-regex": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=8" + } + }, + "node_modules/wrap-ansi-cjs/node_modules/emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true, + "license": "MIT" + }, + "node_modules/wrap-ansi-cjs/node_modules/string-width": { + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dev": true, + "license": "MIT", + "dependencies": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/wrap-ansi-cjs/node_modules/strip-ansi": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dev": true, + "license": "MIT", + "dependencies": { + "ansi-regex": "^5.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/wrap-ansi/node_modules/ansi-styles": { + "version": "6.2.3", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.3.tgz", + "integrity": "sha512-4Dj6M28JB+oAH8kFkTLUo+a2jwOFkuqb3yucU0CANcRRUbxS0cP0nZYCGjcc3BNXwRIsUVmDGgzawme7zvJHvg==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=12" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" + } + }, "node_modules/wrappy": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", @@ -10971,23 +10546,10 @@ "node": "^14.17.0 || ^16.13.0 || >=18.0.0" } }, - "node_modules/write-file-atomic/node_modules/signal-exit": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.1.0.tgz", - "integrity": "sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==", - "dev": true, - "license": "ISC", - "engines": { - "node": ">=14" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/ws": { - "version": "8.18.3", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz", - "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==", + "version": "8.19.0", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.19.0.tgz", + "integrity": "sha512-blAT2mjOEIi0ZzruJfIhb3nps74PRWTCz1IjglWEEpQl5XS/UNama6u2/rjFkDDouqr4L67ry+1aGIALViWjDg==", "dev": true, "license": "MIT", "engines": { @@ -11069,6 +10631,51 @@ "node": ">=12" } }, + "node_modules/yargs/node_modules/ansi-regex": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz", + "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=8" + } + }, + "node_modules/yargs/node_modules/emoji-regex": { + "version": "8.0.0", + "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", + "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==", + "dev": true, + "license": "MIT" + }, + "node_modules/yargs/node_modules/string-width": { + "version": "4.2.3", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz", + "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==", + "dev": true, + "license": "MIT", + "dependencies": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/yargs/node_modules/strip-ansi": { + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz", + "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==", + "dev": true, + "license": "MIT", + "dependencies": { + "ansi-regex": "^5.0.1" + }, + "engines": { + "node": ">=8" + } + }, "node_modules/yocto-queue": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz", diff --git a/package.json b/package.json index ba3bbe3..82c1377 100644 --- a/package.json +++ b/package.json @@ -1,16 +1,16 @@ { - "name": "solid-logic", - "version": "4.0.1", - "description": "Core business logic of SolidOS", + "name": "solid-logic-jss", + "version": "4.1.1", + "description": "Core Solid logic with minimal solid-oidc authentication (JSS variant)", "type": "module", - "main": "dist/solid-logic.js", + "main": "dist/solid-logic.esm.js", "module": "dist/solid-logic.esm.js", "types": "dist/index.d.ts", "exports": { ".": { + "types": "./dist/index.d.ts", "import": "./dist/solid-logic.esm.js", - "require": "./dist/solid-logic.js", - "types": "./dist/index.d.ts" + "default": "./dist/solid-logic.esm.js" } }, "sideEffects": false, @@ -21,7 +21,7 @@ ], "scripts": { "clean": "rm -rf dist src/versionInfo.ts", - "build": "npm run clean && npm run typecheck && npm run build-version && npm run build-js && npm run build-dist && npm run postbuild-js", + "build": "npm run clean && npm run build-version && npm run build-js && npm run build-dist && npm run postbuild-js", "build-version": "./timestamp.sh > src/versionInfo.ts && eslint 'src/versionInfo.ts' --fix", "build-js": "tsc", "build-dist": "webpack --progress", @@ -39,14 +39,14 @@ }, "repository": { "type": "git", - "url": "git+https://github.com/solidos/solid-logic.git" + "url": "git+https://github.com/JavaScriptSolidServer/solid-logic-jss.git" }, "author": "", "license": "MIT", "bugs": { - "url": "https://github.com/solidos/solid-logic/issues" + "url": "https://github.com/JavaScriptSolidServer/solid-logic-jss/issues" }, - "homepage": "https://github.com/solidos/solid-logic#readme", + "homepage": "https://github.com/JavaScriptSolidServer/solid-logic-jss#readme", "devDependencies": { "@babel/core": "^7.28.4", "@babel/preset-env": "^7.28.3", @@ -61,6 +61,8 @@ "jest": "^30.2.0", "jest-environment-jsdom": "^30.0.2", "jest-fetch-mock": "^3.0.3", + "jose": "^6.1.3", + "rdflib": "github:JavaScriptSolidServer/rdflib.js", "terser-webpack-plugin": "^5.3.14", "ts-loader": "^9.5.4", "tslib": "^2.8.1", @@ -69,10 +71,10 @@ "webpack-cli": "^6.0.1" }, "dependencies": { - "@inrupt/solid-client-authn-browser": "^3.1.0", - "solid-namespace": "^0.5.4" + "solid-namespace": "^0.5.4", + "solid-oidc": "github:JavaScriptSolidServer/solid-oidc" }, "peerDependencies": { - "rdflib": "^2.3.0" + "rdflib": "github:JavaScriptSolidServer/rdflib.js" } } diff --git a/src/authSession/authSession.ts b/src/authSession/authSession.ts index a125a97..e66cd14 100644 --- a/src/authSession/authSession.ts +++ b/src/authSession/authSession.ts @@ -1,7 +1,3 @@ -import { - Session, -} from '@inrupt/solid-client-authn-browser' +import { Session } from './solidOidcAdapter' export const authSession = new Session() - - \ No newline at end of file diff --git a/src/authSession/solidOidcAdapter.ts b/src/authSession/solidOidcAdapter.ts new file mode 100644 index 0000000..3d382cc --- /dev/null +++ b/src/authSession/solidOidcAdapter.ts @@ -0,0 +1,184 @@ +/** + * Adapter to make solid-oidc compatible with @inrupt/solid-client-authn-browser API + * + * This provides a drop-in replacement for the Inrupt Session class using the minimal + * solid-oidc library from JavaScriptSolidServer. + * + * @see https://github.com/JavaScriptSolidServer/solid-oidc + */ + +import { + Session as SolidOidcSession, + SessionDatabase +} from 'solid-oidc' + +/** + * Event names compatible with @inrupt/solid-client-authn-browser + */ +export const EVENTS = { + SESSION_RESTORED: 'sessionRestore', + LOGIN: 'login', + LOGOUT: 'logout', + SESSION_EXPIRED: 'sessionExpired', + ERROR: 'error' +} as const + +/** + * Callback type for event listeners + */ +type EventCallback = (...args: any[]) => void + +/** + * Simple event emitter for compatibility with Inrupt's session.events API + */ +class EventEmitter { + private listeners: Map> = new Map() + + on(event: string, callback: EventCallback): void { + if (!this.listeners.has(event)) { + this.listeners.set(event, new Set()) + } + this.listeners.get(event)!.add(callback) + } + + off(event: string, callback: EventCallback): void { + this.listeners.get(event)?.delete(callback) + } + + emit(event: string, ...args: unknown[]): void { + this.listeners.get(event)?.forEach(cb => cb(...args)) + } +} + +/** + * Session info interface compatible with Inrupt + */ +export interface SessionInfo { + isLoggedIn: boolean + webId?: string + sessionId?: string + expirationDate?: number +} + +/** + * Options for handleIncomingRedirect + */ +export interface HandleRedirectOptions { + restorePreviousSession?: boolean + url?: string +} + +/** + * Options for login + */ +export interface LoginOptions { + oidcIssuer: string + redirectUrl: string + clientId?: string + clientName?: string + tokenType?: string +} + +/** + * Session class that wraps solid-oidc to provide @inrupt/solid-client-authn-browser compatible API + */ +export class Session { + private _session: SolidOidcSession + private _events: EventEmitter + private _sessionId: string + + constructor(options?: { clientId?: string }) { + this._session = new SolidOidcSession({ + clientId: options?.clientId, + database: new SessionDatabase(), + onStateChange: (event) => { + const detail = (event as CustomEvent).detail + if (detail?.isActive) { + this._events.emit(EVENTS.LOGIN) + this._events.emit(EVENTS.SESSION_RESTORED, window.location.href) + } else { + this._events.emit(EVENTS.LOGOUT) + } + }, + onExpiration: () => { + this._events.emit(EVENTS.SESSION_EXPIRED) + } + }) + this._events = new EventEmitter() + this._sessionId = crypto.randomUUID() + } + + /** + * Event emitter for session events + */ + get events(): EventEmitter { + return this._events + } + + /** + * Session information + */ + get info(): SessionInfo { + return { + isLoggedIn: this._session.isActive, + webId: this._session.webId ?? undefined, + sessionId: this._sessionId, + expirationDate: this._session.isActive + ? Date.now() + (this._session.getExpiresIn() * 1000) + : undefined + } + } + + /** + * Handle incoming redirect from identity provider + */ + async handleIncomingRedirect(options?: HandleRedirectOptions | string): Promise { + // Handle string URL (legacy API) + const opts: HandleRedirectOptions = typeof options === 'string' + ? { url: options } + : options ?? {} + + try { + // First handle any redirect from login + await this._session.handleRedirectFromLogin() + + // If not logged in and restorePreviousSession is true, try to restore + if (!this._session.isActive && opts.restorePreviousSession !== false) { + try { + await this._session.restore() + } catch { + // No session to restore, that's okay + } + } + + return this.info + } catch (error) { + this._events.emit(EVENTS.ERROR, error) + return undefined + } + } + + /** + * Initiate login flow + */ + async login(options: LoginOptions): Promise { + const redirectUrl = options.redirectUrl || window.location.href + await this._session.login(options.oidcIssuer, redirectUrl) + } + + /** + * Log out and clear session + */ + async logout(): Promise { + await this._session.logout() + } + + /** + * Make authenticated fetch request + */ + async fetch(url: RequestInfo | URL, init?: RequestInit): Promise { + return this._session.authFetch(url as string, init) + } +} + +export default Session diff --git a/src/authn/SolidAuthnLogic.ts b/src/authn/SolidAuthnLogic.ts index 6d49a8e..c3f4a67 100644 --- a/src/authn/SolidAuthnLogic.ts +++ b/src/authn/SolidAuthnLogic.ts @@ -1,7 +1,7 @@ import { namedNode, NamedNode, sym } from 'rdflib' import { appContext, offlineTestID } from './authUtil' import * as debug from '../util/debug' -import { EVENTS, Session } from '@inrupt/solid-client-authn-browser' +import { EVENTS, Session } from '../authSession/solidOidcAdapter' import { AuthenticationContext, AuthnLogic } from '../types' export class SolidAuthnLogic implements AuthnLogic { @@ -42,7 +42,7 @@ export class SolidAuthnLogic implements AuthnLogic { } this.session.events.on(EVENTS.SESSION_RESTORED, (url) => { debug.log(`Session restored to ${url}`) - if (document.location.toString() !== url) history.replaceState(null, '', url) + if (document.location.toString() !== url) history.replaceState(null, '', url as string) }) /** diff --git a/src/logic/solidLogic.ts b/src/logic/solidLogic.ts index 9c62391..4a83b52 100644 --- a/src/logic/solidLogic.ts +++ b/src/logic/solidLogic.ts @@ -1,4 +1,4 @@ -import { Session } from '@inrupt/solid-client-authn-browser' +import { Session } from '../authSession/solidOidcAdapter' import * as rdf from 'rdflib' import { LiveStore, NamedNode, Statement } from 'rdflib' import { createAclLogic } from '../acl/aclLogic' diff --git a/src/types.ts b/src/types.ts index 0d145cd..4236dc2 100644 --- a/src/types.ts +++ b/src/types.ts @@ -1,4 +1,4 @@ -import { Session } from '@inrupt/solid-client-authn-browser' +import { Session } from './authSession/solidOidcAdapter' import { LiveStore, NamedNode, Statement } from 'rdflib' export type AppDetails = { diff --git a/test/chatLogic.test.ts b/test/chatLogic.test.ts index 9a7281a..3024a5b 100644 --- a/test/chatLogic.test.ts +++ b/test/chatLogic.test.ts @@ -97,11 +97,11 @@ describe('Chat logic', () => { @prefix dc: . @prefix meeting: . @prefix xsd: . -@prefix c: . +@prefix card: . :this a meeting:LongChat; - dc:author c:me; + dc:author card:me; dc:created "2021-02-06T10:11:12Z"^^xsd:dateTime; dc:title "Chat channel". `) diff --git a/tsconfig.json b/tsconfig.json index c1a42ce..919eeab 100644 --- a/tsconfig.json +++ b/tsconfig.json @@ -55,7 +55,8 @@ "node_modules/@types" ] /* List of folders to include type definitions from. */, // "allowSyntheticDefaultImports": true, /* Allow default imports from modules with no default export. This does not affect code emit, just typechecking. */ - "esModuleInterop": true /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */ + "esModuleInterop": true /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */, + "skipLibCheck": true /* Skip type checking of declaration files. */ // "preserveSymlinks": true, /* Do not resolve the real path of symlinks. */ /* Source Map Options */