{"version":3,"file":"config.0b9209c6.js","sources":["../../vite/modulepreload-polyfill","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectErrorList.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectError.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectEventList.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectAuthorizationUri.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/isScopeListed.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/normalizeUrl.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectServerResponse.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectRedirectUri.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectConfiguration.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectStorage.js","../../node_modules/.pnpm/events@3.0.0/node_modules/events/events.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/isSameOrigin.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/isObject.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectOpenIDUserInfo.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectCore.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectHash.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectIdTokenClaims.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectNoop.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/SGWTConnectOpenIDMetadata.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/src/setupSGWTConnect.js","../../node_modules/.pnpm/@sgwt+connect-core@0.14.3/node_modules/@sgwt/connect-core/dist/index.js","../../node_modules/.pnpm/@sgmo+shared@1.1.0_@sgwt+connect-core@0.14.3_react-dom@18.2.0_react-intl@6.5.2_react@18.2.0_typescript@5.2.2/node_modules/@sgmo/shared/dist/main.es.js","../../src/config/config.ts"],"sourcesContent":["const p = function polyfill() {\n const relList = document.createElement('link').relList;\n if (relList && relList.supports && relList.supports('modulepreload')) {\n return;\n }\n for (const link of document.querySelectorAll('link[rel=\"modulepreload\"]')) {\n processPreload(link);\n }\n new MutationObserver((mutations) => {\n for (const mutation of mutations) {\n if (mutation.type !== 'childList') {\n continue;\n }\n for (const node of mutation.addedNodes) {\n if (node.tagName === 'LINK' && node.rel === 'modulepreload')\n processPreload(node);\n }\n }\n }).observe(document, { childList: true, subtree: true });\n function getFetchOpts(script) {\n const fetchOpts = {};\n if (script.integrity)\n fetchOpts.integrity = script.integrity;\n if (script.referrerpolicy)\n fetchOpts.referrerPolicy = script.referrerpolicy;\n if (script.crossorigin === 'use-credentials')\n fetchOpts.credentials = 'include';\n else if (script.crossorigin === 'anonymous')\n fetchOpts.credentials = 'omit';\n else\n fetchOpts.credentials = 'same-origin';\n return fetchOpts;\n }\n function processPreload(link) {\n if (link.ep)\n // ep marker = processed\n return;\n link.ep = true;\n // prepopulate the load record\n const fetchOpts = getFetchOpts(link);\n fetch(link.href, fetchOpts);\n }\n};__VITE_IS_MODERN__&&p();","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.ERR_FAILED_TO_FETCH_OPENID_CLAIMS_DESCRIPTION = exports.ERR_FAILED_TO_FETCH_OPENID_CLAIMS = exports.ERR_OPENID_CHECK_SESSION_ERROR_DESCRIPTION = exports.ERR_OPENID_CHECK_SESSION_ERROR = exports.ERR_FAILED_TO_VALIDATE_OPENID_METADATA_DESCRIPTION = exports.ERR_FAILED_TO_VALIDATE_OPENID_METADATA = exports.ERR_FAILED_TO_PARSE_OPENID_METADATA_DESCRIPTION = exports.ERR_FAILED_TO_PARSE_OPENID_METADATA = exports.ERR_FAILED_TO_FETCH_OPENID_METADATA_DESCRIPTION = exports.ERR_FAILED_TO_FETCH_OPENID_METADATA = exports.ERR_REGISTRATION_NOT_SUPPORTED_DESCRIPTION = exports.ERR_REGISTRATION_NOT_SUPPORTED = exports.ERR_REQUEST_URI_NOT_SUPPORTED_DESCRIPTION = exports.ERR_REQUEST_URI_NOT_SUPPORTED = exports.ERR_REQUEST_NOT_SUPPORTED_DESCRIPTION = exports.ERR_REQUEST_NOT_SUPPORTED = exports.ERR_INVALID_REQUEST_OBJECT_DESCRIPTION = exports.ERR_INVALID_REQUEST_OBJECT = exports.ERR_INVALID_REQUEST_URI_DESCRIPTION = exports.ERR_INVALID_REQUEST_URI = exports.ERR_CONSENT_REQUIRED_DESCRIPTION = exports.ERR_CONSENT_REQUIRED = exports.ERR_ACCOUNT_SELECTION_REQUIRED_DESCRIPTION = exports.ERR_ACCOUNT_SELECTION_REQUIRED = exports.ERR_LOGIN_REQUIRED_DESCRIPTION = exports.ERR_LOGIN_REQUIRED = exports.ERR_INTERACTION_REQUIRED_DESCRIPTION = exports.ERR_INTERACTION_REQUIRED = exports.ERR_TEMPORARILY_UNAVAILABLE_DESCRIPTION = exports.ERR_TEMPORARILY_UNAVAILABLE = exports.ERR_SERVER_ERROR_DESCRIPTION = exports.ERR_SERVER_ERROR = exports.ERR_INVALID_SCOPE_DESCRIPTION = exports.ERR_INVALID_SCOPE = exports.ERR_UNSUPPORTED_RESPONSE_TYPE_DESCRIPTION = exports.ERR_UNSUPPORTED_RESPONSE_TYPE = exports.ERR_ACCESS_DENIED_DESCRIPTION = exports.ERR_ACCESS_DENIED = exports.ERR_UNAUTHORIZED_CLIENT_DESCRIPTION = exports.ERR_UNAUTHORIZED_CLIENT = exports.ERR_INVALID_REQUEST_DESCRIPTION = exports.ERR_INVALID_REQUEST = exports.ERR_RENEW_TIMEOUT_DESCRIPTION = exports.ERR_RENEW_TIMEOUT = exports.ERR_UNAUTHORIZED_DESCRIPTION = exports.ERR_UNAUTHORIZED = exports.ERR_UNSUPPORTED_TOKEN_TYPE_DESCRIPTION = exports.ERR_UNSUPPORTED_TOKEN_TYPE = exports.ERR_STATE_MISMATCH_DESCRIPTION = exports.ERR_STATE_MISMATCH = void 0;\r\nexports.ERR_FAILED_TO_VALIDATE_OPENID_CLAIMS_DESCRIPTION = exports.ERR_FAILED_TO_VALIDATE_OPENID_CLAIMS = exports.ERR_FAILED_TO_PARSE_OPENID_CLAIMS_DESCRIPTION = exports.ERR_FAILED_TO_PARSE_OPENID_CLAIMS = void 0;\r\n/**\r\n * Authorization server response validation error.\r\n *\r\n * Unable to verify the validity of the request by matching\r\n * the \"state\" parameter sent with the authorization request\r\n * to the \"state\" parameter received in authorization server\r\n * response.\r\n *\r\n * This error may indicate a cross-site request forgery (CSRF)\r\n * attack or a misconfiguration of the authorization server.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-10.12\r\n */\r\nexports.ERR_STATE_MISMATCH = 'state_mismatch';\r\nexports.ERR_STATE_MISMATCH_DESCRIPTION = \"\\n This error may indicate a cross-site request forgery (CSRF)\\n attack or a misconfiguration of the authorization server.\\n\";\r\n/**\r\n * Authorization server response validation error.\r\n *\r\n * SGWTConnect does not support the access token type\r\n * received from the authorization server.\r\n */\r\nexports.ERR_UNSUPPORTED_TOKEN_TYPE = 'unsupported_token_type';\r\nexports.ERR_UNSUPPORTED_TOKEN_TYPE_DESCRIPTION = \"\\n SGWTConnect does not support the access token type\\n received from the authorization server.\\n\";\r\n/**\r\n * SGWTConnect unauthorized error.\r\n *\r\n * Occurs when SGWTConnect is unable to perform an action\r\n * because it is currently unauthorized to do so.\r\n */\r\nexports.ERR_UNAUTHORIZED = 'unauthorized';\r\nexports.ERR_UNAUTHORIZED_DESCRIPTION = \"\\n SGWTConnect is unable to perform an action\\n because it is currently unauthorized to do so.\\n\";\r\n/**\r\n * SGWTConnect renewal error.\r\n *\r\n * Occurs when SGWTConnect does not receive a response\r\n * from the authorization server while renewing the token.\r\n */\r\nexports.ERR_RENEW_TIMEOUT = 'renew_timeout';\r\nexports.ERR_RENEW_TIMEOUT_DESCRIPTION = \"\\n SGWTConnect did not receive a response\\n from the authorization server while\\n renewing the token.\\n\";\r\n//\r\n// OAuth 2.0 errors are listed below.\r\n// See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n// --------------------\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The request is missing a required parameter, includes an\r\n * unsupported parameter value, includes a parameter more\r\n * than once, or is otherwise malformed.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_INVALID_REQUEST = 'invalid_request';\r\nexports.ERR_INVALID_REQUEST_DESCRIPTION = \"\\n The configuration may be malformed.\\n Double check all configuration options.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The client is not authorized to request an access token\r\n * using this method.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_UNAUTHORIZED_CLIENT = 'unauthorized_client';\r\nexports.ERR_UNAUTHORIZED_CLIENT_DESCRIPTION = \"\\n The client is not authorized to request an access token\\n using this method.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The resource owner or authorization server denied the request.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_ACCESS_DENIED = 'access_denied';\r\nexports.ERR_ACCESS_DENIED_DESCRIPTION = \"\\n The resource owner or authorization server denied the request.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The authorization server does not support obtaining an\r\n * access token using this method.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_UNSUPPORTED_RESPONSE_TYPE = 'unsupported_response_type';\r\nexports.ERR_UNSUPPORTED_RESPONSE_TYPE_DESCRIPTION = \"\\n The authorization server does not support obtaining an\\n access token using this method.\\n\\n Double-check the \\\"response_type\\\" configuration option.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The requested scope is invalid, unknown, or malformed.\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_INVALID_SCOPE = 'invalid_scope';\r\nexports.ERR_INVALID_SCOPE_DESCRIPTION = \"\\n The requested scope is invalid, unknown, or malformed.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The authorization server encountered an unexpected\r\n * condition that prevented it from fulfilling the request.\r\n * (This error code is needed because a 500 Internal Server\r\n * Error HTTP status code cannot be returned to the client\r\n * via an HTTP redirect.)\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_SERVER_ERROR = 'server_error';\r\nexports.ERR_SERVER_ERROR_DESCRIPTION = \"\\n The authorization server encountered an unexpected\\n condition that prevented it from fulfilling the request.\\n\\n Please try again in a few minutes.\\n\";\r\n/**\r\n * Authorization server error response.\r\n *\r\n * The authorization server is currently unable to handle\r\n * the request due to a temporary overloading or maintenance\r\n * of the server. (This error code is needed because a 503\r\n * Service Unavailable HTTP status code cannot be returned\r\n * to the client via an HTTP redirect.)\r\n *\r\n * See: https://tools.ietf.org/html/rfc6749#section-4.2.2.1\r\n */\r\nexports.ERR_TEMPORARILY_UNAVAILABLE = 'temporarily_unavailable';\r\nexports.ERR_TEMPORARILY_UNAVAILABLE_DESCRIPTION = \"\\n The authorization server is currently unable to handle\\n the request due to a temporary overloading or maintenance\\n of the server.\\n\\n Please try again in a few minutes.\\n\";\r\n//\r\n// OpenID Connect 1.0 errors are listed below.\r\n// See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n// --------------------\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The Authorization Server requires End-User interaction\r\n * of some form to proceed. This error MAY be returned\r\n * when the prompt parameter value in the Authentication Request\r\n * is none, but the Authentication Request cannot be completed\r\n * without displaying a user interface for End-User interaction.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_INTERACTION_REQUIRED = 'interaction_required';\r\nexports.ERR_INTERACTION_REQUIRED_DESCRIPTION = \"\\n The Authorization Server requires End-User interaction\\n of some form to proceed.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The Authorization Server requires End-User authentication.\r\n * This error MAY be returned when the prompt parameter value in the\r\n * Authentication Request is none, but the Authentication Request\r\n * cannot be completed without displaying a user interface for\r\n * End-User authentication.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_LOGIN_REQUIRED = 'login_required';\r\nexports.ERR_LOGIN_REQUIRED_DESCRIPTION = \"\\n The Authorization Server requires End-User authentication.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The End-User is REQUIRED to select a session at the Authorization Server.\r\n * The End-User MAY be authenticated at the Authorization Server with\r\n * different associated accounts, but the End-User did not select a session.\r\n * This error MAY be returned when the prompt parameter value in the\r\n * Authentication Request is none, but the Authentication Request\r\n * cannot be completed without displaying a user interface to prompt\r\n * for a session to use.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_ACCOUNT_SELECTION_REQUIRED = 'account_selection_required';\r\nexports.ERR_ACCOUNT_SELECTION_REQUIRED_DESCRIPTION = \"\\n The End-User is REQUIRED to select a session at the Authorization Server.\\n The End-User MAY be authenticated at the Authorization Server with\\n different associated accounts, but the End-User did not select a session.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The Authorization Server requires End-User consent.\r\n * This error MAY be returned when the prompt parameter value in the\r\n * Authentication Request is none, but the Authentication Request\r\n * cannot be completed without displaying a user interface for\r\n * End-User consent.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_CONSENT_REQUIRED = 'consent_required';\r\nexports.ERR_CONSENT_REQUIRED_DESCRIPTION = \"\\n The Authorization Server requires End-User consent.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The request_uri in the Authorization Request returns an error\r\n * or contains invalid data.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_INVALID_REQUEST_URI = 'invalid_request_uri';\r\nexports.ERR_INVALID_REQUEST_URI_DESCRIPTION = \"\\n The request_uri in the Authorization Request returns an error\\n or contains invalid data.\\n\\n This is probably a bug in SGWTConnect.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The request parameter contains an invalid Request Object.\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_INVALID_REQUEST_OBJECT = 'invalid_request_object';\r\nexports.ERR_INVALID_REQUEST_OBJECT_DESCRIPTION = \"\\n The request parameter contains an invalid Request Object.\\n\\n This is probably a bug in SGWTConnect.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The OpenID Provider does not support use of the `request` parameter defined in\r\n * [Section 6](http://openid.net/specs/openid-connect-core-1_0.html#JWTRequests).\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_REQUEST_NOT_SUPPORTED = 'request_not_supported';\r\nexports.ERR_REQUEST_NOT_SUPPORTED_DESCRIPTION = \"\\n The OpenID Provider does not support use of the \\\"request\\\" parameter.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The OpenID Provider does not support use of the `request_uri` parameter defined in\r\n * [Section 6](http://openid.net/specs/openid-connect-core-1_0.html#JWTRequests).\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_REQUEST_URI_NOT_SUPPORTED = 'request_uri_not_supported';\r\nexports.ERR_REQUEST_URI_NOT_SUPPORTED_DESCRIPTION = \"\\n The OpenID Provider does not support use of the \\\"request_uri\\\" parameter.\\n\";\r\n/**\r\n * OpenID Connect authentication error response.\r\n *\r\n * The OpenID Provider does not support use of the `registration` parameter defined in\r\n * [Section 7.2.1](http://openid.net/specs/openid-connect-core-1_0.html#RegistrationParameter).\r\n *\r\n * See: http://openid.net/specs/openid-connect-core-1_0.html#AuthError\r\n */\r\nexports.ERR_REGISTRATION_NOT_SUPPORTED = 'registration_not_supported';\r\nexports.ERR_REGISTRATION_NOT_SUPPORTED_DESCRIPTION = \"\\n The OpenID Provider does not support use of the \\\"registration\\\" parameter.\\n\";\r\n//\r\n// OpenID Connect 1.0 Session Management errors are listed below.\r\n// See: https://openid.net/specs/openid-connect-session-1_0.html\r\n// --------------------\r\n/**\r\n * Indicates that an HTTP request to obtain\r\n * the OpenID Provider Discovery Metadata has failed.\r\n */\r\nexports.ERR_FAILED_TO_FETCH_OPENID_METADATA = 'failed_to_obtain_openid_metadata';\r\nexports.ERR_FAILED_TO_FETCH_OPENID_METADATA_DESCRIPTION = \"\\n Failed to obtain OpenID Provider Metadata.\\n\";\r\n/**\r\n * Indicates that there was a error parsing\r\n * the OpenID Provider Discovery Metadata response.\r\n */\r\nexports.ERR_FAILED_TO_PARSE_OPENID_METADATA = 'failed_to_parse_openid_metadata';\r\nexports.ERR_FAILED_TO_PARSE_OPENID_METADATA_DESCRIPTION = \"\\n Failed to parse OpenID Provider Discovery Metadata.\\n\";\r\n/**\r\n * Indicates that there was an error validating\r\n * the OpenID Provider Discovery Metadata response.\r\n */\r\nexports.ERR_FAILED_TO_VALIDATE_OPENID_METADATA = 'failed_to_validate_openid_metadata';\r\nexports.ERR_FAILED_TO_VALIDATE_OPENID_METADATA_DESCRIPTION = \"\\n Failed to validate OpenID Provider Discovery Metadata.\\n\";\r\n/**\r\n * Indicates that the OpenID OP iframe received\r\n * a syntactically malformed message.\r\n *\r\n * See: https://openid.net/specs/openid-connect-session-1_0.html#OPiframe\r\n */\r\nexports.ERR_OPENID_CHECK_SESSION_ERROR = 'check_session_error';\r\nexports.ERR_OPENID_CHECK_SESSION_ERROR_DESCRIPTION = \"\\n Client ID and origin URL cannot be determined or are syntactically invalid.\\n\";\r\n//\r\n// OpenID UserInfo Endpoint.\r\n// See: https://openid.net/specs/openid-connect-core-1_0.html#UserInfo\r\n// --------------------\r\n/**\r\n * Indicates that an HTTP request to obtain\r\n * the OpenID UserInfo Claims has failed.\r\n */\r\nexports.ERR_FAILED_TO_FETCH_OPENID_CLAIMS = 'failed_to_obtain_openid_claims';\r\nexports.ERR_FAILED_TO_FETCH_OPENID_CLAIMS_DESCRIPTION = \"\\n Failed to obtain OpenID UserInfo Claims.\\n\";\r\n/**\r\n * Indicates that there was a error parsing\r\n * the OpenID UserInfo Claims response.\r\n */\r\nexports.ERR_FAILED_TO_PARSE_OPENID_CLAIMS = 'failed_to_parse_openid_claims';\r\nexports.ERR_FAILED_TO_PARSE_OPENID_CLAIMS_DESCRIPTION = \"\\n Failed to parse OpenID UserInfo Claims.\\n\";\r\n/**\r\n * Indicates that there was an error validating\r\n * the OpenID UserInfo Claims response.\r\n */\r\nexports.ERR_FAILED_TO_VALIDATE_OPENID_CLAIMS = 'failed_to_validate_openid_claims';\r\nexports.ERR_FAILED_TO_VALIDATE_OPENID_CLAIMS_DESCRIPTION = \"\\n Failed to validate OpenID UserInfo Claims.\\n\";\r\n//# sourceMappingURL=SGWTConnectErrorList.js.map","\"use strict\";\r\nvar __extends = (this && this.__extends) || (function () {\r\n var extendStatics = function (d, b) {\r\n extendStatics = Object.setPrototypeOf ||\r\n ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||\r\n function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };\r\n return extendStatics(d, b);\r\n };\r\n return function (d, b) {\r\n if (typeof b !== \"function\" && b !== null)\r\n throw new TypeError(\"Class extends value \" + String(b) + \" is not a constructor or null\");\r\n extendStatics(d, b);\r\n function __() { this.constructor = d; }\r\n d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());\r\n };\r\n})();\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.SGWTConnectError = void 0;\r\nvar ErrorList = require(\"./SGWTConnectErrorList\");\r\n/**\r\n * SGWTConnect error.\r\n *\r\n * The purpose of this class is to differentiate custom SGWTConnect\r\n * errors from errors originated in other modules.\r\n */\r\nvar SGWTConnectError = /** @class */ (function (_super) {\r\n __extends(SGWTConnectError, _super);\r\n function SGWTConnectError(code) {\r\n var _this = this;\r\n var errorListKey = \"ERR_\" + code.toUpperCase() + \"_DESCRIPTION\";\r\n var description = ErrorList[errorListKey];\r\n _this = _super.call(this, \"SGWTConnectError \" + code.toUpperCase() + \" \" + description) || this;\r\n // Calling `super` in TypeScript 2.1 and 2.2 breaks the\r\n // prototype chain, so we need to restore it here to\r\n // enable instanceof checks\r\n // See: https://github.com/Microsoft/TypeScript/wiki/Breaking-Changes#typescript-21\r\n Object.setPrototypeOf(_this, SGWTConnectError.prototype);\r\n // We use the same approach as NodeJS errors by exposing\r\n // a `code` property (e.g. \"state_mismatch\") on error\r\n // instances:\r\n _this.code = code;\r\n return _this;\r\n }\r\n return SGWTConnectError;\r\n}(Error));\r\nexports.SGWTConnectError = SGWTConnectError;\r\n//# sourceMappingURL=SGWTConnectError.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.EVENT_OPENID_CHECK_SESSION_ERROR = exports.EVENT_OPENID_SESSION_UNCHANGED = exports.EVENT_OPENID_SESSION_CHANGED = exports.EVENT_OPENID_METADATA_FETCH_ERROR = exports.EVENT_AUTH_RENEW_SUCCESS = exports.EVENT_AUTH_RENEW_ERROR = exports.EVENT_AUTH_EXPIRED = exports.EVENT_AUTH_DISCARDED = void 0;\r\n/**\r\n * The authorization token has been discarded.\r\n */\r\nexports.EVENT_AUTH_DISCARDED = 'authorizationDiscarded';\r\n/**\r\n * The authorization token has expired.\r\n */\r\nexports.EVENT_AUTH_EXPIRED = 'authorizationExpired';\r\n/**\r\n * Error has occurred while renewing the token.\r\n */\r\nexports.EVENT_AUTH_RENEW_ERROR = 'renewAuthorizationError';\r\n/**\r\n * The current token has been successfully renewed.\r\n */\r\nexports.EVENT_AUTH_RENEW_SUCCESS = 'renewAuthorizationSuccess';\r\n/**\r\n * Error has occurred while fetching the OpenID Metadata.\r\n */\r\nexports.EVENT_OPENID_METADATA_FETCH_ERROR = 'OpenIDMetadataFetchError';\r\n/**\r\n * Indicates that the OpenID session has changed.\r\n */\r\nexports.EVENT_OPENID_SESSION_CHANGED = 'OpenIDCheckSessionChanged';\r\n/**\r\n * Indicates that the OpenID session has not changed.\r\n */\r\nexports.EVENT_OPENID_SESSION_UNCHANGED = 'OpenIDCheckSessionUnchanged';\r\n/**\r\n * Error has occurred while fetching the OpenID Metadata.\r\n */\r\nexports.EVENT_OPENID_CHECK_SESSION_ERROR = 'OpenIDCheckSessionError';\r\n//# sourceMappingURL=SGWTConnectEventList.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.generateAuthorizationUri = exports.normalizeAuthorizationEndpoint = exports.generateCryptoStrongRandomValue = void 0;\r\n/**\r\n * Generates a cryptographically strong random value.\r\n */\r\nfunction generateCryptoStrongRandomValue() {\r\n var crypto = window.crypto || window.msCrypto;\r\n var randomValues = crypto.getRandomValues(new Uint32Array(5));\r\n // IE supports neither TypedArray methods nor Array.from,\r\n // so we have to use a for loop here if we want this script\r\n // to be injectable before polyfills:\r\n var base36RandomValue = '';\r\n for (var i = 0; i < randomValues.length; i += 1) { // tslint:disable-line:prefer-for-of\r\n base36RandomValue += randomValues[i].toString(36);\r\n }\r\n return base36RandomValue;\r\n}\r\nexports.generateCryptoStrongRandomValue = generateCryptoStrongRandomValue;\r\n/**\r\n * Normalizes the authorization endpoint by stripping /oauth2/* suffixes.\r\n */\r\nfunction normalizeAuthorizationEndpoint(authorization_endpoint) {\r\n return authorization_endpoint\r\n .replace(/(\\/oauth2\\/authorize|\\/userinfo)?\\/?$/, '');\r\n}\r\nexports.normalizeAuthorizationEndpoint = normalizeAuthorizationEndpoint;\r\n/**\r\n * Generates an OAuth2/OpenID-compliant authorization URI.\r\n */\r\nfunction generateAuthorizationUri(config, state, options) {\r\n return normalizeAuthorizationEndpoint(config.authorization_endpoint) +\r\n '/oauth2/authorize' +\r\n '?client_id=' + encodeURIComponent(config.client_id) +\r\n '&redirect_uri=' + encodeURIComponent(config.redirect_uri) +\r\n '&response_type=' + encodeURIComponent(config.response_type) +\r\n '&scope=' + encodeURIComponent(config.scope) +\r\n '&nonce=' + encodeURIComponent(generateCryptoStrongRandomValue()) +\r\n '&state=' + encodeURIComponent(state) +\r\n '&acr_values=' + encodeURIComponent(config.acr_values) +\r\n (options && options.prompt ? '&prompt=' + options.prompt : '') +\r\n (options && options.id_token_hint ? '&id_token_hint=' + options.id_token_hint : '');\r\n}\r\nexports.generateAuthorizationUri = generateAuthorizationUri;\r\n//# sourceMappingURL=SGWTConnectAuthorizationUri.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.isScopeListed = void 0;\r\n/**\r\n * Determines whether the checked scope is listed in the actual scope.\r\n */\r\nfunction isScopeListed(checkedScope, actualScope) {\r\n var checkedScopeList = checkedScope.trim().toLowerCase().split(/\\s+/);\r\n var actualScopeList = actualScope.trim().toLowerCase().split(/\\s+/);\r\n return checkedScopeList.every(function (scope) { return actualScopeList.indexOf(scope) !== -1; });\r\n}\r\nexports.isScopeListed = isScopeListed;\r\n//# sourceMappingURL=isScopeListed.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.normalizeUrl = void 0;\r\n/**\r\n * Normalizes a URL by lowercasing it, adding the trailing slash,\r\n * and removing the default ports (:80 for http and :443 for https).\r\n * @param url URL to normalize.\r\n * @example\r\n * normalizeUrl('HTTP://EXAMPLE.COM') === 'http://example.com/'\r\n * normalizeUrl('http://example.com:80') === 'http://example.com/'\r\n * normalizeUrl('https://example.com:443') === 'https://example.com/'\r\n */\r\nfunction normalizeUrl(url) {\r\n // Using HTMLAnchorElement hack because Internet Explorer\r\n // doesn't support the Window.URL API:\r\n var a = document.createElement('a');\r\n a.href = url;\r\n return a.href;\r\n}\r\nexports.normalizeUrl = normalizeUrl;\r\n//# sourceMappingURL=normalizeUrl.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.normalizeAuthServerResponse = exports.parseOAuth2Fragment = void 0;\r\n/**\r\n * Creates an object from a string of query parameters.\r\n */\r\nfunction parseQueryParametersString(queryParametersString) {\r\n var queryParametersRegex = /([^&=]+)=([^&]*)/g;\r\n var queryParameters = {};\r\n var keyValuePair;\r\n // tslint:disable-next-line:no-conditional-assignment\r\n while (keyValuePair = queryParametersRegex.exec(queryParametersString)) {\r\n var key = decodeURIComponent(keyValuePair[1]);\r\n var value = decodeURIComponent(keyValuePair[2]);\r\n queryParameters[key] = value;\r\n }\r\n return queryParameters;\r\n}\r\n/**\r\n * Parses an authorization server response.\r\n */\r\nfunction parseOAuth2Fragment(fragment) {\r\n return parseQueryParametersString(fragment.replace(/^#/, ''));\r\n}\r\nexports.parseOAuth2Fragment = parseOAuth2Fragment;\r\n/**\r\n * Normalizes a parsed authorization server response.\r\n */\r\nfunction normalizeAuthServerResponse(authServerResponse) {\r\n if (authServerResponse.error) {\r\n var authError = {\r\n error: authServerResponse.error,\r\n error_description: authServerResponse.error_description,\r\n state: authServerResponse.state\r\n };\r\n return authError;\r\n }\r\n var expiresIn = parseInt(authServerResponse.expires_in, 10) * 1000;\r\n var authSuccess = {\r\n access_token: authServerResponse.access_token,\r\n expires_in: expiresIn,\r\n expires_at: Date.now() + expiresIn,\r\n id_token: authServerResponse.id_token,\r\n scope: authServerResponse.scope,\r\n state: authServerResponse.state,\r\n token_type: authServerResponse.token_type,\r\n session_state: authServerResponse.session_state\r\n };\r\n return authSuccess;\r\n}\r\nexports.normalizeAuthServerResponse = normalizeAuthServerResponse;\r\n//# sourceMappingURL=SGWTConnectServerResponse.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.isOnRedirectUri = exports.generateRedirectUri = void 0;\r\nvar isScopeListed_1 = require(\"./isScopeListed\");\r\nvar normalizeUrl_1 = require(\"./normalizeUrl\");\r\nvar SGWTConnectServerResponse_1 = require(\"./SGWTConnectServerResponse\");\r\n/**\r\n * Generates a redirect URI.\r\n *\r\n * Given the origin \"https://example.com\":\r\n * - \"\" -> \"https://example.com\"\r\n * - \"/redirect\" -> \"https://example.com/redirect\"\r\n * - \"https://example.com\" -> \"https://example.com\"\r\n */\r\nfunction generateRedirectUri(location, redirectUri) {\r\n var origin = location.protocol + \"//\" + location.host;\r\n // Support empty or unspecified redirect_uri\r\n // by using the current origin instead:\r\n // \"\" => \"https://example.com\"\r\n if (!redirectUri) {\r\n return origin;\r\n }\r\n // Support URIs relative to origin, for example:\r\n // \"/redirect\" => \"https://example.com/redirect\"\r\n if (redirectUri.charAt(0) === '/') {\r\n return \"\" + origin + redirectUri;\r\n }\r\n // Otherwise use the redirect_uri as provided.\r\n // Note that we're not trying to normalize it\r\n // because it will be compared as is on the\r\n // authorization server.\r\n return redirectUri;\r\n}\r\nexports.generateRedirectUri = generateRedirectUri;\r\n/**\r\n * Determines if the current page has been redirected using OAuth2 protocol.\r\n */\r\nfunction isOnRedirectUri(config, location) {\r\n //\r\n // Step 1: validate the fragment\r\n // --------------------\r\n var authEndpointResponse = SGWTConnectServerResponse_1.parseOAuth2Fragment(location.hash);\r\n // Ensure that the fragment has at least the \"state\" parameter,\r\n // otherwise this is not a valid OAuth2 fragment:\r\n if (!authEndpointResponse.hasOwnProperty('state')) {\r\n return false;\r\n }\r\n var hasRequestedAccessToken = isScopeListed_1.isScopeListed('token', config.response_type);\r\n var hasRequestedIdToken = isScopeListed_1.isScopeListed('id_token', config.response_type);\r\n var hasReceivedAccessToken = authEndpointResponse.hasOwnProperty('access_token');\r\n var hasReceivedIdToken = authEndpointResponse.hasOwnProperty('id_token');\r\n var hasReceivedError = authEndpointResponse.hasOwnProperty('error');\r\n if (hasRequestedAccessToken) {\r\n if (!hasReceivedAccessToken && !hasReceivedError) {\r\n return false;\r\n }\r\n }\r\n if (hasRequestedIdToken) {\r\n if (!hasReceivedIdToken && !hasReceivedError) {\r\n return false;\r\n }\r\n }\r\n //\r\n // Step 2: validate the href without fragment\r\n // --------------------\r\n // Remove the fragment from the current location and normalize it\r\n // to avoid infinite redirects due to non-strictly equal URIs:\r\n var currentUri = normalizeUrl_1.normalizeUrl(location.href.replace(location.hash, ''));\r\n // Compare to normalized redirect URI assuming that\r\n // it has no fragment (as per specification):\r\n return currentUri === normalizeUrl_1.normalizeUrl(config.redirect_uri);\r\n}\r\nexports.isOnRedirectUri = isOnRedirectUri;\r\n//# sourceMappingURL=SGWTConnectRedirectUri.js.map","\"use strict\";\r\nvar __assign = (this && this.__assign) || function () {\r\n __assign = Object.assign || function(t) {\r\n for (var s, i = 1, n = arguments.length; i < n; i++) {\r\n s = arguments[i];\r\n for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))\r\n t[p] = s[p];\r\n }\r\n return t;\r\n };\r\n return __assign.apply(this, arguments);\r\n};\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.normalizeConfiguration = void 0;\r\nvar SGWTConnectAuthorizationUri_1 = require(\"./SGWTConnectAuthorizationUri\");\r\nvar SGWTConnectRedirectUri_1 = require(\"./SGWTConnectRedirectUri\");\r\n/**\r\n * Normalizes the configuration by adding default fields,\r\n * and normalizing existing fields.\r\n * @param config Configuration object to normalize.\r\n */\r\nfunction normalizeConfiguration(config, location) {\r\n return __assign(__assign(__assign({}, config), { response_type: config.response_type || 'id_token token', acr_values: config.acr_values || 'L2', \r\n // Normalize the authorization endpoint by stripping some\r\n // extraneous suffixes that users may add:\r\n authorization_endpoint: SGWTConnectAuthorizationUri_1.normalizeAuthorizationEndpoint(config.authorization_endpoint), \r\n // API consumers may:\r\n // - specify a redirect_uri relative to origin\r\n // in this case we prefix it with origin\r\n // - not specify a redirect_uri at all\r\n // in this case we define it for them, as it is mandatory\r\n redirect_uri: SGWTConnectRedirectUri_1.generateRedirectUri(location, config.redirect_uri) }), config.post_logout_redirect_uri\r\n ? { post_logout_redirect_uri: SGWTConnectRedirectUri_1.generateRedirectUri(location, config.post_logout_redirect_uri) }\r\n : {});\r\n}\r\nexports.normalizeConfiguration = normalizeConfiguration;\r\n//# sourceMappingURL=SGWTConnectConfiguration.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.SGWTConnectStorage = void 0;\r\n/**\r\n * SGWTConnect data storage.\r\n *\r\n * Has the following features:\r\n * - Automatic parsing of stringified data.\r\n * - Prefixing of keys of stored data.\r\n */\r\nvar SGWTConnectStorage = /** @class */ (function () {\r\n function SGWTConnectStorage(hash) {\r\n if (hash === void 0) { hash = ''; }\r\n this.hash = hash;\r\n this.baseStorageKey = 'SGWTConnectStorage';\r\n }\r\n Object.defineProperty(SGWTConnectStorage.prototype, \"storageKey\", {\r\n get: function () {\r\n return this.hash ? this.baseStorageKey + \".\" + this.hash : this.baseStorageKey;\r\n },\r\n enumerable: false,\r\n configurable: true\r\n });\r\n SGWTConnectStorage.prototype.getItem = function (key) {\r\n var item = localStorage.getItem(this.storageKey + \".\" + key);\r\n return item === null ? null : JSON.parse(item);\r\n };\r\n SGWTConnectStorage.prototype.setItem = function (key, value) {\r\n localStorage.setItem(this.storageKey + \".\" + key, JSON.stringify(value));\r\n };\r\n SGWTConnectStorage.prototype.removeItem = function (key) {\r\n localStorage.removeItem(this.storageKey + \".\" + key);\r\n };\r\n SGWTConnectStorage.prototype.clearBy = function (satisfiesCondition) {\r\n for (var i = 0; i < localStorage.length; i += 1) {\r\n var key = localStorage.key(i);\r\n if (key && key.indexOf(this.baseStorageKey) !== -1) {\r\n var value = localStorage.getItem(key);\r\n var parsedValue = value === null ? null : JSON.parse(value);\r\n if (satisfiesCondition(parsedValue, key)) {\r\n localStorage.removeItem(key);\r\n }\r\n }\r\n }\r\n };\r\n return SGWTConnectStorage;\r\n}());\r\nexports.SGWTConnectStorage = SGWTConnectStorage;\r\n//# sourceMappingURL=SGWTConnectStorage.js.map","// Copyright Joyent, Inc. and other Node contributors.\n//\n// Permission is hereby granted, free of charge, to any person obtaining a\n// copy of this software and associated documentation files (the\n// \"Software\"), to deal in the Software without restriction, including\n// without limitation the rights to use, copy, modify, merge, publish,\n// distribute, sublicense, and/or sell copies of the Software, and to permit\n// persons to whom the Software is furnished to do so, subject to the\n// following conditions:\n//\n// The above copyright notice and this permission notice shall be included\n// in all copies or substantial portions of the Software.\n//\n// THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS\n// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF\n// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN\n// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,\n// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR\n// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE\n// USE OR OTHER DEALINGS IN THE SOFTWARE.\n\n'use strict';\n\nvar R = typeof Reflect === 'object' ? Reflect : null\nvar ReflectApply = R && typeof R.apply === 'function'\n ? R.apply\n : function ReflectApply(target, receiver, args) {\n return Function.prototype.apply.call(target, receiver, args);\n }\n\nvar ReflectOwnKeys\nif (R && typeof R.ownKeys === 'function') {\n ReflectOwnKeys = R.ownKeys\n} else if (Object.getOwnPropertySymbols) {\n ReflectOwnKeys = function ReflectOwnKeys(target) {\n return Object.getOwnPropertyNames(target)\n .concat(Object.getOwnPropertySymbols(target));\n };\n} else {\n ReflectOwnKeys = function ReflectOwnKeys(target) {\n return Object.getOwnPropertyNames(target);\n };\n}\n\nfunction ProcessEmitWarning(warning) {\n if (console && console.warn) console.warn(warning);\n}\n\nvar NumberIsNaN = Number.isNaN || function NumberIsNaN(value) {\n return value !== value;\n}\n\nfunction EventEmitter() {\n EventEmitter.init.call(this);\n}\nmodule.exports = EventEmitter;\n\n// Backwards-compat with node 0.10.x\nEventEmitter.EventEmitter = EventEmitter;\n\nEventEmitter.prototype._events = undefined;\nEventEmitter.prototype._eventsCount = 0;\nEventEmitter.prototype._maxListeners = undefined;\n\n// By default EventEmitters will print a warning if more than 10 listeners are\n// added to it. This is a useful default which helps finding memory leaks.\nvar defaultMaxListeners = 10;\n\nObject.defineProperty(EventEmitter, 'defaultMaxListeners', {\n enumerable: true,\n get: function() {\n return defaultMaxListeners;\n },\n set: function(arg) {\n if (typeof arg !== 'number' || arg < 0 || NumberIsNaN(arg)) {\n throw new RangeError('The value of \"defaultMaxListeners\" is out of range. It must be a non-negative number. Received ' + arg + '.');\n }\n defaultMaxListeners = arg;\n }\n});\n\nEventEmitter.init = function() {\n\n if (this._events === undefined ||\n this._events === Object.getPrototypeOf(this)._events) {\n this._events = Object.create(null);\n this._eventsCount = 0;\n }\n\n this._maxListeners = this._maxListeners || undefined;\n};\n\n// Obviously not all Emitters should be limited to 10. This function allows\n// that to be increased. Set to zero for unlimited.\nEventEmitter.prototype.setMaxListeners = function setMaxListeners(n) {\n if (typeof n !== 'number' || n < 0 || NumberIsNaN(n)) {\n throw new RangeError('The value of \"n\" is out of range. It must be a non-negative number. Received ' + n + '.');\n }\n this._maxListeners = n;\n return this;\n};\n\nfunction $getMaxListeners(that) {\n if (that._maxListeners === undefined)\n return EventEmitter.defaultMaxListeners;\n return that._maxListeners;\n}\n\nEventEmitter.prototype.getMaxListeners = function getMaxListeners() {\n return $getMaxListeners(this);\n};\n\nEventEmitter.prototype.emit = function emit(type) {\n var args = [];\n for (var i = 1; i < arguments.length; i++) args.push(arguments[i]);\n var doError = (type === 'error');\n\n var events = this._events;\n if (events !== undefined)\n doError = (doError && events.error === undefined);\n else if (!doError)\n return false;\n\n // If there is no 'error' event listener then throw.\n if (doError) {\n var er;\n if (args.length > 0)\n er = args[0];\n if (er instanceof Error) {\n // Note: The comments on the `throw` lines are intentional, they show\n // up in Node's output if this results in an unhandled exception.\n throw er; // Unhandled 'error' event\n }\n // At least give some kind of context to the user\n var err = new Error('Unhandled error.' + (er ? ' (' + er.message + ')' : ''));\n err.context = er;\n throw err; // Unhandled 'error' event\n }\n\n var handler = events[type];\n\n if (handler === undefined)\n return false;\n\n if (typeof handler === 'function') {\n ReflectApply(handler, this, args);\n } else {\n var len = handler.length;\n var listeners = arrayClone(handler, len);\n for (var i = 0; i < len; ++i)\n ReflectApply(listeners[i], this, args);\n }\n\n return true;\n};\n\nfunction _addListener(target, type, listener, prepend) {\n var m;\n var events;\n var existing;\n\n if (typeof listener !== 'function') {\n throw new TypeError('The \"listener\" argument must be of type Function. Received type ' + typeof listener);\n }\n\n events = target._events;\n if (events === undefined) {\n events = target._events = Object.create(null);\n target._eventsCount = 0;\n } else {\n // To avoid recursion in the case that type === \"newListener\"! Before\n // adding it to the listeners, first emit \"newListener\".\n if (events.newListener !== undefined) {\n target.emit('newListener', type,\n listener.listener ? listener.listener : listener);\n\n // Re-assign `events` because a newListener handler could have caused the\n // this._events to be assigned to a new object\n events = target._events;\n }\n existing = events[type];\n }\n\n if (existing === undefined) {\n // Optimize the case of one listener. Don't need the extra array object.\n existing = events[type] = listener;\n ++target._eventsCount;\n } else {\n if (typeof existing === 'function') {\n // Adding the second element, need to change to array.\n existing = events[type] =\n prepend ? [listener, existing] : [existing, listener];\n // If we've already got an array, just append.\n } else if (prepend) {\n existing.unshift(listener);\n } else {\n existing.push(listener);\n }\n\n // Check for listener leak\n m = $getMaxListeners(target);\n if (m > 0 && existing.length > m && !existing.warned) {\n existing.warned = true;\n // No error code for this since it is a Warning\n // eslint-disable-next-line no-restricted-syntax\n var w = new Error('Possible EventEmitter memory leak detected. ' +\n existing.length + ' ' + String(type) + ' listeners ' +\n 'added. Use emitter.setMaxListeners() to ' +\n 'increase limit');\n w.name = 'MaxListenersExceededWarning';\n w.emitter = target;\n w.type = type;\n w.count = existing.length;\n ProcessEmitWarning(w);\n }\n }\n\n return target;\n}\n\nEventEmitter.prototype.addListener = function addListener(type, listener) {\n return _addListener(this, type, listener, false);\n};\n\nEventEmitter.prototype.on = EventEmitter.prototype.addListener;\n\nEventEmitter.prototype.prependListener =\n function prependListener(type, listener) {\n return _addListener(this, type, listener, true);\n };\n\nfunction onceWrapper() {\n var args = [];\n for (var i = 0; i < arguments.length; i++) args.push(arguments[i]);\n if (!this.fired) {\n this.target.removeListener(this.type, this.wrapFn);\n this.fired = true;\n ReflectApply(this.listener, this.target, args);\n }\n}\n\nfunction _onceWrap(target, type, listener) {\n var state = { fired: false, wrapFn: undefined, target: target, type: type, listener: listener };\n var wrapped = onceWrapper.bind(state);\n wrapped.listener = listener;\n state.wrapFn = wrapped;\n return wrapped;\n}\n\nEventEmitter.prototype.once = function once(type, listener) {\n if (typeof listener !== 'function') {\n throw new TypeError('The \"listener\" argument must be of type Function. Received type ' + typeof listener);\n }\n this.on(type, _onceWrap(this, type, listener));\n return this;\n};\n\nEventEmitter.prototype.prependOnceListener =\n function prependOnceListener(type, listener) {\n if (typeof listener !== 'function') {\n throw new TypeError('The \"listener\" argument must be of type Function. Received type ' + typeof listener);\n }\n this.prependListener(type, _onceWrap(this, type, listener));\n return this;\n };\n\n// Emits a 'removeListener' event if and only if the listener was removed.\nEventEmitter.prototype.removeListener =\n function removeListener(type, listener) {\n var list, events, position, i, originalListener;\n\n if (typeof listener !== 'function') {\n throw new TypeError('The \"listener\" argument must be of type Function. Received type ' + typeof listener);\n }\n\n events = this._events;\n if (events === undefined)\n return this;\n\n list = events[type];\n if (list === undefined)\n return this;\n\n if (list === listener || list.listener === listener) {\n if (--this._eventsCount === 0)\n this._events = Object.create(null);\n else {\n delete events[type];\n if (events.removeListener)\n this.emit('removeListener', type, list.listener || listener);\n }\n } else if (typeof list !== 'function') {\n position = -1;\n\n for (i = list.length - 1; i >= 0; i--) {\n if (list[i] === listener || list[i].listener === listener) {\n originalListener = list[i].listener;\n position = i;\n break;\n }\n }\n\n if (position < 0)\n return this;\n\n if (position === 0)\n list.shift();\n else {\n spliceOne(list, position);\n }\n\n if (list.length === 1)\n events[type] = list[0];\n\n if (events.removeListener !== undefined)\n this.emit('removeListener', type, originalListener || listener);\n }\n\n return this;\n };\n\nEventEmitter.prototype.off = EventEmitter.prototype.removeListener;\n\nEventEmitter.prototype.removeAllListeners =\n function removeAllListeners(type) {\n var listeners, events, i;\n\n events = this._events;\n if (events === undefined)\n return this;\n\n // not listening for removeListener, no need to emit\n if (events.removeListener === undefined) {\n if (arguments.length === 0) {\n this._events = Object.create(null);\n this._eventsCount = 0;\n } else if (events[type] !== undefined) {\n if (--this._eventsCount === 0)\n this._events = Object.create(null);\n else\n delete events[type];\n }\n return this;\n }\n\n // emit removeListener for all listeners on all events\n if (arguments.length === 0) {\n var keys = Object.keys(events);\n var key;\n for (i = 0; i < keys.length; ++i) {\n key = keys[i];\n if (key === 'removeListener') continue;\n this.removeAllListeners(key);\n }\n this.removeAllListeners('removeListener');\n this._events = Object.create(null);\n this._eventsCount = 0;\n return this;\n }\n\n listeners = events[type];\n\n if (typeof listeners === 'function') {\n this.removeListener(type, listeners);\n } else if (listeners !== undefined) {\n // LIFO order\n for (i = listeners.length - 1; i >= 0; i--) {\n this.removeListener(type, listeners[i]);\n }\n }\n\n return this;\n };\n\nfunction _listeners(target, type, unwrap) {\n var events = target._events;\n\n if (events === undefined)\n return [];\n\n var evlistener = events[type];\n if (evlistener === undefined)\n return [];\n\n if (typeof evlistener === 'function')\n return unwrap ? [evlistener.listener || evlistener] : [evlistener];\n\n return unwrap ?\n unwrapListeners(evlistener) : arrayClone(evlistener, evlistener.length);\n}\n\nEventEmitter.prototype.listeners = function listeners(type) {\n return _listeners(this, type, true);\n};\n\nEventEmitter.prototype.rawListeners = function rawListeners(type) {\n return _listeners(this, type, false);\n};\n\nEventEmitter.listenerCount = function(emitter, type) {\n if (typeof emitter.listenerCount === 'function') {\n return emitter.listenerCount(type);\n } else {\n return listenerCount.call(emitter, type);\n }\n};\n\nEventEmitter.prototype.listenerCount = listenerCount;\nfunction listenerCount(type) {\n var events = this._events;\n\n if (events !== undefined) {\n var evlistener = events[type];\n\n if (typeof evlistener === 'function') {\n return 1;\n } else if (evlistener !== undefined) {\n return evlistener.length;\n }\n }\n\n return 0;\n}\n\nEventEmitter.prototype.eventNames = function eventNames() {\n return this._eventsCount > 0 ? ReflectOwnKeys(this._events) : [];\n};\n\nfunction arrayClone(arr, n) {\n var copy = new Array(n);\n for (var i = 0; i < n; ++i)\n copy[i] = arr[i];\n return copy;\n}\n\nfunction spliceOne(list, index) {\n for (; index + 1 < list.length; index++)\n list[index] = list[index + 1];\n list.pop();\n}\n\nfunction unwrapListeners(arr) {\n var ret = new Array(arr.length);\n for (var i = 0; i < ret.length; ++i) {\n ret[i] = arr[i].listener || arr[i];\n }\n return ret;\n}\n","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.isSameOrigin = void 0;\r\n/**\r\n * Determines whether two valid URLs are of the same origin.\r\n *\r\n * There is no URL normalization, thus\r\n * `isSameOrigin('http://localhost', 'localhost')` is `false`.\r\n */\r\nfunction isSameOrigin(urlA, urlB) {\r\n // Using HTMLAnchorElement hack because Internet Explorer\r\n // doesn't support the Window.URL API:\r\n var a = document.createElement('a');\r\n a.href = urlA;\r\n var protocolA = a.protocol, hostA = a.host;\r\n a.href = urlB;\r\n var protocolB = a.protocol, hostB = a.host;\r\n // Internet Explorer doesn't implement HTMLAnchorElement.origin,\r\n // so we consider origin to be the same when their protocols,\r\n // hostnames, and ports match exactly. Note that HTMLAnchorElement\r\n // normalizes the URL (lowercases it, removes trailing slash) and\r\n // HTMLAnchorElement.host value already includes the port, for ex:\r\n // \"HTTP://Example.com:8080/foo\"\r\n // - protocol: \"http:\"\r\n // - host: \"example.com:8080\"\r\n return protocolA === protocolB && hostA === hostB;\r\n}\r\nexports.isSameOrigin = isSameOrigin;\r\n//# sourceMappingURL=isSameOrigin.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.isObject = void 0;\r\n/**\r\n * Determines whether the given value is an object.\r\n * @param value A value to check.\r\n */\r\nfunction isObject(value) {\r\n return value !== null && typeof value === 'object';\r\n}\r\nexports.isObject = isObject;\r\n//# sourceMappingURL=isObject.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.fetchOpenIDUserInfo = void 0;\r\nvar isObject_1 = require(\"./isObject\");\r\nvar SGWTConnectError_1 = require(\"./SGWTConnectError\");\r\nvar SGWTConnectErrorList_1 = require(\"./SGWTConnectErrorList\");\r\n/**\r\n * Fetches OpenID Claims from the OpenID Provider's \"userinfo\" endpoint.\r\n * @param authorizationEndpoint OpenID Provider's \"userinfo\" endpoint URL.\r\n * @param authorizationHeader OpenID Provider's \"userinfo\" endpoint URL.\r\n * @param callback Called with Claims or error upon request completion.\r\n */\r\nfunction fetchOpenIDUserInfo(authorizationEndpoint, authorizationHeader, callback) {\r\n var xhr = new XMLHttpRequest();\r\n xhr.open('GET', authorizationEndpoint + \"/oauth2/userinfo\");\r\n xhr.setRequestHeader('Accept', 'application/json');\r\n xhr.setRequestHeader('Authorization', authorizationHeader);\r\n xhr.addEventListener('load', function handleOpenIDUserInfoLoad() {\r\n if (xhr.status === 200) {\r\n var openIDUserInfo = void 0;\r\n try {\r\n openIDUserInfo = JSON.parse(xhr.responseText);\r\n }\r\n catch (_a) {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_PARSE_OPENID_CLAIMS));\r\n return;\r\n }\r\n if (isValidOpenIDClaims(openIDUserInfo)) {\r\n callback(null, openIDUserInfo);\r\n }\r\n else {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_VALIDATE_OPENID_CLAIMS));\r\n }\r\n }\r\n else {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_FETCH_OPENID_CLAIMS));\r\n }\r\n });\r\n xhr.send();\r\n}\r\nexports.fetchOpenIDUserInfo = fetchOpenIDUserInfo;\r\n/**\r\n * Determines whether the given OpenID Configuration is valid.\r\n * @param openIDUserInfo JSON-parsed value obtained from the Discovery API.\r\n */\r\nfunction isValidOpenIDClaims(openIDUserInfo) {\r\n return isObject_1.isObject(openIDUserInfo) &&\r\n typeof openIDUserInfo.sub === 'string' &&\r\n typeof openIDUserInfo.name === 'string' &&\r\n typeof openIDUserInfo.locale === 'string';\r\n}\r\n//# sourceMappingURL=SGWTConnectOpenIDUserInfo.js.map","\"use strict\";\r\nvar __extends = (this && this.__extends) || (function () {\r\n var extendStatics = function (d, b) {\r\n extendStatics = Object.setPrototypeOf ||\r\n ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||\r\n function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };\r\n return extendStatics(d, b);\r\n };\r\n return function (d, b) {\r\n if (typeof b !== \"function\" && b !== null)\r\n throw new TypeError(\"Class extends value \" + String(b) + \" is not a constructor or null\");\r\n extendStatics(d, b);\r\n function __() { this.constructor = d; }\r\n d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());\r\n };\r\n})();\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.SGWTConnectCore = exports.SGWTConnectCheckSesssionFrameAttribute = exports.SGWTConnectRenewalFrameAttribute = void 0;\r\nvar events_1 = require(\"events\");\r\nvar isSameOrigin_1 = require(\"./isSameOrigin\");\r\nvar isScopeListed_1 = require(\"./isScopeListed\");\r\nvar SGWTConnectAuthorizationUri_1 = require(\"./SGWTConnectAuthorizationUri\");\r\nvar SGWTConnectError_1 = require(\"./SGWTConnectError\");\r\nvar SGWTConnectErrorList_1 = require(\"./SGWTConnectErrorList\");\r\nvar SGWTConnectEventList_1 = require(\"./SGWTConnectEventList\");\r\nvar SGWTConnectOpenIDUserInfo_1 = require(\"./SGWTConnectOpenIDUserInfo\");\r\nvar SGWTConnectServerResponse_1 = require(\"./SGWTConnectServerResponse\");\r\nexports.SGWTConnectRenewalFrameAttribute = 'data-sgwt-connect-renewal-frame';\r\nexports.SGWTConnectCheckSesssionFrameAttribute = 'data-sgwt-connect-check-session-frame';\r\n/**\r\n * Main API of SGWTConnect.\r\n */\r\nvar SGWTConnectCore = /** @class */ (function (_super) {\r\n __extends(SGWTConnectCore, _super);\r\n function SGWTConnectCore(config, storage, fetchOpenIDMetadata) {\r\n var _this = _super.call(this) || this;\r\n _this.config = config;\r\n _this.storage = storage;\r\n _this.tokenExpirationTimer = null;\r\n _this.periodicalRenewalTimer = null;\r\n _this.periodicalRenewalBackoff = 1000;\r\n _this.periodicalRenewalTimeout = 30000;\r\n _this.openIDCheckSessionTimerInterval = 3000;\r\n if (_this.isAuthorized()) {\r\n _this.restartTokenExpirationTimer();\r\n }\r\n if (fetchOpenIDMetadata && _this.hasRequestedScope('openid')) {\r\n fetchOpenIDMetadata(function (maybeOpenIDMetadata) {\r\n if (maybeOpenIDMetadata instanceof Error) {\r\n _this.emit(SGWTConnectEventList_1.EVENT_OPENID_METADATA_FETCH_ERROR, maybeOpenIDMetadata);\r\n }\r\n else {\r\n _this.openIDMetadata = maybeOpenIDMetadata;\r\n _this.enableOpenIDSessionManagement();\r\n }\r\n });\r\n }\r\n return _this;\r\n }\r\n //\r\n // Public\r\n // --------------------\r\n /**\r\n * Initiates the authorization process.\r\n *\r\n * Redirects to the authorization endpoint unless the\r\n * authorization has already been granted.\r\n */\r\n SGWTConnectCore.prototype.requestAuthorization = function () {\r\n // Check if the user is currently signed in to prevent\r\n // unnecessary sign-in redirects on application load:\r\n if (this.isAuthorized()) {\r\n return this\r\n .restartTokenExpirationTimer()\r\n .enablePeriodicalRenewal();\r\n }\r\n // At this point the token may not exist, has expired\r\n // or the authorization server has responded with an\r\n // error. In any case we clear the current authorization\r\n // response:\r\n this.storage.removeItem('AUTH');\r\n // Cross-Site Request Forgery (CSRF) protection:\r\n var state = SGWTConnectAuthorizationUri_1.generateCryptoStrongRandomValue();\r\n this.storage.setItem(state + \".STATE\", state);\r\n // Remember the current URL, we will need to return\r\n // the user here after authorization is completed:\r\n this.storage.setItem(state + \".RETURN_URL\", location.href);\r\n // Initiate the authorization process by redirecting\r\n // the current page to the authorization endpoint:\r\n location.replace(SGWTConnectAuthorizationUri_1.generateAuthorizationUri(this.config, state));\r\n return this;\r\n };\r\n /**\r\n * Clears the local authorization data and redirects\r\n * to end_session_endpoint if OpenID is enabled and\r\n * has loaded the relevant metadata.\r\n */\r\n SGWTConnectCore.prototype.discardAuthorization = function () {\r\n // Redirect is only possible if OpenID Metadata was\r\n // successfully retrieved from the \"well-known\" endpoint:\r\n if (this.openIDMetadata) {\r\n // Obtain the parameters required for the logout request:\r\n // https://openid.net/specs/openid-connect-session-1_0.html#RPLogout\r\n var id_token_hint = this.getIdToken();\r\n var post_logout_redirect_uri = this.config.post_logout_redirect_uri;\r\n var end_session_endpoint = this.openIDMetadata.end_session_endpoint;\r\n // Generate the end session URL:\r\n var endSessionURL_1 = end_session_endpoint + \"?id_token_hint=\" + id_token_hint +\r\n (post_logout_redirect_uri ? \"&post_logout_redirect_uri=\" + post_logout_redirect_uri : '');\r\n // Schedule termination of the OpenID session:\r\n this.once(SGWTConnectEventList_1.EVENT_AUTH_DISCARDED, function () {\r\n window.location.replace(endSessionURL_1);\r\n });\r\n }\r\n // Discard the authorization data which will trigger\r\n // EVENT_AUTH_DISCARDED that we subscribed to above:\r\n return this.discardAuthorizationLocally();\r\n };\r\n /**\r\n * Initiates a silent renewal of the token.\r\n *\r\n * Because the renewal is transparent to the user, we\r\n * discourage usage of this method before calling `requestAuthorization`\r\n * as this will not display the authorization approval\r\n * interface.\r\n */\r\n SGWTConnectCore.prototype.renewAuthorization = function (callback) {\r\n return this.requestAuthorizationWithoutPrompt({}, callback);\r\n };\r\n /**\r\n * Determines if the authorization has been granted.\r\n *\r\n * The state of having authorization is determined by the presence\r\n * of a non-expired access_token. This method does not tell\r\n * whether the authorization has been revoked or not,\r\n * or whether the granted scopes are identical to the\r\n * requested ones.\r\n */\r\n SGWTConnectCore.prototype.isAuthorized = function () {\r\n var authorization = this.storage.getItem('AUTH');\r\n return Boolean(authorization && authorization.access_token) &&\r\n authorization.expires_at > Date.now();\r\n };\r\n /**\r\n * Returns the authorization error or null if there is none.\r\n */\r\n SGWTConnectCore.prototype.getAuthorizationError = function () {\r\n var authorization = this.storage.getItem('AUTH');\r\n return (authorization && authorization.error) ?\r\n new SGWTConnectError_1.SGWTConnectError(authorization.error) :\r\n null;\r\n };\r\n /**\r\n * Generates an \"Authorization\" HTTP header value.\r\n *\r\n * Call this method and use the return value as Authorization header\r\n * value every time you make an HTTP request to your backend API.\r\n *\r\n * const authHttpHeader = sgwtConnect.getAuthorizationHeader();\r\n * if (authHttpHeader) {\r\n * headers.set('Authorization', authHttpHeader);\r\n * }\r\n *\r\n * Currently only the \"Bearer\" token type is supported.\r\n */\r\n SGWTConnectCore.prototype.getAuthorizationHeader = function () {\r\n var authorization = this.storage.getItem('AUTH');\r\n if (!this.isAuthorized()) {\r\n return null;\r\n }\r\n if (authorization.token_type && authorization.token_type.toLowerCase() === 'bearer') {\r\n return \"Bearer \" + authorization.access_token;\r\n }\r\n throw new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_UNSUPPORTED_TOKEN_TYPE);\r\n };\r\n /**\r\n * Returns the scope granted by the authorization server as a space-delimited string.\r\n */\r\n SGWTConnectCore.prototype.getGrantedScope = function () {\r\n // Make sure that the authorization request was successful:\r\n if (!this.isAuthorized()) {\r\n return null;\r\n }\r\n // Scope is part of authorization server response:\r\n var authorization = this.storage.getItem('AUTH');\r\n // Return the scope as is (e.g. \"profile openid mail\").\r\n // We leave it up to developer to parse and compare to\r\n // the requested scope. Also note that the scope\r\n // may not be returned in the authorization response\r\n // if it is identical to the scope requested by\r\n // the client.\r\n return typeof authorization.scope === 'undefined' ?\r\n this.config.scope :\r\n authorization.scope;\r\n };\r\n /**\r\n * Determines whether the given scope has been granted.\r\n *\r\n * sgwtConnect.hasGrantedScope('profile openid');\r\n */\r\n SGWTConnectCore.prototype.hasGrantedScope = function (checkedScope) {\r\n var grantedScope = this.getGrantedScope();\r\n if (typeof grantedScope !== 'string') {\r\n return false;\r\n }\r\n return isScopeListed_1.isScopeListed(checkedScope, grantedScope);\r\n };\r\n /**\r\n * Obtains the user's ID Token in the form of JWT (JSON Web Token).\r\n *\r\n * Use this method to pass user identity to your backend.\r\n *\r\n * Calling this method is only useful if the \"scope\" parameter\r\n * used to make the authorization request included the \"openid\"\r\n * value.\r\n *\r\n * See http://openid.net/specs/openid-connect-core-1_0.html#IDToken\r\n * See https://tools.ietf.org/html/rfc7519\r\n */\r\n SGWTConnectCore.prototype.getIdToken = function () {\r\n // Make sure that the authorization request was successful:\r\n if (!this.isAuthorized()) {\r\n return null;\r\n }\r\n // Obtain the authorization server response:\r\n var authorization = this.storage.getItem('AUTH');\r\n // It is possible that the response_type parameter did not\r\n // include the \"id_token\" value while performing an authorization\r\n // request, so there's no id_token in the current token:\r\n if (!authorization.id_token) {\r\n return null;\r\n }\r\n // Return the id_token as is so that it can be passed to\r\n // backend for validation:\r\n return authorization.id_token;\r\n };\r\n /**\r\n * Obtains basic user information from ID Token claims.\r\n *\r\n * Use this method to obtain user id, name, email, etc.\r\n * without calling the /userinfo endpoint.\r\n *\r\n * Calling this method is only useful if the \"scope\" parameter\r\n * used to make the authorization request included the \"openid\"\r\n * (and optionally \"email\", \"profile\", etc.) value.\r\n *\r\n * See http://openid.net/specs/openid-connect-core-1_0.html#IDToken\r\n */\r\n SGWTConnectCore.prototype.getIdTokenClaims = function () {\r\n var idToken = this.getIdToken();\r\n // The ID Token could be missing in the following cases:\r\n // 1. Authorization not requested\r\n // 2. Authorization not granted\r\n // 3. id_token not requested in the authorization request\r\n // 4. id_token not granted in the authorization response\r\n if (idToken === null) {\r\n return null;\r\n }\r\n // The id_token conforms to an industry standard (IETF RFC 7519)\r\n // and contains three parts (header, body, signature) separated\r\n // by \".\" (dot) character:\r\n var idTokenParts = idToken.split('.');\r\n // The body is the second part (at index 1) containing identity\r\n // claims about the user:\r\n var idTokenBody = idTokenParts[1];\r\n // The id_token body is a base64url encoded JSON structure:\r\n return JSON.parse(atob(idTokenBody));\r\n };\r\n /**\r\n * Fetches UserInfo Claims from the authorization server.\r\n *\r\n * Use this method to obtain user name, email, etc. if\r\n * you're not requesting id_token or if the id_token\r\n * does not contain these values.\r\n *\r\n * See https://openid.net/specs/openid-connect-core-1_0.html#UserInfo\r\n */\r\n SGWTConnectCore.prototype.fetchUserInfo = function (callback) {\r\n var authorizationHeader = this.getAuthorizationHeader();\r\n if (authorizationHeader) {\r\n SGWTConnectOpenIDUserInfo_1.fetchOpenIDUserInfo(this.config.authorization_endpoint, authorizationHeader, callback);\r\n }\r\n else {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_UNAUTHORIZED));\r\n }\r\n return this;\r\n };\r\n /**\r\n * Enables silent periodical renewal of the token.\r\n *\r\n * Call this method after checking the result of isAuthorized,\r\n * because it assumes that the authorization request has been\r\n * performed successfully.\r\n */\r\n SGWTConnectCore.prototype.enablePeriodicalRenewal = function () {\r\n var _this = this;\r\n // Make sure that we don't have two renewal timers\r\n // running at the same time:\r\n if (this.periodicalRenewalTimer !== null) {\r\n return this;\r\n }\r\n // Whenever renewal succeeds (manual or periodical)\r\n // we need to restart the timer in order to do reduce\r\n // the number of requests to the authorization endpoint:\r\n this.addListener(SGWTConnectEventList_1.EVENT_AUTH_RENEW_SUCCESS, this.restartRenewalTimer);\r\n // Start the initial timer. We're using setTimeout to be able\r\n // to adjust the duration depending on renew success/error:\r\n this.periodicalRenewalTimer = window.setTimeout(function () {\r\n _this.renewResiliently();\r\n }, this.getRenewalTimeout());\r\n return this;\r\n };\r\n /**\r\n * Disables silent periodical renewal of the token.\r\n */\r\n SGWTConnectCore.prototype.disablePeriodicalRenewal = function () {\r\n // Make sure that the backoff delay is reset so that next time\r\n // we start the periodical renewal, it is back to default value:\r\n this.resetRenewalBackoff();\r\n // Stop restarting periodical renewal on renew success:\r\n this.removeListener(SGWTConnectEventList_1.EVENT_AUTH_RENEW_SUCCESS, this.restartRenewalTimer);\r\n // Clear the current timeout:\r\n if (typeof this.periodicalRenewalTimer === 'number') {\r\n window.clearTimeout(this.periodicalRenewalTimer);\r\n this.periodicalRenewalTimer = null;\r\n }\r\n return this;\r\n };\r\n //\r\n // Private\r\n // --------------------\r\n /**\r\n * Discards the local authorization data,\r\n * cancels all running timers,\r\n * and emits `EVENT_AUTH_DISCARDED` event.\r\n */\r\n SGWTConnectCore.prototype.discardAuthorizationLocally = function () {\r\n // The authorization is discarded, so it no longer\r\n // makes sense to do periodical renewal or maintain\r\n // the expiration timer:\r\n this.disablePeriodicalRenewal();\r\n this.clearTokenExpirationTimer();\r\n if (this.openIDMetadata) {\r\n // OpenID Session Management is no longer needed:\r\n this.disableOpenIDSessionManagement();\r\n }\r\n // Actually discard the authorization data:\r\n this.storage.removeItem('AUTH');\r\n // Notify the interested parties:\r\n this.emit(SGWTConnectEventList_1.EVENT_AUTH_DISCARDED);\r\n return this;\r\n };\r\n /**\r\n * Initiates a silent renewal of the token\r\n * with additional options that are not available\r\n * in the public API.\r\n */\r\n SGWTConnectCore.prototype.requestAuthorizationWithoutPrompt = function (_a, callback) {\r\n var _this = this;\r\n var id_token_hint = _a.id_token_hint;\r\n // Cross-Site Request Forgery (CSRF) protection:\r\n var state = SGWTConnectAuthorizationUri_1.generateCryptoStrongRandomValue();\r\n // Generate the complete authorization endpoint URL\r\n // where id_token_hint is used to validate session\r\n // after receiving a \"changed\" event from OpenID\r\n // Session Management frame:\r\n var authorizationEndpoint = id_token_hint\r\n ? SGWTConnectAuthorizationUri_1.generateAuthorizationUri(this.config, state, { prompt: 'none', id_token_hint: id_token_hint })\r\n : SGWTConnectAuthorizationUri_1.generateAuthorizationUri(this.config, state, { prompt: 'none' });\r\n // Because OAuth2 protocol insists on providing access_token\r\n // in the fragment, we're unable to use XMLHttpRequest as it\r\n // transparently follows all redirects and the fragment is lost.\r\n // To solve this issue we use an iframe which gives us access\r\n // to window.location containing the access_token in its fragment.\r\n var iframe = document.createElement('iframe');\r\n // When both of these flags are set to true, then it is safe\r\n // to remove the iframe from the DOM\r\n // 1. we must not remove the iframe before it emits the \"load\"\r\n // event because in flight resources may get canceled causing\r\n // some browsers to remove them even from the top-level window\r\n // 2. we must wait for the message from iframe because it may\r\n // be emitted after(!) \"load\" event; removing the iframe from\r\n // the DOM will cancel the message in flight\r\n var isIframeLoaded = false;\r\n var isMessageReceivedFromIframe = false;\r\n // Iframe timeout in case it does not message or does not load:\r\n var iframeTimeoutTimer;\r\n // The redirect_uri may point to another domain preventing\r\n // the iframe from accessing the storage to set the token,\r\n // so it will message the top-level window using cross-origin\r\n // messaging protocol with window.postMessage. This function\r\n // securely handles the received message:\r\n var iframeMessageHandler = function (event) {\r\n // Make sure that the event comes from the renewal iframe:\r\n if (event.source !== iframe.contentWindow) {\r\n return;\r\n }\r\n // Make sure that the event comes from redirect_uri page:\r\n if (!isSameOrigin_1.isSameOrigin(event.origin, _this.config.redirect_uri)) {\r\n return;\r\n }\r\n // Third party scripts use the same API to send messages,\r\n // so make sure we're dealing with our own event:\r\n if (!event.data || typeof event.data !== 'object') {\r\n return;\r\n }\r\n if (event.data.type !== 'SGWTConnectFragment') {\r\n return;\r\n }\r\n // All event validity checks have passed; we consider\r\n // the event as genuine and can flag it as received\r\n // so that the \"load\" event handler knows about it:\r\n isMessageReceivedFromIframe = true;\r\n // We expect a single message, so the listener is no longer needed:\r\n window.removeEventListener('message', iframeMessageHandler);\r\n // We have received a message from the iframe,\r\n // the timeout no longer makes sense:\r\n window.clearTimeout(iframeTimeoutTimer);\r\n // We can remove the iframe if it has already loaded:\r\n if (isIframeLoaded) {\r\n document.body.removeChild(iframe);\r\n }\r\n // Extract the authorization server response from the message:\r\n var authorization = SGWTConnectServerResponse_1.normalizeAuthServerResponse(SGWTConnectServerResponse_1.parseOAuth2Fragment(event.data.fragment));\r\n // Cross-Site Request Forgery (CSRF) protection:\r\n if (authorization.state !== state) {\r\n var error = new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_STATE_MISMATCH);\r\n _this.emit(SGWTConnectEventList_1.EVENT_AUTH_RENEW_ERROR, error);\r\n if (callback) {\r\n callback(error);\r\n }\r\n return;\r\n }\r\n // Notify the subscribers about renewal completion:\r\n var errorCode = authorization.error;\r\n if (errorCode) {\r\n // Notify the API consumer about the authorization failure:\r\n var error = new SGWTConnectError_1.SGWTConnectError(errorCode);\r\n _this.emit(SGWTConnectEventList_1.EVENT_AUTH_RENEW_ERROR, error);\r\n if (callback) {\r\n callback(error);\r\n }\r\n }\r\n else {\r\n // Persist the authorization server response prior to emitting\r\n // events and calling the completion callback so that the token\r\n // is available to the completion event handlers:\r\n _this.storage.setItem('AUTH', authorization);\r\n // The authorization data has been updated, which means that\r\n // the expiration time has changed, so we need to restart\r\n // the expiration timer:\r\n _this.restartTokenExpirationTimer();\r\n // Although rare, the authorization state might be initiated\r\n // by calling renewAuthorization instead of requestAuthorization;\r\n // in this case we need to enable OpenID Session Management\r\n // on \"renewal\" success:\r\n _this.enableOpenIDSessionManagement();\r\n // Notify the API consumer about the authorization success:\r\n _this.emit(SGWTConnectEventList_1.EVENT_AUTH_RENEW_SUCCESS);\r\n if (callback) {\r\n callback(null);\r\n }\r\n }\r\n };\r\n // Securely handles the \"load\" event of the renewal iframe\r\n // by removing event listeners and the iframe itself;\r\n // also emits an error event in case no message was\r\n // received from the iframe before \"load\" event:\r\n var iframeLoadHandler = function (event) {\r\n // Make sure the event is genuine:\r\n if (!event.isTrusted) {\r\n return;\r\n }\r\n // We consider this event as genuine and can flag it as received\r\n // so that the iframe message event handler knows about it:\r\n isIframeLoaded = true;\r\n // The \"load\" event can only happen once, so the listener\r\n // is no longer needed:\r\n iframe.removeEventListener('load', iframeLoadHandler);\r\n // We can remove the iframe from the DOM if we have already\r\n // received the message from it:\r\n if (isMessageReceivedFromIframe) {\r\n document.body.removeChild(iframe);\r\n }\r\n };\r\n // Expecting the iframe to send us a message\r\n // from the redirect_uri page using cross-origin\r\n // messaging protocol with window.postMessage:\r\n window.addEventListener('message', iframeMessageHandler);\r\n // We need to listen to the \"load\" event because\r\n // we expect the iframe to load completely\r\n // before removing it from the DOM, otherwise\r\n // canceled resource requests may destroy already\r\n // loaded resources from the top-level window:\r\n iframe.addEventListener('load', iframeLoadHandler);\r\n // The iframe may never load or fail to send the message due to\r\n // changes in network, server failure, or some other error,\r\n // but we still need to emit+callback, so we use a timeout:\r\n iframeTimeoutTimer = window.setTimeout(function () {\r\n window.clearTimeout(iframeTimeoutTimer);\r\n // Cleanup event listeners:\r\n iframe.removeEventListener('load', iframeLoadHandler);\r\n window.removeEventListener('message', iframeMessageHandler);\r\n // Cleanup the DOM:\r\n document.body.removeChild(iframe);\r\n // Notify the API consumer about the renewal failure:\r\n var error = new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_RENEW_TIMEOUT);\r\n _this.emit(SGWTConnectEventList_1.EVENT_AUTH_RENEW_ERROR, error);\r\n if (callback) {\r\n callback(error);\r\n }\r\n }, this.periodicalRenewalTimeout);\r\n // Provide a way for setupSGWTConnect factory to figure out\r\n // whether the redirect is part of silent renewal or not:\r\n iframe.setAttribute(exports.SGWTConnectRenewalFrameAttribute, '');\r\n iframe.style.display = 'none';\r\n iframe.setAttribute('src', authorizationEndpoint);\r\n this.appendElementToDocumentWhenLoaded(iframe);\r\n return this;\r\n };\r\n /**\r\n * Ensures that DOM is loaded and appends the element to document body.\r\n * @param element Element to append to document body.\r\n */\r\n SGWTConnectCore.prototype.appendElementToDocumentWhenLoaded = function (element) {\r\n if (document.body) {\r\n document.body.appendChild(element);\r\n }\r\n else {\r\n var appendElementAndRemoveListener_1 = function () {\r\n window.removeEventListener('DOMContentLoaded', appendElementAndRemoveListener_1);\r\n document.body.appendChild(element);\r\n };\r\n window.addEventListener('DOMContentLoaded', appendElementAndRemoveListener_1);\r\n }\r\n };\r\n /**\r\n * Determines whether the given scope has been requested.\r\n *\r\n * this.hasRequestedScope('profile openid');\r\n */\r\n SGWTConnectCore.prototype.hasRequestedScope = function (checkedScope) {\r\n return isScopeListed_1.isScopeListed(checkedScope, this.config.scope);\r\n };\r\n /**\r\n * Resets the periodical renewal backoff delay.\r\n */\r\n SGWTConnectCore.prototype.resetRenewalBackoff = function () {\r\n this.periodicalRenewalBackoff = 1000;\r\n return this;\r\n };\r\n /**\r\n * Increments the periodical renewal backoff delay.\r\n *\r\n * Used to reduce authorization server load when periodical\r\n * renewals fail for some reason.\r\n */\r\n SGWTConnectCore.prototype.incrementRenewalBackoff = function () {\r\n this.periodicalRenewalBackoff *= 2;\r\n return this;\r\n };\r\n /**\r\n * Clears the token expiration timer.\r\n */\r\n SGWTConnectCore.prototype.clearTokenExpirationTimer = function () {\r\n if (typeof this.tokenExpirationTimer === 'number') {\r\n window.clearTimeout(this.tokenExpirationTimer);\r\n this.tokenExpirationTimer = null;\r\n }\r\n return this;\r\n };\r\n /**\r\n * Clears the existing token expiration timer and starts a new one.\r\n */\r\n SGWTConnectCore.prototype.restartTokenExpirationTimer = function () {\r\n var _this = this;\r\n // Ensure that there is only one timer at all times:\r\n this.clearTokenExpirationTimer();\r\n // Assuming that the client is currently authorized:\r\n var authorization = this.storage.getItem('AUTH');\r\n var timeUntilTokenExpiration = authorization.expires_at - Date.now();\r\n this.tokenExpirationTimer = window.setTimeout(function () {\r\n _this.emit(SGWTConnectEventList_1.EVENT_AUTH_EXPIRED);\r\n }, timeUntilTokenExpiration);\r\n return this;\r\n };\r\n /**\r\n * Obtains the timeout (in ms) until token renewal.\r\n */\r\n SGWTConnectCore.prototype.getRenewalTimeout = function () {\r\n var authorization = this.storage.getItem('AUTH');\r\n // Temporary workaround for the authorization endpoint issue,\r\n // revert to `- authorization.expires_in / 4` when possible:\r\n var renewalTime = authorization.expires_at - authorization.expires_in * 0.6;\r\n var renewalTimePositive = Math.max(renewalTime - Date.now(), 0);\r\n // The timeout should never be bigger than 2147483647, since setTimeout uses\r\n // a 32 bits number (cf. https://stackoverflow.com/a/3468650/26457)\r\n // When the token has an extremely long TTL such as 100 days, this timeout should\r\n // not exceed this 2147483647 value.\r\n return Math.min(renewalTimePositive, 2147483647);\r\n };\r\n /**\r\n * Renews the authorization token resiliently.\r\n *\r\n * When doing periodical renewal we must be resilient\r\n * on authorization failures and never abort the timer.\r\n * Even in case of an error we restart the timer,\r\n * but with an incrementally increasing interval\r\n * to avoid network saturation.\r\n */\r\n SGWTConnectCore.prototype.renewResiliently = function () {\r\n var _this = this;\r\n return this.renewAuthorization(function (error) {\r\n if (error) {\r\n _this.periodicalRenewalTimer = window.setTimeout(function () {\r\n _this.renewResiliently();\r\n }, _this.periodicalRenewalBackoff);\r\n _this.incrementRenewalBackoff();\r\n }\r\n else {\r\n _this.resetRenewalBackoff();\r\n }\r\n });\r\n };\r\n /**\r\n * Restarts an existing renewal timer.\r\n */\r\n SGWTConnectCore.prototype.restartRenewalTimer = function () {\r\n var _this = this;\r\n // Do not attempt to restart a non-existing timer:\r\n if (this.periodicalRenewalTimer === null) {\r\n return this;\r\n }\r\n // Every time the renewal is restarted we should reset\r\n // the renewal backoff delay:\r\n this.resetRenewalBackoff();\r\n // Cancel the current renewal timeout:\r\n window.clearTimeout(this.periodicalRenewalTimer);\r\n // Restart the renewal timer:\r\n this.periodicalRenewalTimer = window.setTimeout(function () {\r\n return _this.renewResiliently();\r\n }, this.getRenewalTimeout());\r\n return this;\r\n };\r\n /**\r\n * Enables OpenID session management if not previously enabled.\r\n */\r\n SGWTConnectCore.prototype.enableOpenIDSessionManagement = function () {\r\n var _this = this;\r\n // Make sure that the session management has not already been enabled:\r\n if (this.openIDCheckSessionIframe && this.openIDCheckSessionIframe.parentNode) {\r\n return this;\r\n }\r\n // Make sure that OpenID has actually been configured:\r\n if (!this.openIDMetadata || !this.hasRequestedScope('openid')) {\r\n return this;\r\n }\r\n // Enabling session management only makes sense\r\n // if the authorization has already been granted:\r\n if (!this.isAuthorized()) {\r\n return this;\r\n }\r\n // To check OpenID session we will be polling an iframe\r\n // loaded from check_session_iframe as recommended by\r\n // https://openid.net/specs/openid-connect-session-1_0.html#ChangeNotification\r\n this.openIDCheckSessionIframe = document.createElement('iframe');\r\n this.openIDCheckSessionIframe.style.display = 'none';\r\n this.openIDCheckSessionIframe.setAttribute(exports.SGWTConnectCheckSesssionFrameAttribute, '');\r\n // Expecting the iframe to send us a message using\r\n // messaging protocol with window.postMessage:\r\n window.addEventListener('message', this.handleOpenIDCheckSessionMessage.bind(this));\r\n // Securely handles the \"load\" event of the OpenID check_session_iframe:\r\n var checkSessionIframeLoadHandler = function (event) {\r\n // Make sure the event is genuine:\r\n if (!event.isTrusted) {\r\n return;\r\n }\r\n // Make sure that the iframe still exists:\r\n if (!_this.openIDCheckSessionIframe) {\r\n return;\r\n }\r\n // The \"load\" event can only happen once,\r\n // so the listener is no longer needed:\r\n _this.openIDCheckSessionIframe.removeEventListener('load', checkSessionIframeLoadHandler);\r\n // Start polling:\r\n _this.restartOpenIDSessionValidationTimer();\r\n };\r\n this.openIDCheckSessionIframe.addEventListener('load', checkSessionIframeLoadHandler);\r\n this.openIDCheckSessionIframe.setAttribute('src', this.openIDMetadata.check_session_iframe);\r\n this.appendElementToDocumentWhenLoaded(this.openIDCheckSessionIframe);\r\n return this;\r\n };\r\n /**\r\n * Disables OpenID session management.\r\n */\r\n SGWTConnectCore.prototype.disableOpenIDSessionManagement = function () {\r\n // Stop listening to messages:\r\n window.removeEventListener('message', this.handleOpenIDCheckSessionMessage);\r\n // Stop polling the check_session_iframe:\r\n if (typeof this.openIDCheckSessionTimerId === 'number') {\r\n window.clearTimeout(this.openIDCheckSessionTimerId);\r\n this.openIDCheckSessionTimerId = undefined;\r\n }\r\n // Remove the iframe:\r\n if (this.openIDCheckSessionIframe) {\r\n document.body.removeChild(this.openIDCheckSessionIframe);\r\n this.openIDCheckSessionIframe = undefined;\r\n }\r\n return this;\r\n };\r\n /**\r\n * Restarts OpenID session validation timer.\r\n */\r\n SGWTConnectCore.prototype.restartOpenIDSessionValidationTimer = function () {\r\n // There should be only one OpenID session validation timer:\r\n window.clearTimeout(this.openIDCheckSessionTimerId);\r\n // Schedule a new timer:\r\n this.openIDCheckSessionTimerId = window.setTimeout(this.validateOpenIDSession.bind(this), this.openIDCheckSessionTimerInterval);\r\n };\r\n /**\r\n * Validates the existing OpenID session.\r\n */\r\n SGWTConnectCore.prototype.validateOpenIDSession = function () {\r\n var _this = this;\r\n if (this.isAuthorized()) {\r\n // The current authorization state retrieved from the storage\r\n // indicates that the session is valid, however it might be\r\n // terminated already at the authorization server.\r\n // To validate the session, we need to send a message\r\n // to the check_session iframe, but before that we make sure\r\n // that we have metadata and that the check_session iframe\r\n // still exists in the DOM.\r\n if (!this.openIDMetadata) {\r\n return;\r\n }\r\n if (this.openIDCheckSessionIframe && this.openIDCheckSessionIframe.contentWindow) {\r\n var authorization = this.storage.getItem('AUTH');\r\n this.openIDCheckSessionIframe.contentWindow.postMessage(this.config.client_id + \" \" + authorization.session_state, this.openIDMetadata.check_session_iframe);\r\n this.restartOpenIDSessionValidationTimer();\r\n }\r\n else {\r\n // In case the check_session iframe no longer exists,\r\n // we try to recreate it be re-enabling session management:\r\n this.enableOpenIDSessionManagement();\r\n }\r\n }\r\n else {\r\n // In case the authorization state is lost (storage cleared)\r\n // we attempt a silent authorization renewal. If the session\r\n // is still valid on the authorization server, the renewal\r\n // should succeed and we just restart the timer; otherwise\r\n // we treat it as loss of authorization and act accordingly.\r\n this.renewAuthorization(function (error) {\r\n if (error) {\r\n _this.discardAuthorizationLocally();\r\n }\r\n else {\r\n _this.restartOpenIDSessionValidationTimer();\r\n }\r\n });\r\n }\r\n };\r\n /**\r\n * Securely handles events from check_session_iframe.\r\n * @param event MessageEvent\r\n */\r\n SGWTConnectCore.prototype.handleOpenIDCheckSessionMessage = function (event) {\r\n var _this = this;\r\n // Sanity checks:\r\n if (!this.openIDCheckSessionIframe || !this.openIDMetadata) {\r\n return;\r\n }\r\n // Make sure that the event comes from the check_session_iframe:\r\n if (event.source !== this.openIDCheckSessionIframe.contentWindow) {\r\n return;\r\n }\r\n if (!isSameOrigin_1.isSameOrigin(event.origin, this.openIDMetadata.check_session_iframe)) {\r\n return;\r\n }\r\n // Expecting event.data to be either \"unchanged\", \"changed\", or \"error\".\r\n // See https://openid.net/specs/openid-connect-session-1_0.html#RPiframe\r\n if (event.data === 'unchanged') {\r\n // Session has not changed, so we only notify\r\n // (mostly for logging and testing purposes):\r\n this.emit(SGWTConnectEventList_1.EVENT_OPENID_SESSION_UNCHANGED);\r\n }\r\n else if (event.data === 'changed') {\r\n this.emit(SGWTConnectEventList_1.EVENT_OPENID_SESSION_CHANGED);\r\n // Perform re-authentication with prompt=none\r\n // sending the old id_token as id_token_hint:\r\n var prevIdToken = this.getIdToken();\r\n var prevIdTokenClaims_1 = this.getIdTokenClaims();\r\n this.requestAuthorizationWithoutPrompt({ id_token_hint: prevIdToken }, function (error) {\r\n if (!error) {\r\n // If we receive a new ID Token for the same user\r\n // then we simply update the values\r\n var nextIdTokenClaims = _this.getIdTokenClaims();\r\n if (nextIdTokenClaims && prevIdTokenClaims_1 && nextIdTokenClaims.sub === prevIdTokenClaims_1.sub) {\r\n return;\r\n }\r\n }\r\n // In other cases, such as error response,\r\n // or absence of ID Token, or it was delivered\r\n // for another user, we discard authorization:\r\n _this.discardAuthorizationLocally();\r\n });\r\n }\r\n else if (event.data === 'error') {\r\n // In case of communication error with check_session_iframe\r\n // we notify the user and wait for fallback to periodical\r\n // renewal to check the session validity:\r\n this.emit(SGWTConnectEventList_1.EVENT_OPENID_CHECK_SESSION_ERROR, new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_OPENID_CHECK_SESSION_ERROR));\r\n }\r\n };\r\n return SGWTConnectCore;\r\n}(events_1.EventEmitter));\r\nexports.SGWTConnectCore = SGWTConnectCore;\r\n//# sourceMappingURL=SGWTConnectCore.js.map","\"use strict\";\r\n/* tslint:disable no-bitwise */\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.hash = void 0;\r\n/**\r\n * Generates a lossy hash of an object.\r\n *\r\n * Typed implementation of MD5 in JavaScript by Joseph's Myers.\r\n * This function is not intended to be crypto-secure.\r\n * @see http://www.myersdaily.org/joseph/javascript/md5-text.html\r\n */\r\nfunction hash(obj) {\r\n return hex(md51(\r\n // Keys are sorted to ensure that ordering of keys\r\n // does not affect the hashing result:\r\n Object.keys(obj).sort()\r\n .reduce(function (acc, key) { return acc + key + ':' + obj[key] + '|'; }, '|')));\r\n}\r\nexports.hash = hash;\r\nvar hexChr = '0123456789abcdef'.split('');\r\nfunction rhex(n) {\r\n var s = '';\r\n for (var i = 0; i < 4; i += 1) {\r\n s += hexChr[(n >> (i * 8 + 4)) & 0x0F]\r\n + hexChr[(n >> (i * 8)) & 0x0F];\r\n }\r\n return s;\r\n}\r\nfunction hex(x) {\r\n var h = '';\r\n for (var _i = 0, x_1 = x; _i < x_1.length; _i++) {\r\n var n = x_1[_i];\r\n h += rhex(n);\r\n }\r\n return h;\r\n}\r\nfunction md5cycle(x, k) {\r\n var a = x[0];\r\n var b = x[1];\r\n var c = x[2];\r\n var d = x[3];\r\n a = ff(a, b, c, d, k[0], 7, -680876936);\r\n d = ff(d, a, b, c, k[1], 12, -389564586);\r\n c = ff(c, d, a, b, k[2], 17, 606105819);\r\n b = ff(b, c, d, a, k[3], 22, -1044525330);\r\n a = ff(a, b, c, d, k[4], 7, -176418897);\r\n d = ff(d, a, b, c, k[5], 12, 1200080426);\r\n c = ff(c, d, a, b, k[6], 17, -1473231341);\r\n b = ff(b, c, d, a, k[7], 22, -45705983);\r\n a = ff(a, b, c, d, k[8], 7, 1770035416);\r\n d = ff(d, a, b, c, k[9], 12, -1958414417);\r\n c = ff(c, d, a, b, k[10], 17, -42063);\r\n b = ff(b, c, d, a, k[11], 22, -1990404162);\r\n a = ff(a, b, c, d, k[12], 7, 1804603682);\r\n d = ff(d, a, b, c, k[13], 12, -40341101);\r\n c = ff(c, d, a, b, k[14], 17, -1502002290);\r\n b = ff(b, c, d, a, k[15], 22, 1236535329);\r\n a = gg(a, b, c, d, k[1], 5, -165796510);\r\n d = gg(d, a, b, c, k[6], 9, -1069501632);\r\n c = gg(c, d, a, b, k[11], 14, 643717713);\r\n b = gg(b, c, d, a, k[0], 20, -373897302);\r\n a = gg(a, b, c, d, k[5], 5, -701558691);\r\n d = gg(d, a, b, c, k[10], 9, 38016083);\r\n c = gg(c, d, a, b, k[15], 14, -660478335);\r\n b = gg(b, c, d, a, k[4], 20, -405537848);\r\n a = gg(a, b, c, d, k[9], 5, 568446438);\r\n d = gg(d, a, b, c, k[14], 9, -1019803690);\r\n c = gg(c, d, a, b, k[3], 14, -187363961);\r\n b = gg(b, c, d, a, k[8], 20, 1163531501);\r\n a = gg(a, b, c, d, k[13], 5, -1444681467);\r\n d = gg(d, a, b, c, k[2], 9, -51403784);\r\n c = gg(c, d, a, b, k[7], 14, 1735328473);\r\n b = gg(b, c, d, a, k[12], 20, -1926607734);\r\n a = hh(a, b, c, d, k[5], 4, -378558);\r\n d = hh(d, a, b, c, k[8], 11, -2022574463);\r\n c = hh(c, d, a, b, k[11], 16, 1839030562);\r\n b = hh(b, c, d, a, k[14], 23, -35309556);\r\n a = hh(a, b, c, d, k[1], 4, -1530992060);\r\n d = hh(d, a, b, c, k[4], 11, 1272893353);\r\n c = hh(c, d, a, b, k[7], 16, -155497632);\r\n b = hh(b, c, d, a, k[10], 23, -1094730640);\r\n a = hh(a, b, c, d, k[13], 4, 681279174);\r\n d = hh(d, a, b, c, k[0], 11, -358537222);\r\n c = hh(c, d, a, b, k[3], 16, -722521979);\r\n b = hh(b, c, d, a, k[6], 23, 76029189);\r\n a = hh(a, b, c, d, k[9], 4, -640364487);\r\n d = hh(d, a, b, c, k[12], 11, -421815835);\r\n c = hh(c, d, a, b, k[15], 16, 530742520);\r\n b = hh(b, c, d, a, k[2], 23, -995338651);\r\n a = ii(a, b, c, d, k[0], 6, -198630844);\r\n d = ii(d, a, b, c, k[7], 10, 1126891415);\r\n c = ii(c, d, a, b, k[14], 15, -1416354905);\r\n b = ii(b, c, d, a, k[5], 21, -57434055);\r\n a = ii(a, b, c, d, k[12], 6, 1700485571);\r\n d = ii(d, a, b, c, k[3], 10, -1894986606);\r\n c = ii(c, d, a, b, k[10], 15, -1051523);\r\n b = ii(b, c, d, a, k[1], 21, -2054922799);\r\n a = ii(a, b, c, d, k[8], 6, 1873313359);\r\n d = ii(d, a, b, c, k[15], 10, -30611744);\r\n c = ii(c, d, a, b, k[6], 15, -1560198380);\r\n b = ii(b, c, d, a, k[13], 21, 1309151649);\r\n a = ii(a, b, c, d, k[4], 6, -145523070);\r\n d = ii(d, a, b, c, k[11], 10, -1120210379);\r\n c = ii(c, d, a, b, k[2], 15, 718787259);\r\n b = ii(b, c, d, a, k[9], 21, -343485551);\r\n x[0] = add32(a, x[0]);\r\n x[1] = add32(b, x[1]);\r\n x[2] = add32(c, x[2]);\r\n x[3] = add32(d, x[3]);\r\n}\r\nfunction cmn(q, a, b, x, s, t) {\r\n a = add32(add32(a, q), add32(x, t));\r\n return add32((a << s) | (a >>> (32 - s)), b);\r\n}\r\nfunction add32(a, b) {\r\n return (a + b) & 0xFFFFFFFF;\r\n}\r\nfunction ff(a, b, c, d, x, s, t) {\r\n return cmn((b & c) | ((~b) & d), a, b, x, s, t);\r\n}\r\nfunction gg(a, b, c, d, x, s, t) {\r\n return cmn((b & d) | (c & (~d)), a, b, x, s, t);\r\n}\r\nfunction hh(a, b, c, d, x, s, t) {\r\n return cmn(b ^ c ^ d, a, b, x, s, t);\r\n}\r\nfunction ii(a, b, c, d, x, s, t) {\r\n return cmn(c ^ (b | (~d)), a, b, x, s, t);\r\n}\r\nfunction md51(s) {\r\n var n = s.length;\r\n var state = [1732584193, -271733879, -1732584194, 271733878];\r\n var tail = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];\r\n var i;\r\n for (i = 64; i <= s.length; i += 64) {\r\n md5cycle(state, md5blk(s.substring(i - 64, i)));\r\n }\r\n s = s.substring(i - 64);\r\n for (i = 0; i < s.length; i += 1) {\r\n tail[i >> 2] |= s.charCodeAt(i) << ((i % 4) << 3);\r\n }\r\n tail[i >> 2] |= 0x80 << ((i % 4) << 3);\r\n if (i > 55) {\r\n md5cycle(state, tail);\r\n for (i = 0; i < 16; i += 1) {\r\n tail[i] = 0;\r\n }\r\n }\r\n tail[14] = n * 8;\r\n md5cycle(state, tail);\r\n return state;\r\n}\r\nfunction md5blk(s) {\r\n var md5blks = [];\r\n for (var i = 0; i < 64; i += 4) {\r\n md5blks[i >> 2] = s.charCodeAt(i)\r\n + (s.charCodeAt(i + 1) << 8)\r\n + (s.charCodeAt(i + 2) << 16)\r\n + (s.charCodeAt(i + 3) << 24);\r\n }\r\n return md5blks;\r\n}\r\n//# sourceMappingURL=SGWTConnectHash.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\n//# sourceMappingURL=SGWTConnectIdTokenClaims.js.map","\"use strict\";\r\nvar __extends = (this && this.__extends) || (function () {\r\n var extendStatics = function (d, b) {\r\n extendStatics = Object.setPrototypeOf ||\r\n ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||\r\n function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };\r\n return extendStatics(d, b);\r\n };\r\n return function (d, b) {\r\n if (typeof b !== \"function\" && b !== null)\r\n throw new TypeError(\"Class extends value \" + String(b) + \" is not a constructor or null\");\r\n extendStatics(d, b);\r\n function __() { this.constructor = d; }\r\n d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());\r\n };\r\n})();\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.SGWTConnectNoop = void 0;\r\nvar SGWTConnectCore_1 = require(\"./SGWTConnectCore\");\r\n/**\r\n * Alternative implementation of SGWTConnectCore.\r\n *\r\n * This class should only be instantiated and used\r\n * when the user is on redirect_uri or in an iframe.\r\n * See explanation in setupSGWTConnect.ts\r\n */\r\nvar SGWTConnectNoop = /** @class */ (function (_super) {\r\n __extends(SGWTConnectNoop, _super);\r\n function SGWTConnectNoop() {\r\n return _super !== null && _super.apply(this, arguments) || this;\r\n }\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.requestAuthorization = function () {\r\n return this;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.discardAuthorization = function () {\r\n return this;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.renewAuthorization = function () {\r\n return this;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.isAuthorized = function () {\r\n return false;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.getAuthorizationError = function () {\r\n return null;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.getAuthorizationHeader = function () {\r\n return null;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.getGrantedScope = function () {\r\n return null;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.hasGrantedScope = function () {\r\n return false;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.getIdToken = function () {\r\n return null;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.getIdTokenClaims = function () {\r\n return null;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.enablePeriodicalRenewal = function () {\r\n return this;\r\n };\r\n /**\r\n * Noop.\r\n */\r\n SGWTConnectNoop.prototype.disablePeriodicalRenewal = function () {\r\n return this;\r\n };\r\n return SGWTConnectNoop;\r\n}(SGWTConnectCore_1.SGWTConnectCore));\r\nexports.SGWTConnectNoop = SGWTConnectNoop;\r\n//# sourceMappingURL=SGWTConnectNoop.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.createOpenIDMetadataFetcher = void 0;\r\nvar isObject_1 = require(\"./isObject\");\r\nvar SGWTConnectError_1 = require(\"./SGWTConnectError\");\r\nvar SGWTConnectErrorList_1 = require(\"./SGWTConnectErrorList\");\r\n/**\r\n * Generates a function that upon invocation asynchronously\r\n * fetches OpenID Metadata from the OpenID Provider.\r\n * @param authorization_endpoint OpenID Provider's endpoint URL.\r\n */\r\nfunction createOpenIDMetadataFetcher(authorization_endpoint) {\r\n return function fetchOpenIDMetadata(callback) {\r\n var xhr = new XMLHttpRequest();\r\n xhr.open('GET', authorization_endpoint + \"/oauth2/.well-known/openid-configuration\");\r\n xhr.setRequestHeader('Accept', 'application/json');\r\n xhr.addEventListener('load', function onOpenIDMetadataLoad() {\r\n if (xhr.status === 200) {\r\n var openIDMetadata = void 0;\r\n try {\r\n openIDMetadata = JSON.parse(xhr.responseText);\r\n }\r\n catch (_a) {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_PARSE_OPENID_METADATA));\r\n return;\r\n }\r\n if (isValidOpenIDMetadata(openIDMetadata)) {\r\n callback(openIDMetadata);\r\n }\r\n else {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_VALIDATE_OPENID_METADATA));\r\n }\r\n }\r\n else {\r\n callback(new SGWTConnectError_1.SGWTConnectError(SGWTConnectErrorList_1.ERR_FAILED_TO_FETCH_OPENID_METADATA));\r\n }\r\n });\r\n xhr.send();\r\n };\r\n}\r\nexports.createOpenIDMetadataFetcher = createOpenIDMetadataFetcher;\r\n/**\r\n * Determines whether the given OpenID Configuration is valid.\r\n * @param openIDMetadata JSON-parsed value obtained from the Discovery API.\r\n */\r\nfunction isValidOpenIDMetadata(openIDMetadata) {\r\n return isObject_1.isObject(openIDMetadata) &&\r\n typeof openIDMetadata.check_session_iframe === 'string' &&\r\n typeof openIDMetadata.end_session_endpoint === 'string';\r\n}\r\n//# sourceMappingURL=SGWTConnectOpenIDMetadata.js.map","\"use strict\";\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\nexports.setupSGWTConnect = void 0;\r\nvar isScopeListed_1 = require(\"./isScopeListed\");\r\nvar SGWTConnectConfiguration_1 = require(\"./SGWTConnectConfiguration\");\r\nvar SGWTConnectCore_1 = require(\"./SGWTConnectCore\");\r\nvar SGWTConnectErrorList_1 = require(\"./SGWTConnectErrorList\");\r\nvar SGWTConnectHash_1 = require(\"./SGWTConnectHash\");\r\nvar SGWTConnectNoop_1 = require(\"./SGWTConnectNoop\");\r\nvar SGWTConnectOpenIDMetadata_1 = require(\"./SGWTConnectOpenIDMetadata\");\r\nvar SGWTConnectRedirectUri_1 = require(\"./SGWTConnectRedirectUri\");\r\nvar SGWTConnectServerResponse_1 = require(\"./SGWTConnectServerResponse\");\r\nvar SGWTConnectStorage_1 = require(\"./SGWTConnectStorage\");\r\n/**\r\n * SGWTConnect instance factory.\r\n *\r\n * Determines the execution environment (top-level window or iframe),\r\n * instantiates the relevant SGWTConnect class with the given configuration,\r\n * and handles authorization redirects in the top-level window.\r\n */\r\nfunction setupSGWTConnect(userConfig) {\r\n var config = SGWTConnectConfiguration_1.normalizeConfiguration(userConfig, location);\r\n // Ensure that the stored token and other data have been obtained\r\n // using the current configuration options (note that we're not\r\n // using JSON.stringify here because it will generate different\r\n // results for identical configurations with different ordering\r\n // of keys in them):\r\n var storage = new SGWTConnectStorage_1.SGWTConnectStorage(SGWTConnectHash_1.hash(config));\r\n // Check if we're currently on the redirect_uri page:\r\n if (SGWTConnectRedirectUri_1.isOnRedirectUri(config, location)) {\r\n // Check if we are currently in a silent renewal iframe:\r\n if (window.frameElement && window.frameElement.hasAttribute(SGWTConnectCore_1.SGWTConnectRenewalFrameAttribute)) {\r\n // We only message the top-level window if the iframe's URI\r\n // matches the redirect URI exactly (without the fragment):\r\n window.parent.postMessage({\r\n type: 'SGWTConnectFragment',\r\n fragment: location.hash\r\n }, config.redirect_uri);\r\n // Because we are currently on the redirect_uri page, we must not\r\n // return the fully-functional API as this may result in undesired\r\n // behavior and infinite reload, but we still need to return a\r\n // compliant API to prevent JS runtime errors on the page, so we\r\n // return a dummy API where most methods are noop:\r\n return new SGWTConnectNoop_1.SGWTConnectNoop(config, storage);\r\n }\r\n // We are currently doing a hard redirect.\r\n // Extract the authorization server response from the current URL fragment:\r\n var authorization = SGWTConnectServerResponse_1.normalizeAuthServerResponse(SGWTConnectServerResponse_1.parseOAuth2Fragment(window.location.hash));\r\n var stateInResponse = authorization.state;\r\n // Cross-Site Request Forgery (CSRF) protection:\r\n var stateInStore = storage.getItem(stateInResponse + \".STATE\");\r\n if (stateInResponse === stateInStore) {\r\n // Persist the authorization server response prior to emitting\r\n // events and calling the completion callback so that the token\r\n // is available to the completion event handlers (note that\r\n // the server response might be a failed one):\r\n storage.setItem('AUTH', authorization);\r\n }\r\n else if (stateInStore) {\r\n // The \"state\" parameter failed to match; it may be dangerous\r\n // to keep the received server response, so we replace it\r\n // with a custom \"state_mismatch\" error response:\r\n var authError = {\r\n error: SGWTConnectErrorList_1.ERR_STATE_MISMATCH\r\n };\r\n storage.setItem('AUTH', authError);\r\n }\r\n // We are currently on the \"redirect_uri\", but the user most\r\n // probably initiated the authorization process from another\r\n // URI, so we need to redirect them back there (or to home\r\n // page if RETURN_URL has been cleared):\r\n var returnUrl = storage.getItem(stateInResponse + \".RETURN_URL\") ||\r\n window.location.protocol + \"//\" + window.location.host;\r\n // location.replace doesn't reload the page if only the fragment\r\n // has changed, so we need the following workaround to force\r\n // the page reload, but also to set the fragment of the returnUrl:\r\n if (returnUrl.indexOf('#') !== -1 && location.href.split('#')[0] === returnUrl.split('#')[0]) {\r\n window.location.hash = returnUrl.split('#')[1];\r\n window.location.reload(true);\r\n }\r\n else {\r\n window.location.replace(returnUrl);\r\n }\r\n // Because we are currently on the redirect_uri page, we must not\r\n // return the fully-functional API as this may result in undesired\r\n // behavior and infinite reload, but we still need to return a\r\n // compliant API to prevent JS runtime errors on the page, so we\r\n // return a dummy API where most methods are noop:\r\n return new SGWTConnectNoop_1.SGWTConnectNoop(config, storage);\r\n }\r\n // We are NOT on the redirect_uri page, do we have authorization?:\r\n var auth = storage.getItem('AUTH');\r\n // Clean up the storage of values needed during redirects:\r\n if (auth) {\r\n storage.removeItem(auth.state + \".STATE\");\r\n storage.removeItem(auth.state + \".RETURN_URL\");\r\n }\r\n // Clean up the storage of the expired tokens:\r\n storage.clearBy(function (value, key) {\r\n return key.indexOf('AUTH') !== -1 && value.expires_at < Date.now();\r\n });\r\n // At this point we know that this code is running in the top-level window,\r\n // (not in iframe) so we can instantiate a fully-functional API:\r\n var sgwtConnect = isScopeListed_1.isScopeListed('openid', config.scope)\r\n ? new SGWTConnectCore_1.SGWTConnectCore(config, storage, SGWTConnectOpenIDMetadata_1.createOpenIDMetadataFetcher(config.authorization_endpoint))\r\n : new SGWTConnectCore_1.SGWTConnectCore(config, storage);\r\n // Checking if the authorization has been explicitly granted:\r\n if (sgwtConnect.isAuthorized()) {\r\n // The user-friendly behavior is to have periodical renewal enabled by default:\r\n return sgwtConnect.enablePeriodicalRenewal();\r\n }\r\n // Checking if the authorization has been explicitly denied:\r\n if (auth && auth.error) {\r\n if (auth.markedForDeletion) {\r\n storage.removeItem('AUTH');\r\n }\r\n else {\r\n auth.markedForDeletion = true;\r\n storage.setItem('AUTH', auth);\r\n }\r\n }\r\n return sgwtConnect;\r\n}\r\nexports.setupSGWTConnect = setupSGWTConnect;\r\n//# sourceMappingURL=setupSGWTConnect.js.map","\"use strict\";\r\nvar __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {\r\n if (k2 === undefined) k2 = k;\r\n Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });\r\n}) : (function(o, m, k, k2) {\r\n if (k2 === undefined) k2 = k;\r\n o[k2] = m[k];\r\n}));\r\nvar __exportStar = (this && this.__exportStar) || function(m, exports) {\r\n for (var p in m) if (p !== \"default\" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);\r\n};\r\nObject.defineProperty(exports, \"__esModule\", { value: true });\r\n/**\r\n * @module SGWTConnectCore\r\n * @description\r\n * Entry point for all public APIs and interfaces of the @sgwt/connect-core package.\r\n */\r\n__exportStar(require(\"./src/SGWTConnectErrorList\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectError\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectEventList\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectConfiguration\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectStorage\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectCore\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectHash\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectIdTokenClaims\"), exports);\r\n__exportStar(require(\"./src/SGWTConnectOpenIDUserInfo\"), exports);\r\n__exportStar(require(\"./src/setupSGWTConnect\"), exports);\r\n//# sourceMappingURL=index.js.map","import { setupSGWTConnect, EVENT_AUTH_DISCARDED, EVENT_AUTH_EXPIRED, EVENT_AUTH_RENEW_ERROR, EVENT_AUTH_RENEW_SUCCESS } from '@sgwt/connect-core';\n\nfunction getUriWithSearchParams(appConfig, uri, params) {\n var _a;\n const req = new URL((_a = appConfig === null || appConfig === void 0 ? void 0 : appConfig.api.endpoint) !== null && _a !== void 0 ? _a : \"\", window.location.protocol + \"//\" + window.location.host);\n req.pathname += uri;\n params.forEach((value) => {\n req.searchParams.append(value[0], value[1]);\n });\n return req;\n}\nconst Http = {\n get: (uri, params, abortSignal, globalContext) => {\n var _a;\n const authorizationHeader = (_a = globalContext.sgConnect) === null || _a === void 0 ? void 0 : _a.getAuthorizationHeader();\n if (authorizationHeader) {\n const req = getUriWithSearchParams(globalContext.appConfig, uri, params);\n return fetch(req.href, {\n method: \"GET\",\n headers: new Headers({\n Authorization: authorizationHeader,\n \"X-Client-Scope\": globalContext.clientScopeCode\n }),\n signal: abortSignal\n });\n }\n return Promise.reject(new Error(\"No Authorization found\"));\n },\n post: (uri, params, body, abortSignal, globalContext) => {\n var _a;\n const authorizationHeader = (_a = globalContext.sgConnect) === null || _a === void 0 ? void 0 : _a.getAuthorizationHeader();\n if (authorizationHeader) {\n const req = getUriWithSearchParams(globalContext.appConfig, uri, params);\n return fetch(req.href, {\n method: \"POST\",\n headers: new Headers({\n Authorization: authorizationHeader,\n \"X-Client-Scope\": globalContext.clientScopeCode,\n \"Content-Type\": \"application/json\"\n }),\n body: JSON.stringify(body),\n signal: abortSignal\n });\n }\n return Promise.reject(new Error(\"No Authorization found\"));\n },\n put: (uri, params, body, abortSignal, globalContext) => {\n var _a;\n const authorizationHeader = (_a = globalContext.sgConnect) === null || _a === void 0 ? void 0 : _a.getAuthorizationHeader();\n if (authorizationHeader) {\n const req = getUriWithSearchParams(globalContext.appConfig, uri, params);\n return fetch(req.href, {\n method: \"PUT\",\n headers: new Headers({\n Authorization: authorizationHeader,\n \"X-Client-Scope\": globalContext.clientScopeCode,\n \"Content-Type\": \"application/json\"\n }),\n body: JSON.stringify(body),\n signal: abortSignal\n });\n }\n return Promise.reject(new Error(\"No Authorization found\"));\n },\n patch: (uri, params, body, abortSignal, globalContext) => {\n var _a;\n const authorizationHeader = (_a = globalContext.sgConnect) === null || _a === void 0 ? void 0 : _a.getAuthorizationHeader();\n if (authorizationHeader) {\n const req = getUriWithSearchParams(globalContext.appConfig, uri, params);\n return fetch(req.href, {\n method: \"PATCH\",\n headers: new Headers({\n Authorization: authorizationHeader,\n \"X-Client-Scope\": globalContext.clientScopeCode,\n \"Content-Type\": \"application/json\"\n }),\n body: JSON.stringify(body),\n signal: abortSignal\n });\n }\n return Promise.reject(new Error(\"No Authorization found\"));\n },\n delete: (uri, params, abortSignal, globalContext) => {\n var _a;\n const authorizationHeader = (_a = globalContext.sgConnect) === null || _a === void 0 ? void 0 : _a.getAuthorizationHeader();\n if (authorizationHeader) {\n const req = getUriWithSearchParams(globalContext.appConfig, uri, params);\n return fetch(req.href, {\n method: \"DELETE\",\n headers: new Headers({\n Authorization: authorizationHeader,\n \"X-Client-Scope\": globalContext.clientScopeCode\n }),\n signal: abortSignal\n });\n }\n return Promise.reject(new Error(\"No Authorization found\"));\n }\n};\n\nconst BUS_TOPIC_GLOBALLANGUAGE = \"global.language\";\nfunction getWidgetBus() {\n const widgetConfiguration = window.SGWTWidgetConfiguration;\n return widgetConfiguration && widgetConfiguration.bus ? widgetConfiguration.bus : null;\n}\nfunction getWidget(tagName) {\n return document.querySelector(tagName);\n}\n\nconst getSgwtConnectCore = (appConfig) => {\n let sgwtConnectCore = setupSGWTConnect({\n authorization_endpoint: appConfig.sgConnect.endPoint,\n client_id: appConfig.sgConnect.clientId,\n redirect_uri: appConfig.publicBaseUrl + \"silent_renew.html\",\n scope: appConfig.sgConnect.scopes,\n acr_values: appConfig.sgConnect.level\n });\n if (sgwtConnectCore.on) {\n sgwtConnectCore.on(EVENT_AUTH_DISCARDED, () => {\n console.info(\"Token is no longer available on the client side.\");\n });\n sgwtConnectCore.on(EVENT_AUTH_EXPIRED, () => {\n console.info(\"Token is no longer valid.\");\n });\n sgwtConnectCore.on(EVENT_AUTH_RENEW_ERROR, (error) => {\n console.error(\"Failed to renew the token\", error);\n });\n sgwtConnectCore.on(EVENT_AUTH_RENEW_SUCCESS, () => {\n console.info(\"A fresh token has been acquired.\");\n });\n }\n return sgwtConnectCore;\n};\nfunction setupWidgetConfiguration(appConfig) {\n window.SGWTWidgetConfiguration.environment = appConfig.sgConnect.SGWTWidgetConfiguration.environment;\n console.info(\"SGWTWidgetConfiguration set to: \", appConfig.sgConnect.SGWTWidgetConfiguration.environment);\n}\nfunction setupSgwtConnectWidget(appConfig) {\n const sgwtConnectCore = getSgwtConnectCore(appConfig);\n const widget = getWidget(\"sgwt-connect\");\n if (widget) {\n if (typeof widget.setSgwtConnectInstance === \"undefined\") {\n const handleSgwtConnectReady = () => {\n widget.setSgwtConnectInstance(sgwtConnectCore);\n console.info(\"widget is initialized, removing sgwt-connect--ready listener...\", widget.sgwtConnect);\n widget.removeEventListener(\"sgwt-connect--ready\", handleSgwtConnectReady);\n };\n widget.addEventListener(\"sgwt-connect--ready\", handleSgwtConnectReady);\n } else {\n widget.setSgwtConnectInstance(sgwtConnectCore);\n console.info(\"widget is initialized\", widget.sgwtConnect);\n }\n }\n return sgwtConnectCore;\n}\n\nclass SgwtWidgetDummyModule {\n}\n\nexport { BUS_TOPIC_GLOBALLANGUAGE, Http, SgwtWidgetDummyModule, getWidgetBus, setupSgwtConnectWidget, setupWidgetConfiguration };\n//# sourceMappingURL=main.es.js.map\n","import { ApplicationConfiguration } from '@sgmo/shared';\n\nexport function getConfig(): ApplicationConfiguration {\n return window.sgmeConfiguration;\n}\n"],"names":["p","relList","link","processPreload","mutations","mutation","node","getFetchOpts","script","fetchOpts","SGWTConnectErrorList","__extends","this","extendStatics","d","b","__","SGWTConnectError_1","ErrorList","require$$0","SGWTConnectError","_super","code","_this","errorListKey","description","SGWTConnectEventList","SGWTConnectAuthorizationUri","generateCryptoStrongRandomValue","crypto","randomValues","base36RandomValue","i","normalizeAuthorizationEndpoint","authorization_endpoint","generateAuthorizationUri","config","state","options","isScopeListed_1","isScopeListed","checkedScope","actualScope","checkedScopeList","actualScopeList","scope","normalizeUrl_1","normalizeUrl","url","a","SGWTConnectServerResponse","parseQueryParametersString","queryParametersString","queryParametersRegex","queryParameters","keyValuePair","key","value","parseOAuth2Fragment","fragment","normalizeAuthServerResponse","authServerResponse","authError","expiresIn","authSuccess","SGWTConnectRedirectUri","require$$1","SGWTConnectServerResponse_1","require$$2","generateRedirectUri","location","redirectUri","origin","isOnRedirectUri","authEndpointResponse","hasRequestedAccessToken","hasRequestedIdToken","hasReceivedAccessToken","hasReceivedIdToken","hasReceivedError","currentUri","__assign","t","s","n","SGWTConnectConfiguration","SGWTConnectAuthorizationUri_1","SGWTConnectRedirectUri_1","normalizeConfiguration","SGWTConnectStorage_1","SGWTConnectStorage","hash","item","satisfiesCondition","parsedValue","R","ReflectApply","target","receiver","args","ReflectOwnKeys","ProcessEmitWarning","warning","NumberIsNaN","EventEmitter","events","defaultMaxListeners","arg","$getMaxListeners","that","type","doError","er","err","handler","len","listeners","arrayClone","_addListener","listener","prepend","m","existing","w","onceWrapper","_onceWrap","wrapped","list","position","originalListener","spliceOne","keys","_listeners","unwrap","evlistener","unwrapListeners","emitter","listenerCount","arr","copy","index","ret","isSameOrigin_1","isSameOrigin","urlA","urlB","protocolA","hostA","protocolB","hostB","isObject_1","isObject","SGWTConnectOpenIDUserInfo","SGWTConnectErrorList_1","fetchOpenIDUserInfo","authorizationEndpoint","authorizationHeader","callback","xhr","openIDUserInfo","isValidOpenIDClaims","exports","events_1","require$$3","require$$4","require$$5","SGWTConnectEventList_1","require$$6","SGWTConnectOpenIDUserInfo_1","require$$7","require$$8","SGWTConnectCore","storage","fetchOpenIDMetadata","maybeOpenIDMetadata","id_token_hint","post_logout_redirect_uri","end_session_endpoint","endSessionURL_1","authorization","grantedScope","idToken","idTokenParts","idTokenBody","_a","iframe","isIframeLoaded","isMessageReceivedFromIframe","iframeTimeoutTimer","iframeMessageHandler","event","error","errorCode","iframeLoadHandler","element","appendElementAndRemoveListener_1","timeUntilTokenExpiration","renewalTime","renewalTimePositive","checkSessionIframeLoadHandler","prevIdToken","prevIdTokenClaims_1","nextIdTokenClaims","SGWTConnectHash","obj","hex","md51","acc","hexChr","rhex","x","h","_i","x_1","md5cycle","k","c","ff","gg","hh","ii","add32","cmn","q","tail","md5blk","md5blks","SGWTConnectIdTokenClaims","SGWTConnectNoop_1","SGWTConnectCore_1","SGWTConnectNoop","SGWTConnectOpenIDMetadata","createOpenIDMetadataFetcher","openIDMetadata","isValidOpenIDMetadata","setupSGWTConnect_1","SGWTConnectConfiguration_1","SGWTConnectHash_1","SGWTConnectOpenIDMetadata_1","require$$9","setupSGWTConnect","userConfig","stateInResponse","stateInStore","returnUrl","auth","sgwtConnect","__createBinding","o","k2","__exportStar","BUS_TOPIC_GLOBALLANGUAGE","getWidgetBus","widgetConfiguration","getWidget","tagName","getSgwtConnectCore","appConfig","sgwtConnectCore","EVENT_AUTH_DISCARDED","EVENT_AUTH_EXPIRED","EVENT_AUTH_RENEW_ERROR","EVENT_AUTH_RENEW_SUCCESS","setupSgwtConnectWidget","widget","handleSgwtConnectReady","getConfig"],"mappings":"AAAA,MAAMA,GAAI,UAAoB,CAC1B,MAAMC,EAAU,SAAS,cAAc,MAAM,EAAE,QAC/C,GAAIA,GAAWA,EAAQ,UAAYA,EAAQ,SAAS,eAAe,EAC/D,OAEJ,UAAWC,KAAQ,SAAS,iBAAiB,2BAA2B,EACpEC,EAAeD,CAAI,EAEvB,IAAI,iBAAkBE,GAAc,CAChC,UAAWC,KAAYD,EACnB,GAAIC,EAAS,OAAS,YAGtB,UAAWC,KAAQD,EAAS,WACpBC,EAAK,UAAY,QAAUA,EAAK,MAAQ,iBACxCH,EAAeG,CAAI,CAGvC,CAAK,EAAE,QAAQ,SAAU,CAAE,UAAW,GAAM,QAAS,EAAI,CAAE,EACvD,SAASC,EAAaC,EAAQ,CAC1B,MAAMC,EAAY,CAAA,EAClB,OAAID,EAAO,YACPC,EAAU,UAAYD,EAAO,WAC7BA,EAAO,iBACPC,EAAU,eAAiBD,EAAO,gBAClCA,EAAO,cAAgB,kBACvBC,EAAU,YAAc,UACnBD,EAAO,cAAgB,YAC5BC,EAAU,YAAc,OAExBA,EAAU,YAAc,cACrBA,CACV,CACD,SAASN,EAAeD,EAAM,CAC1B,GAAIA,EAAK,GAEL,OACJA,EAAK,GAAK,GAEV,MAAMO,EAAYF,EAAaL,CAAI,EACnC,MAAMA,EAAK,KAAMO,CAAS,CAC7B,CACL,EAAsBT,GAAG,6aCzCzB,OAAO,eAAeU,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACPA,EAAA,kFAA+CA,EAAA,2CAA2FA,EAAA,+BAA6DA,EAAA,mDAAiDA,EAAA,yFAA6DA,EAAA,oCAAqGA,EAAA,sFAAiDA,EAAA,2CAAqDA,EAAA,+BAAyCA,EAAA,0CAAyFA,EAAA,sEAAmDA,EAAA,0BAAkFA,EAAA,uCAAqCA,EAAA,2BAA8CA,EAAA,8DAAqCA,EAAA,iCAAuEA,EAAA,kEAAwDA,EAAA,+BAAyCA,EAAA,+BAAyCA,EAAA,mBAAyEA,EAAA,gEAAsCA,EAAA,wCAAqFA,EAAA,4BAAuCA,EAAA,6BAA2BA,EAAA,iDAA2CA,EAAA,kBAA6EA,EAAA,0EAA2CA,EAAA,8BAAwCA,EAAA,kBAA4BA,EAAA,oCAA6EA,EAAA,0DAA6CA,EAAA,oBAAmEA,EAAA,8BAA4BA,EAAA,kBAAuCA,EAAA,gDAA8BA,EAAA,uCAAiDA,EAAA,2BAAqCA,EAAA,+BAAmEA,EAAA,mBAAG,OACp/DA,EAAA,wFAAkDA,EAAA,8CAAiGA,EAAA,kCAAG,OAcpLA,EAAA,mBAAG,iBACSA,EAAA,+BAAG;AAAA;AAAA;AAAA,EAOPA,EAAA,2BAAG,yBACSA,EAAA,uCAAG;AAAA;AAAA;AAAA,EAOzBA,EAAA,iBAAG,eACSA,EAAA,6BAAG;AAAA;AAAA;AAAA,EAOdA,EAAA,kBAAG,gBACSA,EAAA,8BAAG;AAAA;AAAA;AAAA;AAAA,EAcbA,EAAA,oBAAG,kBACSA,EAAA,gCAAG;AAAA;AAAA;AAAA,EASXA,EAAA,wBAAG,sBACSA,EAAA,oCAAG;AAAA;AAAA;AAAA,EAQrBA,EAAA,kBAAG,gBACSA,EAAA,8BAAG;AAAA;AAAA,EASHA,EAAA,8BAAG,4BACSA,EAAA,0CAAG;AAAA;AAAA;AAAA;AAAA;AAAA,EAQ3BA,EAAA,kBAAG,gBACSA,EAAA,8BAAG;AAAA;AAAA,EAYhBA,EAAA,iBAAG,eACSA,EAAA,6BAAG;AAAA;AAAA;AAAA;AAAA;AAAA,EAYJA,EAAA,4BAAG,0BACSA,EAAA,wCAAG;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAgBlBA,EAAA,yBAAG,uBACSA,EAAA,qCAAG;AAAA;AAAA;AAAA,EAYrBA,EAAA,mBAAG,iBACSA,EAAA,+BAAG;AAAA;AAAA,EAcHA,EAAA,+BAAG,6BACSA,EAAA,2CAAG;AAAA;AAAA;AAAA;AAAA,EAYzBA,EAAA,qBAAG,mBACSA,EAAA,iCAAG;AAAA;AAAA,EASZA,EAAA,wBAAG,sBACSA,EAAA,oCAAG;AAAA;AAAA;AAAA;AAAA;AAAA,EAQZA,EAAA,2BAAG,yBACSA,EAAA,uCAAG;AAAA;AAAA;AAAA;AAAA,EAShBA,EAAA,0BAAG,wBACSA,EAAA,sCAAG;AAAA;AAAA,EASXA,EAAA,8BAAG,4BACSA,EAAA,0CAAG;AAAA;AAAA,EASdA,EAAA,+BAAG,6BACSA,EAAA,2CAAG;AAAA;AAAA,EASVA,EAAA,oCAAG,mCACSA,EAAA,gDAAG;AAAA;AAAA,EAKfA,EAAA,oCAAG,kCACSA,EAAA,gDAAG;AAAA;AAAA,EAKZA,EAAA,uCAAG,qCACSA,EAAA,mDAAG;AAAA;AAAA,EAOvBA,EAAA,+BAAG,sBACSA,EAAA,2CAAG;AAAA;AAAA,EASZA,EAAA,kCAAG,iCACSA,EAAA,8CAAG;AAAA;AAAA,EAKfA,EAAA,kCAAG,gCACSA,EAAA,8CAAG;AAAA;AAAA,EAKZA,EAAA,qCAAG,mCACSA,EAAA,iDAAG;AAAA;AAAA,WCvRvDC,GAAaC,GAAQA,EAAK,WAAe,UAAY,CACrD,IAAIC,EAAgB,SAAUC,EAAGC,EAAG,CAChC,OAAAF,EAAgB,OAAO,gBAClB,CAAE,UAAW,CAAA,aAAgB,OAAS,SAAUC,EAAGC,EAAG,CAAED,EAAE,UAAYC,CAAE,GACzE,SAAUD,EAAGC,EAAG,CAAE,QAASf,KAAKe,EAAO,OAAO,UAAU,eAAe,KAAKA,EAAGf,CAAC,IAAGc,EAAEd,GAAKe,EAAEf,KACzFa,EAAcC,EAAGC,CAAC,CACjC,EACI,OAAO,SAAUD,EAAGC,EAAG,CACnB,GAAI,OAAOA,GAAM,YAAcA,IAAM,KACjC,MAAM,IAAI,UAAU,uBAAyB,OAAOA,CAAC,EAAI,+BAA+B,EAC5FF,EAAcC,EAAGC,CAAC,EAClB,SAASC,GAAK,CAAE,KAAK,YAAcF,CAAI,CACvCA,EAAE,UAAYC,IAAM,KAAO,OAAO,OAAOA,CAAC,GAAKC,EAAG,UAAYD,EAAE,UAAW,IAAIC,EACvF,CACA,IACA,OAAO,eAAeC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACpCA,EAAA,iBAAG,OAC3B,IAAIC,GAAYC,EAOZC,GAAkC,SAAUC,EAAQ,CACpDV,GAAUS,EAAkBC,CAAM,EAClC,SAASD,EAAiBE,EAAM,CAC5B,IAAIC,EAAQ,KACRC,EAAe,OAASF,EAAK,YAAW,EAAK,eAC7CG,EAAcP,GAAUM,GAC5B,OAAAD,EAAQF,EAAO,KAAK,KAAM,oBAAsBC,EAAK,cAAgB,IAAMG,CAAW,GAAK,KAK3F,OAAO,eAAeF,EAAOH,EAAiB,SAAS,EAIvDG,EAAM,KAAOD,EACNC,CACV,CACD,OAAOH,CACX,EAAE,KAAK,EACiBH,EAAA,iBAAGG,YC5C3B,OAAO,eAAeM,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5DA,EAAA,iCAAiFA,EAAA,+BAAuCA,EAAA,iEAA+CA,EAAA,yBAAmCA,EAAA,uBAA2DA,EAAA,0CAAkC,OAI3QA,EAAA,qBAAG,yBAILA,EAAA,mBAAG,uBAICA,EAAA,uBAAG,0BAIDA,EAAA,yBAAG,4BAIMA,EAAA,kCAAG,2BAIRA,EAAA,6BAAG,4BAIDA,EAAA,+BAAG,8BAIDA,EAAA,iCAAG,wCCjC3C,OAAO,eAAeC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5DA,EAAA,yBAAyEA,EAAA,iEAA6C,OAItH,SAASC,IAAkC,CAOvC,QANIC,EAAS,OAAO,QAAU,OAAO,SACjCC,EAAeD,EAAO,gBAAgB,IAAI,YAAY,CAAC,CAAC,EAIxDE,EAAoB,GACfC,EAAI,EAAGA,EAAIF,EAAa,OAAQE,GAAK,EAC1CD,GAAqBD,EAAaE,GAAG,SAAS,EAAE,EAEpD,OAAOD,CACX,CACuCJ,EAAA,gCAAGC,GAI1C,SAASK,GAA+BC,EAAwB,CAC5D,OAAOA,EACF,QAAQ,wCAAyC,EAAE,CAC5D,CACsCP,EAAA,+BAAGM,GAIzC,SAASE,GAAyBC,EAAQC,EAAOC,EAAS,CACtD,OAAOL,GAA+BG,EAAO,sBAAsB,EAC/D,+BACgB,mBAAmBA,EAAO,SAAS,EACnD,iBAAmB,mBAAmBA,EAAO,YAAY,EACzD,kBAAoB,mBAAmBA,EAAO,aAAa,EAC3D,UAAY,mBAAmBA,EAAO,KAAK,EAC3C,UAAY,mBAAmBR,IAAiC,EAChE,UAAY,mBAAmBS,CAAK,EACpC,eAAiB,mBAAmBD,EAAO,UAAU,GACpDE,GAAWA,EAAQ,OAAS,WAAaA,EAAQ,OAAS,KAC1DA,GAAWA,EAAQ,cAAgB,kBAAoBA,EAAQ,cAAgB,GACxF,CACgCX,EAAA,yBAAGQ,iBC1CnC,OAAO,eAAeI,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACvCA,EAAA,cAAG,OAIxB,SAASC,GAAcC,EAAcC,EAAa,CAC9C,IAAIC,EAAmBF,EAAa,KAAI,EAAG,cAAc,MAAM,KAAK,EAChEG,EAAkBF,EAAY,KAAI,EAAG,cAAc,MAAM,KAAK,EAClE,OAAOC,EAAiB,MAAM,SAAUE,EAAO,CAAE,OAAOD,EAAgB,QAAQC,CAAK,IAAM,EAAK,CAAA,CACpG,CACqBN,EAAA,cAAGC,YCVxB,OAAO,eAAeM,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACxCA,EAAA,aAAG,OAUvB,SAASC,GAAaC,EAAK,CAGvB,IAAIC,EAAI,SAAS,cAAc,GAAG,EAClC,OAAAA,EAAE,KAAOD,EACFC,EAAE,IACb,CACoBH,EAAA,aAAGC,YClBvB,OAAO,eAAeG,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5DA,EAAA,4BAAsCA,EAAA,oBAA8B,OAIpE,SAASC,GAA2BC,EAAuB,CAKvD,QAJIC,EAAuB,oBACvBC,EAAkB,CAAA,EAClBC,EAEGA,EAAeF,EAAqB,KAAKD,CAAqB,GAAG,CACpE,IAAII,EAAM,mBAAmBD,EAAa,EAAE,EACxCE,EAAQ,mBAAmBF,EAAa,EAAE,EAC9CD,EAAgBE,GAAOC,CAC1B,CACD,OAAOH,CACX,CAIA,SAASI,GAAoBC,EAAU,CACnC,OAAOR,GAA2BQ,EAAS,QAAQ,KAAM,EAAE,CAAC,CAChE,CAC2BT,EAAA,oBAAGQ,GAI9B,SAASE,GAA4BC,EAAoB,CACrD,GAAIA,EAAmB,MAAO,CAC1B,IAAIC,EAAY,CACZ,MAAOD,EAAmB,MAC1B,kBAAmBA,EAAmB,kBACtC,MAAOA,EAAmB,KACtC,EACQ,OAAOC,CACV,CACD,IAAIC,EAAY,SAASF,EAAmB,WAAY,EAAE,EAAI,IAC1DG,EAAc,CACd,aAAcH,EAAmB,aACjC,WAAYE,EACZ,WAAY,KAAK,IAAG,EAAKA,EACzB,SAAUF,EAAmB,SAC7B,MAAOA,EAAmB,MAC1B,MAAOA,EAAmB,MAC1B,WAAYA,EAAmB,WAC/B,cAAeA,EAAmB,aAC1C,EACI,OAAOG,CACX,CACmCd,EAAA,4BAAGU,GCjDtC,OAAO,eAAeK,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5DA,EAAA,gBAA0BA,EAAA,oBAA8B,OACxD,IAAI1B,GAAkBpB,EAClB2B,GAAiBoB,EACjBC,GAA8BC,EASlC,SAASC,GAAoBC,EAAUC,EAAa,CAChD,IAAIC,EAASF,EAAS,SAAW,KAAOA,EAAS,KAIjD,OAAKC,EAKDA,EAAY,OAAO,CAAC,IAAM,IACnB,GAAKC,EAASD,EAMlBA,EAXIC,CAYf,CAC2BP,EAAA,oBAAGI,GAI9B,SAASI,GAAgBrC,EAAQkC,EAAU,CAIvC,IAAII,EAAuBP,GAA4B,oBAAoBG,EAAS,IAAI,EAGxF,GAAI,CAACI,EAAqB,eAAe,OAAO,EAC5C,MAAO,GAEX,IAAIC,EAA0BpC,GAAgB,cAAc,QAASH,EAAO,aAAa,EACrFwC,EAAsBrC,GAAgB,cAAc,WAAYH,EAAO,aAAa,EACpFyC,EAAyBH,EAAqB,eAAe,cAAc,EAC3EI,EAAqBJ,EAAqB,eAAe,UAAU,EACnEK,EAAmBL,EAAqB,eAAe,OAAO,EAMlE,GALIC,GACI,CAACE,GAA0B,CAACE,GAIhCH,GACI,CAACE,GAAsB,CAACC,EACxB,MAAO,GAQf,IAAIC,EAAalC,GAAe,aAAawB,EAAS,KAAK,QAAQA,EAAS,KAAM,EAAE,CAAC,EAGrF,OAAOU,IAAelC,GAAe,aAAaV,EAAO,YAAY,CACzE,CACuB6B,EAAA,gBAAGQ,GCvE1B,IAAIQ,EAAYrE,GAAQA,EAAK,UAAa,UAAY,CAClD,OAAAqE,EAAW,OAAO,QAAU,SAASC,EAAG,CACpC,QAASC,EAAGnD,EAAI,EAAGoD,EAAI,UAAU,OAAQpD,EAAIoD,EAAGpD,IAAK,CACjDmD,EAAI,UAAUnD,GACd,QAAShC,KAAKmF,EAAO,OAAO,UAAU,eAAe,KAAKA,EAAGnF,CAAC,IAC1DkF,EAAElF,GAAKmF,EAAEnF,GAChB,CACD,OAAOkF,CACf,EACWD,EAAS,MAAM,KAAM,SAAS,CACzC,EACA,OAAO,eAAeI,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC9BA,EAAA,uBAAG,OACjC,IAAIC,GAAgCnE,EAChCoE,GAA2BrB,EAM/B,SAASsB,GAAuBpD,EAAQkC,EAAU,CAC9C,OAAOW,EAASA,EAASA,EAAS,CAAE,EAAE7C,CAAM,EAAG,CAAE,cAAeA,EAAO,eAAiB,iBAAkB,WAAYA,EAAO,YAAc,KAGvI,uBAAwBkD,GAA8B,+BAA+BlD,EAAO,sBAAsB,EAMlH,aAAcmD,GAAyB,oBAAoBjB,EAAUlC,EAAO,YAAY,CAAC,CAAE,EAAGA,EAAO,yBACnG,CAAE,yBAA0BmD,GAAyB,oBAAoBjB,EAAUlC,EAAO,wBAAwB,CAAG,EACrH,CAAA,CAAE,CACZ,CAC8BiD,EAAA,uBAAGG,YClCjC,OAAO,eAAeC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAClCA,EAAA,mBAAG,OAQ7B,IAAIC,GAAoC,UAAY,CAChD,SAASA,EAAmBC,EAAM,CAC1BA,IAAS,SAAUA,EAAO,IAC9B,KAAK,KAAOA,EACZ,KAAK,eAAiB,oBACzB,CACD,cAAO,eAAeD,EAAmB,UAAW,aAAc,CAC9D,IAAK,UAAY,CACb,OAAO,KAAK,KAAO,KAAK,eAAiB,IAAM,KAAK,KAAO,KAAK,cACnE,EACD,WAAY,GACZ,aAAc,EACtB,CAAK,EACDA,EAAmB,UAAU,QAAU,SAAUlC,EAAK,CAClD,IAAIoC,EAAO,aAAa,QAAQ,KAAK,WAAa,IAAMpC,CAAG,EAC3D,OAAOoC,IAAS,KAAO,KAAO,KAAK,MAAMA,CAAI,CACrD,EACIF,EAAmB,UAAU,QAAU,SAAUlC,EAAKC,EAAO,CACzD,aAAa,QAAQ,KAAK,WAAa,IAAMD,EAAK,KAAK,UAAUC,CAAK,CAAC,CAC/E,EACIiC,EAAmB,UAAU,WAAa,SAAUlC,EAAK,CACrD,aAAa,WAAW,KAAK,WAAa,IAAMA,CAAG,CAC3D,EACIkC,EAAmB,UAAU,QAAU,SAAUG,EAAoB,CACjE,QAAS7D,EAAI,EAAGA,EAAI,aAAa,OAAQA,GAAK,EAAG,CAC7C,IAAIwB,EAAM,aAAa,IAAIxB,CAAC,EAC5B,GAAIwB,GAAOA,EAAI,QAAQ,KAAK,cAAc,IAAM,GAAI,CAChD,IAAIC,EAAQ,aAAa,QAAQD,CAAG,EAChCsC,EAAcrC,IAAU,KAAO,KAAO,KAAK,MAAMA,CAAK,EACtDoC,EAAmBC,EAAatC,CAAG,GACnC,aAAa,WAAWA,CAAG,CAElC,CACJ,CACT,EACWkC,CACX,EAAC,EACyBD,EAAA,mBAAGC,YCxBzBK,EAAI,OAAO,SAAY,SAAW,QAAU,KAC5CC,GAAeD,GAAK,OAAOA,EAAE,OAAU,WACvCA,EAAE,MACF,SAAsBE,EAAQC,EAAUC,EAAM,CAC9C,OAAO,SAAS,UAAU,MAAM,KAAKF,EAAQC,EAAUC,CAAI,CAC5D,EAECC,EACAL,GAAK,OAAOA,EAAE,SAAY,WAC5BK,EAAiBL,EAAE,QACV,OAAO,sBAChBK,EAAiB,SAAwBH,EAAQ,CAC/C,OAAO,OAAO,oBAAoBA,CAAM,EACrC,OAAO,OAAO,sBAAsBA,CAAM,CAAC,CAClD,EAEEG,EAAiB,SAAwBH,EAAQ,CAC/C,OAAO,OAAO,oBAAoBA,CAAM,CAC5C,EAGA,SAASI,GAAmBC,EAAS,CAC/B,SAAW,QAAQ,MAAM,QAAQ,KAAKA,CAAO,CACnD,CAEA,IAAIC,GAAc,OAAO,OAAS,SAAqB9C,EAAO,CAC5D,OAAOA,IAAUA,CACnB,EAEA,SAAS+C,GAAe,CACtBA,EAAa,KAAK,KAAK,IAAI,CAC7B,KACAC,GAAiBD,EAGjBA,EAAa,aAAeA,EAE5BA,EAAa,UAAU,QAAU,OACjCA,EAAa,UAAU,aAAe,EACtCA,EAAa,UAAU,cAAgB,OAIvC,IAAIE,GAAsB,GAE1B,OAAO,eAAeF,EAAc,sBAAuB,CACzD,WAAY,GACZ,IAAK,UAAW,CACd,OAAOE,EACR,EACD,IAAK,SAASC,EAAK,CACjB,GAAI,OAAOA,GAAQ,UAAYA,EAAM,GAAKJ,GAAYI,CAAG,EACvD,MAAM,IAAI,WAAW,kGAAoGA,EAAM,GAAG,EAEpID,GAAsBC,CACvB,CACH,CAAC,EAEDH,EAAa,KAAO,UAAW,EAEzB,KAAK,UAAY,QACjB,KAAK,UAAY,OAAO,eAAe,IAAI,EAAE,WAC/C,KAAK,QAAU,OAAO,OAAO,IAAI,EACjC,KAAK,aAAe,GAGtB,KAAK,cAAgB,KAAK,eAAiB,MAC7C,EAIAA,EAAa,UAAU,gBAAkB,SAAyBpB,EAAG,CACnE,GAAI,OAAOA,GAAM,UAAYA,EAAI,GAAKmB,GAAYnB,CAAC,EACjD,MAAM,IAAI,WAAW,gFAAkFA,EAAI,GAAG,EAEhH,YAAK,cAAgBA,EACd,IACT,EAEA,SAASwB,GAAiBC,EAAM,CAC9B,OAAIA,EAAK,gBAAkB,OAClBL,EAAa,oBACfK,EAAK,aACd,CAEAL,EAAa,UAAU,gBAAkB,UAA2B,CAClE,OAAOI,GAAiB,IAAI,CAC9B,EAEAJ,EAAa,UAAU,KAAO,SAAcM,EAAM,CAEhD,QADIX,EAAO,CAAA,EACFnE,EAAI,EAAGA,EAAI,UAAU,OAAQA,IAAKmE,EAAK,KAAK,UAAUnE,EAAE,EACjE,IAAI+E,EAAWD,IAAS,QAEpBL,EAAS,KAAK,QAClB,GAAIA,IAAW,OACbM,EAAWA,GAAWN,EAAO,QAAU,eAChC,CAACM,EACR,MAAO,GAGT,GAAIA,EAAS,CACX,IAAIC,EAGJ,GAFIb,EAAK,OAAS,IAChBa,EAAKb,EAAK,IACRa,aAAc,MAGhB,MAAMA,EAGR,IAAIC,EAAM,IAAI,MAAM,oBAAsBD,EAAK,KAAOA,EAAG,QAAU,IAAM,GAAG,EAC5E,MAAAC,EAAI,QAAUD,EACRC,CACP,CAED,IAAIC,EAAUT,EAAOK,GAErB,GAAII,IAAY,OACd,MAAO,GAET,GAAI,OAAOA,GAAY,WACrBlB,GAAakB,EAAS,KAAMf,CAAI,MAIhC,SAFIgB,EAAMD,EAAQ,OACdE,EAAYC,GAAWH,EAASC,CAAG,EAC9BnF,EAAI,EAAGA,EAAImF,EAAK,EAAEnF,EACzBgE,GAAaoB,EAAUpF,GAAI,KAAMmE,CAAI,EAGzC,MAAO,EACT,EAEA,SAASmB,GAAarB,EAAQa,EAAMS,EAAUC,EAAS,CACrD,IAAIC,EACAhB,EACAiB,EAEJ,GAAI,OAAOH,GAAa,WACtB,MAAM,IAAI,UAAU,mEAAqE,OAAOA,CAAQ,EAqB1G,GAlBAd,EAASR,EAAO,QACZQ,IAAW,QACbA,EAASR,EAAO,QAAU,OAAO,OAAO,IAAI,EAC5CA,EAAO,aAAe,IAIlBQ,EAAO,cAAgB,SACzBR,EAAO,KAAK,cAAea,EACfS,EAAS,SAAWA,EAAS,SAAWA,CAAQ,EAI5Dd,EAASR,EAAO,SAElByB,EAAWjB,EAAOK,IAGhBY,IAAa,OAEfA,EAAWjB,EAAOK,GAAQS,EAC1B,EAAEtB,EAAO,qBAEL,OAAOyB,GAAa,WAEtBA,EAAWjB,EAAOK,GAChBU,EAAU,CAACD,EAAUG,CAAQ,EAAI,CAACA,EAAUH,CAAQ,EAE7CC,EACTE,EAAS,QAAQH,CAAQ,EAEzBG,EAAS,KAAKH,CAAQ,EAIxBE,EAAIb,GAAiBX,CAAM,EACvBwB,EAAI,GAAKC,EAAS,OAASD,GAAK,CAACC,EAAS,OAAQ,CACpDA,EAAS,OAAS,GAGlB,IAAIC,EAAI,IAAI,MAAM,+CACED,EAAS,OAAS,IAAM,OAAOZ,CAAI,EAAI,mEAEvB,EACpCa,EAAE,KAAO,8BACTA,EAAE,QAAU1B,EACZ0B,EAAE,KAAOb,EACTa,EAAE,MAAQD,EAAS,OACnBrB,GAAmBsB,CAAC,CACrB,CAGH,OAAO1B,CACT,CAEAO,EAAa,UAAU,YAAc,SAAqBM,EAAMS,EAAU,CACxE,OAAOD,GAAa,KAAMR,EAAMS,EAAU,EAAK,CACjD,EAEAf,EAAa,UAAU,GAAKA,EAAa,UAAU,YAEnDA,EAAa,UAAU,gBACnB,SAAyBM,EAAMS,EAAU,CACvC,OAAOD,GAAa,KAAMR,EAAMS,EAAU,EAAI,CACpD,EAEA,SAASK,IAAc,CAErB,QADIzB,EAAO,CAAA,EACFnE,EAAI,EAAGA,EAAI,UAAU,OAAQA,IAAKmE,EAAK,KAAK,UAAUnE,EAAE,EAC5D,KAAK,QACR,KAAK,OAAO,eAAe,KAAK,KAAM,KAAK,MAAM,EACjD,KAAK,MAAQ,GACbgE,GAAa,KAAK,SAAU,KAAK,OAAQG,CAAI,EAEjD,CAEA,SAAS0B,GAAU5B,EAAQa,EAAMS,EAAU,CACzC,IAAIlF,EAAQ,CAAE,MAAO,GAAO,OAAQ,OAAW,OAAQ4D,EAAQ,KAAMa,EAAM,SAAUS,CAAQ,EACzFO,EAAUF,GAAY,KAAKvF,CAAK,EACpC,OAAAyF,EAAQ,SAAWP,EACnBlF,EAAM,OAASyF,EACRA,CACT,CAEAtB,EAAa,UAAU,KAAO,SAAcM,EAAMS,EAAU,CAC1D,GAAI,OAAOA,GAAa,WACtB,MAAM,IAAI,UAAU,mEAAqE,OAAOA,CAAQ,EAE1G,YAAK,GAAGT,EAAMe,GAAU,KAAMf,EAAMS,CAAQ,CAAC,EACtC,IACT,EAEAf,EAAa,UAAU,oBACnB,SAA6BM,EAAMS,EAAU,CAC3C,GAAI,OAAOA,GAAa,WACtB,MAAM,IAAI,UAAU,mEAAqE,OAAOA,CAAQ,EAE1G,YAAK,gBAAgBT,EAAMe,GAAU,KAAMf,EAAMS,CAAQ,CAAC,EACnD,IACb,EAGAf,EAAa,UAAU,eACnB,SAAwBM,EAAMS,EAAU,CACtC,IAAIQ,EAAMtB,EAAQuB,EAAUhG,EAAGiG,EAE/B,GAAI,OAAOV,GAAa,WACtB,MAAM,IAAI,UAAU,mEAAqE,OAAOA,CAAQ,EAI1G,GADAd,EAAS,KAAK,QACVA,IAAW,OACb,OAAO,KAGT,GADAsB,EAAOtB,EAAOK,GACViB,IAAS,OACX,OAAO,KAET,GAAIA,IAASR,GAAYQ,EAAK,WAAaR,EACrC,EAAE,KAAK,eAAiB,EAC1B,KAAK,QAAU,OAAO,OAAO,IAAI,GAEjC,OAAOd,EAAOK,GACVL,EAAO,gBACT,KAAK,KAAK,iBAAkBK,EAAMiB,EAAK,UAAYR,CAAQ,WAEtD,OAAOQ,GAAS,WAAY,CAGrC,IAFAC,EAAW,GAENhG,EAAI+F,EAAK,OAAS,EAAG/F,GAAK,EAAGA,IAChC,GAAI+F,EAAK/F,KAAOuF,GAAYQ,EAAK/F,GAAG,WAAauF,EAAU,CACzDU,EAAmBF,EAAK/F,GAAG,SAC3BgG,EAAWhG,EACX,KACD,CAGH,GAAIgG,EAAW,EACb,OAAO,KAELA,IAAa,EACfD,EAAK,MAAK,EAEVG,GAAUH,EAAMC,CAAQ,EAGtBD,EAAK,SAAW,IAClBtB,EAAOK,GAAQiB,EAAK,IAElBtB,EAAO,iBAAmB,QAC5B,KAAK,KAAK,iBAAkBK,EAAMmB,GAAoBV,CAAQ,CACjE,CAED,OAAO,IACb,EAEAf,EAAa,UAAU,IAAMA,EAAa,UAAU,eAEpDA,EAAa,UAAU,mBACnB,SAA4BM,EAAM,CAChC,IAAIM,EAAWX,EAAQzE,EAGvB,GADAyE,EAAS,KAAK,QACVA,IAAW,OACb,OAAO,KAGT,GAAIA,EAAO,iBAAmB,OAC5B,OAAI,UAAU,SAAW,GACvB,KAAK,QAAU,OAAO,OAAO,IAAI,EACjC,KAAK,aAAe,GACXA,EAAOK,KAAU,SACtB,EAAE,KAAK,eAAiB,EAC1B,KAAK,QAAU,OAAO,OAAO,IAAI,EAEjC,OAAOL,EAAOK,IAEX,KAIT,GAAI,UAAU,SAAW,EAAG,CAC1B,IAAIqB,EAAO,OAAO,KAAK1B,CAAM,EACzBjD,EACJ,IAAKxB,EAAI,EAAGA,EAAImG,EAAK,OAAQ,EAAEnG,EAC7BwB,EAAM2E,EAAKnG,GACPwB,IAAQ,kBACZ,KAAK,mBAAmBA,CAAG,EAE7B,YAAK,mBAAmB,gBAAgB,EACxC,KAAK,QAAU,OAAO,OAAO,IAAI,EACjC,KAAK,aAAe,EACb,IACR,CAID,GAFA4D,EAAYX,EAAOK,GAEf,OAAOM,GAAc,WACvB,KAAK,eAAeN,EAAMM,CAAS,UAC1BA,IAAc,OAEvB,IAAKpF,EAAIoF,EAAU,OAAS,EAAGpF,GAAK,EAAGA,IACrC,KAAK,eAAe8E,EAAMM,EAAUpF,EAAE,EAI1C,OAAO,IACb,EAEA,SAASoG,GAAWnC,EAAQa,EAAMuB,EAAQ,CACxC,IAAI5B,EAASR,EAAO,QAEpB,GAAIQ,IAAW,OACb,MAAO,GAET,IAAI6B,EAAa7B,EAAOK,GACxB,OAAIwB,IAAe,OACV,GAEL,OAAOA,GAAe,WACjBD,EAAS,CAACC,EAAW,UAAYA,CAAU,EAAI,CAACA,CAAU,EAE5DD,EACLE,GAAgBD,CAAU,EAAIjB,GAAWiB,EAAYA,EAAW,MAAM,CAC1E,CAEA9B,EAAa,UAAU,UAAY,SAAmBM,EAAM,CAC1D,OAAOsB,GAAW,KAAMtB,EAAM,EAAI,CACpC,EAEAN,EAAa,UAAU,aAAe,SAAsBM,EAAM,CAChE,OAAOsB,GAAW,KAAMtB,EAAM,EAAK,CACrC,EAEAN,EAAa,cAAgB,SAASgC,EAAS1B,EAAM,CACnD,OAAI,OAAO0B,EAAQ,eAAkB,WAC5BA,EAAQ,cAAc1B,CAAI,EAE1B2B,GAAc,KAAKD,EAAS1B,CAAI,CAE3C,EAEAN,EAAa,UAAU,cAAgBiC,GACvC,SAASA,GAAc3B,EAAM,CAC3B,IAAIL,EAAS,KAAK,QAElB,GAAIA,IAAW,OAAW,CACxB,IAAI6B,EAAa7B,EAAOK,GAExB,GAAI,OAAOwB,GAAe,WACxB,MAAO,GACF,GAAIA,IAAe,OACxB,OAAOA,EAAW,MAErB,CAED,MAAO,EACT,CAEA9B,EAAa,UAAU,WAAa,UAAsB,CACxD,OAAO,KAAK,aAAe,EAAIJ,EAAe,KAAK,OAAO,EAAI,EAChE,EAEA,SAASiB,GAAWqB,EAAKtD,EAAG,CAE1B,QADIuD,EAAO,IAAI,MAAMvD,CAAC,EACbpD,EAAI,EAAGA,EAAIoD,EAAG,EAAEpD,EACvB2G,EAAK3G,GAAK0G,EAAI1G,GAChB,OAAO2G,CACT,CAEA,SAAST,GAAUH,EAAMa,EAAO,CAC9B,KAAOA,EAAQ,EAAIb,EAAK,OAAQa,IAC9Bb,EAAKa,GAASb,EAAKa,EAAQ,GAC7Bb,EAAK,IAAG,CACV,CAEA,SAASQ,GAAgBG,EAAK,CAE5B,QADIG,EAAM,IAAI,MAAMH,EAAI,MAAM,EACrB1G,EAAI,EAAGA,EAAI6G,EAAI,OAAQ,EAAE7G,EAChC6G,EAAI7G,GAAK0G,EAAI1G,GAAG,UAAY0G,EAAI1G,GAElC,OAAO6G,CACT,UC9bA,OAAO,eAAeC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACxCA,EAAA,aAAG,OAOvB,SAASC,GAAaC,EAAMC,EAAM,CAG9B,IAAIhG,EAAI,SAAS,cAAc,GAAG,EAClCA,EAAE,KAAO+F,EACT,IAAIE,EAAYjG,EAAE,SAAUkG,EAAQlG,EAAE,KACtCA,EAAE,KAAOgG,EACT,IAAIG,EAAYnG,EAAE,SAAUoG,EAAQpG,EAAE,KAStC,OAAOiG,IAAcE,GAAaD,IAAUE,CAChD,CACoBP,EAAA,aAAGC,iBC1BvB,OAAO,eAAeO,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5CA,EAAA,SAAG,OAKnB,SAASC,GAAS9F,EAAO,CACrB,OAAOA,IAAU,MAAQ,OAAOA,GAAU,QAC9C,CACgB6F,EAAA,SAAGC,GCTnB,OAAO,eAAeC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACjCA,EAAA,oBAAG,OAC9B,IAAIF,GAAanI,EACbF,GAAqBiD,EACrBuF,GAAyBrF,EAO7B,SAASsF,GAAoBC,EAAuBC,EAAqBC,EAAU,CAC/E,IAAIC,EAAM,IAAI,eACdA,EAAI,KAAK,MAAOH,EAAwB,kBAAkB,EAC1DG,EAAI,iBAAiB,SAAU,kBAAkB,EACjDA,EAAI,iBAAiB,gBAAiBF,CAAmB,EACzDE,EAAI,iBAAiB,OAAQ,UAAoC,CAC7D,GAAIA,EAAI,SAAW,IAAK,CACpB,IAAIC,EAAiB,OACrB,GAAI,CACAA,EAAiB,KAAK,MAAMD,EAAI,YAAY,CAC/C,MACD,CACID,EAAS,IAAI5I,GAAmB,iBAAiBwI,GAAuB,iCAAiC,CAAC,EAC1G,MACH,CACGO,GAAoBD,CAAc,EAClCF,EAAS,KAAME,CAAc,EAG7BF,EAAS,IAAI5I,GAAmB,iBAAiBwI,GAAuB,oCAAoC,CAAC,CAEpH,MAEGI,EAAS,IAAI5I,GAAmB,iBAAiBwI,GAAuB,iCAAiC,CAAC,CAEtH,CAAK,EACDK,EAAI,KAAI,CACZ,CAC2BN,EAAA,oBAAGE,GAK9B,SAASM,GAAoBD,EAAgB,CACzC,OAAOT,GAAW,SAASS,CAAc,GACrC,OAAOA,EAAe,KAAQ,UAC9B,OAAOA,EAAe,MAAS,UAC/B,OAAOA,EAAe,QAAW,QACzC,cCjDA,IAAIpJ,EAAaC,GAAQA,EAAK,WAAe,UAAY,CACrD,IAAIC,EAAgB,SAAUC,EAAGC,EAAG,CAChC,OAAAF,EAAgB,OAAO,gBAClB,CAAE,UAAW,CAAA,aAAgB,OAAS,SAAUC,EAAGC,EAAG,CAAED,EAAE,UAAYC,CAAE,GACzE,SAAUD,EAAGC,EAAG,CAAE,QAASf,KAAKe,EAAO,OAAO,UAAU,eAAe,KAAKA,EAAGf,CAAC,IAAGc,EAAEd,GAAKe,EAAEf,KACzFa,EAAcC,EAAGC,CAAC,CACjC,EACI,OAAO,SAAUD,EAAGC,EAAG,CACnB,GAAI,OAAOA,GAAM,YAAcA,IAAM,KACjC,MAAM,IAAI,UAAU,uBAAyB,OAAOA,CAAC,EAAI,+BAA+B,EAC5FF,EAAcC,EAAGC,CAAC,EAClB,SAASC,GAAK,CAAE,KAAK,YAAcF,CAAI,CACvCA,EAAE,UAAYC,IAAM,KAAO,OAAO,OAAOA,CAAC,GAAKC,EAAG,UAAYD,EAAE,UAAW,IAAIC,EACvF,CACA,IACA,OAAO,eAAciJ,EAAU,aAAc,CAAE,MAAO,EAAI,CAAE,EAC5DA,EAAA,gBAA0BA,EAAiD,uCAAAA,EAAA,iCAA2C,OACtH,IAAIC,EAAW/I,GACX2H,EAAiB5E,EACjB3B,EAAkB6B,EAClBkB,EAAgC6E,EAChClJ,EAAqBmJ,EACrBX,EAAyBY,EACzBC,EAAyBC,EACzBC,EAA8BC,EAC9BtG,EAA8BuG,EAClCT,EAAA,iCAA2C,kCAC3CA,EAAA,uCAAiD,wCAIjD,IAAIU,EAAiC,SAAUtJ,EAAQ,CACnDV,EAAUgK,EAAiBtJ,CAAM,EACjC,SAASsJ,EAAgBvI,EAAQwI,EAASC,EAAqB,CAC3D,IAAItJ,EAAQF,EAAO,KAAK,IAAI,GAAK,KACjC,OAAAE,EAAM,OAASa,EACfb,EAAM,QAAUqJ,EAChBrJ,EAAM,qBAAuB,KAC7BA,EAAM,uBAAyB,KAC/BA,EAAM,yBAA2B,IACjCA,EAAM,yBAA2B,IACjCA,EAAM,gCAAkC,IACpCA,EAAM,gBACNA,EAAM,4BAA2B,EAEjCsJ,GAAuBtJ,EAAM,kBAAkB,QAAQ,GACvDsJ,EAAoB,SAAUC,EAAqB,CAC3CA,aAA+B,MAC/BvJ,EAAM,KAAK+I,EAAuB,kCAAmCQ,CAAmB,GAGxFvJ,EAAM,eAAiBuJ,EACvBvJ,EAAM,8BAA6B,EAEvD,CAAa,EAEEA,CACV,CAUD,OAAAoJ,EAAgB,UAAU,qBAAuB,UAAY,CAGzD,GAAI,KAAK,eACL,OAAO,KACF,4BAA6B,EAC7B,0BAMT,KAAK,QAAQ,WAAW,MAAM,EAE9B,IAAItI,EAAQiD,EAA8B,kCAC1C,YAAK,QAAQ,QAAQjD,EAAQ,SAAUA,CAAK,EAG5C,KAAK,QAAQ,QAAQA,EAAQ,cAAe,SAAS,IAAI,EAGzD,SAAS,QAAQiD,EAA8B,yBAAyB,KAAK,OAAQjD,CAAK,CAAC,EACpF,IACf,EAMIsI,EAAgB,UAAU,qBAAuB,UAAY,CAGzD,GAAI,KAAK,eAAgB,CAGrB,IAAII,EAAgB,KAAK,aACrBC,EAA2B,KAAK,OAAO,yBACvCC,EAAuB,KAAK,eAAe,qBAE3CC,EAAkBD,EAAuB,kBAAoBF,GAC5DC,EAA2B,6BAA+BA,EAA2B,IAE1F,KAAK,KAAKV,EAAuB,qBAAsB,UAAY,CAC/D,OAAO,SAAS,QAAQY,CAAe,CACvD,CAAa,CACJ,CAGD,OAAO,KAAK,6BACpB,EASIP,EAAgB,UAAU,mBAAqB,SAAUd,EAAU,CAC/D,OAAO,KAAK,kCAAkC,CAAE,EAAEA,CAAQ,CAClE,EAUIc,EAAgB,UAAU,aAAe,UAAY,CACjD,IAAIQ,EAAgB,KAAK,QAAQ,QAAQ,MAAM,EAC/C,OAAO,QAAQA,GAAiBA,EAAc,YAAY,GACtDA,EAAc,WAAa,KAAK,KAC5C,EAIIR,EAAgB,UAAU,sBAAwB,UAAY,CAC1D,IAAIQ,EAAgB,KAAK,QAAQ,QAAQ,MAAM,EAC/C,OAAQA,GAAiBA,EAAc,MACnC,IAAIlK,EAAmB,iBAAiBkK,EAAc,KAAK,EAC3D,IACZ,EAcIR,EAAgB,UAAU,uBAAyB,UAAY,CAC3D,IAAIQ,EAAgB,KAAK,QAAQ,QAAQ,MAAM,EAC/C,GAAI,CAAC,KAAK,eACN,OAAO,KAEX,GAAIA,EAAc,YAAcA,EAAc,WAAW,YAAa,IAAK,SACvE,MAAO,UAAYA,EAAc,aAErC,MAAM,IAAIlK,EAAmB,iBAAiBwI,EAAuB,0BAA0B,CACvG,EAIIkB,EAAgB,UAAU,gBAAkB,UAAY,CAEpD,GAAI,CAAC,KAAK,eACN,OAAO,KAGX,IAAIQ,EAAgB,KAAK,QAAQ,QAAQ,MAAM,EAO/C,OAAO,OAAOA,EAAc,OAAU,YAClC,KAAK,OAAO,MACZA,EAAc,KAC1B,EAMIR,EAAgB,UAAU,gBAAkB,SAAUlI,EAAc,CAChE,IAAI2I,EAAe,KAAK,kBACxB,OAAI,OAAOA,GAAiB,SACjB,GAEJ7I,EAAgB,cAAcE,EAAc2I,CAAY,CACvE,EAaIT,EAAgB,UAAU,WAAa,UAAY,CAE/C,GAAI,CAAC,KAAK,eACN,OAAO,KAGX,IAAIQ,EAAgB,KAAK,QAAQ,QAAQ,MAAM,EAI/C,OAAKA,EAAc,SAKZA,EAAc,SAJV,IAKnB,EAaIR,EAAgB,UAAU,iBAAmB,UAAY,CACrD,IAAIU,EAAU,KAAK,aAMnB,GAAIA,IAAY,KACZ,OAAO,KAKX,IAAIC,EAAeD,EAAQ,MAAM,GAAG,EAGhCE,EAAcD,EAAa,GAE/B,OAAO,KAAK,MAAM,KAAKC,CAAW,CAAC,CAC3C,EAUIZ,EAAgB,UAAU,cAAgB,SAAUd,EAAU,CAC1D,IAAID,EAAsB,KAAK,yBAC/B,OAAIA,EACAY,EAA4B,oBAAoB,KAAK,OAAO,uBAAwBZ,EAAqBC,CAAQ,EAGjHA,EAAS,IAAI5I,EAAmB,iBAAiBwI,EAAuB,gBAAgB,CAAC,EAEtF,IACf,EAQIkB,EAAgB,UAAU,wBAA0B,UAAY,CAC5D,IAAIpJ,EAAQ,KAGZ,OAAI,KAAK,yBAA2B,KACzB,MAKX,KAAK,YAAY+I,EAAuB,yBAA0B,KAAK,mBAAmB,EAG1F,KAAK,uBAAyB,OAAO,WAAW,UAAY,CACxD/I,EAAM,iBAAgB,CAClC,EAAW,KAAK,kBAAiB,CAAE,EACpB,KACf,EAIIoJ,EAAgB,UAAU,yBAA2B,UAAY,CAG7D,YAAK,oBAAmB,EAExB,KAAK,eAAeL,EAAuB,yBAA0B,KAAK,mBAAmB,EAEzF,OAAO,KAAK,wBAA2B,WACvC,OAAO,aAAa,KAAK,sBAAsB,EAC/C,KAAK,uBAAyB,MAE3B,IACf,EASIK,EAAgB,UAAU,4BAA8B,UAAY,CAIhE,YAAK,yBAAwB,EAC7B,KAAK,0BAAyB,EAC1B,KAAK,gBAEL,KAAK,+BAA8B,EAGvC,KAAK,QAAQ,WAAW,MAAM,EAE9B,KAAK,KAAKL,EAAuB,oBAAoB,EAC9C,IACf,EAMIK,EAAgB,UAAU,kCAAoC,SAAUa,EAAI3B,EAAU,CAClF,IAAItI,EAAQ,KACRwJ,EAAgBS,EAAG,cAEnBnJ,EAAQiD,EAA8B,kCAKtCqE,EAAwBoB,EACtBzF,EAA8B,yBAAyB,KAAK,OAAQjD,EAAO,CAAE,OAAQ,OAAQ,cAAe0I,EAAe,EAC3HzF,EAA8B,yBAAyB,KAAK,OAAQjD,EAAO,CAAE,OAAQ,MAAM,CAAE,EAM/FoJ,EAAS,SAAS,cAAc,QAAQ,EASxCC,GAAiB,GACjBC,GAA8B,GAE9BC,EAMAC,GAAuB,SAAUC,EAAO,CAExC,GAAIA,EAAM,SAAWL,EAAO,eAIxB,EAAC3C,EAAe,aAAagD,EAAM,OAAQvK,EAAM,OAAO,YAAY,GAKpE,GAACuK,EAAM,MAAQ,OAAOA,EAAM,MAAS,WAGrCA,EAAM,KAAK,OAAS,sBAMxB,CAAAH,GAA8B,GAE9B,OAAO,oBAAoB,UAAWE,EAAoB,EAG1D,OAAO,aAAaD,CAAkB,EAElCF,IACA,SAAS,KAAK,YAAYD,CAAM,EAGpC,IAAIN,GAAgBhH,EAA4B,4BAA4BA,EAA4B,oBAAoB2H,EAAM,KAAK,QAAQ,CAAC,EAEhJ,GAAIX,GAAc,QAAU9I,EAAO,CAC/B,IAAI0J,EAAQ,IAAI9K,EAAmB,iBAAiBwI,EAAuB,kBAAkB,EAC7FlI,EAAM,KAAK+I,EAAuB,uBAAwByB,CAAK,EAC3DlC,GACAA,EAASkC,CAAK,EAElB,MACH,CAED,IAAIC,GAAYb,GAAc,MAC9B,GAAIa,GAAW,CAEX,IAAID,EAAQ,IAAI9K,EAAmB,iBAAiB+K,EAAS,EAC7DzK,EAAM,KAAK+I,EAAuB,uBAAwByB,CAAK,EAC3DlC,GACAA,EAASkC,CAAK,CAErB,MAKGxK,EAAM,QAAQ,QAAQ,OAAQ4J,EAAa,EAI3C5J,EAAM,4BAA2B,EAKjCA,EAAM,8BAA6B,EAEnCA,EAAM,KAAK+I,EAAuB,wBAAwB,EACtDT,GACAA,EAAS,IAAI,EAGjC,EAKYoC,GAAoB,SAAUH,EAAO,CAEjC,CAACA,EAAM,YAKXJ,GAAiB,GAGjBD,EAAO,oBAAoB,OAAQQ,EAAiB,EAGhDN,IACA,SAAS,KAAK,YAAYF,CAAM,EAEhD,EAIQ,cAAO,iBAAiB,UAAWI,EAAoB,EAMvDJ,EAAO,iBAAiB,OAAQQ,EAAiB,EAIjDL,EAAqB,OAAO,WAAW,UAAY,CAC/C,OAAO,aAAaA,CAAkB,EAEtCH,EAAO,oBAAoB,OAAQQ,EAAiB,EACpD,OAAO,oBAAoB,UAAWJ,EAAoB,EAE1D,SAAS,KAAK,YAAYJ,CAAM,EAEhC,IAAIM,EAAQ,IAAI9K,EAAmB,iBAAiBwI,EAAuB,iBAAiB,EAC5FlI,EAAM,KAAK+I,EAAuB,uBAAwByB,CAAK,EAC3DlC,GACAA,EAASkC,CAAK,CAE9B,EAAW,KAAK,wBAAwB,EAGhCN,EAAO,aAAaxB,EAAQ,iCAAkC,EAAE,EAChEwB,EAAO,MAAM,QAAU,OACvBA,EAAO,aAAa,MAAO9B,CAAqB,EAChD,KAAK,kCAAkC8B,CAAM,EACtC,IACf,EAKId,EAAgB,UAAU,kCAAoC,SAAUuB,EAAS,CAC7E,GAAI,SAAS,KACT,SAAS,KAAK,YAAYA,CAAO,MAEhC,CACD,IAAIC,EAAmC,UAAY,CAC/C,OAAO,oBAAoB,mBAAoBA,CAAgC,EAC/E,SAAS,KAAK,YAAYD,CAAO,CACjD,EACY,OAAO,iBAAiB,mBAAoBC,CAAgC,CAC/E,CACT,EAMIxB,EAAgB,UAAU,kBAAoB,SAAUlI,EAAc,CAClE,OAAOF,EAAgB,cAAcE,EAAc,KAAK,OAAO,KAAK,CAC5E,EAIIkI,EAAgB,UAAU,oBAAsB,UAAY,CACxD,YAAK,yBAA2B,IACzB,IACf,EAOIA,EAAgB,UAAU,wBAA0B,UAAY,CAC5D,YAAK,0BAA4B,EAC1B,IACf,EAIIA,EAAgB,UAAU,0BAA4B,UAAY,CAC9D,OAAI,OAAO,KAAK,sBAAyB,WACrC,OAAO,aAAa,KAAK,oBAAoB,EAC7C,KAAK,qBAAuB,MAEzB,IACf,EAIIA,EAAgB,UAAU,4BAA8B,UAAY,CAChE,IAAIpJ,EAAQ,KAEZ,KAAK,0BAAyB,EAE9B,IAAI4J,EAAgB,KAAK,QAAQ,QAAQ,MAAM,EAC3CiB,EAA2BjB,EAAc,WAAa,KAAK,IAAG,EAClE,YAAK,qBAAuB,OAAO,WAAW,UAAY,CACtD5J,EAAM,KAAK+I,EAAuB,kBAAkB,CACvD,EAAE8B,CAAwB,EACpB,IACf,EAIIzB,EAAgB,UAAU,kBAAoB,UAAY,CACtD,IAAIQ,EAAgB,KAAK,QAAQ,QAAQ,MAAM,EAG3CkB,EAAclB,EAAc,WAAaA,EAAc,WAAa,GACpEmB,EAAsB,KAAK,IAAID,EAAc,KAAK,IAAG,EAAI,CAAC,EAK9D,OAAO,KAAK,IAAIC,EAAqB,UAAU,CACvD,EAUI3B,EAAgB,UAAU,iBAAmB,UAAY,CACrD,IAAIpJ,EAAQ,KACZ,OAAO,KAAK,mBAAmB,SAAUwK,EAAO,CACxCA,GACAxK,EAAM,uBAAyB,OAAO,WAAW,UAAY,CACzDA,EAAM,iBAAgB,CAC1C,EAAmBA,EAAM,wBAAwB,EACjCA,EAAM,wBAAuB,GAG7BA,EAAM,oBAAmB,CAEzC,CAAS,CACT,EAIIoJ,EAAgB,UAAU,oBAAsB,UAAY,CACxD,IAAIpJ,EAAQ,KAEZ,OAAI,KAAK,yBAA2B,KACzB,MAIX,KAAK,oBAAmB,EAExB,OAAO,aAAa,KAAK,sBAAsB,EAE/C,KAAK,uBAAyB,OAAO,WAAW,UAAY,CACxD,OAAOA,EAAM,kBACzB,EAAW,KAAK,kBAAiB,CAAE,EACpB,KACf,EAIIoJ,EAAgB,UAAU,8BAAgC,UAAY,CAClE,IAAIpJ,EAAQ,KAEZ,GAAI,KAAK,0BAA4B,KAAK,yBAAyB,WAC/D,OAAO,KAGX,GAAI,CAAC,KAAK,gBAAkB,CAAC,KAAK,kBAAkB,QAAQ,EACxD,OAAO,KAIX,GAAI,CAAC,KAAK,eACN,OAAO,KAKX,KAAK,yBAA2B,SAAS,cAAc,QAAQ,EAC/D,KAAK,yBAAyB,MAAM,QAAU,OAC9C,KAAK,yBAAyB,aAAa0I,EAAQ,uCAAwC,EAAE,EAG7F,OAAO,iBAAiB,UAAW,KAAK,gCAAgC,KAAK,IAAI,CAAC,EAElF,IAAIsC,EAAgC,SAAUT,EAAO,CAE7C,CAACA,EAAM,WAIP,CAACvK,EAAM,2BAKXA,EAAM,yBAAyB,oBAAoB,OAAQgL,CAA6B,EAExFhL,EAAM,oCAAmC,EACrD,EACQ,YAAK,yBAAyB,iBAAiB,OAAQgL,CAA6B,EACpF,KAAK,yBAAyB,aAAa,MAAO,KAAK,eAAe,oBAAoB,EAC1F,KAAK,kCAAkC,KAAK,wBAAwB,EAC7D,IACf,EAII5B,EAAgB,UAAU,+BAAiC,UAAY,CAEnE,cAAO,oBAAoB,UAAW,KAAK,+BAA+B,EAEtE,OAAO,KAAK,2BAA8B,WAC1C,OAAO,aAAa,KAAK,yBAAyB,EAClD,KAAK,0BAA4B,QAGjC,KAAK,2BACL,SAAS,KAAK,YAAY,KAAK,wBAAwB,EACvD,KAAK,yBAA2B,QAE7B,IACf,EAIIA,EAAgB,UAAU,oCAAsC,UAAY,CAExE,OAAO,aAAa,KAAK,yBAAyB,EAElD,KAAK,0BAA4B,OAAO,WAAW,KAAK,sBAAsB,KAAK,IAAI,EAAG,KAAK,+BAA+B,CACtI,EAIIA,EAAgB,UAAU,sBAAwB,UAAY,CAC1D,IAAIpJ,EAAQ,KACZ,GAAI,KAAK,eAAgB,CAQrB,GAAI,CAAC,KAAK,eACN,OAEJ,GAAI,KAAK,0BAA4B,KAAK,yBAAyB,cAAe,CAC9E,IAAI4J,EAAgB,KAAK,QAAQ,QAAQ,MAAM,EAC/C,KAAK,yBAAyB,cAAc,YAAY,KAAK,OAAO,UAAY,IAAMA,EAAc,cAAe,KAAK,eAAe,oBAAoB,EAC3J,KAAK,oCAAmC,CAC3C,MAIG,KAAK,8BAA6B,CAEzC,MAOG,KAAK,mBAAmB,SAAUY,EAAO,CACjCA,EACAxK,EAAM,4BAA2B,EAGjCA,EAAM,oCAAmC,CAE7D,CAAa,CAEb,EAKIoJ,EAAgB,UAAU,gCAAkC,SAAUmB,EAAO,CACzE,IAAIvK,EAAQ,KAEZ,GAAI,GAAC,KAAK,0BAA4B,CAAC,KAAK,iBAIxCuK,EAAM,SAAW,KAAK,yBAAyB,eAG/C,EAAChD,EAAe,aAAagD,EAAM,OAAQ,KAAK,eAAe,oBAAoB,EAKvF,GAAIA,EAAM,OAAS,YAGf,KAAK,KAAKxB,EAAuB,8BAA8B,UAE1DwB,EAAM,OAAS,UAAW,CAC/B,KAAK,KAAKxB,EAAuB,4BAA4B,EAG7D,IAAIkC,EAAc,KAAK,aACnBC,EAAsB,KAAK,mBAC/B,KAAK,kCAAkC,CAAE,cAAeD,CAAa,EAAE,SAAUT,EAAO,CACpF,GAAI,CAACA,EAAO,CAGR,IAAIW,EAAoBnL,EAAM,mBAC9B,GAAImL,GAAqBD,GAAuBC,EAAkB,MAAQD,EAAoB,IAC1F,MAEP,CAIDlL,EAAM,4BAA2B,CACjD,CAAa,CACJ,MACQuK,EAAM,OAAS,SAIpB,KAAK,KAAKxB,EAAuB,iCAAkC,IAAIrJ,EAAmB,iBAAiBwI,EAAuB,8BAA8B,CAAC,CAE7K,EACWkB,CACX,EAAET,EAAS,YAAY,EACvBD,EAAA,gBAA0BU,gBC9yB1B,OAAO,eAAegC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EAChDA,EAAA,KAAG,OAQf,SAAShH,GAAKiH,EAAK,CACf,OAAOC,GAAIC,GAGX,OAAO,KAAKF,CAAG,EAAE,KAAM,EAClB,OAAO,SAAUG,EAAKvJ,EAAK,CAAE,OAAOuJ,EAAMvJ,EAAM,IAAMoJ,EAAIpJ,GAAO,GAAM,EAAE,GAAG,CAAC,CAAC,CACvF,CACYmJ,EAAA,KAAGhH,GACf,IAAIqH,GAAS,mBAAmB,MAAM,EAAE,EACxC,SAASC,GAAK,EAAG,CAEb,QADI9H,EAAI,GACCnD,EAAI,EAAGA,EAAI,EAAGA,GAAK,EACxBmD,GAAK6H,GAAQ,GAAMhL,EAAI,EAAI,EAAM,IAC3BgL,GAAQ,GAAMhL,EAAI,EAAM,IAElC,OAAOmD,CACX,CACA,SAAS0H,GAAIK,EAAG,CAEZ,QADIC,EAAI,GACCC,EAAK,EAAGC,EAAMH,EAAGE,EAAKC,EAAI,OAAQD,IAAM,CAC7C,IAAIhI,EAAIiI,EAAID,GACZD,GAAKF,GAAK7H,CAAC,CACd,CACD,OAAO+H,CACX,CACA,SAASG,GAASJ,EAAGK,EAAG,CACpB,IAAItK,EAAIiK,EAAE,GACNnM,EAAImM,EAAE,GACNM,EAAIN,EAAE,GACNpM,EAAIoM,EAAE,GACVjK,EAAIwK,EAAGxK,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,UAAU,EACtCzM,EAAI2M,EAAG3M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,GAAI,GAAI,UAAU,EACvCC,EAAIC,EAAGD,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,GAAI,GAAI,SAAS,EACtCxM,EAAI0M,EAAG1M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,GAAI,GAAI,WAAW,EACxCtK,EAAIwK,EAAGxK,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,UAAU,EACtCzM,EAAI2M,EAAG3M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,GAAI,GAAI,UAAU,EACvCC,EAAIC,EAAGD,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,GAAI,GAAI,WAAW,EACxCxM,EAAI0M,EAAG1M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,GAAI,GAAI,SAAS,EACtCtK,EAAIwK,EAAGxK,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,UAAU,EACtCzM,EAAI2M,EAAG3M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,GAAI,GAAI,WAAW,EACxCC,EAAIC,EAAGD,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,IAAK,GAAI,MAAM,EACpCxM,EAAI0M,EAAG1M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,IAAK,GAAI,WAAW,EACzCtK,EAAIwK,EAAGxK,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,IAAK,EAAG,UAAU,EACvCzM,EAAI2M,EAAG3M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,IAAK,GAAI,SAAS,EACvCC,EAAIC,EAAGD,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,IAAK,GAAI,WAAW,EACzCxM,EAAI0M,EAAG1M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,IAAK,GAAI,UAAU,EACxCtK,EAAIyK,EAAGzK,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,UAAU,EACtCzM,EAAI4M,EAAG5M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,GAAI,EAAG,WAAW,EACvCC,EAAIE,EAAGF,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,IAAK,GAAI,SAAS,EACvCxM,EAAI2M,EAAG3M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,GAAI,GAAI,UAAU,EACvCtK,EAAIyK,EAAGzK,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,UAAU,EACtCzM,EAAI4M,EAAG5M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,IAAK,EAAG,QAAQ,EACrCC,EAAIE,EAAGF,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,IAAK,GAAI,UAAU,EACxCxM,EAAI2M,EAAG3M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,GAAI,GAAI,UAAU,EACvCtK,EAAIyK,EAAGzK,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,SAAS,EACrCzM,EAAI4M,EAAG5M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,IAAK,EAAG,WAAW,EACxCC,EAAIE,EAAGF,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,GAAI,GAAI,UAAU,EACvCxM,EAAI2M,EAAG3M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,GAAI,GAAI,UAAU,EACvCtK,EAAIyK,EAAGzK,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,IAAK,EAAG,WAAW,EACxCzM,EAAI4M,EAAG5M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,GAAI,EAAG,SAAS,EACrCC,EAAIE,EAAGF,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,GAAI,GAAI,UAAU,EACvCxM,EAAI2M,EAAG3M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,IAAK,GAAI,WAAW,EACzCtK,EAAI0K,EAAG1K,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,OAAO,EACnCzM,EAAI6M,EAAG7M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,GAAI,GAAI,WAAW,EACxCC,EAAIG,EAAGH,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,IAAK,GAAI,UAAU,EACxCxM,EAAI4M,EAAG5M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,IAAK,GAAI,SAAS,EACvCtK,EAAI0K,EAAG1K,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,WAAW,EACvCzM,EAAI6M,EAAG7M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,GAAI,GAAI,UAAU,EACvCC,EAAIG,EAAGH,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,GAAI,GAAI,UAAU,EACvCxM,EAAI4M,EAAG5M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,IAAK,GAAI,WAAW,EACzCtK,EAAI0K,EAAG1K,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,IAAK,EAAG,SAAS,EACtCzM,EAAI6M,EAAG7M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,GAAI,GAAI,UAAU,EACvCC,EAAIG,EAAGH,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,GAAI,GAAI,UAAU,EACvCxM,EAAI4M,EAAG5M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,GAAI,GAAI,QAAQ,EACrCtK,EAAI0K,EAAG1K,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,UAAU,EACtCzM,EAAI6M,EAAG7M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,IAAK,GAAI,UAAU,EACxCC,EAAIG,EAAGH,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,IAAK,GAAI,SAAS,EACvCxM,EAAI4M,EAAG5M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,GAAI,GAAI,UAAU,EACvCtK,EAAI2K,EAAG3K,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,UAAU,EACtCzM,EAAI8M,EAAG9M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,GAAI,GAAI,UAAU,EACvCC,EAAII,EAAGJ,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,IAAK,GAAI,WAAW,EACzCxM,EAAI6M,EAAG7M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,GAAI,GAAI,SAAS,EACtCtK,EAAI2K,EAAG3K,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,IAAK,EAAG,UAAU,EACvCzM,EAAI8M,EAAG9M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,GAAI,GAAI,WAAW,EACxCC,EAAII,EAAGJ,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,IAAK,GAAI,QAAQ,EACtCxM,EAAI6M,EAAG7M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,GAAI,GAAI,WAAW,EACxCtK,EAAI2K,EAAG3K,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,UAAU,EACtCzM,EAAI8M,EAAG9M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,IAAK,GAAI,SAAS,EACvCC,EAAII,EAAGJ,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,GAAI,GAAI,WAAW,EACxCxM,EAAI6M,EAAG7M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,IAAK,GAAI,UAAU,EACxCtK,EAAI2K,EAAG3K,EAAGlC,EAAGyM,EAAG1M,EAAGyM,EAAE,GAAI,EAAG,UAAU,EACtCzM,EAAI8M,EAAG9M,EAAGmC,EAAGlC,EAAGyM,EAAGD,EAAE,IAAK,GAAI,WAAW,EACzCC,EAAII,EAAGJ,EAAG1M,EAAGmC,EAAGlC,EAAGwM,EAAE,GAAI,GAAI,SAAS,EACtCxM,EAAI6M,EAAG7M,EAAGyM,EAAG1M,EAAGmC,EAAGsK,EAAE,GAAI,GAAI,UAAU,EACvCL,EAAE,GAAKW,EAAM5K,EAAGiK,EAAE,EAAE,EACpBA,EAAE,GAAKW,EAAM9M,EAAGmM,EAAE,EAAE,EACpBA,EAAE,GAAKW,EAAML,EAAGN,EAAE,EAAE,EACpBA,EAAE,GAAKW,EAAM/M,EAAGoM,EAAE,EAAE,CACxB,CACA,SAASY,EAAIC,EAAG9K,EAAGlC,EAAGmM,EAAG/H,EAAGD,EAAG,CAC3B,OAAAjC,EAAI4K,EAAMA,EAAM5K,EAAG8K,CAAC,EAAGF,EAAMX,EAAGhI,CAAC,CAAC,EAC3B2I,EAAO5K,GAAKkC,EAAMlC,IAAO,GAAKkC,EAAKpE,CAAC,CAC/C,CACA,SAAS8M,EAAM5K,EAAGlC,EAAG,CACjB,OAAQkC,EAAIlC,EAAK,UACrB,CACA,SAAS0M,EAAGxK,EAAGlC,EAAGyM,EAAG1M,EAAGoM,EAAG/H,EAAGD,EAAG,CAC7B,OAAO4I,EAAK/M,EAAIyM,EAAO,CAACzM,EAAKD,EAAImC,EAAGlC,EAAGmM,EAAG/H,EAAGD,CAAC,CAClD,CACA,SAASwI,EAAGzK,EAAGlC,EAAGyM,EAAG1M,EAAGoM,EAAG/H,EAAGD,EAAG,CAC7B,OAAO4I,EAAK/M,EAAID,EAAM0M,EAAK,CAAC1M,EAAKmC,EAAGlC,EAAGmM,EAAG/H,EAAGD,CAAC,CAClD,CACA,SAASyI,EAAG1K,EAAGlC,EAAGyM,EAAG1M,EAAGoM,EAAG/H,EAAGD,EAAG,CAC7B,OAAO4I,EAAI/M,EAAIyM,EAAI1M,EAAGmC,EAAGlC,EAAGmM,EAAG/H,EAAGD,CAAC,CACvC,CACA,SAAS0I,EAAG3K,EAAGlC,EAAGyM,EAAG1M,EAAGoM,EAAG/H,EAAGD,EAAG,CAC7B,OAAO4I,EAAIN,GAAKzM,EAAK,CAACD,GAAKmC,EAAGlC,EAAGmM,EAAG/H,EAAGD,CAAC,CAC5C,CACA,SAAS4H,GAAK3H,EAAG,CACb,IAAIC,EAAID,EAAE,OACN9C,EAAQ,CAAC,WAAY,WAAY,YAAa,SAAS,EACvD2L,EAAO,CAAC,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CAAC,EACtDhM,EACJ,IAAKA,EAAI,GAAIA,GAAKmD,EAAE,OAAQnD,GAAK,GAC7BsL,GAASjL,EAAO4L,GAAO9I,EAAE,UAAUnD,EAAI,GAAIA,CAAC,CAAC,CAAC,EAGlD,IADAmD,EAAIA,EAAE,UAAUnD,EAAI,EAAE,EACjBA,EAAI,EAAGA,EAAImD,EAAE,OAAQnD,GAAK,EAC3BgM,EAAKhM,GAAK,IAAMmD,EAAE,WAAWnD,CAAC,IAAOA,EAAI,GAAM,GAGnD,GADAgM,EAAKhM,GAAK,IAAM,MAAUA,EAAI,GAAM,GAChCA,EAAI,GAEJ,IADAsL,GAASjL,EAAO2L,CAAI,EACfhM,EAAI,EAAGA,EAAI,GAAIA,GAAK,EACrBgM,EAAKhM,GAAK,EAGlB,OAAAgM,EAAK,IAAM5I,EAAI,EACfkI,GAASjL,EAAO2L,CAAI,EACb3L,CACX,CACA,SAAS4L,GAAO9I,EAAG,CAEf,QADI+I,EAAU,CAAA,EACLlM,EAAI,EAAGA,EAAI,GAAIA,GAAK,EACzBkM,EAAQlM,GAAK,GAAKmD,EAAE,WAAWnD,CAAC,GACzBmD,EAAE,WAAWnD,EAAI,CAAC,GAAK,IACvBmD,EAAE,WAAWnD,EAAI,CAAC,GAAK,KACvBmD,EAAE,WAAWnD,EAAI,CAAC,GAAK,IAElC,OAAOkM,CACX,WChKA,OAAO,eAAeC,GAAS,aAAc,CAAE,MAAO,EAAI,CAAE,gBCAxDxN,GAAaC,GAAQA,EAAK,WAAe,UAAY,CACrD,IAAIC,EAAgB,SAAUC,EAAGC,EAAG,CAChC,OAAAF,EAAgB,OAAO,gBAClB,CAAE,UAAW,CAAA,aAAgB,OAAS,SAAUC,EAAGC,EAAG,CAAED,EAAE,UAAYC,CAAE,GACzE,SAAUD,EAAGC,EAAG,CAAE,QAASf,KAAKe,EAAO,OAAO,UAAU,eAAe,KAAKA,EAAGf,CAAC,IAAGc,EAAEd,GAAKe,EAAEf,KACzFa,EAAcC,EAAGC,CAAC,CACjC,EACI,OAAO,SAAUD,EAAGC,EAAG,CACnB,GAAI,OAAOA,GAAM,YAAcA,IAAM,KACjC,MAAM,IAAI,UAAU,uBAAyB,OAAOA,CAAC,EAAI,+BAA+B,EAC5FF,EAAcC,EAAGC,CAAC,EAClB,SAASC,GAAK,CAAE,KAAK,YAAcF,CAAI,CACvCA,EAAE,UAAYC,IAAM,KAAO,OAAO,OAAOA,CAAC,GAAKC,EAAG,UAAYD,EAAE,UAAW,IAAIC,EACvF,CACA,IACA,OAAO,eAAeoN,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACrCA,EAAA,gBAAG,OAC1B,IAAIC,GAAoBlN,EAQpBmN,GAAiC,SAAUjN,EAAQ,CACnDV,GAAU2N,EAAiBjN,CAAM,EACjC,SAASiN,GAAkB,CACvB,OAAOjN,IAAW,MAAQA,EAAO,MAAM,KAAM,SAAS,GAAK,IAC9D,CAID,OAAAiN,EAAgB,UAAU,qBAAuB,UAAY,CACzD,OAAO,IACf,EAIIA,EAAgB,UAAU,qBAAuB,UAAY,CACzD,OAAO,IACf,EAIIA,EAAgB,UAAU,mBAAqB,UAAY,CACvD,OAAO,IACf,EAIIA,EAAgB,UAAU,aAAe,UAAY,CACjD,MAAO,EACf,EAIIA,EAAgB,UAAU,sBAAwB,UAAY,CAC1D,OAAO,IACf,EAIIA,EAAgB,UAAU,uBAAyB,UAAY,CAC3D,OAAO,IACf,EAIIA,EAAgB,UAAU,gBAAkB,UAAY,CACpD,OAAO,IACf,EAIIA,EAAgB,UAAU,gBAAkB,UAAY,CACpD,MAAO,EACf,EAIIA,EAAgB,UAAU,WAAa,UAAY,CAC/C,OAAO,IACf,EAIIA,EAAgB,UAAU,iBAAmB,UAAY,CACrD,OAAO,IACf,EAIIA,EAAgB,UAAU,wBAA0B,UAAY,CAC5D,OAAO,IACf,EAIIA,EAAgB,UAAU,yBAA2B,UAAY,CAC7D,OAAO,IACf,EACWA,CACX,EAAED,GAAkB,eAAe,EACZD,EAAA,gBAAGE,YCxG1B,OAAO,eAAeC,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACzBA,EAAA,4BAAG,OACtC,IAAIjF,GAAanI,EACbF,GAAqBiD,EACrBuF,GAAyBrF,EAM7B,SAASoK,GAA4BtM,EAAwB,CACzD,OAAO,SAA6B2H,EAAU,CAC1C,IAAIC,EAAM,IAAI,eACdA,EAAI,KAAK,MAAO5H,EAAyB,0CAA0C,EACnF4H,EAAI,iBAAiB,SAAU,kBAAkB,EACjDA,EAAI,iBAAiB,OAAQ,UAAgC,CACzD,GAAIA,EAAI,SAAW,IAAK,CACpB,IAAI2E,EAAiB,OACrB,GAAI,CACAA,EAAiB,KAAK,MAAM3E,EAAI,YAAY,CAC/C,MACD,CACID,EAAS,IAAI5I,GAAmB,iBAAiBwI,GAAuB,mCAAmC,CAAC,EAC5G,MACH,CACGiF,GAAsBD,CAAc,EACpC5E,EAAS4E,CAAc,EAGvB5E,EAAS,IAAI5I,GAAmB,iBAAiBwI,GAAuB,sCAAsC,CAAC,CAEtH,MAEGI,EAAS,IAAI5I,GAAmB,iBAAiBwI,GAAuB,mCAAmC,CAAC,CAE5H,CAAS,EACDK,EAAI,KAAI,CAChB,CACA,CACmCyE,EAAA,4BAAGC,GAKtC,SAASE,GAAsBD,EAAgB,CAC3C,OAAOnF,GAAW,SAASmF,CAAc,GACrC,OAAOA,EAAe,sBAAyB,UAC/C,OAAOA,EAAe,sBAAyB,QACvD,CChDA,OAAO,eAAeE,EAAS,aAAc,CAAE,MAAO,EAAI,CAAE,EACpCA,EAAA,iBAAG,OAC3B,IAAIpM,GAAkBpB,EAClByN,GAA6B1K,EAC7BmK,GAAoBjK,EACpBqF,GAAyBU,EACzB0E,GAAoBzE,EACpBgE,GAAoB/D,EACpByE,GAA8BvE,EAC9BhF,GAA2BkF,EAC3BtG,GAA8BuG,EAC9BjF,GAAuBsJ,EAQ3B,SAASC,GAAiBC,EAAY,CAClC,IAAI7M,EAASwM,GAA2B,uBAAuBK,EAAY,QAAQ,EAM/ErE,EAAU,IAAInF,GAAqB,mBAAmBoJ,GAAkB,KAAKzM,CAAM,CAAC,EAExF,GAAImD,GAAyB,gBAAgBnD,EAAQ,QAAQ,EAAG,CAE5D,GAAI,OAAO,cAAgB,OAAO,aAAa,aAAaiM,GAAkB,gCAAgC,EAG1G,cAAO,OAAO,YAAY,CACtB,KAAM,sBACN,SAAU,SAAS,IACnC,EAAejM,EAAO,YAAY,EAMf,IAAIgM,GAAkB,gBAAgBhM,EAAQwI,CAAO,EAIhE,IAAIO,EAAgBhH,GAA4B,4BAA4BA,GAA4B,oBAAoB,OAAO,SAAS,IAAI,CAAC,EAC7I+K,EAAkB/D,EAAc,MAEhCgE,EAAevE,EAAQ,QAAQsE,EAAkB,QAAQ,EAC7D,GAAIA,IAAoBC,EAKpBvE,EAAQ,QAAQ,OAAQO,CAAa,UAEhCgE,EAAc,CAInB,IAAIrL,EAAY,CACZ,MAAO2F,GAAuB,kBAC9C,EACYmB,EAAQ,QAAQ,OAAQ9G,CAAS,CACpC,CAKD,IAAIsL,EAAYxE,EAAQ,QAAQsE,EAAkB,aAAa,GAC3D,OAAO,SAAS,SAAW,KAAO,OAAO,SAAS,KAItD,OAAIE,EAAU,QAAQ,GAAG,IAAM,IAAM,SAAS,KAAK,MAAM,GAAG,EAAE,KAAOA,EAAU,MAAM,GAAG,EAAE,IACtF,OAAO,SAAS,KAAOA,EAAU,MAAM,GAAG,EAAE,GAC5C,OAAO,SAAS,OAAO,EAAI,GAG3B,OAAO,SAAS,QAAQA,CAAS,EAO9B,IAAIhB,GAAkB,gBAAgBhM,EAAQwI,CAAO,CAC/D,CAED,IAAIyE,EAAOzE,EAAQ,QAAQ,MAAM,EAE7ByE,IACAzE,EAAQ,WAAWyE,EAAK,MAAQ,QAAQ,EACxCzE,EAAQ,WAAWyE,EAAK,MAAQ,aAAa,GAGjDzE,EAAQ,QAAQ,SAAUnH,EAAOD,EAAK,CAClC,OAAOA,EAAI,QAAQ,MAAM,IAAM,IAAMC,EAAM,WAAa,KAAK,KACrE,CAAK,EAGD,IAAI6L,EAAc/M,GAAgB,cAAc,SAAUH,EAAO,KAAK,EAChE,IAAIiM,GAAkB,gBAAgBjM,EAAQwI,EAASkE,GAA4B,4BAA4B1M,EAAO,sBAAsB,CAAC,EAC7I,IAAIiM,GAAkB,gBAAgBjM,EAAQwI,CAAO,EAE3D,OAAI0E,EAAY,eAELA,EAAY,2BAGnBD,GAAQA,EAAK,QACTA,EAAK,kBACLzE,EAAQ,WAAW,MAAM,GAGzByE,EAAK,kBAAoB,GACzBzE,EAAQ,QAAQ,OAAQyE,CAAI,IAG7BC,EACX,CACwBX,EAAA,iBAAGK,gBC1H3B,IAAIO,EAAmB3O,GAAQA,EAAK,kBAAqB,OAAO,OAAU,SAAS4O,EAAG/H,EAAG8F,EAAGkC,EAAI,CACxFA,IAAO,SAAWA,EAAKlC,GAC3B,OAAO,eAAeiC,EAAGC,EAAI,CAAE,WAAY,GAAM,IAAK,UAAW,CAAE,OAAOhI,EAAE8F,EAAG,CAAI,CAAA,CACvF,EAAM,SAASiC,EAAG/H,EAAG8F,EAAGkC,EAAI,CACpBA,IAAO,SAAWA,EAAKlC,GAC3BiC,EAAEC,GAAMhI,EAAE8F,EACd,GACImC,EAAgB9O,GAAQA,EAAK,cAAiB,SAAS6G,EAAGwC,EAAS,CACnE,QAASjK,KAAKyH,EAAOzH,IAAM,WAAa,CAAC,OAAO,UAAU,eAAe,KAAKiK,EAASjK,CAAC,GAAGuP,EAAgBtF,EAASxC,EAAGzH,CAAC,CAC5H,EACA,OAAO,eAAciK,EAAU,aAAc,CAAE,MAAO,EAAI,CAAE,EAM5DyF,EAAavO,EAAuC8I,CAAO,EAC3DyF,EAAaxL,EAAmC+F,CAAO,EACvDyF,EAAatL,EAAuC6F,CAAO,EAC3DyF,EAAavF,EAA2CF,CAAO,EAC/DyF,EAAatF,EAAqCH,CAAO,EACzDyF,EAAarF,EAAkCJ,CAAO,EACtDyF,EAAanF,EAAkCN,CAAO,EACtDyF,EAAajF,GAA2CR,CAAO,EAC/DyF,EAAahF,EAA4CT,CAAO,EAChEyF,EAAaX,EAAmC9E,CAAO,OC0ElD,MAAC0F,GAA2B,kBACjC,SAASC,IAAe,CACtB,MAAMC,EAAsB,OAAO,wBACnC,OAAOA,GAAuBA,EAAoB,IAAMA,EAAoB,IAAM,IACpF,CACA,SAASC,GAAUC,EAAS,CAC1B,OAAO,SAAS,cAAcA,CAAO,CACvC,CAEA,MAAMC,GAAsBC,GAAc,CACxC,IAAIC,EAAkBlB,EAAAA,iBAAiB,CACrC,uBAAwBiB,EAAU,UAAU,SAC5C,UAAWA,EAAU,UAAU,SAC/B,aAAcA,EAAU,cAAgB,oBACxC,MAAOA,EAAU,UAAU,OAC3B,WAAYA,EAAU,UAAU,KACpC,CAAG,EACD,OAAIC,EAAgB,KAClBA,EAAgB,GAAGC,EAAAA,qBAAsB,IAAM,CAC7C,QAAQ,KAAK,kDAAkD,CACrE,CAAK,EACDD,EAAgB,GAAGE,EAAAA,mBAAoB,IAAM,CAC3C,QAAQ,KAAK,2BAA2B,CAC9C,CAAK,EACDF,EAAgB,GAAGG,yBAAyBtE,GAAU,CACpD,QAAQ,MAAM,4BAA6BA,CAAK,CACtD,CAAK,EACDmE,EAAgB,GAAGI,EAAAA,yBAA0B,IAAM,CACjD,QAAQ,KAAK,kCAAkC,CACrD,CAAK,GAEIJ,CACT,EAKA,SAASK,GAAuBN,EAAW,CACzC,MAAMC,EAAkBF,GAAmBC,CAAS,EAC9CO,EAASV,GAAU,cAAc,EACvC,GAAIU,EACF,GAAI,OAAOA,EAAO,wBAA2B,YAAa,CACxD,MAAMC,EAAyB,IAAM,CACnCD,EAAO,uBAAuBN,CAAe,EAC7C,QAAQ,KAAK,kEAAmEM,EAAO,WAAW,EAClGA,EAAO,oBAAoB,sBAAuBC,CAAsB,CAChF,EACMD,EAAO,iBAAiB,sBAAuBC,CAAsB,CAC3E,MACMD,EAAO,uBAAuBN,CAAe,EAC7C,QAAQ,KAAK,wBAAyBM,EAAO,WAAW,EAG5D,OAAON,CACT,CCxJO,SAASQ,IAAsC,CACpD,OAAO,OAAO,iBAChB"}