{"version":3,"file":"config.aec50d67.js","sources":["../../vite/modulepreload-polyfill","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectErrorList.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectError.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectEventList.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectAuthorizationUri.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/isScopeListed.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/normalizeUrl.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectServerResponse.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectRedirectUri.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectConfiguration.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectStorage.js","../../../node_modules/.pnpm/events@3.0.0/node_modules/events/events.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/isSameOrigin.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/isObject.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectOpenIDUserInfo.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectCore.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectHash.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectIdTokenClaims.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectNoop.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectOpenIDMetadata.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/setupSGWTConnect.js","../../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/index.js","../../../app/libs/@sgmo/shared/dist/main.es.js","../../src/config/config.ts"],"sourcesContent":["const p = function polyfill() {\n const relList = document.createElement('link').relList;\n if (relList && relList.supports && relList.supports('modulepreload')) {\n return;\n }\n for (const link of document.querySelectorAll('link[rel=\"modulepreload\"]')) {\n processPreload(link);\n }\n new MutationObserver((mutations) => {\n for (const mutation of mutations) {\n if (mutation.type !== 'childList') {\n continue;\n }\n for (const node of mutation.addedNodes) {\n if (node.tagName === 'LINK' && node.rel === 'modulepreload')\n processPreload(node);\n }\n }\n }).observe(document, { childList: true, subtree: true });\n function getFetchOpts(script) {\n const fetchOpts = {};\n if (script.integrity)\n fetchOpts.integrity = script.integrity;\n if (script.referrerpolicy)\n fetchOpts.referrerPolicy = script.referrerpolicy;\n if (script.crossorigin === 'use-credentials')\n fetchOpts.credentials = 'include';\n else if (script.crossorigin === 'anonymous')\n fetchOpts.credentials = 'omit';\n else\n fetchOpts.credentials = 'same-origin';\n return fetchOpts;\n }\n function processPreload(link) {\n if (link.ep)\n // ep marker = processed\n return;\n link.ep = true;\n // prepopulate the load record\n const fetchOpts = getFetchOpts(link);\n fetch(link.href, fetchOpts);\n }\n};__VITE_IS_MODERN__&&p();","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.ERR_FAILED_TO_FETCH_OPENID_CLAIMS_DESCRIPTION = exports.ERR_FAILED_TO_FETCH_OPENID_CLAIMS = exports.ERR_OPENID_CHECK_SESSION_ERROR_DESCRIPTION = exports.ERR_OPENID_CHECK_SESSION_ERROR = exports.ERR_FAILED_TO_VALIDATE_OPENID_METADATA_DESCRIPTION = exports.ERR_FAILED_TO_VALIDATE_OPENID_METADATA = exports.ERR_FAILED_TO_PARSE_OPENID_METADATA_DESCRIPTION = exports.ERR_FAILED_TO_PARSE_OPENID_METADATA = exports.ERR_FAILED_TO_FETCH_OPENID_METADATA_DESCRIPTION = exports.ERR_FAILED_TO_FETCH_OPENID_METADATA = exports.ERR_REGISTRATION_NOT_SUPPORTED_DESCRIPTION = exports.ERR_REGISTRATION_NOT_SUPPORTED = exports.ERR_REQUEST_URI_NOT_SUPPORTED_DESCRIPTION = exports.ERR_REQUEST_URI_NOT_SUPPORTED = exports.ERR_REQUEST_NOT_SUPPORTED_DESCRIPTION = exports.ERR_REQUEST_NOT_SUPPORTED = exports.ERR_INVALID_REQUEST_OBJECT_DESCRIPTION = exports.ERR_INVALID_REQUEST_OBJECT = exports.ERR_INVALID_REQUEST_URI_DESCRIPTION = exports.ERR_INVALID_REQUEST_URI = exports.ERR_CONSENT_REQUIRED_DESCRIPTION = exports.ERR_CONSENT_REQUIRED = exports.ERR_ACCOUNT_SELECTION_REQUIRED_DESCRIPTION = exports.ERR_ACCOUNT_SELECTION_REQUIRED = exports.ERR_LOGIN_REQUIRED_DESCRIPTION = exports.ERR_LOGIN_REQUIRED = exports.ERR_INTERACTION_REQUIRED_DESCRIPTION = exports.ERR_INTERACTION_REQUIRED = exports.ERR_TEMPORARILY_UNAVAILABLE_DESCRIPTION = exports.ERR_TEMPORARILY_UNAVAILABLE = exports.ERR_SERVER_ERROR_DESCRIPTION = exports.ERR_SERVER_ERROR = exports.ERR_INVALID_SCOPE_DESCRIPTION = exports.ERR_INVALID_SCOPE = exports.ERR_UNSUPPORTED_RESPONSE_TYPE_DESCRIPTION = exports.ERR_UNSUPPORTED_RESPONSE_TYPE = exports.ERR_ACCESS_DENIED_DESCRIPTION = exports.ERR_ACCESS_DENIED = exports.ERR_UNAUTHORIZED_CLIENT_DESCRIPTION = exports.ERR_UNAUTHORIZED_CLIENT = exports.ERR_INVALID_REQUEST_DESCRIPTION = exports.ERR_INVALID_REQUEST = exports.ERR_RENEW_TIMEOUT_DESCRIPTION = exports.ERR_RENEW_TIMEOUT = exports.ERR_UNAUTHORIZED_DESCRIPTION = exports.ERR_UNAUTHORIZED = exports.ERR_UNSUPPORTED_TOKEN_TYPE_DESCRIPTION = exports.ERR_UNSUPPORTED_TOKEN_TYPE = exports.ERR_STATE_MISMATCH_DESCRIPTION = exports.ERR_STATE_MISMATCH = void 0;\r\nexports.ERR_FAILED_TO_VALIDATE_OPENID_CLAIMS_DESCRIPTION = exports.ERR_FAILED_TO_VALIDATE_OPENID_CLAIMS = exports.ERR_FAILED_TO_PARSE_OPENID_CLAIMS_DESCRIPTION = exports.ERR_FAILED_TO_PARSE_OPENID_CLAIMS = void 0;\r\n/**\r\n * Authorization server response validation error.\r\n *\r\n * Unable to verify the validity of the request by matching\r\n * the \"state\" parameter sent with the authorization request\r\n * to the \"state\" parameter received in authorization server\r\n * response.\r\n *\r\n * This error may indicate a cross-site request forgery (CSRF)\r\n * attack or a misconfiguration of the authorization server.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-10.12\r\n */\r\nexports.ERR_STATE_MISMATCH = 'state_mismatch';\r\nexports.ERR_STATE_MISMATCH_DESCRIPTION = \"\\n This error may indicate a cross-site request forgery (CSRF)\\n attack or a misconfiguration of the authorization server.\\n\";\r\n/**\r\n * Authorization server response validation error.\r\n *\r\n * SGWTConnect does not support the access token type\r\n * received from the authorization server.\r\n */\r\nexports.ERR_UNSUPPORTED_TOKEN_TYPE = 'unsupported_token_type';\r\nexports.ERR_UNSUPPORTED_TOKEN_TYPE_DESCRIPTION = \"\\n SGWTConnect does not support the access token type\\n received from the authorization server.\\n\";\r\n/**\r\n * SGWTConnect unauthorized error.\r\n *\r\n * Occurs when SGWTConnect is unable to perform an action\r\n * because it is currently unauthorized to do so.\r\n */\r\nexports.ERR_UNAUTHORIZED = 'unauthorized';\r\nexports.ERR_UNAUTHORIZED_DESCRIPTION = \"\\n SGWTConnect is unable to perform an action\\n because it is currently unauthorized to do so.\\n\";\r\n/**\r\n * SGWTConnect renewal error.\r\n *\r\n * Occurs when SGWTConnect does not receive a response\r\n * from the authorization server while renewing the token.\r\n */\r\nexports.ERR_RENEW_TIMEOUT = 'renew_timeout';\r\nexports.ERR_RENEW_TIMEOUT_DESCRIPTION = \"\\n SGWTConnect did not receive a response\\n from the authorization server while\\n renewing the token.\\n\";\r\n//\r\n// OAuth 2.0 errors are listed below.\r\n// See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n// --------------------\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The request is missing a required parameter, includes an\r\n * unsupported parameter value, includes a parameter more\r\n * than once, or is otherwise malformed.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_INVALID_REQUEST = 'invalid_request';\r\nexports.ERR_INVALID_REQUEST_DESCRIPTION = \"\\n The configuration may be malformed.\\n Double check all configuration options.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The client is not authorized to request an access token\r\n * using this method.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_UNAUTHORIZED_CLIENT = 'unauthorized_client';\r\nexports.ERR_UNAUTHORIZED_CLIENT_DESCRIPTION = \"\\n The client is not authorized to request an access token\\n using this method.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The resource owner or authorization server denied the request.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_ACCESS_DENIED = 'access_denied';\r\nexports.ERR_ACCESS_DENIED_DESCRIPTION = \"\\n The resource owner or authorization server denied the request.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The authorization server does not support obtaining an\r\n * access token using this method.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_UNSUPPORTED_RESPONSE_TYPE = 'unsupported_response_type';\r\nexports.ERR_UNSUPPORTED_RESPONSE_TYPE_DESCRIPTION = \"\\n The authorization server does not support obtaining an\\n access token using this method.\\n\\n Double-check the \\\"response_type\\\" configuration option.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The requested scope is invalid, unknown, or malformed.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_INVALID_SCOPE = 'invalid_scope';\r\nexports.ERR_INVALID_SCOPE_DESCRIPTION = \"\\n The requested scope is invalid, unknown, or malformed.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The authorization server encountered an unexpected\r\n * condition that prevented it from fulfilling the request.\r\n * (This error code is needed because a 500 Internal Server\r\n * Error HTTP status code cannot be returned to the client\r\n * via an HTTP redirect.)\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_SERVER_ERROR = 'server_error';\r\nexports.ERR_SERVER_ERROR_DESCRIPTION = \"\\n The authorization server encountered an unexpected\\n condition that prevented it from fulfilling the request.\\n\\n Please try again in a few minutes.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The authorization server is currently unable to handle\r\n * the request due to a temporary overloading or maintenance\r\n * of the server. (This error code is needed because a 503\r\n * Service Unavailable HTTP status code cannot be returned\r\n * to the client via an HTTP redirect.)\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_TEMPORARILY_UNAVAILABLE = 'temporarily_unavailable';\r\nexports.ERR_TEMPORARILY_UNAVAILABLE_DESCRIPTION = \"\\n The authorization server is currently unable to handle\\n the request due to a temporary overloading or maintenance\\n of the server.\\n\\n Please try again in a few minutes.\\n\";\r\n//\r\n// OpenID Connect 1.0 errors are listed below.\r\n// See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n// --------------------\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The Authorization Server requires End-User interaction\r\n * of some form to proceed. This error MAY be returned\r\n * when the prompt parameter value in the Authentication Request\r\n * is none, but the Authentication Request cannot be completed\r\n * without displaying a user interface for End-User interaction.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_INTERACTION_REQUIRED = 'interaction_required';\r\nexports.ERR_INTERACTION_REQUIRED_DESCRIPTION = \"\\n The Authorization Server requires End-User interaction\\n of some form to proceed.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The Authorization Server requires End-User authentication.\r\n * This error MAY be returned when the prompt parameter value in the\r\n * Authentication Request is none, but the Authentication Request\r\n * cannot be completed without displaying a user interface for\r\n * End-User authentication.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_LOGIN_REQUIRED = 'login_required';\r\nexports.ERR_LOGIN_REQUIRED_DESCRIPTION = \"\\n The Authorization Server requires End-User authentication.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The End-User is REQUIRED to select a session at the Authorization Server.\r\n * The End-User MAY be authenticated at the Authorization Server with\r\n * different associated accounts, but the End-User did not select a session.\r\n * This error MAY be returned when the prompt parameter value in the\r\n * Authentication Request is none, but the Authentication Request\r\n * cannot be completed without displaying a user interface to prompt\r\n * for a session to use.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_ACCOUNT_SELECTION_REQUIRED = 'account_selection_required';\r\nexports.ERR_ACCOUNT_SELECTION_REQUIRED_DESCRIPTION = \"\\n The End-User is REQUIRED to select a session at the Authorization Server.\\n The End-User MAY be authenticated at the Authorization Server with\\n different associated accounts, but the End-User did not select a session.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The Authorization Server requires End-User consent.\r\n * This error MAY be returned when the prompt parameter value in the\r\n * Authentication Request is none, but the Authentication Request\r\n * cannot be completed without displaying a user interface for\r\n * End-User consent.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_CONSENT_REQUIRED = 'consent_required';\r\nexports.ERR_CONSENT_REQUIRED_DESCRIPTION = \"\\n The Authorization Server requires End-User consent.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The request_uri in the Authorization Request returns an error\r\n * or contains invalid data.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_INVALID_REQUEST_URI = 'invalid_request_uri';\r\nexports.ERR_INVALID_REQUEST_URI_DESCRIPTION = \"\\n The request_uri in the Authorization Request returns an error\\n or contains invalid data.\\n\\n This is probably a bug in SGWTConnect.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The request parameter contains an invalid Request Object.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_INVALID_REQUEST_OBJECT = 'invalid_request_object';\r\nexports.ERR_INVALID_REQUEST_OBJECT_DESCRIPTION = \"\\n The request parameter contains an invalid Request Object.\\n\\n This is probably a bug in SGWTConnect.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The OpenID Provider does not support use of the `request` parameter defined in\r\n * [Section 6](http://openid.net/specs/openid-connect-core-1_0.html#JWTRequests).\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_REQUEST_NOT_SUPPORTED = 'request_not_supported';\r\nexports.ERR_REQUEST_NOT_SUPPORTED_DESCRIPTION = \"\\n The OpenID Provider does not support use of the \\\"request\\\" parameter.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The OpenID Provider does not support use of the `request_uri` parameter defined in\r\n * [Section 6](http://openid.net/specs/openid-connect-core-1_0.html#JWTRequests).\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_REQUEST_URI_NOT_SUPPORTED = 'request_uri_not_supported';\r\nexports.ERR_REQUEST_URI_NOT_SUPPORTED_DESCRIPTION = \"\\n The OpenID Provider does not support use of the \\\"request_uri\\\" parameter.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The OpenID Provider does not support use of the `registration` parameter defined in\r\n * [Section 7.2.1](http://openid.net/specs/openid-connect-core-1_0.html#RegistrationParameter).\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_REGISTRATION_NOT_SUPPORTED = 'registration_not_supported';\r\nexports.ERR_REGISTRATION_NOT_SUPPORTED_DESCRIPTION = \"\\n The OpenID Provider does not support use of the \\\"registration\\\" parameter.\\n\";\r\n//\r\n// OpenID Connect 1.0 Session Management errors are listed below.\r\n// See: https://openid.net/specs/openid-connect-session-1_0.html\r\n// --------------------\r\n/**\r\n * Indicates that an HTTP request to obtain\r\n * the OpenID Provider Discovery Metadata has failed.\r\n */\r\nexports.ERR_FAILED_TO_FETCH_OPENID_METADATA = 'failed_to_obtain_openid_metadata';\r\nexports.ERR_FAILED_TO_FETCH_OPENID_METADATA_DESCRIPTION = \"\\n Failed to obtain OpenID Provider Metadata.\\n\";\r\n/**\r\n * Indicates that there was a error parsing\r\n * the OpenID Provider Discovery Metadata response.\r\n */\r\nexports.ERR_FAILED_TO_PARSE_OPENID_METADATA = 'failed_to_parse_openid_metadata';\r\nexports.ERR_FAILED_TO_PARSE_OPENID_METADATA_DESCRIPTION = \"\\n Failed to parse OpenID Provider Discovery Metadata.\\n\";\r\n/**\r\n * Indicates that there was an error validating\r\n * the OpenID Provider Discovery Metadata response.\r\n */\r\nexports.ERR_FAILED_TO_VALIDATE_OPENID_METADATA = 'failed_to_validate_openid_metadata';\r\nexports.ERR_FAILED_TO_VALIDATE_OPENID_METADATA_DESCRIPTION = \"\\n Failed to validate OpenID Provider Discovery Metadata.\\n\";\r\n/**\r\n * Indicates that the OpenID OP iframe received\r\n * a syntactically malformed message.\r\n *\r\n * See: https://openid.net/specs/openid-connect-session-1_0.html#OPiframe\r\n */\r\nexports.ERR_OPENID_CHECK_SESSION_ERROR = 'check_session_error';\r\nexports.ERR_OPENID_CHECK_SESSION_ERROR_DESCRIPTION = \"\\n Client ID and origin URL cannot be determined or are syntactically invalid.\\n\";\r\n//\r\n// OpenID UserInfo Endpoint.\r\n// See: https://openid.net/specs/openid-connect-core-1_0.html#UserInfo\r\n// --------------------\r\n/**\r\n * Indicates that an HTTP request to obtain\r\n * the OpenID UserInfo Claims has failed.\r\n */\r\nexports.ERR_FAILED_TO_FETCH_OPENID_CLAIMS = 'failed_to_obtain_openid_claims';\r\nexports.ERR_FAILED_TO_FETCH_OPENID_CLAIMS_DESCRIPTION = \"\\n Failed to obtain OpenID UserInfo Claims.\\n\";\r\n/**\r\n * Indicates that there was a error parsing\r\n * the OpenID UserInfo Claims response.\r\n */\r\nexports.ERR_FAILED_TO_PARSE_OPENID_CLAIMS = 'failed_to_parse_openid_claims';\r\nexports.ERR_FAILED_TO_PARSE_OPENID_CLAIMS_DESCRIPTION = \"\\n Failed to parse OpenID UserInfo Claims.\\n\";\r\n/**\r\n * Indicates that there was an error validating\r\n * the OpenID UserInfo Claims response.\r\n */\r\nexports.ERR_FAILED_TO_VALIDATE_OPENID_CLAIMS = 'failed_to_validate_openid_claims';\r\nexports.ERR_FAILED_TO_VALIDATE_OPENID_CLAIMS_DESCRIPTION = \"\\n Failed to validate OpenID UserInfo Claims.\\n\";\r\n//# sourceMappingURL=SGWTConnectErrorList.js.map","\"use strict\";\r\nvar __extends = (this && this.__extends) || (function () {\r\n var extendStatics = function (d, b) {\r\n extendStatics = Object.setPrototypeOf ||\r\n ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||\r\n function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };\r\n return extendStatics(d, b);\r\n };\r\n return function (d, b) {\r\n if (typeof b !== \"function\" && b !== null)\r\n throw new TypeError(\"Class extends value \" + String(b) + \" is not a constructor or null\");\r\n extendStatics(d, b);\r\n function __() { this.constructor = d; }\r\n d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());\r\n };\r\n})();\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.SGWTConnectError = void 0;\r\nvar ErrorList = require(\"./SGWTConnectErrorList\");\r\n/**\r\n * SGWTConnect error.\r\n *\r\n * The purpose of this class is to differentiate custom SGWTConnect\r\n * errors from errors originated in other modules.\r\n */\r\nvar SGWTConnectError = /** @class */ (function (_super) {\r\n __extends(SGWTConnectError, _super);\r\n function SGWTConnectError(code) {\r\n var _this = this;\r\n var errorListKey = \"ERR_\" + code.toUpperCase() + \"_DESCRIPTION\";\r\n var description = ErrorList[errorListKey];\r\n _this = _super.call(this, \"SGWTConnectError \" + code.toUpperCase() + \" \" + description) || this;\r\n // Calling `super` in TypeScript 2.1 and 2.2 breaks the\r\n // prototype chain, so we need to restore it here to\r\n // enable instanceof checks\r\n // See: https://github.com/Microsoft/TypeScript/wiki/Breaking-Changes#typescript-21\r\n Object.setPrototypeOf(_this, SGWTConnectError.prototype);\r\n // We use the same approach as NodeJS errors by exposing\r\n // a `code` property (e.g. \"state_mismatch\") on error\r\n // instances:\r\n _this.code = code;\r\n return _this;\r\n }\r\n return SGWTConnectError;\r\n}(Error));\r\nexports.SGWTConnectError = SGWTConnectError;\r\n//# sourceMappingURL=SGWTConnectError.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.EVENT_OPENID_CHECK_SESSION_ERROR = exports.EVENT_OPENID_SESSION_UNCHANGED = exports.EVENT_OPENID_SESSION_CHANGED = exports.EVENT_OPENID_METADATA_FETCH_ERROR = exports.EVENT_AUTH_RENEW_SUCCESS = exports.EVENT_AUTH_RENEW_ERROR = exports.EVENT_AUTH_EXPIRED = exports.EVENT_AUTH_DISCARDED = void 0;\r\n/**\r\n * The authorization token has been discarded.\r\n */\r\nexports.EVENT_AUTH_DISCARDED = 'authorizationDiscarded';\r\n/**\r\n * The authorization token has expired.\r\n */\r\nexports.EVENT_AUTH_EXPIRED = 'authorizationExpired';\r\n/**\r\n * Error has occurred while renewing the token.\r\n */\r\nexports.EVENT_AUTH_RENEW_ERROR = 'renewAuthorizationError';\r\n/**\r\n * The current token has been successfully renewed.\r\n */\r\nexports.EVENT_AUTH_RENEW_SUCCESS = 'renewAuthorizationSuccess';\r\n/**\r\n * Error has occurred while fetching the OpenID Metadata.\r\n */\r\nexports.EVENT_OPENID_METADATA_FETCH_ERROR = 'OpenIDMetadataFetchError';\r\n/**\r\n * Indicates that the OpenID session has changed.\r\n */\r\nexports.EVENT_OPENID_SESSION_CHANGED = 'OpenIDCheckSessionChanged';\r\n/**\r\n * Indicates that the OpenID session has not changed.\r\n */\r\nexports.EVENT_OPENID_SESSION_UNCHANGED = 'OpenIDCheckSessionUnchanged';\r\n/**\r\n * Error has occurred while fetching the OpenID Metadata.\r\n */\r\nexports.EVENT_OPENID_CHECK_SESSION_ERROR = 'OpenIDCheckSessionError';\r\n//# sourceMappingURL=SGWTConnectEventList.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.generateAuthorizationUri = exports.normalizeAuthorizationEndpoint = exports.generateCryptoStrongRandomValue = void 0;\r\n/**\r\n * Generates a cryptographically strong random value.\r\n */\r\nfunction generateCryptoStrongRandomValue() {\r\n var crypto = window.crypto || window.msCrypto;\r\n var randomValues = crypto.getRandomValues(new Uint32Array(5));\r\n // IE supports neither TypedArray methods nor Array.from,\r\n // so we have to use a for loop here if we want this script\r\n // to be injectable before polyfills:\r\n var base36RandomValue = '';\r\n for (var i = 0; i < randomValues.length; i += 1) { // tslint:disable-line:prefer-for-of\r\n base36RandomValue += randomValues[i].toString(36);\r\n }\r\n return base36RandomValue;\r\n}\r\nexports.generateCryptoStrongRandomValue = generateCryptoStrongRandomValue;\r\n/**\r\n * Normalizes the authorization endpoint by stripping /oauth2/* suffixes.\r\n */\r\nfunction normalizeAuthorizationEndpoint(authorization_endpoint) {\r\n return authorization_endpoint\r\n .replace(/(\\/oauth2\\/authorize|\\/userinfo)?\\/?$/, '');\r\n}\r\nexports.normalizeAuthorizationEndpoint = normalizeAuthorizationEndpoint;\r\n/**\r\n * Generates an OAuth2/OpenID-compliant authorization URI.\r\n */\r\nfunction generateAuthorizationUri(config, state, options) {\r\n return normalizeAuthorizationEndpoint(config.authorization_endpoint) +\r\n '/oauth2/authorize' +\r\n '?client_id=' + encodeURIComponent(config.client_id) +\r\n '&redirect_uri=' + encodeURIComponent(config.redirect_uri) +\r\n '&response_type=' + encodeURIComponent(config.response_type) +\r\n '&scope=' + encodeURIComponent(config.scope) +\r\n '&nonce=' + encodeURIComponent(generateCryptoStrongRandomValue()) +\r\n '&state=' + encodeURIComponent(state) +\r\n '&acr_values=' + encodeURIComponent(config.acr_values) +\r\n (options && options.prompt ? '&prompt=' + options.prompt : '') +\r\n (options && options.id_token_hint ? '&id_token_hint=' + options.id_token_hint : '');\r\n}\r\nexports.generateAuthorizationUri = generateAuthorizationUri;\r\n//# sourceMappingURL=SGWTConnectAuthorizationUri.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.isScopeListed = void 0;\r\n/**\r\n * Determines whether the checked scope is listed in the actual scope.\r\n */\r\nfunction isScopeListed(checkedScope, actualScope) {\r\n var checkedScopeList = checkedScope.trim().toLowerCase().split(/\\s+/);\r\n var actualScopeList = actualScope.trim().toLowerCase().split(/\\s+/);\r\n return checkedScopeList.every(function (scope) { return actualScopeList.indexOf(scope) !== -1; });\r\n}\r\nexports.isScopeListed = isScopeListed;\r\n//# sourceMappingURL=isScopeListed.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.normalizeUrl = void 0;\r\n/**\r\n * Normalizes a URL by lowercasing it, adding the trailing slash,\r\n * and removing the default ports (:80 for http and :443 for https).\r\n * @param url URL to normalize.\r\n * @example\r\n * normalizeUrl('HTTP://EXAMPLE.COM') === 'http://example.com/'\r\n * normalizeUrl('http://example.com:80') === 'http://example.com/'\r\n * normalizeUrl('https://example.com:443') === 'https://example.com/'\r\n */\r\nfunction normalizeUrl(url) {\r\n // Using HTMLAnchorElement hack because Internet Explorer\r\n // doesn't support the Window.URL API:\r\n var a = document.createElement('a');\r\n a.href = url;\r\n return a.href;\r\n}\r\nexports.normalizeUrl = normalizeUrl;\r\n//# sourceMappingURL=normalizeUrl.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.normalizeAuthServerResponse = exports.parseOAuth2Fragment = void 0;\r\n/**\r\n * Creates an object from a string of query parameters.\r\n */\r\nfunction parseQueryParametersString(queryParametersString) {\r\n var queryParametersRegex = /([^&=]+)=([^&]*)/g;\r\n var queryParameters = {};\r\n var keyValuePair;\r\n // tslint:disable-next-line:no-conditional-assignment\r\n while (keyValuePair = queryParametersRegex.exec(queryParametersString)) {\r\n var key = decodeURIComponent(keyValuePair[1]);\r\n var value = decodeURIComponent(keyValuePair[2]);\r\n queryParameters[key] = value;\r\n }\r\n return queryParameters;\r\n}\r\n/**\r\n * Parses an authorization server response.\r\n */\r\nfunction parseOAuth2Fragment(fragment) {\r\n return parseQueryParametersString(fragment.replace(/^#/, ''));\r\n}\r\nexports.parseOAuth2Fragment = parseOAuth2Fragment;\r\n/**\r\n * Normalizes a parsed authorization server response.\r\n */\r\nfunction normalizeAuthServerResponse(authServerResponse) {\r\n if (authServerResponse.error) {\r\n var authError = {\r\n error: authServerResponse.error,\r\n error_description: authServerResponse.error_description,\r\n state: authServerResponse.state\r\n };\r\n return authError;\r\n }\r\n var expiresIn = parseInt(authServerResponse.expires_in, 10) * 1000;\r\n var authSuccess = {\r\n access_token: authServerResponse.access_token,\r\n expires_in: expiresIn,\r\n expires_at: Date.now() + expiresIn,\r\n id_token: authServerResponse.id_token,\r\n scope: authServerResponse.scope,\r\n state: authServerResponse.state,\r\n token_type: authServerResponse.token_type,\r\n session_state: authServerResponse.session_state\r\n };\r\n return authSuccess;\r\n}\r\nexports.normalizeAuthServerResponse = normalizeAuthServerResponse;\r\n//# sourceMappingURL=SGWTConnectServerResponse.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.isOnRedirectUri = exports.generateRedirectUri = void 0;\r\nvar isScopeListed_1 = require(\"./isScopeListed\");\r\nvar normalizeUrl_1 = require(\"./normalizeUrl\");\r\nvar SGWTConnectServerResponse_1 = require(\"./SGWTConnectServerResponse\");\r\n/**\r\n * Generates a redirect URI.\r\n *\r\n * Given the origin \"https://example.com\":\r\n * - \"\" -> \"https://example.com\"\r\n * - \"/redirect\" -> \"https://example.com/redirect\"\r\n * - \"https://example.com\" -> \"https://example.com\"\r\n */\r\nfunction generateRedirectUri(location, redirectUri) {\r\n var origin = location.protocol + \"//\" + location.host;\r\n // Support empty or unspecified redirect_uri\r\n // by using the current origin instead:\r\n // \"\" => \"https://example.com\"\r\n if (!redirectUri) {\r\n return origin;\r\n }\r\n // Support URIs relative to origin, for example:\r\n // \"/redirect\" => \"https://example.com/redirect\"\r\n if (redirectUri.charAt(0) === '/') {\r\n return \"\" + origin + redirectUri;\r\n }\r\n // Otherwise use the redirect_uri as provided.\r\n // Note that we're not trying to normalize it\r\n // because it will be compared as is on the\r\n // authorization server.\r\n return redirectUri;\r\n}\r\nexports.generateRedirectUri = generateRedirectUri;\r\n/**\r\n * Determines if the current page has been redirected using OAuth2 protocol.\r\n */\r\nfunction isOnRedirectUri(config, location) {\r\n //\r\n // Step 1: validate the fragment\r\n // --------------------\r\n var authEndpointResponse = SGWTConnectServerResponse_1.parseOAuth2Fragment(location.hash);\r\n // Ensure that the fragment has at least the \"state\" parameter,\r\n // otherwise this is not a valid OAuth2 fragment:\r\n if (!authEndpointResponse.hasOwnProperty('state')) {\r\n return false;\r\n }\r\n var hasRequestedAccessToken = isScopeListed_1.isScopeListed('token', config.response_type);\r\n var hasRequestedIdToken = isScopeListed_1.isScopeListed('id_token', config.response_type);\r\n var hasReceivedAccessToken = authEndpointResponse.hasOwnProperty('access_token');\r\n var hasReceivedIdToken = authEndpointResponse.hasOwnProperty('id_token');\r\n var hasReceivedError = authEndpointResponse.hasOwnProperty('error');\r\n if (hasRequestedAccessToken) {\r\n if (!hasReceivedAccessToken && !hasReceivedError) {\r\n return false;\r\n }\r\n }\r\n if (hasRequestedIdToken) {\r\n if (!hasReceivedIdToken && !hasReceivedError) {\r\n return false;\r\n }\r\n }\r\n //\r\n // Step 2: validate the href without fragment\r\n // --------------------\r\n // Remove the fragment from the current location and normalize it\r\n // to avoid infinite redirects due to non-strictly equal URIs:\r\n var currentUri = normalizeUrl_1.normalizeUrl(location.href.replace(location.hash, ''));\r\n // Compare to normalized redirect URI assuming that\r\n // it has no fragment (as per specification):\r\n return currentUri === normalizeUrl_1.normalizeUrl(config.redirect_uri);\r\n}\r\nexports.isOnRedirectUri = isOnRedirectUri;\r\n//# sourceMappingURL=SGWTConnectRedirectUri.js.map","\"use strict\";\r\nvar __assign = (this && this.__assign) || function () {\r\n __assign = Object.assign || function(t) {\r\n for (var s, i = 1, n = arguments.length; i < n; i++) {\r\n s = arguments[i];\r\n for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))\r\n t[p] = s[p];\r\n }\r\n return t;\r\n };\r\n return __assign.apply(this, arguments);\r\n};\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.normalizeConfiguration = void 0;\r\nvar SGWTConnectAuthorizationUri_1 = require(\"./SGWTConnectAuthorizationUri\");\r\nvar SGWTConnectRedirectUri_1 = require(\"./SGWTConnectRedirectUri\");\r\n/**\r\n * Normalizes the configuration by adding default fields,\r\n * and normalizing existing fields.\r\n * @param config Configuration object to normalize.\r\n */\r\nfunction normalizeConfiguration(config, location) {\r\n return __assign(__assign(__assign({}, config), { response_type: config.response_type || 'id_token token', acr_values: config.acr_values || 'L2', \r\n // Normalize the authorization endpoint by stripping some\r\n // extraneous suffixes that users may add:\r\n authorization_endpoint: SGWTConnectAuthorizationUri_1.normalizeAuthorizationEndpoint(config.authorization_endpoint), \r\n // API consumers may:\r\n // - specify a redirect_uri relative to origin\r\n // in this case we prefix it with origin\r\n // - not specify a redirect_uri at all\r\n // in this case we define it for them, as it is mandatory\r\n redirect_uri: SGWTConnectRedirectUri_1.generateRedirectUri(location, config.redirect_uri) }), config.post_logout_redirect_uri\r\n ? { post_logout_redirect_uri: SGWTConnectRedirectUri_1.generateRedirectUri(location, config.post_logout_redirect_uri) }\r\n : {});\r\n}\r\nexports.normalizeConfiguration = normalizeConfiguration;\r\n//# sourceMappingURL=SGWTConnectConfiguration.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.SGWTConnectStorage = void 0;\r\n/**\r\n * SGWTConnect data storage.\r\n *\r\n * Has the following features:\r\n * - Automatic parsing of stringified data.\r\n * - Prefixing of keys of stored data.\r\n */\r\nvar SGWTConnectStorage = /** @class */ (function () {\r\n function SGWTConnectStorage(hash) {\r\n if (hash === void 0) { hash = ''; }\r\n this.hash = hash;\r\n this.baseStorageKey = 'SGWTConnectStorage';\r\n }\r\n Object.defineProperty(SGWTConnectStorage.prototype, \"storageKey\", {\r\n get: function () {\r\n return this.hash ? this.baseStorageKey + \".\" + this.hash : this.baseStorageKey;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n SGWTConnectStorage.prototype.getItem = function (key) {\r\n var item = localStorage.getItem(this.storageKey + \".\" + key);\r\n return item === null ? null : JSON.parse(item);\r\n };\r\n SGWTConnectStorage.prototype.setItem = function (key, value) {\r\n localStorage.setItem(this.storageKey + \".\" + key, JSON.stringify(value));\r\n };\r\n SGWTConnectStorage.prototype.removeItem = function (key) {\r\n localStorage.removeItem(this.storageKey + \".\" + key);\r\n };\r\n SGWTConnectStorage.prototype.clearBy = function (satisfiesCondition) {\r\n for (var i = 0; i < localStorage.length; i += 1) {\r\n var key = localStorage.key(i);\r\n if (key && key.indexOf(this.baseStorageKey) !== -1) {\r\n var value = localStorage.getItem(key);\r\n var parsedValue = value === null ? null : JSON.parse(value);\r\n if (satisfiesCondition(parsedValue, key)) {\r\n localStorage.removeItem(key);\r\n }\r\n }\r\n }\r\n };\r\n return SGWTConnectStorage;\r\n}());\r\nexports.SGWTConnectStorage = SGWTConnectStorage;\r\n//# sourceMappingURL=SGWTConnectStorage.js.map","// Copyright Joyent, Inc. and other Node contributors.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a\n// copy of this software and associated documentation files (the\n// \"Software\"), to deal in the Software without restriction, including\n// without limitation the rights to use, copy, modify, merge, publish,\n// distribute, sublicense, and/or sell copies of the Software, and to permit\n// persons to whom the Software is furnished to do so, subject to the\n// following conditions:\n//\n// The above copyright notice and this permission notice shall be included\n// in all copies or substantial portions of the Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS\n// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\n// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN\n// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,\n// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE\n// USE OR OTHER DEALINGS IN THE SOFTWARE.\n\n'use strict';\n\nvar R = typeof Reflect === 'object' ? Reflect : null\nvar ReflectApply = R && typeof R.apply === 'function'\n ? R.apply\n : function ReflectApply(target, receiver, args) {\n return Function.prototype.apply.call(target, receiver, args);\n }\n\nvar ReflectOwnKeys\nif (R && typeof R.ownKeys === 'function') {\n ReflectOwnKeys = R.ownKeys\n} else if (Object.getOwnPropertySymbols) {\n ReflectOwnKeys = function ReflectOwnKeys(target) {\n return Object.getOwnPropertyNames(target)\n .concat(Object.getOwnPropertySymbols(target));\n };\n} else {\n ReflectOwnKeys = function ReflectOwnKeys(target) {\n return Object.getOwnPropertyNames(target);\n };\n}\n\nfunction ProcessEmitWarning(warning) {\n if (console && console.warn) console.warn(warning);\n}\n\nvar NumberIsNaN = Number.isNaN || function NumberIsNaN(value) {\n return value !== value;\n}\n\nfunction EventEmitter() {\n EventEmitter.init.call(this);\n}\nmodule.exports = EventEmitter;\n\n// Backwards-compat with node 0.10.x\nEventEmitter.EventEmitter = EventEmitter;\n\nEventEmitter.prototype._events = undefined;\nEventEmitter.prototype._eventsCount = 0;\nEventEmitter.prototype._maxListeners = undefined;\n\n// By default EventEmitters will print a warning if more than 10 listeners are\n// added to it. This is a useful default which helps finding memory leaks.\nvar defaultMaxListeners = 10;\n\nObject.defineProperty(EventEmitter, 'defaultMaxListeners', {\n enumerable: true,\n get: function() {\n return defaultMaxListeners;\n },\n set: function(arg) {\n if (typeof arg !== 'number' || arg < 0 || NumberIsNaN(arg)) {\n throw new RangeError('The value of \"defaultMaxListeners\" is out of range. It must be a non-negative number. Received ' + arg + '.');\n }\n defaultMaxListeners = arg;\n }\n});\n\nEventEmitter.init = function() {\n\n if (this._events === undefined ||\n this._events === Object.getPrototypeOf(this)._events) {\n this._events = Object.create(null);\n this._eventsCount = 0;\n }\n\n this._maxListeners = this._maxListeners || undefined;\n};\n\n// Obviously not all Emitters should be limited to 10. This function allows\n// that to be increased. Set to zero for unlimited.\nEventEmitter.prototype.setMaxListeners = function setMaxListeners(n) {\n if (typeof n !== 'number' || n < 0 || NumberIsNaN(n)) {\n throw new RangeError('The value of \"n\" is out of range. It must be a non-negative number. Received ' + n + '.');\n }\n this._maxListeners = n;\n return this;\n};\n\nfunction $getMaxListeners(that) {\n if (that._maxListeners === undefined)\n return EventEmitter.defaultMaxListeners;\n return that._maxListeners;\n}\n\nEventEmitter.prototype.getMaxListeners = function getMaxListeners() {\n return $getMaxListeners(this);\n};\n\nEventEmitter.prototype.emit = function emit(type) {\n var args = [];\n for (var i = 1; i < arguments.length; i++) args.push(arguments[i]);\n var doError = (type === 'error');\n\n var events = this._events;\n if (events !== undefined)\n doError = (doError && events.error === undefined);\n else if (!doError)\n return false;\n\n // If there is no 'error' event listener then throw.\n if (doError) {\n var er;\n if (args.length > 0)\n er = args[0];\n if (er instanceof Error) {\n // Note: The comments on the `throw` lines are intentional, they show\n // up in Node's output if this results in an unhandled exception.\n throw er; // Unhandled 'error' event\n }\n // At least give some kind of context to the user\n var err = new Error('Unhandled error.' + (er ? ' (' + er.message + ')' : ''));\n err.context = er;\n throw err; // Unhandled 'error' event\n }\n\n var handler = events[type];\n\n if (handler === undefined)\n return false;\n\n if (typeof handler === 'function') {\n ReflectApply(handler, this, args);\n } else {\n var len = handler.length;\n var listeners = arrayClone(handler, len);\n for (var i = 0; i < len; ++i)\n ReflectApply(listeners[i], this, args);\n }\n\n return true;\n};\n\nfunction _addListener(target, type, listener, prepend) {\n var m;\n var events;\n var existing;\n\n if (typeof listener !== 'function') {\n throw new TypeError('The \"listener\" argument must be of type Function. Received type ' + typeof listener);\n }\n\n events = target._events;\n if (events === undefined) {\n events = target._events = Object.create(null);\n target._eventsCount = 0;\n } else {\n // To avoid recursion in the case that type === \"newListener\"! Before\n // adding it to the listeners, first emit \"newListener\".\n if (events.newListener !== undefined) {\n target.emit('newListener', type,\n listener.listener ? listener.listener : listener);\n\n // Re-assign `events` because a newListener handler could have caused the\n // this._events to be assigned to a new object\n events = target._events;\n }\n existing = events[type];\n }\n\n if (existing === undefined) {\n // Optimize the case of one listener. Don't need the extra array object.\n existing = events[type] = listener;\n ++target._eventsCount;\n } else {\n if (typeof existing === 'function') {\n // Adding the second element, need to change to array.\n existing = events[type] =\n prepend ? [listener, existing] : [existing, listener];\n // If we've already got an array, just append.\n } else if (prepend) {\n existing.unshift(listener);\n } else {\n existing.push(listener);\n }\n\n // Check for listener leak\n m = $getMaxListeners(target);\n if (m > 0 && existing.length > m && !existing.warned) {\n existing.warned = true;\n // No error code for this since it is a Warning\n // eslint-disable-next-line no-restricted-syntax\n var w = new Error('Possible EventEmitter memory leak detected. ' +\n existing.length + ' ' + String(type) + ' listeners ' +\n 'added. Use emitter.setMaxListeners() to ' +\n 'increase limit');\n w.name = 'MaxListenersExceededWarning';\n w.emitter = target;\n w.type = type;\n w.count = existing.length;\n ProcessEmitWarning(w);\n }\n }\n\n return target;\n}\n\nEventEmitter.prototype.addListener = function addListener(type, listener) {\n return _addListener(this, type, listener, false);\n};\n\nEventEmitter.prototype.on = EventEmitter.prototype.addListener;\n\nEventEmitter.prototype.prependListener =\n function prependListener(type, listener) {\n return _addListener(this, type, listener, true);\n };\n\nfunction onceWrapper() {\n var args = [];\n for (var i = 0; i < arguments.length; i++) args.push(arguments[i]);\n if (!this.fired) {\n this.target.removeListener(this.type, this.wrapFn);\n this.fired = true;\n ReflectApply(this.listener, this.target, args);\n }\n}\n\nfunction _onceWrap(target, type, listener) {\n var state = { fired: false, wrapFn: undefined, target: target, type: type, listener: listener };\n var wrapped = onceWrapper.bind(state);\n wrapped.listener = listener;\n state.wrapFn = wrapped;\n return wrapped;\n}\n\nEventEmitter.prototype.once = function once(type, listener) {\n if (typeof listener !== 'function') {\n throw new TypeError('The \"listener\" argument must be of type Function. Received type ' + typeof listener);\n }\n this.on(type, _onceWrap(this, type, listener));\n return this;\n};\n\nEventEmitter.prototype.prependOnceListener =\n function prependOnceListener(type, listener) {\n if (typeof listener !== 'function') {\n throw new TypeError('The \"listener\" argument must be of type Function. Received type ' + typeof listener);\n }\n this.prependListener(type, _onceWrap(this, type, listener));\n return this;\n };\n\n// Emits a 'removeListener' event if and only if the listener was removed.\nEventEmitter.prototype.removeListener =\n function removeListener(type, listener) {\n var list, events, position, i, originalListener;\n\n if (typeof listener !== 'function') {\n throw new TypeError('The \"listener\" argument must be of type Function. Received type ' + typeof listener);\n }\n\n events = this._events;\n if (events === undefined)\n return this;\n\n list = events[type];\n if (list === undefined)\n return this;\n\n if (list === listener || list.listener === listener) {\n if (--this._eventsCount === 0)\n this._events = Object.create(null);\n else {\n delete events[type];\n if (events.removeListener)\n this.emit('removeListener', type, list.listener || listener);\n }\n } else if (typeof list !== 'function') {\n position = -1;\n\n for (i = list.length - 1; i >= 0; i--) {\n if (list[i] === listener || list[i].listener === listener) {\n originalListener = list[i].listener;\n position = i;\n break;\n }\n }\n\n if (position < 0)\n return this;\n\n if (position === 0)\n list.shift();\n else {\n spliceOne(list, position);\n }\n\n if (list.length === 1)\n events[type] = list[0];\n\n if (events.removeListener !== undefined)\n this.emit('removeListener', type, originalListener || listener);\n }\n\n return this;\n };\n\nEventEmitter.prototype.off = EventEmitter.prototype.removeListener;\n\nEventEmitter.prototype.removeAllListeners =\n function removeAllListeners(type) {\n var listeners, events, i;\n\n events = this._events;\n if (events === undefined)\n return this;\n\n // not listening for removeListener, no need to emit\n if (events.removeListener === undefined) {\n if (arguments.length === 0) {\n this._events = Object.create(null);\n this._eventsCount = 0;\n } else if (events[type] !== undefined) {\n if (--this._eventsCount === 0)\n this._events = Object.create(null);\n else\n delete events[type];\n }\n return this;\n }\n\n // emit removeListener for all listeners on all events\n if (arguments.length === 0) {\n var keys = Object.keys(events);\n var key;\n for (i = 0; i < keys.length; ++i) {\n key = keys[i];\n if (key === 'removeListener') continue;\n this.removeAllListeners(key);\n }\n this.removeAllListeners('removeListener');\n this._events = Object.create(null);\n this._eventsCount = 0;\n return this;\n }\n\n listeners = events[type];\n\n if (typeof listeners === 'function') {\n this.removeListener(type, listeners);\n } else if (listeners !== undefined) {\n // LIFO order\n for (i = listeners.length - 1; i >= 0; i--) {\n this.removeListener(type, listeners[i]);\n }\n }\n\n return this;\n };\n\nfunction _listeners(target, type, unwrap) {\n var events = target._events;\n\n if (events === undefined)\n return [];\n\n var evlistener = events[type];\n if (evlistener === undefined)\n return [];\n\n if (typeof evlistener === 'function')\n return unwrap ? [evlistener.listener || evlistener] : [evlistener];\n\n return unwrap ?\n unwrapListeners(evlistener) : arrayClone(evlistener, evlistener.length);\n}\n\nEventEmitter.prototype.listeners = function listeners(type) {\n return _listeners(this, type, true);\n};\n\nEventEmitter.prototype.rawListeners = function rawListeners(type) {\n return _listeners(this, type, false);\n};\n\nEventEmitter.listenerCount = function(emitter, type) {\n if (typeof emitter.listenerCount === 'function') {\n return emitter.listenerCount(type);\n } else {\n return listenerCount.call(emitter, type);\n }\n};\n\nEventEmitter.prototype.listenerCount = listenerCount;\nfunction listenerCount(type) {\n var events = this._events;\n\n if (events !== undefined) {\n var evlistener = events[type];\n\n if (typeof evlistener === 'function') {\n return 1;\n } else if (evlistener !== undefined) {\n return evlistener.length;\n }\n }\n\n return 0;\n}\n\nEventEmitter.prototype.eventNames = function eventNames() {\n return this._eventsCount > 0 ? ReflectOwnKeys(this._events) : [];\n};\n\nfunction arrayClone(arr, n) {\n var copy = new Array(n);\n for (var i = 0; i < n; ++i)\n copy[i] = arr[i];\n return copy;\n}\n\nfunction spliceOne(list, index) {\n for (; index + 1 < list.length; index++)\n list[index] = list[index + 1];\n list.pop();\n}\n\nfunction unwrapListeners(arr) {\n var ret = new Array(arr.length);\n for (var i = 0; i < ret.length; ++i) {\n ret[i] = arr[i].listener || arr[i];\n }\n return ret;\n}\n","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.isSameOrigin = void 0;\r\n/**\r\n * Determines whether two valid URLs are of the same origin.\r\n *\r\n * There is no URL normalization, thus\r\n * `isSameOrigin('http://localhost', 'localhost')` is `false`.\r\n */\r\nfunction isSameOrigin(urlA, urlB) {\r\n // Using HTMLAnchorElement hack because Internet Explorer\r\n // doesn't support the Window.URL API:\r\n var a = document.createElement('a');\r\n a.href = urlA;\r\n var protocolA = a.protocol, hostA = a.host;\r\n a.href = urlB;\r\n var protocolB = a.protocol, hostB = a.host;\r\n // Internet Explorer doesn't implement HTMLAnchorElement.origin,\r\n // so we consider origin to be the same when their protocols,\r\n // hostnames, and ports match exactly. Note that HTMLAnchorElement\r\n // normalizes the URL (lowercases it, removes trailing slash) and\r\n // HTMLAnchorElement.host value already includes the port, for ex:\r\n // \"HTTP://Example.com:8080/foo\"\r\n // - protocol: \"http:\"\r\n // - host: \"example.com:8080\"\r\n return protocolA === protocolB && hostA === hostB;\r\n}\r\nexports.isSameOrigin = isSameOrigin;\r\n//# sourceMappingURL=isSameOrigin.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.isObject = void 0;\r\n/**\r\n * Determines whether the given value is an object.\r\n * @param value A value to check.\r\n */\r\nfunction isObject(value) {\r\n return value !== null && typeof value === 'object';\r\n}\r\nexports.isObject = isObject;\r\n//# sourceMappingURL=isObject.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.fetchOpenIDUserInfo = void 0;\r\nvar isObject_1 = require(\"./isObject\");\r\nvar SGWTConnectError_1 = require(\"./SGWTConnectError\");\r\nvar SGWTConnectErrorList_1 = require(\"./SGWTConnectErrorList\");\r\n/**\r\n * Fetches OpenID Claims from the OpenID Provider's \"userinfo\" endpoint.\r\n * @param authorizationEndpoint OpenID Provider's \"userinfo\" endpoint URL.\r\n * @param authorizationHeader OpenID Provider's \"userinfo\" endpoint URL.\r\n * @param callback Called with Claims or error upon request completion.\r\n */\r\nfunction fetchOpenIDUserInfo(authorizationEndpoint, authorizationHeader, callback) {\r\n var xhr = new XMLHttpRequest();\r\n xhr.open('GET', authorizationEndpoint + \"/oauth2/userinfo\");\r\n xhr.setRequestHeader('Accept', 'application/json');\r\n xhr.setRequestHeader('Authorization', authorizationHeader);\r\n xhr.addEventListener('load', function handleOpenIDUserInfoLoad() {\r\n if (xhr.status === 200) {\r\n var openIDUserInfo = void 0;\r\n try {\r\n openIDUserInfo = JSON.parse(xhr.responseText);\r\n }\r\n catch (_a) {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_PARSE_OPENID_CLAIMS));\r\n return;\r\n }\r\n if (isValidOpenIDClaims(openIDUserInfo)) {\r\n callback(null, openIDUserInfo);\r\n }\r\n else {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_VALIDATE_OPENID_CLAIMS));\r\n }\r\n }\r\n else {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_FETCH_OPENID_CLAIMS));\r\n }\r\n });\r\n xhr.send();\r\n}\r\nexports.fetchOpenIDUserInfo = fetchOpenIDUserInfo;\r\n/**\r\n * Determines whether the given OpenID Configuration is valid.\r\n * @param openIDUserInfo JSON-parsed value obtained from the Discovery API.\r\n */\r\nfunction isValidOpenIDClaims(openIDUserInfo) {\r\n return isObject_1.isObject(openIDUserInfo) &&\r\n typeof openIDUserInfo.sub === 'string' &&\r\n typeof openIDUserInfo.name === 'string' &&\r\n typeof openIDUserInfo.locale === 'string';\r\n}\r\n//# sourceMappingURL=SGWTConnectOpenIDUserInfo.js.map","\"use strict\";\r\nvar __extends = (this && this.__extends) || (function () {\r\n var extendStatics = function (d, b) {\r\n extendStatics = Object.setPrototypeOf ||\r\n ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||\r\n function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };\r\n return extendStatics(d, b);\r\n };\r\n return function (d, b) {\r\n if (typeof b !== \"function\" && b !== null)\r\n throw new TypeError(\"Class extends value \" + String(b) + \" is not a constructor or null\");\r\n extendStatics(d, b);\r\n function __() { this.constructor = d; }\r\n d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());\r\n };\r\n})();\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.SGWTConnectCore = exports.SGWTConnectCheckSesssionFrameAttribute = exports.SGWTConnectRenewalFrameAttribute = void 0;\r\nvar events_1 = require(\"events\");\r\nvar isSameOrigin_1 = require(\"./isSameOrigin\");\r\nvar isScopeListed_1 = require(\"./isScopeListed\");\r\nvar SGWTConnectAuthorizationUri_1 = require(\"./SGWTConnectAuthorizationUri\");\r\nvar SGWTConnectError_1 = require(\"./SGWTConnectError\");\r\nvar SGWTConnectErrorList_1 = require(\"./SGWTConnectErrorList\");\r\nvar SGWTConnectEventList_1 = require(\"./SGWTConnectEventList\");\r\nvar SGWTConnectOpenIDUserInfo_1 = require(\"./SGWTConnectOpenIDUserInfo\");\r\nvar SGWTConnectServerResponse_1 = require(\"./SGWTConnectServerResponse\");\r\nexports.SGWTConnectRenewalFrameAttribute = 'data-sgwt-connect-renewal-frame';\r\nexports.SGWTConnectCheckSesssionFrameAttribute = 'data-sgwt-connect-check-session-frame';\r\n/**\r\n * Main API of SGWTConnect.\r\n */\r\nvar SGWTConnectCore = /** @class */ (function (_super) {\r\n __extends(SGWTConnectCore, _super);\r\n function SGWTConnectCore(config, storage, fetchOpenIDMetadata) {\r\n var _this = _super.call(this) || this;\r\n _this.config = config;\r\n _this.storage = storage;\r\n _this.tokenExpirationTimer = null;\r\n _this.periodicalRenewalTimer = null;\r\n _this.periodicalRenewalBackoff = 1000;\r\n _this.periodicalRenewalTimeout = 30000;\r\n _this.openIDCheckSessionTimerInterval = 3000;\r\n if (_this.isAuthorized()) {\r\n _this.restartTokenExpirationTimer();\r\n }\r\n if (fetchOpenIDMetadata && _this.hasRequestedScope('openid')) {\r\n fetchOpenIDMetadata(function (maybeOpenIDMetadata) {\r\n if (maybeOpenIDMetadata instanceof Error) {\r\n _this.emit(SGWTConnectEventList_1.EVENT_OPENID_METADATA_FETCH_ERROR, maybeOpenIDMetadata);\r\n }\r\n else {\r\n _this.openIDMetadata = maybeOpenIDMetadata;\r\n _this.enableOpenIDSessionManagement();\r\n }\r\n });\r\n }\r\n return _this;\r\n }\r\n //\r\n // Public\r\n // --------------------\r\n /**\r\n * Initiates the authorization process.\r\n *\r\n * Redirects to the authorization endpoint unless the\r\n * authorization has already been granted.\r\n */\r\n SGWTConnectCore.prototype.requestAuthorization = function () {\r\n // Check if the user is currently signed in to prevent\r\n // unnecessary sign-in redirects on application load:\r\n if (this.isAuthorized()) {\r\n return this\r\n .restartTokenExpirationTimer()\r\n .enablePeriodicalRenewal();\r\n }\r\n // At this point the token may not exist, has expired\r\n // or the authorization server has responded with an\r\n // error. In any case we clear the current authorization\r\n // response:\r\n this.storage.removeItem('AUTH');\r\n // Cross-Site Request Forgery (CSRF) protection:\r\n var state = SGWTConnectAuthorizationUri_1.generateCryptoStrongRandomValue();\r\n this.storage.setItem(state + \".STATE\", state);\r\n // Remember the current URL, we will need to return\r\n // the user here after authorization is completed:\r\n this.storage.setItem(state + \".RETURN_URL\", location.href);\r\n // Initiate the authorization process by redirecting\r\n // the current page to the authorization endpoint:\r\n location.replace(SGWTConnectAuthorizationUri_1.generateAuthorizationUri(this.config, state));\r\n return this;\r\n };\r\n /**\r\n * Clears the local authorization data and redirects\r\n * to end_session_endpoint if OpenID is enabled and\r\n * has loaded the relevant metadata.\r\n */\r\n SGWTConnectCore.prototype.discardAuthorization = function () {\r\n // Redirect is only possible if OpenID Metadata was\r\n // successfully retrieved from the \"well-known\" endpoint:\r\n if (this.openIDMetadata) {\r\n // Obtain the parameters required for the logout request:\r\n // https://openid.net/specs/openid-connect-session-1_0.html#RPLogout\r\n var id_token_hint = this.getIdToken();\r\n var post_logout_redirect_uri = this.config.post_logout_redirect_uri;\r\n var end_session_endpoint = this.openIDMetadata.end_session_endpoint;\r\n // Generate the end session URL:\r\n var endSessionURL_1 = end_session_endpoint + \"?id_token_hint=\" + id_token_hint +\r\n (post_logout_redirect_uri ? \"&post_logout_redirect_uri=\" + post_logout_redirect_uri : '');\r\n // Schedule termination of the OpenID session:\r\n this.once(SGWTConnectEventList_1.EVENT_AUTH_DISCARDED, function () {\r\n window.location.replace(endSessionURL_1);\r\n });\r\n }\r\n // Discard the authorization data which will trigger\r\n // EVENT_AUTH_DISCARDED that we subscribed to above:\r\n return this.discardAuthorizationLocally();\r\n };\r\n /**\r\n * Initiates a silent renewal of the token.\r\n *\r\n * Because the renewal is transparent to the user, we\r\n * discourage usage of this method before calling `requestAuthorization`\r\n * as this will not display the authorization approval\r\n * interface.\r\n */\r\n SGWTConnectCore.prototype.renewAuthorization = function (callback) {\r\n return this.requestAuthorizationWithoutPrompt({}, callback);\r\n };\r\n /**\r\n * Determines if the authorization has been granted.\r\n *\r\n * The state of having authorization is determined by the presence\r\n * of a non-expired access_token. This method does not tell\r\n * whether the authorization has been revoked or not,\r\n * or whether the granted scopes are identical to the\r\n * requested ones.\r\n */\r\n SGWTConnectCore.prototype.isAuthorized = function () {\r\n var authorization = this.storage.getItem('AUTH');\r\n return Boolean(authorization && authorization.access_token) &&\r\n authorization.expires_at > Date.now();\r\n };\r\n /**\r\n * Returns the authorization error or null if there is none.\r\n */\r\n SGWTConnectCore.prototype.getAuthorizationError = function () {\r\n var authorization = this.storage.getItem('AUTH');\r\n return (authorization && authorization.error) ?\r\n new SGWTConnectError_1.SGWTConnectError(authorization.error) :\r\n null;\r\n };\r\n /**\r\n * Generates an \"Authorization\" HTTP header value.\r\n *\r\n * Call this method and use the return value as Authorization header\r\n * value every time you make an HTTP request to your backend API.\r\n *\r\n * const authHttpHeader = sgwtConnect.getAuthorizationHeader();\r\n * if (authHttpHeader) {\r\n * headers.set('Authorization', authHttpHeader);\r\n * }\r\n *\r\n * Currently only the \"Bearer\" token type is supported.\r\n */\r\n SGWTConnectCore.prototype.getAuthorizationHeader = function () {\r\n var authorization = this.storage.getItem('AUTH');\r\n if (!this.isAuthorized()) {\r\n return null;\r\n }\r\n if (authorization.token_type && authorization.token_type.toLowerCase() === 'bearer') {\r\n return \"Bearer \" + authorization.access_token;\r\n }\r\n throw new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_UNSUPPORTED_TOKEN_TYPE);\r\n };\r\n /**\r\n * Returns the scope granted by the authorization server as a space-delimited string.\r\n */\r\n SGWTConnectCore.prototype.getGrantedScope = function () {\r\n // Make sure that the authorization request was successful:\r\n if (!this.isAuthorized()) {\r\n return null;\r\n }\r\n // Scope is part of authorization server response:\r\n var authorization = this.storage.getItem('AUTH');\r\n // Return the scope as is (e.g. \"profile openid mail\").\r\n // We leave it up to developer to parse and compare to\r\n // the requested scope. Also note that the scope\r\n // may not be returned in the authorization response\r\n // if it is identical to the scope requested by\r\n // the client.\r\n return typeof authorization.scope === 'undefined' ?\r\n this.config.scope :\r\n authorization.scope;\r\n };\r\n /**\r\n * Determines whether the given scope has been granted.\r\n *\r\n * sgwtConnect.hasGrantedScope('profile openid');\r\n */\r\n SGWTConnectCore.prototype.hasGrantedScope = function (checkedScope) {\r\n var grantedScope = this.getGrantedScope();\r\n if (typeof grantedScope !== 'string') {\r\n return false;\r\n }\r\n return isScopeListed_1.isScopeListed(checkedScope, grantedScope);\r\n };\r\n /**\r\n * Obtains the user's ID Token in the form of JWT (JSON Web Token).\r\n *\r\n * Use this method to pass user identity to your backend.\r\n *\r\n * Calling this method is only useful if the \"scope\" parameter\r\n * used to make the authorization request included the \"openid\"\r\n * value.\r\n *\r\n * See http://openid.net/specs/openid-connect-core-1_0.html#IDToken\r\n * See https://tools.ietf.org/html/rfc7519\r\n */\r\n SGWTConnectCore.prototype.getIdToken = function () {\r\n // Make sure that the authorization request was successful:\r\n if (!this.isAuthorized()) {\r\n return null;\r\n }\r\n // Obtain the authorization server response:\r\n var authorization = this.storage.getItem('AUTH');\r\n // It is possible that the response_type parameter did not\r\n // include the \"id_token\" value while performing an authorization\r\n // request, so there's no id_token in the current token:\r\n if (!authorization.id_token) {\r\n return null;\r\n }\r\n // Return the id_token as is so that it can be passed to\r\n // backend for validation:\r\n return authorization.id_token;\r\n };\r\n /**\r\n * Obtains basic user information from ID Token claims.\r\n *\r\n * Use this method to obtain user id, name, email, etc.\r\n * without calling the /userinfo endpoint.\r\n *\r\n * Calling this method is only useful if the \"scope\" parameter\r\n * used to make the authorization request included the \"openid\"\r\n * (and optionally \"email\", \"profile\", etc.) value.\r\n *\r\n * See http://openid.net/specs/openid-connect-core-1_0.html#IDToken\r\n */\r\n SGWTConnectCore.prototype.getIdTokenClaims = function () {\r\n var idToken = this.getIdToken();\r\n // The ID Token could be missing in the following cases:\r\n // 1. Authorization not requested\r\n // 2. Authorization not granted\r\n // 3. id_token not requested in the authorization request\r\n // 4. id_token not granted in the authorization response\r\n if (idToken === null) {\r\n return null;\r\n }\r\n // The id_token conforms to an industry standard (IETF RFC 7519)\r\n // and contains three parts (header, body, signature) separated\r\n // by \".\" (dot) character:\r\n var idTokenParts = idToken.split('.');\r\n // The body is the second part (at index 1) containing identity\r\n // claims about the user:\r\n var idTokenBody = idTokenParts[1];\r\n // The id_token body is a base64url encoded JSON structure:\r\n return JSON.parse(atob(idTokenBody));\r\n };\r\n /**\r\n * Fetches UserInfo Claims from the authorization server.\r\n *\r\n * Use this method to obtain user name, email, etc. if\r\n * you're not requesting id_token or if the id_token\r\n * does not contain these values.\r\n *\r\n * See https://openid.net/specs/openid-connect-core-1_0.html#UserInfo\r\n */\r\n SGWTConnectCore.prototype.fetchUserInfo = function (callback) {\r\n var authorizationHeader = this.getAuthorizationHeader();\r\n if (authorizationHeader) {\r\n SGWTConnectOpenIDUserInfo_1.fetchOpenIDUserInfo(this.config.authorization_endpoint, authorizationHeader, callback);\r\n }\r\n else {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_UNAUTHORIZED));\r\n }\r\n return this;\r\n };\r\n /**\r\n * Enables silent periodical renewal of the token.\r\n *\r\n * Call this method after checking the result of isAuthorized,\r\n * because it assumes that the authorization request has been\r\n * performed successfully.\r\n */\r\n SGWTConnectCore.prototype.enablePeriodicalRenewal = function () {\r\n var _this = this;\r\n // Make sure that we don't have two renewal timers\r\n // running at the same time:\r\n if (this.periodicalRenewalTimer !== null) {\r\n return this;\r\n }\r\n // Whenever renewal succeeds (manual or periodical)\r\n // we need to restart the timer in order to do reduce\r\n // the number of requests to the authorization endpoint:\r\n this.addListener(SGWTConnectEventList_1.EVENT_AUTH_RENEW_SUCCESS, this.restartRenewalTimer);\r\n // Start the initial timer. We're using setTimeout to be able\r\n // to adjust the duration depending on renew success/error:\r\n this.periodicalRenewalTimer = window.setTimeout(function () {\r\n _this.renewResiliently();\r\n }, this.getRenewalTimeout());\r\n return this;\r\n };\r\n /**\r\n * Disables silent periodical renewal of the token.\r\n */\r\n SGWTConnectCore.prototype.disablePeriodicalRenewal = function () {\r\n // Make sure that the backoff delay is reset so that next time\r\n // we start the periodical renewal, it is back to default value:\r\n this.resetRenewalBackoff();\r\n // Stop restarting periodical renewal on renew success:\r\n this.removeListener(SGWTConnectEventList_1.EVENT_AUTH_RENEW_SUCCESS, this.restartRenewalTimer);\r\n // Clear the current timeout:\r\n if (typeof this.periodicalRenewalTimer === 'number') {\r\n window.clearTimeout(this.periodicalRenewalTimer);\r\n this.periodicalRenewalTimer = null;\r\n }\r\n return this;\r\n };\r\n //\r\n // Private\r\n // --------------------\r\n /**\r\n * Discards the local authorization data,\r\n * cancels all running timers,\r\n * and emits `EVENT_AUTH_DISCARDED` event.\r\n */\r\n SGWTConnectCore.prototype.discardAuthorizationLocally = function () {\r\n // The authorization is discarded, so it no longer\r\n // makes sense to do periodical renewal or maintain\r\n // the expiration timer:\r\n this.disablePeriodicalRenewal();\r\n this.clearTokenExpirationTimer();\r\n if (this.openIDMetadata) {\r\n // OpenID Session Management is no longer needed:\r\n this.disableOpenIDSessionManagement();\r\n }\r\n // Actually discard the authorization data:\r\n this.storage.removeItem('AUTH');\r\n // Notify the interested parties:\r\n this.emit(SGWTConnectEventList_1.EVENT_AUTH_DISCARDED);\r\n return this;\r\n };\r\n /**\r\n * Initiates a silent renewal of the token\r\n * with additional options that are not available\r\n * in the public API.\r\n */\r\n SGWTConnectCore.prototype.requestAuthorizationWithoutPrompt = function (_a, callback) {\r\n var _this = this;\r\n var id_token_hint = _a.id_token_hint;\r\n // Cross-Site Request Forgery (CSRF) protection:\r\n var state = SGWTConnectAuthorizationUri_1.generateCryptoStrongRandomValue();\r\n // Generate the complete authorization endpoint URL\r\n // where id_token_hint is used to validate session\r\n // after receiving a \"changed\" event from OpenID\r\n // Session Management frame:\r\n var authorizationEndpoint = id_token_hint\r\n ? SGWTConnectAuthorizationUri_1.generateAuthorizationUri(this.config, state, { prompt: 'none', id_token_hint: id_token_hint })\r\n : SGWTConnectAuthorizationUri_1.generateAuthorizationUri(this.config, state, { prompt: 'none' });\r\n // Because OAuth2 protocol insists on providing access_token\r\n // in the fragment, we're unable to use XMLHttpRequest as it\r\n // transparently follows all redirects and the fragment is lost.\r\n // To solve this issue we use an iframe which gives us access\r\n // to window.location containing the access_token in its fragment.\r\n var iframe = document.createElement('iframe');\r\n // When both of these flags are set to true, then it is safe\r\n // to remove the iframe from the DOM\r\n // 1. we must not remove the iframe before it emits the \"load\"\r\n // event because in flight resources may get canceled causing\r\n // some browsers to remove them even from the top-level window\r\n // 2. we must wait for the message from iframe because it may\r\n // be emitted after(!) \"load\" event; removing the iframe from\r\n // the DOM will cancel the message in flight\r\n var isIframeLoaded = false;\r\n var isMessageReceivedFromIframe = false;\r\n // Iframe timeout in case it does not message or does not load:\r\n var iframeTimeoutTimer;\r\n // The redirect_uri may point to another domain preventing\r\n // the iframe from accessing the storage to set the token,\r\n // so it will message the top-level window using cross-origin\r\n // messaging protocol with window.postMessage. This function\r\n // securely handles the received message:\r\n var iframeMessageHandler = function (event) {\r\n // Make sure that the event comes from the renewal iframe:\r\n if (event.source !== iframe.contentWindow) {\r\n return;\r\n }\r\n // Make sure that the event comes from redirect_uri page:\r\n if (!isSameOrigin_1.isSameOrigin(event.origin, _this.config.redirect_uri)) {\r\n return;\r\n }\r\n // Third party scripts use the same API to send messages,\r\n // so make sure we're dealing with our own event:\r\n if (!event.data || typeof event.data !== 'object') {\r\n return;\r\n }\r\n if (event.data.type !== 'SGWTConnectFragment') {\r\n return;\r\n }\r\n // All event validity checks have passed; we consider\r\n // the event as genuine and can flag it as received\r\n // so that the \"load\" event handler knows about it:\r\n isMessageReceivedFromIframe = true;\r\n // We expect a single message, so the listener is no longer needed:\r\n window.removeEventListener('message', iframeMessageHandler);\r\n // We have received a message from the iframe,\r\n // the timeout no longer makes sense:\r\n window.clearTimeout(iframeTimeoutTimer);\r\n // We can remove the iframe if it has already loaded:\r\n if (isIframeLoaded) {\r\n document.body.removeChild(iframe);\r\n }\r\n // Extract the authorization server response from the message:\r\n var authorization = SGWTConnectServerResponse_1.normalizeAuthServerResponse(SGWTConnectServerResponse_1.parseOAuth2Fragment(event.data.fragment));\r\n // Cross-Site Request Forgery (CSRF) protection:\r\n if (authorization.state !== state) {\r\n var error = new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_STATE_MISMATCH);\r\n _this.emit(SGWTConnectEventList_1.EVENT_AUTH_RENEW_ERROR, error);\r\n if (callback) {\r\n callback(error);\r\n }\r\n return;\r\n }\r\n // Notify the subscribers about renewal completion:\r\n var errorCode = authorization.error;\r\n if (errorCode) {\r\n // Notify the API consumer about the authorization failure:\r\n var error = new SGWTConnectError_1.SGWTConnectError(errorCode);\r\n _this.emit(SGWTConnectEventList_1.EVENT_AUTH_RENEW_ERROR, error);\r\n if (callback) {\r\n callback(error);\r\n }\r\n }\r\n else {\r\n // Persist the authorization server response prior to emitting\r\n // events and calling the completion callback so that the token\r\n // is available to the completion event handlers:\r\n _this.storage.setItem('AUTH', authorization);\r\n // The authorization data has been updated, which means that\r\n // the expiration time has changed, so we need to restart\r\n // the expiration timer:\r\n _this.restartTokenExpirationTimer();\r\n // Although rare, the authorization state might be initiated\r\n // by calling renewAuthorization instead of requestAuthorization;\r\n // in this case we need to enable OpenID Session Management\r\n // on \"renewal\" success:\r\n _this.enableOpenIDSessionManagement();\r\n // Notify the API consumer about the authorization success:\r\n _this.emit(SGWTConnectEventList_1.EVENT_AUTH_RENEW_SUCCESS);\r\n if (callback) {\r\n callback(null);\r\n }\r\n }\r\n };\r\n // Securely handles the \"load\" event of the renewal iframe\r\n // by removing event listeners and the iframe itself;\r\n // also emits an error event in case no message was\r\n // received from the iframe before \"load\" event:\r\n var iframeLoadHandler = function (event) {\r\n // Make sure the event is genuine:\r\n if (!event.isTrusted) {\r\n return;\r\n }\r\n // We consider this event as genuine and can flag it as received\r\n // so that the iframe message event handler knows about it:\r\n isIframeLoaded = true;\r\n // The \"load\" event can only happen once, so the listener\r\n // is no longer needed:\r\n iframe.removeEventListener('load', iframeLoadHandler);\r\n // We can remove the iframe from the DOM if we have already\r\n // received the message from it:\r\n if (isMessageReceivedFromIframe) {\r\n document.body.removeChild(iframe);\r\n }\r\n };\r\n // Expecting the iframe to send us a message\r\n // from the redirect_uri page using cross-origin\r\n // messaging protocol with window.postMessage:\r\n window.addEventListener('message', iframeMessageHandler);\r\n // We need to listen to the \"load\" event because\r\n // we expect the iframe to load completely\r\n // before removing it from the DOM, otherwise\r\n // canceled resource requests may destroy already\r\n // loaded resources from the top-level window:\r\n iframe.addEventListener('load', iframeLoadHandler);\r\n // The iframe may never load or fail to send the message due to\r\n // changes in network, server failure, or some other error,\r\n // but we still need to emit+callback, so we use a timeout:\r\n iframeTimeoutTimer = window.setTimeout(function () {\r\n window.clearTimeout(iframeTimeoutTimer);\r\n // Cleanup event listeners:\r\n iframe.removeEventListener('load', iframeLoadHandler);\r\n window.removeEventListener('message', iframeMessageHandler);\r\n // Cleanup the DOM:\r\n document.body.removeChild(iframe);\r\n // Notify the API consumer about the renewal failure:\r\n var error = new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_RENEW_TIMEOUT);\r\n _this.emit(SGWTConnectEventList_1.EVENT_AUTH_RENEW_ERROR, error);\r\n if (callback) {\r\n callback(error);\r\n }\r\n }, this.periodicalRenewalTimeout);\r\n // Provide a way for setupSGWTConnect factory to figure out\r\n // whether the redirect is part of silent renewal or not:\r\n iframe.setAttribute(exports.SGWTConnectRenewalFrameAttribute, '');\r\n iframe.style.display = 'none';\r\n iframe.setAttribute('src', authorizationEndpoint);\r\n this.appendElementToDocumentWhenLoaded(iframe);\r\n return this;\r\n };\r\n /**\r\n * Ensures that DOM is loaded and appends the element to document body.\r\n * @param element Element to append to document body.\r\n */\r\n SGWTConnectCore.prototype.appendElementToDocumentWhenLoaded = function (element) {\r\n if (document.body) {\r\n document.body.appendChild(element);\r\n }\r\n else {\r\n var appendElementAndRemoveListener_1 = function () {\r\n window.removeEventListener('DOMContentLoaded', appendElementAndRemoveListener_1);\r\n document.body.appendChild(element);\r\n };\r\n window.addEventListener('DOMContentLoaded', appendElementAndRemoveListener_1);\r\n }\r\n };\r\n /**\r\n * Determines whether the given scope has been requested.\r\n *\r\n * this.hasRequestedScope('profile openid');\r\n */\r\n SGWTConnectCore.prototype.hasRequestedScope = function (checkedScope) {\r\n return isScopeListed_1.isScopeListed(checkedScope, this.config.scope);\r\n };\r\n /**\r\n * Resets the periodical renewal backoff delay.\r\n */\r\n SGWTConnectCore.prototype.resetRenewalBackoff = function () {\r\n this.periodicalRenewalBackoff = 1000;\r\n return this;\r\n };\r\n /**\r\n * Increments the periodical renewal backoff delay.\r\n *\r\n * Used to reduce authorization server load when periodical\r\n * renewals fail for some reason.\r\n */\r\n SGWTConnectCore.prototype.incrementRenewalBackoff = function () {\r\n this.periodicalRenewalBackoff *= 2;\r\n return this;\r\n };\r\n /**\r\n * Clears the token expiration timer.\r\n */\r\n SGWTConnectCore.prototype.clearTokenExpirationTimer = function () {\r\n if (typeof this.tokenExpirationTimer === 'number') {\r\n window.clearTimeout(this.tokenExpirationTimer);\r\n this.tokenExpirationTimer = null;\r\n }\r\n return this;\r\n };\r\n /**\r\n * Clears the existing token expiration timer and starts a new one.\r\n */\r\n SGWTConnectCore.prototype.restartTokenExpirationTimer = function () {\r\n var _this = this;\r\n // Ensure that there is only one timer at all times:\r\n this.clearTokenExpirationTimer();\r\n // Assuming that the client is currently authorized:\r\n var authorization = this.storage.getItem('AUTH');\r\n var timeUntilTokenExpiration = authorization.expires_at - Date.now();\r\n this.tokenExpirationTimer = window.setTimeout(function () {\r\n _this.emit(SGWTConnectEventList_1.EVENT_AUTH_EXPIRED);\r\n }, timeUntilTokenExpiration);\r\n return this;\r\n };\r\n /**\r\n * Obtains the timeout (in ms) until token renewal.\r\n */\r\n SGWTConnectCore.prototype.getRenewalTimeout = function () {\r\n var authorization = this.storage.getItem('AUTH');\r\n // Temporary workaround for the authorization endpoint issue,\r\n // revert to `- authorization.expires_in / 4` when possible:\r\n var renewalTime = authorization.expires_at - authorization.expires_in * 0.6;\r\n var renewalTimePositive = Math.max(renewalTime - Date.now(), 0);\r\n // The timeout should never be bigger than 2147483647, since setTimeout uses\r\n // a 32 bits number (cf. https://stackoverflow.com/a/3468650/26457)\r\n // When the token has an extremely long TTL such as 100 days, this timeout should\r\n // not exceed this 2147483647 value.\r\n return Math.min(renewalTimePositive, 2147483647);\r\n };\r\n /**\r\n * Renews the authorization token resiliently.\r\n *\r\n * When doing periodical renewal we must be resilient\r\n * on authorization failures and never abort the timer.\r\n * Even in case of an error we restart the timer,\r\n * but with an incrementally increasing interval\r\n * to avoid network saturation.\r\n */\r\n SGWTConnectCore.prototype.renewResiliently = function () {\r\n var _this = this;\r\n return this.renewAuthorization(function (error) {\r\n if (error) {\r\n _this.periodicalRenewalTimer = window.setTimeout(function () {\r\n _this.renewResiliently();\r\n }, _this.periodicalRenewalBackoff);\r\n _this.incrementRenewalBackoff();\r\n }\r\n else {\r\n _this.resetRenewalBackoff();\r\n }\r\n });\r\n };\r\n /**\r\n * Restarts an existing renewal timer.\r\n */\r\n SGWTConnectCore.prototype.restartRenewalTimer = function () {\r\n var _this = this;\r\n // Do not attempt to restart a non-existing timer:\r\n if (this.periodicalRenewalTimer === null) {\r\n return this;\r\n }\r\n // Every time the renewal is restarted we should reset\r\n // the renewal backoff delay:\r\n this.resetRenewalBackoff();\r\n // Cancel the current renewal timeout:\r\n window.clearTimeout(this.periodicalRenewalTimer);\r\n // Restart the renewal timer:\r\n this.periodicalRenewalTimer = window.setTimeout(function () {\r\n return _this.renewResiliently();\r\n }, this.getRenewalTimeout());\r\n return this;\r\n };\r\n /**\r\n * Enables OpenID session management if not previously enabled.\r\n */\r\n SGWTConnectCore.prototype.enableOpenIDSessionManagement = function () {\r\n var _this = this;\r\n // Make sure that the session management has not already been enabled:\r\n if (this.openIDCheckSessionIframe && this.openIDCheckSessionIframe.parentNode) {\r\n return this;\r\n }\r\n // Make sure that OpenID has actually been configured:\r\n if (!this.openIDMetadata || !this.hasRequestedScope('openid')) {\r\n return this;\r\n }\r\n // Enabling session management only makes sense\r\n // if the authorization has already been granted:\r\n if (!this.isAuthorized()) {\r\n return this;\r\n }\r\n // To check OpenID session we will be polling an iframe\r\n // loaded from check_session_iframe as recommended by\r\n // https://openid.net/specs/openid-connect-session-1_0.html#ChangeNotification\r\n this.openIDCheckSessionIframe = document.createElement('iframe');\r\n this.openIDCheckSessionIframe.style.display = 'none';\r\n this.openIDCheckSessionIframe.setAttribute(exports.SGWTConnectCheckSesssionFrameAttribute, '');\r\n // Expecting the iframe to send us a message using\r\n // messaging protocol with window.postMessage:\r\n window.addEventListener('message', this.handleOpenIDCheckSessionMessage.bind(this));\r\n // Securely handles the \"load\" event of the OpenID check_session_iframe:\r\n var checkSessionIframeLoadHandler = function (event) {\r\n // Make sure the event is genuine:\r\n if (!event.isTrusted) {\r\n return;\r\n }\r\n // Make sure that the iframe still exists:\r\n if (!_this.openIDCheckSessionIframe) {\r\n return;\r\n }\r\n // The \"load\" event can only happen once,\r\n // so the listener is no longer needed:\r\n _this.openIDCheckSessionIframe.removeEventListener('load', checkSessionIframeLoadHandler);\r\n // Start polling:\r\n _this.restartOpenIDSessionValidationTimer();\r\n };\r\n this.openIDCheckSessionIframe.addEventListener('load', checkSessionIframeLoadHandler);\r\n this.openIDCheckSessionIframe.setAttribute('src', this.openIDMetadata.check_session_iframe);\r\n this.appendElementToDocumentWhenLoaded(this.openIDCheckSessionIframe);\r\n return this;\r\n };\r\n /**\r\n * Disables OpenID session management.\r\n */\r\n SGWTConnectCore.prototype.disableOpenIDSessionManagement = function () {\r\n // Stop listening to messages:\r\n window.removeEventListener('message', this.handleOpenIDCheckSessionMessage);\r\n // Stop polling the check_session_iframe:\r\n if (typeof this.openIDCheckSessionTimerId === 'number') {\r\n window.clearTimeout(this.openIDCheckSessionTimerId);\r\n this.openIDCheckSessionTimerId = undefined;\r\n }\r\n // Remove the iframe:\r\n if (this.openIDCheckSessionIframe) {\r\n document.body.removeChild(this.openIDCheckSessionIframe);\r\n this.openIDCheckSessionIframe = undefined;\r\n }\r\n return this;\r\n };\r\n /**\r\n * Restarts OpenID session validation timer.\r\n */\r\n SGWTConnectCore.prototype.restartOpenIDSessionValidationTimer = function () {\r\n // There should be only one OpenID session validation timer:\r\n window.clearTimeout(this.openIDCheckSessionTimerId);\r\n // Schedule a new timer:\r\n this.openIDCheckSessionTimerId = window.setTimeout(this.validateOpenIDSession.bind(this), this.openIDCheckSessionTimerInterval);\r\n };\r\n /**\r\n * Validates the existing OpenID session.\r\n */\r\n SGWTConnectCore.prototype.validateOpenIDSession = function () {\r\n var _this = this;\r\n if (this.isAuthorized()) {\r\n // The current authorization state retrieved from the storage\r\n // indicates that the session is valid, however it might be\r\n // terminated already at the authorization server.\r\n // To validate the session, we need to send a message\r\n // to the check_session iframe, but before that we make sure\r\n // that we have metadata and that the check_session iframe\r\n // still exists in the DOM.\r\n if (!this.openIDMetadata) {\r\n return;\r\n }\r\n if (this.openIDCheckSessionIframe && this.openIDCheckSessionIframe.contentWindow) {\r\n var authorization = this.storage.getItem('AUTH');\r\n this.openIDCheckSessionIframe.contentWindow.postMessage(this.config.client_id + \" \" + authorization.session_state, this.openIDMetadata.check_session_iframe);\r\n this.restartOpenIDSessionValidationTimer();\r\n }\r\n else {\r\n // In case the check_session iframe no longer exists,\r\n // we try to recreate it be re-enabling session management:\r\n this.enableOpenIDSessionManagement();\r\n }\r\n }\r\n else {\r\n // In case the authorization state is lost (storage cleared)\r\n // we attempt a silent authorization renewal. If the session\r\n // is still valid on the authorization server, the renewal\r\n // should succeed and we just restart the timer; otherwise\r\n // we treat it as loss of authorization and act accordingly.\r\n this.renewAuthorization(function (error) {\r\n if (error) {\r\n _this.discardAuthorizationLocally();\r\n }\r\n else {\r\n _this.restartOpenIDSessionValidationTimer();\r\n }\r\n });\r\n }\r\n };\r\n /**\r\n * Securely handles events from check_session_iframe.\r\n * @param event MessageEvent\r\n */\r\n SGWTConnectCore.prototype.handleOpenIDCheckSessionMessage = function (event) {\r\n var _this = this;\r\n // Sanity checks:\r\n if (!this.openIDCheckSessionIframe || !this.openIDMetadata) {\r\n return;\r\n }\r\n // Make sure that the event comes from the check_session_iframe:\r\n if (event.source !== this.openIDCheckSessionIframe.contentWindow) {\r\n return;\r\n }\r\n if (!isSameOrigin_1.isSameOrigin(event.origin, this.openIDMetadata.check_session_iframe)) {\r\n return;\r\n }\r\n // Expecting event.data to be either \"unchanged\", \"changed\", or \"error\".\r\n // See https://openid.net/specs/openid-connect-session-1_0.html#RPiframe\r\n if (event.data === 'unchanged') {\r\n // Session has not changed, so we only notify\r\n // (mostly for logging and testing purposes):\r\n this.emit(SGWTConnectEventList_1.EVENT_OPENID_SESSION_UNCHANGED);\r\n }\r\n else if (event.data === 'changed') {\r\n this.emit(SGWTConnectEventList_1.EVENT_OPENID_SESSION_CHANGED);\r\n // Perform re-authentication with prompt=none\r\n // sending the old id_token as id_token_hint:\r\n var prevIdToken = this.getIdToken();\r\n var prevIdTokenClaims_1 = this.getIdTokenClaims();\r\n this.requestAuthorizationWithoutPrompt({ id_token_hint: prevIdToken }, function (error) {\r\n if (!error) {\r\n // If we receive a new ID Token for the same user\r\n // then we simply update the values\r\n var nextIdTokenClaims = _this.getIdTokenClaims();\r\n if (nextIdTokenClaims && prevIdTokenClaims_1 && nextIdTokenClaims.sub === prevIdTokenClaims_1.sub) {\r\n return;\r\n }\r\n }\r\n // In other cases, such as error response,\r\n // or absence of ID Token, or it was delivered\r\n // for another user, we discard authorization:\r\n _this.discardAuthorizationLocally();\r\n });\r\n }\r\n else if (event.data === 'error') {\r\n // In case of communication error with check_session_iframe\r\n // we notify the user and wait for fallback to periodical\r\n // renewal to check the session validity:\r\n this.emit(SGWTConnectEventList_1.EVENT_OPENID_CHECK_SESSION_ERROR, new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_OPENID_CHECK_SESSION_ERROR));\r\n }\r\n };\r\n return SGWTConnectCore;\r\n}(events_1.EventEmitter));\r\nexports.SGWTConnectCore = SGWTConnectCore;\r\n//# sourceMappingURL=SGWTConnectCore.js.map","\"use strict\";\r\n/* tslint:disable no-bitwise */\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.hash = void 0;\r\n/**\r\n * Generates a lossy hash of an object.\r\n *\r\n * Typed implementation of MD5 in JavaScript by Joseph's Myers.\r\n * This function is not intended to be crypto-secure.\r\n * @see http://www.myersdaily.org/joseph/javascript/md5-text.html\r\n */\r\nfunction hash(obj) {\r\n return hex(md51(\r\n // Keys are sorted to ensure that ordering of keys\r\n // does not affect the hashing result:\r\n Object.keys(obj).sort()\r\n .reduce(function (acc, key) { return acc + key + ':' + obj[key] + '|'; }, '|')));\r\n}\r\nexports.hash = hash;\r\nvar hexChr = '0123456789abcdef'.split('');\r\nfunction rhex(n) {\r\n var s = '';\r\n for (var i = 0; i < 4; i += 1) {\r\n s += hexChr[(n >> (i * 8 + 4)) & 0x0F]\r\n + hexChr[(n >> (i * 8)) & 0x0F];\r\n }\r\n return s;\r\n}\r\nfunction hex(x) {\r\n var h = '';\r\n for (var _i = 0, x_1 = x; _i < x_1.length; _i++) {\r\n var n = x_1[_i];\r\n h += rhex(n);\r\n }\r\n return h;\r\n}\r\nfunction md5cycle(x, k) {\r\n var a = x[0];\r\n var b = x[1];\r\n var c = x[2];\r\n var d = x[3];\r\n a = ff(a, b, c, d, k[0], 7, -680876936);\r\n d = ff(d, a, b, c, k[1], 12, -389564586);\r\n c = ff(c, d, a, b, k[2], 17, 606105819);\r\n b = ff(b, c, d, a, k[3], 22, -1044525330);\r\n a = ff(a, b, c, d, k[4], 7, -176418897);\r\n d = ff(d, a, b, c, k[5], 12, 1200080426);\r\n c = ff(c, d, a, b, k[6], 17, -1473231341);\r\n b = ff(b, c, d, a, k[7], 22, -45705983);\r\n a = ff(a, b, c, d, k[8], 7, 1770035416);\r\n d = ff(d, a, b, c, k[9], 12, -1958414417);\r\n c = ff(c, d, a, b, k[10], 17, -42063);\r\n b = ff(b, c, d, a, k[11], 22, -1990404162);\r\n a = ff(a, b, c, d, k[12], 7, 1804603682);\r\n d = ff(d, a, b, c, k[13], 12, -40341101);\r\n c = ff(c, d, a, b, k[14], 17, -1502002290);\r\n b = ff(b, c, d, a, k[15], 22, 1236535329);\r\n a = gg(a, b, c, d, k[1], 5, -165796510);\r\n d = gg(d, a, b, c, k[6], 9, -1069501632);\r\n c = gg(c, d, a, b, k[11], 14, 643717713);\r\n b = gg(b, c, d, a, k[0], 20, -373897302);\r\n a = gg(a, b, c, d, k[5], 5, -701558691);\r\n d = gg(d, a, b, c, k[10], 9, 38016083);\r\n c = gg(c, d, a, b, k[15], 14, -660478335);\r\n b = gg(b, c, d, a, k[4], 20, -405537848);\r\n a = gg(a, b, c, d, k[9], 5, 568446438);\r\n d = gg(d, a, b, c, k[14], 9, -1019803690);\r\n c = gg(c, d, a, b, k[3], 14, -187363961);\r\n b = gg(b, c, d, a, k[8], 20, 1163531501);\r\n a = gg(a, b, c, d, k[13], 5, -1444681467);\r\n d = gg(d, a, b, c, k[2], 9, -51403784);\r\n c = gg(c, d, a, b, k[7], 14, 1735328473);\r\n b = gg(b, c, d, a, k[12], 20, -1926607734);\r\n a = hh(a, b, c, d, k[5], 4, -378558);\r\n d = hh(d, a, b, c, k[8], 11, -2022574463);\r\n c = hh(c, d, a, b, k[11], 16, 1839030562);\r\n b = hh(b, c, d, a, k[14], 23, -35309556);\r\n a = hh(a, b, c, d, k[1], 4, -1530992060);\r\n d = hh(d, a, b, c, k[4], 11, 1272893353);\r\n c = hh(c, d, a, b, k[7], 16, -155497632);\r\n b = hh(b, c, d, a, k[10], 23, -1094730640);\r\n a = hh(a, b, c, d, k[13], 4, 681279174);\r\n d = hh(d, a, b, c, k[0], 11, -358537222);\r\n c = hh(c, d, a, b, k[3], 16, -722521979);\r\n b = hh(b, c, d, a, k[6], 23, 76029189);\r\n a = hh(a, b, c, d, k[9], 4, -640364487);\r\n d = hh(d, a, b, c, k[12], 11, -421815835);\r\n c = hh(c, d, a, b, k[15], 16, 530742520);\r\n b = hh(b, c, d, a, k[2], 23, -995338651);\r\n a = ii(a, b, c, d, k[0], 6, -198630844);\r\n d = ii(d, a, b, c, k[7], 10, 1126891415);\r\n c = ii(c, d, a, b, k[14], 15, -1416354905);\r\n b = ii(b, c, d, a, k[5], 21, -57434055);\r\n a = ii(a, b, c, d, k[12], 6, 1700485571);\r\n d = ii(d, a, b, c, k[3], 10, -1894986606);\r\n c = ii(c, d, a, b, k[10], 15, -1051523);\r\n b = ii(b, c, d, a, k[1], 21, -2054922799);\r\n a = ii(a, b, c, d, k[8], 6, 1873313359);\r\n d = ii(d, a, b, c, k[15], 10, -30611744);\r\n c = ii(c, d, a, b, k[6], 15, -1560198380);\r\n b = ii(b, c, d, a, k[13], 21, 1309151649);\r\n a = ii(a, b, c, d, k[4], 6, -145523070);\r\n d = ii(d, a, b, c, k[11], 10, -1120210379);\r\n c = ii(c, d, a, b, k[2], 15, 718787259);\r\n b = ii(b, c, d, a, k[9], 21, -343485551);\r\n x[0] = add32(a, x[0]);\r\n x[1] = add32(b, x[1]);\r\n x[2] = add32(c, x[2]);\r\n x[3] = add32(d, x[3]);\r\n}\r\nfunction cmn(q, a, b, x, s, t) {\r\n a = add32(add32(a, q), add32(x, t));\r\n return add32((a << s) | (a >>> (32 - s)), b);\r\n}\r\nfunction add32(a, b) {\r\n return (a + b) & 0xFFFFFFFF;\r\n}\r\nfunction ff(a, b, c, d, x, s, t) {\r\n return cmn((b & c) | ((~b) & d), a, b, x, s, t);\r\n}\r\nfunction gg(a, b, c, d, x, s, t) {\r\n return cmn((b & d) | (c & (~d)), a, b, x, s, t);\r\n}\r\nfunction hh(a, b, c, d, x, s, t) {\r\n return cmn(b ^ c ^ d, a, b, x, s, t);\r\n}\r\nfunction ii(a, b, c, d, x, s, t) {\r\n return cmn(c ^ (b | (~d)), a, b, x, s, t);\r\n}\r\nfunction md51(s) {\r\n var n = s.length;\r\n var state = [1732584193, -271733879, -1732584194, 271733878];\r\n var tail = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];\r\n var i;\r\n for (i = 64; i <= s.length; i += 64) {\r\n md5cycle(state, md5blk(s.substring(i - 64, i)));\r\n }\r\n s = s.substring(i - 64);\r\n for (i = 0; i < s.length; i += 1) {\r\n tail[i >> 2] |= s.charCodeAt(i) << ((i % 4) << 3);\r\n }\r\n tail[i >> 2] |= 0x80 << ((i % 4) << 3);\r\n if (i > 55) {\r\n md5cycle(state, tail);\r\n for (i = 0; i < 16; i += 1) {\r\n tail[i] = 0;\r\n }\r\n }\r\n tail[14] = n * 8;\r\n md5cycle(state, tail);\r\n return state;\r\n}\r\nfunction md5blk(s) {\r\n var md5blks = [];\r\n for (var i = 0; i < 64; i += 4) {\r\n md5blks[i >> 2] = s.charCodeAt(i)\r\n + (s.charCodeAt(i + 1) << 8)\r\n + (s.charCodeAt(i + 2) << 16)\r\n + (s.charCodeAt(i + 3) << 24);\r\n }\r\n return md5blks;\r\n}\r\n//# sourceMappingURL=SGWTConnectHash.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\n//# sourceMappingURL=SGWTConnectIdTokenClaims.js.map","\"use strict\";\r\nvar __extends = (this && this.__extends) || (function () {\r\n var extendStatics = function (d, b) {\r\n extendStatics = Object.setPrototypeOf ||\r\n ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||\r\n function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };\r\n return extendStatics(d, b);\r\n };\r\n return function (d, b) {\r\n if (typeof b !== \"function\" && b !== null)\r\n throw new TypeError(\"Class extends value \" + String(b) + \" is not a constructor or null\");\r\n extendStatics(d, b);\r\n function __() { this.constructor = d; }\r\n d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());\r\n };\r\n})();\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.SGWTConnectNoop = void 0;\r\nvar SGWTConnectCore_1 = require(\"./SGWTConnectCore\");\r\n/**\r\n * Alternative implementation of SGWTConnectCore.\r\n *\r\n * This class should only be instantiated and used\r\n * when the user is on redirect_uri or in an iframe.\r\n * See explanation in setupSGWTConnect.ts\r\n */\r\nvar SGWTConnectNoop = /** @class */ (function (_super) {\r\n __extends(SGWTConnectNoop, _super);\r\n function SGWTConnectNoop() {\r\n return _super !== null && _super.apply(this, arguments) || this;\r\n }\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.requestAuthorization = function () {\r\n return this;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.discardAuthorization = function () {\r\n return this;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.renewAuthorization = function () {\r\n return this;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.isAuthorized = function () {\r\n return false;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.getAuthorizationError = function () {\r\n return null;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.getAuthorizationHeader = function () {\r\n return null;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.getGrantedScope = function () {\r\n return null;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.hasGrantedScope = function () {\r\n return false;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.getIdToken = function () {\r\n return null;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.getIdTokenClaims = function () {\r\n return null;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.enablePeriodicalRenewal = function () {\r\n return this;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.disablePeriodicalRenewal = function () {\r\n return this;\r\n };\r\n return SGWTConnectNoop;\r\n}(SGWTConnectCore_1.SGWTConnectCore));\r\nexports.SGWTConnectNoop = SGWTConnectNoop;\r\n//# sourceMappingURL=SGWTConnectNoop.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.createOpenIDMetadataFetcher = void 0;\r\nvar isObject_1 = require(\"./isObject\");\r\nvar SGWTConnectError_1 = require(\"./SGWTConnectError\");\r\nvar SGWTConnectErrorList_1 = require(\"./SGWTConnectErrorList\");\r\n/**\r\n * Generates a function that upon invocation asynchronously\r\n * fetches OpenID Metadata from the OpenID Provider.\r\n * @param authorization_endpoint OpenID Provider's endpoint URL.\r\n */\r\nfunction createOpenIDMetadataFetcher(authorization_endpoint) {\r\n return function fetchOpenIDMetadata(callback) {\r\n var xhr = new XMLHttpRequest();\r\n xhr.open('GET', authorization_endpoint + \"/oauth2/.well-known/openid-configuration\");\r\n xhr.setRequestHeader('Accept', 'application/json');\r\n xhr.addEventListener('load', function onOpenIDMetadataLoad() {\r\n if (xhr.status === 200) {\r\n var openIDMetadata = void 0;\r\n try {\r\n openIDMetadata = JSON.parse(xhr.responseText);\r\n }\r\n catch (_a) {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_PARSE_OPENID_METADATA));\r\n return;\r\n }\r\n if (isValidOpenIDMetadata(openIDMetadata)) {\r\n callback(openIDMetadata);\r\n }\r\n else {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_VALIDATE_OPENID_METADATA));\r\n }\r\n }\r\n else {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_FETCH_OPENID_METADATA));\r\n }\r\n });\r\n xhr.send();\r\n };\r\n}\r\nexports.createOpenIDMetadataFetcher = createOpenIDMetadataFetcher;\r\n/**\r\n * Determines whether the given OpenID Configuration is valid.\r\n * @param openIDMetadata JSON-parsed value obtained from the Discovery API.\r\n */\r\nfunction isValidOpenIDMetadata(openIDMetadata) {\r\n return isObject_1.isObject(openIDMetadata) &&\r\n typeof openIDMetadata.check_session_iframe === 'string' &&\r\n typeof openIDMetadata.end_session_endpoint === 'string';\r\n}\r\n//# sourceMappingURL=SGWTConnectOpenIDMetadata.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.setupSGWTConnect = void 0;\r\nvar isScopeListed_1 = require(\"./isScopeListed\");\r\nvar SGWTConnectConfiguration_1 = require(\"./SGWTConnectConfiguration\");\r\nvar SGWTConnectCore_1 = require(\"./SGWTConnectCore\");\r\nvar SGWTConnectErrorList_1 = require(\"./SGWTConnectErrorList\");\r\nvar SGWTConnectHash_1 = require(\"./SGWTConnectHash\");\r\nvar SGWTConnectNoop_1 = require(\"./SGWTConnectNoop\");\r\nvar SGWTConnectOpenIDMetadata_1 = require(\"./SGWTConnectOpenIDMetadata\");\r\nvar SGWTConnectRedirectUri_1 = require(\"./SGWTConnectRedirectUri\");\r\nvar SGWTConnectServerResponse_1 = require(\"./SGWTConnectServerResponse\");\r\nvar SGWTConnectStorage_1 = require(\"./SGWTConnectStorage\");\r\n/**\r\n * SGWTConnect instance factory.\r\n *\r\n * Determines the execution environment (top-level window or iframe),\r\n * instantiates the relevant SGWTConnect class with the given configuration,\r\n * and handles authorization redirects in the top-level window.\r\n */\r\nfunction setupSGWTConnect(userConfig) {\r\n var config = SGWTConnectConfiguration_1.normalizeConfiguration(userConfig, location);\r\n // Ensure that the stored token and other data have been obtained\r\n // using the current configuration options (note that we're not\r\n // using JSON.stringify here because it will generate different\r\n // results for identical configurations with different ordering\r\n // of keys in them):\r\n var storage = new SGWTConnectStorage_1.SGWTConnectStorage(SGWTConnectHash_1.hash(config));\r\n // Check if we're currently on the redirect_uri page:\r\n if (SGWTConnectRedirectUri_1.isOnRedirectUri(config, location)) {\r\n // Check if we are currently in a silent renewal iframe:\r\n if (window.frameElement && window.frameElement.hasAttribute(SGWTConnectCore_1.SGWTConnectRenewalFrameAttribute)) {\r\n // We only message the top-level window if the iframe's URI\r\n // matches the redirect URI exactly (without the fragment):\r\n window.parent.postMessage({\r\n type: 'SGWTConnectFragment',\r\n fragment: location.hash\r\n }, config.redirect_uri);\r\n // Because we are currently on the redirect_uri page, we must not\r\n // return the fully-functional API as this may result in undesired\r\n // behavior and infinite reload, but we still need to return a\r\n // compliant API to prevent JS runtime errors on the page, so we\r\n // return a dummy API where most methods are noop:\r\n return new SGWTConnectNoop_1.SGWTConnectNoop(config, storage);\r\n }\r\n // We are currently doing a hard redirect.\r\n // Extract the authorization server response from the current URL fragment:\r\n var authorization = SGWTConnectServerResponse_1.normalizeAuthServerResponse(SGWTConnectServerResponse_1.parseOAuth2Fragment(window.location.hash));\r\n var stateInResponse = authorization.state;\r\n // Cross-Site Request Forgery (CSRF) protection:\r\n var stateInStore = storage.getItem(stateInResponse + \".STATE\");\r\n if (stateInResponse === stateInStore) {\r\n // Persist the authorization server response prior to emitting\r\n // events and calling the completion callback so that the token\r\n // is available to the completion event handlers (note that\r\n // the server response might be a failed one):\r\n storage.setItem('AUTH', authorization);\r\n }\r\n else if (stateInStore) {\r\n // The \"state\" parameter failed to match; it may be dangerous\r\n // to keep the received server response, so we replace it\r\n // with a custom \"state_mismatch\" error response:\r\n var authError = {\r\n error: SGWTConnectErrorList_1.ERR_STATE_MISMATCH\r\n };\r\n storage.setItem('AUTH', authError);\r\n }\r\n // We are currently on the \"redirect_uri\", but the user most\r\n // probably initiated the authorization process from another\r\n // URI, so we need to redirect them back there (or to home\r\n // page if RETURN_URL has been cleared):\r\n var returnUrl = storage.getItem(stateInResponse + \".RETURN_URL\") ||\r\n window.location.protocol + \"//\" + window.location.host;\r\n // location.replace doesn't reload the page if only the fragment\r\n // has changed, so we need the following workaround to force\r\n // the page reload, but also to set the fragment of the returnUrl:\r\n if (returnUrl.indexOf('#') !== -1 && location.href.split('#')[0] === returnUrl.split('#')[0]) {\r\n window.location.hash = returnUrl.split('#')[1];\r\n window.location.reload(true);\r\n }\r\n else {\r\n window.location.replace(returnUrl);\r\n }\r\n // Because we are currently on the redirect_uri page, we must not\r\n // return the fully-functional API as this may result in undesired\r\n // behavior and infinite reload, but we still need to return a\r\n // compliant API to prevent JS runtime errors on the page, so we\r\n // return a dummy API where most methods are noop:\r\n return new SGWTConnectNoop_1.SGWTConnectNoop(config, storage);\r\n }\r\n // We are NOT on the redirect_uri page, do we have authorization?:\r\n var auth = storage.getItem('AUTH');\r\n // Clean up the storage of values needed during redirects:\r\n if (auth) {\r\n storage.removeItem(auth.state + \".STATE\");\r\n storage.removeItem(auth.state + \".RETURN_URL\");\r\n }\r\n // Clean up the storage of the expired tokens:\r\n storage.clearBy(function (value, key) {\r\n return key.indexOf('AUTH') !== -1 && value.expires_at < Date.now();\r\n });\r\n // At this point we know that this code is running in the top-level window,\r\n // (not in iframe) so we can instantiate a fully-functional API:\r\n var sgwtConnect = isScopeListed_1.isScopeListed('openid', config.scope)\r\n ? new SGWTConnectCore_1.SGWTConnectCore(config, storage, SGWTConnectOpenIDMetadata_1.createOpenIDMetadataFetcher(config.authorization_endpoint))\r\n : new SGWTConnectCore_1.SGWTConnectCore(config, storage);\r\n // Checking if the authorization has been explicitly granted:\r\n if (sgwtConnect.isAuthorized()) {\r\n // The user-friendly behavior is to have periodical renewal enabled by default:\r\n return sgwtConnect.enablePeriodicalRenewal();\r\n }\r\n // Checking if the authorization has been explicitly denied:\r\n if (auth && auth.error) {\r\n if (auth.markedForDeletion) {\r\n storage.removeItem('AUTH');\r\n }\r\n else {\r\n auth.markedForDeletion = true;\r\n storage.setItem('AUTH', auth);\r\n }\r\n }\r\n return sgwtConnect;\r\n}\r\nexports.setupSGWTConnect = setupSGWTConnect;\r\n//# sourceMappingURL=setupSGWTConnect.js.map","\"use strict\";\r\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\r\n if (k2 === undefined) k2 = k;\r\n Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\r\n}) : (function(o, m, k, k2) {\r\n if (k2 === undefined) k2 = k;\r\n o[k2] = m[k];\r\n}));\r\nvar __exportStar = (this && this.__exportStar) || function(m, exports) {\r\n for (var p in m) if (p !== \"default\" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);\r\n};\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\n/**\r\n * @module SGWTConnectCore\r\n * @description\r\n * Entry point for all public APIs and interfaces of the @sgwt/connect-core package.\r\n */\r\n__exportStar(require(\"./src/SGWTConnectErrorList\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectError\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectEventList\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectConfiguration\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectStorage\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectCore\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectHash\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectIdTokenClaims\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectOpenIDUserInfo\"), exports);\r\n__exportStar(require(\"./src/setupSGWTConnect\"), exports);\r\n//# sourceMappingURL=index.js.map","import { setupSGWTConnect, EVENT_AUTH_DISCARDED, EVENT_AUTH_EXPIRED, EVENT_AUTH_RENEW_ERROR, EVENT_AUTH_RENEW_SUCCESS } from '@sgwt/connect-core';\n\nfunction getUriWithSearchParams(appConfig, uri, params) {\n var _a;\n const req = new URL((_a = appConfig === null || appConfig === void 0 ? void 0 : appConfig.api.endpoint) !== null && _a !== void 0 ? _a : \"\", window.location.protocol + \"//\" + window.location.host);\n req.pathname += uri;\n params.forEach((value) => {\n req.searchParams.append(value[0], value[1]);\n });\n return req;\n}\nconst Http = {\n get: (uri, params, abortSignal, globalContext) => {\n var _a;\n const authorizationHeader = (_a = globalContext.sgConnect) === null || _a === void 0 ? void 0 : _a.getAuthorizationHeader();\n if (authorizationHeader) {\n const req = getUriWithSearchParams(globalContext.appConfig, uri, params);\n return fetch(req.href, {\n method: \"GET\",\n headers: new Headers({\n Authorization: authorizationHeader,\n \"X-Client-Scope\": globalContext.clientScopeCode\n }),\n signal: abortSignal\n });\n }\n return Promise.reject(new Error(\"No Authorization found\"));\n },\n post: (uri, params, body, abortSignal, globalContext) => {\n var _a;\n const authorizationHeader = (_a = globalContext.sgConnect) === null || _a === void 0 ? void 0 : _a.getAuthorizationHeader();\n if (authorizationHeader) {\n const req = getUriWithSearchParams(globalContext.appConfig, uri, params);\n return fetch(req.href, {\n method: \"POST\",\n headers: new Headers({\n Authorization: authorizationHeader,\n \"X-Client-Scope\": globalContext.clientScopeCode,\n \"Content-Type\": \"application/json\"\n }),\n body: JSON.stringify(body),\n signal: abortSignal\n });\n }\n return Promise.reject(new Error(\"No Authorization found\"));\n },\n put: (uri, params, body, abortSignal, globalContext) => {\n var _a;\n const authorizationHeader = (_a = globalContext.sgConnect) === null || _a === void 0 ? void 0 : _a.getAuthorizationHeader();\n if (authorizationHeader) {\n const req = getUriWithSearchParams(globalContext.appConfig, uri, params);\n return fetch(req.href, {\n method: \"PUT\",\n headers: new Headers({\n Authorization: authorizationHeader,\n \"X-Client-Scope\": globalContext.clientScopeCode,\n \"Content-Type\": \"application/json\"\n }),\n body: JSON.stringify(body),\n signal: abortSignal\n });\n }\n return Promise.reject(new Error(\"No Authorization found\"));\n },\n patch: (uri, params, body, abortSignal, globalContext) => {\n var _a;\n const authorizationHeader = (_a = globalContext.sgConnect) === null || _a === void 0 ? void 0 : _a.getAuthorizationHeader();\n if (authorizationHeader) {\n const req = getUriWithSearchParams(globalContext.appConfig, uri, params);\n return fetch(req.href, {\n method: \"PATCH\",\n headers: new Headers({\n Authorization: authorizationHeader,\n \"X-Client-Scope\": globalContext.clientScopeCode,\n \"Content-Type\": \"application/json\"\n }),\n body: JSON.stringify(body),\n signal: abortSignal\n });\n }\n return Promise.reject(new Error(\"No Authorization found\"));\n },\n delete: (uri, params, abortSignal, globalContext) => {\n var _a;\n const authorizationHeader = (_a = globalContext.sgConnect) === null || _a === void 0 ? void 0 : _a.getAuthorizationHeader();\n if (authorizationHeader) {\n const req = getUriWithSearchParams(globalContext.appConfig, uri, params);\n return fetch(req.href, {\n method: \"DELETE\",\n headers: new Headers({\n Authorization: authorizationHeader,\n \"X-Client-Scope\": globalContext.clientScopeCode\n }),\n signal: abortSignal\n });\n }\n return Promise.reject(new Error(\"No Authorization found\"));\n }\n};\n\nconst BUS_TOPIC_GLOBALLANGUAGE = \"global.language\";\nfunction getWidgetBus() {\n const widgetConfiguration = window.SGWTWidgetConfiguration;\n return widgetConfiguration && widgetConfiguration.bus ? widgetConfiguration.bus : null;\n}\nfunction getWidget(tagName) {\n return document.querySelector(tagName);\n}\n\nconst getSgwtConnectCore = (appConfig) => {\n let sgwtConnectCore = setupSGWTConnect({\n authorization_endpoint: appConfig.sgConnect.endPoint,\n client_id: appConfig.sgConnect.clientId,\n redirect_uri: appConfig.publicBaseUrl + \"silent_renew.html\",\n scope: appConfig.sgConnect.scopes,\n acr_values: appConfig.sgConnect.level\n });\n if (sgwtConnectCore.on) {\n sgwtConnectCore.on(EVENT_AUTH_DISCARDED, () => {\n console.info(\"Token is no longer available on the client side.\");\n });\n sgwtConnectCore.on(EVENT_AUTH_EXPIRED, () => {\n console.info(\"Token is no longer valid.\");\n });\n sgwtConnectCore.on(EVENT_AUTH_RENEW_ERROR, (error) => {\n console.error(\"Failed to renew the token\", error);\n });\n sgwtConnectCore.on(EVENT_AUTH_RENEW_SUCCESS, () => {\n console.info(\"A fresh token has been acquired.\");\n });\n }\n return sgwtConnectCore;\n};\nfunction setupWidgetConfiguration(appConfig) {\n window.SGWTWidgetConfiguration.environment = appConfig.sgConnect.SGWTWidgetConfiguration.environment;\n console.info(\"SGWTWidgetConfiguration set to: \", appConfig.sgConnect.SGWTWidgetConfiguration.environment);\n}\nfunction setupSgwtConnectWidget(appConfig) {\n const sgwtConnectCore = getSgwtConnectCore(appConfig);\n const widget = getWidget(\"sgwt-connect\");\n if (widget) {\n if (typeof widget.setSgwtConnectInstance === \"undefined\") {\n const handleSgwtConnectReady = () => {\n widget.setSgwtConnectInstance(sgwtConnectCore);\n console.info(\"widget is initialized, removing sgwt-connect--ready listener...\", widget.sgwtConnect);\n widget.removeEventListener(\"sgwt-connect--ready\", handleSgwtConnectReady);\n };\n widget.addEventListener(\"sgwt-connect--ready\", handleSgwtConnectReady);\n } else {\n widget.setSgwtConnectInstance(sgwtConnectCore);\n console.info(\"widget is initialized\", widget.sgwtConnect);\n }\n }\n return sgwtConnectCore;\n}\n\nclass SgwtWidgetDummyModule {\n}\n\nexport { BUS_TOPIC_GLOBALLANGUAGE, Http, SgwtWidgetDummyModule, getWidgetBus, setupSgwtConnectWidget, setupWidgetConfiguration };\n//# sourceMappingURL=main.es.js.map\n","import { ApplicationConfiguration } from '@sgmo/shared';\n\nexport function getConfig(): ApplicationConfiguration {\n\treturn window.sgmeConfiguration;\n}\n"],"names":["__extends","this","SGWTConnectError_1","require$$0","isScopeListed_1","normalizeUrl_1","require$$1","SGWTConnectServerResponse_1","require$$2","SGWTConnectRedirectUri_1","SGWTConnectStorage_1","isSameOrigin_1","isObject_1","SGWTConnectErrorList_1","require$$3","require$$4","require$$5","require$$6","require$$7","require$$8","SGWTConnectNoop_1","SGWTConnectCore_1","setupSGWTConnect_1","require$$9","setupSGWTConnect","EVENT_AUTH_DISCARDED","EVENT_AUTH_EXPIRED","EVENT_AUTH_RENEW_ERROR","EVENT_AUTH_RENEW_SUCCESS"],"mappings":"AAAA,KAAM,IAAI,UAAoB,CAC1B,KAAM,GAAU,SAAS,cAAc,MAAM,EAAE,QAC/C,GAAI,GAAW,EAAQ,UAAY,EAAQ,SAAS,eAAe,EAC/D,OAEJ,SAAW,KAAQ,UAAS,iBAAiB,2BAA2B,EACpE,EAAe,CAAI,EAEvB,GAAI,kBAAiB,AAAC,GAAc,CAChC,SAAW,KAAY,GACnB,GAAI,EAAS,OAAS,YAGtB,SAAW,KAAQ,GAAS,WACxB,AAAI,EAAK,UAAY,QAAU,EAAK,MAAQ,iBACxC,EAAe,CAAI,CAGvC,CAAK,EAAE,QAAQ,SAAU,CAAE,UAAW,GAAM,QAAS,EAAI,CAAE,EACvD,WAAsB,EAAQ,CAC1B,KAAM,GAAY,CAAA,EAClB,MAAI,GAAO,WACP,GAAU,UAAY,EAAO,WAC7B,EAAO,gBACP,GAAU,eAAiB,EAAO,gBACtC,AAAI,EAAO,cAAgB,kBACvB,EAAU,YAAc,UACvB,AAAI,EAAO,cAAgB,YAC5B,EAAU,YAAc,OAExB,EAAU,YAAc,cACrB,CACV,CACD,WAAwB,EAAM,CAC1B,GAAI,EAAK,GAEL,OACJ,EAAK,GAAK,GAEV,KAAM,GAAY,EAAa,CAAI,EACnC,MAAM,EAAK,KAAM,CAAS,CAC7B,CACL,EAAE,AAAoB,GAAG,khBCzCzB,OAAO,eAAe,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACP,EAAA,kFAA+C,EAAA,2CAA2F,EAAA,+BAA6D,EAAA,mDAAiD,EAAA,yFAA6D,EAAA,oCAAqG,EAAA,sFAAiD,EAAA,2CAAqD,EAAA,+BAAyC,EAAA,0CAAyF,EAAA,sEAAmD,EAAA,0BAAkF,EAAA,uCAAqC,EAAA,2BAA8C,EAAA,8DAAqC,EAAA,iCAAuE,EAAA,kEAAwD,EAAA,+BAAyC,EAAA,+BAAyC,EAAA,mBAAyE,EAAA,gEAAsC,EAAA,wCAAqF,EAAA,4BAAuC,EAAA,6BAA2B,EAAA,iDAA2C,EAAA,kBAA6E,EAAA,0EAA2C,EAAA,8BAAwC,EAAA,kBAA4B,EAAA,oCAA6E,EAAA,0DAA6C,EAAA,oBAAmE,EAAA,8BAA4B,EAAA,kBAAuC,EAAA,gDAA8B,EAAA,uCAAiD,EAAA,2BAAqC,EAAA,+BAAmE,EAAA,mBAAG,OACp/D,EAAA,wFAAkD,EAAA,8CAAiG,EAAA,kCAAG,OAcpL,EAAA,mBAAG,iBACS,EAAA,+BAAG;AAAA;AAAA;AAAA,EAOP,EAAA,2BAAG,yBACS,EAAA,uCAAG;AAAA;AAAA;AAAA,EAOzB,EAAA,iBAAG,eACS,EAAA,6BAAG;AAAA;AAAA;AAAA,EAOd,EAAA,kBAAG,gBACS,EAAA,8BAAG;AAAA;AAAA;AAAA;AAAA,EAcb,EAAA,oBAAG,kBACS,EAAA,gCAAG;AAAA;AAAA;AAAA,EASX,EAAA,wBAAG,sBACS,EAAA,oCAAG;AAAA;AAAA;AAAA,EAQrB,EAAA,kBAAG,gBACS,EAAA,8BAAG;AAAA;AAAA,EASH,EAAA,8BAAG,4BACS,EAAA,0CAAG;AAAA;AAAA;AAAA;AAAA;AAAA,EAQ3B,EAAA,kBAAG,gBACS,EAAA,8BAAG;AAAA;AAAA,EAYhB,EAAA,iBAAG,eACS,EAAA,6BAAG;AAAA;AAAA;AAAA;AAAA;AAAA,EAYJ,EAAA,4BAAG,0BACS,EAAA,wCAAG;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAgBlB,EAAA,yBAAG,uBACS,EAAA,qCAAG;AAAA;AAAA;AAAA,EAYrB,EAAA,mBAAG,iBACS,EAAA,+BAAG;AAAA;AAAA,EAcH,EAAA,+BAAG,6BACS,EAAA,2CAAG;AAAA;AAAA;AAAA;AAAA,EAYzB,EAAA,qBAAG,mBACS,EAAA,iCAAG;AAAA;AAAA,EASZ,EAAA,wBAAG,sBACS,EAAA,oCAAG;AAAA;AAAA;AAAA;AAAA;AAAA,EAQZ,EAAA,2BAAG,yBACS,EAAA,uCAAG;AAAA;AAAA;AAAA;AAAA,EAShB,EAAA,0BAAG,wBACS,EAAA,sCAAG;AAAA;AAAA,EASX,EAAA,8BAAG,4BACS,EAAA,0CAAG;AAAA;AAAA,EASd,EAAA,+BAAG,6BACS,EAAA,2CAAG;AAAA;AAAA,EASV,EAAA,oCAAG,mCACS,EAAA,gDAAG;AAAA;AAAA,EAKf,EAAA,oCAAG,kCACS,EAAA,gDAAG;AAAA;AAAA,EAKZ,EAAA,uCAAG,qCACS,EAAA,mDAAG;AAAA;AAAA,EAOvB,EAAA,+BAAG,sBACS,EAAA,2CAAG;AAAA;AAAA,EASZ,EAAA,kCAAG,iCACS,EAAA,8CAAG;AAAA;AAAA,EAKf,EAAA,kCAAG,gCACS,EAAA,8CAAG;AAAA;AAAA,EAKZ,EAAA,qCAAG,mCACS,EAAA,iDAAG;AAAA;AAAA,WCvRvDA,GAAaC,GAAQA,EAAK,WAAe,UAAY,CACrD,GAAI,GAAgB,SAAU,EAAG,EAAG,CAChC,SAAgB,OAAO,gBAClB,CAAE,UAAW,CAAA,YAAgB,QAAS,SAAU,EAAG,EAAG,CAAE,EAAE,UAAY,CAAE,GACzE,SAAU,EAAG,EAAG,CAAE,OAAS,KAAK,GAAG,AAAI,OAAO,UAAU,eAAe,KAAK,EAAG,CAAC,GAAG,GAAE,GAAK,EAAE,KACzF,EAAc,EAAG,CAAC,CACjC,EACI,MAAO,UAAU,EAAG,EAAG,CACnB,GAAI,MAAO,IAAM,YAAc,IAAM,KACjC,KAAM,IAAI,WAAU,uBAAyB,OAAO,CAAC,EAAI,+BAA+B,EAC5F,EAAc,EAAG,CAAC,EAClB,YAAc,CAAE,KAAK,YAAc,CAAI,CACvC,EAAE,UAAY,IAAM,KAAO,OAAO,OAAO,CAAC,EAAK,GAAG,UAAY,EAAE,UAAW,GAAI,GACvF,CACA,IACA,OAAO,eAAeC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACpCA,EAAA,iBAAG,OAC3B,GAAI,IAAYC,EAOZ,GAAkC,SAAU,EAAQ,CACpDH,GAAU,EAAkB,CAAM,EAClC,WAA0B,EAAM,CAC5B,GAAI,GAAQ,KACR,EAAe,OAAS,EAAK,YAAW,EAAK,eAC7C,EAAc,GAAU,GAC5B,SAAQ,EAAO,KAAK,KAAM,oBAAsB,EAAK,cAAgB,IAAM,CAAW,GAAK,KAK3F,OAAO,eAAe,EAAO,EAAiB,SAAS,EAIvD,EAAM,KAAO,EACN,CACV,CACD,MAAO,EACX,EAAE,KAAK,EACiBE,EAAA,iBAAG,YC5C3B,OAAO,eAAe,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5D,EAAA,iCAAiF,EAAA,+BAAuC,EAAA,iEAA+C,EAAA,yBAAmC,EAAA,uBAA2D,EAAA,0CAAkC,OAI3Q,EAAA,qBAAG,yBAIL,EAAA,mBAAG,uBAIC,EAAA,uBAAG,0BAID,EAAA,yBAAG,4BAIM,EAAA,kCAAG,2BAIR,EAAA,6BAAG,4BAID,EAAA,+BAAG,8BAID,EAAA,iCAAG,wCCjC3C,OAAO,eAAe,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5D,EAAA,yBAAyE,EAAA,iEAA6C,OAItH,aAA2C,CAOvC,OANI,GAAS,OAAO,QAAU,OAAO,SACjC,EAAe,EAAO,gBAAgB,GAAI,aAAY,CAAC,CAAC,EAIxD,EAAoB,GACf,EAAI,EAAG,EAAI,EAAa,OAAQ,GAAK,EAC1C,GAAqB,EAAa,GAAG,SAAS,EAAE,EAEpD,MAAO,EACX,CACuC,EAAA,gCAAG,GAI1C,YAAwC,EAAwB,CAC5D,MAAO,GACF,QAAQ,wCAAyC,EAAE,CAC5D,CACsC,EAAA,+BAAG,GAIzC,YAAkC,EAAQ,EAAO,EAAS,CACtD,MAAO,IAA+B,EAAO,sBAAsB,EAC/D,+BACgB,mBAAmB,EAAO,SAAS,EACnD,iBAAmB,mBAAmB,EAAO,YAAY,EACzD,kBAAoB,mBAAmB,EAAO,aAAa,EAC3D,UAAY,mBAAmB,EAAO,KAAK,EAC3C,UAAY,mBAAmB,IAAiC,EAChE,UAAY,mBAAmB,CAAK,EACpC,eAAiB,mBAAmB,EAAO,UAAU,EACpD,IAAW,EAAQ,OAAS,WAAa,EAAQ,OAAS,IAC1D,IAAW,EAAQ,cAAgB,kBAAoB,EAAQ,cAAgB,GACxF,CACgC,EAAA,yBAAG,iBC1CnC,OAAO,eAAeE,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACvCA,EAAA,cAAG,OAIxB,YAAuB,EAAc,EAAa,CAC9C,GAAI,GAAmB,EAAa,KAAI,EAAG,cAAc,MAAM,KAAK,EAChE,EAAkB,EAAY,KAAI,EAAG,cAAc,MAAM,KAAK,EAClE,MAAO,GAAiB,MAAM,SAAU,EAAO,CAAE,MAAO,GAAgB,QAAQ,CAAK,IAAM,EAAK,CAAA,CACpG,CACqBA,EAAA,cAAG,YCVxB,OAAO,eAAeC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACxCA,EAAA,aAAG,OAUvB,YAAsB,EAAK,CAGvB,GAAI,GAAI,SAAS,cAAc,GAAG,EAClC,SAAE,KAAO,EACF,EAAE,IACb,CACoBA,EAAA,aAAG,YClBvB,OAAO,eAAe,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5D,EAAA,4BAAsC,EAAA,oBAA8B,OAIpE,YAAoC,EAAuB,CAKvD,OAJI,GAAuB,oBACvB,EAAkB,CAAA,EAClB,EAEG,EAAe,EAAqB,KAAK,CAAqB,GAAG,CACpE,GAAI,GAAM,mBAAmB,EAAa,EAAE,EACxC,EAAQ,mBAAmB,EAAa,EAAE,EAC9C,EAAgB,GAAO,CAC1B,CACD,MAAO,EACX,CAIA,YAA6B,EAAU,CACnC,MAAO,IAA2B,EAAS,QAAQ,KAAM,EAAE,CAAC,CAChE,CAC2B,EAAA,oBAAG,GAI9B,YAAqC,EAAoB,CACrD,GAAI,EAAmB,MAAO,CAC1B,GAAI,GAAY,CACZ,MAAO,EAAmB,MAC1B,kBAAmB,EAAmB,kBACtC,MAAO,EAAmB,KACtC,EACQ,MAAO,EACV,CACD,GAAI,GAAY,SAAS,EAAmB,WAAY,EAAE,EAAI,IAC1D,EAAc,CACd,aAAc,EAAmB,aACjC,WAAY,EACZ,WAAY,KAAK,IAAG,EAAK,EACzB,SAAU,EAAmB,SAC7B,MAAO,EAAmB,MAC1B,MAAO,EAAmB,MAC1B,WAAY,EAAmB,WAC/B,cAAe,EAAmB,aAC1C,EACI,MAAO,EACX,CACmC,EAAA,4BAAG,GCjDtC,OAAO,eAAe,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5D,EAAA,gBAA0B,EAAA,oBAA8B,OACxD,GAAID,IAAkBD,EAClB,GAAiBG,EACjBC,GAA8BC,EASlC,YAA6B,EAAU,EAAa,CAChD,GAAI,GAAS,EAAS,SAAW,KAAO,EAAS,KAIjD,MAAK,GAKD,EAAY,OAAO,CAAC,IAAM,IACnB,GAAK,EAAS,EAMlB,EAXI,CAYf,CAC2B,EAAA,oBAAG,GAI9B,YAAyB,EAAQ,EAAU,CAIvC,GAAI,GAAuBD,GAA4B,oBAAoB,EAAS,IAAI,EAGxF,GAAI,CAAC,EAAqB,eAAe,OAAO,EAC5C,MAAO,GAEX,GAAI,GAA0BH,GAAgB,cAAc,QAAS,EAAO,aAAa,EACrF,EAAsBA,GAAgB,cAAc,WAAY,EAAO,aAAa,EACpF,EAAyB,EAAqB,eAAe,cAAc,EAC3E,EAAqB,EAAqB,eAAe,UAAU,EACnE,EAAmB,EAAqB,eAAe,OAAO,EAMlE,GALI,GACI,CAAC,GAA0B,CAAC,GAIhC,GACI,CAAC,GAAsB,CAAC,EACxB,MAAO,GAQf,GAAI,GAAa,GAAe,aAAa,EAAS,KAAK,QAAQ,EAAS,KAAM,EAAE,CAAC,EAGrF,MAAO,KAAe,GAAe,aAAa,EAAO,YAAY,CACzE,CACuB,EAAA,gBAAG,GCvE1B,GAAI,GAAYH,GAAQA,EAAK,UAAa,UAAY,CAClD,SAAW,OAAO,QAAU,SAAS,EAAG,CACpC,OAAS,GAAG,EAAI,EAAG,EAAI,UAAU,OAAQ,EAAI,EAAG,IAAK,CACjD,EAAI,UAAU,GACd,OAAS,KAAK,GAAG,AAAI,OAAO,UAAU,eAAe,KAAK,EAAG,CAAC,GAC1D,GAAE,GAAK,EAAE,GAChB,CACD,MAAO,EACf,EACW,EAAS,MAAM,KAAM,SAAS,CACzC,EACA,OAAO,eAAe,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC9B,EAAA,uBAAG,OACjC,GAAI,IAAgCE,EAChCM,GAA2BH,EAM/B,YAAgC,EAAQ,EAAU,CAC9C,MAAO,GAAS,EAAS,EAAS,CAAE,EAAE,CAAM,EAAG,CAAE,cAAe,EAAO,eAAiB,iBAAkB,WAAY,EAAO,YAAc,KAGvI,uBAAwB,GAA8B,+BAA+B,EAAO,sBAAsB,EAMlH,aAAcG,GAAyB,oBAAoB,EAAU,EAAO,YAAY,CAAC,CAAE,EAAG,EAAO,yBACnG,CAAE,yBAA0BA,GAAyB,oBAAoB,EAAU,EAAO,wBAAwB,CAAG,EACrH,CAAA,CAAE,CACZ,CAC8B,EAAA,uBAAG,YClCjC,OAAO,eAAeC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAClCA,EAAA,mBAAG,OAQ7B,GAAI,IAAoC,UAAY,CAChD,WAA4B,EAAM,CAC9B,AAAI,IAAS,QAAU,GAAO,IAC9B,KAAK,KAAO,EACZ,KAAK,eAAiB,oBACzB,CACD,cAAO,eAAe,EAAmB,UAAW,aAAc,CAC9D,IAAK,UAAY,CACb,MAAO,MAAK,KAAO,KAAK,eAAiB,IAAM,KAAK,KAAO,KAAK,cACnE,EACD,WAAY,GACZ,aAAc,EACtB,CAAK,EACD,EAAmB,UAAU,QAAU,SAAU,EAAK,CAClD,GAAI,GAAO,aAAa,QAAQ,KAAK,WAAa,IAAM,CAAG,EAC3D,MAAO,KAAS,KAAO,KAAO,KAAK,MAAM,CAAI,CACrD,EACI,EAAmB,UAAU,QAAU,SAAU,EAAK,EAAO,CACzD,aAAa,QAAQ,KAAK,WAAa,IAAM,EAAK,KAAK,UAAU,CAAK,CAAC,CAC/E,EACI,EAAmB,UAAU,WAAa,SAAU,EAAK,CACrD,aAAa,WAAW,KAAK,WAAa,IAAM,CAAG,CAC3D,EACI,EAAmB,UAAU,QAAU,SAAU,EAAoB,CACjE,OAAS,GAAI,EAAG,EAAI,aAAa,OAAQ,GAAK,EAAG,CAC7C,GAAI,GAAM,aAAa,IAAI,CAAC,EAC5B,GAAI,GAAO,EAAI,QAAQ,KAAK,cAAc,IAAM,GAAI,CAChD,GAAI,GAAQ,aAAa,QAAQ,CAAG,EAChC,EAAc,IAAU,KAAO,KAAO,KAAK,MAAM,CAAK,EAC1D,AAAI,EAAmB,EAAa,CAAG,GACnC,aAAa,WAAW,CAAG,CAElC,CACJ,CACT,EACW,CACX,EAAC,EACyBA,EAAA,mBAAG,YCxBzB,EAAI,MAAO,UAAY,SAAW,QAAU,KAC5C,GAAe,GAAK,MAAO,GAAE,OAAU,WACvC,EAAE,MACF,SAAsB,EAAQ,EAAU,EAAM,CAC9C,MAAO,UAAS,UAAU,MAAM,KAAK,EAAQ,EAAU,CAAI,CAC5D,EAEC,EACJ,AAAI,GAAK,MAAO,GAAE,SAAY,WAC5B,EAAiB,EAAE,QACd,AAAI,OAAO,sBAChB,EAAiB,SAAwB,EAAQ,CAC/C,MAAO,QAAO,oBAAoB,CAAM,EACrC,OAAO,OAAO,sBAAsB,CAAM,CAAC,CAClD,EAEE,EAAiB,SAAwB,EAAQ,CAC/C,MAAO,QAAO,oBAAoB,CAAM,CAC5C,EAGA,YAA4B,EAAS,CACnC,AAAI,SAAW,QAAQ,MAAM,QAAQ,KAAK,CAAO,CACnD,CAEA,GAAI,IAAc,OAAO,OAAS,SAAqB,EAAO,CAC5D,MAAO,KAAU,CACnB,EAEA,YAAwB,CACtB,EAAa,KAAK,KAAK,IAAI,CAC7B,IACA,IAAiB,EAGjB,EAAa,aAAe,EAE5B,EAAa,UAAU,QAAU,OACjC,EAAa,UAAU,aAAe,EACtC,EAAa,UAAU,cAAgB,OAIvC,GAAI,IAAsB,GAE1B,OAAO,eAAe,EAAc,sBAAuB,CACzD,WAAY,GACZ,IAAK,UAAW,CACd,MAAO,GACR,EACD,IAAK,SAAS,EAAK,CACjB,GAAI,MAAO,IAAQ,UAAY,EAAM,GAAK,GAAY,CAAG,EACvD,KAAM,IAAI,YAAW,kGAAoG,EAAM,GAAG,EAEpI,GAAsB,CACvB,CACH,CAAC,EAED,EAAa,KAAO,UAAW,CAE7B,AAAI,MAAK,UAAY,QACjB,KAAK,UAAY,OAAO,eAAe,IAAI,EAAE,UAC/C,MAAK,QAAU,OAAO,OAAO,IAAI,EACjC,KAAK,aAAe,GAGtB,KAAK,cAAgB,KAAK,eAAiB,MAC7C,EAIA,EAAa,UAAU,gBAAkB,SAAyB,EAAG,CACnE,GAAI,MAAO,IAAM,UAAY,EAAI,GAAK,GAAY,CAAC,EACjD,KAAM,IAAI,YAAW,gFAAkF,EAAI,GAAG,EAEhH,YAAK,cAAgB,EACd,IACT,EAEA,YAA0B,EAAM,CAC9B,MAAI,GAAK,gBAAkB,OAClB,EAAa,oBACf,EAAK,aACd,CAEA,EAAa,UAAU,gBAAkB,UAA2B,CAClE,MAAO,IAAiB,IAAI,CAC9B,EAEA,EAAa,UAAU,KAAO,SAAc,EAAM,CAEhD,OADI,GAAO,CAAA,EACF,EAAI,EAAG,EAAI,UAAU,OAAQ,IAAK,EAAK,KAAK,UAAU,EAAE,EACjE,GAAI,GAAW,IAAS,QAEpB,EAAS,KAAK,QAClB,GAAI,IAAW,OACb,EAAW,GAAW,EAAO,QAAU,eAChC,CAAC,EACR,MAAO,GAGT,GAAI,EAAS,CACX,GAAI,GAGJ,GAFI,EAAK,OAAS,GAChB,GAAK,EAAK,IACR,YAAc,OAGhB,KAAM,GAGR,GAAI,GAAM,GAAI,OAAM,mBAAsB,GAAK,KAAO,EAAG,QAAU,IAAM,GAAG,EAC5E,QAAI,QAAU,EACR,CACP,CAED,GAAI,GAAU,EAAO,GAErB,GAAI,IAAY,OACd,MAAO,GAET,GAAI,MAAO,IAAY,WACrB,GAAa,EAAS,KAAM,CAAI,MAIhC,QAFI,GAAM,EAAQ,OACd,EAAY,GAAW,EAAS,CAAG,EAC9B,EAAI,EAAG,EAAI,EAAK,EAAE,EACzB,GAAa,EAAU,GAAI,KAAM,CAAI,EAGzC,MAAO,EACT,EAEA,YAAsB,EAAQ,EAAM,EAAU,EAAS,CACrD,GAAI,GACA,EACA,EAEJ,GAAI,MAAO,IAAa,WACtB,KAAM,IAAI,WAAU,mEAAqE,MAAO,EAAQ,EAqB1G,GAlBA,EAAS,EAAO,QAChB,AAAI,IAAW,OACb,GAAS,EAAO,QAAU,OAAO,OAAO,IAAI,EAC5C,EAAO,aAAe,GAIlB,GAAO,cAAgB,QACzB,GAAO,KAAK,cAAe,EACf,EAAS,SAAW,EAAS,SAAW,CAAQ,EAI5D,EAAS,EAAO,SAElB,EAAW,EAAO,IAGhB,IAAa,OAEf,EAAW,EAAO,GAAQ,EAC1B,EAAE,EAAO,qBAET,AAAI,MAAO,IAAa,WAEtB,EAAW,EAAO,GAChB,EAAU,CAAC,EAAU,CAAQ,EAAI,CAAC,EAAU,CAAQ,EAEjD,AAAI,EACT,EAAS,QAAQ,CAAQ,EAEzB,EAAS,KAAK,CAAQ,EAIxB,EAAI,GAAiB,CAAM,EACvB,EAAI,GAAK,EAAS,OAAS,GAAK,CAAC,EAAS,OAAQ,CACpD,EAAS,OAAS,GAGlB,GAAI,GAAI,GAAI,OAAM,+CACE,EAAS,OAAS,IAAM,OAAO,CAAI,EAAI,mEAEvB,EACpC,EAAE,KAAO,8BACT,EAAE,QAAU,EACZ,EAAE,KAAO,EACT,EAAE,MAAQ,EAAS,OACnB,GAAmB,CAAC,CACrB,CAGH,MAAO,EACT,CAEA,EAAa,UAAU,YAAc,SAAqB,EAAM,EAAU,CACxE,MAAO,IAAa,KAAM,EAAM,EAAU,EAAK,CACjD,EAEA,EAAa,UAAU,GAAK,EAAa,UAAU,YAEnD,EAAa,UAAU,gBACnB,SAAyB,EAAM,EAAU,CACvC,MAAO,IAAa,KAAM,EAAM,EAAU,EAAI,CACpD,EAEA,aAAuB,CAErB,OADI,GAAO,CAAA,EACF,EAAI,EAAG,EAAI,UAAU,OAAQ,IAAK,EAAK,KAAK,UAAU,EAAE,EACjE,AAAK,KAAK,OACR,MAAK,OAAO,eAAe,KAAK,KAAM,KAAK,MAAM,EACjD,KAAK,MAAQ,GACb,GAAa,KAAK,SAAU,KAAK,OAAQ,CAAI,EAEjD,CAEA,YAAmB,EAAQ,EAAM,EAAU,CACzC,GAAI,GAAQ,CAAE,MAAO,GAAO,OAAQ,OAAW,OAAQ,EAAQ,KAAM,EAAM,SAAU,CAAQ,EACzF,EAAU,GAAY,KAAK,CAAK,EACpC,SAAQ,SAAW,EACnB,EAAM,OAAS,EACR,CACT,CAEA,EAAa,UAAU,KAAO,SAAc,EAAM,EAAU,CAC1D,GAAI,MAAO,IAAa,WACtB,KAAM,IAAI,WAAU,mEAAqE,MAAO,EAAQ,EAE1G,YAAK,GAAG,EAAM,GAAU,KAAM,EAAM,CAAQ,CAAC,EACtC,IACT,EAEA,EAAa,UAAU,oBACnB,SAA6B,EAAM,EAAU,CAC3C,GAAI,MAAO,IAAa,WACtB,KAAM,IAAI,WAAU,mEAAqE,MAAO,EAAQ,EAE1G,YAAK,gBAAgB,EAAM,GAAU,KAAM,EAAM,CAAQ,CAAC,EACnD,IACb,EAGA,EAAa,UAAU,eACnB,SAAwB,EAAM,EAAU,CACtC,GAAI,GAAM,EAAQ,EAAU,EAAG,EAE/B,GAAI,MAAO,IAAa,WACtB,KAAM,IAAI,WAAU,mEAAqE,MAAO,EAAQ,EAI1G,GADA,EAAS,KAAK,QACV,IAAW,OACb,MAAO,MAGT,GADA,EAAO,EAAO,GACV,IAAS,OACX,MAAO,MAET,GAAI,IAAS,GAAY,EAAK,WAAa,EACzC,AAAI,EAAE,KAAK,eAAiB,EAC1B,KAAK,QAAU,OAAO,OAAO,IAAI,EAEjC,OAAO,GAAO,GACV,EAAO,gBACT,KAAK,KAAK,iBAAkB,EAAM,EAAK,UAAY,CAAQ,WAEtD,MAAO,IAAS,WAAY,CAGrC,IAFA,EAAW,GAEN,EAAI,EAAK,OAAS,EAAG,GAAK,EAAG,IAChC,GAAI,EAAK,KAAO,GAAY,EAAK,GAAG,WAAa,EAAU,CACzD,EAAmB,EAAK,GAAG,SAC3B,EAAW,EACX,KACD,CAGH,GAAI,EAAW,EACb,MAAO,MAET,AAAI,IAAa,EACf,EAAK,MAAK,EAEV,GAAU,EAAM,CAAQ,EAGtB,EAAK,SAAW,GAClB,GAAO,GAAQ,EAAK,IAElB,EAAO,iBAAmB,QAC5B,KAAK,KAAK,iBAAkB,EAAM,GAAoB,CAAQ,CACjE,CAED,MAAO,KACb,EAEA,EAAa,UAAU,IAAM,EAAa,UAAU,eAEpD,EAAa,UAAU,mBACnB,SAA4B,EAAM,CAChC,GAAI,GAAW,EAAQ,EAGvB,GADA,EAAS,KAAK,QACV,IAAW,OACb,MAAO,MAGT,GAAI,EAAO,iBAAmB,OAC5B,MAAI,WAAU,SAAW,EACvB,MAAK,QAAU,OAAO,OAAO,IAAI,EACjC,KAAK,aAAe,GACX,EAAO,KAAU,QAC1B,CAAI,EAAE,KAAK,eAAiB,EAC1B,KAAK,QAAU,OAAO,OAAO,IAAI,EAEjC,MAAO,GAAO,IAEX,KAIT,GAAI,UAAU,SAAW,EAAG,CAC1B,GAAI,GAAO,OAAO,KAAK,CAAM,EACzB,EACJ,IAAK,EAAI,EAAG,EAAI,EAAK,OAAQ,EAAE,EAE7B,AADA,EAAM,EAAK,GACP,IAAQ,kBACZ,KAAK,mBAAmB,CAAG,EAE7B,YAAK,mBAAmB,gBAAgB,EACxC,KAAK,QAAU,OAAO,OAAO,IAAI,EACjC,KAAK,aAAe,EACb,IACR,CAID,GAFA,EAAY,EAAO,GAEf,MAAO,IAAc,WACvB,KAAK,eAAe,EAAM,CAAS,UAC1B,IAAc,OAEvB,IAAK,EAAI,EAAU,OAAS,EAAG,GAAK,EAAG,IACrC,KAAK,eAAe,EAAM,EAAU,EAAE,EAI1C,MAAO,KACb,EAEA,YAAoB,EAAQ,EAAM,EAAQ,CACxC,GAAI,GAAS,EAAO,QAEpB,GAAI,IAAW,OACb,MAAO,GAET,GAAI,GAAa,EAAO,GACxB,MAAI,KAAe,OACV,GAEL,MAAO,IAAe,WACjB,EAAS,CAAC,EAAW,UAAY,CAAU,EAAI,CAAC,CAAU,EAE5D,EACL,GAAgB,CAAU,EAAI,GAAW,EAAY,EAAW,MAAM,CAC1E,CAEA,EAAa,UAAU,UAAY,SAAmB,EAAM,CAC1D,MAAO,IAAW,KAAM,EAAM,EAAI,CACpC,EAEA,EAAa,UAAU,aAAe,SAAsB,EAAM,CAChE,MAAO,IAAW,KAAM,EAAM,EAAK,CACrC,EAEA,EAAa,cAAgB,SAAS,EAAS,EAAM,CACnD,MAAI,OAAO,GAAQ,eAAkB,WAC5B,EAAQ,cAAc,CAAI,EAE1B,GAAc,KAAK,EAAS,CAAI,CAE3C,EAEA,EAAa,UAAU,cAAgB,GACvC,YAAuB,EAAM,CAC3B,GAAI,GAAS,KAAK,QAElB,GAAI,IAAW,OAAW,CACxB,GAAI,GAAa,EAAO,GAExB,GAAI,MAAO,IAAe,WACxB,MAAO,GACF,GAAI,IAAe,OACxB,MAAO,GAAW,MAErB,CAED,MAAO,EACT,CAEA,EAAa,UAAU,WAAa,UAAsB,CACxD,MAAO,MAAK,aAAe,EAAI,EAAe,KAAK,OAAO,EAAI,EAChE,EAEA,YAAoB,EAAK,EAAG,CAE1B,OADI,GAAO,GAAI,OAAM,CAAC,EACb,EAAI,EAAG,EAAI,EAAG,EAAE,EACvB,EAAK,GAAK,EAAI,GAChB,MAAO,EACT,CAEA,YAAmB,EAAM,EAAO,CAC9B,KAAO,EAAQ,EAAI,EAAK,OAAQ,IAC9B,EAAK,GAAS,EAAK,EAAQ,GAC7B,EAAK,IAAG,CACV,CAEA,YAAyB,EAAK,CAE5B,OADI,GAAM,GAAI,OAAM,EAAI,MAAM,EACrB,EAAI,EAAG,EAAI,EAAI,OAAQ,EAAE,EAChC,EAAI,GAAK,EAAI,GAAG,UAAY,EAAI,GAElC,MAAO,EACT,UC9bA,OAAO,eAAeC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACxCA,EAAA,aAAG,OAOvB,YAAsB,EAAM,EAAM,CAG9B,GAAI,GAAI,SAAS,cAAc,GAAG,EAClC,EAAE,KAAO,EACT,GAAI,GAAY,EAAE,SAAU,EAAQ,EAAE,KACtC,EAAE,KAAO,EACT,GAAI,GAAY,EAAE,SAAU,EAAQ,EAAE,KAStC,MAAO,KAAc,GAAa,IAAU,CAChD,CACoBA,EAAA,aAAG,iBC1BvB,OAAO,eAAeC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5CA,EAAA,SAAG,OAKnB,YAAkB,EAAO,CACrB,MAAO,KAAU,MAAQ,MAAO,IAAU,QAC9C,CACgBA,EAAA,SAAG,GCTnB,OAAO,eAAe,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACjC,EAAA,oBAAG,OAC9B,GAAIA,IAAaT,EACbD,GAAqBI,EACrBO,GAAyBL,EAO7B,YAA6B,EAAuB,EAAqB,EAAU,CAC/E,GAAI,GAAM,GAAI,gBACd,EAAI,KAAK,MAAO,EAAwB,kBAAkB,EAC1D,EAAI,iBAAiB,SAAU,kBAAkB,EACjD,EAAI,iBAAiB,gBAAiB,CAAmB,EACzD,EAAI,iBAAiB,OAAQ,UAAoC,CAC7D,GAAI,EAAI,SAAW,IAAK,CACpB,GAAI,GAAiB,OACrB,GAAI,CACA,EAAiB,KAAK,MAAM,EAAI,YAAY,CAC/C,MACD,CACI,EAAS,GAAIN,IAAmB,iBAAiBW,GAAuB,iCAAiC,CAAC,EAC1G,MACH,CACD,AAAI,GAAoB,CAAc,EAClC,EAAS,KAAM,CAAc,EAG7B,EAAS,GAAIX,IAAmB,iBAAiBW,GAAuB,oCAAoC,CAAC,CAEpH,KAEG,GAAS,GAAIX,IAAmB,iBAAiBW,GAAuB,iCAAiC,CAAC,CAEtH,CAAK,EACD,EAAI,KAAI,CACZ,CAC2B,EAAA,oBAAG,GAK9B,YAA6B,EAAgB,CACzC,MAAOD,IAAW,SAAS,CAAc,GACrC,MAAO,GAAe,KAAQ,UAC9B,MAAO,GAAe,MAAS,UAC/B,MAAO,GAAe,QAAW,QACzC,cCjDA,GAAI,GAAaX,GAAQA,EAAK,WAAe,UAAY,CACrD,GAAI,GAAgB,SAAU,EAAG,EAAG,CAChC,SAAgB,OAAO,gBAClB,CAAE,UAAW,CAAA,YAAgB,QAAS,SAAU,EAAG,EAAG,CAAE,EAAE,UAAY,CAAE,GACzE,SAAU,EAAG,EAAG,CAAE,OAAS,KAAK,GAAG,AAAI,OAAO,UAAU,eAAe,KAAK,EAAG,CAAC,GAAG,GAAE,GAAK,EAAE,KACzF,EAAc,EAAG,CAAC,CACjC,EACI,MAAO,UAAU,EAAG,EAAG,CACnB,GAAI,MAAO,IAAM,YAAc,IAAM,KACjC,KAAM,IAAI,WAAU,uBAAyB,OAAO,CAAC,EAAI,+BAA+B,EAC5F,EAAc,EAAG,CAAC,EAClB,YAAc,CAAE,KAAK,YAAc,CAAI,CACvC,EAAE,UAAY,IAAM,KAAO,OAAO,OAAO,CAAC,EAAK,GAAG,UAAY,EAAE,UAAW,GAAI,GACvF,CACA,IACA,OAAO,eAAc,EAAU,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5D,EAAA,gBAA0B,EAAiD,uCAAA,EAAA,iCAA2C,OACtH,GAAI,GAAWE,GACX,EAAiBG,EACjB,EAAkBE,EAClB,EAAgCM,EAChC,EAAqBC,EACrB,EAAyBC,EACzB,EAAyBC,EACzB,EAA8BC,EAC9B,EAA8BC,EAClC,EAAA,iCAA2C,kCAC3C,EAAA,uCAAiD,wCAIjD,GAAI,GAAiC,SAAU,EAAQ,CACnD,EAAU,EAAiB,CAAM,EACjC,WAAyB,EAAQ,EAAS,EAAqB,CAC3D,GAAI,GAAQ,EAAO,KAAK,IAAI,GAAK,KACjC,SAAM,OAAS,EACf,EAAM,QAAU,EAChB,EAAM,qBAAuB,KAC7B,EAAM,uBAAyB,KAC/B,EAAM,yBAA2B,IACjC,EAAM,yBAA2B,IACjC,EAAM,gCAAkC,IACpC,EAAM,gBACN,EAAM,4BAA2B,EAEjC,GAAuB,EAAM,kBAAkB,QAAQ,GACvD,EAAoB,SAAU,EAAqB,CAC/C,AAAI,YAA+B,OAC/B,EAAM,KAAK,EAAuB,kCAAmC,CAAmB,EAGxF,GAAM,eAAiB,EACvB,EAAM,8BAA6B,EAEvD,CAAa,EAEE,CACV,CAUD,SAAgB,UAAU,qBAAuB,UAAY,CAGzD,GAAI,KAAK,eACL,MAAO,MACF,4BAA6B,EAC7B,0BAMT,KAAK,QAAQ,WAAW,MAAM,EAE9B,GAAI,GAAQ,EAA8B,kCAC1C,YAAK,QAAQ,QAAQ,EAAQ,SAAU,CAAK,EAG5C,KAAK,QAAQ,QAAQ,EAAQ,cAAe,SAAS,IAAI,EAGzD,SAAS,QAAQ,EAA8B,yBAAyB,KAAK,OAAQ,CAAK,CAAC,EACpF,IACf,EAMI,EAAgB,UAAU,qBAAuB,UAAY,CAGzD,GAAI,KAAK,eAAgB,CAGrB,GAAI,GAAgB,KAAK,aACrB,EAA2B,KAAK,OAAO,yBACvC,EAAuB,KAAK,eAAe,qBAE3C,EAAkB,EAAuB,kBAAoB,EAC5D,GAA2B,6BAA+B,EAA2B,IAE1F,KAAK,KAAK,EAAuB,qBAAsB,UAAY,CAC/D,OAAO,SAAS,QAAQ,CAAe,CACvD,CAAa,CACJ,CAGD,MAAO,MAAK,6BACpB,EASI,EAAgB,UAAU,mBAAqB,SAAU,EAAU,CAC/D,MAAO,MAAK,kCAAkC,CAAE,EAAE,CAAQ,CAClE,EAUI,EAAgB,UAAU,aAAe,UAAY,CACjD,GAAI,GAAgB,KAAK,QAAQ,QAAQ,MAAM,EAC/C,MAAO,SAAQ,GAAiB,EAAc,YAAY,GACtD,EAAc,WAAa,KAAK,KAC5C,EAII,EAAgB,UAAU,sBAAwB,UAAY,CAC1D,GAAI,GAAgB,KAAK,QAAQ,QAAQ,MAAM,EAC/C,MAAQ,IAAiB,EAAc,MACnC,GAAI,GAAmB,iBAAiB,EAAc,KAAK,EAC3D,IACZ,EAcI,EAAgB,UAAU,uBAAyB,UAAY,CAC3D,GAAI,GAAgB,KAAK,QAAQ,QAAQ,MAAM,EAC/C,GAAI,CAAC,KAAK,eACN,MAAO,MAEX,GAAI,EAAc,YAAc,EAAc,WAAW,YAAa,IAAK,SACvE,MAAO,UAAY,EAAc,aAErC,KAAM,IAAI,GAAmB,iBAAiB,EAAuB,0BAA0B,CACvG,EAII,EAAgB,UAAU,gBAAkB,UAAY,CAEpD,GAAI,CAAC,KAAK,eACN,MAAO,MAGX,GAAI,GAAgB,KAAK,QAAQ,QAAQ,MAAM,EAO/C,MAAO,OAAO,GAAc,OAAU,YAClC,KAAK,OAAO,MACZ,EAAc,KAC1B,EAMI,EAAgB,UAAU,gBAAkB,SAAU,EAAc,CAChE,GAAI,GAAe,KAAK,kBACxB,MAAI,OAAO,IAAiB,SACjB,GAEJ,EAAgB,cAAc,EAAc,CAAY,CACvE,EAaI,EAAgB,UAAU,WAAa,UAAY,CAE/C,GAAI,CAAC,KAAK,eACN,MAAO,MAGX,GAAI,GAAgB,KAAK,QAAQ,QAAQ,MAAM,EAI/C,MAAK,GAAc,SAKZ,EAAc,SAJV,IAKnB,EAaI,EAAgB,UAAU,iBAAmB,UAAY,CACrD,GAAI,GAAU,KAAK,aAMnB,GAAI,IAAY,KACZ,MAAO,MAKX,GAAI,GAAe,EAAQ,MAAM,GAAG,EAGhC,EAAc,EAAa,GAE/B,MAAO,MAAK,MAAM,KAAK,CAAW,CAAC,CAC3C,EAUI,EAAgB,UAAU,cAAgB,SAAU,EAAU,CAC1D,GAAI,GAAsB,KAAK,yBAC/B,MAAI,GACA,EAA4B,oBAAoB,KAAK,OAAO,uBAAwB,EAAqB,CAAQ,EAGjH,EAAS,GAAI,GAAmB,iBAAiB,EAAuB,gBAAgB,CAAC,EAEtF,IACf,EAQI,EAAgB,UAAU,wBAA0B,UAAY,CAC5D,GAAI,GAAQ,KAGZ,MAAI,MAAK,yBAA2B,KACzB,KAKX,MAAK,YAAY,EAAuB,yBAA0B,KAAK,mBAAmB,EAG1F,KAAK,uBAAyB,OAAO,WAAW,UAAY,CACxD,EAAM,iBAAgB,CAClC,EAAW,KAAK,kBAAiB,CAAE,EACpB,KACf,EAII,EAAgB,UAAU,yBAA2B,UAAY,CAG7D,YAAK,oBAAmB,EAExB,KAAK,eAAe,EAAuB,yBAA0B,KAAK,mBAAmB,EAEzF,MAAO,MAAK,wBAA2B,UACvC,QAAO,aAAa,KAAK,sBAAsB,EAC/C,KAAK,uBAAyB,MAE3B,IACf,EASI,EAAgB,UAAU,4BAA8B,UAAY,CAIhE,YAAK,yBAAwB,EAC7B,KAAK,0BAAyB,EAC1B,KAAK,gBAEL,KAAK,+BAA8B,EAGvC,KAAK,QAAQ,WAAW,MAAM,EAE9B,KAAK,KAAK,EAAuB,oBAAoB,EAC9C,IACf,EAMI,EAAgB,UAAU,kCAAoC,SAAU,EAAI,EAAU,CAClF,GAAI,GAAQ,KACR,EAAgB,EAAG,cAEnB,EAAQ,EAA8B,kCAKtC,EAAwB,EACtB,EAA8B,yBAAyB,KAAK,OAAQ,EAAO,CAAE,OAAQ,OAAQ,cAAe,EAAe,EAC3H,EAA8B,yBAAyB,KAAK,OAAQ,EAAO,CAAE,OAAQ,MAAM,CAAE,EAM/F,EAAS,SAAS,cAAc,QAAQ,EASxC,GAAiB,GACjB,GAA8B,GAE9B,GAMA,GAAuB,SAAU,EAAO,CAExC,GAAI,EAAM,SAAW,EAAO,eAIxB,EAAC,EAAe,aAAa,EAAM,OAAQ,EAAM,OAAO,YAAY,GAKpE,GAAC,EAAM,MAAQ,MAAO,GAAM,MAAS,WAGrC,EAAM,KAAK,OAAS,sBAMxB,IAA8B,GAE9B,OAAO,oBAAoB,UAAW,EAAoB,EAG1D,OAAO,aAAa,EAAkB,EAElC,IACA,SAAS,KAAK,YAAY,CAAM,EAGpC,GAAI,IAAgB,EAA4B,4BAA4B,EAA4B,oBAAoB,EAAM,KAAK,QAAQ,CAAC,EAEhJ,GAAI,GAAc,QAAU,EAAO,CAC/B,GAAI,GAAQ,GAAI,GAAmB,iBAAiB,EAAuB,kBAAkB,EAC7F,EAAM,KAAK,EAAuB,uBAAwB,CAAK,EAC3D,GACA,EAAS,CAAK,EAElB,MACH,CAED,GAAI,IAAY,GAAc,MAC9B,GAAI,GAAW,CAEX,GAAI,GAAQ,GAAI,GAAmB,iBAAiB,EAAS,EAC7D,EAAM,KAAK,EAAuB,uBAAwB,CAAK,EAC3D,GACA,EAAS,CAAK,CAErB,KAKG,GAAM,QAAQ,QAAQ,OAAQ,EAAa,EAI3C,EAAM,4BAA2B,EAKjC,EAAM,8BAA6B,EAEnC,EAAM,KAAK,EAAuB,wBAAwB,EACtD,GACA,EAAS,IAAI,EAGjC,EAKY,GAAoB,SAAU,EAAO,CAErC,AAAI,CAAC,EAAM,WAKX,IAAiB,GAGjB,EAAO,oBAAoB,OAAQ,EAAiB,EAGhD,IACA,SAAS,KAAK,YAAY,CAAM,EAEhD,EAIQ,cAAO,iBAAiB,UAAW,EAAoB,EAMvD,EAAO,iBAAiB,OAAQ,EAAiB,EAIjD,GAAqB,OAAO,WAAW,UAAY,CAC/C,OAAO,aAAa,EAAkB,EAEtC,EAAO,oBAAoB,OAAQ,EAAiB,EACpD,OAAO,oBAAoB,UAAW,EAAoB,EAE1D,SAAS,KAAK,YAAY,CAAM,EAEhC,GAAI,GAAQ,GAAI,GAAmB,iBAAiB,EAAuB,iBAAiB,EAC5F,EAAM,KAAK,EAAuB,uBAAwB,CAAK,EAC3D,GACA,EAAS,CAAK,CAE9B,EAAW,KAAK,wBAAwB,EAGhC,EAAO,aAAa,EAAQ,iCAAkC,EAAE,EAChE,EAAO,MAAM,QAAU,OACvB,EAAO,aAAa,MAAO,CAAqB,EAChD,KAAK,kCAAkC,CAAM,EACtC,IACf,EAKI,EAAgB,UAAU,kCAAoC,SAAU,EAAS,CAC7E,GAAI,SAAS,KACT,SAAS,KAAK,YAAY,CAAO,MAEhC,CACD,GAAI,GAAmC,UAAY,CAC/C,OAAO,oBAAoB,mBAAoB,CAAgC,EAC/E,SAAS,KAAK,YAAY,CAAO,CACjD,EACY,OAAO,iBAAiB,mBAAoB,CAAgC,CAC/E,CACT,EAMI,EAAgB,UAAU,kBAAoB,SAAU,EAAc,CAClE,MAAO,GAAgB,cAAc,EAAc,KAAK,OAAO,KAAK,CAC5E,EAII,EAAgB,UAAU,oBAAsB,UAAY,CACxD,YAAK,yBAA2B,IACzB,IACf,EAOI,EAAgB,UAAU,wBAA0B,UAAY,CAC5D,YAAK,0BAA4B,EAC1B,IACf,EAII,EAAgB,UAAU,0BAA4B,UAAY,CAC9D,MAAI,OAAO,MAAK,sBAAyB,UACrC,QAAO,aAAa,KAAK,oBAAoB,EAC7C,KAAK,qBAAuB,MAEzB,IACf,EAII,EAAgB,UAAU,4BAA8B,UAAY,CAChE,GAAI,GAAQ,KAEZ,KAAK,0BAAyB,EAE9B,GAAI,GAAgB,KAAK,QAAQ,QAAQ,MAAM,EAC3C,EAA2B,EAAc,WAAa,KAAK,IAAG,EAClE,YAAK,qBAAuB,OAAO,WAAW,UAAY,CACtD,EAAM,KAAK,EAAuB,kBAAkB,CACvD,EAAE,CAAwB,EACpB,IACf,EAII,EAAgB,UAAU,kBAAoB,UAAY,CACtD,GAAI,GAAgB,KAAK,QAAQ,QAAQ,MAAM,EAG3C,EAAc,EAAc,WAAa,EAAc,WAAa,GACpE,EAAsB,KAAK,IAAI,EAAc,KAAK,IAAG,EAAI,CAAC,EAK9D,MAAO,MAAK,IAAI,EAAqB,UAAU,CACvD,EAUI,EAAgB,UAAU,iBAAmB,UAAY,CACrD,GAAI,GAAQ,KACZ,MAAO,MAAK,mBAAmB,SAAU,EAAO,CAC5C,AAAI,EACA,GAAM,uBAAyB,OAAO,WAAW,UAAY,CACzD,EAAM,iBAAgB,CAC1C,EAAmB,EAAM,wBAAwB,EACjC,EAAM,wBAAuB,GAG7B,EAAM,oBAAmB,CAEzC,CAAS,CACT,EAII,EAAgB,UAAU,oBAAsB,UAAY,CACxD,GAAI,GAAQ,KAEZ,MAAI,MAAK,yBAA2B,KACzB,KAIX,MAAK,oBAAmB,EAExB,OAAO,aAAa,KAAK,sBAAsB,EAE/C,KAAK,uBAAyB,OAAO,WAAW,UAAY,CACxD,MAAO,GAAM,kBACzB,EAAW,KAAK,kBAAiB,CAAE,EACpB,KACf,EAII,EAAgB,UAAU,8BAAgC,UAAY,CAClE,GAAI,GAAQ,KAEZ,GAAI,KAAK,0BAA4B,KAAK,yBAAyB,WAC/D,MAAO,MAGX,GAAI,CAAC,KAAK,gBAAkB,CAAC,KAAK,kBAAkB,QAAQ,EACxD,MAAO,MAIX,GAAI,CAAC,KAAK,eACN,MAAO,MAKX,KAAK,yBAA2B,SAAS,cAAc,QAAQ,EAC/D,KAAK,yBAAyB,MAAM,QAAU,OAC9C,KAAK,yBAAyB,aAAa,EAAQ,uCAAwC,EAAE,EAG7F,OAAO,iBAAiB,UAAW,KAAK,gCAAgC,KAAK,IAAI,CAAC,EAElF,GAAI,GAAgC,SAAU,EAAO,CAEjD,AAAI,CAAC,EAAM,WAIP,CAAC,EAAM,0BAKX,GAAM,yBAAyB,oBAAoB,OAAQ,CAA6B,EAExF,EAAM,oCAAmC,EACrD,EACQ,YAAK,yBAAyB,iBAAiB,OAAQ,CAA6B,EACpF,KAAK,yBAAyB,aAAa,MAAO,KAAK,eAAe,oBAAoB,EAC1F,KAAK,kCAAkC,KAAK,wBAAwB,EAC7D,IACf,EAII,EAAgB,UAAU,+BAAiC,UAAY,CAEnE,cAAO,oBAAoB,UAAW,KAAK,+BAA+B,EAEtE,MAAO,MAAK,2BAA8B,UAC1C,QAAO,aAAa,KAAK,yBAAyB,EAClD,KAAK,0BAA4B,QAGjC,KAAK,0BACL,UAAS,KAAK,YAAY,KAAK,wBAAwB,EACvD,KAAK,yBAA2B,QAE7B,IACf,EAII,EAAgB,UAAU,oCAAsC,UAAY,CAExE,OAAO,aAAa,KAAK,yBAAyB,EAElD,KAAK,0BAA4B,OAAO,WAAW,KAAK,sBAAsB,KAAK,IAAI,EAAG,KAAK,+BAA+B,CACtI,EAII,EAAgB,UAAU,sBAAwB,UAAY,CAC1D,GAAI,GAAQ,KACZ,GAAI,KAAK,eAAgB,CAQrB,GAAI,CAAC,KAAK,eACN,OAEJ,GAAI,KAAK,0BAA4B,KAAK,yBAAyB,cAAe,CAC9E,GAAI,GAAgB,KAAK,QAAQ,QAAQ,MAAM,EAC/C,KAAK,yBAAyB,cAAc,YAAY,KAAK,OAAO,UAAY,IAAM,EAAc,cAAe,KAAK,eAAe,oBAAoB,EAC3J,KAAK,oCAAmC,CAC3C,KAIG,MAAK,8BAA6B,CAEzC,KAOG,MAAK,mBAAmB,SAAU,EAAO,CACrC,AAAI,EACA,EAAM,4BAA2B,EAGjC,EAAM,oCAAmC,CAE7D,CAAa,CAEb,EAKI,EAAgB,UAAU,gCAAkC,SAAU,EAAO,CACzE,GAAI,GAAQ,KAEZ,GAAI,GAAC,KAAK,0BAA4B,CAAC,KAAK,iBAIxC,EAAM,SAAW,KAAK,yBAAyB,eAG/C,EAAC,EAAe,aAAa,EAAM,OAAQ,KAAK,eAAe,oBAAoB,EAKvF,GAAI,EAAM,OAAS,YAGf,KAAK,KAAK,EAAuB,8BAA8B,UAE1D,EAAM,OAAS,UAAW,CAC/B,KAAK,KAAK,EAAuB,4BAA4B,EAG7D,GAAI,GAAc,KAAK,aACnB,EAAsB,KAAK,mBAC/B,KAAK,kCAAkC,CAAE,cAAe,CAAa,EAAE,SAAU,EAAO,CACpF,GAAI,CAAC,EAAO,CAGR,GAAI,GAAoB,EAAM,mBAC9B,GAAI,GAAqB,GAAuB,EAAkB,MAAQ,EAAoB,IAC1F,MAEP,CAID,EAAM,4BAA2B,CACjD,CAAa,CACJ,KACI,AAAI,GAAM,OAAS,SAIpB,KAAK,KAAK,EAAuB,iCAAkC,GAAI,GAAmB,iBAAiB,EAAuB,8BAA8B,CAAC,CAE7K,EACW,CACX,EAAE,EAAS,YAAY,EACvB,EAAA,gBAA0B,gBC9yB1B,OAAO,eAAe,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAChD,EAAA,KAAG,OAQf,YAAc,EAAK,CACf,MAAO,IAAI,GAGX,OAAO,KAAK,CAAG,EAAE,KAAM,EAClB,OAAO,SAAU,EAAK,EAAK,CAAE,MAAO,GAAM,EAAM,IAAM,EAAI,GAAO,GAAM,EAAE,GAAG,CAAC,CAAC,CACvF,CACY,EAAA,KAAG,GACf,GAAI,IAAS,mBAAmB,MAAM,EAAE,EACxC,YAAc,EAAG,CAEb,OADI,GAAI,GACC,EAAI,EAAG,EAAI,EAAG,GAAK,EACxB,GAAK,GAAQ,GAAM,EAAI,EAAI,EAAM,IAC3B,GAAQ,GAAM,EAAI,EAAM,IAElC,MAAO,EACX,CACA,YAAa,EAAG,CAEZ,OADI,GAAI,GACC,EAAK,EAAG,EAAM,EAAG,EAAK,EAAI,OAAQ,IAAM,CAC7C,GAAI,GAAI,EAAI,GACZ,GAAK,GAAK,CAAC,CACd,CACD,MAAO,EACX,CACA,YAAkB,EAAG,EAAG,CACpB,GAAI,GAAI,EAAE,GACN,EAAI,EAAE,GACN,EAAI,EAAE,GACN,EAAI,EAAE,GACV,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,UAAU,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,SAAS,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,WAAW,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,UAAU,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,WAAW,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,SAAS,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,UAAU,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,WAAW,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,MAAM,EACpC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,WAAW,EACzC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,EAAG,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,SAAS,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,WAAW,EACzC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,UAAU,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,UAAU,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,WAAW,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,SAAS,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,UAAU,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,EAAG,QAAQ,EACrC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,UAAU,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,SAAS,EACrC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,EAAG,WAAW,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,EAAG,WAAW,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,SAAS,EACrC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,WAAW,EACzC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,OAAO,EACnC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,WAAW,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,UAAU,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,SAAS,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,WAAW,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,WAAW,EACzC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,EAAG,SAAS,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,QAAQ,EACrC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,UAAU,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,UAAU,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,SAAS,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,UAAU,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,WAAW,EACzC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,SAAS,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,EAAG,UAAU,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,WAAW,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,QAAQ,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,WAAW,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,UAAU,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,SAAS,EACvC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,WAAW,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,UAAU,EACxC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,EAAG,UAAU,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,IAAK,GAAI,WAAW,EACzC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,SAAS,EACtC,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,EAAE,GAAI,GAAI,UAAU,EACvC,EAAE,GAAK,EAAM,EAAG,EAAE,EAAE,EACpB,EAAE,GAAK,EAAM,EAAG,EAAE,EAAE,EACpB,EAAE,GAAK,EAAM,EAAG,EAAE,EAAE,EACpB,EAAE,GAAK,EAAM,EAAG,EAAE,EAAE,CACxB,CACA,WAAa,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CAC3B,SAAI,EAAM,EAAM,EAAG,CAAC,EAAG,EAAM,EAAG,CAAC,CAAC,EAC3B,EAAO,GAAK,EAAM,IAAO,GAAK,EAAK,CAAC,CAC/C,CACA,WAAe,EAAG,EAAG,CACjB,MAAQ,GAAI,EAAK,UACrB,CACA,WAAY,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CAC7B,MAAO,GAAK,EAAI,EAAO,CAAC,EAAK,EAAI,EAAG,EAAG,EAAG,EAAG,CAAC,CAClD,CACA,WAAY,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CAC7B,MAAO,GAAK,EAAI,EAAM,EAAK,CAAC,EAAK,EAAG,EAAG,EAAG,EAAG,CAAC,CAClD,CACA,WAAY,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CAC7B,MAAO,GAAI,EAAI,EAAI,EAAG,EAAG,EAAG,EAAG,EAAG,CAAC,CACvC,CACA,WAAY,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CAC7B,MAAO,GAAI,EAAK,GAAK,CAAC,GAAK,EAAG,EAAG,EAAG,EAAG,CAAC,CAC5C,CACA,YAAc,EAAG,CACb,GAAI,GAAI,EAAE,OACN,EAAQ,CAAC,WAAY,WAAY,YAAa,SAAS,EACvD,EAAO,CAAC,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CAAC,EACtD,EACJ,IAAK,EAAI,GAAI,GAAK,EAAE,OAAQ,GAAK,GAC7B,GAAS,EAAO,GAAO,EAAE,UAAU,EAAI,GAAI,CAAC,CAAC,CAAC,EAGlD,IADA,EAAI,EAAE,UAAU,EAAI,EAAE,EACjB,EAAI,EAAG,EAAI,EAAE,OAAQ,GAAK,EAC3B,EAAK,GAAK,IAAM,EAAE,WAAW,CAAC,GAAO,GAAI,GAAM,GAGnD,GADA,EAAK,GAAK,IAAM,KAAU,GAAI,GAAM,GAChC,EAAI,GAEJ,IADA,GAAS,EAAO,CAAI,EACf,EAAI,EAAG,EAAI,GAAI,GAAK,EACrB,EAAK,GAAK,EAGlB,SAAK,IAAM,EAAI,EACf,GAAS,EAAO,CAAI,EACb,CACX,CACA,YAAgB,EAAG,CAEf,OADI,GAAU,CAAA,EACL,EAAI,EAAG,EAAI,GAAI,GAAK,EACzB,EAAQ,GAAK,GAAK,EAAE,WAAW,CAAC,EACzB,GAAE,WAAW,EAAI,CAAC,GAAK,GACvB,GAAE,WAAW,EAAI,CAAC,GAAK,IACvB,GAAE,WAAW,EAAI,CAAC,GAAK,IAElC,MAAO,EACX,WChKA,OAAO,eAAe,GAAS,aAAc,CAAE,MAAO,EAAI,CAAE,gBCAxD,GAAalB,GAAQA,EAAK,WAAe,UAAY,CACrD,GAAI,GAAgB,SAAU,EAAG,EAAG,CAChC,SAAgB,OAAO,gBAClB,CAAE,UAAW,CAAA,YAAgB,QAAS,SAAU,EAAG,EAAG,CAAE,EAAE,UAAY,CAAE,GACzE,SAAU,EAAG,EAAG,CAAE,OAAS,KAAK,GAAG,AAAI,OAAO,UAAU,eAAe,KAAK,EAAG,CAAC,GAAG,GAAE,GAAK,EAAE,KACzF,EAAc,EAAG,CAAC,CACjC,EACI,MAAO,UAAU,EAAG,EAAG,CACnB,GAAI,MAAO,IAAM,YAAc,IAAM,KACjC,KAAM,IAAI,WAAU,uBAAyB,OAAO,CAAC,EAAI,+BAA+B,EAC5F,EAAc,EAAG,CAAC,EAClB,YAAc,CAAE,KAAK,YAAc,CAAI,CACvC,EAAE,UAAY,IAAM,KAAO,OAAO,OAAO,CAAC,EAAK,GAAG,UAAY,EAAE,UAAW,GAAI,GACvF,CACA,IACA,OAAO,eAAemB,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACrCA,EAAA,gBAAG,OAC1B,GAAIC,IAAoBlB,EAQpB,GAAiC,SAAU,EAAQ,CACnD,GAAU,EAAiB,CAAM,EACjC,YAA2B,CACvB,MAAO,KAAW,MAAQ,EAAO,MAAM,KAAM,SAAS,GAAK,IAC9D,CAID,SAAgB,UAAU,qBAAuB,UAAY,CACzD,MAAO,KACf,EAII,EAAgB,UAAU,qBAAuB,UAAY,CACzD,MAAO,KACf,EAII,EAAgB,UAAU,mBAAqB,UAAY,CACvD,MAAO,KACf,EAII,EAAgB,UAAU,aAAe,UAAY,CACjD,MAAO,EACf,EAII,EAAgB,UAAU,sBAAwB,UAAY,CAC1D,MAAO,KACf,EAII,EAAgB,UAAU,uBAAyB,UAAY,CAC3D,MAAO,KACf,EAII,EAAgB,UAAU,gBAAkB,UAAY,CACpD,MAAO,KACf,EAII,EAAgB,UAAU,gBAAkB,UAAY,CACpD,MAAO,EACf,EAII,EAAgB,UAAU,WAAa,UAAY,CAC/C,MAAO,KACf,EAII,EAAgB,UAAU,iBAAmB,UAAY,CACrD,MAAO,KACf,EAII,EAAgB,UAAU,wBAA0B,UAAY,CAC5D,MAAO,KACf,EAII,EAAgB,UAAU,yBAA2B,UAAY,CAC7D,MAAO,KACf,EACW,CACX,EAAEkB,GAAkB,eAAe,EACZD,EAAA,gBAAG,YCxG1B,OAAO,eAAe,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACzB,EAAA,4BAAG,OACtC,GAAI,IAAajB,EACb,GAAqBG,EACrBO,GAAyBL,EAM7B,YAAqC,EAAwB,CACzD,MAAO,UAA6B,EAAU,CAC1C,GAAI,GAAM,GAAI,gBACd,EAAI,KAAK,MAAO,EAAyB,0CAA0C,EACnF,EAAI,iBAAiB,SAAU,kBAAkB,EACjD,EAAI,iBAAiB,OAAQ,UAAgC,CACzD,GAAI,EAAI,SAAW,IAAK,CACpB,GAAI,GAAiB,OACrB,GAAI,CACA,EAAiB,KAAK,MAAM,EAAI,YAAY,CAC/C,MACD,CACI,EAAS,GAAI,IAAmB,iBAAiBK,GAAuB,mCAAmC,CAAC,EAC5G,MACH,CACD,AAAI,GAAsB,CAAc,EACpC,EAAS,CAAc,EAGvB,EAAS,GAAI,IAAmB,iBAAiBA,GAAuB,sCAAsC,CAAC,CAEtH,KAEG,GAAS,GAAI,IAAmB,iBAAiBA,GAAuB,mCAAmC,CAAC,CAE5H,CAAS,EACD,EAAI,KAAI,CAChB,CACA,CACmC,EAAA,4BAAG,GAKtC,YAA+B,EAAgB,CAC3C,MAAO,IAAW,SAAS,CAAc,GACrC,MAAO,GAAe,sBAAyB,UAC/C,MAAO,GAAe,sBAAyB,QACvD,CChDA,OAAO,eAAeS,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACpCA,EAAA,iBAAG,OAC3B,GAAI,IAAkBnB,EAClB,GAA6BG,EAC7B,GAAoBE,EACpB,GAAyBM,EACzB,GAAoBC,EACpB,GAAoBC,EACpB,GAA8BC,EAC9B,GAA2BC,EAC3B,GAA8BC,EAC9B,GAAuBI,EAQ3B,YAA0B,EAAY,CAClC,GAAI,GAAS,GAA2B,uBAAuB,EAAY,QAAQ,EAM/E,EAAU,GAAI,IAAqB,mBAAmB,GAAkB,KAAK,CAAM,CAAC,EAExF,GAAI,GAAyB,gBAAgB,EAAQ,QAAQ,EAAG,CAE5D,GAAI,OAAO,cAAgB,OAAO,aAAa,aAAa,GAAkB,gCAAgC,EAG1G,cAAO,OAAO,YAAY,CACtB,KAAM,sBACN,SAAU,SAAS,IACnC,EAAe,EAAO,YAAY,EAMf,GAAI,IAAkB,gBAAgB,EAAQ,CAAO,EAIhE,GAAI,GAAgB,GAA4B,4BAA4B,GAA4B,oBAAoB,OAAO,SAAS,IAAI,CAAC,EAC7I,EAAkB,EAAc,MAEhC,EAAe,EAAQ,QAAQ,EAAkB,QAAQ,EAC7D,GAAI,IAAoB,EAKpB,EAAQ,QAAQ,OAAQ,CAAa,UAEhC,EAAc,CAInB,GAAI,GAAY,CACZ,MAAO,GAAuB,kBAC9C,EACY,EAAQ,QAAQ,OAAQ,CAAS,CACpC,CAKD,GAAI,GAAY,EAAQ,QAAQ,EAAkB,aAAa,GAC3D,OAAO,SAAS,SAAW,KAAO,OAAO,SAAS,KAItD,MAAI,GAAU,QAAQ,GAAG,IAAM,IAAM,SAAS,KAAK,MAAM,GAAG,EAAE,KAAO,EAAU,MAAM,GAAG,EAAE,GACtF,QAAO,SAAS,KAAO,EAAU,MAAM,GAAG,EAAE,GAC5C,OAAO,SAAS,OAAO,EAAI,GAG3B,OAAO,SAAS,QAAQ,CAAS,EAO9B,GAAI,IAAkB,gBAAgB,EAAQ,CAAO,CAC/D,CAED,GAAI,GAAO,EAAQ,QAAQ,MAAM,EAEjC,AAAI,GACA,GAAQ,WAAW,EAAK,MAAQ,QAAQ,EACxC,EAAQ,WAAW,EAAK,MAAQ,aAAa,GAGjD,EAAQ,QAAQ,SAAU,EAAO,EAAK,CAClC,MAAO,GAAI,QAAQ,MAAM,IAAM,IAAM,EAAM,WAAa,KAAK,KACrE,CAAK,EAGD,GAAI,GAAc,GAAgB,cAAc,SAAU,EAAO,KAAK,EAChE,GAAI,IAAkB,gBAAgB,EAAQ,EAAS,GAA4B,4BAA4B,EAAO,sBAAsB,CAAC,EAC7I,GAAI,IAAkB,gBAAgB,EAAQ,CAAO,EAE3D,MAAI,GAAY,eAEL,EAAY,0BAGnB,IAAQ,EAAK,OACb,CAAI,EAAK,kBACL,EAAQ,WAAW,MAAM,EAGzB,GAAK,kBAAoB,GACzB,EAAQ,QAAQ,OAAQ,CAAI,IAG7B,EACX,CACwBD,EAAA,iBAAG,gBC1H3B,GAAI,GAAmBrB,GAAQA,EAAK,iBAAqB,QAAO,OAAU,SAAS,EAAG,EAAG,EAAG,EAAI,CAC5F,AAAI,IAAO,QAAW,GAAK,GAC3B,OAAO,eAAe,EAAG,EAAI,CAAE,WAAY,GAAM,IAAK,UAAW,CAAE,MAAO,GAAE,EAAG,CAAI,CAAA,CACvF,EAAM,SAAS,EAAG,EAAG,EAAG,EAAI,CACxB,AAAI,IAAO,QAAW,GAAK,GAC3B,EAAE,GAAM,EAAE,EACd,GACI,EAAgBA,GAAQA,EAAK,cAAiB,SAAS,EAAG,EAAS,CACnE,OAAS,KAAK,GAAG,AAAI,IAAM,WAAa,CAAC,OAAO,UAAU,eAAe,KAAK,EAAS,CAAC,GAAG,EAAgB,EAAS,EAAG,CAAC,CAC5H,EACA,OAAO,eAAc,EAAU,aAAc,CAAE,MAAO,EAAI,CAAE,EAM5D,EAAaE,EAAuC,CAAO,EAC3D,EAAaG,EAAmC,CAAO,EACvD,EAAaE,EAAuC,CAAO,EAC3D,EAAaM,EAA2C,CAAO,EAC/D,EAAaC,EAAqC,CAAO,EACzD,EAAaC,EAAkC,CAAO,EACtD,EAAaC,EAAkC,CAAO,EACtD,EAAaC,GAA2C,CAAO,EAC/D,EAAaC,EAA4C,CAAO,EAChE,EAAaI,EAAmC,CAAO,OCxBvD,WAAgC,EAAW,EAAK,EAAQ,CACtD,GAAI,GACJ,KAAM,GAAM,GAAI,KAAK,GAAK,GAAc,KAA+B,OAAS,EAAU,IAAI,YAAc,MAAQ,IAAO,OAAS,EAAK,GAAI,OAAO,SAAS,SAAW,KAAO,OAAO,SAAS,IAAI,EACnM,SAAI,UAAY,EAChB,EAAO,QAAQ,AAAC,GAAU,CACxB,EAAI,aAAa,OAAO,EAAM,GAAI,EAAM,EAAE,CAC9C,CAAG,EACM,CACT,CACK,KAAC,IAAO,CACX,IAAK,CAAC,EAAK,EAAQ,EAAa,IAAkB,CAChD,GAAI,GACJ,KAAM,GAAuB,GAAK,EAAc,aAAe,MAAQ,IAAO,OAAS,OAAS,EAAG,uBAAsB,EACzH,GAAI,EAAqB,CACvB,KAAM,GAAM,EAAuB,EAAc,UAAW,EAAK,CAAM,EACvE,MAAO,OAAM,EAAI,KAAM,CACrB,OAAQ,MACR,QAAS,GAAI,SAAQ,CACnB,cAAe,EACf,iBAAkB,EAAc,eAC1C,CAAS,EACD,OAAQ,CAChB,CAAO,CACF,CACD,MAAO,SAAQ,OAAO,GAAI,OAAM,wBAAwB,CAAC,CAC1D,EACD,KAAM,CAAC,EAAK,EAAQ,EAAM,EAAa,IAAkB,CACvD,GAAI,GACJ,KAAM,GAAuB,GAAK,EAAc,aAAe,MAAQ,IAAO,OAAS,OAAS,EAAG,uBAAsB,EACzH,GAAI,EAAqB,CACvB,KAAM,GAAM,EAAuB,EAAc,UAAW,EAAK,CAAM,EACvE,MAAO,OAAM,EAAI,KAAM,CACrB,OAAQ,OACR,QAAS,GAAI,SAAQ,CACnB,cAAe,EACf,iBAAkB,EAAc,gBAChC,eAAgB,kBAC1B,CAAS,EACD,KAAM,KAAK,UAAU,CAAI,EACzB,OAAQ,CAChB,CAAO,CACF,CACD,MAAO,SAAQ,OAAO,GAAI,OAAM,wBAAwB,CAAC,CAC1D,EACD,IAAK,CAAC,EAAK,EAAQ,EAAM,EAAa,IAAkB,CACtD,GAAI,GACJ,KAAM,GAAuB,GAAK,EAAc,aAAe,MAAQ,IAAO,OAAS,OAAS,EAAG,uBAAsB,EACzH,GAAI,EAAqB,CACvB,KAAM,GAAM,EAAuB,EAAc,UAAW,EAAK,CAAM,EACvE,MAAO,OAAM,EAAI,KAAM,CACrB,OAAQ,MACR,QAAS,GAAI,SAAQ,CACnB,cAAe,EACf,iBAAkB,EAAc,gBAChC,eAAgB,kBAC1B,CAAS,EACD,KAAM,KAAK,UAAU,CAAI,EACzB,OAAQ,CAChB,CAAO,CACF,CACD,MAAO,SAAQ,OAAO,GAAI,OAAM,wBAAwB,CAAC,CAC1D,EACD,MAAO,CAAC,EAAK,EAAQ,EAAM,EAAa,IAAkB,CACxD,GAAI,GACJ,KAAM,GAAuB,GAAK,EAAc,aAAe,MAAQ,IAAO,OAAS,OAAS,EAAG,uBAAsB,EACzH,GAAI,EAAqB,CACvB,KAAM,GAAM,EAAuB,EAAc,UAAW,EAAK,CAAM,EACvE,MAAO,OAAM,EAAI,KAAM,CACrB,OAAQ,QACR,QAAS,GAAI,SAAQ,CACnB,cAAe,EACf,iBAAkB,EAAc,gBAChC,eAAgB,kBAC1B,CAAS,EACD,KAAM,KAAK,UAAU,CAAI,EACzB,OAAQ,CAChB,CAAO,CACF,CACD,MAAO,SAAQ,OAAO,GAAI,OAAM,wBAAwB,CAAC,CAC1D,EACD,OAAQ,CAAC,EAAK,EAAQ,EAAa,IAAkB,CACnD,GAAI,GACJ,KAAM,GAAuB,GAAK,EAAc,aAAe,MAAQ,IAAO,OAAS,OAAS,EAAG,uBAAsB,EACzH,GAAI,EAAqB,CACvB,KAAM,GAAM,EAAuB,EAAc,UAAW,EAAK,CAAM,EACvE,MAAO,OAAM,EAAI,KAAM,CACrB,OAAQ,SACR,QAAS,GAAI,SAAQ,CACnB,cAAe,EACf,iBAAkB,EAAc,eAC1C,CAAS,EACD,OAAQ,CAChB,CAAO,CACF,CACD,MAAO,SAAQ,OAAO,GAAI,OAAM,wBAAwB,CAAC,CAC1D,CACH,EAEM,GAA2B,kBACjC,aAAwB,CACtB,KAAM,GAAsB,OAAO,wBACnC,MAAO,IAAuB,EAAoB,IAAM,EAAoB,IAAM,IACpF,CACA,YAAmB,EAAS,CAC1B,MAAO,UAAS,cAAc,CAAO,CACvC,CAEA,KAAM,IAAqB,AAAC,GAAc,CACxC,GAAI,GAAkBC,EAAAA,iBAAiB,CACrC,uBAAwB,EAAU,UAAU,SAC5C,UAAW,EAAU,UAAU,SAC/B,aAAc,EAAU,cAAgB,oBACxC,MAAO,EAAU,UAAU,OAC3B,WAAY,EAAU,UAAU,KACpC,CAAG,EACD,MAAI,GAAgB,IAClB,GAAgB,GAAGC,EAAAA,qBAAsB,IAAM,CAC7C,QAAQ,KAAK,kDAAkD,CACrE,CAAK,EACD,EAAgB,GAAGC,EAAAA,mBAAoB,IAAM,CAC3C,QAAQ,KAAK,2BAA2B,CAC9C,CAAK,EACD,EAAgB,GAAGC,yBAAwB,AAAC,GAAU,CACpD,QAAQ,MAAM,4BAA6B,CAAK,CACtD,CAAK,EACD,EAAgB,GAAGC,EAAAA,yBAA0B,IAAM,CACjD,QAAQ,KAAK,kCAAkC,CACrD,CAAK,GAEI,CACT,EAKA,YAAgC,EAAW,CACzC,KAAM,GAAkB,GAAmB,CAAS,EAC9C,EAAS,GAAU,cAAc,EACvC,GAAI,EACF,GAAI,MAAO,GAAO,wBAA2B,YAAa,CACxD,KAAM,GAAyB,IAAM,CACnC,EAAO,uBAAuB,CAAe,EAC7C,QAAQ,KAAK,kEAAmE,EAAO,WAAW,EAClG,EAAO,oBAAoB,sBAAuB,CAAsB,CAChF,EACM,EAAO,iBAAiB,sBAAuB,CAAsB,CAC3E,KACM,GAAO,uBAAuB,CAAe,EAC7C,QAAQ,KAAK,wBAAyB,EAAO,WAAW,EAG5D,MAAO,EACT,CCxJsD,aAAA,CACrD,MAAO,QAAO,iBACf"}